]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SAE: Special test mode sae_pwe=3 for looping with password identifier
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
44 #include "p2p/p2p.h"
45 #include "fst/fst.h"
46 #include "blacklist.h"
47 #include "wpas_glue.h"
48 #include "wps_supplicant.h"
49 #include "ibss_rsn.h"
50 #include "sme.h"
51 #include "gas_query.h"
52 #include "ap.h"
53 #include "p2p_supplicant.h"
54 #include "wifi_display.h"
55 #include "notify.h"
56 #include "bgscan.h"
57 #include "autoscan.h"
58 #include "bss.h"
59 #include "scan.h"
60 #include "offchannel.h"
61 #include "hs20_supplicant.h"
62 #include "wnm_sta.h"
63 #include "wpas_kay.h"
64 #include "mesh.h"
65 #include "dpp_supplicant.h"
66 #ifdef CONFIG_MESH
67 #include "ap/ap_config.h"
68 #include "ap/hostapd.h"
69 #endif /* CONFIG_MESH */
70
71 const char *const wpa_supplicant_version =
72 "wpa_supplicant v" VERSION_STR "\n"
73 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
74
75 const char *const wpa_supplicant_license =
76 "This software may be distributed under the terms of the BSD license.\n"
77 "See README for more details.\n"
78 #ifdef EAP_TLS_OPENSSL
79 "\nThis product includes software developed by the OpenSSL Project\n"
80 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81 #endif /* EAP_TLS_OPENSSL */
82 ;
83
84 #ifndef CONFIG_NO_STDOUT_DEBUG
85 /* Long text divided into parts in order to fit in C89 strings size limits. */
86 const char *const wpa_supplicant_full_license1 =
87 "";
88 const char *const wpa_supplicant_full_license2 =
89 "This software may be distributed under the terms of the BSD license.\n"
90 "\n"
91 "Redistribution and use in source and binary forms, with or without\n"
92 "modification, are permitted provided that the following conditions are\n"
93 "met:\n"
94 "\n";
95 const char *const wpa_supplicant_full_license3 =
96 "1. Redistributions of source code must retain the above copyright\n"
97 " notice, this list of conditions and the following disclaimer.\n"
98 "\n"
99 "2. Redistributions in binary form must reproduce the above copyright\n"
100 " notice, this list of conditions and the following disclaimer in the\n"
101 " documentation and/or other materials provided with the distribution.\n"
102 "\n";
103 const char *const wpa_supplicant_full_license4 =
104 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105 " names of its contributors may be used to endorse or promote products\n"
106 " derived from this software without specific prior written permission.\n"
107 "\n"
108 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
112 const char *const wpa_supplicant_full_license5 =
113 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
120 "\n";
121 #endif /* CONFIG_NO_STDOUT_DEBUG */
122
123
124 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
125 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
127 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
128 #ifdef CONFIG_OWE
129 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
130 #endif /* CONFIG_OWE */
131
132
133 /* Configure default/group WEP keys for static WEP */
134 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
135 {
136 int i, set = 0;
137
138 for (i = 0; i < NUM_WEP_KEYS; i++) {
139 if (ssid->wep_key_len[i] == 0)
140 continue;
141
142 set = 1;
143 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
144 i, i == ssid->wep_tx_keyidx, NULL, 0,
145 ssid->wep_key[i], ssid->wep_key_len[i],
146 i == ssid->wep_tx_keyidx ?
147 KEY_FLAG_GROUP_RX_TX_DEFAULT :
148 KEY_FLAG_GROUP_RX_TX);
149 }
150
151 return set;
152 }
153
154
155 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
156 struct wpa_ssid *ssid)
157 {
158 u8 key[32];
159 size_t keylen;
160 enum wpa_alg alg;
161 u8 seq[6] = { 0 };
162 int ret;
163
164 /* IBSS/WPA-None uses only one key (Group) for both receiving and
165 * sending unicast and multicast packets. */
166
167 if (ssid->mode != WPAS_MODE_IBSS) {
168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
169 "IBSS/ad-hoc) for WPA-None", ssid->mode);
170 return -1;
171 }
172
173 if (!ssid->psk_set) {
174 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
175 "WPA-None");
176 return -1;
177 }
178
179 switch (wpa_s->group_cipher) {
180 case WPA_CIPHER_CCMP:
181 os_memcpy(key, ssid->psk, 16);
182 keylen = 16;
183 alg = WPA_ALG_CCMP;
184 break;
185 case WPA_CIPHER_GCMP:
186 os_memcpy(key, ssid->psk, 16);
187 keylen = 16;
188 alg = WPA_ALG_GCMP;
189 break;
190 case WPA_CIPHER_TKIP:
191 /* WPA-None uses the same Michael MIC key for both TX and RX */
192 os_memcpy(key, ssid->psk, 16 + 8);
193 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
194 keylen = 32;
195 alg = WPA_ALG_TKIP;
196 break;
197 default:
198 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
199 "WPA-None", wpa_s->group_cipher);
200 return -1;
201 }
202
203 /* TODO: should actually remember the previously used seq#, both for TX
204 * and RX from each STA.. */
205
206 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
207 KEY_FLAG_GROUP_RX_TX_DEFAULT);
208 os_memset(key, 0, sizeof(key));
209 return ret;
210 }
211
212
213 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
214 {
215 struct wpa_supplicant *wpa_s = eloop_ctx;
216 const u8 *bssid = wpa_s->bssid;
217 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
218 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
219 wpa_s->wpa_state == WPA_ASSOCIATING))
220 bssid = wpa_s->pending_bssid;
221 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
222 MAC2STR(bssid));
223 wpa_blacklist_add(wpa_s, bssid);
224 wpa_sm_notify_disassoc(wpa_s->wpa);
225 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
226 wpa_s->reassociate = 1;
227
228 /*
229 * If we timed out, the AP or the local radio may be busy.
230 * So, wait a second until scanning again.
231 */
232 wpa_supplicant_req_scan(wpa_s, 1, 0);
233 }
234
235
236 /**
237 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
238 * @wpa_s: Pointer to wpa_supplicant data
239 * @sec: Number of seconds after which to time out authentication
240 * @usec: Number of microseconds after which to time out authentication
241 *
242 * This function is used to schedule a timeout for the current authentication
243 * attempt.
244 */
245 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
246 int sec, int usec)
247 {
248 if (wpa_s->conf->ap_scan == 0 &&
249 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
250 return;
251
252 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
253 "%d usec", sec, usec);
254 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
255 wpa_s->last_auth_timeout_sec = sec;
256 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
257 }
258
259
260 /*
261 * wpas_auth_timeout_restart - Restart and change timeout for authentication
262 * @wpa_s: Pointer to wpa_supplicant data
263 * @sec_diff: difference in seconds applied to original timeout value
264 */
265 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
266 {
267 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
268
269 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
270 wpa_dbg(wpa_s, MSG_DEBUG,
271 "Authentication timeout restart: %d sec", new_sec);
272 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
273 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
274 wpa_s, NULL);
275 }
276 }
277
278
279 /**
280 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
281 * @wpa_s: Pointer to wpa_supplicant data
282 *
283 * This function is used to cancel authentication timeout scheduled with
284 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
285 * been completed.
286 */
287 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
288 {
289 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
290 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
291 wpa_blacklist_del(wpa_s, wpa_s->bssid);
292 os_free(wpa_s->last_con_fail_realm);
293 wpa_s->last_con_fail_realm = NULL;
294 wpa_s->last_con_fail_realm_len = 0;
295 }
296
297
298 /**
299 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
300 * @wpa_s: Pointer to wpa_supplicant data
301 *
302 * This function is used to configure EAPOL state machine based on the selected
303 * authentication mode.
304 */
305 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
306 {
307 #ifdef IEEE8021X_EAPOL
308 struct eapol_config eapol_conf;
309 struct wpa_ssid *ssid = wpa_s->current_ssid;
310
311 #ifdef CONFIG_IBSS_RSN
312 if (ssid->mode == WPAS_MODE_IBSS &&
313 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
314 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
315 /*
316 * RSN IBSS authentication is per-STA and we can disable the
317 * per-BSSID EAPOL authentication.
318 */
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
321 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
322 return;
323 }
324 #endif /* CONFIG_IBSS_RSN */
325
326 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
327 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
328
329 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
330 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
331 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
332 else
333 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
334
335 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
336 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
337 eapol_conf.accept_802_1x_keys = 1;
338 eapol_conf.required_keys = 0;
339 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
340 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
341 }
342 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
343 eapol_conf.required_keys |=
344 EAPOL_REQUIRE_KEY_BROADCAST;
345 }
346
347 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
348 eapol_conf.required_keys = 0;
349 }
350 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
351 eapol_conf.workaround = ssid->eap_workaround;
352 eapol_conf.eap_disabled =
353 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
354 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
355 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
356 eapol_conf.external_sim = wpa_s->conf->external_sim;
357
358 #ifdef CONFIG_WPS
359 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
360 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
361 if (wpa_s->current_bss) {
362 struct wpabuf *ie;
363 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
364 WPS_IE_VENDOR_TYPE);
365 if (ie) {
366 if (wps_is_20(ie))
367 eapol_conf.wps |=
368 EAPOL_PEER_IS_WPS20_AP;
369 wpabuf_free(ie);
370 }
371 }
372 }
373 #endif /* CONFIG_WPS */
374
375 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
376
377 #ifdef CONFIG_MACSEC
378 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
379 ieee802_1x_create_preshared_mka(wpa_s, ssid);
380 else
381 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
382 #endif /* CONFIG_MACSEC */
383 #endif /* IEEE8021X_EAPOL */
384 }
385
386
387 /**
388 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
389 * @wpa_s: Pointer to wpa_supplicant data
390 * @ssid: Configuration data for the network
391 *
392 * This function is used to configure WPA state machine and related parameters
393 * to a mode where WPA is not enabled. This is called as part of the
394 * authentication configuration when the selected network does not use WPA.
395 */
396 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
397 struct wpa_ssid *ssid)
398 {
399 int i;
400
401 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
402 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
403 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
404 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
405 else
406 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
407 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
408 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
409 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
410 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
411 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
412 wpa_s->rsnxe_len = 0;
413 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
414 wpa_s->group_cipher = WPA_CIPHER_NONE;
415 wpa_s->mgmt_group_cipher = 0;
416
417 for (i = 0; i < NUM_WEP_KEYS; i++) {
418 if (ssid->wep_key_len[i] > 5) {
419 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
420 wpa_s->group_cipher = WPA_CIPHER_WEP104;
421 break;
422 } else if (ssid->wep_key_len[i] > 0) {
423 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
424 wpa_s->group_cipher = WPA_CIPHER_WEP40;
425 break;
426 }
427 }
428
429 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
430 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
431 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
432 wpa_s->pairwise_cipher);
433 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
434 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
435 wpa_s->mgmt_group_cipher);
436
437 pmksa_cache_clear_current(wpa_s->wpa);
438 }
439
440
441 void free_hw_features(struct wpa_supplicant *wpa_s)
442 {
443 int i;
444 if (wpa_s->hw.modes == NULL)
445 return;
446
447 for (i = 0; i < wpa_s->hw.num_modes; i++) {
448 os_free(wpa_s->hw.modes[i].channels);
449 os_free(wpa_s->hw.modes[i].rates);
450 }
451
452 os_free(wpa_s->hw.modes);
453 wpa_s->hw.modes = NULL;
454 }
455
456
457 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
458 {
459 struct wpa_bss_tmp_disallowed *bss, *prev;
460
461 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
462 struct wpa_bss_tmp_disallowed, list) {
463 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
464 dl_list_del(&bss->list);
465 os_free(bss);
466 }
467 }
468
469
470 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
471 {
472 struct fils_hlp_req *req;
473
474 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
475 list)) != NULL) {
476 dl_list_del(&req->list);
477 wpabuf_free(req->pkt);
478 os_free(req);
479 }
480 }
481
482
483 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
484 {
485 struct wpa_supplicant *wpa_s = eloop_ctx;
486
487 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
488 return;
489 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
490 wpa_bss_flush(wpa_s);
491 }
492
493
494 #ifdef CONFIG_TESTING_OPTIONS
495 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
496 {
497 struct driver_signal_override *dso;
498
499 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
500 struct driver_signal_override, list))) {
501 dl_list_del(&dso->list);
502 os_free(dso);
503 }
504 }
505 #endif /* CONFIG_TESTING_OPTIONS */
506
507
508 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
509 {
510 int i;
511
512 bgscan_deinit(wpa_s);
513 autoscan_deinit(wpa_s);
514 scard_deinit(wpa_s->scard);
515 wpa_s->scard = NULL;
516 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
517 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
518 l2_packet_deinit(wpa_s->l2);
519 wpa_s->l2 = NULL;
520 if (wpa_s->l2_br) {
521 l2_packet_deinit(wpa_s->l2_br);
522 wpa_s->l2_br = NULL;
523 }
524 #ifdef CONFIG_TESTING_OPTIONS
525 l2_packet_deinit(wpa_s->l2_test);
526 wpa_s->l2_test = NULL;
527 os_free(wpa_s->get_pref_freq_list_override);
528 wpa_s->get_pref_freq_list_override = NULL;
529 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
530 wpa_s->last_assoc_req_wpa_ie = NULL;
531 os_free(wpa_s->extra_sae_rejected_groups);
532 wpa_s->extra_sae_rejected_groups = NULL;
533 wpabuf_free(wpa_s->rsnxe_override_assoc);
534 wpa_s->rsnxe_override_assoc = NULL;
535 wpabuf_free(wpa_s->rsnxe_override_eapol);
536 wpa_s->rsnxe_override_eapol = NULL;
537 wpas_clear_driver_signal_override(wpa_s);
538 #endif /* CONFIG_TESTING_OPTIONS */
539
540 if (wpa_s->conf != NULL) {
541 struct wpa_ssid *ssid;
542 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
543 wpas_notify_network_removed(wpa_s, ssid);
544 }
545
546 os_free(wpa_s->confname);
547 wpa_s->confname = NULL;
548
549 os_free(wpa_s->confanother);
550 wpa_s->confanother = NULL;
551
552 os_free(wpa_s->last_con_fail_realm);
553 wpa_s->last_con_fail_realm = NULL;
554 wpa_s->last_con_fail_realm_len = 0;
555
556 wpa_sm_set_eapol(wpa_s->wpa, NULL);
557 eapol_sm_deinit(wpa_s->eapol);
558 wpa_s->eapol = NULL;
559
560 rsn_preauth_deinit(wpa_s->wpa);
561
562 #ifdef CONFIG_TDLS
563 wpa_tdls_deinit(wpa_s->wpa);
564 #endif /* CONFIG_TDLS */
565
566 wmm_ac_clear_saved_tspecs(wpa_s);
567 pmksa_candidate_free(wpa_s->wpa);
568 wpa_sm_deinit(wpa_s->wpa);
569 wpa_s->wpa = NULL;
570 wpa_blacklist_clear(wpa_s);
571
572 wpa_bss_deinit(wpa_s);
573
574 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
575 wpa_supplicant_cancel_scan(wpa_s);
576 wpa_supplicant_cancel_auth_timeout(wpa_s);
577 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
578 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
579 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
580 wpa_s, NULL);
581 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
582
583 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
584 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
585
586 wpas_wps_deinit(wpa_s);
587
588 wpabuf_free(wpa_s->pending_eapol_rx);
589 wpa_s->pending_eapol_rx = NULL;
590
591 #ifdef CONFIG_IBSS_RSN
592 ibss_rsn_deinit(wpa_s->ibss_rsn);
593 wpa_s->ibss_rsn = NULL;
594 #endif /* CONFIG_IBSS_RSN */
595
596 sme_deinit(wpa_s);
597
598 #ifdef CONFIG_AP
599 wpa_supplicant_ap_deinit(wpa_s);
600 #endif /* CONFIG_AP */
601
602 wpas_p2p_deinit(wpa_s);
603
604 #ifdef CONFIG_OFFCHANNEL
605 offchannel_deinit(wpa_s);
606 #endif /* CONFIG_OFFCHANNEL */
607
608 wpa_supplicant_cancel_sched_scan(wpa_s);
609
610 os_free(wpa_s->next_scan_freqs);
611 wpa_s->next_scan_freqs = NULL;
612
613 os_free(wpa_s->manual_scan_freqs);
614 wpa_s->manual_scan_freqs = NULL;
615 os_free(wpa_s->select_network_scan_freqs);
616 wpa_s->select_network_scan_freqs = NULL;
617
618 os_free(wpa_s->manual_sched_scan_freqs);
619 wpa_s->manual_sched_scan_freqs = NULL;
620
621 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
622
623 /*
624 * Need to remove any pending gas-query radio work before the
625 * gas_query_deinit() call because gas_query::work has not yet been set
626 * for works that have not been started. gas_query_free() will be unable
627 * to cancel such pending radio works and once the pending gas-query
628 * radio work eventually gets removed, the deinit notification call to
629 * gas_query_start_cb() would result in dereferencing freed memory.
630 */
631 if (wpa_s->radio)
632 radio_remove_works(wpa_s, "gas-query", 0);
633 gas_query_deinit(wpa_s->gas);
634 wpa_s->gas = NULL;
635 gas_server_deinit(wpa_s->gas_server);
636 wpa_s->gas_server = NULL;
637
638 free_hw_features(wpa_s);
639
640 ieee802_1x_dealloc_kay_sm(wpa_s);
641
642 os_free(wpa_s->bssid_filter);
643 wpa_s->bssid_filter = NULL;
644
645 os_free(wpa_s->disallow_aps_bssid);
646 wpa_s->disallow_aps_bssid = NULL;
647 os_free(wpa_s->disallow_aps_ssid);
648 wpa_s->disallow_aps_ssid = NULL;
649
650 wnm_bss_keep_alive_deinit(wpa_s);
651 #ifdef CONFIG_WNM
652 wnm_deallocate_memory(wpa_s);
653 #endif /* CONFIG_WNM */
654
655 ext_password_deinit(wpa_s->ext_pw);
656 wpa_s->ext_pw = NULL;
657
658 wpabuf_free(wpa_s->last_gas_resp);
659 wpa_s->last_gas_resp = NULL;
660 wpabuf_free(wpa_s->prev_gas_resp);
661 wpa_s->prev_gas_resp = NULL;
662
663 os_free(wpa_s->last_scan_res);
664 wpa_s->last_scan_res = NULL;
665
666 #ifdef CONFIG_HS20
667 if (wpa_s->drv_priv)
668 wpa_drv_configure_frame_filters(wpa_s, 0);
669 hs20_deinit(wpa_s);
670 #endif /* CONFIG_HS20 */
671
672 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
673 wpabuf_free(wpa_s->vendor_elem[i]);
674 wpa_s->vendor_elem[i] = NULL;
675 }
676
677 wmm_ac_notify_disassoc(wpa_s);
678
679 wpa_s->sched_scan_plans_num = 0;
680 os_free(wpa_s->sched_scan_plans);
681 wpa_s->sched_scan_plans = NULL;
682
683 #ifdef CONFIG_MBO
684 wpa_s->non_pref_chan_num = 0;
685 os_free(wpa_s->non_pref_chan);
686 wpa_s->non_pref_chan = NULL;
687 #endif /* CONFIG_MBO */
688
689 free_bss_tmp_disallowed(wpa_s);
690
691 wpabuf_free(wpa_s->lci);
692 wpa_s->lci = NULL;
693 wpas_clear_beacon_rep_data(wpa_s);
694
695 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
696 #ifdef CONFIG_MESH
697 {
698 struct external_pmksa_cache *entry;
699
700 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
701 struct external_pmksa_cache,
702 list)) != NULL) {
703 dl_list_del(&entry->list);
704 os_free(entry->pmksa_cache);
705 os_free(entry);
706 }
707 }
708 #endif /* CONFIG_MESH */
709 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
710
711 wpas_flush_fils_hlp_req(wpa_s);
712
713 wpabuf_free(wpa_s->ric_ies);
714 wpa_s->ric_ies = NULL;
715
716 #ifdef CONFIG_DPP
717 wpas_dpp_deinit(wpa_s);
718 dpp_global_deinit(wpa_s->dpp);
719 wpa_s->dpp = NULL;
720 #endif /* CONFIG_DPP */
721 }
722
723
724 /**
725 * wpa_clear_keys - Clear keys configured for the driver
726 * @wpa_s: Pointer to wpa_supplicant data
727 * @addr: Previously used BSSID or %NULL if not available
728 *
729 * This function clears the encryption keys that has been previously configured
730 * for the driver.
731 */
732 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
733 {
734 int i, max = 6;
735
736 /* MLME-DELETEKEYS.request */
737 for (i = 0; i < max; i++) {
738 if (wpa_s->keys_cleared & BIT(i))
739 continue;
740 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
741 NULL, 0, KEY_FLAG_GROUP);
742 }
743 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
744 !is_zero_ether_addr(addr)) {
745 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
746 0, KEY_FLAG_PAIRWISE);
747 /* MLME-SETPROTECTION.request(None) */
748 wpa_drv_mlme_setprotection(
749 wpa_s, addr,
750 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
751 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
752 }
753 wpa_s->keys_cleared = (u32) -1;
754 }
755
756
757 /**
758 * wpa_supplicant_state_txt - Get the connection state name as a text string
759 * @state: State (wpa_state; WPA_*)
760 * Returns: The state name as a printable text string
761 */
762 const char * wpa_supplicant_state_txt(enum wpa_states state)
763 {
764 switch (state) {
765 case WPA_DISCONNECTED:
766 return "DISCONNECTED";
767 case WPA_INACTIVE:
768 return "INACTIVE";
769 case WPA_INTERFACE_DISABLED:
770 return "INTERFACE_DISABLED";
771 case WPA_SCANNING:
772 return "SCANNING";
773 case WPA_AUTHENTICATING:
774 return "AUTHENTICATING";
775 case WPA_ASSOCIATING:
776 return "ASSOCIATING";
777 case WPA_ASSOCIATED:
778 return "ASSOCIATED";
779 case WPA_4WAY_HANDSHAKE:
780 return "4WAY_HANDSHAKE";
781 case WPA_GROUP_HANDSHAKE:
782 return "GROUP_HANDSHAKE";
783 case WPA_COMPLETED:
784 return "COMPLETED";
785 default:
786 return "UNKNOWN";
787 }
788 }
789
790
791 #ifdef CONFIG_BGSCAN
792
793 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
794 {
795 const char *name;
796
797 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
798 name = wpa_s->current_ssid->bgscan;
799 else
800 name = wpa_s->conf->bgscan;
801 if (name == NULL || name[0] == '\0')
802 return;
803 if (wpas_driver_bss_selection(wpa_s))
804 return;
805 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
806 return;
807 #ifdef CONFIG_P2P
808 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
809 return;
810 #endif /* CONFIG_P2P */
811
812 bgscan_deinit(wpa_s);
813 if (wpa_s->current_ssid) {
814 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
815 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
816 "bgscan");
817 /*
818 * Live without bgscan; it is only used as a roaming
819 * optimization, so the initial connection is not
820 * affected.
821 */
822 } else {
823 struct wpa_scan_results *scan_res;
824 wpa_s->bgscan_ssid = wpa_s->current_ssid;
825 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
826 0);
827 if (scan_res) {
828 bgscan_notify_scan(wpa_s, scan_res);
829 wpa_scan_results_free(scan_res);
830 }
831 }
832 } else
833 wpa_s->bgscan_ssid = NULL;
834 }
835
836
837 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
838 {
839 if (wpa_s->bgscan_ssid != NULL) {
840 bgscan_deinit(wpa_s);
841 wpa_s->bgscan_ssid = NULL;
842 }
843 }
844
845 #endif /* CONFIG_BGSCAN */
846
847
848 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
849 {
850 if (autoscan_init(wpa_s, 0))
851 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
852 }
853
854
855 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
856 {
857 autoscan_deinit(wpa_s);
858 }
859
860
861 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
862 {
863 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
864 wpa_s->wpa_state == WPA_SCANNING) {
865 autoscan_deinit(wpa_s);
866 wpa_supplicant_start_autoscan(wpa_s);
867 }
868 }
869
870
871 /**
872 * wpa_supplicant_set_state - Set current connection state
873 * @wpa_s: Pointer to wpa_supplicant data
874 * @state: The new connection state
875 *
876 * This function is called whenever the connection state changes, e.g.,
877 * association is completed for WPA/WPA2 4-Way Handshake is started.
878 */
879 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
880 enum wpa_states state)
881 {
882 enum wpa_states old_state = wpa_s->wpa_state;
883 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
884 Boolean update_fils_connect_params = FALSE;
885 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
886
887 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
888 wpa_supplicant_state_txt(wpa_s->wpa_state),
889 wpa_supplicant_state_txt(state));
890
891 if (state == WPA_COMPLETED &&
892 os_reltime_initialized(&wpa_s->roam_start)) {
893 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
894 wpa_s->roam_start.sec = 0;
895 wpa_s->roam_start.usec = 0;
896 wpas_notify_auth_changed(wpa_s);
897 wpas_notify_roam_time(wpa_s);
898 wpas_notify_roam_complete(wpa_s);
899 } else if (state == WPA_DISCONNECTED &&
900 os_reltime_initialized(&wpa_s->roam_start)) {
901 wpa_s->roam_start.sec = 0;
902 wpa_s->roam_start.usec = 0;
903 wpa_s->roam_time.sec = 0;
904 wpa_s->roam_time.usec = 0;
905 wpas_notify_roam_complete(wpa_s);
906 }
907
908 if (state == WPA_INTERFACE_DISABLED) {
909 /* Assure normal scan when interface is restored */
910 wpa_s->normal_scans = 0;
911 }
912
913 if (state == WPA_COMPLETED) {
914 wpas_connect_work_done(wpa_s);
915 /* Reinitialize normal_scan counter */
916 wpa_s->normal_scans = 0;
917 }
918
919 #ifdef CONFIG_P2P
920 /*
921 * P2PS client has to reply to Probe Request frames received on the
922 * group operating channel. Enable Probe Request frame reporting for
923 * P2P connected client in case p2p_cli_probe configuration property is
924 * set to 1.
925 */
926 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
927 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
928 wpa_s->current_ssid->p2p_group) {
929 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
930 wpa_dbg(wpa_s, MSG_DEBUG,
931 "P2P: Enable CLI Probe Request RX reporting");
932 wpa_s->p2p_cli_probe =
933 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
934 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
935 wpa_dbg(wpa_s, MSG_DEBUG,
936 "P2P: Disable CLI Probe Request RX reporting");
937 wpa_s->p2p_cli_probe = 0;
938 wpa_drv_probe_req_report(wpa_s, 0);
939 }
940 }
941 #endif /* CONFIG_P2P */
942
943 if (state != WPA_SCANNING)
944 wpa_supplicant_notify_scanning(wpa_s, 0);
945
946 if (state == WPA_COMPLETED && wpa_s->new_connection) {
947 struct wpa_ssid *ssid = wpa_s->current_ssid;
948 int fils_hlp_sent = 0;
949
950 #ifdef CONFIG_SME
951 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
952 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
953 fils_hlp_sent = 1;
954 #endif /* CONFIG_SME */
955 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
956 wpa_auth_alg_fils(wpa_s->auth_alg))
957 fils_hlp_sent = 1;
958
959 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
960 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
961 MACSTR " completed [id=%d id_str=%s%s]",
962 MAC2STR(wpa_s->bssid),
963 ssid ? ssid->id : -1,
964 ssid && ssid->id_str ? ssid->id_str : "",
965 fils_hlp_sent ? " FILS_HLP_SENT" : "");
966 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
967 wpas_clear_temp_disabled(wpa_s, ssid, 1);
968 wpa_blacklist_clear(wpa_s);
969 wpa_s->extra_blacklist_count = 0;
970 wpa_s->new_connection = 0;
971 wpa_drv_set_operstate(wpa_s, 1);
972 #ifndef IEEE8021X_EAPOL
973 wpa_drv_set_supp_port(wpa_s, 1);
974 #endif /* IEEE8021X_EAPOL */
975 wpa_s->after_wps = 0;
976 wpa_s->known_wps_freq = 0;
977 wpas_p2p_completed(wpa_s);
978
979 sme_sched_obss_scan(wpa_s, 1);
980
981 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
982 if (!fils_hlp_sent && ssid && ssid->eap.erp)
983 update_fils_connect_params = TRUE;
984 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
985 #ifdef CONFIG_OWE
986 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
987 wpas_update_owe_connect_params(wpa_s);
988 #endif /* CONFIG_OWE */
989 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
990 state == WPA_ASSOCIATED) {
991 wpa_s->new_connection = 1;
992 wpa_drv_set_operstate(wpa_s, 0);
993 #ifndef IEEE8021X_EAPOL
994 wpa_drv_set_supp_port(wpa_s, 0);
995 #endif /* IEEE8021X_EAPOL */
996 sme_sched_obss_scan(wpa_s, 0);
997 }
998 wpa_s->wpa_state = state;
999
1000 #ifdef CONFIG_BGSCAN
1001 if (state == WPA_COMPLETED)
1002 wpa_supplicant_start_bgscan(wpa_s);
1003 else if (state < WPA_ASSOCIATED)
1004 wpa_supplicant_stop_bgscan(wpa_s);
1005 #endif /* CONFIG_BGSCAN */
1006
1007 if (state > WPA_SCANNING)
1008 wpa_supplicant_stop_autoscan(wpa_s);
1009
1010 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1011 wpa_supplicant_start_autoscan(wpa_s);
1012
1013 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1014 wmm_ac_notify_disassoc(wpa_s);
1015
1016 if (wpa_s->wpa_state != old_state) {
1017 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1018
1019 /*
1020 * Notify the P2P Device interface about a state change in one
1021 * of the interfaces.
1022 */
1023 wpas_p2p_indicate_state_change(wpa_s);
1024
1025 if (wpa_s->wpa_state == WPA_COMPLETED ||
1026 old_state == WPA_COMPLETED)
1027 wpas_notify_auth_changed(wpa_s);
1028 #ifdef CONFIG_DPP2
1029 if (wpa_s->wpa_state == WPA_COMPLETED)
1030 wpas_dpp_connected(wpa_s);
1031 #endif /* CONFIG_DPP2 */
1032 }
1033 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1034 if (update_fils_connect_params)
1035 wpas_update_fils_connect_params(wpa_s);
1036 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1037 }
1038
1039
1040 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1041 {
1042 int pending = 0;
1043 #ifdef CONFIG_WPS
1044 struct wpa_supplicant *wpa_s = global->ifaces;
1045 while (wpa_s) {
1046 struct wpa_supplicant *next = wpa_s->next;
1047 if (wpas_wps_terminate_pending(wpa_s) == 1)
1048 pending = 1;
1049 #ifdef CONFIG_P2P
1050 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1051 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1052 wpas_p2p_disconnect(wpa_s);
1053 #endif /* CONFIG_P2P */
1054 wpa_s = next;
1055 }
1056 #endif /* CONFIG_WPS */
1057 if (pending)
1058 return;
1059 eloop_terminate();
1060 }
1061
1062
1063 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1064 {
1065 struct wpa_global *global = signal_ctx;
1066 wpa_supplicant_terminate_proc(global);
1067 }
1068
1069
1070 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1071 {
1072 enum wpa_states old_state = wpa_s->wpa_state;
1073
1074 wpa_s->pairwise_cipher = 0;
1075 wpa_s->group_cipher = 0;
1076 wpa_s->mgmt_group_cipher = 0;
1077 wpa_s->key_mgmt = 0;
1078 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1079 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1080
1081 if (wpa_s->wpa_state != old_state)
1082 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1083 }
1084
1085
1086 /**
1087 * wpa_supplicant_reload_configuration - Reload configuration data
1088 * @wpa_s: Pointer to wpa_supplicant data
1089 * Returns: 0 on success or -1 if configuration parsing failed
1090 *
1091 * This function can be used to request that the configuration data is reloaded
1092 * (e.g., after configuration file change). This function is reloading
1093 * configuration only for one interface, so this may need to be called multiple
1094 * times if %wpa_supplicant is controlling multiple interfaces and all
1095 * interfaces need reconfiguration.
1096 */
1097 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1098 {
1099 struct wpa_config *conf;
1100 int reconf_ctrl;
1101 int old_ap_scan;
1102
1103 if (wpa_s->confname == NULL)
1104 return -1;
1105 conf = wpa_config_read(wpa_s->confname, NULL);
1106 if (conf == NULL) {
1107 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1108 "file '%s' - exiting", wpa_s->confname);
1109 return -1;
1110 }
1111 if (wpa_s->confanother &&
1112 !wpa_config_read(wpa_s->confanother, conf)) {
1113 wpa_msg(wpa_s, MSG_ERROR,
1114 "Failed to parse the configuration file '%s' - exiting",
1115 wpa_s->confanother);
1116 return -1;
1117 }
1118
1119 conf->changed_parameters = (unsigned int) -1;
1120
1121 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1122 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1123 os_strcmp(conf->ctrl_interface,
1124 wpa_s->conf->ctrl_interface) != 0);
1125
1126 if (reconf_ctrl && wpa_s->ctrl_iface) {
1127 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1128 wpa_s->ctrl_iface = NULL;
1129 }
1130
1131 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1132 if (wpa_s->current_ssid) {
1133 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1134 wpa_s->own_disconnect_req = 1;
1135 wpa_supplicant_deauthenticate(wpa_s,
1136 WLAN_REASON_DEAUTH_LEAVING);
1137 }
1138
1139 /*
1140 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1141 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1142 */
1143 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1144 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1145 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1146 /*
1147 * Clear forced success to clear EAP state for next
1148 * authentication.
1149 */
1150 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1151 }
1152 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1153 wpa_sm_set_config(wpa_s->wpa, NULL);
1154 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1155 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1156 rsn_preauth_deinit(wpa_s->wpa);
1157
1158 old_ap_scan = wpa_s->conf->ap_scan;
1159 wpa_config_free(wpa_s->conf);
1160 wpa_s->conf = conf;
1161 if (old_ap_scan != wpa_s->conf->ap_scan)
1162 wpas_notify_ap_scan_changed(wpa_s);
1163
1164 if (reconf_ctrl)
1165 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1166
1167 wpa_supplicant_update_config(wpa_s);
1168
1169 wpa_supplicant_clear_status(wpa_s);
1170 if (wpa_supplicant_enabled_networks(wpa_s)) {
1171 wpa_s->reassociate = 1;
1172 wpa_supplicant_req_scan(wpa_s, 0, 0);
1173 }
1174 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1175 return 0;
1176 }
1177
1178
1179 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1180 {
1181 struct wpa_global *global = signal_ctx;
1182 struct wpa_supplicant *wpa_s;
1183 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1184 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1185 sig);
1186 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1187 wpa_supplicant_terminate_proc(global);
1188 }
1189 }
1190
1191 if (wpa_debug_reopen_file() < 0) {
1192 /* Ignore errors since we cannot really do much to fix this */
1193 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1194 }
1195 }
1196
1197
1198 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1199 struct wpa_ssid *ssid,
1200 struct wpa_ie_data *ie)
1201 {
1202 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1203 if (ret) {
1204 if (ret == -2) {
1205 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1206 "from association info");
1207 }
1208 return -1;
1209 }
1210
1211 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1212 "cipher suites");
1213 if (!(ie->group_cipher & ssid->group_cipher)) {
1214 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1215 "cipher 0x%x (mask 0x%x) - reject",
1216 ie->group_cipher, ssid->group_cipher);
1217 return -1;
1218 }
1219 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1220 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1221 "cipher 0x%x (mask 0x%x) - reject",
1222 ie->pairwise_cipher, ssid->pairwise_cipher);
1223 return -1;
1224 }
1225 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1226 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1227 "management 0x%x (mask 0x%x) - reject",
1228 ie->key_mgmt, ssid->key_mgmt);
1229 return -1;
1230 }
1231
1232 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1233 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1234 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1235 "that does not support management frame protection - "
1236 "reject");
1237 return -1;
1238 }
1239
1240 return 0;
1241 }
1242
1243
1244 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1245 int freq)
1246 {
1247 if (!ie->has_group)
1248 ie->group_cipher = wpa_default_rsn_cipher(freq);
1249 if (!ie->has_pairwise)
1250 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1251 return (ie->group_cipher & ssid->group_cipher) &&
1252 (ie->pairwise_cipher & ssid->pairwise_cipher);
1253 }
1254
1255
1256 /**
1257 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1258 * @wpa_s: Pointer to wpa_supplicant data
1259 * @bss: Scan results for the selected BSS, or %NULL if not available
1260 * @ssid: Configuration data for the selected network
1261 * @wpa_ie: Buffer for the WPA/RSN IE
1262 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1263 * used buffer length in case the functions returns success.
1264 * Returns: 0 on success or -1 on failure
1265 *
1266 * This function is used to configure authentication and encryption parameters
1267 * based on the network configuration and scan result for the selected BSS (if
1268 * available).
1269 */
1270 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1271 struct wpa_bss *bss, struct wpa_ssid *ssid,
1272 u8 *wpa_ie, size_t *wpa_ie_len)
1273 {
1274 struct wpa_ie_data ie;
1275 int sel, proto, sae_pwe;
1276 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1277
1278 if (bss) {
1279 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1280 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1281 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1282 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1283 } else {
1284 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1285 }
1286
1287 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1288 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1289 matching_ciphers(ssid, &ie, bss->freq) &&
1290 (ie.key_mgmt & ssid->key_mgmt)) {
1291 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1292 proto = WPA_PROTO_RSN;
1293 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1294 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1295 (ie.group_cipher & ssid->group_cipher) &&
1296 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1297 (ie.key_mgmt & ssid->key_mgmt)) {
1298 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1299 proto = WPA_PROTO_WPA;
1300 #ifdef CONFIG_HS20
1301 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1302 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1303 (ie.group_cipher & ssid->group_cipher) &&
1304 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1305 (ie.key_mgmt & ssid->key_mgmt)) {
1306 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1307 proto = WPA_PROTO_OSEN;
1308 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1309 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1310 (ie.group_cipher & ssid->group_cipher) &&
1311 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1312 (ie.key_mgmt & ssid->key_mgmt)) {
1313 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1314 proto = WPA_PROTO_RSN;
1315 #endif /* CONFIG_HS20 */
1316 } else if (bss) {
1317 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1318 wpa_dbg(wpa_s, MSG_DEBUG,
1319 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1320 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1321 ssid->key_mgmt);
1322 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1323 MAC2STR(bss->bssid),
1324 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1325 bss_wpa ? " WPA" : "",
1326 bss_rsn ? " RSN" : "",
1327 bss_osen ? " OSEN" : "");
1328 if (bss_rsn) {
1329 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1330 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1331 wpa_dbg(wpa_s, MSG_DEBUG,
1332 "Could not parse RSN element");
1333 } else {
1334 wpa_dbg(wpa_s, MSG_DEBUG,
1335 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1336 ie.pairwise_cipher, ie.group_cipher,
1337 ie.key_mgmt);
1338 }
1339 }
1340 if (bss_wpa) {
1341 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1342 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1343 wpa_dbg(wpa_s, MSG_DEBUG,
1344 "Could not parse WPA element");
1345 } else {
1346 wpa_dbg(wpa_s, MSG_DEBUG,
1347 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1348 ie.pairwise_cipher, ie.group_cipher,
1349 ie.key_mgmt);
1350 }
1351 }
1352 return -1;
1353 } else {
1354 if (ssid->proto & WPA_PROTO_OSEN)
1355 proto = WPA_PROTO_OSEN;
1356 else if (ssid->proto & WPA_PROTO_RSN)
1357 proto = WPA_PROTO_RSN;
1358 else
1359 proto = WPA_PROTO_WPA;
1360 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1361 os_memset(&ie, 0, sizeof(ie));
1362 ie.group_cipher = ssid->group_cipher;
1363 ie.pairwise_cipher = ssid->pairwise_cipher;
1364 ie.key_mgmt = ssid->key_mgmt;
1365 ie.mgmt_group_cipher = 0;
1366 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1367 if (ssid->group_mgmt_cipher &
1368 WPA_CIPHER_BIP_GMAC_256)
1369 ie.mgmt_group_cipher =
1370 WPA_CIPHER_BIP_GMAC_256;
1371 else if (ssid->group_mgmt_cipher &
1372 WPA_CIPHER_BIP_CMAC_256)
1373 ie.mgmt_group_cipher =
1374 WPA_CIPHER_BIP_CMAC_256;
1375 else if (ssid->group_mgmt_cipher &
1376 WPA_CIPHER_BIP_GMAC_128)
1377 ie.mgmt_group_cipher =
1378 WPA_CIPHER_BIP_GMAC_128;
1379 else
1380 ie.mgmt_group_cipher =
1381 WPA_CIPHER_AES_128_CMAC;
1382 }
1383 #ifdef CONFIG_OWE
1384 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1385 !ssid->owe_only &&
1386 !bss_wpa && !bss_rsn && !bss_osen) {
1387 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1388 wpa_s->wpa_proto = 0;
1389 *wpa_ie_len = 0;
1390 return 0;
1391 }
1392 #endif /* CONFIG_OWE */
1393 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1394 "based on configuration");
1395 } else
1396 proto = ie.proto;
1397 }
1398
1399 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1400 "pairwise %d key_mgmt %d proto %d",
1401 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1402 if (ssid->ieee80211w) {
1403 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1404 ie.mgmt_group_cipher);
1405 }
1406
1407 wpa_s->wpa_proto = proto;
1408 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1409 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1410 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1411
1412 if (bss || !wpa_s->ap_ies_from_associnfo) {
1413 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1414 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1415 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1416 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1417 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1418 bss_rsnx ? 2 + bss_rsnx[1] : 0))
1419 return -1;
1420 }
1421
1422 #ifdef CONFIG_NO_WPA
1423 wpa_s->group_cipher = WPA_CIPHER_NONE;
1424 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1425 #else /* CONFIG_NO_WPA */
1426 sel = ie.group_cipher & ssid->group_cipher;
1427 wpa_dbg(wpa_s, MSG_DEBUG,
1428 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1429 ie.group_cipher, ssid->group_cipher, sel);
1430 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1431 if (wpa_s->group_cipher < 0) {
1432 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1433 "cipher");
1434 return -1;
1435 }
1436 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1437 wpa_cipher_txt(wpa_s->group_cipher));
1438
1439 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1440 wpa_dbg(wpa_s, MSG_DEBUG,
1441 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1442 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1443 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1444 if (wpa_s->pairwise_cipher < 0) {
1445 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1446 "cipher");
1447 return -1;
1448 }
1449 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1450 wpa_cipher_txt(wpa_s->pairwise_cipher));
1451 #endif /* CONFIG_NO_WPA */
1452
1453 sel = ie.key_mgmt & ssid->key_mgmt;
1454 wpa_dbg(wpa_s, MSG_DEBUG,
1455 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1456 ie.key_mgmt, ssid->key_mgmt, sel);
1457 #ifdef CONFIG_SAE
1458 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1459 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1460 #endif /* CONFIG_SAE */
1461 if (0) {
1462 #ifdef CONFIG_IEEE80211R
1463 #ifdef CONFIG_SHA384
1464 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1465 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1466 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1467 wpa_dbg(wpa_s, MSG_DEBUG,
1468 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1469 if (!ssid->ft_eap_pmksa_caching &&
1470 pmksa_cache_get_current(wpa_s->wpa)) {
1471 /* PMKSA caching with FT may have interoperability
1472 * issues, so disable that case by default for now. */
1473 wpa_dbg(wpa_s, MSG_DEBUG,
1474 "WPA: Disable PMKSA caching for FT/802.1X connection");
1475 pmksa_cache_clear_current(wpa_s->wpa);
1476 }
1477 #endif /* CONFIG_SHA384 */
1478 #endif /* CONFIG_IEEE80211R */
1479 #ifdef CONFIG_SUITEB192
1480 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1481 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1482 wpa_dbg(wpa_s, MSG_DEBUG,
1483 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1484 #endif /* CONFIG_SUITEB192 */
1485 #ifdef CONFIG_SUITEB
1486 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1487 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1488 wpa_dbg(wpa_s, MSG_DEBUG,
1489 "WPA: using KEY_MGMT 802.1X with Suite B");
1490 #endif /* CONFIG_SUITEB */
1491 #ifdef CONFIG_FILS
1492 #ifdef CONFIG_IEEE80211R
1493 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1494 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1495 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1496 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1497 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1498 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1499 #endif /* CONFIG_IEEE80211R */
1500 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1501 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1502 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1503 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1504 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1505 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1506 #endif /* CONFIG_FILS */
1507 #ifdef CONFIG_IEEE80211R
1508 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1509 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1510 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1511 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1512 if (!ssid->ft_eap_pmksa_caching &&
1513 pmksa_cache_get_current(wpa_s->wpa)) {
1514 /* PMKSA caching with FT may have interoperability
1515 * issues, so disable that case by default for now. */
1516 wpa_dbg(wpa_s, MSG_DEBUG,
1517 "WPA: Disable PMKSA caching for FT/802.1X connection");
1518 pmksa_cache_clear_current(wpa_s->wpa);
1519 }
1520 #endif /* CONFIG_IEEE80211R */
1521 #ifdef CONFIG_DPP
1522 } else if (sel & WPA_KEY_MGMT_DPP) {
1523 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1524 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1525 #endif /* CONFIG_DPP */
1526 #ifdef CONFIG_SAE
1527 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1528 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1529 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1530 } else if (sel & WPA_KEY_MGMT_SAE) {
1531 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1532 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1533 #endif /* CONFIG_SAE */
1534 #ifdef CONFIG_IEEE80211R
1535 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1536 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1537 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1538 #endif /* CONFIG_IEEE80211R */
1539 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1540 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1541 wpa_dbg(wpa_s, MSG_DEBUG,
1542 "WPA: using KEY_MGMT 802.1X with SHA256");
1543 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1544 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1545 wpa_dbg(wpa_s, MSG_DEBUG,
1546 "WPA: using KEY_MGMT PSK with SHA256");
1547 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1548 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1549 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1550 } else if (sel & WPA_KEY_MGMT_PSK) {
1551 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1552 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1553 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1554 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1555 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1556 #ifdef CONFIG_HS20
1557 } else if (sel & WPA_KEY_MGMT_OSEN) {
1558 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1559 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1560 #endif /* CONFIG_HS20 */
1561 #ifdef CONFIG_OWE
1562 } else if (sel & WPA_KEY_MGMT_OWE) {
1563 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1564 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1565 #endif /* CONFIG_OWE */
1566 } else {
1567 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1568 "authenticated key management type");
1569 return -1;
1570 }
1571
1572 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1573 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1574 wpa_s->pairwise_cipher);
1575 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1576
1577 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1578 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1579 wpa_msg(wpa_s, MSG_INFO,
1580 "RSN: Management frame protection required but the selected AP does not enable it");
1581 return -1;
1582 }
1583
1584 sel = ie.mgmt_group_cipher;
1585 if (ssid->group_mgmt_cipher)
1586 sel &= ssid->group_mgmt_cipher;
1587 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1588 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1589 sel = 0;
1590 wpa_dbg(wpa_s, MSG_DEBUG,
1591 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1592 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1593 if (sel & WPA_CIPHER_AES_128_CMAC) {
1594 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1595 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1596 "AES-128-CMAC");
1597 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1598 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1599 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1600 "BIP-GMAC-128");
1601 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1602 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1603 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1604 "BIP-GMAC-256");
1605 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1606 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1607 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1608 "BIP-CMAC-256");
1609 } else {
1610 wpa_s->mgmt_group_cipher = 0;
1611 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1612 }
1613 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1614 wpa_s->mgmt_group_cipher);
1615 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1616 wpas_get_ssid_pmf(wpa_s, ssid));
1617 #ifdef CONFIG_OCV
1618 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1619 #endif /* CONFIG_OCV */
1620 sae_pwe = wpa_s->conf->sae_pwe;
1621 if (ssid->sae_password_id && sae_pwe != 3)
1622 sae_pwe = 1;
1623 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
1624
1625 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1626 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1627 return -1;
1628 }
1629
1630 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1631 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1632 &wpa_s->rsnxe_len)) {
1633 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1634 return -1;
1635 }
1636
1637 if (0) {
1638 #ifdef CONFIG_DPP
1639 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1640 /* Use PMK from DPP network introduction (PMKSA entry) */
1641 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1642 #endif /* CONFIG_DPP */
1643 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1644 int psk_set = 0;
1645 int sae_only;
1646
1647 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1648 WPA_KEY_MGMT_FT_PSK |
1649 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1650
1651 if (ssid->psk_set && !sae_only) {
1652 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1653 ssid->psk, PMK_LEN);
1654 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1655 NULL);
1656 psk_set = 1;
1657 }
1658
1659 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1660 (ssid->sae_password || ssid->passphrase))
1661 psk_set = 1;
1662
1663 #ifndef CONFIG_NO_PBKDF2
1664 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1665 ssid->passphrase && !sae_only) {
1666 u8 psk[PMK_LEN];
1667 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1668 4096, psk, PMK_LEN);
1669 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1670 psk, PMK_LEN);
1671 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1672 psk_set = 1;
1673 os_memset(psk, 0, sizeof(psk));
1674 }
1675 #endif /* CONFIG_NO_PBKDF2 */
1676 #ifdef CONFIG_EXT_PASSWORD
1677 if (ssid->ext_psk && !sae_only) {
1678 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1679 ssid->ext_psk);
1680 char pw_str[64 + 1];
1681 u8 psk[PMK_LEN];
1682
1683 if (pw == NULL) {
1684 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1685 "found from external storage");
1686 return -1;
1687 }
1688
1689 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1690 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1691 "PSK length %d in external storage",
1692 (int) wpabuf_len(pw));
1693 ext_password_free(pw);
1694 return -1;
1695 }
1696
1697 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1698 pw_str[wpabuf_len(pw)] = '\0';
1699
1700 #ifndef CONFIG_NO_PBKDF2
1701 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1702 {
1703 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1704 4096, psk, PMK_LEN);
1705 os_memset(pw_str, 0, sizeof(pw_str));
1706 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1707 "external passphrase)",
1708 psk, PMK_LEN);
1709 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1710 NULL);
1711 psk_set = 1;
1712 os_memset(psk, 0, sizeof(psk));
1713 } else
1714 #endif /* CONFIG_NO_PBKDF2 */
1715 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1716 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1717 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1718 "Invalid PSK hex string");
1719 os_memset(pw_str, 0, sizeof(pw_str));
1720 ext_password_free(pw);
1721 return -1;
1722 }
1723 wpa_hexdump_key(MSG_MSGDUMP,
1724 "PSK (from external PSK)",
1725 psk, PMK_LEN);
1726 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1727 NULL);
1728 psk_set = 1;
1729 os_memset(psk, 0, sizeof(psk));
1730 } else {
1731 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1732 "PSK available");
1733 os_memset(pw_str, 0, sizeof(pw_str));
1734 ext_password_free(pw);
1735 return -1;
1736 }
1737
1738 os_memset(pw_str, 0, sizeof(pw_str));
1739 ext_password_free(pw);
1740 }
1741 #endif /* CONFIG_EXT_PASSWORD */
1742
1743 if (!psk_set) {
1744 wpa_msg(wpa_s, MSG_INFO,
1745 "No PSK available for association");
1746 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
1747 return -1;
1748 }
1749 #ifdef CONFIG_OWE
1750 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1751 /* OWE Diffie-Hellman exchange in (Re)Association
1752 * Request/Response frames set the PMK, so do not override it
1753 * here. */
1754 #endif /* CONFIG_OWE */
1755 } else
1756 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1757
1758 return 0;
1759 }
1760
1761
1762 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1763 {
1764 *pos = 0x00;
1765
1766 switch (idx) {
1767 case 0: /* Bits 0-7 */
1768 break;
1769 case 1: /* Bits 8-15 */
1770 if (wpa_s->conf->coloc_intf_reporting) {
1771 /* Bit 13 - Collocated Interference Reporting */
1772 *pos |= 0x20;
1773 }
1774 break;
1775 case 2: /* Bits 16-23 */
1776 #ifdef CONFIG_WNM
1777 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1778 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
1779 *pos |= 0x08; /* Bit 19 - BSS Transition */
1780 #endif /* CONFIG_WNM */
1781 break;
1782 case 3: /* Bits 24-31 */
1783 #ifdef CONFIG_WNM
1784 *pos |= 0x02; /* Bit 25 - SSID List */
1785 #endif /* CONFIG_WNM */
1786 #ifdef CONFIG_INTERWORKING
1787 if (wpa_s->conf->interworking)
1788 *pos |= 0x80; /* Bit 31 - Interworking */
1789 #endif /* CONFIG_INTERWORKING */
1790 break;
1791 case 4: /* Bits 32-39 */
1792 #ifdef CONFIG_INTERWORKING
1793 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
1794 *pos |= 0x01; /* Bit 32 - QoS Map */
1795 #endif /* CONFIG_INTERWORKING */
1796 break;
1797 case 5: /* Bits 40-47 */
1798 #ifdef CONFIG_HS20
1799 if (wpa_s->conf->hs20)
1800 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1801 #endif /* CONFIG_HS20 */
1802 #ifdef CONFIG_MBO
1803 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1804 #endif /* CONFIG_MBO */
1805 break;
1806 case 6: /* Bits 48-55 */
1807 break;
1808 case 7: /* Bits 56-63 */
1809 break;
1810 case 8: /* Bits 64-71 */
1811 if (wpa_s->conf->ftm_responder)
1812 *pos |= 0x40; /* Bit 70 - FTM responder */
1813 if (wpa_s->conf->ftm_initiator)
1814 *pos |= 0x80; /* Bit 71 - FTM initiator */
1815 break;
1816 case 9: /* Bits 72-79 */
1817 #ifdef CONFIG_FILS
1818 if (!wpa_s->disable_fils)
1819 *pos |= 0x01;
1820 #endif /* CONFIG_FILS */
1821 break;
1822 }
1823 }
1824
1825
1826 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1827 {
1828 u8 *pos = buf;
1829 u8 len = 10, i;
1830
1831 if (len < wpa_s->extended_capa_len)
1832 len = wpa_s->extended_capa_len;
1833 if (buflen < (size_t) len + 2) {
1834 wpa_printf(MSG_INFO,
1835 "Not enough room for building extended capabilities element");
1836 return -1;
1837 }
1838
1839 *pos++ = WLAN_EID_EXT_CAPAB;
1840 *pos++ = len;
1841 for (i = 0; i < len; i++, pos++) {
1842 wpas_ext_capab_byte(wpa_s, pos, i);
1843
1844 if (i < wpa_s->extended_capa_len) {
1845 *pos &= ~wpa_s->extended_capa_mask[i];
1846 *pos |= wpa_s->extended_capa[i];
1847 }
1848 }
1849
1850 while (len > 0 && buf[1 + len] == 0) {
1851 len--;
1852 buf[1] = len;
1853 }
1854 if (len == 0)
1855 return 0;
1856
1857 return 2 + len;
1858 }
1859
1860
1861 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1862 struct wpa_bss *test_bss)
1863 {
1864 struct wpa_bss *bss;
1865
1866 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1867 if (bss == test_bss)
1868 return 1;
1869 }
1870
1871 return 0;
1872 }
1873
1874
1875 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1876 struct wpa_ssid *test_ssid)
1877 {
1878 struct wpa_ssid *ssid;
1879
1880 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1881 if (ssid == test_ssid)
1882 return 1;
1883 }
1884
1885 return 0;
1886 }
1887
1888
1889 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1890 struct wpa_ssid *test_ssid)
1891 {
1892 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1893 return 0;
1894
1895 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1896 }
1897
1898
1899 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1900 {
1901 if (cwork == NULL)
1902 return;
1903 os_free(cwork);
1904 }
1905
1906
1907 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1908 {
1909 struct wpa_connect_work *cwork;
1910 struct wpa_radio_work *work = wpa_s->connect_work;
1911
1912 if (!work)
1913 return;
1914
1915 wpa_s->connect_work = NULL;
1916 cwork = work->ctx;
1917 work->ctx = NULL;
1918 wpas_connect_work_free(cwork);
1919 radio_work_done(work);
1920 }
1921
1922
1923 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1924 {
1925 struct os_reltime now;
1926 u8 addr[ETH_ALEN];
1927
1928 os_get_reltime(&now);
1929 if (wpa_s->last_mac_addr_style == style &&
1930 wpa_s->last_mac_addr_change.sec != 0 &&
1931 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1932 wpa_s->conf->rand_addr_lifetime)) {
1933 wpa_msg(wpa_s, MSG_DEBUG,
1934 "Previously selected random MAC address has not yet expired");
1935 return 0;
1936 }
1937
1938 switch (style) {
1939 case 1:
1940 if (random_mac_addr(addr) < 0)
1941 return -1;
1942 break;
1943 case 2:
1944 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1945 if (random_mac_addr_keep_oui(addr) < 0)
1946 return -1;
1947 break;
1948 default:
1949 return -1;
1950 }
1951
1952 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1953 wpa_msg(wpa_s, MSG_INFO,
1954 "Failed to set random MAC address");
1955 return -1;
1956 }
1957
1958 os_get_reltime(&wpa_s->last_mac_addr_change);
1959 wpa_s->mac_addr_changed = 1;
1960 wpa_s->last_mac_addr_style = style;
1961
1962 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1963 wpa_msg(wpa_s, MSG_INFO,
1964 "Could not update MAC address information");
1965 return -1;
1966 }
1967
1968 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1969 MAC2STR(addr));
1970
1971 return 0;
1972 }
1973
1974
1975 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1976 {
1977 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1978 !wpa_s->conf->preassoc_mac_addr)
1979 return 0;
1980
1981 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1982 }
1983
1984
1985 static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
1986 {
1987 #ifdef CONFIG_SAE
1988 int *groups = conf->sae_groups;
1989 int default_groups[] = { 19, 20, 21, 0 };
1990 const char *password;
1991
1992 if (!groups || groups[0] <= 0)
1993 groups = default_groups;
1994
1995 password = ssid->sae_password;
1996 if (!password)
1997 password = ssid->passphrase;
1998
1999 if ((conf->sae_pwe == 0 && !ssid->sae_password_id) || !password ||
2000 conf->sae_pwe == 3) {
2001 /* PT derivation not needed */
2002 sae_deinit_pt(ssid->pt);
2003 ssid->pt = NULL;
2004 return;
2005 }
2006
2007 if (ssid->pt)
2008 return; /* PT already derived */
2009 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2010 (const u8 *) password, os_strlen(password),
2011 ssid->sae_password_id);
2012 #endif /* CONFIG_SAE */
2013 }
2014
2015
2016 static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2017 {
2018 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2019 os_free(wpa_s->sme.sae_rejected_groups);
2020 wpa_s->sme.sae_rejected_groups = NULL;
2021 #ifdef CONFIG_TESTING_OPTIONS
2022 if (wpa_s->extra_sae_rejected_groups) {
2023 int i, *groups = wpa_s->extra_sae_rejected_groups;
2024
2025 for (i = 0; groups[i]; i++) {
2026 wpa_printf(MSG_DEBUG,
2027 "TESTING: Indicate rejection of an extra SAE group %d",
2028 groups[i]);
2029 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2030 groups[i]);
2031 }
2032 }
2033 #endif /* CONFIG_TESTING_OPTIONS */
2034 #endif /* CONFIG_SAE && CONFIG_SME */
2035 }
2036
2037
2038 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2039
2040 /**
2041 * wpa_supplicant_associate - Request association
2042 * @wpa_s: Pointer to wpa_supplicant data
2043 * @bss: Scan results for the selected BSS, or %NULL if not available
2044 * @ssid: Configuration data for the selected network
2045 *
2046 * This function is used to request %wpa_supplicant to associate with a BSS.
2047 */
2048 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2049 struct wpa_bss *bss, struct wpa_ssid *ssid)
2050 {
2051 struct wpa_connect_work *cwork;
2052 int rand_style;
2053
2054 wpa_s->own_disconnect_req = 0;
2055
2056 /*
2057 * If we are starting a new connection, any previously pending EAPOL
2058 * RX cannot be valid anymore.
2059 */
2060 wpabuf_free(wpa_s->pending_eapol_rx);
2061 wpa_s->pending_eapol_rx = NULL;
2062
2063 if (ssid->mac_addr == -1)
2064 rand_style = wpa_s->conf->mac_addr;
2065 else
2066 rand_style = ssid->mac_addr;
2067
2068 wmm_ac_clear_saved_tspecs(wpa_s);
2069 wpa_s->reassoc_same_bss = 0;
2070 wpa_s->reassoc_same_ess = 0;
2071 #ifdef CONFIG_TESTING_OPTIONS
2072 wpa_s->testing_resend_assoc = 0;
2073 #endif /* CONFIG_TESTING_OPTIONS */
2074
2075 if (wpa_s->last_ssid == ssid) {
2076 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2077 wpa_s->reassoc_same_ess = 1;
2078 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2079 wmm_ac_save_tspecs(wpa_s);
2080 wpa_s->reassoc_same_bss = 1;
2081 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2082 os_get_reltime(&wpa_s->roam_start);
2083 }
2084 } else {
2085 #ifdef CONFIG_SAE
2086 wpa_s_clear_sae_rejected(wpa_s);
2087 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2088 #endif /* CONFIG_SAE */
2089 }
2090
2091 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
2092 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
2093 return;
2094 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2095 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
2096 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2097 wpa_msg(wpa_s, MSG_INFO,
2098 "Could not restore permanent MAC address");
2099 return;
2100 }
2101 wpa_s->mac_addr_changed = 0;
2102 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2103 wpa_msg(wpa_s, MSG_INFO,
2104 "Could not update MAC address information");
2105 return;
2106 }
2107 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2108 }
2109 wpa_s->last_ssid = ssid;
2110
2111 #ifdef CONFIG_IBSS_RSN
2112 ibss_rsn_deinit(wpa_s->ibss_rsn);
2113 wpa_s->ibss_rsn = NULL;
2114 #else /* CONFIG_IBSS_RSN */
2115 if (ssid->mode == WPAS_MODE_IBSS &&
2116 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2117 wpa_msg(wpa_s, MSG_INFO,
2118 "IBSS RSN not supported in the build");
2119 return;
2120 }
2121 #endif /* CONFIG_IBSS_RSN */
2122
2123 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2124 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2125 #ifdef CONFIG_AP
2126 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2127 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2128 "mode");
2129 return;
2130 }
2131 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2132 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2133 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2134 wpas_p2p_ap_setup_failed(wpa_s);
2135 return;
2136 }
2137 wpa_s->current_bss = bss;
2138 #else /* CONFIG_AP */
2139 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2140 "the build");
2141 #endif /* CONFIG_AP */
2142 return;
2143 }
2144
2145 if (ssid->mode == WPAS_MODE_MESH) {
2146 #ifdef CONFIG_MESH
2147 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2148 wpa_msg(wpa_s, MSG_INFO,
2149 "Driver does not support mesh mode");
2150 return;
2151 }
2152 if (bss)
2153 ssid->frequency = bss->freq;
2154 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2155 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2156 return;
2157 }
2158 wpa_s->current_bss = bss;
2159 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
2160 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
2161 ssid->id);
2162 wpas_notify_mesh_group_started(wpa_s, ssid);
2163 #else /* CONFIG_MESH */
2164 wpa_msg(wpa_s, MSG_ERROR,
2165 "mesh mode support not included in the build");
2166 #endif /* CONFIG_MESH */
2167 return;
2168 }
2169
2170 /*
2171 * Set WPA state machine configuration to match the selected network now
2172 * so that the information is available before wpas_start_assoc_cb()
2173 * gets called. This is needed at least for RSN pre-authentication where
2174 * candidate APs are added to a list based on scan result processing
2175 * before completion of the first association.
2176 */
2177 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2178
2179 #ifdef CONFIG_DPP
2180 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2181 return;
2182 #endif /* CONFIG_DPP */
2183
2184 #ifdef CONFIG_TDLS
2185 if (bss)
2186 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
2187 bss->ie_len);
2188 #endif /* CONFIG_TDLS */
2189
2190 #ifdef CONFIG_MBO
2191 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2192 #endif /* CONFIG_MBO */
2193
2194 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2195 ssid->mode == WPAS_MODE_INFRA) {
2196 sme_authenticate(wpa_s, bss, ssid);
2197 return;
2198 }
2199
2200 if (wpa_s->connect_work) {
2201 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2202 return;
2203 }
2204
2205 if (radio_work_pending(wpa_s, "connect")) {
2206 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2207 return;
2208 }
2209
2210 #ifdef CONFIG_SME
2211 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2212 /* Clear possibly set auth_alg, if any, from last attempt. */
2213 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2214 }
2215 #endif /* CONFIG_SME */
2216
2217 wpas_abort_ongoing_scan(wpa_s);
2218
2219 cwork = os_zalloc(sizeof(*cwork));
2220 if (cwork == NULL)
2221 return;
2222
2223 cwork->bss = bss;
2224 cwork->ssid = ssid;
2225
2226 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2227 wpas_start_assoc_cb, cwork) < 0) {
2228 os_free(cwork);
2229 }
2230 }
2231
2232
2233 static int bss_is_ibss(struct wpa_bss *bss)
2234 {
2235 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2236 IEEE80211_CAP_IBSS;
2237 }
2238
2239
2240 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2241 const struct wpa_ssid *ssid)
2242 {
2243 enum hostapd_hw_mode hw_mode;
2244 struct hostapd_hw_modes *mode = NULL;
2245 u8 channel;
2246 int i;
2247
2248 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2249 if (hw_mode == NUM_HOSTAPD_MODES)
2250 return 0;
2251 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2252 if (wpa_s->hw.modes[i].mode == hw_mode) {
2253 mode = &wpa_s->hw.modes[i];
2254 break;
2255 }
2256 }
2257
2258 if (!mode)
2259 return 0;
2260
2261 return mode->vht_capab != 0;
2262 }
2263
2264
2265 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2266 const struct wpa_ssid *ssid,
2267 struct hostapd_freq_params *freq)
2268 {
2269 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
2270 enum hostapd_hw_mode hw_mode;
2271 struct hostapd_hw_modes *mode = NULL;
2272 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2273 184, 192 };
2274 int vht80[] = { 36, 52, 100, 116, 132, 149 };
2275 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2276 u8 channel;
2277 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2278 unsigned int j, k;
2279 struct hostapd_freq_params vht_freq;
2280 int chwidth, seg0, seg1;
2281 u32 vht_caps = 0;
2282 int is_24ghz;
2283
2284 freq->freq = ssid->frequency;
2285
2286 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2287 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2288
2289 if (ssid->mode != WPAS_MODE_IBSS)
2290 break;
2291
2292 /* Don't adjust control freq in case of fixed_freq */
2293 if (ssid->fixed_freq)
2294 break;
2295
2296 if (!bss_is_ibss(bss))
2297 continue;
2298
2299 if (ssid->ssid_len == bss->ssid_len &&
2300 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2301 wpa_printf(MSG_DEBUG,
2302 "IBSS already found in scan results, adjust control freq: %d",
2303 bss->freq);
2304 freq->freq = bss->freq;
2305 obss_scan = 0;
2306 break;
2307 }
2308 }
2309
2310 /* For IBSS check HT_IBSS flag */
2311 if (ssid->mode == WPAS_MODE_IBSS &&
2312 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2313 return;
2314
2315 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2316 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2317 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2318 wpa_printf(MSG_DEBUG,
2319 "IBSS: WEP/TKIP detected, do not try to enable HT");
2320 return;
2321 }
2322
2323 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2324 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2325 if (wpa_s->hw.modes[i].mode == hw_mode) {
2326 mode = &wpa_s->hw.modes[i];
2327 break;
2328 }
2329 }
2330
2331 if (!mode)
2332 return;
2333
2334 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2335 hw_mode == HOSTAPD_MODE_IEEE80211B;
2336
2337 #ifdef CONFIG_HT_OVERRIDES
2338 if (ssid->disable_ht) {
2339 freq->ht_enabled = 0;
2340 return;
2341 }
2342 #endif /* CONFIG_HT_OVERRIDES */
2343
2344 freq->ht_enabled = ht_supported(mode);
2345 if (!freq->ht_enabled)
2346 return;
2347
2348 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2349 if (is_24ghz)
2350 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2351
2352 /* Setup higher BW only for 5 GHz */
2353 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2354 return;
2355
2356 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2357 pri_chan = &mode->channels[chan_idx];
2358 if (pri_chan->chan == channel)
2359 break;
2360 pri_chan = NULL;
2361 }
2362 if (!pri_chan)
2363 return;
2364
2365 /* Check primary channel flags */
2366 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2367 return;
2368
2369 freq->channel = pri_chan->chan;
2370
2371 #ifdef CONFIG_HT_OVERRIDES
2372 if (ssid->disable_ht40) {
2373 if (ssid->disable_vht)
2374 return;
2375 goto skip_ht40;
2376 }
2377 #endif /* CONFIG_HT_OVERRIDES */
2378
2379 /* Check/setup HT40+/HT40- */
2380 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2381 if (ht40plus[j] == channel) {
2382 ht40 = 1;
2383 break;
2384 }
2385 }
2386
2387 /* Find secondary channel */
2388 for (i = 0; i < mode->num_channels; i++) {
2389 sec_chan = &mode->channels[i];
2390 if (sec_chan->chan == channel + ht40 * 4)
2391 break;
2392 sec_chan = NULL;
2393 }
2394 if (!sec_chan)
2395 return;
2396
2397 /* Check secondary channel flags */
2398 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2399 return;
2400
2401 if (ht40 == -1) {
2402 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2403 return;
2404 } else {
2405 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2406 return;
2407 }
2408 freq->sec_channel_offset = ht40;
2409
2410 if (obss_scan) {
2411 struct wpa_scan_results *scan_res;
2412
2413 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2414 if (scan_res == NULL) {
2415 /* Back to HT20 */
2416 freq->sec_channel_offset = 0;
2417 return;
2418 }
2419
2420 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
2421 switch (res) {
2422 case 0:
2423 /* Back to HT20 */
2424 freq->sec_channel_offset = 0;
2425 break;
2426 case 1:
2427 /* Configuration allowed */
2428 break;
2429 case 2:
2430 /* Switch pri/sec channels */
2431 freq->freq = hw_get_freq(mode, sec_chan->chan);
2432 freq->sec_channel_offset = -freq->sec_channel_offset;
2433 freq->channel = sec_chan->chan;
2434 break;
2435 default:
2436 freq->sec_channel_offset = 0;
2437 break;
2438 }
2439
2440 wpa_scan_results_free(scan_res);
2441 }
2442
2443 #ifdef CONFIG_HT_OVERRIDES
2444 skip_ht40:
2445 #endif /* CONFIG_HT_OVERRIDES */
2446 wpa_printf(MSG_DEBUG,
2447 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2448 freq->channel, freq->sec_channel_offset);
2449
2450 if (!drv_supports_vht(wpa_s, ssid))
2451 return;
2452
2453 /* For IBSS check VHT_IBSS flag */
2454 if (ssid->mode == WPAS_MODE_IBSS &&
2455 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2456 return;
2457
2458 vht_freq = *freq;
2459
2460 #ifdef CONFIG_VHT_OVERRIDES
2461 if (ssid->disable_vht) {
2462 freq->vht_enabled = 0;
2463 return;
2464 }
2465 #endif /* CONFIG_VHT_OVERRIDES */
2466
2467 vht_freq.vht_enabled = vht_supported(mode);
2468 if (!vht_freq.vht_enabled)
2469 return;
2470
2471 /* Enable HE for VHT */
2472 vht_freq.he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2473
2474 /* setup center_freq1, bandwidth */
2475 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2476 if (freq->channel >= vht80[j] &&
2477 freq->channel < vht80[j] + 16)
2478 break;
2479 }
2480
2481 if (j == ARRAY_SIZE(vht80))
2482 return;
2483
2484 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2485 struct hostapd_channel_data *chan;
2486
2487 chan = hw_get_channel_chan(mode, i, NULL);
2488 if (!chan)
2489 return;
2490
2491 /* Back to HT configuration if channel not usable */
2492 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2493 return;
2494 }
2495
2496 chwidth = CHANWIDTH_80MHZ;
2497 seg0 = vht80[j] + 6;
2498 seg1 = 0;
2499
2500 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
2501 /* setup center_freq2, bandwidth */
2502 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2503 /* Only accept 80 MHz segments separated by a gap */
2504 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2505 continue;
2506 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2507 struct hostapd_channel_data *chan;
2508
2509 chan = hw_get_channel_chan(mode, i, NULL);
2510 if (!chan)
2511 continue;
2512
2513 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2514 HOSTAPD_CHAN_NO_IR |
2515 HOSTAPD_CHAN_RADAR))
2516 continue;
2517
2518 /* Found a suitable second segment for 80+80 */
2519 chwidth = CHANWIDTH_80P80MHZ;
2520 vht_caps |=
2521 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2522 seg1 = vht80[k] + 6;
2523 }
2524
2525 if (chwidth == CHANWIDTH_80P80MHZ)
2526 break;
2527 }
2528 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
2529 if (freq->freq == 5180) {
2530 chwidth = CHANWIDTH_160MHZ;
2531 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2532 seg0 = 50;
2533 } else if (freq->freq == 5520) {
2534 chwidth = CHANWIDTH_160MHZ;
2535 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2536 seg0 = 114;
2537 }
2538 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2539 chwidth = CHANWIDTH_USE_HT;
2540 seg0 = vht80[j] + 2;
2541 #ifdef CONFIG_HT_OVERRIDES
2542 if (ssid->disable_ht40)
2543 seg0 = 0;
2544 #endif /* CONFIG_HT_OVERRIDES */
2545 }
2546
2547 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2548 freq->channel, ssid->enable_edmg,
2549 ssid->edmg_channel, freq->ht_enabled,
2550 vht_freq.vht_enabled, freq->he_enabled,
2551 freq->sec_channel_offset,
2552 chwidth, seg0, seg1, vht_caps,
2553 &mode->he_capab[ieee80211_mode]) != 0)
2554 return;
2555
2556 *freq = vht_freq;
2557
2558 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2559 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2560 }
2561
2562
2563 #ifdef CONFIG_FILS
2564 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2565 size_t ie_buf_len)
2566 {
2567 struct fils_hlp_req *req;
2568 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2569 const u8 *pos;
2570 u8 *buf = ie_buf;
2571
2572 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2573 list) {
2574 rem_len = ie_buf_len - ie_len;
2575 pos = wpabuf_head(req->pkt);
2576 hdr_len = 1 + 2 * ETH_ALEN + 6;
2577 hlp_len = wpabuf_len(req->pkt);
2578
2579 if (rem_len < 2 + hdr_len + hlp_len) {
2580 wpa_printf(MSG_ERROR,
2581 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2582 (unsigned long) rem_len,
2583 (unsigned long) (2 + hdr_len + hlp_len));
2584 break;
2585 }
2586
2587 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2588 /* Element ID */
2589 *buf++ = WLAN_EID_EXTENSION;
2590 /* Length */
2591 *buf++ = len;
2592 /* Element ID Extension */
2593 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2594 /* Destination MAC address */
2595 os_memcpy(buf, req->dst, ETH_ALEN);
2596 buf += ETH_ALEN;
2597 /* Source MAC address */
2598 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2599 buf += ETH_ALEN;
2600 /* LLC/SNAP Header */
2601 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2602 buf += 6;
2603 /* HLP Packet */
2604 os_memcpy(buf, pos, len - hdr_len);
2605 buf += len - hdr_len;
2606 pos += len - hdr_len;
2607
2608 hlp_len -= len - hdr_len;
2609 ie_len += 2 + len;
2610 rem_len -= 2 + len;
2611
2612 while (hlp_len) {
2613 len = (hlp_len > 255) ? 255 : hlp_len;
2614 if (rem_len < 2 + len)
2615 break;
2616 *buf++ = WLAN_EID_FRAGMENT;
2617 *buf++ = len;
2618 os_memcpy(buf, pos, len);
2619 buf += len;
2620 pos += len;
2621
2622 hlp_len -= len;
2623 ie_len += 2 + len;
2624 rem_len -= 2 + len;
2625 }
2626 }
2627
2628 return ie_len;
2629 }
2630
2631
2632 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2633 {
2634 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2635 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2636 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2637 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2638 }
2639
2640
2641 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2642 {
2643 #ifdef CONFIG_FILS_SK_PFS
2644 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2645 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2646 #else /* CONFIG_FILS_SK_PFS */
2647 return 0;
2648 #endif /* CONFIG_FILS_SK_PFS */
2649 }
2650
2651 #endif /* CONFIG_FILS */
2652
2653
2654 static u8 * wpas_populate_assoc_ies(
2655 struct wpa_supplicant *wpa_s,
2656 struct wpa_bss *bss, struct wpa_ssid *ssid,
2657 struct wpa_driver_associate_params *params,
2658 enum wpa_drv_update_connect_params_mask *mask)
2659 {
2660 u8 *wpa_ie;
2661 size_t max_wpa_ie_len = 500;
2662 size_t wpa_ie_len;
2663 int algs = WPA_AUTH_ALG_OPEN;
2664 #ifdef CONFIG_MBO
2665 const u8 *mbo_ie;
2666 #endif
2667 #ifdef CONFIG_SAE
2668 int sae_pmksa_cached = 0;
2669 #endif /* CONFIG_SAE */
2670 #ifdef CONFIG_FILS
2671 const u8 *realm, *username, *rrk;
2672 size_t realm_len, username_len, rrk_len;
2673 u16 next_seq_num;
2674 struct fils_hlp_req *req;
2675
2676 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2677 list) {
2678 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2679 2 + 2 * wpabuf_len(req->pkt) / 255;
2680 }
2681 #endif /* CONFIG_FILS */
2682
2683 wpa_ie = os_malloc(max_wpa_ie_len);
2684 if (!wpa_ie) {
2685 wpa_printf(MSG_ERROR,
2686 "Failed to allocate connect IE buffer for %lu bytes",
2687 (unsigned long) max_wpa_ie_len);
2688 return NULL;
2689 }
2690
2691 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2692 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2693 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2694 int try_opportunistic;
2695 const u8 *cache_id = NULL;
2696
2697 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2698 wpa_s->conf->okc :
2699 ssid->proactive_key_caching) &&
2700 (ssid->proto & WPA_PROTO_RSN);
2701 #ifdef CONFIG_FILS
2702 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2703 cache_id = wpa_bss_get_fils_cache_id(bss);
2704 #endif /* CONFIG_FILS */
2705 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2706 ssid, try_opportunistic,
2707 cache_id, 0) == 0) {
2708 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2709 #ifdef CONFIG_SAE
2710 sae_pmksa_cached = 1;
2711 #endif /* CONFIG_SAE */
2712 }
2713 wpa_ie_len = max_wpa_ie_len;
2714 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2715 wpa_ie, &wpa_ie_len)) {
2716 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2717 "key management and encryption suites");
2718 os_free(wpa_ie);
2719 return NULL;
2720 }
2721 #ifdef CONFIG_HS20
2722 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2723 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2724 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2725 wpa_ie_len = max_wpa_ie_len;
2726 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2727 wpa_ie, &wpa_ie_len)) {
2728 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2729 "key management and encryption suites");
2730 os_free(wpa_ie);
2731 return NULL;
2732 }
2733 #endif /* CONFIG_HS20 */
2734 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2735 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2736 /*
2737 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2738 * use non-WPA since the scan results did not indicate that the
2739 * AP is using WPA or WPA2.
2740 */
2741 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2742 wpa_ie_len = 0;
2743 wpa_s->wpa_proto = 0;
2744 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2745 wpa_ie_len = max_wpa_ie_len;
2746 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2747 wpa_ie, &wpa_ie_len)) {
2748 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2749 "key management and encryption suites (no "
2750 "scan results)");
2751 os_free(wpa_ie);
2752 return NULL;
2753 }
2754 #ifdef CONFIG_WPS
2755 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2756 struct wpabuf *wps_ie;
2757 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2758 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
2759 wpa_ie_len = wpabuf_len(wps_ie);
2760 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2761 } else
2762 wpa_ie_len = 0;
2763 wpabuf_free(wps_ie);
2764 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2765 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2766 params->wps = WPS_MODE_PRIVACY;
2767 else
2768 params->wps = WPS_MODE_OPEN;
2769 wpa_s->wpa_proto = 0;
2770 #endif /* CONFIG_WPS */
2771 } else {
2772 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2773 wpa_ie_len = 0;
2774 wpa_s->wpa_proto = 0;
2775 }
2776
2777 #ifdef IEEE8021X_EAPOL
2778 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2779 if (ssid->leap) {
2780 if (ssid->non_leap == 0)
2781 algs = WPA_AUTH_ALG_LEAP;
2782 else
2783 algs |= WPA_AUTH_ALG_LEAP;
2784 }
2785 }
2786
2787 #ifdef CONFIG_FILS
2788 /* Clear FILS association */
2789 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2790
2791 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2792 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2793 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2794 &username_len, &realm, &realm_len,
2795 &next_seq_num, &rrk, &rrk_len) == 0 &&
2796 (!wpa_s->last_con_fail_realm ||
2797 wpa_s->last_con_fail_realm_len != realm_len ||
2798 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
2799 algs = WPA_AUTH_ALG_FILS;
2800 params->fils_erp_username = username;
2801 params->fils_erp_username_len = username_len;
2802 params->fils_erp_realm = realm;
2803 params->fils_erp_realm_len = realm_len;
2804 params->fils_erp_next_seq_num = next_seq_num;
2805 params->fils_erp_rrk = rrk;
2806 params->fils_erp_rrk_len = rrk_len;
2807
2808 if (mask)
2809 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
2810 }
2811 #endif /* CONFIG_FILS */
2812 #endif /* IEEE8021X_EAPOL */
2813 #ifdef CONFIG_SAE
2814 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2815 algs = WPA_AUTH_ALG_SAE;
2816 #endif /* CONFIG_SAE */
2817
2818 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2819 if (ssid->auth_alg) {
2820 algs = ssid->auth_alg;
2821 wpa_dbg(wpa_s, MSG_DEBUG,
2822 "Overriding auth_alg selection: 0x%x", algs);
2823 }
2824
2825 #ifdef CONFIG_SAE
2826 if (sae_pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
2827 wpa_dbg(wpa_s, MSG_DEBUG,
2828 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2829 algs = WPA_AUTH_ALG_OPEN;
2830 }
2831 #endif /* CONFIG_SAE */
2832
2833 #ifdef CONFIG_P2P
2834 if (wpa_s->global->p2p) {
2835 u8 *pos;
2836 size_t len;
2837 int res;
2838 pos = wpa_ie + wpa_ie_len;
2839 len = max_wpa_ie_len - wpa_ie_len;
2840 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2841 ssid->p2p_group);
2842 if (res >= 0)
2843 wpa_ie_len += res;
2844 }
2845
2846 wpa_s->cross_connect_disallowed = 0;
2847 if (bss) {
2848 struct wpabuf *p2p;
2849 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2850 if (p2p) {
2851 wpa_s->cross_connect_disallowed =
2852 p2p_get_cross_connect_disallowed(p2p);
2853 wpabuf_free(p2p);
2854 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2855 "connection",
2856 wpa_s->cross_connect_disallowed ?
2857 "disallows" : "allows");
2858 }
2859 }
2860
2861 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2862 #endif /* CONFIG_P2P */
2863
2864 if (bss) {
2865 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
2866 wpa_ie + wpa_ie_len,
2867 max_wpa_ie_len -
2868 wpa_ie_len);
2869 }
2870
2871 /*
2872 * Workaround: Add Extended Capabilities element only if the AP
2873 * included this element in Beacon/Probe Response frames. Some older
2874 * APs seem to have interoperability issues if this element is
2875 * included, so while the standard may require us to include the
2876 * element in all cases, it is justifiable to skip it to avoid
2877 * interoperability issues.
2878 */
2879 if (ssid->p2p_group)
2880 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2881 else
2882 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2883
2884 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2885 u8 ext_capab[18];
2886 int ext_capab_len;
2887 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2888 sizeof(ext_capab));
2889 if (ext_capab_len > 0 &&
2890 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
2891 u8 *pos = wpa_ie;
2892 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2893 pos += 2 + pos[1];
2894 os_memmove(pos + ext_capab_len, pos,
2895 wpa_ie_len - (pos - wpa_ie));
2896 wpa_ie_len += ext_capab_len;
2897 os_memcpy(pos, ext_capab, ext_capab_len);
2898 }
2899 }
2900
2901 #ifdef CONFIG_HS20
2902 if (is_hs20_network(wpa_s, ssid, bss)) {
2903 struct wpabuf *hs20;
2904
2905 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
2906 if (hs20) {
2907 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2908 size_t len;
2909
2910 wpas_hs20_add_indication(hs20, pps_mo_id,
2911 get_hs20_version(bss));
2912 wpas_hs20_add_roam_cons_sel(hs20, ssid);
2913 len = max_wpa_ie_len - wpa_ie_len;
2914 if (wpabuf_len(hs20) <= len) {
2915 os_memcpy(wpa_ie + wpa_ie_len,
2916 wpabuf_head(hs20), wpabuf_len(hs20));
2917 wpa_ie_len += wpabuf_len(hs20);
2918 }
2919 wpabuf_free(hs20);
2920
2921 hs20_configure_frame_filters(wpa_s);
2922 }
2923 }
2924 #endif /* CONFIG_HS20 */
2925
2926 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2927 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2928 size_t len;
2929
2930 len = max_wpa_ie_len - wpa_ie_len;
2931 if (wpabuf_len(buf) <= len) {
2932 os_memcpy(wpa_ie + wpa_ie_len,
2933 wpabuf_head(buf), wpabuf_len(buf));
2934 wpa_ie_len += wpabuf_len(buf);
2935 }
2936 }
2937
2938 #ifdef CONFIG_FST
2939 if (wpa_s->fst_ies) {
2940 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2941
2942 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
2943 os_memcpy(wpa_ie + wpa_ie_len,
2944 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2945 wpa_ie_len += fst_ies_len;
2946 }
2947 }
2948 #endif /* CONFIG_FST */
2949
2950 #ifdef CONFIG_MBO
2951 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
2952 if (!wpa_s->disable_mbo_oce && mbo_ie) {
2953 int len;
2954
2955 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2956 max_wpa_ie_len - wpa_ie_len,
2957 !!mbo_attr_from_mbo_ie(mbo_ie,
2958 OCE_ATTR_ID_CAPA_IND));
2959 if (len >= 0)
2960 wpa_ie_len += len;
2961 }
2962 #endif /* CONFIG_MBO */
2963
2964 #ifdef CONFIG_FILS
2965 if (algs == WPA_AUTH_ALG_FILS) {
2966 size_t len;
2967
2968 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2969 max_wpa_ie_len - wpa_ie_len);
2970 wpa_ie_len += len;
2971 }
2972 #endif /* CONFIG_FILS */
2973
2974 #ifdef CONFIG_OWE
2975 #ifdef CONFIG_TESTING_OPTIONS
2976 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2977 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2978 } else
2979 #endif /* CONFIG_TESTING_OPTIONS */
2980 if (algs == WPA_AUTH_ALG_OPEN &&
2981 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2982 struct wpabuf *owe_ie;
2983 u16 group;
2984
2985 if (ssid->owe_group) {
2986 group = ssid->owe_group;
2987 } else if (wpa_s->assoc_status_code ==
2988 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
2989 if (wpa_s->last_owe_group == 19)
2990 group = 20;
2991 else if (wpa_s->last_owe_group == 20)
2992 group = 21;
2993 else
2994 group = OWE_DH_GROUP;
2995 } else {
2996 group = OWE_DH_GROUP;
2997 }
2998
2999 wpa_s->last_owe_group = group;
3000 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3001 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3002 if (owe_ie &&
3003 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3004 os_memcpy(wpa_ie + wpa_ie_len,
3005 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3006 wpa_ie_len += wpabuf_len(owe_ie);
3007 }
3008 wpabuf_free(owe_ie);
3009 }
3010 #endif /* CONFIG_OWE */
3011
3012 #ifdef CONFIG_DPP2
3013 if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3014 ssid->dpp_netaccesskey) {
3015 dpp_pfs_free(wpa_s->dpp_pfs);
3016 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3017 ssid->dpp_netaccesskey_len);
3018 if (!wpa_s->dpp_pfs) {
3019 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3020 /* Try to continue without PFS */
3021 goto pfs_fail;
3022 }
3023 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3024 max_wpa_ie_len - wpa_ie_len) {
3025 os_memcpy(wpa_ie + wpa_ie_len,
3026 wpabuf_head(wpa_s->dpp_pfs->ie),
3027 wpabuf_len(wpa_s->dpp_pfs->ie));
3028 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3029 }
3030 }
3031 pfs_fail:
3032 #endif /* CONFIG_DPP2 */
3033
3034 #ifdef CONFIG_IEEE80211R
3035 /*
3036 * Add MDIE under these conditions: the network profile allows FT,
3037 * the AP supports FT, and the mobility domain ID matches.
3038 */
3039 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3040 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3041
3042 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3043 size_t len = 0;
3044 const u8 *md = mdie + 2;
3045 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3046
3047 if (os_memcmp(md, wpa_md,
3048 MOBILITY_DOMAIN_ID_LEN) == 0) {
3049 /* Add mobility domain IE */
3050 len = wpa_ft_add_mdie(
3051 wpa_s->wpa, wpa_ie + wpa_ie_len,
3052 max_wpa_ie_len - wpa_ie_len, mdie);
3053 wpa_ie_len += len;
3054 }
3055 #ifdef CONFIG_SME
3056 if (len > 0 && wpa_s->sme.ft_used &&
3057 wpa_sm_has_ptk(wpa_s->wpa)) {
3058 wpa_dbg(wpa_s, MSG_DEBUG,
3059 "SME: Trying to use FT over-the-air");
3060 algs |= WPA_AUTH_ALG_FT;
3061 }
3062 #endif /* CONFIG_SME */
3063 }
3064 }
3065 #endif /* CONFIG_IEEE80211R */
3066
3067 #ifdef CONFIG_TESTING_OPTIONS
3068 if (wpa_s->rsnxe_override_assoc &&
3069 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3070 max_wpa_ie_len - wpa_ie_len) {
3071 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3072 os_memcpy(wpa_ie + wpa_ie_len,
3073 wpabuf_head(wpa_s->rsnxe_override_assoc),
3074 wpabuf_len(wpa_s->rsnxe_override_assoc));
3075 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3076 } else
3077 #endif /* CONFIG_TESTING_OPTIONS */
3078 if (wpa_s->rsnxe_len > 0 &&
3079 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3080 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3081 wpa_ie_len += wpa_s->rsnxe_len;
3082 }
3083
3084 if (ssid->multi_ap_backhaul_sta) {
3085 size_t multi_ap_ie_len;
3086
3087 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3088 max_wpa_ie_len - wpa_ie_len,
3089 MULTI_AP_BACKHAUL_STA);
3090 if (multi_ap_ie_len == 0) {
3091 wpa_printf(MSG_ERROR,
3092 "Multi-AP: Failed to build Multi-AP IE");
3093 os_free(wpa_ie);
3094 return NULL;
3095 }
3096 wpa_ie_len += multi_ap_ie_len;
3097 }
3098
3099 params->wpa_ie = wpa_ie;
3100 params->wpa_ie_len = wpa_ie_len;
3101 params->auth_alg = algs;
3102 if (mask)
3103 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3104
3105 return wpa_ie;
3106 }
3107
3108
3109 #ifdef CONFIG_OWE
3110 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3111 {
3112 struct wpa_driver_associate_params params;
3113 u8 *wpa_ie;
3114
3115 os_memset(&params, 0, sizeof(params));
3116 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3117 wpa_s->current_ssid, &params, NULL);
3118 if (!wpa_ie)
3119 return;
3120
3121 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3122 os_free(wpa_ie);
3123 }
3124 #endif /* CONFIG_OWE */
3125
3126
3127 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
3128 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3129 {
3130 struct wpa_driver_associate_params params;
3131 enum wpa_drv_update_connect_params_mask mask = 0;
3132 u8 *wpa_ie;
3133
3134 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3135 return; /* nothing to do */
3136
3137 os_memset(&params, 0, sizeof(params));
3138 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3139 wpa_s->current_ssid, &params, &mask);
3140 if (!wpa_ie)
3141 return;
3142
3143 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
3144 os_free(wpa_ie);
3145 return;
3146 }
3147
3148 wpa_s->auth_alg = params.auth_alg;
3149 wpa_drv_update_connect_params(wpa_s, &params, mask);
3150 os_free(wpa_ie);
3151 }
3152 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3153
3154
3155 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3156 {
3157 if (!edmg_ie || edmg_ie[1] < 6)
3158 return 0;
3159 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3160 }
3161
3162
3163 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3164 {
3165 if (!edmg_ie || edmg_ie[1] < 6)
3166 return 0;
3167 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3168 }
3169
3170
3171 /* Returns the intersection of two EDMG configurations.
3172 * Note: The current implementation is limited to CB2 only (CB1 included),
3173 * i.e., the implementation supports up to 2 contiguous channels.
3174 * For supporting non-contiguous (aggregated) channels and for supporting
3175 * CB3 and above, this function will need to be extended.
3176 */
3177 static struct ieee80211_edmg_config
3178 get_edmg_intersection(struct ieee80211_edmg_config a,
3179 struct ieee80211_edmg_config b,
3180 u8 primary_channel)
3181 {
3182 struct ieee80211_edmg_config result;
3183 int i, contiguous = 0;
3184 int max_contiguous = 0;
3185
3186 result.channels = b.channels & a.channels;
3187 if (!result.channels) {
3188 wpa_printf(MSG_DEBUG,
3189 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3190 a.channels, b.channels);
3191 goto fail;
3192 }
3193
3194 if (!(result.channels & BIT(primary_channel - 1))) {
3195 wpa_printf(MSG_DEBUG,
3196 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3197 primary_channel, result.channels);
3198 goto fail;
3199 }
3200
3201 /* Find max contiguous channels */
3202 for (i = 0; i < 6; i++) {
3203 if (result.channels & BIT(i))
3204 contiguous++;
3205 else
3206 contiguous = 0;
3207
3208 if (contiguous > max_contiguous)
3209 max_contiguous = contiguous;
3210 }
3211
3212 /* Assuming AP and STA supports ONLY contiguous channels,
3213 * bw configuration can have value between 4-7.
3214 */
3215 if ((b.bw_config < a.bw_config))
3216 result.bw_config = b.bw_config;
3217 else
3218 result.bw_config = a.bw_config;
3219
3220 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3221 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3222 wpa_printf(MSG_DEBUG,
3223 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3224 max_contiguous);
3225 goto fail;
3226 }
3227
3228 return result;
3229
3230 fail:
3231 result.channels = 0;
3232 result.bw_config = 0;
3233 return result;
3234 }
3235
3236
3237 static struct ieee80211_edmg_config
3238 get_supported_edmg(struct wpa_supplicant *wpa_s,
3239 struct hostapd_freq_params *freq,
3240 struct ieee80211_edmg_config request_edmg)
3241 {
3242 enum hostapd_hw_mode hw_mode;
3243 struct hostapd_hw_modes *mode = NULL;
3244 u8 primary_channel;
3245
3246 if (!wpa_s->hw.modes)
3247 goto fail;
3248
3249 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3250 if (hw_mode == NUM_HOSTAPD_MODES)
3251 goto fail;
3252
3253 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, 0);
3254 if (!mode)
3255 goto fail;
3256
3257 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3258
3259 fail:
3260 request_edmg.channels = 0;
3261 request_edmg.bw_config = 0;
3262 return request_edmg;
3263 }
3264
3265
3266 #ifdef CONFIG_MBO
3267 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3268 {
3269 struct wpa_driver_associate_params params;
3270 u8 *wpa_ie;
3271
3272 /*
3273 * Update MBO connect params only in case of change of MBO attributes
3274 * when connected, if the AP support MBO.
3275 */
3276
3277 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3278 !wpa_s->current_bss ||
3279 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3280 return;
3281
3282 os_memset(&params, 0, sizeof(params));
3283 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3284 wpa_s->current_ssid, &params, NULL);
3285 if (!wpa_ie)
3286 return;
3287
3288 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3289 os_free(wpa_ie);
3290 }
3291 #endif /* CONFIG_MBO */
3292
3293
3294 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3295 {
3296 struct wpa_connect_work *cwork = work->ctx;
3297 struct wpa_bss *bss = cwork->bss;
3298 struct wpa_ssid *ssid = cwork->ssid;
3299 struct wpa_supplicant *wpa_s = work->wpa_s;
3300 u8 *wpa_ie;
3301 const u8 *edmg_ie_oper;
3302 int use_crypt, ret, i, bssid_changed;
3303 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3304 struct wpa_driver_associate_params params;
3305 int wep_keys_set = 0;
3306 int assoc_failed = 0;
3307 struct wpa_ssid *old_ssid;
3308 u8 prev_bssid[ETH_ALEN];
3309 #ifdef CONFIG_HT_OVERRIDES
3310 struct ieee80211_ht_capabilities htcaps;
3311 struct ieee80211_ht_capabilities htcaps_mask;
3312 #endif /* CONFIG_HT_OVERRIDES */
3313 #ifdef CONFIG_VHT_OVERRIDES
3314 struct ieee80211_vht_capabilities vhtcaps;
3315 struct ieee80211_vht_capabilities vhtcaps_mask;
3316 #endif /* CONFIG_VHT_OVERRIDES */
3317
3318 if (deinit) {
3319 if (work->started) {
3320 wpa_s->connect_work = NULL;
3321
3322 /* cancel possible auth. timeout */
3323 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3324 NULL);
3325 }
3326 wpas_connect_work_free(cwork);
3327 return;
3328 }
3329
3330 wpa_s->connect_work = work;
3331
3332 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3333 wpas_network_disabled(wpa_s, ssid)) {
3334 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3335 wpas_connect_work_done(wpa_s);
3336 return;
3337 }
3338
3339 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3340 os_memset(&params, 0, sizeof(params));
3341 wpa_s->reassociate = 0;
3342 wpa_s->eap_expected_failure = 0;
3343 if (bss &&
3344 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3345 #ifdef CONFIG_IEEE80211R
3346 const u8 *ie, *md = NULL;
3347 #endif /* CONFIG_IEEE80211R */
3348 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3349 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3350 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3351 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3352 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3353 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3354 if (bssid_changed)
3355 wpas_notify_bssid_changed(wpa_s);
3356 #ifdef CONFIG_IEEE80211R
3357 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3358 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3359 md = ie + 2;
3360 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3361 if (md) {
3362 /* Prepare for the next transition */
3363 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3364 }
3365 #endif /* CONFIG_IEEE80211R */
3366 #ifdef CONFIG_WPS
3367 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3368 wpa_s->conf->ap_scan == 2 &&
3369 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3370 /* Use ap_scan==1 style network selection to find the network
3371 */
3372 wpas_connect_work_done(wpa_s);
3373 wpa_s->scan_req = MANUAL_SCAN_REQ;
3374 wpa_s->reassociate = 1;
3375 wpa_supplicant_req_scan(wpa_s, 0, 0);
3376 return;
3377 #endif /* CONFIG_WPS */
3378 } else {
3379 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3380 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3381 if (bss)
3382 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3383 else
3384 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3385 }
3386 if (!wpa_s->pno)
3387 wpa_supplicant_cancel_sched_scan(wpa_s);
3388
3389 wpa_supplicant_cancel_scan(wpa_s);
3390
3391 /* Starting new association, so clear the possibly used WPA IE from the
3392 * previous association. */
3393 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
3394 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3395 wpa_s->rsnxe_len = 0;
3396
3397 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
3398 if (!wpa_ie) {
3399 wpas_connect_work_done(wpa_s);
3400 return;
3401 }
3402
3403 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3404 use_crypt = 1;
3405 cipher_pairwise = wpa_s->pairwise_cipher;
3406 cipher_group = wpa_s->group_cipher;
3407 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
3408 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3409 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3410 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3411 use_crypt = 0;
3412 if (wpa_set_wep_keys(wpa_s, ssid)) {
3413 use_crypt = 1;
3414 wep_keys_set = 1;
3415 }
3416 }
3417 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3418 use_crypt = 0;
3419
3420 #ifdef IEEE8021X_EAPOL
3421 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3422 if ((ssid->eapol_flags &
3423 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3424 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3425 !wep_keys_set) {
3426 use_crypt = 0;
3427 } else {
3428 /* Assume that dynamic WEP-104 keys will be used and
3429 * set cipher suites in order for drivers to expect
3430 * encryption. */
3431 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
3432 }
3433 }
3434 #endif /* IEEE8021X_EAPOL */
3435
3436 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3437 /* Set the key before (and later after) association */
3438 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3439 }
3440
3441 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
3442 if (bss) {
3443 params.ssid = bss->ssid;
3444 params.ssid_len = bss->ssid_len;
3445 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3446 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3447 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3448 MACSTR " freq=%u MHz based on scan results "
3449 "(bssid_set=%d wps=%d)",
3450 MAC2STR(bss->bssid), bss->freq,
3451 ssid->bssid_set,
3452 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
3453 params.bssid = bss->bssid;
3454 params.freq.freq = bss->freq;
3455 }
3456 params.bssid_hint = bss->bssid;
3457 params.freq_hint = bss->freq;
3458 params.pbss = bss_is_pbss(bss);
3459 } else {
3460 if (ssid->bssid_hint_set)
3461 params.bssid_hint = ssid->bssid_hint;
3462
3463 params.ssid = ssid->ssid;
3464 params.ssid_len = ssid->ssid_len;
3465 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
3466 }
3467
3468 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3469 wpa_s->conf->ap_scan == 2) {
3470 params.bssid = ssid->bssid;
3471 params.fixed_bssid = 1;
3472 }
3473
3474 /* Initial frequency for IBSS/mesh */
3475 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
3476 ssid->frequency > 0 && params.freq.freq == 0)
3477 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
3478
3479 if (ssid->mode == WPAS_MODE_IBSS) {
3480 params.fixed_freq = ssid->fixed_freq;
3481 if (ssid->beacon_int)
3482 params.beacon_int = ssid->beacon_int;
3483 else
3484 params.beacon_int = wpa_s->conf->beacon_int;
3485 }
3486
3487 if (bss && ssid->enable_edmg)
3488 edmg_ie_oper = get_ie_ext((const u8 *) (bss + 1), bss->ie_len,
3489 WLAN_EID_EXT_EDMG_OPERATION);
3490 else
3491 edmg_ie_oper = NULL;
3492
3493 if (edmg_ie_oper) {
3494 params.freq.edmg.channels =
3495 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3496 params.freq.edmg.bw_config =
3497 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3498 wpa_printf(MSG_DEBUG,
3499 "AP supports EDMG channels 0x%x, bw_config %d",
3500 params.freq.edmg.channels,
3501 params.freq.edmg.bw_config);
3502
3503 /* User may ask for specific EDMG channel for EDMG connection
3504 * (must be supported by AP)
3505 */
3506 if (ssid->edmg_channel) {
3507 struct ieee80211_edmg_config configured_edmg;
3508 enum hostapd_hw_mode hw_mode;
3509 u8 primary_channel;
3510
3511 hw_mode = ieee80211_freq_to_chan(bss->freq,
3512 &primary_channel);
3513 if (hw_mode == NUM_HOSTAPD_MODES)
3514 goto edmg_fail;
3515
3516 hostapd_encode_edmg_chan(ssid->enable_edmg,
3517 ssid->edmg_channel,
3518 primary_channel,
3519 &configured_edmg);
3520
3521 if (ieee802_edmg_is_allowed(params.freq.edmg,
3522 configured_edmg)) {
3523 params.freq.edmg = configured_edmg;
3524 wpa_printf(MSG_DEBUG,
3525 "Use EDMG channel %d for connection",
3526 ssid->edmg_channel);
3527 } else {
3528 edmg_fail:
3529 params.freq.edmg.channels = 0;
3530 params.freq.edmg.bw_config = 0;
3531 wpa_printf(MSG_WARNING,
3532 "EDMG channel %d not supported by AP, fallback to DMG",
3533 ssid->edmg_channel);
3534 }
3535 }
3536
3537 if (params.freq.edmg.channels) {
3538 wpa_printf(MSG_DEBUG,
3539 "EDMG before: channels 0x%x, bw_config %d",
3540 params.freq.edmg.channels,
3541 params.freq.edmg.bw_config);
3542 params.freq.edmg = get_supported_edmg(wpa_s,
3543 &params.freq,
3544 params.freq.edmg);
3545 wpa_printf(MSG_DEBUG,
3546 "EDMG after: channels 0x%x, bw_config %d",
3547 params.freq.edmg.channels,
3548 params.freq.edmg.bw_config);
3549 }
3550 }
3551
3552 params.pairwise_suite = cipher_pairwise;
3553 params.group_suite = cipher_group;
3554 params.mgmt_group_suite = cipher_group_mgmt;
3555 params.key_mgmt_suite = wpa_s->key_mgmt;
3556 params.wpa_proto = wpa_s->wpa_proto;
3557 wpa_s->auth_alg = params.auth_alg;
3558 params.mode = ssid->mode;
3559 params.bg_scan_period = ssid->bg_scan_period;
3560 for (i = 0; i < NUM_WEP_KEYS; i++) {
3561 if (ssid->wep_key_len[i])
3562 params.wep_key[i] = ssid->wep_key[i];
3563 params.wep_key_len[i] = ssid->wep_key_len[i];
3564 }
3565 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3566
3567 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
3568 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3569 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
3570 params.passphrase = ssid->passphrase;
3571 if (ssid->psk_set)
3572 params.psk = ssid->psk;
3573 }
3574
3575 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3576 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3577 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3578 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3579 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
3580 params.req_handshake_offload = 1;
3581
3582 if (wpa_s->conf->key_mgmt_offload) {
3583 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3584 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3585 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3586 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
3587 params.req_key_mgmt_offload =
3588 ssid->proactive_key_caching < 0 ?
3589 wpa_s->conf->okc : ssid->proactive_key_caching;
3590 else
3591 params.req_key_mgmt_offload = 1;
3592
3593 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3594 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3595 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3596 ssid->psk_set)
3597 params.psk = ssid->psk;
3598 }
3599
3600 params.drop_unencrypted = use_crypt;
3601
3602 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
3603 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
3604 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3605 struct wpa_ie_data ie;
3606 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3607 ie.capabilities &
3608 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
3609 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3610 "MFP: require MFP");
3611 params.mgmt_frame_protection =
3612 MGMT_FRAME_PROTECTION_REQUIRED;
3613 #ifdef CONFIG_OWE
3614 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3615 !ssid->owe_only) {
3616 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3617 #endif /* CONFIG_OWE */
3618 }
3619 }
3620
3621 params.p2p = ssid->p2p_group;
3622
3623 if (wpa_s->p2pdev->set_sta_uapsd)
3624 params.uapsd = wpa_s->p2pdev->sta_uapsd;
3625 else
3626 params.uapsd = -1;
3627
3628 #ifdef CONFIG_HT_OVERRIDES
3629 os_memset(&htcaps, 0, sizeof(htcaps));
3630 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3631 params.htcaps = (u8 *) &htcaps;
3632 params.htcaps_mask = (u8 *) &htcaps_mask;
3633 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3634 #endif /* CONFIG_HT_OVERRIDES */
3635 #ifdef CONFIG_VHT_OVERRIDES
3636 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3637 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3638 params.vhtcaps = &vhtcaps;
3639 params.vhtcaps_mask = &vhtcaps_mask;
3640 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
3641 #endif /* CONFIG_VHT_OVERRIDES */
3642
3643 #ifdef CONFIG_P2P
3644 /*
3645 * If multi-channel concurrency is not supported, check for any
3646 * frequency conflict. In case of any frequency conflict, remove the
3647 * least prioritized connection.
3648 */
3649 if (wpa_s->num_multichan_concurrent < 2) {
3650 int freq, num;
3651 num = get_shared_radio_freqs(wpa_s, &freq, 1);
3652 if (num > 0 && freq > 0 && freq != params.freq.freq) {
3653 wpa_printf(MSG_DEBUG,
3654 "Assoc conflicting freq found (%d != %d)",
3655 freq, params.freq.freq);
3656 if (wpas_p2p_handle_frequency_conflicts(
3657 wpa_s, params.freq.freq, ssid) < 0) {
3658 wpas_connect_work_done(wpa_s);
3659 os_free(wpa_ie);
3660 return;
3661 }
3662 }
3663 }
3664 #endif /* CONFIG_P2P */
3665
3666 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3667 wpa_s->current_ssid)
3668 params.prev_bssid = prev_bssid;
3669
3670 ret = wpa_drv_associate(wpa_s, &params);
3671 os_free(wpa_ie);
3672 if (ret < 0) {
3673 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3674 "failed");
3675 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3676 /*
3677 * The driver is known to mean what is saying, so we
3678 * can stop right here; the association will not
3679 * succeed.
3680 */
3681 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
3682 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3683 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3684 return;
3685 }
3686 /* try to continue anyway; new association will be tried again
3687 * after timeout */
3688 assoc_failed = 1;
3689 }
3690
3691 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3692 /* Set the key after the association just in case association
3693 * cleared the previously configured key. */
3694 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3695 /* No need to timeout authentication since there is no key
3696 * management. */
3697 wpa_supplicant_cancel_auth_timeout(wpa_s);
3698 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
3699 #ifdef CONFIG_IBSS_RSN
3700 } else if (ssid->mode == WPAS_MODE_IBSS &&
3701 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3702 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3703 /*
3704 * RSN IBSS authentication is per-STA and we can disable the
3705 * per-BSSID authentication.
3706 */
3707 wpa_supplicant_cancel_auth_timeout(wpa_s);
3708 #endif /* CONFIG_IBSS_RSN */
3709 } else {
3710 /* Timeout for IEEE 802.11 authentication and association */
3711 int timeout = 60;
3712
3713 if (assoc_failed) {
3714 /* give IBSS a bit more time */
3715 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
3716 } else if (wpa_s->conf->ap_scan == 1) {
3717 /* give IBSS a bit more time */
3718 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
3719 }
3720 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3721 }
3722
3723 if (wep_keys_set &&
3724 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
3725 /* Set static WEP keys again */
3726 wpa_set_wep_keys(wpa_s, ssid);
3727 }
3728
3729 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3730 /*
3731 * Do not allow EAP session resumption between different
3732 * network configurations.
3733 */
3734 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3735 }
3736 old_ssid = wpa_s->current_ssid;
3737 wpa_s->current_ssid = ssid;
3738
3739 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
3740 wpa_s->current_bss = bss;
3741 #ifdef CONFIG_HS20
3742 hs20_configure_frame_filters(wpa_s);
3743 #endif /* CONFIG_HS20 */
3744 }
3745
3746 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3747 wpa_supplicant_initiate_eapol(wpa_s);
3748 if (old_ssid != wpa_s->current_ssid)
3749 wpas_notify_network_changed(wpa_s);
3750 }
3751
3752
3753 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3754 const u8 *addr)
3755 {
3756 struct wpa_ssid *old_ssid;
3757
3758 wpas_connect_work_done(wpa_s);
3759 wpa_clear_keys(wpa_s, addr);
3760 old_ssid = wpa_s->current_ssid;
3761 wpa_supplicant_mark_disassoc(wpa_s);
3762 wpa_sm_set_config(wpa_s->wpa, NULL);
3763 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3764 if (old_ssid != wpa_s->current_ssid)
3765 wpas_notify_network_changed(wpa_s);
3766 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3767 }
3768
3769
3770 /**
3771 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3772 * @wpa_s: Pointer to wpa_supplicant data
3773 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3774 *
3775 * This function is used to request %wpa_supplicant to deauthenticate from the
3776 * current AP.
3777 */
3778 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3779 u16 reason_code)
3780 {
3781 u8 *addr = NULL;
3782 union wpa_event_data event;
3783 int zero_addr = 0;
3784
3785 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3786 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
3787 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3788 reason_code, reason2str(reason_code),
3789 wpa_supplicant_state_txt(wpa_s->wpa_state));
3790
3791 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3792 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3793 wpa_s->wpa_state == WPA_ASSOCIATING))
3794 addr = wpa_s->pending_bssid;
3795 else if (!is_zero_ether_addr(wpa_s->bssid))
3796 addr = wpa_s->bssid;
3797 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3798 /*
3799 * When using driver-based BSS selection, we may not know the
3800 * BSSID with which we are currently trying to associate. We
3801 * need to notify the driver of this disconnection even in such
3802 * a case, so use the all zeros address here.
3803 */
3804 addr = wpa_s->bssid;
3805 zero_addr = 1;
3806 }
3807
3808 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
3809 wpa_s->enabled_4addr_mode = 0;
3810
3811 #ifdef CONFIG_TDLS
3812 wpa_tdls_teardown_peers(wpa_s->wpa);
3813 #endif /* CONFIG_TDLS */
3814
3815 #ifdef CONFIG_MESH
3816 if (wpa_s->ifmsh) {
3817 struct mesh_conf *mconf;
3818
3819 mconf = wpa_s->ifmsh->mconf;
3820 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3821 wpa_s->ifname);
3822 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3823 mconf->meshid_len, reason_code);
3824 wpa_supplicant_leave_mesh(wpa_s);
3825 }
3826 #endif /* CONFIG_MESH */
3827
3828 if (addr) {
3829 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
3830 os_memset(&event, 0, sizeof(event));
3831 event.deauth_info.reason_code = reason_code;
3832 event.deauth_info.locally_generated = 1;
3833 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
3834 if (zero_addr)
3835 addr = NULL;
3836 }
3837
3838 wpa_supplicant_clear_connection(wpa_s, addr);
3839 }
3840
3841 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3842 struct wpa_ssid *ssid)
3843 {
3844 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3845 return;
3846
3847 ssid->disabled = 0;
3848 ssid->owe_transition_bss_select_count = 0;
3849 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3850 wpas_notify_network_enabled_changed(wpa_s, ssid);
3851
3852 /*
3853 * Try to reassociate since there is no current configuration and a new
3854 * network was made available.
3855 */
3856 if (!wpa_s->current_ssid && !wpa_s->disconnected)
3857 wpa_s->reassociate = 1;
3858 }
3859
3860
3861 /**
3862 * wpa_supplicant_add_network - Add a new network
3863 * @wpa_s: wpa_supplicant structure for a network interface
3864 * Returns: The new network configuration or %NULL if operation failed
3865 *
3866 * This function performs the following operations:
3867 * 1. Adds a new network.
3868 * 2. Send network addition notification.
3869 * 3. Marks the network disabled.
3870 * 4. Set network default parameters.
3871 */
3872 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3873 {
3874 struct wpa_ssid *ssid;
3875
3876 ssid = wpa_config_add_network(wpa_s->conf);
3877 if (!ssid)
3878 return NULL;
3879 wpas_notify_network_added(wpa_s, ssid);
3880 ssid->disabled = 1;
3881 wpa_config_set_network_defaults(ssid);
3882
3883 return ssid;
3884 }
3885
3886
3887 /**
3888 * wpa_supplicant_remove_network - Remove a configured network based on id
3889 * @wpa_s: wpa_supplicant structure for a network interface
3890 * @id: Unique network id to search for
3891 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3892 * could not be removed
3893 *
3894 * This function performs the following operations:
3895 * 1. Removes the network.
3896 * 2. Send network removal notification.
3897 * 3. Update internal state machines.
3898 * 4. Stop any running sched scans.
3899 */
3900 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3901 {
3902 struct wpa_ssid *ssid;
3903 int was_disabled;
3904
3905 ssid = wpa_config_get_network(wpa_s->conf, id);
3906 if (!ssid)
3907 return -1;
3908 wpas_notify_network_removed(wpa_s, ssid);
3909
3910 if (wpa_s->last_ssid == ssid)
3911 wpa_s->last_ssid = NULL;
3912
3913 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3914 #ifdef CONFIG_SME
3915 wpa_s->sme.prev_bssid_set = 0;
3916 #endif /* CONFIG_SME */
3917 /*
3918 * Invalidate the EAP session cache if the current or
3919 * previously used network is removed.
3920 */
3921 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3922 }
3923
3924 if (ssid == wpa_s->current_ssid) {
3925 wpa_sm_set_config(wpa_s->wpa, NULL);
3926 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3927
3928 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3929 wpa_s->own_disconnect_req = 1;
3930 wpa_supplicant_deauthenticate(wpa_s,
3931 WLAN_REASON_DEAUTH_LEAVING);
3932 }
3933
3934 was_disabled = ssid->disabled;
3935
3936 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3937 return -2;
3938
3939 if (!was_disabled && wpa_s->sched_scanning) {
3940 wpa_printf(MSG_DEBUG,
3941 "Stop ongoing sched_scan to remove network from filters");
3942 wpa_supplicant_cancel_sched_scan(wpa_s);
3943 wpa_supplicant_req_scan(wpa_s, 0, 0);
3944 }
3945
3946 return 0;
3947 }
3948
3949
3950 /**
3951 * wpa_supplicant_enable_network - Mark a configured network as enabled
3952 * @wpa_s: wpa_supplicant structure for a network interface
3953 * @ssid: wpa_ssid structure for a configured network or %NULL
3954 *
3955 * Enables the specified network or all networks if no network specified.
3956 */
3957 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3958 struct wpa_ssid *ssid)
3959 {
3960 if (ssid == NULL) {
3961 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3962 wpa_supplicant_enable_one_network(wpa_s, ssid);
3963 } else
3964 wpa_supplicant_enable_one_network(wpa_s, ssid);
3965
3966 if (wpa_s->reassociate && !wpa_s->disconnected &&
3967 (!wpa_s->current_ssid ||
3968 wpa_s->wpa_state == WPA_DISCONNECTED ||
3969 wpa_s->wpa_state == WPA_SCANNING)) {
3970 if (wpa_s->sched_scanning) {
3971 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3972 "new network to scan filters");
3973 wpa_supplicant_cancel_sched_scan(wpa_s);
3974 }
3975
3976 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3977 wpa_s->scan_req = NORMAL_SCAN_REQ;
3978 wpa_supplicant_req_scan(wpa_s, 0, 0);
3979 }
3980 }
3981 }
3982
3983
3984 /**
3985 * wpa_supplicant_disable_network - Mark a configured network as disabled
3986 * @wpa_s: wpa_supplicant structure for a network interface
3987 * @ssid: wpa_ssid structure for a configured network or %NULL
3988 *
3989 * Disables the specified network or all networks if no network specified.
3990 */
3991 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3992 struct wpa_ssid *ssid)
3993 {
3994 struct wpa_ssid *other_ssid;
3995 int was_disabled;
3996
3997 if (ssid == NULL) {
3998 if (wpa_s->sched_scanning)
3999 wpa_supplicant_cancel_sched_scan(wpa_s);
4000
4001 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4002 other_ssid = other_ssid->next) {
4003 was_disabled = other_ssid->disabled;
4004 if (was_disabled == 2)
4005 continue; /* do not change persistent P2P group
4006 * data */
4007
4008 other_ssid->disabled = 1;
4009
4010 if (was_disabled != other_ssid->disabled)
4011 wpas_notify_network_enabled_changed(
4012 wpa_s, other_ssid);
4013 }
4014 if (wpa_s->current_ssid) {
4015 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4016 wpa_s->own_disconnect_req = 1;
4017 wpa_supplicant_deauthenticate(
4018 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4019 }
4020 } else if (ssid->disabled != 2) {
4021 if (ssid == wpa_s->current_ssid) {
4022 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4023 wpa_s->own_disconnect_req = 1;
4024 wpa_supplicant_deauthenticate(
4025 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4026 }
4027
4028 was_disabled = ssid->disabled;
4029
4030 ssid->disabled = 1;
4031
4032 if (was_disabled != ssid->disabled) {
4033 wpas_notify_network_enabled_changed(wpa_s, ssid);
4034 if (wpa_s->sched_scanning) {
4035 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4036 "to remove network from filters");
4037 wpa_supplicant_cancel_sched_scan(wpa_s);
4038 wpa_supplicant_req_scan(wpa_s, 0, 0);
4039 }
4040 }
4041 }
4042 }
4043
4044
4045 /**
4046 * wpa_supplicant_select_network - Attempt association with a network
4047 * @wpa_s: wpa_supplicant structure for a network interface
4048 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4049 */
4050 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4051 struct wpa_ssid *ssid)
4052 {
4053
4054 struct wpa_ssid *other_ssid;
4055 int disconnected = 0;
4056
4057 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
4058 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4059 wpa_s->own_disconnect_req = 1;
4060 wpa_supplicant_deauthenticate(
4061 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4062 disconnected = 1;
4063 }
4064
4065 if (ssid)
4066 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4067
4068 /*
4069 * Mark all other networks disabled or mark all networks enabled if no
4070 * network specified.
4071 */
4072 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4073 other_ssid = other_ssid->next) {
4074 int was_disabled = other_ssid->disabled;
4075 if (was_disabled == 2)
4076 continue; /* do not change persistent P2P group data */
4077
4078 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
4079 if (was_disabled && !other_ssid->disabled)
4080 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
4081
4082 if (was_disabled != other_ssid->disabled)
4083 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
4084 }
4085
4086 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4087 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4088 /* We are already associated with the selected network */
4089 wpa_printf(MSG_DEBUG, "Already associated with the "
4090 "selected network - do nothing");
4091 return;
4092 }
4093
4094 if (ssid) {
4095 wpa_s->current_ssid = ssid;
4096 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4097 wpa_s->connect_without_scan =
4098 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
4099
4100 /*
4101 * Don't optimize next scan freqs since a new ESS has been
4102 * selected.
4103 */
4104 os_free(wpa_s->next_scan_freqs);
4105 wpa_s->next_scan_freqs = NULL;
4106 } else {
4107 wpa_s->connect_without_scan = NULL;
4108 }
4109
4110 wpa_s->disconnected = 0;
4111 wpa_s->reassociate = 1;
4112 wpa_s_clear_sae_rejected(wpa_s);
4113 wpa_s->last_owe_group = 0;
4114 if (ssid) {
4115 ssid->owe_transition_bss_select_count = 0;
4116 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4117 }
4118
4119 if (wpa_s->connect_without_scan ||
4120 wpa_supplicant_fast_associate(wpa_s) != 1) {
4121 wpa_s->scan_req = NORMAL_SCAN_REQ;
4122 wpas_scan_reset_sched_scan(wpa_s);
4123 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
4124 }
4125
4126 if (ssid)
4127 wpas_notify_network_selected(wpa_s, ssid);
4128 }
4129
4130
4131 /**
4132 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4133 * @wpa_s: wpa_supplicant structure for a network interface
4134 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4135 * @pkcs11_module_path: PKCS #11 module path or NULL
4136 * Returns: 0 on success; -1 on failure
4137 *
4138 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4139 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4140 * module path fails the paths will be reset to the default value (NULL).
4141 */
4142 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4143 const char *pkcs11_engine_path,
4144 const char *pkcs11_module_path)
4145 {
4146 char *pkcs11_engine_path_copy = NULL;
4147 char *pkcs11_module_path_copy = NULL;
4148
4149 if (pkcs11_engine_path != NULL) {
4150 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4151 if (pkcs11_engine_path_copy == NULL)
4152 return -1;
4153 }
4154 if (pkcs11_module_path != NULL) {
4155 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
4156 if (pkcs11_module_path_copy == NULL) {
4157 os_free(pkcs11_engine_path_copy);
4158 return -1;
4159 }
4160 }
4161
4162 os_free(wpa_s->conf->pkcs11_engine_path);
4163 os_free(wpa_s->conf->pkcs11_module_path);
4164 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4165 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4166
4167 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4168 eapol_sm_deinit(wpa_s->eapol);
4169 wpa_s->eapol = NULL;
4170 if (wpa_supplicant_init_eapol(wpa_s)) {
4171 /* Error -> Reset paths to the default value (NULL) once. */
4172 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4173 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4174 NULL);
4175
4176 return -1;
4177 }
4178 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4179
4180 return 0;
4181 }
4182
4183
4184 /**
4185 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4186 * @wpa_s: wpa_supplicant structure for a network interface
4187 * @ap_scan: AP scan mode
4188 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4189 *
4190 */
4191 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4192 {
4193
4194 int old_ap_scan;
4195
4196 if (ap_scan < 0 || ap_scan > 2)
4197 return -1;
4198
4199 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4200 wpa_printf(MSG_INFO,
4201 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4202 }
4203
4204 #ifdef ANDROID
4205 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4206 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4207 wpa_s->wpa_state < WPA_COMPLETED) {
4208 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4209 "associating", wpa_s->conf->ap_scan, ap_scan);
4210 return 0;
4211 }
4212 #endif /* ANDROID */
4213
4214 old_ap_scan = wpa_s->conf->ap_scan;
4215 wpa_s->conf->ap_scan = ap_scan;
4216
4217 if (old_ap_scan != wpa_s->conf->ap_scan)
4218 wpas_notify_ap_scan_changed(wpa_s);
4219
4220 return 0;
4221 }
4222
4223
4224 /**
4225 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4226 * @wpa_s: wpa_supplicant structure for a network interface
4227 * @expire_age: Expiration age in seconds
4228 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4229 *
4230 */
4231 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4232 unsigned int bss_expire_age)
4233 {
4234 if (bss_expire_age < 10) {
4235 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4236 bss_expire_age);
4237 return -1;
4238 }
4239 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4240 bss_expire_age);
4241 wpa_s->conf->bss_expiration_age = bss_expire_age;
4242
4243 return 0;
4244 }
4245
4246
4247 /**
4248 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4249 * @wpa_s: wpa_supplicant structure for a network interface
4250 * @expire_count: number of scans after which an unseen BSS is reclaimed
4251 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4252 *
4253 */
4254 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4255 unsigned int bss_expire_count)
4256 {
4257 if (bss_expire_count < 1) {
4258 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4259 bss_expire_count);
4260 return -1;
4261 }
4262 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4263 bss_expire_count);
4264 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4265
4266 return 0;
4267 }
4268
4269
4270 /**
4271 * wpa_supplicant_set_scan_interval - Set scan interval
4272 * @wpa_s: wpa_supplicant structure for a network interface
4273 * @scan_interval: scan interval in seconds
4274 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4275 *
4276 */
4277 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4278 int scan_interval)
4279 {
4280 if (scan_interval < 0) {
4281 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4282 scan_interval);
4283 return -1;
4284 }
4285 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4286 scan_interval);
4287 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
4288
4289 return 0;
4290 }
4291
4292
4293 /**
4294 * wpa_supplicant_set_debug_params - Set global debug params
4295 * @global: wpa_global structure
4296 * @debug_level: debug level
4297 * @debug_timestamp: determines if show timestamp in debug data
4298 * @debug_show_keys: determines if show keys in debug data
4299 * Returns: 0 if succeed or -1 if debug_level has wrong value
4300 */
4301 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4302 int debug_timestamp, int debug_show_keys)
4303 {
4304
4305 int old_level, old_timestamp, old_show_keys;
4306
4307 /* check for allowed debuglevels */
4308 if (debug_level != MSG_EXCESSIVE &&
4309 debug_level != MSG_MSGDUMP &&
4310 debug_level != MSG_DEBUG &&
4311 debug_level != MSG_INFO &&
4312 debug_level != MSG_WARNING &&
4313 debug_level != MSG_ERROR)
4314 return -1;
4315
4316 old_level = wpa_debug_level;
4317 old_timestamp = wpa_debug_timestamp;
4318 old_show_keys = wpa_debug_show_keys;
4319
4320 wpa_debug_level = debug_level;
4321 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4322 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4323
4324 if (wpa_debug_level != old_level)
4325 wpas_notify_debug_level_changed(global);
4326 if (wpa_debug_timestamp != old_timestamp)
4327 wpas_notify_debug_timestamp_changed(global);
4328 if (wpa_debug_show_keys != old_show_keys)
4329 wpas_notify_debug_show_keys_changed(global);
4330
4331 return 0;
4332 }
4333
4334
4335 #ifdef CONFIG_OWE
4336 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4337 const u8 *entry_ssid, size_t entry_ssid_len)
4338 {
4339 const u8 *owe, *pos, *end;
4340 u8 ssid_len;
4341 struct wpa_bss *bss;
4342
4343 /* Check network profile SSID aganst the SSID in the
4344 * OWE Transition Mode element. */
4345
4346 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4347 if (!bss)
4348 return 0;
4349
4350 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4351 if (!owe)
4352 return 0;
4353
4354 pos = owe + 6;
4355 end = owe + 2 + owe[1];
4356
4357 if (end - pos < ETH_ALEN + 1)
4358 return 0;
4359 pos += ETH_ALEN;
4360 ssid_len = *pos++;
4361 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4362 return 0;
4363
4364 return entry_ssid_len == ssid_len &&
4365 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4366 }
4367 #endif /* CONFIG_OWE */
4368
4369
4370 /**
4371 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4372 * @wpa_s: Pointer to wpa_supplicant data
4373 * Returns: A pointer to the current network structure or %NULL on failure
4374 */
4375 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4376 {
4377 struct wpa_ssid *entry;
4378 u8 ssid[SSID_MAX_LEN];
4379 int res;
4380 size_t ssid_len;
4381 u8 bssid[ETH_ALEN];
4382 int wired;
4383
4384 res = wpa_drv_get_ssid(wpa_s, ssid);
4385 if (res < 0) {
4386 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4387 "driver");
4388 return NULL;
4389 }
4390 ssid_len = res;
4391
4392 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
4393 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4394 "driver");
4395 return NULL;
4396 }
4397
4398 wired = wpa_s->conf->ap_scan == 0 &&
4399 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
4400
4401 entry = wpa_s->conf->ssid;
4402 while (entry) {
4403 if (!wpas_network_disabled(wpa_s, entry) &&
4404 ((ssid_len == entry->ssid_len &&
4405 (!entry->ssid ||
4406 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4407 wired) &&
4408 (!entry->bssid_set ||
4409 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4410 return entry;
4411 #ifdef CONFIG_WPS
4412 if (!wpas_network_disabled(wpa_s, entry) &&
4413 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4414 (entry->ssid == NULL || entry->ssid_len == 0) &&
4415 (!entry->bssid_set ||
4416 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4417 return entry;
4418 #endif /* CONFIG_WPS */
4419
4420 #ifdef CONFIG_OWE
4421 if (!wpas_network_disabled(wpa_s, entry) &&
4422 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4423 entry->ssid_len) &&
4424 (!entry->bssid_set ||
4425 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4426 return entry;
4427 #endif /* CONFIG_OWE */
4428
4429 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
4430 entry->ssid_len == 0 &&
4431 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4432 return entry;
4433
4434 entry = entry->next;
4435 }
4436
4437 return NULL;
4438 }
4439
4440
4441 static int select_driver(struct wpa_supplicant *wpa_s, int i)
4442 {
4443 struct wpa_global *global = wpa_s->global;
4444
4445 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
4446 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
4447 if (global->drv_priv[i] == NULL) {
4448 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4449 "'%s'", wpa_drivers[i]->name);
4450 return -1;
4451 }
4452 }
4453
4454 wpa_s->driver = wpa_drivers[i];
4455 wpa_s->global_drv_priv = global->drv_priv[i];
4456
4457 return 0;
4458 }
4459
4460
4461 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4462 const char *name)
4463 {
4464 int i;
4465 size_t len;
4466 const char *pos, *driver = name;
4467
4468 if (wpa_s == NULL)
4469 return -1;
4470
4471 if (wpa_drivers[0] == NULL) {
4472 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4473 "wpa_supplicant");
4474 return -1;
4475 }
4476
4477 if (name == NULL) {
4478 /* default to first driver in the list */
4479 return select_driver(wpa_s, 0);
4480 }
4481
4482 do {
4483 pos = os_strchr(driver, ',');
4484 if (pos)
4485 len = pos - driver;
4486 else
4487 len = os_strlen(driver);
4488
4489 for (i = 0; wpa_drivers[i]; i++) {
4490 if (os_strlen(wpa_drivers[i]->name) == len &&
4491 os_strncmp(driver, wpa_drivers[i]->name, len) ==
4492 0) {
4493 /* First driver that succeeds wins */
4494 if (select_driver(wpa_s, i) == 0)
4495 return 0;
4496 }
4497 }
4498
4499 driver = pos + 1;
4500 } while (pos);
4501
4502 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
4503 return -1;
4504 }
4505
4506
4507 /**
4508 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4509 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4510 * with struct wpa_driver_ops::init()
4511 * @src_addr: Source address of the EAPOL frame
4512 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4513 * @len: Length of the EAPOL data
4514 *
4515 * This function is called for each received EAPOL frame. Most driver
4516 * interfaces rely on more generic OS mechanism for receiving frames through
4517 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4518 * take care of received EAPOL frames and deliver them to the core supplicant
4519 * code by calling this function.
4520 */
4521 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4522 const u8 *buf, size_t len)
4523 {
4524 struct wpa_supplicant *wpa_s = ctx;
4525
4526 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
4527 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4528
4529 #ifdef CONFIG_TESTING_OPTIONS
4530 if (wpa_s->ignore_auth_resp) {
4531 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4532 return;
4533 }
4534 #endif /* CONFIG_TESTING_OPTIONS */
4535
4536 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4537 (wpa_s->last_eapol_matches_bssid &&
4538 #ifdef CONFIG_AP
4539 !wpa_s->ap_iface &&
4540 #endif /* CONFIG_AP */
4541 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
4542 /*
4543 * There is possible race condition between receiving the
4544 * association event and the EAPOL frame since they are coming
4545 * through different paths from the driver. In order to avoid
4546 * issues in trying to process the EAPOL frame before receiving
4547 * association information, lets queue it for processing until
4548 * the association event is received. This may also be needed in
4549 * driver-based roaming case, so also use src_addr != BSSID as a
4550 * trigger if we have previously confirmed that the
4551 * Authenticator uses BSSID as the src_addr (which is not the
4552 * case with wired IEEE 802.1X).
4553 */
4554 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
4555 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4556 wpa_supplicant_state_txt(wpa_s->wpa_state),
4557 MAC2STR(wpa_s->bssid));
4558 wpabuf_free(wpa_s->pending_eapol_rx);
4559 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4560 if (wpa_s->pending_eapol_rx) {
4561 os_get_reltime(&wpa_s->pending_eapol_rx_time);
4562 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4563 ETH_ALEN);
4564 }
4565 return;
4566 }
4567
4568 wpa_s->last_eapol_matches_bssid =
4569 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4570
4571 #ifdef CONFIG_AP
4572 if (wpa_s->ap_iface) {
4573 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4574 return;
4575 }
4576 #endif /* CONFIG_AP */
4577
4578 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
4579 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4580 "no key management is configured");
4581 return;
4582 }
4583
4584 if (wpa_s->eapol_received == 0 &&
4585 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
4586 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
4587 wpa_s->wpa_state != WPA_COMPLETED) &&
4588 (wpa_s->current_ssid == NULL ||
4589 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
4590 /* Timeout for completing IEEE 802.1X and WPA authentication */
4591 int timeout = 10;
4592
4593 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4594 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4595 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4596 /* Use longer timeout for IEEE 802.1X/EAP */
4597 timeout = 70;
4598 }
4599
4600 #ifdef CONFIG_WPS
4601 if (wpa_s->current_ssid && wpa_s->current_bss &&
4602 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4603 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4604 /*
4605 * Use shorter timeout if going through WPS AP iteration
4606 * for PIN config method with an AP that does not
4607 * advertise Selected Registrar.
4608 */
4609 struct wpabuf *wps_ie;
4610
4611 wps_ie = wpa_bss_get_vendor_ie_multi(
4612 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
4613 if (wps_ie &&
4614 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
4615 timeout = 10;
4616 wpabuf_free(wps_ie);
4617 }
4618 #endif /* CONFIG_WPS */
4619
4620 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4621 }
4622 wpa_s->eapol_received++;
4623
4624 if (wpa_s->countermeasures) {
4625 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4626 "EAPOL packet");
4627 return;
4628 }
4629
4630 #ifdef CONFIG_IBSS_RSN
4631 if (wpa_s->current_ssid &&
4632 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
4633 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4634 return;
4635 }
4636 #endif /* CONFIG_IBSS_RSN */
4637
4638 /* Source address of the incoming EAPOL frame could be compared to the
4639 * current BSSID. However, it is possible that a centralized
4640 * Authenticator could be using another MAC address than the BSSID of
4641 * an AP, so just allow any address to be used for now. The replies are
4642 * still sent to the current BSSID (if available), though. */
4643
4644 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
4645 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
4646 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
4647 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
4648 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4649 return;
4650 wpa_drv_poll(wpa_s);
4651 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
4652 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
4653 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
4654 /*
4655 * Set portValid = TRUE here since we are going to skip 4-way
4656 * handshake processing which would normally set portValid. We
4657 * need this to allow the EAPOL state machines to be completed
4658 * without going through EAPOL-Key handshake.
4659 */
4660 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4661 }
4662 }
4663
4664
4665 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
4666 {
4667 if ((!wpa_s->p2p_mgmt ||
4668 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4669 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
4670 l2_packet_deinit(wpa_s->l2);
4671 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4672 wpa_drv_get_mac_addr(wpa_s),
4673 ETH_P_EAPOL,
4674 wpa_supplicant_rx_eapol, wpa_s, 0);
4675 if (wpa_s->l2 == NULL)
4676 return -1;
4677
4678 if (l2_packet_set_packet_filter(wpa_s->l2,
4679 L2_PACKET_FILTER_PKTTYPE))
4680 wpa_dbg(wpa_s, MSG_DEBUG,
4681 "Failed to attach pkt_type filter");
4682 } else {
4683 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4684 if (addr)
4685 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
4686 }
4687
4688 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
4689 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
4690 return -1;
4691 }
4692
4693 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4694 wpas_wps_update_mac_addr(wpa_s);
4695
4696 #ifdef CONFIG_FST
4697 if (wpa_s->fst)
4698 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
4699 #endif /* CONFIG_FST */
4700
4701 return 0;
4702 }
4703
4704
4705 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4706 const u8 *buf, size_t len)
4707 {
4708 struct wpa_supplicant *wpa_s = ctx;
4709 const struct l2_ethhdr *eth;
4710
4711 if (len < sizeof(*eth))
4712 return;
4713 eth = (const struct l2_ethhdr *) buf;
4714
4715 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4716 !(eth->h_dest[0] & 0x01)) {
4717 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4718 " (bridge - not for this interface - ignore)",
4719 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4720 return;
4721 }
4722
4723 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4724 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4725 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4726 len - sizeof(*eth));
4727 }
4728
4729
4730 /**
4731 * wpa_supplicant_driver_init - Initialize driver interface parameters
4732 * @wpa_s: Pointer to wpa_supplicant data
4733 * Returns: 0 on success, -1 on failure
4734 *
4735 * This function is called to initialize driver interface parameters.
4736 * wpa_drv_init() must have been called before this function to initialize the
4737 * driver interface.
4738 */
4739 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4740 {
4741 static int interface_count = 0;
4742
4743 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4744 return -1;
4745
4746 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4747 MAC2STR(wpa_s->own_addr));
4748 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
4749 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4750
4751 if (wpa_s->bridge_ifname[0]) {
4752 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4753 "interface '%s'", wpa_s->bridge_ifname);
4754 wpa_s->l2_br = l2_packet_init_bridge(
4755 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4756 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
4757 if (wpa_s->l2_br == NULL) {
4758 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4759 "connection for the bridge interface '%s'",
4760 wpa_s->bridge_ifname);
4761 return -1;
4762 }
4763 }
4764
4765 if (wpa_s->conf->ap_scan == 2 &&
4766 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4767 wpa_printf(MSG_INFO,
4768 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4769 }
4770
4771 wpa_clear_keys(wpa_s, NULL);
4772
4773 /* Make sure that TKIP countermeasures are not left enabled (could
4774 * happen if wpa_supplicant is killed during countermeasures. */
4775 wpa_drv_set_countermeasures(wpa_s, 0);
4776
4777 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
4778 wpa_drv_flush_pmkid(wpa_s);
4779
4780 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
4781 wpa_s->prev_scan_wildcard = 0;
4782
4783 if (wpa_supplicant_enabled_networks(wpa_s)) {
4784 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4785 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4786 interface_count = 0;
4787 }
4788 #ifndef ANDROID
4789 if (!wpa_s->p2p_mgmt &&
4790 wpa_supplicant_delayed_sched_scan(wpa_s,
4791 interface_count % 3,
4792 100000))
4793 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
4794 100000);
4795 #endif /* ANDROID */
4796 interface_count++;
4797 } else
4798 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
4799
4800 return 0;
4801 }
4802
4803
4804 static int wpa_supplicant_daemon(const char *pid_file)
4805 {
4806 wpa_printf(MSG_DEBUG, "Daemonize..");
4807 return os_daemonize(pid_file);
4808 }
4809
4810
4811 static struct wpa_supplicant *
4812 wpa_supplicant_alloc(struct wpa_supplicant *parent)
4813 {
4814 struct wpa_supplicant *wpa_s;
4815
4816 wpa_s = os_zalloc(sizeof(*wpa_s));
4817 if (wpa_s == NULL)
4818 return NULL;
4819 wpa_s->scan_req = INITIAL_SCAN_REQ;
4820 wpa_s->scan_interval = 5;
4821 wpa_s->new_connection = 1;
4822 wpa_s->parent = parent ? parent : wpa_s;
4823 wpa_s->p2pdev = wpa_s->parent;
4824 wpa_s->sched_scanning = 0;
4825
4826 dl_list_init(&wpa_s->bss_tmp_disallowed);
4827 dl_list_init(&wpa_s->fils_hlp_req);
4828 #ifdef CONFIG_TESTING_OPTIONS
4829 dl_list_init(&wpa_s->drv_signal_override);
4830 #endif /* CONFIG_TESTING_OPTIONS */
4831
4832 return wpa_s;
4833 }
4834
4835
4836 #ifdef CONFIG_HT_OVERRIDES
4837
4838 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4839 struct ieee80211_ht_capabilities *htcaps,
4840 struct ieee80211_ht_capabilities *htcaps_mask,
4841 const char *ht_mcs)
4842 {
4843 /* parse ht_mcs into hex array */
4844 int i;
4845 const char *tmp = ht_mcs;
4846 char *end = NULL;
4847
4848 /* If ht_mcs is null, do not set anything */
4849 if (!ht_mcs)
4850 return 0;
4851
4852 /* This is what we are setting in the kernel */
4853 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4854
4855 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4856
4857 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
4858 long v;
4859
4860 errno = 0;
4861 v = strtol(tmp, &end, 16);
4862
4863 if (errno == 0) {
4864 wpa_msg(wpa_s, MSG_DEBUG,
4865 "htcap value[%i]: %ld end: %p tmp: %p",
4866 i, v, end, tmp);
4867 if (end == tmp)
4868 break;
4869
4870 htcaps->supported_mcs_set[i] = v;
4871 tmp = end;
4872 } else {
4873 wpa_msg(wpa_s, MSG_ERROR,
4874 "Failed to parse ht-mcs: %s, error: %s\n",
4875 ht_mcs, strerror(errno));
4876 return -1;
4877 }
4878 }
4879
4880 /*
4881 * If we were able to parse any values, then set mask for the MCS set.
4882 */
4883 if (i) {
4884 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4885 IEEE80211_HT_MCS_MASK_LEN - 1);
4886 /* skip the 3 reserved bits */
4887 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4888 0x1f;
4889 }
4890
4891 return 0;
4892 }
4893
4894
4895 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4896 struct ieee80211_ht_capabilities *htcaps,
4897 struct ieee80211_ht_capabilities *htcaps_mask,
4898 int disabled)
4899 {
4900 le16 msk;
4901
4902 if (disabled == -1)
4903 return 0;
4904
4905 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4906
4907 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4908 htcaps_mask->ht_capabilities_info |= msk;
4909 if (disabled)
4910 htcaps->ht_capabilities_info &= msk;
4911 else
4912 htcaps->ht_capabilities_info |= msk;
4913
4914 return 0;
4915 }
4916
4917
4918 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4919 struct ieee80211_ht_capabilities *htcaps,
4920 struct ieee80211_ht_capabilities *htcaps_mask,
4921 int factor)
4922 {
4923 if (factor == -1)
4924 return 0;
4925
4926 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4927
4928 if (factor < 0 || factor > 3) {
4929 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4930 "Must be 0-3 or -1", factor);
4931 return -EINVAL;
4932 }
4933
4934 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4935 htcaps->a_mpdu_params &= ~0x3;
4936 htcaps->a_mpdu_params |= factor & 0x3;
4937
4938 return 0;
4939 }
4940
4941
4942 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4943 struct ieee80211_ht_capabilities *htcaps,
4944 struct ieee80211_ht_capabilities *htcaps_mask,
4945 int density)
4946 {
4947 if (density == -1)
4948 return 0;
4949
4950 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4951
4952 if (density < 0 || density > 7) {
4953 wpa_msg(wpa_s, MSG_ERROR,
4954 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4955 density);
4956 return -EINVAL;
4957 }
4958
4959 htcaps_mask->a_mpdu_params |= 0x1C;
4960 htcaps->a_mpdu_params &= ~(0x1C);
4961 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4962
4963 return 0;
4964 }
4965
4966
4967 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4968 struct ieee80211_ht_capabilities *htcaps,
4969 struct ieee80211_ht_capabilities *htcaps_mask,
4970 int disabled)
4971 {
4972 if (disabled)
4973 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
4974
4975 set_disable_ht40(htcaps, disabled);
4976 set_disable_ht40(htcaps_mask, 0);
4977
4978 return 0;
4979 }
4980
4981
4982 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4983 struct ieee80211_ht_capabilities *htcaps,
4984 struct ieee80211_ht_capabilities *htcaps_mask,
4985 int disabled)
4986 {
4987 /* Masking these out disables SGI */
4988 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4989 HT_CAP_INFO_SHORT_GI40MHZ);
4990
4991 if (disabled)
4992 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
4993
4994 if (disabled)
4995 htcaps->ht_capabilities_info &= ~msk;
4996 else
4997 htcaps->ht_capabilities_info |= msk;
4998
4999 htcaps_mask->ht_capabilities_info |= msk;
5000
5001 return 0;
5002 }
5003
5004
5005 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5006 struct ieee80211_ht_capabilities *htcaps,
5007 struct ieee80211_ht_capabilities *htcaps_mask,
5008 int disabled)
5009 {
5010 /* Masking these out disables LDPC */
5011 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
5012
5013 if (disabled)
5014 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
5015
5016 if (disabled)
5017 htcaps->ht_capabilities_info &= ~msk;
5018 else
5019 htcaps->ht_capabilities_info |= msk;
5020
5021 htcaps_mask->ht_capabilities_info |= msk;
5022
5023 return 0;
5024 }
5025
5026
5027 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5028 struct ieee80211_ht_capabilities *htcaps,
5029 struct ieee80211_ht_capabilities *htcaps_mask,
5030 int tx_stbc)
5031 {
5032 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5033
5034 if (tx_stbc == -1)
5035 return 0;
5036
5037 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5038
5039 if (tx_stbc < 0 || tx_stbc > 1) {
5040 wpa_msg(wpa_s, MSG_ERROR,
5041 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5042 return -EINVAL;
5043 }
5044
5045 htcaps_mask->ht_capabilities_info |= msk;
5046 htcaps->ht_capabilities_info &= ~msk;
5047 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5048
5049 return 0;
5050 }
5051
5052
5053 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5054 struct ieee80211_ht_capabilities *htcaps,
5055 struct ieee80211_ht_capabilities *htcaps_mask,
5056 int rx_stbc)
5057 {
5058 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5059
5060 if (rx_stbc == -1)
5061 return 0;
5062
5063 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5064
5065 if (rx_stbc < 0 || rx_stbc > 3) {
5066 wpa_msg(wpa_s, MSG_ERROR,
5067 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5068 return -EINVAL;
5069 }
5070
5071 htcaps_mask->ht_capabilities_info |= msk;
5072 htcaps->ht_capabilities_info &= ~msk;
5073 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5074
5075 return 0;
5076 }
5077
5078
5079 void wpa_supplicant_apply_ht_overrides(
5080 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5081 struct wpa_driver_associate_params *params)
5082 {
5083 struct ieee80211_ht_capabilities *htcaps;
5084 struct ieee80211_ht_capabilities *htcaps_mask;
5085
5086 if (!ssid)
5087 return;
5088
5089 params->disable_ht = ssid->disable_ht;
5090 if (!params->htcaps || !params->htcaps_mask)
5091 return;
5092
5093 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5094 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5095 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5096 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5097 ssid->disable_max_amsdu);
5098 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5099 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5100 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
5101 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
5102 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
5103 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5104 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
5105
5106 if (ssid->ht40_intolerant) {
5107 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
5108 htcaps->ht_capabilities_info |= bit;
5109 htcaps_mask->ht_capabilities_info |= bit;
5110 }
5111 }
5112
5113 #endif /* CONFIG_HT_OVERRIDES */
5114
5115
5116 #ifdef CONFIG_VHT_OVERRIDES
5117 void wpa_supplicant_apply_vht_overrides(
5118 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5119 struct wpa_driver_associate_params *params)
5120 {
5121 struct ieee80211_vht_capabilities *vhtcaps;
5122 struct ieee80211_vht_capabilities *vhtcaps_mask;
5123
5124 if (!ssid)
5125 return;
5126
5127 params->disable_vht = ssid->disable_vht;
5128
5129 vhtcaps = (void *) params->vhtcaps;
5130 vhtcaps_mask = (void *) params->vhtcaps_mask;
5131
5132 if (!vhtcaps || !vhtcaps_mask)
5133 return;
5134
5135 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5136 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
5137
5138 #ifdef CONFIG_HT_OVERRIDES
5139 if (ssid->disable_sgi) {
5140 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5141 VHT_CAP_SHORT_GI_160);
5142 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5143 VHT_CAP_SHORT_GI_160);
5144 wpa_msg(wpa_s, MSG_DEBUG,
5145 "disable-sgi override specified, vht-caps: 0x%x",
5146 vhtcaps->vht_capabilities_info);
5147 }
5148
5149 /* if max ampdu is <= 3, we have to make the HT cap the same */
5150 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5151 int max_ampdu;
5152
5153 max_ampdu = (ssid->vht_capa &
5154 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5155 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
5156
5157 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5158 wpa_set_ampdu_factor(wpa_s,
5159 (void *) params->htcaps,
5160 (void *) params->htcaps_mask,
5161 max_ampdu);
5162 }
5163 #endif /* CONFIG_HT_OVERRIDES */
5164
5165 #define OVERRIDE_MCS(i) \
5166 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5167 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
5168 host_to_le16(3 << 2 * (i - 1)); \
5169 vhtcaps->vht_supported_mcs_set.tx_map |= \
5170 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5171 2 * (i - 1)); \
5172 } \
5173 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5174 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
5175 host_to_le16(3 << 2 * (i - 1)); \
5176 vhtcaps->vht_supported_mcs_set.rx_map |= \
5177 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5178 2 * (i - 1)); \
5179 }
5180
5181 OVERRIDE_MCS(1);
5182 OVERRIDE_MCS(2);
5183 OVERRIDE_MCS(3);
5184 OVERRIDE_MCS(4);
5185 OVERRIDE_MCS(5);
5186 OVERRIDE_MCS(6);
5187 OVERRIDE_MCS(7);
5188 OVERRIDE_MCS(8);
5189 }
5190 #endif /* CONFIG_VHT_OVERRIDES */
5191
5192
5193 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5194 {
5195 #ifdef PCSC_FUNCS
5196 size_t len;
5197
5198 if (!wpa_s->conf->pcsc_reader)
5199 return 0;
5200
5201 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
5202 if (!wpa_s->scard)
5203 return 1;
5204
5205 if (wpa_s->conf->pcsc_pin &&
5206 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5207 scard_deinit(wpa_s->scard);
5208 wpa_s->scard = NULL;
5209 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5210 return -1;
5211 }
5212
5213 len = sizeof(wpa_s->imsi) - 1;
5214 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5215 scard_deinit(wpa_s->scard);
5216 wpa_s->scard = NULL;
5217 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5218 return -1;
5219 }
5220 wpa_s->imsi[len] = '\0';
5221
5222 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5223
5224 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5225 wpa_s->imsi, wpa_s->mnc_len);
5226
5227 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5228 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5229 #endif /* PCSC_FUNCS */
5230
5231 return 0;
5232 }
5233
5234
5235 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5236 {
5237 char *val, *pos;
5238
5239 ext_password_deinit(wpa_s->ext_pw);
5240 wpa_s->ext_pw = NULL;
5241 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5242
5243 if (!wpa_s->conf->ext_password_backend)
5244 return 0;
5245
5246 val = os_strdup(wpa_s->conf->ext_password_backend);
5247 if (val == NULL)
5248 return -1;
5249 pos = os_strchr(val, ':');
5250 if (pos)
5251 *pos++ = '\0';
5252
5253 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5254
5255 wpa_s->ext_pw = ext_password_init(val, pos);
5256 os_free(val);
5257 if (wpa_s->ext_pw == NULL) {
5258 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5259 return -1;
5260 }
5261 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5262
5263 return 0;
5264 }
5265
5266
5267 #ifdef CONFIG_FST
5268
5269 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5270 {
5271 struct wpa_supplicant *wpa_s = ctx;
5272
5273 return (is_zero_ether_addr(wpa_s->bssid) ||
5274 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5275 }
5276
5277
5278 static void wpas_fst_get_channel_info_cb(void *ctx,
5279 enum hostapd_hw_mode *hw_mode,
5280 u8 *channel)
5281 {
5282 struct wpa_supplicant *wpa_s = ctx;
5283
5284 if (wpa_s->current_bss) {
5285 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5286 channel);
5287 } else if (wpa_s->hw.num_modes) {
5288 *hw_mode = wpa_s->hw.modes[0].mode;
5289 } else {
5290 WPA_ASSERT(0);
5291 *hw_mode = 0;
5292 }
5293 }
5294
5295
5296 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5297 {
5298 struct wpa_supplicant *wpa_s = ctx;
5299
5300 *modes = wpa_s->hw.modes;
5301 return wpa_s->hw.num_modes;
5302 }
5303
5304
5305 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
5306 {
5307 struct wpa_supplicant *wpa_s = ctx;
5308
5309 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
5310 wpa_s->fst_ies = fst_ies;
5311 }
5312
5313
5314 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5315 {
5316 struct wpa_supplicant *wpa_s = ctx;
5317
5318 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5319 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5320 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5321 return -1;
5322 }
5323 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5324 wpa_s->own_addr, wpa_s->bssid,
5325 wpabuf_head(data), wpabuf_len(data),
5326 0);
5327 }
5328
5329
5330 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
5331 {
5332 struct wpa_supplicant *wpa_s = ctx;
5333
5334 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5335 return wpa_s->received_mb_ies;
5336 }
5337
5338
5339 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5340 const u8 *buf, size_t size)
5341 {
5342 struct wpa_supplicant *wpa_s = ctx;
5343 struct mb_ies_info info;
5344
5345 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5346
5347 if (!mb_ies_info_by_ies(&info, buf, size)) {
5348 wpabuf_free(wpa_s->received_mb_ies);
5349 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5350 }
5351 }
5352
5353
5354 static const u8 * wpas_fst_get_peer_first(void *ctx,
5355 struct fst_get_peer_ctx **get_ctx,
5356 Boolean mb_only)
5357 {
5358 struct wpa_supplicant *wpa_s = ctx;
5359
5360 *get_ctx = NULL;
5361 if (!is_zero_ether_addr(wpa_s->bssid))
5362 return (wpa_s->received_mb_ies || !mb_only) ?
5363 wpa_s->bssid : NULL;
5364 return NULL;
5365 }
5366
5367
5368 static const u8 * wpas_fst_get_peer_next(void *ctx,
5369 struct fst_get_peer_ctx **get_ctx,
5370 Boolean mb_only)
5371 {
5372 return NULL;
5373 }
5374
5375 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5376 struct fst_wpa_obj *iface_obj)
5377 {
5378 iface_obj->ctx = wpa_s;
5379 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5380 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5381 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5382 iface_obj->set_ies = wpas_fst_set_ies_cb;
5383 iface_obj->send_action = wpas_fst_send_action_cb;
5384 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5385 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5386 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5387 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5388 }
5389 #endif /* CONFIG_FST */
5390
5391 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
5392 const struct wpa_driver_capa *capa)
5393 {
5394 struct wowlan_triggers *triggers;
5395 int ret = 0;
5396
5397 if (!wpa_s->conf->wowlan_triggers)
5398 return 0;
5399
5400 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5401 if (triggers) {
5402 ret = wpa_drv_wowlan(wpa_s, triggers);
5403 os_free(triggers);
5404 }
5405 return ret;
5406 }
5407
5408
5409 enum wpa_radio_work_band wpas_freq_to_band(int freq)
5410 {
5411 if (freq < 3000)
5412 return BAND_2_4_GHZ;
5413 if (freq > 50000)
5414 return BAND_60_GHZ;
5415 return BAND_5_GHZ;
5416 }
5417
5418
5419 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
5420 {
5421 int i;
5422 unsigned int band = 0;
5423
5424 if (freqs) {
5425 /* freqs are specified for the radio work */
5426 for (i = 0; freqs[i]; i++)
5427 band |= wpas_freq_to_band(freqs[i]);
5428 } else {
5429 /*
5430 * freqs are not specified, implies all
5431 * the supported freqs by HW
5432 */
5433 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5434 if (wpa_s->hw.modes[i].num_channels != 0) {
5435 if (wpa_s->hw.modes[i].mode ==
5436 HOSTAPD_MODE_IEEE80211B ||
5437 wpa_s->hw.modes[i].mode ==
5438 HOSTAPD_MODE_IEEE80211G)
5439 band |= BAND_2_4_GHZ;
5440 else if (wpa_s->hw.modes[i].mode ==
5441 HOSTAPD_MODE_IEEE80211A)
5442 band |= BAND_5_GHZ;
5443 else if (wpa_s->hw.modes[i].mode ==
5444 HOSTAPD_MODE_IEEE80211AD)
5445 band |= BAND_60_GHZ;
5446 else if (wpa_s->hw.modes[i].mode ==
5447 HOSTAPD_MODE_IEEE80211ANY)
5448 band = BAND_2_4_GHZ | BAND_5_GHZ |
5449 BAND_60_GHZ;
5450 }
5451 }
5452 }
5453
5454 return band;
5455 }
5456
5457
5458 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5459 const char *rn)
5460 {
5461 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5462 struct wpa_radio *radio;
5463
5464 while (rn && iface) {
5465 radio = iface->radio;
5466 if (radio && os_strcmp(rn, radio->name) == 0) {
5467 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5468 wpa_s->ifname, rn);
5469 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5470 return radio;
5471 }
5472
5473 iface = iface->next;
5474 }
5475
5476 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5477 wpa_s->ifname, rn ? rn : "N/A");
5478 radio = os_zalloc(sizeof(*radio));
5479 if (radio == NULL)
5480 return NULL;
5481
5482 if (rn)
5483 os_strlcpy(radio->name, rn, sizeof(radio->name));
5484 dl_list_init(&radio->ifaces);
5485 dl_list_init(&radio->work);
5486 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5487
5488 return radio;
5489 }
5490
5491
5492 static void radio_work_free(struct wpa_radio_work *work)
5493 {
5494 if (work->wpa_s->scan_work == work) {
5495 /* This should not really happen. */
5496 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5497 work->type, work, work->started);
5498 work->wpa_s->scan_work = NULL;
5499 }
5500
5501 #ifdef CONFIG_P2P
5502 if (work->wpa_s->p2p_scan_work == work) {
5503 /* This should not really happen. */
5504 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5505 work->type, work, work->started);
5506 work->wpa_s->p2p_scan_work = NULL;
5507 }
5508 #endif /* CONFIG_P2P */
5509
5510 if (work->started) {
5511 work->wpa_s->radio->num_active_works--;
5512 wpa_dbg(work->wpa_s, MSG_DEBUG,
5513 "radio_work_free('%s'@%p): num_active_works --> %u",
5514 work->type, work,
5515 work->wpa_s->radio->num_active_works);
5516 }
5517
5518 dl_list_del(&work->list);
5519 os_free(work);
5520 }
5521
5522
5523 static int radio_work_is_connect(struct wpa_radio_work *work)
5524 {
5525 return os_strcmp(work->type, "sme-connect") == 0 ||
5526 os_strcmp(work->type, "connect") == 0;
5527 }
5528
5529
5530 static int radio_work_is_scan(struct wpa_radio_work *work)
5531 {
5532 return os_strcmp(work->type, "scan") == 0 ||
5533 os_strcmp(work->type, "p2p-scan") == 0;
5534 }
5535
5536
5537 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5538 {
5539 struct wpa_radio_work *active_work = NULL;
5540 struct wpa_radio_work *tmp;
5541
5542 /* Get the active work to know the type and band. */
5543 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5544 if (tmp->started) {
5545 active_work = tmp;
5546 break;
5547 }
5548 }
5549
5550 if (!active_work) {
5551 /* No active work, start one */
5552 radio->num_active_works = 0;
5553 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5554 list) {
5555 if (os_strcmp(tmp->type, "scan") == 0 &&
5556 radio->external_scan_running &&
5557 (((struct wpa_driver_scan_params *)
5558 tmp->ctx)->only_new_results ||
5559 tmp->wpa_s->clear_driver_scan_cache))
5560 continue;
5561 return tmp;
5562 }
5563 return NULL;
5564 }
5565
5566 if (radio_work_is_connect(active_work)) {
5567 /*
5568 * If the active work is either connect or sme-connect,
5569 * do not parallelize them with other radio works.
5570 */
5571 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5572 "Do not parallelize radio work with %s",
5573 active_work->type);
5574 return NULL;
5575 }
5576
5577 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5578 if (tmp->started)
5579 continue;
5580
5581 /*
5582 * If connect or sme-connect are enqueued, parallelize only
5583 * those operations ahead of them in the queue.
5584 */
5585 if (radio_work_is_connect(tmp))
5586 break;
5587
5588 /* Serialize parallel scan and p2p_scan operations on the same
5589 * interface since the driver_nl80211 mechanism for tracking
5590 * scan cookies does not yet have support for this. */
5591 if (active_work->wpa_s == tmp->wpa_s &&
5592 radio_work_is_scan(active_work) &&
5593 radio_work_is_scan(tmp)) {
5594 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5595 "Do not start work '%s' when another work '%s' is already scheduled",
5596 tmp->type, active_work->type);
5597 continue;
5598 }
5599 /*
5600 * Check that the radio works are distinct and
5601 * on different bands.
5602 */
5603 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5604 (active_work->bands != tmp->bands)) {
5605 /*
5606 * If a scan has to be scheduled through nl80211 scan
5607 * interface and if an external scan is already running,
5608 * do not schedule the scan since it is likely to get
5609 * rejected by kernel.
5610 */
5611 if (os_strcmp(tmp->type, "scan") == 0 &&
5612 radio->external_scan_running &&
5613 (((struct wpa_driver_scan_params *)
5614 tmp->ctx)->only_new_results ||
5615 tmp->wpa_s->clear_driver_scan_cache))
5616 continue;
5617
5618 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5619 "active_work:%s new_work:%s",
5620 active_work->type, tmp->type);
5621 return tmp;
5622 }
5623 }
5624
5625 /* Did not find a radio work to schedule in parallel. */
5626 return NULL;
5627 }
5628
5629
5630 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5631 {
5632 struct wpa_radio *radio = eloop_ctx;
5633 struct wpa_radio_work *work;
5634 struct os_reltime now, diff;
5635 struct wpa_supplicant *wpa_s;
5636
5637 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
5638 if (work == NULL) {
5639 radio->num_active_works = 0;
5640 return;
5641 }
5642
5643 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5644 radio_list);
5645
5646 if (!(wpa_s &&
5647 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5648 if (work->started)
5649 return; /* already started and still in progress */
5650
5651 if (wpa_s && wpa_s->radio->external_scan_running) {
5652 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5653 return;
5654 }
5655 } else {
5656 work = NULL;
5657 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5658 /* get the work to schedule next */
5659 work = radio_work_get_next_work(radio);
5660 }
5661 if (!work)
5662 return;
5663 }
5664
5665 wpa_s = work->wpa_s;
5666 os_get_reltime(&now);
5667 os_reltime_sub(&now, &work->time, &diff);
5668 wpa_dbg(wpa_s, MSG_DEBUG,
5669 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5670 work->type, work, diff.sec, diff.usec);
5671 work->started = 1;
5672 work->time = now;
5673 radio->num_active_works++;
5674
5675 work->cb(work, 0);
5676
5677 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5678 radio->num_active_works < MAX_ACTIVE_WORKS)
5679 radio_work_check_next(wpa_s);
5680 }
5681
5682
5683 /*
5684 * This function removes both started and pending radio works running on
5685 * the provided interface's radio.
5686 * Prior to the removal of the radio work, its callback (cb) is called with
5687 * deinit set to be 1. Each work's callback is responsible for clearing its
5688 * internal data and restoring to a correct state.
5689 * @wpa_s: wpa_supplicant data
5690 * @type: type of works to be removed
5691 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5692 * this interface's works.
5693 */
5694 void radio_remove_works(struct wpa_supplicant *wpa_s,
5695 const char *type, int remove_all)
5696 {
5697 struct wpa_radio_work *work, *tmp;
5698 struct wpa_radio *radio = wpa_s->radio;
5699
5700 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5701 list) {
5702 if (type && os_strcmp(type, work->type) != 0)
5703 continue;
5704
5705 /* skip other ifaces' works */
5706 if (!remove_all && work->wpa_s != wpa_s)
5707 continue;
5708
5709 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5710 work->type, work, work->started ? " (started)" : "");
5711 work->cb(work, 1);
5712 radio_work_free(work);
5713 }
5714
5715 /* in case we removed the started work */
5716 radio_work_check_next(wpa_s);
5717 }
5718
5719
5720 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5721 {
5722 struct wpa_radio_work *work;
5723 struct wpa_radio *radio = wpa_s->radio;
5724
5725 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5726 if (work->ctx != ctx)
5727 continue;
5728 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5729 work->type, work, work->started ? " (started)" : "");
5730 radio_work_free(work);
5731 break;
5732 }
5733 }
5734
5735
5736 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5737 {
5738 struct wpa_radio *radio = wpa_s->radio;
5739
5740 if (!radio)
5741 return;
5742
5743 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5744 wpa_s->ifname, radio->name);
5745 dl_list_del(&wpa_s->radio_list);
5746 radio_remove_works(wpa_s, NULL, 0);
5747 wpa_s->radio = NULL;
5748 if (!dl_list_empty(&radio->ifaces))
5749 return; /* Interfaces remain for this radio */
5750
5751 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
5752 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5753 os_free(radio);
5754 }
5755
5756
5757 void radio_work_check_next(struct wpa_supplicant *wpa_s)
5758 {
5759 struct wpa_radio *radio = wpa_s->radio;
5760
5761 if (dl_list_empty(&radio->work))
5762 return;
5763 if (wpa_s->ext_work_in_progress) {
5764 wpa_printf(MSG_DEBUG,
5765 "External radio work in progress - delay start of pending item");
5766 return;
5767 }
5768 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5769 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5770 }
5771
5772
5773 /**
5774 * radio_add_work - Add a radio work item
5775 * @wpa_s: Pointer to wpa_supplicant data
5776 * @freq: Frequency of the offchannel operation in MHz or 0
5777 * @type: Unique identifier for each type of work
5778 * @next: Force as the next work to be executed
5779 * @cb: Callback function for indicating when radio is available
5780 * @ctx: Context pointer for the work (work->ctx in cb())
5781 * Returns: 0 on success, -1 on failure
5782 *
5783 * This function is used to request time for an operation that requires
5784 * exclusive radio control. Once the radio is available, the registered callback
5785 * function will be called. radio_work_done() must be called once the exclusive
5786 * radio operation has been completed, so that the radio is freed for other
5787 * operations. The special case of deinit=1 is used to free the context data
5788 * during interface removal. That does not allow the callback function to start
5789 * the radio operation, i.e., it must free any resources allocated for the radio
5790 * work and return.
5791 *
5792 * The @freq parameter can be used to indicate a single channel on which the
5793 * offchannel operation will occur. This may allow multiple radio work
5794 * operations to be performed in parallel if they apply for the same channel.
5795 * Setting this to 0 indicates that the work item may use multiple channels or
5796 * requires exclusive control of the radio.
5797 */
5798 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5799 const char *type, int next,
5800 void (*cb)(struct wpa_radio_work *work, int deinit),
5801 void *ctx)
5802 {
5803 struct wpa_radio *radio = wpa_s->radio;
5804 struct wpa_radio_work *work;
5805 int was_empty;
5806
5807 work = os_zalloc(sizeof(*work));
5808 if (work == NULL)
5809 return -1;
5810 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5811 os_get_reltime(&work->time);
5812 work->freq = freq;
5813 work->type = type;
5814 work->wpa_s = wpa_s;
5815 work->cb = cb;
5816 work->ctx = ctx;
5817
5818 if (freq)
5819 work->bands = wpas_freq_to_band(freq);
5820 else if (os_strcmp(type, "scan") == 0 ||
5821 os_strcmp(type, "p2p-scan") == 0)
5822 work->bands = wpas_get_bands(wpa_s,
5823 ((struct wpa_driver_scan_params *)
5824 ctx)->freqs);
5825 else
5826 work->bands = wpas_get_bands(wpa_s, NULL);
5827
5828 was_empty = dl_list_empty(&wpa_s->radio->work);
5829 if (next)
5830 dl_list_add(&wpa_s->radio->work, &work->list);
5831 else
5832 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5833 if (was_empty) {
5834 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5835 radio_work_check_next(wpa_s);
5836 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5837 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5838 wpa_dbg(wpa_s, MSG_DEBUG,
5839 "Try to schedule a radio work (num_active_works=%u)",
5840 radio->num_active_works);
5841 radio_work_check_next(wpa_s);
5842 }
5843
5844 return 0;
5845 }
5846
5847
5848 /**
5849 * radio_work_done - Indicate that a radio work item has been completed
5850 * @work: Completed work
5851 *
5852 * This function is called once the callback function registered with
5853 * radio_add_work() has completed its work.
5854 */
5855 void radio_work_done(struct wpa_radio_work *work)
5856 {
5857 struct wpa_supplicant *wpa_s = work->wpa_s;
5858 struct os_reltime now, diff;
5859 unsigned int started = work->started;
5860
5861 os_get_reltime(&now);
5862 os_reltime_sub(&now, &work->time, &diff);
5863 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5864 work->type, work, started ? "done" : "canceled",
5865 diff.sec, diff.usec);
5866 radio_work_free(work);
5867 if (started)
5868 radio_work_check_next(wpa_s);
5869 }
5870
5871
5872 struct wpa_radio_work *
5873 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
5874 {
5875 struct wpa_radio_work *work;
5876 struct wpa_radio *radio = wpa_s->radio;
5877
5878 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5879 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
5880 return work;
5881 }
5882
5883 return NULL;
5884 }
5885
5886
5887 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
5888 const struct wpa_interface *iface)
5889 {
5890 const char *ifname, *driver, *rn;
5891
5892 driver = iface->driver;
5893 next_driver:
5894 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5895 return -1;
5896
5897 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5898 if (wpa_s->drv_priv == NULL) {
5899 const char *pos;
5900 pos = driver ? os_strchr(driver, ',') : NULL;
5901 if (pos) {
5902 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5903 "driver interface - try next driver wrapper");
5904 driver = pos + 1;
5905 goto next_driver;
5906 }
5907 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5908 "interface");
5909 return -1;
5910 }
5911 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5912 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5913 "driver_param '%s'", wpa_s->conf->driver_param);
5914 return -1;
5915 }
5916
5917 ifname = wpa_drv_get_ifname(wpa_s);
5918 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5919 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5920 "interface name with '%s'", ifname);
5921 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5922 }
5923
5924 rn = wpa_driver_get_radio_name(wpa_s);
5925 if (rn && rn[0] == '\0')
5926 rn = NULL;
5927
5928 wpa_s->radio = radio_add_interface(wpa_s, rn);
5929 if (wpa_s->radio == NULL)
5930 return -1;
5931
5932 return 0;
5933 }
5934
5935
5936 #ifdef CONFIG_GAS_SERVER
5937
5938 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5939 unsigned int freq, const u8 *dst,
5940 const u8 *src, const u8 *bssid,
5941 const u8 *data, size_t data_len,
5942 enum offchannel_send_action_result result)
5943 {
5944 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5945 " result=%s",
5946 freq, MAC2STR(dst),
5947 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5948 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5949 "FAILED"));
5950 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5951 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5952 }
5953
5954
5955 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5956 struct wpabuf *buf, unsigned int wait_time)
5957 {
5958 struct wpa_supplicant *wpa_s = ctx;
5959 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5960
5961 if (wait_time > wpa_s->max_remain_on_chan)
5962 wait_time = wpa_s->max_remain_on_chan;
5963
5964 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5965 wpabuf_head(buf), wpabuf_len(buf),
5966 wait_time, wpas_gas_server_tx_status, 0);
5967 }
5968
5969 #endif /* CONFIG_GAS_SERVER */
5970
5971 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
5972 const struct wpa_interface *iface)
5973 {
5974 struct wpa_driver_capa capa;
5975 int capa_res;
5976 u8 dfs_domain;
5977
5978 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5979 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5980 iface->confname ? iface->confname : "N/A",
5981 iface->driver ? iface->driver : "default",
5982 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5983 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5984
5985 if (iface->confname) {
5986 #ifdef CONFIG_BACKEND_FILE
5987 wpa_s->confname = os_rel2abs_path(iface->confname);
5988 if (wpa_s->confname == NULL) {
5989 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5990 "for configuration file '%s'.",
5991 iface->confname);
5992 return -1;
5993 }
5994 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5995 iface->confname, wpa_s->confname);
5996 #else /* CONFIG_BACKEND_FILE */
5997 wpa_s->confname = os_strdup(iface->confname);
5998 #endif /* CONFIG_BACKEND_FILE */
5999 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6000 if (wpa_s->conf == NULL) {
6001 wpa_printf(MSG_ERROR, "Failed to read or parse "
6002 "configuration '%s'.", wpa_s->confname);
6003 return -1;
6004 }
6005 wpa_s->confanother = os_rel2abs_path(iface->confanother);
6006 if (wpa_s->confanother &&
6007 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6008 wpa_printf(MSG_ERROR,
6009 "Failed to read or parse configuration '%s'.",
6010 wpa_s->confanother);
6011 return -1;
6012 }
6013
6014 /*
6015 * Override ctrl_interface and driver_param if set on command
6016 * line.
6017 */
6018 if (iface->ctrl_interface) {
6019 os_free(wpa_s->conf->ctrl_interface);
6020 wpa_s->conf->ctrl_interface =
6021 os_strdup(iface->ctrl_interface);
6022 }
6023
6024 if (iface->driver_param) {
6025 os_free(wpa_s->conf->driver_param);
6026 wpa_s->conf->driver_param =
6027 os_strdup(iface->driver_param);
6028 }
6029
6030 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6031 os_free(wpa_s->conf->ctrl_interface);
6032 wpa_s->conf->ctrl_interface = NULL;
6033 }
6034 } else
6035 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6036 iface->driver_param);
6037
6038 if (wpa_s->conf == NULL) {
6039 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6040 return -1;
6041 }
6042
6043 if (iface->ifname == NULL) {
6044 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6045 return -1;
6046 }
6047 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6048 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6049 iface->ifname);
6050 return -1;
6051 }
6052 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6053
6054 if (iface->bridge_ifname) {
6055 if (os_strlen(iface->bridge_ifname) >=
6056 sizeof(wpa_s->bridge_ifname)) {
6057 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6058 "name '%s'.", iface->bridge_ifname);
6059 return -1;
6060 }
6061 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6062 sizeof(wpa_s->bridge_ifname));
6063 }
6064
6065 /* RSNA Supplicant Key Management - INITIALIZE */
6066 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
6067 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
6068
6069 /* Initialize driver interface and register driver event handler before
6070 * L2 receive handler so that association events are processed before
6071 * EAPOL-Key packets if both become available for the same select()
6072 * call. */
6073 if (wpas_init_driver(wpa_s, iface) < 0)
6074 return -1;
6075
6076 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6077 return -1;
6078
6079 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6080 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6081 NULL);
6082 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6083
6084 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6085 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6086 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
6087 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6088 "dot11RSNAConfigPMKLifetime");
6089 return -1;
6090 }
6091
6092 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6093 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6094 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
6095 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6096 "dot11RSNAConfigPMKReauthThreshold");
6097 return -1;
6098 }
6099
6100 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6101 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6102 wpa_s->conf->dot11RSNAConfigSATimeout)) {
6103 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6104 "dot11RSNAConfigSATimeout");
6105 return -1;
6106 }
6107
6108 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6109 &wpa_s->hw.num_modes,
6110 &wpa_s->hw.flags,
6111 &dfs_domain);
6112 if (wpa_s->hw.modes) {
6113 u16 i;
6114
6115 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6116 if (wpa_s->hw.modes[i].vht_capab) {
6117 wpa_s->hw_capab = CAPAB_VHT;
6118 break;
6119 }
6120
6121 if (wpa_s->hw.modes[i].ht_capab &
6122 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6123 wpa_s->hw_capab = CAPAB_HT40;
6124 else if (wpa_s->hw.modes[i].ht_capab &&
6125 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6126 wpa_s->hw_capab = CAPAB_HT;
6127 }
6128 }
6129
6130 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6131 if (capa_res == 0) {
6132 wpa_s->drv_capa_known = 1;
6133 wpa_s->drv_flags = capa.flags;
6134 wpa_s->drv_enc = capa.enc;
6135 wpa_s->drv_smps_modes = capa.smps_modes;
6136 wpa_s->drv_rrm_flags = capa.rrm_flags;
6137 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
6138 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6139 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
6140 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6141 wpa_s->max_sched_scan_plan_interval =
6142 capa.max_sched_scan_plan_interval;
6143 wpa_s->max_sched_scan_plan_iterations =
6144 capa.max_sched_scan_plan_iterations;
6145 wpa_s->sched_scan_supported = capa.sched_scan_supported;
6146 wpa_s->max_match_sets = capa.max_match_sets;
6147 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
6148 wpa_s->max_stations = capa.max_stations;
6149 wpa_s->extended_capa = capa.extended_capa;
6150 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6151 wpa_s->extended_capa_len = capa.extended_capa_len;
6152 wpa_s->num_multichan_concurrent =
6153 capa.num_multichan_concurrent;
6154 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
6155
6156 if (capa.mac_addr_rand_scan_supported)
6157 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6158 if (wpa_s->sched_scan_supported &&
6159 capa.mac_addr_rand_sched_scan_supported)
6160 wpa_s->mac_addr_rand_supported |=
6161 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
6162
6163 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6164 if (wpa_s->extended_capa &&
6165 wpa_s->extended_capa_len >= 3 &&
6166 wpa_s->extended_capa[2] & 0x40)
6167 wpa_s->multi_bss_support = 1;
6168 }
6169 if (wpa_s->max_remain_on_chan == 0)
6170 wpa_s->max_remain_on_chan = 1000;
6171
6172 /*
6173 * Only take p2p_mgmt parameters when P2P Device is supported.
6174 * Doing it here as it determines whether l2_packet_init() will be done
6175 * during wpa_supplicant_driver_init().
6176 */
6177 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6178 wpa_s->p2p_mgmt = iface->p2p_mgmt;
6179
6180 if (wpa_s->num_multichan_concurrent == 0)
6181 wpa_s->num_multichan_concurrent = 1;
6182
6183 if (wpa_supplicant_driver_init(wpa_s) < 0)
6184 return -1;
6185
6186 #ifdef CONFIG_TDLS
6187 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
6188 return -1;
6189 #endif /* CONFIG_TDLS */
6190
6191 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6192 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6193 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6194 return -1;
6195 }
6196
6197 #ifdef CONFIG_FST
6198 if (wpa_s->conf->fst_group_id) {
6199 struct fst_iface_cfg cfg;
6200 struct fst_wpa_obj iface_obj;
6201
6202 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6203 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6204 sizeof(cfg.group_id));
6205 cfg.priority = wpa_s->conf->fst_priority;
6206 cfg.llt = wpa_s->conf->fst_llt;
6207
6208 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6209 &iface_obj, &cfg);
6210 if (!wpa_s->fst) {
6211 wpa_msg(wpa_s, MSG_ERROR,
6212 "FST: Cannot attach iface %s to group %s",
6213 wpa_s->ifname, cfg.group_id);
6214 return -1;
6215 }
6216 }
6217 #endif /* CONFIG_FST */
6218
6219 if (wpas_wps_init(wpa_s))
6220 return -1;
6221
6222 #ifdef CONFIG_GAS_SERVER
6223 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6224 if (!wpa_s->gas_server) {
6225 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6226 return -1;
6227 }
6228 #endif /* CONFIG_GAS_SERVER */
6229
6230 #ifdef CONFIG_DPP
6231 if (wpas_dpp_init(wpa_s) < 0)
6232 return -1;
6233 #endif /* CONFIG_DPP */
6234
6235 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6236 return -1;
6237 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6238
6239 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6240 if (wpa_s->ctrl_iface == NULL) {
6241 wpa_printf(MSG_ERROR,
6242 "Failed to initialize control interface '%s'.\n"
6243 "You may have another wpa_supplicant process "
6244 "already running or the file was\n"
6245 "left by an unclean termination of wpa_supplicant "
6246 "in which case you will need\n"
6247 "to manually remove this file before starting "
6248 "wpa_supplicant again.\n",
6249 wpa_s->conf->ctrl_interface);
6250 return -1;
6251 }
6252
6253 wpa_s->gas = gas_query_init(wpa_s);
6254 if (wpa_s->gas == NULL) {
6255 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6256 return -1;
6257 }
6258
6259 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6260 wpa_s->p2p_mgmt) &&
6261 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
6262 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
6263 return -1;
6264 }
6265
6266 if (wpa_bss_init(wpa_s) < 0)
6267 return -1;
6268
6269 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6270 #ifdef CONFIG_MESH
6271 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6272 #endif /* CONFIG_MESH */
6273 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6274
6275 /*
6276 * Set Wake-on-WLAN triggers, if configured.
6277 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6278 * have effect anyway when the interface is down).
6279 */
6280 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6281 return -1;
6282
6283 #ifdef CONFIG_EAP_PROXY
6284 {
6285 size_t len;
6286 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6287 wpa_s->imsi, &len);
6288 if (wpa_s->mnc_len > 0) {
6289 wpa_s->imsi[len] = '\0';
6290 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6291 wpa_s->imsi, wpa_s->mnc_len);
6292 } else {
6293 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6294 }
6295 }
6296 #endif /* CONFIG_EAP_PROXY */
6297
6298 if (pcsc_reader_init(wpa_s) < 0)
6299 return -1;
6300
6301 if (wpas_init_ext_pw(wpa_s) < 0)
6302 return -1;
6303
6304 wpas_rrm_reset(wpa_s);
6305
6306 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6307
6308 #ifdef CONFIG_HS20
6309 hs20_init(wpa_s);
6310 #endif /* CONFIG_HS20 */
6311 #ifdef CONFIG_MBO
6312 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
6313 if ((wpa_s->conf->oce & OCE_STA) &&
6314 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6315 wpa_s->enable_oce = OCE_STA;
6316 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6317 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6318 /* TODO: Need to add STA-CFON support */
6319 wpa_printf(MSG_ERROR,
6320 "OCE STA-CFON feature is not yet supported");
6321 }
6322 }
6323 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6324 #endif /* CONFIG_MBO */
6325
6326 wpa_supplicant_set_default_scan_ies(wpa_s);
6327
6328 return 0;
6329 }
6330
6331
6332 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
6333 int notify, int terminate)
6334 {
6335 struct wpa_global *global = wpa_s->global;
6336 struct wpa_supplicant *iface, *prev;
6337
6338 if (wpa_s == wpa_s->parent)
6339 wpas_p2p_group_remove(wpa_s, "*");
6340
6341 iface = global->ifaces;
6342 while (iface) {
6343 if (iface->p2pdev == wpa_s)
6344 iface->p2pdev = iface->parent;
6345 if (iface == wpa_s || iface->parent != wpa_s) {
6346 iface = iface->next;
6347 continue;
6348 }
6349 wpa_printf(MSG_DEBUG,
6350 "Remove remaining child interface %s from parent %s",
6351 iface->ifname, wpa_s->ifname);
6352 prev = iface;
6353 iface = iface->next;
6354 wpa_supplicant_remove_iface(global, prev, terminate);
6355 }
6356
6357 wpa_s->disconnected = 1;
6358 if (wpa_s->drv_priv) {
6359 /* Don't deauthenticate if WoWLAN is enabled */
6360 if (!wpa_drv_get_wowlan(wpa_s)) {
6361 wpa_supplicant_deauthenticate(
6362 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6363
6364 wpa_drv_set_countermeasures(wpa_s, 0);
6365 wpa_clear_keys(wpa_s, NULL);
6366 } else {
6367 wpa_msg(wpa_s, MSG_INFO,
6368 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6369 }
6370 }
6371
6372 wpa_supplicant_cleanup(wpa_s);
6373 wpas_p2p_deinit_iface(wpa_s);
6374
6375 wpas_ctrl_radio_work_flush(wpa_s);
6376 radio_remove_interface(wpa_s);
6377
6378 #ifdef CONFIG_FST
6379 if (wpa_s->fst) {
6380 fst_detach(wpa_s->fst);
6381 wpa_s->fst = NULL;
6382 }
6383 if (wpa_s->received_mb_ies) {
6384 wpabuf_free(wpa_s->received_mb_ies);
6385 wpa_s->received_mb_ies = NULL;
6386 }
6387 #endif /* CONFIG_FST */
6388
6389 if (wpa_s->drv_priv)
6390 wpa_drv_deinit(wpa_s);
6391
6392 if (notify)
6393 wpas_notify_iface_removed(wpa_s);
6394
6395 if (terminate)
6396 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6397
6398 if (wpa_s->ctrl_iface) {
6399 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
6400 wpa_s->ctrl_iface = NULL;
6401 }
6402
6403 #ifdef CONFIG_MESH
6404 if (wpa_s->ifmsh) {
6405 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
6406 wpa_s->ifmsh = NULL;
6407 }
6408 #endif /* CONFIG_MESH */
6409
6410 if (wpa_s->conf != NULL) {
6411 wpa_config_free(wpa_s->conf);
6412 wpa_s->conf = NULL;
6413 }
6414
6415 os_free(wpa_s->ssids_from_scan_req);
6416 os_free(wpa_s->last_scan_freqs);
6417
6418 os_free(wpa_s);
6419 }
6420
6421
6422 #ifdef CONFIG_MATCH_IFACE
6423
6424 /**
6425 * wpa_supplicant_match_iface - Match an interface description to a name
6426 * @global: Pointer to global data from wpa_supplicant_init()
6427 * @ifname: Name of the interface to match
6428 * Returns: Pointer to the created interface description or %NULL on failure
6429 */
6430 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6431 const char *ifname)
6432 {
6433 int i;
6434 struct wpa_interface *iface, *miface;
6435
6436 for (i = 0; i < global->params.match_iface_count; i++) {
6437 miface = &global->params.match_ifaces[i];
6438 if (!miface->ifname ||
6439 fnmatch(miface->ifname, ifname, 0) == 0) {
6440 iface = os_zalloc(sizeof(*iface));
6441 if (!iface)
6442 return NULL;
6443 *iface = *miface;
6444 iface->ifname = ifname;
6445 return iface;
6446 }
6447 }
6448
6449 return NULL;
6450 }
6451
6452
6453 /**
6454 * wpa_supplicant_match_existing - Match existing interfaces
6455 * @global: Pointer to global data from wpa_supplicant_init()
6456 * Returns: 0 on success, -1 on failure
6457 */
6458 static int wpa_supplicant_match_existing(struct wpa_global *global)
6459 {
6460 struct if_nameindex *ifi, *ifp;
6461 struct wpa_supplicant *wpa_s;
6462 struct wpa_interface *iface;
6463
6464 ifp = if_nameindex();
6465 if (!ifp) {
6466 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6467 return -1;
6468 }
6469
6470 for (ifi = ifp; ifi->if_name; ifi++) {
6471 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6472 if (wpa_s)
6473 continue;
6474 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6475 if (iface) {
6476 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
6477 os_free(iface);
6478 if (wpa_s)
6479 wpa_s->matched = 1;
6480 }
6481 }
6482
6483 if_freenameindex(ifp);
6484 return 0;
6485 }
6486
6487 #endif /* CONFIG_MATCH_IFACE */
6488
6489
6490 /**
6491 * wpa_supplicant_add_iface - Add a new network interface
6492 * @global: Pointer to global data from wpa_supplicant_init()
6493 * @iface: Interface configuration options
6494 * @parent: Parent interface or %NULL to assign new interface as parent
6495 * Returns: Pointer to the created interface or %NULL on failure
6496 *
6497 * This function is used to add new network interfaces for %wpa_supplicant.
6498 * This can be called before wpa_supplicant_run() to add interfaces before the
6499 * main event loop has been started. In addition, new interfaces can be added
6500 * dynamically while %wpa_supplicant is already running. This could happen,
6501 * e.g., when a hotplug network adapter is inserted.
6502 */
6503 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
6504 struct wpa_interface *iface,
6505 struct wpa_supplicant *parent)
6506 {
6507 struct wpa_supplicant *wpa_s;
6508 struct wpa_interface t_iface;
6509 struct wpa_ssid *ssid;
6510
6511 if (global == NULL || iface == NULL)
6512 return NULL;
6513
6514 wpa_s = wpa_supplicant_alloc(parent);
6515 if (wpa_s == NULL)
6516 return NULL;
6517
6518 wpa_s->global = global;
6519
6520 t_iface = *iface;
6521 if (global->params.override_driver) {
6522 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6523 "('%s' -> '%s')",
6524 iface->driver, global->params.override_driver);
6525 t_iface.driver = global->params.override_driver;
6526 }
6527 if (global->params.override_ctrl_interface) {
6528 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6529 "ctrl_interface ('%s' -> '%s')",
6530 iface->ctrl_interface,
6531 global->params.override_ctrl_interface);
6532 t_iface.ctrl_interface =
6533 global->params.override_ctrl_interface;
6534 }
6535 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6536 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6537 iface->ifname);
6538 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6539 return NULL;
6540 }
6541
6542 if (iface->p2p_mgmt == 0) {
6543 /* Notify the control interfaces about new iface */
6544 if (wpas_notify_iface_added(wpa_s)) {
6545 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6546 return NULL;
6547 }
6548
6549 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6550 wpas_notify_network_added(wpa_s, ssid);
6551 }
6552
6553 wpa_s->next = global->ifaces;
6554 global->ifaces = wpa_s;
6555
6556 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
6557 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6558
6559 #ifdef CONFIG_P2P
6560 if (wpa_s->global->p2p == NULL &&
6561 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
6562 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
6563 wpas_p2p_add_p2pdev_interface(
6564 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
6565 wpa_printf(MSG_INFO,
6566 "P2P: Failed to enable P2P Device interface");
6567 /* Try to continue without. P2P will be disabled. */
6568 }
6569 #endif /* CONFIG_P2P */
6570
6571 return wpa_s;
6572 }
6573
6574
6575 /**
6576 * wpa_supplicant_remove_iface - Remove a network interface
6577 * @global: Pointer to global data from wpa_supplicant_init()
6578 * @wpa_s: Pointer to the network interface to be removed
6579 * Returns: 0 if interface was removed, -1 if interface was not found
6580 *
6581 * This function can be used to dynamically remove network interfaces from
6582 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6583 * addition, this function is used to remove all remaining interfaces when
6584 * %wpa_supplicant is terminated.
6585 */
6586 int wpa_supplicant_remove_iface(struct wpa_global *global,
6587 struct wpa_supplicant *wpa_s,
6588 int terminate)
6589 {
6590 struct wpa_supplicant *prev;
6591 #ifdef CONFIG_MESH
6592 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6593 char *ifname = NULL;
6594 struct wpa_supplicant *parent = wpa_s->parent;
6595 #endif /* CONFIG_MESH */
6596
6597 /* Remove interface from the global list of interfaces */
6598 prev = global->ifaces;
6599 if (prev == wpa_s) {
6600 global->ifaces = wpa_s->next;
6601 } else {
6602 while (prev && prev->next != wpa_s)
6603 prev = prev->next;
6604 if (prev == NULL)
6605 return -1;
6606 prev->next = wpa_s->next;
6607 }
6608
6609 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6610
6611 #ifdef CONFIG_MESH
6612 if (mesh_if_created) {
6613 ifname = os_strdup(wpa_s->ifname);
6614 if (ifname == NULL) {
6615 wpa_dbg(wpa_s, MSG_ERROR,
6616 "mesh: Failed to malloc ifname");
6617 return -1;
6618 }
6619 }
6620 #endif /* CONFIG_MESH */
6621
6622 if (global->p2p_group_formation == wpa_s)
6623 global->p2p_group_formation = NULL;
6624 if (global->p2p_invite_group == wpa_s)
6625 global->p2p_invite_group = NULL;
6626 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6627
6628 #ifdef CONFIG_MESH
6629 if (mesh_if_created) {
6630 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
6631 os_free(ifname);
6632 }
6633 #endif /* CONFIG_MESH */
6634
6635 return 0;
6636 }
6637
6638
6639 /**
6640 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6641 * @wpa_s: Pointer to the network interface
6642 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6643 */
6644 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
6645 {
6646 const char *eapol_method;
6647
6648 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
6649 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
6650 return "NO-EAP";
6651 }
6652
6653 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
6654 if (eapol_method == NULL)
6655 return "UNKNOWN-EAP";
6656
6657 return eapol_method;
6658 }
6659
6660
6661 /**
6662 * wpa_supplicant_get_iface - Get a new network interface
6663 * @global: Pointer to global data from wpa_supplicant_init()
6664 * @ifname: Interface name
6665 * Returns: Pointer to the interface or %NULL if not found
6666 */
6667 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
6668 const char *ifname)
6669 {
6670 struct wpa_supplicant *wpa_s;
6671
6672 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6673 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6674 return wpa_s;
6675 }
6676 return NULL;
6677 }
6678
6679
6680 #ifndef CONFIG_NO_WPA_MSG
6681 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6682 {
6683 struct wpa_supplicant *wpa_s = ctx;
6684 if (wpa_s == NULL)
6685 return NULL;
6686 return wpa_s->ifname;
6687 }
6688 #endif /* CONFIG_NO_WPA_MSG */
6689
6690
6691 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6692 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6693 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6694
6695 /* Periodic cleanup tasks */
6696 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6697 {
6698 struct wpa_global *global = eloop_ctx;
6699 struct wpa_supplicant *wpa_s;
6700
6701 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6702 wpas_periodic, global, NULL);
6703
6704 #ifdef CONFIG_P2P
6705 if (global->p2p)
6706 p2p_expire_peers(global->p2p);
6707 #endif /* CONFIG_P2P */
6708
6709 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6710 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
6711 #ifdef CONFIG_AP
6712 ap_periodic(wpa_s);
6713 #endif /* CONFIG_AP */
6714 }
6715 }
6716
6717
6718 /**
6719 * wpa_supplicant_init - Initialize %wpa_supplicant
6720 * @params: Parameters for %wpa_supplicant
6721 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6722 *
6723 * This function is used to initialize %wpa_supplicant. After successful
6724 * initialization, the returned data pointer can be used to add and remove
6725 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6726 */
6727 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6728 {
6729 struct wpa_global *global;
6730 int ret, i;
6731
6732 if (params == NULL)
6733 return NULL;
6734
6735 #ifdef CONFIG_DRIVER_NDIS
6736 {
6737 void driver_ndis_init_ops(void);
6738 driver_ndis_init_ops();
6739 }
6740 #endif /* CONFIG_DRIVER_NDIS */
6741
6742 #ifndef CONFIG_NO_WPA_MSG
6743 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
6744 #endif /* CONFIG_NO_WPA_MSG */
6745
6746 if (params->wpa_debug_file_path)
6747 wpa_debug_open_file(params->wpa_debug_file_path);
6748 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
6749 wpa_debug_setup_stdout();
6750 if (params->wpa_debug_syslog)
6751 wpa_debug_open_syslog();
6752 if (params->wpa_debug_tracing) {
6753 ret = wpa_debug_open_linux_tracing();
6754 if (ret) {
6755 wpa_printf(MSG_ERROR,
6756 "Failed to enable trace logging");
6757 return NULL;
6758 }
6759 }
6760
6761 ret = eap_register_methods();
6762 if (ret) {
6763 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6764 if (ret == -2)
6765 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6766 "the same EAP type.");
6767 return NULL;
6768 }
6769
6770 global = os_zalloc(sizeof(*global));
6771 if (global == NULL)
6772 return NULL;
6773 dl_list_init(&global->p2p_srv_bonjour);
6774 dl_list_init(&global->p2p_srv_upnp);
6775 global->params.daemonize = params->daemonize;
6776 global->params.wait_for_monitor = params->wait_for_monitor;
6777 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6778 if (params->pid_file)
6779 global->params.pid_file = os_strdup(params->pid_file);
6780 if (params->ctrl_interface)
6781 global->params.ctrl_interface =
6782 os_strdup(params->ctrl_interface);
6783 if (params->ctrl_interface_group)
6784 global->params.ctrl_interface_group =
6785 os_strdup(params->ctrl_interface_group);
6786 if (params->override_driver)
6787 global->params.override_driver =
6788 os_strdup(params->override_driver);
6789 if (params->override_ctrl_interface)
6790 global->params.override_ctrl_interface =
6791 os_strdup(params->override_ctrl_interface);
6792 #ifdef CONFIG_MATCH_IFACE
6793 global->params.match_iface_count = params->match_iface_count;
6794 if (params->match_iface_count) {
6795 global->params.match_ifaces =
6796 os_calloc(params->match_iface_count,
6797 sizeof(struct wpa_interface));
6798 os_memcpy(global->params.match_ifaces,
6799 params->match_ifaces,
6800 params->match_iface_count *
6801 sizeof(struct wpa_interface));
6802 }
6803 #endif /* CONFIG_MATCH_IFACE */
6804 #ifdef CONFIG_P2P
6805 if (params->conf_p2p_dev)
6806 global->params.conf_p2p_dev =
6807 os_strdup(params->conf_p2p_dev);
6808 #endif /* CONFIG_P2P */
6809 wpa_debug_level = global->params.wpa_debug_level =
6810 params->wpa_debug_level;
6811 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6812 params->wpa_debug_show_keys;
6813 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6814 params->wpa_debug_timestamp;
6815
6816 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6817
6818 if (eloop_init()) {
6819 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6820 wpa_supplicant_deinit(global);
6821 return NULL;
6822 }
6823
6824 random_init(params->entropy_file);
6825
6826 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6827 if (global->ctrl_iface == NULL) {
6828 wpa_supplicant_deinit(global);
6829 return NULL;
6830 }
6831
6832 if (wpas_notify_supplicant_initialized(global)) {
6833 wpa_supplicant_deinit(global);
6834 return NULL;
6835 }
6836
6837 for (i = 0; wpa_drivers[i]; i++)
6838 global->drv_count++;
6839 if (global->drv_count == 0) {
6840 wpa_printf(MSG_ERROR, "No drivers enabled");
6841 wpa_supplicant_deinit(global);
6842 return NULL;
6843 }
6844 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
6845 if (global->drv_priv == NULL) {
6846 wpa_supplicant_deinit(global);
6847 return NULL;
6848 }
6849
6850 #ifdef CONFIG_WIFI_DISPLAY
6851 if (wifi_display_init(global) < 0) {
6852 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6853 wpa_supplicant_deinit(global);
6854 return NULL;
6855 }
6856 #endif /* CONFIG_WIFI_DISPLAY */
6857
6858 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6859 wpas_periodic, global, NULL);
6860
6861 return global;
6862 }
6863
6864
6865 /**
6866 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6867 * @global: Pointer to global data from wpa_supplicant_init()
6868 * Returns: 0 after successful event loop run, -1 on failure
6869 *
6870 * This function starts the main event loop and continues running as long as
6871 * there are any remaining events. In most cases, this function is running as
6872 * long as the %wpa_supplicant process in still in use.
6873 */
6874 int wpa_supplicant_run(struct wpa_global *global)
6875 {
6876 struct wpa_supplicant *wpa_s;
6877
6878 if (global->params.daemonize &&
6879 (wpa_supplicant_daemon(global->params.pid_file) ||
6880 eloop_sock_requeue()))
6881 return -1;
6882
6883 #ifdef CONFIG_MATCH_IFACE
6884 if (wpa_supplicant_match_existing(global))
6885 return -1;
6886 #endif
6887
6888 if (global->params.wait_for_monitor) {
6889 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
6890 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6891 wpa_supplicant_ctrl_iface_wait(
6892 wpa_s->ctrl_iface);
6893 }
6894
6895 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6896 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6897
6898 eloop_run();
6899
6900 return 0;
6901 }
6902
6903
6904 /**
6905 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6906 * @global: Pointer to global data from wpa_supplicant_init()
6907 *
6908 * This function is called to deinitialize %wpa_supplicant and to free all
6909 * allocated resources. Remaining network interfaces will also be removed.
6910 */
6911 void wpa_supplicant_deinit(struct wpa_global *global)
6912 {
6913 int i;
6914
6915 if (global == NULL)
6916 return;
6917
6918 eloop_cancel_timeout(wpas_periodic, global, NULL);
6919
6920 #ifdef CONFIG_WIFI_DISPLAY
6921 wifi_display_deinit(global);
6922 #endif /* CONFIG_WIFI_DISPLAY */
6923
6924 while (global->ifaces)
6925 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6926
6927 if (global->ctrl_iface)
6928 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
6929
6930 wpas_notify_supplicant_deinitialized(global);
6931
6932 eap_peer_unregister_methods();
6933 #ifdef CONFIG_AP
6934 eap_server_unregister_methods();
6935 #endif /* CONFIG_AP */
6936
6937 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
6938 if (!global->drv_priv[i])
6939 continue;
6940 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
6941 }
6942 os_free(global->drv_priv);
6943
6944 random_deinit();
6945
6946 eloop_destroy();
6947
6948 if (global->params.pid_file) {
6949 os_daemonize_terminate(global->params.pid_file);
6950 os_free(global->params.pid_file);
6951 }
6952 os_free(global->params.ctrl_interface);
6953 os_free(global->params.ctrl_interface_group);
6954 os_free(global->params.override_driver);
6955 os_free(global->params.override_ctrl_interface);
6956 #ifdef CONFIG_MATCH_IFACE
6957 os_free(global->params.match_ifaces);
6958 #endif /* CONFIG_MATCH_IFACE */
6959 #ifdef CONFIG_P2P
6960 os_free(global->params.conf_p2p_dev);
6961 #endif /* CONFIG_P2P */
6962
6963 os_free(global->p2p_disallow_freq.range);
6964 os_free(global->p2p_go_avoid_freq.range);
6965 os_free(global->add_psk);
6966
6967 os_free(global);
6968 wpa_debug_close_syslog();
6969 wpa_debug_close_file();
6970 wpa_debug_close_linux_tracing();
6971 }
6972
6973
6974 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6975 {
6976 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6977 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6978 char country[3];
6979 country[0] = wpa_s->conf->country[0];
6980 country[1] = wpa_s->conf->country[1];
6981 country[2] = '\0';
6982 if (wpa_drv_set_country(wpa_s, country) < 0) {
6983 wpa_printf(MSG_ERROR, "Failed to set country code "
6984 "'%s'", country);
6985 }
6986 }
6987
6988 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6989 wpas_init_ext_pw(wpa_s);
6990
6991 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6992 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6993
6994 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6995 struct wpa_driver_capa capa;
6996 int res = wpa_drv_get_capa(wpa_s, &capa);
6997
6998 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6999 wpa_printf(MSG_ERROR,
7000 "Failed to update wowlan_triggers to '%s'",
7001 wpa_s->conf->wowlan_triggers);
7002 }
7003
7004 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7005 wpa_supplicant_set_default_scan_ies(wpa_s);
7006
7007 #ifdef CONFIG_WPS
7008 wpas_wps_update_config(wpa_s);
7009 #endif /* CONFIG_WPS */
7010 wpas_p2p_update_config(wpa_s);
7011 wpa_s->conf->changed_parameters = 0;
7012 }
7013
7014
7015 void add_freq(int *freqs, int *num_freqs, int freq)
7016 {
7017 int i;
7018
7019 for (i = 0; i < *num_freqs; i++) {
7020 if (freqs[i] == freq)
7021 return;
7022 }
7023
7024 freqs[*num_freqs] = freq;
7025 (*num_freqs)++;
7026 }
7027
7028
7029 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7030 {
7031 struct wpa_bss *bss, *cbss;
7032 const int max_freqs = 10;
7033 int *freqs;
7034 int num_freqs = 0;
7035
7036 freqs = os_calloc(max_freqs + 1, sizeof(int));
7037 if (freqs == NULL)
7038 return NULL;
7039
7040 cbss = wpa_s->current_bss;
7041
7042 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7043 if (bss == cbss)
7044 continue;
7045 if (bss->ssid_len == cbss->ssid_len &&
7046 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7047 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
7048 add_freq(freqs, &num_freqs, bss->freq);
7049 if (num_freqs == max_freqs)
7050 break;
7051 }
7052 }
7053
7054 if (num_freqs == 0) {
7055 os_free(freqs);
7056 freqs = NULL;
7057 }
7058
7059 return freqs;
7060 }
7061
7062
7063 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7064 {
7065 int timeout;
7066 int count;
7067 int *freqs = NULL;
7068
7069 wpas_connect_work_done(wpa_s);
7070
7071 /*
7072 * Remove possible authentication timeout since the connection failed.
7073 */
7074 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7075
7076 /*
7077 * There is no point in blacklisting the AP if this event is
7078 * generated based on local request to disconnect.
7079 */
7080 if (wpa_s->own_disconnect_req) {
7081 wpa_s->own_disconnect_req = 0;
7082 wpa_dbg(wpa_s, MSG_DEBUG,
7083 "Ignore connection failure due to local request to disconnect");
7084 return;
7085 }
7086 if (wpa_s->disconnected) {
7087 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7088 "indication since interface has been put into "
7089 "disconnected state");
7090 return;
7091 }
7092
7093 /*
7094 * Add the failed BSSID into the blacklist and speed up next scan
7095 * attempt if there could be other APs that could accept association.
7096 * The current blacklist count indicates how many times we have tried
7097 * connecting to this AP and multiple attempts mean that other APs are
7098 * either not available or has already been tried, so that we can start
7099 * increasing the delay here to avoid constant scanning.
7100 */
7101 count = wpa_blacklist_add(wpa_s, bssid);
7102 if (count == 1 && wpa_s->current_bss) {
7103 /*
7104 * This BSS was not in the blacklist before. If there is
7105 * another BSS available for the same ESS, we should try that
7106 * next. Otherwise, we may as well try this one once more
7107 * before allowing other, likely worse, ESSes to be considered.
7108 */
7109 freqs = get_bss_freqs_in_ess(wpa_s);
7110 if (freqs) {
7111 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7112 "has been seen; try it next");
7113 wpa_blacklist_add(wpa_s, bssid);
7114 /*
7115 * On the next scan, go through only the known channels
7116 * used in this ESS based on previous scans to speed up
7117 * common load balancing use case.
7118 */
7119 os_free(wpa_s->next_scan_freqs);
7120 wpa_s->next_scan_freqs = freqs;
7121 }
7122 }
7123
7124 /*
7125 * Add previous failure count in case the temporary blacklist was
7126 * cleared due to no other BSSes being available.
7127 */
7128 count += wpa_s->extra_blacklist_count;
7129
7130 if (count > 3 && wpa_s->current_ssid) {
7131 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7132 "consider temporary network disabling");
7133 wpas_auth_failed(wpa_s, "CONN_FAILED");
7134 }
7135
7136 switch (count) {
7137 case 1:
7138 timeout = 100;
7139 break;
7140 case 2:
7141 timeout = 500;
7142 break;
7143 case 3:
7144 timeout = 1000;
7145 break;
7146 case 4:
7147 timeout = 5000;
7148 break;
7149 default:
7150 timeout = 10000;
7151 break;
7152 }
7153
7154 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
7155 "ms", count, timeout);
7156
7157 /*
7158 * TODO: if more than one possible AP is available in scan results,
7159 * could try the other ones before requesting a new scan.
7160 */
7161
7162 /* speed up the connection attempt with normal scan */
7163 wpa_s->normal_scans = 0;
7164 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7165 1000 * (timeout % 1000));
7166 }
7167
7168
7169 #ifdef CONFIG_FILS
7170 void fils_connection_failure(struct wpa_supplicant *wpa_s)
7171 {
7172 struct wpa_ssid *ssid = wpa_s->current_ssid;
7173 const u8 *realm, *username, *rrk;
7174 size_t realm_len, username_len, rrk_len;
7175 u16 next_seq_num;
7176
7177 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7178 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7179 &username, &username_len,
7180 &realm, &realm_len, &next_seq_num,
7181 &rrk, &rrk_len) != 0 ||
7182 !realm)
7183 return;
7184
7185 wpa_hexdump_ascii(MSG_DEBUG,
7186 "FILS: Store last connection failure realm",
7187 realm, realm_len);
7188 os_free(wpa_s->last_con_fail_realm);
7189 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7190 if (wpa_s->last_con_fail_realm) {
7191 wpa_s->last_con_fail_realm_len = realm_len;
7192 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7193 }
7194 }
7195 #endif /* CONFIG_FILS */
7196
7197
7198 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7199 {
7200 return wpa_s->conf->ap_scan == 2 ||
7201 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7202 }
7203
7204
7205 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
7206 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7207 struct wpa_ssid *ssid,
7208 const char *field,
7209 const char *value)
7210 {
7211 #ifdef IEEE8021X_EAPOL
7212 struct eap_peer_config *eap = &ssid->eap;
7213
7214 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7215 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7216 (const u8 *) value, os_strlen(value));
7217
7218 switch (wpa_supplicant_ctrl_req_from_string(field)) {
7219 case WPA_CTRL_REQ_EAP_IDENTITY:
7220 os_free(eap->identity);
7221 eap->identity = (u8 *) os_strdup(value);
7222 eap->identity_len = os_strlen(value);
7223 eap->pending_req_identity = 0;
7224 if (ssid == wpa_s->current_ssid)
7225 wpa_s->reassociate = 1;
7226 break;
7227 case WPA_CTRL_REQ_EAP_PASSWORD:
7228 bin_clear_free(eap->password, eap->password_len);
7229 eap->password = (u8 *) os_strdup(value);
7230 eap->password_len = os_strlen(value);
7231 eap->pending_req_password = 0;
7232 if (ssid == wpa_s->current_ssid)
7233 wpa_s->reassociate = 1;
7234 break;
7235 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
7236 bin_clear_free(eap->new_password, eap->new_password_len);
7237 eap->new_password = (u8 *) os_strdup(value);
7238 eap->new_password_len = os_strlen(value);
7239 eap->pending_req_new_password = 0;
7240 if (ssid == wpa_s->current_ssid)
7241 wpa_s->reassociate = 1;
7242 break;
7243 case WPA_CTRL_REQ_EAP_PIN:
7244 str_clear_free(eap->cert.pin);
7245 eap->cert.pin = os_strdup(value);
7246 eap->pending_req_pin = 0;
7247 if (ssid == wpa_s->current_ssid)
7248 wpa_s->reassociate = 1;
7249 break;
7250 case WPA_CTRL_REQ_EAP_OTP:
7251 bin_clear_free(eap->otp, eap->otp_len);
7252 eap->otp = (u8 *) os_strdup(value);
7253 eap->otp_len = os_strlen(value);
7254 os_free(eap->pending_req_otp);
7255 eap->pending_req_otp = NULL;
7256 eap->pending_req_otp_len = 0;
7257 break;
7258 case WPA_CTRL_REQ_EAP_PASSPHRASE:
7259 str_clear_free(eap->cert.private_key_passwd);
7260 eap->cert.private_key_passwd = os_strdup(value);
7261 eap->pending_req_passphrase = 0;
7262 if (ssid == wpa_s->current_ssid)
7263 wpa_s->reassociate = 1;
7264 break;
7265 case WPA_CTRL_REQ_SIM:
7266 str_clear_free(eap->external_sim_resp);
7267 eap->external_sim_resp = os_strdup(value);
7268 eap->pending_req_sim = 0;
7269 break;
7270 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7271 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7272 return -1;
7273 ssid->mem_only_psk = 1;
7274 if (ssid->passphrase)
7275 wpa_config_update_psk(ssid);
7276 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7277 wpa_supplicant_req_scan(wpa_s, 0, 0);
7278 break;
7279 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7280 if (eap->pending_ext_cert_check != PENDING_CHECK)
7281 return -1;
7282 if (os_strcmp(value, "good") == 0)
7283 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7284 else if (os_strcmp(value, "bad") == 0)
7285 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7286 else
7287 return -1;
7288 break;
7289 default:
7290 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
7291 return -1;
7292 }
7293
7294 return 0;
7295 #else /* IEEE8021X_EAPOL */
7296 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7297 return -1;
7298 #endif /* IEEE8021X_EAPOL */
7299 }
7300 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
7301
7302
7303 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7304 {
7305 int i;
7306 unsigned int drv_enc;
7307
7308 if (wpa_s->p2p_mgmt)
7309 return 1; /* no normal network profiles on p2p_mgmt interface */
7310
7311 if (ssid == NULL)
7312 return 1;
7313
7314 if (ssid->disabled)
7315 return 1;
7316
7317 if (wpa_s->drv_capa_known)
7318 drv_enc = wpa_s->drv_enc;
7319 else
7320 drv_enc = (unsigned int) -1;
7321
7322 for (i = 0; i < NUM_WEP_KEYS; i++) {
7323 size_t len = ssid->wep_key_len[i];
7324 if (len == 0)
7325 continue;
7326 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7327 continue;
7328 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7329 continue;
7330 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7331 continue;
7332 return 1; /* invalid WEP key */
7333 }
7334
7335 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
7336 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
7337 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
7338 !ssid->mem_only_psk)
7339 return 1;
7340
7341 return 0;
7342 }
7343
7344
7345 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7346 {
7347 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7348 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7349 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7350 /*
7351 * Driver does not support BIP -- ignore pmf=1 default
7352 * since the connection with PMF would fail and the
7353 * configuration does not require PMF to be enabled.
7354 */
7355 return NO_MGMT_FRAME_PROTECTION;
7356 }
7357
7358 if (ssid &&
7359 (ssid->key_mgmt &
7360 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7361 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7362 /*
7363 * Do not use the default PMF value for non-RSN networks
7364 * since PMF is available only with RSN and pmf=2
7365 * configuration would otherwise prevent connections to
7366 * all open networks.
7367 */
7368 return NO_MGMT_FRAME_PROTECTION;
7369 }
7370
7371 return wpa_s->conf->pmf;
7372 }
7373
7374 return ssid->ieee80211w;
7375 }
7376
7377
7378 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7379 {
7380 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7381 return 1;
7382 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7383 return 0;
7384 return -1;
7385 }
7386
7387
7388 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
7389 {
7390 struct wpa_ssid *ssid = wpa_s->current_ssid;
7391 int dur;
7392 struct os_reltime now;
7393
7394 if (ssid == NULL) {
7395 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7396 "SSID block");
7397 return;
7398 }
7399
7400 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7401 return;
7402
7403 ssid->auth_failures++;
7404
7405 #ifdef CONFIG_P2P
7406 if (ssid->p2p_group &&
7407 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7408 /*
7409 * Skip the wait time since there is a short timeout on the
7410 * connection to a P2P group.
7411 */
7412 return;
7413 }
7414 #endif /* CONFIG_P2P */
7415
7416 if (ssid->auth_failures > 50)
7417 dur = 300;
7418 else if (ssid->auth_failures > 10)
7419 dur = 120;
7420 else if (ssid->auth_failures > 5)
7421 dur = 90;
7422 else if (ssid->auth_failures > 3)
7423 dur = 60;
7424 else if (ssid->auth_failures > 2)
7425 dur = 30;
7426 else if (ssid->auth_failures > 1)
7427 dur = 20;
7428 else
7429 dur = 10;
7430
7431 if (ssid->auth_failures > 1 &&
7432 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7433 dur += os_random() % (ssid->auth_failures * 10);
7434
7435 os_get_reltime(&now);
7436 if (now.sec + dur <= ssid->disabled_until.sec)
7437 return;
7438
7439 ssid->disabled_until.sec = now.sec + dur;
7440
7441 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
7442 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
7443 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
7444 ssid->auth_failures, dur, reason);
7445 }
7446
7447
7448 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
7449 struct wpa_ssid *ssid, int clear_failures)
7450 {
7451 if (ssid == NULL)
7452 return;
7453
7454 if (ssid->disabled_until.sec) {
7455 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
7456 "id=%d ssid=\"%s\"",
7457 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
7458 }
7459 ssid->disabled_until.sec = 0;
7460 ssid->disabled_until.usec = 0;
7461 if (clear_failures)
7462 ssid->auth_failures = 0;
7463 }
7464
7465
7466 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
7467 {
7468 size_t i;
7469
7470 if (wpa_s->disallow_aps_bssid == NULL)
7471 return 0;
7472
7473 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
7474 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
7475 bssid, ETH_ALEN) == 0)
7476 return 1;
7477 }
7478
7479 return 0;
7480 }
7481
7482
7483 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7484 size_t ssid_len)
7485 {
7486 size_t i;
7487
7488 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7489 return 0;
7490
7491 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7492 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7493 if (ssid_len == s->ssid_len &&
7494 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7495 return 1;
7496 }
7497
7498 return 0;
7499 }
7500
7501
7502 /**
7503 * wpas_request_connection - Request a new connection
7504 * @wpa_s: Pointer to the network interface
7505 *
7506 * This function is used to request a new connection to be found. It will mark
7507 * the interface to allow reassociation and request a new scan to find a
7508 * suitable network to connect to.
7509 */
7510 void wpas_request_connection(struct wpa_supplicant *wpa_s)
7511 {
7512 wpa_s->normal_scans = 0;
7513 wpa_s->scan_req = NORMAL_SCAN_REQ;
7514 wpa_supplicant_reinit_autoscan(wpa_s);
7515 wpa_s->extra_blacklist_count = 0;
7516 wpa_s->disconnected = 0;
7517 wpa_s->reassociate = 1;
7518 wpa_s->last_owe_group = 0;
7519
7520 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7521 wpa_supplicant_req_scan(wpa_s, 0, 0);
7522 else
7523 wpa_s->reattach = 0;
7524 }
7525
7526
7527 /**
7528 * wpas_request_disconnection - Request disconnection
7529 * @wpa_s: Pointer to the network interface
7530 *
7531 * This function is used to request disconnection from the currently connected
7532 * network. This will stop any ongoing scans and initiate deauthentication.
7533 */
7534 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7535 {
7536 #ifdef CONFIG_SME
7537 wpa_s->sme.prev_bssid_set = 0;
7538 #endif /* CONFIG_SME */
7539 wpa_s->reassociate = 0;
7540 wpa_s->disconnected = 1;
7541 wpa_supplicant_cancel_sched_scan(wpa_s);
7542 wpa_supplicant_cancel_scan(wpa_s);
7543 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7544 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
7545 radio_remove_works(wpa_s, "connect", 0);
7546 radio_remove_works(wpa_s, "sme-connect", 0);
7547 }
7548
7549
7550 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7551 struct wpa_used_freq_data *freqs_data,
7552 unsigned int len)
7553 {
7554 unsigned int i;
7555
7556 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7557 len, title);
7558 for (i = 0; i < len; i++) {
7559 struct wpa_used_freq_data *cur = &freqs_data[i];
7560 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7561 i, cur->freq, cur->flags);
7562 }
7563 }
7564
7565
7566 /*
7567 * Find the operating frequencies of any of the virtual interfaces that
7568 * are using the same radio as the current interface, and in addition, get
7569 * information about the interface types that are using the frequency.
7570 */
7571 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7572 struct wpa_used_freq_data *freqs_data,
7573 unsigned int len)
7574 {
7575 struct wpa_supplicant *ifs;
7576 u8 bssid[ETH_ALEN];
7577 int freq;
7578 unsigned int idx = 0, i;
7579
7580 wpa_dbg(wpa_s, MSG_DEBUG,
7581 "Determining shared radio frequencies (max len %u)", len);
7582 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
7583
7584 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
7585 radio_list) {
7586 if (idx == len)
7587 break;
7588
7589 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
7590 continue;
7591
7592 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
7593 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
7594 ifs->current_ssid->mode == WPAS_MODE_MESH)
7595 freq = ifs->current_ssid->frequency;
7596 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
7597 freq = ifs->assoc_freq;
7598 else
7599 continue;
7600
7601 /* Hold only distinct freqs */
7602 for (i = 0; i < idx; i++)
7603 if (freqs_data[i].freq == freq)
7604 break;
7605
7606 if (i == idx)
7607 freqs_data[idx++].freq = freq;
7608
7609 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
7610 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
7611 WPA_FREQ_USED_BY_P2P_CLIENT :
7612 WPA_FREQ_USED_BY_INFRA_STATION;
7613 }
7614 }
7615
7616 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
7617 return idx;
7618 }
7619
7620
7621 /*
7622 * Find the operating frequencies of any of the virtual interfaces that
7623 * are using the same radio as the current interface.
7624 */
7625 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
7626 int *freq_array, unsigned int len)
7627 {
7628 struct wpa_used_freq_data *freqs_data;
7629 int num, i;
7630
7631 os_memset(freq_array, 0, sizeof(int) * len);
7632
7633 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
7634 if (!freqs_data)
7635 return -1;
7636
7637 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
7638 for (i = 0; i < num; i++)
7639 freq_array[i] = freqs_data[i].freq;
7640
7641 os_free(freqs_data);
7642
7643 return num;
7644 }
7645
7646
7647 struct wpa_supplicant *
7648 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
7649 {
7650 switch (frame) {
7651 #ifdef CONFIG_P2P
7652 case VENDOR_ELEM_PROBE_REQ_P2P:
7653 case VENDOR_ELEM_PROBE_RESP_P2P:
7654 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
7655 case VENDOR_ELEM_BEACON_P2P_GO:
7656 case VENDOR_ELEM_P2P_PD_REQ:
7657 case VENDOR_ELEM_P2P_PD_RESP:
7658 case VENDOR_ELEM_P2P_GO_NEG_REQ:
7659 case VENDOR_ELEM_P2P_GO_NEG_RESP:
7660 case VENDOR_ELEM_P2P_GO_NEG_CONF:
7661 case VENDOR_ELEM_P2P_INV_REQ:
7662 case VENDOR_ELEM_P2P_INV_RESP:
7663 case VENDOR_ELEM_P2P_ASSOC_REQ:
7664 case VENDOR_ELEM_P2P_ASSOC_RESP:
7665 return wpa_s->p2pdev;
7666 #endif /* CONFIG_P2P */
7667 default:
7668 return wpa_s;
7669 }
7670 }
7671
7672
7673 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
7674 {
7675 unsigned int i;
7676 char buf[30];
7677
7678 wpa_printf(MSG_DEBUG, "Update vendor elements");
7679
7680 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
7681 if (wpa_s->vendor_elem[i]) {
7682 int res;
7683
7684 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
7685 if (!os_snprintf_error(sizeof(buf), res)) {
7686 wpa_hexdump_buf(MSG_DEBUG, buf,
7687 wpa_s->vendor_elem[i]);
7688 }
7689 }
7690 }
7691
7692 #ifdef CONFIG_P2P
7693 if (wpa_s->parent == wpa_s &&
7694 wpa_s->global->p2p &&
7695 !wpa_s->global->p2p_disabled)
7696 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
7697 #endif /* CONFIG_P2P */
7698 }
7699
7700
7701 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7702 const u8 *elem, size_t len)
7703 {
7704 u8 *ie, *end;
7705
7706 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7707 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7708
7709 for (; ie + 1 < end; ie += 2 + ie[1]) {
7710 if (ie + len > end)
7711 break;
7712 if (os_memcmp(ie, elem, len) != 0)
7713 continue;
7714
7715 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7716 wpabuf_free(wpa_s->vendor_elem[frame]);
7717 wpa_s->vendor_elem[frame] = NULL;
7718 } else {
7719 os_memmove(ie, ie + len, end - (ie + len));
7720 wpa_s->vendor_elem[frame]->used -= len;
7721 }
7722 wpas_vendor_elem_update(wpa_s);
7723 return 0;
7724 }
7725
7726 return -1;
7727 }
7728
7729
7730 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
7731 u16 num_modes, enum hostapd_hw_mode mode,
7732 int is_6ghz)
7733 {
7734 u16 i;
7735
7736 for (i = 0; i < num_modes; i++) {
7737 if (modes[i].mode != mode ||
7738 !modes[i].num_channels || !modes[i].channels)
7739 continue;
7740 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
7741 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
7742 return &modes[i];
7743 }
7744
7745 return NULL;
7746 }
7747
7748
7749 static struct
7750 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7751 const u8 *bssid)
7752 {
7753 struct wpa_bss_tmp_disallowed *bss;
7754
7755 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7756 struct wpa_bss_tmp_disallowed, list) {
7757 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7758 return bss;
7759 }
7760
7761 return NULL;
7762 }
7763
7764
7765 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7766 {
7767 struct wpa_bss_tmp_disallowed *tmp;
7768 unsigned int num_bssid = 0;
7769 u8 *bssids;
7770 int ret;
7771
7772 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7773 if (!bssids)
7774 return -1;
7775 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7776 struct wpa_bss_tmp_disallowed, list) {
7777 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7778 ETH_ALEN);
7779 num_bssid++;
7780 }
7781 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7782 os_free(bssids);
7783 return ret;
7784 }
7785
7786
7787 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7788 {
7789 struct wpa_supplicant *wpa_s = eloop_ctx;
7790 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7791
7792 /* Make sure the bss is not already freed */
7793 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7794 struct wpa_bss_tmp_disallowed, list) {
7795 if (bss == tmp) {
7796 dl_list_del(&tmp->list);
7797 os_free(tmp);
7798 wpa_set_driver_tmp_disallow_list(wpa_s);
7799 break;
7800 }
7801 }
7802 }
7803
7804
7805 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
7806 unsigned int sec, int rssi_threshold)
7807 {
7808 struct wpa_bss_tmp_disallowed *bss;
7809
7810 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7811 if (bss) {
7812 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
7813 goto finish;
7814 }
7815
7816 bss = os_malloc(sizeof(*bss));
7817 if (!bss) {
7818 wpa_printf(MSG_DEBUG,
7819 "Failed to allocate memory for temp disallow BSS");
7820 return;
7821 }
7822
7823 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7824 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
7825 wpa_set_driver_tmp_disallow_list(wpa_s);
7826
7827 finish:
7828 bss->rssi_threshold = rssi_threshold;
7829 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7830 wpa_s, bss);
7831 }
7832
7833
7834 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
7835 struct wpa_bss *bss)
7836 {
7837 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
7838
7839 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7840 struct wpa_bss_tmp_disallowed, list) {
7841 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
7842 disallowed = tmp;
7843 break;
7844 }
7845 }
7846 if (!disallowed)
7847 return 0;
7848
7849 if (disallowed->rssi_threshold != 0 &&
7850 bss->level > disallowed->rssi_threshold)
7851 return 0;
7852
7853 return 1;
7854 }
7855
7856
7857 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7858 unsigned int type, const u8 *addr,
7859 const u8 *mask)
7860 {
7861 if ((addr && !mask) || (!addr && mask)) {
7862 wpa_printf(MSG_INFO,
7863 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7864 return -1;
7865 }
7866
7867 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
7868 wpa_printf(MSG_INFO,
7869 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7870 return -1;
7871 }
7872
7873 if (type & MAC_ADDR_RAND_SCAN) {
7874 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
7875 addr, mask))
7876 return -1;
7877 }
7878
7879 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
7880 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
7881 addr, mask))
7882 return -1;
7883
7884 if (wpa_s->sched_scanning && !wpa_s->pno)
7885 wpas_scan_restart_sched_scan(wpa_s);
7886 }
7887
7888 if (type & MAC_ADDR_RAND_PNO) {
7889 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
7890 addr, mask))
7891 return -1;
7892
7893 if (wpa_s->pno) {
7894 wpas_stop_pno(wpa_s);
7895 wpas_start_pno(wpa_s);
7896 }
7897 }
7898
7899 return 0;
7900 }
7901
7902
7903 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7904 unsigned int type)
7905 {
7906 wpas_mac_addr_rand_scan_clear(wpa_s, type);
7907 if (wpa_s->pno) {
7908 if (type & MAC_ADDR_RAND_PNO) {
7909 wpas_stop_pno(wpa_s);
7910 wpas_start_pno(wpa_s);
7911 }
7912 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
7913 wpas_scan_restart_sched_scan(wpa_s);
7914 }
7915
7916 return 0;
7917 }
7918
7919
7920 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
7921 struct wpa_signal_info *si)
7922 {
7923 int res;
7924
7925 if (!wpa_s->driver->signal_poll)
7926 return -1;
7927
7928 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
7929
7930 #ifdef CONFIG_TESTING_OPTIONS
7931 if (res == 0) {
7932 struct driver_signal_override *dso;
7933
7934 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7935 struct driver_signal_override, list) {
7936 if (os_memcmp(wpa_s->bssid, dso->bssid,
7937 ETH_ALEN) != 0)
7938 continue;
7939 wpa_printf(MSG_DEBUG,
7940 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
7941 si->current_signal,
7942 dso->si_current_signal,
7943 si->avg_signal,
7944 dso->si_avg_signal,
7945 si->avg_beacon_signal,
7946 dso->si_avg_beacon_signal,
7947 si->current_noise,
7948 dso->si_current_noise);
7949 si->current_signal = dso->si_current_signal;
7950 si->avg_signal = dso->si_avg_signal;
7951 si->avg_beacon_signal = dso->si_avg_beacon_signal;
7952 si->current_noise = dso->si_current_noise;
7953 break;
7954 }
7955 }
7956 #endif /* CONFIG_TESTING_OPTIONS */
7957
7958 return res;
7959 }
7960
7961
7962 struct wpa_scan_results *
7963 wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
7964 {
7965 struct wpa_scan_results *scan_res;
7966 #ifdef CONFIG_TESTING_OPTIONS
7967 size_t idx;
7968 #endif /* CONFIG_TESTING_OPTIONS */
7969
7970 if (!wpa_s->driver->get_scan_results2)
7971 return NULL;
7972
7973 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
7974
7975 #ifdef CONFIG_TESTING_OPTIONS
7976 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
7977 struct driver_signal_override *dso;
7978 struct wpa_scan_res *res = scan_res->res[idx];
7979
7980 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7981 struct driver_signal_override, list) {
7982 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
7983 continue;
7984 wpa_printf(MSG_DEBUG,
7985 "Override driver scan signal level %d->%d for "
7986 MACSTR,
7987 res->level, dso->scan_level,
7988 MAC2STR(res->bssid));
7989 res->flags |= WPA_SCAN_QUAL_INVALID;
7990 if (dso->scan_level < 0)
7991 res->flags |= WPA_SCAN_LEVEL_DBM;
7992 else
7993 res->flags &= ~WPA_SCAN_LEVEL_DBM;
7994 res->level = dso->scan_level;
7995 break;
7996 }
7997 }
7998 #endif /* CONFIG_TESTING_OPTIONS */
7999
8000 return scan_res;
8001 }
Unnamed repository; edit this file 'description' to name the repository.