]> git.ipfire.org Git - thirdparty/hostap.git/blob - wpa_supplicant/wpa_supplicant.c
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Introduce and add key_flag
[thirdparty/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
44 #include "p2p/p2p.h"
45 #include "fst/fst.h"
46 #include "blacklist.h"
47 #include "wpas_glue.h"
48 #include "wps_supplicant.h"
49 #include "ibss_rsn.h"
50 #include "sme.h"
51 #include "gas_query.h"
52 #include "ap.h"
53 #include "p2p_supplicant.h"
54 #include "wifi_display.h"
55 #include "notify.h"
56 #include "bgscan.h"
57 #include "autoscan.h"
58 #include "bss.h"
59 #include "scan.h"
60 #include "offchannel.h"
61 #include "hs20_supplicant.h"
62 #include "wnm_sta.h"
63 #include "wpas_kay.h"
64 #include "mesh.h"
65 #include "dpp_supplicant.h"
66 #ifdef CONFIG_MESH
67 #include "ap/ap_config.h"
68 #include "ap/hostapd.h"
69 #endif /* CONFIG_MESH */
70
71 const char *const wpa_supplicant_version =
72 "wpa_supplicant v" VERSION_STR "\n"
73 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
74
75 const char *const wpa_supplicant_license =
76 "This software may be distributed under the terms of the BSD license.\n"
77 "See README for more details.\n"
78 #ifdef EAP_TLS_OPENSSL
79 "\nThis product includes software developed by the OpenSSL Project\n"
80 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81 #endif /* EAP_TLS_OPENSSL */
82 ;
83
84 #ifndef CONFIG_NO_STDOUT_DEBUG
85 /* Long text divided into parts in order to fit in C89 strings size limits. */
86 const char *const wpa_supplicant_full_license1 =
87 "";
88 const char *const wpa_supplicant_full_license2 =
89 "This software may be distributed under the terms of the BSD license.\n"
90 "\n"
91 "Redistribution and use in source and binary forms, with or without\n"
92 "modification, are permitted provided that the following conditions are\n"
93 "met:\n"
94 "\n";
95 const char *const wpa_supplicant_full_license3 =
96 "1. Redistributions of source code must retain the above copyright\n"
97 " notice, this list of conditions and the following disclaimer.\n"
98 "\n"
99 "2. Redistributions in binary form must reproduce the above copyright\n"
100 " notice, this list of conditions and the following disclaimer in the\n"
101 " documentation and/or other materials provided with the distribution.\n"
102 "\n";
103 const char *const wpa_supplicant_full_license4 =
104 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105 " names of its contributors may be used to endorse or promote products\n"
106 " derived from this software without specific prior written permission.\n"
107 "\n"
108 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
112 const char *const wpa_supplicant_full_license5 =
113 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
120 "\n";
121 #endif /* CONFIG_NO_STDOUT_DEBUG */
122
123
124 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
125 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
127 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
128 #ifdef CONFIG_OWE
129 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
130 #endif /* CONFIG_OWE */
131
132
133 /* Configure default/group WEP keys for static WEP */
134 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
135 {
136 int i, set = 0;
137
138 for (i = 0; i < NUM_WEP_KEYS; i++) {
139 if (ssid->wep_key_len[i] == 0)
140 continue;
141
142 set = 1;
143 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
144 i, i == ssid->wep_tx_keyidx, NULL, 0,
145 ssid->wep_key[i], ssid->wep_key_len[i],
146 i == ssid->wep_tx_keyidx ?
147 KEY_FLAG_GROUP_RX_TX_DEFAULT :
148 KEY_FLAG_GROUP_RX_TX);
149 }
150
151 return set;
152 }
153
154
155 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
156 struct wpa_ssid *ssid)
157 {
158 u8 key[32];
159 size_t keylen;
160 enum wpa_alg alg;
161 u8 seq[6] = { 0 };
162 int ret;
163
164 /* IBSS/WPA-None uses only one key (Group) for both receiving and
165 * sending unicast and multicast packets. */
166
167 if (ssid->mode != WPAS_MODE_IBSS) {
168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
169 "IBSS/ad-hoc) for WPA-None", ssid->mode);
170 return -1;
171 }
172
173 if (!ssid->psk_set) {
174 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
175 "WPA-None");
176 return -1;
177 }
178
179 switch (wpa_s->group_cipher) {
180 case WPA_CIPHER_CCMP:
181 os_memcpy(key, ssid->psk, 16);
182 keylen = 16;
183 alg = WPA_ALG_CCMP;
184 break;
185 case WPA_CIPHER_GCMP:
186 os_memcpy(key, ssid->psk, 16);
187 keylen = 16;
188 alg = WPA_ALG_GCMP;
189 break;
190 case WPA_CIPHER_TKIP:
191 /* WPA-None uses the same Michael MIC key for both TX and RX */
192 os_memcpy(key, ssid->psk, 16 + 8);
193 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
194 keylen = 32;
195 alg = WPA_ALG_TKIP;
196 break;
197 default:
198 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
199 "WPA-None", wpa_s->group_cipher);
200 return -1;
201 }
202
203 /* TODO: should actually remember the previously used seq#, both for TX
204 * and RX from each STA.. */
205
206 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
207 KEY_FLAG_GROUP_RX_TX_DEFAULT);
208 os_memset(key, 0, sizeof(key));
209 return ret;
210 }
211
212
213 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
214 {
215 struct wpa_supplicant *wpa_s = eloop_ctx;
216 const u8 *bssid = wpa_s->bssid;
217 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
218 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
219 wpa_s->wpa_state == WPA_ASSOCIATING))
220 bssid = wpa_s->pending_bssid;
221 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
222 MAC2STR(bssid));
223 wpa_blacklist_add(wpa_s, bssid);
224 wpa_sm_notify_disassoc(wpa_s->wpa);
225 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
226 wpa_s->reassociate = 1;
227
228 /*
229 * If we timed out, the AP or the local radio may be busy.
230 * So, wait a second until scanning again.
231 */
232 wpa_supplicant_req_scan(wpa_s, 1, 0);
233 }
234
235
236 /**
237 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
238 * @wpa_s: Pointer to wpa_supplicant data
239 * @sec: Number of seconds after which to time out authentication
240 * @usec: Number of microseconds after which to time out authentication
241 *
242 * This function is used to schedule a timeout for the current authentication
243 * attempt.
244 */
245 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
246 int sec, int usec)
247 {
248 if (wpa_s->conf->ap_scan == 0 &&
249 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
250 return;
251
252 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
253 "%d usec", sec, usec);
254 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
255 wpa_s->last_auth_timeout_sec = sec;
256 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
257 }
258
259
260 /*
261 * wpas_auth_timeout_restart - Restart and change timeout for authentication
262 * @wpa_s: Pointer to wpa_supplicant data
263 * @sec_diff: difference in seconds applied to original timeout value
264 */
265 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
266 {
267 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
268
269 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
270 wpa_dbg(wpa_s, MSG_DEBUG,
271 "Authentication timeout restart: %d sec", new_sec);
272 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
273 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
274 wpa_s, NULL);
275 }
276 }
277
278
279 /**
280 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
281 * @wpa_s: Pointer to wpa_supplicant data
282 *
283 * This function is used to cancel authentication timeout scheduled with
284 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
285 * been completed.
286 */
287 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
288 {
289 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
290 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
291 wpa_blacklist_del(wpa_s, wpa_s->bssid);
292 os_free(wpa_s->last_con_fail_realm);
293 wpa_s->last_con_fail_realm = NULL;
294 wpa_s->last_con_fail_realm_len = 0;
295 }
296
297
298 /**
299 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
300 * @wpa_s: Pointer to wpa_supplicant data
301 *
302 * This function is used to configure EAPOL state machine based on the selected
303 * authentication mode.
304 */
305 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
306 {
307 #ifdef IEEE8021X_EAPOL
308 struct eapol_config eapol_conf;
309 struct wpa_ssid *ssid = wpa_s->current_ssid;
310
311 #ifdef CONFIG_IBSS_RSN
312 if (ssid->mode == WPAS_MODE_IBSS &&
313 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
314 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
315 /*
316 * RSN IBSS authentication is per-STA and we can disable the
317 * per-BSSID EAPOL authentication.
318 */
319 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
320 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
321 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
322 return;
323 }
324 #endif /* CONFIG_IBSS_RSN */
325
326 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
327 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
328
329 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
330 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
331 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
332 else
333 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
334
335 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
336 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
337 eapol_conf.accept_802_1x_keys = 1;
338 eapol_conf.required_keys = 0;
339 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
340 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
341 }
342 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
343 eapol_conf.required_keys |=
344 EAPOL_REQUIRE_KEY_BROADCAST;
345 }
346
347 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
348 eapol_conf.required_keys = 0;
349 }
350 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
351 eapol_conf.workaround = ssid->eap_workaround;
352 eapol_conf.eap_disabled =
353 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
354 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
355 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
356 eapol_conf.external_sim = wpa_s->conf->external_sim;
357
358 #ifdef CONFIG_WPS
359 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
360 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
361 if (wpa_s->current_bss) {
362 struct wpabuf *ie;
363 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
364 WPS_IE_VENDOR_TYPE);
365 if (ie) {
366 if (wps_is_20(ie))
367 eapol_conf.wps |=
368 EAPOL_PEER_IS_WPS20_AP;
369 wpabuf_free(ie);
370 }
371 }
372 }
373 #endif /* CONFIG_WPS */
374
375 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
376
377 #ifdef CONFIG_MACSEC
378 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
379 ieee802_1x_create_preshared_mka(wpa_s, ssid);
380 else
381 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
382 #endif /* CONFIG_MACSEC */
383 #endif /* IEEE8021X_EAPOL */
384 }
385
386
387 /**
388 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
389 * @wpa_s: Pointer to wpa_supplicant data
390 * @ssid: Configuration data for the network
391 *
392 * This function is used to configure WPA state machine and related parameters
393 * to a mode where WPA is not enabled. This is called as part of the
394 * authentication configuration when the selected network does not use WPA.
395 */
396 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
397 struct wpa_ssid *ssid)
398 {
399 int i;
400
401 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
402 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
403 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
404 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
405 else
406 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
407 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
408 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
409 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
410 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
411 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
412 wpa_s->rsnxe_len = 0;
413 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
414 wpa_s->group_cipher = WPA_CIPHER_NONE;
415 wpa_s->mgmt_group_cipher = 0;
416
417 for (i = 0; i < NUM_WEP_KEYS; i++) {
418 if (ssid->wep_key_len[i] > 5) {
419 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
420 wpa_s->group_cipher = WPA_CIPHER_WEP104;
421 break;
422 } else if (ssid->wep_key_len[i] > 0) {
423 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
424 wpa_s->group_cipher = WPA_CIPHER_WEP40;
425 break;
426 }
427 }
428
429 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
430 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
431 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
432 wpa_s->pairwise_cipher);
433 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
434 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
435 wpa_s->mgmt_group_cipher);
436
437 pmksa_cache_clear_current(wpa_s->wpa);
438 }
439
440
441 void free_hw_features(struct wpa_supplicant *wpa_s)
442 {
443 int i;
444 if (wpa_s->hw.modes == NULL)
445 return;
446
447 for (i = 0; i < wpa_s->hw.num_modes; i++) {
448 os_free(wpa_s->hw.modes[i].channels);
449 os_free(wpa_s->hw.modes[i].rates);
450 }
451
452 os_free(wpa_s->hw.modes);
453 wpa_s->hw.modes = NULL;
454 }
455
456
457 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
458 {
459 struct wpa_bss_tmp_disallowed *bss, *prev;
460
461 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
462 struct wpa_bss_tmp_disallowed, list) {
463 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
464 dl_list_del(&bss->list);
465 os_free(bss);
466 }
467 }
468
469
470 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
471 {
472 struct fils_hlp_req *req;
473
474 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
475 list)) != NULL) {
476 dl_list_del(&req->list);
477 wpabuf_free(req->pkt);
478 os_free(req);
479 }
480 }
481
482
483 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
484 {
485 struct wpa_supplicant *wpa_s = eloop_ctx;
486
487 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
488 return;
489 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
490 wpa_bss_flush(wpa_s);
491 }
492
493
494 #ifdef CONFIG_TESTING_OPTIONS
495 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
496 {
497 struct driver_signal_override *dso;
498
499 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
500 struct driver_signal_override, list))) {
501 dl_list_del(&dso->list);
502 os_free(dso);
503 }
504 }
505 #endif /* CONFIG_TESTING_OPTIONS */
506
507
508 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
509 {
510 int i;
511
512 bgscan_deinit(wpa_s);
513 autoscan_deinit(wpa_s);
514 scard_deinit(wpa_s->scard);
515 wpa_s->scard = NULL;
516 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
517 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
518 l2_packet_deinit(wpa_s->l2);
519 wpa_s->l2 = NULL;
520 if (wpa_s->l2_br) {
521 l2_packet_deinit(wpa_s->l2_br);
522 wpa_s->l2_br = NULL;
523 }
524 #ifdef CONFIG_TESTING_OPTIONS
525 l2_packet_deinit(wpa_s->l2_test);
526 wpa_s->l2_test = NULL;
527 os_free(wpa_s->get_pref_freq_list_override);
528 wpa_s->get_pref_freq_list_override = NULL;
529 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
530 wpa_s->last_assoc_req_wpa_ie = NULL;
531 os_free(wpa_s->extra_sae_rejected_groups);
532 wpa_s->extra_sae_rejected_groups = NULL;
533 wpabuf_free(wpa_s->rsnxe_override_assoc);
534 wpa_s->rsnxe_override_assoc = NULL;
535 wpabuf_free(wpa_s->rsnxe_override_eapol);
536 wpa_s->rsnxe_override_eapol = NULL;
537 wpas_clear_driver_signal_override(wpa_s);
538 #endif /* CONFIG_TESTING_OPTIONS */
539
540 if (wpa_s->conf != NULL) {
541 struct wpa_ssid *ssid;
542 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
543 wpas_notify_network_removed(wpa_s, ssid);
544 }
545
546 os_free(wpa_s->confname);
547 wpa_s->confname = NULL;
548
549 os_free(wpa_s->confanother);
550 wpa_s->confanother = NULL;
551
552 os_free(wpa_s->last_con_fail_realm);
553 wpa_s->last_con_fail_realm = NULL;
554 wpa_s->last_con_fail_realm_len = 0;
555
556 wpa_sm_set_eapol(wpa_s->wpa, NULL);
557 eapol_sm_deinit(wpa_s->eapol);
558 wpa_s->eapol = NULL;
559
560 rsn_preauth_deinit(wpa_s->wpa);
561
562 #ifdef CONFIG_TDLS
563 wpa_tdls_deinit(wpa_s->wpa);
564 #endif /* CONFIG_TDLS */
565
566 wmm_ac_clear_saved_tspecs(wpa_s);
567 pmksa_candidate_free(wpa_s->wpa);
568 wpa_sm_deinit(wpa_s->wpa);
569 wpa_s->wpa = NULL;
570 wpa_blacklist_clear(wpa_s);
571
572 wpa_bss_deinit(wpa_s);
573
574 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
575 wpa_supplicant_cancel_scan(wpa_s);
576 wpa_supplicant_cancel_auth_timeout(wpa_s);
577 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
578 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
579 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
580 wpa_s, NULL);
581 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
582
583 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
584 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
585
586 wpas_wps_deinit(wpa_s);
587
588 wpabuf_free(wpa_s->pending_eapol_rx);
589 wpa_s->pending_eapol_rx = NULL;
590
591 #ifdef CONFIG_IBSS_RSN
592 ibss_rsn_deinit(wpa_s->ibss_rsn);
593 wpa_s->ibss_rsn = NULL;
594 #endif /* CONFIG_IBSS_RSN */
595
596 sme_deinit(wpa_s);
597
598 #ifdef CONFIG_AP
599 wpa_supplicant_ap_deinit(wpa_s);
600 #endif /* CONFIG_AP */
601
602 wpas_p2p_deinit(wpa_s);
603
604 #ifdef CONFIG_OFFCHANNEL
605 offchannel_deinit(wpa_s);
606 #endif /* CONFIG_OFFCHANNEL */
607
608 wpa_supplicant_cancel_sched_scan(wpa_s);
609
610 os_free(wpa_s->next_scan_freqs);
611 wpa_s->next_scan_freqs = NULL;
612
613 os_free(wpa_s->manual_scan_freqs);
614 wpa_s->manual_scan_freqs = NULL;
615 os_free(wpa_s->select_network_scan_freqs);
616 wpa_s->select_network_scan_freqs = NULL;
617
618 os_free(wpa_s->manual_sched_scan_freqs);
619 wpa_s->manual_sched_scan_freqs = NULL;
620
621 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
622
623 /*
624 * Need to remove any pending gas-query radio work before the
625 * gas_query_deinit() call because gas_query::work has not yet been set
626 * for works that have not been started. gas_query_free() will be unable
627 * to cancel such pending radio works and once the pending gas-query
628 * radio work eventually gets removed, the deinit notification call to
629 * gas_query_start_cb() would result in dereferencing freed memory.
630 */
631 if (wpa_s->radio)
632 radio_remove_works(wpa_s, "gas-query", 0);
633 gas_query_deinit(wpa_s->gas);
634 wpa_s->gas = NULL;
635 gas_server_deinit(wpa_s->gas_server);
636 wpa_s->gas_server = NULL;
637
638 free_hw_features(wpa_s);
639
640 ieee802_1x_dealloc_kay_sm(wpa_s);
641
642 os_free(wpa_s->bssid_filter);
643 wpa_s->bssid_filter = NULL;
644
645 os_free(wpa_s->disallow_aps_bssid);
646 wpa_s->disallow_aps_bssid = NULL;
647 os_free(wpa_s->disallow_aps_ssid);
648 wpa_s->disallow_aps_ssid = NULL;
649
650 wnm_bss_keep_alive_deinit(wpa_s);
651 #ifdef CONFIG_WNM
652 wnm_deallocate_memory(wpa_s);
653 #endif /* CONFIG_WNM */
654
655 ext_password_deinit(wpa_s->ext_pw);
656 wpa_s->ext_pw = NULL;
657
658 wpabuf_free(wpa_s->last_gas_resp);
659 wpa_s->last_gas_resp = NULL;
660 wpabuf_free(wpa_s->prev_gas_resp);
661 wpa_s->prev_gas_resp = NULL;
662
663 os_free(wpa_s->last_scan_res);
664 wpa_s->last_scan_res = NULL;
665
666 #ifdef CONFIG_HS20
667 if (wpa_s->drv_priv)
668 wpa_drv_configure_frame_filters(wpa_s, 0);
669 hs20_deinit(wpa_s);
670 #endif /* CONFIG_HS20 */
671
672 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
673 wpabuf_free(wpa_s->vendor_elem[i]);
674 wpa_s->vendor_elem[i] = NULL;
675 }
676
677 wmm_ac_notify_disassoc(wpa_s);
678
679 wpa_s->sched_scan_plans_num = 0;
680 os_free(wpa_s->sched_scan_plans);
681 wpa_s->sched_scan_plans = NULL;
682
683 #ifdef CONFIG_MBO
684 wpa_s->non_pref_chan_num = 0;
685 os_free(wpa_s->non_pref_chan);
686 wpa_s->non_pref_chan = NULL;
687 #endif /* CONFIG_MBO */
688
689 free_bss_tmp_disallowed(wpa_s);
690
691 wpabuf_free(wpa_s->lci);
692 wpa_s->lci = NULL;
693 wpas_clear_beacon_rep_data(wpa_s);
694
695 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
696 #ifdef CONFIG_MESH
697 {
698 struct external_pmksa_cache *entry;
699
700 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
701 struct external_pmksa_cache,
702 list)) != NULL) {
703 dl_list_del(&entry->list);
704 os_free(entry->pmksa_cache);
705 os_free(entry);
706 }
707 }
708 #endif /* CONFIG_MESH */
709 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
710
711 wpas_flush_fils_hlp_req(wpa_s);
712
713 wpabuf_free(wpa_s->ric_ies);
714 wpa_s->ric_ies = NULL;
715
716 #ifdef CONFIG_DPP
717 wpas_dpp_deinit(wpa_s);
718 dpp_global_deinit(wpa_s->dpp);
719 wpa_s->dpp = NULL;
720 #endif /* CONFIG_DPP */
721 }
722
723
724 /**
725 * wpa_clear_keys - Clear keys configured for the driver
726 * @wpa_s: Pointer to wpa_supplicant data
727 * @addr: Previously used BSSID or %NULL if not available
728 *
729 * This function clears the encryption keys that has been previously configured
730 * for the driver.
731 */
732 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
733 {
734 int i, max = 6;
735
736 /* MLME-DELETEKEYS.request */
737 for (i = 0; i < max; i++) {
738 if (wpa_s->keys_cleared & BIT(i))
739 continue;
740 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
741 NULL, 0, KEY_FLAG_GROUP);
742 }
743 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
744 !is_zero_ether_addr(addr)) {
745 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
746 0, KEY_FLAG_PAIRWISE);
747 /* MLME-SETPROTECTION.request(None) */
748 wpa_drv_mlme_setprotection(
749 wpa_s, addr,
750 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
751 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
752 }
753 wpa_s->keys_cleared = (u32) -1;
754 }
755
756
757 /**
758 * wpa_supplicant_state_txt - Get the connection state name as a text string
759 * @state: State (wpa_state; WPA_*)
760 * Returns: The state name as a printable text string
761 */
762 const char * wpa_supplicant_state_txt(enum wpa_states state)
763 {
764 switch (state) {
765 case WPA_DISCONNECTED:
766 return "DISCONNECTED";
767 case WPA_INACTIVE:
768 return "INACTIVE";
769 case WPA_INTERFACE_DISABLED:
770 return "INTERFACE_DISABLED";
771 case WPA_SCANNING:
772 return "SCANNING";
773 case WPA_AUTHENTICATING:
774 return "AUTHENTICATING";
775 case WPA_ASSOCIATING:
776 return "ASSOCIATING";
777 case WPA_ASSOCIATED:
778 return "ASSOCIATED";
779 case WPA_4WAY_HANDSHAKE:
780 return "4WAY_HANDSHAKE";
781 case WPA_GROUP_HANDSHAKE:
782 return "GROUP_HANDSHAKE";
783 case WPA_COMPLETED:
784 return "COMPLETED";
785 default:
786 return "UNKNOWN";
787 }
788 }
789
790
791 #ifdef CONFIG_BGSCAN
792
793 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
794 {
795 const char *name;
796
797 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
798 name = wpa_s->current_ssid->bgscan;
799 else
800 name = wpa_s->conf->bgscan;
801 if (name == NULL || name[0] == '\0')
802 return;
803 if (wpas_driver_bss_selection(wpa_s))
804 return;
805 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
806 return;
807 #ifdef CONFIG_P2P
808 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
809 return;
810 #endif /* CONFIG_P2P */
811
812 bgscan_deinit(wpa_s);
813 if (wpa_s->current_ssid) {
814 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
815 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
816 "bgscan");
817 /*
818 * Live without bgscan; it is only used as a roaming
819 * optimization, so the initial connection is not
820 * affected.
821 */
822 } else {
823 struct wpa_scan_results *scan_res;
824 wpa_s->bgscan_ssid = wpa_s->current_ssid;
825 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
826 0);
827 if (scan_res) {
828 bgscan_notify_scan(wpa_s, scan_res);
829 wpa_scan_results_free(scan_res);
830 }
831 }
832 } else
833 wpa_s->bgscan_ssid = NULL;
834 }
835
836
837 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
838 {
839 if (wpa_s->bgscan_ssid != NULL) {
840 bgscan_deinit(wpa_s);
841 wpa_s->bgscan_ssid = NULL;
842 }
843 }
844
845 #endif /* CONFIG_BGSCAN */
846
847
848 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
849 {
850 if (autoscan_init(wpa_s, 0))
851 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
852 }
853
854
855 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
856 {
857 autoscan_deinit(wpa_s);
858 }
859
860
861 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
862 {
863 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
864 wpa_s->wpa_state == WPA_SCANNING) {
865 autoscan_deinit(wpa_s);
866 wpa_supplicant_start_autoscan(wpa_s);
867 }
868 }
869
870
871 /**
872 * wpa_supplicant_set_state - Set current connection state
873 * @wpa_s: Pointer to wpa_supplicant data
874 * @state: The new connection state
875 *
876 * This function is called whenever the connection state changes, e.g.,
877 * association is completed for WPA/WPA2 4-Way Handshake is started.
878 */
879 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
880 enum wpa_states state)
881 {
882 enum wpa_states old_state = wpa_s->wpa_state;
883 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
884 Boolean update_fils_connect_params = FALSE;
885 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
886
887 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
888 wpa_supplicant_state_txt(wpa_s->wpa_state),
889 wpa_supplicant_state_txt(state));
890
891 if (state == WPA_COMPLETED &&
892 os_reltime_initialized(&wpa_s->roam_start)) {
893 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
894 wpa_s->roam_start.sec = 0;
895 wpa_s->roam_start.usec = 0;
896 wpas_notify_auth_changed(wpa_s);
897 wpas_notify_roam_time(wpa_s);
898 wpas_notify_roam_complete(wpa_s);
899 } else if (state == WPA_DISCONNECTED &&
900 os_reltime_initialized(&wpa_s->roam_start)) {
901 wpa_s->roam_start.sec = 0;
902 wpa_s->roam_start.usec = 0;
903 wpa_s->roam_time.sec = 0;
904 wpa_s->roam_time.usec = 0;
905 wpas_notify_roam_complete(wpa_s);
906 }
907
908 if (state == WPA_INTERFACE_DISABLED) {
909 /* Assure normal scan when interface is restored */
910 wpa_s->normal_scans = 0;
911 }
912
913 if (state == WPA_COMPLETED) {
914 wpas_connect_work_done(wpa_s);
915 /* Reinitialize normal_scan counter */
916 wpa_s->normal_scans = 0;
917 }
918
919 #ifdef CONFIG_P2P
920 /*
921 * P2PS client has to reply to Probe Request frames received on the
922 * group operating channel. Enable Probe Request frame reporting for
923 * P2P connected client in case p2p_cli_probe configuration property is
924 * set to 1.
925 */
926 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
927 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
928 wpa_s->current_ssid->p2p_group) {
929 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
930 wpa_dbg(wpa_s, MSG_DEBUG,
931 "P2P: Enable CLI Probe Request RX reporting");
932 wpa_s->p2p_cli_probe =
933 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
934 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
935 wpa_dbg(wpa_s, MSG_DEBUG,
936 "P2P: Disable CLI Probe Request RX reporting");
937 wpa_s->p2p_cli_probe = 0;
938 wpa_drv_probe_req_report(wpa_s, 0);
939 }
940 }
941 #endif /* CONFIG_P2P */
942
943 if (state != WPA_SCANNING)
944 wpa_supplicant_notify_scanning(wpa_s, 0);
945
946 if (state == WPA_COMPLETED && wpa_s->new_connection) {
947 struct wpa_ssid *ssid = wpa_s->current_ssid;
948 int fils_hlp_sent = 0;
949
950 #ifdef CONFIG_SME
951 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
952 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
953 fils_hlp_sent = 1;
954 #endif /* CONFIG_SME */
955 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
956 wpa_auth_alg_fils(wpa_s->auth_alg))
957 fils_hlp_sent = 1;
958
959 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
960 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
961 MACSTR " completed [id=%d id_str=%s%s]",
962 MAC2STR(wpa_s->bssid),
963 ssid ? ssid->id : -1,
964 ssid && ssid->id_str ? ssid->id_str : "",
965 fils_hlp_sent ? " FILS_HLP_SENT" : "");
966 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
967 wpas_clear_temp_disabled(wpa_s, ssid, 1);
968 wpa_blacklist_clear(wpa_s);
969 wpa_s->extra_blacklist_count = 0;
970 wpa_s->new_connection = 0;
971 wpa_drv_set_operstate(wpa_s, 1);
972 #ifndef IEEE8021X_EAPOL
973 wpa_drv_set_supp_port(wpa_s, 1);
974 #endif /* IEEE8021X_EAPOL */
975 wpa_s->after_wps = 0;
976 wpa_s->known_wps_freq = 0;
977 wpas_p2p_completed(wpa_s);
978
979 sme_sched_obss_scan(wpa_s, 1);
980
981 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
982 if (!fils_hlp_sent && ssid && ssid->eap.erp)
983 update_fils_connect_params = TRUE;
984 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
985 #ifdef CONFIG_OWE
986 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
987 wpas_update_owe_connect_params(wpa_s);
988 #endif /* CONFIG_OWE */
989 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
990 state == WPA_ASSOCIATED) {
991 wpa_s->new_connection = 1;
992 wpa_drv_set_operstate(wpa_s, 0);
993 #ifndef IEEE8021X_EAPOL
994 wpa_drv_set_supp_port(wpa_s, 0);
995 #endif /* IEEE8021X_EAPOL */
996 sme_sched_obss_scan(wpa_s, 0);
997 }
998 wpa_s->wpa_state = state;
999
1000 #ifdef CONFIG_BGSCAN
1001 if (state == WPA_COMPLETED)
1002 wpa_supplicant_start_bgscan(wpa_s);
1003 else if (state < WPA_ASSOCIATED)
1004 wpa_supplicant_stop_bgscan(wpa_s);
1005 #endif /* CONFIG_BGSCAN */
1006
1007 if (state > WPA_SCANNING)
1008 wpa_supplicant_stop_autoscan(wpa_s);
1009
1010 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1011 wpa_supplicant_start_autoscan(wpa_s);
1012
1013 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1014 wmm_ac_notify_disassoc(wpa_s);
1015
1016 if (wpa_s->wpa_state != old_state) {
1017 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1018
1019 /*
1020 * Notify the P2P Device interface about a state change in one
1021 * of the interfaces.
1022 */
1023 wpas_p2p_indicate_state_change(wpa_s);
1024
1025 if (wpa_s->wpa_state == WPA_COMPLETED ||
1026 old_state == WPA_COMPLETED)
1027 wpas_notify_auth_changed(wpa_s);
1028 #ifdef CONFIG_DPP2
1029 if (wpa_s->wpa_state == WPA_COMPLETED)
1030 wpas_dpp_connected(wpa_s);
1031 #endif /* CONFIG_DPP2 */
1032 }
1033 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1034 if (update_fils_connect_params)
1035 wpas_update_fils_connect_params(wpa_s);
1036 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1037 }
1038
1039
1040 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1041 {
1042 int pending = 0;
1043 #ifdef CONFIG_WPS
1044 struct wpa_supplicant *wpa_s = global->ifaces;
1045 while (wpa_s) {
1046 struct wpa_supplicant *next = wpa_s->next;
1047 if (wpas_wps_terminate_pending(wpa_s) == 1)
1048 pending = 1;
1049 #ifdef CONFIG_P2P
1050 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1051 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1052 wpas_p2p_disconnect(wpa_s);
1053 #endif /* CONFIG_P2P */
1054 wpa_s = next;
1055 }
1056 #endif /* CONFIG_WPS */
1057 if (pending)
1058 return;
1059 eloop_terminate();
1060 }
1061
1062
1063 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1064 {
1065 struct wpa_global *global = signal_ctx;
1066 wpa_supplicant_terminate_proc(global);
1067 }
1068
1069
1070 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1071 {
1072 enum wpa_states old_state = wpa_s->wpa_state;
1073
1074 wpa_s->pairwise_cipher = 0;
1075 wpa_s->group_cipher = 0;
1076 wpa_s->mgmt_group_cipher = 0;
1077 wpa_s->key_mgmt = 0;
1078 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1079 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1080
1081 if (wpa_s->wpa_state != old_state)
1082 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1083 }
1084
1085
1086 /**
1087 * wpa_supplicant_reload_configuration - Reload configuration data
1088 * @wpa_s: Pointer to wpa_supplicant data
1089 * Returns: 0 on success or -1 if configuration parsing failed
1090 *
1091 * This function can be used to request that the configuration data is reloaded
1092 * (e.g., after configuration file change). This function is reloading
1093 * configuration only for one interface, so this may need to be called multiple
1094 * times if %wpa_supplicant is controlling multiple interfaces and all
1095 * interfaces need reconfiguration.
1096 */
1097 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1098 {
1099 struct wpa_config *conf;
1100 int reconf_ctrl;
1101 int old_ap_scan;
1102
1103 if (wpa_s->confname == NULL)
1104 return -1;
1105 conf = wpa_config_read(wpa_s->confname, NULL);
1106 if (conf == NULL) {
1107 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1108 "file '%s' - exiting", wpa_s->confname);
1109 return -1;
1110 }
1111 if (wpa_s->confanother &&
1112 !wpa_config_read(wpa_s->confanother, conf)) {
1113 wpa_msg(wpa_s, MSG_ERROR,
1114 "Failed to parse the configuration file '%s' - exiting",
1115 wpa_s->confanother);
1116 return -1;
1117 }
1118
1119 conf->changed_parameters = (unsigned int) -1;
1120
1121 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1122 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1123 os_strcmp(conf->ctrl_interface,
1124 wpa_s->conf->ctrl_interface) != 0);
1125
1126 if (reconf_ctrl && wpa_s->ctrl_iface) {
1127 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
1128 wpa_s->ctrl_iface = NULL;
1129 }
1130
1131 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1132 if (wpa_s->current_ssid) {
1133 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1134 wpa_s->own_disconnect_req = 1;
1135 wpa_supplicant_deauthenticate(wpa_s,
1136 WLAN_REASON_DEAUTH_LEAVING);
1137 }
1138
1139 /*
1140 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1141 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1142 */
1143 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1144 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1145 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1146 /*
1147 * Clear forced success to clear EAP state for next
1148 * authentication.
1149 */
1150 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1151 }
1152 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1153 wpa_sm_set_config(wpa_s->wpa, NULL);
1154 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1155 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1156 rsn_preauth_deinit(wpa_s->wpa);
1157
1158 old_ap_scan = wpa_s->conf->ap_scan;
1159 wpa_config_free(wpa_s->conf);
1160 wpa_s->conf = conf;
1161 if (old_ap_scan != wpa_s->conf->ap_scan)
1162 wpas_notify_ap_scan_changed(wpa_s);
1163
1164 if (reconf_ctrl)
1165 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1166
1167 wpa_supplicant_update_config(wpa_s);
1168
1169 wpa_supplicant_clear_status(wpa_s);
1170 if (wpa_supplicant_enabled_networks(wpa_s)) {
1171 wpa_s->reassociate = 1;
1172 wpa_supplicant_req_scan(wpa_s, 0, 0);
1173 }
1174 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1175 return 0;
1176 }
1177
1178
1179 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1180 {
1181 struct wpa_global *global = signal_ctx;
1182 struct wpa_supplicant *wpa_s;
1183 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1184 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1185 sig);
1186 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1187 wpa_supplicant_terminate_proc(global);
1188 }
1189 }
1190
1191 if (wpa_debug_reopen_file() < 0) {
1192 /* Ignore errors since we cannot really do much to fix this */
1193 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1194 }
1195 }
1196
1197
1198 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1199 struct wpa_ssid *ssid,
1200 struct wpa_ie_data *ie)
1201 {
1202 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1203 if (ret) {
1204 if (ret == -2) {
1205 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1206 "from association info");
1207 }
1208 return -1;
1209 }
1210
1211 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1212 "cipher suites");
1213 if (!(ie->group_cipher & ssid->group_cipher)) {
1214 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1215 "cipher 0x%x (mask 0x%x) - reject",
1216 ie->group_cipher, ssid->group_cipher);
1217 return -1;
1218 }
1219 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1220 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1221 "cipher 0x%x (mask 0x%x) - reject",
1222 ie->pairwise_cipher, ssid->pairwise_cipher);
1223 return -1;
1224 }
1225 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1226 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1227 "management 0x%x (mask 0x%x) - reject",
1228 ie->key_mgmt, ssid->key_mgmt);
1229 return -1;
1230 }
1231
1232 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1233 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1234 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1235 "that does not support management frame protection - "
1236 "reject");
1237 return -1;
1238 }
1239
1240 return 0;
1241 }
1242
1243
1244 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1245 int freq)
1246 {
1247 if (!ie->has_group)
1248 ie->group_cipher = wpa_default_rsn_cipher(freq);
1249 if (!ie->has_pairwise)
1250 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1251 return (ie->group_cipher & ssid->group_cipher) &&
1252 (ie->pairwise_cipher & ssid->pairwise_cipher);
1253 }
1254
1255
1256 /**
1257 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1258 * @wpa_s: Pointer to wpa_supplicant data
1259 * @bss: Scan results for the selected BSS, or %NULL if not available
1260 * @ssid: Configuration data for the selected network
1261 * @wpa_ie: Buffer for the WPA/RSN IE
1262 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1263 * used buffer length in case the functions returns success.
1264 * Returns: 0 on success or -1 on failure
1265 *
1266 * This function is used to configure authentication and encryption parameters
1267 * based on the network configuration and scan result for the selected BSS (if
1268 * available).
1269 */
1270 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1271 struct wpa_bss *bss, struct wpa_ssid *ssid,
1272 u8 *wpa_ie, size_t *wpa_ie_len)
1273 {
1274 struct wpa_ie_data ie;
1275 int sel, proto;
1276 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1277
1278 if (bss) {
1279 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1280 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1281 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1282 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1283 } else {
1284 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1285 }
1286
1287 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1288 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1289 matching_ciphers(ssid, &ie, bss->freq) &&
1290 (ie.key_mgmt & ssid->key_mgmt)) {
1291 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1292 proto = WPA_PROTO_RSN;
1293 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1294 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1295 (ie.group_cipher & ssid->group_cipher) &&
1296 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1297 (ie.key_mgmt & ssid->key_mgmt)) {
1298 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1299 proto = WPA_PROTO_WPA;
1300 #ifdef CONFIG_HS20
1301 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1302 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1303 (ie.group_cipher & ssid->group_cipher) &&
1304 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1305 (ie.key_mgmt & ssid->key_mgmt)) {
1306 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1307 proto = WPA_PROTO_OSEN;
1308 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1309 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1310 (ie.group_cipher & ssid->group_cipher) &&
1311 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1312 (ie.key_mgmt & ssid->key_mgmt)) {
1313 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1314 proto = WPA_PROTO_RSN;
1315 #endif /* CONFIG_HS20 */
1316 } else if (bss) {
1317 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1318 wpa_dbg(wpa_s, MSG_DEBUG,
1319 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1320 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1321 ssid->key_mgmt);
1322 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1323 MAC2STR(bss->bssid),
1324 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1325 bss_wpa ? " WPA" : "",
1326 bss_rsn ? " RSN" : "",
1327 bss_osen ? " OSEN" : "");
1328 if (bss_rsn) {
1329 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1330 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1331 wpa_dbg(wpa_s, MSG_DEBUG,
1332 "Could not parse RSN element");
1333 } else {
1334 wpa_dbg(wpa_s, MSG_DEBUG,
1335 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1336 ie.pairwise_cipher, ie.group_cipher,
1337 ie.key_mgmt);
1338 }
1339 }
1340 if (bss_wpa) {
1341 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1342 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1343 wpa_dbg(wpa_s, MSG_DEBUG,
1344 "Could not parse WPA element");
1345 } else {
1346 wpa_dbg(wpa_s, MSG_DEBUG,
1347 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1348 ie.pairwise_cipher, ie.group_cipher,
1349 ie.key_mgmt);
1350 }
1351 }
1352 return -1;
1353 } else {
1354 if (ssid->proto & WPA_PROTO_OSEN)
1355 proto = WPA_PROTO_OSEN;
1356 else if (ssid->proto & WPA_PROTO_RSN)
1357 proto = WPA_PROTO_RSN;
1358 else
1359 proto = WPA_PROTO_WPA;
1360 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1361 os_memset(&ie, 0, sizeof(ie));
1362 ie.group_cipher = ssid->group_cipher;
1363 ie.pairwise_cipher = ssid->pairwise_cipher;
1364 ie.key_mgmt = ssid->key_mgmt;
1365 ie.mgmt_group_cipher = 0;
1366 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1367 if (ssid->group_mgmt_cipher &
1368 WPA_CIPHER_BIP_GMAC_256)
1369 ie.mgmt_group_cipher =
1370 WPA_CIPHER_BIP_GMAC_256;
1371 else if (ssid->group_mgmt_cipher &
1372 WPA_CIPHER_BIP_CMAC_256)
1373 ie.mgmt_group_cipher =
1374 WPA_CIPHER_BIP_CMAC_256;
1375 else if (ssid->group_mgmt_cipher &
1376 WPA_CIPHER_BIP_GMAC_128)
1377 ie.mgmt_group_cipher =
1378 WPA_CIPHER_BIP_GMAC_128;
1379 else
1380 ie.mgmt_group_cipher =
1381 WPA_CIPHER_AES_128_CMAC;
1382 }
1383 #ifdef CONFIG_OWE
1384 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1385 !ssid->owe_only &&
1386 !bss_wpa && !bss_rsn && !bss_osen) {
1387 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1388 wpa_s->wpa_proto = 0;
1389 *wpa_ie_len = 0;
1390 return 0;
1391 }
1392 #endif /* CONFIG_OWE */
1393 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1394 "based on configuration");
1395 } else
1396 proto = ie.proto;
1397 }
1398
1399 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1400 "pairwise %d key_mgmt %d proto %d",
1401 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1402 if (ssid->ieee80211w) {
1403 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1404 ie.mgmt_group_cipher);
1405 }
1406
1407 wpa_s->wpa_proto = proto;
1408 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1409 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1410 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1411
1412 if (bss || !wpa_s->ap_ies_from_associnfo) {
1413 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1414 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1415 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1416 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1417 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1418 bss_rsnx ? 2 + bss_rsnx[1] : 0))
1419 return -1;
1420 }
1421
1422 #ifdef CONFIG_NO_WPA
1423 wpa_s->group_cipher = WPA_CIPHER_NONE;
1424 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1425 #else /* CONFIG_NO_WPA */
1426 sel = ie.group_cipher & ssid->group_cipher;
1427 wpa_dbg(wpa_s, MSG_DEBUG,
1428 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1429 ie.group_cipher, ssid->group_cipher, sel);
1430 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1431 if (wpa_s->group_cipher < 0) {
1432 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1433 "cipher");
1434 return -1;
1435 }
1436 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1437 wpa_cipher_txt(wpa_s->group_cipher));
1438
1439 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1440 wpa_dbg(wpa_s, MSG_DEBUG,
1441 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1442 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1443 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1444 if (wpa_s->pairwise_cipher < 0) {
1445 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1446 "cipher");
1447 return -1;
1448 }
1449 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1450 wpa_cipher_txt(wpa_s->pairwise_cipher));
1451 #endif /* CONFIG_NO_WPA */
1452
1453 sel = ie.key_mgmt & ssid->key_mgmt;
1454 wpa_dbg(wpa_s, MSG_DEBUG,
1455 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1456 ie.key_mgmt, ssid->key_mgmt, sel);
1457 #ifdef CONFIG_SAE
1458 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1459 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1460 #endif /* CONFIG_SAE */
1461 if (0) {
1462 #ifdef CONFIG_IEEE80211R
1463 #ifdef CONFIG_SHA384
1464 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1465 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1466 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1467 wpa_dbg(wpa_s, MSG_DEBUG,
1468 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1469 if (!ssid->ft_eap_pmksa_caching &&
1470 pmksa_cache_get_current(wpa_s->wpa)) {
1471 /* PMKSA caching with FT may have interoperability
1472 * issues, so disable that case by default for now. */
1473 wpa_dbg(wpa_s, MSG_DEBUG,
1474 "WPA: Disable PMKSA caching for FT/802.1X connection");
1475 pmksa_cache_clear_current(wpa_s->wpa);
1476 }
1477 #endif /* CONFIG_SHA384 */
1478 #endif /* CONFIG_IEEE80211R */
1479 #ifdef CONFIG_SUITEB192
1480 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1481 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1482 wpa_dbg(wpa_s, MSG_DEBUG,
1483 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1484 #endif /* CONFIG_SUITEB192 */
1485 #ifdef CONFIG_SUITEB
1486 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1487 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1488 wpa_dbg(wpa_s, MSG_DEBUG,
1489 "WPA: using KEY_MGMT 802.1X with Suite B");
1490 #endif /* CONFIG_SUITEB */
1491 #ifdef CONFIG_FILS
1492 #ifdef CONFIG_IEEE80211R
1493 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1494 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1495 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1496 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1497 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1498 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1499 #endif /* CONFIG_IEEE80211R */
1500 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1501 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1502 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1503 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1504 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1505 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1506 #endif /* CONFIG_FILS */
1507 #ifdef CONFIG_IEEE80211R
1508 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1509 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1510 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1511 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1512 if (!ssid->ft_eap_pmksa_caching &&
1513 pmksa_cache_get_current(wpa_s->wpa)) {
1514 /* PMKSA caching with FT may have interoperability
1515 * issues, so disable that case by default for now. */
1516 wpa_dbg(wpa_s, MSG_DEBUG,
1517 "WPA: Disable PMKSA caching for FT/802.1X connection");
1518 pmksa_cache_clear_current(wpa_s->wpa);
1519 }
1520 #endif /* CONFIG_IEEE80211R */
1521 #ifdef CONFIG_DPP
1522 } else if (sel & WPA_KEY_MGMT_DPP) {
1523 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1524 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1525 #endif /* CONFIG_DPP */
1526 #ifdef CONFIG_SAE
1527 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1528 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1529 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1530 } else if (sel & WPA_KEY_MGMT_SAE) {
1531 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1532 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1533 #endif /* CONFIG_SAE */
1534 #ifdef CONFIG_IEEE80211R
1535 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1536 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1537 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1538 #endif /* CONFIG_IEEE80211R */
1539 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1540 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1541 wpa_dbg(wpa_s, MSG_DEBUG,
1542 "WPA: using KEY_MGMT 802.1X with SHA256");
1543 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1544 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1545 wpa_dbg(wpa_s, MSG_DEBUG,
1546 "WPA: using KEY_MGMT PSK with SHA256");
1547 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1548 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1549 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1550 } else if (sel & WPA_KEY_MGMT_PSK) {
1551 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1552 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1553 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1554 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1555 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1556 #ifdef CONFIG_HS20
1557 } else if (sel & WPA_KEY_MGMT_OSEN) {
1558 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1559 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1560 #endif /* CONFIG_HS20 */
1561 #ifdef CONFIG_OWE
1562 } else if (sel & WPA_KEY_MGMT_OWE) {
1563 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1564 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1565 #endif /* CONFIG_OWE */
1566 } else {
1567 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1568 "authenticated key management type");
1569 return -1;
1570 }
1571
1572 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1573 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1574 wpa_s->pairwise_cipher);
1575 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1576
1577 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1578 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1579 wpa_msg(wpa_s, MSG_INFO,
1580 "RSN: Management frame protection required but the selected AP does not enable it");
1581 return -1;
1582 }
1583
1584 sel = ie.mgmt_group_cipher;
1585 if (ssid->group_mgmt_cipher)
1586 sel &= ssid->group_mgmt_cipher;
1587 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1588 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1589 sel = 0;
1590 wpa_dbg(wpa_s, MSG_DEBUG,
1591 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1592 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1593 if (sel & WPA_CIPHER_AES_128_CMAC) {
1594 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1595 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1596 "AES-128-CMAC");
1597 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1598 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1599 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1600 "BIP-GMAC-128");
1601 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1602 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1603 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1604 "BIP-GMAC-256");
1605 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1606 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1607 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1608 "BIP-CMAC-256");
1609 } else {
1610 wpa_s->mgmt_group_cipher = 0;
1611 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1612 }
1613 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1614 wpa_s->mgmt_group_cipher);
1615 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1616 wpas_get_ssid_pmf(wpa_s, ssid));
1617 #ifdef CONFIG_OCV
1618 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1619 #endif /* CONFIG_OCV */
1620 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, wpa_s->conf->sae_pwe);
1621
1622 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1623 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1624 return -1;
1625 }
1626
1627 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1628 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1629 &wpa_s->rsnxe_len)) {
1630 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1631 return -1;
1632 }
1633
1634 if (0) {
1635 #ifdef CONFIG_DPP
1636 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1637 /* Use PMK from DPP network introduction (PMKSA entry) */
1638 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1639 #endif /* CONFIG_DPP */
1640 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1641 int psk_set = 0;
1642 int sae_only;
1643
1644 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1645 WPA_KEY_MGMT_FT_PSK |
1646 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1647
1648 if (ssid->psk_set && !sae_only) {
1649 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1650 ssid->psk, PMK_LEN);
1651 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1652 NULL);
1653 psk_set = 1;
1654 }
1655
1656 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1657 (ssid->sae_password || ssid->passphrase))
1658 psk_set = 1;
1659
1660 #ifndef CONFIG_NO_PBKDF2
1661 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1662 ssid->passphrase && !sae_only) {
1663 u8 psk[PMK_LEN];
1664 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1665 4096, psk, PMK_LEN);
1666 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1667 psk, PMK_LEN);
1668 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1669 psk_set = 1;
1670 os_memset(psk, 0, sizeof(psk));
1671 }
1672 #endif /* CONFIG_NO_PBKDF2 */
1673 #ifdef CONFIG_EXT_PASSWORD
1674 if (ssid->ext_psk && !sae_only) {
1675 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1676 ssid->ext_psk);
1677 char pw_str[64 + 1];
1678 u8 psk[PMK_LEN];
1679
1680 if (pw == NULL) {
1681 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1682 "found from external storage");
1683 return -1;
1684 }
1685
1686 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1687 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1688 "PSK length %d in external storage",
1689 (int) wpabuf_len(pw));
1690 ext_password_free(pw);
1691 return -1;
1692 }
1693
1694 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1695 pw_str[wpabuf_len(pw)] = '\0';
1696
1697 #ifndef CONFIG_NO_PBKDF2
1698 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1699 {
1700 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1701 4096, psk, PMK_LEN);
1702 os_memset(pw_str, 0, sizeof(pw_str));
1703 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1704 "external passphrase)",
1705 psk, PMK_LEN);
1706 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1707 NULL);
1708 psk_set = 1;
1709 os_memset(psk, 0, sizeof(psk));
1710 } else
1711 #endif /* CONFIG_NO_PBKDF2 */
1712 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1713 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1714 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1715 "Invalid PSK hex string");
1716 os_memset(pw_str, 0, sizeof(pw_str));
1717 ext_password_free(pw);
1718 return -1;
1719 }
1720 wpa_hexdump_key(MSG_MSGDUMP,
1721 "PSK (from external PSK)",
1722 psk, PMK_LEN);
1723 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1724 NULL);
1725 psk_set = 1;
1726 os_memset(psk, 0, sizeof(psk));
1727 } else {
1728 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1729 "PSK available");
1730 os_memset(pw_str, 0, sizeof(pw_str));
1731 ext_password_free(pw);
1732 return -1;
1733 }
1734
1735 os_memset(pw_str, 0, sizeof(pw_str));
1736 ext_password_free(pw);
1737 }
1738 #endif /* CONFIG_EXT_PASSWORD */
1739
1740 if (!psk_set) {
1741 wpa_msg(wpa_s, MSG_INFO,
1742 "No PSK available for association");
1743 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
1744 return -1;
1745 }
1746 #ifdef CONFIG_OWE
1747 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1748 /* OWE Diffie-Hellman exchange in (Re)Association
1749 * Request/Response frames set the PMK, so do not override it
1750 * here. */
1751 #endif /* CONFIG_OWE */
1752 } else
1753 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1754
1755 return 0;
1756 }
1757
1758
1759 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1760 {
1761 *pos = 0x00;
1762
1763 switch (idx) {
1764 case 0: /* Bits 0-7 */
1765 break;
1766 case 1: /* Bits 8-15 */
1767 if (wpa_s->conf->coloc_intf_reporting) {
1768 /* Bit 13 - Collocated Interference Reporting */
1769 *pos |= 0x20;
1770 }
1771 break;
1772 case 2: /* Bits 16-23 */
1773 #ifdef CONFIG_WNM
1774 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1775 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
1776 *pos |= 0x08; /* Bit 19 - BSS Transition */
1777 #endif /* CONFIG_WNM */
1778 break;
1779 case 3: /* Bits 24-31 */
1780 #ifdef CONFIG_WNM
1781 *pos |= 0x02; /* Bit 25 - SSID List */
1782 #endif /* CONFIG_WNM */
1783 #ifdef CONFIG_INTERWORKING
1784 if (wpa_s->conf->interworking)
1785 *pos |= 0x80; /* Bit 31 - Interworking */
1786 #endif /* CONFIG_INTERWORKING */
1787 break;
1788 case 4: /* Bits 32-39 */
1789 #ifdef CONFIG_INTERWORKING
1790 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
1791 *pos |= 0x01; /* Bit 32 - QoS Map */
1792 #endif /* CONFIG_INTERWORKING */
1793 break;
1794 case 5: /* Bits 40-47 */
1795 #ifdef CONFIG_HS20
1796 if (wpa_s->conf->hs20)
1797 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1798 #endif /* CONFIG_HS20 */
1799 #ifdef CONFIG_MBO
1800 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1801 #endif /* CONFIG_MBO */
1802 break;
1803 case 6: /* Bits 48-55 */
1804 break;
1805 case 7: /* Bits 56-63 */
1806 break;
1807 case 8: /* Bits 64-71 */
1808 if (wpa_s->conf->ftm_responder)
1809 *pos |= 0x40; /* Bit 70 - FTM responder */
1810 if (wpa_s->conf->ftm_initiator)
1811 *pos |= 0x80; /* Bit 71 - FTM initiator */
1812 break;
1813 case 9: /* Bits 72-79 */
1814 #ifdef CONFIG_FILS
1815 if (!wpa_s->disable_fils)
1816 *pos |= 0x01;
1817 #endif /* CONFIG_FILS */
1818 break;
1819 }
1820 }
1821
1822
1823 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1824 {
1825 u8 *pos = buf;
1826 u8 len = 10, i;
1827
1828 if (len < wpa_s->extended_capa_len)
1829 len = wpa_s->extended_capa_len;
1830 if (buflen < (size_t) len + 2) {
1831 wpa_printf(MSG_INFO,
1832 "Not enough room for building extended capabilities element");
1833 return -1;
1834 }
1835
1836 *pos++ = WLAN_EID_EXT_CAPAB;
1837 *pos++ = len;
1838 for (i = 0; i < len; i++, pos++) {
1839 wpas_ext_capab_byte(wpa_s, pos, i);
1840
1841 if (i < wpa_s->extended_capa_len) {
1842 *pos &= ~wpa_s->extended_capa_mask[i];
1843 *pos |= wpa_s->extended_capa[i];
1844 }
1845 }
1846
1847 while (len > 0 && buf[1 + len] == 0) {
1848 len--;
1849 buf[1] = len;
1850 }
1851 if (len == 0)
1852 return 0;
1853
1854 return 2 + len;
1855 }
1856
1857
1858 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1859 struct wpa_bss *test_bss)
1860 {
1861 struct wpa_bss *bss;
1862
1863 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1864 if (bss == test_bss)
1865 return 1;
1866 }
1867
1868 return 0;
1869 }
1870
1871
1872 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1873 struct wpa_ssid *test_ssid)
1874 {
1875 struct wpa_ssid *ssid;
1876
1877 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1878 if (ssid == test_ssid)
1879 return 1;
1880 }
1881
1882 return 0;
1883 }
1884
1885
1886 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1887 struct wpa_ssid *test_ssid)
1888 {
1889 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1890 return 0;
1891
1892 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1893 }
1894
1895
1896 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1897 {
1898 if (cwork == NULL)
1899 return;
1900 os_free(cwork);
1901 }
1902
1903
1904 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1905 {
1906 struct wpa_connect_work *cwork;
1907 struct wpa_radio_work *work = wpa_s->connect_work;
1908
1909 if (!work)
1910 return;
1911
1912 wpa_s->connect_work = NULL;
1913 cwork = work->ctx;
1914 work->ctx = NULL;
1915 wpas_connect_work_free(cwork);
1916 radio_work_done(work);
1917 }
1918
1919
1920 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1921 {
1922 struct os_reltime now;
1923 u8 addr[ETH_ALEN];
1924
1925 os_get_reltime(&now);
1926 if (wpa_s->last_mac_addr_style == style &&
1927 wpa_s->last_mac_addr_change.sec != 0 &&
1928 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1929 wpa_s->conf->rand_addr_lifetime)) {
1930 wpa_msg(wpa_s, MSG_DEBUG,
1931 "Previously selected random MAC address has not yet expired");
1932 return 0;
1933 }
1934
1935 switch (style) {
1936 case 1:
1937 if (random_mac_addr(addr) < 0)
1938 return -1;
1939 break;
1940 case 2:
1941 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1942 if (random_mac_addr_keep_oui(addr) < 0)
1943 return -1;
1944 break;
1945 default:
1946 return -1;
1947 }
1948
1949 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1950 wpa_msg(wpa_s, MSG_INFO,
1951 "Failed to set random MAC address");
1952 return -1;
1953 }
1954
1955 os_get_reltime(&wpa_s->last_mac_addr_change);
1956 wpa_s->mac_addr_changed = 1;
1957 wpa_s->last_mac_addr_style = style;
1958
1959 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1960 wpa_msg(wpa_s, MSG_INFO,
1961 "Could not update MAC address information");
1962 return -1;
1963 }
1964
1965 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1966 MAC2STR(addr));
1967
1968 return 0;
1969 }
1970
1971
1972 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1973 {
1974 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1975 !wpa_s->conf->preassoc_mac_addr)
1976 return 0;
1977
1978 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1979 }
1980
1981
1982 static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
1983 {
1984 #ifdef CONFIG_SAE
1985 int *groups = conf->sae_groups;
1986 int default_groups[] = { 19, 20, 21, 0 };
1987 const char *password;
1988
1989 if (!groups || groups[0] <= 0)
1990 groups = default_groups;
1991
1992 password = ssid->sae_password;
1993 if (!password)
1994 password = ssid->passphrase;
1995
1996 if (conf->sae_pwe == 0 || !password) {
1997 /* PT derivation not needed */
1998 sae_deinit_pt(ssid->pt);
1999 ssid->pt = NULL;
2000 return;
2001 }
2002
2003 if (ssid->pt)
2004 return; /* PT already derived */
2005 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2006 (const u8 *) password, os_strlen(password),
2007 ssid->sae_password_id);
2008 #endif /* CONFIG_SAE */
2009 }
2010
2011
2012 static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2013 {
2014 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2015 os_free(wpa_s->sme.sae_rejected_groups);
2016 wpa_s->sme.sae_rejected_groups = NULL;
2017 #ifdef CONFIG_TESTING_OPTIONS
2018 if (wpa_s->extra_sae_rejected_groups) {
2019 int i, *groups = wpa_s->extra_sae_rejected_groups;
2020
2021 for (i = 0; groups[i]; i++) {
2022 wpa_printf(MSG_DEBUG,
2023 "TESTING: Indicate rejection of an extra SAE group %d",
2024 groups[i]);
2025 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2026 groups[i]);
2027 }
2028 }
2029 #endif /* CONFIG_TESTING_OPTIONS */
2030 #endif /* CONFIG_SAE && CONFIG_SME */
2031 }
2032
2033
2034 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2035
2036 /**
2037 * wpa_supplicant_associate - Request association
2038 * @wpa_s: Pointer to wpa_supplicant data
2039 * @bss: Scan results for the selected BSS, or %NULL if not available
2040 * @ssid: Configuration data for the selected network
2041 *
2042 * This function is used to request %wpa_supplicant to associate with a BSS.
2043 */
2044 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2045 struct wpa_bss *bss, struct wpa_ssid *ssid)
2046 {
2047 struct wpa_connect_work *cwork;
2048 int rand_style;
2049
2050 wpa_s->own_disconnect_req = 0;
2051
2052 /*
2053 * If we are starting a new connection, any previously pending EAPOL
2054 * RX cannot be valid anymore.
2055 */
2056 wpabuf_free(wpa_s->pending_eapol_rx);
2057 wpa_s->pending_eapol_rx = NULL;
2058
2059 if (ssid->mac_addr == -1)
2060 rand_style = wpa_s->conf->mac_addr;
2061 else
2062 rand_style = ssid->mac_addr;
2063
2064 wmm_ac_clear_saved_tspecs(wpa_s);
2065 wpa_s->reassoc_same_bss = 0;
2066 wpa_s->reassoc_same_ess = 0;
2067 #ifdef CONFIG_TESTING_OPTIONS
2068 wpa_s->testing_resend_assoc = 0;
2069 #endif /* CONFIG_TESTING_OPTIONS */
2070
2071 if (wpa_s->last_ssid == ssid) {
2072 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2073 wpa_s->reassoc_same_ess = 1;
2074 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2075 wmm_ac_save_tspecs(wpa_s);
2076 wpa_s->reassoc_same_bss = 1;
2077 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2078 os_get_reltime(&wpa_s->roam_start);
2079 }
2080 } else {
2081 #ifdef CONFIG_SAE
2082 wpa_s_clear_sae_rejected(wpa_s);
2083 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2084 #endif /* CONFIG_SAE */
2085 }
2086
2087 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
2088 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
2089 return;
2090 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2091 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
2092 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2093 wpa_msg(wpa_s, MSG_INFO,
2094 "Could not restore permanent MAC address");
2095 return;
2096 }
2097 wpa_s->mac_addr_changed = 0;
2098 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2099 wpa_msg(wpa_s, MSG_INFO,
2100 "Could not update MAC address information");
2101 return;
2102 }
2103 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2104 }
2105 wpa_s->last_ssid = ssid;
2106
2107 #ifdef CONFIG_IBSS_RSN
2108 ibss_rsn_deinit(wpa_s->ibss_rsn);
2109 wpa_s->ibss_rsn = NULL;
2110 #else /* CONFIG_IBSS_RSN */
2111 if (ssid->mode == WPAS_MODE_IBSS &&
2112 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2113 wpa_msg(wpa_s, MSG_INFO,
2114 "IBSS RSN not supported in the build");
2115 return;
2116 }
2117 #endif /* CONFIG_IBSS_RSN */
2118
2119 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2120 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2121 #ifdef CONFIG_AP
2122 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2123 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2124 "mode");
2125 return;
2126 }
2127 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2128 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2129 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2130 wpas_p2p_ap_setup_failed(wpa_s);
2131 return;
2132 }
2133 wpa_s->current_bss = bss;
2134 #else /* CONFIG_AP */
2135 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2136 "the build");
2137 #endif /* CONFIG_AP */
2138 return;
2139 }
2140
2141 if (ssid->mode == WPAS_MODE_MESH) {
2142 #ifdef CONFIG_MESH
2143 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2144 wpa_msg(wpa_s, MSG_INFO,
2145 "Driver does not support mesh mode");
2146 return;
2147 }
2148 if (bss)
2149 ssid->frequency = bss->freq;
2150 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2151 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2152 return;
2153 }
2154 wpa_s->current_bss = bss;
2155 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
2156 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
2157 ssid->id);
2158 wpas_notify_mesh_group_started(wpa_s, ssid);
2159 #else /* CONFIG_MESH */
2160 wpa_msg(wpa_s, MSG_ERROR,
2161 "mesh mode support not included in the build");
2162 #endif /* CONFIG_MESH */
2163 return;
2164 }
2165
2166 /*
2167 * Set WPA state machine configuration to match the selected network now
2168 * so that the information is available before wpas_start_assoc_cb()
2169 * gets called. This is needed at least for RSN pre-authentication where
2170 * candidate APs are added to a list based on scan result processing
2171 * before completion of the first association.
2172 */
2173 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2174
2175 #ifdef CONFIG_DPP
2176 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2177 return;
2178 #endif /* CONFIG_DPP */
2179
2180 #ifdef CONFIG_TDLS
2181 if (bss)
2182 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
2183 bss->ie_len);
2184 #endif /* CONFIG_TDLS */
2185
2186 #ifdef CONFIG_MBO
2187 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2188 #endif /* CONFIG_MBO */
2189
2190 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2191 ssid->mode == WPAS_MODE_INFRA) {
2192 sme_authenticate(wpa_s, bss, ssid);
2193 return;
2194 }
2195
2196 if (wpa_s->connect_work) {
2197 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2198 return;
2199 }
2200
2201 if (radio_work_pending(wpa_s, "connect")) {
2202 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2203 return;
2204 }
2205
2206 #ifdef CONFIG_SME
2207 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2208 /* Clear possibly set auth_alg, if any, from last attempt. */
2209 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2210 }
2211 #endif /* CONFIG_SME */
2212
2213 wpas_abort_ongoing_scan(wpa_s);
2214
2215 cwork = os_zalloc(sizeof(*cwork));
2216 if (cwork == NULL)
2217 return;
2218
2219 cwork->bss = bss;
2220 cwork->ssid = ssid;
2221
2222 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2223 wpas_start_assoc_cb, cwork) < 0) {
2224 os_free(cwork);
2225 }
2226 }
2227
2228
2229 static int bss_is_ibss(struct wpa_bss *bss)
2230 {
2231 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2232 IEEE80211_CAP_IBSS;
2233 }
2234
2235
2236 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2237 const struct wpa_ssid *ssid)
2238 {
2239 enum hostapd_hw_mode hw_mode;
2240 struct hostapd_hw_modes *mode = NULL;
2241 u8 channel;
2242 int i;
2243
2244 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2245 if (hw_mode == NUM_HOSTAPD_MODES)
2246 return 0;
2247 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2248 if (wpa_s->hw.modes[i].mode == hw_mode) {
2249 mode = &wpa_s->hw.modes[i];
2250 break;
2251 }
2252 }
2253
2254 if (!mode)
2255 return 0;
2256
2257 return mode->vht_capab != 0;
2258 }
2259
2260
2261 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2262 const struct wpa_ssid *ssid,
2263 struct hostapd_freq_params *freq)
2264 {
2265 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
2266 enum hostapd_hw_mode hw_mode;
2267 struct hostapd_hw_modes *mode = NULL;
2268 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2269 184, 192 };
2270 int vht80[] = { 36, 52, 100, 116, 132, 149 };
2271 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2272 u8 channel;
2273 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2274 unsigned int j, k;
2275 struct hostapd_freq_params vht_freq;
2276 int chwidth, seg0, seg1;
2277 u32 vht_caps = 0;
2278 int is_24ghz;
2279
2280 freq->freq = ssid->frequency;
2281
2282 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2283 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2284
2285 if (ssid->mode != WPAS_MODE_IBSS)
2286 break;
2287
2288 /* Don't adjust control freq in case of fixed_freq */
2289 if (ssid->fixed_freq)
2290 break;
2291
2292 if (!bss_is_ibss(bss))
2293 continue;
2294
2295 if (ssid->ssid_len == bss->ssid_len &&
2296 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2297 wpa_printf(MSG_DEBUG,
2298 "IBSS already found in scan results, adjust control freq: %d",
2299 bss->freq);
2300 freq->freq = bss->freq;
2301 obss_scan = 0;
2302 break;
2303 }
2304 }
2305
2306 /* For IBSS check HT_IBSS flag */
2307 if (ssid->mode == WPAS_MODE_IBSS &&
2308 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2309 return;
2310
2311 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2312 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2313 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2314 wpa_printf(MSG_DEBUG,
2315 "IBSS: WEP/TKIP detected, do not try to enable HT");
2316 return;
2317 }
2318
2319 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2320 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2321 if (wpa_s->hw.modes[i].mode == hw_mode) {
2322 mode = &wpa_s->hw.modes[i];
2323 break;
2324 }
2325 }
2326
2327 if (!mode)
2328 return;
2329
2330 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2331 hw_mode == HOSTAPD_MODE_IEEE80211B;
2332
2333 #ifdef CONFIG_HT_OVERRIDES
2334 if (ssid->disable_ht) {
2335 freq->ht_enabled = 0;
2336 return;
2337 }
2338 #endif /* CONFIG_HT_OVERRIDES */
2339
2340 freq->ht_enabled = ht_supported(mode);
2341 if (!freq->ht_enabled)
2342 return;
2343
2344 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2345 if (is_24ghz)
2346 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2347
2348 /* Setup higher BW only for 5 GHz */
2349 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2350 return;
2351
2352 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2353 pri_chan = &mode->channels[chan_idx];
2354 if (pri_chan->chan == channel)
2355 break;
2356 pri_chan = NULL;
2357 }
2358 if (!pri_chan)
2359 return;
2360
2361 /* Check primary channel flags */
2362 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2363 return;
2364
2365 freq->channel = pri_chan->chan;
2366
2367 #ifdef CONFIG_HT_OVERRIDES
2368 if (ssid->disable_ht40) {
2369 if (ssid->disable_vht)
2370 return;
2371 goto skip_ht40;
2372 }
2373 #endif /* CONFIG_HT_OVERRIDES */
2374
2375 /* Check/setup HT40+/HT40- */
2376 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2377 if (ht40plus[j] == channel) {
2378 ht40 = 1;
2379 break;
2380 }
2381 }
2382
2383 /* Find secondary channel */
2384 for (i = 0; i < mode->num_channels; i++) {
2385 sec_chan = &mode->channels[i];
2386 if (sec_chan->chan == channel + ht40 * 4)
2387 break;
2388 sec_chan = NULL;
2389 }
2390 if (!sec_chan)
2391 return;
2392
2393 /* Check secondary channel flags */
2394 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2395 return;
2396
2397 if (ht40 == -1) {
2398 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2399 return;
2400 } else {
2401 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2402 return;
2403 }
2404 freq->sec_channel_offset = ht40;
2405
2406 if (obss_scan) {
2407 struct wpa_scan_results *scan_res;
2408
2409 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2410 if (scan_res == NULL) {
2411 /* Back to HT20 */
2412 freq->sec_channel_offset = 0;
2413 return;
2414 }
2415
2416 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
2417 switch (res) {
2418 case 0:
2419 /* Back to HT20 */
2420 freq->sec_channel_offset = 0;
2421 break;
2422 case 1:
2423 /* Configuration allowed */
2424 break;
2425 case 2:
2426 /* Switch pri/sec channels */
2427 freq->freq = hw_get_freq(mode, sec_chan->chan);
2428 freq->sec_channel_offset = -freq->sec_channel_offset;
2429 freq->channel = sec_chan->chan;
2430 break;
2431 default:
2432 freq->sec_channel_offset = 0;
2433 break;
2434 }
2435
2436 wpa_scan_results_free(scan_res);
2437 }
2438
2439 #ifdef CONFIG_HT_OVERRIDES
2440 skip_ht40:
2441 #endif /* CONFIG_HT_OVERRIDES */
2442 wpa_printf(MSG_DEBUG,
2443 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2444 freq->channel, freq->sec_channel_offset);
2445
2446 if (!drv_supports_vht(wpa_s, ssid))
2447 return;
2448
2449 /* For IBSS check VHT_IBSS flag */
2450 if (ssid->mode == WPAS_MODE_IBSS &&
2451 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2452 return;
2453
2454 vht_freq = *freq;
2455
2456 #ifdef CONFIG_VHT_OVERRIDES
2457 if (ssid->disable_vht) {
2458 freq->vht_enabled = 0;
2459 return;
2460 }
2461 #endif /* CONFIG_VHT_OVERRIDES */
2462
2463 vht_freq.vht_enabled = vht_supported(mode);
2464 if (!vht_freq.vht_enabled)
2465 return;
2466
2467 /* Enable HE for VHT */
2468 vht_freq.he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2469
2470 /* setup center_freq1, bandwidth */
2471 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2472 if (freq->channel >= vht80[j] &&
2473 freq->channel < vht80[j] + 16)
2474 break;
2475 }
2476
2477 if (j == ARRAY_SIZE(vht80))
2478 return;
2479
2480 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2481 struct hostapd_channel_data *chan;
2482
2483 chan = hw_get_channel_chan(mode, i, NULL);
2484 if (!chan)
2485 return;
2486
2487 /* Back to HT configuration if channel not usable */
2488 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2489 return;
2490 }
2491
2492 chwidth = CHANWIDTH_80MHZ;
2493 seg0 = vht80[j] + 6;
2494 seg1 = 0;
2495
2496 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
2497 /* setup center_freq2, bandwidth */
2498 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2499 /* Only accept 80 MHz segments separated by a gap */
2500 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2501 continue;
2502 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2503 struct hostapd_channel_data *chan;
2504
2505 chan = hw_get_channel_chan(mode, i, NULL);
2506 if (!chan)
2507 continue;
2508
2509 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2510 HOSTAPD_CHAN_NO_IR |
2511 HOSTAPD_CHAN_RADAR))
2512 continue;
2513
2514 /* Found a suitable second segment for 80+80 */
2515 chwidth = CHANWIDTH_80P80MHZ;
2516 vht_caps |=
2517 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2518 seg1 = vht80[k] + 6;
2519 }
2520
2521 if (chwidth == CHANWIDTH_80P80MHZ)
2522 break;
2523 }
2524 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
2525 if (freq->freq == 5180) {
2526 chwidth = CHANWIDTH_160MHZ;
2527 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2528 seg0 = 50;
2529 } else if (freq->freq == 5520) {
2530 chwidth = CHANWIDTH_160MHZ;
2531 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2532 seg0 = 114;
2533 }
2534 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2535 chwidth = CHANWIDTH_USE_HT;
2536 seg0 = vht80[j] + 2;
2537 #ifdef CONFIG_HT_OVERRIDES
2538 if (ssid->disable_ht40)
2539 seg0 = 0;
2540 #endif /* CONFIG_HT_OVERRIDES */
2541 }
2542
2543 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2544 freq->channel, ssid->enable_edmg,
2545 ssid->edmg_channel, freq->ht_enabled,
2546 vht_freq.vht_enabled, freq->he_enabled,
2547 freq->sec_channel_offset,
2548 chwidth, seg0, seg1, vht_caps,
2549 &mode->he_capab[ieee80211_mode]) != 0)
2550 return;
2551
2552 *freq = vht_freq;
2553
2554 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2555 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2556 }
2557
2558
2559 #ifdef CONFIG_FILS
2560 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2561 size_t ie_buf_len)
2562 {
2563 struct fils_hlp_req *req;
2564 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2565 const u8 *pos;
2566 u8 *buf = ie_buf;
2567
2568 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2569 list) {
2570 rem_len = ie_buf_len - ie_len;
2571 pos = wpabuf_head(req->pkt);
2572 hdr_len = 1 + 2 * ETH_ALEN + 6;
2573 hlp_len = wpabuf_len(req->pkt);
2574
2575 if (rem_len < 2 + hdr_len + hlp_len) {
2576 wpa_printf(MSG_ERROR,
2577 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2578 (unsigned long) rem_len,
2579 (unsigned long) (2 + hdr_len + hlp_len));
2580 break;
2581 }
2582
2583 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2584 /* Element ID */
2585 *buf++ = WLAN_EID_EXTENSION;
2586 /* Length */
2587 *buf++ = len;
2588 /* Element ID Extension */
2589 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2590 /* Destination MAC address */
2591 os_memcpy(buf, req->dst, ETH_ALEN);
2592 buf += ETH_ALEN;
2593 /* Source MAC address */
2594 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2595 buf += ETH_ALEN;
2596 /* LLC/SNAP Header */
2597 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2598 buf += 6;
2599 /* HLP Packet */
2600 os_memcpy(buf, pos, len - hdr_len);
2601 buf += len - hdr_len;
2602 pos += len - hdr_len;
2603
2604 hlp_len -= len - hdr_len;
2605 ie_len += 2 + len;
2606 rem_len -= 2 + len;
2607
2608 while (hlp_len) {
2609 len = (hlp_len > 255) ? 255 : hlp_len;
2610 if (rem_len < 2 + len)
2611 break;
2612 *buf++ = WLAN_EID_FRAGMENT;
2613 *buf++ = len;
2614 os_memcpy(buf, pos, len);
2615 buf += len;
2616 pos += len;
2617
2618 hlp_len -= len;
2619 ie_len += 2 + len;
2620 rem_len -= 2 + len;
2621 }
2622 }
2623
2624 return ie_len;
2625 }
2626
2627
2628 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2629 {
2630 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2631 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2632 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2633 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2634 }
2635
2636
2637 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2638 {
2639 #ifdef CONFIG_FILS_SK_PFS
2640 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2641 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2642 #else /* CONFIG_FILS_SK_PFS */
2643 return 0;
2644 #endif /* CONFIG_FILS_SK_PFS */
2645 }
2646
2647 #endif /* CONFIG_FILS */
2648
2649
2650 static u8 * wpas_populate_assoc_ies(
2651 struct wpa_supplicant *wpa_s,
2652 struct wpa_bss *bss, struct wpa_ssid *ssid,
2653 struct wpa_driver_associate_params *params,
2654 enum wpa_drv_update_connect_params_mask *mask)
2655 {
2656 u8 *wpa_ie;
2657 size_t max_wpa_ie_len = 500;
2658 size_t wpa_ie_len;
2659 int algs = WPA_AUTH_ALG_OPEN;
2660 #ifdef CONFIG_MBO
2661 const u8 *mbo_ie;
2662 #endif
2663 #ifdef CONFIG_SAE
2664 int sae_pmksa_cached = 0;
2665 #endif /* CONFIG_SAE */
2666 #ifdef CONFIG_FILS
2667 const u8 *realm, *username, *rrk;
2668 size_t realm_len, username_len, rrk_len;
2669 u16 next_seq_num;
2670 struct fils_hlp_req *req;
2671
2672 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2673 list) {
2674 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2675 2 + 2 * wpabuf_len(req->pkt) / 255;
2676 }
2677 #endif /* CONFIG_FILS */
2678
2679 wpa_ie = os_malloc(max_wpa_ie_len);
2680 if (!wpa_ie) {
2681 wpa_printf(MSG_ERROR,
2682 "Failed to allocate connect IE buffer for %lu bytes",
2683 (unsigned long) max_wpa_ie_len);
2684 return NULL;
2685 }
2686
2687 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2688 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2689 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2690 int try_opportunistic;
2691 const u8 *cache_id = NULL;
2692
2693 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2694 wpa_s->conf->okc :
2695 ssid->proactive_key_caching) &&
2696 (ssid->proto & WPA_PROTO_RSN);
2697 #ifdef CONFIG_FILS
2698 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2699 cache_id = wpa_bss_get_fils_cache_id(bss);
2700 #endif /* CONFIG_FILS */
2701 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2702 ssid, try_opportunistic,
2703 cache_id, 0) == 0) {
2704 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2705 #ifdef CONFIG_SAE
2706 sae_pmksa_cached = 1;
2707 #endif /* CONFIG_SAE */
2708 }
2709 wpa_ie_len = max_wpa_ie_len;
2710 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2711 wpa_ie, &wpa_ie_len)) {
2712 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2713 "key management and encryption suites");
2714 os_free(wpa_ie);
2715 return NULL;
2716 }
2717 #ifdef CONFIG_HS20
2718 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2719 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2720 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2721 wpa_ie_len = max_wpa_ie_len;
2722 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2723 wpa_ie, &wpa_ie_len)) {
2724 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2725 "key management and encryption suites");
2726 os_free(wpa_ie);
2727 return NULL;
2728 }
2729 #endif /* CONFIG_HS20 */
2730 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2731 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2732 /*
2733 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2734 * use non-WPA since the scan results did not indicate that the
2735 * AP is using WPA or WPA2.
2736 */
2737 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2738 wpa_ie_len = 0;
2739 wpa_s->wpa_proto = 0;
2740 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2741 wpa_ie_len = max_wpa_ie_len;
2742 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2743 wpa_ie, &wpa_ie_len)) {
2744 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2745 "key management and encryption suites (no "
2746 "scan results)");
2747 os_free(wpa_ie);
2748 return NULL;
2749 }
2750 #ifdef CONFIG_WPS
2751 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2752 struct wpabuf *wps_ie;
2753 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2754 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
2755 wpa_ie_len = wpabuf_len(wps_ie);
2756 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2757 } else
2758 wpa_ie_len = 0;
2759 wpabuf_free(wps_ie);
2760 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2761 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2762 params->wps = WPS_MODE_PRIVACY;
2763 else
2764 params->wps = WPS_MODE_OPEN;
2765 wpa_s->wpa_proto = 0;
2766 #endif /* CONFIG_WPS */
2767 } else {
2768 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2769 wpa_ie_len = 0;
2770 wpa_s->wpa_proto = 0;
2771 }
2772
2773 #ifdef IEEE8021X_EAPOL
2774 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2775 if (ssid->leap) {
2776 if (ssid->non_leap == 0)
2777 algs = WPA_AUTH_ALG_LEAP;
2778 else
2779 algs |= WPA_AUTH_ALG_LEAP;
2780 }
2781 }
2782
2783 #ifdef CONFIG_FILS
2784 /* Clear FILS association */
2785 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2786
2787 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2788 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2789 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2790 &username_len, &realm, &realm_len,
2791 &next_seq_num, &rrk, &rrk_len) == 0 &&
2792 (!wpa_s->last_con_fail_realm ||
2793 wpa_s->last_con_fail_realm_len != realm_len ||
2794 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
2795 algs = WPA_AUTH_ALG_FILS;
2796 params->fils_erp_username = username;
2797 params->fils_erp_username_len = username_len;
2798 params->fils_erp_realm = realm;
2799 params->fils_erp_realm_len = realm_len;
2800 params->fils_erp_next_seq_num = next_seq_num;
2801 params->fils_erp_rrk = rrk;
2802 params->fils_erp_rrk_len = rrk_len;
2803
2804 if (mask)
2805 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
2806 }
2807 #endif /* CONFIG_FILS */
2808 #endif /* IEEE8021X_EAPOL */
2809 #ifdef CONFIG_SAE
2810 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2811 algs = WPA_AUTH_ALG_SAE;
2812 #endif /* CONFIG_SAE */
2813
2814 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2815 if (ssid->auth_alg) {
2816 algs = ssid->auth_alg;
2817 wpa_dbg(wpa_s, MSG_DEBUG,
2818 "Overriding auth_alg selection: 0x%x", algs);
2819 }
2820
2821 #ifdef CONFIG_SAE
2822 if (sae_pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
2823 wpa_dbg(wpa_s, MSG_DEBUG,
2824 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2825 algs = WPA_AUTH_ALG_OPEN;
2826 }
2827 #endif /* CONFIG_SAE */
2828
2829 #ifdef CONFIG_P2P
2830 if (wpa_s->global->p2p) {
2831 u8 *pos;
2832 size_t len;
2833 int res;
2834 pos = wpa_ie + wpa_ie_len;
2835 len = max_wpa_ie_len - wpa_ie_len;
2836 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2837 ssid->p2p_group);
2838 if (res >= 0)
2839 wpa_ie_len += res;
2840 }
2841
2842 wpa_s->cross_connect_disallowed = 0;
2843 if (bss) {
2844 struct wpabuf *p2p;
2845 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2846 if (p2p) {
2847 wpa_s->cross_connect_disallowed =
2848 p2p_get_cross_connect_disallowed(p2p);
2849 wpabuf_free(p2p);
2850 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2851 "connection",
2852 wpa_s->cross_connect_disallowed ?
2853 "disallows" : "allows");
2854 }
2855 }
2856
2857 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2858 #endif /* CONFIG_P2P */
2859
2860 if (bss) {
2861 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq,
2862 wpa_ie + wpa_ie_len,
2863 max_wpa_ie_len -
2864 wpa_ie_len);
2865 }
2866
2867 /*
2868 * Workaround: Add Extended Capabilities element only if the AP
2869 * included this element in Beacon/Probe Response frames. Some older
2870 * APs seem to have interoperability issues if this element is
2871 * included, so while the standard may require us to include the
2872 * element in all cases, it is justifiable to skip it to avoid
2873 * interoperability issues.
2874 */
2875 if (ssid->p2p_group)
2876 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2877 else
2878 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2879
2880 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2881 u8 ext_capab[18];
2882 int ext_capab_len;
2883 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2884 sizeof(ext_capab));
2885 if (ext_capab_len > 0 &&
2886 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
2887 u8 *pos = wpa_ie;
2888 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2889 pos += 2 + pos[1];
2890 os_memmove(pos + ext_capab_len, pos,
2891 wpa_ie_len - (pos - wpa_ie));
2892 wpa_ie_len += ext_capab_len;
2893 os_memcpy(pos, ext_capab, ext_capab_len);
2894 }
2895 }
2896
2897 #ifdef CONFIG_HS20
2898 if (is_hs20_network(wpa_s, ssid, bss)) {
2899 struct wpabuf *hs20;
2900
2901 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
2902 if (hs20) {
2903 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2904 size_t len;
2905
2906 wpas_hs20_add_indication(hs20, pps_mo_id,
2907 get_hs20_version(bss));
2908 wpas_hs20_add_roam_cons_sel(hs20, ssid);
2909 len = max_wpa_ie_len - wpa_ie_len;
2910 if (wpabuf_len(hs20) <= len) {
2911 os_memcpy(wpa_ie + wpa_ie_len,
2912 wpabuf_head(hs20), wpabuf_len(hs20));
2913 wpa_ie_len += wpabuf_len(hs20);
2914 }
2915 wpabuf_free(hs20);
2916
2917 hs20_configure_frame_filters(wpa_s);
2918 }
2919 }
2920 #endif /* CONFIG_HS20 */
2921
2922 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2923 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2924 size_t len;
2925
2926 len = max_wpa_ie_len - wpa_ie_len;
2927 if (wpabuf_len(buf) <= len) {
2928 os_memcpy(wpa_ie + wpa_ie_len,
2929 wpabuf_head(buf), wpabuf_len(buf));
2930 wpa_ie_len += wpabuf_len(buf);
2931 }
2932 }
2933
2934 #ifdef CONFIG_FST
2935 if (wpa_s->fst_ies) {
2936 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2937
2938 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
2939 os_memcpy(wpa_ie + wpa_ie_len,
2940 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2941 wpa_ie_len += fst_ies_len;
2942 }
2943 }
2944 #endif /* CONFIG_FST */
2945
2946 #ifdef CONFIG_MBO
2947 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
2948 if (!wpa_s->disable_mbo_oce && mbo_ie) {
2949 int len;
2950
2951 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2952 max_wpa_ie_len - wpa_ie_len,
2953 !!mbo_attr_from_mbo_ie(mbo_ie,
2954 OCE_ATTR_ID_CAPA_IND));
2955 if (len >= 0)
2956 wpa_ie_len += len;
2957 }
2958 #endif /* CONFIG_MBO */
2959
2960 #ifdef CONFIG_FILS
2961 if (algs == WPA_AUTH_ALG_FILS) {
2962 size_t len;
2963
2964 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
2965 max_wpa_ie_len - wpa_ie_len);
2966 wpa_ie_len += len;
2967 }
2968 #endif /* CONFIG_FILS */
2969
2970 #ifdef CONFIG_OWE
2971 #ifdef CONFIG_TESTING_OPTIONS
2972 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
2973 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
2974 } else
2975 #endif /* CONFIG_TESTING_OPTIONS */
2976 if (algs == WPA_AUTH_ALG_OPEN &&
2977 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
2978 struct wpabuf *owe_ie;
2979 u16 group;
2980
2981 if (ssid->owe_group) {
2982 group = ssid->owe_group;
2983 } else if (wpa_s->assoc_status_code ==
2984 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
2985 if (wpa_s->last_owe_group == 19)
2986 group = 20;
2987 else if (wpa_s->last_owe_group == 20)
2988 group = 21;
2989 else
2990 group = OWE_DH_GROUP;
2991 } else {
2992 group = OWE_DH_GROUP;
2993 }
2994
2995 wpa_s->last_owe_group = group;
2996 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
2997 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
2998 if (owe_ie &&
2999 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3000 os_memcpy(wpa_ie + wpa_ie_len,
3001 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3002 wpa_ie_len += wpabuf_len(owe_ie);
3003 }
3004 wpabuf_free(owe_ie);
3005 }
3006 #endif /* CONFIG_OWE */
3007
3008 #ifdef CONFIG_DPP2
3009 if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3010 ssid->dpp_netaccesskey) {
3011 dpp_pfs_free(wpa_s->dpp_pfs);
3012 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3013 ssid->dpp_netaccesskey_len);
3014 if (!wpa_s->dpp_pfs) {
3015 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3016 /* Try to continue without PFS */
3017 goto pfs_fail;
3018 }
3019 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3020 max_wpa_ie_len - wpa_ie_len) {
3021 os_memcpy(wpa_ie + wpa_ie_len,
3022 wpabuf_head(wpa_s->dpp_pfs->ie),
3023 wpabuf_len(wpa_s->dpp_pfs->ie));
3024 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3025 }
3026 }
3027 pfs_fail:
3028 #endif /* CONFIG_DPP2 */
3029
3030 #ifdef CONFIG_IEEE80211R
3031 /*
3032 * Add MDIE under these conditions: the network profile allows FT,
3033 * the AP supports FT, and the mobility domain ID matches.
3034 */
3035 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3036 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3037
3038 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3039 size_t len = 0;
3040 const u8 *md = mdie + 2;
3041 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3042
3043 if (os_memcmp(md, wpa_md,
3044 MOBILITY_DOMAIN_ID_LEN) == 0) {
3045 /* Add mobility domain IE */
3046 len = wpa_ft_add_mdie(
3047 wpa_s->wpa, wpa_ie + wpa_ie_len,
3048 max_wpa_ie_len - wpa_ie_len, mdie);
3049 wpa_ie_len += len;
3050 }
3051 #ifdef CONFIG_SME
3052 if (len > 0 && wpa_s->sme.ft_used &&
3053 wpa_sm_has_ptk(wpa_s->wpa)) {
3054 wpa_dbg(wpa_s, MSG_DEBUG,
3055 "SME: Trying to use FT over-the-air");
3056 algs |= WPA_AUTH_ALG_FT;
3057 }
3058 #endif /* CONFIG_SME */
3059 }
3060 }
3061 #endif /* CONFIG_IEEE80211R */
3062
3063 #ifdef CONFIG_TESTING_OPTIONS
3064 if (wpa_s->rsnxe_override_assoc &&
3065 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3066 max_wpa_ie_len - wpa_ie_len) {
3067 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3068 os_memcpy(wpa_ie + wpa_ie_len,
3069 wpabuf_head(wpa_s->rsnxe_override_assoc),
3070 wpabuf_len(wpa_s->rsnxe_override_assoc));
3071 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3072 } else
3073 #endif /* CONFIG_TESTING_OPTIONS */
3074 if (wpa_s->rsnxe_len > 0 &&
3075 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3076 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3077 wpa_ie_len += wpa_s->rsnxe_len;
3078 }
3079
3080 if (ssid->multi_ap_backhaul_sta) {
3081 size_t multi_ap_ie_len;
3082
3083 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3084 max_wpa_ie_len - wpa_ie_len,
3085 MULTI_AP_BACKHAUL_STA);
3086 if (multi_ap_ie_len == 0) {
3087 wpa_printf(MSG_ERROR,
3088 "Multi-AP: Failed to build Multi-AP IE");
3089 os_free(wpa_ie);
3090 return NULL;
3091 }
3092 wpa_ie_len += multi_ap_ie_len;
3093 }
3094
3095 params->wpa_ie = wpa_ie;
3096 params->wpa_ie_len = wpa_ie_len;
3097 params->auth_alg = algs;
3098 if (mask)
3099 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3100
3101 return wpa_ie;
3102 }
3103
3104
3105 #ifdef CONFIG_OWE
3106 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3107 {
3108 struct wpa_driver_associate_params params;
3109 u8 *wpa_ie;
3110
3111 os_memset(&params, 0, sizeof(params));
3112 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3113 wpa_s->current_ssid, &params, NULL);
3114 if (!wpa_ie)
3115 return;
3116
3117 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3118 os_free(wpa_ie);
3119 }
3120 #endif /* CONFIG_OWE */
3121
3122
3123 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
3124 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3125 {
3126 struct wpa_driver_associate_params params;
3127 enum wpa_drv_update_connect_params_mask mask = 0;
3128 u8 *wpa_ie;
3129
3130 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3131 return; /* nothing to do */
3132
3133 os_memset(&params, 0, sizeof(params));
3134 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3135 wpa_s->current_ssid, &params, &mask);
3136 if (!wpa_ie)
3137 return;
3138
3139 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
3140 os_free(wpa_ie);
3141 return;
3142 }
3143
3144 wpa_s->auth_alg = params.auth_alg;
3145 wpa_drv_update_connect_params(wpa_s, &params, mask);
3146 os_free(wpa_ie);
3147 }
3148 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3149
3150
3151 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3152 {
3153 if (!edmg_ie || edmg_ie[1] < 6)
3154 return 0;
3155 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3156 }
3157
3158
3159 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3160 {
3161 if (!edmg_ie || edmg_ie[1] < 6)
3162 return 0;
3163 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3164 }
3165
3166
3167 /* Returns the intersection of two EDMG configurations.
3168 * Note: The current implementation is limited to CB2 only (CB1 included),
3169 * i.e., the implementation supports up to 2 contiguous channels.
3170 * For supporting non-contiguous (aggregated) channels and for supporting
3171 * CB3 and above, this function will need to be extended.
3172 */
3173 static struct ieee80211_edmg_config
3174 get_edmg_intersection(struct ieee80211_edmg_config a,
3175 struct ieee80211_edmg_config b,
3176 u8 primary_channel)
3177 {
3178 struct ieee80211_edmg_config result;
3179 int i, contiguous = 0;
3180 int max_contiguous = 0;
3181
3182 result.channels = b.channels & a.channels;
3183 if (!result.channels) {
3184 wpa_printf(MSG_DEBUG,
3185 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3186 a.channels, b.channels);
3187 goto fail;
3188 }
3189
3190 if (!(result.channels & BIT(primary_channel - 1))) {
3191 wpa_printf(MSG_DEBUG,
3192 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3193 primary_channel, result.channels);
3194 goto fail;
3195 }
3196
3197 /* Find max contiguous channels */
3198 for (i = 0; i < 6; i++) {
3199 if (result.channels & BIT(i))
3200 contiguous++;
3201 else
3202 contiguous = 0;
3203
3204 if (contiguous > max_contiguous)
3205 max_contiguous = contiguous;
3206 }
3207
3208 /* Assuming AP and STA supports ONLY contiguous channels,
3209 * bw configuration can have value between 4-7.
3210 */
3211 if ((b.bw_config < a.bw_config))
3212 result.bw_config = b.bw_config;
3213 else
3214 result.bw_config = a.bw_config;
3215
3216 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3217 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3218 wpa_printf(MSG_DEBUG,
3219 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3220 max_contiguous);
3221 goto fail;
3222 }
3223
3224 return result;
3225
3226 fail:
3227 result.channels = 0;
3228 result.bw_config = 0;
3229 return result;
3230 }
3231
3232
3233 static struct ieee80211_edmg_config
3234 get_supported_edmg(struct wpa_supplicant *wpa_s,
3235 struct hostapd_freq_params *freq,
3236 struct ieee80211_edmg_config request_edmg)
3237 {
3238 enum hostapd_hw_mode hw_mode;
3239 struct hostapd_hw_modes *mode = NULL;
3240 u8 primary_channel;
3241
3242 if (!wpa_s->hw.modes)
3243 goto fail;
3244
3245 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3246 if (hw_mode == NUM_HOSTAPD_MODES)
3247 goto fail;
3248
3249 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode);
3250 if (!mode)
3251 goto fail;
3252
3253 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3254
3255 fail:
3256 request_edmg.channels = 0;
3257 request_edmg.bw_config = 0;
3258 return request_edmg;
3259 }
3260
3261
3262 #ifdef CONFIG_MBO
3263 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3264 {
3265 struct wpa_driver_associate_params params;
3266 u8 *wpa_ie;
3267
3268 /*
3269 * Update MBO connect params only in case of change of MBO attributes
3270 * when connected, if the AP support MBO.
3271 */
3272
3273 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3274 !wpa_s->current_bss ||
3275 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3276 return;
3277
3278 os_memset(&params, 0, sizeof(params));
3279 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3280 wpa_s->current_ssid, &params, NULL);
3281 if (!wpa_ie)
3282 return;
3283
3284 wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3285 os_free(wpa_ie);
3286 }
3287 #endif /* CONFIG_MBO */
3288
3289
3290 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3291 {
3292 struct wpa_connect_work *cwork = work->ctx;
3293 struct wpa_bss *bss = cwork->bss;
3294 struct wpa_ssid *ssid = cwork->ssid;
3295 struct wpa_supplicant *wpa_s = work->wpa_s;
3296 u8 *wpa_ie;
3297 const u8 *edmg_ie_oper;
3298 int use_crypt, ret, i, bssid_changed;
3299 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3300 struct wpa_driver_associate_params params;
3301 int wep_keys_set = 0;
3302 int assoc_failed = 0;
3303 struct wpa_ssid *old_ssid;
3304 u8 prev_bssid[ETH_ALEN];
3305 #ifdef CONFIG_HT_OVERRIDES
3306 struct ieee80211_ht_capabilities htcaps;
3307 struct ieee80211_ht_capabilities htcaps_mask;
3308 #endif /* CONFIG_HT_OVERRIDES */
3309 #ifdef CONFIG_VHT_OVERRIDES
3310 struct ieee80211_vht_capabilities vhtcaps;
3311 struct ieee80211_vht_capabilities vhtcaps_mask;
3312 #endif /* CONFIG_VHT_OVERRIDES */
3313
3314 if (deinit) {
3315 if (work->started) {
3316 wpa_s->connect_work = NULL;
3317
3318 /* cancel possible auth. timeout */
3319 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3320 NULL);
3321 }
3322 wpas_connect_work_free(cwork);
3323 return;
3324 }
3325
3326 wpa_s->connect_work = work;
3327
3328 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3329 wpas_network_disabled(wpa_s, ssid)) {
3330 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3331 wpas_connect_work_done(wpa_s);
3332 return;
3333 }
3334
3335 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3336 os_memset(&params, 0, sizeof(params));
3337 wpa_s->reassociate = 0;
3338 wpa_s->eap_expected_failure = 0;
3339 if (bss &&
3340 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3341 #ifdef CONFIG_IEEE80211R
3342 const u8 *ie, *md = NULL;
3343 #endif /* CONFIG_IEEE80211R */
3344 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3345 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3346 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3347 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3348 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3349 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3350 if (bssid_changed)
3351 wpas_notify_bssid_changed(wpa_s);
3352 #ifdef CONFIG_IEEE80211R
3353 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3354 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3355 md = ie + 2;
3356 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3357 if (md) {
3358 /* Prepare for the next transition */
3359 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3360 }
3361 #endif /* CONFIG_IEEE80211R */
3362 #ifdef CONFIG_WPS
3363 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3364 wpa_s->conf->ap_scan == 2 &&
3365 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3366 /* Use ap_scan==1 style network selection to find the network
3367 */
3368 wpas_connect_work_done(wpa_s);
3369 wpa_s->scan_req = MANUAL_SCAN_REQ;
3370 wpa_s->reassociate = 1;
3371 wpa_supplicant_req_scan(wpa_s, 0, 0);
3372 return;
3373 #endif /* CONFIG_WPS */
3374 } else {
3375 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3376 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3377 if (bss)
3378 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3379 else
3380 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3381 }
3382 if (!wpa_s->pno)
3383 wpa_supplicant_cancel_sched_scan(wpa_s);
3384
3385 wpa_supplicant_cancel_scan(wpa_s);
3386
3387 /* Starting new association, so clear the possibly used WPA IE from the
3388 * previous association. */
3389 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
3390 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3391 wpa_s->rsnxe_len = 0;
3392
3393 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
3394 if (!wpa_ie) {
3395 wpas_connect_work_done(wpa_s);
3396 return;
3397 }
3398
3399 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3400 use_crypt = 1;
3401 cipher_pairwise = wpa_s->pairwise_cipher;
3402 cipher_group = wpa_s->group_cipher;
3403 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
3404 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3405 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3406 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3407 use_crypt = 0;
3408 if (wpa_set_wep_keys(wpa_s, ssid)) {
3409 use_crypt = 1;
3410 wep_keys_set = 1;
3411 }
3412 }
3413 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3414 use_crypt = 0;
3415
3416 #ifdef IEEE8021X_EAPOL
3417 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3418 if ((ssid->eapol_flags &
3419 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3420 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3421 !wep_keys_set) {
3422 use_crypt = 0;
3423 } else {
3424 /* Assume that dynamic WEP-104 keys will be used and
3425 * set cipher suites in order for drivers to expect
3426 * encryption. */
3427 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
3428 }
3429 }
3430 #endif /* IEEE8021X_EAPOL */
3431
3432 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3433 /* Set the key before (and later after) association */
3434 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3435 }
3436
3437 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
3438 if (bss) {
3439 params.ssid = bss->ssid;
3440 params.ssid_len = bss->ssid_len;
3441 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3442 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3443 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3444 MACSTR " freq=%u MHz based on scan results "
3445 "(bssid_set=%d wps=%d)",
3446 MAC2STR(bss->bssid), bss->freq,
3447 ssid->bssid_set,
3448 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
3449 params.bssid = bss->bssid;
3450 params.freq.freq = bss->freq;
3451 }
3452 params.bssid_hint = bss->bssid;
3453 params.freq_hint = bss->freq;
3454 params.pbss = bss_is_pbss(bss);
3455 } else {
3456 if (ssid->bssid_hint_set)
3457 params.bssid_hint = ssid->bssid_hint;
3458
3459 params.ssid = ssid->ssid;
3460 params.ssid_len = ssid->ssid_len;
3461 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
3462 }
3463
3464 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3465 wpa_s->conf->ap_scan == 2) {
3466 params.bssid = ssid->bssid;
3467 params.fixed_bssid = 1;
3468 }
3469
3470 /* Initial frequency for IBSS/mesh */
3471 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
3472 ssid->frequency > 0 && params.freq.freq == 0)
3473 ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
3474
3475 if (ssid->mode == WPAS_MODE_IBSS) {
3476 params.fixed_freq = ssid->fixed_freq;
3477 if (ssid->beacon_int)
3478 params.beacon_int = ssid->beacon_int;
3479 else
3480 params.beacon_int = wpa_s->conf->beacon_int;
3481 }
3482
3483 if (bss && ssid->enable_edmg)
3484 edmg_ie_oper = get_ie_ext((const u8 *) (bss + 1), bss->ie_len,
3485 WLAN_EID_EXT_EDMG_OPERATION);
3486 else
3487 edmg_ie_oper = NULL;
3488
3489 if (edmg_ie_oper) {
3490 params.freq.edmg.channels =
3491 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3492 params.freq.edmg.bw_config =
3493 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3494 wpa_printf(MSG_DEBUG,
3495 "AP supports EDMG channels 0x%x, bw_config %d",
3496 params.freq.edmg.channels,
3497 params.freq.edmg.bw_config);
3498
3499 /* User may ask for specific EDMG channel for EDMG connection
3500 * (must be supported by AP)
3501 */
3502 if (ssid->edmg_channel) {
3503 struct ieee80211_edmg_config configured_edmg;
3504 enum hostapd_hw_mode hw_mode;
3505 u8 primary_channel;
3506
3507 hw_mode = ieee80211_freq_to_chan(bss->freq,
3508 &primary_channel);
3509 if (hw_mode == NUM_HOSTAPD_MODES)
3510 goto edmg_fail;
3511
3512 hostapd_encode_edmg_chan(ssid->enable_edmg,
3513 ssid->edmg_channel,
3514 primary_channel,
3515 &configured_edmg);
3516
3517 if (ieee802_edmg_is_allowed(params.freq.edmg,
3518 configured_edmg)) {
3519 params.freq.edmg = configured_edmg;
3520 wpa_printf(MSG_DEBUG,
3521 "Use EDMG channel %d for connection",
3522 ssid->edmg_channel);
3523 } else {
3524 edmg_fail:
3525 params.freq.edmg.channels = 0;
3526 params.freq.edmg.bw_config = 0;
3527 wpa_printf(MSG_WARNING,
3528 "EDMG channel %d not supported by AP, fallback to DMG",
3529 ssid->edmg_channel);
3530 }
3531 }
3532
3533 if (params.freq.edmg.channels) {
3534 wpa_printf(MSG_DEBUG,
3535 "EDMG before: channels 0x%x, bw_config %d",
3536 params.freq.edmg.channels,
3537 params.freq.edmg.bw_config);
3538 params.freq.edmg = get_supported_edmg(wpa_s,
3539 &params.freq,
3540 params.freq.edmg);
3541 wpa_printf(MSG_DEBUG,
3542 "EDMG after: channels 0x%x, bw_config %d",
3543 params.freq.edmg.channels,
3544 params.freq.edmg.bw_config);
3545 }
3546 }
3547
3548 params.pairwise_suite = cipher_pairwise;
3549 params.group_suite = cipher_group;
3550 params.mgmt_group_suite = cipher_group_mgmt;
3551 params.key_mgmt_suite = wpa_s->key_mgmt;
3552 params.wpa_proto = wpa_s->wpa_proto;
3553 wpa_s->auth_alg = params.auth_alg;
3554 params.mode = ssid->mode;
3555 params.bg_scan_period = ssid->bg_scan_period;
3556 for (i = 0; i < NUM_WEP_KEYS; i++) {
3557 if (ssid->wep_key_len[i])
3558 params.wep_key[i] = ssid->wep_key[i];
3559 params.wep_key_len[i] = ssid->wep_key_len[i];
3560 }
3561 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3562
3563 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
3564 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3565 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
3566 params.passphrase = ssid->passphrase;
3567 if (ssid->psk_set)
3568 params.psk = ssid->psk;
3569 }
3570
3571 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3572 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3573 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3574 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3575 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
3576 params.req_handshake_offload = 1;
3577
3578 if (wpa_s->conf->key_mgmt_offload) {
3579 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3580 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3581 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3582 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
3583 params.req_key_mgmt_offload =
3584 ssid->proactive_key_caching < 0 ?
3585 wpa_s->conf->okc : ssid->proactive_key_caching;
3586 else
3587 params.req_key_mgmt_offload = 1;
3588
3589 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3590 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3591 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3592 ssid->psk_set)
3593 params.psk = ssid->psk;
3594 }
3595
3596 params.drop_unencrypted = use_crypt;
3597
3598 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
3599 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
3600 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3601 struct wpa_ie_data ie;
3602 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3603 ie.capabilities &
3604 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
3605 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3606 "MFP: require MFP");
3607 params.mgmt_frame_protection =
3608 MGMT_FRAME_PROTECTION_REQUIRED;
3609 #ifdef CONFIG_OWE
3610 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3611 !ssid->owe_only) {
3612 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3613 #endif /* CONFIG_OWE */
3614 }
3615 }
3616
3617 params.p2p = ssid->p2p_group;
3618
3619 if (wpa_s->p2pdev->set_sta_uapsd)
3620 params.uapsd = wpa_s->p2pdev->sta_uapsd;
3621 else
3622 params.uapsd = -1;
3623
3624 #ifdef CONFIG_HT_OVERRIDES
3625 os_memset(&htcaps, 0, sizeof(htcaps));
3626 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3627 params.htcaps = (u8 *) &htcaps;
3628 params.htcaps_mask = (u8 *) &htcaps_mask;
3629 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
3630 #endif /* CONFIG_HT_OVERRIDES */
3631 #ifdef CONFIG_VHT_OVERRIDES
3632 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3633 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3634 params.vhtcaps = &vhtcaps;
3635 params.vhtcaps_mask = &vhtcaps_mask;
3636 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
3637 #endif /* CONFIG_VHT_OVERRIDES */
3638
3639 #ifdef CONFIG_P2P
3640 /*
3641 * If multi-channel concurrency is not supported, check for any
3642 * frequency conflict. In case of any frequency conflict, remove the
3643 * least prioritized connection.
3644 */
3645 if (wpa_s->num_multichan_concurrent < 2) {
3646 int freq, num;
3647 num = get_shared_radio_freqs(wpa_s, &freq, 1);
3648 if (num > 0 && freq > 0 && freq != params.freq.freq) {
3649 wpa_printf(MSG_DEBUG,
3650 "Assoc conflicting freq found (%d != %d)",
3651 freq, params.freq.freq);
3652 if (wpas_p2p_handle_frequency_conflicts(
3653 wpa_s, params.freq.freq, ssid) < 0) {
3654 wpas_connect_work_done(wpa_s);
3655 os_free(wpa_ie);
3656 return;
3657 }
3658 }
3659 }
3660 #endif /* CONFIG_P2P */
3661
3662 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3663 wpa_s->current_ssid)
3664 params.prev_bssid = prev_bssid;
3665
3666 ret = wpa_drv_associate(wpa_s, &params);
3667 os_free(wpa_ie);
3668 if (ret < 0) {
3669 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3670 "failed");
3671 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3672 /*
3673 * The driver is known to mean what is saying, so we
3674 * can stop right here; the association will not
3675 * succeed.
3676 */
3677 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
3678 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3679 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3680 return;
3681 }
3682 /* try to continue anyway; new association will be tried again
3683 * after timeout */
3684 assoc_failed = 1;
3685 }
3686
3687 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3688 /* Set the key after the association just in case association
3689 * cleared the previously configured key. */
3690 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3691 /* No need to timeout authentication since there is no key
3692 * management. */
3693 wpa_supplicant_cancel_auth_timeout(wpa_s);
3694 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
3695 #ifdef CONFIG_IBSS_RSN
3696 } else if (ssid->mode == WPAS_MODE_IBSS &&
3697 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3698 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3699 /*
3700 * RSN IBSS authentication is per-STA and we can disable the
3701 * per-BSSID authentication.
3702 */
3703 wpa_supplicant_cancel_auth_timeout(wpa_s);
3704 #endif /* CONFIG_IBSS_RSN */
3705 } else {
3706 /* Timeout for IEEE 802.11 authentication and association */
3707 int timeout = 60;
3708
3709 if (assoc_failed) {
3710 /* give IBSS a bit more time */
3711 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
3712 } else if (wpa_s->conf->ap_scan == 1) {
3713 /* give IBSS a bit more time */
3714 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
3715 }
3716 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3717 }
3718
3719 if (wep_keys_set &&
3720 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
3721 /* Set static WEP keys again */
3722 wpa_set_wep_keys(wpa_s, ssid);
3723 }
3724
3725 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3726 /*
3727 * Do not allow EAP session resumption between different
3728 * network configurations.
3729 */
3730 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3731 }
3732 old_ssid = wpa_s->current_ssid;
3733 wpa_s->current_ssid = ssid;
3734
3735 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
3736 wpa_s->current_bss = bss;
3737 #ifdef CONFIG_HS20
3738 hs20_configure_frame_filters(wpa_s);
3739 #endif /* CONFIG_HS20 */
3740 }
3741
3742 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3743 wpa_supplicant_initiate_eapol(wpa_s);
3744 if (old_ssid != wpa_s->current_ssid)
3745 wpas_notify_network_changed(wpa_s);
3746 }
3747
3748
3749 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3750 const u8 *addr)
3751 {
3752 struct wpa_ssid *old_ssid;
3753
3754 wpas_connect_work_done(wpa_s);
3755 wpa_clear_keys(wpa_s, addr);
3756 old_ssid = wpa_s->current_ssid;
3757 wpa_supplicant_mark_disassoc(wpa_s);
3758 wpa_sm_set_config(wpa_s->wpa, NULL);
3759 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3760 if (old_ssid != wpa_s->current_ssid)
3761 wpas_notify_network_changed(wpa_s);
3762 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3763 }
3764
3765
3766 /**
3767 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3768 * @wpa_s: Pointer to wpa_supplicant data
3769 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3770 *
3771 * This function is used to request %wpa_supplicant to deauthenticate from the
3772 * current AP.
3773 */
3774 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3775 u16 reason_code)
3776 {
3777 u8 *addr = NULL;
3778 union wpa_event_data event;
3779 int zero_addr = 0;
3780
3781 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3782 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
3783 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3784 reason_code, reason2str(reason_code),
3785 wpa_supplicant_state_txt(wpa_s->wpa_state));
3786
3787 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
3788 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
3789 wpa_s->wpa_state == WPA_ASSOCIATING))
3790 addr = wpa_s->pending_bssid;
3791 else if (!is_zero_ether_addr(wpa_s->bssid))
3792 addr = wpa_s->bssid;
3793 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
3794 /*
3795 * When using driver-based BSS selection, we may not know the
3796 * BSSID with which we are currently trying to associate. We
3797 * need to notify the driver of this disconnection even in such
3798 * a case, so use the all zeros address here.
3799 */
3800 addr = wpa_s->bssid;
3801 zero_addr = 1;
3802 }
3803
3804 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
3805 wpa_s->enabled_4addr_mode = 0;
3806
3807 #ifdef CONFIG_TDLS
3808 wpa_tdls_teardown_peers(wpa_s->wpa);
3809 #endif /* CONFIG_TDLS */
3810
3811 #ifdef CONFIG_MESH
3812 if (wpa_s->ifmsh) {
3813 struct mesh_conf *mconf;
3814
3815 mconf = wpa_s->ifmsh->mconf;
3816 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
3817 wpa_s->ifname);
3818 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
3819 mconf->meshid_len, reason_code);
3820 wpa_supplicant_leave_mesh(wpa_s);
3821 }
3822 #endif /* CONFIG_MESH */
3823
3824 if (addr) {
3825 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
3826 os_memset(&event, 0, sizeof(event));
3827 event.deauth_info.reason_code = reason_code;
3828 event.deauth_info.locally_generated = 1;
3829 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
3830 if (zero_addr)
3831 addr = NULL;
3832 }
3833
3834 wpa_supplicant_clear_connection(wpa_s, addr);
3835 }
3836
3837 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
3838 struct wpa_ssid *ssid)
3839 {
3840 if (!ssid || !ssid->disabled || ssid->disabled == 2)
3841 return;
3842
3843 ssid->disabled = 0;
3844 ssid->owe_transition_bss_select_count = 0;
3845 wpas_clear_temp_disabled(wpa_s, ssid, 1);
3846 wpas_notify_network_enabled_changed(wpa_s, ssid);
3847
3848 /*
3849 * Try to reassociate since there is no current configuration and a new
3850 * network was made available.
3851 */
3852 if (!wpa_s->current_ssid && !wpa_s->disconnected)
3853 wpa_s->reassociate = 1;
3854 }
3855
3856
3857 /**
3858 * wpa_supplicant_add_network - Add a new network
3859 * @wpa_s: wpa_supplicant structure for a network interface
3860 * Returns: The new network configuration or %NULL if operation failed
3861 *
3862 * This function performs the following operations:
3863 * 1. Adds a new network.
3864 * 2. Send network addition notification.
3865 * 3. Marks the network disabled.
3866 * 4. Set network default parameters.
3867 */
3868 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
3869 {
3870 struct wpa_ssid *ssid;
3871
3872 ssid = wpa_config_add_network(wpa_s->conf);
3873 if (!ssid)
3874 return NULL;
3875 wpas_notify_network_added(wpa_s, ssid);
3876 ssid->disabled = 1;
3877 wpa_config_set_network_defaults(ssid);
3878
3879 return ssid;
3880 }
3881
3882
3883 /**
3884 * wpa_supplicant_remove_network - Remove a configured network based on id
3885 * @wpa_s: wpa_supplicant structure for a network interface
3886 * @id: Unique network id to search for
3887 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3888 * could not be removed
3889 *
3890 * This function performs the following operations:
3891 * 1. Removes the network.
3892 * 2. Send network removal notification.
3893 * 3. Update internal state machines.
3894 * 4. Stop any running sched scans.
3895 */
3896 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
3897 {
3898 struct wpa_ssid *ssid;
3899 int was_disabled;
3900
3901 ssid = wpa_config_get_network(wpa_s->conf, id);
3902 if (!ssid)
3903 return -1;
3904 wpas_notify_network_removed(wpa_s, ssid);
3905
3906 if (wpa_s->last_ssid == ssid)
3907 wpa_s->last_ssid = NULL;
3908
3909 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
3910 #ifdef CONFIG_SME
3911 wpa_s->sme.prev_bssid_set = 0;
3912 #endif /* CONFIG_SME */
3913 /*
3914 * Invalidate the EAP session cache if the current or
3915 * previously used network is removed.
3916 */
3917 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3918 }
3919
3920 if (ssid == wpa_s->current_ssid) {
3921 wpa_sm_set_config(wpa_s->wpa, NULL);
3922 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3923
3924 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
3925 wpa_s->own_disconnect_req = 1;
3926 wpa_supplicant_deauthenticate(wpa_s,
3927 WLAN_REASON_DEAUTH_LEAVING);
3928 }
3929
3930 was_disabled = ssid->disabled;
3931
3932 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
3933 return -2;
3934
3935 if (!was_disabled && wpa_s->sched_scanning) {
3936 wpa_printf(MSG_DEBUG,
3937 "Stop ongoing sched_scan to remove network from filters");
3938 wpa_supplicant_cancel_sched_scan(wpa_s);
3939 wpa_supplicant_req_scan(wpa_s, 0, 0);
3940 }
3941
3942 return 0;
3943 }
3944
3945
3946 /**
3947 * wpa_supplicant_enable_network - Mark a configured network as enabled
3948 * @wpa_s: wpa_supplicant structure for a network interface
3949 * @ssid: wpa_ssid structure for a configured network or %NULL
3950 *
3951 * Enables the specified network or all networks if no network specified.
3952 */
3953 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
3954 struct wpa_ssid *ssid)
3955 {
3956 if (ssid == NULL) {
3957 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3958 wpa_supplicant_enable_one_network(wpa_s, ssid);
3959 } else
3960 wpa_supplicant_enable_one_network(wpa_s, ssid);
3961
3962 if (wpa_s->reassociate && !wpa_s->disconnected &&
3963 (!wpa_s->current_ssid ||
3964 wpa_s->wpa_state == WPA_DISCONNECTED ||
3965 wpa_s->wpa_state == WPA_SCANNING)) {
3966 if (wpa_s->sched_scanning) {
3967 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
3968 "new network to scan filters");
3969 wpa_supplicant_cancel_sched_scan(wpa_s);
3970 }
3971
3972 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
3973 wpa_s->scan_req = NORMAL_SCAN_REQ;
3974 wpa_supplicant_req_scan(wpa_s, 0, 0);
3975 }
3976 }
3977 }
3978
3979
3980 /**
3981 * wpa_supplicant_disable_network - Mark a configured network as disabled
3982 * @wpa_s: wpa_supplicant structure for a network interface
3983 * @ssid: wpa_ssid structure for a configured network or %NULL
3984 *
3985 * Disables the specified network or all networks if no network specified.
3986 */
3987 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
3988 struct wpa_ssid *ssid)
3989 {
3990 struct wpa_ssid *other_ssid;
3991 int was_disabled;
3992
3993 if (ssid == NULL) {
3994 if (wpa_s->sched_scanning)
3995 wpa_supplicant_cancel_sched_scan(wpa_s);
3996
3997 for (other_ssid = wpa_s->conf->ssid; other_ssid;
3998 other_ssid = other_ssid->next) {
3999 was_disabled = other_ssid->disabled;
4000 if (was_disabled == 2)
4001 continue; /* do not change persistent P2P group
4002 * data */
4003
4004 other_ssid->disabled = 1;
4005
4006 if (was_disabled != other_ssid->disabled)
4007 wpas_notify_network_enabled_changed(
4008 wpa_s, other_ssid);
4009 }
4010 if (wpa_s->current_ssid) {
4011 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4012 wpa_s->own_disconnect_req = 1;
4013 wpa_supplicant_deauthenticate(
4014 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4015 }
4016 } else if (ssid->disabled != 2) {
4017 if (ssid == wpa_s->current_ssid) {
4018 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4019 wpa_s->own_disconnect_req = 1;
4020 wpa_supplicant_deauthenticate(
4021 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4022 }
4023
4024 was_disabled = ssid->disabled;
4025
4026 ssid->disabled = 1;
4027
4028 if (was_disabled != ssid->disabled) {
4029 wpas_notify_network_enabled_changed(wpa_s, ssid);
4030 if (wpa_s->sched_scanning) {
4031 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4032 "to remove network from filters");
4033 wpa_supplicant_cancel_sched_scan(wpa_s);
4034 wpa_supplicant_req_scan(wpa_s, 0, 0);
4035 }
4036 }
4037 }
4038 }
4039
4040
4041 /**
4042 * wpa_supplicant_select_network - Attempt association with a network
4043 * @wpa_s: wpa_supplicant structure for a network interface
4044 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4045 */
4046 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4047 struct wpa_ssid *ssid)
4048 {
4049
4050 struct wpa_ssid *other_ssid;
4051 int disconnected = 0;
4052
4053 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
4054 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4055 wpa_s->own_disconnect_req = 1;
4056 wpa_supplicant_deauthenticate(
4057 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4058 disconnected = 1;
4059 }
4060
4061 if (ssid)
4062 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4063
4064 /*
4065 * Mark all other networks disabled or mark all networks enabled if no
4066 * network specified.
4067 */
4068 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4069 other_ssid = other_ssid->next) {
4070 int was_disabled = other_ssid->disabled;
4071 if (was_disabled == 2)
4072 continue; /* do not change persistent P2P group data */
4073
4074 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
4075 if (was_disabled && !other_ssid->disabled)
4076 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
4077
4078 if (was_disabled != other_ssid->disabled)
4079 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
4080 }
4081
4082 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4083 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4084 /* We are already associated with the selected network */
4085 wpa_printf(MSG_DEBUG, "Already associated with the "
4086 "selected network - do nothing");
4087 return;
4088 }
4089
4090 if (ssid) {
4091 wpa_s->current_ssid = ssid;
4092 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4093 wpa_s->connect_without_scan =
4094 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
4095
4096 /*
4097 * Don't optimize next scan freqs since a new ESS has been
4098 * selected.
4099 */
4100 os_free(wpa_s->next_scan_freqs);
4101 wpa_s->next_scan_freqs = NULL;
4102 } else {
4103 wpa_s->connect_without_scan = NULL;
4104 }
4105
4106 wpa_s->disconnected = 0;
4107 wpa_s->reassociate = 1;
4108 wpa_s_clear_sae_rejected(wpa_s);
4109 wpa_s->last_owe_group = 0;
4110 if (ssid) {
4111 ssid->owe_transition_bss_select_count = 0;
4112 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4113 }
4114
4115 if (wpa_s->connect_without_scan ||
4116 wpa_supplicant_fast_associate(wpa_s) != 1) {
4117 wpa_s->scan_req = NORMAL_SCAN_REQ;
4118 wpas_scan_reset_sched_scan(wpa_s);
4119 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
4120 }
4121
4122 if (ssid)
4123 wpas_notify_network_selected(wpa_s, ssid);
4124 }
4125
4126
4127 /**
4128 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4129 * @wpa_s: wpa_supplicant structure for a network interface
4130 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4131 * @pkcs11_module_path: PKCS #11 module path or NULL
4132 * Returns: 0 on success; -1 on failure
4133 *
4134 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4135 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4136 * module path fails the paths will be reset to the default value (NULL).
4137 */
4138 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4139 const char *pkcs11_engine_path,
4140 const char *pkcs11_module_path)
4141 {
4142 char *pkcs11_engine_path_copy = NULL;
4143 char *pkcs11_module_path_copy = NULL;
4144
4145 if (pkcs11_engine_path != NULL) {
4146 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4147 if (pkcs11_engine_path_copy == NULL)
4148 return -1;
4149 }
4150 if (pkcs11_module_path != NULL) {
4151 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
4152 if (pkcs11_module_path_copy == NULL) {
4153 os_free(pkcs11_engine_path_copy);
4154 return -1;
4155 }
4156 }
4157
4158 os_free(wpa_s->conf->pkcs11_engine_path);
4159 os_free(wpa_s->conf->pkcs11_module_path);
4160 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4161 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4162
4163 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4164 eapol_sm_deinit(wpa_s->eapol);
4165 wpa_s->eapol = NULL;
4166 if (wpa_supplicant_init_eapol(wpa_s)) {
4167 /* Error -> Reset paths to the default value (NULL) once. */
4168 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4169 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4170 NULL);
4171
4172 return -1;
4173 }
4174 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4175
4176 return 0;
4177 }
4178
4179
4180 /**
4181 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4182 * @wpa_s: wpa_supplicant structure for a network interface
4183 * @ap_scan: AP scan mode
4184 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4185 *
4186 */
4187 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4188 {
4189
4190 int old_ap_scan;
4191
4192 if (ap_scan < 0 || ap_scan > 2)
4193 return -1;
4194
4195 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4196 wpa_printf(MSG_INFO,
4197 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4198 }
4199
4200 #ifdef ANDROID
4201 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4202 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4203 wpa_s->wpa_state < WPA_COMPLETED) {
4204 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4205 "associating", wpa_s->conf->ap_scan, ap_scan);
4206 return 0;
4207 }
4208 #endif /* ANDROID */
4209
4210 old_ap_scan = wpa_s->conf->ap_scan;
4211 wpa_s->conf->ap_scan = ap_scan;
4212
4213 if (old_ap_scan != wpa_s->conf->ap_scan)
4214 wpas_notify_ap_scan_changed(wpa_s);
4215
4216 return 0;
4217 }
4218
4219
4220 /**
4221 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4222 * @wpa_s: wpa_supplicant structure for a network interface
4223 * @expire_age: Expiration age in seconds
4224 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4225 *
4226 */
4227 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4228 unsigned int bss_expire_age)
4229 {
4230 if (bss_expire_age < 10) {
4231 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4232 bss_expire_age);
4233 return -1;
4234 }
4235 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4236 bss_expire_age);
4237 wpa_s->conf->bss_expiration_age = bss_expire_age;
4238
4239 return 0;
4240 }
4241
4242
4243 /**
4244 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4245 * @wpa_s: wpa_supplicant structure for a network interface
4246 * @expire_count: number of scans after which an unseen BSS is reclaimed
4247 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4248 *
4249 */
4250 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4251 unsigned int bss_expire_count)
4252 {
4253 if (bss_expire_count < 1) {
4254 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4255 bss_expire_count);
4256 return -1;
4257 }
4258 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4259 bss_expire_count);
4260 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4261
4262 return 0;
4263 }
4264
4265
4266 /**
4267 * wpa_supplicant_set_scan_interval - Set scan interval
4268 * @wpa_s: wpa_supplicant structure for a network interface
4269 * @scan_interval: scan interval in seconds
4270 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4271 *
4272 */
4273 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4274 int scan_interval)
4275 {
4276 if (scan_interval < 0) {
4277 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4278 scan_interval);
4279 return -1;
4280 }
4281 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4282 scan_interval);
4283 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
4284
4285 return 0;
4286 }
4287
4288
4289 /**
4290 * wpa_supplicant_set_debug_params - Set global debug params
4291 * @global: wpa_global structure
4292 * @debug_level: debug level
4293 * @debug_timestamp: determines if show timestamp in debug data
4294 * @debug_show_keys: determines if show keys in debug data
4295 * Returns: 0 if succeed or -1 if debug_level has wrong value
4296 */
4297 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4298 int debug_timestamp, int debug_show_keys)
4299 {
4300
4301 int old_level, old_timestamp, old_show_keys;
4302
4303 /* check for allowed debuglevels */
4304 if (debug_level != MSG_EXCESSIVE &&
4305 debug_level != MSG_MSGDUMP &&
4306 debug_level != MSG_DEBUG &&
4307 debug_level != MSG_INFO &&
4308 debug_level != MSG_WARNING &&
4309 debug_level != MSG_ERROR)
4310 return -1;
4311
4312 old_level = wpa_debug_level;
4313 old_timestamp = wpa_debug_timestamp;
4314 old_show_keys = wpa_debug_show_keys;
4315
4316 wpa_debug_level = debug_level;
4317 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4318 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4319
4320 if (wpa_debug_level != old_level)
4321 wpas_notify_debug_level_changed(global);
4322 if (wpa_debug_timestamp != old_timestamp)
4323 wpas_notify_debug_timestamp_changed(global);
4324 if (wpa_debug_show_keys != old_show_keys)
4325 wpas_notify_debug_show_keys_changed(global);
4326
4327 return 0;
4328 }
4329
4330
4331 #ifdef CONFIG_OWE
4332 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4333 const u8 *entry_ssid, size_t entry_ssid_len)
4334 {
4335 const u8 *owe, *pos, *end;
4336 u8 ssid_len;
4337 struct wpa_bss *bss;
4338
4339 /* Check network profile SSID aganst the SSID in the
4340 * OWE Transition Mode element. */
4341
4342 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4343 if (!bss)
4344 return 0;
4345
4346 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4347 if (!owe)
4348 return 0;
4349
4350 pos = owe + 6;
4351 end = owe + 2 + owe[1];
4352
4353 if (end - pos < ETH_ALEN + 1)
4354 return 0;
4355 pos += ETH_ALEN;
4356 ssid_len = *pos++;
4357 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4358 return 0;
4359
4360 return entry_ssid_len == ssid_len &&
4361 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4362 }
4363 #endif /* CONFIG_OWE */
4364
4365
4366 /**
4367 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4368 * @wpa_s: Pointer to wpa_supplicant data
4369 * Returns: A pointer to the current network structure or %NULL on failure
4370 */
4371 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4372 {
4373 struct wpa_ssid *entry;
4374 u8 ssid[SSID_MAX_LEN];
4375 int res;
4376 size_t ssid_len;
4377 u8 bssid[ETH_ALEN];
4378 int wired;
4379
4380 res = wpa_drv_get_ssid(wpa_s, ssid);
4381 if (res < 0) {
4382 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4383 "driver");
4384 return NULL;
4385 }
4386 ssid_len = res;
4387
4388 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
4389 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4390 "driver");
4391 return NULL;
4392 }
4393
4394 wired = wpa_s->conf->ap_scan == 0 &&
4395 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
4396
4397 entry = wpa_s->conf->ssid;
4398 while (entry) {
4399 if (!wpas_network_disabled(wpa_s, entry) &&
4400 ((ssid_len == entry->ssid_len &&
4401 (!entry->ssid ||
4402 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4403 wired) &&
4404 (!entry->bssid_set ||
4405 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4406 return entry;
4407 #ifdef CONFIG_WPS
4408 if (!wpas_network_disabled(wpa_s, entry) &&
4409 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4410 (entry->ssid == NULL || entry->ssid_len == 0) &&
4411 (!entry->bssid_set ||
4412 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4413 return entry;
4414 #endif /* CONFIG_WPS */
4415
4416 #ifdef CONFIG_OWE
4417 if (!wpas_network_disabled(wpa_s, entry) &&
4418 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4419 entry->ssid_len) &&
4420 (!entry->bssid_set ||
4421 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4422 return entry;
4423 #endif /* CONFIG_OWE */
4424
4425 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
4426 entry->ssid_len == 0 &&
4427 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4428 return entry;
4429
4430 entry = entry->next;
4431 }
4432
4433 return NULL;
4434 }
4435
4436
4437 static int select_driver(struct wpa_supplicant *wpa_s, int i)
4438 {
4439 struct wpa_global *global = wpa_s->global;
4440
4441 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
4442 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
4443 if (global->drv_priv[i] == NULL) {
4444 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4445 "'%s'", wpa_drivers[i]->name);
4446 return -1;
4447 }
4448 }
4449
4450 wpa_s->driver = wpa_drivers[i];
4451 wpa_s->global_drv_priv = global->drv_priv[i];
4452
4453 return 0;
4454 }
4455
4456
4457 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4458 const char *name)
4459 {
4460 int i;
4461 size_t len;
4462 const char *pos, *driver = name;
4463
4464 if (wpa_s == NULL)
4465 return -1;
4466
4467 if (wpa_drivers[0] == NULL) {
4468 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4469 "wpa_supplicant");
4470 return -1;
4471 }
4472
4473 if (name == NULL) {
4474 /* default to first driver in the list */
4475 return select_driver(wpa_s, 0);
4476 }
4477
4478 do {
4479 pos = os_strchr(driver, ',');
4480 if (pos)
4481 len = pos - driver;
4482 else
4483 len = os_strlen(driver);
4484
4485 for (i = 0; wpa_drivers[i]; i++) {
4486 if (os_strlen(wpa_drivers[i]->name) == len &&
4487 os_strncmp(driver, wpa_drivers[i]->name, len) ==
4488 0) {
4489 /* First driver that succeeds wins */
4490 if (select_driver(wpa_s, i) == 0)
4491 return 0;
4492 }
4493 }
4494
4495 driver = pos + 1;
4496 } while (pos);
4497
4498 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
4499 return -1;
4500 }
4501
4502
4503 /**
4504 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4505 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4506 * with struct wpa_driver_ops::init()
4507 * @src_addr: Source address of the EAPOL frame
4508 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4509 * @len: Length of the EAPOL data
4510 *
4511 * This function is called for each received EAPOL frame. Most driver
4512 * interfaces rely on more generic OS mechanism for receiving frames through
4513 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4514 * take care of received EAPOL frames and deliver them to the core supplicant
4515 * code by calling this function.
4516 */
4517 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4518 const u8 *buf, size_t len)
4519 {
4520 struct wpa_supplicant *wpa_s = ctx;
4521
4522 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
4523 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4524
4525 #ifdef CONFIG_TESTING_OPTIONS
4526 if (wpa_s->ignore_auth_resp) {
4527 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4528 return;
4529 }
4530 #endif /* CONFIG_TESTING_OPTIONS */
4531
4532 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4533 (wpa_s->last_eapol_matches_bssid &&
4534 #ifdef CONFIG_AP
4535 !wpa_s->ap_iface &&
4536 #endif /* CONFIG_AP */
4537 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
4538 /*
4539 * There is possible race condition between receiving the
4540 * association event and the EAPOL frame since they are coming
4541 * through different paths from the driver. In order to avoid
4542 * issues in trying to process the EAPOL frame before receiving
4543 * association information, lets queue it for processing until
4544 * the association event is received. This may also be needed in
4545 * driver-based roaming case, so also use src_addr != BSSID as a
4546 * trigger if we have previously confirmed that the
4547 * Authenticator uses BSSID as the src_addr (which is not the
4548 * case with wired IEEE 802.1X).
4549 */
4550 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
4551 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4552 wpa_supplicant_state_txt(wpa_s->wpa_state),
4553 MAC2STR(wpa_s->bssid));
4554 wpabuf_free(wpa_s->pending_eapol_rx);
4555 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4556 if (wpa_s->pending_eapol_rx) {
4557 os_get_reltime(&wpa_s->pending_eapol_rx_time);
4558 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4559 ETH_ALEN);
4560 }
4561 return;
4562 }
4563
4564 wpa_s->last_eapol_matches_bssid =
4565 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4566
4567 #ifdef CONFIG_AP
4568 if (wpa_s->ap_iface) {
4569 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4570 return;
4571 }
4572 #endif /* CONFIG_AP */
4573
4574 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
4575 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4576 "no key management is configured");
4577 return;
4578 }
4579
4580 if (wpa_s->eapol_received == 0 &&
4581 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
4582 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
4583 wpa_s->wpa_state != WPA_COMPLETED) &&
4584 (wpa_s->current_ssid == NULL ||
4585 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
4586 /* Timeout for completing IEEE 802.1X and WPA authentication */
4587 int timeout = 10;
4588
4589 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4590 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4591 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4592 /* Use longer timeout for IEEE 802.1X/EAP */
4593 timeout = 70;
4594 }
4595
4596 #ifdef CONFIG_WPS
4597 if (wpa_s->current_ssid && wpa_s->current_bss &&
4598 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4599 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4600 /*
4601 * Use shorter timeout if going through WPS AP iteration
4602 * for PIN config method with an AP that does not
4603 * advertise Selected Registrar.
4604 */
4605 struct wpabuf *wps_ie;
4606
4607 wps_ie = wpa_bss_get_vendor_ie_multi(
4608 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
4609 if (wps_ie &&
4610 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
4611 timeout = 10;
4612 wpabuf_free(wps_ie);
4613 }
4614 #endif /* CONFIG_WPS */
4615
4616 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4617 }
4618 wpa_s->eapol_received++;
4619
4620 if (wpa_s->countermeasures) {
4621 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4622 "EAPOL packet");
4623 return;
4624 }
4625
4626 #ifdef CONFIG_IBSS_RSN
4627 if (wpa_s->current_ssid &&
4628 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
4629 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4630 return;
4631 }
4632 #endif /* CONFIG_IBSS_RSN */
4633
4634 /* Source address of the incoming EAPOL frame could be compared to the
4635 * current BSSID. However, it is possible that a centralized
4636 * Authenticator could be using another MAC address than the BSSID of
4637 * an AP, so just allow any address to be used for now. The replies are
4638 * still sent to the current BSSID (if available), though. */
4639
4640 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
4641 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
4642 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
4643 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
4644 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4645 return;
4646 wpa_drv_poll(wpa_s);
4647 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
4648 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
4649 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
4650 /*
4651 * Set portValid = TRUE here since we are going to skip 4-way
4652 * handshake processing which would normally set portValid. We
4653 * need this to allow the EAPOL state machines to be completed
4654 * without going through EAPOL-Key handshake.
4655 */
4656 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
4657 }
4658 }
4659
4660
4661 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
4662 {
4663 if ((!wpa_s->p2p_mgmt ||
4664 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4665 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
4666 l2_packet_deinit(wpa_s->l2);
4667 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4668 wpa_drv_get_mac_addr(wpa_s),
4669 ETH_P_EAPOL,
4670 wpa_supplicant_rx_eapol, wpa_s, 0);
4671 if (wpa_s->l2 == NULL)
4672 return -1;
4673
4674 if (l2_packet_set_packet_filter(wpa_s->l2,
4675 L2_PACKET_FILTER_PKTTYPE))
4676 wpa_dbg(wpa_s, MSG_DEBUG,
4677 "Failed to attach pkt_type filter");
4678 } else {
4679 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4680 if (addr)
4681 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
4682 }
4683
4684 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
4685 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
4686 return -1;
4687 }
4688
4689 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4690 wpas_wps_update_mac_addr(wpa_s);
4691
4692 #ifdef CONFIG_FST
4693 if (wpa_s->fst)
4694 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
4695 #endif /* CONFIG_FST */
4696
4697 return 0;
4698 }
4699
4700
4701 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4702 const u8 *buf, size_t len)
4703 {
4704 struct wpa_supplicant *wpa_s = ctx;
4705 const struct l2_ethhdr *eth;
4706
4707 if (len < sizeof(*eth))
4708 return;
4709 eth = (const struct l2_ethhdr *) buf;
4710
4711 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4712 !(eth->h_dest[0] & 0x01)) {
4713 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4714 " (bridge - not for this interface - ignore)",
4715 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4716 return;
4717 }
4718
4719 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4720 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4721 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4722 len - sizeof(*eth));
4723 }
4724
4725
4726 /**
4727 * wpa_supplicant_driver_init - Initialize driver interface parameters
4728 * @wpa_s: Pointer to wpa_supplicant data
4729 * Returns: 0 on success, -1 on failure
4730 *
4731 * This function is called to initialize driver interface parameters.
4732 * wpa_drv_init() must have been called before this function to initialize the
4733 * driver interface.
4734 */
4735 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
4736 {
4737 static int interface_count = 0;
4738
4739 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
4740 return -1;
4741
4742 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
4743 MAC2STR(wpa_s->own_addr));
4744 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
4745 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4746
4747 if (wpa_s->bridge_ifname[0]) {
4748 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
4749 "interface '%s'", wpa_s->bridge_ifname);
4750 wpa_s->l2_br = l2_packet_init_bridge(
4751 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
4752 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
4753 if (wpa_s->l2_br == NULL) {
4754 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
4755 "connection for the bridge interface '%s'",
4756 wpa_s->bridge_ifname);
4757 return -1;
4758 }
4759 }
4760
4761 if (wpa_s->conf->ap_scan == 2 &&
4762 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4763 wpa_printf(MSG_INFO,
4764 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4765 }
4766
4767 wpa_clear_keys(wpa_s, NULL);
4768
4769 /* Make sure that TKIP countermeasures are not left enabled (could
4770 * happen if wpa_supplicant is killed during countermeasures. */
4771 wpa_drv_set_countermeasures(wpa_s, 0);
4772
4773 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
4774 wpa_drv_flush_pmkid(wpa_s);
4775
4776 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
4777 wpa_s->prev_scan_wildcard = 0;
4778
4779 if (wpa_supplicant_enabled_networks(wpa_s)) {
4780 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
4781 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4782 interface_count = 0;
4783 }
4784 #ifndef ANDROID
4785 if (!wpa_s->p2p_mgmt &&
4786 wpa_supplicant_delayed_sched_scan(wpa_s,
4787 interface_count % 3,
4788 100000))
4789 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
4790 100000);
4791 #endif /* ANDROID */
4792 interface_count++;
4793 } else
4794 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
4795
4796 return 0;
4797 }
4798
4799
4800 static int wpa_supplicant_daemon(const char *pid_file)
4801 {
4802 wpa_printf(MSG_DEBUG, "Daemonize..");
4803 return os_daemonize(pid_file);
4804 }
4805
4806
4807 static struct wpa_supplicant *
4808 wpa_supplicant_alloc(struct wpa_supplicant *parent)
4809 {
4810 struct wpa_supplicant *wpa_s;
4811
4812 wpa_s = os_zalloc(sizeof(*wpa_s));
4813 if (wpa_s == NULL)
4814 return NULL;
4815 wpa_s->scan_req = INITIAL_SCAN_REQ;
4816 wpa_s->scan_interval = 5;
4817 wpa_s->new_connection = 1;
4818 wpa_s->parent = parent ? parent : wpa_s;
4819 wpa_s->p2pdev = wpa_s->parent;
4820 wpa_s->sched_scanning = 0;
4821
4822 dl_list_init(&wpa_s->bss_tmp_disallowed);
4823 dl_list_init(&wpa_s->fils_hlp_req);
4824 #ifdef CONFIG_TESTING_OPTIONS
4825 dl_list_init(&wpa_s->drv_signal_override);
4826 #endif /* CONFIG_TESTING_OPTIONS */
4827
4828 return wpa_s;
4829 }
4830
4831
4832 #ifdef CONFIG_HT_OVERRIDES
4833
4834 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
4835 struct ieee80211_ht_capabilities *htcaps,
4836 struct ieee80211_ht_capabilities *htcaps_mask,
4837 const char *ht_mcs)
4838 {
4839 /* parse ht_mcs into hex array */
4840 int i;
4841 const char *tmp = ht_mcs;
4842 char *end = NULL;
4843
4844 /* If ht_mcs is null, do not set anything */
4845 if (!ht_mcs)
4846 return 0;
4847
4848 /* This is what we are setting in the kernel */
4849 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
4850
4851 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
4852
4853 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
4854 long v;
4855
4856 errno = 0;
4857 v = strtol(tmp, &end, 16);
4858
4859 if (errno == 0) {
4860 wpa_msg(wpa_s, MSG_DEBUG,
4861 "htcap value[%i]: %ld end: %p tmp: %p",
4862 i, v, end, tmp);
4863 if (end == tmp)
4864 break;
4865
4866 htcaps->supported_mcs_set[i] = v;
4867 tmp = end;
4868 } else {
4869 wpa_msg(wpa_s, MSG_ERROR,
4870 "Failed to parse ht-mcs: %s, error: %s\n",
4871 ht_mcs, strerror(errno));
4872 return -1;
4873 }
4874 }
4875
4876 /*
4877 * If we were able to parse any values, then set mask for the MCS set.
4878 */
4879 if (i) {
4880 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
4881 IEEE80211_HT_MCS_MASK_LEN - 1);
4882 /* skip the 3 reserved bits */
4883 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
4884 0x1f;
4885 }
4886
4887 return 0;
4888 }
4889
4890
4891 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
4892 struct ieee80211_ht_capabilities *htcaps,
4893 struct ieee80211_ht_capabilities *htcaps_mask,
4894 int disabled)
4895 {
4896 le16 msk;
4897
4898 if (disabled == -1)
4899 return 0;
4900
4901 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
4902
4903 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
4904 htcaps_mask->ht_capabilities_info |= msk;
4905 if (disabled)
4906 htcaps->ht_capabilities_info &= msk;
4907 else
4908 htcaps->ht_capabilities_info |= msk;
4909
4910 return 0;
4911 }
4912
4913
4914 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
4915 struct ieee80211_ht_capabilities *htcaps,
4916 struct ieee80211_ht_capabilities *htcaps_mask,
4917 int factor)
4918 {
4919 if (factor == -1)
4920 return 0;
4921
4922 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
4923
4924 if (factor < 0 || factor > 3) {
4925 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
4926 "Must be 0-3 or -1", factor);
4927 return -EINVAL;
4928 }
4929
4930 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
4931 htcaps->a_mpdu_params &= ~0x3;
4932 htcaps->a_mpdu_params |= factor & 0x3;
4933
4934 return 0;
4935 }
4936
4937
4938 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
4939 struct ieee80211_ht_capabilities *htcaps,
4940 struct ieee80211_ht_capabilities *htcaps_mask,
4941 int density)
4942 {
4943 if (density == -1)
4944 return 0;
4945
4946 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
4947
4948 if (density < 0 || density > 7) {
4949 wpa_msg(wpa_s, MSG_ERROR,
4950 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4951 density);
4952 return -EINVAL;
4953 }
4954
4955 htcaps_mask->a_mpdu_params |= 0x1C;
4956 htcaps->a_mpdu_params &= ~(0x1C);
4957 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
4958
4959 return 0;
4960 }
4961
4962
4963 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
4964 struct ieee80211_ht_capabilities *htcaps,
4965 struct ieee80211_ht_capabilities *htcaps_mask,
4966 int disabled)
4967 {
4968 if (disabled)
4969 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
4970
4971 set_disable_ht40(htcaps, disabled);
4972 set_disable_ht40(htcaps_mask, 0);
4973
4974 return 0;
4975 }
4976
4977
4978 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
4979 struct ieee80211_ht_capabilities *htcaps,
4980 struct ieee80211_ht_capabilities *htcaps_mask,
4981 int disabled)
4982 {
4983 /* Masking these out disables SGI */
4984 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
4985 HT_CAP_INFO_SHORT_GI40MHZ);
4986
4987 if (disabled)
4988 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
4989
4990 if (disabled)
4991 htcaps->ht_capabilities_info &= ~msk;
4992 else
4993 htcaps->ht_capabilities_info |= msk;
4994
4995 htcaps_mask->ht_capabilities_info |= msk;
4996
4997 return 0;
4998 }
4999
5000
5001 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5002 struct ieee80211_ht_capabilities *htcaps,
5003 struct ieee80211_ht_capabilities *htcaps_mask,
5004 int disabled)
5005 {
5006 /* Masking these out disables LDPC */
5007 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
5008
5009 if (disabled)
5010 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
5011
5012 if (disabled)
5013 htcaps->ht_capabilities_info &= ~msk;
5014 else
5015 htcaps->ht_capabilities_info |= msk;
5016
5017 htcaps_mask->ht_capabilities_info |= msk;
5018
5019 return 0;
5020 }
5021
5022
5023 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5024 struct ieee80211_ht_capabilities *htcaps,
5025 struct ieee80211_ht_capabilities *htcaps_mask,
5026 int tx_stbc)
5027 {
5028 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5029
5030 if (tx_stbc == -1)
5031 return 0;
5032
5033 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5034
5035 if (tx_stbc < 0 || tx_stbc > 1) {
5036 wpa_msg(wpa_s, MSG_ERROR,
5037 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5038 return -EINVAL;
5039 }
5040
5041 htcaps_mask->ht_capabilities_info |= msk;
5042 htcaps->ht_capabilities_info &= ~msk;
5043 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5044
5045 return 0;
5046 }
5047
5048
5049 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5050 struct ieee80211_ht_capabilities *htcaps,
5051 struct ieee80211_ht_capabilities *htcaps_mask,
5052 int rx_stbc)
5053 {
5054 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5055
5056 if (rx_stbc == -1)
5057 return 0;
5058
5059 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5060
5061 if (rx_stbc < 0 || rx_stbc > 3) {
5062 wpa_msg(wpa_s, MSG_ERROR,
5063 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5064 return -EINVAL;
5065 }
5066
5067 htcaps_mask->ht_capabilities_info |= msk;
5068 htcaps->ht_capabilities_info &= ~msk;
5069 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5070
5071 return 0;
5072 }
5073
5074
5075 void wpa_supplicant_apply_ht_overrides(
5076 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5077 struct wpa_driver_associate_params *params)
5078 {
5079 struct ieee80211_ht_capabilities *htcaps;
5080 struct ieee80211_ht_capabilities *htcaps_mask;
5081
5082 if (!ssid)
5083 return;
5084
5085 params->disable_ht = ssid->disable_ht;
5086 if (!params->htcaps || !params->htcaps_mask)
5087 return;
5088
5089 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5090 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5091 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5092 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5093 ssid->disable_max_amsdu);
5094 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5095 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5096 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
5097 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
5098 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
5099 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5100 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
5101
5102 if (ssid->ht40_intolerant) {
5103 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
5104 htcaps->ht_capabilities_info |= bit;
5105 htcaps_mask->ht_capabilities_info |= bit;
5106 }
5107 }
5108
5109 #endif /* CONFIG_HT_OVERRIDES */
5110
5111
5112 #ifdef CONFIG_VHT_OVERRIDES
5113 void wpa_supplicant_apply_vht_overrides(
5114 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5115 struct wpa_driver_associate_params *params)
5116 {
5117 struct ieee80211_vht_capabilities *vhtcaps;
5118 struct ieee80211_vht_capabilities *vhtcaps_mask;
5119
5120 if (!ssid)
5121 return;
5122
5123 params->disable_vht = ssid->disable_vht;
5124
5125 vhtcaps = (void *) params->vhtcaps;
5126 vhtcaps_mask = (void *) params->vhtcaps_mask;
5127
5128 if (!vhtcaps || !vhtcaps_mask)
5129 return;
5130
5131 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5132 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
5133
5134 #ifdef CONFIG_HT_OVERRIDES
5135 if (ssid->disable_sgi) {
5136 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5137 VHT_CAP_SHORT_GI_160);
5138 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5139 VHT_CAP_SHORT_GI_160);
5140 wpa_msg(wpa_s, MSG_DEBUG,
5141 "disable-sgi override specified, vht-caps: 0x%x",
5142 vhtcaps->vht_capabilities_info);
5143 }
5144
5145 /* if max ampdu is <= 3, we have to make the HT cap the same */
5146 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5147 int max_ampdu;
5148
5149 max_ampdu = (ssid->vht_capa &
5150 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5151 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
5152
5153 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5154 wpa_set_ampdu_factor(wpa_s,
5155 (void *) params->htcaps,
5156 (void *) params->htcaps_mask,
5157 max_ampdu);
5158 }
5159 #endif /* CONFIG_HT_OVERRIDES */
5160
5161 #define OVERRIDE_MCS(i) \
5162 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5163 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
5164 host_to_le16(3 << 2 * (i - 1)); \
5165 vhtcaps->vht_supported_mcs_set.tx_map |= \
5166 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5167 2 * (i - 1)); \
5168 } \
5169 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5170 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
5171 host_to_le16(3 << 2 * (i - 1)); \
5172 vhtcaps->vht_supported_mcs_set.rx_map |= \
5173 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5174 2 * (i - 1)); \
5175 }
5176
5177 OVERRIDE_MCS(1);
5178 OVERRIDE_MCS(2);
5179 OVERRIDE_MCS(3);
5180 OVERRIDE_MCS(4);
5181 OVERRIDE_MCS(5);
5182 OVERRIDE_MCS(6);
5183 OVERRIDE_MCS(7);
5184 OVERRIDE_MCS(8);
5185 }
5186 #endif /* CONFIG_VHT_OVERRIDES */
5187
5188
5189 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5190 {
5191 #ifdef PCSC_FUNCS
5192 size_t len;
5193
5194 if (!wpa_s->conf->pcsc_reader)
5195 return 0;
5196
5197 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
5198 if (!wpa_s->scard)
5199 return 1;
5200
5201 if (wpa_s->conf->pcsc_pin &&
5202 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5203 scard_deinit(wpa_s->scard);
5204 wpa_s->scard = NULL;
5205 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5206 return -1;
5207 }
5208
5209 len = sizeof(wpa_s->imsi) - 1;
5210 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5211 scard_deinit(wpa_s->scard);
5212 wpa_s->scard = NULL;
5213 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5214 return -1;
5215 }
5216 wpa_s->imsi[len] = '\0';
5217
5218 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5219
5220 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5221 wpa_s->imsi, wpa_s->mnc_len);
5222
5223 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5224 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5225 #endif /* PCSC_FUNCS */
5226
5227 return 0;
5228 }
5229
5230
5231 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5232 {
5233 char *val, *pos;
5234
5235 ext_password_deinit(wpa_s->ext_pw);
5236 wpa_s->ext_pw = NULL;
5237 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5238
5239 if (!wpa_s->conf->ext_password_backend)
5240 return 0;
5241
5242 val = os_strdup(wpa_s->conf->ext_password_backend);
5243 if (val == NULL)
5244 return -1;
5245 pos = os_strchr(val, ':');
5246 if (pos)
5247 *pos++ = '\0';
5248
5249 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5250
5251 wpa_s->ext_pw = ext_password_init(val, pos);
5252 os_free(val);
5253 if (wpa_s->ext_pw == NULL) {
5254 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5255 return -1;
5256 }
5257 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5258
5259 return 0;
5260 }
5261
5262
5263 #ifdef CONFIG_FST
5264
5265 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5266 {
5267 struct wpa_supplicant *wpa_s = ctx;
5268
5269 return (is_zero_ether_addr(wpa_s->bssid) ||
5270 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5271 }
5272
5273
5274 static void wpas_fst_get_channel_info_cb(void *ctx,
5275 enum hostapd_hw_mode *hw_mode,
5276 u8 *channel)
5277 {
5278 struct wpa_supplicant *wpa_s = ctx;
5279
5280 if (wpa_s->current_bss) {
5281 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5282 channel);
5283 } else if (wpa_s->hw.num_modes) {
5284 *hw_mode = wpa_s->hw.modes[0].mode;
5285 } else {
5286 WPA_ASSERT(0);
5287 *hw_mode = 0;
5288 }
5289 }
5290
5291
5292 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5293 {
5294 struct wpa_supplicant *wpa_s = ctx;
5295
5296 *modes = wpa_s->hw.modes;
5297 return wpa_s->hw.num_modes;
5298 }
5299
5300
5301 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
5302 {
5303 struct wpa_supplicant *wpa_s = ctx;
5304
5305 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
5306 wpa_s->fst_ies = fst_ies;
5307 }
5308
5309
5310 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5311 {
5312 struct wpa_supplicant *wpa_s = ctx;
5313
5314 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5315 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5316 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5317 return -1;
5318 }
5319 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5320 wpa_s->own_addr, wpa_s->bssid,
5321 wpabuf_head(data), wpabuf_len(data),
5322 0);
5323 }
5324
5325
5326 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
5327 {
5328 struct wpa_supplicant *wpa_s = ctx;
5329
5330 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5331 return wpa_s->received_mb_ies;
5332 }
5333
5334
5335 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5336 const u8 *buf, size_t size)
5337 {
5338 struct wpa_supplicant *wpa_s = ctx;
5339 struct mb_ies_info info;
5340
5341 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5342
5343 if (!mb_ies_info_by_ies(&info, buf, size)) {
5344 wpabuf_free(wpa_s->received_mb_ies);
5345 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5346 }
5347 }
5348
5349
5350 static const u8 * wpas_fst_get_peer_first(void *ctx,
5351 struct fst_get_peer_ctx **get_ctx,
5352 Boolean mb_only)
5353 {
5354 struct wpa_supplicant *wpa_s = ctx;
5355
5356 *get_ctx = NULL;
5357 if (!is_zero_ether_addr(wpa_s->bssid))
5358 return (wpa_s->received_mb_ies || !mb_only) ?
5359 wpa_s->bssid : NULL;
5360 return NULL;
5361 }
5362
5363
5364 static const u8 * wpas_fst_get_peer_next(void *ctx,
5365 struct fst_get_peer_ctx **get_ctx,
5366 Boolean mb_only)
5367 {
5368 return NULL;
5369 }
5370
5371 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5372 struct fst_wpa_obj *iface_obj)
5373 {
5374 iface_obj->ctx = wpa_s;
5375 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5376 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5377 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5378 iface_obj->set_ies = wpas_fst_set_ies_cb;
5379 iface_obj->send_action = wpas_fst_send_action_cb;
5380 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5381 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5382 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5383 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5384 }
5385 #endif /* CONFIG_FST */
5386
5387 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
5388 const struct wpa_driver_capa *capa)
5389 {
5390 struct wowlan_triggers *triggers;
5391 int ret = 0;
5392
5393 if (!wpa_s->conf->wowlan_triggers)
5394 return 0;
5395
5396 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5397 if (triggers) {
5398 ret = wpa_drv_wowlan(wpa_s, triggers);
5399 os_free(triggers);
5400 }
5401 return ret;
5402 }
5403
5404
5405 enum wpa_radio_work_band wpas_freq_to_band(int freq)
5406 {
5407 if (freq < 3000)
5408 return BAND_2_4_GHZ;
5409 if (freq > 50000)
5410 return BAND_60_GHZ;
5411 return BAND_5_GHZ;
5412 }
5413
5414
5415 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
5416 {
5417 int i;
5418 unsigned int band = 0;
5419
5420 if (freqs) {
5421 /* freqs are specified for the radio work */
5422 for (i = 0; freqs[i]; i++)
5423 band |= wpas_freq_to_band(freqs[i]);
5424 } else {
5425 /*
5426 * freqs are not specified, implies all
5427 * the supported freqs by HW
5428 */
5429 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5430 if (wpa_s->hw.modes[i].num_channels != 0) {
5431 if (wpa_s->hw.modes[i].mode ==
5432 HOSTAPD_MODE_IEEE80211B ||
5433 wpa_s->hw.modes[i].mode ==
5434 HOSTAPD_MODE_IEEE80211G)
5435 band |= BAND_2_4_GHZ;
5436 else if (wpa_s->hw.modes[i].mode ==
5437 HOSTAPD_MODE_IEEE80211A)
5438 band |= BAND_5_GHZ;
5439 else if (wpa_s->hw.modes[i].mode ==
5440 HOSTAPD_MODE_IEEE80211AD)
5441 band |= BAND_60_GHZ;
5442 else if (wpa_s->hw.modes[i].mode ==
5443 HOSTAPD_MODE_IEEE80211ANY)
5444 band = BAND_2_4_GHZ | BAND_5_GHZ |
5445 BAND_60_GHZ;
5446 }
5447 }
5448 }
5449
5450 return band;
5451 }
5452
5453
5454 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5455 const char *rn)
5456 {
5457 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5458 struct wpa_radio *radio;
5459
5460 while (rn && iface) {
5461 radio = iface->radio;
5462 if (radio && os_strcmp(rn, radio->name) == 0) {
5463 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5464 wpa_s->ifname, rn);
5465 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5466 return radio;
5467 }
5468
5469 iface = iface->next;
5470 }
5471
5472 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5473 wpa_s->ifname, rn ? rn : "N/A");
5474 radio = os_zalloc(sizeof(*radio));
5475 if (radio == NULL)
5476 return NULL;
5477
5478 if (rn)
5479 os_strlcpy(radio->name, rn, sizeof(radio->name));
5480 dl_list_init(&radio->ifaces);
5481 dl_list_init(&radio->work);
5482 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5483
5484 return radio;
5485 }
5486
5487
5488 static void radio_work_free(struct wpa_radio_work *work)
5489 {
5490 if (work->wpa_s->scan_work == work) {
5491 /* This should not really happen. */
5492 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5493 work->type, work, work->started);
5494 work->wpa_s->scan_work = NULL;
5495 }
5496
5497 #ifdef CONFIG_P2P
5498 if (work->wpa_s->p2p_scan_work == work) {
5499 /* This should not really happen. */
5500 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5501 work->type, work, work->started);
5502 work->wpa_s->p2p_scan_work = NULL;
5503 }
5504 #endif /* CONFIG_P2P */
5505
5506 if (work->started) {
5507 work->wpa_s->radio->num_active_works--;
5508 wpa_dbg(work->wpa_s, MSG_DEBUG,
5509 "radio_work_free('%s'@%p): num_active_works --> %u",
5510 work->type, work,
5511 work->wpa_s->radio->num_active_works);
5512 }
5513
5514 dl_list_del(&work->list);
5515 os_free(work);
5516 }
5517
5518
5519 static int radio_work_is_connect(struct wpa_radio_work *work)
5520 {
5521 return os_strcmp(work->type, "sme-connect") == 0 ||
5522 os_strcmp(work->type, "connect") == 0;
5523 }
5524
5525
5526 static int radio_work_is_scan(struct wpa_radio_work *work)
5527 {
5528 return os_strcmp(work->type, "scan") == 0 ||
5529 os_strcmp(work->type, "p2p-scan") == 0;
5530 }
5531
5532
5533 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5534 {
5535 struct wpa_radio_work *active_work = NULL;
5536 struct wpa_radio_work *tmp;
5537
5538 /* Get the active work to know the type and band. */
5539 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5540 if (tmp->started) {
5541 active_work = tmp;
5542 break;
5543 }
5544 }
5545
5546 if (!active_work) {
5547 /* No active work, start one */
5548 radio->num_active_works = 0;
5549 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5550 list) {
5551 if (os_strcmp(tmp->type, "scan") == 0 &&
5552 radio->external_scan_running &&
5553 (((struct wpa_driver_scan_params *)
5554 tmp->ctx)->only_new_results ||
5555 tmp->wpa_s->clear_driver_scan_cache))
5556 continue;
5557 return tmp;
5558 }
5559 return NULL;
5560 }
5561
5562 if (radio_work_is_connect(active_work)) {
5563 /*
5564 * If the active work is either connect or sme-connect,
5565 * do not parallelize them with other radio works.
5566 */
5567 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5568 "Do not parallelize radio work with %s",
5569 active_work->type);
5570 return NULL;
5571 }
5572
5573 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5574 if (tmp->started)
5575 continue;
5576
5577 /*
5578 * If connect or sme-connect are enqueued, parallelize only
5579 * those operations ahead of them in the queue.
5580 */
5581 if (radio_work_is_connect(tmp))
5582 break;
5583
5584 /* Serialize parallel scan and p2p_scan operations on the same
5585 * interface since the driver_nl80211 mechanism for tracking
5586 * scan cookies does not yet have support for this. */
5587 if (active_work->wpa_s == tmp->wpa_s &&
5588 radio_work_is_scan(active_work) &&
5589 radio_work_is_scan(tmp)) {
5590 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5591 "Do not start work '%s' when another work '%s' is already scheduled",
5592 tmp->type, active_work->type);
5593 continue;
5594 }
5595 /*
5596 * Check that the radio works are distinct and
5597 * on different bands.
5598 */
5599 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5600 (active_work->bands != tmp->bands)) {
5601 /*
5602 * If a scan has to be scheduled through nl80211 scan
5603 * interface and if an external scan is already running,
5604 * do not schedule the scan since it is likely to get
5605 * rejected by kernel.
5606 */
5607 if (os_strcmp(tmp->type, "scan") == 0 &&
5608 radio->external_scan_running &&
5609 (((struct wpa_driver_scan_params *)
5610 tmp->ctx)->only_new_results ||
5611 tmp->wpa_s->clear_driver_scan_cache))
5612 continue;
5613
5614 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5615 "active_work:%s new_work:%s",
5616 active_work->type, tmp->type);
5617 return tmp;
5618 }
5619 }
5620
5621 /* Did not find a radio work to schedule in parallel. */
5622 return NULL;
5623 }
5624
5625
5626 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5627 {
5628 struct wpa_radio *radio = eloop_ctx;
5629 struct wpa_radio_work *work;
5630 struct os_reltime now, diff;
5631 struct wpa_supplicant *wpa_s;
5632
5633 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
5634 if (work == NULL) {
5635 radio->num_active_works = 0;
5636 return;
5637 }
5638
5639 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5640 radio_list);
5641
5642 if (!(wpa_s &&
5643 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5644 if (work->started)
5645 return; /* already started and still in progress */
5646
5647 if (wpa_s && wpa_s->radio->external_scan_running) {
5648 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5649 return;
5650 }
5651 } else {
5652 work = NULL;
5653 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
5654 /* get the work to schedule next */
5655 work = radio_work_get_next_work(radio);
5656 }
5657 if (!work)
5658 return;
5659 }
5660
5661 wpa_s = work->wpa_s;
5662 os_get_reltime(&now);
5663 os_reltime_sub(&now, &work->time, &diff);
5664 wpa_dbg(wpa_s, MSG_DEBUG,
5665 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5666 work->type, work, diff.sec, diff.usec);
5667 work->started = 1;
5668 work->time = now;
5669 radio->num_active_works++;
5670
5671 work->cb(work, 0);
5672
5673 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
5674 radio->num_active_works < MAX_ACTIVE_WORKS)
5675 radio_work_check_next(wpa_s);
5676 }
5677
5678
5679 /*
5680 * This function removes both started and pending radio works running on
5681 * the provided interface's radio.
5682 * Prior to the removal of the radio work, its callback (cb) is called with
5683 * deinit set to be 1. Each work's callback is responsible for clearing its
5684 * internal data and restoring to a correct state.
5685 * @wpa_s: wpa_supplicant data
5686 * @type: type of works to be removed
5687 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5688 * this interface's works.
5689 */
5690 void radio_remove_works(struct wpa_supplicant *wpa_s,
5691 const char *type, int remove_all)
5692 {
5693 struct wpa_radio_work *work, *tmp;
5694 struct wpa_radio *radio = wpa_s->radio;
5695
5696 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
5697 list) {
5698 if (type && os_strcmp(type, work->type) != 0)
5699 continue;
5700
5701 /* skip other ifaces' works */
5702 if (!remove_all && work->wpa_s != wpa_s)
5703 continue;
5704
5705 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
5706 work->type, work, work->started ? " (started)" : "");
5707 work->cb(work, 1);
5708 radio_work_free(work);
5709 }
5710
5711 /* in case we removed the started work */
5712 radio_work_check_next(wpa_s);
5713 }
5714
5715
5716 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
5717 {
5718 struct wpa_radio_work *work;
5719 struct wpa_radio *radio = wpa_s->radio;
5720
5721 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5722 if (work->ctx != ctx)
5723 continue;
5724 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
5725 work->type, work, work->started ? " (started)" : "");
5726 radio_work_free(work);
5727 break;
5728 }
5729 }
5730
5731
5732 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
5733 {
5734 struct wpa_radio *radio = wpa_s->radio;
5735
5736 if (!radio)
5737 return;
5738
5739 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
5740 wpa_s->ifname, radio->name);
5741 dl_list_del(&wpa_s->radio_list);
5742 radio_remove_works(wpa_s, NULL, 0);
5743 wpa_s->radio = NULL;
5744 if (!dl_list_empty(&radio->ifaces))
5745 return; /* Interfaces remain for this radio */
5746
5747 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
5748 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5749 os_free(radio);
5750 }
5751
5752
5753 void radio_work_check_next(struct wpa_supplicant *wpa_s)
5754 {
5755 struct wpa_radio *radio = wpa_s->radio;
5756
5757 if (dl_list_empty(&radio->work))
5758 return;
5759 if (wpa_s->ext_work_in_progress) {
5760 wpa_printf(MSG_DEBUG,
5761 "External radio work in progress - delay start of pending item");
5762 return;
5763 }
5764 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
5765 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
5766 }
5767
5768
5769 /**
5770 * radio_add_work - Add a radio work item
5771 * @wpa_s: Pointer to wpa_supplicant data
5772 * @freq: Frequency of the offchannel operation in MHz or 0
5773 * @type: Unique identifier for each type of work
5774 * @next: Force as the next work to be executed
5775 * @cb: Callback function for indicating when radio is available
5776 * @ctx: Context pointer for the work (work->ctx in cb())
5777 * Returns: 0 on success, -1 on failure
5778 *
5779 * This function is used to request time for an operation that requires
5780 * exclusive radio control. Once the radio is available, the registered callback
5781 * function will be called. radio_work_done() must be called once the exclusive
5782 * radio operation has been completed, so that the radio is freed for other
5783 * operations. The special case of deinit=1 is used to free the context data
5784 * during interface removal. That does not allow the callback function to start
5785 * the radio operation, i.e., it must free any resources allocated for the radio
5786 * work and return.
5787 *
5788 * The @freq parameter can be used to indicate a single channel on which the
5789 * offchannel operation will occur. This may allow multiple radio work
5790 * operations to be performed in parallel if they apply for the same channel.
5791 * Setting this to 0 indicates that the work item may use multiple channels or
5792 * requires exclusive control of the radio.
5793 */
5794 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
5795 const char *type, int next,
5796 void (*cb)(struct wpa_radio_work *work, int deinit),
5797 void *ctx)
5798 {
5799 struct wpa_radio *radio = wpa_s->radio;
5800 struct wpa_radio_work *work;
5801 int was_empty;
5802
5803 work = os_zalloc(sizeof(*work));
5804 if (work == NULL)
5805 return -1;
5806 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
5807 os_get_reltime(&work->time);
5808 work->freq = freq;
5809 work->type = type;
5810 work->wpa_s = wpa_s;
5811 work->cb = cb;
5812 work->ctx = ctx;
5813
5814 if (freq)
5815 work->bands = wpas_freq_to_band(freq);
5816 else if (os_strcmp(type, "scan") == 0 ||
5817 os_strcmp(type, "p2p-scan") == 0)
5818 work->bands = wpas_get_bands(wpa_s,
5819 ((struct wpa_driver_scan_params *)
5820 ctx)->freqs);
5821 else
5822 work->bands = wpas_get_bands(wpa_s, NULL);
5823
5824 was_empty = dl_list_empty(&wpa_s->radio->work);
5825 if (next)
5826 dl_list_add(&wpa_s->radio->work, &work->list);
5827 else
5828 dl_list_add_tail(&wpa_s->radio->work, &work->list);
5829 if (was_empty) {
5830 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
5831 radio_work_check_next(wpa_s);
5832 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
5833 && radio->num_active_works < MAX_ACTIVE_WORKS) {
5834 wpa_dbg(wpa_s, MSG_DEBUG,
5835 "Try to schedule a radio work (num_active_works=%u)",
5836 radio->num_active_works);
5837 radio_work_check_next(wpa_s);
5838 }
5839
5840 return 0;
5841 }
5842
5843
5844 /**
5845 * radio_work_done - Indicate that a radio work item has been completed
5846 * @work: Completed work
5847 *
5848 * This function is called once the callback function registered with
5849 * radio_add_work() has completed its work.
5850 */
5851 void radio_work_done(struct wpa_radio_work *work)
5852 {
5853 struct wpa_supplicant *wpa_s = work->wpa_s;
5854 struct os_reltime now, diff;
5855 unsigned int started = work->started;
5856
5857 os_get_reltime(&now);
5858 os_reltime_sub(&now, &work->time, &diff);
5859 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5860 work->type, work, started ? "done" : "canceled",
5861 diff.sec, diff.usec);
5862 radio_work_free(work);
5863 if (started)
5864 radio_work_check_next(wpa_s);
5865 }
5866
5867
5868 struct wpa_radio_work *
5869 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
5870 {
5871 struct wpa_radio_work *work;
5872 struct wpa_radio *radio = wpa_s->radio;
5873
5874 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
5875 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
5876 return work;
5877 }
5878
5879 return NULL;
5880 }
5881
5882
5883 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
5884 const struct wpa_interface *iface)
5885 {
5886 const char *ifname, *driver, *rn;
5887
5888 driver = iface->driver;
5889 next_driver:
5890 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
5891 return -1;
5892
5893 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
5894 if (wpa_s->drv_priv == NULL) {
5895 const char *pos;
5896 pos = driver ? os_strchr(driver, ',') : NULL;
5897 if (pos) {
5898 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
5899 "driver interface - try next driver wrapper");
5900 driver = pos + 1;
5901 goto next_driver;
5902 }
5903 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
5904 "interface");
5905 return -1;
5906 }
5907 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
5908 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
5909 "driver_param '%s'", wpa_s->conf->driver_param);
5910 return -1;
5911 }
5912
5913 ifname = wpa_drv_get_ifname(wpa_s);
5914 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
5915 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
5916 "interface name with '%s'", ifname);
5917 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
5918 }
5919
5920 rn = wpa_driver_get_radio_name(wpa_s);
5921 if (rn && rn[0] == '\0')
5922 rn = NULL;
5923
5924 wpa_s->radio = radio_add_interface(wpa_s, rn);
5925 if (wpa_s->radio == NULL)
5926 return -1;
5927
5928 return 0;
5929 }
5930
5931
5932 #ifdef CONFIG_GAS_SERVER
5933
5934 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
5935 unsigned int freq, const u8 *dst,
5936 const u8 *src, const u8 *bssid,
5937 const u8 *data, size_t data_len,
5938 enum offchannel_send_action_result result)
5939 {
5940 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
5941 " result=%s",
5942 freq, MAC2STR(dst),
5943 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
5944 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
5945 "FAILED"));
5946 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
5947 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
5948 }
5949
5950
5951 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
5952 struct wpabuf *buf, unsigned int wait_time)
5953 {
5954 struct wpa_supplicant *wpa_s = ctx;
5955 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5956
5957 if (wait_time > wpa_s->max_remain_on_chan)
5958 wait_time = wpa_s->max_remain_on_chan;
5959
5960 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
5961 wpabuf_head(buf), wpabuf_len(buf),
5962 wait_time, wpas_gas_server_tx_status, 0);
5963 }
5964
5965 #endif /* CONFIG_GAS_SERVER */
5966
5967 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
5968 const struct wpa_interface *iface)
5969 {
5970 struct wpa_driver_capa capa;
5971 int capa_res;
5972 u8 dfs_domain;
5973
5974 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
5975 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
5976 iface->confname ? iface->confname : "N/A",
5977 iface->driver ? iface->driver : "default",
5978 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
5979 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
5980
5981 if (iface->confname) {
5982 #ifdef CONFIG_BACKEND_FILE
5983 wpa_s->confname = os_rel2abs_path(iface->confname);
5984 if (wpa_s->confname == NULL) {
5985 wpa_printf(MSG_ERROR, "Failed to get absolute path "
5986 "for configuration file '%s'.",
5987 iface->confname);
5988 return -1;
5989 }
5990 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
5991 iface->confname, wpa_s->confname);
5992 #else /* CONFIG_BACKEND_FILE */
5993 wpa_s->confname = os_strdup(iface->confname);
5994 #endif /* CONFIG_BACKEND_FILE */
5995 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
5996 if (wpa_s->conf == NULL) {
5997 wpa_printf(MSG_ERROR, "Failed to read or parse "
5998 "configuration '%s'.", wpa_s->confname);
5999 return -1;
6000 }
6001 wpa_s->confanother = os_rel2abs_path(iface->confanother);
6002 if (wpa_s->confanother &&
6003 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6004 wpa_printf(MSG_ERROR,
6005 "Failed to read or parse configuration '%s'.",
6006 wpa_s->confanother);
6007 return -1;
6008 }
6009
6010 /*
6011 * Override ctrl_interface and driver_param if set on command
6012 * line.
6013 */
6014 if (iface->ctrl_interface) {
6015 os_free(wpa_s->conf->ctrl_interface);
6016 wpa_s->conf->ctrl_interface =
6017 os_strdup(iface->ctrl_interface);
6018 }
6019
6020 if (iface->driver_param) {
6021 os_free(wpa_s->conf->driver_param);
6022 wpa_s->conf->driver_param =
6023 os_strdup(iface->driver_param);
6024 }
6025
6026 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6027 os_free(wpa_s->conf->ctrl_interface);
6028 wpa_s->conf->ctrl_interface = NULL;
6029 }
6030 } else
6031 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6032 iface->driver_param);
6033
6034 if (wpa_s->conf == NULL) {
6035 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6036 return -1;
6037 }
6038
6039 if (iface->ifname == NULL) {
6040 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6041 return -1;
6042 }
6043 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6044 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6045 iface->ifname);
6046 return -1;
6047 }
6048 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6049
6050 if (iface->bridge_ifname) {
6051 if (os_strlen(iface->bridge_ifname) >=
6052 sizeof(wpa_s->bridge_ifname)) {
6053 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6054 "name '%s'.", iface->bridge_ifname);
6055 return -1;
6056 }
6057 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6058 sizeof(wpa_s->bridge_ifname));
6059 }
6060
6061 /* RSNA Supplicant Key Management - INITIALIZE */
6062 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
6063 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
6064
6065 /* Initialize driver interface and register driver event handler before
6066 * L2 receive handler so that association events are processed before
6067 * EAPOL-Key packets if both become available for the same select()
6068 * call. */
6069 if (wpas_init_driver(wpa_s, iface) < 0)
6070 return -1;
6071
6072 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6073 return -1;
6074
6075 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6076 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6077 NULL);
6078 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6079
6080 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6081 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6082 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
6083 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6084 "dot11RSNAConfigPMKLifetime");
6085 return -1;
6086 }
6087
6088 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6089 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6090 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
6091 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6092 "dot11RSNAConfigPMKReauthThreshold");
6093 return -1;
6094 }
6095
6096 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6097 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6098 wpa_s->conf->dot11RSNAConfigSATimeout)) {
6099 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6100 "dot11RSNAConfigSATimeout");
6101 return -1;
6102 }
6103
6104 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6105 &wpa_s->hw.num_modes,
6106 &wpa_s->hw.flags,
6107 &dfs_domain);
6108 if (wpa_s->hw.modes) {
6109 u16 i;
6110
6111 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6112 if (wpa_s->hw.modes[i].vht_capab) {
6113 wpa_s->hw_capab = CAPAB_VHT;
6114 break;
6115 }
6116
6117 if (wpa_s->hw.modes[i].ht_capab &
6118 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6119 wpa_s->hw_capab = CAPAB_HT40;
6120 else if (wpa_s->hw.modes[i].ht_capab &&
6121 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6122 wpa_s->hw_capab = CAPAB_HT;
6123 }
6124 }
6125
6126 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6127 if (capa_res == 0) {
6128 wpa_s->drv_capa_known = 1;
6129 wpa_s->drv_flags = capa.flags;
6130 wpa_s->drv_enc = capa.enc;
6131 wpa_s->drv_smps_modes = capa.smps_modes;
6132 wpa_s->drv_rrm_flags = capa.rrm_flags;
6133 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
6134 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6135 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
6136 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6137 wpa_s->max_sched_scan_plan_interval =
6138 capa.max_sched_scan_plan_interval;
6139 wpa_s->max_sched_scan_plan_iterations =
6140 capa.max_sched_scan_plan_iterations;
6141 wpa_s->sched_scan_supported = capa.sched_scan_supported;
6142 wpa_s->max_match_sets = capa.max_match_sets;
6143 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
6144 wpa_s->max_stations = capa.max_stations;
6145 wpa_s->extended_capa = capa.extended_capa;
6146 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6147 wpa_s->extended_capa_len = capa.extended_capa_len;
6148 wpa_s->num_multichan_concurrent =
6149 capa.num_multichan_concurrent;
6150 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
6151
6152 if (capa.mac_addr_rand_scan_supported)
6153 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6154 if (wpa_s->sched_scan_supported &&
6155 capa.mac_addr_rand_sched_scan_supported)
6156 wpa_s->mac_addr_rand_supported |=
6157 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
6158
6159 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6160 if (wpa_s->extended_capa &&
6161 wpa_s->extended_capa_len >= 3 &&
6162 wpa_s->extended_capa[2] & 0x40)
6163 wpa_s->multi_bss_support = 1;
6164 }
6165 if (wpa_s->max_remain_on_chan == 0)
6166 wpa_s->max_remain_on_chan = 1000;
6167
6168 /*
6169 * Only take p2p_mgmt parameters when P2P Device is supported.
6170 * Doing it here as it determines whether l2_packet_init() will be done
6171 * during wpa_supplicant_driver_init().
6172 */
6173 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6174 wpa_s->p2p_mgmt = iface->p2p_mgmt;
6175
6176 if (wpa_s->num_multichan_concurrent == 0)
6177 wpa_s->num_multichan_concurrent = 1;
6178
6179 if (wpa_supplicant_driver_init(wpa_s) < 0)
6180 return -1;
6181
6182 #ifdef CONFIG_TDLS
6183 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
6184 return -1;
6185 #endif /* CONFIG_TDLS */
6186
6187 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6188 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6189 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6190 return -1;
6191 }
6192
6193 #ifdef CONFIG_FST
6194 if (wpa_s->conf->fst_group_id) {
6195 struct fst_iface_cfg cfg;
6196 struct fst_wpa_obj iface_obj;
6197
6198 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6199 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6200 sizeof(cfg.group_id));
6201 cfg.priority = wpa_s->conf->fst_priority;
6202 cfg.llt = wpa_s->conf->fst_llt;
6203
6204 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6205 &iface_obj, &cfg);
6206 if (!wpa_s->fst) {
6207 wpa_msg(wpa_s, MSG_ERROR,
6208 "FST: Cannot attach iface %s to group %s",
6209 wpa_s->ifname, cfg.group_id);
6210 return -1;
6211 }
6212 }
6213 #endif /* CONFIG_FST */
6214
6215 if (wpas_wps_init(wpa_s))
6216 return -1;
6217
6218 #ifdef CONFIG_GAS_SERVER
6219 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6220 if (!wpa_s->gas_server) {
6221 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6222 return -1;
6223 }
6224 #endif /* CONFIG_GAS_SERVER */
6225
6226 #ifdef CONFIG_DPP
6227 if (wpas_dpp_init(wpa_s) < 0)
6228 return -1;
6229 #endif /* CONFIG_DPP */
6230
6231 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6232 return -1;
6233 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6234
6235 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6236 if (wpa_s->ctrl_iface == NULL) {
6237 wpa_printf(MSG_ERROR,
6238 "Failed to initialize control interface '%s'.\n"
6239 "You may have another wpa_supplicant process "
6240 "already running or the file was\n"
6241 "left by an unclean termination of wpa_supplicant "
6242 "in which case you will need\n"
6243 "to manually remove this file before starting "
6244 "wpa_supplicant again.\n",
6245 wpa_s->conf->ctrl_interface);
6246 return -1;
6247 }
6248
6249 wpa_s->gas = gas_query_init(wpa_s);
6250 if (wpa_s->gas == NULL) {
6251 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6252 return -1;
6253 }
6254
6255 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6256 wpa_s->p2p_mgmt) &&
6257 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
6258 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
6259 return -1;
6260 }
6261
6262 if (wpa_bss_init(wpa_s) < 0)
6263 return -1;
6264
6265 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6266 #ifdef CONFIG_MESH
6267 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6268 #endif /* CONFIG_MESH */
6269 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6270
6271 /*
6272 * Set Wake-on-WLAN triggers, if configured.
6273 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6274 * have effect anyway when the interface is down).
6275 */
6276 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6277 return -1;
6278
6279 #ifdef CONFIG_EAP_PROXY
6280 {
6281 size_t len;
6282 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6283 wpa_s->imsi, &len);
6284 if (wpa_s->mnc_len > 0) {
6285 wpa_s->imsi[len] = '\0';
6286 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6287 wpa_s->imsi, wpa_s->mnc_len);
6288 } else {
6289 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6290 }
6291 }
6292 #endif /* CONFIG_EAP_PROXY */
6293
6294 if (pcsc_reader_init(wpa_s) < 0)
6295 return -1;
6296
6297 if (wpas_init_ext_pw(wpa_s) < 0)
6298 return -1;
6299
6300 wpas_rrm_reset(wpa_s);
6301
6302 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6303
6304 #ifdef CONFIG_HS20
6305 hs20_init(wpa_s);
6306 #endif /* CONFIG_HS20 */
6307 #ifdef CONFIG_MBO
6308 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
6309 if ((wpa_s->conf->oce & OCE_STA) &&
6310 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6311 wpa_s->enable_oce = OCE_STA;
6312 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6313 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6314 /* TODO: Need to add STA-CFON support */
6315 wpa_printf(MSG_ERROR,
6316 "OCE STA-CFON feature is not yet supported");
6317 }
6318 }
6319 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6320 #endif /* CONFIG_MBO */
6321
6322 wpa_supplicant_set_default_scan_ies(wpa_s);
6323
6324 return 0;
6325 }
6326
6327
6328 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
6329 int notify, int terminate)
6330 {
6331 struct wpa_global *global = wpa_s->global;
6332 struct wpa_supplicant *iface, *prev;
6333
6334 if (wpa_s == wpa_s->parent)
6335 wpas_p2p_group_remove(wpa_s, "*");
6336
6337 iface = global->ifaces;
6338 while (iface) {
6339 if (iface->p2pdev == wpa_s)
6340 iface->p2pdev = iface->parent;
6341 if (iface == wpa_s || iface->parent != wpa_s) {
6342 iface = iface->next;
6343 continue;
6344 }
6345 wpa_printf(MSG_DEBUG,
6346 "Remove remaining child interface %s from parent %s",
6347 iface->ifname, wpa_s->ifname);
6348 prev = iface;
6349 iface = iface->next;
6350 wpa_supplicant_remove_iface(global, prev, terminate);
6351 }
6352
6353 wpa_s->disconnected = 1;
6354 if (wpa_s->drv_priv) {
6355 /* Don't deauthenticate if WoWLAN is enabled */
6356 if (!wpa_drv_get_wowlan(wpa_s)) {
6357 wpa_supplicant_deauthenticate(
6358 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6359
6360 wpa_drv_set_countermeasures(wpa_s, 0);
6361 wpa_clear_keys(wpa_s, NULL);
6362 } else {
6363 wpa_msg(wpa_s, MSG_INFO,
6364 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6365 }
6366 }
6367
6368 wpa_supplicant_cleanup(wpa_s);
6369 wpas_p2p_deinit_iface(wpa_s);
6370
6371 wpas_ctrl_radio_work_flush(wpa_s);
6372 radio_remove_interface(wpa_s);
6373
6374 #ifdef CONFIG_FST
6375 if (wpa_s->fst) {
6376 fst_detach(wpa_s->fst);
6377 wpa_s->fst = NULL;
6378 }
6379 if (wpa_s->received_mb_ies) {
6380 wpabuf_free(wpa_s->received_mb_ies);
6381 wpa_s->received_mb_ies = NULL;
6382 }
6383 #endif /* CONFIG_FST */
6384
6385 if (wpa_s->drv_priv)
6386 wpa_drv_deinit(wpa_s);
6387
6388 if (notify)
6389 wpas_notify_iface_removed(wpa_s);
6390
6391 if (terminate)
6392 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6393
6394 if (wpa_s->ctrl_iface) {
6395 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
6396 wpa_s->ctrl_iface = NULL;
6397 }
6398
6399 #ifdef CONFIG_MESH
6400 if (wpa_s->ifmsh) {
6401 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
6402 wpa_s->ifmsh = NULL;
6403 }
6404 #endif /* CONFIG_MESH */
6405
6406 if (wpa_s->conf != NULL) {
6407 wpa_config_free(wpa_s->conf);
6408 wpa_s->conf = NULL;
6409 }
6410
6411 os_free(wpa_s->ssids_from_scan_req);
6412 os_free(wpa_s->last_scan_freqs);
6413
6414 os_free(wpa_s);
6415 }
6416
6417
6418 #ifdef CONFIG_MATCH_IFACE
6419
6420 /**
6421 * wpa_supplicant_match_iface - Match an interface description to a name
6422 * @global: Pointer to global data from wpa_supplicant_init()
6423 * @ifname: Name of the interface to match
6424 * Returns: Pointer to the created interface description or %NULL on failure
6425 */
6426 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6427 const char *ifname)
6428 {
6429 int i;
6430 struct wpa_interface *iface, *miface;
6431
6432 for (i = 0; i < global->params.match_iface_count; i++) {
6433 miface = &global->params.match_ifaces[i];
6434 if (!miface->ifname ||
6435 fnmatch(miface->ifname, ifname, 0) == 0) {
6436 iface = os_zalloc(sizeof(*iface));
6437 if (!iface)
6438 return NULL;
6439 *iface = *miface;
6440 iface->ifname = ifname;
6441 return iface;
6442 }
6443 }
6444
6445 return NULL;
6446 }
6447
6448
6449 /**
6450 * wpa_supplicant_match_existing - Match existing interfaces
6451 * @global: Pointer to global data from wpa_supplicant_init()
6452 * Returns: 0 on success, -1 on failure
6453 */
6454 static int wpa_supplicant_match_existing(struct wpa_global *global)
6455 {
6456 struct if_nameindex *ifi, *ifp;
6457 struct wpa_supplicant *wpa_s;
6458 struct wpa_interface *iface;
6459
6460 ifp = if_nameindex();
6461 if (!ifp) {
6462 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6463 return -1;
6464 }
6465
6466 for (ifi = ifp; ifi->if_name; ifi++) {
6467 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6468 if (wpa_s)
6469 continue;
6470 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6471 if (iface) {
6472 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
6473 os_free(iface);
6474 if (wpa_s)
6475 wpa_s->matched = 1;
6476 }
6477 }
6478
6479 if_freenameindex(ifp);
6480 return 0;
6481 }
6482
6483 #endif /* CONFIG_MATCH_IFACE */
6484
6485
6486 /**
6487 * wpa_supplicant_add_iface - Add a new network interface
6488 * @global: Pointer to global data from wpa_supplicant_init()
6489 * @iface: Interface configuration options
6490 * @parent: Parent interface or %NULL to assign new interface as parent
6491 * Returns: Pointer to the created interface or %NULL on failure
6492 *
6493 * This function is used to add new network interfaces for %wpa_supplicant.
6494 * This can be called before wpa_supplicant_run() to add interfaces before the
6495 * main event loop has been started. In addition, new interfaces can be added
6496 * dynamically while %wpa_supplicant is already running. This could happen,
6497 * e.g., when a hotplug network adapter is inserted.
6498 */
6499 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
6500 struct wpa_interface *iface,
6501 struct wpa_supplicant *parent)
6502 {
6503 struct wpa_supplicant *wpa_s;
6504 struct wpa_interface t_iface;
6505 struct wpa_ssid *ssid;
6506
6507 if (global == NULL || iface == NULL)
6508 return NULL;
6509
6510 wpa_s = wpa_supplicant_alloc(parent);
6511 if (wpa_s == NULL)
6512 return NULL;
6513
6514 wpa_s->global = global;
6515
6516 t_iface = *iface;
6517 if (global->params.override_driver) {
6518 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6519 "('%s' -> '%s')",
6520 iface->driver, global->params.override_driver);
6521 t_iface.driver = global->params.override_driver;
6522 }
6523 if (global->params.override_ctrl_interface) {
6524 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6525 "ctrl_interface ('%s' -> '%s')",
6526 iface->ctrl_interface,
6527 global->params.override_ctrl_interface);
6528 t_iface.ctrl_interface =
6529 global->params.override_ctrl_interface;
6530 }
6531 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6532 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6533 iface->ifname);
6534 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6535 return NULL;
6536 }
6537
6538 if (iface->p2p_mgmt == 0) {
6539 /* Notify the control interfaces about new iface */
6540 if (wpas_notify_iface_added(wpa_s)) {
6541 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6542 return NULL;
6543 }
6544
6545 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6546 wpas_notify_network_added(wpa_s, ssid);
6547 }
6548
6549 wpa_s->next = global->ifaces;
6550 global->ifaces = wpa_s;
6551
6552 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
6553 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6554
6555 #ifdef CONFIG_P2P
6556 if (wpa_s->global->p2p == NULL &&
6557 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
6558 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
6559 wpas_p2p_add_p2pdev_interface(
6560 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
6561 wpa_printf(MSG_INFO,
6562 "P2P: Failed to enable P2P Device interface");
6563 /* Try to continue without. P2P will be disabled. */
6564 }
6565 #endif /* CONFIG_P2P */
6566
6567 return wpa_s;
6568 }
6569
6570
6571 /**
6572 * wpa_supplicant_remove_iface - Remove a network interface
6573 * @global: Pointer to global data from wpa_supplicant_init()
6574 * @wpa_s: Pointer to the network interface to be removed
6575 * Returns: 0 if interface was removed, -1 if interface was not found
6576 *
6577 * This function can be used to dynamically remove network interfaces from
6578 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6579 * addition, this function is used to remove all remaining interfaces when
6580 * %wpa_supplicant is terminated.
6581 */
6582 int wpa_supplicant_remove_iface(struct wpa_global *global,
6583 struct wpa_supplicant *wpa_s,
6584 int terminate)
6585 {
6586 struct wpa_supplicant *prev;
6587 #ifdef CONFIG_MESH
6588 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6589 char *ifname = NULL;
6590 struct wpa_supplicant *parent = wpa_s->parent;
6591 #endif /* CONFIG_MESH */
6592
6593 /* Remove interface from the global list of interfaces */
6594 prev = global->ifaces;
6595 if (prev == wpa_s) {
6596 global->ifaces = wpa_s->next;
6597 } else {
6598 while (prev && prev->next != wpa_s)
6599 prev = prev->next;
6600 if (prev == NULL)
6601 return -1;
6602 prev->next = wpa_s->next;
6603 }
6604
6605 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6606
6607 #ifdef CONFIG_MESH
6608 if (mesh_if_created) {
6609 ifname = os_strdup(wpa_s->ifname);
6610 if (ifname == NULL) {
6611 wpa_dbg(wpa_s, MSG_ERROR,
6612 "mesh: Failed to malloc ifname");
6613 return -1;
6614 }
6615 }
6616 #endif /* CONFIG_MESH */
6617
6618 if (global->p2p_group_formation == wpa_s)
6619 global->p2p_group_formation = NULL;
6620 if (global->p2p_invite_group == wpa_s)
6621 global->p2p_invite_group = NULL;
6622 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6623
6624 #ifdef CONFIG_MESH
6625 if (mesh_if_created) {
6626 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
6627 os_free(ifname);
6628 }
6629 #endif /* CONFIG_MESH */
6630
6631 return 0;
6632 }
6633
6634
6635 /**
6636 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6637 * @wpa_s: Pointer to the network interface
6638 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6639 */
6640 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
6641 {
6642 const char *eapol_method;
6643
6644 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
6645 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
6646 return "NO-EAP";
6647 }
6648
6649 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
6650 if (eapol_method == NULL)
6651 return "UNKNOWN-EAP";
6652
6653 return eapol_method;
6654 }
6655
6656
6657 /**
6658 * wpa_supplicant_get_iface - Get a new network interface
6659 * @global: Pointer to global data from wpa_supplicant_init()
6660 * @ifname: Interface name
6661 * Returns: Pointer to the interface or %NULL if not found
6662 */
6663 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
6664 const char *ifname)
6665 {
6666 struct wpa_supplicant *wpa_s;
6667
6668 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6669 if (os_strcmp(wpa_s->ifname, ifname) == 0)
6670 return wpa_s;
6671 }
6672 return NULL;
6673 }
6674
6675
6676 #ifndef CONFIG_NO_WPA_MSG
6677 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
6678 {
6679 struct wpa_supplicant *wpa_s = ctx;
6680 if (wpa_s == NULL)
6681 return NULL;
6682 return wpa_s->ifname;
6683 }
6684 #endif /* CONFIG_NO_WPA_MSG */
6685
6686
6687 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6688 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6689 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6690
6691 /* Periodic cleanup tasks */
6692 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
6693 {
6694 struct wpa_global *global = eloop_ctx;
6695 struct wpa_supplicant *wpa_s;
6696
6697 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6698 wpas_periodic, global, NULL);
6699
6700 #ifdef CONFIG_P2P
6701 if (global->p2p)
6702 p2p_expire_peers(global->p2p);
6703 #endif /* CONFIG_P2P */
6704
6705 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
6706 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
6707 #ifdef CONFIG_AP
6708 ap_periodic(wpa_s);
6709 #endif /* CONFIG_AP */
6710 }
6711 }
6712
6713
6714 /**
6715 * wpa_supplicant_init - Initialize %wpa_supplicant
6716 * @params: Parameters for %wpa_supplicant
6717 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6718 *
6719 * This function is used to initialize %wpa_supplicant. After successful
6720 * initialization, the returned data pointer can be used to add and remove
6721 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6722 */
6723 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
6724 {
6725 struct wpa_global *global;
6726 int ret, i;
6727
6728 if (params == NULL)
6729 return NULL;
6730
6731 #ifdef CONFIG_DRIVER_NDIS
6732 {
6733 void driver_ndis_init_ops(void);
6734 driver_ndis_init_ops();
6735 }
6736 #endif /* CONFIG_DRIVER_NDIS */
6737
6738 #ifndef CONFIG_NO_WPA_MSG
6739 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
6740 #endif /* CONFIG_NO_WPA_MSG */
6741
6742 if (params->wpa_debug_file_path)
6743 wpa_debug_open_file(params->wpa_debug_file_path);
6744 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
6745 wpa_debug_setup_stdout();
6746 if (params->wpa_debug_syslog)
6747 wpa_debug_open_syslog();
6748 if (params->wpa_debug_tracing) {
6749 ret = wpa_debug_open_linux_tracing();
6750 if (ret) {
6751 wpa_printf(MSG_ERROR,
6752 "Failed to enable trace logging");
6753 return NULL;
6754 }
6755 }
6756
6757 ret = eap_register_methods();
6758 if (ret) {
6759 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
6760 if (ret == -2)
6761 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
6762 "the same EAP type.");
6763 return NULL;
6764 }
6765
6766 global = os_zalloc(sizeof(*global));
6767 if (global == NULL)
6768 return NULL;
6769 dl_list_init(&global->p2p_srv_bonjour);
6770 dl_list_init(&global->p2p_srv_upnp);
6771 global->params.daemonize = params->daemonize;
6772 global->params.wait_for_monitor = params->wait_for_monitor;
6773 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
6774 if (params->pid_file)
6775 global->params.pid_file = os_strdup(params->pid_file);
6776 if (params->ctrl_interface)
6777 global->params.ctrl_interface =
6778 os_strdup(params->ctrl_interface);
6779 if (params->ctrl_interface_group)
6780 global->params.ctrl_interface_group =
6781 os_strdup(params->ctrl_interface_group);
6782 if (params->override_driver)
6783 global->params.override_driver =
6784 os_strdup(params->override_driver);
6785 if (params->override_ctrl_interface)
6786 global->params.override_ctrl_interface =
6787 os_strdup(params->override_ctrl_interface);
6788 #ifdef CONFIG_MATCH_IFACE
6789 global->params.match_iface_count = params->match_iface_count;
6790 if (params->match_iface_count) {
6791 global->params.match_ifaces =
6792 os_calloc(params->match_iface_count,
6793 sizeof(struct wpa_interface));
6794 os_memcpy(global->params.match_ifaces,
6795 params->match_ifaces,
6796 params->match_iface_count *
6797 sizeof(struct wpa_interface));
6798 }
6799 #endif /* CONFIG_MATCH_IFACE */
6800 #ifdef CONFIG_P2P
6801 if (params->conf_p2p_dev)
6802 global->params.conf_p2p_dev =
6803 os_strdup(params->conf_p2p_dev);
6804 #endif /* CONFIG_P2P */
6805 wpa_debug_level = global->params.wpa_debug_level =
6806 params->wpa_debug_level;
6807 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
6808 params->wpa_debug_show_keys;
6809 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
6810 params->wpa_debug_timestamp;
6811
6812 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
6813
6814 if (eloop_init()) {
6815 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
6816 wpa_supplicant_deinit(global);
6817 return NULL;
6818 }
6819
6820 random_init(params->entropy_file);
6821
6822 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
6823 if (global->ctrl_iface == NULL) {
6824 wpa_supplicant_deinit(global);
6825 return NULL;
6826 }
6827
6828 if (wpas_notify_supplicant_initialized(global)) {
6829 wpa_supplicant_deinit(global);
6830 return NULL;
6831 }
6832
6833 for (i = 0; wpa_drivers[i]; i++)
6834 global->drv_count++;
6835 if (global->drv_count == 0) {
6836 wpa_printf(MSG_ERROR, "No drivers enabled");
6837 wpa_supplicant_deinit(global);
6838 return NULL;
6839 }
6840 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
6841 if (global->drv_priv == NULL) {
6842 wpa_supplicant_deinit(global);
6843 return NULL;
6844 }
6845
6846 #ifdef CONFIG_WIFI_DISPLAY
6847 if (wifi_display_init(global) < 0) {
6848 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
6849 wpa_supplicant_deinit(global);
6850 return NULL;
6851 }
6852 #endif /* CONFIG_WIFI_DISPLAY */
6853
6854 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
6855 wpas_periodic, global, NULL);
6856
6857 return global;
6858 }
6859
6860
6861 /**
6862 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6863 * @global: Pointer to global data from wpa_supplicant_init()
6864 * Returns: 0 after successful event loop run, -1 on failure
6865 *
6866 * This function starts the main event loop and continues running as long as
6867 * there are any remaining events. In most cases, this function is running as
6868 * long as the %wpa_supplicant process in still in use.
6869 */
6870 int wpa_supplicant_run(struct wpa_global *global)
6871 {
6872 struct wpa_supplicant *wpa_s;
6873
6874 if (global->params.daemonize &&
6875 (wpa_supplicant_daemon(global->params.pid_file) ||
6876 eloop_sock_requeue()))
6877 return -1;
6878
6879 #ifdef CONFIG_MATCH_IFACE
6880 if (wpa_supplicant_match_existing(global))
6881 return -1;
6882 #endif
6883
6884 if (global->params.wait_for_monitor) {
6885 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
6886 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
6887 wpa_supplicant_ctrl_iface_wait(
6888 wpa_s->ctrl_iface);
6889 }
6890
6891 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
6892 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
6893
6894 eloop_run();
6895
6896 return 0;
6897 }
6898
6899
6900 /**
6901 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6902 * @global: Pointer to global data from wpa_supplicant_init()
6903 *
6904 * This function is called to deinitialize %wpa_supplicant and to free all
6905 * allocated resources. Remaining network interfaces will also be removed.
6906 */
6907 void wpa_supplicant_deinit(struct wpa_global *global)
6908 {
6909 int i;
6910
6911 if (global == NULL)
6912 return;
6913
6914 eloop_cancel_timeout(wpas_periodic, global, NULL);
6915
6916 #ifdef CONFIG_WIFI_DISPLAY
6917 wifi_display_deinit(global);
6918 #endif /* CONFIG_WIFI_DISPLAY */
6919
6920 while (global->ifaces)
6921 wpa_supplicant_remove_iface(global, global->ifaces, 1);
6922
6923 if (global->ctrl_iface)
6924 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
6925
6926 wpas_notify_supplicant_deinitialized(global);
6927
6928 eap_peer_unregister_methods();
6929 #ifdef CONFIG_AP
6930 eap_server_unregister_methods();
6931 #endif /* CONFIG_AP */
6932
6933 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
6934 if (!global->drv_priv[i])
6935 continue;
6936 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
6937 }
6938 os_free(global->drv_priv);
6939
6940 random_deinit();
6941
6942 eloop_destroy();
6943
6944 if (global->params.pid_file) {
6945 os_daemonize_terminate(global->params.pid_file);
6946 os_free(global->params.pid_file);
6947 }
6948 os_free(global->params.ctrl_interface);
6949 os_free(global->params.ctrl_interface_group);
6950 os_free(global->params.override_driver);
6951 os_free(global->params.override_ctrl_interface);
6952 #ifdef CONFIG_MATCH_IFACE
6953 os_free(global->params.match_ifaces);
6954 #endif /* CONFIG_MATCH_IFACE */
6955 #ifdef CONFIG_P2P
6956 os_free(global->params.conf_p2p_dev);
6957 #endif /* CONFIG_P2P */
6958
6959 os_free(global->p2p_disallow_freq.range);
6960 os_free(global->p2p_go_avoid_freq.range);
6961 os_free(global->add_psk);
6962
6963 os_free(global);
6964 wpa_debug_close_syslog();
6965 wpa_debug_close_file();
6966 wpa_debug_close_linux_tracing();
6967 }
6968
6969
6970 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
6971 {
6972 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
6973 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
6974 char country[3];
6975 country[0] = wpa_s->conf->country[0];
6976 country[1] = wpa_s->conf->country[1];
6977 country[2] = '\0';
6978 if (wpa_drv_set_country(wpa_s, country) < 0) {
6979 wpa_printf(MSG_ERROR, "Failed to set country code "
6980 "'%s'", country);
6981 }
6982 }
6983
6984 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
6985 wpas_init_ext_pw(wpa_s);
6986
6987 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
6988 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6989
6990 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
6991 struct wpa_driver_capa capa;
6992 int res = wpa_drv_get_capa(wpa_s, &capa);
6993
6994 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6995 wpa_printf(MSG_ERROR,
6996 "Failed to update wowlan_triggers to '%s'",
6997 wpa_s->conf->wowlan_triggers);
6998 }
6999
7000 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7001 wpa_supplicant_set_default_scan_ies(wpa_s);
7002
7003 #ifdef CONFIG_WPS
7004 wpas_wps_update_config(wpa_s);
7005 #endif /* CONFIG_WPS */
7006 wpas_p2p_update_config(wpa_s);
7007 wpa_s->conf->changed_parameters = 0;
7008 }
7009
7010
7011 void add_freq(int *freqs, int *num_freqs, int freq)
7012 {
7013 int i;
7014
7015 for (i = 0; i < *num_freqs; i++) {
7016 if (freqs[i] == freq)
7017 return;
7018 }
7019
7020 freqs[*num_freqs] = freq;
7021 (*num_freqs)++;
7022 }
7023
7024
7025 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7026 {
7027 struct wpa_bss *bss, *cbss;
7028 const int max_freqs = 10;
7029 int *freqs;
7030 int num_freqs = 0;
7031
7032 freqs = os_calloc(max_freqs + 1, sizeof(int));
7033 if (freqs == NULL)
7034 return NULL;
7035
7036 cbss = wpa_s->current_bss;
7037
7038 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7039 if (bss == cbss)
7040 continue;
7041 if (bss->ssid_len == cbss->ssid_len &&
7042 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7043 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
7044 add_freq(freqs, &num_freqs, bss->freq);
7045 if (num_freqs == max_freqs)
7046 break;
7047 }
7048 }
7049
7050 if (num_freqs == 0) {
7051 os_free(freqs);
7052 freqs = NULL;
7053 }
7054
7055 return freqs;
7056 }
7057
7058
7059 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7060 {
7061 int timeout;
7062 int count;
7063 int *freqs = NULL;
7064
7065 wpas_connect_work_done(wpa_s);
7066
7067 /*
7068 * Remove possible authentication timeout since the connection failed.
7069 */
7070 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7071
7072 /*
7073 * There is no point in blacklisting the AP if this event is
7074 * generated based on local request to disconnect.
7075 */
7076 if (wpa_s->own_disconnect_req) {
7077 wpa_s->own_disconnect_req = 0;
7078 wpa_dbg(wpa_s, MSG_DEBUG,
7079 "Ignore connection failure due to local request to disconnect");
7080 return;
7081 }
7082 if (wpa_s->disconnected) {
7083 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7084 "indication since interface has been put into "
7085 "disconnected state");
7086 return;
7087 }
7088
7089 /*
7090 * Add the failed BSSID into the blacklist and speed up next scan
7091 * attempt if there could be other APs that could accept association.
7092 * The current blacklist count indicates how many times we have tried
7093 * connecting to this AP and multiple attempts mean that other APs are
7094 * either not available or has already been tried, so that we can start
7095 * increasing the delay here to avoid constant scanning.
7096 */
7097 count = wpa_blacklist_add(wpa_s, bssid);
7098 if (count == 1 && wpa_s->current_bss) {
7099 /*
7100 * This BSS was not in the blacklist before. If there is
7101 * another BSS available for the same ESS, we should try that
7102 * next. Otherwise, we may as well try this one once more
7103 * before allowing other, likely worse, ESSes to be considered.
7104 */
7105 freqs = get_bss_freqs_in_ess(wpa_s);
7106 if (freqs) {
7107 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7108 "has been seen; try it next");
7109 wpa_blacklist_add(wpa_s, bssid);
7110 /*
7111 * On the next scan, go through only the known channels
7112 * used in this ESS based on previous scans to speed up
7113 * common load balancing use case.
7114 */
7115 os_free(wpa_s->next_scan_freqs);
7116 wpa_s->next_scan_freqs = freqs;
7117 }
7118 }
7119
7120 /*
7121 * Add previous failure count in case the temporary blacklist was
7122 * cleared due to no other BSSes being available.
7123 */
7124 count += wpa_s->extra_blacklist_count;
7125
7126 if (count > 3 && wpa_s->current_ssid) {
7127 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7128 "consider temporary network disabling");
7129 wpas_auth_failed(wpa_s, "CONN_FAILED");
7130 }
7131
7132 switch (count) {
7133 case 1:
7134 timeout = 100;
7135 break;
7136 case 2:
7137 timeout = 500;
7138 break;
7139 case 3:
7140 timeout = 1000;
7141 break;
7142 case 4:
7143 timeout = 5000;
7144 break;
7145 default:
7146 timeout = 10000;
7147 break;
7148 }
7149
7150 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
7151 "ms", count, timeout);
7152
7153 /*
7154 * TODO: if more than one possible AP is available in scan results,
7155 * could try the other ones before requesting a new scan.
7156 */
7157
7158 /* speed up the connection attempt with normal scan */
7159 wpa_s->normal_scans = 0;
7160 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7161 1000 * (timeout % 1000));
7162 }
7163
7164
7165 #ifdef CONFIG_FILS
7166 void fils_connection_failure(struct wpa_supplicant *wpa_s)
7167 {
7168 struct wpa_ssid *ssid = wpa_s->current_ssid;
7169 const u8 *realm, *username, *rrk;
7170 size_t realm_len, username_len, rrk_len;
7171 u16 next_seq_num;
7172
7173 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7174 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7175 &username, &username_len,
7176 &realm, &realm_len, &next_seq_num,
7177 &rrk, &rrk_len) != 0 ||
7178 !realm)
7179 return;
7180
7181 wpa_hexdump_ascii(MSG_DEBUG,
7182 "FILS: Store last connection failure realm",
7183 realm, realm_len);
7184 os_free(wpa_s->last_con_fail_realm);
7185 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7186 if (wpa_s->last_con_fail_realm) {
7187 wpa_s->last_con_fail_realm_len = realm_len;
7188 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7189 }
7190 }
7191 #endif /* CONFIG_FILS */
7192
7193
7194 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7195 {
7196 return wpa_s->conf->ap_scan == 2 ||
7197 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7198 }
7199
7200
7201 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
7202 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7203 struct wpa_ssid *ssid,
7204 const char *field,
7205 const char *value)
7206 {
7207 #ifdef IEEE8021X_EAPOL
7208 struct eap_peer_config *eap = &ssid->eap;
7209
7210 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7211 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7212 (const u8 *) value, os_strlen(value));
7213
7214 switch (wpa_supplicant_ctrl_req_from_string(field)) {
7215 case WPA_CTRL_REQ_EAP_IDENTITY:
7216 os_free(eap->identity);
7217 eap->identity = (u8 *) os_strdup(value);
7218 eap->identity_len = os_strlen(value);
7219 eap->pending_req_identity = 0;
7220 if (ssid == wpa_s->current_ssid)
7221 wpa_s->reassociate = 1;
7222 break;
7223 case WPA_CTRL_REQ_EAP_PASSWORD:
7224 bin_clear_free(eap->password, eap->password_len);
7225 eap->password = (u8 *) os_strdup(value);
7226 eap->password_len = os_strlen(value);
7227 eap->pending_req_password = 0;
7228 if (ssid == wpa_s->current_ssid)
7229 wpa_s->reassociate = 1;
7230 break;
7231 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
7232 bin_clear_free(eap->new_password, eap->new_password_len);
7233 eap->new_password = (u8 *) os_strdup(value);
7234 eap->new_password_len = os_strlen(value);
7235 eap->pending_req_new_password = 0;
7236 if (ssid == wpa_s->current_ssid)
7237 wpa_s->reassociate = 1;
7238 break;
7239 case WPA_CTRL_REQ_EAP_PIN:
7240 str_clear_free(eap->cert.pin);
7241 eap->cert.pin = os_strdup(value);
7242 eap->pending_req_pin = 0;
7243 if (ssid == wpa_s->current_ssid)
7244 wpa_s->reassociate = 1;
7245 break;
7246 case WPA_CTRL_REQ_EAP_OTP:
7247 bin_clear_free(eap->otp, eap->otp_len);
7248 eap->otp = (u8 *) os_strdup(value);
7249 eap->otp_len = os_strlen(value);
7250 os_free(eap->pending_req_otp);
7251 eap->pending_req_otp = NULL;
7252 eap->pending_req_otp_len = 0;
7253 break;
7254 case WPA_CTRL_REQ_EAP_PASSPHRASE:
7255 str_clear_free(eap->cert.private_key_passwd);
7256 eap->cert.private_key_passwd = os_strdup(value);
7257 eap->pending_req_passphrase = 0;
7258 if (ssid == wpa_s->current_ssid)
7259 wpa_s->reassociate = 1;
7260 break;
7261 case WPA_CTRL_REQ_SIM:
7262 str_clear_free(eap->external_sim_resp);
7263 eap->external_sim_resp = os_strdup(value);
7264 eap->pending_req_sim = 0;
7265 break;
7266 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7267 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7268 return -1;
7269 ssid->mem_only_psk = 1;
7270 if (ssid->passphrase)
7271 wpa_config_update_psk(ssid);
7272 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7273 wpa_supplicant_req_scan(wpa_s, 0, 0);
7274 break;
7275 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7276 if (eap->pending_ext_cert_check != PENDING_CHECK)
7277 return -1;
7278 if (os_strcmp(value, "good") == 0)
7279 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7280 else if (os_strcmp(value, "bad") == 0)
7281 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7282 else
7283 return -1;
7284 break;
7285 default:
7286 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
7287 return -1;
7288 }
7289
7290 return 0;
7291 #else /* IEEE8021X_EAPOL */
7292 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7293 return -1;
7294 #endif /* IEEE8021X_EAPOL */
7295 }
7296 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
7297
7298
7299 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7300 {
7301 int i;
7302 unsigned int drv_enc;
7303
7304 if (wpa_s->p2p_mgmt)
7305 return 1; /* no normal network profiles on p2p_mgmt interface */
7306
7307 if (ssid == NULL)
7308 return 1;
7309
7310 if (ssid->disabled)
7311 return 1;
7312
7313 if (wpa_s->drv_capa_known)
7314 drv_enc = wpa_s->drv_enc;
7315 else
7316 drv_enc = (unsigned int) -1;
7317
7318 for (i = 0; i < NUM_WEP_KEYS; i++) {
7319 size_t len = ssid->wep_key_len[i];
7320 if (len == 0)
7321 continue;
7322 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7323 continue;
7324 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7325 continue;
7326 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7327 continue;
7328 return 1; /* invalid WEP key */
7329 }
7330
7331 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
7332 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
7333 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
7334 !ssid->mem_only_psk)
7335 return 1;
7336
7337 return 0;
7338 }
7339
7340
7341 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7342 {
7343 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7344 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7345 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7346 /*
7347 * Driver does not support BIP -- ignore pmf=1 default
7348 * since the connection with PMF would fail and the
7349 * configuration does not require PMF to be enabled.
7350 */
7351 return NO_MGMT_FRAME_PROTECTION;
7352 }
7353
7354 if (ssid &&
7355 (ssid->key_mgmt &
7356 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7357 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7358 /*
7359 * Do not use the default PMF value for non-RSN networks
7360 * since PMF is available only with RSN and pmf=2
7361 * configuration would otherwise prevent connections to
7362 * all open networks.
7363 */
7364 return NO_MGMT_FRAME_PROTECTION;
7365 }
7366
7367 return wpa_s->conf->pmf;
7368 }
7369
7370 return ssid->ieee80211w;
7371 }
7372
7373
7374 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7375 {
7376 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7377 return 1;
7378 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7379 return 0;
7380 return -1;
7381 }
7382
7383
7384 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
7385 {
7386 struct wpa_ssid *ssid = wpa_s->current_ssid;
7387 int dur;
7388 struct os_reltime now;
7389
7390 if (ssid == NULL) {
7391 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7392 "SSID block");
7393 return;
7394 }
7395
7396 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7397 return;
7398
7399 ssid->auth_failures++;
7400
7401 #ifdef CONFIG_P2P
7402 if (ssid->p2p_group &&
7403 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7404 /*
7405 * Skip the wait time since there is a short timeout on the
7406 * connection to a P2P group.
7407 */
7408 return;
7409 }
7410 #endif /* CONFIG_P2P */
7411
7412 if (ssid->auth_failures > 50)
7413 dur = 300;
7414 else if (ssid->auth_failures > 10)
7415 dur = 120;
7416 else if (ssid->auth_failures > 5)
7417 dur = 90;
7418 else if (ssid->auth_failures > 3)
7419 dur = 60;
7420 else if (ssid->auth_failures > 2)
7421 dur = 30;
7422 else if (ssid->auth_failures > 1)
7423 dur = 20;
7424 else
7425 dur = 10;
7426
7427 if (ssid->auth_failures > 1 &&
7428 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7429 dur += os_random() % (ssid->auth_failures * 10);
7430
7431 os_get_reltime(&now);
7432 if (now.sec + dur <= ssid->disabled_until.sec)
7433 return;
7434
7435 ssid->disabled_until.sec = now.sec + dur;
7436
7437 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
7438 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
7439 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
7440 ssid->auth_failures, dur, reason);
7441 }
7442
7443
7444 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
7445 struct wpa_ssid *ssid, int clear_failures)
7446 {
7447 if (ssid == NULL)
7448 return;
7449
7450 if (ssid->disabled_until.sec) {
7451 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
7452 "id=%d ssid=\"%s\"",
7453 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
7454 }
7455 ssid->disabled_until.sec = 0;
7456 ssid->disabled_until.usec = 0;
7457 if (clear_failures)
7458 ssid->auth_failures = 0;
7459 }
7460
7461
7462 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
7463 {
7464 size_t i;
7465
7466 if (wpa_s->disallow_aps_bssid == NULL)
7467 return 0;
7468
7469 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
7470 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
7471 bssid, ETH_ALEN) == 0)
7472 return 1;
7473 }
7474
7475 return 0;
7476 }
7477
7478
7479 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7480 size_t ssid_len)
7481 {
7482 size_t i;
7483
7484 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7485 return 0;
7486
7487 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7488 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7489 if (ssid_len == s->ssid_len &&
7490 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7491 return 1;
7492 }
7493
7494 return 0;
7495 }
7496
7497
7498 /**
7499 * wpas_request_connection - Request a new connection
7500 * @wpa_s: Pointer to the network interface
7501 *
7502 * This function is used to request a new connection to be found. It will mark
7503 * the interface to allow reassociation and request a new scan to find a
7504 * suitable network to connect to.
7505 */
7506 void wpas_request_connection(struct wpa_supplicant *wpa_s)
7507 {
7508 wpa_s->normal_scans = 0;
7509 wpa_s->scan_req = NORMAL_SCAN_REQ;
7510 wpa_supplicant_reinit_autoscan(wpa_s);
7511 wpa_s->extra_blacklist_count = 0;
7512 wpa_s->disconnected = 0;
7513 wpa_s->reassociate = 1;
7514 wpa_s->last_owe_group = 0;
7515
7516 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7517 wpa_supplicant_req_scan(wpa_s, 0, 0);
7518 else
7519 wpa_s->reattach = 0;
7520 }
7521
7522
7523 /**
7524 * wpas_request_disconnection - Request disconnection
7525 * @wpa_s: Pointer to the network interface
7526 *
7527 * This function is used to request disconnection from the currently connected
7528 * network. This will stop any ongoing scans and initiate deauthentication.
7529 */
7530 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7531 {
7532 #ifdef CONFIG_SME
7533 wpa_s->sme.prev_bssid_set = 0;
7534 #endif /* CONFIG_SME */
7535 wpa_s->reassociate = 0;
7536 wpa_s->disconnected = 1;
7537 wpa_supplicant_cancel_sched_scan(wpa_s);
7538 wpa_supplicant_cancel_scan(wpa_s);
7539 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7540 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
7541 radio_remove_works(wpa_s, "connect", 0);
7542 radio_remove_works(wpa_s, "sme-connect", 0);
7543 }
7544
7545
7546 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7547 struct wpa_used_freq_data *freqs_data,
7548 unsigned int len)
7549 {
7550 unsigned int i;
7551
7552 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7553 len, title);
7554 for (i = 0; i < len; i++) {
7555 struct wpa_used_freq_data *cur = &freqs_data[i];
7556 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7557 i, cur->freq, cur->flags);
7558 }
7559 }
7560
7561
7562 /*
7563 * Find the operating frequencies of any of the virtual interfaces that
7564 * are using the same radio as the current interface, and in addition, get
7565 * information about the interface types that are using the frequency.
7566 */
7567 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7568 struct wpa_used_freq_data *freqs_data,
7569 unsigned int len)
7570 {
7571 struct wpa_supplicant *ifs;
7572 u8 bssid[ETH_ALEN];
7573 int freq;
7574 unsigned int idx = 0, i;
7575
7576 wpa_dbg(wpa_s, MSG_DEBUG,
7577 "Determining shared radio frequencies (max len %u)", len);
7578 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
7579
7580 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
7581 radio_list) {
7582 if (idx == len)
7583 break;
7584
7585 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
7586 continue;
7587
7588 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
7589 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
7590 ifs->current_ssid->mode == WPAS_MODE_MESH)
7591 freq = ifs->current_ssid->frequency;
7592 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
7593 freq = ifs->assoc_freq;
7594 else
7595 continue;
7596
7597 /* Hold only distinct freqs */
7598 for (i = 0; i < idx; i++)
7599 if (freqs_data[i].freq == freq)
7600 break;
7601
7602 if (i == idx)
7603 freqs_data[idx++].freq = freq;
7604
7605 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
7606 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
7607 WPA_FREQ_USED_BY_P2P_CLIENT :
7608 WPA_FREQ_USED_BY_INFRA_STATION;
7609 }
7610 }
7611
7612 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
7613 return idx;
7614 }
7615
7616
7617 /*
7618 * Find the operating frequencies of any of the virtual interfaces that
7619 * are using the same radio as the current interface.
7620 */
7621 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
7622 int *freq_array, unsigned int len)
7623 {
7624 struct wpa_used_freq_data *freqs_data;
7625 int num, i;
7626
7627 os_memset(freq_array, 0, sizeof(int) * len);
7628
7629 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
7630 if (!freqs_data)
7631 return -1;
7632
7633 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
7634 for (i = 0; i < num; i++)
7635 freq_array[i] = freqs_data[i].freq;
7636
7637 os_free(freqs_data);
7638
7639 return num;
7640 }
7641
7642
7643 struct wpa_supplicant *
7644 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
7645 {
7646 switch (frame) {
7647 #ifdef CONFIG_P2P
7648 case VENDOR_ELEM_PROBE_REQ_P2P:
7649 case VENDOR_ELEM_PROBE_RESP_P2P:
7650 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
7651 case VENDOR_ELEM_BEACON_P2P_GO:
7652 case VENDOR_ELEM_P2P_PD_REQ:
7653 case VENDOR_ELEM_P2P_PD_RESP:
7654 case VENDOR_ELEM_P2P_GO_NEG_REQ:
7655 case VENDOR_ELEM_P2P_GO_NEG_RESP:
7656 case VENDOR_ELEM_P2P_GO_NEG_CONF:
7657 case VENDOR_ELEM_P2P_INV_REQ:
7658 case VENDOR_ELEM_P2P_INV_RESP:
7659 case VENDOR_ELEM_P2P_ASSOC_REQ:
7660 case VENDOR_ELEM_P2P_ASSOC_RESP:
7661 return wpa_s->p2pdev;
7662 #endif /* CONFIG_P2P */
7663 default:
7664 return wpa_s;
7665 }
7666 }
7667
7668
7669 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
7670 {
7671 unsigned int i;
7672 char buf[30];
7673
7674 wpa_printf(MSG_DEBUG, "Update vendor elements");
7675
7676 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
7677 if (wpa_s->vendor_elem[i]) {
7678 int res;
7679
7680 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
7681 if (!os_snprintf_error(sizeof(buf), res)) {
7682 wpa_hexdump_buf(MSG_DEBUG, buf,
7683 wpa_s->vendor_elem[i]);
7684 }
7685 }
7686 }
7687
7688 #ifdef CONFIG_P2P
7689 if (wpa_s->parent == wpa_s &&
7690 wpa_s->global->p2p &&
7691 !wpa_s->global->p2p_disabled)
7692 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
7693 #endif /* CONFIG_P2P */
7694 }
7695
7696
7697 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
7698 const u8 *elem, size_t len)
7699 {
7700 u8 *ie, *end;
7701
7702 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
7703 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
7704
7705 for (; ie + 1 < end; ie += 2 + ie[1]) {
7706 if (ie + len > end)
7707 break;
7708 if (os_memcmp(ie, elem, len) != 0)
7709 continue;
7710
7711 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
7712 wpabuf_free(wpa_s->vendor_elem[frame]);
7713 wpa_s->vendor_elem[frame] = NULL;
7714 } else {
7715 os_memmove(ie, ie + len, end - (ie + len));
7716 wpa_s->vendor_elem[frame]->used -= len;
7717 }
7718 wpas_vendor_elem_update(wpa_s);
7719 return 0;
7720 }
7721
7722 return -1;
7723 }
7724
7725
7726 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
7727 u16 num_modes, enum hostapd_hw_mode mode)
7728 {
7729 u16 i;
7730
7731 for (i = 0; i < num_modes; i++) {
7732 if (modes[i].mode == mode)
7733 return &modes[i];
7734 }
7735
7736 return NULL;
7737 }
7738
7739
7740 static struct
7741 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
7742 const u8 *bssid)
7743 {
7744 struct wpa_bss_tmp_disallowed *bss;
7745
7746 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
7747 struct wpa_bss_tmp_disallowed, list) {
7748 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
7749 return bss;
7750 }
7751
7752 return NULL;
7753 }
7754
7755
7756 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
7757 {
7758 struct wpa_bss_tmp_disallowed *tmp;
7759 unsigned int num_bssid = 0;
7760 u8 *bssids;
7761 int ret;
7762
7763 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
7764 if (!bssids)
7765 return -1;
7766 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7767 struct wpa_bss_tmp_disallowed, list) {
7768 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
7769 ETH_ALEN);
7770 num_bssid++;
7771 }
7772 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids);
7773 os_free(bssids);
7774 return ret;
7775 }
7776
7777
7778 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
7779 {
7780 struct wpa_supplicant *wpa_s = eloop_ctx;
7781 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
7782
7783 /* Make sure the bss is not already freed */
7784 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
7785 struct wpa_bss_tmp_disallowed, list) {
7786 if (bss == tmp) {
7787 dl_list_del(&tmp->list);
7788 os_free(tmp);
7789 wpa_set_driver_tmp_disallow_list(wpa_s);
7790 break;
7791 }
7792 }
7793 }
7794
7795
7796 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
7797 unsigned int sec, int rssi_threshold)
7798 {
7799 struct wpa_bss_tmp_disallowed *bss;
7800
7801 bss = wpas_get_disallowed_bss(wpa_s, bssid);
7802 if (bss) {
7803 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
7804 goto finish;
7805 }
7806
7807 bss = os_malloc(sizeof(*bss));
7808 if (!bss) {
7809 wpa_printf(MSG_DEBUG,
7810 "Failed to allocate memory for temp disallow BSS");
7811 return;
7812 }
7813
7814 os_memcpy(bss->bssid, bssid, ETH_ALEN);
7815 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
7816 wpa_set_driver_tmp_disallow_list(wpa_s);
7817
7818 finish:
7819 bss->rssi_threshold = rssi_threshold;
7820 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
7821 wpa_s, bss);
7822 }
7823
7824
7825 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
7826 struct wpa_bss *bss)
7827 {
7828 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
7829
7830 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
7831 struct wpa_bss_tmp_disallowed, list) {
7832 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
7833 disallowed = tmp;
7834 break;
7835 }
7836 }
7837 if (!disallowed)
7838 return 0;
7839
7840 if (disallowed->rssi_threshold != 0 &&
7841 bss->level > disallowed->rssi_threshold)
7842 return 0;
7843
7844 return 1;
7845 }
7846
7847
7848 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7849 unsigned int type, const u8 *addr,
7850 const u8 *mask)
7851 {
7852 if ((addr && !mask) || (!addr && mask)) {
7853 wpa_printf(MSG_INFO,
7854 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7855 return -1;
7856 }
7857
7858 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
7859 wpa_printf(MSG_INFO,
7860 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7861 return -1;
7862 }
7863
7864 if (type & MAC_ADDR_RAND_SCAN) {
7865 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
7866 addr, mask))
7867 return -1;
7868 }
7869
7870 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
7871 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
7872 addr, mask))
7873 return -1;
7874
7875 if (wpa_s->sched_scanning && !wpa_s->pno)
7876 wpas_scan_restart_sched_scan(wpa_s);
7877 }
7878
7879 if (type & MAC_ADDR_RAND_PNO) {
7880 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
7881 addr, mask))
7882 return -1;
7883
7884 if (wpa_s->pno) {
7885 wpas_stop_pno(wpa_s);
7886 wpas_start_pno(wpa_s);
7887 }
7888 }
7889
7890 return 0;
7891 }
7892
7893
7894 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
7895 unsigned int type)
7896 {
7897 wpas_mac_addr_rand_scan_clear(wpa_s, type);
7898 if (wpa_s->pno) {
7899 if (type & MAC_ADDR_RAND_PNO) {
7900 wpas_stop_pno(wpa_s);
7901 wpas_start_pno(wpa_s);
7902 }
7903 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
7904 wpas_scan_restart_sched_scan(wpa_s);
7905 }
7906
7907 return 0;
7908 }
7909
7910
7911 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
7912 struct wpa_signal_info *si)
7913 {
7914 int res;
7915
7916 if (!wpa_s->driver->signal_poll)
7917 return -1;
7918
7919 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
7920
7921 #ifdef CONFIG_TESTING_OPTIONS
7922 if (res == 0) {
7923 struct driver_signal_override *dso;
7924
7925 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7926 struct driver_signal_override, list) {
7927 if (os_memcmp(wpa_s->bssid, dso->bssid,
7928 ETH_ALEN) != 0)
7929 continue;
7930 wpa_printf(MSG_DEBUG,
7931 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
7932 si->current_signal,
7933 dso->si_current_signal,
7934 si->avg_signal,
7935 dso->si_avg_signal,
7936 si->avg_beacon_signal,
7937 dso->si_avg_beacon_signal,
7938 si->current_noise,
7939 dso->si_current_noise);
7940 si->current_signal = dso->si_current_signal;
7941 si->avg_signal = dso->si_avg_signal;
7942 si->avg_beacon_signal = dso->si_avg_beacon_signal;
7943 si->current_noise = dso->si_current_noise;
7944 break;
7945 }
7946 }
7947 #endif /* CONFIG_TESTING_OPTIONS */
7948
7949 return res;
7950 }
7951
7952
7953 struct wpa_scan_results *
7954 wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
7955 {
7956 struct wpa_scan_results *scan_res;
7957 #ifdef CONFIG_TESTING_OPTIONS
7958 size_t idx;
7959 #endif /* CONFIG_TESTING_OPTIONS */
7960
7961 if (!wpa_s->driver->get_scan_results2)
7962 return NULL;
7963
7964 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
7965
7966 #ifdef CONFIG_TESTING_OPTIONS
7967 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
7968 struct driver_signal_override *dso;
7969 struct wpa_scan_res *res = scan_res->res[idx];
7970
7971 dl_list_for_each(dso, &wpa_s->drv_signal_override,
7972 struct driver_signal_override, list) {
7973 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
7974 continue;
7975 wpa_printf(MSG_DEBUG,
7976 "Override driver scan signal level %d->%d for "
7977 MACSTR,
7978 res->level, dso->scan_level,
7979 MAC2STR(res->bssid));
7980 res->flags |= WPA_SCAN_QUAL_INVALID;
7981 if (dso->scan_level < 0)
7982 res->flags |= WPA_SCAN_LEVEL_DBM;
7983 else
7984 res->flags &= ~WPA_SCAN_LEVEL_DBM;
7985 res->level = dso->scan_level;
7986 break;
7987 }
7988 }
7989 #endif /* CONFIG_TESTING_OPTIONS */
7990
7991 return scan_res;
7992 }
Unnamed repository; edit this file 'description' to name the repository.