3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
46 #include "blacklist.h"
47 #include "wpas_glue.h"
48 #include "wps_supplicant.h"
51 #include "gas_query.h"
53 #include "p2p_supplicant.h"
54 #include "wifi_display.h"
60 #include "offchannel.h"
61 #include "hs20_supplicant.h"
65 #include "dpp_supplicant.h"
67 #include "ap/ap_config.h"
68 #include "ap/hostapd.h"
69 #endif /* CONFIG_MESH */
71 const char *const wpa_supplicant_version
=
72 "wpa_supplicant v" VERSION_STR
"\n"
73 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
75 const char *const wpa_supplicant_license
=
76 "This software may be distributed under the terms of the BSD license.\n"
77 "See README for more details.\n"
78 #ifdef EAP_TLS_OPENSSL
79 "\nThis product includes software developed by the OpenSSL Project\n"
80 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81 #endif /* EAP_TLS_OPENSSL */
84 #ifndef CONFIG_NO_STDOUT_DEBUG
85 /* Long text divided into parts in order to fit in C89 strings size limits. */
86 const char *const wpa_supplicant_full_license1
=
88 const char *const wpa_supplicant_full_license2
=
89 "This software may be distributed under the terms of the BSD license.\n"
91 "Redistribution and use in source and binary forms, with or without\n"
92 "modification, are permitted provided that the following conditions are\n"
95 const char *const wpa_supplicant_full_license3
=
96 "1. Redistributions of source code must retain the above copyright\n"
97 " notice, this list of conditions and the following disclaimer.\n"
99 "2. Redistributions in binary form must reproduce the above copyright\n"
100 " notice, this list of conditions and the following disclaimer in the\n"
101 " documentation and/or other materials provided with the distribution.\n"
103 const char *const wpa_supplicant_full_license4
=
104 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105 " names of its contributors may be used to endorse or promote products\n"
106 " derived from this software without specific prior written permission.\n"
108 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
112 const char *const wpa_supplicant_full_license5
=
113 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
121 #endif /* CONFIG_NO_STDOUT_DEBUG */
124 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
125 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
127 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
129 static void wpas_update_owe_connect_params(struct wpa_supplicant
*wpa_s
);
130 #endif /* CONFIG_OWE */
133 /* Configure default/group WEP keys for static WEP */
134 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
138 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
139 if (ssid
->wep_key_len
[i
] == 0)
143 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
144 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
145 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
152 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
153 struct wpa_ssid
*ssid
)
161 /* IBSS/WPA-None uses only one key (Group) for both receiving and
162 * sending unicast and multicast packets. */
164 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
165 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
166 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
170 if (!ssid
->psk_set
) {
171 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
176 switch (wpa_s
->group_cipher
) {
177 case WPA_CIPHER_CCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_GCMP
:
183 os_memcpy(key
, ssid
->psk
, 16);
187 case WPA_CIPHER_TKIP
:
188 /* WPA-None uses the same Michael MIC key for both TX and RX */
189 os_memcpy(key
, ssid
->psk
, 16 + 8);
190 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
195 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
196 "WPA-None", wpa_s
->group_cipher
);
200 /* TODO: should actually remember the previously used seq#, both for TX
201 * and RX from each STA.. */
203 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
204 os_memset(key
, 0, sizeof(key
));
209 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
211 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
212 const u8
*bssid
= wpa_s
->bssid
;
213 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
214 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
215 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
216 bssid
= wpa_s
->pending_bssid
;
217 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
219 wpa_blacklist_add(wpa_s
, bssid
);
220 wpa_sm_notify_disassoc(wpa_s
->wpa
);
221 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
222 wpa_s
->reassociate
= 1;
225 * If we timed out, the AP or the local radio may be busy.
226 * So, wait a second until scanning again.
228 wpa_supplicant_req_scan(wpa_s
, 1, 0);
233 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
234 * @wpa_s: Pointer to wpa_supplicant data
235 * @sec: Number of seconds after which to time out authentication
236 * @usec: Number of microseconds after which to time out authentication
238 * This function is used to schedule a timeout for the current authentication
241 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
244 if (wpa_s
->conf
->ap_scan
== 0 &&
245 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
248 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
249 "%d usec", sec
, usec
);
250 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
251 wpa_s
->last_auth_timeout_sec
= sec
;
252 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
257 * wpas_auth_timeout_restart - Restart and change timeout for authentication
258 * @wpa_s: Pointer to wpa_supplicant data
259 * @sec_diff: difference in seconds applied to original timeout value
261 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
263 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
265 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
266 wpa_dbg(wpa_s
, MSG_DEBUG
,
267 "Authentication timeout restart: %d sec", new_sec
);
268 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
269 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
276 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
277 * @wpa_s: Pointer to wpa_supplicant data
279 * This function is used to cancel authentication timeout scheduled with
280 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
283 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
285 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
286 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
287 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
288 os_free(wpa_s
->last_con_fail_realm
);
289 wpa_s
->last_con_fail_realm
= NULL
;
290 wpa_s
->last_con_fail_realm_len
= 0;
295 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
296 * @wpa_s: Pointer to wpa_supplicant data
298 * This function is used to configure EAPOL state machine based on the selected
299 * authentication mode.
301 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
303 #ifdef IEEE8021X_EAPOL
304 struct eapol_config eapol_conf
;
305 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
307 #ifdef CONFIG_IBSS_RSN
308 if (ssid
->mode
== WPAS_MODE_IBSS
&&
309 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
310 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
312 * RSN IBSS authentication is per-STA and we can disable the
313 * per-BSSID EAPOL authentication.
315 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
316 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
317 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 #endif /* CONFIG_IBSS_RSN */
322 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
323 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
325 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
326 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
327 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
329 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
331 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
332 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
333 eapol_conf
.accept_802_1x_keys
= 1;
334 eapol_conf
.required_keys
= 0;
335 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
336 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
338 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
339 eapol_conf
.required_keys
|=
340 EAPOL_REQUIRE_KEY_BROADCAST
;
343 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
344 eapol_conf
.required_keys
= 0;
346 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
347 eapol_conf
.workaround
= ssid
->eap_workaround
;
348 eapol_conf
.eap_disabled
=
349 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
350 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
351 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
352 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
355 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
356 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
357 if (wpa_s
->current_bss
) {
359 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
364 EAPOL_PEER_IS_WPS20_AP
;
369 #endif /* CONFIG_WPS */
371 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
374 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
375 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
377 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
378 #endif /* CONFIG_MACSEC */
379 #endif /* IEEE8021X_EAPOL */
384 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
385 * @wpa_s: Pointer to wpa_supplicant data
386 * @ssid: Configuration data for the network
388 * This function is used to configure WPA state machine and related parameters
389 * to a mode where WPA is not enabled. This is called as part of the
390 * authentication configuration when the selected network does not use WPA.
392 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
393 struct wpa_ssid
*ssid
)
397 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
398 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
399 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
400 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
402 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
403 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
404 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
405 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
406 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
407 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
408 wpa_s
->mgmt_group_cipher
= 0;
410 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
411 if (ssid
->wep_key_len
[i
] > 5) {
412 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
413 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
415 } else if (ssid
->wep_key_len
[i
] > 0) {
416 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
417 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
422 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
424 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
425 wpa_s
->pairwise_cipher
);
426 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
427 #ifdef CONFIG_IEEE80211W
428 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
429 wpa_s
->mgmt_group_cipher
);
430 #endif /* CONFIG_IEEE80211W */
432 pmksa_cache_clear_current(wpa_s
->wpa
);
436 void free_hw_features(struct wpa_supplicant
*wpa_s
)
439 if (wpa_s
->hw
.modes
== NULL
)
442 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
443 os_free(wpa_s
->hw
.modes
[i
].channels
);
444 os_free(wpa_s
->hw
.modes
[i
].rates
);
447 os_free(wpa_s
->hw
.modes
);
448 wpa_s
->hw
.modes
= NULL
;
452 void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
454 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
456 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
457 struct wpa_bss_tmp_disallowed
, list
) {
458 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
459 dl_list_del(&bss
->list
);
465 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
467 struct fils_hlp_req
*req
;
469 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
471 dl_list_del(&req
->list
);
472 wpabuf_free(req
->pkt
);
478 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
482 bgscan_deinit(wpa_s
);
483 autoscan_deinit(wpa_s
);
484 scard_deinit(wpa_s
->scard
);
486 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
487 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
488 l2_packet_deinit(wpa_s
->l2
);
491 l2_packet_deinit(wpa_s
->l2_br
);
494 #ifdef CONFIG_TESTING_OPTIONS
495 l2_packet_deinit(wpa_s
->l2_test
);
496 wpa_s
->l2_test
= NULL
;
497 os_free(wpa_s
->get_pref_freq_list_override
);
498 wpa_s
->get_pref_freq_list_override
= NULL
;
499 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
500 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
501 #endif /* CONFIG_TESTING_OPTIONS */
503 if (wpa_s
->conf
!= NULL
) {
504 struct wpa_ssid
*ssid
;
505 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
506 wpas_notify_network_removed(wpa_s
, ssid
);
509 os_free(wpa_s
->confname
);
510 wpa_s
->confname
= NULL
;
512 os_free(wpa_s
->confanother
);
513 wpa_s
->confanother
= NULL
;
515 os_free(wpa_s
->last_con_fail_realm
);
516 wpa_s
->last_con_fail_realm
= NULL
;
517 wpa_s
->last_con_fail_realm_len
= 0;
519 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
520 eapol_sm_deinit(wpa_s
->eapol
);
523 rsn_preauth_deinit(wpa_s
->wpa
);
526 wpa_tdls_deinit(wpa_s
->wpa
);
527 #endif /* CONFIG_TDLS */
529 wmm_ac_clear_saved_tspecs(wpa_s
);
530 pmksa_candidate_free(wpa_s
->wpa
);
531 wpa_sm_deinit(wpa_s
->wpa
);
533 wpa_blacklist_clear(wpa_s
);
535 wpa_bss_deinit(wpa_s
);
537 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
538 wpa_supplicant_cancel_scan(wpa_s
);
539 wpa_supplicant_cancel_auth_timeout(wpa_s
);
540 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
541 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
542 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
544 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
546 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
548 wpas_wps_deinit(wpa_s
);
550 wpabuf_free(wpa_s
->pending_eapol_rx
);
551 wpa_s
->pending_eapol_rx
= NULL
;
553 #ifdef CONFIG_IBSS_RSN
554 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
555 wpa_s
->ibss_rsn
= NULL
;
556 #endif /* CONFIG_IBSS_RSN */
561 wpa_supplicant_ap_deinit(wpa_s
);
562 #endif /* CONFIG_AP */
564 wpas_p2p_deinit(wpa_s
);
566 #ifdef CONFIG_OFFCHANNEL
567 offchannel_deinit(wpa_s
);
568 #endif /* CONFIG_OFFCHANNEL */
570 wpa_supplicant_cancel_sched_scan(wpa_s
);
572 os_free(wpa_s
->next_scan_freqs
);
573 wpa_s
->next_scan_freqs
= NULL
;
575 os_free(wpa_s
->manual_scan_freqs
);
576 wpa_s
->manual_scan_freqs
= NULL
;
577 os_free(wpa_s
->select_network_scan_freqs
);
578 wpa_s
->select_network_scan_freqs
= NULL
;
580 os_free(wpa_s
->manual_sched_scan_freqs
);
581 wpa_s
->manual_sched_scan_freqs
= NULL
;
583 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
586 * Need to remove any pending gas-query radio work before the
587 * gas_query_deinit() call because gas_query::work has not yet been set
588 * for works that have not been started. gas_query_free() will be unable
589 * to cancel such pending radio works and once the pending gas-query
590 * radio work eventually gets removed, the deinit notification call to
591 * gas_query_start_cb() would result in dereferencing freed memory.
594 radio_remove_works(wpa_s
, "gas-query", 0);
595 gas_query_deinit(wpa_s
->gas
);
597 gas_server_deinit(wpa_s
->gas_server
);
598 wpa_s
->gas_server
= NULL
;
600 free_hw_features(wpa_s
);
602 ieee802_1x_dealloc_kay_sm(wpa_s
);
604 os_free(wpa_s
->bssid_filter
);
605 wpa_s
->bssid_filter
= NULL
;
607 os_free(wpa_s
->disallow_aps_bssid
);
608 wpa_s
->disallow_aps_bssid
= NULL
;
609 os_free(wpa_s
->disallow_aps_ssid
);
610 wpa_s
->disallow_aps_ssid
= NULL
;
612 wnm_bss_keep_alive_deinit(wpa_s
);
614 wnm_deallocate_memory(wpa_s
);
615 #endif /* CONFIG_WNM */
617 ext_password_deinit(wpa_s
->ext_pw
);
618 wpa_s
->ext_pw
= NULL
;
620 wpabuf_free(wpa_s
->last_gas_resp
);
621 wpa_s
->last_gas_resp
= NULL
;
622 wpabuf_free(wpa_s
->prev_gas_resp
);
623 wpa_s
->prev_gas_resp
= NULL
;
625 os_free(wpa_s
->last_scan_res
);
626 wpa_s
->last_scan_res
= NULL
;
630 wpa_drv_configure_frame_filters(wpa_s
, 0);
632 #endif /* CONFIG_HS20 */
634 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
635 wpabuf_free(wpa_s
->vendor_elem
[i
]);
636 wpa_s
->vendor_elem
[i
] = NULL
;
639 wmm_ac_notify_disassoc(wpa_s
);
641 wpa_s
->sched_scan_plans_num
= 0;
642 os_free(wpa_s
->sched_scan_plans
);
643 wpa_s
->sched_scan_plans
= NULL
;
646 wpa_s
->non_pref_chan_num
= 0;
647 os_free(wpa_s
->non_pref_chan
);
648 wpa_s
->non_pref_chan
= NULL
;
649 #endif /* CONFIG_MBO */
651 free_bss_tmp_disallowed(wpa_s
);
653 wpabuf_free(wpa_s
->lci
);
655 wpas_clear_beacon_rep_data(wpa_s
);
657 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
660 struct external_pmksa_cache
*entry
;
662 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
663 struct external_pmksa_cache
,
665 dl_list_del(&entry
->list
);
666 os_free(entry
->pmksa_cache
);
670 #endif /* CONFIG_MESH */
671 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
673 wpas_flush_fils_hlp_req(wpa_s
);
675 wpabuf_free(wpa_s
->ric_ies
);
676 wpa_s
->ric_ies
= NULL
;
679 wpas_dpp_deinit(wpa_s
);
680 dpp_global_deinit(wpa_s
->dpp
);
682 #endif /* CONFIG_DPP */
687 * wpa_clear_keys - Clear keys configured for the driver
688 * @wpa_s: Pointer to wpa_supplicant data
689 * @addr: Previously used BSSID or %NULL if not available
691 * This function clears the encryption keys that has been previously configured
694 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
698 #ifdef CONFIG_IEEE80211W
700 #else /* CONFIG_IEEE80211W */
702 #endif /* CONFIG_IEEE80211W */
704 /* MLME-DELETEKEYS.request */
705 for (i
= 0; i
< max
; i
++) {
706 if (wpa_s
->keys_cleared
& BIT(i
))
708 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
711 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
712 !is_zero_ether_addr(addr
)) {
713 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
715 /* MLME-SETPROTECTION.request(None) */
716 wpa_drv_mlme_setprotection(
718 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
719 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
721 wpa_s
->keys_cleared
= (u32
) -1;
726 * wpa_supplicant_state_txt - Get the connection state name as a text string
727 * @state: State (wpa_state; WPA_*)
728 * Returns: The state name as a printable text string
730 const char * wpa_supplicant_state_txt(enum wpa_states state
)
733 case WPA_DISCONNECTED
:
734 return "DISCONNECTED";
737 case WPA_INTERFACE_DISABLED
:
738 return "INTERFACE_DISABLED";
741 case WPA_AUTHENTICATING
:
742 return "AUTHENTICATING";
743 case WPA_ASSOCIATING
:
744 return "ASSOCIATING";
747 case WPA_4WAY_HANDSHAKE
:
748 return "4WAY_HANDSHAKE";
749 case WPA_GROUP_HANDSHAKE
:
750 return "GROUP_HANDSHAKE";
761 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
765 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
766 name
= wpa_s
->current_ssid
->bgscan
;
768 name
= wpa_s
->conf
->bgscan
;
769 if (name
== NULL
|| name
[0] == '\0')
771 if (wpas_driver_bss_selection(wpa_s
))
773 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
776 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
778 #endif /* CONFIG_P2P */
780 bgscan_deinit(wpa_s
);
781 if (wpa_s
->current_ssid
) {
782 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
783 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
786 * Live without bgscan; it is only used as a roaming
787 * optimization, so the initial connection is not
791 struct wpa_scan_results
*scan_res
;
792 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
793 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
796 bgscan_notify_scan(wpa_s
, scan_res
);
797 wpa_scan_results_free(scan_res
);
801 wpa_s
->bgscan_ssid
= NULL
;
805 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
807 if (wpa_s
->bgscan_ssid
!= NULL
) {
808 bgscan_deinit(wpa_s
);
809 wpa_s
->bgscan_ssid
= NULL
;
813 #endif /* CONFIG_BGSCAN */
816 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
818 if (autoscan_init(wpa_s
, 0))
819 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
823 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
825 autoscan_deinit(wpa_s
);
829 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
831 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
832 wpa_s
->wpa_state
== WPA_SCANNING
) {
833 autoscan_deinit(wpa_s
);
834 wpa_supplicant_start_autoscan(wpa_s
);
840 * wpa_supplicant_set_state - Set current connection state
841 * @wpa_s: Pointer to wpa_supplicant data
842 * @state: The new connection state
844 * This function is called whenever the connection state changes, e.g.,
845 * association is completed for WPA/WPA2 4-Way Handshake is started.
847 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
848 enum wpa_states state
)
850 enum wpa_states old_state
= wpa_s
->wpa_state
;
852 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
853 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
854 wpa_supplicant_state_txt(state
));
856 if (state
== WPA_COMPLETED
&&
857 os_reltime_initialized(&wpa_s
->roam_start
)) {
858 os_reltime_age(&wpa_s
->roam_start
, &wpa_s
->roam_time
);
859 wpa_s
->roam_start
.sec
= 0;
860 wpa_s
->roam_start
.usec
= 0;
861 wpas_notify_auth_changed(wpa_s
);
862 wpas_notify_roam_time(wpa_s
);
863 wpas_notify_roam_complete(wpa_s
);
864 } else if (state
== WPA_DISCONNECTED
&&
865 os_reltime_initialized(&wpa_s
->roam_start
)) {
866 wpa_s
->roam_start
.sec
= 0;
867 wpa_s
->roam_start
.usec
= 0;
868 wpa_s
->roam_time
.sec
= 0;
869 wpa_s
->roam_time
.usec
= 0;
870 wpas_notify_roam_complete(wpa_s
);
873 if (state
== WPA_INTERFACE_DISABLED
) {
874 /* Assure normal scan when interface is restored */
875 wpa_s
->normal_scans
= 0;
878 if (state
== WPA_COMPLETED
) {
879 wpas_connect_work_done(wpa_s
);
880 /* Reinitialize normal_scan counter */
881 wpa_s
->normal_scans
= 0;
886 * P2PS client has to reply to Probe Request frames received on the
887 * group operating channel. Enable Probe Request frame reporting for
888 * P2P connected client in case p2p_cli_probe configuration property is
891 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
892 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
893 wpa_s
->current_ssid
->p2p_group
) {
894 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
895 wpa_dbg(wpa_s
, MSG_DEBUG
,
896 "P2P: Enable CLI Probe Request RX reporting");
897 wpa_s
->p2p_cli_probe
=
898 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
899 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
900 wpa_dbg(wpa_s
, MSG_DEBUG
,
901 "P2P: Disable CLI Probe Request RX reporting");
902 wpa_s
->p2p_cli_probe
= 0;
903 wpa_drv_probe_req_report(wpa_s
, 0);
906 #endif /* CONFIG_P2P */
908 if (state
!= WPA_SCANNING
)
909 wpa_supplicant_notify_scanning(wpa_s
, 0);
911 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
912 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
913 int fils_hlp_sent
= 0;
916 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
917 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
919 #endif /* CONFIG_SME */
920 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
921 wpa_auth_alg_fils(wpa_s
->auth_alg
))
924 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
925 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
926 MACSTR
" completed [id=%d id_str=%s%s]",
927 MAC2STR(wpa_s
->bssid
),
928 ssid
? ssid
->id
: -1,
929 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
930 fils_hlp_sent
? " FILS_HLP_SENT" : "");
931 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
932 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
933 wpa_blacklist_clear(wpa_s
);
934 wpa_s
->extra_blacklist_count
= 0;
935 wpa_s
->new_connection
= 0;
936 wpa_drv_set_operstate(wpa_s
, 1);
937 #ifndef IEEE8021X_EAPOL
938 wpa_drv_set_supp_port(wpa_s
, 1);
939 #endif /* IEEE8021X_EAPOL */
940 wpa_s
->after_wps
= 0;
941 wpa_s
->known_wps_freq
= 0;
942 wpas_p2p_completed(wpa_s
);
944 sme_sched_obss_scan(wpa_s
, 1);
946 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
947 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
948 wpas_update_fils_connect_params(wpa_s
);
949 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
951 if (ssid
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
))
952 wpas_update_owe_connect_params(wpa_s
);
953 #endif /* CONFIG_OWE */
954 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
955 state
== WPA_ASSOCIATED
) {
956 wpa_s
->new_connection
= 1;
957 wpa_drv_set_operstate(wpa_s
, 0);
958 #ifndef IEEE8021X_EAPOL
959 wpa_drv_set_supp_port(wpa_s
, 0);
960 #endif /* IEEE8021X_EAPOL */
961 sme_sched_obss_scan(wpa_s
, 0);
963 wpa_s
->wpa_state
= state
;
966 if (state
== WPA_COMPLETED
)
967 wpa_supplicant_start_bgscan(wpa_s
);
968 else if (state
< WPA_ASSOCIATED
)
969 wpa_supplicant_stop_bgscan(wpa_s
);
970 #endif /* CONFIG_BGSCAN */
972 if (state
> WPA_SCANNING
)
973 wpa_supplicant_stop_autoscan(wpa_s
);
975 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
976 wpa_supplicant_start_autoscan(wpa_s
);
978 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
979 wmm_ac_notify_disassoc(wpa_s
);
981 if (wpa_s
->wpa_state
!= old_state
) {
982 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
985 * Notify the P2P Device interface about a state change in one
988 wpas_p2p_indicate_state_change(wpa_s
);
990 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
991 old_state
== WPA_COMPLETED
)
992 wpas_notify_auth_changed(wpa_s
);
997 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
1001 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
1003 struct wpa_supplicant
*next
= wpa_s
->next
;
1004 if (wpas_wps_terminate_pending(wpa_s
) == 1)
1007 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
1008 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
1009 wpas_p2p_disconnect(wpa_s
);
1010 #endif /* CONFIG_P2P */
1013 #endif /* CONFIG_WPS */
1020 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
1022 struct wpa_global
*global
= signal_ctx
;
1023 wpa_supplicant_terminate_proc(global
);
1027 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1029 enum wpa_states old_state
= wpa_s
->wpa_state
;
1031 wpa_s
->pairwise_cipher
= 0;
1032 wpa_s
->group_cipher
= 0;
1033 wpa_s
->mgmt_group_cipher
= 0;
1034 wpa_s
->key_mgmt
= 0;
1035 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1036 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1038 if (wpa_s
->wpa_state
!= old_state
)
1039 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1044 * wpa_supplicant_reload_configuration - Reload configuration data
1045 * @wpa_s: Pointer to wpa_supplicant data
1046 * Returns: 0 on success or -1 if configuration parsing failed
1048 * This function can be used to request that the configuration data is reloaded
1049 * (e.g., after configuration file change). This function is reloading
1050 * configuration only for one interface, so this may need to be called multiple
1051 * times if %wpa_supplicant is controlling multiple interfaces and all
1052 * interfaces need reconfiguration.
1054 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1056 struct wpa_config
*conf
;
1060 if (wpa_s
->confname
== NULL
)
1062 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1064 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1065 "file '%s' - exiting", wpa_s
->confname
);
1068 if (wpa_s
->confanother
&&
1069 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1070 wpa_msg(wpa_s
, MSG_ERROR
,
1071 "Failed to parse the configuration file '%s' - exiting",
1072 wpa_s
->confanother
);
1076 conf
->changed_parameters
= (unsigned int) -1;
1078 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1079 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1080 os_strcmp(conf
->ctrl_interface
,
1081 wpa_s
->conf
->ctrl_interface
) != 0);
1083 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1084 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1085 wpa_s
->ctrl_iface
= NULL
;
1088 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1089 if (wpa_s
->current_ssid
) {
1090 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1091 wpa_s
->own_disconnect_req
= 1;
1092 wpa_supplicant_deauthenticate(wpa_s
,
1093 WLAN_REASON_DEAUTH_LEAVING
);
1097 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1098 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1100 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1101 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1102 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1104 * Clear forced success to clear EAP state for next
1107 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1109 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1110 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1111 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1112 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1113 rsn_preauth_deinit(wpa_s
->wpa
);
1115 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1116 wpa_config_free(wpa_s
->conf
);
1118 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1119 wpas_notify_ap_scan_changed(wpa_s
);
1122 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1124 wpa_supplicant_update_config(wpa_s
);
1126 wpa_supplicant_clear_status(wpa_s
);
1127 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1128 wpa_s
->reassociate
= 1;
1129 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1131 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1136 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1138 struct wpa_global
*global
= signal_ctx
;
1139 struct wpa_supplicant
*wpa_s
;
1140 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1141 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1143 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1144 wpa_supplicant_terminate_proc(global
);
1148 if (wpa_debug_reopen_file() < 0) {
1149 /* Ignore errors since we cannot really do much to fix this */
1150 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1155 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1156 struct wpa_ssid
*ssid
,
1157 struct wpa_ie_data
*ie
)
1159 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1162 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1163 "from association info");
1168 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1170 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1171 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1172 "cipher 0x%x (mask 0x%x) - reject",
1173 ie
->group_cipher
, ssid
->group_cipher
);
1176 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1177 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1178 "cipher 0x%x (mask 0x%x) - reject",
1179 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1182 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1183 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1184 "management 0x%x (mask 0x%x) - reject",
1185 ie
->key_mgmt
, ssid
->key_mgmt
);
1189 #ifdef CONFIG_IEEE80211W
1190 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1191 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1192 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1193 "that does not support management frame protection - "
1197 #endif /* CONFIG_IEEE80211W */
1203 static int matching_ciphers(struct wpa_ssid
*ssid
, struct wpa_ie_data
*ie
,
1207 ie
->group_cipher
= wpa_default_rsn_cipher(freq
);
1208 if (!ie
->has_pairwise
)
1209 ie
->pairwise_cipher
= wpa_default_rsn_cipher(freq
);
1210 return (ie
->group_cipher
& ssid
->group_cipher
) &&
1211 (ie
->pairwise_cipher
& ssid
->pairwise_cipher
);
1216 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1217 * @wpa_s: Pointer to wpa_supplicant data
1218 * @bss: Scan results for the selected BSS, or %NULL if not available
1219 * @ssid: Configuration data for the selected network
1220 * @wpa_ie: Buffer for the WPA/RSN IE
1221 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1222 * used buffer length in case the functions returns success.
1223 * Returns: 0 on success or -1 on failure
1225 * This function is used to configure authentication and encryption parameters
1226 * based on the network configuration and scan result for the selected BSS (if
1229 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1230 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1231 u8
*wpa_ie
, size_t *wpa_ie_len
)
1233 struct wpa_ie_data ie
;
1235 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1238 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1239 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1240 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1242 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1244 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1245 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1246 matching_ciphers(ssid
, &ie
, bss
->freq
) &&
1247 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1248 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1249 proto
= WPA_PROTO_RSN
;
1250 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1251 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1252 (ie
.group_cipher
& ssid
->group_cipher
) &&
1253 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1254 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1255 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1256 proto
= WPA_PROTO_WPA
;
1258 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1259 wpa_parse_wpa_ie(bss_osen
, 2 + bss_osen
[1], &ie
) == 0 &&
1260 (ie
.group_cipher
& ssid
->group_cipher
) &&
1261 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1262 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1263 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1264 proto
= WPA_PROTO_OSEN
;
1265 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1266 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1267 (ie
.group_cipher
& ssid
->group_cipher
) &&
1268 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1269 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1270 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1271 proto
= WPA_PROTO_RSN
;
1272 #endif /* CONFIG_HS20 */
1274 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1275 wpa_dbg(wpa_s
, MSG_DEBUG
,
1276 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1277 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1279 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1280 MAC2STR(bss
->bssid
),
1281 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1282 bss_wpa
? " WPA" : "",
1283 bss_rsn
? " RSN" : "",
1284 bss_osen
? " OSEN" : "");
1286 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1287 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1288 wpa_dbg(wpa_s
, MSG_DEBUG
,
1289 "Could not parse RSN element");
1291 wpa_dbg(wpa_s
, MSG_DEBUG
,
1292 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1293 ie
.pairwise_cipher
, ie
.group_cipher
,
1298 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1299 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1300 wpa_dbg(wpa_s
, MSG_DEBUG
,
1301 "Could not parse WPA element");
1303 wpa_dbg(wpa_s
, MSG_DEBUG
,
1304 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1305 ie
.pairwise_cipher
, ie
.group_cipher
,
1311 if (ssid
->proto
& WPA_PROTO_OSEN
)
1312 proto
= WPA_PROTO_OSEN
;
1313 else if (ssid
->proto
& WPA_PROTO_RSN
)
1314 proto
= WPA_PROTO_RSN
;
1316 proto
= WPA_PROTO_WPA
;
1317 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1318 os_memset(&ie
, 0, sizeof(ie
));
1319 ie
.group_cipher
= ssid
->group_cipher
;
1320 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1321 ie
.key_mgmt
= ssid
->key_mgmt
;
1322 #ifdef CONFIG_IEEE80211W
1323 ie
.mgmt_group_cipher
= 0;
1324 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1325 if (ssid
->group_mgmt_cipher
&
1326 WPA_CIPHER_BIP_GMAC_256
)
1327 ie
.mgmt_group_cipher
=
1328 WPA_CIPHER_BIP_GMAC_256
;
1329 else if (ssid
->group_mgmt_cipher
&
1330 WPA_CIPHER_BIP_CMAC_256
)
1331 ie
.mgmt_group_cipher
=
1332 WPA_CIPHER_BIP_CMAC_256
;
1333 else if (ssid
->group_mgmt_cipher
&
1334 WPA_CIPHER_BIP_GMAC_128
)
1335 ie
.mgmt_group_cipher
=
1336 WPA_CIPHER_BIP_GMAC_128
;
1338 ie
.mgmt_group_cipher
=
1339 WPA_CIPHER_AES_128_CMAC
;
1341 #endif /* CONFIG_IEEE80211W */
1343 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1345 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1346 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1347 wpa_s
->wpa_proto
= 0;
1351 #endif /* CONFIG_OWE */
1352 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1353 "based on configuration");
1358 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1359 "pairwise %d key_mgmt %d proto %d",
1360 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1361 #ifdef CONFIG_IEEE80211W
1362 if (ssid
->ieee80211w
) {
1363 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1364 ie
.mgmt_group_cipher
);
1366 #endif /* CONFIG_IEEE80211W */
1368 wpa_s
->wpa_proto
= proto
;
1369 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1370 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1371 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1373 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1374 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1375 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1376 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1377 bss_rsn
? 2 + bss_rsn
[1] : 0))
1381 #ifdef CONFIG_NO_WPA
1382 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1383 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1384 #else /* CONFIG_NO_WPA */
1385 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1386 wpa_dbg(wpa_s
, MSG_DEBUG
,
1387 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1388 ie
.group_cipher
, ssid
->group_cipher
, sel
);
1389 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1390 if (wpa_s
->group_cipher
< 0) {
1391 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1395 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1396 wpa_cipher_txt(wpa_s
->group_cipher
));
1398 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1399 wpa_dbg(wpa_s
, MSG_DEBUG
,
1400 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1401 ie
.pairwise_cipher
, ssid
->pairwise_cipher
, sel
);
1402 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1403 if (wpa_s
->pairwise_cipher
< 0) {
1404 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1408 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1409 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1410 #endif /* CONFIG_NO_WPA */
1412 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1413 wpa_dbg(wpa_s
, MSG_DEBUG
,
1414 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1415 ie
.key_mgmt
, ssid
->key_mgmt
, sel
);
1417 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1418 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1419 #endif /* CONFIG_SAE */
1421 #ifdef CONFIG_IEEE80211R
1422 #ifdef CONFIG_SHA384
1423 } else if ((sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) &&
1424 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s
), "LEAP") != 0) {
1425 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1426 wpa_dbg(wpa_s
, MSG_DEBUG
,
1427 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1428 if (!ssid
->ft_eap_pmksa_caching
&&
1429 pmksa_cache_get_current(wpa_s
->wpa
)) {
1430 /* PMKSA caching with FT may have interoperability
1431 * issues, so disable that case by default for now. */
1432 wpa_dbg(wpa_s
, MSG_DEBUG
,
1433 "WPA: Disable PMKSA caching for FT/802.1X connection");
1434 pmksa_cache_clear_current(wpa_s
->wpa
);
1436 #endif /* CONFIG_SHA384 */
1437 #endif /* CONFIG_IEEE80211R */
1438 #ifdef CONFIG_SUITEB192
1439 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1440 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1441 wpa_dbg(wpa_s
, MSG_DEBUG
,
1442 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1443 #endif /* CONFIG_SUITEB192 */
1444 #ifdef CONFIG_SUITEB
1445 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1446 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1447 wpa_dbg(wpa_s
, MSG_DEBUG
,
1448 "WPA: using KEY_MGMT 802.1X with Suite B");
1449 #endif /* CONFIG_SUITEB */
1451 #ifdef CONFIG_IEEE80211R
1452 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1453 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1454 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1455 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1456 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1457 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1458 #endif /* CONFIG_IEEE80211R */
1459 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1460 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1461 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1462 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1463 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1464 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1465 #endif /* CONFIG_FILS */
1466 #ifdef CONFIG_IEEE80211R
1467 } else if ((sel
& WPA_KEY_MGMT_FT_IEEE8021X
) &&
1468 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s
), "LEAP") != 0) {
1469 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1470 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1471 if (!ssid
->ft_eap_pmksa_caching
&&
1472 pmksa_cache_get_current(wpa_s
->wpa
)) {
1473 /* PMKSA caching with FT may have interoperability
1474 * issues, so disable that case by default for now. */
1475 wpa_dbg(wpa_s
, MSG_DEBUG
,
1476 "WPA: Disable PMKSA caching for FT/802.1X connection");
1477 pmksa_cache_clear_current(wpa_s
->wpa
);
1479 #endif /* CONFIG_IEEE80211R */
1481 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1482 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1483 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1484 #endif /* CONFIG_DPP */
1486 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1487 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1488 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1489 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1490 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1491 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1492 #endif /* CONFIG_SAE */
1493 #ifdef CONFIG_IEEE80211R
1494 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1495 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1496 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1497 #endif /* CONFIG_IEEE80211R */
1498 #ifdef CONFIG_IEEE80211W
1499 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1500 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1501 wpa_dbg(wpa_s
, MSG_DEBUG
,
1502 "WPA: using KEY_MGMT 802.1X with SHA256");
1503 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1504 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1505 wpa_dbg(wpa_s
, MSG_DEBUG
,
1506 "WPA: using KEY_MGMT PSK with SHA256");
1507 #endif /* CONFIG_IEEE80211W */
1508 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1509 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1510 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1511 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1512 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1513 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1514 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1515 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1516 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1518 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1519 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1520 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1521 #endif /* CONFIG_HS20 */
1523 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1524 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1525 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1526 #endif /* CONFIG_OWE */
1528 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1529 "authenticated key management type");
1533 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1534 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1535 wpa_s
->pairwise_cipher
);
1536 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1538 #ifdef CONFIG_IEEE80211W
1539 if (!(ie
.capabilities
& WPA_CAPABILITY_MFPC
) &&
1540 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1541 wpa_msg(wpa_s
, MSG_INFO
,
1542 "RSN: Management frame protection required but the selected AP does not enable it");
1546 sel
= ie
.mgmt_group_cipher
;
1547 if (ssid
->group_mgmt_cipher
)
1548 sel
&= ssid
->group_mgmt_cipher
;
1549 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1550 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1552 wpa_dbg(wpa_s
, MSG_DEBUG
,
1553 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1554 ie
.mgmt_group_cipher
, ssid
->group_mgmt_cipher
, sel
);
1555 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1556 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1557 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1559 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1560 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1561 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1563 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1564 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1565 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1567 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1568 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1569 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1572 wpa_s
->mgmt_group_cipher
= 0;
1573 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1575 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1576 wpa_s
->mgmt_group_cipher
);
1577 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1578 wpas_get_ssid_pmf(wpa_s
, ssid
));
1579 #endif /* CONFIG_IEEE80211W */
1581 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_OCV
, ssid
->ocv
);
1582 #endif /* CONFIG_OCV */
1584 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1585 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1591 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1592 /* Use PMK from DPP network introduction (PMKSA entry) */
1593 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1594 #endif /* CONFIG_DPP */
1595 } else if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1599 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1600 WPA_KEY_MGMT_FT_PSK
|
1601 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1603 if (ssid
->psk_set
&& !sae_only
) {
1604 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1605 ssid
->psk
, PMK_LEN
);
1606 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1611 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1612 (ssid
->sae_password
|| ssid
->passphrase
))
1615 #ifndef CONFIG_NO_PBKDF2
1616 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1617 ssid
->passphrase
&& !sae_only
) {
1619 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1620 4096, psk
, PMK_LEN
);
1621 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1623 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1625 os_memset(psk
, 0, sizeof(psk
));
1627 #endif /* CONFIG_NO_PBKDF2 */
1628 #ifdef CONFIG_EXT_PASSWORD
1629 if (ssid
->ext_psk
&& !sae_only
) {
1630 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1632 char pw_str
[64 + 1];
1636 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1637 "found from external storage");
1641 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1642 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1643 "PSK length %d in external storage",
1644 (int) wpabuf_len(pw
));
1645 ext_password_free(pw
);
1649 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1650 pw_str
[wpabuf_len(pw
)] = '\0';
1652 #ifndef CONFIG_NO_PBKDF2
1653 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1655 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1656 4096, psk
, PMK_LEN
);
1657 os_memset(pw_str
, 0, sizeof(pw_str
));
1658 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1659 "external passphrase)",
1661 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1664 os_memset(psk
, 0, sizeof(psk
));
1666 #endif /* CONFIG_NO_PBKDF2 */
1667 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1668 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1669 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1670 "Invalid PSK hex string");
1671 os_memset(pw_str
, 0, sizeof(pw_str
));
1672 ext_password_free(pw
);
1675 wpa_hexdump_key(MSG_MSGDUMP
,
1676 "PSK (from external PSK)",
1678 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1681 os_memset(psk
, 0, sizeof(psk
));
1683 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1685 os_memset(pw_str
, 0, sizeof(pw_str
));
1686 ext_password_free(pw
);
1690 os_memset(pw_str
, 0, sizeof(pw_str
));
1691 ext_password_free(pw
);
1693 #endif /* CONFIG_EXT_PASSWORD */
1696 wpa_msg(wpa_s
, MSG_INFO
,
1697 "No PSK available for association");
1698 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1702 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1703 /* OWE Diffie-Hellman exchange in (Re)Association
1704 * Request/Response frames set the PMK, so do not override it
1706 #endif /* CONFIG_OWE */
1708 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1714 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1719 case 0: /* Bits 0-7 */
1721 case 1: /* Bits 8-15 */
1722 if (wpa_s
->conf
->coloc_intf_reporting
) {
1723 /* Bit 13 - Collocated Interference Reporting */
1727 case 2: /* Bits 16-23 */
1729 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1730 if (!wpa_s
->conf
->disable_btm
)
1731 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1732 #endif /* CONFIG_WNM */
1734 case 3: /* Bits 24-31 */
1736 *pos
|= 0x02; /* Bit 25 - SSID List */
1737 #endif /* CONFIG_WNM */
1738 #ifdef CONFIG_INTERWORKING
1739 if (wpa_s
->conf
->interworking
)
1740 *pos
|= 0x80; /* Bit 31 - Interworking */
1741 #endif /* CONFIG_INTERWORKING */
1743 case 4: /* Bits 32-39 */
1744 #ifdef CONFIG_INTERWORKING
1745 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1746 *pos
|= 0x01; /* Bit 32 - QoS Map */
1747 #endif /* CONFIG_INTERWORKING */
1749 case 5: /* Bits 40-47 */
1751 if (wpa_s
->conf
->hs20
)
1752 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1753 #endif /* CONFIG_HS20 */
1755 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1756 #endif /* CONFIG_MBO */
1758 case 6: /* Bits 48-55 */
1760 case 7: /* Bits 56-63 */
1762 case 8: /* Bits 64-71 */
1763 if (wpa_s
->conf
->ftm_responder
)
1764 *pos
|= 0x40; /* Bit 70 - FTM responder */
1765 if (wpa_s
->conf
->ftm_initiator
)
1766 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1768 case 9: /* Bits 72-79 */
1770 if (!wpa_s
->disable_fils
)
1772 #endif /* CONFIG_FILS */
1778 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1783 if (len
< wpa_s
->extended_capa_len
)
1784 len
= wpa_s
->extended_capa_len
;
1785 if (buflen
< (size_t) len
+ 2) {
1786 wpa_printf(MSG_INFO
,
1787 "Not enough room for building extended capabilities element");
1791 *pos
++ = WLAN_EID_EXT_CAPAB
;
1793 for (i
= 0; i
< len
; i
++, pos
++) {
1794 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1796 if (i
< wpa_s
->extended_capa_len
) {
1797 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1798 *pos
|= wpa_s
->extended_capa
[i
];
1802 while (len
> 0 && buf
[1 + len
] == 0) {
1813 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1814 struct wpa_bss
*test_bss
)
1816 struct wpa_bss
*bss
;
1818 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1819 if (bss
== test_bss
)
1827 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1828 struct wpa_ssid
*test_ssid
)
1830 struct wpa_ssid
*ssid
;
1832 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1833 if (ssid
== test_ssid
)
1841 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1842 struct wpa_ssid
*test_ssid
)
1844 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1847 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1851 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1859 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1861 struct wpa_connect_work
*cwork
;
1862 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1867 wpa_s
->connect_work
= NULL
;
1870 wpas_connect_work_free(cwork
);
1871 radio_work_done(work
);
1875 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1877 struct os_reltime now
;
1880 os_get_reltime(&now
);
1881 if (wpa_s
->last_mac_addr_style
== style
&&
1882 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1883 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1884 wpa_s
->conf
->rand_addr_lifetime
)) {
1885 wpa_msg(wpa_s
, MSG_DEBUG
,
1886 "Previously selected random MAC address has not yet expired");
1892 if (random_mac_addr(addr
) < 0)
1896 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1897 if (random_mac_addr_keep_oui(addr
) < 0)
1904 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1905 wpa_msg(wpa_s
, MSG_INFO
,
1906 "Failed to set random MAC address");
1910 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1911 wpa_s
->mac_addr_changed
= 1;
1912 wpa_s
->last_mac_addr_style
= style
;
1914 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1915 wpa_msg(wpa_s
, MSG_INFO
,
1916 "Could not update MAC address information");
1920 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1927 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1929 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1930 !wpa_s
->conf
->preassoc_mac_addr
)
1933 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1937 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1940 * wpa_supplicant_associate - Request association
1941 * @wpa_s: Pointer to wpa_supplicant data
1942 * @bss: Scan results for the selected BSS, or %NULL if not available
1943 * @ssid: Configuration data for the selected network
1945 * This function is used to request %wpa_supplicant to associate with a BSS.
1947 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1948 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1950 struct wpa_connect_work
*cwork
;
1953 wpa_s
->own_disconnect_req
= 0;
1956 * If we are starting a new connection, any previously pending EAPOL
1957 * RX cannot be valid anymore.
1959 wpabuf_free(wpa_s
->pending_eapol_rx
);
1960 wpa_s
->pending_eapol_rx
= NULL
;
1962 if (ssid
->mac_addr
== -1)
1963 rand_style
= wpa_s
->conf
->mac_addr
;
1965 rand_style
= ssid
->mac_addr
;
1967 wmm_ac_clear_saved_tspecs(wpa_s
);
1968 wpa_s
->reassoc_same_bss
= 0;
1969 wpa_s
->reassoc_same_ess
= 0;
1970 #ifdef CONFIG_TESTING_OPTIONS
1971 wpa_s
->testing_resend_assoc
= 0;
1972 #endif /* CONFIG_TESTING_OPTIONS */
1974 if (wpa_s
->last_ssid
== ssid
) {
1975 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1976 wpa_s
->reassoc_same_ess
= 1;
1977 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1978 wmm_ac_save_tspecs(wpa_s
);
1979 wpa_s
->reassoc_same_bss
= 1;
1980 } else if (wpa_s
->current_bss
&& wpa_s
->current_bss
!= bss
) {
1981 os_get_reltime(&wpa_s
->roam_start
);
1985 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1986 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1988 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1989 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1990 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1991 wpa_msg(wpa_s
, MSG_INFO
,
1992 "Could not restore permanent MAC address");
1995 wpa_s
->mac_addr_changed
= 0;
1996 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1997 wpa_msg(wpa_s
, MSG_INFO
,
1998 "Could not update MAC address information");
2001 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
2003 wpa_s
->last_ssid
= ssid
;
2005 #ifdef CONFIG_IBSS_RSN
2006 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
2007 wpa_s
->ibss_rsn
= NULL
;
2008 #else /* CONFIG_IBSS_RSN */
2009 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2010 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
2011 wpa_msg(wpa_s
, MSG_INFO
,
2012 "IBSS RSN not supported in the build");
2015 #endif /* CONFIG_IBSS_RSN */
2017 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
2018 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
2020 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
2021 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
2025 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
2026 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2027 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
2028 wpas_p2p_ap_setup_failed(wpa_s
);
2031 wpa_s
->current_bss
= bss
;
2032 #else /* CONFIG_AP */
2033 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
2035 #endif /* CONFIG_AP */
2039 if (ssid
->mode
== WPAS_MODE_MESH
) {
2041 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
2042 wpa_msg(wpa_s
, MSG_INFO
,
2043 "Driver does not support mesh mode");
2047 ssid
->frequency
= bss
->freq
;
2048 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
2049 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
2052 wpa_s
->current_bss
= bss
;
2053 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
2054 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
2056 wpas_notify_mesh_group_started(wpa_s
, ssid
);
2057 #else /* CONFIG_MESH */
2058 wpa_msg(wpa_s
, MSG_ERROR
,
2059 "mesh mode support not included in the build");
2060 #endif /* CONFIG_MESH */
2065 * Set WPA state machine configuration to match the selected network now
2066 * so that the information is available before wpas_start_assoc_cb()
2067 * gets called. This is needed at least for RSN pre-authentication where
2068 * candidate APs are added to a list based on scan result processing
2069 * before completion of the first association.
2071 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
2074 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
2076 #endif /* CONFIG_DPP */
2080 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2082 #endif /* CONFIG_TDLS */
2084 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2085 ssid
->mode
== WPAS_MODE_INFRA
) {
2086 sme_authenticate(wpa_s
, bss
, ssid
);
2090 if (wpa_s
->connect_work
) {
2091 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2095 if (radio_work_pending(wpa_s
, "connect")) {
2096 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2101 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2102 /* Clear possibly set auth_alg, if any, from last attempt. */
2103 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2105 #endif /* CONFIG_SME */
2107 wpas_abort_ongoing_scan(wpa_s
);
2109 cwork
= os_zalloc(sizeof(*cwork
));
2116 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2117 wpas_start_assoc_cb
, cwork
) < 0) {
2123 static int bss_is_ibss(struct wpa_bss
*bss
)
2125 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2130 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2131 const struct wpa_ssid
*ssid
)
2133 enum hostapd_hw_mode hw_mode
;
2134 struct hostapd_hw_modes
*mode
= NULL
;
2138 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2139 if (hw_mode
== NUM_HOSTAPD_MODES
)
2141 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2142 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2143 mode
= &wpa_s
->hw
.modes
[i
];
2151 return mode
->vht_capab
!= 0;
2155 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2156 const struct wpa_ssid
*ssid
,
2157 struct hostapd_freq_params
*freq
)
2159 int ieee80211_mode
= wpas_mode_to_ieee80211_mode(ssid
->mode
);
2160 enum hostapd_hw_mode hw_mode
;
2161 struct hostapd_hw_modes
*mode
= NULL
;
2162 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2164 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2165 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2167 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2169 struct hostapd_freq_params vht_freq
;
2170 int chwidth
, seg0
, seg1
;
2173 freq
->freq
= ssid
->frequency
;
2175 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2176 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2178 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2181 /* Don't adjust control freq in case of fixed_freq */
2182 if (ssid
->fixed_freq
)
2185 if (!bss_is_ibss(bss
))
2188 if (ssid
->ssid_len
== bss
->ssid_len
&&
2189 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2190 wpa_printf(MSG_DEBUG
,
2191 "IBSS already found in scan results, adjust control freq: %d",
2193 freq
->freq
= bss
->freq
;
2199 /* For IBSS check HT_IBSS flag */
2200 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2201 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2204 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2205 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2206 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2207 wpa_printf(MSG_DEBUG
,
2208 "IBSS: WEP/TKIP detected, do not try to enable HT");
2212 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2213 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2214 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2215 mode
= &wpa_s
->hw
.modes
[i
];
2223 /* HE can work without HT + VHT */
2224 freq
->he_enabled
= mode
->he_capab
[ieee80211_mode
].he_supported
;
2226 #ifdef CONFIG_HT_OVERRIDES
2227 if (ssid
->disable_ht
) {
2228 freq
->ht_enabled
= 0;
2231 #endif /* CONFIG_HT_OVERRIDES */
2233 freq
->ht_enabled
= ht_supported(mode
);
2234 if (!freq
->ht_enabled
)
2237 /* Setup higher BW only for 5 GHz */
2238 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2241 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2242 pri_chan
= &mode
->channels
[chan_idx
];
2243 if (pri_chan
->chan
== channel
)
2250 /* Check primary channel flags */
2251 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2254 freq
->channel
= pri_chan
->chan
;
2256 #ifdef CONFIG_HT_OVERRIDES
2257 if (ssid
->disable_ht40
) {
2258 if (ssid
->disable_vht
)
2262 #endif /* CONFIG_HT_OVERRIDES */
2264 /* Check/setup HT40+/HT40- */
2265 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2266 if (ht40plus
[j
] == channel
) {
2272 /* Find secondary channel */
2273 for (i
= 0; i
< mode
->num_channels
; i
++) {
2274 sec_chan
= &mode
->channels
[i
];
2275 if (sec_chan
->chan
== channel
+ ht40
* 4)
2282 /* Check secondary channel flags */
2283 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2287 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2290 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2293 freq
->sec_channel_offset
= ht40
;
2296 struct wpa_scan_results
*scan_res
;
2298 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2299 if (scan_res
== NULL
) {
2301 freq
->sec_channel_offset
= 0;
2305 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2310 freq
->sec_channel_offset
= 0;
2313 /* Configuration allowed */
2316 /* Switch pri/sec channels */
2317 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2318 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2319 freq
->channel
= sec_chan
->chan
;
2322 freq
->sec_channel_offset
= 0;
2326 wpa_scan_results_free(scan_res
);
2329 #ifdef CONFIG_HT_OVERRIDES
2331 #endif /* CONFIG_HT_OVERRIDES */
2332 wpa_printf(MSG_DEBUG
,
2333 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2334 freq
->channel
, freq
->sec_channel_offset
);
2336 if (!drv_supports_vht(wpa_s
, ssid
))
2339 /* For IBSS check VHT_IBSS flag */
2340 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2341 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2346 #ifdef CONFIG_VHT_OVERRIDES
2347 if (ssid
->disable_vht
) {
2348 freq
->vht_enabled
= 0;
2351 #endif /* CONFIG_VHT_OVERRIDES */
2353 vht_freq
.vht_enabled
= vht_supported(mode
);
2354 if (!vht_freq
.vht_enabled
)
2357 /* setup center_freq1, bandwidth */
2358 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2359 if (freq
->channel
>= vht80
[j
] &&
2360 freq
->channel
< vht80
[j
] + 16)
2364 if (j
== ARRAY_SIZE(vht80
))
2367 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2368 struct hostapd_channel_data
*chan
;
2370 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2374 /* Back to HT configuration if channel not usable */
2375 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2379 chwidth
= CHANWIDTH_80MHZ
;
2380 seg0
= vht80
[j
] + 6;
2383 if (ssid
->max_oper_chwidth
== CHANWIDTH_80P80MHZ
) {
2384 /* setup center_freq2, bandwidth */
2385 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2386 /* Only accept 80 MHz segments separated by a gap */
2387 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2389 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2390 struct hostapd_channel_data
*chan
;
2392 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2396 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2397 HOSTAPD_CHAN_NO_IR
|
2398 HOSTAPD_CHAN_RADAR
))
2401 /* Found a suitable second segment for 80+80 */
2402 chwidth
= CHANWIDTH_80P80MHZ
;
2404 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2405 seg1
= vht80
[k
] + 6;
2408 if (chwidth
== CHANWIDTH_80P80MHZ
)
2411 } else if (ssid
->max_oper_chwidth
== CHANWIDTH_160MHZ
) {
2412 if (freq
->freq
== 5180) {
2413 chwidth
= CHANWIDTH_160MHZ
;
2414 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2416 } else if (freq
->freq
== 5520) {
2417 chwidth
= CHANWIDTH_160MHZ
;
2418 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2421 } else if (ssid
->max_oper_chwidth
== CHANWIDTH_USE_HT
) {
2422 chwidth
= CHANWIDTH_USE_HT
;
2423 seg0
= vht80
[j
] + 2;
2424 #ifdef CONFIG_HT_OVERRIDES
2425 if (ssid
->disable_ht40
)
2427 #endif /* CONFIG_HT_OVERRIDES */
2430 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2431 freq
->channel
, freq
->ht_enabled
,
2432 vht_freq
.vht_enabled
, freq
->he_enabled
,
2433 freq
->sec_channel_offset
,
2434 chwidth
, seg0
, seg1
, vht_caps
,
2435 &mode
->he_capab
[ieee80211_mode
]) != 0)
2440 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2441 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2446 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2449 struct fils_hlp_req
*req
;
2450 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2454 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2456 rem_len
= ie_buf_len
- ie_len
;
2457 pos
= wpabuf_head(req
->pkt
);
2458 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2459 hlp_len
= wpabuf_len(req
->pkt
);
2461 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2462 wpa_printf(MSG_ERROR
,
2463 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2464 (unsigned long) rem_len
,
2465 (unsigned long) (2 + hdr_len
+ hlp_len
));
2469 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2471 *buf
++ = WLAN_EID_EXTENSION
;
2474 /* Element ID Extension */
2475 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2476 /* Destination MAC address */
2477 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2479 /* Source MAC address */
2480 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2482 /* LLC/SNAP Header */
2483 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2486 os_memcpy(buf
, pos
, len
- hdr_len
);
2487 buf
+= len
- hdr_len
;
2488 pos
+= len
- hdr_len
;
2490 hlp_len
-= len
- hdr_len
;
2495 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2496 if (rem_len
< 2 + len
)
2498 *buf
++ = WLAN_EID_FRAGMENT
;
2500 os_memcpy(buf
, pos
, len
);
2514 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2516 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2517 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2518 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2519 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2523 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2525 #ifdef CONFIG_FILS_SK_PFS
2526 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2527 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2528 #else /* CONFIG_FILS_SK_PFS */
2530 #endif /* CONFIG_FILS_SK_PFS */
2533 #endif /* CONFIG_FILS */
2536 static u8
* wpas_populate_assoc_ies(
2537 struct wpa_supplicant
*wpa_s
,
2538 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2539 struct wpa_driver_associate_params
*params
,
2540 enum wpa_drv_update_connect_params_mask
*mask
)
2543 size_t max_wpa_ie_len
= 500;
2545 int algs
= WPA_AUTH_ALG_OPEN
;
2550 int sae_pmksa_cached
= 0;
2551 #endif /* CONFIG_SAE */
2553 const u8
*realm
, *username
, *rrk
;
2554 size_t realm_len
, username_len
, rrk_len
;
2556 struct fils_hlp_req
*req
;
2558 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2560 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2561 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2563 #endif /* CONFIG_FILS */
2565 wpa_ie
= os_malloc(max_wpa_ie_len
);
2567 wpa_printf(MSG_ERROR
,
2568 "Failed to allocate connect IE buffer for %lu bytes",
2569 (unsigned long) max_wpa_ie_len
);
2573 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2574 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2575 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2576 int try_opportunistic
;
2577 const u8
*cache_id
= NULL
;
2579 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2581 ssid
->proactive_key_caching
) &&
2582 (ssid
->proto
& WPA_PROTO_RSN
);
2584 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2585 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2586 #endif /* CONFIG_FILS */
2587 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2588 ssid
, try_opportunistic
,
2589 cache_id
, 0) == 0) {
2590 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2592 sae_pmksa_cached
= 1;
2593 #endif /* CONFIG_SAE */
2595 wpa_ie_len
= max_wpa_ie_len
;
2596 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2597 wpa_ie
, &wpa_ie_len
)) {
2598 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2599 "key management and encryption suites");
2604 } else if (bss
&& wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
) &&
2605 (ssid
->key_mgmt
& WPA_KEY_MGMT_OSEN
)) {
2606 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2607 wpa_ie_len
= max_wpa_ie_len
;
2608 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2609 wpa_ie
, &wpa_ie_len
)) {
2610 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2611 "key management and encryption suites");
2615 #endif /* CONFIG_HS20 */
2616 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2617 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2619 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2620 * use non-WPA since the scan results did not indicate that the
2621 * AP is using WPA or WPA2.
2623 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2625 wpa_s
->wpa_proto
= 0;
2626 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2627 wpa_ie_len
= max_wpa_ie_len
;
2628 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2629 wpa_ie
, &wpa_ie_len
)) {
2630 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2631 "key management and encryption suites (no "
2637 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2638 struct wpabuf
*wps_ie
;
2639 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2640 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2641 wpa_ie_len
= wpabuf_len(wps_ie
);
2642 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2645 wpabuf_free(wps_ie
);
2646 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2647 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2648 params
->wps
= WPS_MODE_PRIVACY
;
2650 params
->wps
= WPS_MODE_OPEN
;
2651 wpa_s
->wpa_proto
= 0;
2652 #endif /* CONFIG_WPS */
2654 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2656 wpa_s
->wpa_proto
= 0;
2659 #ifdef IEEE8021X_EAPOL
2660 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2662 if (ssid
->non_leap
== 0)
2663 algs
= WPA_AUTH_ALG_LEAP
;
2665 algs
|= WPA_AUTH_ALG_LEAP
;
2670 /* Clear FILS association */
2671 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2673 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2674 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2675 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2676 &username_len
, &realm
, &realm_len
,
2677 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2678 (!wpa_s
->last_con_fail_realm
||
2679 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2680 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2681 algs
= WPA_AUTH_ALG_FILS
;
2682 params
->fils_erp_username
= username
;
2683 params
->fils_erp_username_len
= username_len
;
2684 params
->fils_erp_realm
= realm
;
2685 params
->fils_erp_realm_len
= realm_len
;
2686 params
->fils_erp_next_seq_num
= next_seq_num
;
2687 params
->fils_erp_rrk
= rrk
;
2688 params
->fils_erp_rrk_len
= rrk_len
;
2691 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2693 #endif /* CONFIG_FILS */
2694 #endif /* IEEE8021X_EAPOL */
2696 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2697 algs
= WPA_AUTH_ALG_SAE
;
2698 #endif /* CONFIG_SAE */
2700 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2701 if (ssid
->auth_alg
) {
2702 algs
= ssid
->auth_alg
;
2703 wpa_dbg(wpa_s
, MSG_DEBUG
,
2704 "Overriding auth_alg selection: 0x%x", algs
);
2708 if (sae_pmksa_cached
&& algs
== WPA_AUTH_ALG_SAE
) {
2709 wpa_dbg(wpa_s
, MSG_DEBUG
,
2710 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2711 algs
= WPA_AUTH_ALG_OPEN
;
2713 #endif /* CONFIG_SAE */
2716 if (wpa_s
->global
->p2p
) {
2720 pos
= wpa_ie
+ wpa_ie_len
;
2721 len
= max_wpa_ie_len
- wpa_ie_len
;
2722 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2728 wpa_s
->cross_connect_disallowed
= 0;
2731 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2733 wpa_s
->cross_connect_disallowed
=
2734 p2p_get_cross_connect_disallowed(p2p
);
2736 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2738 wpa_s
->cross_connect_disallowed
?
2739 "disallows" : "allows");
2743 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2744 #endif /* CONFIG_P2P */
2747 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, ssid
, bss
->freq
,
2748 wpa_ie
+ wpa_ie_len
,
2754 * Workaround: Add Extended Capabilities element only if the AP
2755 * included this element in Beacon/Probe Response frames. Some older
2756 * APs seem to have interoperability issues if this element is
2757 * included, so while the standard may require us to include the
2758 * element in all cases, it is justifiable to skip it to avoid
2759 * interoperability issues.
2761 if (ssid
->p2p_group
)
2762 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2764 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2766 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2769 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2771 if (ext_capab_len
> 0 &&
2772 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2774 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2776 os_memmove(pos
+ ext_capab_len
, pos
,
2777 wpa_ie_len
- (pos
- wpa_ie
));
2778 wpa_ie_len
+= ext_capab_len
;
2779 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2784 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2785 struct wpabuf
*hs20
;
2787 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2789 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2792 wpas_hs20_add_indication(hs20
, pps_mo_id
,
2793 get_hs20_version(bss
));
2794 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2795 len
= max_wpa_ie_len
- wpa_ie_len
;
2796 if (wpabuf_len(hs20
) <= len
) {
2797 os_memcpy(wpa_ie
+ wpa_ie_len
,
2798 wpabuf_head(hs20
), wpabuf_len(hs20
));
2799 wpa_ie_len
+= wpabuf_len(hs20
);
2803 hs20_configure_frame_filters(wpa_s
);
2806 #endif /* CONFIG_HS20 */
2808 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2809 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2812 len
= max_wpa_ie_len
- wpa_ie_len
;
2813 if (wpabuf_len(buf
) <= len
) {
2814 os_memcpy(wpa_ie
+ wpa_ie_len
,
2815 wpabuf_head(buf
), wpabuf_len(buf
));
2816 wpa_ie_len
+= wpabuf_len(buf
);
2821 if (wpa_s
->fst_ies
) {
2822 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2824 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2825 os_memcpy(wpa_ie
+ wpa_ie_len
,
2826 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2827 wpa_ie_len
+= fst_ies_len
;
2830 #endif /* CONFIG_FST */
2833 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2837 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2838 max_wpa_ie_len
- wpa_ie_len
,
2839 !!mbo_attr_from_mbo_ie(mbo_ie
,
2840 OCE_ATTR_ID_CAPA_IND
));
2844 #endif /* CONFIG_MBO */
2847 if (algs
== WPA_AUTH_ALG_FILS
) {
2850 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2851 max_wpa_ie_len
- wpa_ie_len
);
2854 #endif /* CONFIG_FILS */
2857 #ifdef CONFIG_TESTING_OPTIONS
2858 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2859 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2861 #endif /* CONFIG_TESTING_OPTIONS */
2862 if (algs
== WPA_AUTH_ALG_OPEN
&&
2863 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2864 struct wpabuf
*owe_ie
;
2867 if (ssid
->owe_group
) {
2868 group
= ssid
->owe_group
;
2869 } else if (wpa_s
->assoc_status_code
==
2870 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED
) {
2871 if (wpa_s
->last_owe_group
== 19)
2873 else if (wpa_s
->last_owe_group
== 20)
2876 group
= OWE_DH_GROUP
;
2878 group
= OWE_DH_GROUP
;
2881 wpa_s
->last_owe_group
= group
;
2882 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2883 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2885 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2886 os_memcpy(wpa_ie
+ wpa_ie_len
,
2887 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2888 wpa_ie_len
+= wpabuf_len(owe_ie
);
2890 wpabuf_free(owe_ie
);
2892 #endif /* CONFIG_OWE */
2895 if (wpa_sm_get_key_mgmt(wpa_s
->wpa
) == WPA_KEY_MGMT_DPP
&&
2896 ssid
->dpp_netaccesskey
) {
2897 dpp_pfs_free(wpa_s
->dpp_pfs
);
2898 wpa_s
->dpp_pfs
= dpp_pfs_init(ssid
->dpp_netaccesskey
,
2899 ssid
->dpp_netaccesskey_len
);
2900 if (!wpa_s
->dpp_pfs
) {
2901 wpa_printf(MSG_DEBUG
, "DPP: Could not initialize PFS");
2902 /* Try to continue without PFS */
2905 if (wpabuf_len(wpa_s
->dpp_pfs
->ie
) <=
2906 max_wpa_ie_len
- wpa_ie_len
) {
2907 os_memcpy(wpa_ie
+ wpa_ie_len
,
2908 wpabuf_head(wpa_s
->dpp_pfs
->ie
),
2909 wpabuf_len(wpa_s
->dpp_pfs
->ie
));
2910 wpa_ie_len
+= wpabuf_len(wpa_s
->dpp_pfs
->ie
);
2914 #endif /* CONFIG_DPP2 */
2916 #ifdef CONFIG_IEEE80211R
2918 * Add MDIE under these conditions: the network profile allows FT,
2919 * the AP supports FT, and the mobility domain ID matches.
2921 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2922 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2924 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2926 const u8
*md
= mdie
+ 2;
2927 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2929 if (os_memcmp(md
, wpa_md
,
2930 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2931 /* Add mobility domain IE */
2932 len
= wpa_ft_add_mdie(
2933 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2934 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2938 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2939 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2940 wpa_dbg(wpa_s
, MSG_DEBUG
,
2941 "SME: Trying to use FT over-the-air");
2942 algs
|= WPA_AUTH_ALG_FT
;
2944 #endif /* CONFIG_SME */
2947 #endif /* CONFIG_IEEE80211R */
2949 if (ssid
->multi_ap_backhaul_sta
) {
2950 size_t multi_ap_ie_len
;
2952 multi_ap_ie_len
= add_multi_ap_ie(wpa_ie
+ wpa_ie_len
,
2953 max_wpa_ie_len
- wpa_ie_len
,
2954 MULTI_AP_BACKHAUL_STA
);
2955 if (multi_ap_ie_len
== 0) {
2956 wpa_printf(MSG_ERROR
,
2957 "Multi-AP: Failed to build Multi-AP IE");
2961 wpa_ie_len
+= multi_ap_ie_len
;
2964 params
->wpa_ie
= wpa_ie
;
2965 params
->wpa_ie_len
= wpa_ie_len
;
2966 params
->auth_alg
= algs
;
2968 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2975 static void wpas_update_owe_connect_params(struct wpa_supplicant
*wpa_s
)
2977 struct wpa_driver_associate_params params
;
2980 os_memset(¶ms
, 0, sizeof(params
));
2981 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2982 wpa_s
->current_ssid
, ¶ms
, NULL
);
2986 wpa_drv_update_connect_params(wpa_s
, ¶ms
, WPA_DRV_UPDATE_ASSOC_IES
);
2989 #endif /* CONFIG_OWE */
2992 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2993 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
2995 struct wpa_driver_associate_params params
;
2996 enum wpa_drv_update_connect_params_mask mask
= 0;
2999 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
3000 return; /* nothing to do */
3002 os_memset(¶ms
, 0, sizeof(params
));
3003 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
3004 wpa_s
->current_ssid
, ¶ms
, &mask
);
3008 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
3013 wpa_s
->auth_alg
= params
.auth_alg
;
3014 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
3017 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3021 void wpas_update_mbo_connect_params(struct wpa_supplicant
*wpa_s
)
3023 struct wpa_driver_associate_params params
;
3027 * Update MBO connect params only in case of change of MBO attributes
3028 * when connected, if the AP support MBO.
3031 if (wpa_s
->wpa_state
!= WPA_COMPLETED
|| !wpa_s
->current_ssid
||
3032 !wpa_s
->current_bss
||
3033 !wpa_bss_get_vendor_ie(wpa_s
->current_bss
, MBO_IE_VENDOR_TYPE
))
3036 os_memset(¶ms
, 0, sizeof(params
));
3037 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
3038 wpa_s
->current_ssid
, ¶ms
, NULL
);
3042 wpa_drv_update_connect_params(wpa_s
, ¶ms
, WPA_DRV_UPDATE_ASSOC_IES
);
3045 #endif /* CONFIG_MBO */
3048 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
3050 struct wpa_connect_work
*cwork
= work
->ctx
;
3051 struct wpa_bss
*bss
= cwork
->bss
;
3052 struct wpa_ssid
*ssid
= cwork
->ssid
;
3053 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
3055 int use_crypt
, ret
, i
, bssid_changed
;
3056 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
3057 struct wpa_driver_associate_params params
;
3058 int wep_keys_set
= 0;
3059 int assoc_failed
= 0;
3060 struct wpa_ssid
*old_ssid
;
3061 u8 prev_bssid
[ETH_ALEN
];
3062 #ifdef CONFIG_HT_OVERRIDES
3063 struct ieee80211_ht_capabilities htcaps
;
3064 struct ieee80211_ht_capabilities htcaps_mask
;
3065 #endif /* CONFIG_HT_OVERRIDES */
3066 #ifdef CONFIG_VHT_OVERRIDES
3067 struct ieee80211_vht_capabilities vhtcaps
;
3068 struct ieee80211_vht_capabilities vhtcaps_mask
;
3069 #endif /* CONFIG_VHT_OVERRIDES */
3072 if (work
->started
) {
3073 wpa_s
->connect_work
= NULL
;
3075 /* cancel possible auth. timeout */
3076 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
3079 wpas_connect_work_free(cwork
);
3083 wpa_s
->connect_work
= work
;
3085 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
3086 wpas_network_disabled(wpa_s
, ssid
)) {
3087 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3088 wpas_connect_work_done(wpa_s
);
3092 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
3093 os_memset(¶ms
, 0, sizeof(params
));
3094 wpa_s
->reassociate
= 0;
3095 wpa_s
->eap_expected_failure
= 0;
3097 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
3098 #ifdef CONFIG_IEEE80211R
3099 const u8
*ie
, *md
= NULL
;
3100 #endif /* CONFIG_IEEE80211R */
3101 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
3102 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
3103 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
3104 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
3105 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
3106 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
3108 wpas_notify_bssid_changed(wpa_s
);
3109 #ifdef CONFIG_IEEE80211R
3110 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
3111 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
3113 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
3115 /* Prepare for the next transition */
3116 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
3118 #endif /* CONFIG_IEEE80211R */
3120 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
3121 wpa_s
->conf
->ap_scan
== 2 &&
3122 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
3123 /* Use ap_scan==1 style network selection to find the network
3125 wpas_connect_work_done(wpa_s
);
3126 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
3127 wpa_s
->reassociate
= 1;
3128 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3130 #endif /* CONFIG_WPS */
3132 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
3133 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
3135 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
3137 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3140 wpa_supplicant_cancel_sched_scan(wpa_s
);
3142 wpa_supplicant_cancel_scan(wpa_s
);
3144 /* Starting new association, so clear the possibly used WPA IE from the
3145 * previous association. */
3146 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
3148 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
3150 wpas_connect_work_done(wpa_s
);
3154 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
3156 cipher_pairwise
= wpa_s
->pairwise_cipher
;
3157 cipher_group
= wpa_s
->group_cipher
;
3158 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
3159 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
3160 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3161 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
3163 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
3168 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
3171 #ifdef IEEE8021X_EAPOL
3172 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3173 if ((ssid
->eapol_flags
&
3174 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
3175 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
3179 /* Assume that dynamic WEP-104 keys will be used and
3180 * set cipher suites in order for drivers to expect
3182 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
3185 #endif /* IEEE8021X_EAPOL */
3187 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3188 /* Set the key before (and later after) association */
3189 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3192 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
3194 params
.ssid
= bss
->ssid
;
3195 params
.ssid_len
= bss
->ssid_len
;
3196 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
3197 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3198 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
3199 MACSTR
" freq=%u MHz based on scan results "
3200 "(bssid_set=%d wps=%d)",
3201 MAC2STR(bss
->bssid
), bss
->freq
,
3203 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
3204 params
.bssid
= bss
->bssid
;
3205 params
.freq
.freq
= bss
->freq
;
3207 params
.bssid_hint
= bss
->bssid
;
3208 params
.freq_hint
= bss
->freq
;
3209 params
.pbss
= bss_is_pbss(bss
);
3211 if (ssid
->bssid_hint_set
)
3212 params
.bssid_hint
= ssid
->bssid_hint
;
3214 params
.ssid
= ssid
->ssid
;
3215 params
.ssid_len
= ssid
->ssid_len
;
3216 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3219 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3220 wpa_s
->conf
->ap_scan
== 2) {
3221 params
.bssid
= ssid
->bssid
;
3222 params
.fixed_bssid
= 1;
3225 /* Initial frequency for IBSS/mesh */
3226 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3227 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3228 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3230 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3231 params
.fixed_freq
= ssid
->fixed_freq
;
3232 if (ssid
->beacon_int
)
3233 params
.beacon_int
= ssid
->beacon_int
;
3235 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3238 params
.pairwise_suite
= cipher_pairwise
;
3239 params
.group_suite
= cipher_group
;
3240 params
.mgmt_group_suite
= cipher_group_mgmt
;
3241 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3242 params
.wpa_proto
= wpa_s
->wpa_proto
;
3243 wpa_s
->auth_alg
= params
.auth_alg
;
3244 params
.mode
= ssid
->mode
;
3245 params
.bg_scan_period
= ssid
->bg_scan_period
;
3246 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3247 if (ssid
->wep_key_len
[i
])
3248 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3249 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3251 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3253 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
) &&
3254 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3255 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3256 params
.passphrase
= ssid
->passphrase
;
3258 params
.psk
= ssid
->psk
;
3261 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X
) &&
3262 (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3263 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3264 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3265 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
))
3266 params
.req_handshake_offload
= 1;
3268 if (wpa_s
->conf
->key_mgmt_offload
) {
3269 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3270 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3271 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3272 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3273 params
.req_key_mgmt_offload
=
3274 ssid
->proactive_key_caching
< 0 ?
3275 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3277 params
.req_key_mgmt_offload
= 1;
3279 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3280 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3281 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3283 params
.psk
= ssid
->psk
;
3286 params
.drop_unencrypted
= use_crypt
;
3288 #ifdef CONFIG_IEEE80211W
3289 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3290 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3291 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3292 struct wpa_ie_data ie
;
3293 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3295 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3296 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3297 "MFP: require MFP");
3298 params
.mgmt_frame_protection
=
3299 MGMT_FRAME_PROTECTION_REQUIRED
;
3301 } else if (!rsn
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
3303 params
.mgmt_frame_protection
= NO_MGMT_FRAME_PROTECTION
;
3304 #endif /* CONFIG_OWE */
3307 #endif /* CONFIG_IEEE80211W */
3309 params
.p2p
= ssid
->p2p_group
;
3311 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3312 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3316 #ifdef CONFIG_HT_OVERRIDES
3317 os_memset(&htcaps
, 0, sizeof(htcaps
));
3318 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3319 params
.htcaps
= (u8
*) &htcaps
;
3320 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3321 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3322 #endif /* CONFIG_HT_OVERRIDES */
3323 #ifdef CONFIG_VHT_OVERRIDES
3324 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3325 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3326 params
.vhtcaps
= &vhtcaps
;
3327 params
.vhtcaps_mask
= &vhtcaps_mask
;
3328 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3329 #endif /* CONFIG_VHT_OVERRIDES */
3333 * If multi-channel concurrency is not supported, check for any
3334 * frequency conflict. In case of any frequency conflict, remove the
3335 * least prioritized connection.
3337 if (wpa_s
->num_multichan_concurrent
< 2) {
3339 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3340 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3341 wpa_printf(MSG_DEBUG
,
3342 "Assoc conflicting freq found (%d != %d)",
3343 freq
, params
.freq
.freq
);
3344 if (wpas_p2p_handle_frequency_conflicts(
3345 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3346 wpas_connect_work_done(wpa_s
);
3352 #endif /* CONFIG_P2P */
3354 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3355 wpa_s
->current_ssid
)
3356 params
.prev_bssid
= prev_bssid
;
3358 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3361 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3363 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3365 * The driver is known to mean what is saying, so we
3366 * can stop right here; the association will not
3369 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3370 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3371 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3374 /* try to continue anyway; new association will be tried again
3379 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3380 /* Set the key after the association just in case association
3381 * cleared the previously configured key. */
3382 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3383 /* No need to timeout authentication since there is no key
3385 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3386 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3387 #ifdef CONFIG_IBSS_RSN
3388 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3389 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3390 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3392 * RSN IBSS authentication is per-STA and we can disable the
3393 * per-BSSID authentication.
3395 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3396 #endif /* CONFIG_IBSS_RSN */
3398 /* Timeout for IEEE 802.11 authentication and association */
3402 /* give IBSS a bit more time */
3403 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3404 } else if (wpa_s
->conf
->ap_scan
== 1) {
3405 /* give IBSS a bit more time */
3406 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3408 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3412 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3413 /* Set static WEP keys again */
3414 wpa_set_wep_keys(wpa_s
, ssid
);
3417 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3419 * Do not allow EAP session resumption between different
3420 * network configurations.
3422 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3424 old_ssid
= wpa_s
->current_ssid
;
3425 wpa_s
->current_ssid
= ssid
;
3427 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3428 wpa_s
->current_bss
= bss
;
3430 hs20_configure_frame_filters(wpa_s
);
3431 #endif /* CONFIG_HS20 */
3434 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3435 wpa_supplicant_initiate_eapol(wpa_s
);
3436 if (old_ssid
!= wpa_s
->current_ssid
)
3437 wpas_notify_network_changed(wpa_s
);
3441 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3444 struct wpa_ssid
*old_ssid
;
3446 wpas_connect_work_done(wpa_s
);
3447 wpa_clear_keys(wpa_s
, addr
);
3448 old_ssid
= wpa_s
->current_ssid
;
3449 wpa_supplicant_mark_disassoc(wpa_s
);
3450 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3451 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3452 if (old_ssid
!= wpa_s
->current_ssid
)
3453 wpas_notify_network_changed(wpa_s
);
3454 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3459 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3460 * @wpa_s: Pointer to wpa_supplicant data
3461 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3463 * This function is used to request %wpa_supplicant to deauthenticate from the
3466 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3470 union wpa_event_data event
;
3473 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3474 " pending_bssid=" MACSTR
" reason=%d (%s) state=%s",
3475 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3476 reason_code
, reason2str(reason_code
),
3477 wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3479 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3480 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3481 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3482 addr
= wpa_s
->pending_bssid
;
3483 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3484 addr
= wpa_s
->bssid
;
3485 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3487 * When using driver-based BSS selection, we may not know the
3488 * BSSID with which we are currently trying to associate. We
3489 * need to notify the driver of this disconnection even in such
3490 * a case, so use the all zeros address here.
3492 addr
= wpa_s
->bssid
;
3496 if (wpa_s
->enabled_4addr_mode
&& wpa_drv_set_4addr_mode(wpa_s
, 0) == 0)
3497 wpa_s
->enabled_4addr_mode
= 0;
3500 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3501 #endif /* CONFIG_TDLS */
3505 struct mesh_conf
*mconf
;
3507 mconf
= wpa_s
->ifmsh
->mconf
;
3508 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3510 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3511 mconf
->meshid_len
, reason_code
);
3512 wpa_supplicant_leave_mesh(wpa_s
);
3514 #endif /* CONFIG_MESH */
3517 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3518 os_memset(&event
, 0, sizeof(event
));
3519 event
.deauth_info
.reason_code
= reason_code
;
3520 event
.deauth_info
.locally_generated
= 1;
3521 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3526 wpa_supplicant_clear_connection(wpa_s
, addr
);
3529 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3530 struct wpa_ssid
*ssid
)
3532 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3536 ssid
->owe_transition_bss_select_count
= 0;
3537 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3538 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3541 * Try to reassociate since there is no current configuration and a new
3542 * network was made available.
3544 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3545 wpa_s
->reassociate
= 1;
3550 * wpa_supplicant_add_network - Add a new network
3551 * @wpa_s: wpa_supplicant structure for a network interface
3552 * Returns: The new network configuration or %NULL if operation failed
3554 * This function performs the following operations:
3555 * 1. Adds a new network.
3556 * 2. Send network addition notification.
3557 * 3. Marks the network disabled.
3558 * 4. Set network default parameters.
3560 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3562 struct wpa_ssid
*ssid
;
3564 ssid
= wpa_config_add_network(wpa_s
->conf
);
3567 wpas_notify_network_added(wpa_s
, ssid
);
3569 wpa_config_set_network_defaults(ssid
);
3576 * wpa_supplicant_remove_network - Remove a configured network based on id
3577 * @wpa_s: wpa_supplicant structure for a network interface
3578 * @id: Unique network id to search for
3579 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3580 * could not be removed
3582 * This function performs the following operations:
3583 * 1. Removes the network.
3584 * 2. Send network removal notification.
3585 * 3. Update internal state machines.
3586 * 4. Stop any running sched scans.
3588 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3590 struct wpa_ssid
*ssid
;
3593 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3596 wpas_notify_network_removed(wpa_s
, ssid
);
3598 if (wpa_s
->last_ssid
== ssid
)
3599 wpa_s
->last_ssid
= NULL
;
3601 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3603 wpa_s
->sme
.prev_bssid_set
= 0;
3604 #endif /* CONFIG_SME */
3606 * Invalidate the EAP session cache if the current or
3607 * previously used network is removed.
3609 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3612 if (ssid
== wpa_s
->current_ssid
) {
3613 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3614 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3616 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3617 wpa_s
->own_disconnect_req
= 1;
3618 wpa_supplicant_deauthenticate(wpa_s
,
3619 WLAN_REASON_DEAUTH_LEAVING
);
3622 was_disabled
= ssid
->disabled
;
3624 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3627 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3628 wpa_printf(MSG_DEBUG
,
3629 "Stop ongoing sched_scan to remove network from filters");
3630 wpa_supplicant_cancel_sched_scan(wpa_s
);
3631 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3639 * wpa_supplicant_enable_network - Mark a configured network as enabled
3640 * @wpa_s: wpa_supplicant structure for a network interface
3641 * @ssid: wpa_ssid structure for a configured network or %NULL
3643 * Enables the specified network or all networks if no network specified.
3645 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3646 struct wpa_ssid
*ssid
)
3649 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3650 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3652 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3654 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3655 (!wpa_s
->current_ssid
||
3656 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3657 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3658 if (wpa_s
->sched_scanning
) {
3659 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3660 "new network to scan filters");
3661 wpa_supplicant_cancel_sched_scan(wpa_s
);
3664 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3665 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3666 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3673 * wpa_supplicant_disable_network - Mark a configured network as disabled
3674 * @wpa_s: wpa_supplicant structure for a network interface
3675 * @ssid: wpa_ssid structure for a configured network or %NULL
3677 * Disables the specified network or all networks if no network specified.
3679 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3680 struct wpa_ssid
*ssid
)
3682 struct wpa_ssid
*other_ssid
;
3686 if (wpa_s
->sched_scanning
)
3687 wpa_supplicant_cancel_sched_scan(wpa_s
);
3689 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3690 other_ssid
= other_ssid
->next
) {
3691 was_disabled
= other_ssid
->disabled
;
3692 if (was_disabled
== 2)
3693 continue; /* do not change persistent P2P group
3696 other_ssid
->disabled
= 1;
3698 if (was_disabled
!= other_ssid
->disabled
)
3699 wpas_notify_network_enabled_changed(
3702 if (wpa_s
->current_ssid
) {
3703 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3704 wpa_s
->own_disconnect_req
= 1;
3705 wpa_supplicant_deauthenticate(
3706 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3708 } else if (ssid
->disabled
!= 2) {
3709 if (ssid
== wpa_s
->current_ssid
) {
3710 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3711 wpa_s
->own_disconnect_req
= 1;
3712 wpa_supplicant_deauthenticate(
3713 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3716 was_disabled
= ssid
->disabled
;
3720 if (was_disabled
!= ssid
->disabled
) {
3721 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3722 if (wpa_s
->sched_scanning
) {
3723 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3724 "to remove network from filters");
3725 wpa_supplicant_cancel_sched_scan(wpa_s
);
3726 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3734 * wpa_supplicant_select_network - Attempt association with a network
3735 * @wpa_s: wpa_supplicant structure for a network interface
3736 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3738 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3739 struct wpa_ssid
*ssid
)
3742 struct wpa_ssid
*other_ssid
;
3743 int disconnected
= 0;
3745 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3746 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3747 wpa_s
->own_disconnect_req
= 1;
3748 wpa_supplicant_deauthenticate(
3749 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3754 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3757 * Mark all other networks disabled or mark all networks enabled if no
3758 * network specified.
3760 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3761 other_ssid
= other_ssid
->next
) {
3762 int was_disabled
= other_ssid
->disabled
;
3763 if (was_disabled
== 2)
3764 continue; /* do not change persistent P2P group data */
3766 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3767 if (was_disabled
&& !other_ssid
->disabled
)
3768 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3770 if (was_disabled
!= other_ssid
->disabled
)
3771 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3774 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3775 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3776 /* We are already associated with the selected network */
3777 wpa_printf(MSG_DEBUG
, "Already associated with the "
3778 "selected network - do nothing");
3783 wpa_s
->current_ssid
= ssid
;
3784 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3785 wpa_s
->connect_without_scan
=
3786 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3789 * Don't optimize next scan freqs since a new ESS has been
3792 os_free(wpa_s
->next_scan_freqs
);
3793 wpa_s
->next_scan_freqs
= NULL
;
3795 wpa_s
->connect_without_scan
= NULL
;
3798 wpa_s
->disconnected
= 0;
3799 wpa_s
->reassociate
= 1;
3800 wpa_s
->last_owe_group
= 0;
3802 ssid
->owe_transition_bss_select_count
= 0;
3804 if (wpa_s
->connect_without_scan
||
3805 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3806 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3807 wpas_scan_reset_sched_scan(wpa_s
);
3808 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3812 wpas_notify_network_selected(wpa_s
, ssid
);
3817 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3818 * @wpa_s: wpa_supplicant structure for a network interface
3819 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3820 * @pkcs11_module_path: PKCS #11 module path or NULL
3821 * Returns: 0 on success; -1 on failure
3823 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3824 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3825 * module path fails the paths will be reset to the default value (NULL).
3827 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3828 const char *pkcs11_engine_path
,
3829 const char *pkcs11_module_path
)
3831 char *pkcs11_engine_path_copy
= NULL
;
3832 char *pkcs11_module_path_copy
= NULL
;
3834 if (pkcs11_engine_path
!= NULL
) {
3835 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3836 if (pkcs11_engine_path_copy
== NULL
)
3839 if (pkcs11_module_path
!= NULL
) {
3840 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3841 if (pkcs11_module_path_copy
== NULL
) {
3842 os_free(pkcs11_engine_path_copy
);
3847 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3848 os_free(wpa_s
->conf
->pkcs11_module_path
);
3849 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3850 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3852 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3853 eapol_sm_deinit(wpa_s
->eapol
);
3854 wpa_s
->eapol
= NULL
;
3855 if (wpa_supplicant_init_eapol(wpa_s
)) {
3856 /* Error -> Reset paths to the default value (NULL) once. */
3857 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3858 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3863 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3870 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3871 * @wpa_s: wpa_supplicant structure for a network interface
3872 * @ap_scan: AP scan mode
3873 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3876 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3881 if (ap_scan
< 0 || ap_scan
> 2)
3884 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3885 wpa_printf(MSG_INFO
,
3886 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3890 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3891 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3892 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3893 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3894 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3897 #endif /* ANDROID */
3899 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3900 wpa_s
->conf
->ap_scan
= ap_scan
;
3902 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3903 wpas_notify_ap_scan_changed(wpa_s
);
3910 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3911 * @wpa_s: wpa_supplicant structure for a network interface
3912 * @expire_age: Expiration age in seconds
3913 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3916 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3917 unsigned int bss_expire_age
)
3919 if (bss_expire_age
< 10) {
3920 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3924 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3926 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3933 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3934 * @wpa_s: wpa_supplicant structure for a network interface
3935 * @expire_count: number of scans after which an unseen BSS is reclaimed
3936 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3939 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3940 unsigned int bss_expire_count
)
3942 if (bss_expire_count
< 1) {
3943 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3947 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3949 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3956 * wpa_supplicant_set_scan_interval - Set scan interval
3957 * @wpa_s: wpa_supplicant structure for a network interface
3958 * @scan_interval: scan interval in seconds
3959 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3962 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3965 if (scan_interval
< 0) {
3966 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3970 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3972 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3979 * wpa_supplicant_set_debug_params - Set global debug params
3980 * @global: wpa_global structure
3981 * @debug_level: debug level
3982 * @debug_timestamp: determines if show timestamp in debug data
3983 * @debug_show_keys: determines if show keys in debug data
3984 * Returns: 0 if succeed or -1 if debug_level has wrong value
3986 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3987 int debug_timestamp
, int debug_show_keys
)
3990 int old_level
, old_timestamp
, old_show_keys
;
3992 /* check for allowed debuglevels */
3993 if (debug_level
!= MSG_EXCESSIVE
&&
3994 debug_level
!= MSG_MSGDUMP
&&
3995 debug_level
!= MSG_DEBUG
&&
3996 debug_level
!= MSG_INFO
&&
3997 debug_level
!= MSG_WARNING
&&
3998 debug_level
!= MSG_ERROR
)
4001 old_level
= wpa_debug_level
;
4002 old_timestamp
= wpa_debug_timestamp
;
4003 old_show_keys
= wpa_debug_show_keys
;
4005 wpa_debug_level
= debug_level
;
4006 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
4007 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
4009 if (wpa_debug_level
!= old_level
)
4010 wpas_notify_debug_level_changed(global
);
4011 if (wpa_debug_timestamp
!= old_timestamp
)
4012 wpas_notify_debug_timestamp_changed(global
);
4013 if (wpa_debug_show_keys
!= old_show_keys
)
4014 wpas_notify_debug_show_keys_changed(global
);
4021 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
4022 const u8
*entry_ssid
, size_t entry_ssid_len
)
4024 const u8
*owe
, *pos
, *end
;
4026 struct wpa_bss
*bss
;
4028 /* Check network profile SSID aganst the SSID in the
4029 * OWE Transition Mode element. */
4031 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
4035 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
4040 end
= owe
+ 2 + owe
[1];
4042 if (end
- pos
< ETH_ALEN
+ 1)
4046 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
4049 return entry_ssid_len
== ssid_len
&&
4050 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
4052 #endif /* CONFIG_OWE */
4056 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4057 * @wpa_s: Pointer to wpa_supplicant data
4058 * Returns: A pointer to the current network structure or %NULL on failure
4060 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
4062 struct wpa_ssid
*entry
;
4063 u8 ssid
[SSID_MAX_LEN
];
4069 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
4071 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
4077 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
4078 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
4083 wired
= wpa_s
->conf
->ap_scan
== 0 &&
4084 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
4086 entry
= wpa_s
->conf
->ssid
;
4088 if (!wpas_network_disabled(wpa_s
, entry
) &&
4089 ((ssid_len
== entry
->ssid_len
&&
4091 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0)) ||
4093 (!entry
->bssid_set
||
4094 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4097 if (!wpas_network_disabled(wpa_s
, entry
) &&
4098 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4099 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
4100 (!entry
->bssid_set
||
4101 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4103 #endif /* CONFIG_WPS */
4106 if (!wpas_network_disabled(wpa_s
, entry
) &&
4107 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
4109 (!entry
->bssid_set
||
4110 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4112 #endif /* CONFIG_OWE */
4114 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
4115 entry
->ssid_len
== 0 &&
4116 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
4119 entry
= entry
->next
;
4126 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
4128 struct wpa_global
*global
= wpa_s
->global
;
4130 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
4131 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
4132 if (global
->drv_priv
[i
] == NULL
) {
4133 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
4134 "'%s'", wpa_drivers
[i
]->name
);
4139 wpa_s
->driver
= wpa_drivers
[i
];
4140 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
4146 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
4151 const char *pos
, *driver
= name
;
4156 if (wpa_drivers
[0] == NULL
) {
4157 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
4163 /* default to first driver in the list */
4164 return select_driver(wpa_s
, 0);
4168 pos
= os_strchr(driver
, ',');
4172 len
= os_strlen(driver
);
4174 for (i
= 0; wpa_drivers
[i
]; i
++) {
4175 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
4176 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
4178 /* First driver that succeeds wins */
4179 if (select_driver(wpa_s
, i
) == 0)
4187 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
4193 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4194 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4195 * with struct wpa_driver_ops::init()
4196 * @src_addr: Source address of the EAPOL frame
4197 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4198 * @len: Length of the EAPOL data
4200 * This function is called for each received EAPOL frame. Most driver
4201 * interfaces rely on more generic OS mechanism for receiving frames through
4202 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4203 * take care of received EAPOL frames and deliver them to the core supplicant
4204 * code by calling this function.
4206 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
4207 const u8
*buf
, size_t len
)
4209 struct wpa_supplicant
*wpa_s
= ctx
;
4211 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
4212 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
4214 #ifdef CONFIG_TESTING_OPTIONS
4215 if (wpa_s
->ignore_auth_resp
) {
4216 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
4219 #endif /* CONFIG_TESTING_OPTIONS */
4221 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
4222 (wpa_s
->last_eapol_matches_bssid
&&
4225 #endif /* CONFIG_AP */
4226 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
4228 * There is possible race condition between receiving the
4229 * association event and the EAPOL frame since they are coming
4230 * through different paths from the driver. In order to avoid
4231 * issues in trying to process the EAPOL frame before receiving
4232 * association information, lets queue it for processing until
4233 * the association event is received. This may also be needed in
4234 * driver-based roaming case, so also use src_addr != BSSID as a
4235 * trigger if we have previously confirmed that the
4236 * Authenticator uses BSSID as the src_addr (which is not the
4237 * case with wired IEEE 802.1X).
4239 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4240 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4241 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4242 MAC2STR(wpa_s
->bssid
));
4243 wpabuf_free(wpa_s
->pending_eapol_rx
);
4244 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4245 if (wpa_s
->pending_eapol_rx
) {
4246 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4247 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4253 wpa_s
->last_eapol_matches_bssid
=
4254 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4257 if (wpa_s
->ap_iface
) {
4258 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4261 #endif /* CONFIG_AP */
4263 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4264 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4265 "no key management is configured");
4269 if (wpa_s
->eapol_received
== 0 &&
4270 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
) ||
4271 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4272 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4273 (wpa_s
->current_ssid
== NULL
||
4274 wpa_s
->current_ssid
->mode
!= WPAS_MODE_IBSS
)) {
4275 /* Timeout for completing IEEE 802.1X and WPA authentication */
4278 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4279 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4280 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4281 /* Use longer timeout for IEEE 802.1X/EAP */
4286 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4287 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4288 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4290 * Use shorter timeout if going through WPS AP iteration
4291 * for PIN config method with an AP that does not
4292 * advertise Selected Registrar.
4294 struct wpabuf
*wps_ie
;
4296 wps_ie
= wpa_bss_get_vendor_ie_multi(
4297 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4299 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4301 wpabuf_free(wps_ie
);
4303 #endif /* CONFIG_WPS */
4305 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4307 wpa_s
->eapol_received
++;
4309 if (wpa_s
->countermeasures
) {
4310 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4315 #ifdef CONFIG_IBSS_RSN
4316 if (wpa_s
->current_ssid
&&
4317 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4318 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4321 #endif /* CONFIG_IBSS_RSN */
4323 /* Source address of the incoming EAPOL frame could be compared to the
4324 * current BSSID. However, it is possible that a centralized
4325 * Authenticator could be using another MAC address than the BSSID of
4326 * an AP, so just allow any address to be used for now. The replies are
4327 * still sent to the current BSSID (if available), though. */
4329 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4330 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4331 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4332 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4333 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4335 wpa_drv_poll(wpa_s
);
4336 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
))
4337 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4338 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4340 * Set portValid = TRUE here since we are going to skip 4-way
4341 * handshake processing which would normally set portValid. We
4342 * need this to allow the EAPOL state machines to be completed
4343 * without going through EAPOL-Key handshake.
4345 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4350 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4352 if ((!wpa_s
->p2p_mgmt
||
4353 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4354 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4355 l2_packet_deinit(wpa_s
->l2
);
4356 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4357 wpa_drv_get_mac_addr(wpa_s
),
4359 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4360 if (wpa_s
->l2
== NULL
)
4363 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4364 L2_PACKET_FILTER_PKTTYPE
))
4365 wpa_dbg(wpa_s
, MSG_DEBUG
,
4366 "Failed to attach pkt_type filter");
4368 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4370 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4373 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4374 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4378 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4384 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4385 const u8
*buf
, size_t len
)
4387 struct wpa_supplicant
*wpa_s
= ctx
;
4388 const struct l2_ethhdr
*eth
;
4390 if (len
< sizeof(*eth
))
4392 eth
= (const struct l2_ethhdr
*) buf
;
4394 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4395 !(eth
->h_dest
[0] & 0x01)) {
4396 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4397 " (bridge - not for this interface - ignore)",
4398 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4402 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4403 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4404 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4405 len
- sizeof(*eth
));
4410 * wpa_supplicant_driver_init - Initialize driver interface parameters
4411 * @wpa_s: Pointer to wpa_supplicant data
4412 * Returns: 0 on success, -1 on failure
4414 * This function is called to initialize driver interface parameters.
4415 * wpa_drv_init() must have been called before this function to initialize the
4418 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4420 static int interface_count
= 0;
4422 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4425 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4426 MAC2STR(wpa_s
->own_addr
));
4427 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4428 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4430 if (wpa_s
->bridge_ifname
[0]) {
4431 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4432 "interface '%s'", wpa_s
->bridge_ifname
);
4433 wpa_s
->l2_br
= l2_packet_init_bridge(
4434 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4435 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4436 if (wpa_s
->l2_br
== NULL
) {
4437 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4438 "connection for the bridge interface '%s'",
4439 wpa_s
->bridge_ifname
);
4444 if (wpa_s
->conf
->ap_scan
== 2 &&
4445 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4446 wpa_printf(MSG_INFO
,
4447 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4450 wpa_clear_keys(wpa_s
, NULL
);
4452 /* Make sure that TKIP countermeasures are not left enabled (could
4453 * happen if wpa_supplicant is killed during countermeasures. */
4454 wpa_drv_set_countermeasures(wpa_s
, 0);
4456 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4457 wpa_drv_flush_pmkid(wpa_s
);
4459 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4460 wpa_s
->prev_scan_wildcard
= 0;
4462 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4463 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4464 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4465 interface_count
= 0;
4468 if (!wpa_s
->p2p_mgmt
&&
4469 wpa_supplicant_delayed_sched_scan(wpa_s
,
4470 interface_count
% 3,
4472 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4474 #endif /* ANDROID */
4477 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4483 static int wpa_supplicant_daemon(const char *pid_file
)
4485 wpa_printf(MSG_DEBUG
, "Daemonize..");
4486 return os_daemonize(pid_file
);
4490 static struct wpa_supplicant
*
4491 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4493 struct wpa_supplicant
*wpa_s
;
4495 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4498 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4499 wpa_s
->scan_interval
= 5;
4500 wpa_s
->new_connection
= 1;
4501 wpa_s
->parent
= parent
? parent
: wpa_s
;
4502 wpa_s
->p2pdev
= wpa_s
->parent
;
4503 wpa_s
->sched_scanning
= 0;
4505 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4506 dl_list_init(&wpa_s
->fils_hlp_req
);
4512 #ifdef CONFIG_HT_OVERRIDES
4514 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4515 struct ieee80211_ht_capabilities
*htcaps
,
4516 struct ieee80211_ht_capabilities
*htcaps_mask
,
4519 /* parse ht_mcs into hex array */
4521 const char *tmp
= ht_mcs
;
4524 /* If ht_mcs is null, do not set anything */
4528 /* This is what we are setting in the kernel */
4529 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4531 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4533 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4537 v
= strtol(tmp
, &end
, 16);
4540 wpa_msg(wpa_s
, MSG_DEBUG
,
4541 "htcap value[%i]: %ld end: %p tmp: %p",
4546 htcaps
->supported_mcs_set
[i
] = v
;
4549 wpa_msg(wpa_s
, MSG_ERROR
,
4550 "Failed to parse ht-mcs: %s, error: %s\n",
4551 ht_mcs
, strerror(errno
));
4557 * If we were able to parse any values, then set mask for the MCS set.
4560 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4561 IEEE80211_HT_MCS_MASK_LEN
- 1);
4562 /* skip the 3 reserved bits */
4563 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4571 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4572 struct ieee80211_ht_capabilities
*htcaps
,
4573 struct ieee80211_ht_capabilities
*htcaps_mask
,
4581 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4583 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4584 htcaps_mask
->ht_capabilities_info
|= msk
;
4586 htcaps
->ht_capabilities_info
&= msk
;
4588 htcaps
->ht_capabilities_info
|= msk
;
4594 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4595 struct ieee80211_ht_capabilities
*htcaps
,
4596 struct ieee80211_ht_capabilities
*htcaps_mask
,
4602 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4604 if (factor
< 0 || factor
> 3) {
4605 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4606 "Must be 0-3 or -1", factor
);
4610 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4611 htcaps
->a_mpdu_params
&= ~0x3;
4612 htcaps
->a_mpdu_params
|= factor
& 0x3;
4618 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4619 struct ieee80211_ht_capabilities
*htcaps
,
4620 struct ieee80211_ht_capabilities
*htcaps_mask
,
4626 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4628 if (density
< 0 || density
> 7) {
4629 wpa_msg(wpa_s
, MSG_ERROR
,
4630 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4635 htcaps_mask
->a_mpdu_params
|= 0x1C;
4636 htcaps
->a_mpdu_params
&= ~(0x1C);
4637 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4643 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4644 struct ieee80211_ht_capabilities
*htcaps
,
4645 struct ieee80211_ht_capabilities
*htcaps_mask
,
4649 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4651 set_disable_ht40(htcaps
, disabled
);
4652 set_disable_ht40(htcaps_mask
, 0);
4658 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4659 struct ieee80211_ht_capabilities
*htcaps
,
4660 struct ieee80211_ht_capabilities
*htcaps_mask
,
4663 /* Masking these out disables SGI */
4664 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4665 HT_CAP_INFO_SHORT_GI40MHZ
);
4668 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4671 htcaps
->ht_capabilities_info
&= ~msk
;
4673 htcaps
->ht_capabilities_info
|= msk
;
4675 htcaps_mask
->ht_capabilities_info
|= msk
;
4681 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4682 struct ieee80211_ht_capabilities
*htcaps
,
4683 struct ieee80211_ht_capabilities
*htcaps_mask
,
4686 /* Masking these out disables LDPC */
4687 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4690 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4693 htcaps
->ht_capabilities_info
&= ~msk
;
4695 htcaps
->ht_capabilities_info
|= msk
;
4697 htcaps_mask
->ht_capabilities_info
|= msk
;
4703 static int wpa_set_tx_stbc(struct wpa_supplicant
*wpa_s
,
4704 struct ieee80211_ht_capabilities
*htcaps
,
4705 struct ieee80211_ht_capabilities
*htcaps_mask
,
4708 le16 msk
= host_to_le16(HT_CAP_INFO_TX_STBC
);
4713 wpa_msg(wpa_s
, MSG_DEBUG
, "set_tx_stbc: %d", tx_stbc
);
4715 if (tx_stbc
< 0 || tx_stbc
> 1) {
4716 wpa_msg(wpa_s
, MSG_ERROR
,
4717 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc
);
4721 htcaps_mask
->ht_capabilities_info
|= msk
;
4722 htcaps
->ht_capabilities_info
&= ~msk
;
4723 htcaps
->ht_capabilities_info
|= (tx_stbc
<< 7) & msk
;
4729 static int wpa_set_rx_stbc(struct wpa_supplicant
*wpa_s
,
4730 struct ieee80211_ht_capabilities
*htcaps
,
4731 struct ieee80211_ht_capabilities
*htcaps_mask
,
4734 le16 msk
= host_to_le16(HT_CAP_INFO_RX_STBC_MASK
);
4739 wpa_msg(wpa_s
, MSG_DEBUG
, "set_rx_stbc: %d", rx_stbc
);
4741 if (rx_stbc
< 0 || rx_stbc
> 3) {
4742 wpa_msg(wpa_s
, MSG_ERROR
,
4743 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc
);
4747 htcaps_mask
->ht_capabilities_info
|= msk
;
4748 htcaps
->ht_capabilities_info
&= ~msk
;
4749 htcaps
->ht_capabilities_info
|= (rx_stbc
<< 8) & msk
;
4755 void wpa_supplicant_apply_ht_overrides(
4756 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4757 struct wpa_driver_associate_params
*params
)
4759 struct ieee80211_ht_capabilities
*htcaps
;
4760 struct ieee80211_ht_capabilities
*htcaps_mask
;
4765 params
->disable_ht
= ssid
->disable_ht
;
4766 if (!params
->htcaps
|| !params
->htcaps_mask
)
4769 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4770 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4771 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4772 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4773 ssid
->disable_max_amsdu
);
4774 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4775 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4776 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4777 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4778 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4779 wpa_set_rx_stbc(wpa_s
, htcaps
, htcaps_mask
, ssid
->rx_stbc
);
4780 wpa_set_tx_stbc(wpa_s
, htcaps
, htcaps_mask
, ssid
->tx_stbc
);
4782 if (ssid
->ht40_intolerant
) {
4783 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4784 htcaps
->ht_capabilities_info
|= bit
;
4785 htcaps_mask
->ht_capabilities_info
|= bit
;
4789 #endif /* CONFIG_HT_OVERRIDES */
4792 #ifdef CONFIG_VHT_OVERRIDES
4793 void wpa_supplicant_apply_vht_overrides(
4794 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4795 struct wpa_driver_associate_params
*params
)
4797 struct ieee80211_vht_capabilities
*vhtcaps
;
4798 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4803 params
->disable_vht
= ssid
->disable_vht
;
4805 vhtcaps
= (void *) params
->vhtcaps
;
4806 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4808 if (!vhtcaps
|| !vhtcaps_mask
)
4811 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4812 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4814 #ifdef CONFIG_HT_OVERRIDES
4815 if (ssid
->disable_sgi
) {
4816 vhtcaps_mask
->vht_capabilities_info
|= (VHT_CAP_SHORT_GI_80
|
4817 VHT_CAP_SHORT_GI_160
);
4818 vhtcaps
->vht_capabilities_info
&= ~(VHT_CAP_SHORT_GI_80
|
4819 VHT_CAP_SHORT_GI_160
);
4820 wpa_msg(wpa_s
, MSG_DEBUG
,
4821 "disable-sgi override specified, vht-caps: 0x%x",
4822 vhtcaps
->vht_capabilities_info
);
4825 /* if max ampdu is <= 3, we have to make the HT cap the same */
4826 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4829 max_ampdu
= (ssid
->vht_capa
&
4830 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4831 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4833 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4834 wpa_set_ampdu_factor(wpa_s
,
4835 (void *) params
->htcaps
,
4836 (void *) params
->htcaps_mask
,
4839 #endif /* CONFIG_HT_OVERRIDES */
4841 #define OVERRIDE_MCS(i) \
4842 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4843 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4844 host_to_le16(3 << 2 * (i - 1)); \
4845 vhtcaps->vht_supported_mcs_set.tx_map |= \
4846 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4849 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4850 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4851 host_to_le16(3 << 2 * (i - 1)); \
4852 vhtcaps->vht_supported_mcs_set.rx_map |= \
4853 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4866 #endif /* CONFIG_VHT_OVERRIDES */
4869 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4874 if (!wpa_s
->conf
->pcsc_reader
)
4877 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4881 if (wpa_s
->conf
->pcsc_pin
&&
4882 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4883 scard_deinit(wpa_s
->scard
);
4884 wpa_s
->scard
= NULL
;
4885 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4889 len
= sizeof(wpa_s
->imsi
) - 1;
4890 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4891 scard_deinit(wpa_s
->scard
);
4892 wpa_s
->scard
= NULL
;
4893 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4896 wpa_s
->imsi
[len
] = '\0';
4898 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4900 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4901 wpa_s
->imsi
, wpa_s
->mnc_len
);
4903 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4904 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4905 #endif /* PCSC_FUNCS */
4911 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4915 ext_password_deinit(wpa_s
->ext_pw
);
4916 wpa_s
->ext_pw
= NULL
;
4917 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4919 if (!wpa_s
->conf
->ext_password_backend
)
4922 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4925 pos
= os_strchr(val
, ':');
4929 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4931 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4933 if (wpa_s
->ext_pw
== NULL
) {
4934 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4937 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4945 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4947 struct wpa_supplicant
*wpa_s
= ctx
;
4949 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4950 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4954 static void wpas_fst_get_channel_info_cb(void *ctx
,
4955 enum hostapd_hw_mode
*hw_mode
,
4958 struct wpa_supplicant
*wpa_s
= ctx
;
4960 if (wpa_s
->current_bss
) {
4961 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4963 } else if (wpa_s
->hw
.num_modes
) {
4964 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4972 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4974 struct wpa_supplicant
*wpa_s
= ctx
;
4976 *modes
= wpa_s
->hw
.modes
;
4977 return wpa_s
->hw
.num_modes
;
4981 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4983 struct wpa_supplicant
*wpa_s
= ctx
;
4985 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4986 wpa_s
->fst_ies
= fst_ies
;
4990 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4992 struct wpa_supplicant
*wpa_s
= ctx
;
4994 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4995 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
4996 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
4999 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
5000 wpa_s
->own_addr
, wpa_s
->bssid
,
5001 wpabuf_head(data
), wpabuf_len(data
),
5006 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
5008 struct wpa_supplicant
*wpa_s
= ctx
;
5010 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
5011 return wpa_s
->received_mb_ies
;
5015 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
5016 const u8
*buf
, size_t size
)
5018 struct wpa_supplicant
*wpa_s
= ctx
;
5019 struct mb_ies_info info
;
5021 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
5023 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
5024 wpabuf_free(wpa_s
->received_mb_ies
);
5025 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
5030 static const u8
* wpas_fst_get_peer_first(void *ctx
,
5031 struct fst_get_peer_ctx
**get_ctx
,
5034 struct wpa_supplicant
*wpa_s
= ctx
;
5037 if (!is_zero_ether_addr(wpa_s
->bssid
))
5038 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
5039 wpa_s
->bssid
: NULL
;
5044 static const u8
* wpas_fst_get_peer_next(void *ctx
,
5045 struct fst_get_peer_ctx
**get_ctx
,
5051 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
5052 struct fst_wpa_obj
*iface_obj
)
5054 iface_obj
->ctx
= wpa_s
;
5055 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
5056 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
5057 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
5058 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
5059 iface_obj
->send_action
= wpas_fst_send_action_cb
;
5060 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
5061 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
5062 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
5063 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
5065 #endif /* CONFIG_FST */
5067 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
5068 const struct wpa_driver_capa
*capa
)
5070 struct wowlan_triggers
*triggers
;
5073 if (!wpa_s
->conf
->wowlan_triggers
)
5076 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
5078 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
5085 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
5088 return BAND_2_4_GHZ
;
5095 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
5098 unsigned int band
= 0;
5101 /* freqs are specified for the radio work */
5102 for (i
= 0; freqs
[i
]; i
++)
5103 band
|= wpas_freq_to_band(freqs
[i
]);
5106 * freqs are not specified, implies all
5107 * the supported freqs by HW
5109 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5110 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
5111 if (wpa_s
->hw
.modes
[i
].mode
==
5112 HOSTAPD_MODE_IEEE80211B
||
5113 wpa_s
->hw
.modes
[i
].mode
==
5114 HOSTAPD_MODE_IEEE80211G
)
5115 band
|= BAND_2_4_GHZ
;
5116 else if (wpa_s
->hw
.modes
[i
].mode
==
5117 HOSTAPD_MODE_IEEE80211A
)
5119 else if (wpa_s
->hw
.modes
[i
].mode
==
5120 HOSTAPD_MODE_IEEE80211AD
)
5121 band
|= BAND_60_GHZ
;
5122 else if (wpa_s
->hw
.modes
[i
].mode
==
5123 HOSTAPD_MODE_IEEE80211ANY
)
5124 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
5134 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
5137 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
5138 struct wpa_radio
*radio
;
5140 while (rn
&& iface
) {
5141 radio
= iface
->radio
;
5142 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
5143 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
5145 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
5149 iface
= iface
->next
;
5152 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
5153 wpa_s
->ifname
, rn
? rn
: "N/A");
5154 radio
= os_zalloc(sizeof(*radio
));
5159 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
5160 dl_list_init(&radio
->ifaces
);
5161 dl_list_init(&radio
->work
);
5162 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
5168 static void radio_work_free(struct wpa_radio_work
*work
)
5170 if (work
->wpa_s
->scan_work
== work
) {
5171 /* This should not really happen. */
5172 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5173 work
->type
, work
, work
->started
);
5174 work
->wpa_s
->scan_work
= NULL
;
5178 if (work
->wpa_s
->p2p_scan_work
== work
) {
5179 /* This should not really happen. */
5180 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5181 work
->type
, work
, work
->started
);
5182 work
->wpa_s
->p2p_scan_work
= NULL
;
5184 #endif /* CONFIG_P2P */
5186 if (work
->started
) {
5187 work
->wpa_s
->radio
->num_active_works
--;
5188 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
5189 "radio_work_free('%s'@%p): num_active_works --> %u",
5191 work
->wpa_s
->radio
->num_active_works
);
5194 dl_list_del(&work
->list
);
5199 static int radio_work_is_connect(struct wpa_radio_work
*work
)
5201 return os_strcmp(work
->type
, "sme-connect") == 0 ||
5202 os_strcmp(work
->type
, "connect") == 0;
5206 static int radio_work_is_scan(struct wpa_radio_work
*work
)
5208 return os_strcmp(work
->type
, "scan") == 0 ||
5209 os_strcmp(work
->type
, "p2p-scan") == 0;
5213 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
5215 struct wpa_radio_work
*active_work
= NULL
;
5216 struct wpa_radio_work
*tmp
;
5218 /* Get the active work to know the type and band. */
5219 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5227 /* No active work, start one */
5228 radio
->num_active_works
= 0;
5229 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
5231 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5232 radio
->external_scan_running
&&
5233 (((struct wpa_driver_scan_params
*)
5234 tmp
->ctx
)->only_new_results
||
5235 tmp
->wpa_s
->clear_driver_scan_cache
))
5242 if (radio_work_is_connect(active_work
)) {
5244 * If the active work is either connect or sme-connect,
5245 * do not parallelize them with other radio works.
5247 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5248 "Do not parallelize radio work with %s",
5253 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5258 * If connect or sme-connect are enqueued, parallelize only
5259 * those operations ahead of them in the queue.
5261 if (radio_work_is_connect(tmp
))
5264 /* Serialize parallel scan and p2p_scan operations on the same
5265 * interface since the driver_nl80211 mechanism for tracking
5266 * scan cookies does not yet have support for this. */
5267 if (active_work
->wpa_s
== tmp
->wpa_s
&&
5268 radio_work_is_scan(active_work
) &&
5269 radio_work_is_scan(tmp
)) {
5270 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5271 "Do not start work '%s' when another work '%s' is already scheduled",
5272 tmp
->type
, active_work
->type
);
5276 * Check that the radio works are distinct and
5277 * on different bands.
5279 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
5280 (active_work
->bands
!= tmp
->bands
)) {
5282 * If a scan has to be scheduled through nl80211 scan
5283 * interface and if an external scan is already running,
5284 * do not schedule the scan since it is likely to get
5285 * rejected by kernel.
5287 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5288 radio
->external_scan_running
&&
5289 (((struct wpa_driver_scan_params
*)
5290 tmp
->ctx
)->only_new_results
||
5291 tmp
->wpa_s
->clear_driver_scan_cache
))
5294 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5295 "active_work:%s new_work:%s",
5296 active_work
->type
, tmp
->type
);
5301 /* Did not find a radio work to schedule in parallel. */
5306 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5308 struct wpa_radio
*radio
= eloop_ctx
;
5309 struct wpa_radio_work
*work
;
5310 struct os_reltime now
, diff
;
5311 struct wpa_supplicant
*wpa_s
;
5313 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5315 radio
->num_active_works
= 0;
5319 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5323 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5325 return; /* already started and still in progress */
5327 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5328 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5333 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5334 /* get the work to schedule next */
5335 work
= radio_work_get_next_work(radio
);
5341 wpa_s
= work
->wpa_s
;
5342 os_get_reltime(&now
);
5343 os_reltime_sub(&now
, &work
->time
, &diff
);
5344 wpa_dbg(wpa_s
, MSG_DEBUG
,
5345 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5346 work
->type
, work
, diff
.sec
, diff
.usec
);
5349 radio
->num_active_works
++;
5353 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5354 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5355 radio_work_check_next(wpa_s
);
5360 * This function removes both started and pending radio works running on
5361 * the provided interface's radio.
5362 * Prior to the removal of the radio work, its callback (cb) is called with
5363 * deinit set to be 1. Each work's callback is responsible for clearing its
5364 * internal data and restoring to a correct state.
5365 * @wpa_s: wpa_supplicant data
5366 * @type: type of works to be removed
5367 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5368 * this interface's works.
5370 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5371 const char *type
, int remove_all
)
5373 struct wpa_radio_work
*work
, *tmp
;
5374 struct wpa_radio
*radio
= wpa_s
->radio
;
5376 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5378 if (type
&& os_strcmp(type
, work
->type
) != 0)
5381 /* skip other ifaces' works */
5382 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5385 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5386 work
->type
, work
, work
->started
? " (started)" : "");
5388 radio_work_free(work
);
5391 /* in case we removed the started work */
5392 radio_work_check_next(wpa_s
);
5396 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5398 struct wpa_radio_work
*work
;
5399 struct wpa_radio
*radio
= wpa_s
->radio
;
5401 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5402 if (work
->ctx
!= ctx
)
5404 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5405 work
->type
, work
, work
->started
? " (started)" : "");
5406 radio_work_free(work
);
5412 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5414 struct wpa_radio
*radio
= wpa_s
->radio
;
5419 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5420 wpa_s
->ifname
, radio
->name
);
5421 dl_list_del(&wpa_s
->radio_list
);
5422 radio_remove_works(wpa_s
, NULL
, 0);
5423 wpa_s
->radio
= NULL
;
5424 if (!dl_list_empty(&radio
->ifaces
))
5425 return; /* Interfaces remain for this radio */
5427 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5428 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5433 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5435 struct wpa_radio
*radio
= wpa_s
->radio
;
5437 if (dl_list_empty(&radio
->work
))
5439 if (wpa_s
->ext_work_in_progress
) {
5440 wpa_printf(MSG_DEBUG
,
5441 "External radio work in progress - delay start of pending item");
5444 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5445 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5450 * radio_add_work - Add a radio work item
5451 * @wpa_s: Pointer to wpa_supplicant data
5452 * @freq: Frequency of the offchannel operation in MHz or 0
5453 * @type: Unique identifier for each type of work
5454 * @next: Force as the next work to be executed
5455 * @cb: Callback function for indicating when radio is available
5456 * @ctx: Context pointer for the work (work->ctx in cb())
5457 * Returns: 0 on success, -1 on failure
5459 * This function is used to request time for an operation that requires
5460 * exclusive radio control. Once the radio is available, the registered callback
5461 * function will be called. radio_work_done() must be called once the exclusive
5462 * radio operation has been completed, so that the radio is freed for other
5463 * operations. The special case of deinit=1 is used to free the context data
5464 * during interface removal. That does not allow the callback function to start
5465 * the radio operation, i.e., it must free any resources allocated for the radio
5468 * The @freq parameter can be used to indicate a single channel on which the
5469 * offchannel operation will occur. This may allow multiple radio work
5470 * operations to be performed in parallel if they apply for the same channel.
5471 * Setting this to 0 indicates that the work item may use multiple channels or
5472 * requires exclusive control of the radio.
5474 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5475 const char *type
, int next
,
5476 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5479 struct wpa_radio
*radio
= wpa_s
->radio
;
5480 struct wpa_radio_work
*work
;
5483 work
= os_zalloc(sizeof(*work
));
5486 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5487 os_get_reltime(&work
->time
);
5490 work
->wpa_s
= wpa_s
;
5495 work
->bands
= wpas_freq_to_band(freq
);
5496 else if (os_strcmp(type
, "scan") == 0 ||
5497 os_strcmp(type
, "p2p-scan") == 0)
5498 work
->bands
= wpas_get_bands(wpa_s
,
5499 ((struct wpa_driver_scan_params
*)
5502 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5504 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5506 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5508 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5510 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5511 radio_work_check_next(wpa_s
);
5512 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5513 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5514 wpa_dbg(wpa_s
, MSG_DEBUG
,
5515 "Try to schedule a radio work (num_active_works=%u)",
5516 radio
->num_active_works
);
5517 radio_work_check_next(wpa_s
);
5525 * radio_work_done - Indicate that a radio work item has been completed
5526 * @work: Completed work
5528 * This function is called once the callback function registered with
5529 * radio_add_work() has completed its work.
5531 void radio_work_done(struct wpa_radio_work
*work
)
5533 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5534 struct os_reltime now
, diff
;
5535 unsigned int started
= work
->started
;
5537 os_get_reltime(&now
);
5538 os_reltime_sub(&now
, &work
->time
, &diff
);
5539 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5540 work
->type
, work
, started
? "done" : "canceled",
5541 diff
.sec
, diff
.usec
);
5542 radio_work_free(work
);
5544 radio_work_check_next(wpa_s
);
5548 struct wpa_radio_work
*
5549 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5551 struct wpa_radio_work
*work
;
5552 struct wpa_radio
*radio
= wpa_s
->radio
;
5554 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5555 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5563 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5564 const struct wpa_interface
*iface
)
5566 const char *ifname
, *driver
, *rn
;
5568 driver
= iface
->driver
;
5570 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5573 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5574 if (wpa_s
->drv_priv
== NULL
) {
5576 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5578 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5579 "driver interface - try next driver wrapper");
5583 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5587 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5588 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5589 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5593 ifname
= wpa_drv_get_ifname(wpa_s
);
5594 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5595 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5596 "interface name with '%s'", ifname
);
5597 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5600 rn
= wpa_driver_get_radio_name(wpa_s
);
5601 if (rn
&& rn
[0] == '\0')
5604 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5605 if (wpa_s
->radio
== NULL
)
5612 #ifdef CONFIG_GAS_SERVER
5614 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5615 unsigned int freq
, const u8
*dst
,
5616 const u8
*src
, const u8
*bssid
,
5617 const u8
*data
, size_t data_len
,
5618 enum offchannel_send_action_result result
)
5620 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5623 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5624 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5626 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5627 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5631 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5632 struct wpabuf
*buf
, unsigned int wait_time
)
5634 struct wpa_supplicant
*wpa_s
= ctx
;
5635 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5637 if (wait_time
> wpa_s
->max_remain_on_chan
)
5638 wait_time
= wpa_s
->max_remain_on_chan
;
5640 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5641 wpabuf_head(buf
), wpabuf_len(buf
),
5642 wait_time
, wpas_gas_server_tx_status
, 0);
5645 #endif /* CONFIG_GAS_SERVER */
5647 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5648 const struct wpa_interface
*iface
)
5650 struct wpa_driver_capa capa
;
5654 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5655 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5656 iface
->confname
? iface
->confname
: "N/A",
5657 iface
->driver
? iface
->driver
: "default",
5658 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5659 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5661 if (iface
->confname
) {
5662 #ifdef CONFIG_BACKEND_FILE
5663 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5664 if (wpa_s
->confname
== NULL
) {
5665 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5666 "for configuration file '%s'.",
5670 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5671 iface
->confname
, wpa_s
->confname
);
5672 #else /* CONFIG_BACKEND_FILE */
5673 wpa_s
->confname
= os_strdup(iface
->confname
);
5674 #endif /* CONFIG_BACKEND_FILE */
5675 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5676 if (wpa_s
->conf
== NULL
) {
5677 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5678 "configuration '%s'.", wpa_s
->confname
);
5681 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5682 if (wpa_s
->confanother
&&
5683 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5684 wpa_printf(MSG_ERROR
,
5685 "Failed to read or parse configuration '%s'.",
5686 wpa_s
->confanother
);
5691 * Override ctrl_interface and driver_param if set on command
5694 if (iface
->ctrl_interface
) {
5695 os_free(wpa_s
->conf
->ctrl_interface
);
5696 wpa_s
->conf
->ctrl_interface
=
5697 os_strdup(iface
->ctrl_interface
);
5700 if (iface
->driver_param
) {
5701 os_free(wpa_s
->conf
->driver_param
);
5702 wpa_s
->conf
->driver_param
=
5703 os_strdup(iface
->driver_param
);
5706 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5707 os_free(wpa_s
->conf
->ctrl_interface
);
5708 wpa_s
->conf
->ctrl_interface
= NULL
;
5711 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5712 iface
->driver_param
);
5714 if (wpa_s
->conf
== NULL
) {
5715 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5719 if (iface
->ifname
== NULL
) {
5720 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5723 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5724 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5728 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5730 if (iface
->bridge_ifname
) {
5731 if (os_strlen(iface
->bridge_ifname
) >=
5732 sizeof(wpa_s
->bridge_ifname
)) {
5733 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5734 "name '%s'.", iface
->bridge_ifname
);
5737 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5738 sizeof(wpa_s
->bridge_ifname
));
5741 /* RSNA Supplicant Key Management - INITIALIZE */
5742 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5743 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5745 /* Initialize driver interface and register driver event handler before
5746 * L2 receive handler so that association events are processed before
5747 * EAPOL-Key packets if both become available for the same select()
5749 if (wpas_init_driver(wpa_s
, iface
) < 0)
5752 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5755 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5756 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5758 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5760 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5761 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5762 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5763 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5764 "dot11RSNAConfigPMKLifetime");
5768 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5769 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5770 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5771 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5772 "dot11RSNAConfigPMKReauthThreshold");
5776 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5777 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5778 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5779 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5780 "dot11RSNAConfigSATimeout");
5784 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5785 &wpa_s
->hw
.num_modes
,
5788 if (wpa_s
->hw
.modes
) {
5791 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5792 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5793 wpa_s
->hw_capab
= CAPAB_VHT
;
5797 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5798 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5799 wpa_s
->hw_capab
= CAPAB_HT40
;
5800 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5801 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5802 wpa_s
->hw_capab
= CAPAB_HT
;
5806 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5807 if (capa_res
== 0) {
5808 wpa_s
->drv_capa_known
= 1;
5809 wpa_s
->drv_flags
= capa
.flags
;
5810 wpa_s
->drv_enc
= capa
.enc
;
5811 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5812 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5813 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5814 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5815 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5816 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5817 wpa_s
->max_sched_scan_plan_interval
=
5818 capa
.max_sched_scan_plan_interval
;
5819 wpa_s
->max_sched_scan_plan_iterations
=
5820 capa
.max_sched_scan_plan_iterations
;
5821 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5822 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5823 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5824 wpa_s
->max_stations
= capa
.max_stations
;
5825 wpa_s
->extended_capa
= capa
.extended_capa
;
5826 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5827 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5828 wpa_s
->num_multichan_concurrent
=
5829 capa
.num_multichan_concurrent
;
5830 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5832 if (capa
.mac_addr_rand_scan_supported
)
5833 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5834 if (wpa_s
->sched_scan_supported
&&
5835 capa
.mac_addr_rand_sched_scan_supported
)
5836 wpa_s
->mac_addr_rand_supported
|=
5837 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5839 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
5840 if (wpa_s
->extended_capa
&&
5841 wpa_s
->extended_capa_len
>= 3 &&
5842 wpa_s
->extended_capa
[2] & 0x40)
5843 wpa_s
->multi_bss_support
= 1;
5845 if (wpa_s
->max_remain_on_chan
== 0)
5846 wpa_s
->max_remain_on_chan
= 1000;
5849 * Only take p2p_mgmt parameters when P2P Device is supported.
5850 * Doing it here as it determines whether l2_packet_init() will be done
5851 * during wpa_supplicant_driver_init().
5853 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5854 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5856 if (wpa_s
->num_multichan_concurrent
== 0)
5857 wpa_s
->num_multichan_concurrent
= 1;
5859 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5863 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5865 #endif /* CONFIG_TDLS */
5867 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5868 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5869 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5874 if (wpa_s
->conf
->fst_group_id
) {
5875 struct fst_iface_cfg cfg
;
5876 struct fst_wpa_obj iface_obj
;
5878 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5879 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5880 sizeof(cfg
.group_id
));
5881 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5882 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5884 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5887 wpa_msg(wpa_s
, MSG_ERROR
,
5888 "FST: Cannot attach iface %s to group %s",
5889 wpa_s
->ifname
, cfg
.group_id
);
5893 #endif /* CONFIG_FST */
5895 if (wpas_wps_init(wpa_s
))
5898 #ifdef CONFIG_GAS_SERVER
5899 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5900 if (!wpa_s
->gas_server
) {
5901 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5904 #endif /* CONFIG_GAS_SERVER */
5907 if (wpas_dpp_init(wpa_s
) < 0)
5909 #endif /* CONFIG_DPP */
5911 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5913 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5915 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5916 if (wpa_s
->ctrl_iface
== NULL
) {
5917 wpa_printf(MSG_ERROR
,
5918 "Failed to initialize control interface '%s'.\n"
5919 "You may have another wpa_supplicant process "
5920 "already running or the file was\n"
5921 "left by an unclean termination of wpa_supplicant "
5922 "in which case you will need\n"
5923 "to manually remove this file before starting "
5924 "wpa_supplicant again.\n",
5925 wpa_s
->conf
->ctrl_interface
);
5929 wpa_s
->gas
= gas_query_init(wpa_s
);
5930 if (wpa_s
->gas
== NULL
) {
5931 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5935 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5937 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5938 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5942 if (wpa_bss_init(wpa_s
) < 0)
5945 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5947 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5948 #endif /* CONFIG_MESH */
5949 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5952 * Set Wake-on-WLAN triggers, if configured.
5953 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5954 * have effect anyway when the interface is down).
5956 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5959 #ifdef CONFIG_EAP_PROXY
5962 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5964 if (wpa_s
->mnc_len
> 0) {
5965 wpa_s
->imsi
[len
] = '\0';
5966 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5967 wpa_s
->imsi
, wpa_s
->mnc_len
);
5969 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5972 #endif /* CONFIG_EAP_PROXY */
5974 if (pcsc_reader_init(wpa_s
) < 0)
5977 if (wpas_init_ext_pw(wpa_s
) < 0)
5980 wpas_rrm_reset(wpa_s
);
5982 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5986 #endif /* CONFIG_HS20 */
5988 if (wpa_s
->conf
->oce
) {
5989 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5990 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5991 wpa_s
->enable_oce
= OCE_STA
;
5992 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5993 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5994 /* TODO: Need to add STA-CFON support */
5995 wpa_printf(MSG_ERROR
,
5996 "OCE STA-CFON feature is not yet supported");
5999 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
6000 #endif /* CONFIG_MBO */
6002 wpa_supplicant_set_default_scan_ies(wpa_s
);
6008 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
6009 int notify
, int terminate
)
6011 struct wpa_global
*global
= wpa_s
->global
;
6012 struct wpa_supplicant
*iface
, *prev
;
6014 if (wpa_s
== wpa_s
->parent
)
6015 wpas_p2p_group_remove(wpa_s
, "*");
6017 iface
= global
->ifaces
;
6019 if (iface
->p2pdev
== wpa_s
)
6020 iface
->p2pdev
= iface
->parent
;
6021 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
6022 iface
= iface
->next
;
6025 wpa_printf(MSG_DEBUG
,
6026 "Remove remaining child interface %s from parent %s",
6027 iface
->ifname
, wpa_s
->ifname
);
6029 iface
= iface
->next
;
6030 wpa_supplicant_remove_iface(global
, prev
, terminate
);
6033 wpa_s
->disconnected
= 1;
6034 if (wpa_s
->drv_priv
) {
6035 wpa_supplicant_deauthenticate(wpa_s
,
6036 WLAN_REASON_DEAUTH_LEAVING
);
6038 wpa_drv_set_countermeasures(wpa_s
, 0);
6039 wpa_clear_keys(wpa_s
, NULL
);
6042 wpa_supplicant_cleanup(wpa_s
);
6043 wpas_p2p_deinit_iface(wpa_s
);
6045 wpas_ctrl_radio_work_flush(wpa_s
);
6046 radio_remove_interface(wpa_s
);
6050 fst_detach(wpa_s
->fst
);
6053 if (wpa_s
->received_mb_ies
) {
6054 wpabuf_free(wpa_s
->received_mb_ies
);
6055 wpa_s
->received_mb_ies
= NULL
;
6057 #endif /* CONFIG_FST */
6059 if (wpa_s
->drv_priv
)
6060 wpa_drv_deinit(wpa_s
);
6063 wpas_notify_iface_removed(wpa_s
);
6066 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
6068 if (wpa_s
->ctrl_iface
) {
6069 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
6070 wpa_s
->ctrl_iface
= NULL
;
6075 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
6076 wpa_s
->ifmsh
= NULL
;
6078 #endif /* CONFIG_MESH */
6080 if (wpa_s
->conf
!= NULL
) {
6081 wpa_config_free(wpa_s
->conf
);
6085 os_free(wpa_s
->ssids_from_scan_req
);
6091 #ifdef CONFIG_MATCH_IFACE
6094 * wpa_supplicant_match_iface - Match an interface description to a name
6095 * @global: Pointer to global data from wpa_supplicant_init()
6096 * @ifname: Name of the interface to match
6097 * Returns: Pointer to the created interface description or %NULL on failure
6099 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
6103 struct wpa_interface
*iface
, *miface
;
6105 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
6106 miface
= &global
->params
.match_ifaces
[i
];
6107 if (!miface
->ifname
||
6108 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
6109 iface
= os_zalloc(sizeof(*iface
));
6113 iface
->ifname
= ifname
;
6123 * wpa_supplicant_match_existing - Match existing interfaces
6124 * @global: Pointer to global data from wpa_supplicant_init()
6125 * Returns: 0 on success, -1 on failure
6127 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
6129 struct if_nameindex
*ifi
, *ifp
;
6130 struct wpa_supplicant
*wpa_s
;
6131 struct wpa_interface
*iface
;
6133 ifp
= if_nameindex();
6135 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
6139 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
6140 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
6143 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
6145 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
6152 if_freenameindex(ifp
);
6156 #endif /* CONFIG_MATCH_IFACE */
6160 * wpa_supplicant_add_iface - Add a new network interface
6161 * @global: Pointer to global data from wpa_supplicant_init()
6162 * @iface: Interface configuration options
6163 * @parent: Parent interface or %NULL to assign new interface as parent
6164 * Returns: Pointer to the created interface or %NULL on failure
6166 * This function is used to add new network interfaces for %wpa_supplicant.
6167 * This can be called before wpa_supplicant_run() to add interfaces before the
6168 * main event loop has been started. In addition, new interfaces can be added
6169 * dynamically while %wpa_supplicant is already running. This could happen,
6170 * e.g., when a hotplug network adapter is inserted.
6172 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
6173 struct wpa_interface
*iface
,
6174 struct wpa_supplicant
*parent
)
6176 struct wpa_supplicant
*wpa_s
;
6177 struct wpa_interface t_iface
;
6178 struct wpa_ssid
*ssid
;
6180 if (global
== NULL
|| iface
== NULL
)
6183 wpa_s
= wpa_supplicant_alloc(parent
);
6187 wpa_s
->global
= global
;
6190 if (global
->params
.override_driver
) {
6191 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
6193 iface
->driver
, global
->params
.override_driver
);
6194 t_iface
.driver
= global
->params
.override_driver
;
6196 if (global
->params
.override_ctrl_interface
) {
6197 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
6198 "ctrl_interface ('%s' -> '%s')",
6199 iface
->ctrl_interface
,
6200 global
->params
.override_ctrl_interface
);
6201 t_iface
.ctrl_interface
=
6202 global
->params
.override_ctrl_interface
;
6204 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
6205 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
6207 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
6211 if (iface
->p2p_mgmt
== 0) {
6212 /* Notify the control interfaces about new iface */
6213 if (wpas_notify_iface_added(wpa_s
)) {
6214 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
6218 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
6219 wpas_notify_network_added(wpa_s
, ssid
);
6222 wpa_s
->next
= global
->ifaces
;
6223 global
->ifaces
= wpa_s
;
6225 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
6226 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
6229 if (wpa_s
->global
->p2p
== NULL
&&
6230 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
6231 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
6232 wpas_p2p_add_p2pdev_interface(
6233 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
6234 wpa_printf(MSG_INFO
,
6235 "P2P: Failed to enable P2P Device interface");
6236 /* Try to continue without. P2P will be disabled. */
6238 #endif /* CONFIG_P2P */
6245 * wpa_supplicant_remove_iface - Remove a network interface
6246 * @global: Pointer to global data from wpa_supplicant_init()
6247 * @wpa_s: Pointer to the network interface to be removed
6248 * Returns: 0 if interface was removed, -1 if interface was not found
6250 * This function can be used to dynamically remove network interfaces from
6251 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6252 * addition, this function is used to remove all remaining interfaces when
6253 * %wpa_supplicant is terminated.
6255 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
6256 struct wpa_supplicant
*wpa_s
,
6259 struct wpa_supplicant
*prev
;
6261 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
6262 char *ifname
= NULL
;
6263 struct wpa_supplicant
*parent
= wpa_s
->parent
;
6264 #endif /* CONFIG_MESH */
6266 /* Remove interface from the global list of interfaces */
6267 prev
= global
->ifaces
;
6268 if (prev
== wpa_s
) {
6269 global
->ifaces
= wpa_s
->next
;
6271 while (prev
&& prev
->next
!= wpa_s
)
6275 prev
->next
= wpa_s
->next
;
6278 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
6281 if (mesh_if_created
) {
6282 ifname
= os_strdup(wpa_s
->ifname
);
6283 if (ifname
== NULL
) {
6284 wpa_dbg(wpa_s
, MSG_ERROR
,
6285 "mesh: Failed to malloc ifname");
6289 #endif /* CONFIG_MESH */
6291 if (global
->p2p_group_formation
== wpa_s
)
6292 global
->p2p_group_formation
= NULL
;
6293 if (global
->p2p_invite_group
== wpa_s
)
6294 global
->p2p_invite_group
= NULL
;
6295 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
6298 if (mesh_if_created
) {
6299 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
6302 #endif /* CONFIG_MESH */
6309 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6310 * @wpa_s: Pointer to the network interface
6311 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6313 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6315 const char *eapol_method
;
6317 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6318 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6322 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6323 if (eapol_method
== NULL
)
6324 return "UNKNOWN-EAP";
6326 return eapol_method
;
6331 * wpa_supplicant_get_iface - Get a new network interface
6332 * @global: Pointer to global data from wpa_supplicant_init()
6333 * @ifname: Interface name
6334 * Returns: Pointer to the interface or %NULL if not found
6336 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6339 struct wpa_supplicant
*wpa_s
;
6341 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6342 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6349 #ifndef CONFIG_NO_WPA_MSG
6350 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6352 struct wpa_supplicant
*wpa_s
= ctx
;
6355 return wpa_s
->ifname
;
6357 #endif /* CONFIG_NO_WPA_MSG */
6360 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6361 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6362 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6364 /* Periodic cleanup tasks */
6365 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6367 struct wpa_global
*global
= eloop_ctx
;
6368 struct wpa_supplicant
*wpa_s
;
6370 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6371 wpas_periodic
, global
, NULL
);
6375 p2p_expire_peers(global
->p2p
);
6376 #endif /* CONFIG_P2P */
6378 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6379 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6382 #endif /* CONFIG_AP */
6388 * wpa_supplicant_init - Initialize %wpa_supplicant
6389 * @params: Parameters for %wpa_supplicant
6390 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6392 * This function is used to initialize %wpa_supplicant. After successful
6393 * initialization, the returned data pointer can be used to add and remove
6394 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6396 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6398 struct wpa_global
*global
;
6404 #ifdef CONFIG_DRIVER_NDIS
6406 void driver_ndis_init_ops(void);
6407 driver_ndis_init_ops();
6409 #endif /* CONFIG_DRIVER_NDIS */
6411 #ifndef CONFIG_NO_WPA_MSG
6412 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6413 #endif /* CONFIG_NO_WPA_MSG */
6415 if (params
->wpa_debug_file_path
)
6416 wpa_debug_open_file(params
->wpa_debug_file_path
);
6418 wpa_debug_setup_stdout();
6419 if (params
->wpa_debug_syslog
)
6420 wpa_debug_open_syslog();
6421 if (params
->wpa_debug_tracing
) {
6422 ret
= wpa_debug_open_linux_tracing();
6424 wpa_printf(MSG_ERROR
,
6425 "Failed to enable trace logging");
6430 ret
= eap_register_methods();
6432 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6434 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6435 "the same EAP type.");
6439 global
= os_zalloc(sizeof(*global
));
6442 dl_list_init(&global
->p2p_srv_bonjour
);
6443 dl_list_init(&global
->p2p_srv_upnp
);
6444 global
->params
.daemonize
= params
->daemonize
;
6445 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6446 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6447 if (params
->pid_file
)
6448 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6449 if (params
->ctrl_interface
)
6450 global
->params
.ctrl_interface
=
6451 os_strdup(params
->ctrl_interface
);
6452 if (params
->ctrl_interface_group
)
6453 global
->params
.ctrl_interface_group
=
6454 os_strdup(params
->ctrl_interface_group
);
6455 if (params
->override_driver
)
6456 global
->params
.override_driver
=
6457 os_strdup(params
->override_driver
);
6458 if (params
->override_ctrl_interface
)
6459 global
->params
.override_ctrl_interface
=
6460 os_strdup(params
->override_ctrl_interface
);
6461 #ifdef CONFIG_MATCH_IFACE
6462 global
->params
.match_iface_count
= params
->match_iface_count
;
6463 if (params
->match_iface_count
) {
6464 global
->params
.match_ifaces
=
6465 os_calloc(params
->match_iface_count
,
6466 sizeof(struct wpa_interface
));
6467 os_memcpy(global
->params
.match_ifaces
,
6468 params
->match_ifaces
,
6469 params
->match_iface_count
*
6470 sizeof(struct wpa_interface
));
6472 #endif /* CONFIG_MATCH_IFACE */
6474 if (params
->conf_p2p_dev
)
6475 global
->params
.conf_p2p_dev
=
6476 os_strdup(params
->conf_p2p_dev
);
6477 #endif /* CONFIG_P2P */
6478 wpa_debug_level
= global
->params
.wpa_debug_level
=
6479 params
->wpa_debug_level
;
6480 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6481 params
->wpa_debug_show_keys
;
6482 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6483 params
->wpa_debug_timestamp
;
6485 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6488 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6489 wpa_supplicant_deinit(global
);
6493 random_init(params
->entropy_file
);
6495 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6496 if (global
->ctrl_iface
== NULL
) {
6497 wpa_supplicant_deinit(global
);
6501 if (wpas_notify_supplicant_initialized(global
)) {
6502 wpa_supplicant_deinit(global
);
6506 for (i
= 0; wpa_drivers
[i
]; i
++)
6507 global
->drv_count
++;
6508 if (global
->drv_count
== 0) {
6509 wpa_printf(MSG_ERROR
, "No drivers enabled");
6510 wpa_supplicant_deinit(global
);
6513 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6514 if (global
->drv_priv
== NULL
) {
6515 wpa_supplicant_deinit(global
);
6519 #ifdef CONFIG_WIFI_DISPLAY
6520 if (wifi_display_init(global
) < 0) {
6521 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6522 wpa_supplicant_deinit(global
);
6525 #endif /* CONFIG_WIFI_DISPLAY */
6527 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6528 wpas_periodic
, global
, NULL
);
6535 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6536 * @global: Pointer to global data from wpa_supplicant_init()
6537 * Returns: 0 after successful event loop run, -1 on failure
6539 * This function starts the main event loop and continues running as long as
6540 * there are any remaining events. In most cases, this function is running as
6541 * long as the %wpa_supplicant process in still in use.
6543 int wpa_supplicant_run(struct wpa_global
*global
)
6545 struct wpa_supplicant
*wpa_s
;
6547 if (global
->params
.daemonize
&&
6548 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6549 eloop_sock_requeue()))
6552 #ifdef CONFIG_MATCH_IFACE
6553 if (wpa_supplicant_match_existing(global
))
6557 if (global
->params
.wait_for_monitor
) {
6558 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6559 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6560 wpa_supplicant_ctrl_iface_wait(
6564 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6565 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6574 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6575 * @global: Pointer to global data from wpa_supplicant_init()
6577 * This function is called to deinitialize %wpa_supplicant and to free all
6578 * allocated resources. Remaining network interfaces will also be removed.
6580 void wpa_supplicant_deinit(struct wpa_global
*global
)
6587 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6589 #ifdef CONFIG_WIFI_DISPLAY
6590 wifi_display_deinit(global
);
6591 #endif /* CONFIG_WIFI_DISPLAY */
6593 while (global
->ifaces
)
6594 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6596 if (global
->ctrl_iface
)
6597 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6599 wpas_notify_supplicant_deinitialized(global
);
6601 eap_peer_unregister_methods();
6603 eap_server_unregister_methods();
6604 #endif /* CONFIG_AP */
6606 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6607 if (!global
->drv_priv
[i
])
6609 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6611 os_free(global
->drv_priv
);
6617 if (global
->params
.pid_file
) {
6618 os_daemonize_terminate(global
->params
.pid_file
);
6619 os_free(global
->params
.pid_file
);
6621 os_free(global
->params
.ctrl_interface
);
6622 os_free(global
->params
.ctrl_interface_group
);
6623 os_free(global
->params
.override_driver
);
6624 os_free(global
->params
.override_ctrl_interface
);
6625 #ifdef CONFIG_MATCH_IFACE
6626 os_free(global
->params
.match_ifaces
);
6627 #endif /* CONFIG_MATCH_IFACE */
6629 os_free(global
->params
.conf_p2p_dev
);
6630 #endif /* CONFIG_P2P */
6632 os_free(global
->p2p_disallow_freq
.range
);
6633 os_free(global
->p2p_go_avoid_freq
.range
);
6634 os_free(global
->add_psk
);
6637 wpa_debug_close_syslog();
6638 wpa_debug_close_file();
6639 wpa_debug_close_linux_tracing();
6643 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6645 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6646 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6648 country
[0] = wpa_s
->conf
->country
[0];
6649 country
[1] = wpa_s
->conf
->country
[1];
6651 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6652 wpa_printf(MSG_ERROR
, "Failed to set country code "
6657 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6658 wpas_init_ext_pw(wpa_s
);
6660 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6661 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6663 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6664 struct wpa_driver_capa capa
;
6665 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6667 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6668 wpa_printf(MSG_ERROR
,
6669 "Failed to update wowlan_triggers to '%s'",
6670 wpa_s
->conf
->wowlan_triggers
);
6673 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_DISABLE_BTM
)
6674 wpa_supplicant_set_default_scan_ies(wpa_s
);
6677 wpas_wps_update_config(wpa_s
);
6678 #endif /* CONFIG_WPS */
6679 wpas_p2p_update_config(wpa_s
);
6680 wpa_s
->conf
->changed_parameters
= 0;
6684 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6688 for (i
= 0; i
< *num_freqs
; i
++) {
6689 if (freqs
[i
] == freq
)
6693 freqs
[*num_freqs
] = freq
;
6698 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6700 struct wpa_bss
*bss
, *cbss
;
6701 const int max_freqs
= 10;
6705 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6709 cbss
= wpa_s
->current_bss
;
6711 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6714 if (bss
->ssid_len
== cbss
->ssid_len
&&
6715 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6716 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6717 add_freq(freqs
, &num_freqs
, bss
->freq
);
6718 if (num_freqs
== max_freqs
)
6723 if (num_freqs
== 0) {
6732 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6738 wpas_connect_work_done(wpa_s
);
6741 * Remove possible authentication timeout since the connection failed.
6743 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6746 * There is no point in blacklisting the AP if this event is
6747 * generated based on local request to disconnect.
6749 if (wpa_s
->own_disconnect_req
) {
6750 wpa_s
->own_disconnect_req
= 0;
6751 wpa_dbg(wpa_s
, MSG_DEBUG
,
6752 "Ignore connection failure due to local request to disconnect");
6755 if (wpa_s
->disconnected
) {
6756 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6757 "indication since interface has been put into "
6758 "disconnected state");
6763 * Add the failed BSSID into the blacklist and speed up next scan
6764 * attempt if there could be other APs that could accept association.
6765 * The current blacklist count indicates how many times we have tried
6766 * connecting to this AP and multiple attempts mean that other APs are
6767 * either not available or has already been tried, so that we can start
6768 * increasing the delay here to avoid constant scanning.
6770 count
= wpa_blacklist_add(wpa_s
, bssid
);
6771 if (count
== 1 && wpa_s
->current_bss
) {
6773 * This BSS was not in the blacklist before. If there is
6774 * another BSS available for the same ESS, we should try that
6775 * next. Otherwise, we may as well try this one once more
6776 * before allowing other, likely worse, ESSes to be considered.
6778 freqs
= get_bss_freqs_in_ess(wpa_s
);
6780 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6781 "has been seen; try it next");
6782 wpa_blacklist_add(wpa_s
, bssid
);
6784 * On the next scan, go through only the known channels
6785 * used in this ESS based on previous scans to speed up
6786 * common load balancing use case.
6788 os_free(wpa_s
->next_scan_freqs
);
6789 wpa_s
->next_scan_freqs
= freqs
;
6794 * Add previous failure count in case the temporary blacklist was
6795 * cleared due to no other BSSes being available.
6797 count
+= wpa_s
->extra_blacklist_count
;
6799 if (count
> 3 && wpa_s
->current_ssid
) {
6800 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6801 "consider temporary network disabling");
6802 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6823 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6824 "ms", count
, timeout
);
6827 * TODO: if more than one possible AP is available in scan results,
6828 * could try the other ones before requesting a new scan.
6831 /* speed up the connection attempt with normal scan */
6832 wpa_s
->normal_scans
= 0;
6833 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6834 1000 * (timeout
% 1000));
6839 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6841 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6842 const u8
*realm
, *username
, *rrk
;
6843 size_t realm_len
, username_len
, rrk_len
;
6846 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6847 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6848 &username
, &username_len
,
6849 &realm
, &realm_len
, &next_seq_num
,
6850 &rrk
, &rrk_len
) != 0 ||
6854 wpa_hexdump_ascii(MSG_DEBUG
,
6855 "FILS: Store last connection failure realm",
6857 os_free(wpa_s
->last_con_fail_realm
);
6858 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6859 if (wpa_s
->last_con_fail_realm
) {
6860 wpa_s
->last_con_fail_realm_len
= realm_len
;
6861 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6864 #endif /* CONFIG_FILS */
6867 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6869 return wpa_s
->conf
->ap_scan
== 2 ||
6870 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6874 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6875 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6876 struct wpa_ssid
*ssid
,
6880 #ifdef IEEE8021X_EAPOL
6881 struct eap_peer_config
*eap
= &ssid
->eap
;
6883 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6884 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6885 (const u8
*) value
, os_strlen(value
));
6887 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6888 case WPA_CTRL_REQ_EAP_IDENTITY
:
6889 os_free(eap
->identity
);
6890 eap
->identity
= (u8
*) os_strdup(value
);
6891 eap
->identity_len
= os_strlen(value
);
6892 eap
->pending_req_identity
= 0;
6893 if (ssid
== wpa_s
->current_ssid
)
6894 wpa_s
->reassociate
= 1;
6896 case WPA_CTRL_REQ_EAP_PASSWORD
:
6897 bin_clear_free(eap
->password
, eap
->password_len
);
6898 eap
->password
= (u8
*) os_strdup(value
);
6899 eap
->password_len
= os_strlen(value
);
6900 eap
->pending_req_password
= 0;
6901 if (ssid
== wpa_s
->current_ssid
)
6902 wpa_s
->reassociate
= 1;
6904 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6905 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6906 eap
->new_password
= (u8
*) os_strdup(value
);
6907 eap
->new_password_len
= os_strlen(value
);
6908 eap
->pending_req_new_password
= 0;
6909 if (ssid
== wpa_s
->current_ssid
)
6910 wpa_s
->reassociate
= 1;
6912 case WPA_CTRL_REQ_EAP_PIN
:
6913 str_clear_free(eap
->pin
);
6914 eap
->pin
= os_strdup(value
);
6915 eap
->pending_req_pin
= 0;
6916 if (ssid
== wpa_s
->current_ssid
)
6917 wpa_s
->reassociate
= 1;
6919 case WPA_CTRL_REQ_EAP_OTP
:
6920 bin_clear_free(eap
->otp
, eap
->otp_len
);
6921 eap
->otp
= (u8
*) os_strdup(value
);
6922 eap
->otp_len
= os_strlen(value
);
6923 os_free(eap
->pending_req_otp
);
6924 eap
->pending_req_otp
= NULL
;
6925 eap
->pending_req_otp_len
= 0;
6927 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6928 str_clear_free(eap
->private_key_passwd
);
6929 eap
->private_key_passwd
= os_strdup(value
);
6930 eap
->pending_req_passphrase
= 0;
6931 if (ssid
== wpa_s
->current_ssid
)
6932 wpa_s
->reassociate
= 1;
6934 case WPA_CTRL_REQ_SIM
:
6935 str_clear_free(eap
->external_sim_resp
);
6936 eap
->external_sim_resp
= os_strdup(value
);
6937 eap
->pending_req_sim
= 0;
6939 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6940 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6942 ssid
->mem_only_psk
= 1;
6943 if (ssid
->passphrase
)
6944 wpa_config_update_psk(ssid
);
6945 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6946 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6948 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6949 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6951 if (os_strcmp(value
, "good") == 0)
6952 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6953 else if (os_strcmp(value
, "bad") == 0)
6954 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6959 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6964 #else /* IEEE8021X_EAPOL */
6965 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6967 #endif /* IEEE8021X_EAPOL */
6969 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6972 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6975 unsigned int drv_enc
;
6977 if (wpa_s
->p2p_mgmt
)
6978 return 1; /* no normal network profiles on p2p_mgmt interface */
6986 if (wpa_s
->drv_capa_known
)
6987 drv_enc
= wpa_s
->drv_enc
;
6989 drv_enc
= (unsigned int) -1;
6991 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6992 size_t len
= ssid
->wep_key_len
[i
];
6995 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
6997 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
6999 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
7001 return 1; /* invalid WEP key */
7004 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
7005 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
7006 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
7007 !ssid
->mem_only_psk
)
7014 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
7016 #ifdef CONFIG_IEEE80211W
7017 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
7018 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
7019 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
7021 * Driver does not support BIP -- ignore pmf=1 default
7022 * since the connection with PMF would fail and the
7023 * configuration does not require PMF to be enabled.
7025 return NO_MGMT_FRAME_PROTECTION
;
7030 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
7031 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
7033 * Do not use the default PMF value for non-RSN networks
7034 * since PMF is available only with RSN and pmf=2
7035 * configuration would otherwise prevent connections to
7036 * all open networks.
7038 return NO_MGMT_FRAME_PROTECTION
;
7041 return wpa_s
->conf
->pmf
;
7044 return ssid
->ieee80211w
;
7045 #else /* CONFIG_IEEE80211W */
7046 return NO_MGMT_FRAME_PROTECTION
;
7047 #endif /* CONFIG_IEEE80211W */
7051 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
7053 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
7055 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
7061 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
7063 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
7065 struct os_reltime now
;
7068 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
7073 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
7076 ssid
->auth_failures
++;
7079 if (ssid
->p2p_group
&&
7080 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
7082 * Skip the wait time since there is a short timeout on the
7083 * connection to a P2P group.
7087 #endif /* CONFIG_P2P */
7089 if (ssid
->auth_failures
> 50)
7091 else if (ssid
->auth_failures
> 10)
7093 else if (ssid
->auth_failures
> 5)
7095 else if (ssid
->auth_failures
> 3)
7097 else if (ssid
->auth_failures
> 2)
7099 else if (ssid
->auth_failures
> 1)
7104 if (ssid
->auth_failures
> 1 &&
7105 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
7106 dur
+= os_random() % (ssid
->auth_failures
* 10);
7108 os_get_reltime(&now
);
7109 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
7112 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
7114 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
7115 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
7116 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
7117 ssid
->auth_failures
, dur
, reason
);
7121 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
7122 struct wpa_ssid
*ssid
, int clear_failures
)
7127 if (ssid
->disabled_until
.sec
) {
7128 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
7129 "id=%d ssid=\"%s\"",
7130 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
7132 ssid
->disabled_until
.sec
= 0;
7133 ssid
->disabled_until
.usec
= 0;
7135 ssid
->auth_failures
= 0;
7139 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7143 if (wpa_s
->disallow_aps_bssid
== NULL
)
7146 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
7147 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
7148 bssid
, ETH_ALEN
) == 0)
7156 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
7161 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
7164 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
7165 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
7166 if (ssid_len
== s
->ssid_len
&&
7167 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
7176 * wpas_request_connection - Request a new connection
7177 * @wpa_s: Pointer to the network interface
7179 * This function is used to request a new connection to be found. It will mark
7180 * the interface to allow reassociation and request a new scan to find a
7181 * suitable network to connect to.
7183 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
7185 wpa_s
->normal_scans
= 0;
7186 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
7187 wpa_supplicant_reinit_autoscan(wpa_s
);
7188 wpa_s
->extra_blacklist_count
= 0;
7189 wpa_s
->disconnected
= 0;
7190 wpa_s
->reassociate
= 1;
7191 wpa_s
->last_owe_group
= 0;
7193 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
7194 wpa_supplicant_req_scan(wpa_s
, 0, 0);
7196 wpa_s
->reattach
= 0;
7201 * wpas_request_disconnection - Request disconnection
7202 * @wpa_s: Pointer to the network interface
7204 * This function is used to request disconnection from the currently connected
7205 * network. This will stop any ongoing scans and initiate deauthentication.
7207 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
7210 wpa_s
->sme
.prev_bssid_set
= 0;
7211 #endif /* CONFIG_SME */
7212 wpa_s
->reassociate
= 0;
7213 wpa_s
->disconnected
= 1;
7214 wpa_supplicant_cancel_sched_scan(wpa_s
);
7215 wpa_supplicant_cancel_scan(wpa_s
);
7216 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
7217 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
7218 radio_remove_works(wpa_s
, "connect", 0);
7219 radio_remove_works(wpa_s
, "sme-connect", 0);
7223 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
7224 struct wpa_used_freq_data
*freqs_data
,
7229 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
7231 for (i
= 0; i
< len
; i
++) {
7232 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
7233 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
7234 i
, cur
->freq
, cur
->flags
);
7240 * Find the operating frequencies of any of the virtual interfaces that
7241 * are using the same radio as the current interface, and in addition, get
7242 * information about the interface types that are using the frequency.
7244 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
7245 struct wpa_used_freq_data
*freqs_data
,
7248 struct wpa_supplicant
*ifs
;
7251 unsigned int idx
= 0, i
;
7253 wpa_dbg(wpa_s
, MSG_DEBUG
,
7254 "Determining shared radio frequencies (max len %u)", len
);
7255 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
7257 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
7262 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
7265 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
7266 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
7267 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
7268 freq
= ifs
->current_ssid
->frequency
;
7269 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
7270 freq
= ifs
->assoc_freq
;
7274 /* Hold only distinct freqs */
7275 for (i
= 0; i
< idx
; i
++)
7276 if (freqs_data
[i
].freq
== freq
)
7280 freqs_data
[idx
++].freq
= freq
;
7282 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
7283 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
7284 WPA_FREQ_USED_BY_P2P_CLIENT
:
7285 WPA_FREQ_USED_BY_INFRA_STATION
;
7289 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
7295 * Find the operating frequencies of any of the virtual interfaces that
7296 * are using the same radio as the current interface.
7298 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
7299 int *freq_array
, unsigned int len
)
7301 struct wpa_used_freq_data
*freqs_data
;
7304 os_memset(freq_array
, 0, sizeof(int) * len
);
7306 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
7310 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
7311 for (i
= 0; i
< num
; i
++)
7312 freq_array
[i
] = freqs_data
[i
].freq
;
7314 os_free(freqs_data
);
7320 struct wpa_supplicant
*
7321 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7325 case VENDOR_ELEM_PROBE_REQ_P2P
:
7326 case VENDOR_ELEM_PROBE_RESP_P2P
:
7327 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7328 case VENDOR_ELEM_BEACON_P2P_GO
:
7329 case VENDOR_ELEM_P2P_PD_REQ
:
7330 case VENDOR_ELEM_P2P_PD_RESP
:
7331 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7332 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7333 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7334 case VENDOR_ELEM_P2P_INV_REQ
:
7335 case VENDOR_ELEM_P2P_INV_RESP
:
7336 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7337 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7338 return wpa_s
->p2pdev
;
7339 #endif /* CONFIG_P2P */
7346 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7351 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7353 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7354 if (wpa_s
->vendor_elem
[i
]) {
7357 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7358 if (!os_snprintf_error(sizeof(buf
), res
)) {
7359 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7360 wpa_s
->vendor_elem
[i
]);
7366 if (wpa_s
->parent
== wpa_s
&&
7367 wpa_s
->global
->p2p
&&
7368 !wpa_s
->global
->p2p_disabled
)
7369 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7370 #endif /* CONFIG_P2P */
7374 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7375 const u8
*elem
, size_t len
)
7379 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7380 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7382 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7385 if (os_memcmp(ie
, elem
, len
) != 0)
7388 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7389 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7390 wpa_s
->vendor_elem
[frame
] = NULL
;
7392 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7393 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7395 wpas_vendor_elem_update(wpa_s
);
7403 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7404 u16 num_modes
, enum hostapd_hw_mode mode
)
7408 for (i
= 0; i
< num_modes
; i
++) {
7409 if (modes
[i
].mode
== mode
)
7418 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7421 struct wpa_bss_tmp_disallowed
*bss
;
7423 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7424 struct wpa_bss_tmp_disallowed
, list
) {
7425 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7433 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7435 struct wpa_bss_tmp_disallowed
*tmp
;
7436 unsigned int num_bssid
= 0;
7440 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7443 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7444 struct wpa_bss_tmp_disallowed
, list
) {
7445 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7449 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7455 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7457 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7458 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7460 /* Make sure the bss is not already freed */
7461 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7462 struct wpa_bss_tmp_disallowed
, list
) {
7464 dl_list_del(&tmp
->list
);
7466 wpa_set_driver_tmp_disallow_list(wpa_s
);
7473 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7474 unsigned int sec
, int rssi_threshold
)
7476 struct wpa_bss_tmp_disallowed
*bss
;
7478 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7480 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7484 bss
= os_malloc(sizeof(*bss
));
7486 wpa_printf(MSG_DEBUG
,
7487 "Failed to allocate memory for temp disallow BSS");
7491 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7492 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7493 wpa_set_driver_tmp_disallow_list(wpa_s
);
7496 bss
->rssi_threshold
= rssi_threshold
;
7497 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7502 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
,
7503 struct wpa_bss
*bss
)
7505 struct wpa_bss_tmp_disallowed
*disallowed
= NULL
, *tmp
, *prev
;
7507 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7508 struct wpa_bss_tmp_disallowed
, list
) {
7509 if (os_memcmp(bss
->bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {
7517 if (disallowed
->rssi_threshold
!= 0 &&
7518 bss
->level
> disallowed
->rssi_threshold
)
7525 int wpas_enable_mac_addr_randomization(struct wpa_supplicant
*wpa_s
,
7526 unsigned int type
, const u8
*addr
,
7529 if ((addr
&& !mask
) || (!addr
&& mask
)) {
7530 wpa_printf(MSG_INFO
,
7531 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7535 if (addr
&& mask
&& (!(mask
[0] & 0x01) || (addr
[0] & 0x01))) {
7536 wpa_printf(MSG_INFO
,
7537 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7541 if (type
& MAC_ADDR_RAND_SCAN
) {
7542 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_SCAN
,
7547 if (type
& MAC_ADDR_RAND_SCHED_SCAN
) {
7548 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_SCHED_SCAN
,
7552 if (wpa_s
->sched_scanning
&& !wpa_s
->pno
)
7553 wpas_scan_restart_sched_scan(wpa_s
);
7556 if (type
& MAC_ADDR_RAND_PNO
) {
7557 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_PNO
,
7562 wpas_stop_pno(wpa_s
);
7563 wpas_start_pno(wpa_s
);
7571 int wpas_disable_mac_addr_randomization(struct wpa_supplicant
*wpa_s
,
7574 wpas_mac_addr_rand_scan_clear(wpa_s
, type
);
7576 if (type
& MAC_ADDR_RAND_PNO
) {
7577 wpas_stop_pno(wpa_s
);
7578 wpas_start_pno(wpa_s
);
7580 } else if (wpa_s
->sched_scanning
&& (type
& MAC_ADDR_RAND_SCHED_SCAN
)) {
7581 wpas_scan_restart_sched_scan(wpa_s
);