3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
46 #include "blacklist.h"
47 #include "wpas_glue.h"
48 #include "wps_supplicant.h"
51 #include "gas_query.h"
53 #include "p2p_supplicant.h"
54 #include "wifi_display.h"
60 #include "offchannel.h"
61 #include "hs20_supplicant.h"
65 #include "dpp_supplicant.h"
67 #include "ap/ap_config.h"
68 #include "ap/hostapd.h"
69 #endif /* CONFIG_MESH */
71 const char *const wpa_supplicant_version
=
72 "wpa_supplicant v" VERSION_STR
"\n"
73 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
75 const char *const wpa_supplicant_license
=
76 "This software may be distributed under the terms of the BSD license.\n"
77 "See README for more details.\n"
78 #ifdef EAP_TLS_OPENSSL
79 "\nThis product includes software developed by the OpenSSL Project\n"
80 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81 #endif /* EAP_TLS_OPENSSL */
84 #ifndef CONFIG_NO_STDOUT_DEBUG
85 /* Long text divided into parts in order to fit in C89 strings size limits. */
86 const char *const wpa_supplicant_full_license1
=
88 const char *const wpa_supplicant_full_license2
=
89 "This software may be distributed under the terms of the BSD license.\n"
91 "Redistribution and use in source and binary forms, with or without\n"
92 "modification, are permitted provided that the following conditions are\n"
95 const char *const wpa_supplicant_full_license3
=
96 "1. Redistributions of source code must retain the above copyright\n"
97 " notice, this list of conditions and the following disclaimer.\n"
99 "2. Redistributions in binary form must reproduce the above copyright\n"
100 " notice, this list of conditions and the following disclaimer in the\n"
101 " documentation and/or other materials provided with the distribution.\n"
103 const char *const wpa_supplicant_full_license4
=
104 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105 " names of its contributors may be used to endorse or promote products\n"
106 " derived from this software without specific prior written permission.\n"
108 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
112 const char *const wpa_supplicant_full_license5
=
113 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
121 #endif /* CONFIG_NO_STDOUT_DEBUG */
124 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
125 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
127 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
129 static void wpas_update_owe_connect_params(struct wpa_supplicant
*wpa_s
);
130 #endif /* CONFIG_OWE */
133 /* Configure default/group WEP keys for static WEP */
134 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
138 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
139 if (ssid
->wep_key_len
[i
] == 0)
143 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
144 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
145 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
152 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
153 struct wpa_ssid
*ssid
)
161 /* IBSS/WPA-None uses only one key (Group) for both receiving and
162 * sending unicast and multicast packets. */
164 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
165 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
166 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
170 if (!ssid
->psk_set
) {
171 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
176 switch (wpa_s
->group_cipher
) {
177 case WPA_CIPHER_CCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_GCMP
:
183 os_memcpy(key
, ssid
->psk
, 16);
187 case WPA_CIPHER_TKIP
:
188 /* WPA-None uses the same Michael MIC key for both TX and RX */
189 os_memcpy(key
, ssid
->psk
, 16 + 8);
190 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
195 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
196 "WPA-None", wpa_s
->group_cipher
);
200 /* TODO: should actually remember the previously used seq#, both for TX
201 * and RX from each STA.. */
203 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
204 os_memset(key
, 0, sizeof(key
));
209 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
211 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
212 const u8
*bssid
= wpa_s
->bssid
;
213 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
214 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
215 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
216 bssid
= wpa_s
->pending_bssid
;
217 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
219 wpa_blacklist_add(wpa_s
, bssid
);
220 wpa_sm_notify_disassoc(wpa_s
->wpa
);
221 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
222 wpa_s
->reassociate
= 1;
225 * If we timed out, the AP or the local radio may be busy.
226 * So, wait a second until scanning again.
228 wpa_supplicant_req_scan(wpa_s
, 1, 0);
233 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
234 * @wpa_s: Pointer to wpa_supplicant data
235 * @sec: Number of seconds after which to time out authentication
236 * @usec: Number of microseconds after which to time out authentication
238 * This function is used to schedule a timeout for the current authentication
241 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
244 if (wpa_s
->conf
->ap_scan
== 0 &&
245 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
248 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
249 "%d usec", sec
, usec
);
250 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
251 wpa_s
->last_auth_timeout_sec
= sec
;
252 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
257 * wpas_auth_timeout_restart - Restart and change timeout for authentication
258 * @wpa_s: Pointer to wpa_supplicant data
259 * @sec_diff: difference in seconds applied to original timeout value
261 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
263 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
265 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
266 wpa_dbg(wpa_s
, MSG_DEBUG
,
267 "Authentication timeout restart: %d sec", new_sec
);
268 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
269 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
276 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
277 * @wpa_s: Pointer to wpa_supplicant data
279 * This function is used to cancel authentication timeout scheduled with
280 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
283 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
285 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
286 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
287 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
288 os_free(wpa_s
->last_con_fail_realm
);
289 wpa_s
->last_con_fail_realm
= NULL
;
290 wpa_s
->last_con_fail_realm_len
= 0;
295 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
296 * @wpa_s: Pointer to wpa_supplicant data
298 * This function is used to configure EAPOL state machine based on the selected
299 * authentication mode.
301 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
303 #ifdef IEEE8021X_EAPOL
304 struct eapol_config eapol_conf
;
305 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
307 #ifdef CONFIG_IBSS_RSN
308 if (ssid
->mode
== WPAS_MODE_IBSS
&&
309 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
310 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
312 * RSN IBSS authentication is per-STA and we can disable the
313 * per-BSSID EAPOL authentication.
315 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
316 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
317 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 #endif /* CONFIG_IBSS_RSN */
322 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
323 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
325 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
326 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
327 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
329 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
331 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
332 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
333 eapol_conf
.accept_802_1x_keys
= 1;
334 eapol_conf
.required_keys
= 0;
335 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
336 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
338 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
339 eapol_conf
.required_keys
|=
340 EAPOL_REQUIRE_KEY_BROADCAST
;
343 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
344 eapol_conf
.required_keys
= 0;
346 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
347 eapol_conf
.workaround
= ssid
->eap_workaround
;
348 eapol_conf
.eap_disabled
=
349 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
350 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
351 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
352 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
355 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
356 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
357 if (wpa_s
->current_bss
) {
359 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
364 EAPOL_PEER_IS_WPS20_AP
;
369 #endif /* CONFIG_WPS */
371 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
374 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
375 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
377 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
378 #endif /* CONFIG_MACSEC */
379 #endif /* IEEE8021X_EAPOL */
384 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
385 * @wpa_s: Pointer to wpa_supplicant data
386 * @ssid: Configuration data for the network
388 * This function is used to configure WPA state machine and related parameters
389 * to a mode where WPA is not enabled. This is called as part of the
390 * authentication configuration when the selected network does not use WPA.
392 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
393 struct wpa_ssid
*ssid
)
397 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
398 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
399 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
400 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
402 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
403 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
404 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
405 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
406 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
407 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
408 wpa_s
->mgmt_group_cipher
= 0;
410 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
411 if (ssid
->wep_key_len
[i
] > 5) {
412 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
413 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
415 } else if (ssid
->wep_key_len
[i
] > 0) {
416 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
417 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
422 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
424 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
425 wpa_s
->pairwise_cipher
);
426 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
427 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
428 wpa_s
->mgmt_group_cipher
);
430 pmksa_cache_clear_current(wpa_s
->wpa
);
434 void free_hw_features(struct wpa_supplicant
*wpa_s
)
437 if (wpa_s
->hw
.modes
== NULL
)
440 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
441 os_free(wpa_s
->hw
.modes
[i
].channels
);
442 os_free(wpa_s
->hw
.modes
[i
].rates
);
445 os_free(wpa_s
->hw
.modes
);
446 wpa_s
->hw
.modes
= NULL
;
450 void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
452 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
454 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
455 struct wpa_bss_tmp_disallowed
, list
) {
456 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
457 dl_list_del(&bss
->list
);
463 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
465 struct fils_hlp_req
*req
;
467 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
469 dl_list_del(&req
->list
);
470 wpabuf_free(req
->pkt
);
476 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
480 bgscan_deinit(wpa_s
);
481 autoscan_deinit(wpa_s
);
482 scard_deinit(wpa_s
->scard
);
484 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
485 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
486 l2_packet_deinit(wpa_s
->l2
);
489 l2_packet_deinit(wpa_s
->l2_br
);
492 #ifdef CONFIG_TESTING_OPTIONS
493 l2_packet_deinit(wpa_s
->l2_test
);
494 wpa_s
->l2_test
= NULL
;
495 os_free(wpa_s
->get_pref_freq_list_override
);
496 wpa_s
->get_pref_freq_list_override
= NULL
;
497 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
498 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
499 #endif /* CONFIG_TESTING_OPTIONS */
501 if (wpa_s
->conf
!= NULL
) {
502 struct wpa_ssid
*ssid
;
503 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
504 wpas_notify_network_removed(wpa_s
, ssid
);
507 os_free(wpa_s
->confname
);
508 wpa_s
->confname
= NULL
;
510 os_free(wpa_s
->confanother
);
511 wpa_s
->confanother
= NULL
;
513 os_free(wpa_s
->last_con_fail_realm
);
514 wpa_s
->last_con_fail_realm
= NULL
;
515 wpa_s
->last_con_fail_realm_len
= 0;
517 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
518 eapol_sm_deinit(wpa_s
->eapol
);
521 rsn_preauth_deinit(wpa_s
->wpa
);
524 wpa_tdls_deinit(wpa_s
->wpa
);
525 #endif /* CONFIG_TDLS */
527 wmm_ac_clear_saved_tspecs(wpa_s
);
528 pmksa_candidate_free(wpa_s
->wpa
);
529 wpa_sm_deinit(wpa_s
->wpa
);
531 wpa_blacklist_clear(wpa_s
);
533 wpa_bss_deinit(wpa_s
);
535 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
536 wpa_supplicant_cancel_scan(wpa_s
);
537 wpa_supplicant_cancel_auth_timeout(wpa_s
);
538 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
539 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
540 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
542 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
544 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
546 wpas_wps_deinit(wpa_s
);
548 wpabuf_free(wpa_s
->pending_eapol_rx
);
549 wpa_s
->pending_eapol_rx
= NULL
;
551 #ifdef CONFIG_IBSS_RSN
552 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
553 wpa_s
->ibss_rsn
= NULL
;
554 #endif /* CONFIG_IBSS_RSN */
559 wpa_supplicant_ap_deinit(wpa_s
);
560 #endif /* CONFIG_AP */
562 wpas_p2p_deinit(wpa_s
);
564 #ifdef CONFIG_OFFCHANNEL
565 offchannel_deinit(wpa_s
);
566 #endif /* CONFIG_OFFCHANNEL */
568 wpa_supplicant_cancel_sched_scan(wpa_s
);
570 os_free(wpa_s
->next_scan_freqs
);
571 wpa_s
->next_scan_freqs
= NULL
;
573 os_free(wpa_s
->manual_scan_freqs
);
574 wpa_s
->manual_scan_freqs
= NULL
;
575 os_free(wpa_s
->select_network_scan_freqs
);
576 wpa_s
->select_network_scan_freqs
= NULL
;
578 os_free(wpa_s
->manual_sched_scan_freqs
);
579 wpa_s
->manual_sched_scan_freqs
= NULL
;
581 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
584 * Need to remove any pending gas-query radio work before the
585 * gas_query_deinit() call because gas_query::work has not yet been set
586 * for works that have not been started. gas_query_free() will be unable
587 * to cancel such pending radio works and once the pending gas-query
588 * radio work eventually gets removed, the deinit notification call to
589 * gas_query_start_cb() would result in dereferencing freed memory.
592 radio_remove_works(wpa_s
, "gas-query", 0);
593 gas_query_deinit(wpa_s
->gas
);
595 gas_server_deinit(wpa_s
->gas_server
);
596 wpa_s
->gas_server
= NULL
;
598 free_hw_features(wpa_s
);
600 ieee802_1x_dealloc_kay_sm(wpa_s
);
602 os_free(wpa_s
->bssid_filter
);
603 wpa_s
->bssid_filter
= NULL
;
605 os_free(wpa_s
->disallow_aps_bssid
);
606 wpa_s
->disallow_aps_bssid
= NULL
;
607 os_free(wpa_s
->disallow_aps_ssid
);
608 wpa_s
->disallow_aps_ssid
= NULL
;
610 wnm_bss_keep_alive_deinit(wpa_s
);
612 wnm_deallocate_memory(wpa_s
);
613 #endif /* CONFIG_WNM */
615 ext_password_deinit(wpa_s
->ext_pw
);
616 wpa_s
->ext_pw
= NULL
;
618 wpabuf_free(wpa_s
->last_gas_resp
);
619 wpa_s
->last_gas_resp
= NULL
;
620 wpabuf_free(wpa_s
->prev_gas_resp
);
621 wpa_s
->prev_gas_resp
= NULL
;
623 os_free(wpa_s
->last_scan_res
);
624 wpa_s
->last_scan_res
= NULL
;
628 wpa_drv_configure_frame_filters(wpa_s
, 0);
630 #endif /* CONFIG_HS20 */
632 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
633 wpabuf_free(wpa_s
->vendor_elem
[i
]);
634 wpa_s
->vendor_elem
[i
] = NULL
;
637 wmm_ac_notify_disassoc(wpa_s
);
639 wpa_s
->sched_scan_plans_num
= 0;
640 os_free(wpa_s
->sched_scan_plans
);
641 wpa_s
->sched_scan_plans
= NULL
;
644 wpa_s
->non_pref_chan_num
= 0;
645 os_free(wpa_s
->non_pref_chan
);
646 wpa_s
->non_pref_chan
= NULL
;
647 #endif /* CONFIG_MBO */
649 free_bss_tmp_disallowed(wpa_s
);
651 wpabuf_free(wpa_s
->lci
);
653 wpas_clear_beacon_rep_data(wpa_s
);
655 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
658 struct external_pmksa_cache
*entry
;
660 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
661 struct external_pmksa_cache
,
663 dl_list_del(&entry
->list
);
664 os_free(entry
->pmksa_cache
);
668 #endif /* CONFIG_MESH */
669 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
671 wpas_flush_fils_hlp_req(wpa_s
);
673 wpabuf_free(wpa_s
->ric_ies
);
674 wpa_s
->ric_ies
= NULL
;
677 wpas_dpp_deinit(wpa_s
);
678 dpp_global_deinit(wpa_s
->dpp
);
680 #endif /* CONFIG_DPP */
685 * wpa_clear_keys - Clear keys configured for the driver
686 * @wpa_s: Pointer to wpa_supplicant data
687 * @addr: Previously used BSSID or %NULL if not available
689 * This function clears the encryption keys that has been previously configured
692 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
696 /* MLME-DELETEKEYS.request */
697 for (i
= 0; i
< max
; i
++) {
698 if (wpa_s
->keys_cleared
& BIT(i
))
700 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
703 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
704 !is_zero_ether_addr(addr
)) {
705 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
707 /* MLME-SETPROTECTION.request(None) */
708 wpa_drv_mlme_setprotection(
710 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
711 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
713 wpa_s
->keys_cleared
= (u32
) -1;
718 * wpa_supplicant_state_txt - Get the connection state name as a text string
719 * @state: State (wpa_state; WPA_*)
720 * Returns: The state name as a printable text string
722 const char * wpa_supplicant_state_txt(enum wpa_states state
)
725 case WPA_DISCONNECTED
:
726 return "DISCONNECTED";
729 case WPA_INTERFACE_DISABLED
:
730 return "INTERFACE_DISABLED";
733 case WPA_AUTHENTICATING
:
734 return "AUTHENTICATING";
735 case WPA_ASSOCIATING
:
736 return "ASSOCIATING";
739 case WPA_4WAY_HANDSHAKE
:
740 return "4WAY_HANDSHAKE";
741 case WPA_GROUP_HANDSHAKE
:
742 return "GROUP_HANDSHAKE";
753 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
757 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
758 name
= wpa_s
->current_ssid
->bgscan
;
760 name
= wpa_s
->conf
->bgscan
;
761 if (name
== NULL
|| name
[0] == '\0')
763 if (wpas_driver_bss_selection(wpa_s
))
765 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
768 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
770 #endif /* CONFIG_P2P */
772 bgscan_deinit(wpa_s
);
773 if (wpa_s
->current_ssid
) {
774 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
775 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
778 * Live without bgscan; it is only used as a roaming
779 * optimization, so the initial connection is not
783 struct wpa_scan_results
*scan_res
;
784 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
785 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
788 bgscan_notify_scan(wpa_s
, scan_res
);
789 wpa_scan_results_free(scan_res
);
793 wpa_s
->bgscan_ssid
= NULL
;
797 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
799 if (wpa_s
->bgscan_ssid
!= NULL
) {
800 bgscan_deinit(wpa_s
);
801 wpa_s
->bgscan_ssid
= NULL
;
805 #endif /* CONFIG_BGSCAN */
808 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
810 if (autoscan_init(wpa_s
, 0))
811 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
815 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
817 autoscan_deinit(wpa_s
);
821 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
823 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
824 wpa_s
->wpa_state
== WPA_SCANNING
) {
825 autoscan_deinit(wpa_s
);
826 wpa_supplicant_start_autoscan(wpa_s
);
832 * wpa_supplicant_set_state - Set current connection state
833 * @wpa_s: Pointer to wpa_supplicant data
834 * @state: The new connection state
836 * This function is called whenever the connection state changes, e.g.,
837 * association is completed for WPA/WPA2 4-Way Handshake is started.
839 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
840 enum wpa_states state
)
842 enum wpa_states old_state
= wpa_s
->wpa_state
;
843 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
844 Boolean update_fils_connect_params
= FALSE
;
845 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
847 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
848 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
849 wpa_supplicant_state_txt(state
));
851 if (state
== WPA_COMPLETED
&&
852 os_reltime_initialized(&wpa_s
->roam_start
)) {
853 os_reltime_age(&wpa_s
->roam_start
, &wpa_s
->roam_time
);
854 wpa_s
->roam_start
.sec
= 0;
855 wpa_s
->roam_start
.usec
= 0;
856 wpas_notify_auth_changed(wpa_s
);
857 wpas_notify_roam_time(wpa_s
);
858 wpas_notify_roam_complete(wpa_s
);
859 } else if (state
== WPA_DISCONNECTED
&&
860 os_reltime_initialized(&wpa_s
->roam_start
)) {
861 wpa_s
->roam_start
.sec
= 0;
862 wpa_s
->roam_start
.usec
= 0;
863 wpa_s
->roam_time
.sec
= 0;
864 wpa_s
->roam_time
.usec
= 0;
865 wpas_notify_roam_complete(wpa_s
);
868 if (state
== WPA_INTERFACE_DISABLED
) {
869 /* Assure normal scan when interface is restored */
870 wpa_s
->normal_scans
= 0;
873 if (state
== WPA_COMPLETED
) {
874 wpas_connect_work_done(wpa_s
);
875 /* Reinitialize normal_scan counter */
876 wpa_s
->normal_scans
= 0;
881 * P2PS client has to reply to Probe Request frames received on the
882 * group operating channel. Enable Probe Request frame reporting for
883 * P2P connected client in case p2p_cli_probe configuration property is
886 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
887 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
888 wpa_s
->current_ssid
->p2p_group
) {
889 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
890 wpa_dbg(wpa_s
, MSG_DEBUG
,
891 "P2P: Enable CLI Probe Request RX reporting");
892 wpa_s
->p2p_cli_probe
=
893 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
894 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
895 wpa_dbg(wpa_s
, MSG_DEBUG
,
896 "P2P: Disable CLI Probe Request RX reporting");
897 wpa_s
->p2p_cli_probe
= 0;
898 wpa_drv_probe_req_report(wpa_s
, 0);
901 #endif /* CONFIG_P2P */
903 if (state
!= WPA_SCANNING
)
904 wpa_supplicant_notify_scanning(wpa_s
, 0);
906 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
907 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
908 int fils_hlp_sent
= 0;
911 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
912 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
914 #endif /* CONFIG_SME */
915 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
916 wpa_auth_alg_fils(wpa_s
->auth_alg
))
919 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
920 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
921 MACSTR
" completed [id=%d id_str=%s%s]",
922 MAC2STR(wpa_s
->bssid
),
923 ssid
? ssid
->id
: -1,
924 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
925 fils_hlp_sent
? " FILS_HLP_SENT" : "");
926 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
927 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
928 wpa_blacklist_clear(wpa_s
);
929 wpa_s
->extra_blacklist_count
= 0;
930 wpa_s
->new_connection
= 0;
931 wpa_drv_set_operstate(wpa_s
, 1);
932 #ifndef IEEE8021X_EAPOL
933 wpa_drv_set_supp_port(wpa_s
, 1);
934 #endif /* IEEE8021X_EAPOL */
935 wpa_s
->after_wps
= 0;
936 wpa_s
->known_wps_freq
= 0;
937 wpas_p2p_completed(wpa_s
);
939 sme_sched_obss_scan(wpa_s
, 1);
941 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
942 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
943 update_fils_connect_params
= TRUE
;
944 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
946 if (ssid
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
))
947 wpas_update_owe_connect_params(wpa_s
);
948 #endif /* CONFIG_OWE */
949 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
950 state
== WPA_ASSOCIATED
) {
951 wpa_s
->new_connection
= 1;
952 wpa_drv_set_operstate(wpa_s
, 0);
953 #ifndef IEEE8021X_EAPOL
954 wpa_drv_set_supp_port(wpa_s
, 0);
955 #endif /* IEEE8021X_EAPOL */
956 sme_sched_obss_scan(wpa_s
, 0);
958 wpa_s
->wpa_state
= state
;
961 if (state
== WPA_COMPLETED
)
962 wpa_supplicant_start_bgscan(wpa_s
);
963 else if (state
< WPA_ASSOCIATED
)
964 wpa_supplicant_stop_bgscan(wpa_s
);
965 #endif /* CONFIG_BGSCAN */
967 if (state
> WPA_SCANNING
)
968 wpa_supplicant_stop_autoscan(wpa_s
);
970 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
971 wpa_supplicant_start_autoscan(wpa_s
);
973 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
974 wmm_ac_notify_disassoc(wpa_s
);
976 if (wpa_s
->wpa_state
!= old_state
) {
977 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
980 * Notify the P2P Device interface about a state change in one
983 wpas_p2p_indicate_state_change(wpa_s
);
985 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
986 old_state
== WPA_COMPLETED
)
987 wpas_notify_auth_changed(wpa_s
);
989 if (wpa_s
->wpa_state
== WPA_COMPLETED
)
990 wpas_dpp_connected(wpa_s
);
991 #endif /* CONFIG_DPP2 */
993 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
994 if (update_fils_connect_params
)
995 wpas_update_fils_connect_params(wpa_s
);
996 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1000 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
1004 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
1006 struct wpa_supplicant
*next
= wpa_s
->next
;
1007 if (wpas_wps_terminate_pending(wpa_s
) == 1)
1010 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
1011 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
1012 wpas_p2p_disconnect(wpa_s
);
1013 #endif /* CONFIG_P2P */
1016 #endif /* CONFIG_WPS */
1023 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
1025 struct wpa_global
*global
= signal_ctx
;
1026 wpa_supplicant_terminate_proc(global
);
1030 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1032 enum wpa_states old_state
= wpa_s
->wpa_state
;
1034 wpa_s
->pairwise_cipher
= 0;
1035 wpa_s
->group_cipher
= 0;
1036 wpa_s
->mgmt_group_cipher
= 0;
1037 wpa_s
->key_mgmt
= 0;
1038 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1039 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1041 if (wpa_s
->wpa_state
!= old_state
)
1042 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1047 * wpa_supplicant_reload_configuration - Reload configuration data
1048 * @wpa_s: Pointer to wpa_supplicant data
1049 * Returns: 0 on success or -1 if configuration parsing failed
1051 * This function can be used to request that the configuration data is reloaded
1052 * (e.g., after configuration file change). This function is reloading
1053 * configuration only for one interface, so this may need to be called multiple
1054 * times if %wpa_supplicant is controlling multiple interfaces and all
1055 * interfaces need reconfiguration.
1057 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1059 struct wpa_config
*conf
;
1063 if (wpa_s
->confname
== NULL
)
1065 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1067 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1068 "file '%s' - exiting", wpa_s
->confname
);
1071 if (wpa_s
->confanother
&&
1072 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1073 wpa_msg(wpa_s
, MSG_ERROR
,
1074 "Failed to parse the configuration file '%s' - exiting",
1075 wpa_s
->confanother
);
1079 conf
->changed_parameters
= (unsigned int) -1;
1081 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1082 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1083 os_strcmp(conf
->ctrl_interface
,
1084 wpa_s
->conf
->ctrl_interface
) != 0);
1086 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1087 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1088 wpa_s
->ctrl_iface
= NULL
;
1091 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1092 if (wpa_s
->current_ssid
) {
1093 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1094 wpa_s
->own_disconnect_req
= 1;
1095 wpa_supplicant_deauthenticate(wpa_s
,
1096 WLAN_REASON_DEAUTH_LEAVING
);
1100 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1101 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1103 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1104 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1105 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1107 * Clear forced success to clear EAP state for next
1110 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1112 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1113 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1114 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1115 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1116 rsn_preauth_deinit(wpa_s
->wpa
);
1118 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1119 wpa_config_free(wpa_s
->conf
);
1121 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1122 wpas_notify_ap_scan_changed(wpa_s
);
1125 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1127 wpa_supplicant_update_config(wpa_s
);
1129 wpa_supplicant_clear_status(wpa_s
);
1130 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1131 wpa_s
->reassociate
= 1;
1132 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1134 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1139 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1141 struct wpa_global
*global
= signal_ctx
;
1142 struct wpa_supplicant
*wpa_s
;
1143 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1144 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1146 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1147 wpa_supplicant_terminate_proc(global
);
1151 if (wpa_debug_reopen_file() < 0) {
1152 /* Ignore errors since we cannot really do much to fix this */
1153 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1158 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1159 struct wpa_ssid
*ssid
,
1160 struct wpa_ie_data
*ie
)
1162 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1165 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1166 "from association info");
1171 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1173 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1174 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1175 "cipher 0x%x (mask 0x%x) - reject",
1176 ie
->group_cipher
, ssid
->group_cipher
);
1179 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1180 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1181 "cipher 0x%x (mask 0x%x) - reject",
1182 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1185 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1186 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1187 "management 0x%x (mask 0x%x) - reject",
1188 ie
->key_mgmt
, ssid
->key_mgmt
);
1192 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1193 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1194 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1195 "that does not support management frame protection - "
1204 static int matching_ciphers(struct wpa_ssid
*ssid
, struct wpa_ie_data
*ie
,
1208 ie
->group_cipher
= wpa_default_rsn_cipher(freq
);
1209 if (!ie
->has_pairwise
)
1210 ie
->pairwise_cipher
= wpa_default_rsn_cipher(freq
);
1211 return (ie
->group_cipher
& ssid
->group_cipher
) &&
1212 (ie
->pairwise_cipher
& ssid
->pairwise_cipher
);
1217 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1218 * @wpa_s: Pointer to wpa_supplicant data
1219 * @bss: Scan results for the selected BSS, or %NULL if not available
1220 * @ssid: Configuration data for the selected network
1221 * @wpa_ie: Buffer for the WPA/RSN IE
1222 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1223 * used buffer length in case the functions returns success.
1224 * Returns: 0 on success or -1 on failure
1226 * This function is used to configure authentication and encryption parameters
1227 * based on the network configuration and scan result for the selected BSS (if
1230 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1231 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1232 u8
*wpa_ie
, size_t *wpa_ie_len
)
1234 struct wpa_ie_data ie
;
1236 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1239 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1240 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1241 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1243 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1245 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1246 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1247 matching_ciphers(ssid
, &ie
, bss
->freq
) &&
1248 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1249 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1250 proto
= WPA_PROTO_RSN
;
1251 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1252 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1253 (ie
.group_cipher
& ssid
->group_cipher
) &&
1254 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1255 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1256 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1257 proto
= WPA_PROTO_WPA
;
1259 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1260 wpa_parse_wpa_ie(bss_osen
, 2 + bss_osen
[1], &ie
) == 0 &&
1261 (ie
.group_cipher
& ssid
->group_cipher
) &&
1262 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1263 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1264 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1265 proto
= WPA_PROTO_OSEN
;
1266 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1267 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1268 (ie
.group_cipher
& ssid
->group_cipher
) &&
1269 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1270 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1271 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1272 proto
= WPA_PROTO_RSN
;
1273 #endif /* CONFIG_HS20 */
1275 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1276 wpa_dbg(wpa_s
, MSG_DEBUG
,
1277 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1278 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1280 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1281 MAC2STR(bss
->bssid
),
1282 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1283 bss_wpa
? " WPA" : "",
1284 bss_rsn
? " RSN" : "",
1285 bss_osen
? " OSEN" : "");
1287 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1288 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1289 wpa_dbg(wpa_s
, MSG_DEBUG
,
1290 "Could not parse RSN element");
1292 wpa_dbg(wpa_s
, MSG_DEBUG
,
1293 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1294 ie
.pairwise_cipher
, ie
.group_cipher
,
1299 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1300 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1301 wpa_dbg(wpa_s
, MSG_DEBUG
,
1302 "Could not parse WPA element");
1304 wpa_dbg(wpa_s
, MSG_DEBUG
,
1305 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1306 ie
.pairwise_cipher
, ie
.group_cipher
,
1312 if (ssid
->proto
& WPA_PROTO_OSEN
)
1313 proto
= WPA_PROTO_OSEN
;
1314 else if (ssid
->proto
& WPA_PROTO_RSN
)
1315 proto
= WPA_PROTO_RSN
;
1317 proto
= WPA_PROTO_WPA
;
1318 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1319 os_memset(&ie
, 0, sizeof(ie
));
1320 ie
.group_cipher
= ssid
->group_cipher
;
1321 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1322 ie
.key_mgmt
= ssid
->key_mgmt
;
1323 ie
.mgmt_group_cipher
= 0;
1324 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1325 if (ssid
->group_mgmt_cipher
&
1326 WPA_CIPHER_BIP_GMAC_256
)
1327 ie
.mgmt_group_cipher
=
1328 WPA_CIPHER_BIP_GMAC_256
;
1329 else if (ssid
->group_mgmt_cipher
&
1330 WPA_CIPHER_BIP_CMAC_256
)
1331 ie
.mgmt_group_cipher
=
1332 WPA_CIPHER_BIP_CMAC_256
;
1333 else if (ssid
->group_mgmt_cipher
&
1334 WPA_CIPHER_BIP_GMAC_128
)
1335 ie
.mgmt_group_cipher
=
1336 WPA_CIPHER_BIP_GMAC_128
;
1338 ie
.mgmt_group_cipher
=
1339 WPA_CIPHER_AES_128_CMAC
;
1342 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1344 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1345 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1346 wpa_s
->wpa_proto
= 0;
1350 #endif /* CONFIG_OWE */
1351 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1352 "based on configuration");
1357 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1358 "pairwise %d key_mgmt %d proto %d",
1359 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1360 if (ssid
->ieee80211w
) {
1361 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1362 ie
.mgmt_group_cipher
);
1365 wpa_s
->wpa_proto
= proto
;
1366 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1367 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1368 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1370 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1371 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1372 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1373 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1374 bss_rsn
? 2 + bss_rsn
[1] : 0))
1378 #ifdef CONFIG_NO_WPA
1379 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1380 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1381 #else /* CONFIG_NO_WPA */
1382 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1383 wpa_dbg(wpa_s
, MSG_DEBUG
,
1384 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1385 ie
.group_cipher
, ssid
->group_cipher
, sel
);
1386 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1387 if (wpa_s
->group_cipher
< 0) {
1388 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1392 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1393 wpa_cipher_txt(wpa_s
->group_cipher
));
1395 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1396 wpa_dbg(wpa_s
, MSG_DEBUG
,
1397 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1398 ie
.pairwise_cipher
, ssid
->pairwise_cipher
, sel
);
1399 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1400 if (wpa_s
->pairwise_cipher
< 0) {
1401 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1405 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1406 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1407 #endif /* CONFIG_NO_WPA */
1409 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1410 wpa_dbg(wpa_s
, MSG_DEBUG
,
1411 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1412 ie
.key_mgmt
, ssid
->key_mgmt
, sel
);
1414 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1415 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1416 #endif /* CONFIG_SAE */
1418 #ifdef CONFIG_IEEE80211R
1419 #ifdef CONFIG_SHA384
1420 } else if ((sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) &&
1421 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s
), "LEAP") != 0) {
1422 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1423 wpa_dbg(wpa_s
, MSG_DEBUG
,
1424 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1425 if (!ssid
->ft_eap_pmksa_caching
&&
1426 pmksa_cache_get_current(wpa_s
->wpa
)) {
1427 /* PMKSA caching with FT may have interoperability
1428 * issues, so disable that case by default for now. */
1429 wpa_dbg(wpa_s
, MSG_DEBUG
,
1430 "WPA: Disable PMKSA caching for FT/802.1X connection");
1431 pmksa_cache_clear_current(wpa_s
->wpa
);
1433 #endif /* CONFIG_SHA384 */
1434 #endif /* CONFIG_IEEE80211R */
1435 #ifdef CONFIG_SUITEB192
1436 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1437 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1438 wpa_dbg(wpa_s
, MSG_DEBUG
,
1439 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1440 #endif /* CONFIG_SUITEB192 */
1441 #ifdef CONFIG_SUITEB
1442 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1443 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1444 wpa_dbg(wpa_s
, MSG_DEBUG
,
1445 "WPA: using KEY_MGMT 802.1X with Suite B");
1446 #endif /* CONFIG_SUITEB */
1448 #ifdef CONFIG_IEEE80211R
1449 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1450 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1451 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1452 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1453 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1454 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1455 #endif /* CONFIG_IEEE80211R */
1456 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1457 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1458 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1459 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1460 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1461 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1462 #endif /* CONFIG_FILS */
1463 #ifdef CONFIG_IEEE80211R
1464 } else if ((sel
& WPA_KEY_MGMT_FT_IEEE8021X
) &&
1465 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s
), "LEAP") != 0) {
1466 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1467 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1468 if (!ssid
->ft_eap_pmksa_caching
&&
1469 pmksa_cache_get_current(wpa_s
->wpa
)) {
1470 /* PMKSA caching with FT may have interoperability
1471 * issues, so disable that case by default for now. */
1472 wpa_dbg(wpa_s
, MSG_DEBUG
,
1473 "WPA: Disable PMKSA caching for FT/802.1X connection");
1474 pmksa_cache_clear_current(wpa_s
->wpa
);
1476 #endif /* CONFIG_IEEE80211R */
1478 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1479 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1480 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1481 #endif /* CONFIG_DPP */
1483 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1484 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1485 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1486 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1487 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1488 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1489 #endif /* CONFIG_SAE */
1490 #ifdef CONFIG_IEEE80211R
1491 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1492 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1493 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1494 #endif /* CONFIG_IEEE80211R */
1495 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1496 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1497 wpa_dbg(wpa_s
, MSG_DEBUG
,
1498 "WPA: using KEY_MGMT 802.1X with SHA256");
1499 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1500 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1501 wpa_dbg(wpa_s
, MSG_DEBUG
,
1502 "WPA: using KEY_MGMT PSK with SHA256");
1503 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1504 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1505 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1506 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1507 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1508 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1509 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1510 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1511 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1513 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1514 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1515 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1516 #endif /* CONFIG_HS20 */
1518 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1519 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1520 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1521 #endif /* CONFIG_OWE */
1523 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1524 "authenticated key management type");
1528 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1529 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1530 wpa_s
->pairwise_cipher
);
1531 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1533 if (!(ie
.capabilities
& WPA_CAPABILITY_MFPC
) &&
1534 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1535 wpa_msg(wpa_s
, MSG_INFO
,
1536 "RSN: Management frame protection required but the selected AP does not enable it");
1540 sel
= ie
.mgmt_group_cipher
;
1541 if (ssid
->group_mgmt_cipher
)
1542 sel
&= ssid
->group_mgmt_cipher
;
1543 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1544 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1546 wpa_dbg(wpa_s
, MSG_DEBUG
,
1547 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1548 ie
.mgmt_group_cipher
, ssid
->group_mgmt_cipher
, sel
);
1549 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1550 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1551 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1553 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1554 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1555 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1557 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1558 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1559 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1561 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1562 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1563 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1566 wpa_s
->mgmt_group_cipher
= 0;
1567 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1569 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1570 wpa_s
->mgmt_group_cipher
);
1571 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1572 wpas_get_ssid_pmf(wpa_s
, ssid
));
1574 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_OCV
, ssid
->ocv
);
1575 #endif /* CONFIG_OCV */
1577 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1578 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1584 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1585 /* Use PMK from DPP network introduction (PMKSA entry) */
1586 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1587 #endif /* CONFIG_DPP */
1588 } else if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1592 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1593 WPA_KEY_MGMT_FT_PSK
|
1594 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1596 if (ssid
->psk_set
&& !sae_only
) {
1597 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1598 ssid
->psk
, PMK_LEN
);
1599 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1604 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1605 (ssid
->sae_password
|| ssid
->passphrase
))
1608 #ifndef CONFIG_NO_PBKDF2
1609 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1610 ssid
->passphrase
&& !sae_only
) {
1612 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1613 4096, psk
, PMK_LEN
);
1614 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1616 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1618 os_memset(psk
, 0, sizeof(psk
));
1620 #endif /* CONFIG_NO_PBKDF2 */
1621 #ifdef CONFIG_EXT_PASSWORD
1622 if (ssid
->ext_psk
&& !sae_only
) {
1623 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1625 char pw_str
[64 + 1];
1629 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1630 "found from external storage");
1634 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1635 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1636 "PSK length %d in external storage",
1637 (int) wpabuf_len(pw
));
1638 ext_password_free(pw
);
1642 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1643 pw_str
[wpabuf_len(pw
)] = '\0';
1645 #ifndef CONFIG_NO_PBKDF2
1646 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1648 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1649 4096, psk
, PMK_LEN
);
1650 os_memset(pw_str
, 0, sizeof(pw_str
));
1651 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1652 "external passphrase)",
1654 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1657 os_memset(psk
, 0, sizeof(psk
));
1659 #endif /* CONFIG_NO_PBKDF2 */
1660 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1661 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1662 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1663 "Invalid PSK hex string");
1664 os_memset(pw_str
, 0, sizeof(pw_str
));
1665 ext_password_free(pw
);
1668 wpa_hexdump_key(MSG_MSGDUMP
,
1669 "PSK (from external PSK)",
1671 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1674 os_memset(psk
, 0, sizeof(psk
));
1676 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1678 os_memset(pw_str
, 0, sizeof(pw_str
));
1679 ext_password_free(pw
);
1683 os_memset(pw_str
, 0, sizeof(pw_str
));
1684 ext_password_free(pw
);
1686 #endif /* CONFIG_EXT_PASSWORD */
1689 wpa_msg(wpa_s
, MSG_INFO
,
1690 "No PSK available for association");
1691 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1695 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1696 /* OWE Diffie-Hellman exchange in (Re)Association
1697 * Request/Response frames set the PMK, so do not override it
1699 #endif /* CONFIG_OWE */
1701 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1707 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1712 case 0: /* Bits 0-7 */
1714 case 1: /* Bits 8-15 */
1715 if (wpa_s
->conf
->coloc_intf_reporting
) {
1716 /* Bit 13 - Collocated Interference Reporting */
1720 case 2: /* Bits 16-23 */
1722 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1723 if (!wpa_s
->disable_mbo_oce
&& !wpa_s
->conf
->disable_btm
)
1724 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1725 #endif /* CONFIG_WNM */
1727 case 3: /* Bits 24-31 */
1729 *pos
|= 0x02; /* Bit 25 - SSID List */
1730 #endif /* CONFIG_WNM */
1731 #ifdef CONFIG_INTERWORKING
1732 if (wpa_s
->conf
->interworking
)
1733 *pos
|= 0x80; /* Bit 31 - Interworking */
1734 #endif /* CONFIG_INTERWORKING */
1736 case 4: /* Bits 32-39 */
1737 #ifdef CONFIG_INTERWORKING
1738 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1739 *pos
|= 0x01; /* Bit 32 - QoS Map */
1740 #endif /* CONFIG_INTERWORKING */
1742 case 5: /* Bits 40-47 */
1744 if (wpa_s
->conf
->hs20
)
1745 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1746 #endif /* CONFIG_HS20 */
1748 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1749 #endif /* CONFIG_MBO */
1751 case 6: /* Bits 48-55 */
1753 case 7: /* Bits 56-63 */
1755 case 8: /* Bits 64-71 */
1756 if (wpa_s
->conf
->ftm_responder
)
1757 *pos
|= 0x40; /* Bit 70 - FTM responder */
1758 if (wpa_s
->conf
->ftm_initiator
)
1759 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1761 case 9: /* Bits 72-79 */
1763 if (!wpa_s
->disable_fils
)
1765 #endif /* CONFIG_FILS */
1771 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1776 if (len
< wpa_s
->extended_capa_len
)
1777 len
= wpa_s
->extended_capa_len
;
1778 if (buflen
< (size_t) len
+ 2) {
1779 wpa_printf(MSG_INFO
,
1780 "Not enough room for building extended capabilities element");
1784 *pos
++ = WLAN_EID_EXT_CAPAB
;
1786 for (i
= 0; i
< len
; i
++, pos
++) {
1787 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1789 if (i
< wpa_s
->extended_capa_len
) {
1790 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1791 *pos
|= wpa_s
->extended_capa
[i
];
1795 while (len
> 0 && buf
[1 + len
] == 0) {
1806 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1807 struct wpa_bss
*test_bss
)
1809 struct wpa_bss
*bss
;
1811 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1812 if (bss
== test_bss
)
1820 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1821 struct wpa_ssid
*test_ssid
)
1823 struct wpa_ssid
*ssid
;
1825 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1826 if (ssid
== test_ssid
)
1834 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1835 struct wpa_ssid
*test_ssid
)
1837 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1840 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1844 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1852 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1854 struct wpa_connect_work
*cwork
;
1855 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1860 wpa_s
->connect_work
= NULL
;
1863 wpas_connect_work_free(cwork
);
1864 radio_work_done(work
);
1868 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1870 struct os_reltime now
;
1873 os_get_reltime(&now
);
1874 if (wpa_s
->last_mac_addr_style
== style
&&
1875 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1876 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1877 wpa_s
->conf
->rand_addr_lifetime
)) {
1878 wpa_msg(wpa_s
, MSG_DEBUG
,
1879 "Previously selected random MAC address has not yet expired");
1885 if (random_mac_addr(addr
) < 0)
1889 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1890 if (random_mac_addr_keep_oui(addr
) < 0)
1897 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1898 wpa_msg(wpa_s
, MSG_INFO
,
1899 "Failed to set random MAC address");
1903 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1904 wpa_s
->mac_addr_changed
= 1;
1905 wpa_s
->last_mac_addr_style
= style
;
1907 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1908 wpa_msg(wpa_s
, MSG_INFO
,
1909 "Could not update MAC address information");
1913 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1920 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1922 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1923 !wpa_s
->conf
->preassoc_mac_addr
)
1926 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1930 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1933 * wpa_supplicant_associate - Request association
1934 * @wpa_s: Pointer to wpa_supplicant data
1935 * @bss: Scan results for the selected BSS, or %NULL if not available
1936 * @ssid: Configuration data for the selected network
1938 * This function is used to request %wpa_supplicant to associate with a BSS.
1940 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1941 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1943 struct wpa_connect_work
*cwork
;
1946 wpa_s
->own_disconnect_req
= 0;
1949 * If we are starting a new connection, any previously pending EAPOL
1950 * RX cannot be valid anymore.
1952 wpabuf_free(wpa_s
->pending_eapol_rx
);
1953 wpa_s
->pending_eapol_rx
= NULL
;
1955 if (ssid
->mac_addr
== -1)
1956 rand_style
= wpa_s
->conf
->mac_addr
;
1958 rand_style
= ssid
->mac_addr
;
1960 wmm_ac_clear_saved_tspecs(wpa_s
);
1961 wpa_s
->reassoc_same_bss
= 0;
1962 wpa_s
->reassoc_same_ess
= 0;
1963 #ifdef CONFIG_TESTING_OPTIONS
1964 wpa_s
->testing_resend_assoc
= 0;
1965 #endif /* CONFIG_TESTING_OPTIONS */
1967 if (wpa_s
->last_ssid
== ssid
) {
1968 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1969 wpa_s
->reassoc_same_ess
= 1;
1970 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1971 wmm_ac_save_tspecs(wpa_s
);
1972 wpa_s
->reassoc_same_bss
= 1;
1973 } else if (wpa_s
->current_bss
&& wpa_s
->current_bss
!= bss
) {
1974 os_get_reltime(&wpa_s
->roam_start
);
1978 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1979 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1981 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1982 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1983 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1984 wpa_msg(wpa_s
, MSG_INFO
,
1985 "Could not restore permanent MAC address");
1988 wpa_s
->mac_addr_changed
= 0;
1989 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1990 wpa_msg(wpa_s
, MSG_INFO
,
1991 "Could not update MAC address information");
1994 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1996 wpa_s
->last_ssid
= ssid
;
1998 #ifdef CONFIG_IBSS_RSN
1999 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
2000 wpa_s
->ibss_rsn
= NULL
;
2001 #else /* CONFIG_IBSS_RSN */
2002 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2003 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
2004 wpa_msg(wpa_s
, MSG_INFO
,
2005 "IBSS RSN not supported in the build");
2008 #endif /* CONFIG_IBSS_RSN */
2010 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
2011 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
2013 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
2014 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
2018 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
2019 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2020 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
2021 wpas_p2p_ap_setup_failed(wpa_s
);
2024 wpa_s
->current_bss
= bss
;
2025 #else /* CONFIG_AP */
2026 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
2028 #endif /* CONFIG_AP */
2032 if (ssid
->mode
== WPAS_MODE_MESH
) {
2034 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
2035 wpa_msg(wpa_s
, MSG_INFO
,
2036 "Driver does not support mesh mode");
2040 ssid
->frequency
= bss
->freq
;
2041 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
2042 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
2045 wpa_s
->current_bss
= bss
;
2046 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
2047 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
2049 wpas_notify_mesh_group_started(wpa_s
, ssid
);
2050 #else /* CONFIG_MESH */
2051 wpa_msg(wpa_s
, MSG_ERROR
,
2052 "mesh mode support not included in the build");
2053 #endif /* CONFIG_MESH */
2058 * Set WPA state machine configuration to match the selected network now
2059 * so that the information is available before wpas_start_assoc_cb()
2060 * gets called. This is needed at least for RSN pre-authentication where
2061 * candidate APs are added to a list based on scan result processing
2062 * before completion of the first association.
2064 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
2067 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
2069 #endif /* CONFIG_DPP */
2073 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2075 #endif /* CONFIG_TDLS */
2078 wpas_mbo_check_pmf(wpa_s
, bss
, ssid
);
2079 #endif /* CONFIG_MBO */
2081 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2082 ssid
->mode
== WPAS_MODE_INFRA
) {
2083 sme_authenticate(wpa_s
, bss
, ssid
);
2087 if (wpa_s
->connect_work
) {
2088 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2092 if (radio_work_pending(wpa_s
, "connect")) {
2093 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2098 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2099 /* Clear possibly set auth_alg, if any, from last attempt. */
2100 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2102 #endif /* CONFIG_SME */
2104 wpas_abort_ongoing_scan(wpa_s
);
2106 cwork
= os_zalloc(sizeof(*cwork
));
2113 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2114 wpas_start_assoc_cb
, cwork
) < 0) {
2120 static int bss_is_ibss(struct wpa_bss
*bss
)
2122 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2127 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2128 const struct wpa_ssid
*ssid
)
2130 enum hostapd_hw_mode hw_mode
;
2131 struct hostapd_hw_modes
*mode
= NULL
;
2135 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2136 if (hw_mode
== NUM_HOSTAPD_MODES
)
2138 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2139 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2140 mode
= &wpa_s
->hw
.modes
[i
];
2148 return mode
->vht_capab
!= 0;
2152 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2153 const struct wpa_ssid
*ssid
,
2154 struct hostapd_freq_params
*freq
)
2156 int ieee80211_mode
= wpas_mode_to_ieee80211_mode(ssid
->mode
);
2157 enum hostapd_hw_mode hw_mode
;
2158 struct hostapd_hw_modes
*mode
= NULL
;
2159 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2161 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2162 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2164 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2166 struct hostapd_freq_params vht_freq
;
2167 int chwidth
, seg0
, seg1
;
2171 freq
->freq
= ssid
->frequency
;
2173 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2174 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2176 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2179 /* Don't adjust control freq in case of fixed_freq */
2180 if (ssid
->fixed_freq
)
2183 if (!bss_is_ibss(bss
))
2186 if (ssid
->ssid_len
== bss
->ssid_len
&&
2187 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2188 wpa_printf(MSG_DEBUG
,
2189 "IBSS already found in scan results, adjust control freq: %d",
2191 freq
->freq
= bss
->freq
;
2197 /* For IBSS check HT_IBSS flag */
2198 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2199 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2202 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2203 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2204 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2205 wpa_printf(MSG_DEBUG
,
2206 "IBSS: WEP/TKIP detected, do not try to enable HT");
2210 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2211 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2212 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2213 mode
= &wpa_s
->hw
.modes
[i
];
2221 is_24ghz
= hw_mode
== HOSTAPD_MODE_IEEE80211G
||
2222 hw_mode
== HOSTAPD_MODE_IEEE80211B
;
2224 #ifdef CONFIG_HT_OVERRIDES
2225 if (ssid
->disable_ht
) {
2226 freq
->ht_enabled
= 0;
2229 #endif /* CONFIG_HT_OVERRIDES */
2231 freq
->ht_enabled
= ht_supported(mode
);
2232 if (!freq
->ht_enabled
)
2235 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2237 freq
->he_enabled
= mode
->he_capab
[ieee80211_mode
].he_supported
;
2239 /* Setup higher BW only for 5 GHz */
2240 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2243 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2244 pri_chan
= &mode
->channels
[chan_idx
];
2245 if (pri_chan
->chan
== channel
)
2252 /* Check primary channel flags */
2253 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2256 freq
->channel
= pri_chan
->chan
;
2258 #ifdef CONFIG_HT_OVERRIDES
2259 if (ssid
->disable_ht40
) {
2260 if (ssid
->disable_vht
)
2264 #endif /* CONFIG_HT_OVERRIDES */
2266 /* Check/setup HT40+/HT40- */
2267 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2268 if (ht40plus
[j
] == channel
) {
2274 /* Find secondary channel */
2275 for (i
= 0; i
< mode
->num_channels
; i
++) {
2276 sec_chan
= &mode
->channels
[i
];
2277 if (sec_chan
->chan
== channel
+ ht40
* 4)
2284 /* Check secondary channel flags */
2285 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2289 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2292 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2295 freq
->sec_channel_offset
= ht40
;
2298 struct wpa_scan_results
*scan_res
;
2300 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2301 if (scan_res
== NULL
) {
2303 freq
->sec_channel_offset
= 0;
2307 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2312 freq
->sec_channel_offset
= 0;
2315 /* Configuration allowed */
2318 /* Switch pri/sec channels */
2319 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2320 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2321 freq
->channel
= sec_chan
->chan
;
2324 freq
->sec_channel_offset
= 0;
2328 wpa_scan_results_free(scan_res
);
2331 #ifdef CONFIG_HT_OVERRIDES
2333 #endif /* CONFIG_HT_OVERRIDES */
2334 wpa_printf(MSG_DEBUG
,
2335 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2336 freq
->channel
, freq
->sec_channel_offset
);
2338 if (!drv_supports_vht(wpa_s
, ssid
))
2341 /* For IBSS check VHT_IBSS flag */
2342 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2343 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2348 #ifdef CONFIG_VHT_OVERRIDES
2349 if (ssid
->disable_vht
) {
2350 freq
->vht_enabled
= 0;
2353 #endif /* CONFIG_VHT_OVERRIDES */
2355 vht_freq
.vht_enabled
= vht_supported(mode
);
2356 if (!vht_freq
.vht_enabled
)
2359 /* Enable HE for VHT */
2360 vht_freq
.he_enabled
= mode
->he_capab
[ieee80211_mode
].he_supported
;
2362 /* setup center_freq1, bandwidth */
2363 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2364 if (freq
->channel
>= vht80
[j
] &&
2365 freq
->channel
< vht80
[j
] + 16)
2369 if (j
== ARRAY_SIZE(vht80
))
2372 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2373 struct hostapd_channel_data
*chan
;
2375 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2379 /* Back to HT configuration if channel not usable */
2380 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2384 chwidth
= CHANWIDTH_80MHZ
;
2385 seg0
= vht80
[j
] + 6;
2388 if (ssid
->max_oper_chwidth
== CHANWIDTH_80P80MHZ
) {
2389 /* setup center_freq2, bandwidth */
2390 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2391 /* Only accept 80 MHz segments separated by a gap */
2392 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2394 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2395 struct hostapd_channel_data
*chan
;
2397 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2401 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2402 HOSTAPD_CHAN_NO_IR
|
2403 HOSTAPD_CHAN_RADAR
))
2406 /* Found a suitable second segment for 80+80 */
2407 chwidth
= CHANWIDTH_80P80MHZ
;
2409 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2410 seg1
= vht80
[k
] + 6;
2413 if (chwidth
== CHANWIDTH_80P80MHZ
)
2416 } else if (ssid
->max_oper_chwidth
== CHANWIDTH_160MHZ
) {
2417 if (freq
->freq
== 5180) {
2418 chwidth
= CHANWIDTH_160MHZ
;
2419 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2421 } else if (freq
->freq
== 5520) {
2422 chwidth
= CHANWIDTH_160MHZ
;
2423 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2426 } else if (ssid
->max_oper_chwidth
== CHANWIDTH_USE_HT
) {
2427 chwidth
= CHANWIDTH_USE_HT
;
2428 seg0
= vht80
[j
] + 2;
2429 #ifdef CONFIG_HT_OVERRIDES
2430 if (ssid
->disable_ht40
)
2432 #endif /* CONFIG_HT_OVERRIDES */
2435 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2436 freq
->channel
, freq
->ht_enabled
,
2437 vht_freq
.vht_enabled
, freq
->he_enabled
,
2438 freq
->sec_channel_offset
,
2439 chwidth
, seg0
, seg1
, vht_caps
,
2440 &mode
->he_capab
[ieee80211_mode
]) != 0)
2445 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2446 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2451 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2454 struct fils_hlp_req
*req
;
2455 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2459 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2461 rem_len
= ie_buf_len
- ie_len
;
2462 pos
= wpabuf_head(req
->pkt
);
2463 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2464 hlp_len
= wpabuf_len(req
->pkt
);
2466 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2467 wpa_printf(MSG_ERROR
,
2468 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2469 (unsigned long) rem_len
,
2470 (unsigned long) (2 + hdr_len
+ hlp_len
));
2474 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2476 *buf
++ = WLAN_EID_EXTENSION
;
2479 /* Element ID Extension */
2480 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2481 /* Destination MAC address */
2482 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2484 /* Source MAC address */
2485 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2487 /* LLC/SNAP Header */
2488 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2491 os_memcpy(buf
, pos
, len
- hdr_len
);
2492 buf
+= len
- hdr_len
;
2493 pos
+= len
- hdr_len
;
2495 hlp_len
-= len
- hdr_len
;
2500 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2501 if (rem_len
< 2 + len
)
2503 *buf
++ = WLAN_EID_FRAGMENT
;
2505 os_memcpy(buf
, pos
, len
);
2519 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2521 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2522 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2523 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2524 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2528 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2530 #ifdef CONFIG_FILS_SK_PFS
2531 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2532 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2533 #else /* CONFIG_FILS_SK_PFS */
2535 #endif /* CONFIG_FILS_SK_PFS */
2538 #endif /* CONFIG_FILS */
2541 static u8
* wpas_populate_assoc_ies(
2542 struct wpa_supplicant
*wpa_s
,
2543 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2544 struct wpa_driver_associate_params
*params
,
2545 enum wpa_drv_update_connect_params_mask
*mask
)
2548 size_t max_wpa_ie_len
= 500;
2550 int algs
= WPA_AUTH_ALG_OPEN
;
2555 int sae_pmksa_cached
= 0;
2556 #endif /* CONFIG_SAE */
2558 const u8
*realm
, *username
, *rrk
;
2559 size_t realm_len
, username_len
, rrk_len
;
2561 struct fils_hlp_req
*req
;
2563 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2565 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2566 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2568 #endif /* CONFIG_FILS */
2570 wpa_ie
= os_malloc(max_wpa_ie_len
);
2572 wpa_printf(MSG_ERROR
,
2573 "Failed to allocate connect IE buffer for %lu bytes",
2574 (unsigned long) max_wpa_ie_len
);
2578 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2579 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2580 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2581 int try_opportunistic
;
2582 const u8
*cache_id
= NULL
;
2584 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2586 ssid
->proactive_key_caching
) &&
2587 (ssid
->proto
& WPA_PROTO_RSN
);
2589 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2590 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2591 #endif /* CONFIG_FILS */
2592 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2593 ssid
, try_opportunistic
,
2594 cache_id
, 0) == 0) {
2595 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2597 sae_pmksa_cached
= 1;
2598 #endif /* CONFIG_SAE */
2600 wpa_ie_len
= max_wpa_ie_len
;
2601 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2602 wpa_ie
, &wpa_ie_len
)) {
2603 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2604 "key management and encryption suites");
2609 } else if (bss
&& wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
) &&
2610 (ssid
->key_mgmt
& WPA_KEY_MGMT_OSEN
)) {
2611 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2612 wpa_ie_len
= max_wpa_ie_len
;
2613 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2614 wpa_ie
, &wpa_ie_len
)) {
2615 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2616 "key management and encryption suites");
2620 #endif /* CONFIG_HS20 */
2621 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2622 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2624 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2625 * use non-WPA since the scan results did not indicate that the
2626 * AP is using WPA or WPA2.
2628 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2630 wpa_s
->wpa_proto
= 0;
2631 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2632 wpa_ie_len
= max_wpa_ie_len
;
2633 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2634 wpa_ie
, &wpa_ie_len
)) {
2635 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2636 "key management and encryption suites (no "
2642 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2643 struct wpabuf
*wps_ie
;
2644 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2645 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2646 wpa_ie_len
= wpabuf_len(wps_ie
);
2647 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2650 wpabuf_free(wps_ie
);
2651 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2652 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2653 params
->wps
= WPS_MODE_PRIVACY
;
2655 params
->wps
= WPS_MODE_OPEN
;
2656 wpa_s
->wpa_proto
= 0;
2657 #endif /* CONFIG_WPS */
2659 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2661 wpa_s
->wpa_proto
= 0;
2664 #ifdef IEEE8021X_EAPOL
2665 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2667 if (ssid
->non_leap
== 0)
2668 algs
= WPA_AUTH_ALG_LEAP
;
2670 algs
|= WPA_AUTH_ALG_LEAP
;
2675 /* Clear FILS association */
2676 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2678 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2679 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2680 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2681 &username_len
, &realm
, &realm_len
,
2682 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2683 (!wpa_s
->last_con_fail_realm
||
2684 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2685 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2686 algs
= WPA_AUTH_ALG_FILS
;
2687 params
->fils_erp_username
= username
;
2688 params
->fils_erp_username_len
= username_len
;
2689 params
->fils_erp_realm
= realm
;
2690 params
->fils_erp_realm_len
= realm_len
;
2691 params
->fils_erp_next_seq_num
= next_seq_num
;
2692 params
->fils_erp_rrk
= rrk
;
2693 params
->fils_erp_rrk_len
= rrk_len
;
2696 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2698 #endif /* CONFIG_FILS */
2699 #endif /* IEEE8021X_EAPOL */
2701 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2702 algs
= WPA_AUTH_ALG_SAE
;
2703 #endif /* CONFIG_SAE */
2705 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2706 if (ssid
->auth_alg
) {
2707 algs
= ssid
->auth_alg
;
2708 wpa_dbg(wpa_s
, MSG_DEBUG
,
2709 "Overriding auth_alg selection: 0x%x", algs
);
2713 if (sae_pmksa_cached
&& algs
== WPA_AUTH_ALG_SAE
) {
2714 wpa_dbg(wpa_s
, MSG_DEBUG
,
2715 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2716 algs
= WPA_AUTH_ALG_OPEN
;
2718 #endif /* CONFIG_SAE */
2721 if (wpa_s
->global
->p2p
) {
2725 pos
= wpa_ie
+ wpa_ie_len
;
2726 len
= max_wpa_ie_len
- wpa_ie_len
;
2727 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2733 wpa_s
->cross_connect_disallowed
= 0;
2736 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2738 wpa_s
->cross_connect_disallowed
=
2739 p2p_get_cross_connect_disallowed(p2p
);
2741 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2743 wpa_s
->cross_connect_disallowed
?
2744 "disallows" : "allows");
2748 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2749 #endif /* CONFIG_P2P */
2752 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, ssid
, bss
->freq
,
2753 wpa_ie
+ wpa_ie_len
,
2759 * Workaround: Add Extended Capabilities element only if the AP
2760 * included this element in Beacon/Probe Response frames. Some older
2761 * APs seem to have interoperability issues if this element is
2762 * included, so while the standard may require us to include the
2763 * element in all cases, it is justifiable to skip it to avoid
2764 * interoperability issues.
2766 if (ssid
->p2p_group
)
2767 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2769 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2771 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2774 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2776 if (ext_capab_len
> 0 &&
2777 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2779 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2781 os_memmove(pos
+ ext_capab_len
, pos
,
2782 wpa_ie_len
- (pos
- wpa_ie
));
2783 wpa_ie_len
+= ext_capab_len
;
2784 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2789 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2790 struct wpabuf
*hs20
;
2792 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2794 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2797 wpas_hs20_add_indication(hs20
, pps_mo_id
,
2798 get_hs20_version(bss
));
2799 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2800 len
= max_wpa_ie_len
- wpa_ie_len
;
2801 if (wpabuf_len(hs20
) <= len
) {
2802 os_memcpy(wpa_ie
+ wpa_ie_len
,
2803 wpabuf_head(hs20
), wpabuf_len(hs20
));
2804 wpa_ie_len
+= wpabuf_len(hs20
);
2808 hs20_configure_frame_filters(wpa_s
);
2811 #endif /* CONFIG_HS20 */
2813 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2814 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2817 len
= max_wpa_ie_len
- wpa_ie_len
;
2818 if (wpabuf_len(buf
) <= len
) {
2819 os_memcpy(wpa_ie
+ wpa_ie_len
,
2820 wpabuf_head(buf
), wpabuf_len(buf
));
2821 wpa_ie_len
+= wpabuf_len(buf
);
2826 if (wpa_s
->fst_ies
) {
2827 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2829 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2830 os_memcpy(wpa_ie
+ wpa_ie_len
,
2831 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2832 wpa_ie_len
+= fst_ies_len
;
2835 #endif /* CONFIG_FST */
2838 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2839 if (!wpa_s
->disable_mbo_oce
&& mbo_ie
) {
2842 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2843 max_wpa_ie_len
- wpa_ie_len
,
2844 !!mbo_attr_from_mbo_ie(mbo_ie
,
2845 OCE_ATTR_ID_CAPA_IND
));
2849 #endif /* CONFIG_MBO */
2852 if (algs
== WPA_AUTH_ALG_FILS
) {
2855 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2856 max_wpa_ie_len
- wpa_ie_len
);
2859 #endif /* CONFIG_FILS */
2862 #ifdef CONFIG_TESTING_OPTIONS
2863 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2864 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2866 #endif /* CONFIG_TESTING_OPTIONS */
2867 if (algs
== WPA_AUTH_ALG_OPEN
&&
2868 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2869 struct wpabuf
*owe_ie
;
2872 if (ssid
->owe_group
) {
2873 group
= ssid
->owe_group
;
2874 } else if (wpa_s
->assoc_status_code
==
2875 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED
) {
2876 if (wpa_s
->last_owe_group
== 19)
2878 else if (wpa_s
->last_owe_group
== 20)
2881 group
= OWE_DH_GROUP
;
2883 group
= OWE_DH_GROUP
;
2886 wpa_s
->last_owe_group
= group
;
2887 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2888 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2890 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2891 os_memcpy(wpa_ie
+ wpa_ie_len
,
2892 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2893 wpa_ie_len
+= wpabuf_len(owe_ie
);
2895 wpabuf_free(owe_ie
);
2897 #endif /* CONFIG_OWE */
2900 if (wpa_sm_get_key_mgmt(wpa_s
->wpa
) == WPA_KEY_MGMT_DPP
&&
2901 ssid
->dpp_netaccesskey
) {
2902 dpp_pfs_free(wpa_s
->dpp_pfs
);
2903 wpa_s
->dpp_pfs
= dpp_pfs_init(ssid
->dpp_netaccesskey
,
2904 ssid
->dpp_netaccesskey_len
);
2905 if (!wpa_s
->dpp_pfs
) {
2906 wpa_printf(MSG_DEBUG
, "DPP: Could not initialize PFS");
2907 /* Try to continue without PFS */
2910 if (wpabuf_len(wpa_s
->dpp_pfs
->ie
) <=
2911 max_wpa_ie_len
- wpa_ie_len
) {
2912 os_memcpy(wpa_ie
+ wpa_ie_len
,
2913 wpabuf_head(wpa_s
->dpp_pfs
->ie
),
2914 wpabuf_len(wpa_s
->dpp_pfs
->ie
));
2915 wpa_ie_len
+= wpabuf_len(wpa_s
->dpp_pfs
->ie
);
2919 #endif /* CONFIG_DPP2 */
2921 #ifdef CONFIG_IEEE80211R
2923 * Add MDIE under these conditions: the network profile allows FT,
2924 * the AP supports FT, and the mobility domain ID matches.
2926 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2927 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2929 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2931 const u8
*md
= mdie
+ 2;
2932 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2934 if (os_memcmp(md
, wpa_md
,
2935 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2936 /* Add mobility domain IE */
2937 len
= wpa_ft_add_mdie(
2938 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2939 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2943 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2944 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2945 wpa_dbg(wpa_s
, MSG_DEBUG
,
2946 "SME: Trying to use FT over-the-air");
2947 algs
|= WPA_AUTH_ALG_FT
;
2949 #endif /* CONFIG_SME */
2952 #endif /* CONFIG_IEEE80211R */
2954 if (ssid
->multi_ap_backhaul_sta
) {
2955 size_t multi_ap_ie_len
;
2957 multi_ap_ie_len
= add_multi_ap_ie(wpa_ie
+ wpa_ie_len
,
2958 max_wpa_ie_len
- wpa_ie_len
,
2959 MULTI_AP_BACKHAUL_STA
);
2960 if (multi_ap_ie_len
== 0) {
2961 wpa_printf(MSG_ERROR
,
2962 "Multi-AP: Failed to build Multi-AP IE");
2966 wpa_ie_len
+= multi_ap_ie_len
;
2969 params
->wpa_ie
= wpa_ie
;
2970 params
->wpa_ie_len
= wpa_ie_len
;
2971 params
->auth_alg
= algs
;
2973 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2980 static void wpas_update_owe_connect_params(struct wpa_supplicant
*wpa_s
)
2982 struct wpa_driver_associate_params params
;
2985 os_memset(¶ms
, 0, sizeof(params
));
2986 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2987 wpa_s
->current_ssid
, ¶ms
, NULL
);
2991 wpa_drv_update_connect_params(wpa_s
, ¶ms
, WPA_DRV_UPDATE_ASSOC_IES
);
2994 #endif /* CONFIG_OWE */
2997 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2998 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
3000 struct wpa_driver_associate_params params
;
3001 enum wpa_drv_update_connect_params_mask mask
= 0;
3004 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
3005 return; /* nothing to do */
3007 os_memset(¶ms
, 0, sizeof(params
));
3008 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
3009 wpa_s
->current_ssid
, ¶ms
, &mask
);
3013 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
3018 wpa_s
->auth_alg
= params
.auth_alg
;
3019 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
3022 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3026 void wpas_update_mbo_connect_params(struct wpa_supplicant
*wpa_s
)
3028 struct wpa_driver_associate_params params
;
3032 * Update MBO connect params only in case of change of MBO attributes
3033 * when connected, if the AP support MBO.
3036 if (wpa_s
->wpa_state
!= WPA_COMPLETED
|| !wpa_s
->current_ssid
||
3037 !wpa_s
->current_bss
||
3038 !wpa_bss_get_vendor_ie(wpa_s
->current_bss
, MBO_IE_VENDOR_TYPE
))
3041 os_memset(¶ms
, 0, sizeof(params
));
3042 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
3043 wpa_s
->current_ssid
, ¶ms
, NULL
);
3047 wpa_drv_update_connect_params(wpa_s
, ¶ms
, WPA_DRV_UPDATE_ASSOC_IES
);
3050 #endif /* CONFIG_MBO */
3053 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
3055 struct wpa_connect_work
*cwork
= work
->ctx
;
3056 struct wpa_bss
*bss
= cwork
->bss
;
3057 struct wpa_ssid
*ssid
= cwork
->ssid
;
3058 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
3060 int use_crypt
, ret
, i
, bssid_changed
;
3061 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
3062 struct wpa_driver_associate_params params
;
3063 int wep_keys_set
= 0;
3064 int assoc_failed
= 0;
3065 struct wpa_ssid
*old_ssid
;
3066 u8 prev_bssid
[ETH_ALEN
];
3067 #ifdef CONFIG_HT_OVERRIDES
3068 struct ieee80211_ht_capabilities htcaps
;
3069 struct ieee80211_ht_capabilities htcaps_mask
;
3070 #endif /* CONFIG_HT_OVERRIDES */
3071 #ifdef CONFIG_VHT_OVERRIDES
3072 struct ieee80211_vht_capabilities vhtcaps
;
3073 struct ieee80211_vht_capabilities vhtcaps_mask
;
3074 #endif /* CONFIG_VHT_OVERRIDES */
3077 if (work
->started
) {
3078 wpa_s
->connect_work
= NULL
;
3080 /* cancel possible auth. timeout */
3081 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
3084 wpas_connect_work_free(cwork
);
3088 wpa_s
->connect_work
= work
;
3090 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
3091 wpas_network_disabled(wpa_s
, ssid
)) {
3092 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3093 wpas_connect_work_done(wpa_s
);
3097 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
3098 os_memset(¶ms
, 0, sizeof(params
));
3099 wpa_s
->reassociate
= 0;
3100 wpa_s
->eap_expected_failure
= 0;
3102 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
3103 #ifdef CONFIG_IEEE80211R
3104 const u8
*ie
, *md
= NULL
;
3105 #endif /* CONFIG_IEEE80211R */
3106 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
3107 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
3108 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
3109 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
3110 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
3111 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
3113 wpas_notify_bssid_changed(wpa_s
);
3114 #ifdef CONFIG_IEEE80211R
3115 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
3116 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
3118 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
3120 /* Prepare for the next transition */
3121 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
3123 #endif /* CONFIG_IEEE80211R */
3125 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
3126 wpa_s
->conf
->ap_scan
== 2 &&
3127 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
3128 /* Use ap_scan==1 style network selection to find the network
3130 wpas_connect_work_done(wpa_s
);
3131 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
3132 wpa_s
->reassociate
= 1;
3133 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3135 #endif /* CONFIG_WPS */
3137 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
3138 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
3140 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
3142 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3145 wpa_supplicant_cancel_sched_scan(wpa_s
);
3147 wpa_supplicant_cancel_scan(wpa_s
);
3149 /* Starting new association, so clear the possibly used WPA IE from the
3150 * previous association. */
3151 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
3153 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
3155 wpas_connect_work_done(wpa_s
);
3159 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
3161 cipher_pairwise
= wpa_s
->pairwise_cipher
;
3162 cipher_group
= wpa_s
->group_cipher
;
3163 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
3164 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
3165 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3166 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
3168 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
3173 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
3176 #ifdef IEEE8021X_EAPOL
3177 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3178 if ((ssid
->eapol_flags
&
3179 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
3180 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
3184 /* Assume that dynamic WEP-104 keys will be used and
3185 * set cipher suites in order for drivers to expect
3187 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
3190 #endif /* IEEE8021X_EAPOL */
3192 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3193 /* Set the key before (and later after) association */
3194 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3197 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
3199 params
.ssid
= bss
->ssid
;
3200 params
.ssid_len
= bss
->ssid_len
;
3201 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
3202 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3203 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
3204 MACSTR
" freq=%u MHz based on scan results "
3205 "(bssid_set=%d wps=%d)",
3206 MAC2STR(bss
->bssid
), bss
->freq
,
3208 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
3209 params
.bssid
= bss
->bssid
;
3210 params
.freq
.freq
= bss
->freq
;
3212 params
.bssid_hint
= bss
->bssid
;
3213 params
.freq_hint
= bss
->freq
;
3214 params
.pbss
= bss_is_pbss(bss
);
3216 if (ssid
->bssid_hint_set
)
3217 params
.bssid_hint
= ssid
->bssid_hint
;
3219 params
.ssid
= ssid
->ssid
;
3220 params
.ssid_len
= ssid
->ssid_len
;
3221 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3224 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3225 wpa_s
->conf
->ap_scan
== 2) {
3226 params
.bssid
= ssid
->bssid
;
3227 params
.fixed_bssid
= 1;
3230 /* Initial frequency for IBSS/mesh */
3231 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3232 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3233 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3235 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3236 params
.fixed_freq
= ssid
->fixed_freq
;
3237 if (ssid
->beacon_int
)
3238 params
.beacon_int
= ssid
->beacon_int
;
3240 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3243 params
.pairwise_suite
= cipher_pairwise
;
3244 params
.group_suite
= cipher_group
;
3245 params
.mgmt_group_suite
= cipher_group_mgmt
;
3246 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3247 params
.wpa_proto
= wpa_s
->wpa_proto
;
3248 wpa_s
->auth_alg
= params
.auth_alg
;
3249 params
.mode
= ssid
->mode
;
3250 params
.bg_scan_period
= ssid
->bg_scan_period
;
3251 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3252 if (ssid
->wep_key_len
[i
])
3253 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3254 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3256 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3258 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
) &&
3259 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3260 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3261 params
.passphrase
= ssid
->passphrase
;
3263 params
.psk
= ssid
->psk
;
3266 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X
) &&
3267 (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3268 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3269 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3270 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
))
3271 params
.req_handshake_offload
= 1;
3273 if (wpa_s
->conf
->key_mgmt_offload
) {
3274 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3275 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3276 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3277 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3278 params
.req_key_mgmt_offload
=
3279 ssid
->proactive_key_caching
< 0 ?
3280 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3282 params
.req_key_mgmt_offload
= 1;
3284 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3285 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3286 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3288 params
.psk
= ssid
->psk
;
3291 params
.drop_unencrypted
= use_crypt
;
3293 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3294 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3295 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3296 struct wpa_ie_data ie
;
3297 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3299 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3300 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3301 "MFP: require MFP");
3302 params
.mgmt_frame_protection
=
3303 MGMT_FRAME_PROTECTION_REQUIRED
;
3305 } else if (!rsn
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
3307 params
.mgmt_frame_protection
= NO_MGMT_FRAME_PROTECTION
;
3308 #endif /* CONFIG_OWE */
3312 params
.p2p
= ssid
->p2p_group
;
3314 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3315 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3319 #ifdef CONFIG_HT_OVERRIDES
3320 os_memset(&htcaps
, 0, sizeof(htcaps
));
3321 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3322 params
.htcaps
= (u8
*) &htcaps
;
3323 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3324 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3325 #endif /* CONFIG_HT_OVERRIDES */
3326 #ifdef CONFIG_VHT_OVERRIDES
3327 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3328 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3329 params
.vhtcaps
= &vhtcaps
;
3330 params
.vhtcaps_mask
= &vhtcaps_mask
;
3331 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3332 #endif /* CONFIG_VHT_OVERRIDES */
3336 * If multi-channel concurrency is not supported, check for any
3337 * frequency conflict. In case of any frequency conflict, remove the
3338 * least prioritized connection.
3340 if (wpa_s
->num_multichan_concurrent
< 2) {
3342 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3343 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3344 wpa_printf(MSG_DEBUG
,
3345 "Assoc conflicting freq found (%d != %d)",
3346 freq
, params
.freq
.freq
);
3347 if (wpas_p2p_handle_frequency_conflicts(
3348 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3349 wpas_connect_work_done(wpa_s
);
3355 #endif /* CONFIG_P2P */
3357 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3358 wpa_s
->current_ssid
)
3359 params
.prev_bssid
= prev_bssid
;
3361 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3364 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3366 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3368 * The driver is known to mean what is saying, so we
3369 * can stop right here; the association will not
3372 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3373 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3374 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3377 /* try to continue anyway; new association will be tried again
3382 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3383 /* Set the key after the association just in case association
3384 * cleared the previously configured key. */
3385 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3386 /* No need to timeout authentication since there is no key
3388 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3389 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3390 #ifdef CONFIG_IBSS_RSN
3391 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3392 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3393 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3395 * RSN IBSS authentication is per-STA and we can disable the
3396 * per-BSSID authentication.
3398 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3399 #endif /* CONFIG_IBSS_RSN */
3401 /* Timeout for IEEE 802.11 authentication and association */
3405 /* give IBSS a bit more time */
3406 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3407 } else if (wpa_s
->conf
->ap_scan
== 1) {
3408 /* give IBSS a bit more time */
3409 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3411 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3415 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3416 /* Set static WEP keys again */
3417 wpa_set_wep_keys(wpa_s
, ssid
);
3420 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3422 * Do not allow EAP session resumption between different
3423 * network configurations.
3425 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3427 old_ssid
= wpa_s
->current_ssid
;
3428 wpa_s
->current_ssid
= ssid
;
3430 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3431 wpa_s
->current_bss
= bss
;
3433 hs20_configure_frame_filters(wpa_s
);
3434 #endif /* CONFIG_HS20 */
3437 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3438 wpa_supplicant_initiate_eapol(wpa_s
);
3439 if (old_ssid
!= wpa_s
->current_ssid
)
3440 wpas_notify_network_changed(wpa_s
);
3444 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3447 struct wpa_ssid
*old_ssid
;
3449 wpas_connect_work_done(wpa_s
);
3450 wpa_clear_keys(wpa_s
, addr
);
3451 old_ssid
= wpa_s
->current_ssid
;
3452 wpa_supplicant_mark_disassoc(wpa_s
);
3453 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3454 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3455 if (old_ssid
!= wpa_s
->current_ssid
)
3456 wpas_notify_network_changed(wpa_s
);
3457 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3462 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3463 * @wpa_s: Pointer to wpa_supplicant data
3464 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3466 * This function is used to request %wpa_supplicant to deauthenticate from the
3469 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3473 union wpa_event_data event
;
3476 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3477 " pending_bssid=" MACSTR
" reason=%d (%s) state=%s",
3478 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3479 reason_code
, reason2str(reason_code
),
3480 wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3482 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3483 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3484 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3485 addr
= wpa_s
->pending_bssid
;
3486 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3487 addr
= wpa_s
->bssid
;
3488 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3490 * When using driver-based BSS selection, we may not know the
3491 * BSSID with which we are currently trying to associate. We
3492 * need to notify the driver of this disconnection even in such
3493 * a case, so use the all zeros address here.
3495 addr
= wpa_s
->bssid
;
3499 if (wpa_s
->enabled_4addr_mode
&& wpa_drv_set_4addr_mode(wpa_s
, 0) == 0)
3500 wpa_s
->enabled_4addr_mode
= 0;
3503 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3504 #endif /* CONFIG_TDLS */
3508 struct mesh_conf
*mconf
;
3510 mconf
= wpa_s
->ifmsh
->mconf
;
3511 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3513 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3514 mconf
->meshid_len
, reason_code
);
3515 wpa_supplicant_leave_mesh(wpa_s
);
3517 #endif /* CONFIG_MESH */
3520 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3521 os_memset(&event
, 0, sizeof(event
));
3522 event
.deauth_info
.reason_code
= reason_code
;
3523 event
.deauth_info
.locally_generated
= 1;
3524 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3529 wpa_supplicant_clear_connection(wpa_s
, addr
);
3532 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3533 struct wpa_ssid
*ssid
)
3535 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3539 ssid
->owe_transition_bss_select_count
= 0;
3540 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3541 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3544 * Try to reassociate since there is no current configuration and a new
3545 * network was made available.
3547 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3548 wpa_s
->reassociate
= 1;
3553 * wpa_supplicant_add_network - Add a new network
3554 * @wpa_s: wpa_supplicant structure for a network interface
3555 * Returns: The new network configuration or %NULL if operation failed
3557 * This function performs the following operations:
3558 * 1. Adds a new network.
3559 * 2. Send network addition notification.
3560 * 3. Marks the network disabled.
3561 * 4. Set network default parameters.
3563 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3565 struct wpa_ssid
*ssid
;
3567 ssid
= wpa_config_add_network(wpa_s
->conf
);
3570 wpas_notify_network_added(wpa_s
, ssid
);
3572 wpa_config_set_network_defaults(ssid
);
3579 * wpa_supplicant_remove_network - Remove a configured network based on id
3580 * @wpa_s: wpa_supplicant structure for a network interface
3581 * @id: Unique network id to search for
3582 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3583 * could not be removed
3585 * This function performs the following operations:
3586 * 1. Removes the network.
3587 * 2. Send network removal notification.
3588 * 3. Update internal state machines.
3589 * 4. Stop any running sched scans.
3591 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3593 struct wpa_ssid
*ssid
;
3596 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3599 wpas_notify_network_removed(wpa_s
, ssid
);
3601 if (wpa_s
->last_ssid
== ssid
)
3602 wpa_s
->last_ssid
= NULL
;
3604 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3606 wpa_s
->sme
.prev_bssid_set
= 0;
3607 #endif /* CONFIG_SME */
3609 * Invalidate the EAP session cache if the current or
3610 * previously used network is removed.
3612 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3615 if (ssid
== wpa_s
->current_ssid
) {
3616 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3617 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3619 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3620 wpa_s
->own_disconnect_req
= 1;
3621 wpa_supplicant_deauthenticate(wpa_s
,
3622 WLAN_REASON_DEAUTH_LEAVING
);
3625 was_disabled
= ssid
->disabled
;
3627 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3630 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3631 wpa_printf(MSG_DEBUG
,
3632 "Stop ongoing sched_scan to remove network from filters");
3633 wpa_supplicant_cancel_sched_scan(wpa_s
);
3634 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3642 * wpa_supplicant_enable_network - Mark a configured network as enabled
3643 * @wpa_s: wpa_supplicant structure for a network interface
3644 * @ssid: wpa_ssid structure for a configured network or %NULL
3646 * Enables the specified network or all networks if no network specified.
3648 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3649 struct wpa_ssid
*ssid
)
3652 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3653 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3655 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3657 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3658 (!wpa_s
->current_ssid
||
3659 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3660 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3661 if (wpa_s
->sched_scanning
) {
3662 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3663 "new network to scan filters");
3664 wpa_supplicant_cancel_sched_scan(wpa_s
);
3667 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3668 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3669 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3676 * wpa_supplicant_disable_network - Mark a configured network as disabled
3677 * @wpa_s: wpa_supplicant structure for a network interface
3678 * @ssid: wpa_ssid structure for a configured network or %NULL
3680 * Disables the specified network or all networks if no network specified.
3682 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3683 struct wpa_ssid
*ssid
)
3685 struct wpa_ssid
*other_ssid
;
3689 if (wpa_s
->sched_scanning
)
3690 wpa_supplicant_cancel_sched_scan(wpa_s
);
3692 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3693 other_ssid
= other_ssid
->next
) {
3694 was_disabled
= other_ssid
->disabled
;
3695 if (was_disabled
== 2)
3696 continue; /* do not change persistent P2P group
3699 other_ssid
->disabled
= 1;
3701 if (was_disabled
!= other_ssid
->disabled
)
3702 wpas_notify_network_enabled_changed(
3705 if (wpa_s
->current_ssid
) {
3706 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3707 wpa_s
->own_disconnect_req
= 1;
3708 wpa_supplicant_deauthenticate(
3709 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3711 } else if (ssid
->disabled
!= 2) {
3712 if (ssid
== wpa_s
->current_ssid
) {
3713 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3714 wpa_s
->own_disconnect_req
= 1;
3715 wpa_supplicant_deauthenticate(
3716 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3719 was_disabled
= ssid
->disabled
;
3723 if (was_disabled
!= ssid
->disabled
) {
3724 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3725 if (wpa_s
->sched_scanning
) {
3726 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3727 "to remove network from filters");
3728 wpa_supplicant_cancel_sched_scan(wpa_s
);
3729 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3737 * wpa_supplicant_select_network - Attempt association with a network
3738 * @wpa_s: wpa_supplicant structure for a network interface
3739 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3741 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3742 struct wpa_ssid
*ssid
)
3745 struct wpa_ssid
*other_ssid
;
3746 int disconnected
= 0;
3748 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3749 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3750 wpa_s
->own_disconnect_req
= 1;
3751 wpa_supplicant_deauthenticate(
3752 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3757 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3760 * Mark all other networks disabled or mark all networks enabled if no
3761 * network specified.
3763 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3764 other_ssid
= other_ssid
->next
) {
3765 int was_disabled
= other_ssid
->disabled
;
3766 if (was_disabled
== 2)
3767 continue; /* do not change persistent P2P group data */
3769 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3770 if (was_disabled
&& !other_ssid
->disabled
)
3771 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3773 if (was_disabled
!= other_ssid
->disabled
)
3774 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3777 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3778 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3779 /* We are already associated with the selected network */
3780 wpa_printf(MSG_DEBUG
, "Already associated with the "
3781 "selected network - do nothing");
3786 wpa_s
->current_ssid
= ssid
;
3787 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3788 wpa_s
->connect_without_scan
=
3789 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3792 * Don't optimize next scan freqs since a new ESS has been
3795 os_free(wpa_s
->next_scan_freqs
);
3796 wpa_s
->next_scan_freqs
= NULL
;
3798 wpa_s
->connect_without_scan
= NULL
;
3801 wpa_s
->disconnected
= 0;
3802 wpa_s
->reassociate
= 1;
3803 wpa_s
->last_owe_group
= 0;
3805 ssid
->owe_transition_bss_select_count
= 0;
3807 if (wpa_s
->connect_without_scan
||
3808 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3809 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3810 wpas_scan_reset_sched_scan(wpa_s
);
3811 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3815 wpas_notify_network_selected(wpa_s
, ssid
);
3820 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3821 * @wpa_s: wpa_supplicant structure for a network interface
3822 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3823 * @pkcs11_module_path: PKCS #11 module path or NULL
3824 * Returns: 0 on success; -1 on failure
3826 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3827 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3828 * module path fails the paths will be reset to the default value (NULL).
3830 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3831 const char *pkcs11_engine_path
,
3832 const char *pkcs11_module_path
)
3834 char *pkcs11_engine_path_copy
= NULL
;
3835 char *pkcs11_module_path_copy
= NULL
;
3837 if (pkcs11_engine_path
!= NULL
) {
3838 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3839 if (pkcs11_engine_path_copy
== NULL
)
3842 if (pkcs11_module_path
!= NULL
) {
3843 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3844 if (pkcs11_module_path_copy
== NULL
) {
3845 os_free(pkcs11_engine_path_copy
);
3850 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3851 os_free(wpa_s
->conf
->pkcs11_module_path
);
3852 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3853 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3855 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3856 eapol_sm_deinit(wpa_s
->eapol
);
3857 wpa_s
->eapol
= NULL
;
3858 if (wpa_supplicant_init_eapol(wpa_s
)) {
3859 /* Error -> Reset paths to the default value (NULL) once. */
3860 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3861 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3866 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3873 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3874 * @wpa_s: wpa_supplicant structure for a network interface
3875 * @ap_scan: AP scan mode
3876 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3879 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3884 if (ap_scan
< 0 || ap_scan
> 2)
3887 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3888 wpa_printf(MSG_INFO
,
3889 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3893 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3894 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3895 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3896 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3897 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3900 #endif /* ANDROID */
3902 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3903 wpa_s
->conf
->ap_scan
= ap_scan
;
3905 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3906 wpas_notify_ap_scan_changed(wpa_s
);
3913 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3914 * @wpa_s: wpa_supplicant structure for a network interface
3915 * @expire_age: Expiration age in seconds
3916 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3919 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3920 unsigned int bss_expire_age
)
3922 if (bss_expire_age
< 10) {
3923 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3927 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3929 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3936 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3937 * @wpa_s: wpa_supplicant structure for a network interface
3938 * @expire_count: number of scans after which an unseen BSS is reclaimed
3939 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3942 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3943 unsigned int bss_expire_count
)
3945 if (bss_expire_count
< 1) {
3946 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3950 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3952 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3959 * wpa_supplicant_set_scan_interval - Set scan interval
3960 * @wpa_s: wpa_supplicant structure for a network interface
3961 * @scan_interval: scan interval in seconds
3962 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3965 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3968 if (scan_interval
< 0) {
3969 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3973 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3975 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3982 * wpa_supplicant_set_debug_params - Set global debug params
3983 * @global: wpa_global structure
3984 * @debug_level: debug level
3985 * @debug_timestamp: determines if show timestamp in debug data
3986 * @debug_show_keys: determines if show keys in debug data
3987 * Returns: 0 if succeed or -1 if debug_level has wrong value
3989 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3990 int debug_timestamp
, int debug_show_keys
)
3993 int old_level
, old_timestamp
, old_show_keys
;
3995 /* check for allowed debuglevels */
3996 if (debug_level
!= MSG_EXCESSIVE
&&
3997 debug_level
!= MSG_MSGDUMP
&&
3998 debug_level
!= MSG_DEBUG
&&
3999 debug_level
!= MSG_INFO
&&
4000 debug_level
!= MSG_WARNING
&&
4001 debug_level
!= MSG_ERROR
)
4004 old_level
= wpa_debug_level
;
4005 old_timestamp
= wpa_debug_timestamp
;
4006 old_show_keys
= wpa_debug_show_keys
;
4008 wpa_debug_level
= debug_level
;
4009 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
4010 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
4012 if (wpa_debug_level
!= old_level
)
4013 wpas_notify_debug_level_changed(global
);
4014 if (wpa_debug_timestamp
!= old_timestamp
)
4015 wpas_notify_debug_timestamp_changed(global
);
4016 if (wpa_debug_show_keys
!= old_show_keys
)
4017 wpas_notify_debug_show_keys_changed(global
);
4024 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
4025 const u8
*entry_ssid
, size_t entry_ssid_len
)
4027 const u8
*owe
, *pos
, *end
;
4029 struct wpa_bss
*bss
;
4031 /* Check network profile SSID aganst the SSID in the
4032 * OWE Transition Mode element. */
4034 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
4038 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
4043 end
= owe
+ 2 + owe
[1];
4045 if (end
- pos
< ETH_ALEN
+ 1)
4049 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
4052 return entry_ssid_len
== ssid_len
&&
4053 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
4055 #endif /* CONFIG_OWE */
4059 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4060 * @wpa_s: Pointer to wpa_supplicant data
4061 * Returns: A pointer to the current network structure or %NULL on failure
4063 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
4065 struct wpa_ssid
*entry
;
4066 u8 ssid
[SSID_MAX_LEN
];
4072 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
4074 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
4080 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
4081 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
4086 wired
= wpa_s
->conf
->ap_scan
== 0 &&
4087 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
4089 entry
= wpa_s
->conf
->ssid
;
4091 if (!wpas_network_disabled(wpa_s
, entry
) &&
4092 ((ssid_len
== entry
->ssid_len
&&
4094 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0)) ||
4096 (!entry
->bssid_set
||
4097 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4100 if (!wpas_network_disabled(wpa_s
, entry
) &&
4101 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4102 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
4103 (!entry
->bssid_set
||
4104 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4106 #endif /* CONFIG_WPS */
4109 if (!wpas_network_disabled(wpa_s
, entry
) &&
4110 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
4112 (!entry
->bssid_set
||
4113 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4115 #endif /* CONFIG_OWE */
4117 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
4118 entry
->ssid_len
== 0 &&
4119 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
4122 entry
= entry
->next
;
4129 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
4131 struct wpa_global
*global
= wpa_s
->global
;
4133 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
4134 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
4135 if (global
->drv_priv
[i
] == NULL
) {
4136 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
4137 "'%s'", wpa_drivers
[i
]->name
);
4142 wpa_s
->driver
= wpa_drivers
[i
];
4143 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
4149 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
4154 const char *pos
, *driver
= name
;
4159 if (wpa_drivers
[0] == NULL
) {
4160 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
4166 /* default to first driver in the list */
4167 return select_driver(wpa_s
, 0);
4171 pos
= os_strchr(driver
, ',');
4175 len
= os_strlen(driver
);
4177 for (i
= 0; wpa_drivers
[i
]; i
++) {
4178 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
4179 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
4181 /* First driver that succeeds wins */
4182 if (select_driver(wpa_s
, i
) == 0)
4190 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
4196 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4197 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4198 * with struct wpa_driver_ops::init()
4199 * @src_addr: Source address of the EAPOL frame
4200 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4201 * @len: Length of the EAPOL data
4203 * This function is called for each received EAPOL frame. Most driver
4204 * interfaces rely on more generic OS mechanism for receiving frames through
4205 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4206 * take care of received EAPOL frames and deliver them to the core supplicant
4207 * code by calling this function.
4209 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
4210 const u8
*buf
, size_t len
)
4212 struct wpa_supplicant
*wpa_s
= ctx
;
4214 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
4215 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
4217 #ifdef CONFIG_TESTING_OPTIONS
4218 if (wpa_s
->ignore_auth_resp
) {
4219 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
4222 #endif /* CONFIG_TESTING_OPTIONS */
4224 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
4225 (wpa_s
->last_eapol_matches_bssid
&&
4228 #endif /* CONFIG_AP */
4229 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
4231 * There is possible race condition between receiving the
4232 * association event and the EAPOL frame since they are coming
4233 * through different paths from the driver. In order to avoid
4234 * issues in trying to process the EAPOL frame before receiving
4235 * association information, lets queue it for processing until
4236 * the association event is received. This may also be needed in
4237 * driver-based roaming case, so also use src_addr != BSSID as a
4238 * trigger if we have previously confirmed that the
4239 * Authenticator uses BSSID as the src_addr (which is not the
4240 * case with wired IEEE 802.1X).
4242 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4243 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4244 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4245 MAC2STR(wpa_s
->bssid
));
4246 wpabuf_free(wpa_s
->pending_eapol_rx
);
4247 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4248 if (wpa_s
->pending_eapol_rx
) {
4249 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4250 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4256 wpa_s
->last_eapol_matches_bssid
=
4257 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4260 if (wpa_s
->ap_iface
) {
4261 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4264 #endif /* CONFIG_AP */
4266 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4267 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4268 "no key management is configured");
4272 if (wpa_s
->eapol_received
== 0 &&
4273 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
) ||
4274 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4275 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4276 (wpa_s
->current_ssid
== NULL
||
4277 wpa_s
->current_ssid
->mode
!= WPAS_MODE_IBSS
)) {
4278 /* Timeout for completing IEEE 802.1X and WPA authentication */
4281 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4282 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4283 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4284 /* Use longer timeout for IEEE 802.1X/EAP */
4289 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4290 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4291 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4293 * Use shorter timeout if going through WPS AP iteration
4294 * for PIN config method with an AP that does not
4295 * advertise Selected Registrar.
4297 struct wpabuf
*wps_ie
;
4299 wps_ie
= wpa_bss_get_vendor_ie_multi(
4300 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4302 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4304 wpabuf_free(wps_ie
);
4306 #endif /* CONFIG_WPS */
4308 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4310 wpa_s
->eapol_received
++;
4312 if (wpa_s
->countermeasures
) {
4313 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4318 #ifdef CONFIG_IBSS_RSN
4319 if (wpa_s
->current_ssid
&&
4320 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4321 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4324 #endif /* CONFIG_IBSS_RSN */
4326 /* Source address of the incoming EAPOL frame could be compared to the
4327 * current BSSID. However, it is possible that a centralized
4328 * Authenticator could be using another MAC address than the BSSID of
4329 * an AP, so just allow any address to be used for now. The replies are
4330 * still sent to the current BSSID (if available), though. */
4332 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4333 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4334 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4335 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4336 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4338 wpa_drv_poll(wpa_s
);
4339 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
))
4340 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4341 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4343 * Set portValid = TRUE here since we are going to skip 4-way
4344 * handshake processing which would normally set portValid. We
4345 * need this to allow the EAPOL state machines to be completed
4346 * without going through EAPOL-Key handshake.
4348 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4353 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4355 if ((!wpa_s
->p2p_mgmt
||
4356 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4357 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4358 l2_packet_deinit(wpa_s
->l2
);
4359 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4360 wpa_drv_get_mac_addr(wpa_s
),
4362 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4363 if (wpa_s
->l2
== NULL
)
4366 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4367 L2_PACKET_FILTER_PKTTYPE
))
4368 wpa_dbg(wpa_s
, MSG_DEBUG
,
4369 "Failed to attach pkt_type filter");
4371 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4373 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4376 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4377 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4381 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4382 wpas_wps_update_mac_addr(wpa_s
);
4388 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4389 const u8
*buf
, size_t len
)
4391 struct wpa_supplicant
*wpa_s
= ctx
;
4392 const struct l2_ethhdr
*eth
;
4394 if (len
< sizeof(*eth
))
4396 eth
= (const struct l2_ethhdr
*) buf
;
4398 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4399 !(eth
->h_dest
[0] & 0x01)) {
4400 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4401 " (bridge - not for this interface - ignore)",
4402 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4406 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4407 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4408 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4409 len
- sizeof(*eth
));
4414 * wpa_supplicant_driver_init - Initialize driver interface parameters
4415 * @wpa_s: Pointer to wpa_supplicant data
4416 * Returns: 0 on success, -1 on failure
4418 * This function is called to initialize driver interface parameters.
4419 * wpa_drv_init() must have been called before this function to initialize the
4422 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4424 static int interface_count
= 0;
4426 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4429 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4430 MAC2STR(wpa_s
->own_addr
));
4431 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4432 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4434 if (wpa_s
->bridge_ifname
[0]) {
4435 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4436 "interface '%s'", wpa_s
->bridge_ifname
);
4437 wpa_s
->l2_br
= l2_packet_init_bridge(
4438 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4439 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4440 if (wpa_s
->l2_br
== NULL
) {
4441 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4442 "connection for the bridge interface '%s'",
4443 wpa_s
->bridge_ifname
);
4448 if (wpa_s
->conf
->ap_scan
== 2 &&
4449 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4450 wpa_printf(MSG_INFO
,
4451 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4454 wpa_clear_keys(wpa_s
, NULL
);
4456 /* Make sure that TKIP countermeasures are not left enabled (could
4457 * happen if wpa_supplicant is killed during countermeasures. */
4458 wpa_drv_set_countermeasures(wpa_s
, 0);
4460 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4461 wpa_drv_flush_pmkid(wpa_s
);
4463 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4464 wpa_s
->prev_scan_wildcard
= 0;
4466 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4467 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4468 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4469 interface_count
= 0;
4472 if (!wpa_s
->p2p_mgmt
&&
4473 wpa_supplicant_delayed_sched_scan(wpa_s
,
4474 interface_count
% 3,
4476 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4478 #endif /* ANDROID */
4481 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4487 static int wpa_supplicant_daemon(const char *pid_file
)
4489 wpa_printf(MSG_DEBUG
, "Daemonize..");
4490 return os_daemonize(pid_file
);
4494 static struct wpa_supplicant
*
4495 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4497 struct wpa_supplicant
*wpa_s
;
4499 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4502 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4503 wpa_s
->scan_interval
= 5;
4504 wpa_s
->new_connection
= 1;
4505 wpa_s
->parent
= parent
? parent
: wpa_s
;
4506 wpa_s
->p2pdev
= wpa_s
->parent
;
4507 wpa_s
->sched_scanning
= 0;
4509 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4510 dl_list_init(&wpa_s
->fils_hlp_req
);
4516 #ifdef CONFIG_HT_OVERRIDES
4518 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4519 struct ieee80211_ht_capabilities
*htcaps
,
4520 struct ieee80211_ht_capabilities
*htcaps_mask
,
4523 /* parse ht_mcs into hex array */
4525 const char *tmp
= ht_mcs
;
4528 /* If ht_mcs is null, do not set anything */
4532 /* This is what we are setting in the kernel */
4533 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4535 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4537 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4541 v
= strtol(tmp
, &end
, 16);
4544 wpa_msg(wpa_s
, MSG_DEBUG
,
4545 "htcap value[%i]: %ld end: %p tmp: %p",
4550 htcaps
->supported_mcs_set
[i
] = v
;
4553 wpa_msg(wpa_s
, MSG_ERROR
,
4554 "Failed to parse ht-mcs: %s, error: %s\n",
4555 ht_mcs
, strerror(errno
));
4561 * If we were able to parse any values, then set mask for the MCS set.
4564 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4565 IEEE80211_HT_MCS_MASK_LEN
- 1);
4566 /* skip the 3 reserved bits */
4567 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4575 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4576 struct ieee80211_ht_capabilities
*htcaps
,
4577 struct ieee80211_ht_capabilities
*htcaps_mask
,
4585 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4587 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4588 htcaps_mask
->ht_capabilities_info
|= msk
;
4590 htcaps
->ht_capabilities_info
&= msk
;
4592 htcaps
->ht_capabilities_info
|= msk
;
4598 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4599 struct ieee80211_ht_capabilities
*htcaps
,
4600 struct ieee80211_ht_capabilities
*htcaps_mask
,
4606 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4608 if (factor
< 0 || factor
> 3) {
4609 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4610 "Must be 0-3 or -1", factor
);
4614 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4615 htcaps
->a_mpdu_params
&= ~0x3;
4616 htcaps
->a_mpdu_params
|= factor
& 0x3;
4622 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4623 struct ieee80211_ht_capabilities
*htcaps
,
4624 struct ieee80211_ht_capabilities
*htcaps_mask
,
4630 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4632 if (density
< 0 || density
> 7) {
4633 wpa_msg(wpa_s
, MSG_ERROR
,
4634 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4639 htcaps_mask
->a_mpdu_params
|= 0x1C;
4640 htcaps
->a_mpdu_params
&= ~(0x1C);
4641 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4647 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4648 struct ieee80211_ht_capabilities
*htcaps
,
4649 struct ieee80211_ht_capabilities
*htcaps_mask
,
4653 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4655 set_disable_ht40(htcaps
, disabled
);
4656 set_disable_ht40(htcaps_mask
, 0);
4662 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4663 struct ieee80211_ht_capabilities
*htcaps
,
4664 struct ieee80211_ht_capabilities
*htcaps_mask
,
4667 /* Masking these out disables SGI */
4668 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4669 HT_CAP_INFO_SHORT_GI40MHZ
);
4672 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4675 htcaps
->ht_capabilities_info
&= ~msk
;
4677 htcaps
->ht_capabilities_info
|= msk
;
4679 htcaps_mask
->ht_capabilities_info
|= msk
;
4685 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4686 struct ieee80211_ht_capabilities
*htcaps
,
4687 struct ieee80211_ht_capabilities
*htcaps_mask
,
4690 /* Masking these out disables LDPC */
4691 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4694 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4697 htcaps
->ht_capabilities_info
&= ~msk
;
4699 htcaps
->ht_capabilities_info
|= msk
;
4701 htcaps_mask
->ht_capabilities_info
|= msk
;
4707 static int wpa_set_tx_stbc(struct wpa_supplicant
*wpa_s
,
4708 struct ieee80211_ht_capabilities
*htcaps
,
4709 struct ieee80211_ht_capabilities
*htcaps_mask
,
4712 le16 msk
= host_to_le16(HT_CAP_INFO_TX_STBC
);
4717 wpa_msg(wpa_s
, MSG_DEBUG
, "set_tx_stbc: %d", tx_stbc
);
4719 if (tx_stbc
< 0 || tx_stbc
> 1) {
4720 wpa_msg(wpa_s
, MSG_ERROR
,
4721 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc
);
4725 htcaps_mask
->ht_capabilities_info
|= msk
;
4726 htcaps
->ht_capabilities_info
&= ~msk
;
4727 htcaps
->ht_capabilities_info
|= (tx_stbc
<< 7) & msk
;
4733 static int wpa_set_rx_stbc(struct wpa_supplicant
*wpa_s
,
4734 struct ieee80211_ht_capabilities
*htcaps
,
4735 struct ieee80211_ht_capabilities
*htcaps_mask
,
4738 le16 msk
= host_to_le16(HT_CAP_INFO_RX_STBC_MASK
);
4743 wpa_msg(wpa_s
, MSG_DEBUG
, "set_rx_stbc: %d", rx_stbc
);
4745 if (rx_stbc
< 0 || rx_stbc
> 3) {
4746 wpa_msg(wpa_s
, MSG_ERROR
,
4747 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc
);
4751 htcaps_mask
->ht_capabilities_info
|= msk
;
4752 htcaps
->ht_capabilities_info
&= ~msk
;
4753 htcaps
->ht_capabilities_info
|= (rx_stbc
<< 8) & msk
;
4759 void wpa_supplicant_apply_ht_overrides(
4760 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4761 struct wpa_driver_associate_params
*params
)
4763 struct ieee80211_ht_capabilities
*htcaps
;
4764 struct ieee80211_ht_capabilities
*htcaps_mask
;
4769 params
->disable_ht
= ssid
->disable_ht
;
4770 if (!params
->htcaps
|| !params
->htcaps_mask
)
4773 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4774 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4775 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4776 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4777 ssid
->disable_max_amsdu
);
4778 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4779 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4780 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4781 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4782 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4783 wpa_set_rx_stbc(wpa_s
, htcaps
, htcaps_mask
, ssid
->rx_stbc
);
4784 wpa_set_tx_stbc(wpa_s
, htcaps
, htcaps_mask
, ssid
->tx_stbc
);
4786 if (ssid
->ht40_intolerant
) {
4787 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4788 htcaps
->ht_capabilities_info
|= bit
;
4789 htcaps_mask
->ht_capabilities_info
|= bit
;
4793 #endif /* CONFIG_HT_OVERRIDES */
4796 #ifdef CONFIG_VHT_OVERRIDES
4797 void wpa_supplicant_apply_vht_overrides(
4798 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4799 struct wpa_driver_associate_params
*params
)
4801 struct ieee80211_vht_capabilities
*vhtcaps
;
4802 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4807 params
->disable_vht
= ssid
->disable_vht
;
4809 vhtcaps
= (void *) params
->vhtcaps
;
4810 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4812 if (!vhtcaps
|| !vhtcaps_mask
)
4815 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4816 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4818 #ifdef CONFIG_HT_OVERRIDES
4819 if (ssid
->disable_sgi
) {
4820 vhtcaps_mask
->vht_capabilities_info
|= (VHT_CAP_SHORT_GI_80
|
4821 VHT_CAP_SHORT_GI_160
);
4822 vhtcaps
->vht_capabilities_info
&= ~(VHT_CAP_SHORT_GI_80
|
4823 VHT_CAP_SHORT_GI_160
);
4824 wpa_msg(wpa_s
, MSG_DEBUG
,
4825 "disable-sgi override specified, vht-caps: 0x%x",
4826 vhtcaps
->vht_capabilities_info
);
4829 /* if max ampdu is <= 3, we have to make the HT cap the same */
4830 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4833 max_ampdu
= (ssid
->vht_capa
&
4834 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4835 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4837 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4838 wpa_set_ampdu_factor(wpa_s
,
4839 (void *) params
->htcaps
,
4840 (void *) params
->htcaps_mask
,
4843 #endif /* CONFIG_HT_OVERRIDES */
4845 #define OVERRIDE_MCS(i) \
4846 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4847 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4848 host_to_le16(3 << 2 * (i - 1)); \
4849 vhtcaps->vht_supported_mcs_set.tx_map |= \
4850 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4853 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4854 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4855 host_to_le16(3 << 2 * (i - 1)); \
4856 vhtcaps->vht_supported_mcs_set.rx_map |= \
4857 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4870 #endif /* CONFIG_VHT_OVERRIDES */
4873 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4878 if (!wpa_s
->conf
->pcsc_reader
)
4881 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4885 if (wpa_s
->conf
->pcsc_pin
&&
4886 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4887 scard_deinit(wpa_s
->scard
);
4888 wpa_s
->scard
= NULL
;
4889 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4893 len
= sizeof(wpa_s
->imsi
) - 1;
4894 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4895 scard_deinit(wpa_s
->scard
);
4896 wpa_s
->scard
= NULL
;
4897 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4900 wpa_s
->imsi
[len
] = '\0';
4902 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4904 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4905 wpa_s
->imsi
, wpa_s
->mnc_len
);
4907 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4908 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4909 #endif /* PCSC_FUNCS */
4915 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4919 ext_password_deinit(wpa_s
->ext_pw
);
4920 wpa_s
->ext_pw
= NULL
;
4921 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4923 if (!wpa_s
->conf
->ext_password_backend
)
4926 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4929 pos
= os_strchr(val
, ':');
4933 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4935 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4937 if (wpa_s
->ext_pw
== NULL
) {
4938 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4941 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4949 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4951 struct wpa_supplicant
*wpa_s
= ctx
;
4953 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4954 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4958 static void wpas_fst_get_channel_info_cb(void *ctx
,
4959 enum hostapd_hw_mode
*hw_mode
,
4962 struct wpa_supplicant
*wpa_s
= ctx
;
4964 if (wpa_s
->current_bss
) {
4965 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4967 } else if (wpa_s
->hw
.num_modes
) {
4968 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4976 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4978 struct wpa_supplicant
*wpa_s
= ctx
;
4980 *modes
= wpa_s
->hw
.modes
;
4981 return wpa_s
->hw
.num_modes
;
4985 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4987 struct wpa_supplicant
*wpa_s
= ctx
;
4989 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4990 wpa_s
->fst_ies
= fst_ies
;
4994 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4996 struct wpa_supplicant
*wpa_s
= ctx
;
4998 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
4999 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
5000 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
5003 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
5004 wpa_s
->own_addr
, wpa_s
->bssid
,
5005 wpabuf_head(data
), wpabuf_len(data
),
5010 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
5012 struct wpa_supplicant
*wpa_s
= ctx
;
5014 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
5015 return wpa_s
->received_mb_ies
;
5019 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
5020 const u8
*buf
, size_t size
)
5022 struct wpa_supplicant
*wpa_s
= ctx
;
5023 struct mb_ies_info info
;
5025 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
5027 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
5028 wpabuf_free(wpa_s
->received_mb_ies
);
5029 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
5034 static const u8
* wpas_fst_get_peer_first(void *ctx
,
5035 struct fst_get_peer_ctx
**get_ctx
,
5038 struct wpa_supplicant
*wpa_s
= ctx
;
5041 if (!is_zero_ether_addr(wpa_s
->bssid
))
5042 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
5043 wpa_s
->bssid
: NULL
;
5048 static const u8
* wpas_fst_get_peer_next(void *ctx
,
5049 struct fst_get_peer_ctx
**get_ctx
,
5055 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
5056 struct fst_wpa_obj
*iface_obj
)
5058 iface_obj
->ctx
= wpa_s
;
5059 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
5060 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
5061 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
5062 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
5063 iface_obj
->send_action
= wpas_fst_send_action_cb
;
5064 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
5065 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
5066 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
5067 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
5069 #endif /* CONFIG_FST */
5071 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
5072 const struct wpa_driver_capa
*capa
)
5074 struct wowlan_triggers
*triggers
;
5077 if (!wpa_s
->conf
->wowlan_triggers
)
5080 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
5082 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
5089 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
5092 return BAND_2_4_GHZ
;
5099 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
5102 unsigned int band
= 0;
5105 /* freqs are specified for the radio work */
5106 for (i
= 0; freqs
[i
]; i
++)
5107 band
|= wpas_freq_to_band(freqs
[i
]);
5110 * freqs are not specified, implies all
5111 * the supported freqs by HW
5113 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5114 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
5115 if (wpa_s
->hw
.modes
[i
].mode
==
5116 HOSTAPD_MODE_IEEE80211B
||
5117 wpa_s
->hw
.modes
[i
].mode
==
5118 HOSTAPD_MODE_IEEE80211G
)
5119 band
|= BAND_2_4_GHZ
;
5120 else if (wpa_s
->hw
.modes
[i
].mode
==
5121 HOSTAPD_MODE_IEEE80211A
)
5123 else if (wpa_s
->hw
.modes
[i
].mode
==
5124 HOSTAPD_MODE_IEEE80211AD
)
5125 band
|= BAND_60_GHZ
;
5126 else if (wpa_s
->hw
.modes
[i
].mode
==
5127 HOSTAPD_MODE_IEEE80211ANY
)
5128 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
5138 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
5141 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
5142 struct wpa_radio
*radio
;
5144 while (rn
&& iface
) {
5145 radio
= iface
->radio
;
5146 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
5147 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
5149 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
5153 iface
= iface
->next
;
5156 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
5157 wpa_s
->ifname
, rn
? rn
: "N/A");
5158 radio
= os_zalloc(sizeof(*radio
));
5163 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
5164 dl_list_init(&radio
->ifaces
);
5165 dl_list_init(&radio
->work
);
5166 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
5172 static void radio_work_free(struct wpa_radio_work
*work
)
5174 if (work
->wpa_s
->scan_work
== work
) {
5175 /* This should not really happen. */
5176 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5177 work
->type
, work
, work
->started
);
5178 work
->wpa_s
->scan_work
= NULL
;
5182 if (work
->wpa_s
->p2p_scan_work
== work
) {
5183 /* This should not really happen. */
5184 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5185 work
->type
, work
, work
->started
);
5186 work
->wpa_s
->p2p_scan_work
= NULL
;
5188 #endif /* CONFIG_P2P */
5190 if (work
->started
) {
5191 work
->wpa_s
->radio
->num_active_works
--;
5192 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
5193 "radio_work_free('%s'@%p): num_active_works --> %u",
5195 work
->wpa_s
->radio
->num_active_works
);
5198 dl_list_del(&work
->list
);
5203 static int radio_work_is_connect(struct wpa_radio_work
*work
)
5205 return os_strcmp(work
->type
, "sme-connect") == 0 ||
5206 os_strcmp(work
->type
, "connect") == 0;
5210 static int radio_work_is_scan(struct wpa_radio_work
*work
)
5212 return os_strcmp(work
->type
, "scan") == 0 ||
5213 os_strcmp(work
->type
, "p2p-scan") == 0;
5217 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
5219 struct wpa_radio_work
*active_work
= NULL
;
5220 struct wpa_radio_work
*tmp
;
5222 /* Get the active work to know the type and band. */
5223 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5231 /* No active work, start one */
5232 radio
->num_active_works
= 0;
5233 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
5235 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5236 radio
->external_scan_running
&&
5237 (((struct wpa_driver_scan_params
*)
5238 tmp
->ctx
)->only_new_results
||
5239 tmp
->wpa_s
->clear_driver_scan_cache
))
5246 if (radio_work_is_connect(active_work
)) {
5248 * If the active work is either connect or sme-connect,
5249 * do not parallelize them with other radio works.
5251 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5252 "Do not parallelize radio work with %s",
5257 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5262 * If connect or sme-connect are enqueued, parallelize only
5263 * those operations ahead of them in the queue.
5265 if (radio_work_is_connect(tmp
))
5268 /* Serialize parallel scan and p2p_scan operations on the same
5269 * interface since the driver_nl80211 mechanism for tracking
5270 * scan cookies does not yet have support for this. */
5271 if (active_work
->wpa_s
== tmp
->wpa_s
&&
5272 radio_work_is_scan(active_work
) &&
5273 radio_work_is_scan(tmp
)) {
5274 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5275 "Do not start work '%s' when another work '%s' is already scheduled",
5276 tmp
->type
, active_work
->type
);
5280 * Check that the radio works are distinct and
5281 * on different bands.
5283 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
5284 (active_work
->bands
!= tmp
->bands
)) {
5286 * If a scan has to be scheduled through nl80211 scan
5287 * interface and if an external scan is already running,
5288 * do not schedule the scan since it is likely to get
5289 * rejected by kernel.
5291 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5292 radio
->external_scan_running
&&
5293 (((struct wpa_driver_scan_params
*)
5294 tmp
->ctx
)->only_new_results
||
5295 tmp
->wpa_s
->clear_driver_scan_cache
))
5298 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5299 "active_work:%s new_work:%s",
5300 active_work
->type
, tmp
->type
);
5305 /* Did not find a radio work to schedule in parallel. */
5310 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5312 struct wpa_radio
*radio
= eloop_ctx
;
5313 struct wpa_radio_work
*work
;
5314 struct os_reltime now
, diff
;
5315 struct wpa_supplicant
*wpa_s
;
5317 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5319 radio
->num_active_works
= 0;
5323 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5327 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5329 return; /* already started and still in progress */
5331 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5332 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5337 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5338 /* get the work to schedule next */
5339 work
= radio_work_get_next_work(radio
);
5345 wpa_s
= work
->wpa_s
;
5346 os_get_reltime(&now
);
5347 os_reltime_sub(&now
, &work
->time
, &diff
);
5348 wpa_dbg(wpa_s
, MSG_DEBUG
,
5349 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5350 work
->type
, work
, diff
.sec
, diff
.usec
);
5353 radio
->num_active_works
++;
5357 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5358 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5359 radio_work_check_next(wpa_s
);
5364 * This function removes both started and pending radio works running on
5365 * the provided interface's radio.
5366 * Prior to the removal of the radio work, its callback (cb) is called with
5367 * deinit set to be 1. Each work's callback is responsible for clearing its
5368 * internal data and restoring to a correct state.
5369 * @wpa_s: wpa_supplicant data
5370 * @type: type of works to be removed
5371 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5372 * this interface's works.
5374 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5375 const char *type
, int remove_all
)
5377 struct wpa_radio_work
*work
, *tmp
;
5378 struct wpa_radio
*radio
= wpa_s
->radio
;
5380 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5382 if (type
&& os_strcmp(type
, work
->type
) != 0)
5385 /* skip other ifaces' works */
5386 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5389 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5390 work
->type
, work
, work
->started
? " (started)" : "");
5392 radio_work_free(work
);
5395 /* in case we removed the started work */
5396 radio_work_check_next(wpa_s
);
5400 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5402 struct wpa_radio_work
*work
;
5403 struct wpa_radio
*radio
= wpa_s
->radio
;
5405 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5406 if (work
->ctx
!= ctx
)
5408 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5409 work
->type
, work
, work
->started
? " (started)" : "");
5410 radio_work_free(work
);
5416 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5418 struct wpa_radio
*radio
= wpa_s
->radio
;
5423 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5424 wpa_s
->ifname
, radio
->name
);
5425 dl_list_del(&wpa_s
->radio_list
);
5426 radio_remove_works(wpa_s
, NULL
, 0);
5427 wpa_s
->radio
= NULL
;
5428 if (!dl_list_empty(&radio
->ifaces
))
5429 return; /* Interfaces remain for this radio */
5431 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5432 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5437 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5439 struct wpa_radio
*radio
= wpa_s
->radio
;
5441 if (dl_list_empty(&radio
->work
))
5443 if (wpa_s
->ext_work_in_progress
) {
5444 wpa_printf(MSG_DEBUG
,
5445 "External radio work in progress - delay start of pending item");
5448 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5449 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5454 * radio_add_work - Add a radio work item
5455 * @wpa_s: Pointer to wpa_supplicant data
5456 * @freq: Frequency of the offchannel operation in MHz or 0
5457 * @type: Unique identifier for each type of work
5458 * @next: Force as the next work to be executed
5459 * @cb: Callback function for indicating when radio is available
5460 * @ctx: Context pointer for the work (work->ctx in cb())
5461 * Returns: 0 on success, -1 on failure
5463 * This function is used to request time for an operation that requires
5464 * exclusive radio control. Once the radio is available, the registered callback
5465 * function will be called. radio_work_done() must be called once the exclusive
5466 * radio operation has been completed, so that the radio is freed for other
5467 * operations. The special case of deinit=1 is used to free the context data
5468 * during interface removal. That does not allow the callback function to start
5469 * the radio operation, i.e., it must free any resources allocated for the radio
5472 * The @freq parameter can be used to indicate a single channel on which the
5473 * offchannel operation will occur. This may allow multiple radio work
5474 * operations to be performed in parallel if they apply for the same channel.
5475 * Setting this to 0 indicates that the work item may use multiple channels or
5476 * requires exclusive control of the radio.
5478 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5479 const char *type
, int next
,
5480 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5483 struct wpa_radio
*radio
= wpa_s
->radio
;
5484 struct wpa_radio_work
*work
;
5487 work
= os_zalloc(sizeof(*work
));
5490 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5491 os_get_reltime(&work
->time
);
5494 work
->wpa_s
= wpa_s
;
5499 work
->bands
= wpas_freq_to_band(freq
);
5500 else if (os_strcmp(type
, "scan") == 0 ||
5501 os_strcmp(type
, "p2p-scan") == 0)
5502 work
->bands
= wpas_get_bands(wpa_s
,
5503 ((struct wpa_driver_scan_params
*)
5506 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5508 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5510 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5512 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5514 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5515 radio_work_check_next(wpa_s
);
5516 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5517 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5518 wpa_dbg(wpa_s
, MSG_DEBUG
,
5519 "Try to schedule a radio work (num_active_works=%u)",
5520 radio
->num_active_works
);
5521 radio_work_check_next(wpa_s
);
5529 * radio_work_done - Indicate that a radio work item has been completed
5530 * @work: Completed work
5532 * This function is called once the callback function registered with
5533 * radio_add_work() has completed its work.
5535 void radio_work_done(struct wpa_radio_work
*work
)
5537 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5538 struct os_reltime now
, diff
;
5539 unsigned int started
= work
->started
;
5541 os_get_reltime(&now
);
5542 os_reltime_sub(&now
, &work
->time
, &diff
);
5543 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5544 work
->type
, work
, started
? "done" : "canceled",
5545 diff
.sec
, diff
.usec
);
5546 radio_work_free(work
);
5548 radio_work_check_next(wpa_s
);
5552 struct wpa_radio_work
*
5553 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5555 struct wpa_radio_work
*work
;
5556 struct wpa_radio
*radio
= wpa_s
->radio
;
5558 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5559 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5567 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5568 const struct wpa_interface
*iface
)
5570 const char *ifname
, *driver
, *rn
;
5572 driver
= iface
->driver
;
5574 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5577 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5578 if (wpa_s
->drv_priv
== NULL
) {
5580 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5582 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5583 "driver interface - try next driver wrapper");
5587 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5591 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5592 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5593 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5597 ifname
= wpa_drv_get_ifname(wpa_s
);
5598 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5599 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5600 "interface name with '%s'", ifname
);
5601 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5604 rn
= wpa_driver_get_radio_name(wpa_s
);
5605 if (rn
&& rn
[0] == '\0')
5608 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5609 if (wpa_s
->radio
== NULL
)
5616 #ifdef CONFIG_GAS_SERVER
5618 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5619 unsigned int freq
, const u8
*dst
,
5620 const u8
*src
, const u8
*bssid
,
5621 const u8
*data
, size_t data_len
,
5622 enum offchannel_send_action_result result
)
5624 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5627 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5628 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5630 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5631 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5635 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5636 struct wpabuf
*buf
, unsigned int wait_time
)
5638 struct wpa_supplicant
*wpa_s
= ctx
;
5639 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5641 if (wait_time
> wpa_s
->max_remain_on_chan
)
5642 wait_time
= wpa_s
->max_remain_on_chan
;
5644 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5645 wpabuf_head(buf
), wpabuf_len(buf
),
5646 wait_time
, wpas_gas_server_tx_status
, 0);
5649 #endif /* CONFIG_GAS_SERVER */
5651 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5652 const struct wpa_interface
*iface
)
5654 struct wpa_driver_capa capa
;
5658 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5659 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5660 iface
->confname
? iface
->confname
: "N/A",
5661 iface
->driver
? iface
->driver
: "default",
5662 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5663 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5665 if (iface
->confname
) {
5666 #ifdef CONFIG_BACKEND_FILE
5667 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5668 if (wpa_s
->confname
== NULL
) {
5669 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5670 "for configuration file '%s'.",
5674 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5675 iface
->confname
, wpa_s
->confname
);
5676 #else /* CONFIG_BACKEND_FILE */
5677 wpa_s
->confname
= os_strdup(iface
->confname
);
5678 #endif /* CONFIG_BACKEND_FILE */
5679 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5680 if (wpa_s
->conf
== NULL
) {
5681 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5682 "configuration '%s'.", wpa_s
->confname
);
5685 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5686 if (wpa_s
->confanother
&&
5687 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5688 wpa_printf(MSG_ERROR
,
5689 "Failed to read or parse configuration '%s'.",
5690 wpa_s
->confanother
);
5695 * Override ctrl_interface and driver_param if set on command
5698 if (iface
->ctrl_interface
) {
5699 os_free(wpa_s
->conf
->ctrl_interface
);
5700 wpa_s
->conf
->ctrl_interface
=
5701 os_strdup(iface
->ctrl_interface
);
5704 if (iface
->driver_param
) {
5705 os_free(wpa_s
->conf
->driver_param
);
5706 wpa_s
->conf
->driver_param
=
5707 os_strdup(iface
->driver_param
);
5710 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5711 os_free(wpa_s
->conf
->ctrl_interface
);
5712 wpa_s
->conf
->ctrl_interface
= NULL
;
5715 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5716 iface
->driver_param
);
5718 if (wpa_s
->conf
== NULL
) {
5719 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5723 if (iface
->ifname
== NULL
) {
5724 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5727 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5728 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5732 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5734 if (iface
->bridge_ifname
) {
5735 if (os_strlen(iface
->bridge_ifname
) >=
5736 sizeof(wpa_s
->bridge_ifname
)) {
5737 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5738 "name '%s'.", iface
->bridge_ifname
);
5741 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5742 sizeof(wpa_s
->bridge_ifname
));
5745 /* RSNA Supplicant Key Management - INITIALIZE */
5746 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5747 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5749 /* Initialize driver interface and register driver event handler before
5750 * L2 receive handler so that association events are processed before
5751 * EAPOL-Key packets if both become available for the same select()
5753 if (wpas_init_driver(wpa_s
, iface
) < 0)
5756 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5759 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5760 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5762 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5764 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5765 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5766 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5767 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5768 "dot11RSNAConfigPMKLifetime");
5772 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5773 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5774 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5775 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5776 "dot11RSNAConfigPMKReauthThreshold");
5780 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5781 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5782 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5783 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5784 "dot11RSNAConfigSATimeout");
5788 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5789 &wpa_s
->hw
.num_modes
,
5792 if (wpa_s
->hw
.modes
) {
5795 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5796 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5797 wpa_s
->hw_capab
= CAPAB_VHT
;
5801 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5802 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5803 wpa_s
->hw_capab
= CAPAB_HT40
;
5804 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5805 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5806 wpa_s
->hw_capab
= CAPAB_HT
;
5810 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5811 if (capa_res
== 0) {
5812 wpa_s
->drv_capa_known
= 1;
5813 wpa_s
->drv_flags
= capa
.flags
;
5814 wpa_s
->drv_enc
= capa
.enc
;
5815 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5816 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5817 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5818 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5819 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5820 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5821 wpa_s
->max_sched_scan_plan_interval
=
5822 capa
.max_sched_scan_plan_interval
;
5823 wpa_s
->max_sched_scan_plan_iterations
=
5824 capa
.max_sched_scan_plan_iterations
;
5825 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5826 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5827 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5828 wpa_s
->max_stations
= capa
.max_stations
;
5829 wpa_s
->extended_capa
= capa
.extended_capa
;
5830 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5831 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5832 wpa_s
->num_multichan_concurrent
=
5833 capa
.num_multichan_concurrent
;
5834 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5836 if (capa
.mac_addr_rand_scan_supported
)
5837 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5838 if (wpa_s
->sched_scan_supported
&&
5839 capa
.mac_addr_rand_sched_scan_supported
)
5840 wpa_s
->mac_addr_rand_supported
|=
5841 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5843 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
5844 if (wpa_s
->extended_capa
&&
5845 wpa_s
->extended_capa_len
>= 3 &&
5846 wpa_s
->extended_capa
[2] & 0x40)
5847 wpa_s
->multi_bss_support
= 1;
5849 if (wpa_s
->max_remain_on_chan
== 0)
5850 wpa_s
->max_remain_on_chan
= 1000;
5853 * Only take p2p_mgmt parameters when P2P Device is supported.
5854 * Doing it here as it determines whether l2_packet_init() will be done
5855 * during wpa_supplicant_driver_init().
5857 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5858 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5860 if (wpa_s
->num_multichan_concurrent
== 0)
5861 wpa_s
->num_multichan_concurrent
= 1;
5863 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5867 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5869 #endif /* CONFIG_TDLS */
5871 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5872 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5873 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5878 if (wpa_s
->conf
->fst_group_id
) {
5879 struct fst_iface_cfg cfg
;
5880 struct fst_wpa_obj iface_obj
;
5882 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5883 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5884 sizeof(cfg
.group_id
));
5885 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5886 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5888 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5891 wpa_msg(wpa_s
, MSG_ERROR
,
5892 "FST: Cannot attach iface %s to group %s",
5893 wpa_s
->ifname
, cfg
.group_id
);
5897 #endif /* CONFIG_FST */
5899 if (wpas_wps_init(wpa_s
))
5902 #ifdef CONFIG_GAS_SERVER
5903 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5904 if (!wpa_s
->gas_server
) {
5905 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5908 #endif /* CONFIG_GAS_SERVER */
5911 if (wpas_dpp_init(wpa_s
) < 0)
5913 #endif /* CONFIG_DPP */
5915 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5917 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5919 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5920 if (wpa_s
->ctrl_iface
== NULL
) {
5921 wpa_printf(MSG_ERROR
,
5922 "Failed to initialize control interface '%s'.\n"
5923 "You may have another wpa_supplicant process "
5924 "already running or the file was\n"
5925 "left by an unclean termination of wpa_supplicant "
5926 "in which case you will need\n"
5927 "to manually remove this file before starting "
5928 "wpa_supplicant again.\n",
5929 wpa_s
->conf
->ctrl_interface
);
5933 wpa_s
->gas
= gas_query_init(wpa_s
);
5934 if (wpa_s
->gas
== NULL
) {
5935 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5939 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5941 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5942 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5946 if (wpa_bss_init(wpa_s
) < 0)
5949 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5951 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5952 #endif /* CONFIG_MESH */
5953 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5956 * Set Wake-on-WLAN triggers, if configured.
5957 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5958 * have effect anyway when the interface is down).
5960 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5963 #ifdef CONFIG_EAP_PROXY
5966 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5968 if (wpa_s
->mnc_len
> 0) {
5969 wpa_s
->imsi
[len
] = '\0';
5970 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5971 wpa_s
->imsi
, wpa_s
->mnc_len
);
5973 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5976 #endif /* CONFIG_EAP_PROXY */
5978 if (pcsc_reader_init(wpa_s
) < 0)
5981 if (wpas_init_ext_pw(wpa_s
) < 0)
5984 wpas_rrm_reset(wpa_s
);
5986 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5990 #endif /* CONFIG_HS20 */
5992 if (!wpa_s
->disable_mbo_oce
&& wpa_s
->conf
->oce
) {
5993 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5994 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5995 wpa_s
->enable_oce
= OCE_STA
;
5996 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5997 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5998 /* TODO: Need to add STA-CFON support */
5999 wpa_printf(MSG_ERROR
,
6000 "OCE STA-CFON feature is not yet supported");
6003 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
6004 #endif /* CONFIG_MBO */
6006 wpa_supplicant_set_default_scan_ies(wpa_s
);
6012 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
6013 int notify
, int terminate
)
6015 struct wpa_global
*global
= wpa_s
->global
;
6016 struct wpa_supplicant
*iface
, *prev
;
6018 if (wpa_s
== wpa_s
->parent
)
6019 wpas_p2p_group_remove(wpa_s
, "*");
6021 iface
= global
->ifaces
;
6023 if (iface
->p2pdev
== wpa_s
)
6024 iface
->p2pdev
= iface
->parent
;
6025 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
6026 iface
= iface
->next
;
6029 wpa_printf(MSG_DEBUG
,
6030 "Remove remaining child interface %s from parent %s",
6031 iface
->ifname
, wpa_s
->ifname
);
6033 iface
= iface
->next
;
6034 wpa_supplicant_remove_iface(global
, prev
, terminate
);
6037 wpa_s
->disconnected
= 1;
6038 if (wpa_s
->drv_priv
) {
6039 wpa_supplicant_deauthenticate(wpa_s
,
6040 WLAN_REASON_DEAUTH_LEAVING
);
6042 wpa_drv_set_countermeasures(wpa_s
, 0);
6043 wpa_clear_keys(wpa_s
, NULL
);
6046 wpa_supplicant_cleanup(wpa_s
);
6047 wpas_p2p_deinit_iface(wpa_s
);
6049 wpas_ctrl_radio_work_flush(wpa_s
);
6050 radio_remove_interface(wpa_s
);
6054 fst_detach(wpa_s
->fst
);
6057 if (wpa_s
->received_mb_ies
) {
6058 wpabuf_free(wpa_s
->received_mb_ies
);
6059 wpa_s
->received_mb_ies
= NULL
;
6061 #endif /* CONFIG_FST */
6063 if (wpa_s
->drv_priv
)
6064 wpa_drv_deinit(wpa_s
);
6067 wpas_notify_iface_removed(wpa_s
);
6070 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
6072 if (wpa_s
->ctrl_iface
) {
6073 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
6074 wpa_s
->ctrl_iface
= NULL
;
6079 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
6080 wpa_s
->ifmsh
= NULL
;
6082 #endif /* CONFIG_MESH */
6084 if (wpa_s
->conf
!= NULL
) {
6085 wpa_config_free(wpa_s
->conf
);
6089 os_free(wpa_s
->ssids_from_scan_req
);
6090 os_free(wpa_s
->last_scan_freqs
);
6096 #ifdef CONFIG_MATCH_IFACE
6099 * wpa_supplicant_match_iface - Match an interface description to a name
6100 * @global: Pointer to global data from wpa_supplicant_init()
6101 * @ifname: Name of the interface to match
6102 * Returns: Pointer to the created interface description or %NULL on failure
6104 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
6108 struct wpa_interface
*iface
, *miface
;
6110 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
6111 miface
= &global
->params
.match_ifaces
[i
];
6112 if (!miface
->ifname
||
6113 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
6114 iface
= os_zalloc(sizeof(*iface
));
6118 iface
->ifname
= ifname
;
6128 * wpa_supplicant_match_existing - Match existing interfaces
6129 * @global: Pointer to global data from wpa_supplicant_init()
6130 * Returns: 0 on success, -1 on failure
6132 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
6134 struct if_nameindex
*ifi
, *ifp
;
6135 struct wpa_supplicant
*wpa_s
;
6136 struct wpa_interface
*iface
;
6138 ifp
= if_nameindex();
6140 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
6144 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
6145 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
6148 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
6150 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
6157 if_freenameindex(ifp
);
6161 #endif /* CONFIG_MATCH_IFACE */
6165 * wpa_supplicant_add_iface - Add a new network interface
6166 * @global: Pointer to global data from wpa_supplicant_init()
6167 * @iface: Interface configuration options
6168 * @parent: Parent interface or %NULL to assign new interface as parent
6169 * Returns: Pointer to the created interface or %NULL on failure
6171 * This function is used to add new network interfaces for %wpa_supplicant.
6172 * This can be called before wpa_supplicant_run() to add interfaces before the
6173 * main event loop has been started. In addition, new interfaces can be added
6174 * dynamically while %wpa_supplicant is already running. This could happen,
6175 * e.g., when a hotplug network adapter is inserted.
6177 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
6178 struct wpa_interface
*iface
,
6179 struct wpa_supplicant
*parent
)
6181 struct wpa_supplicant
*wpa_s
;
6182 struct wpa_interface t_iface
;
6183 struct wpa_ssid
*ssid
;
6185 if (global
== NULL
|| iface
== NULL
)
6188 wpa_s
= wpa_supplicant_alloc(parent
);
6192 wpa_s
->global
= global
;
6195 if (global
->params
.override_driver
) {
6196 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
6198 iface
->driver
, global
->params
.override_driver
);
6199 t_iface
.driver
= global
->params
.override_driver
;
6201 if (global
->params
.override_ctrl_interface
) {
6202 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
6203 "ctrl_interface ('%s' -> '%s')",
6204 iface
->ctrl_interface
,
6205 global
->params
.override_ctrl_interface
);
6206 t_iface
.ctrl_interface
=
6207 global
->params
.override_ctrl_interface
;
6209 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
6210 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
6212 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
6216 if (iface
->p2p_mgmt
== 0) {
6217 /* Notify the control interfaces about new iface */
6218 if (wpas_notify_iface_added(wpa_s
)) {
6219 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
6223 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
6224 wpas_notify_network_added(wpa_s
, ssid
);
6227 wpa_s
->next
= global
->ifaces
;
6228 global
->ifaces
= wpa_s
;
6230 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
6231 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
6234 if (wpa_s
->global
->p2p
== NULL
&&
6235 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
6236 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
6237 wpas_p2p_add_p2pdev_interface(
6238 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
6239 wpa_printf(MSG_INFO
,
6240 "P2P: Failed to enable P2P Device interface");
6241 /* Try to continue without. P2P will be disabled. */
6243 #endif /* CONFIG_P2P */
6250 * wpa_supplicant_remove_iface - Remove a network interface
6251 * @global: Pointer to global data from wpa_supplicant_init()
6252 * @wpa_s: Pointer to the network interface to be removed
6253 * Returns: 0 if interface was removed, -1 if interface was not found
6255 * This function can be used to dynamically remove network interfaces from
6256 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6257 * addition, this function is used to remove all remaining interfaces when
6258 * %wpa_supplicant is terminated.
6260 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
6261 struct wpa_supplicant
*wpa_s
,
6264 struct wpa_supplicant
*prev
;
6266 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
6267 char *ifname
= NULL
;
6268 struct wpa_supplicant
*parent
= wpa_s
->parent
;
6269 #endif /* CONFIG_MESH */
6271 /* Remove interface from the global list of interfaces */
6272 prev
= global
->ifaces
;
6273 if (prev
== wpa_s
) {
6274 global
->ifaces
= wpa_s
->next
;
6276 while (prev
&& prev
->next
!= wpa_s
)
6280 prev
->next
= wpa_s
->next
;
6283 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
6286 if (mesh_if_created
) {
6287 ifname
= os_strdup(wpa_s
->ifname
);
6288 if (ifname
== NULL
) {
6289 wpa_dbg(wpa_s
, MSG_ERROR
,
6290 "mesh: Failed to malloc ifname");
6294 #endif /* CONFIG_MESH */
6296 if (global
->p2p_group_formation
== wpa_s
)
6297 global
->p2p_group_formation
= NULL
;
6298 if (global
->p2p_invite_group
== wpa_s
)
6299 global
->p2p_invite_group
= NULL
;
6300 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
6303 if (mesh_if_created
) {
6304 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
6307 #endif /* CONFIG_MESH */
6314 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6315 * @wpa_s: Pointer to the network interface
6316 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6318 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6320 const char *eapol_method
;
6322 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6323 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6327 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6328 if (eapol_method
== NULL
)
6329 return "UNKNOWN-EAP";
6331 return eapol_method
;
6336 * wpa_supplicant_get_iface - Get a new network interface
6337 * @global: Pointer to global data from wpa_supplicant_init()
6338 * @ifname: Interface name
6339 * Returns: Pointer to the interface or %NULL if not found
6341 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6344 struct wpa_supplicant
*wpa_s
;
6346 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6347 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6354 #ifndef CONFIG_NO_WPA_MSG
6355 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6357 struct wpa_supplicant
*wpa_s
= ctx
;
6360 return wpa_s
->ifname
;
6362 #endif /* CONFIG_NO_WPA_MSG */
6365 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6366 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6367 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6369 /* Periodic cleanup tasks */
6370 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6372 struct wpa_global
*global
= eloop_ctx
;
6373 struct wpa_supplicant
*wpa_s
;
6375 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6376 wpas_periodic
, global
, NULL
);
6380 p2p_expire_peers(global
->p2p
);
6381 #endif /* CONFIG_P2P */
6383 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6384 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6387 #endif /* CONFIG_AP */
6393 * wpa_supplicant_init - Initialize %wpa_supplicant
6394 * @params: Parameters for %wpa_supplicant
6395 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6397 * This function is used to initialize %wpa_supplicant. After successful
6398 * initialization, the returned data pointer can be used to add and remove
6399 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6401 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6403 struct wpa_global
*global
;
6409 #ifdef CONFIG_DRIVER_NDIS
6411 void driver_ndis_init_ops(void);
6412 driver_ndis_init_ops();
6414 #endif /* CONFIG_DRIVER_NDIS */
6416 #ifndef CONFIG_NO_WPA_MSG
6417 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6418 #endif /* CONFIG_NO_WPA_MSG */
6420 if (params
->wpa_debug_file_path
)
6421 wpa_debug_open_file(params
->wpa_debug_file_path
);
6423 wpa_debug_setup_stdout();
6424 if (params
->wpa_debug_syslog
)
6425 wpa_debug_open_syslog();
6426 if (params
->wpa_debug_tracing
) {
6427 ret
= wpa_debug_open_linux_tracing();
6429 wpa_printf(MSG_ERROR
,
6430 "Failed to enable trace logging");
6435 ret
= eap_register_methods();
6437 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6439 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6440 "the same EAP type.");
6444 global
= os_zalloc(sizeof(*global
));
6447 dl_list_init(&global
->p2p_srv_bonjour
);
6448 dl_list_init(&global
->p2p_srv_upnp
);
6449 global
->params
.daemonize
= params
->daemonize
;
6450 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6451 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6452 if (params
->pid_file
)
6453 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6454 if (params
->ctrl_interface
)
6455 global
->params
.ctrl_interface
=
6456 os_strdup(params
->ctrl_interface
);
6457 if (params
->ctrl_interface_group
)
6458 global
->params
.ctrl_interface_group
=
6459 os_strdup(params
->ctrl_interface_group
);
6460 if (params
->override_driver
)
6461 global
->params
.override_driver
=
6462 os_strdup(params
->override_driver
);
6463 if (params
->override_ctrl_interface
)
6464 global
->params
.override_ctrl_interface
=
6465 os_strdup(params
->override_ctrl_interface
);
6466 #ifdef CONFIG_MATCH_IFACE
6467 global
->params
.match_iface_count
= params
->match_iface_count
;
6468 if (params
->match_iface_count
) {
6469 global
->params
.match_ifaces
=
6470 os_calloc(params
->match_iface_count
,
6471 sizeof(struct wpa_interface
));
6472 os_memcpy(global
->params
.match_ifaces
,
6473 params
->match_ifaces
,
6474 params
->match_iface_count
*
6475 sizeof(struct wpa_interface
));
6477 #endif /* CONFIG_MATCH_IFACE */
6479 if (params
->conf_p2p_dev
)
6480 global
->params
.conf_p2p_dev
=
6481 os_strdup(params
->conf_p2p_dev
);
6482 #endif /* CONFIG_P2P */
6483 wpa_debug_level
= global
->params
.wpa_debug_level
=
6484 params
->wpa_debug_level
;
6485 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6486 params
->wpa_debug_show_keys
;
6487 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6488 params
->wpa_debug_timestamp
;
6490 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6493 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6494 wpa_supplicant_deinit(global
);
6498 random_init(params
->entropy_file
);
6500 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6501 if (global
->ctrl_iface
== NULL
) {
6502 wpa_supplicant_deinit(global
);
6506 if (wpas_notify_supplicant_initialized(global
)) {
6507 wpa_supplicant_deinit(global
);
6511 for (i
= 0; wpa_drivers
[i
]; i
++)
6512 global
->drv_count
++;
6513 if (global
->drv_count
== 0) {
6514 wpa_printf(MSG_ERROR
, "No drivers enabled");
6515 wpa_supplicant_deinit(global
);
6518 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6519 if (global
->drv_priv
== NULL
) {
6520 wpa_supplicant_deinit(global
);
6524 #ifdef CONFIG_WIFI_DISPLAY
6525 if (wifi_display_init(global
) < 0) {
6526 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6527 wpa_supplicant_deinit(global
);
6530 #endif /* CONFIG_WIFI_DISPLAY */
6532 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6533 wpas_periodic
, global
, NULL
);
6540 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6541 * @global: Pointer to global data from wpa_supplicant_init()
6542 * Returns: 0 after successful event loop run, -1 on failure
6544 * This function starts the main event loop and continues running as long as
6545 * there are any remaining events. In most cases, this function is running as
6546 * long as the %wpa_supplicant process in still in use.
6548 int wpa_supplicant_run(struct wpa_global
*global
)
6550 struct wpa_supplicant
*wpa_s
;
6552 if (global
->params
.daemonize
&&
6553 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6554 eloop_sock_requeue()))
6557 #ifdef CONFIG_MATCH_IFACE
6558 if (wpa_supplicant_match_existing(global
))
6562 if (global
->params
.wait_for_monitor
) {
6563 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6564 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6565 wpa_supplicant_ctrl_iface_wait(
6569 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6570 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6579 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6580 * @global: Pointer to global data from wpa_supplicant_init()
6582 * This function is called to deinitialize %wpa_supplicant and to free all
6583 * allocated resources. Remaining network interfaces will also be removed.
6585 void wpa_supplicant_deinit(struct wpa_global
*global
)
6592 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6594 #ifdef CONFIG_WIFI_DISPLAY
6595 wifi_display_deinit(global
);
6596 #endif /* CONFIG_WIFI_DISPLAY */
6598 while (global
->ifaces
)
6599 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6601 if (global
->ctrl_iface
)
6602 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6604 wpas_notify_supplicant_deinitialized(global
);
6606 eap_peer_unregister_methods();
6608 eap_server_unregister_methods();
6609 #endif /* CONFIG_AP */
6611 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6612 if (!global
->drv_priv
[i
])
6614 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6616 os_free(global
->drv_priv
);
6622 if (global
->params
.pid_file
) {
6623 os_daemonize_terminate(global
->params
.pid_file
);
6624 os_free(global
->params
.pid_file
);
6626 os_free(global
->params
.ctrl_interface
);
6627 os_free(global
->params
.ctrl_interface_group
);
6628 os_free(global
->params
.override_driver
);
6629 os_free(global
->params
.override_ctrl_interface
);
6630 #ifdef CONFIG_MATCH_IFACE
6631 os_free(global
->params
.match_ifaces
);
6632 #endif /* CONFIG_MATCH_IFACE */
6634 os_free(global
->params
.conf_p2p_dev
);
6635 #endif /* CONFIG_P2P */
6637 os_free(global
->p2p_disallow_freq
.range
);
6638 os_free(global
->p2p_go_avoid_freq
.range
);
6639 os_free(global
->add_psk
);
6642 wpa_debug_close_syslog();
6643 wpa_debug_close_file();
6644 wpa_debug_close_linux_tracing();
6648 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6650 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6651 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6653 country
[0] = wpa_s
->conf
->country
[0];
6654 country
[1] = wpa_s
->conf
->country
[1];
6656 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6657 wpa_printf(MSG_ERROR
, "Failed to set country code "
6662 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6663 wpas_init_ext_pw(wpa_s
);
6665 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6666 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6668 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6669 struct wpa_driver_capa capa
;
6670 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6672 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6673 wpa_printf(MSG_ERROR
,
6674 "Failed to update wowlan_triggers to '%s'",
6675 wpa_s
->conf
->wowlan_triggers
);
6678 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_DISABLE_BTM
)
6679 wpa_supplicant_set_default_scan_ies(wpa_s
);
6682 wpas_wps_update_config(wpa_s
);
6683 #endif /* CONFIG_WPS */
6684 wpas_p2p_update_config(wpa_s
);
6685 wpa_s
->conf
->changed_parameters
= 0;
6689 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6693 for (i
= 0; i
< *num_freqs
; i
++) {
6694 if (freqs
[i
] == freq
)
6698 freqs
[*num_freqs
] = freq
;
6703 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6705 struct wpa_bss
*bss
, *cbss
;
6706 const int max_freqs
= 10;
6710 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6714 cbss
= wpa_s
->current_bss
;
6716 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6719 if (bss
->ssid_len
== cbss
->ssid_len
&&
6720 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6721 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6722 add_freq(freqs
, &num_freqs
, bss
->freq
);
6723 if (num_freqs
== max_freqs
)
6728 if (num_freqs
== 0) {
6737 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6743 wpas_connect_work_done(wpa_s
);
6746 * Remove possible authentication timeout since the connection failed.
6748 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6751 * There is no point in blacklisting the AP if this event is
6752 * generated based on local request to disconnect.
6754 if (wpa_s
->own_disconnect_req
) {
6755 wpa_s
->own_disconnect_req
= 0;
6756 wpa_dbg(wpa_s
, MSG_DEBUG
,
6757 "Ignore connection failure due to local request to disconnect");
6760 if (wpa_s
->disconnected
) {
6761 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6762 "indication since interface has been put into "
6763 "disconnected state");
6768 * Add the failed BSSID into the blacklist and speed up next scan
6769 * attempt if there could be other APs that could accept association.
6770 * The current blacklist count indicates how many times we have tried
6771 * connecting to this AP and multiple attempts mean that other APs are
6772 * either not available or has already been tried, so that we can start
6773 * increasing the delay here to avoid constant scanning.
6775 count
= wpa_blacklist_add(wpa_s
, bssid
);
6776 if (count
== 1 && wpa_s
->current_bss
) {
6778 * This BSS was not in the blacklist before. If there is
6779 * another BSS available for the same ESS, we should try that
6780 * next. Otherwise, we may as well try this one once more
6781 * before allowing other, likely worse, ESSes to be considered.
6783 freqs
= get_bss_freqs_in_ess(wpa_s
);
6785 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6786 "has been seen; try it next");
6787 wpa_blacklist_add(wpa_s
, bssid
);
6789 * On the next scan, go through only the known channels
6790 * used in this ESS based on previous scans to speed up
6791 * common load balancing use case.
6793 os_free(wpa_s
->next_scan_freqs
);
6794 wpa_s
->next_scan_freqs
= freqs
;
6799 * Add previous failure count in case the temporary blacklist was
6800 * cleared due to no other BSSes being available.
6802 count
+= wpa_s
->extra_blacklist_count
;
6804 if (count
> 3 && wpa_s
->current_ssid
) {
6805 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6806 "consider temporary network disabling");
6807 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6828 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6829 "ms", count
, timeout
);
6832 * TODO: if more than one possible AP is available in scan results,
6833 * could try the other ones before requesting a new scan.
6836 /* speed up the connection attempt with normal scan */
6837 wpa_s
->normal_scans
= 0;
6838 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6839 1000 * (timeout
% 1000));
6844 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6846 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6847 const u8
*realm
, *username
, *rrk
;
6848 size_t realm_len
, username_len
, rrk_len
;
6851 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6852 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6853 &username
, &username_len
,
6854 &realm
, &realm_len
, &next_seq_num
,
6855 &rrk
, &rrk_len
) != 0 ||
6859 wpa_hexdump_ascii(MSG_DEBUG
,
6860 "FILS: Store last connection failure realm",
6862 os_free(wpa_s
->last_con_fail_realm
);
6863 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6864 if (wpa_s
->last_con_fail_realm
) {
6865 wpa_s
->last_con_fail_realm_len
= realm_len
;
6866 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6869 #endif /* CONFIG_FILS */
6872 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6874 return wpa_s
->conf
->ap_scan
== 2 ||
6875 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6879 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6880 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6881 struct wpa_ssid
*ssid
,
6885 #ifdef IEEE8021X_EAPOL
6886 struct eap_peer_config
*eap
= &ssid
->eap
;
6888 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6889 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6890 (const u8
*) value
, os_strlen(value
));
6892 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6893 case WPA_CTRL_REQ_EAP_IDENTITY
:
6894 os_free(eap
->identity
);
6895 eap
->identity
= (u8
*) os_strdup(value
);
6896 eap
->identity_len
= os_strlen(value
);
6897 eap
->pending_req_identity
= 0;
6898 if (ssid
== wpa_s
->current_ssid
)
6899 wpa_s
->reassociate
= 1;
6901 case WPA_CTRL_REQ_EAP_PASSWORD
:
6902 bin_clear_free(eap
->password
, eap
->password_len
);
6903 eap
->password
= (u8
*) os_strdup(value
);
6904 eap
->password_len
= os_strlen(value
);
6905 eap
->pending_req_password
= 0;
6906 if (ssid
== wpa_s
->current_ssid
)
6907 wpa_s
->reassociate
= 1;
6909 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6910 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6911 eap
->new_password
= (u8
*) os_strdup(value
);
6912 eap
->new_password_len
= os_strlen(value
);
6913 eap
->pending_req_new_password
= 0;
6914 if (ssid
== wpa_s
->current_ssid
)
6915 wpa_s
->reassociate
= 1;
6917 case WPA_CTRL_REQ_EAP_PIN
:
6918 str_clear_free(eap
->cert
.pin
);
6919 eap
->cert
.pin
= os_strdup(value
);
6920 eap
->pending_req_pin
= 0;
6921 if (ssid
== wpa_s
->current_ssid
)
6922 wpa_s
->reassociate
= 1;
6924 case WPA_CTRL_REQ_EAP_OTP
:
6925 bin_clear_free(eap
->otp
, eap
->otp_len
);
6926 eap
->otp
= (u8
*) os_strdup(value
);
6927 eap
->otp_len
= os_strlen(value
);
6928 os_free(eap
->pending_req_otp
);
6929 eap
->pending_req_otp
= NULL
;
6930 eap
->pending_req_otp_len
= 0;
6932 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6933 str_clear_free(eap
->cert
.private_key_passwd
);
6934 eap
->cert
.private_key_passwd
= os_strdup(value
);
6935 eap
->pending_req_passphrase
= 0;
6936 if (ssid
== wpa_s
->current_ssid
)
6937 wpa_s
->reassociate
= 1;
6939 case WPA_CTRL_REQ_SIM
:
6940 str_clear_free(eap
->external_sim_resp
);
6941 eap
->external_sim_resp
= os_strdup(value
);
6942 eap
->pending_req_sim
= 0;
6944 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6945 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6947 ssid
->mem_only_psk
= 1;
6948 if (ssid
->passphrase
)
6949 wpa_config_update_psk(ssid
);
6950 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6951 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6953 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6954 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6956 if (os_strcmp(value
, "good") == 0)
6957 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6958 else if (os_strcmp(value
, "bad") == 0)
6959 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6964 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6969 #else /* IEEE8021X_EAPOL */
6970 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6972 #endif /* IEEE8021X_EAPOL */
6974 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6977 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6980 unsigned int drv_enc
;
6982 if (wpa_s
->p2p_mgmt
)
6983 return 1; /* no normal network profiles on p2p_mgmt interface */
6991 if (wpa_s
->drv_capa_known
)
6992 drv_enc
= wpa_s
->drv_enc
;
6994 drv_enc
= (unsigned int) -1;
6996 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6997 size_t len
= ssid
->wep_key_len
[i
];
7000 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
7002 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
7004 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
7006 return 1; /* invalid WEP key */
7009 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
7010 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
7011 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
7012 !ssid
->mem_only_psk
)
7019 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
7021 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
7022 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
7023 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
7025 * Driver does not support BIP -- ignore pmf=1 default
7026 * since the connection with PMF would fail and the
7027 * configuration does not require PMF to be enabled.
7029 return NO_MGMT_FRAME_PROTECTION
;
7034 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
7035 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
7037 * Do not use the default PMF value for non-RSN networks
7038 * since PMF is available only with RSN and pmf=2
7039 * configuration would otherwise prevent connections to
7040 * all open networks.
7042 return NO_MGMT_FRAME_PROTECTION
;
7045 return wpa_s
->conf
->pmf
;
7048 return ssid
->ieee80211w
;
7052 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
7054 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
7056 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
7062 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
7064 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
7066 struct os_reltime now
;
7069 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
7074 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
7077 ssid
->auth_failures
++;
7080 if (ssid
->p2p_group
&&
7081 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
7083 * Skip the wait time since there is a short timeout on the
7084 * connection to a P2P group.
7088 #endif /* CONFIG_P2P */
7090 if (ssid
->auth_failures
> 50)
7092 else if (ssid
->auth_failures
> 10)
7094 else if (ssid
->auth_failures
> 5)
7096 else if (ssid
->auth_failures
> 3)
7098 else if (ssid
->auth_failures
> 2)
7100 else if (ssid
->auth_failures
> 1)
7105 if (ssid
->auth_failures
> 1 &&
7106 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
7107 dur
+= os_random() % (ssid
->auth_failures
* 10);
7109 os_get_reltime(&now
);
7110 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
7113 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
7115 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
7116 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
7117 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
7118 ssid
->auth_failures
, dur
, reason
);
7122 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
7123 struct wpa_ssid
*ssid
, int clear_failures
)
7128 if (ssid
->disabled_until
.sec
) {
7129 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
7130 "id=%d ssid=\"%s\"",
7131 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
7133 ssid
->disabled_until
.sec
= 0;
7134 ssid
->disabled_until
.usec
= 0;
7136 ssid
->auth_failures
= 0;
7140 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7144 if (wpa_s
->disallow_aps_bssid
== NULL
)
7147 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
7148 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
7149 bssid
, ETH_ALEN
) == 0)
7157 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
7162 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
7165 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
7166 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
7167 if (ssid_len
== s
->ssid_len
&&
7168 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
7177 * wpas_request_connection - Request a new connection
7178 * @wpa_s: Pointer to the network interface
7180 * This function is used to request a new connection to be found. It will mark
7181 * the interface to allow reassociation and request a new scan to find a
7182 * suitable network to connect to.
7184 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
7186 wpa_s
->normal_scans
= 0;
7187 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
7188 wpa_supplicant_reinit_autoscan(wpa_s
);
7189 wpa_s
->extra_blacklist_count
= 0;
7190 wpa_s
->disconnected
= 0;
7191 wpa_s
->reassociate
= 1;
7192 wpa_s
->last_owe_group
= 0;
7194 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
7195 wpa_supplicant_req_scan(wpa_s
, 0, 0);
7197 wpa_s
->reattach
= 0;
7202 * wpas_request_disconnection - Request disconnection
7203 * @wpa_s: Pointer to the network interface
7205 * This function is used to request disconnection from the currently connected
7206 * network. This will stop any ongoing scans and initiate deauthentication.
7208 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
7211 wpa_s
->sme
.prev_bssid_set
= 0;
7212 #endif /* CONFIG_SME */
7213 wpa_s
->reassociate
= 0;
7214 wpa_s
->disconnected
= 1;
7215 wpa_supplicant_cancel_sched_scan(wpa_s
);
7216 wpa_supplicant_cancel_scan(wpa_s
);
7217 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
7218 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
7219 radio_remove_works(wpa_s
, "connect", 0);
7220 radio_remove_works(wpa_s
, "sme-connect", 0);
7224 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
7225 struct wpa_used_freq_data
*freqs_data
,
7230 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
7232 for (i
= 0; i
< len
; i
++) {
7233 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
7234 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
7235 i
, cur
->freq
, cur
->flags
);
7241 * Find the operating frequencies of any of the virtual interfaces that
7242 * are using the same radio as the current interface, and in addition, get
7243 * information about the interface types that are using the frequency.
7245 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
7246 struct wpa_used_freq_data
*freqs_data
,
7249 struct wpa_supplicant
*ifs
;
7252 unsigned int idx
= 0, i
;
7254 wpa_dbg(wpa_s
, MSG_DEBUG
,
7255 "Determining shared radio frequencies (max len %u)", len
);
7256 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
7258 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
7263 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
7266 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
7267 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
7268 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
7269 freq
= ifs
->current_ssid
->frequency
;
7270 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
7271 freq
= ifs
->assoc_freq
;
7275 /* Hold only distinct freqs */
7276 for (i
= 0; i
< idx
; i
++)
7277 if (freqs_data
[i
].freq
== freq
)
7281 freqs_data
[idx
++].freq
= freq
;
7283 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
7284 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
7285 WPA_FREQ_USED_BY_P2P_CLIENT
:
7286 WPA_FREQ_USED_BY_INFRA_STATION
;
7290 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
7296 * Find the operating frequencies of any of the virtual interfaces that
7297 * are using the same radio as the current interface.
7299 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
7300 int *freq_array
, unsigned int len
)
7302 struct wpa_used_freq_data
*freqs_data
;
7305 os_memset(freq_array
, 0, sizeof(int) * len
);
7307 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
7311 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
7312 for (i
= 0; i
< num
; i
++)
7313 freq_array
[i
] = freqs_data
[i
].freq
;
7315 os_free(freqs_data
);
7321 struct wpa_supplicant
*
7322 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7326 case VENDOR_ELEM_PROBE_REQ_P2P
:
7327 case VENDOR_ELEM_PROBE_RESP_P2P
:
7328 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7329 case VENDOR_ELEM_BEACON_P2P_GO
:
7330 case VENDOR_ELEM_P2P_PD_REQ
:
7331 case VENDOR_ELEM_P2P_PD_RESP
:
7332 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7333 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7334 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7335 case VENDOR_ELEM_P2P_INV_REQ
:
7336 case VENDOR_ELEM_P2P_INV_RESP
:
7337 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7338 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7339 return wpa_s
->p2pdev
;
7340 #endif /* CONFIG_P2P */
7347 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7352 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7354 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7355 if (wpa_s
->vendor_elem
[i
]) {
7358 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7359 if (!os_snprintf_error(sizeof(buf
), res
)) {
7360 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7361 wpa_s
->vendor_elem
[i
]);
7367 if (wpa_s
->parent
== wpa_s
&&
7368 wpa_s
->global
->p2p
&&
7369 !wpa_s
->global
->p2p_disabled
)
7370 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7371 #endif /* CONFIG_P2P */
7375 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7376 const u8
*elem
, size_t len
)
7380 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7381 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7383 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7386 if (os_memcmp(ie
, elem
, len
) != 0)
7389 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7390 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7391 wpa_s
->vendor_elem
[frame
] = NULL
;
7393 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7394 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7396 wpas_vendor_elem_update(wpa_s
);
7404 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7405 u16 num_modes
, enum hostapd_hw_mode mode
)
7409 for (i
= 0; i
< num_modes
; i
++) {
7410 if (modes
[i
].mode
== mode
)
7419 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7422 struct wpa_bss_tmp_disallowed
*bss
;
7424 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7425 struct wpa_bss_tmp_disallowed
, list
) {
7426 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7434 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7436 struct wpa_bss_tmp_disallowed
*tmp
;
7437 unsigned int num_bssid
= 0;
7441 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7444 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7445 struct wpa_bss_tmp_disallowed
, list
) {
7446 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7450 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7456 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7458 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7459 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7461 /* Make sure the bss is not already freed */
7462 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7463 struct wpa_bss_tmp_disallowed
, list
) {
7465 dl_list_del(&tmp
->list
);
7467 wpa_set_driver_tmp_disallow_list(wpa_s
);
7474 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7475 unsigned int sec
, int rssi_threshold
)
7477 struct wpa_bss_tmp_disallowed
*bss
;
7479 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7481 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7485 bss
= os_malloc(sizeof(*bss
));
7487 wpa_printf(MSG_DEBUG
,
7488 "Failed to allocate memory for temp disallow BSS");
7492 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7493 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7494 wpa_set_driver_tmp_disallow_list(wpa_s
);
7497 bss
->rssi_threshold
= rssi_threshold
;
7498 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7503 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
,
7504 struct wpa_bss
*bss
)
7506 struct wpa_bss_tmp_disallowed
*disallowed
= NULL
, *tmp
, *prev
;
7508 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7509 struct wpa_bss_tmp_disallowed
, list
) {
7510 if (os_memcmp(bss
->bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {
7518 if (disallowed
->rssi_threshold
!= 0 &&
7519 bss
->level
> disallowed
->rssi_threshold
)
7526 int wpas_enable_mac_addr_randomization(struct wpa_supplicant
*wpa_s
,
7527 unsigned int type
, const u8
*addr
,
7530 if ((addr
&& !mask
) || (!addr
&& mask
)) {
7531 wpa_printf(MSG_INFO
,
7532 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7536 if (addr
&& mask
&& (!(mask
[0] & 0x01) || (addr
[0] & 0x01))) {
7537 wpa_printf(MSG_INFO
,
7538 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7542 if (type
& MAC_ADDR_RAND_SCAN
) {
7543 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_SCAN
,
7548 if (type
& MAC_ADDR_RAND_SCHED_SCAN
) {
7549 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_SCHED_SCAN
,
7553 if (wpa_s
->sched_scanning
&& !wpa_s
->pno
)
7554 wpas_scan_restart_sched_scan(wpa_s
);
7557 if (type
& MAC_ADDR_RAND_PNO
) {
7558 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_PNO
,
7563 wpas_stop_pno(wpa_s
);
7564 wpas_start_pno(wpa_s
);
7572 int wpas_disable_mac_addr_randomization(struct wpa_supplicant
*wpa_s
,
7575 wpas_mac_addr_rand_scan_clear(wpa_s
, type
);
7577 if (type
& MAC_ADDR_RAND_PNO
) {
7578 wpas_stop_pno(wpa_s
);
7579 wpas_start_pno(wpa_s
);
7581 } else if (wpa_s
->sched_scanning
&& (type
& MAC_ADDR_RAND_SCHED_SCAN
)) {
7582 wpas_scan_restart_sched_scan(wpa_s
);