3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
46 #include "blacklist.h"
47 #include "wpas_glue.h"
48 #include "wps_supplicant.h"
51 #include "gas_query.h"
53 #include "p2p_supplicant.h"
54 #include "wifi_display.h"
60 #include "offchannel.h"
61 #include "hs20_supplicant.h"
65 #include "dpp_supplicant.h"
67 #include "ap/ap_config.h"
68 #include "ap/hostapd.h"
69 #endif /* CONFIG_MESH */
71 const char *const wpa_supplicant_version
=
72 "wpa_supplicant v" VERSION_STR
"\n"
73 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
75 const char *const wpa_supplicant_license
=
76 "This software may be distributed under the terms of the BSD license.\n"
77 "See README for more details.\n"
78 #ifdef EAP_TLS_OPENSSL
79 "\nThis product includes software developed by the OpenSSL Project\n"
80 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
81 #endif /* EAP_TLS_OPENSSL */
84 #ifndef CONFIG_NO_STDOUT_DEBUG
85 /* Long text divided into parts in order to fit in C89 strings size limits. */
86 const char *const wpa_supplicant_full_license1
=
88 const char *const wpa_supplicant_full_license2
=
89 "This software may be distributed under the terms of the BSD license.\n"
91 "Redistribution and use in source and binary forms, with or without\n"
92 "modification, are permitted provided that the following conditions are\n"
95 const char *const wpa_supplicant_full_license3
=
96 "1. Redistributions of source code must retain the above copyright\n"
97 " notice, this list of conditions and the following disclaimer.\n"
99 "2. Redistributions in binary form must reproduce the above copyright\n"
100 " notice, this list of conditions and the following disclaimer in the\n"
101 " documentation and/or other materials provided with the distribution.\n"
103 const char *const wpa_supplicant_full_license4
=
104 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
105 " names of its contributors may be used to endorse or promote products\n"
106 " derived from this software without specific prior written permission.\n"
108 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
109 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
110 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
111 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
112 const char *const wpa_supplicant_full_license5
=
113 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
114 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
115 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
116 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
117 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
118 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
119 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
121 #endif /* CONFIG_NO_STDOUT_DEBUG */
124 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
);
125 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
126 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
);
127 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
129 static void wpas_update_owe_connect_params(struct wpa_supplicant
*wpa_s
);
130 #endif /* CONFIG_OWE */
133 /* Configure default/group WEP keys for static WEP */
134 int wpa_set_wep_keys(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
138 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
139 if (ssid
->wep_key_len
[i
] == 0)
143 wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
, NULL
,
144 i
, i
== ssid
->wep_tx_keyidx
, NULL
, 0,
145 ssid
->wep_key
[i
], ssid
->wep_key_len
[i
]);
152 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant
*wpa_s
,
153 struct wpa_ssid
*ssid
)
161 /* IBSS/WPA-None uses only one key (Group) for both receiving and
162 * sending unicast and multicast packets. */
164 if (ssid
->mode
!= WPAS_MODE_IBSS
) {
165 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid mode %d (not "
166 "IBSS/ad-hoc) for WPA-None", ssid
->mode
);
170 if (!ssid
->psk_set
) {
171 wpa_msg(wpa_s
, MSG_INFO
, "WPA: No PSK configured for "
176 switch (wpa_s
->group_cipher
) {
177 case WPA_CIPHER_CCMP
:
178 os_memcpy(key
, ssid
->psk
, 16);
182 case WPA_CIPHER_GCMP
:
183 os_memcpy(key
, ssid
->psk
, 16);
187 case WPA_CIPHER_TKIP
:
188 /* WPA-None uses the same Michael MIC key for both TX and RX */
189 os_memcpy(key
, ssid
->psk
, 16 + 8);
190 os_memcpy(key
+ 16 + 8, ssid
->psk
+ 16, 8);
195 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Invalid group cipher %d for "
196 "WPA-None", wpa_s
->group_cipher
);
200 /* TODO: should actually remember the previously used seq#, both for TX
201 * and RX from each STA.. */
203 ret
= wpa_drv_set_key(wpa_s
, alg
, NULL
, 0, 1, seq
, 6, key
, keylen
);
204 os_memset(key
, 0, sizeof(key
));
209 static void wpa_supplicant_timeout(void *eloop_ctx
, void *timeout_ctx
)
211 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
212 const u8
*bssid
= wpa_s
->bssid
;
213 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
214 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
215 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
216 bssid
= wpa_s
->pending_bssid
;
217 wpa_msg(wpa_s
, MSG_INFO
, "Authentication with " MACSTR
" timed out.",
219 wpa_blacklist_add(wpa_s
, bssid
);
220 wpa_sm_notify_disassoc(wpa_s
->wpa
);
221 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
222 wpa_s
->reassociate
= 1;
225 * If we timed out, the AP or the local radio may be busy.
226 * So, wait a second until scanning again.
228 wpa_supplicant_req_scan(wpa_s
, 1, 0);
233 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
234 * @wpa_s: Pointer to wpa_supplicant data
235 * @sec: Number of seconds after which to time out authentication
236 * @usec: Number of microseconds after which to time out authentication
238 * This function is used to schedule a timeout for the current authentication
241 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant
*wpa_s
,
244 if (wpa_s
->conf
->ap_scan
== 0 &&
245 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
))
248 wpa_dbg(wpa_s
, MSG_DEBUG
, "Setting authentication timeout: %d sec "
249 "%d usec", sec
, usec
);
250 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
251 wpa_s
->last_auth_timeout_sec
= sec
;
252 eloop_register_timeout(sec
, usec
, wpa_supplicant_timeout
, wpa_s
, NULL
);
257 * wpas_auth_timeout_restart - Restart and change timeout for authentication
258 * @wpa_s: Pointer to wpa_supplicant data
259 * @sec_diff: difference in seconds applied to original timeout value
261 void wpas_auth_timeout_restart(struct wpa_supplicant
*wpa_s
, int sec_diff
)
263 int new_sec
= wpa_s
->last_auth_timeout_sec
+ sec_diff
;
265 if (eloop_is_timeout_registered(wpa_supplicant_timeout
, wpa_s
, NULL
)) {
266 wpa_dbg(wpa_s
, MSG_DEBUG
,
267 "Authentication timeout restart: %d sec", new_sec
);
268 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
269 eloop_register_timeout(new_sec
, 0, wpa_supplicant_timeout
,
276 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
277 * @wpa_s: Pointer to wpa_supplicant data
279 * This function is used to cancel authentication timeout scheduled with
280 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
283 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant
*wpa_s
)
285 wpa_dbg(wpa_s
, MSG_DEBUG
, "Cancelling authentication timeout");
286 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
287 wpa_blacklist_del(wpa_s
, wpa_s
->bssid
);
288 os_free(wpa_s
->last_con_fail_realm
);
289 wpa_s
->last_con_fail_realm
= NULL
;
290 wpa_s
->last_con_fail_realm_len
= 0;
295 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
296 * @wpa_s: Pointer to wpa_supplicant data
298 * This function is used to configure EAPOL state machine based on the selected
299 * authentication mode.
301 void wpa_supplicant_initiate_eapol(struct wpa_supplicant
*wpa_s
)
303 #ifdef IEEE8021X_EAPOL
304 struct eapol_config eapol_conf
;
305 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
307 #ifdef CONFIG_IBSS_RSN
308 if (ssid
->mode
== WPAS_MODE_IBSS
&&
309 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
310 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
312 * RSN IBSS authentication is per-STA and we can disable the
313 * per-BSSID EAPOL authentication.
315 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
316 eapol_sm_notify_eap_success(wpa_s
->eapol
, TRUE
);
317 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
320 #endif /* CONFIG_IBSS_RSN */
322 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
323 eapol_sm_notify_eap_fail(wpa_s
->eapol
, FALSE
);
325 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
326 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
)
327 eapol_sm_notify_portControl(wpa_s
->eapol
, ForceAuthorized
);
329 eapol_sm_notify_portControl(wpa_s
->eapol
, Auto
);
331 os_memset(&eapol_conf
, 0, sizeof(eapol_conf
));
332 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
333 eapol_conf
.accept_802_1x_keys
= 1;
334 eapol_conf
.required_keys
= 0;
335 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_UNICAST
) {
336 eapol_conf
.required_keys
|= EAPOL_REQUIRE_KEY_UNICAST
;
338 if (ssid
->eapol_flags
& EAPOL_FLAG_REQUIRE_KEY_BROADCAST
) {
339 eapol_conf
.required_keys
|=
340 EAPOL_REQUIRE_KEY_BROADCAST
;
343 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
)
344 eapol_conf
.required_keys
= 0;
346 eapol_conf
.fast_reauth
= wpa_s
->conf
->fast_reauth
;
347 eapol_conf
.workaround
= ssid
->eap_workaround
;
348 eapol_conf
.eap_disabled
=
349 !wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
350 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
&&
351 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPS
;
352 eapol_conf
.external_sim
= wpa_s
->conf
->external_sim
;
355 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
356 eapol_conf
.wps
|= EAPOL_LOCAL_WPS_IN_USE
;
357 if (wpa_s
->current_bss
) {
359 ie
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
364 EAPOL_PEER_IS_WPS20_AP
;
369 #endif /* CONFIG_WPS */
371 eapol_sm_notify_config(wpa_s
->eapol
, &ssid
->eap
, &eapol_conf
);
374 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
&& ssid
->mka_psk_set
)
375 ieee802_1x_create_preshared_mka(wpa_s
, ssid
);
377 ieee802_1x_alloc_kay_sm(wpa_s
, ssid
);
378 #endif /* CONFIG_MACSEC */
379 #endif /* IEEE8021X_EAPOL */
384 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
385 * @wpa_s: Pointer to wpa_supplicant data
386 * @ssid: Configuration data for the network
388 * This function is used to configure WPA state machine and related parameters
389 * to a mode where WPA is not enabled. This is called as part of the
390 * authentication configuration when the selected network does not use WPA.
392 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant
*wpa_s
,
393 struct wpa_ssid
*ssid
)
397 if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)
398 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPS
;
399 else if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
)
400 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_NO_WPA
;
402 wpa_s
->key_mgmt
= WPA_KEY_MGMT_NONE
;
403 wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, NULL
, 0);
404 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, NULL
, 0);
405 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
406 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
407 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
408 wpa_s
->mgmt_group_cipher
= 0;
410 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
411 if (ssid
->wep_key_len
[i
] > 5) {
412 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP104
;
413 wpa_s
->group_cipher
= WPA_CIPHER_WEP104
;
415 } else if (ssid
->wep_key_len
[i
] > 0) {
416 wpa_s
->pairwise_cipher
= WPA_CIPHER_WEP40
;
417 wpa_s
->group_cipher
= WPA_CIPHER_WEP40
;
422 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
, 0);
423 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
424 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
425 wpa_s
->pairwise_cipher
);
426 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
427 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
428 wpa_s
->mgmt_group_cipher
);
430 pmksa_cache_clear_current(wpa_s
->wpa
);
434 void free_hw_features(struct wpa_supplicant
*wpa_s
)
437 if (wpa_s
->hw
.modes
== NULL
)
440 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
441 os_free(wpa_s
->hw
.modes
[i
].channels
);
442 os_free(wpa_s
->hw
.modes
[i
].rates
);
445 os_free(wpa_s
->hw
.modes
);
446 wpa_s
->hw
.modes
= NULL
;
450 void free_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
)
452 struct wpa_bss_tmp_disallowed
*bss
, *prev
;
454 dl_list_for_each_safe(bss
, prev
, &wpa_s
->bss_tmp_disallowed
,
455 struct wpa_bss_tmp_disallowed
, list
) {
456 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
457 dl_list_del(&bss
->list
);
463 void wpas_flush_fils_hlp_req(struct wpa_supplicant
*wpa_s
)
465 struct fils_hlp_req
*req
;
467 while ((req
= dl_list_first(&wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
469 dl_list_del(&req
->list
);
470 wpabuf_free(req
->pkt
);
476 static void wpa_supplicant_cleanup(struct wpa_supplicant
*wpa_s
)
480 bgscan_deinit(wpa_s
);
481 autoscan_deinit(wpa_s
);
482 scard_deinit(wpa_s
->scard
);
484 wpa_sm_set_scard_ctx(wpa_s
->wpa
, NULL
);
485 eapol_sm_register_scard_ctx(wpa_s
->eapol
, NULL
);
486 l2_packet_deinit(wpa_s
->l2
);
489 l2_packet_deinit(wpa_s
->l2_br
);
492 #ifdef CONFIG_TESTING_OPTIONS
493 l2_packet_deinit(wpa_s
->l2_test
);
494 wpa_s
->l2_test
= NULL
;
495 os_free(wpa_s
->get_pref_freq_list_override
);
496 wpa_s
->get_pref_freq_list_override
= NULL
;
497 wpabuf_free(wpa_s
->last_assoc_req_wpa_ie
);
498 wpa_s
->last_assoc_req_wpa_ie
= NULL
;
499 #endif /* CONFIG_TESTING_OPTIONS */
501 if (wpa_s
->conf
!= NULL
) {
502 struct wpa_ssid
*ssid
;
503 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
504 wpas_notify_network_removed(wpa_s
, ssid
);
507 os_free(wpa_s
->confname
);
508 wpa_s
->confname
= NULL
;
510 os_free(wpa_s
->confanother
);
511 wpa_s
->confanother
= NULL
;
513 os_free(wpa_s
->last_con_fail_realm
);
514 wpa_s
->last_con_fail_realm
= NULL
;
515 wpa_s
->last_con_fail_realm_len
= 0;
517 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
518 eapol_sm_deinit(wpa_s
->eapol
);
521 rsn_preauth_deinit(wpa_s
->wpa
);
524 wpa_tdls_deinit(wpa_s
->wpa
);
525 #endif /* CONFIG_TDLS */
527 wmm_ac_clear_saved_tspecs(wpa_s
);
528 pmksa_candidate_free(wpa_s
->wpa
);
529 wpa_sm_deinit(wpa_s
->wpa
);
531 wpa_blacklist_clear(wpa_s
);
533 wpa_bss_deinit(wpa_s
);
535 wpa_supplicant_cancel_delayed_sched_scan(wpa_s
);
536 wpa_supplicant_cancel_scan(wpa_s
);
537 wpa_supplicant_cancel_auth_timeout(wpa_s
);
538 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures
, wpa_s
, NULL
);
539 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
540 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report
,
542 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
544 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
546 wpas_wps_deinit(wpa_s
);
548 wpabuf_free(wpa_s
->pending_eapol_rx
);
549 wpa_s
->pending_eapol_rx
= NULL
;
551 #ifdef CONFIG_IBSS_RSN
552 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
553 wpa_s
->ibss_rsn
= NULL
;
554 #endif /* CONFIG_IBSS_RSN */
559 wpa_supplicant_ap_deinit(wpa_s
);
560 #endif /* CONFIG_AP */
562 wpas_p2p_deinit(wpa_s
);
564 #ifdef CONFIG_OFFCHANNEL
565 offchannel_deinit(wpa_s
);
566 #endif /* CONFIG_OFFCHANNEL */
568 wpa_supplicant_cancel_sched_scan(wpa_s
);
570 os_free(wpa_s
->next_scan_freqs
);
571 wpa_s
->next_scan_freqs
= NULL
;
573 os_free(wpa_s
->manual_scan_freqs
);
574 wpa_s
->manual_scan_freqs
= NULL
;
575 os_free(wpa_s
->select_network_scan_freqs
);
576 wpa_s
->select_network_scan_freqs
= NULL
;
578 os_free(wpa_s
->manual_sched_scan_freqs
);
579 wpa_s
->manual_sched_scan_freqs
= NULL
;
581 wpas_mac_addr_rand_scan_clear(wpa_s
, MAC_ADDR_RAND_ALL
);
584 * Need to remove any pending gas-query radio work before the
585 * gas_query_deinit() call because gas_query::work has not yet been set
586 * for works that have not been started. gas_query_free() will be unable
587 * to cancel such pending radio works and once the pending gas-query
588 * radio work eventually gets removed, the deinit notification call to
589 * gas_query_start_cb() would result in dereferencing freed memory.
592 radio_remove_works(wpa_s
, "gas-query", 0);
593 gas_query_deinit(wpa_s
->gas
);
595 gas_server_deinit(wpa_s
->gas_server
);
596 wpa_s
->gas_server
= NULL
;
598 free_hw_features(wpa_s
);
600 ieee802_1x_dealloc_kay_sm(wpa_s
);
602 os_free(wpa_s
->bssid_filter
);
603 wpa_s
->bssid_filter
= NULL
;
605 os_free(wpa_s
->disallow_aps_bssid
);
606 wpa_s
->disallow_aps_bssid
= NULL
;
607 os_free(wpa_s
->disallow_aps_ssid
);
608 wpa_s
->disallow_aps_ssid
= NULL
;
610 wnm_bss_keep_alive_deinit(wpa_s
);
612 wnm_deallocate_memory(wpa_s
);
613 #endif /* CONFIG_WNM */
615 ext_password_deinit(wpa_s
->ext_pw
);
616 wpa_s
->ext_pw
= NULL
;
618 wpabuf_free(wpa_s
->last_gas_resp
);
619 wpa_s
->last_gas_resp
= NULL
;
620 wpabuf_free(wpa_s
->prev_gas_resp
);
621 wpa_s
->prev_gas_resp
= NULL
;
623 os_free(wpa_s
->last_scan_res
);
624 wpa_s
->last_scan_res
= NULL
;
628 wpa_drv_configure_frame_filters(wpa_s
, 0);
630 #endif /* CONFIG_HS20 */
632 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
633 wpabuf_free(wpa_s
->vendor_elem
[i
]);
634 wpa_s
->vendor_elem
[i
] = NULL
;
637 wmm_ac_notify_disassoc(wpa_s
);
639 wpa_s
->sched_scan_plans_num
= 0;
640 os_free(wpa_s
->sched_scan_plans
);
641 wpa_s
->sched_scan_plans
= NULL
;
644 wpa_s
->non_pref_chan_num
= 0;
645 os_free(wpa_s
->non_pref_chan
);
646 wpa_s
->non_pref_chan
= NULL
;
647 #endif /* CONFIG_MBO */
649 free_bss_tmp_disallowed(wpa_s
);
651 wpabuf_free(wpa_s
->lci
);
653 wpas_clear_beacon_rep_data(wpa_s
);
655 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
658 struct external_pmksa_cache
*entry
;
660 while ((entry
= dl_list_last(&wpa_s
->mesh_external_pmksa_cache
,
661 struct external_pmksa_cache
,
663 dl_list_del(&entry
->list
);
664 os_free(entry
->pmksa_cache
);
668 #endif /* CONFIG_MESH */
669 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
671 wpas_flush_fils_hlp_req(wpa_s
);
673 wpabuf_free(wpa_s
->ric_ies
);
674 wpa_s
->ric_ies
= NULL
;
677 wpas_dpp_deinit(wpa_s
);
678 dpp_global_deinit(wpa_s
->dpp
);
680 #endif /* CONFIG_DPP */
685 * wpa_clear_keys - Clear keys configured for the driver
686 * @wpa_s: Pointer to wpa_supplicant data
687 * @addr: Previously used BSSID or %NULL if not available
689 * This function clears the encryption keys that has been previously configured
692 void wpa_clear_keys(struct wpa_supplicant
*wpa_s
, const u8
*addr
)
696 /* MLME-DELETEKEYS.request */
697 for (i
= 0; i
< max
; i
++) {
698 if (wpa_s
->keys_cleared
& BIT(i
))
700 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, NULL
, i
, 0, NULL
, 0,
703 if (!(wpa_s
->keys_cleared
& BIT(0)) && addr
&&
704 !is_zero_ether_addr(addr
)) {
705 wpa_drv_set_key(wpa_s
, WPA_ALG_NONE
, addr
, 0, 0, NULL
, 0, NULL
,
707 /* MLME-SETPROTECTION.request(None) */
708 wpa_drv_mlme_setprotection(
710 MLME_SETPROTECTION_PROTECT_TYPE_NONE
,
711 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE
);
713 wpa_s
->keys_cleared
= (u32
) -1;
718 * wpa_supplicant_state_txt - Get the connection state name as a text string
719 * @state: State (wpa_state; WPA_*)
720 * Returns: The state name as a printable text string
722 const char * wpa_supplicant_state_txt(enum wpa_states state
)
725 case WPA_DISCONNECTED
:
726 return "DISCONNECTED";
729 case WPA_INTERFACE_DISABLED
:
730 return "INTERFACE_DISABLED";
733 case WPA_AUTHENTICATING
:
734 return "AUTHENTICATING";
735 case WPA_ASSOCIATING
:
736 return "ASSOCIATING";
739 case WPA_4WAY_HANDSHAKE
:
740 return "4WAY_HANDSHAKE";
741 case WPA_GROUP_HANDSHAKE
:
742 return "GROUP_HANDSHAKE";
753 static void wpa_supplicant_start_bgscan(struct wpa_supplicant
*wpa_s
)
757 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->bgscan
)
758 name
= wpa_s
->current_ssid
->bgscan
;
760 name
= wpa_s
->conf
->bgscan
;
761 if (name
== NULL
|| name
[0] == '\0')
763 if (wpas_driver_bss_selection(wpa_s
))
765 if (wpa_s
->current_ssid
== wpa_s
->bgscan_ssid
)
768 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
)
770 #endif /* CONFIG_P2P */
772 bgscan_deinit(wpa_s
);
773 if (wpa_s
->current_ssid
) {
774 if (bgscan_init(wpa_s
, wpa_s
->current_ssid
, name
)) {
775 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
778 * Live without bgscan; it is only used as a roaming
779 * optimization, so the initial connection is not
783 struct wpa_scan_results
*scan_res
;
784 wpa_s
->bgscan_ssid
= wpa_s
->current_ssid
;
785 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
,
788 bgscan_notify_scan(wpa_s
, scan_res
);
789 wpa_scan_results_free(scan_res
);
793 wpa_s
->bgscan_ssid
= NULL
;
797 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant
*wpa_s
)
799 if (wpa_s
->bgscan_ssid
!= NULL
) {
800 bgscan_deinit(wpa_s
);
801 wpa_s
->bgscan_ssid
= NULL
;
805 #endif /* CONFIG_BGSCAN */
808 static void wpa_supplicant_start_autoscan(struct wpa_supplicant
*wpa_s
)
810 if (autoscan_init(wpa_s
, 0))
811 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize autoscan");
815 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant
*wpa_s
)
817 autoscan_deinit(wpa_s
);
821 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant
*wpa_s
)
823 if (wpa_s
->wpa_state
== WPA_DISCONNECTED
||
824 wpa_s
->wpa_state
== WPA_SCANNING
) {
825 autoscan_deinit(wpa_s
);
826 wpa_supplicant_start_autoscan(wpa_s
);
832 * wpa_supplicant_set_state - Set current connection state
833 * @wpa_s: Pointer to wpa_supplicant data
834 * @state: The new connection state
836 * This function is called whenever the connection state changes, e.g.,
837 * association is completed for WPA/WPA2 4-Way Handshake is started.
839 void wpa_supplicant_set_state(struct wpa_supplicant
*wpa_s
,
840 enum wpa_states state
)
842 enum wpa_states old_state
= wpa_s
->wpa_state
;
843 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
844 Boolean update_fils_connect_params
= FALSE
;
845 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
847 wpa_dbg(wpa_s
, MSG_DEBUG
, "State: %s -> %s",
848 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
849 wpa_supplicant_state_txt(state
));
851 if (state
== WPA_COMPLETED
&&
852 os_reltime_initialized(&wpa_s
->roam_start
)) {
853 os_reltime_age(&wpa_s
->roam_start
, &wpa_s
->roam_time
);
854 wpa_s
->roam_start
.sec
= 0;
855 wpa_s
->roam_start
.usec
= 0;
856 wpas_notify_auth_changed(wpa_s
);
857 wpas_notify_roam_time(wpa_s
);
858 wpas_notify_roam_complete(wpa_s
);
859 } else if (state
== WPA_DISCONNECTED
&&
860 os_reltime_initialized(&wpa_s
->roam_start
)) {
861 wpa_s
->roam_start
.sec
= 0;
862 wpa_s
->roam_start
.usec
= 0;
863 wpa_s
->roam_time
.sec
= 0;
864 wpa_s
->roam_time
.usec
= 0;
865 wpas_notify_roam_complete(wpa_s
);
868 if (state
== WPA_INTERFACE_DISABLED
) {
869 /* Assure normal scan when interface is restored */
870 wpa_s
->normal_scans
= 0;
873 if (state
== WPA_COMPLETED
) {
874 wpas_connect_work_done(wpa_s
);
875 /* Reinitialize normal_scan counter */
876 wpa_s
->normal_scans
= 0;
881 * P2PS client has to reply to Probe Request frames received on the
882 * group operating channel. Enable Probe Request frame reporting for
883 * P2P connected client in case p2p_cli_probe configuration property is
886 if (wpa_s
->conf
->p2p_cli_probe
&& wpa_s
->current_ssid
&&
887 wpa_s
->current_ssid
->mode
== WPAS_MODE_INFRA
&&
888 wpa_s
->current_ssid
->p2p_group
) {
889 if (state
== WPA_COMPLETED
&& !wpa_s
->p2p_cli_probe
) {
890 wpa_dbg(wpa_s
, MSG_DEBUG
,
891 "P2P: Enable CLI Probe Request RX reporting");
892 wpa_s
->p2p_cli_probe
=
893 wpa_drv_probe_req_report(wpa_s
, 1) >= 0;
894 } else if (state
!= WPA_COMPLETED
&& wpa_s
->p2p_cli_probe
) {
895 wpa_dbg(wpa_s
, MSG_DEBUG
,
896 "P2P: Disable CLI Probe Request RX reporting");
897 wpa_s
->p2p_cli_probe
= 0;
898 wpa_drv_probe_req_report(wpa_s
, 0);
901 #endif /* CONFIG_P2P */
903 if (state
!= WPA_SCANNING
)
904 wpa_supplicant_notify_scanning(wpa_s
, 0);
906 if (state
== WPA_COMPLETED
&& wpa_s
->new_connection
) {
907 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
908 int fils_hlp_sent
= 0;
911 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
912 wpa_auth_alg_fils(wpa_s
->sme
.auth_alg
))
914 #endif /* CONFIG_SME */
915 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
916 wpa_auth_alg_fils(wpa_s
->auth_alg
))
919 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
920 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_CONNECTED
"- Connection to "
921 MACSTR
" completed [id=%d id_str=%s%s]",
922 MAC2STR(wpa_s
->bssid
),
923 ssid
? ssid
->id
: -1,
924 ssid
&& ssid
->id_str
? ssid
->id_str
: "",
925 fils_hlp_sent
? " FILS_HLP_SENT" : "");
926 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
927 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
928 wpa_blacklist_clear(wpa_s
);
929 wpa_s
->extra_blacklist_count
= 0;
930 wpa_s
->new_connection
= 0;
931 wpa_drv_set_operstate(wpa_s
, 1);
932 #ifndef IEEE8021X_EAPOL
933 wpa_drv_set_supp_port(wpa_s
, 1);
934 #endif /* IEEE8021X_EAPOL */
935 wpa_s
->after_wps
= 0;
936 wpa_s
->known_wps_freq
= 0;
937 wpas_p2p_completed(wpa_s
);
939 sme_sched_obss_scan(wpa_s
, 1);
941 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
942 if (!fils_hlp_sent
&& ssid
&& ssid
->eap
.erp
)
943 update_fils_connect_params
= TRUE
;
944 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
946 if (ssid
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
))
947 wpas_update_owe_connect_params(wpa_s
);
948 #endif /* CONFIG_OWE */
949 } else if (state
== WPA_DISCONNECTED
|| state
== WPA_ASSOCIATING
||
950 state
== WPA_ASSOCIATED
) {
951 wpa_s
->new_connection
= 1;
952 wpa_drv_set_operstate(wpa_s
, 0);
953 #ifndef IEEE8021X_EAPOL
954 wpa_drv_set_supp_port(wpa_s
, 0);
955 #endif /* IEEE8021X_EAPOL */
956 sme_sched_obss_scan(wpa_s
, 0);
958 wpa_s
->wpa_state
= state
;
961 if (state
== WPA_COMPLETED
)
962 wpa_supplicant_start_bgscan(wpa_s
);
963 else if (state
< WPA_ASSOCIATED
)
964 wpa_supplicant_stop_bgscan(wpa_s
);
965 #endif /* CONFIG_BGSCAN */
967 if (state
> WPA_SCANNING
)
968 wpa_supplicant_stop_autoscan(wpa_s
);
970 if (state
== WPA_DISCONNECTED
|| state
== WPA_INACTIVE
)
971 wpa_supplicant_start_autoscan(wpa_s
);
973 if (old_state
>= WPA_ASSOCIATED
&& wpa_s
->wpa_state
< WPA_ASSOCIATED
)
974 wmm_ac_notify_disassoc(wpa_s
);
976 if (wpa_s
->wpa_state
!= old_state
) {
977 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
980 * Notify the P2P Device interface about a state change in one
983 wpas_p2p_indicate_state_change(wpa_s
);
985 if (wpa_s
->wpa_state
== WPA_COMPLETED
||
986 old_state
== WPA_COMPLETED
)
987 wpas_notify_auth_changed(wpa_s
);
989 if (wpa_s
->wpa_state
== WPA_COMPLETED
)
990 wpas_dpp_connected(wpa_s
);
991 #endif /* CONFIG_DPP2 */
993 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
994 if (update_fils_connect_params
)
995 wpas_update_fils_connect_params(wpa_s
);
996 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1000 void wpa_supplicant_terminate_proc(struct wpa_global
*global
)
1004 struct wpa_supplicant
*wpa_s
= global
->ifaces
;
1006 struct wpa_supplicant
*next
= wpa_s
->next
;
1007 if (wpas_wps_terminate_pending(wpa_s
) == 1)
1010 if (wpa_s
->p2p_group_interface
!= NOT_P2P_GROUP_INTERFACE
||
1011 (wpa_s
->current_ssid
&& wpa_s
->current_ssid
->p2p_group
))
1012 wpas_p2p_disconnect(wpa_s
);
1013 #endif /* CONFIG_P2P */
1016 #endif /* CONFIG_WPS */
1023 static void wpa_supplicant_terminate(int sig
, void *signal_ctx
)
1025 struct wpa_global
*global
= signal_ctx
;
1026 wpa_supplicant_terminate_proc(global
);
1030 void wpa_supplicant_clear_status(struct wpa_supplicant
*wpa_s
)
1032 enum wpa_states old_state
= wpa_s
->wpa_state
;
1034 wpa_s
->pairwise_cipher
= 0;
1035 wpa_s
->group_cipher
= 0;
1036 wpa_s
->mgmt_group_cipher
= 0;
1037 wpa_s
->key_mgmt
= 0;
1038 if (wpa_s
->wpa_state
!= WPA_INTERFACE_DISABLED
)
1039 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
1041 if (wpa_s
->wpa_state
!= old_state
)
1042 wpas_notify_state_changed(wpa_s
, wpa_s
->wpa_state
, old_state
);
1047 * wpa_supplicant_reload_configuration - Reload configuration data
1048 * @wpa_s: Pointer to wpa_supplicant data
1049 * Returns: 0 on success or -1 if configuration parsing failed
1051 * This function can be used to request that the configuration data is reloaded
1052 * (e.g., after configuration file change). This function is reloading
1053 * configuration only for one interface, so this may need to be called multiple
1054 * times if %wpa_supplicant is controlling multiple interfaces and all
1055 * interfaces need reconfiguration.
1057 int wpa_supplicant_reload_configuration(struct wpa_supplicant
*wpa_s
)
1059 struct wpa_config
*conf
;
1063 if (wpa_s
->confname
== NULL
)
1065 conf
= wpa_config_read(wpa_s
->confname
, NULL
);
1067 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to parse the configuration "
1068 "file '%s' - exiting", wpa_s
->confname
);
1071 if (wpa_s
->confanother
&&
1072 !wpa_config_read(wpa_s
->confanother
, conf
)) {
1073 wpa_msg(wpa_s
, MSG_ERROR
,
1074 "Failed to parse the configuration file '%s' - exiting",
1075 wpa_s
->confanother
);
1079 conf
->changed_parameters
= (unsigned int) -1;
1081 reconf_ctrl
= !!conf
->ctrl_interface
!= !!wpa_s
->conf
->ctrl_interface
1082 || (conf
->ctrl_interface
&& wpa_s
->conf
->ctrl_interface
&&
1083 os_strcmp(conf
->ctrl_interface
,
1084 wpa_s
->conf
->ctrl_interface
) != 0);
1086 if (reconf_ctrl
&& wpa_s
->ctrl_iface
) {
1087 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
1088 wpa_s
->ctrl_iface
= NULL
;
1091 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
1092 if (wpa_s
->current_ssid
) {
1093 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
1094 wpa_s
->own_disconnect_req
= 1;
1095 wpa_supplicant_deauthenticate(wpa_s
,
1096 WLAN_REASON_DEAUTH_LEAVING
);
1100 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1101 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1103 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
1104 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
1105 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1107 * Clear forced success to clear EAP state for next
1110 eapol_sm_notify_eap_success(wpa_s
->eapol
, FALSE
);
1112 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
1113 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
1114 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, NULL
);
1115 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
1116 rsn_preauth_deinit(wpa_s
->wpa
);
1118 old_ap_scan
= wpa_s
->conf
->ap_scan
;
1119 wpa_config_free(wpa_s
->conf
);
1121 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
1122 wpas_notify_ap_scan_changed(wpa_s
);
1125 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
1127 wpa_supplicant_update_config(wpa_s
);
1129 wpa_supplicant_clear_status(wpa_s
);
1130 if (wpa_supplicant_enabled_networks(wpa_s
)) {
1131 wpa_s
->reassociate
= 1;
1132 wpa_supplicant_req_scan(wpa_s
, 0, 0);
1134 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reconfiguration completed");
1139 static void wpa_supplicant_reconfig(int sig
, void *signal_ctx
)
1141 struct wpa_global
*global
= signal_ctx
;
1142 struct wpa_supplicant
*wpa_s
;
1143 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
1144 wpa_dbg(wpa_s
, MSG_DEBUG
, "Signal %d received - reconfiguring",
1146 if (wpa_supplicant_reload_configuration(wpa_s
) < 0) {
1147 wpa_supplicant_terminate_proc(global
);
1151 if (wpa_debug_reopen_file() < 0) {
1152 /* Ignore errors since we cannot really do much to fix this */
1153 wpa_printf(MSG_DEBUG
, "Could not reopen debug log file");
1158 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant
*wpa_s
,
1159 struct wpa_ssid
*ssid
,
1160 struct wpa_ie_data
*ie
)
1162 int ret
= wpa_sm_parse_own_wpa_ie(wpa_s
->wpa
, ie
);
1165 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Failed to parse WPA IE "
1166 "from association info");
1171 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Using WPA IE from AssocReq to set "
1173 if (!(ie
->group_cipher
& ssid
->group_cipher
)) {
1174 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled group "
1175 "cipher 0x%x (mask 0x%x) - reject",
1176 ie
->group_cipher
, ssid
->group_cipher
);
1179 if (!(ie
->pairwise_cipher
& ssid
->pairwise_cipher
)) {
1180 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled pairwise "
1181 "cipher 0x%x (mask 0x%x) - reject",
1182 ie
->pairwise_cipher
, ssid
->pairwise_cipher
);
1185 if (!(ie
->key_mgmt
& ssid
->key_mgmt
)) {
1186 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver used disabled key "
1187 "management 0x%x (mask 0x%x) - reject",
1188 ie
->key_mgmt
, ssid
->key_mgmt
);
1192 if (!(ie
->capabilities
& WPA_CAPABILITY_MFPC
) &&
1193 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1194 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Driver associated with an AP "
1195 "that does not support management frame protection - "
1204 static int matching_ciphers(struct wpa_ssid
*ssid
, struct wpa_ie_data
*ie
,
1208 ie
->group_cipher
= wpa_default_rsn_cipher(freq
);
1209 if (!ie
->has_pairwise
)
1210 ie
->pairwise_cipher
= wpa_default_rsn_cipher(freq
);
1211 return (ie
->group_cipher
& ssid
->group_cipher
) &&
1212 (ie
->pairwise_cipher
& ssid
->pairwise_cipher
);
1217 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1218 * @wpa_s: Pointer to wpa_supplicant data
1219 * @bss: Scan results for the selected BSS, or %NULL if not available
1220 * @ssid: Configuration data for the selected network
1221 * @wpa_ie: Buffer for the WPA/RSN IE
1222 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1223 * used buffer length in case the functions returns success.
1224 * Returns: 0 on success or -1 on failure
1226 * This function is used to configure authentication and encryption parameters
1227 * based on the network configuration and scan result for the selected BSS (if
1230 int wpa_supplicant_set_suites(struct wpa_supplicant
*wpa_s
,
1231 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
1232 u8
*wpa_ie
, size_t *wpa_ie_len
)
1234 struct wpa_ie_data ie
;
1236 const u8
*bss_wpa
, *bss_rsn
, *bss_osen
;
1239 bss_wpa
= wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
);
1240 bss_rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
1241 bss_osen
= wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
);
1243 bss_wpa
= bss_rsn
= bss_osen
= NULL
;
1245 if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_RSN
) &&
1246 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1247 matching_ciphers(ssid
, &ie
, bss
->freq
) &&
1248 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1249 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using IEEE 802.11i/D9.0");
1250 proto
= WPA_PROTO_RSN
;
1251 } else if (bss_wpa
&& (ssid
->proto
& WPA_PROTO_WPA
) &&
1252 wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
) == 0 &&
1253 (ie
.group_cipher
& ssid
->group_cipher
) &&
1254 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1255 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1256 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using IEEE 802.11i/D3.0");
1257 proto
= WPA_PROTO_WPA
;
1259 } else if (bss_osen
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1260 wpa_parse_wpa_ie(bss_osen
, 2 + bss_osen
[1], &ie
) == 0 &&
1261 (ie
.group_cipher
& ssid
->group_cipher
) &&
1262 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1263 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1264 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using OSEN");
1265 proto
= WPA_PROTO_OSEN
;
1266 } else if (bss_rsn
&& (ssid
->proto
& WPA_PROTO_OSEN
) &&
1267 wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
) == 0 &&
1268 (ie
.group_cipher
& ssid
->group_cipher
) &&
1269 (ie
.pairwise_cipher
& ssid
->pairwise_cipher
) &&
1270 (ie
.key_mgmt
& ssid
->key_mgmt
)) {
1271 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using OSEN (within RSN)");
1272 proto
= WPA_PROTO_RSN
;
1273 #endif /* CONFIG_HS20 */
1275 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select WPA/RSN");
1276 wpa_dbg(wpa_s
, MSG_DEBUG
,
1277 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1278 ssid
->proto
, ssid
->pairwise_cipher
, ssid
->group_cipher
,
1280 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: BSS " MACSTR
" ssid='%s'%s%s%s",
1281 MAC2STR(bss
->bssid
),
1282 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
),
1283 bss_wpa
? " WPA" : "",
1284 bss_rsn
? " RSN" : "",
1285 bss_osen
? " OSEN" : "");
1287 wpa_hexdump(MSG_DEBUG
, "RSN", bss_rsn
, 2 + bss_rsn
[1]);
1288 if (wpa_parse_wpa_ie(bss_rsn
, 2 + bss_rsn
[1], &ie
)) {
1289 wpa_dbg(wpa_s
, MSG_DEBUG
,
1290 "Could not parse RSN element");
1292 wpa_dbg(wpa_s
, MSG_DEBUG
,
1293 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1294 ie
.pairwise_cipher
, ie
.group_cipher
,
1299 wpa_hexdump(MSG_DEBUG
, "WPA", bss_wpa
, 2 + bss_wpa
[1]);
1300 if (wpa_parse_wpa_ie(bss_wpa
, 2 + bss_wpa
[1], &ie
)) {
1301 wpa_dbg(wpa_s
, MSG_DEBUG
,
1302 "Could not parse WPA element");
1304 wpa_dbg(wpa_s
, MSG_DEBUG
,
1305 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1306 ie
.pairwise_cipher
, ie
.group_cipher
,
1312 if (ssid
->proto
& WPA_PROTO_OSEN
)
1313 proto
= WPA_PROTO_OSEN
;
1314 else if (ssid
->proto
& WPA_PROTO_RSN
)
1315 proto
= WPA_PROTO_RSN
;
1317 proto
= WPA_PROTO_WPA
;
1318 if (wpa_supplicant_suites_from_ai(wpa_s
, ssid
, &ie
) < 0) {
1319 os_memset(&ie
, 0, sizeof(ie
));
1320 ie
.group_cipher
= ssid
->group_cipher
;
1321 ie
.pairwise_cipher
= ssid
->pairwise_cipher
;
1322 ie
.key_mgmt
= ssid
->key_mgmt
;
1323 ie
.mgmt_group_cipher
= 0;
1324 if (ssid
->ieee80211w
!= NO_MGMT_FRAME_PROTECTION
) {
1325 if (ssid
->group_mgmt_cipher
&
1326 WPA_CIPHER_BIP_GMAC_256
)
1327 ie
.mgmt_group_cipher
=
1328 WPA_CIPHER_BIP_GMAC_256
;
1329 else if (ssid
->group_mgmt_cipher
&
1330 WPA_CIPHER_BIP_CMAC_256
)
1331 ie
.mgmt_group_cipher
=
1332 WPA_CIPHER_BIP_CMAC_256
;
1333 else if (ssid
->group_mgmt_cipher
&
1334 WPA_CIPHER_BIP_GMAC_128
)
1335 ie
.mgmt_group_cipher
=
1336 WPA_CIPHER_BIP_GMAC_128
;
1338 ie
.mgmt_group_cipher
=
1339 WPA_CIPHER_AES_128_CMAC
;
1342 if ((ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1344 !bss_wpa
&& !bss_rsn
&& !bss_osen
) {
1345 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
1346 wpa_s
->wpa_proto
= 0;
1350 #endif /* CONFIG_OWE */
1351 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Set cipher suites "
1352 "based on configuration");
1357 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected cipher suites: group %d "
1358 "pairwise %d key_mgmt %d proto %d",
1359 ie
.group_cipher
, ie
.pairwise_cipher
, ie
.key_mgmt
, proto
);
1360 if (ssid
->ieee80211w
) {
1361 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected mgmt group cipher %d",
1362 ie
.mgmt_group_cipher
);
1365 wpa_s
->wpa_proto
= proto
;
1366 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PROTO
, proto
);
1367 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_RSN_ENABLED
,
1368 !!(ssid
->proto
& (WPA_PROTO_RSN
| WPA_PROTO_OSEN
)));
1370 if (bss
|| !wpa_s
->ap_ies_from_associnfo
) {
1371 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, bss_wpa
,
1372 bss_wpa
? 2 + bss_wpa
[1] : 0) ||
1373 wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, bss_rsn
,
1374 bss_rsn
? 2 + bss_rsn
[1] : 0))
1378 #ifdef CONFIG_NO_WPA
1379 wpa_s
->group_cipher
= WPA_CIPHER_NONE
;
1380 wpa_s
->pairwise_cipher
= WPA_CIPHER_NONE
;
1381 #else /* CONFIG_NO_WPA */
1382 sel
= ie
.group_cipher
& ssid
->group_cipher
;
1383 wpa_dbg(wpa_s
, MSG_DEBUG
,
1384 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1385 ie
.group_cipher
, ssid
->group_cipher
, sel
);
1386 wpa_s
->group_cipher
= wpa_pick_group_cipher(sel
);
1387 if (wpa_s
->group_cipher
< 0) {
1388 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select group "
1392 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using GTK %s",
1393 wpa_cipher_txt(wpa_s
->group_cipher
));
1395 sel
= ie
.pairwise_cipher
& ssid
->pairwise_cipher
;
1396 wpa_dbg(wpa_s
, MSG_DEBUG
,
1397 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1398 ie
.pairwise_cipher
, ssid
->pairwise_cipher
, sel
);
1399 wpa_s
->pairwise_cipher
= wpa_pick_pairwise_cipher(sel
, 1);
1400 if (wpa_s
->pairwise_cipher
< 0) {
1401 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select pairwise "
1405 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using PTK %s",
1406 wpa_cipher_txt(wpa_s
->pairwise_cipher
));
1407 #endif /* CONFIG_NO_WPA */
1409 sel
= ie
.key_mgmt
& ssid
->key_mgmt
;
1410 wpa_dbg(wpa_s
, MSG_DEBUG
,
1411 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1412 ie
.key_mgmt
, ssid
->key_mgmt
, sel
);
1414 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SAE
))
1415 sel
&= ~(WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
);
1416 #endif /* CONFIG_SAE */
1418 #ifdef CONFIG_IEEE80211R
1419 #ifdef CONFIG_SHA384
1420 } else if ((sel
& WPA_KEY_MGMT_FT_IEEE8021X_SHA384
) &&
1421 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s
), "LEAP") != 0) {
1422 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X_SHA384
;
1423 wpa_dbg(wpa_s
, MSG_DEBUG
,
1424 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1425 if (!ssid
->ft_eap_pmksa_caching
&&
1426 pmksa_cache_get_current(wpa_s
->wpa
)) {
1427 /* PMKSA caching with FT may have interoperability
1428 * issues, so disable that case by default for now. */
1429 wpa_dbg(wpa_s
, MSG_DEBUG
,
1430 "WPA: Disable PMKSA caching for FT/802.1X connection");
1431 pmksa_cache_clear_current(wpa_s
->wpa
);
1433 #endif /* CONFIG_SHA384 */
1434 #endif /* CONFIG_IEEE80211R */
1435 #ifdef CONFIG_SUITEB192
1436 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
) {
1437 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
;
1438 wpa_dbg(wpa_s
, MSG_DEBUG
,
1439 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1440 #endif /* CONFIG_SUITEB192 */
1441 #ifdef CONFIG_SUITEB
1442 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SUITE_B
) {
1443 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SUITE_B
;
1444 wpa_dbg(wpa_s
, MSG_DEBUG
,
1445 "WPA: using KEY_MGMT 802.1X with Suite B");
1446 #endif /* CONFIG_SUITEB */
1448 #ifdef CONFIG_IEEE80211R
1449 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA384
) {
1450 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA384
;
1451 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA384");
1452 } else if (sel
& WPA_KEY_MGMT_FT_FILS_SHA256
) {
1453 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_FILS_SHA256
;
1454 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT-FILS-SHA256");
1455 #endif /* CONFIG_IEEE80211R */
1456 } else if (sel
& WPA_KEY_MGMT_FILS_SHA384
) {
1457 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA384
;
1458 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA384");
1459 } else if (sel
& WPA_KEY_MGMT_FILS_SHA256
) {
1460 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FILS_SHA256
;
1461 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FILS-SHA256");
1462 #endif /* CONFIG_FILS */
1463 #ifdef CONFIG_IEEE80211R
1464 } else if ((sel
& WPA_KEY_MGMT_FT_IEEE8021X
) &&
1465 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s
), "LEAP") != 0) {
1466 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_IEEE8021X
;
1467 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/802.1X");
1468 if (!ssid
->ft_eap_pmksa_caching
&&
1469 pmksa_cache_get_current(wpa_s
->wpa
)) {
1470 /* PMKSA caching with FT may have interoperability
1471 * issues, so disable that case by default for now. */
1472 wpa_dbg(wpa_s
, MSG_DEBUG
,
1473 "WPA: Disable PMKSA caching for FT/802.1X connection");
1474 pmksa_cache_clear_current(wpa_s
->wpa
);
1476 #endif /* CONFIG_IEEE80211R */
1478 } else if (sel
& WPA_KEY_MGMT_DPP
) {
1479 wpa_s
->key_mgmt
= WPA_KEY_MGMT_DPP
;
1480 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT DPP");
1481 #endif /* CONFIG_DPP */
1483 } else if (sel
& WPA_KEY_MGMT_FT_SAE
) {
1484 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_SAE
;
1485 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT FT/SAE");
1486 } else if (sel
& WPA_KEY_MGMT_SAE
) {
1487 wpa_s
->key_mgmt
= WPA_KEY_MGMT_SAE
;
1488 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT SAE");
1489 #endif /* CONFIG_SAE */
1490 #ifdef CONFIG_IEEE80211R
1491 } else if (sel
& WPA_KEY_MGMT_FT_PSK
) {
1492 wpa_s
->key_mgmt
= WPA_KEY_MGMT_FT_PSK
;
1493 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT FT/PSK");
1494 #endif /* CONFIG_IEEE80211R */
1495 } else if (sel
& WPA_KEY_MGMT_IEEE8021X_SHA256
) {
1496 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X_SHA256
;
1497 wpa_dbg(wpa_s
, MSG_DEBUG
,
1498 "WPA: using KEY_MGMT 802.1X with SHA256");
1499 } else if (sel
& WPA_KEY_MGMT_PSK_SHA256
) {
1500 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK_SHA256
;
1501 wpa_dbg(wpa_s
, MSG_DEBUG
,
1502 "WPA: using KEY_MGMT PSK with SHA256");
1503 } else if (sel
& WPA_KEY_MGMT_IEEE8021X
) {
1504 wpa_s
->key_mgmt
= WPA_KEY_MGMT_IEEE8021X
;
1505 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT 802.1X");
1506 } else if (sel
& WPA_KEY_MGMT_PSK
) {
1507 wpa_s
->key_mgmt
= WPA_KEY_MGMT_PSK
;
1508 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-PSK");
1509 } else if (sel
& WPA_KEY_MGMT_WPA_NONE
) {
1510 wpa_s
->key_mgmt
= WPA_KEY_MGMT_WPA_NONE
;
1511 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using KEY_MGMT WPA-NONE");
1513 } else if (sel
& WPA_KEY_MGMT_OSEN
) {
1514 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OSEN
;
1515 wpa_dbg(wpa_s
, MSG_DEBUG
, "HS 2.0: using KEY_MGMT OSEN");
1516 #endif /* CONFIG_HS20 */
1518 } else if (sel
& WPA_KEY_MGMT_OWE
) {
1519 wpa_s
->key_mgmt
= WPA_KEY_MGMT_OWE
;
1520 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: using KEY_MGMT OWE");
1521 #endif /* CONFIG_OWE */
1523 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to select "
1524 "authenticated key management type");
1528 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_KEY_MGMT
, wpa_s
->key_mgmt
);
1529 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_PAIRWISE
,
1530 wpa_s
->pairwise_cipher
);
1531 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_GROUP
, wpa_s
->group_cipher
);
1533 if (!(ie
.capabilities
& WPA_CAPABILITY_MFPC
) &&
1534 wpas_get_ssid_pmf(wpa_s
, ssid
) == MGMT_FRAME_PROTECTION_REQUIRED
) {
1535 wpa_msg(wpa_s
, MSG_INFO
,
1536 "RSN: Management frame protection required but the selected AP does not enable it");
1540 sel
= ie
.mgmt_group_cipher
;
1541 if (ssid
->group_mgmt_cipher
)
1542 sel
&= ssid
->group_mgmt_cipher
;
1543 if (wpas_get_ssid_pmf(wpa_s
, ssid
) == NO_MGMT_FRAME_PROTECTION
||
1544 !(ie
.capabilities
& WPA_CAPABILITY_MFPC
))
1546 wpa_dbg(wpa_s
, MSG_DEBUG
,
1547 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1548 ie
.mgmt_group_cipher
, ssid
->group_mgmt_cipher
, sel
);
1549 if (sel
& WPA_CIPHER_AES_128_CMAC
) {
1550 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_AES_128_CMAC
;
1551 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1553 } else if (sel
& WPA_CIPHER_BIP_GMAC_128
) {
1554 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_128
;
1555 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1557 } else if (sel
& WPA_CIPHER_BIP_GMAC_256
) {
1558 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_GMAC_256
;
1559 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1561 } else if (sel
& WPA_CIPHER_BIP_CMAC_256
) {
1562 wpa_s
->mgmt_group_cipher
= WPA_CIPHER_BIP_CMAC_256
;
1563 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: using MGMT group cipher "
1566 wpa_s
->mgmt_group_cipher
= 0;
1567 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: not using MGMT group cipher");
1569 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MGMT_GROUP
,
1570 wpa_s
->mgmt_group_cipher
);
1571 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_MFP
,
1572 wpas_get_ssid_pmf(wpa_s
, ssid
));
1574 wpa_sm_set_param(wpa_s
->wpa
, WPA_PARAM_OCV
, ssid
->ocv
);
1575 #endif /* CONFIG_OCV */
1577 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s
->wpa
, wpa_ie
, wpa_ie_len
)) {
1578 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to generate WPA IE");
1584 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
) {
1585 /* Use PMK from DPP network introduction (PMKSA entry) */
1586 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1587 #endif /* CONFIG_DPP */
1588 } else if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
)) {
1592 sae_only
= (ssid
->key_mgmt
& (WPA_KEY_MGMT_PSK
|
1593 WPA_KEY_MGMT_FT_PSK
|
1594 WPA_KEY_MGMT_PSK_SHA256
)) == 0;
1596 if (ssid
->psk_set
&& !sae_only
) {
1597 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (set in config)",
1598 ssid
->psk
, PMK_LEN
);
1599 wpa_sm_set_pmk(wpa_s
->wpa
, ssid
->psk
, PMK_LEN
, NULL
,
1604 if (wpa_key_mgmt_sae(ssid
->key_mgmt
) &&
1605 (ssid
->sae_password
|| ssid
->passphrase
))
1608 #ifndef CONFIG_NO_PBKDF2
1609 if (bss
&& ssid
->bssid_set
&& ssid
->ssid_len
== 0 &&
1610 ssid
->passphrase
&& !sae_only
) {
1612 pbkdf2_sha1(ssid
->passphrase
, bss
->ssid
, bss
->ssid_len
,
1613 4096, psk
, PMK_LEN
);
1614 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from passphrase)",
1616 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
, NULL
);
1618 os_memset(psk
, 0, sizeof(psk
));
1620 #endif /* CONFIG_NO_PBKDF2 */
1621 #ifdef CONFIG_EXT_PASSWORD
1622 if (ssid
->ext_psk
&& !sae_only
) {
1623 struct wpabuf
*pw
= ext_password_get(wpa_s
->ext_pw
,
1625 char pw_str
[64 + 1];
1629 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No PSK "
1630 "found from external storage");
1634 if (wpabuf_len(pw
) < 8 || wpabuf_len(pw
) > 64) {
1635 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: Unexpected "
1636 "PSK length %d in external storage",
1637 (int) wpabuf_len(pw
));
1638 ext_password_free(pw
);
1642 os_memcpy(pw_str
, wpabuf_head(pw
), wpabuf_len(pw
));
1643 pw_str
[wpabuf_len(pw
)] = '\0';
1645 #ifndef CONFIG_NO_PBKDF2
1646 if (wpabuf_len(pw
) >= 8 && wpabuf_len(pw
) < 64 && bss
)
1648 pbkdf2_sha1(pw_str
, bss
->ssid
, bss
->ssid_len
,
1649 4096, psk
, PMK_LEN
);
1650 os_memset(pw_str
, 0, sizeof(pw_str
));
1651 wpa_hexdump_key(MSG_MSGDUMP
, "PSK (from "
1652 "external passphrase)",
1654 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1657 os_memset(psk
, 0, sizeof(psk
));
1659 #endif /* CONFIG_NO_PBKDF2 */
1660 if (wpabuf_len(pw
) == 2 * PMK_LEN
) {
1661 if (hexstr2bin(pw_str
, psk
, PMK_LEN
) < 0) {
1662 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: "
1663 "Invalid PSK hex string");
1664 os_memset(pw_str
, 0, sizeof(pw_str
));
1665 ext_password_free(pw
);
1668 wpa_hexdump_key(MSG_MSGDUMP
,
1669 "PSK (from external PSK)",
1671 wpa_sm_set_pmk(wpa_s
->wpa
, psk
, PMK_LEN
, NULL
,
1674 os_memset(psk
, 0, sizeof(psk
));
1676 wpa_msg(wpa_s
, MSG_INFO
, "EXT PW: No suitable "
1678 os_memset(pw_str
, 0, sizeof(pw_str
));
1679 ext_password_free(pw
);
1683 os_memset(pw_str
, 0, sizeof(pw_str
));
1684 ext_password_free(pw
);
1686 #endif /* CONFIG_EXT_PASSWORD */
1689 wpa_msg(wpa_s
, MSG_INFO
,
1690 "No PSK available for association");
1691 wpas_auth_failed(wpa_s
, "NO_PSK_AVAILABLE");
1695 } else if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
1696 /* OWE Diffie-Hellman exchange in (Re)Association
1697 * Request/Response frames set the PMK, so do not override it
1699 #endif /* CONFIG_OWE */
1701 wpa_sm_set_pmk_from_pmksa(wpa_s
->wpa
);
1707 static void wpas_ext_capab_byte(struct wpa_supplicant
*wpa_s
, u8
*pos
, int idx
)
1712 case 0: /* Bits 0-7 */
1714 case 1: /* Bits 8-15 */
1715 if (wpa_s
->conf
->coloc_intf_reporting
) {
1716 /* Bit 13 - Collocated Interference Reporting */
1720 case 2: /* Bits 16-23 */
1722 *pos
|= 0x02; /* Bit 17 - WNM-Sleep Mode */
1723 if (!wpa_s
->disable_mbo_oce
&& !wpa_s
->conf
->disable_btm
)
1724 *pos
|= 0x08; /* Bit 19 - BSS Transition */
1725 #endif /* CONFIG_WNM */
1727 case 3: /* Bits 24-31 */
1729 *pos
|= 0x02; /* Bit 25 - SSID List */
1730 #endif /* CONFIG_WNM */
1731 #ifdef CONFIG_INTERWORKING
1732 if (wpa_s
->conf
->interworking
)
1733 *pos
|= 0x80; /* Bit 31 - Interworking */
1734 #endif /* CONFIG_INTERWORKING */
1736 case 4: /* Bits 32-39 */
1737 #ifdef CONFIG_INTERWORKING
1738 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_QOS_MAPPING
)
1739 *pos
|= 0x01; /* Bit 32 - QoS Map */
1740 #endif /* CONFIG_INTERWORKING */
1742 case 5: /* Bits 40-47 */
1744 if (wpa_s
->conf
->hs20
)
1745 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1746 #endif /* CONFIG_HS20 */
1748 *pos
|= 0x40; /* Bit 46 - WNM-Notification */
1749 #endif /* CONFIG_MBO */
1751 case 6: /* Bits 48-55 */
1753 case 7: /* Bits 56-63 */
1755 case 8: /* Bits 64-71 */
1756 if (wpa_s
->conf
->ftm_responder
)
1757 *pos
|= 0x40; /* Bit 70 - FTM responder */
1758 if (wpa_s
->conf
->ftm_initiator
)
1759 *pos
|= 0x80; /* Bit 71 - FTM initiator */
1761 case 9: /* Bits 72-79 */
1763 if (!wpa_s
->disable_fils
)
1765 #endif /* CONFIG_FILS */
1771 int wpas_build_ext_capab(struct wpa_supplicant
*wpa_s
, u8
*buf
, size_t buflen
)
1776 if (len
< wpa_s
->extended_capa_len
)
1777 len
= wpa_s
->extended_capa_len
;
1778 if (buflen
< (size_t) len
+ 2) {
1779 wpa_printf(MSG_INFO
,
1780 "Not enough room for building extended capabilities element");
1784 *pos
++ = WLAN_EID_EXT_CAPAB
;
1786 for (i
= 0; i
< len
; i
++, pos
++) {
1787 wpas_ext_capab_byte(wpa_s
, pos
, i
);
1789 if (i
< wpa_s
->extended_capa_len
) {
1790 *pos
&= ~wpa_s
->extended_capa_mask
[i
];
1791 *pos
|= wpa_s
->extended_capa
[i
];
1795 while (len
> 0 && buf
[1 + len
] == 0) {
1806 static int wpas_valid_bss(struct wpa_supplicant
*wpa_s
,
1807 struct wpa_bss
*test_bss
)
1809 struct wpa_bss
*bss
;
1811 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
1812 if (bss
== test_bss
)
1820 static int wpas_valid_ssid(struct wpa_supplicant
*wpa_s
,
1821 struct wpa_ssid
*test_ssid
)
1823 struct wpa_ssid
*ssid
;
1825 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
1826 if (ssid
== test_ssid
)
1834 int wpas_valid_bss_ssid(struct wpa_supplicant
*wpa_s
, struct wpa_bss
*test_bss
,
1835 struct wpa_ssid
*test_ssid
)
1837 if (test_bss
&& !wpas_valid_bss(wpa_s
, test_bss
))
1840 return test_ssid
== NULL
|| wpas_valid_ssid(wpa_s
, test_ssid
);
1844 void wpas_connect_work_free(struct wpa_connect_work
*cwork
)
1852 void wpas_connect_work_done(struct wpa_supplicant
*wpa_s
)
1854 struct wpa_connect_work
*cwork
;
1855 struct wpa_radio_work
*work
= wpa_s
->connect_work
;
1860 wpa_s
->connect_work
= NULL
;
1863 wpas_connect_work_free(cwork
);
1864 radio_work_done(work
);
1868 int wpas_update_random_addr(struct wpa_supplicant
*wpa_s
, int style
)
1870 struct os_reltime now
;
1873 os_get_reltime(&now
);
1874 if (wpa_s
->last_mac_addr_style
== style
&&
1875 wpa_s
->last_mac_addr_change
.sec
!= 0 &&
1876 !os_reltime_expired(&now
, &wpa_s
->last_mac_addr_change
,
1877 wpa_s
->conf
->rand_addr_lifetime
)) {
1878 wpa_msg(wpa_s
, MSG_DEBUG
,
1879 "Previously selected random MAC address has not yet expired");
1885 if (random_mac_addr(addr
) < 0)
1889 os_memcpy(addr
, wpa_s
->perm_addr
, ETH_ALEN
);
1890 if (random_mac_addr_keep_oui(addr
) < 0)
1897 if (wpa_drv_set_mac_addr(wpa_s
, addr
) < 0) {
1898 wpa_msg(wpa_s
, MSG_INFO
,
1899 "Failed to set random MAC address");
1903 os_get_reltime(&wpa_s
->last_mac_addr_change
);
1904 wpa_s
->mac_addr_changed
= 1;
1905 wpa_s
->last_mac_addr_style
= style
;
1907 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1908 wpa_msg(wpa_s
, MSG_INFO
,
1909 "Could not update MAC address information");
1913 wpa_msg(wpa_s
, MSG_DEBUG
, "Using random MAC address " MACSTR
,
1920 int wpas_update_random_addr_disassoc(struct wpa_supplicant
*wpa_s
)
1922 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
||
1923 !wpa_s
->conf
->preassoc_mac_addr
)
1926 return wpas_update_random_addr(wpa_s
, wpa_s
->conf
->preassoc_mac_addr
);
1930 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
);
1933 * wpa_supplicant_associate - Request association
1934 * @wpa_s: Pointer to wpa_supplicant data
1935 * @bss: Scan results for the selected BSS, or %NULL if not available
1936 * @ssid: Configuration data for the selected network
1938 * This function is used to request %wpa_supplicant to associate with a BSS.
1940 void wpa_supplicant_associate(struct wpa_supplicant
*wpa_s
,
1941 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
)
1943 struct wpa_connect_work
*cwork
;
1946 wpa_s
->own_disconnect_req
= 0;
1949 * If we are starting a new connection, any previously pending EAPOL
1950 * RX cannot be valid anymore.
1952 wpabuf_free(wpa_s
->pending_eapol_rx
);
1953 wpa_s
->pending_eapol_rx
= NULL
;
1955 if (ssid
->mac_addr
== -1)
1956 rand_style
= wpa_s
->conf
->mac_addr
;
1958 rand_style
= ssid
->mac_addr
;
1960 wmm_ac_clear_saved_tspecs(wpa_s
);
1961 wpa_s
->reassoc_same_bss
= 0;
1962 wpa_s
->reassoc_same_ess
= 0;
1963 #ifdef CONFIG_TESTING_OPTIONS
1964 wpa_s
->testing_resend_assoc
= 0;
1965 #endif /* CONFIG_TESTING_OPTIONS */
1967 if (wpa_s
->last_ssid
== ssid
) {
1968 wpa_dbg(wpa_s
, MSG_DEBUG
, "Re-association to the same ESS");
1969 wpa_s
->reassoc_same_ess
= 1;
1970 if (wpa_s
->current_bss
&& wpa_s
->current_bss
== bss
) {
1971 wmm_ac_save_tspecs(wpa_s
);
1972 wpa_s
->reassoc_same_bss
= 1;
1973 } else if (wpa_s
->current_bss
&& wpa_s
->current_bss
!= bss
) {
1974 os_get_reltime(&wpa_s
->roam_start
);
1978 if (rand_style
> 0 && !wpa_s
->reassoc_same_ess
) {
1979 if (wpas_update_random_addr(wpa_s
, rand_style
) < 0)
1981 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1982 } else if (rand_style
== 0 && wpa_s
->mac_addr_changed
) {
1983 if (wpa_drv_set_mac_addr(wpa_s
, NULL
) < 0) {
1984 wpa_msg(wpa_s
, MSG_INFO
,
1985 "Could not restore permanent MAC address");
1988 wpa_s
->mac_addr_changed
= 0;
1989 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0) {
1990 wpa_msg(wpa_s
, MSG_INFO
,
1991 "Could not update MAC address information");
1994 wpa_msg(wpa_s
, MSG_DEBUG
, "Using permanent MAC address");
1996 wpa_s
->last_ssid
= ssid
;
1998 #ifdef CONFIG_IBSS_RSN
1999 ibss_rsn_deinit(wpa_s
->ibss_rsn
);
2000 wpa_s
->ibss_rsn
= NULL
;
2001 #else /* CONFIG_IBSS_RSN */
2002 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2003 !(ssid
->key_mgmt
& (WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPA_NONE
))) {
2004 wpa_msg(wpa_s
, MSG_INFO
,
2005 "IBSS RSN not supported in the build");
2008 #endif /* CONFIG_IBSS_RSN */
2010 if (ssid
->mode
== WPAS_MODE_AP
|| ssid
->mode
== WPAS_MODE_P2P_GO
||
2011 ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
) {
2013 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_AP
)) {
2014 wpa_msg(wpa_s
, MSG_INFO
, "Driver does not support AP "
2018 if (wpa_supplicant_create_ap(wpa_s
, ssid
) < 0) {
2019 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
2020 if (ssid
->mode
== WPAS_MODE_P2P_GROUP_FORMATION
)
2021 wpas_p2p_ap_setup_failed(wpa_s
);
2024 wpa_s
->current_bss
= bss
;
2025 #else /* CONFIG_AP */
2026 wpa_msg(wpa_s
, MSG_ERROR
, "AP mode support not included in "
2028 #endif /* CONFIG_AP */
2032 if (ssid
->mode
== WPAS_MODE_MESH
) {
2034 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_MESH
)) {
2035 wpa_msg(wpa_s
, MSG_INFO
,
2036 "Driver does not support mesh mode");
2040 ssid
->frequency
= bss
->freq
;
2041 if (wpa_supplicant_join_mesh(wpa_s
, ssid
) < 0) {
2042 wpa_msg(wpa_s
, MSG_ERROR
, "Could not join mesh");
2045 wpa_s
->current_bss
= bss
;
2046 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_STARTED
"ssid=\"%s\" id=%d",
2047 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
2049 wpas_notify_mesh_group_started(wpa_s
, ssid
);
2050 #else /* CONFIG_MESH */
2051 wpa_msg(wpa_s
, MSG_ERROR
,
2052 "mesh mode support not included in the build");
2053 #endif /* CONFIG_MESH */
2058 * Set WPA state machine configuration to match the selected network now
2059 * so that the information is available before wpas_start_assoc_cb()
2060 * gets called. This is needed at least for RSN pre-authentication where
2061 * candidate APs are added to a list based on scan result processing
2062 * before completion of the first association.
2064 wpa_supplicant_rsn_supp_set_config(wpa_s
, ssid
);
2067 if (wpas_dpp_check_connect(wpa_s
, ssid
, bss
) != 0)
2069 #endif /* CONFIG_DPP */
2073 wpa_tdls_ap_ies(wpa_s
->wpa
, (const u8
*) (bss
+ 1),
2075 #endif /* CONFIG_TDLS */
2078 wpas_mbo_check_pmf(wpa_s
, bss
, ssid
);
2079 #endif /* CONFIG_MBO */
2081 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2082 ssid
->mode
== WPAS_MODE_INFRA
) {
2083 sme_authenticate(wpa_s
, bss
, ssid
);
2087 if (wpa_s
->connect_work
) {
2088 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since connect_work exist");
2092 if (radio_work_pending(wpa_s
, "connect")) {
2093 wpa_dbg(wpa_s
, MSG_DEBUG
, "Reject wpa_supplicant_associate() call since pending work exist");
2098 if (ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) {
2099 /* Clear possibly set auth_alg, if any, from last attempt. */
2100 wpa_s
->sme
.auth_alg
= WPA_AUTH_ALG_OPEN
;
2102 #endif /* CONFIG_SME */
2104 wpas_abort_ongoing_scan(wpa_s
);
2106 cwork
= os_zalloc(sizeof(*cwork
));
2113 if (radio_add_work(wpa_s
, bss
? bss
->freq
: 0, "connect", 1,
2114 wpas_start_assoc_cb
, cwork
) < 0) {
2120 static int bss_is_ibss(struct wpa_bss
*bss
)
2122 return (bss
->caps
& (IEEE80211_CAP_ESS
| IEEE80211_CAP_IBSS
)) ==
2127 static int drv_supports_vht(struct wpa_supplicant
*wpa_s
,
2128 const struct wpa_ssid
*ssid
)
2130 enum hostapd_hw_mode hw_mode
;
2131 struct hostapd_hw_modes
*mode
= NULL
;
2135 hw_mode
= ieee80211_freq_to_chan(ssid
->frequency
, &channel
);
2136 if (hw_mode
== NUM_HOSTAPD_MODES
)
2138 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2139 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2140 mode
= &wpa_s
->hw
.modes
[i
];
2148 return mode
->vht_capab
!= 0;
2152 void ibss_mesh_setup_freq(struct wpa_supplicant
*wpa_s
,
2153 const struct wpa_ssid
*ssid
,
2154 struct hostapd_freq_params
*freq
)
2156 int ieee80211_mode
= wpas_mode_to_ieee80211_mode(ssid
->mode
);
2157 enum hostapd_hw_mode hw_mode
;
2158 struct hostapd_hw_modes
*mode
= NULL
;
2159 int ht40plus
[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2161 int vht80
[] = { 36, 52, 100, 116, 132, 149 };
2162 struct hostapd_channel_data
*pri_chan
= NULL
, *sec_chan
= NULL
;
2164 int i
, chan_idx
, ht40
= -1, res
, obss_scan
= 1;
2166 struct hostapd_freq_params vht_freq
;
2167 int chwidth
, seg0
, seg1
;
2171 freq
->freq
= ssid
->frequency
;
2173 for (j
= 0; j
< wpa_s
->last_scan_res_used
; j
++) {
2174 struct wpa_bss
*bss
= wpa_s
->last_scan_res
[j
];
2176 if (ssid
->mode
!= WPAS_MODE_IBSS
)
2179 /* Don't adjust control freq in case of fixed_freq */
2180 if (ssid
->fixed_freq
)
2183 if (!bss_is_ibss(bss
))
2186 if (ssid
->ssid_len
== bss
->ssid_len
&&
2187 os_memcmp(ssid
->ssid
, bss
->ssid
, bss
->ssid_len
) == 0) {
2188 wpa_printf(MSG_DEBUG
,
2189 "IBSS already found in scan results, adjust control freq: %d",
2191 freq
->freq
= bss
->freq
;
2197 /* For IBSS check HT_IBSS flag */
2198 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2199 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_HT_IBSS
))
2202 if (wpa_s
->group_cipher
== WPA_CIPHER_WEP40
||
2203 wpa_s
->group_cipher
== WPA_CIPHER_WEP104
||
2204 wpa_s
->pairwise_cipher
== WPA_CIPHER_TKIP
) {
2205 wpa_printf(MSG_DEBUG
,
2206 "IBSS: WEP/TKIP detected, do not try to enable HT");
2210 hw_mode
= ieee80211_freq_to_chan(freq
->freq
, &channel
);
2211 for (i
= 0; wpa_s
->hw
.modes
&& i
< wpa_s
->hw
.num_modes
; i
++) {
2212 if (wpa_s
->hw
.modes
[i
].mode
== hw_mode
) {
2213 mode
= &wpa_s
->hw
.modes
[i
];
2221 is_24ghz
= hw_mode
== HOSTAPD_MODE_IEEE80211G
||
2222 hw_mode
== HOSTAPD_MODE_IEEE80211B
;
2224 #ifdef CONFIG_HT_OVERRIDES
2225 if (ssid
->disable_ht
) {
2226 freq
->ht_enabled
= 0;
2229 #endif /* CONFIG_HT_OVERRIDES */
2231 freq
->ht_enabled
= ht_supported(mode
);
2232 if (!freq
->ht_enabled
)
2235 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2237 freq
->he_enabled
= mode
->he_capab
[ieee80211_mode
].he_supported
;
2239 /* Setup higher BW only for 5 GHz */
2240 if (mode
->mode
!= HOSTAPD_MODE_IEEE80211A
)
2243 for (chan_idx
= 0; chan_idx
< mode
->num_channels
; chan_idx
++) {
2244 pri_chan
= &mode
->channels
[chan_idx
];
2245 if (pri_chan
->chan
== channel
)
2252 /* Check primary channel flags */
2253 if (pri_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2256 freq
->channel
= pri_chan
->chan
;
2258 #ifdef CONFIG_HT_OVERRIDES
2259 if (ssid
->disable_ht40
) {
2260 if (ssid
->disable_vht
)
2264 #endif /* CONFIG_HT_OVERRIDES */
2266 /* Check/setup HT40+/HT40- */
2267 for (j
= 0; j
< ARRAY_SIZE(ht40plus
); j
++) {
2268 if (ht40plus
[j
] == channel
) {
2274 /* Find secondary channel */
2275 for (i
= 0; i
< mode
->num_channels
; i
++) {
2276 sec_chan
= &mode
->channels
[i
];
2277 if (sec_chan
->chan
== channel
+ ht40
* 4)
2284 /* Check secondary channel flags */
2285 if (sec_chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2289 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40MINUS
))
2292 if (!(pri_chan
->flag
& HOSTAPD_CHAN_HT40PLUS
))
2295 freq
->sec_channel_offset
= ht40
;
2298 struct wpa_scan_results
*scan_res
;
2300 scan_res
= wpa_supplicant_get_scan_results(wpa_s
, NULL
, 0);
2301 if (scan_res
== NULL
) {
2303 freq
->sec_channel_offset
= 0;
2307 res
= check_40mhz_5g(mode
, scan_res
, pri_chan
->chan
,
2312 freq
->sec_channel_offset
= 0;
2315 /* Configuration allowed */
2318 /* Switch pri/sec channels */
2319 freq
->freq
= hw_get_freq(mode
, sec_chan
->chan
);
2320 freq
->sec_channel_offset
= -freq
->sec_channel_offset
;
2321 freq
->channel
= sec_chan
->chan
;
2324 freq
->sec_channel_offset
= 0;
2328 wpa_scan_results_free(scan_res
);
2331 #ifdef CONFIG_HT_OVERRIDES
2333 #endif /* CONFIG_HT_OVERRIDES */
2334 wpa_printf(MSG_DEBUG
,
2335 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2336 freq
->channel
, freq
->sec_channel_offset
);
2338 if (!drv_supports_vht(wpa_s
, ssid
))
2341 /* For IBSS check VHT_IBSS flag */
2342 if (ssid
->mode
== WPAS_MODE_IBSS
&&
2343 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_VHT_IBSS
))
2348 #ifdef CONFIG_VHT_OVERRIDES
2349 if (ssid
->disable_vht
) {
2350 freq
->vht_enabled
= 0;
2353 #endif /* CONFIG_VHT_OVERRIDES */
2355 vht_freq
.vht_enabled
= vht_supported(mode
);
2356 if (!vht_freq
.vht_enabled
)
2359 /* Enable HE for VHT */
2360 vht_freq
.he_enabled
= mode
->he_capab
[ieee80211_mode
].he_supported
;
2362 /* setup center_freq1, bandwidth */
2363 for (j
= 0; j
< ARRAY_SIZE(vht80
); j
++) {
2364 if (freq
->channel
>= vht80
[j
] &&
2365 freq
->channel
< vht80
[j
] + 16)
2369 if (j
== ARRAY_SIZE(vht80
))
2372 for (i
= vht80
[j
]; i
< vht80
[j
] + 16; i
+= 4) {
2373 struct hostapd_channel_data
*chan
;
2375 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2379 /* Back to HT configuration if channel not usable */
2380 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
| HOSTAPD_CHAN_NO_IR
))
2384 chwidth
= CHANWIDTH_80MHZ
;
2385 seg0
= vht80
[j
] + 6;
2388 if (ssid
->max_oper_chwidth
== CHANWIDTH_80P80MHZ
) {
2389 /* setup center_freq2, bandwidth */
2390 for (k
= 0; k
< ARRAY_SIZE(vht80
); k
++) {
2391 /* Only accept 80 MHz segments separated by a gap */
2392 if (j
== k
|| abs(vht80
[j
] - vht80
[k
]) == 16)
2394 for (i
= vht80
[k
]; i
< vht80
[k
] + 16; i
+= 4) {
2395 struct hostapd_channel_data
*chan
;
2397 chan
= hw_get_channel_chan(mode
, i
, NULL
);
2401 if (chan
->flag
& (HOSTAPD_CHAN_DISABLED
|
2402 HOSTAPD_CHAN_NO_IR
|
2403 HOSTAPD_CHAN_RADAR
))
2406 /* Found a suitable second segment for 80+80 */
2407 chwidth
= CHANWIDTH_80P80MHZ
;
2409 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ
;
2410 seg1
= vht80
[k
] + 6;
2413 if (chwidth
== CHANWIDTH_80P80MHZ
)
2416 } else if (ssid
->max_oper_chwidth
== CHANWIDTH_160MHZ
) {
2417 if (freq
->freq
== 5180) {
2418 chwidth
= CHANWIDTH_160MHZ
;
2419 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2421 } else if (freq
->freq
== 5520) {
2422 chwidth
= CHANWIDTH_160MHZ
;
2423 vht_caps
|= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ
;
2426 } else if (ssid
->max_oper_chwidth
== CHANWIDTH_USE_HT
) {
2427 chwidth
= CHANWIDTH_USE_HT
;
2428 seg0
= vht80
[j
] + 2;
2429 #ifdef CONFIG_HT_OVERRIDES
2430 if (ssid
->disable_ht40
)
2432 #endif /* CONFIG_HT_OVERRIDES */
2435 if (hostapd_set_freq_params(&vht_freq
, mode
->mode
, freq
->freq
,
2436 freq
->channel
, ssid
->enable_edmg
,
2437 ssid
->edmg_channel
, freq
->ht_enabled
,
2438 vht_freq
.vht_enabled
, freq
->he_enabled
,
2439 freq
->sec_channel_offset
,
2440 chwidth
, seg0
, seg1
, vht_caps
,
2441 &mode
->he_capab
[ieee80211_mode
]) != 0)
2446 wpa_printf(MSG_DEBUG
, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2447 freq
->center_freq1
, freq
->center_freq2
, freq
->bandwidth
);
2452 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant
*wpa_s
, u8
*ie_buf
,
2455 struct fils_hlp_req
*req
;
2456 size_t rem_len
, hdr_len
, hlp_len
, len
, ie_len
= 0;
2460 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2462 rem_len
= ie_buf_len
- ie_len
;
2463 pos
= wpabuf_head(req
->pkt
);
2464 hdr_len
= 1 + 2 * ETH_ALEN
+ 6;
2465 hlp_len
= wpabuf_len(req
->pkt
);
2467 if (rem_len
< 2 + hdr_len
+ hlp_len
) {
2468 wpa_printf(MSG_ERROR
,
2469 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2470 (unsigned long) rem_len
,
2471 (unsigned long) (2 + hdr_len
+ hlp_len
));
2475 len
= (hdr_len
+ hlp_len
) > 255 ? 255 : hdr_len
+ hlp_len
;
2477 *buf
++ = WLAN_EID_EXTENSION
;
2480 /* Element ID Extension */
2481 *buf
++ = WLAN_EID_EXT_FILS_HLP_CONTAINER
;
2482 /* Destination MAC address */
2483 os_memcpy(buf
, req
->dst
, ETH_ALEN
);
2485 /* Source MAC address */
2486 os_memcpy(buf
, wpa_s
->own_addr
, ETH_ALEN
);
2488 /* LLC/SNAP Header */
2489 os_memcpy(buf
, "\xaa\xaa\x03\x00\x00\x00", 6);
2492 os_memcpy(buf
, pos
, len
- hdr_len
);
2493 buf
+= len
- hdr_len
;
2494 pos
+= len
- hdr_len
;
2496 hlp_len
-= len
- hdr_len
;
2501 len
= (hlp_len
> 255) ? 255 : hlp_len
;
2502 if (rem_len
< 2 + len
)
2504 *buf
++ = WLAN_EID_FRAGMENT
;
2506 os_memcpy(buf
, pos
, len
);
2520 int wpa_is_fils_supported(struct wpa_supplicant
*wpa_s
)
2522 return (((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2523 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
)) ||
2524 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2525 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
)));
2529 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant
*wpa_s
)
2531 #ifdef CONFIG_FILS_SK_PFS
2532 return (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
) &&
2533 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SUPPORT_FILS
);
2534 #else /* CONFIG_FILS_SK_PFS */
2536 #endif /* CONFIG_FILS_SK_PFS */
2539 #endif /* CONFIG_FILS */
2542 static u8
* wpas_populate_assoc_ies(
2543 struct wpa_supplicant
*wpa_s
,
2544 struct wpa_bss
*bss
, struct wpa_ssid
*ssid
,
2545 struct wpa_driver_associate_params
*params
,
2546 enum wpa_drv_update_connect_params_mask
*mask
)
2549 size_t max_wpa_ie_len
= 500;
2551 int algs
= WPA_AUTH_ALG_OPEN
;
2556 int sae_pmksa_cached
= 0;
2557 #endif /* CONFIG_SAE */
2559 const u8
*realm
, *username
, *rrk
;
2560 size_t realm_len
, username_len
, rrk_len
;
2562 struct fils_hlp_req
*req
;
2564 dl_list_for_each(req
, &wpa_s
->fils_hlp_req
, struct fils_hlp_req
,
2566 max_wpa_ie_len
+= 3 + 2 * ETH_ALEN
+ 6 + wpabuf_len(req
->pkt
) +
2567 2 + 2 * wpabuf_len(req
->pkt
) / 255;
2569 #endif /* CONFIG_FILS */
2571 wpa_ie
= os_malloc(max_wpa_ie_len
);
2573 wpa_printf(MSG_ERROR
,
2574 "Failed to allocate connect IE buffer for %lu bytes",
2575 (unsigned long) max_wpa_ie_len
);
2579 if (bss
&& (wpa_bss_get_vendor_ie(bss
, WPA_IE_VENDOR_TYPE
) ||
2580 wpa_bss_get_ie(bss
, WLAN_EID_RSN
)) &&
2581 wpa_key_mgmt_wpa(ssid
->key_mgmt
)) {
2582 int try_opportunistic
;
2583 const u8
*cache_id
= NULL
;
2585 try_opportunistic
= (ssid
->proactive_key_caching
< 0 ?
2587 ssid
->proactive_key_caching
) &&
2588 (ssid
->proto
& WPA_PROTO_RSN
);
2590 if (wpa_key_mgmt_fils(ssid
->key_mgmt
))
2591 cache_id
= wpa_bss_get_fils_cache_id(bss
);
2592 #endif /* CONFIG_FILS */
2593 if (pmksa_cache_set_current(wpa_s
->wpa
, NULL
, bss
->bssid
,
2594 ssid
, try_opportunistic
,
2595 cache_id
, 0) == 0) {
2596 eapol_sm_notify_pmkid_attempt(wpa_s
->eapol
);
2598 sae_pmksa_cached
= 1;
2599 #endif /* CONFIG_SAE */
2601 wpa_ie_len
= max_wpa_ie_len
;
2602 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2603 wpa_ie
, &wpa_ie_len
)) {
2604 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2605 "key management and encryption suites");
2610 } else if (bss
&& wpa_bss_get_vendor_ie(bss
, OSEN_IE_VENDOR_TYPE
) &&
2611 (ssid
->key_mgmt
& WPA_KEY_MGMT_OSEN
)) {
2612 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2613 wpa_ie_len
= max_wpa_ie_len
;
2614 if (wpa_supplicant_set_suites(wpa_s
, bss
, ssid
,
2615 wpa_ie
, &wpa_ie_len
)) {
2616 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2617 "key management and encryption suites");
2621 #endif /* CONFIG_HS20 */
2622 } else if ((ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) && bss
&&
2623 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
)) {
2625 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2626 * use non-WPA since the scan results did not indicate that the
2627 * AP is using WPA or WPA2.
2629 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2631 wpa_s
->wpa_proto
= 0;
2632 } else if (wpa_key_mgmt_wpa_any(ssid
->key_mgmt
)) {
2633 wpa_ie_len
= max_wpa_ie_len
;
2634 if (wpa_supplicant_set_suites(wpa_s
, NULL
, ssid
,
2635 wpa_ie
, &wpa_ie_len
)) {
2636 wpa_msg(wpa_s
, MSG_WARNING
, "WPA: Failed to set WPA "
2637 "key management and encryption suites (no "
2643 } else if (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) {
2644 struct wpabuf
*wps_ie
;
2645 wps_ie
= wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid
));
2646 if (wps_ie
&& wpabuf_len(wps_ie
) <= max_wpa_ie_len
) {
2647 wpa_ie_len
= wpabuf_len(wps_ie
);
2648 os_memcpy(wpa_ie
, wpabuf_head(wps_ie
), wpa_ie_len
);
2651 wpabuf_free(wps_ie
);
2652 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2653 if (!bss
|| (bss
->caps
& IEEE80211_CAP_PRIVACY
))
2654 params
->wps
= WPS_MODE_PRIVACY
;
2656 params
->wps
= WPS_MODE_OPEN
;
2657 wpa_s
->wpa_proto
= 0;
2658 #endif /* CONFIG_WPS */
2660 wpa_supplicant_set_non_wpa_policy(wpa_s
, ssid
);
2662 wpa_s
->wpa_proto
= 0;
2665 #ifdef IEEE8021X_EAPOL
2666 if (ssid
->key_mgmt
& WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
2668 if (ssid
->non_leap
== 0)
2669 algs
= WPA_AUTH_ALG_LEAP
;
2671 algs
|= WPA_AUTH_ALG_LEAP
;
2676 /* Clear FILS association */
2677 wpa_sm_set_reset_fils_completed(wpa_s
->wpa
, 0);
2679 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD
) &&
2680 ssid
->eap
.erp
&& wpa_key_mgmt_fils(wpa_s
->key_mgmt
) &&
2681 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
, &username
,
2682 &username_len
, &realm
, &realm_len
,
2683 &next_seq_num
, &rrk
, &rrk_len
) == 0 &&
2684 (!wpa_s
->last_con_fail_realm
||
2685 wpa_s
->last_con_fail_realm_len
!= realm_len
||
2686 os_memcmp(wpa_s
->last_con_fail_realm
, realm
, realm_len
) != 0)) {
2687 algs
= WPA_AUTH_ALG_FILS
;
2688 params
->fils_erp_username
= username
;
2689 params
->fils_erp_username_len
= username_len
;
2690 params
->fils_erp_realm
= realm
;
2691 params
->fils_erp_realm_len
= realm_len
;
2692 params
->fils_erp_next_seq_num
= next_seq_num
;
2693 params
->fils_erp_rrk
= rrk
;
2694 params
->fils_erp_rrk_len
= rrk_len
;
2697 *mask
|= WPA_DRV_UPDATE_FILS_ERP_INFO
;
2699 #endif /* CONFIG_FILS */
2700 #endif /* IEEE8021X_EAPOL */
2702 if (wpa_s
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
))
2703 algs
= WPA_AUTH_ALG_SAE
;
2704 #endif /* CONFIG_SAE */
2706 wpa_dbg(wpa_s
, MSG_DEBUG
, "Automatic auth_alg selection: 0x%x", algs
);
2707 if (ssid
->auth_alg
) {
2708 algs
= ssid
->auth_alg
;
2709 wpa_dbg(wpa_s
, MSG_DEBUG
,
2710 "Overriding auth_alg selection: 0x%x", algs
);
2714 if (sae_pmksa_cached
&& algs
== WPA_AUTH_ALG_SAE
) {
2715 wpa_dbg(wpa_s
, MSG_DEBUG
,
2716 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2717 algs
= WPA_AUTH_ALG_OPEN
;
2719 #endif /* CONFIG_SAE */
2722 if (wpa_s
->global
->p2p
) {
2726 pos
= wpa_ie
+ wpa_ie_len
;
2727 len
= max_wpa_ie_len
- wpa_ie_len
;
2728 res
= wpas_p2p_assoc_req_ie(wpa_s
, bss
, pos
, len
,
2734 wpa_s
->cross_connect_disallowed
= 0;
2737 p2p
= wpa_bss_get_vendor_ie_multi(bss
, P2P_IE_VENDOR_TYPE
);
2739 wpa_s
->cross_connect_disallowed
=
2740 p2p_get_cross_connect_disallowed(p2p
);
2742 wpa_dbg(wpa_s
, MSG_DEBUG
, "P2P: WLAN AP %s cross "
2744 wpa_s
->cross_connect_disallowed
?
2745 "disallows" : "allows");
2749 os_memset(wpa_s
->p2p_ip_addr_info
, 0, sizeof(wpa_s
->p2p_ip_addr_info
));
2750 #endif /* CONFIG_P2P */
2753 wpa_ie_len
+= wpas_supp_op_class_ie(wpa_s
, ssid
, bss
->freq
,
2754 wpa_ie
+ wpa_ie_len
,
2760 * Workaround: Add Extended Capabilities element only if the AP
2761 * included this element in Beacon/Probe Response frames. Some older
2762 * APs seem to have interoperability issues if this element is
2763 * included, so while the standard may require us to include the
2764 * element in all cases, it is justifiable to skip it to avoid
2765 * interoperability issues.
2767 if (ssid
->p2p_group
)
2768 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_P2P_CLIENT
);
2770 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
2772 if (!bss
|| wpa_bss_get_ie(bss
, WLAN_EID_EXT_CAPAB
)) {
2775 ext_capab_len
= wpas_build_ext_capab(wpa_s
, ext_capab
,
2777 if (ext_capab_len
> 0 &&
2778 wpa_ie_len
+ ext_capab_len
<= max_wpa_ie_len
) {
2780 if (wpa_ie_len
> 0 && pos
[0] == WLAN_EID_RSN
)
2782 os_memmove(pos
+ ext_capab_len
, pos
,
2783 wpa_ie_len
- (pos
- wpa_ie
));
2784 wpa_ie_len
+= ext_capab_len
;
2785 os_memcpy(pos
, ext_capab
, ext_capab_len
);
2790 if (is_hs20_network(wpa_s
, ssid
, bss
)) {
2791 struct wpabuf
*hs20
;
2793 hs20
= wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN
);
2795 int pps_mo_id
= hs20_get_pps_mo_id(wpa_s
, ssid
);
2798 wpas_hs20_add_indication(hs20
, pps_mo_id
,
2799 get_hs20_version(bss
));
2800 wpas_hs20_add_roam_cons_sel(hs20
, ssid
);
2801 len
= max_wpa_ie_len
- wpa_ie_len
;
2802 if (wpabuf_len(hs20
) <= len
) {
2803 os_memcpy(wpa_ie
+ wpa_ie_len
,
2804 wpabuf_head(hs20
), wpabuf_len(hs20
));
2805 wpa_ie_len
+= wpabuf_len(hs20
);
2809 hs20_configure_frame_filters(wpa_s
);
2812 #endif /* CONFIG_HS20 */
2814 if (wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
]) {
2815 struct wpabuf
*buf
= wpa_s
->vendor_elem
[VENDOR_ELEM_ASSOC_REQ
];
2818 len
= max_wpa_ie_len
- wpa_ie_len
;
2819 if (wpabuf_len(buf
) <= len
) {
2820 os_memcpy(wpa_ie
+ wpa_ie_len
,
2821 wpabuf_head(buf
), wpabuf_len(buf
));
2822 wpa_ie_len
+= wpabuf_len(buf
);
2827 if (wpa_s
->fst_ies
) {
2828 int fst_ies_len
= wpabuf_len(wpa_s
->fst_ies
);
2830 if (wpa_ie_len
+ fst_ies_len
<= max_wpa_ie_len
) {
2831 os_memcpy(wpa_ie
+ wpa_ie_len
,
2832 wpabuf_head(wpa_s
->fst_ies
), fst_ies_len
);
2833 wpa_ie_len
+= fst_ies_len
;
2836 #endif /* CONFIG_FST */
2839 mbo_ie
= bss
? wpa_bss_get_vendor_ie(bss
, MBO_IE_VENDOR_TYPE
) : NULL
;
2840 if (!wpa_s
->disable_mbo_oce
&& mbo_ie
) {
2843 len
= wpas_mbo_ie(wpa_s
, wpa_ie
+ wpa_ie_len
,
2844 max_wpa_ie_len
- wpa_ie_len
,
2845 !!mbo_attr_from_mbo_ie(mbo_ie
,
2846 OCE_ATTR_ID_CAPA_IND
));
2850 #endif /* CONFIG_MBO */
2853 if (algs
== WPA_AUTH_ALG_FILS
) {
2856 len
= wpas_add_fils_hlp_req(wpa_s
, wpa_ie
+ wpa_ie_len
,
2857 max_wpa_ie_len
- wpa_ie_len
);
2860 #endif /* CONFIG_FILS */
2863 #ifdef CONFIG_TESTING_OPTIONS
2864 if (get_ie_ext(wpa_ie
, wpa_ie_len
, WLAN_EID_EXT_OWE_DH_PARAM
)) {
2865 wpa_printf(MSG_INFO
, "TESTING: Override OWE DH element");
2867 #endif /* CONFIG_TESTING_OPTIONS */
2868 if (algs
== WPA_AUTH_ALG_OPEN
&&
2869 ssid
->key_mgmt
== WPA_KEY_MGMT_OWE
) {
2870 struct wpabuf
*owe_ie
;
2873 if (ssid
->owe_group
) {
2874 group
= ssid
->owe_group
;
2875 } else if (wpa_s
->assoc_status_code
==
2876 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED
) {
2877 if (wpa_s
->last_owe_group
== 19)
2879 else if (wpa_s
->last_owe_group
== 20)
2882 group
= OWE_DH_GROUP
;
2884 group
= OWE_DH_GROUP
;
2887 wpa_s
->last_owe_group
= group
;
2888 wpa_printf(MSG_DEBUG
, "OWE: Try to use group %u", group
);
2889 owe_ie
= owe_build_assoc_req(wpa_s
->wpa
, group
);
2891 wpabuf_len(owe_ie
) <= max_wpa_ie_len
- wpa_ie_len
) {
2892 os_memcpy(wpa_ie
+ wpa_ie_len
,
2893 wpabuf_head(owe_ie
), wpabuf_len(owe_ie
));
2894 wpa_ie_len
+= wpabuf_len(owe_ie
);
2896 wpabuf_free(owe_ie
);
2898 #endif /* CONFIG_OWE */
2901 if (wpa_sm_get_key_mgmt(wpa_s
->wpa
) == WPA_KEY_MGMT_DPP
&&
2902 ssid
->dpp_netaccesskey
) {
2903 dpp_pfs_free(wpa_s
->dpp_pfs
);
2904 wpa_s
->dpp_pfs
= dpp_pfs_init(ssid
->dpp_netaccesskey
,
2905 ssid
->dpp_netaccesskey_len
);
2906 if (!wpa_s
->dpp_pfs
) {
2907 wpa_printf(MSG_DEBUG
, "DPP: Could not initialize PFS");
2908 /* Try to continue without PFS */
2911 if (wpabuf_len(wpa_s
->dpp_pfs
->ie
) <=
2912 max_wpa_ie_len
- wpa_ie_len
) {
2913 os_memcpy(wpa_ie
+ wpa_ie_len
,
2914 wpabuf_head(wpa_s
->dpp_pfs
->ie
),
2915 wpabuf_len(wpa_s
->dpp_pfs
->ie
));
2916 wpa_ie_len
+= wpabuf_len(wpa_s
->dpp_pfs
->ie
);
2920 #endif /* CONFIG_DPP2 */
2922 #ifdef CONFIG_IEEE80211R
2924 * Add MDIE under these conditions: the network profile allows FT,
2925 * the AP supports FT, and the mobility domain ID matches.
2927 if (bss
&& wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s
->wpa
))) {
2928 const u8
*mdie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
2930 if (mdie
&& mdie
[1] >= MOBILITY_DOMAIN_ID_LEN
) {
2932 const u8
*md
= mdie
+ 2;
2933 const u8
*wpa_md
= wpa_sm_get_ft_md(wpa_s
->wpa
);
2935 if (os_memcmp(md
, wpa_md
,
2936 MOBILITY_DOMAIN_ID_LEN
) == 0) {
2937 /* Add mobility domain IE */
2938 len
= wpa_ft_add_mdie(
2939 wpa_s
->wpa
, wpa_ie
+ wpa_ie_len
,
2940 max_wpa_ie_len
- wpa_ie_len
, mdie
);
2944 if (len
> 0 && wpa_s
->sme
.ft_used
&&
2945 wpa_sm_has_ptk(wpa_s
->wpa
)) {
2946 wpa_dbg(wpa_s
, MSG_DEBUG
,
2947 "SME: Trying to use FT over-the-air");
2948 algs
|= WPA_AUTH_ALG_FT
;
2950 #endif /* CONFIG_SME */
2953 #endif /* CONFIG_IEEE80211R */
2955 if (ssid
->multi_ap_backhaul_sta
) {
2956 size_t multi_ap_ie_len
;
2958 multi_ap_ie_len
= add_multi_ap_ie(wpa_ie
+ wpa_ie_len
,
2959 max_wpa_ie_len
- wpa_ie_len
,
2960 MULTI_AP_BACKHAUL_STA
);
2961 if (multi_ap_ie_len
== 0) {
2962 wpa_printf(MSG_ERROR
,
2963 "Multi-AP: Failed to build Multi-AP IE");
2967 wpa_ie_len
+= multi_ap_ie_len
;
2970 params
->wpa_ie
= wpa_ie
;
2971 params
->wpa_ie_len
= wpa_ie_len
;
2972 params
->auth_alg
= algs
;
2974 *mask
|= WPA_DRV_UPDATE_ASSOC_IES
| WPA_DRV_UPDATE_AUTH_TYPE
;
2981 static void wpas_update_owe_connect_params(struct wpa_supplicant
*wpa_s
)
2983 struct wpa_driver_associate_params params
;
2986 os_memset(¶ms
, 0, sizeof(params
));
2987 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
2988 wpa_s
->current_ssid
, ¶ms
, NULL
);
2992 wpa_drv_update_connect_params(wpa_s
, ¶ms
, WPA_DRV_UPDATE_ASSOC_IES
);
2995 #endif /* CONFIG_OWE */
2998 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
2999 static void wpas_update_fils_connect_params(struct wpa_supplicant
*wpa_s
)
3001 struct wpa_driver_associate_params params
;
3002 enum wpa_drv_update_connect_params_mask mask
= 0;
3005 if (wpa_s
->auth_alg
!= WPA_AUTH_ALG_OPEN
)
3006 return; /* nothing to do */
3008 os_memset(¶ms
, 0, sizeof(params
));
3009 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
3010 wpa_s
->current_ssid
, ¶ms
, &mask
);
3014 if (params
.auth_alg
!= WPA_AUTH_ALG_FILS
) {
3019 wpa_s
->auth_alg
= params
.auth_alg
;
3020 wpa_drv_update_connect_params(wpa_s
, ¶ms
, mask
);
3023 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3027 void wpas_update_mbo_connect_params(struct wpa_supplicant
*wpa_s
)
3029 struct wpa_driver_associate_params params
;
3033 * Update MBO connect params only in case of change of MBO attributes
3034 * when connected, if the AP support MBO.
3037 if (wpa_s
->wpa_state
!= WPA_COMPLETED
|| !wpa_s
->current_ssid
||
3038 !wpa_s
->current_bss
||
3039 !wpa_bss_get_vendor_ie(wpa_s
->current_bss
, MBO_IE_VENDOR_TYPE
))
3042 os_memset(¶ms
, 0, sizeof(params
));
3043 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, wpa_s
->current_bss
,
3044 wpa_s
->current_ssid
, ¶ms
, NULL
);
3048 wpa_drv_update_connect_params(wpa_s
, ¶ms
, WPA_DRV_UPDATE_ASSOC_IES
);
3051 #endif /* CONFIG_MBO */
3054 static void wpas_start_assoc_cb(struct wpa_radio_work
*work
, int deinit
)
3056 struct wpa_connect_work
*cwork
= work
->ctx
;
3057 struct wpa_bss
*bss
= cwork
->bss
;
3058 struct wpa_ssid
*ssid
= cwork
->ssid
;
3059 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
3061 int use_crypt
, ret
, i
, bssid_changed
;
3062 unsigned int cipher_pairwise
, cipher_group
, cipher_group_mgmt
;
3063 struct wpa_driver_associate_params params
;
3064 int wep_keys_set
= 0;
3065 int assoc_failed
= 0;
3066 struct wpa_ssid
*old_ssid
;
3067 u8 prev_bssid
[ETH_ALEN
];
3068 #ifdef CONFIG_HT_OVERRIDES
3069 struct ieee80211_ht_capabilities htcaps
;
3070 struct ieee80211_ht_capabilities htcaps_mask
;
3071 #endif /* CONFIG_HT_OVERRIDES */
3072 #ifdef CONFIG_VHT_OVERRIDES
3073 struct ieee80211_vht_capabilities vhtcaps
;
3074 struct ieee80211_vht_capabilities vhtcaps_mask
;
3075 #endif /* CONFIG_VHT_OVERRIDES */
3078 if (work
->started
) {
3079 wpa_s
->connect_work
= NULL
;
3081 /* cancel possible auth. timeout */
3082 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
,
3085 wpas_connect_work_free(cwork
);
3089 wpa_s
->connect_work
= work
;
3091 if (cwork
->bss_removed
|| !wpas_valid_bss_ssid(wpa_s
, bss
, ssid
) ||
3092 wpas_network_disabled(wpa_s
, ssid
)) {
3093 wpa_dbg(wpa_s
, MSG_DEBUG
, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3094 wpas_connect_work_done(wpa_s
);
3098 os_memcpy(prev_bssid
, wpa_s
->bssid
, ETH_ALEN
);
3099 os_memset(¶ms
, 0, sizeof(params
));
3100 wpa_s
->reassociate
= 0;
3101 wpa_s
->eap_expected_failure
= 0;
3103 (!wpas_driver_bss_selection(wpa_s
) || wpas_wps_searching(wpa_s
))) {
3104 #ifdef CONFIG_IEEE80211R
3105 const u8
*ie
, *md
= NULL
;
3106 #endif /* CONFIG_IEEE80211R */
3107 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with " MACSTR
3108 " (SSID='%s' freq=%d MHz)", MAC2STR(bss
->bssid
),
3109 wpa_ssid_txt(bss
->ssid
, bss
->ssid_len
), bss
->freq
);
3110 bssid_changed
= !is_zero_ether_addr(wpa_s
->bssid
);
3111 os_memset(wpa_s
->bssid
, 0, ETH_ALEN
);
3112 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
3114 wpas_notify_bssid_changed(wpa_s
);
3115 #ifdef CONFIG_IEEE80211R
3116 ie
= wpa_bss_get_ie(bss
, WLAN_EID_MOBILITY_DOMAIN
);
3117 if (ie
&& ie
[1] >= MOBILITY_DOMAIN_ID_LEN
)
3119 wpa_sm_set_ft_params(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0);
3121 /* Prepare for the next transition */
3122 wpa_ft_prepare_auth_request(wpa_s
->wpa
, ie
);
3124 #endif /* CONFIG_IEEE80211R */
3126 } else if ((ssid
->ssid
== NULL
|| ssid
->ssid_len
== 0) &&
3127 wpa_s
->conf
->ap_scan
== 2 &&
3128 (ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
)) {
3129 /* Use ap_scan==1 style network selection to find the network
3131 wpas_connect_work_done(wpa_s
);
3132 wpa_s
->scan_req
= MANUAL_SCAN_REQ
;
3133 wpa_s
->reassociate
= 1;
3134 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3136 #endif /* CONFIG_WPS */
3138 wpa_msg(wpa_s
, MSG_INFO
, "Trying to associate with SSID '%s'",
3139 wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
3141 os_memcpy(wpa_s
->pending_bssid
, bss
->bssid
, ETH_ALEN
);
3143 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3146 wpa_supplicant_cancel_sched_scan(wpa_s
);
3148 wpa_supplicant_cancel_scan(wpa_s
);
3150 /* Starting new association, so clear the possibly used WPA IE from the
3151 * previous association. */
3152 wpa_sm_set_assoc_wpa_ie(wpa_s
->wpa
, NULL
, 0);
3154 wpa_ie
= wpas_populate_assoc_ies(wpa_s
, bss
, ssid
, ¶ms
, NULL
);
3156 wpas_connect_work_done(wpa_s
);
3160 wpa_clear_keys(wpa_s
, bss
? bss
->bssid
: NULL
);
3162 cipher_pairwise
= wpa_s
->pairwise_cipher
;
3163 cipher_group
= wpa_s
->group_cipher
;
3164 cipher_group_mgmt
= wpa_s
->mgmt_group_cipher
;
3165 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
||
3166 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3167 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
)
3169 if (wpa_set_wep_keys(wpa_s
, ssid
)) {
3174 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
)
3177 #ifdef IEEE8021X_EAPOL
3178 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
3179 if ((ssid
->eapol_flags
&
3180 (EAPOL_FLAG_REQUIRE_KEY_UNICAST
|
3181 EAPOL_FLAG_REQUIRE_KEY_BROADCAST
)) == 0 &&
3185 /* Assume that dynamic WEP-104 keys will be used and
3186 * set cipher suites in order for drivers to expect
3188 cipher_pairwise
= cipher_group
= WPA_CIPHER_WEP104
;
3191 #endif /* IEEE8021X_EAPOL */
3193 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3194 /* Set the key before (and later after) association */
3195 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3198 wpa_supplicant_set_state(wpa_s
, WPA_ASSOCIATING
);
3200 params
.ssid
= bss
->ssid
;
3201 params
.ssid_len
= bss
->ssid_len
;
3202 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
||
3203 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
3204 wpa_printf(MSG_DEBUG
, "Limit connection to BSSID "
3205 MACSTR
" freq=%u MHz based on scan results "
3206 "(bssid_set=%d wps=%d)",
3207 MAC2STR(bss
->bssid
), bss
->freq
,
3209 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
);
3210 params
.bssid
= bss
->bssid
;
3211 params
.freq
.freq
= bss
->freq
;
3213 params
.bssid_hint
= bss
->bssid
;
3214 params
.freq_hint
= bss
->freq
;
3215 params
.pbss
= bss_is_pbss(bss
);
3217 if (ssid
->bssid_hint_set
)
3218 params
.bssid_hint
= ssid
->bssid_hint
;
3220 params
.ssid
= ssid
->ssid
;
3221 params
.ssid_len
= ssid
->ssid_len
;
3222 params
.pbss
= (ssid
->pbss
!= 2) ? ssid
->pbss
: 0;
3225 if (ssid
->mode
== WPAS_MODE_IBSS
&& ssid
->bssid_set
&&
3226 wpa_s
->conf
->ap_scan
== 2) {
3227 params
.bssid
= ssid
->bssid
;
3228 params
.fixed_bssid
= 1;
3231 /* Initial frequency for IBSS/mesh */
3232 if ((ssid
->mode
== WPAS_MODE_IBSS
|| ssid
->mode
== WPAS_MODE_MESH
) &&
3233 ssid
->frequency
> 0 && params
.freq
.freq
== 0)
3234 ibss_mesh_setup_freq(wpa_s
, ssid
, ¶ms
.freq
);
3236 if (ssid
->mode
== WPAS_MODE_IBSS
) {
3237 params
.fixed_freq
= ssid
->fixed_freq
;
3238 if (ssid
->beacon_int
)
3239 params
.beacon_int
= ssid
->beacon_int
;
3241 params
.beacon_int
= wpa_s
->conf
->beacon_int
;
3244 params
.pairwise_suite
= cipher_pairwise
;
3245 params
.group_suite
= cipher_group
;
3246 params
.mgmt_group_suite
= cipher_group_mgmt
;
3247 params
.key_mgmt_suite
= wpa_s
->key_mgmt
;
3248 params
.wpa_proto
= wpa_s
->wpa_proto
;
3249 wpa_s
->auth_alg
= params
.auth_alg
;
3250 params
.mode
= ssid
->mode
;
3251 params
.bg_scan_period
= ssid
->bg_scan_period
;
3252 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
3253 if (ssid
->wep_key_len
[i
])
3254 params
.wep_key
[i
] = ssid
->wep_key
[i
];
3255 params
.wep_key_len
[i
] = ssid
->wep_key_len
[i
];
3257 params
.wep_tx_keyidx
= ssid
->wep_tx_keyidx
;
3259 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
) &&
3260 (params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3261 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
)) {
3262 params
.passphrase
= ssid
->passphrase
;
3264 params
.psk
= ssid
->psk
;
3267 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X
) &&
3268 (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3269 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3270 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3271 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
))
3272 params
.req_handshake_offload
= 1;
3274 if (wpa_s
->conf
->key_mgmt_offload
) {
3275 if (params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X
||
3276 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SHA256
||
3277 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B
||
3278 params
.key_mgmt_suite
== WPA_KEY_MGMT_IEEE8021X_SUITE_B_192
)
3279 params
.req_key_mgmt_offload
=
3280 ssid
->proactive_key_caching
< 0 ?
3281 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
3283 params
.req_key_mgmt_offload
= 1;
3285 if ((params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK
||
3286 params
.key_mgmt_suite
== WPA_KEY_MGMT_PSK_SHA256
||
3287 params
.key_mgmt_suite
== WPA_KEY_MGMT_FT_PSK
) &&
3289 params
.psk
= ssid
->psk
;
3292 params
.drop_unencrypted
= use_crypt
;
3294 params
.mgmt_frame_protection
= wpas_get_ssid_pmf(wpa_s
, ssid
);
3295 if (params
.mgmt_frame_protection
!= NO_MGMT_FRAME_PROTECTION
&& bss
) {
3296 const u8
*rsn
= wpa_bss_get_ie(bss
, WLAN_EID_RSN
);
3297 struct wpa_ie_data ie
;
3298 if (rsn
&& wpa_parse_wpa_ie(rsn
, 2 + rsn
[1], &ie
) == 0 &&
3300 (WPA_CAPABILITY_MFPC
| WPA_CAPABILITY_MFPR
)) {
3301 wpa_dbg(wpa_s
, MSG_DEBUG
, "WPA: Selected AP supports "
3302 "MFP: require MFP");
3303 params
.mgmt_frame_protection
=
3304 MGMT_FRAME_PROTECTION_REQUIRED
;
3306 } else if (!rsn
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
3308 params
.mgmt_frame_protection
= NO_MGMT_FRAME_PROTECTION
;
3309 #endif /* CONFIG_OWE */
3313 params
.p2p
= ssid
->p2p_group
;
3315 if (wpa_s
->p2pdev
->set_sta_uapsd
)
3316 params
.uapsd
= wpa_s
->p2pdev
->sta_uapsd
;
3320 #ifdef CONFIG_HT_OVERRIDES
3321 os_memset(&htcaps
, 0, sizeof(htcaps
));
3322 os_memset(&htcaps_mask
, 0, sizeof(htcaps_mask
));
3323 params
.htcaps
= (u8
*) &htcaps
;
3324 params
.htcaps_mask
= (u8
*) &htcaps_mask
;
3325 wpa_supplicant_apply_ht_overrides(wpa_s
, ssid
, ¶ms
);
3326 #endif /* CONFIG_HT_OVERRIDES */
3327 #ifdef CONFIG_VHT_OVERRIDES
3328 os_memset(&vhtcaps
, 0, sizeof(vhtcaps
));
3329 os_memset(&vhtcaps_mask
, 0, sizeof(vhtcaps_mask
));
3330 params
.vhtcaps
= &vhtcaps
;
3331 params
.vhtcaps_mask
= &vhtcaps_mask
;
3332 wpa_supplicant_apply_vht_overrides(wpa_s
, ssid
, ¶ms
);
3333 #endif /* CONFIG_VHT_OVERRIDES */
3337 * If multi-channel concurrency is not supported, check for any
3338 * frequency conflict. In case of any frequency conflict, remove the
3339 * least prioritized connection.
3341 if (wpa_s
->num_multichan_concurrent
< 2) {
3343 num
= get_shared_radio_freqs(wpa_s
, &freq
, 1);
3344 if (num
> 0 && freq
> 0 && freq
!= params
.freq
.freq
) {
3345 wpa_printf(MSG_DEBUG
,
3346 "Assoc conflicting freq found (%d != %d)",
3347 freq
, params
.freq
.freq
);
3348 if (wpas_p2p_handle_frequency_conflicts(
3349 wpa_s
, params
.freq
.freq
, ssid
) < 0) {
3350 wpas_connect_work_done(wpa_s
);
3356 #endif /* CONFIG_P2P */
3358 if (wpa_s
->reassoc_same_ess
&& !is_zero_ether_addr(prev_bssid
) &&
3359 wpa_s
->current_ssid
)
3360 params
.prev_bssid
= prev_bssid
;
3362 ret
= wpa_drv_associate(wpa_s
, ¶ms
);
3365 wpa_msg(wpa_s
, MSG_INFO
, "Association request to the driver "
3367 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SANE_ERROR_CODES
) {
3369 * The driver is known to mean what is saying, so we
3370 * can stop right here; the association will not
3373 wpas_connection_failed(wpa_s
, wpa_s
->pending_bssid
);
3374 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
3375 os_memset(wpa_s
->pending_bssid
, 0, ETH_ALEN
);
3378 /* try to continue anyway; new association will be tried again
3383 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPA_NONE
) {
3384 /* Set the key after the association just in case association
3385 * cleared the previously configured key. */
3386 wpa_supplicant_set_wpa_none_key(wpa_s
, ssid
);
3387 /* No need to timeout authentication since there is no key
3389 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3390 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
3391 #ifdef CONFIG_IBSS_RSN
3392 } else if (ssid
->mode
== WPAS_MODE_IBSS
&&
3393 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_NONE
&&
3394 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_WPA_NONE
) {
3396 * RSN IBSS authentication is per-STA and we can disable the
3397 * per-BSSID authentication.
3399 wpa_supplicant_cancel_auth_timeout(wpa_s
);
3400 #endif /* CONFIG_IBSS_RSN */
3402 /* Timeout for IEEE 802.11 authentication and association */
3406 /* give IBSS a bit more time */
3407 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 10 : 5;
3408 } else if (wpa_s
->conf
->ap_scan
== 1) {
3409 /* give IBSS a bit more time */
3410 timeout
= ssid
->mode
== WPAS_MODE_IBSS
? 20 : 10;
3412 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
3416 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC
)) {
3417 /* Set static WEP keys again */
3418 wpa_set_wep_keys(wpa_s
, ssid
);
3421 if (wpa_s
->current_ssid
&& wpa_s
->current_ssid
!= ssid
) {
3423 * Do not allow EAP session resumption between different
3424 * network configurations.
3426 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3428 old_ssid
= wpa_s
->current_ssid
;
3429 wpa_s
->current_ssid
= ssid
;
3431 if (!wpas_driver_bss_selection(wpa_s
) || ssid
->bssid_set
) {
3432 wpa_s
->current_bss
= bss
;
3434 hs20_configure_frame_filters(wpa_s
);
3435 #endif /* CONFIG_HS20 */
3438 wpa_supplicant_rsn_supp_set_config(wpa_s
, wpa_s
->current_ssid
);
3439 wpa_supplicant_initiate_eapol(wpa_s
);
3440 if (old_ssid
!= wpa_s
->current_ssid
)
3441 wpas_notify_network_changed(wpa_s
);
3445 static void wpa_supplicant_clear_connection(struct wpa_supplicant
*wpa_s
,
3448 struct wpa_ssid
*old_ssid
;
3450 wpas_connect_work_done(wpa_s
);
3451 wpa_clear_keys(wpa_s
, addr
);
3452 old_ssid
= wpa_s
->current_ssid
;
3453 wpa_supplicant_mark_disassoc(wpa_s
);
3454 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3455 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3456 if (old_ssid
!= wpa_s
->current_ssid
)
3457 wpas_notify_network_changed(wpa_s
);
3458 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
3463 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3464 * @wpa_s: Pointer to wpa_supplicant data
3465 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3467 * This function is used to request %wpa_supplicant to deauthenticate from the
3470 void wpa_supplicant_deauthenticate(struct wpa_supplicant
*wpa_s
,
3474 union wpa_event_data event
;
3477 wpa_dbg(wpa_s
, MSG_DEBUG
, "Request to deauthenticate - bssid=" MACSTR
3478 " pending_bssid=" MACSTR
" reason=%d (%s) state=%s",
3479 MAC2STR(wpa_s
->bssid
), MAC2STR(wpa_s
->pending_bssid
),
3480 reason_code
, reason2str(reason_code
),
3481 wpa_supplicant_state_txt(wpa_s
->wpa_state
));
3483 if (!is_zero_ether_addr(wpa_s
->pending_bssid
) &&
3484 (wpa_s
->wpa_state
== WPA_AUTHENTICATING
||
3485 wpa_s
->wpa_state
== WPA_ASSOCIATING
))
3486 addr
= wpa_s
->pending_bssid
;
3487 else if (!is_zero_ether_addr(wpa_s
->bssid
))
3488 addr
= wpa_s
->bssid
;
3489 else if (wpa_s
->wpa_state
== WPA_ASSOCIATING
) {
3491 * When using driver-based BSS selection, we may not know the
3492 * BSSID with which we are currently trying to associate. We
3493 * need to notify the driver of this disconnection even in such
3494 * a case, so use the all zeros address here.
3496 addr
= wpa_s
->bssid
;
3500 if (wpa_s
->enabled_4addr_mode
&& wpa_drv_set_4addr_mode(wpa_s
, 0) == 0)
3501 wpa_s
->enabled_4addr_mode
= 0;
3504 wpa_tdls_teardown_peers(wpa_s
->wpa
);
3505 #endif /* CONFIG_TDLS */
3509 struct mesh_conf
*mconf
;
3511 mconf
= wpa_s
->ifmsh
->mconf
;
3512 wpa_msg(wpa_s
, MSG_INFO
, MESH_GROUP_REMOVED
"%s",
3514 wpas_notify_mesh_group_removed(wpa_s
, mconf
->meshid
,
3515 mconf
->meshid_len
, reason_code
);
3516 wpa_supplicant_leave_mesh(wpa_s
);
3518 #endif /* CONFIG_MESH */
3521 wpa_drv_deauthenticate(wpa_s
, addr
, reason_code
);
3522 os_memset(&event
, 0, sizeof(event
));
3523 event
.deauth_info
.reason_code
= reason_code
;
3524 event
.deauth_info
.locally_generated
= 1;
3525 wpa_supplicant_event(wpa_s
, EVENT_DEAUTH
, &event
);
3530 wpa_supplicant_clear_connection(wpa_s
, addr
);
3533 static void wpa_supplicant_enable_one_network(struct wpa_supplicant
*wpa_s
,
3534 struct wpa_ssid
*ssid
)
3536 if (!ssid
|| !ssid
->disabled
|| ssid
->disabled
== 2)
3540 ssid
->owe_transition_bss_select_count
= 0;
3541 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3542 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3545 * Try to reassociate since there is no current configuration and a new
3546 * network was made available.
3548 if (!wpa_s
->current_ssid
&& !wpa_s
->disconnected
)
3549 wpa_s
->reassociate
= 1;
3554 * wpa_supplicant_add_network - Add a new network
3555 * @wpa_s: wpa_supplicant structure for a network interface
3556 * Returns: The new network configuration or %NULL if operation failed
3558 * This function performs the following operations:
3559 * 1. Adds a new network.
3560 * 2. Send network addition notification.
3561 * 3. Marks the network disabled.
3562 * 4. Set network default parameters.
3564 struct wpa_ssid
* wpa_supplicant_add_network(struct wpa_supplicant
*wpa_s
)
3566 struct wpa_ssid
*ssid
;
3568 ssid
= wpa_config_add_network(wpa_s
->conf
);
3571 wpas_notify_network_added(wpa_s
, ssid
);
3573 wpa_config_set_network_defaults(ssid
);
3580 * wpa_supplicant_remove_network - Remove a configured network based on id
3581 * @wpa_s: wpa_supplicant structure for a network interface
3582 * @id: Unique network id to search for
3583 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
3584 * could not be removed
3586 * This function performs the following operations:
3587 * 1. Removes the network.
3588 * 2. Send network removal notification.
3589 * 3. Update internal state machines.
3590 * 4. Stop any running sched scans.
3592 int wpa_supplicant_remove_network(struct wpa_supplicant
*wpa_s
, int id
)
3594 struct wpa_ssid
*ssid
;
3597 ssid
= wpa_config_get_network(wpa_s
->conf
, id
);
3600 wpas_notify_network_removed(wpa_s
, ssid
);
3602 if (wpa_s
->last_ssid
== ssid
)
3603 wpa_s
->last_ssid
= NULL
;
3605 if (ssid
== wpa_s
->current_ssid
|| !wpa_s
->current_ssid
) {
3607 wpa_s
->sme
.prev_bssid_set
= 0;
3608 #endif /* CONFIG_SME */
3610 * Invalidate the EAP session cache if the current or
3611 * previously used network is removed.
3613 eapol_sm_invalidate_cached_session(wpa_s
->eapol
);
3616 if (ssid
== wpa_s
->current_ssid
) {
3617 wpa_sm_set_config(wpa_s
->wpa
, NULL
);
3618 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3620 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3621 wpa_s
->own_disconnect_req
= 1;
3622 wpa_supplicant_deauthenticate(wpa_s
,
3623 WLAN_REASON_DEAUTH_LEAVING
);
3626 was_disabled
= ssid
->disabled
;
3628 if (wpa_config_remove_network(wpa_s
->conf
, id
) < 0)
3631 if (!was_disabled
&& wpa_s
->sched_scanning
) {
3632 wpa_printf(MSG_DEBUG
,
3633 "Stop ongoing sched_scan to remove network from filters");
3634 wpa_supplicant_cancel_sched_scan(wpa_s
);
3635 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3643 * wpa_supplicant_enable_network - Mark a configured network as enabled
3644 * @wpa_s: wpa_supplicant structure for a network interface
3645 * @ssid: wpa_ssid structure for a configured network or %NULL
3647 * Enables the specified network or all networks if no network specified.
3649 void wpa_supplicant_enable_network(struct wpa_supplicant
*wpa_s
,
3650 struct wpa_ssid
*ssid
)
3653 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
3654 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3656 wpa_supplicant_enable_one_network(wpa_s
, ssid
);
3658 if (wpa_s
->reassociate
&& !wpa_s
->disconnected
&&
3659 (!wpa_s
->current_ssid
||
3660 wpa_s
->wpa_state
== WPA_DISCONNECTED
||
3661 wpa_s
->wpa_state
== WPA_SCANNING
)) {
3662 if (wpa_s
->sched_scanning
) {
3663 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan to add "
3664 "new network to scan filters");
3665 wpa_supplicant_cancel_sched_scan(wpa_s
);
3668 if (wpa_supplicant_fast_associate(wpa_s
) != 1) {
3669 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3670 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3677 * wpa_supplicant_disable_network - Mark a configured network as disabled
3678 * @wpa_s: wpa_supplicant structure for a network interface
3679 * @ssid: wpa_ssid structure for a configured network or %NULL
3681 * Disables the specified network or all networks if no network specified.
3683 void wpa_supplicant_disable_network(struct wpa_supplicant
*wpa_s
,
3684 struct wpa_ssid
*ssid
)
3686 struct wpa_ssid
*other_ssid
;
3690 if (wpa_s
->sched_scanning
)
3691 wpa_supplicant_cancel_sched_scan(wpa_s
);
3693 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3694 other_ssid
= other_ssid
->next
) {
3695 was_disabled
= other_ssid
->disabled
;
3696 if (was_disabled
== 2)
3697 continue; /* do not change persistent P2P group
3700 other_ssid
->disabled
= 1;
3702 if (was_disabled
!= other_ssid
->disabled
)
3703 wpas_notify_network_enabled_changed(
3706 if (wpa_s
->current_ssid
) {
3707 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3708 wpa_s
->own_disconnect_req
= 1;
3709 wpa_supplicant_deauthenticate(
3710 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3712 } else if (ssid
->disabled
!= 2) {
3713 if (ssid
== wpa_s
->current_ssid
) {
3714 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3715 wpa_s
->own_disconnect_req
= 1;
3716 wpa_supplicant_deauthenticate(
3717 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3720 was_disabled
= ssid
->disabled
;
3724 if (was_disabled
!= ssid
->disabled
) {
3725 wpas_notify_network_enabled_changed(wpa_s
, ssid
);
3726 if (wpa_s
->sched_scanning
) {
3727 wpa_printf(MSG_DEBUG
, "Stop ongoing sched_scan "
3728 "to remove network from filters");
3729 wpa_supplicant_cancel_sched_scan(wpa_s
);
3730 wpa_supplicant_req_scan(wpa_s
, 0, 0);
3738 * wpa_supplicant_select_network - Attempt association with a network
3739 * @wpa_s: wpa_supplicant structure for a network interface
3740 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
3742 void wpa_supplicant_select_network(struct wpa_supplicant
*wpa_s
,
3743 struct wpa_ssid
*ssid
)
3746 struct wpa_ssid
*other_ssid
;
3747 int disconnected
= 0;
3749 if (ssid
&& ssid
!= wpa_s
->current_ssid
&& wpa_s
->current_ssid
) {
3750 if (wpa_s
->wpa_state
>= WPA_AUTHENTICATING
)
3751 wpa_s
->own_disconnect_req
= 1;
3752 wpa_supplicant_deauthenticate(
3753 wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
3758 wpas_clear_temp_disabled(wpa_s
, ssid
, 1);
3761 * Mark all other networks disabled or mark all networks enabled if no
3762 * network specified.
3764 for (other_ssid
= wpa_s
->conf
->ssid
; other_ssid
;
3765 other_ssid
= other_ssid
->next
) {
3766 int was_disabled
= other_ssid
->disabled
;
3767 if (was_disabled
== 2)
3768 continue; /* do not change persistent P2P group data */
3770 other_ssid
->disabled
= ssid
? (ssid
->id
!= other_ssid
->id
) : 0;
3771 if (was_disabled
&& !other_ssid
->disabled
)
3772 wpas_clear_temp_disabled(wpa_s
, other_ssid
, 0);
3774 if (was_disabled
!= other_ssid
->disabled
)
3775 wpas_notify_network_enabled_changed(wpa_s
, other_ssid
);
3778 if (ssid
&& ssid
== wpa_s
->current_ssid
&& wpa_s
->current_ssid
&&
3779 wpa_s
->wpa_state
>= WPA_AUTHENTICATING
) {
3780 /* We are already associated with the selected network */
3781 wpa_printf(MSG_DEBUG
, "Already associated with the "
3782 "selected network - do nothing");
3787 wpa_s
->current_ssid
= ssid
;
3788 eapol_sm_notify_config(wpa_s
->eapol
, NULL
, NULL
);
3789 wpa_s
->connect_without_scan
=
3790 (ssid
->mode
== WPAS_MODE_MESH
) ? ssid
: NULL
;
3793 * Don't optimize next scan freqs since a new ESS has been
3796 os_free(wpa_s
->next_scan_freqs
);
3797 wpa_s
->next_scan_freqs
= NULL
;
3799 wpa_s
->connect_without_scan
= NULL
;
3802 wpa_s
->disconnected
= 0;
3803 wpa_s
->reassociate
= 1;
3804 wpa_s
->last_owe_group
= 0;
3806 ssid
->owe_transition_bss_select_count
= 0;
3808 if (wpa_s
->connect_without_scan
||
3809 wpa_supplicant_fast_associate(wpa_s
) != 1) {
3810 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
3811 wpas_scan_reset_sched_scan(wpa_s
);
3812 wpa_supplicant_req_scan(wpa_s
, 0, disconnected
? 100000 : 0);
3816 wpas_notify_network_selected(wpa_s
, ssid
);
3821 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
3822 * @wpa_s: wpa_supplicant structure for a network interface
3823 * @pkcs11_engine_path: PKCS #11 engine path or NULL
3824 * @pkcs11_module_path: PKCS #11 module path or NULL
3825 * Returns: 0 on success; -1 on failure
3827 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
3828 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
3829 * module path fails the paths will be reset to the default value (NULL).
3831 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant
*wpa_s
,
3832 const char *pkcs11_engine_path
,
3833 const char *pkcs11_module_path
)
3835 char *pkcs11_engine_path_copy
= NULL
;
3836 char *pkcs11_module_path_copy
= NULL
;
3838 if (pkcs11_engine_path
!= NULL
) {
3839 pkcs11_engine_path_copy
= os_strdup(pkcs11_engine_path
);
3840 if (pkcs11_engine_path_copy
== NULL
)
3843 if (pkcs11_module_path
!= NULL
) {
3844 pkcs11_module_path_copy
= os_strdup(pkcs11_module_path
);
3845 if (pkcs11_module_path_copy
== NULL
) {
3846 os_free(pkcs11_engine_path_copy
);
3851 os_free(wpa_s
->conf
->pkcs11_engine_path
);
3852 os_free(wpa_s
->conf
->pkcs11_module_path
);
3853 wpa_s
->conf
->pkcs11_engine_path
= pkcs11_engine_path_copy
;
3854 wpa_s
->conf
->pkcs11_module_path
= pkcs11_module_path_copy
;
3856 wpa_sm_set_eapol(wpa_s
->wpa
, NULL
);
3857 eapol_sm_deinit(wpa_s
->eapol
);
3858 wpa_s
->eapol
= NULL
;
3859 if (wpa_supplicant_init_eapol(wpa_s
)) {
3860 /* Error -> Reset paths to the default value (NULL) once. */
3861 if (pkcs11_engine_path
!= NULL
&& pkcs11_module_path
!= NULL
)
3862 wpas_set_pkcs11_engine_and_module_path(wpa_s
, NULL
,
3867 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
3874 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
3875 * @wpa_s: wpa_supplicant structure for a network interface
3876 * @ap_scan: AP scan mode
3877 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
3880 int wpa_supplicant_set_ap_scan(struct wpa_supplicant
*wpa_s
, int ap_scan
)
3885 if (ap_scan
< 0 || ap_scan
> 2)
3888 if (ap_scan
== 2 && os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
3889 wpa_printf(MSG_INFO
,
3890 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3894 if (ap_scan
== 2 && ap_scan
!= wpa_s
->conf
->ap_scan
&&
3895 wpa_s
->wpa_state
>= WPA_ASSOCIATING
&&
3896 wpa_s
->wpa_state
< WPA_COMPLETED
) {
3897 wpa_printf(MSG_ERROR
, "ap_scan = %d (%d) rejected while "
3898 "associating", wpa_s
->conf
->ap_scan
, ap_scan
);
3901 #endif /* ANDROID */
3903 old_ap_scan
= wpa_s
->conf
->ap_scan
;
3904 wpa_s
->conf
->ap_scan
= ap_scan
;
3906 if (old_ap_scan
!= wpa_s
->conf
->ap_scan
)
3907 wpas_notify_ap_scan_changed(wpa_s
);
3914 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3915 * @wpa_s: wpa_supplicant structure for a network interface
3916 * @expire_age: Expiration age in seconds
3917 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3920 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant
*wpa_s
,
3921 unsigned int bss_expire_age
)
3923 if (bss_expire_age
< 10) {
3924 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration age %u",
3928 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration age: %d sec",
3930 wpa_s
->conf
->bss_expiration_age
= bss_expire_age
;
3937 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3938 * @wpa_s: wpa_supplicant structure for a network interface
3939 * @expire_count: number of scans after which an unseen BSS is reclaimed
3940 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3943 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant
*wpa_s
,
3944 unsigned int bss_expire_count
)
3946 if (bss_expire_count
< 1) {
3947 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid bss expiration count %u",
3951 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting bss expiration scan count: %u",
3953 wpa_s
->conf
->bss_expiration_scan_count
= bss_expire_count
;
3960 * wpa_supplicant_set_scan_interval - Set scan interval
3961 * @wpa_s: wpa_supplicant structure for a network interface
3962 * @scan_interval: scan interval in seconds
3963 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3966 int wpa_supplicant_set_scan_interval(struct wpa_supplicant
*wpa_s
,
3969 if (scan_interval
< 0) {
3970 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid scan interval %d",
3974 wpa_msg(wpa_s
, MSG_DEBUG
, "Setting scan interval: %d sec",
3976 wpa_supplicant_update_scan_int(wpa_s
, scan_interval
);
3983 * wpa_supplicant_set_debug_params - Set global debug params
3984 * @global: wpa_global structure
3985 * @debug_level: debug level
3986 * @debug_timestamp: determines if show timestamp in debug data
3987 * @debug_show_keys: determines if show keys in debug data
3988 * Returns: 0 if succeed or -1 if debug_level has wrong value
3990 int wpa_supplicant_set_debug_params(struct wpa_global
*global
, int debug_level
,
3991 int debug_timestamp
, int debug_show_keys
)
3994 int old_level
, old_timestamp
, old_show_keys
;
3996 /* check for allowed debuglevels */
3997 if (debug_level
!= MSG_EXCESSIVE
&&
3998 debug_level
!= MSG_MSGDUMP
&&
3999 debug_level
!= MSG_DEBUG
&&
4000 debug_level
!= MSG_INFO
&&
4001 debug_level
!= MSG_WARNING
&&
4002 debug_level
!= MSG_ERROR
)
4005 old_level
= wpa_debug_level
;
4006 old_timestamp
= wpa_debug_timestamp
;
4007 old_show_keys
= wpa_debug_show_keys
;
4009 wpa_debug_level
= debug_level
;
4010 wpa_debug_timestamp
= debug_timestamp
? 1 : 0;
4011 wpa_debug_show_keys
= debug_show_keys
? 1 : 0;
4013 if (wpa_debug_level
!= old_level
)
4014 wpas_notify_debug_level_changed(global
);
4015 if (wpa_debug_timestamp
!= old_timestamp
)
4016 wpas_notify_debug_timestamp_changed(global
);
4017 if (wpa_debug_show_keys
!= old_show_keys
)
4018 wpas_notify_debug_show_keys_changed(global
);
4025 static int owe_trans_ssid_match(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
4026 const u8
*entry_ssid
, size_t entry_ssid_len
)
4028 const u8
*owe
, *pos
, *end
;
4030 struct wpa_bss
*bss
;
4032 /* Check network profile SSID aganst the SSID in the
4033 * OWE Transition Mode element. */
4035 bss
= wpa_bss_get_bssid_latest(wpa_s
, bssid
);
4039 owe
= wpa_bss_get_vendor_ie(bss
, OWE_IE_VENDOR_TYPE
);
4044 end
= owe
+ 2 + owe
[1];
4046 if (end
- pos
< ETH_ALEN
+ 1)
4050 if (end
- pos
< ssid_len
|| ssid_len
> SSID_MAX_LEN
)
4053 return entry_ssid_len
== ssid_len
&&
4054 os_memcmp(pos
, entry_ssid
, ssid_len
) == 0;
4056 #endif /* CONFIG_OWE */
4060 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4061 * @wpa_s: Pointer to wpa_supplicant data
4062 * Returns: A pointer to the current network structure or %NULL on failure
4064 struct wpa_ssid
* wpa_supplicant_get_ssid(struct wpa_supplicant
*wpa_s
)
4066 struct wpa_ssid
*entry
;
4067 u8 ssid
[SSID_MAX_LEN
];
4073 res
= wpa_drv_get_ssid(wpa_s
, ssid
);
4075 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read SSID from "
4081 if (wpa_drv_get_bssid(wpa_s
, bssid
) < 0) {
4082 wpa_msg(wpa_s
, MSG_WARNING
, "Could not read BSSID from "
4087 wired
= wpa_s
->conf
->ap_scan
== 0 &&
4088 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_WIRED
);
4090 entry
= wpa_s
->conf
->ssid
;
4092 if (!wpas_network_disabled(wpa_s
, entry
) &&
4093 ((ssid_len
== entry
->ssid_len
&&
4095 os_memcmp(ssid
, entry
->ssid
, ssid_len
) == 0)) ||
4097 (!entry
->bssid_set
||
4098 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4101 if (!wpas_network_disabled(wpa_s
, entry
) &&
4102 (entry
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4103 (entry
->ssid
== NULL
|| entry
->ssid_len
== 0) &&
4104 (!entry
->bssid_set
||
4105 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4107 #endif /* CONFIG_WPS */
4110 if (!wpas_network_disabled(wpa_s
, entry
) &&
4111 owe_trans_ssid_match(wpa_s
, bssid
, entry
->ssid
,
4113 (!entry
->bssid_set
||
4114 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0))
4116 #endif /* CONFIG_OWE */
4118 if (!wpas_network_disabled(wpa_s
, entry
) && entry
->bssid_set
&&
4119 entry
->ssid_len
== 0 &&
4120 os_memcmp(bssid
, entry
->bssid
, ETH_ALEN
) == 0)
4123 entry
= entry
->next
;
4130 static int select_driver(struct wpa_supplicant
*wpa_s
, int i
)
4132 struct wpa_global
*global
= wpa_s
->global
;
4134 if (wpa_drivers
[i
]->global_init
&& global
->drv_priv
[i
] == NULL
) {
4135 global
->drv_priv
[i
] = wpa_drivers
[i
]->global_init(global
);
4136 if (global
->drv_priv
[i
] == NULL
) {
4137 wpa_printf(MSG_ERROR
, "Failed to initialize driver "
4138 "'%s'", wpa_drivers
[i
]->name
);
4143 wpa_s
->driver
= wpa_drivers
[i
];
4144 wpa_s
->global_drv_priv
= global
->drv_priv
[i
];
4150 static int wpa_supplicant_set_driver(struct wpa_supplicant
*wpa_s
,
4155 const char *pos
, *driver
= name
;
4160 if (wpa_drivers
[0] == NULL
) {
4161 wpa_msg(wpa_s
, MSG_ERROR
, "No driver interfaces build into "
4167 /* default to first driver in the list */
4168 return select_driver(wpa_s
, 0);
4172 pos
= os_strchr(driver
, ',');
4176 len
= os_strlen(driver
);
4178 for (i
= 0; wpa_drivers
[i
]; i
++) {
4179 if (os_strlen(wpa_drivers
[i
]->name
) == len
&&
4180 os_strncmp(driver
, wpa_drivers
[i
]->name
, len
) ==
4182 /* First driver that succeeds wins */
4183 if (select_driver(wpa_s
, i
) == 0)
4191 wpa_msg(wpa_s
, MSG_ERROR
, "Unsupported driver '%s'", name
);
4197 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4198 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4199 * with struct wpa_driver_ops::init()
4200 * @src_addr: Source address of the EAPOL frame
4201 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4202 * @len: Length of the EAPOL data
4204 * This function is called for each received EAPOL frame. Most driver
4205 * interfaces rely on more generic OS mechanism for receiving frames through
4206 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4207 * take care of received EAPOL frames and deliver them to the core supplicant
4208 * code by calling this function.
4210 void wpa_supplicant_rx_eapol(void *ctx
, const u8
*src_addr
,
4211 const u8
*buf
, size_t len
)
4213 struct wpa_supplicant
*wpa_s
= ctx
;
4215 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
, MAC2STR(src_addr
));
4216 wpa_hexdump(MSG_MSGDUMP
, "RX EAPOL", buf
, len
);
4218 #ifdef CONFIG_TESTING_OPTIONS
4219 if (wpa_s
->ignore_auth_resp
) {
4220 wpa_printf(MSG_INFO
, "RX EAPOL - ignore_auth_resp active!");
4223 #endif /* CONFIG_TESTING_OPTIONS */
4225 if (wpa_s
->wpa_state
< WPA_ASSOCIATED
||
4226 (wpa_s
->last_eapol_matches_bssid
&&
4229 #endif /* CONFIG_AP */
4230 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) != 0)) {
4232 * There is possible race condition between receiving the
4233 * association event and the EAPOL frame since they are coming
4234 * through different paths from the driver. In order to avoid
4235 * issues in trying to process the EAPOL frame before receiving
4236 * association information, lets queue it for processing until
4237 * the association event is received. This may also be needed in
4238 * driver-based roaming case, so also use src_addr != BSSID as a
4239 * trigger if we have previously confirmed that the
4240 * Authenticator uses BSSID as the src_addr (which is not the
4241 * case with wired IEEE 802.1X).
4243 wpa_dbg(wpa_s
, MSG_DEBUG
, "Not associated - Delay processing "
4244 "of received EAPOL frame (state=%s bssid=" MACSTR
")",
4245 wpa_supplicant_state_txt(wpa_s
->wpa_state
),
4246 MAC2STR(wpa_s
->bssid
));
4247 wpabuf_free(wpa_s
->pending_eapol_rx
);
4248 wpa_s
->pending_eapol_rx
= wpabuf_alloc_copy(buf
, len
);
4249 if (wpa_s
->pending_eapol_rx
) {
4250 os_get_reltime(&wpa_s
->pending_eapol_rx_time
);
4251 os_memcpy(wpa_s
->pending_eapol_rx_src
, src_addr
,
4257 wpa_s
->last_eapol_matches_bssid
=
4258 os_memcmp(src_addr
, wpa_s
->bssid
, ETH_ALEN
) == 0;
4261 if (wpa_s
->ap_iface
) {
4262 wpa_supplicant_ap_rx_eapol(wpa_s
, src_addr
, buf
, len
);
4265 #endif /* CONFIG_AP */
4267 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
4268 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignored received EAPOL frame since "
4269 "no key management is configured");
4273 if (wpa_s
->eapol_received
== 0 &&
4274 (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
) ||
4275 !wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
4276 wpa_s
->wpa_state
!= WPA_COMPLETED
) &&
4277 (wpa_s
->current_ssid
== NULL
||
4278 wpa_s
->current_ssid
->mode
!= WPAS_MODE_IBSS
)) {
4279 /* Timeout for completing IEEE 802.1X and WPA authentication */
4282 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) ||
4283 wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
||
4284 wpa_s
->key_mgmt
== WPA_KEY_MGMT_WPS
) {
4285 /* Use longer timeout for IEEE 802.1X/EAP */
4290 if (wpa_s
->current_ssid
&& wpa_s
->current_bss
&&
4291 (wpa_s
->current_ssid
->key_mgmt
& WPA_KEY_MGMT_WPS
) &&
4292 eap_is_wps_pin_enrollee(&wpa_s
->current_ssid
->eap
)) {
4294 * Use shorter timeout if going through WPS AP iteration
4295 * for PIN config method with an AP that does not
4296 * advertise Selected Registrar.
4298 struct wpabuf
*wps_ie
;
4300 wps_ie
= wpa_bss_get_vendor_ie_multi(
4301 wpa_s
->current_bss
, WPS_IE_VENDOR_TYPE
);
4303 !wps_is_addr_authorized(wps_ie
, wpa_s
->own_addr
, 1))
4305 wpabuf_free(wps_ie
);
4307 #endif /* CONFIG_WPS */
4309 wpa_supplicant_req_auth_timeout(wpa_s
, timeout
, 0);
4311 wpa_s
->eapol_received
++;
4313 if (wpa_s
->countermeasures
) {
4314 wpa_msg(wpa_s
, MSG_INFO
, "WPA: Countermeasures - dropped "
4319 #ifdef CONFIG_IBSS_RSN
4320 if (wpa_s
->current_ssid
&&
4321 wpa_s
->current_ssid
->mode
== WPAS_MODE_IBSS
) {
4322 ibss_rsn_rx_eapol(wpa_s
->ibss_rsn
, src_addr
, buf
, len
);
4325 #endif /* CONFIG_IBSS_RSN */
4327 /* Source address of the incoming EAPOL frame could be compared to the
4328 * current BSSID. However, it is possible that a centralized
4329 * Authenticator could be using another MAC address than the BSSID of
4330 * an AP, so just allow any address to be used for now. The replies are
4331 * still sent to the current BSSID (if available), though. */
4333 os_memcpy(wpa_s
->last_eapol_src
, src_addr
, ETH_ALEN
);
4334 if (!wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) &&
4335 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_OWE
&&
4336 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_DPP
&&
4337 eapol_sm_rx_eapol(wpa_s
->eapol
, src_addr
, buf
, len
) > 0)
4339 wpa_drv_poll(wpa_s
);
4340 if (!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK
))
4341 wpa_sm_rx_eapol(wpa_s
->wpa
, src_addr
, buf
, len
);
4342 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
4344 * Set portValid = TRUE here since we are going to skip 4-way
4345 * handshake processing which would normally set portValid. We
4346 * need this to allow the EAPOL state machines to be completed
4347 * without going through EAPOL-Key handshake.
4349 eapol_sm_notify_portValid(wpa_s
->eapol
, TRUE
);
4354 int wpa_supplicant_update_mac_addr(struct wpa_supplicant
*wpa_s
)
4356 if ((!wpa_s
->p2p_mgmt
||
4357 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)) &&
4358 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE
)) {
4359 l2_packet_deinit(wpa_s
->l2
);
4360 wpa_s
->l2
= l2_packet_init(wpa_s
->ifname
,
4361 wpa_drv_get_mac_addr(wpa_s
),
4363 wpa_supplicant_rx_eapol
, wpa_s
, 0);
4364 if (wpa_s
->l2
== NULL
)
4367 if (l2_packet_set_packet_filter(wpa_s
->l2
,
4368 L2_PACKET_FILTER_PKTTYPE
))
4369 wpa_dbg(wpa_s
, MSG_DEBUG
,
4370 "Failed to attach pkt_type filter");
4372 const u8
*addr
= wpa_drv_get_mac_addr(wpa_s
);
4374 os_memcpy(wpa_s
->own_addr
, addr
, ETH_ALEN
);
4377 if (wpa_s
->l2
&& l2_packet_get_own_addr(wpa_s
->l2
, wpa_s
->own_addr
)) {
4378 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to get own L2 address");
4382 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4383 wpas_wps_update_mac_addr(wpa_s
);
4389 static void wpa_supplicant_rx_eapol_bridge(void *ctx
, const u8
*src_addr
,
4390 const u8
*buf
, size_t len
)
4392 struct wpa_supplicant
*wpa_s
= ctx
;
4393 const struct l2_ethhdr
*eth
;
4395 if (len
< sizeof(*eth
))
4397 eth
= (const struct l2_ethhdr
*) buf
;
4399 if (os_memcmp(eth
->h_dest
, wpa_s
->own_addr
, ETH_ALEN
) != 0 &&
4400 !(eth
->h_dest
[0] & 0x01)) {
4401 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4402 " (bridge - not for this interface - ignore)",
4403 MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4407 wpa_dbg(wpa_s
, MSG_DEBUG
, "RX EAPOL from " MACSTR
" to " MACSTR
4408 " (bridge)", MAC2STR(src_addr
), MAC2STR(eth
->h_dest
));
4409 wpa_supplicant_rx_eapol(wpa_s
, src_addr
, buf
+ sizeof(*eth
),
4410 len
- sizeof(*eth
));
4415 * wpa_supplicant_driver_init - Initialize driver interface parameters
4416 * @wpa_s: Pointer to wpa_supplicant data
4417 * Returns: 0 on success, -1 on failure
4419 * This function is called to initialize driver interface parameters.
4420 * wpa_drv_init() must have been called before this function to initialize the
4423 int wpa_supplicant_driver_init(struct wpa_supplicant
*wpa_s
)
4425 static int interface_count
= 0;
4427 if (wpa_supplicant_update_mac_addr(wpa_s
) < 0)
4430 wpa_dbg(wpa_s
, MSG_DEBUG
, "Own MAC address: " MACSTR
,
4431 MAC2STR(wpa_s
->own_addr
));
4432 os_memcpy(wpa_s
->perm_addr
, wpa_s
->own_addr
, ETH_ALEN
);
4433 wpa_sm_set_own_addr(wpa_s
->wpa
, wpa_s
->own_addr
);
4435 if (wpa_s
->bridge_ifname
[0]) {
4436 wpa_dbg(wpa_s
, MSG_DEBUG
, "Receiving packets from bridge "
4437 "interface '%s'", wpa_s
->bridge_ifname
);
4438 wpa_s
->l2_br
= l2_packet_init_bridge(
4439 wpa_s
->bridge_ifname
, wpa_s
->ifname
, wpa_s
->own_addr
,
4440 ETH_P_EAPOL
, wpa_supplicant_rx_eapol_bridge
, wpa_s
, 1);
4441 if (wpa_s
->l2_br
== NULL
) {
4442 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to open l2_packet "
4443 "connection for the bridge interface '%s'",
4444 wpa_s
->bridge_ifname
);
4449 if (wpa_s
->conf
->ap_scan
== 2 &&
4450 os_strcmp(wpa_s
->driver
->name
, "nl80211") == 0) {
4451 wpa_printf(MSG_INFO
,
4452 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4455 wpa_clear_keys(wpa_s
, NULL
);
4457 /* Make sure that TKIP countermeasures are not left enabled (could
4458 * happen if wpa_supplicant is killed during countermeasures. */
4459 wpa_drv_set_countermeasures(wpa_s
, 0);
4461 wpa_dbg(wpa_s
, MSG_DEBUG
, "RSN: flushing PMKID list in the driver");
4462 wpa_drv_flush_pmkid(wpa_s
);
4464 wpa_s
->prev_scan_ssid
= WILDCARD_SSID_SCAN
;
4465 wpa_s
->prev_scan_wildcard
= 0;
4467 if (wpa_supplicant_enabled_networks(wpa_s
)) {
4468 if (wpa_s
->wpa_state
== WPA_INTERFACE_DISABLED
) {
4469 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
4470 interface_count
= 0;
4473 if (!wpa_s
->p2p_mgmt
&&
4474 wpa_supplicant_delayed_sched_scan(wpa_s
,
4475 interface_count
% 3,
4477 wpa_supplicant_req_scan(wpa_s
, interface_count
% 3,
4479 #endif /* ANDROID */
4482 wpa_supplicant_set_state(wpa_s
, WPA_INACTIVE
);
4488 static int wpa_supplicant_daemon(const char *pid_file
)
4490 wpa_printf(MSG_DEBUG
, "Daemonize..");
4491 return os_daemonize(pid_file
);
4495 static struct wpa_supplicant
*
4496 wpa_supplicant_alloc(struct wpa_supplicant
*parent
)
4498 struct wpa_supplicant
*wpa_s
;
4500 wpa_s
= os_zalloc(sizeof(*wpa_s
));
4503 wpa_s
->scan_req
= INITIAL_SCAN_REQ
;
4504 wpa_s
->scan_interval
= 5;
4505 wpa_s
->new_connection
= 1;
4506 wpa_s
->parent
= parent
? parent
: wpa_s
;
4507 wpa_s
->p2pdev
= wpa_s
->parent
;
4508 wpa_s
->sched_scanning
= 0;
4510 dl_list_init(&wpa_s
->bss_tmp_disallowed
);
4511 dl_list_init(&wpa_s
->fils_hlp_req
);
4517 #ifdef CONFIG_HT_OVERRIDES
4519 static int wpa_set_htcap_mcs(struct wpa_supplicant
*wpa_s
,
4520 struct ieee80211_ht_capabilities
*htcaps
,
4521 struct ieee80211_ht_capabilities
*htcaps_mask
,
4524 /* parse ht_mcs into hex array */
4526 const char *tmp
= ht_mcs
;
4529 /* If ht_mcs is null, do not set anything */
4533 /* This is what we are setting in the kernel */
4534 os_memset(&htcaps
->supported_mcs_set
, 0, IEEE80211_HT_MCS_MASK_LEN
);
4536 wpa_msg(wpa_s
, MSG_DEBUG
, "set_htcap, ht_mcs -:%s:-", ht_mcs
);
4538 for (i
= 0; i
< IEEE80211_HT_MCS_MASK_LEN
; i
++) {
4542 v
= strtol(tmp
, &end
, 16);
4545 wpa_msg(wpa_s
, MSG_DEBUG
,
4546 "htcap value[%i]: %ld end: %p tmp: %p",
4551 htcaps
->supported_mcs_set
[i
] = v
;
4554 wpa_msg(wpa_s
, MSG_ERROR
,
4555 "Failed to parse ht-mcs: %s, error: %s\n",
4556 ht_mcs
, strerror(errno
));
4562 * If we were able to parse any values, then set mask for the MCS set.
4565 os_memset(&htcaps_mask
->supported_mcs_set
, 0xff,
4566 IEEE80211_HT_MCS_MASK_LEN
- 1);
4567 /* skip the 3 reserved bits */
4568 htcaps_mask
->supported_mcs_set
[IEEE80211_HT_MCS_MASK_LEN
- 1] =
4576 static int wpa_disable_max_amsdu(struct wpa_supplicant
*wpa_s
,
4577 struct ieee80211_ht_capabilities
*htcaps
,
4578 struct ieee80211_ht_capabilities
*htcaps_mask
,
4586 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_max_amsdu: %d", disabled
);
4588 msk
= host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE
);
4589 htcaps_mask
->ht_capabilities_info
|= msk
;
4591 htcaps
->ht_capabilities_info
&= msk
;
4593 htcaps
->ht_capabilities_info
|= msk
;
4599 static int wpa_set_ampdu_factor(struct wpa_supplicant
*wpa_s
,
4600 struct ieee80211_ht_capabilities
*htcaps
,
4601 struct ieee80211_ht_capabilities
*htcaps_mask
,
4607 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_factor: %d", factor
);
4609 if (factor
< 0 || factor
> 3) {
4610 wpa_msg(wpa_s
, MSG_ERROR
, "ampdu_factor: %d out of range. "
4611 "Must be 0-3 or -1", factor
);
4615 htcaps_mask
->a_mpdu_params
|= 0x3; /* 2 bits for factor */
4616 htcaps
->a_mpdu_params
&= ~0x3;
4617 htcaps
->a_mpdu_params
|= factor
& 0x3;
4623 static int wpa_set_ampdu_density(struct wpa_supplicant
*wpa_s
,
4624 struct ieee80211_ht_capabilities
*htcaps
,
4625 struct ieee80211_ht_capabilities
*htcaps_mask
,
4631 wpa_msg(wpa_s
, MSG_DEBUG
, "set_ampdu_density: %d", density
);
4633 if (density
< 0 || density
> 7) {
4634 wpa_msg(wpa_s
, MSG_ERROR
,
4635 "ampdu_density: %d out of range. Must be 0-7 or -1.",
4640 htcaps_mask
->a_mpdu_params
|= 0x1C;
4641 htcaps
->a_mpdu_params
&= ~(0x1C);
4642 htcaps
->a_mpdu_params
|= (density
<< 2) & 0x1C;
4648 static int wpa_set_disable_ht40(struct wpa_supplicant
*wpa_s
,
4649 struct ieee80211_ht_capabilities
*htcaps
,
4650 struct ieee80211_ht_capabilities
*htcaps_mask
,
4654 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ht40: %d", disabled
);
4656 set_disable_ht40(htcaps
, disabled
);
4657 set_disable_ht40(htcaps_mask
, 0);
4663 static int wpa_set_disable_sgi(struct wpa_supplicant
*wpa_s
,
4664 struct ieee80211_ht_capabilities
*htcaps
,
4665 struct ieee80211_ht_capabilities
*htcaps_mask
,
4668 /* Masking these out disables SGI */
4669 le16 msk
= host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ
|
4670 HT_CAP_INFO_SHORT_GI40MHZ
);
4673 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_sgi: %d", disabled
);
4676 htcaps
->ht_capabilities_info
&= ~msk
;
4678 htcaps
->ht_capabilities_info
|= msk
;
4680 htcaps_mask
->ht_capabilities_info
|= msk
;
4686 static int wpa_set_disable_ldpc(struct wpa_supplicant
*wpa_s
,
4687 struct ieee80211_ht_capabilities
*htcaps
,
4688 struct ieee80211_ht_capabilities
*htcaps_mask
,
4691 /* Masking these out disables LDPC */
4692 le16 msk
= host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP
);
4695 wpa_msg(wpa_s
, MSG_DEBUG
, "set_disable_ldpc: %d", disabled
);
4698 htcaps
->ht_capabilities_info
&= ~msk
;
4700 htcaps
->ht_capabilities_info
|= msk
;
4702 htcaps_mask
->ht_capabilities_info
|= msk
;
4708 static int wpa_set_tx_stbc(struct wpa_supplicant
*wpa_s
,
4709 struct ieee80211_ht_capabilities
*htcaps
,
4710 struct ieee80211_ht_capabilities
*htcaps_mask
,
4713 le16 msk
= host_to_le16(HT_CAP_INFO_TX_STBC
);
4718 wpa_msg(wpa_s
, MSG_DEBUG
, "set_tx_stbc: %d", tx_stbc
);
4720 if (tx_stbc
< 0 || tx_stbc
> 1) {
4721 wpa_msg(wpa_s
, MSG_ERROR
,
4722 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc
);
4726 htcaps_mask
->ht_capabilities_info
|= msk
;
4727 htcaps
->ht_capabilities_info
&= ~msk
;
4728 htcaps
->ht_capabilities_info
|= (tx_stbc
<< 7) & msk
;
4734 static int wpa_set_rx_stbc(struct wpa_supplicant
*wpa_s
,
4735 struct ieee80211_ht_capabilities
*htcaps
,
4736 struct ieee80211_ht_capabilities
*htcaps_mask
,
4739 le16 msk
= host_to_le16(HT_CAP_INFO_RX_STBC_MASK
);
4744 wpa_msg(wpa_s
, MSG_DEBUG
, "set_rx_stbc: %d", rx_stbc
);
4746 if (rx_stbc
< 0 || rx_stbc
> 3) {
4747 wpa_msg(wpa_s
, MSG_ERROR
,
4748 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc
);
4752 htcaps_mask
->ht_capabilities_info
|= msk
;
4753 htcaps
->ht_capabilities_info
&= ~msk
;
4754 htcaps
->ht_capabilities_info
|= (rx_stbc
<< 8) & msk
;
4760 void wpa_supplicant_apply_ht_overrides(
4761 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4762 struct wpa_driver_associate_params
*params
)
4764 struct ieee80211_ht_capabilities
*htcaps
;
4765 struct ieee80211_ht_capabilities
*htcaps_mask
;
4770 params
->disable_ht
= ssid
->disable_ht
;
4771 if (!params
->htcaps
|| !params
->htcaps_mask
)
4774 htcaps
= (struct ieee80211_ht_capabilities
*) params
->htcaps
;
4775 htcaps_mask
= (struct ieee80211_ht_capabilities
*) params
->htcaps_mask
;
4776 wpa_set_htcap_mcs(wpa_s
, htcaps
, htcaps_mask
, ssid
->ht_mcs
);
4777 wpa_disable_max_amsdu(wpa_s
, htcaps
, htcaps_mask
,
4778 ssid
->disable_max_amsdu
);
4779 wpa_set_ampdu_factor(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_factor
);
4780 wpa_set_ampdu_density(wpa_s
, htcaps
, htcaps_mask
, ssid
->ampdu_density
);
4781 wpa_set_disable_ht40(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ht40
);
4782 wpa_set_disable_sgi(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_sgi
);
4783 wpa_set_disable_ldpc(wpa_s
, htcaps
, htcaps_mask
, ssid
->disable_ldpc
);
4784 wpa_set_rx_stbc(wpa_s
, htcaps
, htcaps_mask
, ssid
->rx_stbc
);
4785 wpa_set_tx_stbc(wpa_s
, htcaps
, htcaps_mask
, ssid
->tx_stbc
);
4787 if (ssid
->ht40_intolerant
) {
4788 le16 bit
= host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT
);
4789 htcaps
->ht_capabilities_info
|= bit
;
4790 htcaps_mask
->ht_capabilities_info
|= bit
;
4794 #endif /* CONFIG_HT_OVERRIDES */
4797 #ifdef CONFIG_VHT_OVERRIDES
4798 void wpa_supplicant_apply_vht_overrides(
4799 struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
4800 struct wpa_driver_associate_params
*params
)
4802 struct ieee80211_vht_capabilities
*vhtcaps
;
4803 struct ieee80211_vht_capabilities
*vhtcaps_mask
;
4808 params
->disable_vht
= ssid
->disable_vht
;
4810 vhtcaps
= (void *) params
->vhtcaps
;
4811 vhtcaps_mask
= (void *) params
->vhtcaps_mask
;
4813 if (!vhtcaps
|| !vhtcaps_mask
)
4816 vhtcaps
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa
);
4817 vhtcaps_mask
->vht_capabilities_info
= host_to_le32(ssid
->vht_capa_mask
);
4819 #ifdef CONFIG_HT_OVERRIDES
4820 if (ssid
->disable_sgi
) {
4821 vhtcaps_mask
->vht_capabilities_info
|= (VHT_CAP_SHORT_GI_80
|
4822 VHT_CAP_SHORT_GI_160
);
4823 vhtcaps
->vht_capabilities_info
&= ~(VHT_CAP_SHORT_GI_80
|
4824 VHT_CAP_SHORT_GI_160
);
4825 wpa_msg(wpa_s
, MSG_DEBUG
,
4826 "disable-sgi override specified, vht-caps: 0x%x",
4827 vhtcaps
->vht_capabilities_info
);
4830 /* if max ampdu is <= 3, we have to make the HT cap the same */
4831 if (ssid
->vht_capa_mask
& VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) {
4834 max_ampdu
= (ssid
->vht_capa
&
4835 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX
) >>
4836 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT
;
4838 max_ampdu
= max_ampdu
< 3 ? max_ampdu
: 3;
4839 wpa_set_ampdu_factor(wpa_s
,
4840 (void *) params
->htcaps
,
4841 (void *) params
->htcaps_mask
,
4844 #endif /* CONFIG_HT_OVERRIDES */
4846 #define OVERRIDE_MCS(i) \
4847 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
4848 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
4849 host_to_le16(3 << 2 * (i - 1)); \
4850 vhtcaps->vht_supported_mcs_set.tx_map |= \
4851 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
4854 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
4855 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
4856 host_to_le16(3 << 2 * (i - 1)); \
4857 vhtcaps->vht_supported_mcs_set.rx_map |= \
4858 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
4871 #endif /* CONFIG_VHT_OVERRIDES */
4874 static int pcsc_reader_init(struct wpa_supplicant
*wpa_s
)
4879 if (!wpa_s
->conf
->pcsc_reader
)
4882 wpa_s
->scard
= scard_init(wpa_s
->conf
->pcsc_reader
);
4886 if (wpa_s
->conf
->pcsc_pin
&&
4887 scard_set_pin(wpa_s
->scard
, wpa_s
->conf
->pcsc_pin
) < 0) {
4888 scard_deinit(wpa_s
->scard
);
4889 wpa_s
->scard
= NULL
;
4890 wpa_msg(wpa_s
, MSG_ERROR
, "PC/SC PIN validation failed");
4894 len
= sizeof(wpa_s
->imsi
) - 1;
4895 if (scard_get_imsi(wpa_s
->scard
, wpa_s
->imsi
, &len
)) {
4896 scard_deinit(wpa_s
->scard
);
4897 wpa_s
->scard
= NULL
;
4898 wpa_msg(wpa_s
, MSG_ERROR
, "Could not read IMSI");
4901 wpa_s
->imsi
[len
] = '\0';
4903 wpa_s
->mnc_len
= scard_get_mnc_len(wpa_s
->scard
);
4905 wpa_printf(MSG_DEBUG
, "SCARD: IMSI %s (MNC length %d)",
4906 wpa_s
->imsi
, wpa_s
->mnc_len
);
4908 wpa_sm_set_scard_ctx(wpa_s
->wpa
, wpa_s
->scard
);
4909 eapol_sm_register_scard_ctx(wpa_s
->eapol
, wpa_s
->scard
);
4910 #endif /* PCSC_FUNCS */
4916 int wpas_init_ext_pw(struct wpa_supplicant
*wpa_s
)
4920 ext_password_deinit(wpa_s
->ext_pw
);
4921 wpa_s
->ext_pw
= NULL
;
4922 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, NULL
);
4924 if (!wpa_s
->conf
->ext_password_backend
)
4927 val
= os_strdup(wpa_s
->conf
->ext_password_backend
);
4930 pos
= os_strchr(val
, ':');
4934 wpa_printf(MSG_DEBUG
, "EXT PW: Initialize backend '%s'", val
);
4936 wpa_s
->ext_pw
= ext_password_init(val
, pos
);
4938 if (wpa_s
->ext_pw
== NULL
) {
4939 wpa_printf(MSG_DEBUG
, "EXT PW: Failed to initialize backend");
4942 eapol_sm_set_ext_pw_ctx(wpa_s
->eapol
, wpa_s
->ext_pw
);
4950 static const u8
* wpas_fst_get_bssid_cb(void *ctx
)
4952 struct wpa_supplicant
*wpa_s
= ctx
;
4954 return (is_zero_ether_addr(wpa_s
->bssid
) ||
4955 wpa_s
->wpa_state
!= WPA_COMPLETED
) ? NULL
: wpa_s
->bssid
;
4959 static void wpas_fst_get_channel_info_cb(void *ctx
,
4960 enum hostapd_hw_mode
*hw_mode
,
4963 struct wpa_supplicant
*wpa_s
= ctx
;
4965 if (wpa_s
->current_bss
) {
4966 *hw_mode
= ieee80211_freq_to_chan(wpa_s
->current_bss
->freq
,
4968 } else if (wpa_s
->hw
.num_modes
) {
4969 *hw_mode
= wpa_s
->hw
.modes
[0].mode
;
4977 static int wpas_fst_get_hw_modes(void *ctx
, struct hostapd_hw_modes
**modes
)
4979 struct wpa_supplicant
*wpa_s
= ctx
;
4981 *modes
= wpa_s
->hw
.modes
;
4982 return wpa_s
->hw
.num_modes
;
4986 static void wpas_fst_set_ies_cb(void *ctx
, const struct wpabuf
*fst_ies
)
4988 struct wpa_supplicant
*wpa_s
= ctx
;
4990 wpa_hexdump_buf(MSG_DEBUG
, "FST: Set IEs", fst_ies
);
4991 wpa_s
->fst_ies
= fst_ies
;
4995 static int wpas_fst_send_action_cb(void *ctx
, const u8
*da
, struct wpabuf
*data
)
4997 struct wpa_supplicant
*wpa_s
= ctx
;
4999 if (os_memcmp(wpa_s
->bssid
, da
, ETH_ALEN
) != 0) {
5000 wpa_printf(MSG_INFO
, "FST:%s:bssid=" MACSTR
" != da=" MACSTR
,
5001 __func__
, MAC2STR(wpa_s
->bssid
), MAC2STR(da
));
5004 return wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0, wpa_s
->bssid
,
5005 wpa_s
->own_addr
, wpa_s
->bssid
,
5006 wpabuf_head(data
), wpabuf_len(data
),
5011 static const struct wpabuf
* wpas_fst_get_mb_ie_cb(void *ctx
, const u8
*addr
)
5013 struct wpa_supplicant
*wpa_s
= ctx
;
5015 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
5016 return wpa_s
->received_mb_ies
;
5020 static void wpas_fst_update_mb_ie_cb(void *ctx
, const u8
*addr
,
5021 const u8
*buf
, size_t size
)
5023 struct wpa_supplicant
*wpa_s
= ctx
;
5024 struct mb_ies_info info
;
5026 WPA_ASSERT(os_memcmp(wpa_s
->bssid
, addr
, ETH_ALEN
) == 0);
5028 if (!mb_ies_info_by_ies(&info
, buf
, size
)) {
5029 wpabuf_free(wpa_s
->received_mb_ies
);
5030 wpa_s
->received_mb_ies
= mb_ies_by_info(&info
);
5035 static const u8
* wpas_fst_get_peer_first(void *ctx
,
5036 struct fst_get_peer_ctx
**get_ctx
,
5039 struct wpa_supplicant
*wpa_s
= ctx
;
5042 if (!is_zero_ether_addr(wpa_s
->bssid
))
5043 return (wpa_s
->received_mb_ies
|| !mb_only
) ?
5044 wpa_s
->bssid
: NULL
;
5049 static const u8
* wpas_fst_get_peer_next(void *ctx
,
5050 struct fst_get_peer_ctx
**get_ctx
,
5056 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant
*wpa_s
,
5057 struct fst_wpa_obj
*iface_obj
)
5059 iface_obj
->ctx
= wpa_s
;
5060 iface_obj
->get_bssid
= wpas_fst_get_bssid_cb
;
5061 iface_obj
->get_channel_info
= wpas_fst_get_channel_info_cb
;
5062 iface_obj
->get_hw_modes
= wpas_fst_get_hw_modes
;
5063 iface_obj
->set_ies
= wpas_fst_set_ies_cb
;
5064 iface_obj
->send_action
= wpas_fst_send_action_cb
;
5065 iface_obj
->get_mb_ie
= wpas_fst_get_mb_ie_cb
;
5066 iface_obj
->update_mb_ie
= wpas_fst_update_mb_ie_cb
;
5067 iface_obj
->get_peer_first
= wpas_fst_get_peer_first
;
5068 iface_obj
->get_peer_next
= wpas_fst_get_peer_next
;
5070 #endif /* CONFIG_FST */
5072 static int wpas_set_wowlan_triggers(struct wpa_supplicant
*wpa_s
,
5073 const struct wpa_driver_capa
*capa
)
5075 struct wowlan_triggers
*triggers
;
5078 if (!wpa_s
->conf
->wowlan_triggers
)
5081 triggers
= wpa_get_wowlan_triggers(wpa_s
->conf
->wowlan_triggers
, capa
);
5083 ret
= wpa_drv_wowlan(wpa_s
, triggers
);
5090 enum wpa_radio_work_band
wpas_freq_to_band(int freq
)
5093 return BAND_2_4_GHZ
;
5100 unsigned int wpas_get_bands(struct wpa_supplicant
*wpa_s
, const int *freqs
)
5103 unsigned int band
= 0;
5106 /* freqs are specified for the radio work */
5107 for (i
= 0; freqs
[i
]; i
++)
5108 band
|= wpas_freq_to_band(freqs
[i
]);
5111 * freqs are not specified, implies all
5112 * the supported freqs by HW
5114 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5115 if (wpa_s
->hw
.modes
[i
].num_channels
!= 0) {
5116 if (wpa_s
->hw
.modes
[i
].mode
==
5117 HOSTAPD_MODE_IEEE80211B
||
5118 wpa_s
->hw
.modes
[i
].mode
==
5119 HOSTAPD_MODE_IEEE80211G
)
5120 band
|= BAND_2_4_GHZ
;
5121 else if (wpa_s
->hw
.modes
[i
].mode
==
5122 HOSTAPD_MODE_IEEE80211A
)
5124 else if (wpa_s
->hw
.modes
[i
].mode
==
5125 HOSTAPD_MODE_IEEE80211AD
)
5126 band
|= BAND_60_GHZ
;
5127 else if (wpa_s
->hw
.modes
[i
].mode
==
5128 HOSTAPD_MODE_IEEE80211ANY
)
5129 band
= BAND_2_4_GHZ
| BAND_5_GHZ
|
5139 static struct wpa_radio
* radio_add_interface(struct wpa_supplicant
*wpa_s
,
5142 struct wpa_supplicant
*iface
= wpa_s
->global
->ifaces
;
5143 struct wpa_radio
*radio
;
5145 while (rn
&& iface
) {
5146 radio
= iface
->radio
;
5147 if (radio
&& os_strcmp(rn
, radio
->name
) == 0) {
5148 wpa_printf(MSG_DEBUG
, "Add interface %s to existing radio %s",
5150 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
5154 iface
= iface
->next
;
5157 wpa_printf(MSG_DEBUG
, "Add interface %s to a new radio %s",
5158 wpa_s
->ifname
, rn
? rn
: "N/A");
5159 radio
= os_zalloc(sizeof(*radio
));
5164 os_strlcpy(radio
->name
, rn
, sizeof(radio
->name
));
5165 dl_list_init(&radio
->ifaces
);
5166 dl_list_init(&radio
->work
);
5167 dl_list_add(&radio
->ifaces
, &wpa_s
->radio_list
);
5173 static void radio_work_free(struct wpa_radio_work
*work
)
5175 if (work
->wpa_s
->scan_work
== work
) {
5176 /* This should not really happen. */
5177 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5178 work
->type
, work
, work
->started
);
5179 work
->wpa_s
->scan_work
= NULL
;
5183 if (work
->wpa_s
->p2p_scan_work
== work
) {
5184 /* This should not really happen. */
5185 wpa_dbg(work
->wpa_s
, MSG_INFO
, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5186 work
->type
, work
, work
->started
);
5187 work
->wpa_s
->p2p_scan_work
= NULL
;
5189 #endif /* CONFIG_P2P */
5191 if (work
->started
) {
5192 work
->wpa_s
->radio
->num_active_works
--;
5193 wpa_dbg(work
->wpa_s
, MSG_DEBUG
,
5194 "radio_work_free('%s'@%p): num_active_works --> %u",
5196 work
->wpa_s
->radio
->num_active_works
);
5199 dl_list_del(&work
->list
);
5204 static int radio_work_is_connect(struct wpa_radio_work
*work
)
5206 return os_strcmp(work
->type
, "sme-connect") == 0 ||
5207 os_strcmp(work
->type
, "connect") == 0;
5211 static int radio_work_is_scan(struct wpa_radio_work
*work
)
5213 return os_strcmp(work
->type
, "scan") == 0 ||
5214 os_strcmp(work
->type
, "p2p-scan") == 0;
5218 static struct wpa_radio_work
* radio_work_get_next_work(struct wpa_radio
*radio
)
5220 struct wpa_radio_work
*active_work
= NULL
;
5221 struct wpa_radio_work
*tmp
;
5223 /* Get the active work to know the type and band. */
5224 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5232 /* No active work, start one */
5233 radio
->num_active_works
= 0;
5234 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
,
5236 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5237 radio
->external_scan_running
&&
5238 (((struct wpa_driver_scan_params
*)
5239 tmp
->ctx
)->only_new_results
||
5240 tmp
->wpa_s
->clear_driver_scan_cache
))
5247 if (radio_work_is_connect(active_work
)) {
5249 * If the active work is either connect or sme-connect,
5250 * do not parallelize them with other radio works.
5252 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5253 "Do not parallelize radio work with %s",
5258 dl_list_for_each(tmp
, &radio
->work
, struct wpa_radio_work
, list
) {
5263 * If connect or sme-connect are enqueued, parallelize only
5264 * those operations ahead of them in the queue.
5266 if (radio_work_is_connect(tmp
))
5269 /* Serialize parallel scan and p2p_scan operations on the same
5270 * interface since the driver_nl80211 mechanism for tracking
5271 * scan cookies does not yet have support for this. */
5272 if (active_work
->wpa_s
== tmp
->wpa_s
&&
5273 radio_work_is_scan(active_work
) &&
5274 radio_work_is_scan(tmp
)) {
5275 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5276 "Do not start work '%s' when another work '%s' is already scheduled",
5277 tmp
->type
, active_work
->type
);
5281 * Check that the radio works are distinct and
5282 * on different bands.
5284 if (os_strcmp(active_work
->type
, tmp
->type
) != 0 &&
5285 (active_work
->bands
!= tmp
->bands
)) {
5287 * If a scan has to be scheduled through nl80211 scan
5288 * interface and if an external scan is already running,
5289 * do not schedule the scan since it is likely to get
5290 * rejected by kernel.
5292 if (os_strcmp(tmp
->type
, "scan") == 0 &&
5293 radio
->external_scan_running
&&
5294 (((struct wpa_driver_scan_params
*)
5295 tmp
->ctx
)->only_new_results
||
5296 tmp
->wpa_s
->clear_driver_scan_cache
))
5299 wpa_dbg(active_work
->wpa_s
, MSG_DEBUG
,
5300 "active_work:%s new_work:%s",
5301 active_work
->type
, tmp
->type
);
5306 /* Did not find a radio work to schedule in parallel. */
5311 static void radio_start_next_work(void *eloop_ctx
, void *timeout_ctx
)
5313 struct wpa_radio
*radio
= eloop_ctx
;
5314 struct wpa_radio_work
*work
;
5315 struct os_reltime now
, diff
;
5316 struct wpa_supplicant
*wpa_s
;
5318 work
= dl_list_first(&radio
->work
, struct wpa_radio_work
, list
);
5320 radio
->num_active_works
= 0;
5324 wpa_s
= dl_list_first(&radio
->ifaces
, struct wpa_supplicant
,
5328 wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)) {
5330 return; /* already started and still in progress */
5332 if (wpa_s
&& wpa_s
->radio
->external_scan_running
) {
5333 wpa_printf(MSG_DEBUG
, "Delay radio work start until externally triggered scan completes");
5338 if (radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5339 /* get the work to schedule next */
5340 work
= radio_work_get_next_work(radio
);
5346 wpa_s
= work
->wpa_s
;
5347 os_get_reltime(&now
);
5348 os_reltime_sub(&now
, &work
->time
, &diff
);
5349 wpa_dbg(wpa_s
, MSG_DEBUG
,
5350 "Starting radio work '%s'@%p after %ld.%06ld second wait",
5351 work
->type
, work
, diff
.sec
, diff
.usec
);
5354 radio
->num_active_works
++;
5358 if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
) &&
5359 radio
->num_active_works
< MAX_ACTIVE_WORKS
)
5360 radio_work_check_next(wpa_s
);
5365 * This function removes both started and pending radio works running on
5366 * the provided interface's radio.
5367 * Prior to the removal of the radio work, its callback (cb) is called with
5368 * deinit set to be 1. Each work's callback is responsible for clearing its
5369 * internal data and restoring to a correct state.
5370 * @wpa_s: wpa_supplicant data
5371 * @type: type of works to be removed
5372 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
5373 * this interface's works.
5375 void radio_remove_works(struct wpa_supplicant
*wpa_s
,
5376 const char *type
, int remove_all
)
5378 struct wpa_radio_work
*work
, *tmp
;
5379 struct wpa_radio
*radio
= wpa_s
->radio
;
5381 dl_list_for_each_safe(work
, tmp
, &radio
->work
, struct wpa_radio_work
,
5383 if (type
&& os_strcmp(type
, work
->type
) != 0)
5386 /* skip other ifaces' works */
5387 if (!remove_all
&& work
->wpa_s
!= wpa_s
)
5390 wpa_dbg(wpa_s
, MSG_DEBUG
, "Remove radio work '%s'@%p%s",
5391 work
->type
, work
, work
->started
? " (started)" : "");
5393 radio_work_free(work
);
5396 /* in case we removed the started work */
5397 radio_work_check_next(wpa_s
);
5401 void radio_remove_pending_work(struct wpa_supplicant
*wpa_s
, void *ctx
)
5403 struct wpa_radio_work
*work
;
5404 struct wpa_radio
*radio
= wpa_s
->radio
;
5406 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5407 if (work
->ctx
!= ctx
)
5409 wpa_dbg(wpa_s
, MSG_DEBUG
, "Free pending radio work '%s'@%p%s",
5410 work
->type
, work
, work
->started
? " (started)" : "");
5411 radio_work_free(work
);
5417 static void radio_remove_interface(struct wpa_supplicant
*wpa_s
)
5419 struct wpa_radio
*radio
= wpa_s
->radio
;
5424 wpa_printf(MSG_DEBUG
, "Remove interface %s from radio %s",
5425 wpa_s
->ifname
, radio
->name
);
5426 dl_list_del(&wpa_s
->radio_list
);
5427 radio_remove_works(wpa_s
, NULL
, 0);
5428 wpa_s
->radio
= NULL
;
5429 if (!dl_list_empty(&radio
->ifaces
))
5430 return; /* Interfaces remain for this radio */
5432 wpa_printf(MSG_DEBUG
, "Remove radio %s", radio
->name
);
5433 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5438 void radio_work_check_next(struct wpa_supplicant
*wpa_s
)
5440 struct wpa_radio
*radio
= wpa_s
->radio
;
5442 if (dl_list_empty(&radio
->work
))
5444 if (wpa_s
->ext_work_in_progress
) {
5445 wpa_printf(MSG_DEBUG
,
5446 "External radio work in progress - delay start of pending item");
5449 eloop_cancel_timeout(radio_start_next_work
, radio
, NULL
);
5450 eloop_register_timeout(0, 0, radio_start_next_work
, radio
, NULL
);
5455 * radio_add_work - Add a radio work item
5456 * @wpa_s: Pointer to wpa_supplicant data
5457 * @freq: Frequency of the offchannel operation in MHz or 0
5458 * @type: Unique identifier for each type of work
5459 * @next: Force as the next work to be executed
5460 * @cb: Callback function for indicating when radio is available
5461 * @ctx: Context pointer for the work (work->ctx in cb())
5462 * Returns: 0 on success, -1 on failure
5464 * This function is used to request time for an operation that requires
5465 * exclusive radio control. Once the radio is available, the registered callback
5466 * function will be called. radio_work_done() must be called once the exclusive
5467 * radio operation has been completed, so that the radio is freed for other
5468 * operations. The special case of deinit=1 is used to free the context data
5469 * during interface removal. That does not allow the callback function to start
5470 * the radio operation, i.e., it must free any resources allocated for the radio
5473 * The @freq parameter can be used to indicate a single channel on which the
5474 * offchannel operation will occur. This may allow multiple radio work
5475 * operations to be performed in parallel if they apply for the same channel.
5476 * Setting this to 0 indicates that the work item may use multiple channels or
5477 * requires exclusive control of the radio.
5479 int radio_add_work(struct wpa_supplicant
*wpa_s
, unsigned int freq
,
5480 const char *type
, int next
,
5481 void (*cb
)(struct wpa_radio_work
*work
, int deinit
),
5484 struct wpa_radio
*radio
= wpa_s
->radio
;
5485 struct wpa_radio_work
*work
;
5488 work
= os_zalloc(sizeof(*work
));
5491 wpa_dbg(wpa_s
, MSG_DEBUG
, "Add radio work '%s'@%p", type
, work
);
5492 os_get_reltime(&work
->time
);
5495 work
->wpa_s
= wpa_s
;
5500 work
->bands
= wpas_freq_to_band(freq
);
5501 else if (os_strcmp(type
, "scan") == 0 ||
5502 os_strcmp(type
, "p2p-scan") == 0)
5503 work
->bands
= wpas_get_bands(wpa_s
,
5504 ((struct wpa_driver_scan_params
*)
5507 work
->bands
= wpas_get_bands(wpa_s
, NULL
);
5509 was_empty
= dl_list_empty(&wpa_s
->radio
->work
);
5511 dl_list_add(&wpa_s
->radio
->work
, &work
->list
);
5513 dl_list_add_tail(&wpa_s
->radio
->work
, &work
->list
);
5515 wpa_dbg(wpa_s
, MSG_DEBUG
, "First radio work item in the queue - schedule start immediately");
5516 radio_work_check_next(wpa_s
);
5517 } else if ((wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS
)
5518 && radio
->num_active_works
< MAX_ACTIVE_WORKS
) {
5519 wpa_dbg(wpa_s
, MSG_DEBUG
,
5520 "Try to schedule a radio work (num_active_works=%u)",
5521 radio
->num_active_works
);
5522 radio_work_check_next(wpa_s
);
5530 * radio_work_done - Indicate that a radio work item has been completed
5531 * @work: Completed work
5533 * This function is called once the callback function registered with
5534 * radio_add_work() has completed its work.
5536 void radio_work_done(struct wpa_radio_work
*work
)
5538 struct wpa_supplicant
*wpa_s
= work
->wpa_s
;
5539 struct os_reltime now
, diff
;
5540 unsigned int started
= work
->started
;
5542 os_get_reltime(&now
);
5543 os_reltime_sub(&now
, &work
->time
, &diff
);
5544 wpa_dbg(wpa_s
, MSG_DEBUG
, "Radio work '%s'@%p %s in %ld.%06ld seconds",
5545 work
->type
, work
, started
? "done" : "canceled",
5546 diff
.sec
, diff
.usec
);
5547 radio_work_free(work
);
5549 radio_work_check_next(wpa_s
);
5553 struct wpa_radio_work
*
5554 radio_work_pending(struct wpa_supplicant
*wpa_s
, const char *type
)
5556 struct wpa_radio_work
*work
;
5557 struct wpa_radio
*radio
= wpa_s
->radio
;
5559 dl_list_for_each(work
, &radio
->work
, struct wpa_radio_work
, list
) {
5560 if (work
->wpa_s
== wpa_s
&& os_strcmp(work
->type
, type
) == 0)
5568 static int wpas_init_driver(struct wpa_supplicant
*wpa_s
,
5569 const struct wpa_interface
*iface
)
5571 const char *ifname
, *driver
, *rn
;
5573 driver
= iface
->driver
;
5575 if (wpa_supplicant_set_driver(wpa_s
, driver
) < 0)
5578 wpa_s
->drv_priv
= wpa_drv_init(wpa_s
, wpa_s
->ifname
);
5579 if (wpa_s
->drv_priv
== NULL
) {
5581 pos
= driver
? os_strchr(driver
, ',') : NULL
;
5583 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to initialize "
5584 "driver interface - try next driver wrapper");
5588 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to initialize driver "
5592 if (wpa_drv_set_param(wpa_s
, wpa_s
->conf
->driver_param
) < 0) {
5593 wpa_msg(wpa_s
, MSG_ERROR
, "Driver interface rejected "
5594 "driver_param '%s'", wpa_s
->conf
->driver_param
);
5598 ifname
= wpa_drv_get_ifname(wpa_s
);
5599 if (ifname
&& os_strcmp(ifname
, wpa_s
->ifname
) != 0) {
5600 wpa_dbg(wpa_s
, MSG_DEBUG
, "Driver interface replaced "
5601 "interface name with '%s'", ifname
);
5602 os_strlcpy(wpa_s
->ifname
, ifname
, sizeof(wpa_s
->ifname
));
5605 rn
= wpa_driver_get_radio_name(wpa_s
);
5606 if (rn
&& rn
[0] == '\0')
5609 wpa_s
->radio
= radio_add_interface(wpa_s
, rn
);
5610 if (wpa_s
->radio
== NULL
)
5617 #ifdef CONFIG_GAS_SERVER
5619 static void wpas_gas_server_tx_status(struct wpa_supplicant
*wpa_s
,
5620 unsigned int freq
, const u8
*dst
,
5621 const u8
*src
, const u8
*bssid
,
5622 const u8
*data
, size_t data_len
,
5623 enum offchannel_send_action_result result
)
5625 wpa_printf(MSG_DEBUG
, "GAS: TX status: freq=%u dst=" MACSTR
5628 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
? "SUCCESS" :
5629 (result
== OFFCHANNEL_SEND_ACTION_NO_ACK
? "no-ACK" :
5631 gas_server_tx_status(wpa_s
->gas_server
, dst
, data
, data_len
,
5632 result
== OFFCHANNEL_SEND_ACTION_SUCCESS
);
5636 static void wpas_gas_server_tx(void *ctx
, int freq
, const u8
*da
,
5637 struct wpabuf
*buf
, unsigned int wait_time
)
5639 struct wpa_supplicant
*wpa_s
= ctx
;
5640 const u8 broadcast
[ETH_ALEN
] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
5642 if (wait_time
> wpa_s
->max_remain_on_chan
)
5643 wait_time
= wpa_s
->max_remain_on_chan
;
5645 offchannel_send_action(wpa_s
, freq
, da
, wpa_s
->own_addr
, broadcast
,
5646 wpabuf_head(buf
), wpabuf_len(buf
),
5647 wait_time
, wpas_gas_server_tx_status
, 0);
5650 #endif /* CONFIG_GAS_SERVER */
5652 static int wpa_supplicant_init_iface(struct wpa_supplicant
*wpa_s
,
5653 const struct wpa_interface
*iface
)
5655 struct wpa_driver_capa capa
;
5659 wpa_printf(MSG_DEBUG
, "Initializing interface '%s' conf '%s' driver "
5660 "'%s' ctrl_interface '%s' bridge '%s'", iface
->ifname
,
5661 iface
->confname
? iface
->confname
: "N/A",
5662 iface
->driver
? iface
->driver
: "default",
5663 iface
->ctrl_interface
? iface
->ctrl_interface
: "N/A",
5664 iface
->bridge_ifname
? iface
->bridge_ifname
: "N/A");
5666 if (iface
->confname
) {
5667 #ifdef CONFIG_BACKEND_FILE
5668 wpa_s
->confname
= os_rel2abs_path(iface
->confname
);
5669 if (wpa_s
->confname
== NULL
) {
5670 wpa_printf(MSG_ERROR
, "Failed to get absolute path "
5671 "for configuration file '%s'.",
5675 wpa_printf(MSG_DEBUG
, "Configuration file '%s' -> '%s'",
5676 iface
->confname
, wpa_s
->confname
);
5677 #else /* CONFIG_BACKEND_FILE */
5678 wpa_s
->confname
= os_strdup(iface
->confname
);
5679 #endif /* CONFIG_BACKEND_FILE */
5680 wpa_s
->conf
= wpa_config_read(wpa_s
->confname
, NULL
);
5681 if (wpa_s
->conf
== NULL
) {
5682 wpa_printf(MSG_ERROR
, "Failed to read or parse "
5683 "configuration '%s'.", wpa_s
->confname
);
5686 wpa_s
->confanother
= os_rel2abs_path(iface
->confanother
);
5687 if (wpa_s
->confanother
&&
5688 !wpa_config_read(wpa_s
->confanother
, wpa_s
->conf
)) {
5689 wpa_printf(MSG_ERROR
,
5690 "Failed to read or parse configuration '%s'.",
5691 wpa_s
->confanother
);
5696 * Override ctrl_interface and driver_param if set on command
5699 if (iface
->ctrl_interface
) {
5700 os_free(wpa_s
->conf
->ctrl_interface
);
5701 wpa_s
->conf
->ctrl_interface
=
5702 os_strdup(iface
->ctrl_interface
);
5705 if (iface
->driver_param
) {
5706 os_free(wpa_s
->conf
->driver_param
);
5707 wpa_s
->conf
->driver_param
=
5708 os_strdup(iface
->driver_param
);
5711 if (iface
->p2p_mgmt
&& !iface
->ctrl_interface
) {
5712 os_free(wpa_s
->conf
->ctrl_interface
);
5713 wpa_s
->conf
->ctrl_interface
= NULL
;
5716 wpa_s
->conf
= wpa_config_alloc_empty(iface
->ctrl_interface
,
5717 iface
->driver_param
);
5719 if (wpa_s
->conf
== NULL
) {
5720 wpa_printf(MSG_ERROR
, "\nNo configuration found.");
5724 if (iface
->ifname
== NULL
) {
5725 wpa_printf(MSG_ERROR
, "\nInterface name is required.");
5728 if (os_strlen(iface
->ifname
) >= sizeof(wpa_s
->ifname
)) {
5729 wpa_printf(MSG_ERROR
, "\nToo long interface name '%s'.",
5733 os_strlcpy(wpa_s
->ifname
, iface
->ifname
, sizeof(wpa_s
->ifname
));
5735 if (iface
->bridge_ifname
) {
5736 if (os_strlen(iface
->bridge_ifname
) >=
5737 sizeof(wpa_s
->bridge_ifname
)) {
5738 wpa_printf(MSG_ERROR
, "\nToo long bridge interface "
5739 "name '%s'.", iface
->bridge_ifname
);
5742 os_strlcpy(wpa_s
->bridge_ifname
, iface
->bridge_ifname
,
5743 sizeof(wpa_s
->bridge_ifname
));
5746 /* RSNA Supplicant Key Management - INITIALIZE */
5747 eapol_sm_notify_portEnabled(wpa_s
->eapol
, FALSE
);
5748 eapol_sm_notify_portValid(wpa_s
->eapol
, FALSE
);
5750 /* Initialize driver interface and register driver event handler before
5751 * L2 receive handler so that association events are processed before
5752 * EAPOL-Key packets if both become available for the same select()
5754 if (wpas_init_driver(wpa_s
, iface
) < 0)
5757 if (wpa_supplicant_init_wpa(wpa_s
) < 0)
5760 wpa_sm_set_ifname(wpa_s
->wpa
, wpa_s
->ifname
,
5761 wpa_s
->bridge_ifname
[0] ? wpa_s
->bridge_ifname
:
5763 wpa_sm_set_fast_reauth(wpa_s
->wpa
, wpa_s
->conf
->fast_reauth
);
5765 if (wpa_s
->conf
->dot11RSNAConfigPMKLifetime
&&
5766 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_LIFETIME
,
5767 wpa_s
->conf
->dot11RSNAConfigPMKLifetime
)) {
5768 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5769 "dot11RSNAConfigPMKLifetime");
5773 if (wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
&&
5774 wpa_sm_set_param(wpa_s
->wpa
, RSNA_PMK_REAUTH_THRESHOLD
,
5775 wpa_s
->conf
->dot11RSNAConfigPMKReauthThreshold
)) {
5776 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5777 "dot11RSNAConfigPMKReauthThreshold");
5781 if (wpa_s
->conf
->dot11RSNAConfigSATimeout
&&
5782 wpa_sm_set_param(wpa_s
->wpa
, RSNA_SA_TIMEOUT
,
5783 wpa_s
->conf
->dot11RSNAConfigSATimeout
)) {
5784 wpa_msg(wpa_s
, MSG_ERROR
, "Invalid WPA parameter value for "
5785 "dot11RSNAConfigSATimeout");
5789 wpa_s
->hw
.modes
= wpa_drv_get_hw_feature_data(wpa_s
,
5790 &wpa_s
->hw
.num_modes
,
5793 if (wpa_s
->hw
.modes
) {
5796 for (i
= 0; i
< wpa_s
->hw
.num_modes
; i
++) {
5797 if (wpa_s
->hw
.modes
[i
].vht_capab
) {
5798 wpa_s
->hw_capab
= CAPAB_VHT
;
5802 if (wpa_s
->hw
.modes
[i
].ht_capab
&
5803 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET
)
5804 wpa_s
->hw_capab
= CAPAB_HT40
;
5805 else if (wpa_s
->hw
.modes
[i
].ht_capab
&&
5806 wpa_s
->hw_capab
== CAPAB_NO_HT_VHT
)
5807 wpa_s
->hw_capab
= CAPAB_HT
;
5811 capa_res
= wpa_drv_get_capa(wpa_s
, &capa
);
5812 if (capa_res
== 0) {
5813 wpa_s
->drv_capa_known
= 1;
5814 wpa_s
->drv_flags
= capa
.flags
;
5815 wpa_s
->drv_enc
= capa
.enc
;
5816 wpa_s
->drv_smps_modes
= capa
.smps_modes
;
5817 wpa_s
->drv_rrm_flags
= capa
.rrm_flags
;
5818 wpa_s
->probe_resp_offloads
= capa
.probe_resp_offloads
;
5819 wpa_s
->max_scan_ssids
= capa
.max_scan_ssids
;
5820 wpa_s
->max_sched_scan_ssids
= capa
.max_sched_scan_ssids
;
5821 wpa_s
->max_sched_scan_plans
= capa
.max_sched_scan_plans
;
5822 wpa_s
->max_sched_scan_plan_interval
=
5823 capa
.max_sched_scan_plan_interval
;
5824 wpa_s
->max_sched_scan_plan_iterations
=
5825 capa
.max_sched_scan_plan_iterations
;
5826 wpa_s
->sched_scan_supported
= capa
.sched_scan_supported
;
5827 wpa_s
->max_match_sets
= capa
.max_match_sets
;
5828 wpa_s
->max_remain_on_chan
= capa
.max_remain_on_chan
;
5829 wpa_s
->max_stations
= capa
.max_stations
;
5830 wpa_s
->extended_capa
= capa
.extended_capa
;
5831 wpa_s
->extended_capa_mask
= capa
.extended_capa_mask
;
5832 wpa_s
->extended_capa_len
= capa
.extended_capa_len
;
5833 wpa_s
->num_multichan_concurrent
=
5834 capa
.num_multichan_concurrent
;
5835 wpa_s
->wmm_ac_supported
= capa
.wmm_ac_supported
;
5837 if (capa
.mac_addr_rand_scan_supported
)
5838 wpa_s
->mac_addr_rand_supported
|= MAC_ADDR_RAND_SCAN
;
5839 if (wpa_s
->sched_scan_supported
&&
5840 capa
.mac_addr_rand_sched_scan_supported
)
5841 wpa_s
->mac_addr_rand_supported
|=
5842 (MAC_ADDR_RAND_SCHED_SCAN
| MAC_ADDR_RAND_PNO
);
5844 wpa_drv_get_ext_capa(wpa_s
, WPA_IF_STATION
);
5845 if (wpa_s
->extended_capa
&&
5846 wpa_s
->extended_capa_len
>= 3 &&
5847 wpa_s
->extended_capa
[2] & 0x40)
5848 wpa_s
->multi_bss_support
= 1;
5850 if (wpa_s
->max_remain_on_chan
== 0)
5851 wpa_s
->max_remain_on_chan
= 1000;
5854 * Only take p2p_mgmt parameters when P2P Device is supported.
5855 * Doing it here as it determines whether l2_packet_init() will be done
5856 * during wpa_supplicant_driver_init().
5858 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
)
5859 wpa_s
->p2p_mgmt
= iface
->p2p_mgmt
;
5861 if (wpa_s
->num_multichan_concurrent
== 0)
5862 wpa_s
->num_multichan_concurrent
= 1;
5864 if (wpa_supplicant_driver_init(wpa_s
) < 0)
5868 if (!iface
->p2p_mgmt
&& wpa_tdls_init(wpa_s
->wpa
))
5870 #endif /* CONFIG_TDLS */
5872 if (wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1] &&
5873 wpa_drv_set_country(wpa_s
, wpa_s
->conf
->country
)) {
5874 wpa_dbg(wpa_s
, MSG_DEBUG
, "Failed to set country");
5879 if (wpa_s
->conf
->fst_group_id
) {
5880 struct fst_iface_cfg cfg
;
5881 struct fst_wpa_obj iface_obj
;
5883 fst_wpa_supplicant_fill_iface_obj(wpa_s
, &iface_obj
);
5884 os_strlcpy(cfg
.group_id
, wpa_s
->conf
->fst_group_id
,
5885 sizeof(cfg
.group_id
));
5886 cfg
.priority
= wpa_s
->conf
->fst_priority
;
5887 cfg
.llt
= wpa_s
->conf
->fst_llt
;
5889 wpa_s
->fst
= fst_attach(wpa_s
->ifname
, wpa_s
->own_addr
,
5892 wpa_msg(wpa_s
, MSG_ERROR
,
5893 "FST: Cannot attach iface %s to group %s",
5894 wpa_s
->ifname
, cfg
.group_id
);
5898 #endif /* CONFIG_FST */
5900 if (wpas_wps_init(wpa_s
))
5903 #ifdef CONFIG_GAS_SERVER
5904 wpa_s
->gas_server
= gas_server_init(wpa_s
, wpas_gas_server_tx
);
5905 if (!wpa_s
->gas_server
) {
5906 wpa_printf(MSG_ERROR
, "Failed to initialize GAS server");
5909 #endif /* CONFIG_GAS_SERVER */
5912 if (wpas_dpp_init(wpa_s
) < 0)
5914 #endif /* CONFIG_DPP */
5916 if (wpa_supplicant_init_eapol(wpa_s
) < 0)
5918 wpa_sm_set_eapol(wpa_s
->wpa
, wpa_s
->eapol
);
5920 wpa_s
->ctrl_iface
= wpa_supplicant_ctrl_iface_init(wpa_s
);
5921 if (wpa_s
->ctrl_iface
== NULL
) {
5922 wpa_printf(MSG_ERROR
,
5923 "Failed to initialize control interface '%s'.\n"
5924 "You may have another wpa_supplicant process "
5925 "already running or the file was\n"
5926 "left by an unclean termination of wpa_supplicant "
5927 "in which case you will need\n"
5928 "to manually remove this file before starting "
5929 "wpa_supplicant again.\n",
5930 wpa_s
->conf
->ctrl_interface
);
5934 wpa_s
->gas
= gas_query_init(wpa_s
);
5935 if (wpa_s
->gas
== NULL
) {
5936 wpa_printf(MSG_ERROR
, "Failed to initialize GAS query");
5940 if ((!(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) ||
5942 wpas_p2p_init(wpa_s
->global
, wpa_s
) < 0) {
5943 wpa_msg(wpa_s
, MSG_ERROR
, "Failed to init P2P");
5947 if (wpa_bss_init(wpa_s
) < 0)
5950 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
5952 dl_list_init(&wpa_s
->mesh_external_pmksa_cache
);
5953 #endif /* CONFIG_MESH */
5954 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
5957 * Set Wake-on-WLAN triggers, if configured.
5958 * Note: We don't restore/remove the triggers on shutdown (it doesn't
5959 * have effect anyway when the interface is down).
5961 if (capa_res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
5964 #ifdef CONFIG_EAP_PROXY
5967 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
5969 if (wpa_s
->mnc_len
> 0) {
5970 wpa_s
->imsi
[len
] = '\0';
5971 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
5972 wpa_s
->imsi
, wpa_s
->mnc_len
);
5974 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
5977 #endif /* CONFIG_EAP_PROXY */
5979 if (pcsc_reader_init(wpa_s
) < 0)
5982 if (wpas_init_ext_pw(wpa_s
) < 0)
5985 wpas_rrm_reset(wpa_s
);
5987 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
5991 #endif /* CONFIG_HS20 */
5993 if (!wpa_s
->disable_mbo_oce
&& wpa_s
->conf
->oce
) {
5994 if ((wpa_s
->conf
->oce
& OCE_STA
) &&
5995 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA
))
5996 wpa_s
->enable_oce
= OCE_STA
;
5997 if ((wpa_s
->conf
->oce
& OCE_STA_CFON
) &&
5998 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_OCE_STA_CFON
)) {
5999 /* TODO: Need to add STA-CFON support */
6000 wpa_printf(MSG_ERROR
,
6001 "OCE STA-CFON feature is not yet supported");
6004 wpas_mbo_update_non_pref_chan(wpa_s
, wpa_s
->conf
->non_pref_chan
);
6005 #endif /* CONFIG_MBO */
6007 wpa_supplicant_set_default_scan_ies(wpa_s
);
6013 static void wpa_supplicant_deinit_iface(struct wpa_supplicant
*wpa_s
,
6014 int notify
, int terminate
)
6016 struct wpa_global
*global
= wpa_s
->global
;
6017 struct wpa_supplicant
*iface
, *prev
;
6019 if (wpa_s
== wpa_s
->parent
)
6020 wpas_p2p_group_remove(wpa_s
, "*");
6022 iface
= global
->ifaces
;
6024 if (iface
->p2pdev
== wpa_s
)
6025 iface
->p2pdev
= iface
->parent
;
6026 if (iface
== wpa_s
|| iface
->parent
!= wpa_s
) {
6027 iface
= iface
->next
;
6030 wpa_printf(MSG_DEBUG
,
6031 "Remove remaining child interface %s from parent %s",
6032 iface
->ifname
, wpa_s
->ifname
);
6034 iface
= iface
->next
;
6035 wpa_supplicant_remove_iface(global
, prev
, terminate
);
6038 wpa_s
->disconnected
= 1;
6039 if (wpa_s
->drv_priv
) {
6040 wpa_supplicant_deauthenticate(wpa_s
,
6041 WLAN_REASON_DEAUTH_LEAVING
);
6043 wpa_drv_set_countermeasures(wpa_s
, 0);
6044 wpa_clear_keys(wpa_s
, NULL
);
6047 wpa_supplicant_cleanup(wpa_s
);
6048 wpas_p2p_deinit_iface(wpa_s
);
6050 wpas_ctrl_radio_work_flush(wpa_s
);
6051 radio_remove_interface(wpa_s
);
6055 fst_detach(wpa_s
->fst
);
6058 if (wpa_s
->received_mb_ies
) {
6059 wpabuf_free(wpa_s
->received_mb_ies
);
6060 wpa_s
->received_mb_ies
= NULL
;
6062 #endif /* CONFIG_FST */
6064 if (wpa_s
->drv_priv
)
6065 wpa_drv_deinit(wpa_s
);
6068 wpas_notify_iface_removed(wpa_s
);
6071 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TERMINATING
);
6073 if (wpa_s
->ctrl_iface
) {
6074 wpa_supplicant_ctrl_iface_deinit(wpa_s
->ctrl_iface
);
6075 wpa_s
->ctrl_iface
= NULL
;
6080 wpa_supplicant_mesh_iface_deinit(wpa_s
, wpa_s
->ifmsh
);
6081 wpa_s
->ifmsh
= NULL
;
6083 #endif /* CONFIG_MESH */
6085 if (wpa_s
->conf
!= NULL
) {
6086 wpa_config_free(wpa_s
->conf
);
6090 os_free(wpa_s
->ssids_from_scan_req
);
6091 os_free(wpa_s
->last_scan_freqs
);
6097 #ifdef CONFIG_MATCH_IFACE
6100 * wpa_supplicant_match_iface - Match an interface description to a name
6101 * @global: Pointer to global data from wpa_supplicant_init()
6102 * @ifname: Name of the interface to match
6103 * Returns: Pointer to the created interface description or %NULL on failure
6105 struct wpa_interface
* wpa_supplicant_match_iface(struct wpa_global
*global
,
6109 struct wpa_interface
*iface
, *miface
;
6111 for (i
= 0; i
< global
->params
.match_iface_count
; i
++) {
6112 miface
= &global
->params
.match_ifaces
[i
];
6113 if (!miface
->ifname
||
6114 fnmatch(miface
->ifname
, ifname
, 0) == 0) {
6115 iface
= os_zalloc(sizeof(*iface
));
6119 iface
->ifname
= ifname
;
6129 * wpa_supplicant_match_existing - Match existing interfaces
6130 * @global: Pointer to global data from wpa_supplicant_init()
6131 * Returns: 0 on success, -1 on failure
6133 static int wpa_supplicant_match_existing(struct wpa_global
*global
)
6135 struct if_nameindex
*ifi
, *ifp
;
6136 struct wpa_supplicant
*wpa_s
;
6137 struct wpa_interface
*iface
;
6139 ifp
= if_nameindex();
6141 wpa_printf(MSG_ERROR
, "if_nameindex: %s", strerror(errno
));
6145 for (ifi
= ifp
; ifi
->if_name
; ifi
++) {
6146 wpa_s
= wpa_supplicant_get_iface(global
, ifi
->if_name
);
6149 iface
= wpa_supplicant_match_iface(global
, ifi
->if_name
);
6151 wpa_s
= wpa_supplicant_add_iface(global
, iface
, NULL
);
6158 if_freenameindex(ifp
);
6162 #endif /* CONFIG_MATCH_IFACE */
6166 * wpa_supplicant_add_iface - Add a new network interface
6167 * @global: Pointer to global data from wpa_supplicant_init()
6168 * @iface: Interface configuration options
6169 * @parent: Parent interface or %NULL to assign new interface as parent
6170 * Returns: Pointer to the created interface or %NULL on failure
6172 * This function is used to add new network interfaces for %wpa_supplicant.
6173 * This can be called before wpa_supplicant_run() to add interfaces before the
6174 * main event loop has been started. In addition, new interfaces can be added
6175 * dynamically while %wpa_supplicant is already running. This could happen,
6176 * e.g., when a hotplug network adapter is inserted.
6178 struct wpa_supplicant
* wpa_supplicant_add_iface(struct wpa_global
*global
,
6179 struct wpa_interface
*iface
,
6180 struct wpa_supplicant
*parent
)
6182 struct wpa_supplicant
*wpa_s
;
6183 struct wpa_interface t_iface
;
6184 struct wpa_ssid
*ssid
;
6186 if (global
== NULL
|| iface
== NULL
)
6189 wpa_s
= wpa_supplicant_alloc(parent
);
6193 wpa_s
->global
= global
;
6196 if (global
->params
.override_driver
) {
6197 wpa_printf(MSG_DEBUG
, "Override interface parameter: driver "
6199 iface
->driver
, global
->params
.override_driver
);
6200 t_iface
.driver
= global
->params
.override_driver
;
6202 if (global
->params
.override_ctrl_interface
) {
6203 wpa_printf(MSG_DEBUG
, "Override interface parameter: "
6204 "ctrl_interface ('%s' -> '%s')",
6205 iface
->ctrl_interface
,
6206 global
->params
.override_ctrl_interface
);
6207 t_iface
.ctrl_interface
=
6208 global
->params
.override_ctrl_interface
;
6210 if (wpa_supplicant_init_iface(wpa_s
, &t_iface
)) {
6211 wpa_printf(MSG_DEBUG
, "Failed to add interface %s",
6213 wpa_supplicant_deinit_iface(wpa_s
, 0, 0);
6217 if (iface
->p2p_mgmt
== 0) {
6218 /* Notify the control interfaces about new iface */
6219 if (wpas_notify_iface_added(wpa_s
)) {
6220 wpa_supplicant_deinit_iface(wpa_s
, 1, 0);
6224 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
)
6225 wpas_notify_network_added(wpa_s
, ssid
);
6228 wpa_s
->next
= global
->ifaces
;
6229 global
->ifaces
= wpa_s
;
6231 wpa_dbg(wpa_s
, MSG_DEBUG
, "Added interface %s", wpa_s
->ifname
);
6232 wpa_supplicant_set_state(wpa_s
, WPA_DISCONNECTED
);
6235 if (wpa_s
->global
->p2p
== NULL
&&
6236 !wpa_s
->global
->p2p_disabled
&& !wpa_s
->conf
->p2p_disabled
&&
6237 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE
) &&
6238 wpas_p2p_add_p2pdev_interface(
6239 wpa_s
, wpa_s
->global
->params
.conf_p2p_dev
) < 0) {
6240 wpa_printf(MSG_INFO
,
6241 "P2P: Failed to enable P2P Device interface");
6242 /* Try to continue without. P2P will be disabled. */
6244 #endif /* CONFIG_P2P */
6251 * wpa_supplicant_remove_iface - Remove a network interface
6252 * @global: Pointer to global data from wpa_supplicant_init()
6253 * @wpa_s: Pointer to the network interface to be removed
6254 * Returns: 0 if interface was removed, -1 if interface was not found
6256 * This function can be used to dynamically remove network interfaces from
6257 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6258 * addition, this function is used to remove all remaining interfaces when
6259 * %wpa_supplicant is terminated.
6261 int wpa_supplicant_remove_iface(struct wpa_global
*global
,
6262 struct wpa_supplicant
*wpa_s
,
6265 struct wpa_supplicant
*prev
;
6267 unsigned int mesh_if_created
= wpa_s
->mesh_if_created
;
6268 char *ifname
= NULL
;
6269 struct wpa_supplicant
*parent
= wpa_s
->parent
;
6270 #endif /* CONFIG_MESH */
6272 /* Remove interface from the global list of interfaces */
6273 prev
= global
->ifaces
;
6274 if (prev
== wpa_s
) {
6275 global
->ifaces
= wpa_s
->next
;
6277 while (prev
&& prev
->next
!= wpa_s
)
6281 prev
->next
= wpa_s
->next
;
6284 wpa_dbg(wpa_s
, MSG_DEBUG
, "Removing interface %s", wpa_s
->ifname
);
6287 if (mesh_if_created
) {
6288 ifname
= os_strdup(wpa_s
->ifname
);
6289 if (ifname
== NULL
) {
6290 wpa_dbg(wpa_s
, MSG_ERROR
,
6291 "mesh: Failed to malloc ifname");
6295 #endif /* CONFIG_MESH */
6297 if (global
->p2p_group_formation
== wpa_s
)
6298 global
->p2p_group_formation
= NULL
;
6299 if (global
->p2p_invite_group
== wpa_s
)
6300 global
->p2p_invite_group
= NULL
;
6301 wpa_supplicant_deinit_iface(wpa_s
, 1, terminate
);
6304 if (mesh_if_created
) {
6305 wpa_drv_if_remove(parent
, WPA_IF_MESH
, ifname
);
6308 #endif /* CONFIG_MESH */
6315 * wpa_supplicant_get_eap_mode - Get the current EAP mode
6316 * @wpa_s: Pointer to the network interface
6317 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
6319 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant
*wpa_s
)
6321 const char *eapol_method
;
6323 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) == 0 &&
6324 wpa_s
->key_mgmt
!= WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
6328 eapol_method
= eapol_sm_get_method_name(wpa_s
->eapol
);
6329 if (eapol_method
== NULL
)
6330 return "UNKNOWN-EAP";
6332 return eapol_method
;
6337 * wpa_supplicant_get_iface - Get a new network interface
6338 * @global: Pointer to global data from wpa_supplicant_init()
6339 * @ifname: Interface name
6340 * Returns: Pointer to the interface or %NULL if not found
6342 struct wpa_supplicant
* wpa_supplicant_get_iface(struct wpa_global
*global
,
6345 struct wpa_supplicant
*wpa_s
;
6347 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6348 if (os_strcmp(wpa_s
->ifname
, ifname
) == 0)
6355 #ifndef CONFIG_NO_WPA_MSG
6356 static const char * wpa_supplicant_msg_ifname_cb(void *ctx
)
6358 struct wpa_supplicant
*wpa_s
= ctx
;
6361 return wpa_s
->ifname
;
6363 #endif /* CONFIG_NO_WPA_MSG */
6366 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
6367 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
6368 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
6370 /* Periodic cleanup tasks */
6371 static void wpas_periodic(void *eloop_ctx
, void *timeout_ctx
)
6373 struct wpa_global
*global
= eloop_ctx
;
6374 struct wpa_supplicant
*wpa_s
;
6376 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6377 wpas_periodic
, global
, NULL
);
6381 p2p_expire_peers(global
->p2p
);
6382 #endif /* CONFIG_P2P */
6384 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
) {
6385 wpa_bss_flush_by_age(wpa_s
, wpa_s
->conf
->bss_expiration_age
);
6388 #endif /* CONFIG_AP */
6394 * wpa_supplicant_init - Initialize %wpa_supplicant
6395 * @params: Parameters for %wpa_supplicant
6396 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
6398 * This function is used to initialize %wpa_supplicant. After successful
6399 * initialization, the returned data pointer can be used to add and remove
6400 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
6402 struct wpa_global
* wpa_supplicant_init(struct wpa_params
*params
)
6404 struct wpa_global
*global
;
6410 #ifdef CONFIG_DRIVER_NDIS
6412 void driver_ndis_init_ops(void);
6413 driver_ndis_init_ops();
6415 #endif /* CONFIG_DRIVER_NDIS */
6417 #ifndef CONFIG_NO_WPA_MSG
6418 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb
);
6419 #endif /* CONFIG_NO_WPA_MSG */
6421 if (params
->wpa_debug_file_path
)
6422 wpa_debug_open_file(params
->wpa_debug_file_path
);
6424 wpa_debug_setup_stdout();
6425 if (params
->wpa_debug_syslog
)
6426 wpa_debug_open_syslog();
6427 if (params
->wpa_debug_tracing
) {
6428 ret
= wpa_debug_open_linux_tracing();
6430 wpa_printf(MSG_ERROR
,
6431 "Failed to enable trace logging");
6436 ret
= eap_register_methods();
6438 wpa_printf(MSG_ERROR
, "Failed to register EAP methods");
6440 wpa_printf(MSG_ERROR
, "Two or more EAP methods used "
6441 "the same EAP type.");
6445 global
= os_zalloc(sizeof(*global
));
6448 dl_list_init(&global
->p2p_srv_bonjour
);
6449 dl_list_init(&global
->p2p_srv_upnp
);
6450 global
->params
.daemonize
= params
->daemonize
;
6451 global
->params
.wait_for_monitor
= params
->wait_for_monitor
;
6452 global
->params
.dbus_ctrl_interface
= params
->dbus_ctrl_interface
;
6453 if (params
->pid_file
)
6454 global
->params
.pid_file
= os_strdup(params
->pid_file
);
6455 if (params
->ctrl_interface
)
6456 global
->params
.ctrl_interface
=
6457 os_strdup(params
->ctrl_interface
);
6458 if (params
->ctrl_interface_group
)
6459 global
->params
.ctrl_interface_group
=
6460 os_strdup(params
->ctrl_interface_group
);
6461 if (params
->override_driver
)
6462 global
->params
.override_driver
=
6463 os_strdup(params
->override_driver
);
6464 if (params
->override_ctrl_interface
)
6465 global
->params
.override_ctrl_interface
=
6466 os_strdup(params
->override_ctrl_interface
);
6467 #ifdef CONFIG_MATCH_IFACE
6468 global
->params
.match_iface_count
= params
->match_iface_count
;
6469 if (params
->match_iface_count
) {
6470 global
->params
.match_ifaces
=
6471 os_calloc(params
->match_iface_count
,
6472 sizeof(struct wpa_interface
));
6473 os_memcpy(global
->params
.match_ifaces
,
6474 params
->match_ifaces
,
6475 params
->match_iface_count
*
6476 sizeof(struct wpa_interface
));
6478 #endif /* CONFIG_MATCH_IFACE */
6480 if (params
->conf_p2p_dev
)
6481 global
->params
.conf_p2p_dev
=
6482 os_strdup(params
->conf_p2p_dev
);
6483 #endif /* CONFIG_P2P */
6484 wpa_debug_level
= global
->params
.wpa_debug_level
=
6485 params
->wpa_debug_level
;
6486 wpa_debug_show_keys
= global
->params
.wpa_debug_show_keys
=
6487 params
->wpa_debug_show_keys
;
6488 wpa_debug_timestamp
= global
->params
.wpa_debug_timestamp
=
6489 params
->wpa_debug_timestamp
;
6491 wpa_printf(MSG_DEBUG
, "wpa_supplicant v" VERSION_STR
);
6494 wpa_printf(MSG_ERROR
, "Failed to initialize event loop");
6495 wpa_supplicant_deinit(global
);
6499 random_init(params
->entropy_file
);
6501 global
->ctrl_iface
= wpa_supplicant_global_ctrl_iface_init(global
);
6502 if (global
->ctrl_iface
== NULL
) {
6503 wpa_supplicant_deinit(global
);
6507 if (wpas_notify_supplicant_initialized(global
)) {
6508 wpa_supplicant_deinit(global
);
6512 for (i
= 0; wpa_drivers
[i
]; i
++)
6513 global
->drv_count
++;
6514 if (global
->drv_count
== 0) {
6515 wpa_printf(MSG_ERROR
, "No drivers enabled");
6516 wpa_supplicant_deinit(global
);
6519 global
->drv_priv
= os_calloc(global
->drv_count
, sizeof(void *));
6520 if (global
->drv_priv
== NULL
) {
6521 wpa_supplicant_deinit(global
);
6525 #ifdef CONFIG_WIFI_DISPLAY
6526 if (wifi_display_init(global
) < 0) {
6527 wpa_printf(MSG_ERROR
, "Failed to initialize Wi-Fi Display");
6528 wpa_supplicant_deinit(global
);
6531 #endif /* CONFIG_WIFI_DISPLAY */
6533 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL
, 0,
6534 wpas_periodic
, global
, NULL
);
6541 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
6542 * @global: Pointer to global data from wpa_supplicant_init()
6543 * Returns: 0 after successful event loop run, -1 on failure
6545 * This function starts the main event loop and continues running as long as
6546 * there are any remaining events. In most cases, this function is running as
6547 * long as the %wpa_supplicant process in still in use.
6549 int wpa_supplicant_run(struct wpa_global
*global
)
6551 struct wpa_supplicant
*wpa_s
;
6553 if (global
->params
.daemonize
&&
6554 (wpa_supplicant_daemon(global
->params
.pid_file
) ||
6555 eloop_sock_requeue()))
6558 #ifdef CONFIG_MATCH_IFACE
6559 if (wpa_supplicant_match_existing(global
))
6563 if (global
->params
.wait_for_monitor
) {
6564 for (wpa_s
= global
->ifaces
; wpa_s
; wpa_s
= wpa_s
->next
)
6565 if (wpa_s
->ctrl_iface
&& !wpa_s
->p2p_mgmt
)
6566 wpa_supplicant_ctrl_iface_wait(
6570 eloop_register_signal_terminate(wpa_supplicant_terminate
, global
);
6571 eloop_register_signal_reconfig(wpa_supplicant_reconfig
, global
);
6580 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
6581 * @global: Pointer to global data from wpa_supplicant_init()
6583 * This function is called to deinitialize %wpa_supplicant and to free all
6584 * allocated resources. Remaining network interfaces will also be removed.
6586 void wpa_supplicant_deinit(struct wpa_global
*global
)
6593 eloop_cancel_timeout(wpas_periodic
, global
, NULL
);
6595 #ifdef CONFIG_WIFI_DISPLAY
6596 wifi_display_deinit(global
);
6597 #endif /* CONFIG_WIFI_DISPLAY */
6599 while (global
->ifaces
)
6600 wpa_supplicant_remove_iface(global
, global
->ifaces
, 1);
6602 if (global
->ctrl_iface
)
6603 wpa_supplicant_global_ctrl_iface_deinit(global
->ctrl_iface
);
6605 wpas_notify_supplicant_deinitialized(global
);
6607 eap_peer_unregister_methods();
6609 eap_server_unregister_methods();
6610 #endif /* CONFIG_AP */
6612 for (i
= 0; wpa_drivers
[i
] && global
->drv_priv
; i
++) {
6613 if (!global
->drv_priv
[i
])
6615 wpa_drivers
[i
]->global_deinit(global
->drv_priv
[i
]);
6617 os_free(global
->drv_priv
);
6623 if (global
->params
.pid_file
) {
6624 os_daemonize_terminate(global
->params
.pid_file
);
6625 os_free(global
->params
.pid_file
);
6627 os_free(global
->params
.ctrl_interface
);
6628 os_free(global
->params
.ctrl_interface_group
);
6629 os_free(global
->params
.override_driver
);
6630 os_free(global
->params
.override_ctrl_interface
);
6631 #ifdef CONFIG_MATCH_IFACE
6632 os_free(global
->params
.match_ifaces
);
6633 #endif /* CONFIG_MATCH_IFACE */
6635 os_free(global
->params
.conf_p2p_dev
);
6636 #endif /* CONFIG_P2P */
6638 os_free(global
->p2p_disallow_freq
.range
);
6639 os_free(global
->p2p_go_avoid_freq
.range
);
6640 os_free(global
->add_psk
);
6643 wpa_debug_close_syslog();
6644 wpa_debug_close_file();
6645 wpa_debug_close_linux_tracing();
6649 void wpa_supplicant_update_config(struct wpa_supplicant
*wpa_s
)
6651 if ((wpa_s
->conf
->changed_parameters
& CFG_CHANGED_COUNTRY
) &&
6652 wpa_s
->conf
->country
[0] && wpa_s
->conf
->country
[1]) {
6654 country
[0] = wpa_s
->conf
->country
[0];
6655 country
[1] = wpa_s
->conf
->country
[1];
6657 if (wpa_drv_set_country(wpa_s
, country
) < 0) {
6658 wpa_printf(MSG_ERROR
, "Failed to set country code "
6663 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_EXT_PW_BACKEND
)
6664 wpas_init_ext_pw(wpa_s
);
6666 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_SCHED_SCAN_PLANS
)
6667 wpas_sched_scan_plans_set(wpa_s
, wpa_s
->conf
->sched_scan_plans
);
6669 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_WOWLAN_TRIGGERS
) {
6670 struct wpa_driver_capa capa
;
6671 int res
= wpa_drv_get_capa(wpa_s
, &capa
);
6673 if (res
== 0 && wpas_set_wowlan_triggers(wpa_s
, &capa
) < 0)
6674 wpa_printf(MSG_ERROR
,
6675 "Failed to update wowlan_triggers to '%s'",
6676 wpa_s
->conf
->wowlan_triggers
);
6679 if (wpa_s
->conf
->changed_parameters
& CFG_CHANGED_DISABLE_BTM
)
6680 wpa_supplicant_set_default_scan_ies(wpa_s
);
6683 wpas_wps_update_config(wpa_s
);
6684 #endif /* CONFIG_WPS */
6685 wpas_p2p_update_config(wpa_s
);
6686 wpa_s
->conf
->changed_parameters
= 0;
6690 void add_freq(int *freqs
, int *num_freqs
, int freq
)
6694 for (i
= 0; i
< *num_freqs
; i
++) {
6695 if (freqs
[i
] == freq
)
6699 freqs
[*num_freqs
] = freq
;
6704 static int * get_bss_freqs_in_ess(struct wpa_supplicant
*wpa_s
)
6706 struct wpa_bss
*bss
, *cbss
;
6707 const int max_freqs
= 10;
6711 freqs
= os_calloc(max_freqs
+ 1, sizeof(int));
6715 cbss
= wpa_s
->current_bss
;
6717 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
6720 if (bss
->ssid_len
== cbss
->ssid_len
&&
6721 os_memcmp(bss
->ssid
, cbss
->ssid
, bss
->ssid_len
) == 0 &&
6722 wpa_blacklist_get(wpa_s
, bss
->bssid
) == NULL
) {
6723 add_freq(freqs
, &num_freqs
, bss
->freq
);
6724 if (num_freqs
== max_freqs
)
6729 if (num_freqs
== 0) {
6738 void wpas_connection_failed(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
6744 wpas_connect_work_done(wpa_s
);
6747 * Remove possible authentication timeout since the connection failed.
6749 eloop_cancel_timeout(wpa_supplicant_timeout
, wpa_s
, NULL
);
6752 * There is no point in blacklisting the AP if this event is
6753 * generated based on local request to disconnect.
6755 if (wpa_s
->own_disconnect_req
) {
6756 wpa_s
->own_disconnect_req
= 0;
6757 wpa_dbg(wpa_s
, MSG_DEBUG
,
6758 "Ignore connection failure due to local request to disconnect");
6761 if (wpa_s
->disconnected
) {
6762 wpa_dbg(wpa_s
, MSG_DEBUG
, "Ignore connection failure "
6763 "indication since interface has been put into "
6764 "disconnected state");
6769 * Add the failed BSSID into the blacklist and speed up next scan
6770 * attempt if there could be other APs that could accept association.
6771 * The current blacklist count indicates how many times we have tried
6772 * connecting to this AP and multiple attempts mean that other APs are
6773 * either not available or has already been tried, so that we can start
6774 * increasing the delay here to avoid constant scanning.
6776 count
= wpa_blacklist_add(wpa_s
, bssid
);
6777 if (count
== 1 && wpa_s
->current_bss
) {
6779 * This BSS was not in the blacklist before. If there is
6780 * another BSS available for the same ESS, we should try that
6781 * next. Otherwise, we may as well try this one once more
6782 * before allowing other, likely worse, ESSes to be considered.
6784 freqs
= get_bss_freqs_in_ess(wpa_s
);
6786 wpa_dbg(wpa_s
, MSG_DEBUG
, "Another BSS in this ESS "
6787 "has been seen; try it next");
6788 wpa_blacklist_add(wpa_s
, bssid
);
6790 * On the next scan, go through only the known channels
6791 * used in this ESS based on previous scans to speed up
6792 * common load balancing use case.
6794 os_free(wpa_s
->next_scan_freqs
);
6795 wpa_s
->next_scan_freqs
= freqs
;
6800 * Add previous failure count in case the temporary blacklist was
6801 * cleared due to no other BSSes being available.
6803 count
+= wpa_s
->extra_blacklist_count
;
6805 if (count
> 3 && wpa_s
->current_ssid
) {
6806 wpa_printf(MSG_DEBUG
, "Continuous association failures - "
6807 "consider temporary network disabling");
6808 wpas_auth_failed(wpa_s
, "CONN_FAILED");
6829 wpa_dbg(wpa_s
, MSG_DEBUG
, "Blacklist count %d --> request scan in %d "
6830 "ms", count
, timeout
);
6833 * TODO: if more than one possible AP is available in scan results,
6834 * could try the other ones before requesting a new scan.
6837 /* speed up the connection attempt with normal scan */
6838 wpa_s
->normal_scans
= 0;
6839 wpa_supplicant_req_scan(wpa_s
, timeout
/ 1000,
6840 1000 * (timeout
% 1000));
6845 void fils_connection_failure(struct wpa_supplicant
*wpa_s
)
6847 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
6848 const u8
*realm
, *username
, *rrk
;
6849 size_t realm_len
, username_len
, rrk_len
;
6852 if (!ssid
|| !ssid
->eap
.erp
|| !wpa_key_mgmt_fils(ssid
->key_mgmt
) ||
6853 eapol_sm_get_erp_info(wpa_s
->eapol
, &ssid
->eap
,
6854 &username
, &username_len
,
6855 &realm
, &realm_len
, &next_seq_num
,
6856 &rrk
, &rrk_len
) != 0 ||
6860 wpa_hexdump_ascii(MSG_DEBUG
,
6861 "FILS: Store last connection failure realm",
6863 os_free(wpa_s
->last_con_fail_realm
);
6864 wpa_s
->last_con_fail_realm
= os_malloc(realm_len
);
6865 if (wpa_s
->last_con_fail_realm
) {
6866 wpa_s
->last_con_fail_realm_len
= realm_len
;
6867 os_memcpy(wpa_s
->last_con_fail_realm
, realm
, realm_len
);
6870 #endif /* CONFIG_FILS */
6873 int wpas_driver_bss_selection(struct wpa_supplicant
*wpa_s
)
6875 return wpa_s
->conf
->ap_scan
== 2 ||
6876 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_BSS_SELECTION
);
6880 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
6881 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant
*wpa_s
,
6882 struct wpa_ssid
*ssid
,
6886 #ifdef IEEE8021X_EAPOL
6887 struct eap_peer_config
*eap
= &ssid
->eap
;
6889 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: response handle field=%s", field
);
6890 wpa_hexdump_ascii_key(MSG_DEBUG
, "CTRL_IFACE: response value",
6891 (const u8
*) value
, os_strlen(value
));
6893 switch (wpa_supplicant_ctrl_req_from_string(field
)) {
6894 case WPA_CTRL_REQ_EAP_IDENTITY
:
6895 os_free(eap
->identity
);
6896 eap
->identity
= (u8
*) os_strdup(value
);
6897 eap
->identity_len
= os_strlen(value
);
6898 eap
->pending_req_identity
= 0;
6899 if (ssid
== wpa_s
->current_ssid
)
6900 wpa_s
->reassociate
= 1;
6902 case WPA_CTRL_REQ_EAP_PASSWORD
:
6903 bin_clear_free(eap
->password
, eap
->password_len
);
6904 eap
->password
= (u8
*) os_strdup(value
);
6905 eap
->password_len
= os_strlen(value
);
6906 eap
->pending_req_password
= 0;
6907 if (ssid
== wpa_s
->current_ssid
)
6908 wpa_s
->reassociate
= 1;
6910 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
6911 bin_clear_free(eap
->new_password
, eap
->new_password_len
);
6912 eap
->new_password
= (u8
*) os_strdup(value
);
6913 eap
->new_password_len
= os_strlen(value
);
6914 eap
->pending_req_new_password
= 0;
6915 if (ssid
== wpa_s
->current_ssid
)
6916 wpa_s
->reassociate
= 1;
6918 case WPA_CTRL_REQ_EAP_PIN
:
6919 str_clear_free(eap
->cert
.pin
);
6920 eap
->cert
.pin
= os_strdup(value
);
6921 eap
->pending_req_pin
= 0;
6922 if (ssid
== wpa_s
->current_ssid
)
6923 wpa_s
->reassociate
= 1;
6925 case WPA_CTRL_REQ_EAP_OTP
:
6926 bin_clear_free(eap
->otp
, eap
->otp_len
);
6927 eap
->otp
= (u8
*) os_strdup(value
);
6928 eap
->otp_len
= os_strlen(value
);
6929 os_free(eap
->pending_req_otp
);
6930 eap
->pending_req_otp
= NULL
;
6931 eap
->pending_req_otp_len
= 0;
6933 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
6934 str_clear_free(eap
->cert
.private_key_passwd
);
6935 eap
->cert
.private_key_passwd
= os_strdup(value
);
6936 eap
->pending_req_passphrase
= 0;
6937 if (ssid
== wpa_s
->current_ssid
)
6938 wpa_s
->reassociate
= 1;
6940 case WPA_CTRL_REQ_SIM
:
6941 str_clear_free(eap
->external_sim_resp
);
6942 eap
->external_sim_resp
= os_strdup(value
);
6943 eap
->pending_req_sim
= 0;
6945 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
6946 if (wpa_config_set(ssid
, "psk", value
, 0) < 0)
6948 ssid
->mem_only_psk
= 1;
6949 if (ssid
->passphrase
)
6950 wpa_config_update_psk(ssid
);
6951 if (wpa_s
->wpa_state
== WPA_SCANNING
&& !wpa_s
->scanning
)
6952 wpa_supplicant_req_scan(wpa_s
, 0, 0);
6954 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
6955 if (eap
->pending_ext_cert_check
!= PENDING_CHECK
)
6957 if (os_strcmp(value
, "good") == 0)
6958 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_GOOD
;
6959 else if (os_strcmp(value
, "bad") == 0)
6960 eap
->pending_ext_cert_check
= EXT_CERT_CHECK_BAD
;
6965 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: Unknown field '%s'", field
);
6970 #else /* IEEE8021X_EAPOL */
6971 wpa_printf(MSG_DEBUG
, "CTRL_IFACE: IEEE 802.1X not included");
6973 #endif /* IEEE8021X_EAPOL */
6975 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
6978 int wpas_network_disabled(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
6981 unsigned int drv_enc
;
6983 if (wpa_s
->p2p_mgmt
)
6984 return 1; /* no normal network profiles on p2p_mgmt interface */
6992 if (wpa_s
->drv_capa_known
)
6993 drv_enc
= wpa_s
->drv_enc
;
6995 drv_enc
= (unsigned int) -1;
6997 for (i
= 0; i
< NUM_WEP_KEYS
; i
++) {
6998 size_t len
= ssid
->wep_key_len
[i
];
7001 if (len
== 5 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP40
))
7003 if (len
== 13 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP104
))
7005 if (len
== 16 && (drv_enc
& WPA_DRIVER_CAPA_ENC_WEP128
))
7007 return 1; /* invalid WEP key */
7010 if (wpa_key_mgmt_wpa_psk(ssid
->key_mgmt
) && !ssid
->psk_set
&&
7011 (!ssid
->passphrase
|| ssid
->ssid_len
!= 0) && !ssid
->ext_psk
&&
7012 !(wpa_key_mgmt_sae(ssid
->key_mgmt
) && ssid
->sae_password
) &&
7013 !ssid
->mem_only_psk
)
7020 int wpas_get_ssid_pmf(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
)
7022 if (ssid
== NULL
|| ssid
->ieee80211w
== MGMT_FRAME_PROTECTION_DEFAULT
) {
7023 if (wpa_s
->conf
->pmf
== MGMT_FRAME_PROTECTION_OPTIONAL
&&
7024 !(wpa_s
->drv_enc
& WPA_DRIVER_CAPA_ENC_BIP
)) {
7026 * Driver does not support BIP -- ignore pmf=1 default
7027 * since the connection with PMF would fail and the
7028 * configuration does not require PMF to be enabled.
7030 return NO_MGMT_FRAME_PROTECTION
;
7035 ~(WPA_KEY_MGMT_NONE
| WPA_KEY_MGMT_WPS
|
7036 WPA_KEY_MGMT_IEEE8021X_NO_WPA
)) == 0) {
7038 * Do not use the default PMF value for non-RSN networks
7039 * since PMF is available only with RSN and pmf=2
7040 * configuration would otherwise prevent connections to
7041 * all open networks.
7043 return NO_MGMT_FRAME_PROTECTION
;
7046 return wpa_s
->conf
->pmf
;
7049 return ssid
->ieee80211w
;
7053 int wpas_is_p2p_prioritized(struct wpa_supplicant
*wpa_s
)
7055 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_P2P
)
7057 if (wpa_s
->global
->conc_pref
== WPA_CONC_PREF_STA
)
7063 void wpas_auth_failed(struct wpa_supplicant
*wpa_s
, char *reason
)
7065 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
7067 struct os_reltime now
;
7070 wpa_printf(MSG_DEBUG
, "Authentication failure but no known "
7075 if (ssid
->key_mgmt
== WPA_KEY_MGMT_WPS
)
7078 ssid
->auth_failures
++;
7081 if (ssid
->p2p_group
&&
7082 (wpa_s
->p2p_in_provisioning
|| wpa_s
->show_group_started
)) {
7084 * Skip the wait time since there is a short timeout on the
7085 * connection to a P2P group.
7089 #endif /* CONFIG_P2P */
7091 if (ssid
->auth_failures
> 50)
7093 else if (ssid
->auth_failures
> 10)
7095 else if (ssid
->auth_failures
> 5)
7097 else if (ssid
->auth_failures
> 3)
7099 else if (ssid
->auth_failures
> 2)
7101 else if (ssid
->auth_failures
> 1)
7106 if (ssid
->auth_failures
> 1 &&
7107 wpa_key_mgmt_wpa_ieee8021x(ssid
->key_mgmt
))
7108 dur
+= os_random() % (ssid
->auth_failures
* 10);
7110 os_get_reltime(&now
);
7111 if (now
.sec
+ dur
<= ssid
->disabled_until
.sec
)
7114 ssid
->disabled_until
.sec
= now
.sec
+ dur
;
7116 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_TEMP_DISABLED
7117 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
7118 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
),
7119 ssid
->auth_failures
, dur
, reason
);
7123 void wpas_clear_temp_disabled(struct wpa_supplicant
*wpa_s
,
7124 struct wpa_ssid
*ssid
, int clear_failures
)
7129 if (ssid
->disabled_until
.sec
) {
7130 wpa_msg(wpa_s
, MSG_INFO
, WPA_EVENT_REENABLED
7131 "id=%d ssid=\"%s\"",
7132 ssid
->id
, wpa_ssid_txt(ssid
->ssid
, ssid
->ssid_len
));
7134 ssid
->disabled_until
.sec
= 0;
7135 ssid
->disabled_until
.usec
= 0;
7137 ssid
->auth_failures
= 0;
7141 int disallowed_bssid(struct wpa_supplicant
*wpa_s
, const u8
*bssid
)
7145 if (wpa_s
->disallow_aps_bssid
== NULL
)
7148 for (i
= 0; i
< wpa_s
->disallow_aps_bssid_count
; i
++) {
7149 if (os_memcmp(wpa_s
->disallow_aps_bssid
+ i
* ETH_ALEN
,
7150 bssid
, ETH_ALEN
) == 0)
7158 int disallowed_ssid(struct wpa_supplicant
*wpa_s
, const u8
*ssid
,
7163 if (wpa_s
->disallow_aps_ssid
== NULL
|| ssid
== NULL
)
7166 for (i
= 0; i
< wpa_s
->disallow_aps_ssid_count
; i
++) {
7167 struct wpa_ssid_value
*s
= &wpa_s
->disallow_aps_ssid
[i
];
7168 if (ssid_len
== s
->ssid_len
&&
7169 os_memcmp(ssid
, s
->ssid
, ssid_len
) == 0)
7178 * wpas_request_connection - Request a new connection
7179 * @wpa_s: Pointer to the network interface
7181 * This function is used to request a new connection to be found. It will mark
7182 * the interface to allow reassociation and request a new scan to find a
7183 * suitable network to connect to.
7185 void wpas_request_connection(struct wpa_supplicant
*wpa_s
)
7187 wpa_s
->normal_scans
= 0;
7188 wpa_s
->scan_req
= NORMAL_SCAN_REQ
;
7189 wpa_supplicant_reinit_autoscan(wpa_s
);
7190 wpa_s
->extra_blacklist_count
= 0;
7191 wpa_s
->disconnected
= 0;
7192 wpa_s
->reassociate
= 1;
7193 wpa_s
->last_owe_group
= 0;
7195 if (wpa_supplicant_fast_associate(wpa_s
) != 1)
7196 wpa_supplicant_req_scan(wpa_s
, 0, 0);
7198 wpa_s
->reattach
= 0;
7203 * wpas_request_disconnection - Request disconnection
7204 * @wpa_s: Pointer to the network interface
7206 * This function is used to request disconnection from the currently connected
7207 * network. This will stop any ongoing scans and initiate deauthentication.
7209 void wpas_request_disconnection(struct wpa_supplicant
*wpa_s
)
7212 wpa_s
->sme
.prev_bssid_set
= 0;
7213 #endif /* CONFIG_SME */
7214 wpa_s
->reassociate
= 0;
7215 wpa_s
->disconnected
= 1;
7216 wpa_supplicant_cancel_sched_scan(wpa_s
);
7217 wpa_supplicant_cancel_scan(wpa_s
);
7218 wpa_supplicant_deauthenticate(wpa_s
, WLAN_REASON_DEAUTH_LEAVING
);
7219 eloop_cancel_timeout(wpas_network_reenabled
, wpa_s
, NULL
);
7220 radio_remove_works(wpa_s
, "connect", 0);
7221 radio_remove_works(wpa_s
, "sme-connect", 0);
7225 void dump_freq_data(struct wpa_supplicant
*wpa_s
, const char *title
,
7226 struct wpa_used_freq_data
*freqs_data
,
7231 wpa_dbg(wpa_s
, MSG_DEBUG
, "Shared frequencies (len=%u): %s",
7233 for (i
= 0; i
< len
; i
++) {
7234 struct wpa_used_freq_data
*cur
= &freqs_data
[i
];
7235 wpa_dbg(wpa_s
, MSG_DEBUG
, "freq[%u]: %d, flags=0x%X",
7236 i
, cur
->freq
, cur
->flags
);
7242 * Find the operating frequencies of any of the virtual interfaces that
7243 * are using the same radio as the current interface, and in addition, get
7244 * information about the interface types that are using the frequency.
7246 int get_shared_radio_freqs_data(struct wpa_supplicant
*wpa_s
,
7247 struct wpa_used_freq_data
*freqs_data
,
7250 struct wpa_supplicant
*ifs
;
7253 unsigned int idx
= 0, i
;
7255 wpa_dbg(wpa_s
, MSG_DEBUG
,
7256 "Determining shared radio frequencies (max len %u)", len
);
7257 os_memset(freqs_data
, 0, sizeof(struct wpa_used_freq_data
) * len
);
7259 dl_list_for_each(ifs
, &wpa_s
->radio
->ifaces
, struct wpa_supplicant
,
7264 if (ifs
->current_ssid
== NULL
|| ifs
->assoc_freq
== 0)
7267 if (ifs
->current_ssid
->mode
== WPAS_MODE_AP
||
7268 ifs
->current_ssid
->mode
== WPAS_MODE_P2P_GO
||
7269 ifs
->current_ssid
->mode
== WPAS_MODE_MESH
)
7270 freq
= ifs
->current_ssid
->frequency
;
7271 else if (wpa_drv_get_bssid(ifs
, bssid
) == 0)
7272 freq
= ifs
->assoc_freq
;
7276 /* Hold only distinct freqs */
7277 for (i
= 0; i
< idx
; i
++)
7278 if (freqs_data
[i
].freq
== freq
)
7282 freqs_data
[idx
++].freq
= freq
;
7284 if (ifs
->current_ssid
->mode
== WPAS_MODE_INFRA
) {
7285 freqs_data
[i
].flags
|= ifs
->current_ssid
->p2p_group
?
7286 WPA_FREQ_USED_BY_P2P_CLIENT
:
7287 WPA_FREQ_USED_BY_INFRA_STATION
;
7291 dump_freq_data(wpa_s
, "completed iteration", freqs_data
, idx
);
7297 * Find the operating frequencies of any of the virtual interfaces that
7298 * are using the same radio as the current interface.
7300 int get_shared_radio_freqs(struct wpa_supplicant
*wpa_s
,
7301 int *freq_array
, unsigned int len
)
7303 struct wpa_used_freq_data
*freqs_data
;
7306 os_memset(freq_array
, 0, sizeof(int) * len
);
7308 freqs_data
= os_calloc(len
, sizeof(struct wpa_used_freq_data
));
7312 num
= get_shared_radio_freqs_data(wpa_s
, freqs_data
, len
);
7313 for (i
= 0; i
< num
; i
++)
7314 freq_array
[i
] = freqs_data
[i
].freq
;
7316 os_free(freqs_data
);
7322 struct wpa_supplicant
*
7323 wpas_vendor_elem(struct wpa_supplicant
*wpa_s
, enum wpa_vendor_elem_frame frame
)
7327 case VENDOR_ELEM_PROBE_REQ_P2P
:
7328 case VENDOR_ELEM_PROBE_RESP_P2P
:
7329 case VENDOR_ELEM_PROBE_RESP_P2P_GO
:
7330 case VENDOR_ELEM_BEACON_P2P_GO
:
7331 case VENDOR_ELEM_P2P_PD_REQ
:
7332 case VENDOR_ELEM_P2P_PD_RESP
:
7333 case VENDOR_ELEM_P2P_GO_NEG_REQ
:
7334 case VENDOR_ELEM_P2P_GO_NEG_RESP
:
7335 case VENDOR_ELEM_P2P_GO_NEG_CONF
:
7336 case VENDOR_ELEM_P2P_INV_REQ
:
7337 case VENDOR_ELEM_P2P_INV_RESP
:
7338 case VENDOR_ELEM_P2P_ASSOC_REQ
:
7339 case VENDOR_ELEM_P2P_ASSOC_RESP
:
7340 return wpa_s
->p2pdev
;
7341 #endif /* CONFIG_P2P */
7348 void wpas_vendor_elem_update(struct wpa_supplicant
*wpa_s
)
7353 wpa_printf(MSG_DEBUG
, "Update vendor elements");
7355 for (i
= 0; i
< NUM_VENDOR_ELEM_FRAMES
; i
++) {
7356 if (wpa_s
->vendor_elem
[i
]) {
7359 res
= os_snprintf(buf
, sizeof(buf
), "frame[%u]", i
);
7360 if (!os_snprintf_error(sizeof(buf
), res
)) {
7361 wpa_hexdump_buf(MSG_DEBUG
, buf
,
7362 wpa_s
->vendor_elem
[i
]);
7368 if (wpa_s
->parent
== wpa_s
&&
7369 wpa_s
->global
->p2p
&&
7370 !wpa_s
->global
->p2p_disabled
)
7371 p2p_set_vendor_elems(wpa_s
->global
->p2p
, wpa_s
->vendor_elem
);
7372 #endif /* CONFIG_P2P */
7376 int wpas_vendor_elem_remove(struct wpa_supplicant
*wpa_s
, int frame
,
7377 const u8
*elem
, size_t len
)
7381 ie
= wpabuf_mhead_u8(wpa_s
->vendor_elem
[frame
]);
7382 end
= ie
+ wpabuf_len(wpa_s
->vendor_elem
[frame
]);
7384 for (; ie
+ 1 < end
; ie
+= 2 + ie
[1]) {
7387 if (os_memcmp(ie
, elem
, len
) != 0)
7390 if (wpabuf_len(wpa_s
->vendor_elem
[frame
]) == len
) {
7391 wpabuf_free(wpa_s
->vendor_elem
[frame
]);
7392 wpa_s
->vendor_elem
[frame
] = NULL
;
7394 os_memmove(ie
, ie
+ len
, end
- (ie
+ len
));
7395 wpa_s
->vendor_elem
[frame
]->used
-= len
;
7397 wpas_vendor_elem_update(wpa_s
);
7405 struct hostapd_hw_modes
* get_mode(struct hostapd_hw_modes
*modes
,
7406 u16 num_modes
, enum hostapd_hw_mode mode
)
7410 for (i
= 0; i
< num_modes
; i
++) {
7411 if (modes
[i
].mode
== mode
)
7420 wpa_bss_tmp_disallowed
* wpas_get_disallowed_bss(struct wpa_supplicant
*wpa_s
,
7423 struct wpa_bss_tmp_disallowed
*bss
;
7425 dl_list_for_each(bss
, &wpa_s
->bss_tmp_disallowed
,
7426 struct wpa_bss_tmp_disallowed
, list
) {
7427 if (os_memcmp(bssid
, bss
->bssid
, ETH_ALEN
) == 0)
7435 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant
*wpa_s
)
7437 struct wpa_bss_tmp_disallowed
*tmp
;
7438 unsigned int num_bssid
= 0;
7442 bssids
= os_malloc(dl_list_len(&wpa_s
->bss_tmp_disallowed
) * ETH_ALEN
);
7445 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7446 struct wpa_bss_tmp_disallowed
, list
) {
7447 os_memcpy(&bssids
[num_bssid
* ETH_ALEN
], tmp
->bssid
,
7451 ret
= wpa_drv_set_bssid_blacklist(wpa_s
, num_bssid
, bssids
);
7457 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx
, void *timeout_ctx
)
7459 struct wpa_supplicant
*wpa_s
= eloop_ctx
;
7460 struct wpa_bss_tmp_disallowed
*tmp
, *bss
= timeout_ctx
;
7462 /* Make sure the bss is not already freed */
7463 dl_list_for_each(tmp
, &wpa_s
->bss_tmp_disallowed
,
7464 struct wpa_bss_tmp_disallowed
, list
) {
7466 dl_list_del(&tmp
->list
);
7468 wpa_set_driver_tmp_disallow_list(wpa_s
);
7475 void wpa_bss_tmp_disallow(struct wpa_supplicant
*wpa_s
, const u8
*bssid
,
7476 unsigned int sec
, int rssi_threshold
)
7478 struct wpa_bss_tmp_disallowed
*bss
;
7480 bss
= wpas_get_disallowed_bss(wpa_s
, bssid
);
7482 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout
, wpa_s
, bss
);
7486 bss
= os_malloc(sizeof(*bss
));
7488 wpa_printf(MSG_DEBUG
,
7489 "Failed to allocate memory for temp disallow BSS");
7493 os_memcpy(bss
->bssid
, bssid
, ETH_ALEN
);
7494 dl_list_add(&wpa_s
->bss_tmp_disallowed
, &bss
->list
);
7495 wpa_set_driver_tmp_disallow_list(wpa_s
);
7498 bss
->rssi_threshold
= rssi_threshold
;
7499 eloop_register_timeout(sec
, 0, wpa_bss_tmp_disallow_timeout
,
7504 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant
*wpa_s
,
7505 struct wpa_bss
*bss
)
7507 struct wpa_bss_tmp_disallowed
*disallowed
= NULL
, *tmp
, *prev
;
7509 dl_list_for_each_safe(tmp
, prev
, &wpa_s
->bss_tmp_disallowed
,
7510 struct wpa_bss_tmp_disallowed
, list
) {
7511 if (os_memcmp(bss
->bssid
, tmp
->bssid
, ETH_ALEN
) == 0) {
7519 if (disallowed
->rssi_threshold
!= 0 &&
7520 bss
->level
> disallowed
->rssi_threshold
)
7527 int wpas_enable_mac_addr_randomization(struct wpa_supplicant
*wpa_s
,
7528 unsigned int type
, const u8
*addr
,
7531 if ((addr
&& !mask
) || (!addr
&& mask
)) {
7532 wpa_printf(MSG_INFO
,
7533 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
7537 if (addr
&& mask
&& (!(mask
[0] & 0x01) || (addr
[0] & 0x01))) {
7538 wpa_printf(MSG_INFO
,
7539 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
7543 if (type
& MAC_ADDR_RAND_SCAN
) {
7544 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_SCAN
,
7549 if (type
& MAC_ADDR_RAND_SCHED_SCAN
) {
7550 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_SCHED_SCAN
,
7554 if (wpa_s
->sched_scanning
&& !wpa_s
->pno
)
7555 wpas_scan_restart_sched_scan(wpa_s
);
7558 if (type
& MAC_ADDR_RAND_PNO
) {
7559 if (wpas_mac_addr_rand_scan_set(wpa_s
, MAC_ADDR_RAND_PNO
,
7564 wpas_stop_pno(wpa_s
);
7565 wpas_start_pno(wpa_s
);
7573 int wpas_disable_mac_addr_randomization(struct wpa_supplicant
*wpa_s
,
7576 wpas_mac_addr_rand_scan_clear(wpa_s
, type
);
7578 if (type
& MAC_ADDR_RAND_PNO
) {
7579 wpas_stop_pno(wpa_s
);
7580 wpas_start_pno(wpa_s
);
7582 } else if (wpa_s
->sched_scanning
&& (type
& MAC_ADDR_RAND_SCHED_SCAN
)) {
7583 wpas_scan_restart_sched_scan(wpa_s
);