2 * WPA Supplicant - Glue code to setup EAPOL and RSN modules
3 * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
12 #include "eapol_supp/eapol_supp_sm.h"
13 #include "eap_peer/eap.h"
14 #include "rsn_supp/wpa.h"
17 #include "l2_packet/l2_packet.h"
18 #include "common/wpa_common.h"
19 #include "wpa_supplicant_i.h"
21 #include "rsn_supp/pmksa_cache.h"
23 #include "common/ieee802_11_defs.h"
24 #include "common/wpa_ctrl.h"
25 #include "wpas_glue.h"
26 #include "wps_supplicant.h"
33 #ifndef CONFIG_NO_CONFIG_BLOBS
34 #if defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA)
35 static void wpa_supplicant_set_config_blob(void *ctx
,
36 struct wpa_config_blob
*blob
)
38 struct wpa_supplicant
*wpa_s
= ctx
;
39 wpa_config_set_blob(wpa_s
->conf
, blob
);
40 if (wpa_s
->conf
->update_config
) {
41 int ret
= wpa_config_write(wpa_s
->confname
, wpa_s
->conf
);
43 wpa_printf(MSG_DEBUG
, "Failed to update config after "
50 static const struct wpa_config_blob
*
51 wpa_supplicant_get_config_blob(void *ctx
, const char *name
)
53 struct wpa_supplicant
*wpa_s
= ctx
;
54 return wpa_config_get_blob(wpa_s
->conf
, name
);
56 #endif /* defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA) */
57 #endif /* CONFIG_NO_CONFIG_BLOBS */
60 #if defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA)
61 static u8
* wpa_alloc_eapol(const struct wpa_supplicant
*wpa_s
, u8 type
,
62 const void *data
, u16 data_len
,
63 size_t *msg_len
, void **data_pos
)
65 struct ieee802_1x_hdr
*hdr
;
67 *msg_len
= sizeof(*hdr
) + data_len
;
68 hdr
= os_malloc(*msg_len
);
72 hdr
->version
= wpa_s
->conf
->eapol_version
;
74 hdr
->length
= host_to_be16(data_len
);
77 os_memcpy(hdr
+ 1, data
, data_len
);
79 os_memset(hdr
+ 1, 0, data_len
);
89 * wpa_ether_send - Send Ethernet frame
90 * @wpa_s: Pointer to wpa_supplicant data
91 * @dest: Destination MAC address
92 * @proto: Ethertype in host byte order
93 * @buf: Frame payload starting from IEEE 802.1X header
94 * @len: Frame payload length
95 * Returns: >=0 on success, <0 on failure
97 static int wpa_ether_send(struct wpa_supplicant
*wpa_s
, const u8
*dest
,
98 u16 proto
, const u8
*buf
, size_t len
)
100 #ifdef CONFIG_TESTING_OPTIONS
101 if (wpa_s
->ext_eapol_frame_io
&& proto
== ETH_P_EAPOL
) {
102 size_t hex_len
= 2 * len
+ 1;
103 char *hex
= os_malloc(hex_len
);
107 wpa_snprintf_hex(hex
, hex_len
, buf
, len
);
108 wpa_msg(wpa_s
, MSG_INFO
, "EAPOL-TX " MACSTR
" %s",
113 #endif /* CONFIG_TESTING_OPTIONS */
115 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_CONTROL_PORT
) {
116 int encrypt
= wpa_s
->wpa
&&
117 wpa_sm_has_ptk_installed(wpa_s
->wpa
);
119 return wpa_drv_tx_control_port(wpa_s
, dest
, proto
, buf
, len
,
124 return l2_packet_send(wpa_s
->l2
, dest
, proto
, buf
, len
);
129 #endif /* IEEE8021X_EAPOL || !CONFIG_NO_WPA */
132 #ifdef IEEE8021X_EAPOL
135 * wpa_supplicant_eapol_send - Send IEEE 802.1X EAPOL packet to Authenticator
136 * @ctx: Pointer to wpa_supplicant data (wpa_s)
137 * @type: IEEE 802.1X packet type (IEEE802_1X_TYPE_*)
138 * @buf: EAPOL payload (after IEEE 802.1X header)
139 * @len: EAPOL payload length
140 * Returns: >=0 on success, <0 on failure
142 * This function adds Ethernet and IEEE 802.1X header and sends the EAPOL frame
143 * to the current Authenticator.
145 static int wpa_supplicant_eapol_send(void *ctx
, int type
, const u8
*buf
,
148 struct wpa_supplicant
*wpa_s
= ctx
;
149 u8
*msg
, *dst
, bssid
[ETH_ALEN
];
153 /* TODO: could add l2_packet_sendmsg that allows fragments to avoid
156 if (wpa_key_mgmt_wpa_psk(wpa_s
->key_mgmt
) ||
157 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
||
158 wpa_s
->key_mgmt
== WPA_KEY_MGMT_DPP
||
159 wpa_s
->key_mgmt
== WPA_KEY_MGMT_NONE
) {
160 /* Current SSID is not using IEEE 802.1X/EAP, so drop possible
161 * EAPOL frames (mainly, EAPOL-Start) from EAPOL state
163 wpa_printf(MSG_DEBUG
, "WPA: drop TX EAPOL in non-IEEE 802.1X "
164 "mode (type=%d len=%lu)", type
,
165 (unsigned long) len
);
169 if (pmksa_cache_get_current(wpa_s
->wpa
) &&
170 type
== IEEE802_1X_TYPE_EAPOL_START
) {
172 * We were trying to use PMKSA caching and sending EAPOL-Start
173 * would abort that and trigger full EAPOL authentication.
174 * However, we've already waited for the AP/Authenticator to
175 * start 4-way handshake or EAP authentication, and apparently
176 * it has not done so since the startWhen timer has reached zero
177 * to get the state machine sending EAPOL-Start. This is not
178 * really supposed to happen, but an interoperability issue with
179 * a deployed AP has been identified where the connection fails
180 * due to that AP failing to operate correctly if PMKID is
181 * included in the Association Request frame. To work around
182 * this, assume PMKSA caching failed and try to initiate full
183 * EAP authentication.
185 if (!wpa_s
->current_ssid
||
186 wpa_s
->current_ssid
->eap_workaround
) {
187 wpa_printf(MSG_DEBUG
,
188 "RSN: Timeout on waiting for the AP to initiate 4-way handshake for PMKSA caching or EAP authentication - try to force it to start EAP authentication");
190 wpa_printf(MSG_DEBUG
,
191 "RSN: PMKSA caching - do not send EAPOL-Start");
196 if (is_zero_ether_addr(wpa_s
->bssid
)) {
197 wpa_printf(MSG_DEBUG
, "BSSID not set when trying to send an "
199 if (wpa_drv_get_bssid(wpa_s
, bssid
) == 0 &&
200 !is_zero_ether_addr(bssid
)) {
202 wpa_printf(MSG_DEBUG
, "Using current BSSID " MACSTR
203 " from the driver as the EAPOL destination",
206 dst
= wpa_s
->last_eapol_src
;
207 wpa_printf(MSG_DEBUG
, "Using the source address of the"
208 " last received EAPOL frame " MACSTR
" as "
209 "the EAPOL destination",
213 /* BSSID was already set (from (Re)Assoc event, so use it as
214 * the EAPOL destination. */
218 msg
= wpa_alloc_eapol(wpa_s
, type
, buf
, len
, &msglen
, NULL
);
222 wpa_printf(MSG_DEBUG
, "TX EAPOL: dst=" MACSTR
, MAC2STR(dst
));
223 wpa_hexdump(MSG_MSGDUMP
, "TX EAPOL", msg
, msglen
);
224 res
= wpa_ether_send(wpa_s
, dst
, ETH_P_EAPOL
, msg
, msglen
);
232 * wpa_eapol_set_wep_key - set WEP key for the driver
233 * @ctx: Pointer to wpa_supplicant data (wpa_s)
234 * @unicast: 1 = individual unicast key, 0 = broadcast key
235 * @keyidx: WEP key index (0..3)
236 * @key: Pointer to key data
237 * @keylen: Key length in bytes
238 * Returns: 0 on success or < 0 on error.
240 static int wpa_eapol_set_wep_key(void *ctx
, int unicast
, int keyidx
,
241 const u8
*key
, size_t keylen
)
243 struct wpa_supplicant
*wpa_s
= ctx
;
244 if (wpa_s
->key_mgmt
== WPA_KEY_MGMT_IEEE8021X_NO_WPA
) {
245 int cipher
= (keylen
== 5) ? WPA_CIPHER_WEP40
:
248 wpa_s
->pairwise_cipher
= cipher
;
250 wpa_s
->group_cipher
= cipher
;
252 return wpa_drv_set_key(wpa_s
, WPA_ALG_WEP
,
253 unicast
? wpa_s
->bssid
: NULL
,
254 keyidx
, unicast
, NULL
, 0, key
, keylen
,
255 unicast
? KEY_FLAG_PAIRWISE_RX_TX
:
256 KEY_FLAG_GROUP_RX_TX_DEFAULT
);
258 #endif /* CONFIG_WEP */
261 static void wpa_supplicant_aborted_cached(void *ctx
)
263 struct wpa_supplicant
*wpa_s
= ctx
;
264 wpa_sm_aborted_cached(wpa_s
->wpa
);
268 static const char * result_str(enum eapol_supp_result result
)
271 case EAPOL_SUPP_RESULT_FAILURE
:
273 case EAPOL_SUPP_RESULT_SUCCESS
:
275 case EAPOL_SUPP_RESULT_EXPECTED_FAILURE
:
276 return "EXPECTED_FAILURE";
282 static void wpa_supplicant_eapol_cb(struct eapol_sm
*eapol
,
283 enum eapol_supp_result result
,
286 struct wpa_supplicant
*wpa_s
= ctx
;
290 wpa_printf(MSG_DEBUG
, "EAPOL authentication completed - result=%s",
293 if (wpas_wps_eapol_cb(wpa_s
) > 0)
296 wpa_s
->eap_expected_failure
= result
==
297 EAPOL_SUPP_RESULT_EXPECTED_FAILURE
;
299 if (result
!= EAPOL_SUPP_RESULT_SUCCESS
) {
301 * Make sure we do not get stuck here waiting for long EAPOL
302 * timeout if the AP does not disconnect in case of
303 * authentication failure.
305 wpa_supplicant_req_auth_timeout(wpa_s
, 2, 0);
307 ieee802_1x_notify_create_actor(wpa_s
, wpa_s
->last_eapol_src
);
310 if (result
!= EAPOL_SUPP_RESULT_SUCCESS
||
311 !(wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X
))
314 if (!wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
))
317 wpa_printf(MSG_DEBUG
, "Configure PMK for driver-based RSN 4-way "
321 if (wpa_key_mgmt_ft(wpa_s
->key_mgmt
)) {
322 #ifdef CONFIG_IEEE80211R
324 wpa_printf(MSG_DEBUG
, "RSN: Use FT XXKey as PMK for "
325 "driver-based 4-way hs and FT");
326 res
= eapol_sm_get_key(eapol
, buf
, 2 * PMK_LEN
);
328 os_memcpy(pmk
, buf
+ PMK_LEN
, PMK_LEN
);
329 os_memset(buf
, 0, sizeof(buf
));
331 #else /* CONFIG_IEEE80211R */
333 #endif /* CONFIG_IEEE80211R */
335 res
= eapol_sm_get_key(eapol
, pmk
, PMK_LEN
);
338 * EAP-LEAP is an exception from other EAP methods: it
339 * uses only 16-byte PMK.
341 res
= eapol_sm_get_key(eapol
, pmk
, 16);
347 wpa_printf(MSG_DEBUG
, "Failed to get PMK from EAPOL state "
352 wpa_hexdump_key(MSG_DEBUG
, "RSN: Configure PMK for driver-based 4-way "
353 "handshake", pmk
, pmk_len
);
355 if (wpa_drv_set_key(wpa_s
, 0, NULL
, 0, 0, NULL
, 0, pmk
,
356 pmk_len
, KEY_FLAG_PMK
)) {
357 wpa_printf(MSG_DEBUG
, "Failed to set PMK to the driver");
360 wpa_supplicant_cancel_scan(wpa_s
);
361 wpa_supplicant_cancel_auth_timeout(wpa_s
);
362 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
367 static void wpa_supplicant_notify_eapol_done(void *ctx
)
369 struct wpa_supplicant
*wpa_s
= ctx
;
370 wpa_msg(wpa_s
, MSG_DEBUG
, "WPA: EAPOL processing complete");
371 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
)) {
372 wpa_supplicant_set_state(wpa_s
, WPA_4WAY_HANDSHAKE
);
374 wpa_supplicant_cancel_auth_timeout(wpa_s
);
375 wpa_supplicant_set_state(wpa_s
, WPA_COMPLETED
);
379 #endif /* IEEE8021X_EAPOL */
382 #ifndef CONFIG_NO_WPA
384 static int wpa_get_beacon_ie(struct wpa_supplicant
*wpa_s
)
387 struct wpa_bss
*curr
= NULL
, *bss
;
388 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
391 dl_list_for_each(bss
, &wpa_s
->bss
, struct wpa_bss
, list
) {
392 if (os_memcmp(bss
->bssid
, wpa_s
->bssid
, ETH_ALEN
) != 0)
395 ((bss
->ssid_len
== ssid
->ssid_len
&&
396 os_memcmp(bss
->ssid
, ssid
->ssid
, ssid
->ssid_len
) == 0) ||
397 ssid
->ssid_len
== 0)) {
402 if (ssid
&& (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
403 (bss
->flags
& WPA_BSS_OWE_TRANSITION
)) {
407 #endif /* CONFIG_OWE */
411 ie
= wpa_bss_get_vendor_ie(curr
, WPA_IE_VENDOR_TYPE
);
412 if (wpa_sm_set_ap_wpa_ie(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0))
415 ie
= wpa_bss_get_ie(curr
, WLAN_EID_RSN
);
416 if (wpa_sm_set_ap_rsn_ie(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0))
419 ie
= wpa_bss_get_ie(curr
, WLAN_EID_RSNX
);
420 if (wpa_sm_set_ap_rsnxe(wpa_s
->wpa
, ie
, ie
? 2 + ie
[1] : 0))
430 static int wpa_supplicant_get_beacon_ie(void *ctx
)
432 struct wpa_supplicant
*wpa_s
= ctx
;
433 if (wpa_get_beacon_ie(wpa_s
) == 0) {
437 /* No WPA/RSN IE found in the cached scan results. Try to get updated
438 * scan results from the driver. */
439 if (wpa_supplicant_update_scan_results(wpa_s
) < 0)
442 return wpa_get_beacon_ie(wpa_s
);
446 static u8
* _wpa_alloc_eapol(void *wpa_s
, u8 type
,
447 const void *data
, u16 data_len
,
448 size_t *msg_len
, void **data_pos
)
450 return wpa_alloc_eapol(wpa_s
, type
, data
, data_len
, msg_len
, data_pos
);
454 static int _wpa_ether_send(void *wpa_s
, const u8
*dest
, u16 proto
,
455 const u8
*buf
, size_t len
)
457 return wpa_ether_send(wpa_s
, dest
, proto
, buf
, len
);
461 static void _wpa_supplicant_cancel_auth_timeout(void *wpa_s
)
463 wpa_supplicant_cancel_auth_timeout(wpa_s
);
467 static void _wpa_supplicant_set_state(void *wpa_s
, enum wpa_states state
)
469 wpa_supplicant_set_state(wpa_s
, state
);
474 * wpa_supplicant_get_state - Get the connection state
475 * @wpa_s: Pointer to wpa_supplicant data
476 * Returns: The current connection state (WPA_*)
478 static enum wpa_states
wpa_supplicant_get_state(struct wpa_supplicant
*wpa_s
)
480 return wpa_s
->wpa_state
;
484 static enum wpa_states
_wpa_supplicant_get_state(void *wpa_s
)
486 return wpa_supplicant_get_state(wpa_s
);
490 static void _wpa_supplicant_deauthenticate(void *wpa_s
, u16 reason_code
)
492 wpa_supplicant_deauthenticate(wpa_s
, reason_code
);
493 /* Schedule a scan to make sure we continue looking for networks */
494 wpa_supplicant_req_scan(wpa_s
, 5, 0);
498 static void _wpa_supplicant_reconnect(void *wpa_s
)
500 wpa_supplicant_reconnect(wpa_s
);
504 static void * wpa_supplicant_get_network_ctx(void *wpa_s
)
506 return wpa_supplicant_get_ssid(wpa_s
);
510 static int wpa_supplicant_get_bssid(void *ctx
, u8
*bssid
)
512 struct wpa_supplicant
*wpa_s
= ctx
;
513 return wpa_drv_get_bssid(wpa_s
, bssid
);
517 static int wpa_supplicant_set_key(void *_wpa_s
, enum wpa_alg alg
,
518 const u8
*addr
, int key_idx
, int set_tx
,
519 const u8
*seq
, size_t seq_len
,
520 const u8
*key
, size_t key_len
,
521 enum key_flag key_flag
)
523 struct wpa_supplicant
*wpa_s
= _wpa_s
;
524 if (alg
== WPA_ALG_TKIP
&& key_idx
== 0 && key_len
== 32) {
525 /* Clear the MIC error counter when setting a new PTK. */
526 wpa_s
->mic_errors_seen
= 0;
528 #ifdef CONFIG_TESTING_GET_GTK
529 if (key_idx
> 0 && addr
&& is_broadcast_ether_addr(addr
) &&
530 alg
!= WPA_ALG_NONE
&& key_len
<= sizeof(wpa_s
->last_gtk
)) {
531 os_memcpy(wpa_s
->last_gtk
, key
, key_len
);
532 wpa_s
->last_gtk_len
= key_len
;
534 #endif /* CONFIG_TESTING_GET_GTK */
535 #ifdef CONFIG_TESTING_OPTIONS
536 if (addr
&& !is_broadcast_ether_addr(addr
) &&
537 !(key_flag
& KEY_FLAG_MODIFY
)) {
538 wpa_s
->last_tk_alg
= alg
;
539 os_memcpy(wpa_s
->last_tk_addr
, addr
, ETH_ALEN
);
540 wpa_s
->last_tk_key_idx
= key_idx
;
542 os_memcpy(wpa_s
->last_tk
, key
, key_len
);
543 wpa_s
->last_tk_len
= key_len
;
545 #endif /* CONFIG_TESTING_OPTIONS */
546 return wpa_drv_set_key(wpa_s
, alg
, addr
, key_idx
, set_tx
, seq
, seq_len
,
547 key
, key_len
, key_flag
);
551 static int wpa_supplicant_mlme_setprotection(void *wpa_s
, const u8
*addr
,
555 return wpa_drv_mlme_setprotection(wpa_s
, addr
, protection_type
,
560 static struct wpa_ssid
* wpas_get_network_ctx(struct wpa_supplicant
*wpa_s
,
563 struct wpa_ssid
*ssid
;
565 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
566 if (network_ctx
== ssid
)
574 static int wpa_supplicant_add_pmkid(void *_wpa_s
, void *network_ctx
,
575 const u8
*bssid
, const u8
*pmkid
,
576 const u8
*fils_cache_id
,
577 const u8
*pmk
, size_t pmk_len
)
579 struct wpa_supplicant
*wpa_s
= _wpa_s
;
580 struct wpa_ssid
*ssid
;
581 struct wpa_pmkid_params params
;
583 os_memset(¶ms
, 0, sizeof(params
));
584 ssid
= wpas_get_network_ctx(wpa_s
, network_ctx
);
586 wpa_msg(wpa_s
, MSG_INFO
, PMKSA_CACHE_ADDED MACSTR
" %d",
587 MAC2STR(bssid
), ssid
->id
);
588 if (ssid
&& fils_cache_id
) {
589 params
.ssid
= ssid
->ssid
;
590 params
.ssid_len
= ssid
->ssid_len
;
591 params
.fils_cache_id
= fils_cache_id
;
593 params
.bssid
= bssid
;
596 params
.pmkid
= pmkid
;
598 params
.pmk_len
= pmk_len
;
600 return wpa_drv_add_pmkid(wpa_s
, ¶ms
);
604 static int wpa_supplicant_remove_pmkid(void *_wpa_s
, void *network_ctx
,
605 const u8
*bssid
, const u8
*pmkid
,
606 const u8
*fils_cache_id
)
608 struct wpa_supplicant
*wpa_s
= _wpa_s
;
609 struct wpa_ssid
*ssid
;
610 struct wpa_pmkid_params params
;
612 os_memset(¶ms
, 0, sizeof(params
));
613 ssid
= wpas_get_network_ctx(wpa_s
, network_ctx
);
615 wpa_msg(wpa_s
, MSG_INFO
, PMKSA_CACHE_REMOVED MACSTR
" %d",
616 MAC2STR(bssid
), ssid
->id
);
617 if (ssid
&& fils_cache_id
) {
618 params
.ssid
= ssid
->ssid
;
619 params
.ssid_len
= ssid
->ssid_len
;
620 params
.fils_cache_id
= fils_cache_id
;
622 params
.bssid
= bssid
;
625 params
.pmkid
= pmkid
;
627 return wpa_drv_remove_pmkid(wpa_s
, ¶ms
);
631 #ifdef CONFIG_IEEE80211R
632 static int wpa_supplicant_update_ft_ies(void *ctx
, const u8
*md
,
633 const u8
*ies
, size_t ies_len
)
635 struct wpa_supplicant
*wpa_s
= ctx
;
636 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_SME
)
637 return sme_update_ft_ies(wpa_s
, md
, ies
, ies_len
);
638 return wpa_drv_update_ft_ies(wpa_s
, md
, ies
, ies_len
);
642 static int wpa_supplicant_send_ft_action(void *ctx
, u8 action
,
644 const u8
*ies
, size_t ies_len
)
646 struct wpa_supplicant
*wpa_s
= ctx
;
652 wpa_printf(MSG_ERROR
, "Unsupported send_ft_action action %d",
658 * Action frame payload:
659 * Category[1] = 6 (Fast BSS Transition)
660 * Action[1] = 1 (Fast BSS Transition Request)
666 data_len
= 2 + 2 * ETH_ALEN
+ ies_len
;
667 data
= os_malloc(data_len
);
671 *pos
++ = 0x06; /* FT Action category */
673 os_memcpy(pos
, wpa_s
->own_addr
, ETH_ALEN
);
675 os_memcpy(pos
, target_ap
, ETH_ALEN
);
677 os_memcpy(pos
, ies
, ies_len
);
679 ret
= wpa_drv_send_action(wpa_s
, wpa_s
->assoc_freq
, 0,
680 wpa_s
->bssid
, wpa_s
->own_addr
, wpa_s
->bssid
,
688 static int wpa_supplicant_mark_authenticated(void *ctx
, const u8
*target_ap
)
690 struct wpa_supplicant
*wpa_s
= ctx
;
691 struct wpa_driver_auth_params params
;
694 bss
= wpa_bss_get_bssid(wpa_s
, target_ap
);
698 os_memset(¶ms
, 0, sizeof(params
));
699 params
.bssid
= target_ap
;
700 params
.freq
= bss
->freq
;
701 params
.ssid
= bss
->ssid
;
702 params
.ssid_len
= bss
->ssid_len
;
703 params
.auth_alg
= WPA_AUTH_ALG_FT
;
704 params
.local_state_change
= 1;
705 return wpa_drv_authenticate(wpa_s
, ¶ms
);
707 #endif /* CONFIG_IEEE80211R */
712 static int wpa_supplicant_tdls_get_capa(void *ctx
, int *tdls_supported
,
714 int *tdls_chan_switch
)
716 struct wpa_supplicant
*wpa_s
= ctx
;
720 *tdls_chan_switch
= 0;
722 if (!wpa_s
->drv_capa_known
)
725 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_TDLS_SUPPORT
)
728 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_TDLS_EXTERNAL_SETUP
)
731 if (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_TDLS_CHANNEL_SWITCH
)
732 *tdls_chan_switch
= 1;
738 static int wpa_supplicant_send_tdls_mgmt(void *ctx
, const u8
*dst
,
739 u8 action_code
, u8 dialog_token
,
740 u16 status_code
, u32 peer_capab
,
741 int initiator
, const u8
*buf
,
744 struct wpa_supplicant
*wpa_s
= ctx
;
745 return wpa_drv_send_tdls_mgmt(wpa_s
, dst
, action_code
, dialog_token
,
746 status_code
, peer_capab
, initiator
, buf
,
751 static int wpa_supplicant_tdls_oper(void *ctx
, int oper
, const u8
*peer
)
753 struct wpa_supplicant
*wpa_s
= ctx
;
754 return wpa_drv_tdls_oper(wpa_s
, oper
, peer
);
758 static int wpa_supplicant_tdls_peer_addset(
759 void *ctx
, const u8
*peer
, int add
, u16 aid
, u16 capability
,
760 const u8
*supp_rates
, size_t supp_rates_len
,
761 const struct ieee80211_ht_capabilities
*ht_capab
,
762 const struct ieee80211_vht_capabilities
*vht_capab
,
763 u8 qosinfo
, int wmm
, const u8
*ext_capab
, size_t ext_capab_len
,
764 const u8
*supp_channels
, size_t supp_channels_len
,
765 const u8
*supp_oper_classes
, size_t supp_oper_classes_len
)
767 struct wpa_supplicant
*wpa_s
= ctx
;
768 struct hostapd_sta_add_params params
;
770 os_memset(¶ms
, 0, sizeof(params
));
774 params
.capability
= capability
;
775 params
.flags
= WPA_STA_TDLS_PEER
| WPA_STA_AUTHORIZED
;
778 * Don't rely only on qosinfo for WMM capability. It may be 0 even when
779 * present. Allow the WMM IE to also indicate QoS support.
782 params
.flags
|= WPA_STA_WMM
;
784 params
.ht_capabilities
= ht_capab
;
785 params
.vht_capabilities
= vht_capab
;
786 params
.qosinfo
= qosinfo
;
787 params
.listen_interval
= 0;
788 params
.supp_rates
= supp_rates
;
789 params
.supp_rates_len
= supp_rates_len
;
791 params
.ext_capab
= ext_capab
;
792 params
.ext_capab_len
= ext_capab_len
;
793 params
.supp_channels
= supp_channels
;
794 params
.supp_channels_len
= supp_channels_len
;
795 params
.supp_oper_classes
= supp_oper_classes
;
796 params
.supp_oper_classes_len
= supp_oper_classes_len
;
798 return wpa_drv_sta_add(wpa_s
, ¶ms
);
802 static int wpa_supplicant_tdls_enable_channel_switch(
803 void *ctx
, const u8
*addr
, u8 oper_class
,
804 const struct hostapd_freq_params
*params
)
806 struct wpa_supplicant
*wpa_s
= ctx
;
808 return wpa_drv_tdls_enable_channel_switch(wpa_s
, addr
, oper_class
,
813 static int wpa_supplicant_tdls_disable_channel_switch(void *ctx
, const u8
*addr
)
815 struct wpa_supplicant
*wpa_s
= ctx
;
817 return wpa_drv_tdls_disable_channel_switch(wpa_s
, addr
);
820 #endif /* CONFIG_TDLS */
822 #endif /* CONFIG_NO_WPA */
825 enum wpa_ctrl_req_type
wpa_supplicant_ctrl_req_from_string(const char *field
)
827 if (os_strcmp(field
, "IDENTITY") == 0)
828 return WPA_CTRL_REQ_EAP_IDENTITY
;
829 else if (os_strcmp(field
, "PASSWORD") == 0)
830 return WPA_CTRL_REQ_EAP_PASSWORD
;
831 else if (os_strcmp(field
, "NEW_PASSWORD") == 0)
832 return WPA_CTRL_REQ_EAP_NEW_PASSWORD
;
833 else if (os_strcmp(field
, "PIN") == 0)
834 return WPA_CTRL_REQ_EAP_PIN
;
835 else if (os_strcmp(field
, "OTP") == 0)
836 return WPA_CTRL_REQ_EAP_OTP
;
837 else if (os_strcmp(field
, "PASSPHRASE") == 0)
838 return WPA_CTRL_REQ_EAP_PASSPHRASE
;
839 else if (os_strcmp(field
, "SIM") == 0)
840 return WPA_CTRL_REQ_SIM
;
841 else if (os_strcmp(field
, "PSK_PASSPHRASE") == 0)
842 return WPA_CTRL_REQ_PSK_PASSPHRASE
;
843 else if (os_strcmp(field
, "EXT_CERT_CHECK") == 0)
844 return WPA_CTRL_REQ_EXT_CERT_CHECK
;
845 return WPA_CTRL_REQ_UNKNOWN
;
849 const char * wpa_supplicant_ctrl_req_to_string(enum wpa_ctrl_req_type field
,
850 const char *default_txt
,
853 const char *ret
= NULL
;
858 case WPA_CTRL_REQ_EAP_IDENTITY
:
862 case WPA_CTRL_REQ_EAP_PASSWORD
:
866 case WPA_CTRL_REQ_EAP_NEW_PASSWORD
:
867 *txt
= "New Password";
868 ret
= "NEW_PASSWORD";
870 case WPA_CTRL_REQ_EAP_PIN
:
874 case WPA_CTRL_REQ_EAP_OTP
:
877 case WPA_CTRL_REQ_EAP_PASSPHRASE
:
878 *txt
= "Private key passphrase";
881 case WPA_CTRL_REQ_SIM
:
884 case WPA_CTRL_REQ_PSK_PASSPHRASE
:
885 *txt
= "PSK or passphrase";
886 ret
= "PSK_PASSPHRASE";
888 case WPA_CTRL_REQ_EXT_CERT_CHECK
:
889 *txt
= "External server certificate validation";
890 ret
= "EXT_CERT_CHECK";
896 /* txt needs to be something */
898 wpa_printf(MSG_WARNING
, "No message for request %d", field
);
906 void wpas_send_ctrl_req(struct wpa_supplicant
*wpa_s
, struct wpa_ssid
*ssid
,
907 const char *field_name
, const char *txt
)
913 buflen
= 100 + os_strlen(txt
) + ssid
->ssid_len
;
914 buf
= os_malloc(buflen
);
917 len
= os_snprintf(buf
, buflen
, "%s-%d:%s needed for SSID ",
918 field_name
, ssid
->id
, txt
);
919 if (os_snprintf_error(buflen
, len
)) {
923 if (ssid
->ssid
&& buflen
> len
+ ssid
->ssid_len
) {
924 os_memcpy(buf
+ len
, ssid
->ssid
, ssid
->ssid_len
);
925 len
+= ssid
->ssid_len
;
928 buf
[buflen
- 1] = '\0';
929 wpa_msg(wpa_s
, MSG_INFO
, WPA_CTRL_REQ
"%s", buf
);
934 #ifdef IEEE8021X_EAPOL
935 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
936 static void wpa_supplicant_eap_param_needed(void *ctx
,
937 enum wpa_ctrl_req_type field
,
938 const char *default_txt
)
940 struct wpa_supplicant
*wpa_s
= ctx
;
941 struct wpa_ssid
*ssid
= wpa_s
->current_ssid
;
942 const char *field_name
, *txt
= NULL
;
947 if (field
== WPA_CTRL_REQ_EXT_CERT_CHECK
)
948 ssid
->eap
.pending_ext_cert_check
= PENDING_CHECK
;
949 wpas_notify_network_request(wpa_s
, ssid
, field
, default_txt
);
951 field_name
= wpa_supplicant_ctrl_req_to_string(field
, default_txt
,
953 if (field_name
== NULL
) {
954 wpa_printf(MSG_WARNING
, "Unhandled EAP param %d needed",
959 wpas_notify_eap_status(wpa_s
, "eap parameter needed", field_name
);
961 wpas_send_ctrl_req(wpa_s
, ssid
, field_name
, txt
);
963 #else /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
964 #define wpa_supplicant_eap_param_needed NULL
965 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
968 #ifdef CONFIG_EAP_PROXY
970 static void wpa_supplicant_eap_proxy_cb(void *ctx
)
972 struct wpa_supplicant
*wpa_s
= ctx
;
975 wpa_s
->mnc_len
= eapol_sm_get_eap_proxy_imsi(wpa_s
->eapol
, -1,
977 if (wpa_s
->mnc_len
> 0) {
978 wpa_s
->imsi
[len
] = '\0';
979 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI %s (MNC length %d)",
980 wpa_s
->imsi
, wpa_s
->mnc_len
);
982 wpa_printf(MSG_DEBUG
, "eap_proxy: IMSI not available");
987 static void wpa_sm_sim_state_error_handler(struct wpa_supplicant
*wpa_s
)
990 struct wpa_ssid
*ssid
;
991 const struct eap_method_type
*eap_methods
;
996 for (ssid
= wpa_s
->conf
->ssid
; ssid
; ssid
= ssid
->next
) {
997 eap_methods
= ssid
->eap
.eap_methods
;
1001 for (i
= 0; eap_methods
[i
].method
!= EAP_TYPE_NONE
; i
++) {
1002 if (eap_methods
[i
].vendor
== EAP_VENDOR_IETF
&&
1003 (eap_methods
[i
].method
== EAP_TYPE_SIM
||
1004 eap_methods
[i
].method
== EAP_TYPE_AKA
||
1005 eap_methods
[i
].method
== EAP_TYPE_AKA_PRIME
)) {
1006 wpa_sm_pmksa_cache_flush(wpa_s
->wpa
, ssid
);
1015 wpa_supplicant_eap_proxy_notify_sim_status(void *ctx
,
1016 enum eap_proxy_sim_state sim_state
)
1018 struct wpa_supplicant
*wpa_s
= ctx
;
1020 wpa_printf(MSG_DEBUG
, "eap_proxy: SIM card status %u", sim_state
);
1021 switch (sim_state
) {
1022 case SIM_STATE_ERROR
:
1023 wpa_sm_sim_state_error_handler(wpa_s
);
1026 wpa_printf(MSG_DEBUG
, "eap_proxy: SIM card status unknown");
1031 #endif /* CONFIG_EAP_PROXY */
1034 static void wpa_supplicant_port_cb(void *ctx
, int authorized
)
1036 struct wpa_supplicant
*wpa_s
= ctx
;
1038 if (wpa_s
->ap_iface
) {
1039 wpa_printf(MSG_DEBUG
, "AP mode active - skip EAPOL Supplicant "
1041 authorized
? "Authorized" : "Unauthorized");
1044 #endif /* CONFIG_AP */
1045 wpa_printf(MSG_DEBUG
, "EAPOL: Supplicant port status: %s",
1046 authorized
? "Authorized" : "Unauthorized");
1047 wpa_drv_set_supp_port(wpa_s
, authorized
);
1051 static void wpa_supplicant_cert_cb(void *ctx
, struct tls_cert_data
*cert
,
1052 const char *cert_hash
)
1054 struct wpa_supplicant
*wpa_s
= ctx
;
1056 wpas_notify_certification(wpa_s
, cert
, cert_hash
);
1060 static void wpa_supplicant_status_cb(void *ctx
, const char *status
,
1061 const char *parameter
)
1063 struct wpa_supplicant
*wpa_s
= ctx
;
1065 wpas_notify_eap_status(wpa_s
, status
, parameter
);
1069 static void wpa_supplicant_eap_error_cb(void *ctx
, int error_code
)
1071 struct wpa_supplicant
*wpa_s
= ctx
;
1073 wpas_notify_eap_error(wpa_s
, error_code
);
1077 static int wpa_supplicant_eap_auth_start_cb(void *ctx
)
1079 struct wpa_supplicant
*wpa_s
= ctx
;
1081 if (!wpa_s
->new_connection
&& wpa_s
->deny_ptk0_rekey
&&
1082 !wpa_sm_ext_key_id_active(wpa_s
->wpa
)) {
1083 wpa_msg(wpa_s
, MSG_INFO
,
1084 "WPA: PTK0 rekey not allowed, reconnecting");
1085 wpa_supplicant_reconnect(wpa_s
);
1092 static void wpa_supplicant_set_anon_id(void *ctx
, const u8
*id
, size_t len
)
1094 struct wpa_supplicant
*wpa_s
= ctx
;
1098 wpa_hexdump_ascii(MSG_DEBUG
, "EAP method updated anonymous_identity",
1101 if (wpa_s
->current_ssid
== NULL
)
1105 if (wpa_config_set(wpa_s
->current_ssid
, "anonymous_identity",
1109 str
= os_malloc(len
* 2 + 1);
1112 wpa_snprintf_hex(str
, len
* 2 + 1, id
, len
);
1113 res
= wpa_config_set(wpa_s
->current_ssid
, "anonymous_identity",
1120 if (wpa_s
->conf
->update_config
) {
1121 res
= wpa_config_write(wpa_s
->confname
, wpa_s
->conf
);
1123 wpa_printf(MSG_DEBUG
, "Failed to update config after "
1124 "anonymous_id update");
1128 #endif /* IEEE8021X_EAPOL */
1131 int wpa_supplicant_init_eapol(struct wpa_supplicant
*wpa_s
)
1133 #ifdef IEEE8021X_EAPOL
1134 struct eapol_ctx
*ctx
;
1135 ctx
= os_zalloc(sizeof(*ctx
));
1137 wpa_printf(MSG_ERROR
, "Failed to allocate EAPOL context.");
1142 ctx
->msg_ctx
= wpa_s
;
1143 ctx
->eapol_send_ctx
= wpa_s
;
1145 ctx
->eapol_done_cb
= wpa_supplicant_notify_eapol_done
;
1146 ctx
->eapol_send
= wpa_supplicant_eapol_send
;
1148 ctx
->set_wep_key
= wpa_eapol_set_wep_key
;
1149 #endif /* CONFIG_WEP */
1150 #ifndef CONFIG_NO_CONFIG_BLOBS
1151 ctx
->set_config_blob
= wpa_supplicant_set_config_blob
;
1152 ctx
->get_config_blob
= wpa_supplicant_get_config_blob
;
1153 #endif /* CONFIG_NO_CONFIG_BLOBS */
1154 ctx
->aborted_cached
= wpa_supplicant_aborted_cached
;
1155 ctx
->opensc_engine_path
= wpa_s
->conf
->opensc_engine_path
;
1156 ctx
->pkcs11_engine_path
= wpa_s
->conf
->pkcs11_engine_path
;
1157 ctx
->pkcs11_module_path
= wpa_s
->conf
->pkcs11_module_path
;
1158 ctx
->openssl_ciphers
= wpa_s
->conf
->openssl_ciphers
;
1159 ctx
->wps
= wpa_s
->wps
;
1160 ctx
->eap_param_needed
= wpa_supplicant_eap_param_needed
;
1161 #ifdef CONFIG_EAP_PROXY
1162 ctx
->eap_proxy_cb
= wpa_supplicant_eap_proxy_cb
;
1163 ctx
->eap_proxy_notify_sim_status
=
1164 wpa_supplicant_eap_proxy_notify_sim_status
;
1165 #endif /* CONFIG_EAP_PROXY */
1166 ctx
->port_cb
= wpa_supplicant_port_cb
;
1167 ctx
->cb
= wpa_supplicant_eapol_cb
;
1168 ctx
->cert_cb
= wpa_supplicant_cert_cb
;
1169 ctx
->cert_in_cb
= wpa_s
->conf
->cert_in_cb
;
1170 ctx
->status_cb
= wpa_supplicant_status_cb
;
1171 ctx
->eap_error_cb
= wpa_supplicant_eap_error_cb
;
1172 ctx
->confirm_auth_cb
= wpa_supplicant_eap_auth_start_cb
;
1173 ctx
->set_anon_id
= wpa_supplicant_set_anon_id
;
1174 ctx
->cb_ctx
= wpa_s
;
1175 wpa_s
->eapol
= eapol_sm_init(ctx
);
1176 if (wpa_s
->eapol
== NULL
) {
1178 wpa_printf(MSG_ERROR
, "Failed to initialize EAPOL state "
1182 #endif /* IEEE8021X_EAPOL */
1188 #ifndef CONFIG_NO_WPA
1190 static void wpa_supplicant_set_rekey_offload(void *ctx
,
1191 const u8
*kek
, size_t kek_len
,
1192 const u8
*kck
, size_t kck_len
,
1193 const u8
*replay_ctr
)
1195 struct wpa_supplicant
*wpa_s
= ctx
;
1197 wpa_drv_set_rekey_info(wpa_s
, kek
, kek_len
, kck
, kck_len
, replay_ctr
);
1201 static int wpa_supplicant_key_mgmt_set_pmk(void *ctx
, const u8
*pmk
,
1204 struct wpa_supplicant
*wpa_s
= ctx
;
1206 if (wpa_s
->conf
->key_mgmt_offload
&&
1207 (wpa_s
->drv_flags
& WPA_DRIVER_FLAGS_KEY_MGMT_OFFLOAD
))
1208 return wpa_drv_set_key(wpa_s
, 0, NULL
, 0, 0,
1209 NULL
, 0, pmk
, pmk_len
, KEY_FLAG_PMK
);
1215 static void wpa_supplicant_fils_hlp_rx(void *ctx
, const u8
*dst
, const u8
*src
,
1216 const u8
*pkt
, size_t pkt_len
)
1218 struct wpa_supplicant
*wpa_s
= ctx
;
1222 hexlen
= pkt_len
* 2 + 1;
1223 hex
= os_malloc(hexlen
);
1226 wpa_snprintf_hex(hex
, hexlen
, pkt
, pkt_len
);
1227 wpa_msg(wpa_s
, MSG_INFO
, FILS_HLP_RX
"dst=" MACSTR
" src=" MACSTR
1228 " frame=%s", MAC2STR(dst
), MAC2STR(src
), hex
);
1233 static int wpa_supplicant_channel_info(void *_wpa_s
,
1234 struct wpa_channel_info
*ci
)
1236 struct wpa_supplicant
*wpa_s
= _wpa_s
;
1238 return wpa_drv_channel_info(wpa_s
, ci
);
1242 static void disable_wpa_wpa2(struct wpa_ssid
*ssid
)
1244 ssid
->proto
&= ~WPA_PROTO_WPA
;
1245 ssid
->proto
|= WPA_PROTO_RSN
;
1246 ssid
->key_mgmt
&= ~(WPA_KEY_MGMT_PSK
| WPA_KEY_MGMT_FT_PSK
|
1247 WPA_KEY_MGMT_PSK_SHA256
);
1248 ssid
->group_cipher
&= ~WPA_CIPHER_TKIP
;
1249 if (!(ssid
->group_cipher
& (WPA_CIPHER_CCMP
| WPA_CIPHER_GCMP
|
1250 WPA_CIPHER_GCMP_256
| WPA_CIPHER_CCMP_256
)))
1251 ssid
->group_cipher
|= WPA_CIPHER_CCMP
;
1252 ssid
->ieee80211w
= MGMT_FRAME_PROTECTION_REQUIRED
;
1256 static void wpa_supplicant_transition_disable(void *_wpa_s
, u8 bitmap
)
1258 struct wpa_supplicant
*wpa_s
= _wpa_s
;
1259 struct wpa_ssid
*ssid
;
1262 wpa_msg(wpa_s
, MSG_INFO
, TRANSITION_DISABLE
"%02x", bitmap
);
1264 ssid
= wpa_s
->current_ssid
;
1268 if ((bitmap
& TRANSITION_DISABLE_WPA3_PERSONAL
) &&
1269 wpa_key_mgmt_sae(wpa_s
->key_mgmt
) &&
1270 (ssid
->key_mgmt
& (WPA_KEY_MGMT_SAE
| WPA_KEY_MGMT_FT_SAE
)) &&
1271 (ssid
->ieee80211w
!= MGMT_FRAME_PROTECTION_REQUIRED
||
1272 (ssid
->group_cipher
& WPA_CIPHER_TKIP
))) {
1273 wpa_printf(MSG_DEBUG
,
1274 "WPA3-Personal transition mode disabled based on AP notification");
1275 disable_wpa_wpa2(ssid
);
1279 if ((bitmap
& TRANSITION_DISABLE_WPA3_ENTERPRISE
) &&
1280 wpa_key_mgmt_wpa_ieee8021x(wpa_s
->key_mgmt
) &&
1281 (ssid
->key_mgmt
& (WPA_KEY_MGMT_IEEE8021X
|
1282 WPA_KEY_MGMT_FT_IEEE8021X
|
1283 WPA_KEY_MGMT_IEEE8021X_SHA256
)) &&
1284 (ssid
->ieee80211w
!= MGMT_FRAME_PROTECTION_REQUIRED
||
1285 (ssid
->group_cipher
& WPA_CIPHER_TKIP
))) {
1286 disable_wpa_wpa2(ssid
);
1290 if ((bitmap
& TRANSITION_DISABLE_ENHANCED_OPEN
) &&
1291 wpa_s
->key_mgmt
== WPA_KEY_MGMT_OWE
&&
1292 (ssid
->key_mgmt
& WPA_KEY_MGMT_OWE
) &&
1301 #ifndef CONFIG_NO_CONFIG_WRITE
1302 if (wpa_s
->conf
->update_config
&&
1303 wpa_config_write(wpa_s
->confname
, wpa_s
->conf
))
1304 wpa_printf(MSG_DEBUG
, "Failed to update configuration");
1305 #endif /* CONFIG_NO_CONFIG_WRITE */
1308 #endif /* CONFIG_NO_WPA */
1311 int wpa_supplicant_init_wpa(struct wpa_supplicant
*wpa_s
)
1313 #ifndef CONFIG_NO_WPA
1314 struct wpa_sm_ctx
*ctx
;
1315 ctx
= os_zalloc(sizeof(*ctx
));
1317 wpa_printf(MSG_ERROR
, "Failed to allocate WPA context.");
1322 ctx
->msg_ctx
= wpa_s
;
1323 ctx
->set_state
= _wpa_supplicant_set_state
;
1324 ctx
->get_state
= _wpa_supplicant_get_state
;
1325 ctx
->deauthenticate
= _wpa_supplicant_deauthenticate
;
1326 ctx
->reconnect
= _wpa_supplicant_reconnect
;
1327 ctx
->set_key
= wpa_supplicant_set_key
;
1328 ctx
->get_network_ctx
= wpa_supplicant_get_network_ctx
;
1329 ctx
->get_bssid
= wpa_supplicant_get_bssid
;
1330 ctx
->ether_send
= _wpa_ether_send
;
1331 ctx
->get_beacon_ie
= wpa_supplicant_get_beacon_ie
;
1332 ctx
->alloc_eapol
= _wpa_alloc_eapol
;
1333 ctx
->cancel_auth_timeout
= _wpa_supplicant_cancel_auth_timeout
;
1334 ctx
->add_pmkid
= wpa_supplicant_add_pmkid
;
1335 ctx
->remove_pmkid
= wpa_supplicant_remove_pmkid
;
1336 #ifndef CONFIG_NO_CONFIG_BLOBS
1337 ctx
->set_config_blob
= wpa_supplicant_set_config_blob
;
1338 ctx
->get_config_blob
= wpa_supplicant_get_config_blob
;
1339 #endif /* CONFIG_NO_CONFIG_BLOBS */
1340 ctx
->mlme_setprotection
= wpa_supplicant_mlme_setprotection
;
1341 #ifdef CONFIG_IEEE80211R
1342 ctx
->update_ft_ies
= wpa_supplicant_update_ft_ies
;
1343 ctx
->send_ft_action
= wpa_supplicant_send_ft_action
;
1344 ctx
->mark_authenticated
= wpa_supplicant_mark_authenticated
;
1345 #endif /* CONFIG_IEEE80211R */
1347 ctx
->tdls_get_capa
= wpa_supplicant_tdls_get_capa
;
1348 ctx
->send_tdls_mgmt
= wpa_supplicant_send_tdls_mgmt
;
1349 ctx
->tdls_oper
= wpa_supplicant_tdls_oper
;
1350 ctx
->tdls_peer_addset
= wpa_supplicant_tdls_peer_addset
;
1351 ctx
->tdls_enable_channel_switch
=
1352 wpa_supplicant_tdls_enable_channel_switch
;
1353 ctx
->tdls_disable_channel_switch
=
1354 wpa_supplicant_tdls_disable_channel_switch
;
1355 #endif /* CONFIG_TDLS */
1356 ctx
->set_rekey_offload
= wpa_supplicant_set_rekey_offload
;
1357 ctx
->key_mgmt_set_pmk
= wpa_supplicant_key_mgmt_set_pmk
;
1358 ctx
->fils_hlp_rx
= wpa_supplicant_fils_hlp_rx
;
1359 ctx
->channel_info
= wpa_supplicant_channel_info
;
1360 ctx
->transition_disable
= wpa_supplicant_transition_disable
;
1362 wpa_s
->wpa
= wpa_sm_init(ctx
);
1363 if (wpa_s
->wpa
== NULL
) {
1364 wpa_printf(MSG_ERROR
, "Failed to initialize WPA state "
1369 #endif /* CONFIG_NO_WPA */
1375 void wpa_supplicant_rsn_supp_set_config(struct wpa_supplicant
*wpa_s
,
1376 struct wpa_ssid
*ssid
)
1378 struct rsn_supp_config conf
;
1380 os_memset(&conf
, 0, sizeof(conf
));
1381 conf
.network_ctx
= ssid
;
1382 conf
.allowed_pairwise_cipher
= ssid
->pairwise_cipher
;
1383 #ifdef IEEE8021X_EAPOL
1384 conf
.proactive_key_caching
= ssid
->proactive_key_caching
< 0 ?
1385 wpa_s
->conf
->okc
: ssid
->proactive_key_caching
;
1386 conf
.eap_workaround
= ssid
->eap_workaround
;
1387 conf
.eap_conf_ctx
= &ssid
->eap
;
1388 #endif /* IEEE8021X_EAPOL */
1389 conf
.ssid
= ssid
->ssid
;
1390 conf
.ssid_len
= ssid
->ssid_len
;
1391 conf
.wpa_ptk_rekey
= ssid
->wpa_ptk_rekey
;
1392 conf
.wpa_deny_ptk0_rekey
= ssid
->wpa_deny_ptk0_rekey
;
1393 conf
.owe_ptk_workaround
= ssid
->owe_ptk_workaround
;
1395 if (ssid
->p2p_group
&& wpa_s
->current_bss
&&
1396 !wpa_s
->p2p_disable_ip_addr_req
) {
1398 p2p
= wpa_bss_get_vendor_ie_multi(wpa_s
->current_bss
,
1399 P2P_IE_VENDOR_TYPE
);
1402 group_capab
= p2p_get_group_capab(p2p
);
1404 P2P_GROUP_CAPAB_IP_ADDR_ALLOCATION
)
1409 #endif /* CONFIG_P2P */
1410 conf
.wpa_rsc_relaxation
= wpa_s
->conf
->wpa_rsc_relaxation
;
1412 if (wpa_key_mgmt_fils(wpa_s
->key_mgmt
))
1413 conf
.fils_cache_id
=
1414 wpa_bss_get_fils_cache_id(wpa_s
->current_bss
);
1415 #endif /* CONFIG_FILS */
1416 conf
.beacon_prot
= ssid
->beacon_prot
;
1418 wpa_sm_set_config(wpa_s
->wpa
, ssid
? &conf
: NULL
);