2 * WPA Supplicant - driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
16 #include <sys/ioctl.h>
17 #include <net/if_arp.h>
18 #include <netlink/genl/genl.h>
19 #include <netlink/genl/family.h>
20 #include <netlink/genl/ctrl.h>
21 #include "nl80211_copy.h"
22 #include "wireless_copy.h"
27 #include "ieee802_11_defs.h"
30 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
33 #define IFF_DORMANT 0x20000 /* driver signals dormant */
36 #ifndef IF_OPER_DORMANT
37 #define IF_OPER_DORMANT 5
44 #ifndef NO_WEXT_COMPAT
46 * Fall back to WEXT association, if the kernel does not support nl80211 MLME
47 * commands. This is temporary backwards compatibility version that will be
48 * removed at some point.
51 #endif /* NO_WEXT_COMPAT */
54 struct wpa_driver_nl80211_data {
58 char ifname[IFNAMSIZ + 1];
61 struct wpa_driver_capa capa;
63 int we_version_compiled;
67 size_t assoc_req_ies_len;
69 size_t assoc_resp_ies_len;
71 /* for set_auth_alg fallback */
73 int auth_alg_fallback;
74 #endif /* WEXT_COMPAT */
78 char mlmedev[IFNAMSIZ + 1];
80 int scan_complete_events;
82 struct nl_handle *nl_handle;
83 struct nl_cache *nl_cache;
85 struct genl_family *nl80211;
94 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx,
96 static int wpa_driver_nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
99 static int wpa_driver_nl80211_flush_pmkid(void *priv);
100 #endif /* WEXT_COMPAT */
101 static int wpa_driver_nl80211_get_range(void *priv);
103 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv);
107 static int ack_handler(struct nl_msg *msg, void *arg)
114 static int finish_handler(struct nl_msg *msg, void *arg)
121 static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err,
129 static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv,
131 int (*valid_handler)(struct nl_msg *, void *),
137 cb = nl_cb_clone(drv->nl_cb);
141 err = nl_send_auto_complete(drv->nl_handle, msg);
147 nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err);
148 nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err);
149 nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err);
152 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM,
153 valid_handler, valid_data);
156 nl_recvmsgs(drv->nl_handle, cb);
170 static int family_handler(struct nl_msg *msg, void *arg)
172 struct family_data *res = arg;
173 struct nlattr *tb[CTRL_ATTR_MAX + 1];
174 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
175 struct nlattr *mcgrp;
178 nla_parse(tb, CTRL_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
179 genlmsg_attrlen(gnlh, 0), NULL);
180 if (!tb[CTRL_ATTR_MCAST_GROUPS])
183 nla_for_each_nested(mcgrp, tb[CTRL_ATTR_MCAST_GROUPS], i) {
184 struct nlattr *tb2[CTRL_ATTR_MCAST_GRP_MAX + 1];
185 nla_parse(tb2, CTRL_ATTR_MCAST_GRP_MAX, nla_data(mcgrp),
186 nla_len(mcgrp), NULL);
187 if (!tb2[CTRL_ATTR_MCAST_GRP_NAME] ||
188 !tb2[CTRL_ATTR_MCAST_GRP_ID] ||
189 os_strncmp(nla_data(tb2[CTRL_ATTR_MCAST_GRP_NAME]),
191 nla_len(tb2[CTRL_ATTR_MCAST_GRP_NAME])) != 0)
193 res->id = nla_get_u32(tb2[CTRL_ATTR_MCAST_GRP_ID]);
201 static int nl_get_multicast_id(struct wpa_driver_nl80211_data *drv,
202 const char *family, const char *group)
206 struct family_data res = { group, -ENOENT };
211 genlmsg_put(msg, 0, 0, genl_ctrl_resolve(drv->nl_handle, "nlctrl"),
212 0, 0, CTRL_CMD_GETFAMILY, 0);
213 NLA_PUT_STRING(msg, CTRL_ATTR_FAMILY_NAME, family);
215 ret = send_and_recv_msgs(drv, msg, family_handler, &res);
226 static int wpa_driver_nl80211_send_oper_ifla(
227 struct wpa_driver_nl80211_data *drv,
228 int linkmode, int operstate)
232 struct ifinfomsg ifinfo;
239 os_memset(&req, 0, sizeof(req));
241 req.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
242 req.hdr.nlmsg_type = RTM_SETLINK;
243 req.hdr.nlmsg_flags = NLM_F_REQUEST;
244 req.hdr.nlmsg_seq = ++nl_seq;
245 req.hdr.nlmsg_pid = 0;
247 req.ifinfo.ifi_family = AF_UNSPEC;
248 req.ifinfo.ifi_type = 0;
249 req.ifinfo.ifi_index = drv->ifindex;
250 req.ifinfo.ifi_flags = 0;
251 req.ifinfo.ifi_change = 0;
253 if (linkmode != -1) {
254 rta = (struct rtattr *)
255 ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len));
256 rta->rta_type = IFLA_LINKMODE;
257 rta->rta_len = RTA_LENGTH(sizeof(char));
258 *((char *) RTA_DATA(rta)) = linkmode;
259 req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) +
260 RTA_LENGTH(sizeof(char));
262 if (operstate != -1) {
263 rta = (struct rtattr *)
264 ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len));
265 rta->rta_type = IFLA_OPERSTATE;
266 rta->rta_len = RTA_LENGTH(sizeof(char));
267 *((char *) RTA_DATA(rta)) = operstate;
268 req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) +
269 RTA_LENGTH(sizeof(char));
272 wpa_printf(MSG_DEBUG, "WEXT: Operstate: linkmode=%d, operstate=%d",
273 linkmode, operstate);
275 ret = send(drv->wext_event_sock, &req, req.hdr.nlmsg_len, 0);
277 wpa_printf(MSG_DEBUG, "WEXT: Sending operstate IFLA failed: "
278 "%s (assume operstate is not supported)",
282 return ret < 0 ? -1 : 0;
286 static int wpa_driver_nl80211_set_auth_param(
287 struct wpa_driver_nl80211_data *drv, int idx, u32 value)
292 os_memset(&iwr, 0, sizeof(iwr));
293 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
294 iwr.u.param.flags = idx & IW_AUTH_INDEX;
295 iwr.u.param.value = value;
297 if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
298 if (errno != EOPNOTSUPP) {
299 wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
300 "value 0x%x) failed: %s)",
301 idx, value, strerror(errno));
303 ret = errno == EOPNOTSUPP ? -2 : -1;
310 static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid)
312 struct wpa_driver_nl80211_data *drv = priv;
314 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
318 os_memset(&iwr, 0, sizeof(iwr));
319 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
321 if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) {
322 perror("ioctl[SIOCGIWAP]");
325 os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN);
329 #endif /* WEXT_COMPAT */
330 if (!drv->associated)
332 os_memcpy(bssid, drv->bssid, ETH_ALEN);
338 static int wpa_driver_nl80211_set_bssid(void *priv, const u8 *bssid)
340 struct wpa_driver_nl80211_data *drv = priv;
344 os_memset(&iwr, 0, sizeof(iwr));
345 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
346 iwr.u.ap_addr.sa_family = ARPHRD_ETHER;
348 os_memcpy(iwr.u.ap_addr.sa_data, bssid, ETH_ALEN);
350 os_memset(iwr.u.ap_addr.sa_data, 0, ETH_ALEN);
352 if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr) < 0) {
353 perror("ioctl[SIOCSIWAP]");
359 #endif /* WEXT_COMPAT */
362 static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid)
364 struct wpa_driver_nl80211_data *drv = priv;
366 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME)) {
370 os_memset(&iwr, 0, sizeof(iwr));
371 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
372 iwr.u.essid.pointer = (caddr_t) ssid;
373 iwr.u.essid.length = 32;
375 if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
376 perror("ioctl[SIOCGIWESSID]");
379 ret = iwr.u.essid.length;
383 * Some drivers include nul termination in the SSID, so
384 * let's remove it here before further processing.
385 * WE-21 changes this to explicitly require the length
386 * _not_ to include nul termination.
388 if (ret > 0 && ssid[ret - 1] == '\0' &&
389 drv->we_version_compiled < 21)
395 #endif /* WEXT_COMPAT */
396 if (!drv->associated)
398 os_memcpy(ssid, drv->ssid, drv->ssid_len);
399 return drv->ssid_len;
404 static int wpa_driver_nl80211_set_ssid(void *priv, const u8 *ssid,
407 struct wpa_driver_nl80211_data *drv = priv;
415 os_memset(&iwr, 0, sizeof(iwr));
416 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
417 /* flags: 1 = ESSID is active, 0 = not (promiscuous) */
418 iwr.u.essid.flags = (ssid_len != 0);
419 os_memset(buf, 0, sizeof(buf));
420 os_memcpy(buf, ssid, ssid_len);
421 iwr.u.essid.pointer = (caddr_t) buf;
422 if (drv->we_version_compiled < 21) {
423 /* For historic reasons, set SSID length to include one extra
424 * character, C string nul termination, even though SSID is
425 * really an octet string that should not be presented as a C
426 * string. Some Linux drivers decrement the length by one and
427 * can thus end up missing the last octet of the SSID if the
428 * length is not incremented here. WE-21 changes this to
429 * explicitly require the length _not_ to include nul
434 iwr.u.essid.length = ssid_len;
436 if (ioctl(drv->ioctl_sock, SIOCSIWESSID, &iwr) < 0) {
437 perror("ioctl[SIOCSIWESSID]");
445 static int wpa_driver_nl80211_set_freq(void *priv, int freq)
447 struct wpa_driver_nl80211_data *drv = priv;
451 os_memset(&iwr, 0, sizeof(iwr));
452 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
453 iwr.u.freq.m = freq * 100000;
456 if (ioctl(drv->ioctl_sock, SIOCSIWFREQ, &iwr) < 0) {
457 perror("ioctl[SIOCSIWFREQ]");
466 wpa_driver_nl80211_event_wireless_custom(void *ctx, char *custom)
468 union wpa_event_data data;
470 wpa_printf(MSG_MSGDUMP, "WEXT: Custom wireless event: '%s'",
473 os_memset(&data, 0, sizeof(data));
475 if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
476 data.michael_mic_failure.unicast =
477 os_strstr(custom, " unicast ") != NULL;
478 /* TODO: parse parameters(?) */
479 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
480 } else if (os_strncmp(custom, "ASSOCINFO(ReqIEs=", 17) == 0) {
486 bytes = strspn(spos, "0123456789abcdefABCDEF");
487 if (!bytes || (bytes & 1))
491 data.assoc_info.req_ies = os_malloc(bytes);
492 if (data.assoc_info.req_ies == NULL)
495 data.assoc_info.req_ies_len = bytes;
496 hexstr2bin(spos, data.assoc_info.req_ies, bytes);
500 data.assoc_info.resp_ies = NULL;
501 data.assoc_info.resp_ies_len = 0;
503 if (os_strncmp(spos, " RespIEs=", 9) == 0) {
506 bytes = strspn(spos, "0123456789abcdefABCDEF");
507 if (!bytes || (bytes & 1))
511 data.assoc_info.resp_ies = os_malloc(bytes);
512 if (data.assoc_info.resp_ies == NULL)
515 data.assoc_info.resp_ies_len = bytes;
516 hexstr2bin(spos, data.assoc_info.resp_ies, bytes);
519 wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
522 os_free(data.assoc_info.resp_ies);
523 os_free(data.assoc_info.req_ies);
524 #ifdef CONFIG_PEERKEY
525 } else if (os_strncmp(custom, "STKSTART.request=", 17) == 0) {
526 if (hwaddr_aton(custom + 17, data.stkstart.peer)) {
527 wpa_printf(MSG_DEBUG, "WEXT: unrecognized "
528 "STKSTART.request '%s'", custom + 17);
531 wpa_supplicant_event(ctx, EVENT_STKSTART, &data);
532 #endif /* CONFIG_PEERKEY */
535 #endif /* WEXT_COMPAT */
538 static int wpa_driver_nl80211_event_wireless_michaelmicfailure(
539 void *ctx, const char *ev, size_t len)
541 const struct iw_michaelmicfailure *mic;
542 union wpa_event_data data;
544 if (len < sizeof(*mic))
547 mic = (const struct iw_michaelmicfailure *) ev;
549 wpa_printf(MSG_DEBUG, "Michael MIC failure wireless event: "
550 "flags=0x%x src_addr=" MACSTR, mic->flags,
551 MAC2STR(mic->src_addr.sa_data));
553 os_memset(&data, 0, sizeof(data));
554 data.michael_mic_failure.unicast = !(mic->flags & IW_MICFAILURE_GROUP);
555 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
562 static int wpa_driver_nl80211_event_wireless_pmkidcand(
563 struct wpa_driver_nl80211_data *drv, const char *ev, size_t len)
565 const struct iw_pmkid_cand *cand;
566 union wpa_event_data data;
569 if (len < sizeof(*cand))
572 cand = (const struct iw_pmkid_cand *) ev;
573 addr = (const u8 *) cand->bssid.sa_data;
575 wpa_printf(MSG_DEBUG, "PMKID candidate wireless event: "
576 "flags=0x%x index=%d bssid=" MACSTR, cand->flags,
577 cand->index, MAC2STR(addr));
579 os_memset(&data, 0, sizeof(data));
580 os_memcpy(data.pmkid_candidate.bssid, addr, ETH_ALEN);
581 data.pmkid_candidate.index = cand->index;
582 data.pmkid_candidate.preauth = cand->flags & IW_PMKID_CAND_PREAUTH;
583 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
589 static int wpa_driver_nl80211_event_wireless_assocreqie(
590 struct wpa_driver_nl80211_data *drv, const char *ev, int len)
595 wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
597 os_free(drv->assoc_req_ies);
598 drv->assoc_req_ies = os_malloc(len);
599 if (drv->assoc_req_ies == NULL) {
600 drv->assoc_req_ies_len = 0;
603 os_memcpy(drv->assoc_req_ies, ev, len);
604 drv->assoc_req_ies_len = len;
610 static int wpa_driver_nl80211_event_wireless_assocrespie(
611 struct wpa_driver_nl80211_data *drv, const char *ev, int len)
616 wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
618 os_free(drv->assoc_resp_ies);
619 drv->assoc_resp_ies = os_malloc(len);
620 if (drv->assoc_resp_ies == NULL) {
621 drv->assoc_resp_ies_len = 0;
624 os_memcpy(drv->assoc_resp_ies, ev, len);
625 drv->assoc_resp_ies_len = len;
631 static void wpa_driver_nl80211_event_assoc_ies(struct wpa_driver_nl80211_data *drv)
633 union wpa_event_data data;
635 if (drv->assoc_req_ies == NULL && drv->assoc_resp_ies == NULL)
638 os_memset(&data, 0, sizeof(data));
639 if (drv->assoc_req_ies) {
640 data.assoc_info.req_ies = drv->assoc_req_ies;
641 drv->assoc_req_ies = NULL;
642 data.assoc_info.req_ies_len = drv->assoc_req_ies_len;
644 if (drv->assoc_resp_ies) {
645 data.assoc_info.resp_ies = drv->assoc_resp_ies;
646 drv->assoc_resp_ies = NULL;
647 data.assoc_info.resp_ies_len = drv->assoc_resp_ies_len;
650 wpa_supplicant_event(drv->ctx, EVENT_ASSOCINFO, &data);
652 os_free(data.assoc_info.req_ies);
653 os_free(data.assoc_info.resp_ies);
655 #endif /* WEXT_COMPAT */
658 static void wpa_driver_nl80211_event_wireless(struct wpa_driver_nl80211_data *drv,
659 void *ctx, char *data, int len)
661 struct iw_event iwe_buf, *iwe = &iwe_buf;
662 char *pos, *end, *custom;
665 #endif /* WEXT_COMPAT */
670 while (pos + IW_EV_LCP_LEN <= end) {
671 /* Event data may be unaligned, so make a local, aligned copy
672 * before processing. */
673 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
674 wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d",
676 if (iwe->len <= IW_EV_LCP_LEN)
679 custom = pos + IW_EV_POINT_LEN;
680 if (drv->we_version_compiled > 18 &&
681 (iwe->cmd == IWEVMICHAELMICFAILURE ||
682 iwe->cmd == IWEVCUSTOM ||
683 iwe->cmd == IWEVASSOCREQIE ||
684 iwe->cmd == IWEVASSOCRESPIE ||
685 iwe->cmd == IWEVPMKIDCAND)) {
686 /* WE-19 removed the pointer from struct iw_point */
687 char *dpos = (char *) &iwe_buf.u.data.length;
688 int dlen = dpos - (char *) &iwe_buf;
689 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
690 sizeof(struct iw_event) - dlen);
692 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
693 custom += IW_EV_POINT_OFF;
699 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
701 wpa_printf(MSG_DEBUG, "Wireless event: new AP: "
703 MAC2STR((u8 *) iwe->u.ap_addr.sa_data));
704 if (is_zero_ether_addr(
705 (const u8 *) iwe->u.ap_addr.sa_data) ||
706 os_memcmp(iwe->u.ap_addr.sa_data,
707 "\x44\x44\x44\x44\x44\x44", ETH_ALEN) ==
709 os_free(drv->assoc_req_ies);
710 drv->assoc_req_ies = NULL;
711 os_free(drv->assoc_resp_ies);
712 drv->assoc_resp_ies = NULL;
713 wpa_supplicant_event(ctx, EVENT_DISASSOC,
717 wpa_driver_nl80211_event_assoc_ies(drv);
718 wpa_supplicant_event(ctx, EVENT_ASSOC, NULL);
721 #endif /* WEXT_COMPAT */
722 case IWEVMICHAELMICFAILURE:
723 wpa_driver_nl80211_event_wireless_michaelmicfailure(
724 ctx, custom, iwe->u.data.length);
728 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
730 if (custom + iwe->u.data.length > end)
732 buf = os_malloc(iwe->u.data.length + 1);
735 os_memcpy(buf, custom, iwe->u.data.length);
736 buf[iwe->u.data.length] = '\0';
737 wpa_driver_nl80211_event_wireless_custom(ctx, buf);
741 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
743 wpa_driver_nl80211_event_wireless_assocreqie(
744 drv, custom, iwe->u.data.length);
746 case IWEVASSOCRESPIE:
747 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
749 wpa_driver_nl80211_event_wireless_assocrespie(
750 drv, custom, iwe->u.data.length);
753 wpa_driver_nl80211_event_wireless_pmkidcand(
754 drv, custom, iwe->u.data.length);
756 #endif /* WEXT_COMPAT */
764 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv,
765 void *ctx, char *buf, size_t len,
768 union wpa_event_data event;
770 os_memset(&event, 0, sizeof(event));
771 if (len > sizeof(event.interface_status.ifname))
772 len = sizeof(event.interface_status.ifname) - 1;
773 os_memcpy(event.interface_status.ifname, buf, len);
774 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
775 EVENT_INTERFACE_ADDED;
777 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
779 event.interface_status.ifname,
780 del ? "removed" : "added");
782 if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) {
789 wpa_supplicant_event(ctx, EVENT_INTERFACE_STATUS, &event);
793 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv,
796 struct ifinfomsg *ifi;
797 int attrlen, _nlmsg_len, rta_len;
802 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
804 attrlen = h->nlmsg_len - _nlmsg_len;
808 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
810 rta_len = RTA_ALIGN(sizeof(struct rtattr));
811 while (RTA_OK(attr, attrlen)) {
812 if (attr->rta_type == IFLA_IFNAME) {
813 if (os_strcmp(((char *) attr) + rta_len, drv->ifname)
819 attr = RTA_NEXT(attr, attrlen);
826 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv,
827 int ifindex, struct nlmsghdr *h)
829 if (drv->ifindex == ifindex)
832 if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, h)) {
833 drv->ifindex = if_nametoindex(drv->ifname);
834 wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed "
836 wpa_driver_nl80211_finish_drv_init(drv);
844 static void wpa_driver_nl80211_event_rtm_newlink(struct wpa_driver_nl80211_data *drv,
845 void *ctx, struct nlmsghdr *h,
848 struct ifinfomsg *ifi;
849 int attrlen, _nlmsg_len, rta_len;
850 struct rtattr * attr;
852 if (len < sizeof(*ifi))
857 if (!wpa_driver_nl80211_own_ifindex(drv, ifi->ifi_index, h)) {
858 wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
863 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
865 drv->operstate, ifi->ifi_flags,
866 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
867 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
868 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
869 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
871 * Some drivers send the association event before the operup event--in
872 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
873 * fails. This will hit us when wpa_supplicant does not need to do
874 * IEEE 802.1X authentication
876 if (drv->operstate == 1 &&
877 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
878 !(ifi->ifi_flags & IFF_RUNNING))
879 wpa_driver_nl80211_send_oper_ifla(drv, -1, IF_OPER_UP);
881 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
883 attrlen = h->nlmsg_len - _nlmsg_len;
887 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
889 rta_len = RTA_ALIGN(sizeof(struct rtattr));
890 while (RTA_OK(attr, attrlen)) {
891 if (attr->rta_type == IFLA_WIRELESS) {
892 wpa_driver_nl80211_event_wireless(
893 drv, ctx, ((char *) attr) + rta_len,
894 attr->rta_len - rta_len);
895 } else if (attr->rta_type == IFLA_IFNAME) {
896 wpa_driver_nl80211_event_link(
898 ((char *) attr) + rta_len,
899 attr->rta_len - rta_len, 0);
901 attr = RTA_NEXT(attr, attrlen);
906 static void wpa_driver_nl80211_event_rtm_dellink(struct wpa_driver_nl80211_data *drv,
907 void *ctx, struct nlmsghdr *h,
910 struct ifinfomsg *ifi;
911 int attrlen, _nlmsg_len, rta_len;
912 struct rtattr * attr;
914 if (len < sizeof(*ifi))
919 _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
921 attrlen = h->nlmsg_len - _nlmsg_len;
925 attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len);
927 rta_len = RTA_ALIGN(sizeof(struct rtattr));
928 while (RTA_OK(attr, attrlen)) {
929 if (attr->rta_type == IFLA_IFNAME) {
930 wpa_driver_nl80211_event_link(
932 ((char *) attr) + rta_len,
933 attr->rta_len - rta_len, 1);
935 attr = RTA_NEXT(attr, attrlen);
940 static void wpa_driver_nl80211_event_receive_wext(int sock, void *eloop_ctx,
945 struct sockaddr_nl from;
951 fromlen = sizeof(from);
952 left = recvfrom(sock, buf, sizeof(buf), MSG_DONTWAIT,
953 (struct sockaddr *) &from, &fromlen);
955 if (errno != EINTR && errno != EAGAIN)
956 perror("recvfrom(netlink)");
960 h = (struct nlmsghdr *) buf;
961 while (left >= (int) sizeof(*h)) {
965 plen = len - sizeof(*h);
966 if (len > left || plen < 0) {
967 wpa_printf(MSG_DEBUG, "Malformed netlink message: "
968 "len=%d left=%d plen=%d",
973 switch (h->nlmsg_type) {
975 wpa_driver_nl80211_event_rtm_newlink(eloop_ctx, sock_ctx,
979 wpa_driver_nl80211_event_rtm_dellink(eloop_ctx, sock_ctx,
984 len = NLMSG_ALIGN(len);
986 h = (struct nlmsghdr *) ((char *) h + len);
990 wpa_printf(MSG_DEBUG, "%d extra bytes in the end of netlink "
994 if (--max_events > 0) {
996 * Try to receive all events in one eloop call in order to
997 * limit race condition on cases where AssocInfo event, Assoc
998 * event, and EAPOL frames are received more or less at the
999 * same time. We want to process the event messages first
1000 * before starting EAPOL processing.
1007 static int no_seq_check(struct nl_msg *msg, void *arg)
1013 static void mlme_event_auth(struct wpa_driver_nl80211_data *drv,
1014 const u8 *frame, size_t len)
1016 const struct ieee80211_mgmt *mgmt;
1017 union wpa_event_data event;
1019 mgmt = (const struct ieee80211_mgmt *) frame;
1020 if (len < 24 + sizeof(mgmt->u.auth)) {
1021 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1026 os_memset(&event, 0, sizeof(event));
1027 os_memcpy(event.auth.peer, mgmt->sa, ETH_ALEN);
1028 event.auth.auth_type = le_to_host16(mgmt->u.auth.auth_alg);
1029 event.auth.status_code = le_to_host16(mgmt->u.auth.status_code);
1030 if (len > 24 + sizeof(mgmt->u.auth)) {
1031 event.auth.ies = mgmt->u.auth.variable;
1032 event.auth.ies_len = len - 24 - sizeof(mgmt->u.auth);
1035 wpa_supplicant_event(drv->ctx, EVENT_AUTH, &event);
1039 static void mlme_event_assoc(struct wpa_driver_nl80211_data *drv,
1040 const u8 *frame, size_t len)
1042 const struct ieee80211_mgmt *mgmt;
1043 union wpa_event_data event;
1046 mgmt = (const struct ieee80211_mgmt *) frame;
1047 if (len < 24 + sizeof(mgmt->u.assoc_resp)) {
1048 wpa_printf(MSG_DEBUG, "nl80211: Too short association event "
1053 status = le_to_host16(mgmt->u.assoc_resp.status_code);
1054 if (status != WLAN_STATUS_SUCCESS) {
1055 wpa_printf(MSG_DEBUG, "nl80211: Association failed: status "
1057 /* TODO: notify SME so that things like SA Query and comeback
1058 * time can be implemented */
1062 drv->associated = 1;
1063 os_memcpy(drv->bssid, mgmt->sa, ETH_ALEN);
1065 os_memset(&event, 0, sizeof(event));
1066 if (len > 24 + sizeof(mgmt->u.assoc_resp)) {
1067 event.assoc_info.resp_ies = (u8 *) mgmt->u.assoc_resp.variable;
1068 event.assoc_info.resp_ies_len =
1069 len - 24 - sizeof(mgmt->u.assoc_req);
1072 wpa_supplicant_event(drv->ctx, EVENT_ASSOC, &event);
1076 static void mlme_event(struct wpa_driver_nl80211_data *drv,
1077 enum nl80211_commands cmd, struct nlattr *frame)
1079 if (frame == NULL) {
1080 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d without frame "
1085 wpa_printf(MSG_DEBUG, "nl80211: MLME event %d", cmd);
1086 wpa_hexdump(MSG_MSGDUMP, "nl80211: MLME event frame",
1087 nla_data(frame), nla_len(frame));
1090 case NL80211_CMD_AUTHENTICATE:
1091 mlme_event_auth(drv, nla_data(frame), nla_len(frame));
1093 case NL80211_CMD_ASSOCIATE:
1094 mlme_event_assoc(drv, nla_data(frame), nla_len(frame));
1096 case NL80211_CMD_DEAUTHENTICATE:
1097 drv->associated = 0;
1098 wpa_supplicant_event(drv->ctx, EVENT_DEAUTH, NULL);
1100 case NL80211_CMD_DISASSOCIATE:
1101 drv->associated = 0;
1102 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC, NULL);
1110 static int process_event(struct nl_msg *msg, void *arg)
1112 struct wpa_driver_nl80211_data *drv = arg;
1113 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1114 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1116 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1117 genlmsg_attrlen(gnlh, 0), NULL);
1119 if (tb[NL80211_ATTR_IFINDEX]) {
1120 int ifindex = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
1121 if (ifindex != drv->ifindex) {
1122 wpa_printf(MSG_DEBUG, "nl80211: Ignored event (cmd=%d)"
1123 " for foreign interface (ifindex %d)",
1124 gnlh->cmd, ifindex);
1129 switch (gnlh->cmd) {
1130 case NL80211_CMD_NEW_SCAN_RESULTS:
1131 wpa_printf(MSG_DEBUG, "nl80211: New scan results available");
1132 drv->scan_complete_events = 1;
1133 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1135 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, NULL);
1137 case NL80211_CMD_SCAN_ABORTED:
1138 wpa_printf(MSG_DEBUG, "nl80211: Scan aborted");
1140 * Need to indicate that scan results are available in order
1141 * not to make wpa_supplicant stop its scanning.
1143 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv,
1145 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS, NULL);
1147 case NL80211_CMD_AUTHENTICATE:
1148 case NL80211_CMD_ASSOCIATE:
1149 case NL80211_CMD_DEAUTHENTICATE:
1150 case NL80211_CMD_DISASSOCIATE:
1151 mlme_event(drv, gnlh->cmd, tb[NL80211_ATTR_FRAME]);
1154 wpa_printf(MSG_DEBUG, "nl80211: Ignored unknown event "
1155 "(cmd=%d)", gnlh->cmd);
1163 static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx,
1167 struct wpa_driver_nl80211_data *drv = eloop_ctx;
1169 wpa_printf(MSG_DEBUG, "nl80211: Event message available");
1171 cb = nl_cb_clone(drv->nl_cb);
1174 nl_cb_set(cb, NL_CB_SEQ_CHECK, NL_CB_CUSTOM, no_seq_check, NULL);
1175 nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, process_event, drv);
1176 nl_recvmsgs(drv->nl_handle, cb);
1181 static int wpa_driver_nl80211_get_ifflags_ifname(struct wpa_driver_nl80211_data *drv,
1182 const char *ifname, int *flags)
1186 os_memset(&ifr, 0, sizeof(ifr));
1187 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
1188 if (ioctl(drv->ioctl_sock, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) {
1189 perror("ioctl[SIOCGIFFLAGS]");
1192 *flags = ifr.ifr_flags & 0xffff;
1198 * wpa_driver_nl80211_get_ifflags - Get interface flags (SIOCGIFFLAGS)
1199 * @drv: driver_nl80211 private data
1200 * @flags: Pointer to returned flags value
1201 * Returns: 0 on success, -1 on failure
1203 static int wpa_driver_nl80211_get_ifflags(struct wpa_driver_nl80211_data *drv,
1206 return wpa_driver_nl80211_get_ifflags_ifname(drv, drv->ifname, flags);
1210 static int wpa_driver_nl80211_set_ifflags_ifname(
1211 struct wpa_driver_nl80211_data *drv,
1212 const char *ifname, int flags)
1216 os_memset(&ifr, 0, sizeof(ifr));
1217 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
1218 ifr.ifr_flags = flags & 0xffff;
1219 if (ioctl(drv->ioctl_sock, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) {
1220 perror("SIOCSIFFLAGS");
1228 * wpa_driver_nl80211_set_ifflags - Set interface flags (SIOCSIFFLAGS)
1229 * @drv: driver_nl80211 private data
1230 * @flags: New value for flags
1231 * Returns: 0 on success, -1 on failure
1233 static int wpa_driver_nl80211_set_ifflags(struct wpa_driver_nl80211_data *drv,
1236 return wpa_driver_nl80211_set_ifflags_ifname(drv, drv->ifname, flags);
1241 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1242 * @priv: driver_nl80211 private data
1243 * @alpha2_arg: country to which to switch to
1244 * Returns: 0 on success, -1 on failure
1246 * This asks nl80211 to set the regulatory domain for given
1247 * country ISO / IEC alpha2.
1249 static int wpa_driver_nl80211_set_country(void *priv, const char *alpha2_arg)
1251 struct wpa_driver_nl80211_data *drv = priv;
1255 msg = nlmsg_alloc();
1257 goto nla_put_failure;
1259 alpha2[0] = alpha2_arg[0];
1260 alpha2[1] = alpha2_arg[1];
1263 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1264 0, NL80211_CMD_REQ_SET_REG, 0);
1266 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, alpha2);
1267 if (send_and_recv_msgs(drv, msg, NULL, NULL))
1275 struct wiphy_info_data {
1281 static int wiphy_info_handler(struct nl_msg *msg, void *arg)
1283 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1284 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1285 struct wiphy_info_data *info = arg;
1287 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1288 genlmsg_attrlen(gnlh, 0), NULL);
1290 if (tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS])
1291 info->max_scan_ssids =
1292 nla_get_u8(tb[NL80211_ATTR_MAX_NUM_SCAN_SSIDS]);
1294 if (tb[NL80211_ATTR_SUPPORTED_IFTYPES]) {
1295 struct nlattr *nl_mode;
1297 nla_for_each_nested(nl_mode,
1298 tb[NL80211_ATTR_SUPPORTED_IFTYPES], i) {
1299 if (nl_mode->nla_type == NL80211_IFTYPE_AP) {
1300 info->ap_supported = 1;
1310 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data *drv,
1311 struct wiphy_info_data *info)
1315 os_memset(info, 0, sizeof(*info));
1316 msg = nlmsg_alloc();
1320 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1321 0, NL80211_CMD_GET_WIPHY, 0);
1323 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1325 if (send_and_recv_msgs(drv, msg, wiphy_info_handler, info) == 0)
1334 static void wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data *drv)
1336 struct wiphy_info_data info;
1337 if (wpa_driver_nl80211_get_info(drv, &info))
1339 drv->has_capability = 1;
1340 drv->capa.max_scan_ssids = info.max_scan_ssids;
1341 if (info.ap_supported)
1342 drv->capa.flags |= WPA_DRIVER_FLAGS_AP;
1347 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
1348 * @ctx: context to be used when calling wpa_supplicant functions,
1349 * e.g., wpa_supplicant_event()
1350 * @ifname: interface name, e.g., wlan0
1351 * Returns: Pointer to private data, %NULL on failure
1353 static void * wpa_driver_nl80211_init(void *ctx, const char *ifname)
1356 struct sockaddr_nl local;
1357 struct wpa_driver_nl80211_data *drv;
1359 drv = os_zalloc(sizeof(*drv));
1363 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
1365 drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT);
1366 if (drv->nl_cb == NULL) {
1367 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1372 drv->nl_handle = nl_handle_alloc_cb(drv->nl_cb);
1373 if (drv->nl_handle == NULL) {
1374 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink "
1379 if (genl_connect(drv->nl_handle)) {
1380 wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic "
1385 drv->nl_cache = genl_ctrl_alloc_cache(drv->nl_handle);
1386 if (drv->nl_cache == NULL) {
1387 wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic "
1392 drv->nl80211 = genl_ctrl_search_by_name(drv->nl_cache, "nl80211");
1393 if (drv->nl80211 == NULL) {
1394 wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not "
1399 ret = nl_get_multicast_id(drv, "nl80211", "scan");
1401 ret = nl_socket_add_membership(drv->nl_handle, ret);
1403 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1404 "membership for scan events: %d (%s)",
1405 ret, strerror(-ret));
1409 ret = nl_get_multicast_id(drv, "nl80211", "mlme");
1411 ret = nl_socket_add_membership(drv->nl_handle, ret);
1414 wpa_printf(MSG_DEBUG, "nl80211: Could not add multicast "
1415 "membership for mlme events: %d (%s)",
1416 ret, strerror(-ret));
1417 /* Use WEXT for association request */
1419 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
1420 #else /* WEXT_COMPAT */
1422 wpa_printf(MSG_ERROR, "nl80211: Could not add multicast "
1423 "membership for mlme events: %d (%s)",
1424 ret, strerror(-ret));
1427 drv->capa.flags |= WPA_DRIVER_FLAGS_SME;
1428 #endif /* WEXT_COMPAT */
1430 eloop_register_read_sock(nl_socket_get_fd(drv->nl_handle),
1431 wpa_driver_nl80211_event_receive, drv, ctx);
1433 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
1434 if (drv->ioctl_sock < 0) {
1435 perror("socket(PF_INET,SOCK_DGRAM)");
1439 s = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
1441 perror("socket(PF_NETLINK,SOCK_RAW,NETLINK_ROUTE)");
1445 os_memset(&local, 0, sizeof(local));
1446 local.nl_family = AF_NETLINK;
1447 local.nl_groups = RTMGRP_LINK;
1448 if (bind(s, (struct sockaddr *) &local, sizeof(local)) < 0) {
1449 perror("bind(netlink)");
1454 eloop_register_read_sock(s, wpa_driver_nl80211_event_receive_wext, drv,
1456 drv->wext_event_sock = s;
1458 if (wpa_driver_nl80211_finish_drv_init(drv))
1464 eloop_unregister_read_sock(drv->wext_event_sock);
1465 close(drv->wext_event_sock);
1467 close(drv->ioctl_sock);
1469 genl_family_put(drv->nl80211);
1471 nl_cache_free(drv->nl_cache);
1473 nl_handle_destroy(drv->nl_handle);
1475 nl_cb_put(drv->nl_cb);
1483 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv)
1487 drv->ifindex = if_nametoindex(drv->ifname);
1489 if (wpa_driver_nl80211_set_mode(drv, 0) < 0) {
1490 wpa_printf(MSG_DEBUG, "nl80211: Could not configure driver to "
1491 "use managed mode");
1494 if (wpa_driver_nl80211_get_ifflags(drv, &flags) != 0) {
1495 wpa_printf(MSG_ERROR, "Could not get interface '%s' flags",
1499 if (!(flags & IFF_UP)) {
1500 if (wpa_driver_nl80211_set_ifflags(drv, flags | IFF_UP) != 0) {
1501 wpa_printf(MSG_ERROR, "Could not set interface '%s' "
1509 * Make sure that the driver does not have any obsolete PMKID entries.
1511 wpa_driver_nl80211_flush_pmkid(drv);
1512 #endif /* WEXT_COMPAT */
1514 wpa_driver_nl80211_get_range(drv);
1516 wpa_driver_nl80211_capa(drv);
1518 wpa_driver_nl80211_send_oper_ifla(drv, 1, IF_OPER_DORMANT);
1525 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
1526 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
1528 * Shut down driver interface and processing of driver events. Free
1529 * private data buffer if one was allocated in wpa_driver_nl80211_init().
1531 static void wpa_driver_nl80211_deinit(void *priv)
1533 struct wpa_driver_nl80211_data *drv = priv;
1536 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1540 * Clear possibly configured driver parameters in order to make it
1541 * easier to use the driver after wpa_supplicant has been terminated.
1543 (void) wpa_driver_nl80211_set_bssid(drv,
1544 (u8 *) "\x00\x00\x00\x00\x00\x00");
1545 #endif /* WEXT_COMPAT */
1546 wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED, 0);
1548 wpa_driver_nl80211_send_oper_ifla(priv, 0, IF_OPER_UP);
1550 eloop_unregister_read_sock(drv->wext_event_sock);
1552 if (wpa_driver_nl80211_get_ifflags(drv, &flags) == 0)
1553 (void) wpa_driver_nl80211_set_ifflags(drv, flags & ~IFF_UP);
1554 wpa_driver_nl80211_set_mode(drv, 0);
1556 close(drv->wext_event_sock);
1557 close(drv->ioctl_sock);
1559 os_free(drv->assoc_req_ies);
1560 os_free(drv->assoc_resp_ies);
1561 #endif /* WEXT_COMPAT */
1563 eloop_unregister_read_sock(nl_socket_get_fd(drv->nl_handle));
1564 genl_family_put(drv->nl80211);
1565 nl_cache_free(drv->nl_cache);
1566 nl_handle_destroy(drv->nl_handle);
1567 nl_cb_put(drv->nl_cb);
1574 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
1575 * @eloop_ctx: Unused
1576 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
1578 * This function can be used as registered timeout when starting a scan to
1579 * generate a scan completed event if the driver does not report this.
1581 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx)
1583 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
1584 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
1589 * wpa_driver_nl80211_scan - Request the driver to initiate scan
1590 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
1591 * @params: Scan parameters
1592 * Returns: 0 on success, -1 on failure
1594 static int wpa_driver_nl80211_scan(void *priv,
1595 struct wpa_driver_scan_params *params)
1597 struct wpa_driver_nl80211_data *drv = priv;
1598 int ret = 0, timeout;
1599 struct nl_msg *msg, *ssids;
1602 msg = nlmsg_alloc();
1603 ssids = nlmsg_alloc();
1604 if (!msg || !ssids) {
1610 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1611 NL80211_CMD_TRIGGER_SCAN, 0);
1613 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1615 for (i = 0; i < params->num_ssids; i++) {
1616 NLA_PUT(ssids, i + 1, params->ssids[i].ssid_len,
1617 params->ssids[i].ssid);
1619 if (params->num_ssids)
1620 nla_put_nested(msg, NL80211_ATTR_SCAN_SSIDS, ssids);
1622 if (params->extra_ies) {
1623 NLA_PUT(msg, NL80211_ATTR_IE, params->extra_ies_len,
1627 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
1630 wpa_printf(MSG_DEBUG, "nl80211: Scan trigger failed: ret=%d "
1631 "(%s)", ret, strerror(-ret));
1632 goto nla_put_failure;
1635 /* Not all drivers generate "scan completed" wireless event, so try to
1636 * read results after a timeout. */
1638 if (drv->scan_complete_events) {
1640 * The driver seems to deliver events to notify when scan is
1641 * complete, so use longer timeout to avoid race conditions
1642 * with scanning and following association request.
1646 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
1647 "seconds", ret, timeout);
1648 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx);
1649 eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout,
1659 static int bss_info_handler(struct nl_msg *msg, void *arg)
1661 struct nlattr *tb[NL80211_ATTR_MAX + 1];
1662 struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg));
1663 struct nlattr *bss[NL80211_BSS_MAX + 1];
1664 static struct nla_policy bss_policy[NL80211_BSS_MAX + 1] = {
1665 [NL80211_BSS_BSSID] = { .type = NLA_UNSPEC },
1666 [NL80211_BSS_FREQUENCY] = { .type = NLA_U32 },
1667 [NL80211_BSS_TSF] = { .type = NLA_U64 },
1668 [NL80211_BSS_BEACON_INTERVAL] = { .type = NLA_U16 },
1669 [NL80211_BSS_CAPABILITY] = { .type = NLA_U16 },
1670 [NL80211_BSS_INFORMATION_ELEMENTS] = { .type = NLA_UNSPEC },
1671 [NL80211_BSS_SIGNAL_MBM] = { .type = NLA_U32 },
1672 [NL80211_BSS_SIGNAL_UNSPEC] = { .type = NLA_U8 },
1674 struct wpa_scan_results *res = arg;
1675 struct wpa_scan_res **tmp;
1676 struct wpa_scan_res *r;
1680 nla_parse(tb, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0),
1681 genlmsg_attrlen(gnlh, 0), NULL);
1682 if (!tb[NL80211_ATTR_BSS])
1684 if (nla_parse_nested(bss, NL80211_BSS_MAX, tb[NL80211_ATTR_BSS],
1687 if (bss[NL80211_BSS_INFORMATION_ELEMENTS]) {
1688 ie = nla_data(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1689 ie_len = nla_len(bss[NL80211_BSS_INFORMATION_ELEMENTS]);
1695 r = os_zalloc(sizeof(*r) + ie_len);
1698 if (bss[NL80211_BSS_BSSID])
1699 os_memcpy(r->bssid, nla_data(bss[NL80211_BSS_BSSID]),
1701 if (bss[NL80211_BSS_FREQUENCY])
1702 r->freq = nla_get_u32(bss[NL80211_BSS_FREQUENCY]);
1703 if (bss[NL80211_BSS_BEACON_INTERVAL])
1704 r->beacon_int = nla_get_u16(bss[NL80211_BSS_BEACON_INTERVAL]);
1705 if (bss[NL80211_BSS_CAPABILITY])
1706 r->caps = nla_get_u16(bss[NL80211_BSS_CAPABILITY]);
1707 r->flags |= WPA_SCAN_NOISE_INVALID;
1708 if (bss[NL80211_BSS_SIGNAL_MBM]) {
1709 r->level = nla_get_u32(bss[NL80211_BSS_SIGNAL_MBM]);
1710 r->level /= 100; /* mBm to dBm */
1711 r->flags |= WPA_SCAN_LEVEL_DBM | WPA_SCAN_QUAL_INVALID;
1712 } else if (bss[NL80211_BSS_SIGNAL_UNSPEC]) {
1713 r->level = nla_get_u8(bss[NL80211_BSS_SIGNAL_UNSPEC]);
1714 r->flags |= WPA_SCAN_LEVEL_INVALID;
1716 r->flags |= WPA_SCAN_LEVEL_INVALID | WPA_SCAN_QUAL_INVALID;
1717 if (bss[NL80211_BSS_TSF])
1718 r->tsf = nla_get_u64(bss[NL80211_BSS_TSF]);
1721 os_memcpy(r + 1, ie, ie_len);
1723 tmp = os_realloc(res->res,
1724 (res->num + 1) * sizeof(struct wpa_scan_res *));
1729 tmp[res->num++] = r;
1737 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
1738 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
1739 * Returns: Scan results on success, -1 on failure
1741 static struct wpa_scan_results *
1742 wpa_driver_nl80211_get_scan_results(void *priv)
1744 struct wpa_driver_nl80211_data *drv = priv;
1746 struct wpa_scan_results *res;
1749 res = os_zalloc(sizeof(*res));
1752 msg = nlmsg_alloc();
1754 goto nla_put_failure;
1756 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, NLM_F_DUMP,
1757 NL80211_CMD_GET_SCAN, 0);
1758 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1760 ret = send_and_recv_msgs(drv, msg, bss_info_handler, res);
1763 wpa_printf(MSG_DEBUG, "Received scan results (%lu BSSes)",
1764 (unsigned long) res->num);
1767 wpa_printf(MSG_DEBUG, "nl80211: Scan result fetch failed: ret=%d "
1768 "(%s)", ret, strerror(-ret));
1771 wpa_scan_results_free(res);
1776 static int wpa_driver_nl80211_get_range(void *priv)
1778 struct wpa_driver_nl80211_data *drv = priv;
1779 struct iw_range *range;
1785 * Use larger buffer than struct iw_range in order to allow the
1786 * structure to grow in the future.
1788 buflen = sizeof(struct iw_range) + 500;
1789 range = os_zalloc(buflen);
1793 os_memset(&iwr, 0, sizeof(iwr));
1794 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1795 iwr.u.data.pointer = (caddr_t) range;
1796 iwr.u.data.length = buflen;
1798 minlen = ((char *) &range->enc_capa) - (char *) range +
1799 sizeof(range->enc_capa);
1801 if (ioctl(drv->ioctl_sock, SIOCGIWRANGE, &iwr) < 0) {
1802 perror("ioctl[SIOCGIWRANGE]");
1805 } else if (iwr.u.data.length >= minlen &&
1806 range->we_version_compiled >= 18) {
1807 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: WE(compiled)=%d "
1808 "WE(source)=%d enc_capa=0x%x",
1809 range->we_version_compiled,
1810 range->we_version_source,
1812 drv->has_capability = 1;
1813 drv->we_version_compiled = range->we_version_compiled;
1814 if (range->enc_capa & IW_ENC_CAPA_WPA) {
1815 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1816 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK;
1818 if (range->enc_capa & IW_ENC_CAPA_WPA2) {
1819 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1820 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1822 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
1823 WPA_DRIVER_CAPA_ENC_WEP104;
1824 if (range->enc_capa & IW_ENC_CAPA_CIPHER_TKIP)
1825 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
1826 if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP)
1827 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
1828 wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x",
1829 drv->capa.key_mgmt, drv->capa.enc);
1831 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: too old (short) data - "
1832 "assuming WPA is not supported");
1841 static int wpa_driver_nl80211_set_wpa(void *priv, int enabled)
1843 struct wpa_driver_nl80211_data *drv = priv;
1844 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
1846 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1848 return wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_WPA_ENABLED,
1851 #endif /* WEXT_COMPAT */
1854 static int wpa_driver_nl80211_set_key(void *priv, wpa_alg alg,
1855 const u8 *addr, int key_idx,
1856 int set_tx, const u8 *seq,
1858 const u8 *key, size_t key_len)
1860 struct wpa_driver_nl80211_data *drv = priv;
1864 wpa_printf(MSG_DEBUG, "%s: alg=%d addr=%p key_idx=%d set_tx=%d "
1865 "seq_len=%lu key_len=%lu",
1866 __func__, alg, addr, key_idx, set_tx,
1867 (unsigned long) seq_len, (unsigned long) key_len);
1869 msg = nlmsg_alloc();
1873 if (alg == WPA_ALG_NONE) {
1874 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1875 NL80211_CMD_DEL_KEY, 0);
1877 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
1878 NL80211_CMD_NEW_KEY, 0);
1879 NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key);
1883 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1886 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER,
1890 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC02);
1893 NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC04);
1901 if (addr && os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0)
1903 wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr));
1904 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
1906 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1907 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1909 err = send_and_recv_msgs(drv, msg, NULL, NULL);
1911 wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d", err);
1915 if (set_tx && alg != WPA_ALG_NONE) {
1916 msg = nlmsg_alloc();
1920 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
1921 0, NL80211_CMD_SET_KEY, 0);
1922 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1923 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1924 NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT);
1926 err = send_and_recv_msgs(drv, msg, NULL, NULL);
1928 wpa_printf(MSG_DEBUG, "nl80211: set default key "
1929 "failed; err=%d", err);
1942 static int wpa_driver_nl80211_set_countermeasures(void *priv,
1945 struct wpa_driver_nl80211_data *drv = priv;
1946 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
1948 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1949 return wpa_driver_nl80211_set_auth_param(drv,
1950 IW_AUTH_TKIP_COUNTERMEASURES,
1953 #endif /* WEXT_COMPAT */
1957 static int wpa_driver_nl80211_mlme_wext(struct wpa_driver_nl80211_data *drv,
1958 const u8 *addr, int cmd,
1962 struct iw_mlme mlme;
1965 os_memset(&iwr, 0, sizeof(iwr));
1966 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1967 os_memset(&mlme, 0, sizeof(mlme));
1969 mlme.reason_code = reason_code;
1970 mlme.addr.sa_family = ARPHRD_ETHER;
1971 os_memcpy(mlme.addr.sa_data, addr, ETH_ALEN);
1972 iwr.u.data.pointer = (caddr_t) &mlme;
1973 iwr.u.data.length = sizeof(mlme);
1975 if (ioctl(drv->ioctl_sock, SIOCSIWMLME, &iwr) < 0) {
1976 perror("ioctl[SIOCSIWMLME]");
1982 #endif /* WEXT_COMPAT */
1985 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv,
1986 const u8 *addr, int cmd, u16 reason_code)
1991 msg = nlmsg_alloc();
1995 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, cmd, 0);
1997 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
1998 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason_code);
1999 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
2001 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2004 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2005 "(%s)", ret, strerror(-ret));
2006 goto nla_put_failure;
2016 static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr,
2019 struct wpa_driver_nl80211_data *drv = priv;
2020 wpa_printf(MSG_DEBUG, "%s", __func__);
2022 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2023 return wpa_driver_nl80211_mlme_wext(drv, addr, IW_MLME_DEAUTH,
2025 #endif /* WEXT_COMPAT */
2027 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DEAUTHENTICATE,
2032 static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr,
2035 struct wpa_driver_nl80211_data *drv = priv;
2036 wpa_printf(MSG_DEBUG, "%s", __func__);
2038 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2039 return wpa_driver_nl80211_mlme_wext(drv, addr,
2042 #endif /* WEXT_COMPAT */
2043 return wpa_driver_nl80211_mlme(drv, addr, NL80211_CMD_DISASSOCIATE,
2049 static int wpa_driver_nl80211_set_gen_ie(void *priv, const u8 *ie,
2052 struct wpa_driver_nl80211_data *drv = priv;
2056 if (drv->capa.flags & WPA_DRIVER_FLAGS_SME)
2058 os_memset(&iwr, 0, sizeof(iwr));
2059 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2060 iwr.u.data.pointer = (caddr_t) ie;
2061 iwr.u.data.length = ie_len;
2063 if (ioctl(drv->ioctl_sock, SIOCSIWGENIE, &iwr) < 0) {
2064 perror("ioctl[SIOCSIWGENIE]");
2072 static int wpa_driver_nl80211_cipher2wext(int cipher)
2076 return IW_AUTH_CIPHER_NONE;
2078 return IW_AUTH_CIPHER_WEP40;
2080 return IW_AUTH_CIPHER_TKIP;
2082 return IW_AUTH_CIPHER_CCMP;
2084 return IW_AUTH_CIPHER_WEP104;
2091 static int wpa_driver_nl80211_keymgmt2wext(int keymgmt)
2094 case KEY_MGMT_802_1X:
2095 case KEY_MGMT_802_1X_NO_WPA:
2096 return IW_AUTH_KEY_MGMT_802_1X;
2098 return IW_AUTH_KEY_MGMT_PSK;
2106 wpa_driver_nl80211_auth_alg_fallback(struct wpa_driver_nl80211_data *drv,
2107 struct wpa_driver_associate_params *params)
2112 wpa_printf(MSG_DEBUG, "WEXT: Driver did not support "
2113 "SIOCSIWAUTH for AUTH_ALG, trying SIOCSIWENCODE");
2115 os_memset(&iwr, 0, sizeof(iwr));
2116 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2117 /* Just changing mode, not actual keys */
2118 iwr.u.encoding.flags = 0;
2119 iwr.u.encoding.pointer = (caddr_t) NULL;
2120 iwr.u.encoding.length = 0;
2123 * Note: IW_ENCODE_{OPEN,RESTRICTED} can be interpreted to mean two
2124 * different things. Here they are used to indicate Open System vs.
2125 * Shared Key authentication algorithm. However, some drivers may use
2126 * them to select between open/restricted WEP encrypted (open = allow
2127 * both unencrypted and encrypted frames; restricted = only allow
2128 * encrypted frames).
2131 if (!drv->use_crypt) {
2132 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
2134 if (params->auth_alg & AUTH_ALG_OPEN_SYSTEM)
2135 iwr.u.encoding.flags |= IW_ENCODE_OPEN;
2136 if (params->auth_alg & AUTH_ALG_SHARED_KEY)
2137 iwr.u.encoding.flags |= IW_ENCODE_RESTRICTED;
2140 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
2141 perror("ioctl[SIOCSIWENCODE]");
2149 static int wpa_driver_nl80211_set_auth_alg(struct wpa_driver_nl80211_data *drv,
2154 if (auth_alg & AUTH_ALG_OPEN_SYSTEM)
2155 algs |= IW_AUTH_ALG_OPEN_SYSTEM;
2156 if (auth_alg & AUTH_ALG_SHARED_KEY)
2157 algs |= IW_AUTH_ALG_SHARED_KEY;
2158 if (auth_alg & AUTH_ALG_LEAP)
2159 algs |= IW_AUTH_ALG_LEAP;
2161 /* at least one algorithm should be set */
2162 algs = IW_AUTH_ALG_OPEN_SYSTEM;
2165 res = wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
2167 drv->auth_alg_fallback = res == -2;
2172 static int wpa_driver_nl80211_associate_wext(
2173 void *priv, struct wpa_driver_associate_params *params)
2175 struct wpa_driver_nl80211_data *drv = priv;
2177 int allow_unencrypted_eapol;
2180 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
2182 wpa_driver_nl80211_set_mode(drv, params->mode);
2183 wpa_driver_nl80211_set_auth_alg(drv, params->auth_alg);
2186 * If the driver did not support SIOCSIWAUTH, fallback to
2187 * SIOCSIWENCODE here.
2189 if (drv->auth_alg_fallback &&
2190 wpa_driver_nl80211_auth_alg_fallback(drv, params) < 0)
2193 if (!params->bssid &&
2194 wpa_driver_nl80211_set_bssid(drv, NULL) < 0)
2197 /* TODO: should consider getting wpa version and cipher/key_mgmt suites
2198 * from configuration, not from here, where only the selected suite is
2200 if (wpa_driver_nl80211_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
2203 if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
2204 value = IW_AUTH_WPA_VERSION_DISABLED;
2205 else if (params->wpa_ie[0] == WLAN_EID_RSN)
2206 value = IW_AUTH_WPA_VERSION_WPA2;
2208 value = IW_AUTH_WPA_VERSION_WPA;
2209 if (wpa_driver_nl80211_set_auth_param(drv,
2210 IW_AUTH_WPA_VERSION, value) < 0)
2212 value = wpa_driver_nl80211_cipher2wext(params->pairwise_suite);
2213 if (wpa_driver_nl80211_set_auth_param(drv,
2214 IW_AUTH_CIPHER_PAIRWISE, value) < 0)
2216 value = wpa_driver_nl80211_cipher2wext(params->group_suite);
2217 if (wpa_driver_nl80211_set_auth_param(drv,
2218 IW_AUTH_CIPHER_GROUP, value) < 0)
2220 value = wpa_driver_nl80211_keymgmt2wext(params->key_mgmt_suite);
2221 if (wpa_driver_nl80211_set_auth_param(drv,
2222 IW_AUTH_KEY_MGMT, value) < 0)
2224 value = params->key_mgmt_suite != KEY_MGMT_NONE ||
2225 params->pairwise_suite != CIPHER_NONE ||
2226 params->group_suite != CIPHER_NONE ||
2228 if (wpa_driver_nl80211_set_auth_param(drv,
2229 IW_AUTH_PRIVACY_INVOKED, value) < 0)
2232 /* Allow unencrypted EAPOL messages even if pairwise keys are set when
2233 * not using WPA. IEEE 802.1X specifies that these frames are not
2234 * encrypted, but WPA encrypts them when pairwise keys are in use. */
2235 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
2236 params->key_mgmt_suite == KEY_MGMT_PSK)
2237 allow_unencrypted_eapol = 0;
2239 allow_unencrypted_eapol = 1;
2241 if (wpa_driver_nl80211_set_auth_param(drv,
2242 IW_AUTH_RX_UNENCRYPTED_EAPOL,
2243 allow_unencrypted_eapol) < 0)
2245 if (params->freq && wpa_driver_nl80211_set_freq(drv, params->freq) < 0)
2247 if (wpa_driver_nl80211_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2249 if (params->bssid &&
2250 wpa_driver_nl80211_set_bssid(drv, params->bssid) < 0)
2255 #endif /* WEXT_COMPAT */
2258 static int wpa_driver_nl80211_authenticate(
2259 void *priv, struct wpa_driver_auth_params *params)
2261 struct wpa_driver_nl80211_data *drv = priv;
2264 enum nl80211_auth_type type;
2266 drv->associated = 0;
2268 msg = nlmsg_alloc();
2272 wpa_printf(MSG_DEBUG, "nl80211: Authenticate (ifindex=%d)",
2274 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2275 NL80211_CMD_AUTHENTICATE, 0);
2277 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2278 if (params->bssid) {
2279 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2280 MAC2STR(params->bssid));
2281 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
2284 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2285 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
2288 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2289 params->ssid, params->ssid_len);
2290 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
2293 wpa_hexdump(MSG_DEBUG, " * IEs", params->ie, params->ie_len);
2295 NLA_PUT(msg, NL80211_ATTR_IE, params->ie_len, params->ie);
2297 * TODO: if multiple auth_alg options enabled, try them one by one if
2298 * the AP rejects authentication due to unknown auth alg
2300 if (params->auth_alg & AUTH_ALG_OPEN_SYSTEM)
2301 type = NL80211_AUTHTYPE_OPEN_SYSTEM;
2302 else if (params->auth_alg & AUTH_ALG_SHARED_KEY)
2303 type = NL80211_AUTHTYPE_SHARED_KEY;
2304 else if (params->auth_alg & AUTH_ALG_LEAP)
2305 type = NL80211_AUTHTYPE_NETWORK_EAP;
2306 else if (params->auth_alg & AUTH_ALG_FT)
2307 type = NL80211_AUTHTYPE_FT;
2309 goto nla_put_failure;
2310 wpa_printf(MSG_DEBUG, " * Auth Type %d", type);
2311 NLA_PUT_U32(msg, NL80211_ATTR_AUTH_TYPE, type);
2313 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2316 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2317 "(%s)", ret, strerror(-ret));
2318 goto nla_put_failure;
2321 wpa_printf(MSG_DEBUG, "nl80211: Authentication request send "
2331 static int wpa_driver_nl80211_set_freq2(
2332 struct wpa_driver_nl80211_data *drv,
2333 struct wpa_driver_associate_params *params)
2337 msg = nlmsg_alloc();
2341 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2342 NL80211_CMD_SET_WIPHY, 0);
2344 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2346 /* TODO: proper channel configuration */
2347 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, 2437);
2349 if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0)
2356 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data *drv,
2357 struct wpa_driver_associate_params *params)
2359 if (wpa_driver_nl80211_set_mode(drv, params->mode) ||
2360 wpa_driver_nl80211_set_freq2(drv, params))
2363 /* TODO: setup monitor interface (and add code somewhere to remove this
2364 * when AP mode is stopped; associate with mode != 2 or drv_deinit) */
2365 /* TODO: setup beacon */
2369 #endif /* CONFIG_AP */
2372 static int wpa_driver_nl80211_associate(
2373 void *priv, struct wpa_driver_associate_params *params)
2375 struct wpa_driver_nl80211_data *drv = priv;
2380 if (params->mode == 2)
2381 return wpa_driver_nl80211_ap(drv, params);
2382 #endif /* CONFIG_AP */
2384 wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
2385 params->drop_unencrypted);
2388 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_SME))
2389 return wpa_driver_nl80211_associate_wext(drv, params);
2390 #endif /* WEXT_COMPAT */
2392 drv->associated = 0;
2394 msg = nlmsg_alloc();
2398 wpa_printf(MSG_DEBUG, "nl80211: Associate (ifindex=%d)",
2400 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0,
2401 NL80211_CMD_ASSOCIATE, 0);
2403 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2404 if (params->bssid) {
2405 wpa_printf(MSG_DEBUG, " * bssid=" MACSTR,
2406 MAC2STR(params->bssid));
2407 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, params->bssid);
2410 wpa_printf(MSG_DEBUG, " * freq=%d", params->freq);
2411 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, params->freq);
2414 wpa_hexdump_ascii(MSG_DEBUG, " * SSID",
2415 params->ssid, params->ssid_len);
2416 NLA_PUT(msg, NL80211_ATTR_SSID, params->ssid_len,
2418 if (params->ssid_len > sizeof(drv->ssid))
2419 goto nla_put_failure;
2420 os_memcpy(drv->ssid, params->ssid, params->ssid_len);
2421 drv->ssid_len = params->ssid_len;
2423 wpa_hexdump(MSG_DEBUG, " * IEs", params->wpa_ie, params->wpa_ie_len);
2425 NLA_PUT(msg, NL80211_ATTR_IE, params->wpa_ie_len,
2428 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2431 wpa_printf(MSG_DEBUG, "nl80211: MLME command failed: ret=%d "
2432 "(%s)", ret, strerror(-ret));
2433 goto nla_put_failure;
2436 wpa_printf(MSG_DEBUG, "nl80211: Association request send "
2446 * wpa_driver_nl80211_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE
2447 * @drv: Pointer to private driver data from wpa_driver_nl80211_init()
2448 * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS
2449 * Returns: 0 on success, -1 on failure
2451 static int wpa_driver_nl80211_set_mode(struct wpa_driver_nl80211_data *drv,
2454 int ret = -1, flags;
2460 nlmode = NL80211_IFTYPE_STATION;
2463 nlmode = NL80211_IFTYPE_ADHOC;
2466 nlmode = NL80211_IFTYPE_AP;
2472 msg = nlmsg_alloc();
2476 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2477 0, NL80211_CMD_SET_INTERFACE, 0);
2478 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2479 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, nlmode);
2481 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2488 wpa_printf(MSG_ERROR, "nl80211: Failed to set interface mode: %d (%s)",
2489 ret, strerror(-ret));
2493 /* mac80211 doesn't allow mode changes while the device is up, so
2494 * take the device down, try to set the mode again, and bring the
2497 if (wpa_driver_nl80211_get_ifflags(drv, &flags) == 0) {
2498 (void) wpa_driver_nl80211_set_ifflags(drv, flags & ~IFF_UP);
2500 /* Try to set the mode again while the interface is down */
2501 msg = nlmsg_alloc();
2505 genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0,
2506 0, NL80211_CMD_SET_INTERFACE, 0);
2507 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex);
2508 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, nlmode);
2509 ret = send_and_recv_msgs(drv, msg, NULL, NULL);
2511 wpa_printf(MSG_ERROR, "Failed to set interface %s "
2512 "mode(try_again): %d (%s)",
2513 drv->ifname, ret, strerror(-ret));
2516 /* Ignore return value of get_ifflags to ensure that the device
2517 * is always up like it was before this function was called.
2519 (void) wpa_driver_nl80211_get_ifflags(drv, &flags);
2520 (void) wpa_driver_nl80211_set_ifflags(drv, flags | IFF_UP);
2529 static int wpa_driver_nl80211_pmksa(struct wpa_driver_nl80211_data *drv,
2530 u32 cmd, const u8 *bssid, const u8 *pmkid)
2533 struct iw_pmksa pmksa;
2536 os_memset(&iwr, 0, sizeof(iwr));
2537 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2538 os_memset(&pmksa, 0, sizeof(pmksa));
2540 pmksa.bssid.sa_family = ARPHRD_ETHER;
2542 os_memcpy(pmksa.bssid.sa_data, bssid, ETH_ALEN);
2544 os_memcpy(pmksa.pmkid, pmkid, IW_PMKID_LEN);
2545 iwr.u.data.pointer = (caddr_t) &pmksa;
2546 iwr.u.data.length = sizeof(pmksa);
2548 if (ioctl(drv->ioctl_sock, SIOCSIWPMKSA, &iwr) < 0) {
2549 if (errno != EOPNOTSUPP)
2550 perror("ioctl[SIOCSIWPMKSA]");
2558 static int wpa_driver_nl80211_add_pmkid(void *priv, const u8 *bssid,
2561 struct wpa_driver_nl80211_data *drv = priv;
2562 return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_ADD, bssid, pmkid);
2566 static int wpa_driver_nl80211_remove_pmkid(void *priv, const u8 *bssid,
2569 struct wpa_driver_nl80211_data *drv = priv;
2570 return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_REMOVE, bssid, pmkid);
2574 static int wpa_driver_nl80211_flush_pmkid(void *priv)
2576 struct wpa_driver_nl80211_data *drv = priv;
2577 return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_FLUSH, NULL, NULL);
2580 #endif /* WEXT_COMPAT */
2583 static int wpa_driver_nl80211_get_capa(void *priv,
2584 struct wpa_driver_capa *capa)
2586 struct wpa_driver_nl80211_data *drv = priv;
2587 if (!drv->has_capability)
2589 os_memcpy(capa, &drv->capa, sizeof(*capa));
2594 static int wpa_driver_nl80211_set_operstate(void *priv, int state)
2596 struct wpa_driver_nl80211_data *drv = priv;
2598 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
2599 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
2600 drv->operstate = state;
2601 return wpa_driver_nl80211_send_oper_ifla(
2602 drv, -1, state ? IF_OPER_UP : IF_OPER_DORMANT);
2606 const struct wpa_driver_ops wpa_driver_nl80211_ops = {
2608 .desc = "Linux nl80211/cfg80211",
2609 .get_bssid = wpa_driver_nl80211_get_bssid,
2610 .get_ssid = wpa_driver_nl80211_get_ssid,
2611 .set_key = wpa_driver_nl80211_set_key,
2612 .scan2 = wpa_driver_nl80211_scan,
2613 .get_scan_results2 = wpa_driver_nl80211_get_scan_results,
2614 .deauthenticate = wpa_driver_nl80211_deauthenticate,
2615 .disassociate = wpa_driver_nl80211_disassociate,
2616 .authenticate = wpa_driver_nl80211_authenticate,
2617 .associate = wpa_driver_nl80211_associate,
2618 .init = wpa_driver_nl80211_init,
2619 .deinit = wpa_driver_nl80211_deinit,
2620 .get_capa = wpa_driver_nl80211_get_capa,
2621 .set_operstate = wpa_driver_nl80211_set_operstate,
2622 .set_country = wpa_driver_nl80211_set_country,
2624 .set_wpa = wpa_driver_nl80211_set_wpa,
2625 .set_countermeasures = wpa_driver_nl80211_set_countermeasures,
2626 .add_pmkid = wpa_driver_nl80211_add_pmkid,
2627 .remove_pmkid = wpa_driver_nl80211_remove_pmkid,
2628 .flush_pmkid = wpa_driver_nl80211_flush_pmkid,
2629 #endif /* WEXT_COMPAT */
projects / libeap.git / blob