2 * Driver interaction with generic Linux Wireless Extensions
3 * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements a driver interface for the Linux Wireless Extensions.
9 * When used with WE-18 or newer, this interface can be used as-is with number
10 * of drivers. In addition to this, some of the common functions in this file
11 * can be used by other driver interface implementations that use generic WE
12 * ioctls, but require private ioctls for some of the functionality.
16 #include <sys/ioctl.h>
17 #include <sys/types.h>
20 #include <net/if_arp.h>
22 #include "linux_wext.h"
25 #include "common/ieee802_11_defs.h"
26 #include "common/wpa_common.h"
27 #include "priv_netlink.h"
29 #include "linux_ioctl.h"
32 #include "driver_wext.h"
35 #include "android_drv.h"
38 static int wpa_driver_wext_flush_pmkid(void *priv);
39 static int wpa_driver_wext_get_range(void *priv);
40 static int wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv);
41 static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv);
42 static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg);
45 int wpa_driver_wext_set_auth_param(struct wpa_driver_wext_data *drv,
51 os_memset(&iwr, 0, sizeof(iwr));
52 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
53 iwr.u.param.flags = idx & IW_AUTH_INDEX;
54 iwr.u.param.value = value;
56 if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
57 if (errno != EOPNOTSUPP) {
58 wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
59 "value 0x%x) failed: %s)",
60 idx, value, strerror(errno));
62 ret = errno == EOPNOTSUPP ? -2 : -1;
70 * wpa_driver_wext_get_bssid - Get BSSID, SIOCGIWAP
71 * @priv: Pointer to private wext data from wpa_driver_wext_init()
72 * @bssid: Buffer for BSSID
73 * Returns: 0 on success, -1 on failure
75 int wpa_driver_wext_get_bssid(void *priv, u8 *bssid)
77 struct wpa_driver_wext_data *drv = priv;
81 os_memset(&iwr, 0, sizeof(iwr));
82 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
84 if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) {
85 perror("ioctl[SIOCGIWAP]");
88 os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN);
95 * wpa_driver_wext_set_bssid - Set BSSID, SIOCSIWAP
96 * @priv: Pointer to private wext data from wpa_driver_wext_init()
98 * Returns: 0 on success, -1 on failure
100 int wpa_driver_wext_set_bssid(void *priv, const u8 *bssid)
102 struct wpa_driver_wext_data *drv = priv;
106 os_memset(&iwr, 0, sizeof(iwr));
107 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
108 iwr.u.ap_addr.sa_family = ARPHRD_ETHER;
110 os_memcpy(iwr.u.ap_addr.sa_data, bssid, ETH_ALEN);
112 os_memset(iwr.u.ap_addr.sa_data, 0, ETH_ALEN);
114 if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr) < 0) {
115 perror("ioctl[SIOCSIWAP]");
124 * wpa_driver_wext_get_ssid - Get SSID, SIOCGIWESSID
125 * @priv: Pointer to private wext data from wpa_driver_wext_init()
126 * @ssid: Buffer for the SSID; must be at least 32 bytes long
127 * Returns: SSID length on success, -1 on failure
129 int wpa_driver_wext_get_ssid(void *priv, u8 *ssid)
131 struct wpa_driver_wext_data *drv = priv;
135 os_memset(&iwr, 0, sizeof(iwr));
136 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
137 iwr.u.essid.pointer = (caddr_t) ssid;
138 iwr.u.essid.length = 32;
140 if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
141 perror("ioctl[SIOCGIWESSID]");
144 ret = iwr.u.essid.length;
147 /* Some drivers include nul termination in the SSID, so let's
148 * remove it here before further processing. WE-21 changes this
149 * to explicitly require the length _not_ to include nul
151 if (ret > 0 && ssid[ret - 1] == '\0' &&
152 drv->we_version_compiled < 21)
161 * wpa_driver_wext_set_ssid - Set SSID, SIOCSIWESSID
162 * @priv: Pointer to private wext data from wpa_driver_wext_init()
164 * @ssid_len: Length of SSID (0..32)
165 * Returns: 0 on success, -1 on failure
167 int wpa_driver_wext_set_ssid(void *priv, const u8 *ssid, size_t ssid_len)
169 struct wpa_driver_wext_data *drv = priv;
177 os_memset(&iwr, 0, sizeof(iwr));
178 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
179 /* flags: 1 = ESSID is active, 0 = not (promiscuous) */
180 iwr.u.essid.flags = (ssid_len != 0);
181 os_memset(buf, 0, sizeof(buf));
182 os_memcpy(buf, ssid, ssid_len);
183 iwr.u.essid.pointer = (caddr_t) buf;
184 if (drv->we_version_compiled < 21) {
185 /* For historic reasons, set SSID length to include one extra
186 * character, C string nul termination, even though SSID is
187 * really an octet string that should not be presented as a C
188 * string. Some Linux drivers decrement the length by one and
189 * can thus end up missing the last octet of the SSID if the
190 * length is not incremented here. WE-21 changes this to
191 * explicitly require the length _not_ to include nul
196 iwr.u.essid.length = ssid_len;
198 if (ioctl(drv->ioctl_sock, SIOCSIWESSID, &iwr) < 0) {
199 perror("ioctl[SIOCSIWESSID]");
208 * wpa_driver_wext_set_freq - Set frequency/channel, SIOCSIWFREQ
209 * @priv: Pointer to private wext data from wpa_driver_wext_init()
210 * @freq: Frequency in MHz
211 * Returns: 0 on success, -1 on failure
213 int wpa_driver_wext_set_freq(void *priv, int freq)
215 struct wpa_driver_wext_data *drv = priv;
219 os_memset(&iwr, 0, sizeof(iwr));
220 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
221 iwr.u.freq.m = freq * 100000;
224 if (ioctl(drv->ioctl_sock, SIOCSIWFREQ, &iwr) < 0) {
225 perror("ioctl[SIOCSIWFREQ]");
234 wpa_driver_wext_event_wireless_custom(void *ctx, char *custom)
236 union wpa_event_data data;
238 wpa_printf(MSG_MSGDUMP, "WEXT: Custom wireless event: '%s'",
241 os_memset(&data, 0, sizeof(data));
243 if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
244 data.michael_mic_failure.unicast =
245 os_strstr(custom, " unicast ") != NULL;
246 /* TODO: parse parameters(?) */
247 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
248 } else if (os_strncmp(custom, "ASSOCINFO(ReqIEs=", 17) == 0) {
251 u8 *req_ies = NULL, *resp_ies = NULL;
255 bytes = strspn(spos, "0123456789abcdefABCDEF");
256 if (!bytes || (bytes & 1))
260 req_ies = os_malloc(bytes);
261 if (req_ies == NULL ||
262 hexstr2bin(spos, req_ies, bytes) < 0)
264 data.assoc_info.req_ies = req_ies;
265 data.assoc_info.req_ies_len = bytes;
269 data.assoc_info.resp_ies = NULL;
270 data.assoc_info.resp_ies_len = 0;
272 if (os_strncmp(spos, " RespIEs=", 9) == 0) {
275 bytes = strspn(spos, "0123456789abcdefABCDEF");
276 if (!bytes || (bytes & 1))
280 resp_ies = os_malloc(bytes);
281 if (resp_ies == NULL ||
282 hexstr2bin(spos, resp_ies, bytes) < 0)
284 data.assoc_info.resp_ies = resp_ies;
285 data.assoc_info.resp_ies_len = bytes;
288 wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
293 #ifdef CONFIG_PEERKEY
294 } else if (os_strncmp(custom, "STKSTART.request=", 17) == 0) {
295 if (hwaddr_aton(custom + 17, data.stkstart.peer)) {
296 wpa_printf(MSG_DEBUG, "WEXT: unrecognized "
297 "STKSTART.request '%s'", custom + 17);
300 wpa_supplicant_event(ctx, EVENT_STKSTART, &data);
301 #endif /* CONFIG_PEERKEY */
303 } else if (os_strncmp(custom, "STOP", 4) == 0) {
304 wpa_msg(ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "STOPPED");
305 } else if (os_strncmp(custom, "START", 5) == 0) {
306 wpa_msg(ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "STARTED");
307 } else if (os_strncmp(custom, "HANG", 4) == 0) {
308 wpa_msg(ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
314 static int wpa_driver_wext_event_wireless_michaelmicfailure(
315 void *ctx, const char *ev, size_t len)
317 const struct iw_michaelmicfailure *mic;
318 union wpa_event_data data;
320 if (len < sizeof(*mic))
323 mic = (const struct iw_michaelmicfailure *) ev;
325 wpa_printf(MSG_DEBUG, "Michael MIC failure wireless event: "
326 "flags=0x%x src_addr=" MACSTR, mic->flags,
327 MAC2STR(mic->src_addr.sa_data));
329 os_memset(&data, 0, sizeof(data));
330 data.michael_mic_failure.unicast = !(mic->flags & IW_MICFAILURE_GROUP);
331 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
337 static int wpa_driver_wext_event_wireless_pmkidcand(
338 struct wpa_driver_wext_data *drv, const char *ev, size_t len)
340 const struct iw_pmkid_cand *cand;
341 union wpa_event_data data;
344 if (len < sizeof(*cand))
347 cand = (const struct iw_pmkid_cand *) ev;
348 addr = (const u8 *) cand->bssid.sa_data;
350 wpa_printf(MSG_DEBUG, "PMKID candidate wireless event: "
351 "flags=0x%x index=%d bssid=" MACSTR, cand->flags,
352 cand->index, MAC2STR(addr));
354 os_memset(&data, 0, sizeof(data));
355 os_memcpy(data.pmkid_candidate.bssid, addr, ETH_ALEN);
356 data.pmkid_candidate.index = cand->index;
357 data.pmkid_candidate.preauth = cand->flags & IW_PMKID_CAND_PREAUTH;
358 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
364 static int wpa_driver_wext_event_wireless_assocreqie(
365 struct wpa_driver_wext_data *drv, const char *ev, int len)
370 wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
372 os_free(drv->assoc_req_ies);
373 drv->assoc_req_ies = os_malloc(len);
374 if (drv->assoc_req_ies == NULL) {
375 drv->assoc_req_ies_len = 0;
378 os_memcpy(drv->assoc_req_ies, ev, len);
379 drv->assoc_req_ies_len = len;
385 static int wpa_driver_wext_event_wireless_assocrespie(
386 struct wpa_driver_wext_data *drv, const char *ev, int len)
391 wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
393 os_free(drv->assoc_resp_ies);
394 drv->assoc_resp_ies = os_malloc(len);
395 if (drv->assoc_resp_ies == NULL) {
396 drv->assoc_resp_ies_len = 0;
399 os_memcpy(drv->assoc_resp_ies, ev, len);
400 drv->assoc_resp_ies_len = len;
406 static void wpa_driver_wext_event_assoc_ies(struct wpa_driver_wext_data *drv)
408 union wpa_event_data data;
410 if (drv->assoc_req_ies == NULL && drv->assoc_resp_ies == NULL)
413 os_memset(&data, 0, sizeof(data));
414 if (drv->assoc_req_ies) {
415 data.assoc_info.req_ies = drv->assoc_req_ies;
416 data.assoc_info.req_ies_len = drv->assoc_req_ies_len;
418 if (drv->assoc_resp_ies) {
419 data.assoc_info.resp_ies = drv->assoc_resp_ies;
420 data.assoc_info.resp_ies_len = drv->assoc_resp_ies_len;
423 wpa_supplicant_event(drv->ctx, EVENT_ASSOCINFO, &data);
425 os_free(drv->assoc_req_ies);
426 drv->assoc_req_ies = NULL;
427 os_free(drv->assoc_resp_ies);
428 drv->assoc_resp_ies = NULL;
432 static void wpa_driver_wext_event_wireless(struct wpa_driver_wext_data *drv,
435 struct iw_event iwe_buf, *iwe = &iwe_buf;
436 char *pos, *end, *custom, *buf;
441 while (pos + IW_EV_LCP_LEN <= end) {
442 /* Event data may be unaligned, so make a local, aligned copy
443 * before processing. */
444 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
445 wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d",
447 if (iwe->len <= IW_EV_LCP_LEN)
450 custom = pos + IW_EV_POINT_LEN;
451 if (drv->we_version_compiled > 18 &&
452 (iwe->cmd == IWEVMICHAELMICFAILURE ||
453 iwe->cmd == IWEVCUSTOM ||
454 iwe->cmd == IWEVASSOCREQIE ||
455 iwe->cmd == IWEVASSOCRESPIE ||
456 iwe->cmd == IWEVPMKIDCAND)) {
457 /* WE-19 removed the pointer from struct iw_point */
458 char *dpos = (char *) &iwe_buf.u.data.length;
459 int dlen = dpos - (char *) &iwe_buf;
460 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
461 sizeof(struct iw_event) - dlen);
463 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
464 custom += IW_EV_POINT_OFF;
469 wpa_printf(MSG_DEBUG, "Wireless event: new AP: "
471 MAC2STR((u8 *) iwe->u.ap_addr.sa_data));
472 if (is_zero_ether_addr(
473 (const u8 *) iwe->u.ap_addr.sa_data) ||
474 os_memcmp(iwe->u.ap_addr.sa_data,
475 "\x44\x44\x44\x44\x44\x44", ETH_ALEN) ==
477 os_free(drv->assoc_req_ies);
478 drv->assoc_req_ies = NULL;
479 os_free(drv->assoc_resp_ies);
480 drv->assoc_resp_ies = NULL;
481 wpa_supplicant_event(drv->ctx, EVENT_DISASSOC,
485 wpa_driver_wext_event_assoc_ies(drv);
486 wpa_supplicant_event(drv->ctx, EVENT_ASSOC,
490 case IWEVMICHAELMICFAILURE:
491 if (custom + iwe->u.data.length > end) {
492 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
493 "IWEVMICHAELMICFAILURE length");
496 wpa_driver_wext_event_wireless_michaelmicfailure(
497 drv->ctx, custom, iwe->u.data.length);
500 if (custom + iwe->u.data.length > end) {
501 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
502 "IWEVCUSTOM length");
505 buf = dup_binstr(custom, iwe->u.data.length);
508 wpa_driver_wext_event_wireless_custom(drv->ctx, buf);
512 drv->scan_complete_events = 1;
513 eloop_cancel_timeout(wpa_driver_wext_scan_timeout,
515 wpa_supplicant_event(drv->ctx, EVENT_SCAN_RESULTS,
519 if (custom + iwe->u.data.length > end) {
520 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
521 "IWEVASSOCREQIE length");
524 wpa_driver_wext_event_wireless_assocreqie(
525 drv, custom, iwe->u.data.length);
527 case IWEVASSOCRESPIE:
528 if (custom + iwe->u.data.length > end) {
529 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
530 "IWEVASSOCRESPIE length");
533 wpa_driver_wext_event_wireless_assocrespie(
534 drv, custom, iwe->u.data.length);
537 if (custom + iwe->u.data.length > end) {
538 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
539 "IWEVPMKIDCAND length");
542 wpa_driver_wext_event_wireless_pmkidcand(
543 drv, custom, iwe->u.data.length);
552 static void wpa_driver_wext_event_link(struct wpa_driver_wext_data *drv,
553 char *buf, size_t len, int del)
555 union wpa_event_data event;
557 os_memset(&event, 0, sizeof(event));
558 if (len > sizeof(event.interface_status.ifname))
559 len = sizeof(event.interface_status.ifname) - 1;
560 os_memcpy(event.interface_status.ifname, buf, len);
561 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
562 EVENT_INTERFACE_ADDED;
564 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
566 event.interface_status.ifname,
567 del ? "removed" : "added");
569 if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) {
571 if (drv->if_removed) {
572 wpa_printf(MSG_DEBUG, "WEXT: if_removed "
573 "already set - ignore event");
578 if (if_nametoindex(drv->ifname) == 0) {
579 wpa_printf(MSG_DEBUG, "WEXT: Interface %s "
580 "does not exist - ignore "
585 if (!drv->if_removed) {
586 wpa_printf(MSG_DEBUG, "WEXT: if_removed "
587 "already cleared - ignore event");
594 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_STATUS, &event);
598 static int wpa_driver_wext_own_ifname(struct wpa_driver_wext_data *drv,
601 int attrlen, rta_len;
605 attr = (struct rtattr *) buf;
607 rta_len = RTA_ALIGN(sizeof(struct rtattr));
608 while (RTA_OK(attr, attrlen)) {
609 if (attr->rta_type == IFLA_IFNAME) {
610 if (os_strcmp(((char *) attr) + rta_len, drv->ifname)
616 attr = RTA_NEXT(attr, attrlen);
623 static int wpa_driver_wext_own_ifindex(struct wpa_driver_wext_data *drv,
624 int ifindex, u8 *buf, size_t len)
626 if (drv->ifindex == ifindex || drv->ifindex2 == ifindex)
629 if (drv->if_removed && wpa_driver_wext_own_ifname(drv, buf, len)) {
630 drv->ifindex = if_nametoindex(drv->ifname);
631 wpa_printf(MSG_DEBUG, "WEXT: Update ifindex for a removed "
633 wpa_driver_wext_finish_drv_init(drv);
641 static void wpa_driver_wext_event_rtm_newlink(void *ctx, struct ifinfomsg *ifi,
644 struct wpa_driver_wext_data *drv = ctx;
645 int attrlen, rta_len;
647 char namebuf[IFNAMSIZ];
649 if (!wpa_driver_wext_own_ifindex(drv, ifi->ifi_index, buf, len)) {
650 wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
655 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
657 drv->operstate, ifi->ifi_flags,
658 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
659 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
660 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
661 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
663 if (!drv->if_disabled && !(ifi->ifi_flags & IFF_UP)) {
664 wpa_printf(MSG_DEBUG, "WEXT: Interface down");
665 drv->if_disabled = 1;
666 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_DISABLED, NULL);
669 if (drv->if_disabled && (ifi->ifi_flags & IFF_UP)) {
670 if (if_indextoname(ifi->ifi_index, namebuf) &&
671 linux_iface_up(drv->ioctl_sock, drv->ifname) == 0) {
672 wpa_printf(MSG_DEBUG, "WEXT: Ignore interface up "
673 "event since interface %s is down",
675 } else if (if_nametoindex(drv->ifname) == 0) {
676 wpa_printf(MSG_DEBUG, "WEXT: Ignore interface up "
677 "event since interface %s does not exist",
679 } else if (drv->if_removed) {
680 wpa_printf(MSG_DEBUG, "WEXT: Ignore interface up "
681 "event since interface %s is marked "
682 "removed", drv->ifname);
684 wpa_printf(MSG_DEBUG, "WEXT: Interface up");
685 drv->if_disabled = 0;
686 wpa_supplicant_event(drv->ctx, EVENT_INTERFACE_ENABLED,
692 * Some drivers send the association event before the operup event--in
693 * this case, lifting operstate in wpa_driver_wext_set_operstate()
694 * fails. This will hit us when wpa_supplicant does not need to do
695 * IEEE 802.1X authentication
697 if (drv->operstate == 1 &&
698 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
699 !(ifi->ifi_flags & IFF_RUNNING))
700 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
704 attr = (struct rtattr *) buf;
706 rta_len = RTA_ALIGN(sizeof(struct rtattr));
707 while (RTA_OK(attr, attrlen)) {
708 if (attr->rta_type == IFLA_WIRELESS) {
709 wpa_driver_wext_event_wireless(
710 drv, ((char *) attr) + rta_len,
711 attr->rta_len - rta_len);
712 } else if (attr->rta_type == IFLA_IFNAME) {
713 wpa_driver_wext_event_link(drv,
714 ((char *) attr) + rta_len,
715 attr->rta_len - rta_len, 0);
717 attr = RTA_NEXT(attr, attrlen);
722 static void wpa_driver_wext_event_rtm_dellink(void *ctx, struct ifinfomsg *ifi,
725 struct wpa_driver_wext_data *drv = ctx;
726 int attrlen, rta_len;
730 attr = (struct rtattr *) buf;
732 rta_len = RTA_ALIGN(sizeof(struct rtattr));
733 while (RTA_OK(attr, attrlen)) {
734 if (attr->rta_type == IFLA_IFNAME) {
735 wpa_driver_wext_event_link(drv,
736 ((char *) attr) + rta_len,
737 attr->rta_len - rta_len, 1);
739 attr = RTA_NEXT(attr, attrlen);
744 static void wpa_driver_wext_rfkill_blocked(void *ctx)
746 wpa_printf(MSG_DEBUG, "WEXT: RFKILL blocked");
748 * This may be for any interface; use ifdown event to disable
754 static void wpa_driver_wext_rfkill_unblocked(void *ctx)
756 struct wpa_driver_wext_data *drv = ctx;
757 wpa_printf(MSG_DEBUG, "WEXT: RFKILL unblocked");
758 if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1)) {
759 wpa_printf(MSG_DEBUG, "WEXT: Could not set interface UP "
760 "after rfkill unblock");
763 /* rtnetlink ifup handler will report interface as enabled */
767 static void wext_get_phy_name(struct wpa_driver_wext_data *drv)
769 /* Find phy (radio) to which this interface belongs */
773 drv->phyname[0] = '\0';
774 snprintf(buf, sizeof(buf) - 1, "/sys/class/net/%s/phy80211/name",
776 f = open(buf, O_RDONLY);
778 wpa_printf(MSG_DEBUG, "Could not open file %s: %s",
779 buf, strerror(errno));
783 rv = read(f, drv->phyname, sizeof(drv->phyname) - 1);
786 wpa_printf(MSG_DEBUG, "Could not read file %s: %s",
787 buf, strerror(errno));
791 drv->phyname[rv] = '\0';
792 pos = os_strchr(drv->phyname, '\n');
795 wpa_printf(MSG_DEBUG, "wext: interface %s phy: %s",
796 drv->ifname, drv->phyname);
801 * wpa_driver_wext_init - Initialize WE driver interface
802 * @ctx: context to be used when calling wpa_supplicant functions,
803 * e.g., wpa_supplicant_event()
804 * @ifname: interface name, e.g., wlan0
805 * Returns: Pointer to private data, %NULL on failure
807 void * wpa_driver_wext_init(void *ctx, const char *ifname)
809 struct wpa_driver_wext_data *drv;
810 struct netlink_config *cfg;
811 struct rfkill_config *rcfg;
815 drv = os_zalloc(sizeof(*drv));
819 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
821 os_snprintf(path, sizeof(path), "/sys/class/net/%s/phy80211", ifname);
822 if (stat(path, &buf) == 0) {
823 wpa_printf(MSG_DEBUG, "WEXT: cfg80211-based driver detected");
825 wext_get_phy_name(drv);
828 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
829 if (drv->ioctl_sock < 0) {
830 perror("socket(PF_INET,SOCK_DGRAM)");
834 cfg = os_zalloc(sizeof(*cfg));
838 cfg->newlink_cb = wpa_driver_wext_event_rtm_newlink;
839 cfg->dellink_cb = wpa_driver_wext_event_rtm_dellink;
840 drv->netlink = netlink_init(cfg);
841 if (drv->netlink == NULL) {
846 rcfg = os_zalloc(sizeof(*rcfg));
850 os_strlcpy(rcfg->ifname, ifname, sizeof(rcfg->ifname));
851 rcfg->blocked_cb = wpa_driver_wext_rfkill_blocked;
852 rcfg->unblocked_cb = wpa_driver_wext_rfkill_unblocked;
853 drv->rfkill = rfkill_init(rcfg);
854 if (drv->rfkill == NULL) {
855 wpa_printf(MSG_DEBUG, "WEXT: RFKILL status not available");
863 drv->driver_is_started = TRUE;
864 drv->bgscan_enabled = 0;
867 if (wpa_driver_wext_finish_drv_init(drv) < 0)
870 wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED, 1);
875 rfkill_deinit(drv->rfkill);
876 netlink_deinit(drv->netlink);
878 close(drv->ioctl_sock);
885 static void wpa_driver_wext_send_rfkill(void *eloop_ctx, void *timeout_ctx)
887 wpa_supplicant_event(timeout_ctx, EVENT_INTERFACE_DISABLED, NULL);
891 static int wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv)
893 int send_rfkill_event = 0;
895 if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1) < 0) {
896 if (rfkill_is_blocked(drv->rfkill)) {
897 wpa_printf(MSG_DEBUG, "WEXT: Could not yet enable "
898 "interface '%s' due to rfkill",
900 drv->if_disabled = 1;
901 send_rfkill_event = 1;
903 wpa_printf(MSG_ERROR, "WEXT: Could not set "
904 "interface '%s' UP", drv->ifname);
910 * Make sure that the driver does not have any obsolete PMKID entries.
912 wpa_driver_wext_flush_pmkid(drv);
914 if (wpa_driver_wext_set_mode(drv, 0) < 0) {
915 wpa_printf(MSG_DEBUG, "Could not configure driver to use "
917 /* Try to use it anyway */
920 wpa_driver_wext_get_range(drv);
923 * Unlock the driver's BSSID and force to a random SSID to clear any
924 * previous association the driver might have when the supplicant
927 wpa_driver_wext_disconnect(drv);
929 drv->ifindex = if_nametoindex(drv->ifname);
931 if (os_strncmp(drv->ifname, "wlan", 4) == 0) {
933 * Host AP driver may use both wlan# and wifi# interface in
934 * wireless events. Since some of the versions included WE-18
935 * support, let's add the alternative ifindex also from
936 * driver_wext.c for the time being. This may be removed at
937 * some point once it is believed that old versions of the
938 * driver are not in use anymore.
940 char ifname2[IFNAMSIZ + 1];
941 os_strlcpy(ifname2, drv->ifname, sizeof(ifname2));
942 os_memcpy(ifname2, "wifi", 4);
943 wpa_driver_wext_alternative_ifindex(drv, ifname2);
946 netlink_send_oper_ifla(drv->netlink, drv->ifindex,
949 if (send_rfkill_event) {
950 eloop_register_timeout(0, 0, wpa_driver_wext_send_rfkill,
959 * wpa_driver_wext_deinit - Deinitialize WE driver interface
960 * @priv: Pointer to private wext data from wpa_driver_wext_init()
962 * Shut down driver interface and processing of driver events. Free
963 * private data buffer if one was allocated in wpa_driver_wext_init().
965 void wpa_driver_wext_deinit(void *priv)
967 struct wpa_driver_wext_data *drv = priv;
969 wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED, 0);
971 eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
974 * Clear possibly configured driver parameters in order to make it
975 * easier to use the driver after wpa_supplicant has been terminated.
977 wpa_driver_wext_disconnect(drv);
979 netlink_send_oper_ifla(drv->netlink, drv->ifindex, 0, IF_OPER_UP);
980 netlink_deinit(drv->netlink);
981 rfkill_deinit(drv->rfkill);
983 if (drv->mlme_sock >= 0)
984 eloop_unregister_read_sock(drv->mlme_sock);
986 (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0);
988 close(drv->ioctl_sock);
989 if (drv->mlme_sock >= 0)
990 close(drv->mlme_sock);
991 os_free(drv->assoc_req_ies);
992 os_free(drv->assoc_resp_ies);
998 * wpa_driver_wext_scan_timeout - Scan timeout to report scan completion
1000 * @timeout_ctx: ctx argument given to wpa_driver_wext_init()
1002 * This function can be used as registered timeout when starting a scan to
1003 * generate a scan completed event if the driver does not report this.
1005 void wpa_driver_wext_scan_timeout(void *eloop_ctx, void *timeout_ctx)
1007 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
1008 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
1013 * wpa_driver_wext_scan - Request the driver to initiate scan
1014 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1015 * @param: Scan parameters (specific SSID to scan for (ProbeReq), etc.)
1016 * Returns: 0 on success, -1 on failure
1018 int wpa_driver_wext_scan(void *priv, struct wpa_driver_scan_params *params)
1020 struct wpa_driver_wext_data *drv = priv;
1022 int ret = 0, timeout;
1023 struct iw_scan_req req;
1024 const u8 *ssid = params->ssids[0].ssid;
1025 size_t ssid_len = params->ssids[0].ssid_len;
1027 if (ssid_len > IW_ESSID_MAX_SIZE) {
1028 wpa_printf(MSG_DEBUG, "%s: too long SSID (%lu)",
1029 __FUNCTION__, (unsigned long) ssid_len);
1033 os_memset(&iwr, 0, sizeof(iwr));
1034 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1036 if (ssid && ssid_len) {
1037 os_memset(&req, 0, sizeof(req));
1038 req.essid_len = ssid_len;
1039 req.bssid.sa_family = ARPHRD_ETHER;
1040 os_memset(req.bssid.sa_data, 0xff, ETH_ALEN);
1041 os_memcpy(req.essid, ssid, ssid_len);
1042 iwr.u.data.pointer = (caddr_t) &req;
1043 iwr.u.data.length = sizeof(req);
1044 iwr.u.data.flags = IW_SCAN_THIS_ESSID;
1047 if (ioctl(drv->ioctl_sock, SIOCSIWSCAN, &iwr) < 0) {
1048 perror("ioctl[SIOCSIWSCAN]");
1052 /* Not all drivers generate "scan completed" wireless event, so try to
1053 * read results after a timeout. */
1055 if (drv->scan_complete_events) {
1057 * The driver seems to deliver SIOCGIWSCAN events to notify
1058 * when scan is complete, so use longer timeout to avoid race
1059 * conditions with scanning and following association request.
1063 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
1064 "seconds", ret, timeout);
1065 eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
1066 eloop_register_timeout(timeout, 0, wpa_driver_wext_scan_timeout, drv,
1073 static u8 * wpa_driver_wext_giwscan(struct wpa_driver_wext_data *drv,
1080 res_buf_len = IW_SCAN_MAX_DATA;
1082 res_buf = os_malloc(res_buf_len);
1083 if (res_buf == NULL)
1085 os_memset(&iwr, 0, sizeof(iwr));
1086 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1087 iwr.u.data.pointer = res_buf;
1088 iwr.u.data.length = res_buf_len;
1090 if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0)
1093 if (errno == E2BIG && res_buf_len < 65535) {
1097 if (res_buf_len > 65535)
1098 res_buf_len = 65535; /* 16-bit length field */
1099 wpa_printf(MSG_DEBUG, "Scan results did not fit - "
1100 "trying larger buffer (%lu bytes)",
1101 (unsigned long) res_buf_len);
1103 perror("ioctl[SIOCGIWSCAN]");
1109 if (iwr.u.data.length > res_buf_len) {
1113 *len = iwr.u.data.length;
1120 * Data structure for collecting WEXT scan results. This is needed to allow
1121 * the various methods of reporting IEs to be combined into a single IE buffer.
1123 struct wext_scan_data {
1124 struct wpa_scan_res res;
1133 static void wext_get_scan_mode(struct iw_event *iwe,
1134 struct wext_scan_data *res)
1136 if (iwe->u.mode == IW_MODE_ADHOC)
1137 res->res.caps |= IEEE80211_CAP_IBSS;
1138 else if (iwe->u.mode == IW_MODE_MASTER || iwe->u.mode == IW_MODE_INFRA)
1139 res->res.caps |= IEEE80211_CAP_ESS;
1143 static void wext_get_scan_ssid(struct iw_event *iwe,
1144 struct wext_scan_data *res, char *custom,
1147 int ssid_len = iwe->u.essid.length;
1148 if (custom + ssid_len > end)
1150 if (iwe->u.essid.flags &&
1152 ssid_len <= IW_ESSID_MAX_SIZE) {
1153 os_memcpy(res->ssid, custom, ssid_len);
1154 res->ssid_len = ssid_len;
1159 static void wext_get_scan_freq(struct iw_event *iwe,
1160 struct wext_scan_data *res)
1162 int divi = 1000000, i;
1164 if (iwe->u.freq.e == 0) {
1166 * Some drivers do not report frequency, but a channel.
1167 * Try to map this to frequency by assuming they are using
1168 * IEEE 802.11b/g. But don't overwrite a previously parsed
1169 * frequency if the driver sends both frequency and channel,
1170 * since the driver may be sending an A-band channel that we
1171 * don't handle here.
1177 if (iwe->u.freq.m >= 1 && iwe->u.freq.m <= 13) {
1178 res->res.freq = 2407 + 5 * iwe->u.freq.m;
1180 } else if (iwe->u.freq.m == 14) {
1181 res->res.freq = 2484;
1186 if (iwe->u.freq.e > 6) {
1187 wpa_printf(MSG_DEBUG, "Invalid freq in scan results (BSSID="
1188 MACSTR " m=%d e=%d)",
1189 MAC2STR(res->res.bssid), iwe->u.freq.m,
1194 for (i = 0; i < iwe->u.freq.e; i++)
1196 res->res.freq = iwe->u.freq.m / divi;
1200 static void wext_get_scan_qual(struct wpa_driver_wext_data *drv,
1201 struct iw_event *iwe,
1202 struct wext_scan_data *res)
1204 res->res.qual = iwe->u.qual.qual;
1205 res->res.noise = iwe->u.qual.noise;
1206 res->res.level = iwe->u.qual.level;
1207 if (iwe->u.qual.updated & IW_QUAL_QUAL_INVALID)
1208 res->res.flags |= WPA_SCAN_QUAL_INVALID;
1209 if (iwe->u.qual.updated & IW_QUAL_LEVEL_INVALID)
1210 res->res.flags |= WPA_SCAN_LEVEL_INVALID;
1211 if (iwe->u.qual.updated & IW_QUAL_NOISE_INVALID)
1212 res->res.flags |= WPA_SCAN_NOISE_INVALID;
1213 if (iwe->u.qual.updated & IW_QUAL_DBM)
1214 res->res.flags |= WPA_SCAN_LEVEL_DBM;
1215 if ((iwe->u.qual.updated & IW_QUAL_DBM) ||
1216 ((iwe->u.qual.level != 0) &&
1217 (iwe->u.qual.level > drv->max_level))) {
1218 if (iwe->u.qual.level >= 64)
1219 res->res.level -= 0x100;
1220 if (iwe->u.qual.noise >= 64)
1221 res->res.noise -= 0x100;
1226 static void wext_get_scan_encode(struct iw_event *iwe,
1227 struct wext_scan_data *res)
1229 if (!(iwe->u.data.flags & IW_ENCODE_DISABLED))
1230 res->res.caps |= IEEE80211_CAP_PRIVACY;
1234 static void wext_get_scan_rate(struct iw_event *iwe,
1235 struct wext_scan_data *res, char *pos,
1239 char *custom = pos + IW_EV_LCP_LEN;
1244 if (custom + clen > end)
1247 while (((ssize_t) clen) >= (ssize_t) sizeof(struct iw_param)) {
1248 /* Note: may be misaligned, make a local, aligned copy */
1249 os_memcpy(&p, custom, sizeof(struct iw_param));
1250 if (p.value > maxrate)
1252 clen -= sizeof(struct iw_param);
1253 custom += sizeof(struct iw_param);
1256 /* Convert the maxrate from WE-style (b/s units) to
1257 * 802.11 rates (500000 b/s units).
1259 res->maxrate = maxrate / 500000;
1263 static void wext_get_scan_iwevgenie(struct iw_event *iwe,
1264 struct wext_scan_data *res, char *custom,
1267 char *genie, *gpos, *gend;
1270 if (iwe->u.data.length == 0)
1273 gpos = genie = custom;
1274 gend = genie + iwe->u.data.length;
1276 wpa_printf(MSG_INFO, "IWEVGENIE overflow");
1280 tmp = os_realloc(res->ie, res->ie_len + gend - gpos);
1283 os_memcpy(tmp + res->ie_len, gpos, gend - gpos);
1285 res->ie_len += gend - gpos;
1289 static void wext_get_scan_custom(struct iw_event *iwe,
1290 struct wext_scan_data *res, char *custom,
1296 clen = iwe->u.data.length;
1297 if (custom + clen > end)
1300 if (clen > 7 && os_strncmp(custom, "wpa_ie=", 7) == 0) {
1304 bytes = custom + clen - spos;
1305 if (bytes & 1 || bytes == 0)
1308 tmp = os_realloc(res->ie, res->ie_len + bytes);
1312 if (hexstr2bin(spos, tmp + res->ie_len, bytes) < 0)
1314 res->ie_len += bytes;
1315 } else if (clen > 7 && os_strncmp(custom, "rsn_ie=", 7) == 0) {
1319 bytes = custom + clen - spos;
1320 if (bytes & 1 || bytes == 0)
1323 tmp = os_realloc(res->ie, res->ie_len + bytes);
1327 if (hexstr2bin(spos, tmp + res->ie_len, bytes) < 0)
1329 res->ie_len += bytes;
1330 } else if (clen > 4 && os_strncmp(custom, "tsf=", 4) == 0) {
1335 bytes = custom + clen - spos;
1337 wpa_printf(MSG_INFO, "Invalid TSF length (%d)", bytes);
1341 if (hexstr2bin(spos, bin, bytes) < 0) {
1342 wpa_printf(MSG_DEBUG, "WEXT: Invalid TSF value");
1345 res->res.tsf += WPA_GET_BE64(bin);
1350 static int wext_19_iw_point(struct wpa_driver_wext_data *drv, u16 cmd)
1352 return drv->we_version_compiled > 18 &&
1353 (cmd == SIOCGIWESSID || cmd == SIOCGIWENCODE ||
1354 cmd == IWEVGENIE || cmd == IWEVCUSTOM);
1358 static void wpa_driver_wext_add_scan_entry(struct wpa_scan_results *res,
1359 struct wext_scan_data *data)
1361 struct wpa_scan_res **tmp;
1362 struct wpa_scan_res *r;
1364 u8 *pos, *end, *ssid_ie = NULL, *rate_ie = NULL;
1366 /* Figure out whether we need to fake any IEs */
1368 end = pos + data->ie_len;
1369 while (pos && pos + 1 < end) {
1370 if (pos + 2 + pos[1] > end)
1372 if (pos[0] == WLAN_EID_SSID)
1374 else if (pos[0] == WLAN_EID_SUPP_RATES)
1376 else if (pos[0] == WLAN_EID_EXT_SUPP_RATES)
1382 if (ssid_ie == NULL)
1383 extra_len += 2 + data->ssid_len;
1384 if (rate_ie == NULL && data->maxrate)
1387 r = os_zalloc(sizeof(*r) + extra_len + data->ie_len);
1390 os_memcpy(r, &data->res, sizeof(*r));
1391 r->ie_len = extra_len + data->ie_len;
1392 pos = (u8 *) (r + 1);
1393 if (ssid_ie == NULL) {
1395 * Generate a fake SSID IE since the driver did not report
1398 *pos++ = WLAN_EID_SSID;
1399 *pos++ = data->ssid_len;
1400 os_memcpy(pos, data->ssid, data->ssid_len);
1401 pos += data->ssid_len;
1403 if (rate_ie == NULL && data->maxrate) {
1405 * Generate a fake Supported Rates IE since the driver did not
1406 * report a full IE list.
1408 *pos++ = WLAN_EID_SUPP_RATES;
1410 *pos++ = data->maxrate;
1413 os_memcpy(pos, data->ie, data->ie_len);
1415 tmp = os_realloc_array(res->res, res->num + 1,
1416 sizeof(struct wpa_scan_res *));
1421 tmp[res->num++] = r;
1427 * wpa_driver_wext_get_scan_results - Fetch the latest scan results
1428 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1429 * Returns: Scan results on success, -1 on failure
1431 struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv)
1433 struct wpa_driver_wext_data *drv = priv;
1437 struct iw_event iwe_buf, *iwe = &iwe_buf;
1438 char *pos, *end, *custom;
1439 struct wpa_scan_results *res;
1440 struct wext_scan_data data;
1442 res_buf = wpa_driver_wext_giwscan(drv, &len);
1443 if (res_buf == NULL)
1448 res = os_zalloc(sizeof(*res));
1454 pos = (char *) res_buf;
1455 end = (char *) res_buf + len;
1456 os_memset(&data, 0, sizeof(data));
1458 while (pos + IW_EV_LCP_LEN <= end) {
1459 /* Event data may be unaligned, so make a local, aligned copy
1460 * before processing. */
1461 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
1462 if (iwe->len <= IW_EV_LCP_LEN)
1465 custom = pos + IW_EV_POINT_LEN;
1466 if (wext_19_iw_point(drv, iwe->cmd)) {
1467 /* WE-19 removed the pointer from struct iw_point */
1468 char *dpos = (char *) &iwe_buf.u.data.length;
1469 int dlen = dpos - (char *) &iwe_buf;
1470 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
1471 sizeof(struct iw_event) - dlen);
1473 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
1474 custom += IW_EV_POINT_OFF;
1480 wpa_driver_wext_add_scan_entry(res, &data);
1483 os_memset(&data, 0, sizeof(data));
1484 os_memcpy(data.res.bssid,
1485 iwe->u.ap_addr.sa_data, ETH_ALEN);
1488 wext_get_scan_mode(iwe, &data);
1491 wext_get_scan_ssid(iwe, &data, custom, end);
1494 wext_get_scan_freq(iwe, &data);
1497 wext_get_scan_qual(drv, iwe, &data);
1500 wext_get_scan_encode(iwe, &data);
1503 wext_get_scan_rate(iwe, &data, pos, end);
1506 wext_get_scan_iwevgenie(iwe, &data, custom, end);
1509 wext_get_scan_custom(iwe, &data, custom, end);
1518 wpa_driver_wext_add_scan_entry(res, &data);
1521 wpa_printf(MSG_DEBUG, "Received %lu bytes of scan results (%lu BSSes)",
1522 (unsigned long) len, (unsigned long) res->num);
1528 static int wpa_driver_wext_get_range(void *priv)
1530 struct wpa_driver_wext_data *drv = priv;
1531 struct iw_range *range;
1537 * Use larger buffer than struct iw_range in order to allow the
1538 * structure to grow in the future.
1540 buflen = sizeof(struct iw_range) + 500;
1541 range = os_zalloc(buflen);
1545 os_memset(&iwr, 0, sizeof(iwr));
1546 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1547 iwr.u.data.pointer = (caddr_t) range;
1548 iwr.u.data.length = buflen;
1550 minlen = ((char *) &range->enc_capa) - (char *) range +
1551 sizeof(range->enc_capa);
1553 if (ioctl(drv->ioctl_sock, SIOCGIWRANGE, &iwr) < 0) {
1554 perror("ioctl[SIOCGIWRANGE]");
1557 } else if (iwr.u.data.length >= minlen &&
1558 range->we_version_compiled >= 18) {
1559 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: WE(compiled)=%d "
1560 "WE(source)=%d enc_capa=0x%x",
1561 range->we_version_compiled,
1562 range->we_version_source,
1564 drv->has_capability = 1;
1565 drv->we_version_compiled = range->we_version_compiled;
1566 if (range->enc_capa & IW_ENC_CAPA_WPA) {
1567 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1568 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK;
1570 if (range->enc_capa & IW_ENC_CAPA_WPA2) {
1571 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1572 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1574 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
1575 WPA_DRIVER_CAPA_ENC_WEP104;
1576 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP128;
1577 if (range->enc_capa & IW_ENC_CAPA_CIPHER_TKIP)
1578 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
1579 if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP)
1580 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
1581 if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE)
1582 drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE;
1583 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
1584 WPA_DRIVER_AUTH_SHARED |
1585 WPA_DRIVER_AUTH_LEAP;
1586 drv->capa.max_scan_ssids = 1;
1588 wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x "
1590 drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags);
1592 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: too old (short) data - "
1593 "assuming WPA is not supported");
1596 drv->max_level = range->max_qual.level;
1603 static int wpa_driver_wext_set_psk(struct wpa_driver_wext_data *drv,
1606 struct iw_encode_ext *ext;
1610 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1612 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1618 os_memset(&iwr, 0, sizeof(iwr));
1619 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1621 ext = os_zalloc(sizeof(*ext) + PMK_LEN);
1625 iwr.u.encoding.pointer = (caddr_t) ext;
1626 iwr.u.encoding.length = sizeof(*ext) + PMK_LEN;
1627 ext->key_len = PMK_LEN;
1628 os_memcpy(&ext->key, psk, ext->key_len);
1629 ext->alg = IW_ENCODE_ALG_PMK;
1631 ret = ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr);
1633 perror("ioctl[SIOCSIWENCODEEXT] PMK");
1640 static int wpa_driver_wext_set_key_ext(void *priv, enum wpa_alg alg,
1641 const u8 *addr, int key_idx,
1642 int set_tx, const u8 *seq,
1644 const u8 *key, size_t key_len)
1646 struct wpa_driver_wext_data *drv = priv;
1649 struct iw_encode_ext *ext;
1651 if (seq_len > IW_ENCODE_SEQ_MAX_SIZE) {
1652 wpa_printf(MSG_DEBUG, "%s: Invalid seq_len %lu",
1653 __FUNCTION__, (unsigned long) seq_len);
1657 ext = os_zalloc(sizeof(*ext) + key_len);
1660 os_memset(&iwr, 0, sizeof(iwr));
1661 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1662 iwr.u.encoding.flags = key_idx + 1;
1663 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1664 if (alg == WPA_ALG_NONE)
1665 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1666 iwr.u.encoding.pointer = (caddr_t) ext;
1667 iwr.u.encoding.length = sizeof(*ext) + key_len;
1669 if (addr == NULL || is_broadcast_ether_addr(addr))
1670 ext->ext_flags |= IW_ENCODE_EXT_GROUP_KEY;
1672 ext->ext_flags |= IW_ENCODE_EXT_SET_TX_KEY;
1674 ext->addr.sa_family = ARPHRD_ETHER;
1676 os_memcpy(ext->addr.sa_data, addr, ETH_ALEN);
1678 os_memset(ext->addr.sa_data, 0xff, ETH_ALEN);
1679 if (key && key_len) {
1680 os_memcpy(ext + 1, key, key_len);
1681 ext->key_len = key_len;
1685 ext->alg = IW_ENCODE_ALG_NONE;
1688 ext->alg = IW_ENCODE_ALG_WEP;
1691 ext->alg = IW_ENCODE_ALG_TKIP;
1694 ext->alg = IW_ENCODE_ALG_CCMP;
1697 ext->alg = IW_ENCODE_ALG_PMK;
1699 #ifdef CONFIG_IEEE80211W
1701 ext->alg = IW_ENCODE_ALG_AES_CMAC;
1703 #endif /* CONFIG_IEEE80211W */
1705 wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d",
1711 if (seq && seq_len) {
1712 ext->ext_flags |= IW_ENCODE_EXT_RX_SEQ_VALID;
1713 os_memcpy(ext->rx_seq, seq, seq_len);
1716 if (ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr) < 0) {
1717 ret = errno == EOPNOTSUPP ? -2 : -1;
1718 if (errno == ENODEV) {
1720 * ndiswrapper seems to be returning incorrect error
1725 perror("ioctl[SIOCSIWENCODEEXT]");
1734 * wpa_driver_wext_set_key - Configure encryption key
1735 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1736 * @priv: Private driver interface data
1737 * @alg: Encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
1738 * %WPA_ALG_TKIP, %WPA_ALG_CCMP); %WPA_ALG_NONE clears the key.
1739 * @addr: Address of the peer STA or ff:ff:ff:ff:ff:ff for
1740 * broadcast/default keys
1741 * @key_idx: key index (0..3), usually 0 for unicast keys
1742 * @set_tx: Configure this key as the default Tx key (only used when
1743 * driver does not support separate unicast/individual key
1744 * @seq: Sequence number/packet number, seq_len octets, the next
1745 * packet number to be used for in replay protection; configured
1746 * for Rx keys (in most cases, this is only used with broadcast
1747 * keys and set to zero for unicast keys)
1748 * @seq_len: Length of the seq, depends on the algorithm:
1749 * TKIP: 6 octets, CCMP: 6 octets
1750 * @key: Key buffer; TKIP: 16-byte temporal key, 8-byte Tx Mic key,
1752 * @key_len: Length of the key buffer in octets (WEP: 5 or 13,
1753 * TKIP: 32, CCMP: 16)
1754 * Returns: 0 on success, -1 on failure
1756 * This function uses SIOCSIWENCODEEXT by default, but tries to use
1757 * SIOCSIWENCODE if the extended ioctl fails when configuring a WEP key.
1759 int wpa_driver_wext_set_key(const char *ifname, void *priv, enum wpa_alg alg,
1760 const u8 *addr, int key_idx,
1761 int set_tx, const u8 *seq, size_t seq_len,
1762 const u8 *key, size_t key_len)
1764 struct wpa_driver_wext_data *drv = priv;
1768 wpa_printf(MSG_DEBUG, "%s: alg=%d key_idx=%d set_tx=%d seq_len=%lu "
1770 __FUNCTION__, alg, key_idx, set_tx,
1771 (unsigned long) seq_len, (unsigned long) key_len);
1773 ret = wpa_driver_wext_set_key_ext(drv, alg, addr, key_idx, set_tx,
1774 seq, seq_len, key, key_len);
1779 (alg == WPA_ALG_NONE || alg == WPA_ALG_WEP)) {
1780 wpa_printf(MSG_DEBUG, "Driver did not support "
1781 "SIOCSIWENCODEEXT, trying SIOCSIWENCODE");
1784 wpa_printf(MSG_DEBUG, "Driver did not support "
1785 "SIOCSIWENCODEEXT");
1789 os_memset(&iwr, 0, sizeof(iwr));
1790 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1791 iwr.u.encoding.flags = key_idx + 1;
1792 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1793 if (alg == WPA_ALG_NONE)
1794 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1795 iwr.u.encoding.pointer = (caddr_t) key;
1796 iwr.u.encoding.length = key_len;
1798 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1799 perror("ioctl[SIOCSIWENCODE]");
1803 if (set_tx && alg != WPA_ALG_NONE) {
1804 os_memset(&iwr, 0, sizeof(iwr));
1805 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1806 iwr.u.encoding.flags = key_idx + 1;
1807 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1808 iwr.u.encoding.pointer = (caddr_t) NULL;
1809 iwr.u.encoding.length = 0;
1810 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1811 perror("ioctl[SIOCSIWENCODE] (set_tx)");
1820 static int wpa_driver_wext_set_countermeasures(void *priv,
1823 struct wpa_driver_wext_data *drv = priv;
1824 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1825 return wpa_driver_wext_set_auth_param(drv,
1826 IW_AUTH_TKIP_COUNTERMEASURES,
1831 static int wpa_driver_wext_set_drop_unencrypted(void *priv,
1834 struct wpa_driver_wext_data *drv = priv;
1835 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1836 drv->use_crypt = enabled;
1837 return wpa_driver_wext_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
1842 static int wpa_driver_wext_mlme(struct wpa_driver_wext_data *drv,
1843 const u8 *addr, int cmd, int reason_code)
1846 struct iw_mlme mlme;
1849 os_memset(&iwr, 0, sizeof(iwr));
1850 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1851 os_memset(&mlme, 0, sizeof(mlme));
1853 mlme.reason_code = reason_code;
1854 mlme.addr.sa_family = ARPHRD_ETHER;
1855 os_memcpy(mlme.addr.sa_data, addr, ETH_ALEN);
1856 iwr.u.data.pointer = (caddr_t) &mlme;
1857 iwr.u.data.length = sizeof(mlme);
1859 if (ioctl(drv->ioctl_sock, SIOCSIWMLME, &iwr) < 0) {
1860 perror("ioctl[SIOCSIWMLME]");
1868 static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv)
1871 const u8 null_bssid[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 };
1875 #endif /* ANDROID */
1878 * Only force-disconnect when the card is in infrastructure mode,
1879 * otherwise the driver might interpret the cleared BSSID and random
1880 * SSID as an attempt to create a new ad-hoc network.
1882 os_memset(&iwr, 0, sizeof(iwr));
1883 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1884 if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
1885 perror("ioctl[SIOCGIWMODE]");
1886 iwr.u.mode = IW_MODE_INFRA;
1889 if (iwr.u.mode == IW_MODE_INFRA) {
1890 /* Clear the BSSID selection */
1891 if (wpa_driver_wext_set_bssid(drv, null_bssid) < 0) {
1892 wpa_printf(MSG_DEBUG, "WEXT: Failed to clear BSSID "
1893 "selection on disconnect");
1897 if (drv->cfg80211) {
1899 * cfg80211 supports SIOCSIWMLME commands, so there is
1900 * no need for the random SSID hack, but clear the
1903 if (wpa_driver_wext_set_ssid(drv, (u8 *) "", 0) < 0) {
1904 wpa_printf(MSG_DEBUG, "WEXT: Failed to clear "
1905 "SSID on disconnect");
1911 * Set a random SSID to make sure the driver will not be trying
1912 * to associate with something even if it does not understand
1913 * SIOCSIWMLME commands (or tries to associate automatically
1914 * after deauth/disassoc).
1916 for (i = 0; i < 32; i++)
1917 ssid[i] = rand() & 0xFF;
1918 if (wpa_driver_wext_set_ssid(drv, ssid, 32) < 0) {
1919 wpa_printf(MSG_DEBUG, "WEXT: Failed to set bogus "
1920 "SSID to disconnect");
1922 #endif /* ANDROID */
1927 static int wpa_driver_wext_deauthenticate(void *priv, const u8 *addr,
1930 struct wpa_driver_wext_data *drv = priv;
1932 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1933 ret = wpa_driver_wext_mlme(drv, addr, IW_MLME_DEAUTH, reason_code);
1934 wpa_driver_wext_disconnect(drv);
1939 static int wpa_driver_wext_set_gen_ie(void *priv, const u8 *ie,
1942 struct wpa_driver_wext_data *drv = priv;
1946 os_memset(&iwr, 0, sizeof(iwr));
1947 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1948 iwr.u.data.pointer = (caddr_t) ie;
1949 iwr.u.data.length = ie_len;
1951 if (ioctl(drv->ioctl_sock, SIOCSIWGENIE, &iwr) < 0) {
1952 perror("ioctl[SIOCSIWGENIE]");
1960 int wpa_driver_wext_cipher2wext(int cipher)
1964 return IW_AUTH_CIPHER_NONE;
1966 return IW_AUTH_CIPHER_WEP40;
1968 return IW_AUTH_CIPHER_TKIP;
1970 return IW_AUTH_CIPHER_CCMP;
1972 return IW_AUTH_CIPHER_WEP104;
1979 int wpa_driver_wext_keymgmt2wext(int keymgmt)
1982 case KEY_MGMT_802_1X:
1983 case KEY_MGMT_802_1X_NO_WPA:
1984 return IW_AUTH_KEY_MGMT_802_1X;
1986 return IW_AUTH_KEY_MGMT_PSK;
1994 wpa_driver_wext_auth_alg_fallback(struct wpa_driver_wext_data *drv,
1995 struct wpa_driver_associate_params *params)
2000 wpa_printf(MSG_DEBUG, "WEXT: Driver did not support "
2001 "SIOCSIWAUTH for AUTH_ALG, trying SIOCSIWENCODE");
2003 os_memset(&iwr, 0, sizeof(iwr));
2004 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2005 /* Just changing mode, not actual keys */
2006 iwr.u.encoding.flags = 0;
2007 iwr.u.encoding.pointer = (caddr_t) NULL;
2008 iwr.u.encoding.length = 0;
2011 * Note: IW_ENCODE_{OPEN,RESTRICTED} can be interpreted to mean two
2012 * different things. Here they are used to indicate Open System vs.
2013 * Shared Key authentication algorithm. However, some drivers may use
2014 * them to select between open/restricted WEP encrypted (open = allow
2015 * both unencrypted and encrypted frames; restricted = only allow
2016 * encrypted frames).
2019 if (!drv->use_crypt) {
2020 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
2022 if (params->auth_alg & WPA_AUTH_ALG_OPEN)
2023 iwr.u.encoding.flags |= IW_ENCODE_OPEN;
2024 if (params->auth_alg & WPA_AUTH_ALG_SHARED)
2025 iwr.u.encoding.flags |= IW_ENCODE_RESTRICTED;
2028 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
2029 perror("ioctl[SIOCSIWENCODE]");
2037 int wpa_driver_wext_associate(void *priv,
2038 struct wpa_driver_associate_params *params)
2040 struct wpa_driver_wext_data *drv = priv;
2042 int allow_unencrypted_eapol;
2045 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
2047 if (drv->cfg80211) {
2049 * Stop cfg80211 from trying to associate before we are done
2050 * with all parameters.
2052 wpa_driver_wext_set_ssid(drv, (u8 *) "", 0);
2055 if (wpa_driver_wext_set_drop_unencrypted(drv, params->drop_unencrypted)
2058 if (wpa_driver_wext_set_auth_alg(drv, params->auth_alg) < 0)
2060 if (wpa_driver_wext_set_mode(drv, params->mode) < 0)
2064 * If the driver did not support SIOCSIWAUTH, fallback to
2065 * SIOCSIWENCODE here.
2067 if (drv->auth_alg_fallback &&
2068 wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
2071 if (!params->bssid &&
2072 wpa_driver_wext_set_bssid(drv, NULL) < 0)
2075 /* TODO: should consider getting wpa version and cipher/key_mgmt suites
2076 * from configuration, not from here, where only the selected suite is
2078 if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
2081 if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
2082 value = IW_AUTH_WPA_VERSION_DISABLED;
2083 else if (params->wpa_ie[0] == WLAN_EID_RSN)
2084 value = IW_AUTH_WPA_VERSION_WPA2;
2086 value = IW_AUTH_WPA_VERSION_WPA;
2087 if (wpa_driver_wext_set_auth_param(drv,
2088 IW_AUTH_WPA_VERSION, value) < 0)
2090 value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
2091 if (wpa_driver_wext_set_auth_param(drv,
2092 IW_AUTH_CIPHER_PAIRWISE, value) < 0)
2094 value = wpa_driver_wext_cipher2wext(params->group_suite);
2095 if (wpa_driver_wext_set_auth_param(drv,
2096 IW_AUTH_CIPHER_GROUP, value) < 0)
2098 value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
2099 if (wpa_driver_wext_set_auth_param(drv,
2100 IW_AUTH_KEY_MGMT, value) < 0)
2102 value = params->key_mgmt_suite != KEY_MGMT_NONE ||
2103 params->pairwise_suite != CIPHER_NONE ||
2104 params->group_suite != CIPHER_NONE ||
2106 if (wpa_driver_wext_set_auth_param(drv,
2107 IW_AUTH_PRIVACY_INVOKED, value) < 0)
2110 /* Allow unencrypted EAPOL messages even if pairwise keys are set when
2111 * not using WPA. IEEE 802.1X specifies that these frames are not
2112 * encrypted, but WPA encrypts them when pairwise keys are in use. */
2113 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
2114 params->key_mgmt_suite == KEY_MGMT_PSK)
2115 allow_unencrypted_eapol = 0;
2117 allow_unencrypted_eapol = 1;
2119 if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
2121 if (wpa_driver_wext_set_auth_param(drv,
2122 IW_AUTH_RX_UNENCRYPTED_EAPOL,
2123 allow_unencrypted_eapol) < 0)
2125 #ifdef CONFIG_IEEE80211W
2126 switch (params->mgmt_frame_protection) {
2127 case NO_MGMT_FRAME_PROTECTION:
2128 value = IW_AUTH_MFP_DISABLED;
2130 case MGMT_FRAME_PROTECTION_OPTIONAL:
2131 value = IW_AUTH_MFP_OPTIONAL;
2133 case MGMT_FRAME_PROTECTION_REQUIRED:
2134 value = IW_AUTH_MFP_REQUIRED;
2137 if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
2139 #endif /* CONFIG_IEEE80211W */
2140 if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
2142 if (!drv->cfg80211 &&
2143 wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2145 if (params->bssid &&
2146 wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
2148 if (drv->cfg80211 &&
2149 wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2156 static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg)
2158 struct wpa_driver_wext_data *drv = priv;
2161 if (auth_alg & WPA_AUTH_ALG_OPEN)
2162 algs |= IW_AUTH_ALG_OPEN_SYSTEM;
2163 if (auth_alg & WPA_AUTH_ALG_SHARED)
2164 algs |= IW_AUTH_ALG_SHARED_KEY;
2165 if (auth_alg & WPA_AUTH_ALG_LEAP)
2166 algs |= IW_AUTH_ALG_LEAP;
2168 /* at least one algorithm should be set */
2169 algs = IW_AUTH_ALG_OPEN_SYSTEM;
2172 res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
2174 drv->auth_alg_fallback = res == -2;
2180 * wpa_driver_wext_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE
2181 * @priv: Pointer to private wext data from wpa_driver_wext_init()
2182 * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS
2183 * Returns: 0 on success, -1 on failure
2185 int wpa_driver_wext_set_mode(void *priv, int mode)
2187 struct wpa_driver_wext_data *drv = priv;
2190 unsigned int new_mode = mode ? IW_MODE_ADHOC : IW_MODE_INFRA;
2192 os_memset(&iwr, 0, sizeof(iwr));
2193 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2194 iwr.u.mode = new_mode;
2195 if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) == 0) {
2200 if (errno != EBUSY) {
2201 perror("ioctl[SIOCSIWMODE]");
2205 /* mac80211 doesn't allow mode changes while the device is up, so if
2206 * the device isn't in the mode we're about to change to, take device
2207 * down, try to set the mode again, and bring it back up.
2209 if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
2210 perror("ioctl[SIOCGIWMODE]");
2214 if (iwr.u.mode == new_mode) {
2219 if (linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 0) == 0) {
2220 /* Try to set the mode again while the interface is down */
2221 iwr.u.mode = new_mode;
2222 if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) < 0)
2223 perror("ioctl[SIOCSIWMODE]");
2227 (void) linux_set_iface_flags(drv->ioctl_sock, drv->ifname, 1);
2235 static int wpa_driver_wext_pmksa(struct wpa_driver_wext_data *drv,
2236 u32 cmd, const u8 *bssid, const u8 *pmkid)
2239 struct iw_pmksa pmksa;
2242 os_memset(&iwr, 0, sizeof(iwr));
2243 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2244 os_memset(&pmksa, 0, sizeof(pmksa));
2246 pmksa.bssid.sa_family = ARPHRD_ETHER;
2248 os_memcpy(pmksa.bssid.sa_data, bssid, ETH_ALEN);
2250 os_memcpy(pmksa.pmkid, pmkid, IW_PMKID_LEN);
2251 iwr.u.data.pointer = (caddr_t) &pmksa;
2252 iwr.u.data.length = sizeof(pmksa);
2254 if (ioctl(drv->ioctl_sock, SIOCSIWPMKSA, &iwr) < 0) {
2255 if (errno != EOPNOTSUPP)
2256 perror("ioctl[SIOCSIWPMKSA]");
2264 static int wpa_driver_wext_add_pmkid(void *priv, const u8 *bssid,
2267 struct wpa_driver_wext_data *drv = priv;
2268 return wpa_driver_wext_pmksa(drv, IW_PMKSA_ADD, bssid, pmkid);
2272 static int wpa_driver_wext_remove_pmkid(void *priv, const u8 *bssid,
2275 struct wpa_driver_wext_data *drv = priv;
2276 return wpa_driver_wext_pmksa(drv, IW_PMKSA_REMOVE, bssid, pmkid);
2280 static int wpa_driver_wext_flush_pmkid(void *priv)
2282 struct wpa_driver_wext_data *drv = priv;
2283 return wpa_driver_wext_pmksa(drv, IW_PMKSA_FLUSH, NULL, NULL);
2287 int wpa_driver_wext_get_capa(void *priv, struct wpa_driver_capa *capa)
2289 struct wpa_driver_wext_data *drv = priv;
2290 if (!drv->has_capability)
2292 os_memcpy(capa, &drv->capa, sizeof(*capa));
2297 int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv,
2300 if (ifname == NULL) {
2305 drv->ifindex2 = if_nametoindex(ifname);
2306 if (drv->ifindex2 <= 0)
2309 wpa_printf(MSG_DEBUG, "Added alternative ifindex %d (%s) for "
2310 "wireless events", drv->ifindex2, ifname);
2316 int wpa_driver_wext_set_operstate(void *priv, int state)
2318 struct wpa_driver_wext_data *drv = priv;
2320 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
2321 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
2322 drv->operstate = state;
2323 return netlink_send_oper_ifla(drv->netlink, drv->ifindex, -1,
2324 state ? IF_OPER_UP : IF_OPER_DORMANT);
2328 int wpa_driver_wext_get_version(struct wpa_driver_wext_data *drv)
2330 return drv->we_version_compiled;
2334 static const char * wext_get_radio_name(void *priv)
2336 struct wpa_driver_wext_data *drv = priv;
2337 return drv->phyname;
2343 static int android_wext_cmd(struct wpa_driver_wext_data *drv, const char *cmd)
2346 char buf[MAX_DRV_CMD_SIZE];
2349 os_memset(&iwr, 0, sizeof(iwr));
2350 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2352 os_memset(buf, 0, sizeof(buf));
2353 os_strlcpy(buf, cmd, sizeof(buf));
2355 iwr.u.data.pointer = buf;
2356 iwr.u.data.length = sizeof(buf);
2358 ret = ioctl(drv->ioctl_sock, SIOCSIWPRIV, &iwr);
2361 wpa_printf(MSG_ERROR, "%s failed (%d): %s", __func__, ret,
2364 if (drv->errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
2366 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE
2377 static int wext_sched_scan(void *priv, struct wpa_driver_scan_params *params,
2380 struct wpa_driver_wext_data *drv = priv;
2382 int ret = 0, i = 0, bp;
2383 char buf[WEXT_PNO_MAX_COMMAND_SIZE];
2385 bp = WEXT_PNOSETUP_HEADER_SIZE;
2386 os_memcpy(buf, WEXT_PNOSETUP_HEADER, bp);
2387 buf[bp++] = WEXT_PNO_TLV_PREFIX;
2388 buf[bp++] = WEXT_PNO_TLV_VERSION;
2389 buf[bp++] = WEXT_PNO_TLV_SUBVERSION;
2390 buf[bp++] = WEXT_PNO_TLV_RESERVED;
2392 while (i < WEXT_PNO_AMOUNT && (size_t) i < params->num_ssids) {
2394 * Check that there is enough space needed for 1 more SSID, the
2395 * other sections and null termination.
2397 if ((bp + WEXT_PNO_SSID_HEADER_SIZE + IW_ESSID_MAX_SIZE +
2398 WEXT_PNO_NONSSID_SECTIONS_SIZE + 1) >= (int) sizeof(buf))
2401 wpa_hexdump_ascii(MSG_DEBUG, "For PNO Scan",
2402 params->ssids[i].ssid,
2403 params->ssids[i].ssid_len);
2404 buf[bp++] = WEXT_PNO_SSID_SECTION;
2405 buf[bp++] = params->ssids[i].ssid_len;
2406 os_memcpy(&buf[bp], params->ssids[i].ssid,
2407 params->ssids[i].ssid_len);
2408 bp += params->ssids[i].ssid_len;
2412 buf[bp++] = WEXT_PNO_SCAN_INTERVAL_SECTION;
2413 /* TODO: consider using interval parameter (interval in msec) instead
2414 * of hardcoded value here */
2415 os_snprintf(&buf[bp], WEXT_PNO_SCAN_INTERVAL_LENGTH + 1, "%x",
2416 WEXT_PNO_SCAN_INTERVAL);
2417 bp += WEXT_PNO_SCAN_INTERVAL_LENGTH;
2419 buf[bp++] = WEXT_PNO_REPEAT_SECTION;
2420 os_snprintf(&buf[bp], WEXT_PNO_REPEAT_LENGTH + 1, "%x",
2422 bp += WEXT_PNO_REPEAT_LENGTH;
2424 buf[bp++] = WEXT_PNO_MAX_REPEAT_SECTION;
2425 os_snprintf(&buf[bp], WEXT_PNO_MAX_REPEAT_LENGTH + 1, "%x",
2426 WEXT_PNO_MAX_REPEAT);
2427 bp += WEXT_PNO_MAX_REPEAT_LENGTH + 1;
2429 os_memset(&iwr, 0, sizeof(iwr));
2430 os_strncpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2431 iwr.u.data.pointer = buf;
2432 iwr.u.data.length = bp;
2434 ret = ioctl(drv->ioctl_sock, SIOCSIWPRIV, &iwr);
2436 wpa_printf(MSG_ERROR, "ioctl[SIOCSIWPRIV] (pnosetup): %d",
2439 if (drv->errors > DRV_NUMBER_SEQUENTIAL_ERRORS) {
2441 wpa_msg(drv->ctx, MSG_INFO,
2442 WPA_EVENT_DRIVER_STATE "HANGED");
2448 drv->bgscan_enabled = 1;
2450 return android_wext_cmd(drv, "PNOFORCE 1");
2454 static int wext_stop_sched_scan(void *priv)
2456 struct wpa_driver_wext_data *drv = priv;
2457 drv->bgscan_enabled = 0;
2458 return android_wext_cmd(drv, "PNOFORCE 0");
2461 #endif /* ANDROID */
2464 const struct wpa_driver_ops wpa_driver_wext_ops = {
2466 .desc = "Linux wireless extensions (generic)",
2467 .get_bssid = wpa_driver_wext_get_bssid,
2468 .get_ssid = wpa_driver_wext_get_ssid,
2469 .set_key = wpa_driver_wext_set_key,
2470 .set_countermeasures = wpa_driver_wext_set_countermeasures,
2471 .scan2 = wpa_driver_wext_scan,
2472 .get_scan_results2 = wpa_driver_wext_get_scan_results,
2473 .deauthenticate = wpa_driver_wext_deauthenticate,
2474 .associate = wpa_driver_wext_associate,
2475 .init = wpa_driver_wext_init,
2476 .deinit = wpa_driver_wext_deinit,
2477 .add_pmkid = wpa_driver_wext_add_pmkid,
2478 .remove_pmkid = wpa_driver_wext_remove_pmkid,
2479 .flush_pmkid = wpa_driver_wext_flush_pmkid,
2480 .get_capa = wpa_driver_wext_get_capa,
2481 .set_operstate = wpa_driver_wext_set_operstate,
2482 .get_radio_name = wext_get_radio_name,
2484 .sched_scan = wext_sched_scan,
2485 .stop_sched_scan = wext_stop_sched_scan,
2486 #endif /* ANDROID */