wpa_supplicant/ctrl_iface.c

   1 /*
   2  * WPA Supplicant / Control interface (shared code for all backends)
   3  * Copyright (c) 2004-2010, Jouni Malinen <j@w1.fi>
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License version 2 as
   7  * published by the Free Software Foundation.
   8  *
   9  * Alternatively, this software may be distributed under the terms of BSD
  10  * license.
  11  *
  12  * See README and COPYING for more details.
  13  */
  14
  15 #include "utils/includes.h"
  16
  17 #include "utils/common.h"
  18 #include "utils/eloop.h"
  19 #include "common/version.h"
  20 #include "common/ieee802_11_defs.h"
  21 #include "common/wpa_ctrl.h"
  22 #include "eap_peer/eap.h"
  23 #include "eapol_supp/eapol_supp_sm.h"
  24 #include "rsn_supp/wpa.h"
  25 #include "rsn_supp/preauth.h"
  26 #include "rsn_supp/pmksa_cache.h"
  27 #include "l2_packet/l2_packet.h"
  28 #include "wps/wps.h"
  29 #include "config.h"
  30 #include "wpa_supplicant_i.h"
  31 #include "driver_i.h"
  32 #include "wps_supplicant.h"
  33 #include "ibss_rsn.h"
  34 #include "ap.h"
  35 #include "p2p_supplicant.h"
  36 #include "p2p/p2p.h"
  37 #include "notify.h"
  38 #include "bss.h"
  39 #include "scan.h"
  40 #include "ctrl_iface.h"
  41 #include "interworking.h"
  42 #include "blacklist.h"
  43 #include "wpas_glue.h"
  44
  45 extern struct wpa_driver_ops *wpa_drivers[];
  46
  47 static int wpa_supplicant_global_iface_list(struct wpa_global *global,
  48                                             char *buf, int len);
  49 static int wpa_supplicant_global_iface_interfaces(struct wpa_global *global,
  50                                                   char *buf, int len);
  51
  52
  53 static int pno_start(struct wpa_supplicant *wpa_s)
  54 {
  55         int ret;
  56         size_t i, num_ssid;
  57         struct wpa_ssid *ssid;
  58         struct wpa_driver_scan_params params;
  59
  60         if (wpa_s->pno)
  61                 return 0;
  62
  63         os_memset(&params, 0, sizeof(params));
  64
  65         num_ssid = 0;
  66         ssid = wpa_s->conf->ssid;
  67         while (ssid) {
  68                 if (!ssid->disabled)
  69                         num_ssid++;
  70                 ssid = ssid->next;
  71         }
  72         if (num_ssid > WPAS_MAX_SCAN_SSIDS) {
  73                 wpa_printf(MSG_DEBUG, "PNO: Use only the first %u SSIDs from "
  74                            "%u", WPAS_MAX_SCAN_SSIDS, (unsigned int) num_ssid);
  75                 num_ssid = WPAS_MAX_SCAN_SSIDS;
  76         }
  77
  78         if (num_ssid == 0) {
  79                 wpa_printf(MSG_DEBUG, "PNO: No configured SSIDs");
  80                 return -1;
  81         }
  82
  83         params.filter_ssids = os_malloc(sizeof(struct wpa_driver_scan_filter) *
  84                                         num_ssid);
  85         if (params.filter_ssids == NULL)
  86                 return -1;
  87         i = 0;
  88         ssid = wpa_s->conf->ssid;
  89         while (ssid) {
  90                 if (!ssid->disabled) {
  91                         params.ssids[i].ssid = ssid->ssid;
  92                         params.ssids[i].ssid_len = ssid->ssid_len;
  93                         params.num_ssids++;
  94                         os_memcpy(params.filter_ssids[i].ssid, ssid->ssid,
  95                                   ssid->ssid_len);
  96                         params.filter_ssids[i].ssid_len = ssid->ssid_len;
  97                         params.num_filter_ssids++;
  98                         i++;
  99                         if (i == num_ssid)
 100                                 break;
 101                 }
 102                 ssid = ssid->next;
 103         }
 104
 105         ret = wpa_drv_sched_scan(wpa_s, &params, 10 * 1000);
 106         os_free(params.filter_ssids);
 107         if (ret == 0)
 108                 wpa_s->pno = 1;
 109         return ret;
 110 }
 111
 112
 113 static int pno_stop(struct wpa_supplicant *wpa_s)
 114 {
 115         if (wpa_s->pno) {
 116                 wpa_s->pno = 0;
 117                 return wpa_drv_stop_sched_scan(wpa_s);
 118         }
 119         return 0;
 120 }
 121
 122
 123 static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
 124                                          char *cmd)
 125 {
 126         char *value;
 127         int ret = 0;
 128
 129         value = os_strchr(cmd, ' ');
 130         if (value == NULL)
 131                 return -1;
 132         *value++ = '\0';
 133
 134         wpa_printf(MSG_DEBUG, "CTRL_IFACE SET '%s'='%s'", cmd, value);
 135         if (os_strcasecmp(cmd, "EAPOL::heldPeriod") == 0) {
 136                 eapol_sm_configure(wpa_s->eapol,
 137                                    atoi(value), -1, -1, -1);
 138         } else if (os_strcasecmp(cmd, "EAPOL::authPeriod") == 0) {
 139                 eapol_sm_configure(wpa_s->eapol,
 140                                    -1, atoi(value), -1, -1);
 141         } else if (os_strcasecmp(cmd, "EAPOL::startPeriod") == 0) {
 142                 eapol_sm_configure(wpa_s->eapol,
 143                                    -1, -1, atoi(value), -1);
 144         } else if (os_strcasecmp(cmd, "EAPOL::maxStart") == 0) {
 145                 eapol_sm_configure(wpa_s->eapol,
 146                                    -1, -1, -1, atoi(value));
 147         } else if (os_strcasecmp(cmd, "dot11RSNAConfigPMKLifetime") == 0) {
 148                 if (wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
 149                                      atoi(value)))
 150                         ret = -1;
 151         } else if (os_strcasecmp(cmd, "dot11RSNAConfigPMKReauthThreshold") ==
 152                    0) {
 153                 if (wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
 154                                      atoi(value)))
 155                         ret = -1;
 156         } else if (os_strcasecmp(cmd, "dot11RSNAConfigSATimeout") == 0) {
 157                 if (wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, atoi(value)))
 158                         ret = -1;
 159         } else if (os_strcasecmp(cmd, "wps_fragment_size") == 0) {
 160                 wpa_s->wps_fragment_size = atoi(value);
 161 #ifdef CONFIG_WPS_TESTING
 162         } else if (os_strcasecmp(cmd, "wps_version_number") == 0) {
 163                 long int val;
 164                 val = strtol(value, NULL, 0);
 165                 if (val < 0 || val > 0xff) {
 166                         ret = -1;
 167                         wpa_printf(MSG_DEBUG, "WPS: Invalid "
 168                                    "wps_version_number %ld", val);
 169                 } else {
 170                         wps_version_number = val;
 171                         wpa_printf(MSG_DEBUG, "WPS: Testing - force WPS "
 172                                    "version %u.%u",
 173                                    (wps_version_number & 0xf0) >> 4,
 174                                    wps_version_number & 0x0f);
 175                 }
 176         } else if (os_strcasecmp(cmd, "wps_testing_dummy_cred") == 0) {
 177                 wps_testing_dummy_cred = atoi(value);
 178                 wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
 179                            wps_testing_dummy_cred);
 180 #endif /* CONFIG_WPS_TESTING */
 181         } else if (os_strcasecmp(cmd, "ampdu") == 0) {
 182                 if (wpa_drv_ampdu(wpa_s, atoi(value)) < 0)
 183                         ret = -1;
 184 #ifdef CONFIG_TDLS_TESTING
 185         } else if (os_strcasecmp(cmd, "tdls_testing") == 0) {
 186                 extern unsigned int tdls_testing;
 187                 tdls_testing = strtol(value, NULL, 0);
 188                 wpa_printf(MSG_DEBUG, "TDLS: tdls_testing=0x%x", tdls_testing);
 189 #endif /* CONFIG_TDLS_TESTING */
 190 #ifdef CONFIG_TDLS
 191         } else if (os_strcasecmp(cmd, "tdls_disabled") == 0) {
 192                 int disabled = atoi(value);
 193                 wpa_printf(MSG_DEBUG, "TDLS: tdls_disabled=%d", disabled);
 194                 if (disabled) {
 195                         if (wpa_drv_tdls_oper(wpa_s, TDLS_DISABLE, NULL) < 0)
 196                                 ret = -1;
 197                 } else if (wpa_drv_tdls_oper(wpa_s, TDLS_ENABLE, NULL) < 0)
 198                         ret = -1;
 199                 wpa_tdls_enable(wpa_s->wpa, !disabled);
 200 #endif /* CONFIG_TDLS */
 201         } else if (os_strcasecmp(cmd, "pno") == 0) {
 202                 if (atoi(value))
 203                         ret = pno_start(wpa_s);
 204                 else
 205                         ret = pno_stop(wpa_s);
 206         } else {
 207                 value[-1] = '=';
 208                 ret = wpa_config_process_global(wpa_s->conf, cmd, -1);
 209                 if (ret == 0)
 210                         wpa_supplicant_update_config(wpa_s);
 211         }
 212
 213         return ret;
 214 }
 215
 216
 217 static int wpa_supplicant_ctrl_iface_get(struct wpa_supplicant *wpa_s,
 218                                          char *cmd, char *buf, size_t buflen)
 219 {
 220         int res = -1;
 221
 222         wpa_printf(MSG_DEBUG, "CTRL_IFACE GET '%s'", cmd);
 223
 224         if (os_strcmp(cmd, "version") == 0) {
 225                 res = os_snprintf(buf, buflen, "%s", VERSION_STR);
 226         } else if (os_strcasecmp(cmd, "country") == 0) {
 227                 if (wpa_s->conf->country[0] && wpa_s->conf->country[1])
 228                         res = os_snprintf(buf, buflen, "%c%c",
 229                                           wpa_s->conf->country[0],
 230                                           wpa_s->conf->country[1]);
 231         }
 232
 233         if (res < 0 || (unsigned int) res >= buflen)
 234                 return -1;
 235         return res;
 236 }
 237
 238
 239 #ifdef IEEE8021X_EAPOL
 240 static int wpa_supplicant_ctrl_iface_preauth(struct wpa_supplicant *wpa_s,
 241                                              char *addr)
 242 {
 243         u8 bssid[ETH_ALEN];
 244         struct wpa_ssid *ssid = wpa_s->current_ssid;
 245
 246         if (hwaddr_aton(addr, bssid)) {
 247                 wpa_printf(MSG_DEBUG, "CTRL_IFACE PREAUTH: invalid address "
 248                            "'%s'", addr);
 249                 return -1;
 250         }
 251
 252         wpa_printf(MSG_DEBUG, "CTRL_IFACE PREAUTH " MACSTR, MAC2STR(bssid));
 253         rsn_preauth_deinit(wpa_s->wpa);
 254         if (rsn_preauth_init(wpa_s->wpa, bssid, ssid ? &ssid->eap : NULL))
 255                 return -1;
 256
 257         return 0;
 258 }
 259 #endif /* IEEE8021X_EAPOL */
 260
 261
 262 #ifdef CONFIG_PEERKEY
 263 /* MLME-STKSTART.request(peer) */
 264 static int wpa_supplicant_ctrl_iface_stkstart(
 265         struct wpa_supplicant *wpa_s, char *addr)
 266 {
 267         u8 peer[ETH_ALEN];
 268
 269         if (hwaddr_aton(addr, peer)) {
 270                 wpa_printf(MSG_DEBUG, "CTRL_IFACE STKSTART: invalid "
 271                            "address '%s'", addr);
 272                 return -1;
 273         }
 274
 275         wpa_printf(MSG_DEBUG, "CTRL_IFACE STKSTART " MACSTR,
 276                    MAC2STR(peer));
 277
 278         return wpa_sm_stkstart(wpa_s->wpa, peer);
 279 }
 280 #endif /* CONFIG_PEERKEY */
 281
 282
 283 #ifdef CONFIG_TDLS
 284
 285 static int wpa_supplicant_ctrl_iface_tdls_discover(
 286         struct wpa_supplicant *wpa_s, char *addr)
 287 {
 288         u8 peer[ETH_ALEN];
 289         int ret;
 290
 291         if (hwaddr_aton(addr, peer)) {
 292                 wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_DISCOVER: invalid "
 293                            "address '%s'", addr);
 294                 return -1;
 295         }
 296
 297         wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_DISCOVER " MACSTR,
 298                    MAC2STR(peer));
 299
 300         if (wpa_tdls_is_external_setup(wpa_s->wpa))
 301                 ret = wpa_tdls_send_discovery_request(wpa_s->wpa, peer);
 302         else
 303                 ret = wpa_drv_tdls_oper(wpa_s, TDLS_DISCOVERY_REQ, peer);
 304
 305         return ret;
 306 }
 307
 308
 309 static int wpa_supplicant_ctrl_iface_tdls_setup(
 310         struct wpa_supplicant *wpa_s, char *addr)
 311 {
 312         u8 peer[ETH_ALEN];
 313         int ret;
 314
 315         if (hwaddr_aton(addr, peer)) {
 316                 wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_SETUP: invalid "
 317                            "address '%s'", addr);
 318                 return -1;
 319         }
 320
 321         wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_SETUP " MACSTR,
 322                    MAC2STR(peer));
 323
 324         ret = wpa_tdls_reneg(wpa_s->wpa, peer);
 325         if (ret) {
 326                 if (wpa_tdls_is_external_setup(wpa_s->wpa))
 327                         ret = wpa_tdls_start(wpa_s->wpa, peer);
 328                 else
 329                         ret = wpa_drv_tdls_oper(wpa_s, TDLS_SETUP, peer);
 330         }
 331
 332         return ret;
 333 }
 334
 335
 336 static int wpa_supplicant_ctrl_iface_tdls_teardown(
 337         struct wpa_supplicant *wpa_s, char *addr)
 338 {
 339         u8 peer[ETH_ALEN];
 340
 341         if (hwaddr_aton(addr, peer)) {
 342                 wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_TEARDOWN: invalid "
 343                            "address '%s'", addr);
 344                 return -1;
 345         }
 346
 347         wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_TEARDOWN " MACSTR,
 348                    MAC2STR(peer));
 349
 350         return wpa_tdls_teardown_link(wpa_s->wpa, peer,
 351                                       WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED);
 352 }
 353
 354 #endif /* CONFIG_TDLS */
 355
 356
 357 #ifdef CONFIG_IEEE80211R
 358 static int wpa_supplicant_ctrl_iface_ft_ds(
 359         struct wpa_supplicant *wpa_s, char *addr)
 360 {
 361         u8 target_ap[ETH_ALEN];
 362         struct wpa_bss *bss;
 363         const u8 *mdie;
 364
 365         if (hwaddr_aton(addr, target_ap)) {
 366                 wpa_printf(MSG_DEBUG, "CTRL_IFACE FT_DS: invalid "
 367                            "address '%s'", addr);
 368                 return -1;
 369         }
 370
 371         wpa_printf(MSG_DEBUG, "CTRL_IFACE FT_DS " MACSTR, MAC2STR(target_ap));
 372
 373         bss = wpa_bss_get_bssid(wpa_s, target_ap);
 374         if (bss)
 375                 mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
 376         else
 377                 mdie = NULL;
 378
 379         return wpa_ft_start_over_ds(wpa_s->wpa, target_ap, mdie);
 380 }
 381 #endif /* CONFIG_IEEE80211R */
 382
 383
 384 #ifdef CONFIG_WPS
 385 static int wpa_supplicant_ctrl_iface_wps_pbc(struct wpa_supplicant *wpa_s,
 386                                              char *cmd)
 387 {
 388         u8 bssid[ETH_ALEN], *_bssid = bssid;
 389 #ifdef CONFIG_P2P
 390         u8 p2p_dev_addr[ETH_ALEN];
 391 #endif /* CONFIG_P2P */
 392 #ifdef CONFIG_AP
 393         u8 *_p2p_dev_addr = NULL;
 394 #endif /* CONFIG_AP */
 395
 396         if (cmd == NULL || os_strcmp(cmd, "any") == 0) {
 397                 _bssid = NULL;
 398 #ifdef CONFIG_P2P
 399         } else if (os_strncmp(cmd, "p2p_dev_addr=", 13) == 0) {
 400                 if (hwaddr_aton(cmd + 13, p2p_dev_addr)) {
 401                         wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_PBC: invalid "
 402                                    "P2P Device Address '%s'",
 403                                    cmd + 13);
 404                         return -1;
 405                 }
 406                 _p2p_dev_addr = p2p_dev_addr;
 407 #endif /* CONFIG_P2P */
 408         } else if (hwaddr_aton(cmd, bssid)) {
 409                 wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_PBC: invalid BSSID '%s'",
 410                            cmd);
 411                 return -1;
 412         }
 413
 414 #ifdef CONFIG_AP
 415         if (wpa_s->ap_iface)
 416                 return wpa_supplicant_ap_wps_pbc(wpa_s, _bssid, _p2p_dev_addr);
 417 #endif /* CONFIG_AP */
 418
 419         return wpas_wps_start_pbc(wpa_s, _bssid, 0);
 420 }
 421
 422
 423 static int wpa_supplicant_ctrl_iface_wps_pin(struct wpa_supplicant *wpa_s,
 424                                              char *cmd, char *buf,
 425                                              size_t buflen)
 426 {
 427         u8 bssid[ETH_ALEN], *_bssid = bssid;
 428         char *pin;
 429         int ret;
 430
 431         pin = os_strchr(cmd, ' ');
 432         if (pin)
 433                 *pin++ = '\0';
 434
 435         if (os_strcmp(cmd, "any") == 0)
 436                 _bssid = NULL;
 437         else if (os_strcmp(cmd, "get") == 0) {
 438                 ret = wps_generate_pin();
 439                 goto done;
 440         } else if (hwaddr_aton(cmd, bssid)) {
 441                 wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_PIN: invalid BSSID '%s'",
 442                            cmd);
 443                 return -1;
 444         }
 445
 446 #ifdef CONFIG_AP
 447         if (wpa_s->ap_iface)
 448                 return wpa_supplicant_ap_wps_pin(wpa_s, _bssid, pin,
 449                                                  buf, buflen);
 450 #endif /* CONFIG_AP */
 451
 452         if (pin) {
 453                 ret = wpas_wps_start_pin(wpa_s, _bssid, pin, 0,
 454                                          DEV_PW_DEFAULT);
 455                 if (ret < 0)
 456                         return -1;
 457                 ret = os_snprintf(buf, buflen, "%s", pin);
 458                 if (ret < 0 || (size_t) ret >= buflen)
 459                         return -1;
 460                 return ret;
 461         }
 462
 463         ret = wpas_wps_start_pin(wpa_s, _bssid, NULL, 0, DEV_PW_DEFAULT);
 464         if (ret < 0)
 465                 return -1;
 466
 467 done:
 468         /* Return the generated PIN */
 469         ret = os_snprintf(buf, buflen, "%08d", ret);
 470         if (ret < 0 || (size_t) ret >= buflen)
 471                 return -1;
 472         return ret;
 473 }
 474
 475
 476 static int wpa_supplicant_ctrl_iface_wps_check_pin(
 477         struct wpa_supplicant *wpa_s, char *cmd, char *buf, size_t buflen)
 478 {
 479         char pin[9];
 480         size_t len;
 481         char *pos;
 482         int ret;
 483
 484         wpa_hexdump_ascii_key(MSG_DEBUG, "WPS_CHECK_PIN",
 485                               (u8 *) cmd, os_strlen(cmd));
 486         for (pos = cmd, len = 0; *pos != '\0'; pos++) {
 487                 if (*pos < '0' || *pos > '9')
 488                         continue;
 489                 pin[len++] = *pos;
 490                 if (len == 9) {
 491                         wpa_printf(MSG_DEBUG, "WPS: Too long PIN");
 492                         return -1;
 493                 }
 494         }
 495         if (len != 4 && len != 8) {
 496                 wpa_printf(MSG_DEBUG, "WPS: Invalid PIN length %d", (int) len);
 497                 return -1;
 498         }
 499         pin[len] = '\0';
 500
 501         if (len == 8) {
 502                 unsigned int pin_val;
 503                 pin_val = atoi(pin);
 504                 if (!wps_pin_valid(pin_val)) {
 505                         wpa_printf(MSG_DEBUG, "WPS: Invalid checksum digit");
 506                         ret = os_snprintf(buf, buflen, "FAIL-CHECKSUM\n");
 507                         if (ret < 0 || (size_t) ret >= buflen)
 508                                 return -1;
 509                         return ret;
 510                 }
 511         }
 512
 513         ret = os_snprintf(buf, buflen, "%s", pin);
 514         if (ret < 0 || (size_t) ret >= buflen)
 515                 return -1;
 516
 517         return ret;
 518 }
 519
 520
 521 #ifdef CONFIG_WPS_OOB
 522 static int wpa_supplicant_ctrl_iface_wps_oob(struct wpa_supplicant *wpa_s,
 523                                              char *cmd)
 524 {
 525         char *path, *method, *name;
 526
 527         path = os_strchr(cmd, ' ');
 528         if (path == NULL)
 529                 return -1;
 530         *path++ = '\0';
 531
 532         method = os_strchr(path, ' ');
 533         if (method == NULL)
 534                 return -1;
 535         *method++ = '\0';
 536
 537         name = os_strchr(method, ' ');
 538         if (name != NULL)
 539                 *name++ = '\0';
 540
 541         return wpas_wps_start_oob(wpa_s, cmd, path, method, name);
 542 }
 543 #endif /* CONFIG_WPS_OOB */
 544
 545
 546 static int wpa_supplicant_ctrl_iface_wps_reg(struct wpa_supplicant *wpa_s,
 547                                              char *cmd)
 548 {
 549         u8 bssid[ETH_ALEN];
 550         char *pin;
 551         char *new_ssid;
 552         char *new_auth;
 553         char *new_encr;
 554         char *new_key;
 555         struct wps_new_ap_settings ap;
 556
 557         pin = os_strchr(cmd, ' ');
 558         if (pin == NULL)
 559                 return -1;
 560         *pin++ = '\0';
 561
 562         if (hwaddr_aton(cmd, bssid)) {
 563                 wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_REG: invalid BSSID '%s'",
 564                            cmd);
 565                 return -1;
 566         }
 567
 568         new_ssid = os_strchr(pin, ' ');
 569         if (new_ssid == NULL)
 570                 return wpas_wps_start_reg(wpa_s, bssid, pin, NULL);
 571         *new_ssid++ = '\0';
 572
 573         new_auth = os_strchr(new_ssid, ' ');
 574         if (new_auth == NULL)
 575                 return -1;
 576         *new_auth++ = '\0';
 577
 578         new_encr = os_strchr(new_auth, ' ');
 579         if (new_encr == NULL)
 580                 return -1;
 581         *new_encr++ = '\0';
 582
 583         new_key = os_strchr(new_encr, ' ');
 584         if (new_key == NULL)
 585                 return -1;
 586         *new_key++ = '\0';
 587
 588         os_memset(&ap, 0, sizeof(ap));
 589         ap.ssid_hex = new_ssid;
 590         ap.auth = new_auth;
 591         ap.encr = new_encr;
 592         ap.key_hex = new_key;
 593         return wpas_wps_start_reg(wpa_s, bssid, pin, &ap);
 594 }
 595
 596
 597 #ifdef CONFIG_AP
 598 static int wpa_supplicant_ctrl_iface_wps_ap_pin(struct wpa_supplicant *wpa_s,
 599                                                 char *cmd, char *buf,
 600                                                 size_t buflen)
 601 {
 602         int timeout = 300;
 603         char *pos;
 604         const char *pin_txt;
 605
 606         if (!wpa_s->ap_iface)
 607                 return -1;
 608
 609         pos = os_strchr(cmd, ' ');
 610         if (pos)
 611                 *pos++ = '\0';
 612
 613         if (os_strcmp(cmd, "disable") == 0) {
 614                 wpas_wps_ap_pin_disable(wpa_s);
 615                 return os_snprintf(buf, buflen, "OK\n");
 616         }
 617
 618         if (os_strcmp(cmd, "random") == 0) {
 619                 if (pos)
 620                         timeout = atoi(pos);
 621                 pin_txt = wpas_wps_ap_pin_random(wpa_s, timeout);
 622                 if (pin_txt == NULL)
 623                         return -1;
 624                 return os_snprintf(buf, buflen, "%s", pin_txt);
 625         }
 626
 627         if (os_strcmp(cmd, "get") == 0) {
 628                 pin_txt = wpas_wps_ap_pin_get(wpa_s);
 629                 if (pin_txt == NULL)
 630                         return -1;
 631                 return os_snprintf(buf, buflen, "%s", pin_txt);
 632         }
 633
 634         if (os_strcmp(cmd, "set") == 0) {
 635                 char *pin;
 636                 if (pos == NULL)
 637                         return -1;
 638                 pin = pos;
 639                 pos = os_strchr(pos, ' ');
 640                 if (pos) {
 641                         *pos++ = '\0';
 642                         timeout = atoi(pos);
 643                 }
 644                 if (os_strlen(pin) > buflen)
 645                         return -1;
 646                 if (wpas_wps_ap_pin_set(wpa_s, pin, timeout) < 0)
 647                         return -1;
 648                 return os_snprintf(buf, buflen, "%s", pin);
 649         }
 650
 651         return -1;
 652 }
 653 #endif /* CONFIG_AP */
 654
 655
 656 #ifdef CONFIG_WPS_ER
 657 static int wpa_supplicant_ctrl_iface_wps_er_pin(struct wpa_supplicant *wpa_s,
 658                                                 char *cmd)
 659 {
 660         char *uuid = cmd, *pin, *pos;
 661         u8 addr_buf[ETH_ALEN], *addr = NULL;
 662         pin = os_strchr(uuid, ' ');
 663         if (pin == NULL)
 664                 return -1;
 665         *pin++ = '\0';
 666         pos = os_strchr(pin, ' ');
 667         if (pos) {
 668                 *pos++ = '\0';
 669                 if (hwaddr_aton(pos, addr_buf) == 0)
 670                         addr = addr_buf;
 671         }
 672         return wpas_wps_er_add_pin(wpa_s, addr, uuid, pin);
 673 }
 674
 675
 676 static int wpa_supplicant_ctrl_iface_wps_er_learn(struct wpa_supplicant *wpa_s,
 677                                                   char *cmd)
 678 {
 679         char *uuid = cmd, *pin;
 680         pin = os_strchr(uuid, ' ');
 681         if (pin == NULL)
 682                 return -1;
 683         *pin++ = '\0';
 684         return wpas_wps_er_learn(wpa_s, uuid, pin);
 685 }
 686
 687
 688 static int wpa_supplicant_ctrl_iface_wps_er_set_config(
 689         struct wpa_supplicant *wpa_s, char *cmd)
 690 {
 691         char *uuid = cmd, *id;
 692         id = os_strchr(uuid, ' ');
 693         if (id == NULL)
 694                 return -1;
 695         *id++ = '\0';
 696         return wpas_wps_er_set_config(wpa_s, uuid, atoi(id));
 697 }
 698
 699
 700 static int wpa_supplicant_ctrl_iface_wps_er_config(
 701         struct wpa_supplicant *wpa_s, char *cmd)
 702 {
 703         char *pin;
 704         char *new_ssid;
 705         char *new_auth;
 706         char *new_encr;
 707         char *new_key;
 708         struct wps_new_ap_settings ap;
 709
 710         pin = os_strchr(cmd, ' ');
 711         if (pin == NULL)
 712                 return -1;
 713         *pin++ = '\0';
 714
 715         new_ssid = os_strchr(pin, ' ');
 716         if (new_ssid == NULL)
 717                 return -1;
 718         *new_ssid++ = '\0';
 719
 720         new_auth = os_strchr(new_ssid, ' ');
 721         if (new_auth == NULL)
 722                 return -1;
 723         *new_auth++ = '\0';
 724
 725         new_encr = os_strchr(new_auth, ' ');
 726         if (new_encr == NULL)
 727                 return -1;
 728         *new_encr++ = '\0';
 729
 730         new_key = os_strchr(new_encr, ' ');
 731         if (new_key == NULL)
 732                 return -1;
 733         *new_key++ = '\0';
 734
 735         os_memset(&ap, 0, sizeof(ap));
 736         ap.ssid_hex = new_ssid;
 737         ap.auth = new_auth;
 738         ap.encr = new_encr;
 739         ap.key_hex = new_key;
 740         return wpas_wps_er_config(wpa_s, cmd, pin, &ap);
 741 }
 742 #endif /* CONFIG_WPS_ER */
 743
 744 #endif /* CONFIG_WPS */
 745
 746
 747 #ifdef CONFIG_IBSS_RSN
 748 static int wpa_supplicant_ctrl_iface_ibss_rsn(
 749         struct wpa_supplicant *wpa_s, char *addr)
 750 {
 751         u8 peer[ETH_ALEN];
 752
 753         if (hwaddr_aton(addr, peer)) {
 754                 wpa_printf(MSG_DEBUG, "CTRL_IFACE IBSS_RSN: invalid "
 755                            "address '%s'", addr);
 756                 return -1;
 757         }
 758
 759         wpa_printf(MSG_DEBUG, "CTRL_IFACE IBSS_RSN " MACSTR,
 760                    MAC2STR(peer));
 761
 762         return ibss_rsn_start(wpa_s->ibss_rsn, peer);
 763 }
 764 #endif /* CONFIG_IBSS_RSN */
 765
 766
 767 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
 768                                               struct wpa_ssid *ssid,
 769                                               const char *field,
 770                                               const char *value)
 771 {
 772         struct eap_peer_config *eap = &ssid->eap;
 773
 774         wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
 775         wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
 776                               (const u8 *) value, os_strlen(value));
 777
 778         switch (wpa_supplicant_ctrl_req_from_string(field)) {
 779         case WPA_CTRL_REQ_EAP_IDENTITY:
 780                 os_free(eap->identity);
 781                 eap->identity = (u8 *) os_strdup(value);
 782                 eap->identity_len = os_strlen(value);
 783                 eap->pending_req_identity = 0;
 784                 if (ssid == wpa_s->current_ssid)
 785                         wpa_s->reassociate = 1;
 786                 break;
 787         case WPA_CTRL_REQ_EAP_PASSWORD:
 788                 os_free(eap->password);
 789                 eap->password = (u8 *) os_strdup(value);
 790                 eap->password_len = os_strlen(value);
 791                 eap->pending_req_password = 0;
 792                 if (ssid == wpa_s->current_ssid)
 793                         wpa_s->reassociate = 1;
 794                 break;
 795         case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
 796                 os_free(eap->new_password);
 797                 eap->new_password = (u8 *) os_strdup(value);
 798                 eap->new_password_len = os_strlen(value);
 799                 eap->pending_req_new_password = 0;
 800                 if (ssid == wpa_s->current_ssid)
 801                         wpa_s->reassociate = 1;
 802                 break;
 803         case WPA_CTRL_REQ_EAP_PIN:
 804                 os_free(eap->pin);
 805                 eap->pin = os_strdup(value);
 806                 eap->pending_req_pin = 0;
 807                 if (ssid == wpa_s->current_ssid)
 808                         wpa_s->reassociate = 1;
 809                 break;
 810         case WPA_CTRL_REQ_EAP_OTP:
 811                 os_free(eap->otp);
 812                 eap->otp = (u8 *) os_strdup(value);
 813                 eap->otp_len = os_strlen(value);
 814                 os_free(eap->pending_req_otp);
 815                 eap->pending_req_otp = NULL;
 816                 eap->pending_req_otp_len = 0;
 817                 break;
 818         case WPA_CTRL_REQ_EAP_PASSPHRASE:
 819                 os_free(eap->private_key_passwd);
 820                 eap->private_key_passwd = (u8 *) os_strdup(value);
 821                 eap->pending_req_passphrase = 0;
 822                 if (ssid == wpa_s->current_ssid)
 823                         wpa_s->reassociate = 1;
 824                 break;
 825         default:
 826                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
 827                 return -1;
 828         }
 829
 830         return 0;
 831 }
 832
 833
 834 static int wpa_supplicant_ctrl_iface_ctrl_rsp(struct wpa_supplicant *wpa_s,
 835                                               char *rsp)
 836 {
 837 #ifdef IEEE8021X_EAPOL
 838         char *pos, *id_pos;
 839         int id;
 840         struct wpa_ssid *ssid;
 841
 842         pos = os_strchr(rsp, '-');
 843         if (pos == NULL)
 844                 return -1;
 845         *pos++ = '\0';
 846         id_pos = pos;
 847         pos = os_strchr(pos, ':');
 848         if (pos == NULL)
 849                 return -1;
 850         *pos++ = '\0';
 851         id = atoi(id_pos);
 852         wpa_printf(MSG_DEBUG, "CTRL_IFACE: field=%s id=%d", rsp, id);
 853         wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: value",
 854                               (u8 *) pos, os_strlen(pos));
 855
 856         ssid = wpa_config_get_network(wpa_s->conf, id);
 857         if (ssid == NULL) {
 858                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find SSID id=%d "
 859                            "to update", id);
 860                 return -1;
 861         }
 862
 863         return wpa_supplicant_ctrl_iface_ctrl_rsp_handle(wpa_s, ssid, rsp,
 864                                                          pos);
 865 #else /* IEEE8021X_EAPOL */
 866         wpa_printf(MSG_DEBUG, "CTRL_IFACE: 802.1X not included");
 867         return -1;
 868 #endif /* IEEE8021X_EAPOL */
 869 }
 870
 871
 872 static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,
 873                                             const char *params,
 874                                             char *buf, size_t buflen)
 875 {
 876         char *pos, *end, tmp[30];
 877         int res, verbose, ret;
 878
 879         verbose = os_strcmp(params, "-VERBOSE") == 0;
 880         pos = buf;
 881         end = buf + buflen;
 882         if (wpa_s->wpa_state >= WPA_ASSOCIATED) {
 883                 struct wpa_ssid *ssid = wpa_s->current_ssid;
 884                 ret = os_snprintf(pos, end - pos, "bssid=" MACSTR "\n",
 885                                   MAC2STR(wpa_s->bssid));
 886                 if (ret < 0 || ret >= end - pos)
 887                         return pos - buf;
 888                 pos += ret;
 889                 if (ssid) {
 890                         u8 *_ssid = ssid->ssid;
 891                         size_t ssid_len = ssid->ssid_len;
 892                         u8 ssid_buf[MAX_SSID_LEN];
 893                         if (ssid_len == 0) {
 894                                 int _res = wpa_drv_get_ssid(wpa_s, ssid_buf);
 895                                 if (_res < 0)
 896                                         ssid_len = 0;
 897                                 else
 898                                         ssid_len = _res;
 899                                 _ssid = ssid_buf;
 900                         }
 901                         ret = os_snprintf(pos, end - pos, "ssid=%s\nid=%d\n",
 902                                           wpa_ssid_txt(_ssid, ssid_len),
 903                                           ssid->id);
 904                         if (ret < 0 || ret >= end - pos)
 905                                 return pos - buf;
 906                         pos += ret;
 907
 908                         if (ssid->id_str) {
 909                                 ret = os_snprintf(pos, end - pos,
 910                                                   "id_str=%s\n",
 911                                                   ssid->id_str);
 912                                 if (ret < 0 || ret >= end - pos)
 913                                         return pos - buf;
 914                                 pos += ret;
 915                         }
 916
 917                         switch (ssid->mode) {
 918                         case WPAS_MODE_INFRA:
 919                                 ret = os_snprintf(pos, end - pos,
 920                                                   "mode=station\n");
 921                                 break;
 922                         case WPAS_MODE_IBSS:
 923                                 ret = os_snprintf(pos, end - pos,
 924                                                   "mode=IBSS\n");
 925                                 break;
 926                         case WPAS_MODE_AP:
 927                                 ret = os_snprintf(pos, end - pos,
 928                                                   "mode=AP\n");
 929                                 break;
 930                         case WPAS_MODE_P2P_GO:
 931                                 ret = os_snprintf(pos, end - pos,
 932                                                   "mode=P2P GO\n");
 933                                 break;
 934                         case WPAS_MODE_P2P_GROUP_FORMATION:
 935                                 ret = os_snprintf(pos, end - pos,
 936                                                   "mode=P2P GO - group "
 937                                                   "formation\n");
 938                                 break;
 939                         default:
 940                                 ret = 0;
 941                                 break;
 942                         }
 943                         if (ret < 0 || ret >= end - pos)
 944                                 return pos - buf;
 945                         pos += ret;
 946                 }
 947
 948 #ifdef CONFIG_AP
 949                 if (wpa_s->ap_iface) {
 950                         pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
 951                                                             end - pos,
 952                                                             verbose);
 953                 } else
 954 #endif /* CONFIG_AP */
 955                 pos += wpa_sm_get_status(wpa_s->wpa, pos, end - pos, verbose);
 956         }
 957         ret = os_snprintf(pos, end - pos, "wpa_state=%s\n",
 958                           wpa_supplicant_state_txt(wpa_s->wpa_state));
 959         if (ret < 0 || ret >= end - pos)
 960                 return pos - buf;
 961         pos += ret;
 962
 963         if (wpa_s->l2 &&
 964             l2_packet_get_ip_addr(wpa_s->l2, tmp, sizeof(tmp)) >= 0) {
 965                 ret = os_snprintf(pos, end - pos, "ip_address=%s\n", tmp);
 966                 if (ret < 0 || ret >= end - pos)
 967                         return pos - buf;
 968                 pos += ret;
 969         }
 970
 971 #ifdef CONFIG_P2P
 972         if (wpa_s->global->p2p) {
 973                 ret = os_snprintf(pos, end - pos, "p2p_device_address=" MACSTR
 974                                   "\n", MAC2STR(wpa_s->global->p2p_dev_addr));
 975                 if (ret < 0 || ret >= end - pos)
 976                         return pos - buf;
 977                 pos += ret;
 978         }
 979 #endif /* CONFIG_P2P */
 980
 981         ret = os_snprintf(pos, end - pos, "address=" MACSTR "\n",
 982                           MAC2STR(wpa_s->own_addr));
 983         if (ret < 0 || ret >= end - pos)
 984                 return pos - buf;
 985         pos += ret;
 986
 987         if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
 988             wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
 989                 res = eapol_sm_get_status(wpa_s->eapol, pos, end - pos,
 990                                           verbose);
 991                 if (res >= 0)
 992                         pos += res;
 993         }
 994
 995         res = rsn_preauth_get_status(wpa_s->wpa, pos, end - pos, verbose);
 996         if (res >= 0)
 997                 pos += res;
 998
 999         return pos - buf;
1000 }
1001
1002
1003 static int wpa_supplicant_ctrl_iface_bssid(struct wpa_supplicant *wpa_s,
1004                                            char *cmd)
1005 {
1006         char *pos;
1007         int id;
1008         struct wpa_ssid *ssid;
1009         u8 bssid[ETH_ALEN];
1010
1011         /* cmd: "<network id> <BSSID>" */
1012         pos = os_strchr(cmd, ' ');
1013         if (pos == NULL)
1014                 return -1;
1015         *pos++ = '\0';
1016         id = atoi(cmd);
1017         wpa_printf(MSG_DEBUG, "CTRL_IFACE: id=%d bssid='%s'", id, pos);
1018         if (hwaddr_aton(pos, bssid)) {
1019                 wpa_printf(MSG_DEBUG ,"CTRL_IFACE: invalid BSSID '%s'", pos);
1020                 return -1;
1021         }
1022
1023         ssid = wpa_config_get_network(wpa_s->conf, id);
1024         if (ssid == NULL) {
1025                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find SSID id=%d "
1026                            "to update", id);
1027                 return -1;
1028         }
1029
1030         os_memcpy(ssid->bssid, bssid, ETH_ALEN);
1031         ssid->bssid_set = !is_zero_ether_addr(bssid);
1032
1033         return 0;
1034 }
1035
1036
1037 static int wpa_supplicant_ctrl_iface_blacklist(struct wpa_supplicant *wpa_s,
1038                                                char *cmd, char *buf,
1039                                                size_t buflen)
1040 {
1041         u8 bssid[ETH_ALEN];
1042         struct wpa_blacklist *e;
1043         char *pos, *end;
1044         int ret;
1045
1046         /* cmd: "BLACKLIST [<BSSID>]" */
1047         if (*cmd == '\0') {
1048                 pos = buf;
1049                 end = buf + buflen;
1050                 e = wpa_s->blacklist;
1051                 while (e) {
1052                         ret = os_snprintf(pos, end - pos, MACSTR "\n",
1053                                           MAC2STR(e->bssid));
1054                         if (ret < 0 || ret >= end - pos)
1055                                 return pos - buf;
1056                         pos += ret;
1057                         e = e->next;
1058                 }
1059                 return pos - buf;
1060         }
1061
1062         cmd++;
1063         if (os_strncmp(cmd, "clear", 5) == 0) {
1064                 wpa_blacklist_clear(wpa_s);
1065                 os_memcpy(buf, "OK\n", 3);
1066                 return 3;
1067         }
1068
1069         wpa_printf(MSG_DEBUG, "CTRL_IFACE: BLACKLIST bssid='%s'", cmd);
1070         if (hwaddr_aton(cmd, bssid)) {
1071                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: invalid BSSID '%s'", cmd);
1072                 return -1;
1073         }
1074
1075         /*
1076          * Add the BSSID twice, so its count will be 2, causing it to be
1077          * skipped when processing scan results.
1078          */
1079         ret = wpa_blacklist_add(wpa_s, bssid);
1080         if (ret != 0)
1081                 return -1;
1082         ret = wpa_blacklist_add(wpa_s, bssid);
1083         if (ret != 0)
1084                 return -1;
1085         os_memcpy(buf, "OK\n", 3);
1086         return 3;
1087 }
1088
1089
1090 extern int wpa_debug_level;
1091 extern int wpa_debug_timestamp;
1092
1093 static const char * debug_level_str(int level)
1094 {
1095         switch (level) {
1096         case MSG_EXCESSIVE:
1097                 return "EXCESSIVE";
1098         case MSG_MSGDUMP:
1099                 return "MSGDUMP";
1100         case MSG_DEBUG:
1101                 return "DEBUG";
1102         case MSG_INFO:
1103                 return "INFO";
1104         case MSG_WARNING:
1105                 return "WARNING";
1106         case MSG_ERROR:
1107                 return "ERROR";
1108         default:
1109                 return "?";
1110         }
1111 }
1112
1113
1114 static int str_to_debug_level(const char *s)
1115 {
1116         if (os_strcasecmp(s, "EXCESSIVE") == 0)
1117                 return MSG_EXCESSIVE;
1118         if (os_strcasecmp(s, "MSGDUMP") == 0)
1119                 return MSG_MSGDUMP;
1120         if (os_strcasecmp(s, "DEBUG") == 0)
1121                 return MSG_DEBUG;
1122         if (os_strcasecmp(s, "INFO") == 0)
1123                 return MSG_INFO;
1124         if (os_strcasecmp(s, "WARNING") == 0)
1125                 return MSG_WARNING;
1126         if (os_strcasecmp(s, "ERROR") == 0)
1127                 return MSG_ERROR;
1128         return -1;
1129 }
1130
1131
1132 static int wpa_supplicant_ctrl_iface_log_level(struct wpa_supplicant *wpa_s,
1133                                                char *cmd, char *buf,
1134                                                size_t buflen)
1135 {
1136         char *pos, *end, *stamp;
1137         int ret;
1138
1139         if (cmd == NULL) {
1140                 return -1;
1141         }
1142
1143         /* cmd: "LOG_LEVEL [<level>]" */
1144         if (*cmd == '\0') {
1145                 pos = buf;
1146                 end = buf + buflen;
1147                 ret = os_snprintf(pos, end - pos, "Current level: %s\n"
1148                                   "Timestamp: %d\n",
1149                                   debug_level_str(wpa_debug_level),
1150                                   wpa_debug_timestamp);
1151                 if (ret < 0 || ret >= end - pos)
1152                         ret = 0;
1153
1154                 return ret;
1155         }
1156
1157         while (*cmd == ' ')
1158                 cmd++;
1159
1160         stamp = os_strchr(cmd, ' ');
1161         if (stamp) {
1162                 *stamp++ = '\0';
1163                 while (*stamp == ' ') {
1164                         stamp++;
1165                 }
1166         }
1167
1168         if (cmd && os_strlen(cmd)) {
1169                 int level = str_to_debug_level(cmd);
1170                 if (level < 0)
1171                         return -1;
1172                 wpa_debug_level = level;
1173         }
1174
1175         if (stamp && os_strlen(stamp))
1176                 wpa_debug_timestamp = atoi(stamp);
1177
1178         os_memcpy(buf, "OK\n", 3);
1179         return 3;
1180 }
1181
1182
1183 static int wpa_supplicant_ctrl_iface_list_networks(
1184         struct wpa_supplicant *wpa_s, char *buf, size_t buflen)
1185 {
1186         char *pos, *end;
1187         struct wpa_ssid *ssid;
1188         int ret;
1189
1190         pos = buf;
1191         end = buf + buflen;
1192         ret = os_snprintf(pos, end - pos,
1193                           "network id / ssid / bssid / flags\n");
1194         if (ret < 0 || ret >= end - pos)
1195                 return pos - buf;
1196         pos += ret;
1197
1198         ssid = wpa_s->conf->ssid;
1199         while (ssid) {
1200                 ret = os_snprintf(pos, end - pos, "%d\t%s",
1201                                   ssid->id,
1202                                   wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1203                 if (ret < 0 || ret >= end - pos)
1204                         return pos - buf;
1205                 pos += ret;
1206                 if (ssid->bssid_set) {
1207                         ret = os_snprintf(pos, end - pos, "\t" MACSTR,
1208                                           MAC2STR(ssid->bssid));
1209                 } else {
1210                         ret = os_snprintf(pos, end - pos, "\tany");
1211                 }
1212                 if (ret < 0 || ret >= end - pos)
1213                         return pos - buf;
1214                 pos += ret;
1215                 ret = os_snprintf(pos, end - pos, "\t%s%s%s",
1216                                   ssid == wpa_s->current_ssid ?
1217                                   "[CURRENT]" : "",
1218                                   ssid->disabled ? "[DISABLED]" : "",
1219                                   ssid->disabled == 2 ? "[P2P-PERSISTENT]" :
1220                                   "");
1221                 if (ret < 0 || ret >= end - pos)
1222                         return pos - buf;
1223                 pos += ret;
1224                 ret = os_snprintf(pos, end - pos, "\n");
1225                 if (ret < 0 || ret >= end - pos)
1226                         return pos - buf;
1227                 pos += ret;
1228
1229                 ssid = ssid->next;
1230         }
1231
1232         return pos - buf;
1233 }
1234
1235
1236 static char * wpa_supplicant_cipher_txt(char *pos, char *end, int cipher)
1237 {
1238         int first = 1, ret;
1239         ret = os_snprintf(pos, end - pos, "-");
1240         if (ret < 0 || ret >= end - pos)
1241                 return pos;
1242         pos += ret;
1243         if (cipher & WPA_CIPHER_NONE) {
1244                 ret = os_snprintf(pos, end - pos, "%sNONE", first ? "" : "+");
1245                 if (ret < 0 || ret >= end - pos)
1246                         return pos;
1247                 pos += ret;
1248                 first = 0;
1249         }
1250         if (cipher & WPA_CIPHER_WEP40) {
1251                 ret = os_snprintf(pos, end - pos, "%sWEP40", first ? "" : "+");
1252                 if (ret < 0 || ret >= end - pos)
1253                         return pos;
1254                 pos += ret;
1255                 first = 0;
1256         }
1257         if (cipher & WPA_CIPHER_WEP104) {
1258                 ret = os_snprintf(pos, end - pos, "%sWEP104",
1259                                   first ? "" : "+");
1260                 if (ret < 0 || ret >= end - pos)
1261                         return pos;
1262                 pos += ret;
1263                 first = 0;
1264         }
1265         if (cipher & WPA_CIPHER_TKIP) {
1266                 ret = os_snprintf(pos, end - pos, "%sTKIP", first ? "" : "+");
1267                 if (ret < 0 || ret >= end - pos)
1268                         return pos;
1269                 pos += ret;
1270                 first = 0;
1271         }
1272         if (cipher & WPA_CIPHER_CCMP) {
1273                 ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : "+");
1274                 if (ret < 0 || ret >= end - pos)
1275                         return pos;
1276                 pos += ret;
1277                 first = 0;
1278         }
1279         return pos;
1280 }
1281
1282
1283 static char * wpa_supplicant_ie_txt(char *pos, char *end, const char *proto,
1284                                     const u8 *ie, size_t ie_len)
1285 {
1286         struct wpa_ie_data data;
1287         int first, ret;
1288
1289         ret = os_snprintf(pos, end - pos, "[%s-", proto);
1290         if (ret < 0 || ret >= end - pos)
1291                 return pos;
1292         pos += ret;
1293
1294         if (wpa_parse_wpa_ie(ie, ie_len, &data) < 0) {
1295                 ret = os_snprintf(pos, end - pos, "?]");
1296                 if (ret < 0 || ret >= end - pos)
1297                         return pos;
1298                 pos += ret;
1299                 return pos;
1300         }
1301
1302         first = 1;
1303         if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
1304                 ret = os_snprintf(pos, end - pos, "%sEAP", first ? "" : "+");
1305                 if (ret < 0 || ret >= end - pos)
1306                         return pos;
1307                 pos += ret;
1308                 first = 0;
1309         }
1310         if (data.key_mgmt & WPA_KEY_MGMT_PSK) {
1311                 ret = os_snprintf(pos, end - pos, "%sPSK", first ? "" : "+");
1312                 if (ret < 0 || ret >= end - pos)
1313                         return pos;
1314                 pos += ret;
1315                 first = 0;
1316         }
1317         if (data.key_mgmt & WPA_KEY_MGMT_WPA_NONE) {
1318                 ret = os_snprintf(pos, end - pos, "%sNone", first ? "" : "+");
1319                 if (ret < 0 || ret >= end - pos)
1320                         return pos;
1321                 pos += ret;
1322                 first = 0;
1323         }
1324 #ifdef CONFIG_IEEE80211R
1325         if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
1326                 ret = os_snprintf(pos, end - pos, "%sFT/EAP",
1327                                   first ? "" : "+");
1328                 if (ret < 0 || ret >= end - pos)
1329                         return pos;
1330                 pos += ret;
1331                 first = 0;
1332         }
1333         if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK) {
1334                 ret = os_snprintf(pos, end - pos, "%sFT/PSK",
1335                                   first ? "" : "+");
1336                 if (ret < 0 || ret >= end - pos)
1337                         return pos;
1338                 pos += ret;
1339                 first = 0;
1340         }
1341 #endif /* CONFIG_IEEE80211R */
1342 #ifdef CONFIG_IEEE80211W
1343         if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1344                 ret = os_snprintf(pos, end - pos, "%sEAP-SHA256",
1345                                   first ? "" : "+");
1346                 if (ret < 0 || ret >= end - pos)
1347                         return pos;
1348                 pos += ret;
1349                 first = 0;
1350         }
1351         if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
1352                 ret = os_snprintf(pos, end - pos, "%sPSK-SHA256",
1353                                   first ? "" : "+");
1354                 if (ret < 0 || ret >= end - pos)
1355                         return pos;
1356                 pos += ret;
1357                 first = 0;
1358         }
1359 #endif /* CONFIG_IEEE80211W */
1360
1361         pos = wpa_supplicant_cipher_txt(pos, end, data.pairwise_cipher);
1362
1363         if (data.capabilities & WPA_CAPABILITY_PREAUTH) {
1364                 ret = os_snprintf(pos, end - pos, "-preauth");
1365                 if (ret < 0 || ret >= end - pos)
1366                         return pos;
1367                 pos += ret;
1368         }
1369
1370         ret = os_snprintf(pos, end - pos, "]");
1371         if (ret < 0 || ret >= end - pos)
1372                 return pos;
1373         pos += ret;
1374
1375         return pos;
1376 }
1377
1378
1379 #ifdef CONFIG_WPS
1380 static char * wpa_supplicant_wps_ie_txt_buf(struct wpa_supplicant *wpa_s,
1381                                             char *pos, char *end,
1382                                             struct wpabuf *wps_ie)
1383 {
1384         int ret;
1385         const char *txt;
1386
1387         if (wps_ie == NULL)
1388                 return pos;
1389         if (wps_is_selected_pbc_registrar(wps_ie))
1390                 txt = "[WPS-PBC]";
1391 #ifdef CONFIG_WPS2
1392         else if (wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 0))
1393                 txt = "[WPS-AUTH]";
1394 #endif /* CONFIG_WPS2 */
1395         else if (wps_is_selected_pin_registrar(wps_ie))
1396                 txt = "[WPS-PIN]";
1397         else
1398                 txt = "[WPS]";
1399
1400         ret = os_snprintf(pos, end - pos, "%s", txt);
1401         if (ret >= 0 && ret < end - pos)
1402                 pos += ret;
1403         wpabuf_free(wps_ie);
1404         return pos;
1405 }
1406 #endif /* CONFIG_WPS */
1407
1408
1409 static char * wpa_supplicant_wps_ie_txt(struct wpa_supplicant *wpa_s,
1410                                         char *pos, char *end,
1411                                         const struct wpa_bss *bss)
1412 {
1413 #ifdef CONFIG_WPS
1414         struct wpabuf *wps_ie;
1415         wps_ie = wpa_bss_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
1416         return wpa_supplicant_wps_ie_txt_buf(wpa_s, pos, end, wps_ie);
1417 #else /* CONFIG_WPS */
1418         return pos;
1419 #endif /* CONFIG_WPS */
1420 }
1421
1422
1423 /* Format one result on one text line into a buffer. */
1424 static int wpa_supplicant_ctrl_iface_scan_result(
1425         struct wpa_supplicant *wpa_s,
1426         const struct wpa_bss *bss, char *buf, size_t buflen)
1427 {
1428         char *pos, *end;
1429         int ret;
1430         const u8 *ie, *ie2, *p2p;
1431
1432         p2p = wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE);
1433         if (p2p && bss->ssid_len == P2P_WILDCARD_SSID_LEN &&
1434             os_memcmp(bss->ssid, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN) ==
1435             0)
1436                 return 0; /* Do not show P2P listen discovery results here */
1437
1438         pos = buf;
1439         end = buf + buflen;
1440
1441         ret = os_snprintf(pos, end - pos, MACSTR "\t%d\t%d\t",
1442                           MAC2STR(bss->bssid), bss->freq, bss->level);
1443         if (ret < 0 || ret >= end - pos)
1444                 return -1;
1445         pos += ret;
1446         ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1447         if (ie)
1448                 pos = wpa_supplicant_ie_txt(pos, end, "WPA", ie, 2 + ie[1]);
1449         ie2 = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1450         if (ie2)
1451                 pos = wpa_supplicant_ie_txt(pos, end, "WPA2", ie2, 2 + ie2[1]);
1452         pos = wpa_supplicant_wps_ie_txt(wpa_s, pos, end, bss);
1453         if (!ie && !ie2 && bss->caps & IEEE80211_CAP_PRIVACY) {
1454                 ret = os_snprintf(pos, end - pos, "[WEP]");
1455                 if (ret < 0 || ret >= end - pos)
1456                         return -1;
1457                 pos += ret;
1458         }
1459         if (bss->caps & IEEE80211_CAP_IBSS) {
1460                 ret = os_snprintf(pos, end - pos, "[IBSS]");
1461                 if (ret < 0 || ret >= end - pos)
1462                         return -1;
1463                 pos += ret;
1464         }
1465         if (bss->caps & IEEE80211_CAP_ESS) {
1466                 ret = os_snprintf(pos, end - pos, "[ESS]");
1467                 if (ret < 0 || ret >= end - pos)
1468                         return -1;
1469                 pos += ret;
1470         }
1471         if (p2p) {
1472                 ret = os_snprintf(pos, end - pos, "[P2P]");
1473                 if (ret < 0 || ret >= end - pos)
1474                         return -1;
1475                 pos += ret;
1476         }
1477
1478         ret = os_snprintf(pos, end - pos, "\t%s",
1479                           wpa_ssid_txt(bss->ssid, bss->ssid_len));
1480         if (ret < 0 || ret >= end - pos)
1481                 return -1;
1482         pos += ret;
1483
1484         ret = os_snprintf(pos, end - pos, "\n");
1485         if (ret < 0 || ret >= end - pos)
1486                 return -1;
1487         pos += ret;
1488
1489         return pos - buf;
1490 }
1491
1492
1493 static int wpa_supplicant_ctrl_iface_scan_results(
1494         struct wpa_supplicant *wpa_s, char *buf, size_t buflen)
1495 {
1496         char *pos, *end;
1497         struct wpa_bss *bss;
1498         int ret;
1499
1500         pos = buf;
1501         end = buf + buflen;
1502         ret = os_snprintf(pos, end - pos, "bssid / frequency / signal level / "
1503                           "flags / ssid\n");
1504         if (ret < 0 || ret >= end - pos)
1505                 return pos - buf;
1506         pos += ret;
1507
1508         dl_list_for_each(bss, &wpa_s->bss_id, struct wpa_bss, list_id) {
1509                 ret = wpa_supplicant_ctrl_iface_scan_result(wpa_s, bss, pos,
1510                                                             end - pos);
1511                 if (ret < 0 || ret >= end - pos)
1512                         return pos - buf;
1513                 pos += ret;
1514         }
1515
1516         return pos - buf;
1517 }
1518
1519
1520 static int wpa_supplicant_ctrl_iface_select_network(
1521         struct wpa_supplicant *wpa_s, char *cmd)
1522 {
1523         int id;
1524         struct wpa_ssid *ssid;
1525
1526         /* cmd: "<network id>" or "any" */
1527         if (os_strcmp(cmd, "any") == 0) {
1528                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SELECT_NETWORK any");
1529                 ssid = NULL;
1530         } else {
1531                 id = atoi(cmd);
1532                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SELECT_NETWORK id=%d", id);
1533
1534                 ssid = wpa_config_get_network(wpa_s->conf, id);
1535                 if (ssid == NULL) {
1536                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find "
1537                                    "network id=%d", id);
1538                         return -1;
1539                 }
1540                 if (ssid->disabled == 2) {
1541                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Cannot use "
1542                                    "SELECT_NETWORK with persistent P2P group");
1543                         return -1;
1544                 }
1545         }
1546
1547         wpa_supplicant_select_network(wpa_s, ssid);
1548
1549         return 0;
1550 }
1551
1552
1553 static int wpa_supplicant_ctrl_iface_enable_network(
1554         struct wpa_supplicant *wpa_s, char *cmd)
1555 {
1556         int id;
1557         struct wpa_ssid *ssid;
1558
1559         /* cmd: "<network id>" or "all" */
1560         if (os_strcmp(cmd, "all") == 0) {
1561                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: ENABLE_NETWORK all");
1562                 ssid = NULL;
1563         } else {
1564                 id = atoi(cmd);
1565                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: ENABLE_NETWORK id=%d", id);
1566
1567                 ssid = wpa_config_get_network(wpa_s->conf, id);
1568                 if (ssid == NULL) {
1569                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find "
1570                                    "network id=%d", id);
1571                         return -1;
1572                 }
1573                 if (ssid->disabled == 2) {
1574                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Cannot use "
1575                                    "ENABLE_NETWORK with persistent P2P group");
1576                         return -1;
1577                 }
1578         }
1579         wpa_supplicant_enable_network(wpa_s, ssid);
1580
1581         return 0;
1582 }
1583
1584
1585 static int wpa_supplicant_ctrl_iface_disable_network(
1586         struct wpa_supplicant *wpa_s, char *cmd)
1587 {
1588         int id;
1589         struct wpa_ssid *ssid;
1590
1591         /* cmd: "<network id>" or "all" */
1592         if (os_strcmp(cmd, "all") == 0) {
1593                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: DISABLE_NETWORK all");
1594                 ssid = NULL;
1595         } else {
1596                 id = atoi(cmd);
1597                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: DISABLE_NETWORK id=%d", id);
1598
1599                 ssid = wpa_config_get_network(wpa_s->conf, id);
1600                 if (ssid == NULL) {
1601                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find "
1602                                    "network id=%d", id);
1603                         return -1;
1604                 }
1605                 if (ssid->disabled == 2) {
1606                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Cannot use "
1607                                    "DISABLE_NETWORK with persistent P2P "
1608                                    "group");
1609                         return -1;
1610                 }
1611         }
1612         wpa_supplicant_disable_network(wpa_s, ssid);
1613
1614         return 0;
1615 }
1616
1617
1618 static int wpa_supplicant_ctrl_iface_add_network(
1619         struct wpa_supplicant *wpa_s, char *buf, size_t buflen)
1620 {
1621         struct wpa_ssid *ssid;
1622         int ret;
1623
1624         wpa_printf(MSG_DEBUG, "CTRL_IFACE: ADD_NETWORK");
1625
1626         ssid = wpa_config_add_network(wpa_s->conf);
1627         if (ssid == NULL)
1628                 return -1;
1629
1630         wpas_notify_network_added(wpa_s, ssid);
1631
1632         ssid->disabled = 1;
1633         wpa_config_set_network_defaults(ssid);
1634
1635         ret = os_snprintf(buf, buflen, "%d\n", ssid->id);
1636         if (ret < 0 || (size_t) ret >= buflen)
1637                 return -1;
1638         return ret;
1639 }
1640
1641
1642 static int wpa_supplicant_ctrl_iface_remove_network(
1643         struct wpa_supplicant *wpa_s, char *cmd)
1644 {
1645         int id;
1646         struct wpa_ssid *ssid;
1647
1648         /* cmd: "<network id>" or "all" */
1649         if (os_strcmp(cmd, "all") == 0) {
1650                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_NETWORK all");
1651                 ssid = wpa_s->conf->ssid;
1652                 while (ssid) {
1653                         struct wpa_ssid *remove_ssid = ssid;
1654                         id = ssid->id;
1655                         ssid = ssid->next;
1656                         wpas_notify_network_removed(wpa_s, remove_ssid);
1657                         wpa_config_remove_network(wpa_s->conf, id);
1658                 }
1659                 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1660                 if (wpa_s->current_ssid) {
1661                         wpa_sm_set_config(wpa_s->wpa, NULL);
1662                         eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1663                         wpa_supplicant_disassociate(wpa_s,
1664                                                     WLAN_REASON_DEAUTH_LEAVING);
1665                 }
1666                 return 0;
1667         }
1668
1669         id = atoi(cmd);
1670         wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_NETWORK id=%d", id);
1671
1672         ssid = wpa_config_get_network(wpa_s->conf, id);
1673         if (ssid)
1674                 wpas_notify_network_removed(wpa_s, ssid);
1675         if (ssid == NULL ||
1676             wpa_config_remove_network(wpa_s->conf, id) < 0) {
1677                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find network "
1678                            "id=%d", id);
1679                 return -1;
1680         }
1681
1682         if (ssid == wpa_s->current_ssid || wpa_s->current_ssid == NULL) {
1683                 /*
1684                  * Invalidate the EAP session cache if the current or
1685                  * previously used network is removed.
1686                  */
1687                 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1688         }
1689
1690         if (ssid == wpa_s->current_ssid) {
1691                 wpa_sm_set_config(wpa_s->wpa, NULL);
1692                 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1693
1694                 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1695         }
1696
1697         return 0;
1698 }
1699
1700
1701 static int wpa_supplicant_ctrl_iface_set_network(
1702         struct wpa_supplicant *wpa_s, char *cmd)
1703 {
1704         int id;
1705         struct wpa_ssid *ssid;
1706         char *name, *value;
1707
1708         /* cmd: "<network id> <variable name> <value>" */
1709         name = os_strchr(cmd, ' ');
1710         if (name == NULL)
1711                 return -1;
1712         *name++ = '\0';
1713
1714         value = os_strchr(name, ' ');
1715         if (value == NULL)
1716                 return -1;
1717         *value++ = '\0';
1718
1719         id = atoi(cmd);
1720         wpa_printf(MSG_DEBUG, "CTRL_IFACE: SET_NETWORK id=%d name='%s'",
1721                    id, name);
1722         wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: value",
1723                               (u8 *) value, os_strlen(value));
1724
1725         ssid = wpa_config_get_network(wpa_s->conf, id);
1726         if (ssid == NULL) {
1727                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find network "
1728                            "id=%d", id);
1729                 return -1;
1730         }
1731
1732         if (wpa_config_set(ssid, name, value, 0) < 0) {
1733                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Failed to set network "
1734                            "variable '%s'", name);
1735                 return -1;
1736         }
1737
1738         wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1739
1740         if (wpa_s->current_ssid == ssid || wpa_s->current_ssid == NULL) {
1741                 /*
1742                  * Invalidate the EAP session cache if anything in the current
1743                  * or previously used configuration changes.
1744                  */
1745                 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1746         }
1747
1748         if ((os_strcmp(name, "psk") == 0 &&
1749              value[0] == '"' && ssid->ssid_len) ||
1750             (os_strcmp(name, "ssid") == 0 && ssid->passphrase))
1751                 wpa_config_update_psk(ssid);
1752         else if (os_strcmp(name, "priority") == 0)
1753                 wpa_config_update_prio_list(wpa_s->conf);
1754
1755         return 0;
1756 }
1757
1758
1759 static int wpa_supplicant_ctrl_iface_get_network(
1760         struct wpa_supplicant *wpa_s, char *cmd, char *buf, size_t buflen)
1761 {
1762         int id;
1763         size_t res;
1764         struct wpa_ssid *ssid;
1765         char *name, *value;
1766
1767         /* cmd: "<network id> <variable name>" */
1768         name = os_strchr(cmd, ' ');
1769         if (name == NULL || buflen == 0)
1770                 return -1;
1771         *name++ = '\0';
1772
1773         id = atoi(cmd);
1774         wpa_printf(MSG_DEBUG, "CTRL_IFACE: GET_NETWORK id=%d name='%s'",
1775                    id, name);
1776
1777         ssid = wpa_config_get_network(wpa_s->conf, id);
1778         if (ssid == NULL) {
1779                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find network "
1780                            "id=%d", id);
1781                 return -1;
1782         }
1783
1784         value = wpa_config_get_no_key(ssid, name);
1785         if (value == NULL) {
1786                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Failed to get network "
1787                            "variable '%s'", name);
1788                 return -1;
1789         }
1790
1791         res = os_strlcpy(buf, value, buflen);
1792         if (res >= buflen) {
1793                 os_free(value);
1794                 return -1;
1795         }
1796
1797         os_free(value);
1798
1799         return res;
1800 }
1801
1802
1803 #ifndef CONFIG_NO_CONFIG_WRITE
1804 static int wpa_supplicant_ctrl_iface_save_config(struct wpa_supplicant *wpa_s)
1805 {
1806         int ret;
1807
1808         if (!wpa_s->conf->update_config) {
1809                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SAVE_CONFIG - Not allowed "
1810                            "to update configuration (update_config=0)");
1811                 return -1;
1812         }
1813
1814         ret = wpa_config_write(wpa_s->confname, wpa_s->conf);
1815         if (ret) {
1816                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SAVE_CONFIG - Failed to "
1817                            "update configuration");
1818         } else {
1819                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SAVE_CONFIG - Configuration"
1820                            " updated");
1821         }
1822
1823         return ret;
1824 }
1825 #endif /* CONFIG_NO_CONFIG_WRITE */
1826
1827
1828 static int ctrl_iface_get_capability_pairwise(int res, char *strict,
1829                                               struct wpa_driver_capa *capa,
1830                                               char *buf, size_t buflen)
1831 {
1832         int ret, first = 1;
1833         char *pos, *end;
1834         size_t len;
1835
1836         pos = buf;
1837         end = pos + buflen;
1838
1839         if (res < 0) {
1840                 if (strict)
1841                         return 0;
1842                 len = os_strlcpy(buf, "CCMP TKIP NONE", buflen);
1843                 if (len >= buflen)
1844                         return -1;
1845                 return len;
1846         }
1847
1848         if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP) {
1849                 ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : " ");
1850                 if (ret < 0 || ret >= end - pos)
1851                         return pos - buf;
1852                 pos += ret;
1853                 first = 0;
1854         }
1855
1856         if (capa->enc & WPA_DRIVER_CAPA_ENC_TKIP) {
1857                 ret = os_snprintf(pos, end - pos, "%sTKIP", first ? "" : " ");
1858                 if (ret < 0 || ret >= end - pos)
1859                         return pos - buf;
1860                 pos += ret;
1861                 first = 0;
1862         }
1863
1864         if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE) {
1865                 ret = os_snprintf(pos, end - pos, "%sNONE", first ? "" : " ");
1866                 if (ret < 0 || ret >= end - pos)
1867                         return pos - buf;
1868                 pos += ret;
1869                 first = 0;
1870         }
1871
1872         return pos - buf;
1873 }
1874
1875
1876 static int ctrl_iface_get_capability_group(int res, char *strict,
1877                                            struct wpa_driver_capa *capa,
1878                                            char *buf, size_t buflen)
1879 {
1880         int ret, first = 1;
1881         char *pos, *end;
1882         size_t len;
1883
1884         pos = buf;
1885         end = pos + buflen;
1886
1887         if (res < 0) {
1888                 if (strict)
1889                         return 0;
1890                 len = os_strlcpy(buf, "CCMP TKIP WEP104 WEP40", buflen);
1891                 if (len >= buflen)
1892                         return -1;
1893                 return len;
1894         }
1895
1896         if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP) {
1897                 ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : " ");
1898                 if (ret < 0 || ret >= end - pos)
1899                         return pos - buf;
1900                 pos += ret;
1901                 first = 0;
1902         }
1903
1904         if (capa->enc & WPA_DRIVER_CAPA_ENC_TKIP) {
1905                 ret = os_snprintf(pos, end - pos, "%sTKIP", first ? "" : " ");
1906                 if (ret < 0 || ret >= end - pos)
1907                         return pos - buf;
1908                 pos += ret;
1909                 first = 0;
1910         }
1911
1912         if (capa->enc & WPA_DRIVER_CAPA_ENC_WEP104) {
1913                 ret = os_snprintf(pos, end - pos, "%sWEP104",
1914                                   first ? "" : " ");
1915                 if (ret < 0 || ret >= end - pos)
1916                         return pos - buf;
1917                 pos += ret;
1918                 first = 0;
1919         }
1920
1921         if (capa->enc & WPA_DRIVER_CAPA_ENC_WEP40) {
1922                 ret = os_snprintf(pos, end - pos, "%sWEP40", first ? "" : " ");
1923                 if (ret < 0 || ret >= end - pos)
1924                         return pos - buf;
1925                 pos += ret;
1926                 first = 0;
1927         }
1928
1929         return pos - buf;
1930 }
1931
1932
1933 static int ctrl_iface_get_capability_key_mgmt(int res, char *strict,
1934                                               struct wpa_driver_capa *capa,
1935                                               char *buf, size_t buflen)
1936 {
1937         int ret;
1938         char *pos, *end;
1939         size_t len;
1940
1941         pos = buf;
1942         end = pos + buflen;
1943
1944         if (res < 0) {
1945                 if (strict)
1946                         return 0;
1947                 len = os_strlcpy(buf, "WPA-PSK WPA-EAP IEEE8021X WPA-NONE "
1948                                  "NONE", buflen);
1949                 if (len >= buflen)
1950                         return -1;
1951                 return len;
1952         }
1953
1954         ret = os_snprintf(pos, end - pos, "NONE IEEE8021X");
1955         if (ret < 0 || ret >= end - pos)
1956                 return pos - buf;
1957         pos += ret;
1958
1959         if (capa->key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1960                               WPA_DRIVER_CAPA_KEY_MGMT_WPA2)) {
1961                 ret = os_snprintf(pos, end - pos, " WPA-EAP");
1962                 if (ret < 0 || ret >= end - pos)
1963                         return pos - buf;
1964                 pos += ret;
1965         }
1966
1967         if (capa->key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
1968                               WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) {
1969                 ret = os_snprintf(pos, end - pos, " WPA-PSK");
1970                 if (ret < 0 || ret >= end - pos)
1971                         return pos - buf;
1972                 pos += ret;
1973         }
1974
1975         if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE) {
1976                 ret = os_snprintf(pos, end - pos, " WPA-NONE");
1977                 if (ret < 0 || ret >= end - pos)
1978                         return pos - buf;
1979                 pos += ret;
1980         }
1981
1982         return pos - buf;
1983 }
1984
1985
1986 static int ctrl_iface_get_capability_proto(int res, char *strict,
1987                                            struct wpa_driver_capa *capa,
1988                                            char *buf, size_t buflen)
1989 {
1990         int ret, first = 1;
1991         char *pos, *end;
1992         size_t len;
1993
1994         pos = buf;
1995         end = pos + buflen;
1996
1997         if (res < 0) {
1998                 if (strict)
1999                         return 0;
2000                 len = os_strlcpy(buf, "RSN WPA", buflen);
2001                 if (len >= buflen)
2002                         return -1;
2003                 return len;
2004         }
2005
2006         if (capa->key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
2007                               WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) {
2008                 ret = os_snprintf(pos, end - pos, "%sRSN", first ? "" : " ");
2009                 if (ret < 0 || ret >= end - pos)
2010                         return pos - buf;
2011                 pos += ret;
2012                 first = 0;
2013         }
2014
2015         if (capa->key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
2016                               WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK)) {
2017                 ret = os_snprintf(pos, end - pos, "%sWPA", first ? "" : " ");
2018                 if (ret < 0 || ret >= end - pos)
2019                         return pos - buf;
2020                 pos += ret;
2021                 first = 0;
2022         }
2023
2024         return pos - buf;
2025 }
2026
2027
2028 static int ctrl_iface_get_capability_auth_alg(int res, char *strict,
2029                                               struct wpa_driver_capa *capa,
2030                                               char *buf, size_t buflen)
2031 {
2032         int ret, first = 1;
2033         char *pos, *end;
2034         size_t len;
2035
2036         pos = buf;
2037         end = pos + buflen;
2038
2039         if (res < 0) {
2040                 if (strict)
2041                         return 0;
2042                 len = os_strlcpy(buf, "OPEN SHARED LEAP", buflen);
2043                 if (len >= buflen)
2044                         return -1;
2045                 return len;
2046         }
2047
2048         if (capa->auth & (WPA_DRIVER_AUTH_OPEN)) {
2049                 ret = os_snprintf(pos, end - pos, "%sOPEN", first ? "" : " ");
2050                 if (ret < 0 || ret >= end - pos)
2051                         return pos - buf;
2052                 pos += ret;
2053                 first = 0;
2054         }
2055
2056         if (capa->auth & (WPA_DRIVER_AUTH_SHARED)) {
2057                 ret = os_snprintf(pos, end - pos, "%sSHARED",
2058                                   first ? "" : " ");
2059                 if (ret < 0 || ret >= end - pos)
2060                         return pos - buf;
2061                 pos += ret;
2062                 first = 0;
2063         }
2064
2065         if (capa->auth & (WPA_DRIVER_AUTH_LEAP)) {
2066                 ret = os_snprintf(pos, end - pos, "%sLEAP", first ? "" : " ");
2067                 if (ret < 0 || ret >= end - pos)
2068                         return pos - buf;
2069                 pos += ret;
2070                 first = 0;
2071         }
2072
2073         return pos - buf;
2074 }
2075
2076
2077 static int wpa_supplicant_ctrl_iface_get_capability(
2078         struct wpa_supplicant *wpa_s, const char *_field, char *buf,
2079         size_t buflen)
2080 {
2081         struct wpa_driver_capa capa;
2082         int res;
2083         char *strict;
2084         char field[30];
2085         size_t len;
2086
2087         /* Determine whether or not strict checking was requested */
2088         len = os_strlcpy(field, _field, sizeof(field));
2089         if (len >= sizeof(field))
2090                 return -1;
2091         strict = os_strchr(field, ' ');
2092         if (strict != NULL) {
2093                 *strict++ = '\0';
2094                 if (os_strcmp(strict, "strict") != 0)
2095                         return -1;
2096         }
2097
2098         wpa_printf(MSG_DEBUG, "CTRL_IFACE: GET_CAPABILITY '%s' %s",
2099                 field, strict ? strict : "");
2100
2101         if (os_strcmp(field, "eap") == 0) {
2102                 return eap_get_names(buf, buflen);
2103         }
2104
2105         res = wpa_drv_get_capa(wpa_s, &capa);
2106
2107         if (os_strcmp(field, "pairwise") == 0)
2108                 return ctrl_iface_get_capability_pairwise(res, strict, &capa,
2109                                                           buf, buflen);
2110
2111         if (os_strcmp(field, "group") == 0)
2112                 return ctrl_iface_get_capability_group(res, strict, &capa,
2113                                                        buf, buflen);
2114
2115         if (os_strcmp(field, "key_mgmt") == 0)
2116                 return ctrl_iface_get_capability_key_mgmt(res, strict, &capa,
2117                                                           buf, buflen);
2118
2119         if (os_strcmp(field, "proto") == 0)
2120                 return ctrl_iface_get_capability_proto(res, strict, &capa,
2121                                                        buf, buflen);
2122
2123         if (os_strcmp(field, "auth_alg") == 0)
2124                 return ctrl_iface_get_capability_auth_alg(res, strict, &capa,
2125                                                           buf, buflen);
2126
2127         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown GET_CAPABILITY field '%s'",
2128                    field);
2129
2130         return -1;
2131 }
2132
2133
2134 #ifdef CONFIG_INTERWORKING
2135 static char * anqp_add_hex(char *pos, char *end, const char *title,
2136                            struct wpabuf *data)
2137 {
2138         char *start = pos;
2139         size_t i;
2140         int ret;
2141         const u8 *d;
2142
2143         if (data == NULL)
2144                 return start;
2145
2146         ret = os_snprintf(pos, end - pos, "%s=", title);
2147         if (ret < 0 || ret >= end - pos)
2148                 return start;
2149         pos += ret;
2150
2151         d = wpabuf_head_u8(data);
2152         for (i = 0; i < wpabuf_len(data); i++) {
2153                 ret = os_snprintf(pos, end - pos, "%02x", *d++);
2154                 if (ret < 0 || ret >= end - pos)
2155                         return start;
2156                 pos += ret;
2157         }
2158
2159         ret = os_snprintf(pos, end - pos, "\n");
2160         if (ret < 0 || ret >= end - pos)
2161                 return start;
2162         pos += ret;
2163
2164         return pos;
2165 }
2166 #endif /* CONFIG_INTERWORKING */
2167
2168
2169 static int wpa_supplicant_ctrl_iface_bss(struct wpa_supplicant *wpa_s,
2170                                          const char *cmd, char *buf,
2171                                          size_t buflen)
2172 {
2173         u8 bssid[ETH_ALEN];
2174         size_t i;
2175         struct wpa_bss *bss;
2176         int ret;
2177         char *pos, *end;
2178         const u8 *ie, *ie2;
2179
2180         if (os_strcmp(cmd, "FIRST") == 0)
2181                 bss = dl_list_first(&wpa_s->bss, struct wpa_bss, list);
2182         else if (os_strncmp(cmd, "ID-", 3) == 0) {
2183                 i = atoi(cmd + 3);
2184                 bss = wpa_bss_get_id(wpa_s, i);
2185         } else if (os_strncmp(cmd, "NEXT-", 5) == 0) {
2186                 i = atoi(cmd + 5);
2187                 bss = wpa_bss_get_id(wpa_s, i);
2188                 if (bss) {
2189                         struct dl_list *next = bss->list_id.next;
2190                         if (next == &wpa_s->bss_id)
2191                                 bss = NULL;
2192                         else
2193                                 bss = dl_list_entry(next, struct wpa_bss,
2194                                                     list_id);
2195                 }
2196         } else if (hwaddr_aton(cmd, bssid) == 0)
2197                 bss = wpa_bss_get_bssid(wpa_s, bssid);
2198         else {
2199                 struct wpa_bss *tmp;
2200                 i = atoi(cmd);
2201                 bss = NULL;
2202                 dl_list_for_each(tmp, &wpa_s->bss_id, struct wpa_bss, list_id)
2203                 {
2204                         if (i-- == 0) {
2205                                 bss = tmp;
2206                                 break;
2207                         }
2208                 }
2209         }
2210
2211         if (bss == NULL)
2212                 return 0;
2213
2214         pos = buf;
2215         end = buf + buflen;
2216         ret = os_snprintf(pos, end - pos,
2217                           "id=%u\n"
2218                           "bssid=" MACSTR "\n"
2219                           "freq=%d\n"
2220                           "beacon_int=%d\n"
2221                           "capabilities=0x%04x\n"
2222                           "qual=%d\n"
2223                           "noise=%d\n"
2224                           "level=%d\n"
2225                           "tsf=%016llu\n"
2226                           "ie=",
2227                           bss->id,
2228                           MAC2STR(bss->bssid), bss->freq, bss->beacon_int,
2229                           bss->caps, bss->qual, bss->noise, bss->level,
2230                           (unsigned long long) bss->tsf);
2231         if (ret < 0 || ret >= end - pos)
2232                 return pos - buf;
2233         pos += ret;
2234
2235         ie = (const u8 *) (bss + 1);
2236         for (i = 0; i < bss->ie_len; i++) {
2237                 ret = os_snprintf(pos, end - pos, "%02x", *ie++);
2238                 if (ret < 0 || ret >= end - pos)
2239                         return pos - buf;
2240                 pos += ret;
2241         }
2242
2243         ret = os_snprintf(pos, end - pos, "\n");
2244         if (ret < 0 || ret >= end - pos)
2245                 return pos - buf;
2246         pos += ret;
2247
2248         ret = os_snprintf(pos, end - pos, "flags=");
2249         if (ret < 0 || ret >= end - pos)
2250                 return pos - buf;
2251         pos += ret;
2252
2253         ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
2254         if (ie)
2255                 pos = wpa_supplicant_ie_txt(pos, end, "WPA", ie, 2 + ie[1]);
2256         ie2 = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2257         if (ie2)
2258                 pos = wpa_supplicant_ie_txt(pos, end, "WPA2", ie2, 2 + ie2[1]);
2259         pos = wpa_supplicant_wps_ie_txt(wpa_s, pos, end, bss);
2260         if (!ie && !ie2 && bss->caps & IEEE80211_CAP_PRIVACY) {
2261                 ret = os_snprintf(pos, end - pos, "[WEP]");
2262                 if (ret < 0 || ret >= end - pos)
2263                         return pos - buf;
2264                 pos += ret;
2265         }
2266         if (bss->caps & IEEE80211_CAP_IBSS) {
2267                 ret = os_snprintf(pos, end - pos, "[IBSS]");
2268                 if (ret < 0 || ret >= end - pos)
2269                         return pos - buf;
2270                 pos += ret;
2271         }
2272         if (bss->caps & IEEE80211_CAP_ESS) {
2273                 ret = os_snprintf(pos, end - pos, "[ESS]");
2274                 if (ret < 0 || ret >= end - pos)
2275                         return pos - buf;
2276                 pos += ret;
2277         }
2278         if (wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE)) {
2279                 ret = os_snprintf(pos, end - pos, "[P2P]");
2280                 if (ret < 0 || ret >= end - pos)
2281                         return pos - buf;
2282                 pos += ret;
2283         }
2284
2285         ret = os_snprintf(pos, end - pos, "\n");
2286         if (ret < 0 || ret >= end - pos)
2287                 return pos - buf;
2288         pos += ret;
2289
2290         ret = os_snprintf(pos, end - pos, "ssid=%s\n",
2291                           wpa_ssid_txt(bss->ssid, bss->ssid_len));
2292         if (ret < 0 || ret >= end - pos)
2293                 return pos - buf;
2294         pos += ret;
2295
2296 #ifdef CONFIG_WPS
2297         ie = (const u8 *) (bss + 1);
2298         ret = wpas_wps_scan_result_text(ie, bss->ie_len, pos, end);
2299         if (ret < 0 || ret >= end - pos)
2300                 return pos - buf;
2301         pos += ret;
2302 #endif /* CONFIG_WPS */
2303
2304 #ifdef CONFIG_P2P
2305         ie = (const u8 *) (bss + 1);
2306         ret = wpas_p2p_scan_result_text(ie, bss->ie_len, pos, end);
2307         if (ret < 0 || ret >= end - pos)
2308                 return pos - buf;
2309         pos += ret;
2310 #endif /* CONFIG_P2P */
2311
2312 #ifdef CONFIG_INTERWORKING
2313         pos = anqp_add_hex(pos, end, "anqp_venue_name", bss->anqp_venue_name);
2314         pos = anqp_add_hex(pos, end, "anqp_network_auth_type",
2315                            bss->anqp_network_auth_type);
2316         pos = anqp_add_hex(pos, end, "anqp_roaming_consortium",
2317                            bss->anqp_roaming_consortium);
2318         pos = anqp_add_hex(pos, end, "anqp_ip_addr_type_availability",
2319                            bss->anqp_ip_addr_type_availability);
2320         pos = anqp_add_hex(pos, end, "anqp_nai_realm", bss->anqp_nai_realm);
2321         pos = anqp_add_hex(pos, end, "anqp_3gpp", bss->anqp_3gpp);
2322         pos = anqp_add_hex(pos, end, "anqp_domain_name",
2323                            bss->anqp_domain_name);
2324 #endif /* CONFIG_INTERWORKING */
2325
2326         return pos - buf;
2327 }
2328
2329
2330 static int wpa_supplicant_ctrl_iface_ap_scan(
2331         struct wpa_supplicant *wpa_s, char *cmd)
2332 {
2333         int ap_scan = atoi(cmd);
2334         return wpa_supplicant_set_ap_scan(wpa_s, ap_scan);
2335 }
2336
2337
2338 static int wpa_supplicant_ctrl_iface_scan_interval(
2339         struct wpa_supplicant *wpa_s, char *cmd)
2340 {
2341         int scan_int = atoi(cmd);
2342         if (scan_int < 0)
2343                 return -1;
2344         wpa_s->scan_interval = scan_int;
2345         return 0;
2346 }
2347
2348
2349 static int wpa_supplicant_ctrl_iface_bss_expire_age(
2350         struct wpa_supplicant *wpa_s, char *cmd)
2351 {
2352         int expire_age = atoi(cmd);
2353         return wpa_supplicant_set_bss_expiration_age(wpa_s, expire_age);
2354 }
2355
2356
2357 static int wpa_supplicant_ctrl_iface_bss_expire_count(
2358         struct wpa_supplicant *wpa_s, char *cmd)
2359 {
2360         int expire_count = atoi(cmd);
2361         return wpa_supplicant_set_bss_expiration_count(wpa_s, expire_count);
2362 }
2363
2364
2365 static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s)
2366 {
2367         wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication");
2368         /* MLME-DELETEKEYS.request */
2369         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
2370         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
2371         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
2372         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
2373 #ifdef CONFIG_IEEE80211W
2374         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
2375         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
2376 #endif /* CONFIG_IEEE80211W */
2377
2378         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL,
2379                         0);
2380         /* MLME-SETPROTECTION.request(None) */
2381         wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid,
2382                                    MLME_SETPROTECTION_PROTECT_TYPE_NONE,
2383                                    MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
2384         wpa_sm_drop_sa(wpa_s->wpa);
2385 }
2386
2387
2388 static int wpa_supplicant_ctrl_iface_roam(struct wpa_supplicant *wpa_s,
2389                                           char *addr)
2390 {
2391         u8 bssid[ETH_ALEN];
2392         struct wpa_bss *bss;
2393         struct wpa_ssid *ssid = wpa_s->current_ssid;
2394
2395         if (hwaddr_aton(addr, bssid)) {
2396                 wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM: invalid "
2397                            "address '%s'", addr);
2398                 return -1;
2399         }
2400
2401         wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM " MACSTR, MAC2STR(bssid));
2402
2403         bss = wpa_bss_get_bssid(wpa_s, bssid);
2404         if (!bss) {
2405                 wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM: Target AP not found "
2406                            "from BSS table");
2407                 return -1;
2408         }
2409
2410         /*
2411          * TODO: Find best network configuration block from configuration to
2412          * allow roaming to other networks
2413          */
2414
2415         if (!ssid) {
2416                 wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM: No network "
2417                            "configuration known for the target AP");
2418                 return -1;
2419         }
2420
2421         wpa_s->reassociate = 1;
2422         wpa_supplicant_connect(wpa_s, bss, ssid);
2423
2424         return 0;
2425 }
2426
2427
2428 #ifdef CONFIG_P2P
2429 static int p2p_ctrl_find(struct wpa_supplicant *wpa_s, char *cmd)
2430 {
2431         unsigned int timeout = atoi(cmd);
2432         enum p2p_discovery_type type = P2P_FIND_START_WITH_FULL;
2433
2434         if (os_strstr(cmd, "type=social"))
2435                 type = P2P_FIND_ONLY_SOCIAL;
2436         else if (os_strstr(cmd, "type=progressive"))
2437                 type = P2P_FIND_PROGRESSIVE;
2438
2439         return wpas_p2p_find(wpa_s, timeout, type, 0, NULL);
2440 }
2441
2442
2443 static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd,
2444                             char *buf, size_t buflen)
2445 {
2446         u8 addr[ETH_ALEN];
2447         char *pos, *pos2;
2448         char *pin = NULL;
2449         enum p2p_wps_method wps_method;
2450         int new_pin;
2451         int ret;
2452         int persistent_group;
2453         int join;
2454         int auth;
2455         int go_intent = -1;
2456         int freq = 0;
2457
2458         /* <addr> <"pbc" | "pin" | PIN> [label|display|keypad] [persistent]
2459          * [join] [auth] [go_intent=<0..15>] [freq=<in MHz>] */
2460
2461         if (hwaddr_aton(cmd, addr))
2462                 return -1;
2463
2464         pos = cmd + 17;
2465         if (*pos != ' ')
2466                 return -1;
2467         pos++;
2468
2469         persistent_group = os_strstr(pos, " persistent") != NULL;
2470         join = os_strstr(pos, " join") != NULL;
2471         auth = os_strstr(pos, " auth") != NULL;
2472
2473         pos2 = os_strstr(pos, " go_intent=");
2474         if (pos2) {
2475                 pos2 += 11;
2476                 go_intent = atoi(pos2);
2477                 if (go_intent < 0 || go_intent > 15)
2478                         return -1;
2479         }
2480
2481         pos2 = os_strstr(pos, " freq=");
2482         if (pos2) {
2483                 pos2 += 6;
2484                 freq = atoi(pos2);
2485                 if (freq <= 0)
2486                         return -1;
2487         }
2488
2489         if (os_strncmp(pos, "pin", 3) == 0) {
2490                 /* Request random PIN (to be displayed) and enable the PIN */
2491                 wps_method = WPS_PIN_DISPLAY;
2492         } else if (os_strncmp(pos, "pbc", 3) == 0) {
2493                 wps_method = WPS_PBC;
2494         } else {
2495                 pin = pos;
2496                 pos = os_strchr(pin, ' ');
2497                 wps_method = WPS_PIN_KEYPAD;
2498                 if (pos) {
2499                         *pos++ = '\0';
2500                         if (os_strncmp(pos, "display", 7) == 0)
2501                                 wps_method = WPS_PIN_DISPLAY;
2502                 }
2503         }
2504
2505         new_pin = wpas_p2p_connect(wpa_s, addr, pin, wps_method,
2506                                    persistent_group, join, auth, go_intent,
2507                                    freq);
2508         if (new_pin == -2) {
2509                 os_memcpy(buf, "FAIL-CHANNEL-UNAVAILABLE\n", 25);
2510                 return 25;
2511         }
2512         if (new_pin == -3) {
2513                 os_memcpy(buf, "FAIL-CHANNEL-UNSUPPORTED\n", 25);
2514                 return 25;
2515         }
2516         if (new_pin < 0)
2517                 return -1;
2518         if (wps_method == WPS_PIN_DISPLAY && pin == NULL) {
2519                 ret = os_snprintf(buf, buflen, "%08d", new_pin);
2520                 if (ret < 0 || (size_t) ret >= buflen)
2521                         return -1;
2522                 return ret;
2523         }
2524
2525         os_memcpy(buf, "OK\n", 3);
2526         return 3;
2527 }
2528
2529
2530 static int p2p_ctrl_listen(struct wpa_supplicant *wpa_s, char *cmd)
2531 {
2532         unsigned int timeout = atoi(cmd);
2533         return wpas_p2p_listen(wpa_s, timeout);
2534 }
2535
2536
2537 static int p2p_ctrl_prov_disc(struct wpa_supplicant *wpa_s, char *cmd)
2538 {
2539         u8 addr[ETH_ALEN];
2540         char *pos;
2541
2542         /* <addr> <config method> */
2543
2544         if (hwaddr_aton(cmd, addr))
2545                 return -1;
2546
2547         pos = cmd + 17;
2548         if (*pos != ' ')
2549                 return -1;
2550         pos++;
2551
2552         return wpas_p2p_prov_disc(wpa_s, addr, pos);
2553 }
2554
2555
2556 static int p2p_get_passphrase(struct wpa_supplicant *wpa_s, char *buf,
2557                               size_t buflen)
2558 {
2559         struct wpa_ssid *ssid = wpa_s->current_ssid;
2560
2561         if (ssid == NULL || ssid->mode != WPAS_MODE_P2P_GO ||
2562             ssid->passphrase == NULL)
2563                 return -1;
2564
2565         os_strlcpy(buf, ssid->passphrase, buflen);
2566         return os_strlen(buf);
2567 }
2568
2569
2570 static int p2p_ctrl_serv_disc_req(struct wpa_supplicant *wpa_s, char *cmd,
2571                                   char *buf, size_t buflen)
2572 {
2573         u64 ref;
2574         int res;
2575         u8 dst_buf[ETH_ALEN], *dst;
2576         struct wpabuf *tlvs;
2577         char *pos;
2578         size_t len;
2579
2580         if (hwaddr_aton(cmd, dst_buf))
2581                 return -1;
2582         dst = dst_buf;
2583         if (dst[0] == 0 && dst[1] == 0 && dst[2] == 0 &&
2584             dst[3] == 0 && dst[4] == 0 && dst[5] == 0)
2585                 dst = NULL;
2586         pos = cmd + 17;
2587         if (*pos != ' ')
2588                 return -1;
2589         pos++;
2590
2591         if (os_strncmp(pos, "upnp ", 5) == 0) {
2592                 u8 version;
2593                 pos += 5;
2594                 if (hexstr2bin(pos, &version, 1) < 0)
2595                         return -1;
2596                 pos += 2;
2597                 if (*pos != ' ')
2598                         return -1;
2599                 pos++;
2600                 ref = (unsigned long) wpas_p2p_sd_request_upnp(wpa_s, dst,
2601                                                                version, pos);
2602         } else {
2603                 len = os_strlen(pos);
2604                 if (len & 1)
2605                         return -1;
2606                 len /= 2;
2607                 tlvs = wpabuf_alloc(len);
2608                 if (tlvs == NULL)
2609                         return -1;
2610                 if (hexstr2bin(pos, wpabuf_put(tlvs, len), len) < 0) {
2611                         wpabuf_free(tlvs);
2612                         return -1;
2613                 }
2614
2615                 ref = (unsigned long) wpas_p2p_sd_request(wpa_s, dst, tlvs);
2616                 wpabuf_free(tlvs);
2617         }
2618         res = os_snprintf(buf, buflen, "%llx", (long long unsigned) ref);
2619         if (res < 0 || (unsigned) res >= buflen)
2620                 return -1;
2621         return res;
2622 }
2623
2624
2625 static int p2p_ctrl_serv_disc_cancel_req(struct wpa_supplicant *wpa_s,
2626                                          char *cmd)
2627 {
2628         long long unsigned val;
2629         u64 req;
2630         if (sscanf(cmd, "%llx", &val) != 1)
2631                 return -1;
2632         req = val;
2633         return wpas_p2p_sd_cancel_request(wpa_s, (void *) (unsigned long) req);
2634 }
2635
2636
2637 static int p2p_ctrl_serv_disc_resp(struct wpa_supplicant *wpa_s, char *cmd)
2638 {
2639         int freq;
2640         u8 dst[ETH_ALEN];
2641         u8 dialog_token;
2642         struct wpabuf *resp_tlvs;
2643         char *pos, *pos2;
2644         size_t len;
2645
2646         pos = os_strchr(cmd, ' ');
2647         if (pos == NULL)
2648                 return -1;
2649         *pos++ = '\0';
2650         freq = atoi(cmd);
2651         if (freq == 0)
2652                 return -1;
2653
2654         if (hwaddr_aton(pos, dst))
2655                 return -1;
2656         pos += 17;
2657         if (*pos != ' ')
2658                 return -1;
2659         pos++;
2660
2661         pos2 = os_strchr(pos, ' ');
2662         if (pos2 == NULL)
2663                 return -1;
2664         *pos2++ = '\0';
2665         dialog_token = atoi(pos);
2666
2667         len = os_strlen(pos2);
2668         if (len & 1)
2669                 return -1;
2670         len /= 2;
2671         resp_tlvs = wpabuf_alloc(len);
2672         if (resp_tlvs == NULL)
2673                 return -1;
2674         if (hexstr2bin(pos2, wpabuf_put(resp_tlvs, len), len) < 0) {
2675                 wpabuf_free(resp_tlvs);
2676                 return -1;
2677         }
2678
2679         wpas_p2p_sd_response(wpa_s, freq, dst, dialog_token, resp_tlvs);
2680         wpabuf_free(resp_tlvs);
2681         return 0;
2682 }
2683
2684
2685 static int p2p_ctrl_serv_disc_external(struct wpa_supplicant *wpa_s,
2686                                        char *cmd)
2687 {
2688         wpa_s->p2p_sd_over_ctrl_iface = atoi(cmd);
2689         return 0;
2690 }
2691
2692
2693 static int p2p_ctrl_service_add_bonjour(struct wpa_supplicant *wpa_s,
2694                                         char *cmd)
2695 {
2696         char *pos;
2697         size_t len;
2698         struct wpabuf *query, *resp;
2699
2700         pos = os_strchr(cmd, ' ');
2701         if (pos == NULL)
2702                 return -1;
2703         *pos++ = '\0';
2704
2705         len = os_strlen(cmd);
2706         if (len & 1)
2707                 return -1;
2708         len /= 2;
2709         query = wpabuf_alloc(len);
2710         if (query == NULL)
2711                 return -1;
2712         if (hexstr2bin(cmd, wpabuf_put(query, len), len) < 0) {
2713                 wpabuf_free(query);
2714                 return -1;
2715         }
2716
2717         len = os_strlen(pos);
2718         if (len & 1) {
2719                 wpabuf_free(query);
2720                 return -1;
2721         }
2722         len /= 2;
2723         resp = wpabuf_alloc(len);
2724         if (resp == NULL) {
2725                 wpabuf_free(query);
2726                 return -1;
2727         }
2728         if (hexstr2bin(pos, wpabuf_put(resp, len), len) < 0) {
2729                 wpabuf_free(query);
2730                 wpabuf_free(resp);
2731                 return -1;
2732         }
2733
2734         if (wpas_p2p_service_add_bonjour(wpa_s, query, resp) < 0) {
2735                 wpabuf_free(query);
2736                 wpabuf_free(resp);
2737                 return -1;
2738         }
2739         return 0;
2740 }
2741
2742
2743 static int p2p_ctrl_service_add_upnp(struct wpa_supplicant *wpa_s, char *cmd)
2744 {
2745         char *pos;
2746         u8 version;
2747
2748         pos = os_strchr(cmd, ' ');
2749         if (pos == NULL)
2750                 return -1;
2751         *pos++ = '\0';
2752
2753         if (hexstr2bin(cmd, &version, 1) < 0)
2754                 return -1;
2755
2756         return wpas_p2p_service_add_upnp(wpa_s, version, pos);
2757 }
2758
2759
2760 static int p2p_ctrl_service_add(struct wpa_supplicant *wpa_s, char *cmd)
2761 {
2762         char *pos;
2763
2764         pos = os_strchr(cmd, ' ');
2765         if (pos == NULL)
2766                 return -1;
2767         *pos++ = '\0';
2768
2769         if (os_strcmp(cmd, "bonjour") == 0)
2770                 return p2p_ctrl_service_add_bonjour(wpa_s, pos);
2771         if (os_strcmp(cmd, "upnp") == 0)
2772                 return p2p_ctrl_service_add_upnp(wpa_s, pos);
2773         wpa_printf(MSG_DEBUG, "Unknown service '%s'", cmd);
2774         return -1;
2775 }
2776
2777
2778 static int p2p_ctrl_service_del_bonjour(struct wpa_supplicant *wpa_s,
2779                                         char *cmd)
2780 {
2781         size_t len;
2782         struct wpabuf *query;
2783         int ret;
2784
2785         len = os_strlen(cmd);
2786         if (len & 1)
2787                 return -1;
2788         len /= 2;
2789         query = wpabuf_alloc(len);
2790         if (query == NULL)
2791                 return -1;
2792         if (hexstr2bin(cmd, wpabuf_put(query, len), len) < 0) {
2793                 wpabuf_free(query);
2794                 return -1;
2795         }
2796
2797         ret = wpas_p2p_service_del_bonjour(wpa_s, query);
2798         wpabuf_free(query);
2799         return ret;
2800 }
2801
2802
2803 static int p2p_ctrl_service_del_upnp(struct wpa_supplicant *wpa_s, char *cmd)
2804 {
2805         char *pos;
2806         u8 version;
2807
2808         pos = os_strchr(cmd, ' ');
2809         if (pos == NULL)
2810                 return -1;
2811         *pos++ = '\0';
2812
2813         if (hexstr2bin(cmd, &version, 1) < 0)
2814                 return -1;
2815
2816         return wpas_p2p_service_del_upnp(wpa_s, version, pos);
2817 }
2818
2819
2820 static int p2p_ctrl_service_del(struct wpa_supplicant *wpa_s, char *cmd)
2821 {
2822         char *pos;
2823
2824         pos = os_strchr(cmd, ' ');
2825         if (pos == NULL)
2826                 return -1;
2827         *pos++ = '\0';
2828
2829         if (os_strcmp(cmd, "bonjour") == 0)
2830                 return p2p_ctrl_service_del_bonjour(wpa_s, pos);
2831         if (os_strcmp(cmd, "upnp") == 0)
2832                 return p2p_ctrl_service_del_upnp(wpa_s, pos);
2833         wpa_printf(MSG_DEBUG, "Unknown service '%s'", cmd);
2834         return -1;
2835 }
2836
2837
2838 static int p2p_ctrl_reject(struct wpa_supplicant *wpa_s, char *cmd)
2839 {
2840         u8 addr[ETH_ALEN];
2841
2842         /* <addr> */
2843
2844         if (hwaddr_aton(cmd, addr))
2845                 return -1;
2846
2847         return wpas_p2p_reject(wpa_s, addr);
2848 }
2849
2850
2851 static int p2p_ctrl_invite_persistent(struct wpa_supplicant *wpa_s, char *cmd)
2852 {
2853         char *pos;
2854         int id;
2855         struct wpa_ssid *ssid;
2856         u8 peer[ETH_ALEN];
2857
2858         id = atoi(cmd);
2859         pos = os_strstr(cmd, " peer=");
2860         if (pos) {
2861                 pos += 6;
2862                 if (hwaddr_aton(pos, peer))
2863                         return -1;
2864         }
2865         ssid = wpa_config_get_network(wpa_s->conf, id);
2866         if (ssid == NULL || ssid->disabled != 2) {
2867                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find SSID id=%d "
2868                            "for persistent P2P group",
2869                            id);
2870                 return -1;
2871         }
2872
2873         return wpas_p2p_invite(wpa_s, pos ? peer : NULL, ssid, NULL);
2874 }
2875
2876
2877 static int p2p_ctrl_invite_group(struct wpa_supplicant *wpa_s, char *cmd)
2878 {
2879         char *pos;
2880         u8 peer[ETH_ALEN], go_dev_addr[ETH_ALEN], *go_dev = NULL;
2881
2882         pos = os_strstr(cmd, " peer=");
2883         if (!pos)
2884                 return -1;
2885
2886         *pos = '\0';
2887         pos += 6;
2888         if (hwaddr_aton(pos, peer)) {
2889                 wpa_printf(MSG_DEBUG, "P2P: Invalid MAC address '%s'", pos);
2890                 return -1;
2891         }
2892
2893         pos = os_strstr(pos, " go_dev_addr=");
2894         if (pos) {
2895                 pos += 13;
2896                 if (hwaddr_aton(pos, go_dev_addr)) {
2897                         wpa_printf(MSG_DEBUG, "P2P: Invalid MAC address '%s'",
2898                                    pos);
2899                         return -1;
2900                 }
2901                 go_dev = go_dev_addr;
2902         }
2903
2904         return wpas_p2p_invite_group(wpa_s, cmd, peer, go_dev);
2905 }
2906
2907
2908 static int p2p_ctrl_invite(struct wpa_supplicant *wpa_s, char *cmd)
2909 {
2910         if (os_strncmp(cmd, "persistent=", 11) == 0)
2911                 return p2p_ctrl_invite_persistent(wpa_s, cmd + 11);
2912         if (os_strncmp(cmd, "group=", 6) == 0)
2913                 return p2p_ctrl_invite_group(wpa_s, cmd + 6);
2914
2915         return -1;
2916 }
2917
2918
2919 static int p2p_ctrl_group_add_persistent(struct wpa_supplicant *wpa_s,
2920                                          char *cmd, int freq)
2921 {
2922         int id;
2923         struct wpa_ssid *ssid;
2924
2925         id = atoi(cmd);
2926         ssid = wpa_config_get_network(wpa_s->conf, id);
2927         if (ssid == NULL || ssid->disabled != 2) {
2928                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find SSID id=%d "
2929                            "for persistent P2P group",
2930                            id);
2931                 return -1;
2932         }
2933
2934         return wpas_p2p_group_add_persistent(wpa_s, ssid, 0, freq);
2935 }
2936
2937
2938 static int p2p_ctrl_group_add(struct wpa_supplicant *wpa_s, char *cmd)
2939 {
2940         int freq = 0;
2941         char *pos;
2942
2943         pos = os_strstr(cmd, "freq=");
2944         if (pos)
2945                 freq = atoi(pos + 5);
2946
2947         if (os_strncmp(cmd, "persistent=", 11) == 0)
2948                 return p2p_ctrl_group_add_persistent(wpa_s, cmd + 11, freq);
2949         if (os_strcmp(cmd, "persistent") == 0 ||
2950             os_strncmp(cmd, "persistent ", 11) == 0)
2951                 return wpas_p2p_group_add(wpa_s, 1, freq);
2952         if (os_strncmp(cmd, "freq=", 5) == 0)
2953                 return wpas_p2p_group_add(wpa_s, 0, freq);
2954
2955         wpa_printf(MSG_DEBUG, "CTRL: Invalid P2P_GROUP_ADD parameters '%s'",
2956                    cmd);
2957         return -1;
2958 }
2959
2960
2961 static int p2p_ctrl_peer(struct wpa_supplicant *wpa_s, char *cmd,
2962                          char *buf, size_t buflen)
2963 {
2964         u8 addr[ETH_ALEN], *addr_ptr;
2965         int next;
2966
2967         if (!wpa_s->global->p2p)
2968                 return -1;
2969
2970         if (os_strcmp(cmd, "FIRST") == 0) {
2971                 addr_ptr = NULL;
2972                 next = 0;
2973         } else if (os_strncmp(cmd, "NEXT-", 5) == 0) {
2974                 if (hwaddr_aton(cmd + 5, addr) < 0)
2975                         return -1;
2976                 addr_ptr = addr;
2977                 next = 1;
2978         } else {
2979                 if (hwaddr_aton(cmd, addr) < 0)
2980                         return -1;
2981                 addr_ptr = addr;
2982                 next = 0;
2983         }
2984
2985         return p2p_get_peer_info(wpa_s->global->p2p, addr_ptr, next,
2986                                  buf, buflen);
2987 }
2988
2989
2990 static int p2p_ctrl_set(struct wpa_supplicant *wpa_s, char *cmd)
2991 {
2992         char *param;
2993
2994         if (wpa_s->global->p2p == NULL)
2995                 return -1;
2996
2997         param = os_strchr(cmd, ' ');
2998         if (param == NULL)
2999                 return -1;
3000         *param++ = '\0';
3001
3002         if (os_strcmp(cmd, "discoverability") == 0) {
3003                 p2p_set_client_discoverability(wpa_s->global->p2p,
3004                                                atoi(param));
3005                 return 0;
3006         }
3007
3008         if (os_strcmp(cmd, "managed") == 0) {
3009                 p2p_set_managed_oper(wpa_s->global->p2p, atoi(param));
3010                 return 0;
3011         }
3012
3013         if (os_strcmp(cmd, "listen_channel") == 0) {
3014                 return p2p_set_listen_channel(wpa_s->global->p2p, 81,
3015                                               atoi(param));
3016         }
3017
3018         if (os_strcmp(cmd, "ssid_postfix") == 0) {
3019                 return p2p_set_ssid_postfix(wpa_s->global->p2p, (u8 *) param,
3020                                             os_strlen(param));
3021         }
3022
3023         if (os_strcmp(cmd, "noa") == 0) {
3024                 char *pos;
3025                 int count, start, duration;
3026                 /* GO NoA parameters: count,start_offset(ms),duration(ms) */
3027                 count = atoi(param);
3028                 pos = os_strchr(param, ',');
3029                 if (pos == NULL)
3030                         return -1;
3031                 pos++;
3032                 start = atoi(pos);
3033                 pos = os_strchr(pos, ',');
3034                 if (pos == NULL)
3035                         return -1;
3036                 pos++;
3037                 duration = atoi(pos);
3038                 if (count < 0 || count > 255 || start < 0 || duration < 0)
3039                         return -1;
3040                 if (count == 0 && duration > 0)
3041                         return -1;
3042                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: P2P_SET GO NoA: count=%d "
3043                            "start=%d duration=%d", count, start, duration);
3044                 return wpas_p2p_set_noa(wpa_s, count, start, duration);
3045         }
3046
3047         if (os_strcmp(cmd, "ps") == 0)
3048                 return wpa_drv_set_p2p_powersave(wpa_s, atoi(param), -1, -1);
3049
3050         if (os_strcmp(cmd, "oppps") == 0)
3051                 return wpa_drv_set_p2p_powersave(wpa_s, -1, atoi(param), -1);
3052
3053         if (os_strcmp(cmd, "ctwindow") == 0)
3054                 return wpa_drv_set_p2p_powersave(wpa_s, -1, -1, atoi(param));
3055
3056         if (os_strcmp(cmd, "disabled") == 0) {
3057                 wpa_s->global->p2p_disabled = atoi(param);
3058                 wpa_printf(MSG_DEBUG, "P2P functionality %s",
3059                            wpa_s->global->p2p_disabled ?
3060                            "disabled" : "enabled");
3061                 if (wpa_s->global->p2p_disabled) {
3062                         wpas_p2p_stop_find(wpa_s);
3063                         os_memset(wpa_s->p2p_auth_invite, 0, ETH_ALEN);
3064                         p2p_flush(wpa_s->global->p2p);
3065                 }
3066                 return 0;
3067         }
3068
3069         if (os_strcmp(cmd, "force_long_sd") == 0) {
3070                 wpa_s->force_long_sd = atoi(param);
3071                 return 0;
3072         }
3073
3074         if (os_strcmp(cmd, "peer_filter") == 0) {
3075                 u8 addr[ETH_ALEN];
3076                 if (hwaddr_aton(param, addr))
3077                         return -1;
3078                 p2p_set_peer_filter(wpa_s->global->p2p, addr);
3079                 return 0;
3080         }
3081
3082         if (os_strcmp(cmd, "cross_connect") == 0)
3083                 return wpas_p2p_set_cross_connect(wpa_s, atoi(param));
3084
3085         if (os_strcmp(cmd, "go_apsd") == 0) {
3086                 if (os_strcmp(param, "disable") == 0)
3087                         wpa_s->set_ap_uapsd = 0;
3088                 else {
3089                         wpa_s->set_ap_uapsd = 1;
3090                         wpa_s->ap_uapsd = atoi(param);
3091                 }
3092                 return 0;
3093         }
3094
3095         if (os_strcmp(cmd, "client_apsd") == 0) {
3096                 if (os_strcmp(param, "disable") == 0)
3097                         wpa_s->set_sta_uapsd = 0;
3098                 else {
3099                         int be, bk, vi, vo;
3100                         char *pos;
3101                         /* format: BE,BK,VI,VO;max SP Length */
3102                         be = atoi(param);
3103                         pos = os_strchr(param, ',');
3104                         if (pos == NULL)
3105                                 return -1;
3106                         pos++;
3107                         bk = atoi(pos);
3108                         pos = os_strchr(pos, ',');
3109                         if (pos == NULL)
3110                                 return -1;
3111                         pos++;
3112                         vi = atoi(pos);
3113                         pos = os_strchr(pos, ',');
3114                         if (pos == NULL)
3115                                 return -1;
3116                         pos++;
3117                         vo = atoi(pos);
3118                         /* ignore max SP Length for now */
3119
3120                         wpa_s->set_sta_uapsd = 1;
3121                         wpa_s->sta_uapsd = 0;
3122                         if (be)
3123                                 wpa_s->sta_uapsd |= BIT(0);
3124                         if (bk)
3125                                 wpa_s->sta_uapsd |= BIT(1);
3126                         if (vi)
3127                                 wpa_s->sta_uapsd |= BIT(2);
3128                         if (vo)
3129                                 wpa_s->sta_uapsd |= BIT(3);
3130                 }
3131                 return 0;
3132         }
3133
3134         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown P2P_SET field value '%s'",
3135                    cmd);
3136
3137         return -1;
3138 }
3139
3140
3141 static int p2p_ctrl_presence_req(struct wpa_supplicant *wpa_s, char *cmd)
3142 {
3143         char *pos, *pos2;
3144         unsigned int dur1 = 0, int1 = 0, dur2 = 0, int2 = 0;
3145
3146         if (cmd[0]) {
3147                 pos = os_strchr(cmd, ' ');
3148                 if (pos == NULL)
3149                         return -1;
3150                 *pos++ = '\0';
3151                 dur1 = atoi(cmd);
3152
3153                 pos2 = os_strchr(pos, ' ');
3154                 if (pos2)
3155                         *pos2++ = '\0';
3156                 int1 = atoi(pos);
3157         } else
3158                 pos2 = NULL;
3159
3160         if (pos2) {
3161                 pos = os_strchr(pos2, ' ');
3162                 if (pos == NULL)
3163                         return -1;
3164                 *pos++ = '\0';
3165                 dur2 = atoi(pos2);
3166                 int2 = atoi(pos);
3167         }
3168
3169         return wpas_p2p_presence_req(wpa_s, dur1, int1, dur2, int2);
3170 }
3171
3172
3173 static int p2p_ctrl_ext_listen(struct wpa_supplicant *wpa_s, char *cmd)
3174 {
3175         char *pos;
3176         unsigned int period = 0, interval = 0;
3177
3178         if (cmd[0]) {
3179                 pos = os_strchr(cmd, ' ');
3180                 if (pos == NULL)
3181                         return -1;
3182                 *pos++ = '\0';
3183                 period = atoi(cmd);
3184                 interval = atoi(pos);
3185         }
3186
3187         return wpas_p2p_ext_listen(wpa_s, period, interval);
3188 }
3189
3190 #endif /* CONFIG_P2P */
3191
3192
3193 #ifdef CONFIG_INTERWORKING
3194 static int ctrl_interworking_connect(struct wpa_supplicant *wpa_s, char *dst)
3195 {
3196         u8 bssid[ETH_ALEN];
3197         struct wpa_bss *bss;
3198
3199         if (hwaddr_aton(dst, bssid)) {
3200                 wpa_printf(MSG_DEBUG, "Invalid BSSID '%s'", dst);
3201                 return -1;
3202         }
3203
3204         bss = wpa_bss_get_bssid(wpa_s, bssid);
3205         if (bss == NULL) {
3206                 wpa_printf(MSG_DEBUG, "Could not find BSS " MACSTR,
3207                            MAC2STR(bssid));
3208                 return -1;
3209         }
3210
3211         return interworking_connect(wpa_s, bss);
3212 }
3213
3214
3215 static int get_anqp(struct wpa_supplicant *wpa_s, char *dst)
3216 {
3217         u8 dst_addr[ETH_ALEN];
3218         int used;
3219         char *pos;
3220 #define MAX_ANQP_INFO_ID 100
3221         u16 id[MAX_ANQP_INFO_ID];
3222         size_t num_id = 0;
3223
3224         used = hwaddr_aton2(dst, dst_addr);
3225         if (used < 0)
3226                 return -1;
3227         pos = dst + used;
3228         while (num_id < MAX_ANQP_INFO_ID) {
3229                 id[num_id] = atoi(pos);
3230                 if (id[num_id])
3231                         num_id++;
3232                 pos = os_strchr(pos + 1, ',');
3233                 if (pos == NULL)
3234                         break;
3235                 pos++;
3236         }
3237
3238         if (num_id == 0)
3239                 return -1;
3240
3241         return anqp_send_req(wpa_s, dst_addr, id, num_id);
3242 }
3243 #endif /* CONFIG_INTERWORKING */
3244
3245
3246 static int wpa_supplicant_ctrl_iface_sta_autoconnect(
3247         struct wpa_supplicant *wpa_s, char *cmd)
3248 {
3249         wpa_s->auto_reconnect_disabled = atoi(cmd) == 0 ? 1 : 0;
3250         return 0;
3251 }
3252
3253
3254 static int wpa_supplicant_signal_poll(struct wpa_supplicant *wpa_s, char *buf,
3255                                       size_t buflen)
3256 {
3257         struct wpa_signal_info si;
3258         int ret;
3259
3260         ret = wpa_drv_signal_poll(wpa_s, &si);
3261         if (ret)
3262                 return -1;
3263
3264         ret = os_snprintf(buf, buflen, "RSSI=%d\nLINKSPEED=%d\n"
3265                           "NOISE=%d\nFREQUENCY=%u\n",
3266                           si.current_signal, si.current_txrate / 1000,
3267                           si.current_noise, si.frequency);
3268         if (ret < 0 || (unsigned int) ret > buflen)
3269                 return -1;
3270         return ret;
3271 }
3272
3273
3274 char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
3275                                          char *buf, size_t *resp_len)
3276 {
3277         char *reply;
3278         const int reply_size = 4096;
3279         int ctrl_rsp = 0;
3280         int reply_len;
3281
3282         if (os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0 ||
3283             os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
3284                 wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
3285                                       (const u8 *) buf, os_strlen(buf));
3286         } else {
3287                 int level = MSG_DEBUG;
3288                 if (os_strcmp(buf, "PING") == 0)
3289                         level = MSG_EXCESSIVE;
3290                 wpa_hexdump_ascii(level, "RX ctrl_iface",
3291                                   (const u8 *) buf, os_strlen(buf));
3292         }
3293
3294         reply = os_malloc(reply_size);
3295         if (reply == NULL) {
3296                 *resp_len = 1;
3297                 return NULL;
3298         }
3299
3300         os_memcpy(reply, "OK\n", 3);
3301         reply_len = 3;
3302
3303         if (os_strcmp(buf, "PING") == 0) {
3304                 os_memcpy(reply, "PONG\n", 5);
3305                 reply_len = 5;
3306         } else if (os_strncmp(buf, "RELOG", 5) == 0) {
3307                 if (wpa_debug_reopen_file() < 0)
3308                         reply_len = -1;
3309         } else if (os_strncmp(buf, "NOTE ", 5) == 0) {
3310                 wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
3311         } else if (os_strcmp(buf, "MIB") == 0) {
3312                 reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
3313                 if (reply_len >= 0) {
3314                         int res;
3315                         res = eapol_sm_get_mib(wpa_s->eapol, reply + reply_len,
3316                                                reply_size - reply_len);
3317                         if (res < 0)
3318                                 reply_len = -1;
3319                         else
3320                                 reply_len += res;
3321                 }
3322         } else if (os_strncmp(buf, "STATUS", 6) == 0) {
3323                 reply_len = wpa_supplicant_ctrl_iface_status(
3324                         wpa_s, buf + 6, reply, reply_size);
3325         } else if (os_strcmp(buf, "PMKSA") == 0) {
3326                 reply_len = wpa_sm_pmksa_cache_list(wpa_s->wpa, reply,
3327                                                     reply_size);
3328         } else if (os_strncmp(buf, "SET ", 4) == 0) {
3329                 if (wpa_supplicant_ctrl_iface_set(wpa_s, buf + 4))
3330                         reply_len = -1;
3331         } else if (os_strncmp(buf, "GET ", 4) == 0) {
3332                 reply_len = wpa_supplicant_ctrl_iface_get(wpa_s, buf + 4,
3333                                                           reply, reply_size);
3334         } else if (os_strcmp(buf, "LOGON") == 0) {
3335                 eapol_sm_notify_logoff(wpa_s->eapol, FALSE);
3336         } else if (os_strcmp(buf, "LOGOFF") == 0) {
3337                 eapol_sm_notify_logoff(wpa_s->eapol, TRUE);
3338         } else if (os_strcmp(buf, "REASSOCIATE") == 0) {
3339                 wpa_s->normal_scans = 0;
3340                 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
3341                         reply_len = -1;
3342                 else {
3343                         wpa_s->disconnected = 0;
3344                         wpa_s->reassociate = 1;
3345                         wpa_supplicant_req_scan(wpa_s, 0, 0);
3346                 }
3347         } else if (os_strcmp(buf, "RECONNECT") == 0) {
3348                 wpa_s->normal_scans = 0;
3349                 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
3350                         reply_len = -1;
3351                 else if (wpa_s->disconnected) {
3352                         wpa_s->disconnected = 0;
3353                         wpa_s->reassociate = 1;
3354                         wpa_supplicant_req_scan(wpa_s, 0, 0);
3355                 }
3356 #ifdef IEEE8021X_EAPOL
3357         } else if (os_strncmp(buf, "PREAUTH ", 8) == 0) {
3358                 if (wpa_supplicant_ctrl_iface_preauth(wpa_s, buf + 8))
3359                         reply_len = -1;
3360 #endif /* IEEE8021X_EAPOL */
3361 #ifdef CONFIG_PEERKEY
3362         } else if (os_strncmp(buf, "STKSTART ", 9) == 0) {
3363                 if (wpa_supplicant_ctrl_iface_stkstart(wpa_s, buf + 9))
3364                         reply_len = -1;
3365 #endif /* CONFIG_PEERKEY */
3366 #ifdef CONFIG_IEEE80211R
3367         } else if (os_strncmp(buf, "FT_DS ", 6) == 0) {
3368                 if (wpa_supplicant_ctrl_iface_ft_ds(wpa_s, buf + 6))
3369                         reply_len = -1;
3370 #endif /* CONFIG_IEEE80211R */
3371 #ifdef CONFIG_WPS
3372         } else if (os_strcmp(buf, "WPS_PBC") == 0) {
3373                 int res = wpa_supplicant_ctrl_iface_wps_pbc(wpa_s, NULL);
3374                 if (res == -2) {
3375                         os_memcpy(reply, "FAIL-PBC-OVERLAP\n", 17);
3376                         reply_len = 17;
3377                 } else if (res)
3378                         reply_len = -1;
3379         } else if (os_strncmp(buf, "WPS_PBC ", 8) == 0) {
3380                 int res = wpa_supplicant_ctrl_iface_wps_pbc(wpa_s, buf + 8);
3381                 if (res == -2) {
3382                         os_memcpy(reply, "FAIL-PBC-OVERLAP\n", 17);
3383                         reply_len = 17;
3384                 } else if (res)
3385                         reply_len = -1;
3386         } else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) {
3387                 reply_len = wpa_supplicant_ctrl_iface_wps_pin(wpa_s, buf + 8,
3388                                                               reply,
3389                                                               reply_size);
3390         } else if (os_strncmp(buf, "WPS_CHECK_PIN ", 14) == 0) {
3391                 reply_len = wpa_supplicant_ctrl_iface_wps_check_pin(
3392                         wpa_s, buf + 14, reply, reply_size);
3393         } else if (os_strcmp(buf, "WPS_CANCEL") == 0) {
3394                 if (wpas_wps_cancel(wpa_s))
3395                         reply_len = -1;
3396 #ifdef CONFIG_WPS_OOB
3397         } else if (os_strncmp(buf, "WPS_OOB ", 8) == 0) {
3398                 if (wpa_supplicant_ctrl_iface_wps_oob(wpa_s, buf + 8))
3399                         reply_len = -1;
3400 #endif /* CONFIG_WPS_OOB */
3401         } else if (os_strncmp(buf, "WPS_REG ", 8) == 0) {
3402                 if (wpa_supplicant_ctrl_iface_wps_reg(wpa_s, buf + 8))
3403                         reply_len = -1;
3404 #ifdef CONFIG_AP
3405         } else if (os_strncmp(buf, "WPS_AP_PIN ", 11) == 0) {
3406                 reply_len = wpa_supplicant_ctrl_iface_wps_ap_pin(
3407                         wpa_s, buf + 11, reply, reply_size);
3408 #endif /* CONFIG_AP */
3409 #ifdef CONFIG_WPS_ER
3410         } else if (os_strcmp(buf, "WPS_ER_START") == 0) {
3411                 if (wpas_wps_er_start(wpa_s, NULL))
3412                         reply_len = -1;
3413         } else if (os_strncmp(buf, "WPS_ER_START ", 13) == 0) {
3414                 if (wpas_wps_er_start(wpa_s, buf + 13))
3415                         reply_len = -1;
3416         } else if (os_strcmp(buf, "WPS_ER_STOP") == 0) {
3417                 if (wpas_wps_er_stop(wpa_s))
3418                         reply_len = -1;
3419         } else if (os_strncmp(buf, "WPS_ER_PIN ", 11) == 0) {
3420                 if (wpa_supplicant_ctrl_iface_wps_er_pin(wpa_s, buf + 11))
3421                         reply_len = -1;
3422         } else if (os_strncmp(buf, "WPS_ER_PBC ", 11) == 0) {
3423                 int ret = wpas_wps_er_pbc(wpa_s, buf + 11);
3424                 if (ret == -2) {
3425                         os_memcpy(reply, "FAIL-PBC-OVERLAP\n", 17);
3426                         reply_len = 17;
3427                 } else if (ret == -3) {
3428                         os_memcpy(reply, "FAIL-UNKNOWN-UUID\n", 18);
3429                         reply_len = 18;
3430                 } else if (ret == -4) {
3431                         os_memcpy(reply, "FAIL-NO-AP-SETTINGS\n", 20);
3432                         reply_len = 20;
3433                 } else if (ret)
3434                         reply_len = -1;
3435         } else if (os_strncmp(buf, "WPS_ER_LEARN ", 13) == 0) {
3436                 if (wpa_supplicant_ctrl_iface_wps_er_learn(wpa_s, buf + 13))
3437                         reply_len = -1;
3438         } else if (os_strncmp(buf, "WPS_ER_SET_CONFIG ", 18) == 0) {
3439                 if (wpa_supplicant_ctrl_iface_wps_er_set_config(wpa_s,
3440                                                                 buf + 18))
3441                         reply_len = -1;
3442         } else if (os_strncmp(buf, "WPS_ER_CONFIG ", 14) == 0) {
3443                 if (wpa_supplicant_ctrl_iface_wps_er_config(wpa_s, buf + 14))
3444                         reply_len = -1;
3445 #endif /* CONFIG_WPS_ER */
3446 #endif /* CONFIG_WPS */
3447 #ifdef CONFIG_IBSS_RSN
3448         } else if (os_strncmp(buf, "IBSS_RSN ", 9) == 0) {
3449                 if (wpa_supplicant_ctrl_iface_ibss_rsn(wpa_s, buf + 9))
3450                         reply_len = -1;
3451 #endif /* CONFIG_IBSS_RSN */
3452 #ifdef CONFIG_P2P
3453         } else if (os_strncmp(buf, "P2P_FIND ", 9) == 0) {
3454                 if (p2p_ctrl_find(wpa_s, buf + 9))
3455                         reply_len = -1;
3456         } else if (os_strcmp(buf, "P2P_FIND") == 0) {
3457                 if (p2p_ctrl_find(wpa_s, ""))
3458                         reply_len = -1;
3459         } else if (os_strcmp(buf, "P2P_STOP_FIND") == 0) {
3460                 wpas_p2p_stop_find(wpa_s);
3461         } else if (os_strncmp(buf, "P2P_CONNECT ", 12) == 0) {
3462                 reply_len = p2p_ctrl_connect(wpa_s, buf + 12, reply,
3463                                              reply_size);
3464         } else if (os_strncmp(buf, "P2P_LISTEN ", 11) == 0) {
3465                 if (p2p_ctrl_listen(wpa_s, buf + 11))
3466                         reply_len = -1;
3467         } else if (os_strcmp(buf, "P2P_LISTEN") == 0) {
3468                 if (p2p_ctrl_listen(wpa_s, ""))
3469                         reply_len = -1;
3470         } else if (os_strncmp(buf, "P2P_GROUP_REMOVE ", 17) == 0) {
3471                 if (wpas_p2p_group_remove(wpa_s, buf + 17))
3472                         reply_len = -1;
3473         } else if (os_strcmp(buf, "P2P_GROUP_ADD") == 0) {
3474                 if (wpas_p2p_group_add(wpa_s, 0, 0))
3475                         reply_len = -1;
3476         } else if (os_strncmp(buf, "P2P_GROUP_ADD ", 14) == 0) {
3477                 if (p2p_ctrl_group_add(wpa_s, buf + 14))
3478                         reply_len = -1;
3479         } else if (os_strncmp(buf, "P2P_PROV_DISC ", 14) == 0) {
3480                 if (p2p_ctrl_prov_disc(wpa_s, buf + 14))
3481                         reply_len = -1;
3482         } else if (os_strcmp(buf, "P2P_GET_PASSPHRASE") == 0) {
3483                 reply_len = p2p_get_passphrase(wpa_s, reply, reply_size);
3484         } else if (os_strncmp(buf, "P2P_SERV_DISC_REQ ", 18) == 0) {
3485                 reply_len = p2p_ctrl_serv_disc_req(wpa_s, buf + 18, reply,
3486                                                    reply_size);
3487         } else if (os_strncmp(buf, "P2P_SERV_DISC_CANCEL_REQ ", 25) == 0) {
3488                 if (p2p_ctrl_serv_disc_cancel_req(wpa_s, buf + 25) < 0)
3489                         reply_len = -1;
3490         } else if (os_strncmp(buf, "P2P_SERV_DISC_RESP ", 19) == 0) {
3491                 if (p2p_ctrl_serv_disc_resp(wpa_s, buf + 19) < 0)
3492                         reply_len = -1;
3493         } else if (os_strcmp(buf, "P2P_SERVICE_UPDATE") == 0) {
3494                 wpas_p2p_sd_service_update(wpa_s);
3495         } else if (os_strncmp(buf, "P2P_SERV_DISC_EXTERNAL ", 23) == 0) {
3496                 if (p2p_ctrl_serv_disc_external(wpa_s, buf + 23) < 0)
3497                         reply_len = -1;
3498         } else if (os_strcmp(buf, "P2P_SERVICE_FLUSH") == 0) {
3499                 wpas_p2p_service_flush(wpa_s);
3500         } else if (os_strncmp(buf, "P2P_SERVICE_ADD ", 16) == 0) {
3501                 if (p2p_ctrl_service_add(wpa_s, buf + 16) < 0)
3502                         reply_len = -1;
3503         } else if (os_strncmp(buf, "P2P_SERVICE_DEL ", 16) == 0) {
3504                 if (p2p_ctrl_service_del(wpa_s, buf + 16) < 0)
3505                         reply_len = -1;
3506         } else if (os_strncmp(buf, "P2P_REJECT ", 11) == 0) {
3507                 if (p2p_ctrl_reject(wpa_s, buf + 11) < 0)
3508                         reply_len = -1;
3509         } else if (os_strncmp(buf, "P2P_INVITE ", 11) == 0) {
3510                 if (p2p_ctrl_invite(wpa_s, buf + 11) < 0)
3511                         reply_len = -1;
3512         } else if (os_strncmp(buf, "P2P_PEER ", 9) == 0) {
3513                 reply_len = p2p_ctrl_peer(wpa_s, buf + 9, reply,
3514                                               reply_size);
3515         } else if (os_strncmp(buf, "P2P_SET ", 8) == 0) {
3516                 if (p2p_ctrl_set(wpa_s, buf + 8) < 0)
3517                         reply_len = -1;
3518         } else if (os_strcmp(buf, "P2P_FLUSH") == 0) {
3519                 os_memset(wpa_s->p2p_auth_invite, 0, ETH_ALEN);
3520                 wpa_s->force_long_sd = 0;
3521                 if (wpa_s->global->p2p)
3522                         p2p_flush(wpa_s->global->p2p);
3523         } else if (os_strncmp(buf, "P2P_UNAUTHORIZE ", 16) == 0) {
3524                 if (wpas_p2p_unauthorize(wpa_s, buf + 16) < 0)
3525                         reply_len = -1;
3526         } else if (os_strcmp(buf, "P2P_CANCEL") == 0) {
3527                 if (wpas_p2p_cancel(wpa_s))
3528                         reply_len = -1;
3529         } else if (os_strncmp(buf, "P2P_PRESENCE_REQ ", 17) == 0) {
3530                 if (p2p_ctrl_presence_req(wpa_s, buf + 17) < 0)
3531                         reply_len = -1;
3532         } else if (os_strcmp(buf, "P2P_PRESENCE_REQ") == 0) {
3533                 if (p2p_ctrl_presence_req(wpa_s, "") < 0)
3534                         reply_len = -1;
3535         } else if (os_strncmp(buf, "P2P_EXT_LISTEN ", 15) == 0) {
3536                 if (p2p_ctrl_ext_listen(wpa_s, buf + 15) < 0)
3537                         reply_len = -1;
3538         } else if (os_strcmp(buf, "P2P_EXT_LISTEN") == 0) {
3539                 if (p2p_ctrl_ext_listen(wpa_s, "") < 0)
3540                         reply_len = -1;
3541 #endif /* CONFIG_P2P */
3542 #ifdef CONFIG_INTERWORKING
3543         } else if (os_strcmp(buf, "FETCH_ANQP") == 0) {
3544                 if (interworking_fetch_anqp(wpa_s) < 0)
3545                         reply_len = -1;
3546         } else if (os_strcmp(buf, "STOP_FETCH_ANQP") == 0) {
3547                 interworking_stop_fetch_anqp(wpa_s);
3548         } else if (os_strncmp(buf, "INTERWORKING_SELECT", 19) == 0) {
3549                 if (interworking_select(wpa_s, os_strstr(buf + 19, "auto") !=
3550                                         NULL) < 0)
3551                         reply_len = -1;
3552         } else if (os_strncmp(buf, "INTERWORKING_CONNECT ", 21) == 0) {
3553                 if (ctrl_interworking_connect(wpa_s, buf + 21) < 0)
3554                         reply_len = -1;
3555         } else if (os_strncmp(buf, "ANQP_GET ", 9) == 0) {
3556                 if (get_anqp(wpa_s, buf + 9) < 0)
3557                         reply_len = -1;
3558 #endif /* CONFIG_INTERWORKING */
3559         } else if (os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0)
3560         {
3561                 if (wpa_supplicant_ctrl_iface_ctrl_rsp(
3562                             wpa_s, buf + os_strlen(WPA_CTRL_RSP)))
3563                         reply_len = -1;
3564                 else
3565                         ctrl_rsp = 1;
3566         } else if (os_strcmp(buf, "RECONFIGURE") == 0) {
3567                 if (wpa_supplicant_reload_configuration(wpa_s))
3568                         reply_len = -1;
3569         } else if (os_strcmp(buf, "TERMINATE") == 0) {
3570                 wpa_supplicant_terminate_proc(wpa_s->global);
3571         } else if (os_strncmp(buf, "BSSID ", 6) == 0) {
3572                 if (wpa_supplicant_ctrl_iface_bssid(wpa_s, buf + 6))
3573                         reply_len = -1;
3574         } else if (os_strncmp(buf, "BLACKLIST", 9) == 0) {
3575                 reply_len = wpa_supplicant_ctrl_iface_blacklist(
3576                         wpa_s, buf + 9, reply, reply_size);
3577         } else if (os_strncmp(buf, "LOG_LEVEL", 9) == 0) {
3578                 reply_len = wpa_supplicant_ctrl_iface_log_level(
3579                         wpa_s, buf + 9, reply, reply_size);
3580         } else if (os_strcmp(buf, "LIST_NETWORKS") == 0) {
3581                 reply_len = wpa_supplicant_ctrl_iface_list_networks(
3582                         wpa_s, reply, reply_size);
3583         } else if (os_strcmp(buf, "DISCONNECT") == 0) {
3584                 wpa_s->reassociate = 0;
3585                 wpa_s->disconnected = 1;
3586                 wpa_supplicant_cancel_sched_scan(wpa_s);
3587                 wpa_supplicant_deauthenticate(wpa_s,
3588                                               WLAN_REASON_DEAUTH_LEAVING);
3589         } else if (os_strcmp(buf, "SCAN") == 0) {
3590                 wpa_s->normal_scans = 0;
3591                 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
3592                         reply_len = -1;
3593                 else {
3594                         if (!wpa_s->scanning &&
3595                             ((wpa_s->wpa_state <= WPA_SCANNING) ||
3596                              (wpa_s->wpa_state == WPA_COMPLETED))) {
3597                                 wpa_s->scan_req = 2;
3598                                 wpa_supplicant_req_scan(wpa_s, 0, 0);
3599                         } else {
3600                                 wpa_printf(MSG_DEBUG, "Ongoing scan action - "
3601                                            "reject new request");
3602                                 reply_len = os_snprintf(reply, reply_size,
3603                                                         "FAIL-BUSY\n");
3604                         }
3605                 }
3606         } else if (os_strcmp(buf, "SCAN_RESULTS") == 0) {
3607                 reply_len = wpa_supplicant_ctrl_iface_scan_results(
3608                         wpa_s, reply, reply_size);
3609         } else if (os_strncmp(buf, "SELECT_NETWORK ", 15) == 0) {
3610                 if (wpa_supplicant_ctrl_iface_select_network(wpa_s, buf + 15))
3611                         reply_len = -1;
3612         } else if (os_strncmp(buf, "ENABLE_NETWORK ", 15) == 0) {
3613                 if (wpa_supplicant_ctrl_iface_enable_network(wpa_s, buf + 15))
3614                         reply_len = -1;
3615         } else if (os_strncmp(buf, "DISABLE_NETWORK ", 16) == 0) {
3616                 if (wpa_supplicant_ctrl_iface_disable_network(wpa_s, buf + 16))
3617                         reply_len = -1;
3618         } else if (os_strcmp(buf, "ADD_NETWORK") == 0) {
3619                 reply_len = wpa_supplicant_ctrl_iface_add_network(
3620                         wpa_s, reply, reply_size);
3621         } else if (os_strncmp(buf, "REMOVE_NETWORK ", 15) == 0) {
3622                 if (wpa_supplicant_ctrl_iface_remove_network(wpa_s, buf + 15))
3623                         reply_len = -1;
3624         } else if (os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
3625                 if (wpa_supplicant_ctrl_iface_set_network(wpa_s, buf + 12))
3626                         reply_len = -1;
3627         } else if (os_strncmp(buf, "GET_NETWORK ", 12) == 0) {
3628                 reply_len = wpa_supplicant_ctrl_iface_get_network(
3629                         wpa_s, buf + 12, reply, reply_size);
3630 #ifndef CONFIG_NO_CONFIG_WRITE
3631         } else if (os_strcmp(buf, "SAVE_CONFIG") == 0) {
3632                 if (wpa_supplicant_ctrl_iface_save_config(wpa_s))
3633                         reply_len = -1;
3634 #endif /* CONFIG_NO_CONFIG_WRITE */
3635         } else if (os_strncmp(buf, "GET_CAPABILITY ", 15) == 0) {
3636                 reply_len = wpa_supplicant_ctrl_iface_get_capability(
3637                         wpa_s, buf + 15, reply, reply_size);
3638         } else if (os_strncmp(buf, "AP_SCAN ", 8) == 0) {
3639                 if (wpa_supplicant_ctrl_iface_ap_scan(wpa_s, buf + 8))
3640                         reply_len = -1;
3641         } else if (os_strncmp(buf, "SCAN_INTERVAL ", 14) == 0) {
3642                 if (wpa_supplicant_ctrl_iface_scan_interval(wpa_s, buf + 14))
3643                         reply_len = -1;
3644         } else if (os_strcmp(buf, "INTERFACE_LIST") == 0) {
3645                 reply_len = wpa_supplicant_global_iface_list(
3646                         wpa_s->global, reply, reply_size);
3647         } else if (os_strcmp(buf, "INTERFACES") == 0) {
3648                 reply_len = wpa_supplicant_global_iface_interfaces(
3649                         wpa_s->global, reply, reply_size);
3650         } else if (os_strncmp(buf, "BSS ", 4) == 0) {
3651                 reply_len = wpa_supplicant_ctrl_iface_bss(
3652                         wpa_s, buf + 4, reply, reply_size);
3653 #ifdef CONFIG_AP
3654         } else if (os_strcmp(buf, "STA-FIRST") == 0) {
3655                 reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
3656         } else if (os_strncmp(buf, "STA ", 4) == 0) {
3657                 reply_len = ap_ctrl_iface_sta(wpa_s, buf + 4, reply,
3658                                               reply_size);
3659         } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
3660                 reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
3661                                                    reply_size);
3662 #endif /* CONFIG_AP */
3663         } else if (os_strcmp(buf, "SUSPEND") == 0) {
3664                 wpas_notify_suspend(wpa_s->global);
3665         } else if (os_strcmp(buf, "RESUME") == 0) {
3666                 wpas_notify_resume(wpa_s->global);
3667         } else if (os_strcmp(buf, "DROP_SA") == 0) {
3668                 wpa_supplicant_ctrl_iface_drop_sa(wpa_s);
3669         } else if (os_strncmp(buf, "ROAM ", 5) == 0) {
3670                 if (wpa_supplicant_ctrl_iface_roam(wpa_s, buf + 5))
3671                         reply_len = -1;
3672         } else if (os_strncmp(buf, "STA_AUTOCONNECT ", 16) == 0) {
3673                 if (wpa_supplicant_ctrl_iface_sta_autoconnect(wpa_s, buf + 16))
3674                         reply_len = -1;
3675         } else if (os_strncmp(buf, "BSS_EXPIRE_AGE ", 15) == 0) {
3676                 if (wpa_supplicant_ctrl_iface_bss_expire_age(wpa_s, buf + 15))
3677                         reply_len = -1;
3678         } else if (os_strncmp(buf, "BSS_EXPIRE_COUNT ", 17) == 0) {
3679                 if (wpa_supplicant_ctrl_iface_bss_expire_count(wpa_s,
3680                                                                buf + 17))
3681                         reply_len = -1;
3682 #ifdef CONFIG_TDLS
3683         } else if (os_strncmp(buf, "TDLS_DISCOVER ", 14) == 0) {
3684                 if (wpa_supplicant_ctrl_iface_tdls_discover(wpa_s, buf + 14))
3685                         reply_len = -1;
3686         } else if (os_strncmp(buf, "TDLS_SETUP ", 11) == 0) {
3687                 if (wpa_supplicant_ctrl_iface_tdls_setup(wpa_s, buf + 11))
3688                         reply_len = -1;
3689         } else if (os_strncmp(buf, "TDLS_TEARDOWN ", 14) == 0) {
3690                 if (wpa_supplicant_ctrl_iface_tdls_teardown(wpa_s, buf + 14))
3691                         reply_len = -1;
3692 #endif /* CONFIG_TDLS */
3693         } else if (os_strncmp(buf, "SIGNAL_POLL", 11) == 0) {
3694                 reply_len = wpa_supplicant_signal_poll(wpa_s, reply,
3695                                                        reply_size);
3696         } else if (os_strcmp(buf, "REAUTHENTICATE") == 0) {
3697                 eapol_sm_request_reauth(wpa_s->eapol);
3698         } else {
3699                 os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
3700                 reply_len = 16;
3701         }
3702
3703         if (reply_len < 0) {
3704                 os_memcpy(reply, "FAIL\n", 5);
3705                 reply_len = 5;
3706         }
3707
3708         if (ctrl_rsp)
3709                 eapol_sm_notify_ctrl_response(wpa_s->eapol);
3710
3711         *resp_len = reply_len;
3712         return reply;
3713 }
3714
3715
3716 static int wpa_supplicant_global_iface_add(struct wpa_global *global,
3717                                            char *cmd)
3718 {
3719         struct wpa_interface iface;
3720         char *pos;
3721
3722         /*
3723          * <ifname>TAB<confname>TAB<driver>TAB<ctrl_interface>TAB<driver_param>
3724          * TAB<bridge_ifname>
3725          */
3726         wpa_printf(MSG_DEBUG, "CTRL_IFACE GLOBAL INTERFACE_ADD '%s'", cmd);
3727
3728         os_memset(&iface, 0, sizeof(iface));
3729
3730         do {
3731                 iface.ifname = pos = cmd;
3732                 pos = os_strchr(pos, '\t');
3733                 if (pos)
3734                         *pos++ = '\0';
3735                 if (iface.ifname[0] == '\0')
3736                         return -1;
3737                 if (pos == NULL)
3738                         break;
3739
3740                 iface.confname = pos;
3741                 pos = os_strchr(pos, '\t');
3742                 if (pos)
3743                         *pos++ = '\0';
3744                 if (iface.confname[0] == '\0')
3745                         iface.confname = NULL;
3746                 if (pos == NULL)
3747                         break;
3748
3749                 iface.driver = pos;
3750                 pos = os_strchr(pos, '\t');
3751                 if (pos)
3752                         *pos++ = '\0';
3753                 if (iface.driver[0] == '\0')
3754                         iface.driver = NULL;
3755                 if (pos == NULL)
3756                         break;
3757
3758                 iface.ctrl_interface = pos;
3759                 pos = os_strchr(pos, '\t');
3760                 if (pos)
3761                         *pos++ = '\0';
3762                 if (iface.ctrl_interface[0] == '\0')
3763                         iface.ctrl_interface = NULL;
3764                 if (pos == NULL)
3765                         break;
3766
3767                 iface.driver_param = pos;
3768                 pos = os_strchr(pos, '\t');
3769                 if (pos)
3770                         *pos++ = '\0';
3771                 if (iface.driver_param[0] == '\0')
3772                         iface.driver_param = NULL;
3773                 if (pos == NULL)
3774                         break;
3775
3776                 iface.bridge_ifname = pos;
3777                 pos = os_strchr(pos, '\t');
3778                 if (pos)
3779                         *pos++ = '\0';
3780                 if (iface.bridge_ifname[0] == '\0')
3781                         iface.bridge_ifname = NULL;
3782                 if (pos == NULL)
3783                         break;
3784         } while (0);
3785
3786         if (wpa_supplicant_get_iface(global, iface.ifname))
3787                 return -1;
3788
3789         return wpa_supplicant_add_iface(global, &iface) ? 0 : -1;
3790 }
3791
3792
3793 static int wpa_supplicant_global_iface_remove(struct wpa_global *global,
3794                                               char *cmd)
3795 {
3796         struct wpa_supplicant *wpa_s;
3797
3798         wpa_printf(MSG_DEBUG, "CTRL_IFACE GLOBAL INTERFACE_REMOVE '%s'", cmd);
3799
3800         wpa_s = wpa_supplicant_get_iface(global, cmd);
3801         if (wpa_s == NULL)
3802                 return -1;
3803         return wpa_supplicant_remove_iface(global, wpa_s);
3804 }
3805
3806
3807 static void wpa_free_iface_info(struct wpa_interface_info *iface)
3808 {
3809         struct wpa_interface_info *prev;
3810
3811         while (iface) {
3812                 prev = iface;
3813                 iface = iface->next;
3814
3815                 os_free(prev->ifname);
3816                 os_free(prev->desc);
3817                 os_free(prev);
3818         }
3819 }
3820
3821
3822 static int wpa_supplicant_global_iface_list(struct wpa_global *global,
3823                                             char *buf, int len)
3824 {
3825         int i, res;
3826         struct wpa_interface_info *iface = NULL, *last = NULL, *tmp;
3827         char *pos, *end;
3828
3829         for (i = 0; wpa_drivers[i]; i++) {
3830                 struct wpa_driver_ops *drv = wpa_drivers[i];
3831                 if (drv->get_interfaces == NULL)
3832                         continue;
3833                 tmp = drv->get_interfaces(global->drv_priv[i]);
3834                 if (tmp == NULL)
3835                         continue;
3836
3837                 if (last == NULL)
3838                         iface = last = tmp;
3839                 else
3840                         last->next = tmp;
3841                 while (last->next)
3842                         last = last->next;
3843         }
3844
3845         pos = buf;
3846         end = buf + len;
3847         for (tmp = iface; tmp; tmp = tmp->next) {
3848                 res = os_snprintf(pos, end - pos, "%s\t%s\t%s\n",
3849                                   tmp->drv_name, tmp->ifname,
3850                                   tmp->desc ? tmp->desc : "");
3851                 if (res < 0 || res >= end - pos) {
3852                         *pos = '\0';
3853                         break;
3854                 }
3855                 pos += res;
3856         }
3857
3858         wpa_free_iface_info(iface);
3859
3860         return pos - buf;
3861 }
3862
3863
3864 static int wpa_supplicant_global_iface_interfaces(struct wpa_global *global,
3865                                                   char *buf, int len)
3866 {
3867         int res;
3868         char *pos, *end;
3869         struct wpa_supplicant *wpa_s;
3870
3871         wpa_s = global->ifaces;
3872         pos = buf;
3873         end = buf + len;
3874
3875         while (wpa_s) {
3876                 res = os_snprintf(pos, end - pos, "%s\n", wpa_s->ifname);
3877                 if (res < 0 || res >= end - pos) {
3878                         *pos = '\0';
3879                         break;
3880                 }
3881                 pos += res;
3882                 wpa_s = wpa_s->next;
3883         }
3884         return pos - buf;
3885 }
3886
3887
3888 char * wpa_supplicant_global_ctrl_iface_process(struct wpa_global *global,
3889                                                 char *buf, size_t *resp_len)
3890 {
3891         char *reply;
3892         const int reply_size = 2048;
3893         int reply_len;
3894         int level = MSG_DEBUG;
3895
3896         if (os_strcmp(buf, "PING") == 0)
3897                 level = MSG_EXCESSIVE;
3898         wpa_hexdump_ascii(level, "RX global ctrl_iface",
3899                           (const u8 *) buf, os_strlen(buf));
3900
3901         reply = os_malloc(reply_size);
3902         if (reply == NULL) {
3903                 *resp_len = 1;
3904                 return NULL;
3905         }
3906
3907         os_memcpy(reply, "OK\n", 3);
3908         reply_len = 3;
3909
3910         if (os_strcmp(buf, "PING") == 0) {
3911                 os_memcpy(reply, "PONG\n", 5);
3912                 reply_len = 5;
3913         } else if (os_strncmp(buf, "INTERFACE_ADD ", 14) == 0) {
3914                 if (wpa_supplicant_global_iface_add(global, buf + 14))
3915                         reply_len = -1;
3916         } else if (os_strncmp(buf, "INTERFACE_REMOVE ", 17) == 0) {
3917                 if (wpa_supplicant_global_iface_remove(global, buf + 17))
3918                         reply_len = -1;
3919         } else if (os_strcmp(buf, "INTERFACE_LIST") == 0) {
3920                 reply_len = wpa_supplicant_global_iface_list(
3921                         global, reply, reply_size);
3922         } else if (os_strcmp(buf, "INTERFACES") == 0) {
3923                 reply_len = wpa_supplicant_global_iface_interfaces(
3924                         global, reply, reply_size);
3925         } else if (os_strcmp(buf, "TERMINATE") == 0) {
3926                 wpa_supplicant_terminate_proc(global);
3927         } else if (os_strcmp(buf, "SUSPEND") == 0) {
3928                 wpas_notify_suspend(global);
3929         } else if (os_strcmp(buf, "RESUME") == 0) {
3930                 wpas_notify_resume(global);
3931         } else {
3932                 os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
3933                 reply_len = 16;
3934         }
3935
3936         if (reply_len < 0) {
3937                 os_memcpy(reply, "FAIL\n", 5);
3938                 reply_len = 5;
3939         }
3940
3941         *resp_len = reply_len;
3942         return reply;
3943 }