projects / mech_eap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
P2P: Allow Device ID to be specified for p2p_find command
[mech_eap.git] / wpa_supplicant / ctrl_iface.c
1 /*
2  * WPA Supplicant / Control interface (shared code for all backends)
3  * Copyright (c) 2004-2010, Jouni Malinen <j@w1.fi>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License version 2 as
7  * published by the Free Software Foundation.
8  *
9  * Alternatively, this software may be distributed under the terms of BSD
10  * license.
11  *
12  * See README and COPYING for more details.
13  */
14
15 #include "utils/includes.h"
16
17 #include "utils/common.h"
18 #include "utils/eloop.h"
19 #include "common/version.h"
20 #include "common/ieee802_11_defs.h"
21 #include "common/wpa_ctrl.h"
22 #include "eap_peer/eap.h"
23 #include "eapol_supp/eapol_supp_sm.h"
24 #include "rsn_supp/wpa.h"
25 #include "rsn_supp/preauth.h"
26 #include "rsn_supp/pmksa_cache.h"
27 #include "l2_packet/l2_packet.h"
28 #include "wps/wps.h"
29 #include "config.h"
30 #include "wpa_supplicant_i.h"
31 #include "driver_i.h"
32 #include "wps_supplicant.h"
33 #include "ibss_rsn.h"
34 #include "ap.h"
35 #include "p2p_supplicant.h"
36 #include "p2p/p2p.h"
37 #include "notify.h"
38 #include "bss.h"
39 #include "scan.h"
40 #include "ctrl_iface.h"
41 #include "interworking.h"
42 #include "blacklist.h"
43 #include "wpas_glue.h"
44
45 extern struct wpa_driver_ops *wpa_drivers[];
46
47 static int wpa_supplicant_global_iface_list(struct wpa_global *global,
48                                             char *buf, int len);
49 static int wpa_supplicant_global_iface_interfaces(struct wpa_global *global,
50                                                   char *buf, int len);
51
52
53 static int pno_start(struct wpa_supplicant *wpa_s)
54 {
55         int ret;
56         size_t i, num_ssid;
57         struct wpa_ssid *ssid;
58         struct wpa_driver_scan_params params;
59
60         if (wpa_s->pno)
61                 return 0;
62
63         os_memset(&params, 0, sizeof(params));
64
65         num_ssid = 0;
66         ssid = wpa_s->conf->ssid;
67         while (ssid) {
68                 if (!ssid->disabled)
69                         num_ssid++;
70                 ssid = ssid->next;
71         }
72         if (num_ssid > WPAS_MAX_SCAN_SSIDS) {
73                 wpa_printf(MSG_DEBUG, "PNO: Use only the first %u SSIDs from "
74                            "%u", WPAS_MAX_SCAN_SSIDS, (unsigned int) num_ssid);
75                 num_ssid = WPAS_MAX_SCAN_SSIDS;
76         }
77
78         if (num_ssid == 0) {
79                 wpa_printf(MSG_DEBUG, "PNO: No configured SSIDs");
80                 return -1;
81         }
82
83         params.filter_ssids = os_malloc(sizeof(struct wpa_driver_scan_filter) *
84                                         num_ssid);
85         if (params.filter_ssids == NULL)
86                 return -1;
87         i = 0;
88         ssid = wpa_s->conf->ssid;
89         while (ssid) {
90                 if (!ssid->disabled) {
91                         params.ssids[i].ssid = ssid->ssid;
92                         params.ssids[i].ssid_len = ssid->ssid_len;
93                         params.num_ssids++;
94                         os_memcpy(params.filter_ssids[i].ssid, ssid->ssid,
95                                   ssid->ssid_len);
96                         params.filter_ssids[i].ssid_len = ssid->ssid_len;
97                         params.num_filter_ssids++;
98                         i++;
99                         if (i == num_ssid)
100                                 break;
101                 }
102                 ssid = ssid->next;
103         }
104
105         ret = wpa_drv_sched_scan(wpa_s, &params, 10 * 1000);
106         os_free(params.filter_ssids);
107         if (ret == 0)
108                 wpa_s->pno = 1;
109         return ret;
110 }
111
112
113 static int pno_stop(struct wpa_supplicant *wpa_s)
114 {
115         if (wpa_s->pno) {
116                 wpa_s->pno = 0;
117                 return wpa_drv_stop_sched_scan(wpa_s);
118         }
119         return 0;
120 }
121
122
123 static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
124                                          char *cmd)
125 {
126         char *value;
127         int ret = 0;
128
129         value = os_strchr(cmd, ' ');
130         if (value == NULL)
131                 return -1;
132         *value++ = '\0';
133
134         wpa_printf(MSG_DEBUG, "CTRL_IFACE SET '%s'='%s'", cmd, value);
135         if (os_strcasecmp(cmd, "EAPOL::heldPeriod") == 0) {
136                 eapol_sm_configure(wpa_s->eapol,
137                                    atoi(value), -1, -1, -1);
138         } else if (os_strcasecmp(cmd, "EAPOL::authPeriod") == 0) {
139                 eapol_sm_configure(wpa_s->eapol,
140                                    -1, atoi(value), -1, -1);
141         } else if (os_strcasecmp(cmd, "EAPOL::startPeriod") == 0) {
142                 eapol_sm_configure(wpa_s->eapol,
143                                    -1, -1, atoi(value), -1);
144         } else if (os_strcasecmp(cmd, "EAPOL::maxStart") == 0) {
145                 eapol_sm_configure(wpa_s->eapol,
146                                    -1, -1, -1, atoi(value));
147         } else if (os_strcasecmp(cmd, "dot11RSNAConfigPMKLifetime") == 0) {
148                 if (wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
149                                      atoi(value)))
150                         ret = -1;
151         } else if (os_strcasecmp(cmd, "dot11RSNAConfigPMKReauthThreshold") ==
152                    0) {
153                 if (wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
154                                      atoi(value)))
155                         ret = -1;
156         } else if (os_strcasecmp(cmd, "dot11RSNAConfigSATimeout") == 0) {
157                 if (wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, atoi(value)))
158                         ret = -1;
159         } else if (os_strcasecmp(cmd, "wps_fragment_size") == 0) {
160                 wpa_s->wps_fragment_size = atoi(value);
161 #ifdef CONFIG_WPS_TESTING
162         } else if (os_strcasecmp(cmd, "wps_version_number") == 0) {
163                 long int val;
164                 val = strtol(value, NULL, 0);
165                 if (val < 0 || val > 0xff) {
166                         ret = -1;
167                         wpa_printf(MSG_DEBUG, "WPS: Invalid "
168                                    "wps_version_number %ld", val);
169                 } else {
170                         wps_version_number = val;
171                         wpa_printf(MSG_DEBUG, "WPS: Testing - force WPS "
172                                    "version %u.%u",
173                                    (wps_version_number & 0xf0) >> 4,
174                                    wps_version_number & 0x0f);
175                 }
176         } else if (os_strcasecmp(cmd, "wps_testing_dummy_cred") == 0) {
177                 wps_testing_dummy_cred = atoi(value);
178                 wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
179                            wps_testing_dummy_cred);
180 #endif /* CONFIG_WPS_TESTING */
181         } else if (os_strcasecmp(cmd, "ampdu") == 0) {
182                 if (wpa_drv_ampdu(wpa_s, atoi(value)) < 0)
183                         ret = -1;
184 #ifdef CONFIG_TDLS_TESTING
185         } else if (os_strcasecmp(cmd, "tdls_testing") == 0) {
186                 extern unsigned int tdls_testing;
187                 tdls_testing = strtol(value, NULL, 0);
188                 wpa_printf(MSG_DEBUG, "TDLS: tdls_testing=0x%x", tdls_testing);
189 #endif /* CONFIG_TDLS_TESTING */
190 #ifdef CONFIG_TDLS
191         } else if (os_strcasecmp(cmd, "tdls_disabled") == 0) {
192                 int disabled = atoi(value);
193                 wpa_printf(MSG_DEBUG, "TDLS: tdls_disabled=%d", disabled);
194                 if (disabled) {
195                         if (wpa_drv_tdls_oper(wpa_s, TDLS_DISABLE, NULL) < 0)
196                                 ret = -1;
197                 } else if (wpa_drv_tdls_oper(wpa_s, TDLS_ENABLE, NULL) < 0)
198                         ret = -1;
199                 wpa_tdls_enable(wpa_s->wpa, !disabled);
200 #endif /* CONFIG_TDLS */
201         } else if (os_strcasecmp(cmd, "pno") == 0) {
202                 if (atoi(value))
203                         ret = pno_start(wpa_s);
204                 else
205                         ret = pno_stop(wpa_s);
206         } else {
207                 value[-1] = '=';
208                 ret = wpa_config_process_global(wpa_s->conf, cmd, -1);
209                 if (ret == 0)
210                         wpa_supplicant_update_config(wpa_s);
211         }
212
213         return ret;
214 }
215
216
217 static int wpa_supplicant_ctrl_iface_get(struct wpa_supplicant *wpa_s,
218                                          char *cmd, char *buf, size_t buflen)
219 {
220         int res = -1;
221
222         wpa_printf(MSG_DEBUG, "CTRL_IFACE GET '%s'", cmd);
223
224         if (os_strcmp(cmd, "version") == 0) {
225                 res = os_snprintf(buf, buflen, "%s", VERSION_STR);
226         } else if (os_strcasecmp(cmd, "country") == 0) {
227                 if (wpa_s->conf->country[0] && wpa_s->conf->country[1])
228                         res = os_snprintf(buf, buflen, "%c%c",
229                                           wpa_s->conf->country[0],
230                                           wpa_s->conf->country[1]);
231         }
232
233         if (res < 0 || (unsigned int) res >= buflen)
234                 return -1;
235         return res;
236 }
237
238
239 #ifdef IEEE8021X_EAPOL
240 static int wpa_supplicant_ctrl_iface_preauth(struct wpa_supplicant *wpa_s,
241                                              char *addr)
242 {
243         u8 bssid[ETH_ALEN];
244         struct wpa_ssid *ssid = wpa_s->current_ssid;
245
246         if (hwaddr_aton(addr, bssid)) {
247                 wpa_printf(MSG_DEBUG, "CTRL_IFACE PREAUTH: invalid address "
248                            "'%s'", addr);
249                 return -1;
250         }
251
252         wpa_printf(MSG_DEBUG, "CTRL_IFACE PREAUTH " MACSTR, MAC2STR(bssid));
253         rsn_preauth_deinit(wpa_s->wpa);
254         if (rsn_preauth_init(wpa_s->wpa, bssid, ssid ? &ssid->eap : NULL))
255                 return -1;
256
257         return 0;
258 }
259 #endif /* IEEE8021X_EAPOL */
260
261
262 #ifdef CONFIG_PEERKEY
263 /* MLME-STKSTART.request(peer) */
264 static int wpa_supplicant_ctrl_iface_stkstart(
265         struct wpa_supplicant *wpa_s, char *addr)
266 {
267         u8 peer[ETH_ALEN];
268
269         if (hwaddr_aton(addr, peer)) {
270                 wpa_printf(MSG_DEBUG, "CTRL_IFACE STKSTART: invalid "
271                            "address '%s'", addr);
272                 return -1;
273         }
274
275         wpa_printf(MSG_DEBUG, "CTRL_IFACE STKSTART " MACSTR,
276                    MAC2STR(peer));
277
278         return wpa_sm_stkstart(wpa_s->wpa, peer);
279 }
280 #endif /* CONFIG_PEERKEY */
281
282
283 #ifdef CONFIG_TDLS
284
285 static int wpa_supplicant_ctrl_iface_tdls_discover(
286         struct wpa_supplicant *wpa_s, char *addr)
287 {
288         u8 peer[ETH_ALEN];
289         int ret;
290
291         if (hwaddr_aton(addr, peer)) {
292                 wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_DISCOVER: invalid "
293                            "address '%s'", addr);
294                 return -1;
295         }
296
297         wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_DISCOVER " MACSTR,
298                    MAC2STR(peer));
299
300         if (wpa_tdls_is_external_setup(wpa_s->wpa))
301                 ret = wpa_tdls_send_discovery_request(wpa_s->wpa, peer);
302         else
303                 ret = wpa_drv_tdls_oper(wpa_s, TDLS_DISCOVERY_REQ, peer);
304
305         return ret;
306 }
307
308
309 static int wpa_supplicant_ctrl_iface_tdls_setup(
310         struct wpa_supplicant *wpa_s, char *addr)
311 {
312         u8 peer[ETH_ALEN];
313         int ret;
314
315         if (hwaddr_aton(addr, peer)) {
316                 wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_SETUP: invalid "
317                            "address '%s'", addr);
318                 return -1;
319         }
320
321         wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_SETUP " MACSTR,
322                    MAC2STR(peer));
323
324         ret = wpa_tdls_reneg(wpa_s->wpa, peer);
325         if (ret) {
326                 if (wpa_tdls_is_external_setup(wpa_s->wpa))
327                         ret = wpa_tdls_start(wpa_s->wpa, peer);
328                 else
329                         ret = wpa_drv_tdls_oper(wpa_s, TDLS_SETUP, peer);
330         }
331
332         return ret;
333 }
334
335
336 static int wpa_supplicant_ctrl_iface_tdls_teardown(
337         struct wpa_supplicant *wpa_s, char *addr)
338 {
339         u8 peer[ETH_ALEN];
340
341         if (hwaddr_aton(addr, peer)) {
342                 wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_TEARDOWN: invalid "
343                            "address '%s'", addr);
344                 return -1;
345         }
346
347         wpa_printf(MSG_DEBUG, "CTRL_IFACE TDLS_TEARDOWN " MACSTR,
348                    MAC2STR(peer));
349
350         return wpa_tdls_teardown_link(wpa_s->wpa, peer,
351                                       WLAN_REASON_TDLS_TEARDOWN_UNSPECIFIED);
352 }
353
354 #endif /* CONFIG_TDLS */
355
356
357 #ifdef CONFIG_IEEE80211R
358 static int wpa_supplicant_ctrl_iface_ft_ds(
359         struct wpa_supplicant *wpa_s, char *addr)
360 {
361         u8 target_ap[ETH_ALEN];
362         struct wpa_bss *bss;
363         const u8 *mdie;
364
365         if (hwaddr_aton(addr, target_ap)) {
366                 wpa_printf(MSG_DEBUG, "CTRL_IFACE FT_DS: invalid "
367                            "address '%s'", addr);
368                 return -1;
369         }
370
371         wpa_printf(MSG_DEBUG, "CTRL_IFACE FT_DS " MACSTR, MAC2STR(target_ap));
372
373         bss = wpa_bss_get_bssid(wpa_s, target_ap);
374         if (bss)
375                 mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
376         else
377                 mdie = NULL;
378
379         return wpa_ft_start_over_ds(wpa_s->wpa, target_ap, mdie);
380 }
381 #endif /* CONFIG_IEEE80211R */
382
383
384 #ifdef CONFIG_WPS
385 static int wpa_supplicant_ctrl_iface_wps_pbc(struct wpa_supplicant *wpa_s,
386                                              char *cmd)
387 {
388         u8 bssid[ETH_ALEN], *_bssid = bssid;
389 #ifdef CONFIG_P2P
390         u8 p2p_dev_addr[ETH_ALEN];
391 #endif /* CONFIG_P2P */
392 #ifdef CONFIG_AP
393         u8 *_p2p_dev_addr = NULL;
394 #endif /* CONFIG_AP */
395
396         if (cmd == NULL || os_strcmp(cmd, "any") == 0) {
397                 _bssid = NULL;
398 #ifdef CONFIG_P2P
399         } else if (os_strncmp(cmd, "p2p_dev_addr=", 13) == 0) {
400                 if (hwaddr_aton(cmd + 13, p2p_dev_addr)) {
401                         wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_PBC: invalid "
402                                    "P2P Device Address '%s'",
403                                    cmd + 13);
404                         return -1;
405                 }
406                 _p2p_dev_addr = p2p_dev_addr;
407 #endif /* CONFIG_P2P */
408         } else if (hwaddr_aton(cmd, bssid)) {
409                 wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_PBC: invalid BSSID '%s'",
410                            cmd);
411                 return -1;
412         }
413
414 #ifdef CONFIG_AP
415         if (wpa_s->ap_iface)
416                 return wpa_supplicant_ap_wps_pbc(wpa_s, _bssid, _p2p_dev_addr);
417 #endif /* CONFIG_AP */
418
419         return wpas_wps_start_pbc(wpa_s, _bssid, 0);
420 }
421
422
423 static int wpa_supplicant_ctrl_iface_wps_pin(struct wpa_supplicant *wpa_s,
424                                              char *cmd, char *buf,
425                                              size_t buflen)
426 {
427         u8 bssid[ETH_ALEN], *_bssid = bssid;
428         char *pin;
429         int ret;
430
431         pin = os_strchr(cmd, ' ');
432         if (pin)
433                 *pin++ = '\0';
434
435         if (os_strcmp(cmd, "any") == 0)
436                 _bssid = NULL;
437         else if (os_strcmp(cmd, "get") == 0) {
438                 ret = wps_generate_pin();
439                 goto done;
440         } else if (hwaddr_aton(cmd, bssid)) {
441                 wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_PIN: invalid BSSID '%s'",
442                            cmd);
443                 return -1;
444         }
445
446 #ifdef CONFIG_AP
447         if (wpa_s->ap_iface)
448                 return wpa_supplicant_ap_wps_pin(wpa_s, _bssid, pin,
449                                                  buf, buflen);
450 #endif /* CONFIG_AP */
451
452         if (pin) {
453                 ret = wpas_wps_start_pin(wpa_s, _bssid, pin, 0,
454                                          DEV_PW_DEFAULT);
455                 if (ret < 0)
456                         return -1;
457                 ret = os_snprintf(buf, buflen, "%s", pin);
458                 if (ret < 0 || (size_t) ret >= buflen)
459                         return -1;
460                 return ret;
461         }
462
463         ret = wpas_wps_start_pin(wpa_s, _bssid, NULL, 0, DEV_PW_DEFAULT);
464         if (ret < 0)
465                 return -1;
466
467 done:
468         /* Return the generated PIN */
469         ret = os_snprintf(buf, buflen, "%08d", ret);
470         if (ret < 0 || (size_t) ret >= buflen)
471                 return -1;
472         return ret;
473 }
474
475
476 static int wpa_supplicant_ctrl_iface_wps_check_pin(
477         struct wpa_supplicant *wpa_s, char *cmd, char *buf, size_t buflen)
478 {
479         char pin[9];
480         size_t len;
481         char *pos;
482         int ret;
483
484         wpa_hexdump_ascii_key(MSG_DEBUG, "WPS_CHECK_PIN",
485                               (u8 *) cmd, os_strlen(cmd));
486         for (pos = cmd, len = 0; *pos != '\0'; pos++) {
487                 if (*pos < '0' || *pos > '9')
488                         continue;
489                 pin[len++] = *pos;
490                 if (len == 9) {
491                         wpa_printf(MSG_DEBUG, "WPS: Too long PIN");
492                         return -1;
493                 }
494         }
495         if (len != 4 && len != 8) {
496                 wpa_printf(MSG_DEBUG, "WPS: Invalid PIN length %d", (int) len);
497                 return -1;
498         }
499         pin[len] = '\0';
500
501         if (len == 8) {
502                 unsigned int pin_val;
503                 pin_val = atoi(pin);
504                 if (!wps_pin_valid(pin_val)) {
505                         wpa_printf(MSG_DEBUG, "WPS: Invalid checksum digit");
506                         ret = os_snprintf(buf, buflen, "FAIL-CHECKSUM\n");
507                         if (ret < 0 || (size_t) ret >= buflen)
508                                 return -1;
509                         return ret;
510                 }
511         }
512
513         ret = os_snprintf(buf, buflen, "%s", pin);
514         if (ret < 0 || (size_t) ret >= buflen)
515                 return -1;
516
517         return ret;
518 }
519
520
521 #ifdef CONFIG_WPS_OOB
522 static int wpa_supplicant_ctrl_iface_wps_oob(struct wpa_supplicant *wpa_s,
523                                              char *cmd)
524 {
525         char *path, *method, *name;
526
527         path = os_strchr(cmd, ' ');
528         if (path == NULL)
529                 return -1;
530         *path++ = '\0';
531
532         method = os_strchr(path, ' ');
533         if (method == NULL)
534                 return -1;
535         *method++ = '\0';
536
537         name = os_strchr(method, ' ');
538         if (name != NULL)
539                 *name++ = '\0';
540
541         return wpas_wps_start_oob(wpa_s, cmd, path, method, name);
542 }
543 #endif /* CONFIG_WPS_OOB */
544
545
546 static int wpa_supplicant_ctrl_iface_wps_reg(struct wpa_supplicant *wpa_s,
547                                              char *cmd)
548 {
549         u8 bssid[ETH_ALEN];
550         char *pin;
551         char *new_ssid;
552         char *new_auth;
553         char *new_encr;
554         char *new_key;
555         struct wps_new_ap_settings ap;
556
557         pin = os_strchr(cmd, ' ');
558         if (pin == NULL)
559                 return -1;
560         *pin++ = '\0';
561
562         if (hwaddr_aton(cmd, bssid)) {
563                 wpa_printf(MSG_DEBUG, "CTRL_IFACE WPS_REG: invalid BSSID '%s'",
564                            cmd);
565                 return -1;
566         }
567
568         new_ssid = os_strchr(pin, ' ');
569         if (new_ssid == NULL)
570                 return wpas_wps_start_reg(wpa_s, bssid, pin, NULL);
571         *new_ssid++ = '\0';
572
573         new_auth = os_strchr(new_ssid, ' ');
574         if (new_auth == NULL)
575                 return -1;
576         *new_auth++ = '\0';
577
578         new_encr = os_strchr(new_auth, ' ');
579         if (new_encr == NULL)
580                 return -1;
581         *new_encr++ = '\0';
582
583         new_key = os_strchr(new_encr, ' ');
584         if (new_key == NULL)
585                 return -1;
586         *new_key++ = '\0';
587
588         os_memset(&ap, 0, sizeof(ap));
589         ap.ssid_hex = new_ssid;
590         ap.auth = new_auth;
591         ap.encr = new_encr;
592         ap.key_hex = new_key;
593         return wpas_wps_start_reg(wpa_s, bssid, pin, &ap);
594 }
595
596
597 #ifdef CONFIG_AP
598 static int wpa_supplicant_ctrl_iface_wps_ap_pin(struct wpa_supplicant *wpa_s,
599                                                 char *cmd, char *buf,
600                                                 size_t buflen)
601 {
602         int timeout = 300;
603         char *pos;
604         const char *pin_txt;
605
606         if (!wpa_s->ap_iface)
607                 return -1;
608
609         pos = os_strchr(cmd, ' ');
610         if (pos)
611                 *pos++ = '\0';
612
613         if (os_strcmp(cmd, "disable") == 0) {
614                 wpas_wps_ap_pin_disable(wpa_s);
615                 return os_snprintf(buf, buflen, "OK\n");
616         }
617
618         if (os_strcmp(cmd, "random") == 0) {
619                 if (pos)
620                         timeout = atoi(pos);
621                 pin_txt = wpas_wps_ap_pin_random(wpa_s, timeout);
622                 if (pin_txt == NULL)
623                         return -1;
624                 return os_snprintf(buf, buflen, "%s", pin_txt);
625         }
626
627         if (os_strcmp(cmd, "get") == 0) {
628                 pin_txt = wpas_wps_ap_pin_get(wpa_s);
629                 if (pin_txt == NULL)
630                         return -1;
631                 return os_snprintf(buf, buflen, "%s", pin_txt);
632         }
633
634         if (os_strcmp(cmd, "set") == 0) {
635                 char *pin;
636                 if (pos == NULL)
637                         return -1;
638                 pin = pos;
639                 pos = os_strchr(pos, ' ');
640                 if (pos) {
641                         *pos++ = '\0';
642                         timeout = atoi(pos);
643                 }
644                 if (os_strlen(pin) > buflen)
645                         return -1;
646                 if (wpas_wps_ap_pin_set(wpa_s, pin, timeout) < 0)
647                         return -1;
648                 return os_snprintf(buf, buflen, "%s", pin);
649         }
650
651         return -1;
652 }
653 #endif /* CONFIG_AP */
654
655
656 #ifdef CONFIG_WPS_ER
657 static int wpa_supplicant_ctrl_iface_wps_er_pin(struct wpa_supplicant *wpa_s,
658                                                 char *cmd)
659 {
660         char *uuid = cmd, *pin, *pos;
661         u8 addr_buf[ETH_ALEN], *addr = NULL;
662         pin = os_strchr(uuid, ' ');
663         if (pin == NULL)
664                 return -1;
665         *pin++ = '\0';
666         pos = os_strchr(pin, ' ');
667         if (pos) {
668                 *pos++ = '\0';
669                 if (hwaddr_aton(pos, addr_buf) == 0)
670                         addr = addr_buf;
671         }
672         return wpas_wps_er_add_pin(wpa_s, addr, uuid, pin);
673 }
674
675
676 static int wpa_supplicant_ctrl_iface_wps_er_learn(struct wpa_supplicant *wpa_s,
677                                                   char *cmd)
678 {
679         char *uuid = cmd, *pin;
680         pin = os_strchr(uuid, ' ');
681         if (pin == NULL)
682                 return -1;
683         *pin++ = '\0';
684         return wpas_wps_er_learn(wpa_s, uuid, pin);
685 }
686
687
688 static int wpa_supplicant_ctrl_iface_wps_er_set_config(
689         struct wpa_supplicant *wpa_s, char *cmd)
690 {
691         char *uuid = cmd, *id;
692         id = os_strchr(uuid, ' ');
693         if (id == NULL)
694                 return -1;
695         *id++ = '\0';
696         return wpas_wps_er_set_config(wpa_s, uuid, atoi(id));
697 }
698
699
700 static int wpa_supplicant_ctrl_iface_wps_er_config(
701         struct wpa_supplicant *wpa_s, char *cmd)
702 {
703         char *pin;
704         char *new_ssid;
705         char *new_auth;
706         char *new_encr;
707         char *new_key;
708         struct wps_new_ap_settings ap;
709
710         pin = os_strchr(cmd, ' ');
711         if (pin == NULL)
712                 return -1;
713         *pin++ = '\0';
714
715         new_ssid = os_strchr(pin, ' ');
716         if (new_ssid == NULL)
717                 return -1;
718         *new_ssid++ = '\0';
719
720         new_auth = os_strchr(new_ssid, ' ');
721         if (new_auth == NULL)
722                 return -1;
723         *new_auth++ = '\0';
724
725         new_encr = os_strchr(new_auth, ' ');
726         if (new_encr == NULL)
727                 return -1;
728         *new_encr++ = '\0';
729
730         new_key = os_strchr(new_encr, ' ');
731         if (new_key == NULL)
732                 return -1;
733         *new_key++ = '\0';
734
735         os_memset(&ap, 0, sizeof(ap));
736         ap.ssid_hex = new_ssid;
737         ap.auth = new_auth;
738         ap.encr = new_encr;
739         ap.key_hex = new_key;
740         return wpas_wps_er_config(wpa_s, cmd, pin, &ap);
741 }
742 #endif /* CONFIG_WPS_ER */
743
744 #endif /* CONFIG_WPS */
745
746
747 #ifdef CONFIG_IBSS_RSN
748 static int wpa_supplicant_ctrl_iface_ibss_rsn(
749         struct wpa_supplicant *wpa_s, char *addr)
750 {
751         u8 peer[ETH_ALEN];
752
753         if (hwaddr_aton(addr, peer)) {
754                 wpa_printf(MSG_DEBUG, "CTRL_IFACE IBSS_RSN: invalid "
755                            "address '%s'", addr);
756                 return -1;
757         }
758
759         wpa_printf(MSG_DEBUG, "CTRL_IFACE IBSS_RSN " MACSTR,
760                    MAC2STR(peer));
761
762         return ibss_rsn_start(wpa_s->ibss_rsn, peer);
763 }
764 #endif /* CONFIG_IBSS_RSN */
765
766
767 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
768                                               struct wpa_ssid *ssid,
769                                               const char *field,
770                                               const char *value)
771 {
772 #ifdef IEEE8021X_EAPOL
773         struct eap_peer_config *eap = &ssid->eap;
774
775         wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
776         wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
777                               (const u8 *) value, os_strlen(value));
778
779         switch (wpa_supplicant_ctrl_req_from_string(field)) {
780         case WPA_CTRL_REQ_EAP_IDENTITY:
781                 os_free(eap->identity);
782                 eap->identity = (u8 *) os_strdup(value);
783                 eap->identity_len = os_strlen(value);
784                 eap->pending_req_identity = 0;
785                 if (ssid == wpa_s->current_ssid)
786                         wpa_s->reassociate = 1;
787                 break;
788         case WPA_CTRL_REQ_EAP_PASSWORD:
789                 os_free(eap->password);
790                 eap->password = (u8 *) os_strdup(value);
791                 eap->password_len = os_strlen(value);
792                 eap->pending_req_password = 0;
793                 if (ssid == wpa_s->current_ssid)
794                         wpa_s->reassociate = 1;
795                 break;
796         case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
797                 os_free(eap->new_password);
798                 eap->new_password = (u8 *) os_strdup(value);
799                 eap->new_password_len = os_strlen(value);
800                 eap->pending_req_new_password = 0;
801                 if (ssid == wpa_s->current_ssid)
802                         wpa_s->reassociate = 1;
803                 break;
804         case WPA_CTRL_REQ_EAP_PIN:
805                 os_free(eap->pin);
806                 eap->pin = os_strdup(value);
807                 eap->pending_req_pin = 0;
808                 if (ssid == wpa_s->current_ssid)
809                         wpa_s->reassociate = 1;
810                 break;
811         case WPA_CTRL_REQ_EAP_OTP:
812                 os_free(eap->otp);
813                 eap->otp = (u8 *) os_strdup(value);
814                 eap->otp_len = os_strlen(value);
815                 os_free(eap->pending_req_otp);
816                 eap->pending_req_otp = NULL;
817                 eap->pending_req_otp_len = 0;
818                 break;
819         case WPA_CTRL_REQ_EAP_PASSPHRASE:
820                 os_free(eap->private_key_passwd);
821                 eap->private_key_passwd = (u8 *) os_strdup(value);
822                 eap->pending_req_passphrase = 0;
823                 if (ssid == wpa_s->current_ssid)
824                         wpa_s->reassociate = 1;
825                 break;
826         default:
827                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
828                 return -1;
829         }
830
831         return 0;
832 #else /* IEEE8021X_EAPOL */
833         wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
834         return -1;
835 #endif /* IEEE8021X_EAPOL */
836 }
837
838
839 static int wpa_supplicant_ctrl_iface_ctrl_rsp(struct wpa_supplicant *wpa_s,
840                                               char *rsp)
841 {
842 #ifdef IEEE8021X_EAPOL
843         char *pos, *id_pos;
844         int id;
845         struct wpa_ssid *ssid;
846
847         pos = os_strchr(rsp, '-');
848         if (pos == NULL)
849                 return -1;
850         *pos++ = '\0';
851         id_pos = pos;
852         pos = os_strchr(pos, ':');
853         if (pos == NULL)
854                 return -1;
855         *pos++ = '\0';
856         id = atoi(id_pos);
857         wpa_printf(MSG_DEBUG, "CTRL_IFACE: field=%s id=%d", rsp, id);
858         wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: value",
859                               (u8 *) pos, os_strlen(pos));
860
861         ssid = wpa_config_get_network(wpa_s->conf, id);
862         if (ssid == NULL) {
863                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find SSID id=%d "
864                            "to update", id);
865                 return -1;
866         }
867
868         return wpa_supplicant_ctrl_iface_ctrl_rsp_handle(wpa_s, ssid, rsp,
869                                                          pos);
870 #else /* IEEE8021X_EAPOL */
871         wpa_printf(MSG_DEBUG, "CTRL_IFACE: 802.1X not included");
872         return -1;
873 #endif /* IEEE8021X_EAPOL */
874 }
875
876
877 static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,
878                                             const char *params,
879                                             char *buf, size_t buflen)
880 {
881         char *pos, *end, tmp[30];
882         int res, verbose, wps, ret;
883
884         verbose = os_strcmp(params, "-VERBOSE") == 0;
885         wps = os_strcmp(params, "-WPS") == 0;
886         pos = buf;
887         end = buf + buflen;
888         if (wpa_s->wpa_state >= WPA_ASSOCIATED) {
889                 struct wpa_ssid *ssid = wpa_s->current_ssid;
890                 ret = os_snprintf(pos, end - pos, "bssid=" MACSTR "\n",
891                                   MAC2STR(wpa_s->bssid));
892                 if (ret < 0 || ret >= end - pos)
893                         return pos - buf;
894                 pos += ret;
895                 if (ssid) {
896                         u8 *_ssid = ssid->ssid;
897                         size_t ssid_len = ssid->ssid_len;
898                         u8 ssid_buf[MAX_SSID_LEN];
899                         if (ssid_len == 0) {
900                                 int _res = wpa_drv_get_ssid(wpa_s, ssid_buf);
901                                 if (_res < 0)
902                                         ssid_len = 0;
903                                 else
904                                         ssid_len = _res;
905                                 _ssid = ssid_buf;
906                         }
907                         ret = os_snprintf(pos, end - pos, "ssid=%s\nid=%d\n",
908                                           wpa_ssid_txt(_ssid, ssid_len),
909                                           ssid->id);
910                         if (ret < 0 || ret >= end - pos)
911                                 return pos - buf;
912                         pos += ret;
913
914                         if (wps && ssid->passphrase &&
915                             wpa_key_mgmt_wpa_psk(ssid->key_mgmt) &&
916                             (ssid->mode == WPAS_MODE_AP ||
917                              ssid->mode == WPAS_MODE_P2P_GO)) {
918                                 ret = os_snprintf(pos, end - pos,
919                                                   "passphrase=%s\n",
920                                                   ssid->passphrase);
921                                 if (ret < 0 || ret >= end - pos)
922                                         return pos - buf;
923                                 pos += ret;
924                         }
925                         if (ssid->id_str) {
926                                 ret = os_snprintf(pos, end - pos,
927                                                   "id_str=%s\n",
928                                                   ssid->id_str);
929                                 if (ret < 0 || ret >= end - pos)
930                                         return pos - buf;
931                                 pos += ret;
932                         }
933
934                         switch (ssid->mode) {
935                         case WPAS_MODE_INFRA:
936                                 ret = os_snprintf(pos, end - pos,
937                                                   "mode=station\n");
938                                 break;
939                         case WPAS_MODE_IBSS:
940                                 ret = os_snprintf(pos, end - pos,
941                                                   "mode=IBSS\n");
942                                 break;
943                         case WPAS_MODE_AP:
944                                 ret = os_snprintf(pos, end - pos,
945                                                   "mode=AP\n");
946                                 break;
947                         case WPAS_MODE_P2P_GO:
948                                 ret = os_snprintf(pos, end - pos,
949                                                   "mode=P2P GO\n");
950                                 break;
951                         case WPAS_MODE_P2P_GROUP_FORMATION:
952                                 ret = os_snprintf(pos, end - pos,
953                                                   "mode=P2P GO - group "
954                                                   "formation\n");
955                                 break;
956                         default:
957                                 ret = 0;
958                                 break;
959                         }
960                         if (ret < 0 || ret >= end - pos)
961                                 return pos - buf;
962                         pos += ret;
963                 }
964
965 #ifdef CONFIG_AP
966                 if (wpa_s->ap_iface) {
967                         pos += ap_ctrl_iface_wpa_get_status(wpa_s, pos,
968                                                             end - pos,
969                                                             verbose);
970                 } else
971 #endif /* CONFIG_AP */
972                 pos += wpa_sm_get_status(wpa_s->wpa, pos, end - pos, verbose);
973         }
974         ret = os_snprintf(pos, end - pos, "wpa_state=%s\n",
975                           wpa_supplicant_state_txt(wpa_s->wpa_state));
976         if (ret < 0 || ret >= end - pos)
977                 return pos - buf;
978         pos += ret;
979
980         if (wpa_s->l2 &&
981             l2_packet_get_ip_addr(wpa_s->l2, tmp, sizeof(tmp)) >= 0) {
982                 ret = os_snprintf(pos, end - pos, "ip_address=%s\n", tmp);
983                 if (ret < 0 || ret >= end - pos)
984                         return pos - buf;
985                 pos += ret;
986         }
987
988 #ifdef CONFIG_P2P
989         if (wpa_s->global->p2p) {
990                 ret = os_snprintf(pos, end - pos, "p2p_device_address=" MACSTR
991                                   "\n", MAC2STR(wpa_s->global->p2p_dev_addr));
992                 if (ret < 0 || ret >= end - pos)
993                         return pos - buf;
994                 pos += ret;
995         }
996 #endif /* CONFIG_P2P */
997
998         ret = os_snprintf(pos, end - pos, "address=" MACSTR "\n",
999                           MAC2STR(wpa_s->own_addr));
1000         if (ret < 0 || ret >= end - pos)
1001                 return pos - buf;
1002         pos += ret;
1003
1004         if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
1005             wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1006                 res = eapol_sm_get_status(wpa_s->eapol, pos, end - pos,
1007                                           verbose);
1008                 if (res >= 0)
1009                         pos += res;
1010         }
1011
1012         res = rsn_preauth_get_status(wpa_s->wpa, pos, end - pos, verbose);
1013         if (res >= 0)
1014                 pos += res;
1015
1016         return pos - buf;
1017 }
1018
1019
1020 static int wpa_supplicant_ctrl_iface_bssid(struct wpa_supplicant *wpa_s,
1021                                            char *cmd)
1022 {
1023         char *pos;
1024         int id;
1025         struct wpa_ssid *ssid;
1026         u8 bssid[ETH_ALEN];
1027
1028         /* cmd: "<network id> <BSSID>" */
1029         pos = os_strchr(cmd, ' ');
1030         if (pos == NULL)
1031                 return -1;
1032         *pos++ = '\0';
1033         id = atoi(cmd);
1034         wpa_printf(MSG_DEBUG, "CTRL_IFACE: id=%d bssid='%s'", id, pos);
1035         if (hwaddr_aton(pos, bssid)) {
1036                 wpa_printf(MSG_DEBUG ,"CTRL_IFACE: invalid BSSID '%s'", pos);
1037                 return -1;
1038         }
1039
1040         ssid = wpa_config_get_network(wpa_s->conf, id);
1041         if (ssid == NULL) {
1042                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find SSID id=%d "
1043                            "to update", id);
1044                 return -1;
1045         }
1046
1047         os_memcpy(ssid->bssid, bssid, ETH_ALEN);
1048         ssid->bssid_set = !is_zero_ether_addr(bssid);
1049
1050         return 0;
1051 }
1052
1053
1054 static int wpa_supplicant_ctrl_iface_blacklist(struct wpa_supplicant *wpa_s,
1055                                                char *cmd, char *buf,
1056                                                size_t buflen)
1057 {
1058         u8 bssid[ETH_ALEN];
1059         struct wpa_blacklist *e;
1060         char *pos, *end;
1061         int ret;
1062
1063         /* cmd: "BLACKLIST [<BSSID>]" */
1064         if (*cmd == '\0') {
1065                 pos = buf;
1066                 end = buf + buflen;
1067                 e = wpa_s->blacklist;
1068                 while (e) {
1069                         ret = os_snprintf(pos, end - pos, MACSTR "\n",
1070                                           MAC2STR(e->bssid));
1071                         if (ret < 0 || ret >= end - pos)
1072                                 return pos - buf;
1073                         pos += ret;
1074                         e = e->next;
1075                 }
1076                 return pos - buf;
1077         }
1078
1079         cmd++;
1080         if (os_strncmp(cmd, "clear", 5) == 0) {
1081                 wpa_blacklist_clear(wpa_s);
1082                 os_memcpy(buf, "OK\n", 3);
1083                 return 3;
1084         }
1085
1086         wpa_printf(MSG_DEBUG, "CTRL_IFACE: BLACKLIST bssid='%s'", cmd);
1087         if (hwaddr_aton(cmd, bssid)) {
1088                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: invalid BSSID '%s'", cmd);
1089                 return -1;
1090         }
1091
1092         /*
1093          * Add the BSSID twice, so its count will be 2, causing it to be
1094          * skipped when processing scan results.
1095          */
1096         ret = wpa_blacklist_add(wpa_s, bssid);
1097         if (ret != 0)
1098                 return -1;
1099         ret = wpa_blacklist_add(wpa_s, bssid);
1100         if (ret != 0)
1101                 return -1;
1102         os_memcpy(buf, "OK\n", 3);
1103         return 3;
1104 }
1105
1106
1107 extern int wpa_debug_level;
1108 extern int wpa_debug_timestamp;
1109
1110 static const char * debug_level_str(int level)
1111 {
1112         switch (level) {
1113         case MSG_EXCESSIVE:
1114                 return "EXCESSIVE";
1115         case MSG_MSGDUMP:
1116                 return "MSGDUMP";
1117         case MSG_DEBUG:
1118                 return "DEBUG";
1119         case MSG_INFO:
1120                 return "INFO";
1121         case MSG_WARNING:
1122                 return "WARNING";
1123         case MSG_ERROR:
1124                 return "ERROR";
1125         default:
1126                 return "?";
1127         }
1128 }
1129
1130
1131 static int str_to_debug_level(const char *s)
1132 {
1133         if (os_strcasecmp(s, "EXCESSIVE") == 0)
1134                 return MSG_EXCESSIVE;
1135         if (os_strcasecmp(s, "MSGDUMP") == 0)
1136                 return MSG_MSGDUMP;
1137         if (os_strcasecmp(s, "DEBUG") == 0)
1138                 return MSG_DEBUG;
1139         if (os_strcasecmp(s, "INFO") == 0)
1140                 return MSG_INFO;
1141         if (os_strcasecmp(s, "WARNING") == 0)
1142                 return MSG_WARNING;
1143         if (os_strcasecmp(s, "ERROR") == 0)
1144                 return MSG_ERROR;
1145         return -1;
1146 }
1147
1148
1149 static int wpa_supplicant_ctrl_iface_log_level(struct wpa_supplicant *wpa_s,
1150                                                char *cmd, char *buf,
1151                                                size_t buflen)
1152 {
1153         char *pos, *end, *stamp;
1154         int ret;
1155
1156         if (cmd == NULL) {
1157                 return -1;
1158         }
1159
1160         /* cmd: "LOG_LEVEL [<level>]" */
1161         if (*cmd == '\0') {
1162                 pos = buf;
1163                 end = buf + buflen;
1164                 ret = os_snprintf(pos, end - pos, "Current level: %s\n"
1165                                   "Timestamp: %d\n",
1166                                   debug_level_str(wpa_debug_level),
1167                                   wpa_debug_timestamp);
1168                 if (ret < 0 || ret >= end - pos)
1169                         ret = 0;
1170
1171                 return ret;
1172         }
1173
1174         while (*cmd == ' ')
1175                 cmd++;
1176
1177         stamp = os_strchr(cmd, ' ');
1178         if (stamp) {
1179                 *stamp++ = '\0';
1180                 while (*stamp == ' ') {
1181                         stamp++;
1182                 }
1183         }
1184
1185         if (cmd && os_strlen(cmd)) {
1186                 int level = str_to_debug_level(cmd);
1187                 if (level < 0)
1188                         return -1;
1189                 wpa_debug_level = level;
1190         }
1191
1192         if (stamp && os_strlen(stamp))
1193                 wpa_debug_timestamp = atoi(stamp);
1194
1195         os_memcpy(buf, "OK\n", 3);
1196         return 3;
1197 }
1198
1199
1200 static int wpa_supplicant_ctrl_iface_list_networks(
1201         struct wpa_supplicant *wpa_s, char *buf, size_t buflen)
1202 {
1203         char *pos, *end;
1204         struct wpa_ssid *ssid;
1205         int ret;
1206
1207         pos = buf;
1208         end = buf + buflen;
1209         ret = os_snprintf(pos, end - pos,
1210                           "network id / ssid / bssid / flags\n");
1211         if (ret < 0 || ret >= end - pos)
1212                 return pos - buf;
1213         pos += ret;
1214
1215         ssid = wpa_s->conf->ssid;
1216         while (ssid) {
1217                 ret = os_snprintf(pos, end - pos, "%d\t%s",
1218                                   ssid->id,
1219                                   wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1220                 if (ret < 0 || ret >= end - pos)
1221                         return pos - buf;
1222                 pos += ret;
1223                 if (ssid->bssid_set) {
1224                         ret = os_snprintf(pos, end - pos, "\t" MACSTR,
1225                                           MAC2STR(ssid->bssid));
1226                 } else {
1227                         ret = os_snprintf(pos, end - pos, "\tany");
1228                 }
1229                 if (ret < 0 || ret >= end - pos)
1230                         return pos - buf;
1231                 pos += ret;
1232                 ret = os_snprintf(pos, end - pos, "\t%s%s%s",
1233                                   ssid == wpa_s->current_ssid ?
1234                                   "[CURRENT]" : "",
1235                                   ssid->disabled ? "[DISABLED]" : "",
1236                                   ssid->disabled == 2 ? "[P2P-PERSISTENT]" :
1237                                   "");
1238                 if (ret < 0 || ret >= end - pos)
1239                         return pos - buf;
1240                 pos += ret;
1241                 ret = os_snprintf(pos, end - pos, "\n");
1242                 if (ret < 0 || ret >= end - pos)
1243                         return pos - buf;
1244                 pos += ret;
1245
1246                 ssid = ssid->next;
1247         }
1248
1249         return pos - buf;
1250 }
1251
1252
1253 static char * wpa_supplicant_cipher_txt(char *pos, char *end, int cipher)
1254 {
1255         int first = 1, ret;
1256         ret = os_snprintf(pos, end - pos, "-");
1257         if (ret < 0 || ret >= end - pos)
1258                 return pos;
1259         pos += ret;
1260         if (cipher & WPA_CIPHER_NONE) {
1261                 ret = os_snprintf(pos, end - pos, "%sNONE", first ? "" : "+");
1262                 if (ret < 0 || ret >= end - pos)
1263                         return pos;
1264                 pos += ret;
1265                 first = 0;
1266         }
1267         if (cipher & WPA_CIPHER_WEP40) {
1268                 ret = os_snprintf(pos, end - pos, "%sWEP40", first ? "" : "+");
1269                 if (ret < 0 || ret >= end - pos)
1270                         return pos;
1271                 pos += ret;
1272                 first = 0;
1273         }
1274         if (cipher & WPA_CIPHER_WEP104) {
1275                 ret = os_snprintf(pos, end - pos, "%sWEP104",
1276                                   first ? "" : "+");
1277                 if (ret < 0 || ret >= end - pos)
1278                         return pos;
1279                 pos += ret;
1280                 first = 0;
1281         }
1282         if (cipher & WPA_CIPHER_TKIP) {
1283                 ret = os_snprintf(pos, end - pos, "%sTKIP", first ? "" : "+");
1284                 if (ret < 0 || ret >= end - pos)
1285                         return pos;
1286                 pos += ret;
1287                 first = 0;
1288         }
1289         if (cipher & WPA_CIPHER_CCMP) {
1290                 ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : "+");
1291                 if (ret < 0 || ret >= end - pos)
1292                         return pos;
1293                 pos += ret;
1294                 first = 0;
1295         }
1296         return pos;
1297 }
1298
1299
1300 static char * wpa_supplicant_ie_txt(char *pos, char *end, const char *proto,
1301                                     const u8 *ie, size_t ie_len)
1302 {
1303         struct wpa_ie_data data;
1304         int first, ret;
1305
1306         ret = os_snprintf(pos, end - pos, "[%s-", proto);
1307         if (ret < 0 || ret >= end - pos)
1308                 return pos;
1309         pos += ret;
1310
1311         if (wpa_parse_wpa_ie(ie, ie_len, &data) < 0) {
1312                 ret = os_snprintf(pos, end - pos, "?]");
1313                 if (ret < 0 || ret >= end - pos)
1314                         return pos;
1315                 pos += ret;
1316                 return pos;
1317         }
1318
1319         first = 1;
1320         if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X) {
1321                 ret = os_snprintf(pos, end - pos, "%sEAP", first ? "" : "+");
1322                 if (ret < 0 || ret >= end - pos)
1323                         return pos;
1324                 pos += ret;
1325                 first = 0;
1326         }
1327         if (data.key_mgmt & WPA_KEY_MGMT_PSK) {
1328                 ret = os_snprintf(pos, end - pos, "%sPSK", first ? "" : "+");
1329                 if (ret < 0 || ret >= end - pos)
1330                         return pos;
1331                 pos += ret;
1332                 first = 0;
1333         }
1334         if (data.key_mgmt & WPA_KEY_MGMT_WPA_NONE) {
1335                 ret = os_snprintf(pos, end - pos, "%sNone", first ? "" : "+");
1336                 if (ret < 0 || ret >= end - pos)
1337                         return pos;
1338                 pos += ret;
1339                 first = 0;
1340         }
1341 #ifdef CONFIG_IEEE80211R
1342         if (data.key_mgmt & WPA_KEY_MGMT_FT_IEEE8021X) {
1343                 ret = os_snprintf(pos, end - pos, "%sFT/EAP",
1344                                   first ? "" : "+");
1345                 if (ret < 0 || ret >= end - pos)
1346                         return pos;
1347                 pos += ret;
1348                 first = 0;
1349         }
1350         if (data.key_mgmt & WPA_KEY_MGMT_FT_PSK) {
1351                 ret = os_snprintf(pos, end - pos, "%sFT/PSK",
1352                                   first ? "" : "+");
1353                 if (ret < 0 || ret >= end - pos)
1354                         return pos;
1355                 pos += ret;
1356                 first = 0;
1357         }
1358 #endif /* CONFIG_IEEE80211R */
1359 #ifdef CONFIG_IEEE80211W
1360         if (data.key_mgmt & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1361                 ret = os_snprintf(pos, end - pos, "%sEAP-SHA256",
1362                                   first ? "" : "+");
1363                 if (ret < 0 || ret >= end - pos)
1364                         return pos;
1365                 pos += ret;
1366                 first = 0;
1367         }
1368         if (data.key_mgmt & WPA_KEY_MGMT_PSK_SHA256) {
1369                 ret = os_snprintf(pos, end - pos, "%sPSK-SHA256",
1370                                   first ? "" : "+");
1371                 if (ret < 0 || ret >= end - pos)
1372                         return pos;
1373                 pos += ret;
1374                 first = 0;
1375         }
1376 #endif /* CONFIG_IEEE80211W */
1377
1378         pos = wpa_supplicant_cipher_txt(pos, end, data.pairwise_cipher);
1379
1380         if (data.capabilities & WPA_CAPABILITY_PREAUTH) {
1381                 ret = os_snprintf(pos, end - pos, "-preauth");
1382                 if (ret < 0 || ret >= end - pos)
1383                         return pos;
1384                 pos += ret;
1385         }
1386
1387         ret = os_snprintf(pos, end - pos, "]");
1388         if (ret < 0 || ret >= end - pos)
1389                 return pos;
1390         pos += ret;
1391
1392         return pos;
1393 }
1394
1395
1396 #ifdef CONFIG_WPS
1397 static char * wpa_supplicant_wps_ie_txt_buf(struct wpa_supplicant *wpa_s,
1398                                             char *pos, char *end,
1399                                             struct wpabuf *wps_ie)
1400 {
1401         int ret;
1402         const char *txt;
1403
1404         if (wps_ie == NULL)
1405                 return pos;
1406         if (wps_is_selected_pbc_registrar(wps_ie))
1407                 txt = "[WPS-PBC]";
1408 #ifdef CONFIG_WPS2
1409         else if (wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 0))
1410                 txt = "[WPS-AUTH]";
1411 #endif /* CONFIG_WPS2 */
1412         else if (wps_is_selected_pin_registrar(wps_ie))
1413                 txt = "[WPS-PIN]";
1414         else
1415                 txt = "[WPS]";
1416
1417         ret = os_snprintf(pos, end - pos, "%s", txt);
1418         if (ret >= 0 && ret < end - pos)
1419                 pos += ret;
1420         wpabuf_free(wps_ie);
1421         return pos;
1422 }
1423 #endif /* CONFIG_WPS */
1424
1425
1426 static char * wpa_supplicant_wps_ie_txt(struct wpa_supplicant *wpa_s,
1427                                         char *pos, char *end,
1428                                         const struct wpa_bss *bss)
1429 {
1430 #ifdef CONFIG_WPS
1431         struct wpabuf *wps_ie;
1432         wps_ie = wpa_bss_get_vendor_ie_multi(bss, WPS_IE_VENDOR_TYPE);
1433         return wpa_supplicant_wps_ie_txt_buf(wpa_s, pos, end, wps_ie);
1434 #else /* CONFIG_WPS */
1435         return pos;
1436 #endif /* CONFIG_WPS */
1437 }
1438
1439
1440 /* Format one result on one text line into a buffer. */
1441 static int wpa_supplicant_ctrl_iface_scan_result(
1442         struct wpa_supplicant *wpa_s,
1443         const struct wpa_bss *bss, char *buf, size_t buflen)
1444 {
1445         char *pos, *end;
1446         int ret;
1447         const u8 *ie, *ie2, *p2p;
1448
1449         p2p = wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE);
1450         if (p2p && bss->ssid_len == P2P_WILDCARD_SSID_LEN &&
1451             os_memcmp(bss->ssid, P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN) ==
1452             0)
1453                 return 0; /* Do not show P2P listen discovery results here */
1454
1455         pos = buf;
1456         end = buf + buflen;
1457
1458         ret = os_snprintf(pos, end - pos, MACSTR "\t%d\t%d\t",
1459                           MAC2STR(bss->bssid), bss->freq, bss->level);
1460         if (ret < 0 || ret >= end - pos)
1461                 return -1;
1462         pos += ret;
1463         ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1464         if (ie)
1465                 pos = wpa_supplicant_ie_txt(pos, end, "WPA", ie, 2 + ie[1]);
1466         ie2 = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1467         if (ie2)
1468                 pos = wpa_supplicant_ie_txt(pos, end, "WPA2", ie2, 2 + ie2[1]);
1469         pos = wpa_supplicant_wps_ie_txt(wpa_s, pos, end, bss);
1470         if (!ie && !ie2 && bss->caps & IEEE80211_CAP_PRIVACY) {
1471                 ret = os_snprintf(pos, end - pos, "[WEP]");
1472                 if (ret < 0 || ret >= end - pos)
1473                         return -1;
1474                 pos += ret;
1475         }
1476         if (bss->caps & IEEE80211_CAP_IBSS) {
1477                 ret = os_snprintf(pos, end - pos, "[IBSS]");
1478                 if (ret < 0 || ret >= end - pos)
1479                         return -1;
1480                 pos += ret;
1481         }
1482         if (bss->caps & IEEE80211_CAP_ESS) {
1483                 ret = os_snprintf(pos, end - pos, "[ESS]");
1484                 if (ret < 0 || ret >= end - pos)
1485                         return -1;
1486                 pos += ret;
1487         }
1488         if (p2p) {
1489                 ret = os_snprintf(pos, end - pos, "[P2P]");
1490                 if (ret < 0 || ret >= end - pos)
1491                         return -1;
1492                 pos += ret;
1493         }
1494
1495         ret = os_snprintf(pos, end - pos, "\t%s",
1496                           wpa_ssid_txt(bss->ssid, bss->ssid_len));
1497         if (ret < 0 || ret >= end - pos)
1498                 return -1;
1499         pos += ret;
1500
1501         ret = os_snprintf(pos, end - pos, "\n");
1502         if (ret < 0 || ret >= end - pos)
1503                 return -1;
1504         pos += ret;
1505
1506         return pos - buf;
1507 }
1508
1509
1510 static int wpa_supplicant_ctrl_iface_scan_results(
1511         struct wpa_supplicant *wpa_s, char *buf, size_t buflen)
1512 {
1513         char *pos, *end;
1514         struct wpa_bss *bss;
1515         int ret;
1516
1517         pos = buf;
1518         end = buf + buflen;
1519         ret = os_snprintf(pos, end - pos, "bssid / frequency / signal level / "
1520                           "flags / ssid\n");
1521         if (ret < 0 || ret >= end - pos)
1522                 return pos - buf;
1523         pos += ret;
1524
1525         dl_list_for_each(bss, &wpa_s->bss_id, struct wpa_bss, list_id) {
1526                 ret = wpa_supplicant_ctrl_iface_scan_result(wpa_s, bss, pos,
1527                                                             end - pos);
1528                 if (ret < 0 || ret >= end - pos)
1529                         return pos - buf;
1530                 pos += ret;
1531         }
1532
1533         return pos - buf;
1534 }
1535
1536
1537 static int wpa_supplicant_ctrl_iface_select_network(
1538         struct wpa_supplicant *wpa_s, char *cmd)
1539 {
1540         int id;
1541         struct wpa_ssid *ssid;
1542
1543         /* cmd: "<network id>" or "any" */
1544         if (os_strcmp(cmd, "any") == 0) {
1545                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SELECT_NETWORK any");
1546                 ssid = NULL;
1547         } else {
1548                 id = atoi(cmd);
1549                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SELECT_NETWORK id=%d", id);
1550
1551                 ssid = wpa_config_get_network(wpa_s->conf, id);
1552                 if (ssid == NULL) {
1553                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find "
1554                                    "network id=%d", id);
1555                         return -1;
1556                 }
1557                 if (ssid->disabled == 2) {
1558                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Cannot use "
1559                                    "SELECT_NETWORK with persistent P2P group");
1560                         return -1;
1561                 }
1562         }
1563
1564         wpa_supplicant_select_network(wpa_s, ssid);
1565
1566         return 0;
1567 }
1568
1569
1570 static int wpa_supplicant_ctrl_iface_enable_network(
1571         struct wpa_supplicant *wpa_s, char *cmd)
1572 {
1573         int id;
1574         struct wpa_ssid *ssid;
1575
1576         /* cmd: "<network id>" or "all" */
1577         if (os_strcmp(cmd, "all") == 0) {
1578                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: ENABLE_NETWORK all");
1579                 ssid = NULL;
1580         } else {
1581                 id = atoi(cmd);
1582                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: ENABLE_NETWORK id=%d", id);
1583
1584                 ssid = wpa_config_get_network(wpa_s->conf, id);
1585                 if (ssid == NULL) {
1586                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find "
1587                                    "network id=%d", id);
1588                         return -1;
1589                 }
1590                 if (ssid->disabled == 2) {
1591                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Cannot use "
1592                                    "ENABLE_NETWORK with persistent P2P group");
1593                         return -1;
1594                 }
1595         }
1596         wpa_supplicant_enable_network(wpa_s, ssid);
1597
1598         return 0;
1599 }
1600
1601
1602 static int wpa_supplicant_ctrl_iface_disable_network(
1603         struct wpa_supplicant *wpa_s, char *cmd)
1604 {
1605         int id;
1606         struct wpa_ssid *ssid;
1607
1608         /* cmd: "<network id>" or "all" */
1609         if (os_strcmp(cmd, "all") == 0) {
1610                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: DISABLE_NETWORK all");
1611                 ssid = NULL;
1612         } else {
1613                 id = atoi(cmd);
1614                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: DISABLE_NETWORK id=%d", id);
1615
1616                 ssid = wpa_config_get_network(wpa_s->conf, id);
1617                 if (ssid == NULL) {
1618                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find "
1619                                    "network id=%d", id);
1620                         return -1;
1621                 }
1622                 if (ssid->disabled == 2) {
1623                         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Cannot use "
1624                                    "DISABLE_NETWORK with persistent P2P "
1625                                    "group");
1626                         return -1;
1627                 }
1628         }
1629         wpa_supplicant_disable_network(wpa_s, ssid);
1630
1631         return 0;
1632 }
1633
1634
1635 static int wpa_supplicant_ctrl_iface_add_network(
1636         struct wpa_supplicant *wpa_s, char *buf, size_t buflen)
1637 {
1638         struct wpa_ssid *ssid;
1639         int ret;
1640
1641         wpa_printf(MSG_DEBUG, "CTRL_IFACE: ADD_NETWORK");
1642
1643         ssid = wpa_config_add_network(wpa_s->conf);
1644         if (ssid == NULL)
1645                 return -1;
1646
1647         wpas_notify_network_added(wpa_s, ssid);
1648
1649         ssid->disabled = 1;
1650         wpa_config_set_network_defaults(ssid);
1651
1652         ret = os_snprintf(buf, buflen, "%d\n", ssid->id);
1653         if (ret < 0 || (size_t) ret >= buflen)
1654                 return -1;
1655         return ret;
1656 }
1657
1658
1659 static int wpa_supplicant_ctrl_iface_remove_network(
1660         struct wpa_supplicant *wpa_s, char *cmd)
1661 {
1662         int id;
1663         struct wpa_ssid *ssid;
1664
1665         /* cmd: "<network id>" or "all" */
1666         if (os_strcmp(cmd, "all") == 0) {
1667                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_NETWORK all");
1668                 ssid = wpa_s->conf->ssid;
1669                 while (ssid) {
1670                         struct wpa_ssid *remove_ssid = ssid;
1671                         id = ssid->id;
1672                         ssid = ssid->next;
1673                         wpas_notify_network_removed(wpa_s, remove_ssid);
1674                         wpa_config_remove_network(wpa_s->conf, id);
1675                 }
1676                 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1677                 if (wpa_s->current_ssid) {
1678                         wpa_sm_set_config(wpa_s->wpa, NULL);
1679                         eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1680                         wpa_supplicant_disassociate(wpa_s,
1681                                                     WLAN_REASON_DEAUTH_LEAVING);
1682                 }
1683                 return 0;
1684         }
1685
1686         id = atoi(cmd);
1687         wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_NETWORK id=%d", id);
1688
1689         ssid = wpa_config_get_network(wpa_s->conf, id);
1690         if (ssid)
1691                 wpas_notify_network_removed(wpa_s, ssid);
1692         if (ssid == NULL ||
1693             wpa_config_remove_network(wpa_s->conf, id) < 0) {
1694                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find network "
1695                            "id=%d", id);
1696                 return -1;
1697         }
1698
1699         if (ssid == wpa_s->current_ssid || wpa_s->current_ssid == NULL) {
1700                 /*
1701                  * Invalidate the EAP session cache if the current or
1702                  * previously used network is removed.
1703                  */
1704                 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1705         }
1706
1707         if (ssid == wpa_s->current_ssid) {
1708                 wpa_sm_set_config(wpa_s->wpa, NULL);
1709                 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1710
1711                 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1712         }
1713
1714         return 0;
1715 }
1716
1717
1718 static int wpa_supplicant_ctrl_iface_set_network(
1719         struct wpa_supplicant *wpa_s, char *cmd)
1720 {
1721         int id;
1722         struct wpa_ssid *ssid;
1723         char *name, *value;
1724
1725         /* cmd: "<network id> <variable name> <value>" */
1726         name = os_strchr(cmd, ' ');
1727         if (name == NULL)
1728                 return -1;
1729         *name++ = '\0';
1730
1731         value = os_strchr(name, ' ');
1732         if (value == NULL)
1733                 return -1;
1734         *value++ = '\0';
1735
1736         id = atoi(cmd);
1737         wpa_printf(MSG_DEBUG, "CTRL_IFACE: SET_NETWORK id=%d name='%s'",
1738                    id, name);
1739         wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: value",
1740                               (u8 *) value, os_strlen(value));
1741
1742         ssid = wpa_config_get_network(wpa_s->conf, id);
1743         if (ssid == NULL) {
1744                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find network "
1745                            "id=%d", id);
1746                 return -1;
1747         }
1748
1749         if (wpa_config_set(ssid, name, value, 0) < 0) {
1750                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Failed to set network "
1751                            "variable '%s'", name);
1752                 return -1;
1753         }
1754
1755         wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1756
1757         if (wpa_s->current_ssid == ssid || wpa_s->current_ssid == NULL) {
1758                 /*
1759                  * Invalidate the EAP session cache if anything in the current
1760                  * or previously used configuration changes.
1761                  */
1762                 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1763         }
1764
1765         if ((os_strcmp(name, "psk") == 0 &&
1766              value[0] == '"' && ssid->ssid_len) ||
1767             (os_strcmp(name, "ssid") == 0 && ssid->passphrase))
1768                 wpa_config_update_psk(ssid);
1769         else if (os_strcmp(name, "priority") == 0)
1770                 wpa_config_update_prio_list(wpa_s->conf);
1771
1772         return 0;
1773 }
1774
1775
1776 static int wpa_supplicant_ctrl_iface_get_network(
1777         struct wpa_supplicant *wpa_s, char *cmd, char *buf, size_t buflen)
1778 {
1779         int id;
1780         size_t res;
1781         struct wpa_ssid *ssid;
1782         char *name, *value;
1783
1784         /* cmd: "<network id> <variable name>" */
1785         name = os_strchr(cmd, ' ');
1786         if (name == NULL || buflen == 0)
1787                 return -1;
1788         *name++ = '\0';
1789
1790         id = atoi(cmd);
1791         wpa_printf(MSG_DEBUG, "CTRL_IFACE: GET_NETWORK id=%d name='%s'",
1792                    id, name);
1793
1794         ssid = wpa_config_get_network(wpa_s->conf, id);
1795         if (ssid == NULL) {
1796                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find network "
1797                            "id=%d", id);
1798                 return -1;
1799         }
1800
1801         value = wpa_config_get_no_key(ssid, name);
1802         if (value == NULL) {
1803                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Failed to get network "
1804                            "variable '%s'", name);
1805                 return -1;
1806         }
1807
1808         res = os_strlcpy(buf, value, buflen);
1809         if (res >= buflen) {
1810                 os_free(value);
1811                 return -1;
1812         }
1813
1814         os_free(value);
1815
1816         return res;
1817 }
1818
1819
1820 #ifndef CONFIG_NO_CONFIG_WRITE
1821 static int wpa_supplicant_ctrl_iface_save_config(struct wpa_supplicant *wpa_s)
1822 {
1823         int ret;
1824
1825         if (!wpa_s->conf->update_config) {
1826                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SAVE_CONFIG - Not allowed "
1827                            "to update configuration (update_config=0)");
1828                 return -1;
1829         }
1830
1831         ret = wpa_config_write(wpa_s->confname, wpa_s->conf);
1832         if (ret) {
1833                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SAVE_CONFIG - Failed to "
1834                            "update configuration");
1835         } else {
1836                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: SAVE_CONFIG - Configuration"
1837                            " updated");
1838         }
1839
1840         return ret;
1841 }
1842 #endif /* CONFIG_NO_CONFIG_WRITE */
1843
1844
1845 static int ctrl_iface_get_capability_pairwise(int res, char *strict,
1846                                               struct wpa_driver_capa *capa,
1847                                               char *buf, size_t buflen)
1848 {
1849         int ret, first = 1;
1850         char *pos, *end;
1851         size_t len;
1852
1853         pos = buf;
1854         end = pos + buflen;
1855
1856         if (res < 0) {
1857                 if (strict)
1858                         return 0;
1859                 len = os_strlcpy(buf, "CCMP TKIP NONE", buflen);
1860                 if (len >= buflen)
1861                         return -1;
1862                 return len;
1863         }
1864
1865         if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP) {
1866                 ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : " ");
1867                 if (ret < 0 || ret >= end - pos)
1868                         return pos - buf;
1869                 pos += ret;
1870                 first = 0;
1871         }
1872
1873         if (capa->enc & WPA_DRIVER_CAPA_ENC_TKIP) {
1874                 ret = os_snprintf(pos, end - pos, "%sTKIP", first ? "" : " ");
1875                 if (ret < 0 || ret >= end - pos)
1876                         return pos - buf;
1877                 pos += ret;
1878                 first = 0;
1879         }
1880
1881         if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE) {
1882                 ret = os_snprintf(pos, end - pos, "%sNONE", first ? "" : " ");
1883                 if (ret < 0 || ret >= end - pos)
1884                         return pos - buf;
1885                 pos += ret;
1886                 first = 0;
1887         }
1888
1889         return pos - buf;
1890 }
1891
1892
1893 static int ctrl_iface_get_capability_group(int res, char *strict,
1894                                            struct wpa_driver_capa *capa,
1895                                            char *buf, size_t buflen)
1896 {
1897         int ret, first = 1;
1898         char *pos, *end;
1899         size_t len;
1900
1901         pos = buf;
1902         end = pos + buflen;
1903
1904         if (res < 0) {
1905                 if (strict)
1906                         return 0;
1907                 len = os_strlcpy(buf, "CCMP TKIP WEP104 WEP40", buflen);
1908                 if (len >= buflen)
1909                         return -1;
1910                 return len;
1911         }
1912
1913         if (capa->enc & WPA_DRIVER_CAPA_ENC_CCMP) {
1914                 ret = os_snprintf(pos, end - pos, "%sCCMP", first ? "" : " ");
1915                 if (ret < 0 || ret >= end - pos)
1916                         return pos - buf;
1917                 pos += ret;
1918                 first = 0;
1919         }
1920
1921         if (capa->enc & WPA_DRIVER_CAPA_ENC_TKIP) {
1922                 ret = os_snprintf(pos, end - pos, "%sTKIP", first ? "" : " ");
1923                 if (ret < 0 || ret >= end - pos)
1924                         return pos - buf;
1925                 pos += ret;
1926                 first = 0;
1927         }
1928
1929         if (capa->enc & WPA_DRIVER_CAPA_ENC_WEP104) {
1930                 ret = os_snprintf(pos, end - pos, "%sWEP104",
1931                                   first ? "" : " ");
1932                 if (ret < 0 || ret >= end - pos)
1933                         return pos - buf;
1934                 pos += ret;
1935                 first = 0;
1936         }
1937
1938         if (capa->enc & WPA_DRIVER_CAPA_ENC_WEP40) {
1939                 ret = os_snprintf(pos, end - pos, "%sWEP40", first ? "" : " ");
1940                 if (ret < 0 || ret >= end - pos)
1941                         return pos - buf;
1942                 pos += ret;
1943                 first = 0;
1944         }
1945
1946         return pos - buf;
1947 }
1948
1949
1950 static int ctrl_iface_get_capability_key_mgmt(int res, char *strict,
1951                                               struct wpa_driver_capa *capa,
1952                                               char *buf, size_t buflen)
1953 {
1954         int ret;
1955         char *pos, *end;
1956         size_t len;
1957
1958         pos = buf;
1959         end = pos + buflen;
1960
1961         if (res < 0) {
1962                 if (strict)
1963                         return 0;
1964                 len = os_strlcpy(buf, "WPA-PSK WPA-EAP IEEE8021X WPA-NONE "
1965                                  "NONE", buflen);
1966                 if (len >= buflen)
1967                         return -1;
1968                 return len;
1969         }
1970
1971         ret = os_snprintf(pos, end - pos, "NONE IEEE8021X");
1972         if (ret < 0 || ret >= end - pos)
1973                 return pos - buf;
1974         pos += ret;
1975
1976         if (capa->key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1977                               WPA_DRIVER_CAPA_KEY_MGMT_WPA2)) {
1978                 ret = os_snprintf(pos, end - pos, " WPA-EAP");
1979                 if (ret < 0 || ret >= end - pos)
1980                         return pos - buf;
1981                 pos += ret;
1982         }
1983
1984         if (capa->key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK |
1985                               WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) {
1986                 ret = os_snprintf(pos, end - pos, " WPA-PSK");
1987                 if (ret < 0 || ret >= end - pos)
1988                         return pos - buf;
1989                 pos += ret;
1990         }
1991
1992         if (capa->key_mgmt & WPA_DRIVER_CAPA_KEY_MGMT_WPA_NONE) {
1993                 ret = os_snprintf(pos, end - pos, " WPA-NONE");
1994                 if (ret < 0 || ret >= end - pos)
1995                         return pos - buf;
1996                 pos += ret;
1997         }
1998
1999         return pos - buf;
2000 }
2001
2002
2003 static int ctrl_iface_get_capability_proto(int res, char *strict,
2004                                            struct wpa_driver_capa *capa,
2005                                            char *buf, size_t buflen)
2006 {
2007         int ret, first = 1;
2008         char *pos, *end;
2009         size_t len;
2010
2011         pos = buf;
2012         end = pos + buflen;
2013
2014         if (res < 0) {
2015                 if (strict)
2016                         return 0;
2017                 len = os_strlcpy(buf, "RSN WPA", buflen);
2018                 if (len >= buflen)
2019                         return -1;
2020                 return len;
2021         }
2022
2023         if (capa->key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
2024                               WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK)) {
2025                 ret = os_snprintf(pos, end - pos, "%sRSN", first ? "" : " ");
2026                 if (ret < 0 || ret >= end - pos)
2027                         return pos - buf;
2028                 pos += ret;
2029                 first = 0;
2030         }
2031
2032         if (capa->key_mgmt & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
2033                               WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK)) {
2034                 ret = os_snprintf(pos, end - pos, "%sWPA", first ? "" : " ");
2035                 if (ret < 0 || ret >= end - pos)
2036                         return pos - buf;
2037                 pos += ret;
2038                 first = 0;
2039         }
2040
2041         return pos - buf;
2042 }
2043
2044
2045 static int ctrl_iface_get_capability_auth_alg(int res, char *strict,
2046                                               struct wpa_driver_capa *capa,
2047                                               char *buf, size_t buflen)
2048 {
2049         int ret, first = 1;
2050         char *pos, *end;
2051         size_t len;
2052
2053         pos = buf;
2054         end = pos + buflen;
2055
2056         if (res < 0) {
2057                 if (strict)
2058                         return 0;
2059                 len = os_strlcpy(buf, "OPEN SHARED LEAP", buflen);
2060                 if (len >= buflen)
2061                         return -1;
2062                 return len;
2063         }
2064
2065         if (capa->auth & (WPA_DRIVER_AUTH_OPEN)) {
2066                 ret = os_snprintf(pos, end - pos, "%sOPEN", first ? "" : " ");
2067                 if (ret < 0 || ret >= end - pos)
2068                         return pos - buf;
2069                 pos += ret;
2070                 first = 0;
2071         }
2072
2073         if (capa->auth & (WPA_DRIVER_AUTH_SHARED)) {
2074                 ret = os_snprintf(pos, end - pos, "%sSHARED",
2075                                   first ? "" : " ");
2076                 if (ret < 0 || ret >= end - pos)
2077                         return pos - buf;
2078                 pos += ret;
2079                 first = 0;
2080         }
2081
2082         if (capa->auth & (WPA_DRIVER_AUTH_LEAP)) {
2083                 ret = os_snprintf(pos, end - pos, "%sLEAP", first ? "" : " ");
2084                 if (ret < 0 || ret >= end - pos)
2085                         return pos - buf;
2086                 pos += ret;
2087                 first = 0;
2088         }
2089
2090         return pos - buf;
2091 }
2092
2093
2094 static int wpa_supplicant_ctrl_iface_get_capability(
2095         struct wpa_supplicant *wpa_s, const char *_field, char *buf,
2096         size_t buflen)
2097 {
2098         struct wpa_driver_capa capa;
2099         int res;
2100         char *strict;
2101         char field[30];
2102         size_t len;
2103
2104         /* Determine whether or not strict checking was requested */
2105         len = os_strlcpy(field, _field, sizeof(field));
2106         if (len >= sizeof(field))
2107                 return -1;
2108         strict = os_strchr(field, ' ');
2109         if (strict != NULL) {
2110                 *strict++ = '\0';
2111                 if (os_strcmp(strict, "strict") != 0)
2112                         return -1;
2113         }
2114
2115         wpa_printf(MSG_DEBUG, "CTRL_IFACE: GET_CAPABILITY '%s' %s",
2116                 field, strict ? strict : "");
2117
2118         if (os_strcmp(field, "eap") == 0) {
2119                 return eap_get_names(buf, buflen);
2120         }
2121
2122         res = wpa_drv_get_capa(wpa_s, &capa);
2123
2124         if (os_strcmp(field, "pairwise") == 0)
2125                 return ctrl_iface_get_capability_pairwise(res, strict, &capa,
2126                                                           buf, buflen);
2127
2128         if (os_strcmp(field, "group") == 0)
2129                 return ctrl_iface_get_capability_group(res, strict, &capa,
2130                                                        buf, buflen);
2131
2132         if (os_strcmp(field, "key_mgmt") == 0)
2133                 return ctrl_iface_get_capability_key_mgmt(res, strict, &capa,
2134                                                           buf, buflen);
2135
2136         if (os_strcmp(field, "proto") == 0)
2137                 return ctrl_iface_get_capability_proto(res, strict, &capa,
2138                                                        buf, buflen);
2139
2140         if (os_strcmp(field, "auth_alg") == 0)
2141                 return ctrl_iface_get_capability_auth_alg(res, strict, &capa,
2142                                                           buf, buflen);
2143
2144         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown GET_CAPABILITY field '%s'",
2145                    field);
2146
2147         return -1;
2148 }
2149
2150
2151 #ifdef CONFIG_INTERWORKING
2152 static char * anqp_add_hex(char *pos, char *end, const char *title,
2153                            struct wpabuf *data)
2154 {
2155         char *start = pos;
2156         size_t i;
2157         int ret;
2158         const u8 *d;
2159
2160         if (data == NULL)
2161                 return start;
2162
2163         ret = os_snprintf(pos, end - pos, "%s=", title);
2164         if (ret < 0 || ret >= end - pos)
2165                 return start;
2166         pos += ret;
2167
2168         d = wpabuf_head_u8(data);
2169         for (i = 0; i < wpabuf_len(data); i++) {
2170                 ret = os_snprintf(pos, end - pos, "%02x", *d++);
2171                 if (ret < 0 || ret >= end - pos)
2172                         return start;
2173                 pos += ret;
2174         }
2175
2176         ret = os_snprintf(pos, end - pos, "\n");
2177         if (ret < 0 || ret >= end - pos)
2178                 return start;
2179         pos += ret;
2180
2181         return pos;
2182 }
2183 #endif /* CONFIG_INTERWORKING */
2184
2185
2186 static int wpa_supplicant_ctrl_iface_bss(struct wpa_supplicant *wpa_s,
2187                                          const char *cmd, char *buf,
2188                                          size_t buflen)
2189 {
2190         u8 bssid[ETH_ALEN];
2191         size_t i;
2192         struct wpa_bss *bss;
2193         int ret;
2194         char *pos, *end;
2195         const u8 *ie, *ie2;
2196
2197         if (os_strcmp(cmd, "FIRST") == 0)
2198                 bss = dl_list_first(&wpa_s->bss, struct wpa_bss, list);
2199         else if (os_strncmp(cmd, "ID-", 3) == 0) {
2200                 i = atoi(cmd + 3);
2201                 bss = wpa_bss_get_id(wpa_s, i);
2202         } else if (os_strncmp(cmd, "NEXT-", 5) == 0) {
2203                 i = atoi(cmd + 5);
2204                 bss = wpa_bss_get_id(wpa_s, i);
2205                 if (bss) {
2206                         struct dl_list *next = bss->list_id.next;
2207                         if (next == &wpa_s->bss_id)
2208                                 bss = NULL;
2209                         else
2210                                 bss = dl_list_entry(next, struct wpa_bss,
2211                                                     list_id);
2212                 }
2213         } else if (hwaddr_aton(cmd, bssid) == 0)
2214                 bss = wpa_bss_get_bssid(wpa_s, bssid);
2215         else {
2216                 struct wpa_bss *tmp;
2217                 i = atoi(cmd);
2218                 bss = NULL;
2219                 dl_list_for_each(tmp, &wpa_s->bss_id, struct wpa_bss, list_id)
2220                 {
2221                         if (i-- == 0) {
2222                                 bss = tmp;
2223                                 break;
2224                         }
2225                 }
2226         }
2227
2228         if (bss == NULL)
2229                 return 0;
2230
2231         pos = buf;
2232         end = buf + buflen;
2233         ret = os_snprintf(pos, end - pos,
2234                           "id=%u\n"
2235                           "bssid=" MACSTR "\n"
2236                           "freq=%d\n"
2237                           "beacon_int=%d\n"
2238                           "capabilities=0x%04x\n"
2239                           "qual=%d\n"
2240                           "noise=%d\n"
2241                           "level=%d\n"
2242                           "tsf=%016llu\n"
2243                           "ie=",
2244                           bss->id,
2245                           MAC2STR(bss->bssid), bss->freq, bss->beacon_int,
2246                           bss->caps, bss->qual, bss->noise, bss->level,
2247                           (unsigned long long) bss->tsf);
2248         if (ret < 0 || ret >= end - pos)
2249                 return pos - buf;
2250         pos += ret;
2251
2252         ie = (const u8 *) (bss + 1);
2253         for (i = 0; i < bss->ie_len; i++) {
2254                 ret = os_snprintf(pos, end - pos, "%02x", *ie++);
2255                 if (ret < 0 || ret >= end - pos)
2256                         return pos - buf;
2257                 pos += ret;
2258         }
2259
2260         ret = os_snprintf(pos, end - pos, "\n");
2261         if (ret < 0 || ret >= end - pos)
2262                 return pos - buf;
2263         pos += ret;
2264
2265         ret = os_snprintf(pos, end - pos, "flags=");
2266         if (ret < 0 || ret >= end - pos)
2267                 return pos - buf;
2268         pos += ret;
2269
2270         ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
2271         if (ie)
2272                 pos = wpa_supplicant_ie_txt(pos, end, "WPA", ie, 2 + ie[1]);
2273         ie2 = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2274         if (ie2)
2275                 pos = wpa_supplicant_ie_txt(pos, end, "WPA2", ie2, 2 + ie2[1]);
2276         pos = wpa_supplicant_wps_ie_txt(wpa_s, pos, end, bss);
2277         if (!ie && !ie2 && bss->caps & IEEE80211_CAP_PRIVACY) {
2278                 ret = os_snprintf(pos, end - pos, "[WEP]");
2279                 if (ret < 0 || ret >= end - pos)
2280                         return pos - buf;
2281                 pos += ret;
2282         }
2283         if (bss->caps & IEEE80211_CAP_IBSS) {
2284                 ret = os_snprintf(pos, end - pos, "[IBSS]");
2285                 if (ret < 0 || ret >= end - pos)
2286                         return pos - buf;
2287                 pos += ret;
2288         }
2289         if (bss->caps & IEEE80211_CAP_ESS) {
2290                 ret = os_snprintf(pos, end - pos, "[ESS]");
2291                 if (ret < 0 || ret >= end - pos)
2292                         return pos - buf;
2293                 pos += ret;
2294         }
2295         if (wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE)) {
2296                 ret = os_snprintf(pos, end - pos, "[P2P]");
2297                 if (ret < 0 || ret >= end - pos)
2298                         return pos - buf;
2299                 pos += ret;
2300         }
2301
2302         ret = os_snprintf(pos, end - pos, "\n");
2303         if (ret < 0 || ret >= end - pos)
2304                 return pos - buf;
2305         pos += ret;
2306
2307         ret = os_snprintf(pos, end - pos, "ssid=%s\n",
2308                           wpa_ssid_txt(bss->ssid, bss->ssid_len));
2309         if (ret < 0 || ret >= end - pos)
2310                 return pos - buf;
2311         pos += ret;
2312
2313 #ifdef CONFIG_WPS
2314         ie = (const u8 *) (bss + 1);
2315         ret = wpas_wps_scan_result_text(ie, bss->ie_len, pos, end);
2316         if (ret < 0 || ret >= end - pos)
2317                 return pos - buf;
2318         pos += ret;
2319 #endif /* CONFIG_WPS */
2320
2321 #ifdef CONFIG_P2P
2322         ie = (const u8 *) (bss + 1);
2323         ret = wpas_p2p_scan_result_text(ie, bss->ie_len, pos, end);
2324         if (ret < 0 || ret >= end - pos)
2325                 return pos - buf;
2326         pos += ret;
2327 #endif /* CONFIG_P2P */
2328
2329 #ifdef CONFIG_INTERWORKING
2330         pos = anqp_add_hex(pos, end, "anqp_venue_name", bss->anqp_venue_name);
2331         pos = anqp_add_hex(pos, end, "anqp_network_auth_type",
2332                            bss->anqp_network_auth_type);
2333         pos = anqp_add_hex(pos, end, "anqp_roaming_consortium",
2334                            bss->anqp_roaming_consortium);
2335         pos = anqp_add_hex(pos, end, "anqp_ip_addr_type_availability",
2336                            bss->anqp_ip_addr_type_availability);
2337         pos = anqp_add_hex(pos, end, "anqp_nai_realm", bss->anqp_nai_realm);
2338         pos = anqp_add_hex(pos, end, "anqp_3gpp", bss->anqp_3gpp);
2339         pos = anqp_add_hex(pos, end, "anqp_domain_name",
2340                            bss->anqp_domain_name);
2341 #endif /* CONFIG_INTERWORKING */
2342
2343         return pos - buf;
2344 }
2345
2346
2347 static int wpa_supplicant_ctrl_iface_ap_scan(
2348         struct wpa_supplicant *wpa_s, char *cmd)
2349 {
2350         int ap_scan = atoi(cmd);
2351         return wpa_supplicant_set_ap_scan(wpa_s, ap_scan);
2352 }
2353
2354
2355 static int wpa_supplicant_ctrl_iface_scan_interval(
2356         struct wpa_supplicant *wpa_s, char *cmd)
2357 {
2358         int scan_int = atoi(cmd);
2359         if (scan_int < 0)
2360                 return -1;
2361         wpa_s->scan_interval = scan_int;
2362         return 0;
2363 }
2364
2365
2366 static int wpa_supplicant_ctrl_iface_bss_expire_age(
2367         struct wpa_supplicant *wpa_s, char *cmd)
2368 {
2369         int expire_age = atoi(cmd);
2370         return wpa_supplicant_set_bss_expiration_age(wpa_s, expire_age);
2371 }
2372
2373
2374 static int wpa_supplicant_ctrl_iface_bss_expire_count(
2375         struct wpa_supplicant *wpa_s, char *cmd)
2376 {
2377         int expire_count = atoi(cmd);
2378         return wpa_supplicant_set_bss_expiration_count(wpa_s, expire_count);
2379 }
2380
2381
2382 static void wpa_supplicant_ctrl_iface_drop_sa(struct wpa_supplicant *wpa_s)
2383 {
2384         wpa_printf(MSG_DEBUG, "Dropping SA without deauthentication");
2385         /* MLME-DELETEKEYS.request */
2386         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
2387         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
2388         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
2389         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
2390 #ifdef CONFIG_IEEE80211W
2391         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
2392         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
2393 #endif /* CONFIG_IEEE80211W */
2394
2395         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, wpa_s->bssid, 0, 0, NULL, 0, NULL,
2396                         0);
2397         /* MLME-SETPROTECTION.request(None) */
2398         wpa_drv_mlme_setprotection(wpa_s, wpa_s->bssid,
2399                                    MLME_SETPROTECTION_PROTECT_TYPE_NONE,
2400                                    MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
2401         wpa_sm_drop_sa(wpa_s->wpa);
2402 }
2403
2404
2405 static int wpa_supplicant_ctrl_iface_roam(struct wpa_supplicant *wpa_s,
2406                                           char *addr)
2407 {
2408 #ifdef CONFIG_NO_SCAN_PROCESSING
2409         return -1;
2410 #else /* CONFIG_NO_SCAN_PROCESSING */
2411         u8 bssid[ETH_ALEN];
2412         struct wpa_bss *bss;
2413         struct wpa_ssid *ssid = wpa_s->current_ssid;
2414
2415         if (hwaddr_aton(addr, bssid)) {
2416                 wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM: invalid "
2417                            "address '%s'", addr);
2418                 return -1;
2419         }
2420
2421         wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM " MACSTR, MAC2STR(bssid));
2422
2423         bss = wpa_bss_get_bssid(wpa_s, bssid);
2424         if (!bss) {
2425                 wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM: Target AP not found "
2426                            "from BSS table");
2427                 return -1;
2428         }
2429
2430         /*
2431          * TODO: Find best network configuration block from configuration to
2432          * allow roaming to other networks
2433          */
2434
2435         if (!ssid) {
2436                 wpa_printf(MSG_DEBUG, "CTRL_IFACE ROAM: No network "
2437                            "configuration known for the target AP");
2438                 return -1;
2439         }
2440
2441         wpa_s->reassociate = 1;
2442         wpa_supplicant_connect(wpa_s, bss, ssid);
2443
2444         return 0;
2445 #endif /* CONFIG_NO_SCAN_PROCESSING */
2446 }
2447
2448
2449 #ifdef CONFIG_P2P
2450 static int p2p_ctrl_find(struct wpa_supplicant *wpa_s, char *cmd)
2451 {
2452         unsigned int timeout = atoi(cmd);
2453         enum p2p_discovery_type type = P2P_FIND_START_WITH_FULL;
2454         u8 dev_id[ETH_ALEN], *_dev_id = NULL;
2455         char *pos;
2456
2457         if (os_strstr(cmd, "type=social"))
2458                 type = P2P_FIND_ONLY_SOCIAL;
2459         else if (os_strstr(cmd, "type=progressive"))
2460                 type = P2P_FIND_PROGRESSIVE;
2461
2462         pos = os_strstr(cmd, "dev_id=");
2463         if (pos) {
2464                 pos += 7;
2465                 if (hwaddr_aton(pos, dev_id))
2466                         return -1;
2467                 _dev_id = dev_id;
2468         }
2469
2470         return wpas_p2p_find(wpa_s, timeout, type, 0, NULL, _dev_id);
2471 }
2472
2473
2474 static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd,
2475                             char *buf, size_t buflen)
2476 {
2477         u8 addr[ETH_ALEN];
2478         char *pos, *pos2;
2479         char *pin = NULL;
2480         enum p2p_wps_method wps_method;
2481         int new_pin;
2482         int ret;
2483         int persistent_group;
2484         int join;
2485         int auth;
2486         int go_intent = -1;
2487         int freq = 0;
2488
2489         /* <addr> <"pbc" | "pin" | PIN> [label|display|keypad] [persistent]
2490          * [join] [auth] [go_intent=<0..15>] [freq=<in MHz>] */
2491
2492         if (hwaddr_aton(cmd, addr))
2493                 return -1;
2494
2495         pos = cmd + 17;
2496         if (*pos != ' ')
2497                 return -1;
2498         pos++;
2499
2500         persistent_group = os_strstr(pos, " persistent") != NULL;
2501         join = os_strstr(pos, " join") != NULL;
2502         auth = os_strstr(pos, " auth") != NULL;
2503
2504         pos2 = os_strstr(pos, " go_intent=");
2505         if (pos2) {
2506                 pos2 += 11;
2507                 go_intent = atoi(pos2);
2508                 if (go_intent < 0 || go_intent > 15)
2509                         return -1;
2510         }
2511
2512         pos2 = os_strstr(pos, " freq=");
2513         if (pos2) {
2514                 pos2 += 6;
2515                 freq = atoi(pos2);
2516                 if (freq <= 0)
2517                         return -1;
2518         }
2519
2520         if (os_strncmp(pos, "pin", 3) == 0) {
2521                 /* Request random PIN (to be displayed) and enable the PIN */
2522                 wps_method = WPS_PIN_DISPLAY;
2523         } else if (os_strncmp(pos, "pbc", 3) == 0) {
2524                 wps_method = WPS_PBC;
2525         } else {
2526                 pin = pos;
2527                 pos = os_strchr(pin, ' ');
2528                 wps_method = WPS_PIN_KEYPAD;
2529                 if (pos) {
2530                         *pos++ = '\0';
2531                         if (os_strncmp(pos, "display", 7) == 0)
2532                                 wps_method = WPS_PIN_DISPLAY;
2533                 }
2534         }
2535
2536         new_pin = wpas_p2p_connect(wpa_s, addr, pin, wps_method,
2537                                    persistent_group, join, auth, go_intent,
2538                                    freq);
2539         if (new_pin == -2) {
2540                 os_memcpy(buf, "FAIL-CHANNEL-UNAVAILABLE\n", 25);
2541                 return 25;
2542         }
2543         if (new_pin == -3) {
2544                 os_memcpy(buf, "FAIL-CHANNEL-UNSUPPORTED\n", 25);
2545                 return 25;
2546         }
2547         if (new_pin < 0)
2548                 return -1;
2549         if (wps_method == WPS_PIN_DISPLAY && pin == NULL) {
2550                 ret = os_snprintf(buf, buflen, "%08d", new_pin);
2551                 if (ret < 0 || (size_t) ret >= buflen)
2552                         return -1;
2553                 return ret;
2554         }
2555
2556         os_memcpy(buf, "OK\n", 3);
2557         return 3;
2558 }
2559
2560
2561 static int p2p_ctrl_listen(struct wpa_supplicant *wpa_s, char *cmd)
2562 {
2563         unsigned int timeout = atoi(cmd);
2564         return wpas_p2p_listen(wpa_s, timeout);
2565 }
2566
2567
2568 static int p2p_ctrl_prov_disc(struct wpa_supplicant *wpa_s, char *cmd)
2569 {
2570         u8 addr[ETH_ALEN];
2571         char *pos;
2572
2573         /* <addr> <config method> [join] */
2574
2575         if (hwaddr_aton(cmd, addr))
2576                 return -1;
2577
2578         pos = cmd + 17;
2579         if (*pos != ' ')
2580                 return -1;
2581         pos++;
2582
2583         return wpas_p2p_prov_disc(wpa_s, addr, pos,
2584                                   os_strstr(pos, "join") != NULL);
2585 }
2586
2587
2588 static int p2p_get_passphrase(struct wpa_supplicant *wpa_s, char *buf,
2589                               size_t buflen)
2590 {
2591         struct wpa_ssid *ssid = wpa_s->current_ssid;
2592
2593         if (ssid == NULL || ssid->mode != WPAS_MODE_P2P_GO ||
2594             ssid->passphrase == NULL)
2595                 return -1;
2596
2597         os_strlcpy(buf, ssid->passphrase, buflen);
2598         return os_strlen(buf);
2599 }
2600
2601
2602 static int p2p_ctrl_serv_disc_req(struct wpa_supplicant *wpa_s, char *cmd,
2603                                   char *buf, size_t buflen)
2604 {
2605         u64 ref;
2606         int res;
2607         u8 dst_buf[ETH_ALEN], *dst;
2608         struct wpabuf *tlvs;
2609         char *pos;
2610         size_t len;
2611
2612         if (hwaddr_aton(cmd, dst_buf))
2613                 return -1;
2614         dst = dst_buf;
2615         if (dst[0] == 0 && dst[1] == 0 && dst[2] == 0 &&
2616             dst[3] == 0 && dst[4] == 0 && dst[5] == 0)
2617                 dst = NULL;
2618         pos = cmd + 17;
2619         if (*pos != ' ')
2620                 return -1;
2621         pos++;
2622
2623         if (os_strncmp(pos, "upnp ", 5) == 0) {
2624                 u8 version;
2625                 pos += 5;
2626                 if (hexstr2bin(pos, &version, 1) < 0)
2627                         return -1;
2628                 pos += 2;
2629                 if (*pos != ' ')
2630                         return -1;
2631                 pos++;
2632                 ref = wpas_p2p_sd_request_upnp(wpa_s, dst, version, pos);
2633         } else {
2634                 len = os_strlen(pos);
2635                 if (len & 1)
2636                         return -1;
2637                 len /= 2;
2638                 tlvs = wpabuf_alloc(len);
2639                 if (tlvs == NULL)
2640                         return -1;
2641                 if (hexstr2bin(pos, wpabuf_put(tlvs, len), len) < 0) {
2642                         wpabuf_free(tlvs);
2643                         return -1;
2644                 }
2645
2646                 ref = wpas_p2p_sd_request(wpa_s, dst, tlvs);
2647                 wpabuf_free(tlvs);
2648         }
2649         if (ref == 0)
2650                 return -1;
2651         res = os_snprintf(buf, buflen, "%llx", (long long unsigned) ref);
2652         if (res < 0 || (unsigned) res >= buflen)
2653                 return -1;
2654         return res;
2655 }
2656
2657
2658 static int p2p_ctrl_serv_disc_cancel_req(struct wpa_supplicant *wpa_s,
2659                                          char *cmd)
2660 {
2661         long long unsigned val;
2662         u64 req;
2663         if (sscanf(cmd, "%llx", &val) != 1)
2664                 return -1;
2665         req = val;
2666         return wpas_p2p_sd_cancel_request(wpa_s, req);
2667 }
2668
2669
2670 static int p2p_ctrl_serv_disc_resp(struct wpa_supplicant *wpa_s, char *cmd)
2671 {
2672         int freq;
2673         u8 dst[ETH_ALEN];
2674         u8 dialog_token;
2675         struct wpabuf *resp_tlvs;
2676         char *pos, *pos2;
2677         size_t len;
2678
2679         pos = os_strchr(cmd, ' ');
2680         if (pos == NULL)
2681                 return -1;
2682         *pos++ = '\0';
2683         freq = atoi(cmd);
2684         if (freq == 0)
2685                 return -1;
2686
2687         if (hwaddr_aton(pos, dst))
2688                 return -1;
2689         pos += 17;
2690         if (*pos != ' ')
2691                 return -1;
2692         pos++;
2693
2694         pos2 = os_strchr(pos, ' ');
2695         if (pos2 == NULL)
2696                 return -1;
2697         *pos2++ = '\0';
2698         dialog_token = atoi(pos);
2699
2700         len = os_strlen(pos2);
2701         if (len & 1)
2702                 return -1;
2703         len /= 2;
2704         resp_tlvs = wpabuf_alloc(len);
2705         if (resp_tlvs == NULL)
2706                 return -1;
2707         if (hexstr2bin(pos2, wpabuf_put(resp_tlvs, len), len) < 0) {
2708                 wpabuf_free(resp_tlvs);
2709                 return -1;
2710         }
2711
2712         wpas_p2p_sd_response(wpa_s, freq, dst, dialog_token, resp_tlvs);
2713         wpabuf_free(resp_tlvs);
2714         return 0;
2715 }
2716
2717
2718 static int p2p_ctrl_serv_disc_external(struct wpa_supplicant *wpa_s,
2719                                        char *cmd)
2720 {
2721         wpa_s->p2p_sd_over_ctrl_iface = atoi(cmd);
2722         return 0;
2723 }
2724
2725
2726 static int p2p_ctrl_service_add_bonjour(struct wpa_supplicant *wpa_s,
2727                                         char *cmd)
2728 {
2729         char *pos;
2730         size_t len;
2731         struct wpabuf *query, *resp;
2732
2733         pos = os_strchr(cmd, ' ');
2734         if (pos == NULL)
2735                 return -1;
2736         *pos++ = '\0';
2737
2738         len = os_strlen(cmd);
2739         if (len & 1)
2740                 return -1;
2741         len /= 2;
2742         query = wpabuf_alloc(len);
2743         if (query == NULL)
2744                 return -1;
2745         if (hexstr2bin(cmd, wpabuf_put(query, len), len) < 0) {
2746                 wpabuf_free(query);
2747                 return -1;
2748         }
2749
2750         len = os_strlen(pos);
2751         if (len & 1) {
2752                 wpabuf_free(query);
2753                 return -1;
2754         }
2755         len /= 2;
2756         resp = wpabuf_alloc(len);
2757         if (resp == NULL) {
2758                 wpabuf_free(query);
2759                 return -1;
2760         }
2761         if (hexstr2bin(pos, wpabuf_put(resp, len), len) < 0) {
2762                 wpabuf_free(query);
2763                 wpabuf_free(resp);
2764                 return -1;
2765         }
2766
2767         if (wpas_p2p_service_add_bonjour(wpa_s, query, resp) < 0) {
2768                 wpabuf_free(query);
2769                 wpabuf_free(resp);
2770                 return -1;
2771         }
2772         return 0;
2773 }
2774
2775
2776 static int p2p_ctrl_service_add_upnp(struct wpa_supplicant *wpa_s, char *cmd)
2777 {
2778         char *pos;
2779         u8 version;
2780
2781         pos = os_strchr(cmd, ' ');
2782         if (pos == NULL)
2783                 return -1;
2784         *pos++ = '\0';
2785
2786         if (hexstr2bin(cmd, &version, 1) < 0)
2787                 return -1;
2788
2789         return wpas_p2p_service_add_upnp(wpa_s, version, pos);
2790 }
2791
2792
2793 static int p2p_ctrl_service_add(struct wpa_supplicant *wpa_s, char *cmd)
2794 {
2795         char *pos;
2796
2797         pos = os_strchr(cmd, ' ');
2798         if (pos == NULL)
2799                 return -1;
2800         *pos++ = '\0';
2801
2802         if (os_strcmp(cmd, "bonjour") == 0)
2803                 return p2p_ctrl_service_add_bonjour(wpa_s, pos);
2804         if (os_strcmp(cmd, "upnp") == 0)
2805                 return p2p_ctrl_service_add_upnp(wpa_s, pos);
2806         wpa_printf(MSG_DEBUG, "Unknown service '%s'", cmd);
2807         return -1;
2808 }
2809
2810
2811 static int p2p_ctrl_service_del_bonjour(struct wpa_supplicant *wpa_s,
2812                                         char *cmd)
2813 {
2814         size_t len;
2815         struct wpabuf *query;
2816         int ret;
2817
2818         len = os_strlen(cmd);
2819         if (len & 1)
2820                 return -1;
2821         len /= 2;
2822         query = wpabuf_alloc(len);
2823         if (query == NULL)
2824                 return -1;
2825         if (hexstr2bin(cmd, wpabuf_put(query, len), len) < 0) {
2826                 wpabuf_free(query);
2827                 return -1;
2828         }
2829
2830         ret = wpas_p2p_service_del_bonjour(wpa_s, query);
2831         wpabuf_free(query);
2832         return ret;
2833 }
2834
2835
2836 static int p2p_ctrl_service_del_upnp(struct wpa_supplicant *wpa_s, char *cmd)
2837 {
2838         char *pos;
2839         u8 version;
2840
2841         pos = os_strchr(cmd, ' ');
2842         if (pos == NULL)
2843                 return -1;
2844         *pos++ = '\0';
2845
2846         if (hexstr2bin(cmd, &version, 1) < 0)
2847                 return -1;
2848
2849         return wpas_p2p_service_del_upnp(wpa_s, version, pos);
2850 }
2851
2852
2853 static int p2p_ctrl_service_del(struct wpa_supplicant *wpa_s, char *cmd)
2854 {
2855         char *pos;
2856
2857         pos = os_strchr(cmd, ' ');
2858         if (pos == NULL)
2859                 return -1;
2860         *pos++ = '\0';
2861
2862         if (os_strcmp(cmd, "bonjour") == 0)
2863                 return p2p_ctrl_service_del_bonjour(wpa_s, pos);
2864         if (os_strcmp(cmd, "upnp") == 0)
2865                 return p2p_ctrl_service_del_upnp(wpa_s, pos);
2866         wpa_printf(MSG_DEBUG, "Unknown service '%s'", cmd);
2867         return -1;
2868 }
2869
2870
2871 static int p2p_ctrl_reject(struct wpa_supplicant *wpa_s, char *cmd)
2872 {
2873         u8 addr[ETH_ALEN];
2874
2875         /* <addr> */
2876
2877         if (hwaddr_aton(cmd, addr))
2878                 return -1;
2879
2880         return wpas_p2p_reject(wpa_s, addr);
2881 }
2882
2883
2884 static int p2p_ctrl_invite_persistent(struct wpa_supplicant *wpa_s, char *cmd)
2885 {
2886         char *pos;
2887         int id;
2888         struct wpa_ssid *ssid;
2889         u8 peer[ETH_ALEN];
2890
2891         id = atoi(cmd);
2892         pos = os_strstr(cmd, " peer=");
2893         if (pos) {
2894                 pos += 6;
2895                 if (hwaddr_aton(pos, peer))
2896                         return -1;
2897         }
2898         ssid = wpa_config_get_network(wpa_s->conf, id);
2899         if (ssid == NULL || ssid->disabled != 2) {
2900                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find SSID id=%d "
2901                            "for persistent P2P group",
2902                            id);
2903                 return -1;
2904         }
2905
2906         return wpas_p2p_invite(wpa_s, pos ? peer : NULL, ssid, NULL);
2907 }
2908
2909
2910 static int p2p_ctrl_invite_group(struct wpa_supplicant *wpa_s, char *cmd)
2911 {
2912         char *pos;
2913         u8 peer[ETH_ALEN], go_dev_addr[ETH_ALEN], *go_dev = NULL;
2914
2915         pos = os_strstr(cmd, " peer=");
2916         if (!pos)
2917                 return -1;
2918
2919         *pos = '\0';
2920         pos += 6;
2921         if (hwaddr_aton(pos, peer)) {
2922                 wpa_printf(MSG_DEBUG, "P2P: Invalid MAC address '%s'", pos);
2923                 return -1;
2924         }
2925
2926         pos = os_strstr(pos, " go_dev_addr=");
2927         if (pos) {
2928                 pos += 13;
2929                 if (hwaddr_aton(pos, go_dev_addr)) {
2930                         wpa_printf(MSG_DEBUG, "P2P: Invalid MAC address '%s'",
2931                                    pos);
2932                         return -1;
2933                 }
2934                 go_dev = go_dev_addr;
2935         }
2936
2937         return wpas_p2p_invite_group(wpa_s, cmd, peer, go_dev);
2938 }
2939
2940
2941 static int p2p_ctrl_invite(struct wpa_supplicant *wpa_s, char *cmd)
2942 {
2943         if (os_strncmp(cmd, "persistent=", 11) == 0)
2944                 return p2p_ctrl_invite_persistent(wpa_s, cmd + 11);
2945         if (os_strncmp(cmd, "group=", 6) == 0)
2946                 return p2p_ctrl_invite_group(wpa_s, cmd + 6);
2947
2948         return -1;
2949 }
2950
2951
2952 static int p2p_ctrl_group_add_persistent(struct wpa_supplicant *wpa_s,
2953                                          char *cmd, int freq)
2954 {
2955         int id;
2956         struct wpa_ssid *ssid;
2957
2958         id = atoi(cmd);
2959         ssid = wpa_config_get_network(wpa_s->conf, id);
2960         if (ssid == NULL || ssid->disabled != 2) {
2961                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find SSID id=%d "
2962                            "for persistent P2P group",
2963                            id);
2964                 return -1;
2965         }
2966
2967         return wpas_p2p_group_add_persistent(wpa_s, ssid, 0, freq);
2968 }
2969
2970
2971 static int p2p_ctrl_group_add(struct wpa_supplicant *wpa_s, char *cmd)
2972 {
2973         int freq = 0;
2974         char *pos;
2975
2976         pos = os_strstr(cmd, "freq=");
2977         if (pos)
2978                 freq = atoi(pos + 5);
2979
2980         if (os_strncmp(cmd, "persistent=", 11) == 0)
2981                 return p2p_ctrl_group_add_persistent(wpa_s, cmd + 11, freq);
2982         if (os_strcmp(cmd, "persistent") == 0 ||
2983             os_strncmp(cmd, "persistent ", 11) == 0)
2984                 return wpas_p2p_group_add(wpa_s, 1, freq);
2985         if (os_strncmp(cmd, "freq=", 5) == 0)
2986                 return wpas_p2p_group_add(wpa_s, 0, freq);
2987
2988         wpa_printf(MSG_DEBUG, "CTRL: Invalid P2P_GROUP_ADD parameters '%s'",
2989                    cmd);
2990         return -1;
2991 }
2992
2993
2994 static int p2p_ctrl_peer(struct wpa_supplicant *wpa_s, char *cmd,
2995                          char *buf, size_t buflen)
2996 {
2997         u8 addr[ETH_ALEN], *addr_ptr;
2998         int next, res;
2999         const struct p2p_peer_info *info;
3000         char *pos, *end;
3001         char devtype[WPS_DEV_TYPE_BUFSIZE];
3002         struct wpa_ssid *ssid;
3003
3004         if (!wpa_s->global->p2p)
3005                 return -1;
3006
3007         if (os_strcmp(cmd, "FIRST") == 0) {
3008                 addr_ptr = NULL;
3009                 next = 0;
3010         } else if (os_strncmp(cmd, "NEXT-", 5) == 0) {
3011                 if (hwaddr_aton(cmd + 5, addr) < 0)
3012                         return -1;
3013                 addr_ptr = addr;
3014                 next = 1;
3015         } else {
3016                 if (hwaddr_aton(cmd, addr) < 0)
3017                         return -1;
3018                 addr_ptr = addr;
3019                 next = 0;
3020         }
3021
3022         info = p2p_get_peer_info(wpa_s->global->p2p, addr_ptr, next);
3023         if (info == NULL)
3024                 return -1;
3025
3026         pos = buf;
3027         end = buf + buflen;
3028
3029         res = os_snprintf(pos, end - pos, MACSTR "\n"
3030                           "pri_dev_type=%s\n"
3031                           "device_name=%s\n"
3032                           "manufacturer=%s\n"
3033                           "model_name=%s\n"
3034                           "model_number=%s\n"
3035                           "serial_number=%s\n"
3036                           "config_methods=0x%x\n"
3037                           "dev_capab=0x%x\n"
3038                           "group_capab=0x%x\n"
3039                           "level=%d\n",
3040                           MAC2STR(info->p2p_device_addr),
3041                           wps_dev_type_bin2str(info->pri_dev_type,
3042                                                devtype, sizeof(devtype)),
3043                           info->device_name,
3044                           info->manufacturer,
3045                           info->model_name,
3046                           info->model_number,
3047                           info->serial_number,
3048                           info->config_methods,
3049                           info->dev_capab,
3050                           info->group_capab,
3051                           info->level);
3052         if (res < 0 || res >= end - pos)
3053                 return pos - buf;
3054         pos += res;
3055
3056         ssid = wpas_p2p_get_persistent(wpa_s, info->p2p_device_addr);
3057         if (ssid) {
3058                 res = os_snprintf(pos, end - pos, "persistent=%d\n", ssid->id);
3059                 if (res < 0 || res >= end - pos)
3060                         return pos - buf;
3061                 pos += res;
3062         }
3063
3064         res = p2p_get_peer_info_txt(info, pos, end - pos);
3065         if (res < 0)
3066                 return pos - buf;
3067         pos += res;
3068
3069         return pos - buf;
3070 }
3071
3072
3073 static int p2p_ctrl_set(struct wpa_supplicant *wpa_s, char *cmd)
3074 {
3075         char *param;
3076
3077         if (wpa_s->global->p2p == NULL)
3078                 return -1;
3079
3080         param = os_strchr(cmd, ' ');
3081         if (param == NULL)
3082                 return -1;
3083         *param++ = '\0';
3084
3085         if (os_strcmp(cmd, "discoverability") == 0) {
3086                 p2p_set_client_discoverability(wpa_s->global->p2p,
3087                                                atoi(param));
3088                 return 0;
3089         }
3090
3091         if (os_strcmp(cmd, "managed") == 0) {
3092                 p2p_set_managed_oper(wpa_s->global->p2p, atoi(param));
3093                 return 0;
3094         }
3095
3096         if (os_strcmp(cmd, "listen_channel") == 0) {
3097                 return p2p_set_listen_channel(wpa_s->global->p2p, 81,
3098                                               atoi(param));
3099         }
3100
3101         if (os_strcmp(cmd, "ssid_postfix") == 0) {
3102                 return p2p_set_ssid_postfix(wpa_s->global->p2p, (u8 *) param,
3103                                             os_strlen(param));
3104         }
3105
3106         if (os_strcmp(cmd, "noa") == 0) {
3107                 char *pos;
3108                 int count, start, duration;
3109                 /* GO NoA parameters: count,start_offset(ms),duration(ms) */
3110                 count = atoi(param);
3111                 pos = os_strchr(param, ',');
3112                 if (pos == NULL)
3113                         return -1;
3114                 pos++;
3115                 start = atoi(pos);
3116                 pos = os_strchr(pos, ',');
3117                 if (pos == NULL)
3118                         return -1;
3119                 pos++;
3120                 duration = atoi(pos);
3121                 if (count < 0 || count > 255 || start < 0 || duration < 0)
3122                         return -1;
3123                 if (count == 0 && duration > 0)
3124                         return -1;
3125                 wpa_printf(MSG_DEBUG, "CTRL_IFACE: P2P_SET GO NoA: count=%d "
3126                            "start=%d duration=%d", count, start, duration);
3127                 return wpas_p2p_set_noa(wpa_s, count, start, duration);
3128         }
3129
3130         if (os_strcmp(cmd, "ps") == 0)
3131                 return wpa_drv_set_p2p_powersave(wpa_s, atoi(param), -1, -1);
3132
3133         if (os_strcmp(cmd, "oppps") == 0)
3134                 return wpa_drv_set_p2p_powersave(wpa_s, -1, atoi(param), -1);
3135
3136         if (os_strcmp(cmd, "ctwindow") == 0)
3137                 return wpa_drv_set_p2p_powersave(wpa_s, -1, -1, atoi(param));
3138
3139         if (os_strcmp(cmd, "disabled") == 0) {
3140                 wpa_s->global->p2p_disabled = atoi(param);
3141                 wpa_printf(MSG_DEBUG, "P2P functionality %s",
3142                            wpa_s->global->p2p_disabled ?
3143                            "disabled" : "enabled");
3144                 if (wpa_s->global->p2p_disabled) {
3145                         wpas_p2p_stop_find(wpa_s);
3146                         os_memset(wpa_s->p2p_auth_invite, 0, ETH_ALEN);
3147                         p2p_flush(wpa_s->global->p2p);
3148                 }
3149                 return 0;
3150         }
3151
3152         if (os_strcmp(cmd, "force_long_sd") == 0) {
3153                 wpa_s->force_long_sd = atoi(param);
3154                 return 0;
3155         }
3156
3157         if (os_strcmp(cmd, "peer_filter") == 0) {
3158                 u8 addr[ETH_ALEN];
3159                 if (hwaddr_aton(param, addr))
3160                         return -1;
3161                 p2p_set_peer_filter(wpa_s->global->p2p, addr);
3162                 return 0;
3163         }
3164
3165         if (os_strcmp(cmd, "cross_connect") == 0)
3166                 return wpas_p2p_set_cross_connect(wpa_s, atoi(param));
3167
3168         if (os_strcmp(cmd, "go_apsd") == 0) {
3169                 if (os_strcmp(param, "disable") == 0)
3170                         wpa_s->set_ap_uapsd = 0;
3171                 else {
3172                         wpa_s->set_ap_uapsd = 1;
3173                         wpa_s->ap_uapsd = atoi(param);
3174                 }
3175                 return 0;
3176         }
3177
3178         if (os_strcmp(cmd, "client_apsd") == 0) {
3179                 if (os_strcmp(param, "disable") == 0)
3180                         wpa_s->set_sta_uapsd = 0;
3181                 else {
3182                         int be, bk, vi, vo;
3183                         char *pos;
3184                         /* format: BE,BK,VI,VO;max SP Length */
3185                         be = atoi(param);
3186                         pos = os_strchr(param, ',');
3187                         if (pos == NULL)
3188                                 return -1;
3189                         pos++;
3190                         bk = atoi(pos);
3191                         pos = os_strchr(pos, ',');
3192                         if (pos == NULL)
3193                                 return -1;
3194                         pos++;
3195                         vi = atoi(pos);
3196                         pos = os_strchr(pos, ',');
3197                         if (pos == NULL)
3198                                 return -1;
3199                         pos++;
3200                         vo = atoi(pos);
3201                         /* ignore max SP Length for now */
3202
3203                         wpa_s->set_sta_uapsd = 1;
3204                         wpa_s->sta_uapsd = 0;
3205                         if (be)
3206                                 wpa_s->sta_uapsd |= BIT(0);
3207                         if (bk)
3208                                 wpa_s->sta_uapsd |= BIT(1);
3209                         if (vi)
3210                                 wpa_s->sta_uapsd |= BIT(2);
3211                         if (vo)
3212                                 wpa_s->sta_uapsd |= BIT(3);
3213                 }
3214                 return 0;
3215         }
3216
3217         wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown P2P_SET field value '%s'",
3218                    cmd);
3219
3220         return -1;
3221 }
3222
3223
3224 static int p2p_ctrl_presence_req(struct wpa_supplicant *wpa_s, char *cmd)
3225 {
3226         char *pos, *pos2;
3227         unsigned int dur1 = 0, int1 = 0, dur2 = 0, int2 = 0;
3228
3229         if (cmd[0]) {
3230                 pos = os_strchr(cmd, ' ');
3231                 if (pos == NULL)
3232                         return -1;
3233                 *pos++ = '\0';
3234                 dur1 = atoi(cmd);
3235
3236                 pos2 = os_strchr(pos, ' ');
3237                 if (pos2)
3238                         *pos2++ = '\0';
3239                 int1 = atoi(pos);
3240         } else
3241                 pos2 = NULL;
3242
3243         if (pos2) {
3244                 pos = os_strchr(pos2, ' ');
3245                 if (pos == NULL)
3246                         return -1;
3247                 *pos++ = '\0';
3248                 dur2 = atoi(pos2);
3249                 int2 = atoi(pos);
3250         }
3251
3252         return wpas_p2p_presence_req(wpa_s, dur1, int1, dur2, int2);
3253 }
3254
3255
3256 static int p2p_ctrl_ext_listen(struct wpa_supplicant *wpa_s, char *cmd)
3257 {
3258         char *pos;
3259         unsigned int period = 0, interval = 0;
3260
3261         if (cmd[0]) {
3262                 pos = os_strchr(cmd, ' ');
3263                 if (pos == NULL)
3264                         return -1;
3265                 *pos++ = '\0';
3266                 period = atoi(cmd);
3267                 interval = atoi(pos);
3268         }
3269
3270         return wpas_p2p_ext_listen(wpa_s, period, interval);
3271 }
3272
3273 #endif /* CONFIG_P2P */
3274
3275
3276 #ifdef CONFIG_INTERWORKING
3277 static int ctrl_interworking_connect(struct wpa_supplicant *wpa_s, char *dst)
3278 {
3279         u8 bssid[ETH_ALEN];
3280         struct wpa_bss *bss;
3281
3282         if (hwaddr_aton(dst, bssid)) {
3283                 wpa_printf(MSG_DEBUG, "Invalid BSSID '%s'", dst);
3284                 return -1;
3285         }
3286
3287         bss = wpa_bss_get_bssid(wpa_s, bssid);
3288         if (bss == NULL) {
3289                 wpa_printf(MSG_DEBUG, "Could not find BSS " MACSTR,
3290                            MAC2STR(bssid));
3291                 return -1;
3292         }
3293
3294         return interworking_connect(wpa_s, bss);
3295 }
3296
3297
3298 static int get_anqp(struct wpa_supplicant *wpa_s, char *dst)
3299 {
3300         u8 dst_addr[ETH_ALEN];
3301         int used;
3302         char *pos;
3303 #define MAX_ANQP_INFO_ID 100
3304         u16 id[MAX_ANQP_INFO_ID];
3305         size_t num_id = 0;
3306
3307         used = hwaddr_aton2(dst, dst_addr);
3308         if (used < 0)
3309                 return -1;
3310         pos = dst + used;
3311         while (num_id < MAX_ANQP_INFO_ID) {
3312                 id[num_id] = atoi(pos);
3313                 if (id[num_id])
3314                         num_id++;
3315                 pos = os_strchr(pos + 1, ',');
3316                 if (pos == NULL)
3317                         break;
3318                 pos++;
3319         }
3320
3321         if (num_id == 0)
3322                 return -1;
3323
3324         return anqp_send_req(wpa_s, dst_addr, id, num_id);
3325 }
3326 #endif /* CONFIG_INTERWORKING */
3327
3328
3329 static int wpa_supplicant_ctrl_iface_sta_autoconnect(
3330         struct wpa_supplicant *wpa_s, char *cmd)
3331 {
3332         wpa_s->auto_reconnect_disabled = atoi(cmd) == 0 ? 1 : 0;
3333         return 0;
3334 }
3335
3336
3337 static int wpa_supplicant_signal_poll(struct wpa_supplicant *wpa_s, char *buf,
3338                                       size_t buflen)
3339 {
3340         struct wpa_signal_info si;
3341         int ret;
3342
3343         ret = wpa_drv_signal_poll(wpa_s, &si);
3344         if (ret)
3345                 return -1;
3346
3347         ret = os_snprintf(buf, buflen, "RSSI=%d\nLINKSPEED=%d\n"
3348                           "NOISE=%d\nFREQUENCY=%u\n",
3349                           si.current_signal, si.current_txrate / 1000,
3350                           si.current_noise, si.frequency);
3351         if (ret < 0 || (unsigned int) ret > buflen)
3352                 return -1;
3353         return ret;
3354 }
3355
3356
3357 char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
3358                                          char *buf, size_t *resp_len)
3359 {
3360         char *reply;
3361         const int reply_size = 4096;
3362         int ctrl_rsp = 0;
3363         int reply_len;
3364
3365         if (os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0 ||
3366             os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
3367                 wpa_hexdump_ascii_key(MSG_DEBUG, "RX ctrl_iface",
3368                                       (const u8 *) buf, os_strlen(buf));
3369         } else {
3370                 int level = MSG_DEBUG;
3371                 if (os_strcmp(buf, "PING") == 0)
3372                         level = MSG_EXCESSIVE;
3373                 wpa_hexdump_ascii(level, "RX ctrl_iface",
3374                                   (const u8 *) buf, os_strlen(buf));
3375         }
3376
3377         reply = os_malloc(reply_size);
3378         if (reply == NULL) {
3379                 *resp_len = 1;
3380                 return NULL;
3381         }
3382
3383         os_memcpy(reply, "OK\n", 3);
3384         reply_len = 3;
3385
3386         if (os_strcmp(buf, "PING") == 0) {
3387                 os_memcpy(reply, "PONG\n", 5);
3388                 reply_len = 5;
3389         } else if (os_strncmp(buf, "RELOG", 5) == 0) {
3390                 if (wpa_debug_reopen_file() < 0)
3391                         reply_len = -1;
3392         } else if (os_strncmp(buf, "NOTE ", 5) == 0) {
3393                 wpa_printf(MSG_INFO, "NOTE: %s", buf + 5);
3394         } else if (os_strcmp(buf, "MIB") == 0) {
3395                 reply_len = wpa_sm_get_mib(wpa_s->wpa, reply, reply_size);
3396                 if (reply_len >= 0) {
3397                         int res;
3398                         res = eapol_sm_get_mib(wpa_s->eapol, reply + reply_len,
3399                                                reply_size - reply_len);
3400                         if (res < 0)
3401                                 reply_len = -1;
3402                         else
3403                                 reply_len += res;
3404                 }
3405         } else if (os_strncmp(buf, "STATUS", 6) == 0) {
3406                 reply_len = wpa_supplicant_ctrl_iface_status(
3407                         wpa_s, buf + 6, reply, reply_size);
3408         } else if (os_strcmp(buf, "PMKSA") == 0) {
3409                 reply_len = wpa_sm_pmksa_cache_list(wpa_s->wpa, reply,
3410                                                     reply_size);
3411         } else if (os_strncmp(buf, "SET ", 4) == 0) {
3412                 if (wpa_supplicant_ctrl_iface_set(wpa_s, buf + 4))
3413                         reply_len = -1;
3414         } else if (os_strncmp(buf, "GET ", 4) == 0) {
3415                 reply_len = wpa_supplicant_ctrl_iface_get(wpa_s, buf + 4,
3416                                                           reply, reply_size);
3417         } else if (os_strcmp(buf, "LOGON") == 0) {
3418                 eapol_sm_notify_logoff(wpa_s->eapol, FALSE);
3419         } else if (os_strcmp(buf, "LOGOFF") == 0) {
3420                 eapol_sm_notify_logoff(wpa_s->eapol, TRUE);
3421         } else if (os_strcmp(buf, "REASSOCIATE") == 0) {
3422                 wpa_s->normal_scans = 0;
3423                 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
3424                         reply_len = -1;
3425                 else {
3426                         wpa_s->disconnected = 0;
3427                         wpa_s->reassociate = 1;
3428                         wpa_supplicant_req_scan(wpa_s, 0, 0);
3429                 }
3430         } else if (os_strcmp(buf, "RECONNECT") == 0) {
3431                 wpa_s->normal_scans = 0;
3432                 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
3433                         reply_len = -1;
3434                 else if (wpa_s->disconnected) {
3435                         wpa_s->disconnected = 0;
3436                         wpa_s->reassociate = 1;
3437                         wpa_supplicant_req_scan(wpa_s, 0, 0);
3438                 }
3439 #ifdef IEEE8021X_EAPOL
3440         } else if (os_strncmp(buf, "PREAUTH ", 8) == 0) {
3441                 if (wpa_supplicant_ctrl_iface_preauth(wpa_s, buf + 8))
3442                         reply_len = -1;
3443 #endif /* IEEE8021X_EAPOL */
3444 #ifdef CONFIG_PEERKEY
3445         } else if (os_strncmp(buf, "STKSTART ", 9) == 0) {
3446                 if (wpa_supplicant_ctrl_iface_stkstart(wpa_s, buf + 9))
3447                         reply_len = -1;
3448 #endif /* CONFIG_PEERKEY */
3449 #ifdef CONFIG_IEEE80211R
3450         } else if (os_strncmp(buf, "FT_DS ", 6) == 0) {
3451                 if (wpa_supplicant_ctrl_iface_ft_ds(wpa_s, buf + 6))
3452                         reply_len = -1;
3453 #endif /* CONFIG_IEEE80211R */
3454 #ifdef CONFIG_WPS
3455         } else if (os_strcmp(buf, "WPS_PBC") == 0) {
3456                 int res = wpa_supplicant_ctrl_iface_wps_pbc(wpa_s, NULL);
3457                 if (res == -2) {
3458                         os_memcpy(reply, "FAIL-PBC-OVERLAP\n", 17);
3459                         reply_len = 17;
3460                 } else if (res)
3461                         reply_len = -1;
3462         } else if (os_strncmp(buf, "WPS_PBC ", 8) == 0) {
3463                 int res = wpa_supplicant_ctrl_iface_wps_pbc(wpa_s, buf + 8);
3464                 if (res == -2) {
3465                         os_memcpy(reply, "FAIL-PBC-OVERLAP\n", 17);
3466                         reply_len = 17;
3467                 } else if (res)
3468                         reply_len = -1;
3469         } else if (os_strncmp(buf, "WPS_PIN ", 8) == 0) {
3470                 reply_len = wpa_supplicant_ctrl_iface_wps_pin(wpa_s, buf + 8,
3471                                                               reply,
3472                                                               reply_size);
3473         } else if (os_strncmp(buf, "WPS_CHECK_PIN ", 14) == 0) {
3474                 reply_len = wpa_supplicant_ctrl_iface_wps_check_pin(
3475                         wpa_s, buf + 14, reply, reply_size);
3476         } else if (os_strcmp(buf, "WPS_CANCEL") == 0) {
3477                 if (wpas_wps_cancel(wpa_s))
3478                         reply_len = -1;
3479 #ifdef CONFIG_WPS_OOB
3480         } else if (os_strncmp(buf, "WPS_OOB ", 8) == 0) {
3481                 if (wpa_supplicant_ctrl_iface_wps_oob(wpa_s, buf + 8))
3482                         reply_len = -1;
3483 #endif /* CONFIG_WPS_OOB */
3484         } else if (os_strncmp(buf, "WPS_REG ", 8) == 0) {
3485                 if (wpa_supplicant_ctrl_iface_wps_reg(wpa_s, buf + 8))
3486                         reply_len = -1;
3487 #ifdef CONFIG_AP
3488         } else if (os_strncmp(buf, "WPS_AP_PIN ", 11) == 0) {
3489                 reply_len = wpa_supplicant_ctrl_iface_wps_ap_pin(
3490                         wpa_s, buf + 11, reply, reply_size);
3491 #endif /* CONFIG_AP */
3492 #ifdef CONFIG_WPS_ER
3493         } else if (os_strcmp(buf, "WPS_ER_START") == 0) {
3494                 if (wpas_wps_er_start(wpa_s, NULL))
3495                         reply_len = -1;
3496         } else if (os_strncmp(buf, "WPS_ER_START ", 13) == 0) {
3497                 if (wpas_wps_er_start(wpa_s, buf + 13))
3498                         reply_len = -1;
3499         } else if (os_strcmp(buf, "WPS_ER_STOP") == 0) {
3500                 if (wpas_wps_er_stop(wpa_s))
3501                         reply_len = -1;
3502         } else if (os_strncmp(buf, "WPS_ER_PIN ", 11) == 0) {
3503                 if (wpa_supplicant_ctrl_iface_wps_er_pin(wpa_s, buf + 11))
3504                         reply_len = -1;
3505         } else if (os_strncmp(buf, "WPS_ER_PBC ", 11) == 0) {
3506                 int ret = wpas_wps_er_pbc(wpa_s, buf + 11);
3507                 if (ret == -2) {
3508                         os_memcpy(reply, "FAIL-PBC-OVERLAP\n", 17);
3509                         reply_len = 17;
3510                 } else if (ret == -3) {
3511                         os_memcpy(reply, "FAIL-UNKNOWN-UUID\n", 18);
3512                         reply_len = 18;
3513                 } else if (ret == -4) {
3514                         os_memcpy(reply, "FAIL-NO-AP-SETTINGS\n", 20);
3515                         reply_len = 20;
3516                 } else if (ret)
3517                         reply_len = -1;
3518         } else if (os_strncmp(buf, "WPS_ER_LEARN ", 13) == 0) {
3519                 if (wpa_supplicant_ctrl_iface_wps_er_learn(wpa_s, buf + 13))
3520                         reply_len = -1;
3521         } else if (os_strncmp(buf, "WPS_ER_SET_CONFIG ", 18) == 0) {
3522                 if (wpa_supplicant_ctrl_iface_wps_er_set_config(wpa_s,
3523                                                                 buf + 18))
3524                         reply_len = -1;
3525         } else if (os_strncmp(buf, "WPS_ER_CONFIG ", 14) == 0) {
3526                 if (wpa_supplicant_ctrl_iface_wps_er_config(wpa_s, buf + 14))
3527                         reply_len = -1;
3528 #endif /* CONFIG_WPS_ER */
3529 #endif /* CONFIG_WPS */
3530 #ifdef CONFIG_IBSS_RSN
3531         } else if (os_strncmp(buf, "IBSS_RSN ", 9) == 0) {
3532                 if (wpa_supplicant_ctrl_iface_ibss_rsn(wpa_s, buf + 9))
3533                         reply_len = -1;
3534 #endif /* CONFIG_IBSS_RSN */
3535 #ifdef CONFIG_P2P
3536         } else if (os_strncmp(buf, "P2P_FIND ", 9) == 0) {
3537                 if (p2p_ctrl_find(wpa_s, buf + 9))
3538                         reply_len = -1;
3539         } else if (os_strcmp(buf, "P2P_FIND") == 0) {
3540                 if (p2p_ctrl_find(wpa_s, ""))
3541                         reply_len = -1;
3542         } else if (os_strcmp(buf, "P2P_STOP_FIND") == 0) {
3543                 wpas_p2p_stop_find(wpa_s);
3544         } else if (os_strncmp(buf, "P2P_CONNECT ", 12) == 0) {
3545                 reply_len = p2p_ctrl_connect(wpa_s, buf + 12, reply,
3546                                              reply_size);
3547         } else if (os_strncmp(buf, "P2P_LISTEN ", 11) == 0) {
3548                 if (p2p_ctrl_listen(wpa_s, buf + 11))
3549                         reply_len = -1;
3550         } else if (os_strcmp(buf, "P2P_LISTEN") == 0) {
3551                 if (p2p_ctrl_listen(wpa_s, ""))
3552                         reply_len = -1;
3553         } else if (os_strncmp(buf, "P2P_GROUP_REMOVE ", 17) == 0) {
3554                 if (wpas_p2p_group_remove(wpa_s, buf + 17))
3555                         reply_len = -1;
3556         } else if (os_strcmp(buf, "P2P_GROUP_ADD") == 0) {
3557                 if (wpas_p2p_group_add(wpa_s, 0, 0))
3558                         reply_len = -1;
3559         } else if (os_strncmp(buf, "P2P_GROUP_ADD ", 14) == 0) {
3560                 if (p2p_ctrl_group_add(wpa_s, buf + 14))
3561                         reply_len = -1;
3562         } else if (os_strncmp(buf, "P2P_PROV_DISC ", 14) == 0) {
3563                 if (p2p_ctrl_prov_disc(wpa_s, buf + 14))
3564                         reply_len = -1;
3565         } else if (os_strcmp(buf, "P2P_GET_PASSPHRASE") == 0) {
3566                 reply_len = p2p_get_passphrase(wpa_s, reply, reply_size);
3567         } else if (os_strncmp(buf, "P2P_SERV_DISC_REQ ", 18) == 0) {
3568                 reply_len = p2p_ctrl_serv_disc_req(wpa_s, buf + 18, reply,
3569                                                    reply_size);
3570         } else if (os_strncmp(buf, "P2P_SERV_DISC_CANCEL_REQ ", 25) == 0) {
3571                 if (p2p_ctrl_serv_disc_cancel_req(wpa_s, buf + 25) < 0)
3572                         reply_len = -1;
3573         } else if (os_strncmp(buf, "P2P_SERV_DISC_RESP ", 19) == 0) {
3574                 if (p2p_ctrl_serv_disc_resp(wpa_s, buf + 19) < 0)
3575                         reply_len = -1;
3576         } else if (os_strcmp(buf, "P2P_SERVICE_UPDATE") == 0) {
3577                 wpas_p2p_sd_service_update(wpa_s);
3578         } else if (os_strncmp(buf, "P2P_SERV_DISC_EXTERNAL ", 23) == 0) {
3579                 if (p2p_ctrl_serv_disc_external(wpa_s, buf + 23) < 0)
3580                         reply_len = -1;
3581         } else if (os_strcmp(buf, "P2P_SERVICE_FLUSH") == 0) {
3582                 wpas_p2p_service_flush(wpa_s);
3583         } else if (os_strncmp(buf, "P2P_SERVICE_ADD ", 16) == 0) {
3584                 if (p2p_ctrl_service_add(wpa_s, buf + 16) < 0)
3585                         reply_len = -1;
3586         } else if (os_strncmp(buf, "P2P_SERVICE_DEL ", 16) == 0) {
3587                 if (p2p_ctrl_service_del(wpa_s, buf + 16) < 0)
3588                         reply_len = -1;
3589         } else if (os_strncmp(buf, "P2P_REJECT ", 11) == 0) {
3590                 if (p2p_ctrl_reject(wpa_s, buf + 11) < 0)
3591                         reply_len = -1;
3592         } else if (os_strncmp(buf, "P2P_INVITE ", 11) == 0) {
3593                 if (p2p_ctrl_invite(wpa_s, buf + 11) < 0)
3594                         reply_len = -1;
3595         } else if (os_strncmp(buf, "P2P_PEER ", 9) == 0) {
3596                 reply_len = p2p_ctrl_peer(wpa_s, buf + 9, reply,
3597                                               reply_size);
3598         } else if (os_strncmp(buf, "P2P_SET ", 8) == 0) {
3599                 if (p2p_ctrl_set(wpa_s, buf + 8) < 0)
3600                         reply_len = -1;
3601         } else if (os_strcmp(buf, "P2P_FLUSH") == 0) {
3602                 os_memset(wpa_s->p2p_auth_invite, 0, ETH_ALEN);
3603                 wpa_s->force_long_sd = 0;
3604                 if (wpa_s->global->p2p)
3605                         p2p_flush(wpa_s->global->p2p);
3606         } else if (os_strncmp(buf, "P2P_UNAUTHORIZE ", 16) == 0) {
3607                 if (wpas_p2p_unauthorize(wpa_s, buf + 16) < 0)
3608                         reply_len = -1;
3609         } else if (os_strcmp(buf, "P2P_CANCEL") == 0) {
3610                 if (wpas_p2p_cancel(wpa_s))
3611                         reply_len = -1;
3612         } else if (os_strncmp(buf, "P2P_PRESENCE_REQ ", 17) == 0) {
3613                 if (p2p_ctrl_presence_req(wpa_s, buf + 17) < 0)
3614                         reply_len = -1;
3615         } else if (os_strcmp(buf, "P2P_PRESENCE_REQ") == 0) {
3616                 if (p2p_ctrl_presence_req(wpa_s, "") < 0)
3617                         reply_len = -1;
3618         } else if (os_strncmp(buf, "P2P_EXT_LISTEN ", 15) == 0) {
3619                 if (p2p_ctrl_ext_listen(wpa_s, buf + 15) < 0)
3620                         reply_len = -1;
3621         } else if (os_strcmp(buf, "P2P_EXT_LISTEN") == 0) {
3622                 if (p2p_ctrl_ext_listen(wpa_s, "") < 0)
3623                         reply_len = -1;
3624 #endif /* CONFIG_P2P */
3625 #ifdef CONFIG_INTERWORKING
3626         } else if (os_strcmp(buf, "FETCH_ANQP") == 0) {
3627                 if (interworking_fetch_anqp(wpa_s) < 0)
3628                         reply_len = -1;
3629         } else if (os_strcmp(buf, "STOP_FETCH_ANQP") == 0) {
3630                 interworking_stop_fetch_anqp(wpa_s);
3631         } else if (os_strncmp(buf, "INTERWORKING_SELECT", 19) == 0) {
3632                 if (interworking_select(wpa_s, os_strstr(buf + 19, "auto") !=
3633                                         NULL) < 0)
3634                         reply_len = -1;
3635         } else if (os_strncmp(buf, "INTERWORKING_CONNECT ", 21) == 0) {
3636                 if (ctrl_interworking_connect(wpa_s, buf + 21) < 0)
3637                         reply_len = -1;
3638         } else if (os_strncmp(buf, "ANQP_GET ", 9) == 0) {
3639                 if (get_anqp(wpa_s, buf + 9) < 0)
3640                         reply_len = -1;
3641 #endif /* CONFIG_INTERWORKING */
3642         } else if (os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0)
3643         {
3644                 if (wpa_supplicant_ctrl_iface_ctrl_rsp(
3645                             wpa_s, buf + os_strlen(WPA_CTRL_RSP)))
3646                         reply_len = -1;
3647                 else
3648                         ctrl_rsp = 1;
3649         } else if (os_strcmp(buf, "RECONFIGURE") == 0) {
3650                 if (wpa_supplicant_reload_configuration(wpa_s))
3651                         reply_len = -1;
3652         } else if (os_strcmp(buf, "TERMINATE") == 0) {
3653                 wpa_supplicant_terminate_proc(wpa_s->global);
3654         } else if (os_strncmp(buf, "BSSID ", 6) == 0) {
3655                 if (wpa_supplicant_ctrl_iface_bssid(wpa_s, buf + 6))
3656                         reply_len = -1;
3657         } else if (os_strncmp(buf, "BLACKLIST", 9) == 0) {
3658                 reply_len = wpa_supplicant_ctrl_iface_blacklist(
3659                         wpa_s, buf + 9, reply, reply_size);
3660         } else if (os_strncmp(buf, "LOG_LEVEL", 9) == 0) {
3661                 reply_len = wpa_supplicant_ctrl_iface_log_level(
3662                         wpa_s, buf + 9, reply, reply_size);
3663         } else if (os_strcmp(buf, "LIST_NETWORKS") == 0) {
3664                 reply_len = wpa_supplicant_ctrl_iface_list_networks(
3665                         wpa_s, reply, reply_size);
3666         } else if (os_strcmp(buf, "DISCONNECT") == 0) {
3667                 wpa_s->reassociate = 0;
3668                 wpa_s->disconnected = 1;
3669                 wpa_supplicant_cancel_sched_scan(wpa_s);
3670                 wpa_supplicant_deauthenticate(wpa_s,
3671                                               WLAN_REASON_DEAUTH_LEAVING);
3672         } else if (os_strcmp(buf, "SCAN") == 0) {
3673                 wpa_s->normal_scans = 0;
3674                 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
3675                         reply_len = -1;
3676                 else {
3677                         if (!wpa_s->scanning &&
3678                             ((wpa_s->wpa_state <= WPA_SCANNING) ||
3679                              (wpa_s->wpa_state == WPA_COMPLETED))) {
3680                                 wpa_s->scan_req = 2;
3681                                 wpa_supplicant_req_scan(wpa_s, 0, 0);
3682                         } else {
3683                                 wpa_printf(MSG_DEBUG, "Ongoing scan action - "
3684                                            "reject new request");
3685                                 reply_len = os_snprintf(reply, reply_size,
3686                                                         "FAIL-BUSY\n");
3687                         }
3688                 }
3689         } else if (os_strcmp(buf, "SCAN_RESULTS") == 0) {
3690                 reply_len = wpa_supplicant_ctrl_iface_scan_results(
3691                         wpa_s, reply, reply_size);
3692         } else if (os_strncmp(buf, "SELECT_NETWORK ", 15) == 0) {
3693                 if (wpa_supplicant_ctrl_iface_select_network(wpa_s, buf + 15))
3694                         reply_len = -1;
3695         } else if (os_strncmp(buf, "ENABLE_NETWORK ", 15) == 0) {
3696                 if (wpa_supplicant_ctrl_iface_enable_network(wpa_s, buf + 15))
3697                         reply_len = -1;
3698         } else if (os_strncmp(buf, "DISABLE_NETWORK ", 16) == 0) {
3699                 if (wpa_supplicant_ctrl_iface_disable_network(wpa_s, buf + 16))
3700                         reply_len = -1;
3701         } else if (os_strcmp(buf, "ADD_NETWORK") == 0) {
3702                 reply_len = wpa_supplicant_ctrl_iface_add_network(
3703                         wpa_s, reply, reply_size);
3704         } else if (os_strncmp(buf, "REMOVE_NETWORK ", 15) == 0) {
3705                 if (wpa_supplicant_ctrl_iface_remove_network(wpa_s, buf + 15))
3706                         reply_len = -1;
3707         } else if (os_strncmp(buf, "SET_NETWORK ", 12) == 0) {
3708                 if (wpa_supplicant_ctrl_iface_set_network(wpa_s, buf + 12))
3709                         reply_len = -1;
3710         } else if (os_strncmp(buf, "GET_NETWORK ", 12) == 0) {
3711                 reply_len = wpa_supplicant_ctrl_iface_get_network(
3712                         wpa_s, buf + 12, reply, reply_size);
3713 #ifndef CONFIG_NO_CONFIG_WRITE
3714         } else if (os_strcmp(buf, "SAVE_CONFIG") == 0) {
3715                 if (wpa_supplicant_ctrl_iface_save_config(wpa_s))
3716                         reply_len = -1;
3717 #endif /* CONFIG_NO_CONFIG_WRITE */
3718         } else if (os_strncmp(buf, "GET_CAPABILITY ", 15) == 0) {
3719                 reply_len = wpa_supplicant_ctrl_iface_get_capability(
3720                         wpa_s, buf + 15, reply, reply_size);
3721         } else if (os_strncmp(buf, "AP_SCAN ", 8) == 0) {
3722                 if (wpa_supplicant_ctrl_iface_ap_scan(wpa_s, buf + 8))
3723                         reply_len = -1;
3724         } else if (os_strncmp(buf, "SCAN_INTERVAL ", 14) == 0) {
3725                 if (wpa_supplicant_ctrl_iface_scan_interval(wpa_s, buf + 14))
3726                         reply_len = -1;
3727         } else if (os_strcmp(buf, "INTERFACE_LIST") == 0) {
3728                 reply_len = wpa_supplicant_global_iface_list(
3729                         wpa_s->global, reply, reply_size);
3730         } else if (os_strcmp(buf, "INTERFACES") == 0) {
3731                 reply_len = wpa_supplicant_global_iface_interfaces(
3732                         wpa_s->global, reply, reply_size);
3733         } else if (os_strncmp(buf, "BSS ", 4) == 0) {
3734                 reply_len = wpa_supplicant_ctrl_iface_bss(
3735                         wpa_s, buf + 4, reply, reply_size);
3736 #ifdef CONFIG_AP
3737         } else if (os_strcmp(buf, "STA-FIRST") == 0) {
3738                 reply_len = ap_ctrl_iface_sta_first(wpa_s, reply, reply_size);
3739         } else if (os_strncmp(buf, "STA ", 4) == 0) {
3740                 reply_len = ap_ctrl_iface_sta(wpa_s, buf + 4, reply,
3741                                               reply_size);
3742         } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
3743                 reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
3744                                                    reply_size);
3745 #endif /* CONFIG_AP */
3746         } else if (os_strcmp(buf, "SUSPEND") == 0) {
3747                 wpas_notify_suspend(wpa_s->global);
3748         } else if (os_strcmp(buf, "RESUME") == 0) {
3749                 wpas_notify_resume(wpa_s->global);
3750         } else if (os_strcmp(buf, "DROP_SA") == 0) {
3751                 wpa_supplicant_ctrl_iface_drop_sa(wpa_s);
3752         } else if (os_strncmp(buf, "ROAM ", 5) == 0) {
3753                 if (wpa_supplicant_ctrl_iface_roam(wpa_s, buf + 5))
3754                         reply_len = -1;
3755         } else if (os_strncmp(buf, "STA_AUTOCONNECT ", 16) == 0) {
3756                 if (wpa_supplicant_ctrl_iface_sta_autoconnect(wpa_s, buf + 16))
3757                         reply_len = -1;
3758         } else if (os_strncmp(buf, "BSS_EXPIRE_AGE ", 15) == 0) {
3759                 if (wpa_supplicant_ctrl_iface_bss_expire_age(wpa_s, buf + 15))
3760                         reply_len = -1;
3761         } else if (os_strncmp(buf, "BSS_EXPIRE_COUNT ", 17) == 0) {
3762                 if (wpa_supplicant_ctrl_iface_bss_expire_count(wpa_s,
3763                                                                buf + 17))
3764                         reply_len = -1;
3765 #ifdef CONFIG_TDLS
3766         } else if (os_strncmp(buf, "TDLS_DISCOVER ", 14) == 0) {
3767                 if (wpa_supplicant_ctrl_iface_tdls_discover(wpa_s, buf + 14))
3768                         reply_len = -1;
3769         } else if (os_strncmp(buf, "TDLS_SETUP ", 11) == 0) {
3770                 if (wpa_supplicant_ctrl_iface_tdls_setup(wpa_s, buf + 11))
3771                         reply_len = -1;
3772         } else if (os_strncmp(buf, "TDLS_TEARDOWN ", 14) == 0) {
3773                 if (wpa_supplicant_ctrl_iface_tdls_teardown(wpa_s, buf + 14))
3774                         reply_len = -1;
3775 #endif /* CONFIG_TDLS */
3776         } else if (os_strncmp(buf, "SIGNAL_POLL", 11) == 0) {
3777                 reply_len = wpa_supplicant_signal_poll(wpa_s, reply,
3778                                                        reply_size);
3779         } else if (os_strcmp(buf, "REAUTHENTICATE") == 0) {
3780                 eapol_sm_request_reauth(wpa_s->eapol);
3781         } else {
3782                 os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
3783                 reply_len = 16;
3784         }
3785
3786         if (reply_len < 0) {
3787                 os_memcpy(reply, "FAIL\n", 5);
3788                 reply_len = 5;
3789         }
3790
3791         if (ctrl_rsp)
3792                 eapol_sm_notify_ctrl_response(wpa_s->eapol);
3793
3794         *resp_len = reply_len;
3795         return reply;
3796 }
3797
3798
3799 static int wpa_supplicant_global_iface_add(struct wpa_global *global,
3800                                            char *cmd)
3801 {
3802         struct wpa_interface iface;
3803         char *pos;
3804
3805         /*
3806          * <ifname>TAB<confname>TAB<driver>TAB<ctrl_interface>TAB<driver_param>
3807          * TAB<bridge_ifname>
3808          */
3809         wpa_printf(MSG_DEBUG, "CTRL_IFACE GLOBAL INTERFACE_ADD '%s'", cmd);
3810
3811         os_memset(&iface, 0, sizeof(iface));
3812
3813         do {
3814                 iface.ifname = pos = cmd;
3815                 pos = os_strchr(pos, '\t');
3816                 if (pos)
3817                         *pos++ = '\0';
3818                 if (iface.ifname[0] == '\0')
3819                         return -1;
3820                 if (pos == NULL)
3821                         break;
3822
3823                 iface.confname = pos;
3824                 pos = os_strchr(pos, '\t');
3825                 if (pos)
3826                         *pos++ = '\0';
3827                 if (iface.confname[0] == '\0')
3828                         iface.confname = NULL;
3829                 if (pos == NULL)
3830                         break;
3831
3832                 iface.driver = pos;
3833                 pos = os_strchr(pos, '\t');
3834                 if (pos)
3835                         *pos++ = '\0';
3836                 if (iface.driver[0] == '\0')
3837                         iface.driver = NULL;
3838                 if (pos == NULL)
3839                         break;
3840
3841                 iface.ctrl_interface = pos;
3842                 pos = os_strchr(pos, '\t');
3843                 if (pos)
3844                         *pos++ = '\0';
3845                 if (iface.ctrl_interface[0] == '\0')
3846                         iface.ctrl_interface = NULL;
3847                 if (pos == NULL)
3848                         break;
3849
3850                 iface.driver_param = pos;
3851                 pos = os_strchr(pos, '\t');
3852                 if (pos)
3853                         *pos++ = '\0';
3854                 if (iface.driver_param[0] == '\0')
3855                         iface.driver_param = NULL;
3856                 if (pos == NULL)
3857                         break;
3858
3859                 iface.bridge_ifname = pos;
3860                 pos = os_strchr(pos, '\t');
3861                 if (pos)
3862                         *pos++ = '\0';
3863                 if (iface.bridge_ifname[0] == '\0')
3864                         iface.bridge_ifname = NULL;
3865                 if (pos == NULL)
3866                         break;
3867         } while (0);
3868
3869         if (wpa_supplicant_get_iface(global, iface.ifname))
3870                 return -1;
3871
3872         return wpa_supplicant_add_iface(global, &iface) ? 0 : -1;
3873 }
3874
3875
3876 static int wpa_supplicant_global_iface_remove(struct wpa_global *global,
3877                                               char *cmd)
3878 {
3879         struct wpa_supplicant *wpa_s;
3880
3881         wpa_printf(MSG_DEBUG, "CTRL_IFACE GLOBAL INTERFACE_REMOVE '%s'", cmd);
3882
3883         wpa_s = wpa_supplicant_get_iface(global, cmd);
3884         if (wpa_s == NULL)
3885                 return -1;
3886         return wpa_supplicant_remove_iface(global, wpa_s);
3887 }
3888
3889
3890 static void wpa_free_iface_info(struct wpa_interface_info *iface)
3891 {
3892         struct wpa_interface_info *prev;
3893
3894         while (iface) {
3895                 prev = iface;
3896                 iface = iface->next;
3897
3898                 os_free(prev->ifname);
3899                 os_free(prev->desc);
3900                 os_free(prev);
3901         }
3902 }
3903
3904
3905 static int wpa_supplicant_global_iface_list(struct wpa_global *global,
3906                                             char *buf, int len)
3907 {
3908         int i, res;
3909         struct wpa_interface_info *iface = NULL, *last = NULL, *tmp;
3910         char *pos, *end;
3911
3912         for (i = 0; wpa_drivers[i]; i++) {
3913                 struct wpa_driver_ops *drv = wpa_drivers[i];
3914                 if (drv->get_interfaces == NULL)
3915                         continue;
3916                 tmp = drv->get_interfaces(global->drv_priv[i]);
3917                 if (tmp == NULL)
3918                         continue;
3919
3920                 if (last == NULL)
3921                         iface = last = tmp;
3922                 else
3923                         last->next = tmp;
3924                 while (last->next)
3925                         last = last->next;
3926         }
3927
3928         pos = buf;
3929         end = buf + len;
3930         for (tmp = iface; tmp; tmp = tmp->next) {
3931                 res = os_snprintf(pos, end - pos, "%s\t%s\t%s\n",
3932                                   tmp->drv_name, tmp->ifname,
3933                                   tmp->desc ? tmp->desc : "");
3934                 if (res < 0 || res >= end - pos) {
3935                         *pos = '\0';
3936                         break;
3937                 }
3938                 pos += res;
3939         }
3940
3941         wpa_free_iface_info(iface);
3942
3943         return pos - buf;
3944 }
3945
3946
3947 static int wpa_supplicant_global_iface_interfaces(struct wpa_global *global,
3948                                                   char *buf, int len)
3949 {
3950         int res;
3951         char *pos, *end;
3952         struct wpa_supplicant *wpa_s;
3953
3954         wpa_s = global->ifaces;
3955         pos = buf;
3956         end = buf + len;
3957
3958         while (wpa_s) {
3959                 res = os_snprintf(pos, end - pos, "%s\n", wpa_s->ifname);
3960                 if (res < 0 || res >= end - pos) {
3961                         *pos = '\0';
3962                         break;
3963                 }
3964                 pos += res;
3965                 wpa_s = wpa_s->next;
3966         }
3967         return pos - buf;
3968 }
3969
3970
3971 char * wpa_supplicant_global_ctrl_iface_process(struct wpa_global *global,
3972                                                 char *buf, size_t *resp_len)
3973 {
3974         char *reply;
3975         const int reply_size = 2048;
3976         int reply_len;
3977         int level = MSG_DEBUG;
3978
3979         if (os_strcmp(buf, "PING") == 0)
3980                 level = MSG_EXCESSIVE;
3981         wpa_hexdump_ascii(level, "RX global ctrl_iface",
3982                           (const u8 *) buf, os_strlen(buf));
3983
3984         reply = os_malloc(reply_size);
3985         if (reply == NULL) {
3986                 *resp_len = 1;
3987                 return NULL;
3988         }
3989
3990         os_memcpy(reply, "OK\n", 3);
3991         reply_len = 3;
3992
3993         if (os_strcmp(buf, "PING") == 0) {
3994                 os_memcpy(reply, "PONG\n", 5);
3995                 reply_len = 5;
3996         } else if (os_strncmp(buf, "INTERFACE_ADD ", 14) == 0) {
3997                 if (wpa_supplicant_global_iface_add(global, buf + 14))
3998                         reply_len = -1;
3999         } else if (os_strncmp(buf, "INTERFACE_REMOVE ", 17) == 0) {
4000                 if (wpa_supplicant_global_iface_remove(global, buf + 17))
4001                         reply_len = -1;
4002         } else if (os_strcmp(buf, "INTERFACE_LIST") == 0) {
4003                 reply_len = wpa_supplicant_global_iface_list(
4004                         global, reply, reply_size);
4005         } else if (os_strcmp(buf, "INTERFACES") == 0) {
4006                 reply_len = wpa_supplicant_global_iface_interfaces(
4007                         global, reply, reply_size);
4008         } else if (os_strcmp(buf, "TERMINATE") == 0) {
4009                 wpa_supplicant_terminate_proc(global);
4010         } else if (os_strcmp(buf, "SUSPEND") == 0) {
4011                 wpas_notify_suspend(global);
4012         } else if (os_strcmp(buf, "RESUME") == 0) {
4013                 wpas_notify_resume(global);
4014         } else {
4015                 os_memcpy(reply, "UNKNOWN COMMAND\n", 16);
4016                 reply_len = 16;
4017         }
4018
4019         if (reply_len < 0) {
4020                 os_memcpy(reply, "FAIL\n", 5);
4021                 reply_len = 5;
4022         }
4023
4024         *resp_len = reply_len;
4025         return reply;
4026 }
Moonshot GSS-API mechanism