3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 extern int wpa_debug_level;
108 extern int wpa_debug_show_keys;
109 extern int wpa_debug_timestamp;
110 extern struct wpa_driver_ops *wpa_drivers[];
112 /* Configure default/group WEP keys for static WEP */
113 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
117 for (i = 0; i < NUM_WEP_KEYS; i++) {
118 if (ssid->wep_key_len[i] == 0)
122 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
123 i, i == ssid->wep_tx_keyidx, NULL, 0,
124 ssid->wep_key[i], ssid->wep_key_len[i]);
131 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
132 struct wpa_ssid *ssid)
139 /* IBSS/WPA-None uses only one key (Group) for both receiving and
140 * sending unicast and multicast packets. */
142 if (ssid->mode != WPAS_MODE_IBSS) {
143 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
144 "IBSS/ad-hoc) for WPA-None", ssid->mode);
148 if (!ssid->psk_set) {
149 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
154 switch (wpa_s->group_cipher) {
155 case WPA_CIPHER_CCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_GCMP:
161 os_memcpy(key, ssid->psk, 16);
165 case WPA_CIPHER_TKIP:
166 /* WPA-None uses the same Michael MIC key for both TX and RX */
167 os_memcpy(key, ssid->psk, 16 + 8);
168 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
174 "WPA-None", wpa_s->group_cipher);
178 /* TODO: should actually remember the previously used seq#, both for TX
179 * and RX from each STA.. */
181 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
185 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
187 struct wpa_supplicant *wpa_s = eloop_ctx;
188 const u8 *bssid = wpa_s->bssid;
189 if (is_zero_ether_addr(bssid))
190 bssid = wpa_s->pending_bssid;
191 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
193 wpa_blacklist_add(wpa_s, bssid);
194 wpa_sm_notify_disassoc(wpa_s->wpa);
195 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
196 wpa_s->reassociate = 1;
199 * If we timed out, the AP or the local radio may be busy.
200 * So, wait a second until scanning again.
202 wpa_supplicant_req_scan(wpa_s, 1, 0);
204 wpas_p2p_continue_after_scan(wpa_s);
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
214 * This function is used to schedule a timeout for the current authentication
217 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
220 if (wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
224 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
239 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
241 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
254 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
256 #ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
260 #ifdef CONFIG_IBSS_RSN
261 if (ssid->mode == WPAS_MODE_IBSS &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
273 #endif /* CONFIG_IBSS_RSN */
275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
296 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
297 eapol_conf.required_keys = 0;
299 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
300 eapol_conf.workaround = ssid->eap_workaround;
301 eapol_conf.eap_disabled =
302 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
305 eapol_conf.external_sim = wpa_s->conf->external_sim;
306 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
307 #endif /* IEEE8021X_EAPOL */
312 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
313 * @wpa_s: Pointer to wpa_supplicant data
314 * @ssid: Configuration data for the network
316 * This function is used to configure WPA state machine and related parameters
317 * to a mode where WPA is not enabled. This is called as part of the
318 * authentication configuration when the selected network does not use WPA.
320 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
321 struct wpa_ssid *ssid)
325 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
326 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
327 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
328 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
330 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
331 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
333 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
334 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
335 wpa_s->group_cipher = WPA_CIPHER_NONE;
336 wpa_s->mgmt_group_cipher = 0;
338 for (i = 0; i < NUM_WEP_KEYS; i++) {
339 if (ssid->wep_key_len[i] > 5) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
341 wpa_s->group_cipher = WPA_CIPHER_WEP104;
343 } else if (ssid->wep_key_len[i] > 0) {
344 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
345 wpa_s->group_cipher = WPA_CIPHER_WEP40;
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
353 wpa_s->pairwise_cipher);
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
355 #ifdef CONFIG_IEEE80211W
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
357 wpa_s->mgmt_group_cipher);
358 #endif /* CONFIG_IEEE80211W */
360 pmksa_cache_clear_current(wpa_s->wpa);
364 void free_hw_features(struct wpa_supplicant *wpa_s)
367 if (wpa_s->hw.modes == NULL)
370 for (i = 0; i < wpa_s->hw.num_modes; i++) {
371 os_free(wpa_s->hw.modes[i].channels);
372 os_free(wpa_s->hw.modes[i].rates);
375 os_free(wpa_s->hw.modes);
376 wpa_s->hw.modes = NULL;
380 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
382 bgscan_deinit(wpa_s);
383 autoscan_deinit(wpa_s);
384 scard_deinit(wpa_s->scard);
386 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
387 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
388 l2_packet_deinit(wpa_s->l2);
391 l2_packet_deinit(wpa_s->l2_br);
395 if (wpa_s->conf != NULL) {
396 struct wpa_ssid *ssid;
397 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
398 wpas_notify_network_removed(wpa_s, ssid);
401 os_free(wpa_s->confname);
402 wpa_s->confname = NULL;
404 os_free(wpa_s->confanother);
405 wpa_s->confanother = NULL;
407 wpa_sm_set_eapol(wpa_s->wpa, NULL);
408 eapol_sm_deinit(wpa_s->eapol);
411 rsn_preauth_deinit(wpa_s->wpa);
414 wpa_tdls_deinit(wpa_s->wpa);
415 #endif /* CONFIG_TDLS */
417 pmksa_candidate_free(wpa_s->wpa);
418 wpa_sm_deinit(wpa_s->wpa);
420 wpa_blacklist_clear(wpa_s);
422 wpa_bss_deinit(wpa_s);
424 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
425 wpa_supplicant_cancel_scan(wpa_s);
426 wpa_supplicant_cancel_auth_timeout(wpa_s);
427 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
428 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
429 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
431 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
433 wpas_wps_deinit(wpa_s);
435 wpabuf_free(wpa_s->pending_eapol_rx);
436 wpa_s->pending_eapol_rx = NULL;
438 #ifdef CONFIG_IBSS_RSN
439 ibss_rsn_deinit(wpa_s->ibss_rsn);
440 wpa_s->ibss_rsn = NULL;
441 #endif /* CONFIG_IBSS_RSN */
446 wpa_supplicant_ap_deinit(wpa_s);
447 #endif /* CONFIG_AP */
450 wpas_p2p_deinit(wpa_s);
451 #endif /* CONFIG_P2P */
453 #ifdef CONFIG_OFFCHANNEL
454 offchannel_deinit(wpa_s);
455 #endif /* CONFIG_OFFCHANNEL */
457 wpa_supplicant_cancel_sched_scan(wpa_s);
459 os_free(wpa_s->next_scan_freqs);
460 wpa_s->next_scan_freqs = NULL;
462 gas_query_deinit(wpa_s->gas);
465 free_hw_features(wpa_s);
467 os_free(wpa_s->bssid_filter);
468 wpa_s->bssid_filter = NULL;
470 os_free(wpa_s->disallow_aps_bssid);
471 wpa_s->disallow_aps_bssid = NULL;
472 os_free(wpa_s->disallow_aps_ssid);
473 wpa_s->disallow_aps_ssid = NULL;
475 wnm_bss_keep_alive_deinit(wpa_s);
477 wnm_deallocate_memory(wpa_s);
478 #endif /* CONFIG_WNM */
480 ext_password_deinit(wpa_s->ext_pw);
481 wpa_s->ext_pw = NULL;
483 wpabuf_free(wpa_s->last_gas_resp);
485 os_free(wpa_s->last_scan_res);
486 wpa_s->last_scan_res = NULL;
491 * wpa_clear_keys - Clear keys configured for the driver
492 * @wpa_s: Pointer to wpa_supplicant data
493 * @addr: Previously used BSSID or %NULL if not available
495 * This function clears the encryption keys that has been previously configured
498 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
500 if (wpa_s->keys_cleared) {
501 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
502 * timing issues with keys being cleared just before new keys
503 * are set or just after association or something similar. This
504 * shows up in group key handshake failing often because of the
505 * client not receiving the first encrypted packets correctly.
506 * Skipping some of the extra key clearing steps seems to help
507 * in completing group key handshake more reliably. */
508 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
509 "skip key clearing");
513 /* MLME-DELETEKEYS.request */
514 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
516 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
517 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
518 #ifdef CONFIG_IEEE80211W
519 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
521 #endif /* CONFIG_IEEE80211W */
523 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
525 /* MLME-SETPROTECTION.request(None) */
526 wpa_drv_mlme_setprotection(
528 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
529 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
531 wpa_s->keys_cleared = 1;
536 * wpa_supplicant_state_txt - Get the connection state name as a text string
537 * @state: State (wpa_state; WPA_*)
538 * Returns: The state name as a printable text string
540 const char * wpa_supplicant_state_txt(enum wpa_states state)
543 case WPA_DISCONNECTED:
544 return "DISCONNECTED";
547 case WPA_INTERFACE_DISABLED:
548 return "INTERFACE_DISABLED";
551 case WPA_AUTHENTICATING:
552 return "AUTHENTICATING";
553 case WPA_ASSOCIATING:
554 return "ASSOCIATING";
557 case WPA_4WAY_HANDSHAKE:
558 return "4WAY_HANDSHAKE";
559 case WPA_GROUP_HANDSHAKE:
560 return "GROUP_HANDSHAKE";
571 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
575 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
576 name = wpa_s->current_ssid->bgscan;
578 name = wpa_s->conf->bgscan;
581 if (wpas_driver_bss_selection(wpa_s))
583 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
586 bgscan_deinit(wpa_s);
587 if (wpa_s->current_ssid) {
588 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
589 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
592 * Live without bgscan; it is only used as a roaming
593 * optimization, so the initial connection is not
597 struct wpa_scan_results *scan_res;
598 wpa_s->bgscan_ssid = wpa_s->current_ssid;
599 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
602 bgscan_notify_scan(wpa_s, scan_res);
603 wpa_scan_results_free(scan_res);
607 wpa_s->bgscan_ssid = NULL;
611 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
613 if (wpa_s->bgscan_ssid != NULL) {
614 bgscan_deinit(wpa_s);
615 wpa_s->bgscan_ssid = NULL;
619 #endif /* CONFIG_BGSCAN */
622 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
624 if (autoscan_init(wpa_s, 0))
625 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
629 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
631 autoscan_deinit(wpa_s);
635 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
637 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
638 wpa_s->wpa_state == WPA_SCANNING) {
639 autoscan_deinit(wpa_s);
640 wpa_supplicant_start_autoscan(wpa_s);
646 * wpa_supplicant_set_state - Set current connection state
647 * @wpa_s: Pointer to wpa_supplicant data
648 * @state: The new connection state
650 * This function is called whenever the connection state changes, e.g.,
651 * association is completed for WPA/WPA2 4-Way Handshake is started.
653 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
654 enum wpa_states state)
656 enum wpa_states old_state = wpa_s->wpa_state;
658 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
659 wpa_supplicant_state_txt(wpa_s->wpa_state),
660 wpa_supplicant_state_txt(state));
662 if (state != WPA_SCANNING)
663 wpa_supplicant_notify_scanning(wpa_s, 0);
665 if (state == WPA_COMPLETED && wpa_s->new_connection) {
666 struct wpa_ssid *ssid = wpa_s->current_ssid;
667 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
668 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
669 MACSTR " completed [id=%d id_str=%s]",
670 MAC2STR(wpa_s->bssid),
671 ssid ? ssid->id : -1,
672 ssid && ssid->id_str ? ssid->id_str : "");
673 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
674 wpas_clear_temp_disabled(wpa_s, ssid, 1);
675 wpa_s->extra_blacklist_count = 0;
676 wpa_s->new_connection = 0;
677 wpa_drv_set_operstate(wpa_s, 1);
678 #ifndef IEEE8021X_EAPOL
679 wpa_drv_set_supp_port(wpa_s, 1);
680 #endif /* IEEE8021X_EAPOL */
681 wpa_s->after_wps = 0;
682 wpa_s->known_wps_freq = 0;
684 wpas_p2p_completed(wpa_s);
685 #endif /* CONFIG_P2P */
687 sme_sched_obss_scan(wpa_s, 1);
688 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
689 state == WPA_ASSOCIATED) {
690 wpa_s->new_connection = 1;
691 wpa_drv_set_operstate(wpa_s, 0);
692 #ifndef IEEE8021X_EAPOL
693 wpa_drv_set_supp_port(wpa_s, 0);
694 #endif /* IEEE8021X_EAPOL */
695 sme_sched_obss_scan(wpa_s, 0);
697 wpa_s->wpa_state = state;
700 if (state == WPA_COMPLETED)
701 wpa_supplicant_start_bgscan(wpa_s);
702 else if (state < WPA_ASSOCIATED)
703 wpa_supplicant_stop_bgscan(wpa_s);
704 #endif /* CONFIG_BGSCAN */
706 if (state == WPA_AUTHENTICATING)
707 wpa_supplicant_stop_autoscan(wpa_s);
709 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
710 wpa_supplicant_start_autoscan(wpa_s);
712 if (wpa_s->wpa_state != old_state) {
713 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
715 if (wpa_s->wpa_state == WPA_COMPLETED ||
716 old_state == WPA_COMPLETED)
717 wpas_notify_auth_changed(wpa_s);
722 void wpa_supplicant_terminate_proc(struct wpa_global *global)
726 struct wpa_supplicant *wpa_s = global->ifaces;
728 struct wpa_supplicant *next = wpa_s->next;
730 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
731 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
732 wpas_p2p_disconnect(wpa_s);
733 #endif /* CONFIG_P2P */
734 if (wpas_wps_terminate_pending(wpa_s) == 1)
738 #endif /* CONFIG_WPS */
745 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
747 struct wpa_global *global = signal_ctx;
748 wpa_supplicant_terminate_proc(global);
752 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
754 enum wpa_states old_state = wpa_s->wpa_state;
756 wpa_s->pairwise_cipher = 0;
757 wpa_s->group_cipher = 0;
758 wpa_s->mgmt_group_cipher = 0;
760 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
761 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
763 if (wpa_s->wpa_state != old_state)
764 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
769 * wpa_supplicant_reload_configuration - Reload configuration data
770 * @wpa_s: Pointer to wpa_supplicant data
771 * Returns: 0 on success or -1 if configuration parsing failed
773 * This function can be used to request that the configuration data is reloaded
774 * (e.g., after configuration file change). This function is reloading
775 * configuration only for one interface, so this may need to be called multiple
776 * times if %wpa_supplicant is controlling multiple interfaces and all
777 * interfaces need reconfiguration.
779 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
781 struct wpa_config *conf;
785 if (wpa_s->confname == NULL)
787 conf = wpa_config_read(wpa_s->confname, NULL);
789 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
790 "file '%s' - exiting", wpa_s->confname);
793 wpa_config_read(wpa_s->confanother, conf);
795 conf->changed_parameters = (unsigned int) -1;
797 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
798 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
799 os_strcmp(conf->ctrl_interface,
800 wpa_s->conf->ctrl_interface) != 0);
802 if (reconf_ctrl && wpa_s->ctrl_iface) {
803 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
804 wpa_s->ctrl_iface = NULL;
807 eapol_sm_invalidate_cached_session(wpa_s->eapol);
808 if (wpa_s->current_ssid) {
809 wpa_supplicant_deauthenticate(wpa_s,
810 WLAN_REASON_DEAUTH_LEAVING);
814 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
815 * pkcs11_engine_path, pkcs11_module_path.
817 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
819 * Clear forced success to clear EAP state for next
822 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
824 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
825 wpa_sm_set_config(wpa_s->wpa, NULL);
826 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
827 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
828 rsn_preauth_deinit(wpa_s->wpa);
830 old_ap_scan = wpa_s->conf->ap_scan;
831 wpa_config_free(wpa_s->conf);
833 if (old_ap_scan != wpa_s->conf->ap_scan)
834 wpas_notify_ap_scan_changed(wpa_s);
837 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
839 wpa_supplicant_update_config(wpa_s);
841 wpa_supplicant_clear_status(wpa_s);
842 if (wpa_supplicant_enabled_networks(wpa_s)) {
843 wpa_s->reassociate = 1;
844 wpa_supplicant_req_scan(wpa_s, 0, 0);
846 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
851 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
853 struct wpa_global *global = signal_ctx;
854 struct wpa_supplicant *wpa_s;
855 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
856 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
858 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
859 wpa_supplicant_terminate_proc(global);
865 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
868 case WPA_KEY_MGMT_NONE:
869 return KEY_MGMT_NONE;
870 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
871 return KEY_MGMT_802_1X_NO_WPA;
872 case WPA_KEY_MGMT_IEEE8021X:
873 return KEY_MGMT_802_1X;
874 case WPA_KEY_MGMT_WPA_NONE:
875 return KEY_MGMT_WPA_NONE;
876 case WPA_KEY_MGMT_FT_IEEE8021X:
877 return KEY_MGMT_FT_802_1X;
878 case WPA_KEY_MGMT_FT_PSK:
879 return KEY_MGMT_FT_PSK;
880 case WPA_KEY_MGMT_IEEE8021X_SHA256:
881 return KEY_MGMT_802_1X_SHA256;
882 case WPA_KEY_MGMT_PSK_SHA256:
883 return KEY_MGMT_PSK_SHA256;
884 case WPA_KEY_MGMT_WPS:
886 case WPA_KEY_MGMT_PSK:
893 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
894 struct wpa_ssid *ssid,
895 struct wpa_ie_data *ie)
897 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
900 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
901 "from association info");
906 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
908 if (!(ie->group_cipher & ssid->group_cipher)) {
909 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
910 "cipher 0x%x (mask 0x%x) - reject",
911 ie->group_cipher, ssid->group_cipher);
914 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
915 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
916 "cipher 0x%x (mask 0x%x) - reject",
917 ie->pairwise_cipher, ssid->pairwise_cipher);
920 if (!(ie->key_mgmt & ssid->key_mgmt)) {
921 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
922 "management 0x%x (mask 0x%x) - reject",
923 ie->key_mgmt, ssid->key_mgmt);
927 #ifdef CONFIG_IEEE80211W
928 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
929 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
930 wpa_s->conf->pmf : ssid->ieee80211w) ==
931 MGMT_FRAME_PROTECTION_REQUIRED) {
932 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
933 "that does not support management frame protection - "
937 #endif /* CONFIG_IEEE80211W */
944 * wpa_supplicant_set_suites - Set authentication and encryption parameters
945 * @wpa_s: Pointer to wpa_supplicant data
946 * @bss: Scan results for the selected BSS, or %NULL if not available
947 * @ssid: Configuration data for the selected network
948 * @wpa_ie: Buffer for the WPA/RSN IE
949 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
950 * used buffer length in case the functions returns success.
951 * Returns: 0 on success or -1 on failure
953 * This function is used to configure authentication and encryption parameters
954 * based on the network configuration and scan result for the selected BSS (if
957 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
958 struct wpa_bss *bss, struct wpa_ssid *ssid,
959 u8 *wpa_ie, size_t *wpa_ie_len)
961 struct wpa_ie_data ie;
963 const u8 *bss_wpa, *bss_rsn;
966 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
967 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
969 bss_wpa = bss_rsn = NULL;
971 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
972 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
973 (ie.group_cipher & ssid->group_cipher) &&
974 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
975 (ie.key_mgmt & ssid->key_mgmt)) {
976 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
977 proto = WPA_PROTO_RSN;
978 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
979 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
980 (ie.group_cipher & ssid->group_cipher) &&
981 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
982 (ie.key_mgmt & ssid->key_mgmt)) {
983 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
984 proto = WPA_PROTO_WPA;
986 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
989 if (ssid->proto & WPA_PROTO_RSN)
990 proto = WPA_PROTO_RSN;
992 proto = WPA_PROTO_WPA;
993 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
994 os_memset(&ie, 0, sizeof(ie));
995 ie.group_cipher = ssid->group_cipher;
996 ie.pairwise_cipher = ssid->pairwise_cipher;
997 ie.key_mgmt = ssid->key_mgmt;
998 #ifdef CONFIG_IEEE80211W
999 ie.mgmt_group_cipher =
1000 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1001 WPA_CIPHER_AES_128_CMAC : 0;
1002 #endif /* CONFIG_IEEE80211W */
1003 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1004 "based on configuration");
1009 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1010 "pairwise %d key_mgmt %d proto %d",
1011 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1012 #ifdef CONFIG_IEEE80211W
1013 if (ssid->ieee80211w) {
1014 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1015 ie.mgmt_group_cipher);
1017 #endif /* CONFIG_IEEE80211W */
1019 wpa_s->wpa_proto = proto;
1020 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1021 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1022 !!(ssid->proto & WPA_PROTO_RSN));
1024 if (bss || !wpa_s->ap_ies_from_associnfo) {
1025 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1026 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1027 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1028 bss_rsn ? 2 + bss_rsn[1] : 0))
1032 sel = ie.group_cipher & ssid->group_cipher;
1033 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1034 if (wpa_s->group_cipher < 0) {
1035 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1039 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1040 wpa_cipher_txt(wpa_s->group_cipher));
1042 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1043 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1044 if (wpa_s->pairwise_cipher < 0) {
1045 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1049 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1050 wpa_cipher_txt(wpa_s->pairwise_cipher));
1052 sel = ie.key_mgmt & ssid->key_mgmt;
1054 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1055 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1056 #endif /* CONFIG_SAE */
1058 #ifdef CONFIG_IEEE80211R
1059 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1060 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1061 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1062 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1063 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1064 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1065 #endif /* CONFIG_IEEE80211R */
1067 } else if (sel & WPA_KEY_MGMT_SAE) {
1068 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1069 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1070 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1071 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1072 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1073 #endif /* CONFIG_SAE */
1074 #ifdef CONFIG_IEEE80211W
1075 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1076 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1077 wpa_dbg(wpa_s, MSG_DEBUG,
1078 "WPA: using KEY_MGMT 802.1X with SHA256");
1079 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1080 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1081 wpa_dbg(wpa_s, MSG_DEBUG,
1082 "WPA: using KEY_MGMT PSK with SHA256");
1083 #endif /* CONFIG_IEEE80211W */
1084 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1085 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1086 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1087 } else if (sel & WPA_KEY_MGMT_PSK) {
1088 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1089 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1090 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1091 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1092 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1094 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1095 "authenticated key management type");
1099 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1100 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1101 wpa_s->pairwise_cipher);
1102 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1104 #ifdef CONFIG_IEEE80211W
1105 sel = ie.mgmt_group_cipher;
1106 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1107 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1108 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1110 if (sel & WPA_CIPHER_AES_128_CMAC) {
1111 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1112 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1115 wpa_s->mgmt_group_cipher = 0;
1116 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1118 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1119 wpa_s->mgmt_group_cipher);
1120 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1121 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1122 wpa_s->conf->pmf : ssid->ieee80211w));
1123 #endif /* CONFIG_IEEE80211W */
1125 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1126 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1130 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1131 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1132 #ifndef CONFIG_NO_PBKDF2
1133 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1136 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1137 4096, psk, PMK_LEN);
1138 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1140 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1142 #endif /* CONFIG_NO_PBKDF2 */
1143 #ifdef CONFIG_EXT_PASSWORD
1144 if (ssid->ext_psk) {
1145 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1147 char pw_str[64 + 1];
1151 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1152 "found from external storage");
1156 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1157 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1158 "PSK length %d in external storage",
1159 (int) wpabuf_len(pw));
1160 ext_password_free(pw);
1164 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1165 pw_str[wpabuf_len(pw)] = '\0';
1167 #ifndef CONFIG_NO_PBKDF2
1168 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1170 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1171 4096, psk, PMK_LEN);
1172 os_memset(pw_str, 0, sizeof(pw_str));
1173 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1174 "external passphrase)",
1176 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1178 #endif /* CONFIG_NO_PBKDF2 */
1179 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1180 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1181 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1182 "Invalid PSK hex string");
1183 os_memset(pw_str, 0, sizeof(pw_str));
1184 ext_password_free(pw);
1187 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1189 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1191 os_memset(pw_str, 0, sizeof(pw_str));
1192 ext_password_free(pw);
1196 os_memset(pw_str, 0, sizeof(pw_str));
1197 ext_password_free(pw);
1199 #endif /* CONFIG_EXT_PASSWORD */
1201 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1207 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1212 case 0: /* Bits 0-7 */
1214 case 1: /* Bits 8-15 */
1216 case 2: /* Bits 16-23 */
1218 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1219 *pos |= 0x08; /* Bit 19 - BSS Transition */
1220 #endif /* CONFIG_WNM */
1222 case 3: /* Bits 24-31 */
1224 *pos |= 0x02; /* Bit 25 - SSID List */
1225 #endif /* CONFIG_WNM */
1226 #ifdef CONFIG_INTERWORKING
1227 if (wpa_s->conf->interworking)
1228 *pos |= 0x80; /* Bit 31 - Interworking */
1229 #endif /* CONFIG_INTERWORKING */
1231 case 4: /* Bits 32-39 */
1232 #ifdef CONFIG_INTERWORKING
1233 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1234 *pos |= 0x01; /* Bit 32 - QoS Map */
1235 #endif /* CONFIG_INTERWORKING */
1237 case 5: /* Bits 40-47 */
1239 case 6: /* Bits 48-55 */
1245 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1250 if (len < wpa_s->extended_capa_len)
1251 len = wpa_s->extended_capa_len;
1253 *pos++ = WLAN_EID_EXT_CAPAB;
1255 for (i = 0; i < len; i++, pos++) {
1256 wpas_ext_capab_byte(wpa_s, pos, i);
1258 if (i < wpa_s->extended_capa_len) {
1259 *pos &= ~wpa_s->extended_capa_mask[i];
1260 *pos |= wpa_s->extended_capa[i];
1264 while (len > 0 && buf[1 + len] == 0) {
1276 * wpa_supplicant_associate - Request association
1277 * @wpa_s: Pointer to wpa_supplicant data
1278 * @bss: Scan results for the selected BSS, or %NULL if not available
1279 * @ssid: Configuration data for the selected network
1281 * This function is used to request %wpa_supplicant to associate with a BSS.
1283 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1284 struct wpa_bss *bss, struct wpa_ssid *ssid)
1288 int use_crypt, ret, i, bssid_changed;
1289 int algs = WPA_AUTH_ALG_OPEN;
1290 enum wpa_cipher cipher_pairwise, cipher_group;
1291 struct wpa_driver_associate_params params;
1292 int wep_keys_set = 0;
1293 int assoc_failed = 0;
1294 struct wpa_ssid *old_ssid;
1295 #ifdef CONFIG_HT_OVERRIDES
1296 struct ieee80211_ht_capabilities htcaps;
1297 struct ieee80211_ht_capabilities htcaps_mask;
1298 #endif /* CONFIG_HT_OVERRIDES */
1300 #ifdef CONFIG_IBSS_RSN
1301 ibss_rsn_deinit(wpa_s->ibss_rsn);
1302 wpa_s->ibss_rsn = NULL;
1303 #endif /* CONFIG_IBSS_RSN */
1305 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1306 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1308 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1309 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1313 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1314 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1315 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1316 wpas_p2p_ap_setup_failed(wpa_s);
1319 wpa_s->current_bss = bss;
1320 #else /* CONFIG_AP */
1321 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1323 #endif /* CONFIG_AP */
1329 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1331 #endif /* CONFIG_TDLS */
1333 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1334 ssid->mode == IEEE80211_MODE_INFRA) {
1335 sme_authenticate(wpa_s, bss, ssid);
1339 os_memset(¶ms, 0, sizeof(params));
1340 wpa_s->reassociate = 0;
1341 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1342 #ifdef CONFIG_IEEE80211R
1343 const u8 *ie, *md = NULL;
1344 #endif /* CONFIG_IEEE80211R */
1345 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1346 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1347 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1348 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1349 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1350 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1352 wpas_notify_bssid_changed(wpa_s);
1353 #ifdef CONFIG_IEEE80211R
1354 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1355 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1357 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1359 /* Prepare for the next transition */
1360 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1362 #endif /* CONFIG_IEEE80211R */
1364 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1365 wpa_s->conf->ap_scan == 2 &&
1366 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1367 /* Use ap_scan==1 style network selection to find the network
1369 wpa_s->scan_req = MANUAL_SCAN_REQ;
1370 wpa_s->reassociate = 1;
1371 wpa_supplicant_req_scan(wpa_s, 0, 0);
1373 #endif /* CONFIG_WPS */
1375 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1376 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1377 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1379 wpa_supplicant_cancel_sched_scan(wpa_s);
1380 wpa_supplicant_cancel_scan(wpa_s);
1382 /* Starting new association, so clear the possibly used WPA IE from the
1383 * previous association. */
1384 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1386 #ifdef IEEE8021X_EAPOL
1387 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1389 if (ssid->non_leap == 0)
1390 algs = WPA_AUTH_ALG_LEAP;
1392 algs |= WPA_AUTH_ALG_LEAP;
1395 #endif /* IEEE8021X_EAPOL */
1396 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1397 if (ssid->auth_alg) {
1398 algs = ssid->auth_alg;
1399 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1403 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1404 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1405 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1406 int try_opportunistic;
1407 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1409 ssid->proactive_key_caching) &&
1410 (ssid->proto & WPA_PROTO_RSN);
1411 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1412 ssid, try_opportunistic) == 0)
1413 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1414 wpa_ie_len = sizeof(wpa_ie);
1415 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1416 wpa_ie, &wpa_ie_len)) {
1417 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1418 "key management and encryption suites");
1421 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1422 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1424 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1425 * use non-WPA since the scan results did not indicate that the
1426 * AP is using WPA or WPA2.
1428 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1430 wpa_s->wpa_proto = 0;
1431 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1432 wpa_ie_len = sizeof(wpa_ie);
1433 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1434 wpa_ie, &wpa_ie_len)) {
1435 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1436 "key management and encryption suites (no "
1441 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1442 struct wpabuf *wps_ie;
1443 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1444 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1445 wpa_ie_len = wpabuf_len(wps_ie);
1446 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1449 wpabuf_free(wps_ie);
1450 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1451 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1452 params.wps = WPS_MODE_PRIVACY;
1454 params.wps = WPS_MODE_OPEN;
1455 wpa_s->wpa_proto = 0;
1456 #endif /* CONFIG_WPS */
1458 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1460 wpa_s->wpa_proto = 0;
1464 if (wpa_s->global->p2p) {
1468 pos = wpa_ie + wpa_ie_len;
1469 len = sizeof(wpa_ie) - wpa_ie_len;
1470 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1476 wpa_s->cross_connect_disallowed = 0;
1479 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1481 wpa_s->cross_connect_disallowed =
1482 p2p_get_cross_connect_disallowed(p2p);
1484 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1486 wpa_s->cross_connect_disallowed ?
1487 "disallows" : "allows");
1490 #endif /* CONFIG_P2P */
1493 if (is_hs20_network(wpa_s, ssid, bss)) {
1494 struct wpabuf *hs20;
1495 hs20 = wpabuf_alloc(20);
1497 wpas_hs20_add_indication(hs20);
1498 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1500 wpa_ie_len += wpabuf_len(hs20);
1504 #endif /* CONFIG_HS20 */
1507 * Workaround: Add Extended Capabilities element only if the AP
1508 * included this element in Beacon/Probe Response frames. Some older
1509 * APs seem to have interoperability issues if this element is
1510 * included, so while the standard may require us to include the
1511 * element in all cases, it is justifiable to skip it to avoid
1512 * interoperability issues.
1514 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1517 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1518 if (ext_capab_len > 0) {
1520 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1522 os_memmove(pos + ext_capab_len, pos,
1523 wpa_ie_len - (pos - wpa_ie));
1524 wpa_ie_len += ext_capab_len;
1525 os_memcpy(pos, ext_capab, ext_capab_len);
1529 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1531 cipher_pairwise = wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher);
1532 cipher_group = wpa_cipher_to_suite_driver(wpa_s->group_cipher);
1533 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1534 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1535 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1537 if (wpa_set_wep_keys(wpa_s, ssid)) {
1542 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1545 #ifdef IEEE8021X_EAPOL
1546 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1547 if ((ssid->eapol_flags &
1548 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1549 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1553 /* Assume that dynamic WEP-104 keys will be used and
1554 * set cipher suites in order for drivers to expect
1556 cipher_pairwise = cipher_group = CIPHER_WEP104;
1559 #endif /* IEEE8021X_EAPOL */
1561 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1562 /* Set the key before (and later after) association */
1563 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1566 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1568 params.ssid = bss->ssid;
1569 params.ssid_len = bss->ssid_len;
1570 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1571 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1572 MACSTR " freq=%u MHz based on scan results "
1574 MAC2STR(bss->bssid), bss->freq,
1576 params.bssid = bss->bssid;
1577 params.freq = bss->freq;
1580 params.ssid = ssid->ssid;
1581 params.ssid_len = ssid->ssid_len;
1584 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1585 wpa_s->conf->ap_scan == 2) {
1586 params.bssid = ssid->bssid;
1587 params.fixed_bssid = 1;
1590 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1592 params.freq = ssid->frequency; /* Initial channel for IBSS */
1593 params.wpa_ie = wpa_ie;
1594 params.wpa_ie_len = wpa_ie_len;
1595 params.pairwise_suite = cipher_pairwise;
1596 params.group_suite = cipher_group;
1597 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1598 params.wpa_proto = wpa_s->wpa_proto;
1599 params.auth_alg = algs;
1600 params.mode = ssid->mode;
1601 params.bg_scan_period = ssid->bg_scan_period;
1602 for (i = 0; i < NUM_WEP_KEYS; i++) {
1603 if (ssid->wep_key_len[i])
1604 params.wep_key[i] = ssid->wep_key[i];
1605 params.wep_key_len[i] = ssid->wep_key_len[i];
1607 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1609 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1610 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1611 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1612 params.passphrase = ssid->passphrase;
1614 params.psk = ssid->psk;
1617 params.drop_unencrypted = use_crypt;
1619 #ifdef CONFIG_IEEE80211W
1620 params.mgmt_frame_protection =
1621 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1622 wpa_s->conf->pmf : ssid->ieee80211w;
1623 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1624 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1625 struct wpa_ie_data ie;
1626 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1628 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1629 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1630 "MFP: require MFP");
1631 params.mgmt_frame_protection =
1632 MGMT_FRAME_PROTECTION_REQUIRED;
1635 #endif /* CONFIG_IEEE80211W */
1637 params.p2p = ssid->p2p_group;
1639 if (wpa_s->parent->set_sta_uapsd)
1640 params.uapsd = wpa_s->parent->sta_uapsd;
1644 #ifdef CONFIG_HT_OVERRIDES
1645 os_memset(&htcaps, 0, sizeof(htcaps));
1646 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1647 params.htcaps = (u8 *) &htcaps;
1648 params.htcaps_mask = (u8 *) &htcaps_mask;
1649 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1650 #endif /* CONFIG_HT_OVERRIDES */
1654 * If multi-channel concurrency is not supported, check for any
1655 * frequency conflict. In case of any frequency conflict, remove the
1656 * least prioritized connection.
1658 if (wpa_s->num_multichan_concurrent < 2) {
1659 int freq = wpa_drv_shared_freq(wpa_s);
1660 if (freq > 0 && freq != params.freq) {
1661 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1663 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1669 #endif /* CONFIG_P2P */
1671 ret = wpa_drv_associate(wpa_s, ¶ms);
1673 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1675 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1677 * The driver is known to mean what is saying, so we
1678 * can stop right here; the association will not
1681 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1682 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1683 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1686 /* try to continue anyway; new association will be tried again
1691 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1692 /* Set the key after the association just in case association
1693 * cleared the previously configured key. */
1694 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1695 /* No need to timeout authentication since there is no key
1697 wpa_supplicant_cancel_auth_timeout(wpa_s);
1698 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1699 #ifdef CONFIG_IBSS_RSN
1700 } else if (ssid->mode == WPAS_MODE_IBSS &&
1701 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1702 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1704 * RSN IBSS authentication is per-STA and we can disable the
1705 * per-BSSID authentication.
1707 wpa_supplicant_cancel_auth_timeout(wpa_s);
1708 #endif /* CONFIG_IBSS_RSN */
1710 /* Timeout for IEEE 802.11 authentication and association */
1714 /* give IBSS a bit more time */
1715 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1716 } else if (wpa_s->conf->ap_scan == 1) {
1717 /* give IBSS a bit more time */
1718 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1720 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1724 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1725 /* Set static WEP keys again */
1726 wpa_set_wep_keys(wpa_s, ssid);
1729 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1731 * Do not allow EAP session resumption between different
1732 * network configurations.
1734 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1736 old_ssid = wpa_s->current_ssid;
1737 wpa_s->current_ssid = ssid;
1738 wpa_s->current_bss = bss;
1739 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1740 wpa_supplicant_initiate_eapol(wpa_s);
1741 if (old_ssid != wpa_s->current_ssid)
1742 wpas_notify_network_changed(wpa_s);
1746 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1749 struct wpa_ssid *old_ssid;
1751 wpa_clear_keys(wpa_s, addr);
1752 old_ssid = wpa_s->current_ssid;
1753 wpa_supplicant_mark_disassoc(wpa_s);
1754 wpa_sm_set_config(wpa_s->wpa, NULL);
1755 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1756 if (old_ssid != wpa_s->current_ssid)
1757 wpas_notify_network_changed(wpa_s);
1758 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1763 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1764 * @wpa_s: Pointer to wpa_supplicant data
1765 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1767 * This function is used to request %wpa_supplicant to deauthenticate from the
1770 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1774 union wpa_event_data event;
1777 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1778 " pending_bssid=" MACSTR " reason=%d state=%s",
1779 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1780 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1782 if (!is_zero_ether_addr(wpa_s->bssid))
1783 addr = wpa_s->bssid;
1784 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1785 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1786 wpa_s->wpa_state == WPA_ASSOCIATING))
1787 addr = wpa_s->pending_bssid;
1788 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1790 * When using driver-based BSS selection, we may not know the
1791 * BSSID with which we are currently trying to associate. We
1792 * need to notify the driver of this disconnection even in such
1793 * a case, so use the all zeros address here.
1795 addr = wpa_s->bssid;
1800 wpa_tdls_teardown_peers(wpa_s->wpa);
1801 #endif /* CONFIG_TDLS */
1804 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1805 os_memset(&event, 0, sizeof(event));
1806 event.deauth_info.reason_code = (u16) reason_code;
1807 event.deauth_info.locally_generated = 1;
1808 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1813 wpa_supplicant_clear_connection(wpa_s, addr);
1816 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1817 struct wpa_ssid *ssid)
1819 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1823 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1824 wpas_notify_network_enabled_changed(wpa_s, ssid);
1827 * Try to reassociate since there is no current configuration and a new
1828 * network was made available.
1830 if (!wpa_s->current_ssid && !wpa_s->disconnected)
1831 wpa_s->reassociate = 1;
1836 * wpa_supplicant_enable_network - Mark a configured network as enabled
1837 * @wpa_s: wpa_supplicant structure for a network interface
1838 * @ssid: wpa_ssid structure for a configured network or %NULL
1840 * Enables the specified network or all networks if no network specified.
1842 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1843 struct wpa_ssid *ssid)
1846 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1847 wpa_supplicant_enable_one_network(wpa_s, ssid);
1849 wpa_supplicant_enable_one_network(wpa_s, ssid);
1851 if (wpa_s->reassociate && !wpa_s->disconnected) {
1852 if (wpa_s->sched_scanning) {
1853 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1854 "new network to scan filters");
1855 wpa_supplicant_cancel_sched_scan(wpa_s);
1858 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1859 wpa_supplicant_req_scan(wpa_s, 0, 0);
1865 * wpa_supplicant_disable_network - Mark a configured network as disabled
1866 * @wpa_s: wpa_supplicant structure for a network interface
1867 * @ssid: wpa_ssid structure for a configured network or %NULL
1869 * Disables the specified network or all networks if no network specified.
1871 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1872 struct wpa_ssid *ssid)
1874 struct wpa_ssid *other_ssid;
1878 if (wpa_s->sched_scanning)
1879 wpa_supplicant_cancel_sched_scan(wpa_s);
1881 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1882 other_ssid = other_ssid->next) {
1883 was_disabled = other_ssid->disabled;
1884 if (was_disabled == 2)
1885 continue; /* do not change persistent P2P group
1888 other_ssid->disabled = 1;
1890 if (was_disabled != other_ssid->disabled)
1891 wpas_notify_network_enabled_changed(
1894 if (wpa_s->current_ssid)
1895 wpa_supplicant_deauthenticate(
1896 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1897 } else if (ssid->disabled != 2) {
1898 if (ssid == wpa_s->current_ssid)
1899 wpa_supplicant_deauthenticate(
1900 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1902 was_disabled = ssid->disabled;
1906 if (was_disabled != ssid->disabled) {
1907 wpas_notify_network_enabled_changed(wpa_s, ssid);
1908 if (wpa_s->sched_scanning) {
1909 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
1910 "to remove network from filters");
1911 wpa_supplicant_cancel_sched_scan(wpa_s);
1912 wpa_supplicant_req_scan(wpa_s, 0, 0);
1920 * wpa_supplicant_select_network - Attempt association with a network
1921 * @wpa_s: wpa_supplicant structure for a network interface
1922 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1924 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1925 struct wpa_ssid *ssid)
1928 struct wpa_ssid *other_ssid;
1929 int disconnected = 0;
1931 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
1932 wpa_supplicant_deauthenticate(
1933 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1938 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1941 * Mark all other networks disabled or mark all networks enabled if no
1942 * network specified.
1944 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1945 other_ssid = other_ssid->next) {
1946 int was_disabled = other_ssid->disabled;
1947 if (was_disabled == 2)
1948 continue; /* do not change persistent P2P group data */
1950 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1951 if (was_disabled && !other_ssid->disabled)
1952 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1954 if (was_disabled != other_ssid->disabled)
1955 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1958 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1959 /* We are already associated with the selected network */
1960 wpa_printf(MSG_DEBUG, "Already associated with the "
1961 "selected network - do nothing");
1966 wpa_s->current_ssid = ssid;
1967 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1969 wpa_s->connect_without_scan = NULL;
1970 wpa_s->disconnected = 0;
1971 wpa_s->reassociate = 1;
1973 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1974 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
1977 wpas_notify_network_selected(wpa_s, ssid);
1982 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
1983 * @wpa_s: wpa_supplicant structure for a network interface
1984 * @pkcs11_engine_path: PKCS #11 engine path or NULL
1985 * @pkcs11_module_path: PKCS #11 module path or NULL
1986 * Returns: 0 on success; -1 on failure
1988 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
1989 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
1990 * module path fails the paths will be reset to the default value (NULL).
1992 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
1993 const char *pkcs11_engine_path,
1994 const char *pkcs11_module_path)
1996 char *pkcs11_engine_path_copy = NULL;
1997 char *pkcs11_module_path_copy = NULL;
1999 if (pkcs11_engine_path != NULL) {
2000 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2001 if (pkcs11_engine_path_copy == NULL)
2004 if (pkcs11_module_path != NULL) {
2005 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2006 if (pkcs11_engine_path_copy == NULL) {
2007 os_free(pkcs11_engine_path_copy);
2012 os_free(wpa_s->conf->pkcs11_engine_path);
2013 os_free(wpa_s->conf->pkcs11_module_path);
2014 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2015 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2017 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2018 eapol_sm_deinit(wpa_s->eapol);
2019 wpa_s->eapol = NULL;
2020 if (wpa_supplicant_init_eapol(wpa_s)) {
2021 /* Error -> Reset paths to the default value (NULL) once. */
2022 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2023 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2028 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2035 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2036 * @wpa_s: wpa_supplicant structure for a network interface
2037 * @ap_scan: AP scan mode
2038 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2041 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2046 if (ap_scan < 0 || ap_scan > 2)
2050 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2051 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2052 wpa_s->wpa_state < WPA_COMPLETED) {
2053 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2054 "associating", wpa_s->conf->ap_scan, ap_scan);
2057 #endif /* ANDROID */
2059 old_ap_scan = wpa_s->conf->ap_scan;
2060 wpa_s->conf->ap_scan = ap_scan;
2062 if (old_ap_scan != wpa_s->conf->ap_scan)
2063 wpas_notify_ap_scan_changed(wpa_s);
2070 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2071 * @wpa_s: wpa_supplicant structure for a network interface
2072 * @expire_age: Expiration age in seconds
2073 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2076 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2077 unsigned int bss_expire_age)
2079 if (bss_expire_age < 10) {
2080 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2084 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2086 wpa_s->conf->bss_expiration_age = bss_expire_age;
2093 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2094 * @wpa_s: wpa_supplicant structure for a network interface
2095 * @expire_count: number of scans after which an unseen BSS is reclaimed
2096 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2099 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2100 unsigned int bss_expire_count)
2102 if (bss_expire_count < 1) {
2103 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2107 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2109 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2116 * wpa_supplicant_set_scan_interval - Set scan interval
2117 * @wpa_s: wpa_supplicant structure for a network interface
2118 * @scan_interval: scan interval in seconds
2119 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2122 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2125 if (scan_interval < 0) {
2126 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2130 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2132 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2139 * wpa_supplicant_set_debug_params - Set global debug params
2140 * @global: wpa_global structure
2141 * @debug_level: debug level
2142 * @debug_timestamp: determines if show timestamp in debug data
2143 * @debug_show_keys: determines if show keys in debug data
2144 * Returns: 0 if succeed or -1 if debug_level has wrong value
2146 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2147 int debug_timestamp, int debug_show_keys)
2150 int old_level, old_timestamp, old_show_keys;
2152 /* check for allowed debuglevels */
2153 if (debug_level != MSG_EXCESSIVE &&
2154 debug_level != MSG_MSGDUMP &&
2155 debug_level != MSG_DEBUG &&
2156 debug_level != MSG_INFO &&
2157 debug_level != MSG_WARNING &&
2158 debug_level != MSG_ERROR)
2161 old_level = wpa_debug_level;
2162 old_timestamp = wpa_debug_timestamp;
2163 old_show_keys = wpa_debug_show_keys;
2165 wpa_debug_level = debug_level;
2166 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2167 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2169 if (wpa_debug_level != old_level)
2170 wpas_notify_debug_level_changed(global);
2171 if (wpa_debug_timestamp != old_timestamp)
2172 wpas_notify_debug_timestamp_changed(global);
2173 if (wpa_debug_show_keys != old_show_keys)
2174 wpas_notify_debug_show_keys_changed(global);
2181 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2182 * @wpa_s: Pointer to wpa_supplicant data
2183 * Returns: A pointer to the current network structure or %NULL on failure
2185 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2187 struct wpa_ssid *entry;
2188 u8 ssid[MAX_SSID_LEN];
2194 res = wpa_drv_get_ssid(wpa_s, ssid);
2196 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2202 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2203 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2208 wired = wpa_s->conf->ap_scan == 0 &&
2209 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2211 entry = wpa_s->conf->ssid;
2213 if (!wpas_network_disabled(wpa_s, entry) &&
2214 ((ssid_len == entry->ssid_len &&
2215 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2216 (!entry->bssid_set ||
2217 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2220 if (!wpas_network_disabled(wpa_s, entry) &&
2221 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2222 (entry->ssid == NULL || entry->ssid_len == 0) &&
2223 (!entry->bssid_set ||
2224 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2226 #endif /* CONFIG_WPS */
2228 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2229 entry->ssid_len == 0 &&
2230 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2233 entry = entry->next;
2240 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2242 struct wpa_global *global = wpa_s->global;
2244 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2245 global->drv_priv[i] = wpa_drivers[i]->global_init();
2246 if (global->drv_priv[i] == NULL) {
2247 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2248 "'%s'", wpa_drivers[i]->name);
2253 wpa_s->driver = wpa_drivers[i];
2254 wpa_s->global_drv_priv = global->drv_priv[i];
2260 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2265 const char *pos, *driver = name;
2270 if (wpa_drivers[0] == NULL) {
2271 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2277 /* default to first driver in the list */
2278 return select_driver(wpa_s, 0);
2282 pos = os_strchr(driver, ',');
2286 len = os_strlen(driver);
2288 for (i = 0; wpa_drivers[i]; i++) {
2289 if (os_strlen(wpa_drivers[i]->name) == len &&
2290 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2292 /* First driver that succeeds wins */
2293 if (select_driver(wpa_s, i) == 0)
2301 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2307 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2308 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2309 * with struct wpa_driver_ops::init()
2310 * @src_addr: Source address of the EAPOL frame
2311 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2312 * @len: Length of the EAPOL data
2314 * This function is called for each received EAPOL frame. Most driver
2315 * interfaces rely on more generic OS mechanism for receiving frames through
2316 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2317 * take care of received EAPOL frames and deliver them to the core supplicant
2318 * code by calling this function.
2320 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2321 const u8 *buf, size_t len)
2323 struct wpa_supplicant *wpa_s = ctx;
2325 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2326 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2328 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2329 (wpa_s->last_eapol_matches_bssid &&
2332 #endif /* CONFIG_AP */
2333 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2335 * There is possible race condition between receiving the
2336 * association event and the EAPOL frame since they are coming
2337 * through different paths from the driver. In order to avoid
2338 * issues in trying to process the EAPOL frame before receiving
2339 * association information, lets queue it for processing until
2340 * the association event is received. This may also be needed in
2341 * driver-based roaming case, so also use src_addr != BSSID as a
2342 * trigger if we have previously confirmed that the
2343 * Authenticator uses BSSID as the src_addr (which is not the
2344 * case with wired IEEE 802.1X).
2346 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2347 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2348 wpa_supplicant_state_txt(wpa_s->wpa_state),
2349 MAC2STR(wpa_s->bssid));
2350 wpabuf_free(wpa_s->pending_eapol_rx);
2351 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2352 if (wpa_s->pending_eapol_rx) {
2353 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2354 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2360 wpa_s->last_eapol_matches_bssid =
2361 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2364 if (wpa_s->ap_iface) {
2365 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2368 #endif /* CONFIG_AP */
2370 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2371 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2372 "no key management is configured");
2376 if (wpa_s->eapol_received == 0 &&
2377 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2378 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2379 wpa_s->wpa_state != WPA_COMPLETED) &&
2380 (wpa_s->current_ssid == NULL ||
2381 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2382 /* Timeout for completing IEEE 802.1X and WPA authentication */
2383 wpa_supplicant_req_auth_timeout(
2385 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2386 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2387 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2390 wpa_s->eapol_received++;
2392 if (wpa_s->countermeasures) {
2393 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2398 #ifdef CONFIG_IBSS_RSN
2399 if (wpa_s->current_ssid &&
2400 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2401 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2404 #endif /* CONFIG_IBSS_RSN */
2406 /* Source address of the incoming EAPOL frame could be compared to the
2407 * current BSSID. However, it is possible that a centralized
2408 * Authenticator could be using another MAC address than the BSSID of
2409 * an AP, so just allow any address to be used for now. The replies are
2410 * still sent to the current BSSID (if available), though. */
2412 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2413 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2414 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2416 wpa_drv_poll(wpa_s);
2417 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2418 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2419 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2421 * Set portValid = TRUE here since we are going to skip 4-way
2422 * handshake processing which would normally set portValid. We
2423 * need this to allow the EAPOL state machines to be completed
2424 * without going through EAPOL-Key handshake.
2426 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2431 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2433 if (wpa_s->driver->send_eapol) {
2434 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2436 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2437 } else if ((!wpa_s->p2p_mgmt ||
2438 !(wpa_s->drv_flags &
2439 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2440 !(wpa_s->drv_flags &
2441 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2442 l2_packet_deinit(wpa_s->l2);
2443 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2444 wpa_drv_get_mac_addr(wpa_s),
2446 wpa_supplicant_rx_eapol, wpa_s, 0);
2447 if (wpa_s->l2 == NULL)
2450 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2452 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2455 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2456 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2464 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2465 const u8 *buf, size_t len)
2467 struct wpa_supplicant *wpa_s = ctx;
2468 const struct l2_ethhdr *eth;
2470 if (len < sizeof(*eth))
2472 eth = (const struct l2_ethhdr *) buf;
2474 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2475 !(eth->h_dest[0] & 0x01)) {
2476 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2477 " (bridge - not for this interface - ignore)",
2478 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2482 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2483 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2484 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2485 len - sizeof(*eth));
2490 * wpa_supplicant_driver_init - Initialize driver interface parameters
2491 * @wpa_s: Pointer to wpa_supplicant data
2492 * Returns: 0 on success, -1 on failure
2494 * This function is called to initialize driver interface parameters.
2495 * wpa_drv_init() must have been called before this function to initialize the
2498 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2500 static int interface_count = 0;
2502 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2505 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2506 MAC2STR(wpa_s->own_addr));
2507 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2509 if (wpa_s->bridge_ifname[0]) {
2510 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2511 "interface '%s'", wpa_s->bridge_ifname);
2512 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2515 wpa_supplicant_rx_eapol_bridge,
2517 if (wpa_s->l2_br == NULL) {
2518 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2519 "connection for the bridge interface '%s'",
2520 wpa_s->bridge_ifname);
2525 wpa_clear_keys(wpa_s, NULL);
2527 /* Make sure that TKIP countermeasures are not left enabled (could
2528 * happen if wpa_supplicant is killed during countermeasures. */
2529 wpa_drv_set_countermeasures(wpa_s, 0);
2531 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2532 wpa_drv_flush_pmkid(wpa_s);
2534 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2535 wpa_s->prev_scan_wildcard = 0;
2537 if (wpa_supplicant_enabled_networks(wpa_s)) {
2538 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2540 wpa_supplicant_req_scan(wpa_s, interface_count,
2544 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2550 static int wpa_supplicant_daemon(const char *pid_file)
2552 wpa_printf(MSG_DEBUG, "Daemonize..");
2553 return os_daemonize(pid_file);
2557 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2559 struct wpa_supplicant *wpa_s;
2561 wpa_s = os_zalloc(sizeof(*wpa_s));
2564 wpa_s->scan_req = INITIAL_SCAN_REQ;
2565 wpa_s->scan_interval = 5;
2566 wpa_s->new_connection = 1;
2567 wpa_s->parent = wpa_s;
2568 wpa_s->sched_scanning = 0;
2574 #ifdef CONFIG_HT_OVERRIDES
2576 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2577 struct ieee80211_ht_capabilities *htcaps,
2578 struct ieee80211_ht_capabilities *htcaps_mask,
2581 /* parse ht_mcs into hex array */
2583 const char *tmp = ht_mcs;
2586 /* If ht_mcs is null, do not set anything */
2590 /* This is what we are setting in the kernel */
2591 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2593 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2595 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2597 long v = strtol(tmp, &end, 16);
2599 wpa_msg(wpa_s, MSG_DEBUG,
2600 "htcap value[%i]: %ld end: %p tmp: %p",
2605 htcaps->supported_mcs_set[i] = v;
2608 wpa_msg(wpa_s, MSG_ERROR,
2609 "Failed to parse ht-mcs: %s, error: %s\n",
2610 ht_mcs, strerror(errno));
2616 * If we were able to parse any values, then set mask for the MCS set.
2619 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2620 IEEE80211_HT_MCS_MASK_LEN - 1);
2621 /* skip the 3 reserved bits */
2622 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2630 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2631 struct ieee80211_ht_capabilities *htcaps,
2632 struct ieee80211_ht_capabilities *htcaps_mask,
2637 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2642 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2643 htcaps_mask->ht_capabilities_info |= msk;
2645 htcaps->ht_capabilities_info &= msk;
2647 htcaps->ht_capabilities_info |= msk;
2653 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2654 struct ieee80211_ht_capabilities *htcaps,
2655 struct ieee80211_ht_capabilities *htcaps_mask,
2658 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2663 if (factor < 0 || factor > 3) {
2664 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2665 "Must be 0-3 or -1", factor);
2669 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2670 htcaps->a_mpdu_params &= ~0x3;
2671 htcaps->a_mpdu_params |= factor & 0x3;
2677 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2678 struct ieee80211_ht_capabilities *htcaps,
2679 struct ieee80211_ht_capabilities *htcaps_mask,
2682 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2687 if (density < 0 || density > 7) {
2688 wpa_msg(wpa_s, MSG_ERROR,
2689 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2694 htcaps_mask->a_mpdu_params |= 0x1C;
2695 htcaps->a_mpdu_params &= ~(0x1C);
2696 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2702 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2703 struct ieee80211_ht_capabilities *htcaps,
2704 struct ieee80211_ht_capabilities *htcaps_mask,
2707 /* Masking these out disables HT40 */
2708 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2709 HT_CAP_INFO_SHORT_GI40MHZ);
2711 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2714 htcaps->ht_capabilities_info &= ~msk;
2716 htcaps->ht_capabilities_info |= msk;
2718 htcaps_mask->ht_capabilities_info |= msk;
2724 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2725 struct ieee80211_ht_capabilities *htcaps,
2726 struct ieee80211_ht_capabilities *htcaps_mask,
2729 /* Masking these out disables SGI */
2730 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2731 HT_CAP_INFO_SHORT_GI40MHZ);
2733 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2736 htcaps->ht_capabilities_info &= ~msk;
2738 htcaps->ht_capabilities_info |= msk;
2740 htcaps_mask->ht_capabilities_info |= msk;
2746 void wpa_supplicant_apply_ht_overrides(
2747 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2748 struct wpa_driver_associate_params *params)
2750 struct ieee80211_ht_capabilities *htcaps;
2751 struct ieee80211_ht_capabilities *htcaps_mask;
2756 params->disable_ht = ssid->disable_ht;
2757 if (!params->htcaps || !params->htcaps_mask)
2760 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2761 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2762 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2763 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2764 ssid->disable_max_amsdu);
2765 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2766 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2767 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2768 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2771 #endif /* CONFIG_HT_OVERRIDES */
2774 #ifdef CONFIG_VHT_OVERRIDES
2775 void wpa_supplicant_apply_vht_overrides(
2776 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2777 struct wpa_driver_associate_params *params)
2779 struct ieee80211_vht_capabilities *vhtcaps;
2780 struct ieee80211_vht_capabilities *vhtcaps_mask;
2785 params->disable_vht = ssid->disable_vht;
2787 vhtcaps = (void *) params->vhtcaps;
2788 vhtcaps_mask = (void *) params->vhtcaps_mask;
2790 if (!vhtcaps || !vhtcaps_mask)
2793 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2794 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2796 #define OVERRIDE_MCS(i) \
2797 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2798 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2800 vhtcaps->vht_supported_mcs_set.tx_map |= \
2801 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2803 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2804 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2806 vhtcaps->vht_supported_mcs_set.rx_map |= \
2807 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2819 #endif /* CONFIG_VHT_OVERRIDES */
2822 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2827 if (!wpa_s->conf->pcsc_reader)
2830 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
2834 if (wpa_s->conf->pcsc_pin &&
2835 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2836 scard_deinit(wpa_s->scard);
2837 wpa_s->scard = NULL;
2838 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2842 len = sizeof(wpa_s->imsi) - 1;
2843 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2844 scard_deinit(wpa_s->scard);
2845 wpa_s->scard = NULL;
2846 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2849 wpa_s->imsi[len] = '\0';
2851 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2853 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2854 wpa_s->imsi, wpa_s->mnc_len);
2856 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2857 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2858 #endif /* PCSC_FUNCS */
2864 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2868 ext_password_deinit(wpa_s->ext_pw);
2869 wpa_s->ext_pw = NULL;
2870 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2872 if (!wpa_s->conf->ext_password_backend)
2875 val = os_strdup(wpa_s->conf->ext_password_backend);
2878 pos = os_strchr(val, ':');
2882 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2884 wpa_s->ext_pw = ext_password_init(val, pos);
2886 if (wpa_s->ext_pw == NULL) {
2887 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2890 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2896 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
2899 struct wpa_supplicant *iface = wpa_s->global->ifaces;
2900 struct wpa_radio *radio;
2902 while (rn && iface) {
2903 radio = iface->radio;
2904 if (radio && os_strcmp(rn, radio->name) == 0) {
2905 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
2907 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
2911 iface = iface->next;
2914 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
2915 wpa_s->ifname, rn ? rn : "N/A");
2916 radio = os_zalloc(sizeof(*radio));
2921 os_strlcpy(radio->name, rn, sizeof(radio->name));
2922 dl_list_init(&radio->ifaces);
2923 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
2929 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
2931 struct wpa_radio *radio = wpa_s->radio;
2936 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
2937 wpa_s->ifname, radio->name);
2938 dl_list_del(&wpa_s->radio_list);
2939 wpa_s->radio = NULL;
2941 if (!dl_list_empty(&radio->ifaces))
2942 return; /* Interfaces remain for this radio */
2944 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
2949 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
2950 struct wpa_interface *iface)
2952 const char *ifname, *driver, *rn;
2954 driver = iface->driver;
2956 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2959 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2960 if (wpa_s->drv_priv == NULL) {
2962 pos = driver ? os_strchr(driver, ',') : NULL;
2964 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2965 "driver interface - try next driver wrapper");
2969 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2973 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2974 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2975 "driver_param '%s'", wpa_s->conf->driver_param);
2979 ifname = wpa_drv_get_ifname(wpa_s);
2980 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2981 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2982 "interface name with '%s'", ifname);
2983 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2986 if (wpa_s->driver->get_radio_name)
2987 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
2990 if (rn && rn[0] == '\0')
2993 wpa_s->radio = radio_add_interface(wpa_s, rn);
2994 if (wpa_s->radio == NULL)
3001 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3002 struct wpa_interface *iface)
3004 struct wpa_driver_capa capa;
3006 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3007 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3008 iface->confname ? iface->confname : "N/A",
3009 iface->driver ? iface->driver : "default",
3010 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3011 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3013 if (iface->confname) {
3014 #ifdef CONFIG_BACKEND_FILE
3015 wpa_s->confname = os_rel2abs_path(iface->confname);
3016 if (wpa_s->confname == NULL) {
3017 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3018 "for configuration file '%s'.",
3022 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3023 iface->confname, wpa_s->confname);
3024 #else /* CONFIG_BACKEND_FILE */
3025 wpa_s->confname = os_strdup(iface->confname);
3026 #endif /* CONFIG_BACKEND_FILE */
3027 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3028 if (wpa_s->conf == NULL) {
3029 wpa_printf(MSG_ERROR, "Failed to read or parse "
3030 "configuration '%s'.", wpa_s->confname);
3033 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3034 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3037 * Override ctrl_interface and driver_param if set on command
3040 if (iface->ctrl_interface) {
3041 os_free(wpa_s->conf->ctrl_interface);
3042 wpa_s->conf->ctrl_interface =
3043 os_strdup(iface->ctrl_interface);
3046 if (iface->driver_param) {
3047 os_free(wpa_s->conf->driver_param);
3048 wpa_s->conf->driver_param =
3049 os_strdup(iface->driver_param);
3052 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3053 os_free(wpa_s->conf->ctrl_interface);
3054 wpa_s->conf->ctrl_interface = NULL;
3057 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3058 iface->driver_param);
3060 if (wpa_s->conf == NULL) {
3061 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3065 if (iface->ifname == NULL) {
3066 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3069 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3070 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3074 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3076 if (iface->bridge_ifname) {
3077 if (os_strlen(iface->bridge_ifname) >=
3078 sizeof(wpa_s->bridge_ifname)) {
3079 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3080 "name '%s'.", iface->bridge_ifname);
3083 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3084 sizeof(wpa_s->bridge_ifname));
3087 /* RSNA Supplicant Key Management - INITIALIZE */
3088 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3089 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3091 /* Initialize driver interface and register driver event handler before
3092 * L2 receive handler so that association events are processed before
3093 * EAPOL-Key packets if both become available for the same select()
3095 if (wpas_init_driver(wpa_s, iface) < 0)
3098 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3101 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3102 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3104 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3106 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3107 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3108 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3109 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3110 "dot11RSNAConfigPMKLifetime");
3114 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3115 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3116 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3117 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3118 "dot11RSNAConfigPMKReauthThreshold");
3122 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3123 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3124 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3125 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3126 "dot11RSNAConfigSATimeout");
3130 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3131 &wpa_s->hw.num_modes,
3134 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3135 wpa_s->drv_capa_known = 1;
3136 wpa_s->drv_flags = capa.flags;
3137 wpa_s->drv_enc = capa.enc;
3138 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3139 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3140 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3141 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3142 wpa_s->max_match_sets = capa.max_match_sets;
3143 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3144 wpa_s->max_stations = capa.max_stations;
3145 wpa_s->extended_capa = capa.extended_capa;
3146 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3147 wpa_s->extended_capa_len = capa.extended_capa_len;
3148 wpa_s->num_multichan_concurrent =
3149 capa.num_multichan_concurrent;
3151 if (wpa_s->max_remain_on_chan == 0)
3152 wpa_s->max_remain_on_chan = 1000;
3155 * Only take p2p_mgmt parameters when P2P Device is supported.
3156 * Doing it here as it determines whether l2_packet_init() will be done
3157 * during wpa_supplicant_driver_init().
3159 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3160 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3162 iface->p2p_mgmt = 1;
3164 if (wpa_s->num_multichan_concurrent == 0)
3165 wpa_s->num_multichan_concurrent = 1;
3167 if (wpa_supplicant_driver_init(wpa_s) < 0)
3171 if ((!iface->p2p_mgmt ||
3172 !(wpa_s->drv_flags &
3173 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3174 wpa_tdls_init(wpa_s->wpa))
3176 #endif /* CONFIG_TDLS */
3178 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3179 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3180 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3184 if (wpas_wps_init(wpa_s))
3187 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3189 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3191 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3192 if (wpa_s->ctrl_iface == NULL) {
3193 wpa_printf(MSG_ERROR,
3194 "Failed to initialize control interface '%s'.\n"
3195 "You may have another wpa_supplicant process "
3196 "already running or the file was\n"
3197 "left by an unclean termination of wpa_supplicant "
3198 "in which case you will need\n"
3199 "to manually remove this file before starting "
3200 "wpa_supplicant again.\n",
3201 wpa_s->conf->ctrl_interface);
3205 wpa_s->gas = gas_query_init(wpa_s);
3206 if (wpa_s->gas == NULL) {
3207 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3212 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3213 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3216 #endif /* CONFIG_P2P */
3218 if (wpa_bss_init(wpa_s) < 0)
3221 #ifdef CONFIG_EAP_PROXY
3224 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3226 if (wpa_s->mnc_len > 0) {
3227 wpa_s->imsi[len] = '\0';
3228 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3229 wpa_s->imsi, wpa_s->mnc_len);
3231 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3234 #endif /* CONFIG_EAP_PROXY */
3236 if (pcsc_reader_init(wpa_s) < 0)
3239 if (wpas_init_ext_pw(wpa_s) < 0)
3246 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3247 int notify, int terminate)
3249 wpa_s->disconnected = 1;
3250 if (wpa_s->drv_priv) {
3251 wpa_supplicant_deauthenticate(wpa_s,
3252 WLAN_REASON_DEAUTH_LEAVING);
3254 wpa_drv_set_countermeasures(wpa_s, 0);
3255 wpa_clear_keys(wpa_s, NULL);
3258 wpa_supplicant_cleanup(wpa_s);
3261 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3262 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3263 "the management interface is being removed");
3264 wpas_p2p_deinit_global(wpa_s->global);
3266 #endif /* CONFIG_P2P */
3268 radio_remove_interface(wpa_s);
3270 if (wpa_s->drv_priv)
3271 wpa_drv_deinit(wpa_s);
3274 wpas_notify_iface_removed(wpa_s);
3277 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3279 if (wpa_s->ctrl_iface) {
3280 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3281 wpa_s->ctrl_iface = NULL;
3284 if (wpa_s->conf != NULL) {
3285 wpa_config_free(wpa_s->conf);
3294 * wpa_supplicant_add_iface - Add a new network interface
3295 * @global: Pointer to global data from wpa_supplicant_init()
3296 * @iface: Interface configuration options
3297 * Returns: Pointer to the created interface or %NULL on failure
3299 * This function is used to add new network interfaces for %wpa_supplicant.
3300 * This can be called before wpa_supplicant_run() to add interfaces before the
3301 * main event loop has been started. In addition, new interfaces can be added
3302 * dynamically while %wpa_supplicant is already running. This could happen,
3303 * e.g., when a hotplug network adapter is inserted.
3305 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3306 struct wpa_interface *iface)
3308 struct wpa_supplicant *wpa_s;
3309 struct wpa_interface t_iface;
3310 struct wpa_ssid *ssid;
3312 if (global == NULL || iface == NULL)
3315 wpa_s = wpa_supplicant_alloc();
3319 wpa_s->global = global;
3322 if (global->params.override_driver) {
3323 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3325 iface->driver, global->params.override_driver);
3326 t_iface.driver = global->params.override_driver;
3328 if (global->params.override_ctrl_interface) {
3329 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3330 "ctrl_interface ('%s' -> '%s')",
3331 iface->ctrl_interface,
3332 global->params.override_ctrl_interface);
3333 t_iface.ctrl_interface =
3334 global->params.override_ctrl_interface;
3336 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3337 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3339 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3343 /* Notify the control interfaces about new iface */
3344 if (wpas_notify_iface_added(wpa_s)) {
3345 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3349 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3350 wpas_notify_network_added(wpa_s, ssid);
3352 wpa_s->next = global->ifaces;
3353 global->ifaces = wpa_s;
3355 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3356 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3363 * wpa_supplicant_remove_iface - Remove a network interface
3364 * @global: Pointer to global data from wpa_supplicant_init()
3365 * @wpa_s: Pointer to the network interface to be removed
3366 * Returns: 0 if interface was removed, -1 if interface was not found
3368 * This function can be used to dynamically remove network interfaces from
3369 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3370 * addition, this function is used to remove all remaining interfaces when
3371 * %wpa_supplicant is terminated.
3373 int wpa_supplicant_remove_iface(struct wpa_global *global,
3374 struct wpa_supplicant *wpa_s,
3377 struct wpa_supplicant *prev;
3379 /* Remove interface from the global list of interfaces */
3380 prev = global->ifaces;
3381 if (prev == wpa_s) {
3382 global->ifaces = wpa_s->next;
3384 while (prev && prev->next != wpa_s)
3388 prev->next = wpa_s->next;
3391 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3393 if (global->p2p_group_formation == wpa_s)
3394 global->p2p_group_formation = NULL;
3395 if (global->p2p_invite_group == wpa_s)
3396 global->p2p_invite_group = NULL;
3397 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3404 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3405 * @wpa_s: Pointer to the network interface
3406 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3408 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3410 const char *eapol_method;
3412 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3413 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3417 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3418 if (eapol_method == NULL)
3419 return "UNKNOWN-EAP";
3421 return eapol_method;
3426 * wpa_supplicant_get_iface - Get a new network interface
3427 * @global: Pointer to global data from wpa_supplicant_init()
3428 * @ifname: Interface name
3429 * Returns: Pointer to the interface or %NULL if not found
3431 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3434 struct wpa_supplicant *wpa_s;
3436 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3437 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3444 #ifndef CONFIG_NO_WPA_MSG
3445 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3447 struct wpa_supplicant *wpa_s = ctx;
3450 return wpa_s->ifname;
3452 #endif /* CONFIG_NO_WPA_MSG */
3456 * wpa_supplicant_init - Initialize %wpa_supplicant
3457 * @params: Parameters for %wpa_supplicant
3458 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3460 * This function is used to initialize %wpa_supplicant. After successful
3461 * initialization, the returned data pointer can be used to add and remove
3462 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3464 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3466 struct wpa_global *global;
3472 #ifdef CONFIG_DRIVER_NDIS
3474 void driver_ndis_init_ops(void);
3475 driver_ndis_init_ops();
3477 #endif /* CONFIG_DRIVER_NDIS */
3479 #ifndef CONFIG_NO_WPA_MSG
3480 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3481 #endif /* CONFIG_NO_WPA_MSG */
3483 wpa_debug_open_file(params->wpa_debug_file_path);
3484 if (params->wpa_debug_syslog)
3485 wpa_debug_open_syslog();
3486 if (params->wpa_debug_tracing) {
3487 ret = wpa_debug_open_linux_tracing();
3489 wpa_printf(MSG_ERROR,
3490 "Failed to enable trace logging");
3495 ret = eap_register_methods();
3497 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3499 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3500 "the same EAP type.");
3504 global = os_zalloc(sizeof(*global));
3507 dl_list_init(&global->p2p_srv_bonjour);
3508 dl_list_init(&global->p2p_srv_upnp);
3509 global->params.daemonize = params->daemonize;
3510 global->params.wait_for_monitor = params->wait_for_monitor;
3511 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3512 if (params->pid_file)
3513 global->params.pid_file = os_strdup(params->pid_file);
3514 if (params->ctrl_interface)
3515 global->params.ctrl_interface =
3516 os_strdup(params->ctrl_interface);
3517 if (params->ctrl_interface_group)
3518 global->params.ctrl_interface_group =
3519 os_strdup(params->ctrl_interface_group);
3520 if (params->override_driver)
3521 global->params.override_driver =
3522 os_strdup(params->override_driver);
3523 if (params->override_ctrl_interface)
3524 global->params.override_ctrl_interface =
3525 os_strdup(params->override_ctrl_interface);
3526 wpa_debug_level = global->params.wpa_debug_level =
3527 params->wpa_debug_level;
3528 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3529 params->wpa_debug_show_keys;
3530 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3531 params->wpa_debug_timestamp;
3533 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3536 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3537 wpa_supplicant_deinit(global);
3541 random_init(params->entropy_file);
3543 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3544 if (global->ctrl_iface == NULL) {
3545 wpa_supplicant_deinit(global);
3549 if (wpas_notify_supplicant_initialized(global)) {
3550 wpa_supplicant_deinit(global);
3554 for (i = 0; wpa_drivers[i]; i++)
3555 global->drv_count++;
3556 if (global->drv_count == 0) {
3557 wpa_printf(MSG_ERROR, "No drivers enabled");
3558 wpa_supplicant_deinit(global);
3561 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3562 if (global->drv_priv == NULL) {
3563 wpa_supplicant_deinit(global);
3567 #ifdef CONFIG_WIFI_DISPLAY
3568 if (wifi_display_init(global) < 0) {
3569 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3570 wpa_supplicant_deinit(global);
3573 #endif /* CONFIG_WIFI_DISPLAY */
3580 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3581 * @global: Pointer to global data from wpa_supplicant_init()
3582 * Returns: 0 after successful event loop run, -1 on failure
3584 * This function starts the main event loop and continues running as long as
3585 * there are any remaining events. In most cases, this function is running as
3586 * long as the %wpa_supplicant process in still in use.
3588 int wpa_supplicant_run(struct wpa_global *global)
3590 struct wpa_supplicant *wpa_s;
3592 if (global->params.daemonize &&
3593 wpa_supplicant_daemon(global->params.pid_file))
3596 if (global->params.wait_for_monitor) {
3597 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3598 if (wpa_s->ctrl_iface)
3599 wpa_supplicant_ctrl_iface_wait(
3603 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3604 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3613 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3614 * @global: Pointer to global data from wpa_supplicant_init()
3616 * This function is called to deinitialize %wpa_supplicant and to free all
3617 * allocated resources. Remaining network interfaces will also be removed.
3619 void wpa_supplicant_deinit(struct wpa_global *global)
3626 #ifdef CONFIG_WIFI_DISPLAY
3627 wifi_display_deinit(global);
3628 #endif /* CONFIG_WIFI_DISPLAY */
3630 while (global->ifaces)
3631 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3633 if (global->ctrl_iface)
3634 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3636 wpas_notify_supplicant_deinitialized(global);
3638 eap_peer_unregister_methods();
3640 eap_server_unregister_methods();
3641 #endif /* CONFIG_AP */
3643 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3644 if (!global->drv_priv[i])
3646 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3648 os_free(global->drv_priv);
3654 if (global->params.pid_file) {
3655 os_daemonize_terminate(global->params.pid_file);
3656 os_free(global->params.pid_file);
3658 os_free(global->params.ctrl_interface);
3659 os_free(global->params.ctrl_interface_group);
3660 os_free(global->params.override_driver);
3661 os_free(global->params.override_ctrl_interface);
3663 os_free(global->p2p_disallow_freq.range);
3664 os_free(global->add_psk);
3667 wpa_debug_close_syslog();
3668 wpa_debug_close_file();
3669 wpa_debug_close_linux_tracing();
3673 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3675 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3676 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3678 country[0] = wpa_s->conf->country[0];
3679 country[1] = wpa_s->conf->country[1];
3681 if (wpa_drv_set_country(wpa_s, country) < 0) {
3682 wpa_printf(MSG_ERROR, "Failed to set country code "
3687 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3688 wpas_init_ext_pw(wpa_s);
3691 wpas_wps_update_config(wpa_s);
3692 #endif /* CONFIG_WPS */
3695 wpas_p2p_update_config(wpa_s);
3696 #endif /* CONFIG_P2P */
3698 wpa_s->conf->changed_parameters = 0;
3702 static void add_freq(int *freqs, int *num_freqs, int freq)
3706 for (i = 0; i < *num_freqs; i++) {
3707 if (freqs[i] == freq)
3711 freqs[*num_freqs] = freq;
3716 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3718 struct wpa_bss *bss, *cbss;
3719 const int max_freqs = 10;
3723 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3727 cbss = wpa_s->current_bss;
3729 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3732 if (bss->ssid_len == cbss->ssid_len &&
3733 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3734 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3735 add_freq(freqs, &num_freqs, bss->freq);
3736 if (num_freqs == max_freqs)
3741 if (num_freqs == 0) {
3750 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3757 * Remove possible authentication timeout since the connection failed.
3759 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3761 if (wpa_s->disconnected) {
3763 * There is no point in blacklisting the AP if this event is
3764 * generated based on local request to disconnect.
3766 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
3767 "indication since interface has been put into "
3768 "disconnected state");
3773 * Add the failed BSSID into the blacklist and speed up next scan
3774 * attempt if there could be other APs that could accept association.
3775 * The current blacklist count indicates how many times we have tried
3776 * connecting to this AP and multiple attempts mean that other APs are
3777 * either not available or has already been tried, so that we can start
3778 * increasing the delay here to avoid constant scanning.
3780 count = wpa_blacklist_add(wpa_s, bssid);
3781 if (count == 1 && wpa_s->current_bss) {
3783 * This BSS was not in the blacklist before. If there is
3784 * another BSS available for the same ESS, we should try that
3785 * next. Otherwise, we may as well try this one once more
3786 * before allowing other, likely worse, ESSes to be considered.
3788 freqs = get_bss_freqs_in_ess(wpa_s);
3790 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3791 "has been seen; try it next");
3792 wpa_blacklist_add(wpa_s, bssid);
3794 * On the next scan, go through only the known channels
3795 * used in this ESS based on previous scans to speed up
3796 * common load balancing use case.
3798 os_free(wpa_s->next_scan_freqs);
3799 wpa_s->next_scan_freqs = freqs;
3804 * Add previous failure count in case the temporary blacklist was
3805 * cleared due to no other BSSes being available.
3807 count += wpa_s->extra_blacklist_count;
3809 if (count > 3 && wpa_s->current_ssid) {
3810 wpa_printf(MSG_DEBUG, "Continuous association failures - "
3811 "consider temporary network disabling");
3812 wpas_auth_failed(wpa_s);
3833 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
3834 "ms", count, timeout);
3837 * TODO: if more than one possible AP is available in scan results,
3838 * could try the other ones before requesting a new scan.
3840 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3841 1000 * (timeout % 1000));
3843 wpas_p2p_continue_after_scan(wpa_s);
3847 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3849 return wpa_s->conf->ap_scan == 2 ||
3850 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3854 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3855 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3856 struct wpa_ssid *ssid,
3860 #ifdef IEEE8021X_EAPOL
3861 struct eap_peer_config *eap = &ssid->eap;
3863 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3864 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3865 (const u8 *) value, os_strlen(value));
3867 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3868 case WPA_CTRL_REQ_EAP_IDENTITY:
3869 os_free(eap->identity);
3870 eap->identity = (u8 *) os_strdup(value);
3871 eap->identity_len = os_strlen(value);
3872 eap->pending_req_identity = 0;
3873 if (ssid == wpa_s->current_ssid)
3874 wpa_s->reassociate = 1;
3876 case WPA_CTRL_REQ_EAP_PASSWORD:
3877 os_free(eap->password);
3878 eap->password = (u8 *) os_strdup(value);
3879 eap->password_len = os_strlen(value);
3880 eap->pending_req_password = 0;
3881 if (ssid == wpa_s->current_ssid)
3882 wpa_s->reassociate = 1;
3884 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3885 os_free(eap->new_password);
3886 eap->new_password = (u8 *) os_strdup(value);
3887 eap->new_password_len = os_strlen(value);
3888 eap->pending_req_new_password = 0;
3889 if (ssid == wpa_s->current_ssid)
3890 wpa_s->reassociate = 1;
3892 case WPA_CTRL_REQ_EAP_PIN:
3894 eap->pin = os_strdup(value);
3895 eap->pending_req_pin = 0;
3896 if (ssid == wpa_s->current_ssid)
3897 wpa_s->reassociate = 1;
3899 case WPA_CTRL_REQ_EAP_OTP:
3901 eap->otp = (u8 *) os_strdup(value);
3902 eap->otp_len = os_strlen(value);
3903 os_free(eap->pending_req_otp);
3904 eap->pending_req_otp = NULL;
3905 eap->pending_req_otp_len = 0;
3907 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3908 os_free(eap->private_key_passwd);
3909 eap->private_key_passwd = (u8 *) os_strdup(value);
3910 eap->pending_req_passphrase = 0;
3911 if (ssid == wpa_s->current_ssid)
3912 wpa_s->reassociate = 1;
3914 case WPA_CTRL_REQ_SIM:
3915 os_free(eap->external_sim_resp);
3916 eap->external_sim_resp = os_strdup(value);
3919 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3924 #else /* IEEE8021X_EAPOL */
3925 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3927 #endif /* IEEE8021X_EAPOL */
3929 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
3932 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3935 unsigned int drv_enc;
3943 if (wpa_s && wpa_s->drv_capa_known)
3944 drv_enc = wpa_s->drv_enc;
3946 drv_enc = (unsigned int) -1;
3948 for (i = 0; i < NUM_WEP_KEYS; i++) {
3949 size_t len = ssid->wep_key_len[i];
3952 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3954 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3956 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3958 return 1; /* invalid WEP key */
3961 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3969 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3971 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3973 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3979 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3981 struct wpa_ssid *ssid = wpa_s->current_ssid;
3983 struct os_reltime now;
3986 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3991 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3994 ssid->auth_failures++;
3997 if (ssid->p2p_group &&
3998 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4000 * Skip the wait time since there is a short timeout on the
4001 * connection to a P2P group.
4005 #endif /* CONFIG_P2P */
4007 if (ssid->auth_failures > 50)
4009 else if (ssid->auth_failures > 20)
4011 else if (ssid->auth_failures > 10)
4013 else if (ssid->auth_failures > 5)
4015 else if (ssid->auth_failures > 1)
4020 os_get_reltime(&now);
4021 if (now.sec + dur <= ssid->disabled_until.sec)
4024 ssid->disabled_until.sec = now.sec + dur;
4026 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4027 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4028 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4029 ssid->auth_failures, dur);
4033 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4034 struct wpa_ssid *ssid, int clear_failures)
4039 if (ssid->disabled_until.sec) {
4040 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4041 "id=%d ssid=\"%s\"",
4042 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4044 ssid->disabled_until.sec = 0;
4045 ssid->disabled_until.usec = 0;
4047 ssid->auth_failures = 0;
4051 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4055 if (wpa_s->disallow_aps_bssid == NULL)
4058 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4059 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4060 bssid, ETH_ALEN) == 0)
4068 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4073 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4076 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4077 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4078 if (ssid_len == s->ssid_len &&
4079 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4088 * wpas_request_connection - Request a new connection
4089 * @wpa_s: Pointer to the network interface
4091 * This function is used to request a new connection to be found. It will mark
4092 * the interface to allow reassociation and request a new scan to find a
4093 * suitable network to connect to.
4095 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4097 wpa_s->normal_scans = 0;
4098 wpa_supplicant_reinit_autoscan(wpa_s);
4099 wpa_s->extra_blacklist_count = 0;
4100 wpa_s->disconnected = 0;
4101 wpa_s->reassociate = 1;
4103 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4104 wpa_supplicant_req_scan(wpa_s, 0, 0);
4108 static int wpas_conn_in_progress(struct wpa_supplicant *wpa_s)
4110 return wpa_s->wpa_state >= WPA_AUTHENTICATING &&
4111 wpa_s->wpa_state != WPA_COMPLETED;
4116 * wpas_wpa_is_in_progress - Check whether a connection is in progress
4117 * @wpa_s: Pointer to wpa_supplicant data
4118 * @include_current: Whether to consider specified interface
4120 * This function is to check if the wpa state is in beginning of the connection
4121 * during 4-way handshake or group key handshake with WPA on any shared
4124 int wpas_wpa_is_in_progress(struct wpa_supplicant *wpa_s, int include_current)
4126 struct wpa_supplicant *ifs;
4128 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4130 if (!include_current && ifs == wpa_s)
4133 if (wpas_conn_in_progress(ifs)) {
4134 wpa_dbg(wpa_s, MSG_DEBUG, "Connection is in progress "
4135 "on interface %s - defer", ifs->ifname);
4144 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4145 int *freq_array, unsigned int len)
4149 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4151 for (i = 0; i < len; i++)
4152 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4157 * Find the operating frequencies of any of the virtual interfaces that
4158 * are using the same radio as the current interface.
4160 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4161 int *freq_array, unsigned int len)
4163 struct wpa_supplicant *ifs;
4166 unsigned int idx = 0, i;
4168 wpa_dbg(wpa_s, MSG_DEBUG,
4169 "Determining shared radio frequencies (max len %u)", len);
4170 os_memset(freq_array, 0, sizeof(int) * len);
4172 /* First add the frequency of the local interface */
4173 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4174 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4175 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4176 freq_array[idx++] = wpa_s->current_ssid->frequency;
4177 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4178 freq_array[idx++] = wpa_s->assoc_freq;
4181 /* If get_radio_name is not supported, use only the local freq */
4182 if (!wpa_s->driver->get_radio_name) {
4183 freq = wpa_drv_shared_freq(wpa_s);
4184 if (freq > 0 && idx < len &&
4185 (idx == 0 || freq_array[0] != freq))
4186 freq_array[idx++] = freq;
4187 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4191 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4196 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4199 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4200 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4201 freq = ifs->current_ssid->frequency;
4202 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4203 freq = ifs->assoc_freq;
4207 /* Hold only distinct freqs */
4208 for (i = 0; i < idx; i++)
4209 if (freq_array[i] == freq)
4213 freq_array[idx++] = freq;
4216 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);