3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 /* Configure default/group WEP keys for static WEP */
108 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
112 for (i = 0; i < NUM_WEP_KEYS; i++) {
113 if (ssid->wep_key_len[i] == 0)
117 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
118 i, i == ssid->wep_tx_keyidx, NULL, 0,
119 ssid->wep_key[i], ssid->wep_key_len[i]);
126 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
127 struct wpa_ssid *ssid)
134 /* IBSS/WPA-None uses only one key (Group) for both receiving and
135 * sending unicast and multicast packets. */
137 if (ssid->mode != WPAS_MODE_IBSS) {
138 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
139 "IBSS/ad-hoc) for WPA-None", ssid->mode);
143 if (!ssid->psk_set) {
144 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
149 switch (wpa_s->group_cipher) {
150 case WPA_CIPHER_CCMP:
151 os_memcpy(key, ssid->psk, 16);
155 case WPA_CIPHER_GCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_TKIP:
161 /* WPA-None uses the same Michael MIC key for both TX and RX */
162 os_memcpy(key, ssid->psk, 16 + 8);
163 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
169 "WPA-None", wpa_s->group_cipher);
173 /* TODO: should actually remember the previously used seq#, both for TX
174 * and RX from each STA.. */
176 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
180 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
182 struct wpa_supplicant *wpa_s = eloop_ctx;
183 const u8 *bssid = wpa_s->bssid;
184 if (is_zero_ether_addr(bssid))
185 bssid = wpa_s->pending_bssid;
186 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
188 wpa_blacklist_add(wpa_s, bssid);
189 wpa_sm_notify_disassoc(wpa_s->wpa);
190 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
191 wpa_s->reassociate = 1;
194 * If we timed out, the AP or the local radio may be busy.
195 * So, wait a second until scanning again.
197 wpa_supplicant_req_scan(wpa_s, 1, 0);
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
207 * This function is used to schedule a timeout for the current authentication
210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
213 if (wpa_s->conf->ap_scan == 0 &&
214 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
217 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
218 "%d usec", sec, usec);
219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
234 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236 wpa_blacklist_del(wpa_s, wpa_s->bssid);
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
249 #ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf;
251 struct wpa_ssid *ssid = wpa_s->current_ssid;
253 #ifdef CONFIG_IBSS_RSN
254 if (ssid->mode == WPAS_MODE_IBSS &&
255 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
258 * RSN IBSS authentication is per-STA and we can disable the
259 * per-BSSID EAPOL authentication.
261 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
266 #endif /* CONFIG_IBSS_RSN */
268 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
272 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
273 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
277 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
279 eapol_conf.accept_802_1x_keys = 1;
280 eapol_conf.required_keys = 0;
281 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
282 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
284 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
285 eapol_conf.required_keys |=
286 EAPOL_REQUIRE_KEY_BROADCAST;
289 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
290 eapol_conf.required_keys = 0;
292 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
293 eapol_conf.workaround = ssid->eap_workaround;
294 eapol_conf.eap_disabled =
295 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
296 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
298 eapol_conf.external_sim = wpa_s->conf->external_sim;
299 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
300 #endif /* IEEE8021X_EAPOL */
305 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306 * @wpa_s: Pointer to wpa_supplicant data
307 * @ssid: Configuration data for the network
309 * This function is used to configure WPA state machine and related parameters
310 * to a mode where WPA is not enabled. This is called as part of the
311 * authentication configuration when the selected network does not use WPA.
313 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
314 struct wpa_ssid *ssid)
318 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
319 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
320 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
321 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
323 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
324 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
325 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
326 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
327 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
328 wpa_s->group_cipher = WPA_CIPHER_NONE;
329 wpa_s->mgmt_group_cipher = 0;
331 for (i = 0; i < NUM_WEP_KEYS; i++) {
332 if (ssid->wep_key_len[i] > 5) {
333 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
334 wpa_s->group_cipher = WPA_CIPHER_WEP104;
336 } else if (ssid->wep_key_len[i] > 0) {
337 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
338 wpa_s->group_cipher = WPA_CIPHER_WEP40;
343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
344 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
345 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
346 wpa_s->pairwise_cipher);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
348 #ifdef CONFIG_IEEE80211W
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
350 wpa_s->mgmt_group_cipher);
351 #endif /* CONFIG_IEEE80211W */
353 pmksa_cache_clear_current(wpa_s->wpa);
357 void free_hw_features(struct wpa_supplicant *wpa_s)
360 if (wpa_s->hw.modes == NULL)
363 for (i = 0; i < wpa_s->hw.num_modes; i++) {
364 os_free(wpa_s->hw.modes[i].channels);
365 os_free(wpa_s->hw.modes[i].rates);
368 os_free(wpa_s->hw.modes);
369 wpa_s->hw.modes = NULL;
373 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
375 bgscan_deinit(wpa_s);
376 autoscan_deinit(wpa_s);
377 scard_deinit(wpa_s->scard);
379 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
380 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
381 l2_packet_deinit(wpa_s->l2);
384 l2_packet_deinit(wpa_s->l2_br);
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
394 os_free(wpa_s->confname);
395 wpa_s->confname = NULL;
397 os_free(wpa_s->confanother);
398 wpa_s->confanother = NULL;
400 wpa_sm_set_eapol(wpa_s->wpa, NULL);
401 eapol_sm_deinit(wpa_s->eapol);
404 rsn_preauth_deinit(wpa_s->wpa);
407 wpa_tdls_deinit(wpa_s->wpa);
408 #endif /* CONFIG_TDLS */
410 pmksa_candidate_free(wpa_s->wpa);
411 wpa_sm_deinit(wpa_s->wpa);
413 wpa_blacklist_clear(wpa_s);
415 wpa_bss_deinit(wpa_s);
417 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
418 wpa_supplicant_cancel_scan(wpa_s);
419 wpa_supplicant_cancel_auth_timeout(wpa_s);
420 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
421 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
422 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
424 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
426 wpas_wps_deinit(wpa_s);
428 wpabuf_free(wpa_s->pending_eapol_rx);
429 wpa_s->pending_eapol_rx = NULL;
431 #ifdef CONFIG_IBSS_RSN
432 ibss_rsn_deinit(wpa_s->ibss_rsn);
433 wpa_s->ibss_rsn = NULL;
434 #endif /* CONFIG_IBSS_RSN */
439 wpa_supplicant_ap_deinit(wpa_s);
440 #endif /* CONFIG_AP */
443 wpas_p2p_deinit(wpa_s);
444 #endif /* CONFIG_P2P */
446 #ifdef CONFIG_OFFCHANNEL
447 offchannel_deinit(wpa_s);
448 #endif /* CONFIG_OFFCHANNEL */
450 wpa_supplicant_cancel_sched_scan(wpa_s);
452 os_free(wpa_s->next_scan_freqs);
453 wpa_s->next_scan_freqs = NULL;
455 os_free(wpa_s->manual_scan_freqs);
456 wpa_s->manual_scan_freqs = NULL;
458 gas_query_deinit(wpa_s->gas);
461 free_hw_features(wpa_s);
463 os_free(wpa_s->bssid_filter);
464 wpa_s->bssid_filter = NULL;
466 os_free(wpa_s->disallow_aps_bssid);
467 wpa_s->disallow_aps_bssid = NULL;
468 os_free(wpa_s->disallow_aps_ssid);
469 wpa_s->disallow_aps_ssid = NULL;
471 wnm_bss_keep_alive_deinit(wpa_s);
473 wnm_deallocate_memory(wpa_s);
474 #endif /* CONFIG_WNM */
476 ext_password_deinit(wpa_s->ext_pw);
477 wpa_s->ext_pw = NULL;
479 wpabuf_free(wpa_s->last_gas_resp);
480 wpa_s->last_gas_resp = NULL;
481 wpabuf_free(wpa_s->prev_gas_resp);
482 wpa_s->prev_gas_resp = NULL;
484 os_free(wpa_s->last_scan_res);
485 wpa_s->last_scan_res = NULL;
490 * wpa_clear_keys - Clear keys configured for the driver
491 * @wpa_s: Pointer to wpa_supplicant data
492 * @addr: Previously used BSSID or %NULL if not available
494 * This function clears the encryption keys that has been previously configured
497 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
501 #ifdef CONFIG_IEEE80211W
503 #else /* CONFIG_IEEE80211W */
505 #endif /* CONFIG_IEEE80211W */
507 /* MLME-DELETEKEYS.request */
508 for (i = 0; i < max; i++) {
509 if (wpa_s->keys_cleared & BIT(i))
511 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
514 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
515 !is_zero_ether_addr(addr)) {
516 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
518 /* MLME-SETPROTECTION.request(None) */
519 wpa_drv_mlme_setprotection(
521 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
522 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
524 wpa_s->keys_cleared = (u32) -1;
529 * wpa_supplicant_state_txt - Get the connection state name as a text string
530 * @state: State (wpa_state; WPA_*)
531 * Returns: The state name as a printable text string
533 const char * wpa_supplicant_state_txt(enum wpa_states state)
536 case WPA_DISCONNECTED:
537 return "DISCONNECTED";
540 case WPA_INTERFACE_DISABLED:
541 return "INTERFACE_DISABLED";
544 case WPA_AUTHENTICATING:
545 return "AUTHENTICATING";
546 case WPA_ASSOCIATING:
547 return "ASSOCIATING";
550 case WPA_4WAY_HANDSHAKE:
551 return "4WAY_HANDSHAKE";
552 case WPA_GROUP_HANDSHAKE:
553 return "GROUP_HANDSHAKE";
564 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
568 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
569 name = wpa_s->current_ssid->bgscan;
571 name = wpa_s->conf->bgscan;
574 if (wpas_driver_bss_selection(wpa_s))
576 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
579 bgscan_deinit(wpa_s);
580 if (wpa_s->current_ssid) {
581 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
582 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
585 * Live without bgscan; it is only used as a roaming
586 * optimization, so the initial connection is not
590 struct wpa_scan_results *scan_res;
591 wpa_s->bgscan_ssid = wpa_s->current_ssid;
592 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
595 bgscan_notify_scan(wpa_s, scan_res);
596 wpa_scan_results_free(scan_res);
600 wpa_s->bgscan_ssid = NULL;
604 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
606 if (wpa_s->bgscan_ssid != NULL) {
607 bgscan_deinit(wpa_s);
608 wpa_s->bgscan_ssid = NULL;
612 #endif /* CONFIG_BGSCAN */
615 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
617 if (autoscan_init(wpa_s, 0))
618 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
622 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
624 autoscan_deinit(wpa_s);
628 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
630 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
631 wpa_s->wpa_state == WPA_SCANNING) {
632 autoscan_deinit(wpa_s);
633 wpa_supplicant_start_autoscan(wpa_s);
639 * wpa_supplicant_set_state - Set current connection state
640 * @wpa_s: Pointer to wpa_supplicant data
641 * @state: The new connection state
643 * This function is called whenever the connection state changes, e.g.,
644 * association is completed for WPA/WPA2 4-Way Handshake is started.
646 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
647 enum wpa_states state)
649 enum wpa_states old_state = wpa_s->wpa_state;
651 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
652 wpa_supplicant_state_txt(wpa_s->wpa_state),
653 wpa_supplicant_state_txt(state));
655 if (state == WPA_INTERFACE_DISABLED) {
656 /* Assure normal scan when interface is restored */
657 wpa_s->normal_scans = 0;
660 if (state == WPA_COMPLETED)
661 wpas_connect_work_done(wpa_s);
663 if (state != WPA_SCANNING)
664 wpa_supplicant_notify_scanning(wpa_s, 0);
666 if (state == WPA_COMPLETED && wpa_s->new_connection) {
667 struct wpa_ssid *ssid = wpa_s->current_ssid;
668 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
669 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
670 MACSTR " completed [id=%d id_str=%s]",
671 MAC2STR(wpa_s->bssid),
672 ssid ? ssid->id : -1,
673 ssid && ssid->id_str ? ssid->id_str : "");
674 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
675 wpas_clear_temp_disabled(wpa_s, ssid, 1);
676 wpa_s->extra_blacklist_count = 0;
677 wpa_s->new_connection = 0;
678 wpa_drv_set_operstate(wpa_s, 1);
679 #ifndef IEEE8021X_EAPOL
680 wpa_drv_set_supp_port(wpa_s, 1);
681 #endif /* IEEE8021X_EAPOL */
682 wpa_s->after_wps = 0;
683 wpa_s->known_wps_freq = 0;
685 wpas_p2p_completed(wpa_s);
686 #endif /* CONFIG_P2P */
688 sme_sched_obss_scan(wpa_s, 1);
689 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
690 state == WPA_ASSOCIATED) {
691 wpa_s->new_connection = 1;
692 wpa_drv_set_operstate(wpa_s, 0);
693 #ifndef IEEE8021X_EAPOL
694 wpa_drv_set_supp_port(wpa_s, 0);
695 #endif /* IEEE8021X_EAPOL */
696 sme_sched_obss_scan(wpa_s, 0);
698 wpa_s->wpa_state = state;
701 if (state == WPA_COMPLETED)
702 wpa_supplicant_start_bgscan(wpa_s);
703 else if (state < WPA_ASSOCIATED)
704 wpa_supplicant_stop_bgscan(wpa_s);
705 #endif /* CONFIG_BGSCAN */
707 if (state == WPA_AUTHENTICATING)
708 wpa_supplicant_stop_autoscan(wpa_s);
710 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
711 wpa_supplicant_start_autoscan(wpa_s);
713 if (wpa_s->wpa_state != old_state) {
714 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
716 if (wpa_s->wpa_state == WPA_COMPLETED ||
717 old_state == WPA_COMPLETED)
718 wpas_notify_auth_changed(wpa_s);
723 void wpa_supplicant_terminate_proc(struct wpa_global *global)
727 struct wpa_supplicant *wpa_s = global->ifaces;
729 struct wpa_supplicant *next = wpa_s->next;
731 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
732 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
733 wpas_p2p_disconnect(wpa_s);
734 #endif /* CONFIG_P2P */
735 if (wpas_wps_terminate_pending(wpa_s) == 1)
739 #endif /* CONFIG_WPS */
746 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
748 struct wpa_global *global = signal_ctx;
749 wpa_supplicant_terminate_proc(global);
753 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
755 enum wpa_states old_state = wpa_s->wpa_state;
757 wpa_s->pairwise_cipher = 0;
758 wpa_s->group_cipher = 0;
759 wpa_s->mgmt_group_cipher = 0;
761 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
762 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
764 if (wpa_s->wpa_state != old_state)
765 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
770 * wpa_supplicant_reload_configuration - Reload configuration data
771 * @wpa_s: Pointer to wpa_supplicant data
772 * Returns: 0 on success or -1 if configuration parsing failed
774 * This function can be used to request that the configuration data is reloaded
775 * (e.g., after configuration file change). This function is reloading
776 * configuration only for one interface, so this may need to be called multiple
777 * times if %wpa_supplicant is controlling multiple interfaces and all
778 * interfaces need reconfiguration.
780 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
782 struct wpa_config *conf;
786 if (wpa_s->confname == NULL)
788 conf = wpa_config_read(wpa_s->confname, NULL);
790 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
791 "file '%s' - exiting", wpa_s->confname);
794 wpa_config_read(wpa_s->confanother, conf);
796 conf->changed_parameters = (unsigned int) -1;
798 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
799 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
800 os_strcmp(conf->ctrl_interface,
801 wpa_s->conf->ctrl_interface) != 0);
803 if (reconf_ctrl && wpa_s->ctrl_iface) {
804 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
805 wpa_s->ctrl_iface = NULL;
808 eapol_sm_invalidate_cached_session(wpa_s->eapol);
809 if (wpa_s->current_ssid) {
810 wpa_supplicant_deauthenticate(wpa_s,
811 WLAN_REASON_DEAUTH_LEAVING);
815 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
816 * pkcs11_engine_path, pkcs11_module_path.
818 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
820 * Clear forced success to clear EAP state for next
823 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
825 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
826 wpa_sm_set_config(wpa_s->wpa, NULL);
827 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
828 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
829 rsn_preauth_deinit(wpa_s->wpa);
831 old_ap_scan = wpa_s->conf->ap_scan;
832 wpa_config_free(wpa_s->conf);
834 if (old_ap_scan != wpa_s->conf->ap_scan)
835 wpas_notify_ap_scan_changed(wpa_s);
838 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
840 wpa_supplicant_update_config(wpa_s);
842 wpa_supplicant_clear_status(wpa_s);
843 if (wpa_supplicant_enabled_networks(wpa_s)) {
844 wpa_s->reassociate = 1;
845 wpa_supplicant_req_scan(wpa_s, 0, 0);
847 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
852 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
854 struct wpa_global *global = signal_ctx;
855 struct wpa_supplicant *wpa_s;
856 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
857 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
859 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
860 wpa_supplicant_terminate_proc(global);
866 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
867 struct wpa_ssid *ssid,
868 struct wpa_ie_data *ie)
870 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
873 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
874 "from association info");
879 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
881 if (!(ie->group_cipher & ssid->group_cipher)) {
882 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
883 "cipher 0x%x (mask 0x%x) - reject",
884 ie->group_cipher, ssid->group_cipher);
887 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
888 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
889 "cipher 0x%x (mask 0x%x) - reject",
890 ie->pairwise_cipher, ssid->pairwise_cipher);
893 if (!(ie->key_mgmt & ssid->key_mgmt)) {
894 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
895 "management 0x%x (mask 0x%x) - reject",
896 ie->key_mgmt, ssid->key_mgmt);
900 #ifdef CONFIG_IEEE80211W
901 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
902 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
903 wpa_s->conf->pmf : ssid->ieee80211w) ==
904 MGMT_FRAME_PROTECTION_REQUIRED) {
905 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
906 "that does not support management frame protection - "
910 #endif /* CONFIG_IEEE80211W */
917 * wpa_supplicant_set_suites - Set authentication and encryption parameters
918 * @wpa_s: Pointer to wpa_supplicant data
919 * @bss: Scan results for the selected BSS, or %NULL if not available
920 * @ssid: Configuration data for the selected network
921 * @wpa_ie: Buffer for the WPA/RSN IE
922 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
923 * used buffer length in case the functions returns success.
924 * Returns: 0 on success or -1 on failure
926 * This function is used to configure authentication and encryption parameters
927 * based on the network configuration and scan result for the selected BSS (if
930 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
931 struct wpa_bss *bss, struct wpa_ssid *ssid,
932 u8 *wpa_ie, size_t *wpa_ie_len)
934 struct wpa_ie_data ie;
936 const u8 *bss_wpa, *bss_rsn;
939 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
940 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
942 bss_wpa = bss_rsn = NULL;
944 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
945 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
946 (ie.group_cipher & ssid->group_cipher) &&
947 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
948 (ie.key_mgmt & ssid->key_mgmt)) {
949 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
950 proto = WPA_PROTO_RSN;
951 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
952 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
953 (ie.group_cipher & ssid->group_cipher) &&
954 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
955 (ie.key_mgmt & ssid->key_mgmt)) {
956 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
957 proto = WPA_PROTO_WPA;
959 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
962 if (ssid->proto & WPA_PROTO_RSN)
963 proto = WPA_PROTO_RSN;
965 proto = WPA_PROTO_WPA;
966 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
967 os_memset(&ie, 0, sizeof(ie));
968 ie.group_cipher = ssid->group_cipher;
969 ie.pairwise_cipher = ssid->pairwise_cipher;
970 ie.key_mgmt = ssid->key_mgmt;
971 #ifdef CONFIG_IEEE80211W
972 ie.mgmt_group_cipher =
973 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
974 WPA_CIPHER_AES_128_CMAC : 0;
975 #endif /* CONFIG_IEEE80211W */
976 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
977 "based on configuration");
982 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
983 "pairwise %d key_mgmt %d proto %d",
984 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
985 #ifdef CONFIG_IEEE80211W
986 if (ssid->ieee80211w) {
987 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
988 ie.mgmt_group_cipher);
990 #endif /* CONFIG_IEEE80211W */
992 wpa_s->wpa_proto = proto;
993 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
994 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
995 !!(ssid->proto & WPA_PROTO_RSN));
997 if (bss || !wpa_s->ap_ies_from_associnfo) {
998 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
999 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1000 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1001 bss_rsn ? 2 + bss_rsn[1] : 0))
1005 sel = ie.group_cipher & ssid->group_cipher;
1006 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1007 if (wpa_s->group_cipher < 0) {
1008 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1013 wpa_cipher_txt(wpa_s->group_cipher));
1015 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1016 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1017 if (wpa_s->pairwise_cipher < 0) {
1018 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1022 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1023 wpa_cipher_txt(wpa_s->pairwise_cipher));
1025 sel = ie.key_mgmt & ssid->key_mgmt;
1027 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1028 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1029 #endif /* CONFIG_SAE */
1031 #ifdef CONFIG_IEEE80211R
1032 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1033 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1034 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1035 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1036 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1037 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1038 #endif /* CONFIG_IEEE80211R */
1040 } else if (sel & WPA_KEY_MGMT_SAE) {
1041 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1042 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1043 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1044 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1045 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1046 #endif /* CONFIG_SAE */
1047 #ifdef CONFIG_IEEE80211W
1048 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1049 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1050 wpa_dbg(wpa_s, MSG_DEBUG,
1051 "WPA: using KEY_MGMT 802.1X with SHA256");
1052 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1053 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1054 wpa_dbg(wpa_s, MSG_DEBUG,
1055 "WPA: using KEY_MGMT PSK with SHA256");
1056 #endif /* CONFIG_IEEE80211W */
1057 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1058 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1060 } else if (sel & WPA_KEY_MGMT_PSK) {
1061 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1062 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1063 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1064 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1065 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1067 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1068 "authenticated key management type");
1072 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1073 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1074 wpa_s->pairwise_cipher);
1075 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1077 #ifdef CONFIG_IEEE80211W
1078 sel = ie.mgmt_group_cipher;
1079 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1080 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1081 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1083 if (sel & WPA_CIPHER_AES_128_CMAC) {
1084 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1085 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1088 wpa_s->mgmt_group_cipher = 0;
1089 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1091 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1092 wpa_s->mgmt_group_cipher);
1093 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1094 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1095 wpa_s->conf->pmf : ssid->ieee80211w));
1096 #endif /* CONFIG_IEEE80211W */
1098 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1099 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1103 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1104 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1105 #ifndef CONFIG_NO_PBKDF2
1106 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1109 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1110 4096, psk, PMK_LEN);
1111 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1113 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1115 #endif /* CONFIG_NO_PBKDF2 */
1116 #ifdef CONFIG_EXT_PASSWORD
1117 if (ssid->ext_psk) {
1118 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1120 char pw_str[64 + 1];
1124 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1125 "found from external storage");
1129 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1130 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1131 "PSK length %d in external storage",
1132 (int) wpabuf_len(pw));
1133 ext_password_free(pw);
1137 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1138 pw_str[wpabuf_len(pw)] = '\0';
1140 #ifndef CONFIG_NO_PBKDF2
1141 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1143 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1144 4096, psk, PMK_LEN);
1145 os_memset(pw_str, 0, sizeof(pw_str));
1146 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1147 "external passphrase)",
1149 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1151 #endif /* CONFIG_NO_PBKDF2 */
1152 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1153 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1154 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1155 "Invalid PSK hex string");
1156 os_memset(pw_str, 0, sizeof(pw_str));
1157 ext_password_free(pw);
1160 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1162 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1164 os_memset(pw_str, 0, sizeof(pw_str));
1165 ext_password_free(pw);
1169 os_memset(pw_str, 0, sizeof(pw_str));
1170 ext_password_free(pw);
1172 #endif /* CONFIG_EXT_PASSWORD */
1174 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1180 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1185 case 0: /* Bits 0-7 */
1187 case 1: /* Bits 8-15 */
1189 case 2: /* Bits 16-23 */
1191 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1192 *pos |= 0x08; /* Bit 19 - BSS Transition */
1193 #endif /* CONFIG_WNM */
1195 case 3: /* Bits 24-31 */
1197 *pos |= 0x02; /* Bit 25 - SSID List */
1198 #endif /* CONFIG_WNM */
1199 #ifdef CONFIG_INTERWORKING
1200 if (wpa_s->conf->interworking)
1201 *pos |= 0x80; /* Bit 31 - Interworking */
1202 #endif /* CONFIG_INTERWORKING */
1204 case 4: /* Bits 32-39 */
1205 #ifdef CONFIG_INTERWORKING
1206 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1207 *pos |= 0x01; /* Bit 32 - QoS Map */
1208 #endif /* CONFIG_INTERWORKING */
1210 case 5: /* Bits 40-47 */
1212 case 6: /* Bits 48-55 */
1218 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1223 if (len < wpa_s->extended_capa_len)
1224 len = wpa_s->extended_capa_len;
1226 *pos++ = WLAN_EID_EXT_CAPAB;
1228 for (i = 0; i < len; i++, pos++) {
1229 wpas_ext_capab_byte(wpa_s, pos, i);
1231 if (i < wpa_s->extended_capa_len) {
1232 *pos &= ~wpa_s->extended_capa_mask[i];
1233 *pos |= wpa_s->extended_capa[i];
1237 while (len > 0 && buf[1 + len] == 0) {
1248 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1249 struct wpa_bss *test_bss)
1251 struct wpa_bss *bss;
1253 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1254 if (bss == test_bss)
1262 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1263 struct wpa_ssid *test_ssid)
1265 struct wpa_ssid *ssid;
1267 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1268 if (ssid == test_ssid)
1276 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1277 struct wpa_ssid *test_ssid)
1279 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1282 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1286 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1294 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1296 struct wpa_connect_work *cwork;
1297 struct wpa_radio_work *work = wpa_s->connect_work;
1302 wpa_s->connect_work = NULL;
1305 wpas_connect_work_free(cwork);
1306 radio_work_done(work);
1310 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1313 * wpa_supplicant_associate - Request association
1314 * @wpa_s: Pointer to wpa_supplicant data
1315 * @bss: Scan results for the selected BSS, or %NULL if not available
1316 * @ssid: Configuration data for the selected network
1318 * This function is used to request %wpa_supplicant to associate with a BSS.
1320 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1321 struct wpa_bss *bss, struct wpa_ssid *ssid)
1323 struct wpa_connect_work *cwork;
1325 #ifdef CONFIG_IBSS_RSN
1326 ibss_rsn_deinit(wpa_s->ibss_rsn);
1327 wpa_s->ibss_rsn = NULL;
1328 #endif /* CONFIG_IBSS_RSN */
1330 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1331 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1333 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1334 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1338 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1339 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1340 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1341 wpas_p2p_ap_setup_failed(wpa_s);
1344 wpa_s->current_bss = bss;
1345 #else /* CONFIG_AP */
1346 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1348 #endif /* CONFIG_AP */
1354 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1356 #endif /* CONFIG_TDLS */
1358 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1359 ssid->mode == IEEE80211_MODE_INFRA) {
1360 sme_authenticate(wpa_s, bss, ssid);
1364 if (wpa_s->connect_work) {
1365 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1369 cwork = os_zalloc(sizeof(*cwork));
1376 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1377 wpas_start_assoc_cb, cwork) < 0) {
1383 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1385 struct wpa_connect_work *cwork = work->ctx;
1386 struct wpa_bss *bss = cwork->bss;
1387 struct wpa_ssid *ssid = cwork->ssid;
1388 struct wpa_supplicant *wpa_s = work->wpa_s;
1391 int use_crypt, ret, i, bssid_changed;
1392 int algs = WPA_AUTH_ALG_OPEN;
1393 unsigned int cipher_pairwise, cipher_group;
1394 struct wpa_driver_associate_params params;
1395 int wep_keys_set = 0;
1396 int assoc_failed = 0;
1397 struct wpa_ssid *old_ssid;
1398 #ifdef CONFIG_HT_OVERRIDES
1399 struct ieee80211_ht_capabilities htcaps;
1400 struct ieee80211_ht_capabilities htcaps_mask;
1401 #endif /* CONFIG_HT_OVERRIDES */
1404 wpas_connect_work_free(cwork);
1408 wpa_s->connect_work = work;
1410 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1411 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1412 wpas_connect_work_done(wpa_s);
1416 os_memset(¶ms, 0, sizeof(params));
1417 wpa_s->reassociate = 0;
1418 wpa_s->eap_expected_failure = 0;
1419 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1420 #ifdef CONFIG_IEEE80211R
1421 const u8 *ie, *md = NULL;
1422 #endif /* CONFIG_IEEE80211R */
1423 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1424 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1425 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1426 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1427 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1428 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1430 wpas_notify_bssid_changed(wpa_s);
1431 #ifdef CONFIG_IEEE80211R
1432 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1433 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1435 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1437 /* Prepare for the next transition */
1438 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1440 #endif /* CONFIG_IEEE80211R */
1442 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1443 wpa_s->conf->ap_scan == 2 &&
1444 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1445 /* Use ap_scan==1 style network selection to find the network
1447 wpa_s->scan_req = MANUAL_SCAN_REQ;
1448 wpa_s->reassociate = 1;
1449 wpa_supplicant_req_scan(wpa_s, 0, 0);
1451 #endif /* CONFIG_WPS */
1453 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1454 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1455 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1457 wpa_supplicant_cancel_sched_scan(wpa_s);
1458 wpa_supplicant_cancel_scan(wpa_s);
1460 /* Starting new association, so clear the possibly used WPA IE from the
1461 * previous association. */
1462 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1464 #ifdef IEEE8021X_EAPOL
1465 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1467 if (ssid->non_leap == 0)
1468 algs = WPA_AUTH_ALG_LEAP;
1470 algs |= WPA_AUTH_ALG_LEAP;
1473 #endif /* IEEE8021X_EAPOL */
1474 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1475 if (ssid->auth_alg) {
1476 algs = ssid->auth_alg;
1477 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1481 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1482 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1483 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1484 int try_opportunistic;
1485 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1487 ssid->proactive_key_caching) &&
1488 (ssid->proto & WPA_PROTO_RSN);
1489 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1490 ssid, try_opportunistic) == 0)
1491 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1492 wpa_ie_len = sizeof(wpa_ie);
1493 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1494 wpa_ie, &wpa_ie_len)) {
1495 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1496 "key management and encryption suites");
1499 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1500 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1502 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1503 * use non-WPA since the scan results did not indicate that the
1504 * AP is using WPA or WPA2.
1506 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1508 wpa_s->wpa_proto = 0;
1509 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1510 wpa_ie_len = sizeof(wpa_ie);
1511 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1512 wpa_ie, &wpa_ie_len)) {
1513 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1514 "key management and encryption suites (no "
1519 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1520 struct wpabuf *wps_ie;
1521 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1522 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1523 wpa_ie_len = wpabuf_len(wps_ie);
1524 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1527 wpabuf_free(wps_ie);
1528 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1529 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1530 params.wps = WPS_MODE_PRIVACY;
1532 params.wps = WPS_MODE_OPEN;
1533 wpa_s->wpa_proto = 0;
1534 #endif /* CONFIG_WPS */
1536 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1538 wpa_s->wpa_proto = 0;
1542 if (wpa_s->global->p2p) {
1546 pos = wpa_ie + wpa_ie_len;
1547 len = sizeof(wpa_ie) - wpa_ie_len;
1548 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1554 wpa_s->cross_connect_disallowed = 0;
1557 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1559 wpa_s->cross_connect_disallowed =
1560 p2p_get_cross_connect_disallowed(p2p);
1562 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1564 wpa_s->cross_connect_disallowed ?
1565 "disallows" : "allows");
1568 #endif /* CONFIG_P2P */
1571 if (is_hs20_network(wpa_s, ssid, bss)) {
1572 struct wpabuf *hs20;
1573 hs20 = wpabuf_alloc(20);
1575 wpas_hs20_add_indication(hs20);
1576 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1578 wpa_ie_len += wpabuf_len(hs20);
1582 #endif /* CONFIG_HS20 */
1585 * Workaround: Add Extended Capabilities element only if the AP
1586 * included this element in Beacon/Probe Response frames. Some older
1587 * APs seem to have interoperability issues if this element is
1588 * included, so while the standard may require us to include the
1589 * element in all cases, it is justifiable to skip it to avoid
1590 * interoperability issues.
1592 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1595 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1596 if (ext_capab_len > 0) {
1598 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1600 os_memmove(pos + ext_capab_len, pos,
1601 wpa_ie_len - (pos - wpa_ie));
1602 wpa_ie_len += ext_capab_len;
1603 os_memcpy(pos, ext_capab, ext_capab_len);
1607 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1609 cipher_pairwise = wpa_s->pairwise_cipher;
1610 cipher_group = wpa_s->group_cipher;
1611 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1612 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1613 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1615 if (wpa_set_wep_keys(wpa_s, ssid)) {
1620 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1623 #ifdef IEEE8021X_EAPOL
1624 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1625 if ((ssid->eapol_flags &
1626 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1627 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1631 /* Assume that dynamic WEP-104 keys will be used and
1632 * set cipher suites in order for drivers to expect
1634 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1637 #endif /* IEEE8021X_EAPOL */
1639 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1640 /* Set the key before (and later after) association */
1641 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1644 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1646 params.ssid = bss->ssid;
1647 params.ssid_len = bss->ssid_len;
1648 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1649 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1650 MACSTR " freq=%u MHz based on scan results "
1652 MAC2STR(bss->bssid), bss->freq,
1654 params.bssid = bss->bssid;
1655 params.freq = bss->freq;
1658 params.ssid = ssid->ssid;
1659 params.ssid_len = ssid->ssid_len;
1662 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1663 wpa_s->conf->ap_scan == 2) {
1664 params.bssid = ssid->bssid;
1665 params.fixed_bssid = 1;
1668 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1670 params.freq = ssid->frequency; /* Initial channel for IBSS */
1671 params.wpa_ie = wpa_ie;
1672 params.wpa_ie_len = wpa_ie_len;
1673 params.pairwise_suite = cipher_pairwise;
1674 params.group_suite = cipher_group;
1675 params.key_mgmt_suite = wpa_s->key_mgmt;
1676 params.wpa_proto = wpa_s->wpa_proto;
1677 params.auth_alg = algs;
1678 params.mode = ssid->mode;
1679 params.bg_scan_period = ssid->bg_scan_period;
1680 for (i = 0; i < NUM_WEP_KEYS; i++) {
1681 if (ssid->wep_key_len[i])
1682 params.wep_key[i] = ssid->wep_key[i];
1683 params.wep_key_len[i] = ssid->wep_key_len[i];
1685 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1687 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1688 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1689 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1690 params.passphrase = ssid->passphrase;
1692 params.psk = ssid->psk;
1695 params.drop_unencrypted = use_crypt;
1697 #ifdef CONFIG_IEEE80211W
1698 params.mgmt_frame_protection =
1699 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1700 wpa_s->conf->pmf : ssid->ieee80211w;
1701 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1702 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1703 struct wpa_ie_data ie;
1704 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1706 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1707 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1708 "MFP: require MFP");
1709 params.mgmt_frame_protection =
1710 MGMT_FRAME_PROTECTION_REQUIRED;
1713 #endif /* CONFIG_IEEE80211W */
1715 params.p2p = ssid->p2p_group;
1717 if (wpa_s->parent->set_sta_uapsd)
1718 params.uapsd = wpa_s->parent->sta_uapsd;
1722 #ifdef CONFIG_HT_OVERRIDES
1723 os_memset(&htcaps, 0, sizeof(htcaps));
1724 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1725 params.htcaps = (u8 *) &htcaps;
1726 params.htcaps_mask = (u8 *) &htcaps_mask;
1727 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1728 #endif /* CONFIG_HT_OVERRIDES */
1732 * If multi-channel concurrency is not supported, check for any
1733 * frequency conflict. In case of any frequency conflict, remove the
1734 * least prioritized connection.
1736 if (wpa_s->num_multichan_concurrent < 2) {
1737 int freq = wpa_drv_shared_freq(wpa_s);
1738 if (freq > 0 && freq != params.freq) {
1739 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1741 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1747 #endif /* CONFIG_P2P */
1749 ret = wpa_drv_associate(wpa_s, ¶ms);
1751 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1753 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1755 * The driver is known to mean what is saying, so we
1756 * can stop right here; the association will not
1759 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1760 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1761 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1764 /* try to continue anyway; new association will be tried again
1769 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1770 /* Set the key after the association just in case association
1771 * cleared the previously configured key. */
1772 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1773 /* No need to timeout authentication since there is no key
1775 wpa_supplicant_cancel_auth_timeout(wpa_s);
1776 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1777 #ifdef CONFIG_IBSS_RSN
1778 } else if (ssid->mode == WPAS_MODE_IBSS &&
1779 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1780 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1782 * RSN IBSS authentication is per-STA and we can disable the
1783 * per-BSSID authentication.
1785 wpa_supplicant_cancel_auth_timeout(wpa_s);
1786 #endif /* CONFIG_IBSS_RSN */
1788 /* Timeout for IEEE 802.11 authentication and association */
1792 /* give IBSS a bit more time */
1793 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1794 } else if (wpa_s->conf->ap_scan == 1) {
1795 /* give IBSS a bit more time */
1796 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1798 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1802 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1803 /* Set static WEP keys again */
1804 wpa_set_wep_keys(wpa_s, ssid);
1807 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1809 * Do not allow EAP session resumption between different
1810 * network configurations.
1812 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1814 old_ssid = wpa_s->current_ssid;
1815 wpa_s->current_ssid = ssid;
1816 wpa_s->current_bss = bss;
1817 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1818 wpa_supplicant_initiate_eapol(wpa_s);
1819 if (old_ssid != wpa_s->current_ssid)
1820 wpas_notify_network_changed(wpa_s);
1824 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1827 struct wpa_ssid *old_ssid;
1829 wpa_clear_keys(wpa_s, addr);
1830 old_ssid = wpa_s->current_ssid;
1831 wpa_supplicant_mark_disassoc(wpa_s);
1832 wpa_sm_set_config(wpa_s->wpa, NULL);
1833 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1834 if (old_ssid != wpa_s->current_ssid)
1835 wpas_notify_network_changed(wpa_s);
1836 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1841 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1842 * @wpa_s: Pointer to wpa_supplicant data
1843 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1845 * This function is used to request %wpa_supplicant to deauthenticate from the
1848 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1852 union wpa_event_data event;
1855 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1856 " pending_bssid=" MACSTR " reason=%d state=%s",
1857 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1858 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1860 if (!is_zero_ether_addr(wpa_s->bssid))
1861 addr = wpa_s->bssid;
1862 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1863 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1864 wpa_s->wpa_state == WPA_ASSOCIATING))
1865 addr = wpa_s->pending_bssid;
1866 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1868 * When using driver-based BSS selection, we may not know the
1869 * BSSID with which we are currently trying to associate. We
1870 * need to notify the driver of this disconnection even in such
1871 * a case, so use the all zeros address here.
1873 addr = wpa_s->bssid;
1878 wpa_tdls_teardown_peers(wpa_s->wpa);
1879 #endif /* CONFIG_TDLS */
1882 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1883 os_memset(&event, 0, sizeof(event));
1884 event.deauth_info.reason_code = (u16) reason_code;
1885 event.deauth_info.locally_generated = 1;
1886 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1891 wpa_supplicant_clear_connection(wpa_s, addr);
1894 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1895 struct wpa_ssid *ssid)
1897 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1901 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1902 wpas_notify_network_enabled_changed(wpa_s, ssid);
1905 * Try to reassociate since there is no current configuration and a new
1906 * network was made available.
1908 if (!wpa_s->current_ssid && !wpa_s->disconnected)
1909 wpa_s->reassociate = 1;
1914 * wpa_supplicant_enable_network - Mark a configured network as enabled
1915 * @wpa_s: wpa_supplicant structure for a network interface
1916 * @ssid: wpa_ssid structure for a configured network or %NULL
1918 * Enables the specified network or all networks if no network specified.
1920 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1921 struct wpa_ssid *ssid)
1924 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1925 wpa_supplicant_enable_one_network(wpa_s, ssid);
1927 wpa_supplicant_enable_one_network(wpa_s, ssid);
1929 if (wpa_s->reassociate && !wpa_s->disconnected) {
1930 if (wpa_s->sched_scanning) {
1931 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1932 "new network to scan filters");
1933 wpa_supplicant_cancel_sched_scan(wpa_s);
1936 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1937 wpa_supplicant_req_scan(wpa_s, 0, 0);
1943 * wpa_supplicant_disable_network - Mark a configured network as disabled
1944 * @wpa_s: wpa_supplicant structure for a network interface
1945 * @ssid: wpa_ssid structure for a configured network or %NULL
1947 * Disables the specified network or all networks if no network specified.
1949 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1950 struct wpa_ssid *ssid)
1952 struct wpa_ssid *other_ssid;
1956 if (wpa_s->sched_scanning)
1957 wpa_supplicant_cancel_sched_scan(wpa_s);
1959 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1960 other_ssid = other_ssid->next) {
1961 was_disabled = other_ssid->disabled;
1962 if (was_disabled == 2)
1963 continue; /* do not change persistent P2P group
1966 other_ssid->disabled = 1;
1968 if (was_disabled != other_ssid->disabled)
1969 wpas_notify_network_enabled_changed(
1972 if (wpa_s->current_ssid)
1973 wpa_supplicant_deauthenticate(
1974 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1975 } else if (ssid->disabled != 2) {
1976 if (ssid == wpa_s->current_ssid)
1977 wpa_supplicant_deauthenticate(
1978 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1980 was_disabled = ssid->disabled;
1984 if (was_disabled != ssid->disabled) {
1985 wpas_notify_network_enabled_changed(wpa_s, ssid);
1986 if (wpa_s->sched_scanning) {
1987 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
1988 "to remove network from filters");
1989 wpa_supplicant_cancel_sched_scan(wpa_s);
1990 wpa_supplicant_req_scan(wpa_s, 0, 0);
1998 * wpa_supplicant_select_network - Attempt association with a network
1999 * @wpa_s: wpa_supplicant structure for a network interface
2000 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2002 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2003 struct wpa_ssid *ssid)
2006 struct wpa_ssid *other_ssid;
2007 int disconnected = 0;
2009 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2010 wpa_supplicant_deauthenticate(
2011 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2016 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2019 * Mark all other networks disabled or mark all networks enabled if no
2020 * network specified.
2022 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2023 other_ssid = other_ssid->next) {
2024 int was_disabled = other_ssid->disabled;
2025 if (was_disabled == 2)
2026 continue; /* do not change persistent P2P group data */
2028 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2029 if (was_disabled && !other_ssid->disabled)
2030 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2032 if (was_disabled != other_ssid->disabled)
2033 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2036 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2037 /* We are already associated with the selected network */
2038 wpa_printf(MSG_DEBUG, "Already associated with the "
2039 "selected network - do nothing");
2044 wpa_s->current_ssid = ssid;
2045 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2047 wpa_s->connect_without_scan = NULL;
2048 wpa_s->disconnected = 0;
2049 wpa_s->reassociate = 1;
2051 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2052 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2055 wpas_notify_network_selected(wpa_s, ssid);
2060 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2061 * @wpa_s: wpa_supplicant structure for a network interface
2062 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2063 * @pkcs11_module_path: PKCS #11 module path or NULL
2064 * Returns: 0 on success; -1 on failure
2066 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2067 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2068 * module path fails the paths will be reset to the default value (NULL).
2070 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2071 const char *pkcs11_engine_path,
2072 const char *pkcs11_module_path)
2074 char *pkcs11_engine_path_copy = NULL;
2075 char *pkcs11_module_path_copy = NULL;
2077 if (pkcs11_engine_path != NULL) {
2078 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2079 if (pkcs11_engine_path_copy == NULL)
2082 if (pkcs11_module_path != NULL) {
2083 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2084 if (pkcs11_engine_path_copy == NULL) {
2085 os_free(pkcs11_engine_path_copy);
2090 os_free(wpa_s->conf->pkcs11_engine_path);
2091 os_free(wpa_s->conf->pkcs11_module_path);
2092 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2093 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2095 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2096 eapol_sm_deinit(wpa_s->eapol);
2097 wpa_s->eapol = NULL;
2098 if (wpa_supplicant_init_eapol(wpa_s)) {
2099 /* Error -> Reset paths to the default value (NULL) once. */
2100 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2101 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2106 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2113 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2114 * @wpa_s: wpa_supplicant structure for a network interface
2115 * @ap_scan: AP scan mode
2116 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2119 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2124 if (ap_scan < 0 || ap_scan > 2)
2128 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2129 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2130 wpa_s->wpa_state < WPA_COMPLETED) {
2131 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2132 "associating", wpa_s->conf->ap_scan, ap_scan);
2135 #endif /* ANDROID */
2137 old_ap_scan = wpa_s->conf->ap_scan;
2138 wpa_s->conf->ap_scan = ap_scan;
2140 if (old_ap_scan != wpa_s->conf->ap_scan)
2141 wpas_notify_ap_scan_changed(wpa_s);
2148 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2149 * @wpa_s: wpa_supplicant structure for a network interface
2150 * @expire_age: Expiration age in seconds
2151 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2154 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2155 unsigned int bss_expire_age)
2157 if (bss_expire_age < 10) {
2158 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2162 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2164 wpa_s->conf->bss_expiration_age = bss_expire_age;
2171 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2172 * @wpa_s: wpa_supplicant structure for a network interface
2173 * @expire_count: number of scans after which an unseen BSS is reclaimed
2174 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2177 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2178 unsigned int bss_expire_count)
2180 if (bss_expire_count < 1) {
2181 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2185 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2187 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2194 * wpa_supplicant_set_scan_interval - Set scan interval
2195 * @wpa_s: wpa_supplicant structure for a network interface
2196 * @scan_interval: scan interval in seconds
2197 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2200 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2203 if (scan_interval < 0) {
2204 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2208 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2210 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2217 * wpa_supplicant_set_debug_params - Set global debug params
2218 * @global: wpa_global structure
2219 * @debug_level: debug level
2220 * @debug_timestamp: determines if show timestamp in debug data
2221 * @debug_show_keys: determines if show keys in debug data
2222 * Returns: 0 if succeed or -1 if debug_level has wrong value
2224 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2225 int debug_timestamp, int debug_show_keys)
2228 int old_level, old_timestamp, old_show_keys;
2230 /* check for allowed debuglevels */
2231 if (debug_level != MSG_EXCESSIVE &&
2232 debug_level != MSG_MSGDUMP &&
2233 debug_level != MSG_DEBUG &&
2234 debug_level != MSG_INFO &&
2235 debug_level != MSG_WARNING &&
2236 debug_level != MSG_ERROR)
2239 old_level = wpa_debug_level;
2240 old_timestamp = wpa_debug_timestamp;
2241 old_show_keys = wpa_debug_show_keys;
2243 wpa_debug_level = debug_level;
2244 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2245 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2247 if (wpa_debug_level != old_level)
2248 wpas_notify_debug_level_changed(global);
2249 if (wpa_debug_timestamp != old_timestamp)
2250 wpas_notify_debug_timestamp_changed(global);
2251 if (wpa_debug_show_keys != old_show_keys)
2252 wpas_notify_debug_show_keys_changed(global);
2259 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2260 * @wpa_s: Pointer to wpa_supplicant data
2261 * Returns: A pointer to the current network structure or %NULL on failure
2263 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2265 struct wpa_ssid *entry;
2266 u8 ssid[MAX_SSID_LEN];
2272 res = wpa_drv_get_ssid(wpa_s, ssid);
2274 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2280 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2281 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2286 wired = wpa_s->conf->ap_scan == 0 &&
2287 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2289 entry = wpa_s->conf->ssid;
2291 if (!wpas_network_disabled(wpa_s, entry) &&
2292 ((ssid_len == entry->ssid_len &&
2293 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2294 (!entry->bssid_set ||
2295 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2298 if (!wpas_network_disabled(wpa_s, entry) &&
2299 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2300 (entry->ssid == NULL || entry->ssid_len == 0) &&
2301 (!entry->bssid_set ||
2302 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2304 #endif /* CONFIG_WPS */
2306 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2307 entry->ssid_len == 0 &&
2308 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2311 entry = entry->next;
2318 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2320 struct wpa_global *global = wpa_s->global;
2322 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2323 global->drv_priv[i] = wpa_drivers[i]->global_init();
2324 if (global->drv_priv[i] == NULL) {
2325 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2326 "'%s'", wpa_drivers[i]->name);
2331 wpa_s->driver = wpa_drivers[i];
2332 wpa_s->global_drv_priv = global->drv_priv[i];
2338 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2343 const char *pos, *driver = name;
2348 if (wpa_drivers[0] == NULL) {
2349 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2355 /* default to first driver in the list */
2356 return select_driver(wpa_s, 0);
2360 pos = os_strchr(driver, ',');
2364 len = os_strlen(driver);
2366 for (i = 0; wpa_drivers[i]; i++) {
2367 if (os_strlen(wpa_drivers[i]->name) == len &&
2368 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2370 /* First driver that succeeds wins */
2371 if (select_driver(wpa_s, i) == 0)
2379 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2385 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2386 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2387 * with struct wpa_driver_ops::init()
2388 * @src_addr: Source address of the EAPOL frame
2389 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2390 * @len: Length of the EAPOL data
2392 * This function is called for each received EAPOL frame. Most driver
2393 * interfaces rely on more generic OS mechanism for receiving frames through
2394 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2395 * take care of received EAPOL frames and deliver them to the core supplicant
2396 * code by calling this function.
2398 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2399 const u8 *buf, size_t len)
2401 struct wpa_supplicant *wpa_s = ctx;
2403 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2404 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2406 #ifdef CONFIG_PEERKEY
2407 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2408 wpa_s->current_ssid->peerkey &&
2409 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2410 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2411 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2414 #endif /* CONFIG_PEERKEY */
2416 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2417 (wpa_s->last_eapol_matches_bssid &&
2420 #endif /* CONFIG_AP */
2421 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2423 * There is possible race condition between receiving the
2424 * association event and the EAPOL frame since they are coming
2425 * through different paths from the driver. In order to avoid
2426 * issues in trying to process the EAPOL frame before receiving
2427 * association information, lets queue it for processing until
2428 * the association event is received. This may also be needed in
2429 * driver-based roaming case, so also use src_addr != BSSID as a
2430 * trigger if we have previously confirmed that the
2431 * Authenticator uses BSSID as the src_addr (which is not the
2432 * case with wired IEEE 802.1X).
2434 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2435 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2436 wpa_supplicant_state_txt(wpa_s->wpa_state),
2437 MAC2STR(wpa_s->bssid));
2438 wpabuf_free(wpa_s->pending_eapol_rx);
2439 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2440 if (wpa_s->pending_eapol_rx) {
2441 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2442 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2448 wpa_s->last_eapol_matches_bssid =
2449 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2452 if (wpa_s->ap_iface) {
2453 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2456 #endif /* CONFIG_AP */
2458 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2459 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2460 "no key management is configured");
2464 if (wpa_s->eapol_received == 0 &&
2465 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2466 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2467 wpa_s->wpa_state != WPA_COMPLETED) &&
2468 (wpa_s->current_ssid == NULL ||
2469 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2470 /* Timeout for completing IEEE 802.1X and WPA authentication */
2471 wpa_supplicant_req_auth_timeout(
2473 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2474 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2475 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2478 wpa_s->eapol_received++;
2480 if (wpa_s->countermeasures) {
2481 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2486 #ifdef CONFIG_IBSS_RSN
2487 if (wpa_s->current_ssid &&
2488 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2489 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2492 #endif /* CONFIG_IBSS_RSN */
2494 /* Source address of the incoming EAPOL frame could be compared to the
2495 * current BSSID. However, it is possible that a centralized
2496 * Authenticator could be using another MAC address than the BSSID of
2497 * an AP, so just allow any address to be used for now. The replies are
2498 * still sent to the current BSSID (if available), though. */
2500 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2501 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2502 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2504 wpa_drv_poll(wpa_s);
2505 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2506 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2507 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2509 * Set portValid = TRUE here since we are going to skip 4-way
2510 * handshake processing which would normally set portValid. We
2511 * need this to allow the EAPOL state machines to be completed
2512 * without going through EAPOL-Key handshake.
2514 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2519 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2521 if (wpa_s->driver->send_eapol) {
2522 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2524 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2525 } else if ((!wpa_s->p2p_mgmt ||
2526 !(wpa_s->drv_flags &
2527 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2528 !(wpa_s->drv_flags &
2529 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2530 l2_packet_deinit(wpa_s->l2);
2531 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2532 wpa_drv_get_mac_addr(wpa_s),
2534 wpa_supplicant_rx_eapol, wpa_s, 0);
2535 if (wpa_s->l2 == NULL)
2538 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2540 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2543 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2544 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2552 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2553 const u8 *buf, size_t len)
2555 struct wpa_supplicant *wpa_s = ctx;
2556 const struct l2_ethhdr *eth;
2558 if (len < sizeof(*eth))
2560 eth = (const struct l2_ethhdr *) buf;
2562 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2563 !(eth->h_dest[0] & 0x01)) {
2564 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2565 " (bridge - not for this interface - ignore)",
2566 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2570 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2571 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2572 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2573 len - sizeof(*eth));
2578 * wpa_supplicant_driver_init - Initialize driver interface parameters
2579 * @wpa_s: Pointer to wpa_supplicant data
2580 * Returns: 0 on success, -1 on failure
2582 * This function is called to initialize driver interface parameters.
2583 * wpa_drv_init() must have been called before this function to initialize the
2586 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2588 static int interface_count = 0;
2590 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2593 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2594 MAC2STR(wpa_s->own_addr));
2595 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2597 if (wpa_s->bridge_ifname[0]) {
2598 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2599 "interface '%s'", wpa_s->bridge_ifname);
2600 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2603 wpa_supplicant_rx_eapol_bridge,
2605 if (wpa_s->l2_br == NULL) {
2606 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2607 "connection for the bridge interface '%s'",
2608 wpa_s->bridge_ifname);
2613 wpa_clear_keys(wpa_s, NULL);
2615 /* Make sure that TKIP countermeasures are not left enabled (could
2616 * happen if wpa_supplicant is killed during countermeasures. */
2617 wpa_drv_set_countermeasures(wpa_s, 0);
2619 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2620 wpa_drv_flush_pmkid(wpa_s);
2622 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2623 wpa_s->prev_scan_wildcard = 0;
2625 if (wpa_supplicant_enabled_networks(wpa_s)) {
2626 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2627 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2628 interface_count = 0;
2630 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2632 wpa_supplicant_req_scan(wpa_s, interface_count,
2636 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2642 static int wpa_supplicant_daemon(const char *pid_file)
2644 wpa_printf(MSG_DEBUG, "Daemonize..");
2645 return os_daemonize(pid_file);
2649 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2651 struct wpa_supplicant *wpa_s;
2653 wpa_s = os_zalloc(sizeof(*wpa_s));
2656 wpa_s->scan_req = INITIAL_SCAN_REQ;
2657 wpa_s->scan_interval = 5;
2658 wpa_s->new_connection = 1;
2659 wpa_s->parent = wpa_s;
2660 wpa_s->sched_scanning = 0;
2666 #ifdef CONFIG_HT_OVERRIDES
2668 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2669 struct ieee80211_ht_capabilities *htcaps,
2670 struct ieee80211_ht_capabilities *htcaps_mask,
2673 /* parse ht_mcs into hex array */
2675 const char *tmp = ht_mcs;
2678 /* If ht_mcs is null, do not set anything */
2682 /* This is what we are setting in the kernel */
2683 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2685 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2687 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2689 long v = strtol(tmp, &end, 16);
2691 wpa_msg(wpa_s, MSG_DEBUG,
2692 "htcap value[%i]: %ld end: %p tmp: %p",
2697 htcaps->supported_mcs_set[i] = v;
2700 wpa_msg(wpa_s, MSG_ERROR,
2701 "Failed to parse ht-mcs: %s, error: %s\n",
2702 ht_mcs, strerror(errno));
2708 * If we were able to parse any values, then set mask for the MCS set.
2711 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2712 IEEE80211_HT_MCS_MASK_LEN - 1);
2713 /* skip the 3 reserved bits */
2714 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2722 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2723 struct ieee80211_ht_capabilities *htcaps,
2724 struct ieee80211_ht_capabilities *htcaps_mask,
2729 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2734 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2735 htcaps_mask->ht_capabilities_info |= msk;
2737 htcaps->ht_capabilities_info &= msk;
2739 htcaps->ht_capabilities_info |= msk;
2745 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2746 struct ieee80211_ht_capabilities *htcaps,
2747 struct ieee80211_ht_capabilities *htcaps_mask,
2750 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2755 if (factor < 0 || factor > 3) {
2756 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2757 "Must be 0-3 or -1", factor);
2761 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2762 htcaps->a_mpdu_params &= ~0x3;
2763 htcaps->a_mpdu_params |= factor & 0x3;
2769 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2770 struct ieee80211_ht_capabilities *htcaps,
2771 struct ieee80211_ht_capabilities *htcaps_mask,
2774 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2779 if (density < 0 || density > 7) {
2780 wpa_msg(wpa_s, MSG_ERROR,
2781 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2786 htcaps_mask->a_mpdu_params |= 0x1C;
2787 htcaps->a_mpdu_params &= ~(0x1C);
2788 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2794 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2795 struct ieee80211_ht_capabilities *htcaps,
2796 struct ieee80211_ht_capabilities *htcaps_mask,
2799 /* Masking these out disables HT40 */
2800 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2801 HT_CAP_INFO_SHORT_GI40MHZ);
2803 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2806 htcaps->ht_capabilities_info &= ~msk;
2808 htcaps->ht_capabilities_info |= msk;
2810 htcaps_mask->ht_capabilities_info |= msk;
2816 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2817 struct ieee80211_ht_capabilities *htcaps,
2818 struct ieee80211_ht_capabilities *htcaps_mask,
2821 /* Masking these out disables SGI */
2822 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2823 HT_CAP_INFO_SHORT_GI40MHZ);
2825 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2828 htcaps->ht_capabilities_info &= ~msk;
2830 htcaps->ht_capabilities_info |= msk;
2832 htcaps_mask->ht_capabilities_info |= msk;
2838 void wpa_supplicant_apply_ht_overrides(
2839 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2840 struct wpa_driver_associate_params *params)
2842 struct ieee80211_ht_capabilities *htcaps;
2843 struct ieee80211_ht_capabilities *htcaps_mask;
2848 params->disable_ht = ssid->disable_ht;
2849 if (!params->htcaps || !params->htcaps_mask)
2852 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2853 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2854 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2855 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2856 ssid->disable_max_amsdu);
2857 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2858 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2859 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2860 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2863 #endif /* CONFIG_HT_OVERRIDES */
2866 #ifdef CONFIG_VHT_OVERRIDES
2867 void wpa_supplicant_apply_vht_overrides(
2868 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2869 struct wpa_driver_associate_params *params)
2871 struct ieee80211_vht_capabilities *vhtcaps;
2872 struct ieee80211_vht_capabilities *vhtcaps_mask;
2877 params->disable_vht = ssid->disable_vht;
2879 vhtcaps = (void *) params->vhtcaps;
2880 vhtcaps_mask = (void *) params->vhtcaps_mask;
2882 if (!vhtcaps || !vhtcaps_mask)
2885 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2886 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2888 #define OVERRIDE_MCS(i) \
2889 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2890 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2892 vhtcaps->vht_supported_mcs_set.tx_map |= \
2893 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2895 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2896 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2898 vhtcaps->vht_supported_mcs_set.rx_map |= \
2899 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2911 #endif /* CONFIG_VHT_OVERRIDES */
2914 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2919 if (!wpa_s->conf->pcsc_reader)
2922 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
2926 if (wpa_s->conf->pcsc_pin &&
2927 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2928 scard_deinit(wpa_s->scard);
2929 wpa_s->scard = NULL;
2930 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2934 len = sizeof(wpa_s->imsi) - 1;
2935 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2936 scard_deinit(wpa_s->scard);
2937 wpa_s->scard = NULL;
2938 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2941 wpa_s->imsi[len] = '\0';
2943 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2945 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2946 wpa_s->imsi, wpa_s->mnc_len);
2948 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2949 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2950 #endif /* PCSC_FUNCS */
2956 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2960 ext_password_deinit(wpa_s->ext_pw);
2961 wpa_s->ext_pw = NULL;
2962 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2964 if (!wpa_s->conf->ext_password_backend)
2967 val = os_strdup(wpa_s->conf->ext_password_backend);
2970 pos = os_strchr(val, ':');
2974 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2976 wpa_s->ext_pw = ext_password_init(val, pos);
2978 if (wpa_s->ext_pw == NULL) {
2979 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2982 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2988 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
2991 struct wpa_supplicant *iface = wpa_s->global->ifaces;
2992 struct wpa_radio *radio;
2994 while (rn && iface) {
2995 radio = iface->radio;
2996 if (radio && os_strcmp(rn, radio->name) == 0) {
2997 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
2999 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3003 iface = iface->next;
3006 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3007 wpa_s->ifname, rn ? rn : "N/A");
3008 radio = os_zalloc(sizeof(*radio));
3013 os_strlcpy(radio->name, rn, sizeof(radio->name));
3014 dl_list_init(&radio->ifaces);
3015 dl_list_init(&radio->work);
3016 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3022 static void radio_work_free(struct wpa_radio_work *work)
3024 if (work->wpa_s->scan_work == work) {
3025 /* This should not really happen. */
3026 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3027 work->type, work, work->started);
3028 work->wpa_s->scan_work = NULL;
3032 if (work->wpa_s->p2p_scan_work == work) {
3033 /* This should not really happen. */
3034 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3035 work->type, work, work->started);
3036 work->wpa_s->p2p_scan_work = NULL;
3038 #endif /* CONFIG_P2P */
3040 dl_list_del(&work->list);
3045 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3047 struct wpa_radio *radio = eloop_ctx;
3048 struct wpa_radio_work *work;
3049 struct os_reltime now, diff;
3050 struct wpa_supplicant *wpa_s;
3052 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3057 return; /* already started and still in progress */
3059 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3061 if (wpa_s && wpa_s->external_scan_running) {
3062 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3066 os_get_reltime(&now);
3067 os_reltime_sub(&now, &work->time, &diff);
3068 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3069 work->type, work, diff.sec, diff.usec);
3076 void radio_remove_unstarted_work(struct wpa_supplicant *wpa_s, const char *type)
3078 struct wpa_radio_work *work, *tmp;
3079 struct wpa_radio *radio = wpa_s->radio;
3081 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3083 if (type && (work->started || os_strcmp(type, work->type) != 0))
3085 if (work->started) {
3086 wpa_dbg(wpa_s, MSG_DEBUG, "Leaving started radio work '%s'@%p in the list",
3090 wpa_dbg(wpa_s, MSG_DEBUG, "Remove unstarted radio work '%s'@%p",
3093 radio_work_free(work);
3098 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3100 struct wpa_radio *radio = wpa_s->radio;
3105 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3106 wpa_s->ifname, radio->name);
3107 dl_list_del(&wpa_s->radio_list);
3108 if (!dl_list_empty(&radio->ifaces)) {
3109 wpa_s->radio = NULL;
3110 return; /* Interfaces remain for this radio */
3113 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3114 radio_remove_unstarted_work(wpa_s, NULL);
3115 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3116 wpa_s->radio = NULL;
3121 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3123 struct wpa_radio *radio = wpa_s->radio;
3125 if (dl_list_empty(&radio->work))
3127 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3128 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3133 * radio_add_work - Add a radio work item
3134 * @wpa_s: Pointer to wpa_supplicant data
3135 * @freq: Frequency of the offchannel operation in MHz or 0
3136 * @type: Unique identifier for each type of work
3137 * @next: Force as the next work to be executed
3138 * @cb: Callback function for indicating when radio is available
3139 * @ctx: Context pointer for the work (work->ctx in cb())
3140 * Returns: 0 on success, -1 on failure
3142 * This function is used to request time for an operation that requires
3143 * exclusive radio control. Once the radio is available, the registered callback
3144 * function will be called. radio_work_done() must be called once the exclusive
3145 * radio operation has been completed, so that the radio is freed for other
3146 * operations. The special case of deinit=1 is used to free the context data
3147 * during interface removal. That does not allow the callback function to start
3148 * the radio operation, i.e., it must free any resources allocated for the radio
3151 * The @freq parameter can be used to indicate a single channel on which the
3152 * offchannel operation will occur. This may allow multiple radio work
3153 * operations to be performed in parallel if they apply for the same channel.
3154 * Setting this to 0 indicates that the work item may use multiple channels or
3155 * requires exclusive control of the radio.
3157 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3158 const char *type, int next,
3159 void (*cb)(struct wpa_radio_work *work, int deinit),
3162 struct wpa_radio_work *work;
3165 work = os_zalloc(sizeof(*work));
3168 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3169 os_get_reltime(&work->time);
3172 work->wpa_s = wpa_s;
3176 was_empty = dl_list_empty(&wpa_s->radio->work);
3178 dl_list_add(&wpa_s->radio->work, &work->list);
3180 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3182 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3183 radio_work_check_next(wpa_s);
3191 * radio_work_done - Indicate that a radio work item has been completed
3192 * @work: Completed work
3194 * This function is called once the callback function registered with
3195 * radio_add_work() has completed its work.
3197 void radio_work_done(struct wpa_radio_work *work)
3199 struct wpa_supplicant *wpa_s = work->wpa_s;
3200 struct os_reltime now, diff;
3201 unsigned int started = work->started;
3203 os_get_reltime(&now);
3204 os_reltime_sub(&now, &work->time, &diff);
3205 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3206 work->type, work, started ? "done" : "canceled",
3207 diff.sec, diff.usec);
3208 radio_work_free(work);
3210 radio_work_check_next(wpa_s);
3214 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3215 struct wpa_interface *iface)
3217 const char *ifname, *driver, *rn;
3219 driver = iface->driver;
3221 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3224 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3225 if (wpa_s->drv_priv == NULL) {
3227 pos = driver ? os_strchr(driver, ',') : NULL;
3229 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3230 "driver interface - try next driver wrapper");
3234 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3238 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3239 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3240 "driver_param '%s'", wpa_s->conf->driver_param);
3244 ifname = wpa_drv_get_ifname(wpa_s);
3245 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3246 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3247 "interface name with '%s'", ifname);
3248 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3251 if (wpa_s->driver->get_radio_name)
3252 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3255 if (rn && rn[0] == '\0')
3258 wpa_s->radio = radio_add_interface(wpa_s, rn);
3259 if (wpa_s->radio == NULL)
3266 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3267 struct wpa_interface *iface)
3269 struct wpa_driver_capa capa;
3271 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3272 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3273 iface->confname ? iface->confname : "N/A",
3274 iface->driver ? iface->driver : "default",
3275 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3276 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3278 if (iface->confname) {
3279 #ifdef CONFIG_BACKEND_FILE
3280 wpa_s->confname = os_rel2abs_path(iface->confname);
3281 if (wpa_s->confname == NULL) {
3282 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3283 "for configuration file '%s'.",
3287 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3288 iface->confname, wpa_s->confname);
3289 #else /* CONFIG_BACKEND_FILE */
3290 wpa_s->confname = os_strdup(iface->confname);
3291 #endif /* CONFIG_BACKEND_FILE */
3292 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3293 if (wpa_s->conf == NULL) {
3294 wpa_printf(MSG_ERROR, "Failed to read or parse "
3295 "configuration '%s'.", wpa_s->confname);
3298 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3299 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3302 * Override ctrl_interface and driver_param if set on command
3305 if (iface->ctrl_interface) {
3306 os_free(wpa_s->conf->ctrl_interface);
3307 wpa_s->conf->ctrl_interface =
3308 os_strdup(iface->ctrl_interface);
3311 if (iface->driver_param) {
3312 os_free(wpa_s->conf->driver_param);
3313 wpa_s->conf->driver_param =
3314 os_strdup(iface->driver_param);
3317 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3318 os_free(wpa_s->conf->ctrl_interface);
3319 wpa_s->conf->ctrl_interface = NULL;
3322 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3323 iface->driver_param);
3325 if (wpa_s->conf == NULL) {
3326 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3330 if (iface->ifname == NULL) {
3331 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3334 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3335 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3339 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3341 if (iface->bridge_ifname) {
3342 if (os_strlen(iface->bridge_ifname) >=
3343 sizeof(wpa_s->bridge_ifname)) {
3344 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3345 "name '%s'.", iface->bridge_ifname);
3348 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3349 sizeof(wpa_s->bridge_ifname));
3352 /* RSNA Supplicant Key Management - INITIALIZE */
3353 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3354 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3356 /* Initialize driver interface and register driver event handler before
3357 * L2 receive handler so that association events are processed before
3358 * EAPOL-Key packets if both become available for the same select()
3360 if (wpas_init_driver(wpa_s, iface) < 0)
3363 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3366 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3367 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3369 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3371 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3372 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3373 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3374 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3375 "dot11RSNAConfigPMKLifetime");
3379 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3380 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3381 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3382 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3383 "dot11RSNAConfigPMKReauthThreshold");
3387 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3388 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3389 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3390 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3391 "dot11RSNAConfigSATimeout");
3395 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3396 &wpa_s->hw.num_modes,
3399 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3400 wpa_s->drv_capa_known = 1;
3401 wpa_s->drv_flags = capa.flags;
3402 wpa_s->drv_enc = capa.enc;
3403 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3404 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3405 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3406 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3407 wpa_s->max_match_sets = capa.max_match_sets;
3408 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3409 wpa_s->max_stations = capa.max_stations;
3410 wpa_s->extended_capa = capa.extended_capa;
3411 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3412 wpa_s->extended_capa_len = capa.extended_capa_len;
3413 wpa_s->num_multichan_concurrent =
3414 capa.num_multichan_concurrent;
3416 if (wpa_s->max_remain_on_chan == 0)
3417 wpa_s->max_remain_on_chan = 1000;
3420 * Only take p2p_mgmt parameters when P2P Device is supported.
3421 * Doing it here as it determines whether l2_packet_init() will be done
3422 * during wpa_supplicant_driver_init().
3424 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3425 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3427 iface->p2p_mgmt = 1;
3429 if (wpa_s->num_multichan_concurrent == 0)
3430 wpa_s->num_multichan_concurrent = 1;
3432 if (wpa_supplicant_driver_init(wpa_s) < 0)
3436 if ((!iface->p2p_mgmt ||
3437 !(wpa_s->drv_flags &
3438 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3439 wpa_tdls_init(wpa_s->wpa))
3441 #endif /* CONFIG_TDLS */
3443 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3444 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3445 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3449 if (wpas_wps_init(wpa_s))
3452 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3454 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3456 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3457 if (wpa_s->ctrl_iface == NULL) {
3458 wpa_printf(MSG_ERROR,
3459 "Failed to initialize control interface '%s'.\n"
3460 "You may have another wpa_supplicant process "
3461 "already running or the file was\n"
3462 "left by an unclean termination of wpa_supplicant "
3463 "in which case you will need\n"
3464 "to manually remove this file before starting "
3465 "wpa_supplicant again.\n",
3466 wpa_s->conf->ctrl_interface);
3470 wpa_s->gas = gas_query_init(wpa_s);
3471 if (wpa_s->gas == NULL) {
3472 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3477 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3478 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3481 #endif /* CONFIG_P2P */
3483 if (wpa_bss_init(wpa_s) < 0)
3486 #ifdef CONFIG_EAP_PROXY
3489 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3491 if (wpa_s->mnc_len > 0) {
3492 wpa_s->imsi[len] = '\0';
3493 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3494 wpa_s->imsi, wpa_s->mnc_len);
3496 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3499 #endif /* CONFIG_EAP_PROXY */
3501 if (pcsc_reader_init(wpa_s) < 0)
3504 if (wpas_init_ext_pw(wpa_s) < 0)
3511 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3512 int notify, int terminate)
3514 wpa_s->disconnected = 1;
3515 if (wpa_s->drv_priv) {
3516 wpa_supplicant_deauthenticate(wpa_s,
3517 WLAN_REASON_DEAUTH_LEAVING);
3519 wpa_drv_set_countermeasures(wpa_s, 0);
3520 wpa_clear_keys(wpa_s, NULL);
3523 wpa_supplicant_cleanup(wpa_s);
3526 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3527 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3528 "the management interface is being removed");
3529 wpas_p2p_deinit_global(wpa_s->global);
3531 #endif /* CONFIG_P2P */
3533 wpas_ctrl_radio_work_flush(wpa_s);
3534 radio_remove_interface(wpa_s);
3536 if (wpa_s->drv_priv)
3537 wpa_drv_deinit(wpa_s);
3540 wpas_notify_iface_removed(wpa_s);
3543 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3545 if (wpa_s->ctrl_iface) {
3546 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3547 wpa_s->ctrl_iface = NULL;
3550 if (wpa_s->conf != NULL) {
3551 wpa_config_free(wpa_s->conf);
3560 * wpa_supplicant_add_iface - Add a new network interface
3561 * @global: Pointer to global data from wpa_supplicant_init()
3562 * @iface: Interface configuration options
3563 * Returns: Pointer to the created interface or %NULL on failure
3565 * This function is used to add new network interfaces for %wpa_supplicant.
3566 * This can be called before wpa_supplicant_run() to add interfaces before the
3567 * main event loop has been started. In addition, new interfaces can be added
3568 * dynamically while %wpa_supplicant is already running. This could happen,
3569 * e.g., when a hotplug network adapter is inserted.
3571 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3572 struct wpa_interface *iface)
3574 struct wpa_supplicant *wpa_s;
3575 struct wpa_interface t_iface;
3576 struct wpa_ssid *ssid;
3578 if (global == NULL || iface == NULL)
3581 wpa_s = wpa_supplicant_alloc();
3585 wpa_s->global = global;
3588 if (global->params.override_driver) {
3589 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3591 iface->driver, global->params.override_driver);
3592 t_iface.driver = global->params.override_driver;
3594 if (global->params.override_ctrl_interface) {
3595 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3596 "ctrl_interface ('%s' -> '%s')",
3597 iface->ctrl_interface,
3598 global->params.override_ctrl_interface);
3599 t_iface.ctrl_interface =
3600 global->params.override_ctrl_interface;
3602 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3603 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3605 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3609 /* Notify the control interfaces about new iface */
3610 if (wpas_notify_iface_added(wpa_s)) {
3611 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3615 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3616 wpas_notify_network_added(wpa_s, ssid);
3618 wpa_s->next = global->ifaces;
3619 global->ifaces = wpa_s;
3621 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3622 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3629 * wpa_supplicant_remove_iface - Remove a network interface
3630 * @global: Pointer to global data from wpa_supplicant_init()
3631 * @wpa_s: Pointer to the network interface to be removed
3632 * Returns: 0 if interface was removed, -1 if interface was not found
3634 * This function can be used to dynamically remove network interfaces from
3635 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3636 * addition, this function is used to remove all remaining interfaces when
3637 * %wpa_supplicant is terminated.
3639 int wpa_supplicant_remove_iface(struct wpa_global *global,
3640 struct wpa_supplicant *wpa_s,
3643 struct wpa_supplicant *prev;
3645 /* Remove interface from the global list of interfaces */
3646 prev = global->ifaces;
3647 if (prev == wpa_s) {
3648 global->ifaces = wpa_s->next;
3650 while (prev && prev->next != wpa_s)
3654 prev->next = wpa_s->next;
3657 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3659 if (global->p2p_group_formation == wpa_s)
3660 global->p2p_group_formation = NULL;
3661 if (global->p2p_invite_group == wpa_s)
3662 global->p2p_invite_group = NULL;
3663 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3670 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3671 * @wpa_s: Pointer to the network interface
3672 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3674 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3676 const char *eapol_method;
3678 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3679 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3683 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3684 if (eapol_method == NULL)
3685 return "UNKNOWN-EAP";
3687 return eapol_method;
3692 * wpa_supplicant_get_iface - Get a new network interface
3693 * @global: Pointer to global data from wpa_supplicant_init()
3694 * @ifname: Interface name
3695 * Returns: Pointer to the interface or %NULL if not found
3697 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3700 struct wpa_supplicant *wpa_s;
3702 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3703 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3710 #ifndef CONFIG_NO_WPA_MSG
3711 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3713 struct wpa_supplicant *wpa_s = ctx;
3716 return wpa_s->ifname;
3718 #endif /* CONFIG_NO_WPA_MSG */
3722 * wpa_supplicant_init - Initialize %wpa_supplicant
3723 * @params: Parameters for %wpa_supplicant
3724 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3726 * This function is used to initialize %wpa_supplicant. After successful
3727 * initialization, the returned data pointer can be used to add and remove
3728 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3730 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3732 struct wpa_global *global;
3738 #ifdef CONFIG_DRIVER_NDIS
3740 void driver_ndis_init_ops(void);
3741 driver_ndis_init_ops();
3743 #endif /* CONFIG_DRIVER_NDIS */
3745 #ifndef CONFIG_NO_WPA_MSG
3746 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3747 #endif /* CONFIG_NO_WPA_MSG */
3749 wpa_debug_open_file(params->wpa_debug_file_path);
3750 if (params->wpa_debug_syslog)
3751 wpa_debug_open_syslog();
3752 if (params->wpa_debug_tracing) {
3753 ret = wpa_debug_open_linux_tracing();
3755 wpa_printf(MSG_ERROR,
3756 "Failed to enable trace logging");
3761 ret = eap_register_methods();
3763 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3765 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3766 "the same EAP type.");
3770 global = os_zalloc(sizeof(*global));
3773 dl_list_init(&global->p2p_srv_bonjour);
3774 dl_list_init(&global->p2p_srv_upnp);
3775 global->params.daemonize = params->daemonize;
3776 global->params.wait_for_monitor = params->wait_for_monitor;
3777 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3778 if (params->pid_file)
3779 global->params.pid_file = os_strdup(params->pid_file);
3780 if (params->ctrl_interface)
3781 global->params.ctrl_interface =
3782 os_strdup(params->ctrl_interface);
3783 if (params->ctrl_interface_group)
3784 global->params.ctrl_interface_group =
3785 os_strdup(params->ctrl_interface_group);
3786 if (params->override_driver)
3787 global->params.override_driver =
3788 os_strdup(params->override_driver);
3789 if (params->override_ctrl_interface)
3790 global->params.override_ctrl_interface =
3791 os_strdup(params->override_ctrl_interface);
3792 wpa_debug_level = global->params.wpa_debug_level =
3793 params->wpa_debug_level;
3794 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3795 params->wpa_debug_show_keys;
3796 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3797 params->wpa_debug_timestamp;
3799 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3802 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3803 wpa_supplicant_deinit(global);
3807 random_init(params->entropy_file);
3809 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3810 if (global->ctrl_iface == NULL) {
3811 wpa_supplicant_deinit(global);
3815 if (wpas_notify_supplicant_initialized(global)) {
3816 wpa_supplicant_deinit(global);
3820 for (i = 0; wpa_drivers[i]; i++)
3821 global->drv_count++;
3822 if (global->drv_count == 0) {
3823 wpa_printf(MSG_ERROR, "No drivers enabled");
3824 wpa_supplicant_deinit(global);
3827 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3828 if (global->drv_priv == NULL) {
3829 wpa_supplicant_deinit(global);
3833 #ifdef CONFIG_WIFI_DISPLAY
3834 if (wifi_display_init(global) < 0) {
3835 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3836 wpa_supplicant_deinit(global);
3839 #endif /* CONFIG_WIFI_DISPLAY */
3846 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3847 * @global: Pointer to global data from wpa_supplicant_init()
3848 * Returns: 0 after successful event loop run, -1 on failure
3850 * This function starts the main event loop and continues running as long as
3851 * there are any remaining events. In most cases, this function is running as
3852 * long as the %wpa_supplicant process in still in use.
3854 int wpa_supplicant_run(struct wpa_global *global)
3856 struct wpa_supplicant *wpa_s;
3858 if (global->params.daemonize &&
3859 wpa_supplicant_daemon(global->params.pid_file))
3862 if (global->params.wait_for_monitor) {
3863 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3864 if (wpa_s->ctrl_iface)
3865 wpa_supplicant_ctrl_iface_wait(
3869 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3870 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3879 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3880 * @global: Pointer to global data from wpa_supplicant_init()
3882 * This function is called to deinitialize %wpa_supplicant and to free all
3883 * allocated resources. Remaining network interfaces will also be removed.
3885 void wpa_supplicant_deinit(struct wpa_global *global)
3892 #ifdef CONFIG_WIFI_DISPLAY
3893 wifi_display_deinit(global);
3894 #endif /* CONFIG_WIFI_DISPLAY */
3896 while (global->ifaces)
3897 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3899 if (global->ctrl_iface)
3900 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3902 wpas_notify_supplicant_deinitialized(global);
3904 eap_peer_unregister_methods();
3906 eap_server_unregister_methods();
3907 #endif /* CONFIG_AP */
3909 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3910 if (!global->drv_priv[i])
3912 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3914 os_free(global->drv_priv);
3920 if (global->params.pid_file) {
3921 os_daemonize_terminate(global->params.pid_file);
3922 os_free(global->params.pid_file);
3924 os_free(global->params.ctrl_interface);
3925 os_free(global->params.ctrl_interface_group);
3926 os_free(global->params.override_driver);
3927 os_free(global->params.override_ctrl_interface);
3929 os_free(global->p2p_disallow_freq.range);
3930 os_free(global->p2p_go_avoid_freq.range);
3931 os_free(global->add_psk);
3934 wpa_debug_close_syslog();
3935 wpa_debug_close_file();
3936 wpa_debug_close_linux_tracing();
3940 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3942 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3943 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3945 country[0] = wpa_s->conf->country[0];
3946 country[1] = wpa_s->conf->country[1];
3948 if (wpa_drv_set_country(wpa_s, country) < 0) {
3949 wpa_printf(MSG_ERROR, "Failed to set country code "
3954 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3955 wpas_init_ext_pw(wpa_s);
3958 wpas_wps_update_config(wpa_s);
3959 #endif /* CONFIG_WPS */
3962 wpas_p2p_update_config(wpa_s);
3963 #endif /* CONFIG_P2P */
3965 wpa_s->conf->changed_parameters = 0;
3969 static void add_freq(int *freqs, int *num_freqs, int freq)
3973 for (i = 0; i < *num_freqs; i++) {
3974 if (freqs[i] == freq)
3978 freqs[*num_freqs] = freq;
3983 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3985 struct wpa_bss *bss, *cbss;
3986 const int max_freqs = 10;
3990 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3994 cbss = wpa_s->current_bss;
3996 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3999 if (bss->ssid_len == cbss->ssid_len &&
4000 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4001 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4002 add_freq(freqs, &num_freqs, bss->freq);
4003 if (num_freqs == max_freqs)
4008 if (num_freqs == 0) {
4017 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4023 wpas_connect_work_done(wpa_s);
4026 * Remove possible authentication timeout since the connection failed.
4028 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4030 if (wpa_s->disconnected) {
4032 * There is no point in blacklisting the AP if this event is
4033 * generated based on local request to disconnect.
4035 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4036 "indication since interface has been put into "
4037 "disconnected state");
4042 * Add the failed BSSID into the blacklist and speed up next scan
4043 * attempt if there could be other APs that could accept association.
4044 * The current blacklist count indicates how many times we have tried
4045 * connecting to this AP and multiple attempts mean that other APs are
4046 * either not available or has already been tried, so that we can start
4047 * increasing the delay here to avoid constant scanning.
4049 count = wpa_blacklist_add(wpa_s, bssid);
4050 if (count == 1 && wpa_s->current_bss) {
4052 * This BSS was not in the blacklist before. If there is
4053 * another BSS available for the same ESS, we should try that
4054 * next. Otherwise, we may as well try this one once more
4055 * before allowing other, likely worse, ESSes to be considered.
4057 freqs = get_bss_freqs_in_ess(wpa_s);
4059 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4060 "has been seen; try it next");
4061 wpa_blacklist_add(wpa_s, bssid);
4063 * On the next scan, go through only the known channels
4064 * used in this ESS based on previous scans to speed up
4065 * common load balancing use case.
4067 os_free(wpa_s->next_scan_freqs);
4068 wpa_s->next_scan_freqs = freqs;
4073 * Add previous failure count in case the temporary blacklist was
4074 * cleared due to no other BSSes being available.
4076 count += wpa_s->extra_blacklist_count;
4078 if (count > 3 && wpa_s->current_ssid) {
4079 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4080 "consider temporary network disabling");
4081 wpas_auth_failed(wpa_s);
4102 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4103 "ms", count, timeout);
4106 * TODO: if more than one possible AP is available in scan results,
4107 * could try the other ones before requesting a new scan.
4109 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4110 1000 * (timeout % 1000));
4114 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4116 return wpa_s->conf->ap_scan == 2 ||
4117 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4121 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4122 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4123 struct wpa_ssid *ssid,
4127 #ifdef IEEE8021X_EAPOL
4128 struct eap_peer_config *eap = &ssid->eap;
4130 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4131 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4132 (const u8 *) value, os_strlen(value));
4134 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4135 case WPA_CTRL_REQ_EAP_IDENTITY:
4136 os_free(eap->identity);
4137 eap->identity = (u8 *) os_strdup(value);
4138 eap->identity_len = os_strlen(value);
4139 eap->pending_req_identity = 0;
4140 if (ssid == wpa_s->current_ssid)
4141 wpa_s->reassociate = 1;
4143 case WPA_CTRL_REQ_EAP_PASSWORD:
4144 os_free(eap->password);
4145 eap->password = (u8 *) os_strdup(value);
4146 eap->password_len = os_strlen(value);
4147 eap->pending_req_password = 0;
4148 if (ssid == wpa_s->current_ssid)
4149 wpa_s->reassociate = 1;
4151 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4152 os_free(eap->new_password);
4153 eap->new_password = (u8 *) os_strdup(value);
4154 eap->new_password_len = os_strlen(value);
4155 eap->pending_req_new_password = 0;
4156 if (ssid == wpa_s->current_ssid)
4157 wpa_s->reassociate = 1;
4159 case WPA_CTRL_REQ_EAP_PIN:
4161 eap->pin = os_strdup(value);
4162 eap->pending_req_pin = 0;
4163 if (ssid == wpa_s->current_ssid)
4164 wpa_s->reassociate = 1;
4166 case WPA_CTRL_REQ_EAP_OTP:
4168 eap->otp = (u8 *) os_strdup(value);
4169 eap->otp_len = os_strlen(value);
4170 os_free(eap->pending_req_otp);
4171 eap->pending_req_otp = NULL;
4172 eap->pending_req_otp_len = 0;
4174 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4175 os_free(eap->private_key_passwd);
4176 eap->private_key_passwd = (u8 *) os_strdup(value);
4177 eap->pending_req_passphrase = 0;
4178 if (ssid == wpa_s->current_ssid)
4179 wpa_s->reassociate = 1;
4181 case WPA_CTRL_REQ_SIM:
4182 os_free(eap->external_sim_resp);
4183 eap->external_sim_resp = os_strdup(value);
4186 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4191 #else /* IEEE8021X_EAPOL */
4192 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4194 #endif /* IEEE8021X_EAPOL */
4196 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4199 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4202 unsigned int drv_enc;
4210 if (wpa_s && wpa_s->drv_capa_known)
4211 drv_enc = wpa_s->drv_enc;
4213 drv_enc = (unsigned int) -1;
4215 for (i = 0; i < NUM_WEP_KEYS; i++) {
4216 size_t len = ssid->wep_key_len[i];
4219 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4221 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4223 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4225 return 1; /* invalid WEP key */
4228 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4236 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4238 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4240 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4246 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4248 struct wpa_ssid *ssid = wpa_s->current_ssid;
4250 struct os_reltime now;
4253 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4258 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4261 ssid->auth_failures++;
4264 if (ssid->p2p_group &&
4265 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4267 * Skip the wait time since there is a short timeout on the
4268 * connection to a P2P group.
4272 #endif /* CONFIG_P2P */
4274 if (ssid->auth_failures > 50)
4276 else if (ssid->auth_failures > 20)
4278 else if (ssid->auth_failures > 10)
4280 else if (ssid->auth_failures > 5)
4282 else if (ssid->auth_failures > 1)
4287 os_get_reltime(&now);
4288 if (now.sec + dur <= ssid->disabled_until.sec)
4291 ssid->disabled_until.sec = now.sec + dur;
4293 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4294 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4295 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4296 ssid->auth_failures, dur);
4300 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4301 struct wpa_ssid *ssid, int clear_failures)
4306 if (ssid->disabled_until.sec) {
4307 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4308 "id=%d ssid=\"%s\"",
4309 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4311 ssid->disabled_until.sec = 0;
4312 ssid->disabled_until.usec = 0;
4314 ssid->auth_failures = 0;
4318 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4322 if (wpa_s->disallow_aps_bssid == NULL)
4325 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4326 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4327 bssid, ETH_ALEN) == 0)
4335 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4340 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4343 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4344 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4345 if (ssid_len == s->ssid_len &&
4346 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4355 * wpas_request_connection - Request a new connection
4356 * @wpa_s: Pointer to the network interface
4358 * This function is used to request a new connection to be found. It will mark
4359 * the interface to allow reassociation and request a new scan to find a
4360 * suitable network to connect to.
4362 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4364 wpa_s->normal_scans = 0;
4365 wpa_supplicant_reinit_autoscan(wpa_s);
4366 wpa_s->extra_blacklist_count = 0;
4367 wpa_s->disconnected = 0;
4368 wpa_s->reassociate = 1;
4370 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4371 wpa_supplicant_req_scan(wpa_s, 0, 0);
4375 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4376 int *freq_array, unsigned int len)
4380 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4382 for (i = 0; i < len; i++)
4383 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4388 * Find the operating frequencies of any of the virtual interfaces that
4389 * are using the same radio as the current interface.
4391 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4392 int *freq_array, unsigned int len)
4394 struct wpa_supplicant *ifs;
4397 unsigned int idx = 0, i;
4399 wpa_dbg(wpa_s, MSG_DEBUG,
4400 "Determining shared radio frequencies (max len %u)", len);
4401 os_memset(freq_array, 0, sizeof(int) * len);
4403 /* First add the frequency of the local interface */
4404 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4405 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4406 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4407 freq_array[idx++] = wpa_s->current_ssid->frequency;
4408 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4409 freq_array[idx++] = wpa_s->assoc_freq;
4412 /* If get_radio_name is not supported, use only the local freq */
4413 if (!wpa_s->driver->get_radio_name) {
4414 freq = wpa_drv_shared_freq(wpa_s);
4415 if (freq > 0 && idx < len &&
4416 (idx == 0 || freq_array[0] != freq))
4417 freq_array[idx++] = freq;
4418 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4422 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4427 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4430 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4431 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4432 freq = ifs->current_ssid->frequency;
4433 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4434 freq = ifs->assoc_freq;
4438 /* Hold only distinct freqs */
4439 for (i = 0; i < idx; i++)
4440 if (freq_array[i] == freq)
4444 freq_array[idx++] = freq;
4447 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);