3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
57 const char *wpa_supplicant_version =
58 "wpa_supplicant v" VERSION_STR "\n"
59 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
61 const char *wpa_supplicant_license =
62 "This software may be distributed under the terms of the BSD license.\n"
63 "See README for more details.\n"
64 #ifdef EAP_TLS_OPENSSL
65 "\nThis product includes software developed by the OpenSSL Project\n"
66 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
67 #endif /* EAP_TLS_OPENSSL */
70 #ifndef CONFIG_NO_STDOUT_DEBUG
71 /* Long text divided into parts in order to fit in C89 strings size limits. */
72 const char *wpa_supplicant_full_license1 =
74 const char *wpa_supplicant_full_license2 =
75 "This software may be distributed under the terms of the BSD license.\n"
77 "Redistribution and use in source and binary forms, with or without\n"
78 "modification, are permitted provided that the following conditions are\n"
81 const char *wpa_supplicant_full_license3 =
82 "1. Redistributions of source code must retain the above copyright\n"
83 " notice, this list of conditions and the following disclaimer.\n"
85 "2. Redistributions in binary form must reproduce the above copyright\n"
86 " notice, this list of conditions and the following disclaimer in the\n"
87 " documentation and/or other materials provided with the distribution.\n"
89 const char *wpa_supplicant_full_license4 =
90 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
91 " names of its contributors may be used to endorse or promote products\n"
92 " derived from this software without specific prior written permission.\n"
94 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
95 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
96 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
97 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
98 const char *wpa_supplicant_full_license5 =
99 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
100 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
101 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
102 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
103 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
104 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
105 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
107 #endif /* CONFIG_NO_STDOUT_DEBUG */
109 /* Configure default/group WEP keys for static WEP */
110 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
114 for (i = 0; i < NUM_WEP_KEYS; i++) {
115 if (ssid->wep_key_len[i] == 0)
119 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
120 i, i == ssid->wep_tx_keyidx, NULL, 0,
121 ssid->wep_key[i], ssid->wep_key_len[i]);
128 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
129 struct wpa_ssid *ssid)
136 /* IBSS/WPA-None uses only one key (Group) for both receiving and
137 * sending unicast and multicast packets. */
139 if (ssid->mode != WPAS_MODE_IBSS) {
140 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
141 "IBSS/ad-hoc) for WPA-None", ssid->mode);
145 if (!ssid->psk_set) {
146 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
151 switch (wpa_s->group_cipher) {
152 case WPA_CIPHER_CCMP:
153 os_memcpy(key, ssid->psk, 16);
157 case WPA_CIPHER_GCMP:
158 os_memcpy(key, ssid->psk, 16);
162 case WPA_CIPHER_TKIP:
163 /* WPA-None uses the same Michael MIC key for both TX and RX */
164 os_memcpy(key, ssid->psk, 16 + 8);
165 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
170 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
171 "WPA-None", wpa_s->group_cipher);
175 /* TODO: should actually remember the previously used seq#, both for TX
176 * and RX from each STA.. */
178 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
182 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
184 struct wpa_supplicant *wpa_s = eloop_ctx;
185 const u8 *bssid = wpa_s->bssid;
186 if (is_zero_ether_addr(bssid))
187 bssid = wpa_s->pending_bssid;
188 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
190 wpa_blacklist_add(wpa_s, bssid);
191 wpa_sm_notify_disassoc(wpa_s->wpa);
192 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
193 wpa_s->reassociate = 1;
196 * If we timed out, the AP or the local radio may be busy.
197 * So, wait a second until scanning again.
199 wpa_supplicant_req_scan(wpa_s, 1, 0);
204 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
205 * @wpa_s: Pointer to wpa_supplicant data
206 * @sec: Number of seconds after which to time out authentication
207 * @usec: Number of microseconds after which to time out authentication
209 * This function is used to schedule a timeout for the current authentication
212 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
215 if (wpa_s->conf->ap_scan == 0 &&
216 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
219 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
220 "%d usec", sec, usec);
221 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
222 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
227 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
228 * @wpa_s: Pointer to wpa_supplicant data
230 * This function is used to cancel authentication timeout scheduled with
231 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
234 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
236 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
237 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
238 wpa_blacklist_del(wpa_s, wpa_s->bssid);
243 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
244 * @wpa_s: Pointer to wpa_supplicant data
246 * This function is used to configure EAPOL state machine based on the selected
247 * authentication mode.
249 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
251 #ifdef IEEE8021X_EAPOL
252 struct eapol_config eapol_conf;
253 struct wpa_ssid *ssid = wpa_s->current_ssid;
255 #ifdef CONFIG_IBSS_RSN
256 if (ssid->mode == WPAS_MODE_IBSS &&
257 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
258 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
260 * RSN IBSS authentication is per-STA and we can disable the
261 * per-BSSID EAPOL authentication.
263 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
264 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
265 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
268 #endif /* CONFIG_IBSS_RSN */
270 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
271 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
273 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
274 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
275 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
277 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
279 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
280 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
281 eapol_conf.accept_802_1x_keys = 1;
282 eapol_conf.required_keys = 0;
283 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
284 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
286 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
287 eapol_conf.required_keys |=
288 EAPOL_REQUIRE_KEY_BROADCAST;
291 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
292 eapol_conf.required_keys = 0;
294 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
295 eapol_conf.workaround = ssid->eap_workaround;
296 eapol_conf.eap_disabled =
297 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
298 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
299 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
300 eapol_conf.external_sim = wpa_s->conf->external_sim;
303 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
304 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
305 if (wpa_s->current_bss) {
307 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
312 EAPOL_PEER_IS_WPS20_AP;
317 #endif /* CONFIG_WPS */
319 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
321 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
322 #endif /* IEEE8021X_EAPOL */
327 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
328 * @wpa_s: Pointer to wpa_supplicant data
329 * @ssid: Configuration data for the network
331 * This function is used to configure WPA state machine and related parameters
332 * to a mode where WPA is not enabled. This is called as part of the
333 * authentication configuration when the selected network does not use WPA.
335 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
336 struct wpa_ssid *ssid)
340 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
341 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
342 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
343 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
345 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
346 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
347 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
348 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
349 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
350 wpa_s->group_cipher = WPA_CIPHER_NONE;
351 wpa_s->mgmt_group_cipher = 0;
353 for (i = 0; i < NUM_WEP_KEYS; i++) {
354 if (ssid->wep_key_len[i] > 5) {
355 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
356 wpa_s->group_cipher = WPA_CIPHER_WEP104;
358 } else if (ssid->wep_key_len[i] > 0) {
359 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
360 wpa_s->group_cipher = WPA_CIPHER_WEP40;
365 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
366 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
367 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
368 wpa_s->pairwise_cipher);
369 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
370 #ifdef CONFIG_IEEE80211W
371 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
372 wpa_s->mgmt_group_cipher);
373 #endif /* CONFIG_IEEE80211W */
375 pmksa_cache_clear_current(wpa_s->wpa);
379 void free_hw_features(struct wpa_supplicant *wpa_s)
382 if (wpa_s->hw.modes == NULL)
385 for (i = 0; i < wpa_s->hw.num_modes; i++) {
386 os_free(wpa_s->hw.modes[i].channels);
387 os_free(wpa_s->hw.modes[i].rates);
390 os_free(wpa_s->hw.modes);
391 wpa_s->hw.modes = NULL;
395 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
399 bgscan_deinit(wpa_s);
400 autoscan_deinit(wpa_s);
401 scard_deinit(wpa_s->scard);
403 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
404 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
405 l2_packet_deinit(wpa_s->l2);
408 l2_packet_deinit(wpa_s->l2_br);
411 #ifdef CONFIG_TESTING_OPTIONS
412 l2_packet_deinit(wpa_s->l2_test);
413 wpa_s->l2_test = NULL;
414 #endif /* CONFIG_TESTING_OPTIONS */
416 if (wpa_s->conf != NULL) {
417 struct wpa_ssid *ssid;
418 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
419 wpas_notify_network_removed(wpa_s, ssid);
422 os_free(wpa_s->confname);
423 wpa_s->confname = NULL;
425 os_free(wpa_s->confanother);
426 wpa_s->confanother = NULL;
428 wpa_sm_set_eapol(wpa_s->wpa, NULL);
429 eapol_sm_deinit(wpa_s->eapol);
432 rsn_preauth_deinit(wpa_s->wpa);
435 wpa_tdls_deinit(wpa_s->wpa);
436 #endif /* CONFIG_TDLS */
438 pmksa_candidate_free(wpa_s->wpa);
439 wpa_sm_deinit(wpa_s->wpa);
441 wpa_blacklist_clear(wpa_s);
443 wpa_bss_deinit(wpa_s);
445 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
446 wpa_supplicant_cancel_scan(wpa_s);
447 wpa_supplicant_cancel_auth_timeout(wpa_s);
448 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
449 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
450 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
452 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
454 wpas_wps_deinit(wpa_s);
456 wpabuf_free(wpa_s->pending_eapol_rx);
457 wpa_s->pending_eapol_rx = NULL;
459 #ifdef CONFIG_IBSS_RSN
460 ibss_rsn_deinit(wpa_s->ibss_rsn);
461 wpa_s->ibss_rsn = NULL;
462 #endif /* CONFIG_IBSS_RSN */
467 wpa_supplicant_ap_deinit(wpa_s);
468 #endif /* CONFIG_AP */
470 wpas_p2p_deinit(wpa_s);
472 #ifdef CONFIG_OFFCHANNEL
473 offchannel_deinit(wpa_s);
474 #endif /* CONFIG_OFFCHANNEL */
476 wpa_supplicant_cancel_sched_scan(wpa_s);
478 os_free(wpa_s->next_scan_freqs);
479 wpa_s->next_scan_freqs = NULL;
481 os_free(wpa_s->manual_scan_freqs);
482 wpa_s->manual_scan_freqs = NULL;
484 os_free(wpa_s->manual_sched_scan_freqs);
485 wpa_s->manual_sched_scan_freqs = NULL;
487 gas_query_deinit(wpa_s->gas);
490 free_hw_features(wpa_s);
492 ieee802_1x_dealloc_kay_sm(wpa_s);
494 os_free(wpa_s->bssid_filter);
495 wpa_s->bssid_filter = NULL;
497 os_free(wpa_s->disallow_aps_bssid);
498 wpa_s->disallow_aps_bssid = NULL;
499 os_free(wpa_s->disallow_aps_ssid);
500 wpa_s->disallow_aps_ssid = NULL;
502 wnm_bss_keep_alive_deinit(wpa_s);
504 wnm_deallocate_memory(wpa_s);
505 #endif /* CONFIG_WNM */
507 ext_password_deinit(wpa_s->ext_pw);
508 wpa_s->ext_pw = NULL;
510 wpabuf_free(wpa_s->last_gas_resp);
511 wpa_s->last_gas_resp = NULL;
512 wpabuf_free(wpa_s->prev_gas_resp);
513 wpa_s->prev_gas_resp = NULL;
515 os_free(wpa_s->last_scan_res);
516 wpa_s->last_scan_res = NULL;
520 #endif /* CONFIG_HS20 */
522 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
523 wpabuf_free(wpa_s->vendor_elem[i]);
524 wpa_s->vendor_elem[i] = NULL;
530 * wpa_clear_keys - Clear keys configured for the driver
531 * @wpa_s: Pointer to wpa_supplicant data
532 * @addr: Previously used BSSID or %NULL if not available
534 * This function clears the encryption keys that has been previously configured
537 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
541 #ifdef CONFIG_IEEE80211W
543 #else /* CONFIG_IEEE80211W */
545 #endif /* CONFIG_IEEE80211W */
547 /* MLME-DELETEKEYS.request */
548 for (i = 0; i < max; i++) {
549 if (wpa_s->keys_cleared & BIT(i))
551 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
554 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
555 !is_zero_ether_addr(addr)) {
556 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
558 /* MLME-SETPROTECTION.request(None) */
559 wpa_drv_mlme_setprotection(
561 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
562 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
564 wpa_s->keys_cleared = (u32) -1;
569 * wpa_supplicant_state_txt - Get the connection state name as a text string
570 * @state: State (wpa_state; WPA_*)
571 * Returns: The state name as a printable text string
573 const char * wpa_supplicant_state_txt(enum wpa_states state)
576 case WPA_DISCONNECTED:
577 return "DISCONNECTED";
580 case WPA_INTERFACE_DISABLED:
581 return "INTERFACE_DISABLED";
584 case WPA_AUTHENTICATING:
585 return "AUTHENTICATING";
586 case WPA_ASSOCIATING:
587 return "ASSOCIATING";
590 case WPA_4WAY_HANDSHAKE:
591 return "4WAY_HANDSHAKE";
592 case WPA_GROUP_HANDSHAKE:
593 return "GROUP_HANDSHAKE";
604 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
608 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
609 name = wpa_s->current_ssid->bgscan;
611 name = wpa_s->conf->bgscan;
612 if (name == NULL || name[0] == '\0')
614 if (wpas_driver_bss_selection(wpa_s))
616 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
619 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
621 #endif /* CONFIG_P2P */
623 bgscan_deinit(wpa_s);
624 if (wpa_s->current_ssid) {
625 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
626 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
629 * Live without bgscan; it is only used as a roaming
630 * optimization, so the initial connection is not
634 struct wpa_scan_results *scan_res;
635 wpa_s->bgscan_ssid = wpa_s->current_ssid;
636 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
639 bgscan_notify_scan(wpa_s, scan_res);
640 wpa_scan_results_free(scan_res);
644 wpa_s->bgscan_ssid = NULL;
648 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
650 if (wpa_s->bgscan_ssid != NULL) {
651 bgscan_deinit(wpa_s);
652 wpa_s->bgscan_ssid = NULL;
656 #endif /* CONFIG_BGSCAN */
659 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
661 if (autoscan_init(wpa_s, 0))
662 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
666 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
668 autoscan_deinit(wpa_s);
672 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
674 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
675 wpa_s->wpa_state == WPA_SCANNING) {
676 autoscan_deinit(wpa_s);
677 wpa_supplicant_start_autoscan(wpa_s);
683 * wpa_supplicant_set_state - Set current connection state
684 * @wpa_s: Pointer to wpa_supplicant data
685 * @state: The new connection state
687 * This function is called whenever the connection state changes, e.g.,
688 * association is completed for WPA/WPA2 4-Way Handshake is started.
690 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
691 enum wpa_states state)
693 enum wpa_states old_state = wpa_s->wpa_state;
695 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
696 wpa_supplicant_state_txt(wpa_s->wpa_state),
697 wpa_supplicant_state_txt(state));
699 if (state == WPA_INTERFACE_DISABLED) {
700 /* Assure normal scan when interface is restored */
701 wpa_s->normal_scans = 0;
704 if (state == WPA_COMPLETED) {
705 wpas_connect_work_done(wpa_s);
706 /* Reinitialize normal_scan counter */
707 wpa_s->normal_scans = 0;
710 if (state != WPA_SCANNING)
711 wpa_supplicant_notify_scanning(wpa_s, 0);
713 if (state == WPA_COMPLETED && wpa_s->new_connection) {
714 struct wpa_ssid *ssid = wpa_s->current_ssid;
715 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
716 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
717 MACSTR " completed [id=%d id_str=%s]",
718 MAC2STR(wpa_s->bssid),
719 ssid ? ssid->id : -1,
720 ssid && ssid->id_str ? ssid->id_str : "");
721 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
722 wpas_clear_temp_disabled(wpa_s, ssid, 1);
723 wpa_s->extra_blacklist_count = 0;
724 wpa_s->new_connection = 0;
725 wpa_drv_set_operstate(wpa_s, 1);
726 #ifndef IEEE8021X_EAPOL
727 wpa_drv_set_supp_port(wpa_s, 1);
728 #endif /* IEEE8021X_EAPOL */
729 wpa_s->after_wps = 0;
730 wpa_s->known_wps_freq = 0;
731 wpas_p2p_completed(wpa_s);
733 sme_sched_obss_scan(wpa_s, 1);
734 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
735 state == WPA_ASSOCIATED) {
736 wpa_s->new_connection = 1;
737 wpa_drv_set_operstate(wpa_s, 0);
738 #ifndef IEEE8021X_EAPOL
739 wpa_drv_set_supp_port(wpa_s, 0);
740 #endif /* IEEE8021X_EAPOL */
741 sme_sched_obss_scan(wpa_s, 0);
743 wpa_s->wpa_state = state;
746 if (state == WPA_COMPLETED)
747 wpa_supplicant_start_bgscan(wpa_s);
748 else if (state < WPA_ASSOCIATED)
749 wpa_supplicant_stop_bgscan(wpa_s);
750 #endif /* CONFIG_BGSCAN */
752 if (state == WPA_AUTHENTICATING)
753 wpa_supplicant_stop_autoscan(wpa_s);
755 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
756 wpa_supplicant_start_autoscan(wpa_s);
758 if (wpa_s->wpa_state != old_state) {
759 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
762 * Notify the P2P Device interface about a state change in one
765 wpas_p2p_indicate_state_change(wpa_s);
767 if (wpa_s->wpa_state == WPA_COMPLETED ||
768 old_state == WPA_COMPLETED)
769 wpas_notify_auth_changed(wpa_s);
774 void wpa_supplicant_terminate_proc(struct wpa_global *global)
778 struct wpa_supplicant *wpa_s = global->ifaces;
780 struct wpa_supplicant *next = wpa_s->next;
781 if (wpas_wps_terminate_pending(wpa_s) == 1)
784 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
785 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
786 wpas_p2p_disconnect(wpa_s);
787 #endif /* CONFIG_P2P */
790 #endif /* CONFIG_WPS */
797 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
799 struct wpa_global *global = signal_ctx;
800 wpa_supplicant_terminate_proc(global);
804 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
806 enum wpa_states old_state = wpa_s->wpa_state;
808 wpa_s->pairwise_cipher = 0;
809 wpa_s->group_cipher = 0;
810 wpa_s->mgmt_group_cipher = 0;
812 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
813 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
815 if (wpa_s->wpa_state != old_state)
816 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
821 * wpa_supplicant_reload_configuration - Reload configuration data
822 * @wpa_s: Pointer to wpa_supplicant data
823 * Returns: 0 on success or -1 if configuration parsing failed
825 * This function can be used to request that the configuration data is reloaded
826 * (e.g., after configuration file change). This function is reloading
827 * configuration only for one interface, so this may need to be called multiple
828 * times if %wpa_supplicant is controlling multiple interfaces and all
829 * interfaces need reconfiguration.
831 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
833 struct wpa_config *conf;
837 if (wpa_s->confname == NULL)
839 conf = wpa_config_read(wpa_s->confname, NULL);
841 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
842 "file '%s' - exiting", wpa_s->confname);
845 wpa_config_read(wpa_s->confanother, conf);
847 conf->changed_parameters = (unsigned int) -1;
849 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
850 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
851 os_strcmp(conf->ctrl_interface,
852 wpa_s->conf->ctrl_interface) != 0);
854 if (reconf_ctrl && wpa_s->ctrl_iface) {
855 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
856 wpa_s->ctrl_iface = NULL;
859 eapol_sm_invalidate_cached_session(wpa_s->eapol);
860 if (wpa_s->current_ssid) {
861 wpa_supplicant_deauthenticate(wpa_s,
862 WLAN_REASON_DEAUTH_LEAVING);
866 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
867 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
869 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
871 * Clear forced success to clear EAP state for next
874 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
876 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
877 wpa_sm_set_config(wpa_s->wpa, NULL);
878 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
879 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
880 rsn_preauth_deinit(wpa_s->wpa);
882 old_ap_scan = wpa_s->conf->ap_scan;
883 wpa_config_free(wpa_s->conf);
885 if (old_ap_scan != wpa_s->conf->ap_scan)
886 wpas_notify_ap_scan_changed(wpa_s);
889 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
891 wpa_supplicant_update_config(wpa_s);
893 wpa_supplicant_clear_status(wpa_s);
894 if (wpa_supplicant_enabled_networks(wpa_s)) {
895 wpa_s->reassociate = 1;
896 wpa_supplicant_req_scan(wpa_s, 0, 0);
898 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
903 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
905 struct wpa_global *global = signal_ctx;
906 struct wpa_supplicant *wpa_s;
907 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
908 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
910 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
911 wpa_supplicant_terminate_proc(global);
917 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
918 struct wpa_ssid *ssid,
919 struct wpa_ie_data *ie)
921 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
924 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
925 "from association info");
930 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
932 if (!(ie->group_cipher & ssid->group_cipher)) {
933 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
934 "cipher 0x%x (mask 0x%x) - reject",
935 ie->group_cipher, ssid->group_cipher);
938 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
939 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
940 "cipher 0x%x (mask 0x%x) - reject",
941 ie->pairwise_cipher, ssid->pairwise_cipher);
944 if (!(ie->key_mgmt & ssid->key_mgmt)) {
945 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
946 "management 0x%x (mask 0x%x) - reject",
947 ie->key_mgmt, ssid->key_mgmt);
951 #ifdef CONFIG_IEEE80211W
952 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
953 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
954 wpa_s->conf->pmf : ssid->ieee80211w) ==
955 MGMT_FRAME_PROTECTION_REQUIRED) {
956 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
957 "that does not support management frame protection - "
961 #endif /* CONFIG_IEEE80211W */
968 * wpa_supplicant_set_suites - Set authentication and encryption parameters
969 * @wpa_s: Pointer to wpa_supplicant data
970 * @bss: Scan results for the selected BSS, or %NULL if not available
971 * @ssid: Configuration data for the selected network
972 * @wpa_ie: Buffer for the WPA/RSN IE
973 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
974 * used buffer length in case the functions returns success.
975 * Returns: 0 on success or -1 on failure
977 * This function is used to configure authentication and encryption parameters
978 * based on the network configuration and scan result for the selected BSS (if
981 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
982 struct wpa_bss *bss, struct wpa_ssid *ssid,
983 u8 *wpa_ie, size_t *wpa_ie_len)
985 struct wpa_ie_data ie;
987 const u8 *bss_wpa, *bss_rsn, *bss_osen;
990 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
991 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
992 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
994 bss_wpa = bss_rsn = bss_osen = NULL;
996 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
997 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
998 (ie.group_cipher & ssid->group_cipher) &&
999 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1000 (ie.key_mgmt & ssid->key_mgmt)) {
1001 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1002 proto = WPA_PROTO_RSN;
1003 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1004 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
1005 (ie.group_cipher & ssid->group_cipher) &&
1006 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1007 (ie.key_mgmt & ssid->key_mgmt)) {
1008 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1009 proto = WPA_PROTO_WPA;
1011 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1012 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1013 /* TODO: parse OSEN element */
1014 os_memset(&ie, 0, sizeof(ie));
1015 ie.group_cipher = WPA_CIPHER_CCMP;
1016 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1017 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1018 proto = WPA_PROTO_OSEN;
1019 #endif /* CONFIG_HS20 */
1021 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1024 if (ssid->proto & WPA_PROTO_OSEN)
1025 proto = WPA_PROTO_OSEN;
1026 else if (ssid->proto & WPA_PROTO_RSN)
1027 proto = WPA_PROTO_RSN;
1029 proto = WPA_PROTO_WPA;
1030 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1031 os_memset(&ie, 0, sizeof(ie));
1032 ie.group_cipher = ssid->group_cipher;
1033 ie.pairwise_cipher = ssid->pairwise_cipher;
1034 ie.key_mgmt = ssid->key_mgmt;
1035 #ifdef CONFIG_IEEE80211W
1036 ie.mgmt_group_cipher =
1037 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1038 WPA_CIPHER_AES_128_CMAC : 0;
1039 #endif /* CONFIG_IEEE80211W */
1040 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1041 "based on configuration");
1046 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1047 "pairwise %d key_mgmt %d proto %d",
1048 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1049 #ifdef CONFIG_IEEE80211W
1050 if (ssid->ieee80211w) {
1051 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1052 ie.mgmt_group_cipher);
1054 #endif /* CONFIG_IEEE80211W */
1056 wpa_s->wpa_proto = proto;
1057 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1058 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1059 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1061 if (bss || !wpa_s->ap_ies_from_associnfo) {
1062 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1063 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1064 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1065 bss_rsn ? 2 + bss_rsn[1] : 0))
1069 sel = ie.group_cipher & ssid->group_cipher;
1070 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1071 if (wpa_s->group_cipher < 0) {
1072 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1076 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1077 wpa_cipher_txt(wpa_s->group_cipher));
1079 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1080 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1081 if (wpa_s->pairwise_cipher < 0) {
1082 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1086 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1087 wpa_cipher_txt(wpa_s->pairwise_cipher));
1089 sel = ie.key_mgmt & ssid->key_mgmt;
1091 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1092 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1093 #endif /* CONFIG_SAE */
1095 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1096 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1097 wpa_dbg(wpa_s, MSG_DEBUG,
1098 "WPA: using KEY_MGMT 802.1X with Suite B");
1099 #ifdef CONFIG_IEEE80211R
1100 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1101 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1102 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1103 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1104 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1105 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1106 #endif /* CONFIG_IEEE80211R */
1108 } else if (sel & WPA_KEY_MGMT_SAE) {
1109 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1110 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1111 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1112 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1113 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1114 #endif /* CONFIG_SAE */
1115 #ifdef CONFIG_IEEE80211W
1116 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1117 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1118 wpa_dbg(wpa_s, MSG_DEBUG,
1119 "WPA: using KEY_MGMT 802.1X with SHA256");
1120 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1121 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1122 wpa_dbg(wpa_s, MSG_DEBUG,
1123 "WPA: using KEY_MGMT PSK with SHA256");
1124 #endif /* CONFIG_IEEE80211W */
1125 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1126 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1127 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1128 } else if (sel & WPA_KEY_MGMT_PSK) {
1129 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1130 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1131 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1132 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1133 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1135 } else if (sel & WPA_KEY_MGMT_OSEN) {
1136 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1137 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1138 #endif /* CONFIG_HS20 */
1140 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1141 "authenticated key management type");
1145 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1146 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1147 wpa_s->pairwise_cipher);
1148 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1150 #ifdef CONFIG_IEEE80211W
1151 sel = ie.mgmt_group_cipher;
1152 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1153 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1154 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1156 if (sel & WPA_CIPHER_AES_128_CMAC) {
1157 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1158 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1160 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1161 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1162 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1164 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1165 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1166 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1168 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1169 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1170 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1173 wpa_s->mgmt_group_cipher = 0;
1174 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1176 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1177 wpa_s->mgmt_group_cipher);
1178 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1179 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1180 wpa_s->conf->pmf : ssid->ieee80211w));
1181 #endif /* CONFIG_IEEE80211W */
1183 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1184 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1188 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1189 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL);
1190 #ifndef CONFIG_NO_PBKDF2
1191 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1194 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1195 4096, psk, PMK_LEN);
1196 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1198 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1200 #endif /* CONFIG_NO_PBKDF2 */
1201 #ifdef CONFIG_EXT_PASSWORD
1202 if (ssid->ext_psk) {
1203 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1205 char pw_str[64 + 1];
1209 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1210 "found from external storage");
1214 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1215 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1216 "PSK length %d in external storage",
1217 (int) wpabuf_len(pw));
1218 ext_password_free(pw);
1222 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1223 pw_str[wpabuf_len(pw)] = '\0';
1225 #ifndef CONFIG_NO_PBKDF2
1226 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1228 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1229 4096, psk, PMK_LEN);
1230 os_memset(pw_str, 0, sizeof(pw_str));
1231 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1232 "external passphrase)",
1234 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1236 #endif /* CONFIG_NO_PBKDF2 */
1237 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1238 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1239 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1240 "Invalid PSK hex string");
1241 os_memset(pw_str, 0, sizeof(pw_str));
1242 ext_password_free(pw);
1245 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1247 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1249 os_memset(pw_str, 0, sizeof(pw_str));
1250 ext_password_free(pw);
1254 os_memset(pw_str, 0, sizeof(pw_str));
1255 ext_password_free(pw);
1257 #endif /* CONFIG_EXT_PASSWORD */
1259 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1265 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1270 case 0: /* Bits 0-7 */
1272 case 1: /* Bits 8-15 */
1274 case 2: /* Bits 16-23 */
1276 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1277 *pos |= 0x08; /* Bit 19 - BSS Transition */
1278 #endif /* CONFIG_WNM */
1280 case 3: /* Bits 24-31 */
1282 *pos |= 0x02; /* Bit 25 - SSID List */
1283 #endif /* CONFIG_WNM */
1284 #ifdef CONFIG_INTERWORKING
1285 if (wpa_s->conf->interworking)
1286 *pos |= 0x80; /* Bit 31 - Interworking */
1287 #endif /* CONFIG_INTERWORKING */
1289 case 4: /* Bits 32-39 */
1290 #ifdef CONFIG_INTERWORKING
1291 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1292 *pos |= 0x01; /* Bit 32 - QoS Map */
1293 #endif /* CONFIG_INTERWORKING */
1295 case 5: /* Bits 40-47 */
1297 if (wpa_s->conf->hs20)
1298 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1299 #endif /* CONFIG_HS20 */
1301 case 6: /* Bits 48-55 */
1307 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1312 if (len < wpa_s->extended_capa_len)
1313 len = wpa_s->extended_capa_len;
1314 if (buflen < (size_t) len + 2) {
1315 wpa_printf(MSG_INFO,
1316 "Not enough room for building extended capabilities element");
1320 *pos++ = WLAN_EID_EXT_CAPAB;
1322 for (i = 0; i < len; i++, pos++) {
1323 wpas_ext_capab_byte(wpa_s, pos, i);
1325 if (i < wpa_s->extended_capa_len) {
1326 *pos &= ~wpa_s->extended_capa_mask[i];
1327 *pos |= wpa_s->extended_capa[i];
1331 while (len > 0 && buf[1 + len] == 0) {
1342 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1343 struct wpa_bss *test_bss)
1345 struct wpa_bss *bss;
1347 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1348 if (bss == test_bss)
1356 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1357 struct wpa_ssid *test_ssid)
1359 struct wpa_ssid *ssid;
1361 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1362 if (ssid == test_ssid)
1370 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1371 struct wpa_ssid *test_ssid)
1373 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1376 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1380 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1388 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1390 struct wpa_connect_work *cwork;
1391 struct wpa_radio_work *work = wpa_s->connect_work;
1396 wpa_s->connect_work = NULL;
1399 wpas_connect_work_free(cwork);
1400 radio_work_done(work);
1404 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1406 struct os_reltime now;
1409 os_get_reltime(&now);
1410 if (wpa_s->last_mac_addr_style == style &&
1411 wpa_s->last_mac_addr_change.sec != 0 &&
1412 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1413 wpa_s->conf->rand_addr_lifetime)) {
1414 wpa_msg(wpa_s, MSG_DEBUG,
1415 "Previously selected random MAC address has not yet expired");
1421 if (random_mac_addr(addr) < 0)
1425 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1426 if (random_mac_addr_keep_oui(addr) < 0)
1433 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1434 wpa_msg(wpa_s, MSG_INFO,
1435 "Failed to set random MAC address");
1439 os_get_reltime(&wpa_s->last_mac_addr_change);
1440 wpa_s->mac_addr_changed = 1;
1441 wpa_s->last_mac_addr_style = style;
1443 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1444 wpa_msg(wpa_s, MSG_INFO,
1445 "Could not update MAC address information");
1449 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1456 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1458 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1459 !wpa_s->conf->preassoc_mac_addr)
1462 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1466 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1469 * wpa_supplicant_associate - Request association
1470 * @wpa_s: Pointer to wpa_supplicant data
1471 * @bss: Scan results for the selected BSS, or %NULL if not available
1472 * @ssid: Configuration data for the selected network
1474 * This function is used to request %wpa_supplicant to associate with a BSS.
1476 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1477 struct wpa_bss *bss, struct wpa_ssid *ssid)
1479 struct wpa_connect_work *cwork;
1482 if (ssid->mac_addr == -1)
1483 rand_style = wpa_s->conf->mac_addr;
1485 rand_style = ssid->mac_addr;
1487 if (wpa_s->last_ssid == ssid) {
1488 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1489 } else if (rand_style > 0) {
1490 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1492 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1493 } else if (wpa_s->mac_addr_changed) {
1494 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1495 wpa_msg(wpa_s, MSG_INFO,
1496 "Could not restore permanent MAC address");
1499 wpa_s->mac_addr_changed = 0;
1500 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1501 wpa_msg(wpa_s, MSG_INFO,
1502 "Could not update MAC address information");
1505 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1507 wpa_s->last_ssid = ssid;
1509 #ifdef CONFIG_IBSS_RSN
1510 ibss_rsn_deinit(wpa_s->ibss_rsn);
1511 wpa_s->ibss_rsn = NULL;
1512 #endif /* CONFIG_IBSS_RSN */
1514 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1515 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1517 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1518 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1522 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1523 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1524 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1525 wpas_p2p_ap_setup_failed(wpa_s);
1528 wpa_s->current_bss = bss;
1529 #else /* CONFIG_AP */
1530 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1532 #endif /* CONFIG_AP */
1536 if (ssid->mode == WPAS_MODE_MESH) {
1538 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1539 wpa_msg(wpa_s, MSG_INFO,
1540 "Driver does not support mesh mode");
1544 ssid->frequency = bss->freq;
1545 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1546 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1549 wpa_s->current_bss = bss;
1550 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_STARTED
1551 "ssid=\"%s\" id=%d",
1552 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1554 #else /* CONFIG_MESH */
1555 wpa_msg(wpa_s, MSG_ERROR,
1556 "mesh mode support not included in the build");
1557 #endif /* CONFIG_MESH */
1563 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1565 #endif /* CONFIG_TDLS */
1567 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1568 ssid->mode == IEEE80211_MODE_INFRA) {
1569 sme_authenticate(wpa_s, bss, ssid);
1573 if (wpa_s->connect_work) {
1574 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1578 if (radio_work_pending(wpa_s, "connect")) {
1579 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1583 cwork = os_zalloc(sizeof(*cwork));
1590 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1591 wpas_start_assoc_cb, cwork) < 0) {
1597 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1599 struct wpa_connect_work *cwork = work->ctx;
1600 struct wpa_bss *bss = cwork->bss;
1601 struct wpa_ssid *ssid = cwork->ssid;
1602 struct wpa_supplicant *wpa_s = work->wpa_s;
1605 int use_crypt, ret, i, bssid_changed;
1606 int algs = WPA_AUTH_ALG_OPEN;
1607 unsigned int cipher_pairwise, cipher_group;
1608 struct wpa_driver_associate_params params;
1609 int wep_keys_set = 0;
1610 int assoc_failed = 0;
1611 struct wpa_ssid *old_ssid;
1612 #ifdef CONFIG_HT_OVERRIDES
1613 struct ieee80211_ht_capabilities htcaps;
1614 struct ieee80211_ht_capabilities htcaps_mask;
1615 #endif /* CONFIG_HT_OVERRIDES */
1616 #ifdef CONFIG_VHT_OVERRIDES
1617 struct ieee80211_vht_capabilities vhtcaps;
1618 struct ieee80211_vht_capabilities vhtcaps_mask;
1619 #endif /* CONFIG_VHT_OVERRIDES */
1622 if (work->started) {
1623 wpa_s->connect_work = NULL;
1625 /* cancel possible auth. timeout */
1626 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1629 wpas_connect_work_free(cwork);
1633 wpa_s->connect_work = work;
1635 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1636 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1637 wpas_connect_work_done(wpa_s);
1641 os_memset(¶ms, 0, sizeof(params));
1642 wpa_s->reassociate = 0;
1643 wpa_s->eap_expected_failure = 0;
1645 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
1646 #ifdef CONFIG_IEEE80211R
1647 const u8 *ie, *md = NULL;
1648 #endif /* CONFIG_IEEE80211R */
1649 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1650 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1651 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1652 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1653 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1654 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1656 wpas_notify_bssid_changed(wpa_s);
1657 #ifdef CONFIG_IEEE80211R
1658 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1659 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1661 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1663 /* Prepare for the next transition */
1664 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1666 #endif /* CONFIG_IEEE80211R */
1668 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1669 wpa_s->conf->ap_scan == 2 &&
1670 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1671 /* Use ap_scan==1 style network selection to find the network
1673 wpas_connect_work_done(wpa_s);
1674 wpa_s->scan_req = MANUAL_SCAN_REQ;
1675 wpa_s->reassociate = 1;
1676 wpa_supplicant_req_scan(wpa_s, 0, 0);
1678 #endif /* CONFIG_WPS */
1680 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1681 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1682 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1684 wpa_supplicant_cancel_sched_scan(wpa_s);
1685 wpa_supplicant_cancel_scan(wpa_s);
1687 /* Starting new association, so clear the possibly used WPA IE from the
1688 * previous association. */
1689 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1691 #ifdef IEEE8021X_EAPOL
1692 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1694 if (ssid->non_leap == 0)
1695 algs = WPA_AUTH_ALG_LEAP;
1697 algs |= WPA_AUTH_ALG_LEAP;
1700 #endif /* IEEE8021X_EAPOL */
1701 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1702 if (ssid->auth_alg) {
1703 algs = ssid->auth_alg;
1704 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1708 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1709 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1710 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1711 int try_opportunistic;
1712 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1714 ssid->proactive_key_caching) &&
1715 (ssid->proto & WPA_PROTO_RSN);
1716 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1717 ssid, try_opportunistic) == 0)
1718 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1719 wpa_ie_len = sizeof(wpa_ie);
1720 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1721 wpa_ie, &wpa_ie_len)) {
1722 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1723 "key management and encryption suites");
1724 wpas_connect_work_done(wpa_s);
1727 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1728 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1730 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1731 * use non-WPA since the scan results did not indicate that the
1732 * AP is using WPA or WPA2.
1734 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1736 wpa_s->wpa_proto = 0;
1737 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1738 wpa_ie_len = sizeof(wpa_ie);
1739 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1740 wpa_ie, &wpa_ie_len)) {
1741 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1742 "key management and encryption suites (no "
1744 wpas_connect_work_done(wpa_s);
1748 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1749 struct wpabuf *wps_ie;
1750 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1751 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1752 wpa_ie_len = wpabuf_len(wps_ie);
1753 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1756 wpabuf_free(wps_ie);
1757 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1758 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1759 params.wps = WPS_MODE_PRIVACY;
1761 params.wps = WPS_MODE_OPEN;
1762 wpa_s->wpa_proto = 0;
1763 #endif /* CONFIG_WPS */
1765 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1767 wpa_s->wpa_proto = 0;
1771 if (wpa_s->global->p2p) {
1775 pos = wpa_ie + wpa_ie_len;
1776 len = sizeof(wpa_ie) - wpa_ie_len;
1777 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1783 wpa_s->cross_connect_disallowed = 0;
1786 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1788 wpa_s->cross_connect_disallowed =
1789 p2p_get_cross_connect_disallowed(p2p);
1791 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1793 wpa_s->cross_connect_disallowed ?
1794 "disallows" : "allows");
1798 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1799 #endif /* CONFIG_P2P */
1802 if (is_hs20_network(wpa_s, ssid, bss)) {
1803 struct wpabuf *hs20;
1804 hs20 = wpabuf_alloc(20);
1806 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1809 wpas_hs20_add_indication(hs20, pps_mo_id);
1810 len = sizeof(wpa_ie) - wpa_ie_len;
1811 if (wpabuf_len(hs20) <= len) {
1812 os_memcpy(wpa_ie + wpa_ie_len,
1813 wpabuf_head(hs20), wpabuf_len(hs20));
1814 wpa_ie_len += wpabuf_len(hs20);
1819 #endif /* CONFIG_HS20 */
1822 * Workaround: Add Extended Capabilities element only if the AP
1823 * included this element in Beacon/Probe Response frames. Some older
1824 * APs seem to have interoperability issues if this element is
1825 * included, so while the standard may require us to include the
1826 * element in all cases, it is justifiable to skip it to avoid
1827 * interoperability issues.
1829 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1832 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
1834 if (ext_capab_len > 0) {
1836 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1838 os_memmove(pos + ext_capab_len, pos,
1839 wpa_ie_len - (pos - wpa_ie));
1840 wpa_ie_len += ext_capab_len;
1841 os_memcpy(pos, ext_capab, ext_capab_len);
1845 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1847 cipher_pairwise = wpa_s->pairwise_cipher;
1848 cipher_group = wpa_s->group_cipher;
1849 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1850 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1851 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1853 if (wpa_set_wep_keys(wpa_s, ssid)) {
1858 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1861 #ifdef IEEE8021X_EAPOL
1862 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1863 if ((ssid->eapol_flags &
1864 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1865 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1869 /* Assume that dynamic WEP-104 keys will be used and
1870 * set cipher suites in order for drivers to expect
1872 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1875 #endif /* IEEE8021X_EAPOL */
1877 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1878 /* Set the key before (and later after) association */
1879 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1882 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1884 params.ssid = bss->ssid;
1885 params.ssid_len = bss->ssid_len;
1886 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1887 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1888 MACSTR " freq=%u MHz based on scan results "
1890 MAC2STR(bss->bssid), bss->freq,
1892 params.bssid = bss->bssid;
1893 params.freq.freq = bss->freq;
1895 params.bssid_hint = bss->bssid;
1896 params.freq_hint = bss->freq;
1898 params.ssid = ssid->ssid;
1899 params.ssid_len = ssid->ssid_len;
1902 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1903 wpa_s->conf->ap_scan == 2) {
1904 params.bssid = ssid->bssid;
1905 params.fixed_bssid = 1;
1908 /* Initial frequency for IBSS/mesh */
1909 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
1910 ssid->frequency > 0 && params.freq.freq == 0) {
1911 enum hostapd_hw_mode hw_mode;
1914 params.freq.freq = ssid->frequency;
1916 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1917 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1918 if (wpa_s->hw.modes[i].mode == hw_mode) {
1919 struct hostapd_hw_modes *mode;
1921 mode = &wpa_s->hw.modes[i];
1922 params.freq.ht_enabled = ht_supported(mode);
1928 if (ssid->mode == WPAS_MODE_IBSS) {
1929 if (ssid->beacon_int)
1930 params.beacon_int = ssid->beacon_int;
1932 params.beacon_int = wpa_s->conf->beacon_int;
1935 params.wpa_ie = wpa_ie;
1936 params.wpa_ie_len = wpa_ie_len;
1937 params.pairwise_suite = cipher_pairwise;
1938 params.group_suite = cipher_group;
1939 params.key_mgmt_suite = wpa_s->key_mgmt;
1940 params.wpa_proto = wpa_s->wpa_proto;
1941 params.auth_alg = algs;
1942 params.mode = ssid->mode;
1943 params.bg_scan_period = ssid->bg_scan_period;
1944 for (i = 0; i < NUM_WEP_KEYS; i++) {
1945 if (ssid->wep_key_len[i])
1946 params.wep_key[i] = ssid->wep_key[i];
1947 params.wep_key_len[i] = ssid->wep_key_len[i];
1949 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1951 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1952 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1953 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1954 params.passphrase = ssid->passphrase;
1956 params.psk = ssid->psk;
1959 if (wpa_s->conf->key_mgmt_offload) {
1960 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
1961 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
1962 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B)
1963 params.req_key_mgmt_offload =
1964 ssid->proactive_key_caching < 0 ?
1965 wpa_s->conf->okc : ssid->proactive_key_caching;
1967 params.req_key_mgmt_offload = 1;
1969 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1970 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
1971 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
1973 params.psk = ssid->psk;
1976 params.drop_unencrypted = use_crypt;
1978 #ifdef CONFIG_IEEE80211W
1979 params.mgmt_frame_protection =
1980 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1981 wpa_s->conf->pmf : ssid->ieee80211w;
1982 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1983 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1984 struct wpa_ie_data ie;
1985 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1987 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1988 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1989 "MFP: require MFP");
1990 params.mgmt_frame_protection =
1991 MGMT_FRAME_PROTECTION_REQUIRED;
1994 #endif /* CONFIG_IEEE80211W */
1996 params.p2p = ssid->p2p_group;
1998 if (wpa_s->parent->set_sta_uapsd)
1999 params.uapsd = wpa_s->parent->sta_uapsd;
2003 #ifdef CONFIG_HT_OVERRIDES
2004 os_memset(&htcaps, 0, sizeof(htcaps));
2005 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2006 params.htcaps = (u8 *) &htcaps;
2007 params.htcaps_mask = (u8 *) &htcaps_mask;
2008 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
2009 #endif /* CONFIG_HT_OVERRIDES */
2010 #ifdef CONFIG_VHT_OVERRIDES
2011 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2012 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2013 params.vhtcaps = &vhtcaps;
2014 params.vhtcaps_mask = &vhtcaps_mask;
2015 wpa_supplicant_apply_vht_overrides(wpa_s, wpa_s->current_ssid, ¶ms);
2016 #endif /* CONFIG_VHT_OVERRIDES */
2020 * If multi-channel concurrency is not supported, check for any
2021 * frequency conflict. In case of any frequency conflict, remove the
2022 * least prioritized connection.
2024 if (wpa_s->num_multichan_concurrent < 2) {
2026 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2027 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2028 wpa_printf(MSG_DEBUG,
2029 "Assoc conflicting freq found (%d != %d)",
2030 freq, params.freq.freq);
2031 if (wpas_p2p_handle_frequency_conflicts(
2032 wpa_s, params.freq.freq, ssid) < 0) {
2033 wpas_connect_work_done(wpa_s);
2038 #endif /* CONFIG_P2P */
2040 ret = wpa_drv_associate(wpa_s, ¶ms);
2042 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2044 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2046 * The driver is known to mean what is saying, so we
2047 * can stop right here; the association will not
2050 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2051 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2052 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2055 /* try to continue anyway; new association will be tried again
2060 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2061 /* Set the key after the association just in case association
2062 * cleared the previously configured key. */
2063 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2064 /* No need to timeout authentication since there is no key
2066 wpa_supplicant_cancel_auth_timeout(wpa_s);
2067 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2068 #ifdef CONFIG_IBSS_RSN
2069 } else if (ssid->mode == WPAS_MODE_IBSS &&
2070 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2071 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2073 * RSN IBSS authentication is per-STA and we can disable the
2074 * per-BSSID authentication.
2076 wpa_supplicant_cancel_auth_timeout(wpa_s);
2077 #endif /* CONFIG_IBSS_RSN */
2079 /* Timeout for IEEE 802.11 authentication and association */
2083 /* give IBSS a bit more time */
2084 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2085 } else if (wpa_s->conf->ap_scan == 1) {
2086 /* give IBSS a bit more time */
2087 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2089 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2093 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2094 /* Set static WEP keys again */
2095 wpa_set_wep_keys(wpa_s, ssid);
2098 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2100 * Do not allow EAP session resumption between different
2101 * network configurations.
2103 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2105 old_ssid = wpa_s->current_ssid;
2106 wpa_s->current_ssid = ssid;
2107 wpa_s->current_bss = bss;
2108 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2109 wpa_supplicant_initiate_eapol(wpa_s);
2110 if (old_ssid != wpa_s->current_ssid)
2111 wpas_notify_network_changed(wpa_s);
2115 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2118 struct wpa_ssid *old_ssid;
2120 wpas_connect_work_done(wpa_s);
2121 wpa_clear_keys(wpa_s, addr);
2122 old_ssid = wpa_s->current_ssid;
2123 wpa_supplicant_mark_disassoc(wpa_s);
2124 wpa_sm_set_config(wpa_s->wpa, NULL);
2125 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2126 if (old_ssid != wpa_s->current_ssid)
2127 wpas_notify_network_changed(wpa_s);
2128 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2133 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2134 * @wpa_s: Pointer to wpa_supplicant data
2135 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2137 * This function is used to request %wpa_supplicant to deauthenticate from the
2140 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2144 union wpa_event_data event;
2147 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2148 " pending_bssid=" MACSTR " reason=%d state=%s",
2149 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2150 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2152 if (!is_zero_ether_addr(wpa_s->bssid))
2153 addr = wpa_s->bssid;
2154 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2155 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2156 wpa_s->wpa_state == WPA_ASSOCIATING))
2157 addr = wpa_s->pending_bssid;
2158 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2160 * When using driver-based BSS selection, we may not know the
2161 * BSSID with which we are currently trying to associate. We
2162 * need to notify the driver of this disconnection even in such
2163 * a case, so use the all zeros address here.
2165 addr = wpa_s->bssid;
2170 wpa_tdls_teardown_peers(wpa_s->wpa);
2171 #endif /* CONFIG_TDLS */
2175 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2177 wpa_supplicant_leave_mesh(wpa_s);
2179 #endif /* CONFIG_MESH */
2182 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2183 os_memset(&event, 0, sizeof(event));
2184 event.deauth_info.reason_code = (u16) reason_code;
2185 event.deauth_info.locally_generated = 1;
2186 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2191 wpa_supplicant_clear_connection(wpa_s, addr);
2194 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2195 struct wpa_ssid *ssid)
2197 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2201 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2202 wpas_notify_network_enabled_changed(wpa_s, ssid);
2205 * Try to reassociate since there is no current configuration and a new
2206 * network was made available.
2208 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2209 wpa_s->reassociate = 1;
2214 * wpa_supplicant_enable_network - Mark a configured network as enabled
2215 * @wpa_s: wpa_supplicant structure for a network interface
2216 * @ssid: wpa_ssid structure for a configured network or %NULL
2218 * Enables the specified network or all networks if no network specified.
2220 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2221 struct wpa_ssid *ssid)
2224 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2225 wpa_supplicant_enable_one_network(wpa_s, ssid);
2227 wpa_supplicant_enable_one_network(wpa_s, ssid);
2229 if (wpa_s->reassociate && !wpa_s->disconnected) {
2230 if (wpa_s->sched_scanning) {
2231 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2232 "new network to scan filters");
2233 wpa_supplicant_cancel_sched_scan(wpa_s);
2236 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2237 wpa_supplicant_req_scan(wpa_s, 0, 0);
2243 * wpa_supplicant_disable_network - Mark a configured network as disabled
2244 * @wpa_s: wpa_supplicant structure for a network interface
2245 * @ssid: wpa_ssid structure for a configured network or %NULL
2247 * Disables the specified network or all networks if no network specified.
2249 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2250 struct wpa_ssid *ssid)
2252 struct wpa_ssid *other_ssid;
2256 if (wpa_s->sched_scanning)
2257 wpa_supplicant_cancel_sched_scan(wpa_s);
2259 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2260 other_ssid = other_ssid->next) {
2261 was_disabled = other_ssid->disabled;
2262 if (was_disabled == 2)
2263 continue; /* do not change persistent P2P group
2266 other_ssid->disabled = 1;
2268 if (was_disabled != other_ssid->disabled)
2269 wpas_notify_network_enabled_changed(
2272 if (wpa_s->current_ssid)
2273 wpa_supplicant_deauthenticate(
2274 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2275 } else if (ssid->disabled != 2) {
2276 if (ssid == wpa_s->current_ssid)
2277 wpa_supplicant_deauthenticate(
2278 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2280 was_disabled = ssid->disabled;
2284 if (was_disabled != ssid->disabled) {
2285 wpas_notify_network_enabled_changed(wpa_s, ssid);
2286 if (wpa_s->sched_scanning) {
2287 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2288 "to remove network from filters");
2289 wpa_supplicant_cancel_sched_scan(wpa_s);
2290 wpa_supplicant_req_scan(wpa_s, 0, 0);
2298 * wpa_supplicant_select_network - Attempt association with a network
2299 * @wpa_s: wpa_supplicant structure for a network interface
2300 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2302 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2303 struct wpa_ssid *ssid)
2306 struct wpa_ssid *other_ssid;
2307 int disconnected = 0;
2309 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2310 wpa_supplicant_deauthenticate(
2311 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2316 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2319 * Mark all other networks disabled or mark all networks enabled if no
2320 * network specified.
2322 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2323 other_ssid = other_ssid->next) {
2324 int was_disabled = other_ssid->disabled;
2325 if (was_disabled == 2)
2326 continue; /* do not change persistent P2P group data */
2328 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2329 if (was_disabled && !other_ssid->disabled)
2330 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2332 if (was_disabled != other_ssid->disabled)
2333 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2336 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2337 /* We are already associated with the selected network */
2338 wpa_printf(MSG_DEBUG, "Already associated with the "
2339 "selected network - do nothing");
2344 wpa_s->current_ssid = ssid;
2345 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2346 wpa_s->connect_without_scan =
2347 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
2349 wpa_s->connect_without_scan = NULL;
2352 wpa_s->disconnected = 0;
2353 wpa_s->reassociate = 1;
2355 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2356 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2359 wpas_notify_network_selected(wpa_s, ssid);
2364 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2365 * @wpa_s: wpa_supplicant structure for a network interface
2366 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2367 * @pkcs11_module_path: PKCS #11 module path or NULL
2368 * Returns: 0 on success; -1 on failure
2370 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2371 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2372 * module path fails the paths will be reset to the default value (NULL).
2374 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2375 const char *pkcs11_engine_path,
2376 const char *pkcs11_module_path)
2378 char *pkcs11_engine_path_copy = NULL;
2379 char *pkcs11_module_path_copy = NULL;
2381 if (pkcs11_engine_path != NULL) {
2382 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2383 if (pkcs11_engine_path_copy == NULL)
2386 if (pkcs11_module_path != NULL) {
2387 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2388 if (pkcs11_module_path_copy == NULL) {
2389 os_free(pkcs11_engine_path_copy);
2394 os_free(wpa_s->conf->pkcs11_engine_path);
2395 os_free(wpa_s->conf->pkcs11_module_path);
2396 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2397 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2399 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2400 eapol_sm_deinit(wpa_s->eapol);
2401 wpa_s->eapol = NULL;
2402 if (wpa_supplicant_init_eapol(wpa_s)) {
2403 /* Error -> Reset paths to the default value (NULL) once. */
2404 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2405 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2410 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2417 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2418 * @wpa_s: wpa_supplicant structure for a network interface
2419 * @ap_scan: AP scan mode
2420 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2423 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2428 if (ap_scan < 0 || ap_scan > 2)
2432 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2433 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2434 wpa_s->wpa_state < WPA_COMPLETED) {
2435 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2436 "associating", wpa_s->conf->ap_scan, ap_scan);
2439 #endif /* ANDROID */
2441 old_ap_scan = wpa_s->conf->ap_scan;
2442 wpa_s->conf->ap_scan = ap_scan;
2444 if (old_ap_scan != wpa_s->conf->ap_scan)
2445 wpas_notify_ap_scan_changed(wpa_s);
2452 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2453 * @wpa_s: wpa_supplicant structure for a network interface
2454 * @expire_age: Expiration age in seconds
2455 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2458 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2459 unsigned int bss_expire_age)
2461 if (bss_expire_age < 10) {
2462 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2466 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2468 wpa_s->conf->bss_expiration_age = bss_expire_age;
2475 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2476 * @wpa_s: wpa_supplicant structure for a network interface
2477 * @expire_count: number of scans after which an unseen BSS is reclaimed
2478 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2481 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2482 unsigned int bss_expire_count)
2484 if (bss_expire_count < 1) {
2485 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2489 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2491 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2498 * wpa_supplicant_set_scan_interval - Set scan interval
2499 * @wpa_s: wpa_supplicant structure for a network interface
2500 * @scan_interval: scan interval in seconds
2501 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2504 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2507 if (scan_interval < 0) {
2508 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2512 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2514 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2521 * wpa_supplicant_set_debug_params - Set global debug params
2522 * @global: wpa_global structure
2523 * @debug_level: debug level
2524 * @debug_timestamp: determines if show timestamp in debug data
2525 * @debug_show_keys: determines if show keys in debug data
2526 * Returns: 0 if succeed or -1 if debug_level has wrong value
2528 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2529 int debug_timestamp, int debug_show_keys)
2532 int old_level, old_timestamp, old_show_keys;
2534 /* check for allowed debuglevels */
2535 if (debug_level != MSG_EXCESSIVE &&
2536 debug_level != MSG_MSGDUMP &&
2537 debug_level != MSG_DEBUG &&
2538 debug_level != MSG_INFO &&
2539 debug_level != MSG_WARNING &&
2540 debug_level != MSG_ERROR)
2543 old_level = wpa_debug_level;
2544 old_timestamp = wpa_debug_timestamp;
2545 old_show_keys = wpa_debug_show_keys;
2547 wpa_debug_level = debug_level;
2548 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2549 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2551 if (wpa_debug_level != old_level)
2552 wpas_notify_debug_level_changed(global);
2553 if (wpa_debug_timestamp != old_timestamp)
2554 wpas_notify_debug_timestamp_changed(global);
2555 if (wpa_debug_show_keys != old_show_keys)
2556 wpas_notify_debug_show_keys_changed(global);
2563 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2564 * @wpa_s: Pointer to wpa_supplicant data
2565 * Returns: A pointer to the current network structure or %NULL on failure
2567 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2569 struct wpa_ssid *entry;
2570 u8 ssid[MAX_SSID_LEN];
2576 res = wpa_drv_get_ssid(wpa_s, ssid);
2578 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2584 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2585 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2590 wired = wpa_s->conf->ap_scan == 0 &&
2591 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2593 entry = wpa_s->conf->ssid;
2595 if (!wpas_network_disabled(wpa_s, entry) &&
2596 ((ssid_len == entry->ssid_len &&
2597 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2598 (!entry->bssid_set ||
2599 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2602 if (!wpas_network_disabled(wpa_s, entry) &&
2603 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2604 (entry->ssid == NULL || entry->ssid_len == 0) &&
2605 (!entry->bssid_set ||
2606 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2608 #endif /* CONFIG_WPS */
2610 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2611 entry->ssid_len == 0 &&
2612 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2615 entry = entry->next;
2622 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2624 struct wpa_global *global = wpa_s->global;
2626 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2627 global->drv_priv[i] = wpa_drivers[i]->global_init();
2628 if (global->drv_priv[i] == NULL) {
2629 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2630 "'%s'", wpa_drivers[i]->name);
2635 wpa_s->driver = wpa_drivers[i];
2636 wpa_s->global_drv_priv = global->drv_priv[i];
2642 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2647 const char *pos, *driver = name;
2652 if (wpa_drivers[0] == NULL) {
2653 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2659 /* default to first driver in the list */
2660 return select_driver(wpa_s, 0);
2664 pos = os_strchr(driver, ',');
2668 len = os_strlen(driver);
2670 for (i = 0; wpa_drivers[i]; i++) {
2671 if (os_strlen(wpa_drivers[i]->name) == len &&
2672 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2674 /* First driver that succeeds wins */
2675 if (select_driver(wpa_s, i) == 0)
2683 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2689 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2690 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2691 * with struct wpa_driver_ops::init()
2692 * @src_addr: Source address of the EAPOL frame
2693 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2694 * @len: Length of the EAPOL data
2696 * This function is called for each received EAPOL frame. Most driver
2697 * interfaces rely on more generic OS mechanism for receiving frames through
2698 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2699 * take care of received EAPOL frames and deliver them to the core supplicant
2700 * code by calling this function.
2702 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2703 const u8 *buf, size_t len)
2705 struct wpa_supplicant *wpa_s = ctx;
2707 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2708 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2710 #ifdef CONFIG_PEERKEY
2711 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2712 wpa_s->current_ssid->peerkey &&
2713 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2714 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2715 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2718 #endif /* CONFIG_PEERKEY */
2720 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2721 (wpa_s->last_eapol_matches_bssid &&
2724 #endif /* CONFIG_AP */
2725 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2727 * There is possible race condition between receiving the
2728 * association event and the EAPOL frame since they are coming
2729 * through different paths from the driver. In order to avoid
2730 * issues in trying to process the EAPOL frame before receiving
2731 * association information, lets queue it for processing until
2732 * the association event is received. This may also be needed in
2733 * driver-based roaming case, so also use src_addr != BSSID as a
2734 * trigger if we have previously confirmed that the
2735 * Authenticator uses BSSID as the src_addr (which is not the
2736 * case with wired IEEE 802.1X).
2738 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2739 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2740 wpa_supplicant_state_txt(wpa_s->wpa_state),
2741 MAC2STR(wpa_s->bssid));
2742 wpabuf_free(wpa_s->pending_eapol_rx);
2743 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2744 if (wpa_s->pending_eapol_rx) {
2745 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2746 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2752 wpa_s->last_eapol_matches_bssid =
2753 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2756 if (wpa_s->ap_iface) {
2757 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2760 #endif /* CONFIG_AP */
2762 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2763 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2764 "no key management is configured");
2768 if (wpa_s->eapol_received == 0 &&
2769 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2770 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2771 wpa_s->wpa_state != WPA_COMPLETED) &&
2772 (wpa_s->current_ssid == NULL ||
2773 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2774 /* Timeout for completing IEEE 802.1X and WPA authentication */
2775 wpa_supplicant_req_auth_timeout(
2777 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2778 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2779 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2782 wpa_s->eapol_received++;
2784 if (wpa_s->countermeasures) {
2785 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2790 #ifdef CONFIG_IBSS_RSN
2791 if (wpa_s->current_ssid &&
2792 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2793 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2796 #endif /* CONFIG_IBSS_RSN */
2798 /* Source address of the incoming EAPOL frame could be compared to the
2799 * current BSSID. However, it is possible that a centralized
2800 * Authenticator could be using another MAC address than the BSSID of
2801 * an AP, so just allow any address to be used for now. The replies are
2802 * still sent to the current BSSID (if available), though. */
2804 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2805 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2806 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2808 wpa_drv_poll(wpa_s);
2809 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2810 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2811 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2813 * Set portValid = TRUE here since we are going to skip 4-way
2814 * handshake processing which would normally set portValid. We
2815 * need this to allow the EAPOL state machines to be completed
2816 * without going through EAPOL-Key handshake.
2818 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2823 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2825 if (wpa_s->driver->send_eapol) {
2826 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2828 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2829 } else if ((!wpa_s->p2p_mgmt ||
2830 !(wpa_s->drv_flags &
2831 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2832 !(wpa_s->drv_flags &
2833 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2834 l2_packet_deinit(wpa_s->l2);
2835 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2836 wpa_drv_get_mac_addr(wpa_s),
2838 wpa_supplicant_rx_eapol, wpa_s, 0);
2839 if (wpa_s->l2 == NULL)
2842 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2844 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2847 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2848 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2852 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2858 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2859 const u8 *buf, size_t len)
2861 struct wpa_supplicant *wpa_s = ctx;
2862 const struct l2_ethhdr *eth;
2864 if (len < sizeof(*eth))
2866 eth = (const struct l2_ethhdr *) buf;
2868 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2869 !(eth->h_dest[0] & 0x01)) {
2870 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2871 " (bridge - not for this interface - ignore)",
2872 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2876 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2877 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2878 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2879 len - sizeof(*eth));
2884 * wpa_supplicant_driver_init - Initialize driver interface parameters
2885 * @wpa_s: Pointer to wpa_supplicant data
2886 * Returns: 0 on success, -1 on failure
2888 * This function is called to initialize driver interface parameters.
2889 * wpa_drv_init() must have been called before this function to initialize the
2892 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2894 static int interface_count = 0;
2896 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2899 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2900 MAC2STR(wpa_s->own_addr));
2901 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
2902 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2904 if (wpa_s->bridge_ifname[0]) {
2905 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2906 "interface '%s'", wpa_s->bridge_ifname);
2907 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2910 wpa_supplicant_rx_eapol_bridge,
2912 if (wpa_s->l2_br == NULL) {
2913 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2914 "connection for the bridge interface '%s'",
2915 wpa_s->bridge_ifname);
2920 wpa_clear_keys(wpa_s, NULL);
2922 /* Make sure that TKIP countermeasures are not left enabled (could
2923 * happen if wpa_supplicant is killed during countermeasures. */
2924 wpa_drv_set_countermeasures(wpa_s, 0);
2926 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2927 wpa_drv_flush_pmkid(wpa_s);
2929 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2930 wpa_s->prev_scan_wildcard = 0;
2932 if (wpa_supplicant_enabled_networks(wpa_s)) {
2933 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2934 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2935 interface_count = 0;
2937 if (!wpa_s->p2p_mgmt &&
2938 wpa_supplicant_delayed_sched_scan(wpa_s,
2939 interface_count % 3,
2941 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
2945 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2951 static int wpa_supplicant_daemon(const char *pid_file)
2953 wpa_printf(MSG_DEBUG, "Daemonize..");
2954 return os_daemonize(pid_file);
2958 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2960 struct wpa_supplicant *wpa_s;
2962 wpa_s = os_zalloc(sizeof(*wpa_s));
2965 wpa_s->scan_req = INITIAL_SCAN_REQ;
2966 wpa_s->scan_interval = 5;
2967 wpa_s->new_connection = 1;
2968 wpa_s->parent = wpa_s;
2969 wpa_s->sched_scanning = 0;
2975 #ifdef CONFIG_HT_OVERRIDES
2977 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2978 struct ieee80211_ht_capabilities *htcaps,
2979 struct ieee80211_ht_capabilities *htcaps_mask,
2982 /* parse ht_mcs into hex array */
2984 const char *tmp = ht_mcs;
2987 /* If ht_mcs is null, do not set anything */
2991 /* This is what we are setting in the kernel */
2992 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2994 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2996 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2998 long v = strtol(tmp, &end, 16);
3000 wpa_msg(wpa_s, MSG_DEBUG,
3001 "htcap value[%i]: %ld end: %p tmp: %p",
3006 htcaps->supported_mcs_set[i] = v;
3009 wpa_msg(wpa_s, MSG_ERROR,
3010 "Failed to parse ht-mcs: %s, error: %s\n",
3011 ht_mcs, strerror(errno));
3017 * If we were able to parse any values, then set mask for the MCS set.
3020 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3021 IEEE80211_HT_MCS_MASK_LEN - 1);
3022 /* skip the 3 reserved bits */
3023 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3031 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3032 struct ieee80211_ht_capabilities *htcaps,
3033 struct ieee80211_ht_capabilities *htcaps_mask,
3038 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3043 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3044 htcaps_mask->ht_capabilities_info |= msk;
3046 htcaps->ht_capabilities_info &= msk;
3048 htcaps->ht_capabilities_info |= msk;
3054 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3055 struct ieee80211_ht_capabilities *htcaps,
3056 struct ieee80211_ht_capabilities *htcaps_mask,
3059 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3064 if (factor < 0 || factor > 3) {
3065 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3066 "Must be 0-3 or -1", factor);
3070 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3071 htcaps->a_mpdu_params &= ~0x3;
3072 htcaps->a_mpdu_params |= factor & 0x3;
3078 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3079 struct ieee80211_ht_capabilities *htcaps,
3080 struct ieee80211_ht_capabilities *htcaps_mask,
3083 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3088 if (density < 0 || density > 7) {
3089 wpa_msg(wpa_s, MSG_ERROR,
3090 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3095 htcaps_mask->a_mpdu_params |= 0x1C;
3096 htcaps->a_mpdu_params &= ~(0x1C);
3097 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3103 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3104 struct ieee80211_ht_capabilities *htcaps,
3105 struct ieee80211_ht_capabilities *htcaps_mask,
3108 /* Masking these out disables HT40 */
3109 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3110 HT_CAP_INFO_SHORT_GI40MHZ);
3112 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3115 htcaps->ht_capabilities_info &= ~msk;
3117 htcaps->ht_capabilities_info |= msk;
3119 htcaps_mask->ht_capabilities_info |= msk;
3125 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3126 struct ieee80211_ht_capabilities *htcaps,
3127 struct ieee80211_ht_capabilities *htcaps_mask,
3130 /* Masking these out disables SGI */
3131 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3132 HT_CAP_INFO_SHORT_GI40MHZ);
3134 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3137 htcaps->ht_capabilities_info &= ~msk;
3139 htcaps->ht_capabilities_info |= msk;
3141 htcaps_mask->ht_capabilities_info |= msk;
3147 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3148 struct ieee80211_ht_capabilities *htcaps,
3149 struct ieee80211_ht_capabilities *htcaps_mask,
3152 /* Masking these out disables LDPC */
3153 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3155 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3158 htcaps->ht_capabilities_info &= ~msk;
3160 htcaps->ht_capabilities_info |= msk;
3162 htcaps_mask->ht_capabilities_info |= msk;
3168 void wpa_supplicant_apply_ht_overrides(
3169 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3170 struct wpa_driver_associate_params *params)
3172 struct ieee80211_ht_capabilities *htcaps;
3173 struct ieee80211_ht_capabilities *htcaps_mask;
3178 params->disable_ht = ssid->disable_ht;
3179 if (!params->htcaps || !params->htcaps_mask)
3182 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3183 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3184 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3185 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3186 ssid->disable_max_amsdu);
3187 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3188 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3189 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3190 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3191 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3193 if (ssid->ht40_intolerant) {
3194 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3195 htcaps->ht_capabilities_info |= bit;
3196 htcaps_mask->ht_capabilities_info |= bit;
3200 #endif /* CONFIG_HT_OVERRIDES */
3203 #ifdef CONFIG_VHT_OVERRIDES
3204 void wpa_supplicant_apply_vht_overrides(
3205 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3206 struct wpa_driver_associate_params *params)
3208 struct ieee80211_vht_capabilities *vhtcaps;
3209 struct ieee80211_vht_capabilities *vhtcaps_mask;
3210 #ifdef CONFIG_HT_OVERRIDES
3212 const u32 max_ampdu_mask = VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX;
3213 #endif /* CONFIG_HT_OVERRIDES */
3218 params->disable_vht = ssid->disable_vht;
3220 vhtcaps = (void *) params->vhtcaps;
3221 vhtcaps_mask = (void *) params->vhtcaps_mask;
3223 if (!vhtcaps || !vhtcaps_mask)
3226 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3227 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3229 #ifdef CONFIG_HT_OVERRIDES
3230 /* if max ampdu is <= 3, we have to make the HT cap the same */
3231 if (ssid->vht_capa_mask & max_ampdu_mask) {
3232 max_ampdu = (ssid->vht_capa & max_ampdu_mask) >>
3233 find_first_bit(max_ampdu_mask);
3235 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3236 wpa_set_ampdu_factor(wpa_s,
3237 (void *) params->htcaps,
3238 (void *) params->htcaps_mask,
3241 #endif /* CONFIG_HT_OVERRIDES */
3243 #define OVERRIDE_MCS(i) \
3244 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3245 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3247 vhtcaps->vht_supported_mcs_set.tx_map |= \
3248 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3250 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3251 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3253 vhtcaps->vht_supported_mcs_set.rx_map |= \
3254 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3266 #endif /* CONFIG_VHT_OVERRIDES */
3269 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3274 if (!wpa_s->conf->pcsc_reader)
3277 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3281 if (wpa_s->conf->pcsc_pin &&
3282 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3283 scard_deinit(wpa_s->scard);
3284 wpa_s->scard = NULL;
3285 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3289 len = sizeof(wpa_s->imsi) - 1;
3290 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3291 scard_deinit(wpa_s->scard);
3292 wpa_s->scard = NULL;
3293 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3296 wpa_s->imsi[len] = '\0';
3298 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3300 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3301 wpa_s->imsi, wpa_s->mnc_len);
3303 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3304 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3305 #endif /* PCSC_FUNCS */
3311 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3315 ext_password_deinit(wpa_s->ext_pw);
3316 wpa_s->ext_pw = NULL;
3317 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3319 if (!wpa_s->conf->ext_password_backend)
3322 val = os_strdup(wpa_s->conf->ext_password_backend);
3325 pos = os_strchr(val, ':');
3329 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3331 wpa_s->ext_pw = ext_password_init(val, pos);
3333 if (wpa_s->ext_pw == NULL) {
3334 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3337 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3343 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3344 const struct wpa_driver_capa *capa)
3346 struct wowlan_triggers *triggers;
3349 if (!wpa_s->conf->wowlan_triggers)
3352 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
3354 ret = wpa_drv_wowlan(wpa_s, triggers);
3361 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3364 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3365 struct wpa_radio *radio;
3367 while (rn && iface) {
3368 radio = iface->radio;
3369 if (radio && os_strcmp(rn, radio->name) == 0) {
3370 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3372 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3376 iface = iface->next;
3379 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3380 wpa_s->ifname, rn ? rn : "N/A");
3381 radio = os_zalloc(sizeof(*radio));
3386 os_strlcpy(radio->name, rn, sizeof(radio->name));
3387 dl_list_init(&radio->ifaces);
3388 dl_list_init(&radio->work);
3389 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3395 static void radio_work_free(struct wpa_radio_work *work)
3397 if (work->wpa_s->scan_work == work) {
3398 /* This should not really happen. */
3399 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3400 work->type, work, work->started);
3401 work->wpa_s->scan_work = NULL;
3405 if (work->wpa_s->p2p_scan_work == work) {
3406 /* This should not really happen. */
3407 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3408 work->type, work, work->started);
3409 work->wpa_s->p2p_scan_work = NULL;
3411 #endif /* CONFIG_P2P */
3413 dl_list_del(&work->list);
3418 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3420 struct wpa_radio *radio = eloop_ctx;
3421 struct wpa_radio_work *work;
3422 struct os_reltime now, diff;
3423 struct wpa_supplicant *wpa_s;
3425 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3430 return; /* already started and still in progress */
3432 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3434 if (wpa_s && wpa_s->external_scan_running) {
3435 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3439 os_get_reltime(&now);
3440 os_reltime_sub(&now, &work->time, &diff);
3441 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3442 work->type, work, diff.sec, diff.usec);
3450 * This function removes both started and pending radio works running on
3451 * the provided interface's radio.
3452 * Prior to the removal of the radio work, its callback (cb) is called with
3453 * deinit set to be 1. Each work's callback is responsible for clearing its
3454 * internal data and restoring to a correct state.
3455 * @wpa_s: wpa_supplicant data
3456 * @type: type of works to be removed
3457 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3458 * this interface's works.
3460 void radio_remove_works(struct wpa_supplicant *wpa_s,
3461 const char *type, int remove_all)
3463 struct wpa_radio_work *work, *tmp;
3464 struct wpa_radio *radio = wpa_s->radio;
3466 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3468 if (type && os_strcmp(type, work->type) != 0)
3471 /* skip other ifaces' works */
3472 if (!remove_all && work->wpa_s != wpa_s)
3475 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3476 work->type, work, work->started ? " (started)" : "");
3478 radio_work_free(work);
3481 /* in case we removed the started work */
3482 radio_work_check_next(wpa_s);
3486 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3488 struct wpa_radio *radio = wpa_s->radio;
3493 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3494 wpa_s->ifname, radio->name);
3495 dl_list_del(&wpa_s->radio_list);
3496 radio_remove_works(wpa_s, NULL, 0);
3497 wpa_s->radio = NULL;
3498 if (!dl_list_empty(&radio->ifaces))
3499 return; /* Interfaces remain for this radio */
3501 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3502 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3507 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3509 struct wpa_radio *radio = wpa_s->radio;
3511 if (dl_list_empty(&radio->work))
3513 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3514 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3519 * radio_add_work - Add a radio work item
3520 * @wpa_s: Pointer to wpa_supplicant data
3521 * @freq: Frequency of the offchannel operation in MHz or 0
3522 * @type: Unique identifier for each type of work
3523 * @next: Force as the next work to be executed
3524 * @cb: Callback function for indicating when radio is available
3525 * @ctx: Context pointer for the work (work->ctx in cb())
3526 * Returns: 0 on success, -1 on failure
3528 * This function is used to request time for an operation that requires
3529 * exclusive radio control. Once the radio is available, the registered callback
3530 * function will be called. radio_work_done() must be called once the exclusive
3531 * radio operation has been completed, so that the radio is freed for other
3532 * operations. The special case of deinit=1 is used to free the context data
3533 * during interface removal. That does not allow the callback function to start
3534 * the radio operation, i.e., it must free any resources allocated for the radio
3537 * The @freq parameter can be used to indicate a single channel on which the
3538 * offchannel operation will occur. This may allow multiple radio work
3539 * operations to be performed in parallel if they apply for the same channel.
3540 * Setting this to 0 indicates that the work item may use multiple channels or
3541 * requires exclusive control of the radio.
3543 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3544 const char *type, int next,
3545 void (*cb)(struct wpa_radio_work *work, int deinit),
3548 struct wpa_radio_work *work;
3551 work = os_zalloc(sizeof(*work));
3554 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3555 os_get_reltime(&work->time);
3558 work->wpa_s = wpa_s;
3562 was_empty = dl_list_empty(&wpa_s->radio->work);
3564 dl_list_add(&wpa_s->radio->work, &work->list);
3566 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3568 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3569 radio_work_check_next(wpa_s);
3577 * radio_work_done - Indicate that a radio work item has been completed
3578 * @work: Completed work
3580 * This function is called once the callback function registered with
3581 * radio_add_work() has completed its work.
3583 void radio_work_done(struct wpa_radio_work *work)
3585 struct wpa_supplicant *wpa_s = work->wpa_s;
3586 struct os_reltime now, diff;
3587 unsigned int started = work->started;
3589 os_get_reltime(&now);
3590 os_reltime_sub(&now, &work->time, &diff);
3591 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3592 work->type, work, started ? "done" : "canceled",
3593 diff.sec, diff.usec);
3594 radio_work_free(work);
3596 radio_work_check_next(wpa_s);
3600 struct wpa_radio_work *
3601 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3603 struct wpa_radio_work *work;
3604 struct wpa_radio *radio = wpa_s->radio;
3606 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3607 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3615 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3616 struct wpa_interface *iface)
3618 const char *ifname, *driver, *rn;
3620 driver = iface->driver;
3622 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3625 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3626 if (wpa_s->drv_priv == NULL) {
3628 pos = driver ? os_strchr(driver, ',') : NULL;
3630 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3631 "driver interface - try next driver wrapper");
3635 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3639 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3640 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3641 "driver_param '%s'", wpa_s->conf->driver_param);
3645 ifname = wpa_drv_get_ifname(wpa_s);
3646 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3647 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3648 "interface name with '%s'", ifname);
3649 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3652 rn = wpa_driver_get_radio_name(wpa_s);
3653 if (rn && rn[0] == '\0')
3656 wpa_s->radio = radio_add_interface(wpa_s, rn);
3657 if (wpa_s->radio == NULL)
3664 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3665 struct wpa_interface *iface)
3667 struct wpa_driver_capa capa;
3670 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3671 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3672 iface->confname ? iface->confname : "N/A",
3673 iface->driver ? iface->driver : "default",
3674 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3675 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3677 if (iface->confname) {
3678 #ifdef CONFIG_BACKEND_FILE
3679 wpa_s->confname = os_rel2abs_path(iface->confname);
3680 if (wpa_s->confname == NULL) {
3681 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3682 "for configuration file '%s'.",
3686 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3687 iface->confname, wpa_s->confname);
3688 #else /* CONFIG_BACKEND_FILE */
3689 wpa_s->confname = os_strdup(iface->confname);
3690 #endif /* CONFIG_BACKEND_FILE */
3691 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3692 if (wpa_s->conf == NULL) {
3693 wpa_printf(MSG_ERROR, "Failed to read or parse "
3694 "configuration '%s'.", wpa_s->confname);
3697 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3698 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3701 * Override ctrl_interface and driver_param if set on command
3704 if (iface->ctrl_interface) {
3705 os_free(wpa_s->conf->ctrl_interface);
3706 wpa_s->conf->ctrl_interface =
3707 os_strdup(iface->ctrl_interface);
3710 if (iface->driver_param) {
3711 os_free(wpa_s->conf->driver_param);
3712 wpa_s->conf->driver_param =
3713 os_strdup(iface->driver_param);
3716 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3717 os_free(wpa_s->conf->ctrl_interface);
3718 wpa_s->conf->ctrl_interface = NULL;
3721 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3722 iface->driver_param);
3724 if (wpa_s->conf == NULL) {
3725 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3729 if (iface->ifname == NULL) {
3730 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3733 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3734 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3738 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3740 if (iface->bridge_ifname) {
3741 if (os_strlen(iface->bridge_ifname) >=
3742 sizeof(wpa_s->bridge_ifname)) {
3743 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3744 "name '%s'.", iface->bridge_ifname);
3747 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3748 sizeof(wpa_s->bridge_ifname));
3751 /* RSNA Supplicant Key Management - INITIALIZE */
3752 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3753 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3755 /* Initialize driver interface and register driver event handler before
3756 * L2 receive handler so that association events are processed before
3757 * EAPOL-Key packets if both become available for the same select()
3759 if (wpas_init_driver(wpa_s, iface) < 0)
3762 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3765 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3766 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3768 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3770 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3771 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3772 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3773 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3774 "dot11RSNAConfigPMKLifetime");
3778 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3779 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3780 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3781 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3782 "dot11RSNAConfigPMKReauthThreshold");
3786 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3787 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3788 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3789 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3790 "dot11RSNAConfigSATimeout");
3794 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3795 &wpa_s->hw.num_modes,
3798 capa_res = wpa_drv_get_capa(wpa_s, &capa);
3799 if (capa_res == 0) {
3800 wpa_s->drv_capa_known = 1;
3801 wpa_s->drv_flags = capa.flags;
3802 wpa_s->drv_enc = capa.enc;
3803 wpa_s->drv_smps_modes = capa.smps_modes;
3804 wpa_s->drv_rrm_flags = capa.rrm_flags;
3805 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3806 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3807 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3808 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3809 wpa_s->max_match_sets = capa.max_match_sets;
3810 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3811 wpa_s->max_stations = capa.max_stations;
3812 wpa_s->extended_capa = capa.extended_capa;
3813 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3814 wpa_s->extended_capa_len = capa.extended_capa_len;
3815 wpa_s->num_multichan_concurrent =
3816 capa.num_multichan_concurrent;
3817 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
3819 if (wpa_s->max_remain_on_chan == 0)
3820 wpa_s->max_remain_on_chan = 1000;
3823 * Only take p2p_mgmt parameters when P2P Device is supported.
3824 * Doing it here as it determines whether l2_packet_init() will be done
3825 * during wpa_supplicant_driver_init().
3827 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3828 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3830 iface->p2p_mgmt = 1;
3832 if (wpa_s->num_multichan_concurrent == 0)
3833 wpa_s->num_multichan_concurrent = 1;
3835 if (wpa_supplicant_driver_init(wpa_s) < 0)
3839 if ((!iface->p2p_mgmt ||
3840 !(wpa_s->drv_flags &
3841 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3842 wpa_tdls_init(wpa_s->wpa))
3844 #endif /* CONFIG_TDLS */
3846 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3847 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3848 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3852 if (wpas_wps_init(wpa_s))
3855 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3857 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3859 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3860 if (wpa_s->ctrl_iface == NULL) {
3861 wpa_printf(MSG_ERROR,
3862 "Failed to initialize control interface '%s'.\n"
3863 "You may have another wpa_supplicant process "
3864 "already running or the file was\n"
3865 "left by an unclean termination of wpa_supplicant "
3866 "in which case you will need\n"
3867 "to manually remove this file before starting "
3868 "wpa_supplicant again.\n",
3869 wpa_s->conf->ctrl_interface);
3873 wpa_s->gas = gas_query_init(wpa_s);
3874 if (wpa_s->gas == NULL) {
3875 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3879 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3880 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3884 if (wpa_bss_init(wpa_s) < 0)
3888 * Set Wake-on-WLAN triggers, if configured.
3889 * Note: We don't restore/remove the triggers on shutdown (it doesn't
3890 * have effect anyway when the interface is down).
3892 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
3895 #ifdef CONFIG_EAP_PROXY
3898 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3900 if (wpa_s->mnc_len > 0) {
3901 wpa_s->imsi[len] = '\0';
3902 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3903 wpa_s->imsi, wpa_s->mnc_len);
3905 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3908 #endif /* CONFIG_EAP_PROXY */
3910 if (pcsc_reader_init(wpa_s) < 0)
3913 if (wpas_init_ext_pw(wpa_s) < 0)
3916 wpas_rrm_reset(wpa_s);
3922 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3923 int notify, int terminate)
3925 struct wpa_global *global = wpa_s->global;
3926 struct wpa_supplicant *iface, *prev;
3928 if (wpa_s == wpa_s->parent)
3929 wpas_p2p_group_remove(wpa_s, "*");
3931 iface = global->ifaces;
3933 if (iface == wpa_s || iface->parent != wpa_s) {
3934 iface = iface->next;
3937 wpa_printf(MSG_DEBUG,
3938 "Remove remaining child interface %s from parent %s",
3939 iface->ifname, wpa_s->ifname);
3941 iface = iface->next;
3942 wpa_supplicant_remove_iface(global, prev, terminate);
3945 wpa_s->disconnected = 1;
3946 if (wpa_s->drv_priv) {
3947 wpa_supplicant_deauthenticate(wpa_s,
3948 WLAN_REASON_DEAUTH_LEAVING);
3950 wpa_drv_set_countermeasures(wpa_s, 0);
3951 wpa_clear_keys(wpa_s, NULL);
3954 wpa_supplicant_cleanup(wpa_s);
3955 wpas_p2p_deinit_iface(wpa_s);
3957 wpas_ctrl_radio_work_flush(wpa_s);
3958 radio_remove_interface(wpa_s);
3960 if (wpa_s->drv_priv)
3961 wpa_drv_deinit(wpa_s);
3964 wpas_notify_iface_removed(wpa_s);
3967 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3969 if (wpa_s->ctrl_iface) {
3970 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3971 wpa_s->ctrl_iface = NULL;
3976 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
3977 wpa_s->ifmsh = NULL;
3979 #endif /* CONFIG_MESH */
3981 if (wpa_s->conf != NULL) {
3982 wpa_config_free(wpa_s->conf);
3991 * wpa_supplicant_add_iface - Add a new network interface
3992 * @global: Pointer to global data from wpa_supplicant_init()
3993 * @iface: Interface configuration options
3994 * Returns: Pointer to the created interface or %NULL on failure
3996 * This function is used to add new network interfaces for %wpa_supplicant.
3997 * This can be called before wpa_supplicant_run() to add interfaces before the
3998 * main event loop has been started. In addition, new interfaces can be added
3999 * dynamically while %wpa_supplicant is already running. This could happen,
4000 * e.g., when a hotplug network adapter is inserted.
4002 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
4003 struct wpa_interface *iface)
4005 struct wpa_supplicant *wpa_s;
4006 struct wpa_interface t_iface;
4007 struct wpa_ssid *ssid;
4009 if (global == NULL || iface == NULL)
4012 wpa_s = wpa_supplicant_alloc();
4016 wpa_s->global = global;
4019 if (global->params.override_driver) {
4020 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
4022 iface->driver, global->params.override_driver);
4023 t_iface.driver = global->params.override_driver;
4025 if (global->params.override_ctrl_interface) {
4026 wpa_printf(MSG_DEBUG, "Override interface parameter: "
4027 "ctrl_interface ('%s' -> '%s')",
4028 iface->ctrl_interface,
4029 global->params.override_ctrl_interface);
4030 t_iface.ctrl_interface =
4031 global->params.override_ctrl_interface;
4033 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
4034 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
4036 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
4040 if (iface->p2p_mgmt == 0) {
4041 /* Notify the control interfaces about new iface */
4042 if (wpas_notify_iface_added(wpa_s)) {
4043 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
4047 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4048 wpas_notify_network_added(wpa_s, ssid);
4051 wpa_s->next = global->ifaces;
4052 global->ifaces = wpa_s;
4054 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
4055 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4058 if (wpa_s->global->p2p == NULL &&
4059 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
4060 wpas_p2p_add_p2pdev_interface(wpa_s, iface->conf_p2p_dev) < 0) {
4061 wpa_printf(MSG_INFO,
4062 "P2P: Failed to enable P2P Device interface");
4063 /* Try to continue without. P2P will be disabled. */
4065 #endif /* CONFIG_P2P */
4072 * wpa_supplicant_remove_iface - Remove a network interface
4073 * @global: Pointer to global data from wpa_supplicant_init()
4074 * @wpa_s: Pointer to the network interface to be removed
4075 * Returns: 0 if interface was removed, -1 if interface was not found
4077 * This function can be used to dynamically remove network interfaces from
4078 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
4079 * addition, this function is used to remove all remaining interfaces when
4080 * %wpa_supplicant is terminated.
4082 int wpa_supplicant_remove_iface(struct wpa_global *global,
4083 struct wpa_supplicant *wpa_s,
4086 struct wpa_supplicant *prev;
4088 /* Remove interface from the global list of interfaces */
4089 prev = global->ifaces;
4090 if (prev == wpa_s) {
4091 global->ifaces = wpa_s->next;
4093 while (prev && prev->next != wpa_s)
4097 prev->next = wpa_s->next;
4100 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
4102 if (global->p2p_group_formation == wpa_s)
4103 global->p2p_group_formation = NULL;
4104 if (global->p2p_invite_group == wpa_s)
4105 global->p2p_invite_group = NULL;
4106 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
4113 * wpa_supplicant_get_eap_mode - Get the current EAP mode
4114 * @wpa_s: Pointer to the network interface
4115 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
4117 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
4119 const char *eapol_method;
4121 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
4122 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4126 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
4127 if (eapol_method == NULL)
4128 return "UNKNOWN-EAP";
4130 return eapol_method;
4135 * wpa_supplicant_get_iface - Get a new network interface
4136 * @global: Pointer to global data from wpa_supplicant_init()
4137 * @ifname: Interface name
4138 * Returns: Pointer to the interface or %NULL if not found
4140 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
4143 struct wpa_supplicant *wpa_s;
4145 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
4146 if (os_strcmp(wpa_s->ifname, ifname) == 0)
4153 #ifndef CONFIG_NO_WPA_MSG
4154 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
4156 struct wpa_supplicant *wpa_s = ctx;
4159 return wpa_s->ifname;
4161 #endif /* CONFIG_NO_WPA_MSG */
4165 * wpa_supplicant_init - Initialize %wpa_supplicant
4166 * @params: Parameters for %wpa_supplicant
4167 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
4169 * This function is used to initialize %wpa_supplicant. After successful
4170 * initialization, the returned data pointer can be used to add and remove
4171 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
4173 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
4175 struct wpa_global *global;
4181 #ifdef CONFIG_DRIVER_NDIS
4183 void driver_ndis_init_ops(void);
4184 driver_ndis_init_ops();
4186 #endif /* CONFIG_DRIVER_NDIS */
4188 #ifndef CONFIG_NO_WPA_MSG
4189 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4190 #endif /* CONFIG_NO_WPA_MSG */
4192 wpa_debug_open_file(params->wpa_debug_file_path);
4193 if (params->wpa_debug_syslog)
4194 wpa_debug_open_syslog();
4195 if (params->wpa_debug_tracing) {
4196 ret = wpa_debug_open_linux_tracing();
4198 wpa_printf(MSG_ERROR,
4199 "Failed to enable trace logging");
4204 ret = eap_register_methods();
4206 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4208 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4209 "the same EAP type.");
4213 global = os_zalloc(sizeof(*global));
4216 dl_list_init(&global->p2p_srv_bonjour);
4217 dl_list_init(&global->p2p_srv_upnp);
4218 global->params.daemonize = params->daemonize;
4219 global->params.wait_for_monitor = params->wait_for_monitor;
4220 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4221 if (params->pid_file)
4222 global->params.pid_file = os_strdup(params->pid_file);
4223 if (params->ctrl_interface)
4224 global->params.ctrl_interface =
4225 os_strdup(params->ctrl_interface);
4226 if (params->ctrl_interface_group)
4227 global->params.ctrl_interface_group =
4228 os_strdup(params->ctrl_interface_group);
4229 if (params->override_driver)
4230 global->params.override_driver =
4231 os_strdup(params->override_driver);
4232 if (params->override_ctrl_interface)
4233 global->params.override_ctrl_interface =
4234 os_strdup(params->override_ctrl_interface);
4235 wpa_debug_level = global->params.wpa_debug_level =
4236 params->wpa_debug_level;
4237 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4238 params->wpa_debug_show_keys;
4239 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4240 params->wpa_debug_timestamp;
4242 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4245 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4246 wpa_supplicant_deinit(global);
4250 random_init(params->entropy_file);
4252 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4253 if (global->ctrl_iface == NULL) {
4254 wpa_supplicant_deinit(global);
4258 if (wpas_notify_supplicant_initialized(global)) {
4259 wpa_supplicant_deinit(global);
4263 for (i = 0; wpa_drivers[i]; i++)
4264 global->drv_count++;
4265 if (global->drv_count == 0) {
4266 wpa_printf(MSG_ERROR, "No drivers enabled");
4267 wpa_supplicant_deinit(global);
4270 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
4271 if (global->drv_priv == NULL) {
4272 wpa_supplicant_deinit(global);
4276 #ifdef CONFIG_WIFI_DISPLAY
4277 if (wifi_display_init(global) < 0) {
4278 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4279 wpa_supplicant_deinit(global);
4282 #endif /* CONFIG_WIFI_DISPLAY */
4289 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4290 * @global: Pointer to global data from wpa_supplicant_init()
4291 * Returns: 0 after successful event loop run, -1 on failure
4293 * This function starts the main event loop and continues running as long as
4294 * there are any remaining events. In most cases, this function is running as
4295 * long as the %wpa_supplicant process in still in use.
4297 int wpa_supplicant_run(struct wpa_global *global)
4299 struct wpa_supplicant *wpa_s;
4301 if (global->params.daemonize &&
4302 wpa_supplicant_daemon(global->params.pid_file))
4305 if (global->params.wait_for_monitor) {
4306 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4307 if (wpa_s->ctrl_iface)
4308 wpa_supplicant_ctrl_iface_wait(
4312 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4313 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4322 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4323 * @global: Pointer to global data from wpa_supplicant_init()
4325 * This function is called to deinitialize %wpa_supplicant and to free all
4326 * allocated resources. Remaining network interfaces will also be removed.
4328 void wpa_supplicant_deinit(struct wpa_global *global)
4335 #ifdef CONFIG_WIFI_DISPLAY
4336 wifi_display_deinit(global);
4337 #endif /* CONFIG_WIFI_DISPLAY */
4339 while (global->ifaces)
4340 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4342 if (global->ctrl_iface)
4343 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4345 wpas_notify_supplicant_deinitialized(global);
4347 eap_peer_unregister_methods();
4349 eap_server_unregister_methods();
4350 #endif /* CONFIG_AP */
4352 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4353 if (!global->drv_priv[i])
4355 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4357 os_free(global->drv_priv);
4363 if (global->params.pid_file) {
4364 os_daemonize_terminate(global->params.pid_file);
4365 os_free(global->params.pid_file);
4367 os_free(global->params.ctrl_interface);
4368 os_free(global->params.ctrl_interface_group);
4369 os_free(global->params.override_driver);
4370 os_free(global->params.override_ctrl_interface);
4372 os_free(global->p2p_disallow_freq.range);
4373 os_free(global->p2p_go_avoid_freq.range);
4374 os_free(global->add_psk);
4377 wpa_debug_close_syslog();
4378 wpa_debug_close_file();
4379 wpa_debug_close_linux_tracing();
4383 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4385 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4386 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4388 country[0] = wpa_s->conf->country[0];
4389 country[1] = wpa_s->conf->country[1];
4391 if (wpa_drv_set_country(wpa_s, country) < 0) {
4392 wpa_printf(MSG_ERROR, "Failed to set country code "
4397 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4398 wpas_init_ext_pw(wpa_s);
4401 wpas_wps_update_config(wpa_s);
4402 #endif /* CONFIG_WPS */
4403 wpas_p2p_update_config(wpa_s);
4404 wpa_s->conf->changed_parameters = 0;
4408 void add_freq(int *freqs, int *num_freqs, int freq)
4412 for (i = 0; i < *num_freqs; i++) {
4413 if (freqs[i] == freq)
4417 freqs[*num_freqs] = freq;
4422 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4424 struct wpa_bss *bss, *cbss;
4425 const int max_freqs = 10;
4429 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4433 cbss = wpa_s->current_bss;
4435 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4438 if (bss->ssid_len == cbss->ssid_len &&
4439 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4440 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4441 add_freq(freqs, &num_freqs, bss->freq);
4442 if (num_freqs == max_freqs)
4447 if (num_freqs == 0) {
4456 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4462 wpas_connect_work_done(wpa_s);
4465 * Remove possible authentication timeout since the connection failed.
4467 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4469 if (wpa_s->disconnected) {
4471 * There is no point in blacklisting the AP if this event is
4472 * generated based on local request to disconnect.
4474 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4475 "indication since interface has been put into "
4476 "disconnected state");
4481 * Add the failed BSSID into the blacklist and speed up next scan
4482 * attempt if there could be other APs that could accept association.
4483 * The current blacklist count indicates how many times we have tried
4484 * connecting to this AP and multiple attempts mean that other APs are
4485 * either not available or has already been tried, so that we can start
4486 * increasing the delay here to avoid constant scanning.
4488 count = wpa_blacklist_add(wpa_s, bssid);
4489 if (count == 1 && wpa_s->current_bss) {
4491 * This BSS was not in the blacklist before. If there is
4492 * another BSS available for the same ESS, we should try that
4493 * next. Otherwise, we may as well try this one once more
4494 * before allowing other, likely worse, ESSes to be considered.
4496 freqs = get_bss_freqs_in_ess(wpa_s);
4498 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4499 "has been seen; try it next");
4500 wpa_blacklist_add(wpa_s, bssid);
4502 * On the next scan, go through only the known channels
4503 * used in this ESS based on previous scans to speed up
4504 * common load balancing use case.
4506 os_free(wpa_s->next_scan_freqs);
4507 wpa_s->next_scan_freqs = freqs;
4512 * Add previous failure count in case the temporary blacklist was
4513 * cleared due to no other BSSes being available.
4515 count += wpa_s->extra_blacklist_count;
4517 if (count > 3 && wpa_s->current_ssid) {
4518 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4519 "consider temporary network disabling");
4520 wpas_auth_failed(wpa_s, "CONN_FAILED");
4541 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4542 "ms", count, timeout);
4545 * TODO: if more than one possible AP is available in scan results,
4546 * could try the other ones before requesting a new scan.
4548 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4549 1000 * (timeout % 1000));
4553 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4555 return wpa_s->conf->ap_scan == 2 ||
4556 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4560 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4561 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4562 struct wpa_ssid *ssid,
4566 #ifdef IEEE8021X_EAPOL
4567 struct eap_peer_config *eap = &ssid->eap;
4569 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4570 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4571 (const u8 *) value, os_strlen(value));
4573 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4574 case WPA_CTRL_REQ_EAP_IDENTITY:
4575 os_free(eap->identity);
4576 eap->identity = (u8 *) os_strdup(value);
4577 eap->identity_len = os_strlen(value);
4578 eap->pending_req_identity = 0;
4579 if (ssid == wpa_s->current_ssid)
4580 wpa_s->reassociate = 1;
4582 case WPA_CTRL_REQ_EAP_PASSWORD:
4583 bin_clear_free(eap->password, eap->password_len);
4584 eap->password = (u8 *) os_strdup(value);
4585 eap->password_len = os_strlen(value);
4586 eap->pending_req_password = 0;
4587 if (ssid == wpa_s->current_ssid)
4588 wpa_s->reassociate = 1;
4590 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4591 bin_clear_free(eap->new_password, eap->new_password_len);
4592 eap->new_password = (u8 *) os_strdup(value);
4593 eap->new_password_len = os_strlen(value);
4594 eap->pending_req_new_password = 0;
4595 if (ssid == wpa_s->current_ssid)
4596 wpa_s->reassociate = 1;
4598 case WPA_CTRL_REQ_EAP_PIN:
4599 str_clear_free(eap->pin);
4600 eap->pin = os_strdup(value);
4601 eap->pending_req_pin = 0;
4602 if (ssid == wpa_s->current_ssid)
4603 wpa_s->reassociate = 1;
4605 case WPA_CTRL_REQ_EAP_OTP:
4606 bin_clear_free(eap->otp, eap->otp_len);
4607 eap->otp = (u8 *) os_strdup(value);
4608 eap->otp_len = os_strlen(value);
4609 os_free(eap->pending_req_otp);
4610 eap->pending_req_otp = NULL;
4611 eap->pending_req_otp_len = 0;
4613 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4614 str_clear_free(eap->private_key_passwd);
4615 eap->private_key_passwd = os_strdup(value);
4616 eap->pending_req_passphrase = 0;
4617 if (ssid == wpa_s->current_ssid)
4618 wpa_s->reassociate = 1;
4620 case WPA_CTRL_REQ_SIM:
4621 str_clear_free(eap->external_sim_resp);
4622 eap->external_sim_resp = os_strdup(value);
4625 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4630 #else /* IEEE8021X_EAPOL */
4631 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4633 #endif /* IEEE8021X_EAPOL */
4635 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4638 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4641 unsigned int drv_enc;
4649 if (wpa_s && wpa_s->drv_capa_known)
4650 drv_enc = wpa_s->drv_enc;
4652 drv_enc = (unsigned int) -1;
4654 for (i = 0; i < NUM_WEP_KEYS; i++) {
4655 size_t len = ssid->wep_key_len[i];
4658 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4660 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4662 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4664 return 1; /* invalid WEP key */
4667 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4668 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk)
4675 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4677 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4679 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4685 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
4687 struct wpa_ssid *ssid = wpa_s->current_ssid;
4689 struct os_reltime now;
4692 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4697 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4700 ssid->auth_failures++;
4703 if (ssid->p2p_group &&
4704 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4706 * Skip the wait time since there is a short timeout on the
4707 * connection to a P2P group.
4711 #endif /* CONFIG_P2P */
4713 if (ssid->auth_failures > 50)
4715 else if (ssid->auth_failures > 10)
4717 else if (ssid->auth_failures > 5)
4719 else if (ssid->auth_failures > 3)
4721 else if (ssid->auth_failures > 2)
4723 else if (ssid->auth_failures > 1)
4728 if (ssid->auth_failures > 1 &&
4729 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4730 dur += os_random() % (ssid->auth_failures * 10);
4732 os_get_reltime(&now);
4733 if (now.sec + dur <= ssid->disabled_until.sec)
4736 ssid->disabled_until.sec = now.sec + dur;
4738 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4739 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
4740 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4741 ssid->auth_failures, dur, reason);
4745 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4746 struct wpa_ssid *ssid, int clear_failures)
4751 if (ssid->disabled_until.sec) {
4752 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4753 "id=%d ssid=\"%s\"",
4754 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4756 ssid->disabled_until.sec = 0;
4757 ssid->disabled_until.usec = 0;
4759 ssid->auth_failures = 0;
4763 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4767 if (wpa_s->disallow_aps_bssid == NULL)
4770 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4771 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4772 bssid, ETH_ALEN) == 0)
4780 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4785 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4788 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4789 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4790 if (ssid_len == s->ssid_len &&
4791 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4800 * wpas_request_connection - Request a new connection
4801 * @wpa_s: Pointer to the network interface
4803 * This function is used to request a new connection to be found. It will mark
4804 * the interface to allow reassociation and request a new scan to find a
4805 * suitable network to connect to.
4807 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4809 wpa_s->normal_scans = 0;
4810 wpa_s->scan_req = NORMAL_SCAN_REQ;
4811 wpa_supplicant_reinit_autoscan(wpa_s);
4812 wpa_s->extra_blacklist_count = 0;
4813 wpa_s->disconnected = 0;
4814 wpa_s->reassociate = 1;
4816 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4817 wpa_supplicant_req_scan(wpa_s, 0, 0);
4821 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
4822 struct wpa_used_freq_data *freqs_data,
4827 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4829 for (i = 0; i < len; i++) {
4830 struct wpa_used_freq_data *cur = &freqs_data[i];
4831 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
4832 i, cur->freq, cur->flags);
4838 * Find the operating frequencies of any of the virtual interfaces that
4839 * are using the same radio as the current interface, and in addition, get
4840 * information about the interface types that are using the frequency.
4842 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
4843 struct wpa_used_freq_data *freqs_data,
4846 struct wpa_supplicant *ifs;
4849 unsigned int idx = 0, i;
4851 wpa_dbg(wpa_s, MSG_DEBUG,
4852 "Determining shared radio frequencies (max len %u)", len);
4853 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
4855 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4860 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4863 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4864 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4865 freq = ifs->current_ssid->frequency;
4866 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4867 freq = ifs->assoc_freq;
4871 /* Hold only distinct freqs */
4872 for (i = 0; i < idx; i++)
4873 if (freqs_data[i].freq == freq)
4877 freqs_data[idx++].freq = freq;
4879 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
4880 freqs_data[i].flags = ifs->current_ssid->p2p_group ?
4881 WPA_FREQ_USED_BY_P2P_CLIENT :
4882 WPA_FREQ_USED_BY_INFRA_STATION;
4886 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
4892 * Find the operating frequencies of any of the virtual interfaces that
4893 * are using the same radio as the current interface.
4895 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4896 int *freq_array, unsigned int len)
4898 struct wpa_used_freq_data *freqs_data;
4901 os_memset(freq_array, 0, sizeof(int) * len);
4903 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
4907 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
4908 for (i = 0; i < num; i++)
4909 freq_array[i] = freqs_data[i].freq;
4911 os_free(freqs_data);
4917 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
4919 struct rrm_data *rrm = data;
4921 if (!rrm->notify_neighbor_rep) {
4922 wpa_printf(MSG_ERROR,
4923 "RRM: Unexpected neighbor report timeout");
4927 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
4928 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
4930 rrm->notify_neighbor_rep = NULL;
4931 rrm->neighbor_rep_cb_ctx = NULL;
4936 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
4937 * @wpa_s: Pointer to wpa_supplicant
4939 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
4941 wpa_s->rrm.rrm_used = 0;
4943 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
4945 if (wpa_s->rrm.notify_neighbor_rep)
4946 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
4947 wpa_s->rrm.next_neighbor_rep_token = 1;
4952 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
4953 * @wpa_s: Pointer to wpa_supplicant
4954 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
4955 * @report_len: Length of neighbor report buffer
4957 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
4958 const u8 *report, size_t report_len)
4960 struct wpabuf *neighbor_rep;
4962 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
4966 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
4967 wpa_printf(MSG_DEBUG,
4968 "RRM: Discarding neighbor report with token %d (expected %d)",
4969 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
4973 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
4976 if (!wpa_s->rrm.notify_neighbor_rep) {
4977 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
4981 /* skipping the first byte, which is only an id (dialog token) */
4982 neighbor_rep = wpabuf_alloc(report_len - 1);
4983 if (neighbor_rep == NULL)
4985 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
4986 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
4988 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
4990 wpa_s->rrm.notify_neighbor_rep = NULL;
4991 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
4996 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
4997 * @wpa_s: Pointer to wpa_supplicant
4998 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
4999 * is sent in the request.
5000 * @cb: Callback function to be called once the requested report arrives, or
5001 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
5002 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
5003 * the requester's responsibility to free it.
5004 * In the latter case NULL will be sent in 'neighbor_rep'.
5005 * @cb_ctx: Context value to send the callback function
5006 * Returns: 0 in case of success, negative error code otherwise
5008 * In case there is a previous request which has not been answered yet, the
5009 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
5010 * Request must contain a callback function.
5012 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
5013 const struct wpa_ssid *ssid,
5014 void (*cb)(void *ctx,
5015 struct wpabuf *neighbor_rep),
5021 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
5022 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
5026 if (!wpa_s->rrm.rrm_used) {
5027 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
5031 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
5032 WLAN_EID_RRM_ENABLED_CAPABILITIES);
5033 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
5034 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
5035 wpa_printf(MSG_DEBUG,
5036 "RRM: No network support for Neighbor Report.");
5041 wpa_printf(MSG_DEBUG,
5042 "RRM: Neighbor Report request must provide a callback.");
5046 /* Refuse if there's a live request */
5047 if (wpa_s->rrm.notify_neighbor_rep) {
5048 wpa_printf(MSG_DEBUG,
5049 "RRM: Currently handling previous Neighbor Report.");
5053 /* 3 = action category + action code + dialog token */
5054 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0));
5056 wpa_printf(MSG_DEBUG,
5057 "RRM: Failed to allocate Neighbor Report Request");
5061 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
5062 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
5063 wpa_s->rrm.next_neighbor_rep_token);
5065 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5066 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
5067 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
5069 wpabuf_put_u8(buf, WLAN_EID_SSID);
5070 wpabuf_put_u8(buf, ssid->ssid_len);
5071 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
5074 wpa_s->rrm.next_neighbor_rep_token++;
5076 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5077 wpa_s->own_addr, wpa_s->bssid,
5078 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
5079 wpa_printf(MSG_DEBUG,
5080 "RRM: Failed to send Neighbor Report Request");
5085 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
5086 wpa_s->rrm.notify_neighbor_rep = cb;
5087 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
5088 wpas_rrm_neighbor_rep_timeout_handler,
5096 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
5098 const u8 *frame, size_t len,
5102 const struct rrm_link_measurement_request *req;
5103 struct rrm_link_measurement_report report;
5105 if (wpa_s->wpa_state != WPA_COMPLETED) {
5106 wpa_printf(MSG_INFO,
5107 "RRM: Ignoring link measurement request. Not associated");
5111 if (!wpa_s->rrm.rrm_used) {
5112 wpa_printf(MSG_INFO,
5113 "RRM: Ignoring link measurement request. Not RRM network");
5117 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
5118 wpa_printf(MSG_INFO,
5119 "RRM: Measurement report failed. TX power insertion not supported");
5123 req = (const struct rrm_link_measurement_request *) frame;
5124 if (len < sizeof(*req)) {
5125 wpa_printf(MSG_INFO,
5126 "RRM: Link measurement report failed. Request too short");
5130 os_memset(&report, 0, sizeof(report));
5131 report.tpc.eid = WLAN_EID_TPC_REPORT;
5133 report.rsni = 255; /* 255 indicates that RSNI is not available */
5134 report.dialog_token = req->dialog_token;
5137 * It's possible to estimate RCPI based on RSSI in dBm. This
5138 * calculation will not reflect the correct value for high rates,
5139 * but it's good enough for Action frames which are transmitted
5140 * with up to 24 Mbps rates.
5143 report.rcpi = 255; /* not available */
5144 else if (rssi < -110)
5149 report.rcpi = (rssi + 110) * 2;
5151 /* action_category + action_code */
5152 buf = wpabuf_alloc(2 + sizeof(report));
5154 wpa_printf(MSG_ERROR,
5155 "RRM: Link measurement report failed. Buffer allocation failed");
5159 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5160 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
5161 wpabuf_put_data(buf, &report, sizeof(report));
5162 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
5163 wpabuf_head(buf), wpabuf_len(buf));
5165 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
5166 wpa_s->own_addr, wpa_s->bssid,
5167 wpabuf_head(buf), wpabuf_len(buf), 0)) {
5168 wpa_printf(MSG_ERROR,
5169 "RRM: Link measurement report failed. Send action failed");
projects / mech_eap.git / blob