3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 /* Configure default/group WEP keys for static WEP */
108 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
112 for (i = 0; i < NUM_WEP_KEYS; i++) {
113 if (ssid->wep_key_len[i] == 0)
117 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
118 i, i == ssid->wep_tx_keyidx, NULL, 0,
119 ssid->wep_key[i], ssid->wep_key_len[i]);
126 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
127 struct wpa_ssid *ssid)
134 /* IBSS/WPA-None uses only one key (Group) for both receiving and
135 * sending unicast and multicast packets. */
137 if (ssid->mode != WPAS_MODE_IBSS) {
138 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
139 "IBSS/ad-hoc) for WPA-None", ssid->mode);
143 if (!ssid->psk_set) {
144 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
149 switch (wpa_s->group_cipher) {
150 case WPA_CIPHER_CCMP:
151 os_memcpy(key, ssid->psk, 16);
155 case WPA_CIPHER_GCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_TKIP:
161 /* WPA-None uses the same Michael MIC key for both TX and RX */
162 os_memcpy(key, ssid->psk, 16 + 8);
163 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
169 "WPA-None", wpa_s->group_cipher);
173 /* TODO: should actually remember the previously used seq#, both for TX
174 * and RX from each STA.. */
176 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
180 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
182 struct wpa_supplicant *wpa_s = eloop_ctx;
183 const u8 *bssid = wpa_s->bssid;
184 if (is_zero_ether_addr(bssid))
185 bssid = wpa_s->pending_bssid;
186 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
188 wpa_blacklist_add(wpa_s, bssid);
189 wpa_sm_notify_disassoc(wpa_s->wpa);
190 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
191 wpa_s->reassociate = 1;
194 * If we timed out, the AP or the local radio may be busy.
195 * So, wait a second until scanning again.
197 wpa_supplicant_req_scan(wpa_s, 1, 0);
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
207 * This function is used to schedule a timeout for the current authentication
210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
213 if (wpa_s->conf->ap_scan == 0 &&
214 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
217 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
218 "%d usec", sec, usec);
219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
234 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236 wpa_blacklist_del(wpa_s, wpa_s->bssid);
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
249 #ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf;
251 struct wpa_ssid *ssid = wpa_s->current_ssid;
253 #ifdef CONFIG_IBSS_RSN
254 if (ssid->mode == WPAS_MODE_IBSS &&
255 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
258 * RSN IBSS authentication is per-STA and we can disable the
259 * per-BSSID EAPOL authentication.
261 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
266 #endif /* CONFIG_IBSS_RSN */
268 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
272 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
273 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
277 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
279 eapol_conf.accept_802_1x_keys = 1;
280 eapol_conf.required_keys = 0;
281 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
282 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
284 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
285 eapol_conf.required_keys |=
286 EAPOL_REQUIRE_KEY_BROADCAST;
289 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
290 eapol_conf.required_keys = 0;
292 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
293 eapol_conf.workaround = ssid->eap_workaround;
294 eapol_conf.eap_disabled =
295 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
296 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
298 eapol_conf.external_sim = wpa_s->conf->external_sim;
299 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
300 #endif /* IEEE8021X_EAPOL */
305 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306 * @wpa_s: Pointer to wpa_supplicant data
307 * @ssid: Configuration data for the network
309 * This function is used to configure WPA state machine and related parameters
310 * to a mode where WPA is not enabled. This is called as part of the
311 * authentication configuration when the selected network does not use WPA.
313 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
314 struct wpa_ssid *ssid)
318 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
319 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
320 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
321 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
323 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
324 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
325 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
326 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
327 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
328 wpa_s->group_cipher = WPA_CIPHER_NONE;
329 wpa_s->mgmt_group_cipher = 0;
331 for (i = 0; i < NUM_WEP_KEYS; i++) {
332 if (ssid->wep_key_len[i] > 5) {
333 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
334 wpa_s->group_cipher = WPA_CIPHER_WEP104;
336 } else if (ssid->wep_key_len[i] > 0) {
337 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
338 wpa_s->group_cipher = WPA_CIPHER_WEP40;
343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
344 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
345 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
346 wpa_s->pairwise_cipher);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
348 #ifdef CONFIG_IEEE80211W
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
350 wpa_s->mgmt_group_cipher);
351 #endif /* CONFIG_IEEE80211W */
353 pmksa_cache_clear_current(wpa_s->wpa);
357 void free_hw_features(struct wpa_supplicant *wpa_s)
360 if (wpa_s->hw.modes == NULL)
363 for (i = 0; i < wpa_s->hw.num_modes; i++) {
364 os_free(wpa_s->hw.modes[i].channels);
365 os_free(wpa_s->hw.modes[i].rates);
368 os_free(wpa_s->hw.modes);
369 wpa_s->hw.modes = NULL;
373 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
375 bgscan_deinit(wpa_s);
376 autoscan_deinit(wpa_s);
377 scard_deinit(wpa_s->scard);
379 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
380 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
381 l2_packet_deinit(wpa_s->l2);
384 l2_packet_deinit(wpa_s->l2_br);
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
394 os_free(wpa_s->confname);
395 wpa_s->confname = NULL;
397 os_free(wpa_s->confanother);
398 wpa_s->confanother = NULL;
401 os_free(wpa_s->conf_p2p_dev);
402 wpa_s->conf_p2p_dev = NULL;
403 #endif /* CONFIG_P2P */
405 wpa_sm_set_eapol(wpa_s->wpa, NULL);
406 eapol_sm_deinit(wpa_s->eapol);
409 rsn_preauth_deinit(wpa_s->wpa);
412 wpa_tdls_deinit(wpa_s->wpa);
413 #endif /* CONFIG_TDLS */
415 pmksa_candidate_free(wpa_s->wpa);
416 wpa_sm_deinit(wpa_s->wpa);
418 wpa_blacklist_clear(wpa_s);
420 wpa_bss_deinit(wpa_s);
422 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
423 wpa_supplicant_cancel_scan(wpa_s);
424 wpa_supplicant_cancel_auth_timeout(wpa_s);
425 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
426 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
427 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
429 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
431 wpas_wps_deinit(wpa_s);
433 wpabuf_free(wpa_s->pending_eapol_rx);
434 wpa_s->pending_eapol_rx = NULL;
436 #ifdef CONFIG_IBSS_RSN
437 ibss_rsn_deinit(wpa_s->ibss_rsn);
438 wpa_s->ibss_rsn = NULL;
439 #endif /* CONFIG_IBSS_RSN */
444 wpa_supplicant_ap_deinit(wpa_s);
445 #endif /* CONFIG_AP */
448 wpas_p2p_deinit(wpa_s);
449 #endif /* CONFIG_P2P */
451 #ifdef CONFIG_OFFCHANNEL
452 offchannel_deinit(wpa_s);
453 #endif /* CONFIG_OFFCHANNEL */
455 wpa_supplicant_cancel_sched_scan(wpa_s);
457 os_free(wpa_s->next_scan_freqs);
458 wpa_s->next_scan_freqs = NULL;
460 os_free(wpa_s->manual_scan_freqs);
461 wpa_s->manual_scan_freqs = NULL;
463 gas_query_deinit(wpa_s->gas);
466 free_hw_features(wpa_s);
468 os_free(wpa_s->bssid_filter);
469 wpa_s->bssid_filter = NULL;
471 os_free(wpa_s->disallow_aps_bssid);
472 wpa_s->disallow_aps_bssid = NULL;
473 os_free(wpa_s->disallow_aps_ssid);
474 wpa_s->disallow_aps_ssid = NULL;
476 wnm_bss_keep_alive_deinit(wpa_s);
478 wnm_deallocate_memory(wpa_s);
479 #endif /* CONFIG_WNM */
481 ext_password_deinit(wpa_s->ext_pw);
482 wpa_s->ext_pw = NULL;
484 wpabuf_free(wpa_s->last_gas_resp);
485 wpa_s->last_gas_resp = NULL;
486 wpabuf_free(wpa_s->prev_gas_resp);
487 wpa_s->prev_gas_resp = NULL;
489 os_free(wpa_s->last_scan_res);
490 wpa_s->last_scan_res = NULL;
493 hs20_free_osu_prov(wpa_s);
494 #endif /* CONFIG_HS20 */
499 * wpa_clear_keys - Clear keys configured for the driver
500 * @wpa_s: Pointer to wpa_supplicant data
501 * @addr: Previously used BSSID or %NULL if not available
503 * This function clears the encryption keys that has been previously configured
506 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
510 #ifdef CONFIG_IEEE80211W
512 #else /* CONFIG_IEEE80211W */
514 #endif /* CONFIG_IEEE80211W */
516 /* MLME-DELETEKEYS.request */
517 for (i = 0; i < max; i++) {
518 if (wpa_s->keys_cleared & BIT(i))
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
523 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
524 !is_zero_ether_addr(addr)) {
525 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
527 /* MLME-SETPROTECTION.request(None) */
528 wpa_drv_mlme_setprotection(
530 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
531 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
533 wpa_s->keys_cleared = (u32) -1;
538 * wpa_supplicant_state_txt - Get the connection state name as a text string
539 * @state: State (wpa_state; WPA_*)
540 * Returns: The state name as a printable text string
542 const char * wpa_supplicant_state_txt(enum wpa_states state)
545 case WPA_DISCONNECTED:
546 return "DISCONNECTED";
549 case WPA_INTERFACE_DISABLED:
550 return "INTERFACE_DISABLED";
553 case WPA_AUTHENTICATING:
554 return "AUTHENTICATING";
555 case WPA_ASSOCIATING:
556 return "ASSOCIATING";
559 case WPA_4WAY_HANDSHAKE:
560 return "4WAY_HANDSHAKE";
561 case WPA_GROUP_HANDSHAKE:
562 return "GROUP_HANDSHAKE";
573 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
577 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
578 name = wpa_s->current_ssid->bgscan;
580 name = wpa_s->conf->bgscan;
581 if (name == NULL || name[0] == '\0')
583 if (wpas_driver_bss_selection(wpa_s))
585 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
588 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
590 #endif /* CONFIG_P2P */
592 bgscan_deinit(wpa_s);
593 if (wpa_s->current_ssid) {
594 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
595 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
598 * Live without bgscan; it is only used as a roaming
599 * optimization, so the initial connection is not
603 struct wpa_scan_results *scan_res;
604 wpa_s->bgscan_ssid = wpa_s->current_ssid;
605 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
608 bgscan_notify_scan(wpa_s, scan_res);
609 wpa_scan_results_free(scan_res);
613 wpa_s->bgscan_ssid = NULL;
617 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
619 if (wpa_s->bgscan_ssid != NULL) {
620 bgscan_deinit(wpa_s);
621 wpa_s->bgscan_ssid = NULL;
625 #endif /* CONFIG_BGSCAN */
628 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
630 if (autoscan_init(wpa_s, 0))
631 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
635 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
637 autoscan_deinit(wpa_s);
641 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
643 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
644 wpa_s->wpa_state == WPA_SCANNING) {
645 autoscan_deinit(wpa_s);
646 wpa_supplicant_start_autoscan(wpa_s);
652 * wpa_supplicant_set_state - Set current connection state
653 * @wpa_s: Pointer to wpa_supplicant data
654 * @state: The new connection state
656 * This function is called whenever the connection state changes, e.g.,
657 * association is completed for WPA/WPA2 4-Way Handshake is started.
659 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
660 enum wpa_states state)
662 enum wpa_states old_state = wpa_s->wpa_state;
664 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
665 wpa_supplicant_state_txt(wpa_s->wpa_state),
666 wpa_supplicant_state_txt(state));
668 if (state == WPA_INTERFACE_DISABLED) {
669 /* Assure normal scan when interface is restored */
670 wpa_s->normal_scans = 0;
673 if (state == WPA_COMPLETED)
674 wpas_connect_work_done(wpa_s);
676 if (state != WPA_SCANNING)
677 wpa_supplicant_notify_scanning(wpa_s, 0);
679 if (state == WPA_COMPLETED && wpa_s->new_connection) {
680 struct wpa_ssid *ssid = wpa_s->current_ssid;
681 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
682 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
683 MACSTR " completed [id=%d id_str=%s]",
684 MAC2STR(wpa_s->bssid),
685 ssid ? ssid->id : -1,
686 ssid && ssid->id_str ? ssid->id_str : "");
687 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
688 wpas_clear_temp_disabled(wpa_s, ssid, 1);
689 wpa_s->extra_blacklist_count = 0;
690 wpa_s->new_connection = 0;
691 wpa_drv_set_operstate(wpa_s, 1);
692 #ifndef IEEE8021X_EAPOL
693 wpa_drv_set_supp_port(wpa_s, 1);
694 #endif /* IEEE8021X_EAPOL */
695 wpa_s->after_wps = 0;
696 wpa_s->known_wps_freq = 0;
698 wpas_p2p_completed(wpa_s);
699 #endif /* CONFIG_P2P */
701 sme_sched_obss_scan(wpa_s, 1);
702 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
703 state == WPA_ASSOCIATED) {
704 wpa_s->new_connection = 1;
705 wpa_drv_set_operstate(wpa_s, 0);
706 #ifndef IEEE8021X_EAPOL
707 wpa_drv_set_supp_port(wpa_s, 0);
708 #endif /* IEEE8021X_EAPOL */
709 sme_sched_obss_scan(wpa_s, 0);
711 wpa_s->wpa_state = state;
714 if (state == WPA_COMPLETED)
715 wpa_supplicant_start_bgscan(wpa_s);
716 else if (state < WPA_ASSOCIATED)
717 wpa_supplicant_stop_bgscan(wpa_s);
718 #endif /* CONFIG_BGSCAN */
720 if (state == WPA_AUTHENTICATING)
721 wpa_supplicant_stop_autoscan(wpa_s);
723 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
724 wpa_supplicant_start_autoscan(wpa_s);
726 if (wpa_s->wpa_state != old_state) {
727 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
729 if (wpa_s->wpa_state == WPA_COMPLETED ||
730 old_state == WPA_COMPLETED)
731 wpas_notify_auth_changed(wpa_s);
736 void wpa_supplicant_terminate_proc(struct wpa_global *global)
740 struct wpa_supplicant *wpa_s = global->ifaces;
742 struct wpa_supplicant *next = wpa_s->next;
744 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
745 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
746 wpas_p2p_disconnect(wpa_s);
747 #endif /* CONFIG_P2P */
748 if (wpas_wps_terminate_pending(wpa_s) == 1)
752 #endif /* CONFIG_WPS */
759 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
761 struct wpa_global *global = signal_ctx;
762 wpa_supplicant_terminate_proc(global);
766 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
768 enum wpa_states old_state = wpa_s->wpa_state;
770 wpa_s->pairwise_cipher = 0;
771 wpa_s->group_cipher = 0;
772 wpa_s->mgmt_group_cipher = 0;
774 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
775 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
777 if (wpa_s->wpa_state != old_state)
778 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
783 * wpa_supplicant_reload_configuration - Reload configuration data
784 * @wpa_s: Pointer to wpa_supplicant data
785 * Returns: 0 on success or -1 if configuration parsing failed
787 * This function can be used to request that the configuration data is reloaded
788 * (e.g., after configuration file change). This function is reloading
789 * configuration only for one interface, so this may need to be called multiple
790 * times if %wpa_supplicant is controlling multiple interfaces and all
791 * interfaces need reconfiguration.
793 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
795 struct wpa_config *conf;
799 if (wpa_s->confname == NULL)
801 conf = wpa_config_read(wpa_s->confname, NULL);
803 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
804 "file '%s' - exiting", wpa_s->confname);
807 wpa_config_read(wpa_s->confanother, conf);
809 conf->changed_parameters = (unsigned int) -1;
811 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
812 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
813 os_strcmp(conf->ctrl_interface,
814 wpa_s->conf->ctrl_interface) != 0);
816 if (reconf_ctrl && wpa_s->ctrl_iface) {
817 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
818 wpa_s->ctrl_iface = NULL;
821 eapol_sm_invalidate_cached_session(wpa_s->eapol);
822 if (wpa_s->current_ssid) {
823 wpa_supplicant_deauthenticate(wpa_s,
824 WLAN_REASON_DEAUTH_LEAVING);
828 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
829 * pkcs11_engine_path, pkcs11_module_path.
831 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
833 * Clear forced success to clear EAP state for next
836 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
838 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
839 wpa_sm_set_config(wpa_s->wpa, NULL);
840 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
841 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
842 rsn_preauth_deinit(wpa_s->wpa);
844 old_ap_scan = wpa_s->conf->ap_scan;
845 wpa_config_free(wpa_s->conf);
847 if (old_ap_scan != wpa_s->conf->ap_scan)
848 wpas_notify_ap_scan_changed(wpa_s);
851 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
853 wpa_supplicant_update_config(wpa_s);
855 wpa_supplicant_clear_status(wpa_s);
856 if (wpa_supplicant_enabled_networks(wpa_s)) {
857 wpa_s->reassociate = 1;
858 wpa_supplicant_req_scan(wpa_s, 0, 0);
860 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
865 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
867 struct wpa_global *global = signal_ctx;
868 struct wpa_supplicant *wpa_s;
869 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
870 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
872 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
873 wpa_supplicant_terminate_proc(global);
879 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
880 struct wpa_ssid *ssid,
881 struct wpa_ie_data *ie)
883 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
886 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
887 "from association info");
892 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
894 if (!(ie->group_cipher & ssid->group_cipher)) {
895 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
896 "cipher 0x%x (mask 0x%x) - reject",
897 ie->group_cipher, ssid->group_cipher);
900 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
901 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
902 "cipher 0x%x (mask 0x%x) - reject",
903 ie->pairwise_cipher, ssid->pairwise_cipher);
906 if (!(ie->key_mgmt & ssid->key_mgmt)) {
907 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
908 "management 0x%x (mask 0x%x) - reject",
909 ie->key_mgmt, ssid->key_mgmt);
913 #ifdef CONFIG_IEEE80211W
914 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
915 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
916 wpa_s->conf->pmf : ssid->ieee80211w) ==
917 MGMT_FRAME_PROTECTION_REQUIRED) {
918 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
919 "that does not support management frame protection - "
923 #endif /* CONFIG_IEEE80211W */
930 * wpa_supplicant_set_suites - Set authentication and encryption parameters
931 * @wpa_s: Pointer to wpa_supplicant data
932 * @bss: Scan results for the selected BSS, or %NULL if not available
933 * @ssid: Configuration data for the selected network
934 * @wpa_ie: Buffer for the WPA/RSN IE
935 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
936 * used buffer length in case the functions returns success.
937 * Returns: 0 on success or -1 on failure
939 * This function is used to configure authentication and encryption parameters
940 * based on the network configuration and scan result for the selected BSS (if
943 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
944 struct wpa_bss *bss, struct wpa_ssid *ssid,
945 u8 *wpa_ie, size_t *wpa_ie_len)
947 struct wpa_ie_data ie;
949 const u8 *bss_wpa, *bss_rsn, *bss_osen;
952 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
953 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
954 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
956 bss_wpa = bss_rsn = bss_osen = NULL;
958 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
959 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
960 (ie.group_cipher & ssid->group_cipher) &&
961 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
962 (ie.key_mgmt & ssid->key_mgmt)) {
963 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
964 proto = WPA_PROTO_RSN;
965 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
966 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
967 (ie.group_cipher & ssid->group_cipher) &&
968 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
969 (ie.key_mgmt & ssid->key_mgmt)) {
970 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
971 proto = WPA_PROTO_WPA;
973 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
974 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
975 /* TODO: parse OSEN element */
976 ie.group_cipher = WPA_CIPHER_CCMP;
977 ie.pairwise_cipher = WPA_CIPHER_CCMP;
978 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
979 proto = WPA_PROTO_OSEN;
980 #endif /* CONFIG_HS20 */
982 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
985 if (ssid->proto & WPA_PROTO_OSEN)
986 proto = WPA_PROTO_OSEN;
987 else if (ssid->proto & WPA_PROTO_RSN)
988 proto = WPA_PROTO_RSN;
990 proto = WPA_PROTO_WPA;
991 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
992 os_memset(&ie, 0, sizeof(ie));
993 ie.group_cipher = ssid->group_cipher;
994 ie.pairwise_cipher = ssid->pairwise_cipher;
995 ie.key_mgmt = ssid->key_mgmt;
996 #ifdef CONFIG_IEEE80211W
997 ie.mgmt_group_cipher =
998 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
999 WPA_CIPHER_AES_128_CMAC : 0;
1000 #endif /* CONFIG_IEEE80211W */
1001 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1002 "based on configuration");
1007 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1008 "pairwise %d key_mgmt %d proto %d",
1009 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1010 #ifdef CONFIG_IEEE80211W
1011 if (ssid->ieee80211w) {
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1013 ie.mgmt_group_cipher);
1015 #endif /* CONFIG_IEEE80211W */
1017 wpa_s->wpa_proto = proto;
1018 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1019 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1020 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1022 if (bss || !wpa_s->ap_ies_from_associnfo) {
1023 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1024 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1025 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1026 bss_rsn ? 2 + bss_rsn[1] : 0))
1030 sel = ie.group_cipher & ssid->group_cipher;
1031 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1032 if (wpa_s->group_cipher < 0) {
1033 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1037 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1038 wpa_cipher_txt(wpa_s->group_cipher));
1040 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1041 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1042 if (wpa_s->pairwise_cipher < 0) {
1043 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1047 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1048 wpa_cipher_txt(wpa_s->pairwise_cipher));
1050 sel = ie.key_mgmt & ssid->key_mgmt;
1052 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1053 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1054 #endif /* CONFIG_SAE */
1056 #ifdef CONFIG_IEEE80211R
1057 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1058 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1060 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1061 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1062 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1063 #endif /* CONFIG_IEEE80211R */
1065 } else if (sel & WPA_KEY_MGMT_SAE) {
1066 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1067 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1068 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1069 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1070 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1071 #endif /* CONFIG_SAE */
1072 #ifdef CONFIG_IEEE80211W
1073 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1074 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1075 wpa_dbg(wpa_s, MSG_DEBUG,
1076 "WPA: using KEY_MGMT 802.1X with SHA256");
1077 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1078 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1079 wpa_dbg(wpa_s, MSG_DEBUG,
1080 "WPA: using KEY_MGMT PSK with SHA256");
1081 #endif /* CONFIG_IEEE80211W */
1082 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1083 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1084 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1085 } else if (sel & WPA_KEY_MGMT_PSK) {
1086 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1087 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1088 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1089 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1090 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1092 } else if (sel & WPA_KEY_MGMT_OSEN) {
1093 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1094 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1095 #endif /* CONFIG_HS20 */
1097 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1098 "authenticated key management type");
1102 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1103 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1104 wpa_s->pairwise_cipher);
1105 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1107 #ifdef CONFIG_IEEE80211W
1108 sel = ie.mgmt_group_cipher;
1109 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1110 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1111 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1113 if (sel & WPA_CIPHER_AES_128_CMAC) {
1114 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1115 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1118 wpa_s->mgmt_group_cipher = 0;
1119 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1121 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1122 wpa_s->mgmt_group_cipher);
1123 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1124 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1125 wpa_s->conf->pmf : ssid->ieee80211w));
1126 #endif /* CONFIG_IEEE80211W */
1128 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1129 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1133 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1134 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1135 #ifndef CONFIG_NO_PBKDF2
1136 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1139 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1140 4096, psk, PMK_LEN);
1141 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1143 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1145 #endif /* CONFIG_NO_PBKDF2 */
1146 #ifdef CONFIG_EXT_PASSWORD
1147 if (ssid->ext_psk) {
1148 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1150 char pw_str[64 + 1];
1154 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1155 "found from external storage");
1159 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1160 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1161 "PSK length %d in external storage",
1162 (int) wpabuf_len(pw));
1163 ext_password_free(pw);
1167 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1168 pw_str[wpabuf_len(pw)] = '\0';
1170 #ifndef CONFIG_NO_PBKDF2
1171 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1173 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1174 4096, psk, PMK_LEN);
1175 os_memset(pw_str, 0, sizeof(pw_str));
1176 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1177 "external passphrase)",
1179 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1181 #endif /* CONFIG_NO_PBKDF2 */
1182 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1183 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1184 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1185 "Invalid PSK hex string");
1186 os_memset(pw_str, 0, sizeof(pw_str));
1187 ext_password_free(pw);
1190 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1192 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1194 os_memset(pw_str, 0, sizeof(pw_str));
1195 ext_password_free(pw);
1199 os_memset(pw_str, 0, sizeof(pw_str));
1200 ext_password_free(pw);
1202 #endif /* CONFIG_EXT_PASSWORD */
1204 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1210 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1215 case 0: /* Bits 0-7 */
1217 case 1: /* Bits 8-15 */
1219 case 2: /* Bits 16-23 */
1221 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1222 *pos |= 0x08; /* Bit 19 - BSS Transition */
1223 #endif /* CONFIG_WNM */
1225 case 3: /* Bits 24-31 */
1227 *pos |= 0x02; /* Bit 25 - SSID List */
1228 #endif /* CONFIG_WNM */
1229 #ifdef CONFIG_INTERWORKING
1230 if (wpa_s->conf->interworking)
1231 *pos |= 0x80; /* Bit 31 - Interworking */
1232 #endif /* CONFIG_INTERWORKING */
1234 case 4: /* Bits 32-39 */
1235 #ifdef CONFIG_INTERWORKING
1236 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1237 *pos |= 0x01; /* Bit 32 - QoS Map */
1238 #endif /* CONFIG_INTERWORKING */
1240 case 5: /* Bits 40-47 */
1242 if (wpa_s->conf->hs20)
1243 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1244 #endif /* CONFIG_HS20 */
1246 case 6: /* Bits 48-55 */
1252 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1257 if (len < wpa_s->extended_capa_len)
1258 len = wpa_s->extended_capa_len;
1260 *pos++ = WLAN_EID_EXT_CAPAB;
1262 for (i = 0; i < len; i++, pos++) {
1263 wpas_ext_capab_byte(wpa_s, pos, i);
1265 if (i < wpa_s->extended_capa_len) {
1266 *pos &= ~wpa_s->extended_capa_mask[i];
1267 *pos |= wpa_s->extended_capa[i];
1271 while (len > 0 && buf[1 + len] == 0) {
1282 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1283 struct wpa_bss *test_bss)
1285 struct wpa_bss *bss;
1287 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1288 if (bss == test_bss)
1296 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1297 struct wpa_ssid *test_ssid)
1299 struct wpa_ssid *ssid;
1301 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1302 if (ssid == test_ssid)
1310 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1311 struct wpa_ssid *test_ssid)
1313 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1316 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1320 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1328 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1330 struct wpa_connect_work *cwork;
1331 struct wpa_radio_work *work = wpa_s->connect_work;
1336 wpa_s->connect_work = NULL;
1339 wpas_connect_work_free(cwork);
1340 radio_work_done(work);
1344 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1347 * wpa_supplicant_associate - Request association
1348 * @wpa_s: Pointer to wpa_supplicant data
1349 * @bss: Scan results for the selected BSS, or %NULL if not available
1350 * @ssid: Configuration data for the selected network
1352 * This function is used to request %wpa_supplicant to associate with a BSS.
1354 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1355 struct wpa_bss *bss, struct wpa_ssid *ssid)
1357 struct wpa_connect_work *cwork;
1359 #ifdef CONFIG_IBSS_RSN
1360 ibss_rsn_deinit(wpa_s->ibss_rsn);
1361 wpa_s->ibss_rsn = NULL;
1362 #endif /* CONFIG_IBSS_RSN */
1364 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1365 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1367 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1368 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1372 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1373 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1374 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1375 wpas_p2p_ap_setup_failed(wpa_s);
1378 wpa_s->current_bss = bss;
1379 #else /* CONFIG_AP */
1380 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1382 #endif /* CONFIG_AP */
1388 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1390 #endif /* CONFIG_TDLS */
1392 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1393 ssid->mode == IEEE80211_MODE_INFRA) {
1394 sme_authenticate(wpa_s, bss, ssid);
1398 if (wpa_s->connect_work) {
1399 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1403 if (radio_work_pending(wpa_s, "connect")) {
1404 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1408 cwork = os_zalloc(sizeof(*cwork));
1415 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1416 wpas_start_assoc_cb, cwork) < 0) {
1422 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1424 struct wpa_connect_work *cwork = work->ctx;
1425 struct wpa_bss *bss = cwork->bss;
1426 struct wpa_ssid *ssid = cwork->ssid;
1427 struct wpa_supplicant *wpa_s = work->wpa_s;
1430 int use_crypt, ret, i, bssid_changed;
1431 int algs = WPA_AUTH_ALG_OPEN;
1432 unsigned int cipher_pairwise, cipher_group;
1433 struct wpa_driver_associate_params params;
1434 int wep_keys_set = 0;
1435 int assoc_failed = 0;
1436 struct wpa_ssid *old_ssid;
1437 #ifdef CONFIG_HT_OVERRIDES
1438 struct ieee80211_ht_capabilities htcaps;
1439 struct ieee80211_ht_capabilities htcaps_mask;
1440 #endif /* CONFIG_HT_OVERRIDES */
1443 if (work->started) {
1444 wpa_s->connect_work = NULL;
1446 /* cancel possible auth. timeout */
1447 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1450 wpas_connect_work_free(cwork);
1454 wpa_s->connect_work = work;
1456 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1457 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1458 wpas_connect_work_done(wpa_s);
1462 os_memset(¶ms, 0, sizeof(params));
1463 wpa_s->reassociate = 0;
1464 wpa_s->eap_expected_failure = 0;
1465 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1466 #ifdef CONFIG_IEEE80211R
1467 const u8 *ie, *md = NULL;
1468 #endif /* CONFIG_IEEE80211R */
1469 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1470 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1471 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1472 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1473 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1474 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1476 wpas_notify_bssid_changed(wpa_s);
1477 #ifdef CONFIG_IEEE80211R
1478 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1479 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1481 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1483 /* Prepare for the next transition */
1484 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1486 #endif /* CONFIG_IEEE80211R */
1488 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1489 wpa_s->conf->ap_scan == 2 &&
1490 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1491 /* Use ap_scan==1 style network selection to find the network
1493 wpa_s->scan_req = MANUAL_SCAN_REQ;
1494 wpa_s->reassociate = 1;
1495 wpa_supplicant_req_scan(wpa_s, 0, 0);
1497 #endif /* CONFIG_WPS */
1499 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1500 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1501 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1503 wpa_supplicant_cancel_sched_scan(wpa_s);
1504 wpa_supplicant_cancel_scan(wpa_s);
1506 /* Starting new association, so clear the possibly used WPA IE from the
1507 * previous association. */
1508 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1510 #ifdef IEEE8021X_EAPOL
1511 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1513 if (ssid->non_leap == 0)
1514 algs = WPA_AUTH_ALG_LEAP;
1516 algs |= WPA_AUTH_ALG_LEAP;
1519 #endif /* IEEE8021X_EAPOL */
1520 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1521 if (ssid->auth_alg) {
1522 algs = ssid->auth_alg;
1523 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1527 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1528 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1529 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1530 int try_opportunistic;
1531 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1533 ssid->proactive_key_caching) &&
1534 (ssid->proto & WPA_PROTO_RSN);
1535 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1536 ssid, try_opportunistic) == 0)
1537 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1538 wpa_ie_len = sizeof(wpa_ie);
1539 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1540 wpa_ie, &wpa_ie_len)) {
1541 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1542 "key management and encryption suites");
1545 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1546 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1548 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1549 * use non-WPA since the scan results did not indicate that the
1550 * AP is using WPA or WPA2.
1552 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1554 wpa_s->wpa_proto = 0;
1555 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1556 wpa_ie_len = sizeof(wpa_ie);
1557 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1558 wpa_ie, &wpa_ie_len)) {
1559 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1560 "key management and encryption suites (no "
1565 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1566 struct wpabuf *wps_ie;
1567 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1568 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1569 wpa_ie_len = wpabuf_len(wps_ie);
1570 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1573 wpabuf_free(wps_ie);
1574 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1575 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1576 params.wps = WPS_MODE_PRIVACY;
1578 params.wps = WPS_MODE_OPEN;
1579 wpa_s->wpa_proto = 0;
1580 #endif /* CONFIG_WPS */
1582 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1584 wpa_s->wpa_proto = 0;
1588 if (wpa_s->global->p2p) {
1592 pos = wpa_ie + wpa_ie_len;
1593 len = sizeof(wpa_ie) - wpa_ie_len;
1594 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1600 wpa_s->cross_connect_disallowed = 0;
1603 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1605 wpa_s->cross_connect_disallowed =
1606 p2p_get_cross_connect_disallowed(p2p);
1608 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1610 wpa_s->cross_connect_disallowed ?
1611 "disallows" : "allows");
1615 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1616 #endif /* CONFIG_P2P */
1619 if (is_hs20_network(wpa_s, ssid, bss)) {
1620 struct wpabuf *hs20;
1621 hs20 = wpabuf_alloc(20);
1623 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1624 wpas_hs20_add_indication(hs20, pps_mo_id);
1625 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1627 wpa_ie_len += wpabuf_len(hs20);
1631 #endif /* CONFIG_HS20 */
1634 * Workaround: Add Extended Capabilities element only if the AP
1635 * included this element in Beacon/Probe Response frames. Some older
1636 * APs seem to have interoperability issues if this element is
1637 * included, so while the standard may require us to include the
1638 * element in all cases, it is justifiable to skip it to avoid
1639 * interoperability issues.
1641 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1644 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1645 if (ext_capab_len > 0) {
1647 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1649 os_memmove(pos + ext_capab_len, pos,
1650 wpa_ie_len - (pos - wpa_ie));
1651 wpa_ie_len += ext_capab_len;
1652 os_memcpy(pos, ext_capab, ext_capab_len);
1656 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1658 cipher_pairwise = wpa_s->pairwise_cipher;
1659 cipher_group = wpa_s->group_cipher;
1660 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1661 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1662 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1664 if (wpa_set_wep_keys(wpa_s, ssid)) {
1669 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1672 #ifdef IEEE8021X_EAPOL
1673 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1674 if ((ssid->eapol_flags &
1675 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1676 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1680 /* Assume that dynamic WEP-104 keys will be used and
1681 * set cipher suites in order for drivers to expect
1683 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1686 #endif /* IEEE8021X_EAPOL */
1688 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1689 /* Set the key before (and later after) association */
1690 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1693 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1695 params.ssid = bss->ssid;
1696 params.ssid_len = bss->ssid_len;
1697 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1698 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1699 MACSTR " freq=%u MHz based on scan results "
1701 MAC2STR(bss->bssid), bss->freq,
1703 params.bssid = bss->bssid;
1704 params.freq = bss->freq;
1706 params.bssid_hint = bss->bssid;
1707 params.freq_hint = bss->freq;
1709 params.ssid = ssid->ssid;
1710 params.ssid_len = ssid->ssid_len;
1713 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1714 wpa_s->conf->ap_scan == 2) {
1715 params.bssid = ssid->bssid;
1716 params.fixed_bssid = 1;
1719 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1721 params.freq = ssid->frequency; /* Initial channel for IBSS */
1723 if (ssid->mode == WPAS_MODE_IBSS) {
1724 if (ssid->beacon_int)
1725 params.beacon_int = ssid->beacon_int;
1727 params.beacon_int = wpa_s->conf->beacon_int;
1730 params.wpa_ie = wpa_ie;
1731 params.wpa_ie_len = wpa_ie_len;
1732 params.pairwise_suite = cipher_pairwise;
1733 params.group_suite = cipher_group;
1734 params.key_mgmt_suite = wpa_s->key_mgmt;
1735 params.wpa_proto = wpa_s->wpa_proto;
1736 params.auth_alg = algs;
1737 params.mode = ssid->mode;
1738 params.bg_scan_period = ssid->bg_scan_period;
1739 for (i = 0; i < NUM_WEP_KEYS; i++) {
1740 if (ssid->wep_key_len[i])
1741 params.wep_key[i] = ssid->wep_key[i];
1742 params.wep_key_len[i] = ssid->wep_key_len[i];
1744 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1746 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1747 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1748 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1749 params.passphrase = ssid->passphrase;
1751 params.psk = ssid->psk;
1754 params.drop_unencrypted = use_crypt;
1756 #ifdef CONFIG_IEEE80211W
1757 params.mgmt_frame_protection =
1758 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1759 wpa_s->conf->pmf : ssid->ieee80211w;
1760 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1761 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1762 struct wpa_ie_data ie;
1763 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1765 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1766 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1767 "MFP: require MFP");
1768 params.mgmt_frame_protection =
1769 MGMT_FRAME_PROTECTION_REQUIRED;
1772 #endif /* CONFIG_IEEE80211W */
1774 params.p2p = ssid->p2p_group;
1776 if (wpa_s->parent->set_sta_uapsd)
1777 params.uapsd = wpa_s->parent->sta_uapsd;
1781 #ifdef CONFIG_HT_OVERRIDES
1782 os_memset(&htcaps, 0, sizeof(htcaps));
1783 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1784 params.htcaps = (u8 *) &htcaps;
1785 params.htcaps_mask = (u8 *) &htcaps_mask;
1786 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1787 #endif /* CONFIG_HT_OVERRIDES */
1791 * If multi-channel concurrency is not supported, check for any
1792 * frequency conflict. In case of any frequency conflict, remove the
1793 * least prioritized connection.
1795 if (wpa_s->num_multichan_concurrent < 2) {
1796 int freq = wpa_drv_shared_freq(wpa_s);
1797 if (freq > 0 && freq != params.freq) {
1798 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1800 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1806 #endif /* CONFIG_P2P */
1808 ret = wpa_drv_associate(wpa_s, ¶ms);
1810 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1812 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1814 * The driver is known to mean what is saying, so we
1815 * can stop right here; the association will not
1818 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1819 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1820 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1823 /* try to continue anyway; new association will be tried again
1828 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1829 /* Set the key after the association just in case association
1830 * cleared the previously configured key. */
1831 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1832 /* No need to timeout authentication since there is no key
1834 wpa_supplicant_cancel_auth_timeout(wpa_s);
1835 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1836 #ifdef CONFIG_IBSS_RSN
1837 } else if (ssid->mode == WPAS_MODE_IBSS &&
1838 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1839 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1841 * RSN IBSS authentication is per-STA and we can disable the
1842 * per-BSSID authentication.
1844 wpa_supplicant_cancel_auth_timeout(wpa_s);
1845 #endif /* CONFIG_IBSS_RSN */
1847 /* Timeout for IEEE 802.11 authentication and association */
1851 /* give IBSS a bit more time */
1852 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1853 } else if (wpa_s->conf->ap_scan == 1) {
1854 /* give IBSS a bit more time */
1855 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1857 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1861 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1862 /* Set static WEP keys again */
1863 wpa_set_wep_keys(wpa_s, ssid);
1866 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1868 * Do not allow EAP session resumption between different
1869 * network configurations.
1871 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1873 old_ssid = wpa_s->current_ssid;
1874 wpa_s->current_ssid = ssid;
1875 wpa_s->current_bss = bss;
1876 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1877 wpa_supplicant_initiate_eapol(wpa_s);
1878 if (old_ssid != wpa_s->current_ssid)
1879 wpas_notify_network_changed(wpa_s);
1883 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1886 struct wpa_ssid *old_ssid;
1888 wpa_clear_keys(wpa_s, addr);
1889 old_ssid = wpa_s->current_ssid;
1890 wpa_supplicant_mark_disassoc(wpa_s);
1891 wpa_sm_set_config(wpa_s->wpa, NULL);
1892 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1893 if (old_ssid != wpa_s->current_ssid)
1894 wpas_notify_network_changed(wpa_s);
1895 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1900 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1901 * @wpa_s: Pointer to wpa_supplicant data
1902 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1904 * This function is used to request %wpa_supplicant to deauthenticate from the
1907 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1911 union wpa_event_data event;
1914 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1915 " pending_bssid=" MACSTR " reason=%d state=%s",
1916 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1917 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1919 if (!is_zero_ether_addr(wpa_s->bssid))
1920 addr = wpa_s->bssid;
1921 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1922 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1923 wpa_s->wpa_state == WPA_ASSOCIATING))
1924 addr = wpa_s->pending_bssid;
1925 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1927 * When using driver-based BSS selection, we may not know the
1928 * BSSID with which we are currently trying to associate. We
1929 * need to notify the driver of this disconnection even in such
1930 * a case, so use the all zeros address here.
1932 addr = wpa_s->bssid;
1937 wpa_tdls_teardown_peers(wpa_s->wpa);
1938 #endif /* CONFIG_TDLS */
1941 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1942 os_memset(&event, 0, sizeof(event));
1943 event.deauth_info.reason_code = (u16) reason_code;
1944 event.deauth_info.locally_generated = 1;
1945 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1950 wpa_supplicant_clear_connection(wpa_s, addr);
1953 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1954 struct wpa_ssid *ssid)
1956 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1960 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1961 wpas_notify_network_enabled_changed(wpa_s, ssid);
1964 * Try to reassociate since there is no current configuration and a new
1965 * network was made available.
1967 if (!wpa_s->current_ssid && !wpa_s->disconnected)
1968 wpa_s->reassociate = 1;
1973 * wpa_supplicant_enable_network - Mark a configured network as enabled
1974 * @wpa_s: wpa_supplicant structure for a network interface
1975 * @ssid: wpa_ssid structure for a configured network or %NULL
1977 * Enables the specified network or all networks if no network specified.
1979 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1980 struct wpa_ssid *ssid)
1983 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1984 wpa_supplicant_enable_one_network(wpa_s, ssid);
1986 wpa_supplicant_enable_one_network(wpa_s, ssid);
1988 if (wpa_s->reassociate && !wpa_s->disconnected) {
1989 if (wpa_s->sched_scanning) {
1990 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1991 "new network to scan filters");
1992 wpa_supplicant_cancel_sched_scan(wpa_s);
1995 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1996 wpa_supplicant_req_scan(wpa_s, 0, 0);
2002 * wpa_supplicant_disable_network - Mark a configured network as disabled
2003 * @wpa_s: wpa_supplicant structure for a network interface
2004 * @ssid: wpa_ssid structure for a configured network or %NULL
2006 * Disables the specified network or all networks if no network specified.
2008 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2009 struct wpa_ssid *ssid)
2011 struct wpa_ssid *other_ssid;
2015 if (wpa_s->sched_scanning)
2016 wpa_supplicant_cancel_sched_scan(wpa_s);
2018 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2019 other_ssid = other_ssid->next) {
2020 was_disabled = other_ssid->disabled;
2021 if (was_disabled == 2)
2022 continue; /* do not change persistent P2P group
2025 other_ssid->disabled = 1;
2027 if (was_disabled != other_ssid->disabled)
2028 wpas_notify_network_enabled_changed(
2031 if (wpa_s->current_ssid)
2032 wpa_supplicant_deauthenticate(
2033 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2034 } else if (ssid->disabled != 2) {
2035 if (ssid == wpa_s->current_ssid)
2036 wpa_supplicant_deauthenticate(
2037 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2039 was_disabled = ssid->disabled;
2043 if (was_disabled != ssid->disabled) {
2044 wpas_notify_network_enabled_changed(wpa_s, ssid);
2045 if (wpa_s->sched_scanning) {
2046 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2047 "to remove network from filters");
2048 wpa_supplicant_cancel_sched_scan(wpa_s);
2049 wpa_supplicant_req_scan(wpa_s, 0, 0);
2057 * wpa_supplicant_select_network - Attempt association with a network
2058 * @wpa_s: wpa_supplicant structure for a network interface
2059 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2061 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2062 struct wpa_ssid *ssid)
2065 struct wpa_ssid *other_ssid;
2066 int disconnected = 0;
2068 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2069 wpa_supplicant_deauthenticate(
2070 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2075 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2078 * Mark all other networks disabled or mark all networks enabled if no
2079 * network specified.
2081 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2082 other_ssid = other_ssid->next) {
2083 int was_disabled = other_ssid->disabled;
2084 if (was_disabled == 2)
2085 continue; /* do not change persistent P2P group data */
2087 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2088 if (was_disabled && !other_ssid->disabled)
2089 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2091 if (was_disabled != other_ssid->disabled)
2092 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2095 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2096 /* We are already associated with the selected network */
2097 wpa_printf(MSG_DEBUG, "Already associated with the "
2098 "selected network - do nothing");
2103 wpa_s->current_ssid = ssid;
2104 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2106 wpa_s->connect_without_scan = NULL;
2107 wpa_s->disconnected = 0;
2108 wpa_s->reassociate = 1;
2110 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2111 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2114 wpas_notify_network_selected(wpa_s, ssid);
2119 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2120 * @wpa_s: wpa_supplicant structure for a network interface
2121 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2122 * @pkcs11_module_path: PKCS #11 module path or NULL
2123 * Returns: 0 on success; -1 on failure
2125 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2126 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2127 * module path fails the paths will be reset to the default value (NULL).
2129 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2130 const char *pkcs11_engine_path,
2131 const char *pkcs11_module_path)
2133 char *pkcs11_engine_path_copy = NULL;
2134 char *pkcs11_module_path_copy = NULL;
2136 if (pkcs11_engine_path != NULL) {
2137 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2138 if (pkcs11_engine_path_copy == NULL)
2141 if (pkcs11_module_path != NULL) {
2142 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2143 if (pkcs11_module_path_copy == NULL) {
2144 os_free(pkcs11_engine_path_copy);
2149 os_free(wpa_s->conf->pkcs11_engine_path);
2150 os_free(wpa_s->conf->pkcs11_module_path);
2151 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2152 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2154 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2155 eapol_sm_deinit(wpa_s->eapol);
2156 wpa_s->eapol = NULL;
2157 if (wpa_supplicant_init_eapol(wpa_s)) {
2158 /* Error -> Reset paths to the default value (NULL) once. */
2159 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2160 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2165 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2172 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2173 * @wpa_s: wpa_supplicant structure for a network interface
2174 * @ap_scan: AP scan mode
2175 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2178 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2183 if (ap_scan < 0 || ap_scan > 2)
2187 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2188 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2189 wpa_s->wpa_state < WPA_COMPLETED) {
2190 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2191 "associating", wpa_s->conf->ap_scan, ap_scan);
2194 #endif /* ANDROID */
2196 old_ap_scan = wpa_s->conf->ap_scan;
2197 wpa_s->conf->ap_scan = ap_scan;
2199 if (old_ap_scan != wpa_s->conf->ap_scan)
2200 wpas_notify_ap_scan_changed(wpa_s);
2207 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2208 * @wpa_s: wpa_supplicant structure for a network interface
2209 * @expire_age: Expiration age in seconds
2210 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2213 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2214 unsigned int bss_expire_age)
2216 if (bss_expire_age < 10) {
2217 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2221 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2223 wpa_s->conf->bss_expiration_age = bss_expire_age;
2230 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2231 * @wpa_s: wpa_supplicant structure for a network interface
2232 * @expire_count: number of scans after which an unseen BSS is reclaimed
2233 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2236 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2237 unsigned int bss_expire_count)
2239 if (bss_expire_count < 1) {
2240 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2244 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2246 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2253 * wpa_supplicant_set_scan_interval - Set scan interval
2254 * @wpa_s: wpa_supplicant structure for a network interface
2255 * @scan_interval: scan interval in seconds
2256 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2259 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2262 if (scan_interval < 0) {
2263 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2267 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2269 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2276 * wpa_supplicant_set_debug_params - Set global debug params
2277 * @global: wpa_global structure
2278 * @debug_level: debug level
2279 * @debug_timestamp: determines if show timestamp in debug data
2280 * @debug_show_keys: determines if show keys in debug data
2281 * Returns: 0 if succeed or -1 if debug_level has wrong value
2283 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2284 int debug_timestamp, int debug_show_keys)
2287 int old_level, old_timestamp, old_show_keys;
2289 /* check for allowed debuglevels */
2290 if (debug_level != MSG_EXCESSIVE &&
2291 debug_level != MSG_MSGDUMP &&
2292 debug_level != MSG_DEBUG &&
2293 debug_level != MSG_INFO &&
2294 debug_level != MSG_WARNING &&
2295 debug_level != MSG_ERROR)
2298 old_level = wpa_debug_level;
2299 old_timestamp = wpa_debug_timestamp;
2300 old_show_keys = wpa_debug_show_keys;
2302 wpa_debug_level = debug_level;
2303 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2304 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2306 if (wpa_debug_level != old_level)
2307 wpas_notify_debug_level_changed(global);
2308 if (wpa_debug_timestamp != old_timestamp)
2309 wpas_notify_debug_timestamp_changed(global);
2310 if (wpa_debug_show_keys != old_show_keys)
2311 wpas_notify_debug_show_keys_changed(global);
2318 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2319 * @wpa_s: Pointer to wpa_supplicant data
2320 * Returns: A pointer to the current network structure or %NULL on failure
2322 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2324 struct wpa_ssid *entry;
2325 u8 ssid[MAX_SSID_LEN];
2331 res = wpa_drv_get_ssid(wpa_s, ssid);
2333 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2339 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2340 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2345 wired = wpa_s->conf->ap_scan == 0 &&
2346 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2348 entry = wpa_s->conf->ssid;
2350 if (!wpas_network_disabled(wpa_s, entry) &&
2351 ((ssid_len == entry->ssid_len &&
2352 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2353 (!entry->bssid_set ||
2354 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2357 if (!wpas_network_disabled(wpa_s, entry) &&
2358 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2359 (entry->ssid == NULL || entry->ssid_len == 0) &&
2360 (!entry->bssid_set ||
2361 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2363 #endif /* CONFIG_WPS */
2365 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2366 entry->ssid_len == 0 &&
2367 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2370 entry = entry->next;
2377 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2379 struct wpa_global *global = wpa_s->global;
2381 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2382 global->drv_priv[i] = wpa_drivers[i]->global_init();
2383 if (global->drv_priv[i] == NULL) {
2384 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2385 "'%s'", wpa_drivers[i]->name);
2390 wpa_s->driver = wpa_drivers[i];
2391 wpa_s->global_drv_priv = global->drv_priv[i];
2397 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2402 const char *pos, *driver = name;
2407 if (wpa_drivers[0] == NULL) {
2408 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2414 /* default to first driver in the list */
2415 return select_driver(wpa_s, 0);
2419 pos = os_strchr(driver, ',');
2423 len = os_strlen(driver);
2425 for (i = 0; wpa_drivers[i]; i++) {
2426 if (os_strlen(wpa_drivers[i]->name) == len &&
2427 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2429 /* First driver that succeeds wins */
2430 if (select_driver(wpa_s, i) == 0)
2438 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2444 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2445 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2446 * with struct wpa_driver_ops::init()
2447 * @src_addr: Source address of the EAPOL frame
2448 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2449 * @len: Length of the EAPOL data
2451 * This function is called for each received EAPOL frame. Most driver
2452 * interfaces rely on more generic OS mechanism for receiving frames through
2453 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2454 * take care of received EAPOL frames and deliver them to the core supplicant
2455 * code by calling this function.
2457 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2458 const u8 *buf, size_t len)
2460 struct wpa_supplicant *wpa_s = ctx;
2462 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2463 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2465 #ifdef CONFIG_PEERKEY
2466 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2467 wpa_s->current_ssid->peerkey &&
2468 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2469 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2470 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2473 #endif /* CONFIG_PEERKEY */
2475 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2476 (wpa_s->last_eapol_matches_bssid &&
2479 #endif /* CONFIG_AP */
2480 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2482 * There is possible race condition between receiving the
2483 * association event and the EAPOL frame since they are coming
2484 * through different paths from the driver. In order to avoid
2485 * issues in trying to process the EAPOL frame before receiving
2486 * association information, lets queue it for processing until
2487 * the association event is received. This may also be needed in
2488 * driver-based roaming case, so also use src_addr != BSSID as a
2489 * trigger if we have previously confirmed that the
2490 * Authenticator uses BSSID as the src_addr (which is not the
2491 * case with wired IEEE 802.1X).
2493 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2494 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2495 wpa_supplicant_state_txt(wpa_s->wpa_state),
2496 MAC2STR(wpa_s->bssid));
2497 wpabuf_free(wpa_s->pending_eapol_rx);
2498 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2499 if (wpa_s->pending_eapol_rx) {
2500 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2501 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2507 wpa_s->last_eapol_matches_bssid =
2508 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2511 if (wpa_s->ap_iface) {
2512 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2515 #endif /* CONFIG_AP */
2517 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2518 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2519 "no key management is configured");
2523 if (wpa_s->eapol_received == 0 &&
2524 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2525 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2526 wpa_s->wpa_state != WPA_COMPLETED) &&
2527 (wpa_s->current_ssid == NULL ||
2528 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2529 /* Timeout for completing IEEE 802.1X and WPA authentication */
2530 wpa_supplicant_req_auth_timeout(
2532 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2533 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2534 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2537 wpa_s->eapol_received++;
2539 if (wpa_s->countermeasures) {
2540 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2545 #ifdef CONFIG_IBSS_RSN
2546 if (wpa_s->current_ssid &&
2547 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2548 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2551 #endif /* CONFIG_IBSS_RSN */
2553 /* Source address of the incoming EAPOL frame could be compared to the
2554 * current BSSID. However, it is possible that a centralized
2555 * Authenticator could be using another MAC address than the BSSID of
2556 * an AP, so just allow any address to be used for now. The replies are
2557 * still sent to the current BSSID (if available), though. */
2559 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2560 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2561 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2563 wpa_drv_poll(wpa_s);
2564 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2565 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2566 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2568 * Set portValid = TRUE here since we are going to skip 4-way
2569 * handshake processing which would normally set portValid. We
2570 * need this to allow the EAPOL state machines to be completed
2571 * without going through EAPOL-Key handshake.
2573 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2578 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2580 if (wpa_s->driver->send_eapol) {
2581 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2583 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2584 } else if ((!wpa_s->p2p_mgmt ||
2585 !(wpa_s->drv_flags &
2586 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2587 !(wpa_s->drv_flags &
2588 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2589 l2_packet_deinit(wpa_s->l2);
2590 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2591 wpa_drv_get_mac_addr(wpa_s),
2593 wpa_supplicant_rx_eapol, wpa_s, 0);
2594 if (wpa_s->l2 == NULL)
2597 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2599 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2602 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2603 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2611 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2612 const u8 *buf, size_t len)
2614 struct wpa_supplicant *wpa_s = ctx;
2615 const struct l2_ethhdr *eth;
2617 if (len < sizeof(*eth))
2619 eth = (const struct l2_ethhdr *) buf;
2621 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2622 !(eth->h_dest[0] & 0x01)) {
2623 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2624 " (bridge - not for this interface - ignore)",
2625 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2629 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2630 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2631 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2632 len - sizeof(*eth));
2637 * wpa_supplicant_driver_init - Initialize driver interface parameters
2638 * @wpa_s: Pointer to wpa_supplicant data
2639 * Returns: 0 on success, -1 on failure
2641 * This function is called to initialize driver interface parameters.
2642 * wpa_drv_init() must have been called before this function to initialize the
2645 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2647 static int interface_count = 0;
2649 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2652 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2653 MAC2STR(wpa_s->own_addr));
2654 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2656 if (wpa_s->bridge_ifname[0]) {
2657 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2658 "interface '%s'", wpa_s->bridge_ifname);
2659 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2662 wpa_supplicant_rx_eapol_bridge,
2664 if (wpa_s->l2_br == NULL) {
2665 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2666 "connection for the bridge interface '%s'",
2667 wpa_s->bridge_ifname);
2672 wpa_clear_keys(wpa_s, NULL);
2674 /* Make sure that TKIP countermeasures are not left enabled (could
2675 * happen if wpa_supplicant is killed during countermeasures. */
2676 wpa_drv_set_countermeasures(wpa_s, 0);
2678 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2679 wpa_drv_flush_pmkid(wpa_s);
2681 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2682 wpa_s->prev_scan_wildcard = 0;
2684 if (wpa_supplicant_enabled_networks(wpa_s)) {
2685 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2686 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2687 interface_count = 0;
2689 if (!wpa_s->p2p_mgmt &&
2690 wpa_supplicant_delayed_sched_scan(wpa_s,
2691 interface_count % 3,
2693 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
2697 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2703 static int wpa_supplicant_daemon(const char *pid_file)
2705 wpa_printf(MSG_DEBUG, "Daemonize..");
2706 return os_daemonize(pid_file);
2710 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2712 struct wpa_supplicant *wpa_s;
2714 wpa_s = os_zalloc(sizeof(*wpa_s));
2717 wpa_s->scan_req = INITIAL_SCAN_REQ;
2718 wpa_s->scan_interval = 5;
2719 wpa_s->new_connection = 1;
2720 wpa_s->parent = wpa_s;
2721 wpa_s->sched_scanning = 0;
2727 #ifdef CONFIG_HT_OVERRIDES
2729 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2730 struct ieee80211_ht_capabilities *htcaps,
2731 struct ieee80211_ht_capabilities *htcaps_mask,
2734 /* parse ht_mcs into hex array */
2736 const char *tmp = ht_mcs;
2739 /* If ht_mcs is null, do not set anything */
2743 /* This is what we are setting in the kernel */
2744 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2746 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2748 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2750 long v = strtol(tmp, &end, 16);
2752 wpa_msg(wpa_s, MSG_DEBUG,
2753 "htcap value[%i]: %ld end: %p tmp: %p",
2758 htcaps->supported_mcs_set[i] = v;
2761 wpa_msg(wpa_s, MSG_ERROR,
2762 "Failed to parse ht-mcs: %s, error: %s\n",
2763 ht_mcs, strerror(errno));
2769 * If we were able to parse any values, then set mask for the MCS set.
2772 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2773 IEEE80211_HT_MCS_MASK_LEN - 1);
2774 /* skip the 3 reserved bits */
2775 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2783 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2784 struct ieee80211_ht_capabilities *htcaps,
2785 struct ieee80211_ht_capabilities *htcaps_mask,
2790 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2795 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2796 htcaps_mask->ht_capabilities_info |= msk;
2798 htcaps->ht_capabilities_info &= msk;
2800 htcaps->ht_capabilities_info |= msk;
2806 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2807 struct ieee80211_ht_capabilities *htcaps,
2808 struct ieee80211_ht_capabilities *htcaps_mask,
2811 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2816 if (factor < 0 || factor > 3) {
2817 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2818 "Must be 0-3 or -1", factor);
2822 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2823 htcaps->a_mpdu_params &= ~0x3;
2824 htcaps->a_mpdu_params |= factor & 0x3;
2830 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2831 struct ieee80211_ht_capabilities *htcaps,
2832 struct ieee80211_ht_capabilities *htcaps_mask,
2835 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2840 if (density < 0 || density > 7) {
2841 wpa_msg(wpa_s, MSG_ERROR,
2842 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2847 htcaps_mask->a_mpdu_params |= 0x1C;
2848 htcaps->a_mpdu_params &= ~(0x1C);
2849 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2855 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2856 struct ieee80211_ht_capabilities *htcaps,
2857 struct ieee80211_ht_capabilities *htcaps_mask,
2860 /* Masking these out disables HT40 */
2861 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2862 HT_CAP_INFO_SHORT_GI40MHZ);
2864 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2867 htcaps->ht_capabilities_info &= ~msk;
2869 htcaps->ht_capabilities_info |= msk;
2871 htcaps_mask->ht_capabilities_info |= msk;
2877 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2878 struct ieee80211_ht_capabilities *htcaps,
2879 struct ieee80211_ht_capabilities *htcaps_mask,
2882 /* Masking these out disables SGI */
2883 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2884 HT_CAP_INFO_SHORT_GI40MHZ);
2886 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2889 htcaps->ht_capabilities_info &= ~msk;
2891 htcaps->ht_capabilities_info |= msk;
2893 htcaps_mask->ht_capabilities_info |= msk;
2899 void wpa_supplicant_apply_ht_overrides(
2900 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2901 struct wpa_driver_associate_params *params)
2903 struct ieee80211_ht_capabilities *htcaps;
2904 struct ieee80211_ht_capabilities *htcaps_mask;
2909 params->disable_ht = ssid->disable_ht;
2910 if (!params->htcaps || !params->htcaps_mask)
2913 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2914 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2915 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2916 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2917 ssid->disable_max_amsdu);
2918 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2919 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2920 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2921 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2924 #endif /* CONFIG_HT_OVERRIDES */
2927 #ifdef CONFIG_VHT_OVERRIDES
2928 void wpa_supplicant_apply_vht_overrides(
2929 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2930 struct wpa_driver_associate_params *params)
2932 struct ieee80211_vht_capabilities *vhtcaps;
2933 struct ieee80211_vht_capabilities *vhtcaps_mask;
2938 params->disable_vht = ssid->disable_vht;
2940 vhtcaps = (void *) params->vhtcaps;
2941 vhtcaps_mask = (void *) params->vhtcaps_mask;
2943 if (!vhtcaps || !vhtcaps_mask)
2946 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2947 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2949 #define OVERRIDE_MCS(i) \
2950 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2951 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2953 vhtcaps->vht_supported_mcs_set.tx_map |= \
2954 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2956 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2957 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2959 vhtcaps->vht_supported_mcs_set.rx_map |= \
2960 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2972 #endif /* CONFIG_VHT_OVERRIDES */
2975 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2980 if (!wpa_s->conf->pcsc_reader)
2983 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
2987 if (wpa_s->conf->pcsc_pin &&
2988 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2989 scard_deinit(wpa_s->scard);
2990 wpa_s->scard = NULL;
2991 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2995 len = sizeof(wpa_s->imsi) - 1;
2996 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2997 scard_deinit(wpa_s->scard);
2998 wpa_s->scard = NULL;
2999 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3002 wpa_s->imsi[len] = '\0';
3004 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3006 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3007 wpa_s->imsi, wpa_s->mnc_len);
3009 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3010 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3011 #endif /* PCSC_FUNCS */
3017 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3021 ext_password_deinit(wpa_s->ext_pw);
3022 wpa_s->ext_pw = NULL;
3023 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3025 if (!wpa_s->conf->ext_password_backend)
3028 val = os_strdup(wpa_s->conf->ext_password_backend);
3031 pos = os_strchr(val, ':');
3035 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3037 wpa_s->ext_pw = ext_password_init(val, pos);
3039 if (wpa_s->ext_pw == NULL) {
3040 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3043 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3049 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3052 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3053 struct wpa_radio *radio;
3055 while (rn && iface) {
3056 radio = iface->radio;
3057 if (radio && os_strcmp(rn, radio->name) == 0) {
3058 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3060 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3064 iface = iface->next;
3067 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3068 wpa_s->ifname, rn ? rn : "N/A");
3069 radio = os_zalloc(sizeof(*radio));
3074 os_strlcpy(radio->name, rn, sizeof(radio->name));
3075 dl_list_init(&radio->ifaces);
3076 dl_list_init(&radio->work);
3077 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3083 static void radio_work_free(struct wpa_radio_work *work)
3085 if (work->wpa_s->scan_work == work) {
3086 /* This should not really happen. */
3087 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3088 work->type, work, work->started);
3089 work->wpa_s->scan_work = NULL;
3093 if (work->wpa_s->p2p_scan_work == work) {
3094 /* This should not really happen. */
3095 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3096 work->type, work, work->started);
3097 work->wpa_s->p2p_scan_work = NULL;
3099 #endif /* CONFIG_P2P */
3101 dl_list_del(&work->list);
3106 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3108 struct wpa_radio *radio = eloop_ctx;
3109 struct wpa_radio_work *work;
3110 struct os_reltime now, diff;
3111 struct wpa_supplicant *wpa_s;
3113 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3118 return; /* already started and still in progress */
3120 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3122 if (wpa_s && wpa_s->external_scan_running) {
3123 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3127 os_get_reltime(&now);
3128 os_reltime_sub(&now, &work->time, &diff);
3129 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3130 work->type, work, diff.sec, diff.usec);
3138 * This function removes both started and pending radio works running on
3139 * the provided interface's radio.
3140 * Prior to the removal of the radio work, its callback (cb) is called with
3141 * deinit set to be 1. Each work's callback is responsible for clearing its
3142 * internal data and restoring to a correct state.
3143 * @wpa_s: wpa_supplicant data
3144 * @type: type of works to be removed
3145 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3146 * this interface's works.
3148 void radio_remove_works(struct wpa_supplicant *wpa_s,
3149 const char *type, int remove_all)
3151 struct wpa_radio_work *work, *tmp;
3152 struct wpa_radio *radio = wpa_s->radio;
3154 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3156 if (type && os_strcmp(type, work->type) != 0)
3159 /* skip other ifaces' works */
3160 if (!remove_all && work->wpa_s != wpa_s)
3163 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3164 work->type, work, work->started ? " (started)" : "");
3166 radio_work_free(work);
3169 /* in case we removed the started work */
3170 radio_work_check_next(wpa_s);
3174 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3176 struct wpa_radio *radio = wpa_s->radio;
3181 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3182 wpa_s->ifname, radio->name);
3183 dl_list_del(&wpa_s->radio_list);
3184 if (!dl_list_empty(&radio->ifaces)) {
3185 wpa_s->radio = NULL;
3186 return; /* Interfaces remain for this radio */
3189 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3190 radio_remove_works(wpa_s, NULL, 0);
3191 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3192 wpa_s->radio = NULL;
3197 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3199 struct wpa_radio *radio = wpa_s->radio;
3201 if (dl_list_empty(&radio->work))
3203 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3204 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3209 * radio_add_work - Add a radio work item
3210 * @wpa_s: Pointer to wpa_supplicant data
3211 * @freq: Frequency of the offchannel operation in MHz or 0
3212 * @type: Unique identifier for each type of work
3213 * @next: Force as the next work to be executed
3214 * @cb: Callback function for indicating when radio is available
3215 * @ctx: Context pointer for the work (work->ctx in cb())
3216 * Returns: 0 on success, -1 on failure
3218 * This function is used to request time for an operation that requires
3219 * exclusive radio control. Once the radio is available, the registered callback
3220 * function will be called. radio_work_done() must be called once the exclusive
3221 * radio operation has been completed, so that the radio is freed for other
3222 * operations. The special case of deinit=1 is used to free the context data
3223 * during interface removal. That does not allow the callback function to start
3224 * the radio operation, i.e., it must free any resources allocated for the radio
3227 * The @freq parameter can be used to indicate a single channel on which the
3228 * offchannel operation will occur. This may allow multiple radio work
3229 * operations to be performed in parallel if they apply for the same channel.
3230 * Setting this to 0 indicates that the work item may use multiple channels or
3231 * requires exclusive control of the radio.
3233 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3234 const char *type, int next,
3235 void (*cb)(struct wpa_radio_work *work, int deinit),
3238 struct wpa_radio_work *work;
3241 work = os_zalloc(sizeof(*work));
3244 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3245 os_get_reltime(&work->time);
3248 work->wpa_s = wpa_s;
3252 was_empty = dl_list_empty(&wpa_s->radio->work);
3254 dl_list_add(&wpa_s->radio->work, &work->list);
3256 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3258 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3259 radio_work_check_next(wpa_s);
3267 * radio_work_done - Indicate that a radio work item has been completed
3268 * @work: Completed work
3270 * This function is called once the callback function registered with
3271 * radio_add_work() has completed its work.
3273 void radio_work_done(struct wpa_radio_work *work)
3275 struct wpa_supplicant *wpa_s = work->wpa_s;
3276 struct os_reltime now, diff;
3277 unsigned int started = work->started;
3279 os_get_reltime(&now);
3280 os_reltime_sub(&now, &work->time, &diff);
3281 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3282 work->type, work, started ? "done" : "canceled",
3283 diff.sec, diff.usec);
3284 radio_work_free(work);
3286 radio_work_check_next(wpa_s);
3290 int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3292 struct wpa_radio_work *work;
3293 struct wpa_radio *radio = wpa_s->radio;
3295 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3296 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3304 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3305 struct wpa_interface *iface)
3307 const char *ifname, *driver, *rn;
3309 driver = iface->driver;
3311 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3314 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3315 if (wpa_s->drv_priv == NULL) {
3317 pos = driver ? os_strchr(driver, ',') : NULL;
3319 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3320 "driver interface - try next driver wrapper");
3324 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3328 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3329 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3330 "driver_param '%s'", wpa_s->conf->driver_param);
3334 ifname = wpa_drv_get_ifname(wpa_s);
3335 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3336 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3337 "interface name with '%s'", ifname);
3338 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3341 if (wpa_s->driver->get_radio_name)
3342 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3345 if (rn && rn[0] == '\0')
3348 wpa_s->radio = radio_add_interface(wpa_s, rn);
3349 if (wpa_s->radio == NULL)
3356 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3357 struct wpa_interface *iface)
3359 struct wpa_driver_capa capa;
3361 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3362 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3363 iface->confname ? iface->confname : "N/A",
3364 iface->driver ? iface->driver : "default",
3365 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3366 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3368 if (iface->confname) {
3369 #ifdef CONFIG_BACKEND_FILE
3370 wpa_s->confname = os_rel2abs_path(iface->confname);
3371 if (wpa_s->confname == NULL) {
3372 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3373 "for configuration file '%s'.",
3377 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3378 iface->confname, wpa_s->confname);
3379 #else /* CONFIG_BACKEND_FILE */
3380 wpa_s->confname = os_strdup(iface->confname);
3381 #endif /* CONFIG_BACKEND_FILE */
3382 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3383 if (wpa_s->conf == NULL) {
3384 wpa_printf(MSG_ERROR, "Failed to read or parse "
3385 "configuration '%s'.", wpa_s->confname);
3388 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3389 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3392 wpa_s->conf_p2p_dev = os_rel2abs_path(iface->conf_p2p_dev);
3393 wpa_config_read(wpa_s->conf_p2p_dev, wpa_s->conf);
3394 #endif /* CONFIG_P2P */
3397 * Override ctrl_interface and driver_param if set on command
3400 if (iface->ctrl_interface) {
3401 os_free(wpa_s->conf->ctrl_interface);
3402 wpa_s->conf->ctrl_interface =
3403 os_strdup(iface->ctrl_interface);
3406 if (iface->driver_param) {
3407 os_free(wpa_s->conf->driver_param);
3408 wpa_s->conf->driver_param =
3409 os_strdup(iface->driver_param);
3412 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3413 os_free(wpa_s->conf->ctrl_interface);
3414 wpa_s->conf->ctrl_interface = NULL;
3417 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3418 iface->driver_param);
3420 if (wpa_s->conf == NULL) {
3421 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3425 if (iface->ifname == NULL) {
3426 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3429 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3430 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3434 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3436 if (iface->bridge_ifname) {
3437 if (os_strlen(iface->bridge_ifname) >=
3438 sizeof(wpa_s->bridge_ifname)) {
3439 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3440 "name '%s'.", iface->bridge_ifname);
3443 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3444 sizeof(wpa_s->bridge_ifname));
3447 /* RSNA Supplicant Key Management - INITIALIZE */
3448 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3449 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3451 /* Initialize driver interface and register driver event handler before
3452 * L2 receive handler so that association events are processed before
3453 * EAPOL-Key packets if both become available for the same select()
3455 if (wpas_init_driver(wpa_s, iface) < 0)
3458 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3461 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3462 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3464 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3466 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3467 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3468 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3469 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3470 "dot11RSNAConfigPMKLifetime");
3474 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3475 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3476 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3477 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3478 "dot11RSNAConfigPMKReauthThreshold");
3482 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3483 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3484 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3485 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3486 "dot11RSNAConfigSATimeout");
3490 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3491 &wpa_s->hw.num_modes,
3494 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3495 wpa_s->drv_capa_known = 1;
3496 wpa_s->drv_flags = capa.flags;
3497 wpa_s->drv_enc = capa.enc;
3498 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3499 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3500 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3501 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3502 wpa_s->max_match_sets = capa.max_match_sets;
3503 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3504 wpa_s->max_stations = capa.max_stations;
3505 wpa_s->extended_capa = capa.extended_capa;
3506 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3507 wpa_s->extended_capa_len = capa.extended_capa_len;
3508 wpa_s->num_multichan_concurrent =
3509 capa.num_multichan_concurrent;
3511 if (wpa_s->max_remain_on_chan == 0)
3512 wpa_s->max_remain_on_chan = 1000;
3515 * Only take p2p_mgmt parameters when P2P Device is supported.
3516 * Doing it here as it determines whether l2_packet_init() will be done
3517 * during wpa_supplicant_driver_init().
3519 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3520 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3522 iface->p2p_mgmt = 1;
3524 if (wpa_s->num_multichan_concurrent == 0)
3525 wpa_s->num_multichan_concurrent = 1;
3527 if (wpa_supplicant_driver_init(wpa_s) < 0)
3531 if ((!iface->p2p_mgmt ||
3532 !(wpa_s->drv_flags &
3533 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3534 wpa_tdls_init(wpa_s->wpa))
3536 #endif /* CONFIG_TDLS */
3538 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3539 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3540 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3544 if (wpas_wps_init(wpa_s))
3547 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3549 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3551 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3552 if (wpa_s->ctrl_iface == NULL) {
3553 wpa_printf(MSG_ERROR,
3554 "Failed to initialize control interface '%s'.\n"
3555 "You may have another wpa_supplicant process "
3556 "already running or the file was\n"
3557 "left by an unclean termination of wpa_supplicant "
3558 "in which case you will need\n"
3559 "to manually remove this file before starting "
3560 "wpa_supplicant again.\n",
3561 wpa_s->conf->ctrl_interface);
3565 wpa_s->gas = gas_query_init(wpa_s);
3566 if (wpa_s->gas == NULL) {
3567 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3572 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3573 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3576 #endif /* CONFIG_P2P */
3578 if (wpa_bss_init(wpa_s) < 0)
3581 #ifdef CONFIG_EAP_PROXY
3584 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3586 if (wpa_s->mnc_len > 0) {
3587 wpa_s->imsi[len] = '\0';
3588 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3589 wpa_s->imsi, wpa_s->mnc_len);
3591 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3594 #endif /* CONFIG_EAP_PROXY */
3596 if (pcsc_reader_init(wpa_s) < 0)
3599 if (wpas_init_ext_pw(wpa_s) < 0)
3606 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3607 int notify, int terminate)
3609 wpa_s->disconnected = 1;
3610 if (wpa_s->drv_priv) {
3611 wpa_supplicant_deauthenticate(wpa_s,
3612 WLAN_REASON_DEAUTH_LEAVING);
3614 wpa_drv_set_countermeasures(wpa_s, 0);
3615 wpa_clear_keys(wpa_s, NULL);
3618 wpa_supplicant_cleanup(wpa_s);
3621 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3622 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3623 "the management interface is being removed");
3624 wpas_p2p_deinit_global(wpa_s->global);
3626 #endif /* CONFIG_P2P */
3628 wpas_ctrl_radio_work_flush(wpa_s);
3629 radio_remove_interface(wpa_s);
3631 if (wpa_s->drv_priv)
3632 wpa_drv_deinit(wpa_s);
3635 wpas_notify_iface_removed(wpa_s);
3638 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3640 if (wpa_s->ctrl_iface) {
3641 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3642 wpa_s->ctrl_iface = NULL;
3645 if (wpa_s->conf != NULL) {
3646 wpa_config_free(wpa_s->conf);
3655 * wpa_supplicant_add_iface - Add a new network interface
3656 * @global: Pointer to global data from wpa_supplicant_init()
3657 * @iface: Interface configuration options
3658 * Returns: Pointer to the created interface or %NULL on failure
3660 * This function is used to add new network interfaces for %wpa_supplicant.
3661 * This can be called before wpa_supplicant_run() to add interfaces before the
3662 * main event loop has been started. In addition, new interfaces can be added
3663 * dynamically while %wpa_supplicant is already running. This could happen,
3664 * e.g., when a hotplug network adapter is inserted.
3666 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3667 struct wpa_interface *iface)
3669 struct wpa_supplicant *wpa_s;
3670 struct wpa_interface t_iface;
3671 struct wpa_ssid *ssid;
3673 if (global == NULL || iface == NULL)
3676 wpa_s = wpa_supplicant_alloc();
3680 wpa_s->global = global;
3683 if (global->params.override_driver) {
3684 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3686 iface->driver, global->params.override_driver);
3687 t_iface.driver = global->params.override_driver;
3689 if (global->params.override_ctrl_interface) {
3690 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3691 "ctrl_interface ('%s' -> '%s')",
3692 iface->ctrl_interface,
3693 global->params.override_ctrl_interface);
3694 t_iface.ctrl_interface =
3695 global->params.override_ctrl_interface;
3697 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3698 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3700 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3704 /* Notify the control interfaces about new iface */
3705 if (wpas_notify_iface_added(wpa_s)) {
3706 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3710 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3711 wpas_notify_network_added(wpa_s, ssid);
3713 wpa_s->next = global->ifaces;
3714 global->ifaces = wpa_s;
3716 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3717 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3724 * wpa_supplicant_remove_iface - Remove a network interface
3725 * @global: Pointer to global data from wpa_supplicant_init()
3726 * @wpa_s: Pointer to the network interface to be removed
3727 * Returns: 0 if interface was removed, -1 if interface was not found
3729 * This function can be used to dynamically remove network interfaces from
3730 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3731 * addition, this function is used to remove all remaining interfaces when
3732 * %wpa_supplicant is terminated.
3734 int wpa_supplicant_remove_iface(struct wpa_global *global,
3735 struct wpa_supplicant *wpa_s,
3738 struct wpa_supplicant *prev;
3740 /* Remove interface from the global list of interfaces */
3741 prev = global->ifaces;
3742 if (prev == wpa_s) {
3743 global->ifaces = wpa_s->next;
3745 while (prev && prev->next != wpa_s)
3749 prev->next = wpa_s->next;
3752 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3754 if (global->p2p_group_formation == wpa_s)
3755 global->p2p_group_formation = NULL;
3756 if (global->p2p_invite_group == wpa_s)
3757 global->p2p_invite_group = NULL;
3758 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3765 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3766 * @wpa_s: Pointer to the network interface
3767 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3769 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3771 const char *eapol_method;
3773 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3774 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3778 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3779 if (eapol_method == NULL)
3780 return "UNKNOWN-EAP";
3782 return eapol_method;
3787 * wpa_supplicant_get_iface - Get a new network interface
3788 * @global: Pointer to global data from wpa_supplicant_init()
3789 * @ifname: Interface name
3790 * Returns: Pointer to the interface or %NULL if not found
3792 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3795 struct wpa_supplicant *wpa_s;
3797 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3798 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3805 #ifndef CONFIG_NO_WPA_MSG
3806 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3808 struct wpa_supplicant *wpa_s = ctx;
3811 return wpa_s->ifname;
3813 #endif /* CONFIG_NO_WPA_MSG */
3817 * wpa_supplicant_init - Initialize %wpa_supplicant
3818 * @params: Parameters for %wpa_supplicant
3819 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3821 * This function is used to initialize %wpa_supplicant. After successful
3822 * initialization, the returned data pointer can be used to add and remove
3823 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3825 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3827 struct wpa_global *global;
3833 #ifdef CONFIG_DRIVER_NDIS
3835 void driver_ndis_init_ops(void);
3836 driver_ndis_init_ops();
3838 #endif /* CONFIG_DRIVER_NDIS */
3840 #ifndef CONFIG_NO_WPA_MSG
3841 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3842 #endif /* CONFIG_NO_WPA_MSG */
3844 wpa_debug_open_file(params->wpa_debug_file_path);
3845 if (params->wpa_debug_syslog)
3846 wpa_debug_open_syslog();
3847 if (params->wpa_debug_tracing) {
3848 ret = wpa_debug_open_linux_tracing();
3850 wpa_printf(MSG_ERROR,
3851 "Failed to enable trace logging");
3856 ret = eap_register_methods();
3858 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3860 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3861 "the same EAP type.");
3865 global = os_zalloc(sizeof(*global));
3868 dl_list_init(&global->p2p_srv_bonjour);
3869 dl_list_init(&global->p2p_srv_upnp);
3870 global->params.daemonize = params->daemonize;
3871 global->params.wait_for_monitor = params->wait_for_monitor;
3872 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3873 if (params->pid_file)
3874 global->params.pid_file = os_strdup(params->pid_file);
3875 if (params->ctrl_interface)
3876 global->params.ctrl_interface =
3877 os_strdup(params->ctrl_interface);
3878 if (params->ctrl_interface_group)
3879 global->params.ctrl_interface_group =
3880 os_strdup(params->ctrl_interface_group);
3881 if (params->override_driver)
3882 global->params.override_driver =
3883 os_strdup(params->override_driver);
3884 if (params->override_ctrl_interface)
3885 global->params.override_ctrl_interface =
3886 os_strdup(params->override_ctrl_interface);
3887 wpa_debug_level = global->params.wpa_debug_level =
3888 params->wpa_debug_level;
3889 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3890 params->wpa_debug_show_keys;
3891 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3892 params->wpa_debug_timestamp;
3894 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3897 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3898 wpa_supplicant_deinit(global);
3902 random_init(params->entropy_file);
3904 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3905 if (global->ctrl_iface == NULL) {
3906 wpa_supplicant_deinit(global);
3910 if (wpas_notify_supplicant_initialized(global)) {
3911 wpa_supplicant_deinit(global);
3915 for (i = 0; wpa_drivers[i]; i++)
3916 global->drv_count++;
3917 if (global->drv_count == 0) {
3918 wpa_printf(MSG_ERROR, "No drivers enabled");
3919 wpa_supplicant_deinit(global);
3922 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3923 if (global->drv_priv == NULL) {
3924 wpa_supplicant_deinit(global);
3928 #ifdef CONFIG_WIFI_DISPLAY
3929 if (wifi_display_init(global) < 0) {
3930 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3931 wpa_supplicant_deinit(global);
3934 #endif /* CONFIG_WIFI_DISPLAY */
3941 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3942 * @global: Pointer to global data from wpa_supplicant_init()
3943 * Returns: 0 after successful event loop run, -1 on failure
3945 * This function starts the main event loop and continues running as long as
3946 * there are any remaining events. In most cases, this function is running as
3947 * long as the %wpa_supplicant process in still in use.
3949 int wpa_supplicant_run(struct wpa_global *global)
3951 struct wpa_supplicant *wpa_s;
3953 if (global->params.daemonize &&
3954 wpa_supplicant_daemon(global->params.pid_file))
3957 if (global->params.wait_for_monitor) {
3958 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3959 if (wpa_s->ctrl_iface)
3960 wpa_supplicant_ctrl_iface_wait(
3964 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3965 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3974 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3975 * @global: Pointer to global data from wpa_supplicant_init()
3977 * This function is called to deinitialize %wpa_supplicant and to free all
3978 * allocated resources. Remaining network interfaces will also be removed.
3980 void wpa_supplicant_deinit(struct wpa_global *global)
3987 #ifdef CONFIG_WIFI_DISPLAY
3988 wifi_display_deinit(global);
3989 #endif /* CONFIG_WIFI_DISPLAY */
3991 while (global->ifaces)
3992 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3994 if (global->ctrl_iface)
3995 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3997 wpas_notify_supplicant_deinitialized(global);
3999 eap_peer_unregister_methods();
4001 eap_server_unregister_methods();
4002 #endif /* CONFIG_AP */
4004 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4005 if (!global->drv_priv[i])
4007 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4009 os_free(global->drv_priv);
4015 if (global->params.pid_file) {
4016 os_daemonize_terminate(global->params.pid_file);
4017 os_free(global->params.pid_file);
4019 os_free(global->params.ctrl_interface);
4020 os_free(global->params.ctrl_interface_group);
4021 os_free(global->params.override_driver);
4022 os_free(global->params.override_ctrl_interface);
4024 os_free(global->p2p_disallow_freq.range);
4025 os_free(global->p2p_go_avoid_freq.range);
4026 os_free(global->add_psk);
4029 wpa_debug_close_syslog();
4030 wpa_debug_close_file();
4031 wpa_debug_close_linux_tracing();
4035 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4037 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4038 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4040 country[0] = wpa_s->conf->country[0];
4041 country[1] = wpa_s->conf->country[1];
4043 if (wpa_drv_set_country(wpa_s, country) < 0) {
4044 wpa_printf(MSG_ERROR, "Failed to set country code "
4049 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4050 wpas_init_ext_pw(wpa_s);
4053 wpas_wps_update_config(wpa_s);
4054 #endif /* CONFIG_WPS */
4057 wpas_p2p_update_config(wpa_s);
4058 #endif /* CONFIG_P2P */
4060 wpa_s->conf->changed_parameters = 0;
4064 static void add_freq(int *freqs, int *num_freqs, int freq)
4068 for (i = 0; i < *num_freqs; i++) {
4069 if (freqs[i] == freq)
4073 freqs[*num_freqs] = freq;
4078 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4080 struct wpa_bss *bss, *cbss;
4081 const int max_freqs = 10;
4085 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4089 cbss = wpa_s->current_bss;
4091 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4094 if (bss->ssid_len == cbss->ssid_len &&
4095 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4096 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4097 add_freq(freqs, &num_freqs, bss->freq);
4098 if (num_freqs == max_freqs)
4103 if (num_freqs == 0) {
4112 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4118 wpas_connect_work_done(wpa_s);
4121 * Remove possible authentication timeout since the connection failed.
4123 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4125 if (wpa_s->disconnected) {
4127 * There is no point in blacklisting the AP if this event is
4128 * generated based on local request to disconnect.
4130 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4131 "indication since interface has been put into "
4132 "disconnected state");
4137 * Add the failed BSSID into the blacklist and speed up next scan
4138 * attempt if there could be other APs that could accept association.
4139 * The current blacklist count indicates how many times we have tried
4140 * connecting to this AP and multiple attempts mean that other APs are
4141 * either not available or has already been tried, so that we can start
4142 * increasing the delay here to avoid constant scanning.
4144 count = wpa_blacklist_add(wpa_s, bssid);
4145 if (count == 1 && wpa_s->current_bss) {
4147 * This BSS was not in the blacklist before. If there is
4148 * another BSS available for the same ESS, we should try that
4149 * next. Otherwise, we may as well try this one once more
4150 * before allowing other, likely worse, ESSes to be considered.
4152 freqs = get_bss_freqs_in_ess(wpa_s);
4154 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4155 "has been seen; try it next");
4156 wpa_blacklist_add(wpa_s, bssid);
4158 * On the next scan, go through only the known channels
4159 * used in this ESS based on previous scans to speed up
4160 * common load balancing use case.
4162 os_free(wpa_s->next_scan_freqs);
4163 wpa_s->next_scan_freqs = freqs;
4168 * Add previous failure count in case the temporary blacklist was
4169 * cleared due to no other BSSes being available.
4171 count += wpa_s->extra_blacklist_count;
4173 if (count > 3 && wpa_s->current_ssid) {
4174 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4175 "consider temporary network disabling");
4176 wpas_auth_failed(wpa_s);
4197 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4198 "ms", count, timeout);
4201 * TODO: if more than one possible AP is available in scan results,
4202 * could try the other ones before requesting a new scan.
4204 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4205 1000 * (timeout % 1000));
4209 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4211 return wpa_s->conf->ap_scan == 2 ||
4212 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4216 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4217 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4218 struct wpa_ssid *ssid,
4222 #ifdef IEEE8021X_EAPOL
4223 struct eap_peer_config *eap = &ssid->eap;
4225 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4226 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4227 (const u8 *) value, os_strlen(value));
4229 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4230 case WPA_CTRL_REQ_EAP_IDENTITY:
4231 os_free(eap->identity);
4232 eap->identity = (u8 *) os_strdup(value);
4233 eap->identity_len = os_strlen(value);
4234 eap->pending_req_identity = 0;
4235 if (ssid == wpa_s->current_ssid)
4236 wpa_s->reassociate = 1;
4238 case WPA_CTRL_REQ_EAP_PASSWORD:
4239 os_free(eap->password);
4240 eap->password = (u8 *) os_strdup(value);
4241 eap->password_len = os_strlen(value);
4242 eap->pending_req_password = 0;
4243 if (ssid == wpa_s->current_ssid)
4244 wpa_s->reassociate = 1;
4246 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4247 os_free(eap->new_password);
4248 eap->new_password = (u8 *) os_strdup(value);
4249 eap->new_password_len = os_strlen(value);
4250 eap->pending_req_new_password = 0;
4251 if (ssid == wpa_s->current_ssid)
4252 wpa_s->reassociate = 1;
4254 case WPA_CTRL_REQ_EAP_PIN:
4256 eap->pin = os_strdup(value);
4257 eap->pending_req_pin = 0;
4258 if (ssid == wpa_s->current_ssid)
4259 wpa_s->reassociate = 1;
4261 case WPA_CTRL_REQ_EAP_OTP:
4263 eap->otp = (u8 *) os_strdup(value);
4264 eap->otp_len = os_strlen(value);
4265 os_free(eap->pending_req_otp);
4266 eap->pending_req_otp = NULL;
4267 eap->pending_req_otp_len = 0;
4269 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4270 os_free(eap->private_key_passwd);
4271 eap->private_key_passwd = (u8 *) os_strdup(value);
4272 eap->pending_req_passphrase = 0;
4273 if (ssid == wpa_s->current_ssid)
4274 wpa_s->reassociate = 1;
4276 case WPA_CTRL_REQ_SIM:
4277 os_free(eap->external_sim_resp);
4278 eap->external_sim_resp = os_strdup(value);
4281 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4286 #else /* IEEE8021X_EAPOL */
4287 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4289 #endif /* IEEE8021X_EAPOL */
4291 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4294 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4297 unsigned int drv_enc;
4305 if (wpa_s && wpa_s->drv_capa_known)
4306 drv_enc = wpa_s->drv_enc;
4308 drv_enc = (unsigned int) -1;
4310 for (i = 0; i < NUM_WEP_KEYS; i++) {
4311 size_t len = ssid->wep_key_len[i];
4314 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4316 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4318 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4320 return 1; /* invalid WEP key */
4323 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4331 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4333 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4335 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4341 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4343 struct wpa_ssid *ssid = wpa_s->current_ssid;
4345 struct os_reltime now;
4348 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4353 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4356 ssid->auth_failures++;
4359 if (ssid->p2p_group &&
4360 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4362 * Skip the wait time since there is a short timeout on the
4363 * connection to a P2P group.
4367 #endif /* CONFIG_P2P */
4369 if (ssid->auth_failures > 50)
4371 else if (ssid->auth_failures > 10)
4373 else if (ssid->auth_failures > 5)
4375 else if (ssid->auth_failures > 3)
4377 else if (ssid->auth_failures > 2)
4379 else if (ssid->auth_failures > 1)
4384 if (ssid->auth_failures > 1 &&
4385 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4386 dur += os_random() % (ssid->auth_failures * 10);
4388 os_get_reltime(&now);
4389 if (now.sec + dur <= ssid->disabled_until.sec)
4392 ssid->disabled_until.sec = now.sec + dur;
4394 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4395 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4396 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4397 ssid->auth_failures, dur);
4401 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4402 struct wpa_ssid *ssid, int clear_failures)
4407 if (ssid->disabled_until.sec) {
4408 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4409 "id=%d ssid=\"%s\"",
4410 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4412 ssid->disabled_until.sec = 0;
4413 ssid->disabled_until.usec = 0;
4415 ssid->auth_failures = 0;
4419 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4423 if (wpa_s->disallow_aps_bssid == NULL)
4426 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4427 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4428 bssid, ETH_ALEN) == 0)
4436 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4441 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4444 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4445 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4446 if (ssid_len == s->ssid_len &&
4447 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4456 * wpas_request_connection - Request a new connection
4457 * @wpa_s: Pointer to the network interface
4459 * This function is used to request a new connection to be found. It will mark
4460 * the interface to allow reassociation and request a new scan to find a
4461 * suitable network to connect to.
4463 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4465 wpa_s->normal_scans = 0;
4466 wpa_supplicant_reinit_autoscan(wpa_s);
4467 wpa_s->extra_blacklist_count = 0;
4468 wpa_s->disconnected = 0;
4469 wpa_s->reassociate = 1;
4471 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4472 wpa_supplicant_req_scan(wpa_s, 0, 0);
4476 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4477 int *freq_array, unsigned int len)
4481 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4483 for (i = 0; i < len; i++)
4484 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4489 * Find the operating frequencies of any of the virtual interfaces that
4490 * are using the same radio as the current interface.
4492 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4493 int *freq_array, unsigned int len)
4495 struct wpa_supplicant *ifs;
4498 unsigned int idx = 0, i;
4500 wpa_dbg(wpa_s, MSG_DEBUG,
4501 "Determining shared radio frequencies (max len %u)", len);
4502 os_memset(freq_array, 0, sizeof(int) * len);
4504 /* First add the frequency of the local interface */
4505 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4506 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4507 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4508 freq_array[idx++] = wpa_s->current_ssid->frequency;
4509 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4510 freq_array[idx++] = wpa_s->assoc_freq;
4513 /* If get_radio_name is not supported, use only the local freq */
4514 if (!wpa_s->driver->get_radio_name) {
4515 freq = wpa_drv_shared_freq(wpa_s);
4516 if (freq > 0 && idx < len &&
4517 (idx == 0 || freq_array[0] != freq))
4518 freq_array[idx++] = freq;
4519 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4523 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4528 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4531 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4532 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4533 freq = ifs->current_ssid->frequency;
4534 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4535 freq = ifs->assoc_freq;
4539 /* Hold only distinct freqs */
4540 for (i = 0; i < idx; i++)
4541 if (freq_array[i] == freq)
4545 freq_array[idx++] = freq;
4548 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);