3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
56 const char *wpa_supplicant_version =
57 "wpa_supplicant v" VERSION_STR "\n"
58 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
60 const char *wpa_supplicant_license =
61 "This software may be distributed under the terms of the BSD license.\n"
62 "See README for more details.\n"
63 #ifdef EAP_TLS_OPENSSL
64 "\nThis product includes software developed by the OpenSSL Project\n"
65 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
66 #endif /* EAP_TLS_OPENSSL */
69 #ifndef CONFIG_NO_STDOUT_DEBUG
70 /* Long text divided into parts in order to fit in C89 strings size limits. */
71 const char *wpa_supplicant_full_license1 =
73 const char *wpa_supplicant_full_license2 =
74 "This software may be distributed under the terms of the BSD license.\n"
76 "Redistribution and use in source and binary forms, with or without\n"
77 "modification, are permitted provided that the following conditions are\n"
80 const char *wpa_supplicant_full_license3 =
81 "1. Redistributions of source code must retain the above copyright\n"
82 " notice, this list of conditions and the following disclaimer.\n"
84 "2. Redistributions in binary form must reproduce the above copyright\n"
85 " notice, this list of conditions and the following disclaimer in the\n"
86 " documentation and/or other materials provided with the distribution.\n"
88 const char *wpa_supplicant_full_license4 =
89 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
90 " names of its contributors may be used to endorse or promote products\n"
91 " derived from this software without specific prior written permission.\n"
93 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
94 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
95 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
96 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
97 const char *wpa_supplicant_full_license5 =
98 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
99 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
100 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
101 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
102 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
103 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
104 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
106 #endif /* CONFIG_NO_STDOUT_DEBUG */
108 /* Configure default/group WEP keys for static WEP */
109 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
113 for (i = 0; i < NUM_WEP_KEYS; i++) {
114 if (ssid->wep_key_len[i] == 0)
118 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
119 i, i == ssid->wep_tx_keyidx, NULL, 0,
120 ssid->wep_key[i], ssid->wep_key_len[i]);
127 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
128 struct wpa_ssid *ssid)
135 /* IBSS/WPA-None uses only one key (Group) for both receiving and
136 * sending unicast and multicast packets. */
138 if (ssid->mode != WPAS_MODE_IBSS) {
139 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
140 "IBSS/ad-hoc) for WPA-None", ssid->mode);
144 if (!ssid->psk_set) {
145 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
150 switch (wpa_s->group_cipher) {
151 case WPA_CIPHER_CCMP:
152 os_memcpy(key, ssid->psk, 16);
156 case WPA_CIPHER_GCMP:
157 os_memcpy(key, ssid->psk, 16);
161 case WPA_CIPHER_TKIP:
162 /* WPA-None uses the same Michael MIC key for both TX and RX */
163 os_memcpy(key, ssid->psk, 16 + 8);
164 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
169 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
170 "WPA-None", wpa_s->group_cipher);
174 /* TODO: should actually remember the previously used seq#, both for TX
175 * and RX from each STA.. */
177 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
181 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
183 struct wpa_supplicant *wpa_s = eloop_ctx;
184 const u8 *bssid = wpa_s->bssid;
185 if (is_zero_ether_addr(bssid))
186 bssid = wpa_s->pending_bssid;
187 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
189 wpa_blacklist_add(wpa_s, bssid);
190 wpa_sm_notify_disassoc(wpa_s->wpa);
191 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
192 wpa_s->reassociate = 1;
195 * If we timed out, the AP or the local radio may be busy.
196 * So, wait a second until scanning again.
198 wpa_supplicant_req_scan(wpa_s, 1, 0);
203 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
204 * @wpa_s: Pointer to wpa_supplicant data
205 * @sec: Number of seconds after which to time out authentication
206 * @usec: Number of microseconds after which to time out authentication
208 * This function is used to schedule a timeout for the current authentication
211 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
214 if (wpa_s->conf->ap_scan == 0 &&
215 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
218 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
219 "%d usec", sec, usec);
220 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
221 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
226 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
227 * @wpa_s: Pointer to wpa_supplicant data
229 * This function is used to cancel authentication timeout scheduled with
230 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
233 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
235 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
236 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
237 wpa_blacklist_del(wpa_s, wpa_s->bssid);
242 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
243 * @wpa_s: Pointer to wpa_supplicant data
245 * This function is used to configure EAPOL state machine based on the selected
246 * authentication mode.
248 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
250 #ifdef IEEE8021X_EAPOL
251 struct eapol_config eapol_conf;
252 struct wpa_ssid *ssid = wpa_s->current_ssid;
254 #ifdef CONFIG_IBSS_RSN
255 if (ssid->mode == WPAS_MODE_IBSS &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
257 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
259 * RSN IBSS authentication is per-STA and we can disable the
260 * per-BSSID EAPOL authentication.
262 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
263 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
264 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
267 #endif /* CONFIG_IBSS_RSN */
269 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
272 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
273 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
276 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
278 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
279 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
280 eapol_conf.accept_802_1x_keys = 1;
281 eapol_conf.required_keys = 0;
282 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
283 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
285 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
286 eapol_conf.required_keys |=
287 EAPOL_REQUIRE_KEY_BROADCAST;
290 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
291 eapol_conf.required_keys = 0;
293 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
294 eapol_conf.workaround = ssid->eap_workaround;
295 eapol_conf.eap_disabled =
296 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
298 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
299 eapol_conf.external_sim = wpa_s->conf->external_sim;
300 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
301 #endif /* IEEE8021X_EAPOL */
303 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
308 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
309 * @wpa_s: Pointer to wpa_supplicant data
310 * @ssid: Configuration data for the network
312 * This function is used to configure WPA state machine and related parameters
313 * to a mode where WPA is not enabled. This is called as part of the
314 * authentication configuration when the selected network does not use WPA.
316 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
317 struct wpa_ssid *ssid)
321 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
322 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
323 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
324 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
326 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
327 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
328 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
329 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
330 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
331 wpa_s->group_cipher = WPA_CIPHER_NONE;
332 wpa_s->mgmt_group_cipher = 0;
334 for (i = 0; i < NUM_WEP_KEYS; i++) {
335 if (ssid->wep_key_len[i] > 5) {
336 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
337 wpa_s->group_cipher = WPA_CIPHER_WEP104;
339 } else if (ssid->wep_key_len[i] > 0) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
341 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
349 wpa_s->pairwise_cipher);
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
351 #ifdef CONFIG_IEEE80211W
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
353 wpa_s->mgmt_group_cipher);
354 #endif /* CONFIG_IEEE80211W */
356 pmksa_cache_clear_current(wpa_s->wpa);
360 void free_hw_features(struct wpa_supplicant *wpa_s)
363 if (wpa_s->hw.modes == NULL)
366 for (i = 0; i < wpa_s->hw.num_modes; i++) {
367 os_free(wpa_s->hw.modes[i].channels);
368 os_free(wpa_s->hw.modes[i].rates);
371 os_free(wpa_s->hw.modes);
372 wpa_s->hw.modes = NULL;
376 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
380 bgscan_deinit(wpa_s);
381 autoscan_deinit(wpa_s);
382 scard_deinit(wpa_s->scard);
384 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
385 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
386 l2_packet_deinit(wpa_s->l2);
389 l2_packet_deinit(wpa_s->l2_br);
393 if (wpa_s->conf != NULL) {
394 struct wpa_ssid *ssid;
395 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
396 wpas_notify_network_removed(wpa_s, ssid);
399 os_free(wpa_s->confname);
400 wpa_s->confname = NULL;
402 os_free(wpa_s->confanother);
403 wpa_s->confanother = NULL;
406 os_free(wpa_s->conf_p2p_dev);
407 wpa_s->conf_p2p_dev = NULL;
408 #endif /* CONFIG_P2P */
410 wpa_sm_set_eapol(wpa_s->wpa, NULL);
411 eapol_sm_deinit(wpa_s->eapol);
414 rsn_preauth_deinit(wpa_s->wpa);
417 wpa_tdls_deinit(wpa_s->wpa);
418 #endif /* CONFIG_TDLS */
420 pmksa_candidate_free(wpa_s->wpa);
421 wpa_sm_deinit(wpa_s->wpa);
423 wpa_blacklist_clear(wpa_s);
425 wpa_bss_deinit(wpa_s);
427 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
428 wpa_supplicant_cancel_scan(wpa_s);
429 wpa_supplicant_cancel_auth_timeout(wpa_s);
430 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
431 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
432 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
434 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
436 wpas_wps_deinit(wpa_s);
438 wpabuf_free(wpa_s->pending_eapol_rx);
439 wpa_s->pending_eapol_rx = NULL;
441 #ifdef CONFIG_IBSS_RSN
442 ibss_rsn_deinit(wpa_s->ibss_rsn);
443 wpa_s->ibss_rsn = NULL;
444 #endif /* CONFIG_IBSS_RSN */
449 wpa_supplicant_ap_deinit(wpa_s);
450 #endif /* CONFIG_AP */
452 wpas_p2p_deinit(wpa_s);
454 #ifdef CONFIG_OFFCHANNEL
455 offchannel_deinit(wpa_s);
456 #endif /* CONFIG_OFFCHANNEL */
458 wpa_supplicant_cancel_sched_scan(wpa_s);
460 os_free(wpa_s->next_scan_freqs);
461 wpa_s->next_scan_freqs = NULL;
463 os_free(wpa_s->manual_scan_freqs);
464 wpa_s->manual_scan_freqs = NULL;
466 os_free(wpa_s->manual_sched_scan_freqs);
467 wpa_s->manual_sched_scan_freqs = NULL;
469 gas_query_deinit(wpa_s->gas);
472 free_hw_features(wpa_s);
474 ieee802_1x_dealloc_kay_sm(wpa_s);
476 os_free(wpa_s->bssid_filter);
477 wpa_s->bssid_filter = NULL;
479 os_free(wpa_s->disallow_aps_bssid);
480 wpa_s->disallow_aps_bssid = NULL;
481 os_free(wpa_s->disallow_aps_ssid);
482 wpa_s->disallow_aps_ssid = NULL;
484 wnm_bss_keep_alive_deinit(wpa_s);
486 wnm_deallocate_memory(wpa_s);
487 #endif /* CONFIG_WNM */
489 ext_password_deinit(wpa_s->ext_pw);
490 wpa_s->ext_pw = NULL;
492 wpabuf_free(wpa_s->last_gas_resp);
493 wpa_s->last_gas_resp = NULL;
494 wpabuf_free(wpa_s->prev_gas_resp);
495 wpa_s->prev_gas_resp = NULL;
497 os_free(wpa_s->last_scan_res);
498 wpa_s->last_scan_res = NULL;
502 #endif /* CONFIG_HS20 */
504 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
505 wpabuf_free(wpa_s->vendor_elem[i]);
506 wpa_s->vendor_elem[i] = NULL;
512 * wpa_clear_keys - Clear keys configured for the driver
513 * @wpa_s: Pointer to wpa_supplicant data
514 * @addr: Previously used BSSID or %NULL if not available
516 * This function clears the encryption keys that has been previously configured
519 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
523 #ifdef CONFIG_IEEE80211W
525 #else /* CONFIG_IEEE80211W */
527 #endif /* CONFIG_IEEE80211W */
529 /* MLME-DELETEKEYS.request */
530 for (i = 0; i < max; i++) {
531 if (wpa_s->keys_cleared & BIT(i))
533 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
536 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
537 !is_zero_ether_addr(addr)) {
538 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
540 /* MLME-SETPROTECTION.request(None) */
541 wpa_drv_mlme_setprotection(
543 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
544 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
546 wpa_s->keys_cleared = (u32) -1;
551 * wpa_supplicant_state_txt - Get the connection state name as a text string
552 * @state: State (wpa_state; WPA_*)
553 * Returns: The state name as a printable text string
555 const char * wpa_supplicant_state_txt(enum wpa_states state)
558 case WPA_DISCONNECTED:
559 return "DISCONNECTED";
562 case WPA_INTERFACE_DISABLED:
563 return "INTERFACE_DISABLED";
566 case WPA_AUTHENTICATING:
567 return "AUTHENTICATING";
568 case WPA_ASSOCIATING:
569 return "ASSOCIATING";
572 case WPA_4WAY_HANDSHAKE:
573 return "4WAY_HANDSHAKE";
574 case WPA_GROUP_HANDSHAKE:
575 return "GROUP_HANDSHAKE";
586 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
590 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
591 name = wpa_s->current_ssid->bgscan;
593 name = wpa_s->conf->bgscan;
594 if (name == NULL || name[0] == '\0')
596 if (wpas_driver_bss_selection(wpa_s))
598 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
601 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
603 #endif /* CONFIG_P2P */
605 bgscan_deinit(wpa_s);
606 if (wpa_s->current_ssid) {
607 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
608 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
611 * Live without bgscan; it is only used as a roaming
612 * optimization, so the initial connection is not
616 struct wpa_scan_results *scan_res;
617 wpa_s->bgscan_ssid = wpa_s->current_ssid;
618 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
621 bgscan_notify_scan(wpa_s, scan_res);
622 wpa_scan_results_free(scan_res);
626 wpa_s->bgscan_ssid = NULL;
630 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
632 if (wpa_s->bgscan_ssid != NULL) {
633 bgscan_deinit(wpa_s);
634 wpa_s->bgscan_ssid = NULL;
638 #endif /* CONFIG_BGSCAN */
641 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
643 if (autoscan_init(wpa_s, 0))
644 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
648 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
650 autoscan_deinit(wpa_s);
654 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
656 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
657 wpa_s->wpa_state == WPA_SCANNING) {
658 autoscan_deinit(wpa_s);
659 wpa_supplicant_start_autoscan(wpa_s);
665 * wpa_supplicant_set_state - Set current connection state
666 * @wpa_s: Pointer to wpa_supplicant data
667 * @state: The new connection state
669 * This function is called whenever the connection state changes, e.g.,
670 * association is completed for WPA/WPA2 4-Way Handshake is started.
672 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
673 enum wpa_states state)
675 enum wpa_states old_state = wpa_s->wpa_state;
677 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
678 wpa_supplicant_state_txt(wpa_s->wpa_state),
679 wpa_supplicant_state_txt(state));
681 if (state == WPA_INTERFACE_DISABLED) {
682 /* Assure normal scan when interface is restored */
683 wpa_s->normal_scans = 0;
686 if (state == WPA_COMPLETED) {
687 wpas_connect_work_done(wpa_s);
688 /* Reinitialize normal_scan counter */
689 wpa_s->normal_scans = 0;
692 if (state != WPA_SCANNING)
693 wpa_supplicant_notify_scanning(wpa_s, 0);
695 if (state == WPA_COMPLETED && wpa_s->new_connection) {
696 struct wpa_ssid *ssid = wpa_s->current_ssid;
697 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
698 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
699 MACSTR " completed [id=%d id_str=%s]",
700 MAC2STR(wpa_s->bssid),
701 ssid ? ssid->id : -1,
702 ssid && ssid->id_str ? ssid->id_str : "");
703 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
704 wpas_clear_temp_disabled(wpa_s, ssid, 1);
705 wpa_s->extra_blacklist_count = 0;
706 wpa_s->new_connection = 0;
707 wpa_drv_set_operstate(wpa_s, 1);
708 #ifndef IEEE8021X_EAPOL
709 wpa_drv_set_supp_port(wpa_s, 1);
710 #endif /* IEEE8021X_EAPOL */
711 wpa_s->after_wps = 0;
712 wpa_s->known_wps_freq = 0;
713 wpas_p2p_completed(wpa_s);
715 sme_sched_obss_scan(wpa_s, 1);
716 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
717 state == WPA_ASSOCIATED) {
718 wpa_s->new_connection = 1;
719 wpa_drv_set_operstate(wpa_s, 0);
720 #ifndef IEEE8021X_EAPOL
721 wpa_drv_set_supp_port(wpa_s, 0);
722 #endif /* IEEE8021X_EAPOL */
723 sme_sched_obss_scan(wpa_s, 0);
725 wpa_s->wpa_state = state;
728 if (state == WPA_COMPLETED)
729 wpa_supplicant_start_bgscan(wpa_s);
730 else if (state < WPA_ASSOCIATED)
731 wpa_supplicant_stop_bgscan(wpa_s);
732 #endif /* CONFIG_BGSCAN */
734 if (state == WPA_AUTHENTICATING)
735 wpa_supplicant_stop_autoscan(wpa_s);
737 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
738 wpa_supplicant_start_autoscan(wpa_s);
740 if (wpa_s->wpa_state != old_state) {
741 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
744 * Notify the P2P Device interface about a state change in one
747 wpas_p2p_indicate_state_change(wpa_s);
749 if (wpa_s->wpa_state == WPA_COMPLETED ||
750 old_state == WPA_COMPLETED)
751 wpas_notify_auth_changed(wpa_s);
756 void wpa_supplicant_terminate_proc(struct wpa_global *global)
760 struct wpa_supplicant *wpa_s = global->ifaces;
762 struct wpa_supplicant *next = wpa_s->next;
763 if (wpas_wps_terminate_pending(wpa_s) == 1)
766 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
767 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
768 wpas_p2p_disconnect(wpa_s);
769 #endif /* CONFIG_P2P */
772 #endif /* CONFIG_WPS */
779 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
781 struct wpa_global *global = signal_ctx;
782 wpa_supplicant_terminate_proc(global);
786 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
788 enum wpa_states old_state = wpa_s->wpa_state;
790 wpa_s->pairwise_cipher = 0;
791 wpa_s->group_cipher = 0;
792 wpa_s->mgmt_group_cipher = 0;
794 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
795 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
797 if (wpa_s->wpa_state != old_state)
798 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
803 * wpa_supplicant_reload_configuration - Reload configuration data
804 * @wpa_s: Pointer to wpa_supplicant data
805 * Returns: 0 on success or -1 if configuration parsing failed
807 * This function can be used to request that the configuration data is reloaded
808 * (e.g., after configuration file change). This function is reloading
809 * configuration only for one interface, so this may need to be called multiple
810 * times if %wpa_supplicant is controlling multiple interfaces and all
811 * interfaces need reconfiguration.
813 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
815 struct wpa_config *conf;
819 if (wpa_s->confname == NULL)
821 conf = wpa_config_read(wpa_s->confname, NULL);
823 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
824 "file '%s' - exiting", wpa_s->confname);
827 wpa_config_read(wpa_s->confanother, conf);
829 conf->changed_parameters = (unsigned int) -1;
831 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
832 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
833 os_strcmp(conf->ctrl_interface,
834 wpa_s->conf->ctrl_interface) != 0);
836 if (reconf_ctrl && wpa_s->ctrl_iface) {
837 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
838 wpa_s->ctrl_iface = NULL;
841 eapol_sm_invalidate_cached_session(wpa_s->eapol);
842 if (wpa_s->current_ssid) {
843 wpa_supplicant_deauthenticate(wpa_s,
844 WLAN_REASON_DEAUTH_LEAVING);
848 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
849 * pkcs11_engine_path, pkcs11_module_path.
851 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
853 * Clear forced success to clear EAP state for next
856 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
858 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
859 wpa_sm_set_config(wpa_s->wpa, NULL);
860 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
861 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
862 rsn_preauth_deinit(wpa_s->wpa);
864 old_ap_scan = wpa_s->conf->ap_scan;
865 wpa_config_free(wpa_s->conf);
867 if (old_ap_scan != wpa_s->conf->ap_scan)
868 wpas_notify_ap_scan_changed(wpa_s);
871 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
873 wpa_supplicant_update_config(wpa_s);
875 wpa_supplicant_clear_status(wpa_s);
876 if (wpa_supplicant_enabled_networks(wpa_s)) {
877 wpa_s->reassociate = 1;
878 wpa_supplicant_req_scan(wpa_s, 0, 0);
880 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
885 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
887 struct wpa_global *global = signal_ctx;
888 struct wpa_supplicant *wpa_s;
889 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
890 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
892 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
893 wpa_supplicant_terminate_proc(global);
899 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
900 struct wpa_ssid *ssid,
901 struct wpa_ie_data *ie)
903 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
906 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
907 "from association info");
912 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
914 if (!(ie->group_cipher & ssid->group_cipher)) {
915 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
916 "cipher 0x%x (mask 0x%x) - reject",
917 ie->group_cipher, ssid->group_cipher);
920 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
921 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
922 "cipher 0x%x (mask 0x%x) - reject",
923 ie->pairwise_cipher, ssid->pairwise_cipher);
926 if (!(ie->key_mgmt & ssid->key_mgmt)) {
927 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
928 "management 0x%x (mask 0x%x) - reject",
929 ie->key_mgmt, ssid->key_mgmt);
933 #ifdef CONFIG_IEEE80211W
934 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
935 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
936 wpa_s->conf->pmf : ssid->ieee80211w) ==
937 MGMT_FRAME_PROTECTION_REQUIRED) {
938 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
939 "that does not support management frame protection - "
943 #endif /* CONFIG_IEEE80211W */
950 * wpa_supplicant_set_suites - Set authentication and encryption parameters
951 * @wpa_s: Pointer to wpa_supplicant data
952 * @bss: Scan results for the selected BSS, or %NULL if not available
953 * @ssid: Configuration data for the selected network
954 * @wpa_ie: Buffer for the WPA/RSN IE
955 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
956 * used buffer length in case the functions returns success.
957 * Returns: 0 on success or -1 on failure
959 * This function is used to configure authentication and encryption parameters
960 * based on the network configuration and scan result for the selected BSS (if
963 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
964 struct wpa_bss *bss, struct wpa_ssid *ssid,
965 u8 *wpa_ie, size_t *wpa_ie_len)
967 struct wpa_ie_data ie;
969 const u8 *bss_wpa, *bss_rsn, *bss_osen;
972 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
973 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
974 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
976 bss_wpa = bss_rsn = bss_osen = NULL;
978 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
979 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
980 (ie.group_cipher & ssid->group_cipher) &&
981 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
982 (ie.key_mgmt & ssid->key_mgmt)) {
983 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
984 proto = WPA_PROTO_RSN;
985 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
986 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
987 (ie.group_cipher & ssid->group_cipher) &&
988 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
989 (ie.key_mgmt & ssid->key_mgmt)) {
990 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
991 proto = WPA_PROTO_WPA;
993 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
994 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
995 /* TODO: parse OSEN element */
996 os_memset(&ie, 0, sizeof(ie));
997 ie.group_cipher = WPA_CIPHER_CCMP;
998 ie.pairwise_cipher = WPA_CIPHER_CCMP;
999 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1000 proto = WPA_PROTO_OSEN;
1001 #endif /* CONFIG_HS20 */
1003 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1006 if (ssid->proto & WPA_PROTO_OSEN)
1007 proto = WPA_PROTO_OSEN;
1008 else if (ssid->proto & WPA_PROTO_RSN)
1009 proto = WPA_PROTO_RSN;
1011 proto = WPA_PROTO_WPA;
1012 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1013 os_memset(&ie, 0, sizeof(ie));
1014 ie.group_cipher = ssid->group_cipher;
1015 ie.pairwise_cipher = ssid->pairwise_cipher;
1016 ie.key_mgmt = ssid->key_mgmt;
1017 #ifdef CONFIG_IEEE80211W
1018 ie.mgmt_group_cipher =
1019 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1020 WPA_CIPHER_AES_128_CMAC : 0;
1021 #endif /* CONFIG_IEEE80211W */
1022 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1023 "based on configuration");
1028 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1029 "pairwise %d key_mgmt %d proto %d",
1030 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1031 #ifdef CONFIG_IEEE80211W
1032 if (ssid->ieee80211w) {
1033 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1034 ie.mgmt_group_cipher);
1036 #endif /* CONFIG_IEEE80211W */
1038 wpa_s->wpa_proto = proto;
1039 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1040 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1041 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1043 if (bss || !wpa_s->ap_ies_from_associnfo) {
1044 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1045 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1046 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1047 bss_rsn ? 2 + bss_rsn[1] : 0))
1051 sel = ie.group_cipher & ssid->group_cipher;
1052 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1053 if (wpa_s->group_cipher < 0) {
1054 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1058 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1059 wpa_cipher_txt(wpa_s->group_cipher));
1061 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1062 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1063 if (wpa_s->pairwise_cipher < 0) {
1064 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1068 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1069 wpa_cipher_txt(wpa_s->pairwise_cipher));
1071 sel = ie.key_mgmt & ssid->key_mgmt;
1073 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1074 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1075 #endif /* CONFIG_SAE */
1077 #ifdef CONFIG_IEEE80211R
1078 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1079 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1080 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1081 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1082 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1083 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1084 #endif /* CONFIG_IEEE80211R */
1086 } else if (sel & WPA_KEY_MGMT_SAE) {
1087 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1088 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1089 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1090 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1091 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1092 #endif /* CONFIG_SAE */
1093 #ifdef CONFIG_IEEE80211W
1094 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1095 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1096 wpa_dbg(wpa_s, MSG_DEBUG,
1097 "WPA: using KEY_MGMT 802.1X with SHA256");
1098 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1099 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1100 wpa_dbg(wpa_s, MSG_DEBUG,
1101 "WPA: using KEY_MGMT PSK with SHA256");
1102 #endif /* CONFIG_IEEE80211W */
1103 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1104 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1105 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1106 } else if (sel & WPA_KEY_MGMT_PSK) {
1107 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1108 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1109 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1110 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1111 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1113 } else if (sel & WPA_KEY_MGMT_OSEN) {
1114 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1115 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1116 #endif /* CONFIG_HS20 */
1118 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1119 "authenticated key management type");
1123 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1124 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1125 wpa_s->pairwise_cipher);
1126 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1128 #ifdef CONFIG_IEEE80211W
1129 sel = ie.mgmt_group_cipher;
1130 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1131 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1132 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1134 if (sel & WPA_CIPHER_AES_128_CMAC) {
1135 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1136 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1138 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1139 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1140 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1142 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1143 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1144 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1146 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1147 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1148 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1151 wpa_s->mgmt_group_cipher = 0;
1152 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1154 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1155 wpa_s->mgmt_group_cipher);
1156 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1157 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1158 wpa_s->conf->pmf : ssid->ieee80211w));
1159 #endif /* CONFIG_IEEE80211W */
1161 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1162 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1166 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1167 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1168 #ifndef CONFIG_NO_PBKDF2
1169 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1172 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1173 4096, psk, PMK_LEN);
1174 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1176 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1178 #endif /* CONFIG_NO_PBKDF2 */
1179 #ifdef CONFIG_EXT_PASSWORD
1180 if (ssid->ext_psk) {
1181 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1183 char pw_str[64 + 1];
1187 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1188 "found from external storage");
1192 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1193 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1194 "PSK length %d in external storage",
1195 (int) wpabuf_len(pw));
1196 ext_password_free(pw);
1200 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1201 pw_str[wpabuf_len(pw)] = '\0';
1203 #ifndef CONFIG_NO_PBKDF2
1204 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1206 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1207 4096, psk, PMK_LEN);
1208 os_memset(pw_str, 0, sizeof(pw_str));
1209 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1210 "external passphrase)",
1212 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1214 #endif /* CONFIG_NO_PBKDF2 */
1215 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1216 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1217 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1218 "Invalid PSK hex string");
1219 os_memset(pw_str, 0, sizeof(pw_str));
1220 ext_password_free(pw);
1223 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1225 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1227 os_memset(pw_str, 0, sizeof(pw_str));
1228 ext_password_free(pw);
1232 os_memset(pw_str, 0, sizeof(pw_str));
1233 ext_password_free(pw);
1235 #endif /* CONFIG_EXT_PASSWORD */
1237 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1243 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1248 case 0: /* Bits 0-7 */
1250 case 1: /* Bits 8-15 */
1252 case 2: /* Bits 16-23 */
1254 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1255 *pos |= 0x08; /* Bit 19 - BSS Transition */
1256 #endif /* CONFIG_WNM */
1258 case 3: /* Bits 24-31 */
1260 *pos |= 0x02; /* Bit 25 - SSID List */
1261 #endif /* CONFIG_WNM */
1262 #ifdef CONFIG_INTERWORKING
1263 if (wpa_s->conf->interworking)
1264 *pos |= 0x80; /* Bit 31 - Interworking */
1265 #endif /* CONFIG_INTERWORKING */
1267 case 4: /* Bits 32-39 */
1268 #ifdef CONFIG_INTERWORKING
1269 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1270 *pos |= 0x01; /* Bit 32 - QoS Map */
1271 #endif /* CONFIG_INTERWORKING */
1273 case 5: /* Bits 40-47 */
1275 if (wpa_s->conf->hs20)
1276 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1277 #endif /* CONFIG_HS20 */
1279 case 6: /* Bits 48-55 */
1285 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1290 if (len < wpa_s->extended_capa_len)
1291 len = wpa_s->extended_capa_len;
1292 if (buflen < (size_t) len + 2) {
1293 wpa_printf(MSG_INFO,
1294 "Not enough room for building extended capabilities element");
1298 *pos++ = WLAN_EID_EXT_CAPAB;
1300 for (i = 0; i < len; i++, pos++) {
1301 wpas_ext_capab_byte(wpa_s, pos, i);
1303 if (i < wpa_s->extended_capa_len) {
1304 *pos &= ~wpa_s->extended_capa_mask[i];
1305 *pos |= wpa_s->extended_capa[i];
1309 while (len > 0 && buf[1 + len] == 0) {
1320 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1321 struct wpa_bss *test_bss)
1323 struct wpa_bss *bss;
1325 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1326 if (bss == test_bss)
1334 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1335 struct wpa_ssid *test_ssid)
1337 struct wpa_ssid *ssid;
1339 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1340 if (ssid == test_ssid)
1348 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1349 struct wpa_ssid *test_ssid)
1351 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1354 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1358 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1366 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1368 struct wpa_connect_work *cwork;
1369 struct wpa_radio_work *work = wpa_s->connect_work;
1374 wpa_s->connect_work = NULL;
1377 wpas_connect_work_free(cwork);
1378 radio_work_done(work);
1382 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1385 * wpa_supplicant_associate - Request association
1386 * @wpa_s: Pointer to wpa_supplicant data
1387 * @bss: Scan results for the selected BSS, or %NULL if not available
1388 * @ssid: Configuration data for the selected network
1390 * This function is used to request %wpa_supplicant to associate with a BSS.
1392 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1393 struct wpa_bss *bss, struct wpa_ssid *ssid)
1395 struct wpa_connect_work *cwork;
1397 #ifdef CONFIG_IBSS_RSN
1398 ibss_rsn_deinit(wpa_s->ibss_rsn);
1399 wpa_s->ibss_rsn = NULL;
1400 #endif /* CONFIG_IBSS_RSN */
1402 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1403 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1405 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1406 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1410 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1411 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1412 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1413 wpas_p2p_ap_setup_failed(wpa_s);
1416 wpa_s->current_bss = bss;
1417 #else /* CONFIG_AP */
1418 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1420 #endif /* CONFIG_AP */
1426 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1428 #endif /* CONFIG_TDLS */
1430 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1431 ssid->mode == IEEE80211_MODE_INFRA) {
1432 sme_authenticate(wpa_s, bss, ssid);
1436 if (wpa_s->connect_work) {
1437 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1441 if (radio_work_pending(wpa_s, "connect")) {
1442 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1446 cwork = os_zalloc(sizeof(*cwork));
1453 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1454 wpas_start_assoc_cb, cwork) < 0) {
1460 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1462 struct wpa_connect_work *cwork = work->ctx;
1463 struct wpa_bss *bss = cwork->bss;
1464 struct wpa_ssid *ssid = cwork->ssid;
1465 struct wpa_supplicant *wpa_s = work->wpa_s;
1468 int use_crypt, ret, i, bssid_changed;
1469 int algs = WPA_AUTH_ALG_OPEN;
1470 unsigned int cipher_pairwise, cipher_group;
1471 struct wpa_driver_associate_params params;
1472 int wep_keys_set = 0;
1473 int assoc_failed = 0;
1474 struct wpa_ssid *old_ssid;
1475 #ifdef CONFIG_HT_OVERRIDES
1476 struct ieee80211_ht_capabilities htcaps;
1477 struct ieee80211_ht_capabilities htcaps_mask;
1478 #endif /* CONFIG_HT_OVERRIDES */
1479 #ifdef CONFIG_VHT_OVERRIDES
1480 struct ieee80211_vht_capabilities vhtcaps;
1481 struct ieee80211_vht_capabilities vhtcaps_mask;
1482 #endif /* CONFIG_VHT_OVERRIDES */
1485 if (work->started) {
1486 wpa_s->connect_work = NULL;
1488 /* cancel possible auth. timeout */
1489 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1492 wpas_connect_work_free(cwork);
1496 wpa_s->connect_work = work;
1498 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1499 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1500 wpas_connect_work_done(wpa_s);
1504 os_memset(¶ms, 0, sizeof(params));
1505 wpa_s->reassociate = 0;
1506 wpa_s->eap_expected_failure = 0;
1507 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1508 #ifdef CONFIG_IEEE80211R
1509 const u8 *ie, *md = NULL;
1510 #endif /* CONFIG_IEEE80211R */
1511 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1512 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1513 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1514 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1515 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1516 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1518 wpas_notify_bssid_changed(wpa_s);
1519 #ifdef CONFIG_IEEE80211R
1520 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1521 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1523 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1525 /* Prepare for the next transition */
1526 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1528 #endif /* CONFIG_IEEE80211R */
1530 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1531 wpa_s->conf->ap_scan == 2 &&
1532 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1533 /* Use ap_scan==1 style network selection to find the network
1535 wpa_s->scan_req = MANUAL_SCAN_REQ;
1536 wpa_s->reassociate = 1;
1537 wpa_supplicant_req_scan(wpa_s, 0, 0);
1539 #endif /* CONFIG_WPS */
1541 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1542 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1543 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1545 wpa_supplicant_cancel_sched_scan(wpa_s);
1546 wpa_supplicant_cancel_scan(wpa_s);
1548 /* Starting new association, so clear the possibly used WPA IE from the
1549 * previous association. */
1550 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1552 #ifdef IEEE8021X_EAPOL
1553 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1555 if (ssid->non_leap == 0)
1556 algs = WPA_AUTH_ALG_LEAP;
1558 algs |= WPA_AUTH_ALG_LEAP;
1561 #endif /* IEEE8021X_EAPOL */
1562 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1563 if (ssid->auth_alg) {
1564 algs = ssid->auth_alg;
1565 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1569 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1570 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1571 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1572 int try_opportunistic;
1573 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1575 ssid->proactive_key_caching) &&
1576 (ssid->proto & WPA_PROTO_RSN);
1577 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1578 ssid, try_opportunistic) == 0)
1579 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1580 wpa_ie_len = sizeof(wpa_ie);
1581 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1582 wpa_ie, &wpa_ie_len)) {
1583 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1584 "key management and encryption suites");
1587 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1588 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1590 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1591 * use non-WPA since the scan results did not indicate that the
1592 * AP is using WPA or WPA2.
1594 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1596 wpa_s->wpa_proto = 0;
1597 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1598 wpa_ie_len = sizeof(wpa_ie);
1599 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1600 wpa_ie, &wpa_ie_len)) {
1601 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1602 "key management and encryption suites (no "
1607 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1608 struct wpabuf *wps_ie;
1609 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1610 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1611 wpa_ie_len = wpabuf_len(wps_ie);
1612 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1615 wpabuf_free(wps_ie);
1616 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1617 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1618 params.wps = WPS_MODE_PRIVACY;
1620 params.wps = WPS_MODE_OPEN;
1621 wpa_s->wpa_proto = 0;
1622 #endif /* CONFIG_WPS */
1624 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1626 wpa_s->wpa_proto = 0;
1630 if (wpa_s->global->p2p) {
1634 pos = wpa_ie + wpa_ie_len;
1635 len = sizeof(wpa_ie) - wpa_ie_len;
1636 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1642 wpa_s->cross_connect_disallowed = 0;
1645 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1647 wpa_s->cross_connect_disallowed =
1648 p2p_get_cross_connect_disallowed(p2p);
1650 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1652 wpa_s->cross_connect_disallowed ?
1653 "disallows" : "allows");
1657 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1658 #endif /* CONFIG_P2P */
1661 if (is_hs20_network(wpa_s, ssid, bss)) {
1662 struct wpabuf *hs20;
1663 hs20 = wpabuf_alloc(20);
1665 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1668 wpas_hs20_add_indication(hs20, pps_mo_id);
1669 len = sizeof(wpa_ie) - wpa_ie_len;
1670 if (wpabuf_len(hs20) <= len) {
1671 os_memcpy(wpa_ie + wpa_ie_len,
1672 wpabuf_head(hs20), wpabuf_len(hs20));
1673 wpa_ie_len += wpabuf_len(hs20);
1678 #endif /* CONFIG_HS20 */
1681 * Workaround: Add Extended Capabilities element only if the AP
1682 * included this element in Beacon/Probe Response frames. Some older
1683 * APs seem to have interoperability issues if this element is
1684 * included, so while the standard may require us to include the
1685 * element in all cases, it is justifiable to skip it to avoid
1686 * interoperability issues.
1688 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1691 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
1693 if (ext_capab_len > 0) {
1695 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1697 os_memmove(pos + ext_capab_len, pos,
1698 wpa_ie_len - (pos - wpa_ie));
1699 wpa_ie_len += ext_capab_len;
1700 os_memcpy(pos, ext_capab, ext_capab_len);
1704 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1706 cipher_pairwise = wpa_s->pairwise_cipher;
1707 cipher_group = wpa_s->group_cipher;
1708 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1709 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1710 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1712 if (wpa_set_wep_keys(wpa_s, ssid)) {
1717 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1720 #ifdef IEEE8021X_EAPOL
1721 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1722 if ((ssid->eapol_flags &
1723 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1724 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1728 /* Assume that dynamic WEP-104 keys will be used and
1729 * set cipher suites in order for drivers to expect
1731 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1734 #endif /* IEEE8021X_EAPOL */
1736 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1737 /* Set the key before (and later after) association */
1738 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1741 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1743 params.ssid = bss->ssid;
1744 params.ssid_len = bss->ssid_len;
1745 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1746 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1747 MACSTR " freq=%u MHz based on scan results "
1749 MAC2STR(bss->bssid), bss->freq,
1751 params.bssid = bss->bssid;
1752 params.freq = bss->freq;
1754 params.bssid_hint = bss->bssid;
1755 params.freq_hint = bss->freq;
1757 params.ssid = ssid->ssid;
1758 params.ssid_len = ssid->ssid_len;
1761 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1762 wpa_s->conf->ap_scan == 2) {
1763 params.bssid = ssid->bssid;
1764 params.fixed_bssid = 1;
1767 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1769 params.freq = ssid->frequency; /* Initial channel for IBSS */
1771 if (ssid->mode == WPAS_MODE_IBSS) {
1772 if (ssid->beacon_int)
1773 params.beacon_int = ssid->beacon_int;
1775 params.beacon_int = wpa_s->conf->beacon_int;
1778 params.wpa_ie = wpa_ie;
1779 params.wpa_ie_len = wpa_ie_len;
1780 params.pairwise_suite = cipher_pairwise;
1781 params.group_suite = cipher_group;
1782 params.key_mgmt_suite = wpa_s->key_mgmt;
1783 params.wpa_proto = wpa_s->wpa_proto;
1784 params.auth_alg = algs;
1785 params.mode = ssid->mode;
1786 params.bg_scan_period = ssid->bg_scan_period;
1787 for (i = 0; i < NUM_WEP_KEYS; i++) {
1788 if (ssid->wep_key_len[i])
1789 params.wep_key[i] = ssid->wep_key[i];
1790 params.wep_key_len[i] = ssid->wep_key_len[i];
1792 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1794 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1795 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1796 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1797 params.passphrase = ssid->passphrase;
1799 params.psk = ssid->psk;
1802 params.drop_unencrypted = use_crypt;
1804 #ifdef CONFIG_IEEE80211W
1805 params.mgmt_frame_protection =
1806 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1807 wpa_s->conf->pmf : ssid->ieee80211w;
1808 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1809 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1810 struct wpa_ie_data ie;
1811 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1813 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1814 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1815 "MFP: require MFP");
1816 params.mgmt_frame_protection =
1817 MGMT_FRAME_PROTECTION_REQUIRED;
1820 #endif /* CONFIG_IEEE80211W */
1822 params.p2p = ssid->p2p_group;
1824 if (wpa_s->parent->set_sta_uapsd)
1825 params.uapsd = wpa_s->parent->sta_uapsd;
1829 #ifdef CONFIG_HT_OVERRIDES
1830 os_memset(&htcaps, 0, sizeof(htcaps));
1831 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1832 params.htcaps = (u8 *) &htcaps;
1833 params.htcaps_mask = (u8 *) &htcaps_mask;
1834 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1835 #endif /* CONFIG_HT_OVERRIDES */
1836 #ifdef CONFIG_VHT_OVERRIDES
1837 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
1838 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
1839 params.vhtcaps = &vhtcaps;
1840 params.vhtcaps_mask = &vhtcaps_mask;
1841 wpa_supplicant_apply_vht_overrides(wpa_s, wpa_s->current_ssid, ¶ms);
1842 #endif /* CONFIG_VHT_OVERRIDES */
1846 * If multi-channel concurrency is not supported, check for any
1847 * frequency conflict. In case of any frequency conflict, remove the
1848 * least prioritized connection.
1850 if (wpa_s->num_multichan_concurrent < 2) {
1852 num = get_shared_radio_freqs(wpa_s, &freq, 1);
1853 if (num > 0 && freq > 0 && freq != params.freq) {
1854 wpa_printf(MSG_DEBUG,
1855 "Assoc conflicting freq found (%d != %d)",
1857 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1863 #endif /* CONFIG_P2P */
1865 ret = wpa_drv_associate(wpa_s, ¶ms);
1867 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1869 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1871 * The driver is known to mean what is saying, so we
1872 * can stop right here; the association will not
1875 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1876 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1877 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1880 /* try to continue anyway; new association will be tried again
1885 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1886 /* Set the key after the association just in case association
1887 * cleared the previously configured key. */
1888 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1889 /* No need to timeout authentication since there is no key
1891 wpa_supplicant_cancel_auth_timeout(wpa_s);
1892 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1893 #ifdef CONFIG_IBSS_RSN
1894 } else if (ssid->mode == WPAS_MODE_IBSS &&
1895 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1896 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1898 * RSN IBSS authentication is per-STA and we can disable the
1899 * per-BSSID authentication.
1901 wpa_supplicant_cancel_auth_timeout(wpa_s);
1902 #endif /* CONFIG_IBSS_RSN */
1904 /* Timeout for IEEE 802.11 authentication and association */
1908 /* give IBSS a bit more time */
1909 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1910 } else if (wpa_s->conf->ap_scan == 1) {
1911 /* give IBSS a bit more time */
1912 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1914 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1918 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1919 /* Set static WEP keys again */
1920 wpa_set_wep_keys(wpa_s, ssid);
1923 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1925 * Do not allow EAP session resumption between different
1926 * network configurations.
1928 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1930 old_ssid = wpa_s->current_ssid;
1931 wpa_s->current_ssid = ssid;
1932 wpa_s->current_bss = bss;
1933 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1934 wpa_supplicant_initiate_eapol(wpa_s);
1935 if (old_ssid != wpa_s->current_ssid)
1936 wpas_notify_network_changed(wpa_s);
1940 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1943 struct wpa_ssid *old_ssid;
1945 wpa_clear_keys(wpa_s, addr);
1946 old_ssid = wpa_s->current_ssid;
1947 wpa_supplicant_mark_disassoc(wpa_s);
1948 wpa_sm_set_config(wpa_s->wpa, NULL);
1949 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1950 if (old_ssid != wpa_s->current_ssid)
1951 wpas_notify_network_changed(wpa_s);
1952 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1957 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1958 * @wpa_s: Pointer to wpa_supplicant data
1959 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1961 * This function is used to request %wpa_supplicant to deauthenticate from the
1964 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1968 union wpa_event_data event;
1971 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1972 " pending_bssid=" MACSTR " reason=%d state=%s",
1973 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1974 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1976 if (!is_zero_ether_addr(wpa_s->bssid))
1977 addr = wpa_s->bssid;
1978 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1979 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1980 wpa_s->wpa_state == WPA_ASSOCIATING))
1981 addr = wpa_s->pending_bssid;
1982 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1984 * When using driver-based BSS selection, we may not know the
1985 * BSSID with which we are currently trying to associate. We
1986 * need to notify the driver of this disconnection even in such
1987 * a case, so use the all zeros address here.
1989 addr = wpa_s->bssid;
1994 wpa_tdls_teardown_peers(wpa_s->wpa);
1995 #endif /* CONFIG_TDLS */
1998 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1999 os_memset(&event, 0, sizeof(event));
2000 event.deauth_info.reason_code = (u16) reason_code;
2001 event.deauth_info.locally_generated = 1;
2002 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2007 wpa_supplicant_clear_connection(wpa_s, addr);
2010 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2011 struct wpa_ssid *ssid)
2013 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2017 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2018 wpas_notify_network_enabled_changed(wpa_s, ssid);
2021 * Try to reassociate since there is no current configuration and a new
2022 * network was made available.
2024 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2025 wpa_s->reassociate = 1;
2030 * wpa_supplicant_enable_network - Mark a configured network as enabled
2031 * @wpa_s: wpa_supplicant structure for a network interface
2032 * @ssid: wpa_ssid structure for a configured network or %NULL
2034 * Enables the specified network or all networks if no network specified.
2036 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2037 struct wpa_ssid *ssid)
2040 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2041 wpa_supplicant_enable_one_network(wpa_s, ssid);
2043 wpa_supplicant_enable_one_network(wpa_s, ssid);
2045 if (wpa_s->reassociate && !wpa_s->disconnected) {
2046 if (wpa_s->sched_scanning) {
2047 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2048 "new network to scan filters");
2049 wpa_supplicant_cancel_sched_scan(wpa_s);
2052 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2053 wpa_supplicant_req_scan(wpa_s, 0, 0);
2059 * wpa_supplicant_disable_network - Mark a configured network as disabled
2060 * @wpa_s: wpa_supplicant structure for a network interface
2061 * @ssid: wpa_ssid structure for a configured network or %NULL
2063 * Disables the specified network or all networks if no network specified.
2065 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2066 struct wpa_ssid *ssid)
2068 struct wpa_ssid *other_ssid;
2072 if (wpa_s->sched_scanning)
2073 wpa_supplicant_cancel_sched_scan(wpa_s);
2075 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2076 other_ssid = other_ssid->next) {
2077 was_disabled = other_ssid->disabled;
2078 if (was_disabled == 2)
2079 continue; /* do not change persistent P2P group
2082 other_ssid->disabled = 1;
2084 if (was_disabled != other_ssid->disabled)
2085 wpas_notify_network_enabled_changed(
2088 if (wpa_s->current_ssid)
2089 wpa_supplicant_deauthenticate(
2090 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2091 } else if (ssid->disabled != 2) {
2092 if (ssid == wpa_s->current_ssid)
2093 wpa_supplicant_deauthenticate(
2094 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2096 was_disabled = ssid->disabled;
2100 if (was_disabled != ssid->disabled) {
2101 wpas_notify_network_enabled_changed(wpa_s, ssid);
2102 if (wpa_s->sched_scanning) {
2103 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2104 "to remove network from filters");
2105 wpa_supplicant_cancel_sched_scan(wpa_s);
2106 wpa_supplicant_req_scan(wpa_s, 0, 0);
2114 * wpa_supplicant_select_network - Attempt association with a network
2115 * @wpa_s: wpa_supplicant structure for a network interface
2116 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2118 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2119 struct wpa_ssid *ssid)
2122 struct wpa_ssid *other_ssid;
2123 int disconnected = 0;
2125 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2126 wpa_supplicant_deauthenticate(
2127 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2132 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2135 * Mark all other networks disabled or mark all networks enabled if no
2136 * network specified.
2138 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2139 other_ssid = other_ssid->next) {
2140 int was_disabled = other_ssid->disabled;
2141 if (was_disabled == 2)
2142 continue; /* do not change persistent P2P group data */
2144 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2145 if (was_disabled && !other_ssid->disabled)
2146 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2148 if (was_disabled != other_ssid->disabled)
2149 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2152 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2153 /* We are already associated with the selected network */
2154 wpa_printf(MSG_DEBUG, "Already associated with the "
2155 "selected network - do nothing");
2160 wpa_s->current_ssid = ssid;
2161 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2163 wpa_s->connect_without_scan = NULL;
2164 wpa_s->disconnected = 0;
2165 wpa_s->reassociate = 1;
2167 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2168 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2171 wpas_notify_network_selected(wpa_s, ssid);
2176 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2177 * @wpa_s: wpa_supplicant structure for a network interface
2178 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2179 * @pkcs11_module_path: PKCS #11 module path or NULL
2180 * Returns: 0 on success; -1 on failure
2182 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2183 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2184 * module path fails the paths will be reset to the default value (NULL).
2186 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2187 const char *pkcs11_engine_path,
2188 const char *pkcs11_module_path)
2190 char *pkcs11_engine_path_copy = NULL;
2191 char *pkcs11_module_path_copy = NULL;
2193 if (pkcs11_engine_path != NULL) {
2194 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2195 if (pkcs11_engine_path_copy == NULL)
2198 if (pkcs11_module_path != NULL) {
2199 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2200 if (pkcs11_module_path_copy == NULL) {
2201 os_free(pkcs11_engine_path_copy);
2206 os_free(wpa_s->conf->pkcs11_engine_path);
2207 os_free(wpa_s->conf->pkcs11_module_path);
2208 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2209 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2211 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2212 eapol_sm_deinit(wpa_s->eapol);
2213 wpa_s->eapol = NULL;
2214 if (wpa_supplicant_init_eapol(wpa_s)) {
2215 /* Error -> Reset paths to the default value (NULL) once. */
2216 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2217 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2222 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2229 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2230 * @wpa_s: wpa_supplicant structure for a network interface
2231 * @ap_scan: AP scan mode
2232 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2235 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2240 if (ap_scan < 0 || ap_scan > 2)
2244 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2245 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2246 wpa_s->wpa_state < WPA_COMPLETED) {
2247 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2248 "associating", wpa_s->conf->ap_scan, ap_scan);
2251 #endif /* ANDROID */
2253 old_ap_scan = wpa_s->conf->ap_scan;
2254 wpa_s->conf->ap_scan = ap_scan;
2256 if (old_ap_scan != wpa_s->conf->ap_scan)
2257 wpas_notify_ap_scan_changed(wpa_s);
2264 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2265 * @wpa_s: wpa_supplicant structure for a network interface
2266 * @expire_age: Expiration age in seconds
2267 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2270 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2271 unsigned int bss_expire_age)
2273 if (bss_expire_age < 10) {
2274 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2278 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2280 wpa_s->conf->bss_expiration_age = bss_expire_age;
2287 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2288 * @wpa_s: wpa_supplicant structure for a network interface
2289 * @expire_count: number of scans after which an unseen BSS is reclaimed
2290 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2293 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2294 unsigned int bss_expire_count)
2296 if (bss_expire_count < 1) {
2297 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2301 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2303 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2310 * wpa_supplicant_set_scan_interval - Set scan interval
2311 * @wpa_s: wpa_supplicant structure for a network interface
2312 * @scan_interval: scan interval in seconds
2313 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2316 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2319 if (scan_interval < 0) {
2320 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2324 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2326 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2333 * wpa_supplicant_set_debug_params - Set global debug params
2334 * @global: wpa_global structure
2335 * @debug_level: debug level
2336 * @debug_timestamp: determines if show timestamp in debug data
2337 * @debug_show_keys: determines if show keys in debug data
2338 * Returns: 0 if succeed or -1 if debug_level has wrong value
2340 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2341 int debug_timestamp, int debug_show_keys)
2344 int old_level, old_timestamp, old_show_keys;
2346 /* check for allowed debuglevels */
2347 if (debug_level != MSG_EXCESSIVE &&
2348 debug_level != MSG_MSGDUMP &&
2349 debug_level != MSG_DEBUG &&
2350 debug_level != MSG_INFO &&
2351 debug_level != MSG_WARNING &&
2352 debug_level != MSG_ERROR)
2355 old_level = wpa_debug_level;
2356 old_timestamp = wpa_debug_timestamp;
2357 old_show_keys = wpa_debug_show_keys;
2359 wpa_debug_level = debug_level;
2360 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2361 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2363 if (wpa_debug_level != old_level)
2364 wpas_notify_debug_level_changed(global);
2365 if (wpa_debug_timestamp != old_timestamp)
2366 wpas_notify_debug_timestamp_changed(global);
2367 if (wpa_debug_show_keys != old_show_keys)
2368 wpas_notify_debug_show_keys_changed(global);
2375 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2376 * @wpa_s: Pointer to wpa_supplicant data
2377 * Returns: A pointer to the current network structure or %NULL on failure
2379 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2381 struct wpa_ssid *entry;
2382 u8 ssid[MAX_SSID_LEN];
2388 res = wpa_drv_get_ssid(wpa_s, ssid);
2390 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2396 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2397 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2402 wired = wpa_s->conf->ap_scan == 0 &&
2403 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2405 entry = wpa_s->conf->ssid;
2407 if (!wpas_network_disabled(wpa_s, entry) &&
2408 ((ssid_len == entry->ssid_len &&
2409 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2410 (!entry->bssid_set ||
2411 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2414 if (!wpas_network_disabled(wpa_s, entry) &&
2415 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2416 (entry->ssid == NULL || entry->ssid_len == 0) &&
2417 (!entry->bssid_set ||
2418 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2420 #endif /* CONFIG_WPS */
2422 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2423 entry->ssid_len == 0 &&
2424 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2427 entry = entry->next;
2434 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2436 struct wpa_global *global = wpa_s->global;
2438 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2439 global->drv_priv[i] = wpa_drivers[i]->global_init();
2440 if (global->drv_priv[i] == NULL) {
2441 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2442 "'%s'", wpa_drivers[i]->name);
2447 wpa_s->driver = wpa_drivers[i];
2448 wpa_s->global_drv_priv = global->drv_priv[i];
2454 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2459 const char *pos, *driver = name;
2464 if (wpa_drivers[0] == NULL) {
2465 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2471 /* default to first driver in the list */
2472 return select_driver(wpa_s, 0);
2476 pos = os_strchr(driver, ',');
2480 len = os_strlen(driver);
2482 for (i = 0; wpa_drivers[i]; i++) {
2483 if (os_strlen(wpa_drivers[i]->name) == len &&
2484 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2486 /* First driver that succeeds wins */
2487 if (select_driver(wpa_s, i) == 0)
2495 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2501 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2502 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2503 * with struct wpa_driver_ops::init()
2504 * @src_addr: Source address of the EAPOL frame
2505 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2506 * @len: Length of the EAPOL data
2508 * This function is called for each received EAPOL frame. Most driver
2509 * interfaces rely on more generic OS mechanism for receiving frames through
2510 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2511 * take care of received EAPOL frames and deliver them to the core supplicant
2512 * code by calling this function.
2514 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2515 const u8 *buf, size_t len)
2517 struct wpa_supplicant *wpa_s = ctx;
2519 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2520 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2522 #ifdef CONFIG_PEERKEY
2523 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2524 wpa_s->current_ssid->peerkey &&
2525 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2526 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2527 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2530 #endif /* CONFIG_PEERKEY */
2532 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2533 (wpa_s->last_eapol_matches_bssid &&
2536 #endif /* CONFIG_AP */
2537 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2539 * There is possible race condition between receiving the
2540 * association event and the EAPOL frame since they are coming
2541 * through different paths from the driver. In order to avoid
2542 * issues in trying to process the EAPOL frame before receiving
2543 * association information, lets queue it for processing until
2544 * the association event is received. This may also be needed in
2545 * driver-based roaming case, so also use src_addr != BSSID as a
2546 * trigger if we have previously confirmed that the
2547 * Authenticator uses BSSID as the src_addr (which is not the
2548 * case with wired IEEE 802.1X).
2550 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2551 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2552 wpa_supplicant_state_txt(wpa_s->wpa_state),
2553 MAC2STR(wpa_s->bssid));
2554 wpabuf_free(wpa_s->pending_eapol_rx);
2555 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2556 if (wpa_s->pending_eapol_rx) {
2557 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2558 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2564 wpa_s->last_eapol_matches_bssid =
2565 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2568 if (wpa_s->ap_iface) {
2569 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2572 #endif /* CONFIG_AP */
2574 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2575 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2576 "no key management is configured");
2580 if (wpa_s->eapol_received == 0 &&
2581 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2582 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2583 wpa_s->wpa_state != WPA_COMPLETED) &&
2584 (wpa_s->current_ssid == NULL ||
2585 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2586 /* Timeout for completing IEEE 802.1X and WPA authentication */
2587 wpa_supplicant_req_auth_timeout(
2589 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2590 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2591 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2594 wpa_s->eapol_received++;
2596 if (wpa_s->countermeasures) {
2597 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2602 #ifdef CONFIG_IBSS_RSN
2603 if (wpa_s->current_ssid &&
2604 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2605 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2608 #endif /* CONFIG_IBSS_RSN */
2610 /* Source address of the incoming EAPOL frame could be compared to the
2611 * current BSSID. However, it is possible that a centralized
2612 * Authenticator could be using another MAC address than the BSSID of
2613 * an AP, so just allow any address to be used for now. The replies are
2614 * still sent to the current BSSID (if available), though. */
2616 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2617 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2618 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2620 wpa_drv_poll(wpa_s);
2621 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2622 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2623 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2625 * Set portValid = TRUE here since we are going to skip 4-way
2626 * handshake processing which would normally set portValid. We
2627 * need this to allow the EAPOL state machines to be completed
2628 * without going through EAPOL-Key handshake.
2630 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2635 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2637 if (wpa_s->driver->send_eapol) {
2638 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2640 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2641 } else if ((!wpa_s->p2p_mgmt ||
2642 !(wpa_s->drv_flags &
2643 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2644 !(wpa_s->drv_flags &
2645 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2646 l2_packet_deinit(wpa_s->l2);
2647 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2648 wpa_drv_get_mac_addr(wpa_s),
2650 wpa_supplicant_rx_eapol, wpa_s, 0);
2651 if (wpa_s->l2 == NULL)
2654 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2656 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2659 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2660 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2668 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2669 const u8 *buf, size_t len)
2671 struct wpa_supplicant *wpa_s = ctx;
2672 const struct l2_ethhdr *eth;
2674 if (len < sizeof(*eth))
2676 eth = (const struct l2_ethhdr *) buf;
2678 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2679 !(eth->h_dest[0] & 0x01)) {
2680 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2681 " (bridge - not for this interface - ignore)",
2682 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2686 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2687 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2688 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2689 len - sizeof(*eth));
2694 * wpa_supplicant_driver_init - Initialize driver interface parameters
2695 * @wpa_s: Pointer to wpa_supplicant data
2696 * Returns: 0 on success, -1 on failure
2698 * This function is called to initialize driver interface parameters.
2699 * wpa_drv_init() must have been called before this function to initialize the
2702 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2704 static int interface_count = 0;
2706 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2709 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2710 MAC2STR(wpa_s->own_addr));
2711 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2713 if (wpa_s->bridge_ifname[0]) {
2714 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2715 "interface '%s'", wpa_s->bridge_ifname);
2716 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2719 wpa_supplicant_rx_eapol_bridge,
2721 if (wpa_s->l2_br == NULL) {
2722 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2723 "connection for the bridge interface '%s'",
2724 wpa_s->bridge_ifname);
2729 wpa_clear_keys(wpa_s, NULL);
2731 /* Make sure that TKIP countermeasures are not left enabled (could
2732 * happen if wpa_supplicant is killed during countermeasures. */
2733 wpa_drv_set_countermeasures(wpa_s, 0);
2735 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2736 wpa_drv_flush_pmkid(wpa_s);
2738 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2739 wpa_s->prev_scan_wildcard = 0;
2741 if (wpa_supplicant_enabled_networks(wpa_s)) {
2742 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2743 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2744 interface_count = 0;
2746 if (!wpa_s->p2p_mgmt &&
2747 wpa_supplicant_delayed_sched_scan(wpa_s,
2748 interface_count % 3,
2750 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
2754 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2760 static int wpa_supplicant_daemon(const char *pid_file)
2762 wpa_printf(MSG_DEBUG, "Daemonize..");
2763 return os_daemonize(pid_file);
2767 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2769 struct wpa_supplicant *wpa_s;
2771 wpa_s = os_zalloc(sizeof(*wpa_s));
2774 wpa_s->scan_req = INITIAL_SCAN_REQ;
2775 wpa_s->scan_interval = 5;
2776 wpa_s->new_connection = 1;
2777 wpa_s->parent = wpa_s;
2778 wpa_s->sched_scanning = 0;
2784 #ifdef CONFIG_HT_OVERRIDES
2786 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2787 struct ieee80211_ht_capabilities *htcaps,
2788 struct ieee80211_ht_capabilities *htcaps_mask,
2791 /* parse ht_mcs into hex array */
2793 const char *tmp = ht_mcs;
2796 /* If ht_mcs is null, do not set anything */
2800 /* This is what we are setting in the kernel */
2801 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2803 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2805 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2807 long v = strtol(tmp, &end, 16);
2809 wpa_msg(wpa_s, MSG_DEBUG,
2810 "htcap value[%i]: %ld end: %p tmp: %p",
2815 htcaps->supported_mcs_set[i] = v;
2818 wpa_msg(wpa_s, MSG_ERROR,
2819 "Failed to parse ht-mcs: %s, error: %s\n",
2820 ht_mcs, strerror(errno));
2826 * If we were able to parse any values, then set mask for the MCS set.
2829 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2830 IEEE80211_HT_MCS_MASK_LEN - 1);
2831 /* skip the 3 reserved bits */
2832 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2840 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2841 struct ieee80211_ht_capabilities *htcaps,
2842 struct ieee80211_ht_capabilities *htcaps_mask,
2847 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2852 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2853 htcaps_mask->ht_capabilities_info |= msk;
2855 htcaps->ht_capabilities_info &= msk;
2857 htcaps->ht_capabilities_info |= msk;
2863 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2864 struct ieee80211_ht_capabilities *htcaps,
2865 struct ieee80211_ht_capabilities *htcaps_mask,
2868 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2873 if (factor < 0 || factor > 3) {
2874 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2875 "Must be 0-3 or -1", factor);
2879 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2880 htcaps->a_mpdu_params &= ~0x3;
2881 htcaps->a_mpdu_params |= factor & 0x3;
2887 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2888 struct ieee80211_ht_capabilities *htcaps,
2889 struct ieee80211_ht_capabilities *htcaps_mask,
2892 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2897 if (density < 0 || density > 7) {
2898 wpa_msg(wpa_s, MSG_ERROR,
2899 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2904 htcaps_mask->a_mpdu_params |= 0x1C;
2905 htcaps->a_mpdu_params &= ~(0x1C);
2906 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2912 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2913 struct ieee80211_ht_capabilities *htcaps,
2914 struct ieee80211_ht_capabilities *htcaps_mask,
2917 /* Masking these out disables HT40 */
2918 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2919 HT_CAP_INFO_SHORT_GI40MHZ);
2921 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2924 htcaps->ht_capabilities_info &= ~msk;
2926 htcaps->ht_capabilities_info |= msk;
2928 htcaps_mask->ht_capabilities_info |= msk;
2934 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2935 struct ieee80211_ht_capabilities *htcaps,
2936 struct ieee80211_ht_capabilities *htcaps_mask,
2939 /* Masking these out disables SGI */
2940 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2941 HT_CAP_INFO_SHORT_GI40MHZ);
2943 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2946 htcaps->ht_capabilities_info &= ~msk;
2948 htcaps->ht_capabilities_info |= msk;
2950 htcaps_mask->ht_capabilities_info |= msk;
2956 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
2957 struct ieee80211_ht_capabilities *htcaps,
2958 struct ieee80211_ht_capabilities *htcaps_mask,
2961 /* Masking these out disables LDPC */
2962 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
2964 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
2967 htcaps->ht_capabilities_info &= ~msk;
2969 htcaps->ht_capabilities_info |= msk;
2971 htcaps_mask->ht_capabilities_info |= msk;
2977 void wpa_supplicant_apply_ht_overrides(
2978 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2979 struct wpa_driver_associate_params *params)
2981 struct ieee80211_ht_capabilities *htcaps;
2982 struct ieee80211_ht_capabilities *htcaps_mask;
2987 params->disable_ht = ssid->disable_ht;
2988 if (!params->htcaps || !params->htcaps_mask)
2991 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2992 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2993 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2994 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2995 ssid->disable_max_amsdu);
2996 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2997 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2998 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2999 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3000 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3002 if (ssid->ht40_intolerant) {
3003 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3004 htcaps->ht_capabilities_info |= bit;
3005 htcaps_mask->ht_capabilities_info |= bit;
3009 #endif /* CONFIG_HT_OVERRIDES */
3012 #ifdef CONFIG_VHT_OVERRIDES
3013 void wpa_supplicant_apply_vht_overrides(
3014 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3015 struct wpa_driver_associate_params *params)
3017 struct ieee80211_vht_capabilities *vhtcaps;
3018 struct ieee80211_vht_capabilities *vhtcaps_mask;
3019 #ifdef CONFIG_HT_OVERRIDES
3021 const u32 max_ampdu_mask = VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX;
3022 #endif /* CONFIG_HT_OVERRIDES */
3027 params->disable_vht = ssid->disable_vht;
3029 vhtcaps = (void *) params->vhtcaps;
3030 vhtcaps_mask = (void *) params->vhtcaps_mask;
3032 if (!vhtcaps || !vhtcaps_mask)
3035 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3036 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3038 #ifdef CONFIG_HT_OVERRIDES
3039 /* if max ampdu is <= 3, we have to make the HT cap the same */
3040 if (ssid->vht_capa_mask & max_ampdu_mask) {
3041 max_ampdu = (ssid->vht_capa & max_ampdu_mask) >>
3042 find_first_bit(max_ampdu_mask);
3044 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3045 wpa_set_ampdu_factor(wpa_s,
3046 (void *) params->htcaps,
3047 (void *) params->htcaps_mask,
3050 #endif /* CONFIG_HT_OVERRIDES */
3052 #define OVERRIDE_MCS(i) \
3053 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3054 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3056 vhtcaps->vht_supported_mcs_set.tx_map |= \
3057 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3059 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3060 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3062 vhtcaps->vht_supported_mcs_set.rx_map |= \
3063 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3075 #endif /* CONFIG_VHT_OVERRIDES */
3078 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3083 if (!wpa_s->conf->pcsc_reader)
3086 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3090 if (wpa_s->conf->pcsc_pin &&
3091 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3092 scard_deinit(wpa_s->scard);
3093 wpa_s->scard = NULL;
3094 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3098 len = sizeof(wpa_s->imsi) - 1;
3099 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3100 scard_deinit(wpa_s->scard);
3101 wpa_s->scard = NULL;
3102 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3105 wpa_s->imsi[len] = '\0';
3107 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3109 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3110 wpa_s->imsi, wpa_s->mnc_len);
3112 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3113 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3114 #endif /* PCSC_FUNCS */
3120 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3124 ext_password_deinit(wpa_s->ext_pw);
3125 wpa_s->ext_pw = NULL;
3126 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3128 if (!wpa_s->conf->ext_password_backend)
3131 val = os_strdup(wpa_s->conf->ext_password_backend);
3134 pos = os_strchr(val, ':');
3138 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3140 wpa_s->ext_pw = ext_password_init(val, pos);
3142 if (wpa_s->ext_pw == NULL) {
3143 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3146 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3152 static int wpas_check_wowlan_trigger(const char *start, const char *trigger,
3153 int capa_trigger, u8 *param_trigger)
3155 if (os_strcmp(start, trigger) != 0)
3165 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3166 struct wpa_driver_capa *capa)
3168 struct wowlan_triggers triggers;
3169 char *start, *end, *buf;
3172 if (!wpa_s->conf->wowlan_triggers)
3175 buf = os_strdup(wpa_s->conf->wowlan_triggers);
3179 os_memset(&triggers, 0, sizeof(triggers));
3181 #define CHECK_TRIGGER(trigger) \
3182 wpas_check_wowlan_trigger(start, #trigger, \
3183 capa->wowlan_triggers.trigger, \
3187 while (*start != '\0') {
3188 while (isblank(*start))
3193 while (!isblank(*end) && *end != '\0')
3195 last = *end == '\0';
3198 if (!CHECK_TRIGGER(any) &&
3199 !CHECK_TRIGGER(disconnect) &&
3200 !CHECK_TRIGGER(magic_pkt) &&
3201 !CHECK_TRIGGER(gtk_rekey_failure) &&
3202 !CHECK_TRIGGER(eap_identity_req) &&
3203 !CHECK_TRIGGER(four_way_handshake) &&
3204 !CHECK_TRIGGER(rfkill_release)) {
3205 wpa_printf(MSG_DEBUG,
3206 "Unknown/unsupported wowlan trigger '%s'",
3216 #undef CHECK_TRIGGER
3218 ret = wpa_drv_wowlan(wpa_s, &triggers);
3225 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3228 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3229 struct wpa_radio *radio;
3231 while (rn && iface) {
3232 radio = iface->radio;
3233 if (radio && os_strcmp(rn, radio->name) == 0) {
3234 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3236 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3240 iface = iface->next;
3243 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3244 wpa_s->ifname, rn ? rn : "N/A");
3245 radio = os_zalloc(sizeof(*radio));
3250 os_strlcpy(radio->name, rn, sizeof(radio->name));
3251 dl_list_init(&radio->ifaces);
3252 dl_list_init(&radio->work);
3253 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3259 static void radio_work_free(struct wpa_radio_work *work)
3261 if (work->wpa_s->scan_work == work) {
3262 /* This should not really happen. */
3263 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3264 work->type, work, work->started);
3265 work->wpa_s->scan_work = NULL;
3269 if (work->wpa_s->p2p_scan_work == work) {
3270 /* This should not really happen. */
3271 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3272 work->type, work, work->started);
3273 work->wpa_s->p2p_scan_work = NULL;
3275 #endif /* CONFIG_P2P */
3277 dl_list_del(&work->list);
3282 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3284 struct wpa_radio *radio = eloop_ctx;
3285 struct wpa_radio_work *work;
3286 struct os_reltime now, diff;
3287 struct wpa_supplicant *wpa_s;
3289 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3294 return; /* already started and still in progress */
3296 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3298 if (wpa_s && wpa_s->external_scan_running) {
3299 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3303 os_get_reltime(&now);
3304 os_reltime_sub(&now, &work->time, &diff);
3305 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3306 work->type, work, diff.sec, diff.usec);
3314 * This function removes both started and pending radio works running on
3315 * the provided interface's radio.
3316 * Prior to the removal of the radio work, its callback (cb) is called with
3317 * deinit set to be 1. Each work's callback is responsible for clearing its
3318 * internal data and restoring to a correct state.
3319 * @wpa_s: wpa_supplicant data
3320 * @type: type of works to be removed
3321 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3322 * this interface's works.
3324 void radio_remove_works(struct wpa_supplicant *wpa_s,
3325 const char *type, int remove_all)
3327 struct wpa_radio_work *work, *tmp;
3328 struct wpa_radio *radio = wpa_s->radio;
3330 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3332 if (type && os_strcmp(type, work->type) != 0)
3335 /* skip other ifaces' works */
3336 if (!remove_all && work->wpa_s != wpa_s)
3339 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3340 work->type, work, work->started ? " (started)" : "");
3342 radio_work_free(work);
3345 /* in case we removed the started work */
3346 radio_work_check_next(wpa_s);
3350 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3352 struct wpa_radio *radio = wpa_s->radio;
3357 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3358 wpa_s->ifname, radio->name);
3359 dl_list_del(&wpa_s->radio_list);
3360 radio_remove_works(wpa_s, NULL, 0);
3361 wpa_s->radio = NULL;
3362 if (!dl_list_empty(&radio->ifaces))
3363 return; /* Interfaces remain for this radio */
3365 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3366 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3371 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3373 struct wpa_radio *radio = wpa_s->radio;
3375 if (dl_list_empty(&radio->work))
3377 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3378 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3383 * radio_add_work - Add a radio work item
3384 * @wpa_s: Pointer to wpa_supplicant data
3385 * @freq: Frequency of the offchannel operation in MHz or 0
3386 * @type: Unique identifier for each type of work
3387 * @next: Force as the next work to be executed
3388 * @cb: Callback function for indicating when radio is available
3389 * @ctx: Context pointer for the work (work->ctx in cb())
3390 * Returns: 0 on success, -1 on failure
3392 * This function is used to request time for an operation that requires
3393 * exclusive radio control. Once the radio is available, the registered callback
3394 * function will be called. radio_work_done() must be called once the exclusive
3395 * radio operation has been completed, so that the radio is freed for other
3396 * operations. The special case of deinit=1 is used to free the context data
3397 * during interface removal. That does not allow the callback function to start
3398 * the radio operation, i.e., it must free any resources allocated for the radio
3401 * The @freq parameter can be used to indicate a single channel on which the
3402 * offchannel operation will occur. This may allow multiple radio work
3403 * operations to be performed in parallel if they apply for the same channel.
3404 * Setting this to 0 indicates that the work item may use multiple channels or
3405 * requires exclusive control of the radio.
3407 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3408 const char *type, int next,
3409 void (*cb)(struct wpa_radio_work *work, int deinit),
3412 struct wpa_radio_work *work;
3415 work = os_zalloc(sizeof(*work));
3418 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3419 os_get_reltime(&work->time);
3422 work->wpa_s = wpa_s;
3426 was_empty = dl_list_empty(&wpa_s->radio->work);
3428 dl_list_add(&wpa_s->radio->work, &work->list);
3430 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3432 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3433 radio_work_check_next(wpa_s);
3441 * radio_work_done - Indicate that a radio work item has been completed
3442 * @work: Completed work
3444 * This function is called once the callback function registered with
3445 * radio_add_work() has completed its work.
3447 void radio_work_done(struct wpa_radio_work *work)
3449 struct wpa_supplicant *wpa_s = work->wpa_s;
3450 struct os_reltime now, diff;
3451 unsigned int started = work->started;
3453 os_get_reltime(&now);
3454 os_reltime_sub(&now, &work->time, &diff);
3455 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3456 work->type, work, started ? "done" : "canceled",
3457 diff.sec, diff.usec);
3458 radio_work_free(work);
3460 radio_work_check_next(wpa_s);
3464 int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3466 struct wpa_radio_work *work;
3467 struct wpa_radio *radio = wpa_s->radio;
3469 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3470 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3478 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3479 struct wpa_interface *iface)
3481 const char *ifname, *driver, *rn;
3483 driver = iface->driver;
3485 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3488 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3489 if (wpa_s->drv_priv == NULL) {
3491 pos = driver ? os_strchr(driver, ',') : NULL;
3493 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3494 "driver interface - try next driver wrapper");
3498 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3502 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3503 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3504 "driver_param '%s'", wpa_s->conf->driver_param);
3508 ifname = wpa_drv_get_ifname(wpa_s);
3509 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3510 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3511 "interface name with '%s'", ifname);
3512 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3515 rn = wpa_driver_get_radio_name(wpa_s);
3516 if (rn && rn[0] == '\0')
3519 wpa_s->radio = radio_add_interface(wpa_s, rn);
3520 if (wpa_s->radio == NULL)
3527 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3528 struct wpa_interface *iface)
3530 struct wpa_driver_capa capa;
3532 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3533 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3534 iface->confname ? iface->confname : "N/A",
3535 iface->driver ? iface->driver : "default",
3536 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3537 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3539 if (iface->confname) {
3540 #ifdef CONFIG_BACKEND_FILE
3541 wpa_s->confname = os_rel2abs_path(iface->confname);
3542 if (wpa_s->confname == NULL) {
3543 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3544 "for configuration file '%s'.",
3548 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3549 iface->confname, wpa_s->confname);
3550 #else /* CONFIG_BACKEND_FILE */
3551 wpa_s->confname = os_strdup(iface->confname);
3552 #endif /* CONFIG_BACKEND_FILE */
3553 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3554 if (wpa_s->conf == NULL) {
3555 wpa_printf(MSG_ERROR, "Failed to read or parse "
3556 "configuration '%s'.", wpa_s->confname);
3559 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3560 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3563 wpa_s->conf_p2p_dev = os_rel2abs_path(iface->conf_p2p_dev);
3564 wpa_config_read(wpa_s->conf_p2p_dev, wpa_s->conf);
3565 #endif /* CONFIG_P2P */
3568 * Override ctrl_interface and driver_param if set on command
3571 if (iface->ctrl_interface) {
3572 os_free(wpa_s->conf->ctrl_interface);
3573 wpa_s->conf->ctrl_interface =
3574 os_strdup(iface->ctrl_interface);
3577 if (iface->driver_param) {
3578 os_free(wpa_s->conf->driver_param);
3579 wpa_s->conf->driver_param =
3580 os_strdup(iface->driver_param);
3583 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3584 os_free(wpa_s->conf->ctrl_interface);
3585 wpa_s->conf->ctrl_interface = NULL;
3588 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3589 iface->driver_param);
3591 if (wpa_s->conf == NULL) {
3592 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3596 if (iface->ifname == NULL) {
3597 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3600 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3601 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3605 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3607 if (iface->bridge_ifname) {
3608 if (os_strlen(iface->bridge_ifname) >=
3609 sizeof(wpa_s->bridge_ifname)) {
3610 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3611 "name '%s'.", iface->bridge_ifname);
3614 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3615 sizeof(wpa_s->bridge_ifname));
3618 /* RSNA Supplicant Key Management - INITIALIZE */
3619 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3620 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3622 /* Initialize driver interface and register driver event handler before
3623 * L2 receive handler so that association events are processed before
3624 * EAPOL-Key packets if both become available for the same select()
3626 if (wpas_init_driver(wpa_s, iface) < 0)
3629 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3632 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3633 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3635 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3637 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3638 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3639 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3640 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3641 "dot11RSNAConfigPMKLifetime");
3645 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3646 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3647 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3648 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3649 "dot11RSNAConfigPMKReauthThreshold");
3653 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3654 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3655 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3656 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3657 "dot11RSNAConfigSATimeout");
3661 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3662 &wpa_s->hw.num_modes,
3665 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3666 wpa_s->drv_capa_known = 1;
3667 wpa_s->drv_flags = capa.flags;
3668 wpa_s->drv_enc = capa.enc;
3669 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3670 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3671 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3672 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3673 wpa_s->max_match_sets = capa.max_match_sets;
3674 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3675 wpa_s->max_stations = capa.max_stations;
3676 wpa_s->extended_capa = capa.extended_capa;
3677 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3678 wpa_s->extended_capa_len = capa.extended_capa_len;
3679 wpa_s->num_multichan_concurrent =
3680 capa.num_multichan_concurrent;
3682 if (wpa_s->max_remain_on_chan == 0)
3683 wpa_s->max_remain_on_chan = 1000;
3686 * Only take p2p_mgmt parameters when P2P Device is supported.
3687 * Doing it here as it determines whether l2_packet_init() will be done
3688 * during wpa_supplicant_driver_init().
3690 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3691 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3693 iface->p2p_mgmt = 1;
3695 if (wpa_s->num_multichan_concurrent == 0)
3696 wpa_s->num_multichan_concurrent = 1;
3698 if (wpa_supplicant_driver_init(wpa_s) < 0)
3702 if ((!iface->p2p_mgmt ||
3703 !(wpa_s->drv_flags &
3704 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3705 wpa_tdls_init(wpa_s->wpa))
3707 #endif /* CONFIG_TDLS */
3709 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3710 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3711 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3715 if (wpas_wps_init(wpa_s))
3718 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3720 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3722 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3723 if (wpa_s->ctrl_iface == NULL) {
3724 wpa_printf(MSG_ERROR,
3725 "Failed to initialize control interface '%s'.\n"
3726 "You may have another wpa_supplicant process "
3727 "already running or the file was\n"
3728 "left by an unclean termination of wpa_supplicant "
3729 "in which case you will need\n"
3730 "to manually remove this file before starting "
3731 "wpa_supplicant again.\n",
3732 wpa_s->conf->ctrl_interface);
3736 wpa_s->gas = gas_query_init(wpa_s);
3737 if (wpa_s->gas == NULL) {
3738 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3742 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3743 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3747 if (wpa_bss_init(wpa_s) < 0)
3751 * Set Wake-on-WLAN triggers, if configured.
3752 * Note: We don't restore/remove the triggers on shutdown (it doesn't
3753 * have effect anyway when the interface is down).
3755 if (wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
3758 #ifdef CONFIG_EAP_PROXY
3761 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3763 if (wpa_s->mnc_len > 0) {
3764 wpa_s->imsi[len] = '\0';
3765 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3766 wpa_s->imsi, wpa_s->mnc_len);
3768 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3771 #endif /* CONFIG_EAP_PROXY */
3773 if (pcsc_reader_init(wpa_s) < 0)
3776 if (wpas_init_ext_pw(wpa_s) < 0)
3783 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3784 int notify, int terminate)
3786 wpa_s->disconnected = 1;
3787 if (wpa_s->drv_priv) {
3788 wpa_supplicant_deauthenticate(wpa_s,
3789 WLAN_REASON_DEAUTH_LEAVING);
3791 wpa_drv_set_countermeasures(wpa_s, 0);
3792 wpa_clear_keys(wpa_s, NULL);
3795 wpa_supplicant_cleanup(wpa_s);
3796 wpas_p2p_deinit_iface(wpa_s);
3798 wpas_ctrl_radio_work_flush(wpa_s);
3799 radio_remove_interface(wpa_s);
3801 if (wpa_s->drv_priv)
3802 wpa_drv_deinit(wpa_s);
3805 wpas_notify_iface_removed(wpa_s);
3808 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3810 if (wpa_s->ctrl_iface) {
3811 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3812 wpa_s->ctrl_iface = NULL;
3815 if (wpa_s->conf != NULL) {
3816 wpa_config_free(wpa_s->conf);
3825 * wpa_supplicant_add_iface - Add a new network interface
3826 * @global: Pointer to global data from wpa_supplicant_init()
3827 * @iface: Interface configuration options
3828 * Returns: Pointer to the created interface or %NULL on failure
3830 * This function is used to add new network interfaces for %wpa_supplicant.
3831 * This can be called before wpa_supplicant_run() to add interfaces before the
3832 * main event loop has been started. In addition, new interfaces can be added
3833 * dynamically while %wpa_supplicant is already running. This could happen,
3834 * e.g., when a hotplug network adapter is inserted.
3836 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3837 struct wpa_interface *iface)
3839 struct wpa_supplicant *wpa_s;
3840 struct wpa_interface t_iface;
3841 struct wpa_ssid *ssid;
3843 if (global == NULL || iface == NULL)
3846 wpa_s = wpa_supplicant_alloc();
3850 wpa_s->global = global;
3853 if (global->params.override_driver) {
3854 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3856 iface->driver, global->params.override_driver);
3857 t_iface.driver = global->params.override_driver;
3859 if (global->params.override_ctrl_interface) {
3860 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3861 "ctrl_interface ('%s' -> '%s')",
3862 iface->ctrl_interface,
3863 global->params.override_ctrl_interface);
3864 t_iface.ctrl_interface =
3865 global->params.override_ctrl_interface;
3867 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3868 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3870 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3874 /* Notify the control interfaces about new iface */
3875 if (wpas_notify_iface_added(wpa_s)) {
3876 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3880 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3881 wpas_notify_network_added(wpa_s, ssid);
3883 wpa_s->next = global->ifaces;
3884 global->ifaces = wpa_s;
3886 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3887 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3894 * wpa_supplicant_remove_iface - Remove a network interface
3895 * @global: Pointer to global data from wpa_supplicant_init()
3896 * @wpa_s: Pointer to the network interface to be removed
3897 * Returns: 0 if interface was removed, -1 if interface was not found
3899 * This function can be used to dynamically remove network interfaces from
3900 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3901 * addition, this function is used to remove all remaining interfaces when
3902 * %wpa_supplicant is terminated.
3904 int wpa_supplicant_remove_iface(struct wpa_global *global,
3905 struct wpa_supplicant *wpa_s,
3908 struct wpa_supplicant *prev;
3910 /* Remove interface from the global list of interfaces */
3911 prev = global->ifaces;
3912 if (prev == wpa_s) {
3913 global->ifaces = wpa_s->next;
3915 while (prev && prev->next != wpa_s)
3919 prev->next = wpa_s->next;
3922 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3924 if (global->p2p_group_formation == wpa_s)
3925 global->p2p_group_formation = NULL;
3926 if (global->p2p_invite_group == wpa_s)
3927 global->p2p_invite_group = NULL;
3928 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3935 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3936 * @wpa_s: Pointer to the network interface
3937 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3939 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3941 const char *eapol_method;
3943 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3944 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3948 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3949 if (eapol_method == NULL)
3950 return "UNKNOWN-EAP";
3952 return eapol_method;
3957 * wpa_supplicant_get_iface - Get a new network interface
3958 * @global: Pointer to global data from wpa_supplicant_init()
3959 * @ifname: Interface name
3960 * Returns: Pointer to the interface or %NULL if not found
3962 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3965 struct wpa_supplicant *wpa_s;
3967 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3968 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3975 #ifndef CONFIG_NO_WPA_MSG
3976 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3978 struct wpa_supplicant *wpa_s = ctx;
3981 return wpa_s->ifname;
3983 #endif /* CONFIG_NO_WPA_MSG */
3987 * wpa_supplicant_init - Initialize %wpa_supplicant
3988 * @params: Parameters for %wpa_supplicant
3989 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3991 * This function is used to initialize %wpa_supplicant. After successful
3992 * initialization, the returned data pointer can be used to add and remove
3993 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3995 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3997 struct wpa_global *global;
4003 #ifdef CONFIG_DRIVER_NDIS
4005 void driver_ndis_init_ops(void);
4006 driver_ndis_init_ops();
4008 #endif /* CONFIG_DRIVER_NDIS */
4010 #ifndef CONFIG_NO_WPA_MSG
4011 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4012 #endif /* CONFIG_NO_WPA_MSG */
4014 wpa_debug_open_file(params->wpa_debug_file_path);
4015 if (params->wpa_debug_syslog)
4016 wpa_debug_open_syslog();
4017 if (params->wpa_debug_tracing) {
4018 ret = wpa_debug_open_linux_tracing();
4020 wpa_printf(MSG_ERROR,
4021 "Failed to enable trace logging");
4026 ret = eap_register_methods();
4028 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4030 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4031 "the same EAP type.");
4035 global = os_zalloc(sizeof(*global));
4038 dl_list_init(&global->p2p_srv_bonjour);
4039 dl_list_init(&global->p2p_srv_upnp);
4040 global->params.daemonize = params->daemonize;
4041 global->params.wait_for_monitor = params->wait_for_monitor;
4042 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4043 if (params->pid_file)
4044 global->params.pid_file = os_strdup(params->pid_file);
4045 if (params->ctrl_interface)
4046 global->params.ctrl_interface =
4047 os_strdup(params->ctrl_interface);
4048 if (params->ctrl_interface_group)
4049 global->params.ctrl_interface_group =
4050 os_strdup(params->ctrl_interface_group);
4051 if (params->override_driver)
4052 global->params.override_driver =
4053 os_strdup(params->override_driver);
4054 if (params->override_ctrl_interface)
4055 global->params.override_ctrl_interface =
4056 os_strdup(params->override_ctrl_interface);
4057 wpa_debug_level = global->params.wpa_debug_level =
4058 params->wpa_debug_level;
4059 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4060 params->wpa_debug_show_keys;
4061 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4062 params->wpa_debug_timestamp;
4064 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4067 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4068 wpa_supplicant_deinit(global);
4072 random_init(params->entropy_file);
4074 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4075 if (global->ctrl_iface == NULL) {
4076 wpa_supplicant_deinit(global);
4080 if (wpas_notify_supplicant_initialized(global)) {
4081 wpa_supplicant_deinit(global);
4085 for (i = 0; wpa_drivers[i]; i++)
4086 global->drv_count++;
4087 if (global->drv_count == 0) {
4088 wpa_printf(MSG_ERROR, "No drivers enabled");
4089 wpa_supplicant_deinit(global);
4092 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
4093 if (global->drv_priv == NULL) {
4094 wpa_supplicant_deinit(global);
4098 #ifdef CONFIG_WIFI_DISPLAY
4099 if (wifi_display_init(global) < 0) {
4100 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4101 wpa_supplicant_deinit(global);
4104 #endif /* CONFIG_WIFI_DISPLAY */
4111 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4112 * @global: Pointer to global data from wpa_supplicant_init()
4113 * Returns: 0 after successful event loop run, -1 on failure
4115 * This function starts the main event loop and continues running as long as
4116 * there are any remaining events. In most cases, this function is running as
4117 * long as the %wpa_supplicant process in still in use.
4119 int wpa_supplicant_run(struct wpa_global *global)
4121 struct wpa_supplicant *wpa_s;
4123 if (global->params.daemonize &&
4124 wpa_supplicant_daemon(global->params.pid_file))
4127 if (global->params.wait_for_monitor) {
4128 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4129 if (wpa_s->ctrl_iface)
4130 wpa_supplicant_ctrl_iface_wait(
4134 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4135 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4144 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4145 * @global: Pointer to global data from wpa_supplicant_init()
4147 * This function is called to deinitialize %wpa_supplicant and to free all
4148 * allocated resources. Remaining network interfaces will also be removed.
4150 void wpa_supplicant_deinit(struct wpa_global *global)
4157 #ifdef CONFIG_WIFI_DISPLAY
4158 wifi_display_deinit(global);
4159 #endif /* CONFIG_WIFI_DISPLAY */
4161 while (global->ifaces)
4162 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4164 if (global->ctrl_iface)
4165 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4167 wpas_notify_supplicant_deinitialized(global);
4169 eap_peer_unregister_methods();
4171 eap_server_unregister_methods();
4172 #endif /* CONFIG_AP */
4174 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4175 if (!global->drv_priv[i])
4177 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4179 os_free(global->drv_priv);
4185 if (global->params.pid_file) {
4186 os_daemonize_terminate(global->params.pid_file);
4187 os_free(global->params.pid_file);
4189 os_free(global->params.ctrl_interface);
4190 os_free(global->params.ctrl_interface_group);
4191 os_free(global->params.override_driver);
4192 os_free(global->params.override_ctrl_interface);
4194 os_free(global->p2p_disallow_freq.range);
4195 os_free(global->p2p_go_avoid_freq.range);
4196 os_free(global->add_psk);
4199 wpa_debug_close_syslog();
4200 wpa_debug_close_file();
4201 wpa_debug_close_linux_tracing();
4205 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4207 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4208 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4210 country[0] = wpa_s->conf->country[0];
4211 country[1] = wpa_s->conf->country[1];
4213 if (wpa_drv_set_country(wpa_s, country) < 0) {
4214 wpa_printf(MSG_ERROR, "Failed to set country code "
4219 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4220 wpas_init_ext_pw(wpa_s);
4223 wpas_wps_update_config(wpa_s);
4224 #endif /* CONFIG_WPS */
4225 wpas_p2p_update_config(wpa_s);
4226 wpa_s->conf->changed_parameters = 0;
4230 static void add_freq(int *freqs, int *num_freqs, int freq)
4234 for (i = 0; i < *num_freqs; i++) {
4235 if (freqs[i] == freq)
4239 freqs[*num_freqs] = freq;
4244 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4246 struct wpa_bss *bss, *cbss;
4247 const int max_freqs = 10;
4251 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4255 cbss = wpa_s->current_bss;
4257 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4260 if (bss->ssid_len == cbss->ssid_len &&
4261 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4262 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4263 add_freq(freqs, &num_freqs, bss->freq);
4264 if (num_freqs == max_freqs)
4269 if (num_freqs == 0) {
4278 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4284 wpas_connect_work_done(wpa_s);
4287 * Remove possible authentication timeout since the connection failed.
4289 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4291 if (wpa_s->disconnected) {
4293 * There is no point in blacklisting the AP if this event is
4294 * generated based on local request to disconnect.
4296 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4297 "indication since interface has been put into "
4298 "disconnected state");
4303 * Add the failed BSSID into the blacklist and speed up next scan
4304 * attempt if there could be other APs that could accept association.
4305 * The current blacklist count indicates how many times we have tried
4306 * connecting to this AP and multiple attempts mean that other APs are
4307 * either not available or has already been tried, so that we can start
4308 * increasing the delay here to avoid constant scanning.
4310 count = wpa_blacklist_add(wpa_s, bssid);
4311 if (count == 1 && wpa_s->current_bss) {
4313 * This BSS was not in the blacklist before. If there is
4314 * another BSS available for the same ESS, we should try that
4315 * next. Otherwise, we may as well try this one once more
4316 * before allowing other, likely worse, ESSes to be considered.
4318 freqs = get_bss_freqs_in_ess(wpa_s);
4320 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4321 "has been seen; try it next");
4322 wpa_blacklist_add(wpa_s, bssid);
4324 * On the next scan, go through only the known channels
4325 * used in this ESS based on previous scans to speed up
4326 * common load balancing use case.
4328 os_free(wpa_s->next_scan_freqs);
4329 wpa_s->next_scan_freqs = freqs;
4334 * Add previous failure count in case the temporary blacklist was
4335 * cleared due to no other BSSes being available.
4337 count += wpa_s->extra_blacklist_count;
4339 if (count > 3 && wpa_s->current_ssid) {
4340 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4341 "consider temporary network disabling");
4342 wpas_auth_failed(wpa_s, "CONN_FAILED");
4363 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4364 "ms", count, timeout);
4367 * TODO: if more than one possible AP is available in scan results,
4368 * could try the other ones before requesting a new scan.
4370 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4371 1000 * (timeout % 1000));
4375 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4377 return wpa_s->conf->ap_scan == 2 ||
4378 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4382 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4383 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4384 struct wpa_ssid *ssid,
4388 #ifdef IEEE8021X_EAPOL
4389 struct eap_peer_config *eap = &ssid->eap;
4391 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4392 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4393 (const u8 *) value, os_strlen(value));
4395 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4396 case WPA_CTRL_REQ_EAP_IDENTITY:
4397 os_free(eap->identity);
4398 eap->identity = (u8 *) os_strdup(value);
4399 eap->identity_len = os_strlen(value);
4400 eap->pending_req_identity = 0;
4401 if (ssid == wpa_s->current_ssid)
4402 wpa_s->reassociate = 1;
4404 case WPA_CTRL_REQ_EAP_PASSWORD:
4405 bin_clear_free(eap->password, eap->password_len);
4406 eap->password = (u8 *) os_strdup(value);
4407 eap->password_len = os_strlen(value);
4408 eap->pending_req_password = 0;
4409 if (ssid == wpa_s->current_ssid)
4410 wpa_s->reassociate = 1;
4412 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4413 bin_clear_free(eap->new_password, eap->new_password_len);
4414 eap->new_password = (u8 *) os_strdup(value);
4415 eap->new_password_len = os_strlen(value);
4416 eap->pending_req_new_password = 0;
4417 if (ssid == wpa_s->current_ssid)
4418 wpa_s->reassociate = 1;
4420 case WPA_CTRL_REQ_EAP_PIN:
4421 str_clear_free(eap->pin);
4422 eap->pin = os_strdup(value);
4423 eap->pending_req_pin = 0;
4424 if (ssid == wpa_s->current_ssid)
4425 wpa_s->reassociate = 1;
4427 case WPA_CTRL_REQ_EAP_OTP:
4428 bin_clear_free(eap->otp, eap->otp_len);
4429 eap->otp = (u8 *) os_strdup(value);
4430 eap->otp_len = os_strlen(value);
4431 os_free(eap->pending_req_otp);
4432 eap->pending_req_otp = NULL;
4433 eap->pending_req_otp_len = 0;
4435 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4436 str_clear_free(eap->private_key_passwd);
4437 eap->private_key_passwd = os_strdup(value);
4438 eap->pending_req_passphrase = 0;
4439 if (ssid == wpa_s->current_ssid)
4440 wpa_s->reassociate = 1;
4442 case WPA_CTRL_REQ_SIM:
4443 str_clear_free(eap->external_sim_resp);
4444 eap->external_sim_resp = os_strdup(value);
4447 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4452 #else /* IEEE8021X_EAPOL */
4453 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4455 #endif /* IEEE8021X_EAPOL */
4457 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4460 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4463 unsigned int drv_enc;
4471 if (wpa_s && wpa_s->drv_capa_known)
4472 drv_enc = wpa_s->drv_enc;
4474 drv_enc = (unsigned int) -1;
4476 for (i = 0; i < NUM_WEP_KEYS; i++) {
4477 size_t len = ssid->wep_key_len[i];
4480 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4482 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4484 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4486 return 1; /* invalid WEP key */
4489 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4490 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk)
4497 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4499 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4501 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4507 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
4509 struct wpa_ssid *ssid = wpa_s->current_ssid;
4511 struct os_reltime now;
4514 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4519 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4522 ssid->auth_failures++;
4525 if (ssid->p2p_group &&
4526 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4528 * Skip the wait time since there is a short timeout on the
4529 * connection to a P2P group.
4533 #endif /* CONFIG_P2P */
4535 if (ssid->auth_failures > 50)
4537 else if (ssid->auth_failures > 10)
4539 else if (ssid->auth_failures > 5)
4541 else if (ssid->auth_failures > 3)
4543 else if (ssid->auth_failures > 2)
4545 else if (ssid->auth_failures > 1)
4550 if (ssid->auth_failures > 1 &&
4551 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4552 dur += os_random() % (ssid->auth_failures * 10);
4554 os_get_reltime(&now);
4555 if (now.sec + dur <= ssid->disabled_until.sec)
4558 ssid->disabled_until.sec = now.sec + dur;
4560 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4561 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
4562 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4563 ssid->auth_failures, dur, reason);
4567 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4568 struct wpa_ssid *ssid, int clear_failures)
4573 if (ssid->disabled_until.sec) {
4574 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4575 "id=%d ssid=\"%s\"",
4576 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4578 ssid->disabled_until.sec = 0;
4579 ssid->disabled_until.usec = 0;
4581 ssid->auth_failures = 0;
4585 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4589 if (wpa_s->disallow_aps_bssid == NULL)
4592 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4593 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4594 bssid, ETH_ALEN) == 0)
4602 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4607 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4610 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4611 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4612 if (ssid_len == s->ssid_len &&
4613 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4622 * wpas_request_connection - Request a new connection
4623 * @wpa_s: Pointer to the network interface
4625 * This function is used to request a new connection to be found. It will mark
4626 * the interface to allow reassociation and request a new scan to find a
4627 * suitable network to connect to.
4629 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4631 wpa_s->normal_scans = 0;
4632 wpa_supplicant_reinit_autoscan(wpa_s);
4633 wpa_s->extra_blacklist_count = 0;
4634 wpa_s->disconnected = 0;
4635 wpa_s->reassociate = 1;
4637 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4638 wpa_supplicant_req_scan(wpa_s, 0, 0);
4642 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
4643 struct wpa_used_freq_data *freqs_data,
4648 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4650 for (i = 0; i < len; i++) {
4651 struct wpa_used_freq_data *cur = &freqs_data[i];
4652 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
4653 i, cur->freq, cur->flags);
4659 * Find the operating frequencies of any of the virtual interfaces that
4660 * are using the same radio as the current interface, and in addition, get
4661 * information about the interface types that are using the frequency.
4663 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
4664 struct wpa_used_freq_data *freqs_data,
4667 struct wpa_supplicant *ifs;
4670 unsigned int idx = 0, i;
4672 wpa_dbg(wpa_s, MSG_DEBUG,
4673 "Determining shared radio frequencies (max len %u)", len);
4674 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
4676 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4681 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4684 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4685 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4686 freq = ifs->current_ssid->frequency;
4687 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4688 freq = ifs->assoc_freq;
4692 /* Hold only distinct freqs */
4693 for (i = 0; i < idx; i++)
4694 if (freqs_data[i].freq == freq)
4698 freqs_data[idx++].freq = freq;
4700 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
4701 freqs_data[i].flags = ifs->current_ssid->p2p_group ?
4702 WPA_FREQ_USED_BY_P2P_CLIENT :
4703 WPA_FREQ_USED_BY_INFRA_STATION;
4707 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
4713 * Find the operating frequencies of any of the virtual interfaces that
4714 * are using the same radio as the current interface.
4716 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4717 int *freq_array, unsigned int len)
4719 struct wpa_used_freq_data *freqs_data;
4722 os_memset(freq_array, 0, sizeof(int) * len);
4724 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
4728 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
4729 for (i = 0; i < num; i++)
4730 freq_array[i] = freqs_data[i].freq;
4732 os_free(freqs_data);