3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 /* Configure default/group WEP keys for static WEP */
108 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
112 for (i = 0; i < NUM_WEP_KEYS; i++) {
113 if (ssid->wep_key_len[i] == 0)
117 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
118 i, i == ssid->wep_tx_keyidx, NULL, 0,
119 ssid->wep_key[i], ssid->wep_key_len[i]);
126 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
127 struct wpa_ssid *ssid)
134 /* IBSS/WPA-None uses only one key (Group) for both receiving and
135 * sending unicast and multicast packets. */
137 if (ssid->mode != WPAS_MODE_IBSS) {
138 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
139 "IBSS/ad-hoc) for WPA-None", ssid->mode);
143 if (!ssid->psk_set) {
144 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
149 switch (wpa_s->group_cipher) {
150 case WPA_CIPHER_CCMP:
151 os_memcpy(key, ssid->psk, 16);
155 case WPA_CIPHER_GCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_TKIP:
161 /* WPA-None uses the same Michael MIC key for both TX and RX */
162 os_memcpy(key, ssid->psk, 16 + 8);
163 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
169 "WPA-None", wpa_s->group_cipher);
173 /* TODO: should actually remember the previously used seq#, both for TX
174 * and RX from each STA.. */
176 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
180 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
182 struct wpa_supplicant *wpa_s = eloop_ctx;
183 const u8 *bssid = wpa_s->bssid;
184 if (is_zero_ether_addr(bssid))
185 bssid = wpa_s->pending_bssid;
186 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
188 wpa_blacklist_add(wpa_s, bssid);
189 wpa_sm_notify_disassoc(wpa_s->wpa);
190 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
191 wpa_s->reassociate = 1;
194 * If we timed out, the AP or the local radio may be busy.
195 * So, wait a second until scanning again.
197 wpa_supplicant_req_scan(wpa_s, 1, 0);
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
207 * This function is used to schedule a timeout for the current authentication
210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
213 if (wpa_s->conf->ap_scan == 0 &&
214 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
217 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
218 "%d usec", sec, usec);
219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
234 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236 wpa_blacklist_del(wpa_s, wpa_s->bssid);
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
249 #ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf;
251 struct wpa_ssid *ssid = wpa_s->current_ssid;
253 #ifdef CONFIG_IBSS_RSN
254 if (ssid->mode == WPAS_MODE_IBSS &&
255 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
258 * RSN IBSS authentication is per-STA and we can disable the
259 * per-BSSID EAPOL authentication.
261 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
266 #endif /* CONFIG_IBSS_RSN */
268 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
272 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
273 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
277 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
279 eapol_conf.accept_802_1x_keys = 1;
280 eapol_conf.required_keys = 0;
281 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
282 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
284 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
285 eapol_conf.required_keys |=
286 EAPOL_REQUIRE_KEY_BROADCAST;
289 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
290 eapol_conf.required_keys = 0;
292 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
293 eapol_conf.workaround = ssid->eap_workaround;
294 eapol_conf.eap_disabled =
295 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
296 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
298 eapol_conf.external_sim = wpa_s->conf->external_sim;
299 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
300 #endif /* IEEE8021X_EAPOL */
305 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306 * @wpa_s: Pointer to wpa_supplicant data
307 * @ssid: Configuration data for the network
309 * This function is used to configure WPA state machine and related parameters
310 * to a mode where WPA is not enabled. This is called as part of the
311 * authentication configuration when the selected network does not use WPA.
313 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
314 struct wpa_ssid *ssid)
318 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
319 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
320 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
321 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
323 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
324 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
325 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
326 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
327 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
328 wpa_s->group_cipher = WPA_CIPHER_NONE;
329 wpa_s->mgmt_group_cipher = 0;
331 for (i = 0; i < NUM_WEP_KEYS; i++) {
332 if (ssid->wep_key_len[i] > 5) {
333 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
334 wpa_s->group_cipher = WPA_CIPHER_WEP104;
336 } else if (ssid->wep_key_len[i] > 0) {
337 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
338 wpa_s->group_cipher = WPA_CIPHER_WEP40;
343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
344 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
345 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
346 wpa_s->pairwise_cipher);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
348 #ifdef CONFIG_IEEE80211W
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
350 wpa_s->mgmt_group_cipher);
351 #endif /* CONFIG_IEEE80211W */
353 pmksa_cache_clear_current(wpa_s->wpa);
357 void free_hw_features(struct wpa_supplicant *wpa_s)
360 if (wpa_s->hw.modes == NULL)
363 for (i = 0; i < wpa_s->hw.num_modes; i++) {
364 os_free(wpa_s->hw.modes[i].channels);
365 os_free(wpa_s->hw.modes[i].rates);
368 os_free(wpa_s->hw.modes);
369 wpa_s->hw.modes = NULL;
373 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
375 bgscan_deinit(wpa_s);
376 autoscan_deinit(wpa_s);
377 scard_deinit(wpa_s->scard);
379 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
380 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
381 l2_packet_deinit(wpa_s->l2);
384 l2_packet_deinit(wpa_s->l2_br);
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
394 os_free(wpa_s->confname);
395 wpa_s->confname = NULL;
397 os_free(wpa_s->confanother);
398 wpa_s->confanother = NULL;
400 wpa_sm_set_eapol(wpa_s->wpa, NULL);
401 eapol_sm_deinit(wpa_s->eapol);
404 rsn_preauth_deinit(wpa_s->wpa);
407 wpa_tdls_deinit(wpa_s->wpa);
408 #endif /* CONFIG_TDLS */
410 pmksa_candidate_free(wpa_s->wpa);
411 wpa_sm_deinit(wpa_s->wpa);
413 wpa_blacklist_clear(wpa_s);
415 wpa_bss_deinit(wpa_s);
417 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
418 wpa_supplicant_cancel_scan(wpa_s);
419 wpa_supplicant_cancel_auth_timeout(wpa_s);
420 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
421 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
422 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
424 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
426 wpas_wps_deinit(wpa_s);
428 wpabuf_free(wpa_s->pending_eapol_rx);
429 wpa_s->pending_eapol_rx = NULL;
431 #ifdef CONFIG_IBSS_RSN
432 ibss_rsn_deinit(wpa_s->ibss_rsn);
433 wpa_s->ibss_rsn = NULL;
434 #endif /* CONFIG_IBSS_RSN */
439 wpa_supplicant_ap_deinit(wpa_s);
440 #endif /* CONFIG_AP */
443 wpas_p2p_deinit(wpa_s);
444 #endif /* CONFIG_P2P */
446 #ifdef CONFIG_OFFCHANNEL
447 offchannel_deinit(wpa_s);
448 #endif /* CONFIG_OFFCHANNEL */
450 wpa_supplicant_cancel_sched_scan(wpa_s);
452 os_free(wpa_s->next_scan_freqs);
453 wpa_s->next_scan_freqs = NULL;
455 os_free(wpa_s->manual_scan_freqs);
456 wpa_s->manual_scan_freqs = NULL;
458 gas_query_deinit(wpa_s->gas);
461 free_hw_features(wpa_s);
463 os_free(wpa_s->bssid_filter);
464 wpa_s->bssid_filter = NULL;
466 os_free(wpa_s->disallow_aps_bssid);
467 wpa_s->disallow_aps_bssid = NULL;
468 os_free(wpa_s->disallow_aps_ssid);
469 wpa_s->disallow_aps_ssid = NULL;
471 wnm_bss_keep_alive_deinit(wpa_s);
473 wnm_deallocate_memory(wpa_s);
474 #endif /* CONFIG_WNM */
476 ext_password_deinit(wpa_s->ext_pw);
477 wpa_s->ext_pw = NULL;
479 wpabuf_free(wpa_s->last_gas_resp);
480 wpa_s->last_gas_resp = NULL;
481 wpabuf_free(wpa_s->prev_gas_resp);
482 wpa_s->prev_gas_resp = NULL;
484 os_free(wpa_s->last_scan_res);
485 wpa_s->last_scan_res = NULL;
490 * wpa_clear_keys - Clear keys configured for the driver
491 * @wpa_s: Pointer to wpa_supplicant data
492 * @addr: Previously used BSSID or %NULL if not available
494 * This function clears the encryption keys that has been previously configured
497 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
501 #ifdef CONFIG_IEEE80211W
503 #else /* CONFIG_IEEE80211W */
505 #endif /* CONFIG_IEEE80211W */
507 /* MLME-DELETEKEYS.request */
508 for (i = 0; i < max; i++) {
509 if (wpa_s->keys_cleared & BIT(i))
511 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
514 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
515 !is_zero_ether_addr(addr)) {
516 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
518 /* MLME-SETPROTECTION.request(None) */
519 wpa_drv_mlme_setprotection(
521 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
522 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
524 wpa_s->keys_cleared = (u32) -1;
529 * wpa_supplicant_state_txt - Get the connection state name as a text string
530 * @state: State (wpa_state; WPA_*)
531 * Returns: The state name as a printable text string
533 const char * wpa_supplicant_state_txt(enum wpa_states state)
536 case WPA_DISCONNECTED:
537 return "DISCONNECTED";
540 case WPA_INTERFACE_DISABLED:
541 return "INTERFACE_DISABLED";
544 case WPA_AUTHENTICATING:
545 return "AUTHENTICATING";
546 case WPA_ASSOCIATING:
547 return "ASSOCIATING";
550 case WPA_4WAY_HANDSHAKE:
551 return "4WAY_HANDSHAKE";
552 case WPA_GROUP_HANDSHAKE:
553 return "GROUP_HANDSHAKE";
564 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
568 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
569 name = wpa_s->current_ssid->bgscan;
571 name = wpa_s->conf->bgscan;
574 if (wpas_driver_bss_selection(wpa_s))
576 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
579 bgscan_deinit(wpa_s);
580 if (wpa_s->current_ssid) {
581 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
582 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
585 * Live without bgscan; it is only used as a roaming
586 * optimization, so the initial connection is not
590 struct wpa_scan_results *scan_res;
591 wpa_s->bgscan_ssid = wpa_s->current_ssid;
592 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
595 bgscan_notify_scan(wpa_s, scan_res);
596 wpa_scan_results_free(scan_res);
600 wpa_s->bgscan_ssid = NULL;
604 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
606 if (wpa_s->bgscan_ssid != NULL) {
607 bgscan_deinit(wpa_s);
608 wpa_s->bgscan_ssid = NULL;
612 #endif /* CONFIG_BGSCAN */
615 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
617 if (autoscan_init(wpa_s, 0))
618 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
622 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
624 autoscan_deinit(wpa_s);
628 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
630 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
631 wpa_s->wpa_state == WPA_SCANNING) {
632 autoscan_deinit(wpa_s);
633 wpa_supplicant_start_autoscan(wpa_s);
639 * wpa_supplicant_set_state - Set current connection state
640 * @wpa_s: Pointer to wpa_supplicant data
641 * @state: The new connection state
643 * This function is called whenever the connection state changes, e.g.,
644 * association is completed for WPA/WPA2 4-Way Handshake is started.
646 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
647 enum wpa_states state)
649 enum wpa_states old_state = wpa_s->wpa_state;
651 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
652 wpa_supplicant_state_txt(wpa_s->wpa_state),
653 wpa_supplicant_state_txt(state));
655 if (state == WPA_INTERFACE_DISABLED) {
656 /* Assure normal scan when interface is restored */
657 wpa_s->normal_scans = 0;
660 if (state == WPA_COMPLETED)
661 wpas_connect_work_done(wpa_s);
663 if (state != WPA_SCANNING)
664 wpa_supplicant_notify_scanning(wpa_s, 0);
666 if (state == WPA_COMPLETED && wpa_s->new_connection) {
667 struct wpa_ssid *ssid = wpa_s->current_ssid;
668 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
669 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
670 MACSTR " completed [id=%d id_str=%s]",
671 MAC2STR(wpa_s->bssid),
672 ssid ? ssid->id : -1,
673 ssid && ssid->id_str ? ssid->id_str : "");
674 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
675 wpas_clear_temp_disabled(wpa_s, ssid, 1);
676 wpa_s->extra_blacklist_count = 0;
677 wpa_s->new_connection = 0;
678 wpa_drv_set_operstate(wpa_s, 1);
679 #ifndef IEEE8021X_EAPOL
680 wpa_drv_set_supp_port(wpa_s, 1);
681 #endif /* IEEE8021X_EAPOL */
682 wpa_s->after_wps = 0;
683 wpa_s->known_wps_freq = 0;
685 wpas_p2p_completed(wpa_s);
686 #endif /* CONFIG_P2P */
688 sme_sched_obss_scan(wpa_s, 1);
689 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
690 state == WPA_ASSOCIATED) {
691 wpa_s->new_connection = 1;
692 wpa_drv_set_operstate(wpa_s, 0);
693 #ifndef IEEE8021X_EAPOL
694 wpa_drv_set_supp_port(wpa_s, 0);
695 #endif /* IEEE8021X_EAPOL */
696 sme_sched_obss_scan(wpa_s, 0);
698 wpa_s->wpa_state = state;
701 if (state == WPA_COMPLETED)
702 wpa_supplicant_start_bgscan(wpa_s);
703 else if (state < WPA_ASSOCIATED)
704 wpa_supplicant_stop_bgscan(wpa_s);
705 #endif /* CONFIG_BGSCAN */
707 if (state == WPA_AUTHENTICATING)
708 wpa_supplicant_stop_autoscan(wpa_s);
710 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
711 wpa_supplicant_start_autoscan(wpa_s);
713 if (wpa_s->wpa_state != old_state) {
714 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
716 if (wpa_s->wpa_state == WPA_COMPLETED ||
717 old_state == WPA_COMPLETED)
718 wpas_notify_auth_changed(wpa_s);
723 void wpa_supplicant_terminate_proc(struct wpa_global *global)
727 struct wpa_supplicant *wpa_s = global->ifaces;
729 struct wpa_supplicant *next = wpa_s->next;
731 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
732 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
733 wpas_p2p_disconnect(wpa_s);
734 #endif /* CONFIG_P2P */
735 if (wpas_wps_terminate_pending(wpa_s) == 1)
739 #endif /* CONFIG_WPS */
746 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
748 struct wpa_global *global = signal_ctx;
749 wpa_supplicant_terminate_proc(global);
753 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
755 enum wpa_states old_state = wpa_s->wpa_state;
757 wpa_s->pairwise_cipher = 0;
758 wpa_s->group_cipher = 0;
759 wpa_s->mgmt_group_cipher = 0;
761 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
762 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
764 if (wpa_s->wpa_state != old_state)
765 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
770 * wpa_supplicant_reload_configuration - Reload configuration data
771 * @wpa_s: Pointer to wpa_supplicant data
772 * Returns: 0 on success or -1 if configuration parsing failed
774 * This function can be used to request that the configuration data is reloaded
775 * (e.g., after configuration file change). This function is reloading
776 * configuration only for one interface, so this may need to be called multiple
777 * times if %wpa_supplicant is controlling multiple interfaces and all
778 * interfaces need reconfiguration.
780 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
782 struct wpa_config *conf;
786 if (wpa_s->confname == NULL)
788 conf = wpa_config_read(wpa_s->confname, NULL);
790 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
791 "file '%s' - exiting", wpa_s->confname);
794 wpa_config_read(wpa_s->confanother, conf);
796 conf->changed_parameters = (unsigned int) -1;
798 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
799 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
800 os_strcmp(conf->ctrl_interface,
801 wpa_s->conf->ctrl_interface) != 0);
803 if (reconf_ctrl && wpa_s->ctrl_iface) {
804 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
805 wpa_s->ctrl_iface = NULL;
808 eapol_sm_invalidate_cached_session(wpa_s->eapol);
809 if (wpa_s->current_ssid) {
810 wpa_supplicant_deauthenticate(wpa_s,
811 WLAN_REASON_DEAUTH_LEAVING);
815 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
816 * pkcs11_engine_path, pkcs11_module_path.
818 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
820 * Clear forced success to clear EAP state for next
823 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
825 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
826 wpa_sm_set_config(wpa_s->wpa, NULL);
827 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
828 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
829 rsn_preauth_deinit(wpa_s->wpa);
831 old_ap_scan = wpa_s->conf->ap_scan;
832 wpa_config_free(wpa_s->conf);
834 if (old_ap_scan != wpa_s->conf->ap_scan)
835 wpas_notify_ap_scan_changed(wpa_s);
838 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
840 wpa_supplicant_update_config(wpa_s);
842 wpa_supplicant_clear_status(wpa_s);
843 if (wpa_supplicant_enabled_networks(wpa_s)) {
844 wpa_s->reassociate = 1;
845 wpa_supplicant_req_scan(wpa_s, 0, 0);
847 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
852 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
854 struct wpa_global *global = signal_ctx;
855 struct wpa_supplicant *wpa_s;
856 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
857 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
859 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
860 wpa_supplicant_terminate_proc(global);
866 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
867 struct wpa_ssid *ssid,
868 struct wpa_ie_data *ie)
870 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
873 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
874 "from association info");
879 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
881 if (!(ie->group_cipher & ssid->group_cipher)) {
882 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
883 "cipher 0x%x (mask 0x%x) - reject",
884 ie->group_cipher, ssid->group_cipher);
887 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
888 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
889 "cipher 0x%x (mask 0x%x) - reject",
890 ie->pairwise_cipher, ssid->pairwise_cipher);
893 if (!(ie->key_mgmt & ssid->key_mgmt)) {
894 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
895 "management 0x%x (mask 0x%x) - reject",
896 ie->key_mgmt, ssid->key_mgmt);
900 #ifdef CONFIG_IEEE80211W
901 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
902 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
903 wpa_s->conf->pmf : ssid->ieee80211w) ==
904 MGMT_FRAME_PROTECTION_REQUIRED) {
905 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
906 "that does not support management frame protection - "
910 #endif /* CONFIG_IEEE80211W */
917 * wpa_supplicant_set_suites - Set authentication and encryption parameters
918 * @wpa_s: Pointer to wpa_supplicant data
919 * @bss: Scan results for the selected BSS, or %NULL if not available
920 * @ssid: Configuration data for the selected network
921 * @wpa_ie: Buffer for the WPA/RSN IE
922 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
923 * used buffer length in case the functions returns success.
924 * Returns: 0 on success or -1 on failure
926 * This function is used to configure authentication and encryption parameters
927 * based on the network configuration and scan result for the selected BSS (if
930 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
931 struct wpa_bss *bss, struct wpa_ssid *ssid,
932 u8 *wpa_ie, size_t *wpa_ie_len)
934 struct wpa_ie_data ie;
936 const u8 *bss_wpa, *bss_rsn;
939 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
940 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
942 bss_wpa = bss_rsn = NULL;
944 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
945 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
946 (ie.group_cipher & ssid->group_cipher) &&
947 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
948 (ie.key_mgmt & ssid->key_mgmt)) {
949 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
950 proto = WPA_PROTO_RSN;
951 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
952 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
953 (ie.group_cipher & ssid->group_cipher) &&
954 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
955 (ie.key_mgmt & ssid->key_mgmt)) {
956 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
957 proto = WPA_PROTO_WPA;
959 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
962 if (ssid->proto & WPA_PROTO_RSN)
963 proto = WPA_PROTO_RSN;
965 proto = WPA_PROTO_WPA;
966 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
967 os_memset(&ie, 0, sizeof(ie));
968 ie.group_cipher = ssid->group_cipher;
969 ie.pairwise_cipher = ssid->pairwise_cipher;
970 ie.key_mgmt = ssid->key_mgmt;
971 #ifdef CONFIG_IEEE80211W
972 ie.mgmt_group_cipher =
973 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
974 WPA_CIPHER_AES_128_CMAC : 0;
975 #endif /* CONFIG_IEEE80211W */
976 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
977 "based on configuration");
982 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
983 "pairwise %d key_mgmt %d proto %d",
984 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
985 #ifdef CONFIG_IEEE80211W
986 if (ssid->ieee80211w) {
987 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
988 ie.mgmt_group_cipher);
990 #endif /* CONFIG_IEEE80211W */
992 wpa_s->wpa_proto = proto;
993 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
994 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
995 !!(ssid->proto & WPA_PROTO_RSN));
997 if (bss || !wpa_s->ap_ies_from_associnfo) {
998 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
999 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1000 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1001 bss_rsn ? 2 + bss_rsn[1] : 0))
1005 sel = ie.group_cipher & ssid->group_cipher;
1006 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1007 if (wpa_s->group_cipher < 0) {
1008 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1013 wpa_cipher_txt(wpa_s->group_cipher));
1015 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1016 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1017 if (wpa_s->pairwise_cipher < 0) {
1018 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1022 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1023 wpa_cipher_txt(wpa_s->pairwise_cipher));
1025 sel = ie.key_mgmt & ssid->key_mgmt;
1027 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1028 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1029 #endif /* CONFIG_SAE */
1031 #ifdef CONFIG_IEEE80211R
1032 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1033 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1034 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1035 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1036 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1037 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1038 #endif /* CONFIG_IEEE80211R */
1040 } else if (sel & WPA_KEY_MGMT_SAE) {
1041 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1042 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1043 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1044 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1045 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1046 #endif /* CONFIG_SAE */
1047 #ifdef CONFIG_IEEE80211W
1048 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1049 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1050 wpa_dbg(wpa_s, MSG_DEBUG,
1051 "WPA: using KEY_MGMT 802.1X with SHA256");
1052 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1053 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1054 wpa_dbg(wpa_s, MSG_DEBUG,
1055 "WPA: using KEY_MGMT PSK with SHA256");
1056 #endif /* CONFIG_IEEE80211W */
1057 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1058 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1060 } else if (sel & WPA_KEY_MGMT_PSK) {
1061 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1062 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1063 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1064 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1065 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1067 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1068 "authenticated key management type");
1072 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1073 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1074 wpa_s->pairwise_cipher);
1075 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1077 #ifdef CONFIG_IEEE80211W
1078 sel = ie.mgmt_group_cipher;
1079 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1080 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1081 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1083 if (sel & WPA_CIPHER_AES_128_CMAC) {
1084 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1085 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1088 wpa_s->mgmt_group_cipher = 0;
1089 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1091 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1092 wpa_s->mgmt_group_cipher);
1093 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1094 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1095 wpa_s->conf->pmf : ssid->ieee80211w));
1096 #endif /* CONFIG_IEEE80211W */
1098 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1099 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1103 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1104 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1105 #ifndef CONFIG_NO_PBKDF2
1106 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1109 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1110 4096, psk, PMK_LEN);
1111 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1113 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1115 #endif /* CONFIG_NO_PBKDF2 */
1116 #ifdef CONFIG_EXT_PASSWORD
1117 if (ssid->ext_psk) {
1118 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1120 char pw_str[64 + 1];
1124 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1125 "found from external storage");
1129 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1130 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1131 "PSK length %d in external storage",
1132 (int) wpabuf_len(pw));
1133 ext_password_free(pw);
1137 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1138 pw_str[wpabuf_len(pw)] = '\0';
1140 #ifndef CONFIG_NO_PBKDF2
1141 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1143 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1144 4096, psk, PMK_LEN);
1145 os_memset(pw_str, 0, sizeof(pw_str));
1146 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1147 "external passphrase)",
1149 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1151 #endif /* CONFIG_NO_PBKDF2 */
1152 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1153 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1154 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1155 "Invalid PSK hex string");
1156 os_memset(pw_str, 0, sizeof(pw_str));
1157 ext_password_free(pw);
1160 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1162 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1164 os_memset(pw_str, 0, sizeof(pw_str));
1165 ext_password_free(pw);
1169 os_memset(pw_str, 0, sizeof(pw_str));
1170 ext_password_free(pw);
1172 #endif /* CONFIG_EXT_PASSWORD */
1174 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1180 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1185 case 0: /* Bits 0-7 */
1187 case 1: /* Bits 8-15 */
1189 case 2: /* Bits 16-23 */
1191 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1192 *pos |= 0x08; /* Bit 19 - BSS Transition */
1193 #endif /* CONFIG_WNM */
1195 case 3: /* Bits 24-31 */
1197 *pos |= 0x02; /* Bit 25 - SSID List */
1198 #endif /* CONFIG_WNM */
1199 #ifdef CONFIG_INTERWORKING
1200 if (wpa_s->conf->interworking)
1201 *pos |= 0x80; /* Bit 31 - Interworking */
1202 #endif /* CONFIG_INTERWORKING */
1204 case 4: /* Bits 32-39 */
1205 #ifdef CONFIG_INTERWORKING
1206 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1207 *pos |= 0x01; /* Bit 32 - QoS Map */
1208 #endif /* CONFIG_INTERWORKING */
1210 case 5: /* Bits 40-47 */
1212 case 6: /* Bits 48-55 */
1218 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1223 if (len < wpa_s->extended_capa_len)
1224 len = wpa_s->extended_capa_len;
1226 *pos++ = WLAN_EID_EXT_CAPAB;
1228 for (i = 0; i < len; i++, pos++) {
1229 wpas_ext_capab_byte(wpa_s, pos, i);
1231 if (i < wpa_s->extended_capa_len) {
1232 *pos &= ~wpa_s->extended_capa_mask[i];
1233 *pos |= wpa_s->extended_capa[i];
1237 while (len > 0 && buf[1 + len] == 0) {
1248 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1249 struct wpa_bss *test_bss)
1251 struct wpa_bss *bss;
1253 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1254 if (bss == test_bss)
1262 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1263 struct wpa_ssid *test_ssid)
1265 struct wpa_ssid *ssid;
1267 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1268 if (ssid == test_ssid)
1276 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1277 struct wpa_ssid *test_ssid)
1279 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1282 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1286 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1294 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1296 struct wpa_connect_work *cwork;
1297 struct wpa_radio_work *work = wpa_s->connect_work;
1302 wpa_s->connect_work = NULL;
1305 wpas_connect_work_free(cwork);
1306 radio_work_done(work);
1310 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1313 * wpa_supplicant_associate - Request association
1314 * @wpa_s: Pointer to wpa_supplicant data
1315 * @bss: Scan results for the selected BSS, or %NULL if not available
1316 * @ssid: Configuration data for the selected network
1318 * This function is used to request %wpa_supplicant to associate with a BSS.
1320 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1321 struct wpa_bss *bss, struct wpa_ssid *ssid)
1323 struct wpa_connect_work *cwork;
1325 #ifdef CONFIG_IBSS_RSN
1326 ibss_rsn_deinit(wpa_s->ibss_rsn);
1327 wpa_s->ibss_rsn = NULL;
1328 #endif /* CONFIG_IBSS_RSN */
1330 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1331 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1333 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1334 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1338 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1339 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1340 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1341 wpas_p2p_ap_setup_failed(wpa_s);
1344 wpa_s->current_bss = bss;
1345 #else /* CONFIG_AP */
1346 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1348 #endif /* CONFIG_AP */
1354 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1356 #endif /* CONFIG_TDLS */
1358 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1359 ssid->mode == IEEE80211_MODE_INFRA) {
1360 sme_authenticate(wpa_s, bss, ssid);
1364 if (wpa_s->connect_work) {
1365 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1369 cwork = os_zalloc(sizeof(*cwork));
1376 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1377 wpas_start_assoc_cb, cwork) < 0) {
1383 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1385 struct wpa_connect_work *cwork = work->ctx;
1386 struct wpa_bss *bss = cwork->bss;
1387 struct wpa_ssid *ssid = cwork->ssid;
1388 struct wpa_supplicant *wpa_s = work->wpa_s;
1391 int use_crypt, ret, i, bssid_changed;
1392 int algs = WPA_AUTH_ALG_OPEN;
1393 unsigned int cipher_pairwise, cipher_group;
1394 struct wpa_driver_associate_params params;
1395 int wep_keys_set = 0;
1396 int assoc_failed = 0;
1397 struct wpa_ssid *old_ssid;
1398 #ifdef CONFIG_HT_OVERRIDES
1399 struct ieee80211_ht_capabilities htcaps;
1400 struct ieee80211_ht_capabilities htcaps_mask;
1401 #endif /* CONFIG_HT_OVERRIDES */
1404 if (work->started) {
1405 wpa_s->connect_work = NULL;
1407 /* cancel possible auth. timeout */
1408 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1411 wpas_connect_work_free(cwork);
1415 wpa_s->connect_work = work;
1417 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1418 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1419 wpas_connect_work_done(wpa_s);
1423 os_memset(¶ms, 0, sizeof(params));
1424 wpa_s->reassociate = 0;
1425 wpa_s->eap_expected_failure = 0;
1426 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1427 #ifdef CONFIG_IEEE80211R
1428 const u8 *ie, *md = NULL;
1429 #endif /* CONFIG_IEEE80211R */
1430 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1431 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1432 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1433 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1434 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1435 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1437 wpas_notify_bssid_changed(wpa_s);
1438 #ifdef CONFIG_IEEE80211R
1439 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1440 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1442 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1444 /* Prepare for the next transition */
1445 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1447 #endif /* CONFIG_IEEE80211R */
1449 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1450 wpa_s->conf->ap_scan == 2 &&
1451 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1452 /* Use ap_scan==1 style network selection to find the network
1454 wpa_s->scan_req = MANUAL_SCAN_REQ;
1455 wpa_s->reassociate = 1;
1456 wpa_supplicant_req_scan(wpa_s, 0, 0);
1458 #endif /* CONFIG_WPS */
1460 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1461 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1462 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1464 wpa_supplicant_cancel_sched_scan(wpa_s);
1465 wpa_supplicant_cancel_scan(wpa_s);
1467 /* Starting new association, so clear the possibly used WPA IE from the
1468 * previous association. */
1469 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1471 #ifdef IEEE8021X_EAPOL
1472 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1474 if (ssid->non_leap == 0)
1475 algs = WPA_AUTH_ALG_LEAP;
1477 algs |= WPA_AUTH_ALG_LEAP;
1480 #endif /* IEEE8021X_EAPOL */
1481 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1482 if (ssid->auth_alg) {
1483 algs = ssid->auth_alg;
1484 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1488 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1489 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1490 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1491 int try_opportunistic;
1492 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1494 ssid->proactive_key_caching) &&
1495 (ssid->proto & WPA_PROTO_RSN);
1496 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1497 ssid, try_opportunistic) == 0)
1498 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1499 wpa_ie_len = sizeof(wpa_ie);
1500 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1501 wpa_ie, &wpa_ie_len)) {
1502 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1503 "key management and encryption suites");
1506 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1507 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1509 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1510 * use non-WPA since the scan results did not indicate that the
1511 * AP is using WPA or WPA2.
1513 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1515 wpa_s->wpa_proto = 0;
1516 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1517 wpa_ie_len = sizeof(wpa_ie);
1518 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1519 wpa_ie, &wpa_ie_len)) {
1520 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1521 "key management and encryption suites (no "
1526 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1527 struct wpabuf *wps_ie;
1528 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1529 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1530 wpa_ie_len = wpabuf_len(wps_ie);
1531 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1534 wpabuf_free(wps_ie);
1535 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1536 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1537 params.wps = WPS_MODE_PRIVACY;
1539 params.wps = WPS_MODE_OPEN;
1540 wpa_s->wpa_proto = 0;
1541 #endif /* CONFIG_WPS */
1543 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1545 wpa_s->wpa_proto = 0;
1549 if (wpa_s->global->p2p) {
1553 pos = wpa_ie + wpa_ie_len;
1554 len = sizeof(wpa_ie) - wpa_ie_len;
1555 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1561 wpa_s->cross_connect_disallowed = 0;
1564 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1566 wpa_s->cross_connect_disallowed =
1567 p2p_get_cross_connect_disallowed(p2p);
1569 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1571 wpa_s->cross_connect_disallowed ?
1572 "disallows" : "allows");
1576 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1577 #endif /* CONFIG_P2P */
1580 if (is_hs20_network(wpa_s, ssid, bss)) {
1581 struct wpabuf *hs20;
1582 hs20 = wpabuf_alloc(20);
1584 wpas_hs20_add_indication(hs20);
1585 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1587 wpa_ie_len += wpabuf_len(hs20);
1591 #endif /* CONFIG_HS20 */
1594 * Workaround: Add Extended Capabilities element only if the AP
1595 * included this element in Beacon/Probe Response frames. Some older
1596 * APs seem to have interoperability issues if this element is
1597 * included, so while the standard may require us to include the
1598 * element in all cases, it is justifiable to skip it to avoid
1599 * interoperability issues.
1601 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1604 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1605 if (ext_capab_len > 0) {
1607 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1609 os_memmove(pos + ext_capab_len, pos,
1610 wpa_ie_len - (pos - wpa_ie));
1611 wpa_ie_len += ext_capab_len;
1612 os_memcpy(pos, ext_capab, ext_capab_len);
1616 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1618 cipher_pairwise = wpa_s->pairwise_cipher;
1619 cipher_group = wpa_s->group_cipher;
1620 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1621 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1622 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1624 if (wpa_set_wep_keys(wpa_s, ssid)) {
1629 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1632 #ifdef IEEE8021X_EAPOL
1633 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1634 if ((ssid->eapol_flags &
1635 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1636 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1640 /* Assume that dynamic WEP-104 keys will be used and
1641 * set cipher suites in order for drivers to expect
1643 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1646 #endif /* IEEE8021X_EAPOL */
1648 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1649 /* Set the key before (and later after) association */
1650 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1653 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1655 params.ssid = bss->ssid;
1656 params.ssid_len = bss->ssid_len;
1657 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1658 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1659 MACSTR " freq=%u MHz based on scan results "
1661 MAC2STR(bss->bssid), bss->freq,
1663 params.bssid = bss->bssid;
1664 params.freq = bss->freq;
1666 params.bssid_hint = bss->bssid;
1667 params.freq_hint = bss->freq;
1669 params.ssid = ssid->ssid;
1670 params.ssid_len = ssid->ssid_len;
1673 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1674 wpa_s->conf->ap_scan == 2) {
1675 params.bssid = ssid->bssid;
1676 params.fixed_bssid = 1;
1679 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1681 params.freq = ssid->frequency; /* Initial channel for IBSS */
1682 params.wpa_ie = wpa_ie;
1683 params.wpa_ie_len = wpa_ie_len;
1684 params.pairwise_suite = cipher_pairwise;
1685 params.group_suite = cipher_group;
1686 params.key_mgmt_suite = wpa_s->key_mgmt;
1687 params.wpa_proto = wpa_s->wpa_proto;
1688 params.auth_alg = algs;
1689 params.mode = ssid->mode;
1690 params.bg_scan_period = ssid->bg_scan_period;
1691 for (i = 0; i < NUM_WEP_KEYS; i++) {
1692 if (ssid->wep_key_len[i])
1693 params.wep_key[i] = ssid->wep_key[i];
1694 params.wep_key_len[i] = ssid->wep_key_len[i];
1696 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1698 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1699 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1700 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1701 params.passphrase = ssid->passphrase;
1703 params.psk = ssid->psk;
1706 params.drop_unencrypted = use_crypt;
1708 #ifdef CONFIG_IEEE80211W
1709 params.mgmt_frame_protection =
1710 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1711 wpa_s->conf->pmf : ssid->ieee80211w;
1712 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1713 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1714 struct wpa_ie_data ie;
1715 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1717 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1718 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1719 "MFP: require MFP");
1720 params.mgmt_frame_protection =
1721 MGMT_FRAME_PROTECTION_REQUIRED;
1724 #endif /* CONFIG_IEEE80211W */
1726 params.p2p = ssid->p2p_group;
1728 if (wpa_s->parent->set_sta_uapsd)
1729 params.uapsd = wpa_s->parent->sta_uapsd;
1733 #ifdef CONFIG_HT_OVERRIDES
1734 os_memset(&htcaps, 0, sizeof(htcaps));
1735 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1736 params.htcaps = (u8 *) &htcaps;
1737 params.htcaps_mask = (u8 *) &htcaps_mask;
1738 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1739 #endif /* CONFIG_HT_OVERRIDES */
1743 * If multi-channel concurrency is not supported, check for any
1744 * frequency conflict. In case of any frequency conflict, remove the
1745 * least prioritized connection.
1747 if (wpa_s->num_multichan_concurrent < 2) {
1748 int freq = wpa_drv_shared_freq(wpa_s);
1749 if (freq > 0 && freq != params.freq) {
1750 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1752 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1758 #endif /* CONFIG_P2P */
1760 ret = wpa_drv_associate(wpa_s, ¶ms);
1762 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1764 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1766 * The driver is known to mean what is saying, so we
1767 * can stop right here; the association will not
1770 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1771 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1772 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1775 /* try to continue anyway; new association will be tried again
1780 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1781 /* Set the key after the association just in case association
1782 * cleared the previously configured key. */
1783 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1784 /* No need to timeout authentication since there is no key
1786 wpa_supplicant_cancel_auth_timeout(wpa_s);
1787 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1788 #ifdef CONFIG_IBSS_RSN
1789 } else if (ssid->mode == WPAS_MODE_IBSS &&
1790 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1791 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1793 * RSN IBSS authentication is per-STA and we can disable the
1794 * per-BSSID authentication.
1796 wpa_supplicant_cancel_auth_timeout(wpa_s);
1797 #endif /* CONFIG_IBSS_RSN */
1799 /* Timeout for IEEE 802.11 authentication and association */
1803 /* give IBSS a bit more time */
1804 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1805 } else if (wpa_s->conf->ap_scan == 1) {
1806 /* give IBSS a bit more time */
1807 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1809 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1813 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1814 /* Set static WEP keys again */
1815 wpa_set_wep_keys(wpa_s, ssid);
1818 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1820 * Do not allow EAP session resumption between different
1821 * network configurations.
1823 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1825 old_ssid = wpa_s->current_ssid;
1826 wpa_s->current_ssid = ssid;
1827 wpa_s->current_bss = bss;
1828 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1829 wpa_supplicant_initiate_eapol(wpa_s);
1830 if (old_ssid != wpa_s->current_ssid)
1831 wpas_notify_network_changed(wpa_s);
1835 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1838 struct wpa_ssid *old_ssid;
1840 wpa_clear_keys(wpa_s, addr);
1841 old_ssid = wpa_s->current_ssid;
1842 wpa_supplicant_mark_disassoc(wpa_s);
1843 wpa_sm_set_config(wpa_s->wpa, NULL);
1844 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1845 if (old_ssid != wpa_s->current_ssid)
1846 wpas_notify_network_changed(wpa_s);
1847 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1852 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1853 * @wpa_s: Pointer to wpa_supplicant data
1854 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1856 * This function is used to request %wpa_supplicant to deauthenticate from the
1859 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1863 union wpa_event_data event;
1866 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1867 " pending_bssid=" MACSTR " reason=%d state=%s",
1868 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1869 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1871 if (!is_zero_ether_addr(wpa_s->bssid))
1872 addr = wpa_s->bssid;
1873 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1874 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1875 wpa_s->wpa_state == WPA_ASSOCIATING))
1876 addr = wpa_s->pending_bssid;
1877 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1879 * When using driver-based BSS selection, we may not know the
1880 * BSSID with which we are currently trying to associate. We
1881 * need to notify the driver of this disconnection even in such
1882 * a case, so use the all zeros address here.
1884 addr = wpa_s->bssid;
1889 wpa_tdls_teardown_peers(wpa_s->wpa);
1890 #endif /* CONFIG_TDLS */
1893 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1894 os_memset(&event, 0, sizeof(event));
1895 event.deauth_info.reason_code = (u16) reason_code;
1896 event.deauth_info.locally_generated = 1;
1897 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1902 wpa_supplicant_clear_connection(wpa_s, addr);
1905 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1906 struct wpa_ssid *ssid)
1908 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1912 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1913 wpas_notify_network_enabled_changed(wpa_s, ssid);
1916 * Try to reassociate since there is no current configuration and a new
1917 * network was made available.
1919 if (!wpa_s->current_ssid && !wpa_s->disconnected)
1920 wpa_s->reassociate = 1;
1925 * wpa_supplicant_enable_network - Mark a configured network as enabled
1926 * @wpa_s: wpa_supplicant structure for a network interface
1927 * @ssid: wpa_ssid structure for a configured network or %NULL
1929 * Enables the specified network or all networks if no network specified.
1931 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1932 struct wpa_ssid *ssid)
1935 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1936 wpa_supplicant_enable_one_network(wpa_s, ssid);
1938 wpa_supplicant_enable_one_network(wpa_s, ssid);
1940 if (wpa_s->reassociate && !wpa_s->disconnected) {
1941 if (wpa_s->sched_scanning) {
1942 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1943 "new network to scan filters");
1944 wpa_supplicant_cancel_sched_scan(wpa_s);
1947 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1948 wpa_supplicant_req_scan(wpa_s, 0, 0);
1954 * wpa_supplicant_disable_network - Mark a configured network as disabled
1955 * @wpa_s: wpa_supplicant structure for a network interface
1956 * @ssid: wpa_ssid structure for a configured network or %NULL
1958 * Disables the specified network or all networks if no network specified.
1960 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1961 struct wpa_ssid *ssid)
1963 struct wpa_ssid *other_ssid;
1967 if (wpa_s->sched_scanning)
1968 wpa_supplicant_cancel_sched_scan(wpa_s);
1970 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1971 other_ssid = other_ssid->next) {
1972 was_disabled = other_ssid->disabled;
1973 if (was_disabled == 2)
1974 continue; /* do not change persistent P2P group
1977 other_ssid->disabled = 1;
1979 if (was_disabled != other_ssid->disabled)
1980 wpas_notify_network_enabled_changed(
1983 if (wpa_s->current_ssid)
1984 wpa_supplicant_deauthenticate(
1985 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1986 } else if (ssid->disabled != 2) {
1987 if (ssid == wpa_s->current_ssid)
1988 wpa_supplicant_deauthenticate(
1989 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1991 was_disabled = ssid->disabled;
1995 if (was_disabled != ssid->disabled) {
1996 wpas_notify_network_enabled_changed(wpa_s, ssid);
1997 if (wpa_s->sched_scanning) {
1998 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
1999 "to remove network from filters");
2000 wpa_supplicant_cancel_sched_scan(wpa_s);
2001 wpa_supplicant_req_scan(wpa_s, 0, 0);
2009 * wpa_supplicant_select_network - Attempt association with a network
2010 * @wpa_s: wpa_supplicant structure for a network interface
2011 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2013 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2014 struct wpa_ssid *ssid)
2017 struct wpa_ssid *other_ssid;
2018 int disconnected = 0;
2020 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2021 wpa_supplicant_deauthenticate(
2022 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2027 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2030 * Mark all other networks disabled or mark all networks enabled if no
2031 * network specified.
2033 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2034 other_ssid = other_ssid->next) {
2035 int was_disabled = other_ssid->disabled;
2036 if (was_disabled == 2)
2037 continue; /* do not change persistent P2P group data */
2039 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2040 if (was_disabled && !other_ssid->disabled)
2041 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2043 if (was_disabled != other_ssid->disabled)
2044 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2047 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2048 /* We are already associated with the selected network */
2049 wpa_printf(MSG_DEBUG, "Already associated with the "
2050 "selected network - do nothing");
2055 wpa_s->current_ssid = ssid;
2056 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2058 wpa_s->connect_without_scan = NULL;
2059 wpa_s->disconnected = 0;
2060 wpa_s->reassociate = 1;
2062 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2063 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2066 wpas_notify_network_selected(wpa_s, ssid);
2071 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2072 * @wpa_s: wpa_supplicant structure for a network interface
2073 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2074 * @pkcs11_module_path: PKCS #11 module path or NULL
2075 * Returns: 0 on success; -1 on failure
2077 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2078 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2079 * module path fails the paths will be reset to the default value (NULL).
2081 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2082 const char *pkcs11_engine_path,
2083 const char *pkcs11_module_path)
2085 char *pkcs11_engine_path_copy = NULL;
2086 char *pkcs11_module_path_copy = NULL;
2088 if (pkcs11_engine_path != NULL) {
2089 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2090 if (pkcs11_engine_path_copy == NULL)
2093 if (pkcs11_module_path != NULL) {
2094 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2095 if (pkcs11_module_path_copy == NULL) {
2096 os_free(pkcs11_engine_path_copy);
2101 os_free(wpa_s->conf->pkcs11_engine_path);
2102 os_free(wpa_s->conf->pkcs11_module_path);
2103 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2104 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2106 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2107 eapol_sm_deinit(wpa_s->eapol);
2108 wpa_s->eapol = NULL;
2109 if (wpa_supplicant_init_eapol(wpa_s)) {
2110 /* Error -> Reset paths to the default value (NULL) once. */
2111 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2112 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2117 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2124 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2125 * @wpa_s: wpa_supplicant structure for a network interface
2126 * @ap_scan: AP scan mode
2127 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2130 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2135 if (ap_scan < 0 || ap_scan > 2)
2139 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2140 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2141 wpa_s->wpa_state < WPA_COMPLETED) {
2142 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2143 "associating", wpa_s->conf->ap_scan, ap_scan);
2146 #endif /* ANDROID */
2148 old_ap_scan = wpa_s->conf->ap_scan;
2149 wpa_s->conf->ap_scan = ap_scan;
2151 if (old_ap_scan != wpa_s->conf->ap_scan)
2152 wpas_notify_ap_scan_changed(wpa_s);
2159 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2160 * @wpa_s: wpa_supplicant structure for a network interface
2161 * @expire_age: Expiration age in seconds
2162 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2165 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2166 unsigned int bss_expire_age)
2168 if (bss_expire_age < 10) {
2169 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2173 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2175 wpa_s->conf->bss_expiration_age = bss_expire_age;
2182 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2183 * @wpa_s: wpa_supplicant structure for a network interface
2184 * @expire_count: number of scans after which an unseen BSS is reclaimed
2185 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2188 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2189 unsigned int bss_expire_count)
2191 if (bss_expire_count < 1) {
2192 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2196 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2198 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2205 * wpa_supplicant_set_scan_interval - Set scan interval
2206 * @wpa_s: wpa_supplicant structure for a network interface
2207 * @scan_interval: scan interval in seconds
2208 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2211 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2214 if (scan_interval < 0) {
2215 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2219 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2221 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2228 * wpa_supplicant_set_debug_params - Set global debug params
2229 * @global: wpa_global structure
2230 * @debug_level: debug level
2231 * @debug_timestamp: determines if show timestamp in debug data
2232 * @debug_show_keys: determines if show keys in debug data
2233 * Returns: 0 if succeed or -1 if debug_level has wrong value
2235 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2236 int debug_timestamp, int debug_show_keys)
2239 int old_level, old_timestamp, old_show_keys;
2241 /* check for allowed debuglevels */
2242 if (debug_level != MSG_EXCESSIVE &&
2243 debug_level != MSG_MSGDUMP &&
2244 debug_level != MSG_DEBUG &&
2245 debug_level != MSG_INFO &&
2246 debug_level != MSG_WARNING &&
2247 debug_level != MSG_ERROR)
2250 old_level = wpa_debug_level;
2251 old_timestamp = wpa_debug_timestamp;
2252 old_show_keys = wpa_debug_show_keys;
2254 wpa_debug_level = debug_level;
2255 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2256 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2258 if (wpa_debug_level != old_level)
2259 wpas_notify_debug_level_changed(global);
2260 if (wpa_debug_timestamp != old_timestamp)
2261 wpas_notify_debug_timestamp_changed(global);
2262 if (wpa_debug_show_keys != old_show_keys)
2263 wpas_notify_debug_show_keys_changed(global);
2270 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2271 * @wpa_s: Pointer to wpa_supplicant data
2272 * Returns: A pointer to the current network structure or %NULL on failure
2274 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2276 struct wpa_ssid *entry;
2277 u8 ssid[MAX_SSID_LEN];
2283 res = wpa_drv_get_ssid(wpa_s, ssid);
2285 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2291 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2292 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2297 wired = wpa_s->conf->ap_scan == 0 &&
2298 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2300 entry = wpa_s->conf->ssid;
2302 if (!wpas_network_disabled(wpa_s, entry) &&
2303 ((ssid_len == entry->ssid_len &&
2304 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2305 (!entry->bssid_set ||
2306 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2309 if (!wpas_network_disabled(wpa_s, entry) &&
2310 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2311 (entry->ssid == NULL || entry->ssid_len == 0) &&
2312 (!entry->bssid_set ||
2313 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2315 #endif /* CONFIG_WPS */
2317 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2318 entry->ssid_len == 0 &&
2319 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2322 entry = entry->next;
2329 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2331 struct wpa_global *global = wpa_s->global;
2333 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2334 global->drv_priv[i] = wpa_drivers[i]->global_init();
2335 if (global->drv_priv[i] == NULL) {
2336 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2337 "'%s'", wpa_drivers[i]->name);
2342 wpa_s->driver = wpa_drivers[i];
2343 wpa_s->global_drv_priv = global->drv_priv[i];
2349 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2354 const char *pos, *driver = name;
2359 if (wpa_drivers[0] == NULL) {
2360 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2366 /* default to first driver in the list */
2367 return select_driver(wpa_s, 0);
2371 pos = os_strchr(driver, ',');
2375 len = os_strlen(driver);
2377 for (i = 0; wpa_drivers[i]; i++) {
2378 if (os_strlen(wpa_drivers[i]->name) == len &&
2379 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2381 /* First driver that succeeds wins */
2382 if (select_driver(wpa_s, i) == 0)
2390 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2396 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2397 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2398 * with struct wpa_driver_ops::init()
2399 * @src_addr: Source address of the EAPOL frame
2400 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2401 * @len: Length of the EAPOL data
2403 * This function is called for each received EAPOL frame. Most driver
2404 * interfaces rely on more generic OS mechanism for receiving frames through
2405 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2406 * take care of received EAPOL frames and deliver them to the core supplicant
2407 * code by calling this function.
2409 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2410 const u8 *buf, size_t len)
2412 struct wpa_supplicant *wpa_s = ctx;
2414 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2415 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2417 #ifdef CONFIG_PEERKEY
2418 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2419 wpa_s->current_ssid->peerkey &&
2420 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2421 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2422 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2425 #endif /* CONFIG_PEERKEY */
2427 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2428 (wpa_s->last_eapol_matches_bssid &&
2431 #endif /* CONFIG_AP */
2432 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2434 * There is possible race condition between receiving the
2435 * association event and the EAPOL frame since they are coming
2436 * through different paths from the driver. In order to avoid
2437 * issues in trying to process the EAPOL frame before receiving
2438 * association information, lets queue it for processing until
2439 * the association event is received. This may also be needed in
2440 * driver-based roaming case, so also use src_addr != BSSID as a
2441 * trigger if we have previously confirmed that the
2442 * Authenticator uses BSSID as the src_addr (which is not the
2443 * case with wired IEEE 802.1X).
2445 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2446 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2447 wpa_supplicant_state_txt(wpa_s->wpa_state),
2448 MAC2STR(wpa_s->bssid));
2449 wpabuf_free(wpa_s->pending_eapol_rx);
2450 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2451 if (wpa_s->pending_eapol_rx) {
2452 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2453 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2459 wpa_s->last_eapol_matches_bssid =
2460 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2463 if (wpa_s->ap_iface) {
2464 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2467 #endif /* CONFIG_AP */
2469 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2470 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2471 "no key management is configured");
2475 if (wpa_s->eapol_received == 0 &&
2476 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2477 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2478 wpa_s->wpa_state != WPA_COMPLETED) &&
2479 (wpa_s->current_ssid == NULL ||
2480 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2481 /* Timeout for completing IEEE 802.1X and WPA authentication */
2482 wpa_supplicant_req_auth_timeout(
2484 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2485 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2486 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2489 wpa_s->eapol_received++;
2491 if (wpa_s->countermeasures) {
2492 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2497 #ifdef CONFIG_IBSS_RSN
2498 if (wpa_s->current_ssid &&
2499 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2500 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2503 #endif /* CONFIG_IBSS_RSN */
2505 /* Source address of the incoming EAPOL frame could be compared to the
2506 * current BSSID. However, it is possible that a centralized
2507 * Authenticator could be using another MAC address than the BSSID of
2508 * an AP, so just allow any address to be used for now. The replies are
2509 * still sent to the current BSSID (if available), though. */
2511 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2512 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2513 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2515 wpa_drv_poll(wpa_s);
2516 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2517 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2518 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2520 * Set portValid = TRUE here since we are going to skip 4-way
2521 * handshake processing which would normally set portValid. We
2522 * need this to allow the EAPOL state machines to be completed
2523 * without going through EAPOL-Key handshake.
2525 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2530 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2532 if (wpa_s->driver->send_eapol) {
2533 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2535 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2536 } else if ((!wpa_s->p2p_mgmt ||
2537 !(wpa_s->drv_flags &
2538 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2539 !(wpa_s->drv_flags &
2540 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2541 l2_packet_deinit(wpa_s->l2);
2542 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2543 wpa_drv_get_mac_addr(wpa_s),
2545 wpa_supplicant_rx_eapol, wpa_s, 0);
2546 if (wpa_s->l2 == NULL)
2549 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2551 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2554 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2555 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2563 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2564 const u8 *buf, size_t len)
2566 struct wpa_supplicant *wpa_s = ctx;
2567 const struct l2_ethhdr *eth;
2569 if (len < sizeof(*eth))
2571 eth = (const struct l2_ethhdr *) buf;
2573 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2574 !(eth->h_dest[0] & 0x01)) {
2575 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2576 " (bridge - not for this interface - ignore)",
2577 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2581 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2582 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2583 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2584 len - sizeof(*eth));
2589 * wpa_supplicant_driver_init - Initialize driver interface parameters
2590 * @wpa_s: Pointer to wpa_supplicant data
2591 * Returns: 0 on success, -1 on failure
2593 * This function is called to initialize driver interface parameters.
2594 * wpa_drv_init() must have been called before this function to initialize the
2597 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2599 static int interface_count = 0;
2601 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2604 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2605 MAC2STR(wpa_s->own_addr));
2606 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2608 if (wpa_s->bridge_ifname[0]) {
2609 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2610 "interface '%s'", wpa_s->bridge_ifname);
2611 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2614 wpa_supplicant_rx_eapol_bridge,
2616 if (wpa_s->l2_br == NULL) {
2617 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2618 "connection for the bridge interface '%s'",
2619 wpa_s->bridge_ifname);
2624 wpa_clear_keys(wpa_s, NULL);
2626 /* Make sure that TKIP countermeasures are not left enabled (could
2627 * happen if wpa_supplicant is killed during countermeasures. */
2628 wpa_drv_set_countermeasures(wpa_s, 0);
2630 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2631 wpa_drv_flush_pmkid(wpa_s);
2633 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2634 wpa_s->prev_scan_wildcard = 0;
2636 if (wpa_supplicant_enabled_networks(wpa_s)) {
2637 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2638 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2639 interface_count = 0;
2641 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2643 wpa_supplicant_req_scan(wpa_s, interface_count,
2647 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2653 static int wpa_supplicant_daemon(const char *pid_file)
2655 wpa_printf(MSG_DEBUG, "Daemonize..");
2656 return os_daemonize(pid_file);
2660 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2662 struct wpa_supplicant *wpa_s;
2664 wpa_s = os_zalloc(sizeof(*wpa_s));
2667 wpa_s->scan_req = INITIAL_SCAN_REQ;
2668 wpa_s->scan_interval = 5;
2669 wpa_s->new_connection = 1;
2670 wpa_s->parent = wpa_s;
2671 wpa_s->sched_scanning = 0;
2677 #ifdef CONFIG_HT_OVERRIDES
2679 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2680 struct ieee80211_ht_capabilities *htcaps,
2681 struct ieee80211_ht_capabilities *htcaps_mask,
2684 /* parse ht_mcs into hex array */
2686 const char *tmp = ht_mcs;
2689 /* If ht_mcs is null, do not set anything */
2693 /* This is what we are setting in the kernel */
2694 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2696 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2698 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2700 long v = strtol(tmp, &end, 16);
2702 wpa_msg(wpa_s, MSG_DEBUG,
2703 "htcap value[%i]: %ld end: %p tmp: %p",
2708 htcaps->supported_mcs_set[i] = v;
2711 wpa_msg(wpa_s, MSG_ERROR,
2712 "Failed to parse ht-mcs: %s, error: %s\n",
2713 ht_mcs, strerror(errno));
2719 * If we were able to parse any values, then set mask for the MCS set.
2722 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2723 IEEE80211_HT_MCS_MASK_LEN - 1);
2724 /* skip the 3 reserved bits */
2725 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2733 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2734 struct ieee80211_ht_capabilities *htcaps,
2735 struct ieee80211_ht_capabilities *htcaps_mask,
2740 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2745 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2746 htcaps_mask->ht_capabilities_info |= msk;
2748 htcaps->ht_capabilities_info &= msk;
2750 htcaps->ht_capabilities_info |= msk;
2756 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2757 struct ieee80211_ht_capabilities *htcaps,
2758 struct ieee80211_ht_capabilities *htcaps_mask,
2761 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2766 if (factor < 0 || factor > 3) {
2767 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2768 "Must be 0-3 or -1", factor);
2772 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2773 htcaps->a_mpdu_params &= ~0x3;
2774 htcaps->a_mpdu_params |= factor & 0x3;
2780 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2781 struct ieee80211_ht_capabilities *htcaps,
2782 struct ieee80211_ht_capabilities *htcaps_mask,
2785 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2790 if (density < 0 || density > 7) {
2791 wpa_msg(wpa_s, MSG_ERROR,
2792 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2797 htcaps_mask->a_mpdu_params |= 0x1C;
2798 htcaps->a_mpdu_params &= ~(0x1C);
2799 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2805 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2806 struct ieee80211_ht_capabilities *htcaps,
2807 struct ieee80211_ht_capabilities *htcaps_mask,
2810 /* Masking these out disables HT40 */
2811 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2812 HT_CAP_INFO_SHORT_GI40MHZ);
2814 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2817 htcaps->ht_capabilities_info &= ~msk;
2819 htcaps->ht_capabilities_info |= msk;
2821 htcaps_mask->ht_capabilities_info |= msk;
2827 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2828 struct ieee80211_ht_capabilities *htcaps,
2829 struct ieee80211_ht_capabilities *htcaps_mask,
2832 /* Masking these out disables SGI */
2833 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2834 HT_CAP_INFO_SHORT_GI40MHZ);
2836 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2839 htcaps->ht_capabilities_info &= ~msk;
2841 htcaps->ht_capabilities_info |= msk;
2843 htcaps_mask->ht_capabilities_info |= msk;
2849 void wpa_supplicant_apply_ht_overrides(
2850 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2851 struct wpa_driver_associate_params *params)
2853 struct ieee80211_ht_capabilities *htcaps;
2854 struct ieee80211_ht_capabilities *htcaps_mask;
2859 params->disable_ht = ssid->disable_ht;
2860 if (!params->htcaps || !params->htcaps_mask)
2863 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2864 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2865 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2866 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2867 ssid->disable_max_amsdu);
2868 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2869 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2870 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2871 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2874 #endif /* CONFIG_HT_OVERRIDES */
2877 #ifdef CONFIG_VHT_OVERRIDES
2878 void wpa_supplicant_apply_vht_overrides(
2879 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2880 struct wpa_driver_associate_params *params)
2882 struct ieee80211_vht_capabilities *vhtcaps;
2883 struct ieee80211_vht_capabilities *vhtcaps_mask;
2888 params->disable_vht = ssid->disable_vht;
2890 vhtcaps = (void *) params->vhtcaps;
2891 vhtcaps_mask = (void *) params->vhtcaps_mask;
2893 if (!vhtcaps || !vhtcaps_mask)
2896 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2897 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2899 #define OVERRIDE_MCS(i) \
2900 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2901 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2903 vhtcaps->vht_supported_mcs_set.tx_map |= \
2904 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2906 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2907 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2909 vhtcaps->vht_supported_mcs_set.rx_map |= \
2910 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2922 #endif /* CONFIG_VHT_OVERRIDES */
2925 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2930 if (!wpa_s->conf->pcsc_reader)
2933 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
2937 if (wpa_s->conf->pcsc_pin &&
2938 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2939 scard_deinit(wpa_s->scard);
2940 wpa_s->scard = NULL;
2941 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2945 len = sizeof(wpa_s->imsi) - 1;
2946 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2947 scard_deinit(wpa_s->scard);
2948 wpa_s->scard = NULL;
2949 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2952 wpa_s->imsi[len] = '\0';
2954 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2956 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2957 wpa_s->imsi, wpa_s->mnc_len);
2959 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2960 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2961 #endif /* PCSC_FUNCS */
2967 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2971 ext_password_deinit(wpa_s->ext_pw);
2972 wpa_s->ext_pw = NULL;
2973 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2975 if (!wpa_s->conf->ext_password_backend)
2978 val = os_strdup(wpa_s->conf->ext_password_backend);
2981 pos = os_strchr(val, ':');
2985 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2987 wpa_s->ext_pw = ext_password_init(val, pos);
2989 if (wpa_s->ext_pw == NULL) {
2990 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2993 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2999 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3002 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3003 struct wpa_radio *radio;
3005 while (rn && iface) {
3006 radio = iface->radio;
3007 if (radio && os_strcmp(rn, radio->name) == 0) {
3008 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3010 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3014 iface = iface->next;
3017 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3018 wpa_s->ifname, rn ? rn : "N/A");
3019 radio = os_zalloc(sizeof(*radio));
3024 os_strlcpy(radio->name, rn, sizeof(radio->name));
3025 dl_list_init(&radio->ifaces);
3026 dl_list_init(&radio->work);
3027 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3033 static void radio_work_free(struct wpa_radio_work *work)
3035 if (work->wpa_s->scan_work == work) {
3036 /* This should not really happen. */
3037 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3038 work->type, work, work->started);
3039 work->wpa_s->scan_work = NULL;
3043 if (work->wpa_s->p2p_scan_work == work) {
3044 /* This should not really happen. */
3045 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3046 work->type, work, work->started);
3047 work->wpa_s->p2p_scan_work = NULL;
3049 #endif /* CONFIG_P2P */
3051 dl_list_del(&work->list);
3056 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3058 struct wpa_radio *radio = eloop_ctx;
3059 struct wpa_radio_work *work;
3060 struct os_reltime now, diff;
3061 struct wpa_supplicant *wpa_s;
3063 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3068 return; /* already started and still in progress */
3070 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3072 if (wpa_s && wpa_s->external_scan_running) {
3073 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3077 os_get_reltime(&now);
3078 os_reltime_sub(&now, &work->time, &diff);
3079 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3080 work->type, work, diff.sec, diff.usec);
3088 * This function removes both started and pending radio works running on
3089 * the provided interface's radio.
3090 * Prior to the removal of the radio work, its callback (cb) is called with
3091 * deinit set to be 1. Each work's callback is responsible for clearing its
3092 * internal data and restoring to a correct state.
3093 * @wpa_s: wpa_supplicant data
3094 * @type: type of works to be removed
3095 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3096 * this interface's works.
3098 void radio_remove_works(struct wpa_supplicant *wpa_s,
3099 const char *type, int remove_all)
3101 struct wpa_radio_work *work, *tmp;
3102 struct wpa_radio *radio = wpa_s->radio;
3104 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3106 if (type && os_strcmp(type, work->type) != 0)
3109 /* skip other ifaces' works */
3110 if (!remove_all && work->wpa_s != wpa_s)
3113 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3114 work->type, work, work->started ? " (started)" : "");
3116 radio_work_free(work);
3119 /* in case we removed the started work */
3120 radio_work_check_next(wpa_s);
3124 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3126 struct wpa_radio *radio = wpa_s->radio;
3131 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3132 wpa_s->ifname, radio->name);
3133 dl_list_del(&wpa_s->radio_list);
3134 if (!dl_list_empty(&radio->ifaces)) {
3135 wpa_s->radio = NULL;
3136 return; /* Interfaces remain for this radio */
3139 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3140 radio_remove_works(wpa_s, NULL, 0);
3141 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3142 wpa_s->radio = NULL;
3147 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3149 struct wpa_radio *radio = wpa_s->radio;
3151 if (dl_list_empty(&radio->work))
3153 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3154 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3159 * radio_add_work - Add a radio work item
3160 * @wpa_s: Pointer to wpa_supplicant data
3161 * @freq: Frequency of the offchannel operation in MHz or 0
3162 * @type: Unique identifier for each type of work
3163 * @next: Force as the next work to be executed
3164 * @cb: Callback function for indicating when radio is available
3165 * @ctx: Context pointer for the work (work->ctx in cb())
3166 * Returns: 0 on success, -1 on failure
3168 * This function is used to request time for an operation that requires
3169 * exclusive radio control. Once the radio is available, the registered callback
3170 * function will be called. radio_work_done() must be called once the exclusive
3171 * radio operation has been completed, so that the radio is freed for other
3172 * operations. The special case of deinit=1 is used to free the context data
3173 * during interface removal. That does not allow the callback function to start
3174 * the radio operation, i.e., it must free any resources allocated for the radio
3177 * The @freq parameter can be used to indicate a single channel on which the
3178 * offchannel operation will occur. This may allow multiple radio work
3179 * operations to be performed in parallel if they apply for the same channel.
3180 * Setting this to 0 indicates that the work item may use multiple channels or
3181 * requires exclusive control of the radio.
3183 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3184 const char *type, int next,
3185 void (*cb)(struct wpa_radio_work *work, int deinit),
3188 struct wpa_radio_work *work;
3191 work = os_zalloc(sizeof(*work));
3194 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3195 os_get_reltime(&work->time);
3198 work->wpa_s = wpa_s;
3202 was_empty = dl_list_empty(&wpa_s->radio->work);
3204 dl_list_add(&wpa_s->radio->work, &work->list);
3206 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3208 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3209 radio_work_check_next(wpa_s);
3217 * radio_work_done - Indicate that a radio work item has been completed
3218 * @work: Completed work
3220 * This function is called once the callback function registered with
3221 * radio_add_work() has completed its work.
3223 void radio_work_done(struct wpa_radio_work *work)
3225 struct wpa_supplicant *wpa_s = work->wpa_s;
3226 struct os_reltime now, diff;
3227 unsigned int started = work->started;
3229 os_get_reltime(&now);
3230 os_reltime_sub(&now, &work->time, &diff);
3231 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3232 work->type, work, started ? "done" : "canceled",
3233 diff.sec, diff.usec);
3234 radio_work_free(work);
3236 radio_work_check_next(wpa_s);
3240 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3241 struct wpa_interface *iface)
3243 const char *ifname, *driver, *rn;
3245 driver = iface->driver;
3247 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3250 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3251 if (wpa_s->drv_priv == NULL) {
3253 pos = driver ? os_strchr(driver, ',') : NULL;
3255 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3256 "driver interface - try next driver wrapper");
3260 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3264 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3265 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3266 "driver_param '%s'", wpa_s->conf->driver_param);
3270 ifname = wpa_drv_get_ifname(wpa_s);
3271 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3272 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3273 "interface name with '%s'", ifname);
3274 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3277 if (wpa_s->driver->get_radio_name)
3278 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3281 if (rn && rn[0] == '\0')
3284 wpa_s->radio = radio_add_interface(wpa_s, rn);
3285 if (wpa_s->radio == NULL)
3292 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3293 struct wpa_interface *iface)
3295 struct wpa_driver_capa capa;
3297 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3298 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3299 iface->confname ? iface->confname : "N/A",
3300 iface->driver ? iface->driver : "default",
3301 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3302 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3304 if (iface->confname) {
3305 #ifdef CONFIG_BACKEND_FILE
3306 wpa_s->confname = os_rel2abs_path(iface->confname);
3307 if (wpa_s->confname == NULL) {
3308 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3309 "for configuration file '%s'.",
3313 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3314 iface->confname, wpa_s->confname);
3315 #else /* CONFIG_BACKEND_FILE */
3316 wpa_s->confname = os_strdup(iface->confname);
3317 #endif /* CONFIG_BACKEND_FILE */
3318 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3319 if (wpa_s->conf == NULL) {
3320 wpa_printf(MSG_ERROR, "Failed to read or parse "
3321 "configuration '%s'.", wpa_s->confname);
3324 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3325 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3328 * Override ctrl_interface and driver_param if set on command
3331 if (iface->ctrl_interface) {
3332 os_free(wpa_s->conf->ctrl_interface);
3333 wpa_s->conf->ctrl_interface =
3334 os_strdup(iface->ctrl_interface);
3337 if (iface->driver_param) {
3338 os_free(wpa_s->conf->driver_param);
3339 wpa_s->conf->driver_param =
3340 os_strdup(iface->driver_param);
3343 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3344 os_free(wpa_s->conf->ctrl_interface);
3345 wpa_s->conf->ctrl_interface = NULL;
3348 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3349 iface->driver_param);
3351 if (wpa_s->conf == NULL) {
3352 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3356 if (iface->ifname == NULL) {
3357 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3360 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3361 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3365 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3367 if (iface->bridge_ifname) {
3368 if (os_strlen(iface->bridge_ifname) >=
3369 sizeof(wpa_s->bridge_ifname)) {
3370 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3371 "name '%s'.", iface->bridge_ifname);
3374 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3375 sizeof(wpa_s->bridge_ifname));
3378 /* RSNA Supplicant Key Management - INITIALIZE */
3379 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3380 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3382 /* Initialize driver interface and register driver event handler before
3383 * L2 receive handler so that association events are processed before
3384 * EAPOL-Key packets if both become available for the same select()
3386 if (wpas_init_driver(wpa_s, iface) < 0)
3389 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3392 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3393 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3395 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3397 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3398 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3399 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3400 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3401 "dot11RSNAConfigPMKLifetime");
3405 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3406 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3407 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3408 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3409 "dot11RSNAConfigPMKReauthThreshold");
3413 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3414 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3415 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3416 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3417 "dot11RSNAConfigSATimeout");
3421 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3422 &wpa_s->hw.num_modes,
3425 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3426 wpa_s->drv_capa_known = 1;
3427 wpa_s->drv_flags = capa.flags;
3428 wpa_s->drv_enc = capa.enc;
3429 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3430 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3431 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3432 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3433 wpa_s->max_match_sets = capa.max_match_sets;
3434 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3435 wpa_s->max_stations = capa.max_stations;
3436 wpa_s->extended_capa = capa.extended_capa;
3437 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3438 wpa_s->extended_capa_len = capa.extended_capa_len;
3439 wpa_s->num_multichan_concurrent =
3440 capa.num_multichan_concurrent;
3442 if (wpa_s->max_remain_on_chan == 0)
3443 wpa_s->max_remain_on_chan = 1000;
3446 * Only take p2p_mgmt parameters when P2P Device is supported.
3447 * Doing it here as it determines whether l2_packet_init() will be done
3448 * during wpa_supplicant_driver_init().
3450 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3451 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3453 iface->p2p_mgmt = 1;
3455 if (wpa_s->num_multichan_concurrent == 0)
3456 wpa_s->num_multichan_concurrent = 1;
3458 if (wpa_supplicant_driver_init(wpa_s) < 0)
3462 if ((!iface->p2p_mgmt ||
3463 !(wpa_s->drv_flags &
3464 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3465 wpa_tdls_init(wpa_s->wpa))
3467 #endif /* CONFIG_TDLS */
3469 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3470 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3471 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3475 if (wpas_wps_init(wpa_s))
3478 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3480 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3482 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3483 if (wpa_s->ctrl_iface == NULL) {
3484 wpa_printf(MSG_ERROR,
3485 "Failed to initialize control interface '%s'.\n"
3486 "You may have another wpa_supplicant process "
3487 "already running or the file was\n"
3488 "left by an unclean termination of wpa_supplicant "
3489 "in which case you will need\n"
3490 "to manually remove this file before starting "
3491 "wpa_supplicant again.\n",
3492 wpa_s->conf->ctrl_interface);
3496 wpa_s->gas = gas_query_init(wpa_s);
3497 if (wpa_s->gas == NULL) {
3498 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3503 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3504 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3507 #endif /* CONFIG_P2P */
3509 if (wpa_bss_init(wpa_s) < 0)
3512 #ifdef CONFIG_EAP_PROXY
3515 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3517 if (wpa_s->mnc_len > 0) {
3518 wpa_s->imsi[len] = '\0';
3519 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3520 wpa_s->imsi, wpa_s->mnc_len);
3522 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3525 #endif /* CONFIG_EAP_PROXY */
3527 if (pcsc_reader_init(wpa_s) < 0)
3530 if (wpas_init_ext_pw(wpa_s) < 0)
3537 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3538 int notify, int terminate)
3540 wpa_s->disconnected = 1;
3541 if (wpa_s->drv_priv) {
3542 wpa_supplicant_deauthenticate(wpa_s,
3543 WLAN_REASON_DEAUTH_LEAVING);
3545 wpa_drv_set_countermeasures(wpa_s, 0);
3546 wpa_clear_keys(wpa_s, NULL);
3549 wpa_supplicant_cleanup(wpa_s);
3552 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3553 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3554 "the management interface is being removed");
3555 wpas_p2p_deinit_global(wpa_s->global);
3557 #endif /* CONFIG_P2P */
3559 wpas_ctrl_radio_work_flush(wpa_s);
3560 radio_remove_interface(wpa_s);
3562 if (wpa_s->drv_priv)
3563 wpa_drv_deinit(wpa_s);
3566 wpas_notify_iface_removed(wpa_s);
3569 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3571 if (wpa_s->ctrl_iface) {
3572 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3573 wpa_s->ctrl_iface = NULL;
3576 if (wpa_s->conf != NULL) {
3577 wpa_config_free(wpa_s->conf);
3586 * wpa_supplicant_add_iface - Add a new network interface
3587 * @global: Pointer to global data from wpa_supplicant_init()
3588 * @iface: Interface configuration options
3589 * Returns: Pointer to the created interface or %NULL on failure
3591 * This function is used to add new network interfaces for %wpa_supplicant.
3592 * This can be called before wpa_supplicant_run() to add interfaces before the
3593 * main event loop has been started. In addition, new interfaces can be added
3594 * dynamically while %wpa_supplicant is already running. This could happen,
3595 * e.g., when a hotplug network adapter is inserted.
3597 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3598 struct wpa_interface *iface)
3600 struct wpa_supplicant *wpa_s;
3601 struct wpa_interface t_iface;
3602 struct wpa_ssid *ssid;
3604 if (global == NULL || iface == NULL)
3607 wpa_s = wpa_supplicant_alloc();
3611 wpa_s->global = global;
3614 if (global->params.override_driver) {
3615 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3617 iface->driver, global->params.override_driver);
3618 t_iface.driver = global->params.override_driver;
3620 if (global->params.override_ctrl_interface) {
3621 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3622 "ctrl_interface ('%s' -> '%s')",
3623 iface->ctrl_interface,
3624 global->params.override_ctrl_interface);
3625 t_iface.ctrl_interface =
3626 global->params.override_ctrl_interface;
3628 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3629 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3631 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3635 /* Notify the control interfaces about new iface */
3636 if (wpas_notify_iface_added(wpa_s)) {
3637 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3641 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3642 wpas_notify_network_added(wpa_s, ssid);
3644 wpa_s->next = global->ifaces;
3645 global->ifaces = wpa_s;
3647 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3648 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3655 * wpa_supplicant_remove_iface - Remove a network interface
3656 * @global: Pointer to global data from wpa_supplicant_init()
3657 * @wpa_s: Pointer to the network interface to be removed
3658 * Returns: 0 if interface was removed, -1 if interface was not found
3660 * This function can be used to dynamically remove network interfaces from
3661 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3662 * addition, this function is used to remove all remaining interfaces when
3663 * %wpa_supplicant is terminated.
3665 int wpa_supplicant_remove_iface(struct wpa_global *global,
3666 struct wpa_supplicant *wpa_s,
3669 struct wpa_supplicant *prev;
3671 /* Remove interface from the global list of interfaces */
3672 prev = global->ifaces;
3673 if (prev == wpa_s) {
3674 global->ifaces = wpa_s->next;
3676 while (prev && prev->next != wpa_s)
3680 prev->next = wpa_s->next;
3683 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3685 if (global->p2p_group_formation == wpa_s)
3686 global->p2p_group_formation = NULL;
3687 if (global->p2p_invite_group == wpa_s)
3688 global->p2p_invite_group = NULL;
3689 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3696 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3697 * @wpa_s: Pointer to the network interface
3698 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3700 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3702 const char *eapol_method;
3704 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3705 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3709 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3710 if (eapol_method == NULL)
3711 return "UNKNOWN-EAP";
3713 return eapol_method;
3718 * wpa_supplicant_get_iface - Get a new network interface
3719 * @global: Pointer to global data from wpa_supplicant_init()
3720 * @ifname: Interface name
3721 * Returns: Pointer to the interface or %NULL if not found
3723 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3726 struct wpa_supplicant *wpa_s;
3728 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3729 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3736 #ifndef CONFIG_NO_WPA_MSG
3737 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3739 struct wpa_supplicant *wpa_s = ctx;
3742 return wpa_s->ifname;
3744 #endif /* CONFIG_NO_WPA_MSG */
3748 * wpa_supplicant_init - Initialize %wpa_supplicant
3749 * @params: Parameters for %wpa_supplicant
3750 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3752 * This function is used to initialize %wpa_supplicant. After successful
3753 * initialization, the returned data pointer can be used to add and remove
3754 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3756 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3758 struct wpa_global *global;
3764 #ifdef CONFIG_DRIVER_NDIS
3766 void driver_ndis_init_ops(void);
3767 driver_ndis_init_ops();
3769 #endif /* CONFIG_DRIVER_NDIS */
3771 #ifndef CONFIG_NO_WPA_MSG
3772 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3773 #endif /* CONFIG_NO_WPA_MSG */
3775 wpa_debug_open_file(params->wpa_debug_file_path);
3776 if (params->wpa_debug_syslog)
3777 wpa_debug_open_syslog();
3778 if (params->wpa_debug_tracing) {
3779 ret = wpa_debug_open_linux_tracing();
3781 wpa_printf(MSG_ERROR,
3782 "Failed to enable trace logging");
3787 ret = eap_register_methods();
3789 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3791 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3792 "the same EAP type.");
3796 global = os_zalloc(sizeof(*global));
3799 dl_list_init(&global->p2p_srv_bonjour);
3800 dl_list_init(&global->p2p_srv_upnp);
3801 global->params.daemonize = params->daemonize;
3802 global->params.wait_for_monitor = params->wait_for_monitor;
3803 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3804 if (params->pid_file)
3805 global->params.pid_file = os_strdup(params->pid_file);
3806 if (params->ctrl_interface)
3807 global->params.ctrl_interface =
3808 os_strdup(params->ctrl_interface);
3809 if (params->ctrl_interface_group)
3810 global->params.ctrl_interface_group =
3811 os_strdup(params->ctrl_interface_group);
3812 if (params->override_driver)
3813 global->params.override_driver =
3814 os_strdup(params->override_driver);
3815 if (params->override_ctrl_interface)
3816 global->params.override_ctrl_interface =
3817 os_strdup(params->override_ctrl_interface);
3818 wpa_debug_level = global->params.wpa_debug_level =
3819 params->wpa_debug_level;
3820 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3821 params->wpa_debug_show_keys;
3822 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3823 params->wpa_debug_timestamp;
3825 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3828 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3829 wpa_supplicant_deinit(global);
3833 random_init(params->entropy_file);
3835 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3836 if (global->ctrl_iface == NULL) {
3837 wpa_supplicant_deinit(global);
3841 if (wpas_notify_supplicant_initialized(global)) {
3842 wpa_supplicant_deinit(global);
3846 for (i = 0; wpa_drivers[i]; i++)
3847 global->drv_count++;
3848 if (global->drv_count == 0) {
3849 wpa_printf(MSG_ERROR, "No drivers enabled");
3850 wpa_supplicant_deinit(global);
3853 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3854 if (global->drv_priv == NULL) {
3855 wpa_supplicant_deinit(global);
3859 #ifdef CONFIG_WIFI_DISPLAY
3860 if (wifi_display_init(global) < 0) {
3861 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3862 wpa_supplicant_deinit(global);
3865 #endif /* CONFIG_WIFI_DISPLAY */
3872 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3873 * @global: Pointer to global data from wpa_supplicant_init()
3874 * Returns: 0 after successful event loop run, -1 on failure
3876 * This function starts the main event loop and continues running as long as
3877 * there are any remaining events. In most cases, this function is running as
3878 * long as the %wpa_supplicant process in still in use.
3880 int wpa_supplicant_run(struct wpa_global *global)
3882 struct wpa_supplicant *wpa_s;
3884 if (global->params.daemonize &&
3885 wpa_supplicant_daemon(global->params.pid_file))
3888 if (global->params.wait_for_monitor) {
3889 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3890 if (wpa_s->ctrl_iface)
3891 wpa_supplicant_ctrl_iface_wait(
3895 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3896 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3905 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3906 * @global: Pointer to global data from wpa_supplicant_init()
3908 * This function is called to deinitialize %wpa_supplicant and to free all
3909 * allocated resources. Remaining network interfaces will also be removed.
3911 void wpa_supplicant_deinit(struct wpa_global *global)
3918 #ifdef CONFIG_WIFI_DISPLAY
3919 wifi_display_deinit(global);
3920 #endif /* CONFIG_WIFI_DISPLAY */
3922 while (global->ifaces)
3923 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3925 if (global->ctrl_iface)
3926 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3928 wpas_notify_supplicant_deinitialized(global);
3930 eap_peer_unregister_methods();
3932 eap_server_unregister_methods();
3933 #endif /* CONFIG_AP */
3935 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3936 if (!global->drv_priv[i])
3938 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3940 os_free(global->drv_priv);
3946 if (global->params.pid_file) {
3947 os_daemonize_terminate(global->params.pid_file);
3948 os_free(global->params.pid_file);
3950 os_free(global->params.ctrl_interface);
3951 os_free(global->params.ctrl_interface_group);
3952 os_free(global->params.override_driver);
3953 os_free(global->params.override_ctrl_interface);
3955 os_free(global->p2p_disallow_freq.range);
3956 os_free(global->p2p_go_avoid_freq.range);
3957 os_free(global->add_psk);
3960 wpa_debug_close_syslog();
3961 wpa_debug_close_file();
3962 wpa_debug_close_linux_tracing();
3966 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3968 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3969 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3971 country[0] = wpa_s->conf->country[0];
3972 country[1] = wpa_s->conf->country[1];
3974 if (wpa_drv_set_country(wpa_s, country) < 0) {
3975 wpa_printf(MSG_ERROR, "Failed to set country code "
3980 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3981 wpas_init_ext_pw(wpa_s);
3984 wpas_wps_update_config(wpa_s);
3985 #endif /* CONFIG_WPS */
3988 wpas_p2p_update_config(wpa_s);
3989 #endif /* CONFIG_P2P */
3991 wpa_s->conf->changed_parameters = 0;
3995 static void add_freq(int *freqs, int *num_freqs, int freq)
3999 for (i = 0; i < *num_freqs; i++) {
4000 if (freqs[i] == freq)
4004 freqs[*num_freqs] = freq;
4009 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4011 struct wpa_bss *bss, *cbss;
4012 const int max_freqs = 10;
4016 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4020 cbss = wpa_s->current_bss;
4022 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4025 if (bss->ssid_len == cbss->ssid_len &&
4026 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4027 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4028 add_freq(freqs, &num_freqs, bss->freq);
4029 if (num_freqs == max_freqs)
4034 if (num_freqs == 0) {
4043 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4049 wpas_connect_work_done(wpa_s);
4052 * Remove possible authentication timeout since the connection failed.
4054 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4056 if (wpa_s->disconnected) {
4058 * There is no point in blacklisting the AP if this event is
4059 * generated based on local request to disconnect.
4061 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4062 "indication since interface has been put into "
4063 "disconnected state");
4068 * Add the failed BSSID into the blacklist and speed up next scan
4069 * attempt if there could be other APs that could accept association.
4070 * The current blacklist count indicates how many times we have tried
4071 * connecting to this AP and multiple attempts mean that other APs are
4072 * either not available or has already been tried, so that we can start
4073 * increasing the delay here to avoid constant scanning.
4075 count = wpa_blacklist_add(wpa_s, bssid);
4076 if (count == 1 && wpa_s->current_bss) {
4078 * This BSS was not in the blacklist before. If there is
4079 * another BSS available for the same ESS, we should try that
4080 * next. Otherwise, we may as well try this one once more
4081 * before allowing other, likely worse, ESSes to be considered.
4083 freqs = get_bss_freqs_in_ess(wpa_s);
4085 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4086 "has been seen; try it next");
4087 wpa_blacklist_add(wpa_s, bssid);
4089 * On the next scan, go through only the known channels
4090 * used in this ESS based on previous scans to speed up
4091 * common load balancing use case.
4093 os_free(wpa_s->next_scan_freqs);
4094 wpa_s->next_scan_freqs = freqs;
4099 * Add previous failure count in case the temporary blacklist was
4100 * cleared due to no other BSSes being available.
4102 count += wpa_s->extra_blacklist_count;
4104 if (count > 3 && wpa_s->current_ssid) {
4105 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4106 "consider temporary network disabling");
4107 wpas_auth_failed(wpa_s);
4128 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4129 "ms", count, timeout);
4132 * TODO: if more than one possible AP is available in scan results,
4133 * could try the other ones before requesting a new scan.
4135 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4136 1000 * (timeout % 1000));
4140 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4142 return wpa_s->conf->ap_scan == 2 ||
4143 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4147 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4148 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4149 struct wpa_ssid *ssid,
4153 #ifdef IEEE8021X_EAPOL
4154 struct eap_peer_config *eap = &ssid->eap;
4156 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4157 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4158 (const u8 *) value, os_strlen(value));
4160 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4161 case WPA_CTRL_REQ_EAP_IDENTITY:
4162 os_free(eap->identity);
4163 eap->identity = (u8 *) os_strdup(value);
4164 eap->identity_len = os_strlen(value);
4165 eap->pending_req_identity = 0;
4166 if (ssid == wpa_s->current_ssid)
4167 wpa_s->reassociate = 1;
4169 case WPA_CTRL_REQ_EAP_PASSWORD:
4170 os_free(eap->password);
4171 eap->password = (u8 *) os_strdup(value);
4172 eap->password_len = os_strlen(value);
4173 eap->pending_req_password = 0;
4174 if (ssid == wpa_s->current_ssid)
4175 wpa_s->reassociate = 1;
4177 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4178 os_free(eap->new_password);
4179 eap->new_password = (u8 *) os_strdup(value);
4180 eap->new_password_len = os_strlen(value);
4181 eap->pending_req_new_password = 0;
4182 if (ssid == wpa_s->current_ssid)
4183 wpa_s->reassociate = 1;
4185 case WPA_CTRL_REQ_EAP_PIN:
4187 eap->pin = os_strdup(value);
4188 eap->pending_req_pin = 0;
4189 if (ssid == wpa_s->current_ssid)
4190 wpa_s->reassociate = 1;
4192 case WPA_CTRL_REQ_EAP_OTP:
4194 eap->otp = (u8 *) os_strdup(value);
4195 eap->otp_len = os_strlen(value);
4196 os_free(eap->pending_req_otp);
4197 eap->pending_req_otp = NULL;
4198 eap->pending_req_otp_len = 0;
4200 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4201 os_free(eap->private_key_passwd);
4202 eap->private_key_passwd = (u8 *) os_strdup(value);
4203 eap->pending_req_passphrase = 0;
4204 if (ssid == wpa_s->current_ssid)
4205 wpa_s->reassociate = 1;
4207 case WPA_CTRL_REQ_SIM:
4208 os_free(eap->external_sim_resp);
4209 eap->external_sim_resp = os_strdup(value);
4212 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4217 #else /* IEEE8021X_EAPOL */
4218 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4220 #endif /* IEEE8021X_EAPOL */
4222 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4225 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4228 unsigned int drv_enc;
4236 if (wpa_s && wpa_s->drv_capa_known)
4237 drv_enc = wpa_s->drv_enc;
4239 drv_enc = (unsigned int) -1;
4241 for (i = 0; i < NUM_WEP_KEYS; i++) {
4242 size_t len = ssid->wep_key_len[i];
4245 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4247 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4249 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4251 return 1; /* invalid WEP key */
4254 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4262 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4264 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4266 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4272 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4274 struct wpa_ssid *ssid = wpa_s->current_ssid;
4276 struct os_reltime now;
4279 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4284 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4287 ssid->auth_failures++;
4290 if (ssid->p2p_group &&
4291 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4293 * Skip the wait time since there is a short timeout on the
4294 * connection to a P2P group.
4298 #endif /* CONFIG_P2P */
4300 if (ssid->auth_failures > 50)
4302 else if (ssid->auth_failures > 20)
4304 else if (ssid->auth_failures > 10)
4306 else if (ssid->auth_failures > 5)
4308 else if (ssid->auth_failures > 1)
4313 os_get_reltime(&now);
4314 if (now.sec + dur <= ssid->disabled_until.sec)
4317 ssid->disabled_until.sec = now.sec + dur;
4319 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4320 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4321 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4322 ssid->auth_failures, dur);
4326 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4327 struct wpa_ssid *ssid, int clear_failures)
4332 if (ssid->disabled_until.sec) {
4333 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4334 "id=%d ssid=\"%s\"",
4335 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4337 ssid->disabled_until.sec = 0;
4338 ssid->disabled_until.usec = 0;
4340 ssid->auth_failures = 0;
4344 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4348 if (wpa_s->disallow_aps_bssid == NULL)
4351 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4352 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4353 bssid, ETH_ALEN) == 0)
4361 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4366 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4369 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4370 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4371 if (ssid_len == s->ssid_len &&
4372 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4381 * wpas_request_connection - Request a new connection
4382 * @wpa_s: Pointer to the network interface
4384 * This function is used to request a new connection to be found. It will mark
4385 * the interface to allow reassociation and request a new scan to find a
4386 * suitable network to connect to.
4388 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4390 wpa_s->normal_scans = 0;
4391 wpa_supplicant_reinit_autoscan(wpa_s);
4392 wpa_s->extra_blacklist_count = 0;
4393 wpa_s->disconnected = 0;
4394 wpa_s->reassociate = 1;
4396 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4397 wpa_supplicant_req_scan(wpa_s, 0, 0);
4401 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4402 int *freq_array, unsigned int len)
4406 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4408 for (i = 0; i < len; i++)
4409 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4414 * Find the operating frequencies of any of the virtual interfaces that
4415 * are using the same radio as the current interface.
4417 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4418 int *freq_array, unsigned int len)
4420 struct wpa_supplicant *ifs;
4423 unsigned int idx = 0, i;
4425 wpa_dbg(wpa_s, MSG_DEBUG,
4426 "Determining shared radio frequencies (max len %u)", len);
4427 os_memset(freq_array, 0, sizeof(int) * len);
4429 /* First add the frequency of the local interface */
4430 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4431 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4432 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4433 freq_array[idx++] = wpa_s->current_ssid->frequency;
4434 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4435 freq_array[idx++] = wpa_s->assoc_freq;
4438 /* If get_radio_name is not supported, use only the local freq */
4439 if (!wpa_s->driver->get_radio_name) {
4440 freq = wpa_drv_shared_freq(wpa_s);
4441 if (freq > 0 && idx < len &&
4442 (idx == 0 || freq_array[0] != freq))
4443 freq_array[idx++] = freq;
4444 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4448 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4453 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4456 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4457 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4458 freq = ifs->current_ssid->frequency;
4459 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4460 freq = ifs->assoc_freq;
4464 /* Hold only distinct freqs */
4465 for (i = 0; i < idx; i++)
4466 if (freq_array[i] == freq)
4470 freq_array[idx++] = freq;
4473 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);