3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
56 const char *wpa_supplicant_version =
57 "wpa_supplicant v" VERSION_STR "\n"
58 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
60 const char *wpa_supplicant_license =
61 "This software may be distributed under the terms of the BSD license.\n"
62 "See README for more details.\n"
63 #ifdef EAP_TLS_OPENSSL
64 "\nThis product includes software developed by the OpenSSL Project\n"
65 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
66 #endif /* EAP_TLS_OPENSSL */
69 #ifndef CONFIG_NO_STDOUT_DEBUG
70 /* Long text divided into parts in order to fit in C89 strings size limits. */
71 const char *wpa_supplicant_full_license1 =
73 const char *wpa_supplicant_full_license2 =
74 "This software may be distributed under the terms of the BSD license.\n"
76 "Redistribution and use in source and binary forms, with or without\n"
77 "modification, are permitted provided that the following conditions are\n"
80 const char *wpa_supplicant_full_license3 =
81 "1. Redistributions of source code must retain the above copyright\n"
82 " notice, this list of conditions and the following disclaimer.\n"
84 "2. Redistributions in binary form must reproduce the above copyright\n"
85 " notice, this list of conditions and the following disclaimer in the\n"
86 " documentation and/or other materials provided with the distribution.\n"
88 const char *wpa_supplicant_full_license4 =
89 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
90 " names of its contributors may be used to endorse or promote products\n"
91 " derived from this software without specific prior written permission.\n"
93 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
94 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
95 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
96 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
97 const char *wpa_supplicant_full_license5 =
98 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
99 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
100 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
101 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
102 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
103 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
104 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
106 #endif /* CONFIG_NO_STDOUT_DEBUG */
108 /* Configure default/group WEP keys for static WEP */
109 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
113 for (i = 0; i < NUM_WEP_KEYS; i++) {
114 if (ssid->wep_key_len[i] == 0)
118 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
119 i, i == ssid->wep_tx_keyidx, NULL, 0,
120 ssid->wep_key[i], ssid->wep_key_len[i]);
127 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
128 struct wpa_ssid *ssid)
135 /* IBSS/WPA-None uses only one key (Group) for both receiving and
136 * sending unicast and multicast packets. */
138 if (ssid->mode != WPAS_MODE_IBSS) {
139 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
140 "IBSS/ad-hoc) for WPA-None", ssid->mode);
144 if (!ssid->psk_set) {
145 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
150 switch (wpa_s->group_cipher) {
151 case WPA_CIPHER_CCMP:
152 os_memcpy(key, ssid->psk, 16);
156 case WPA_CIPHER_GCMP:
157 os_memcpy(key, ssid->psk, 16);
161 case WPA_CIPHER_TKIP:
162 /* WPA-None uses the same Michael MIC key for both TX and RX */
163 os_memcpy(key, ssid->psk, 16 + 8);
164 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
169 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
170 "WPA-None", wpa_s->group_cipher);
174 /* TODO: should actually remember the previously used seq#, both for TX
175 * and RX from each STA.. */
177 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
181 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
183 struct wpa_supplicant *wpa_s = eloop_ctx;
184 const u8 *bssid = wpa_s->bssid;
185 if (is_zero_ether_addr(bssid))
186 bssid = wpa_s->pending_bssid;
187 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
189 wpa_blacklist_add(wpa_s, bssid);
190 wpa_sm_notify_disassoc(wpa_s->wpa);
191 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
192 wpa_s->reassociate = 1;
195 * If we timed out, the AP or the local radio may be busy.
196 * So, wait a second until scanning again.
198 wpa_supplicant_req_scan(wpa_s, 1, 0);
203 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
204 * @wpa_s: Pointer to wpa_supplicant data
205 * @sec: Number of seconds after which to time out authentication
206 * @usec: Number of microseconds after which to time out authentication
208 * This function is used to schedule a timeout for the current authentication
211 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
214 if (wpa_s->conf->ap_scan == 0 &&
215 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
218 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
219 "%d usec", sec, usec);
220 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
221 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
226 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
227 * @wpa_s: Pointer to wpa_supplicant data
229 * This function is used to cancel authentication timeout scheduled with
230 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
233 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
235 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
236 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
237 wpa_blacklist_del(wpa_s, wpa_s->bssid);
242 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
243 * @wpa_s: Pointer to wpa_supplicant data
245 * This function is used to configure EAPOL state machine based on the selected
246 * authentication mode.
248 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
250 #ifdef IEEE8021X_EAPOL
251 struct eapol_config eapol_conf;
252 struct wpa_ssid *ssid = wpa_s->current_ssid;
254 #ifdef CONFIG_IBSS_RSN
255 if (ssid->mode == WPAS_MODE_IBSS &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
257 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
259 * RSN IBSS authentication is per-STA and we can disable the
260 * per-BSSID EAPOL authentication.
262 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
263 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
264 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
267 #endif /* CONFIG_IBSS_RSN */
269 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
272 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
273 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
276 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
278 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
279 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
280 eapol_conf.accept_802_1x_keys = 1;
281 eapol_conf.required_keys = 0;
282 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
283 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
285 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
286 eapol_conf.required_keys |=
287 EAPOL_REQUIRE_KEY_BROADCAST;
290 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
291 eapol_conf.required_keys = 0;
293 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
294 eapol_conf.workaround = ssid->eap_workaround;
295 eapol_conf.eap_disabled =
296 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
298 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
299 eapol_conf.external_sim = wpa_s->conf->external_sim;
300 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
301 #endif /* IEEE8021X_EAPOL */
303 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
308 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
309 * @wpa_s: Pointer to wpa_supplicant data
310 * @ssid: Configuration data for the network
312 * This function is used to configure WPA state machine and related parameters
313 * to a mode where WPA is not enabled. This is called as part of the
314 * authentication configuration when the selected network does not use WPA.
316 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
317 struct wpa_ssid *ssid)
321 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
322 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
323 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
324 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
326 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
327 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
328 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
329 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
330 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
331 wpa_s->group_cipher = WPA_CIPHER_NONE;
332 wpa_s->mgmt_group_cipher = 0;
334 for (i = 0; i < NUM_WEP_KEYS; i++) {
335 if (ssid->wep_key_len[i] > 5) {
336 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
337 wpa_s->group_cipher = WPA_CIPHER_WEP104;
339 } else if (ssid->wep_key_len[i] > 0) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
341 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
349 wpa_s->pairwise_cipher);
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
351 #ifdef CONFIG_IEEE80211W
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
353 wpa_s->mgmt_group_cipher);
354 #endif /* CONFIG_IEEE80211W */
356 pmksa_cache_clear_current(wpa_s->wpa);
360 void free_hw_features(struct wpa_supplicant *wpa_s)
363 if (wpa_s->hw.modes == NULL)
366 for (i = 0; i < wpa_s->hw.num_modes; i++) {
367 os_free(wpa_s->hw.modes[i].channels);
368 os_free(wpa_s->hw.modes[i].rates);
371 os_free(wpa_s->hw.modes);
372 wpa_s->hw.modes = NULL;
376 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
378 bgscan_deinit(wpa_s);
379 autoscan_deinit(wpa_s);
380 scard_deinit(wpa_s->scard);
382 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
383 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
384 l2_packet_deinit(wpa_s->l2);
387 l2_packet_deinit(wpa_s->l2_br);
391 if (wpa_s->conf != NULL) {
392 struct wpa_ssid *ssid;
393 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
394 wpas_notify_network_removed(wpa_s, ssid);
397 os_free(wpa_s->confname);
398 wpa_s->confname = NULL;
400 os_free(wpa_s->confanother);
401 wpa_s->confanother = NULL;
404 os_free(wpa_s->conf_p2p_dev);
405 wpa_s->conf_p2p_dev = NULL;
406 #endif /* CONFIG_P2P */
408 wpa_sm_set_eapol(wpa_s->wpa, NULL);
409 eapol_sm_deinit(wpa_s->eapol);
412 rsn_preauth_deinit(wpa_s->wpa);
415 wpa_tdls_deinit(wpa_s->wpa);
416 #endif /* CONFIG_TDLS */
418 pmksa_candidate_free(wpa_s->wpa);
419 wpa_sm_deinit(wpa_s->wpa);
421 wpa_blacklist_clear(wpa_s);
423 wpa_bss_deinit(wpa_s);
425 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
426 wpa_supplicant_cancel_scan(wpa_s);
427 wpa_supplicant_cancel_auth_timeout(wpa_s);
428 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
429 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
430 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
432 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
434 wpas_wps_deinit(wpa_s);
436 wpabuf_free(wpa_s->pending_eapol_rx);
437 wpa_s->pending_eapol_rx = NULL;
439 #ifdef CONFIG_IBSS_RSN
440 ibss_rsn_deinit(wpa_s->ibss_rsn);
441 wpa_s->ibss_rsn = NULL;
442 #endif /* CONFIG_IBSS_RSN */
447 wpa_supplicant_ap_deinit(wpa_s);
448 #endif /* CONFIG_AP */
451 wpas_p2p_deinit(wpa_s);
452 #endif /* CONFIG_P2P */
454 #ifdef CONFIG_OFFCHANNEL
455 offchannel_deinit(wpa_s);
456 #endif /* CONFIG_OFFCHANNEL */
458 wpa_supplicant_cancel_sched_scan(wpa_s);
460 os_free(wpa_s->next_scan_freqs);
461 wpa_s->next_scan_freqs = NULL;
463 os_free(wpa_s->manual_scan_freqs);
464 wpa_s->manual_scan_freqs = NULL;
466 os_free(wpa_s->manual_sched_scan_freqs);
467 wpa_s->manual_sched_scan_freqs = NULL;
469 gas_query_deinit(wpa_s->gas);
472 free_hw_features(wpa_s);
474 ieee802_1x_dealloc_kay_sm(wpa_s);
476 os_free(wpa_s->bssid_filter);
477 wpa_s->bssid_filter = NULL;
479 os_free(wpa_s->disallow_aps_bssid);
480 wpa_s->disallow_aps_bssid = NULL;
481 os_free(wpa_s->disallow_aps_ssid);
482 wpa_s->disallow_aps_ssid = NULL;
484 wnm_bss_keep_alive_deinit(wpa_s);
486 wnm_deallocate_memory(wpa_s);
487 #endif /* CONFIG_WNM */
489 ext_password_deinit(wpa_s->ext_pw);
490 wpa_s->ext_pw = NULL;
492 wpabuf_free(wpa_s->last_gas_resp);
493 wpa_s->last_gas_resp = NULL;
494 wpabuf_free(wpa_s->prev_gas_resp);
495 wpa_s->prev_gas_resp = NULL;
497 os_free(wpa_s->last_scan_res);
498 wpa_s->last_scan_res = NULL;
502 #endif /* CONFIG_HS20 */
507 * wpa_clear_keys - Clear keys configured for the driver
508 * @wpa_s: Pointer to wpa_supplicant data
509 * @addr: Previously used BSSID or %NULL if not available
511 * This function clears the encryption keys that has been previously configured
514 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
518 #ifdef CONFIG_IEEE80211W
520 #else /* CONFIG_IEEE80211W */
522 #endif /* CONFIG_IEEE80211W */
524 /* MLME-DELETEKEYS.request */
525 for (i = 0; i < max; i++) {
526 if (wpa_s->keys_cleared & BIT(i))
528 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
531 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
532 !is_zero_ether_addr(addr)) {
533 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
535 /* MLME-SETPROTECTION.request(None) */
536 wpa_drv_mlme_setprotection(
538 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
539 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
541 wpa_s->keys_cleared = (u32) -1;
546 * wpa_supplicant_state_txt - Get the connection state name as a text string
547 * @state: State (wpa_state; WPA_*)
548 * Returns: The state name as a printable text string
550 const char * wpa_supplicant_state_txt(enum wpa_states state)
553 case WPA_DISCONNECTED:
554 return "DISCONNECTED";
557 case WPA_INTERFACE_DISABLED:
558 return "INTERFACE_DISABLED";
561 case WPA_AUTHENTICATING:
562 return "AUTHENTICATING";
563 case WPA_ASSOCIATING:
564 return "ASSOCIATING";
567 case WPA_4WAY_HANDSHAKE:
568 return "4WAY_HANDSHAKE";
569 case WPA_GROUP_HANDSHAKE:
570 return "GROUP_HANDSHAKE";
581 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
585 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
586 name = wpa_s->current_ssid->bgscan;
588 name = wpa_s->conf->bgscan;
589 if (name == NULL || name[0] == '\0')
591 if (wpas_driver_bss_selection(wpa_s))
593 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
596 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
598 #endif /* CONFIG_P2P */
600 bgscan_deinit(wpa_s);
601 if (wpa_s->current_ssid) {
602 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
603 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
606 * Live without bgscan; it is only used as a roaming
607 * optimization, so the initial connection is not
611 struct wpa_scan_results *scan_res;
612 wpa_s->bgscan_ssid = wpa_s->current_ssid;
613 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
616 bgscan_notify_scan(wpa_s, scan_res);
617 wpa_scan_results_free(scan_res);
621 wpa_s->bgscan_ssid = NULL;
625 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
627 if (wpa_s->bgscan_ssid != NULL) {
628 bgscan_deinit(wpa_s);
629 wpa_s->bgscan_ssid = NULL;
633 #endif /* CONFIG_BGSCAN */
636 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
638 if (autoscan_init(wpa_s, 0))
639 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
643 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
645 autoscan_deinit(wpa_s);
649 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
651 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
652 wpa_s->wpa_state == WPA_SCANNING) {
653 autoscan_deinit(wpa_s);
654 wpa_supplicant_start_autoscan(wpa_s);
660 * wpa_supplicant_set_state - Set current connection state
661 * @wpa_s: Pointer to wpa_supplicant data
662 * @state: The new connection state
664 * This function is called whenever the connection state changes, e.g.,
665 * association is completed for WPA/WPA2 4-Way Handshake is started.
667 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
668 enum wpa_states state)
670 enum wpa_states old_state = wpa_s->wpa_state;
672 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
673 wpa_supplicant_state_txt(wpa_s->wpa_state),
674 wpa_supplicant_state_txt(state));
676 if (state == WPA_INTERFACE_DISABLED) {
677 /* Assure normal scan when interface is restored */
678 wpa_s->normal_scans = 0;
681 if (state == WPA_COMPLETED) {
682 wpas_connect_work_done(wpa_s);
683 /* Reinitialize normal_scan counter */
684 wpa_s->normal_scans = 0;
687 if (state != WPA_SCANNING)
688 wpa_supplicant_notify_scanning(wpa_s, 0);
690 if (state == WPA_COMPLETED && wpa_s->new_connection) {
691 struct wpa_ssid *ssid = wpa_s->current_ssid;
692 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
693 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
694 MACSTR " completed [id=%d id_str=%s]",
695 MAC2STR(wpa_s->bssid),
696 ssid ? ssid->id : -1,
697 ssid && ssid->id_str ? ssid->id_str : "");
698 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
699 wpas_clear_temp_disabled(wpa_s, ssid, 1);
700 wpa_s->extra_blacklist_count = 0;
701 wpa_s->new_connection = 0;
702 wpa_drv_set_operstate(wpa_s, 1);
703 #ifndef IEEE8021X_EAPOL
704 wpa_drv_set_supp_port(wpa_s, 1);
705 #endif /* IEEE8021X_EAPOL */
706 wpa_s->after_wps = 0;
707 wpa_s->known_wps_freq = 0;
709 wpas_p2p_completed(wpa_s);
710 #endif /* CONFIG_P2P */
712 sme_sched_obss_scan(wpa_s, 1);
713 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
714 state == WPA_ASSOCIATED) {
715 wpa_s->new_connection = 1;
716 wpa_drv_set_operstate(wpa_s, 0);
717 #ifndef IEEE8021X_EAPOL
718 wpa_drv_set_supp_port(wpa_s, 0);
719 #endif /* IEEE8021X_EAPOL */
720 sme_sched_obss_scan(wpa_s, 0);
722 wpa_s->wpa_state = state;
725 if (state == WPA_COMPLETED)
726 wpa_supplicant_start_bgscan(wpa_s);
727 else if (state < WPA_ASSOCIATED)
728 wpa_supplicant_stop_bgscan(wpa_s);
729 #endif /* CONFIG_BGSCAN */
731 if (state == WPA_AUTHENTICATING)
732 wpa_supplicant_stop_autoscan(wpa_s);
734 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
735 wpa_supplicant_start_autoscan(wpa_s);
737 if (wpa_s->wpa_state != old_state) {
738 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
740 if (wpa_s->wpa_state == WPA_COMPLETED ||
741 old_state == WPA_COMPLETED)
742 wpas_notify_auth_changed(wpa_s);
747 void wpa_supplicant_terminate_proc(struct wpa_global *global)
751 struct wpa_supplicant *wpa_s = global->ifaces;
753 struct wpa_supplicant *next = wpa_s->next;
755 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
756 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
757 wpas_p2p_disconnect(wpa_s);
758 #endif /* CONFIG_P2P */
759 if (wpas_wps_terminate_pending(wpa_s) == 1)
763 #endif /* CONFIG_WPS */
770 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
772 struct wpa_global *global = signal_ctx;
773 wpa_supplicant_terminate_proc(global);
777 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
779 enum wpa_states old_state = wpa_s->wpa_state;
781 wpa_s->pairwise_cipher = 0;
782 wpa_s->group_cipher = 0;
783 wpa_s->mgmt_group_cipher = 0;
785 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
786 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
788 if (wpa_s->wpa_state != old_state)
789 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
794 * wpa_supplicant_reload_configuration - Reload configuration data
795 * @wpa_s: Pointer to wpa_supplicant data
796 * Returns: 0 on success or -1 if configuration parsing failed
798 * This function can be used to request that the configuration data is reloaded
799 * (e.g., after configuration file change). This function is reloading
800 * configuration only for one interface, so this may need to be called multiple
801 * times if %wpa_supplicant is controlling multiple interfaces and all
802 * interfaces need reconfiguration.
804 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
806 struct wpa_config *conf;
810 if (wpa_s->confname == NULL)
812 conf = wpa_config_read(wpa_s->confname, NULL);
814 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
815 "file '%s' - exiting", wpa_s->confname);
818 wpa_config_read(wpa_s->confanother, conf);
820 conf->changed_parameters = (unsigned int) -1;
822 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
823 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
824 os_strcmp(conf->ctrl_interface,
825 wpa_s->conf->ctrl_interface) != 0);
827 if (reconf_ctrl && wpa_s->ctrl_iface) {
828 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
829 wpa_s->ctrl_iface = NULL;
832 eapol_sm_invalidate_cached_session(wpa_s->eapol);
833 if (wpa_s->current_ssid) {
834 wpa_supplicant_deauthenticate(wpa_s,
835 WLAN_REASON_DEAUTH_LEAVING);
839 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
840 * pkcs11_engine_path, pkcs11_module_path.
842 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
844 * Clear forced success to clear EAP state for next
847 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
849 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
850 wpa_sm_set_config(wpa_s->wpa, NULL);
851 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
852 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
853 rsn_preauth_deinit(wpa_s->wpa);
855 old_ap_scan = wpa_s->conf->ap_scan;
856 wpa_config_free(wpa_s->conf);
858 if (old_ap_scan != wpa_s->conf->ap_scan)
859 wpas_notify_ap_scan_changed(wpa_s);
862 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
864 wpa_supplicant_update_config(wpa_s);
866 wpa_supplicant_clear_status(wpa_s);
867 if (wpa_supplicant_enabled_networks(wpa_s)) {
868 wpa_s->reassociate = 1;
869 wpa_supplicant_req_scan(wpa_s, 0, 0);
871 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
876 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
878 struct wpa_global *global = signal_ctx;
879 struct wpa_supplicant *wpa_s;
880 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
881 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
883 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
884 wpa_supplicant_terminate_proc(global);
890 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
891 struct wpa_ssid *ssid,
892 struct wpa_ie_data *ie)
894 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
897 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
898 "from association info");
903 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
905 if (!(ie->group_cipher & ssid->group_cipher)) {
906 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
907 "cipher 0x%x (mask 0x%x) - reject",
908 ie->group_cipher, ssid->group_cipher);
911 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
912 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
913 "cipher 0x%x (mask 0x%x) - reject",
914 ie->pairwise_cipher, ssid->pairwise_cipher);
917 if (!(ie->key_mgmt & ssid->key_mgmt)) {
918 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
919 "management 0x%x (mask 0x%x) - reject",
920 ie->key_mgmt, ssid->key_mgmt);
924 #ifdef CONFIG_IEEE80211W
925 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
926 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
927 wpa_s->conf->pmf : ssid->ieee80211w) ==
928 MGMT_FRAME_PROTECTION_REQUIRED) {
929 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
930 "that does not support management frame protection - "
934 #endif /* CONFIG_IEEE80211W */
941 * wpa_supplicant_set_suites - Set authentication and encryption parameters
942 * @wpa_s: Pointer to wpa_supplicant data
943 * @bss: Scan results for the selected BSS, or %NULL if not available
944 * @ssid: Configuration data for the selected network
945 * @wpa_ie: Buffer for the WPA/RSN IE
946 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
947 * used buffer length in case the functions returns success.
948 * Returns: 0 on success or -1 on failure
950 * This function is used to configure authentication and encryption parameters
951 * based on the network configuration and scan result for the selected BSS (if
954 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
955 struct wpa_bss *bss, struct wpa_ssid *ssid,
956 u8 *wpa_ie, size_t *wpa_ie_len)
958 struct wpa_ie_data ie;
960 const u8 *bss_wpa, *bss_rsn, *bss_osen;
963 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
964 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
965 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
967 bss_wpa = bss_rsn = bss_osen = NULL;
969 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
970 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
971 (ie.group_cipher & ssid->group_cipher) &&
972 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
973 (ie.key_mgmt & ssid->key_mgmt)) {
974 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
975 proto = WPA_PROTO_RSN;
976 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
977 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
978 (ie.group_cipher & ssid->group_cipher) &&
979 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
980 (ie.key_mgmt & ssid->key_mgmt)) {
981 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
982 proto = WPA_PROTO_WPA;
984 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
985 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
986 /* TODO: parse OSEN element */
987 ie.group_cipher = WPA_CIPHER_CCMP;
988 ie.pairwise_cipher = WPA_CIPHER_CCMP;
989 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
990 proto = WPA_PROTO_OSEN;
991 #endif /* CONFIG_HS20 */
993 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
996 if (ssid->proto & WPA_PROTO_OSEN)
997 proto = WPA_PROTO_OSEN;
998 else if (ssid->proto & WPA_PROTO_RSN)
999 proto = WPA_PROTO_RSN;
1001 proto = WPA_PROTO_WPA;
1002 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1003 os_memset(&ie, 0, sizeof(ie));
1004 ie.group_cipher = ssid->group_cipher;
1005 ie.pairwise_cipher = ssid->pairwise_cipher;
1006 ie.key_mgmt = ssid->key_mgmt;
1007 #ifdef CONFIG_IEEE80211W
1008 ie.mgmt_group_cipher =
1009 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1010 WPA_CIPHER_AES_128_CMAC : 0;
1011 #endif /* CONFIG_IEEE80211W */
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1013 "based on configuration");
1018 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1019 "pairwise %d key_mgmt %d proto %d",
1020 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1021 #ifdef CONFIG_IEEE80211W
1022 if (ssid->ieee80211w) {
1023 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1024 ie.mgmt_group_cipher);
1026 #endif /* CONFIG_IEEE80211W */
1028 wpa_s->wpa_proto = proto;
1029 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1030 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1031 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1033 if (bss || !wpa_s->ap_ies_from_associnfo) {
1034 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1035 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1036 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1037 bss_rsn ? 2 + bss_rsn[1] : 0))
1041 sel = ie.group_cipher & ssid->group_cipher;
1042 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1043 if (wpa_s->group_cipher < 0) {
1044 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1048 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1049 wpa_cipher_txt(wpa_s->group_cipher));
1051 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1052 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1053 if (wpa_s->pairwise_cipher < 0) {
1054 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1058 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1059 wpa_cipher_txt(wpa_s->pairwise_cipher));
1061 sel = ie.key_mgmt & ssid->key_mgmt;
1063 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1064 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1065 #endif /* CONFIG_SAE */
1067 #ifdef CONFIG_IEEE80211R
1068 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1069 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1070 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1071 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1072 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1073 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1074 #endif /* CONFIG_IEEE80211R */
1076 } else if (sel & WPA_KEY_MGMT_SAE) {
1077 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1078 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1079 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1080 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1081 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1082 #endif /* CONFIG_SAE */
1083 #ifdef CONFIG_IEEE80211W
1084 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1085 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1086 wpa_dbg(wpa_s, MSG_DEBUG,
1087 "WPA: using KEY_MGMT 802.1X with SHA256");
1088 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1089 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1090 wpa_dbg(wpa_s, MSG_DEBUG,
1091 "WPA: using KEY_MGMT PSK with SHA256");
1092 #endif /* CONFIG_IEEE80211W */
1093 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1094 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1095 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1096 } else if (sel & WPA_KEY_MGMT_PSK) {
1097 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1098 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1099 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1100 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1101 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1103 } else if (sel & WPA_KEY_MGMT_OSEN) {
1104 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1105 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1106 #endif /* CONFIG_HS20 */
1108 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1109 "authenticated key management type");
1113 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1114 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1115 wpa_s->pairwise_cipher);
1116 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1118 #ifdef CONFIG_IEEE80211W
1119 sel = ie.mgmt_group_cipher;
1120 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1121 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1122 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1124 if (sel & WPA_CIPHER_AES_128_CMAC) {
1125 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1126 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1128 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1129 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1130 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1132 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1133 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1134 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1136 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1137 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1138 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1141 wpa_s->mgmt_group_cipher = 0;
1142 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1144 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1145 wpa_s->mgmt_group_cipher);
1146 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1147 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1148 wpa_s->conf->pmf : ssid->ieee80211w));
1149 #endif /* CONFIG_IEEE80211W */
1151 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1152 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1156 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1157 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1158 #ifndef CONFIG_NO_PBKDF2
1159 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1162 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1163 4096, psk, PMK_LEN);
1164 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1166 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1168 #endif /* CONFIG_NO_PBKDF2 */
1169 #ifdef CONFIG_EXT_PASSWORD
1170 if (ssid->ext_psk) {
1171 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1173 char pw_str[64 + 1];
1177 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1178 "found from external storage");
1182 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1183 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1184 "PSK length %d in external storage",
1185 (int) wpabuf_len(pw));
1186 ext_password_free(pw);
1190 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1191 pw_str[wpabuf_len(pw)] = '\0';
1193 #ifndef CONFIG_NO_PBKDF2
1194 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1196 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1197 4096, psk, PMK_LEN);
1198 os_memset(pw_str, 0, sizeof(pw_str));
1199 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1200 "external passphrase)",
1202 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1204 #endif /* CONFIG_NO_PBKDF2 */
1205 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1206 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1207 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1208 "Invalid PSK hex string");
1209 os_memset(pw_str, 0, sizeof(pw_str));
1210 ext_password_free(pw);
1213 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1215 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1217 os_memset(pw_str, 0, sizeof(pw_str));
1218 ext_password_free(pw);
1222 os_memset(pw_str, 0, sizeof(pw_str));
1223 ext_password_free(pw);
1225 #endif /* CONFIG_EXT_PASSWORD */
1227 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1233 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1238 case 0: /* Bits 0-7 */
1240 case 1: /* Bits 8-15 */
1242 case 2: /* Bits 16-23 */
1244 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1245 *pos |= 0x08; /* Bit 19 - BSS Transition */
1246 #endif /* CONFIG_WNM */
1248 case 3: /* Bits 24-31 */
1250 *pos |= 0x02; /* Bit 25 - SSID List */
1251 #endif /* CONFIG_WNM */
1252 #ifdef CONFIG_INTERWORKING
1253 if (wpa_s->conf->interworking)
1254 *pos |= 0x80; /* Bit 31 - Interworking */
1255 #endif /* CONFIG_INTERWORKING */
1257 case 4: /* Bits 32-39 */
1258 #ifdef CONFIG_INTERWORKING
1259 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1260 *pos |= 0x01; /* Bit 32 - QoS Map */
1261 #endif /* CONFIG_INTERWORKING */
1263 case 5: /* Bits 40-47 */
1265 if (wpa_s->conf->hs20)
1266 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1267 #endif /* CONFIG_HS20 */
1269 case 6: /* Bits 48-55 */
1275 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1280 if (len < wpa_s->extended_capa_len)
1281 len = wpa_s->extended_capa_len;
1283 *pos++ = WLAN_EID_EXT_CAPAB;
1285 for (i = 0; i < len; i++, pos++) {
1286 wpas_ext_capab_byte(wpa_s, pos, i);
1288 if (i < wpa_s->extended_capa_len) {
1289 *pos &= ~wpa_s->extended_capa_mask[i];
1290 *pos |= wpa_s->extended_capa[i];
1294 while (len > 0 && buf[1 + len] == 0) {
1305 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1306 struct wpa_bss *test_bss)
1308 struct wpa_bss *bss;
1310 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1311 if (bss == test_bss)
1319 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1320 struct wpa_ssid *test_ssid)
1322 struct wpa_ssid *ssid;
1324 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1325 if (ssid == test_ssid)
1333 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1334 struct wpa_ssid *test_ssid)
1336 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1339 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1343 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1351 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1353 struct wpa_connect_work *cwork;
1354 struct wpa_radio_work *work = wpa_s->connect_work;
1359 wpa_s->connect_work = NULL;
1362 wpas_connect_work_free(cwork);
1363 radio_work_done(work);
1367 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1370 * wpa_supplicant_associate - Request association
1371 * @wpa_s: Pointer to wpa_supplicant data
1372 * @bss: Scan results for the selected BSS, or %NULL if not available
1373 * @ssid: Configuration data for the selected network
1375 * This function is used to request %wpa_supplicant to associate with a BSS.
1377 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1378 struct wpa_bss *bss, struct wpa_ssid *ssid)
1380 struct wpa_connect_work *cwork;
1382 #ifdef CONFIG_IBSS_RSN
1383 ibss_rsn_deinit(wpa_s->ibss_rsn);
1384 wpa_s->ibss_rsn = NULL;
1385 #endif /* CONFIG_IBSS_RSN */
1387 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1388 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1390 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1391 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1395 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1396 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1397 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1398 wpas_p2p_ap_setup_failed(wpa_s);
1401 wpa_s->current_bss = bss;
1402 #else /* CONFIG_AP */
1403 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1405 #endif /* CONFIG_AP */
1411 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1413 #endif /* CONFIG_TDLS */
1415 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1416 ssid->mode == IEEE80211_MODE_INFRA) {
1417 sme_authenticate(wpa_s, bss, ssid);
1421 if (wpa_s->connect_work) {
1422 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1426 if (radio_work_pending(wpa_s, "connect")) {
1427 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1431 cwork = os_zalloc(sizeof(*cwork));
1438 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1439 wpas_start_assoc_cb, cwork) < 0) {
1445 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1447 struct wpa_connect_work *cwork = work->ctx;
1448 struct wpa_bss *bss = cwork->bss;
1449 struct wpa_ssid *ssid = cwork->ssid;
1450 struct wpa_supplicant *wpa_s = work->wpa_s;
1453 int use_crypt, ret, i, bssid_changed;
1454 int algs = WPA_AUTH_ALG_OPEN;
1455 unsigned int cipher_pairwise, cipher_group;
1456 struct wpa_driver_associate_params params;
1457 int wep_keys_set = 0;
1458 int assoc_failed = 0;
1459 struct wpa_ssid *old_ssid;
1460 #ifdef CONFIG_HT_OVERRIDES
1461 struct ieee80211_ht_capabilities htcaps;
1462 struct ieee80211_ht_capabilities htcaps_mask;
1463 #endif /* CONFIG_HT_OVERRIDES */
1464 #ifdef CONFIG_VHT_OVERRIDES
1465 struct ieee80211_vht_capabilities vhtcaps;
1466 struct ieee80211_vht_capabilities vhtcaps_mask;
1467 #endif /* CONFIG_VHT_OVERRIDES */
1470 if (work->started) {
1471 wpa_s->connect_work = NULL;
1473 /* cancel possible auth. timeout */
1474 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1477 wpas_connect_work_free(cwork);
1481 wpa_s->connect_work = work;
1483 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1484 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1485 wpas_connect_work_done(wpa_s);
1489 os_memset(¶ms, 0, sizeof(params));
1490 wpa_s->reassociate = 0;
1491 wpa_s->eap_expected_failure = 0;
1492 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1493 #ifdef CONFIG_IEEE80211R
1494 const u8 *ie, *md = NULL;
1495 #endif /* CONFIG_IEEE80211R */
1496 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1497 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1498 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1499 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1500 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1501 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1503 wpas_notify_bssid_changed(wpa_s);
1504 #ifdef CONFIG_IEEE80211R
1505 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1506 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1508 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1510 /* Prepare for the next transition */
1511 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1513 #endif /* CONFIG_IEEE80211R */
1515 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1516 wpa_s->conf->ap_scan == 2 &&
1517 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1518 /* Use ap_scan==1 style network selection to find the network
1520 wpa_s->scan_req = MANUAL_SCAN_REQ;
1521 wpa_s->reassociate = 1;
1522 wpa_supplicant_req_scan(wpa_s, 0, 0);
1524 #endif /* CONFIG_WPS */
1526 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1527 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1528 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1530 wpa_supplicant_cancel_sched_scan(wpa_s);
1531 wpa_supplicant_cancel_scan(wpa_s);
1533 /* Starting new association, so clear the possibly used WPA IE from the
1534 * previous association. */
1535 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1537 #ifdef IEEE8021X_EAPOL
1538 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1540 if (ssid->non_leap == 0)
1541 algs = WPA_AUTH_ALG_LEAP;
1543 algs |= WPA_AUTH_ALG_LEAP;
1546 #endif /* IEEE8021X_EAPOL */
1547 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1548 if (ssid->auth_alg) {
1549 algs = ssid->auth_alg;
1550 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1554 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1555 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1556 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1557 int try_opportunistic;
1558 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1560 ssid->proactive_key_caching) &&
1561 (ssid->proto & WPA_PROTO_RSN);
1562 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1563 ssid, try_opportunistic) == 0)
1564 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1565 wpa_ie_len = sizeof(wpa_ie);
1566 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1567 wpa_ie, &wpa_ie_len)) {
1568 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1569 "key management and encryption suites");
1572 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1573 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1575 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1576 * use non-WPA since the scan results did not indicate that the
1577 * AP is using WPA or WPA2.
1579 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1581 wpa_s->wpa_proto = 0;
1582 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1583 wpa_ie_len = sizeof(wpa_ie);
1584 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1585 wpa_ie, &wpa_ie_len)) {
1586 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1587 "key management and encryption suites (no "
1592 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1593 struct wpabuf *wps_ie;
1594 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1595 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1596 wpa_ie_len = wpabuf_len(wps_ie);
1597 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1600 wpabuf_free(wps_ie);
1601 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1602 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1603 params.wps = WPS_MODE_PRIVACY;
1605 params.wps = WPS_MODE_OPEN;
1606 wpa_s->wpa_proto = 0;
1607 #endif /* CONFIG_WPS */
1609 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1611 wpa_s->wpa_proto = 0;
1615 if (wpa_s->global->p2p) {
1619 pos = wpa_ie + wpa_ie_len;
1620 len = sizeof(wpa_ie) - wpa_ie_len;
1621 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1627 wpa_s->cross_connect_disallowed = 0;
1630 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1632 wpa_s->cross_connect_disallowed =
1633 p2p_get_cross_connect_disallowed(p2p);
1635 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1637 wpa_s->cross_connect_disallowed ?
1638 "disallows" : "allows");
1642 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1643 #endif /* CONFIG_P2P */
1646 if (is_hs20_network(wpa_s, ssid, bss)) {
1647 struct wpabuf *hs20;
1648 hs20 = wpabuf_alloc(20);
1650 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1651 wpas_hs20_add_indication(hs20, pps_mo_id);
1652 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1654 wpa_ie_len += wpabuf_len(hs20);
1658 #endif /* CONFIG_HS20 */
1661 * Workaround: Add Extended Capabilities element only if the AP
1662 * included this element in Beacon/Probe Response frames. Some older
1663 * APs seem to have interoperability issues if this element is
1664 * included, so while the standard may require us to include the
1665 * element in all cases, it is justifiable to skip it to avoid
1666 * interoperability issues.
1668 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1671 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1672 if (ext_capab_len > 0) {
1674 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1676 os_memmove(pos + ext_capab_len, pos,
1677 wpa_ie_len - (pos - wpa_ie));
1678 wpa_ie_len += ext_capab_len;
1679 os_memcpy(pos, ext_capab, ext_capab_len);
1683 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1685 cipher_pairwise = wpa_s->pairwise_cipher;
1686 cipher_group = wpa_s->group_cipher;
1687 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1688 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1689 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1691 if (wpa_set_wep_keys(wpa_s, ssid)) {
1696 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1699 #ifdef IEEE8021X_EAPOL
1700 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1701 if ((ssid->eapol_flags &
1702 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1703 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1707 /* Assume that dynamic WEP-104 keys will be used and
1708 * set cipher suites in order for drivers to expect
1710 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1713 #endif /* IEEE8021X_EAPOL */
1715 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1716 /* Set the key before (and later after) association */
1717 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1720 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1722 params.ssid = bss->ssid;
1723 params.ssid_len = bss->ssid_len;
1724 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1725 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1726 MACSTR " freq=%u MHz based on scan results "
1728 MAC2STR(bss->bssid), bss->freq,
1730 params.bssid = bss->bssid;
1731 params.freq = bss->freq;
1733 params.bssid_hint = bss->bssid;
1734 params.freq_hint = bss->freq;
1736 params.ssid = ssid->ssid;
1737 params.ssid_len = ssid->ssid_len;
1740 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1741 wpa_s->conf->ap_scan == 2) {
1742 params.bssid = ssid->bssid;
1743 params.fixed_bssid = 1;
1746 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1748 params.freq = ssid->frequency; /* Initial channel for IBSS */
1750 if (ssid->mode == WPAS_MODE_IBSS) {
1751 if (ssid->beacon_int)
1752 params.beacon_int = ssid->beacon_int;
1754 params.beacon_int = wpa_s->conf->beacon_int;
1757 params.wpa_ie = wpa_ie;
1758 params.wpa_ie_len = wpa_ie_len;
1759 params.pairwise_suite = cipher_pairwise;
1760 params.group_suite = cipher_group;
1761 params.key_mgmt_suite = wpa_s->key_mgmt;
1762 params.wpa_proto = wpa_s->wpa_proto;
1763 params.auth_alg = algs;
1764 params.mode = ssid->mode;
1765 params.bg_scan_period = ssid->bg_scan_period;
1766 for (i = 0; i < NUM_WEP_KEYS; i++) {
1767 if (ssid->wep_key_len[i])
1768 params.wep_key[i] = ssid->wep_key[i];
1769 params.wep_key_len[i] = ssid->wep_key_len[i];
1771 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1773 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1774 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1775 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1776 params.passphrase = ssid->passphrase;
1778 params.psk = ssid->psk;
1781 params.drop_unencrypted = use_crypt;
1783 #ifdef CONFIG_IEEE80211W
1784 params.mgmt_frame_protection =
1785 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1786 wpa_s->conf->pmf : ssid->ieee80211w;
1787 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1788 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1789 struct wpa_ie_data ie;
1790 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1792 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1793 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1794 "MFP: require MFP");
1795 params.mgmt_frame_protection =
1796 MGMT_FRAME_PROTECTION_REQUIRED;
1799 #endif /* CONFIG_IEEE80211W */
1801 params.p2p = ssid->p2p_group;
1803 if (wpa_s->parent->set_sta_uapsd)
1804 params.uapsd = wpa_s->parent->sta_uapsd;
1808 #ifdef CONFIG_HT_OVERRIDES
1809 os_memset(&htcaps, 0, sizeof(htcaps));
1810 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1811 params.htcaps = (u8 *) &htcaps;
1812 params.htcaps_mask = (u8 *) &htcaps_mask;
1813 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1814 #endif /* CONFIG_HT_OVERRIDES */
1815 #ifdef CONFIG_VHT_OVERRIDES
1816 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
1817 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
1818 params.vhtcaps = &vhtcaps;
1819 params.vhtcaps_mask = &vhtcaps_mask;
1820 wpa_supplicant_apply_vht_overrides(wpa_s, wpa_s->current_ssid, ¶ms);
1821 #endif /* CONFIG_VHT_OVERRIDES */
1825 * If multi-channel concurrency is not supported, check for any
1826 * frequency conflict. In case of any frequency conflict, remove the
1827 * least prioritized connection.
1829 if (wpa_s->num_multichan_concurrent < 2) {
1831 num = get_shared_radio_freqs(wpa_s, &freq, 1);
1832 if (num > 0 && freq > 0 && freq != params.freq) {
1833 wpa_printf(MSG_DEBUG,
1834 "Assoc conflicting freq found (%d != %d)",
1836 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1842 #endif /* CONFIG_P2P */
1844 ret = wpa_drv_associate(wpa_s, ¶ms);
1846 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1848 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1850 * The driver is known to mean what is saying, so we
1851 * can stop right here; the association will not
1854 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1855 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1856 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1859 /* try to continue anyway; new association will be tried again
1864 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1865 /* Set the key after the association just in case association
1866 * cleared the previously configured key. */
1867 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1868 /* No need to timeout authentication since there is no key
1870 wpa_supplicant_cancel_auth_timeout(wpa_s);
1871 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1872 #ifdef CONFIG_IBSS_RSN
1873 } else if (ssid->mode == WPAS_MODE_IBSS &&
1874 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1875 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1877 * RSN IBSS authentication is per-STA and we can disable the
1878 * per-BSSID authentication.
1880 wpa_supplicant_cancel_auth_timeout(wpa_s);
1881 #endif /* CONFIG_IBSS_RSN */
1883 /* Timeout for IEEE 802.11 authentication and association */
1887 /* give IBSS a bit more time */
1888 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1889 } else if (wpa_s->conf->ap_scan == 1) {
1890 /* give IBSS a bit more time */
1891 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1893 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1897 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1898 /* Set static WEP keys again */
1899 wpa_set_wep_keys(wpa_s, ssid);
1902 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1904 * Do not allow EAP session resumption between different
1905 * network configurations.
1907 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1909 old_ssid = wpa_s->current_ssid;
1910 wpa_s->current_ssid = ssid;
1911 wpa_s->current_bss = bss;
1912 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1913 wpa_supplicant_initiate_eapol(wpa_s);
1914 if (old_ssid != wpa_s->current_ssid)
1915 wpas_notify_network_changed(wpa_s);
1919 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1922 struct wpa_ssid *old_ssid;
1924 wpa_clear_keys(wpa_s, addr);
1925 old_ssid = wpa_s->current_ssid;
1926 wpa_supplicant_mark_disassoc(wpa_s);
1927 wpa_sm_set_config(wpa_s->wpa, NULL);
1928 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1929 if (old_ssid != wpa_s->current_ssid)
1930 wpas_notify_network_changed(wpa_s);
1931 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1936 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1937 * @wpa_s: Pointer to wpa_supplicant data
1938 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1940 * This function is used to request %wpa_supplicant to deauthenticate from the
1943 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1947 union wpa_event_data event;
1950 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1951 " pending_bssid=" MACSTR " reason=%d state=%s",
1952 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1953 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1955 if (!is_zero_ether_addr(wpa_s->bssid))
1956 addr = wpa_s->bssid;
1957 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1958 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1959 wpa_s->wpa_state == WPA_ASSOCIATING))
1960 addr = wpa_s->pending_bssid;
1961 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1963 * When using driver-based BSS selection, we may not know the
1964 * BSSID with which we are currently trying to associate. We
1965 * need to notify the driver of this disconnection even in such
1966 * a case, so use the all zeros address here.
1968 addr = wpa_s->bssid;
1973 wpa_tdls_teardown_peers(wpa_s->wpa);
1974 #endif /* CONFIG_TDLS */
1977 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1978 os_memset(&event, 0, sizeof(event));
1979 event.deauth_info.reason_code = (u16) reason_code;
1980 event.deauth_info.locally_generated = 1;
1981 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1986 wpa_supplicant_clear_connection(wpa_s, addr);
1989 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1990 struct wpa_ssid *ssid)
1992 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1996 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1997 wpas_notify_network_enabled_changed(wpa_s, ssid);
2000 * Try to reassociate since there is no current configuration and a new
2001 * network was made available.
2003 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2004 wpa_s->reassociate = 1;
2009 * wpa_supplicant_enable_network - Mark a configured network as enabled
2010 * @wpa_s: wpa_supplicant structure for a network interface
2011 * @ssid: wpa_ssid structure for a configured network or %NULL
2013 * Enables the specified network or all networks if no network specified.
2015 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2016 struct wpa_ssid *ssid)
2019 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2020 wpa_supplicant_enable_one_network(wpa_s, ssid);
2022 wpa_supplicant_enable_one_network(wpa_s, ssid);
2024 if (wpa_s->reassociate && !wpa_s->disconnected) {
2025 if (wpa_s->sched_scanning) {
2026 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2027 "new network to scan filters");
2028 wpa_supplicant_cancel_sched_scan(wpa_s);
2031 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2032 wpa_supplicant_req_scan(wpa_s, 0, 0);
2038 * wpa_supplicant_disable_network - Mark a configured network as disabled
2039 * @wpa_s: wpa_supplicant structure for a network interface
2040 * @ssid: wpa_ssid structure for a configured network or %NULL
2042 * Disables the specified network or all networks if no network specified.
2044 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2045 struct wpa_ssid *ssid)
2047 struct wpa_ssid *other_ssid;
2051 if (wpa_s->sched_scanning)
2052 wpa_supplicant_cancel_sched_scan(wpa_s);
2054 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2055 other_ssid = other_ssid->next) {
2056 was_disabled = other_ssid->disabled;
2057 if (was_disabled == 2)
2058 continue; /* do not change persistent P2P group
2061 other_ssid->disabled = 1;
2063 if (was_disabled != other_ssid->disabled)
2064 wpas_notify_network_enabled_changed(
2067 if (wpa_s->current_ssid)
2068 wpa_supplicant_deauthenticate(
2069 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2070 } else if (ssid->disabled != 2) {
2071 if (ssid == wpa_s->current_ssid)
2072 wpa_supplicant_deauthenticate(
2073 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2075 was_disabled = ssid->disabled;
2079 if (was_disabled != ssid->disabled) {
2080 wpas_notify_network_enabled_changed(wpa_s, ssid);
2081 if (wpa_s->sched_scanning) {
2082 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2083 "to remove network from filters");
2084 wpa_supplicant_cancel_sched_scan(wpa_s);
2085 wpa_supplicant_req_scan(wpa_s, 0, 0);
2093 * wpa_supplicant_select_network - Attempt association with a network
2094 * @wpa_s: wpa_supplicant structure for a network interface
2095 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2097 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2098 struct wpa_ssid *ssid)
2101 struct wpa_ssid *other_ssid;
2102 int disconnected = 0;
2104 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2105 wpa_supplicant_deauthenticate(
2106 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2111 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2114 * Mark all other networks disabled or mark all networks enabled if no
2115 * network specified.
2117 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2118 other_ssid = other_ssid->next) {
2119 int was_disabled = other_ssid->disabled;
2120 if (was_disabled == 2)
2121 continue; /* do not change persistent P2P group data */
2123 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2124 if (was_disabled && !other_ssid->disabled)
2125 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2127 if (was_disabled != other_ssid->disabled)
2128 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2131 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2132 /* We are already associated with the selected network */
2133 wpa_printf(MSG_DEBUG, "Already associated with the "
2134 "selected network - do nothing");
2139 wpa_s->current_ssid = ssid;
2140 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2142 wpa_s->connect_without_scan = NULL;
2143 wpa_s->disconnected = 0;
2144 wpa_s->reassociate = 1;
2146 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2147 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2150 wpas_notify_network_selected(wpa_s, ssid);
2155 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2156 * @wpa_s: wpa_supplicant structure for a network interface
2157 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2158 * @pkcs11_module_path: PKCS #11 module path or NULL
2159 * Returns: 0 on success; -1 on failure
2161 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2162 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2163 * module path fails the paths will be reset to the default value (NULL).
2165 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2166 const char *pkcs11_engine_path,
2167 const char *pkcs11_module_path)
2169 char *pkcs11_engine_path_copy = NULL;
2170 char *pkcs11_module_path_copy = NULL;
2172 if (pkcs11_engine_path != NULL) {
2173 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2174 if (pkcs11_engine_path_copy == NULL)
2177 if (pkcs11_module_path != NULL) {
2178 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2179 if (pkcs11_module_path_copy == NULL) {
2180 os_free(pkcs11_engine_path_copy);
2185 os_free(wpa_s->conf->pkcs11_engine_path);
2186 os_free(wpa_s->conf->pkcs11_module_path);
2187 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2188 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2190 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2191 eapol_sm_deinit(wpa_s->eapol);
2192 wpa_s->eapol = NULL;
2193 if (wpa_supplicant_init_eapol(wpa_s)) {
2194 /* Error -> Reset paths to the default value (NULL) once. */
2195 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2196 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2201 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2208 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2209 * @wpa_s: wpa_supplicant structure for a network interface
2210 * @ap_scan: AP scan mode
2211 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2214 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2219 if (ap_scan < 0 || ap_scan > 2)
2223 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2224 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2225 wpa_s->wpa_state < WPA_COMPLETED) {
2226 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2227 "associating", wpa_s->conf->ap_scan, ap_scan);
2230 #endif /* ANDROID */
2232 old_ap_scan = wpa_s->conf->ap_scan;
2233 wpa_s->conf->ap_scan = ap_scan;
2235 if (old_ap_scan != wpa_s->conf->ap_scan)
2236 wpas_notify_ap_scan_changed(wpa_s);
2243 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2244 * @wpa_s: wpa_supplicant structure for a network interface
2245 * @expire_age: Expiration age in seconds
2246 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2249 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2250 unsigned int bss_expire_age)
2252 if (bss_expire_age < 10) {
2253 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2257 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2259 wpa_s->conf->bss_expiration_age = bss_expire_age;
2266 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2267 * @wpa_s: wpa_supplicant structure for a network interface
2268 * @expire_count: number of scans after which an unseen BSS is reclaimed
2269 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2272 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2273 unsigned int bss_expire_count)
2275 if (bss_expire_count < 1) {
2276 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2280 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2282 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2289 * wpa_supplicant_set_scan_interval - Set scan interval
2290 * @wpa_s: wpa_supplicant structure for a network interface
2291 * @scan_interval: scan interval in seconds
2292 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2295 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2298 if (scan_interval < 0) {
2299 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2303 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2305 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2312 * wpa_supplicant_set_debug_params - Set global debug params
2313 * @global: wpa_global structure
2314 * @debug_level: debug level
2315 * @debug_timestamp: determines if show timestamp in debug data
2316 * @debug_show_keys: determines if show keys in debug data
2317 * Returns: 0 if succeed or -1 if debug_level has wrong value
2319 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2320 int debug_timestamp, int debug_show_keys)
2323 int old_level, old_timestamp, old_show_keys;
2325 /* check for allowed debuglevels */
2326 if (debug_level != MSG_EXCESSIVE &&
2327 debug_level != MSG_MSGDUMP &&
2328 debug_level != MSG_DEBUG &&
2329 debug_level != MSG_INFO &&
2330 debug_level != MSG_WARNING &&
2331 debug_level != MSG_ERROR)
2334 old_level = wpa_debug_level;
2335 old_timestamp = wpa_debug_timestamp;
2336 old_show_keys = wpa_debug_show_keys;
2338 wpa_debug_level = debug_level;
2339 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2340 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2342 if (wpa_debug_level != old_level)
2343 wpas_notify_debug_level_changed(global);
2344 if (wpa_debug_timestamp != old_timestamp)
2345 wpas_notify_debug_timestamp_changed(global);
2346 if (wpa_debug_show_keys != old_show_keys)
2347 wpas_notify_debug_show_keys_changed(global);
2354 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2355 * @wpa_s: Pointer to wpa_supplicant data
2356 * Returns: A pointer to the current network structure or %NULL on failure
2358 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2360 struct wpa_ssid *entry;
2361 u8 ssid[MAX_SSID_LEN];
2367 res = wpa_drv_get_ssid(wpa_s, ssid);
2369 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2375 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2376 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2381 wired = wpa_s->conf->ap_scan == 0 &&
2382 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2384 entry = wpa_s->conf->ssid;
2386 if (!wpas_network_disabled(wpa_s, entry) &&
2387 ((ssid_len == entry->ssid_len &&
2388 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2389 (!entry->bssid_set ||
2390 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2393 if (!wpas_network_disabled(wpa_s, entry) &&
2394 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2395 (entry->ssid == NULL || entry->ssid_len == 0) &&
2396 (!entry->bssid_set ||
2397 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2399 #endif /* CONFIG_WPS */
2401 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2402 entry->ssid_len == 0 &&
2403 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2406 entry = entry->next;
2413 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2415 struct wpa_global *global = wpa_s->global;
2417 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2418 global->drv_priv[i] = wpa_drivers[i]->global_init();
2419 if (global->drv_priv[i] == NULL) {
2420 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2421 "'%s'", wpa_drivers[i]->name);
2426 wpa_s->driver = wpa_drivers[i];
2427 wpa_s->global_drv_priv = global->drv_priv[i];
2433 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2438 const char *pos, *driver = name;
2443 if (wpa_drivers[0] == NULL) {
2444 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2450 /* default to first driver in the list */
2451 return select_driver(wpa_s, 0);
2455 pos = os_strchr(driver, ',');
2459 len = os_strlen(driver);
2461 for (i = 0; wpa_drivers[i]; i++) {
2462 if (os_strlen(wpa_drivers[i]->name) == len &&
2463 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2465 /* First driver that succeeds wins */
2466 if (select_driver(wpa_s, i) == 0)
2474 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2480 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2481 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2482 * with struct wpa_driver_ops::init()
2483 * @src_addr: Source address of the EAPOL frame
2484 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2485 * @len: Length of the EAPOL data
2487 * This function is called for each received EAPOL frame. Most driver
2488 * interfaces rely on more generic OS mechanism for receiving frames through
2489 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2490 * take care of received EAPOL frames and deliver them to the core supplicant
2491 * code by calling this function.
2493 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2494 const u8 *buf, size_t len)
2496 struct wpa_supplicant *wpa_s = ctx;
2498 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2499 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2501 #ifdef CONFIG_PEERKEY
2502 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2503 wpa_s->current_ssid->peerkey &&
2504 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2505 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2506 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2509 #endif /* CONFIG_PEERKEY */
2511 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2512 (wpa_s->last_eapol_matches_bssid &&
2515 #endif /* CONFIG_AP */
2516 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2518 * There is possible race condition between receiving the
2519 * association event and the EAPOL frame since they are coming
2520 * through different paths from the driver. In order to avoid
2521 * issues in trying to process the EAPOL frame before receiving
2522 * association information, lets queue it for processing until
2523 * the association event is received. This may also be needed in
2524 * driver-based roaming case, so also use src_addr != BSSID as a
2525 * trigger if we have previously confirmed that the
2526 * Authenticator uses BSSID as the src_addr (which is not the
2527 * case with wired IEEE 802.1X).
2529 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2530 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2531 wpa_supplicant_state_txt(wpa_s->wpa_state),
2532 MAC2STR(wpa_s->bssid));
2533 wpabuf_free(wpa_s->pending_eapol_rx);
2534 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2535 if (wpa_s->pending_eapol_rx) {
2536 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2537 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2543 wpa_s->last_eapol_matches_bssid =
2544 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2547 if (wpa_s->ap_iface) {
2548 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2551 #endif /* CONFIG_AP */
2553 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2554 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2555 "no key management is configured");
2559 if (wpa_s->eapol_received == 0 &&
2560 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2561 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2562 wpa_s->wpa_state != WPA_COMPLETED) &&
2563 (wpa_s->current_ssid == NULL ||
2564 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2565 /* Timeout for completing IEEE 802.1X and WPA authentication */
2566 wpa_supplicant_req_auth_timeout(
2568 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2569 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2570 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2573 wpa_s->eapol_received++;
2575 if (wpa_s->countermeasures) {
2576 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2581 #ifdef CONFIG_IBSS_RSN
2582 if (wpa_s->current_ssid &&
2583 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2584 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2587 #endif /* CONFIG_IBSS_RSN */
2589 /* Source address of the incoming EAPOL frame could be compared to the
2590 * current BSSID. However, it is possible that a centralized
2591 * Authenticator could be using another MAC address than the BSSID of
2592 * an AP, so just allow any address to be used for now. The replies are
2593 * still sent to the current BSSID (if available), though. */
2595 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2596 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2597 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2599 wpa_drv_poll(wpa_s);
2600 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2601 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2602 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2604 * Set portValid = TRUE here since we are going to skip 4-way
2605 * handshake processing which would normally set portValid. We
2606 * need this to allow the EAPOL state machines to be completed
2607 * without going through EAPOL-Key handshake.
2609 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2614 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2616 if (wpa_s->driver->send_eapol) {
2617 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2619 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2620 } else if ((!wpa_s->p2p_mgmt ||
2621 !(wpa_s->drv_flags &
2622 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2623 !(wpa_s->drv_flags &
2624 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2625 l2_packet_deinit(wpa_s->l2);
2626 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2627 wpa_drv_get_mac_addr(wpa_s),
2629 wpa_supplicant_rx_eapol, wpa_s, 0);
2630 if (wpa_s->l2 == NULL)
2633 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2635 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2638 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2639 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2647 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2648 const u8 *buf, size_t len)
2650 struct wpa_supplicant *wpa_s = ctx;
2651 const struct l2_ethhdr *eth;
2653 if (len < sizeof(*eth))
2655 eth = (const struct l2_ethhdr *) buf;
2657 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2658 !(eth->h_dest[0] & 0x01)) {
2659 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2660 " (bridge - not for this interface - ignore)",
2661 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2665 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2666 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2667 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2668 len - sizeof(*eth));
2673 * wpa_supplicant_driver_init - Initialize driver interface parameters
2674 * @wpa_s: Pointer to wpa_supplicant data
2675 * Returns: 0 on success, -1 on failure
2677 * This function is called to initialize driver interface parameters.
2678 * wpa_drv_init() must have been called before this function to initialize the
2681 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2683 static int interface_count = 0;
2685 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2688 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2689 MAC2STR(wpa_s->own_addr));
2690 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2692 if (wpa_s->bridge_ifname[0]) {
2693 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2694 "interface '%s'", wpa_s->bridge_ifname);
2695 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2698 wpa_supplicant_rx_eapol_bridge,
2700 if (wpa_s->l2_br == NULL) {
2701 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2702 "connection for the bridge interface '%s'",
2703 wpa_s->bridge_ifname);
2708 wpa_clear_keys(wpa_s, NULL);
2710 /* Make sure that TKIP countermeasures are not left enabled (could
2711 * happen if wpa_supplicant is killed during countermeasures. */
2712 wpa_drv_set_countermeasures(wpa_s, 0);
2714 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2715 wpa_drv_flush_pmkid(wpa_s);
2717 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2718 wpa_s->prev_scan_wildcard = 0;
2720 if (wpa_supplicant_enabled_networks(wpa_s)) {
2721 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2722 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2723 interface_count = 0;
2725 if (!wpa_s->p2p_mgmt &&
2726 wpa_supplicant_delayed_sched_scan(wpa_s,
2727 interface_count % 3,
2729 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
2733 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2739 static int wpa_supplicant_daemon(const char *pid_file)
2741 wpa_printf(MSG_DEBUG, "Daemonize..");
2742 return os_daemonize(pid_file);
2746 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2748 struct wpa_supplicant *wpa_s;
2750 wpa_s = os_zalloc(sizeof(*wpa_s));
2753 wpa_s->scan_req = INITIAL_SCAN_REQ;
2754 wpa_s->scan_interval = 5;
2755 wpa_s->new_connection = 1;
2756 wpa_s->parent = wpa_s;
2757 wpa_s->sched_scanning = 0;
2763 #ifdef CONFIG_HT_OVERRIDES
2765 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2766 struct ieee80211_ht_capabilities *htcaps,
2767 struct ieee80211_ht_capabilities *htcaps_mask,
2770 /* parse ht_mcs into hex array */
2772 const char *tmp = ht_mcs;
2775 /* If ht_mcs is null, do not set anything */
2779 /* This is what we are setting in the kernel */
2780 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2782 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2784 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2786 long v = strtol(tmp, &end, 16);
2788 wpa_msg(wpa_s, MSG_DEBUG,
2789 "htcap value[%i]: %ld end: %p tmp: %p",
2794 htcaps->supported_mcs_set[i] = v;
2797 wpa_msg(wpa_s, MSG_ERROR,
2798 "Failed to parse ht-mcs: %s, error: %s\n",
2799 ht_mcs, strerror(errno));
2805 * If we were able to parse any values, then set mask for the MCS set.
2808 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2809 IEEE80211_HT_MCS_MASK_LEN - 1);
2810 /* skip the 3 reserved bits */
2811 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2819 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2820 struct ieee80211_ht_capabilities *htcaps,
2821 struct ieee80211_ht_capabilities *htcaps_mask,
2826 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2831 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2832 htcaps_mask->ht_capabilities_info |= msk;
2834 htcaps->ht_capabilities_info &= msk;
2836 htcaps->ht_capabilities_info |= msk;
2842 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2843 struct ieee80211_ht_capabilities *htcaps,
2844 struct ieee80211_ht_capabilities *htcaps_mask,
2847 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2852 if (factor < 0 || factor > 3) {
2853 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2854 "Must be 0-3 or -1", factor);
2858 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2859 htcaps->a_mpdu_params &= ~0x3;
2860 htcaps->a_mpdu_params |= factor & 0x3;
2866 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2867 struct ieee80211_ht_capabilities *htcaps,
2868 struct ieee80211_ht_capabilities *htcaps_mask,
2871 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2876 if (density < 0 || density > 7) {
2877 wpa_msg(wpa_s, MSG_ERROR,
2878 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2883 htcaps_mask->a_mpdu_params |= 0x1C;
2884 htcaps->a_mpdu_params &= ~(0x1C);
2885 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2891 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2892 struct ieee80211_ht_capabilities *htcaps,
2893 struct ieee80211_ht_capabilities *htcaps_mask,
2896 /* Masking these out disables HT40 */
2897 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2898 HT_CAP_INFO_SHORT_GI40MHZ);
2900 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2903 htcaps->ht_capabilities_info &= ~msk;
2905 htcaps->ht_capabilities_info |= msk;
2907 htcaps_mask->ht_capabilities_info |= msk;
2913 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2914 struct ieee80211_ht_capabilities *htcaps,
2915 struct ieee80211_ht_capabilities *htcaps_mask,
2918 /* Masking these out disables SGI */
2919 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2920 HT_CAP_INFO_SHORT_GI40MHZ);
2922 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2925 htcaps->ht_capabilities_info &= ~msk;
2927 htcaps->ht_capabilities_info |= msk;
2929 htcaps_mask->ht_capabilities_info |= msk;
2935 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
2936 struct ieee80211_ht_capabilities *htcaps,
2937 struct ieee80211_ht_capabilities *htcaps_mask,
2940 /* Masking these out disables LDPC */
2941 u16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
2943 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
2946 htcaps->ht_capabilities_info &= ~msk;
2948 htcaps->ht_capabilities_info |= msk;
2950 htcaps_mask->ht_capabilities_info |= msk;
2956 void wpa_supplicant_apply_ht_overrides(
2957 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2958 struct wpa_driver_associate_params *params)
2960 struct ieee80211_ht_capabilities *htcaps;
2961 struct ieee80211_ht_capabilities *htcaps_mask;
2966 params->disable_ht = ssid->disable_ht;
2967 if (!params->htcaps || !params->htcaps_mask)
2970 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2971 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2972 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2973 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2974 ssid->disable_max_amsdu);
2975 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2976 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2977 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2978 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2979 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
2981 if (ssid->ht40_intolerant) {
2982 u16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
2983 htcaps->ht_capabilities_info |= bit;
2984 htcaps_mask->ht_capabilities_info |= bit;
2988 #endif /* CONFIG_HT_OVERRIDES */
2991 #ifdef CONFIG_VHT_OVERRIDES
2992 void wpa_supplicant_apply_vht_overrides(
2993 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2994 struct wpa_driver_associate_params *params)
2996 struct ieee80211_vht_capabilities *vhtcaps;
2997 struct ieee80211_vht_capabilities *vhtcaps_mask;
2998 #ifdef CONFIG_HT_OVERRIDES
3000 const u32 max_ampdu_mask = VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX;
3001 #endif /* CONFIG_HT_OVERRIDES */
3006 params->disable_vht = ssid->disable_vht;
3008 vhtcaps = (void *) params->vhtcaps;
3009 vhtcaps_mask = (void *) params->vhtcaps_mask;
3011 if (!vhtcaps || !vhtcaps_mask)
3014 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3015 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3017 #ifdef CONFIG_HT_OVERRIDES
3018 /* if max ampdu is <= 3, we have to make the HT cap the same */
3019 if (ssid->vht_capa_mask & max_ampdu_mask) {
3020 max_ampdu = (ssid->vht_capa & max_ampdu_mask) >>
3021 find_first_bit(max_ampdu_mask);
3023 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3024 wpa_set_ampdu_factor(wpa_s,
3025 (void *) params->htcaps,
3026 (void *) params->htcaps_mask,
3029 #endif /* CONFIG_HT_OVERRIDES */
3031 #define OVERRIDE_MCS(i) \
3032 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3033 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3035 vhtcaps->vht_supported_mcs_set.tx_map |= \
3036 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3038 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3039 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3041 vhtcaps->vht_supported_mcs_set.rx_map |= \
3042 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3054 #endif /* CONFIG_VHT_OVERRIDES */
3057 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3062 if (!wpa_s->conf->pcsc_reader)
3065 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3069 if (wpa_s->conf->pcsc_pin &&
3070 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3071 scard_deinit(wpa_s->scard);
3072 wpa_s->scard = NULL;
3073 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3077 len = sizeof(wpa_s->imsi) - 1;
3078 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3079 scard_deinit(wpa_s->scard);
3080 wpa_s->scard = NULL;
3081 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3084 wpa_s->imsi[len] = '\0';
3086 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3088 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3089 wpa_s->imsi, wpa_s->mnc_len);
3091 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3092 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3093 #endif /* PCSC_FUNCS */
3099 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3103 ext_password_deinit(wpa_s->ext_pw);
3104 wpa_s->ext_pw = NULL;
3105 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3107 if (!wpa_s->conf->ext_password_backend)
3110 val = os_strdup(wpa_s->conf->ext_password_backend);
3113 pos = os_strchr(val, ':');
3117 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3119 wpa_s->ext_pw = ext_password_init(val, pos);
3121 if (wpa_s->ext_pw == NULL) {
3122 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3125 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3131 static int wpas_check_wowlan_trigger(const char *start, const char *trigger,
3132 int capa_trigger, u8 *param_trigger)
3134 if (os_strcmp(start, trigger) != 0)
3144 int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3145 struct wpa_driver_capa *capa)
3147 struct wowlan_triggers triggers;
3148 char *start, *end, *buf;
3151 if (!wpa_s->conf->wowlan_triggers)
3154 buf = os_strdup(wpa_s->conf->wowlan_triggers);
3158 os_memset(&triggers, 0, sizeof(triggers));
3160 #define CHECK_TRIGGER(trigger) \
3161 wpas_check_wowlan_trigger(start, #trigger, \
3162 capa->wowlan_triggers.trigger, \
3166 while (*start != '\0') {
3167 while (isblank(*start))
3172 while (!isblank(*end) && *end != '\0')
3174 last = *end == '\0';
3177 if (!CHECK_TRIGGER(any) &&
3178 !CHECK_TRIGGER(disconnect) &&
3179 !CHECK_TRIGGER(magic_pkt) &&
3180 !CHECK_TRIGGER(gtk_rekey_failure) &&
3181 !CHECK_TRIGGER(eap_identity_req) &&
3182 !CHECK_TRIGGER(four_way_handshake) &&
3183 !CHECK_TRIGGER(rfkill_release)) {
3184 wpa_printf(MSG_DEBUG,
3185 "Unknown/unsupported wowlan trigger '%s'",
3195 #undef CHECK_TRIGGER
3197 ret = wpa_drv_wowlan(wpa_s, &triggers);
3204 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3207 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3208 struct wpa_radio *radio;
3210 while (rn && iface) {
3211 radio = iface->radio;
3212 if (radio && os_strcmp(rn, radio->name) == 0) {
3213 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3215 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3219 iface = iface->next;
3222 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3223 wpa_s->ifname, rn ? rn : "N/A");
3224 radio = os_zalloc(sizeof(*radio));
3229 os_strlcpy(radio->name, rn, sizeof(radio->name));
3230 dl_list_init(&radio->ifaces);
3231 dl_list_init(&radio->work);
3232 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3238 static void radio_work_free(struct wpa_radio_work *work)
3240 if (work->wpa_s->scan_work == work) {
3241 /* This should not really happen. */
3242 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3243 work->type, work, work->started);
3244 work->wpa_s->scan_work = NULL;
3248 if (work->wpa_s->p2p_scan_work == work) {
3249 /* This should not really happen. */
3250 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3251 work->type, work, work->started);
3252 work->wpa_s->p2p_scan_work = NULL;
3254 #endif /* CONFIG_P2P */
3256 dl_list_del(&work->list);
3261 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3263 struct wpa_radio *radio = eloop_ctx;
3264 struct wpa_radio_work *work;
3265 struct os_reltime now, diff;
3266 struct wpa_supplicant *wpa_s;
3268 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3273 return; /* already started and still in progress */
3275 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3277 if (wpa_s && wpa_s->external_scan_running) {
3278 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3282 os_get_reltime(&now);
3283 os_reltime_sub(&now, &work->time, &diff);
3284 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3285 work->type, work, diff.sec, diff.usec);
3293 * This function removes both started and pending radio works running on
3294 * the provided interface's radio.
3295 * Prior to the removal of the radio work, its callback (cb) is called with
3296 * deinit set to be 1. Each work's callback is responsible for clearing its
3297 * internal data and restoring to a correct state.
3298 * @wpa_s: wpa_supplicant data
3299 * @type: type of works to be removed
3300 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3301 * this interface's works.
3303 void radio_remove_works(struct wpa_supplicant *wpa_s,
3304 const char *type, int remove_all)
3306 struct wpa_radio_work *work, *tmp;
3307 struct wpa_radio *radio = wpa_s->radio;
3309 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3311 if (type && os_strcmp(type, work->type) != 0)
3314 /* skip other ifaces' works */
3315 if (!remove_all && work->wpa_s != wpa_s)
3318 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3319 work->type, work, work->started ? " (started)" : "");
3321 radio_work_free(work);
3324 /* in case we removed the started work */
3325 radio_work_check_next(wpa_s);
3329 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3331 struct wpa_radio *radio = wpa_s->radio;
3336 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3337 wpa_s->ifname, radio->name);
3338 dl_list_del(&wpa_s->radio_list);
3339 radio_remove_works(wpa_s, NULL, 0);
3340 wpa_s->radio = NULL;
3341 if (!dl_list_empty(&radio->ifaces))
3342 return; /* Interfaces remain for this radio */
3344 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3345 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3350 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3352 struct wpa_radio *radio = wpa_s->radio;
3354 if (dl_list_empty(&radio->work))
3356 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3357 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3362 * radio_add_work - Add a radio work item
3363 * @wpa_s: Pointer to wpa_supplicant data
3364 * @freq: Frequency of the offchannel operation in MHz or 0
3365 * @type: Unique identifier for each type of work
3366 * @next: Force as the next work to be executed
3367 * @cb: Callback function for indicating when radio is available
3368 * @ctx: Context pointer for the work (work->ctx in cb())
3369 * Returns: 0 on success, -1 on failure
3371 * This function is used to request time for an operation that requires
3372 * exclusive radio control. Once the radio is available, the registered callback
3373 * function will be called. radio_work_done() must be called once the exclusive
3374 * radio operation has been completed, so that the radio is freed for other
3375 * operations. The special case of deinit=1 is used to free the context data
3376 * during interface removal. That does not allow the callback function to start
3377 * the radio operation, i.e., it must free any resources allocated for the radio
3380 * The @freq parameter can be used to indicate a single channel on which the
3381 * offchannel operation will occur. This may allow multiple radio work
3382 * operations to be performed in parallel if they apply for the same channel.
3383 * Setting this to 0 indicates that the work item may use multiple channels or
3384 * requires exclusive control of the radio.
3386 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3387 const char *type, int next,
3388 void (*cb)(struct wpa_radio_work *work, int deinit),
3391 struct wpa_radio_work *work;
3394 work = os_zalloc(sizeof(*work));
3397 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3398 os_get_reltime(&work->time);
3401 work->wpa_s = wpa_s;
3405 was_empty = dl_list_empty(&wpa_s->radio->work);
3407 dl_list_add(&wpa_s->radio->work, &work->list);
3409 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3411 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3412 radio_work_check_next(wpa_s);
3420 * radio_work_done - Indicate that a radio work item has been completed
3421 * @work: Completed work
3423 * This function is called once the callback function registered with
3424 * radio_add_work() has completed its work.
3426 void radio_work_done(struct wpa_radio_work *work)
3428 struct wpa_supplicant *wpa_s = work->wpa_s;
3429 struct os_reltime now, diff;
3430 unsigned int started = work->started;
3432 os_get_reltime(&now);
3433 os_reltime_sub(&now, &work->time, &diff);
3434 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3435 work->type, work, started ? "done" : "canceled",
3436 diff.sec, diff.usec);
3437 radio_work_free(work);
3439 radio_work_check_next(wpa_s);
3443 int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3445 struct wpa_radio_work *work;
3446 struct wpa_radio *radio = wpa_s->radio;
3448 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3449 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3457 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3458 struct wpa_interface *iface)
3460 const char *ifname, *driver, *rn;
3462 driver = iface->driver;
3464 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3467 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3468 if (wpa_s->drv_priv == NULL) {
3470 pos = driver ? os_strchr(driver, ',') : NULL;
3472 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3473 "driver interface - try next driver wrapper");
3477 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3481 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3482 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3483 "driver_param '%s'", wpa_s->conf->driver_param);
3487 ifname = wpa_drv_get_ifname(wpa_s);
3488 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3489 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3490 "interface name with '%s'", ifname);
3491 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3494 rn = wpa_driver_get_radio_name(wpa_s);
3495 if (rn && rn[0] == '\0')
3498 wpa_s->radio = radio_add_interface(wpa_s, rn);
3499 if (wpa_s->radio == NULL)
3506 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3507 struct wpa_interface *iface)
3509 struct wpa_driver_capa capa;
3511 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3512 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3513 iface->confname ? iface->confname : "N/A",
3514 iface->driver ? iface->driver : "default",
3515 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3516 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3518 if (iface->confname) {
3519 #ifdef CONFIG_BACKEND_FILE
3520 wpa_s->confname = os_rel2abs_path(iface->confname);
3521 if (wpa_s->confname == NULL) {
3522 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3523 "for configuration file '%s'.",
3527 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3528 iface->confname, wpa_s->confname);
3529 #else /* CONFIG_BACKEND_FILE */
3530 wpa_s->confname = os_strdup(iface->confname);
3531 #endif /* CONFIG_BACKEND_FILE */
3532 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3533 if (wpa_s->conf == NULL) {
3534 wpa_printf(MSG_ERROR, "Failed to read or parse "
3535 "configuration '%s'.", wpa_s->confname);
3538 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3539 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3542 wpa_s->conf_p2p_dev = os_rel2abs_path(iface->conf_p2p_dev);
3543 wpa_config_read(wpa_s->conf_p2p_dev, wpa_s->conf);
3544 #endif /* CONFIG_P2P */
3547 * Override ctrl_interface and driver_param if set on command
3550 if (iface->ctrl_interface) {
3551 os_free(wpa_s->conf->ctrl_interface);
3552 wpa_s->conf->ctrl_interface =
3553 os_strdup(iface->ctrl_interface);
3556 if (iface->driver_param) {
3557 os_free(wpa_s->conf->driver_param);
3558 wpa_s->conf->driver_param =
3559 os_strdup(iface->driver_param);
3562 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3563 os_free(wpa_s->conf->ctrl_interface);
3564 wpa_s->conf->ctrl_interface = NULL;
3567 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3568 iface->driver_param);
3570 if (wpa_s->conf == NULL) {
3571 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3575 if (iface->ifname == NULL) {
3576 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3579 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3580 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3584 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3586 if (iface->bridge_ifname) {
3587 if (os_strlen(iface->bridge_ifname) >=
3588 sizeof(wpa_s->bridge_ifname)) {
3589 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3590 "name '%s'.", iface->bridge_ifname);
3593 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3594 sizeof(wpa_s->bridge_ifname));
3597 /* RSNA Supplicant Key Management - INITIALIZE */
3598 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3599 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3601 /* Initialize driver interface and register driver event handler before
3602 * L2 receive handler so that association events are processed before
3603 * EAPOL-Key packets if both become available for the same select()
3605 if (wpas_init_driver(wpa_s, iface) < 0)
3608 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3611 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3612 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3614 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3616 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3617 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3618 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3619 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3620 "dot11RSNAConfigPMKLifetime");
3624 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3625 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3626 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3627 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3628 "dot11RSNAConfigPMKReauthThreshold");
3632 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3633 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3634 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3635 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3636 "dot11RSNAConfigSATimeout");
3640 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3641 &wpa_s->hw.num_modes,
3644 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3645 wpa_s->drv_capa_known = 1;
3646 wpa_s->drv_flags = capa.flags;
3647 wpa_s->drv_enc = capa.enc;
3648 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3649 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3650 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3651 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3652 wpa_s->max_match_sets = capa.max_match_sets;
3653 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3654 wpa_s->max_stations = capa.max_stations;
3655 wpa_s->extended_capa = capa.extended_capa;
3656 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3657 wpa_s->extended_capa_len = capa.extended_capa_len;
3658 wpa_s->num_multichan_concurrent =
3659 capa.num_multichan_concurrent;
3661 if (wpa_s->max_remain_on_chan == 0)
3662 wpa_s->max_remain_on_chan = 1000;
3665 * Only take p2p_mgmt parameters when P2P Device is supported.
3666 * Doing it here as it determines whether l2_packet_init() will be done
3667 * during wpa_supplicant_driver_init().
3669 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3670 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3672 iface->p2p_mgmt = 1;
3674 if (wpa_s->num_multichan_concurrent == 0)
3675 wpa_s->num_multichan_concurrent = 1;
3677 if (wpa_supplicant_driver_init(wpa_s) < 0)
3681 if ((!iface->p2p_mgmt ||
3682 !(wpa_s->drv_flags &
3683 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3684 wpa_tdls_init(wpa_s->wpa))
3686 #endif /* CONFIG_TDLS */
3688 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3689 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3690 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3694 if (wpas_wps_init(wpa_s))
3697 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3699 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3701 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3702 if (wpa_s->ctrl_iface == NULL) {
3703 wpa_printf(MSG_ERROR,
3704 "Failed to initialize control interface '%s'.\n"
3705 "You may have another wpa_supplicant process "
3706 "already running or the file was\n"
3707 "left by an unclean termination of wpa_supplicant "
3708 "in which case you will need\n"
3709 "to manually remove this file before starting "
3710 "wpa_supplicant again.\n",
3711 wpa_s->conf->ctrl_interface);
3715 wpa_s->gas = gas_query_init(wpa_s);
3716 if (wpa_s->gas == NULL) {
3717 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3722 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3723 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3726 #endif /* CONFIG_P2P */
3728 if (wpa_bss_init(wpa_s) < 0)
3732 * Set Wake-on-WLAN triggers, if configured.
3733 * Note: We don't restore/remove the triggers on shutdown (it doesn't
3734 * have effect anyway when the interface is down).
3736 if (wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
3739 #ifdef CONFIG_EAP_PROXY
3742 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3744 if (wpa_s->mnc_len > 0) {
3745 wpa_s->imsi[len] = '\0';
3746 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3747 wpa_s->imsi, wpa_s->mnc_len);
3749 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3752 #endif /* CONFIG_EAP_PROXY */
3754 if (pcsc_reader_init(wpa_s) < 0)
3757 if (wpas_init_ext_pw(wpa_s) < 0)
3764 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3765 int notify, int terminate)
3767 wpa_s->disconnected = 1;
3768 if (wpa_s->drv_priv) {
3769 wpa_supplicant_deauthenticate(wpa_s,
3770 WLAN_REASON_DEAUTH_LEAVING);
3772 wpa_drv_set_countermeasures(wpa_s, 0);
3773 wpa_clear_keys(wpa_s, NULL);
3776 wpa_supplicant_cleanup(wpa_s);
3779 if (wpa_s == wpa_s->parent)
3780 wpas_p2p_group_remove(wpa_s, "*");
3781 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3782 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3783 "the management interface is being removed");
3784 wpas_p2p_deinit_global(wpa_s->global);
3786 #endif /* CONFIG_P2P */
3788 wpas_ctrl_radio_work_flush(wpa_s);
3789 radio_remove_interface(wpa_s);
3791 if (wpa_s->drv_priv)
3792 wpa_drv_deinit(wpa_s);
3795 wpas_notify_iface_removed(wpa_s);
3798 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3800 if (wpa_s->ctrl_iface) {
3801 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3802 wpa_s->ctrl_iface = NULL;
3805 if (wpa_s->conf != NULL) {
3806 wpa_config_free(wpa_s->conf);
3815 * wpa_supplicant_add_iface - Add a new network interface
3816 * @global: Pointer to global data from wpa_supplicant_init()
3817 * @iface: Interface configuration options
3818 * Returns: Pointer to the created interface or %NULL on failure
3820 * This function is used to add new network interfaces for %wpa_supplicant.
3821 * This can be called before wpa_supplicant_run() to add interfaces before the
3822 * main event loop has been started. In addition, new interfaces can be added
3823 * dynamically while %wpa_supplicant is already running. This could happen,
3824 * e.g., when a hotplug network adapter is inserted.
3826 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3827 struct wpa_interface *iface)
3829 struct wpa_supplicant *wpa_s;
3830 struct wpa_interface t_iface;
3831 struct wpa_ssid *ssid;
3833 if (global == NULL || iface == NULL)
3836 wpa_s = wpa_supplicant_alloc();
3840 wpa_s->global = global;
3843 if (global->params.override_driver) {
3844 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3846 iface->driver, global->params.override_driver);
3847 t_iface.driver = global->params.override_driver;
3849 if (global->params.override_ctrl_interface) {
3850 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3851 "ctrl_interface ('%s' -> '%s')",
3852 iface->ctrl_interface,
3853 global->params.override_ctrl_interface);
3854 t_iface.ctrl_interface =
3855 global->params.override_ctrl_interface;
3857 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3858 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3860 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3864 /* Notify the control interfaces about new iface */
3865 if (wpas_notify_iface_added(wpa_s)) {
3866 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3870 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3871 wpas_notify_network_added(wpa_s, ssid);
3873 wpa_s->next = global->ifaces;
3874 global->ifaces = wpa_s;
3876 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3877 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3884 * wpa_supplicant_remove_iface - Remove a network interface
3885 * @global: Pointer to global data from wpa_supplicant_init()
3886 * @wpa_s: Pointer to the network interface to be removed
3887 * Returns: 0 if interface was removed, -1 if interface was not found
3889 * This function can be used to dynamically remove network interfaces from
3890 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3891 * addition, this function is used to remove all remaining interfaces when
3892 * %wpa_supplicant is terminated.
3894 int wpa_supplicant_remove_iface(struct wpa_global *global,
3895 struct wpa_supplicant *wpa_s,
3898 struct wpa_supplicant *prev;
3900 /* Remove interface from the global list of interfaces */
3901 prev = global->ifaces;
3902 if (prev == wpa_s) {
3903 global->ifaces = wpa_s->next;
3905 while (prev && prev->next != wpa_s)
3909 prev->next = wpa_s->next;
3912 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3914 if (global->p2p_group_formation == wpa_s)
3915 global->p2p_group_formation = NULL;
3916 if (global->p2p_invite_group == wpa_s)
3917 global->p2p_invite_group = NULL;
3918 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3925 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3926 * @wpa_s: Pointer to the network interface
3927 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3929 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3931 const char *eapol_method;
3933 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3934 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3938 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3939 if (eapol_method == NULL)
3940 return "UNKNOWN-EAP";
3942 return eapol_method;
3947 * wpa_supplicant_get_iface - Get a new network interface
3948 * @global: Pointer to global data from wpa_supplicant_init()
3949 * @ifname: Interface name
3950 * Returns: Pointer to the interface or %NULL if not found
3952 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3955 struct wpa_supplicant *wpa_s;
3957 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3958 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3965 #ifndef CONFIG_NO_WPA_MSG
3966 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3968 struct wpa_supplicant *wpa_s = ctx;
3971 return wpa_s->ifname;
3973 #endif /* CONFIG_NO_WPA_MSG */
3977 * wpa_supplicant_init - Initialize %wpa_supplicant
3978 * @params: Parameters for %wpa_supplicant
3979 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3981 * This function is used to initialize %wpa_supplicant. After successful
3982 * initialization, the returned data pointer can be used to add and remove
3983 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3985 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3987 struct wpa_global *global;
3993 #ifdef CONFIG_DRIVER_NDIS
3995 void driver_ndis_init_ops(void);
3996 driver_ndis_init_ops();
3998 #endif /* CONFIG_DRIVER_NDIS */
4000 #ifndef CONFIG_NO_WPA_MSG
4001 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4002 #endif /* CONFIG_NO_WPA_MSG */
4004 wpa_debug_open_file(params->wpa_debug_file_path);
4005 if (params->wpa_debug_syslog)
4006 wpa_debug_open_syslog();
4007 if (params->wpa_debug_tracing) {
4008 ret = wpa_debug_open_linux_tracing();
4010 wpa_printf(MSG_ERROR,
4011 "Failed to enable trace logging");
4016 ret = eap_register_methods();
4018 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4020 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4021 "the same EAP type.");
4025 global = os_zalloc(sizeof(*global));
4028 dl_list_init(&global->p2p_srv_bonjour);
4029 dl_list_init(&global->p2p_srv_upnp);
4030 global->params.daemonize = params->daemonize;
4031 global->params.wait_for_monitor = params->wait_for_monitor;
4032 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4033 if (params->pid_file)
4034 global->params.pid_file = os_strdup(params->pid_file);
4035 if (params->ctrl_interface)
4036 global->params.ctrl_interface =
4037 os_strdup(params->ctrl_interface);
4038 if (params->ctrl_interface_group)
4039 global->params.ctrl_interface_group =
4040 os_strdup(params->ctrl_interface_group);
4041 if (params->override_driver)
4042 global->params.override_driver =
4043 os_strdup(params->override_driver);
4044 if (params->override_ctrl_interface)
4045 global->params.override_ctrl_interface =
4046 os_strdup(params->override_ctrl_interface);
4047 wpa_debug_level = global->params.wpa_debug_level =
4048 params->wpa_debug_level;
4049 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4050 params->wpa_debug_show_keys;
4051 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4052 params->wpa_debug_timestamp;
4054 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4057 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4058 wpa_supplicant_deinit(global);
4062 random_init(params->entropy_file);
4064 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4065 if (global->ctrl_iface == NULL) {
4066 wpa_supplicant_deinit(global);
4070 if (wpas_notify_supplicant_initialized(global)) {
4071 wpa_supplicant_deinit(global);
4075 for (i = 0; wpa_drivers[i]; i++)
4076 global->drv_count++;
4077 if (global->drv_count == 0) {
4078 wpa_printf(MSG_ERROR, "No drivers enabled");
4079 wpa_supplicant_deinit(global);
4082 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
4083 if (global->drv_priv == NULL) {
4084 wpa_supplicant_deinit(global);
4088 #ifdef CONFIG_WIFI_DISPLAY
4089 if (wifi_display_init(global) < 0) {
4090 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4091 wpa_supplicant_deinit(global);
4094 #endif /* CONFIG_WIFI_DISPLAY */
4101 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4102 * @global: Pointer to global data from wpa_supplicant_init()
4103 * Returns: 0 after successful event loop run, -1 on failure
4105 * This function starts the main event loop and continues running as long as
4106 * there are any remaining events. In most cases, this function is running as
4107 * long as the %wpa_supplicant process in still in use.
4109 int wpa_supplicant_run(struct wpa_global *global)
4111 struct wpa_supplicant *wpa_s;
4113 if (global->params.daemonize &&
4114 wpa_supplicant_daemon(global->params.pid_file))
4117 if (global->params.wait_for_monitor) {
4118 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4119 if (wpa_s->ctrl_iface)
4120 wpa_supplicant_ctrl_iface_wait(
4124 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4125 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4134 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4135 * @global: Pointer to global data from wpa_supplicant_init()
4137 * This function is called to deinitialize %wpa_supplicant and to free all
4138 * allocated resources. Remaining network interfaces will also be removed.
4140 void wpa_supplicant_deinit(struct wpa_global *global)
4147 #ifdef CONFIG_WIFI_DISPLAY
4148 wifi_display_deinit(global);
4149 #endif /* CONFIG_WIFI_DISPLAY */
4151 while (global->ifaces)
4152 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4154 if (global->ctrl_iface)
4155 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4157 wpas_notify_supplicant_deinitialized(global);
4159 eap_peer_unregister_methods();
4161 eap_server_unregister_methods();
4162 #endif /* CONFIG_AP */
4164 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4165 if (!global->drv_priv[i])
4167 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4169 os_free(global->drv_priv);
4175 if (global->params.pid_file) {
4176 os_daemonize_terminate(global->params.pid_file);
4177 os_free(global->params.pid_file);
4179 os_free(global->params.ctrl_interface);
4180 os_free(global->params.ctrl_interface_group);
4181 os_free(global->params.override_driver);
4182 os_free(global->params.override_ctrl_interface);
4184 os_free(global->p2p_disallow_freq.range);
4185 os_free(global->p2p_go_avoid_freq.range);
4186 os_free(global->add_psk);
4189 wpa_debug_close_syslog();
4190 wpa_debug_close_file();
4191 wpa_debug_close_linux_tracing();
4195 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4197 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4198 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4200 country[0] = wpa_s->conf->country[0];
4201 country[1] = wpa_s->conf->country[1];
4203 if (wpa_drv_set_country(wpa_s, country) < 0) {
4204 wpa_printf(MSG_ERROR, "Failed to set country code "
4209 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4210 wpas_init_ext_pw(wpa_s);
4213 wpas_wps_update_config(wpa_s);
4214 #endif /* CONFIG_WPS */
4217 wpas_p2p_update_config(wpa_s);
4218 #endif /* CONFIG_P2P */
4220 wpa_s->conf->changed_parameters = 0;
4224 static void add_freq(int *freqs, int *num_freqs, int freq)
4228 for (i = 0; i < *num_freqs; i++) {
4229 if (freqs[i] == freq)
4233 freqs[*num_freqs] = freq;
4238 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4240 struct wpa_bss *bss, *cbss;
4241 const int max_freqs = 10;
4245 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4249 cbss = wpa_s->current_bss;
4251 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4254 if (bss->ssid_len == cbss->ssid_len &&
4255 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4256 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4257 add_freq(freqs, &num_freqs, bss->freq);
4258 if (num_freqs == max_freqs)
4263 if (num_freqs == 0) {
4272 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4278 wpas_connect_work_done(wpa_s);
4281 * Remove possible authentication timeout since the connection failed.
4283 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4285 if (wpa_s->disconnected) {
4287 * There is no point in blacklisting the AP if this event is
4288 * generated based on local request to disconnect.
4290 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4291 "indication since interface has been put into "
4292 "disconnected state");
4297 * Add the failed BSSID into the blacklist and speed up next scan
4298 * attempt if there could be other APs that could accept association.
4299 * The current blacklist count indicates how many times we have tried
4300 * connecting to this AP and multiple attempts mean that other APs are
4301 * either not available or has already been tried, so that we can start
4302 * increasing the delay here to avoid constant scanning.
4304 count = wpa_blacklist_add(wpa_s, bssid);
4305 if (count == 1 && wpa_s->current_bss) {
4307 * This BSS was not in the blacklist before. If there is
4308 * another BSS available for the same ESS, we should try that
4309 * next. Otherwise, we may as well try this one once more
4310 * before allowing other, likely worse, ESSes to be considered.
4312 freqs = get_bss_freqs_in_ess(wpa_s);
4314 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4315 "has been seen; try it next");
4316 wpa_blacklist_add(wpa_s, bssid);
4318 * On the next scan, go through only the known channels
4319 * used in this ESS based on previous scans to speed up
4320 * common load balancing use case.
4322 os_free(wpa_s->next_scan_freqs);
4323 wpa_s->next_scan_freqs = freqs;
4328 * Add previous failure count in case the temporary blacklist was
4329 * cleared due to no other BSSes being available.
4331 count += wpa_s->extra_blacklist_count;
4333 if (count > 3 && wpa_s->current_ssid) {
4334 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4335 "consider temporary network disabling");
4336 wpas_auth_failed(wpa_s);
4357 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4358 "ms", count, timeout);
4361 * TODO: if more than one possible AP is available in scan results,
4362 * could try the other ones before requesting a new scan.
4364 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4365 1000 * (timeout % 1000));
4369 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4371 return wpa_s->conf->ap_scan == 2 ||
4372 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4376 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4377 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4378 struct wpa_ssid *ssid,
4382 #ifdef IEEE8021X_EAPOL
4383 struct eap_peer_config *eap = &ssid->eap;
4385 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4386 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4387 (const u8 *) value, os_strlen(value));
4389 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4390 case WPA_CTRL_REQ_EAP_IDENTITY:
4391 os_free(eap->identity);
4392 eap->identity = (u8 *) os_strdup(value);
4393 eap->identity_len = os_strlen(value);
4394 eap->pending_req_identity = 0;
4395 if (ssid == wpa_s->current_ssid)
4396 wpa_s->reassociate = 1;
4398 case WPA_CTRL_REQ_EAP_PASSWORD:
4399 os_free(eap->password);
4400 eap->password = (u8 *) os_strdup(value);
4401 eap->password_len = os_strlen(value);
4402 eap->pending_req_password = 0;
4403 if (ssid == wpa_s->current_ssid)
4404 wpa_s->reassociate = 1;
4406 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4407 os_free(eap->new_password);
4408 eap->new_password = (u8 *) os_strdup(value);
4409 eap->new_password_len = os_strlen(value);
4410 eap->pending_req_new_password = 0;
4411 if (ssid == wpa_s->current_ssid)
4412 wpa_s->reassociate = 1;
4414 case WPA_CTRL_REQ_EAP_PIN:
4416 eap->pin = os_strdup(value);
4417 eap->pending_req_pin = 0;
4418 if (ssid == wpa_s->current_ssid)
4419 wpa_s->reassociate = 1;
4421 case WPA_CTRL_REQ_EAP_OTP:
4423 eap->otp = (u8 *) os_strdup(value);
4424 eap->otp_len = os_strlen(value);
4425 os_free(eap->pending_req_otp);
4426 eap->pending_req_otp = NULL;
4427 eap->pending_req_otp_len = 0;
4429 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4430 os_free(eap->private_key_passwd);
4431 eap->private_key_passwd = (u8 *) os_strdup(value);
4432 eap->pending_req_passphrase = 0;
4433 if (ssid == wpa_s->current_ssid)
4434 wpa_s->reassociate = 1;
4436 case WPA_CTRL_REQ_SIM:
4437 os_free(eap->external_sim_resp);
4438 eap->external_sim_resp = os_strdup(value);
4441 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4446 #else /* IEEE8021X_EAPOL */
4447 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4449 #endif /* IEEE8021X_EAPOL */
4451 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4454 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4457 unsigned int drv_enc;
4465 if (wpa_s && wpa_s->drv_capa_known)
4466 drv_enc = wpa_s->drv_enc;
4468 drv_enc = (unsigned int) -1;
4470 for (i = 0; i < NUM_WEP_KEYS; i++) {
4471 size_t len = ssid->wep_key_len[i];
4474 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4476 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4478 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4480 return 1; /* invalid WEP key */
4483 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4484 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk)
4491 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4493 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4495 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4501 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4503 struct wpa_ssid *ssid = wpa_s->current_ssid;
4505 struct os_reltime now;
4508 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4513 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4516 ssid->auth_failures++;
4519 if (ssid->p2p_group &&
4520 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4522 * Skip the wait time since there is a short timeout on the
4523 * connection to a P2P group.
4527 #endif /* CONFIG_P2P */
4529 if (ssid->auth_failures > 50)
4531 else if (ssid->auth_failures > 10)
4533 else if (ssid->auth_failures > 5)
4535 else if (ssid->auth_failures > 3)
4537 else if (ssid->auth_failures > 2)
4539 else if (ssid->auth_failures > 1)
4544 if (ssid->auth_failures > 1 &&
4545 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4546 dur += os_random() % (ssid->auth_failures * 10);
4548 os_get_reltime(&now);
4549 if (now.sec + dur <= ssid->disabled_until.sec)
4552 ssid->disabled_until.sec = now.sec + dur;
4554 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4555 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4556 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4557 ssid->auth_failures, dur);
4561 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4562 struct wpa_ssid *ssid, int clear_failures)
4567 if (ssid->disabled_until.sec) {
4568 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4569 "id=%d ssid=\"%s\"",
4570 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4572 ssid->disabled_until.sec = 0;
4573 ssid->disabled_until.usec = 0;
4575 ssid->auth_failures = 0;
4579 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4583 if (wpa_s->disallow_aps_bssid == NULL)
4586 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4587 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4588 bssid, ETH_ALEN) == 0)
4596 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4601 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4604 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4605 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4606 if (ssid_len == s->ssid_len &&
4607 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4616 * wpas_request_connection - Request a new connection
4617 * @wpa_s: Pointer to the network interface
4619 * This function is used to request a new connection to be found. It will mark
4620 * the interface to allow reassociation and request a new scan to find a
4621 * suitable network to connect to.
4623 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4625 wpa_s->normal_scans = 0;
4626 wpa_supplicant_reinit_autoscan(wpa_s);
4627 wpa_s->extra_blacklist_count = 0;
4628 wpa_s->disconnected = 0;
4629 wpa_s->reassociate = 1;
4631 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4632 wpa_supplicant_req_scan(wpa_s, 0, 0);
4636 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4637 int *freq_array, unsigned int len)
4641 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4643 for (i = 0; i < len; i++)
4644 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4649 * Find the operating frequencies of any of the virtual interfaces that
4650 * are using the same radio as the current interface.
4652 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4653 int *freq_array, unsigned int len)
4655 struct wpa_supplicant *ifs;
4658 unsigned int idx = 0, i;
4660 wpa_dbg(wpa_s, MSG_DEBUG,
4661 "Determining shared radio frequencies (max len %u)", len);
4662 os_memset(freq_array, 0, sizeof(int) * len);
4664 /* First add the frequency of the local interface */
4665 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4666 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4667 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4668 freq_array[idx++] = wpa_s->current_ssid->frequency;
4669 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4670 freq_array[idx++] = wpa_s->assoc_freq;
4673 /* If get_radio_name is not supported, use only the local freq */
4674 if (!wpa_driver_get_radio_name(wpa_s)) {
4675 freq = wpa_drv_shared_freq(wpa_s);
4676 if (freq > 0 && idx < len &&
4677 (idx == 0 || freq_array[0] != freq))
4678 freq_array[idx++] = freq;
4679 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4683 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4688 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4691 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4692 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4693 freq = ifs->current_ssid->frequency;
4694 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4695 freq = ifs->assoc_freq;
4699 /* Hold only distinct freqs */
4700 for (i = 0; i < idx; i++)
4701 if (freq_array[i] == freq)
4705 freq_array[idx++] = freq;
4708 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);