3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 extern int wpa_debug_level;
108 extern int wpa_debug_show_keys;
109 extern int wpa_debug_timestamp;
110 extern struct wpa_driver_ops *wpa_drivers[];
112 /* Configure default/group WEP keys for static WEP */
113 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
117 for (i = 0; i < NUM_WEP_KEYS; i++) {
118 if (ssid->wep_key_len[i] == 0)
122 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
123 i, i == ssid->wep_tx_keyidx, NULL, 0,
124 ssid->wep_key[i], ssid->wep_key_len[i]);
131 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
132 struct wpa_ssid *ssid)
139 /* IBSS/WPA-None uses only one key (Group) for both receiving and
140 * sending unicast and multicast packets. */
142 if (ssid->mode != WPAS_MODE_IBSS) {
143 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
144 "IBSS/ad-hoc) for WPA-None", ssid->mode);
148 if (!ssid->psk_set) {
149 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
154 switch (wpa_s->group_cipher) {
155 case WPA_CIPHER_CCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_GCMP:
161 os_memcpy(key, ssid->psk, 16);
165 case WPA_CIPHER_TKIP:
166 /* WPA-None uses the same Michael MIC key for both TX and RX */
167 os_memcpy(key, ssid->psk, 16 + 8);
168 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
174 "WPA-None", wpa_s->group_cipher);
178 /* TODO: should actually remember the previously used seq#, both for TX
179 * and RX from each STA.. */
181 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
185 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
187 struct wpa_supplicant *wpa_s = eloop_ctx;
188 const u8 *bssid = wpa_s->bssid;
189 if (is_zero_ether_addr(bssid))
190 bssid = wpa_s->pending_bssid;
191 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
193 wpa_blacklist_add(wpa_s, bssid);
194 wpa_sm_notify_disassoc(wpa_s->wpa);
195 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
196 wpa_s->reassociate = 1;
199 * If we timed out, the AP or the local radio may be busy.
200 * So, wait a second until scanning again.
202 wpa_supplicant_req_scan(wpa_s, 1, 0);
204 wpas_p2p_continue_after_scan(wpa_s);
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
214 * This function is used to schedule a timeout for the current authentication
217 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
220 if (wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
224 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
239 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
241 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
254 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
256 #ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
260 #ifdef CONFIG_IBSS_RSN
261 if (ssid->mode == WPAS_MODE_IBSS &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
273 #endif /* CONFIG_IBSS_RSN */
275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
296 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
297 eapol_conf.required_keys = 0;
299 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
300 eapol_conf.workaround = ssid->eap_workaround;
301 eapol_conf.eap_disabled =
302 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
305 eapol_conf.external_sim = wpa_s->conf->external_sim;
306 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
307 #endif /* IEEE8021X_EAPOL */
312 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
313 * @wpa_s: Pointer to wpa_supplicant data
314 * @ssid: Configuration data for the network
316 * This function is used to configure WPA state machine and related parameters
317 * to a mode where WPA is not enabled. This is called as part of the
318 * authentication configuration when the selected network does not use WPA.
320 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
321 struct wpa_ssid *ssid)
325 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
326 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
327 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
328 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
330 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
331 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
333 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
334 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
335 wpa_s->group_cipher = WPA_CIPHER_NONE;
336 wpa_s->mgmt_group_cipher = 0;
338 for (i = 0; i < NUM_WEP_KEYS; i++) {
339 if (ssid->wep_key_len[i] > 5) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
341 wpa_s->group_cipher = WPA_CIPHER_WEP104;
343 } else if (ssid->wep_key_len[i] > 0) {
344 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
345 wpa_s->group_cipher = WPA_CIPHER_WEP40;
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
353 wpa_s->pairwise_cipher);
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
355 #ifdef CONFIG_IEEE80211W
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
357 wpa_s->mgmt_group_cipher);
358 #endif /* CONFIG_IEEE80211W */
360 pmksa_cache_clear_current(wpa_s->wpa);
364 void free_hw_features(struct wpa_supplicant *wpa_s)
367 if (wpa_s->hw.modes == NULL)
370 for (i = 0; i < wpa_s->hw.num_modes; i++) {
371 os_free(wpa_s->hw.modes[i].channels);
372 os_free(wpa_s->hw.modes[i].rates);
375 os_free(wpa_s->hw.modes);
376 wpa_s->hw.modes = NULL;
380 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
382 bgscan_deinit(wpa_s);
383 autoscan_deinit(wpa_s);
384 scard_deinit(wpa_s->scard);
386 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
387 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
388 l2_packet_deinit(wpa_s->l2);
391 l2_packet_deinit(wpa_s->l2_br);
395 if (wpa_s->conf != NULL) {
396 struct wpa_ssid *ssid;
397 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
398 wpas_notify_network_removed(wpa_s, ssid);
401 os_free(wpa_s->confname);
402 wpa_s->confname = NULL;
404 os_free(wpa_s->confanother);
405 wpa_s->confanother = NULL;
407 wpa_sm_set_eapol(wpa_s->wpa, NULL);
408 eapol_sm_deinit(wpa_s->eapol);
411 rsn_preauth_deinit(wpa_s->wpa);
414 wpa_tdls_deinit(wpa_s->wpa);
415 #endif /* CONFIG_TDLS */
417 pmksa_candidate_free(wpa_s->wpa);
418 wpa_sm_deinit(wpa_s->wpa);
420 wpa_blacklist_clear(wpa_s);
422 wpa_bss_deinit(wpa_s);
424 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
425 wpa_supplicant_cancel_scan(wpa_s);
426 wpa_supplicant_cancel_auth_timeout(wpa_s);
427 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
428 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
429 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
431 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
433 wpas_wps_deinit(wpa_s);
435 wpabuf_free(wpa_s->pending_eapol_rx);
436 wpa_s->pending_eapol_rx = NULL;
438 #ifdef CONFIG_IBSS_RSN
439 ibss_rsn_deinit(wpa_s->ibss_rsn);
440 wpa_s->ibss_rsn = NULL;
441 #endif /* CONFIG_IBSS_RSN */
446 wpa_supplicant_ap_deinit(wpa_s);
447 #endif /* CONFIG_AP */
450 wpas_p2p_deinit(wpa_s);
451 #endif /* CONFIG_P2P */
453 #ifdef CONFIG_OFFCHANNEL
454 offchannel_deinit(wpa_s);
455 #endif /* CONFIG_OFFCHANNEL */
457 wpa_supplicant_cancel_sched_scan(wpa_s);
459 os_free(wpa_s->next_scan_freqs);
460 wpa_s->next_scan_freqs = NULL;
462 os_free(wpa_s->manual_scan_freqs);
463 wpa_s->manual_scan_freqs = NULL;
465 gas_query_deinit(wpa_s->gas);
468 free_hw_features(wpa_s);
470 os_free(wpa_s->bssid_filter);
471 wpa_s->bssid_filter = NULL;
473 os_free(wpa_s->disallow_aps_bssid);
474 wpa_s->disallow_aps_bssid = NULL;
475 os_free(wpa_s->disallow_aps_ssid);
476 wpa_s->disallow_aps_ssid = NULL;
478 wnm_bss_keep_alive_deinit(wpa_s);
480 wnm_deallocate_memory(wpa_s);
481 #endif /* CONFIG_WNM */
483 ext_password_deinit(wpa_s->ext_pw);
484 wpa_s->ext_pw = NULL;
486 wpabuf_free(wpa_s->last_gas_resp);
488 os_free(wpa_s->last_scan_res);
489 wpa_s->last_scan_res = NULL;
494 * wpa_clear_keys - Clear keys configured for the driver
495 * @wpa_s: Pointer to wpa_supplicant data
496 * @addr: Previously used BSSID or %NULL if not available
498 * This function clears the encryption keys that has been previously configured
501 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
503 if (wpa_s->keys_cleared) {
504 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
505 * timing issues with keys being cleared just before new keys
506 * are set or just after association or something similar. This
507 * shows up in group key handshake failing often because of the
508 * client not receiving the first encrypted packets correctly.
509 * Skipping some of the extra key clearing steps seems to help
510 * in completing group key handshake more reliably. */
511 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
512 "skip key clearing");
516 /* MLME-DELETEKEYS.request */
517 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
518 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
519 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
521 #ifdef CONFIG_IEEE80211W
522 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
523 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
524 #endif /* CONFIG_IEEE80211W */
526 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
528 /* MLME-SETPROTECTION.request(None) */
529 wpa_drv_mlme_setprotection(
531 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
532 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
534 wpa_s->keys_cleared = 1;
539 * wpa_supplicant_state_txt - Get the connection state name as a text string
540 * @state: State (wpa_state; WPA_*)
541 * Returns: The state name as a printable text string
543 const char * wpa_supplicant_state_txt(enum wpa_states state)
546 case WPA_DISCONNECTED:
547 return "DISCONNECTED";
550 case WPA_INTERFACE_DISABLED:
551 return "INTERFACE_DISABLED";
554 case WPA_AUTHENTICATING:
555 return "AUTHENTICATING";
556 case WPA_ASSOCIATING:
557 return "ASSOCIATING";
560 case WPA_4WAY_HANDSHAKE:
561 return "4WAY_HANDSHAKE";
562 case WPA_GROUP_HANDSHAKE:
563 return "GROUP_HANDSHAKE";
574 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
578 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
579 name = wpa_s->current_ssid->bgscan;
581 name = wpa_s->conf->bgscan;
584 if (wpas_driver_bss_selection(wpa_s))
586 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
589 bgscan_deinit(wpa_s);
590 if (wpa_s->current_ssid) {
591 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
592 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
595 * Live without bgscan; it is only used as a roaming
596 * optimization, so the initial connection is not
600 struct wpa_scan_results *scan_res;
601 wpa_s->bgscan_ssid = wpa_s->current_ssid;
602 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
605 bgscan_notify_scan(wpa_s, scan_res);
606 wpa_scan_results_free(scan_res);
610 wpa_s->bgscan_ssid = NULL;
614 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
616 if (wpa_s->bgscan_ssid != NULL) {
617 bgscan_deinit(wpa_s);
618 wpa_s->bgscan_ssid = NULL;
622 #endif /* CONFIG_BGSCAN */
625 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
627 if (autoscan_init(wpa_s, 0))
628 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
632 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
634 autoscan_deinit(wpa_s);
638 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
640 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
641 wpa_s->wpa_state == WPA_SCANNING) {
642 autoscan_deinit(wpa_s);
643 wpa_supplicant_start_autoscan(wpa_s);
649 * wpa_supplicant_set_state - Set current connection state
650 * @wpa_s: Pointer to wpa_supplicant data
651 * @state: The new connection state
653 * This function is called whenever the connection state changes, e.g.,
654 * association is completed for WPA/WPA2 4-Way Handshake is started.
656 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
657 enum wpa_states state)
659 enum wpa_states old_state = wpa_s->wpa_state;
661 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
662 wpa_supplicant_state_txt(wpa_s->wpa_state),
663 wpa_supplicant_state_txt(state));
665 if (state != WPA_SCANNING)
666 wpa_supplicant_notify_scanning(wpa_s, 0);
668 if (state == WPA_COMPLETED && wpa_s->new_connection) {
669 struct wpa_ssid *ssid = wpa_s->current_ssid;
670 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
671 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
672 MACSTR " completed [id=%d id_str=%s]",
673 MAC2STR(wpa_s->bssid),
674 ssid ? ssid->id : -1,
675 ssid && ssid->id_str ? ssid->id_str : "");
676 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
677 wpas_clear_temp_disabled(wpa_s, ssid, 1);
678 wpa_s->extra_blacklist_count = 0;
679 wpa_s->new_connection = 0;
680 wpa_drv_set_operstate(wpa_s, 1);
681 #ifndef IEEE8021X_EAPOL
682 wpa_drv_set_supp_port(wpa_s, 1);
683 #endif /* IEEE8021X_EAPOL */
684 wpa_s->after_wps = 0;
685 wpa_s->known_wps_freq = 0;
687 wpas_p2p_completed(wpa_s);
688 #endif /* CONFIG_P2P */
690 sme_sched_obss_scan(wpa_s, 1);
691 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
692 state == WPA_ASSOCIATED) {
693 wpa_s->new_connection = 1;
694 wpa_drv_set_operstate(wpa_s, 0);
695 #ifndef IEEE8021X_EAPOL
696 wpa_drv_set_supp_port(wpa_s, 0);
697 #endif /* IEEE8021X_EAPOL */
698 sme_sched_obss_scan(wpa_s, 0);
700 wpa_s->wpa_state = state;
703 if (state == WPA_COMPLETED)
704 wpa_supplicant_start_bgscan(wpa_s);
705 else if (state < WPA_ASSOCIATED)
706 wpa_supplicant_stop_bgscan(wpa_s);
707 #endif /* CONFIG_BGSCAN */
709 if (state == WPA_AUTHENTICATING)
710 wpa_supplicant_stop_autoscan(wpa_s);
712 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
713 wpa_supplicant_start_autoscan(wpa_s);
715 if (wpa_s->wpa_state != old_state) {
716 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
718 if (wpa_s->wpa_state == WPA_COMPLETED ||
719 old_state == WPA_COMPLETED)
720 wpas_notify_auth_changed(wpa_s);
725 void wpa_supplicant_terminate_proc(struct wpa_global *global)
729 struct wpa_supplicant *wpa_s = global->ifaces;
731 struct wpa_supplicant *next = wpa_s->next;
733 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
734 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
735 wpas_p2p_disconnect(wpa_s);
736 #endif /* CONFIG_P2P */
737 if (wpas_wps_terminate_pending(wpa_s) == 1)
741 #endif /* CONFIG_WPS */
748 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
750 struct wpa_global *global = signal_ctx;
751 wpa_supplicant_terminate_proc(global);
755 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
757 enum wpa_states old_state = wpa_s->wpa_state;
759 wpa_s->pairwise_cipher = 0;
760 wpa_s->group_cipher = 0;
761 wpa_s->mgmt_group_cipher = 0;
763 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
764 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
766 if (wpa_s->wpa_state != old_state)
767 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
772 * wpa_supplicant_reload_configuration - Reload configuration data
773 * @wpa_s: Pointer to wpa_supplicant data
774 * Returns: 0 on success or -1 if configuration parsing failed
776 * This function can be used to request that the configuration data is reloaded
777 * (e.g., after configuration file change). This function is reloading
778 * configuration only for one interface, so this may need to be called multiple
779 * times if %wpa_supplicant is controlling multiple interfaces and all
780 * interfaces need reconfiguration.
782 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
784 struct wpa_config *conf;
788 if (wpa_s->confname == NULL)
790 conf = wpa_config_read(wpa_s->confname, NULL);
792 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
793 "file '%s' - exiting", wpa_s->confname);
796 wpa_config_read(wpa_s->confanother, conf);
798 conf->changed_parameters = (unsigned int) -1;
800 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
801 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
802 os_strcmp(conf->ctrl_interface,
803 wpa_s->conf->ctrl_interface) != 0);
805 if (reconf_ctrl && wpa_s->ctrl_iface) {
806 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
807 wpa_s->ctrl_iface = NULL;
810 eapol_sm_invalidate_cached_session(wpa_s->eapol);
811 if (wpa_s->current_ssid) {
812 wpa_supplicant_deauthenticate(wpa_s,
813 WLAN_REASON_DEAUTH_LEAVING);
817 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
818 * pkcs11_engine_path, pkcs11_module_path.
820 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
822 * Clear forced success to clear EAP state for next
825 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
827 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
828 wpa_sm_set_config(wpa_s->wpa, NULL);
829 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
830 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
831 rsn_preauth_deinit(wpa_s->wpa);
833 old_ap_scan = wpa_s->conf->ap_scan;
834 wpa_config_free(wpa_s->conf);
836 if (old_ap_scan != wpa_s->conf->ap_scan)
837 wpas_notify_ap_scan_changed(wpa_s);
840 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
842 wpa_supplicant_update_config(wpa_s);
844 wpa_supplicant_clear_status(wpa_s);
845 if (wpa_supplicant_enabled_networks(wpa_s)) {
846 wpa_s->reassociate = 1;
847 wpa_supplicant_req_scan(wpa_s, 0, 0);
849 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
854 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
856 struct wpa_global *global = signal_ctx;
857 struct wpa_supplicant *wpa_s;
858 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
859 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
861 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
862 wpa_supplicant_terminate_proc(global);
868 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
871 case WPA_KEY_MGMT_NONE:
872 return KEY_MGMT_NONE;
873 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
874 return KEY_MGMT_802_1X_NO_WPA;
875 case WPA_KEY_MGMT_IEEE8021X:
876 return KEY_MGMT_802_1X;
877 case WPA_KEY_MGMT_WPA_NONE:
878 return KEY_MGMT_WPA_NONE;
879 case WPA_KEY_MGMT_FT_IEEE8021X:
880 return KEY_MGMT_FT_802_1X;
881 case WPA_KEY_MGMT_FT_PSK:
882 return KEY_MGMT_FT_PSK;
883 case WPA_KEY_MGMT_IEEE8021X_SHA256:
884 return KEY_MGMT_802_1X_SHA256;
885 case WPA_KEY_MGMT_PSK_SHA256:
886 return KEY_MGMT_PSK_SHA256;
887 case WPA_KEY_MGMT_WPS:
889 case WPA_KEY_MGMT_PSK:
896 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
897 struct wpa_ssid *ssid,
898 struct wpa_ie_data *ie)
900 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
903 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
904 "from association info");
909 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
911 if (!(ie->group_cipher & ssid->group_cipher)) {
912 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
913 "cipher 0x%x (mask 0x%x) - reject",
914 ie->group_cipher, ssid->group_cipher);
917 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
918 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
919 "cipher 0x%x (mask 0x%x) - reject",
920 ie->pairwise_cipher, ssid->pairwise_cipher);
923 if (!(ie->key_mgmt & ssid->key_mgmt)) {
924 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
925 "management 0x%x (mask 0x%x) - reject",
926 ie->key_mgmt, ssid->key_mgmt);
930 #ifdef CONFIG_IEEE80211W
931 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
932 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
933 wpa_s->conf->pmf : ssid->ieee80211w) ==
934 MGMT_FRAME_PROTECTION_REQUIRED) {
935 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
936 "that does not support management frame protection - "
940 #endif /* CONFIG_IEEE80211W */
947 * wpa_supplicant_set_suites - Set authentication and encryption parameters
948 * @wpa_s: Pointer to wpa_supplicant data
949 * @bss: Scan results for the selected BSS, or %NULL if not available
950 * @ssid: Configuration data for the selected network
951 * @wpa_ie: Buffer for the WPA/RSN IE
952 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
953 * used buffer length in case the functions returns success.
954 * Returns: 0 on success or -1 on failure
956 * This function is used to configure authentication and encryption parameters
957 * based on the network configuration and scan result for the selected BSS (if
960 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
961 struct wpa_bss *bss, struct wpa_ssid *ssid,
962 u8 *wpa_ie, size_t *wpa_ie_len)
964 struct wpa_ie_data ie;
966 const u8 *bss_wpa, *bss_rsn;
969 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
970 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
972 bss_wpa = bss_rsn = NULL;
974 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
975 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
976 (ie.group_cipher & ssid->group_cipher) &&
977 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
978 (ie.key_mgmt & ssid->key_mgmt)) {
979 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
980 proto = WPA_PROTO_RSN;
981 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
982 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
983 (ie.group_cipher & ssid->group_cipher) &&
984 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
985 (ie.key_mgmt & ssid->key_mgmt)) {
986 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
987 proto = WPA_PROTO_WPA;
989 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
992 if (ssid->proto & WPA_PROTO_RSN)
993 proto = WPA_PROTO_RSN;
995 proto = WPA_PROTO_WPA;
996 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
997 os_memset(&ie, 0, sizeof(ie));
998 ie.group_cipher = ssid->group_cipher;
999 ie.pairwise_cipher = ssid->pairwise_cipher;
1000 ie.key_mgmt = ssid->key_mgmt;
1001 #ifdef CONFIG_IEEE80211W
1002 ie.mgmt_group_cipher =
1003 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1004 WPA_CIPHER_AES_128_CMAC : 0;
1005 #endif /* CONFIG_IEEE80211W */
1006 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1007 "based on configuration");
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1013 "pairwise %d key_mgmt %d proto %d",
1014 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1015 #ifdef CONFIG_IEEE80211W
1016 if (ssid->ieee80211w) {
1017 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1018 ie.mgmt_group_cipher);
1020 #endif /* CONFIG_IEEE80211W */
1022 wpa_s->wpa_proto = proto;
1023 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1024 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1025 !!(ssid->proto & WPA_PROTO_RSN));
1027 if (bss || !wpa_s->ap_ies_from_associnfo) {
1028 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1029 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1030 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1031 bss_rsn ? 2 + bss_rsn[1] : 0))
1035 sel = ie.group_cipher & ssid->group_cipher;
1036 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1037 if (wpa_s->group_cipher < 0) {
1038 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1042 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1043 wpa_cipher_txt(wpa_s->group_cipher));
1045 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1046 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1047 if (wpa_s->pairwise_cipher < 0) {
1048 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1052 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1053 wpa_cipher_txt(wpa_s->pairwise_cipher));
1055 sel = ie.key_mgmt & ssid->key_mgmt;
1057 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1058 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1059 #endif /* CONFIG_SAE */
1061 #ifdef CONFIG_IEEE80211R
1062 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1063 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1064 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1065 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1066 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1067 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1068 #endif /* CONFIG_IEEE80211R */
1070 } else if (sel & WPA_KEY_MGMT_SAE) {
1071 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1072 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1073 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1074 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1075 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1076 #endif /* CONFIG_SAE */
1077 #ifdef CONFIG_IEEE80211W
1078 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1079 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1080 wpa_dbg(wpa_s, MSG_DEBUG,
1081 "WPA: using KEY_MGMT 802.1X with SHA256");
1082 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1083 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1084 wpa_dbg(wpa_s, MSG_DEBUG,
1085 "WPA: using KEY_MGMT PSK with SHA256");
1086 #endif /* CONFIG_IEEE80211W */
1087 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1088 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1089 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1090 } else if (sel & WPA_KEY_MGMT_PSK) {
1091 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1092 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1093 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1094 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1095 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1097 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1098 "authenticated key management type");
1102 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1103 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1104 wpa_s->pairwise_cipher);
1105 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1107 #ifdef CONFIG_IEEE80211W
1108 sel = ie.mgmt_group_cipher;
1109 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1110 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1111 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1113 if (sel & WPA_CIPHER_AES_128_CMAC) {
1114 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1115 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1118 wpa_s->mgmt_group_cipher = 0;
1119 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1121 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1122 wpa_s->mgmt_group_cipher);
1123 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1124 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1125 wpa_s->conf->pmf : ssid->ieee80211w));
1126 #endif /* CONFIG_IEEE80211W */
1128 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1129 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1133 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1134 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1135 #ifndef CONFIG_NO_PBKDF2
1136 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1139 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1140 4096, psk, PMK_LEN);
1141 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1143 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1145 #endif /* CONFIG_NO_PBKDF2 */
1146 #ifdef CONFIG_EXT_PASSWORD
1147 if (ssid->ext_psk) {
1148 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1150 char pw_str[64 + 1];
1154 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1155 "found from external storage");
1159 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1160 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1161 "PSK length %d in external storage",
1162 (int) wpabuf_len(pw));
1163 ext_password_free(pw);
1167 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1168 pw_str[wpabuf_len(pw)] = '\0';
1170 #ifndef CONFIG_NO_PBKDF2
1171 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1173 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1174 4096, psk, PMK_LEN);
1175 os_memset(pw_str, 0, sizeof(pw_str));
1176 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1177 "external passphrase)",
1179 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1181 #endif /* CONFIG_NO_PBKDF2 */
1182 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1183 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1184 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1185 "Invalid PSK hex string");
1186 os_memset(pw_str, 0, sizeof(pw_str));
1187 ext_password_free(pw);
1190 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1192 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1194 os_memset(pw_str, 0, sizeof(pw_str));
1195 ext_password_free(pw);
1199 os_memset(pw_str, 0, sizeof(pw_str));
1200 ext_password_free(pw);
1202 #endif /* CONFIG_EXT_PASSWORD */
1204 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1210 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1215 case 0: /* Bits 0-7 */
1217 case 1: /* Bits 8-15 */
1219 case 2: /* Bits 16-23 */
1221 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1222 *pos |= 0x08; /* Bit 19 - BSS Transition */
1223 #endif /* CONFIG_WNM */
1225 case 3: /* Bits 24-31 */
1227 *pos |= 0x02; /* Bit 25 - SSID List */
1228 #endif /* CONFIG_WNM */
1229 #ifdef CONFIG_INTERWORKING
1230 if (wpa_s->conf->interworking)
1231 *pos |= 0x80; /* Bit 31 - Interworking */
1232 #endif /* CONFIG_INTERWORKING */
1234 case 4: /* Bits 32-39 */
1235 #ifdef CONFIG_INTERWORKING
1236 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1237 *pos |= 0x01; /* Bit 32 - QoS Map */
1238 #endif /* CONFIG_INTERWORKING */
1240 case 5: /* Bits 40-47 */
1242 case 6: /* Bits 48-55 */
1248 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1253 if (len < wpa_s->extended_capa_len)
1254 len = wpa_s->extended_capa_len;
1256 *pos++ = WLAN_EID_EXT_CAPAB;
1258 for (i = 0; i < len; i++, pos++) {
1259 wpas_ext_capab_byte(wpa_s, pos, i);
1261 if (i < wpa_s->extended_capa_len) {
1262 *pos &= ~wpa_s->extended_capa_mask[i];
1263 *pos |= wpa_s->extended_capa[i];
1267 while (len > 0 && buf[1 + len] == 0) {
1279 * wpa_supplicant_associate - Request association
1280 * @wpa_s: Pointer to wpa_supplicant data
1281 * @bss: Scan results for the selected BSS, or %NULL if not available
1282 * @ssid: Configuration data for the selected network
1284 * This function is used to request %wpa_supplicant to associate with a BSS.
1286 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1287 struct wpa_bss *bss, struct wpa_ssid *ssid)
1291 int use_crypt, ret, i, bssid_changed;
1292 int algs = WPA_AUTH_ALG_OPEN;
1293 enum wpa_cipher cipher_pairwise, cipher_group;
1294 struct wpa_driver_associate_params params;
1295 int wep_keys_set = 0;
1296 int assoc_failed = 0;
1297 struct wpa_ssid *old_ssid;
1298 #ifdef CONFIG_HT_OVERRIDES
1299 struct ieee80211_ht_capabilities htcaps;
1300 struct ieee80211_ht_capabilities htcaps_mask;
1301 #endif /* CONFIG_HT_OVERRIDES */
1303 #ifdef CONFIG_IBSS_RSN
1304 ibss_rsn_deinit(wpa_s->ibss_rsn);
1305 wpa_s->ibss_rsn = NULL;
1306 #endif /* CONFIG_IBSS_RSN */
1308 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1309 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1311 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1312 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1316 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1317 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1318 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1319 wpas_p2p_ap_setup_failed(wpa_s);
1322 wpa_s->current_bss = bss;
1323 #else /* CONFIG_AP */
1324 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1326 #endif /* CONFIG_AP */
1332 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1334 #endif /* CONFIG_TDLS */
1336 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1337 ssid->mode == IEEE80211_MODE_INFRA) {
1338 sme_authenticate(wpa_s, bss, ssid);
1342 os_memset(¶ms, 0, sizeof(params));
1343 wpa_s->reassociate = 0;
1344 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1345 #ifdef CONFIG_IEEE80211R
1346 const u8 *ie, *md = NULL;
1347 #endif /* CONFIG_IEEE80211R */
1348 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1349 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1350 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1351 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1352 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1353 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1355 wpas_notify_bssid_changed(wpa_s);
1356 #ifdef CONFIG_IEEE80211R
1357 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1358 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1360 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1362 /* Prepare for the next transition */
1363 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1365 #endif /* CONFIG_IEEE80211R */
1367 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1368 wpa_s->conf->ap_scan == 2 &&
1369 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1370 /* Use ap_scan==1 style network selection to find the network
1372 wpa_s->scan_req = MANUAL_SCAN_REQ;
1373 wpa_s->reassociate = 1;
1374 wpa_supplicant_req_scan(wpa_s, 0, 0);
1376 #endif /* CONFIG_WPS */
1378 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1379 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1380 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1382 wpa_supplicant_cancel_sched_scan(wpa_s);
1383 wpa_supplicant_cancel_scan(wpa_s);
1385 /* Starting new association, so clear the possibly used WPA IE from the
1386 * previous association. */
1387 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1389 #ifdef IEEE8021X_EAPOL
1390 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1392 if (ssid->non_leap == 0)
1393 algs = WPA_AUTH_ALG_LEAP;
1395 algs |= WPA_AUTH_ALG_LEAP;
1398 #endif /* IEEE8021X_EAPOL */
1399 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1400 if (ssid->auth_alg) {
1401 algs = ssid->auth_alg;
1402 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1406 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1407 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1408 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1409 int try_opportunistic;
1410 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1412 ssid->proactive_key_caching) &&
1413 (ssid->proto & WPA_PROTO_RSN);
1414 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1415 ssid, try_opportunistic) == 0)
1416 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1417 wpa_ie_len = sizeof(wpa_ie);
1418 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1419 wpa_ie, &wpa_ie_len)) {
1420 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1421 "key management and encryption suites");
1424 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1425 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1427 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1428 * use non-WPA since the scan results did not indicate that the
1429 * AP is using WPA or WPA2.
1431 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1433 wpa_s->wpa_proto = 0;
1434 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1435 wpa_ie_len = sizeof(wpa_ie);
1436 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1437 wpa_ie, &wpa_ie_len)) {
1438 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1439 "key management and encryption suites (no "
1444 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1445 struct wpabuf *wps_ie;
1446 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1447 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1448 wpa_ie_len = wpabuf_len(wps_ie);
1449 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1452 wpabuf_free(wps_ie);
1453 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1454 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1455 params.wps = WPS_MODE_PRIVACY;
1457 params.wps = WPS_MODE_OPEN;
1458 wpa_s->wpa_proto = 0;
1459 #endif /* CONFIG_WPS */
1461 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1463 wpa_s->wpa_proto = 0;
1467 if (wpa_s->global->p2p) {
1471 pos = wpa_ie + wpa_ie_len;
1472 len = sizeof(wpa_ie) - wpa_ie_len;
1473 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1479 wpa_s->cross_connect_disallowed = 0;
1482 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1484 wpa_s->cross_connect_disallowed =
1485 p2p_get_cross_connect_disallowed(p2p);
1487 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1489 wpa_s->cross_connect_disallowed ?
1490 "disallows" : "allows");
1493 #endif /* CONFIG_P2P */
1496 if (is_hs20_network(wpa_s, ssid, bss)) {
1497 struct wpabuf *hs20;
1498 hs20 = wpabuf_alloc(20);
1500 wpas_hs20_add_indication(hs20);
1501 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1503 wpa_ie_len += wpabuf_len(hs20);
1507 #endif /* CONFIG_HS20 */
1510 * Workaround: Add Extended Capabilities element only if the AP
1511 * included this element in Beacon/Probe Response frames. Some older
1512 * APs seem to have interoperability issues if this element is
1513 * included, so while the standard may require us to include the
1514 * element in all cases, it is justifiable to skip it to avoid
1515 * interoperability issues.
1517 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1520 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1521 if (ext_capab_len > 0) {
1523 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1525 os_memmove(pos + ext_capab_len, pos,
1526 wpa_ie_len - (pos - wpa_ie));
1527 wpa_ie_len += ext_capab_len;
1528 os_memcpy(pos, ext_capab, ext_capab_len);
1532 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1534 cipher_pairwise = wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher);
1535 cipher_group = wpa_cipher_to_suite_driver(wpa_s->group_cipher);
1536 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1537 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1538 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1540 if (wpa_set_wep_keys(wpa_s, ssid)) {
1545 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1548 #ifdef IEEE8021X_EAPOL
1549 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1550 if ((ssid->eapol_flags &
1551 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1552 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1556 /* Assume that dynamic WEP-104 keys will be used and
1557 * set cipher suites in order for drivers to expect
1559 cipher_pairwise = cipher_group = CIPHER_WEP104;
1562 #endif /* IEEE8021X_EAPOL */
1564 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1565 /* Set the key before (and later after) association */
1566 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1569 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1571 params.ssid = bss->ssid;
1572 params.ssid_len = bss->ssid_len;
1573 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1574 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1575 MACSTR " freq=%u MHz based on scan results "
1577 MAC2STR(bss->bssid), bss->freq,
1579 params.bssid = bss->bssid;
1580 params.freq = bss->freq;
1583 params.ssid = ssid->ssid;
1584 params.ssid_len = ssid->ssid_len;
1587 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1588 wpa_s->conf->ap_scan == 2) {
1589 params.bssid = ssid->bssid;
1590 params.fixed_bssid = 1;
1593 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1595 params.freq = ssid->frequency; /* Initial channel for IBSS */
1596 params.wpa_ie = wpa_ie;
1597 params.wpa_ie_len = wpa_ie_len;
1598 params.pairwise_suite = cipher_pairwise;
1599 params.group_suite = cipher_group;
1600 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1601 params.wpa_proto = wpa_s->wpa_proto;
1602 params.auth_alg = algs;
1603 params.mode = ssid->mode;
1604 params.bg_scan_period = ssid->bg_scan_period;
1605 for (i = 0; i < NUM_WEP_KEYS; i++) {
1606 if (ssid->wep_key_len[i])
1607 params.wep_key[i] = ssid->wep_key[i];
1608 params.wep_key_len[i] = ssid->wep_key_len[i];
1610 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1612 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1613 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1614 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1615 params.passphrase = ssid->passphrase;
1617 params.psk = ssid->psk;
1620 params.drop_unencrypted = use_crypt;
1622 #ifdef CONFIG_IEEE80211W
1623 params.mgmt_frame_protection =
1624 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1625 wpa_s->conf->pmf : ssid->ieee80211w;
1626 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1627 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1628 struct wpa_ie_data ie;
1629 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1631 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1632 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1633 "MFP: require MFP");
1634 params.mgmt_frame_protection =
1635 MGMT_FRAME_PROTECTION_REQUIRED;
1638 #endif /* CONFIG_IEEE80211W */
1640 params.p2p = ssid->p2p_group;
1642 if (wpa_s->parent->set_sta_uapsd)
1643 params.uapsd = wpa_s->parent->sta_uapsd;
1647 #ifdef CONFIG_HT_OVERRIDES
1648 os_memset(&htcaps, 0, sizeof(htcaps));
1649 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1650 params.htcaps = (u8 *) &htcaps;
1651 params.htcaps_mask = (u8 *) &htcaps_mask;
1652 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1653 #endif /* CONFIG_HT_OVERRIDES */
1657 * If multi-channel concurrency is not supported, check for any
1658 * frequency conflict. In case of any frequency conflict, remove the
1659 * least prioritized connection.
1661 if (wpa_s->num_multichan_concurrent < 2) {
1662 int freq = wpa_drv_shared_freq(wpa_s);
1663 if (freq > 0 && freq != params.freq) {
1664 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1666 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1672 #endif /* CONFIG_P2P */
1674 ret = wpa_drv_associate(wpa_s, ¶ms);
1676 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1678 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1680 * The driver is known to mean what is saying, so we
1681 * can stop right here; the association will not
1684 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1685 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1686 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1689 /* try to continue anyway; new association will be tried again
1694 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1695 /* Set the key after the association just in case association
1696 * cleared the previously configured key. */
1697 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1698 /* No need to timeout authentication since there is no key
1700 wpa_supplicant_cancel_auth_timeout(wpa_s);
1701 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1702 #ifdef CONFIG_IBSS_RSN
1703 } else if (ssid->mode == WPAS_MODE_IBSS &&
1704 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1705 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1707 * RSN IBSS authentication is per-STA and we can disable the
1708 * per-BSSID authentication.
1710 wpa_supplicant_cancel_auth_timeout(wpa_s);
1711 #endif /* CONFIG_IBSS_RSN */
1713 /* Timeout for IEEE 802.11 authentication and association */
1717 /* give IBSS a bit more time */
1718 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1719 } else if (wpa_s->conf->ap_scan == 1) {
1720 /* give IBSS a bit more time */
1721 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1723 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1727 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1728 /* Set static WEP keys again */
1729 wpa_set_wep_keys(wpa_s, ssid);
1732 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1734 * Do not allow EAP session resumption between different
1735 * network configurations.
1737 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1739 old_ssid = wpa_s->current_ssid;
1740 wpa_s->current_ssid = ssid;
1741 wpa_s->current_bss = bss;
1742 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1743 wpa_supplicant_initiate_eapol(wpa_s);
1744 if (old_ssid != wpa_s->current_ssid)
1745 wpas_notify_network_changed(wpa_s);
1749 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1752 struct wpa_ssid *old_ssid;
1754 wpa_clear_keys(wpa_s, addr);
1755 old_ssid = wpa_s->current_ssid;
1756 wpa_supplicant_mark_disassoc(wpa_s);
1757 wpa_sm_set_config(wpa_s->wpa, NULL);
1758 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1759 if (old_ssid != wpa_s->current_ssid)
1760 wpas_notify_network_changed(wpa_s);
1761 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1766 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1767 * @wpa_s: Pointer to wpa_supplicant data
1768 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1770 * This function is used to request %wpa_supplicant to deauthenticate from the
1773 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1777 union wpa_event_data event;
1780 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1781 " pending_bssid=" MACSTR " reason=%d state=%s",
1782 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1783 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1785 if (!is_zero_ether_addr(wpa_s->bssid))
1786 addr = wpa_s->bssid;
1787 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1788 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1789 wpa_s->wpa_state == WPA_ASSOCIATING))
1790 addr = wpa_s->pending_bssid;
1791 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1793 * When using driver-based BSS selection, we may not know the
1794 * BSSID with which we are currently trying to associate. We
1795 * need to notify the driver of this disconnection even in such
1796 * a case, so use the all zeros address here.
1798 addr = wpa_s->bssid;
1803 wpa_tdls_teardown_peers(wpa_s->wpa);
1804 #endif /* CONFIG_TDLS */
1807 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1808 os_memset(&event, 0, sizeof(event));
1809 event.deauth_info.reason_code = (u16) reason_code;
1810 event.deauth_info.locally_generated = 1;
1811 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1816 wpa_supplicant_clear_connection(wpa_s, addr);
1819 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1820 struct wpa_ssid *ssid)
1822 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1826 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1827 wpas_notify_network_enabled_changed(wpa_s, ssid);
1830 * Try to reassociate since there is no current configuration and a new
1831 * network was made available.
1833 if (!wpa_s->current_ssid && !wpa_s->disconnected)
1834 wpa_s->reassociate = 1;
1839 * wpa_supplicant_enable_network - Mark a configured network as enabled
1840 * @wpa_s: wpa_supplicant structure for a network interface
1841 * @ssid: wpa_ssid structure for a configured network or %NULL
1843 * Enables the specified network or all networks if no network specified.
1845 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1846 struct wpa_ssid *ssid)
1849 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1850 wpa_supplicant_enable_one_network(wpa_s, ssid);
1852 wpa_supplicant_enable_one_network(wpa_s, ssid);
1854 if (wpa_s->reassociate && !wpa_s->disconnected) {
1855 if (wpa_s->sched_scanning) {
1856 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1857 "new network to scan filters");
1858 wpa_supplicant_cancel_sched_scan(wpa_s);
1861 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1862 wpa_supplicant_req_scan(wpa_s, 0, 0);
1868 * wpa_supplicant_disable_network - Mark a configured network as disabled
1869 * @wpa_s: wpa_supplicant structure for a network interface
1870 * @ssid: wpa_ssid structure for a configured network or %NULL
1872 * Disables the specified network or all networks if no network specified.
1874 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1875 struct wpa_ssid *ssid)
1877 struct wpa_ssid *other_ssid;
1881 if (wpa_s->sched_scanning)
1882 wpa_supplicant_cancel_sched_scan(wpa_s);
1884 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1885 other_ssid = other_ssid->next) {
1886 was_disabled = other_ssid->disabled;
1887 if (was_disabled == 2)
1888 continue; /* do not change persistent P2P group
1891 other_ssid->disabled = 1;
1893 if (was_disabled != other_ssid->disabled)
1894 wpas_notify_network_enabled_changed(
1897 if (wpa_s->current_ssid)
1898 wpa_supplicant_deauthenticate(
1899 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1900 } else if (ssid->disabled != 2) {
1901 if (ssid == wpa_s->current_ssid)
1902 wpa_supplicant_deauthenticate(
1903 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1905 was_disabled = ssid->disabled;
1909 if (was_disabled != ssid->disabled) {
1910 wpas_notify_network_enabled_changed(wpa_s, ssid);
1911 if (wpa_s->sched_scanning) {
1912 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
1913 "to remove network from filters");
1914 wpa_supplicant_cancel_sched_scan(wpa_s);
1915 wpa_supplicant_req_scan(wpa_s, 0, 0);
1923 * wpa_supplicant_select_network - Attempt association with a network
1924 * @wpa_s: wpa_supplicant structure for a network interface
1925 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1927 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1928 struct wpa_ssid *ssid)
1931 struct wpa_ssid *other_ssid;
1932 int disconnected = 0;
1934 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
1935 wpa_supplicant_deauthenticate(
1936 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1941 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1944 * Mark all other networks disabled or mark all networks enabled if no
1945 * network specified.
1947 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1948 other_ssid = other_ssid->next) {
1949 int was_disabled = other_ssid->disabled;
1950 if (was_disabled == 2)
1951 continue; /* do not change persistent P2P group data */
1953 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1954 if (was_disabled && !other_ssid->disabled)
1955 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1957 if (was_disabled != other_ssid->disabled)
1958 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1961 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1962 /* We are already associated with the selected network */
1963 wpa_printf(MSG_DEBUG, "Already associated with the "
1964 "selected network - do nothing");
1969 wpa_s->current_ssid = ssid;
1970 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1972 wpa_s->connect_without_scan = NULL;
1973 wpa_s->disconnected = 0;
1974 wpa_s->reassociate = 1;
1976 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1977 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
1980 wpas_notify_network_selected(wpa_s, ssid);
1985 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
1986 * @wpa_s: wpa_supplicant structure for a network interface
1987 * @pkcs11_engine_path: PKCS #11 engine path or NULL
1988 * @pkcs11_module_path: PKCS #11 module path or NULL
1989 * Returns: 0 on success; -1 on failure
1991 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
1992 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
1993 * module path fails the paths will be reset to the default value (NULL).
1995 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
1996 const char *pkcs11_engine_path,
1997 const char *pkcs11_module_path)
1999 char *pkcs11_engine_path_copy = NULL;
2000 char *pkcs11_module_path_copy = NULL;
2002 if (pkcs11_engine_path != NULL) {
2003 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2004 if (pkcs11_engine_path_copy == NULL)
2007 if (pkcs11_module_path != NULL) {
2008 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2009 if (pkcs11_engine_path_copy == NULL) {
2010 os_free(pkcs11_engine_path_copy);
2015 os_free(wpa_s->conf->pkcs11_engine_path);
2016 os_free(wpa_s->conf->pkcs11_module_path);
2017 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2018 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2020 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2021 eapol_sm_deinit(wpa_s->eapol);
2022 wpa_s->eapol = NULL;
2023 if (wpa_supplicant_init_eapol(wpa_s)) {
2024 /* Error -> Reset paths to the default value (NULL) once. */
2025 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2026 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2031 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2038 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2039 * @wpa_s: wpa_supplicant structure for a network interface
2040 * @ap_scan: AP scan mode
2041 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2044 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2049 if (ap_scan < 0 || ap_scan > 2)
2053 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2054 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2055 wpa_s->wpa_state < WPA_COMPLETED) {
2056 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2057 "associating", wpa_s->conf->ap_scan, ap_scan);
2060 #endif /* ANDROID */
2062 old_ap_scan = wpa_s->conf->ap_scan;
2063 wpa_s->conf->ap_scan = ap_scan;
2065 if (old_ap_scan != wpa_s->conf->ap_scan)
2066 wpas_notify_ap_scan_changed(wpa_s);
2073 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2074 * @wpa_s: wpa_supplicant structure for a network interface
2075 * @expire_age: Expiration age in seconds
2076 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2079 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2080 unsigned int bss_expire_age)
2082 if (bss_expire_age < 10) {
2083 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2087 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2089 wpa_s->conf->bss_expiration_age = bss_expire_age;
2096 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2097 * @wpa_s: wpa_supplicant structure for a network interface
2098 * @expire_count: number of scans after which an unseen BSS is reclaimed
2099 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2102 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2103 unsigned int bss_expire_count)
2105 if (bss_expire_count < 1) {
2106 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2110 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2112 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2119 * wpa_supplicant_set_scan_interval - Set scan interval
2120 * @wpa_s: wpa_supplicant structure for a network interface
2121 * @scan_interval: scan interval in seconds
2122 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2125 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2128 if (scan_interval < 0) {
2129 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2133 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2135 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2142 * wpa_supplicant_set_debug_params - Set global debug params
2143 * @global: wpa_global structure
2144 * @debug_level: debug level
2145 * @debug_timestamp: determines if show timestamp in debug data
2146 * @debug_show_keys: determines if show keys in debug data
2147 * Returns: 0 if succeed or -1 if debug_level has wrong value
2149 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2150 int debug_timestamp, int debug_show_keys)
2153 int old_level, old_timestamp, old_show_keys;
2155 /* check for allowed debuglevels */
2156 if (debug_level != MSG_EXCESSIVE &&
2157 debug_level != MSG_MSGDUMP &&
2158 debug_level != MSG_DEBUG &&
2159 debug_level != MSG_INFO &&
2160 debug_level != MSG_WARNING &&
2161 debug_level != MSG_ERROR)
2164 old_level = wpa_debug_level;
2165 old_timestamp = wpa_debug_timestamp;
2166 old_show_keys = wpa_debug_show_keys;
2168 wpa_debug_level = debug_level;
2169 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2170 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2172 if (wpa_debug_level != old_level)
2173 wpas_notify_debug_level_changed(global);
2174 if (wpa_debug_timestamp != old_timestamp)
2175 wpas_notify_debug_timestamp_changed(global);
2176 if (wpa_debug_show_keys != old_show_keys)
2177 wpas_notify_debug_show_keys_changed(global);
2184 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2185 * @wpa_s: Pointer to wpa_supplicant data
2186 * Returns: A pointer to the current network structure or %NULL on failure
2188 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2190 struct wpa_ssid *entry;
2191 u8 ssid[MAX_SSID_LEN];
2197 res = wpa_drv_get_ssid(wpa_s, ssid);
2199 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2205 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2206 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2211 wired = wpa_s->conf->ap_scan == 0 &&
2212 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2214 entry = wpa_s->conf->ssid;
2216 if (!wpas_network_disabled(wpa_s, entry) &&
2217 ((ssid_len == entry->ssid_len &&
2218 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2219 (!entry->bssid_set ||
2220 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2223 if (!wpas_network_disabled(wpa_s, entry) &&
2224 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2225 (entry->ssid == NULL || entry->ssid_len == 0) &&
2226 (!entry->bssid_set ||
2227 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2229 #endif /* CONFIG_WPS */
2231 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2232 entry->ssid_len == 0 &&
2233 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2236 entry = entry->next;
2243 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2245 struct wpa_global *global = wpa_s->global;
2247 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2248 global->drv_priv[i] = wpa_drivers[i]->global_init();
2249 if (global->drv_priv[i] == NULL) {
2250 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2251 "'%s'", wpa_drivers[i]->name);
2256 wpa_s->driver = wpa_drivers[i];
2257 wpa_s->global_drv_priv = global->drv_priv[i];
2263 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2268 const char *pos, *driver = name;
2273 if (wpa_drivers[0] == NULL) {
2274 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2280 /* default to first driver in the list */
2281 return select_driver(wpa_s, 0);
2285 pos = os_strchr(driver, ',');
2289 len = os_strlen(driver);
2291 for (i = 0; wpa_drivers[i]; i++) {
2292 if (os_strlen(wpa_drivers[i]->name) == len &&
2293 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2295 /* First driver that succeeds wins */
2296 if (select_driver(wpa_s, i) == 0)
2304 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2310 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2311 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2312 * with struct wpa_driver_ops::init()
2313 * @src_addr: Source address of the EAPOL frame
2314 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2315 * @len: Length of the EAPOL data
2317 * This function is called for each received EAPOL frame. Most driver
2318 * interfaces rely on more generic OS mechanism for receiving frames through
2319 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2320 * take care of received EAPOL frames and deliver them to the core supplicant
2321 * code by calling this function.
2323 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2324 const u8 *buf, size_t len)
2326 struct wpa_supplicant *wpa_s = ctx;
2328 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2329 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2331 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2332 (wpa_s->last_eapol_matches_bssid &&
2335 #endif /* CONFIG_AP */
2336 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2338 * There is possible race condition between receiving the
2339 * association event and the EAPOL frame since they are coming
2340 * through different paths from the driver. In order to avoid
2341 * issues in trying to process the EAPOL frame before receiving
2342 * association information, lets queue it for processing until
2343 * the association event is received. This may also be needed in
2344 * driver-based roaming case, so also use src_addr != BSSID as a
2345 * trigger if we have previously confirmed that the
2346 * Authenticator uses BSSID as the src_addr (which is not the
2347 * case with wired IEEE 802.1X).
2349 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2350 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2351 wpa_supplicant_state_txt(wpa_s->wpa_state),
2352 MAC2STR(wpa_s->bssid));
2353 wpabuf_free(wpa_s->pending_eapol_rx);
2354 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2355 if (wpa_s->pending_eapol_rx) {
2356 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2357 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2363 wpa_s->last_eapol_matches_bssid =
2364 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2367 if (wpa_s->ap_iface) {
2368 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2371 #endif /* CONFIG_AP */
2373 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2374 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2375 "no key management is configured");
2379 if (wpa_s->eapol_received == 0 &&
2380 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2381 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2382 wpa_s->wpa_state != WPA_COMPLETED) &&
2383 (wpa_s->current_ssid == NULL ||
2384 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2385 /* Timeout for completing IEEE 802.1X and WPA authentication */
2386 wpa_supplicant_req_auth_timeout(
2388 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2389 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2390 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2393 wpa_s->eapol_received++;
2395 if (wpa_s->countermeasures) {
2396 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2401 #ifdef CONFIG_IBSS_RSN
2402 if (wpa_s->current_ssid &&
2403 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2404 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2407 #endif /* CONFIG_IBSS_RSN */
2409 /* Source address of the incoming EAPOL frame could be compared to the
2410 * current BSSID. However, it is possible that a centralized
2411 * Authenticator could be using another MAC address than the BSSID of
2412 * an AP, so just allow any address to be used for now. The replies are
2413 * still sent to the current BSSID (if available), though. */
2415 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2416 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2417 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2419 wpa_drv_poll(wpa_s);
2420 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2421 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2422 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2424 * Set portValid = TRUE here since we are going to skip 4-way
2425 * handshake processing which would normally set portValid. We
2426 * need this to allow the EAPOL state machines to be completed
2427 * without going through EAPOL-Key handshake.
2429 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2434 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2436 if (wpa_s->driver->send_eapol) {
2437 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2439 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2440 } else if ((!wpa_s->p2p_mgmt ||
2441 !(wpa_s->drv_flags &
2442 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2443 !(wpa_s->drv_flags &
2444 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2445 l2_packet_deinit(wpa_s->l2);
2446 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2447 wpa_drv_get_mac_addr(wpa_s),
2449 wpa_supplicant_rx_eapol, wpa_s, 0);
2450 if (wpa_s->l2 == NULL)
2453 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2455 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2458 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2459 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2467 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2468 const u8 *buf, size_t len)
2470 struct wpa_supplicant *wpa_s = ctx;
2471 const struct l2_ethhdr *eth;
2473 if (len < sizeof(*eth))
2475 eth = (const struct l2_ethhdr *) buf;
2477 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2478 !(eth->h_dest[0] & 0x01)) {
2479 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2480 " (bridge - not for this interface - ignore)",
2481 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2485 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2486 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2487 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2488 len - sizeof(*eth));
2493 * wpa_supplicant_driver_init - Initialize driver interface parameters
2494 * @wpa_s: Pointer to wpa_supplicant data
2495 * Returns: 0 on success, -1 on failure
2497 * This function is called to initialize driver interface parameters.
2498 * wpa_drv_init() must have been called before this function to initialize the
2501 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2503 static int interface_count = 0;
2505 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2508 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2509 MAC2STR(wpa_s->own_addr));
2510 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2512 if (wpa_s->bridge_ifname[0]) {
2513 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2514 "interface '%s'", wpa_s->bridge_ifname);
2515 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2518 wpa_supplicant_rx_eapol_bridge,
2520 if (wpa_s->l2_br == NULL) {
2521 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2522 "connection for the bridge interface '%s'",
2523 wpa_s->bridge_ifname);
2528 wpa_clear_keys(wpa_s, NULL);
2530 /* Make sure that TKIP countermeasures are not left enabled (could
2531 * happen if wpa_supplicant is killed during countermeasures. */
2532 wpa_drv_set_countermeasures(wpa_s, 0);
2534 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2535 wpa_drv_flush_pmkid(wpa_s);
2537 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2538 wpa_s->prev_scan_wildcard = 0;
2540 if (wpa_supplicant_enabled_networks(wpa_s)) {
2541 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2543 wpa_supplicant_req_scan(wpa_s, interface_count,
2547 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2553 static int wpa_supplicant_daemon(const char *pid_file)
2555 wpa_printf(MSG_DEBUG, "Daemonize..");
2556 return os_daemonize(pid_file);
2560 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2562 struct wpa_supplicant *wpa_s;
2564 wpa_s = os_zalloc(sizeof(*wpa_s));
2567 wpa_s->scan_req = INITIAL_SCAN_REQ;
2568 wpa_s->scan_interval = 5;
2569 wpa_s->new_connection = 1;
2570 wpa_s->parent = wpa_s;
2571 wpa_s->sched_scanning = 0;
2577 #ifdef CONFIG_HT_OVERRIDES
2579 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2580 struct ieee80211_ht_capabilities *htcaps,
2581 struct ieee80211_ht_capabilities *htcaps_mask,
2584 /* parse ht_mcs into hex array */
2586 const char *tmp = ht_mcs;
2589 /* If ht_mcs is null, do not set anything */
2593 /* This is what we are setting in the kernel */
2594 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2596 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2598 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2600 long v = strtol(tmp, &end, 16);
2602 wpa_msg(wpa_s, MSG_DEBUG,
2603 "htcap value[%i]: %ld end: %p tmp: %p",
2608 htcaps->supported_mcs_set[i] = v;
2611 wpa_msg(wpa_s, MSG_ERROR,
2612 "Failed to parse ht-mcs: %s, error: %s\n",
2613 ht_mcs, strerror(errno));
2619 * If we were able to parse any values, then set mask for the MCS set.
2622 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2623 IEEE80211_HT_MCS_MASK_LEN - 1);
2624 /* skip the 3 reserved bits */
2625 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2633 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2634 struct ieee80211_ht_capabilities *htcaps,
2635 struct ieee80211_ht_capabilities *htcaps_mask,
2640 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2645 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2646 htcaps_mask->ht_capabilities_info |= msk;
2648 htcaps->ht_capabilities_info &= msk;
2650 htcaps->ht_capabilities_info |= msk;
2656 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2657 struct ieee80211_ht_capabilities *htcaps,
2658 struct ieee80211_ht_capabilities *htcaps_mask,
2661 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2666 if (factor < 0 || factor > 3) {
2667 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2668 "Must be 0-3 or -1", factor);
2672 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2673 htcaps->a_mpdu_params &= ~0x3;
2674 htcaps->a_mpdu_params |= factor & 0x3;
2680 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2681 struct ieee80211_ht_capabilities *htcaps,
2682 struct ieee80211_ht_capabilities *htcaps_mask,
2685 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2690 if (density < 0 || density > 7) {
2691 wpa_msg(wpa_s, MSG_ERROR,
2692 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2697 htcaps_mask->a_mpdu_params |= 0x1C;
2698 htcaps->a_mpdu_params &= ~(0x1C);
2699 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2705 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2706 struct ieee80211_ht_capabilities *htcaps,
2707 struct ieee80211_ht_capabilities *htcaps_mask,
2710 /* Masking these out disables HT40 */
2711 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2712 HT_CAP_INFO_SHORT_GI40MHZ);
2714 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2717 htcaps->ht_capabilities_info &= ~msk;
2719 htcaps->ht_capabilities_info |= msk;
2721 htcaps_mask->ht_capabilities_info |= msk;
2727 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2728 struct ieee80211_ht_capabilities *htcaps,
2729 struct ieee80211_ht_capabilities *htcaps_mask,
2732 /* Masking these out disables SGI */
2733 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2734 HT_CAP_INFO_SHORT_GI40MHZ);
2736 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2739 htcaps->ht_capabilities_info &= ~msk;
2741 htcaps->ht_capabilities_info |= msk;
2743 htcaps_mask->ht_capabilities_info |= msk;
2749 void wpa_supplicant_apply_ht_overrides(
2750 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2751 struct wpa_driver_associate_params *params)
2753 struct ieee80211_ht_capabilities *htcaps;
2754 struct ieee80211_ht_capabilities *htcaps_mask;
2759 params->disable_ht = ssid->disable_ht;
2760 if (!params->htcaps || !params->htcaps_mask)
2763 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2764 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2765 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2766 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2767 ssid->disable_max_amsdu);
2768 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2769 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2770 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2771 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2774 #endif /* CONFIG_HT_OVERRIDES */
2777 #ifdef CONFIG_VHT_OVERRIDES
2778 void wpa_supplicant_apply_vht_overrides(
2779 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2780 struct wpa_driver_associate_params *params)
2782 struct ieee80211_vht_capabilities *vhtcaps;
2783 struct ieee80211_vht_capabilities *vhtcaps_mask;
2788 params->disable_vht = ssid->disable_vht;
2790 vhtcaps = (void *) params->vhtcaps;
2791 vhtcaps_mask = (void *) params->vhtcaps_mask;
2793 if (!vhtcaps || !vhtcaps_mask)
2796 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2797 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2799 #define OVERRIDE_MCS(i) \
2800 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2801 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2803 vhtcaps->vht_supported_mcs_set.tx_map |= \
2804 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2806 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2807 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2809 vhtcaps->vht_supported_mcs_set.rx_map |= \
2810 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2822 #endif /* CONFIG_VHT_OVERRIDES */
2825 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2830 if (!wpa_s->conf->pcsc_reader)
2833 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
2837 if (wpa_s->conf->pcsc_pin &&
2838 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2839 scard_deinit(wpa_s->scard);
2840 wpa_s->scard = NULL;
2841 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2845 len = sizeof(wpa_s->imsi) - 1;
2846 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2847 scard_deinit(wpa_s->scard);
2848 wpa_s->scard = NULL;
2849 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2852 wpa_s->imsi[len] = '\0';
2854 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2856 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2857 wpa_s->imsi, wpa_s->mnc_len);
2859 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2860 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2861 #endif /* PCSC_FUNCS */
2867 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2871 ext_password_deinit(wpa_s->ext_pw);
2872 wpa_s->ext_pw = NULL;
2873 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2875 if (!wpa_s->conf->ext_password_backend)
2878 val = os_strdup(wpa_s->conf->ext_password_backend);
2881 pos = os_strchr(val, ':');
2885 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2887 wpa_s->ext_pw = ext_password_init(val, pos);
2889 if (wpa_s->ext_pw == NULL) {
2890 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2893 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2899 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
2902 struct wpa_supplicant *iface = wpa_s->global->ifaces;
2903 struct wpa_radio *radio;
2905 while (rn && iface) {
2906 radio = iface->radio;
2907 if (radio && os_strcmp(rn, radio->name) == 0) {
2908 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
2910 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
2914 iface = iface->next;
2917 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
2918 wpa_s->ifname, rn ? rn : "N/A");
2919 radio = os_zalloc(sizeof(*radio));
2924 os_strlcpy(radio->name, rn, sizeof(radio->name));
2925 dl_list_init(&radio->ifaces);
2926 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
2932 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
2934 struct wpa_radio *radio = wpa_s->radio;
2939 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
2940 wpa_s->ifname, radio->name);
2941 dl_list_del(&wpa_s->radio_list);
2942 wpa_s->radio = NULL;
2944 if (!dl_list_empty(&radio->ifaces))
2945 return; /* Interfaces remain for this radio */
2947 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
2952 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
2953 struct wpa_interface *iface)
2955 const char *ifname, *driver, *rn;
2957 driver = iface->driver;
2959 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2962 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2963 if (wpa_s->drv_priv == NULL) {
2965 pos = driver ? os_strchr(driver, ',') : NULL;
2967 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2968 "driver interface - try next driver wrapper");
2972 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2976 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2977 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2978 "driver_param '%s'", wpa_s->conf->driver_param);
2982 ifname = wpa_drv_get_ifname(wpa_s);
2983 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2984 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2985 "interface name with '%s'", ifname);
2986 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2989 if (wpa_s->driver->get_radio_name)
2990 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
2993 if (rn && rn[0] == '\0')
2996 wpa_s->radio = radio_add_interface(wpa_s, rn);
2997 if (wpa_s->radio == NULL)
3004 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3005 struct wpa_interface *iface)
3007 struct wpa_driver_capa capa;
3009 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3010 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3011 iface->confname ? iface->confname : "N/A",
3012 iface->driver ? iface->driver : "default",
3013 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3014 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3016 if (iface->confname) {
3017 #ifdef CONFIG_BACKEND_FILE
3018 wpa_s->confname = os_rel2abs_path(iface->confname);
3019 if (wpa_s->confname == NULL) {
3020 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3021 "for configuration file '%s'.",
3025 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3026 iface->confname, wpa_s->confname);
3027 #else /* CONFIG_BACKEND_FILE */
3028 wpa_s->confname = os_strdup(iface->confname);
3029 #endif /* CONFIG_BACKEND_FILE */
3030 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3031 if (wpa_s->conf == NULL) {
3032 wpa_printf(MSG_ERROR, "Failed to read or parse "
3033 "configuration '%s'.", wpa_s->confname);
3036 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3037 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3040 * Override ctrl_interface and driver_param if set on command
3043 if (iface->ctrl_interface) {
3044 os_free(wpa_s->conf->ctrl_interface);
3045 wpa_s->conf->ctrl_interface =
3046 os_strdup(iface->ctrl_interface);
3049 if (iface->driver_param) {
3050 os_free(wpa_s->conf->driver_param);
3051 wpa_s->conf->driver_param =
3052 os_strdup(iface->driver_param);
3055 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3056 os_free(wpa_s->conf->ctrl_interface);
3057 wpa_s->conf->ctrl_interface = NULL;
3060 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3061 iface->driver_param);
3063 if (wpa_s->conf == NULL) {
3064 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3068 if (iface->ifname == NULL) {
3069 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3072 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3073 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3077 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3079 if (iface->bridge_ifname) {
3080 if (os_strlen(iface->bridge_ifname) >=
3081 sizeof(wpa_s->bridge_ifname)) {
3082 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3083 "name '%s'.", iface->bridge_ifname);
3086 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3087 sizeof(wpa_s->bridge_ifname));
3090 /* RSNA Supplicant Key Management - INITIALIZE */
3091 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3092 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3094 /* Initialize driver interface and register driver event handler before
3095 * L2 receive handler so that association events are processed before
3096 * EAPOL-Key packets if both become available for the same select()
3098 if (wpas_init_driver(wpa_s, iface) < 0)
3101 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3104 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3105 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3107 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3109 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3110 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3111 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3112 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3113 "dot11RSNAConfigPMKLifetime");
3117 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3118 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3119 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3120 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3121 "dot11RSNAConfigPMKReauthThreshold");
3125 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3126 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3127 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3128 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3129 "dot11RSNAConfigSATimeout");
3133 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3134 &wpa_s->hw.num_modes,
3137 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3138 wpa_s->drv_capa_known = 1;
3139 wpa_s->drv_flags = capa.flags;
3140 wpa_s->drv_enc = capa.enc;
3141 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3142 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3143 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3144 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3145 wpa_s->max_match_sets = capa.max_match_sets;
3146 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3147 wpa_s->max_stations = capa.max_stations;
3148 wpa_s->extended_capa = capa.extended_capa;
3149 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3150 wpa_s->extended_capa_len = capa.extended_capa_len;
3151 wpa_s->num_multichan_concurrent =
3152 capa.num_multichan_concurrent;
3154 if (wpa_s->max_remain_on_chan == 0)
3155 wpa_s->max_remain_on_chan = 1000;
3158 * Only take p2p_mgmt parameters when P2P Device is supported.
3159 * Doing it here as it determines whether l2_packet_init() will be done
3160 * during wpa_supplicant_driver_init().
3162 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3163 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3165 iface->p2p_mgmt = 1;
3167 if (wpa_s->num_multichan_concurrent == 0)
3168 wpa_s->num_multichan_concurrent = 1;
3170 if (wpa_supplicant_driver_init(wpa_s) < 0)
3174 if ((!iface->p2p_mgmt ||
3175 !(wpa_s->drv_flags &
3176 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3177 wpa_tdls_init(wpa_s->wpa))
3179 #endif /* CONFIG_TDLS */
3181 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3182 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3183 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3187 if (wpas_wps_init(wpa_s))
3190 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3192 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3194 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3195 if (wpa_s->ctrl_iface == NULL) {
3196 wpa_printf(MSG_ERROR,
3197 "Failed to initialize control interface '%s'.\n"
3198 "You may have another wpa_supplicant process "
3199 "already running or the file was\n"
3200 "left by an unclean termination of wpa_supplicant "
3201 "in which case you will need\n"
3202 "to manually remove this file before starting "
3203 "wpa_supplicant again.\n",
3204 wpa_s->conf->ctrl_interface);
3208 wpa_s->gas = gas_query_init(wpa_s);
3209 if (wpa_s->gas == NULL) {
3210 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3215 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3216 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3219 #endif /* CONFIG_P2P */
3221 if (wpa_bss_init(wpa_s) < 0)
3224 #ifdef CONFIG_EAP_PROXY
3227 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3229 if (wpa_s->mnc_len > 0) {
3230 wpa_s->imsi[len] = '\0';
3231 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3232 wpa_s->imsi, wpa_s->mnc_len);
3234 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3237 #endif /* CONFIG_EAP_PROXY */
3239 if (pcsc_reader_init(wpa_s) < 0)
3242 if (wpas_init_ext_pw(wpa_s) < 0)
3249 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3250 int notify, int terminate)
3252 wpa_s->disconnected = 1;
3253 if (wpa_s->drv_priv) {
3254 wpa_supplicant_deauthenticate(wpa_s,
3255 WLAN_REASON_DEAUTH_LEAVING);
3257 wpa_drv_set_countermeasures(wpa_s, 0);
3258 wpa_clear_keys(wpa_s, NULL);
3261 wpa_supplicant_cleanup(wpa_s);
3264 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3265 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3266 "the management interface is being removed");
3267 wpas_p2p_deinit_global(wpa_s->global);
3269 #endif /* CONFIG_P2P */
3271 radio_remove_interface(wpa_s);
3273 if (wpa_s->drv_priv)
3274 wpa_drv_deinit(wpa_s);
3277 wpas_notify_iface_removed(wpa_s);
3280 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3282 if (wpa_s->ctrl_iface) {
3283 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3284 wpa_s->ctrl_iface = NULL;
3287 if (wpa_s->conf != NULL) {
3288 wpa_config_free(wpa_s->conf);
3297 * wpa_supplicant_add_iface - Add a new network interface
3298 * @global: Pointer to global data from wpa_supplicant_init()
3299 * @iface: Interface configuration options
3300 * Returns: Pointer to the created interface or %NULL on failure
3302 * This function is used to add new network interfaces for %wpa_supplicant.
3303 * This can be called before wpa_supplicant_run() to add interfaces before the
3304 * main event loop has been started. In addition, new interfaces can be added
3305 * dynamically while %wpa_supplicant is already running. This could happen,
3306 * e.g., when a hotplug network adapter is inserted.
3308 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3309 struct wpa_interface *iface)
3311 struct wpa_supplicant *wpa_s;
3312 struct wpa_interface t_iface;
3313 struct wpa_ssid *ssid;
3315 if (global == NULL || iface == NULL)
3318 wpa_s = wpa_supplicant_alloc();
3322 wpa_s->global = global;
3325 if (global->params.override_driver) {
3326 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3328 iface->driver, global->params.override_driver);
3329 t_iface.driver = global->params.override_driver;
3331 if (global->params.override_ctrl_interface) {
3332 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3333 "ctrl_interface ('%s' -> '%s')",
3334 iface->ctrl_interface,
3335 global->params.override_ctrl_interface);
3336 t_iface.ctrl_interface =
3337 global->params.override_ctrl_interface;
3339 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3340 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3342 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3346 /* Notify the control interfaces about new iface */
3347 if (wpas_notify_iface_added(wpa_s)) {
3348 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3352 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3353 wpas_notify_network_added(wpa_s, ssid);
3355 wpa_s->next = global->ifaces;
3356 global->ifaces = wpa_s;
3358 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3359 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3366 * wpa_supplicant_remove_iface - Remove a network interface
3367 * @global: Pointer to global data from wpa_supplicant_init()
3368 * @wpa_s: Pointer to the network interface to be removed
3369 * Returns: 0 if interface was removed, -1 if interface was not found
3371 * This function can be used to dynamically remove network interfaces from
3372 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3373 * addition, this function is used to remove all remaining interfaces when
3374 * %wpa_supplicant is terminated.
3376 int wpa_supplicant_remove_iface(struct wpa_global *global,
3377 struct wpa_supplicant *wpa_s,
3380 struct wpa_supplicant *prev;
3382 /* Remove interface from the global list of interfaces */
3383 prev = global->ifaces;
3384 if (prev == wpa_s) {
3385 global->ifaces = wpa_s->next;
3387 while (prev && prev->next != wpa_s)
3391 prev->next = wpa_s->next;
3394 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3396 if (global->p2p_group_formation == wpa_s)
3397 global->p2p_group_formation = NULL;
3398 if (global->p2p_invite_group == wpa_s)
3399 global->p2p_invite_group = NULL;
3400 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3407 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3408 * @wpa_s: Pointer to the network interface
3409 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3411 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3413 const char *eapol_method;
3415 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3416 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3420 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3421 if (eapol_method == NULL)
3422 return "UNKNOWN-EAP";
3424 return eapol_method;
3429 * wpa_supplicant_get_iface - Get a new network interface
3430 * @global: Pointer to global data from wpa_supplicant_init()
3431 * @ifname: Interface name
3432 * Returns: Pointer to the interface or %NULL if not found
3434 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3437 struct wpa_supplicant *wpa_s;
3439 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3440 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3447 #ifndef CONFIG_NO_WPA_MSG
3448 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3450 struct wpa_supplicant *wpa_s = ctx;
3453 return wpa_s->ifname;
3455 #endif /* CONFIG_NO_WPA_MSG */
3459 * wpa_supplicant_init - Initialize %wpa_supplicant
3460 * @params: Parameters for %wpa_supplicant
3461 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3463 * This function is used to initialize %wpa_supplicant. After successful
3464 * initialization, the returned data pointer can be used to add and remove
3465 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3467 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3469 struct wpa_global *global;
3475 #ifdef CONFIG_DRIVER_NDIS
3477 void driver_ndis_init_ops(void);
3478 driver_ndis_init_ops();
3480 #endif /* CONFIG_DRIVER_NDIS */
3482 #ifndef CONFIG_NO_WPA_MSG
3483 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3484 #endif /* CONFIG_NO_WPA_MSG */
3486 wpa_debug_open_file(params->wpa_debug_file_path);
3487 if (params->wpa_debug_syslog)
3488 wpa_debug_open_syslog();
3489 if (params->wpa_debug_tracing) {
3490 ret = wpa_debug_open_linux_tracing();
3492 wpa_printf(MSG_ERROR,
3493 "Failed to enable trace logging");
3498 ret = eap_register_methods();
3500 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3502 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3503 "the same EAP type.");
3507 global = os_zalloc(sizeof(*global));
3510 dl_list_init(&global->p2p_srv_bonjour);
3511 dl_list_init(&global->p2p_srv_upnp);
3512 global->params.daemonize = params->daemonize;
3513 global->params.wait_for_monitor = params->wait_for_monitor;
3514 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3515 if (params->pid_file)
3516 global->params.pid_file = os_strdup(params->pid_file);
3517 if (params->ctrl_interface)
3518 global->params.ctrl_interface =
3519 os_strdup(params->ctrl_interface);
3520 if (params->ctrl_interface_group)
3521 global->params.ctrl_interface_group =
3522 os_strdup(params->ctrl_interface_group);
3523 if (params->override_driver)
3524 global->params.override_driver =
3525 os_strdup(params->override_driver);
3526 if (params->override_ctrl_interface)
3527 global->params.override_ctrl_interface =
3528 os_strdup(params->override_ctrl_interface);
3529 wpa_debug_level = global->params.wpa_debug_level =
3530 params->wpa_debug_level;
3531 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3532 params->wpa_debug_show_keys;
3533 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3534 params->wpa_debug_timestamp;
3536 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3539 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3540 wpa_supplicant_deinit(global);
3544 random_init(params->entropy_file);
3546 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3547 if (global->ctrl_iface == NULL) {
3548 wpa_supplicant_deinit(global);
3552 if (wpas_notify_supplicant_initialized(global)) {
3553 wpa_supplicant_deinit(global);
3557 for (i = 0; wpa_drivers[i]; i++)
3558 global->drv_count++;
3559 if (global->drv_count == 0) {
3560 wpa_printf(MSG_ERROR, "No drivers enabled");
3561 wpa_supplicant_deinit(global);
3564 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3565 if (global->drv_priv == NULL) {
3566 wpa_supplicant_deinit(global);
3570 #ifdef CONFIG_WIFI_DISPLAY
3571 if (wifi_display_init(global) < 0) {
3572 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3573 wpa_supplicant_deinit(global);
3576 #endif /* CONFIG_WIFI_DISPLAY */
3583 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3584 * @global: Pointer to global data from wpa_supplicant_init()
3585 * Returns: 0 after successful event loop run, -1 on failure
3587 * This function starts the main event loop and continues running as long as
3588 * there are any remaining events. In most cases, this function is running as
3589 * long as the %wpa_supplicant process in still in use.
3591 int wpa_supplicant_run(struct wpa_global *global)
3593 struct wpa_supplicant *wpa_s;
3595 if (global->params.daemonize &&
3596 wpa_supplicant_daemon(global->params.pid_file))
3599 if (global->params.wait_for_monitor) {
3600 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3601 if (wpa_s->ctrl_iface)
3602 wpa_supplicant_ctrl_iface_wait(
3606 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3607 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3616 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3617 * @global: Pointer to global data from wpa_supplicant_init()
3619 * This function is called to deinitialize %wpa_supplicant and to free all
3620 * allocated resources. Remaining network interfaces will also be removed.
3622 void wpa_supplicant_deinit(struct wpa_global *global)
3629 #ifdef CONFIG_WIFI_DISPLAY
3630 wifi_display_deinit(global);
3631 #endif /* CONFIG_WIFI_DISPLAY */
3633 while (global->ifaces)
3634 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3636 if (global->ctrl_iface)
3637 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3639 wpas_notify_supplicant_deinitialized(global);
3641 eap_peer_unregister_methods();
3643 eap_server_unregister_methods();
3644 #endif /* CONFIG_AP */
3646 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3647 if (!global->drv_priv[i])
3649 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3651 os_free(global->drv_priv);
3657 if (global->params.pid_file) {
3658 os_daemonize_terminate(global->params.pid_file);
3659 os_free(global->params.pid_file);
3661 os_free(global->params.ctrl_interface);
3662 os_free(global->params.ctrl_interface_group);
3663 os_free(global->params.override_driver);
3664 os_free(global->params.override_ctrl_interface);
3666 os_free(global->p2p_disallow_freq.range);
3667 os_free(global->add_psk);
3670 wpa_debug_close_syslog();
3671 wpa_debug_close_file();
3672 wpa_debug_close_linux_tracing();
3676 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3678 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3679 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3681 country[0] = wpa_s->conf->country[0];
3682 country[1] = wpa_s->conf->country[1];
3684 if (wpa_drv_set_country(wpa_s, country) < 0) {
3685 wpa_printf(MSG_ERROR, "Failed to set country code "
3690 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3691 wpas_init_ext_pw(wpa_s);
3694 wpas_wps_update_config(wpa_s);
3695 #endif /* CONFIG_WPS */
3698 wpas_p2p_update_config(wpa_s);
3699 #endif /* CONFIG_P2P */
3701 wpa_s->conf->changed_parameters = 0;
3705 static void add_freq(int *freqs, int *num_freqs, int freq)
3709 for (i = 0; i < *num_freqs; i++) {
3710 if (freqs[i] == freq)
3714 freqs[*num_freqs] = freq;
3719 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3721 struct wpa_bss *bss, *cbss;
3722 const int max_freqs = 10;
3726 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3730 cbss = wpa_s->current_bss;
3732 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3735 if (bss->ssid_len == cbss->ssid_len &&
3736 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3737 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3738 add_freq(freqs, &num_freqs, bss->freq);
3739 if (num_freqs == max_freqs)
3744 if (num_freqs == 0) {
3753 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3760 * Remove possible authentication timeout since the connection failed.
3762 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3764 if (wpa_s->disconnected) {
3766 * There is no point in blacklisting the AP if this event is
3767 * generated based on local request to disconnect.
3769 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
3770 "indication since interface has been put into "
3771 "disconnected state");
3776 * Add the failed BSSID into the blacklist and speed up next scan
3777 * attempt if there could be other APs that could accept association.
3778 * The current blacklist count indicates how many times we have tried
3779 * connecting to this AP and multiple attempts mean that other APs are
3780 * either not available or has already been tried, so that we can start
3781 * increasing the delay here to avoid constant scanning.
3783 count = wpa_blacklist_add(wpa_s, bssid);
3784 if (count == 1 && wpa_s->current_bss) {
3786 * This BSS was not in the blacklist before. If there is
3787 * another BSS available for the same ESS, we should try that
3788 * next. Otherwise, we may as well try this one once more
3789 * before allowing other, likely worse, ESSes to be considered.
3791 freqs = get_bss_freqs_in_ess(wpa_s);
3793 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3794 "has been seen; try it next");
3795 wpa_blacklist_add(wpa_s, bssid);
3797 * On the next scan, go through only the known channels
3798 * used in this ESS based on previous scans to speed up
3799 * common load balancing use case.
3801 os_free(wpa_s->next_scan_freqs);
3802 wpa_s->next_scan_freqs = freqs;
3807 * Add previous failure count in case the temporary blacklist was
3808 * cleared due to no other BSSes being available.
3810 count += wpa_s->extra_blacklist_count;
3812 if (count > 3 && wpa_s->current_ssid) {
3813 wpa_printf(MSG_DEBUG, "Continuous association failures - "
3814 "consider temporary network disabling");
3815 wpas_auth_failed(wpa_s);
3836 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
3837 "ms", count, timeout);
3840 * TODO: if more than one possible AP is available in scan results,
3841 * could try the other ones before requesting a new scan.
3843 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3844 1000 * (timeout % 1000));
3846 wpas_p2p_continue_after_scan(wpa_s);
3850 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3852 return wpa_s->conf->ap_scan == 2 ||
3853 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3857 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3858 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3859 struct wpa_ssid *ssid,
3863 #ifdef IEEE8021X_EAPOL
3864 struct eap_peer_config *eap = &ssid->eap;
3866 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3867 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3868 (const u8 *) value, os_strlen(value));
3870 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3871 case WPA_CTRL_REQ_EAP_IDENTITY:
3872 os_free(eap->identity);
3873 eap->identity = (u8 *) os_strdup(value);
3874 eap->identity_len = os_strlen(value);
3875 eap->pending_req_identity = 0;
3876 if (ssid == wpa_s->current_ssid)
3877 wpa_s->reassociate = 1;
3879 case WPA_CTRL_REQ_EAP_PASSWORD:
3880 os_free(eap->password);
3881 eap->password = (u8 *) os_strdup(value);
3882 eap->password_len = os_strlen(value);
3883 eap->pending_req_password = 0;
3884 if (ssid == wpa_s->current_ssid)
3885 wpa_s->reassociate = 1;
3887 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3888 os_free(eap->new_password);
3889 eap->new_password = (u8 *) os_strdup(value);
3890 eap->new_password_len = os_strlen(value);
3891 eap->pending_req_new_password = 0;
3892 if (ssid == wpa_s->current_ssid)
3893 wpa_s->reassociate = 1;
3895 case WPA_CTRL_REQ_EAP_PIN:
3897 eap->pin = os_strdup(value);
3898 eap->pending_req_pin = 0;
3899 if (ssid == wpa_s->current_ssid)
3900 wpa_s->reassociate = 1;
3902 case WPA_CTRL_REQ_EAP_OTP:
3904 eap->otp = (u8 *) os_strdup(value);
3905 eap->otp_len = os_strlen(value);
3906 os_free(eap->pending_req_otp);
3907 eap->pending_req_otp = NULL;
3908 eap->pending_req_otp_len = 0;
3910 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3911 os_free(eap->private_key_passwd);
3912 eap->private_key_passwd = (u8 *) os_strdup(value);
3913 eap->pending_req_passphrase = 0;
3914 if (ssid == wpa_s->current_ssid)
3915 wpa_s->reassociate = 1;
3917 case WPA_CTRL_REQ_SIM:
3918 os_free(eap->external_sim_resp);
3919 eap->external_sim_resp = os_strdup(value);
3922 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3927 #else /* IEEE8021X_EAPOL */
3928 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3930 #endif /* IEEE8021X_EAPOL */
3932 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
3935 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3938 unsigned int drv_enc;
3946 if (wpa_s && wpa_s->drv_capa_known)
3947 drv_enc = wpa_s->drv_enc;
3949 drv_enc = (unsigned int) -1;
3951 for (i = 0; i < NUM_WEP_KEYS; i++) {
3952 size_t len = ssid->wep_key_len[i];
3955 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3957 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3959 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3961 return 1; /* invalid WEP key */
3964 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3972 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3974 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3976 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3982 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3984 struct wpa_ssid *ssid = wpa_s->current_ssid;
3986 struct os_reltime now;
3989 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3994 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3997 ssid->auth_failures++;
4000 if (ssid->p2p_group &&
4001 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4003 * Skip the wait time since there is a short timeout on the
4004 * connection to a P2P group.
4008 #endif /* CONFIG_P2P */
4010 if (ssid->auth_failures > 50)
4012 else if (ssid->auth_failures > 20)
4014 else if (ssid->auth_failures > 10)
4016 else if (ssid->auth_failures > 5)
4018 else if (ssid->auth_failures > 1)
4023 os_get_reltime(&now);
4024 if (now.sec + dur <= ssid->disabled_until.sec)
4027 ssid->disabled_until.sec = now.sec + dur;
4029 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4030 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4031 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4032 ssid->auth_failures, dur);
4036 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4037 struct wpa_ssid *ssid, int clear_failures)
4042 if (ssid->disabled_until.sec) {
4043 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4044 "id=%d ssid=\"%s\"",
4045 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4047 ssid->disabled_until.sec = 0;
4048 ssid->disabled_until.usec = 0;
4050 ssid->auth_failures = 0;
4054 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4058 if (wpa_s->disallow_aps_bssid == NULL)
4061 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4062 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4063 bssid, ETH_ALEN) == 0)
4071 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4076 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4079 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4080 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4081 if (ssid_len == s->ssid_len &&
4082 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4091 * wpas_request_connection - Request a new connection
4092 * @wpa_s: Pointer to the network interface
4094 * This function is used to request a new connection to be found. It will mark
4095 * the interface to allow reassociation and request a new scan to find a
4096 * suitable network to connect to.
4098 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4100 wpa_s->normal_scans = 0;
4101 wpa_supplicant_reinit_autoscan(wpa_s);
4102 wpa_s->extra_blacklist_count = 0;
4103 wpa_s->disconnected = 0;
4104 wpa_s->reassociate = 1;
4106 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4107 wpa_supplicant_req_scan(wpa_s, 0, 0);
4111 static int wpas_conn_in_progress(struct wpa_supplicant *wpa_s)
4113 return wpa_s->wpa_state >= WPA_AUTHENTICATING &&
4114 wpa_s->wpa_state != WPA_COMPLETED;
4119 * wpas_wpa_is_in_progress - Check whether a connection is in progress
4120 * @wpa_s: Pointer to wpa_supplicant data
4121 * @include_current: Whether to consider specified interface
4123 * This function is to check if the wpa state is in beginning of the connection
4124 * during 4-way handshake or group key handshake with WPA on any shared
4127 int wpas_wpa_is_in_progress(struct wpa_supplicant *wpa_s, int include_current)
4129 struct wpa_supplicant *ifs;
4131 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4133 if (!include_current && ifs == wpa_s)
4136 if (wpas_conn_in_progress(ifs)) {
4137 wpa_dbg(wpa_s, MSG_DEBUG, "Connection is in progress "
4138 "on interface %s - defer", ifs->ifname);
4147 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4148 int *freq_array, unsigned int len)
4152 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4154 for (i = 0; i < len; i++)
4155 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4160 * Find the operating frequencies of any of the virtual interfaces that
4161 * are using the same radio as the current interface.
4163 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4164 int *freq_array, unsigned int len)
4166 struct wpa_supplicant *ifs;
4169 unsigned int idx = 0, i;
4171 wpa_dbg(wpa_s, MSG_DEBUG,
4172 "Determining shared radio frequencies (max len %u)", len);
4173 os_memset(freq_array, 0, sizeof(int) * len);
4175 /* First add the frequency of the local interface */
4176 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4177 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4178 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4179 freq_array[idx++] = wpa_s->current_ssid->frequency;
4180 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4181 freq_array[idx++] = wpa_s->assoc_freq;
4184 /* If get_radio_name is not supported, use only the local freq */
4185 if (!wpa_s->driver->get_radio_name) {
4186 freq = wpa_drv_shared_freq(wpa_s);
4187 if (freq > 0 && idx < len &&
4188 (idx == 0 || freq_array[0] != freq))
4189 freq_array[idx++] = freq;
4190 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4194 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4199 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4202 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4203 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4204 freq = ifs->current_ssid->frequency;
4205 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4206 freq = ifs->assoc_freq;
4210 /* Hold only distinct freqs */
4211 for (i = 0; i < idx; i++)
4212 if (freq_array[i] == freq)
4216 freq_array[idx++] = freq;
4219 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);