3 * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
26 #include "drivers/driver.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
30 #include "ctrl_iface.h"
31 #include "ctrl_iface_dbus.h"
32 #include "pcsc_funcs.h"
35 #include "pmksa_cache.h"
38 #include "ieee802_11_defs.h"
39 #include "blacklist.h"
40 #include "wpas_glue.h"
42 const char *wpa_supplicant_version =
43 "wpa_supplicant v" VERSION_STR "\n"
44 "Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> and contributors";
46 const char *wpa_supplicant_license =
47 "This program is free software. You can distribute it and/or modify it\n"
48 "under the terms of the GNU General Public License version 2.\n"
50 "Alternatively, this software may be distributed under the terms of the\n"
51 "BSD license. See README and COPYING for more details.\n"
52 #ifdef EAP_TLS_OPENSSL
53 "\nThis product includes software developed by the OpenSSL Project\n"
54 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
55 #endif /* EAP_TLS_OPENSSL */
58 #ifndef CONFIG_NO_STDOUT_DEBUG
59 /* Long text divided into parts in order to fit in C89 strings size limits. */
60 const char *wpa_supplicant_full_license1 =
61 "This program is free software; you can redistribute it and/or modify\n"
62 "it under the terms of the GNU General Public License version 2 as\n"
63 "published by the Free Software Foundation.\n"
65 "This program is distributed in the hope that it will be useful,\n"
66 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
67 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
68 "GNU General Public License for more details.\n"
70 const char *wpa_supplicant_full_license2 =
71 "You should have received a copy of the GNU General Public License\n"
72 "along with this program; if not, write to the Free Software\n"
73 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
75 "Alternatively, this software may be distributed under the terms of the\n"
78 "Redistribution and use in source and binary forms, with or without\n"
79 "modification, are permitted provided that the following conditions are\n"
82 const char *wpa_supplicant_full_license3 =
83 "1. Redistributions of source code must retain the above copyright\n"
84 " notice, this list of conditions and the following disclaimer.\n"
86 "2. Redistributions in binary form must reproduce the above copyright\n"
87 " notice, this list of conditions and the following disclaimer in the\n"
88 " documentation and/or other materials provided with the distribution.\n"
90 const char *wpa_supplicant_full_license4 =
91 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
92 " names of its contributors may be used to endorse or promote products\n"
93 " derived from this software without specific prior written permission.\n"
95 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
96 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
97 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
98 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
99 const char *wpa_supplicant_full_license5 =
100 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
101 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
102 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
103 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
104 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
105 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
106 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
108 #endif /* CONFIG_NO_STDOUT_DEBUG */
110 extern struct wpa_driver_ops *wpa_supplicant_drivers[];
112 extern int wpa_debug_level;
113 extern int wpa_debug_show_keys;
114 extern int wpa_debug_timestamp;
116 /* Configure default/group WEP keys for static WEP */
117 static int wpa_set_wep_keys(struct wpa_supplicant *wpa_s,
118 struct wpa_ssid *ssid)
122 for (i = 0; i < NUM_WEP_KEYS; i++) {
123 if (ssid->wep_key_len[i] == 0)
127 wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
128 (u8 *) "\xff\xff\xff\xff\xff\xff",
129 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0,
130 ssid->wep_key[i], ssid->wep_key_len[i]);
137 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
138 struct wpa_ssid *ssid)
145 /* IBSS/WPA-None uses only one key (Group) for both receiving and
146 * sending unicast and multicast packets. */
148 if (ssid->mode != IEEE80211_MODE_IBSS) {
149 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
150 "for WPA-None", ssid->mode);
154 if (!ssid->psk_set) {
155 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
159 switch (wpa_s->group_cipher) {
160 case WPA_CIPHER_CCMP:
161 os_memcpy(key, ssid->psk, 16);
165 case WPA_CIPHER_TKIP:
166 /* WPA-None uses the same Michael MIC key for both TX and RX */
167 os_memcpy(key, ssid->psk, 16 + 8);
168 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
174 "WPA-None", wpa_s->group_cipher);
178 /* TODO: should actually remember the previously used seq#, both for TX
179 * and RX from each STA.. */
181 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
182 0, 1, seq, 6, key, keylen);
186 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
188 struct wpa_supplicant *wpa_s = eloop_ctx;
189 const u8 *bssid = wpa_s->bssid;
190 if (is_zero_ether_addr(bssid))
191 bssid = wpa_s->pending_bssid;
192 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
194 wpa_blacklist_add(wpa_s, bssid);
195 wpa_sm_notify_disassoc(wpa_s->wpa);
196 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
197 wpa_s->reassociate = 1;
198 wpa_supplicant_req_scan(wpa_s, 0, 0);
203 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
204 * @wpa_s: Pointer to wpa_supplicant data
205 * @sec: Number of seconds after which to time out authentication
206 * @usec: Number of microseconds after which to time out authentication
208 * This function is used to schedule a timeout for the current authentication
211 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
214 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
215 wpa_s->driver && IS_WIRED(wpa_s->driver))
218 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
219 "%d usec", sec, usec);
220 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
221 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
226 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
227 * @wpa_s: Pointer to wpa_supplicant data
229 * This function is used to cancel authentication timeout scheduled with
230 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
233 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
235 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
236 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
237 wpa_blacklist_del(wpa_s, wpa_s->bssid);
242 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
243 * @wpa_s: Pointer to wpa_supplicant data
245 * This function is used to configure EAPOL state machine based on the selected
246 * authentication mode.
248 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
250 #ifdef IEEE8021X_EAPOL
251 struct eapol_config eapol_conf;
252 struct wpa_ssid *ssid = wpa_s->current_ssid;
254 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
255 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
256 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
258 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
259 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
260 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
264 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
265 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
266 eapol_conf.accept_802_1x_keys = 1;
267 eapol_conf.required_keys = 0;
268 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
269 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
271 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
272 eapol_conf.required_keys |=
273 EAPOL_REQUIRE_KEY_BROADCAST;
276 if (wpa_s->conf && wpa_s->driver && IS_WIRED(wpa_s->driver)) {
277 eapol_conf.required_keys = 0;
281 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
282 eapol_conf.workaround = ssid->eap_workaround;
283 eapol_conf.eap_disabled =
284 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
285 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA;
286 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
287 #endif /* IEEE8021X_EAPOL */
292 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
293 * @wpa_s: Pointer to wpa_supplicant data
294 * @ssid: Configuration data for the network
296 * This function is used to configure WPA state machine and related parameters
297 * to a mode where WPA is not enabled. This is called as part of the
298 * authentication configuration when the selected network does not use WPA.
300 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
301 struct wpa_ssid *ssid)
305 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
306 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
308 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
309 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
310 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
311 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
312 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
313 wpa_s->group_cipher = WPA_CIPHER_NONE;
314 wpa_s->mgmt_group_cipher = 0;
316 for (i = 0; i < NUM_WEP_KEYS; i++) {
317 if (ssid->wep_key_len[i] > 5) {
318 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
319 wpa_s->group_cipher = WPA_CIPHER_WEP104;
321 } else if (ssid->wep_key_len[i] > 0) {
322 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
323 wpa_s->group_cipher = WPA_CIPHER_WEP40;
328 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
329 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
330 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
331 wpa_s->pairwise_cipher);
332 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
333 #ifdef CONFIG_IEEE80211W
334 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
335 wpa_s->mgmt_group_cipher);
336 #endif /* CONFIG_IEEE80211W */
338 pmksa_cache_clear_current(wpa_s->wpa);
342 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
344 scard_deinit(wpa_s->scard);
346 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
347 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
348 l2_packet_deinit(wpa_s->l2);
351 l2_packet_deinit(wpa_s->l2_br);
355 if (wpa_s->ctrl_iface) {
356 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
357 wpa_s->ctrl_iface = NULL;
359 if (wpa_s->conf != NULL) {
360 wpa_config_free(wpa_s->conf);
364 os_free(wpa_s->confname);
365 wpa_s->confname = NULL;
367 wpa_sm_set_eapol(wpa_s->wpa, NULL);
368 eapol_sm_deinit(wpa_s->eapol);
371 rsn_preauth_deinit(wpa_s->wpa);
373 pmksa_candidate_free(wpa_s->wpa);
374 wpa_sm_deinit(wpa_s->wpa);
376 wpa_blacklist_clear(wpa_s);
378 wpa_scan_results_free(wpa_s->scan_res);
379 wpa_s->scan_res = NULL;
381 wpa_supplicant_cancel_scan(wpa_s);
382 wpa_supplicant_cancel_auth_timeout(wpa_s);
384 ieee80211_sta_deinit(wpa_s);
389 * wpa_clear_keys - Clear keys configured for the driver
390 * @wpa_s: Pointer to wpa_supplicant data
391 * @addr: Previously used BSSID or %NULL if not available
393 * This function clears the encryption keys that has been previously configured
396 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
398 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
400 if (wpa_s->keys_cleared) {
401 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
402 * timing issues with keys being cleared just before new keys
403 * are set or just after association or something similar. This
404 * shows up in group key handshake failing often because of the
405 * client not receiving the first encrypted packets correctly.
406 * Skipping some of the extra key clearing steps seems to help
407 * in completing group key handshake more reliably. */
408 wpa_printf(MSG_DEBUG, "No keys have been configured - "
409 "skip key clearing");
413 /* MLME-DELETEKEYS.request */
414 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
415 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
416 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
417 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
419 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
421 /* MLME-SETPROTECTION.request(None) */
422 wpa_drv_mlme_setprotection(
424 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
425 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
427 wpa_s->keys_cleared = 1;
432 * wpa_supplicant_state_txt - Get the connection state name as a text string
433 * @state: State (wpa_state; WPA_*)
434 * Returns: The state name as a printable text string
436 const char * wpa_supplicant_state_txt(int state)
439 case WPA_DISCONNECTED:
440 return "DISCONNECTED";
445 case WPA_ASSOCIATING:
446 return "ASSOCIATING";
449 case WPA_4WAY_HANDSHAKE:
450 return "4WAY_HANDSHAKE";
451 case WPA_GROUP_HANDSHAKE:
452 return "GROUP_HANDSHAKE";
462 * wpa_supplicant_set_state - Set current connection state
463 * @wpa_s: Pointer to wpa_supplicant data
464 * @state: The new connection state
466 * This function is called whenever the connection state changes, e.g.,
467 * association is completed for WPA/WPA2 4-Way Handshake is started.
469 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
471 wpa_printf(MSG_DEBUG, "State: %s -> %s",
472 wpa_supplicant_state_txt(wpa_s->wpa_state),
473 wpa_supplicant_state_txt(state));
475 wpa_supplicant_dbus_notify_state_change(wpa_s, state,
478 if (state == WPA_COMPLETED && wpa_s->new_connection) {
479 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
480 struct wpa_ssid *ssid = wpa_s->current_ssid;
481 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
482 MACSTR " completed %s [id=%d id_str=%s]",
483 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
484 "(reauth)" : "(auth)",
485 ssid ? ssid->id : -1,
486 ssid && ssid->id_str ? ssid->id_str : "");
487 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
488 wpa_s->new_connection = 0;
489 wpa_s->reassociated_connection = 1;
490 wpa_drv_set_operstate(wpa_s, 1);
491 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
492 state == WPA_ASSOCIATED) {
493 wpa_s->new_connection = 1;
494 wpa_drv_set_operstate(wpa_s, 0);
496 wpa_s->wpa_state = state;
500 static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
503 struct wpa_global *global = eloop_ctx;
504 struct wpa_supplicant *wpa_s;
505 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
506 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
513 static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
515 wpa_s->pairwise_cipher = 0;
516 wpa_s->group_cipher = 0;
517 wpa_s->mgmt_group_cipher = 0;
519 wpa_s->wpa_state = WPA_DISCONNECTED;
524 * wpa_supplicant_reload_configuration - Reload configuration data
525 * @wpa_s: Pointer to wpa_supplicant data
526 * Returns: 0 on success or -1 if configuration parsing failed
528 * This function can be used to request that the configuration data is reloaded
529 * (e.g., after configuration file change). This function is reloading
530 * configuration only for one interface, so this may need to be called multiple
531 * times if %wpa_supplicant is controlling multiple interfaces and all
532 * interfaces need reconfiguration.
534 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
536 struct wpa_config *conf;
538 if (wpa_s->confname == NULL)
540 conf = wpa_config_read(wpa_s->confname);
542 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
543 "file '%s' - exiting", wpa_s->confname);
547 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
548 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
549 os_strcmp(conf->ctrl_interface,
550 wpa_s->conf->ctrl_interface) != 0);
552 if (reconf_ctrl && wpa_s->ctrl_iface) {
553 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
554 wpa_s->ctrl_iface = NULL;
557 eapol_sm_invalidate_cached_session(wpa_s->eapol);
558 wpa_s->current_ssid = NULL;
560 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
561 * pkcs11_engine_path, pkcs11_module_path.
563 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
565 * Clear forced success to clear EAP state for next
568 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
570 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
571 wpa_sm_set_config(wpa_s->wpa, NULL);
572 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
573 rsn_preauth_deinit(wpa_s->wpa);
574 wpa_config_free(wpa_s->conf);
577 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
579 wpa_supplicant_clear_status(wpa_s);
580 wpa_s->reassociate = 1;
581 wpa_supplicant_req_scan(wpa_s, 0, 0);
582 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
587 static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
590 struct wpa_global *global = eloop_ctx;
591 struct wpa_supplicant *wpa_s;
592 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
593 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
594 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
601 static wpa_cipher cipher_suite2driver(int cipher)
604 case WPA_CIPHER_NONE:
606 case WPA_CIPHER_WEP40:
608 case WPA_CIPHER_WEP104:
609 return CIPHER_WEP104;
610 case WPA_CIPHER_CCMP:
612 case WPA_CIPHER_TKIP:
619 static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
622 case WPA_KEY_MGMT_NONE:
623 return KEY_MGMT_NONE;
624 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
625 return KEY_MGMT_802_1X_NO_WPA;
626 case WPA_KEY_MGMT_IEEE8021X:
627 return KEY_MGMT_802_1X;
628 case WPA_KEY_MGMT_WPA_NONE:
629 return KEY_MGMT_WPA_NONE;
630 case WPA_KEY_MGMT_FT_IEEE8021X:
631 return KEY_MGMT_FT_802_1X;
632 case WPA_KEY_MGMT_FT_PSK:
633 return KEY_MGMT_FT_PSK;
634 case WPA_KEY_MGMT_IEEE8021X_SHA256:
635 return KEY_MGMT_802_1X_SHA256;
636 case WPA_KEY_MGMT_PSK_SHA256:
637 return KEY_MGMT_PSK_SHA256;
638 case WPA_KEY_MGMT_PSK:
645 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
646 struct wpa_ssid *ssid,
647 struct wpa_ie_data *ie)
649 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
652 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
653 "from association info");
658 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
660 if (!(ie->group_cipher & ssid->group_cipher)) {
661 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
662 "cipher 0x%x (mask 0x%x) - reject",
663 ie->group_cipher, ssid->group_cipher);
666 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
667 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
668 "cipher 0x%x (mask 0x%x) - reject",
669 ie->pairwise_cipher, ssid->pairwise_cipher);
672 if (!(ie->key_mgmt & ssid->key_mgmt)) {
673 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
674 "management 0x%x (mask 0x%x) - reject",
675 ie->key_mgmt, ssid->key_mgmt);
679 #ifdef CONFIG_IEEE80211W
680 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
681 ssid->ieee80211w == IEEE80211W_REQUIRED) {
682 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
683 "that does not support management frame protection - "
687 #endif /* CONFIG_IEEE80211W */
694 * wpa_supplicant_set_suites - Set authentication and encryption parameters
695 * @wpa_s: Pointer to wpa_supplicant data
696 * @bss: Scan results for the selected BSS, or %NULL if not available
697 * @ssid: Configuration data for the selected network
698 * @wpa_ie: Buffer for the WPA/RSN IE
699 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
700 * used buffer length in case the functions returns success.
701 * Returns: 0 on success or -1 on failure
703 * This function is used to configure authentication and encryption parameters
704 * based on the network configuration and scan result for the selected BSS (if
707 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
708 struct wpa_scan_res *bss,
709 struct wpa_ssid *ssid,
710 u8 *wpa_ie, size_t *wpa_ie_len)
712 struct wpa_ie_data ie;
714 const u8 *bss_wpa, *bss_rsn;
717 bss_wpa = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
718 bss_rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
720 bss_wpa = bss_rsn = NULL;
722 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
723 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
724 (ie.group_cipher & ssid->group_cipher) &&
725 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
726 (ie.key_mgmt & ssid->key_mgmt)) {
727 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
728 proto = WPA_PROTO_RSN;
729 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
730 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
731 (ie.group_cipher & ssid->group_cipher) &&
732 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
733 (ie.key_mgmt & ssid->key_mgmt)) {
734 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
735 proto = WPA_PROTO_WPA;
737 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
740 if (ssid->proto & WPA_PROTO_RSN)
741 proto = WPA_PROTO_RSN;
743 proto = WPA_PROTO_WPA;
744 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
745 os_memset(&ie, 0, sizeof(ie));
746 ie.group_cipher = ssid->group_cipher;
747 ie.pairwise_cipher = ssid->pairwise_cipher;
748 ie.key_mgmt = ssid->key_mgmt;
749 #ifdef CONFIG_IEEE80211W
750 ie.mgmt_group_cipher =
751 ssid->ieee80211w != NO_IEEE80211W ?
752 WPA_CIPHER_AES_128_CMAC : 0;
753 #endif /* CONFIG_IEEE80211W */
754 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
760 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
761 "pairwise %d key_mgmt %d proto %d",
762 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
763 #ifdef CONFIG_IEEE80211W
764 if (ssid->ieee80211w) {
765 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
766 ie.mgmt_group_cipher);
768 #endif /* CONFIG_IEEE80211W */
770 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
771 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
772 !!(ssid->proto & WPA_PROTO_RSN));
774 if (bss || !wpa_s->ap_ies_from_associnfo) {
775 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
776 bss_wpa ? 2 + bss_wpa[1] : 0) ||
777 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
778 bss_rsn ? 2 + bss_rsn[1] : 0))
782 sel = ie.group_cipher & ssid->group_cipher;
783 if (sel & WPA_CIPHER_CCMP) {
784 wpa_s->group_cipher = WPA_CIPHER_CCMP;
785 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
786 } else if (sel & WPA_CIPHER_TKIP) {
787 wpa_s->group_cipher = WPA_CIPHER_TKIP;
788 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
789 } else if (sel & WPA_CIPHER_WEP104) {
790 wpa_s->group_cipher = WPA_CIPHER_WEP104;
791 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
792 } else if (sel & WPA_CIPHER_WEP40) {
793 wpa_s->group_cipher = WPA_CIPHER_WEP40;
794 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
796 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
800 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
801 if (sel & WPA_CIPHER_CCMP) {
802 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
803 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
804 } else if (sel & WPA_CIPHER_TKIP) {
805 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
806 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
807 } else if (sel & WPA_CIPHER_NONE) {
808 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
809 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
811 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
816 sel = ie.key_mgmt & ssid->key_mgmt;
818 #ifdef CONFIG_IEEE80211R
819 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
820 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
821 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
822 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
823 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
824 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
825 #endif /* CONFIG_IEEE80211R */
826 #ifdef CONFIG_IEEE80211W
827 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
828 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
829 wpa_msg(wpa_s, MSG_DEBUG,
830 "WPA: using KEY_MGMT 802.1X with SHA256");
831 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
832 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
833 wpa_msg(wpa_s, MSG_DEBUG,
834 "WPA: using KEY_MGMT PSK with SHA256");
835 #endif /* CONFIG_IEEE80211W */
836 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
837 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
838 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
839 } else if (sel & WPA_KEY_MGMT_PSK) {
840 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
841 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
842 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
843 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
844 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
846 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
847 "key management type.");
851 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
852 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
853 wpa_s->pairwise_cipher);
854 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
856 #ifdef CONFIG_IEEE80211W
857 sel = ie.mgmt_group_cipher;
858 if (ssid->ieee80211w == NO_IEEE80211W ||
859 !(ie.capabilities & WPA_CAPABILITY_MFPC))
861 if (sel & WPA_CIPHER_AES_128_CMAC) {
862 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
863 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
866 wpa_s->mgmt_group_cipher = 0;
867 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
869 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
870 wpa_s->mgmt_group_cipher);
871 #endif /* CONFIG_IEEE80211W */
873 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
874 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
879 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
880 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
882 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
889 * wpa_supplicant_associate - Request association
890 * @wpa_s: Pointer to wpa_supplicant data
891 * @bss: Scan results for the selected BSS, or %NULL if not available
892 * @ssid: Configuration data for the selected network
894 * This function is used to request %wpa_supplicant to associate with a BSS.
896 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
897 struct wpa_scan_res *bss, struct wpa_ssid *ssid)
901 int use_crypt, ret, i;
902 int algs = AUTH_ALG_OPEN_SYSTEM;
903 wpa_cipher cipher_pairwise, cipher_group;
904 struct wpa_driver_associate_params params;
905 int wep_keys_set = 0;
906 struct wpa_driver_capa capa;
907 int assoc_failed = 0;
909 wpa_s->reassociate = 0;
911 #ifdef CONFIG_IEEE80211R
913 #endif /* CONFIG_IEEE80211R */
914 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
915 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
916 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
917 ie ? wpa_ssid_txt(ie + 2, ie[1]) : "", bss->freq);
918 os_memset(wpa_s->bssid, 0, ETH_ALEN);
919 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
920 #ifdef CONFIG_IEEE80211R
921 ie = wpa_scan_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
922 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
924 wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL);
926 /* Prepare for the next transition */
927 wpa_ft_prepare_auth_request(wpa_s->wpa);
929 #endif /* CONFIG_IEEE80211R */
931 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
932 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
933 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
935 wpa_supplicant_cancel_scan(wpa_s);
937 /* Starting new association, so clear the possibly used WPA IE from the
938 * previous association. */
939 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
941 if (wpa_drv_set_mode(wpa_s, ssid->mode)) {
942 wpa_printf(MSG_WARNING, "Failed to set operating mode");
946 #ifdef IEEE8021X_EAPOL
947 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
949 if (ssid->non_leap == 0)
950 algs = AUTH_ALG_LEAP;
952 algs |= AUTH_ALG_LEAP;
955 #endif /* IEEE8021X_EAPOL */
956 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
957 if (ssid->auth_alg) {
959 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
960 algs |= AUTH_ALG_OPEN_SYSTEM;
961 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
962 algs |= AUTH_ALG_SHARED_KEY;
963 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
964 algs |= AUTH_ALG_LEAP;
965 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
968 wpa_drv_set_auth_alg(wpa_s, algs);
970 if (bss && (wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
971 wpa_scan_get_ie(bss, WLAN_EID_RSN)) &&
972 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
973 WPA_KEY_MGMT_FT_IEEE8021X |
974 WPA_KEY_MGMT_FT_PSK |
975 WPA_KEY_MGMT_IEEE8021X_SHA256 |
976 WPA_KEY_MGMT_PSK_SHA256))) {
977 int try_opportunistic;
978 try_opportunistic = ssid->proactive_key_caching &&
979 (ssid->proto & WPA_PROTO_RSN);
980 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
982 try_opportunistic) == 0)
983 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
984 wpa_ie_len = sizeof(wpa_ie);
985 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
986 wpa_ie, &wpa_ie_len)) {
987 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
988 "management and encryption suites");
991 } else if (ssid->key_mgmt &
992 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
993 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
994 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
995 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
996 wpa_ie_len = sizeof(wpa_ie);
997 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
998 wpa_ie, &wpa_ie_len)) {
999 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1000 "management and encryption suites (no scan "
1005 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1009 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1011 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1012 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1013 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1014 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1015 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1017 if (wpa_set_wep_keys(wpa_s, ssid)) {
1023 #ifdef IEEE8021X_EAPOL
1024 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1025 if ((ssid->eapol_flags &
1026 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1027 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1031 /* Assume that dynamic WEP-104 keys will be used and
1032 * set cipher suites in order for drivers to expect
1034 cipher_pairwise = cipher_group = CIPHER_WEP104;
1037 #endif /* IEEE8021X_EAPOL */
1039 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1040 /* Set the key before (and later after) association */
1041 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1044 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
1045 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1046 os_memset(¶ms, 0, sizeof(params));
1048 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
1049 params.bssid = bss->bssid;
1050 params.ssid = ie ? ie + 2 : (u8 *) "";
1051 params.ssid_len = ie ? ie[1] : 0;
1052 params.freq = bss->freq;
1054 params.ssid = ssid->ssid;
1055 params.ssid_len = ssid->ssid_len;
1057 if (ssid->mode == 1 && ssid->frequency > 0 && params.freq == 0)
1058 params.freq = ssid->frequency; /* Initial channel for IBSS */
1059 params.wpa_ie = wpa_ie;
1060 params.wpa_ie_len = wpa_ie_len;
1061 params.pairwise_suite = cipher_pairwise;
1062 params.group_suite = cipher_group;
1063 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1064 params.auth_alg = algs;
1065 params.mode = ssid->mode;
1066 for (i = 0; i < NUM_WEP_KEYS; i++) {
1067 if (ssid->wep_key_len[i])
1068 params.wep_key[i] = ssid->wep_key[i];
1069 params.wep_key_len[i] = ssid->wep_key_len[i];
1071 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1073 if (wpa_s->driver_4way_handshake &&
1074 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1075 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1076 params.passphrase = ssid->passphrase;
1078 params.psk = ssid->psk;
1081 #ifdef CONFIG_IEEE80211W
1082 switch (ssid->ieee80211w) {
1084 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
1086 case IEEE80211W_OPTIONAL:
1087 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_OPTIONAL;
1089 case IEEE80211W_REQUIRED:
1090 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED;
1093 #endif /* CONFIG_IEEE80211W */
1095 if (wpa_s->use_client_mlme)
1096 ret = ieee80211_sta_associate(wpa_s, ¶ms);
1098 ret = wpa_drv_associate(wpa_s, ¶ms);
1100 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1102 /* try to continue anyway; new association will be tried again
1107 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1108 /* Set the key after the association just in case association
1109 * cleared the previously configured key. */
1110 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1111 /* No need to timeout authentication since there is no key
1113 wpa_supplicant_cancel_auth_timeout(wpa_s);
1114 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1116 /* Timeout for IEEE 802.11 authentication and association */
1120 /* give IBSS a bit more time */
1121 timeout = ssid->mode ? 10 : 5;
1122 } else if (wpa_s->conf->ap_scan == 1) {
1123 /* give IBSS a bit more time */
1124 timeout = ssid->mode ? 20 : 10;
1126 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1129 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1130 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1131 /* Set static WEP keys again */
1132 wpa_set_wep_keys(wpa_s, ssid);
1135 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1137 * Do not allow EAP session resumption between different
1138 * network configurations.
1140 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1142 wpa_s->current_ssid = ssid;
1143 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1144 wpa_supplicant_initiate_eapol(wpa_s);
1149 * wpa_supplicant_disassociate - Disassociate the current connection
1150 * @wpa_s: Pointer to wpa_supplicant data
1151 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1153 * This function is used to request %wpa_supplicant to disassociate with the
1156 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1160 if (!is_zero_ether_addr(wpa_s->bssid)) {
1161 if (wpa_s->use_client_mlme)
1162 ieee80211_sta_disassociate(wpa_s, reason_code);
1164 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1165 addr = wpa_s->bssid;
1167 wpa_clear_keys(wpa_s, addr);
1168 wpa_supplicant_mark_disassoc(wpa_s);
1169 wpa_s->current_ssid = NULL;
1170 wpa_sm_set_config(wpa_s->wpa, NULL);
1171 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1176 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1177 * @wpa_s: Pointer to wpa_supplicant data
1178 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1180 * This function is used to request %wpa_supplicant to disassociate with the
1183 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1187 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1188 if (!is_zero_ether_addr(wpa_s->bssid)) {
1189 if (wpa_s->use_client_mlme)
1190 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1192 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1194 addr = wpa_s->bssid;
1196 wpa_clear_keys(wpa_s, addr);
1197 wpa_s->current_ssid = NULL;
1198 wpa_sm_set_config(wpa_s->wpa, NULL);
1199 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1200 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1201 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1205 static int wpa_supplicant_get_scan_results_old(struct wpa_supplicant *wpa_s)
1207 #define SCAN_AP_LIMIT 128
1208 struct wpa_scan_result *results;
1210 struct wpa_scan_results *res;
1212 results = os_malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
1213 if (results == NULL) {
1214 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
1219 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
1220 wpa_printf(MSG_DEBUG, "Scan results: %d", num);
1222 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1226 if (num > SCAN_AP_LIMIT) {
1227 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
1228 num, SCAN_AP_LIMIT);
1229 num = SCAN_AP_LIMIT;
1232 wpa_scan_results_free(wpa_s->scan_res);
1233 wpa_s->scan_res = NULL;
1235 /* Convert old scan result data structure to the new one */
1236 res = os_zalloc(sizeof(*res));
1241 res->res = os_zalloc(num * sizeof(struct wpa_scan_res *));
1242 if (res->res == NULL) {
1248 for (i = 0; i < num; i++) {
1249 struct wpa_scan_result *bss = &results[i];
1250 struct wpa_scan_res *r;
1254 ie_len = 2 + bss->ssid_len + bss->rsn_ie_len + bss->wpa_ie_len;
1257 if (bss->mdie_present)
1260 r = os_zalloc(sizeof(*r) + ie_len);
1264 os_memcpy(r->bssid, bss->bssid, ETH_ALEN);
1265 r->freq = bss->freq;
1266 r->caps = bss->caps;
1267 r->qual = bss->qual;
1268 r->noise = bss->noise;
1269 r->level = bss->level;
1273 pos = (u8 *) (r + 1);
1276 *pos++ = WLAN_EID_SSID;
1277 *pos++ = bss->ssid_len;
1278 os_memcpy(pos, bss->ssid, bss->ssid_len);
1279 pos += bss->ssid_len;
1282 /* Fake Supported Rate IE to include max rate */
1283 *pos++ = WLAN_EID_SUPP_RATES;
1285 *pos++ = bss->maxrate;
1288 if (bss->rsn_ie_len) {
1289 os_memcpy(pos, bss->rsn_ie, bss->rsn_ie_len);
1290 pos += bss->rsn_ie_len;
1293 if (bss->mdie_present) {
1294 os_memcpy(pos, bss->mdie, 5);
1298 if (bss->wpa_ie_len) {
1299 os_memcpy(pos, bss->wpa_ie, bss->wpa_ie_len);
1300 pos += bss->wpa_ie_len;
1303 res->res[res->num++] = r;
1307 wpa_s->scan_res = res;
1314 * wpa_supplicant_get_scan_results - Get scan results
1315 * @wpa_s: Pointer to wpa_supplicant data
1316 * Returns: 0 on success, -1 on failure
1318 * This function is request the current scan results from the driver and stores
1319 * a local copy of the results in wpa_s->scan_res.
1321 int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
1325 if (wpa_s->use_client_mlme) {
1326 wpa_scan_results_free(wpa_s->scan_res);
1327 wpa_s->scan_res = ieee80211_sta_get_scan_results(wpa_s);
1328 if (wpa_s->scan_res == NULL) {
1329 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1333 } else if (wpa_s->driver->get_scan_results2 == NULL)
1334 ret = wpa_supplicant_get_scan_results_old(wpa_s);
1336 wpa_scan_results_free(wpa_s->scan_res);
1337 wpa_s->scan_res = wpa_drv_get_scan_results2(wpa_s);
1338 if (wpa_s->scan_res == NULL) {
1339 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1345 if (wpa_s->scan_res)
1346 wpa_scan_sort_results(wpa_s->scan_res);
1353 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1354 * @wpa_s: Pointer to wpa_supplicant data
1355 * Returns: A pointer to the current network structure or %NULL on failure
1357 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1359 struct wpa_ssid *entry;
1360 u8 ssid[MAX_SSID_LEN];
1366 if (wpa_s->use_client_mlme) {
1367 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1368 wpa_printf(MSG_WARNING, "Could not read SSID from "
1373 res = wpa_drv_get_ssid(wpa_s, ssid);
1375 wpa_printf(MSG_WARNING, "Could not read SSID from "
1382 if (wpa_s->use_client_mlme)
1383 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1384 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1385 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1389 wired = wpa_s->conf->ap_scan == 0 && wpa_s->driver &&
1390 IS_WIRED(wpa_s->driver);
1392 entry = wpa_s->conf->ssid;
1394 if (!entry->disabled &&
1395 ((ssid_len == entry->ssid_len &&
1396 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1397 (!entry->bssid_set ||
1398 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1400 entry = entry->next;
1407 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1415 if (wpa_supplicant_drivers[0] == NULL) {
1416 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1422 /* default to first driver in the list */
1423 wpa_s->driver = wpa_supplicant_drivers[0];
1427 for (i = 0; wpa_supplicant_drivers[i]; i++) {
1428 if (os_strcmp(name, wpa_supplicant_drivers[i]->name) == 0) {
1429 wpa_s->driver = wpa_supplicant_drivers[i];
1434 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.\n", name);
1439 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1440 const u8 *buf, size_t len)
1442 struct wpa_supplicant *wpa_s = ctx;
1444 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1445 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1447 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1448 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1449 "no key management is configured");
1453 if (wpa_s->eapol_received == 0 &&
1454 (!wpa_s->driver_4way_handshake ||
1455 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1456 wpa_s->wpa_state != WPA_COMPLETED)) {
1457 /* Timeout for completing IEEE 802.1X and WPA authentication */
1458 wpa_supplicant_req_auth_timeout(
1460 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
1461 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) ?
1464 wpa_s->eapol_received++;
1466 if (wpa_s->countermeasures) {
1467 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1472 /* Source address of the incoming EAPOL frame could be compared to the
1473 * current BSSID. However, it is possible that a centralized
1474 * Authenticator could be using another MAC address than the BSSID of
1475 * an AP, so just allow any address to be used for now. The replies are
1476 * still sent to the current BSSID (if available), though. */
1478 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
1479 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
1480 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1482 wpa_drv_poll(wpa_s);
1483 if (!wpa_s->driver_4way_handshake)
1484 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
1485 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
1487 * Set portValid = TRUE here since we are going to skip 4-way
1488 * handshake processing which would normally set portValid. We
1489 * need this to allow the EAPOL state machines to be completed
1490 * without going through EAPOL-Key handshake.
1492 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1497 void wpa_supplicant_sta_free_hw_features(struct wpa_hw_modes *hw_features,
1498 size_t num_hw_features)
1500 ieee80211_sta_free_hw_features(hw_features, num_hw_features);
1504 void wpa_supplicant_sta_rx(void *ctx, const u8 *buf, size_t len,
1505 struct ieee80211_rx_status *rx_status)
1507 struct wpa_supplicant *wpa_s = ctx;
1508 ieee80211_sta_rx(wpa_s, buf, len, rx_status);
1513 * wpa_supplicant_driver_init - Initialize driver interface parameters
1514 * @wpa_s: Pointer to wpa_supplicant data
1515 * Returns: 0 on success, -1 on failure
1517 * This function is called to initialize driver interface parameters.
1518 * wpa_drv_init() must have been called before this function to initialize the
1521 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1523 static int interface_count = 0;
1525 if (wpa_s->driver->send_eapol) {
1526 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1528 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1530 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1531 wpa_drv_get_mac_addr(wpa_s),
1533 wpa_supplicant_rx_eapol, wpa_s, 0);
1534 if (wpa_s->l2 == NULL)
1538 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1539 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
1543 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
1544 MAC2STR(wpa_s->own_addr));
1546 if (wpa_s->bridge_ifname[0]) {
1547 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
1548 " '%s'", wpa_s->bridge_ifname);
1549 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1552 wpa_supplicant_rx_eapol, wpa_s,
1554 if (wpa_s->l2_br == NULL) {
1555 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
1556 "connection for the bridge interface '%s'",
1557 wpa_s->bridge_ifname);
1562 /* Backwards compatibility call to set_wpa() handler. This is called
1563 * only just after init and just before deinit, so these handler can be
1564 * used to implement same functionality. */
1565 if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
1566 struct wpa_driver_capa capa;
1567 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
1568 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1569 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
1570 wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
1571 /* Continue to allow non-WPA modes to be used. */
1573 wpa_printf(MSG_ERROR, "Failed to enable WPA in the "
1579 wpa_clear_keys(wpa_s, NULL);
1581 /* Make sure that TKIP countermeasures are not left enabled (could
1582 * happen if wpa_supplicant is killed during countermeasures. */
1583 wpa_drv_set_countermeasures(wpa_s, 0);
1585 wpa_drv_set_drop_unencrypted(wpa_s, 1);
1587 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1588 wpa_drv_flush_pmkid(wpa_s);
1590 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
1591 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1598 static int wpa_supplicant_daemon(const char *pid_file)
1600 wpa_printf(MSG_DEBUG, "Daemonize..");
1601 return os_daemonize(pid_file);
1605 static struct wpa_supplicant * wpa_supplicant_alloc(void)
1607 struct wpa_supplicant *wpa_s;
1609 wpa_s = os_zalloc(sizeof(*wpa_s));
1612 wpa_s->scan_req = 1;
1618 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1619 struct wpa_interface *iface)
1621 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
1622 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
1623 iface->confname ? iface->confname : "N/A",
1624 iface->driver ? iface->driver : "default",
1625 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
1626 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
1628 if (wpa_supplicant_set_driver(wpa_s, iface->driver) < 0) {
1632 if (iface->confname) {
1633 #ifdef CONFIG_BACKEND_FILE
1634 wpa_s->confname = os_rel2abs_path(iface->confname);
1635 if (wpa_s->confname == NULL) {
1636 wpa_printf(MSG_ERROR, "Failed to get absolute path "
1637 "for configuration file '%s'.",
1641 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
1642 iface->confname, wpa_s->confname);
1643 #else /* CONFIG_BACKEND_FILE */
1644 wpa_s->confname = os_strdup(iface->confname);
1645 #endif /* CONFIG_BACKEND_FILE */
1646 wpa_s->conf = wpa_config_read(wpa_s->confname);
1647 if (wpa_s->conf == NULL) {
1648 wpa_printf(MSG_ERROR, "Failed to read or parse "
1649 "configuration '%s'.", wpa_s->confname);
1654 * Override ctrl_interface and driver_param if set on command
1657 if (iface->ctrl_interface) {
1658 os_free(wpa_s->conf->ctrl_interface);
1659 wpa_s->conf->ctrl_interface =
1660 os_strdup(iface->ctrl_interface);
1663 if (iface->driver_param) {
1664 os_free(wpa_s->conf->driver_param);
1665 wpa_s->conf->driver_param =
1666 os_strdup(iface->driver_param);
1669 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
1670 iface->driver_param);
1672 if (wpa_s->conf == NULL) {
1673 wpa_printf(MSG_ERROR, "\nNo configuration found.");
1677 if (iface->ifname == NULL) {
1678 wpa_printf(MSG_ERROR, "\nInterface name is required.");
1681 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
1682 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
1686 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
1688 if (iface->bridge_ifname) {
1689 if (os_strlen(iface->bridge_ifname) >=
1690 sizeof(wpa_s->bridge_ifname)) {
1691 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
1692 "name '%s'.", iface->bridge_ifname);
1695 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
1696 sizeof(wpa_s->bridge_ifname));
1703 static int wpa_supplicant_init_iface2(struct wpa_supplicant *wpa_s)
1706 struct wpa_driver_capa capa;
1708 wpa_printf(MSG_DEBUG, "Initializing interface (2) '%s'",
1711 /* RSNA Supplicant Key Management - INITIALIZE */
1712 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1713 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1715 /* Initialize driver interface and register driver event handler before
1716 * L2 receive handler so that association events are processed before
1717 * EAPOL-Key packets if both become available for the same select()
1719 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
1720 if (wpa_s->drv_priv == NULL) {
1721 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
1724 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
1725 wpa_printf(MSG_ERROR, "Driver interface rejected "
1726 "driver_param '%s'", wpa_s->conf->driver_param);
1730 ifname = wpa_drv_get_ifname(wpa_s);
1731 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
1732 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
1733 "name with '%s'", ifname);
1734 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
1737 if (wpa_supplicant_init_wpa(wpa_s) < 0)
1740 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
1741 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
1743 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1745 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
1746 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
1747 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
1748 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1749 "dot11RSNAConfigPMKLifetime");
1753 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
1754 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
1755 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
1756 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1757 "dot11RSNAConfigPMKReauthThreshold");
1761 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
1762 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
1763 wpa_s->conf->dot11RSNAConfigSATimeout)) {
1764 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1765 "dot11RSNAConfigSATimeout");
1769 if (wpa_supplicant_driver_init(wpa_s) < 0)
1772 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
1774 if (wpa_supplicant_init_eapol(wpa_s) < 0)
1776 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
1778 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1779 if (wpa_s->ctrl_iface == NULL) {
1780 wpa_printf(MSG_ERROR,
1781 "Failed to initialize control interface '%s'.\n"
1782 "You may have another wpa_supplicant process "
1783 "already running or the file was\n"
1784 "left by an unclean termination of wpa_supplicant "
1785 "in which case you will need\n"
1786 "to manually remove this file before starting "
1787 "wpa_supplicant again.\n",
1788 wpa_s->conf->ctrl_interface);
1792 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
1793 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1794 wpa_s->use_client_mlme = 1;
1795 if (ieee80211_sta_init(wpa_s))
1798 if (capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)
1799 wpa_s->driver_4way_handshake = 1;
1806 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
1808 if (wpa_s->drv_priv) {
1809 wpa_supplicant_deauthenticate(wpa_s,
1810 WLAN_REASON_DEAUTH_LEAVING);
1812 /* Backwards compatibility call to set_wpa() handler. This is
1813 * called only just after init and just before deinit, so these
1814 * handler can be used to implement same functionality. */
1815 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
1816 wpa_printf(MSG_ERROR, "Failed to disable WPA in the "
1820 wpa_drv_set_drop_unencrypted(wpa_s, 0);
1821 wpa_drv_set_countermeasures(wpa_s, 0);
1822 wpa_clear_keys(wpa_s, NULL);
1825 wpas_dbus_unregister_iface(wpa_s);
1827 wpa_supplicant_cleanup(wpa_s);
1829 if (wpa_s->drv_priv)
1830 wpa_drv_deinit(wpa_s);
1835 * wpa_supplicant_add_iface - Add a new network interface
1836 * @global: Pointer to global data from wpa_supplicant_init()
1837 * @iface: Interface configuration options
1838 * Returns: Pointer to the created interface or %NULL on failure
1840 * This function is used to add new network interfaces for %wpa_supplicant.
1841 * This can be called before wpa_supplicant_run() to add interfaces before the
1842 * main event loop has been started. In addition, new interfaces can be added
1843 * dynamically while %wpa_supplicant is already running. This could happen,
1844 * e.g., when a hotplug network adapter is inserted.
1846 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1847 struct wpa_interface *iface)
1849 struct wpa_supplicant *wpa_s;
1851 if (global == NULL || iface == NULL)
1854 wpa_s = wpa_supplicant_alloc();
1858 if (wpa_supplicant_init_iface(wpa_s, iface) ||
1859 wpa_supplicant_init_iface2(wpa_s)) {
1860 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
1862 wpa_supplicant_deinit_iface(wpa_s);
1867 wpa_s->global = global;
1869 /* Register the interface with the dbus control interface */
1870 if (wpas_dbus_register_iface(wpa_s)) {
1871 wpa_supplicant_deinit_iface(wpa_s);
1876 wpa_s->next = global->ifaces;
1877 global->ifaces = wpa_s;
1879 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
1886 * wpa_supplicant_remove_iface - Remove a network interface
1887 * @global: Pointer to global data from wpa_supplicant_init()
1888 * @wpa_s: Pointer to the network interface to be removed
1889 * Returns: 0 if interface was removed, -1 if interface was not found
1891 * This function can be used to dynamically remove network interfaces from
1892 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
1893 * addition, this function is used to remove all remaining interfaces when
1894 * %wpa_supplicant is terminated.
1896 int wpa_supplicant_remove_iface(struct wpa_global *global,
1897 struct wpa_supplicant *wpa_s)
1899 struct wpa_supplicant *prev;
1901 /* Remove interface from the global list of interfaces */
1902 prev = global->ifaces;
1903 if (prev == wpa_s) {
1904 global->ifaces = wpa_s->next;
1906 while (prev && prev->next != wpa_s)
1910 prev->next = wpa_s->next;
1913 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
1915 wpa_supplicant_deinit_iface(wpa_s);
1923 * wpa_supplicant_get_iface - Get a new network interface
1924 * @global: Pointer to global data from wpa_supplicant_init()
1925 * @ifname: Interface name
1926 * Returns: Pointer to the interface or %NULL if not found
1928 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
1931 struct wpa_supplicant *wpa_s;
1933 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1934 if (os_strcmp(wpa_s->ifname, ifname) == 0)
1942 * wpa_supplicant_init - Initialize %wpa_supplicant
1943 * @params: Parameters for %wpa_supplicant
1944 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
1946 * This function is used to initialize %wpa_supplicant. After successful
1947 * initialization, the returned data pointer can be used to add and remove
1948 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
1950 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
1952 struct wpa_global *global;
1958 wpa_debug_open_file(params->wpa_debug_file_path);
1960 ret = eap_peer_register_methods();
1962 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
1964 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
1965 "the same EAP type.");
1969 global = os_zalloc(sizeof(*global));
1972 global->params.daemonize = params->daemonize;
1973 global->params.wait_for_monitor = params->wait_for_monitor;
1974 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
1975 if (params->pid_file)
1976 global->params.pid_file = os_strdup(params->pid_file);
1977 if (params->ctrl_interface)
1978 global->params.ctrl_interface =
1979 os_strdup(params->ctrl_interface);
1980 wpa_debug_level = global->params.wpa_debug_level =
1981 params->wpa_debug_level;
1982 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
1983 params->wpa_debug_show_keys;
1984 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
1985 params->wpa_debug_timestamp;
1987 if (eloop_init(global)) {
1988 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
1989 wpa_supplicant_deinit(global);
1993 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
1994 if (global->ctrl_iface == NULL) {
1995 wpa_supplicant_deinit(global);
1999 if (global->params.dbus_ctrl_interface) {
2000 global->dbus_ctrl_iface =
2001 wpa_supplicant_dbus_ctrl_iface_init(global);
2002 if (global->dbus_ctrl_iface == NULL) {
2003 wpa_supplicant_deinit(global);
2013 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2014 * @global: Pointer to global data from wpa_supplicant_init()
2015 * Returns: 0 after successful event loop run, -1 on failure
2017 * This function starts the main event loop and continues running as long as
2018 * there are any remaining events. In most cases, this function is running as
2019 * long as the %wpa_supplicant process in still in use.
2021 int wpa_supplicant_run(struct wpa_global *global)
2023 struct wpa_supplicant *wpa_s;
2025 if (global->params.daemonize &&
2026 wpa_supplicant_daemon(global->params.pid_file))
2029 if (global->params.wait_for_monitor) {
2030 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2031 if (wpa_s->ctrl_iface)
2032 wpa_supplicant_ctrl_iface_wait(
2036 eloop_register_signal_terminate(wpa_supplicant_terminate, NULL);
2037 eloop_register_signal_reconfig(wpa_supplicant_reconfig, NULL);
2046 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2047 * @global: Pointer to global data from wpa_supplicant_init()
2049 * This function is called to deinitialize %wpa_supplicant and to free all
2050 * allocated resources. Remaining network interfaces will also be removed.
2052 void wpa_supplicant_deinit(struct wpa_global *global)
2057 while (global->ifaces)
2058 wpa_supplicant_remove_iface(global, global->ifaces);
2060 if (global->ctrl_iface)
2061 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2062 if (global->dbus_ctrl_iface)
2063 wpa_supplicant_dbus_ctrl_iface_deinit(global->dbus_ctrl_iface);
2065 eap_peer_unregister_methods();
2069 if (global->params.pid_file) {
2070 os_daemonize_terminate(global->params.pid_file);
2071 os_free(global->params.pid_file);
2073 os_free(global->params.ctrl_interface);
2076 wpa_debug_close_file();