3 * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
36 #include "common/hw_features_common.h"
39 #include "blacklist.h"
40 #include "wpas_glue.h"
41 #include "wps_supplicant.h"
44 #include "gas_query.h"
46 #include "p2p_supplicant.h"
47 #include "wifi_display.h"
53 #include "offchannel.h"
54 #include "hs20_supplicant.h"
59 const char *const wpa_supplicant_version =
60 "wpa_supplicant v" VERSION_STR "\n"
61 "Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> and contributors";
63 const char *const wpa_supplicant_license =
64 "This software may be distributed under the terms of the BSD license.\n"
65 "See README for more details.\n"
66 #ifdef EAP_TLS_OPENSSL
67 "\nThis product includes software developed by the OpenSSL Project\n"
68 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
69 #endif /* EAP_TLS_OPENSSL */
72 #ifndef CONFIG_NO_STDOUT_DEBUG
73 /* Long text divided into parts in order to fit in C89 strings size limits. */
74 const char *const wpa_supplicant_full_license1 =
76 const char *const wpa_supplicant_full_license2 =
77 "This software may be distributed under the terms of the BSD license.\n"
79 "Redistribution and use in source and binary forms, with or without\n"
80 "modification, are permitted provided that the following conditions are\n"
83 const char *const wpa_supplicant_full_license3 =
84 "1. Redistributions of source code must retain the above copyright\n"
85 " notice, this list of conditions and the following disclaimer.\n"
87 "2. Redistributions in binary form must reproduce the above copyright\n"
88 " notice, this list of conditions and the following disclaimer in the\n"
89 " documentation and/or other materials provided with the distribution.\n"
91 const char *const wpa_supplicant_full_license4 =
92 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
93 " names of its contributors may be used to endorse or promote products\n"
94 " derived from this software without specific prior written permission.\n"
96 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
97 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
98 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
99 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
100 const char *const wpa_supplicant_full_license5 =
101 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
102 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
103 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
104 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
105 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
106 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
107 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
109 #endif /* CONFIG_NO_STDOUT_DEBUG */
111 /* Configure default/group WEP keys for static WEP */
112 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
116 for (i = 0; i < NUM_WEP_KEYS; i++) {
117 if (ssid->wep_key_len[i] == 0)
121 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
122 i, i == ssid->wep_tx_keyidx, NULL, 0,
123 ssid->wep_key[i], ssid->wep_key_len[i]);
130 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
131 struct wpa_ssid *ssid)
139 /* IBSS/WPA-None uses only one key (Group) for both receiving and
140 * sending unicast and multicast packets. */
142 if (ssid->mode != WPAS_MODE_IBSS) {
143 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
144 "IBSS/ad-hoc) for WPA-None", ssid->mode);
148 if (!ssid->psk_set) {
149 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
154 switch (wpa_s->group_cipher) {
155 case WPA_CIPHER_CCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_GCMP:
161 os_memcpy(key, ssid->psk, 16);
165 case WPA_CIPHER_TKIP:
166 /* WPA-None uses the same Michael MIC key for both TX and RX */
167 os_memcpy(key, ssid->psk, 16 + 8);
168 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
174 "WPA-None", wpa_s->group_cipher);
178 /* TODO: should actually remember the previously used seq#, both for TX
179 * and RX from each STA.. */
181 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
182 os_memset(key, 0, sizeof(key));
187 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
189 struct wpa_supplicant *wpa_s = eloop_ctx;
190 const u8 *bssid = wpa_s->bssid;
191 if (is_zero_ether_addr(bssid))
192 bssid = wpa_s->pending_bssid;
193 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
195 wpa_blacklist_add(wpa_s, bssid);
196 wpa_sm_notify_disassoc(wpa_s->wpa);
197 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
198 wpa_s->reassociate = 1;
201 * If we timed out, the AP or the local radio may be busy.
202 * So, wait a second until scanning again.
204 wpa_supplicant_req_scan(wpa_s, 1, 0);
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
214 * This function is used to schedule a timeout for the current authentication
217 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
220 if (wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
224 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
239 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
241 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
254 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
256 #ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
260 #ifdef CONFIG_IBSS_RSN
261 if (ssid->mode == WPAS_MODE_IBSS &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
273 #endif /* CONFIG_IBSS_RSN */
275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
296 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
297 eapol_conf.required_keys = 0;
299 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
300 eapol_conf.workaround = ssid->eap_workaround;
301 eapol_conf.eap_disabled =
302 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
305 eapol_conf.external_sim = wpa_s->conf->external_sim;
308 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
309 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
310 if (wpa_s->current_bss) {
312 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
317 EAPOL_PEER_IS_WPS20_AP;
322 #endif /* CONFIG_WPS */
324 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
326 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
327 #endif /* IEEE8021X_EAPOL */
332 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
333 * @wpa_s: Pointer to wpa_supplicant data
334 * @ssid: Configuration data for the network
336 * This function is used to configure WPA state machine and related parameters
337 * to a mode where WPA is not enabled. This is called as part of the
338 * authentication configuration when the selected network does not use WPA.
340 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
341 struct wpa_ssid *ssid)
345 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
346 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
347 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
348 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
350 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
351 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
352 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
353 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
354 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
355 wpa_s->group_cipher = WPA_CIPHER_NONE;
356 wpa_s->mgmt_group_cipher = 0;
358 for (i = 0; i < NUM_WEP_KEYS; i++) {
359 if (ssid->wep_key_len[i] > 5) {
360 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
361 wpa_s->group_cipher = WPA_CIPHER_WEP104;
363 } else if (ssid->wep_key_len[i] > 0) {
364 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
365 wpa_s->group_cipher = WPA_CIPHER_WEP40;
370 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
371 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
372 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
373 wpa_s->pairwise_cipher);
374 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
375 #ifdef CONFIG_IEEE80211W
376 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
377 wpa_s->mgmt_group_cipher);
378 #endif /* CONFIG_IEEE80211W */
380 pmksa_cache_clear_current(wpa_s->wpa);
384 void free_hw_features(struct wpa_supplicant *wpa_s)
387 if (wpa_s->hw.modes == NULL)
390 for (i = 0; i < wpa_s->hw.num_modes; i++) {
391 os_free(wpa_s->hw.modes[i].channels);
392 os_free(wpa_s->hw.modes[i].rates);
395 os_free(wpa_s->hw.modes);
396 wpa_s->hw.modes = NULL;
400 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
404 bgscan_deinit(wpa_s);
405 autoscan_deinit(wpa_s);
406 scard_deinit(wpa_s->scard);
408 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
409 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
410 l2_packet_deinit(wpa_s->l2);
413 l2_packet_deinit(wpa_s->l2_br);
416 #ifdef CONFIG_TESTING_OPTIONS
417 l2_packet_deinit(wpa_s->l2_test);
418 wpa_s->l2_test = NULL;
419 #endif /* CONFIG_TESTING_OPTIONS */
421 if (wpa_s->conf != NULL) {
422 struct wpa_ssid *ssid;
423 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
424 wpas_notify_network_removed(wpa_s, ssid);
427 os_free(wpa_s->confname);
428 wpa_s->confname = NULL;
430 os_free(wpa_s->confanother);
431 wpa_s->confanother = NULL;
433 wpa_sm_set_eapol(wpa_s->wpa, NULL);
434 eapol_sm_deinit(wpa_s->eapol);
437 rsn_preauth_deinit(wpa_s->wpa);
440 wpa_tdls_deinit(wpa_s->wpa);
441 #endif /* CONFIG_TDLS */
443 wmm_ac_clear_saved_tspecs(wpa_s);
444 pmksa_candidate_free(wpa_s->wpa);
445 wpa_sm_deinit(wpa_s->wpa);
447 wpa_blacklist_clear(wpa_s);
449 wpa_bss_deinit(wpa_s);
451 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
452 wpa_supplicant_cancel_scan(wpa_s);
453 wpa_supplicant_cancel_auth_timeout(wpa_s);
454 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
455 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
456 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
458 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
460 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
462 wpas_wps_deinit(wpa_s);
464 wpabuf_free(wpa_s->pending_eapol_rx);
465 wpa_s->pending_eapol_rx = NULL;
467 #ifdef CONFIG_IBSS_RSN
468 ibss_rsn_deinit(wpa_s->ibss_rsn);
469 wpa_s->ibss_rsn = NULL;
470 #endif /* CONFIG_IBSS_RSN */
475 wpa_supplicant_ap_deinit(wpa_s);
476 #endif /* CONFIG_AP */
478 wpas_p2p_deinit(wpa_s);
480 #ifdef CONFIG_OFFCHANNEL
481 offchannel_deinit(wpa_s);
482 #endif /* CONFIG_OFFCHANNEL */
484 wpa_supplicant_cancel_sched_scan(wpa_s);
486 os_free(wpa_s->next_scan_freqs);
487 wpa_s->next_scan_freqs = NULL;
489 os_free(wpa_s->manual_scan_freqs);
490 wpa_s->manual_scan_freqs = NULL;
492 os_free(wpa_s->manual_sched_scan_freqs);
493 wpa_s->manual_sched_scan_freqs = NULL;
495 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
498 * Need to remove any pending gas-query radio work before the
499 * gas_query_deinit() call because gas_query::work has not yet been set
500 * for works that have not been started. gas_query_free() will be unable
501 * to cancel such pending radio works and once the pending gas-query
502 * radio work eventually gets removed, the deinit notification call to
503 * gas_query_start_cb() would result in dereferencing freed memory.
506 radio_remove_works(wpa_s, "gas-query", 0);
507 gas_query_deinit(wpa_s->gas);
510 free_hw_features(wpa_s);
512 ieee802_1x_dealloc_kay_sm(wpa_s);
514 os_free(wpa_s->bssid_filter);
515 wpa_s->bssid_filter = NULL;
517 os_free(wpa_s->disallow_aps_bssid);
518 wpa_s->disallow_aps_bssid = NULL;
519 os_free(wpa_s->disallow_aps_ssid);
520 wpa_s->disallow_aps_ssid = NULL;
522 wnm_bss_keep_alive_deinit(wpa_s);
524 wnm_deallocate_memory(wpa_s);
525 #endif /* CONFIG_WNM */
527 ext_password_deinit(wpa_s->ext_pw);
528 wpa_s->ext_pw = NULL;
530 wpabuf_free(wpa_s->last_gas_resp);
531 wpa_s->last_gas_resp = NULL;
532 wpabuf_free(wpa_s->prev_gas_resp);
533 wpa_s->prev_gas_resp = NULL;
535 os_free(wpa_s->last_scan_res);
536 wpa_s->last_scan_res = NULL;
540 #endif /* CONFIG_HS20 */
542 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
543 wpabuf_free(wpa_s->vendor_elem[i]);
544 wpa_s->vendor_elem[i] = NULL;
547 wmm_ac_notify_disassoc(wpa_s);
552 * wpa_clear_keys - Clear keys configured for the driver
553 * @wpa_s: Pointer to wpa_supplicant data
554 * @addr: Previously used BSSID or %NULL if not available
556 * This function clears the encryption keys that has been previously configured
559 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
563 #ifdef CONFIG_IEEE80211W
565 #else /* CONFIG_IEEE80211W */
567 #endif /* CONFIG_IEEE80211W */
569 /* MLME-DELETEKEYS.request */
570 for (i = 0; i < max; i++) {
571 if (wpa_s->keys_cleared & BIT(i))
573 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
576 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
577 !is_zero_ether_addr(addr)) {
578 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
580 /* MLME-SETPROTECTION.request(None) */
581 wpa_drv_mlme_setprotection(
583 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
584 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
586 wpa_s->keys_cleared = (u32) -1;
591 * wpa_supplicant_state_txt - Get the connection state name as a text string
592 * @state: State (wpa_state; WPA_*)
593 * Returns: The state name as a printable text string
595 const char * wpa_supplicant_state_txt(enum wpa_states state)
598 case WPA_DISCONNECTED:
599 return "DISCONNECTED";
602 case WPA_INTERFACE_DISABLED:
603 return "INTERFACE_DISABLED";
606 case WPA_AUTHENTICATING:
607 return "AUTHENTICATING";
608 case WPA_ASSOCIATING:
609 return "ASSOCIATING";
612 case WPA_4WAY_HANDSHAKE:
613 return "4WAY_HANDSHAKE";
614 case WPA_GROUP_HANDSHAKE:
615 return "GROUP_HANDSHAKE";
626 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
630 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
631 name = wpa_s->current_ssid->bgscan;
633 name = wpa_s->conf->bgscan;
634 if (name == NULL || name[0] == '\0')
636 if (wpas_driver_bss_selection(wpa_s))
638 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
641 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
643 #endif /* CONFIG_P2P */
645 bgscan_deinit(wpa_s);
646 if (wpa_s->current_ssid) {
647 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
648 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
651 * Live without bgscan; it is only used as a roaming
652 * optimization, so the initial connection is not
656 struct wpa_scan_results *scan_res;
657 wpa_s->bgscan_ssid = wpa_s->current_ssid;
658 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
661 bgscan_notify_scan(wpa_s, scan_res);
662 wpa_scan_results_free(scan_res);
666 wpa_s->bgscan_ssid = NULL;
670 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
672 if (wpa_s->bgscan_ssid != NULL) {
673 bgscan_deinit(wpa_s);
674 wpa_s->bgscan_ssid = NULL;
678 #endif /* CONFIG_BGSCAN */
681 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
683 if (autoscan_init(wpa_s, 0))
684 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
688 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
690 autoscan_deinit(wpa_s);
694 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
696 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
697 wpa_s->wpa_state == WPA_SCANNING) {
698 autoscan_deinit(wpa_s);
699 wpa_supplicant_start_autoscan(wpa_s);
705 * wpa_supplicant_set_state - Set current connection state
706 * @wpa_s: Pointer to wpa_supplicant data
707 * @state: The new connection state
709 * This function is called whenever the connection state changes, e.g.,
710 * association is completed for WPA/WPA2 4-Way Handshake is started.
712 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
713 enum wpa_states state)
715 enum wpa_states old_state = wpa_s->wpa_state;
717 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
718 wpa_supplicant_state_txt(wpa_s->wpa_state),
719 wpa_supplicant_state_txt(state));
721 if (state == WPA_INTERFACE_DISABLED) {
722 /* Assure normal scan when interface is restored */
723 wpa_s->normal_scans = 0;
726 if (state == WPA_COMPLETED) {
727 wpas_connect_work_done(wpa_s);
728 /* Reinitialize normal_scan counter */
729 wpa_s->normal_scans = 0;
734 * P2PS client has to reply to Probe Request frames received on the
735 * group operating channel. Enable Probe Request frame reporting for
736 * P2P connected client in case p2p_cli_probe configuration property is
739 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
740 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
741 wpa_s->current_ssid->p2p_group) {
742 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
743 wpa_dbg(wpa_s, MSG_DEBUG,
744 "P2P: Enable CLI Probe Request RX reporting");
745 wpa_s->p2p_cli_probe =
746 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
747 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
748 wpa_dbg(wpa_s, MSG_DEBUG,
749 "P2P: Disable CLI Probe Request RX reporting");
750 wpa_s->p2p_cli_probe = 0;
751 wpa_drv_probe_req_report(wpa_s, 0);
754 #endif /* CONFIG_P2P */
756 if (state != WPA_SCANNING)
757 wpa_supplicant_notify_scanning(wpa_s, 0);
759 if (state == WPA_COMPLETED && wpa_s->new_connection) {
760 struct wpa_ssid *ssid = wpa_s->current_ssid;
761 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
762 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
763 MACSTR " completed [id=%d id_str=%s]",
764 MAC2STR(wpa_s->bssid),
765 ssid ? ssid->id : -1,
766 ssid && ssid->id_str ? ssid->id_str : "");
767 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
768 wpas_clear_temp_disabled(wpa_s, ssid, 1);
769 wpa_blacklist_clear(wpa_s);
770 wpa_s->extra_blacklist_count = 0;
771 wpa_s->new_connection = 0;
772 wpa_drv_set_operstate(wpa_s, 1);
773 #ifndef IEEE8021X_EAPOL
774 wpa_drv_set_supp_port(wpa_s, 1);
775 #endif /* IEEE8021X_EAPOL */
776 wpa_s->after_wps = 0;
777 wpa_s->known_wps_freq = 0;
778 wpas_p2p_completed(wpa_s);
780 sme_sched_obss_scan(wpa_s, 1);
781 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
782 state == WPA_ASSOCIATED) {
783 wpa_s->new_connection = 1;
784 wpa_drv_set_operstate(wpa_s, 0);
785 #ifndef IEEE8021X_EAPOL
786 wpa_drv_set_supp_port(wpa_s, 0);
787 #endif /* IEEE8021X_EAPOL */
788 sme_sched_obss_scan(wpa_s, 0);
790 wpa_s->wpa_state = state;
793 if (state == WPA_COMPLETED)
794 wpa_supplicant_start_bgscan(wpa_s);
795 else if (state < WPA_ASSOCIATED)
796 wpa_supplicant_stop_bgscan(wpa_s);
797 #endif /* CONFIG_BGSCAN */
799 if (state == WPA_AUTHENTICATING)
800 wpa_supplicant_stop_autoscan(wpa_s);
802 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
803 wpa_supplicant_start_autoscan(wpa_s);
805 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
806 wmm_ac_notify_disassoc(wpa_s);
808 if (wpa_s->wpa_state != old_state) {
809 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
812 * Notify the P2P Device interface about a state change in one
815 wpas_p2p_indicate_state_change(wpa_s);
817 if (wpa_s->wpa_state == WPA_COMPLETED ||
818 old_state == WPA_COMPLETED)
819 wpas_notify_auth_changed(wpa_s);
824 void wpa_supplicant_terminate_proc(struct wpa_global *global)
828 struct wpa_supplicant *wpa_s = global->ifaces;
830 struct wpa_supplicant *next = wpa_s->next;
831 if (wpas_wps_terminate_pending(wpa_s) == 1)
834 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
835 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
836 wpas_p2p_disconnect(wpa_s);
837 #endif /* CONFIG_P2P */
840 #endif /* CONFIG_WPS */
847 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
849 struct wpa_global *global = signal_ctx;
850 wpa_supplicant_terminate_proc(global);
854 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
856 enum wpa_states old_state = wpa_s->wpa_state;
858 wpa_s->pairwise_cipher = 0;
859 wpa_s->group_cipher = 0;
860 wpa_s->mgmt_group_cipher = 0;
862 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
863 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
865 if (wpa_s->wpa_state != old_state)
866 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
871 * wpa_supplicant_reload_configuration - Reload configuration data
872 * @wpa_s: Pointer to wpa_supplicant data
873 * Returns: 0 on success or -1 if configuration parsing failed
875 * This function can be used to request that the configuration data is reloaded
876 * (e.g., after configuration file change). This function is reloading
877 * configuration only for one interface, so this may need to be called multiple
878 * times if %wpa_supplicant is controlling multiple interfaces and all
879 * interfaces need reconfiguration.
881 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
883 struct wpa_config *conf;
887 if (wpa_s->confname == NULL)
889 conf = wpa_config_read(wpa_s->confname, NULL);
891 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
892 "file '%s' - exiting", wpa_s->confname);
895 wpa_config_read(wpa_s->confanother, conf);
897 conf->changed_parameters = (unsigned int) -1;
899 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
900 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
901 os_strcmp(conf->ctrl_interface,
902 wpa_s->conf->ctrl_interface) != 0);
904 if (reconf_ctrl && wpa_s->ctrl_iface) {
905 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
906 wpa_s->ctrl_iface = NULL;
909 eapol_sm_invalidate_cached_session(wpa_s->eapol);
910 if (wpa_s->current_ssid) {
911 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
912 wpa_s->own_disconnect_req = 1;
913 wpa_supplicant_deauthenticate(wpa_s,
914 WLAN_REASON_DEAUTH_LEAVING);
918 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
919 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
921 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
923 * Clear forced success to clear EAP state for next
926 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
928 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
929 wpa_sm_set_config(wpa_s->wpa, NULL);
930 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
931 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
932 rsn_preauth_deinit(wpa_s->wpa);
934 old_ap_scan = wpa_s->conf->ap_scan;
935 wpa_config_free(wpa_s->conf);
937 if (old_ap_scan != wpa_s->conf->ap_scan)
938 wpas_notify_ap_scan_changed(wpa_s);
941 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
943 wpa_supplicant_update_config(wpa_s);
945 wpa_supplicant_clear_status(wpa_s);
946 if (wpa_supplicant_enabled_networks(wpa_s)) {
947 wpa_s->reassociate = 1;
948 wpa_supplicant_req_scan(wpa_s, 0, 0);
950 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
955 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
957 struct wpa_global *global = signal_ctx;
958 struct wpa_supplicant *wpa_s;
959 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
960 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
962 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
963 wpa_supplicant_terminate_proc(global);
969 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
970 struct wpa_ssid *ssid,
971 struct wpa_ie_data *ie)
973 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
976 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
977 "from association info");
982 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
984 if (!(ie->group_cipher & ssid->group_cipher)) {
985 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
986 "cipher 0x%x (mask 0x%x) - reject",
987 ie->group_cipher, ssid->group_cipher);
990 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
991 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
992 "cipher 0x%x (mask 0x%x) - reject",
993 ie->pairwise_cipher, ssid->pairwise_cipher);
996 if (!(ie->key_mgmt & ssid->key_mgmt)) {
997 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
998 "management 0x%x (mask 0x%x) - reject",
999 ie->key_mgmt, ssid->key_mgmt);
1003 #ifdef CONFIG_IEEE80211W
1004 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1005 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1006 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1007 "that does not support management frame protection - "
1011 #endif /* CONFIG_IEEE80211W */
1018 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1019 * @wpa_s: Pointer to wpa_supplicant data
1020 * @bss: Scan results for the selected BSS, or %NULL if not available
1021 * @ssid: Configuration data for the selected network
1022 * @wpa_ie: Buffer for the WPA/RSN IE
1023 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1024 * used buffer length in case the functions returns success.
1025 * Returns: 0 on success or -1 on failure
1027 * This function is used to configure authentication and encryption parameters
1028 * based on the network configuration and scan result for the selected BSS (if
1031 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1032 struct wpa_bss *bss, struct wpa_ssid *ssid,
1033 u8 *wpa_ie, size_t *wpa_ie_len)
1035 struct wpa_ie_data ie;
1037 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1040 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1041 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1042 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1044 bss_wpa = bss_rsn = bss_osen = NULL;
1046 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1047 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1048 (ie.group_cipher & ssid->group_cipher) &&
1049 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1050 (ie.key_mgmt & ssid->key_mgmt)) {
1051 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1052 proto = WPA_PROTO_RSN;
1053 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1054 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1055 (ie.group_cipher & ssid->group_cipher) &&
1056 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1057 (ie.key_mgmt & ssid->key_mgmt)) {
1058 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1059 proto = WPA_PROTO_WPA;
1061 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1062 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1063 /* TODO: parse OSEN element */
1064 os_memset(&ie, 0, sizeof(ie));
1065 ie.group_cipher = WPA_CIPHER_CCMP;
1066 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1067 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1068 proto = WPA_PROTO_OSEN;
1069 #endif /* CONFIG_HS20 */
1071 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1072 wpa_dbg(wpa_s, MSG_DEBUG,
1073 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1074 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1076 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1077 MAC2STR(bss->bssid),
1078 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1079 bss_wpa ? " WPA" : "",
1080 bss_rsn ? " RSN" : "",
1081 bss_osen ? " OSEN" : "");
1083 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1084 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1085 wpa_dbg(wpa_s, MSG_DEBUG,
1086 "Could not parse RSN element");
1088 wpa_dbg(wpa_s, MSG_DEBUG,
1089 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1090 ie.pairwise_cipher, ie.group_cipher,
1095 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1096 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1097 wpa_dbg(wpa_s, MSG_DEBUG,
1098 "Could not parse WPA element");
1100 wpa_dbg(wpa_s, MSG_DEBUG,
1101 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1102 ie.pairwise_cipher, ie.group_cipher,
1108 if (ssid->proto & WPA_PROTO_OSEN)
1109 proto = WPA_PROTO_OSEN;
1110 else if (ssid->proto & WPA_PROTO_RSN)
1111 proto = WPA_PROTO_RSN;
1113 proto = WPA_PROTO_WPA;
1114 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1115 os_memset(&ie, 0, sizeof(ie));
1116 ie.group_cipher = ssid->group_cipher;
1117 ie.pairwise_cipher = ssid->pairwise_cipher;
1118 ie.key_mgmt = ssid->key_mgmt;
1119 #ifdef CONFIG_IEEE80211W
1120 ie.mgmt_group_cipher =
1121 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1122 WPA_CIPHER_AES_128_CMAC : 0;
1123 #endif /* CONFIG_IEEE80211W */
1124 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1125 "based on configuration");
1130 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1131 "pairwise %d key_mgmt %d proto %d",
1132 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1133 #ifdef CONFIG_IEEE80211W
1134 if (ssid->ieee80211w) {
1135 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1136 ie.mgmt_group_cipher);
1138 #endif /* CONFIG_IEEE80211W */
1140 wpa_s->wpa_proto = proto;
1141 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1142 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1143 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1145 if (bss || !wpa_s->ap_ies_from_associnfo) {
1146 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1147 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1148 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1149 bss_rsn ? 2 + bss_rsn[1] : 0))
1153 sel = ie.group_cipher & ssid->group_cipher;
1154 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1155 if (wpa_s->group_cipher < 0) {
1156 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1160 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1161 wpa_cipher_txt(wpa_s->group_cipher));
1163 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1164 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1165 if (wpa_s->pairwise_cipher < 0) {
1166 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1170 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1171 wpa_cipher_txt(wpa_s->pairwise_cipher));
1173 sel = ie.key_mgmt & ssid->key_mgmt;
1175 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1176 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1177 #endif /* CONFIG_SAE */
1179 #ifdef CONFIG_SUITEB192
1180 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1181 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1182 wpa_dbg(wpa_s, MSG_DEBUG,
1183 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1184 #endif /* CONFIG_SUITEB192 */
1185 #ifdef CONFIG_SUITEB
1186 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1187 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1188 wpa_dbg(wpa_s, MSG_DEBUG,
1189 "WPA: using KEY_MGMT 802.1X with Suite B");
1190 #endif /* CONFIG_SUITEB */
1191 #ifdef CONFIG_IEEE80211R
1192 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1193 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1194 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1195 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1196 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1197 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1198 #endif /* CONFIG_IEEE80211R */
1200 } else if (sel & WPA_KEY_MGMT_SAE) {
1201 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1202 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1203 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1204 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1205 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1206 #endif /* CONFIG_SAE */
1207 #ifdef CONFIG_IEEE80211W
1208 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1209 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1210 wpa_dbg(wpa_s, MSG_DEBUG,
1211 "WPA: using KEY_MGMT 802.1X with SHA256");
1212 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1213 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1214 wpa_dbg(wpa_s, MSG_DEBUG,
1215 "WPA: using KEY_MGMT PSK with SHA256");
1216 #endif /* CONFIG_IEEE80211W */
1217 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1218 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1219 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1220 } else if (sel & WPA_KEY_MGMT_PSK) {
1221 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1222 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1223 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1224 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1225 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1227 } else if (sel & WPA_KEY_MGMT_OSEN) {
1228 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1229 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1230 #endif /* CONFIG_HS20 */
1232 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1233 "authenticated key management type");
1237 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1238 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1239 wpa_s->pairwise_cipher);
1240 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1242 #ifdef CONFIG_IEEE80211W
1243 sel = ie.mgmt_group_cipher;
1244 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1245 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1247 if (sel & WPA_CIPHER_AES_128_CMAC) {
1248 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1249 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1251 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1252 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1253 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1255 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1256 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1257 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1259 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1260 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1261 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1264 wpa_s->mgmt_group_cipher = 0;
1265 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1267 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1268 wpa_s->mgmt_group_cipher);
1269 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1270 wpas_get_ssid_pmf(wpa_s, ssid));
1271 #endif /* CONFIG_IEEE80211W */
1273 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1274 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1278 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1281 if (ssid->psk_set) {
1282 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL);
1285 #ifndef CONFIG_NO_PBKDF2
1286 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1289 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1290 4096, psk, PMK_LEN);
1291 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1293 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1295 os_memset(psk, 0, sizeof(psk));
1297 #endif /* CONFIG_NO_PBKDF2 */
1298 #ifdef CONFIG_EXT_PASSWORD
1299 if (ssid->ext_psk) {
1300 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1302 char pw_str[64 + 1];
1306 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1307 "found from external storage");
1311 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1312 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1313 "PSK length %d in external storage",
1314 (int) wpabuf_len(pw));
1315 ext_password_free(pw);
1319 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1320 pw_str[wpabuf_len(pw)] = '\0';
1322 #ifndef CONFIG_NO_PBKDF2
1323 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1325 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1326 4096, psk, PMK_LEN);
1327 os_memset(pw_str, 0, sizeof(pw_str));
1328 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1329 "external passphrase)",
1331 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1333 os_memset(psk, 0, sizeof(psk));
1335 #endif /* CONFIG_NO_PBKDF2 */
1336 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1337 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1338 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1339 "Invalid PSK hex string");
1340 os_memset(pw_str, 0, sizeof(pw_str));
1341 ext_password_free(pw);
1344 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1346 os_memset(psk, 0, sizeof(psk));
1348 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1350 os_memset(pw_str, 0, sizeof(pw_str));
1351 ext_password_free(pw);
1355 os_memset(pw_str, 0, sizeof(pw_str));
1356 ext_password_free(pw);
1358 #endif /* CONFIG_EXT_PASSWORD */
1361 wpa_msg(wpa_s, MSG_INFO,
1362 "No PSK available for association");
1366 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1372 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1377 case 0: /* Bits 0-7 */
1379 case 1: /* Bits 8-15 */
1381 case 2: /* Bits 16-23 */
1383 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1384 *pos |= 0x08; /* Bit 19 - BSS Transition */
1385 #endif /* CONFIG_WNM */
1387 case 3: /* Bits 24-31 */
1389 *pos |= 0x02; /* Bit 25 - SSID List */
1390 #endif /* CONFIG_WNM */
1391 #ifdef CONFIG_INTERWORKING
1392 if (wpa_s->conf->interworking)
1393 *pos |= 0x80; /* Bit 31 - Interworking */
1394 #endif /* CONFIG_INTERWORKING */
1396 case 4: /* Bits 32-39 */
1397 #ifdef CONFIG_INTERWORKING
1398 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1399 *pos |= 0x01; /* Bit 32 - QoS Map */
1400 #endif /* CONFIG_INTERWORKING */
1402 case 5: /* Bits 40-47 */
1404 if (wpa_s->conf->hs20)
1405 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1406 #endif /* CONFIG_HS20 */
1408 case 6: /* Bits 48-55 */
1414 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1419 if (len < wpa_s->extended_capa_len)
1420 len = wpa_s->extended_capa_len;
1421 if (buflen < (size_t) len + 2) {
1422 wpa_printf(MSG_INFO,
1423 "Not enough room for building extended capabilities element");
1427 *pos++ = WLAN_EID_EXT_CAPAB;
1429 for (i = 0; i < len; i++, pos++) {
1430 wpas_ext_capab_byte(wpa_s, pos, i);
1432 if (i < wpa_s->extended_capa_len) {
1433 *pos &= ~wpa_s->extended_capa_mask[i];
1434 *pos |= wpa_s->extended_capa[i];
1438 while (len > 0 && buf[1 + len] == 0) {
1449 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1450 struct wpa_bss *test_bss)
1452 struct wpa_bss *bss;
1454 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1455 if (bss == test_bss)
1463 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1464 struct wpa_ssid *test_ssid)
1466 struct wpa_ssid *ssid;
1468 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1469 if (ssid == test_ssid)
1477 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1478 struct wpa_ssid *test_ssid)
1480 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1483 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1487 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1495 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1497 struct wpa_connect_work *cwork;
1498 struct wpa_radio_work *work = wpa_s->connect_work;
1503 wpa_s->connect_work = NULL;
1506 wpas_connect_work_free(cwork);
1507 radio_work_done(work);
1511 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1513 struct os_reltime now;
1516 os_get_reltime(&now);
1517 if (wpa_s->last_mac_addr_style == style &&
1518 wpa_s->last_mac_addr_change.sec != 0 &&
1519 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1520 wpa_s->conf->rand_addr_lifetime)) {
1521 wpa_msg(wpa_s, MSG_DEBUG,
1522 "Previously selected random MAC address has not yet expired");
1528 if (random_mac_addr(addr) < 0)
1532 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1533 if (random_mac_addr_keep_oui(addr) < 0)
1540 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1541 wpa_msg(wpa_s, MSG_INFO,
1542 "Failed to set random MAC address");
1546 os_get_reltime(&wpa_s->last_mac_addr_change);
1547 wpa_s->mac_addr_changed = 1;
1548 wpa_s->last_mac_addr_style = style;
1550 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1551 wpa_msg(wpa_s, MSG_INFO,
1552 "Could not update MAC address information");
1556 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1563 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1565 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1566 !wpa_s->conf->preassoc_mac_addr)
1569 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1573 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1576 * wpa_supplicant_associate - Request association
1577 * @wpa_s: Pointer to wpa_supplicant data
1578 * @bss: Scan results for the selected BSS, or %NULL if not available
1579 * @ssid: Configuration data for the selected network
1581 * This function is used to request %wpa_supplicant to associate with a BSS.
1583 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1584 struct wpa_bss *bss, struct wpa_ssid *ssid)
1586 struct wpa_connect_work *cwork;
1589 if (ssid->mac_addr == -1)
1590 rand_style = wpa_s->conf->mac_addr;
1592 rand_style = ssid->mac_addr;
1594 wmm_ac_clear_saved_tspecs(wpa_s);
1595 wpa_s->reassoc_same_bss = 0;
1597 if (wpa_s->last_ssid == ssid) {
1598 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1599 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1600 wmm_ac_save_tspecs(wpa_s);
1601 wpa_s->reassoc_same_bss = 1;
1603 } else if (rand_style > 0) {
1604 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1606 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1607 } else if (wpa_s->mac_addr_changed) {
1608 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1609 wpa_msg(wpa_s, MSG_INFO,
1610 "Could not restore permanent MAC address");
1613 wpa_s->mac_addr_changed = 0;
1614 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1615 wpa_msg(wpa_s, MSG_INFO,
1616 "Could not update MAC address information");
1619 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1621 wpa_s->last_ssid = ssid;
1623 #ifdef CONFIG_IBSS_RSN
1624 ibss_rsn_deinit(wpa_s->ibss_rsn);
1625 wpa_s->ibss_rsn = NULL;
1626 #endif /* CONFIG_IBSS_RSN */
1628 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1629 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1631 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1632 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1636 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1637 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1638 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1639 wpas_p2p_ap_setup_failed(wpa_s);
1642 wpa_s->current_bss = bss;
1643 #else /* CONFIG_AP */
1644 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1646 #endif /* CONFIG_AP */
1650 if (ssid->mode == WPAS_MODE_MESH) {
1652 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1653 wpa_msg(wpa_s, MSG_INFO,
1654 "Driver does not support mesh mode");
1658 ssid->frequency = bss->freq;
1659 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1660 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1663 wpa_s->current_bss = bss;
1664 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_STARTED
1665 "ssid=\"%s\" id=%d",
1666 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1668 #else /* CONFIG_MESH */
1669 wpa_msg(wpa_s, MSG_ERROR,
1670 "mesh mode support not included in the build");
1671 #endif /* CONFIG_MESH */
1677 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1679 #endif /* CONFIG_TDLS */
1681 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1682 ssid->mode == IEEE80211_MODE_INFRA) {
1683 sme_authenticate(wpa_s, bss, ssid);
1687 if (wpa_s->connect_work) {
1688 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1692 if (radio_work_pending(wpa_s, "connect")) {
1693 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1697 cwork = os_zalloc(sizeof(*cwork));
1704 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1705 wpas_start_assoc_cb, cwork) < 0) {
1711 static int bss_is_ibss(struct wpa_bss *bss)
1713 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1718 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1719 const struct wpa_ssid *ssid,
1720 struct hostapd_freq_params *freq)
1722 enum hostapd_hw_mode hw_mode;
1723 struct hostapd_hw_modes *mode = NULL;
1724 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1726 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1727 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1729 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1731 struct hostapd_freq_params vht_freq;
1733 freq->freq = ssid->frequency;
1735 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1736 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1738 if (ssid->mode != WPAS_MODE_IBSS)
1741 /* Don't adjust control freq in case of fixed_freq */
1742 if (ssid->fixed_freq)
1745 if (!bss_is_ibss(bss))
1748 if (ssid->ssid_len == bss->ssid_len &&
1749 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1750 wpa_printf(MSG_DEBUG,
1751 "IBSS already found in scan results, adjust control freq: %d",
1753 freq->freq = bss->freq;
1759 /* For IBSS check HT_IBSS flag */
1760 if (ssid->mode == WPAS_MODE_IBSS &&
1761 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1764 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1765 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1766 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1767 wpa_printf(MSG_DEBUG,
1768 "IBSS: WEP/TKIP detected, do not try to enable HT");
1772 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1773 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1774 if (wpa_s->hw.modes[i].mode == hw_mode) {
1775 mode = &wpa_s->hw.modes[i];
1783 freq->ht_enabled = ht_supported(mode);
1784 if (!freq->ht_enabled)
1787 /* Setup higher BW only for 5 GHz */
1788 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1791 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1792 pri_chan = &mode->channels[chan_idx];
1793 if (pri_chan->chan == channel)
1800 /* Check primary channel flags */
1801 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1804 /* Check/setup HT40+/HT40- */
1805 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1806 if (ht40plus[j] == channel) {
1812 /* Find secondary channel */
1813 for (i = 0; i < mode->num_channels; i++) {
1814 sec_chan = &mode->channels[i];
1815 if (sec_chan->chan == channel + ht40 * 4)
1822 /* Check secondary channel flags */
1823 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1826 freq->channel = pri_chan->chan;
1830 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
1832 freq->sec_channel_offset = -1;
1835 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
1837 freq->sec_channel_offset = 1;
1843 if (freq->sec_channel_offset && obss_scan) {
1844 struct wpa_scan_results *scan_res;
1846 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
1847 if (scan_res == NULL) {
1849 freq->sec_channel_offset = 0;
1853 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
1858 freq->sec_channel_offset = 0;
1861 /* Configuration allowed */
1864 /* Switch pri/sec channels */
1865 freq->freq = hw_get_freq(mode, sec_chan->chan);
1866 freq->sec_channel_offset = -freq->sec_channel_offset;
1867 freq->channel = sec_chan->chan;
1870 freq->sec_channel_offset = 0;
1874 wpa_scan_results_free(scan_res);
1877 wpa_printf(MSG_DEBUG,
1878 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
1879 freq->channel, freq->sec_channel_offset);
1881 /* Not sure if mesh is ready for VHT */
1882 if (ssid->mode != WPAS_MODE_IBSS)
1885 /* For IBSS check VHT_IBSS flag */
1886 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
1891 vht_freq.vht_enabled = vht_supported(mode);
1892 if (!vht_freq.vht_enabled)
1895 /* setup center_freq1, bandwidth */
1896 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
1897 if (freq->channel >= vht80[j] &&
1898 freq->channel < vht80[j] + 16)
1902 if (j == ARRAY_SIZE(vht80))
1905 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
1906 struct hostapd_channel_data *chan;
1908 chan = hw_get_channel_chan(mode, i, NULL);
1912 /* Back to HT configuration if channel not usable */
1913 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1917 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
1918 freq->channel, freq->ht_enabled,
1919 vht_freq.vht_enabled,
1920 freq->sec_channel_offset,
1921 VHT_CHANWIDTH_80MHZ,
1922 vht80[j] + 6, 0, 0) != 0)
1927 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
1928 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1932 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1934 struct wpa_connect_work *cwork = work->ctx;
1935 struct wpa_bss *bss = cwork->bss;
1936 struct wpa_ssid *ssid = cwork->ssid;
1937 struct wpa_supplicant *wpa_s = work->wpa_s;
1940 int use_crypt, ret, i, bssid_changed;
1941 int algs = WPA_AUTH_ALG_OPEN;
1942 unsigned int cipher_pairwise, cipher_group;
1943 struct wpa_driver_associate_params params;
1944 int wep_keys_set = 0;
1945 int assoc_failed = 0;
1946 struct wpa_ssid *old_ssid;
1947 #ifdef CONFIG_HT_OVERRIDES
1948 struct ieee80211_ht_capabilities htcaps;
1949 struct ieee80211_ht_capabilities htcaps_mask;
1950 #endif /* CONFIG_HT_OVERRIDES */
1951 #ifdef CONFIG_VHT_OVERRIDES
1952 struct ieee80211_vht_capabilities vhtcaps;
1953 struct ieee80211_vht_capabilities vhtcaps_mask;
1954 #endif /* CONFIG_VHT_OVERRIDES */
1957 if (work->started) {
1958 wpa_s->connect_work = NULL;
1960 /* cancel possible auth. timeout */
1961 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1964 wpas_connect_work_free(cwork);
1968 wpa_s->connect_work = work;
1970 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
1971 wpas_network_disabled(wpa_s, ssid)) {
1972 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1973 wpas_connect_work_done(wpa_s);
1977 os_memset(¶ms, 0, sizeof(params));
1978 wpa_s->reassociate = 0;
1979 wpa_s->eap_expected_failure = 0;
1981 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
1982 #ifdef CONFIG_IEEE80211R
1983 const u8 *ie, *md = NULL;
1984 #endif /* CONFIG_IEEE80211R */
1985 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1986 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1987 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1988 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1989 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1990 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1992 wpas_notify_bssid_changed(wpa_s);
1993 #ifdef CONFIG_IEEE80211R
1994 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1995 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1997 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1999 /* Prepare for the next transition */
2000 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2002 #endif /* CONFIG_IEEE80211R */
2004 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2005 wpa_s->conf->ap_scan == 2 &&
2006 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2007 /* Use ap_scan==1 style network selection to find the network
2009 wpas_connect_work_done(wpa_s);
2010 wpa_s->scan_req = MANUAL_SCAN_REQ;
2011 wpa_s->reassociate = 1;
2012 wpa_supplicant_req_scan(wpa_s, 0, 0);
2014 #endif /* CONFIG_WPS */
2016 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2017 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2018 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2021 wpa_supplicant_cancel_sched_scan(wpa_s);
2023 wpa_supplicant_cancel_scan(wpa_s);
2025 /* Starting new association, so clear the possibly used WPA IE from the
2026 * previous association. */
2027 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2029 #ifdef IEEE8021X_EAPOL
2030 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2032 if (ssid->non_leap == 0)
2033 algs = WPA_AUTH_ALG_LEAP;
2035 algs |= WPA_AUTH_ALG_LEAP;
2038 #endif /* IEEE8021X_EAPOL */
2039 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2040 if (ssid->auth_alg) {
2041 algs = ssid->auth_alg;
2042 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2046 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2047 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2048 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2049 int try_opportunistic;
2050 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2052 ssid->proactive_key_caching) &&
2053 (ssid->proto & WPA_PROTO_RSN);
2054 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2055 ssid, try_opportunistic) == 0)
2056 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2057 wpa_ie_len = sizeof(wpa_ie);
2058 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2059 wpa_ie, &wpa_ie_len)) {
2060 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2061 "key management and encryption suites");
2062 wpas_connect_work_done(wpa_s);
2065 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2066 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2068 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2069 * use non-WPA since the scan results did not indicate that the
2070 * AP is using WPA or WPA2.
2072 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2074 wpa_s->wpa_proto = 0;
2075 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2076 wpa_ie_len = sizeof(wpa_ie);
2077 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2078 wpa_ie, &wpa_ie_len)) {
2079 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2080 "key management and encryption suites (no "
2082 wpas_connect_work_done(wpa_s);
2086 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2087 struct wpabuf *wps_ie;
2088 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2089 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2090 wpa_ie_len = wpabuf_len(wps_ie);
2091 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2094 wpabuf_free(wps_ie);
2095 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2096 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2097 params.wps = WPS_MODE_PRIVACY;
2099 params.wps = WPS_MODE_OPEN;
2100 wpa_s->wpa_proto = 0;
2101 #endif /* CONFIG_WPS */
2103 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2105 wpa_s->wpa_proto = 0;
2109 if (wpa_s->global->p2p) {
2113 pos = wpa_ie + wpa_ie_len;
2114 len = sizeof(wpa_ie) - wpa_ie_len;
2115 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2121 wpa_s->cross_connect_disallowed = 0;
2124 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2126 wpa_s->cross_connect_disallowed =
2127 p2p_get_cross_connect_disallowed(p2p);
2129 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2131 wpa_s->cross_connect_disallowed ?
2132 "disallows" : "allows");
2136 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2137 #endif /* CONFIG_P2P */
2140 if (is_hs20_network(wpa_s, ssid, bss)) {
2141 struct wpabuf *hs20;
2142 hs20 = wpabuf_alloc(20);
2144 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2147 wpas_hs20_add_indication(hs20, pps_mo_id);
2148 len = sizeof(wpa_ie) - wpa_ie_len;
2149 if (wpabuf_len(hs20) <= len) {
2150 os_memcpy(wpa_ie + wpa_ie_len,
2151 wpabuf_head(hs20), wpabuf_len(hs20));
2152 wpa_ie_len += wpabuf_len(hs20);
2157 #endif /* CONFIG_HS20 */
2160 * Workaround: Add Extended Capabilities element only if the AP
2161 * included this element in Beacon/Probe Response frames. Some older
2162 * APs seem to have interoperability issues if this element is
2163 * included, so while the standard may require us to include the
2164 * element in all cases, it is justifiable to skip it to avoid
2165 * interoperability issues.
2167 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2170 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2172 if (ext_capab_len > 0) {
2174 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2176 os_memmove(pos + ext_capab_len, pos,
2177 wpa_ie_len - (pos - wpa_ie));
2178 wpa_ie_len += ext_capab_len;
2179 os_memcpy(pos, ext_capab, ext_capab_len);
2183 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2184 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2187 len = sizeof(wpa_ie) - wpa_ie_len;
2188 if (wpabuf_len(buf) <= len) {
2189 os_memcpy(wpa_ie + wpa_ie_len,
2190 wpabuf_head(buf), wpabuf_len(buf));
2191 wpa_ie_len += wpabuf_len(buf);
2196 if (wpa_s->fst_ies) {
2197 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2199 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) {
2200 os_memcpy(wpa_ie + wpa_ie_len,
2201 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2202 wpa_ie_len += fst_ies_len;
2205 #endif /* CONFIG_FST */
2207 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2209 cipher_pairwise = wpa_s->pairwise_cipher;
2210 cipher_group = wpa_s->group_cipher;
2211 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2212 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2213 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2215 if (wpa_set_wep_keys(wpa_s, ssid)) {
2220 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2223 #ifdef IEEE8021X_EAPOL
2224 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2225 if ((ssid->eapol_flags &
2226 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2227 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2231 /* Assume that dynamic WEP-104 keys will be used and
2232 * set cipher suites in order for drivers to expect
2234 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2237 #endif /* IEEE8021X_EAPOL */
2239 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2240 /* Set the key before (and later after) association */
2241 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2244 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2246 params.ssid = bss->ssid;
2247 params.ssid_len = bss->ssid_len;
2248 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2249 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2250 MACSTR " freq=%u MHz based on scan results "
2252 MAC2STR(bss->bssid), bss->freq,
2254 params.bssid = bss->bssid;
2255 params.freq.freq = bss->freq;
2257 params.bssid_hint = bss->bssid;
2258 params.freq_hint = bss->freq;
2260 params.ssid = ssid->ssid;
2261 params.ssid_len = ssid->ssid_len;
2264 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2265 wpa_s->conf->ap_scan == 2) {
2266 params.bssid = ssid->bssid;
2267 params.fixed_bssid = 1;
2270 /* Initial frequency for IBSS/mesh */
2271 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2272 ssid->frequency > 0 && params.freq.freq == 0)
2273 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
2275 if (ssid->mode == WPAS_MODE_IBSS) {
2276 params.fixed_freq = ssid->fixed_freq;
2277 if (ssid->beacon_int)
2278 params.beacon_int = ssid->beacon_int;
2280 params.beacon_int = wpa_s->conf->beacon_int;
2283 params.wpa_ie = wpa_ie;
2284 params.wpa_ie_len = wpa_ie_len;
2285 params.pairwise_suite = cipher_pairwise;
2286 params.group_suite = cipher_group;
2287 params.key_mgmt_suite = wpa_s->key_mgmt;
2288 params.wpa_proto = wpa_s->wpa_proto;
2289 params.auth_alg = algs;
2290 params.mode = ssid->mode;
2291 params.bg_scan_period = ssid->bg_scan_period;
2292 for (i = 0; i < NUM_WEP_KEYS; i++) {
2293 if (ssid->wep_key_len[i])
2294 params.wep_key[i] = ssid->wep_key[i];
2295 params.wep_key_len[i] = ssid->wep_key_len[i];
2297 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2299 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2300 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2301 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2302 params.passphrase = ssid->passphrase;
2304 params.psk = ssid->psk;
2307 if (wpa_s->conf->key_mgmt_offload) {
2308 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2309 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2310 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2311 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2312 params.req_key_mgmt_offload =
2313 ssid->proactive_key_caching < 0 ?
2314 wpa_s->conf->okc : ssid->proactive_key_caching;
2316 params.req_key_mgmt_offload = 1;
2318 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2319 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2320 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2322 params.psk = ssid->psk;
2325 params.drop_unencrypted = use_crypt;
2327 #ifdef CONFIG_IEEE80211W
2328 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2329 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2330 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2331 struct wpa_ie_data ie;
2332 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2334 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2335 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2336 "MFP: require MFP");
2337 params.mgmt_frame_protection =
2338 MGMT_FRAME_PROTECTION_REQUIRED;
2341 #endif /* CONFIG_IEEE80211W */
2343 params.p2p = ssid->p2p_group;
2345 if (wpa_s->parent->set_sta_uapsd)
2346 params.uapsd = wpa_s->parent->sta_uapsd;
2350 #ifdef CONFIG_HT_OVERRIDES
2351 os_memset(&htcaps, 0, sizeof(htcaps));
2352 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2353 params.htcaps = (u8 *) &htcaps;
2354 params.htcaps_mask = (u8 *) &htcaps_mask;
2355 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
2356 #endif /* CONFIG_HT_OVERRIDES */
2357 #ifdef CONFIG_VHT_OVERRIDES
2358 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2359 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2360 params.vhtcaps = &vhtcaps;
2361 params.vhtcaps_mask = &vhtcaps_mask;
2362 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
2363 #endif /* CONFIG_VHT_OVERRIDES */
2367 * If multi-channel concurrency is not supported, check for any
2368 * frequency conflict. In case of any frequency conflict, remove the
2369 * least prioritized connection.
2371 if (wpa_s->num_multichan_concurrent < 2) {
2373 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2374 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2375 wpa_printf(MSG_DEBUG,
2376 "Assoc conflicting freq found (%d != %d)",
2377 freq, params.freq.freq);
2378 if (wpas_p2p_handle_frequency_conflicts(
2379 wpa_s, params.freq.freq, ssid) < 0) {
2380 wpas_connect_work_done(wpa_s);
2385 #endif /* CONFIG_P2P */
2387 ret = wpa_drv_associate(wpa_s, ¶ms);
2389 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2391 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2393 * The driver is known to mean what is saying, so we
2394 * can stop right here; the association will not
2397 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2398 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2399 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2402 /* try to continue anyway; new association will be tried again
2407 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2408 /* Set the key after the association just in case association
2409 * cleared the previously configured key. */
2410 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2411 /* No need to timeout authentication since there is no key
2413 wpa_supplicant_cancel_auth_timeout(wpa_s);
2414 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2415 #ifdef CONFIG_IBSS_RSN
2416 } else if (ssid->mode == WPAS_MODE_IBSS &&
2417 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2418 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2420 * RSN IBSS authentication is per-STA and we can disable the
2421 * per-BSSID authentication.
2423 wpa_supplicant_cancel_auth_timeout(wpa_s);
2424 #endif /* CONFIG_IBSS_RSN */
2426 /* Timeout for IEEE 802.11 authentication and association */
2430 /* give IBSS a bit more time */
2431 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2432 } else if (wpa_s->conf->ap_scan == 1) {
2433 /* give IBSS a bit more time */
2434 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2436 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2440 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2441 /* Set static WEP keys again */
2442 wpa_set_wep_keys(wpa_s, ssid);
2445 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2447 * Do not allow EAP session resumption between different
2448 * network configurations.
2450 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2452 old_ssid = wpa_s->current_ssid;
2453 wpa_s->current_ssid = ssid;
2454 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set)
2455 wpa_s->current_bss = bss;
2456 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2457 wpa_supplicant_initiate_eapol(wpa_s);
2458 if (old_ssid != wpa_s->current_ssid)
2459 wpas_notify_network_changed(wpa_s);
2463 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2466 struct wpa_ssid *old_ssid;
2468 wpas_connect_work_done(wpa_s);
2469 wpa_clear_keys(wpa_s, addr);
2470 old_ssid = wpa_s->current_ssid;
2471 wpa_supplicant_mark_disassoc(wpa_s);
2472 wpa_sm_set_config(wpa_s->wpa, NULL);
2473 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2474 if (old_ssid != wpa_s->current_ssid)
2475 wpas_notify_network_changed(wpa_s);
2476 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2481 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2482 * @wpa_s: Pointer to wpa_supplicant data
2483 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2485 * This function is used to request %wpa_supplicant to deauthenticate from the
2488 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2492 union wpa_event_data event;
2495 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2496 " pending_bssid=" MACSTR " reason=%d state=%s",
2497 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2498 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2500 if (!is_zero_ether_addr(wpa_s->bssid))
2501 addr = wpa_s->bssid;
2502 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2503 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2504 wpa_s->wpa_state == WPA_ASSOCIATING))
2505 addr = wpa_s->pending_bssid;
2506 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2508 * When using driver-based BSS selection, we may not know the
2509 * BSSID with which we are currently trying to associate. We
2510 * need to notify the driver of this disconnection even in such
2511 * a case, so use the all zeros address here.
2513 addr = wpa_s->bssid;
2518 wpa_tdls_teardown_peers(wpa_s->wpa);
2519 #endif /* CONFIG_TDLS */
2523 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2525 wpa_supplicant_leave_mesh(wpa_s);
2527 #endif /* CONFIG_MESH */
2530 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2531 os_memset(&event, 0, sizeof(event));
2532 event.deauth_info.reason_code = (u16) reason_code;
2533 event.deauth_info.locally_generated = 1;
2534 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2539 wpa_supplicant_clear_connection(wpa_s, addr);
2542 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2543 struct wpa_ssid *ssid)
2545 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2549 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2550 wpas_notify_network_enabled_changed(wpa_s, ssid);
2553 * Try to reassociate since there is no current configuration and a new
2554 * network was made available.
2556 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2557 wpa_s->reassociate = 1;
2562 * wpa_supplicant_enable_network - Mark a configured network as enabled
2563 * @wpa_s: wpa_supplicant structure for a network interface
2564 * @ssid: wpa_ssid structure for a configured network or %NULL
2566 * Enables the specified network or all networks if no network specified.
2568 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2569 struct wpa_ssid *ssid)
2572 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2573 wpa_supplicant_enable_one_network(wpa_s, ssid);
2575 wpa_supplicant_enable_one_network(wpa_s, ssid);
2577 if (wpa_s->reassociate && !wpa_s->disconnected &&
2578 (!wpa_s->current_ssid ||
2579 wpa_s->wpa_state == WPA_DISCONNECTED ||
2580 wpa_s->wpa_state == WPA_SCANNING)) {
2581 if (wpa_s->sched_scanning) {
2582 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2583 "new network to scan filters");
2584 wpa_supplicant_cancel_sched_scan(wpa_s);
2587 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2588 wpa_s->scan_req = NORMAL_SCAN_REQ;
2589 wpa_supplicant_req_scan(wpa_s, 0, 0);
2596 * wpa_supplicant_disable_network - Mark a configured network as disabled
2597 * @wpa_s: wpa_supplicant structure for a network interface
2598 * @ssid: wpa_ssid structure for a configured network or %NULL
2600 * Disables the specified network or all networks if no network specified.
2602 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2603 struct wpa_ssid *ssid)
2605 struct wpa_ssid *other_ssid;
2609 if (wpa_s->sched_scanning)
2610 wpa_supplicant_cancel_sched_scan(wpa_s);
2612 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2613 other_ssid = other_ssid->next) {
2614 was_disabled = other_ssid->disabled;
2615 if (was_disabled == 2)
2616 continue; /* do not change persistent P2P group
2619 other_ssid->disabled = 1;
2621 if (was_disabled != other_ssid->disabled)
2622 wpas_notify_network_enabled_changed(
2625 if (wpa_s->current_ssid)
2626 wpa_supplicant_deauthenticate(
2627 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2628 } else if (ssid->disabled != 2) {
2629 if (ssid == wpa_s->current_ssid)
2630 wpa_supplicant_deauthenticate(
2631 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2633 was_disabled = ssid->disabled;
2637 if (was_disabled != ssid->disabled) {
2638 wpas_notify_network_enabled_changed(wpa_s, ssid);
2639 if (wpa_s->sched_scanning) {
2640 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2641 "to remove network from filters");
2642 wpa_supplicant_cancel_sched_scan(wpa_s);
2643 wpa_supplicant_req_scan(wpa_s, 0, 0);
2651 * wpa_supplicant_select_network - Attempt association with a network
2652 * @wpa_s: wpa_supplicant structure for a network interface
2653 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2655 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2656 struct wpa_ssid *ssid)
2659 struct wpa_ssid *other_ssid;
2660 int disconnected = 0;
2662 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2663 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2664 wpa_s->own_disconnect_req = 1;
2665 wpa_supplicant_deauthenticate(
2666 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2671 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2674 * Mark all other networks disabled or mark all networks enabled if no
2675 * network specified.
2677 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2678 other_ssid = other_ssid->next) {
2679 int was_disabled = other_ssid->disabled;
2680 if (was_disabled == 2)
2681 continue; /* do not change persistent P2P group data */
2683 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2684 if (was_disabled && !other_ssid->disabled)
2685 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2687 if (was_disabled != other_ssid->disabled)
2688 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2691 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2692 /* We are already associated with the selected network */
2693 wpa_printf(MSG_DEBUG, "Already associated with the "
2694 "selected network - do nothing");
2699 wpa_s->current_ssid = ssid;
2700 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2701 wpa_s->connect_without_scan =
2702 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
2705 * Don't optimize next scan freqs since a new ESS has been
2708 os_free(wpa_s->next_scan_freqs);
2709 wpa_s->next_scan_freqs = NULL;
2711 wpa_s->connect_without_scan = NULL;
2714 wpa_s->disconnected = 0;
2715 wpa_s->reassociate = 1;
2717 if (wpa_s->connect_without_scan ||
2718 wpa_supplicant_fast_associate(wpa_s) != 1) {
2719 wpa_s->scan_req = NORMAL_SCAN_REQ;
2720 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2724 wpas_notify_network_selected(wpa_s, ssid);
2729 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2730 * @wpa_s: wpa_supplicant structure for a network interface
2731 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2732 * @pkcs11_module_path: PKCS #11 module path or NULL
2733 * Returns: 0 on success; -1 on failure
2735 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2736 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2737 * module path fails the paths will be reset to the default value (NULL).
2739 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2740 const char *pkcs11_engine_path,
2741 const char *pkcs11_module_path)
2743 char *pkcs11_engine_path_copy = NULL;
2744 char *pkcs11_module_path_copy = NULL;
2746 if (pkcs11_engine_path != NULL) {
2747 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2748 if (pkcs11_engine_path_copy == NULL)
2751 if (pkcs11_module_path != NULL) {
2752 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2753 if (pkcs11_module_path_copy == NULL) {
2754 os_free(pkcs11_engine_path_copy);
2759 os_free(wpa_s->conf->pkcs11_engine_path);
2760 os_free(wpa_s->conf->pkcs11_module_path);
2761 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2762 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2764 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2765 eapol_sm_deinit(wpa_s->eapol);
2766 wpa_s->eapol = NULL;
2767 if (wpa_supplicant_init_eapol(wpa_s)) {
2768 /* Error -> Reset paths to the default value (NULL) once. */
2769 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2770 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2775 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2782 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2783 * @wpa_s: wpa_supplicant structure for a network interface
2784 * @ap_scan: AP scan mode
2785 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2788 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2793 if (ap_scan < 0 || ap_scan > 2)
2796 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
2797 wpa_printf(MSG_INFO,
2798 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
2802 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2803 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2804 wpa_s->wpa_state < WPA_COMPLETED) {
2805 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2806 "associating", wpa_s->conf->ap_scan, ap_scan);
2809 #endif /* ANDROID */
2811 old_ap_scan = wpa_s->conf->ap_scan;
2812 wpa_s->conf->ap_scan = ap_scan;
2814 if (old_ap_scan != wpa_s->conf->ap_scan)
2815 wpas_notify_ap_scan_changed(wpa_s);
2822 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2823 * @wpa_s: wpa_supplicant structure for a network interface
2824 * @expire_age: Expiration age in seconds
2825 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2828 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2829 unsigned int bss_expire_age)
2831 if (bss_expire_age < 10) {
2832 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2836 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2838 wpa_s->conf->bss_expiration_age = bss_expire_age;
2845 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2846 * @wpa_s: wpa_supplicant structure for a network interface
2847 * @expire_count: number of scans after which an unseen BSS is reclaimed
2848 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2851 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2852 unsigned int bss_expire_count)
2854 if (bss_expire_count < 1) {
2855 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2859 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2861 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2868 * wpa_supplicant_set_scan_interval - Set scan interval
2869 * @wpa_s: wpa_supplicant structure for a network interface
2870 * @scan_interval: scan interval in seconds
2871 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2874 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2877 if (scan_interval < 0) {
2878 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2882 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2884 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2891 * wpa_supplicant_set_debug_params - Set global debug params
2892 * @global: wpa_global structure
2893 * @debug_level: debug level
2894 * @debug_timestamp: determines if show timestamp in debug data
2895 * @debug_show_keys: determines if show keys in debug data
2896 * Returns: 0 if succeed or -1 if debug_level has wrong value
2898 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2899 int debug_timestamp, int debug_show_keys)
2902 int old_level, old_timestamp, old_show_keys;
2904 /* check for allowed debuglevels */
2905 if (debug_level != MSG_EXCESSIVE &&
2906 debug_level != MSG_MSGDUMP &&
2907 debug_level != MSG_DEBUG &&
2908 debug_level != MSG_INFO &&
2909 debug_level != MSG_WARNING &&
2910 debug_level != MSG_ERROR)
2913 old_level = wpa_debug_level;
2914 old_timestamp = wpa_debug_timestamp;
2915 old_show_keys = wpa_debug_show_keys;
2917 wpa_debug_level = debug_level;
2918 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2919 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2921 if (wpa_debug_level != old_level)
2922 wpas_notify_debug_level_changed(global);
2923 if (wpa_debug_timestamp != old_timestamp)
2924 wpas_notify_debug_timestamp_changed(global);
2925 if (wpa_debug_show_keys != old_show_keys)
2926 wpas_notify_debug_show_keys_changed(global);
2933 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2934 * @wpa_s: Pointer to wpa_supplicant data
2935 * Returns: A pointer to the current network structure or %NULL on failure
2937 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2939 struct wpa_ssid *entry;
2940 u8 ssid[SSID_MAX_LEN];
2946 res = wpa_drv_get_ssid(wpa_s, ssid);
2948 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2954 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2955 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2960 wired = wpa_s->conf->ap_scan == 0 &&
2961 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2963 entry = wpa_s->conf->ssid;
2965 if (!wpas_network_disabled(wpa_s, entry) &&
2966 ((ssid_len == entry->ssid_len &&
2967 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2968 (!entry->bssid_set ||
2969 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2972 if (!wpas_network_disabled(wpa_s, entry) &&
2973 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2974 (entry->ssid == NULL || entry->ssid_len == 0) &&
2975 (!entry->bssid_set ||
2976 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2978 #endif /* CONFIG_WPS */
2980 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2981 entry->ssid_len == 0 &&
2982 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2985 entry = entry->next;
2992 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2994 struct wpa_global *global = wpa_s->global;
2996 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2997 global->drv_priv[i] = wpa_drivers[i]->global_init();
2998 if (global->drv_priv[i] == NULL) {
2999 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3000 "'%s'", wpa_drivers[i]->name);
3005 wpa_s->driver = wpa_drivers[i];
3006 wpa_s->global_drv_priv = global->drv_priv[i];
3012 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3017 const char *pos, *driver = name;
3022 if (wpa_drivers[0] == NULL) {
3023 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3029 /* default to first driver in the list */
3030 return select_driver(wpa_s, 0);
3034 pos = os_strchr(driver, ',');
3038 len = os_strlen(driver);
3040 for (i = 0; wpa_drivers[i]; i++) {
3041 if (os_strlen(wpa_drivers[i]->name) == len &&
3042 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3044 /* First driver that succeeds wins */
3045 if (select_driver(wpa_s, i) == 0)
3053 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3059 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3060 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3061 * with struct wpa_driver_ops::init()
3062 * @src_addr: Source address of the EAPOL frame
3063 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3064 * @len: Length of the EAPOL data
3066 * This function is called for each received EAPOL frame. Most driver
3067 * interfaces rely on more generic OS mechanism for receiving frames through
3068 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3069 * take care of received EAPOL frames and deliver them to the core supplicant
3070 * code by calling this function.
3072 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3073 const u8 *buf, size_t len)
3075 struct wpa_supplicant *wpa_s = ctx;
3077 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3078 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3080 #ifdef CONFIG_PEERKEY
3081 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3082 wpa_s->current_ssid->peerkey &&
3083 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3084 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3085 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3088 #endif /* CONFIG_PEERKEY */
3090 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3091 (wpa_s->last_eapol_matches_bssid &&
3094 #endif /* CONFIG_AP */
3095 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3097 * There is possible race condition between receiving the
3098 * association event and the EAPOL frame since they are coming
3099 * through different paths from the driver. In order to avoid
3100 * issues in trying to process the EAPOL frame before receiving
3101 * association information, lets queue it for processing until
3102 * the association event is received. This may also be needed in
3103 * driver-based roaming case, so also use src_addr != BSSID as a
3104 * trigger if we have previously confirmed that the
3105 * Authenticator uses BSSID as the src_addr (which is not the
3106 * case with wired IEEE 802.1X).
3108 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3109 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3110 wpa_supplicant_state_txt(wpa_s->wpa_state),
3111 MAC2STR(wpa_s->bssid));
3112 wpabuf_free(wpa_s->pending_eapol_rx);
3113 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3114 if (wpa_s->pending_eapol_rx) {
3115 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3116 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3122 wpa_s->last_eapol_matches_bssid =
3123 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3126 if (wpa_s->ap_iface) {
3127 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3130 #endif /* CONFIG_AP */
3132 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3133 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3134 "no key management is configured");
3138 if (wpa_s->eapol_received == 0 &&
3139 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3140 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3141 wpa_s->wpa_state != WPA_COMPLETED) &&
3142 (wpa_s->current_ssid == NULL ||
3143 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3144 /* Timeout for completing IEEE 802.1X and WPA authentication */
3147 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3148 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3149 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3150 /* Use longer timeout for IEEE 802.1X/EAP */
3155 if (wpa_s->current_ssid && wpa_s->current_bss &&
3156 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3157 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3159 * Use shorter timeout if going through WPS AP iteration
3160 * for PIN config method with an AP that does not
3161 * advertise Selected Registrar.
3163 struct wpabuf *wps_ie;
3165 wps_ie = wpa_bss_get_vendor_ie_multi(
3166 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3168 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3170 wpabuf_free(wps_ie);
3172 #endif /* CONFIG_WPS */
3174 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3176 wpa_s->eapol_received++;
3178 if (wpa_s->countermeasures) {
3179 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3184 #ifdef CONFIG_IBSS_RSN
3185 if (wpa_s->current_ssid &&
3186 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3187 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3190 #endif /* CONFIG_IBSS_RSN */
3192 /* Source address of the incoming EAPOL frame could be compared to the
3193 * current BSSID. However, it is possible that a centralized
3194 * Authenticator could be using another MAC address than the BSSID of
3195 * an AP, so just allow any address to be used for now. The replies are
3196 * still sent to the current BSSID (if available), though. */
3198 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3199 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3200 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3202 wpa_drv_poll(wpa_s);
3203 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3204 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3205 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3207 * Set portValid = TRUE here since we are going to skip 4-way
3208 * handshake processing which would normally set portValid. We
3209 * need this to allow the EAPOL state machines to be completed
3210 * without going through EAPOL-Key handshake.
3212 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3217 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3219 if ((!wpa_s->p2p_mgmt ||
3220 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3221 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3222 l2_packet_deinit(wpa_s->l2);
3223 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3224 wpa_drv_get_mac_addr(wpa_s),
3226 wpa_supplicant_rx_eapol, wpa_s, 0);
3227 if (wpa_s->l2 == NULL)
3230 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3232 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3235 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3236 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3240 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3246 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3247 const u8 *buf, size_t len)
3249 struct wpa_supplicant *wpa_s = ctx;
3250 const struct l2_ethhdr *eth;
3252 if (len < sizeof(*eth))
3254 eth = (const struct l2_ethhdr *) buf;
3256 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3257 !(eth->h_dest[0] & 0x01)) {
3258 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3259 " (bridge - not for this interface - ignore)",
3260 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3264 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3265 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3266 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3267 len - sizeof(*eth));
3272 * wpa_supplicant_driver_init - Initialize driver interface parameters
3273 * @wpa_s: Pointer to wpa_supplicant data
3274 * Returns: 0 on success, -1 on failure
3276 * This function is called to initialize driver interface parameters.
3277 * wpa_drv_init() must have been called before this function to initialize the
3280 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3282 static int interface_count = 0;
3284 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3287 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3288 MAC2STR(wpa_s->own_addr));
3289 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3290 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3292 if (wpa_s->bridge_ifname[0]) {
3293 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3294 "interface '%s'", wpa_s->bridge_ifname);
3295 wpa_s->l2_br = l2_packet_init_bridge(
3296 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3297 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3298 if (wpa_s->l2_br == NULL) {
3299 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3300 "connection for the bridge interface '%s'",
3301 wpa_s->bridge_ifname);
3306 if (wpa_s->conf->ap_scan == 2 &&
3307 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3308 wpa_printf(MSG_INFO,
3309 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3312 wpa_clear_keys(wpa_s, NULL);
3314 /* Make sure that TKIP countermeasures are not left enabled (could
3315 * happen if wpa_supplicant is killed during countermeasures. */
3316 wpa_drv_set_countermeasures(wpa_s, 0);
3318 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3319 wpa_drv_flush_pmkid(wpa_s);
3321 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3322 wpa_s->prev_scan_wildcard = 0;
3324 if (wpa_supplicant_enabled_networks(wpa_s)) {
3325 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3326 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3327 interface_count = 0;
3330 if (!wpa_s->p2p_mgmt &&
3331 wpa_supplicant_delayed_sched_scan(wpa_s,
3332 interface_count % 3,
3334 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3336 #endif /* ANDROID */
3339 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3345 static int wpa_supplicant_daemon(const char *pid_file)
3347 wpa_printf(MSG_DEBUG, "Daemonize..");
3348 return os_daemonize(pid_file);
3352 static struct wpa_supplicant *
3353 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3355 struct wpa_supplicant *wpa_s;
3357 wpa_s = os_zalloc(sizeof(*wpa_s));
3360 wpa_s->scan_req = INITIAL_SCAN_REQ;
3361 wpa_s->scan_interval = 5;
3362 wpa_s->new_connection = 1;
3363 wpa_s->parent = parent ? parent : wpa_s;
3364 wpa_s->sched_scanning = 0;
3370 #ifdef CONFIG_HT_OVERRIDES
3372 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3373 struct ieee80211_ht_capabilities *htcaps,
3374 struct ieee80211_ht_capabilities *htcaps_mask,
3377 /* parse ht_mcs into hex array */
3379 const char *tmp = ht_mcs;
3382 /* If ht_mcs is null, do not set anything */
3386 /* This is what we are setting in the kernel */
3387 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3389 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3391 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3393 long v = strtol(tmp, &end, 16);
3395 wpa_msg(wpa_s, MSG_DEBUG,
3396 "htcap value[%i]: %ld end: %p tmp: %p",
3401 htcaps->supported_mcs_set[i] = v;
3404 wpa_msg(wpa_s, MSG_ERROR,
3405 "Failed to parse ht-mcs: %s, error: %s\n",
3406 ht_mcs, strerror(errno));
3412 * If we were able to parse any values, then set mask for the MCS set.
3415 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3416 IEEE80211_HT_MCS_MASK_LEN - 1);
3417 /* skip the 3 reserved bits */
3418 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3426 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3427 struct ieee80211_ht_capabilities *htcaps,
3428 struct ieee80211_ht_capabilities *htcaps_mask,
3433 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3438 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3439 htcaps_mask->ht_capabilities_info |= msk;
3441 htcaps->ht_capabilities_info &= msk;
3443 htcaps->ht_capabilities_info |= msk;
3449 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3450 struct ieee80211_ht_capabilities *htcaps,
3451 struct ieee80211_ht_capabilities *htcaps_mask,
3454 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3459 if (factor < 0 || factor > 3) {
3460 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3461 "Must be 0-3 or -1", factor);
3465 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3466 htcaps->a_mpdu_params &= ~0x3;
3467 htcaps->a_mpdu_params |= factor & 0x3;
3473 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3474 struct ieee80211_ht_capabilities *htcaps,
3475 struct ieee80211_ht_capabilities *htcaps_mask,
3478 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3483 if (density < 0 || density > 7) {
3484 wpa_msg(wpa_s, MSG_ERROR,
3485 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3490 htcaps_mask->a_mpdu_params |= 0x1C;
3491 htcaps->a_mpdu_params &= ~(0x1C);
3492 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3498 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3499 struct ieee80211_ht_capabilities *htcaps,
3500 struct ieee80211_ht_capabilities *htcaps_mask,
3503 /* Masking these out disables HT40 */
3504 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3505 HT_CAP_INFO_SHORT_GI40MHZ);
3507 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3510 htcaps->ht_capabilities_info &= ~msk;
3512 htcaps->ht_capabilities_info |= msk;
3514 htcaps_mask->ht_capabilities_info |= msk;
3520 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3521 struct ieee80211_ht_capabilities *htcaps,
3522 struct ieee80211_ht_capabilities *htcaps_mask,
3525 /* Masking these out disables SGI */
3526 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3527 HT_CAP_INFO_SHORT_GI40MHZ);
3529 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3532 htcaps->ht_capabilities_info &= ~msk;
3534 htcaps->ht_capabilities_info |= msk;
3536 htcaps_mask->ht_capabilities_info |= msk;
3542 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3543 struct ieee80211_ht_capabilities *htcaps,
3544 struct ieee80211_ht_capabilities *htcaps_mask,
3547 /* Masking these out disables LDPC */
3548 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3550 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3553 htcaps->ht_capabilities_info &= ~msk;
3555 htcaps->ht_capabilities_info |= msk;
3557 htcaps_mask->ht_capabilities_info |= msk;
3563 void wpa_supplicant_apply_ht_overrides(
3564 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3565 struct wpa_driver_associate_params *params)
3567 struct ieee80211_ht_capabilities *htcaps;
3568 struct ieee80211_ht_capabilities *htcaps_mask;
3573 params->disable_ht = ssid->disable_ht;
3574 if (!params->htcaps || !params->htcaps_mask)
3577 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3578 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3579 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3580 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3581 ssid->disable_max_amsdu);
3582 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3583 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3584 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3585 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3586 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3588 if (ssid->ht40_intolerant) {
3589 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3590 htcaps->ht_capabilities_info |= bit;
3591 htcaps_mask->ht_capabilities_info |= bit;
3595 #endif /* CONFIG_HT_OVERRIDES */
3598 #ifdef CONFIG_VHT_OVERRIDES
3599 void wpa_supplicant_apply_vht_overrides(
3600 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3601 struct wpa_driver_associate_params *params)
3603 struct ieee80211_vht_capabilities *vhtcaps;
3604 struct ieee80211_vht_capabilities *vhtcaps_mask;
3609 params->disable_vht = ssid->disable_vht;
3611 vhtcaps = (void *) params->vhtcaps;
3612 vhtcaps_mask = (void *) params->vhtcaps_mask;
3614 if (!vhtcaps || !vhtcaps_mask)
3617 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3618 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3620 #ifdef CONFIG_HT_OVERRIDES
3621 /* if max ampdu is <= 3, we have to make the HT cap the same */
3622 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3625 max_ampdu = (ssid->vht_capa &
3626 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3627 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3629 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3630 wpa_set_ampdu_factor(wpa_s,
3631 (void *) params->htcaps,
3632 (void *) params->htcaps_mask,
3635 #endif /* CONFIG_HT_OVERRIDES */
3637 #define OVERRIDE_MCS(i) \
3638 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3639 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3641 vhtcaps->vht_supported_mcs_set.tx_map |= \
3642 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3644 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3645 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3647 vhtcaps->vht_supported_mcs_set.rx_map |= \
3648 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3660 #endif /* CONFIG_VHT_OVERRIDES */
3663 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3668 if (!wpa_s->conf->pcsc_reader)
3671 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3675 if (wpa_s->conf->pcsc_pin &&
3676 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3677 scard_deinit(wpa_s->scard);
3678 wpa_s->scard = NULL;
3679 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3683 len = sizeof(wpa_s->imsi) - 1;
3684 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3685 scard_deinit(wpa_s->scard);
3686 wpa_s->scard = NULL;
3687 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3690 wpa_s->imsi[len] = '\0';
3692 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3694 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3695 wpa_s->imsi, wpa_s->mnc_len);
3697 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3698 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3699 #endif /* PCSC_FUNCS */
3705 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3709 ext_password_deinit(wpa_s->ext_pw);
3710 wpa_s->ext_pw = NULL;
3711 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3713 if (!wpa_s->conf->ext_password_backend)
3716 val = os_strdup(wpa_s->conf->ext_password_backend);
3719 pos = os_strchr(val, ':');
3723 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3725 wpa_s->ext_pw = ext_password_init(val, pos);
3727 if (wpa_s->ext_pw == NULL) {
3728 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3731 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3739 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
3741 struct wpa_supplicant *wpa_s = ctx;
3743 return (is_zero_ether_addr(wpa_s->bssid) ||
3744 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
3748 static void wpas_fst_get_channel_info_cb(void *ctx,
3749 enum hostapd_hw_mode *hw_mode,
3752 struct wpa_supplicant *wpa_s = ctx;
3754 if (wpa_s->current_bss) {
3755 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
3757 } else if (wpa_s->hw.num_modes) {
3758 *hw_mode = wpa_s->hw.modes[0].mode;
3766 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
3768 struct wpa_supplicant *wpa_s = ctx;
3770 *modes = wpa_s->hw.modes;
3771 return wpa_s->hw.num_modes;
3775 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
3777 struct wpa_supplicant *wpa_s = ctx;
3779 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
3780 wpa_s->fst_ies = fst_ies;
3784 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
3786 struct wpa_supplicant *wpa_s = ctx;
3788 WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0);
3789 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
3790 wpa_s->own_addr, wpa_s->bssid,
3791 wpabuf_head(data), wpabuf_len(data),
3796 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
3798 struct wpa_supplicant *wpa_s = ctx;
3800 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
3801 return wpa_s->received_mb_ies;
3805 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
3806 const u8 *buf, size_t size)
3808 struct wpa_supplicant *wpa_s = ctx;
3809 struct mb_ies_info info;
3811 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
3813 if (!mb_ies_info_by_ies(&info, buf, size)) {
3814 wpabuf_free(wpa_s->received_mb_ies);
3815 wpa_s->received_mb_ies = mb_ies_by_info(&info);
3820 const u8 * wpas_fst_get_peer_first(void *ctx, struct fst_get_peer_ctx **get_ctx,
3823 struct wpa_supplicant *wpa_s = ctx;
3826 if (!is_zero_ether_addr(wpa_s->bssid))
3827 return (wpa_s->received_mb_ies || !mb_only) ?
3828 wpa_s->bssid : NULL;
3833 const u8 * wpas_fst_get_peer_next(void *ctx, struct fst_get_peer_ctx **get_ctx,
3839 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
3840 struct fst_wpa_obj *iface_obj)
3842 iface_obj->ctx = wpa_s;
3843 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
3844 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
3845 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
3846 iface_obj->set_ies = wpas_fst_set_ies_cb;
3847 iface_obj->send_action = wpas_fst_send_action_cb;
3848 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
3849 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
3850 iface_obj->get_peer_first = wpas_fst_get_peer_first;
3851 iface_obj->get_peer_next = wpas_fst_get_peer_next;
3853 #endif /* CONFIG_FST */
3855 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3856 const struct wpa_driver_capa *capa)
3858 struct wowlan_triggers *triggers;
3861 if (!wpa_s->conf->wowlan_triggers)
3864 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
3866 ret = wpa_drv_wowlan(wpa_s, triggers);
3873 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3876 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3877 struct wpa_radio *radio;
3879 while (rn && iface) {
3880 radio = iface->radio;
3881 if (radio && os_strcmp(rn, radio->name) == 0) {
3882 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3884 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3888 iface = iface->next;
3891 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3892 wpa_s->ifname, rn ? rn : "N/A");
3893 radio = os_zalloc(sizeof(*radio));
3898 os_strlcpy(radio->name, rn, sizeof(radio->name));
3899 dl_list_init(&radio->ifaces);
3900 dl_list_init(&radio->work);
3901 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3907 static void radio_work_free(struct wpa_radio_work *work)
3909 if (work->wpa_s->scan_work == work) {
3910 /* This should not really happen. */
3911 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3912 work->type, work, work->started);
3913 work->wpa_s->scan_work = NULL;
3917 if (work->wpa_s->p2p_scan_work == work) {
3918 /* This should not really happen. */
3919 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3920 work->type, work, work->started);
3921 work->wpa_s->p2p_scan_work = NULL;
3923 #endif /* CONFIG_P2P */
3925 dl_list_del(&work->list);
3930 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3932 struct wpa_radio *radio = eloop_ctx;
3933 struct wpa_radio_work *work;
3934 struct os_reltime now, diff;
3935 struct wpa_supplicant *wpa_s;
3937 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3942 return; /* already started and still in progress */
3944 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3946 if (wpa_s && wpa_s->radio->external_scan_running) {
3947 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3951 os_get_reltime(&now);
3952 os_reltime_sub(&now, &work->time, &diff);
3953 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3954 work->type, work, diff.sec, diff.usec);
3962 * This function removes both started and pending radio works running on
3963 * the provided interface's radio.
3964 * Prior to the removal of the radio work, its callback (cb) is called with
3965 * deinit set to be 1. Each work's callback is responsible for clearing its
3966 * internal data and restoring to a correct state.
3967 * @wpa_s: wpa_supplicant data
3968 * @type: type of works to be removed
3969 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3970 * this interface's works.
3972 void radio_remove_works(struct wpa_supplicant *wpa_s,
3973 const char *type, int remove_all)
3975 struct wpa_radio_work *work, *tmp;
3976 struct wpa_radio *radio = wpa_s->radio;
3978 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3980 if (type && os_strcmp(type, work->type) != 0)
3983 /* skip other ifaces' works */
3984 if (!remove_all && work->wpa_s != wpa_s)
3987 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3988 work->type, work, work->started ? " (started)" : "");
3990 radio_work_free(work);
3993 /* in case we removed the started work */
3994 radio_work_check_next(wpa_s);
3998 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4000 struct wpa_radio *radio = wpa_s->radio;
4005 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4006 wpa_s->ifname, radio->name);
4007 dl_list_del(&wpa_s->radio_list);
4008 radio_remove_works(wpa_s, NULL, 0);
4009 wpa_s->radio = NULL;
4010 if (!dl_list_empty(&radio->ifaces))
4011 return; /* Interfaces remain for this radio */
4013 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4014 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4019 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4021 struct wpa_radio *radio = wpa_s->radio;
4023 if (dl_list_empty(&radio->work))
4025 if (wpa_s->ext_work_in_progress) {
4026 wpa_printf(MSG_DEBUG,
4027 "External radio work in progress - delay start of pending item");
4030 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4031 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4036 * radio_add_work - Add a radio work item
4037 * @wpa_s: Pointer to wpa_supplicant data
4038 * @freq: Frequency of the offchannel operation in MHz or 0
4039 * @type: Unique identifier for each type of work
4040 * @next: Force as the next work to be executed
4041 * @cb: Callback function for indicating when radio is available
4042 * @ctx: Context pointer for the work (work->ctx in cb())
4043 * Returns: 0 on success, -1 on failure
4045 * This function is used to request time for an operation that requires
4046 * exclusive radio control. Once the radio is available, the registered callback
4047 * function will be called. radio_work_done() must be called once the exclusive
4048 * radio operation has been completed, so that the radio is freed for other
4049 * operations. The special case of deinit=1 is used to free the context data
4050 * during interface removal. That does not allow the callback function to start
4051 * the radio operation, i.e., it must free any resources allocated for the radio
4054 * The @freq parameter can be used to indicate a single channel on which the
4055 * offchannel operation will occur. This may allow multiple radio work
4056 * operations to be performed in parallel if they apply for the same channel.
4057 * Setting this to 0 indicates that the work item may use multiple channels or
4058 * requires exclusive control of the radio.
4060 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4061 const char *type, int next,
4062 void (*cb)(struct wpa_radio_work *work, int deinit),
4065 struct wpa_radio_work *work;
4068 work = os_zalloc(sizeof(*work));
4071 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4072 os_get_reltime(&work->time);
4075 work->wpa_s = wpa_s;
4079 was_empty = dl_list_empty(&wpa_s->radio->work);
4081 dl_list_add(&wpa_s->radio->work, &work->list);
4083 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4085 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4086 radio_work_check_next(wpa_s);
4094 * radio_work_done - Indicate that a radio work item has been completed
4095 * @work: Completed work
4097 * This function is called once the callback function registered with
4098 * radio_add_work() has completed its work.
4100 void radio_work_done(struct wpa_radio_work *work)
4102 struct wpa_supplicant *wpa_s = work->wpa_s;
4103 struct os_reltime now, diff;
4104 unsigned int started = work->started;
4106 os_get_reltime(&now);
4107 os_reltime_sub(&now, &work->time, &diff);
4108 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4109 work->type, work, started ? "done" : "canceled",
4110 diff.sec, diff.usec);
4111 radio_work_free(work);
4113 radio_work_check_next(wpa_s);
4117 struct wpa_radio_work *
4118 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
4120 struct wpa_radio_work *work;
4121 struct wpa_radio *radio = wpa_s->radio;
4123 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
4124 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
4132 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
4133 struct wpa_interface *iface)
4135 const char *ifname, *driver, *rn;
4137 driver = iface->driver;
4139 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
4142 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
4143 if (wpa_s->drv_priv == NULL) {
4145 pos = driver ? os_strchr(driver, ',') : NULL;
4147 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
4148 "driver interface - try next driver wrapper");
4152 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4156 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4157 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4158 "driver_param '%s'", wpa_s->conf->driver_param);
4162 ifname = wpa_drv_get_ifname(wpa_s);
4163 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4164 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4165 "interface name with '%s'", ifname);
4166 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4169 rn = wpa_driver_get_radio_name(wpa_s);
4170 if (rn && rn[0] == '\0')
4173 wpa_s->radio = radio_add_interface(wpa_s, rn);
4174 if (wpa_s->radio == NULL)
4181 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4182 struct wpa_interface *iface)
4184 struct wpa_driver_capa capa;
4187 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4188 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4189 iface->confname ? iface->confname : "N/A",
4190 iface->driver ? iface->driver : "default",
4191 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4192 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4194 if (iface->confname) {
4195 #ifdef CONFIG_BACKEND_FILE
4196 wpa_s->confname = os_rel2abs_path(iface->confname);
4197 if (wpa_s->confname == NULL) {
4198 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4199 "for configuration file '%s'.",
4203 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4204 iface->confname, wpa_s->confname);
4205 #else /* CONFIG_BACKEND_FILE */
4206 wpa_s->confname = os_strdup(iface->confname);
4207 #endif /* CONFIG_BACKEND_FILE */
4208 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4209 if (wpa_s->conf == NULL) {
4210 wpa_printf(MSG_ERROR, "Failed to read or parse "
4211 "configuration '%s'.", wpa_s->confname);
4214 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4215 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4218 * Override ctrl_interface and driver_param if set on command
4221 if (iface->ctrl_interface) {
4222 os_free(wpa_s->conf->ctrl_interface);
4223 wpa_s->conf->ctrl_interface =
4224 os_strdup(iface->ctrl_interface);
4227 if (iface->driver_param) {
4228 os_free(wpa_s->conf->driver_param);
4229 wpa_s->conf->driver_param =
4230 os_strdup(iface->driver_param);
4233 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4234 os_free(wpa_s->conf->ctrl_interface);
4235 wpa_s->conf->ctrl_interface = NULL;
4238 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4239 iface->driver_param);
4241 if (wpa_s->conf == NULL) {
4242 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4246 if (iface->ifname == NULL) {
4247 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4250 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4251 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4255 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4257 if (iface->bridge_ifname) {
4258 if (os_strlen(iface->bridge_ifname) >=
4259 sizeof(wpa_s->bridge_ifname)) {
4260 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4261 "name '%s'.", iface->bridge_ifname);
4264 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4265 sizeof(wpa_s->bridge_ifname));
4268 /* RSNA Supplicant Key Management - INITIALIZE */
4269 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4270 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4272 /* Initialize driver interface and register driver event handler before
4273 * L2 receive handler so that association events are processed before
4274 * EAPOL-Key packets if both become available for the same select()
4276 if (wpas_init_driver(wpa_s, iface) < 0)
4279 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4282 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4283 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4285 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4287 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4288 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4289 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4290 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4291 "dot11RSNAConfigPMKLifetime");
4295 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4296 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4297 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4298 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4299 "dot11RSNAConfigPMKReauthThreshold");
4303 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4304 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4305 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4306 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4307 "dot11RSNAConfigSATimeout");
4311 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4312 &wpa_s->hw.num_modes,
4314 if (wpa_s->hw.modes) {
4317 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4318 if (wpa_s->hw.modes[i].vht_capab) {
4319 wpa_s->hw_capab = CAPAB_VHT;
4323 if (wpa_s->hw.modes[i].ht_capab &
4324 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4325 wpa_s->hw_capab = CAPAB_HT40;
4326 else if (wpa_s->hw.modes[i].ht_capab &&
4327 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4328 wpa_s->hw_capab = CAPAB_HT;
4332 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4333 if (capa_res == 0) {
4334 wpa_s->drv_capa_known = 1;
4335 wpa_s->drv_flags = capa.flags;
4336 wpa_s->drv_enc = capa.enc;
4337 wpa_s->drv_smps_modes = capa.smps_modes;
4338 wpa_s->drv_rrm_flags = capa.rrm_flags;
4339 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4340 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4341 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4342 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4343 wpa_s->max_match_sets = capa.max_match_sets;
4344 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4345 wpa_s->max_stations = capa.max_stations;
4346 wpa_s->extended_capa = capa.extended_capa;
4347 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4348 wpa_s->extended_capa_len = capa.extended_capa_len;
4349 wpa_s->num_multichan_concurrent =
4350 capa.num_multichan_concurrent;
4351 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4353 if (capa.mac_addr_rand_scan_supported)
4354 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4355 if (wpa_s->sched_scan_supported &&
4356 capa.mac_addr_rand_sched_scan_supported)
4357 wpa_s->mac_addr_rand_supported |=
4358 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4360 if (wpa_s->max_remain_on_chan == 0)
4361 wpa_s->max_remain_on_chan = 1000;
4364 * Only take p2p_mgmt parameters when P2P Device is supported.
4365 * Doing it here as it determines whether l2_packet_init() will be done
4366 * during wpa_supplicant_driver_init().
4368 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4369 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4371 iface->p2p_mgmt = 1;
4373 if (wpa_s->num_multichan_concurrent == 0)
4374 wpa_s->num_multichan_concurrent = 1;
4376 if (wpa_supplicant_driver_init(wpa_s) < 0)
4380 if ((!iface->p2p_mgmt ||
4381 !(wpa_s->drv_flags &
4382 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4383 wpa_tdls_init(wpa_s->wpa))
4385 #endif /* CONFIG_TDLS */
4387 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4388 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4389 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4394 if (wpa_s->conf->fst_group_id) {
4395 struct fst_iface_cfg cfg;
4396 struct fst_wpa_obj iface_obj;
4398 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
4399 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
4400 sizeof(cfg.group_id));
4401 cfg.priority = wpa_s->conf->fst_priority;
4402 cfg.llt = wpa_s->conf->fst_llt;
4404 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
4407 wpa_msg(wpa_s, MSG_ERROR,
4408 "FST: Cannot attach iface %s to group %s",
4409 wpa_s->ifname, cfg.group_id);
4413 #endif /* CONFIG_FST */
4415 if (wpas_wps_init(wpa_s))
4418 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4420 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4422 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4423 if (wpa_s->ctrl_iface == NULL) {
4424 wpa_printf(MSG_ERROR,
4425 "Failed to initialize control interface '%s'.\n"
4426 "You may have another wpa_supplicant process "
4427 "already running or the file was\n"
4428 "left by an unclean termination of wpa_supplicant "
4429 "in which case you will need\n"
4430 "to manually remove this file before starting "
4431 "wpa_supplicant again.\n",
4432 wpa_s->conf->ctrl_interface);
4436 wpa_s->gas = gas_query_init(wpa_s);
4437 if (wpa_s->gas == NULL) {
4438 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4442 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4443 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4447 if (wpa_bss_init(wpa_s) < 0)
4451 * Set Wake-on-WLAN triggers, if configured.
4452 * Note: We don't restore/remove the triggers on shutdown (it doesn't
4453 * have effect anyway when the interface is down).
4455 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
4458 #ifdef CONFIG_EAP_PROXY
4461 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
4463 if (wpa_s->mnc_len > 0) {
4464 wpa_s->imsi[len] = '\0';
4465 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
4466 wpa_s->imsi, wpa_s->mnc_len);
4468 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
4471 #endif /* CONFIG_EAP_PROXY */
4473 if (pcsc_reader_init(wpa_s) < 0)
4476 if (wpas_init_ext_pw(wpa_s) < 0)
4479 wpas_rrm_reset(wpa_s);
4485 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
4486 int notify, int terminate)
4488 struct wpa_global *global = wpa_s->global;
4489 struct wpa_supplicant *iface, *prev;
4491 if (wpa_s == wpa_s->parent)
4492 wpas_p2p_group_remove(wpa_s, "*");
4494 iface = global->ifaces;
4496 if (iface == wpa_s || iface->parent != wpa_s) {
4497 iface = iface->next;
4500 wpa_printf(MSG_DEBUG,
4501 "Remove remaining child interface %s from parent %s",
4502 iface->ifname, wpa_s->ifname);
4504 iface = iface->next;
4505 wpa_supplicant_remove_iface(global, prev, terminate);
4508 wpa_s->disconnected = 1;
4509 if (wpa_s->drv_priv) {
4510 wpa_supplicant_deauthenticate(wpa_s,
4511 WLAN_REASON_DEAUTH_LEAVING);
4513 wpa_drv_set_countermeasures(wpa_s, 0);
4514 wpa_clear_keys(wpa_s, NULL);
4517 wpa_supplicant_cleanup(wpa_s);
4518 wpas_p2p_deinit_iface(wpa_s);
4520 wpas_ctrl_radio_work_flush(wpa_s);
4521 radio_remove_interface(wpa_s);
4525 fst_detach(wpa_s->fst);
4528 if (wpa_s->received_mb_ies) {
4529 wpabuf_free(wpa_s->received_mb_ies);
4530 wpa_s->received_mb_ies = NULL;
4532 #endif /* CONFIG_FST */
4534 if (wpa_s->drv_priv)
4535 wpa_drv_deinit(wpa_s);
4538 wpas_notify_iface_removed(wpa_s);
4541 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
4543 if (wpa_s->ctrl_iface) {
4544 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
4545 wpa_s->ctrl_iface = NULL;
4550 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
4551 wpa_s->ifmsh = NULL;
4553 #endif /* CONFIG_MESH */
4555 if (wpa_s->conf != NULL) {
4556 wpa_config_free(wpa_s->conf);
4560 os_free(wpa_s->ssids_from_scan_req);
4567 * wpa_supplicant_add_iface - Add a new network interface
4568 * @global: Pointer to global data from wpa_supplicant_init()
4569 * @iface: Interface configuration options
4570 * @parent: Parent interface or %NULL to assign new interface as parent
4571 * Returns: Pointer to the created interface or %NULL on failure
4573 * This function is used to add new network interfaces for %wpa_supplicant.
4574 * This can be called before wpa_supplicant_run() to add interfaces before the
4575 * main event loop has been started. In addition, new interfaces can be added
4576 * dynamically while %wpa_supplicant is already running. This could happen,
4577 * e.g., when a hotplug network adapter is inserted.
4579 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
4580 struct wpa_interface *iface,
4581 struct wpa_supplicant *parent)
4583 struct wpa_supplicant *wpa_s;
4584 struct wpa_interface t_iface;
4585 struct wpa_ssid *ssid;
4587 if (global == NULL || iface == NULL)
4590 wpa_s = wpa_supplicant_alloc(parent);
4594 wpa_s->global = global;
4597 if (global->params.override_driver) {
4598 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
4600 iface->driver, global->params.override_driver);
4601 t_iface.driver = global->params.override_driver;
4603 if (global->params.override_ctrl_interface) {
4604 wpa_printf(MSG_DEBUG, "Override interface parameter: "
4605 "ctrl_interface ('%s' -> '%s')",
4606 iface->ctrl_interface,
4607 global->params.override_ctrl_interface);
4608 t_iface.ctrl_interface =
4609 global->params.override_ctrl_interface;
4611 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
4612 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
4614 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
4618 if (iface->p2p_mgmt == 0) {
4619 /* Notify the control interfaces about new iface */
4620 if (wpas_notify_iface_added(wpa_s)) {
4621 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
4625 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4626 wpas_notify_network_added(wpa_s, ssid);
4629 wpa_s->next = global->ifaces;
4630 global->ifaces = wpa_s;
4632 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
4633 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4636 if (wpa_s->global->p2p == NULL &&
4637 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
4638 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
4639 wpas_p2p_add_p2pdev_interface(
4640 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
4641 wpa_printf(MSG_INFO,
4642 "P2P: Failed to enable P2P Device interface");
4643 /* Try to continue without. P2P will be disabled. */
4645 #endif /* CONFIG_P2P */
4652 * wpa_supplicant_remove_iface - Remove a network interface
4653 * @global: Pointer to global data from wpa_supplicant_init()
4654 * @wpa_s: Pointer to the network interface to be removed
4655 * Returns: 0 if interface was removed, -1 if interface was not found
4657 * This function can be used to dynamically remove network interfaces from
4658 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
4659 * addition, this function is used to remove all remaining interfaces when
4660 * %wpa_supplicant is terminated.
4662 int wpa_supplicant_remove_iface(struct wpa_global *global,
4663 struct wpa_supplicant *wpa_s,
4666 struct wpa_supplicant *prev;
4668 unsigned int mesh_if_created = wpa_s->mesh_if_created;
4669 char *ifname = NULL;
4670 #endif /* CONFIG_MESH */
4672 /* Remove interface from the global list of interfaces */
4673 prev = global->ifaces;
4674 if (prev == wpa_s) {
4675 global->ifaces = wpa_s->next;
4677 while (prev && prev->next != wpa_s)
4681 prev->next = wpa_s->next;
4684 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
4687 if (mesh_if_created) {
4688 ifname = os_strdup(wpa_s->ifname);
4689 if (ifname == NULL) {
4690 wpa_dbg(wpa_s, MSG_ERROR,
4691 "mesh: Failed to malloc ifname");
4695 #endif /* CONFIG_MESH */
4697 if (global->p2p_group_formation == wpa_s)
4698 global->p2p_group_formation = NULL;
4699 if (global->p2p_invite_group == wpa_s)
4700 global->p2p_invite_group = NULL;
4701 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
4704 if (mesh_if_created) {
4705 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
4708 #endif /* CONFIG_MESH */
4715 * wpa_supplicant_get_eap_mode - Get the current EAP mode
4716 * @wpa_s: Pointer to the network interface
4717 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
4719 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
4721 const char *eapol_method;
4723 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
4724 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4728 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
4729 if (eapol_method == NULL)
4730 return "UNKNOWN-EAP";
4732 return eapol_method;
4737 * wpa_supplicant_get_iface - Get a new network interface
4738 * @global: Pointer to global data from wpa_supplicant_init()
4739 * @ifname: Interface name
4740 * Returns: Pointer to the interface or %NULL if not found
4742 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
4745 struct wpa_supplicant *wpa_s;
4747 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
4748 if (os_strcmp(wpa_s->ifname, ifname) == 0)
4755 #ifndef CONFIG_NO_WPA_MSG
4756 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
4758 struct wpa_supplicant *wpa_s = ctx;
4761 return wpa_s->ifname;
4763 #endif /* CONFIG_NO_WPA_MSG */
4766 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
4767 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
4768 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
4770 /* Periodic cleanup tasks */
4771 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
4773 struct wpa_global *global = eloop_ctx;
4774 struct wpa_supplicant *wpa_s;
4776 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
4777 wpas_periodic, global, NULL);
4781 p2p_expire_peers(global->p2p);
4782 #endif /* CONFIG_P2P */
4784 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
4785 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
4788 #endif /* CONFIG_AP */
4794 * wpa_supplicant_init - Initialize %wpa_supplicant
4795 * @params: Parameters for %wpa_supplicant
4796 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
4798 * This function is used to initialize %wpa_supplicant. After successful
4799 * initialization, the returned data pointer can be used to add and remove
4800 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
4802 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
4804 struct wpa_global *global;
4810 #ifdef CONFIG_DRIVER_NDIS
4812 void driver_ndis_init_ops(void);
4813 driver_ndis_init_ops();
4815 #endif /* CONFIG_DRIVER_NDIS */
4817 #ifndef CONFIG_NO_WPA_MSG
4818 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4819 #endif /* CONFIG_NO_WPA_MSG */
4821 if (params->wpa_debug_file_path)
4822 wpa_debug_open_file(params->wpa_debug_file_path);
4824 wpa_debug_setup_stdout();
4825 if (params->wpa_debug_syslog)
4826 wpa_debug_open_syslog();
4827 if (params->wpa_debug_tracing) {
4828 ret = wpa_debug_open_linux_tracing();
4830 wpa_printf(MSG_ERROR,
4831 "Failed to enable trace logging");
4836 ret = eap_register_methods();
4838 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4840 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4841 "the same EAP type.");
4845 global = os_zalloc(sizeof(*global));
4848 dl_list_init(&global->p2p_srv_bonjour);
4849 dl_list_init(&global->p2p_srv_upnp);
4850 global->params.daemonize = params->daemonize;
4851 global->params.wait_for_monitor = params->wait_for_monitor;
4852 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4853 if (params->pid_file)
4854 global->params.pid_file = os_strdup(params->pid_file);
4855 if (params->ctrl_interface)
4856 global->params.ctrl_interface =
4857 os_strdup(params->ctrl_interface);
4858 if (params->ctrl_interface_group)
4859 global->params.ctrl_interface_group =
4860 os_strdup(params->ctrl_interface_group);
4861 if (params->override_driver)
4862 global->params.override_driver =
4863 os_strdup(params->override_driver);
4864 if (params->override_ctrl_interface)
4865 global->params.override_ctrl_interface =
4866 os_strdup(params->override_ctrl_interface);
4868 if (params->conf_p2p_dev)
4869 global->params.conf_p2p_dev =
4870 os_strdup(params->conf_p2p_dev);
4871 #endif /* CONFIG_P2P */
4872 wpa_debug_level = global->params.wpa_debug_level =
4873 params->wpa_debug_level;
4874 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4875 params->wpa_debug_show_keys;
4876 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4877 params->wpa_debug_timestamp;
4879 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4882 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4883 wpa_supplicant_deinit(global);
4887 random_init(params->entropy_file);
4889 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4890 if (global->ctrl_iface == NULL) {
4891 wpa_supplicant_deinit(global);
4895 if (wpas_notify_supplicant_initialized(global)) {
4896 wpa_supplicant_deinit(global);
4900 for (i = 0; wpa_drivers[i]; i++)
4901 global->drv_count++;
4902 if (global->drv_count == 0) {
4903 wpa_printf(MSG_ERROR, "No drivers enabled");
4904 wpa_supplicant_deinit(global);
4907 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
4908 if (global->drv_priv == NULL) {
4909 wpa_supplicant_deinit(global);
4913 #ifdef CONFIG_WIFI_DISPLAY
4914 if (wifi_display_init(global) < 0) {
4915 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4916 wpa_supplicant_deinit(global);
4919 #endif /* CONFIG_WIFI_DISPLAY */
4921 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
4922 wpas_periodic, global, NULL);
4929 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4930 * @global: Pointer to global data from wpa_supplicant_init()
4931 * Returns: 0 after successful event loop run, -1 on failure
4933 * This function starts the main event loop and continues running as long as
4934 * there are any remaining events. In most cases, this function is running as
4935 * long as the %wpa_supplicant process in still in use.
4937 int wpa_supplicant_run(struct wpa_global *global)
4939 struct wpa_supplicant *wpa_s;
4941 if (global->params.daemonize &&
4942 wpa_supplicant_daemon(global->params.pid_file))
4945 if (global->params.wait_for_monitor) {
4946 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4947 if (wpa_s->ctrl_iface)
4948 wpa_supplicant_ctrl_iface_wait(
4952 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4953 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4962 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4963 * @global: Pointer to global data from wpa_supplicant_init()
4965 * This function is called to deinitialize %wpa_supplicant and to free all
4966 * allocated resources. Remaining network interfaces will also be removed.
4968 void wpa_supplicant_deinit(struct wpa_global *global)
4975 eloop_cancel_timeout(wpas_periodic, global, NULL);
4977 #ifdef CONFIG_WIFI_DISPLAY
4978 wifi_display_deinit(global);
4979 #endif /* CONFIG_WIFI_DISPLAY */
4981 while (global->ifaces)
4982 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4984 if (global->ctrl_iface)
4985 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4987 wpas_notify_supplicant_deinitialized(global);
4989 eap_peer_unregister_methods();
4991 eap_server_unregister_methods();
4992 #endif /* CONFIG_AP */
4994 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4995 if (!global->drv_priv[i])
4997 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4999 os_free(global->drv_priv);
5005 if (global->params.pid_file) {
5006 os_daemonize_terminate(global->params.pid_file);
5007 os_free(global->params.pid_file);
5009 os_free(global->params.ctrl_interface);
5010 os_free(global->params.ctrl_interface_group);
5011 os_free(global->params.override_driver);
5012 os_free(global->params.override_ctrl_interface);
5014 os_free(global->params.conf_p2p_dev);
5015 #endif /* CONFIG_P2P */
5017 os_free(global->p2p_disallow_freq.range);
5018 os_free(global->p2p_go_avoid_freq.range);
5019 os_free(global->add_psk);
5022 wpa_debug_close_syslog();
5023 wpa_debug_close_file();
5024 wpa_debug_close_linux_tracing();
5028 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
5030 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
5031 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
5033 country[0] = wpa_s->conf->country[0];
5034 country[1] = wpa_s->conf->country[1];
5036 if (wpa_drv_set_country(wpa_s, country) < 0) {
5037 wpa_printf(MSG_ERROR, "Failed to set country code "
5042 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
5043 wpas_init_ext_pw(wpa_s);
5046 wpas_wps_update_config(wpa_s);
5047 #endif /* CONFIG_WPS */
5048 wpas_p2p_update_config(wpa_s);
5049 wpa_s->conf->changed_parameters = 0;
5053 void add_freq(int *freqs, int *num_freqs, int freq)
5057 for (i = 0; i < *num_freqs; i++) {
5058 if (freqs[i] == freq)
5062 freqs[*num_freqs] = freq;
5067 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
5069 struct wpa_bss *bss, *cbss;
5070 const int max_freqs = 10;
5074 freqs = os_calloc(max_freqs + 1, sizeof(int));
5078 cbss = wpa_s->current_bss;
5080 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5083 if (bss->ssid_len == cbss->ssid_len &&
5084 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
5085 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
5086 add_freq(freqs, &num_freqs, bss->freq);
5087 if (num_freqs == max_freqs)
5092 if (num_freqs == 0) {
5101 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
5107 wpas_connect_work_done(wpa_s);
5110 * Remove possible authentication timeout since the connection failed.
5112 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
5115 * There is no point in blacklisting the AP if this event is
5116 * generated based on local request to disconnect.
5118 if (wpa_s->own_disconnect_req) {
5119 wpa_s->own_disconnect_req = 0;
5120 wpa_dbg(wpa_s, MSG_DEBUG,
5121 "Ignore connection failure due to local request to disconnect");
5124 if (wpa_s->disconnected) {
5125 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
5126 "indication since interface has been put into "
5127 "disconnected state");
5132 * Add the failed BSSID into the blacklist and speed up next scan
5133 * attempt if there could be other APs that could accept association.
5134 * The current blacklist count indicates how many times we have tried
5135 * connecting to this AP and multiple attempts mean that other APs are
5136 * either not available or has already been tried, so that we can start
5137 * increasing the delay here to avoid constant scanning.
5139 count = wpa_blacklist_add(wpa_s, bssid);
5140 if (count == 1 && wpa_s->current_bss) {
5142 * This BSS was not in the blacklist before. If there is
5143 * another BSS available for the same ESS, we should try that
5144 * next. Otherwise, we may as well try this one once more
5145 * before allowing other, likely worse, ESSes to be considered.
5147 freqs = get_bss_freqs_in_ess(wpa_s);
5149 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
5150 "has been seen; try it next");
5151 wpa_blacklist_add(wpa_s, bssid);
5153 * On the next scan, go through only the known channels
5154 * used in this ESS based on previous scans to speed up
5155 * common load balancing use case.
5157 os_free(wpa_s->next_scan_freqs);
5158 wpa_s->next_scan_freqs = freqs;
5163 * Add previous failure count in case the temporary blacklist was
5164 * cleared due to no other BSSes being available.
5166 count += wpa_s->extra_blacklist_count;
5168 if (count > 3 && wpa_s->current_ssid) {
5169 wpa_printf(MSG_DEBUG, "Continuous association failures - "
5170 "consider temporary network disabling");
5171 wpas_auth_failed(wpa_s, "CONN_FAILED");
5192 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
5193 "ms", count, timeout);
5196 * TODO: if more than one possible AP is available in scan results,
5197 * could try the other ones before requesting a new scan.
5199 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
5200 1000 * (timeout % 1000));
5204 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
5206 return wpa_s->conf->ap_scan == 2 ||
5207 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
5211 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
5212 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
5213 struct wpa_ssid *ssid,
5217 #ifdef IEEE8021X_EAPOL
5218 struct eap_peer_config *eap = &ssid->eap;
5220 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5221 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5222 (const u8 *) value, os_strlen(value));
5224 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5225 case WPA_CTRL_REQ_EAP_IDENTITY:
5226 os_free(eap->identity);
5227 eap->identity = (u8 *) os_strdup(value);
5228 eap->identity_len = os_strlen(value);
5229 eap->pending_req_identity = 0;
5230 if (ssid == wpa_s->current_ssid)
5231 wpa_s->reassociate = 1;
5233 case WPA_CTRL_REQ_EAP_PASSWORD:
5234 bin_clear_free(eap->password, eap->password_len);
5235 eap->password = (u8 *) os_strdup(value);
5236 eap->password_len = os_strlen(value);
5237 eap->pending_req_password = 0;
5238 if (ssid == wpa_s->current_ssid)
5239 wpa_s->reassociate = 1;
5241 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5242 bin_clear_free(eap->new_password, eap->new_password_len);
5243 eap->new_password = (u8 *) os_strdup(value);
5244 eap->new_password_len = os_strlen(value);
5245 eap->pending_req_new_password = 0;
5246 if (ssid == wpa_s->current_ssid)
5247 wpa_s->reassociate = 1;
5249 case WPA_CTRL_REQ_EAP_PIN:
5250 str_clear_free(eap->pin);
5251 eap->pin = os_strdup(value);
5252 eap->pending_req_pin = 0;
5253 if (ssid == wpa_s->current_ssid)
5254 wpa_s->reassociate = 1;
5256 case WPA_CTRL_REQ_EAP_OTP:
5257 bin_clear_free(eap->otp, eap->otp_len);
5258 eap->otp = (u8 *) os_strdup(value);
5259 eap->otp_len = os_strlen(value);
5260 os_free(eap->pending_req_otp);
5261 eap->pending_req_otp = NULL;
5262 eap->pending_req_otp_len = 0;
5264 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5265 str_clear_free(eap->private_key_passwd);
5266 eap->private_key_passwd = os_strdup(value);
5267 eap->pending_req_passphrase = 0;
5268 if (ssid == wpa_s->current_ssid)
5269 wpa_s->reassociate = 1;
5271 case WPA_CTRL_REQ_SIM:
5272 str_clear_free(eap->external_sim_resp);
5273 eap->external_sim_resp = os_strdup(value);
5275 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5276 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5278 ssid->mem_only_psk = 1;
5279 if (ssid->passphrase)
5280 wpa_config_update_psk(ssid);
5281 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5282 wpa_supplicant_req_scan(wpa_s, 0, 0);
5285 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
5290 #else /* IEEE8021X_EAPOL */
5291 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
5293 #endif /* IEEE8021X_EAPOL */
5295 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
5298 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5301 unsigned int drv_enc;
5303 if (wpa_s->p2p_mgmt)
5304 return 1; /* no normal network profiles on p2p_mgmt interface */
5312 if (wpa_s->drv_capa_known)
5313 drv_enc = wpa_s->drv_enc;
5315 drv_enc = (unsigned int) -1;
5317 for (i = 0; i < NUM_WEP_KEYS; i++) {
5318 size_t len = ssid->wep_key_len[i];
5321 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
5323 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
5325 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
5327 return 1; /* invalid WEP key */
5330 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
5331 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
5332 !ssid->mem_only_psk)
5339 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5341 #ifdef CONFIG_IEEE80211W
5342 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
5343 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
5344 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
5346 * Driver does not support BIP -- ignore pmf=1 default
5347 * since the connection with PMF would fail and the
5348 * configuration does not require PMF to be enabled.
5350 return NO_MGMT_FRAME_PROTECTION;
5353 return wpa_s->conf->pmf;
5356 return ssid->ieee80211w;
5357 #else /* CONFIG_IEEE80211W */
5358 return NO_MGMT_FRAME_PROTECTION;
5359 #endif /* CONFIG_IEEE80211W */
5363 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
5365 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
5367 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
5373 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
5375 struct wpa_ssid *ssid = wpa_s->current_ssid;
5377 struct os_reltime now;
5380 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
5385 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
5388 ssid->auth_failures++;
5391 if (ssid->p2p_group &&
5392 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
5394 * Skip the wait time since there is a short timeout on the
5395 * connection to a P2P group.
5399 #endif /* CONFIG_P2P */
5401 if (ssid->auth_failures > 50)
5403 else if (ssid->auth_failures > 10)
5405 else if (ssid->auth_failures > 5)
5407 else if (ssid->auth_failures > 3)
5409 else if (ssid->auth_failures > 2)
5411 else if (ssid->auth_failures > 1)
5416 if (ssid->auth_failures > 1 &&
5417 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
5418 dur += os_random() % (ssid->auth_failures * 10);
5420 os_get_reltime(&now);
5421 if (now.sec + dur <= ssid->disabled_until.sec)
5424 ssid->disabled_until.sec = now.sec + dur;
5426 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
5427 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
5428 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
5429 ssid->auth_failures, dur, reason);
5433 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
5434 struct wpa_ssid *ssid, int clear_failures)
5439 if (ssid->disabled_until.sec) {
5440 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
5441 "id=%d ssid=\"%s\"",
5442 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
5444 ssid->disabled_until.sec = 0;
5445 ssid->disabled_until.usec = 0;
5447 ssid->auth_failures = 0;
5451 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
5455 if (wpa_s->disallow_aps_bssid == NULL)
5458 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
5459 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
5460 bssid, ETH_ALEN) == 0)
5468 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
5473 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
5476 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
5477 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
5478 if (ssid_len == s->ssid_len &&
5479 os_memcmp(ssid, s->ssid, ssid_len) == 0)
5488 * wpas_request_connection - Request a new connection
5489 * @wpa_s: Pointer to the network interface
5491 * This function is used to request a new connection to be found. It will mark
5492 * the interface to allow reassociation and request a new scan to find a
5493 * suitable network to connect to.
5495 void wpas_request_connection(struct wpa_supplicant *wpa_s)
5497 wpa_s->normal_scans = 0;
5498 wpa_s->scan_req = NORMAL_SCAN_REQ;
5499 wpa_supplicant_reinit_autoscan(wpa_s);
5500 wpa_s->extra_blacklist_count = 0;
5501 wpa_s->disconnected = 0;
5502 wpa_s->reassociate = 1;
5504 if (wpa_supplicant_fast_associate(wpa_s) != 1)
5505 wpa_supplicant_req_scan(wpa_s, 0, 0);
5507 wpa_s->reattach = 0;
5511 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
5512 struct wpa_used_freq_data *freqs_data,
5517 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
5519 for (i = 0; i < len; i++) {
5520 struct wpa_used_freq_data *cur = &freqs_data[i];
5521 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
5522 i, cur->freq, cur->flags);
5528 * Find the operating frequencies of any of the virtual interfaces that
5529 * are using the same radio as the current interface, and in addition, get
5530 * information about the interface types that are using the frequency.
5532 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
5533 struct wpa_used_freq_data *freqs_data,
5536 struct wpa_supplicant *ifs;
5539 unsigned int idx = 0, i;
5541 wpa_dbg(wpa_s, MSG_DEBUG,
5542 "Determining shared radio frequencies (max len %u)", len);
5543 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
5545 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
5550 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
5553 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
5554 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
5555 ifs->current_ssid->mode == WPAS_MODE_MESH)
5556 freq = ifs->current_ssid->frequency;
5557 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
5558 freq = ifs->assoc_freq;
5562 /* Hold only distinct freqs */
5563 for (i = 0; i < idx; i++)
5564 if (freqs_data[i].freq == freq)
5568 freqs_data[idx++].freq = freq;
5570 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
5571 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
5572 WPA_FREQ_USED_BY_P2P_CLIENT :
5573 WPA_FREQ_USED_BY_INFRA_STATION;
5577 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
5583 * Find the operating frequencies of any of the virtual interfaces that
5584 * are using the same radio as the current interface.
5586 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
5587 int *freq_array, unsigned int len)
5589 struct wpa_used_freq_data *freqs_data;
5592 os_memset(freq_array, 0, sizeof(int) * len);
5594 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
5598 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
5599 for (i = 0; i < num; i++)
5600 freq_array[i] = freqs_data[i].freq;
5602 os_free(freqs_data);
5608 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
5610 struct rrm_data *rrm = data;
5612 if (!rrm->notify_neighbor_rep) {
5613 wpa_printf(MSG_ERROR,
5614 "RRM: Unexpected neighbor report timeout");
5618 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
5619 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
5621 rrm->notify_neighbor_rep = NULL;
5622 rrm->neighbor_rep_cb_ctx = NULL;
5627 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
5628 * @wpa_s: Pointer to wpa_supplicant
5630 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
5632 wpa_s->rrm.rrm_used = 0;
5634 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5636 if (wpa_s->rrm.notify_neighbor_rep)
5637 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
5638 wpa_s->rrm.next_neighbor_rep_token = 1;
5643 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
5644 * @wpa_s: Pointer to wpa_supplicant
5645 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
5646 * @report_len: Length of neighbor report buffer
5648 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
5649 const u8 *report, size_t report_len)
5651 struct wpabuf *neighbor_rep;
5653 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
5657 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
5658 wpa_printf(MSG_DEBUG,
5659 "RRM: Discarding neighbor report with token %d (expected %d)",
5660 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
5664 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5667 if (!wpa_s->rrm.notify_neighbor_rep) {
5668 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
5672 /* skipping the first byte, which is only an id (dialog token) */
5673 neighbor_rep = wpabuf_alloc(report_len - 1);
5674 if (neighbor_rep == NULL)
5676 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
5677 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
5679 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
5681 wpa_s->rrm.notify_neighbor_rep = NULL;
5682 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
5686 #if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
5687 /* Workaround different, undefined for Windows, error codes used here */
5689 #define EOPNOTSUPP -1
5690 #define ECANCELED -1
5694 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
5695 * @wpa_s: Pointer to wpa_supplicant
5696 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
5697 * is sent in the request.
5698 * @cb: Callback function to be called once the requested report arrives, or
5699 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
5700 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
5701 * the requester's responsibility to free it.
5702 * In the latter case NULL will be sent in 'neighbor_rep'.
5703 * @cb_ctx: Context value to send the callback function
5704 * Returns: 0 in case of success, negative error code otherwise
5706 * In case there is a previous request which has not been answered yet, the
5707 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
5708 * Request must contain a callback function.
5710 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
5711 const struct wpa_ssid *ssid,
5712 void (*cb)(void *ctx,
5713 struct wpabuf *neighbor_rep),
5719 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
5720 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
5724 if (!wpa_s->rrm.rrm_used) {
5725 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
5729 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
5730 WLAN_EID_RRM_ENABLED_CAPABILITIES);
5731 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
5732 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
5733 wpa_printf(MSG_DEBUG,
5734 "RRM: No network support for Neighbor Report.");
5739 wpa_printf(MSG_DEBUG,
5740 "RRM: Neighbor Report request must provide a callback.");
5744 /* Refuse if there's a live request */
5745 if (wpa_s->rrm.notify_neighbor_rep) {
5746 wpa_printf(MSG_DEBUG,
5747 "RRM: Currently handling previous Neighbor Report.");
5751 /* 3 = action category + action code + dialog token */
5752 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0));
5754 wpa_printf(MSG_DEBUG,
5755 "RRM: Failed to allocate Neighbor Report Request");
5759 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
5760 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
5761 wpa_s->rrm.next_neighbor_rep_token);
5763 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5764 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
5765 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
5767 wpabuf_put_u8(buf, WLAN_EID_SSID);
5768 wpabuf_put_u8(buf, ssid->ssid_len);
5769 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
5772 wpa_s->rrm.next_neighbor_rep_token++;
5774 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5775 wpa_s->own_addr, wpa_s->bssid,
5776 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
5777 wpa_printf(MSG_DEBUG,
5778 "RRM: Failed to send Neighbor Report Request");
5783 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
5784 wpa_s->rrm.notify_neighbor_rep = cb;
5785 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
5786 wpas_rrm_neighbor_rep_timeout_handler,
5794 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
5796 const u8 *frame, size_t len,
5800 const struct rrm_link_measurement_request *req;
5801 struct rrm_link_measurement_report report;
5803 if (wpa_s->wpa_state != WPA_COMPLETED) {
5804 wpa_printf(MSG_INFO,
5805 "RRM: Ignoring link measurement request. Not associated");
5809 if (!wpa_s->rrm.rrm_used) {
5810 wpa_printf(MSG_INFO,
5811 "RRM: Ignoring link measurement request. Not RRM network");
5815 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
5816 wpa_printf(MSG_INFO,
5817 "RRM: Measurement report failed. TX power insertion not supported");
5821 req = (const struct rrm_link_measurement_request *) frame;
5822 if (len < sizeof(*req)) {
5823 wpa_printf(MSG_INFO,
5824 "RRM: Link measurement report failed. Request too short");
5828 os_memset(&report, 0, sizeof(report));
5829 report.tpc.eid = WLAN_EID_TPC_REPORT;
5831 report.rsni = 255; /* 255 indicates that RSNI is not available */
5832 report.dialog_token = req->dialog_token;
5835 * It's possible to estimate RCPI based on RSSI in dBm. This
5836 * calculation will not reflect the correct value for high rates,
5837 * but it's good enough for Action frames which are transmitted
5838 * with up to 24 Mbps rates.
5841 report.rcpi = 255; /* not available */
5842 else if (rssi < -110)
5847 report.rcpi = (rssi + 110) * 2;
5849 /* action_category + action_code */
5850 buf = wpabuf_alloc(2 + sizeof(report));
5852 wpa_printf(MSG_ERROR,
5853 "RRM: Link measurement report failed. Buffer allocation failed");
5857 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5858 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
5859 wpabuf_put_data(buf, &report, sizeof(report));
5860 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
5861 wpabuf_head(buf), wpabuf_len(buf));
5863 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
5864 wpa_s->own_addr, wpa_s->bssid,
5865 wpabuf_head(buf), wpabuf_len(buf), 0)) {
5866 wpa_printf(MSG_ERROR,
5867 "RRM: Link measurement report failed. Send action failed");
projects / mech_eap.git / blob