3 * Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
43 #include "blacklist.h"
44 #include "wpas_glue.h"
45 #include "wps_supplicant.h"
48 #include "gas_query.h"
50 #include "p2p_supplicant.h"
51 #include "wifi_display.h"
57 #include "offchannel.h"
58 #include "hs20_supplicant.h"
63 const char *const wpa_supplicant_version =
64 "wpa_supplicant v" VERSION_STR "\n"
65 "Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> and contributors";
67 const char *const wpa_supplicant_license =
68 "This software may be distributed under the terms of the BSD license.\n"
69 "See README for more details.\n"
70 #ifdef EAP_TLS_OPENSSL
71 "\nThis product includes software developed by the OpenSSL Project\n"
72 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
73 #endif /* EAP_TLS_OPENSSL */
76 #ifndef CONFIG_NO_STDOUT_DEBUG
77 /* Long text divided into parts in order to fit in C89 strings size limits. */
78 const char *const wpa_supplicant_full_license1 =
80 const char *const wpa_supplicant_full_license2 =
81 "This software may be distributed under the terms of the BSD license.\n"
83 "Redistribution and use in source and binary forms, with or without\n"
84 "modification, are permitted provided that the following conditions are\n"
87 const char *const wpa_supplicant_full_license3 =
88 "1. Redistributions of source code must retain the above copyright\n"
89 " notice, this list of conditions and the following disclaimer.\n"
91 "2. Redistributions in binary form must reproduce the above copyright\n"
92 " notice, this list of conditions and the following disclaimer in the\n"
93 " documentation and/or other materials provided with the distribution.\n"
95 const char *const wpa_supplicant_full_license4 =
96 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
97 " names of its contributors may be used to endorse or promote products\n"
98 " derived from this software without specific prior written permission.\n"
100 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
101 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
102 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
103 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
104 const char *const wpa_supplicant_full_license5 =
105 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
106 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
107 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
108 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
109 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
110 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
111 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
113 #endif /* CONFIG_NO_STDOUT_DEBUG */
115 /* Configure default/group WEP keys for static WEP */
116 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
120 for (i = 0; i < NUM_WEP_KEYS; i++) {
121 if (ssid->wep_key_len[i] == 0)
125 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
126 i, i == ssid->wep_tx_keyidx, NULL, 0,
127 ssid->wep_key[i], ssid->wep_key_len[i]);
134 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
135 struct wpa_ssid *ssid)
143 /* IBSS/WPA-None uses only one key (Group) for both receiving and
144 * sending unicast and multicast packets. */
146 if (ssid->mode != WPAS_MODE_IBSS) {
147 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
148 "IBSS/ad-hoc) for WPA-None", ssid->mode);
152 if (!ssid->psk_set) {
153 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
158 switch (wpa_s->group_cipher) {
159 case WPA_CIPHER_CCMP:
160 os_memcpy(key, ssid->psk, 16);
164 case WPA_CIPHER_GCMP:
165 os_memcpy(key, ssid->psk, 16);
169 case WPA_CIPHER_TKIP:
170 /* WPA-None uses the same Michael MIC key for both TX and RX */
171 os_memcpy(key, ssid->psk, 16 + 8);
172 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
177 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
178 "WPA-None", wpa_s->group_cipher);
182 /* TODO: should actually remember the previously used seq#, both for TX
183 * and RX from each STA.. */
185 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
186 os_memset(key, 0, sizeof(key));
191 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
193 struct wpa_supplicant *wpa_s = eloop_ctx;
194 const u8 *bssid = wpa_s->bssid;
195 if (is_zero_ether_addr(bssid))
196 bssid = wpa_s->pending_bssid;
197 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
199 wpa_blacklist_add(wpa_s, bssid);
200 wpa_sm_notify_disassoc(wpa_s->wpa);
201 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
202 wpa_s->reassociate = 1;
205 * If we timed out, the AP or the local radio may be busy.
206 * So, wait a second until scanning again.
208 wpa_supplicant_req_scan(wpa_s, 1, 0);
213 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
214 * @wpa_s: Pointer to wpa_supplicant data
215 * @sec: Number of seconds after which to time out authentication
216 * @usec: Number of microseconds after which to time out authentication
218 * This function is used to schedule a timeout for the current authentication
221 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
224 if (wpa_s->conf->ap_scan == 0 &&
225 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
228 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
229 "%d usec", sec, usec);
230 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
231 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
236 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
237 * @wpa_s: Pointer to wpa_supplicant data
239 * This function is used to cancel authentication timeout scheduled with
240 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
243 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
245 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
246 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
247 wpa_blacklist_del(wpa_s, wpa_s->bssid);
252 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
253 * @wpa_s: Pointer to wpa_supplicant data
255 * This function is used to configure EAPOL state machine based on the selected
256 * authentication mode.
258 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
260 #ifdef IEEE8021X_EAPOL
261 struct eapol_config eapol_conf;
262 struct wpa_ssid *ssid = wpa_s->current_ssid;
264 #ifdef CONFIG_IBSS_RSN
265 if (ssid->mode == WPAS_MODE_IBSS &&
266 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
267 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
269 * RSN IBSS authentication is per-STA and we can disable the
270 * per-BSSID EAPOL authentication.
272 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
273 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
274 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277 #endif /* CONFIG_IBSS_RSN */
279 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
280 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
282 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
283 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
284 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
286 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
288 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
289 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
290 eapol_conf.accept_802_1x_keys = 1;
291 eapol_conf.required_keys = 0;
292 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
293 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
295 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
296 eapol_conf.required_keys |=
297 EAPOL_REQUIRE_KEY_BROADCAST;
300 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
301 eapol_conf.required_keys = 0;
303 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
304 eapol_conf.workaround = ssid->eap_workaround;
305 eapol_conf.eap_disabled =
306 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
307 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
308 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
309 eapol_conf.external_sim = wpa_s->conf->external_sim;
312 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
313 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
314 if (wpa_s->current_bss) {
316 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
321 EAPOL_PEER_IS_WPS20_AP;
326 #endif /* CONFIG_WPS */
328 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
330 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
331 #endif /* IEEE8021X_EAPOL */
336 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
337 * @wpa_s: Pointer to wpa_supplicant data
338 * @ssid: Configuration data for the network
340 * This function is used to configure WPA state machine and related parameters
341 * to a mode where WPA is not enabled. This is called as part of the
342 * authentication configuration when the selected network does not use WPA.
344 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
345 struct wpa_ssid *ssid)
349 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
350 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
351 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
352 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
354 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
355 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
356 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
357 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
358 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
359 wpa_s->group_cipher = WPA_CIPHER_NONE;
360 wpa_s->mgmt_group_cipher = 0;
362 for (i = 0; i < NUM_WEP_KEYS; i++) {
363 if (ssid->wep_key_len[i] > 5) {
364 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
365 wpa_s->group_cipher = WPA_CIPHER_WEP104;
367 } else if (ssid->wep_key_len[i] > 0) {
368 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
369 wpa_s->group_cipher = WPA_CIPHER_WEP40;
374 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
375 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
376 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
377 wpa_s->pairwise_cipher);
378 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
379 #ifdef CONFIG_IEEE80211W
380 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
381 wpa_s->mgmt_group_cipher);
382 #endif /* CONFIG_IEEE80211W */
384 pmksa_cache_clear_current(wpa_s->wpa);
388 void free_hw_features(struct wpa_supplicant *wpa_s)
391 if (wpa_s->hw.modes == NULL)
394 for (i = 0; i < wpa_s->hw.num_modes; i++) {
395 os_free(wpa_s->hw.modes[i].channels);
396 os_free(wpa_s->hw.modes[i].rates);
399 os_free(wpa_s->hw.modes);
400 wpa_s->hw.modes = NULL;
404 static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
406 struct wpa_bss_tmp_disallowed *bss, *prev;
408 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
409 struct wpa_bss_tmp_disallowed, list) {
410 dl_list_del(&bss->list);
416 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
420 bgscan_deinit(wpa_s);
421 autoscan_deinit(wpa_s);
422 scard_deinit(wpa_s->scard);
424 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
425 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
426 l2_packet_deinit(wpa_s->l2);
429 l2_packet_deinit(wpa_s->l2_br);
432 #ifdef CONFIG_TESTING_OPTIONS
433 l2_packet_deinit(wpa_s->l2_test);
434 wpa_s->l2_test = NULL;
435 #endif /* CONFIG_TESTING_OPTIONS */
437 if (wpa_s->conf != NULL) {
438 struct wpa_ssid *ssid;
439 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
440 wpas_notify_network_removed(wpa_s, ssid);
443 os_free(wpa_s->confname);
444 wpa_s->confname = NULL;
446 os_free(wpa_s->confanother);
447 wpa_s->confanother = NULL;
449 wpa_sm_set_eapol(wpa_s->wpa, NULL);
450 eapol_sm_deinit(wpa_s->eapol);
453 rsn_preauth_deinit(wpa_s->wpa);
456 wpa_tdls_deinit(wpa_s->wpa);
457 #endif /* CONFIG_TDLS */
459 wmm_ac_clear_saved_tspecs(wpa_s);
460 pmksa_candidate_free(wpa_s->wpa);
461 wpa_sm_deinit(wpa_s->wpa);
463 wpa_blacklist_clear(wpa_s);
465 wpa_bss_deinit(wpa_s);
467 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
468 wpa_supplicant_cancel_scan(wpa_s);
469 wpa_supplicant_cancel_auth_timeout(wpa_s);
470 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
471 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
472 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
474 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
476 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
478 wpas_wps_deinit(wpa_s);
480 wpabuf_free(wpa_s->pending_eapol_rx);
481 wpa_s->pending_eapol_rx = NULL;
483 #ifdef CONFIG_IBSS_RSN
484 ibss_rsn_deinit(wpa_s->ibss_rsn);
485 wpa_s->ibss_rsn = NULL;
486 #endif /* CONFIG_IBSS_RSN */
491 wpa_supplicant_ap_deinit(wpa_s);
492 #endif /* CONFIG_AP */
494 wpas_p2p_deinit(wpa_s);
496 #ifdef CONFIG_OFFCHANNEL
497 offchannel_deinit(wpa_s);
498 #endif /* CONFIG_OFFCHANNEL */
500 wpa_supplicant_cancel_sched_scan(wpa_s);
502 os_free(wpa_s->next_scan_freqs);
503 wpa_s->next_scan_freqs = NULL;
505 os_free(wpa_s->manual_scan_freqs);
506 wpa_s->manual_scan_freqs = NULL;
508 os_free(wpa_s->manual_sched_scan_freqs);
509 wpa_s->manual_sched_scan_freqs = NULL;
511 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
514 * Need to remove any pending gas-query radio work before the
515 * gas_query_deinit() call because gas_query::work has not yet been set
516 * for works that have not been started. gas_query_free() will be unable
517 * to cancel such pending radio works and once the pending gas-query
518 * radio work eventually gets removed, the deinit notification call to
519 * gas_query_start_cb() would result in dereferencing freed memory.
522 radio_remove_works(wpa_s, "gas-query", 0);
523 gas_query_deinit(wpa_s->gas);
526 free_hw_features(wpa_s);
528 ieee802_1x_dealloc_kay_sm(wpa_s);
530 os_free(wpa_s->bssid_filter);
531 wpa_s->bssid_filter = NULL;
533 os_free(wpa_s->disallow_aps_bssid);
534 wpa_s->disallow_aps_bssid = NULL;
535 os_free(wpa_s->disallow_aps_ssid);
536 wpa_s->disallow_aps_ssid = NULL;
538 wnm_bss_keep_alive_deinit(wpa_s);
540 wnm_deallocate_memory(wpa_s);
541 #endif /* CONFIG_WNM */
543 ext_password_deinit(wpa_s->ext_pw);
544 wpa_s->ext_pw = NULL;
546 wpabuf_free(wpa_s->last_gas_resp);
547 wpa_s->last_gas_resp = NULL;
548 wpabuf_free(wpa_s->prev_gas_resp);
549 wpa_s->prev_gas_resp = NULL;
551 os_free(wpa_s->last_scan_res);
552 wpa_s->last_scan_res = NULL;
556 wpa_drv_configure_frame_filters(wpa_s, 0);
558 #endif /* CONFIG_HS20 */
560 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
561 wpabuf_free(wpa_s->vendor_elem[i]);
562 wpa_s->vendor_elem[i] = NULL;
565 wmm_ac_notify_disassoc(wpa_s);
567 wpa_s->sched_scan_plans_num = 0;
568 os_free(wpa_s->sched_scan_plans);
569 wpa_s->sched_scan_plans = NULL;
572 wpa_s->non_pref_chan_num = 0;
573 os_free(wpa_s->non_pref_chan);
574 wpa_s->non_pref_chan = NULL;
575 #endif /* CONFIG_MBO */
577 free_bss_tmp_disallowed(wpa_s);
579 wpabuf_free(wpa_s->lci);
585 * wpa_clear_keys - Clear keys configured for the driver
586 * @wpa_s: Pointer to wpa_supplicant data
587 * @addr: Previously used BSSID or %NULL if not available
589 * This function clears the encryption keys that has been previously configured
592 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
596 #ifdef CONFIG_IEEE80211W
598 #else /* CONFIG_IEEE80211W */
600 #endif /* CONFIG_IEEE80211W */
602 /* MLME-DELETEKEYS.request */
603 for (i = 0; i < max; i++) {
604 if (wpa_s->keys_cleared & BIT(i))
606 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
609 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
610 !is_zero_ether_addr(addr)) {
611 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
613 /* MLME-SETPROTECTION.request(None) */
614 wpa_drv_mlme_setprotection(
616 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
617 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
619 wpa_s->keys_cleared = (u32) -1;
624 * wpa_supplicant_state_txt - Get the connection state name as a text string
625 * @state: State (wpa_state; WPA_*)
626 * Returns: The state name as a printable text string
628 const char * wpa_supplicant_state_txt(enum wpa_states state)
631 case WPA_DISCONNECTED:
632 return "DISCONNECTED";
635 case WPA_INTERFACE_DISABLED:
636 return "INTERFACE_DISABLED";
639 case WPA_AUTHENTICATING:
640 return "AUTHENTICATING";
641 case WPA_ASSOCIATING:
642 return "ASSOCIATING";
645 case WPA_4WAY_HANDSHAKE:
646 return "4WAY_HANDSHAKE";
647 case WPA_GROUP_HANDSHAKE:
648 return "GROUP_HANDSHAKE";
659 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
663 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
664 name = wpa_s->current_ssid->bgscan;
666 name = wpa_s->conf->bgscan;
667 if (name == NULL || name[0] == '\0')
669 if (wpas_driver_bss_selection(wpa_s))
671 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
674 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
676 #endif /* CONFIG_P2P */
678 bgscan_deinit(wpa_s);
679 if (wpa_s->current_ssid) {
680 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
681 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
684 * Live without bgscan; it is only used as a roaming
685 * optimization, so the initial connection is not
689 struct wpa_scan_results *scan_res;
690 wpa_s->bgscan_ssid = wpa_s->current_ssid;
691 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
694 bgscan_notify_scan(wpa_s, scan_res);
695 wpa_scan_results_free(scan_res);
699 wpa_s->bgscan_ssid = NULL;
703 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
705 if (wpa_s->bgscan_ssid != NULL) {
706 bgscan_deinit(wpa_s);
707 wpa_s->bgscan_ssid = NULL;
711 #endif /* CONFIG_BGSCAN */
714 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
716 if (autoscan_init(wpa_s, 0))
717 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
721 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
723 autoscan_deinit(wpa_s);
727 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
729 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
730 wpa_s->wpa_state == WPA_SCANNING) {
731 autoscan_deinit(wpa_s);
732 wpa_supplicant_start_autoscan(wpa_s);
738 * wpa_supplicant_set_state - Set current connection state
739 * @wpa_s: Pointer to wpa_supplicant data
740 * @state: The new connection state
742 * This function is called whenever the connection state changes, e.g.,
743 * association is completed for WPA/WPA2 4-Way Handshake is started.
745 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
746 enum wpa_states state)
748 enum wpa_states old_state = wpa_s->wpa_state;
750 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
751 wpa_supplicant_state_txt(wpa_s->wpa_state),
752 wpa_supplicant_state_txt(state));
754 if (state == WPA_INTERFACE_DISABLED) {
755 /* Assure normal scan when interface is restored */
756 wpa_s->normal_scans = 0;
759 if (state == WPA_COMPLETED) {
760 wpas_connect_work_done(wpa_s);
761 /* Reinitialize normal_scan counter */
762 wpa_s->normal_scans = 0;
767 * P2PS client has to reply to Probe Request frames received on the
768 * group operating channel. Enable Probe Request frame reporting for
769 * P2P connected client in case p2p_cli_probe configuration property is
772 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
773 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
774 wpa_s->current_ssid->p2p_group) {
775 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
776 wpa_dbg(wpa_s, MSG_DEBUG,
777 "P2P: Enable CLI Probe Request RX reporting");
778 wpa_s->p2p_cli_probe =
779 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
780 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
781 wpa_dbg(wpa_s, MSG_DEBUG,
782 "P2P: Disable CLI Probe Request RX reporting");
783 wpa_s->p2p_cli_probe = 0;
784 wpa_drv_probe_req_report(wpa_s, 0);
787 #endif /* CONFIG_P2P */
789 if (state != WPA_SCANNING)
790 wpa_supplicant_notify_scanning(wpa_s, 0);
792 if (state == WPA_COMPLETED && wpa_s->new_connection) {
793 struct wpa_ssid *ssid = wpa_s->current_ssid;
794 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
795 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
796 MACSTR " completed [id=%d id_str=%s]",
797 MAC2STR(wpa_s->bssid),
798 ssid ? ssid->id : -1,
799 ssid && ssid->id_str ? ssid->id_str : "");
800 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
801 wpas_clear_temp_disabled(wpa_s, ssid, 1);
802 wpa_blacklist_clear(wpa_s);
803 wpa_s->extra_blacklist_count = 0;
804 wpa_s->new_connection = 0;
805 wpa_drv_set_operstate(wpa_s, 1);
806 #ifndef IEEE8021X_EAPOL
807 wpa_drv_set_supp_port(wpa_s, 1);
808 #endif /* IEEE8021X_EAPOL */
809 wpa_s->after_wps = 0;
810 wpa_s->known_wps_freq = 0;
811 wpas_p2p_completed(wpa_s);
813 sme_sched_obss_scan(wpa_s, 1);
814 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
815 state == WPA_ASSOCIATED) {
816 wpa_s->new_connection = 1;
817 wpa_drv_set_operstate(wpa_s, 0);
818 #ifndef IEEE8021X_EAPOL
819 wpa_drv_set_supp_port(wpa_s, 0);
820 #endif /* IEEE8021X_EAPOL */
821 sme_sched_obss_scan(wpa_s, 0);
823 wpa_s->wpa_state = state;
826 if (state == WPA_COMPLETED)
827 wpa_supplicant_start_bgscan(wpa_s);
828 else if (state < WPA_ASSOCIATED)
829 wpa_supplicant_stop_bgscan(wpa_s);
830 #endif /* CONFIG_BGSCAN */
832 if (state == WPA_AUTHENTICATING)
833 wpa_supplicant_stop_autoscan(wpa_s);
835 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
836 wpa_supplicant_start_autoscan(wpa_s);
838 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
839 wmm_ac_notify_disassoc(wpa_s);
841 if (wpa_s->wpa_state != old_state) {
842 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
845 * Notify the P2P Device interface about a state change in one
848 wpas_p2p_indicate_state_change(wpa_s);
850 if (wpa_s->wpa_state == WPA_COMPLETED ||
851 old_state == WPA_COMPLETED)
852 wpas_notify_auth_changed(wpa_s);
857 void wpa_supplicant_terminate_proc(struct wpa_global *global)
861 struct wpa_supplicant *wpa_s = global->ifaces;
863 struct wpa_supplicant *next = wpa_s->next;
864 if (wpas_wps_terminate_pending(wpa_s) == 1)
867 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
868 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
869 wpas_p2p_disconnect(wpa_s);
870 #endif /* CONFIG_P2P */
873 #endif /* CONFIG_WPS */
880 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
882 struct wpa_global *global = signal_ctx;
883 wpa_supplicant_terminate_proc(global);
887 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
889 enum wpa_states old_state = wpa_s->wpa_state;
891 wpa_s->pairwise_cipher = 0;
892 wpa_s->group_cipher = 0;
893 wpa_s->mgmt_group_cipher = 0;
895 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
896 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
898 if (wpa_s->wpa_state != old_state)
899 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
904 * wpa_supplicant_reload_configuration - Reload configuration data
905 * @wpa_s: Pointer to wpa_supplicant data
906 * Returns: 0 on success or -1 if configuration parsing failed
908 * This function can be used to request that the configuration data is reloaded
909 * (e.g., after configuration file change). This function is reloading
910 * configuration only for one interface, so this may need to be called multiple
911 * times if %wpa_supplicant is controlling multiple interfaces and all
912 * interfaces need reconfiguration.
914 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
916 struct wpa_config *conf;
920 if (wpa_s->confname == NULL)
922 conf = wpa_config_read(wpa_s->confname, NULL);
924 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
925 "file '%s' - exiting", wpa_s->confname);
928 wpa_config_read(wpa_s->confanother, conf);
930 conf->changed_parameters = (unsigned int) -1;
932 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
933 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
934 os_strcmp(conf->ctrl_interface,
935 wpa_s->conf->ctrl_interface) != 0);
937 if (reconf_ctrl && wpa_s->ctrl_iface) {
938 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
939 wpa_s->ctrl_iface = NULL;
942 eapol_sm_invalidate_cached_session(wpa_s->eapol);
943 if (wpa_s->current_ssid) {
944 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
945 wpa_s->own_disconnect_req = 1;
946 wpa_supplicant_deauthenticate(wpa_s,
947 WLAN_REASON_DEAUTH_LEAVING);
951 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
952 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
954 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
956 * Clear forced success to clear EAP state for next
959 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
961 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
962 wpa_sm_set_config(wpa_s->wpa, NULL);
963 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
964 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
965 rsn_preauth_deinit(wpa_s->wpa);
967 old_ap_scan = wpa_s->conf->ap_scan;
968 wpa_config_free(wpa_s->conf);
970 if (old_ap_scan != wpa_s->conf->ap_scan)
971 wpas_notify_ap_scan_changed(wpa_s);
974 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
976 wpa_supplicant_update_config(wpa_s);
978 wpa_supplicant_clear_status(wpa_s);
979 if (wpa_supplicant_enabled_networks(wpa_s)) {
980 wpa_s->reassociate = 1;
981 wpa_supplicant_req_scan(wpa_s, 0, 0);
983 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
988 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
990 struct wpa_global *global = signal_ctx;
991 struct wpa_supplicant *wpa_s;
992 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
993 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
995 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
996 wpa_supplicant_terminate_proc(global);
1000 if (wpa_debug_reopen_file() < 0) {
1001 /* Ignore errors since we cannot really do much to fix this */
1002 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1007 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1008 struct wpa_ssid *ssid,
1009 struct wpa_ie_data *ie)
1011 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1014 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1015 "from association info");
1020 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1022 if (!(ie->group_cipher & ssid->group_cipher)) {
1023 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1024 "cipher 0x%x (mask 0x%x) - reject",
1025 ie->group_cipher, ssid->group_cipher);
1028 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1029 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1030 "cipher 0x%x (mask 0x%x) - reject",
1031 ie->pairwise_cipher, ssid->pairwise_cipher);
1034 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1035 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1036 "management 0x%x (mask 0x%x) - reject",
1037 ie->key_mgmt, ssid->key_mgmt);
1041 #ifdef CONFIG_IEEE80211W
1042 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1043 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1044 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1045 "that does not support management frame protection - "
1049 #endif /* CONFIG_IEEE80211W */
1056 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1057 * @wpa_s: Pointer to wpa_supplicant data
1058 * @bss: Scan results for the selected BSS, or %NULL if not available
1059 * @ssid: Configuration data for the selected network
1060 * @wpa_ie: Buffer for the WPA/RSN IE
1061 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1062 * used buffer length in case the functions returns success.
1063 * Returns: 0 on success or -1 on failure
1065 * This function is used to configure authentication and encryption parameters
1066 * based on the network configuration and scan result for the selected BSS (if
1069 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1070 struct wpa_bss *bss, struct wpa_ssid *ssid,
1071 u8 *wpa_ie, size_t *wpa_ie_len)
1073 struct wpa_ie_data ie;
1075 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1078 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1079 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1080 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1082 bss_wpa = bss_rsn = bss_osen = NULL;
1084 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1085 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1086 (ie.group_cipher & ssid->group_cipher) &&
1087 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1088 (ie.key_mgmt & ssid->key_mgmt)) {
1089 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1090 proto = WPA_PROTO_RSN;
1091 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1092 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1093 (ie.group_cipher & ssid->group_cipher) &&
1094 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1095 (ie.key_mgmt & ssid->key_mgmt)) {
1096 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1097 proto = WPA_PROTO_WPA;
1099 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1100 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1101 /* TODO: parse OSEN element */
1102 os_memset(&ie, 0, sizeof(ie));
1103 ie.group_cipher = WPA_CIPHER_CCMP;
1104 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1105 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1106 proto = WPA_PROTO_OSEN;
1107 #endif /* CONFIG_HS20 */
1109 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1110 wpa_dbg(wpa_s, MSG_DEBUG,
1111 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1112 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1114 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1115 MAC2STR(bss->bssid),
1116 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1117 bss_wpa ? " WPA" : "",
1118 bss_rsn ? " RSN" : "",
1119 bss_osen ? " OSEN" : "");
1121 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1122 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1123 wpa_dbg(wpa_s, MSG_DEBUG,
1124 "Could not parse RSN element");
1126 wpa_dbg(wpa_s, MSG_DEBUG,
1127 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1128 ie.pairwise_cipher, ie.group_cipher,
1133 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1134 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1135 wpa_dbg(wpa_s, MSG_DEBUG,
1136 "Could not parse WPA element");
1138 wpa_dbg(wpa_s, MSG_DEBUG,
1139 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1140 ie.pairwise_cipher, ie.group_cipher,
1146 if (ssid->proto & WPA_PROTO_OSEN)
1147 proto = WPA_PROTO_OSEN;
1148 else if (ssid->proto & WPA_PROTO_RSN)
1149 proto = WPA_PROTO_RSN;
1151 proto = WPA_PROTO_WPA;
1152 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1153 os_memset(&ie, 0, sizeof(ie));
1154 ie.group_cipher = ssid->group_cipher;
1155 ie.pairwise_cipher = ssid->pairwise_cipher;
1156 ie.key_mgmt = ssid->key_mgmt;
1157 #ifdef CONFIG_IEEE80211W
1158 ie.mgmt_group_cipher =
1159 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1160 WPA_CIPHER_AES_128_CMAC : 0;
1161 #endif /* CONFIG_IEEE80211W */
1162 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1163 "based on configuration");
1168 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1169 "pairwise %d key_mgmt %d proto %d",
1170 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1171 #ifdef CONFIG_IEEE80211W
1172 if (ssid->ieee80211w) {
1173 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1174 ie.mgmt_group_cipher);
1176 #endif /* CONFIG_IEEE80211W */
1178 wpa_s->wpa_proto = proto;
1179 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1180 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1181 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1183 if (bss || !wpa_s->ap_ies_from_associnfo) {
1184 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1185 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1186 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1187 bss_rsn ? 2 + bss_rsn[1] : 0))
1191 #ifdef CONFIG_NO_WPA
1192 wpa_s->group_cipher = WPA_CIPHER_NONE;
1193 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1194 #else /* CONFIG_NO_WPA */
1195 sel = ie.group_cipher & ssid->group_cipher;
1196 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1197 if (wpa_s->group_cipher < 0) {
1198 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1202 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1203 wpa_cipher_txt(wpa_s->group_cipher));
1205 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1206 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1207 if (wpa_s->pairwise_cipher < 0) {
1208 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1212 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1213 wpa_cipher_txt(wpa_s->pairwise_cipher));
1214 #endif /* CONFIG_NO_WPA */
1216 sel = ie.key_mgmt & ssid->key_mgmt;
1218 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1219 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1220 #endif /* CONFIG_SAE */
1222 #ifdef CONFIG_SUITEB192
1223 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1224 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1225 wpa_dbg(wpa_s, MSG_DEBUG,
1226 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1227 #endif /* CONFIG_SUITEB192 */
1228 #ifdef CONFIG_SUITEB
1229 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1230 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1231 wpa_dbg(wpa_s, MSG_DEBUG,
1232 "WPA: using KEY_MGMT 802.1X with Suite B");
1233 #endif /* CONFIG_SUITEB */
1234 #ifdef CONFIG_IEEE80211R
1235 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1236 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1237 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1238 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1239 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1240 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1241 #endif /* CONFIG_IEEE80211R */
1243 } else if (sel & WPA_KEY_MGMT_SAE) {
1244 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1245 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1246 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1247 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1248 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1249 #endif /* CONFIG_SAE */
1250 #ifdef CONFIG_IEEE80211W
1251 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1252 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1253 wpa_dbg(wpa_s, MSG_DEBUG,
1254 "WPA: using KEY_MGMT 802.1X with SHA256");
1255 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1256 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1257 wpa_dbg(wpa_s, MSG_DEBUG,
1258 "WPA: using KEY_MGMT PSK with SHA256");
1259 #endif /* CONFIG_IEEE80211W */
1260 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1261 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1262 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1263 } else if (sel & WPA_KEY_MGMT_PSK) {
1264 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1265 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1266 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1267 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1268 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1270 } else if (sel & WPA_KEY_MGMT_OSEN) {
1271 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1272 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1273 #endif /* CONFIG_HS20 */
1275 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1276 "authenticated key management type");
1280 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1281 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1282 wpa_s->pairwise_cipher);
1283 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1285 #ifdef CONFIG_IEEE80211W
1286 sel = ie.mgmt_group_cipher;
1287 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1288 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1290 if (sel & WPA_CIPHER_AES_128_CMAC) {
1291 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1292 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1294 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1295 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1296 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1298 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1299 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1300 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1302 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1303 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1304 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1307 wpa_s->mgmt_group_cipher = 0;
1308 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1310 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1311 wpa_s->mgmt_group_cipher);
1312 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1313 wpas_get_ssid_pmf(wpa_s, ssid));
1314 #endif /* CONFIG_IEEE80211W */
1316 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1317 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1321 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1324 if (ssid->psk_set) {
1325 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1329 #ifndef CONFIG_NO_PBKDF2
1330 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1333 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1334 4096, psk, PMK_LEN);
1335 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1337 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1339 os_memset(psk, 0, sizeof(psk));
1341 #endif /* CONFIG_NO_PBKDF2 */
1342 #ifdef CONFIG_EXT_PASSWORD
1343 if (ssid->ext_psk) {
1344 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1346 char pw_str[64 + 1];
1350 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1351 "found from external storage");
1355 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1356 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1357 "PSK length %d in external storage",
1358 (int) wpabuf_len(pw));
1359 ext_password_free(pw);
1363 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1364 pw_str[wpabuf_len(pw)] = '\0';
1366 #ifndef CONFIG_NO_PBKDF2
1367 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1369 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1370 4096, psk, PMK_LEN);
1371 os_memset(pw_str, 0, sizeof(pw_str));
1372 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1373 "external passphrase)",
1375 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1378 os_memset(psk, 0, sizeof(psk));
1380 #endif /* CONFIG_NO_PBKDF2 */
1381 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1382 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1383 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1384 "Invalid PSK hex string");
1385 os_memset(pw_str, 0, sizeof(pw_str));
1386 ext_password_free(pw);
1389 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1392 os_memset(psk, 0, sizeof(psk));
1394 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1396 os_memset(pw_str, 0, sizeof(pw_str));
1397 ext_password_free(pw);
1401 os_memset(pw_str, 0, sizeof(pw_str));
1402 ext_password_free(pw);
1404 #endif /* CONFIG_EXT_PASSWORD */
1407 wpa_msg(wpa_s, MSG_INFO,
1408 "No PSK available for association");
1412 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1418 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1423 case 0: /* Bits 0-7 */
1425 case 1: /* Bits 8-15 */
1427 case 2: /* Bits 16-23 */
1429 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1430 *pos |= 0x08; /* Bit 19 - BSS Transition */
1431 #endif /* CONFIG_WNM */
1433 case 3: /* Bits 24-31 */
1435 *pos |= 0x02; /* Bit 25 - SSID List */
1436 #endif /* CONFIG_WNM */
1437 #ifdef CONFIG_INTERWORKING
1438 if (wpa_s->conf->interworking)
1439 *pos |= 0x80; /* Bit 31 - Interworking */
1440 #endif /* CONFIG_INTERWORKING */
1442 case 4: /* Bits 32-39 */
1443 #ifdef CONFIG_INTERWORKING
1444 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1445 *pos |= 0x01; /* Bit 32 - QoS Map */
1446 #endif /* CONFIG_INTERWORKING */
1448 case 5: /* Bits 40-47 */
1450 if (wpa_s->conf->hs20)
1451 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1452 #endif /* CONFIG_HS20 */
1454 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1455 #endif /* CONFIG_MBO */
1457 case 6: /* Bits 48-55 */
1463 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1468 if (len < wpa_s->extended_capa_len)
1469 len = wpa_s->extended_capa_len;
1470 if (buflen < (size_t) len + 2) {
1471 wpa_printf(MSG_INFO,
1472 "Not enough room for building extended capabilities element");
1476 *pos++ = WLAN_EID_EXT_CAPAB;
1478 for (i = 0; i < len; i++, pos++) {
1479 wpas_ext_capab_byte(wpa_s, pos, i);
1481 if (i < wpa_s->extended_capa_len) {
1482 *pos &= ~wpa_s->extended_capa_mask[i];
1483 *pos |= wpa_s->extended_capa[i];
1487 while (len > 0 && buf[1 + len] == 0) {
1498 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1499 struct wpa_bss *test_bss)
1501 struct wpa_bss *bss;
1503 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1504 if (bss == test_bss)
1512 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1513 struct wpa_ssid *test_ssid)
1515 struct wpa_ssid *ssid;
1517 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1518 if (ssid == test_ssid)
1526 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1527 struct wpa_ssid *test_ssid)
1529 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1532 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1536 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1544 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1546 struct wpa_connect_work *cwork;
1547 struct wpa_radio_work *work = wpa_s->connect_work;
1552 wpa_s->connect_work = NULL;
1555 wpas_connect_work_free(cwork);
1556 radio_work_done(work);
1560 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1562 struct os_reltime now;
1565 os_get_reltime(&now);
1566 if (wpa_s->last_mac_addr_style == style &&
1567 wpa_s->last_mac_addr_change.sec != 0 &&
1568 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1569 wpa_s->conf->rand_addr_lifetime)) {
1570 wpa_msg(wpa_s, MSG_DEBUG,
1571 "Previously selected random MAC address has not yet expired");
1577 if (random_mac_addr(addr) < 0)
1581 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1582 if (random_mac_addr_keep_oui(addr) < 0)
1589 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1590 wpa_msg(wpa_s, MSG_INFO,
1591 "Failed to set random MAC address");
1595 os_get_reltime(&wpa_s->last_mac_addr_change);
1596 wpa_s->mac_addr_changed = 1;
1597 wpa_s->last_mac_addr_style = style;
1599 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1600 wpa_msg(wpa_s, MSG_INFO,
1601 "Could not update MAC address information");
1605 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1612 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1614 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1615 !wpa_s->conf->preassoc_mac_addr)
1618 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1622 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1625 * wpa_supplicant_associate - Request association
1626 * @wpa_s: Pointer to wpa_supplicant data
1627 * @bss: Scan results for the selected BSS, or %NULL if not available
1628 * @ssid: Configuration data for the selected network
1630 * This function is used to request %wpa_supplicant to associate with a BSS.
1632 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1633 struct wpa_bss *bss, struct wpa_ssid *ssid)
1635 struct wpa_connect_work *cwork;
1638 wpa_s->own_disconnect_req = 0;
1641 * If we are starting a new connection, any previously pending EAPOL
1642 * RX cannot be valid anymore.
1644 wpabuf_free(wpa_s->pending_eapol_rx);
1645 wpa_s->pending_eapol_rx = NULL;
1647 if (ssid->mac_addr == -1)
1648 rand_style = wpa_s->conf->mac_addr;
1650 rand_style = ssid->mac_addr;
1652 wmm_ac_clear_saved_tspecs(wpa_s);
1653 wpa_s->reassoc_same_bss = 0;
1654 wpa_s->reassoc_same_ess = 0;
1656 if (wpa_s->last_ssid == ssid) {
1657 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1658 wpa_s->reassoc_same_ess = 1;
1659 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1660 wmm_ac_save_tspecs(wpa_s);
1661 wpa_s->reassoc_same_bss = 1;
1663 } else if (rand_style > 0) {
1664 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1666 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1667 } else if (wpa_s->mac_addr_changed) {
1668 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1669 wpa_msg(wpa_s, MSG_INFO,
1670 "Could not restore permanent MAC address");
1673 wpa_s->mac_addr_changed = 0;
1674 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1675 wpa_msg(wpa_s, MSG_INFO,
1676 "Could not update MAC address information");
1679 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1681 wpa_s->last_ssid = ssid;
1683 #ifdef CONFIG_IBSS_RSN
1684 ibss_rsn_deinit(wpa_s->ibss_rsn);
1685 wpa_s->ibss_rsn = NULL;
1686 #endif /* CONFIG_IBSS_RSN */
1688 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1689 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1691 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1692 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1696 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1697 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1698 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1699 wpas_p2p_ap_setup_failed(wpa_s);
1702 wpa_s->current_bss = bss;
1703 #else /* CONFIG_AP */
1704 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1706 #endif /* CONFIG_AP */
1710 if (ssid->mode == WPAS_MODE_MESH) {
1712 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1713 wpa_msg(wpa_s, MSG_INFO,
1714 "Driver does not support mesh mode");
1718 ssid->frequency = bss->freq;
1719 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1720 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1723 wpa_s->current_bss = bss;
1724 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1725 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1727 #else /* CONFIG_MESH */
1728 wpa_msg(wpa_s, MSG_ERROR,
1729 "mesh mode support not included in the build");
1730 #endif /* CONFIG_MESH */
1736 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1738 #endif /* CONFIG_TDLS */
1740 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1741 ssid->mode == IEEE80211_MODE_INFRA) {
1742 sme_authenticate(wpa_s, bss, ssid);
1746 if (wpa_s->connect_work) {
1747 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1751 if (radio_work_pending(wpa_s, "connect")) {
1752 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1756 wpas_abort_ongoing_scan(wpa_s);
1758 cwork = os_zalloc(sizeof(*cwork));
1765 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1766 wpas_start_assoc_cb, cwork) < 0) {
1772 static int bss_is_ibss(struct wpa_bss *bss)
1774 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1779 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
1780 const struct wpa_ssid *ssid)
1782 enum hostapd_hw_mode hw_mode;
1783 struct hostapd_hw_modes *mode = NULL;
1787 #ifdef CONFIG_HT_OVERRIDES
1788 if (ssid->disable_ht)
1790 #endif /* CONFIG_HT_OVERRIDES */
1792 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1793 if (hw_mode == NUM_HOSTAPD_MODES)
1795 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1796 if (wpa_s->hw.modes[i].mode == hw_mode) {
1797 mode = &wpa_s->hw.modes[i];
1805 return mode->vht_capab != 0;
1809 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1810 const struct wpa_ssid *ssid,
1811 struct hostapd_freq_params *freq)
1813 enum hostapd_hw_mode hw_mode;
1814 struct hostapd_hw_modes *mode = NULL;
1815 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1817 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1818 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1820 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1822 struct hostapd_freq_params vht_freq;
1823 int chwidth, seg0, seg1;
1826 freq->freq = ssid->frequency;
1828 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1829 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1831 if (ssid->mode != WPAS_MODE_IBSS)
1834 /* Don't adjust control freq in case of fixed_freq */
1835 if (ssid->fixed_freq)
1838 if (!bss_is_ibss(bss))
1841 if (ssid->ssid_len == bss->ssid_len &&
1842 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1843 wpa_printf(MSG_DEBUG,
1844 "IBSS already found in scan results, adjust control freq: %d",
1846 freq->freq = bss->freq;
1852 /* For IBSS check HT_IBSS flag */
1853 if (ssid->mode == WPAS_MODE_IBSS &&
1854 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1857 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1858 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1859 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1860 wpa_printf(MSG_DEBUG,
1861 "IBSS: WEP/TKIP detected, do not try to enable HT");
1865 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1866 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1867 if (wpa_s->hw.modes[i].mode == hw_mode) {
1868 mode = &wpa_s->hw.modes[i];
1876 #ifdef CONFIG_HT_OVERRIDES
1877 if (ssid->disable_ht) {
1878 freq->ht_enabled = 0;
1881 #endif /* CONFIG_HT_OVERRIDES */
1883 freq->ht_enabled = ht_supported(mode);
1884 if (!freq->ht_enabled)
1887 /* Setup higher BW only for 5 GHz */
1888 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1891 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1892 pri_chan = &mode->channels[chan_idx];
1893 if (pri_chan->chan == channel)
1900 /* Check primary channel flags */
1901 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1904 #ifdef CONFIG_HT_OVERRIDES
1905 if (ssid->disable_ht40)
1907 #endif /* CONFIG_HT_OVERRIDES */
1909 /* Check/setup HT40+/HT40- */
1910 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1911 if (ht40plus[j] == channel) {
1917 /* Find secondary channel */
1918 for (i = 0; i < mode->num_channels; i++) {
1919 sec_chan = &mode->channels[i];
1920 if (sec_chan->chan == channel + ht40 * 4)
1927 /* Check secondary channel flags */
1928 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1931 freq->channel = pri_chan->chan;
1935 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
1937 freq->sec_channel_offset = -1;
1940 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
1942 freq->sec_channel_offset = 1;
1948 if (freq->sec_channel_offset && obss_scan) {
1949 struct wpa_scan_results *scan_res;
1951 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
1952 if (scan_res == NULL) {
1954 freq->sec_channel_offset = 0;
1958 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
1963 freq->sec_channel_offset = 0;
1966 /* Configuration allowed */
1969 /* Switch pri/sec channels */
1970 freq->freq = hw_get_freq(mode, sec_chan->chan);
1971 freq->sec_channel_offset = -freq->sec_channel_offset;
1972 freq->channel = sec_chan->chan;
1975 freq->sec_channel_offset = 0;
1979 wpa_scan_results_free(scan_res);
1982 wpa_printf(MSG_DEBUG,
1983 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
1984 freq->channel, freq->sec_channel_offset);
1986 if (!drv_supports_vht(wpa_s, ssid))
1989 /* For IBSS check VHT_IBSS flag */
1990 if (ssid->mode == WPAS_MODE_IBSS &&
1991 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
1996 vht_freq.vht_enabled = vht_supported(mode);
1997 if (!vht_freq.vht_enabled)
2000 /* setup center_freq1, bandwidth */
2001 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2002 if (freq->channel >= vht80[j] &&
2003 freq->channel < vht80[j] + 16)
2007 if (j == ARRAY_SIZE(vht80))
2010 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2011 struct hostapd_channel_data *chan;
2013 chan = hw_get_channel_chan(mode, i, NULL);
2017 /* Back to HT configuration if channel not usable */
2018 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2022 chwidth = VHT_CHANWIDTH_80MHZ;
2023 seg0 = vht80[j] + 6;
2026 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2027 /* setup center_freq2, bandwidth */
2028 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2029 /* Only accept 80 MHz segments separated by a gap */
2030 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2032 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2033 struct hostapd_channel_data *chan;
2035 chan = hw_get_channel_chan(mode, i, NULL);
2039 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2040 HOSTAPD_CHAN_NO_IR |
2041 HOSTAPD_CHAN_RADAR))
2044 /* Found a suitable second segment for 80+80 */
2045 chwidth = VHT_CHANWIDTH_80P80MHZ;
2047 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2048 seg1 = vht80[k] + 6;
2051 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2054 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) {
2055 if (freq->freq == 5180) {
2056 chwidth = VHT_CHANWIDTH_160MHZ;
2057 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2059 } else if (freq->freq == 5520) {
2060 chwidth = VHT_CHANWIDTH_160MHZ;
2061 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2066 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2067 freq->channel, freq->ht_enabled,
2068 vht_freq.vht_enabled,
2069 freq->sec_channel_offset,
2070 chwidth, seg0, seg1, vht_caps) != 0)
2075 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2076 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2080 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2082 struct wpa_connect_work *cwork = work->ctx;
2083 struct wpa_bss *bss = cwork->bss;
2084 struct wpa_ssid *ssid = cwork->ssid;
2085 struct wpa_supplicant *wpa_s = work->wpa_s;
2088 int use_crypt, ret, i, bssid_changed;
2089 int algs = WPA_AUTH_ALG_OPEN;
2090 unsigned int cipher_pairwise, cipher_group;
2091 struct wpa_driver_associate_params params;
2092 int wep_keys_set = 0;
2093 int assoc_failed = 0;
2094 struct wpa_ssid *old_ssid;
2095 u8 prev_bssid[ETH_ALEN];
2096 #ifdef CONFIG_HT_OVERRIDES
2097 struct ieee80211_ht_capabilities htcaps;
2098 struct ieee80211_ht_capabilities htcaps_mask;
2099 #endif /* CONFIG_HT_OVERRIDES */
2100 #ifdef CONFIG_VHT_OVERRIDES
2101 struct ieee80211_vht_capabilities vhtcaps;
2102 struct ieee80211_vht_capabilities vhtcaps_mask;
2103 #endif /* CONFIG_VHT_OVERRIDES */
2105 const u8 *mbo = NULL;
2106 #endif /* CONFIG_MBO */
2109 if (work->started) {
2110 wpa_s->connect_work = NULL;
2112 /* cancel possible auth. timeout */
2113 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2116 wpas_connect_work_free(cwork);
2120 wpa_s->connect_work = work;
2122 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2123 wpas_network_disabled(wpa_s, ssid)) {
2124 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2125 wpas_connect_work_done(wpa_s);
2129 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2130 os_memset(¶ms, 0, sizeof(params));
2131 wpa_s->reassociate = 0;
2132 wpa_s->eap_expected_failure = 0;
2134 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2135 #ifdef CONFIG_IEEE80211R
2136 const u8 *ie, *md = NULL;
2137 #endif /* CONFIG_IEEE80211R */
2138 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2139 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2140 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2141 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2142 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2143 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2145 wpas_notify_bssid_changed(wpa_s);
2146 #ifdef CONFIG_IEEE80211R
2147 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2148 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2150 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2152 /* Prepare for the next transition */
2153 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2155 #endif /* CONFIG_IEEE80211R */
2157 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2158 wpa_s->conf->ap_scan == 2 &&
2159 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2160 /* Use ap_scan==1 style network selection to find the network
2162 wpas_connect_work_done(wpa_s);
2163 wpa_s->scan_req = MANUAL_SCAN_REQ;
2164 wpa_s->reassociate = 1;
2165 wpa_supplicant_req_scan(wpa_s, 0, 0);
2167 #endif /* CONFIG_WPS */
2169 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2170 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2171 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2174 wpa_supplicant_cancel_sched_scan(wpa_s);
2176 wpa_supplicant_cancel_scan(wpa_s);
2178 /* Starting new association, so clear the possibly used WPA IE from the
2179 * previous association. */
2180 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2182 #ifdef IEEE8021X_EAPOL
2183 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2185 if (ssid->non_leap == 0)
2186 algs = WPA_AUTH_ALG_LEAP;
2188 algs |= WPA_AUTH_ALG_LEAP;
2191 #endif /* IEEE8021X_EAPOL */
2192 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2193 if (ssid->auth_alg) {
2194 algs = ssid->auth_alg;
2195 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2199 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2200 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2201 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2202 int try_opportunistic;
2203 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2205 ssid->proactive_key_caching) &&
2206 (ssid->proto & WPA_PROTO_RSN);
2207 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2208 ssid, try_opportunistic) == 0)
2209 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2210 wpa_ie_len = sizeof(wpa_ie);
2211 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2212 wpa_ie, &wpa_ie_len)) {
2213 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2214 "key management and encryption suites");
2215 wpas_connect_work_done(wpa_s);
2218 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2219 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2221 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2222 * use non-WPA since the scan results did not indicate that the
2223 * AP is using WPA or WPA2.
2225 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2227 wpa_s->wpa_proto = 0;
2228 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2229 wpa_ie_len = sizeof(wpa_ie);
2230 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2231 wpa_ie, &wpa_ie_len)) {
2232 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2233 "key management and encryption suites (no "
2235 wpas_connect_work_done(wpa_s);
2239 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2240 struct wpabuf *wps_ie;
2241 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2242 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2243 wpa_ie_len = wpabuf_len(wps_ie);
2244 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2247 wpabuf_free(wps_ie);
2248 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2249 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2250 params.wps = WPS_MODE_PRIVACY;
2252 params.wps = WPS_MODE_OPEN;
2253 wpa_s->wpa_proto = 0;
2254 #endif /* CONFIG_WPS */
2256 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2258 wpa_s->wpa_proto = 0;
2262 if (wpa_s->global->p2p) {
2266 pos = wpa_ie + wpa_ie_len;
2267 len = sizeof(wpa_ie) - wpa_ie_len;
2268 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2274 wpa_s->cross_connect_disallowed = 0;
2277 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2279 wpa_s->cross_connect_disallowed =
2280 p2p_get_cross_connect_disallowed(p2p);
2282 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2284 wpa_s->cross_connect_disallowed ?
2285 "disallows" : "allows");
2289 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2290 #endif /* CONFIG_P2P */
2294 mbo = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE);
2298 len = wpas_mbo_supp_op_class_ie(wpa_s, bss->freq,
2299 wpa_ie + wpa_ie_len,
2306 #endif /* CONFIG_MBO */
2309 * Workaround: Add Extended Capabilities element only if the AP
2310 * included this element in Beacon/Probe Response frames. Some older
2311 * APs seem to have interoperability issues if this element is
2312 * included, so while the standard may require us to include the
2313 * element in all cases, it is justifiable to skip it to avoid
2314 * interoperability issues.
2316 if (ssid->p2p_group)
2317 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
2319 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
2321 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2324 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2326 if (ext_capab_len > 0) {
2328 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2330 os_memmove(pos + ext_capab_len, pos,
2331 wpa_ie_len - (pos - wpa_ie));
2332 wpa_ie_len += ext_capab_len;
2333 os_memcpy(pos, ext_capab, ext_capab_len);
2338 if (is_hs20_network(wpa_s, ssid, bss)) {
2339 struct wpabuf *hs20;
2341 hs20 = wpabuf_alloc(20);
2343 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2346 wpas_hs20_add_indication(hs20, pps_mo_id);
2347 len = sizeof(wpa_ie) - wpa_ie_len;
2348 if (wpabuf_len(hs20) <= len) {
2349 os_memcpy(wpa_ie + wpa_ie_len,
2350 wpabuf_head(hs20), wpabuf_len(hs20));
2351 wpa_ie_len += wpabuf_len(hs20);
2355 hs20_configure_frame_filters(wpa_s);
2358 #endif /* CONFIG_HS20 */
2360 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2361 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2364 len = sizeof(wpa_ie) - wpa_ie_len;
2365 if (wpabuf_len(buf) <= len) {
2366 os_memcpy(wpa_ie + wpa_ie_len,
2367 wpabuf_head(buf), wpabuf_len(buf));
2368 wpa_ie_len += wpabuf_len(buf);
2373 if (wpa_s->fst_ies) {
2374 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2376 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) {
2377 os_memcpy(wpa_ie + wpa_ie_len,
2378 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2379 wpa_ie_len += fst_ies_len;
2382 #endif /* CONFIG_FST */
2388 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2389 sizeof(wpa_ie) - wpa_ie_len);
2393 #endif /* CONFIG_MBO */
2395 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2397 cipher_pairwise = wpa_s->pairwise_cipher;
2398 cipher_group = wpa_s->group_cipher;
2399 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2400 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2401 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2403 if (wpa_set_wep_keys(wpa_s, ssid)) {
2408 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2411 #ifdef IEEE8021X_EAPOL
2412 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2413 if ((ssid->eapol_flags &
2414 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2415 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2419 /* Assume that dynamic WEP-104 keys will be used and
2420 * set cipher suites in order for drivers to expect
2422 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2425 #endif /* IEEE8021X_EAPOL */
2427 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2428 /* Set the key before (and later after) association */
2429 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2432 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2434 params.ssid = bss->ssid;
2435 params.ssid_len = bss->ssid_len;
2436 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2437 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2438 MACSTR " freq=%u MHz based on scan results "
2440 MAC2STR(bss->bssid), bss->freq,
2442 params.bssid = bss->bssid;
2443 params.freq.freq = bss->freq;
2445 params.bssid_hint = bss->bssid;
2446 params.freq_hint = bss->freq;
2447 params.pbss = bss_is_pbss(bss);
2449 params.ssid = ssid->ssid;
2450 params.ssid_len = ssid->ssid_len;
2451 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
2454 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2455 wpa_s->conf->ap_scan == 2) {
2456 params.bssid = ssid->bssid;
2457 params.fixed_bssid = 1;
2460 /* Initial frequency for IBSS/mesh */
2461 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2462 ssid->frequency > 0 && params.freq.freq == 0)
2463 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
2465 if (ssid->mode == WPAS_MODE_IBSS) {
2466 params.fixed_freq = ssid->fixed_freq;
2467 if (ssid->beacon_int)
2468 params.beacon_int = ssid->beacon_int;
2470 params.beacon_int = wpa_s->conf->beacon_int;
2473 params.wpa_ie = wpa_ie;
2474 params.wpa_ie_len = wpa_ie_len;
2475 params.pairwise_suite = cipher_pairwise;
2476 params.group_suite = cipher_group;
2477 params.key_mgmt_suite = wpa_s->key_mgmt;
2478 params.wpa_proto = wpa_s->wpa_proto;
2479 params.auth_alg = algs;
2480 params.mode = ssid->mode;
2481 params.bg_scan_period = ssid->bg_scan_period;
2482 for (i = 0; i < NUM_WEP_KEYS; i++) {
2483 if (ssid->wep_key_len[i])
2484 params.wep_key[i] = ssid->wep_key[i];
2485 params.wep_key_len[i] = ssid->wep_key_len[i];
2487 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2489 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2490 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2491 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2492 params.passphrase = ssid->passphrase;
2494 params.psk = ssid->psk;
2497 if (wpa_s->conf->key_mgmt_offload) {
2498 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2499 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2500 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2501 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2502 params.req_key_mgmt_offload =
2503 ssid->proactive_key_caching < 0 ?
2504 wpa_s->conf->okc : ssid->proactive_key_caching;
2506 params.req_key_mgmt_offload = 1;
2508 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2509 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2510 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2512 params.psk = ssid->psk;
2515 params.drop_unencrypted = use_crypt;
2517 #ifdef CONFIG_IEEE80211W
2518 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2519 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2520 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2521 struct wpa_ie_data ie;
2522 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2524 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2525 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2526 "MFP: require MFP");
2527 params.mgmt_frame_protection =
2528 MGMT_FRAME_PROTECTION_REQUIRED;
2531 #endif /* CONFIG_IEEE80211W */
2533 params.p2p = ssid->p2p_group;
2535 if (wpa_s->p2pdev->set_sta_uapsd)
2536 params.uapsd = wpa_s->p2pdev->sta_uapsd;
2540 #ifdef CONFIG_HT_OVERRIDES
2541 os_memset(&htcaps, 0, sizeof(htcaps));
2542 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2543 params.htcaps = (u8 *) &htcaps;
2544 params.htcaps_mask = (u8 *) &htcaps_mask;
2545 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
2546 #endif /* CONFIG_HT_OVERRIDES */
2547 #ifdef CONFIG_VHT_OVERRIDES
2548 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2549 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2550 params.vhtcaps = &vhtcaps;
2551 params.vhtcaps_mask = &vhtcaps_mask;
2552 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
2553 #endif /* CONFIG_VHT_OVERRIDES */
2557 * If multi-channel concurrency is not supported, check for any
2558 * frequency conflict. In case of any frequency conflict, remove the
2559 * least prioritized connection.
2561 if (wpa_s->num_multichan_concurrent < 2) {
2563 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2564 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2565 wpa_printf(MSG_DEBUG,
2566 "Assoc conflicting freq found (%d != %d)",
2567 freq, params.freq.freq);
2568 if (wpas_p2p_handle_frequency_conflicts(
2569 wpa_s, params.freq.freq, ssid) < 0) {
2570 wpas_connect_work_done(wpa_s);
2575 #endif /* CONFIG_P2P */
2577 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
2578 wpa_s->current_ssid)
2579 params.prev_bssid = prev_bssid;
2581 ret = wpa_drv_associate(wpa_s, ¶ms);
2583 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2585 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2587 * The driver is known to mean what is saying, so we
2588 * can stop right here; the association will not
2591 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2592 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2593 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2596 /* try to continue anyway; new association will be tried again
2601 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2602 /* Set the key after the association just in case association
2603 * cleared the previously configured key. */
2604 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2605 /* No need to timeout authentication since there is no key
2607 wpa_supplicant_cancel_auth_timeout(wpa_s);
2608 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2609 #ifdef CONFIG_IBSS_RSN
2610 } else if (ssid->mode == WPAS_MODE_IBSS &&
2611 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2612 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2614 * RSN IBSS authentication is per-STA and we can disable the
2615 * per-BSSID authentication.
2617 wpa_supplicant_cancel_auth_timeout(wpa_s);
2618 #endif /* CONFIG_IBSS_RSN */
2620 /* Timeout for IEEE 802.11 authentication and association */
2624 /* give IBSS a bit more time */
2625 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2626 } else if (wpa_s->conf->ap_scan == 1) {
2627 /* give IBSS a bit more time */
2628 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2630 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2634 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2635 /* Set static WEP keys again */
2636 wpa_set_wep_keys(wpa_s, ssid);
2639 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2641 * Do not allow EAP session resumption between different
2642 * network configurations.
2644 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2646 old_ssid = wpa_s->current_ssid;
2647 wpa_s->current_ssid = ssid;
2649 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2650 wpa_s->current_bss = bss;
2652 hs20_configure_frame_filters(wpa_s);
2653 #endif /* CONFIG_HS20 */
2656 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2657 wpa_supplicant_initiate_eapol(wpa_s);
2658 if (old_ssid != wpa_s->current_ssid)
2659 wpas_notify_network_changed(wpa_s);
2663 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2666 struct wpa_ssid *old_ssid;
2668 wpas_connect_work_done(wpa_s);
2669 wpa_clear_keys(wpa_s, addr);
2670 old_ssid = wpa_s->current_ssid;
2671 wpa_supplicant_mark_disassoc(wpa_s);
2672 wpa_sm_set_config(wpa_s->wpa, NULL);
2673 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2674 if (old_ssid != wpa_s->current_ssid)
2675 wpas_notify_network_changed(wpa_s);
2676 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2681 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2682 * @wpa_s: Pointer to wpa_supplicant data
2683 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2685 * This function is used to request %wpa_supplicant to deauthenticate from the
2688 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2692 union wpa_event_data event;
2695 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2696 " pending_bssid=" MACSTR " reason=%d state=%s",
2697 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2698 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2700 if (!is_zero_ether_addr(wpa_s->bssid))
2701 addr = wpa_s->bssid;
2702 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2703 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2704 wpa_s->wpa_state == WPA_ASSOCIATING))
2705 addr = wpa_s->pending_bssid;
2706 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2708 * When using driver-based BSS selection, we may not know the
2709 * BSSID with which we are currently trying to associate. We
2710 * need to notify the driver of this disconnection even in such
2711 * a case, so use the all zeros address here.
2713 addr = wpa_s->bssid;
2718 wpa_tdls_teardown_peers(wpa_s->wpa);
2719 #endif /* CONFIG_TDLS */
2723 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2725 wpa_supplicant_leave_mesh(wpa_s);
2727 #endif /* CONFIG_MESH */
2730 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2731 os_memset(&event, 0, sizeof(event));
2732 event.deauth_info.reason_code = (u16) reason_code;
2733 event.deauth_info.locally_generated = 1;
2734 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2739 wpa_supplicant_clear_connection(wpa_s, addr);
2742 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2743 struct wpa_ssid *ssid)
2745 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2749 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2750 wpas_notify_network_enabled_changed(wpa_s, ssid);
2753 * Try to reassociate since there is no current configuration and a new
2754 * network was made available.
2756 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2757 wpa_s->reassociate = 1;
2762 * wpa_supplicant_enable_network - Mark a configured network as enabled
2763 * @wpa_s: wpa_supplicant structure for a network interface
2764 * @ssid: wpa_ssid structure for a configured network or %NULL
2766 * Enables the specified network or all networks if no network specified.
2768 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2769 struct wpa_ssid *ssid)
2772 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2773 wpa_supplicant_enable_one_network(wpa_s, ssid);
2775 wpa_supplicant_enable_one_network(wpa_s, ssid);
2777 if (wpa_s->reassociate && !wpa_s->disconnected &&
2778 (!wpa_s->current_ssid ||
2779 wpa_s->wpa_state == WPA_DISCONNECTED ||
2780 wpa_s->wpa_state == WPA_SCANNING)) {
2781 if (wpa_s->sched_scanning) {
2782 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2783 "new network to scan filters");
2784 wpa_supplicant_cancel_sched_scan(wpa_s);
2787 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2788 wpa_s->scan_req = NORMAL_SCAN_REQ;
2789 wpa_supplicant_req_scan(wpa_s, 0, 0);
2796 * wpa_supplicant_disable_network - Mark a configured network as disabled
2797 * @wpa_s: wpa_supplicant structure for a network interface
2798 * @ssid: wpa_ssid structure for a configured network or %NULL
2800 * Disables the specified network or all networks if no network specified.
2802 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2803 struct wpa_ssid *ssid)
2805 struct wpa_ssid *other_ssid;
2809 if (wpa_s->sched_scanning)
2810 wpa_supplicant_cancel_sched_scan(wpa_s);
2812 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2813 other_ssid = other_ssid->next) {
2814 was_disabled = other_ssid->disabled;
2815 if (was_disabled == 2)
2816 continue; /* do not change persistent P2P group
2819 other_ssid->disabled = 1;
2821 if (was_disabled != other_ssid->disabled)
2822 wpas_notify_network_enabled_changed(
2825 if (wpa_s->current_ssid)
2826 wpa_supplicant_deauthenticate(
2827 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2828 } else if (ssid->disabled != 2) {
2829 if (ssid == wpa_s->current_ssid)
2830 wpa_supplicant_deauthenticate(
2831 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2833 was_disabled = ssid->disabled;
2837 if (was_disabled != ssid->disabled) {
2838 wpas_notify_network_enabled_changed(wpa_s, ssid);
2839 if (wpa_s->sched_scanning) {
2840 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2841 "to remove network from filters");
2842 wpa_supplicant_cancel_sched_scan(wpa_s);
2843 wpa_supplicant_req_scan(wpa_s, 0, 0);
2851 * wpa_supplicant_select_network - Attempt association with a network
2852 * @wpa_s: wpa_supplicant structure for a network interface
2853 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2855 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2856 struct wpa_ssid *ssid)
2859 struct wpa_ssid *other_ssid;
2860 int disconnected = 0;
2862 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2863 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2864 wpa_s->own_disconnect_req = 1;
2865 wpa_supplicant_deauthenticate(
2866 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2871 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2874 * Mark all other networks disabled or mark all networks enabled if no
2875 * network specified.
2877 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2878 other_ssid = other_ssid->next) {
2879 int was_disabled = other_ssid->disabled;
2880 if (was_disabled == 2)
2881 continue; /* do not change persistent P2P group data */
2883 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2884 if (was_disabled && !other_ssid->disabled)
2885 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2887 if (was_disabled != other_ssid->disabled)
2888 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2891 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
2892 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2893 /* We are already associated with the selected network */
2894 wpa_printf(MSG_DEBUG, "Already associated with the "
2895 "selected network - do nothing");
2900 wpa_s->current_ssid = ssid;
2901 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2902 wpa_s->connect_without_scan =
2903 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
2906 * Don't optimize next scan freqs since a new ESS has been
2909 os_free(wpa_s->next_scan_freqs);
2910 wpa_s->next_scan_freqs = NULL;
2912 wpa_s->connect_without_scan = NULL;
2915 wpa_s->disconnected = 0;
2916 wpa_s->reassociate = 1;
2918 if (wpa_s->connect_without_scan ||
2919 wpa_supplicant_fast_associate(wpa_s) != 1) {
2920 wpa_s->scan_req = NORMAL_SCAN_REQ;
2921 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2925 wpas_notify_network_selected(wpa_s, ssid);
2930 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2931 * @wpa_s: wpa_supplicant structure for a network interface
2932 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2933 * @pkcs11_module_path: PKCS #11 module path or NULL
2934 * Returns: 0 on success; -1 on failure
2936 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2937 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2938 * module path fails the paths will be reset to the default value (NULL).
2940 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2941 const char *pkcs11_engine_path,
2942 const char *pkcs11_module_path)
2944 char *pkcs11_engine_path_copy = NULL;
2945 char *pkcs11_module_path_copy = NULL;
2947 if (pkcs11_engine_path != NULL) {
2948 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2949 if (pkcs11_engine_path_copy == NULL)
2952 if (pkcs11_module_path != NULL) {
2953 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2954 if (pkcs11_module_path_copy == NULL) {
2955 os_free(pkcs11_engine_path_copy);
2960 os_free(wpa_s->conf->pkcs11_engine_path);
2961 os_free(wpa_s->conf->pkcs11_module_path);
2962 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2963 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2965 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2966 eapol_sm_deinit(wpa_s->eapol);
2967 wpa_s->eapol = NULL;
2968 if (wpa_supplicant_init_eapol(wpa_s)) {
2969 /* Error -> Reset paths to the default value (NULL) once. */
2970 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2971 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2976 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2983 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2984 * @wpa_s: wpa_supplicant structure for a network interface
2985 * @ap_scan: AP scan mode
2986 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2989 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2994 if (ap_scan < 0 || ap_scan > 2)
2997 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
2998 wpa_printf(MSG_INFO,
2999 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3003 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
3004 wpa_s->wpa_state >= WPA_ASSOCIATING &&
3005 wpa_s->wpa_state < WPA_COMPLETED) {
3006 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
3007 "associating", wpa_s->conf->ap_scan, ap_scan);
3010 #endif /* ANDROID */
3012 old_ap_scan = wpa_s->conf->ap_scan;
3013 wpa_s->conf->ap_scan = ap_scan;
3015 if (old_ap_scan != wpa_s->conf->ap_scan)
3016 wpas_notify_ap_scan_changed(wpa_s);
3023 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
3024 * @wpa_s: wpa_supplicant structure for a network interface
3025 * @expire_age: Expiration age in seconds
3026 * Returns: 0 if succeed or -1 if expire_age has an invalid value
3029 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3030 unsigned int bss_expire_age)
3032 if (bss_expire_age < 10) {
3033 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3037 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3039 wpa_s->conf->bss_expiration_age = bss_expire_age;
3046 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3047 * @wpa_s: wpa_supplicant structure for a network interface
3048 * @expire_count: number of scans after which an unseen BSS is reclaimed
3049 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3052 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3053 unsigned int bss_expire_count)
3055 if (bss_expire_count < 1) {
3056 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3060 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3062 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3069 * wpa_supplicant_set_scan_interval - Set scan interval
3070 * @wpa_s: wpa_supplicant structure for a network interface
3071 * @scan_interval: scan interval in seconds
3072 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3075 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3078 if (scan_interval < 0) {
3079 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3083 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3085 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3092 * wpa_supplicant_set_debug_params - Set global debug params
3093 * @global: wpa_global structure
3094 * @debug_level: debug level
3095 * @debug_timestamp: determines if show timestamp in debug data
3096 * @debug_show_keys: determines if show keys in debug data
3097 * Returns: 0 if succeed or -1 if debug_level has wrong value
3099 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3100 int debug_timestamp, int debug_show_keys)
3103 int old_level, old_timestamp, old_show_keys;
3105 /* check for allowed debuglevels */
3106 if (debug_level != MSG_EXCESSIVE &&
3107 debug_level != MSG_MSGDUMP &&
3108 debug_level != MSG_DEBUG &&
3109 debug_level != MSG_INFO &&
3110 debug_level != MSG_WARNING &&
3111 debug_level != MSG_ERROR)
3114 old_level = wpa_debug_level;
3115 old_timestamp = wpa_debug_timestamp;
3116 old_show_keys = wpa_debug_show_keys;
3118 wpa_debug_level = debug_level;
3119 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3120 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3122 if (wpa_debug_level != old_level)
3123 wpas_notify_debug_level_changed(global);
3124 if (wpa_debug_timestamp != old_timestamp)
3125 wpas_notify_debug_timestamp_changed(global);
3126 if (wpa_debug_show_keys != old_show_keys)
3127 wpas_notify_debug_show_keys_changed(global);
3134 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3135 * @wpa_s: Pointer to wpa_supplicant data
3136 * Returns: A pointer to the current network structure or %NULL on failure
3138 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3140 struct wpa_ssid *entry;
3141 u8 ssid[SSID_MAX_LEN];
3147 res = wpa_drv_get_ssid(wpa_s, ssid);
3149 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3155 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3156 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3161 wired = wpa_s->conf->ap_scan == 0 &&
3162 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3164 entry = wpa_s->conf->ssid;
3166 if (!wpas_network_disabled(wpa_s, entry) &&
3167 ((ssid_len == entry->ssid_len &&
3168 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3169 (!entry->bssid_set ||
3170 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3173 if (!wpas_network_disabled(wpa_s, entry) &&
3174 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3175 (entry->ssid == NULL || entry->ssid_len == 0) &&
3176 (!entry->bssid_set ||
3177 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3179 #endif /* CONFIG_WPS */
3181 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3182 entry->ssid_len == 0 &&
3183 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3186 entry = entry->next;
3193 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3195 struct wpa_global *global = wpa_s->global;
3197 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3198 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
3199 if (global->drv_priv[i] == NULL) {
3200 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3201 "'%s'", wpa_drivers[i]->name);
3206 wpa_s->driver = wpa_drivers[i];
3207 wpa_s->global_drv_priv = global->drv_priv[i];
3213 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3218 const char *pos, *driver = name;
3223 if (wpa_drivers[0] == NULL) {
3224 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3230 /* default to first driver in the list */
3231 return select_driver(wpa_s, 0);
3235 pos = os_strchr(driver, ',');
3239 len = os_strlen(driver);
3241 for (i = 0; wpa_drivers[i]; i++) {
3242 if (os_strlen(wpa_drivers[i]->name) == len &&
3243 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3245 /* First driver that succeeds wins */
3246 if (select_driver(wpa_s, i) == 0)
3254 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3260 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3261 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3262 * with struct wpa_driver_ops::init()
3263 * @src_addr: Source address of the EAPOL frame
3264 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3265 * @len: Length of the EAPOL data
3267 * This function is called for each received EAPOL frame. Most driver
3268 * interfaces rely on more generic OS mechanism for receiving frames through
3269 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3270 * take care of received EAPOL frames and deliver them to the core supplicant
3271 * code by calling this function.
3273 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3274 const u8 *buf, size_t len)
3276 struct wpa_supplicant *wpa_s = ctx;
3278 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3279 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3281 #ifdef CONFIG_PEERKEY
3282 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3283 wpa_s->current_ssid->peerkey &&
3284 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3285 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3286 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3289 #endif /* CONFIG_PEERKEY */
3291 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3292 (wpa_s->last_eapol_matches_bssid &&
3295 #endif /* CONFIG_AP */
3296 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3298 * There is possible race condition between receiving the
3299 * association event and the EAPOL frame since they are coming
3300 * through different paths from the driver. In order to avoid
3301 * issues in trying to process the EAPOL frame before receiving
3302 * association information, lets queue it for processing until
3303 * the association event is received. This may also be needed in
3304 * driver-based roaming case, so also use src_addr != BSSID as a
3305 * trigger if we have previously confirmed that the
3306 * Authenticator uses BSSID as the src_addr (which is not the
3307 * case with wired IEEE 802.1X).
3309 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3310 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3311 wpa_supplicant_state_txt(wpa_s->wpa_state),
3312 MAC2STR(wpa_s->bssid));
3313 wpabuf_free(wpa_s->pending_eapol_rx);
3314 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3315 if (wpa_s->pending_eapol_rx) {
3316 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3317 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3323 wpa_s->last_eapol_matches_bssid =
3324 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3327 if (wpa_s->ap_iface) {
3328 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3331 #endif /* CONFIG_AP */
3333 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3334 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3335 "no key management is configured");
3339 if (wpa_s->eapol_received == 0 &&
3340 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3341 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3342 wpa_s->wpa_state != WPA_COMPLETED) &&
3343 (wpa_s->current_ssid == NULL ||
3344 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3345 /* Timeout for completing IEEE 802.1X and WPA authentication */
3348 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3349 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3350 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3351 /* Use longer timeout for IEEE 802.1X/EAP */
3356 if (wpa_s->current_ssid && wpa_s->current_bss &&
3357 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3358 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3360 * Use shorter timeout if going through WPS AP iteration
3361 * for PIN config method with an AP that does not
3362 * advertise Selected Registrar.
3364 struct wpabuf *wps_ie;
3366 wps_ie = wpa_bss_get_vendor_ie_multi(
3367 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3369 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3371 wpabuf_free(wps_ie);
3373 #endif /* CONFIG_WPS */
3375 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3377 wpa_s->eapol_received++;
3379 if (wpa_s->countermeasures) {
3380 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3385 #ifdef CONFIG_IBSS_RSN
3386 if (wpa_s->current_ssid &&
3387 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3388 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3391 #endif /* CONFIG_IBSS_RSN */
3393 /* Source address of the incoming EAPOL frame could be compared to the
3394 * current BSSID. However, it is possible that a centralized
3395 * Authenticator could be using another MAC address than the BSSID of
3396 * an AP, so just allow any address to be used for now. The replies are
3397 * still sent to the current BSSID (if available), though. */
3399 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3400 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3401 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3403 wpa_drv_poll(wpa_s);
3404 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3405 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3406 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3408 * Set portValid = TRUE here since we are going to skip 4-way
3409 * handshake processing which would normally set portValid. We
3410 * need this to allow the EAPOL state machines to be completed
3411 * without going through EAPOL-Key handshake.
3413 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3418 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3420 if ((!wpa_s->p2p_mgmt ||
3421 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3422 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3423 l2_packet_deinit(wpa_s->l2);
3424 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3425 wpa_drv_get_mac_addr(wpa_s),
3427 wpa_supplicant_rx_eapol, wpa_s, 0);
3428 if (wpa_s->l2 == NULL)
3431 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3433 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3436 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3437 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3441 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3447 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3448 const u8 *buf, size_t len)
3450 struct wpa_supplicant *wpa_s = ctx;
3451 const struct l2_ethhdr *eth;
3453 if (len < sizeof(*eth))
3455 eth = (const struct l2_ethhdr *) buf;
3457 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3458 !(eth->h_dest[0] & 0x01)) {
3459 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3460 " (bridge - not for this interface - ignore)",
3461 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3465 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3466 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3467 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3468 len - sizeof(*eth));
3473 * wpa_supplicant_driver_init - Initialize driver interface parameters
3474 * @wpa_s: Pointer to wpa_supplicant data
3475 * Returns: 0 on success, -1 on failure
3477 * This function is called to initialize driver interface parameters.
3478 * wpa_drv_init() must have been called before this function to initialize the
3481 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3483 static int interface_count = 0;
3485 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3488 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3489 MAC2STR(wpa_s->own_addr));
3490 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3491 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3493 if (wpa_s->bridge_ifname[0]) {
3494 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3495 "interface '%s'", wpa_s->bridge_ifname);
3496 wpa_s->l2_br = l2_packet_init_bridge(
3497 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3498 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3499 if (wpa_s->l2_br == NULL) {
3500 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3501 "connection for the bridge interface '%s'",
3502 wpa_s->bridge_ifname);
3507 if (wpa_s->conf->ap_scan == 2 &&
3508 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3509 wpa_printf(MSG_INFO,
3510 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3513 wpa_clear_keys(wpa_s, NULL);
3515 /* Make sure that TKIP countermeasures are not left enabled (could
3516 * happen if wpa_supplicant is killed during countermeasures. */
3517 wpa_drv_set_countermeasures(wpa_s, 0);
3519 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3520 wpa_drv_flush_pmkid(wpa_s);
3522 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3523 wpa_s->prev_scan_wildcard = 0;
3525 if (wpa_supplicant_enabled_networks(wpa_s)) {
3526 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3527 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3528 interface_count = 0;
3531 if (!wpa_s->p2p_mgmt &&
3532 wpa_supplicant_delayed_sched_scan(wpa_s,
3533 interface_count % 3,
3535 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3537 #endif /* ANDROID */
3540 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3546 static int wpa_supplicant_daemon(const char *pid_file)
3548 wpa_printf(MSG_DEBUG, "Daemonize..");
3549 return os_daemonize(pid_file);
3553 static struct wpa_supplicant *
3554 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3556 struct wpa_supplicant *wpa_s;
3558 wpa_s = os_zalloc(sizeof(*wpa_s));
3561 wpa_s->scan_req = INITIAL_SCAN_REQ;
3562 wpa_s->scan_interval = 5;
3563 wpa_s->new_connection = 1;
3564 wpa_s->parent = parent ? parent : wpa_s;
3565 wpa_s->p2pdev = wpa_s->parent;
3566 wpa_s->sched_scanning = 0;
3568 dl_list_init(&wpa_s->bss_tmp_disallowed);
3574 #ifdef CONFIG_HT_OVERRIDES
3576 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3577 struct ieee80211_ht_capabilities *htcaps,
3578 struct ieee80211_ht_capabilities *htcaps_mask,
3581 /* parse ht_mcs into hex array */
3583 const char *tmp = ht_mcs;
3586 /* If ht_mcs is null, do not set anything */
3590 /* This is what we are setting in the kernel */
3591 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3593 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3595 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3597 long v = strtol(tmp, &end, 16);
3599 wpa_msg(wpa_s, MSG_DEBUG,
3600 "htcap value[%i]: %ld end: %p tmp: %p",
3605 htcaps->supported_mcs_set[i] = v;
3608 wpa_msg(wpa_s, MSG_ERROR,
3609 "Failed to parse ht-mcs: %s, error: %s\n",
3610 ht_mcs, strerror(errno));
3616 * If we were able to parse any values, then set mask for the MCS set.
3619 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3620 IEEE80211_HT_MCS_MASK_LEN - 1);
3621 /* skip the 3 reserved bits */
3622 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3630 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3631 struct ieee80211_ht_capabilities *htcaps,
3632 struct ieee80211_ht_capabilities *htcaps_mask,
3637 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3642 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3643 htcaps_mask->ht_capabilities_info |= msk;
3645 htcaps->ht_capabilities_info &= msk;
3647 htcaps->ht_capabilities_info |= msk;
3653 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3654 struct ieee80211_ht_capabilities *htcaps,
3655 struct ieee80211_ht_capabilities *htcaps_mask,
3658 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3663 if (factor < 0 || factor > 3) {
3664 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3665 "Must be 0-3 or -1", factor);
3669 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3670 htcaps->a_mpdu_params &= ~0x3;
3671 htcaps->a_mpdu_params |= factor & 0x3;
3677 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3678 struct ieee80211_ht_capabilities *htcaps,
3679 struct ieee80211_ht_capabilities *htcaps_mask,
3682 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3687 if (density < 0 || density > 7) {
3688 wpa_msg(wpa_s, MSG_ERROR,
3689 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3694 htcaps_mask->a_mpdu_params |= 0x1C;
3695 htcaps->a_mpdu_params &= ~(0x1C);
3696 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3702 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3703 struct ieee80211_ht_capabilities *htcaps,
3704 struct ieee80211_ht_capabilities *htcaps_mask,
3707 /* Masking these out disables HT40 */
3708 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3709 HT_CAP_INFO_SHORT_GI40MHZ);
3711 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3714 htcaps->ht_capabilities_info &= ~msk;
3716 htcaps->ht_capabilities_info |= msk;
3718 htcaps_mask->ht_capabilities_info |= msk;
3724 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3725 struct ieee80211_ht_capabilities *htcaps,
3726 struct ieee80211_ht_capabilities *htcaps_mask,
3729 /* Masking these out disables SGI */
3730 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3731 HT_CAP_INFO_SHORT_GI40MHZ);
3733 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3736 htcaps->ht_capabilities_info &= ~msk;
3738 htcaps->ht_capabilities_info |= msk;
3740 htcaps_mask->ht_capabilities_info |= msk;
3746 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3747 struct ieee80211_ht_capabilities *htcaps,
3748 struct ieee80211_ht_capabilities *htcaps_mask,
3751 /* Masking these out disables LDPC */
3752 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3754 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3757 htcaps->ht_capabilities_info &= ~msk;
3759 htcaps->ht_capabilities_info |= msk;
3761 htcaps_mask->ht_capabilities_info |= msk;
3767 void wpa_supplicant_apply_ht_overrides(
3768 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3769 struct wpa_driver_associate_params *params)
3771 struct ieee80211_ht_capabilities *htcaps;
3772 struct ieee80211_ht_capabilities *htcaps_mask;
3777 params->disable_ht = ssid->disable_ht;
3778 if (!params->htcaps || !params->htcaps_mask)
3781 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3782 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3783 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3784 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3785 ssid->disable_max_amsdu);
3786 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3787 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3788 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3789 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3790 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3792 if (ssid->ht40_intolerant) {
3793 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3794 htcaps->ht_capabilities_info |= bit;
3795 htcaps_mask->ht_capabilities_info |= bit;
3799 #endif /* CONFIG_HT_OVERRIDES */
3802 #ifdef CONFIG_VHT_OVERRIDES
3803 void wpa_supplicant_apply_vht_overrides(
3804 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3805 struct wpa_driver_associate_params *params)
3807 struct ieee80211_vht_capabilities *vhtcaps;
3808 struct ieee80211_vht_capabilities *vhtcaps_mask;
3813 params->disable_vht = ssid->disable_vht;
3815 vhtcaps = (void *) params->vhtcaps;
3816 vhtcaps_mask = (void *) params->vhtcaps_mask;
3818 if (!vhtcaps || !vhtcaps_mask)
3821 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
3822 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
3824 #ifdef CONFIG_HT_OVERRIDES
3825 /* if max ampdu is <= 3, we have to make the HT cap the same */
3826 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3829 max_ampdu = (ssid->vht_capa &
3830 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3831 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3833 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3834 wpa_set_ampdu_factor(wpa_s,
3835 (void *) params->htcaps,
3836 (void *) params->htcaps_mask,
3839 #endif /* CONFIG_HT_OVERRIDES */
3841 #define OVERRIDE_MCS(i) \
3842 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3843 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3844 host_to_le16(3 << 2 * (i - 1)); \
3845 vhtcaps->vht_supported_mcs_set.tx_map |= \
3846 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
3849 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3850 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3851 host_to_le16(3 << 2 * (i - 1)); \
3852 vhtcaps->vht_supported_mcs_set.rx_map |= \
3853 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
3866 #endif /* CONFIG_VHT_OVERRIDES */
3869 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3874 if (!wpa_s->conf->pcsc_reader)
3877 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3881 if (wpa_s->conf->pcsc_pin &&
3882 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3883 scard_deinit(wpa_s->scard);
3884 wpa_s->scard = NULL;
3885 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3889 len = sizeof(wpa_s->imsi) - 1;
3890 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3891 scard_deinit(wpa_s->scard);
3892 wpa_s->scard = NULL;
3893 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3896 wpa_s->imsi[len] = '\0';
3898 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3900 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3901 wpa_s->imsi, wpa_s->mnc_len);
3903 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3904 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3905 #endif /* PCSC_FUNCS */
3911 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3915 ext_password_deinit(wpa_s->ext_pw);
3916 wpa_s->ext_pw = NULL;
3917 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3919 if (!wpa_s->conf->ext_password_backend)
3922 val = os_strdup(wpa_s->conf->ext_password_backend);
3925 pos = os_strchr(val, ':');
3929 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3931 wpa_s->ext_pw = ext_password_init(val, pos);
3933 if (wpa_s->ext_pw == NULL) {
3934 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3937 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3945 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
3947 struct wpa_supplicant *wpa_s = ctx;
3949 return (is_zero_ether_addr(wpa_s->bssid) ||
3950 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
3954 static void wpas_fst_get_channel_info_cb(void *ctx,
3955 enum hostapd_hw_mode *hw_mode,
3958 struct wpa_supplicant *wpa_s = ctx;
3960 if (wpa_s->current_bss) {
3961 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
3963 } else if (wpa_s->hw.num_modes) {
3964 *hw_mode = wpa_s->hw.modes[0].mode;
3972 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
3974 struct wpa_supplicant *wpa_s = ctx;
3976 *modes = wpa_s->hw.modes;
3977 return wpa_s->hw.num_modes;
3981 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
3983 struct wpa_supplicant *wpa_s = ctx;
3985 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
3986 wpa_s->fst_ies = fst_ies;
3990 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
3992 struct wpa_supplicant *wpa_s = ctx;
3994 WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0);
3995 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
3996 wpa_s->own_addr, wpa_s->bssid,
3997 wpabuf_head(data), wpabuf_len(data),
4002 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
4004 struct wpa_supplicant *wpa_s = ctx;
4006 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4007 return wpa_s->received_mb_ies;
4011 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
4012 const u8 *buf, size_t size)
4014 struct wpa_supplicant *wpa_s = ctx;
4015 struct mb_ies_info info;
4017 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
4019 if (!mb_ies_info_by_ies(&info, buf, size)) {
4020 wpabuf_free(wpa_s->received_mb_ies);
4021 wpa_s->received_mb_ies = mb_ies_by_info(&info);
4026 static const u8 * wpas_fst_get_peer_first(void *ctx,
4027 struct fst_get_peer_ctx **get_ctx,
4030 struct wpa_supplicant *wpa_s = ctx;
4033 if (!is_zero_ether_addr(wpa_s->bssid))
4034 return (wpa_s->received_mb_ies || !mb_only) ?
4035 wpa_s->bssid : NULL;
4040 static const u8 * wpas_fst_get_peer_next(void *ctx,
4041 struct fst_get_peer_ctx **get_ctx,
4047 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4048 struct fst_wpa_obj *iface_obj)
4050 iface_obj->ctx = wpa_s;
4051 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4052 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4053 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4054 iface_obj->set_ies = wpas_fst_set_ies_cb;
4055 iface_obj->send_action = wpas_fst_send_action_cb;
4056 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4057 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4058 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4059 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4061 #endif /* CONFIG_FST */
4063 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4064 const struct wpa_driver_capa *capa)
4066 struct wowlan_triggers *triggers;
4069 if (!wpa_s->conf->wowlan_triggers)
4072 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4074 ret = wpa_drv_wowlan(wpa_s, triggers);
4081 enum wpa_radio_work_band wpas_freq_to_band(int freq)
4084 return BAND_2_4_GHZ;
4091 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
4094 unsigned int band = 0;
4097 /* freqs are specified for the radio work */
4098 for (i = 0; freqs[i]; i++)
4099 band |= wpas_freq_to_band(freqs[i]);
4102 * freqs are not specified, implies all
4103 * the supported freqs by HW
4105 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4106 if (wpa_s->hw.modes[i].num_channels != 0) {
4107 if (wpa_s->hw.modes[i].mode ==
4108 HOSTAPD_MODE_IEEE80211B ||
4109 wpa_s->hw.modes[i].mode ==
4110 HOSTAPD_MODE_IEEE80211G)
4111 band |= BAND_2_4_GHZ;
4112 else if (wpa_s->hw.modes[i].mode ==
4113 HOSTAPD_MODE_IEEE80211A)
4115 else if (wpa_s->hw.modes[i].mode ==
4116 HOSTAPD_MODE_IEEE80211AD)
4117 band |= BAND_60_GHZ;
4118 else if (wpa_s->hw.modes[i].mode ==
4119 HOSTAPD_MODE_IEEE80211ANY)
4120 band = BAND_2_4_GHZ | BAND_5_GHZ |
4130 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4133 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4134 struct wpa_radio *radio;
4136 while (rn && iface) {
4137 radio = iface->radio;
4138 if (radio && os_strcmp(rn, radio->name) == 0) {
4139 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4141 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4145 iface = iface->next;
4148 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4149 wpa_s->ifname, rn ? rn : "N/A");
4150 radio = os_zalloc(sizeof(*radio));
4155 os_strlcpy(radio->name, rn, sizeof(radio->name));
4156 dl_list_init(&radio->ifaces);
4157 dl_list_init(&radio->work);
4158 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4164 static void radio_work_free(struct wpa_radio_work *work)
4166 if (work->wpa_s->scan_work == work) {
4167 /* This should not really happen. */
4168 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4169 work->type, work, work->started);
4170 work->wpa_s->scan_work = NULL;
4174 if (work->wpa_s->p2p_scan_work == work) {
4175 /* This should not really happen. */
4176 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4177 work->type, work, work->started);
4178 work->wpa_s->p2p_scan_work = NULL;
4180 #endif /* CONFIG_P2P */
4182 if (work->started) {
4183 work->wpa_s->radio->num_active_works--;
4184 wpa_dbg(work->wpa_s, MSG_DEBUG,
4185 "radio_work_free('%s'@%p: num_active_works --> %u",
4187 work->wpa_s->radio->num_active_works);
4190 dl_list_del(&work->list);
4195 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4197 struct wpa_radio_work *active_work = NULL;
4198 struct wpa_radio_work *tmp;
4200 /* Get the active work to know the type and band. */
4201 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4209 /* No active work, start one */
4210 radio->num_active_works = 0;
4211 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4213 if (os_strcmp(tmp->type, "scan") == 0 &&
4214 radio->external_scan_running &&
4215 (((struct wpa_driver_scan_params *)
4216 tmp->ctx)->only_new_results ||
4217 tmp->wpa_s->clear_driver_scan_cache))
4224 if (os_strcmp(active_work->type, "sme-connect") == 0 ||
4225 os_strcmp(active_work->type, "connect") == 0) {
4227 * If the active work is either connect or sme-connect,
4228 * do not parallelize them with other radio works.
4230 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4231 "Do not parallelize radio work with %s",
4236 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4241 * If connect or sme-connect are enqueued, parallelize only
4242 * those operations ahead of them in the queue.
4244 if (os_strcmp(tmp->type, "connect") == 0 ||
4245 os_strcmp(tmp->type, "sme-connect") == 0)
4249 * Check that the radio works are distinct and
4250 * on different bands.
4252 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4253 (active_work->bands != tmp->bands)) {
4255 * If a scan has to be scheduled through nl80211 scan
4256 * interface and if an external scan is already running,
4257 * do not schedule the scan since it is likely to get
4258 * rejected by kernel.
4260 if (os_strcmp(tmp->type, "scan") == 0 &&
4261 radio->external_scan_running &&
4262 (((struct wpa_driver_scan_params *)
4263 tmp->ctx)->only_new_results ||
4264 tmp->wpa_s->clear_driver_scan_cache))
4267 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4268 "active_work:%s new_work:%s",
4269 active_work->type, tmp->type);
4274 /* Did not find a radio work to schedule in parallel. */
4279 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4281 struct wpa_radio *radio = eloop_ctx;
4282 struct wpa_radio_work *work;
4283 struct os_reltime now, diff;
4284 struct wpa_supplicant *wpa_s;
4286 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4288 radio->num_active_works = 0;
4292 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4296 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4298 return; /* already started and still in progress */
4300 if (wpa_s && wpa_s->radio->external_scan_running) {
4301 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4306 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4307 /* get the work to schedule next */
4308 work = radio_work_get_next_work(radio);
4314 wpa_s = work->wpa_s;
4315 os_get_reltime(&now);
4316 os_reltime_sub(&now, &work->time, &diff);
4317 wpa_dbg(wpa_s, MSG_DEBUG,
4318 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4319 work->type, work, diff.sec, diff.usec);
4322 radio->num_active_works++;
4326 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4327 radio->num_active_works < MAX_ACTIVE_WORKS)
4328 radio_work_check_next(wpa_s);
4333 * This function removes both started and pending radio works running on
4334 * the provided interface's radio.
4335 * Prior to the removal of the radio work, its callback (cb) is called with
4336 * deinit set to be 1. Each work's callback is responsible for clearing its
4337 * internal data and restoring to a correct state.
4338 * @wpa_s: wpa_supplicant data
4339 * @type: type of works to be removed
4340 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4341 * this interface's works.
4343 void radio_remove_works(struct wpa_supplicant *wpa_s,
4344 const char *type, int remove_all)
4346 struct wpa_radio_work *work, *tmp;
4347 struct wpa_radio *radio = wpa_s->radio;
4349 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4351 if (type && os_strcmp(type, work->type) != 0)
4354 /* skip other ifaces' works */
4355 if (!remove_all && work->wpa_s != wpa_s)
4358 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
4359 work->type, work, work->started ? " (started)" : "");
4361 radio_work_free(work);
4364 /* in case we removed the started work */
4365 radio_work_check_next(wpa_s);
4369 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4371 struct wpa_radio *radio = wpa_s->radio;
4376 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4377 wpa_s->ifname, radio->name);
4378 dl_list_del(&wpa_s->radio_list);
4379 radio_remove_works(wpa_s, NULL, 0);
4380 wpa_s->radio = NULL;
4381 if (!dl_list_empty(&radio->ifaces))
4382 return; /* Interfaces remain for this radio */
4384 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4385 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4390 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4392 struct wpa_radio *radio = wpa_s->radio;
4394 if (dl_list_empty(&radio->work))
4396 if (wpa_s->ext_work_in_progress) {
4397 wpa_printf(MSG_DEBUG,
4398 "External radio work in progress - delay start of pending item");
4401 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4402 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4407 * radio_add_work - Add a radio work item
4408 * @wpa_s: Pointer to wpa_supplicant data
4409 * @freq: Frequency of the offchannel operation in MHz or 0
4410 * @type: Unique identifier for each type of work
4411 * @next: Force as the next work to be executed
4412 * @cb: Callback function for indicating when radio is available
4413 * @ctx: Context pointer for the work (work->ctx in cb())
4414 * Returns: 0 on success, -1 on failure
4416 * This function is used to request time for an operation that requires
4417 * exclusive radio control. Once the radio is available, the registered callback
4418 * function will be called. radio_work_done() must be called once the exclusive
4419 * radio operation has been completed, so that the radio is freed for other
4420 * operations. The special case of deinit=1 is used to free the context data
4421 * during interface removal. That does not allow the callback function to start
4422 * the radio operation, i.e., it must free any resources allocated for the radio
4425 * The @freq parameter can be used to indicate a single channel on which the
4426 * offchannel operation will occur. This may allow multiple radio work
4427 * operations to be performed in parallel if they apply for the same channel.
4428 * Setting this to 0 indicates that the work item may use multiple channels or
4429 * requires exclusive control of the radio.
4431 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4432 const char *type, int next,
4433 void (*cb)(struct wpa_radio_work *work, int deinit),
4436 struct wpa_radio *radio = wpa_s->radio;
4437 struct wpa_radio_work *work;
4440 work = os_zalloc(sizeof(*work));
4443 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4444 os_get_reltime(&work->time);
4447 work->wpa_s = wpa_s;
4452 work->bands = wpas_freq_to_band(freq);
4453 else if (os_strcmp(type, "scan") == 0 ||
4454 os_strcmp(type, "p2p-scan") == 0)
4455 work->bands = wpas_get_bands(wpa_s,
4456 ((struct wpa_driver_scan_params *)
4459 work->bands = wpas_get_bands(wpa_s, NULL);
4461 was_empty = dl_list_empty(&wpa_s->radio->work);
4463 dl_list_add(&wpa_s->radio->work, &work->list);
4465 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4467 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4468 radio_work_check_next(wpa_s);
4469 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
4470 && radio->num_active_works < MAX_ACTIVE_WORKS) {
4471 wpa_dbg(wpa_s, MSG_DEBUG,
4472 "Try to schedule a radio work (num_active_works=%u)",
4473 radio->num_active_works);
4474 radio_work_check_next(wpa_s);
4482 * radio_work_done - Indicate that a radio work item has been completed
4483 * @work: Completed work
4485 * This function is called once the callback function registered with
4486 * radio_add_work() has completed its work.
4488 void radio_work_done(struct wpa_radio_work *work)
4490 struct wpa_supplicant *wpa_s = work->wpa_s;
4491 struct os_reltime now, diff;
4492 unsigned int started = work->started;
4494 os_get_reltime(&now);
4495 os_reltime_sub(&now, &work->time, &diff);
4496 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4497 work->type, work, started ? "done" : "canceled",
4498 diff.sec, diff.usec);
4499 radio_work_free(work);
4501 radio_work_check_next(wpa_s);
4505 struct wpa_radio_work *
4506 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
4508 struct wpa_radio_work *work;
4509 struct wpa_radio *radio = wpa_s->radio;
4511 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
4512 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
4520 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
4521 struct wpa_interface *iface)
4523 const char *ifname, *driver, *rn;
4525 driver = iface->driver;
4527 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
4530 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
4531 if (wpa_s->drv_priv == NULL) {
4533 pos = driver ? os_strchr(driver, ',') : NULL;
4535 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
4536 "driver interface - try next driver wrapper");
4540 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4544 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4545 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4546 "driver_param '%s'", wpa_s->conf->driver_param);
4550 ifname = wpa_drv_get_ifname(wpa_s);
4551 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4552 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4553 "interface name with '%s'", ifname);
4554 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4557 rn = wpa_driver_get_radio_name(wpa_s);
4558 if (rn && rn[0] == '\0')
4561 wpa_s->radio = radio_add_interface(wpa_s, rn);
4562 if (wpa_s->radio == NULL)
4569 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4570 struct wpa_interface *iface)
4572 struct wpa_driver_capa capa;
4575 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4576 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4577 iface->confname ? iface->confname : "N/A",
4578 iface->driver ? iface->driver : "default",
4579 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4580 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4582 if (iface->confname) {
4583 #ifdef CONFIG_BACKEND_FILE
4584 wpa_s->confname = os_rel2abs_path(iface->confname);
4585 if (wpa_s->confname == NULL) {
4586 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4587 "for configuration file '%s'.",
4591 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4592 iface->confname, wpa_s->confname);
4593 #else /* CONFIG_BACKEND_FILE */
4594 wpa_s->confname = os_strdup(iface->confname);
4595 #endif /* CONFIG_BACKEND_FILE */
4596 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4597 if (wpa_s->conf == NULL) {
4598 wpa_printf(MSG_ERROR, "Failed to read or parse "
4599 "configuration '%s'.", wpa_s->confname);
4602 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4603 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4606 * Override ctrl_interface and driver_param if set on command
4609 if (iface->ctrl_interface) {
4610 os_free(wpa_s->conf->ctrl_interface);
4611 wpa_s->conf->ctrl_interface =
4612 os_strdup(iface->ctrl_interface);
4615 if (iface->driver_param) {
4616 os_free(wpa_s->conf->driver_param);
4617 wpa_s->conf->driver_param =
4618 os_strdup(iface->driver_param);
4621 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4622 os_free(wpa_s->conf->ctrl_interface);
4623 wpa_s->conf->ctrl_interface = NULL;
4626 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4627 iface->driver_param);
4629 if (wpa_s->conf == NULL) {
4630 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4634 if (iface->ifname == NULL) {
4635 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4638 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4639 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4643 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4645 if (iface->bridge_ifname) {
4646 if (os_strlen(iface->bridge_ifname) >=
4647 sizeof(wpa_s->bridge_ifname)) {
4648 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4649 "name '%s'.", iface->bridge_ifname);
4652 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4653 sizeof(wpa_s->bridge_ifname));
4656 /* RSNA Supplicant Key Management - INITIALIZE */
4657 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4658 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4660 /* Initialize driver interface and register driver event handler before
4661 * L2 receive handler so that association events are processed before
4662 * EAPOL-Key packets if both become available for the same select()
4664 if (wpas_init_driver(wpa_s, iface) < 0)
4667 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4670 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4671 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4673 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4675 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4676 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4677 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4678 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4679 "dot11RSNAConfigPMKLifetime");
4683 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4684 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4685 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4686 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4687 "dot11RSNAConfigPMKReauthThreshold");
4691 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4692 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4693 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4694 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4695 "dot11RSNAConfigSATimeout");
4699 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4700 &wpa_s->hw.num_modes,
4702 if (wpa_s->hw.modes) {
4705 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4706 if (wpa_s->hw.modes[i].vht_capab) {
4707 wpa_s->hw_capab = CAPAB_VHT;
4711 if (wpa_s->hw.modes[i].ht_capab &
4712 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4713 wpa_s->hw_capab = CAPAB_HT40;
4714 else if (wpa_s->hw.modes[i].ht_capab &&
4715 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4716 wpa_s->hw_capab = CAPAB_HT;
4720 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4721 if (capa_res == 0) {
4722 wpa_s->drv_capa_known = 1;
4723 wpa_s->drv_flags = capa.flags;
4724 wpa_s->drv_enc = capa.enc;
4725 wpa_s->drv_smps_modes = capa.smps_modes;
4726 wpa_s->drv_rrm_flags = capa.rrm_flags;
4727 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4728 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4729 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4730 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
4731 wpa_s->max_sched_scan_plan_interval =
4732 capa.max_sched_scan_plan_interval;
4733 wpa_s->max_sched_scan_plan_iterations =
4734 capa.max_sched_scan_plan_iterations;
4735 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4736 wpa_s->max_match_sets = capa.max_match_sets;
4737 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4738 wpa_s->max_stations = capa.max_stations;
4739 wpa_s->extended_capa = capa.extended_capa;
4740 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4741 wpa_s->extended_capa_len = capa.extended_capa_len;
4742 wpa_s->num_multichan_concurrent =
4743 capa.num_multichan_concurrent;
4744 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4746 if (capa.mac_addr_rand_scan_supported)
4747 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4748 if (wpa_s->sched_scan_supported &&
4749 capa.mac_addr_rand_sched_scan_supported)
4750 wpa_s->mac_addr_rand_supported |=
4751 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4753 if (wpa_s->max_remain_on_chan == 0)
4754 wpa_s->max_remain_on_chan = 1000;
4757 * Only take p2p_mgmt parameters when P2P Device is supported.
4758 * Doing it here as it determines whether l2_packet_init() will be done
4759 * during wpa_supplicant_driver_init().
4761 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4762 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4764 iface->p2p_mgmt = 1;
4766 if (wpa_s->num_multichan_concurrent == 0)
4767 wpa_s->num_multichan_concurrent = 1;
4769 if (wpa_supplicant_driver_init(wpa_s) < 0)
4773 if ((!iface->p2p_mgmt ||
4774 !(wpa_s->drv_flags &
4775 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4776 wpa_tdls_init(wpa_s->wpa))
4778 #endif /* CONFIG_TDLS */
4780 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4781 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4782 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4787 if (wpa_s->conf->fst_group_id) {
4788 struct fst_iface_cfg cfg;
4789 struct fst_wpa_obj iface_obj;
4791 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
4792 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
4793 sizeof(cfg.group_id));
4794 cfg.priority = wpa_s->conf->fst_priority;
4795 cfg.llt = wpa_s->conf->fst_llt;
4797 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
4800 wpa_msg(wpa_s, MSG_ERROR,
4801 "FST: Cannot attach iface %s to group %s",
4802 wpa_s->ifname, cfg.group_id);
4806 #endif /* CONFIG_FST */
4808 if (wpas_wps_init(wpa_s))
4811 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4813 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4815 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4816 if (wpa_s->ctrl_iface == NULL) {
4817 wpa_printf(MSG_ERROR,
4818 "Failed to initialize control interface '%s'.\n"
4819 "You may have another wpa_supplicant process "
4820 "already running or the file was\n"
4821 "left by an unclean termination of wpa_supplicant "
4822 "in which case you will need\n"
4823 "to manually remove this file before starting "
4824 "wpa_supplicant again.\n",
4825 wpa_s->conf->ctrl_interface);
4829 wpa_s->gas = gas_query_init(wpa_s);
4830 if (wpa_s->gas == NULL) {
4831 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4835 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4836 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4840 if (wpa_bss_init(wpa_s) < 0)
4844 * Set Wake-on-WLAN triggers, if configured.
4845 * Note: We don't restore/remove the triggers on shutdown (it doesn't
4846 * have effect anyway when the interface is down).
4848 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
4851 #ifdef CONFIG_EAP_PROXY
4854 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
4856 if (wpa_s->mnc_len > 0) {
4857 wpa_s->imsi[len] = '\0';
4858 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
4859 wpa_s->imsi, wpa_s->mnc_len);
4861 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
4864 #endif /* CONFIG_EAP_PROXY */
4866 if (pcsc_reader_init(wpa_s) < 0)
4869 if (wpas_init_ext_pw(wpa_s) < 0)
4872 wpas_rrm_reset(wpa_s);
4874 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
4878 #endif /* CONFIG_HS20 */
4880 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
4881 #endif /* CONFIG_MBO */
4883 wpa_supplicant_set_default_scan_ies(wpa_s);
4889 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
4890 int notify, int terminate)
4892 struct wpa_global *global = wpa_s->global;
4893 struct wpa_supplicant *iface, *prev;
4895 if (wpa_s == wpa_s->parent)
4896 wpas_p2p_group_remove(wpa_s, "*");
4898 iface = global->ifaces;
4900 if (iface->p2pdev == wpa_s)
4901 iface->p2pdev = iface->parent;
4902 if (iface == wpa_s || iface->parent != wpa_s) {
4903 iface = iface->next;
4906 wpa_printf(MSG_DEBUG,
4907 "Remove remaining child interface %s from parent %s",
4908 iface->ifname, wpa_s->ifname);
4910 iface = iface->next;
4911 wpa_supplicant_remove_iface(global, prev, terminate);
4914 wpa_s->disconnected = 1;
4915 if (wpa_s->drv_priv) {
4916 wpa_supplicant_deauthenticate(wpa_s,
4917 WLAN_REASON_DEAUTH_LEAVING);
4919 wpa_drv_set_countermeasures(wpa_s, 0);
4920 wpa_clear_keys(wpa_s, NULL);
4923 wpa_supplicant_cleanup(wpa_s);
4924 wpas_p2p_deinit_iface(wpa_s);
4926 wpas_ctrl_radio_work_flush(wpa_s);
4927 radio_remove_interface(wpa_s);
4931 fst_detach(wpa_s->fst);
4934 if (wpa_s->received_mb_ies) {
4935 wpabuf_free(wpa_s->received_mb_ies);
4936 wpa_s->received_mb_ies = NULL;
4938 #endif /* CONFIG_FST */
4940 if (wpa_s->drv_priv)
4941 wpa_drv_deinit(wpa_s);
4944 wpas_notify_iface_removed(wpa_s);
4947 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
4949 if (wpa_s->ctrl_iface) {
4950 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
4951 wpa_s->ctrl_iface = NULL;
4956 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
4957 wpa_s->ifmsh = NULL;
4959 #endif /* CONFIG_MESH */
4961 if (wpa_s->conf != NULL) {
4962 wpa_config_free(wpa_s->conf);
4966 os_free(wpa_s->ssids_from_scan_req);
4972 #ifdef CONFIG_MATCH_IFACE
4975 * wpa_supplicant_match_iface - Match an interface description to a name
4976 * @global: Pointer to global data from wpa_supplicant_init()
4977 * @ifname: Name of the interface to match
4978 * Returns: Pointer to the created interface description or %NULL on failure
4980 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
4984 struct wpa_interface *iface, *miface;
4986 for (i = 0; i < global->params.match_iface_count; i++) {
4987 miface = &global->params.match_ifaces[i];
4988 if (!miface->ifname ||
4989 fnmatch(miface->ifname, ifname, 0) == 0) {
4990 iface = os_zalloc(sizeof(*iface));
4994 iface->ifname = ifname;
5004 * wpa_supplicant_match_existing - Match existing interfaces
5005 * @global: Pointer to global data from wpa_supplicant_init()
5006 * Returns: 0 on success, -1 on failure
5008 static int wpa_supplicant_match_existing(struct wpa_global *global)
5010 struct if_nameindex *ifi, *ifp;
5011 struct wpa_supplicant *wpa_s;
5012 struct wpa_interface *iface;
5014 ifp = if_nameindex();
5016 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
5020 for (ifi = ifp; ifi->if_name; ifi++) {
5021 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
5024 iface = wpa_supplicant_match_iface(global, ifi->if_name);
5026 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
5033 if_freenameindex(ifp);
5037 #endif /* CONFIG_MATCH_IFACE */
5041 * wpa_supplicant_add_iface - Add a new network interface
5042 * @global: Pointer to global data from wpa_supplicant_init()
5043 * @iface: Interface configuration options
5044 * @parent: Parent interface or %NULL to assign new interface as parent
5045 * Returns: Pointer to the created interface or %NULL on failure
5047 * This function is used to add new network interfaces for %wpa_supplicant.
5048 * This can be called before wpa_supplicant_run() to add interfaces before the
5049 * main event loop has been started. In addition, new interfaces can be added
5050 * dynamically while %wpa_supplicant is already running. This could happen,
5051 * e.g., when a hotplug network adapter is inserted.
5053 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
5054 struct wpa_interface *iface,
5055 struct wpa_supplicant *parent)
5057 struct wpa_supplicant *wpa_s;
5058 struct wpa_interface t_iface;
5059 struct wpa_ssid *ssid;
5061 if (global == NULL || iface == NULL)
5064 wpa_s = wpa_supplicant_alloc(parent);
5068 wpa_s->global = global;
5071 if (global->params.override_driver) {
5072 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5074 iface->driver, global->params.override_driver);
5075 t_iface.driver = global->params.override_driver;
5077 if (global->params.override_ctrl_interface) {
5078 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5079 "ctrl_interface ('%s' -> '%s')",
5080 iface->ctrl_interface,
5081 global->params.override_ctrl_interface);
5082 t_iface.ctrl_interface =
5083 global->params.override_ctrl_interface;
5085 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
5086 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5088 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
5092 if (iface->p2p_mgmt == 0) {
5093 /* Notify the control interfaces about new iface */
5094 if (wpas_notify_iface_added(wpa_s)) {
5095 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5099 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5100 wpas_notify_network_added(wpa_s, ssid);
5103 wpa_s->next = global->ifaces;
5104 global->ifaces = wpa_s;
5106 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
5107 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5110 if (wpa_s->global->p2p == NULL &&
5111 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
5112 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
5113 wpas_p2p_add_p2pdev_interface(
5114 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
5115 wpa_printf(MSG_INFO,
5116 "P2P: Failed to enable P2P Device interface");
5117 /* Try to continue without. P2P will be disabled. */
5119 #endif /* CONFIG_P2P */
5126 * wpa_supplicant_remove_iface - Remove a network interface
5127 * @global: Pointer to global data from wpa_supplicant_init()
5128 * @wpa_s: Pointer to the network interface to be removed
5129 * Returns: 0 if interface was removed, -1 if interface was not found
5131 * This function can be used to dynamically remove network interfaces from
5132 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5133 * addition, this function is used to remove all remaining interfaces when
5134 * %wpa_supplicant is terminated.
5136 int wpa_supplicant_remove_iface(struct wpa_global *global,
5137 struct wpa_supplicant *wpa_s,
5140 struct wpa_supplicant *prev;
5142 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5143 char *ifname = NULL;
5144 #endif /* CONFIG_MESH */
5146 /* Remove interface from the global list of interfaces */
5147 prev = global->ifaces;
5148 if (prev == wpa_s) {
5149 global->ifaces = wpa_s->next;
5151 while (prev && prev->next != wpa_s)
5155 prev->next = wpa_s->next;
5158 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
5161 if (mesh_if_created) {
5162 ifname = os_strdup(wpa_s->ifname);
5163 if (ifname == NULL) {
5164 wpa_dbg(wpa_s, MSG_ERROR,
5165 "mesh: Failed to malloc ifname");
5169 #endif /* CONFIG_MESH */
5171 if (global->p2p_group_formation == wpa_s)
5172 global->p2p_group_formation = NULL;
5173 if (global->p2p_invite_group == wpa_s)
5174 global->p2p_invite_group = NULL;
5175 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
5178 if (mesh_if_created) {
5179 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
5182 #endif /* CONFIG_MESH */
5189 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5190 * @wpa_s: Pointer to the network interface
5191 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5193 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5195 const char *eapol_method;
5197 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5198 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5202 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5203 if (eapol_method == NULL)
5204 return "UNKNOWN-EAP";
5206 return eapol_method;
5211 * wpa_supplicant_get_iface - Get a new network interface
5212 * @global: Pointer to global data from wpa_supplicant_init()
5213 * @ifname: Interface name
5214 * Returns: Pointer to the interface or %NULL if not found
5216 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5219 struct wpa_supplicant *wpa_s;
5221 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5222 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5229 #ifndef CONFIG_NO_WPA_MSG
5230 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
5232 struct wpa_supplicant *wpa_s = ctx;
5235 return wpa_s->ifname;
5237 #endif /* CONFIG_NO_WPA_MSG */
5240 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5241 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5242 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5244 /* Periodic cleanup tasks */
5245 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
5247 struct wpa_global *global = eloop_ctx;
5248 struct wpa_supplicant *wpa_s;
5250 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5251 wpas_periodic, global, NULL);
5255 p2p_expire_peers(global->p2p);
5256 #endif /* CONFIG_P2P */
5258 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5259 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
5262 #endif /* CONFIG_AP */
5268 * wpa_supplicant_init - Initialize %wpa_supplicant
5269 * @params: Parameters for %wpa_supplicant
5270 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5272 * This function is used to initialize %wpa_supplicant. After successful
5273 * initialization, the returned data pointer can be used to add and remove
5274 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5276 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
5278 struct wpa_global *global;
5284 #ifdef CONFIG_DRIVER_NDIS
5286 void driver_ndis_init_ops(void);
5287 driver_ndis_init_ops();
5289 #endif /* CONFIG_DRIVER_NDIS */
5291 #ifndef CONFIG_NO_WPA_MSG
5292 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
5293 #endif /* CONFIG_NO_WPA_MSG */
5295 if (params->wpa_debug_file_path)
5296 wpa_debug_open_file(params->wpa_debug_file_path);
5298 wpa_debug_setup_stdout();
5299 if (params->wpa_debug_syslog)
5300 wpa_debug_open_syslog();
5301 if (params->wpa_debug_tracing) {
5302 ret = wpa_debug_open_linux_tracing();
5304 wpa_printf(MSG_ERROR,
5305 "Failed to enable trace logging");
5310 ret = eap_register_methods();
5312 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
5314 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
5315 "the same EAP type.");
5319 global = os_zalloc(sizeof(*global));
5322 dl_list_init(&global->p2p_srv_bonjour);
5323 dl_list_init(&global->p2p_srv_upnp);
5324 global->params.daemonize = params->daemonize;
5325 global->params.wait_for_monitor = params->wait_for_monitor;
5326 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
5327 if (params->pid_file)
5328 global->params.pid_file = os_strdup(params->pid_file);
5329 if (params->ctrl_interface)
5330 global->params.ctrl_interface =
5331 os_strdup(params->ctrl_interface);
5332 if (params->ctrl_interface_group)
5333 global->params.ctrl_interface_group =
5334 os_strdup(params->ctrl_interface_group);
5335 if (params->override_driver)
5336 global->params.override_driver =
5337 os_strdup(params->override_driver);
5338 if (params->override_ctrl_interface)
5339 global->params.override_ctrl_interface =
5340 os_strdup(params->override_ctrl_interface);
5341 #ifdef CONFIG_MATCH_IFACE
5342 global->params.match_iface_count = params->match_iface_count;
5343 if (params->match_iface_count) {
5344 global->params.match_ifaces =
5345 os_calloc(params->match_iface_count,
5346 sizeof(struct wpa_interface));
5347 os_memcpy(global->params.match_ifaces,
5348 params->match_ifaces,
5349 params->match_iface_count *
5350 sizeof(struct wpa_interface));
5352 #endif /* CONFIG_MATCH_IFACE */
5354 if (params->conf_p2p_dev)
5355 global->params.conf_p2p_dev =
5356 os_strdup(params->conf_p2p_dev);
5357 #endif /* CONFIG_P2P */
5358 wpa_debug_level = global->params.wpa_debug_level =
5359 params->wpa_debug_level;
5360 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
5361 params->wpa_debug_show_keys;
5362 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
5363 params->wpa_debug_timestamp;
5365 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
5368 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
5369 wpa_supplicant_deinit(global);
5373 random_init(params->entropy_file);
5375 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
5376 if (global->ctrl_iface == NULL) {
5377 wpa_supplicant_deinit(global);
5381 if (wpas_notify_supplicant_initialized(global)) {
5382 wpa_supplicant_deinit(global);
5386 for (i = 0; wpa_drivers[i]; i++)
5387 global->drv_count++;
5388 if (global->drv_count == 0) {
5389 wpa_printf(MSG_ERROR, "No drivers enabled");
5390 wpa_supplicant_deinit(global);
5393 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
5394 if (global->drv_priv == NULL) {
5395 wpa_supplicant_deinit(global);
5399 #ifdef CONFIG_WIFI_DISPLAY
5400 if (wifi_display_init(global) < 0) {
5401 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
5402 wpa_supplicant_deinit(global);
5405 #endif /* CONFIG_WIFI_DISPLAY */
5407 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5408 wpas_periodic, global, NULL);
5415 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5416 * @global: Pointer to global data from wpa_supplicant_init()
5417 * Returns: 0 after successful event loop run, -1 on failure
5419 * This function starts the main event loop and continues running as long as
5420 * there are any remaining events. In most cases, this function is running as
5421 * long as the %wpa_supplicant process in still in use.
5423 int wpa_supplicant_run(struct wpa_global *global)
5425 struct wpa_supplicant *wpa_s;
5427 if (global->params.daemonize &&
5428 (wpa_supplicant_daemon(global->params.pid_file) ||
5429 eloop_sock_requeue()))
5432 #ifdef CONFIG_MATCH_IFACE
5433 if (wpa_supplicant_match_existing(global))
5437 if (global->params.wait_for_monitor) {
5438 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
5439 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
5440 wpa_supplicant_ctrl_iface_wait(
5444 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
5445 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
5454 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5455 * @global: Pointer to global data from wpa_supplicant_init()
5457 * This function is called to deinitialize %wpa_supplicant and to free all
5458 * allocated resources. Remaining network interfaces will also be removed.
5460 void wpa_supplicant_deinit(struct wpa_global *global)
5467 eloop_cancel_timeout(wpas_periodic, global, NULL);
5469 #ifdef CONFIG_WIFI_DISPLAY
5470 wifi_display_deinit(global);
5471 #endif /* CONFIG_WIFI_DISPLAY */
5473 while (global->ifaces)
5474 wpa_supplicant_remove_iface(global, global->ifaces, 1);
5476 if (global->ctrl_iface)
5477 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
5479 wpas_notify_supplicant_deinitialized(global);
5481 eap_peer_unregister_methods();
5483 eap_server_unregister_methods();
5484 #endif /* CONFIG_AP */
5486 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
5487 if (!global->drv_priv[i])
5489 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
5491 os_free(global->drv_priv);
5497 if (global->params.pid_file) {
5498 os_daemonize_terminate(global->params.pid_file);
5499 os_free(global->params.pid_file);
5501 os_free(global->params.ctrl_interface);
5502 os_free(global->params.ctrl_interface_group);
5503 os_free(global->params.override_driver);
5504 os_free(global->params.override_ctrl_interface);
5505 #ifdef CONFIG_MATCH_IFACE
5506 os_free(global->params.match_ifaces);
5507 #endif /* CONFIG_MATCH_IFACE */
5509 os_free(global->params.conf_p2p_dev);
5510 #endif /* CONFIG_P2P */
5512 os_free(global->p2p_disallow_freq.range);
5513 os_free(global->p2p_go_avoid_freq.range);
5514 os_free(global->add_psk);
5517 wpa_debug_close_syslog();
5518 wpa_debug_close_file();
5519 wpa_debug_close_linux_tracing();
5523 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
5525 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
5526 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
5528 country[0] = wpa_s->conf->country[0];
5529 country[1] = wpa_s->conf->country[1];
5531 if (wpa_drv_set_country(wpa_s, country) < 0) {
5532 wpa_printf(MSG_ERROR, "Failed to set country code "
5537 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
5538 wpas_init_ext_pw(wpa_s);
5540 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
5541 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5544 wpas_wps_update_config(wpa_s);
5545 #endif /* CONFIG_WPS */
5546 wpas_p2p_update_config(wpa_s);
5547 wpa_s->conf->changed_parameters = 0;
5551 void add_freq(int *freqs, int *num_freqs, int freq)
5555 for (i = 0; i < *num_freqs; i++) {
5556 if (freqs[i] == freq)
5560 freqs[*num_freqs] = freq;
5565 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
5567 struct wpa_bss *bss, *cbss;
5568 const int max_freqs = 10;
5572 freqs = os_calloc(max_freqs + 1, sizeof(int));
5576 cbss = wpa_s->current_bss;
5578 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5581 if (bss->ssid_len == cbss->ssid_len &&
5582 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
5583 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
5584 add_freq(freqs, &num_freqs, bss->freq);
5585 if (num_freqs == max_freqs)
5590 if (num_freqs == 0) {
5599 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
5605 wpas_connect_work_done(wpa_s);
5608 * Remove possible authentication timeout since the connection failed.
5610 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
5613 * There is no point in blacklisting the AP if this event is
5614 * generated based on local request to disconnect.
5616 if (wpa_s->own_disconnect_req) {
5617 wpa_s->own_disconnect_req = 0;
5618 wpa_dbg(wpa_s, MSG_DEBUG,
5619 "Ignore connection failure due to local request to disconnect");
5622 if (wpa_s->disconnected) {
5623 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
5624 "indication since interface has been put into "
5625 "disconnected state");
5630 * Add the failed BSSID into the blacklist and speed up next scan
5631 * attempt if there could be other APs that could accept association.
5632 * The current blacklist count indicates how many times we have tried
5633 * connecting to this AP and multiple attempts mean that other APs are
5634 * either not available or has already been tried, so that we can start
5635 * increasing the delay here to avoid constant scanning.
5637 count = wpa_blacklist_add(wpa_s, bssid);
5638 if (count == 1 && wpa_s->current_bss) {
5640 * This BSS was not in the blacklist before. If there is
5641 * another BSS available for the same ESS, we should try that
5642 * next. Otherwise, we may as well try this one once more
5643 * before allowing other, likely worse, ESSes to be considered.
5645 freqs = get_bss_freqs_in_ess(wpa_s);
5647 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
5648 "has been seen; try it next");
5649 wpa_blacklist_add(wpa_s, bssid);
5651 * On the next scan, go through only the known channels
5652 * used in this ESS based on previous scans to speed up
5653 * common load balancing use case.
5655 os_free(wpa_s->next_scan_freqs);
5656 wpa_s->next_scan_freqs = freqs;
5661 * Add previous failure count in case the temporary blacklist was
5662 * cleared due to no other BSSes being available.
5664 count += wpa_s->extra_blacklist_count;
5666 if (count > 3 && wpa_s->current_ssid) {
5667 wpa_printf(MSG_DEBUG, "Continuous association failures - "
5668 "consider temporary network disabling");
5669 wpas_auth_failed(wpa_s, "CONN_FAILED");
5690 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
5691 "ms", count, timeout);
5694 * TODO: if more than one possible AP is available in scan results,
5695 * could try the other ones before requesting a new scan.
5697 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
5698 1000 * (timeout % 1000));
5702 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
5704 return wpa_s->conf->ap_scan == 2 ||
5705 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
5709 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
5710 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
5711 struct wpa_ssid *ssid,
5715 #ifdef IEEE8021X_EAPOL
5716 struct eap_peer_config *eap = &ssid->eap;
5718 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5719 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5720 (const u8 *) value, os_strlen(value));
5722 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5723 case WPA_CTRL_REQ_EAP_IDENTITY:
5724 os_free(eap->identity);
5725 eap->identity = (u8 *) os_strdup(value);
5726 eap->identity_len = os_strlen(value);
5727 eap->pending_req_identity = 0;
5728 if (ssid == wpa_s->current_ssid)
5729 wpa_s->reassociate = 1;
5731 case WPA_CTRL_REQ_EAP_PASSWORD:
5732 bin_clear_free(eap->password, eap->password_len);
5733 eap->password = (u8 *) os_strdup(value);
5734 eap->password_len = os_strlen(value);
5735 eap->pending_req_password = 0;
5736 if (ssid == wpa_s->current_ssid)
5737 wpa_s->reassociate = 1;
5739 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5740 bin_clear_free(eap->new_password, eap->new_password_len);
5741 eap->new_password = (u8 *) os_strdup(value);
5742 eap->new_password_len = os_strlen(value);
5743 eap->pending_req_new_password = 0;
5744 if (ssid == wpa_s->current_ssid)
5745 wpa_s->reassociate = 1;
5747 case WPA_CTRL_REQ_EAP_PIN:
5748 str_clear_free(eap->pin);
5749 eap->pin = os_strdup(value);
5750 eap->pending_req_pin = 0;
5751 if (ssid == wpa_s->current_ssid)
5752 wpa_s->reassociate = 1;
5754 case WPA_CTRL_REQ_EAP_OTP:
5755 bin_clear_free(eap->otp, eap->otp_len);
5756 eap->otp = (u8 *) os_strdup(value);
5757 eap->otp_len = os_strlen(value);
5758 os_free(eap->pending_req_otp);
5759 eap->pending_req_otp = NULL;
5760 eap->pending_req_otp_len = 0;
5762 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5763 str_clear_free(eap->private_key_passwd);
5764 eap->private_key_passwd = os_strdup(value);
5765 eap->pending_req_passphrase = 0;
5766 if (ssid == wpa_s->current_ssid)
5767 wpa_s->reassociate = 1;
5769 case WPA_CTRL_REQ_SIM:
5770 str_clear_free(eap->external_sim_resp);
5771 eap->external_sim_resp = os_strdup(value);
5773 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5774 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5776 ssid->mem_only_psk = 1;
5777 if (ssid->passphrase)
5778 wpa_config_update_psk(ssid);
5779 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5780 wpa_supplicant_req_scan(wpa_s, 0, 0);
5782 case WPA_CTRL_REQ_EXT_CERT_CHECK:
5783 if (eap->pending_ext_cert_check != PENDING_CHECK)
5785 if (os_strcmp(value, "good") == 0)
5786 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
5787 else if (os_strcmp(value, "bad") == 0)
5788 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
5793 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
5798 #else /* IEEE8021X_EAPOL */
5799 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
5801 #endif /* IEEE8021X_EAPOL */
5803 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
5806 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5809 unsigned int drv_enc;
5811 if (wpa_s->p2p_mgmt)
5812 return 1; /* no normal network profiles on p2p_mgmt interface */
5820 if (wpa_s->drv_capa_known)
5821 drv_enc = wpa_s->drv_enc;
5823 drv_enc = (unsigned int) -1;
5825 for (i = 0; i < NUM_WEP_KEYS; i++) {
5826 size_t len = ssid->wep_key_len[i];
5829 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
5831 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
5833 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
5835 return 1; /* invalid WEP key */
5838 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
5839 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
5840 !ssid->mem_only_psk)
5847 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5849 #ifdef CONFIG_IEEE80211W
5850 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
5851 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
5852 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
5854 * Driver does not support BIP -- ignore pmf=1 default
5855 * since the connection with PMF would fail and the
5856 * configuration does not require PMF to be enabled.
5858 return NO_MGMT_FRAME_PROTECTION;
5863 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
5864 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
5866 * Do not use the default PMF value for non-RSN networks
5867 * since PMF is available only with RSN and pmf=2
5868 * configuration would otherwise prevent connections to
5869 * all open networks.
5871 return NO_MGMT_FRAME_PROTECTION;
5874 return wpa_s->conf->pmf;
5877 return ssid->ieee80211w;
5878 #else /* CONFIG_IEEE80211W */
5879 return NO_MGMT_FRAME_PROTECTION;
5880 #endif /* CONFIG_IEEE80211W */
5884 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
5886 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
5888 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
5894 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
5896 struct wpa_ssid *ssid = wpa_s->current_ssid;
5898 struct os_reltime now;
5901 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
5906 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
5909 ssid->auth_failures++;
5912 if (ssid->p2p_group &&
5913 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
5915 * Skip the wait time since there is a short timeout on the
5916 * connection to a P2P group.
5920 #endif /* CONFIG_P2P */
5922 if (ssid->auth_failures > 50)
5924 else if (ssid->auth_failures > 10)
5926 else if (ssid->auth_failures > 5)
5928 else if (ssid->auth_failures > 3)
5930 else if (ssid->auth_failures > 2)
5932 else if (ssid->auth_failures > 1)
5937 if (ssid->auth_failures > 1 &&
5938 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
5939 dur += os_random() % (ssid->auth_failures * 10);
5941 os_get_reltime(&now);
5942 if (now.sec + dur <= ssid->disabled_until.sec)
5945 ssid->disabled_until.sec = now.sec + dur;
5947 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
5948 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
5949 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
5950 ssid->auth_failures, dur, reason);
5954 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
5955 struct wpa_ssid *ssid, int clear_failures)
5960 if (ssid->disabled_until.sec) {
5961 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
5962 "id=%d ssid=\"%s\"",
5963 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
5965 ssid->disabled_until.sec = 0;
5966 ssid->disabled_until.usec = 0;
5968 ssid->auth_failures = 0;
5972 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
5976 if (wpa_s->disallow_aps_bssid == NULL)
5979 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
5980 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
5981 bssid, ETH_ALEN) == 0)
5989 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
5994 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
5997 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
5998 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
5999 if (ssid_len == s->ssid_len &&
6000 os_memcmp(ssid, s->ssid, ssid_len) == 0)
6009 * wpas_request_connection - Request a new connection
6010 * @wpa_s: Pointer to the network interface
6012 * This function is used to request a new connection to be found. It will mark
6013 * the interface to allow reassociation and request a new scan to find a
6014 * suitable network to connect to.
6016 void wpas_request_connection(struct wpa_supplicant *wpa_s)
6018 wpa_s->normal_scans = 0;
6019 wpa_s->scan_req = NORMAL_SCAN_REQ;
6020 wpa_supplicant_reinit_autoscan(wpa_s);
6021 wpa_s->extra_blacklist_count = 0;
6022 wpa_s->disconnected = 0;
6023 wpa_s->reassociate = 1;
6025 if (wpa_supplicant_fast_associate(wpa_s) != 1)
6026 wpa_supplicant_req_scan(wpa_s, 0, 0);
6028 wpa_s->reattach = 0;
6033 * wpas_request_disconnection - Request disconnection
6034 * @wpa_s: Pointer to the network interface
6036 * This function is used to request disconnection from the currently connected
6037 * network. This will stop any ongoing scans and initiate deauthentication.
6039 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
6042 wpa_s->sme.prev_bssid_set = 0;
6043 #endif /* CONFIG_SME */
6044 wpa_s->reassociate = 0;
6045 wpa_s->disconnected = 1;
6046 wpa_supplicant_cancel_sched_scan(wpa_s);
6047 wpa_supplicant_cancel_scan(wpa_s);
6048 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6049 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
6053 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
6054 struct wpa_used_freq_data *freqs_data,
6059 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
6061 for (i = 0; i < len; i++) {
6062 struct wpa_used_freq_data *cur = &freqs_data[i];
6063 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
6064 i, cur->freq, cur->flags);
6070 * Find the operating frequencies of any of the virtual interfaces that
6071 * are using the same radio as the current interface, and in addition, get
6072 * information about the interface types that are using the frequency.
6074 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6075 struct wpa_used_freq_data *freqs_data,
6078 struct wpa_supplicant *ifs;
6081 unsigned int idx = 0, i;
6083 wpa_dbg(wpa_s, MSG_DEBUG,
6084 "Determining shared radio frequencies (max len %u)", len);
6085 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
6087 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6092 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6095 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
6096 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6097 ifs->current_ssid->mode == WPAS_MODE_MESH)
6098 freq = ifs->current_ssid->frequency;
6099 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6100 freq = ifs->assoc_freq;
6104 /* Hold only distinct freqs */
6105 for (i = 0; i < idx; i++)
6106 if (freqs_data[i].freq == freq)
6110 freqs_data[idx++].freq = freq;
6112 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
6113 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
6114 WPA_FREQ_USED_BY_P2P_CLIENT :
6115 WPA_FREQ_USED_BY_INFRA_STATION;
6119 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
6125 * Find the operating frequencies of any of the virtual interfaces that
6126 * are using the same radio as the current interface.
6128 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6129 int *freq_array, unsigned int len)
6131 struct wpa_used_freq_data *freqs_data;
6134 os_memset(freq_array, 0, sizeof(int) * len);
6136 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6140 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6141 for (i = 0; i < num; i++)
6142 freq_array[i] = freqs_data[i].freq;
6144 os_free(freqs_data);
6150 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
6152 struct rrm_data *rrm = data;
6154 if (!rrm->notify_neighbor_rep) {
6155 wpa_printf(MSG_ERROR,
6156 "RRM: Unexpected neighbor report timeout");
6160 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
6161 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
6163 rrm->notify_neighbor_rep = NULL;
6164 rrm->neighbor_rep_cb_ctx = NULL;
6169 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
6170 * @wpa_s: Pointer to wpa_supplicant
6172 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
6174 wpa_s->rrm.rrm_used = 0;
6176 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
6178 if (wpa_s->rrm.notify_neighbor_rep)
6179 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
6180 wpa_s->rrm.next_neighbor_rep_token = 1;
6185 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
6186 * @wpa_s: Pointer to wpa_supplicant
6187 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
6188 * @report_len: Length of neighbor report buffer
6190 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
6191 const u8 *report, size_t report_len)
6193 struct wpabuf *neighbor_rep;
6195 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
6199 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
6200 wpa_printf(MSG_DEBUG,
6201 "RRM: Discarding neighbor report with token %d (expected %d)",
6202 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
6206 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
6209 if (!wpa_s->rrm.notify_neighbor_rep) {
6210 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
6214 /* skipping the first byte, which is only an id (dialog token) */
6215 neighbor_rep = wpabuf_alloc(report_len - 1);
6216 if (neighbor_rep == NULL)
6218 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
6219 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
6221 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
6223 wpa_s->rrm.notify_neighbor_rep = NULL;
6224 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
6228 #if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
6229 /* Workaround different, undefined for Windows, error codes used here */
6231 #define EOPNOTSUPP -1
6232 #define ECANCELED -1
6235 /* Measurement Request element + Location Subject + Maximum Age subelement */
6236 #define MEASURE_REQUEST_LCI_LEN (3 + 1 + 4)
6237 /* Measurement Request element + Location Civic Request */
6238 #define MEASURE_REQUEST_CIVIC_LEN (3 + 5)
6242 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
6243 * @wpa_s: Pointer to wpa_supplicant
6244 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
6245 * is sent in the request.
6246 * @lci: if set, neighbor request will include LCI request
6247 * @civic: if set, neighbor request will include civic location request
6248 * @cb: Callback function to be called once the requested report arrives, or
6249 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
6250 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
6251 * the requester's responsibility to free it.
6252 * In the latter case NULL will be sent in 'neighbor_rep'.
6253 * @cb_ctx: Context value to send the callback function
6254 * Returns: 0 in case of success, negative error code otherwise
6256 * In case there is a previous request which has not been answered yet, the
6257 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
6258 * Request must contain a callback function.
6260 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
6261 const struct wpa_ssid_value *ssid,
6263 void (*cb)(void *ctx,
6264 struct wpabuf *neighbor_rep),
6270 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
6271 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
6275 if (!wpa_s->rrm.rrm_used) {
6276 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
6280 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
6281 WLAN_EID_RRM_ENABLED_CAPABILITIES);
6282 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
6283 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
6284 wpa_printf(MSG_DEBUG,
6285 "RRM: No network support for Neighbor Report.");
6290 wpa_printf(MSG_DEBUG,
6291 "RRM: Neighbor Report request must provide a callback.");
6295 /* Refuse if there's a live request */
6296 if (wpa_s->rrm.notify_neighbor_rep) {
6297 wpa_printf(MSG_DEBUG,
6298 "RRM: Currently handling previous Neighbor Report.");
6302 /* 3 = action category + action code + dialog token */
6303 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0) +
6304 (lci ? 2 + MEASURE_REQUEST_LCI_LEN : 0) +
6305 (civic ? 2 + MEASURE_REQUEST_CIVIC_LEN : 0));
6307 wpa_printf(MSG_DEBUG,
6308 "RRM: Failed to allocate Neighbor Report Request");
6312 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
6313 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
6314 wpa_s->rrm.next_neighbor_rep_token);
6316 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6317 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
6318 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
6320 wpabuf_put_u8(buf, WLAN_EID_SSID);
6321 wpabuf_put_u8(buf, ssid->ssid_len);
6322 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
6326 /* IEEE P802.11-REVmc/D5.0 9.4.2.21 */
6327 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST);
6328 wpabuf_put_u8(buf, MEASURE_REQUEST_LCI_LEN);
6331 * Measurement token; nonzero number that is unique among the
6332 * Measurement Request elements in a particular frame.
6334 wpabuf_put_u8(buf, 1); /* Measurement Token */
6337 * Parallel, Enable, Request, and Report bits are 0, Duration is
6340 wpabuf_put_u8(buf, 0); /* Measurement Request Mode */
6341 wpabuf_put_u8(buf, MEASURE_TYPE_LCI); /* Measurement Type */
6343 /* IEEE P802.11-REVmc/D5.0 9.4.2.21.10 - LCI request */
6344 /* Location Subject */
6345 wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE);
6347 /* Optional Subelements */
6349 * IEEE P802.11-REVmc/D5.0 Figure 9-170
6350 * The Maximum Age subelement is required, otherwise the AP can
6351 * send only data that was determined after receiving the
6352 * request. Setting it here to unlimited age.
6354 wpabuf_put_u8(buf, LCI_REQ_SUBELEM_MAX_AGE);
6355 wpabuf_put_u8(buf, 2);
6356 wpabuf_put_le16(buf, 0xffff);
6360 /* IEEE P802.11-REVmc/D5.0 9.4.2.21 */
6361 wpabuf_put_u8(buf, WLAN_EID_MEASURE_REQUEST);
6362 wpabuf_put_u8(buf, MEASURE_REQUEST_CIVIC_LEN);
6365 * Measurement token; nonzero number that is unique among the
6366 * Measurement Request elements in a particular frame.
6368 wpabuf_put_u8(buf, 2); /* Measurement Token */
6371 * Parallel, Enable, Request, and Report bits are 0, Duration is
6374 wpabuf_put_u8(buf, 0); /* Measurement Request Mode */
6375 /* Measurement Type */
6376 wpabuf_put_u8(buf, MEASURE_TYPE_LOCATION_CIVIC);
6378 /* IEEE P802.11-REVmc/D5.0 9.4.2.21.14:
6379 * Location Civic request */
6380 /* Location Subject */
6381 wpabuf_put_u8(buf, LOCATION_SUBJECT_REMOTE);
6382 wpabuf_put_u8(buf, 0); /* Civic Location Type: IETF RFC 4776 */
6383 /* Location Service Interval Units: Seconds */
6384 wpabuf_put_u8(buf, 0);
6385 /* Location Service Interval: 0 - Only one report is requested
6387 wpabuf_put_le16(buf, 0);
6388 /* No optional subelements */
6391 wpa_s->rrm.next_neighbor_rep_token++;
6393 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
6394 wpa_s->own_addr, wpa_s->bssid,
6395 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
6396 wpa_printf(MSG_DEBUG,
6397 "RRM: Failed to send Neighbor Report Request");
6402 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
6403 wpa_s->rrm.notify_neighbor_rep = cb;
6404 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
6405 wpas_rrm_neighbor_rep_timeout_handler,
6413 static struct wpabuf * wpas_rrm_build_lci_report(struct wpa_supplicant *wpa_s,
6414 const u8 *request, size_t len,
6415 struct wpabuf *report)
6417 u8 token, type, subject;
6419 struct os_reltime t, diff;
6420 unsigned long diff_l;
6424 if (!wpa_s->lci || len < 3 + 4)
6428 /* Measurement request mode isn't used */
6431 subject = *request++;
6433 wpa_printf(MSG_DEBUG,
6434 "Measurement request token %u type %u location subject %u",
6435 token, type, subject);
6437 if (type != MEASURE_TYPE_LCI || subject != LOCATION_SUBJECT_REMOTE) {
6438 wpa_printf(MSG_INFO,
6439 "Not building LCI report - bad type or location subject");
6443 /* Subelements are formatted exactly like elements */
6444 subelem = get_ie(request, len, LCI_REQ_SUBELEM_MAX_AGE);
6445 if (subelem && subelem[1] == 2)
6446 max_age = WPA_GET_LE16(subelem + 2);
6448 if (os_get_reltime(&t))
6451 os_reltime_sub(&t, &wpa_s->lci_time, &diff);
6452 /* LCI age is calculated in 10th of a second units. */
6453 diff_l = diff.sec * 10 + diff.usec / 100000;
6455 if (max_age != 0xffff && max_age < diff_l)
6458 if (wpabuf_resize(&report, 2 + wpabuf_len(wpa_s->lci)))
6461 wpabuf_put_u8(report, WLAN_EID_MEASURE_REPORT);
6462 wpabuf_put_u8(report, wpabuf_len(wpa_s->lci));
6463 /* We'll override user's measurement token */
6464 ptoken = wpabuf_put(report, 0);
6465 wpabuf_put_buf(report, wpa_s->lci);
6472 void wpas_rrm_handle_radio_measurement_request(struct wpa_supplicant *wpa_s,
6474 const u8 *frame, size_t len)
6476 struct wpabuf *buf, *report;
6480 if (wpa_s->wpa_state != WPA_COMPLETED) {
6481 wpa_printf(MSG_INFO,
6482 "RRM: Ignoring radio measurement request: Not associated");
6486 if (!wpa_s->rrm.rrm_used) {
6487 wpa_printf(MSG_INFO,
6488 "RRM: Ignoring radio measurement request: Not RRM network");
6493 wpa_printf(MSG_INFO,
6494 "RRM: Ignoring too short radio measurement request");
6502 /* Ignore number of repetitions because it's not used in LCI request */
6506 while ((ie = get_ie(frame, end - frame, WLAN_EID_MEASURE_REQUEST)) &&
6511 wpa_printf(MSG_DEBUG, "RRM request %d", msmt_type);
6513 switch (msmt_type) {
6514 case MEASURE_TYPE_LCI:
6515 report = wpas_rrm_build_lci_report(wpa_s, ie + 2, ie[1],
6519 wpa_printf(MSG_INFO,
6520 "RRM: Unsupported radio measurement request %d",
6525 frame = ie + ie[1] + 2;
6531 buf = wpabuf_alloc(3 + wpabuf_len(report));
6533 wpabuf_free(report);
6537 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6538 wpabuf_put_u8(buf, WLAN_RRM_RADIO_MEASUREMENT_REPORT);
6539 wpabuf_put_u8(buf, token);
6541 wpabuf_put_buf(buf, report);
6542 wpabuf_free(report);
6544 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
6545 wpa_s->own_addr, wpa_s->bssid,
6546 wpabuf_head(buf), wpabuf_len(buf), 0)) {
6547 wpa_printf(MSG_ERROR,
6548 "RRM: Radio measurement report failed: Sending Action frame failed");
6554 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
6556 const u8 *frame, size_t len,
6560 const struct rrm_link_measurement_request *req;
6561 struct rrm_link_measurement_report report;
6563 if (wpa_s->wpa_state != WPA_COMPLETED) {
6564 wpa_printf(MSG_INFO,
6565 "RRM: Ignoring link measurement request. Not associated");
6569 if (!wpa_s->rrm.rrm_used) {
6570 wpa_printf(MSG_INFO,
6571 "RRM: Ignoring link measurement request. Not RRM network");
6575 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
6576 wpa_printf(MSG_INFO,
6577 "RRM: Measurement report failed. TX power insertion not supported");
6581 req = (const struct rrm_link_measurement_request *) frame;
6582 if (len < sizeof(*req)) {
6583 wpa_printf(MSG_INFO,
6584 "RRM: Link measurement report failed. Request too short");
6588 os_memset(&report, 0, sizeof(report));
6589 report.tpc.eid = WLAN_EID_TPC_REPORT;
6591 report.rsni = 255; /* 255 indicates that RSNI is not available */
6592 report.dialog_token = req->dialog_token;
6595 * It's possible to estimate RCPI based on RSSI in dBm. This
6596 * calculation will not reflect the correct value for high rates,
6597 * but it's good enough for Action frames which are transmitted
6598 * with up to 24 Mbps rates.
6601 report.rcpi = 255; /* not available */
6602 else if (rssi < -110)
6607 report.rcpi = (rssi + 110) * 2;
6609 /* action_category + action_code */
6610 buf = wpabuf_alloc(2 + sizeof(report));
6612 wpa_printf(MSG_ERROR,
6613 "RRM: Link measurement report failed. Buffer allocation failed");
6617 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6618 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
6619 wpabuf_put_data(buf, &report, sizeof(report));
6620 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
6621 wpabuf_head(buf), wpabuf_len(buf));
6623 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
6624 wpa_s->own_addr, wpa_s->bssid,
6625 wpabuf_head(buf), wpabuf_len(buf), 0)) {
6626 wpa_printf(MSG_ERROR,
6627 "RRM: Link measurement report failed. Send action failed");
6633 struct wpa_supplicant *
6634 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6638 case VENDOR_ELEM_PROBE_REQ_P2P:
6639 case VENDOR_ELEM_PROBE_RESP_P2P:
6640 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6641 case VENDOR_ELEM_BEACON_P2P_GO:
6642 case VENDOR_ELEM_P2P_PD_REQ:
6643 case VENDOR_ELEM_P2P_PD_RESP:
6644 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6645 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6646 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6647 case VENDOR_ELEM_P2P_INV_REQ:
6648 case VENDOR_ELEM_P2P_INV_RESP:
6649 case VENDOR_ELEM_P2P_ASSOC_REQ:
6650 case VENDOR_ELEM_P2P_ASSOC_RESP:
6651 return wpa_s->p2pdev;
6652 #endif /* CONFIG_P2P */
6659 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6664 wpa_printf(MSG_DEBUG, "Update vendor elements");
6666 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6667 if (wpa_s->vendor_elem[i]) {
6670 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6671 if (!os_snprintf_error(sizeof(buf), res)) {
6672 wpa_hexdump_buf(MSG_DEBUG, buf,
6673 wpa_s->vendor_elem[i]);
6679 if (wpa_s->parent == wpa_s &&
6680 wpa_s->global->p2p &&
6681 !wpa_s->global->p2p_disabled)
6682 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6683 #endif /* CONFIG_P2P */
6687 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6688 const u8 *elem, size_t len)
6692 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6693 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6695 for (; ie + 1 < end; ie += 2 + ie[1]) {
6698 if (os_memcmp(ie, elem, len) != 0)
6701 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
6702 wpabuf_free(wpa_s->vendor_elem[frame]);
6703 wpa_s->vendor_elem[frame] = NULL;
6705 os_memmove(ie, ie + len, end - (ie + len));
6706 wpa_s->vendor_elem[frame]->used -= len;
6708 wpas_vendor_elem_update(wpa_s);
6716 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
6717 u16 num_modes, enum hostapd_hw_mode mode)
6721 for (i = 0; i < num_modes; i++) {
6722 if (modes[i].mode == mode)
6731 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
6734 struct wpa_bss_tmp_disallowed *bss;
6736 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
6737 struct wpa_bss_tmp_disallowed, list) {
6738 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
6746 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
6749 struct wpa_bss_tmp_disallowed *bss;
6750 struct os_reltime until;
6752 os_get_reltime(&until);
6755 bss = wpas_get_disallowed_bss(wpa_s, bssid);
6757 bss->disallowed_until = until;
6761 bss = os_malloc(sizeof(*bss));
6763 wpa_printf(MSG_DEBUG,
6764 "Failed to allocate memory for temp disallow BSS");
6768 bss->disallowed_until = until;
6769 os_memcpy(bss->bssid, bssid, ETH_ALEN);
6770 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
6774 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6776 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
6777 struct os_reltime now, age;
6779 os_get_reltime(&now);
6781 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
6782 struct wpa_bss_tmp_disallowed, list) {
6783 if (!os_reltime_before(&now, &tmp->disallowed_until)) {
6784 /* This BSS is not disallowed anymore */
6785 dl_list_del(&tmp->list);
6789 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
6797 os_reltime_sub(&bss->disallowed_until, &now, &age);
6798 wpa_printf(MSG_DEBUG,
6799 "BSS " MACSTR " disabled for %ld.%0ld seconds",
6800 MAC2STR(bss->bssid), age.sec, age.usec);