3 * Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
14 #ifdef CONFIG_MATCH_IFACE
17 #endif /* CONFIG_MATCH_IFACE */
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "common/hw_features_common.h"
43 #include "blacklist.h"
44 #include "wpas_glue.h"
45 #include "wps_supplicant.h"
48 #include "gas_query.h"
50 #include "p2p_supplicant.h"
51 #include "wifi_display.h"
57 #include "offchannel.h"
58 #include "hs20_supplicant.h"
63 const char *const wpa_supplicant_version =
64 "wpa_supplicant v" VERSION_STR "\n"
65 "Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> and contributors";
67 const char *const wpa_supplicant_license =
68 "This software may be distributed under the terms of the BSD license.\n"
69 "See README for more details.\n"
70 #ifdef EAP_TLS_OPENSSL
71 "\nThis product includes software developed by the OpenSSL Project\n"
72 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
73 #endif /* EAP_TLS_OPENSSL */
76 #ifndef CONFIG_NO_STDOUT_DEBUG
77 /* Long text divided into parts in order to fit in C89 strings size limits. */
78 const char *const wpa_supplicant_full_license1 =
80 const char *const wpa_supplicant_full_license2 =
81 "This software may be distributed under the terms of the BSD license.\n"
83 "Redistribution and use in source and binary forms, with or without\n"
84 "modification, are permitted provided that the following conditions are\n"
87 const char *const wpa_supplicant_full_license3 =
88 "1. Redistributions of source code must retain the above copyright\n"
89 " notice, this list of conditions and the following disclaimer.\n"
91 "2. Redistributions in binary form must reproduce the above copyright\n"
92 " notice, this list of conditions and the following disclaimer in the\n"
93 " documentation and/or other materials provided with the distribution.\n"
95 const char *const wpa_supplicant_full_license4 =
96 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
97 " names of its contributors may be used to endorse or promote products\n"
98 " derived from this software without specific prior written permission.\n"
100 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
101 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
102 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
103 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
104 const char *const wpa_supplicant_full_license5 =
105 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
106 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
107 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
108 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
109 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
110 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
111 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
113 #endif /* CONFIG_NO_STDOUT_DEBUG */
115 /* Configure default/group WEP keys for static WEP */
116 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
120 for (i = 0; i < NUM_WEP_KEYS; i++) {
121 if (ssid->wep_key_len[i] == 0)
125 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
126 i, i == ssid->wep_tx_keyidx, NULL, 0,
127 ssid->wep_key[i], ssid->wep_key_len[i]);
134 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
135 struct wpa_ssid *ssid)
143 /* IBSS/WPA-None uses only one key (Group) for both receiving and
144 * sending unicast and multicast packets. */
146 if (ssid->mode != WPAS_MODE_IBSS) {
147 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
148 "IBSS/ad-hoc) for WPA-None", ssid->mode);
152 if (!ssid->psk_set) {
153 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
158 switch (wpa_s->group_cipher) {
159 case WPA_CIPHER_CCMP:
160 os_memcpy(key, ssid->psk, 16);
164 case WPA_CIPHER_GCMP:
165 os_memcpy(key, ssid->psk, 16);
169 case WPA_CIPHER_TKIP:
170 /* WPA-None uses the same Michael MIC key for both TX and RX */
171 os_memcpy(key, ssid->psk, 16 + 8);
172 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
177 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
178 "WPA-None", wpa_s->group_cipher);
182 /* TODO: should actually remember the previously used seq#, both for TX
183 * and RX from each STA.. */
185 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
186 os_memset(key, 0, sizeof(key));
191 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
193 struct wpa_supplicant *wpa_s = eloop_ctx;
194 const u8 *bssid = wpa_s->bssid;
195 if (is_zero_ether_addr(bssid))
196 bssid = wpa_s->pending_bssid;
197 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
199 wpa_blacklist_add(wpa_s, bssid);
200 wpa_sm_notify_disassoc(wpa_s->wpa);
201 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
202 wpa_s->reassociate = 1;
205 * If we timed out, the AP or the local radio may be busy.
206 * So, wait a second until scanning again.
208 wpa_supplicant_req_scan(wpa_s, 1, 0);
213 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
214 * @wpa_s: Pointer to wpa_supplicant data
215 * @sec: Number of seconds after which to time out authentication
216 * @usec: Number of microseconds after which to time out authentication
218 * This function is used to schedule a timeout for the current authentication
221 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
224 if (wpa_s->conf->ap_scan == 0 &&
225 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
228 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
229 "%d usec", sec, usec);
230 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
231 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
236 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
237 * @wpa_s: Pointer to wpa_supplicant data
239 * This function is used to cancel authentication timeout scheduled with
240 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
243 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
245 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
246 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
247 wpa_blacklist_del(wpa_s, wpa_s->bssid);
252 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
253 * @wpa_s: Pointer to wpa_supplicant data
255 * This function is used to configure EAPOL state machine based on the selected
256 * authentication mode.
258 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
260 #ifdef IEEE8021X_EAPOL
261 struct eapol_config eapol_conf;
262 struct wpa_ssid *ssid = wpa_s->current_ssid;
264 #ifdef CONFIG_IBSS_RSN
265 if (ssid->mode == WPAS_MODE_IBSS &&
266 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
267 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
269 * RSN IBSS authentication is per-STA and we can disable the
270 * per-BSSID EAPOL authentication.
272 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
273 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
274 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277 #endif /* CONFIG_IBSS_RSN */
279 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
280 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
282 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
283 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
284 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
286 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
288 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
289 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
290 eapol_conf.accept_802_1x_keys = 1;
291 eapol_conf.required_keys = 0;
292 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
293 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
295 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
296 eapol_conf.required_keys |=
297 EAPOL_REQUIRE_KEY_BROADCAST;
300 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
301 eapol_conf.required_keys = 0;
303 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
304 eapol_conf.workaround = ssid->eap_workaround;
305 eapol_conf.eap_disabled =
306 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
307 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
308 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
309 eapol_conf.external_sim = wpa_s->conf->external_sim;
312 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
313 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
314 if (wpa_s->current_bss) {
316 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
321 EAPOL_PEER_IS_WPS20_AP;
326 #endif /* CONFIG_WPS */
328 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
330 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
331 #endif /* IEEE8021X_EAPOL */
336 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
337 * @wpa_s: Pointer to wpa_supplicant data
338 * @ssid: Configuration data for the network
340 * This function is used to configure WPA state machine and related parameters
341 * to a mode where WPA is not enabled. This is called as part of the
342 * authentication configuration when the selected network does not use WPA.
344 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
345 struct wpa_ssid *ssid)
349 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
350 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
351 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
352 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
354 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
355 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
356 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
357 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
358 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
359 wpa_s->group_cipher = WPA_CIPHER_NONE;
360 wpa_s->mgmt_group_cipher = 0;
362 for (i = 0; i < NUM_WEP_KEYS; i++) {
363 if (ssid->wep_key_len[i] > 5) {
364 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
365 wpa_s->group_cipher = WPA_CIPHER_WEP104;
367 } else if (ssid->wep_key_len[i] > 0) {
368 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
369 wpa_s->group_cipher = WPA_CIPHER_WEP40;
374 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
375 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
376 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
377 wpa_s->pairwise_cipher);
378 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
379 #ifdef CONFIG_IEEE80211W
380 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
381 wpa_s->mgmt_group_cipher);
382 #endif /* CONFIG_IEEE80211W */
384 pmksa_cache_clear_current(wpa_s->wpa);
388 void free_hw_features(struct wpa_supplicant *wpa_s)
391 if (wpa_s->hw.modes == NULL)
394 for (i = 0; i < wpa_s->hw.num_modes; i++) {
395 os_free(wpa_s->hw.modes[i].channels);
396 os_free(wpa_s->hw.modes[i].rates);
399 os_free(wpa_s->hw.modes);
400 wpa_s->hw.modes = NULL;
404 static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
406 struct wpa_bss_tmp_disallowed *bss, *prev;
408 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
409 struct wpa_bss_tmp_disallowed, list) {
410 dl_list_del(&bss->list);
416 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
420 bgscan_deinit(wpa_s);
421 autoscan_deinit(wpa_s);
422 scard_deinit(wpa_s->scard);
424 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
425 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
426 l2_packet_deinit(wpa_s->l2);
429 l2_packet_deinit(wpa_s->l2_br);
432 #ifdef CONFIG_TESTING_OPTIONS
433 l2_packet_deinit(wpa_s->l2_test);
434 wpa_s->l2_test = NULL;
435 #endif /* CONFIG_TESTING_OPTIONS */
437 if (wpa_s->conf != NULL) {
438 struct wpa_ssid *ssid;
439 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
440 wpas_notify_network_removed(wpa_s, ssid);
443 os_free(wpa_s->confname);
444 wpa_s->confname = NULL;
446 os_free(wpa_s->confanother);
447 wpa_s->confanother = NULL;
449 wpa_sm_set_eapol(wpa_s->wpa, NULL);
450 eapol_sm_deinit(wpa_s->eapol);
453 rsn_preauth_deinit(wpa_s->wpa);
456 wpa_tdls_deinit(wpa_s->wpa);
457 #endif /* CONFIG_TDLS */
459 wmm_ac_clear_saved_tspecs(wpa_s);
460 pmksa_candidate_free(wpa_s->wpa);
461 wpa_sm_deinit(wpa_s->wpa);
463 wpa_blacklist_clear(wpa_s);
465 wpa_bss_deinit(wpa_s);
467 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
468 wpa_supplicant_cancel_scan(wpa_s);
469 wpa_supplicant_cancel_auth_timeout(wpa_s);
470 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
471 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
472 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
474 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
476 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
478 wpas_wps_deinit(wpa_s);
480 wpabuf_free(wpa_s->pending_eapol_rx);
481 wpa_s->pending_eapol_rx = NULL;
483 #ifdef CONFIG_IBSS_RSN
484 ibss_rsn_deinit(wpa_s->ibss_rsn);
485 wpa_s->ibss_rsn = NULL;
486 #endif /* CONFIG_IBSS_RSN */
491 wpa_supplicant_ap_deinit(wpa_s);
492 #endif /* CONFIG_AP */
494 wpas_p2p_deinit(wpa_s);
496 #ifdef CONFIG_OFFCHANNEL
497 offchannel_deinit(wpa_s);
498 #endif /* CONFIG_OFFCHANNEL */
500 wpa_supplicant_cancel_sched_scan(wpa_s);
502 os_free(wpa_s->next_scan_freqs);
503 wpa_s->next_scan_freqs = NULL;
505 os_free(wpa_s->manual_scan_freqs);
506 wpa_s->manual_scan_freqs = NULL;
508 os_free(wpa_s->manual_sched_scan_freqs);
509 wpa_s->manual_sched_scan_freqs = NULL;
511 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
514 * Need to remove any pending gas-query radio work before the
515 * gas_query_deinit() call because gas_query::work has not yet been set
516 * for works that have not been started. gas_query_free() will be unable
517 * to cancel such pending radio works and once the pending gas-query
518 * radio work eventually gets removed, the deinit notification call to
519 * gas_query_start_cb() would result in dereferencing freed memory.
522 radio_remove_works(wpa_s, "gas-query", 0);
523 gas_query_deinit(wpa_s->gas);
526 free_hw_features(wpa_s);
528 ieee802_1x_dealloc_kay_sm(wpa_s);
530 os_free(wpa_s->bssid_filter);
531 wpa_s->bssid_filter = NULL;
533 os_free(wpa_s->disallow_aps_bssid);
534 wpa_s->disallow_aps_bssid = NULL;
535 os_free(wpa_s->disallow_aps_ssid);
536 wpa_s->disallow_aps_ssid = NULL;
538 wnm_bss_keep_alive_deinit(wpa_s);
540 wnm_deallocate_memory(wpa_s);
541 #endif /* CONFIG_WNM */
543 ext_password_deinit(wpa_s->ext_pw);
544 wpa_s->ext_pw = NULL;
546 wpabuf_free(wpa_s->last_gas_resp);
547 wpa_s->last_gas_resp = NULL;
548 wpabuf_free(wpa_s->prev_gas_resp);
549 wpa_s->prev_gas_resp = NULL;
551 os_free(wpa_s->last_scan_res);
552 wpa_s->last_scan_res = NULL;
556 wpa_drv_configure_frame_filters(wpa_s, 0);
558 #endif /* CONFIG_HS20 */
560 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
561 wpabuf_free(wpa_s->vendor_elem[i]);
562 wpa_s->vendor_elem[i] = NULL;
565 wmm_ac_notify_disassoc(wpa_s);
567 wpa_s->sched_scan_plans_num = 0;
568 os_free(wpa_s->sched_scan_plans);
569 wpa_s->sched_scan_plans = NULL;
572 wpa_s->non_pref_chan_num = 0;
573 os_free(wpa_s->non_pref_chan);
574 wpa_s->non_pref_chan = NULL;
575 #endif /* CONFIG_MBO */
577 free_bss_tmp_disallowed(wpa_s);
582 * wpa_clear_keys - Clear keys configured for the driver
583 * @wpa_s: Pointer to wpa_supplicant data
584 * @addr: Previously used BSSID or %NULL if not available
586 * This function clears the encryption keys that has been previously configured
589 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
593 #ifdef CONFIG_IEEE80211W
595 #else /* CONFIG_IEEE80211W */
597 #endif /* CONFIG_IEEE80211W */
599 /* MLME-DELETEKEYS.request */
600 for (i = 0; i < max; i++) {
601 if (wpa_s->keys_cleared & BIT(i))
603 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
606 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
607 !is_zero_ether_addr(addr)) {
608 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
610 /* MLME-SETPROTECTION.request(None) */
611 wpa_drv_mlme_setprotection(
613 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
614 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
616 wpa_s->keys_cleared = (u32) -1;
621 * wpa_supplicant_state_txt - Get the connection state name as a text string
622 * @state: State (wpa_state; WPA_*)
623 * Returns: The state name as a printable text string
625 const char * wpa_supplicant_state_txt(enum wpa_states state)
628 case WPA_DISCONNECTED:
629 return "DISCONNECTED";
632 case WPA_INTERFACE_DISABLED:
633 return "INTERFACE_DISABLED";
636 case WPA_AUTHENTICATING:
637 return "AUTHENTICATING";
638 case WPA_ASSOCIATING:
639 return "ASSOCIATING";
642 case WPA_4WAY_HANDSHAKE:
643 return "4WAY_HANDSHAKE";
644 case WPA_GROUP_HANDSHAKE:
645 return "GROUP_HANDSHAKE";
656 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
660 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
661 name = wpa_s->current_ssid->bgscan;
663 name = wpa_s->conf->bgscan;
664 if (name == NULL || name[0] == '\0')
666 if (wpas_driver_bss_selection(wpa_s))
668 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
671 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
673 #endif /* CONFIG_P2P */
675 bgscan_deinit(wpa_s);
676 if (wpa_s->current_ssid) {
677 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
678 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
681 * Live without bgscan; it is only used as a roaming
682 * optimization, so the initial connection is not
686 struct wpa_scan_results *scan_res;
687 wpa_s->bgscan_ssid = wpa_s->current_ssid;
688 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
691 bgscan_notify_scan(wpa_s, scan_res);
692 wpa_scan_results_free(scan_res);
696 wpa_s->bgscan_ssid = NULL;
700 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
702 if (wpa_s->bgscan_ssid != NULL) {
703 bgscan_deinit(wpa_s);
704 wpa_s->bgscan_ssid = NULL;
708 #endif /* CONFIG_BGSCAN */
711 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
713 if (autoscan_init(wpa_s, 0))
714 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
718 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
720 autoscan_deinit(wpa_s);
724 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
726 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
727 wpa_s->wpa_state == WPA_SCANNING) {
728 autoscan_deinit(wpa_s);
729 wpa_supplicant_start_autoscan(wpa_s);
735 * wpa_supplicant_set_state - Set current connection state
736 * @wpa_s: Pointer to wpa_supplicant data
737 * @state: The new connection state
739 * This function is called whenever the connection state changes, e.g.,
740 * association is completed for WPA/WPA2 4-Way Handshake is started.
742 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
743 enum wpa_states state)
745 enum wpa_states old_state = wpa_s->wpa_state;
747 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
748 wpa_supplicant_state_txt(wpa_s->wpa_state),
749 wpa_supplicant_state_txt(state));
751 if (state == WPA_INTERFACE_DISABLED) {
752 /* Assure normal scan when interface is restored */
753 wpa_s->normal_scans = 0;
756 if (state == WPA_COMPLETED) {
757 wpas_connect_work_done(wpa_s);
758 /* Reinitialize normal_scan counter */
759 wpa_s->normal_scans = 0;
764 * P2PS client has to reply to Probe Request frames received on the
765 * group operating channel. Enable Probe Request frame reporting for
766 * P2P connected client in case p2p_cli_probe configuration property is
769 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
770 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
771 wpa_s->current_ssid->p2p_group) {
772 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
773 wpa_dbg(wpa_s, MSG_DEBUG,
774 "P2P: Enable CLI Probe Request RX reporting");
775 wpa_s->p2p_cli_probe =
776 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
777 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
778 wpa_dbg(wpa_s, MSG_DEBUG,
779 "P2P: Disable CLI Probe Request RX reporting");
780 wpa_s->p2p_cli_probe = 0;
781 wpa_drv_probe_req_report(wpa_s, 0);
784 #endif /* CONFIG_P2P */
786 if (state != WPA_SCANNING)
787 wpa_supplicant_notify_scanning(wpa_s, 0);
789 if (state == WPA_COMPLETED && wpa_s->new_connection) {
790 struct wpa_ssid *ssid = wpa_s->current_ssid;
791 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
792 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
793 MACSTR " completed [id=%d id_str=%s]",
794 MAC2STR(wpa_s->bssid),
795 ssid ? ssid->id : -1,
796 ssid && ssid->id_str ? ssid->id_str : "");
797 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
798 wpas_clear_temp_disabled(wpa_s, ssid, 1);
799 wpa_blacklist_clear(wpa_s);
800 wpa_s->extra_blacklist_count = 0;
801 wpa_s->new_connection = 0;
802 wpa_drv_set_operstate(wpa_s, 1);
803 #ifndef IEEE8021X_EAPOL
804 wpa_drv_set_supp_port(wpa_s, 1);
805 #endif /* IEEE8021X_EAPOL */
806 wpa_s->after_wps = 0;
807 wpa_s->known_wps_freq = 0;
808 wpas_p2p_completed(wpa_s);
810 sme_sched_obss_scan(wpa_s, 1);
811 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
812 state == WPA_ASSOCIATED) {
813 wpa_s->new_connection = 1;
814 wpa_drv_set_operstate(wpa_s, 0);
815 #ifndef IEEE8021X_EAPOL
816 wpa_drv_set_supp_port(wpa_s, 0);
817 #endif /* IEEE8021X_EAPOL */
818 sme_sched_obss_scan(wpa_s, 0);
820 wpa_s->wpa_state = state;
823 if (state == WPA_COMPLETED)
824 wpa_supplicant_start_bgscan(wpa_s);
825 else if (state < WPA_ASSOCIATED)
826 wpa_supplicant_stop_bgscan(wpa_s);
827 #endif /* CONFIG_BGSCAN */
829 if (state == WPA_AUTHENTICATING)
830 wpa_supplicant_stop_autoscan(wpa_s);
832 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
833 wpa_supplicant_start_autoscan(wpa_s);
835 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
836 wmm_ac_notify_disassoc(wpa_s);
838 if (wpa_s->wpa_state != old_state) {
839 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
842 * Notify the P2P Device interface about a state change in one
845 wpas_p2p_indicate_state_change(wpa_s);
847 if (wpa_s->wpa_state == WPA_COMPLETED ||
848 old_state == WPA_COMPLETED)
849 wpas_notify_auth_changed(wpa_s);
854 void wpa_supplicant_terminate_proc(struct wpa_global *global)
858 struct wpa_supplicant *wpa_s = global->ifaces;
860 struct wpa_supplicant *next = wpa_s->next;
861 if (wpas_wps_terminate_pending(wpa_s) == 1)
864 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
865 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
866 wpas_p2p_disconnect(wpa_s);
867 #endif /* CONFIG_P2P */
870 #endif /* CONFIG_WPS */
877 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
879 struct wpa_global *global = signal_ctx;
880 wpa_supplicant_terminate_proc(global);
884 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
886 enum wpa_states old_state = wpa_s->wpa_state;
888 wpa_s->pairwise_cipher = 0;
889 wpa_s->group_cipher = 0;
890 wpa_s->mgmt_group_cipher = 0;
892 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
893 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
895 if (wpa_s->wpa_state != old_state)
896 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
901 * wpa_supplicant_reload_configuration - Reload configuration data
902 * @wpa_s: Pointer to wpa_supplicant data
903 * Returns: 0 on success or -1 if configuration parsing failed
905 * This function can be used to request that the configuration data is reloaded
906 * (e.g., after configuration file change). This function is reloading
907 * configuration only for one interface, so this may need to be called multiple
908 * times if %wpa_supplicant is controlling multiple interfaces and all
909 * interfaces need reconfiguration.
911 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
913 struct wpa_config *conf;
917 if (wpa_s->confname == NULL)
919 conf = wpa_config_read(wpa_s->confname, NULL);
921 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
922 "file '%s' - exiting", wpa_s->confname);
925 wpa_config_read(wpa_s->confanother, conf);
927 conf->changed_parameters = (unsigned int) -1;
929 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
930 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
931 os_strcmp(conf->ctrl_interface,
932 wpa_s->conf->ctrl_interface) != 0);
934 if (reconf_ctrl && wpa_s->ctrl_iface) {
935 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
936 wpa_s->ctrl_iface = NULL;
939 eapol_sm_invalidate_cached_session(wpa_s->eapol);
940 if (wpa_s->current_ssid) {
941 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
942 wpa_s->own_disconnect_req = 1;
943 wpa_supplicant_deauthenticate(wpa_s,
944 WLAN_REASON_DEAUTH_LEAVING);
948 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
949 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
951 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
953 * Clear forced success to clear EAP state for next
956 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
958 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
959 wpa_sm_set_config(wpa_s->wpa, NULL);
960 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
961 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
962 rsn_preauth_deinit(wpa_s->wpa);
964 old_ap_scan = wpa_s->conf->ap_scan;
965 wpa_config_free(wpa_s->conf);
967 if (old_ap_scan != wpa_s->conf->ap_scan)
968 wpas_notify_ap_scan_changed(wpa_s);
971 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
973 wpa_supplicant_update_config(wpa_s);
975 wpa_supplicant_clear_status(wpa_s);
976 if (wpa_supplicant_enabled_networks(wpa_s)) {
977 wpa_s->reassociate = 1;
978 wpa_supplicant_req_scan(wpa_s, 0, 0);
980 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
985 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
987 struct wpa_global *global = signal_ctx;
988 struct wpa_supplicant *wpa_s;
989 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
990 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
992 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
993 wpa_supplicant_terminate_proc(global);
997 if (wpa_debug_reopen_file() < 0) {
998 /* Ignore errors since we cannot really do much to fix this */
999 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1004 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1005 struct wpa_ssid *ssid,
1006 struct wpa_ie_data *ie)
1008 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1011 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1012 "from association info");
1017 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1019 if (!(ie->group_cipher & ssid->group_cipher)) {
1020 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1021 "cipher 0x%x (mask 0x%x) - reject",
1022 ie->group_cipher, ssid->group_cipher);
1025 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1026 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1027 "cipher 0x%x (mask 0x%x) - reject",
1028 ie->pairwise_cipher, ssid->pairwise_cipher);
1031 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1032 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1033 "management 0x%x (mask 0x%x) - reject",
1034 ie->key_mgmt, ssid->key_mgmt);
1038 #ifdef CONFIG_IEEE80211W
1039 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1040 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1041 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1042 "that does not support management frame protection - "
1046 #endif /* CONFIG_IEEE80211W */
1053 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1054 * @wpa_s: Pointer to wpa_supplicant data
1055 * @bss: Scan results for the selected BSS, or %NULL if not available
1056 * @ssid: Configuration data for the selected network
1057 * @wpa_ie: Buffer for the WPA/RSN IE
1058 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1059 * used buffer length in case the functions returns success.
1060 * Returns: 0 on success or -1 on failure
1062 * This function is used to configure authentication and encryption parameters
1063 * based on the network configuration and scan result for the selected BSS (if
1066 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1067 struct wpa_bss *bss, struct wpa_ssid *ssid,
1068 u8 *wpa_ie, size_t *wpa_ie_len)
1070 struct wpa_ie_data ie;
1072 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1075 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1076 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1077 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1079 bss_wpa = bss_rsn = bss_osen = NULL;
1081 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1082 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1083 (ie.group_cipher & ssid->group_cipher) &&
1084 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1085 (ie.key_mgmt & ssid->key_mgmt)) {
1086 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1087 proto = WPA_PROTO_RSN;
1088 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1089 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1090 (ie.group_cipher & ssid->group_cipher) &&
1091 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1092 (ie.key_mgmt & ssid->key_mgmt)) {
1093 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1094 proto = WPA_PROTO_WPA;
1096 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1097 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1098 /* TODO: parse OSEN element */
1099 os_memset(&ie, 0, sizeof(ie));
1100 ie.group_cipher = WPA_CIPHER_CCMP;
1101 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1102 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1103 proto = WPA_PROTO_OSEN;
1104 #endif /* CONFIG_HS20 */
1106 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1107 wpa_dbg(wpa_s, MSG_DEBUG,
1108 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1109 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1111 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1112 MAC2STR(bss->bssid),
1113 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1114 bss_wpa ? " WPA" : "",
1115 bss_rsn ? " RSN" : "",
1116 bss_osen ? " OSEN" : "");
1118 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1119 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1120 wpa_dbg(wpa_s, MSG_DEBUG,
1121 "Could not parse RSN element");
1123 wpa_dbg(wpa_s, MSG_DEBUG,
1124 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1125 ie.pairwise_cipher, ie.group_cipher,
1130 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1131 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1132 wpa_dbg(wpa_s, MSG_DEBUG,
1133 "Could not parse WPA element");
1135 wpa_dbg(wpa_s, MSG_DEBUG,
1136 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1137 ie.pairwise_cipher, ie.group_cipher,
1143 if (ssid->proto & WPA_PROTO_OSEN)
1144 proto = WPA_PROTO_OSEN;
1145 else if (ssid->proto & WPA_PROTO_RSN)
1146 proto = WPA_PROTO_RSN;
1148 proto = WPA_PROTO_WPA;
1149 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1150 os_memset(&ie, 0, sizeof(ie));
1151 ie.group_cipher = ssid->group_cipher;
1152 ie.pairwise_cipher = ssid->pairwise_cipher;
1153 ie.key_mgmt = ssid->key_mgmt;
1154 #ifdef CONFIG_IEEE80211W
1155 ie.mgmt_group_cipher =
1156 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1157 WPA_CIPHER_AES_128_CMAC : 0;
1158 #endif /* CONFIG_IEEE80211W */
1159 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1160 "based on configuration");
1165 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1166 "pairwise %d key_mgmt %d proto %d",
1167 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1168 #ifdef CONFIG_IEEE80211W
1169 if (ssid->ieee80211w) {
1170 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1171 ie.mgmt_group_cipher);
1173 #endif /* CONFIG_IEEE80211W */
1175 wpa_s->wpa_proto = proto;
1176 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1177 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1178 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1180 if (bss || !wpa_s->ap_ies_from_associnfo) {
1181 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1182 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1183 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1184 bss_rsn ? 2 + bss_rsn[1] : 0))
1188 #ifdef CONFIG_NO_WPA
1189 wpa_s->group_cipher = WPA_CIPHER_NONE;
1190 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1191 #else /* CONFIG_NO_WPA */
1192 sel = ie.group_cipher & ssid->group_cipher;
1193 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1194 if (wpa_s->group_cipher < 0) {
1195 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1199 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1200 wpa_cipher_txt(wpa_s->group_cipher));
1202 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1203 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1204 if (wpa_s->pairwise_cipher < 0) {
1205 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1209 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1210 wpa_cipher_txt(wpa_s->pairwise_cipher));
1211 #endif /* CONFIG_NO_WPA */
1213 sel = ie.key_mgmt & ssid->key_mgmt;
1215 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1216 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1217 #endif /* CONFIG_SAE */
1219 #ifdef CONFIG_SUITEB192
1220 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1221 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1222 wpa_dbg(wpa_s, MSG_DEBUG,
1223 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1224 #endif /* CONFIG_SUITEB192 */
1225 #ifdef CONFIG_SUITEB
1226 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1227 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1228 wpa_dbg(wpa_s, MSG_DEBUG,
1229 "WPA: using KEY_MGMT 802.1X with Suite B");
1230 #endif /* CONFIG_SUITEB */
1231 #ifdef CONFIG_IEEE80211R
1232 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1233 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1234 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1235 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1236 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1237 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1238 #endif /* CONFIG_IEEE80211R */
1240 } else if (sel & WPA_KEY_MGMT_SAE) {
1241 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1242 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1243 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1244 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1245 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1246 #endif /* CONFIG_SAE */
1247 #ifdef CONFIG_IEEE80211W
1248 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1249 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1250 wpa_dbg(wpa_s, MSG_DEBUG,
1251 "WPA: using KEY_MGMT 802.1X with SHA256");
1252 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1253 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1254 wpa_dbg(wpa_s, MSG_DEBUG,
1255 "WPA: using KEY_MGMT PSK with SHA256");
1256 #endif /* CONFIG_IEEE80211W */
1257 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1258 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1259 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1260 } else if (sel & WPA_KEY_MGMT_PSK) {
1261 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1262 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1263 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1264 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1265 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1267 } else if (sel & WPA_KEY_MGMT_OSEN) {
1268 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1269 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1270 #endif /* CONFIG_HS20 */
1272 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1273 "authenticated key management type");
1277 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1278 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1279 wpa_s->pairwise_cipher);
1280 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1282 #ifdef CONFIG_IEEE80211W
1283 sel = ie.mgmt_group_cipher;
1284 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1285 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1287 if (sel & WPA_CIPHER_AES_128_CMAC) {
1288 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1289 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1291 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1292 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1293 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1295 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1296 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1297 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1299 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1300 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1301 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1304 wpa_s->mgmt_group_cipher = 0;
1305 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1307 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1308 wpa_s->mgmt_group_cipher);
1309 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1310 wpas_get_ssid_pmf(wpa_s, ssid));
1311 #endif /* CONFIG_IEEE80211W */
1313 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1314 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1318 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1321 if (ssid->psk_set) {
1322 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1326 #ifndef CONFIG_NO_PBKDF2
1327 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1330 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1331 4096, psk, PMK_LEN);
1332 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1334 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1336 os_memset(psk, 0, sizeof(psk));
1338 #endif /* CONFIG_NO_PBKDF2 */
1339 #ifdef CONFIG_EXT_PASSWORD
1340 if (ssid->ext_psk) {
1341 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1343 char pw_str[64 + 1];
1347 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1348 "found from external storage");
1352 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1353 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1354 "PSK length %d in external storage",
1355 (int) wpabuf_len(pw));
1356 ext_password_free(pw);
1360 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1361 pw_str[wpabuf_len(pw)] = '\0';
1363 #ifndef CONFIG_NO_PBKDF2
1364 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1366 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1367 4096, psk, PMK_LEN);
1368 os_memset(pw_str, 0, sizeof(pw_str));
1369 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1370 "external passphrase)",
1372 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1375 os_memset(psk, 0, sizeof(psk));
1377 #endif /* CONFIG_NO_PBKDF2 */
1378 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1379 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1380 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1381 "Invalid PSK hex string");
1382 os_memset(pw_str, 0, sizeof(pw_str));
1383 ext_password_free(pw);
1386 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1389 os_memset(psk, 0, sizeof(psk));
1391 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1393 os_memset(pw_str, 0, sizeof(pw_str));
1394 ext_password_free(pw);
1398 os_memset(pw_str, 0, sizeof(pw_str));
1399 ext_password_free(pw);
1401 #endif /* CONFIG_EXT_PASSWORD */
1404 wpa_msg(wpa_s, MSG_INFO,
1405 "No PSK available for association");
1409 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1415 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1420 case 0: /* Bits 0-7 */
1422 case 1: /* Bits 8-15 */
1424 case 2: /* Bits 16-23 */
1426 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1427 *pos |= 0x08; /* Bit 19 - BSS Transition */
1428 #endif /* CONFIG_WNM */
1430 case 3: /* Bits 24-31 */
1432 *pos |= 0x02; /* Bit 25 - SSID List */
1433 #endif /* CONFIG_WNM */
1434 #ifdef CONFIG_INTERWORKING
1435 if (wpa_s->conf->interworking)
1436 *pos |= 0x80; /* Bit 31 - Interworking */
1437 #endif /* CONFIG_INTERWORKING */
1439 case 4: /* Bits 32-39 */
1440 #ifdef CONFIG_INTERWORKING
1441 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1442 *pos |= 0x01; /* Bit 32 - QoS Map */
1443 #endif /* CONFIG_INTERWORKING */
1445 case 5: /* Bits 40-47 */
1447 if (wpa_s->conf->hs20)
1448 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1449 #endif /* CONFIG_HS20 */
1451 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1452 #endif /* CONFIG_MBO */
1454 case 6: /* Bits 48-55 */
1460 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1465 if (len < wpa_s->extended_capa_len)
1466 len = wpa_s->extended_capa_len;
1467 if (buflen < (size_t) len + 2) {
1468 wpa_printf(MSG_INFO,
1469 "Not enough room for building extended capabilities element");
1473 *pos++ = WLAN_EID_EXT_CAPAB;
1475 for (i = 0; i < len; i++, pos++) {
1476 wpas_ext_capab_byte(wpa_s, pos, i);
1478 if (i < wpa_s->extended_capa_len) {
1479 *pos &= ~wpa_s->extended_capa_mask[i];
1480 *pos |= wpa_s->extended_capa[i];
1484 while (len > 0 && buf[1 + len] == 0) {
1495 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1496 struct wpa_bss *test_bss)
1498 struct wpa_bss *bss;
1500 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1501 if (bss == test_bss)
1509 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1510 struct wpa_ssid *test_ssid)
1512 struct wpa_ssid *ssid;
1514 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1515 if (ssid == test_ssid)
1523 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1524 struct wpa_ssid *test_ssid)
1526 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1529 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1533 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1541 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1543 struct wpa_connect_work *cwork;
1544 struct wpa_radio_work *work = wpa_s->connect_work;
1549 wpa_s->connect_work = NULL;
1552 wpas_connect_work_free(cwork);
1553 radio_work_done(work);
1557 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1559 struct os_reltime now;
1562 os_get_reltime(&now);
1563 if (wpa_s->last_mac_addr_style == style &&
1564 wpa_s->last_mac_addr_change.sec != 0 &&
1565 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1566 wpa_s->conf->rand_addr_lifetime)) {
1567 wpa_msg(wpa_s, MSG_DEBUG,
1568 "Previously selected random MAC address has not yet expired");
1574 if (random_mac_addr(addr) < 0)
1578 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1579 if (random_mac_addr_keep_oui(addr) < 0)
1586 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1587 wpa_msg(wpa_s, MSG_INFO,
1588 "Failed to set random MAC address");
1592 os_get_reltime(&wpa_s->last_mac_addr_change);
1593 wpa_s->mac_addr_changed = 1;
1594 wpa_s->last_mac_addr_style = style;
1596 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1597 wpa_msg(wpa_s, MSG_INFO,
1598 "Could not update MAC address information");
1602 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1609 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1611 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1612 !wpa_s->conf->preassoc_mac_addr)
1615 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1619 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1622 * wpa_supplicant_associate - Request association
1623 * @wpa_s: Pointer to wpa_supplicant data
1624 * @bss: Scan results for the selected BSS, or %NULL if not available
1625 * @ssid: Configuration data for the selected network
1627 * This function is used to request %wpa_supplicant to associate with a BSS.
1629 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1630 struct wpa_bss *bss, struct wpa_ssid *ssid)
1632 struct wpa_connect_work *cwork;
1635 wpa_s->own_disconnect_req = 0;
1638 * If we are starting a new connection, any previously pending EAPOL
1639 * RX cannot be valid anymore.
1641 wpabuf_free(wpa_s->pending_eapol_rx);
1642 wpa_s->pending_eapol_rx = NULL;
1644 if (ssid->mac_addr == -1)
1645 rand_style = wpa_s->conf->mac_addr;
1647 rand_style = ssid->mac_addr;
1649 wmm_ac_clear_saved_tspecs(wpa_s);
1650 wpa_s->reassoc_same_bss = 0;
1651 wpa_s->reassoc_same_ess = 0;
1653 if (wpa_s->last_ssid == ssid) {
1654 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1655 wpa_s->reassoc_same_ess = 1;
1656 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1657 wmm_ac_save_tspecs(wpa_s);
1658 wpa_s->reassoc_same_bss = 1;
1660 } else if (rand_style > 0) {
1661 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1663 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1664 } else if (wpa_s->mac_addr_changed) {
1665 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1666 wpa_msg(wpa_s, MSG_INFO,
1667 "Could not restore permanent MAC address");
1670 wpa_s->mac_addr_changed = 0;
1671 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1672 wpa_msg(wpa_s, MSG_INFO,
1673 "Could not update MAC address information");
1676 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1678 wpa_s->last_ssid = ssid;
1680 #ifdef CONFIG_IBSS_RSN
1681 ibss_rsn_deinit(wpa_s->ibss_rsn);
1682 wpa_s->ibss_rsn = NULL;
1683 #endif /* CONFIG_IBSS_RSN */
1685 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1686 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1688 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1689 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1693 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1694 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1695 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1696 wpas_p2p_ap_setup_failed(wpa_s);
1699 wpa_s->current_bss = bss;
1700 #else /* CONFIG_AP */
1701 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1703 #endif /* CONFIG_AP */
1707 if (ssid->mode == WPAS_MODE_MESH) {
1709 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1710 wpa_msg(wpa_s, MSG_INFO,
1711 "Driver does not support mesh mode");
1715 ssid->frequency = bss->freq;
1716 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1717 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1720 wpa_s->current_bss = bss;
1721 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d",
1722 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1724 #else /* CONFIG_MESH */
1725 wpa_msg(wpa_s, MSG_ERROR,
1726 "mesh mode support not included in the build");
1727 #endif /* CONFIG_MESH */
1733 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1735 #endif /* CONFIG_TDLS */
1737 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1738 ssid->mode == IEEE80211_MODE_INFRA) {
1739 sme_authenticate(wpa_s, bss, ssid);
1743 if (wpa_s->connect_work) {
1744 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1748 if (radio_work_pending(wpa_s, "connect")) {
1749 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1753 wpas_abort_ongoing_scan(wpa_s);
1755 cwork = os_zalloc(sizeof(*cwork));
1762 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1763 wpas_start_assoc_cb, cwork) < 0) {
1769 static int bss_is_ibss(struct wpa_bss *bss)
1771 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1776 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
1777 const struct wpa_ssid *ssid)
1779 enum hostapd_hw_mode hw_mode;
1780 struct hostapd_hw_modes *mode = NULL;
1784 #ifdef CONFIG_HT_OVERRIDES
1785 if (ssid->disable_ht)
1787 #endif /* CONFIG_HT_OVERRIDES */
1789 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
1790 if (hw_mode == NUM_HOSTAPD_MODES)
1792 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1793 if (wpa_s->hw.modes[i].mode == hw_mode) {
1794 mode = &wpa_s->hw.modes[i];
1802 return mode->vht_capab != 0;
1806 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1807 const struct wpa_ssid *ssid,
1808 struct hostapd_freq_params *freq)
1810 enum hostapd_hw_mode hw_mode;
1811 struct hostapd_hw_modes *mode = NULL;
1812 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1814 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1815 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1817 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1819 struct hostapd_freq_params vht_freq;
1820 int chwidth, seg0, seg1;
1823 freq->freq = ssid->frequency;
1825 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1826 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1828 if (ssid->mode != WPAS_MODE_IBSS)
1831 /* Don't adjust control freq in case of fixed_freq */
1832 if (ssid->fixed_freq)
1835 if (!bss_is_ibss(bss))
1838 if (ssid->ssid_len == bss->ssid_len &&
1839 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1840 wpa_printf(MSG_DEBUG,
1841 "IBSS already found in scan results, adjust control freq: %d",
1843 freq->freq = bss->freq;
1849 /* For IBSS check HT_IBSS flag */
1850 if (ssid->mode == WPAS_MODE_IBSS &&
1851 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1854 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1855 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1856 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1857 wpa_printf(MSG_DEBUG,
1858 "IBSS: WEP/TKIP detected, do not try to enable HT");
1862 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1863 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1864 if (wpa_s->hw.modes[i].mode == hw_mode) {
1865 mode = &wpa_s->hw.modes[i];
1873 freq->ht_enabled = ht_supported(mode);
1874 if (!freq->ht_enabled)
1877 /* Setup higher BW only for 5 GHz */
1878 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1881 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1882 pri_chan = &mode->channels[chan_idx];
1883 if (pri_chan->chan == channel)
1890 /* Check primary channel flags */
1891 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1894 /* Check/setup HT40+/HT40- */
1895 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1896 if (ht40plus[j] == channel) {
1902 /* Find secondary channel */
1903 for (i = 0; i < mode->num_channels; i++) {
1904 sec_chan = &mode->channels[i];
1905 if (sec_chan->chan == channel + ht40 * 4)
1912 /* Check secondary channel flags */
1913 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1916 freq->channel = pri_chan->chan;
1920 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
1922 freq->sec_channel_offset = -1;
1925 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
1927 freq->sec_channel_offset = 1;
1933 if (freq->sec_channel_offset && obss_scan) {
1934 struct wpa_scan_results *scan_res;
1936 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
1937 if (scan_res == NULL) {
1939 freq->sec_channel_offset = 0;
1943 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
1948 freq->sec_channel_offset = 0;
1951 /* Configuration allowed */
1954 /* Switch pri/sec channels */
1955 freq->freq = hw_get_freq(mode, sec_chan->chan);
1956 freq->sec_channel_offset = -freq->sec_channel_offset;
1957 freq->channel = sec_chan->chan;
1960 freq->sec_channel_offset = 0;
1964 wpa_scan_results_free(scan_res);
1967 wpa_printf(MSG_DEBUG,
1968 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
1969 freq->channel, freq->sec_channel_offset);
1971 if (!drv_supports_vht(wpa_s, ssid))
1974 /* For IBSS check VHT_IBSS flag */
1975 if (ssid->mode == WPAS_MODE_IBSS &&
1976 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
1981 vht_freq.vht_enabled = vht_supported(mode);
1982 if (!vht_freq.vht_enabled)
1985 /* setup center_freq1, bandwidth */
1986 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
1987 if (freq->channel >= vht80[j] &&
1988 freq->channel < vht80[j] + 16)
1992 if (j == ARRAY_SIZE(vht80))
1995 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
1996 struct hostapd_channel_data *chan;
1998 chan = hw_get_channel_chan(mode, i, NULL);
2002 /* Back to HT configuration if channel not usable */
2003 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2007 chwidth = VHT_CHANWIDTH_80MHZ;
2008 seg0 = vht80[j] + 6;
2011 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) {
2012 /* setup center_freq2, bandwidth */
2013 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2014 /* Only accept 80 MHz segments separated by a gap */
2015 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2017 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2018 struct hostapd_channel_data *chan;
2020 chan = hw_get_channel_chan(mode, i, NULL);
2024 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2025 HOSTAPD_CHAN_NO_IR |
2026 HOSTAPD_CHAN_RADAR))
2029 /* Found a suitable second segment for 80+80 */
2030 chwidth = VHT_CHANWIDTH_80P80MHZ;
2032 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2033 seg1 = vht80[k] + 6;
2036 if (chwidth == VHT_CHANWIDTH_80P80MHZ)
2041 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2042 freq->channel, freq->ht_enabled,
2043 vht_freq.vht_enabled,
2044 freq->sec_channel_offset,
2045 chwidth, seg0, seg1, vht_caps) != 0)
2050 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2051 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2055 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
2057 struct wpa_connect_work *cwork = work->ctx;
2058 struct wpa_bss *bss = cwork->bss;
2059 struct wpa_ssid *ssid = cwork->ssid;
2060 struct wpa_supplicant *wpa_s = work->wpa_s;
2063 int use_crypt, ret, i, bssid_changed;
2064 int algs = WPA_AUTH_ALG_OPEN;
2065 unsigned int cipher_pairwise, cipher_group;
2066 struct wpa_driver_associate_params params;
2067 int wep_keys_set = 0;
2068 int assoc_failed = 0;
2069 struct wpa_ssid *old_ssid;
2070 u8 prev_bssid[ETH_ALEN];
2071 #ifdef CONFIG_HT_OVERRIDES
2072 struct ieee80211_ht_capabilities htcaps;
2073 struct ieee80211_ht_capabilities htcaps_mask;
2074 #endif /* CONFIG_HT_OVERRIDES */
2075 #ifdef CONFIG_VHT_OVERRIDES
2076 struct ieee80211_vht_capabilities vhtcaps;
2077 struct ieee80211_vht_capabilities vhtcaps_mask;
2078 #endif /* CONFIG_VHT_OVERRIDES */
2080 const u8 *mbo = NULL;
2081 #endif /* CONFIG_MBO */
2084 if (work->started) {
2085 wpa_s->connect_work = NULL;
2087 /* cancel possible auth. timeout */
2088 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
2091 wpas_connect_work_free(cwork);
2095 wpa_s->connect_work = work;
2097 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
2098 wpas_network_disabled(wpa_s, ssid)) {
2099 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
2100 wpas_connect_work_done(wpa_s);
2104 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
2105 os_memset(¶ms, 0, sizeof(params));
2106 wpa_s->reassociate = 0;
2107 wpa_s->eap_expected_failure = 0;
2109 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
2110 #ifdef CONFIG_IEEE80211R
2111 const u8 *ie, *md = NULL;
2112 #endif /* CONFIG_IEEE80211R */
2113 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
2114 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
2115 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
2116 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
2117 os_memset(wpa_s->bssid, 0, ETH_ALEN);
2118 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
2120 wpas_notify_bssid_changed(wpa_s);
2121 #ifdef CONFIG_IEEE80211R
2122 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2123 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2125 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2127 /* Prepare for the next transition */
2128 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2130 #endif /* CONFIG_IEEE80211R */
2132 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2133 wpa_s->conf->ap_scan == 2 &&
2134 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2135 /* Use ap_scan==1 style network selection to find the network
2137 wpas_connect_work_done(wpa_s);
2138 wpa_s->scan_req = MANUAL_SCAN_REQ;
2139 wpa_s->reassociate = 1;
2140 wpa_supplicant_req_scan(wpa_s, 0, 0);
2142 #endif /* CONFIG_WPS */
2144 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2145 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2146 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2149 wpa_supplicant_cancel_sched_scan(wpa_s);
2151 wpa_supplicant_cancel_scan(wpa_s);
2153 /* Starting new association, so clear the possibly used WPA IE from the
2154 * previous association. */
2155 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2157 #ifdef IEEE8021X_EAPOL
2158 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2160 if (ssid->non_leap == 0)
2161 algs = WPA_AUTH_ALG_LEAP;
2163 algs |= WPA_AUTH_ALG_LEAP;
2166 #endif /* IEEE8021X_EAPOL */
2167 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2168 if (ssid->auth_alg) {
2169 algs = ssid->auth_alg;
2170 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2174 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2175 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2176 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2177 int try_opportunistic;
2178 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2180 ssid->proactive_key_caching) &&
2181 (ssid->proto & WPA_PROTO_RSN);
2182 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2183 ssid, try_opportunistic) == 0)
2184 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2185 wpa_ie_len = sizeof(wpa_ie);
2186 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2187 wpa_ie, &wpa_ie_len)) {
2188 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2189 "key management and encryption suites");
2190 wpas_connect_work_done(wpa_s);
2193 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2194 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2196 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2197 * use non-WPA since the scan results did not indicate that the
2198 * AP is using WPA or WPA2.
2200 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2202 wpa_s->wpa_proto = 0;
2203 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2204 wpa_ie_len = sizeof(wpa_ie);
2205 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2206 wpa_ie, &wpa_ie_len)) {
2207 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2208 "key management and encryption suites (no "
2210 wpas_connect_work_done(wpa_s);
2214 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2215 struct wpabuf *wps_ie;
2216 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2217 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2218 wpa_ie_len = wpabuf_len(wps_ie);
2219 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2222 wpabuf_free(wps_ie);
2223 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2224 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2225 params.wps = WPS_MODE_PRIVACY;
2227 params.wps = WPS_MODE_OPEN;
2228 wpa_s->wpa_proto = 0;
2229 #endif /* CONFIG_WPS */
2231 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2233 wpa_s->wpa_proto = 0;
2237 if (wpa_s->global->p2p) {
2241 pos = wpa_ie + wpa_ie_len;
2242 len = sizeof(wpa_ie) - wpa_ie_len;
2243 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2249 wpa_s->cross_connect_disallowed = 0;
2252 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2254 wpa_s->cross_connect_disallowed =
2255 p2p_get_cross_connect_disallowed(p2p);
2257 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2259 wpa_s->cross_connect_disallowed ?
2260 "disallows" : "allows");
2264 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2265 #endif /* CONFIG_P2P */
2269 mbo = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE);
2273 len = wpas_mbo_supp_op_class_ie(wpa_s, bss->freq,
2274 wpa_ie + wpa_ie_len,
2281 #endif /* CONFIG_MBO */
2284 * Workaround: Add Extended Capabilities element only if the AP
2285 * included this element in Beacon/Probe Response frames. Some older
2286 * APs seem to have interoperability issues if this element is
2287 * included, so while the standard may require us to include the
2288 * element in all cases, it is justifiable to skip it to avoid
2289 * interoperability issues.
2291 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2294 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2296 if (ext_capab_len > 0) {
2298 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2300 os_memmove(pos + ext_capab_len, pos,
2301 wpa_ie_len - (pos - wpa_ie));
2302 wpa_ie_len += ext_capab_len;
2303 os_memcpy(pos, ext_capab, ext_capab_len);
2308 if (is_hs20_network(wpa_s, ssid, bss)) {
2309 struct wpabuf *hs20;
2311 hs20 = wpabuf_alloc(20);
2313 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2316 wpas_hs20_add_indication(hs20, pps_mo_id);
2317 len = sizeof(wpa_ie) - wpa_ie_len;
2318 if (wpabuf_len(hs20) <= len) {
2319 os_memcpy(wpa_ie + wpa_ie_len,
2320 wpabuf_head(hs20), wpabuf_len(hs20));
2321 wpa_ie_len += wpabuf_len(hs20);
2325 hs20_configure_frame_filters(wpa_s);
2328 #endif /* CONFIG_HS20 */
2330 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2331 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2334 len = sizeof(wpa_ie) - wpa_ie_len;
2335 if (wpabuf_len(buf) <= len) {
2336 os_memcpy(wpa_ie + wpa_ie_len,
2337 wpabuf_head(buf), wpabuf_len(buf));
2338 wpa_ie_len += wpabuf_len(buf);
2343 if (wpa_s->fst_ies) {
2344 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2346 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) {
2347 os_memcpy(wpa_ie + wpa_ie_len,
2348 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2349 wpa_ie_len += fst_ies_len;
2352 #endif /* CONFIG_FST */
2358 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
2359 sizeof(wpa_ie) - wpa_ie_len);
2363 #endif /* CONFIG_MBO */
2365 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2367 cipher_pairwise = wpa_s->pairwise_cipher;
2368 cipher_group = wpa_s->group_cipher;
2369 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2370 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2371 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2373 if (wpa_set_wep_keys(wpa_s, ssid)) {
2378 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2381 #ifdef IEEE8021X_EAPOL
2382 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2383 if ((ssid->eapol_flags &
2384 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2385 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2389 /* Assume that dynamic WEP-104 keys will be used and
2390 * set cipher suites in order for drivers to expect
2392 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2395 #endif /* IEEE8021X_EAPOL */
2397 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2398 /* Set the key before (and later after) association */
2399 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2402 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2404 params.ssid = bss->ssid;
2405 params.ssid_len = bss->ssid_len;
2406 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2407 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2408 MACSTR " freq=%u MHz based on scan results "
2410 MAC2STR(bss->bssid), bss->freq,
2412 params.bssid = bss->bssid;
2413 params.freq.freq = bss->freq;
2415 params.bssid_hint = bss->bssid;
2416 params.freq_hint = bss->freq;
2417 params.pbss = bss_is_pbss(bss);
2419 params.ssid = ssid->ssid;
2420 params.ssid_len = ssid->ssid_len;
2421 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
2424 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2425 wpa_s->conf->ap_scan == 2) {
2426 params.bssid = ssid->bssid;
2427 params.fixed_bssid = 1;
2430 /* Initial frequency for IBSS/mesh */
2431 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2432 ssid->frequency > 0 && params.freq.freq == 0)
2433 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
2435 if (ssid->mode == WPAS_MODE_IBSS) {
2436 params.fixed_freq = ssid->fixed_freq;
2437 if (ssid->beacon_int)
2438 params.beacon_int = ssid->beacon_int;
2440 params.beacon_int = wpa_s->conf->beacon_int;
2443 params.wpa_ie = wpa_ie;
2444 params.wpa_ie_len = wpa_ie_len;
2445 params.pairwise_suite = cipher_pairwise;
2446 params.group_suite = cipher_group;
2447 params.key_mgmt_suite = wpa_s->key_mgmt;
2448 params.wpa_proto = wpa_s->wpa_proto;
2449 params.auth_alg = algs;
2450 params.mode = ssid->mode;
2451 params.bg_scan_period = ssid->bg_scan_period;
2452 for (i = 0; i < NUM_WEP_KEYS; i++) {
2453 if (ssid->wep_key_len[i])
2454 params.wep_key[i] = ssid->wep_key[i];
2455 params.wep_key_len[i] = ssid->wep_key_len[i];
2457 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2459 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2460 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2461 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2462 params.passphrase = ssid->passphrase;
2464 params.psk = ssid->psk;
2467 if (wpa_s->conf->key_mgmt_offload) {
2468 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2469 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2470 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2471 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2472 params.req_key_mgmt_offload =
2473 ssid->proactive_key_caching < 0 ?
2474 wpa_s->conf->okc : ssid->proactive_key_caching;
2476 params.req_key_mgmt_offload = 1;
2478 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2479 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2480 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2482 params.psk = ssid->psk;
2485 params.drop_unencrypted = use_crypt;
2487 #ifdef CONFIG_IEEE80211W
2488 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2489 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2490 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2491 struct wpa_ie_data ie;
2492 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2494 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2495 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2496 "MFP: require MFP");
2497 params.mgmt_frame_protection =
2498 MGMT_FRAME_PROTECTION_REQUIRED;
2501 #endif /* CONFIG_IEEE80211W */
2503 params.p2p = ssid->p2p_group;
2505 if (wpa_s->p2pdev->set_sta_uapsd)
2506 params.uapsd = wpa_s->p2pdev->sta_uapsd;
2510 #ifdef CONFIG_HT_OVERRIDES
2511 os_memset(&htcaps, 0, sizeof(htcaps));
2512 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2513 params.htcaps = (u8 *) &htcaps;
2514 params.htcaps_mask = (u8 *) &htcaps_mask;
2515 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
2516 #endif /* CONFIG_HT_OVERRIDES */
2517 #ifdef CONFIG_VHT_OVERRIDES
2518 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2519 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2520 params.vhtcaps = &vhtcaps;
2521 params.vhtcaps_mask = &vhtcaps_mask;
2522 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
2523 #endif /* CONFIG_VHT_OVERRIDES */
2527 * If multi-channel concurrency is not supported, check for any
2528 * frequency conflict. In case of any frequency conflict, remove the
2529 * least prioritized connection.
2531 if (wpa_s->num_multichan_concurrent < 2) {
2533 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2534 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2535 wpa_printf(MSG_DEBUG,
2536 "Assoc conflicting freq found (%d != %d)",
2537 freq, params.freq.freq);
2538 if (wpas_p2p_handle_frequency_conflicts(
2539 wpa_s, params.freq.freq, ssid) < 0) {
2540 wpas_connect_work_done(wpa_s);
2545 #endif /* CONFIG_P2P */
2547 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
2548 wpa_s->current_ssid)
2549 params.prev_bssid = prev_bssid;
2551 ret = wpa_drv_associate(wpa_s, ¶ms);
2553 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2555 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2557 * The driver is known to mean what is saying, so we
2558 * can stop right here; the association will not
2561 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2562 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2563 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2566 /* try to continue anyway; new association will be tried again
2571 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2572 /* Set the key after the association just in case association
2573 * cleared the previously configured key. */
2574 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2575 /* No need to timeout authentication since there is no key
2577 wpa_supplicant_cancel_auth_timeout(wpa_s);
2578 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2579 #ifdef CONFIG_IBSS_RSN
2580 } else if (ssid->mode == WPAS_MODE_IBSS &&
2581 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2582 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2584 * RSN IBSS authentication is per-STA and we can disable the
2585 * per-BSSID authentication.
2587 wpa_supplicant_cancel_auth_timeout(wpa_s);
2588 #endif /* CONFIG_IBSS_RSN */
2590 /* Timeout for IEEE 802.11 authentication and association */
2594 /* give IBSS a bit more time */
2595 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2596 } else if (wpa_s->conf->ap_scan == 1) {
2597 /* give IBSS a bit more time */
2598 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2600 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2604 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2605 /* Set static WEP keys again */
2606 wpa_set_wep_keys(wpa_s, ssid);
2609 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2611 * Do not allow EAP session resumption between different
2612 * network configurations.
2614 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2616 old_ssid = wpa_s->current_ssid;
2617 wpa_s->current_ssid = ssid;
2619 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2620 wpa_s->current_bss = bss;
2622 hs20_configure_frame_filters(wpa_s);
2623 #endif /* CONFIG_HS20 */
2626 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2627 wpa_supplicant_initiate_eapol(wpa_s);
2628 if (old_ssid != wpa_s->current_ssid)
2629 wpas_notify_network_changed(wpa_s);
2633 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2636 struct wpa_ssid *old_ssid;
2638 wpas_connect_work_done(wpa_s);
2639 wpa_clear_keys(wpa_s, addr);
2640 old_ssid = wpa_s->current_ssid;
2641 wpa_supplicant_mark_disassoc(wpa_s);
2642 wpa_sm_set_config(wpa_s->wpa, NULL);
2643 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2644 if (old_ssid != wpa_s->current_ssid)
2645 wpas_notify_network_changed(wpa_s);
2646 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2651 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2652 * @wpa_s: Pointer to wpa_supplicant data
2653 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2655 * This function is used to request %wpa_supplicant to deauthenticate from the
2658 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2662 union wpa_event_data event;
2665 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2666 " pending_bssid=" MACSTR " reason=%d state=%s",
2667 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2668 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2670 if (!is_zero_ether_addr(wpa_s->bssid))
2671 addr = wpa_s->bssid;
2672 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2673 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2674 wpa_s->wpa_state == WPA_ASSOCIATING))
2675 addr = wpa_s->pending_bssid;
2676 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2678 * When using driver-based BSS selection, we may not know the
2679 * BSSID with which we are currently trying to associate. We
2680 * need to notify the driver of this disconnection even in such
2681 * a case, so use the all zeros address here.
2683 addr = wpa_s->bssid;
2688 wpa_tdls_teardown_peers(wpa_s->wpa);
2689 #endif /* CONFIG_TDLS */
2693 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2695 wpa_supplicant_leave_mesh(wpa_s);
2697 #endif /* CONFIG_MESH */
2700 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2701 os_memset(&event, 0, sizeof(event));
2702 event.deauth_info.reason_code = (u16) reason_code;
2703 event.deauth_info.locally_generated = 1;
2704 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2709 wpa_supplicant_clear_connection(wpa_s, addr);
2712 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2713 struct wpa_ssid *ssid)
2715 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2719 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2720 wpas_notify_network_enabled_changed(wpa_s, ssid);
2723 * Try to reassociate since there is no current configuration and a new
2724 * network was made available.
2726 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2727 wpa_s->reassociate = 1;
2732 * wpa_supplicant_enable_network - Mark a configured network as enabled
2733 * @wpa_s: wpa_supplicant structure for a network interface
2734 * @ssid: wpa_ssid structure for a configured network or %NULL
2736 * Enables the specified network or all networks if no network specified.
2738 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2739 struct wpa_ssid *ssid)
2742 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2743 wpa_supplicant_enable_one_network(wpa_s, ssid);
2745 wpa_supplicant_enable_one_network(wpa_s, ssid);
2747 if (wpa_s->reassociate && !wpa_s->disconnected &&
2748 (!wpa_s->current_ssid ||
2749 wpa_s->wpa_state == WPA_DISCONNECTED ||
2750 wpa_s->wpa_state == WPA_SCANNING)) {
2751 if (wpa_s->sched_scanning) {
2752 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2753 "new network to scan filters");
2754 wpa_supplicant_cancel_sched_scan(wpa_s);
2757 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2758 wpa_s->scan_req = NORMAL_SCAN_REQ;
2759 wpa_supplicant_req_scan(wpa_s, 0, 0);
2766 * wpa_supplicant_disable_network - Mark a configured network as disabled
2767 * @wpa_s: wpa_supplicant structure for a network interface
2768 * @ssid: wpa_ssid structure for a configured network or %NULL
2770 * Disables the specified network or all networks if no network specified.
2772 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2773 struct wpa_ssid *ssid)
2775 struct wpa_ssid *other_ssid;
2779 if (wpa_s->sched_scanning)
2780 wpa_supplicant_cancel_sched_scan(wpa_s);
2782 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2783 other_ssid = other_ssid->next) {
2784 was_disabled = other_ssid->disabled;
2785 if (was_disabled == 2)
2786 continue; /* do not change persistent P2P group
2789 other_ssid->disabled = 1;
2791 if (was_disabled != other_ssid->disabled)
2792 wpas_notify_network_enabled_changed(
2795 if (wpa_s->current_ssid)
2796 wpa_supplicant_deauthenticate(
2797 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2798 } else if (ssid->disabled != 2) {
2799 if (ssid == wpa_s->current_ssid)
2800 wpa_supplicant_deauthenticate(
2801 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2803 was_disabled = ssid->disabled;
2807 if (was_disabled != ssid->disabled) {
2808 wpas_notify_network_enabled_changed(wpa_s, ssid);
2809 if (wpa_s->sched_scanning) {
2810 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2811 "to remove network from filters");
2812 wpa_supplicant_cancel_sched_scan(wpa_s);
2813 wpa_supplicant_req_scan(wpa_s, 0, 0);
2821 * wpa_supplicant_select_network - Attempt association with a network
2822 * @wpa_s: wpa_supplicant structure for a network interface
2823 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2825 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2826 struct wpa_ssid *ssid)
2829 struct wpa_ssid *other_ssid;
2830 int disconnected = 0;
2832 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2833 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2834 wpa_s->own_disconnect_req = 1;
2835 wpa_supplicant_deauthenticate(
2836 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2841 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2844 * Mark all other networks disabled or mark all networks enabled if no
2845 * network specified.
2847 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2848 other_ssid = other_ssid->next) {
2849 int was_disabled = other_ssid->disabled;
2850 if (was_disabled == 2)
2851 continue; /* do not change persistent P2P group data */
2853 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2854 if (was_disabled && !other_ssid->disabled)
2855 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2857 if (was_disabled != other_ssid->disabled)
2858 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2861 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
2862 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
2863 /* We are already associated with the selected network */
2864 wpa_printf(MSG_DEBUG, "Already associated with the "
2865 "selected network - do nothing");
2870 wpa_s->current_ssid = ssid;
2871 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2872 wpa_s->connect_without_scan =
2873 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
2876 * Don't optimize next scan freqs since a new ESS has been
2879 os_free(wpa_s->next_scan_freqs);
2880 wpa_s->next_scan_freqs = NULL;
2882 wpa_s->connect_without_scan = NULL;
2885 wpa_s->disconnected = 0;
2886 wpa_s->reassociate = 1;
2888 if (wpa_s->connect_without_scan ||
2889 wpa_supplicant_fast_associate(wpa_s) != 1) {
2890 wpa_s->scan_req = NORMAL_SCAN_REQ;
2891 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2895 wpas_notify_network_selected(wpa_s, ssid);
2900 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2901 * @wpa_s: wpa_supplicant structure for a network interface
2902 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2903 * @pkcs11_module_path: PKCS #11 module path or NULL
2904 * Returns: 0 on success; -1 on failure
2906 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2907 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2908 * module path fails the paths will be reset to the default value (NULL).
2910 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2911 const char *pkcs11_engine_path,
2912 const char *pkcs11_module_path)
2914 char *pkcs11_engine_path_copy = NULL;
2915 char *pkcs11_module_path_copy = NULL;
2917 if (pkcs11_engine_path != NULL) {
2918 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2919 if (pkcs11_engine_path_copy == NULL)
2922 if (pkcs11_module_path != NULL) {
2923 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2924 if (pkcs11_module_path_copy == NULL) {
2925 os_free(pkcs11_engine_path_copy);
2930 os_free(wpa_s->conf->pkcs11_engine_path);
2931 os_free(wpa_s->conf->pkcs11_module_path);
2932 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2933 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2935 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2936 eapol_sm_deinit(wpa_s->eapol);
2937 wpa_s->eapol = NULL;
2938 if (wpa_supplicant_init_eapol(wpa_s)) {
2939 /* Error -> Reset paths to the default value (NULL) once. */
2940 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2941 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2946 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2953 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2954 * @wpa_s: wpa_supplicant structure for a network interface
2955 * @ap_scan: AP scan mode
2956 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2959 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2964 if (ap_scan < 0 || ap_scan > 2)
2967 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
2968 wpa_printf(MSG_INFO,
2969 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
2973 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2974 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2975 wpa_s->wpa_state < WPA_COMPLETED) {
2976 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2977 "associating", wpa_s->conf->ap_scan, ap_scan);
2980 #endif /* ANDROID */
2982 old_ap_scan = wpa_s->conf->ap_scan;
2983 wpa_s->conf->ap_scan = ap_scan;
2985 if (old_ap_scan != wpa_s->conf->ap_scan)
2986 wpas_notify_ap_scan_changed(wpa_s);
2993 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2994 * @wpa_s: wpa_supplicant structure for a network interface
2995 * @expire_age: Expiration age in seconds
2996 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2999 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
3000 unsigned int bss_expire_age)
3002 if (bss_expire_age < 10) {
3003 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
3007 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
3009 wpa_s->conf->bss_expiration_age = bss_expire_age;
3016 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
3017 * @wpa_s: wpa_supplicant structure for a network interface
3018 * @expire_count: number of scans after which an unseen BSS is reclaimed
3019 * Returns: 0 if succeed or -1 if expire_count has an invalid value
3022 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
3023 unsigned int bss_expire_count)
3025 if (bss_expire_count < 1) {
3026 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
3030 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
3032 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
3039 * wpa_supplicant_set_scan_interval - Set scan interval
3040 * @wpa_s: wpa_supplicant structure for a network interface
3041 * @scan_interval: scan interval in seconds
3042 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
3045 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
3048 if (scan_interval < 0) {
3049 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
3053 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
3055 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
3062 * wpa_supplicant_set_debug_params - Set global debug params
3063 * @global: wpa_global structure
3064 * @debug_level: debug level
3065 * @debug_timestamp: determines if show timestamp in debug data
3066 * @debug_show_keys: determines if show keys in debug data
3067 * Returns: 0 if succeed or -1 if debug_level has wrong value
3069 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
3070 int debug_timestamp, int debug_show_keys)
3073 int old_level, old_timestamp, old_show_keys;
3075 /* check for allowed debuglevels */
3076 if (debug_level != MSG_EXCESSIVE &&
3077 debug_level != MSG_MSGDUMP &&
3078 debug_level != MSG_DEBUG &&
3079 debug_level != MSG_INFO &&
3080 debug_level != MSG_WARNING &&
3081 debug_level != MSG_ERROR)
3084 old_level = wpa_debug_level;
3085 old_timestamp = wpa_debug_timestamp;
3086 old_show_keys = wpa_debug_show_keys;
3088 wpa_debug_level = debug_level;
3089 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
3090 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
3092 if (wpa_debug_level != old_level)
3093 wpas_notify_debug_level_changed(global);
3094 if (wpa_debug_timestamp != old_timestamp)
3095 wpas_notify_debug_timestamp_changed(global);
3096 if (wpa_debug_show_keys != old_show_keys)
3097 wpas_notify_debug_show_keys_changed(global);
3104 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
3105 * @wpa_s: Pointer to wpa_supplicant data
3106 * Returns: A pointer to the current network structure or %NULL on failure
3108 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
3110 struct wpa_ssid *entry;
3111 u8 ssid[SSID_MAX_LEN];
3117 res = wpa_drv_get_ssid(wpa_s, ssid);
3119 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
3125 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
3126 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
3131 wired = wpa_s->conf->ap_scan == 0 &&
3132 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
3134 entry = wpa_s->conf->ssid;
3136 if (!wpas_network_disabled(wpa_s, entry) &&
3137 ((ssid_len == entry->ssid_len &&
3138 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
3139 (!entry->bssid_set ||
3140 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3143 if (!wpas_network_disabled(wpa_s, entry) &&
3144 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
3145 (entry->ssid == NULL || entry->ssid_len == 0) &&
3146 (!entry->bssid_set ||
3147 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
3149 #endif /* CONFIG_WPS */
3151 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
3152 entry->ssid_len == 0 &&
3153 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
3156 entry = entry->next;
3163 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3165 struct wpa_global *global = wpa_s->global;
3167 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3168 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
3169 if (global->drv_priv[i] == NULL) {
3170 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3171 "'%s'", wpa_drivers[i]->name);
3176 wpa_s->driver = wpa_drivers[i];
3177 wpa_s->global_drv_priv = global->drv_priv[i];
3183 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3188 const char *pos, *driver = name;
3193 if (wpa_drivers[0] == NULL) {
3194 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3200 /* default to first driver in the list */
3201 return select_driver(wpa_s, 0);
3205 pos = os_strchr(driver, ',');
3209 len = os_strlen(driver);
3211 for (i = 0; wpa_drivers[i]; i++) {
3212 if (os_strlen(wpa_drivers[i]->name) == len &&
3213 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3215 /* First driver that succeeds wins */
3216 if (select_driver(wpa_s, i) == 0)
3224 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3230 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3231 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3232 * with struct wpa_driver_ops::init()
3233 * @src_addr: Source address of the EAPOL frame
3234 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3235 * @len: Length of the EAPOL data
3237 * This function is called for each received EAPOL frame. Most driver
3238 * interfaces rely on more generic OS mechanism for receiving frames through
3239 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3240 * take care of received EAPOL frames and deliver them to the core supplicant
3241 * code by calling this function.
3243 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3244 const u8 *buf, size_t len)
3246 struct wpa_supplicant *wpa_s = ctx;
3248 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3249 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3251 #ifdef CONFIG_PEERKEY
3252 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3253 wpa_s->current_ssid->peerkey &&
3254 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3255 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3256 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3259 #endif /* CONFIG_PEERKEY */
3261 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3262 (wpa_s->last_eapol_matches_bssid &&
3265 #endif /* CONFIG_AP */
3266 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3268 * There is possible race condition between receiving the
3269 * association event and the EAPOL frame since they are coming
3270 * through different paths from the driver. In order to avoid
3271 * issues in trying to process the EAPOL frame before receiving
3272 * association information, lets queue it for processing until
3273 * the association event is received. This may also be needed in
3274 * driver-based roaming case, so also use src_addr != BSSID as a
3275 * trigger if we have previously confirmed that the
3276 * Authenticator uses BSSID as the src_addr (which is not the
3277 * case with wired IEEE 802.1X).
3279 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3280 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3281 wpa_supplicant_state_txt(wpa_s->wpa_state),
3282 MAC2STR(wpa_s->bssid));
3283 wpabuf_free(wpa_s->pending_eapol_rx);
3284 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3285 if (wpa_s->pending_eapol_rx) {
3286 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3287 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3293 wpa_s->last_eapol_matches_bssid =
3294 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3297 if (wpa_s->ap_iface) {
3298 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3301 #endif /* CONFIG_AP */
3303 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3304 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3305 "no key management is configured");
3309 if (wpa_s->eapol_received == 0 &&
3310 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3311 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3312 wpa_s->wpa_state != WPA_COMPLETED) &&
3313 (wpa_s->current_ssid == NULL ||
3314 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3315 /* Timeout for completing IEEE 802.1X and WPA authentication */
3318 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3319 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3320 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3321 /* Use longer timeout for IEEE 802.1X/EAP */
3326 if (wpa_s->current_ssid && wpa_s->current_bss &&
3327 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3328 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3330 * Use shorter timeout if going through WPS AP iteration
3331 * for PIN config method with an AP that does not
3332 * advertise Selected Registrar.
3334 struct wpabuf *wps_ie;
3336 wps_ie = wpa_bss_get_vendor_ie_multi(
3337 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3339 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3341 wpabuf_free(wps_ie);
3343 #endif /* CONFIG_WPS */
3345 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3347 wpa_s->eapol_received++;
3349 if (wpa_s->countermeasures) {
3350 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3355 #ifdef CONFIG_IBSS_RSN
3356 if (wpa_s->current_ssid &&
3357 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3358 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3361 #endif /* CONFIG_IBSS_RSN */
3363 /* Source address of the incoming EAPOL frame could be compared to the
3364 * current BSSID. However, it is possible that a centralized
3365 * Authenticator could be using another MAC address than the BSSID of
3366 * an AP, so just allow any address to be used for now. The replies are
3367 * still sent to the current BSSID (if available), though. */
3369 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3370 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3371 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3373 wpa_drv_poll(wpa_s);
3374 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3375 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3376 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3378 * Set portValid = TRUE here since we are going to skip 4-way
3379 * handshake processing which would normally set portValid. We
3380 * need this to allow the EAPOL state machines to be completed
3381 * without going through EAPOL-Key handshake.
3383 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3388 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3390 if ((!wpa_s->p2p_mgmt ||
3391 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3392 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3393 l2_packet_deinit(wpa_s->l2);
3394 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3395 wpa_drv_get_mac_addr(wpa_s),
3397 wpa_supplicant_rx_eapol, wpa_s, 0);
3398 if (wpa_s->l2 == NULL)
3401 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3403 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3406 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3407 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3411 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3417 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3418 const u8 *buf, size_t len)
3420 struct wpa_supplicant *wpa_s = ctx;
3421 const struct l2_ethhdr *eth;
3423 if (len < sizeof(*eth))
3425 eth = (const struct l2_ethhdr *) buf;
3427 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3428 !(eth->h_dest[0] & 0x01)) {
3429 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3430 " (bridge - not for this interface - ignore)",
3431 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3435 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3436 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3437 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3438 len - sizeof(*eth));
3443 * wpa_supplicant_driver_init - Initialize driver interface parameters
3444 * @wpa_s: Pointer to wpa_supplicant data
3445 * Returns: 0 on success, -1 on failure
3447 * This function is called to initialize driver interface parameters.
3448 * wpa_drv_init() must have been called before this function to initialize the
3451 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3453 static int interface_count = 0;
3455 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3458 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3459 MAC2STR(wpa_s->own_addr));
3460 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3461 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3463 if (wpa_s->bridge_ifname[0]) {
3464 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3465 "interface '%s'", wpa_s->bridge_ifname);
3466 wpa_s->l2_br = l2_packet_init_bridge(
3467 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3468 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3469 if (wpa_s->l2_br == NULL) {
3470 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3471 "connection for the bridge interface '%s'",
3472 wpa_s->bridge_ifname);
3477 if (wpa_s->conf->ap_scan == 2 &&
3478 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3479 wpa_printf(MSG_INFO,
3480 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3483 wpa_clear_keys(wpa_s, NULL);
3485 /* Make sure that TKIP countermeasures are not left enabled (could
3486 * happen if wpa_supplicant is killed during countermeasures. */
3487 wpa_drv_set_countermeasures(wpa_s, 0);
3489 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3490 wpa_drv_flush_pmkid(wpa_s);
3492 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3493 wpa_s->prev_scan_wildcard = 0;
3495 if (wpa_supplicant_enabled_networks(wpa_s)) {
3496 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3497 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3498 interface_count = 0;
3501 if (!wpa_s->p2p_mgmt &&
3502 wpa_supplicant_delayed_sched_scan(wpa_s,
3503 interface_count % 3,
3505 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3507 #endif /* ANDROID */
3510 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3516 static int wpa_supplicant_daemon(const char *pid_file)
3518 wpa_printf(MSG_DEBUG, "Daemonize..");
3519 return os_daemonize(pid_file);
3523 static struct wpa_supplicant *
3524 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3526 struct wpa_supplicant *wpa_s;
3528 wpa_s = os_zalloc(sizeof(*wpa_s));
3531 wpa_s->scan_req = INITIAL_SCAN_REQ;
3532 wpa_s->scan_interval = 5;
3533 wpa_s->new_connection = 1;
3534 wpa_s->parent = parent ? parent : wpa_s;
3535 wpa_s->p2pdev = wpa_s->parent;
3536 wpa_s->sched_scanning = 0;
3538 dl_list_init(&wpa_s->bss_tmp_disallowed);
3544 #ifdef CONFIG_HT_OVERRIDES
3546 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3547 struct ieee80211_ht_capabilities *htcaps,
3548 struct ieee80211_ht_capabilities *htcaps_mask,
3551 /* parse ht_mcs into hex array */
3553 const char *tmp = ht_mcs;
3556 /* If ht_mcs is null, do not set anything */
3560 /* This is what we are setting in the kernel */
3561 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3563 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3565 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3567 long v = strtol(tmp, &end, 16);
3569 wpa_msg(wpa_s, MSG_DEBUG,
3570 "htcap value[%i]: %ld end: %p tmp: %p",
3575 htcaps->supported_mcs_set[i] = v;
3578 wpa_msg(wpa_s, MSG_ERROR,
3579 "Failed to parse ht-mcs: %s, error: %s\n",
3580 ht_mcs, strerror(errno));
3586 * If we were able to parse any values, then set mask for the MCS set.
3589 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3590 IEEE80211_HT_MCS_MASK_LEN - 1);
3591 /* skip the 3 reserved bits */
3592 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3600 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3601 struct ieee80211_ht_capabilities *htcaps,
3602 struct ieee80211_ht_capabilities *htcaps_mask,
3607 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3612 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3613 htcaps_mask->ht_capabilities_info |= msk;
3615 htcaps->ht_capabilities_info &= msk;
3617 htcaps->ht_capabilities_info |= msk;
3623 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3624 struct ieee80211_ht_capabilities *htcaps,
3625 struct ieee80211_ht_capabilities *htcaps_mask,
3628 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3633 if (factor < 0 || factor > 3) {
3634 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3635 "Must be 0-3 or -1", factor);
3639 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3640 htcaps->a_mpdu_params &= ~0x3;
3641 htcaps->a_mpdu_params |= factor & 0x3;
3647 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3648 struct ieee80211_ht_capabilities *htcaps,
3649 struct ieee80211_ht_capabilities *htcaps_mask,
3652 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3657 if (density < 0 || density > 7) {
3658 wpa_msg(wpa_s, MSG_ERROR,
3659 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3664 htcaps_mask->a_mpdu_params |= 0x1C;
3665 htcaps->a_mpdu_params &= ~(0x1C);
3666 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3672 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3673 struct ieee80211_ht_capabilities *htcaps,
3674 struct ieee80211_ht_capabilities *htcaps_mask,
3677 /* Masking these out disables HT40 */
3678 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3679 HT_CAP_INFO_SHORT_GI40MHZ);
3681 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3684 htcaps->ht_capabilities_info &= ~msk;
3686 htcaps->ht_capabilities_info |= msk;
3688 htcaps_mask->ht_capabilities_info |= msk;
3694 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3695 struct ieee80211_ht_capabilities *htcaps,
3696 struct ieee80211_ht_capabilities *htcaps_mask,
3699 /* Masking these out disables SGI */
3700 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3701 HT_CAP_INFO_SHORT_GI40MHZ);
3703 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3706 htcaps->ht_capabilities_info &= ~msk;
3708 htcaps->ht_capabilities_info |= msk;
3710 htcaps_mask->ht_capabilities_info |= msk;
3716 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3717 struct ieee80211_ht_capabilities *htcaps,
3718 struct ieee80211_ht_capabilities *htcaps_mask,
3721 /* Masking these out disables LDPC */
3722 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3724 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3727 htcaps->ht_capabilities_info &= ~msk;
3729 htcaps->ht_capabilities_info |= msk;
3731 htcaps_mask->ht_capabilities_info |= msk;
3737 void wpa_supplicant_apply_ht_overrides(
3738 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3739 struct wpa_driver_associate_params *params)
3741 struct ieee80211_ht_capabilities *htcaps;
3742 struct ieee80211_ht_capabilities *htcaps_mask;
3747 params->disable_ht = ssid->disable_ht;
3748 if (!params->htcaps || !params->htcaps_mask)
3751 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3752 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3753 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3754 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3755 ssid->disable_max_amsdu);
3756 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3757 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3758 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3759 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3760 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3762 if (ssid->ht40_intolerant) {
3763 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3764 htcaps->ht_capabilities_info |= bit;
3765 htcaps_mask->ht_capabilities_info |= bit;
3769 #endif /* CONFIG_HT_OVERRIDES */
3772 #ifdef CONFIG_VHT_OVERRIDES
3773 void wpa_supplicant_apply_vht_overrides(
3774 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3775 struct wpa_driver_associate_params *params)
3777 struct ieee80211_vht_capabilities *vhtcaps;
3778 struct ieee80211_vht_capabilities *vhtcaps_mask;
3783 params->disable_vht = ssid->disable_vht;
3785 vhtcaps = (void *) params->vhtcaps;
3786 vhtcaps_mask = (void *) params->vhtcaps_mask;
3788 if (!vhtcaps || !vhtcaps_mask)
3791 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3792 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3794 #ifdef CONFIG_HT_OVERRIDES
3795 /* if max ampdu is <= 3, we have to make the HT cap the same */
3796 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3799 max_ampdu = (ssid->vht_capa &
3800 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3801 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3803 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3804 wpa_set_ampdu_factor(wpa_s,
3805 (void *) params->htcaps,
3806 (void *) params->htcaps_mask,
3809 #endif /* CONFIG_HT_OVERRIDES */
3811 #define OVERRIDE_MCS(i) \
3812 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3813 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3815 vhtcaps->vht_supported_mcs_set.tx_map |= \
3816 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3818 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3819 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3821 vhtcaps->vht_supported_mcs_set.rx_map |= \
3822 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3834 #endif /* CONFIG_VHT_OVERRIDES */
3837 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3842 if (!wpa_s->conf->pcsc_reader)
3845 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3849 if (wpa_s->conf->pcsc_pin &&
3850 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3851 scard_deinit(wpa_s->scard);
3852 wpa_s->scard = NULL;
3853 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3857 len = sizeof(wpa_s->imsi) - 1;
3858 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3859 scard_deinit(wpa_s->scard);
3860 wpa_s->scard = NULL;
3861 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3864 wpa_s->imsi[len] = '\0';
3866 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3868 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3869 wpa_s->imsi, wpa_s->mnc_len);
3871 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3872 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3873 #endif /* PCSC_FUNCS */
3879 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3883 ext_password_deinit(wpa_s->ext_pw);
3884 wpa_s->ext_pw = NULL;
3885 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3887 if (!wpa_s->conf->ext_password_backend)
3890 val = os_strdup(wpa_s->conf->ext_password_backend);
3893 pos = os_strchr(val, ':');
3897 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3899 wpa_s->ext_pw = ext_password_init(val, pos);
3901 if (wpa_s->ext_pw == NULL) {
3902 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3905 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3913 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
3915 struct wpa_supplicant *wpa_s = ctx;
3917 return (is_zero_ether_addr(wpa_s->bssid) ||
3918 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
3922 static void wpas_fst_get_channel_info_cb(void *ctx,
3923 enum hostapd_hw_mode *hw_mode,
3926 struct wpa_supplicant *wpa_s = ctx;
3928 if (wpa_s->current_bss) {
3929 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
3931 } else if (wpa_s->hw.num_modes) {
3932 *hw_mode = wpa_s->hw.modes[0].mode;
3940 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
3942 struct wpa_supplicant *wpa_s = ctx;
3944 *modes = wpa_s->hw.modes;
3945 return wpa_s->hw.num_modes;
3949 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
3951 struct wpa_supplicant *wpa_s = ctx;
3953 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
3954 wpa_s->fst_ies = fst_ies;
3958 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
3960 struct wpa_supplicant *wpa_s = ctx;
3962 WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0);
3963 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
3964 wpa_s->own_addr, wpa_s->bssid,
3965 wpabuf_head(data), wpabuf_len(data),
3970 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
3972 struct wpa_supplicant *wpa_s = ctx;
3974 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
3975 return wpa_s->received_mb_ies;
3979 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
3980 const u8 *buf, size_t size)
3982 struct wpa_supplicant *wpa_s = ctx;
3983 struct mb_ies_info info;
3985 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
3987 if (!mb_ies_info_by_ies(&info, buf, size)) {
3988 wpabuf_free(wpa_s->received_mb_ies);
3989 wpa_s->received_mb_ies = mb_ies_by_info(&info);
3994 const u8 * wpas_fst_get_peer_first(void *ctx, struct fst_get_peer_ctx **get_ctx,
3997 struct wpa_supplicant *wpa_s = ctx;
4000 if (!is_zero_ether_addr(wpa_s->bssid))
4001 return (wpa_s->received_mb_ies || !mb_only) ?
4002 wpa_s->bssid : NULL;
4007 const u8 * wpas_fst_get_peer_next(void *ctx, struct fst_get_peer_ctx **get_ctx,
4013 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
4014 struct fst_wpa_obj *iface_obj)
4016 iface_obj->ctx = wpa_s;
4017 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
4018 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
4019 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
4020 iface_obj->set_ies = wpas_fst_set_ies_cb;
4021 iface_obj->send_action = wpas_fst_send_action_cb;
4022 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
4023 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
4024 iface_obj->get_peer_first = wpas_fst_get_peer_first;
4025 iface_obj->get_peer_next = wpas_fst_get_peer_next;
4027 #endif /* CONFIG_FST */
4029 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
4030 const struct wpa_driver_capa *capa)
4032 struct wowlan_triggers *triggers;
4035 if (!wpa_s->conf->wowlan_triggers)
4038 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
4040 ret = wpa_drv_wowlan(wpa_s, triggers);
4047 enum wpa_radio_work_band wpas_freq_to_band(int freq)
4050 return BAND_2_4_GHZ;
4057 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
4060 unsigned int band = 0;
4063 /* freqs are specified for the radio work */
4064 for (i = 0; freqs[i]; i++)
4065 band |= wpas_freq_to_band(freqs[i]);
4068 * freqs are not specified, implies all
4069 * the supported freqs by HW
4071 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4072 if (wpa_s->hw.modes[i].num_channels != 0) {
4073 if (wpa_s->hw.modes[i].mode ==
4074 HOSTAPD_MODE_IEEE80211B ||
4075 wpa_s->hw.modes[i].mode ==
4076 HOSTAPD_MODE_IEEE80211G)
4077 band |= BAND_2_4_GHZ;
4078 else if (wpa_s->hw.modes[i].mode ==
4079 HOSTAPD_MODE_IEEE80211A)
4081 else if (wpa_s->hw.modes[i].mode ==
4082 HOSTAPD_MODE_IEEE80211AD)
4083 band |= BAND_60_GHZ;
4084 else if (wpa_s->hw.modes[i].mode ==
4085 HOSTAPD_MODE_IEEE80211ANY)
4086 band = BAND_2_4_GHZ | BAND_5_GHZ |
4096 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
4099 struct wpa_supplicant *iface = wpa_s->global->ifaces;
4100 struct wpa_radio *radio;
4102 while (rn && iface) {
4103 radio = iface->radio;
4104 if (radio && os_strcmp(rn, radio->name) == 0) {
4105 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
4107 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4111 iface = iface->next;
4114 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
4115 wpa_s->ifname, rn ? rn : "N/A");
4116 radio = os_zalloc(sizeof(*radio));
4121 os_strlcpy(radio->name, rn, sizeof(radio->name));
4122 dl_list_init(&radio->ifaces);
4123 dl_list_init(&radio->work);
4124 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
4130 static void radio_work_free(struct wpa_radio_work *work)
4132 if (work->wpa_s->scan_work == work) {
4133 /* This should not really happen. */
4134 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
4135 work->type, work, work->started);
4136 work->wpa_s->scan_work = NULL;
4140 if (work->wpa_s->p2p_scan_work == work) {
4141 /* This should not really happen. */
4142 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
4143 work->type, work, work->started);
4144 work->wpa_s->p2p_scan_work = NULL;
4146 #endif /* CONFIG_P2P */
4148 if (work->started) {
4149 work->wpa_s->radio->num_active_works--;
4150 wpa_dbg(work->wpa_s, MSG_DEBUG,
4151 "radio_work_free('%s'@%p: num_active_works --> %u",
4153 work->wpa_s->radio->num_active_works);
4156 dl_list_del(&work->list);
4161 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
4163 struct wpa_radio_work *active_work = NULL;
4164 struct wpa_radio_work *tmp;
4166 /* Get the active work to know the type and band. */
4167 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4175 /* No active work, start one */
4176 radio->num_active_works = 0;
4177 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4179 if (os_strcmp(tmp->type, "scan") == 0 &&
4180 radio->external_scan_running &&
4181 (((struct wpa_driver_scan_params *)
4182 tmp->ctx)->only_new_results ||
4183 tmp->wpa_s->clear_driver_scan_cache))
4190 if (os_strcmp(active_work->type, "sme-connect") == 0 ||
4191 os_strcmp(active_work->type, "connect") == 0) {
4193 * If the active work is either connect or sme-connect,
4194 * do not parallelize them with other radio works.
4196 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4197 "Do not parallelize radio work with %s",
4202 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4207 * If connect or sme-connect are enqueued, parallelize only
4208 * those operations ahead of them in the queue.
4210 if (os_strcmp(tmp->type, "connect") == 0 ||
4211 os_strcmp(tmp->type, "sme-connect") == 0)
4215 * Check that the radio works are distinct and
4216 * on different bands.
4218 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4219 (active_work->bands != tmp->bands)) {
4221 * If a scan has to be scheduled through nl80211 scan
4222 * interface and if an external scan is already running,
4223 * do not schedule the scan since it is likely to get
4224 * rejected by kernel.
4226 if (os_strcmp(tmp->type, "scan") == 0 &&
4227 radio->external_scan_running &&
4228 (((struct wpa_driver_scan_params *)
4229 tmp->ctx)->only_new_results ||
4230 tmp->wpa_s->clear_driver_scan_cache))
4233 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4234 "active_work:%s new_work:%s",
4235 active_work->type, tmp->type);
4240 /* Did not find a radio work to schedule in parallel. */
4245 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4247 struct wpa_radio *radio = eloop_ctx;
4248 struct wpa_radio_work *work;
4249 struct os_reltime now, diff;
4250 struct wpa_supplicant *wpa_s;
4252 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4254 radio->num_active_works = 0;
4258 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4262 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4264 return; /* already started and still in progress */
4266 if (wpa_s && wpa_s->radio->external_scan_running) {
4267 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4272 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4273 /* get the work to schedule next */
4274 work = radio_work_get_next_work(radio);
4280 wpa_s = work->wpa_s;
4281 os_get_reltime(&now);
4282 os_reltime_sub(&now, &work->time, &diff);
4283 wpa_dbg(wpa_s, MSG_DEBUG,
4284 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4285 work->type, work, diff.sec, diff.usec);
4288 radio->num_active_works++;
4292 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4293 radio->num_active_works < MAX_ACTIVE_WORKS)
4294 radio_work_check_next(wpa_s);
4299 * This function removes both started and pending radio works running on
4300 * the provided interface's radio.
4301 * Prior to the removal of the radio work, its callback (cb) is called with
4302 * deinit set to be 1. Each work's callback is responsible for clearing its
4303 * internal data and restoring to a correct state.
4304 * @wpa_s: wpa_supplicant data
4305 * @type: type of works to be removed
4306 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4307 * this interface's works.
4309 void radio_remove_works(struct wpa_supplicant *wpa_s,
4310 const char *type, int remove_all)
4312 struct wpa_radio_work *work, *tmp;
4313 struct wpa_radio *radio = wpa_s->radio;
4315 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4317 if (type && os_strcmp(type, work->type) != 0)
4320 /* skip other ifaces' works */
4321 if (!remove_all && work->wpa_s != wpa_s)
4324 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
4325 work->type, work, work->started ? " (started)" : "");
4327 radio_work_free(work);
4330 /* in case we removed the started work */
4331 radio_work_check_next(wpa_s);
4335 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4337 struct wpa_radio *radio = wpa_s->radio;
4342 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4343 wpa_s->ifname, radio->name);
4344 dl_list_del(&wpa_s->radio_list);
4345 radio_remove_works(wpa_s, NULL, 0);
4346 wpa_s->radio = NULL;
4347 if (!dl_list_empty(&radio->ifaces))
4348 return; /* Interfaces remain for this radio */
4350 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4351 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4356 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4358 struct wpa_radio *radio = wpa_s->radio;
4360 if (dl_list_empty(&radio->work))
4362 if (wpa_s->ext_work_in_progress) {
4363 wpa_printf(MSG_DEBUG,
4364 "External radio work in progress - delay start of pending item");
4367 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4368 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4373 * radio_add_work - Add a radio work item
4374 * @wpa_s: Pointer to wpa_supplicant data
4375 * @freq: Frequency of the offchannel operation in MHz or 0
4376 * @type: Unique identifier for each type of work
4377 * @next: Force as the next work to be executed
4378 * @cb: Callback function for indicating when radio is available
4379 * @ctx: Context pointer for the work (work->ctx in cb())
4380 * Returns: 0 on success, -1 on failure
4382 * This function is used to request time for an operation that requires
4383 * exclusive radio control. Once the radio is available, the registered callback
4384 * function will be called. radio_work_done() must be called once the exclusive
4385 * radio operation has been completed, so that the radio is freed for other
4386 * operations. The special case of deinit=1 is used to free the context data
4387 * during interface removal. That does not allow the callback function to start
4388 * the radio operation, i.e., it must free any resources allocated for the radio
4391 * The @freq parameter can be used to indicate a single channel on which the
4392 * offchannel operation will occur. This may allow multiple radio work
4393 * operations to be performed in parallel if they apply for the same channel.
4394 * Setting this to 0 indicates that the work item may use multiple channels or
4395 * requires exclusive control of the radio.
4397 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4398 const char *type, int next,
4399 void (*cb)(struct wpa_radio_work *work, int deinit),
4402 struct wpa_radio *radio = wpa_s->radio;
4403 struct wpa_radio_work *work;
4406 work = os_zalloc(sizeof(*work));
4409 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4410 os_get_reltime(&work->time);
4413 work->wpa_s = wpa_s;
4418 work->bands = wpas_freq_to_band(freq);
4419 else if (os_strcmp(type, "scan") == 0 ||
4420 os_strcmp(type, "p2p-scan") == 0)
4421 work->bands = wpas_get_bands(wpa_s,
4422 ((struct wpa_driver_scan_params *)
4425 work->bands = wpas_get_bands(wpa_s, NULL);
4427 was_empty = dl_list_empty(&wpa_s->radio->work);
4429 dl_list_add(&wpa_s->radio->work, &work->list);
4431 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4433 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4434 radio_work_check_next(wpa_s);
4435 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
4436 && radio->num_active_works < MAX_ACTIVE_WORKS) {
4437 wpa_dbg(wpa_s, MSG_DEBUG,
4438 "Try to schedule a radio work (num_active_works=%u)",
4439 radio->num_active_works);
4440 radio_work_check_next(wpa_s);
4448 * radio_work_done - Indicate that a radio work item has been completed
4449 * @work: Completed work
4451 * This function is called once the callback function registered with
4452 * radio_add_work() has completed its work.
4454 void radio_work_done(struct wpa_radio_work *work)
4456 struct wpa_supplicant *wpa_s = work->wpa_s;
4457 struct os_reltime now, diff;
4458 unsigned int started = work->started;
4460 os_get_reltime(&now);
4461 os_reltime_sub(&now, &work->time, &diff);
4462 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4463 work->type, work, started ? "done" : "canceled",
4464 diff.sec, diff.usec);
4465 radio_work_free(work);
4467 radio_work_check_next(wpa_s);
4471 struct wpa_radio_work *
4472 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
4474 struct wpa_radio_work *work;
4475 struct wpa_radio *radio = wpa_s->radio;
4477 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
4478 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
4486 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
4487 struct wpa_interface *iface)
4489 const char *ifname, *driver, *rn;
4491 driver = iface->driver;
4493 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
4496 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
4497 if (wpa_s->drv_priv == NULL) {
4499 pos = driver ? os_strchr(driver, ',') : NULL;
4501 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
4502 "driver interface - try next driver wrapper");
4506 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4510 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4511 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4512 "driver_param '%s'", wpa_s->conf->driver_param);
4516 ifname = wpa_drv_get_ifname(wpa_s);
4517 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4518 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4519 "interface name with '%s'", ifname);
4520 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4523 rn = wpa_driver_get_radio_name(wpa_s);
4524 if (rn && rn[0] == '\0')
4527 wpa_s->radio = radio_add_interface(wpa_s, rn);
4528 if (wpa_s->radio == NULL)
4535 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4536 struct wpa_interface *iface)
4538 struct wpa_driver_capa capa;
4541 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4542 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4543 iface->confname ? iface->confname : "N/A",
4544 iface->driver ? iface->driver : "default",
4545 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4546 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4548 if (iface->confname) {
4549 #ifdef CONFIG_BACKEND_FILE
4550 wpa_s->confname = os_rel2abs_path(iface->confname);
4551 if (wpa_s->confname == NULL) {
4552 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4553 "for configuration file '%s'.",
4557 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4558 iface->confname, wpa_s->confname);
4559 #else /* CONFIG_BACKEND_FILE */
4560 wpa_s->confname = os_strdup(iface->confname);
4561 #endif /* CONFIG_BACKEND_FILE */
4562 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4563 if (wpa_s->conf == NULL) {
4564 wpa_printf(MSG_ERROR, "Failed to read or parse "
4565 "configuration '%s'.", wpa_s->confname);
4568 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4569 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4572 * Override ctrl_interface and driver_param if set on command
4575 if (iface->ctrl_interface) {
4576 os_free(wpa_s->conf->ctrl_interface);
4577 wpa_s->conf->ctrl_interface =
4578 os_strdup(iface->ctrl_interface);
4581 if (iface->driver_param) {
4582 os_free(wpa_s->conf->driver_param);
4583 wpa_s->conf->driver_param =
4584 os_strdup(iface->driver_param);
4587 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4588 os_free(wpa_s->conf->ctrl_interface);
4589 wpa_s->conf->ctrl_interface = NULL;
4592 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4593 iface->driver_param);
4595 if (wpa_s->conf == NULL) {
4596 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4600 if (iface->ifname == NULL) {
4601 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4604 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4605 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4609 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4611 if (iface->bridge_ifname) {
4612 if (os_strlen(iface->bridge_ifname) >=
4613 sizeof(wpa_s->bridge_ifname)) {
4614 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4615 "name '%s'.", iface->bridge_ifname);
4618 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4619 sizeof(wpa_s->bridge_ifname));
4622 /* RSNA Supplicant Key Management - INITIALIZE */
4623 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4624 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4626 /* Initialize driver interface and register driver event handler before
4627 * L2 receive handler so that association events are processed before
4628 * EAPOL-Key packets if both become available for the same select()
4630 if (wpas_init_driver(wpa_s, iface) < 0)
4633 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4636 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4637 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4639 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4641 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4642 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4643 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4644 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4645 "dot11RSNAConfigPMKLifetime");
4649 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4650 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4651 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4652 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4653 "dot11RSNAConfigPMKReauthThreshold");
4657 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4658 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4659 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4660 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4661 "dot11RSNAConfigSATimeout");
4665 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4666 &wpa_s->hw.num_modes,
4668 if (wpa_s->hw.modes) {
4671 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4672 if (wpa_s->hw.modes[i].vht_capab) {
4673 wpa_s->hw_capab = CAPAB_VHT;
4677 if (wpa_s->hw.modes[i].ht_capab &
4678 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4679 wpa_s->hw_capab = CAPAB_HT40;
4680 else if (wpa_s->hw.modes[i].ht_capab &&
4681 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4682 wpa_s->hw_capab = CAPAB_HT;
4686 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4687 if (capa_res == 0) {
4688 wpa_s->drv_capa_known = 1;
4689 wpa_s->drv_flags = capa.flags;
4690 wpa_s->drv_enc = capa.enc;
4691 wpa_s->drv_smps_modes = capa.smps_modes;
4692 wpa_s->drv_rrm_flags = capa.rrm_flags;
4693 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4694 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4695 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4696 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
4697 wpa_s->max_sched_scan_plan_interval =
4698 capa.max_sched_scan_plan_interval;
4699 wpa_s->max_sched_scan_plan_iterations =
4700 capa.max_sched_scan_plan_iterations;
4701 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4702 wpa_s->max_match_sets = capa.max_match_sets;
4703 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4704 wpa_s->max_stations = capa.max_stations;
4705 wpa_s->extended_capa = capa.extended_capa;
4706 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4707 wpa_s->extended_capa_len = capa.extended_capa_len;
4708 wpa_s->num_multichan_concurrent =
4709 capa.num_multichan_concurrent;
4710 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4712 if (capa.mac_addr_rand_scan_supported)
4713 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4714 if (wpa_s->sched_scan_supported &&
4715 capa.mac_addr_rand_sched_scan_supported)
4716 wpa_s->mac_addr_rand_supported |=
4717 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4719 if (wpa_s->max_remain_on_chan == 0)
4720 wpa_s->max_remain_on_chan = 1000;
4723 * Only take p2p_mgmt parameters when P2P Device is supported.
4724 * Doing it here as it determines whether l2_packet_init() will be done
4725 * during wpa_supplicant_driver_init().
4727 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4728 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4730 iface->p2p_mgmt = 1;
4732 if (wpa_s->num_multichan_concurrent == 0)
4733 wpa_s->num_multichan_concurrent = 1;
4735 if (wpa_supplicant_driver_init(wpa_s) < 0)
4739 if ((!iface->p2p_mgmt ||
4740 !(wpa_s->drv_flags &
4741 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4742 wpa_tdls_init(wpa_s->wpa))
4744 #endif /* CONFIG_TDLS */
4746 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4747 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4748 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4753 if (wpa_s->conf->fst_group_id) {
4754 struct fst_iface_cfg cfg;
4755 struct fst_wpa_obj iface_obj;
4757 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
4758 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
4759 sizeof(cfg.group_id));
4760 cfg.priority = wpa_s->conf->fst_priority;
4761 cfg.llt = wpa_s->conf->fst_llt;
4763 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
4766 wpa_msg(wpa_s, MSG_ERROR,
4767 "FST: Cannot attach iface %s to group %s",
4768 wpa_s->ifname, cfg.group_id);
4772 #endif /* CONFIG_FST */
4774 if (wpas_wps_init(wpa_s))
4777 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4779 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4781 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4782 if (wpa_s->ctrl_iface == NULL) {
4783 wpa_printf(MSG_ERROR,
4784 "Failed to initialize control interface '%s'.\n"
4785 "You may have another wpa_supplicant process "
4786 "already running or the file was\n"
4787 "left by an unclean termination of wpa_supplicant "
4788 "in which case you will need\n"
4789 "to manually remove this file before starting "
4790 "wpa_supplicant again.\n",
4791 wpa_s->conf->ctrl_interface);
4795 wpa_s->gas = gas_query_init(wpa_s);
4796 if (wpa_s->gas == NULL) {
4797 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4801 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4802 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4806 if (wpa_bss_init(wpa_s) < 0)
4810 * Set Wake-on-WLAN triggers, if configured.
4811 * Note: We don't restore/remove the triggers on shutdown (it doesn't
4812 * have effect anyway when the interface is down).
4814 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
4817 #ifdef CONFIG_EAP_PROXY
4820 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
4822 if (wpa_s->mnc_len > 0) {
4823 wpa_s->imsi[len] = '\0';
4824 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
4825 wpa_s->imsi, wpa_s->mnc_len);
4827 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
4830 #endif /* CONFIG_EAP_PROXY */
4832 if (pcsc_reader_init(wpa_s) < 0)
4835 if (wpas_init_ext_pw(wpa_s) < 0)
4838 wpas_rrm_reset(wpa_s);
4840 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
4844 #endif /* CONFIG_HS20 */
4846 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
4847 #endif /* CONFIG_MBO */
4853 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
4854 int notify, int terminate)
4856 struct wpa_global *global = wpa_s->global;
4857 struct wpa_supplicant *iface, *prev;
4859 if (wpa_s == wpa_s->parent)
4860 wpas_p2p_group_remove(wpa_s, "*");
4862 iface = global->ifaces;
4864 if (iface->p2pdev == wpa_s)
4865 iface->p2pdev = iface->parent;
4866 if (iface == wpa_s || iface->parent != wpa_s) {
4867 iface = iface->next;
4870 wpa_printf(MSG_DEBUG,
4871 "Remove remaining child interface %s from parent %s",
4872 iface->ifname, wpa_s->ifname);
4874 iface = iface->next;
4875 wpa_supplicant_remove_iface(global, prev, terminate);
4878 wpa_s->disconnected = 1;
4879 if (wpa_s->drv_priv) {
4880 wpa_supplicant_deauthenticate(wpa_s,
4881 WLAN_REASON_DEAUTH_LEAVING);
4883 wpa_drv_set_countermeasures(wpa_s, 0);
4884 wpa_clear_keys(wpa_s, NULL);
4887 wpa_supplicant_cleanup(wpa_s);
4888 wpas_p2p_deinit_iface(wpa_s);
4890 wpas_ctrl_radio_work_flush(wpa_s);
4891 radio_remove_interface(wpa_s);
4895 fst_detach(wpa_s->fst);
4898 if (wpa_s->received_mb_ies) {
4899 wpabuf_free(wpa_s->received_mb_ies);
4900 wpa_s->received_mb_ies = NULL;
4902 #endif /* CONFIG_FST */
4904 if (wpa_s->drv_priv)
4905 wpa_drv_deinit(wpa_s);
4908 wpas_notify_iface_removed(wpa_s);
4911 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
4913 if (wpa_s->ctrl_iface) {
4914 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
4915 wpa_s->ctrl_iface = NULL;
4920 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
4921 wpa_s->ifmsh = NULL;
4923 #endif /* CONFIG_MESH */
4925 if (wpa_s->conf != NULL) {
4926 wpa_config_free(wpa_s->conf);
4930 os_free(wpa_s->ssids_from_scan_req);
4936 #ifdef CONFIG_MATCH_IFACE
4939 * wpa_supplicant_match_iface - Match an interface description to a name
4940 * @global: Pointer to global data from wpa_supplicant_init()
4941 * @ifname: Name of the interface to match
4942 * Returns: Pointer to the created interface description or %NULL on failure
4944 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
4948 struct wpa_interface *iface, *miface;
4950 for (i = 0; i < global->params.match_iface_count; i++) {
4951 miface = &global->params.match_ifaces[i];
4952 if (!miface->ifname ||
4953 fnmatch(miface->ifname, ifname, 0) == 0) {
4954 iface = os_zalloc(sizeof(*iface));
4958 iface->ifname = ifname;
4968 * wpa_supplicant_match_existing - Match existing interfaces
4969 * @global: Pointer to global data from wpa_supplicant_init()
4970 * Returns: 0 on success, -1 on failure
4972 static int wpa_supplicant_match_existing(struct wpa_global *global)
4974 struct if_nameindex *ifi, *ifp;
4975 struct wpa_supplicant *wpa_s;
4976 struct wpa_interface *iface;
4978 ifp = if_nameindex();
4980 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
4984 for (ifi = ifp; ifi->if_name; ifi++) {
4985 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
4988 iface = wpa_supplicant_match_iface(global, ifi->if_name);
4990 wpa_s = wpa_supplicant_add_iface(global, iface, NULL);
4997 if_freenameindex(ifp);
5001 #endif /* CONFIG_MATCH_IFACE */
5005 * wpa_supplicant_add_iface - Add a new network interface
5006 * @global: Pointer to global data from wpa_supplicant_init()
5007 * @iface: Interface configuration options
5008 * @parent: Parent interface or %NULL to assign new interface as parent
5009 * Returns: Pointer to the created interface or %NULL on failure
5011 * This function is used to add new network interfaces for %wpa_supplicant.
5012 * This can be called before wpa_supplicant_run() to add interfaces before the
5013 * main event loop has been started. In addition, new interfaces can be added
5014 * dynamically while %wpa_supplicant is already running. This could happen,
5015 * e.g., when a hotplug network adapter is inserted.
5017 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
5018 struct wpa_interface *iface,
5019 struct wpa_supplicant *parent)
5021 struct wpa_supplicant *wpa_s;
5022 struct wpa_interface t_iface;
5023 struct wpa_ssid *ssid;
5025 if (global == NULL || iface == NULL)
5028 wpa_s = wpa_supplicant_alloc(parent);
5032 wpa_s->global = global;
5035 if (global->params.override_driver) {
5036 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
5038 iface->driver, global->params.override_driver);
5039 t_iface.driver = global->params.override_driver;
5041 if (global->params.override_ctrl_interface) {
5042 wpa_printf(MSG_DEBUG, "Override interface parameter: "
5043 "ctrl_interface ('%s' -> '%s')",
5044 iface->ctrl_interface,
5045 global->params.override_ctrl_interface);
5046 t_iface.ctrl_interface =
5047 global->params.override_ctrl_interface;
5049 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
5050 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
5052 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
5056 if (iface->p2p_mgmt == 0) {
5057 /* Notify the control interfaces about new iface */
5058 if (wpas_notify_iface_added(wpa_s)) {
5059 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
5063 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5064 wpas_notify_network_added(wpa_s, ssid);
5067 wpa_s->next = global->ifaces;
5068 global->ifaces = wpa_s;
5070 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
5071 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5074 if (wpa_s->global->p2p == NULL &&
5075 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
5076 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
5077 wpas_p2p_add_p2pdev_interface(
5078 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
5079 wpa_printf(MSG_INFO,
5080 "P2P: Failed to enable P2P Device interface");
5081 /* Try to continue without. P2P will be disabled. */
5083 #endif /* CONFIG_P2P */
5090 * wpa_supplicant_remove_iface - Remove a network interface
5091 * @global: Pointer to global data from wpa_supplicant_init()
5092 * @wpa_s: Pointer to the network interface to be removed
5093 * Returns: 0 if interface was removed, -1 if interface was not found
5095 * This function can be used to dynamically remove network interfaces from
5096 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
5097 * addition, this function is used to remove all remaining interfaces when
5098 * %wpa_supplicant is terminated.
5100 int wpa_supplicant_remove_iface(struct wpa_global *global,
5101 struct wpa_supplicant *wpa_s,
5104 struct wpa_supplicant *prev;
5106 unsigned int mesh_if_created = wpa_s->mesh_if_created;
5107 char *ifname = NULL;
5108 #endif /* CONFIG_MESH */
5110 /* Remove interface from the global list of interfaces */
5111 prev = global->ifaces;
5112 if (prev == wpa_s) {
5113 global->ifaces = wpa_s->next;
5115 while (prev && prev->next != wpa_s)
5119 prev->next = wpa_s->next;
5122 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
5125 if (mesh_if_created) {
5126 ifname = os_strdup(wpa_s->ifname);
5127 if (ifname == NULL) {
5128 wpa_dbg(wpa_s, MSG_ERROR,
5129 "mesh: Failed to malloc ifname");
5133 #endif /* CONFIG_MESH */
5135 if (global->p2p_group_formation == wpa_s)
5136 global->p2p_group_formation = NULL;
5137 if (global->p2p_invite_group == wpa_s)
5138 global->p2p_invite_group = NULL;
5139 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
5142 if (mesh_if_created) {
5143 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
5146 #endif /* CONFIG_MESH */
5153 * wpa_supplicant_get_eap_mode - Get the current EAP mode
5154 * @wpa_s: Pointer to the network interface
5155 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
5157 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
5159 const char *eapol_method;
5161 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
5162 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
5166 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
5167 if (eapol_method == NULL)
5168 return "UNKNOWN-EAP";
5170 return eapol_method;
5175 * wpa_supplicant_get_iface - Get a new network interface
5176 * @global: Pointer to global data from wpa_supplicant_init()
5177 * @ifname: Interface name
5178 * Returns: Pointer to the interface or %NULL if not found
5180 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
5183 struct wpa_supplicant *wpa_s;
5185 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5186 if (os_strcmp(wpa_s->ifname, ifname) == 0)
5193 #ifndef CONFIG_NO_WPA_MSG
5194 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
5196 struct wpa_supplicant *wpa_s = ctx;
5199 return wpa_s->ifname;
5201 #endif /* CONFIG_NO_WPA_MSG */
5204 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
5205 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
5206 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
5208 /* Periodic cleanup tasks */
5209 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
5211 struct wpa_global *global = eloop_ctx;
5212 struct wpa_supplicant *wpa_s;
5214 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5215 wpas_periodic, global, NULL);
5219 p2p_expire_peers(global->p2p);
5220 #endif /* CONFIG_P2P */
5222 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
5223 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
5226 #endif /* CONFIG_AP */
5232 * wpa_supplicant_init - Initialize %wpa_supplicant
5233 * @params: Parameters for %wpa_supplicant
5234 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
5236 * This function is used to initialize %wpa_supplicant. After successful
5237 * initialization, the returned data pointer can be used to add and remove
5238 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
5240 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
5242 struct wpa_global *global;
5248 #ifdef CONFIG_DRIVER_NDIS
5250 void driver_ndis_init_ops(void);
5251 driver_ndis_init_ops();
5253 #endif /* CONFIG_DRIVER_NDIS */
5255 #ifndef CONFIG_NO_WPA_MSG
5256 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
5257 #endif /* CONFIG_NO_WPA_MSG */
5259 if (params->wpa_debug_file_path)
5260 wpa_debug_open_file(params->wpa_debug_file_path);
5262 wpa_debug_setup_stdout();
5263 if (params->wpa_debug_syslog)
5264 wpa_debug_open_syslog();
5265 if (params->wpa_debug_tracing) {
5266 ret = wpa_debug_open_linux_tracing();
5268 wpa_printf(MSG_ERROR,
5269 "Failed to enable trace logging");
5274 ret = eap_register_methods();
5276 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
5278 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
5279 "the same EAP type.");
5283 global = os_zalloc(sizeof(*global));
5286 dl_list_init(&global->p2p_srv_bonjour);
5287 dl_list_init(&global->p2p_srv_upnp);
5288 global->params.daemonize = params->daemonize;
5289 global->params.wait_for_monitor = params->wait_for_monitor;
5290 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
5291 if (params->pid_file)
5292 global->params.pid_file = os_strdup(params->pid_file);
5293 if (params->ctrl_interface)
5294 global->params.ctrl_interface =
5295 os_strdup(params->ctrl_interface);
5296 if (params->ctrl_interface_group)
5297 global->params.ctrl_interface_group =
5298 os_strdup(params->ctrl_interface_group);
5299 if (params->override_driver)
5300 global->params.override_driver =
5301 os_strdup(params->override_driver);
5302 if (params->override_ctrl_interface)
5303 global->params.override_ctrl_interface =
5304 os_strdup(params->override_ctrl_interface);
5305 #ifdef CONFIG_MATCH_IFACE
5306 global->params.match_iface_count = params->match_iface_count;
5307 if (params->match_iface_count) {
5308 global->params.match_ifaces =
5309 os_calloc(params->match_iface_count,
5310 sizeof(struct wpa_interface));
5311 os_memcpy(global->params.match_ifaces,
5312 params->match_ifaces,
5313 params->match_iface_count *
5314 sizeof(struct wpa_interface));
5316 #endif /* CONFIG_MATCH_IFACE */
5318 if (params->conf_p2p_dev)
5319 global->params.conf_p2p_dev =
5320 os_strdup(params->conf_p2p_dev);
5321 #endif /* CONFIG_P2P */
5322 wpa_debug_level = global->params.wpa_debug_level =
5323 params->wpa_debug_level;
5324 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
5325 params->wpa_debug_show_keys;
5326 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
5327 params->wpa_debug_timestamp;
5329 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
5332 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
5333 wpa_supplicant_deinit(global);
5337 random_init(params->entropy_file);
5339 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
5340 if (global->ctrl_iface == NULL) {
5341 wpa_supplicant_deinit(global);
5345 if (wpas_notify_supplicant_initialized(global)) {
5346 wpa_supplicant_deinit(global);
5350 for (i = 0; wpa_drivers[i]; i++)
5351 global->drv_count++;
5352 if (global->drv_count == 0) {
5353 wpa_printf(MSG_ERROR, "No drivers enabled");
5354 wpa_supplicant_deinit(global);
5357 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
5358 if (global->drv_priv == NULL) {
5359 wpa_supplicant_deinit(global);
5363 #ifdef CONFIG_WIFI_DISPLAY
5364 if (wifi_display_init(global) < 0) {
5365 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
5366 wpa_supplicant_deinit(global);
5369 #endif /* CONFIG_WIFI_DISPLAY */
5371 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5372 wpas_periodic, global, NULL);
5379 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5380 * @global: Pointer to global data from wpa_supplicant_init()
5381 * Returns: 0 after successful event loop run, -1 on failure
5383 * This function starts the main event loop and continues running as long as
5384 * there are any remaining events. In most cases, this function is running as
5385 * long as the %wpa_supplicant process in still in use.
5387 int wpa_supplicant_run(struct wpa_global *global)
5389 struct wpa_supplicant *wpa_s;
5391 if (global->params.daemonize &&
5392 (wpa_supplicant_daemon(global->params.pid_file) ||
5393 eloop_sock_requeue()))
5396 #ifdef CONFIG_MATCH_IFACE
5397 if (wpa_supplicant_match_existing(global))
5401 if (global->params.wait_for_monitor) {
5402 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
5403 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
5404 wpa_supplicant_ctrl_iface_wait(
5408 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
5409 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
5418 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5419 * @global: Pointer to global data from wpa_supplicant_init()
5421 * This function is called to deinitialize %wpa_supplicant and to free all
5422 * allocated resources. Remaining network interfaces will also be removed.
5424 void wpa_supplicant_deinit(struct wpa_global *global)
5431 eloop_cancel_timeout(wpas_periodic, global, NULL);
5433 #ifdef CONFIG_WIFI_DISPLAY
5434 wifi_display_deinit(global);
5435 #endif /* CONFIG_WIFI_DISPLAY */
5437 while (global->ifaces)
5438 wpa_supplicant_remove_iface(global, global->ifaces, 1);
5440 if (global->ctrl_iface)
5441 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
5443 wpas_notify_supplicant_deinitialized(global);
5445 eap_peer_unregister_methods();
5447 eap_server_unregister_methods();
5448 #endif /* CONFIG_AP */
5450 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
5451 if (!global->drv_priv[i])
5453 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
5455 os_free(global->drv_priv);
5461 if (global->params.pid_file) {
5462 os_daemonize_terminate(global->params.pid_file);
5463 os_free(global->params.pid_file);
5465 os_free(global->params.ctrl_interface);
5466 os_free(global->params.ctrl_interface_group);
5467 os_free(global->params.override_driver);
5468 os_free(global->params.override_ctrl_interface);
5469 #ifdef CONFIG_MATCH_IFACE
5470 os_free(global->params.match_ifaces);
5471 #endif /* CONFIG_MATCH_IFACE */
5473 os_free(global->params.conf_p2p_dev);
5474 #endif /* CONFIG_P2P */
5476 os_free(global->p2p_disallow_freq.range);
5477 os_free(global->p2p_go_avoid_freq.range);
5478 os_free(global->add_psk);
5481 wpa_debug_close_syslog();
5482 wpa_debug_close_file();
5483 wpa_debug_close_linux_tracing();
5487 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
5489 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
5490 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
5492 country[0] = wpa_s->conf->country[0];
5493 country[1] = wpa_s->conf->country[1];
5495 if (wpa_drv_set_country(wpa_s, country) < 0) {
5496 wpa_printf(MSG_ERROR, "Failed to set country code "
5501 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
5502 wpas_init_ext_pw(wpa_s);
5504 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
5505 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
5508 wpas_wps_update_config(wpa_s);
5509 #endif /* CONFIG_WPS */
5510 wpas_p2p_update_config(wpa_s);
5511 wpa_s->conf->changed_parameters = 0;
5515 void add_freq(int *freqs, int *num_freqs, int freq)
5519 for (i = 0; i < *num_freqs; i++) {
5520 if (freqs[i] == freq)
5524 freqs[*num_freqs] = freq;
5529 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
5531 struct wpa_bss *bss, *cbss;
5532 const int max_freqs = 10;
5536 freqs = os_calloc(max_freqs + 1, sizeof(int));
5540 cbss = wpa_s->current_bss;
5542 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5545 if (bss->ssid_len == cbss->ssid_len &&
5546 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
5547 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
5548 add_freq(freqs, &num_freqs, bss->freq);
5549 if (num_freqs == max_freqs)
5554 if (num_freqs == 0) {
5563 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
5569 wpas_connect_work_done(wpa_s);
5572 * Remove possible authentication timeout since the connection failed.
5574 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
5577 * There is no point in blacklisting the AP if this event is
5578 * generated based on local request to disconnect.
5580 if (wpa_s->own_disconnect_req) {
5581 wpa_s->own_disconnect_req = 0;
5582 wpa_dbg(wpa_s, MSG_DEBUG,
5583 "Ignore connection failure due to local request to disconnect");
5586 if (wpa_s->disconnected) {
5587 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
5588 "indication since interface has been put into "
5589 "disconnected state");
5594 * Add the failed BSSID into the blacklist and speed up next scan
5595 * attempt if there could be other APs that could accept association.
5596 * The current blacklist count indicates how many times we have tried
5597 * connecting to this AP and multiple attempts mean that other APs are
5598 * either not available or has already been tried, so that we can start
5599 * increasing the delay here to avoid constant scanning.
5601 count = wpa_blacklist_add(wpa_s, bssid);
5602 if (count == 1 && wpa_s->current_bss) {
5604 * This BSS was not in the blacklist before. If there is
5605 * another BSS available for the same ESS, we should try that
5606 * next. Otherwise, we may as well try this one once more
5607 * before allowing other, likely worse, ESSes to be considered.
5609 freqs = get_bss_freqs_in_ess(wpa_s);
5611 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
5612 "has been seen; try it next");
5613 wpa_blacklist_add(wpa_s, bssid);
5615 * On the next scan, go through only the known channels
5616 * used in this ESS based on previous scans to speed up
5617 * common load balancing use case.
5619 os_free(wpa_s->next_scan_freqs);
5620 wpa_s->next_scan_freqs = freqs;
5625 * Add previous failure count in case the temporary blacklist was
5626 * cleared due to no other BSSes being available.
5628 count += wpa_s->extra_blacklist_count;
5630 if (count > 3 && wpa_s->current_ssid) {
5631 wpa_printf(MSG_DEBUG, "Continuous association failures - "
5632 "consider temporary network disabling");
5633 wpas_auth_failed(wpa_s, "CONN_FAILED");
5654 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
5655 "ms", count, timeout);
5658 * TODO: if more than one possible AP is available in scan results,
5659 * could try the other ones before requesting a new scan.
5661 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
5662 1000 * (timeout % 1000));
5666 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
5668 return wpa_s->conf->ap_scan == 2 ||
5669 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
5673 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
5674 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
5675 struct wpa_ssid *ssid,
5679 #ifdef IEEE8021X_EAPOL
5680 struct eap_peer_config *eap = &ssid->eap;
5682 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5683 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5684 (const u8 *) value, os_strlen(value));
5686 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5687 case WPA_CTRL_REQ_EAP_IDENTITY:
5688 os_free(eap->identity);
5689 eap->identity = (u8 *) os_strdup(value);
5690 eap->identity_len = os_strlen(value);
5691 eap->pending_req_identity = 0;
5692 if (ssid == wpa_s->current_ssid)
5693 wpa_s->reassociate = 1;
5695 case WPA_CTRL_REQ_EAP_PASSWORD:
5696 bin_clear_free(eap->password, eap->password_len);
5697 eap->password = (u8 *) os_strdup(value);
5698 eap->password_len = os_strlen(value);
5699 eap->pending_req_password = 0;
5700 if (ssid == wpa_s->current_ssid)
5701 wpa_s->reassociate = 1;
5703 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5704 bin_clear_free(eap->new_password, eap->new_password_len);
5705 eap->new_password = (u8 *) os_strdup(value);
5706 eap->new_password_len = os_strlen(value);
5707 eap->pending_req_new_password = 0;
5708 if (ssid == wpa_s->current_ssid)
5709 wpa_s->reassociate = 1;
5711 case WPA_CTRL_REQ_EAP_PIN:
5712 str_clear_free(eap->pin);
5713 eap->pin = os_strdup(value);
5714 eap->pending_req_pin = 0;
5715 if (ssid == wpa_s->current_ssid)
5716 wpa_s->reassociate = 1;
5718 case WPA_CTRL_REQ_EAP_OTP:
5719 bin_clear_free(eap->otp, eap->otp_len);
5720 eap->otp = (u8 *) os_strdup(value);
5721 eap->otp_len = os_strlen(value);
5722 os_free(eap->pending_req_otp);
5723 eap->pending_req_otp = NULL;
5724 eap->pending_req_otp_len = 0;
5726 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5727 str_clear_free(eap->private_key_passwd);
5728 eap->private_key_passwd = os_strdup(value);
5729 eap->pending_req_passphrase = 0;
5730 if (ssid == wpa_s->current_ssid)
5731 wpa_s->reassociate = 1;
5733 case WPA_CTRL_REQ_SIM:
5734 str_clear_free(eap->external_sim_resp);
5735 eap->external_sim_resp = os_strdup(value);
5737 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5738 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5740 ssid->mem_only_psk = 1;
5741 if (ssid->passphrase)
5742 wpa_config_update_psk(ssid);
5743 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5744 wpa_supplicant_req_scan(wpa_s, 0, 0);
5746 case WPA_CTRL_REQ_EXT_CERT_CHECK:
5747 if (eap->pending_ext_cert_check != PENDING_CHECK)
5749 if (os_strcmp(value, "good") == 0)
5750 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
5751 else if (os_strcmp(value, "bad") == 0)
5752 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
5757 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
5762 #else /* IEEE8021X_EAPOL */
5763 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
5765 #endif /* IEEE8021X_EAPOL */
5767 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
5770 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5773 unsigned int drv_enc;
5775 if (wpa_s->p2p_mgmt)
5776 return 1; /* no normal network profiles on p2p_mgmt interface */
5784 if (wpa_s->drv_capa_known)
5785 drv_enc = wpa_s->drv_enc;
5787 drv_enc = (unsigned int) -1;
5789 for (i = 0; i < NUM_WEP_KEYS; i++) {
5790 size_t len = ssid->wep_key_len[i];
5793 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
5795 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
5797 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
5799 return 1; /* invalid WEP key */
5802 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
5803 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
5804 !ssid->mem_only_psk)
5811 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5813 #ifdef CONFIG_IEEE80211W
5814 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
5815 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
5816 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
5818 * Driver does not support BIP -- ignore pmf=1 default
5819 * since the connection with PMF would fail and the
5820 * configuration does not require PMF to be enabled.
5822 return NO_MGMT_FRAME_PROTECTION;
5825 return wpa_s->conf->pmf;
5828 return ssid->ieee80211w;
5829 #else /* CONFIG_IEEE80211W */
5830 return NO_MGMT_FRAME_PROTECTION;
5831 #endif /* CONFIG_IEEE80211W */
5835 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
5837 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
5839 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
5845 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
5847 struct wpa_ssid *ssid = wpa_s->current_ssid;
5849 struct os_reltime now;
5852 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
5857 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
5860 ssid->auth_failures++;
5863 if (ssid->p2p_group &&
5864 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
5866 * Skip the wait time since there is a short timeout on the
5867 * connection to a P2P group.
5871 #endif /* CONFIG_P2P */
5873 if (ssid->auth_failures > 50)
5875 else if (ssid->auth_failures > 10)
5877 else if (ssid->auth_failures > 5)
5879 else if (ssid->auth_failures > 3)
5881 else if (ssid->auth_failures > 2)
5883 else if (ssid->auth_failures > 1)
5888 if (ssid->auth_failures > 1 &&
5889 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
5890 dur += os_random() % (ssid->auth_failures * 10);
5892 os_get_reltime(&now);
5893 if (now.sec + dur <= ssid->disabled_until.sec)
5896 ssid->disabled_until.sec = now.sec + dur;
5898 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
5899 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
5900 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
5901 ssid->auth_failures, dur, reason);
5905 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
5906 struct wpa_ssid *ssid, int clear_failures)
5911 if (ssid->disabled_until.sec) {
5912 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
5913 "id=%d ssid=\"%s\"",
5914 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
5916 ssid->disabled_until.sec = 0;
5917 ssid->disabled_until.usec = 0;
5919 ssid->auth_failures = 0;
5923 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
5927 if (wpa_s->disallow_aps_bssid == NULL)
5930 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
5931 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
5932 bssid, ETH_ALEN) == 0)
5940 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
5945 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
5948 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
5949 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
5950 if (ssid_len == s->ssid_len &&
5951 os_memcmp(ssid, s->ssid, ssid_len) == 0)
5960 * wpas_request_connection - Request a new connection
5961 * @wpa_s: Pointer to the network interface
5963 * This function is used to request a new connection to be found. It will mark
5964 * the interface to allow reassociation and request a new scan to find a
5965 * suitable network to connect to.
5967 void wpas_request_connection(struct wpa_supplicant *wpa_s)
5969 wpa_s->normal_scans = 0;
5970 wpa_s->scan_req = NORMAL_SCAN_REQ;
5971 wpa_supplicant_reinit_autoscan(wpa_s);
5972 wpa_s->extra_blacklist_count = 0;
5973 wpa_s->disconnected = 0;
5974 wpa_s->reassociate = 1;
5976 if (wpa_supplicant_fast_associate(wpa_s) != 1)
5977 wpa_supplicant_req_scan(wpa_s, 0, 0);
5979 wpa_s->reattach = 0;
5983 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
5984 struct wpa_used_freq_data *freqs_data,
5989 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
5991 for (i = 0; i < len; i++) {
5992 struct wpa_used_freq_data *cur = &freqs_data[i];
5993 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
5994 i, cur->freq, cur->flags);
6000 * Find the operating frequencies of any of the virtual interfaces that
6001 * are using the same radio as the current interface, and in addition, get
6002 * information about the interface types that are using the frequency.
6004 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
6005 struct wpa_used_freq_data *freqs_data,
6008 struct wpa_supplicant *ifs;
6011 unsigned int idx = 0, i;
6013 wpa_dbg(wpa_s, MSG_DEBUG,
6014 "Determining shared radio frequencies (max len %u)", len);
6015 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
6017 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
6022 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
6025 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
6026 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
6027 ifs->current_ssid->mode == WPAS_MODE_MESH)
6028 freq = ifs->current_ssid->frequency;
6029 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
6030 freq = ifs->assoc_freq;
6034 /* Hold only distinct freqs */
6035 for (i = 0; i < idx; i++)
6036 if (freqs_data[i].freq == freq)
6040 freqs_data[idx++].freq = freq;
6042 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
6043 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
6044 WPA_FREQ_USED_BY_P2P_CLIENT :
6045 WPA_FREQ_USED_BY_INFRA_STATION;
6049 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
6055 * Find the operating frequencies of any of the virtual interfaces that
6056 * are using the same radio as the current interface.
6058 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
6059 int *freq_array, unsigned int len)
6061 struct wpa_used_freq_data *freqs_data;
6064 os_memset(freq_array, 0, sizeof(int) * len);
6066 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
6070 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
6071 for (i = 0; i < num; i++)
6072 freq_array[i] = freqs_data[i].freq;
6074 os_free(freqs_data);
6080 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
6082 struct rrm_data *rrm = data;
6084 if (!rrm->notify_neighbor_rep) {
6085 wpa_printf(MSG_ERROR,
6086 "RRM: Unexpected neighbor report timeout");
6090 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
6091 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
6093 rrm->notify_neighbor_rep = NULL;
6094 rrm->neighbor_rep_cb_ctx = NULL;
6099 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
6100 * @wpa_s: Pointer to wpa_supplicant
6102 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
6104 wpa_s->rrm.rrm_used = 0;
6106 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
6108 if (wpa_s->rrm.notify_neighbor_rep)
6109 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
6110 wpa_s->rrm.next_neighbor_rep_token = 1;
6115 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
6116 * @wpa_s: Pointer to wpa_supplicant
6117 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
6118 * @report_len: Length of neighbor report buffer
6120 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
6121 const u8 *report, size_t report_len)
6123 struct wpabuf *neighbor_rep;
6125 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
6129 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
6130 wpa_printf(MSG_DEBUG,
6131 "RRM: Discarding neighbor report with token %d (expected %d)",
6132 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
6136 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
6139 if (!wpa_s->rrm.notify_neighbor_rep) {
6140 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
6144 /* skipping the first byte, which is only an id (dialog token) */
6145 neighbor_rep = wpabuf_alloc(report_len - 1);
6146 if (neighbor_rep == NULL)
6148 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
6149 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
6151 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
6153 wpa_s->rrm.notify_neighbor_rep = NULL;
6154 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
6158 #if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
6159 /* Workaround different, undefined for Windows, error codes used here */
6161 #define EOPNOTSUPP -1
6162 #define ECANCELED -1
6166 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
6167 * @wpa_s: Pointer to wpa_supplicant
6168 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
6169 * is sent in the request.
6170 * @cb: Callback function to be called once the requested report arrives, or
6171 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
6172 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
6173 * the requester's responsibility to free it.
6174 * In the latter case NULL will be sent in 'neighbor_rep'.
6175 * @cb_ctx: Context value to send the callback function
6176 * Returns: 0 in case of success, negative error code otherwise
6178 * In case there is a previous request which has not been answered yet, the
6179 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
6180 * Request must contain a callback function.
6182 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
6183 const struct wpa_ssid *ssid,
6184 void (*cb)(void *ctx,
6185 struct wpabuf *neighbor_rep),
6191 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
6192 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
6196 if (!wpa_s->rrm.rrm_used) {
6197 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
6201 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
6202 WLAN_EID_RRM_ENABLED_CAPABILITIES);
6203 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
6204 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
6205 wpa_printf(MSG_DEBUG,
6206 "RRM: No network support for Neighbor Report.");
6211 wpa_printf(MSG_DEBUG,
6212 "RRM: Neighbor Report request must provide a callback.");
6216 /* Refuse if there's a live request */
6217 if (wpa_s->rrm.notify_neighbor_rep) {
6218 wpa_printf(MSG_DEBUG,
6219 "RRM: Currently handling previous Neighbor Report.");
6223 /* 3 = action category + action code + dialog token */
6224 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0));
6226 wpa_printf(MSG_DEBUG,
6227 "RRM: Failed to allocate Neighbor Report Request");
6231 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
6232 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
6233 wpa_s->rrm.next_neighbor_rep_token);
6235 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6236 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
6237 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
6239 wpabuf_put_u8(buf, WLAN_EID_SSID);
6240 wpabuf_put_u8(buf, ssid->ssid_len);
6241 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
6244 wpa_s->rrm.next_neighbor_rep_token++;
6246 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
6247 wpa_s->own_addr, wpa_s->bssid,
6248 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
6249 wpa_printf(MSG_DEBUG,
6250 "RRM: Failed to send Neighbor Report Request");
6255 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
6256 wpa_s->rrm.notify_neighbor_rep = cb;
6257 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
6258 wpas_rrm_neighbor_rep_timeout_handler,
6266 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
6268 const u8 *frame, size_t len,
6272 const struct rrm_link_measurement_request *req;
6273 struct rrm_link_measurement_report report;
6275 if (wpa_s->wpa_state != WPA_COMPLETED) {
6276 wpa_printf(MSG_INFO,
6277 "RRM: Ignoring link measurement request. Not associated");
6281 if (!wpa_s->rrm.rrm_used) {
6282 wpa_printf(MSG_INFO,
6283 "RRM: Ignoring link measurement request. Not RRM network");
6287 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
6288 wpa_printf(MSG_INFO,
6289 "RRM: Measurement report failed. TX power insertion not supported");
6293 req = (const struct rrm_link_measurement_request *) frame;
6294 if (len < sizeof(*req)) {
6295 wpa_printf(MSG_INFO,
6296 "RRM: Link measurement report failed. Request too short");
6300 os_memset(&report, 0, sizeof(report));
6301 report.tpc.eid = WLAN_EID_TPC_REPORT;
6303 report.rsni = 255; /* 255 indicates that RSNI is not available */
6304 report.dialog_token = req->dialog_token;
6307 * It's possible to estimate RCPI based on RSSI in dBm. This
6308 * calculation will not reflect the correct value for high rates,
6309 * but it's good enough for Action frames which are transmitted
6310 * with up to 24 Mbps rates.
6313 report.rcpi = 255; /* not available */
6314 else if (rssi < -110)
6319 report.rcpi = (rssi + 110) * 2;
6321 /* action_category + action_code */
6322 buf = wpabuf_alloc(2 + sizeof(report));
6324 wpa_printf(MSG_ERROR,
6325 "RRM: Link measurement report failed. Buffer allocation failed");
6329 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6330 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
6331 wpabuf_put_data(buf, &report, sizeof(report));
6332 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
6333 wpabuf_head(buf), wpabuf_len(buf));
6335 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
6336 wpa_s->own_addr, wpa_s->bssid,
6337 wpabuf_head(buf), wpabuf_len(buf), 0)) {
6338 wpa_printf(MSG_ERROR,
6339 "RRM: Link measurement report failed. Send action failed");
6345 struct wpa_supplicant *
6346 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
6350 case VENDOR_ELEM_PROBE_REQ_P2P:
6351 case VENDOR_ELEM_PROBE_RESP_P2P:
6352 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
6353 case VENDOR_ELEM_BEACON_P2P_GO:
6354 case VENDOR_ELEM_P2P_PD_REQ:
6355 case VENDOR_ELEM_P2P_PD_RESP:
6356 case VENDOR_ELEM_P2P_GO_NEG_REQ:
6357 case VENDOR_ELEM_P2P_GO_NEG_RESP:
6358 case VENDOR_ELEM_P2P_GO_NEG_CONF:
6359 case VENDOR_ELEM_P2P_INV_REQ:
6360 case VENDOR_ELEM_P2P_INV_RESP:
6361 case VENDOR_ELEM_P2P_ASSOC_REQ:
6362 case VENDOR_ELEM_P2P_ASSOC_RESP:
6363 return wpa_s->p2pdev;
6364 #endif /* CONFIG_P2P */
6371 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
6376 wpa_printf(MSG_DEBUG, "Update vendor elements");
6378 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
6379 if (wpa_s->vendor_elem[i]) {
6382 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
6383 if (!os_snprintf_error(sizeof(buf), res)) {
6384 wpa_hexdump_buf(MSG_DEBUG, buf,
6385 wpa_s->vendor_elem[i]);
6391 if (wpa_s->parent == wpa_s &&
6392 wpa_s->global->p2p &&
6393 !wpa_s->global->p2p_disabled)
6394 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
6395 #endif /* CONFIG_P2P */
6399 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
6400 const u8 *elem, size_t len)
6404 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
6405 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
6407 for (; ie + 1 < end; ie += 2 + ie[1]) {
6410 if (os_memcmp(ie, elem, len) != 0)
6413 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
6414 wpabuf_free(wpa_s->vendor_elem[frame]);
6415 wpa_s->vendor_elem[frame] = NULL;
6417 os_memmove(ie, ie + len, end - (ie + len));
6418 wpa_s->vendor_elem[frame]->used -= len;
6420 wpas_vendor_elem_update(wpa_s);
6428 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
6429 u16 num_modes, enum hostapd_hw_mode mode)
6433 for (i = 0; i < num_modes; i++) {
6434 if (modes[i].mode == mode)
6443 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
6446 struct wpa_bss_tmp_disallowed *bss;
6448 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
6449 struct wpa_bss_tmp_disallowed, list) {
6450 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
6458 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
6461 struct wpa_bss_tmp_disallowed *bss;
6462 struct os_reltime until;
6464 os_get_reltime(&until);
6467 bss = wpas_get_disallowed_bss(wpa_s, bssid);
6469 bss->disallowed_until = until;
6473 bss = os_malloc(sizeof(*bss));
6475 wpa_printf(MSG_DEBUG,
6476 "Failed to allocate memory for temp disallow BSS");
6480 bss->disallowed_until = until;
6481 os_memcpy(bss->bssid, bssid, ETH_ALEN);
6482 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
6486 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid)
6488 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev;
6489 struct os_reltime now, age;
6491 os_get_reltime(&now);
6493 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
6494 struct wpa_bss_tmp_disallowed, list) {
6495 if (!os_reltime_before(&now, &tmp->disallowed_until)) {
6496 /* This BSS is not disallowed anymore */
6497 dl_list_del(&tmp->list);
6501 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) {
6509 os_reltime_sub(&bss->disallowed_until, &now, &age);
6510 wpa_printf(MSG_DEBUG,
6511 "BSS " MACSTR " disabled for %ld.%0ld seconds",
6512 MAC2STR(bss->bssid), age.sec, age.usec);