3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_server/eap_methods.h"
21 #include "rsn_supp/wpa.h"
24 #include "utils/ext_password.h"
25 #include "l2_packet/l2_packet.h"
26 #include "wpa_supplicant_i.h"
28 #include "ctrl_iface.h"
29 #include "pcsc_funcs.h"
30 #include "common/version.h"
31 #include "rsn_supp/preauth.h"
32 #include "rsn_supp/pmksa_cache.h"
33 #include "common/wpa_ctrl.h"
34 #include "common/ieee802_11_defs.h"
36 #include "blacklist.h"
37 #include "wpas_glue.h"
38 #include "wps_supplicant.h"
41 #include "gas_query.h"
43 #include "p2p_supplicant.h"
49 #include "offchannel.h"
50 #include "hs20_supplicant.h"
52 const char *wpa_supplicant_version =
53 "wpa_supplicant v" VERSION_STR "\n"
54 "Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors";
56 const char *wpa_supplicant_license =
57 "This software may be distributed under the terms of the BSD license.\n"
58 "See README for more details.\n"
59 #ifdef EAP_TLS_OPENSSL
60 "\nThis product includes software developed by the OpenSSL Project\n"
61 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
62 #endif /* EAP_TLS_OPENSSL */
65 #ifndef CONFIG_NO_STDOUT_DEBUG
66 /* Long text divided into parts in order to fit in C89 strings size limits. */
67 const char *wpa_supplicant_full_license1 =
69 const char *wpa_supplicant_full_license2 =
70 "This software may be distributed under the terms of the BSD license.\n"
72 "Redistribution and use in source and binary forms, with or without\n"
73 "modification, are permitted provided that the following conditions are\n"
76 const char *wpa_supplicant_full_license3 =
77 "1. Redistributions of source code must retain the above copyright\n"
78 " notice, this list of conditions and the following disclaimer.\n"
80 "2. Redistributions in binary form must reproduce the above copyright\n"
81 " notice, this list of conditions and the following disclaimer in the\n"
82 " documentation and/or other materials provided with the distribution.\n"
84 const char *wpa_supplicant_full_license4 =
85 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
86 " names of its contributors may be used to endorse or promote products\n"
87 " derived from this software without specific prior written permission.\n"
89 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
90 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
91 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
92 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
93 const char *wpa_supplicant_full_license5 =
94 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
95 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
96 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
97 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
98 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
99 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
100 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
102 #endif /* CONFIG_NO_STDOUT_DEBUG */
104 extern int wpa_debug_level;
105 extern int wpa_debug_show_keys;
106 extern int wpa_debug_timestamp;
107 extern struct wpa_driver_ops *wpa_drivers[];
109 /* Configure default/group WEP keys for static WEP */
110 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
114 for (i = 0; i < NUM_WEP_KEYS; i++) {
115 if (ssid->wep_key_len[i] == 0)
119 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
120 i, i == ssid->wep_tx_keyidx, NULL, 0,
121 ssid->wep_key[i], ssid->wep_key_len[i]);
128 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
129 struct wpa_ssid *ssid)
136 /* IBSS/WPA-None uses only one key (Group) for both receiving and
137 * sending unicast and multicast packets. */
139 if (ssid->mode != WPAS_MODE_IBSS) {
140 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
141 "IBSS/ad-hoc) for WPA-None", ssid->mode);
145 if (!ssid->psk_set) {
146 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
151 switch (wpa_s->group_cipher) {
152 case WPA_CIPHER_CCMP:
153 os_memcpy(key, ssid->psk, 16);
157 case WPA_CIPHER_TKIP:
158 /* WPA-None uses the same Michael MIC key for both TX and RX */
159 os_memcpy(key, ssid->psk, 16 + 8);
160 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
165 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
166 "WPA-None", wpa_s->group_cipher);
170 /* TODO: should actually remember the previously used seq#, both for TX
171 * and RX from each STA.. */
173 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
177 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
179 struct wpa_supplicant *wpa_s = eloop_ctx;
180 const u8 *bssid = wpa_s->bssid;
181 if (is_zero_ether_addr(bssid))
182 bssid = wpa_s->pending_bssid;
183 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
185 wpa_blacklist_add(wpa_s, bssid);
186 wpa_sm_notify_disassoc(wpa_s->wpa);
187 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
188 wpa_s->reassociate = 1;
191 * If we timed out, the AP or the local radio may be busy.
192 * So, wait a second until scanning again.
194 wpa_supplicant_req_scan(wpa_s, 1, 0);
197 if (wpa_s->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
198 wpa_s->global->p2p != NULL) {
199 wpa_s->p2p_cb_on_scan_complete = 0;
200 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
201 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
202 "continued after timed out authentication");
205 #endif /* CONFIG_P2P */
210 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
211 * @wpa_s: Pointer to wpa_supplicant data
212 * @sec: Number of seconds after which to time out authentication
213 * @usec: Number of microseconds after which to time out authentication
215 * This function is used to schedule a timeout for the current authentication
218 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
221 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
222 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
225 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
226 "%d usec", sec, usec);
227 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
228 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
233 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
234 * @wpa_s: Pointer to wpa_supplicant data
236 * This function is used to cancel authentication timeout scheduled with
237 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
240 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
242 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
243 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
244 wpa_blacklist_del(wpa_s, wpa_s->bssid);
249 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
250 * @wpa_s: Pointer to wpa_supplicant data
252 * This function is used to configure EAPOL state machine based on the selected
253 * authentication mode.
255 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
257 #ifdef IEEE8021X_EAPOL
258 struct eapol_config eapol_conf;
259 struct wpa_ssid *ssid = wpa_s->current_ssid;
261 #ifdef CONFIG_IBSS_RSN
262 if (ssid->mode == WPAS_MODE_IBSS &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
264 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
266 * RSN IBSS authentication is per-STA and we can disable the
267 * per-BSSID EAPOL authentication.
269 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
270 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
271 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
274 #endif /* CONFIG_IBSS_RSN */
276 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
277 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
279 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
280 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
281 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
283 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
285 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
286 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
287 eapol_conf.accept_802_1x_keys = 1;
288 eapol_conf.required_keys = 0;
289 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
290 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
292 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
293 eapol_conf.required_keys |=
294 EAPOL_REQUIRE_KEY_BROADCAST;
297 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
298 eapol_conf.required_keys = 0;
301 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
302 eapol_conf.workaround = ssid->eap_workaround;
303 eapol_conf.eap_disabled =
304 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
305 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
306 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
307 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
308 #endif /* IEEE8021X_EAPOL */
313 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
314 * @wpa_s: Pointer to wpa_supplicant data
315 * @ssid: Configuration data for the network
317 * This function is used to configure WPA state machine and related parameters
318 * to a mode where WPA is not enabled. This is called as part of the
319 * authentication configuration when the selected network does not use WPA.
321 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
322 struct wpa_ssid *ssid)
326 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
327 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
328 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
329 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
331 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
332 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
333 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
334 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
335 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
336 wpa_s->group_cipher = WPA_CIPHER_NONE;
337 wpa_s->mgmt_group_cipher = 0;
339 for (i = 0; i < NUM_WEP_KEYS; i++) {
340 if (ssid->wep_key_len[i] > 5) {
341 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
342 wpa_s->group_cipher = WPA_CIPHER_WEP104;
344 } else if (ssid->wep_key_len[i] > 0) {
345 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
346 wpa_s->group_cipher = WPA_CIPHER_WEP40;
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
353 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
354 wpa_s->pairwise_cipher);
355 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
356 #ifdef CONFIG_IEEE80211W
357 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
358 wpa_s->mgmt_group_cipher);
359 #endif /* CONFIG_IEEE80211W */
361 pmksa_cache_clear_current(wpa_s->wpa);
365 void free_hw_features(struct wpa_supplicant *wpa_s)
368 if (wpa_s->hw.modes == NULL)
371 for (i = 0; i < wpa_s->hw.num_modes; i++) {
372 os_free(wpa_s->hw.modes[i].channels);
373 os_free(wpa_s->hw.modes[i].rates);
376 os_free(wpa_s->hw.modes);
377 wpa_s->hw.modes = NULL;
381 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
383 bgscan_deinit(wpa_s);
384 autoscan_deinit(wpa_s);
385 scard_deinit(wpa_s->scard);
387 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
388 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
389 l2_packet_deinit(wpa_s->l2);
392 l2_packet_deinit(wpa_s->l2_br);
396 if (wpa_s->conf != NULL) {
397 struct wpa_ssid *ssid;
398 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
399 wpas_notify_network_removed(wpa_s, ssid);
402 os_free(wpa_s->confname);
403 wpa_s->confname = NULL;
405 wpa_sm_set_eapol(wpa_s->wpa, NULL);
406 eapol_sm_deinit(wpa_s->eapol);
409 rsn_preauth_deinit(wpa_s->wpa);
412 wpa_tdls_deinit(wpa_s->wpa);
413 #endif /* CONFIG_TDLS */
415 pmksa_candidate_free(wpa_s->wpa);
416 wpa_sm_deinit(wpa_s->wpa);
418 wpa_blacklist_clear(wpa_s);
420 wpa_bss_deinit(wpa_s);
422 wpa_supplicant_cancel_scan(wpa_s);
423 wpa_supplicant_cancel_auth_timeout(wpa_s);
424 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
425 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
426 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
428 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
430 wpas_wps_deinit(wpa_s);
432 wpabuf_free(wpa_s->pending_eapol_rx);
433 wpa_s->pending_eapol_rx = NULL;
435 #ifdef CONFIG_IBSS_RSN
436 ibss_rsn_deinit(wpa_s->ibss_rsn);
437 wpa_s->ibss_rsn = NULL;
438 #endif /* CONFIG_IBSS_RSN */
443 wpa_supplicant_ap_deinit(wpa_s);
444 #endif /* CONFIG_AP */
447 wpas_p2p_deinit(wpa_s);
448 #endif /* CONFIG_P2P */
450 #ifdef CONFIG_OFFCHANNEL
451 offchannel_deinit(wpa_s);
452 #endif /* CONFIG_OFFCHANNEL */
454 wpa_supplicant_cancel_sched_scan(wpa_s);
456 os_free(wpa_s->next_scan_freqs);
457 wpa_s->next_scan_freqs = NULL;
459 gas_query_deinit(wpa_s->gas);
462 free_hw_features(wpa_s);
464 os_free(wpa_s->bssid_filter);
465 wpa_s->bssid_filter = NULL;
467 wnm_bss_keep_alive_deinit(wpa_s);
469 ext_password_deinit(wpa_s->ext_pw);
470 wpa_s->ext_pw = NULL;
475 * wpa_clear_keys - Clear keys configured for the driver
476 * @wpa_s: Pointer to wpa_supplicant data
477 * @addr: Previously used BSSID or %NULL if not available
479 * This function clears the encryption keys that has been previously configured
482 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
484 if (wpa_s->keys_cleared) {
485 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
486 * timing issues with keys being cleared just before new keys
487 * are set or just after association or something similar. This
488 * shows up in group key handshake failing often because of the
489 * client not receiving the first encrypted packets correctly.
490 * Skipping some of the extra key clearing steps seems to help
491 * in completing group key handshake more reliably. */
492 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
493 "skip key clearing");
497 /* MLME-DELETEKEYS.request */
498 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
499 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
500 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
501 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
502 #ifdef CONFIG_IEEE80211W
503 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
504 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
505 #endif /* CONFIG_IEEE80211W */
507 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
509 /* MLME-SETPROTECTION.request(None) */
510 wpa_drv_mlme_setprotection(
512 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
513 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
515 wpa_s->keys_cleared = 1;
520 * wpa_supplicant_state_txt - Get the connection state name as a text string
521 * @state: State (wpa_state; WPA_*)
522 * Returns: The state name as a printable text string
524 const char * wpa_supplicant_state_txt(enum wpa_states state)
527 case WPA_DISCONNECTED:
528 return "DISCONNECTED";
531 case WPA_INTERFACE_DISABLED:
532 return "INTERFACE_DISABLED";
535 case WPA_AUTHENTICATING:
536 return "AUTHENTICATING";
537 case WPA_ASSOCIATING:
538 return "ASSOCIATING";
541 case WPA_4WAY_HANDSHAKE:
542 return "4WAY_HANDSHAKE";
543 case WPA_GROUP_HANDSHAKE:
544 return "GROUP_HANDSHAKE";
555 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
557 if (wpas_driver_bss_selection(wpa_s))
559 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
562 bgscan_deinit(wpa_s);
563 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
564 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
565 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
568 * Live without bgscan; it is only used as a roaming
569 * optimization, so the initial connection is not
573 struct wpa_scan_results *scan_res;
574 wpa_s->bgscan_ssid = wpa_s->current_ssid;
575 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
578 bgscan_notify_scan(wpa_s, scan_res);
579 wpa_scan_results_free(scan_res);
583 wpa_s->bgscan_ssid = NULL;
587 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
589 if (wpa_s->bgscan_ssid != NULL) {
590 bgscan_deinit(wpa_s);
591 wpa_s->bgscan_ssid = NULL;
595 #endif /* CONFIG_BGSCAN */
598 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
600 if (autoscan_init(wpa_s, 0))
601 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
605 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
607 autoscan_deinit(wpa_s);
611 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
613 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
614 wpa_s->wpa_state == WPA_SCANNING) {
615 autoscan_deinit(wpa_s);
616 wpa_supplicant_start_autoscan(wpa_s);
622 * wpa_supplicant_set_state - Set current connection state
623 * @wpa_s: Pointer to wpa_supplicant data
624 * @state: The new connection state
626 * This function is called whenever the connection state changes, e.g.,
627 * association is completed for WPA/WPA2 4-Way Handshake is started.
629 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
630 enum wpa_states state)
632 enum wpa_states old_state = wpa_s->wpa_state;
634 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
635 wpa_supplicant_state_txt(wpa_s->wpa_state),
636 wpa_supplicant_state_txt(state));
638 if (state != WPA_SCANNING)
639 wpa_supplicant_notify_scanning(wpa_s, 0);
641 if (state == WPA_COMPLETED && wpa_s->new_connection) {
642 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
643 struct wpa_ssid *ssid = wpa_s->current_ssid;
644 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
645 MACSTR " completed %s [id=%d id_str=%s]",
646 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
647 "(reauth)" : "(auth)",
648 ssid ? ssid->id : -1,
649 ssid && ssid->id_str ? ssid->id_str : "");
650 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
651 wpas_clear_temp_disabled(wpa_s, ssid, 1);
652 wpa_s->new_connection = 0;
653 wpa_s->reassociated_connection = 1;
654 wpa_drv_set_operstate(wpa_s, 1);
655 #ifndef IEEE8021X_EAPOL
656 wpa_drv_set_supp_port(wpa_s, 1);
657 #endif /* IEEE8021X_EAPOL */
658 wpa_s->after_wps = 0;
660 wpas_p2p_completed(wpa_s);
661 #endif /* CONFIG_P2P */
663 sme_sched_obss_scan(wpa_s, 1);
664 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
665 state == WPA_ASSOCIATED) {
666 wpa_s->new_connection = 1;
667 wpa_drv_set_operstate(wpa_s, 0);
668 #ifndef IEEE8021X_EAPOL
669 wpa_drv_set_supp_port(wpa_s, 0);
670 #endif /* IEEE8021X_EAPOL */
671 sme_sched_obss_scan(wpa_s, 0);
673 wpa_s->wpa_state = state;
676 if (state == WPA_COMPLETED)
677 wpa_supplicant_start_bgscan(wpa_s);
679 wpa_supplicant_stop_bgscan(wpa_s);
680 #endif /* CONFIG_BGSCAN */
682 if (state == WPA_AUTHENTICATING)
683 wpa_supplicant_stop_autoscan(wpa_s);
685 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
686 wpa_supplicant_start_autoscan(wpa_s);
688 if (wpa_s->wpa_state != old_state) {
689 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
691 if (wpa_s->wpa_state == WPA_COMPLETED ||
692 old_state == WPA_COMPLETED)
693 wpas_notify_auth_changed(wpa_s);
698 void wpa_supplicant_terminate_proc(struct wpa_global *global)
702 struct wpa_supplicant *wpa_s = global->ifaces;
704 if (wpas_wps_terminate_pending(wpa_s) == 1)
708 #endif /* CONFIG_WPS */
715 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
717 struct wpa_global *global = signal_ctx;
718 wpa_supplicant_terminate_proc(global);
722 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
724 enum wpa_states old_state = wpa_s->wpa_state;
726 wpa_s->pairwise_cipher = 0;
727 wpa_s->group_cipher = 0;
728 wpa_s->mgmt_group_cipher = 0;
730 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
731 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
733 if (wpa_s->wpa_state != old_state)
734 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
739 * wpa_supplicant_reload_configuration - Reload configuration data
740 * @wpa_s: Pointer to wpa_supplicant data
741 * Returns: 0 on success or -1 if configuration parsing failed
743 * This function can be used to request that the configuration data is reloaded
744 * (e.g., after configuration file change). This function is reloading
745 * configuration only for one interface, so this may need to be called multiple
746 * times if %wpa_supplicant is controlling multiple interfaces and all
747 * interfaces need reconfiguration.
749 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
751 struct wpa_config *conf;
755 if (wpa_s->confname == NULL)
757 conf = wpa_config_read(wpa_s->confname);
759 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
760 "file '%s' - exiting", wpa_s->confname);
763 conf->changed_parameters = (unsigned int) -1;
765 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
766 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
767 os_strcmp(conf->ctrl_interface,
768 wpa_s->conf->ctrl_interface) != 0);
770 if (reconf_ctrl && wpa_s->ctrl_iface) {
771 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
772 wpa_s->ctrl_iface = NULL;
775 eapol_sm_invalidate_cached_session(wpa_s->eapol);
776 if (wpa_s->current_ssid) {
777 wpa_supplicant_deauthenticate(wpa_s,
778 WLAN_REASON_DEAUTH_LEAVING);
782 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
783 * pkcs11_engine_path, pkcs11_module_path.
785 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
787 * Clear forced success to clear EAP state for next
790 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
792 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
793 wpa_sm_set_config(wpa_s->wpa, NULL);
794 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
795 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
796 rsn_preauth_deinit(wpa_s->wpa);
798 old_ap_scan = wpa_s->conf->ap_scan;
799 wpa_config_free(wpa_s->conf);
801 if (old_ap_scan != wpa_s->conf->ap_scan)
802 wpas_notify_ap_scan_changed(wpa_s);
805 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
807 wpa_supplicant_update_config(wpa_s);
809 wpa_supplicant_clear_status(wpa_s);
810 if (wpa_supplicant_enabled_networks(wpa_s)) {
811 wpa_s->reassociate = 1;
812 wpa_supplicant_req_scan(wpa_s, 0, 0);
814 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
819 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
821 struct wpa_global *global = signal_ctx;
822 struct wpa_supplicant *wpa_s;
823 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
824 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
826 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
827 wpa_supplicant_terminate_proc(global);
833 enum wpa_cipher cipher_suite2driver(int cipher)
836 case WPA_CIPHER_NONE:
838 case WPA_CIPHER_WEP40:
840 case WPA_CIPHER_WEP104:
841 return CIPHER_WEP104;
842 case WPA_CIPHER_CCMP:
844 case WPA_CIPHER_TKIP:
851 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
854 case WPA_KEY_MGMT_NONE:
855 return KEY_MGMT_NONE;
856 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
857 return KEY_MGMT_802_1X_NO_WPA;
858 case WPA_KEY_MGMT_IEEE8021X:
859 return KEY_MGMT_802_1X;
860 case WPA_KEY_MGMT_WPA_NONE:
861 return KEY_MGMT_WPA_NONE;
862 case WPA_KEY_MGMT_FT_IEEE8021X:
863 return KEY_MGMT_FT_802_1X;
864 case WPA_KEY_MGMT_FT_PSK:
865 return KEY_MGMT_FT_PSK;
866 case WPA_KEY_MGMT_IEEE8021X_SHA256:
867 return KEY_MGMT_802_1X_SHA256;
868 case WPA_KEY_MGMT_PSK_SHA256:
869 return KEY_MGMT_PSK_SHA256;
870 case WPA_KEY_MGMT_WPS:
872 case WPA_KEY_MGMT_PSK:
879 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
880 struct wpa_ssid *ssid,
881 struct wpa_ie_data *ie)
883 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
886 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
887 "from association info");
892 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
894 if (!(ie->group_cipher & ssid->group_cipher)) {
895 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
896 "cipher 0x%x (mask 0x%x) - reject",
897 ie->group_cipher, ssid->group_cipher);
900 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
901 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
902 "cipher 0x%x (mask 0x%x) - reject",
903 ie->pairwise_cipher, ssid->pairwise_cipher);
906 if (!(ie->key_mgmt & ssid->key_mgmt)) {
907 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
908 "management 0x%x (mask 0x%x) - reject",
909 ie->key_mgmt, ssid->key_mgmt);
913 #ifdef CONFIG_IEEE80211W
914 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
915 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
916 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
917 "that does not support management frame protection - "
921 #endif /* CONFIG_IEEE80211W */
928 * wpa_supplicant_set_suites - Set authentication and encryption parameters
929 * @wpa_s: Pointer to wpa_supplicant data
930 * @bss: Scan results for the selected BSS, or %NULL if not available
931 * @ssid: Configuration data for the selected network
932 * @wpa_ie: Buffer for the WPA/RSN IE
933 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
934 * used buffer length in case the functions returns success.
935 * Returns: 0 on success or -1 on failure
937 * This function is used to configure authentication and encryption parameters
938 * based on the network configuration and scan result for the selected BSS (if
941 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
942 struct wpa_bss *bss, struct wpa_ssid *ssid,
943 u8 *wpa_ie, size_t *wpa_ie_len)
945 struct wpa_ie_data ie;
947 const u8 *bss_wpa, *bss_rsn;
950 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
951 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
953 bss_wpa = bss_rsn = NULL;
955 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
956 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
957 (ie.group_cipher & ssid->group_cipher) &&
958 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
959 (ie.key_mgmt & ssid->key_mgmt)) {
960 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
961 proto = WPA_PROTO_RSN;
962 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
963 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
964 (ie.group_cipher & ssid->group_cipher) &&
965 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
966 (ie.key_mgmt & ssid->key_mgmt)) {
967 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
968 proto = WPA_PROTO_WPA;
970 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
973 if (ssid->proto & WPA_PROTO_RSN)
974 proto = WPA_PROTO_RSN;
976 proto = WPA_PROTO_WPA;
977 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
978 os_memset(&ie, 0, sizeof(ie));
979 ie.group_cipher = ssid->group_cipher;
980 ie.pairwise_cipher = ssid->pairwise_cipher;
981 ie.key_mgmt = ssid->key_mgmt;
982 #ifdef CONFIG_IEEE80211W
983 ie.mgmt_group_cipher =
984 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
985 WPA_CIPHER_AES_128_CMAC : 0;
986 #endif /* CONFIG_IEEE80211W */
987 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
988 "based on configuration");
993 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
994 "pairwise %d key_mgmt %d proto %d",
995 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
996 #ifdef CONFIG_IEEE80211W
997 if (ssid->ieee80211w) {
998 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
999 ie.mgmt_group_cipher);
1001 #endif /* CONFIG_IEEE80211W */
1003 wpa_s->wpa_proto = proto;
1004 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1005 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1006 !!(ssid->proto & WPA_PROTO_RSN));
1008 if (bss || !wpa_s->ap_ies_from_associnfo) {
1009 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1010 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1011 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1012 bss_rsn ? 2 + bss_rsn[1] : 0))
1016 sel = ie.group_cipher & ssid->group_cipher;
1017 if (sel & WPA_CIPHER_CCMP) {
1018 wpa_s->group_cipher = WPA_CIPHER_CCMP;
1019 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
1020 } else if (sel & WPA_CIPHER_TKIP) {
1021 wpa_s->group_cipher = WPA_CIPHER_TKIP;
1022 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
1023 } else if (sel & WPA_CIPHER_WEP104) {
1024 wpa_s->group_cipher = WPA_CIPHER_WEP104;
1025 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
1026 } else if (sel & WPA_CIPHER_WEP40) {
1027 wpa_s->group_cipher = WPA_CIPHER_WEP40;
1028 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
1030 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1035 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1036 if (sel & WPA_CIPHER_CCMP) {
1037 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
1038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
1039 } else if (sel & WPA_CIPHER_TKIP) {
1040 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
1041 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
1042 } else if (sel & WPA_CIPHER_NONE) {
1043 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1044 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
1046 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1051 sel = ie.key_mgmt & ssid->key_mgmt;
1053 #ifdef CONFIG_IEEE80211R
1054 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1055 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1056 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1057 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1058 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1060 #endif /* CONFIG_IEEE80211R */
1061 #ifdef CONFIG_IEEE80211W
1062 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1063 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1064 wpa_dbg(wpa_s, MSG_DEBUG,
1065 "WPA: using KEY_MGMT 802.1X with SHA256");
1066 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1067 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1068 wpa_dbg(wpa_s, MSG_DEBUG,
1069 "WPA: using KEY_MGMT PSK with SHA256");
1070 #endif /* CONFIG_IEEE80211W */
1071 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1072 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1073 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1074 } else if (sel & WPA_KEY_MGMT_PSK) {
1075 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1076 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1077 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1078 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1079 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1081 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1082 "authenticated key management type");
1086 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1087 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1088 wpa_s->pairwise_cipher);
1089 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1091 #ifdef CONFIG_IEEE80211W
1092 sel = ie.mgmt_group_cipher;
1093 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
1094 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1096 if (sel & WPA_CIPHER_AES_128_CMAC) {
1097 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1098 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1101 wpa_s->mgmt_group_cipher = 0;
1102 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1104 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1105 wpa_s->mgmt_group_cipher);
1106 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
1107 #endif /* CONFIG_IEEE80211W */
1109 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1110 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1114 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1115 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1116 #ifndef CONFIG_NO_PBKDF2
1117 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1120 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1121 4096, psk, PMK_LEN);
1122 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1124 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1126 #endif /* CONFIG_NO_PBKDF2 */
1127 #ifdef CONFIG_EXT_PASSWORD
1128 if (ssid->ext_psk) {
1129 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1131 char pw_str[64 + 1];
1135 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1136 "found from external storage");
1140 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1141 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1142 "PSK length %d in external storage",
1143 (int) wpabuf_len(pw));
1144 ext_password_free(pw);
1148 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1149 pw_str[wpabuf_len(pw)] = '\0';
1151 #ifndef CONFIG_NO_PBKDF2
1152 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1154 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1155 4096, psk, PMK_LEN);
1156 os_memset(pw_str, 0, sizeof(pw_str));
1157 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1158 "external passphrase)",
1160 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1162 #endif /* CONFIG_NO_PBKDF2 */
1163 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1164 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1165 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1166 "Invalid PSK hex string");
1167 os_memset(pw_str, 0, sizeof(pw_str));
1168 ext_password_free(pw);
1171 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1173 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1175 os_memset(pw_str, 0, sizeof(pw_str));
1176 ext_password_free(pw);
1180 os_memset(pw_str, 0, sizeof(pw_str));
1181 ext_password_free(pw);
1183 #endif /* CONFIG_EXT_PASSWORD */
1185 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1192 * wpa_supplicant_associate - Request association
1193 * @wpa_s: Pointer to wpa_supplicant data
1194 * @bss: Scan results for the selected BSS, or %NULL if not available
1195 * @ssid: Configuration data for the selected network
1197 * This function is used to request %wpa_supplicant to associate with a BSS.
1199 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1200 struct wpa_bss *bss, struct wpa_ssid *ssid)
1204 int use_crypt, ret, i, bssid_changed;
1205 int algs = WPA_AUTH_ALG_OPEN;
1206 enum wpa_cipher cipher_pairwise, cipher_group;
1207 struct wpa_driver_associate_params params;
1208 int wep_keys_set = 0;
1209 struct wpa_driver_capa capa;
1210 int assoc_failed = 0;
1211 struct wpa_ssid *old_ssid;
1212 #ifdef CONFIG_HT_OVERRIDES
1213 struct ieee80211_ht_capabilities htcaps;
1214 struct ieee80211_ht_capabilities htcaps_mask;
1215 #endif /* CONFIG_HT_OVERRIDES */
1217 #ifdef CONFIG_IBSS_RSN
1218 ibss_rsn_deinit(wpa_s->ibss_rsn);
1219 wpa_s->ibss_rsn = NULL;
1220 #endif /* CONFIG_IBSS_RSN */
1222 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1223 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1225 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1226 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1230 wpa_supplicant_create_ap(wpa_s, ssid);
1231 wpa_s->current_bss = bss;
1232 #else /* CONFIG_AP */
1233 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1235 #endif /* CONFIG_AP */
1241 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1243 #endif /* CONFIG_TDLS */
1245 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1246 ssid->mode == IEEE80211_MODE_INFRA) {
1247 sme_authenticate(wpa_s, bss, ssid);
1251 os_memset(¶ms, 0, sizeof(params));
1252 wpa_s->reassociate = 0;
1253 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1254 #ifdef CONFIG_IEEE80211R
1255 const u8 *ie, *md = NULL;
1256 #endif /* CONFIG_IEEE80211R */
1257 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1258 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1259 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1260 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1261 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1262 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1264 wpas_notify_bssid_changed(wpa_s);
1265 #ifdef CONFIG_IEEE80211R
1266 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1267 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1269 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1271 /* Prepare for the next transition */
1272 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1274 #endif /* CONFIG_IEEE80211R */
1276 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1277 wpa_s->conf->ap_scan == 2 &&
1278 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1279 /* Use ap_scan==1 style network selection to find the network
1281 wpa_s->scan_req = 2;
1282 wpa_s->reassociate = 1;
1283 wpa_supplicant_req_scan(wpa_s, 0, 0);
1285 #endif /* CONFIG_WPS */
1287 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1288 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1289 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1291 wpa_supplicant_cancel_sched_scan(wpa_s);
1292 wpa_supplicant_cancel_scan(wpa_s);
1294 /* Starting new association, so clear the possibly used WPA IE from the
1295 * previous association. */
1296 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1298 #ifdef IEEE8021X_EAPOL
1299 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1301 if (ssid->non_leap == 0)
1302 algs = WPA_AUTH_ALG_LEAP;
1304 algs |= WPA_AUTH_ALG_LEAP;
1307 #endif /* IEEE8021X_EAPOL */
1308 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1309 if (ssid->auth_alg) {
1310 algs = ssid->auth_alg;
1311 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1315 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1316 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1317 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1318 int try_opportunistic;
1319 try_opportunistic = ssid->proactive_key_caching &&
1320 (ssid->proto & WPA_PROTO_RSN);
1321 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1322 wpa_s->current_ssid,
1323 try_opportunistic) == 0)
1324 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1325 wpa_ie_len = sizeof(wpa_ie);
1326 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1327 wpa_ie, &wpa_ie_len)) {
1328 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1329 "key management and encryption suites");
1332 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1333 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1335 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1336 * use non-WPA since the scan results did not indicate that the
1337 * AP is using WPA or WPA2.
1339 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1341 wpa_s->wpa_proto = 0;
1342 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1343 wpa_ie_len = sizeof(wpa_ie);
1344 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1345 wpa_ie, &wpa_ie_len)) {
1346 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1347 "key management and encryption suites (no "
1352 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1353 struct wpabuf *wps_ie;
1354 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1355 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1356 wpa_ie_len = wpabuf_len(wps_ie);
1357 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1360 wpabuf_free(wps_ie);
1361 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1362 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1363 params.wps = WPS_MODE_PRIVACY;
1365 params.wps = WPS_MODE_OPEN;
1366 wpa_s->wpa_proto = 0;
1367 #endif /* CONFIG_WPS */
1369 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1371 wpa_s->wpa_proto = 0;
1375 if (wpa_s->global->p2p) {
1379 pos = wpa_ie + wpa_ie_len;
1380 len = sizeof(wpa_ie) - wpa_ie_len;
1381 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1387 wpa_s->cross_connect_disallowed = 0;
1390 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1392 wpa_s->cross_connect_disallowed =
1393 p2p_get_cross_connect_disallowed(p2p);
1395 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1397 wpa_s->cross_connect_disallowed ?
1398 "disallows" : "allows");
1401 #endif /* CONFIG_P2P */
1404 if (wpa_s->conf->hs20) {
1405 struct wpabuf *hs20;
1406 hs20 = wpabuf_alloc(20);
1408 wpas_hs20_add_indication(hs20);
1409 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1411 wpa_ie_len += wpabuf_len(hs20);
1415 #endif /* CONFIG_HS20 */
1417 #ifdef CONFIG_INTERWORKING
1418 if (wpa_s->conf->interworking) {
1420 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1422 os_memmove(pos + 6, pos, wpa_ie_len - (pos - wpa_ie));
1424 *pos++ = WLAN_EID_EXT_CAPAB;
1429 *pos++ = 0x80; /* Bit 31 - Interworking */
1431 #endif /* CONFIG_INTERWORKING */
1433 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1435 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1436 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1437 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1438 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1439 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1441 if (wpa_set_wep_keys(wpa_s, ssid)) {
1446 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1449 #ifdef IEEE8021X_EAPOL
1450 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1451 if ((ssid->eapol_flags &
1452 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1453 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1457 /* Assume that dynamic WEP-104 keys will be used and
1458 * set cipher suites in order for drivers to expect
1460 cipher_pairwise = cipher_group = CIPHER_WEP104;
1463 #endif /* IEEE8021X_EAPOL */
1465 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1466 /* Set the key before (and later after) association */
1467 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1470 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1472 params.ssid = bss->ssid;
1473 params.ssid_len = bss->ssid_len;
1474 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1475 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1476 MACSTR " freq=%u MHz based on scan results "
1478 MAC2STR(bss->bssid), bss->freq,
1480 params.bssid = bss->bssid;
1481 params.freq = bss->freq;
1484 params.ssid = ssid->ssid;
1485 params.ssid_len = ssid->ssid_len;
1488 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1489 wpa_s->conf->ap_scan == 2) {
1490 params.bssid = ssid->bssid;
1491 params.fixed_bssid = 1;
1494 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1496 params.freq = ssid->frequency; /* Initial channel for IBSS */
1497 params.wpa_ie = wpa_ie;
1498 params.wpa_ie_len = wpa_ie_len;
1499 params.pairwise_suite = cipher_pairwise;
1500 params.group_suite = cipher_group;
1501 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1502 params.wpa_proto = wpa_s->wpa_proto;
1503 params.auth_alg = algs;
1504 params.mode = ssid->mode;
1505 params.bg_scan_period = ssid->bg_scan_period;
1506 for (i = 0; i < NUM_WEP_KEYS; i++) {
1507 if (ssid->wep_key_len[i])
1508 params.wep_key[i] = ssid->wep_key[i];
1509 params.wep_key_len[i] = ssid->wep_key_len[i];
1511 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1513 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1514 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1515 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1516 params.passphrase = ssid->passphrase;
1518 params.psk = ssid->psk;
1521 params.drop_unencrypted = use_crypt;
1523 #ifdef CONFIG_IEEE80211W
1524 params.mgmt_frame_protection = ssid->ieee80211w;
1525 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1526 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1527 struct wpa_ie_data ie;
1528 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1530 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1531 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1532 "MFP: require MFP");
1533 params.mgmt_frame_protection =
1534 MGMT_FRAME_PROTECTION_REQUIRED;
1537 #endif /* CONFIG_IEEE80211W */
1539 params.p2p = ssid->p2p_group;
1541 if (wpa_s->parent->set_sta_uapsd)
1542 params.uapsd = wpa_s->parent->sta_uapsd;
1546 #ifdef CONFIG_HT_OVERRIDES
1547 os_memset(&htcaps, 0, sizeof(htcaps));
1548 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1549 params.htcaps = (u8 *) &htcaps;
1550 params.htcaps_mask = (u8 *) &htcaps_mask;
1551 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1552 #endif /* CONFIG_HT_OVERRIDES */
1554 ret = wpa_drv_associate(wpa_s, ¶ms);
1556 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1558 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1560 * The driver is known to mean what is saying, so we
1561 * can stop right here; the association will not
1564 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1565 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1566 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1569 /* try to continue anyway; new association will be tried again
1574 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1575 /* Set the key after the association just in case association
1576 * cleared the previously configured key. */
1577 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1578 /* No need to timeout authentication since there is no key
1580 wpa_supplicant_cancel_auth_timeout(wpa_s);
1581 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1582 #ifdef CONFIG_IBSS_RSN
1583 } else if (ssid->mode == WPAS_MODE_IBSS &&
1584 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1585 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1587 * RSN IBSS authentication is per-STA and we can disable the
1588 * per-BSSID authentication.
1590 wpa_supplicant_cancel_auth_timeout(wpa_s);
1591 #endif /* CONFIG_IBSS_RSN */
1593 /* Timeout for IEEE 802.11 authentication and association */
1597 /* give IBSS a bit more time */
1598 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1599 } else if (wpa_s->conf->ap_scan == 1) {
1600 /* give IBSS a bit more time */
1601 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1603 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1606 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1607 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1608 /* Set static WEP keys again */
1609 wpa_set_wep_keys(wpa_s, ssid);
1612 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1614 * Do not allow EAP session resumption between different
1615 * network configurations.
1617 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1619 old_ssid = wpa_s->current_ssid;
1620 wpa_s->current_ssid = ssid;
1621 wpa_s->current_bss = bss;
1622 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1623 wpa_supplicant_initiate_eapol(wpa_s);
1624 if (old_ssid != wpa_s->current_ssid)
1625 wpas_notify_network_changed(wpa_s);
1629 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1632 struct wpa_ssid *old_ssid;
1634 wpa_clear_keys(wpa_s, addr);
1635 wpa_supplicant_mark_disassoc(wpa_s);
1636 old_ssid = wpa_s->current_ssid;
1637 wpa_s->current_ssid = NULL;
1638 wpa_s->current_bss = NULL;
1639 wpa_sm_set_config(wpa_s->wpa, NULL);
1640 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1641 if (old_ssid != wpa_s->current_ssid)
1642 wpas_notify_network_changed(wpa_s);
1643 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1648 * wpa_supplicant_disassociate - Disassociate the current connection
1649 * @wpa_s: Pointer to wpa_supplicant data
1650 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1652 * This function is used to request %wpa_supplicant to disassociate with the
1655 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1659 union wpa_event_data event;
1661 if (!is_zero_ether_addr(wpa_s->bssid)) {
1662 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1663 addr = wpa_s->bssid;
1664 os_memset(&event, 0, sizeof(event));
1665 event.disassoc_info.reason_code = (u16) reason_code;
1666 event.disassoc_info.locally_generated = 1;
1667 wpa_supplicant_event(wpa_s, EVENT_DISASSOC, &event);
1670 wpa_supplicant_clear_connection(wpa_s, addr);
1675 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1676 * @wpa_s: Pointer to wpa_supplicant data
1677 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1679 * This function is used to request %wpa_supplicant to deauthenticate from the
1682 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1686 union wpa_event_data event;
1688 if (!is_zero_ether_addr(wpa_s->bssid)) {
1689 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
1690 addr = wpa_s->bssid;
1691 os_memset(&event, 0, sizeof(event));
1692 event.deauth_info.reason_code = (u16) reason_code;
1693 event.deauth_info.locally_generated = 1;
1694 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1697 wpa_supplicant_clear_connection(wpa_s, addr);
1702 * wpa_supplicant_enable_network - Mark a configured network as enabled
1703 * @wpa_s: wpa_supplicant structure for a network interface
1704 * @ssid: wpa_ssid structure for a configured network or %NULL
1706 * Enables the specified network or all networks if no network specified.
1708 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1709 struct wpa_ssid *ssid)
1711 struct wpa_ssid *other_ssid;
1715 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1716 other_ssid = other_ssid->next) {
1717 if (other_ssid->disabled == 2)
1718 continue; /* do not change persistent P2P group
1720 if (other_ssid == wpa_s->current_ssid &&
1721 other_ssid->disabled)
1722 wpa_s->reassociate = 1;
1724 was_disabled = other_ssid->disabled;
1726 other_ssid->disabled = 0;
1728 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1730 if (was_disabled != other_ssid->disabled)
1731 wpas_notify_network_enabled_changed(
1734 if (wpa_s->reassociate)
1735 wpa_supplicant_req_scan(wpa_s, 0, 0);
1736 } else if (ssid->disabled && ssid->disabled != 2) {
1737 if (wpa_s->current_ssid == NULL) {
1739 * Try to reassociate since there is no current
1740 * configuration and a new network was made available.
1742 wpa_s->reassociate = 1;
1743 wpa_supplicant_req_scan(wpa_s, 0, 0);
1746 was_disabled = ssid->disabled;
1749 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1751 if (was_disabled != ssid->disabled)
1752 wpas_notify_network_enabled_changed(wpa_s, ssid);
1758 * wpa_supplicant_disable_network - Mark a configured network as disabled
1759 * @wpa_s: wpa_supplicant structure for a network interface
1760 * @ssid: wpa_ssid structure for a configured network or %NULL
1762 * Disables the specified network or all networks if no network specified.
1764 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1765 struct wpa_ssid *ssid)
1767 struct wpa_ssid *other_ssid;
1771 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1772 other_ssid = other_ssid->next) {
1773 was_disabled = other_ssid->disabled;
1774 if (was_disabled == 2)
1775 continue; /* do not change persistent P2P group
1778 other_ssid->disabled = 1;
1780 if (was_disabled != other_ssid->disabled)
1781 wpas_notify_network_enabled_changed(
1784 if (wpa_s->current_ssid)
1785 wpa_supplicant_disassociate(
1786 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1787 } else if (ssid->disabled != 2) {
1788 if (ssid == wpa_s->current_ssid)
1789 wpa_supplicant_disassociate(
1790 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1792 was_disabled = ssid->disabled;
1796 if (was_disabled != ssid->disabled)
1797 wpas_notify_network_enabled_changed(wpa_s, ssid);
1803 * wpa_supplicant_select_network - Attempt association with a network
1804 * @wpa_s: wpa_supplicant structure for a network interface
1805 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1807 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1808 struct wpa_ssid *ssid)
1811 struct wpa_ssid *other_ssid;
1812 int disconnected = 0;
1814 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
1815 wpa_supplicant_disassociate(
1816 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1821 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1824 * Mark all other networks disabled or mark all networks enabled if no
1825 * network specified.
1827 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1828 other_ssid = other_ssid->next) {
1829 int was_disabled = other_ssid->disabled;
1830 if (was_disabled == 2)
1831 continue; /* do not change persistent P2P group data */
1833 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1834 if (was_disabled && !other_ssid->disabled)
1835 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1837 if (was_disabled != other_ssid->disabled)
1838 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1841 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1842 /* We are already associated with the selected network */
1843 wpa_printf(MSG_DEBUG, "Already associated with the "
1844 "selected network - do nothing");
1849 wpa_s->current_ssid = ssid;
1850 wpa_s->connect_without_scan = NULL;
1851 wpa_s->disconnected = 0;
1852 wpa_s->reassociate = 1;
1853 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
1856 wpas_notify_network_selected(wpa_s, ssid);
1861 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1862 * @wpa_s: wpa_supplicant structure for a network interface
1863 * @ap_scan: AP scan mode
1864 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1867 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1872 if (ap_scan < 0 || ap_scan > 2)
1876 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1877 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1878 wpa_s->wpa_state < WPA_COMPLETED) {
1879 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1880 "associating", wpa_s->conf->ap_scan, ap_scan);
1883 #endif /* ANDROID */
1885 old_ap_scan = wpa_s->conf->ap_scan;
1886 wpa_s->conf->ap_scan = ap_scan;
1888 if (old_ap_scan != wpa_s->conf->ap_scan)
1889 wpas_notify_ap_scan_changed(wpa_s);
1896 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1897 * @wpa_s: wpa_supplicant structure for a network interface
1898 * @expire_age: Expiration age in seconds
1899 * Returns: 0 if succeed or -1 if expire_age has an invalid value
1902 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1903 unsigned int bss_expire_age)
1905 if (bss_expire_age < 10) {
1906 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1910 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1912 wpa_s->conf->bss_expiration_age = bss_expire_age;
1919 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1920 * @wpa_s: wpa_supplicant structure for a network interface
1921 * @expire_count: number of scans after which an unseen BSS is reclaimed
1922 * Returns: 0 if succeed or -1 if expire_count has an invalid value
1925 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1926 unsigned int bss_expire_count)
1928 if (bss_expire_count < 1) {
1929 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1933 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
1935 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
1942 * wpa_supplicant_set_scan_interval - Set scan interval
1943 * @wpa_s: wpa_supplicant structure for a network interface
1944 * @scan_interval: scan interval in seconds
1945 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
1948 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
1951 if (scan_interval < 0) {
1952 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
1956 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
1958 wpa_s->scan_interval = scan_interval;
1965 * wpa_supplicant_set_debug_params - Set global debug params
1966 * @global: wpa_global structure
1967 * @debug_level: debug level
1968 * @debug_timestamp: determines if show timestamp in debug data
1969 * @debug_show_keys: determines if show keys in debug data
1970 * Returns: 0 if succeed or -1 if debug_level has wrong value
1972 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1973 int debug_timestamp, int debug_show_keys)
1976 int old_level, old_timestamp, old_show_keys;
1978 /* check for allowed debuglevels */
1979 if (debug_level != MSG_EXCESSIVE &&
1980 debug_level != MSG_MSGDUMP &&
1981 debug_level != MSG_DEBUG &&
1982 debug_level != MSG_INFO &&
1983 debug_level != MSG_WARNING &&
1984 debug_level != MSG_ERROR)
1987 old_level = wpa_debug_level;
1988 old_timestamp = wpa_debug_timestamp;
1989 old_show_keys = wpa_debug_show_keys;
1991 wpa_debug_level = debug_level;
1992 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1993 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1995 if (wpa_debug_level != old_level)
1996 wpas_notify_debug_level_changed(global);
1997 if (wpa_debug_timestamp != old_timestamp)
1998 wpas_notify_debug_timestamp_changed(global);
1999 if (wpa_debug_show_keys != old_show_keys)
2000 wpas_notify_debug_show_keys_changed(global);
2007 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2008 * @wpa_s: Pointer to wpa_supplicant data
2009 * Returns: A pointer to the current network structure or %NULL on failure
2011 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2013 struct wpa_ssid *entry;
2014 u8 ssid[MAX_SSID_LEN];
2020 res = wpa_drv_get_ssid(wpa_s, ssid);
2022 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2028 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2029 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2034 wired = wpa_s->conf->ap_scan == 0 &&
2035 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2037 entry = wpa_s->conf->ssid;
2039 if (!wpas_network_disabled(wpa_s, entry) &&
2040 ((ssid_len == entry->ssid_len &&
2041 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2042 (!entry->bssid_set ||
2043 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2046 if (!wpas_network_disabled(wpa_s, entry) &&
2047 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2048 (entry->ssid == NULL || entry->ssid_len == 0) &&
2049 (!entry->bssid_set ||
2050 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2052 #endif /* CONFIG_WPS */
2054 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2055 entry->ssid_len == 0 &&
2056 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2059 entry = entry->next;
2066 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2068 struct wpa_global *global = wpa_s->global;
2070 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2071 global->drv_priv[i] = wpa_drivers[i]->global_init();
2072 if (global->drv_priv[i] == NULL) {
2073 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2074 "'%s'", wpa_drivers[i]->name);
2079 wpa_s->driver = wpa_drivers[i];
2080 wpa_s->global_drv_priv = global->drv_priv[i];
2086 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2091 const char *pos, *driver = name;
2096 if (wpa_drivers[0] == NULL) {
2097 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2103 /* default to first driver in the list */
2104 return select_driver(wpa_s, 0);
2108 pos = os_strchr(driver, ',');
2112 len = os_strlen(driver);
2114 for (i = 0; wpa_drivers[i]; i++) {
2115 if (os_strlen(wpa_drivers[i]->name) == len &&
2116 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2118 /* First driver that succeeds wins */
2119 if (select_driver(wpa_s, i) == 0)
2127 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2133 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2134 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2135 * with struct wpa_driver_ops::init()
2136 * @src_addr: Source address of the EAPOL frame
2137 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2138 * @len: Length of the EAPOL data
2140 * This function is called for each received EAPOL frame. Most driver
2141 * interfaces rely on more generic OS mechanism for receiving frames through
2142 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2143 * take care of received EAPOL frames and deliver them to the core supplicant
2144 * code by calling this function.
2146 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2147 const u8 *buf, size_t len)
2149 struct wpa_supplicant *wpa_s = ctx;
2151 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2152 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2154 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
2156 * There is possible race condition between receiving the
2157 * association event and the EAPOL frame since they are coming
2158 * through different paths from the driver. In order to avoid
2159 * issues in trying to process the EAPOL frame before receiving
2160 * association information, lets queue it for processing until
2161 * the association event is received.
2163 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2164 "of received EAPOL frame");
2165 wpabuf_free(wpa_s->pending_eapol_rx);
2166 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2167 if (wpa_s->pending_eapol_rx) {
2168 os_get_time(&wpa_s->pending_eapol_rx_time);
2169 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2176 if (wpa_s->ap_iface) {
2177 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2180 #endif /* CONFIG_AP */
2182 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2183 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2184 "no key management is configured");
2188 if (wpa_s->eapol_received == 0 &&
2189 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2190 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2191 wpa_s->wpa_state != WPA_COMPLETED) &&
2192 (wpa_s->current_ssid == NULL ||
2193 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2194 /* Timeout for completing IEEE 802.1X and WPA authentication */
2195 wpa_supplicant_req_auth_timeout(
2197 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2198 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2199 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2202 wpa_s->eapol_received++;
2204 if (wpa_s->countermeasures) {
2205 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2210 #ifdef CONFIG_IBSS_RSN
2211 if (wpa_s->current_ssid &&
2212 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2213 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2216 #endif /* CONFIG_IBSS_RSN */
2218 /* Source address of the incoming EAPOL frame could be compared to the
2219 * current BSSID. However, it is possible that a centralized
2220 * Authenticator could be using another MAC address than the BSSID of
2221 * an AP, so just allow any address to be used for now. The replies are
2222 * still sent to the current BSSID (if available), though. */
2224 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2225 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2226 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2228 wpa_drv_poll(wpa_s);
2229 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2230 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2231 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2233 * Set portValid = TRUE here since we are going to skip 4-way
2234 * handshake processing which would normally set portValid. We
2235 * need this to allow the EAPOL state machines to be completed
2236 * without going through EAPOL-Key handshake.
2238 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2243 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2245 if (wpa_s->driver->send_eapol) {
2246 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2248 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2249 } else if (!(wpa_s->drv_flags &
2250 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2251 l2_packet_deinit(wpa_s->l2);
2252 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2253 wpa_drv_get_mac_addr(wpa_s),
2255 wpa_supplicant_rx_eapol, wpa_s, 0);
2256 if (wpa_s->l2 == NULL)
2259 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2261 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2264 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2265 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2269 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2270 MAC2STR(wpa_s->own_addr));
2271 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2277 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2278 const u8 *buf, size_t len)
2280 struct wpa_supplicant *wpa_s = ctx;
2281 const struct l2_ethhdr *eth;
2283 if (len < sizeof(*eth))
2285 eth = (const struct l2_ethhdr *) buf;
2287 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2288 !(eth->h_dest[0] & 0x01)) {
2289 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2290 " (bridge - not for this interface - ignore)",
2291 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2295 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2296 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2297 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2298 len - sizeof(*eth));
2303 * wpa_supplicant_driver_init - Initialize driver interface parameters
2304 * @wpa_s: Pointer to wpa_supplicant data
2305 * Returns: 0 on success, -1 on failure
2307 * This function is called to initialize driver interface parameters.
2308 * wpa_drv_init() must have been called before this function to initialize the
2311 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2313 static int interface_count = 0;
2315 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2318 if (wpa_s->bridge_ifname[0]) {
2319 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2320 "interface '%s'", wpa_s->bridge_ifname);
2321 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2324 wpa_supplicant_rx_eapol_bridge,
2326 if (wpa_s->l2_br == NULL) {
2327 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2328 "connection for the bridge interface '%s'",
2329 wpa_s->bridge_ifname);
2334 wpa_clear_keys(wpa_s, NULL);
2336 /* Make sure that TKIP countermeasures are not left enabled (could
2337 * happen if wpa_supplicant is killed during countermeasures. */
2338 wpa_drv_set_countermeasures(wpa_s, 0);
2340 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2341 wpa_drv_flush_pmkid(wpa_s);
2343 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2344 wpa_s->prev_scan_wildcard = 0;
2346 if (wpa_supplicant_enabled_networks(wpa_s)) {
2347 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2349 wpa_supplicant_req_scan(wpa_s, interface_count,
2353 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2359 static int wpa_supplicant_daemon(const char *pid_file)
2361 wpa_printf(MSG_DEBUG, "Daemonize..");
2362 return os_daemonize(pid_file);
2366 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2368 struct wpa_supplicant *wpa_s;
2370 wpa_s = os_zalloc(sizeof(*wpa_s));
2373 wpa_s->scan_req = 1;
2374 wpa_s->scan_interval = 5;
2375 wpa_s->new_connection = 1;
2376 wpa_s->parent = wpa_s;
2377 wpa_s->sched_scanning = 0;
2383 #ifdef CONFIG_HT_OVERRIDES
2385 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2386 struct ieee80211_ht_capabilities *htcaps,
2387 struct ieee80211_ht_capabilities *htcaps_mask,
2390 /* parse ht_mcs into hex array */
2392 const char *tmp = ht_mcs;
2395 /* If ht_mcs is null, do not set anything */
2399 /* This is what we are setting in the kernel */
2400 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2402 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2404 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2406 long v = strtol(tmp, &end, 16);
2408 wpa_msg(wpa_s, MSG_DEBUG,
2409 "htcap value[%i]: %ld end: %p tmp: %p",
2414 htcaps->supported_mcs_set[i] = v;
2417 wpa_msg(wpa_s, MSG_ERROR,
2418 "Failed to parse ht-mcs: %s, error: %s\n",
2419 ht_mcs, strerror(errno));
2425 * If we were able to parse any values, then set mask for the MCS set.
2428 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2429 IEEE80211_HT_MCS_MASK_LEN - 1);
2430 /* skip the 3 reserved bits */
2431 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2439 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2440 struct ieee80211_ht_capabilities *htcaps,
2441 struct ieee80211_ht_capabilities *htcaps_mask,
2446 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2451 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2452 htcaps_mask->ht_capabilities_info |= msk;
2454 htcaps->ht_capabilities_info &= msk;
2456 htcaps->ht_capabilities_info |= msk;
2462 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2463 struct ieee80211_ht_capabilities *htcaps,
2464 struct ieee80211_ht_capabilities *htcaps_mask,
2467 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2472 if (factor < 0 || factor > 3) {
2473 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2474 "Must be 0-3 or -1", factor);
2478 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2479 htcaps->a_mpdu_params &= ~0x3;
2480 htcaps->a_mpdu_params |= factor & 0x3;
2486 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2487 struct ieee80211_ht_capabilities *htcaps,
2488 struct ieee80211_ht_capabilities *htcaps_mask,
2491 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2496 if (density < 0 || density > 7) {
2497 wpa_msg(wpa_s, MSG_ERROR,
2498 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2503 htcaps_mask->a_mpdu_params |= 0x1C;
2504 htcaps->a_mpdu_params &= ~(0x1C);
2505 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2511 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2512 struct ieee80211_ht_capabilities *htcaps,
2513 struct ieee80211_ht_capabilities *htcaps_mask,
2516 /* Masking these out disables HT40 */
2517 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2518 HT_CAP_INFO_SHORT_GI40MHZ);
2520 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2523 htcaps->ht_capabilities_info &= ~msk;
2525 htcaps->ht_capabilities_info |= msk;
2527 htcaps_mask->ht_capabilities_info |= msk;
2533 void wpa_supplicant_apply_ht_overrides(
2534 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2535 struct wpa_driver_associate_params *params)
2537 struct ieee80211_ht_capabilities *htcaps;
2538 struct ieee80211_ht_capabilities *htcaps_mask;
2543 params->disable_ht = ssid->disable_ht;
2544 if (!params->htcaps || !params->htcaps_mask)
2547 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2548 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2549 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2550 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2551 ssid->disable_max_amsdu);
2552 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2553 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2554 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2557 #endif /* CONFIG_HT_OVERRIDES */
2560 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2565 if (!wpa_s->conf->pcsc_reader)
2568 wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader);
2572 if (wpa_s->conf->pcsc_pin &&
2573 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2574 scard_deinit(wpa_s->scard);
2575 wpa_s->scard = NULL;
2576 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2580 len = sizeof(wpa_s->imsi) - 1;
2581 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2582 scard_deinit(wpa_s->scard);
2583 wpa_s->scard = NULL;
2584 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2587 wpa_s->imsi[len] = '\0';
2589 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2591 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2592 wpa_s->imsi, wpa_s->mnc_len);
2594 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2595 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2596 #endif /* PCSC_FUNCS */
2602 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2606 ext_password_deinit(wpa_s->ext_pw);
2607 wpa_s->ext_pw = NULL;
2608 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2610 if (!wpa_s->conf->ext_password_backend)
2613 val = os_strdup(wpa_s->conf->ext_password_backend);
2616 pos = os_strchr(val, ':');
2620 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2622 wpa_s->ext_pw = ext_password_init(val, pos);
2624 if (wpa_s->ext_pw == NULL) {
2625 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2628 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2634 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2635 struct wpa_interface *iface)
2637 const char *ifname, *driver;
2638 struct wpa_driver_capa capa;
2640 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2641 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2642 iface->confname ? iface->confname : "N/A",
2643 iface->driver ? iface->driver : "default",
2644 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2645 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2647 if (iface->confname) {
2648 #ifdef CONFIG_BACKEND_FILE
2649 wpa_s->confname = os_rel2abs_path(iface->confname);
2650 if (wpa_s->confname == NULL) {
2651 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2652 "for configuration file '%s'.",
2656 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2657 iface->confname, wpa_s->confname);
2658 #else /* CONFIG_BACKEND_FILE */
2659 wpa_s->confname = os_strdup(iface->confname);
2660 #endif /* CONFIG_BACKEND_FILE */
2661 wpa_s->conf = wpa_config_read(wpa_s->confname);
2662 if (wpa_s->conf == NULL) {
2663 wpa_printf(MSG_ERROR, "Failed to read or parse "
2664 "configuration '%s'.", wpa_s->confname);
2669 * Override ctrl_interface and driver_param if set on command
2672 if (iface->ctrl_interface) {
2673 os_free(wpa_s->conf->ctrl_interface);
2674 wpa_s->conf->ctrl_interface =
2675 os_strdup(iface->ctrl_interface);
2678 if (iface->driver_param) {
2679 os_free(wpa_s->conf->driver_param);
2680 wpa_s->conf->driver_param =
2681 os_strdup(iface->driver_param);
2684 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2685 iface->driver_param);
2687 if (wpa_s->conf == NULL) {
2688 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2692 if (iface->ifname == NULL) {
2693 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2696 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2697 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2701 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2703 if (iface->bridge_ifname) {
2704 if (os_strlen(iface->bridge_ifname) >=
2705 sizeof(wpa_s->bridge_ifname)) {
2706 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2707 "name '%s'.", iface->bridge_ifname);
2710 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2711 sizeof(wpa_s->bridge_ifname));
2714 /* RSNA Supplicant Key Management - INITIALIZE */
2715 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2716 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2718 /* Initialize driver interface and register driver event handler before
2719 * L2 receive handler so that association events are processed before
2720 * EAPOL-Key packets if both become available for the same select()
2722 driver = iface->driver;
2724 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2727 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2728 if (wpa_s->drv_priv == NULL) {
2730 pos = driver ? os_strchr(driver, ',') : NULL;
2732 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2733 "driver interface - try next driver wrapper");
2737 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2741 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2742 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2743 "driver_param '%s'", wpa_s->conf->driver_param);
2747 ifname = wpa_drv_get_ifname(wpa_s);
2748 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2749 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2750 "interface name with '%s'", ifname);
2751 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2754 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2757 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2758 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2760 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2762 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2763 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2764 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2765 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2766 "dot11RSNAConfigPMKLifetime");
2770 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2771 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2772 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2773 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2774 "dot11RSNAConfigPMKReauthThreshold");
2778 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2779 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2780 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2781 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2782 "dot11RSNAConfigSATimeout");
2786 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2787 &wpa_s->hw.num_modes,
2790 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2791 wpa_s->drv_capa_known = 1;
2792 wpa_s->drv_flags = capa.flags;
2793 wpa_s->drv_enc = capa.enc;
2794 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
2795 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2796 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2797 wpa_s->sched_scan_supported = capa.sched_scan_supported;
2798 wpa_s->max_match_sets = capa.max_match_sets;
2799 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2800 wpa_s->max_stations = capa.max_stations;
2802 if (wpa_s->max_remain_on_chan == 0)
2803 wpa_s->max_remain_on_chan = 1000;
2805 if (wpa_supplicant_driver_init(wpa_s) < 0)
2809 if (wpa_tdls_init(wpa_s->wpa))
2811 #endif /* CONFIG_TDLS */
2813 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2814 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2815 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2819 if (wpas_wps_init(wpa_s))
2822 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2824 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2826 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2827 if (wpa_s->ctrl_iface == NULL) {
2828 wpa_printf(MSG_ERROR,
2829 "Failed to initialize control interface '%s'.\n"
2830 "You may have another wpa_supplicant process "
2831 "already running or the file was\n"
2832 "left by an unclean termination of wpa_supplicant "
2833 "in which case you will need\n"
2834 "to manually remove this file before starting "
2835 "wpa_supplicant again.\n",
2836 wpa_s->conf->ctrl_interface);
2840 wpa_s->gas = gas_query_init(wpa_s);
2841 if (wpa_s->gas == NULL) {
2842 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
2847 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2848 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2851 #endif /* CONFIG_P2P */
2853 if (wpa_bss_init(wpa_s) < 0)
2856 if (pcsc_reader_init(wpa_s) < 0)
2859 if (wpas_init_ext_pw(wpa_s) < 0)
2866 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2867 int notify, int terminate)
2869 if (wpa_s->drv_priv) {
2870 wpa_supplicant_deauthenticate(wpa_s,
2871 WLAN_REASON_DEAUTH_LEAVING);
2873 wpa_drv_set_countermeasures(wpa_s, 0);
2874 wpa_clear_keys(wpa_s, NULL);
2877 wpa_supplicant_cleanup(wpa_s);
2880 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
2881 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
2882 "the management interface is being removed");
2883 wpas_p2p_deinit_global(wpa_s->global);
2885 #endif /* CONFIG_P2P */
2887 if (wpa_s->drv_priv)
2888 wpa_drv_deinit(wpa_s);
2891 wpas_notify_iface_removed(wpa_s);
2894 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
2896 if (wpa_s->ctrl_iface) {
2897 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
2898 wpa_s->ctrl_iface = NULL;
2901 if (wpa_s->conf != NULL) {
2902 wpa_config_free(wpa_s->conf);
2909 * wpa_supplicant_add_iface - Add a new network interface
2910 * @global: Pointer to global data from wpa_supplicant_init()
2911 * @iface: Interface configuration options
2912 * Returns: Pointer to the created interface or %NULL on failure
2914 * This function is used to add new network interfaces for %wpa_supplicant.
2915 * This can be called before wpa_supplicant_run() to add interfaces before the
2916 * main event loop has been started. In addition, new interfaces can be added
2917 * dynamically while %wpa_supplicant is already running. This could happen,
2918 * e.g., when a hotplug network adapter is inserted.
2920 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2921 struct wpa_interface *iface)
2923 struct wpa_supplicant *wpa_s;
2924 struct wpa_interface t_iface;
2925 struct wpa_ssid *ssid;
2927 if (global == NULL || iface == NULL)
2930 wpa_s = wpa_supplicant_alloc();
2934 wpa_s->global = global;
2937 if (global->params.override_driver) {
2938 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2940 iface->driver, global->params.override_driver);
2941 t_iface.driver = global->params.override_driver;
2943 if (global->params.override_ctrl_interface) {
2944 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2945 "ctrl_interface ('%s' -> '%s')",
2946 iface->ctrl_interface,
2947 global->params.override_ctrl_interface);
2948 t_iface.ctrl_interface =
2949 global->params.override_ctrl_interface;
2951 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2952 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2954 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
2959 /* Notify the control interfaces about new iface */
2960 if (wpas_notify_iface_added(wpa_s)) {
2961 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
2966 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2967 wpas_notify_network_added(wpa_s, ssid);
2969 wpa_s->next = global->ifaces;
2970 global->ifaces = wpa_s;
2972 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2973 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2980 * wpa_supplicant_remove_iface - Remove a network interface
2981 * @global: Pointer to global data from wpa_supplicant_init()
2982 * @wpa_s: Pointer to the network interface to be removed
2983 * Returns: 0 if interface was removed, -1 if interface was not found
2985 * This function can be used to dynamically remove network interfaces from
2986 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2987 * addition, this function is used to remove all remaining interfaces when
2988 * %wpa_supplicant is terminated.
2990 int wpa_supplicant_remove_iface(struct wpa_global *global,
2991 struct wpa_supplicant *wpa_s,
2994 struct wpa_supplicant *prev;
2996 /* Remove interface from the global list of interfaces */
2997 prev = global->ifaces;
2998 if (prev == wpa_s) {
2999 global->ifaces = wpa_s->next;
3001 while (prev && prev->next != wpa_s)
3005 prev->next = wpa_s->next;
3008 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3010 if (global->p2p_group_formation == wpa_s)
3011 global->p2p_group_formation = NULL;
3012 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3020 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3021 * @wpa_s: Pointer to the network interface
3022 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3024 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3026 const char *eapol_method;
3028 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3029 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3033 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3034 if (eapol_method == NULL)
3035 return "UNKNOWN-EAP";
3037 return eapol_method;
3042 * wpa_supplicant_get_iface - Get a new network interface
3043 * @global: Pointer to global data from wpa_supplicant_init()
3044 * @ifname: Interface name
3045 * Returns: Pointer to the interface or %NULL if not found
3047 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3050 struct wpa_supplicant *wpa_s;
3052 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3053 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3060 #ifndef CONFIG_NO_WPA_MSG
3061 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3063 struct wpa_supplicant *wpa_s = ctx;
3066 return wpa_s->ifname;
3068 #endif /* CONFIG_NO_WPA_MSG */
3072 * wpa_supplicant_init - Initialize %wpa_supplicant
3073 * @params: Parameters for %wpa_supplicant
3074 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3076 * This function is used to initialize %wpa_supplicant. After successful
3077 * initialization, the returned data pointer can be used to add and remove
3078 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3080 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3082 struct wpa_global *global;
3088 #ifdef CONFIG_DRIVER_NDIS
3090 void driver_ndis_init_ops(void);
3091 driver_ndis_init_ops();
3093 #endif /* CONFIG_DRIVER_NDIS */
3095 #ifndef CONFIG_NO_WPA_MSG
3096 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3097 #endif /* CONFIG_NO_WPA_MSG */
3099 wpa_debug_open_file(params->wpa_debug_file_path);
3100 if (params->wpa_debug_syslog)
3101 wpa_debug_open_syslog();
3102 if (params->wpa_debug_tracing) {
3103 ret = wpa_debug_open_linux_tracing();
3105 wpa_printf(MSG_ERROR,
3106 "Failed to enable trace logging");
3111 ret = eap_register_methods();
3113 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3115 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3116 "the same EAP type.");
3120 global = os_zalloc(sizeof(*global));
3123 dl_list_init(&global->p2p_srv_bonjour);
3124 dl_list_init(&global->p2p_srv_upnp);
3125 global->params.daemonize = params->daemonize;
3126 global->params.wait_for_monitor = params->wait_for_monitor;
3127 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3128 if (params->pid_file)
3129 global->params.pid_file = os_strdup(params->pid_file);
3130 if (params->ctrl_interface)
3131 global->params.ctrl_interface =
3132 os_strdup(params->ctrl_interface);
3133 if (params->override_driver)
3134 global->params.override_driver =
3135 os_strdup(params->override_driver);
3136 if (params->override_ctrl_interface)
3137 global->params.override_ctrl_interface =
3138 os_strdup(params->override_ctrl_interface);
3139 wpa_debug_level = global->params.wpa_debug_level =
3140 params->wpa_debug_level;
3141 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3142 params->wpa_debug_show_keys;
3143 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3144 params->wpa_debug_timestamp;
3146 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3149 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3150 wpa_supplicant_deinit(global);
3154 random_init(params->entropy_file);
3156 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3157 if (global->ctrl_iface == NULL) {
3158 wpa_supplicant_deinit(global);
3162 if (wpas_notify_supplicant_initialized(global)) {
3163 wpa_supplicant_deinit(global);
3167 for (i = 0; wpa_drivers[i]; i++)
3168 global->drv_count++;
3169 if (global->drv_count == 0) {
3170 wpa_printf(MSG_ERROR, "No drivers enabled");
3171 wpa_supplicant_deinit(global);
3174 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3175 if (global->drv_priv == NULL) {
3176 wpa_supplicant_deinit(global);
3185 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3186 * @global: Pointer to global data from wpa_supplicant_init()
3187 * Returns: 0 after successful event loop run, -1 on failure
3189 * This function starts the main event loop and continues running as long as
3190 * there are any remaining events. In most cases, this function is running as
3191 * long as the %wpa_supplicant process in still in use.
3193 int wpa_supplicant_run(struct wpa_global *global)
3195 struct wpa_supplicant *wpa_s;
3197 if (global->params.daemonize &&
3198 wpa_supplicant_daemon(global->params.pid_file))
3201 if (global->params.wait_for_monitor) {
3202 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3203 if (wpa_s->ctrl_iface)
3204 wpa_supplicant_ctrl_iface_wait(
3208 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3209 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3218 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3219 * @global: Pointer to global data from wpa_supplicant_init()
3221 * This function is called to deinitialize %wpa_supplicant and to free all
3222 * allocated resources. Remaining network interfaces will also be removed.
3224 void wpa_supplicant_deinit(struct wpa_global *global)
3232 wpas_p2p_deinit_global(global);
3233 #endif /* CONFIG_P2P */
3235 while (global->ifaces)
3236 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3238 if (global->ctrl_iface)
3239 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3241 wpas_notify_supplicant_deinitialized(global);
3243 eap_peer_unregister_methods();
3245 eap_server_unregister_methods();
3246 #endif /* CONFIG_AP */
3248 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3249 if (!global->drv_priv[i])
3251 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3253 os_free(global->drv_priv);
3259 if (global->params.pid_file) {
3260 os_daemonize_terminate(global->params.pid_file);
3261 os_free(global->params.pid_file);
3263 os_free(global->params.ctrl_interface);
3264 os_free(global->params.override_driver);
3265 os_free(global->params.override_ctrl_interface);
3267 os_free(global->p2p_disallow_freq);
3270 wpa_debug_close_syslog();
3271 wpa_debug_close_file();
3272 wpa_debug_close_linux_tracing();
3276 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3278 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3279 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3281 country[0] = wpa_s->conf->country[0];
3282 country[1] = wpa_s->conf->country[1];
3284 if (wpa_drv_set_country(wpa_s, country) < 0) {
3285 wpa_printf(MSG_ERROR, "Failed to set country code "
3290 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3291 wpas_init_ext_pw(wpa_s);
3294 wpas_wps_update_config(wpa_s);
3295 #endif /* CONFIG_WPS */
3298 wpas_p2p_update_config(wpa_s);
3299 #endif /* CONFIG_P2P */
3301 wpa_s->conf->changed_parameters = 0;
3305 static void add_freq(int *freqs, int *num_freqs, int freq)
3309 for (i = 0; i < *num_freqs; i++) {
3310 if (freqs[i] == freq)
3314 freqs[*num_freqs] = freq;
3319 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3321 struct wpa_bss *bss, *cbss;
3322 const int max_freqs = 10;
3326 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3330 cbss = wpa_s->current_bss;
3332 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3335 if (bss->ssid_len == cbss->ssid_len &&
3336 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3337 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3338 add_freq(freqs, &num_freqs, bss->freq);
3339 if (num_freqs == max_freqs)
3344 if (num_freqs == 0) {
3353 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3360 * Remove possible authentication timeout since the connection failed.
3362 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3365 * Add the failed BSSID into the blacklist and speed up next scan
3366 * attempt if there could be other APs that could accept association.
3367 * The current blacklist count indicates how many times we have tried
3368 * connecting to this AP and multiple attempts mean that other APs are
3369 * either not available or has already been tried, so that we can start
3370 * increasing the delay here to avoid constant scanning.
3372 count = wpa_blacklist_add(wpa_s, bssid);
3373 if (count == 1 && wpa_s->current_bss) {
3375 * This BSS was not in the blacklist before. If there is
3376 * another BSS available for the same ESS, we should try that
3377 * next. Otherwise, we may as well try this one once more
3378 * before allowing other, likely worse, ESSes to be considered.
3380 freqs = get_bss_freqs_in_ess(wpa_s);
3382 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3383 "has been seen; try it next");
3384 wpa_blacklist_add(wpa_s, bssid);
3386 * On the next scan, go through only the known channels
3387 * used in this ESS based on previous scans to speed up
3388 * common load balancing use case.
3390 os_free(wpa_s->next_scan_freqs);
3391 wpa_s->next_scan_freqs = freqs;
3410 * TODO: if more than one possible AP is available in scan results,
3411 * could try the other ones before requesting a new scan.
3413 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3414 1000 * (timeout % 1000));
3417 if (wpa_s->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
3418 wpa_s->global->p2p != NULL) {
3419 wpa_s->p2p_cb_on_scan_complete = 0;
3420 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
3421 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
3422 "continued after failed association");
3425 #endif /* CONFIG_P2P */
3429 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3431 return wpa_s->conf->ap_scan == 2 ||
3432 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3436 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3437 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3438 struct wpa_ssid *ssid,
3442 #ifdef IEEE8021X_EAPOL
3443 struct eap_peer_config *eap = &ssid->eap;
3445 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3446 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3447 (const u8 *) value, os_strlen(value));
3449 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3450 case WPA_CTRL_REQ_EAP_IDENTITY:
3451 os_free(eap->identity);
3452 eap->identity = (u8 *) os_strdup(value);
3453 eap->identity_len = os_strlen(value);
3454 eap->pending_req_identity = 0;
3455 if (ssid == wpa_s->current_ssid)
3456 wpa_s->reassociate = 1;
3458 case WPA_CTRL_REQ_EAP_PASSWORD:
3459 os_free(eap->password);
3460 eap->password = (u8 *) os_strdup(value);
3461 eap->password_len = os_strlen(value);
3462 eap->pending_req_password = 0;
3463 if (ssid == wpa_s->current_ssid)
3464 wpa_s->reassociate = 1;
3466 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3467 os_free(eap->new_password);
3468 eap->new_password = (u8 *) os_strdup(value);
3469 eap->new_password_len = os_strlen(value);
3470 eap->pending_req_new_password = 0;
3471 if (ssid == wpa_s->current_ssid)
3472 wpa_s->reassociate = 1;
3474 case WPA_CTRL_REQ_EAP_PIN:
3476 eap->pin = os_strdup(value);
3477 eap->pending_req_pin = 0;
3478 if (ssid == wpa_s->current_ssid)
3479 wpa_s->reassociate = 1;
3481 case WPA_CTRL_REQ_EAP_OTP:
3483 eap->otp = (u8 *) os_strdup(value);
3484 eap->otp_len = os_strlen(value);
3485 os_free(eap->pending_req_otp);
3486 eap->pending_req_otp = NULL;
3487 eap->pending_req_otp_len = 0;
3489 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3490 os_free(eap->private_key_passwd);
3491 eap->private_key_passwd = (u8 *) os_strdup(value);
3492 eap->pending_req_passphrase = 0;
3493 if (ssid == wpa_s->current_ssid)
3494 wpa_s->reassociate = 1;
3497 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3502 #else /* IEEE8021X_EAPOL */
3503 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3505 #endif /* IEEE8021X_EAPOL */
3507 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
3510 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3513 unsigned int drv_enc;
3521 if (wpa_s && wpa_s->drv_capa_known)
3522 drv_enc = wpa_s->drv_enc;
3524 drv_enc = (unsigned int) -1;
3526 for (i = 0; i < NUM_WEP_KEYS; i++) {
3527 size_t len = ssid->wep_key_len[i];
3530 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3532 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3534 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3536 return 1; /* invalid WEP key */
3539 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3547 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3549 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3551 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3557 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3559 struct wpa_ssid *ssid = wpa_s->current_ssid;
3564 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3569 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3572 ssid->auth_failures++;
3573 if (ssid->auth_failures > 50)
3575 else if (ssid->auth_failures > 20)
3577 else if (ssid->auth_failures > 10)
3579 else if (ssid->auth_failures > 5)
3581 else if (ssid->auth_failures > 1)
3587 if (now.sec + dur <= ssid->disabled_until.sec)
3590 ssid->disabled_until.sec = now.sec + dur;
3592 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
3593 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
3594 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
3595 ssid->auth_failures, dur);
3599 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
3600 struct wpa_ssid *ssid, int clear_failures)
3605 if (ssid->disabled_until.sec) {
3606 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
3607 "id=%d ssid=\"%s\"",
3608 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3610 ssid->disabled_until.sec = 0;
3611 ssid->disabled_until.usec = 0;
3613 ssid->auth_failures = 0;