3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 /* Configure default/group WEP keys for static WEP */
108 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
112 for (i = 0; i < NUM_WEP_KEYS; i++) {
113 if (ssid->wep_key_len[i] == 0)
117 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
118 i, i == ssid->wep_tx_keyidx, NULL, 0,
119 ssid->wep_key[i], ssid->wep_key_len[i]);
126 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
127 struct wpa_ssid *ssid)
134 /* IBSS/WPA-None uses only one key (Group) for both receiving and
135 * sending unicast and multicast packets. */
137 if (ssid->mode != WPAS_MODE_IBSS) {
138 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
139 "IBSS/ad-hoc) for WPA-None", ssid->mode);
143 if (!ssid->psk_set) {
144 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
149 switch (wpa_s->group_cipher) {
150 case WPA_CIPHER_CCMP:
151 os_memcpy(key, ssid->psk, 16);
155 case WPA_CIPHER_GCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_TKIP:
161 /* WPA-None uses the same Michael MIC key for both TX and RX */
162 os_memcpy(key, ssid->psk, 16 + 8);
163 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
169 "WPA-None", wpa_s->group_cipher);
173 /* TODO: should actually remember the previously used seq#, both for TX
174 * and RX from each STA.. */
176 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
180 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
182 struct wpa_supplicant *wpa_s = eloop_ctx;
183 const u8 *bssid = wpa_s->bssid;
184 if (is_zero_ether_addr(bssid))
185 bssid = wpa_s->pending_bssid;
186 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
188 wpa_blacklist_add(wpa_s, bssid);
189 wpa_sm_notify_disassoc(wpa_s->wpa);
190 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
191 wpa_s->reassociate = 1;
194 * If we timed out, the AP or the local radio may be busy.
195 * So, wait a second until scanning again.
197 wpa_supplicant_req_scan(wpa_s, 1, 0);
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
207 * This function is used to schedule a timeout for the current authentication
210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
213 if (wpa_s->conf->ap_scan == 0 &&
214 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
217 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
218 "%d usec", sec, usec);
219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
234 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236 wpa_blacklist_del(wpa_s, wpa_s->bssid);
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
249 #ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf;
251 struct wpa_ssid *ssid = wpa_s->current_ssid;
253 #ifdef CONFIG_IBSS_RSN
254 if (ssid->mode == WPAS_MODE_IBSS &&
255 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
258 * RSN IBSS authentication is per-STA and we can disable the
259 * per-BSSID EAPOL authentication.
261 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
266 #endif /* CONFIG_IBSS_RSN */
268 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
272 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
273 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
277 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
279 eapol_conf.accept_802_1x_keys = 1;
280 eapol_conf.required_keys = 0;
281 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
282 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
284 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
285 eapol_conf.required_keys |=
286 EAPOL_REQUIRE_KEY_BROADCAST;
289 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
290 eapol_conf.required_keys = 0;
292 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
293 eapol_conf.workaround = ssid->eap_workaround;
294 eapol_conf.eap_disabled =
295 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
296 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
298 eapol_conf.external_sim = wpa_s->conf->external_sim;
299 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
300 #endif /* IEEE8021X_EAPOL */
305 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306 * @wpa_s: Pointer to wpa_supplicant data
307 * @ssid: Configuration data for the network
309 * This function is used to configure WPA state machine and related parameters
310 * to a mode where WPA is not enabled. This is called as part of the
311 * authentication configuration when the selected network does not use WPA.
313 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
314 struct wpa_ssid *ssid)
318 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
319 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
320 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
321 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
323 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
324 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
325 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
326 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
327 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
328 wpa_s->group_cipher = WPA_CIPHER_NONE;
329 wpa_s->mgmt_group_cipher = 0;
331 for (i = 0; i < NUM_WEP_KEYS; i++) {
332 if (ssid->wep_key_len[i] > 5) {
333 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
334 wpa_s->group_cipher = WPA_CIPHER_WEP104;
336 } else if (ssid->wep_key_len[i] > 0) {
337 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
338 wpa_s->group_cipher = WPA_CIPHER_WEP40;
343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
344 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
345 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
346 wpa_s->pairwise_cipher);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
348 #ifdef CONFIG_IEEE80211W
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
350 wpa_s->mgmt_group_cipher);
351 #endif /* CONFIG_IEEE80211W */
353 pmksa_cache_clear_current(wpa_s->wpa);
357 void free_hw_features(struct wpa_supplicant *wpa_s)
360 if (wpa_s->hw.modes == NULL)
363 for (i = 0; i < wpa_s->hw.num_modes; i++) {
364 os_free(wpa_s->hw.modes[i].channels);
365 os_free(wpa_s->hw.modes[i].rates);
368 os_free(wpa_s->hw.modes);
369 wpa_s->hw.modes = NULL;
373 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
375 bgscan_deinit(wpa_s);
376 autoscan_deinit(wpa_s);
377 scard_deinit(wpa_s->scard);
379 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
380 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
381 l2_packet_deinit(wpa_s->l2);
384 l2_packet_deinit(wpa_s->l2_br);
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
394 os_free(wpa_s->confname);
395 wpa_s->confname = NULL;
397 os_free(wpa_s->confanother);
398 wpa_s->confanother = NULL;
400 wpa_sm_set_eapol(wpa_s->wpa, NULL);
401 eapol_sm_deinit(wpa_s->eapol);
404 rsn_preauth_deinit(wpa_s->wpa);
407 wpa_tdls_deinit(wpa_s->wpa);
408 #endif /* CONFIG_TDLS */
410 pmksa_candidate_free(wpa_s->wpa);
411 wpa_sm_deinit(wpa_s->wpa);
413 wpa_blacklist_clear(wpa_s);
415 wpa_bss_deinit(wpa_s);
417 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
418 wpa_supplicant_cancel_scan(wpa_s);
419 wpa_supplicant_cancel_auth_timeout(wpa_s);
420 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
421 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
422 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
424 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
426 wpas_wps_deinit(wpa_s);
428 wpabuf_free(wpa_s->pending_eapol_rx);
429 wpa_s->pending_eapol_rx = NULL;
431 #ifdef CONFIG_IBSS_RSN
432 ibss_rsn_deinit(wpa_s->ibss_rsn);
433 wpa_s->ibss_rsn = NULL;
434 #endif /* CONFIG_IBSS_RSN */
439 wpa_supplicant_ap_deinit(wpa_s);
440 #endif /* CONFIG_AP */
443 wpas_p2p_deinit(wpa_s);
444 #endif /* CONFIG_P2P */
446 #ifdef CONFIG_OFFCHANNEL
447 offchannel_deinit(wpa_s);
448 #endif /* CONFIG_OFFCHANNEL */
450 wpa_supplicant_cancel_sched_scan(wpa_s);
452 os_free(wpa_s->next_scan_freqs);
453 wpa_s->next_scan_freqs = NULL;
455 os_free(wpa_s->manual_scan_freqs);
456 wpa_s->manual_scan_freqs = NULL;
458 gas_query_deinit(wpa_s->gas);
461 free_hw_features(wpa_s);
463 os_free(wpa_s->bssid_filter);
464 wpa_s->bssid_filter = NULL;
466 os_free(wpa_s->disallow_aps_bssid);
467 wpa_s->disallow_aps_bssid = NULL;
468 os_free(wpa_s->disallow_aps_ssid);
469 wpa_s->disallow_aps_ssid = NULL;
471 wnm_bss_keep_alive_deinit(wpa_s);
473 wnm_deallocate_memory(wpa_s);
474 #endif /* CONFIG_WNM */
476 ext_password_deinit(wpa_s->ext_pw);
477 wpa_s->ext_pw = NULL;
479 wpabuf_free(wpa_s->last_gas_resp);
480 wpa_s->last_gas_resp = NULL;
481 wpabuf_free(wpa_s->prev_gas_resp);
482 wpa_s->prev_gas_resp = NULL;
484 os_free(wpa_s->last_scan_res);
485 wpa_s->last_scan_res = NULL;
488 hs20_free_osu_prov(wpa_s);
489 #endif /* CONFIG_HS20 */
494 * wpa_clear_keys - Clear keys configured for the driver
495 * @wpa_s: Pointer to wpa_supplicant data
496 * @addr: Previously used BSSID or %NULL if not available
498 * This function clears the encryption keys that has been previously configured
501 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
505 #ifdef CONFIG_IEEE80211W
507 #else /* CONFIG_IEEE80211W */
509 #endif /* CONFIG_IEEE80211W */
511 /* MLME-DELETEKEYS.request */
512 for (i = 0; i < max; i++) {
513 if (wpa_s->keys_cleared & BIT(i))
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
518 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
519 !is_zero_ether_addr(addr)) {
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
522 /* MLME-SETPROTECTION.request(None) */
523 wpa_drv_mlme_setprotection(
525 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
526 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
528 wpa_s->keys_cleared = (u32) -1;
533 * wpa_supplicant_state_txt - Get the connection state name as a text string
534 * @state: State (wpa_state; WPA_*)
535 * Returns: The state name as a printable text string
537 const char * wpa_supplicant_state_txt(enum wpa_states state)
540 case WPA_DISCONNECTED:
541 return "DISCONNECTED";
544 case WPA_INTERFACE_DISABLED:
545 return "INTERFACE_DISABLED";
548 case WPA_AUTHENTICATING:
549 return "AUTHENTICATING";
550 case WPA_ASSOCIATING:
551 return "ASSOCIATING";
554 case WPA_4WAY_HANDSHAKE:
555 return "4WAY_HANDSHAKE";
556 case WPA_GROUP_HANDSHAKE:
557 return "GROUP_HANDSHAKE";
568 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
572 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
573 name = wpa_s->current_ssid->bgscan;
575 name = wpa_s->conf->bgscan;
578 if (wpas_driver_bss_selection(wpa_s))
580 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
583 bgscan_deinit(wpa_s);
584 if (wpa_s->current_ssid) {
585 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
586 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
589 * Live without bgscan; it is only used as a roaming
590 * optimization, so the initial connection is not
594 struct wpa_scan_results *scan_res;
595 wpa_s->bgscan_ssid = wpa_s->current_ssid;
596 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
599 bgscan_notify_scan(wpa_s, scan_res);
600 wpa_scan_results_free(scan_res);
604 wpa_s->bgscan_ssid = NULL;
608 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
610 if (wpa_s->bgscan_ssid != NULL) {
611 bgscan_deinit(wpa_s);
612 wpa_s->bgscan_ssid = NULL;
616 #endif /* CONFIG_BGSCAN */
619 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
621 if (autoscan_init(wpa_s, 0))
622 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
626 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
628 autoscan_deinit(wpa_s);
632 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
634 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
635 wpa_s->wpa_state == WPA_SCANNING) {
636 autoscan_deinit(wpa_s);
637 wpa_supplicant_start_autoscan(wpa_s);
643 * wpa_supplicant_set_state - Set current connection state
644 * @wpa_s: Pointer to wpa_supplicant data
645 * @state: The new connection state
647 * This function is called whenever the connection state changes, e.g.,
648 * association is completed for WPA/WPA2 4-Way Handshake is started.
650 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
651 enum wpa_states state)
653 enum wpa_states old_state = wpa_s->wpa_state;
655 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
656 wpa_supplicant_state_txt(wpa_s->wpa_state),
657 wpa_supplicant_state_txt(state));
659 if (state == WPA_INTERFACE_DISABLED) {
660 /* Assure normal scan when interface is restored */
661 wpa_s->normal_scans = 0;
664 if (state == WPA_COMPLETED)
665 wpas_connect_work_done(wpa_s);
667 if (state != WPA_SCANNING)
668 wpa_supplicant_notify_scanning(wpa_s, 0);
670 if (state == WPA_COMPLETED && wpa_s->new_connection) {
671 struct wpa_ssid *ssid = wpa_s->current_ssid;
672 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
673 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
674 MACSTR " completed [id=%d id_str=%s]",
675 MAC2STR(wpa_s->bssid),
676 ssid ? ssid->id : -1,
677 ssid && ssid->id_str ? ssid->id_str : "");
678 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
679 wpas_clear_temp_disabled(wpa_s, ssid, 1);
680 wpa_s->extra_blacklist_count = 0;
681 wpa_s->new_connection = 0;
682 wpa_drv_set_operstate(wpa_s, 1);
683 #ifndef IEEE8021X_EAPOL
684 wpa_drv_set_supp_port(wpa_s, 1);
685 #endif /* IEEE8021X_EAPOL */
686 wpa_s->after_wps = 0;
687 wpa_s->known_wps_freq = 0;
689 wpas_p2p_completed(wpa_s);
690 #endif /* CONFIG_P2P */
692 sme_sched_obss_scan(wpa_s, 1);
693 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
694 state == WPA_ASSOCIATED) {
695 wpa_s->new_connection = 1;
696 wpa_drv_set_operstate(wpa_s, 0);
697 #ifndef IEEE8021X_EAPOL
698 wpa_drv_set_supp_port(wpa_s, 0);
699 #endif /* IEEE8021X_EAPOL */
700 sme_sched_obss_scan(wpa_s, 0);
702 wpa_s->wpa_state = state;
705 if (state == WPA_COMPLETED)
706 wpa_supplicant_start_bgscan(wpa_s);
707 else if (state < WPA_ASSOCIATED)
708 wpa_supplicant_stop_bgscan(wpa_s);
709 #endif /* CONFIG_BGSCAN */
711 if (state == WPA_AUTHENTICATING)
712 wpa_supplicant_stop_autoscan(wpa_s);
714 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
715 wpa_supplicant_start_autoscan(wpa_s);
717 if (wpa_s->wpa_state != old_state) {
718 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
720 if (wpa_s->wpa_state == WPA_COMPLETED ||
721 old_state == WPA_COMPLETED)
722 wpas_notify_auth_changed(wpa_s);
727 void wpa_supplicant_terminate_proc(struct wpa_global *global)
731 struct wpa_supplicant *wpa_s = global->ifaces;
733 struct wpa_supplicant *next = wpa_s->next;
735 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
736 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
737 wpas_p2p_disconnect(wpa_s);
738 #endif /* CONFIG_P2P */
739 if (wpas_wps_terminate_pending(wpa_s) == 1)
743 #endif /* CONFIG_WPS */
750 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
752 struct wpa_global *global = signal_ctx;
753 wpa_supplicant_terminate_proc(global);
757 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
759 enum wpa_states old_state = wpa_s->wpa_state;
761 wpa_s->pairwise_cipher = 0;
762 wpa_s->group_cipher = 0;
763 wpa_s->mgmt_group_cipher = 0;
765 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
766 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
768 if (wpa_s->wpa_state != old_state)
769 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
774 * wpa_supplicant_reload_configuration - Reload configuration data
775 * @wpa_s: Pointer to wpa_supplicant data
776 * Returns: 0 on success or -1 if configuration parsing failed
778 * This function can be used to request that the configuration data is reloaded
779 * (e.g., after configuration file change). This function is reloading
780 * configuration only for one interface, so this may need to be called multiple
781 * times if %wpa_supplicant is controlling multiple interfaces and all
782 * interfaces need reconfiguration.
784 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
786 struct wpa_config *conf;
790 if (wpa_s->confname == NULL)
792 conf = wpa_config_read(wpa_s->confname, NULL);
794 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
795 "file '%s' - exiting", wpa_s->confname);
798 wpa_config_read(wpa_s->confanother, conf);
800 conf->changed_parameters = (unsigned int) -1;
802 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
803 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
804 os_strcmp(conf->ctrl_interface,
805 wpa_s->conf->ctrl_interface) != 0);
807 if (reconf_ctrl && wpa_s->ctrl_iface) {
808 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
809 wpa_s->ctrl_iface = NULL;
812 eapol_sm_invalidate_cached_session(wpa_s->eapol);
813 if (wpa_s->current_ssid) {
814 wpa_supplicant_deauthenticate(wpa_s,
815 WLAN_REASON_DEAUTH_LEAVING);
819 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
820 * pkcs11_engine_path, pkcs11_module_path.
822 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
824 * Clear forced success to clear EAP state for next
827 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
829 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
830 wpa_sm_set_config(wpa_s->wpa, NULL);
831 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
832 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
833 rsn_preauth_deinit(wpa_s->wpa);
835 old_ap_scan = wpa_s->conf->ap_scan;
836 wpa_config_free(wpa_s->conf);
838 if (old_ap_scan != wpa_s->conf->ap_scan)
839 wpas_notify_ap_scan_changed(wpa_s);
842 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
844 wpa_supplicant_update_config(wpa_s);
846 wpa_supplicant_clear_status(wpa_s);
847 if (wpa_supplicant_enabled_networks(wpa_s)) {
848 wpa_s->reassociate = 1;
849 wpa_supplicant_req_scan(wpa_s, 0, 0);
851 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
856 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
858 struct wpa_global *global = signal_ctx;
859 struct wpa_supplicant *wpa_s;
860 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
861 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
863 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
864 wpa_supplicant_terminate_proc(global);
870 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
871 struct wpa_ssid *ssid,
872 struct wpa_ie_data *ie)
874 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
877 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
878 "from association info");
883 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
885 if (!(ie->group_cipher & ssid->group_cipher)) {
886 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
887 "cipher 0x%x (mask 0x%x) - reject",
888 ie->group_cipher, ssid->group_cipher);
891 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
892 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
893 "cipher 0x%x (mask 0x%x) - reject",
894 ie->pairwise_cipher, ssid->pairwise_cipher);
897 if (!(ie->key_mgmt & ssid->key_mgmt)) {
898 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
899 "management 0x%x (mask 0x%x) - reject",
900 ie->key_mgmt, ssid->key_mgmt);
904 #ifdef CONFIG_IEEE80211W
905 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
906 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
907 wpa_s->conf->pmf : ssid->ieee80211w) ==
908 MGMT_FRAME_PROTECTION_REQUIRED) {
909 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
910 "that does not support management frame protection - "
914 #endif /* CONFIG_IEEE80211W */
921 * wpa_supplicant_set_suites - Set authentication and encryption parameters
922 * @wpa_s: Pointer to wpa_supplicant data
923 * @bss: Scan results for the selected BSS, or %NULL if not available
924 * @ssid: Configuration data for the selected network
925 * @wpa_ie: Buffer for the WPA/RSN IE
926 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
927 * used buffer length in case the functions returns success.
928 * Returns: 0 on success or -1 on failure
930 * This function is used to configure authentication and encryption parameters
931 * based on the network configuration and scan result for the selected BSS (if
934 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
935 struct wpa_bss *bss, struct wpa_ssid *ssid,
936 u8 *wpa_ie, size_t *wpa_ie_len)
938 struct wpa_ie_data ie;
940 const u8 *bss_wpa, *bss_rsn, *bss_osen;
943 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
944 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
945 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
947 bss_wpa = bss_rsn = bss_osen = NULL;
949 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
950 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
951 (ie.group_cipher & ssid->group_cipher) &&
952 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
953 (ie.key_mgmt & ssid->key_mgmt)) {
954 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
955 proto = WPA_PROTO_RSN;
956 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
957 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
958 (ie.group_cipher & ssid->group_cipher) &&
959 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
960 (ie.key_mgmt & ssid->key_mgmt)) {
961 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
962 proto = WPA_PROTO_WPA;
964 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
965 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
966 /* TODO: parse OSEN element */
967 ie.group_cipher = WPA_CIPHER_CCMP;
968 ie.pairwise_cipher = WPA_CIPHER_CCMP;
969 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
970 proto = WPA_PROTO_OSEN;
971 #endif /* CONFIG_HS20 */
973 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
976 if (ssid->proto & WPA_PROTO_OSEN)
977 proto = WPA_PROTO_OSEN;
978 else if (ssid->proto & WPA_PROTO_RSN)
979 proto = WPA_PROTO_RSN;
981 proto = WPA_PROTO_WPA;
982 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
983 os_memset(&ie, 0, sizeof(ie));
984 ie.group_cipher = ssid->group_cipher;
985 ie.pairwise_cipher = ssid->pairwise_cipher;
986 ie.key_mgmt = ssid->key_mgmt;
987 #ifdef CONFIG_IEEE80211W
988 ie.mgmt_group_cipher =
989 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
990 WPA_CIPHER_AES_128_CMAC : 0;
991 #endif /* CONFIG_IEEE80211W */
992 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
993 "based on configuration");
998 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
999 "pairwise %d key_mgmt %d proto %d",
1000 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1001 #ifdef CONFIG_IEEE80211W
1002 if (ssid->ieee80211w) {
1003 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1004 ie.mgmt_group_cipher);
1006 #endif /* CONFIG_IEEE80211W */
1008 wpa_s->wpa_proto = proto;
1009 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1010 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1011 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1013 if (bss || !wpa_s->ap_ies_from_associnfo) {
1014 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1015 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1016 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1017 bss_rsn ? 2 + bss_rsn[1] : 0))
1021 sel = ie.group_cipher & ssid->group_cipher;
1022 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1023 if (wpa_s->group_cipher < 0) {
1024 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1028 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1029 wpa_cipher_txt(wpa_s->group_cipher));
1031 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1032 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1033 if (wpa_s->pairwise_cipher < 0) {
1034 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1039 wpa_cipher_txt(wpa_s->pairwise_cipher));
1041 sel = ie.key_mgmt & ssid->key_mgmt;
1043 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1044 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1045 #endif /* CONFIG_SAE */
1047 #ifdef CONFIG_IEEE80211R
1048 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1049 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1050 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1051 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1052 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1053 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1054 #endif /* CONFIG_IEEE80211R */
1056 } else if (sel & WPA_KEY_MGMT_SAE) {
1057 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1058 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1059 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1060 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1061 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1062 #endif /* CONFIG_SAE */
1063 #ifdef CONFIG_IEEE80211W
1064 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1065 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1066 wpa_dbg(wpa_s, MSG_DEBUG,
1067 "WPA: using KEY_MGMT 802.1X with SHA256");
1068 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1069 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1070 wpa_dbg(wpa_s, MSG_DEBUG,
1071 "WPA: using KEY_MGMT PSK with SHA256");
1072 #endif /* CONFIG_IEEE80211W */
1073 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1074 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1075 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1076 } else if (sel & WPA_KEY_MGMT_PSK) {
1077 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1078 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1079 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1080 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1081 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1083 } else if (sel & WPA_KEY_MGMT_OSEN) {
1084 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1085 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1086 #endif /* CONFIG_HS20 */
1088 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1089 "authenticated key management type");
1093 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1094 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1095 wpa_s->pairwise_cipher);
1096 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1098 #ifdef CONFIG_IEEE80211W
1099 sel = ie.mgmt_group_cipher;
1100 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1101 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1102 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1104 if (sel & WPA_CIPHER_AES_128_CMAC) {
1105 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1106 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1109 wpa_s->mgmt_group_cipher = 0;
1110 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1112 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1113 wpa_s->mgmt_group_cipher);
1114 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1115 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1116 wpa_s->conf->pmf : ssid->ieee80211w));
1117 #endif /* CONFIG_IEEE80211W */
1119 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1120 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1124 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1125 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1126 #ifndef CONFIG_NO_PBKDF2
1127 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1130 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1131 4096, psk, PMK_LEN);
1132 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1134 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1136 #endif /* CONFIG_NO_PBKDF2 */
1137 #ifdef CONFIG_EXT_PASSWORD
1138 if (ssid->ext_psk) {
1139 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1141 char pw_str[64 + 1];
1145 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1146 "found from external storage");
1150 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1151 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1152 "PSK length %d in external storage",
1153 (int) wpabuf_len(pw));
1154 ext_password_free(pw);
1158 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1159 pw_str[wpabuf_len(pw)] = '\0';
1161 #ifndef CONFIG_NO_PBKDF2
1162 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1164 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1165 4096, psk, PMK_LEN);
1166 os_memset(pw_str, 0, sizeof(pw_str));
1167 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1168 "external passphrase)",
1170 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1172 #endif /* CONFIG_NO_PBKDF2 */
1173 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1174 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1175 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1176 "Invalid PSK hex string");
1177 os_memset(pw_str, 0, sizeof(pw_str));
1178 ext_password_free(pw);
1181 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1183 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1185 os_memset(pw_str, 0, sizeof(pw_str));
1186 ext_password_free(pw);
1190 os_memset(pw_str, 0, sizeof(pw_str));
1191 ext_password_free(pw);
1193 #endif /* CONFIG_EXT_PASSWORD */
1195 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1201 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1206 case 0: /* Bits 0-7 */
1208 case 1: /* Bits 8-15 */
1210 case 2: /* Bits 16-23 */
1212 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1213 *pos |= 0x08; /* Bit 19 - BSS Transition */
1214 #endif /* CONFIG_WNM */
1216 case 3: /* Bits 24-31 */
1218 *pos |= 0x02; /* Bit 25 - SSID List */
1219 #endif /* CONFIG_WNM */
1220 #ifdef CONFIG_INTERWORKING
1221 if (wpa_s->conf->interworking)
1222 *pos |= 0x80; /* Bit 31 - Interworking */
1223 #endif /* CONFIG_INTERWORKING */
1225 case 4: /* Bits 32-39 */
1226 #ifdef CONFIG_INTERWORKING
1227 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1228 *pos |= 0x01; /* Bit 32 - QoS Map */
1229 #endif /* CONFIG_INTERWORKING */
1231 case 5: /* Bits 40-47 */
1233 if (wpa_s->conf->hs20)
1234 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1235 #endif /* CONFIG_HS20 */
1237 case 6: /* Bits 48-55 */
1243 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1248 if (len < wpa_s->extended_capa_len)
1249 len = wpa_s->extended_capa_len;
1251 *pos++ = WLAN_EID_EXT_CAPAB;
1253 for (i = 0; i < len; i++, pos++) {
1254 wpas_ext_capab_byte(wpa_s, pos, i);
1256 if (i < wpa_s->extended_capa_len) {
1257 *pos &= ~wpa_s->extended_capa_mask[i];
1258 *pos |= wpa_s->extended_capa[i];
1262 while (len > 0 && buf[1 + len] == 0) {
1273 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1274 struct wpa_bss *test_bss)
1276 struct wpa_bss *bss;
1278 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1279 if (bss == test_bss)
1287 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1288 struct wpa_ssid *test_ssid)
1290 struct wpa_ssid *ssid;
1292 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1293 if (ssid == test_ssid)
1301 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1302 struct wpa_ssid *test_ssid)
1304 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1307 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1311 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1319 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1321 struct wpa_connect_work *cwork;
1322 struct wpa_radio_work *work = wpa_s->connect_work;
1327 wpa_s->connect_work = NULL;
1330 wpas_connect_work_free(cwork);
1331 radio_work_done(work);
1335 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1338 * wpa_supplicant_associate - Request association
1339 * @wpa_s: Pointer to wpa_supplicant data
1340 * @bss: Scan results for the selected BSS, or %NULL if not available
1341 * @ssid: Configuration data for the selected network
1343 * This function is used to request %wpa_supplicant to associate with a BSS.
1345 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1346 struct wpa_bss *bss, struct wpa_ssid *ssid)
1348 struct wpa_connect_work *cwork;
1350 #ifdef CONFIG_IBSS_RSN
1351 ibss_rsn_deinit(wpa_s->ibss_rsn);
1352 wpa_s->ibss_rsn = NULL;
1353 #endif /* CONFIG_IBSS_RSN */
1355 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1356 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1358 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1359 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1363 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1364 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1365 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1366 wpas_p2p_ap_setup_failed(wpa_s);
1369 wpa_s->current_bss = bss;
1370 #else /* CONFIG_AP */
1371 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1373 #endif /* CONFIG_AP */
1379 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1381 #endif /* CONFIG_TDLS */
1383 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1384 ssid->mode == IEEE80211_MODE_INFRA) {
1385 sme_authenticate(wpa_s, bss, ssid);
1389 if (wpa_s->connect_work) {
1390 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1394 if (radio_work_pending(wpa_s, "connect")) {
1395 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1399 cwork = os_zalloc(sizeof(*cwork));
1406 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1407 wpas_start_assoc_cb, cwork) < 0) {
1413 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1415 struct wpa_connect_work *cwork = work->ctx;
1416 struct wpa_bss *bss = cwork->bss;
1417 struct wpa_ssid *ssid = cwork->ssid;
1418 struct wpa_supplicant *wpa_s = work->wpa_s;
1421 int use_crypt, ret, i, bssid_changed;
1422 int algs = WPA_AUTH_ALG_OPEN;
1423 unsigned int cipher_pairwise, cipher_group;
1424 struct wpa_driver_associate_params params;
1425 int wep_keys_set = 0;
1426 int assoc_failed = 0;
1427 struct wpa_ssid *old_ssid;
1428 #ifdef CONFIG_HT_OVERRIDES
1429 struct ieee80211_ht_capabilities htcaps;
1430 struct ieee80211_ht_capabilities htcaps_mask;
1431 #endif /* CONFIG_HT_OVERRIDES */
1434 if (work->started) {
1435 wpa_s->connect_work = NULL;
1437 /* cancel possible auth. timeout */
1438 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1441 wpas_connect_work_free(cwork);
1445 wpa_s->connect_work = work;
1447 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1448 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1449 wpas_connect_work_done(wpa_s);
1453 os_memset(¶ms, 0, sizeof(params));
1454 wpa_s->reassociate = 0;
1455 wpa_s->eap_expected_failure = 0;
1456 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1457 #ifdef CONFIG_IEEE80211R
1458 const u8 *ie, *md = NULL;
1459 #endif /* CONFIG_IEEE80211R */
1460 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1461 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1462 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1463 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1464 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1465 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1467 wpas_notify_bssid_changed(wpa_s);
1468 #ifdef CONFIG_IEEE80211R
1469 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1470 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1472 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1474 /* Prepare for the next transition */
1475 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1477 #endif /* CONFIG_IEEE80211R */
1479 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1480 wpa_s->conf->ap_scan == 2 &&
1481 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1482 /* Use ap_scan==1 style network selection to find the network
1484 wpa_s->scan_req = MANUAL_SCAN_REQ;
1485 wpa_s->reassociate = 1;
1486 wpa_supplicant_req_scan(wpa_s, 0, 0);
1488 #endif /* CONFIG_WPS */
1490 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1491 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1492 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1494 wpa_supplicant_cancel_sched_scan(wpa_s);
1495 wpa_supplicant_cancel_scan(wpa_s);
1497 /* Starting new association, so clear the possibly used WPA IE from the
1498 * previous association. */
1499 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1501 #ifdef IEEE8021X_EAPOL
1502 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1504 if (ssid->non_leap == 0)
1505 algs = WPA_AUTH_ALG_LEAP;
1507 algs |= WPA_AUTH_ALG_LEAP;
1510 #endif /* IEEE8021X_EAPOL */
1511 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1512 if (ssid->auth_alg) {
1513 algs = ssid->auth_alg;
1514 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1518 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1519 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1520 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1521 int try_opportunistic;
1522 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1524 ssid->proactive_key_caching) &&
1525 (ssid->proto & WPA_PROTO_RSN);
1526 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1527 ssid, try_opportunistic) == 0)
1528 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1529 wpa_ie_len = sizeof(wpa_ie);
1530 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1531 wpa_ie, &wpa_ie_len)) {
1532 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1533 "key management and encryption suites");
1536 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1537 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1539 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1540 * use non-WPA since the scan results did not indicate that the
1541 * AP is using WPA or WPA2.
1543 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1545 wpa_s->wpa_proto = 0;
1546 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1547 wpa_ie_len = sizeof(wpa_ie);
1548 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1549 wpa_ie, &wpa_ie_len)) {
1550 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1551 "key management and encryption suites (no "
1556 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1557 struct wpabuf *wps_ie;
1558 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1559 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1560 wpa_ie_len = wpabuf_len(wps_ie);
1561 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1564 wpabuf_free(wps_ie);
1565 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1566 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1567 params.wps = WPS_MODE_PRIVACY;
1569 params.wps = WPS_MODE_OPEN;
1570 wpa_s->wpa_proto = 0;
1571 #endif /* CONFIG_WPS */
1573 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1575 wpa_s->wpa_proto = 0;
1579 if (wpa_s->global->p2p) {
1583 pos = wpa_ie + wpa_ie_len;
1584 len = sizeof(wpa_ie) - wpa_ie_len;
1585 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1591 wpa_s->cross_connect_disallowed = 0;
1594 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1596 wpa_s->cross_connect_disallowed =
1597 p2p_get_cross_connect_disallowed(p2p);
1599 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1601 wpa_s->cross_connect_disallowed ?
1602 "disallows" : "allows");
1606 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1607 #endif /* CONFIG_P2P */
1610 if (is_hs20_network(wpa_s, ssid, bss)) {
1611 struct wpabuf *hs20;
1612 hs20 = wpabuf_alloc(20);
1614 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1615 wpas_hs20_add_indication(hs20, pps_mo_id);
1616 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1618 wpa_ie_len += wpabuf_len(hs20);
1622 #endif /* CONFIG_HS20 */
1625 * Workaround: Add Extended Capabilities element only if the AP
1626 * included this element in Beacon/Probe Response frames. Some older
1627 * APs seem to have interoperability issues if this element is
1628 * included, so while the standard may require us to include the
1629 * element in all cases, it is justifiable to skip it to avoid
1630 * interoperability issues.
1632 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1635 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1636 if (ext_capab_len > 0) {
1638 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1640 os_memmove(pos + ext_capab_len, pos,
1641 wpa_ie_len - (pos - wpa_ie));
1642 wpa_ie_len += ext_capab_len;
1643 os_memcpy(pos, ext_capab, ext_capab_len);
1647 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1649 cipher_pairwise = wpa_s->pairwise_cipher;
1650 cipher_group = wpa_s->group_cipher;
1651 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1652 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1653 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1655 if (wpa_set_wep_keys(wpa_s, ssid)) {
1660 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1663 #ifdef IEEE8021X_EAPOL
1664 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1665 if ((ssid->eapol_flags &
1666 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1667 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1671 /* Assume that dynamic WEP-104 keys will be used and
1672 * set cipher suites in order for drivers to expect
1674 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1677 #endif /* IEEE8021X_EAPOL */
1679 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1680 /* Set the key before (and later after) association */
1681 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1684 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1686 params.ssid = bss->ssid;
1687 params.ssid_len = bss->ssid_len;
1688 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1689 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1690 MACSTR " freq=%u MHz based on scan results "
1692 MAC2STR(bss->bssid), bss->freq,
1694 params.bssid = bss->bssid;
1695 params.freq = bss->freq;
1697 params.bssid_hint = bss->bssid;
1698 params.freq_hint = bss->freq;
1700 params.ssid = ssid->ssid;
1701 params.ssid_len = ssid->ssid_len;
1704 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1705 wpa_s->conf->ap_scan == 2) {
1706 params.bssid = ssid->bssid;
1707 params.fixed_bssid = 1;
1710 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1712 params.freq = ssid->frequency; /* Initial channel for IBSS */
1713 params.wpa_ie = wpa_ie;
1714 params.wpa_ie_len = wpa_ie_len;
1715 params.pairwise_suite = cipher_pairwise;
1716 params.group_suite = cipher_group;
1717 params.key_mgmt_suite = wpa_s->key_mgmt;
1718 params.wpa_proto = wpa_s->wpa_proto;
1719 params.auth_alg = algs;
1720 params.mode = ssid->mode;
1721 params.bg_scan_period = ssid->bg_scan_period;
1722 for (i = 0; i < NUM_WEP_KEYS; i++) {
1723 if (ssid->wep_key_len[i])
1724 params.wep_key[i] = ssid->wep_key[i];
1725 params.wep_key_len[i] = ssid->wep_key_len[i];
1727 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1729 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1730 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1731 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1732 params.passphrase = ssid->passphrase;
1734 params.psk = ssid->psk;
1737 params.drop_unencrypted = use_crypt;
1739 #ifdef CONFIG_IEEE80211W
1740 params.mgmt_frame_protection =
1741 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1742 wpa_s->conf->pmf : ssid->ieee80211w;
1743 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1744 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1745 struct wpa_ie_data ie;
1746 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1748 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1749 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1750 "MFP: require MFP");
1751 params.mgmt_frame_protection =
1752 MGMT_FRAME_PROTECTION_REQUIRED;
1755 #endif /* CONFIG_IEEE80211W */
1757 params.p2p = ssid->p2p_group;
1759 if (wpa_s->parent->set_sta_uapsd)
1760 params.uapsd = wpa_s->parent->sta_uapsd;
1764 #ifdef CONFIG_HT_OVERRIDES
1765 os_memset(&htcaps, 0, sizeof(htcaps));
1766 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1767 params.htcaps = (u8 *) &htcaps;
1768 params.htcaps_mask = (u8 *) &htcaps_mask;
1769 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1770 #endif /* CONFIG_HT_OVERRIDES */
1774 * If multi-channel concurrency is not supported, check for any
1775 * frequency conflict. In case of any frequency conflict, remove the
1776 * least prioritized connection.
1778 if (wpa_s->num_multichan_concurrent < 2) {
1779 int freq = wpa_drv_shared_freq(wpa_s);
1780 if (freq > 0 && freq != params.freq) {
1781 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1783 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1789 #endif /* CONFIG_P2P */
1791 ret = wpa_drv_associate(wpa_s, ¶ms);
1793 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1795 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1797 * The driver is known to mean what is saying, so we
1798 * can stop right here; the association will not
1801 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1802 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1803 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1806 /* try to continue anyway; new association will be tried again
1811 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1812 /* Set the key after the association just in case association
1813 * cleared the previously configured key. */
1814 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1815 /* No need to timeout authentication since there is no key
1817 wpa_supplicant_cancel_auth_timeout(wpa_s);
1818 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1819 #ifdef CONFIG_IBSS_RSN
1820 } else if (ssid->mode == WPAS_MODE_IBSS &&
1821 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1822 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1824 * RSN IBSS authentication is per-STA and we can disable the
1825 * per-BSSID authentication.
1827 wpa_supplicant_cancel_auth_timeout(wpa_s);
1828 #endif /* CONFIG_IBSS_RSN */
1830 /* Timeout for IEEE 802.11 authentication and association */
1834 /* give IBSS a bit more time */
1835 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1836 } else if (wpa_s->conf->ap_scan == 1) {
1837 /* give IBSS a bit more time */
1838 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1840 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1844 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1845 /* Set static WEP keys again */
1846 wpa_set_wep_keys(wpa_s, ssid);
1849 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1851 * Do not allow EAP session resumption between different
1852 * network configurations.
1854 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1856 old_ssid = wpa_s->current_ssid;
1857 wpa_s->current_ssid = ssid;
1858 wpa_s->current_bss = bss;
1859 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1860 wpa_supplicant_initiate_eapol(wpa_s);
1861 if (old_ssid != wpa_s->current_ssid)
1862 wpas_notify_network_changed(wpa_s);
1866 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1869 struct wpa_ssid *old_ssid;
1871 wpa_clear_keys(wpa_s, addr);
1872 old_ssid = wpa_s->current_ssid;
1873 wpa_supplicant_mark_disassoc(wpa_s);
1874 wpa_sm_set_config(wpa_s->wpa, NULL);
1875 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1876 if (old_ssid != wpa_s->current_ssid)
1877 wpas_notify_network_changed(wpa_s);
1878 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1883 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1884 * @wpa_s: Pointer to wpa_supplicant data
1885 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1887 * This function is used to request %wpa_supplicant to deauthenticate from the
1890 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1894 union wpa_event_data event;
1897 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1898 " pending_bssid=" MACSTR " reason=%d state=%s",
1899 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1900 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1902 if (!is_zero_ether_addr(wpa_s->bssid))
1903 addr = wpa_s->bssid;
1904 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1905 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1906 wpa_s->wpa_state == WPA_ASSOCIATING))
1907 addr = wpa_s->pending_bssid;
1908 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1910 * When using driver-based BSS selection, we may not know the
1911 * BSSID with which we are currently trying to associate. We
1912 * need to notify the driver of this disconnection even in such
1913 * a case, so use the all zeros address here.
1915 addr = wpa_s->bssid;
1920 wpa_tdls_teardown_peers(wpa_s->wpa);
1921 #endif /* CONFIG_TDLS */
1924 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1925 os_memset(&event, 0, sizeof(event));
1926 event.deauth_info.reason_code = (u16) reason_code;
1927 event.deauth_info.locally_generated = 1;
1928 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1933 wpa_supplicant_clear_connection(wpa_s, addr);
1936 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1937 struct wpa_ssid *ssid)
1939 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1943 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1944 wpas_notify_network_enabled_changed(wpa_s, ssid);
1947 * Try to reassociate since there is no current configuration and a new
1948 * network was made available.
1950 if (!wpa_s->current_ssid && !wpa_s->disconnected)
1951 wpa_s->reassociate = 1;
1956 * wpa_supplicant_enable_network - Mark a configured network as enabled
1957 * @wpa_s: wpa_supplicant structure for a network interface
1958 * @ssid: wpa_ssid structure for a configured network or %NULL
1960 * Enables the specified network or all networks if no network specified.
1962 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1963 struct wpa_ssid *ssid)
1966 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1967 wpa_supplicant_enable_one_network(wpa_s, ssid);
1969 wpa_supplicant_enable_one_network(wpa_s, ssid);
1971 if (wpa_s->reassociate && !wpa_s->disconnected) {
1972 if (wpa_s->sched_scanning) {
1973 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1974 "new network to scan filters");
1975 wpa_supplicant_cancel_sched_scan(wpa_s);
1978 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1979 wpa_supplicant_req_scan(wpa_s, 0, 0);
1985 * wpa_supplicant_disable_network - Mark a configured network as disabled
1986 * @wpa_s: wpa_supplicant structure for a network interface
1987 * @ssid: wpa_ssid structure for a configured network or %NULL
1989 * Disables the specified network or all networks if no network specified.
1991 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1992 struct wpa_ssid *ssid)
1994 struct wpa_ssid *other_ssid;
1998 if (wpa_s->sched_scanning)
1999 wpa_supplicant_cancel_sched_scan(wpa_s);
2001 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2002 other_ssid = other_ssid->next) {
2003 was_disabled = other_ssid->disabled;
2004 if (was_disabled == 2)
2005 continue; /* do not change persistent P2P group
2008 other_ssid->disabled = 1;
2010 if (was_disabled != other_ssid->disabled)
2011 wpas_notify_network_enabled_changed(
2014 if (wpa_s->current_ssid)
2015 wpa_supplicant_deauthenticate(
2016 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2017 } else if (ssid->disabled != 2) {
2018 if (ssid == wpa_s->current_ssid)
2019 wpa_supplicant_deauthenticate(
2020 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2022 was_disabled = ssid->disabled;
2026 if (was_disabled != ssid->disabled) {
2027 wpas_notify_network_enabled_changed(wpa_s, ssid);
2028 if (wpa_s->sched_scanning) {
2029 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2030 "to remove network from filters");
2031 wpa_supplicant_cancel_sched_scan(wpa_s);
2032 wpa_supplicant_req_scan(wpa_s, 0, 0);
2040 * wpa_supplicant_select_network - Attempt association with a network
2041 * @wpa_s: wpa_supplicant structure for a network interface
2042 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2044 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2045 struct wpa_ssid *ssid)
2048 struct wpa_ssid *other_ssid;
2049 int disconnected = 0;
2051 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2052 wpa_supplicant_deauthenticate(
2053 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2058 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2061 * Mark all other networks disabled or mark all networks enabled if no
2062 * network specified.
2064 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2065 other_ssid = other_ssid->next) {
2066 int was_disabled = other_ssid->disabled;
2067 if (was_disabled == 2)
2068 continue; /* do not change persistent P2P group data */
2070 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2071 if (was_disabled && !other_ssid->disabled)
2072 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2074 if (was_disabled != other_ssid->disabled)
2075 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2078 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2079 /* We are already associated with the selected network */
2080 wpa_printf(MSG_DEBUG, "Already associated with the "
2081 "selected network - do nothing");
2086 wpa_s->current_ssid = ssid;
2087 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2089 wpa_s->connect_without_scan = NULL;
2090 wpa_s->disconnected = 0;
2091 wpa_s->reassociate = 1;
2093 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2094 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2097 wpas_notify_network_selected(wpa_s, ssid);
2102 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2103 * @wpa_s: wpa_supplicant structure for a network interface
2104 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2105 * @pkcs11_module_path: PKCS #11 module path or NULL
2106 * Returns: 0 on success; -1 on failure
2108 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2109 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2110 * module path fails the paths will be reset to the default value (NULL).
2112 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2113 const char *pkcs11_engine_path,
2114 const char *pkcs11_module_path)
2116 char *pkcs11_engine_path_copy = NULL;
2117 char *pkcs11_module_path_copy = NULL;
2119 if (pkcs11_engine_path != NULL) {
2120 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2121 if (pkcs11_engine_path_copy == NULL)
2124 if (pkcs11_module_path != NULL) {
2125 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2126 if (pkcs11_module_path_copy == NULL) {
2127 os_free(pkcs11_engine_path_copy);
2132 os_free(wpa_s->conf->pkcs11_engine_path);
2133 os_free(wpa_s->conf->pkcs11_module_path);
2134 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2135 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2137 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2138 eapol_sm_deinit(wpa_s->eapol);
2139 wpa_s->eapol = NULL;
2140 if (wpa_supplicant_init_eapol(wpa_s)) {
2141 /* Error -> Reset paths to the default value (NULL) once. */
2142 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2143 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2148 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2155 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2156 * @wpa_s: wpa_supplicant structure for a network interface
2157 * @ap_scan: AP scan mode
2158 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2161 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2166 if (ap_scan < 0 || ap_scan > 2)
2170 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2171 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2172 wpa_s->wpa_state < WPA_COMPLETED) {
2173 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2174 "associating", wpa_s->conf->ap_scan, ap_scan);
2177 #endif /* ANDROID */
2179 old_ap_scan = wpa_s->conf->ap_scan;
2180 wpa_s->conf->ap_scan = ap_scan;
2182 if (old_ap_scan != wpa_s->conf->ap_scan)
2183 wpas_notify_ap_scan_changed(wpa_s);
2190 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2191 * @wpa_s: wpa_supplicant structure for a network interface
2192 * @expire_age: Expiration age in seconds
2193 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2196 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2197 unsigned int bss_expire_age)
2199 if (bss_expire_age < 10) {
2200 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2204 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2206 wpa_s->conf->bss_expiration_age = bss_expire_age;
2213 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2214 * @wpa_s: wpa_supplicant structure for a network interface
2215 * @expire_count: number of scans after which an unseen BSS is reclaimed
2216 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2219 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2220 unsigned int bss_expire_count)
2222 if (bss_expire_count < 1) {
2223 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2227 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2229 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2236 * wpa_supplicant_set_scan_interval - Set scan interval
2237 * @wpa_s: wpa_supplicant structure for a network interface
2238 * @scan_interval: scan interval in seconds
2239 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2242 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2245 if (scan_interval < 0) {
2246 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2250 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2252 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2259 * wpa_supplicant_set_debug_params - Set global debug params
2260 * @global: wpa_global structure
2261 * @debug_level: debug level
2262 * @debug_timestamp: determines if show timestamp in debug data
2263 * @debug_show_keys: determines if show keys in debug data
2264 * Returns: 0 if succeed or -1 if debug_level has wrong value
2266 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2267 int debug_timestamp, int debug_show_keys)
2270 int old_level, old_timestamp, old_show_keys;
2272 /* check for allowed debuglevels */
2273 if (debug_level != MSG_EXCESSIVE &&
2274 debug_level != MSG_MSGDUMP &&
2275 debug_level != MSG_DEBUG &&
2276 debug_level != MSG_INFO &&
2277 debug_level != MSG_WARNING &&
2278 debug_level != MSG_ERROR)
2281 old_level = wpa_debug_level;
2282 old_timestamp = wpa_debug_timestamp;
2283 old_show_keys = wpa_debug_show_keys;
2285 wpa_debug_level = debug_level;
2286 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2287 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2289 if (wpa_debug_level != old_level)
2290 wpas_notify_debug_level_changed(global);
2291 if (wpa_debug_timestamp != old_timestamp)
2292 wpas_notify_debug_timestamp_changed(global);
2293 if (wpa_debug_show_keys != old_show_keys)
2294 wpas_notify_debug_show_keys_changed(global);
2301 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2302 * @wpa_s: Pointer to wpa_supplicant data
2303 * Returns: A pointer to the current network structure or %NULL on failure
2305 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2307 struct wpa_ssid *entry;
2308 u8 ssid[MAX_SSID_LEN];
2314 res = wpa_drv_get_ssid(wpa_s, ssid);
2316 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2322 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2323 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2328 wired = wpa_s->conf->ap_scan == 0 &&
2329 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2331 entry = wpa_s->conf->ssid;
2333 if (!wpas_network_disabled(wpa_s, entry) &&
2334 ((ssid_len == entry->ssid_len &&
2335 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2336 (!entry->bssid_set ||
2337 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2340 if (!wpas_network_disabled(wpa_s, entry) &&
2341 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2342 (entry->ssid == NULL || entry->ssid_len == 0) &&
2343 (!entry->bssid_set ||
2344 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2346 #endif /* CONFIG_WPS */
2348 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2349 entry->ssid_len == 0 &&
2350 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2353 entry = entry->next;
2360 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2362 struct wpa_global *global = wpa_s->global;
2364 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2365 global->drv_priv[i] = wpa_drivers[i]->global_init();
2366 if (global->drv_priv[i] == NULL) {
2367 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2368 "'%s'", wpa_drivers[i]->name);
2373 wpa_s->driver = wpa_drivers[i];
2374 wpa_s->global_drv_priv = global->drv_priv[i];
2380 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2385 const char *pos, *driver = name;
2390 if (wpa_drivers[0] == NULL) {
2391 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2397 /* default to first driver in the list */
2398 return select_driver(wpa_s, 0);
2402 pos = os_strchr(driver, ',');
2406 len = os_strlen(driver);
2408 for (i = 0; wpa_drivers[i]; i++) {
2409 if (os_strlen(wpa_drivers[i]->name) == len &&
2410 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2412 /* First driver that succeeds wins */
2413 if (select_driver(wpa_s, i) == 0)
2421 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2427 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2428 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2429 * with struct wpa_driver_ops::init()
2430 * @src_addr: Source address of the EAPOL frame
2431 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2432 * @len: Length of the EAPOL data
2434 * This function is called for each received EAPOL frame. Most driver
2435 * interfaces rely on more generic OS mechanism for receiving frames through
2436 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2437 * take care of received EAPOL frames and deliver them to the core supplicant
2438 * code by calling this function.
2440 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2441 const u8 *buf, size_t len)
2443 struct wpa_supplicant *wpa_s = ctx;
2445 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2446 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2448 #ifdef CONFIG_PEERKEY
2449 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2450 wpa_s->current_ssid->peerkey &&
2451 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2452 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2453 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2456 #endif /* CONFIG_PEERKEY */
2458 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2459 (wpa_s->last_eapol_matches_bssid &&
2462 #endif /* CONFIG_AP */
2463 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2465 * There is possible race condition between receiving the
2466 * association event and the EAPOL frame since they are coming
2467 * through different paths from the driver. In order to avoid
2468 * issues in trying to process the EAPOL frame before receiving
2469 * association information, lets queue it for processing until
2470 * the association event is received. This may also be needed in
2471 * driver-based roaming case, so also use src_addr != BSSID as a
2472 * trigger if we have previously confirmed that the
2473 * Authenticator uses BSSID as the src_addr (which is not the
2474 * case with wired IEEE 802.1X).
2476 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2477 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2478 wpa_supplicant_state_txt(wpa_s->wpa_state),
2479 MAC2STR(wpa_s->bssid));
2480 wpabuf_free(wpa_s->pending_eapol_rx);
2481 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2482 if (wpa_s->pending_eapol_rx) {
2483 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2484 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2490 wpa_s->last_eapol_matches_bssid =
2491 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2494 if (wpa_s->ap_iface) {
2495 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2498 #endif /* CONFIG_AP */
2500 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2501 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2502 "no key management is configured");
2506 if (wpa_s->eapol_received == 0 &&
2507 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2508 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2509 wpa_s->wpa_state != WPA_COMPLETED) &&
2510 (wpa_s->current_ssid == NULL ||
2511 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2512 /* Timeout for completing IEEE 802.1X and WPA authentication */
2513 wpa_supplicant_req_auth_timeout(
2515 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2516 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2517 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2520 wpa_s->eapol_received++;
2522 if (wpa_s->countermeasures) {
2523 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2528 #ifdef CONFIG_IBSS_RSN
2529 if (wpa_s->current_ssid &&
2530 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2531 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2534 #endif /* CONFIG_IBSS_RSN */
2536 /* Source address of the incoming EAPOL frame could be compared to the
2537 * current BSSID. However, it is possible that a centralized
2538 * Authenticator could be using another MAC address than the BSSID of
2539 * an AP, so just allow any address to be used for now. The replies are
2540 * still sent to the current BSSID (if available), though. */
2542 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2543 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2544 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2546 wpa_drv_poll(wpa_s);
2547 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2548 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2549 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2551 * Set portValid = TRUE here since we are going to skip 4-way
2552 * handshake processing which would normally set portValid. We
2553 * need this to allow the EAPOL state machines to be completed
2554 * without going through EAPOL-Key handshake.
2556 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2561 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2563 if (wpa_s->driver->send_eapol) {
2564 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2566 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2567 } else if ((!wpa_s->p2p_mgmt ||
2568 !(wpa_s->drv_flags &
2569 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2570 !(wpa_s->drv_flags &
2571 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2572 l2_packet_deinit(wpa_s->l2);
2573 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2574 wpa_drv_get_mac_addr(wpa_s),
2576 wpa_supplicant_rx_eapol, wpa_s, 0);
2577 if (wpa_s->l2 == NULL)
2580 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2582 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2585 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2586 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2594 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2595 const u8 *buf, size_t len)
2597 struct wpa_supplicant *wpa_s = ctx;
2598 const struct l2_ethhdr *eth;
2600 if (len < sizeof(*eth))
2602 eth = (const struct l2_ethhdr *) buf;
2604 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2605 !(eth->h_dest[0] & 0x01)) {
2606 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2607 " (bridge - not for this interface - ignore)",
2608 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2612 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2613 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2614 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2615 len - sizeof(*eth));
2620 * wpa_supplicant_driver_init - Initialize driver interface parameters
2621 * @wpa_s: Pointer to wpa_supplicant data
2622 * Returns: 0 on success, -1 on failure
2624 * This function is called to initialize driver interface parameters.
2625 * wpa_drv_init() must have been called before this function to initialize the
2628 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2630 static int interface_count = 0;
2632 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2635 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2636 MAC2STR(wpa_s->own_addr));
2637 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2639 if (wpa_s->bridge_ifname[0]) {
2640 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2641 "interface '%s'", wpa_s->bridge_ifname);
2642 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2645 wpa_supplicant_rx_eapol_bridge,
2647 if (wpa_s->l2_br == NULL) {
2648 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2649 "connection for the bridge interface '%s'",
2650 wpa_s->bridge_ifname);
2655 wpa_clear_keys(wpa_s, NULL);
2657 /* Make sure that TKIP countermeasures are not left enabled (could
2658 * happen if wpa_supplicant is killed during countermeasures. */
2659 wpa_drv_set_countermeasures(wpa_s, 0);
2661 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2662 wpa_drv_flush_pmkid(wpa_s);
2664 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2665 wpa_s->prev_scan_wildcard = 0;
2667 if (wpa_supplicant_enabled_networks(wpa_s)) {
2668 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2669 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2670 interface_count = 0;
2672 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2674 wpa_supplicant_req_scan(wpa_s, interface_count,
2678 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2684 static int wpa_supplicant_daemon(const char *pid_file)
2686 wpa_printf(MSG_DEBUG, "Daemonize..");
2687 return os_daemonize(pid_file);
2691 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2693 struct wpa_supplicant *wpa_s;
2695 wpa_s = os_zalloc(sizeof(*wpa_s));
2698 wpa_s->scan_req = INITIAL_SCAN_REQ;
2699 wpa_s->scan_interval = 5;
2700 wpa_s->new_connection = 1;
2701 wpa_s->parent = wpa_s;
2702 wpa_s->sched_scanning = 0;
2708 #ifdef CONFIG_HT_OVERRIDES
2710 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2711 struct ieee80211_ht_capabilities *htcaps,
2712 struct ieee80211_ht_capabilities *htcaps_mask,
2715 /* parse ht_mcs into hex array */
2717 const char *tmp = ht_mcs;
2720 /* If ht_mcs is null, do not set anything */
2724 /* This is what we are setting in the kernel */
2725 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2727 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2729 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2731 long v = strtol(tmp, &end, 16);
2733 wpa_msg(wpa_s, MSG_DEBUG,
2734 "htcap value[%i]: %ld end: %p tmp: %p",
2739 htcaps->supported_mcs_set[i] = v;
2742 wpa_msg(wpa_s, MSG_ERROR,
2743 "Failed to parse ht-mcs: %s, error: %s\n",
2744 ht_mcs, strerror(errno));
2750 * If we were able to parse any values, then set mask for the MCS set.
2753 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2754 IEEE80211_HT_MCS_MASK_LEN - 1);
2755 /* skip the 3 reserved bits */
2756 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2764 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2765 struct ieee80211_ht_capabilities *htcaps,
2766 struct ieee80211_ht_capabilities *htcaps_mask,
2771 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2776 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2777 htcaps_mask->ht_capabilities_info |= msk;
2779 htcaps->ht_capabilities_info &= msk;
2781 htcaps->ht_capabilities_info |= msk;
2787 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2788 struct ieee80211_ht_capabilities *htcaps,
2789 struct ieee80211_ht_capabilities *htcaps_mask,
2792 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2797 if (factor < 0 || factor > 3) {
2798 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2799 "Must be 0-3 or -1", factor);
2803 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2804 htcaps->a_mpdu_params &= ~0x3;
2805 htcaps->a_mpdu_params |= factor & 0x3;
2811 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2812 struct ieee80211_ht_capabilities *htcaps,
2813 struct ieee80211_ht_capabilities *htcaps_mask,
2816 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2821 if (density < 0 || density > 7) {
2822 wpa_msg(wpa_s, MSG_ERROR,
2823 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2828 htcaps_mask->a_mpdu_params |= 0x1C;
2829 htcaps->a_mpdu_params &= ~(0x1C);
2830 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2836 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2837 struct ieee80211_ht_capabilities *htcaps,
2838 struct ieee80211_ht_capabilities *htcaps_mask,
2841 /* Masking these out disables HT40 */
2842 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2843 HT_CAP_INFO_SHORT_GI40MHZ);
2845 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2848 htcaps->ht_capabilities_info &= ~msk;
2850 htcaps->ht_capabilities_info |= msk;
2852 htcaps_mask->ht_capabilities_info |= msk;
2858 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2859 struct ieee80211_ht_capabilities *htcaps,
2860 struct ieee80211_ht_capabilities *htcaps_mask,
2863 /* Masking these out disables SGI */
2864 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2865 HT_CAP_INFO_SHORT_GI40MHZ);
2867 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2870 htcaps->ht_capabilities_info &= ~msk;
2872 htcaps->ht_capabilities_info |= msk;
2874 htcaps_mask->ht_capabilities_info |= msk;
2880 void wpa_supplicant_apply_ht_overrides(
2881 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2882 struct wpa_driver_associate_params *params)
2884 struct ieee80211_ht_capabilities *htcaps;
2885 struct ieee80211_ht_capabilities *htcaps_mask;
2890 params->disable_ht = ssid->disable_ht;
2891 if (!params->htcaps || !params->htcaps_mask)
2894 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2895 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2896 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2897 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2898 ssid->disable_max_amsdu);
2899 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2900 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2901 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2902 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2905 #endif /* CONFIG_HT_OVERRIDES */
2908 #ifdef CONFIG_VHT_OVERRIDES
2909 void wpa_supplicant_apply_vht_overrides(
2910 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2911 struct wpa_driver_associate_params *params)
2913 struct ieee80211_vht_capabilities *vhtcaps;
2914 struct ieee80211_vht_capabilities *vhtcaps_mask;
2919 params->disable_vht = ssid->disable_vht;
2921 vhtcaps = (void *) params->vhtcaps;
2922 vhtcaps_mask = (void *) params->vhtcaps_mask;
2924 if (!vhtcaps || !vhtcaps_mask)
2927 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2928 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2930 #define OVERRIDE_MCS(i) \
2931 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2932 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2934 vhtcaps->vht_supported_mcs_set.tx_map |= \
2935 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2937 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2938 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2940 vhtcaps->vht_supported_mcs_set.rx_map |= \
2941 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2953 #endif /* CONFIG_VHT_OVERRIDES */
2956 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2961 if (!wpa_s->conf->pcsc_reader)
2964 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
2968 if (wpa_s->conf->pcsc_pin &&
2969 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2970 scard_deinit(wpa_s->scard);
2971 wpa_s->scard = NULL;
2972 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2976 len = sizeof(wpa_s->imsi) - 1;
2977 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2978 scard_deinit(wpa_s->scard);
2979 wpa_s->scard = NULL;
2980 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2983 wpa_s->imsi[len] = '\0';
2985 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2987 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2988 wpa_s->imsi, wpa_s->mnc_len);
2990 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2991 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2992 #endif /* PCSC_FUNCS */
2998 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3002 ext_password_deinit(wpa_s->ext_pw);
3003 wpa_s->ext_pw = NULL;
3004 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3006 if (!wpa_s->conf->ext_password_backend)
3009 val = os_strdup(wpa_s->conf->ext_password_backend);
3012 pos = os_strchr(val, ':');
3016 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3018 wpa_s->ext_pw = ext_password_init(val, pos);
3020 if (wpa_s->ext_pw == NULL) {
3021 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3024 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3030 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3033 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3034 struct wpa_radio *radio;
3036 while (rn && iface) {
3037 radio = iface->radio;
3038 if (radio && os_strcmp(rn, radio->name) == 0) {
3039 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3041 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3045 iface = iface->next;
3048 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3049 wpa_s->ifname, rn ? rn : "N/A");
3050 radio = os_zalloc(sizeof(*radio));
3055 os_strlcpy(radio->name, rn, sizeof(radio->name));
3056 dl_list_init(&radio->ifaces);
3057 dl_list_init(&radio->work);
3058 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3064 static void radio_work_free(struct wpa_radio_work *work)
3066 if (work->wpa_s->scan_work == work) {
3067 /* This should not really happen. */
3068 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3069 work->type, work, work->started);
3070 work->wpa_s->scan_work = NULL;
3074 if (work->wpa_s->p2p_scan_work == work) {
3075 /* This should not really happen. */
3076 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3077 work->type, work, work->started);
3078 work->wpa_s->p2p_scan_work = NULL;
3080 #endif /* CONFIG_P2P */
3082 dl_list_del(&work->list);
3087 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3089 struct wpa_radio *radio = eloop_ctx;
3090 struct wpa_radio_work *work;
3091 struct os_reltime now, diff;
3092 struct wpa_supplicant *wpa_s;
3094 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3099 return; /* already started and still in progress */
3101 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3103 if (wpa_s && wpa_s->external_scan_running) {
3104 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3108 os_get_reltime(&now);
3109 os_reltime_sub(&now, &work->time, &diff);
3110 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3111 work->type, work, diff.sec, diff.usec);
3119 * This function removes both started and pending radio works running on
3120 * the provided interface's radio.
3121 * Prior to the removal of the radio work, its callback (cb) is called with
3122 * deinit set to be 1. Each work's callback is responsible for clearing its
3123 * internal data and restoring to a correct state.
3124 * @wpa_s: wpa_supplicant data
3125 * @type: type of works to be removed
3126 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3127 * this interface's works.
3129 void radio_remove_works(struct wpa_supplicant *wpa_s,
3130 const char *type, int remove_all)
3132 struct wpa_radio_work *work, *tmp;
3133 struct wpa_radio *radio = wpa_s->radio;
3135 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3137 if (type && os_strcmp(type, work->type) != 0)
3140 /* skip other ifaces' works */
3141 if (!remove_all && work->wpa_s != wpa_s)
3144 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3145 work->type, work, work->started ? " (started)" : "");
3147 radio_work_free(work);
3150 /* in case we removed the started work */
3151 radio_work_check_next(wpa_s);
3155 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3157 struct wpa_radio *radio = wpa_s->radio;
3162 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3163 wpa_s->ifname, radio->name);
3164 dl_list_del(&wpa_s->radio_list);
3165 if (!dl_list_empty(&radio->ifaces)) {
3166 wpa_s->radio = NULL;
3167 return; /* Interfaces remain for this radio */
3170 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3171 radio_remove_works(wpa_s, NULL, 0);
3172 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3173 wpa_s->radio = NULL;
3178 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3180 struct wpa_radio *radio = wpa_s->radio;
3182 if (dl_list_empty(&radio->work))
3184 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3185 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3190 * radio_add_work - Add a radio work item
3191 * @wpa_s: Pointer to wpa_supplicant data
3192 * @freq: Frequency of the offchannel operation in MHz or 0
3193 * @type: Unique identifier for each type of work
3194 * @next: Force as the next work to be executed
3195 * @cb: Callback function for indicating when radio is available
3196 * @ctx: Context pointer for the work (work->ctx in cb())
3197 * Returns: 0 on success, -1 on failure
3199 * This function is used to request time for an operation that requires
3200 * exclusive radio control. Once the radio is available, the registered callback
3201 * function will be called. radio_work_done() must be called once the exclusive
3202 * radio operation has been completed, so that the radio is freed for other
3203 * operations. The special case of deinit=1 is used to free the context data
3204 * during interface removal. That does not allow the callback function to start
3205 * the radio operation, i.e., it must free any resources allocated for the radio
3208 * The @freq parameter can be used to indicate a single channel on which the
3209 * offchannel operation will occur. This may allow multiple radio work
3210 * operations to be performed in parallel if they apply for the same channel.
3211 * Setting this to 0 indicates that the work item may use multiple channels or
3212 * requires exclusive control of the radio.
3214 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3215 const char *type, int next,
3216 void (*cb)(struct wpa_radio_work *work, int deinit),
3219 struct wpa_radio_work *work;
3222 work = os_zalloc(sizeof(*work));
3225 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3226 os_get_reltime(&work->time);
3229 work->wpa_s = wpa_s;
3233 was_empty = dl_list_empty(&wpa_s->radio->work);
3235 dl_list_add(&wpa_s->radio->work, &work->list);
3237 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3239 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3240 radio_work_check_next(wpa_s);
3248 * radio_work_done - Indicate that a radio work item has been completed
3249 * @work: Completed work
3251 * This function is called once the callback function registered with
3252 * radio_add_work() has completed its work.
3254 void radio_work_done(struct wpa_radio_work *work)
3256 struct wpa_supplicant *wpa_s = work->wpa_s;
3257 struct os_reltime now, diff;
3258 unsigned int started = work->started;
3260 os_get_reltime(&now);
3261 os_reltime_sub(&now, &work->time, &diff);
3262 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3263 work->type, work, started ? "done" : "canceled",
3264 diff.sec, diff.usec);
3265 radio_work_free(work);
3267 radio_work_check_next(wpa_s);
3271 int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3273 struct wpa_radio_work *work;
3274 struct wpa_radio *radio = wpa_s->radio;
3276 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3277 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3285 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3286 struct wpa_interface *iface)
3288 const char *ifname, *driver, *rn;
3290 driver = iface->driver;
3292 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3295 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3296 if (wpa_s->drv_priv == NULL) {
3298 pos = driver ? os_strchr(driver, ',') : NULL;
3300 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3301 "driver interface - try next driver wrapper");
3305 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3309 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3310 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3311 "driver_param '%s'", wpa_s->conf->driver_param);
3315 ifname = wpa_drv_get_ifname(wpa_s);
3316 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3317 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3318 "interface name with '%s'", ifname);
3319 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3322 if (wpa_s->driver->get_radio_name)
3323 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3326 if (rn && rn[0] == '\0')
3329 wpa_s->radio = radio_add_interface(wpa_s, rn);
3330 if (wpa_s->radio == NULL)
3337 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3338 struct wpa_interface *iface)
3340 struct wpa_driver_capa capa;
3342 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3343 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3344 iface->confname ? iface->confname : "N/A",
3345 iface->driver ? iface->driver : "default",
3346 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3347 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3349 if (iface->confname) {
3350 #ifdef CONFIG_BACKEND_FILE
3351 wpa_s->confname = os_rel2abs_path(iface->confname);
3352 if (wpa_s->confname == NULL) {
3353 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3354 "for configuration file '%s'.",
3358 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3359 iface->confname, wpa_s->confname);
3360 #else /* CONFIG_BACKEND_FILE */
3361 wpa_s->confname = os_strdup(iface->confname);
3362 #endif /* CONFIG_BACKEND_FILE */
3363 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3364 if (wpa_s->conf == NULL) {
3365 wpa_printf(MSG_ERROR, "Failed to read or parse "
3366 "configuration '%s'.", wpa_s->confname);
3369 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3370 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3373 * Override ctrl_interface and driver_param if set on command
3376 if (iface->ctrl_interface) {
3377 os_free(wpa_s->conf->ctrl_interface);
3378 wpa_s->conf->ctrl_interface =
3379 os_strdup(iface->ctrl_interface);
3382 if (iface->driver_param) {
3383 os_free(wpa_s->conf->driver_param);
3384 wpa_s->conf->driver_param =
3385 os_strdup(iface->driver_param);
3388 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3389 os_free(wpa_s->conf->ctrl_interface);
3390 wpa_s->conf->ctrl_interface = NULL;
3393 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3394 iface->driver_param);
3396 if (wpa_s->conf == NULL) {
3397 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3401 if (iface->ifname == NULL) {
3402 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3405 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3406 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3410 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3412 if (iface->bridge_ifname) {
3413 if (os_strlen(iface->bridge_ifname) >=
3414 sizeof(wpa_s->bridge_ifname)) {
3415 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3416 "name '%s'.", iface->bridge_ifname);
3419 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3420 sizeof(wpa_s->bridge_ifname));
3423 /* RSNA Supplicant Key Management - INITIALIZE */
3424 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3425 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3427 /* Initialize driver interface and register driver event handler before
3428 * L2 receive handler so that association events are processed before
3429 * EAPOL-Key packets if both become available for the same select()
3431 if (wpas_init_driver(wpa_s, iface) < 0)
3434 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3437 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3438 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3440 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3442 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3443 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3444 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3445 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3446 "dot11RSNAConfigPMKLifetime");
3450 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3451 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3452 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3453 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3454 "dot11RSNAConfigPMKReauthThreshold");
3458 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3459 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3460 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3461 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3462 "dot11RSNAConfigSATimeout");
3466 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3467 &wpa_s->hw.num_modes,
3470 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3471 wpa_s->drv_capa_known = 1;
3472 wpa_s->drv_flags = capa.flags;
3473 wpa_s->drv_enc = capa.enc;
3474 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3475 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3476 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3477 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3478 wpa_s->max_match_sets = capa.max_match_sets;
3479 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3480 wpa_s->max_stations = capa.max_stations;
3481 wpa_s->extended_capa = capa.extended_capa;
3482 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3483 wpa_s->extended_capa_len = capa.extended_capa_len;
3484 wpa_s->num_multichan_concurrent =
3485 capa.num_multichan_concurrent;
3487 if (wpa_s->max_remain_on_chan == 0)
3488 wpa_s->max_remain_on_chan = 1000;
3491 * Only take p2p_mgmt parameters when P2P Device is supported.
3492 * Doing it here as it determines whether l2_packet_init() will be done
3493 * during wpa_supplicant_driver_init().
3495 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3496 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3498 iface->p2p_mgmt = 1;
3500 if (wpa_s->num_multichan_concurrent == 0)
3501 wpa_s->num_multichan_concurrent = 1;
3503 if (wpa_supplicant_driver_init(wpa_s) < 0)
3507 if ((!iface->p2p_mgmt ||
3508 !(wpa_s->drv_flags &
3509 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3510 wpa_tdls_init(wpa_s->wpa))
3512 #endif /* CONFIG_TDLS */
3514 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3515 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3516 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3520 if (wpas_wps_init(wpa_s))
3523 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3525 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3527 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3528 if (wpa_s->ctrl_iface == NULL) {
3529 wpa_printf(MSG_ERROR,
3530 "Failed to initialize control interface '%s'.\n"
3531 "You may have another wpa_supplicant process "
3532 "already running or the file was\n"
3533 "left by an unclean termination of wpa_supplicant "
3534 "in which case you will need\n"
3535 "to manually remove this file before starting "
3536 "wpa_supplicant again.\n",
3537 wpa_s->conf->ctrl_interface);
3541 wpa_s->gas = gas_query_init(wpa_s);
3542 if (wpa_s->gas == NULL) {
3543 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3548 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3549 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3552 #endif /* CONFIG_P2P */
3554 if (wpa_bss_init(wpa_s) < 0)
3557 #ifdef CONFIG_EAP_PROXY
3560 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3562 if (wpa_s->mnc_len > 0) {
3563 wpa_s->imsi[len] = '\0';
3564 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3565 wpa_s->imsi, wpa_s->mnc_len);
3567 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3570 #endif /* CONFIG_EAP_PROXY */
3572 if (pcsc_reader_init(wpa_s) < 0)
3575 if (wpas_init_ext_pw(wpa_s) < 0)
3582 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3583 int notify, int terminate)
3585 wpa_s->disconnected = 1;
3586 if (wpa_s->drv_priv) {
3587 wpa_supplicant_deauthenticate(wpa_s,
3588 WLAN_REASON_DEAUTH_LEAVING);
3590 wpa_drv_set_countermeasures(wpa_s, 0);
3591 wpa_clear_keys(wpa_s, NULL);
3594 wpa_supplicant_cleanup(wpa_s);
3597 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3598 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3599 "the management interface is being removed");
3600 wpas_p2p_deinit_global(wpa_s->global);
3602 #endif /* CONFIG_P2P */
3604 wpas_ctrl_radio_work_flush(wpa_s);
3605 radio_remove_interface(wpa_s);
3607 if (wpa_s->drv_priv)
3608 wpa_drv_deinit(wpa_s);
3611 wpas_notify_iface_removed(wpa_s);
3614 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3616 if (wpa_s->ctrl_iface) {
3617 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3618 wpa_s->ctrl_iface = NULL;
3621 if (wpa_s->conf != NULL) {
3622 wpa_config_free(wpa_s->conf);
3631 * wpa_supplicant_add_iface - Add a new network interface
3632 * @global: Pointer to global data from wpa_supplicant_init()
3633 * @iface: Interface configuration options
3634 * Returns: Pointer to the created interface or %NULL on failure
3636 * This function is used to add new network interfaces for %wpa_supplicant.
3637 * This can be called before wpa_supplicant_run() to add interfaces before the
3638 * main event loop has been started. In addition, new interfaces can be added
3639 * dynamically while %wpa_supplicant is already running. This could happen,
3640 * e.g., when a hotplug network adapter is inserted.
3642 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3643 struct wpa_interface *iface)
3645 struct wpa_supplicant *wpa_s;
3646 struct wpa_interface t_iface;
3647 struct wpa_ssid *ssid;
3649 if (global == NULL || iface == NULL)
3652 wpa_s = wpa_supplicant_alloc();
3656 wpa_s->global = global;
3659 if (global->params.override_driver) {
3660 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3662 iface->driver, global->params.override_driver);
3663 t_iface.driver = global->params.override_driver;
3665 if (global->params.override_ctrl_interface) {
3666 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3667 "ctrl_interface ('%s' -> '%s')",
3668 iface->ctrl_interface,
3669 global->params.override_ctrl_interface);
3670 t_iface.ctrl_interface =
3671 global->params.override_ctrl_interface;
3673 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3674 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3676 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3680 /* Notify the control interfaces about new iface */
3681 if (wpas_notify_iface_added(wpa_s)) {
3682 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3686 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3687 wpas_notify_network_added(wpa_s, ssid);
3689 wpa_s->next = global->ifaces;
3690 global->ifaces = wpa_s;
3692 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3693 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3700 * wpa_supplicant_remove_iface - Remove a network interface
3701 * @global: Pointer to global data from wpa_supplicant_init()
3702 * @wpa_s: Pointer to the network interface to be removed
3703 * Returns: 0 if interface was removed, -1 if interface was not found
3705 * This function can be used to dynamically remove network interfaces from
3706 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3707 * addition, this function is used to remove all remaining interfaces when
3708 * %wpa_supplicant is terminated.
3710 int wpa_supplicant_remove_iface(struct wpa_global *global,
3711 struct wpa_supplicant *wpa_s,
3714 struct wpa_supplicant *prev;
3716 /* Remove interface from the global list of interfaces */
3717 prev = global->ifaces;
3718 if (prev == wpa_s) {
3719 global->ifaces = wpa_s->next;
3721 while (prev && prev->next != wpa_s)
3725 prev->next = wpa_s->next;
3728 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3730 if (global->p2p_group_formation == wpa_s)
3731 global->p2p_group_formation = NULL;
3732 if (global->p2p_invite_group == wpa_s)
3733 global->p2p_invite_group = NULL;
3734 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3741 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3742 * @wpa_s: Pointer to the network interface
3743 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3745 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3747 const char *eapol_method;
3749 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3750 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3754 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3755 if (eapol_method == NULL)
3756 return "UNKNOWN-EAP";
3758 return eapol_method;
3763 * wpa_supplicant_get_iface - Get a new network interface
3764 * @global: Pointer to global data from wpa_supplicant_init()
3765 * @ifname: Interface name
3766 * Returns: Pointer to the interface or %NULL if not found
3768 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3771 struct wpa_supplicant *wpa_s;
3773 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3774 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3781 #ifndef CONFIG_NO_WPA_MSG
3782 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3784 struct wpa_supplicant *wpa_s = ctx;
3787 return wpa_s->ifname;
3789 #endif /* CONFIG_NO_WPA_MSG */
3793 * wpa_supplicant_init - Initialize %wpa_supplicant
3794 * @params: Parameters for %wpa_supplicant
3795 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3797 * This function is used to initialize %wpa_supplicant. After successful
3798 * initialization, the returned data pointer can be used to add and remove
3799 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3801 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3803 struct wpa_global *global;
3809 #ifdef CONFIG_DRIVER_NDIS
3811 void driver_ndis_init_ops(void);
3812 driver_ndis_init_ops();
3814 #endif /* CONFIG_DRIVER_NDIS */
3816 #ifndef CONFIG_NO_WPA_MSG
3817 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3818 #endif /* CONFIG_NO_WPA_MSG */
3820 wpa_debug_open_file(params->wpa_debug_file_path);
3821 if (params->wpa_debug_syslog)
3822 wpa_debug_open_syslog();
3823 if (params->wpa_debug_tracing) {
3824 ret = wpa_debug_open_linux_tracing();
3826 wpa_printf(MSG_ERROR,
3827 "Failed to enable trace logging");
3832 ret = eap_register_methods();
3834 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3836 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3837 "the same EAP type.");
3841 global = os_zalloc(sizeof(*global));
3844 dl_list_init(&global->p2p_srv_bonjour);
3845 dl_list_init(&global->p2p_srv_upnp);
3846 global->params.daemonize = params->daemonize;
3847 global->params.wait_for_monitor = params->wait_for_monitor;
3848 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3849 if (params->pid_file)
3850 global->params.pid_file = os_strdup(params->pid_file);
3851 if (params->ctrl_interface)
3852 global->params.ctrl_interface =
3853 os_strdup(params->ctrl_interface);
3854 if (params->ctrl_interface_group)
3855 global->params.ctrl_interface_group =
3856 os_strdup(params->ctrl_interface_group);
3857 if (params->override_driver)
3858 global->params.override_driver =
3859 os_strdup(params->override_driver);
3860 if (params->override_ctrl_interface)
3861 global->params.override_ctrl_interface =
3862 os_strdup(params->override_ctrl_interface);
3863 wpa_debug_level = global->params.wpa_debug_level =
3864 params->wpa_debug_level;
3865 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3866 params->wpa_debug_show_keys;
3867 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3868 params->wpa_debug_timestamp;
3870 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3873 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3874 wpa_supplicant_deinit(global);
3878 random_init(params->entropy_file);
3880 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3881 if (global->ctrl_iface == NULL) {
3882 wpa_supplicant_deinit(global);
3886 if (wpas_notify_supplicant_initialized(global)) {
3887 wpa_supplicant_deinit(global);
3891 for (i = 0; wpa_drivers[i]; i++)
3892 global->drv_count++;
3893 if (global->drv_count == 0) {
3894 wpa_printf(MSG_ERROR, "No drivers enabled");
3895 wpa_supplicant_deinit(global);
3898 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3899 if (global->drv_priv == NULL) {
3900 wpa_supplicant_deinit(global);
3904 #ifdef CONFIG_WIFI_DISPLAY
3905 if (wifi_display_init(global) < 0) {
3906 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3907 wpa_supplicant_deinit(global);
3910 #endif /* CONFIG_WIFI_DISPLAY */
3917 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3918 * @global: Pointer to global data from wpa_supplicant_init()
3919 * Returns: 0 after successful event loop run, -1 on failure
3921 * This function starts the main event loop and continues running as long as
3922 * there are any remaining events. In most cases, this function is running as
3923 * long as the %wpa_supplicant process in still in use.
3925 int wpa_supplicant_run(struct wpa_global *global)
3927 struct wpa_supplicant *wpa_s;
3929 if (global->params.daemonize &&
3930 wpa_supplicant_daemon(global->params.pid_file))
3933 if (global->params.wait_for_monitor) {
3934 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3935 if (wpa_s->ctrl_iface)
3936 wpa_supplicant_ctrl_iface_wait(
3940 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3941 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3950 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3951 * @global: Pointer to global data from wpa_supplicant_init()
3953 * This function is called to deinitialize %wpa_supplicant and to free all
3954 * allocated resources. Remaining network interfaces will also be removed.
3956 void wpa_supplicant_deinit(struct wpa_global *global)
3963 #ifdef CONFIG_WIFI_DISPLAY
3964 wifi_display_deinit(global);
3965 #endif /* CONFIG_WIFI_DISPLAY */
3967 while (global->ifaces)
3968 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3970 if (global->ctrl_iface)
3971 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3973 wpas_notify_supplicant_deinitialized(global);
3975 eap_peer_unregister_methods();
3977 eap_server_unregister_methods();
3978 #endif /* CONFIG_AP */
3980 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3981 if (!global->drv_priv[i])
3983 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3985 os_free(global->drv_priv);
3991 if (global->params.pid_file) {
3992 os_daemonize_terminate(global->params.pid_file);
3993 os_free(global->params.pid_file);
3995 os_free(global->params.ctrl_interface);
3996 os_free(global->params.ctrl_interface_group);
3997 os_free(global->params.override_driver);
3998 os_free(global->params.override_ctrl_interface);
4000 os_free(global->p2p_disallow_freq.range);
4001 os_free(global->p2p_go_avoid_freq.range);
4002 os_free(global->add_psk);
4005 wpa_debug_close_syslog();
4006 wpa_debug_close_file();
4007 wpa_debug_close_linux_tracing();
4011 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4013 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4014 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4016 country[0] = wpa_s->conf->country[0];
4017 country[1] = wpa_s->conf->country[1];
4019 if (wpa_drv_set_country(wpa_s, country) < 0) {
4020 wpa_printf(MSG_ERROR, "Failed to set country code "
4025 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4026 wpas_init_ext_pw(wpa_s);
4029 wpas_wps_update_config(wpa_s);
4030 #endif /* CONFIG_WPS */
4033 wpas_p2p_update_config(wpa_s);
4034 #endif /* CONFIG_P2P */
4036 wpa_s->conf->changed_parameters = 0;
4040 static void add_freq(int *freqs, int *num_freqs, int freq)
4044 for (i = 0; i < *num_freqs; i++) {
4045 if (freqs[i] == freq)
4049 freqs[*num_freqs] = freq;
4054 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4056 struct wpa_bss *bss, *cbss;
4057 const int max_freqs = 10;
4061 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4065 cbss = wpa_s->current_bss;
4067 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4070 if (bss->ssid_len == cbss->ssid_len &&
4071 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4072 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4073 add_freq(freqs, &num_freqs, bss->freq);
4074 if (num_freqs == max_freqs)
4079 if (num_freqs == 0) {
4088 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4094 wpas_connect_work_done(wpa_s);
4097 * Remove possible authentication timeout since the connection failed.
4099 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4101 if (wpa_s->disconnected) {
4103 * There is no point in blacklisting the AP if this event is
4104 * generated based on local request to disconnect.
4106 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4107 "indication since interface has been put into "
4108 "disconnected state");
4113 * Add the failed BSSID into the blacklist and speed up next scan
4114 * attempt if there could be other APs that could accept association.
4115 * The current blacklist count indicates how many times we have tried
4116 * connecting to this AP and multiple attempts mean that other APs are
4117 * either not available or has already been tried, so that we can start
4118 * increasing the delay here to avoid constant scanning.
4120 count = wpa_blacklist_add(wpa_s, bssid);
4121 if (count == 1 && wpa_s->current_bss) {
4123 * This BSS was not in the blacklist before. If there is
4124 * another BSS available for the same ESS, we should try that
4125 * next. Otherwise, we may as well try this one once more
4126 * before allowing other, likely worse, ESSes to be considered.
4128 freqs = get_bss_freqs_in_ess(wpa_s);
4130 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4131 "has been seen; try it next");
4132 wpa_blacklist_add(wpa_s, bssid);
4134 * On the next scan, go through only the known channels
4135 * used in this ESS based on previous scans to speed up
4136 * common load balancing use case.
4138 os_free(wpa_s->next_scan_freqs);
4139 wpa_s->next_scan_freqs = freqs;
4144 * Add previous failure count in case the temporary blacklist was
4145 * cleared due to no other BSSes being available.
4147 count += wpa_s->extra_blacklist_count;
4149 if (count > 3 && wpa_s->current_ssid) {
4150 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4151 "consider temporary network disabling");
4152 wpas_auth_failed(wpa_s);
4173 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4174 "ms", count, timeout);
4177 * TODO: if more than one possible AP is available in scan results,
4178 * could try the other ones before requesting a new scan.
4180 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4181 1000 * (timeout % 1000));
4185 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4187 return wpa_s->conf->ap_scan == 2 ||
4188 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4192 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4193 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4194 struct wpa_ssid *ssid,
4198 #ifdef IEEE8021X_EAPOL
4199 struct eap_peer_config *eap = &ssid->eap;
4201 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4202 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4203 (const u8 *) value, os_strlen(value));
4205 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4206 case WPA_CTRL_REQ_EAP_IDENTITY:
4207 os_free(eap->identity);
4208 eap->identity = (u8 *) os_strdup(value);
4209 eap->identity_len = os_strlen(value);
4210 eap->pending_req_identity = 0;
4211 if (ssid == wpa_s->current_ssid)
4212 wpa_s->reassociate = 1;
4214 case WPA_CTRL_REQ_EAP_PASSWORD:
4215 os_free(eap->password);
4216 eap->password = (u8 *) os_strdup(value);
4217 eap->password_len = os_strlen(value);
4218 eap->pending_req_password = 0;
4219 if (ssid == wpa_s->current_ssid)
4220 wpa_s->reassociate = 1;
4222 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4223 os_free(eap->new_password);
4224 eap->new_password = (u8 *) os_strdup(value);
4225 eap->new_password_len = os_strlen(value);
4226 eap->pending_req_new_password = 0;
4227 if (ssid == wpa_s->current_ssid)
4228 wpa_s->reassociate = 1;
4230 case WPA_CTRL_REQ_EAP_PIN:
4232 eap->pin = os_strdup(value);
4233 eap->pending_req_pin = 0;
4234 if (ssid == wpa_s->current_ssid)
4235 wpa_s->reassociate = 1;
4237 case WPA_CTRL_REQ_EAP_OTP:
4239 eap->otp = (u8 *) os_strdup(value);
4240 eap->otp_len = os_strlen(value);
4241 os_free(eap->pending_req_otp);
4242 eap->pending_req_otp = NULL;
4243 eap->pending_req_otp_len = 0;
4245 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4246 os_free(eap->private_key_passwd);
4247 eap->private_key_passwd = (u8 *) os_strdup(value);
4248 eap->pending_req_passphrase = 0;
4249 if (ssid == wpa_s->current_ssid)
4250 wpa_s->reassociate = 1;
4252 case WPA_CTRL_REQ_SIM:
4253 os_free(eap->external_sim_resp);
4254 eap->external_sim_resp = os_strdup(value);
4257 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4262 #else /* IEEE8021X_EAPOL */
4263 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4265 #endif /* IEEE8021X_EAPOL */
4267 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4270 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4273 unsigned int drv_enc;
4281 if (wpa_s && wpa_s->drv_capa_known)
4282 drv_enc = wpa_s->drv_enc;
4284 drv_enc = (unsigned int) -1;
4286 for (i = 0; i < NUM_WEP_KEYS; i++) {
4287 size_t len = ssid->wep_key_len[i];
4290 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4292 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4294 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4296 return 1; /* invalid WEP key */
4299 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4307 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4309 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4311 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4317 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4319 struct wpa_ssid *ssid = wpa_s->current_ssid;
4321 struct os_reltime now;
4324 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4329 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4332 ssid->auth_failures++;
4335 if (ssid->p2p_group &&
4336 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4338 * Skip the wait time since there is a short timeout on the
4339 * connection to a P2P group.
4343 #endif /* CONFIG_P2P */
4345 if (ssid->auth_failures > 50)
4347 else if (ssid->auth_failures > 10)
4349 else if (ssid->auth_failures > 5)
4351 else if (ssid->auth_failures > 3)
4353 else if (ssid->auth_failures > 2)
4355 else if (ssid->auth_failures > 1)
4360 if (ssid->auth_failures > 1 &&
4361 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4362 dur += os_random() % (ssid->auth_failures * 10);
4364 os_get_reltime(&now);
4365 if (now.sec + dur <= ssid->disabled_until.sec)
4368 ssid->disabled_until.sec = now.sec + dur;
4370 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4371 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4372 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4373 ssid->auth_failures, dur);
4377 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4378 struct wpa_ssid *ssid, int clear_failures)
4383 if (ssid->disabled_until.sec) {
4384 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4385 "id=%d ssid=\"%s\"",
4386 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4388 ssid->disabled_until.sec = 0;
4389 ssid->disabled_until.usec = 0;
4391 ssid->auth_failures = 0;
4395 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4399 if (wpa_s->disallow_aps_bssid == NULL)
4402 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4403 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4404 bssid, ETH_ALEN) == 0)
4412 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4417 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4420 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4421 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4422 if (ssid_len == s->ssid_len &&
4423 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4432 * wpas_request_connection - Request a new connection
4433 * @wpa_s: Pointer to the network interface
4435 * This function is used to request a new connection to be found. It will mark
4436 * the interface to allow reassociation and request a new scan to find a
4437 * suitable network to connect to.
4439 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4441 wpa_s->normal_scans = 0;
4442 wpa_supplicant_reinit_autoscan(wpa_s);
4443 wpa_s->extra_blacklist_count = 0;
4444 wpa_s->disconnected = 0;
4445 wpa_s->reassociate = 1;
4447 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4448 wpa_supplicant_req_scan(wpa_s, 0, 0);
4452 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4453 int *freq_array, unsigned int len)
4457 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4459 for (i = 0; i < len; i++)
4460 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4465 * Find the operating frequencies of any of the virtual interfaces that
4466 * are using the same radio as the current interface.
4468 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4469 int *freq_array, unsigned int len)
4471 struct wpa_supplicant *ifs;
4474 unsigned int idx = 0, i;
4476 wpa_dbg(wpa_s, MSG_DEBUG,
4477 "Determining shared radio frequencies (max len %u)", len);
4478 os_memset(freq_array, 0, sizeof(int) * len);
4480 /* First add the frequency of the local interface */
4481 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4482 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4483 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4484 freq_array[idx++] = wpa_s->current_ssid->frequency;
4485 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4486 freq_array[idx++] = wpa_s->assoc_freq;
4489 /* If get_radio_name is not supported, use only the local freq */
4490 if (!wpa_s->driver->get_radio_name) {
4491 freq = wpa_drv_shared_freq(wpa_s);
4492 if (freq > 0 && idx < len &&
4493 (idx == 0 || freq_array[0] != freq))
4494 freq_array[idx++] = freq;
4495 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4499 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4504 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4507 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4508 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4509 freq = ifs->current_ssid->frequency;
4510 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4511 freq = ifs->assoc_freq;
4515 /* Hold only distinct freqs */
4516 for (i = 0; i < idx; i++)
4517 if (freq_array[i] == freq)
4521 freq_array[idx++] = freq;
4524 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);