3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
56 const char *wpa_supplicant_version =
57 "wpa_supplicant v" VERSION_STR "\n"
58 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
60 const char *wpa_supplicant_license =
61 "This software may be distributed under the terms of the BSD license.\n"
62 "See README for more details.\n"
63 #ifdef EAP_TLS_OPENSSL
64 "\nThis product includes software developed by the OpenSSL Project\n"
65 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
66 #endif /* EAP_TLS_OPENSSL */
69 #ifndef CONFIG_NO_STDOUT_DEBUG
70 /* Long text divided into parts in order to fit in C89 strings size limits. */
71 const char *wpa_supplicant_full_license1 =
73 const char *wpa_supplicant_full_license2 =
74 "This software may be distributed under the terms of the BSD license.\n"
76 "Redistribution and use in source and binary forms, with or without\n"
77 "modification, are permitted provided that the following conditions are\n"
80 const char *wpa_supplicant_full_license3 =
81 "1. Redistributions of source code must retain the above copyright\n"
82 " notice, this list of conditions and the following disclaimer.\n"
84 "2. Redistributions in binary form must reproduce the above copyright\n"
85 " notice, this list of conditions and the following disclaimer in the\n"
86 " documentation and/or other materials provided with the distribution.\n"
88 const char *wpa_supplicant_full_license4 =
89 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
90 " names of its contributors may be used to endorse or promote products\n"
91 " derived from this software without specific prior written permission.\n"
93 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
94 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
95 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
96 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
97 const char *wpa_supplicant_full_license5 =
98 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
99 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
100 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
101 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
102 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
103 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
104 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
106 #endif /* CONFIG_NO_STDOUT_DEBUG */
108 /* Configure default/group WEP keys for static WEP */
109 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
113 for (i = 0; i < NUM_WEP_KEYS; i++) {
114 if (ssid->wep_key_len[i] == 0)
118 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
119 i, i == ssid->wep_tx_keyidx, NULL, 0,
120 ssid->wep_key[i], ssid->wep_key_len[i]);
127 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
128 struct wpa_ssid *ssid)
135 /* IBSS/WPA-None uses only one key (Group) for both receiving and
136 * sending unicast and multicast packets. */
138 if (ssid->mode != WPAS_MODE_IBSS) {
139 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
140 "IBSS/ad-hoc) for WPA-None", ssid->mode);
144 if (!ssid->psk_set) {
145 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
150 switch (wpa_s->group_cipher) {
151 case WPA_CIPHER_CCMP:
152 os_memcpy(key, ssid->psk, 16);
156 case WPA_CIPHER_GCMP:
157 os_memcpy(key, ssid->psk, 16);
161 case WPA_CIPHER_TKIP:
162 /* WPA-None uses the same Michael MIC key for both TX and RX */
163 os_memcpy(key, ssid->psk, 16 + 8);
164 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
169 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
170 "WPA-None", wpa_s->group_cipher);
174 /* TODO: should actually remember the previously used seq#, both for TX
175 * and RX from each STA.. */
177 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
181 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
183 struct wpa_supplicant *wpa_s = eloop_ctx;
184 const u8 *bssid = wpa_s->bssid;
185 if (is_zero_ether_addr(bssid))
186 bssid = wpa_s->pending_bssid;
187 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
189 wpa_blacklist_add(wpa_s, bssid);
190 wpa_sm_notify_disassoc(wpa_s->wpa);
191 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
192 wpa_s->reassociate = 1;
195 * If we timed out, the AP or the local radio may be busy.
196 * So, wait a second until scanning again.
198 wpa_supplicant_req_scan(wpa_s, 1, 0);
203 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
204 * @wpa_s: Pointer to wpa_supplicant data
205 * @sec: Number of seconds after which to time out authentication
206 * @usec: Number of microseconds after which to time out authentication
208 * This function is used to schedule a timeout for the current authentication
211 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
214 if (wpa_s->conf->ap_scan == 0 &&
215 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
218 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
219 "%d usec", sec, usec);
220 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
221 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
226 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
227 * @wpa_s: Pointer to wpa_supplicant data
229 * This function is used to cancel authentication timeout scheduled with
230 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
233 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
235 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
236 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
237 wpa_blacklist_del(wpa_s, wpa_s->bssid);
242 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
243 * @wpa_s: Pointer to wpa_supplicant data
245 * This function is used to configure EAPOL state machine based on the selected
246 * authentication mode.
248 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
250 #ifdef IEEE8021X_EAPOL
251 struct eapol_config eapol_conf;
252 struct wpa_ssid *ssid = wpa_s->current_ssid;
254 #ifdef CONFIG_IBSS_RSN
255 if (ssid->mode == WPAS_MODE_IBSS &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
257 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
259 * RSN IBSS authentication is per-STA and we can disable the
260 * per-BSSID EAPOL authentication.
262 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
263 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
264 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
267 #endif /* CONFIG_IBSS_RSN */
269 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
272 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
273 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
276 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
278 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
279 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
280 eapol_conf.accept_802_1x_keys = 1;
281 eapol_conf.required_keys = 0;
282 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
283 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
285 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
286 eapol_conf.required_keys |=
287 EAPOL_REQUIRE_KEY_BROADCAST;
290 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
291 eapol_conf.required_keys = 0;
293 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
294 eapol_conf.workaround = ssid->eap_workaround;
295 eapol_conf.eap_disabled =
296 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
298 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
299 eapol_conf.external_sim = wpa_s->conf->external_sim;
300 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
301 #endif /* IEEE8021X_EAPOL */
303 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
308 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
309 * @wpa_s: Pointer to wpa_supplicant data
310 * @ssid: Configuration data for the network
312 * This function is used to configure WPA state machine and related parameters
313 * to a mode where WPA is not enabled. This is called as part of the
314 * authentication configuration when the selected network does not use WPA.
316 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
317 struct wpa_ssid *ssid)
321 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
322 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
323 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
324 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
326 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
327 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
328 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
329 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
330 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
331 wpa_s->group_cipher = WPA_CIPHER_NONE;
332 wpa_s->mgmt_group_cipher = 0;
334 for (i = 0; i < NUM_WEP_KEYS; i++) {
335 if (ssid->wep_key_len[i] > 5) {
336 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
337 wpa_s->group_cipher = WPA_CIPHER_WEP104;
339 } else if (ssid->wep_key_len[i] > 0) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
341 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
349 wpa_s->pairwise_cipher);
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
351 #ifdef CONFIG_IEEE80211W
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
353 wpa_s->mgmt_group_cipher);
354 #endif /* CONFIG_IEEE80211W */
356 pmksa_cache_clear_current(wpa_s->wpa);
360 void free_hw_features(struct wpa_supplicant *wpa_s)
363 if (wpa_s->hw.modes == NULL)
366 for (i = 0; i < wpa_s->hw.num_modes; i++) {
367 os_free(wpa_s->hw.modes[i].channels);
368 os_free(wpa_s->hw.modes[i].rates);
371 os_free(wpa_s->hw.modes);
372 wpa_s->hw.modes = NULL;
376 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
378 bgscan_deinit(wpa_s);
379 autoscan_deinit(wpa_s);
380 scard_deinit(wpa_s->scard);
382 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
383 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
384 l2_packet_deinit(wpa_s->l2);
387 l2_packet_deinit(wpa_s->l2_br);
391 if (wpa_s->conf != NULL) {
392 struct wpa_ssid *ssid;
393 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
394 wpas_notify_network_removed(wpa_s, ssid);
397 os_free(wpa_s->confname);
398 wpa_s->confname = NULL;
400 os_free(wpa_s->confanother);
401 wpa_s->confanother = NULL;
404 os_free(wpa_s->conf_p2p_dev);
405 wpa_s->conf_p2p_dev = NULL;
406 #endif /* CONFIG_P2P */
408 wpa_sm_set_eapol(wpa_s->wpa, NULL);
409 eapol_sm_deinit(wpa_s->eapol);
412 rsn_preauth_deinit(wpa_s->wpa);
415 wpa_tdls_deinit(wpa_s->wpa);
416 #endif /* CONFIG_TDLS */
418 pmksa_candidate_free(wpa_s->wpa);
419 wpa_sm_deinit(wpa_s->wpa);
421 wpa_blacklist_clear(wpa_s);
423 wpa_bss_deinit(wpa_s);
425 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
426 wpa_supplicant_cancel_scan(wpa_s);
427 wpa_supplicant_cancel_auth_timeout(wpa_s);
428 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
429 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
430 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
432 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
434 wpas_wps_deinit(wpa_s);
436 wpabuf_free(wpa_s->pending_eapol_rx);
437 wpa_s->pending_eapol_rx = NULL;
439 #ifdef CONFIG_IBSS_RSN
440 ibss_rsn_deinit(wpa_s->ibss_rsn);
441 wpa_s->ibss_rsn = NULL;
442 #endif /* CONFIG_IBSS_RSN */
447 wpa_supplicant_ap_deinit(wpa_s);
448 #endif /* CONFIG_AP */
451 wpas_p2p_deinit(wpa_s);
452 #endif /* CONFIG_P2P */
454 #ifdef CONFIG_OFFCHANNEL
455 offchannel_deinit(wpa_s);
456 #endif /* CONFIG_OFFCHANNEL */
458 wpa_supplicant_cancel_sched_scan(wpa_s);
460 os_free(wpa_s->next_scan_freqs);
461 wpa_s->next_scan_freqs = NULL;
463 os_free(wpa_s->manual_scan_freqs);
464 wpa_s->manual_scan_freqs = NULL;
466 os_free(wpa_s->manual_sched_scan_freqs);
467 wpa_s->manual_sched_scan_freqs = NULL;
469 gas_query_deinit(wpa_s->gas);
472 free_hw_features(wpa_s);
474 ieee802_1x_dealloc_kay_sm(wpa_s);
476 os_free(wpa_s->bssid_filter);
477 wpa_s->bssid_filter = NULL;
479 os_free(wpa_s->disallow_aps_bssid);
480 wpa_s->disallow_aps_bssid = NULL;
481 os_free(wpa_s->disallow_aps_ssid);
482 wpa_s->disallow_aps_ssid = NULL;
484 wnm_bss_keep_alive_deinit(wpa_s);
486 wnm_deallocate_memory(wpa_s);
487 #endif /* CONFIG_WNM */
489 ext_password_deinit(wpa_s->ext_pw);
490 wpa_s->ext_pw = NULL;
492 wpabuf_free(wpa_s->last_gas_resp);
493 wpa_s->last_gas_resp = NULL;
494 wpabuf_free(wpa_s->prev_gas_resp);
495 wpa_s->prev_gas_resp = NULL;
497 os_free(wpa_s->last_scan_res);
498 wpa_s->last_scan_res = NULL;
502 #endif /* CONFIG_HS20 */
507 * wpa_clear_keys - Clear keys configured for the driver
508 * @wpa_s: Pointer to wpa_supplicant data
509 * @addr: Previously used BSSID or %NULL if not available
511 * This function clears the encryption keys that has been previously configured
514 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
518 #ifdef CONFIG_IEEE80211W
520 #else /* CONFIG_IEEE80211W */
522 #endif /* CONFIG_IEEE80211W */
524 /* MLME-DELETEKEYS.request */
525 for (i = 0; i < max; i++) {
526 if (wpa_s->keys_cleared & BIT(i))
528 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
531 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
532 !is_zero_ether_addr(addr)) {
533 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
535 /* MLME-SETPROTECTION.request(None) */
536 wpa_drv_mlme_setprotection(
538 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
539 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
541 wpa_s->keys_cleared = (u32) -1;
546 * wpa_supplicant_state_txt - Get the connection state name as a text string
547 * @state: State (wpa_state; WPA_*)
548 * Returns: The state name as a printable text string
550 const char * wpa_supplicant_state_txt(enum wpa_states state)
553 case WPA_DISCONNECTED:
554 return "DISCONNECTED";
557 case WPA_INTERFACE_DISABLED:
558 return "INTERFACE_DISABLED";
561 case WPA_AUTHENTICATING:
562 return "AUTHENTICATING";
563 case WPA_ASSOCIATING:
564 return "ASSOCIATING";
567 case WPA_4WAY_HANDSHAKE:
568 return "4WAY_HANDSHAKE";
569 case WPA_GROUP_HANDSHAKE:
570 return "GROUP_HANDSHAKE";
581 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
585 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
586 name = wpa_s->current_ssid->bgscan;
588 name = wpa_s->conf->bgscan;
589 if (name == NULL || name[0] == '\0')
591 if (wpas_driver_bss_selection(wpa_s))
593 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
596 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
598 #endif /* CONFIG_P2P */
600 bgscan_deinit(wpa_s);
601 if (wpa_s->current_ssid) {
602 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
603 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
606 * Live without bgscan; it is only used as a roaming
607 * optimization, so the initial connection is not
611 struct wpa_scan_results *scan_res;
612 wpa_s->bgscan_ssid = wpa_s->current_ssid;
613 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
616 bgscan_notify_scan(wpa_s, scan_res);
617 wpa_scan_results_free(scan_res);
621 wpa_s->bgscan_ssid = NULL;
625 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
627 if (wpa_s->bgscan_ssid != NULL) {
628 bgscan_deinit(wpa_s);
629 wpa_s->bgscan_ssid = NULL;
633 #endif /* CONFIG_BGSCAN */
636 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
638 if (autoscan_init(wpa_s, 0))
639 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
643 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
645 autoscan_deinit(wpa_s);
649 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
651 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
652 wpa_s->wpa_state == WPA_SCANNING) {
653 autoscan_deinit(wpa_s);
654 wpa_supplicant_start_autoscan(wpa_s);
660 * wpa_supplicant_set_state - Set current connection state
661 * @wpa_s: Pointer to wpa_supplicant data
662 * @state: The new connection state
664 * This function is called whenever the connection state changes, e.g.,
665 * association is completed for WPA/WPA2 4-Way Handshake is started.
667 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
668 enum wpa_states state)
670 enum wpa_states old_state = wpa_s->wpa_state;
672 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
673 wpa_supplicant_state_txt(wpa_s->wpa_state),
674 wpa_supplicant_state_txt(state));
676 if (state == WPA_INTERFACE_DISABLED) {
677 /* Assure normal scan when interface is restored */
678 wpa_s->normal_scans = 0;
681 if (state == WPA_COMPLETED) {
682 wpas_connect_work_done(wpa_s);
683 /* Reinitialize normal_scan counter */
684 wpa_s->normal_scans = 0;
687 if (state != WPA_SCANNING)
688 wpa_supplicant_notify_scanning(wpa_s, 0);
690 if (state == WPA_COMPLETED && wpa_s->new_connection) {
691 struct wpa_ssid *ssid = wpa_s->current_ssid;
692 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
693 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
694 MACSTR " completed [id=%d id_str=%s]",
695 MAC2STR(wpa_s->bssid),
696 ssid ? ssid->id : -1,
697 ssid && ssid->id_str ? ssid->id_str : "");
698 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
699 wpas_clear_temp_disabled(wpa_s, ssid, 1);
700 wpa_s->extra_blacklist_count = 0;
701 wpa_s->new_connection = 0;
702 wpa_drv_set_operstate(wpa_s, 1);
703 #ifndef IEEE8021X_EAPOL
704 wpa_drv_set_supp_port(wpa_s, 1);
705 #endif /* IEEE8021X_EAPOL */
706 wpa_s->after_wps = 0;
707 wpa_s->known_wps_freq = 0;
709 wpas_p2p_completed(wpa_s);
710 #endif /* CONFIG_P2P */
712 sme_sched_obss_scan(wpa_s, 1);
713 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
714 state == WPA_ASSOCIATED) {
715 wpa_s->new_connection = 1;
716 wpa_drv_set_operstate(wpa_s, 0);
717 #ifndef IEEE8021X_EAPOL
718 wpa_drv_set_supp_port(wpa_s, 0);
719 #endif /* IEEE8021X_EAPOL */
720 sme_sched_obss_scan(wpa_s, 0);
722 wpa_s->wpa_state = state;
725 if (state == WPA_COMPLETED)
726 wpa_supplicant_start_bgscan(wpa_s);
727 else if (state < WPA_ASSOCIATED)
728 wpa_supplicant_stop_bgscan(wpa_s);
729 #endif /* CONFIG_BGSCAN */
731 if (state == WPA_AUTHENTICATING)
732 wpa_supplicant_stop_autoscan(wpa_s);
734 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
735 wpa_supplicant_start_autoscan(wpa_s);
737 if (wpa_s->wpa_state != old_state) {
738 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
740 if (wpa_s->wpa_state == WPA_COMPLETED ||
741 old_state == WPA_COMPLETED)
742 wpas_notify_auth_changed(wpa_s);
747 void wpa_supplicant_terminate_proc(struct wpa_global *global)
751 struct wpa_supplicant *wpa_s = global->ifaces;
753 struct wpa_supplicant *next = wpa_s->next;
754 if (wpas_wps_terminate_pending(wpa_s) == 1)
757 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
758 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
759 wpas_p2p_disconnect(wpa_s);
760 #endif /* CONFIG_P2P */
763 #endif /* CONFIG_WPS */
770 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
772 struct wpa_global *global = signal_ctx;
773 wpa_supplicant_terminate_proc(global);
777 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
779 enum wpa_states old_state = wpa_s->wpa_state;
781 wpa_s->pairwise_cipher = 0;
782 wpa_s->group_cipher = 0;
783 wpa_s->mgmt_group_cipher = 0;
785 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
786 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
788 if (wpa_s->wpa_state != old_state)
789 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
794 * wpa_supplicant_reload_configuration - Reload configuration data
795 * @wpa_s: Pointer to wpa_supplicant data
796 * Returns: 0 on success or -1 if configuration parsing failed
798 * This function can be used to request that the configuration data is reloaded
799 * (e.g., after configuration file change). This function is reloading
800 * configuration only for one interface, so this may need to be called multiple
801 * times if %wpa_supplicant is controlling multiple interfaces and all
802 * interfaces need reconfiguration.
804 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
806 struct wpa_config *conf;
810 if (wpa_s->confname == NULL)
812 conf = wpa_config_read(wpa_s->confname, NULL);
814 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
815 "file '%s' - exiting", wpa_s->confname);
818 wpa_config_read(wpa_s->confanother, conf);
820 conf->changed_parameters = (unsigned int) -1;
822 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
823 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
824 os_strcmp(conf->ctrl_interface,
825 wpa_s->conf->ctrl_interface) != 0);
827 if (reconf_ctrl && wpa_s->ctrl_iface) {
828 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
829 wpa_s->ctrl_iface = NULL;
832 eapol_sm_invalidate_cached_session(wpa_s->eapol);
833 if (wpa_s->current_ssid) {
834 wpa_supplicant_deauthenticate(wpa_s,
835 WLAN_REASON_DEAUTH_LEAVING);
839 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
840 * pkcs11_engine_path, pkcs11_module_path.
842 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
844 * Clear forced success to clear EAP state for next
847 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
849 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
850 wpa_sm_set_config(wpa_s->wpa, NULL);
851 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
852 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
853 rsn_preauth_deinit(wpa_s->wpa);
855 old_ap_scan = wpa_s->conf->ap_scan;
856 wpa_config_free(wpa_s->conf);
858 if (old_ap_scan != wpa_s->conf->ap_scan)
859 wpas_notify_ap_scan_changed(wpa_s);
862 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
864 wpa_supplicant_update_config(wpa_s);
866 wpa_supplicant_clear_status(wpa_s);
867 if (wpa_supplicant_enabled_networks(wpa_s)) {
868 wpa_s->reassociate = 1;
869 wpa_supplicant_req_scan(wpa_s, 0, 0);
871 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
876 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
878 struct wpa_global *global = signal_ctx;
879 struct wpa_supplicant *wpa_s;
880 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
881 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
883 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
884 wpa_supplicant_terminate_proc(global);
890 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
891 struct wpa_ssid *ssid,
892 struct wpa_ie_data *ie)
894 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
897 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
898 "from association info");
903 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
905 if (!(ie->group_cipher & ssid->group_cipher)) {
906 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
907 "cipher 0x%x (mask 0x%x) - reject",
908 ie->group_cipher, ssid->group_cipher);
911 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
912 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
913 "cipher 0x%x (mask 0x%x) - reject",
914 ie->pairwise_cipher, ssid->pairwise_cipher);
917 if (!(ie->key_mgmt & ssid->key_mgmt)) {
918 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
919 "management 0x%x (mask 0x%x) - reject",
920 ie->key_mgmt, ssid->key_mgmt);
924 #ifdef CONFIG_IEEE80211W
925 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
926 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
927 wpa_s->conf->pmf : ssid->ieee80211w) ==
928 MGMT_FRAME_PROTECTION_REQUIRED) {
929 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
930 "that does not support management frame protection - "
934 #endif /* CONFIG_IEEE80211W */
941 * wpa_supplicant_set_suites - Set authentication and encryption parameters
942 * @wpa_s: Pointer to wpa_supplicant data
943 * @bss: Scan results for the selected BSS, or %NULL if not available
944 * @ssid: Configuration data for the selected network
945 * @wpa_ie: Buffer for the WPA/RSN IE
946 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
947 * used buffer length in case the functions returns success.
948 * Returns: 0 on success or -1 on failure
950 * This function is used to configure authentication and encryption parameters
951 * based on the network configuration and scan result for the selected BSS (if
954 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
955 struct wpa_bss *bss, struct wpa_ssid *ssid,
956 u8 *wpa_ie, size_t *wpa_ie_len)
958 struct wpa_ie_data ie;
960 const u8 *bss_wpa, *bss_rsn, *bss_osen;
963 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
964 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
965 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
967 bss_wpa = bss_rsn = bss_osen = NULL;
969 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
970 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
971 (ie.group_cipher & ssid->group_cipher) &&
972 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
973 (ie.key_mgmt & ssid->key_mgmt)) {
974 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
975 proto = WPA_PROTO_RSN;
976 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
977 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
978 (ie.group_cipher & ssid->group_cipher) &&
979 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
980 (ie.key_mgmt & ssid->key_mgmt)) {
981 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
982 proto = WPA_PROTO_WPA;
984 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
985 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
986 /* TODO: parse OSEN element */
987 os_memset(&ie, 0, sizeof(ie));
988 ie.group_cipher = WPA_CIPHER_CCMP;
989 ie.pairwise_cipher = WPA_CIPHER_CCMP;
990 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
991 proto = WPA_PROTO_OSEN;
992 #endif /* CONFIG_HS20 */
994 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
997 if (ssid->proto & WPA_PROTO_OSEN)
998 proto = WPA_PROTO_OSEN;
999 else if (ssid->proto & WPA_PROTO_RSN)
1000 proto = WPA_PROTO_RSN;
1002 proto = WPA_PROTO_WPA;
1003 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1004 os_memset(&ie, 0, sizeof(ie));
1005 ie.group_cipher = ssid->group_cipher;
1006 ie.pairwise_cipher = ssid->pairwise_cipher;
1007 ie.key_mgmt = ssid->key_mgmt;
1008 #ifdef CONFIG_IEEE80211W
1009 ie.mgmt_group_cipher =
1010 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1011 WPA_CIPHER_AES_128_CMAC : 0;
1012 #endif /* CONFIG_IEEE80211W */
1013 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1014 "based on configuration");
1019 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1020 "pairwise %d key_mgmt %d proto %d",
1021 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1022 #ifdef CONFIG_IEEE80211W
1023 if (ssid->ieee80211w) {
1024 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1025 ie.mgmt_group_cipher);
1027 #endif /* CONFIG_IEEE80211W */
1029 wpa_s->wpa_proto = proto;
1030 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1031 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1032 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1034 if (bss || !wpa_s->ap_ies_from_associnfo) {
1035 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1036 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1037 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1038 bss_rsn ? 2 + bss_rsn[1] : 0))
1042 sel = ie.group_cipher & ssid->group_cipher;
1043 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1044 if (wpa_s->group_cipher < 0) {
1045 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1049 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1050 wpa_cipher_txt(wpa_s->group_cipher));
1052 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1053 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1054 if (wpa_s->pairwise_cipher < 0) {
1055 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1060 wpa_cipher_txt(wpa_s->pairwise_cipher));
1062 sel = ie.key_mgmt & ssid->key_mgmt;
1064 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1065 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1066 #endif /* CONFIG_SAE */
1068 #ifdef CONFIG_IEEE80211R
1069 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1070 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1071 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1072 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1073 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1074 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1075 #endif /* CONFIG_IEEE80211R */
1077 } else if (sel & WPA_KEY_MGMT_SAE) {
1078 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1079 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1080 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1081 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1082 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1083 #endif /* CONFIG_SAE */
1084 #ifdef CONFIG_IEEE80211W
1085 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1086 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1087 wpa_dbg(wpa_s, MSG_DEBUG,
1088 "WPA: using KEY_MGMT 802.1X with SHA256");
1089 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1090 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1091 wpa_dbg(wpa_s, MSG_DEBUG,
1092 "WPA: using KEY_MGMT PSK with SHA256");
1093 #endif /* CONFIG_IEEE80211W */
1094 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1095 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1096 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1097 } else if (sel & WPA_KEY_MGMT_PSK) {
1098 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1099 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1100 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1101 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1102 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1104 } else if (sel & WPA_KEY_MGMT_OSEN) {
1105 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1106 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1107 #endif /* CONFIG_HS20 */
1109 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1110 "authenticated key management type");
1114 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1115 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1116 wpa_s->pairwise_cipher);
1117 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1119 #ifdef CONFIG_IEEE80211W
1120 sel = ie.mgmt_group_cipher;
1121 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1122 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1123 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1125 if (sel & WPA_CIPHER_AES_128_CMAC) {
1126 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1127 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1129 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1130 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1131 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1133 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1134 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1135 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1137 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1138 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1139 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1142 wpa_s->mgmt_group_cipher = 0;
1143 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1145 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1146 wpa_s->mgmt_group_cipher);
1147 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1148 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1149 wpa_s->conf->pmf : ssid->ieee80211w));
1150 #endif /* CONFIG_IEEE80211W */
1152 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1153 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1157 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1158 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1159 #ifndef CONFIG_NO_PBKDF2
1160 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1163 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1164 4096, psk, PMK_LEN);
1165 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1167 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1169 #endif /* CONFIG_NO_PBKDF2 */
1170 #ifdef CONFIG_EXT_PASSWORD
1171 if (ssid->ext_psk) {
1172 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1174 char pw_str[64 + 1];
1178 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1179 "found from external storage");
1183 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1184 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1185 "PSK length %d in external storage",
1186 (int) wpabuf_len(pw));
1187 ext_password_free(pw);
1191 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1192 pw_str[wpabuf_len(pw)] = '\0';
1194 #ifndef CONFIG_NO_PBKDF2
1195 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1197 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1198 4096, psk, PMK_LEN);
1199 os_memset(pw_str, 0, sizeof(pw_str));
1200 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1201 "external passphrase)",
1203 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1205 #endif /* CONFIG_NO_PBKDF2 */
1206 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1207 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1208 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1209 "Invalid PSK hex string");
1210 os_memset(pw_str, 0, sizeof(pw_str));
1211 ext_password_free(pw);
1214 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1216 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1218 os_memset(pw_str, 0, sizeof(pw_str));
1219 ext_password_free(pw);
1223 os_memset(pw_str, 0, sizeof(pw_str));
1224 ext_password_free(pw);
1226 #endif /* CONFIG_EXT_PASSWORD */
1228 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1234 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1239 case 0: /* Bits 0-7 */
1241 case 1: /* Bits 8-15 */
1243 case 2: /* Bits 16-23 */
1245 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1246 *pos |= 0x08; /* Bit 19 - BSS Transition */
1247 #endif /* CONFIG_WNM */
1249 case 3: /* Bits 24-31 */
1251 *pos |= 0x02; /* Bit 25 - SSID List */
1252 #endif /* CONFIG_WNM */
1253 #ifdef CONFIG_INTERWORKING
1254 if (wpa_s->conf->interworking)
1255 *pos |= 0x80; /* Bit 31 - Interworking */
1256 #endif /* CONFIG_INTERWORKING */
1258 case 4: /* Bits 32-39 */
1259 #ifdef CONFIG_INTERWORKING
1260 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1261 *pos |= 0x01; /* Bit 32 - QoS Map */
1262 #endif /* CONFIG_INTERWORKING */
1264 case 5: /* Bits 40-47 */
1266 if (wpa_s->conf->hs20)
1267 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1268 #endif /* CONFIG_HS20 */
1270 case 6: /* Bits 48-55 */
1276 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1281 if (len < wpa_s->extended_capa_len)
1282 len = wpa_s->extended_capa_len;
1283 if (buflen < (size_t) len + 2) {
1284 wpa_printf(MSG_INFO,
1285 "Not enough room for building extended capabilities element");
1289 *pos++ = WLAN_EID_EXT_CAPAB;
1291 for (i = 0; i < len; i++, pos++) {
1292 wpas_ext_capab_byte(wpa_s, pos, i);
1294 if (i < wpa_s->extended_capa_len) {
1295 *pos &= ~wpa_s->extended_capa_mask[i];
1296 *pos |= wpa_s->extended_capa[i];
1300 while (len > 0 && buf[1 + len] == 0) {
1311 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1312 struct wpa_bss *test_bss)
1314 struct wpa_bss *bss;
1316 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1317 if (bss == test_bss)
1325 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1326 struct wpa_ssid *test_ssid)
1328 struct wpa_ssid *ssid;
1330 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1331 if (ssid == test_ssid)
1339 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1340 struct wpa_ssid *test_ssid)
1342 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1345 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1349 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1357 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1359 struct wpa_connect_work *cwork;
1360 struct wpa_radio_work *work = wpa_s->connect_work;
1365 wpa_s->connect_work = NULL;
1368 wpas_connect_work_free(cwork);
1369 radio_work_done(work);
1373 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1376 * wpa_supplicant_associate - Request association
1377 * @wpa_s: Pointer to wpa_supplicant data
1378 * @bss: Scan results for the selected BSS, or %NULL if not available
1379 * @ssid: Configuration data for the selected network
1381 * This function is used to request %wpa_supplicant to associate with a BSS.
1383 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1384 struct wpa_bss *bss, struct wpa_ssid *ssid)
1386 struct wpa_connect_work *cwork;
1388 #ifdef CONFIG_IBSS_RSN
1389 ibss_rsn_deinit(wpa_s->ibss_rsn);
1390 wpa_s->ibss_rsn = NULL;
1391 #endif /* CONFIG_IBSS_RSN */
1393 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1394 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1396 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1397 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1401 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1402 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1403 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1404 wpas_p2p_ap_setup_failed(wpa_s);
1407 wpa_s->current_bss = bss;
1408 #else /* CONFIG_AP */
1409 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1411 #endif /* CONFIG_AP */
1417 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1419 #endif /* CONFIG_TDLS */
1421 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1422 ssid->mode == IEEE80211_MODE_INFRA) {
1423 sme_authenticate(wpa_s, bss, ssid);
1427 if (wpa_s->connect_work) {
1428 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1432 if (radio_work_pending(wpa_s, "connect")) {
1433 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1437 cwork = os_zalloc(sizeof(*cwork));
1444 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1445 wpas_start_assoc_cb, cwork) < 0) {
1451 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1453 struct wpa_connect_work *cwork = work->ctx;
1454 struct wpa_bss *bss = cwork->bss;
1455 struct wpa_ssid *ssid = cwork->ssid;
1456 struct wpa_supplicant *wpa_s = work->wpa_s;
1459 int use_crypt, ret, i, bssid_changed;
1460 int algs = WPA_AUTH_ALG_OPEN;
1461 unsigned int cipher_pairwise, cipher_group;
1462 struct wpa_driver_associate_params params;
1463 int wep_keys_set = 0;
1464 int assoc_failed = 0;
1465 struct wpa_ssid *old_ssid;
1466 #ifdef CONFIG_HT_OVERRIDES
1467 struct ieee80211_ht_capabilities htcaps;
1468 struct ieee80211_ht_capabilities htcaps_mask;
1469 #endif /* CONFIG_HT_OVERRIDES */
1470 #ifdef CONFIG_VHT_OVERRIDES
1471 struct ieee80211_vht_capabilities vhtcaps;
1472 struct ieee80211_vht_capabilities vhtcaps_mask;
1473 #endif /* CONFIG_VHT_OVERRIDES */
1476 if (work->started) {
1477 wpa_s->connect_work = NULL;
1479 /* cancel possible auth. timeout */
1480 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1483 wpas_connect_work_free(cwork);
1487 wpa_s->connect_work = work;
1489 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1490 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1491 wpas_connect_work_done(wpa_s);
1495 os_memset(¶ms, 0, sizeof(params));
1496 wpa_s->reassociate = 0;
1497 wpa_s->eap_expected_failure = 0;
1498 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1499 #ifdef CONFIG_IEEE80211R
1500 const u8 *ie, *md = NULL;
1501 #endif /* CONFIG_IEEE80211R */
1502 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1503 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1504 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1505 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1506 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1507 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1509 wpas_notify_bssid_changed(wpa_s);
1510 #ifdef CONFIG_IEEE80211R
1511 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1512 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1514 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1516 /* Prepare for the next transition */
1517 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1519 #endif /* CONFIG_IEEE80211R */
1521 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1522 wpa_s->conf->ap_scan == 2 &&
1523 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1524 /* Use ap_scan==1 style network selection to find the network
1526 wpa_s->scan_req = MANUAL_SCAN_REQ;
1527 wpa_s->reassociate = 1;
1528 wpa_supplicant_req_scan(wpa_s, 0, 0);
1530 #endif /* CONFIG_WPS */
1532 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1533 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1534 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1536 wpa_supplicant_cancel_sched_scan(wpa_s);
1537 wpa_supplicant_cancel_scan(wpa_s);
1539 /* Starting new association, so clear the possibly used WPA IE from the
1540 * previous association. */
1541 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1543 #ifdef IEEE8021X_EAPOL
1544 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1546 if (ssid->non_leap == 0)
1547 algs = WPA_AUTH_ALG_LEAP;
1549 algs |= WPA_AUTH_ALG_LEAP;
1552 #endif /* IEEE8021X_EAPOL */
1553 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1554 if (ssid->auth_alg) {
1555 algs = ssid->auth_alg;
1556 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1560 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1561 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1562 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1563 int try_opportunistic;
1564 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1566 ssid->proactive_key_caching) &&
1567 (ssid->proto & WPA_PROTO_RSN);
1568 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1569 ssid, try_opportunistic) == 0)
1570 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1571 wpa_ie_len = sizeof(wpa_ie);
1572 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1573 wpa_ie, &wpa_ie_len)) {
1574 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1575 "key management and encryption suites");
1578 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1579 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1581 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1582 * use non-WPA since the scan results did not indicate that the
1583 * AP is using WPA or WPA2.
1585 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1587 wpa_s->wpa_proto = 0;
1588 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1589 wpa_ie_len = sizeof(wpa_ie);
1590 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1591 wpa_ie, &wpa_ie_len)) {
1592 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1593 "key management and encryption suites (no "
1598 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1599 struct wpabuf *wps_ie;
1600 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1601 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1602 wpa_ie_len = wpabuf_len(wps_ie);
1603 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1606 wpabuf_free(wps_ie);
1607 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1608 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1609 params.wps = WPS_MODE_PRIVACY;
1611 params.wps = WPS_MODE_OPEN;
1612 wpa_s->wpa_proto = 0;
1613 #endif /* CONFIG_WPS */
1615 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1617 wpa_s->wpa_proto = 0;
1621 if (wpa_s->global->p2p) {
1625 pos = wpa_ie + wpa_ie_len;
1626 len = sizeof(wpa_ie) - wpa_ie_len;
1627 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1633 wpa_s->cross_connect_disallowed = 0;
1636 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1638 wpa_s->cross_connect_disallowed =
1639 p2p_get_cross_connect_disallowed(p2p);
1641 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1643 wpa_s->cross_connect_disallowed ?
1644 "disallows" : "allows");
1648 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1649 #endif /* CONFIG_P2P */
1652 if (is_hs20_network(wpa_s, ssid, bss)) {
1653 struct wpabuf *hs20;
1654 hs20 = wpabuf_alloc(20);
1656 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
1657 wpas_hs20_add_indication(hs20, pps_mo_id);
1658 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1660 wpa_ie_len += wpabuf_len(hs20);
1664 #endif /* CONFIG_HS20 */
1667 * Workaround: Add Extended Capabilities element only if the AP
1668 * included this element in Beacon/Probe Response frames. Some older
1669 * APs seem to have interoperability issues if this element is
1670 * included, so while the standard may require us to include the
1671 * element in all cases, it is justifiable to skip it to avoid
1672 * interoperability issues.
1674 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1677 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
1679 if (ext_capab_len > 0) {
1681 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1683 os_memmove(pos + ext_capab_len, pos,
1684 wpa_ie_len - (pos - wpa_ie));
1685 wpa_ie_len += ext_capab_len;
1686 os_memcpy(pos, ext_capab, ext_capab_len);
1690 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1692 cipher_pairwise = wpa_s->pairwise_cipher;
1693 cipher_group = wpa_s->group_cipher;
1694 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1695 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1696 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1698 if (wpa_set_wep_keys(wpa_s, ssid)) {
1703 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1706 #ifdef IEEE8021X_EAPOL
1707 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1708 if ((ssid->eapol_flags &
1709 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1710 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1714 /* Assume that dynamic WEP-104 keys will be used and
1715 * set cipher suites in order for drivers to expect
1717 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1720 #endif /* IEEE8021X_EAPOL */
1722 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1723 /* Set the key before (and later after) association */
1724 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1727 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1729 params.ssid = bss->ssid;
1730 params.ssid_len = bss->ssid_len;
1731 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1732 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1733 MACSTR " freq=%u MHz based on scan results "
1735 MAC2STR(bss->bssid), bss->freq,
1737 params.bssid = bss->bssid;
1738 params.freq = bss->freq;
1740 params.bssid_hint = bss->bssid;
1741 params.freq_hint = bss->freq;
1743 params.ssid = ssid->ssid;
1744 params.ssid_len = ssid->ssid_len;
1747 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1748 wpa_s->conf->ap_scan == 2) {
1749 params.bssid = ssid->bssid;
1750 params.fixed_bssid = 1;
1753 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1755 params.freq = ssid->frequency; /* Initial channel for IBSS */
1757 if (ssid->mode == WPAS_MODE_IBSS) {
1758 if (ssid->beacon_int)
1759 params.beacon_int = ssid->beacon_int;
1761 params.beacon_int = wpa_s->conf->beacon_int;
1764 params.wpa_ie = wpa_ie;
1765 params.wpa_ie_len = wpa_ie_len;
1766 params.pairwise_suite = cipher_pairwise;
1767 params.group_suite = cipher_group;
1768 params.key_mgmt_suite = wpa_s->key_mgmt;
1769 params.wpa_proto = wpa_s->wpa_proto;
1770 params.auth_alg = algs;
1771 params.mode = ssid->mode;
1772 params.bg_scan_period = ssid->bg_scan_period;
1773 for (i = 0; i < NUM_WEP_KEYS; i++) {
1774 if (ssid->wep_key_len[i])
1775 params.wep_key[i] = ssid->wep_key[i];
1776 params.wep_key_len[i] = ssid->wep_key_len[i];
1778 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1780 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1781 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1782 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1783 params.passphrase = ssid->passphrase;
1785 params.psk = ssid->psk;
1788 params.drop_unencrypted = use_crypt;
1790 #ifdef CONFIG_IEEE80211W
1791 params.mgmt_frame_protection =
1792 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1793 wpa_s->conf->pmf : ssid->ieee80211w;
1794 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1795 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1796 struct wpa_ie_data ie;
1797 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1799 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1800 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1801 "MFP: require MFP");
1802 params.mgmt_frame_protection =
1803 MGMT_FRAME_PROTECTION_REQUIRED;
1806 #endif /* CONFIG_IEEE80211W */
1808 params.p2p = ssid->p2p_group;
1810 if (wpa_s->parent->set_sta_uapsd)
1811 params.uapsd = wpa_s->parent->sta_uapsd;
1815 #ifdef CONFIG_HT_OVERRIDES
1816 os_memset(&htcaps, 0, sizeof(htcaps));
1817 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1818 params.htcaps = (u8 *) &htcaps;
1819 params.htcaps_mask = (u8 *) &htcaps_mask;
1820 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1821 #endif /* CONFIG_HT_OVERRIDES */
1822 #ifdef CONFIG_VHT_OVERRIDES
1823 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
1824 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
1825 params.vhtcaps = &vhtcaps;
1826 params.vhtcaps_mask = &vhtcaps_mask;
1827 wpa_supplicant_apply_vht_overrides(wpa_s, wpa_s->current_ssid, ¶ms);
1828 #endif /* CONFIG_VHT_OVERRIDES */
1832 * If multi-channel concurrency is not supported, check for any
1833 * frequency conflict. In case of any frequency conflict, remove the
1834 * least prioritized connection.
1836 if (wpa_s->num_multichan_concurrent < 2) {
1838 num = get_shared_radio_freqs(wpa_s, &freq, 1);
1839 if (num > 0 && freq > 0 && freq != params.freq) {
1840 wpa_printf(MSG_DEBUG,
1841 "Assoc conflicting freq found (%d != %d)",
1843 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1849 #endif /* CONFIG_P2P */
1851 ret = wpa_drv_associate(wpa_s, ¶ms);
1853 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1855 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1857 * The driver is known to mean what is saying, so we
1858 * can stop right here; the association will not
1861 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1862 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1863 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1866 /* try to continue anyway; new association will be tried again
1871 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1872 /* Set the key after the association just in case association
1873 * cleared the previously configured key. */
1874 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1875 /* No need to timeout authentication since there is no key
1877 wpa_supplicant_cancel_auth_timeout(wpa_s);
1878 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1879 #ifdef CONFIG_IBSS_RSN
1880 } else if (ssid->mode == WPAS_MODE_IBSS &&
1881 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1882 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1884 * RSN IBSS authentication is per-STA and we can disable the
1885 * per-BSSID authentication.
1887 wpa_supplicant_cancel_auth_timeout(wpa_s);
1888 #endif /* CONFIG_IBSS_RSN */
1890 /* Timeout for IEEE 802.11 authentication and association */
1894 /* give IBSS a bit more time */
1895 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1896 } else if (wpa_s->conf->ap_scan == 1) {
1897 /* give IBSS a bit more time */
1898 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1900 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1904 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1905 /* Set static WEP keys again */
1906 wpa_set_wep_keys(wpa_s, ssid);
1909 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1911 * Do not allow EAP session resumption between different
1912 * network configurations.
1914 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1916 old_ssid = wpa_s->current_ssid;
1917 wpa_s->current_ssid = ssid;
1918 wpa_s->current_bss = bss;
1919 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1920 wpa_supplicant_initiate_eapol(wpa_s);
1921 if (old_ssid != wpa_s->current_ssid)
1922 wpas_notify_network_changed(wpa_s);
1926 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1929 struct wpa_ssid *old_ssid;
1931 wpa_clear_keys(wpa_s, addr);
1932 old_ssid = wpa_s->current_ssid;
1933 wpa_supplicant_mark_disassoc(wpa_s);
1934 wpa_sm_set_config(wpa_s->wpa, NULL);
1935 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1936 if (old_ssid != wpa_s->current_ssid)
1937 wpas_notify_network_changed(wpa_s);
1938 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1943 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1944 * @wpa_s: Pointer to wpa_supplicant data
1945 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1947 * This function is used to request %wpa_supplicant to deauthenticate from the
1950 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1954 union wpa_event_data event;
1957 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1958 " pending_bssid=" MACSTR " reason=%d state=%s",
1959 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1960 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1962 if (!is_zero_ether_addr(wpa_s->bssid))
1963 addr = wpa_s->bssid;
1964 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1965 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1966 wpa_s->wpa_state == WPA_ASSOCIATING))
1967 addr = wpa_s->pending_bssid;
1968 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1970 * When using driver-based BSS selection, we may not know the
1971 * BSSID with which we are currently trying to associate. We
1972 * need to notify the driver of this disconnection even in such
1973 * a case, so use the all zeros address here.
1975 addr = wpa_s->bssid;
1980 wpa_tdls_teardown_peers(wpa_s->wpa);
1981 #endif /* CONFIG_TDLS */
1984 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1985 os_memset(&event, 0, sizeof(event));
1986 event.deauth_info.reason_code = (u16) reason_code;
1987 event.deauth_info.locally_generated = 1;
1988 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1993 wpa_supplicant_clear_connection(wpa_s, addr);
1996 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1997 struct wpa_ssid *ssid)
1999 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2003 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2004 wpas_notify_network_enabled_changed(wpa_s, ssid);
2007 * Try to reassociate since there is no current configuration and a new
2008 * network was made available.
2010 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2011 wpa_s->reassociate = 1;
2016 * wpa_supplicant_enable_network - Mark a configured network as enabled
2017 * @wpa_s: wpa_supplicant structure for a network interface
2018 * @ssid: wpa_ssid structure for a configured network or %NULL
2020 * Enables the specified network or all networks if no network specified.
2022 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2023 struct wpa_ssid *ssid)
2026 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2027 wpa_supplicant_enable_one_network(wpa_s, ssid);
2029 wpa_supplicant_enable_one_network(wpa_s, ssid);
2031 if (wpa_s->reassociate && !wpa_s->disconnected) {
2032 if (wpa_s->sched_scanning) {
2033 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2034 "new network to scan filters");
2035 wpa_supplicant_cancel_sched_scan(wpa_s);
2038 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2039 wpa_supplicant_req_scan(wpa_s, 0, 0);
2045 * wpa_supplicant_disable_network - Mark a configured network as disabled
2046 * @wpa_s: wpa_supplicant structure for a network interface
2047 * @ssid: wpa_ssid structure for a configured network or %NULL
2049 * Disables the specified network or all networks if no network specified.
2051 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2052 struct wpa_ssid *ssid)
2054 struct wpa_ssid *other_ssid;
2058 if (wpa_s->sched_scanning)
2059 wpa_supplicant_cancel_sched_scan(wpa_s);
2061 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2062 other_ssid = other_ssid->next) {
2063 was_disabled = other_ssid->disabled;
2064 if (was_disabled == 2)
2065 continue; /* do not change persistent P2P group
2068 other_ssid->disabled = 1;
2070 if (was_disabled != other_ssid->disabled)
2071 wpas_notify_network_enabled_changed(
2074 if (wpa_s->current_ssid)
2075 wpa_supplicant_deauthenticate(
2076 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2077 } else if (ssid->disabled != 2) {
2078 if (ssid == wpa_s->current_ssid)
2079 wpa_supplicant_deauthenticate(
2080 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2082 was_disabled = ssid->disabled;
2086 if (was_disabled != ssid->disabled) {
2087 wpas_notify_network_enabled_changed(wpa_s, ssid);
2088 if (wpa_s->sched_scanning) {
2089 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2090 "to remove network from filters");
2091 wpa_supplicant_cancel_sched_scan(wpa_s);
2092 wpa_supplicant_req_scan(wpa_s, 0, 0);
2100 * wpa_supplicant_select_network - Attempt association with a network
2101 * @wpa_s: wpa_supplicant structure for a network interface
2102 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2104 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2105 struct wpa_ssid *ssid)
2108 struct wpa_ssid *other_ssid;
2109 int disconnected = 0;
2111 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2112 wpa_supplicant_deauthenticate(
2113 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2118 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2121 * Mark all other networks disabled or mark all networks enabled if no
2122 * network specified.
2124 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2125 other_ssid = other_ssid->next) {
2126 int was_disabled = other_ssid->disabled;
2127 if (was_disabled == 2)
2128 continue; /* do not change persistent P2P group data */
2130 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2131 if (was_disabled && !other_ssid->disabled)
2132 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2134 if (was_disabled != other_ssid->disabled)
2135 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2138 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2139 /* We are already associated with the selected network */
2140 wpa_printf(MSG_DEBUG, "Already associated with the "
2141 "selected network - do nothing");
2146 wpa_s->current_ssid = ssid;
2147 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2149 wpa_s->connect_without_scan = NULL;
2150 wpa_s->disconnected = 0;
2151 wpa_s->reassociate = 1;
2153 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2154 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2157 wpas_notify_network_selected(wpa_s, ssid);
2162 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2163 * @wpa_s: wpa_supplicant structure for a network interface
2164 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2165 * @pkcs11_module_path: PKCS #11 module path or NULL
2166 * Returns: 0 on success; -1 on failure
2168 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2169 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2170 * module path fails the paths will be reset to the default value (NULL).
2172 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2173 const char *pkcs11_engine_path,
2174 const char *pkcs11_module_path)
2176 char *pkcs11_engine_path_copy = NULL;
2177 char *pkcs11_module_path_copy = NULL;
2179 if (pkcs11_engine_path != NULL) {
2180 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2181 if (pkcs11_engine_path_copy == NULL)
2184 if (pkcs11_module_path != NULL) {
2185 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2186 if (pkcs11_module_path_copy == NULL) {
2187 os_free(pkcs11_engine_path_copy);
2192 os_free(wpa_s->conf->pkcs11_engine_path);
2193 os_free(wpa_s->conf->pkcs11_module_path);
2194 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2195 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2197 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2198 eapol_sm_deinit(wpa_s->eapol);
2199 wpa_s->eapol = NULL;
2200 if (wpa_supplicant_init_eapol(wpa_s)) {
2201 /* Error -> Reset paths to the default value (NULL) once. */
2202 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2203 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2208 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2215 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2216 * @wpa_s: wpa_supplicant structure for a network interface
2217 * @ap_scan: AP scan mode
2218 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2221 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2226 if (ap_scan < 0 || ap_scan > 2)
2230 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2231 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2232 wpa_s->wpa_state < WPA_COMPLETED) {
2233 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2234 "associating", wpa_s->conf->ap_scan, ap_scan);
2237 #endif /* ANDROID */
2239 old_ap_scan = wpa_s->conf->ap_scan;
2240 wpa_s->conf->ap_scan = ap_scan;
2242 if (old_ap_scan != wpa_s->conf->ap_scan)
2243 wpas_notify_ap_scan_changed(wpa_s);
2250 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2251 * @wpa_s: wpa_supplicant structure for a network interface
2252 * @expire_age: Expiration age in seconds
2253 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2256 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2257 unsigned int bss_expire_age)
2259 if (bss_expire_age < 10) {
2260 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2264 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2266 wpa_s->conf->bss_expiration_age = bss_expire_age;
2273 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2274 * @wpa_s: wpa_supplicant structure for a network interface
2275 * @expire_count: number of scans after which an unseen BSS is reclaimed
2276 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2279 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2280 unsigned int bss_expire_count)
2282 if (bss_expire_count < 1) {
2283 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2287 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2289 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2296 * wpa_supplicant_set_scan_interval - Set scan interval
2297 * @wpa_s: wpa_supplicant structure for a network interface
2298 * @scan_interval: scan interval in seconds
2299 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2302 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2305 if (scan_interval < 0) {
2306 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2310 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2312 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2319 * wpa_supplicant_set_debug_params - Set global debug params
2320 * @global: wpa_global structure
2321 * @debug_level: debug level
2322 * @debug_timestamp: determines if show timestamp in debug data
2323 * @debug_show_keys: determines if show keys in debug data
2324 * Returns: 0 if succeed or -1 if debug_level has wrong value
2326 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2327 int debug_timestamp, int debug_show_keys)
2330 int old_level, old_timestamp, old_show_keys;
2332 /* check for allowed debuglevels */
2333 if (debug_level != MSG_EXCESSIVE &&
2334 debug_level != MSG_MSGDUMP &&
2335 debug_level != MSG_DEBUG &&
2336 debug_level != MSG_INFO &&
2337 debug_level != MSG_WARNING &&
2338 debug_level != MSG_ERROR)
2341 old_level = wpa_debug_level;
2342 old_timestamp = wpa_debug_timestamp;
2343 old_show_keys = wpa_debug_show_keys;
2345 wpa_debug_level = debug_level;
2346 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2347 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2349 if (wpa_debug_level != old_level)
2350 wpas_notify_debug_level_changed(global);
2351 if (wpa_debug_timestamp != old_timestamp)
2352 wpas_notify_debug_timestamp_changed(global);
2353 if (wpa_debug_show_keys != old_show_keys)
2354 wpas_notify_debug_show_keys_changed(global);
2361 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2362 * @wpa_s: Pointer to wpa_supplicant data
2363 * Returns: A pointer to the current network structure or %NULL on failure
2365 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2367 struct wpa_ssid *entry;
2368 u8 ssid[MAX_SSID_LEN];
2374 res = wpa_drv_get_ssid(wpa_s, ssid);
2376 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2382 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2383 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2388 wired = wpa_s->conf->ap_scan == 0 &&
2389 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2391 entry = wpa_s->conf->ssid;
2393 if (!wpas_network_disabled(wpa_s, entry) &&
2394 ((ssid_len == entry->ssid_len &&
2395 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2396 (!entry->bssid_set ||
2397 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2400 if (!wpas_network_disabled(wpa_s, entry) &&
2401 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2402 (entry->ssid == NULL || entry->ssid_len == 0) &&
2403 (!entry->bssid_set ||
2404 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2406 #endif /* CONFIG_WPS */
2408 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2409 entry->ssid_len == 0 &&
2410 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2413 entry = entry->next;
2420 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2422 struct wpa_global *global = wpa_s->global;
2424 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2425 global->drv_priv[i] = wpa_drivers[i]->global_init();
2426 if (global->drv_priv[i] == NULL) {
2427 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2428 "'%s'", wpa_drivers[i]->name);
2433 wpa_s->driver = wpa_drivers[i];
2434 wpa_s->global_drv_priv = global->drv_priv[i];
2440 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2445 const char *pos, *driver = name;
2450 if (wpa_drivers[0] == NULL) {
2451 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2457 /* default to first driver in the list */
2458 return select_driver(wpa_s, 0);
2462 pos = os_strchr(driver, ',');
2466 len = os_strlen(driver);
2468 for (i = 0; wpa_drivers[i]; i++) {
2469 if (os_strlen(wpa_drivers[i]->name) == len &&
2470 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2472 /* First driver that succeeds wins */
2473 if (select_driver(wpa_s, i) == 0)
2481 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2487 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2488 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2489 * with struct wpa_driver_ops::init()
2490 * @src_addr: Source address of the EAPOL frame
2491 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2492 * @len: Length of the EAPOL data
2494 * This function is called for each received EAPOL frame. Most driver
2495 * interfaces rely on more generic OS mechanism for receiving frames through
2496 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2497 * take care of received EAPOL frames and deliver them to the core supplicant
2498 * code by calling this function.
2500 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2501 const u8 *buf, size_t len)
2503 struct wpa_supplicant *wpa_s = ctx;
2505 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2506 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2508 #ifdef CONFIG_PEERKEY
2509 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2510 wpa_s->current_ssid->peerkey &&
2511 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2512 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2513 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2516 #endif /* CONFIG_PEERKEY */
2518 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2519 (wpa_s->last_eapol_matches_bssid &&
2522 #endif /* CONFIG_AP */
2523 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2525 * There is possible race condition between receiving the
2526 * association event and the EAPOL frame since they are coming
2527 * through different paths from the driver. In order to avoid
2528 * issues in trying to process the EAPOL frame before receiving
2529 * association information, lets queue it for processing until
2530 * the association event is received. This may also be needed in
2531 * driver-based roaming case, so also use src_addr != BSSID as a
2532 * trigger if we have previously confirmed that the
2533 * Authenticator uses BSSID as the src_addr (which is not the
2534 * case with wired IEEE 802.1X).
2536 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2537 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2538 wpa_supplicant_state_txt(wpa_s->wpa_state),
2539 MAC2STR(wpa_s->bssid));
2540 wpabuf_free(wpa_s->pending_eapol_rx);
2541 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2542 if (wpa_s->pending_eapol_rx) {
2543 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2544 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2550 wpa_s->last_eapol_matches_bssid =
2551 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2554 if (wpa_s->ap_iface) {
2555 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2558 #endif /* CONFIG_AP */
2560 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2561 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2562 "no key management is configured");
2566 if (wpa_s->eapol_received == 0 &&
2567 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2568 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2569 wpa_s->wpa_state != WPA_COMPLETED) &&
2570 (wpa_s->current_ssid == NULL ||
2571 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2572 /* Timeout for completing IEEE 802.1X and WPA authentication */
2573 wpa_supplicant_req_auth_timeout(
2575 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2576 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2577 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2580 wpa_s->eapol_received++;
2582 if (wpa_s->countermeasures) {
2583 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2588 #ifdef CONFIG_IBSS_RSN
2589 if (wpa_s->current_ssid &&
2590 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2591 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2594 #endif /* CONFIG_IBSS_RSN */
2596 /* Source address of the incoming EAPOL frame could be compared to the
2597 * current BSSID. However, it is possible that a centralized
2598 * Authenticator could be using another MAC address than the BSSID of
2599 * an AP, so just allow any address to be used for now. The replies are
2600 * still sent to the current BSSID (if available), though. */
2602 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2603 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2604 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2606 wpa_drv_poll(wpa_s);
2607 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2608 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2609 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2611 * Set portValid = TRUE here since we are going to skip 4-way
2612 * handshake processing which would normally set portValid. We
2613 * need this to allow the EAPOL state machines to be completed
2614 * without going through EAPOL-Key handshake.
2616 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2621 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2623 if (wpa_s->driver->send_eapol) {
2624 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2626 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2627 } else if ((!wpa_s->p2p_mgmt ||
2628 !(wpa_s->drv_flags &
2629 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2630 !(wpa_s->drv_flags &
2631 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2632 l2_packet_deinit(wpa_s->l2);
2633 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2634 wpa_drv_get_mac_addr(wpa_s),
2636 wpa_supplicant_rx_eapol, wpa_s, 0);
2637 if (wpa_s->l2 == NULL)
2640 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2642 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2645 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2646 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2654 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2655 const u8 *buf, size_t len)
2657 struct wpa_supplicant *wpa_s = ctx;
2658 const struct l2_ethhdr *eth;
2660 if (len < sizeof(*eth))
2662 eth = (const struct l2_ethhdr *) buf;
2664 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2665 !(eth->h_dest[0] & 0x01)) {
2666 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2667 " (bridge - not for this interface - ignore)",
2668 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2672 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2673 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2674 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2675 len - sizeof(*eth));
2680 * wpa_supplicant_driver_init - Initialize driver interface parameters
2681 * @wpa_s: Pointer to wpa_supplicant data
2682 * Returns: 0 on success, -1 on failure
2684 * This function is called to initialize driver interface parameters.
2685 * wpa_drv_init() must have been called before this function to initialize the
2688 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2690 static int interface_count = 0;
2692 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2695 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2696 MAC2STR(wpa_s->own_addr));
2697 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2699 if (wpa_s->bridge_ifname[0]) {
2700 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2701 "interface '%s'", wpa_s->bridge_ifname);
2702 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2705 wpa_supplicant_rx_eapol_bridge,
2707 if (wpa_s->l2_br == NULL) {
2708 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2709 "connection for the bridge interface '%s'",
2710 wpa_s->bridge_ifname);
2715 wpa_clear_keys(wpa_s, NULL);
2717 /* Make sure that TKIP countermeasures are not left enabled (could
2718 * happen if wpa_supplicant is killed during countermeasures. */
2719 wpa_drv_set_countermeasures(wpa_s, 0);
2721 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2722 wpa_drv_flush_pmkid(wpa_s);
2724 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2725 wpa_s->prev_scan_wildcard = 0;
2727 if (wpa_supplicant_enabled_networks(wpa_s)) {
2728 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2729 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2730 interface_count = 0;
2732 if (!wpa_s->p2p_mgmt &&
2733 wpa_supplicant_delayed_sched_scan(wpa_s,
2734 interface_count % 3,
2736 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
2740 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2746 static int wpa_supplicant_daemon(const char *pid_file)
2748 wpa_printf(MSG_DEBUG, "Daemonize..");
2749 return os_daemonize(pid_file);
2753 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2755 struct wpa_supplicant *wpa_s;
2757 wpa_s = os_zalloc(sizeof(*wpa_s));
2760 wpa_s->scan_req = INITIAL_SCAN_REQ;
2761 wpa_s->scan_interval = 5;
2762 wpa_s->new_connection = 1;
2763 wpa_s->parent = wpa_s;
2764 wpa_s->sched_scanning = 0;
2770 #ifdef CONFIG_HT_OVERRIDES
2772 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2773 struct ieee80211_ht_capabilities *htcaps,
2774 struct ieee80211_ht_capabilities *htcaps_mask,
2777 /* parse ht_mcs into hex array */
2779 const char *tmp = ht_mcs;
2782 /* If ht_mcs is null, do not set anything */
2786 /* This is what we are setting in the kernel */
2787 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2789 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2791 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2793 long v = strtol(tmp, &end, 16);
2795 wpa_msg(wpa_s, MSG_DEBUG,
2796 "htcap value[%i]: %ld end: %p tmp: %p",
2801 htcaps->supported_mcs_set[i] = v;
2804 wpa_msg(wpa_s, MSG_ERROR,
2805 "Failed to parse ht-mcs: %s, error: %s\n",
2806 ht_mcs, strerror(errno));
2812 * If we were able to parse any values, then set mask for the MCS set.
2815 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2816 IEEE80211_HT_MCS_MASK_LEN - 1);
2817 /* skip the 3 reserved bits */
2818 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2826 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2827 struct ieee80211_ht_capabilities *htcaps,
2828 struct ieee80211_ht_capabilities *htcaps_mask,
2833 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2838 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2839 htcaps_mask->ht_capabilities_info |= msk;
2841 htcaps->ht_capabilities_info &= msk;
2843 htcaps->ht_capabilities_info |= msk;
2849 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2850 struct ieee80211_ht_capabilities *htcaps,
2851 struct ieee80211_ht_capabilities *htcaps_mask,
2854 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2859 if (factor < 0 || factor > 3) {
2860 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2861 "Must be 0-3 or -1", factor);
2865 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2866 htcaps->a_mpdu_params &= ~0x3;
2867 htcaps->a_mpdu_params |= factor & 0x3;
2873 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2874 struct ieee80211_ht_capabilities *htcaps,
2875 struct ieee80211_ht_capabilities *htcaps_mask,
2878 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2883 if (density < 0 || density > 7) {
2884 wpa_msg(wpa_s, MSG_ERROR,
2885 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2890 htcaps_mask->a_mpdu_params |= 0x1C;
2891 htcaps->a_mpdu_params &= ~(0x1C);
2892 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2898 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2899 struct ieee80211_ht_capabilities *htcaps,
2900 struct ieee80211_ht_capabilities *htcaps_mask,
2903 /* Masking these out disables HT40 */
2904 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2905 HT_CAP_INFO_SHORT_GI40MHZ);
2907 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2910 htcaps->ht_capabilities_info &= ~msk;
2912 htcaps->ht_capabilities_info |= msk;
2914 htcaps_mask->ht_capabilities_info |= msk;
2920 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2921 struct ieee80211_ht_capabilities *htcaps,
2922 struct ieee80211_ht_capabilities *htcaps_mask,
2925 /* Masking these out disables SGI */
2926 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2927 HT_CAP_INFO_SHORT_GI40MHZ);
2929 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2932 htcaps->ht_capabilities_info &= ~msk;
2934 htcaps->ht_capabilities_info |= msk;
2936 htcaps_mask->ht_capabilities_info |= msk;
2942 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
2943 struct ieee80211_ht_capabilities *htcaps,
2944 struct ieee80211_ht_capabilities *htcaps_mask,
2947 /* Masking these out disables LDPC */
2948 u16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
2950 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
2953 htcaps->ht_capabilities_info &= ~msk;
2955 htcaps->ht_capabilities_info |= msk;
2957 htcaps_mask->ht_capabilities_info |= msk;
2963 void wpa_supplicant_apply_ht_overrides(
2964 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2965 struct wpa_driver_associate_params *params)
2967 struct ieee80211_ht_capabilities *htcaps;
2968 struct ieee80211_ht_capabilities *htcaps_mask;
2973 params->disable_ht = ssid->disable_ht;
2974 if (!params->htcaps || !params->htcaps_mask)
2977 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2978 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2979 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2980 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2981 ssid->disable_max_amsdu);
2982 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2983 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2984 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2985 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2986 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
2988 if (ssid->ht40_intolerant) {
2989 u16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
2990 htcaps->ht_capabilities_info |= bit;
2991 htcaps_mask->ht_capabilities_info |= bit;
2995 #endif /* CONFIG_HT_OVERRIDES */
2998 #ifdef CONFIG_VHT_OVERRIDES
2999 void wpa_supplicant_apply_vht_overrides(
3000 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3001 struct wpa_driver_associate_params *params)
3003 struct ieee80211_vht_capabilities *vhtcaps;
3004 struct ieee80211_vht_capabilities *vhtcaps_mask;
3005 #ifdef CONFIG_HT_OVERRIDES
3007 const u32 max_ampdu_mask = VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX;
3008 #endif /* CONFIG_HT_OVERRIDES */
3013 params->disable_vht = ssid->disable_vht;
3015 vhtcaps = (void *) params->vhtcaps;
3016 vhtcaps_mask = (void *) params->vhtcaps_mask;
3018 if (!vhtcaps || !vhtcaps_mask)
3021 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3022 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3024 #ifdef CONFIG_HT_OVERRIDES
3025 /* if max ampdu is <= 3, we have to make the HT cap the same */
3026 if (ssid->vht_capa_mask & max_ampdu_mask) {
3027 max_ampdu = (ssid->vht_capa & max_ampdu_mask) >>
3028 find_first_bit(max_ampdu_mask);
3030 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3031 wpa_set_ampdu_factor(wpa_s,
3032 (void *) params->htcaps,
3033 (void *) params->htcaps_mask,
3036 #endif /* CONFIG_HT_OVERRIDES */
3038 #define OVERRIDE_MCS(i) \
3039 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3040 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3042 vhtcaps->vht_supported_mcs_set.tx_map |= \
3043 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3045 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3046 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3048 vhtcaps->vht_supported_mcs_set.rx_map |= \
3049 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3061 #endif /* CONFIG_VHT_OVERRIDES */
3064 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3069 if (!wpa_s->conf->pcsc_reader)
3072 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3076 if (wpa_s->conf->pcsc_pin &&
3077 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3078 scard_deinit(wpa_s->scard);
3079 wpa_s->scard = NULL;
3080 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3084 len = sizeof(wpa_s->imsi) - 1;
3085 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3086 scard_deinit(wpa_s->scard);
3087 wpa_s->scard = NULL;
3088 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3091 wpa_s->imsi[len] = '\0';
3093 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3095 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3096 wpa_s->imsi, wpa_s->mnc_len);
3098 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3099 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3100 #endif /* PCSC_FUNCS */
3106 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3110 ext_password_deinit(wpa_s->ext_pw);
3111 wpa_s->ext_pw = NULL;
3112 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3114 if (!wpa_s->conf->ext_password_backend)
3117 val = os_strdup(wpa_s->conf->ext_password_backend);
3120 pos = os_strchr(val, ':');
3124 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3126 wpa_s->ext_pw = ext_password_init(val, pos);
3128 if (wpa_s->ext_pw == NULL) {
3129 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3132 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3138 static int wpas_check_wowlan_trigger(const char *start, const char *trigger,
3139 int capa_trigger, u8 *param_trigger)
3141 if (os_strcmp(start, trigger) != 0)
3151 int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3152 struct wpa_driver_capa *capa)
3154 struct wowlan_triggers triggers;
3155 char *start, *end, *buf;
3158 if (!wpa_s->conf->wowlan_triggers)
3161 buf = os_strdup(wpa_s->conf->wowlan_triggers);
3165 os_memset(&triggers, 0, sizeof(triggers));
3167 #define CHECK_TRIGGER(trigger) \
3168 wpas_check_wowlan_trigger(start, #trigger, \
3169 capa->wowlan_triggers.trigger, \
3173 while (*start != '\0') {
3174 while (isblank(*start))
3179 while (!isblank(*end) && *end != '\0')
3181 last = *end == '\0';
3184 if (!CHECK_TRIGGER(any) &&
3185 !CHECK_TRIGGER(disconnect) &&
3186 !CHECK_TRIGGER(magic_pkt) &&
3187 !CHECK_TRIGGER(gtk_rekey_failure) &&
3188 !CHECK_TRIGGER(eap_identity_req) &&
3189 !CHECK_TRIGGER(four_way_handshake) &&
3190 !CHECK_TRIGGER(rfkill_release)) {
3191 wpa_printf(MSG_DEBUG,
3192 "Unknown/unsupported wowlan trigger '%s'",
3202 #undef CHECK_TRIGGER
3204 ret = wpa_drv_wowlan(wpa_s, &triggers);
3211 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3214 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3215 struct wpa_radio *radio;
3217 while (rn && iface) {
3218 radio = iface->radio;
3219 if (radio && os_strcmp(rn, radio->name) == 0) {
3220 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3222 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3226 iface = iface->next;
3229 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3230 wpa_s->ifname, rn ? rn : "N/A");
3231 radio = os_zalloc(sizeof(*radio));
3236 os_strlcpy(radio->name, rn, sizeof(radio->name));
3237 dl_list_init(&radio->ifaces);
3238 dl_list_init(&radio->work);
3239 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3245 static void radio_work_free(struct wpa_radio_work *work)
3247 if (work->wpa_s->scan_work == work) {
3248 /* This should not really happen. */
3249 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3250 work->type, work, work->started);
3251 work->wpa_s->scan_work = NULL;
3255 if (work->wpa_s->p2p_scan_work == work) {
3256 /* This should not really happen. */
3257 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3258 work->type, work, work->started);
3259 work->wpa_s->p2p_scan_work = NULL;
3261 #endif /* CONFIG_P2P */
3263 dl_list_del(&work->list);
3268 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3270 struct wpa_radio *radio = eloop_ctx;
3271 struct wpa_radio_work *work;
3272 struct os_reltime now, diff;
3273 struct wpa_supplicant *wpa_s;
3275 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3280 return; /* already started and still in progress */
3282 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3284 if (wpa_s && wpa_s->external_scan_running) {
3285 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3289 os_get_reltime(&now);
3290 os_reltime_sub(&now, &work->time, &diff);
3291 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3292 work->type, work, diff.sec, diff.usec);
3300 * This function removes both started and pending radio works running on
3301 * the provided interface's radio.
3302 * Prior to the removal of the radio work, its callback (cb) is called with
3303 * deinit set to be 1. Each work's callback is responsible for clearing its
3304 * internal data and restoring to a correct state.
3305 * @wpa_s: wpa_supplicant data
3306 * @type: type of works to be removed
3307 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3308 * this interface's works.
3310 void radio_remove_works(struct wpa_supplicant *wpa_s,
3311 const char *type, int remove_all)
3313 struct wpa_radio_work *work, *tmp;
3314 struct wpa_radio *radio = wpa_s->radio;
3316 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3318 if (type && os_strcmp(type, work->type) != 0)
3321 /* skip other ifaces' works */
3322 if (!remove_all && work->wpa_s != wpa_s)
3325 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3326 work->type, work, work->started ? " (started)" : "");
3328 radio_work_free(work);
3331 /* in case we removed the started work */
3332 radio_work_check_next(wpa_s);
3336 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3338 struct wpa_radio *radio = wpa_s->radio;
3343 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3344 wpa_s->ifname, radio->name);
3345 dl_list_del(&wpa_s->radio_list);
3346 radio_remove_works(wpa_s, NULL, 0);
3347 wpa_s->radio = NULL;
3348 if (!dl_list_empty(&radio->ifaces))
3349 return; /* Interfaces remain for this radio */
3351 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3352 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3357 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3359 struct wpa_radio *radio = wpa_s->radio;
3361 if (dl_list_empty(&radio->work))
3363 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3364 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3369 * radio_add_work - Add a radio work item
3370 * @wpa_s: Pointer to wpa_supplicant data
3371 * @freq: Frequency of the offchannel operation in MHz or 0
3372 * @type: Unique identifier for each type of work
3373 * @next: Force as the next work to be executed
3374 * @cb: Callback function for indicating when radio is available
3375 * @ctx: Context pointer for the work (work->ctx in cb())
3376 * Returns: 0 on success, -1 on failure
3378 * This function is used to request time for an operation that requires
3379 * exclusive radio control. Once the radio is available, the registered callback
3380 * function will be called. radio_work_done() must be called once the exclusive
3381 * radio operation has been completed, so that the radio is freed for other
3382 * operations. The special case of deinit=1 is used to free the context data
3383 * during interface removal. That does not allow the callback function to start
3384 * the radio operation, i.e., it must free any resources allocated for the radio
3387 * The @freq parameter can be used to indicate a single channel on which the
3388 * offchannel operation will occur. This may allow multiple radio work
3389 * operations to be performed in parallel if they apply for the same channel.
3390 * Setting this to 0 indicates that the work item may use multiple channels or
3391 * requires exclusive control of the radio.
3393 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3394 const char *type, int next,
3395 void (*cb)(struct wpa_radio_work *work, int deinit),
3398 struct wpa_radio_work *work;
3401 work = os_zalloc(sizeof(*work));
3404 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3405 os_get_reltime(&work->time);
3408 work->wpa_s = wpa_s;
3412 was_empty = dl_list_empty(&wpa_s->radio->work);
3414 dl_list_add(&wpa_s->radio->work, &work->list);
3416 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3418 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3419 radio_work_check_next(wpa_s);
3427 * radio_work_done - Indicate that a radio work item has been completed
3428 * @work: Completed work
3430 * This function is called once the callback function registered with
3431 * radio_add_work() has completed its work.
3433 void radio_work_done(struct wpa_radio_work *work)
3435 struct wpa_supplicant *wpa_s = work->wpa_s;
3436 struct os_reltime now, diff;
3437 unsigned int started = work->started;
3439 os_get_reltime(&now);
3440 os_reltime_sub(&now, &work->time, &diff);
3441 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3442 work->type, work, started ? "done" : "canceled",
3443 diff.sec, diff.usec);
3444 radio_work_free(work);
3446 radio_work_check_next(wpa_s);
3450 int radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3452 struct wpa_radio_work *work;
3453 struct wpa_radio *radio = wpa_s->radio;
3455 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3456 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3464 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3465 struct wpa_interface *iface)
3467 const char *ifname, *driver, *rn;
3469 driver = iface->driver;
3471 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3474 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3475 if (wpa_s->drv_priv == NULL) {
3477 pos = driver ? os_strchr(driver, ',') : NULL;
3479 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3480 "driver interface - try next driver wrapper");
3484 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3488 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3489 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3490 "driver_param '%s'", wpa_s->conf->driver_param);
3494 ifname = wpa_drv_get_ifname(wpa_s);
3495 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3496 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3497 "interface name with '%s'", ifname);
3498 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3501 rn = wpa_driver_get_radio_name(wpa_s);
3502 if (rn && rn[0] == '\0')
3505 wpa_s->radio = radio_add_interface(wpa_s, rn);
3506 if (wpa_s->radio == NULL)
3513 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3514 struct wpa_interface *iface)
3516 struct wpa_driver_capa capa;
3518 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3519 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3520 iface->confname ? iface->confname : "N/A",
3521 iface->driver ? iface->driver : "default",
3522 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3523 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3525 if (iface->confname) {
3526 #ifdef CONFIG_BACKEND_FILE
3527 wpa_s->confname = os_rel2abs_path(iface->confname);
3528 if (wpa_s->confname == NULL) {
3529 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3530 "for configuration file '%s'.",
3534 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3535 iface->confname, wpa_s->confname);
3536 #else /* CONFIG_BACKEND_FILE */
3537 wpa_s->confname = os_strdup(iface->confname);
3538 #endif /* CONFIG_BACKEND_FILE */
3539 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3540 if (wpa_s->conf == NULL) {
3541 wpa_printf(MSG_ERROR, "Failed to read or parse "
3542 "configuration '%s'.", wpa_s->confname);
3545 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3546 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3549 wpa_s->conf_p2p_dev = os_rel2abs_path(iface->conf_p2p_dev);
3550 wpa_config_read(wpa_s->conf_p2p_dev, wpa_s->conf);
3551 #endif /* CONFIG_P2P */
3554 * Override ctrl_interface and driver_param if set on command
3557 if (iface->ctrl_interface) {
3558 os_free(wpa_s->conf->ctrl_interface);
3559 wpa_s->conf->ctrl_interface =
3560 os_strdup(iface->ctrl_interface);
3563 if (iface->driver_param) {
3564 os_free(wpa_s->conf->driver_param);
3565 wpa_s->conf->driver_param =
3566 os_strdup(iface->driver_param);
3569 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3570 os_free(wpa_s->conf->ctrl_interface);
3571 wpa_s->conf->ctrl_interface = NULL;
3574 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3575 iface->driver_param);
3577 if (wpa_s->conf == NULL) {
3578 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3582 if (iface->ifname == NULL) {
3583 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3586 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3587 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3591 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3593 if (iface->bridge_ifname) {
3594 if (os_strlen(iface->bridge_ifname) >=
3595 sizeof(wpa_s->bridge_ifname)) {
3596 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3597 "name '%s'.", iface->bridge_ifname);
3600 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3601 sizeof(wpa_s->bridge_ifname));
3604 /* RSNA Supplicant Key Management - INITIALIZE */
3605 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3606 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3608 /* Initialize driver interface and register driver event handler before
3609 * L2 receive handler so that association events are processed before
3610 * EAPOL-Key packets if both become available for the same select()
3612 if (wpas_init_driver(wpa_s, iface) < 0)
3615 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3618 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3619 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3621 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3623 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3624 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3625 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3626 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3627 "dot11RSNAConfigPMKLifetime");
3631 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3632 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3633 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3634 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3635 "dot11RSNAConfigPMKReauthThreshold");
3639 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3640 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3641 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3642 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3643 "dot11RSNAConfigSATimeout");
3647 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3648 &wpa_s->hw.num_modes,
3651 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3652 wpa_s->drv_capa_known = 1;
3653 wpa_s->drv_flags = capa.flags;
3654 wpa_s->drv_enc = capa.enc;
3655 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3656 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3657 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3658 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3659 wpa_s->max_match_sets = capa.max_match_sets;
3660 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3661 wpa_s->max_stations = capa.max_stations;
3662 wpa_s->extended_capa = capa.extended_capa;
3663 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3664 wpa_s->extended_capa_len = capa.extended_capa_len;
3665 wpa_s->num_multichan_concurrent =
3666 capa.num_multichan_concurrent;
3668 if (wpa_s->max_remain_on_chan == 0)
3669 wpa_s->max_remain_on_chan = 1000;
3672 * Only take p2p_mgmt parameters when P2P Device is supported.
3673 * Doing it here as it determines whether l2_packet_init() will be done
3674 * during wpa_supplicant_driver_init().
3676 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3677 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3679 iface->p2p_mgmt = 1;
3681 if (wpa_s->num_multichan_concurrent == 0)
3682 wpa_s->num_multichan_concurrent = 1;
3684 if (wpa_supplicant_driver_init(wpa_s) < 0)
3688 if ((!iface->p2p_mgmt ||
3689 !(wpa_s->drv_flags &
3690 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3691 wpa_tdls_init(wpa_s->wpa))
3693 #endif /* CONFIG_TDLS */
3695 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3696 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3697 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3701 if (wpas_wps_init(wpa_s))
3704 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3706 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3708 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3709 if (wpa_s->ctrl_iface == NULL) {
3710 wpa_printf(MSG_ERROR,
3711 "Failed to initialize control interface '%s'.\n"
3712 "You may have another wpa_supplicant process "
3713 "already running or the file was\n"
3714 "left by an unclean termination of wpa_supplicant "
3715 "in which case you will need\n"
3716 "to manually remove this file before starting "
3717 "wpa_supplicant again.\n",
3718 wpa_s->conf->ctrl_interface);
3722 wpa_s->gas = gas_query_init(wpa_s);
3723 if (wpa_s->gas == NULL) {
3724 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3729 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3730 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3733 #endif /* CONFIG_P2P */
3735 if (wpa_bss_init(wpa_s) < 0)
3739 * Set Wake-on-WLAN triggers, if configured.
3740 * Note: We don't restore/remove the triggers on shutdown (it doesn't
3741 * have effect anyway when the interface is down).
3743 if (wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
3746 #ifdef CONFIG_EAP_PROXY
3749 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3751 if (wpa_s->mnc_len > 0) {
3752 wpa_s->imsi[len] = '\0';
3753 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3754 wpa_s->imsi, wpa_s->mnc_len);
3756 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3759 #endif /* CONFIG_EAP_PROXY */
3761 if (pcsc_reader_init(wpa_s) < 0)
3764 if (wpas_init_ext_pw(wpa_s) < 0)
3771 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3772 int notify, int terminate)
3774 wpa_s->disconnected = 1;
3775 if (wpa_s->drv_priv) {
3776 wpa_supplicant_deauthenticate(wpa_s,
3777 WLAN_REASON_DEAUTH_LEAVING);
3779 wpa_drv_set_countermeasures(wpa_s, 0);
3780 wpa_clear_keys(wpa_s, NULL);
3783 wpa_supplicant_cleanup(wpa_s);
3786 if (wpa_s == wpa_s->parent)
3787 wpas_p2p_group_remove(wpa_s, "*");
3788 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3789 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3790 "the management interface is being removed");
3791 wpas_p2p_deinit_global(wpa_s->global);
3793 #endif /* CONFIG_P2P */
3795 wpas_ctrl_radio_work_flush(wpa_s);
3796 radio_remove_interface(wpa_s);
3798 if (wpa_s->drv_priv)
3799 wpa_drv_deinit(wpa_s);
3802 wpas_notify_iface_removed(wpa_s);
3805 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3807 if (wpa_s->ctrl_iface) {
3808 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3809 wpa_s->ctrl_iface = NULL;
3812 if (wpa_s->conf != NULL) {
3813 wpa_config_free(wpa_s->conf);
3822 * wpa_supplicant_add_iface - Add a new network interface
3823 * @global: Pointer to global data from wpa_supplicant_init()
3824 * @iface: Interface configuration options
3825 * Returns: Pointer to the created interface or %NULL on failure
3827 * This function is used to add new network interfaces for %wpa_supplicant.
3828 * This can be called before wpa_supplicant_run() to add interfaces before the
3829 * main event loop has been started. In addition, new interfaces can be added
3830 * dynamically while %wpa_supplicant is already running. This could happen,
3831 * e.g., when a hotplug network adapter is inserted.
3833 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3834 struct wpa_interface *iface)
3836 struct wpa_supplicant *wpa_s;
3837 struct wpa_interface t_iface;
3838 struct wpa_ssid *ssid;
3840 if (global == NULL || iface == NULL)
3843 wpa_s = wpa_supplicant_alloc();
3847 wpa_s->global = global;
3850 if (global->params.override_driver) {
3851 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3853 iface->driver, global->params.override_driver);
3854 t_iface.driver = global->params.override_driver;
3856 if (global->params.override_ctrl_interface) {
3857 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3858 "ctrl_interface ('%s' -> '%s')",
3859 iface->ctrl_interface,
3860 global->params.override_ctrl_interface);
3861 t_iface.ctrl_interface =
3862 global->params.override_ctrl_interface;
3864 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3865 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3867 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3871 /* Notify the control interfaces about new iface */
3872 if (wpas_notify_iface_added(wpa_s)) {
3873 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3877 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3878 wpas_notify_network_added(wpa_s, ssid);
3880 wpa_s->next = global->ifaces;
3881 global->ifaces = wpa_s;
3883 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3884 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3891 * wpa_supplicant_remove_iface - Remove a network interface
3892 * @global: Pointer to global data from wpa_supplicant_init()
3893 * @wpa_s: Pointer to the network interface to be removed
3894 * Returns: 0 if interface was removed, -1 if interface was not found
3896 * This function can be used to dynamically remove network interfaces from
3897 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3898 * addition, this function is used to remove all remaining interfaces when
3899 * %wpa_supplicant is terminated.
3901 int wpa_supplicant_remove_iface(struct wpa_global *global,
3902 struct wpa_supplicant *wpa_s,
3905 struct wpa_supplicant *prev;
3907 /* Remove interface from the global list of interfaces */
3908 prev = global->ifaces;
3909 if (prev == wpa_s) {
3910 global->ifaces = wpa_s->next;
3912 while (prev && prev->next != wpa_s)
3916 prev->next = wpa_s->next;
3919 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3921 if (global->p2p_group_formation == wpa_s)
3922 global->p2p_group_formation = NULL;
3923 if (global->p2p_invite_group == wpa_s)
3924 global->p2p_invite_group = NULL;
3925 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3932 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3933 * @wpa_s: Pointer to the network interface
3934 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3936 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3938 const char *eapol_method;
3940 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3941 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3945 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3946 if (eapol_method == NULL)
3947 return "UNKNOWN-EAP";
3949 return eapol_method;
3954 * wpa_supplicant_get_iface - Get a new network interface
3955 * @global: Pointer to global data from wpa_supplicant_init()
3956 * @ifname: Interface name
3957 * Returns: Pointer to the interface or %NULL if not found
3959 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3962 struct wpa_supplicant *wpa_s;
3964 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3965 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3972 #ifndef CONFIG_NO_WPA_MSG
3973 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3975 struct wpa_supplicant *wpa_s = ctx;
3978 return wpa_s->ifname;
3980 #endif /* CONFIG_NO_WPA_MSG */
3984 * wpa_supplicant_init - Initialize %wpa_supplicant
3985 * @params: Parameters for %wpa_supplicant
3986 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3988 * This function is used to initialize %wpa_supplicant. After successful
3989 * initialization, the returned data pointer can be used to add and remove
3990 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3992 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3994 struct wpa_global *global;
4000 #ifdef CONFIG_DRIVER_NDIS
4002 void driver_ndis_init_ops(void);
4003 driver_ndis_init_ops();
4005 #endif /* CONFIG_DRIVER_NDIS */
4007 #ifndef CONFIG_NO_WPA_MSG
4008 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4009 #endif /* CONFIG_NO_WPA_MSG */
4011 wpa_debug_open_file(params->wpa_debug_file_path);
4012 if (params->wpa_debug_syslog)
4013 wpa_debug_open_syslog();
4014 if (params->wpa_debug_tracing) {
4015 ret = wpa_debug_open_linux_tracing();
4017 wpa_printf(MSG_ERROR,
4018 "Failed to enable trace logging");
4023 ret = eap_register_methods();
4025 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4027 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4028 "the same EAP type.");
4032 global = os_zalloc(sizeof(*global));
4035 dl_list_init(&global->p2p_srv_bonjour);
4036 dl_list_init(&global->p2p_srv_upnp);
4037 global->params.daemonize = params->daemonize;
4038 global->params.wait_for_monitor = params->wait_for_monitor;
4039 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4040 if (params->pid_file)
4041 global->params.pid_file = os_strdup(params->pid_file);
4042 if (params->ctrl_interface)
4043 global->params.ctrl_interface =
4044 os_strdup(params->ctrl_interface);
4045 if (params->ctrl_interface_group)
4046 global->params.ctrl_interface_group =
4047 os_strdup(params->ctrl_interface_group);
4048 if (params->override_driver)
4049 global->params.override_driver =
4050 os_strdup(params->override_driver);
4051 if (params->override_ctrl_interface)
4052 global->params.override_ctrl_interface =
4053 os_strdup(params->override_ctrl_interface);
4054 wpa_debug_level = global->params.wpa_debug_level =
4055 params->wpa_debug_level;
4056 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4057 params->wpa_debug_show_keys;
4058 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4059 params->wpa_debug_timestamp;
4061 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4064 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4065 wpa_supplicant_deinit(global);
4069 random_init(params->entropy_file);
4071 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4072 if (global->ctrl_iface == NULL) {
4073 wpa_supplicant_deinit(global);
4077 if (wpas_notify_supplicant_initialized(global)) {
4078 wpa_supplicant_deinit(global);
4082 for (i = 0; wpa_drivers[i]; i++)
4083 global->drv_count++;
4084 if (global->drv_count == 0) {
4085 wpa_printf(MSG_ERROR, "No drivers enabled");
4086 wpa_supplicant_deinit(global);
4089 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
4090 if (global->drv_priv == NULL) {
4091 wpa_supplicant_deinit(global);
4095 #ifdef CONFIG_WIFI_DISPLAY
4096 if (wifi_display_init(global) < 0) {
4097 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4098 wpa_supplicant_deinit(global);
4101 #endif /* CONFIG_WIFI_DISPLAY */
4108 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4109 * @global: Pointer to global data from wpa_supplicant_init()
4110 * Returns: 0 after successful event loop run, -1 on failure
4112 * This function starts the main event loop and continues running as long as
4113 * there are any remaining events. In most cases, this function is running as
4114 * long as the %wpa_supplicant process in still in use.
4116 int wpa_supplicant_run(struct wpa_global *global)
4118 struct wpa_supplicant *wpa_s;
4120 if (global->params.daemonize &&
4121 wpa_supplicant_daemon(global->params.pid_file))
4124 if (global->params.wait_for_monitor) {
4125 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4126 if (wpa_s->ctrl_iface)
4127 wpa_supplicant_ctrl_iface_wait(
4131 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4132 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4141 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4142 * @global: Pointer to global data from wpa_supplicant_init()
4144 * This function is called to deinitialize %wpa_supplicant and to free all
4145 * allocated resources. Remaining network interfaces will also be removed.
4147 void wpa_supplicant_deinit(struct wpa_global *global)
4154 #ifdef CONFIG_WIFI_DISPLAY
4155 wifi_display_deinit(global);
4156 #endif /* CONFIG_WIFI_DISPLAY */
4158 while (global->ifaces)
4159 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4161 if (global->ctrl_iface)
4162 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4164 wpas_notify_supplicant_deinitialized(global);
4166 eap_peer_unregister_methods();
4168 eap_server_unregister_methods();
4169 #endif /* CONFIG_AP */
4171 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4172 if (!global->drv_priv[i])
4174 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4176 os_free(global->drv_priv);
4182 if (global->params.pid_file) {
4183 os_daemonize_terminate(global->params.pid_file);
4184 os_free(global->params.pid_file);
4186 os_free(global->params.ctrl_interface);
4187 os_free(global->params.ctrl_interface_group);
4188 os_free(global->params.override_driver);
4189 os_free(global->params.override_ctrl_interface);
4191 os_free(global->p2p_disallow_freq.range);
4192 os_free(global->p2p_go_avoid_freq.range);
4193 os_free(global->add_psk);
4196 wpa_debug_close_syslog();
4197 wpa_debug_close_file();
4198 wpa_debug_close_linux_tracing();
4202 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4204 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4205 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4207 country[0] = wpa_s->conf->country[0];
4208 country[1] = wpa_s->conf->country[1];
4210 if (wpa_drv_set_country(wpa_s, country) < 0) {
4211 wpa_printf(MSG_ERROR, "Failed to set country code "
4216 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4217 wpas_init_ext_pw(wpa_s);
4220 wpas_wps_update_config(wpa_s);
4221 #endif /* CONFIG_WPS */
4224 wpas_p2p_update_config(wpa_s);
4225 #endif /* CONFIG_P2P */
4227 wpa_s->conf->changed_parameters = 0;
4231 static void add_freq(int *freqs, int *num_freqs, int freq)
4235 for (i = 0; i < *num_freqs; i++) {
4236 if (freqs[i] == freq)
4240 freqs[*num_freqs] = freq;
4245 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4247 struct wpa_bss *bss, *cbss;
4248 const int max_freqs = 10;
4252 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
4256 cbss = wpa_s->current_bss;
4258 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4261 if (bss->ssid_len == cbss->ssid_len &&
4262 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4263 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4264 add_freq(freqs, &num_freqs, bss->freq);
4265 if (num_freqs == max_freqs)
4270 if (num_freqs == 0) {
4279 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4285 wpas_connect_work_done(wpa_s);
4288 * Remove possible authentication timeout since the connection failed.
4290 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4292 if (wpa_s->disconnected) {
4294 * There is no point in blacklisting the AP if this event is
4295 * generated based on local request to disconnect.
4297 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4298 "indication since interface has been put into "
4299 "disconnected state");
4304 * Add the failed BSSID into the blacklist and speed up next scan
4305 * attempt if there could be other APs that could accept association.
4306 * The current blacklist count indicates how many times we have tried
4307 * connecting to this AP and multiple attempts mean that other APs are
4308 * either not available or has already been tried, so that we can start
4309 * increasing the delay here to avoid constant scanning.
4311 count = wpa_blacklist_add(wpa_s, bssid);
4312 if (count == 1 && wpa_s->current_bss) {
4314 * This BSS was not in the blacklist before. If there is
4315 * another BSS available for the same ESS, we should try that
4316 * next. Otherwise, we may as well try this one once more
4317 * before allowing other, likely worse, ESSes to be considered.
4319 freqs = get_bss_freqs_in_ess(wpa_s);
4321 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4322 "has been seen; try it next");
4323 wpa_blacklist_add(wpa_s, bssid);
4325 * On the next scan, go through only the known channels
4326 * used in this ESS based on previous scans to speed up
4327 * common load balancing use case.
4329 os_free(wpa_s->next_scan_freqs);
4330 wpa_s->next_scan_freqs = freqs;
4335 * Add previous failure count in case the temporary blacklist was
4336 * cleared due to no other BSSes being available.
4338 count += wpa_s->extra_blacklist_count;
4340 if (count > 3 && wpa_s->current_ssid) {
4341 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4342 "consider temporary network disabling");
4343 wpas_auth_failed(wpa_s, "CONN_FAILED");
4364 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4365 "ms", count, timeout);
4368 * TODO: if more than one possible AP is available in scan results,
4369 * could try the other ones before requesting a new scan.
4371 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4372 1000 * (timeout % 1000));
4376 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4378 return wpa_s->conf->ap_scan == 2 ||
4379 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4383 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4384 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4385 struct wpa_ssid *ssid,
4389 #ifdef IEEE8021X_EAPOL
4390 struct eap_peer_config *eap = &ssid->eap;
4392 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4393 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4394 (const u8 *) value, os_strlen(value));
4396 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4397 case WPA_CTRL_REQ_EAP_IDENTITY:
4398 os_free(eap->identity);
4399 eap->identity = (u8 *) os_strdup(value);
4400 eap->identity_len = os_strlen(value);
4401 eap->pending_req_identity = 0;
4402 if (ssid == wpa_s->current_ssid)
4403 wpa_s->reassociate = 1;
4405 case WPA_CTRL_REQ_EAP_PASSWORD:
4406 os_free(eap->password);
4407 eap->password = (u8 *) os_strdup(value);
4408 eap->password_len = os_strlen(value);
4409 eap->pending_req_password = 0;
4410 if (ssid == wpa_s->current_ssid)
4411 wpa_s->reassociate = 1;
4413 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4414 os_free(eap->new_password);
4415 eap->new_password = (u8 *) os_strdup(value);
4416 eap->new_password_len = os_strlen(value);
4417 eap->pending_req_new_password = 0;
4418 if (ssid == wpa_s->current_ssid)
4419 wpa_s->reassociate = 1;
4421 case WPA_CTRL_REQ_EAP_PIN:
4423 eap->pin = os_strdup(value);
4424 eap->pending_req_pin = 0;
4425 if (ssid == wpa_s->current_ssid)
4426 wpa_s->reassociate = 1;
4428 case WPA_CTRL_REQ_EAP_OTP:
4430 eap->otp = (u8 *) os_strdup(value);
4431 eap->otp_len = os_strlen(value);
4432 os_free(eap->pending_req_otp);
4433 eap->pending_req_otp = NULL;
4434 eap->pending_req_otp_len = 0;
4436 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4437 os_free(eap->private_key_passwd);
4438 eap->private_key_passwd = (u8 *) os_strdup(value);
4439 eap->pending_req_passphrase = 0;
4440 if (ssid == wpa_s->current_ssid)
4441 wpa_s->reassociate = 1;
4443 case WPA_CTRL_REQ_SIM:
4444 os_free(eap->external_sim_resp);
4445 eap->external_sim_resp = os_strdup(value);
4448 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4453 #else /* IEEE8021X_EAPOL */
4454 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4456 #endif /* IEEE8021X_EAPOL */
4458 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4461 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4464 unsigned int drv_enc;
4472 if (wpa_s && wpa_s->drv_capa_known)
4473 drv_enc = wpa_s->drv_enc;
4475 drv_enc = (unsigned int) -1;
4477 for (i = 0; i < NUM_WEP_KEYS; i++) {
4478 size_t len = ssid->wep_key_len[i];
4481 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4483 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4485 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4487 return 1; /* invalid WEP key */
4490 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4491 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk)
4498 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4500 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4502 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4508 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
4510 struct wpa_ssid *ssid = wpa_s->current_ssid;
4512 struct os_reltime now;
4515 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4520 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4523 ssid->auth_failures++;
4526 if (ssid->p2p_group &&
4527 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4529 * Skip the wait time since there is a short timeout on the
4530 * connection to a P2P group.
4534 #endif /* CONFIG_P2P */
4536 if (ssid->auth_failures > 50)
4538 else if (ssid->auth_failures > 10)
4540 else if (ssid->auth_failures > 5)
4542 else if (ssid->auth_failures > 3)
4544 else if (ssid->auth_failures > 2)
4546 else if (ssid->auth_failures > 1)
4551 if (ssid->auth_failures > 1 &&
4552 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
4553 dur += os_random() % (ssid->auth_failures * 10);
4555 os_get_reltime(&now);
4556 if (now.sec + dur <= ssid->disabled_until.sec)
4559 ssid->disabled_until.sec = now.sec + dur;
4561 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4562 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
4563 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4564 ssid->auth_failures, dur, reason);
4568 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4569 struct wpa_ssid *ssid, int clear_failures)
4574 if (ssid->disabled_until.sec) {
4575 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4576 "id=%d ssid=\"%s\"",
4577 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4579 ssid->disabled_until.sec = 0;
4580 ssid->disabled_until.usec = 0;
4582 ssid->auth_failures = 0;
4586 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4590 if (wpa_s->disallow_aps_bssid == NULL)
4593 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4594 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4595 bssid, ETH_ALEN) == 0)
4603 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4608 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4611 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4612 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4613 if (ssid_len == s->ssid_len &&
4614 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4623 * wpas_request_connection - Request a new connection
4624 * @wpa_s: Pointer to the network interface
4626 * This function is used to request a new connection to be found. It will mark
4627 * the interface to allow reassociation and request a new scan to find a
4628 * suitable network to connect to.
4630 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4632 wpa_s->normal_scans = 0;
4633 wpa_supplicant_reinit_autoscan(wpa_s);
4634 wpa_s->extra_blacklist_count = 0;
4635 wpa_s->disconnected = 0;
4636 wpa_s->reassociate = 1;
4638 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4639 wpa_supplicant_req_scan(wpa_s, 0, 0);
4643 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
4644 struct wpa_used_freq_data *freqs_data,
4649 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4651 for (i = 0; i < len; i++) {
4652 struct wpa_used_freq_data *cur = &freqs_data[i];
4653 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
4654 i, cur->freq, cur->flags);
4660 * Find the operating frequencies of any of the virtual interfaces that
4661 * are using the same radio as the current interface, and in addition, get
4662 * information about the interface types that are using the frequency.
4664 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
4665 struct wpa_used_freq_data *freqs_data,
4668 struct wpa_supplicant *ifs;
4671 unsigned int idx = 0, i;
4673 wpa_dbg(wpa_s, MSG_DEBUG,
4674 "Determining shared radio frequencies (max len %u)", len);
4675 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
4677 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4682 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4685 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4686 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4687 freq = ifs->current_ssid->frequency;
4688 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4689 freq = ifs->assoc_freq;
4693 /* Hold only distinct freqs */
4694 for (i = 0; i < idx; i++)
4695 if (freqs_data[i].freq == freq)
4699 freqs_data[idx++].freq = freq;
4701 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
4702 freqs_data[i].flags = ifs->current_ssid->p2p_group ?
4703 WPA_FREQ_USED_BY_P2P_CLIENT :
4704 WPA_FREQ_USED_BY_INFRA_STATION;
4708 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
4714 * Find the operating frequencies of any of the virtual interfaces that
4715 * are using the same radio as the current interface.
4717 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4718 int *freq_array, unsigned int len)
4720 struct wpa_used_freq_data *freqs_data;
4723 os_memset(freq_array, 0, sizeof(int) * len);
4725 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
4729 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
4730 for (i = 0; i < num; i++)
4731 freq_array[i] = freqs_data[i].freq;
4733 os_free(freqs_data);