3 * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_server/eap_methods.h"
25 #include "rsn_supp/wpa.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
31 #include "ctrl_iface.h"
32 #include "pcsc_funcs.h"
33 #include "common/version.h"
34 #include "rsn_supp/preauth.h"
35 #include "rsn_supp/pmksa_cache.h"
36 #include "common/wpa_ctrl.h"
38 #include "common/ieee802_11_defs.h"
40 #include "blacklist.h"
41 #include "wpas_glue.h"
42 #include "wps_supplicant.h"
46 #include "p2p_supplicant.h"
52 const char *wpa_supplicant_version =
53 "wpa_supplicant v" VERSION_STR "\n"
54 "Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> and contributors";
56 const char *wpa_supplicant_license =
57 "This program is free software. You can distribute it and/or modify it\n"
58 "under the terms of the GNU General Public License version 2.\n"
60 "Alternatively, this software may be distributed under the terms of the\n"
61 "BSD license. See README and COPYING for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
71 "This program is free software; you can redistribute it and/or modify\n"
72 "it under the terms of the GNU General Public License version 2 as\n"
73 "published by the Free Software Foundation.\n"
75 "This program is distributed in the hope that it will be useful,\n"
76 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
77 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
78 "GNU General Public License for more details.\n"
80 const char *wpa_supplicant_full_license2 =
81 "You should have received a copy of the GNU General Public License\n"
82 "along with this program; if not, write to the Free Software\n"
83 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
85 "Alternatively, this software may be distributed under the terms of the\n"
88 "Redistribution and use in source and binary forms, with or without\n"
89 "modification, are permitted provided that the following conditions are\n"
92 const char *wpa_supplicant_full_license3 =
93 "1. Redistributions of source code must retain the above copyright\n"
94 " notice, this list of conditions and the following disclaimer.\n"
96 "2. Redistributions in binary form must reproduce the above copyright\n"
97 " notice, this list of conditions and the following disclaimer in the\n"
98 " documentation and/or other materials provided with the distribution.\n"
100 const char *wpa_supplicant_full_license4 =
101 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
102 " names of its contributors may be used to endorse or promote products\n"
103 " derived from this software without specific prior written permission.\n"
105 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
106 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
107 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
108 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
109 const char *wpa_supplicant_full_license5 =
110 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
111 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
112 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
113 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
114 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
115 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
116 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
118 #endif /* CONFIG_NO_STDOUT_DEBUG */
120 extern int wpa_debug_level;
121 extern int wpa_debug_show_keys;
122 extern int wpa_debug_timestamp;
123 extern struct wpa_driver_ops *wpa_drivers[];
125 /* Configure default/group WEP keys for static WEP */
126 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
130 for (i = 0; i < NUM_WEP_KEYS; i++) {
131 if (ssid->wep_key_len[i] == 0)
135 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
136 i, i == ssid->wep_tx_keyidx, NULL, 0,
137 ssid->wep_key[i], ssid->wep_key_len[i]);
144 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
145 struct wpa_ssid *ssid)
152 /* IBSS/WPA-None uses only one key (Group) for both receiving and
153 * sending unicast and multicast packets. */
155 if (ssid->mode != WPAS_MODE_IBSS) {
156 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
157 "IBSS/ad-hoc) for WPA-None", ssid->mode);
161 if (!ssid->psk_set) {
162 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
167 switch (wpa_s->group_cipher) {
168 case WPA_CIPHER_CCMP:
169 os_memcpy(key, ssid->psk, 16);
173 case WPA_CIPHER_TKIP:
174 /* WPA-None uses the same Michael MIC key for both TX and RX */
175 os_memcpy(key, ssid->psk, 16 + 8);
176 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
181 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
182 "WPA-None", wpa_s->group_cipher);
186 /* TODO: should actually remember the previously used seq#, both for TX
187 * and RX from each STA.. */
189 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
193 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
195 struct wpa_supplicant *wpa_s = eloop_ctx;
196 const u8 *bssid = wpa_s->bssid;
197 if (is_zero_ether_addr(bssid))
198 bssid = wpa_s->pending_bssid;
199 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
201 wpa_blacklist_add(wpa_s, bssid);
202 wpa_sm_notify_disassoc(wpa_s->wpa);
203 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
204 wpa_s->reassociate = 1;
207 * If we timed out, the AP or the local radio may be busy.
208 * So, wait a second until scanning again.
210 wpa_supplicant_req_scan(wpa_s, 1, 0);
215 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
216 * @wpa_s: Pointer to wpa_supplicant data
217 * @sec: Number of seconds after which to time out authentication
218 * @usec: Number of microseconds after which to time out authentication
220 * This function is used to schedule a timeout for the current authentication
223 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
226 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
227 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
230 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
231 "%d usec", sec, usec);
232 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
233 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
238 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
239 * @wpa_s: Pointer to wpa_supplicant data
241 * This function is used to cancel authentication timeout scheduled with
242 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
245 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
247 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
248 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
249 wpa_blacklist_del(wpa_s, wpa_s->bssid);
254 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
255 * @wpa_s: Pointer to wpa_supplicant data
257 * This function is used to configure EAPOL state machine based on the selected
258 * authentication mode.
260 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
262 #ifdef IEEE8021X_EAPOL
263 struct eapol_config eapol_conf;
264 struct wpa_ssid *ssid = wpa_s->current_ssid;
266 #ifdef CONFIG_IBSS_RSN
267 if (ssid->mode == WPAS_MODE_IBSS &&
268 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
271 * RSN IBSS authentication is per-STA and we can disable the
272 * per-BSSID EAPOL authentication.
274 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
279 #endif /* CONFIG_IBSS_RSN */
281 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
282 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
285 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
286 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
288 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
290 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
291 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
292 eapol_conf.accept_802_1x_keys = 1;
293 eapol_conf.required_keys = 0;
294 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
295 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
297 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
298 eapol_conf.required_keys |=
299 EAPOL_REQUIRE_KEY_BROADCAST;
302 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
303 eapol_conf.required_keys = 0;
306 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
307 eapol_conf.workaround = ssid->eap_workaround;
308 eapol_conf.eap_disabled =
309 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
310 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
311 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
312 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
313 #endif /* IEEE8021X_EAPOL */
318 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
319 * @wpa_s: Pointer to wpa_supplicant data
320 * @ssid: Configuration data for the network
322 * This function is used to configure WPA state machine and related parameters
323 * to a mode where WPA is not enabled. This is called as part of the
324 * authentication configuration when the selected network does not use WPA.
326 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
327 struct wpa_ssid *ssid)
331 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
332 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
333 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
334 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
336 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
337 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
338 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
339 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
340 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
341 wpa_s->group_cipher = WPA_CIPHER_NONE;
342 wpa_s->mgmt_group_cipher = 0;
344 for (i = 0; i < NUM_WEP_KEYS; i++) {
345 if (ssid->wep_key_len[i] > 5) {
346 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
347 wpa_s->group_cipher = WPA_CIPHER_WEP104;
349 } else if (ssid->wep_key_len[i] > 0) {
350 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
351 wpa_s->group_cipher = WPA_CIPHER_WEP40;
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
357 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
358 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
359 wpa_s->pairwise_cipher);
360 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
361 #ifdef CONFIG_IEEE80211W
362 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
363 wpa_s->mgmt_group_cipher);
364 #endif /* CONFIG_IEEE80211W */
366 pmksa_cache_clear_current(wpa_s->wpa);
370 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
372 bgscan_deinit(wpa_s);
373 scard_deinit(wpa_s->scard);
375 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
376 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
377 l2_packet_deinit(wpa_s->l2);
380 l2_packet_deinit(wpa_s->l2_br);
384 if (wpa_s->ctrl_iface) {
385 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
386 wpa_s->ctrl_iface = NULL;
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
392 wpa_config_free(wpa_s->conf);
396 os_free(wpa_s->confname);
397 wpa_s->confname = NULL;
399 wpa_sm_set_eapol(wpa_s->wpa, NULL);
400 eapol_sm_deinit(wpa_s->eapol);
403 rsn_preauth_deinit(wpa_s->wpa);
406 wpa_tdls_deinit(wpa_s->wpa);
407 #endif /* CONFIG_TDLS */
409 pmksa_candidate_free(wpa_s->wpa);
410 wpa_sm_deinit(wpa_s->wpa);
412 wpa_blacklist_clear(wpa_s);
414 wpa_bss_deinit(wpa_s);
416 wpa_supplicant_cancel_scan(wpa_s);
417 wpa_supplicant_cancel_auth_timeout(wpa_s);
419 ieee80211_sta_deinit(wpa_s);
421 wpas_wps_deinit(wpa_s);
423 wpabuf_free(wpa_s->pending_eapol_rx);
424 wpa_s->pending_eapol_rx = NULL;
426 #ifdef CONFIG_IBSS_RSN
427 ibss_rsn_deinit(wpa_s->ibss_rsn);
428 wpa_s->ibss_rsn = NULL;
429 #endif /* CONFIG_IBSS_RSN */
434 wpa_supplicant_ap_deinit(wpa_s);
435 #endif /* CONFIG_AP */
438 wpas_p2p_deinit(wpa_s);
439 #endif /* CONFIG_P2P */
441 os_free(wpa_s->next_scan_freqs);
442 wpa_s->next_scan_freqs = NULL;
447 * wpa_clear_keys - Clear keys configured for the driver
448 * @wpa_s: Pointer to wpa_supplicant data
449 * @addr: Previously used BSSID or %NULL if not available
451 * This function clears the encryption keys that has been previously configured
454 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
456 if (wpa_s->keys_cleared) {
457 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
458 * timing issues with keys being cleared just before new keys
459 * are set or just after association or something similar. This
460 * shows up in group key handshake failing often because of the
461 * client not receiving the first encrypted packets correctly.
462 * Skipping some of the extra key clearing steps seems to help
463 * in completing group key handshake more reliably. */
464 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
465 "skip key clearing");
469 /* MLME-DELETEKEYS.request */
470 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
471 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
472 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
473 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
474 #ifdef CONFIG_IEEE80211W
475 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
476 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
477 #endif /* CONFIG_IEEE80211W */
479 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
481 /* MLME-SETPROTECTION.request(None) */
482 wpa_drv_mlme_setprotection(
484 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
485 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
487 wpa_s->keys_cleared = 1;
492 * wpa_supplicant_state_txt - Get the connection state name as a text string
493 * @state: State (wpa_state; WPA_*)
494 * Returns: The state name as a printable text string
496 const char * wpa_supplicant_state_txt(enum wpa_states state)
499 case WPA_DISCONNECTED:
500 return "DISCONNECTED";
503 case WPA_INTERFACE_DISABLED:
504 return "INTERFACE_DISABLED";
507 case WPA_AUTHENTICATING:
508 return "AUTHENTICATING";
509 case WPA_ASSOCIATING:
510 return "ASSOCIATING";
513 case WPA_4WAY_HANDSHAKE:
514 return "4WAY_HANDSHAKE";
515 case WPA_GROUP_HANDSHAKE:
516 return "GROUP_HANDSHAKE";
527 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
529 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
532 bgscan_deinit(wpa_s);
533 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
534 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
535 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
538 * Live without bgscan; it is only used as a roaming
539 * optimization, so the initial connection is not
543 wpa_s->bgscan_ssid = wpa_s->current_ssid;
545 wpa_s->bgscan_ssid = NULL;
549 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
551 if (wpa_s->bgscan_ssid != NULL) {
552 bgscan_deinit(wpa_s);
553 wpa_s->bgscan_ssid = NULL;
557 #endif /* CONFIG_BGSCAN */
561 * wpa_supplicant_set_state - Set current connection state
562 * @wpa_s: Pointer to wpa_supplicant data
563 * @state: The new connection state
565 * This function is called whenever the connection state changes, e.g.,
566 * association is completed for WPA/WPA2 4-Way Handshake is started.
568 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
569 enum wpa_states state)
571 enum wpa_states old_state = wpa_s->wpa_state;
573 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
574 wpa_supplicant_state_txt(wpa_s->wpa_state),
575 wpa_supplicant_state_txt(state));
577 if (state != WPA_SCANNING)
578 wpa_supplicant_notify_scanning(wpa_s, 0);
580 if (state == WPA_COMPLETED && wpa_s->new_connection) {
581 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
582 struct wpa_ssid *ssid = wpa_s->current_ssid;
583 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
584 MACSTR " completed %s [id=%d id_str=%s]",
585 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
586 "(reauth)" : "(auth)",
587 ssid ? ssid->id : -1,
588 ssid && ssid->id_str ? ssid->id_str : "");
589 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
590 wpa_s->new_connection = 0;
591 wpa_s->reassociated_connection = 1;
592 wpa_drv_set_operstate(wpa_s, 1);
593 #ifndef IEEE8021X_EAPOL
594 wpa_drv_set_supp_port(wpa_s, 1);
595 #endif /* IEEE8021X_EAPOL */
596 wpa_s->after_wps = 0;
598 wpas_p2p_completed(wpa_s);
599 #endif /* CONFIG_P2P */
600 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
601 state == WPA_ASSOCIATED) {
602 wpa_s->new_connection = 1;
603 wpa_drv_set_operstate(wpa_s, 0);
604 #ifndef IEEE8021X_EAPOL
605 wpa_drv_set_supp_port(wpa_s, 0);
606 #endif /* IEEE8021X_EAPOL */
608 wpa_s->wpa_state = state;
611 if (state == WPA_COMPLETED)
612 wpa_supplicant_start_bgscan(wpa_s);
614 wpa_supplicant_stop_bgscan(wpa_s);
615 #endif /* CONFIG_BGSCAN */
617 if (wpa_s->wpa_state != old_state) {
618 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
620 if (wpa_s->wpa_state == WPA_COMPLETED ||
621 old_state == WPA_COMPLETED)
622 wpas_notify_auth_changed(wpa_s);
627 void wpa_supplicant_terminate_proc(struct wpa_global *global)
631 struct wpa_supplicant *wpa_s = global->ifaces;
633 if (wpas_wps_terminate_pending(wpa_s) == 1)
637 #endif /* CONFIG_WPS */
644 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
646 struct wpa_global *global = signal_ctx;
647 struct wpa_supplicant *wpa_s;
648 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
649 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
652 wpa_supplicant_terminate_proc(global);
656 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
658 enum wpa_states old_state = wpa_s->wpa_state;
660 wpa_s->pairwise_cipher = 0;
661 wpa_s->group_cipher = 0;
662 wpa_s->mgmt_group_cipher = 0;
664 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
665 wpa_s->wpa_state = WPA_DISCONNECTED;
667 if (wpa_s->wpa_state != old_state)
668 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
673 * wpa_supplicant_reload_configuration - Reload configuration data
674 * @wpa_s: Pointer to wpa_supplicant data
675 * Returns: 0 on success or -1 if configuration parsing failed
677 * This function can be used to request that the configuration data is reloaded
678 * (e.g., after configuration file change). This function is reloading
679 * configuration only for one interface, so this may need to be called multiple
680 * times if %wpa_supplicant is controlling multiple interfaces and all
681 * interfaces need reconfiguration.
683 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
685 struct wpa_config *conf;
686 struct wpa_ssid *old_ssid;
690 if (wpa_s->confname == NULL)
692 conf = wpa_config_read(wpa_s->confname);
694 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
695 "file '%s' - exiting", wpa_s->confname);
698 conf->changed_parameters = (unsigned int) -1;
700 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
701 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
702 os_strcmp(conf->ctrl_interface,
703 wpa_s->conf->ctrl_interface) != 0);
705 if (reconf_ctrl && wpa_s->ctrl_iface) {
706 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
707 wpa_s->ctrl_iface = NULL;
710 eapol_sm_invalidate_cached_session(wpa_s->eapol);
711 old_ssid = wpa_s->current_ssid;
712 wpa_s->current_ssid = NULL;
713 if (old_ssid != wpa_s->current_ssid)
714 wpas_notify_network_changed(wpa_s);
717 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
718 * pkcs11_engine_path, pkcs11_module_path.
720 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
722 * Clear forced success to clear EAP state for next
725 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
727 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
728 wpa_sm_set_config(wpa_s->wpa, NULL);
729 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
730 rsn_preauth_deinit(wpa_s->wpa);
732 old_ap_scan = wpa_s->conf->ap_scan;
733 wpa_config_free(wpa_s->conf);
735 if (old_ap_scan != wpa_s->conf->ap_scan)
736 wpas_notify_ap_scan_changed(wpa_s);
739 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
741 wpa_supplicant_update_config(wpa_s);
743 wpa_supplicant_clear_status(wpa_s);
744 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
745 wpa_s->reassociate = 1;
746 wpa_supplicant_req_scan(wpa_s, 0, 0);
748 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
753 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
755 struct wpa_global *global = signal_ctx;
756 struct wpa_supplicant *wpa_s;
757 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
758 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
760 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
761 wpa_supplicant_terminate_proc(global);
767 enum wpa_cipher cipher_suite2driver(int cipher)
770 case WPA_CIPHER_NONE:
772 case WPA_CIPHER_WEP40:
774 case WPA_CIPHER_WEP104:
775 return CIPHER_WEP104;
776 case WPA_CIPHER_CCMP:
778 case WPA_CIPHER_TKIP:
785 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
788 case WPA_KEY_MGMT_NONE:
789 return KEY_MGMT_NONE;
790 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
791 return KEY_MGMT_802_1X_NO_WPA;
792 case WPA_KEY_MGMT_IEEE8021X:
793 return KEY_MGMT_802_1X;
794 case WPA_KEY_MGMT_WPA_NONE:
795 return KEY_MGMT_WPA_NONE;
796 case WPA_KEY_MGMT_FT_IEEE8021X:
797 return KEY_MGMT_FT_802_1X;
798 case WPA_KEY_MGMT_FT_PSK:
799 return KEY_MGMT_FT_PSK;
800 case WPA_KEY_MGMT_IEEE8021X_SHA256:
801 return KEY_MGMT_802_1X_SHA256;
802 case WPA_KEY_MGMT_PSK_SHA256:
803 return KEY_MGMT_PSK_SHA256;
804 case WPA_KEY_MGMT_WPS:
806 case WPA_KEY_MGMT_PSK:
813 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
814 struct wpa_ssid *ssid,
815 struct wpa_ie_data *ie)
817 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
820 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
821 "from association info");
826 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
828 if (!(ie->group_cipher & ssid->group_cipher)) {
829 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
830 "cipher 0x%x (mask 0x%x) - reject",
831 ie->group_cipher, ssid->group_cipher);
834 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
835 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
836 "cipher 0x%x (mask 0x%x) - reject",
837 ie->pairwise_cipher, ssid->pairwise_cipher);
840 if (!(ie->key_mgmt & ssid->key_mgmt)) {
841 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
842 "management 0x%x (mask 0x%x) - reject",
843 ie->key_mgmt, ssid->key_mgmt);
847 #ifdef CONFIG_IEEE80211W
848 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
849 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
850 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
851 "that does not support management frame protection - "
855 #endif /* CONFIG_IEEE80211W */
862 * wpa_supplicant_set_suites - Set authentication and encryption parameters
863 * @wpa_s: Pointer to wpa_supplicant data
864 * @bss: Scan results for the selected BSS, or %NULL if not available
865 * @ssid: Configuration data for the selected network
866 * @wpa_ie: Buffer for the WPA/RSN IE
867 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
868 * used buffer length in case the functions returns success.
869 * Returns: 0 on success or -1 on failure
871 * This function is used to configure authentication and encryption parameters
872 * based on the network configuration and scan result for the selected BSS (if
875 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
876 struct wpa_bss *bss, struct wpa_ssid *ssid,
877 u8 *wpa_ie, size_t *wpa_ie_len)
879 struct wpa_ie_data ie;
881 const u8 *bss_wpa, *bss_rsn;
884 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
885 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
887 bss_wpa = bss_rsn = NULL;
889 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
890 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
891 (ie.group_cipher & ssid->group_cipher) &&
892 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
893 (ie.key_mgmt & ssid->key_mgmt)) {
894 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
895 proto = WPA_PROTO_RSN;
896 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
897 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
898 (ie.group_cipher & ssid->group_cipher) &&
899 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
900 (ie.key_mgmt & ssid->key_mgmt)) {
901 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
902 proto = WPA_PROTO_WPA;
904 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
907 if (ssid->proto & WPA_PROTO_RSN)
908 proto = WPA_PROTO_RSN;
910 proto = WPA_PROTO_WPA;
911 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
912 os_memset(&ie, 0, sizeof(ie));
913 ie.group_cipher = ssid->group_cipher;
914 ie.pairwise_cipher = ssid->pairwise_cipher;
915 ie.key_mgmt = ssid->key_mgmt;
916 #ifdef CONFIG_IEEE80211W
917 ie.mgmt_group_cipher =
918 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
919 WPA_CIPHER_AES_128_CMAC : 0;
920 #endif /* CONFIG_IEEE80211W */
921 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
922 "based on configuration");
927 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
928 "pairwise %d key_mgmt %d proto %d",
929 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
930 #ifdef CONFIG_IEEE80211W
931 if (ssid->ieee80211w) {
932 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
933 ie.mgmt_group_cipher);
935 #endif /* CONFIG_IEEE80211W */
937 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
938 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
939 !!(ssid->proto & WPA_PROTO_RSN));
941 if (bss || !wpa_s->ap_ies_from_associnfo) {
942 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
943 bss_wpa ? 2 + bss_wpa[1] : 0) ||
944 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
945 bss_rsn ? 2 + bss_rsn[1] : 0))
949 sel = ie.group_cipher & ssid->group_cipher;
950 if (sel & WPA_CIPHER_CCMP) {
951 wpa_s->group_cipher = WPA_CIPHER_CCMP;
952 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
953 } else if (sel & WPA_CIPHER_TKIP) {
954 wpa_s->group_cipher = WPA_CIPHER_TKIP;
955 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
956 } else if (sel & WPA_CIPHER_WEP104) {
957 wpa_s->group_cipher = WPA_CIPHER_WEP104;
958 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
959 } else if (sel & WPA_CIPHER_WEP40) {
960 wpa_s->group_cipher = WPA_CIPHER_WEP40;
961 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
963 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
968 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
969 if (sel & WPA_CIPHER_CCMP) {
970 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
971 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
972 } else if (sel & WPA_CIPHER_TKIP) {
973 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
974 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
975 } else if (sel & WPA_CIPHER_NONE) {
976 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
977 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
979 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
984 sel = ie.key_mgmt & ssid->key_mgmt;
986 #ifdef CONFIG_IEEE80211R
987 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
988 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
989 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
990 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
991 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
992 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
993 #endif /* CONFIG_IEEE80211R */
994 #ifdef CONFIG_IEEE80211W
995 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
996 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
997 wpa_dbg(wpa_s, MSG_DEBUG,
998 "WPA: using KEY_MGMT 802.1X with SHA256");
999 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1000 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1001 wpa_dbg(wpa_s, MSG_DEBUG,
1002 "WPA: using KEY_MGMT PSK with SHA256");
1003 #endif /* CONFIG_IEEE80211W */
1004 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1005 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1006 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1007 } else if (sel & WPA_KEY_MGMT_PSK) {
1008 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1009 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1010 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1011 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1014 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1015 "authenticated key management type");
1019 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1020 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1021 wpa_s->pairwise_cipher);
1022 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1024 #ifdef CONFIG_IEEE80211W
1025 sel = ie.mgmt_group_cipher;
1026 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
1027 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1029 if (sel & WPA_CIPHER_AES_128_CMAC) {
1030 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1031 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1034 wpa_s->mgmt_group_cipher = 0;
1035 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1037 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1038 wpa_s->mgmt_group_cipher);
1039 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
1040 #endif /* CONFIG_IEEE80211W */
1042 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1043 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1047 if (ssid->key_mgmt &
1048 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
1049 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1051 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1058 * wpa_supplicant_associate - Request association
1059 * @wpa_s: Pointer to wpa_supplicant data
1060 * @bss: Scan results for the selected BSS, or %NULL if not available
1061 * @ssid: Configuration data for the selected network
1063 * This function is used to request %wpa_supplicant to associate with a BSS.
1065 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1066 struct wpa_bss *bss, struct wpa_ssid *ssid)
1070 int use_crypt, ret, i, bssid_changed;
1071 int algs = WPA_AUTH_ALG_OPEN;
1072 enum wpa_cipher cipher_pairwise, cipher_group;
1073 struct wpa_driver_associate_params params;
1074 int wep_keys_set = 0;
1075 struct wpa_driver_capa capa;
1076 int assoc_failed = 0;
1077 struct wpa_ssid *old_ssid;
1079 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1080 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1082 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1083 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1087 wpa_supplicant_create_ap(wpa_s, ssid);
1088 wpa_s->current_bss = bss;
1089 #else /* CONFIG_AP */
1090 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1092 #endif /* CONFIG_AP */
1097 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1), bss->ie_len);
1098 #endif /* CONFIG_TDLS */
1100 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1101 ssid->mode == IEEE80211_MODE_INFRA) {
1102 sme_authenticate(wpa_s, bss, ssid);
1106 os_memset(¶ms, 0, sizeof(params));
1107 wpa_s->reassociate = 0;
1109 #ifdef CONFIG_IEEE80211R
1110 const u8 *ie, *md = NULL;
1111 #endif /* CONFIG_IEEE80211R */
1112 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1113 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1114 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1115 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1116 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1117 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1119 wpas_notify_bssid_changed(wpa_s);
1120 #ifdef CONFIG_IEEE80211R
1121 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1122 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1124 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1126 /* Prepare for the next transition */
1127 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1129 #endif /* CONFIG_IEEE80211R */
1131 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1132 wpa_s->conf->ap_scan == 2 &&
1133 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1134 /* Use ap_scan==1 style network selection to find the network
1136 wpa_s->scan_req = 2;
1137 wpa_s->reassociate = 1;
1138 wpa_supplicant_req_scan(wpa_s, 0, 0);
1140 #endif /* CONFIG_WPS */
1142 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1143 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1144 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1146 wpa_supplicant_cancel_scan(wpa_s);
1148 /* Starting new association, so clear the possibly used WPA IE from the
1149 * previous association. */
1150 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1152 #ifdef IEEE8021X_EAPOL
1153 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1155 if (ssid->non_leap == 0)
1156 algs = WPA_AUTH_ALG_LEAP;
1158 algs |= WPA_AUTH_ALG_LEAP;
1161 #endif /* IEEE8021X_EAPOL */
1162 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1163 if (ssid->auth_alg) {
1164 algs = ssid->auth_alg;
1165 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1169 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1170 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1171 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1172 WPA_KEY_MGMT_FT_IEEE8021X |
1173 WPA_KEY_MGMT_FT_PSK |
1174 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1175 WPA_KEY_MGMT_PSK_SHA256))) {
1176 int try_opportunistic;
1177 try_opportunistic = ssid->proactive_key_caching &&
1178 (ssid->proto & WPA_PROTO_RSN);
1179 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1180 wpa_s->current_ssid,
1181 try_opportunistic) == 0)
1182 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1183 wpa_ie_len = sizeof(wpa_ie);
1184 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1185 wpa_ie, &wpa_ie_len)) {
1186 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1187 "key management and encryption suites");
1190 } else if (ssid->key_mgmt &
1191 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1192 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
1193 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1194 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
1195 wpa_ie_len = sizeof(wpa_ie);
1196 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1197 wpa_ie, &wpa_ie_len)) {
1198 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1199 "key management and encryption suites (no "
1204 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1205 struct wpabuf *wps_ie;
1206 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1207 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1208 wpa_ie_len = wpabuf_len(wps_ie);
1209 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1212 wpabuf_free(wps_ie);
1213 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1214 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1215 params.wps = WPS_MODE_PRIVACY;
1217 params.wps = WPS_MODE_OPEN;
1218 #endif /* CONFIG_WPS */
1220 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1225 if (wpa_s->global->p2p) {
1230 p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE;
1231 pos = wpa_ie + wpa_ie_len;
1232 len = sizeof(wpa_ie) - wpa_ie_len;
1233 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group);
1238 wpa_s->cross_connect_disallowed = 0;
1241 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1243 wpa_s->cross_connect_disallowed =
1244 p2p_get_cross_connect_disallowed(p2p);
1246 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1248 wpa_s->cross_connect_disallowed ?
1249 "disallows" : "allows");
1252 #endif /* CONFIG_P2P */
1254 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1256 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1257 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1258 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1259 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1260 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1262 if (wpa_set_wep_keys(wpa_s, ssid)) {
1267 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1270 #ifdef IEEE8021X_EAPOL
1271 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1272 if ((ssid->eapol_flags &
1273 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1274 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1278 /* Assume that dynamic WEP-104 keys will be used and
1279 * set cipher suites in order for drivers to expect
1281 cipher_pairwise = cipher_group = CIPHER_WEP104;
1284 #endif /* IEEE8021X_EAPOL */
1286 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1287 /* Set the key before (and later after) association */
1288 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1291 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1293 params.bssid = bss->bssid;
1294 params.ssid = bss->ssid;
1295 params.ssid_len = bss->ssid_len;
1296 params.freq = bss->freq;
1298 params.ssid = ssid->ssid;
1299 params.ssid_len = ssid->ssid_len;
1301 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1303 params.freq = ssid->frequency; /* Initial channel for IBSS */
1304 params.wpa_ie = wpa_ie;
1305 params.wpa_ie_len = wpa_ie_len;
1306 params.pairwise_suite = cipher_pairwise;
1307 params.group_suite = cipher_group;
1308 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1309 params.auth_alg = algs;
1310 params.mode = ssid->mode;
1311 for (i = 0; i < NUM_WEP_KEYS; i++) {
1312 if (ssid->wep_key_len[i])
1313 params.wep_key[i] = ssid->wep_key[i];
1314 params.wep_key_len[i] = ssid->wep_key_len[i];
1316 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1318 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1319 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1320 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1321 params.passphrase = ssid->passphrase;
1323 params.psk = ssid->psk;
1326 params.drop_unencrypted = use_crypt;
1328 #ifdef CONFIG_IEEE80211W
1329 params.mgmt_frame_protection = ssid->ieee80211w;
1330 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1331 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1332 struct wpa_ie_data ie;
1333 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1335 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1336 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1337 "MFP: require MFP");
1338 params.mgmt_frame_protection =
1339 MGMT_FRAME_PROTECTION_REQUIRED;
1342 #endif /* CONFIG_IEEE80211W */
1345 if (wpa_s->global->p2p &&
1346 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE))
1348 #endif /* CONFIG_P2P */
1350 if (wpa_s->parent->set_sta_uapsd)
1351 params.uapsd = wpa_s->parent->sta_uapsd;
1355 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1356 ret = ieee80211_sta_associate(wpa_s, ¶ms);
1358 ret = wpa_drv_associate(wpa_s, ¶ms);
1360 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1362 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1364 * The driver is known to mean what is saying, so we
1365 * can stop right here; the association will not
1368 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1369 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1372 /* try to continue anyway; new association will be tried again
1377 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1378 /* Set the key after the association just in case association
1379 * cleared the previously configured key. */
1380 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1381 /* No need to timeout authentication since there is no key
1383 wpa_supplicant_cancel_auth_timeout(wpa_s);
1384 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1385 #ifdef CONFIG_IBSS_RSN
1386 } else if (ssid->mode == WPAS_MODE_IBSS &&
1387 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1388 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1389 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
1391 * RSN IBSS authentication is per-STA and we can disable the
1392 * per-BSSID authentication.
1394 wpa_supplicant_cancel_auth_timeout(wpa_s);
1395 #endif /* CONFIG_IBSS_RSN */
1397 /* Timeout for IEEE 802.11 authentication and association */
1401 /* give IBSS a bit more time */
1402 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1403 } else if (wpa_s->conf->ap_scan == 1) {
1404 /* give IBSS a bit more time */
1405 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1407 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1410 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1411 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1412 /* Set static WEP keys again */
1413 wpa_set_wep_keys(wpa_s, ssid);
1416 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1418 * Do not allow EAP session resumption between different
1419 * network configurations.
1421 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1423 old_ssid = wpa_s->current_ssid;
1424 wpa_s->current_ssid = ssid;
1425 wpa_s->current_bss = bss;
1426 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1427 wpa_supplicant_initiate_eapol(wpa_s);
1428 if (old_ssid != wpa_s->current_ssid)
1429 wpas_notify_network_changed(wpa_s);
1433 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1436 struct wpa_ssid *old_ssid;
1438 wpa_clear_keys(wpa_s, addr);
1439 wpa_supplicant_mark_disassoc(wpa_s);
1440 old_ssid = wpa_s->current_ssid;
1441 wpa_s->current_ssid = NULL;
1442 wpa_s->current_bss = NULL;
1443 wpa_sm_set_config(wpa_s->wpa, NULL);
1444 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1445 if (old_ssid != wpa_s->current_ssid)
1446 wpas_notify_network_changed(wpa_s);
1447 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1452 * wpa_supplicant_disassociate - Disassociate the current connection
1453 * @wpa_s: Pointer to wpa_supplicant data
1454 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1456 * This function is used to request %wpa_supplicant to disassociate with the
1459 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1464 if (!is_zero_ether_addr(wpa_s->bssid)) {
1465 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1466 ieee80211_sta_disassociate(wpa_s, reason_code);
1468 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1469 addr = wpa_s->bssid;
1472 wpa_supplicant_clear_connection(wpa_s, addr);
1477 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1478 * @wpa_s: Pointer to wpa_supplicant data
1479 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1481 * This function is used to request %wpa_supplicant to deauthenticate from the
1484 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1489 if (!is_zero_ether_addr(wpa_s->bssid)) {
1490 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1491 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1493 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1495 addr = wpa_s->bssid;
1498 wpa_supplicant_clear_connection(wpa_s, addr);
1503 * wpa_supplicant_enable_network - Mark a configured network as enabled
1504 * @wpa_s: wpa_supplicant structure for a network interface
1505 * @ssid: wpa_ssid structure for a configured network or %NULL
1507 * Enables the specified network or all networks if no network specified.
1509 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1510 struct wpa_ssid *ssid)
1512 struct wpa_ssid *other_ssid;
1516 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1517 other_ssid = other_ssid->next) {
1518 if (other_ssid->disabled == 2)
1519 continue; /* do not change persistent P2P group
1521 if (other_ssid == wpa_s->current_ssid &&
1522 other_ssid->disabled)
1523 wpa_s->reassociate = 1;
1525 was_disabled = other_ssid->disabled;
1527 other_ssid->disabled = 0;
1529 if (was_disabled != other_ssid->disabled)
1530 wpas_notify_network_enabled_changed(
1533 if (wpa_s->reassociate)
1534 wpa_supplicant_req_scan(wpa_s, 0, 0);
1535 } else if (ssid->disabled && ssid->disabled != 2) {
1536 if (wpa_s->current_ssid == NULL) {
1538 * Try to reassociate since there is no current
1539 * configuration and a new network was made available.
1541 wpa_s->reassociate = 1;
1542 wpa_supplicant_req_scan(wpa_s, 0, 0);
1545 was_disabled = ssid->disabled;
1549 if (was_disabled != ssid->disabled)
1550 wpas_notify_network_enabled_changed(wpa_s, ssid);
1556 * wpa_supplicant_disable_network - Mark a configured network as disabled
1557 * @wpa_s: wpa_supplicant structure for a network interface
1558 * @ssid: wpa_ssid structure for a configured network or %NULL
1560 * Disables the specified network or all networks if no network specified.
1562 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1563 struct wpa_ssid *ssid)
1565 struct wpa_ssid *other_ssid;
1569 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1570 other_ssid = other_ssid->next) {
1571 was_disabled = other_ssid->disabled;
1572 if (was_disabled == 2)
1573 continue; /* do not change persistent P2P group
1576 other_ssid->disabled = 1;
1578 if (was_disabled != other_ssid->disabled)
1579 wpas_notify_network_enabled_changed(
1582 if (wpa_s->current_ssid)
1583 wpa_supplicant_disassociate(
1584 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1585 } else if (ssid->disabled != 2) {
1586 if (ssid == wpa_s->current_ssid)
1587 wpa_supplicant_disassociate(
1588 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1590 was_disabled = ssid->disabled;
1594 if (was_disabled != ssid->disabled)
1595 wpas_notify_network_enabled_changed(wpa_s, ssid);
1601 * wpa_supplicant_select_network - Attempt association with a network
1602 * @wpa_s: wpa_supplicant structure for a network interface
1603 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1605 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1606 struct wpa_ssid *ssid)
1609 struct wpa_ssid *other_ssid;
1611 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid)
1612 wpa_supplicant_disassociate(
1613 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1616 * Mark all other networks disabled or mark all networks enabled if no
1617 * network specified.
1619 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1620 other_ssid = other_ssid->next) {
1621 int was_disabled = other_ssid->disabled;
1622 if (was_disabled == 2)
1623 continue; /* do not change persistent P2P group data */
1625 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1627 if (was_disabled != other_ssid->disabled)
1628 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1630 wpa_s->disconnected = 0;
1631 wpa_s->reassociate = 1;
1632 wpa_supplicant_req_scan(wpa_s, 0, 0);
1635 wpas_notify_network_selected(wpa_s, ssid);
1640 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1641 * @wpa_s: wpa_supplicant structure for a network interface
1642 * @ap_scan: AP scan mode
1643 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1646 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1651 if (ap_scan < 0 || ap_scan > 2)
1654 old_ap_scan = wpa_s->conf->ap_scan;
1655 wpa_s->conf->ap_scan = ap_scan;
1657 if (old_ap_scan != wpa_s->conf->ap_scan)
1658 wpas_notify_ap_scan_changed(wpa_s);
1665 * wpa_supplicant_set_debug_params - Set global debug params
1666 * @global: wpa_global structure
1667 * @debug_level: debug level
1668 * @debug_timestamp: determines if show timestamp in debug data
1669 * @debug_show_keys: determines if show keys in debug data
1670 * Returns: 0 if succeed or -1 if debug_level has wrong value
1672 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1673 int debug_timestamp, int debug_show_keys)
1676 int old_level, old_timestamp, old_show_keys;
1678 /* check for allowed debuglevels */
1679 if (debug_level != MSG_MSGDUMP &&
1680 debug_level != MSG_DEBUG &&
1681 debug_level != MSG_INFO &&
1682 debug_level != MSG_WARNING &&
1683 debug_level != MSG_ERROR)
1686 old_level = wpa_debug_level;
1687 old_timestamp = wpa_debug_timestamp;
1688 old_show_keys = wpa_debug_show_keys;
1690 wpa_debug_level = debug_level;
1691 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1692 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1694 if (wpa_debug_level != old_level)
1695 wpas_notify_debug_level_changed(global);
1696 if (wpa_debug_timestamp != old_timestamp)
1697 wpas_notify_debug_timestamp_changed(global);
1698 if (wpa_debug_show_keys != old_show_keys)
1699 wpas_notify_debug_show_keys_changed(global);
1706 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1707 * @wpa_s: Pointer to wpa_supplicant data
1708 * Returns: A pointer to the current network structure or %NULL on failure
1710 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1712 struct wpa_ssid *entry;
1713 u8 ssid[MAX_SSID_LEN];
1719 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1720 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1721 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
1726 res = wpa_drv_get_ssid(wpa_s, ssid);
1728 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
1735 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1736 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1737 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1738 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
1743 wired = wpa_s->conf->ap_scan == 0 &&
1744 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
1746 entry = wpa_s->conf->ssid;
1748 if (!entry->disabled &&
1749 ((ssid_len == entry->ssid_len &&
1750 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1751 (!entry->bssid_set ||
1752 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1755 if (!entry->disabled &&
1756 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1757 (entry->ssid == NULL || entry->ssid_len == 0) &&
1758 (!entry->bssid_set ||
1759 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1761 #endif /* CONFIG_WPS */
1762 entry = entry->next;
1769 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1774 const char *pos, *driver = name;
1779 if (wpa_drivers[0] == NULL) {
1780 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
1786 /* default to first driver in the list */
1787 wpa_s->driver = wpa_drivers[0];
1788 wpa_s->global_drv_priv = wpa_s->global->drv_priv[0];
1793 pos = os_strchr(driver, ',');
1797 len = os_strlen(driver);
1799 for (i = 0; wpa_drivers[i]; i++) {
1800 if (os_strlen(wpa_drivers[i]->name) == len &&
1801 os_strncmp(driver, wpa_drivers[i]->name, len) ==
1803 wpa_s->driver = wpa_drivers[i];
1804 wpa_s->global_drv_priv =
1805 wpa_s->global->drv_priv[i];
1813 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
1819 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1820 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1821 * with struct wpa_driver_ops::init()
1822 * @src_addr: Source address of the EAPOL frame
1823 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1824 * @len: Length of the EAPOL data
1826 * This function is called for each received EAPOL frame. Most driver
1827 * interfaces rely on more generic OS mechanism for receiving frames through
1828 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1829 * take care of received EAPOL frames and deliver them to the core supplicant
1830 * code by calling this function.
1832 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1833 const u8 *buf, size_t len)
1835 struct wpa_supplicant *wpa_s = ctx;
1837 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1838 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1840 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1842 * There is possible race condition between receiving the
1843 * association event and the EAPOL frame since they are coming
1844 * through different paths from the driver. In order to avoid
1845 * issues in trying to process the EAPOL frame before receiving
1846 * association information, lets queue it for processing until
1847 * the association event is received.
1849 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
1850 "of received EAPOL frame");
1851 wpabuf_free(wpa_s->pending_eapol_rx);
1852 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1853 if (wpa_s->pending_eapol_rx) {
1854 os_get_time(&wpa_s->pending_eapol_rx_time);
1855 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1862 if (wpa_s->ap_iface) {
1863 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1866 #endif /* CONFIG_AP */
1868 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1869 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
1870 "no key management is configured");
1874 if (wpa_s->eapol_received == 0 &&
1875 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
1876 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1877 wpa_s->wpa_state != WPA_COMPLETED) &&
1878 (wpa_s->current_ssid == NULL ||
1879 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
1880 /* Timeout for completing IEEE 802.1X and WPA authentication */
1881 wpa_supplicant_req_auth_timeout(
1883 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
1884 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1885 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
1888 wpa_s->eapol_received++;
1890 if (wpa_s->countermeasures) {
1891 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
1896 #ifdef CONFIG_IBSS_RSN
1897 if (wpa_s->current_ssid &&
1898 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
1899 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1902 #endif /* CONFIG_IBSS_RSN */
1904 /* Source address of the incoming EAPOL frame could be compared to the
1905 * current BSSID. However, it is possible that a centralized
1906 * Authenticator could be using another MAC address than the BSSID of
1907 * an AP, so just allow any address to be used for now. The replies are
1908 * still sent to the current BSSID (if available), though. */
1910 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
1911 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
1912 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1914 wpa_drv_poll(wpa_s);
1915 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1916 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
1917 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
1919 * Set portValid = TRUE here since we are going to skip 4-way
1920 * handshake processing which would normally set portValid. We
1921 * need this to allow the EAPOL state machines to be completed
1922 * without going through EAPOL-Key handshake.
1924 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1930 * wpa_supplicant_driver_init - Initialize driver interface parameters
1931 * @wpa_s: Pointer to wpa_supplicant data
1932 * Returns: 0 on success, -1 on failure
1934 * This function is called to initialize driver interface parameters.
1935 * wpa_drv_init() must have been called before this function to initialize the
1938 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1940 static int interface_count = 0;
1942 if (wpa_s->driver->send_eapol) {
1943 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1945 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1946 } else if (!(wpa_s->drv_flags &
1947 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
1948 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1949 wpa_drv_get_mac_addr(wpa_s),
1951 wpa_supplicant_rx_eapol, wpa_s, 0);
1952 if (wpa_s->l2 == NULL)
1955 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1957 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1960 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1961 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
1965 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
1966 MAC2STR(wpa_s->own_addr));
1968 if (wpa_s->bridge_ifname[0]) {
1969 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
1970 "interface '%s'", wpa_s->bridge_ifname);
1971 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1974 wpa_supplicant_rx_eapol, wpa_s,
1976 if (wpa_s->l2_br == NULL) {
1977 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
1978 "connection for the bridge interface '%s'",
1979 wpa_s->bridge_ifname);
1984 wpa_clear_keys(wpa_s, NULL);
1986 /* Make sure that TKIP countermeasures are not left enabled (could
1987 * happen if wpa_supplicant is killed during countermeasures. */
1988 wpa_drv_set_countermeasures(wpa_s, 0);
1990 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1991 wpa_drv_flush_pmkid(wpa_s);
1993 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
1994 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
1995 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1998 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2004 static int wpa_supplicant_daemon(const char *pid_file)
2006 wpa_printf(MSG_DEBUG, "Daemonize..");
2007 return os_daemonize(pid_file);
2011 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2013 struct wpa_supplicant *wpa_s;
2015 wpa_s = os_zalloc(sizeof(*wpa_s));
2018 wpa_s->scan_req = 1;
2019 wpa_s->new_connection = 1;
2020 wpa_s->parent = wpa_s;
2026 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2027 struct wpa_interface *iface)
2029 const char *ifname, *driver;
2030 struct wpa_driver_capa capa;
2032 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2033 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2034 iface->confname ? iface->confname : "N/A",
2035 iface->driver ? iface->driver : "default",
2036 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2037 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2039 if (iface->confname) {
2040 #ifdef CONFIG_BACKEND_FILE
2041 wpa_s->confname = os_rel2abs_path(iface->confname);
2042 if (wpa_s->confname == NULL) {
2043 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2044 "for configuration file '%s'.",
2048 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2049 iface->confname, wpa_s->confname);
2050 #else /* CONFIG_BACKEND_FILE */
2051 wpa_s->confname = os_strdup(iface->confname);
2052 #endif /* CONFIG_BACKEND_FILE */
2053 wpa_s->conf = wpa_config_read(wpa_s->confname);
2054 if (wpa_s->conf == NULL) {
2055 wpa_printf(MSG_ERROR, "Failed to read or parse "
2056 "configuration '%s'.", wpa_s->confname);
2061 * Override ctrl_interface and driver_param if set on command
2064 if (iface->ctrl_interface) {
2065 os_free(wpa_s->conf->ctrl_interface);
2066 wpa_s->conf->ctrl_interface =
2067 os_strdup(iface->ctrl_interface);
2070 if (iface->driver_param) {
2071 os_free(wpa_s->conf->driver_param);
2072 wpa_s->conf->driver_param =
2073 os_strdup(iface->driver_param);
2076 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2077 iface->driver_param);
2079 if (wpa_s->conf == NULL) {
2080 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2084 if (iface->ifname == NULL) {
2085 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2088 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2089 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2093 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2095 if (iface->bridge_ifname) {
2096 if (os_strlen(iface->bridge_ifname) >=
2097 sizeof(wpa_s->bridge_ifname)) {
2098 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2099 "name '%s'.", iface->bridge_ifname);
2102 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2103 sizeof(wpa_s->bridge_ifname));
2106 /* RSNA Supplicant Key Management - INITIALIZE */
2107 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2108 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2110 /* Initialize driver interface and register driver event handler before
2111 * L2 receive handler so that association events are processed before
2112 * EAPOL-Key packets if both become available for the same select()
2114 driver = iface->driver;
2116 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2119 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2120 if (wpa_s->drv_priv == NULL) {
2122 pos = driver ? os_strchr(driver, ',') : NULL;
2124 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2125 "driver interface - try next driver wrapper");
2129 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2133 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2134 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2135 "driver_param '%s'", wpa_s->conf->driver_param);
2139 ifname = wpa_drv_get_ifname(wpa_s);
2140 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2141 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2142 "interface name with '%s'", ifname);
2143 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2146 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2149 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2150 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2152 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2154 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2155 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2156 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2157 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2158 "dot11RSNAConfigPMKLifetime");
2162 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2163 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2164 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2165 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2166 "dot11RSNAConfigPMKReauthThreshold");
2170 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2171 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2172 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2173 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2174 "dot11RSNAConfigSATimeout");
2178 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2179 wpa_s->drv_flags = capa.flags;
2180 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
2181 if (ieee80211_sta_init(wpa_s))
2184 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2185 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2186 wpa_s->max_stations = capa.max_stations;
2188 if (wpa_s->max_remain_on_chan == 0)
2189 wpa_s->max_remain_on_chan = 1000;
2191 if (wpa_supplicant_driver_init(wpa_s) < 0)
2195 if (wpa_tdls_init(wpa_s->wpa))
2197 #endif /* CONFIG_TDLS */
2199 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2200 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2201 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2205 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2207 if (wpas_wps_init(wpa_s))
2210 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2212 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2214 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2215 if (wpa_s->ctrl_iface == NULL) {
2216 wpa_printf(MSG_ERROR,
2217 "Failed to initialize control interface '%s'.\n"
2218 "You may have another wpa_supplicant process "
2219 "already running or the file was\n"
2220 "left by an unclean termination of wpa_supplicant "
2221 "in which case you will need\n"
2222 "to manually remove this file before starting "
2223 "wpa_supplicant again.\n",
2224 wpa_s->conf->ctrl_interface);
2228 #ifdef CONFIG_IBSS_RSN
2229 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
2230 if (!wpa_s->ibss_rsn) {
2231 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to init IBSS RSN");
2234 #endif /* CONFIG_IBSS_RSN */
2237 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2238 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2241 #endif /* CONFIG_P2P */
2243 if (wpa_bss_init(wpa_s) < 0)
2250 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2253 if (wpa_s->drv_priv) {
2254 wpa_supplicant_deauthenticate(wpa_s,
2255 WLAN_REASON_DEAUTH_LEAVING);
2257 wpa_drv_set_countermeasures(wpa_s, 0);
2258 wpa_clear_keys(wpa_s, NULL);
2261 wpa_supplicant_cleanup(wpa_s);
2264 wpas_notify_iface_removed(wpa_s);
2266 if (wpa_s->drv_priv)
2267 wpa_drv_deinit(wpa_s);
2272 * wpa_supplicant_add_iface - Add a new network interface
2273 * @global: Pointer to global data from wpa_supplicant_init()
2274 * @iface: Interface configuration options
2275 * Returns: Pointer to the created interface or %NULL on failure
2277 * This function is used to add new network interfaces for %wpa_supplicant.
2278 * This can be called before wpa_supplicant_run() to add interfaces before the
2279 * main event loop has been started. In addition, new interfaces can be added
2280 * dynamically while %wpa_supplicant is already running. This could happen,
2281 * e.g., when a hotplug network adapter is inserted.
2283 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2284 struct wpa_interface *iface)
2286 struct wpa_supplicant *wpa_s;
2287 struct wpa_interface t_iface;
2288 struct wpa_ssid *ssid;
2290 if (global == NULL || iface == NULL)
2293 wpa_s = wpa_supplicant_alloc();
2297 wpa_s->global = global;
2300 if (global->params.override_driver) {
2301 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2303 iface->driver, global->params.override_driver);
2304 t_iface.driver = global->params.override_driver;
2306 if (global->params.override_ctrl_interface) {
2307 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2308 "ctrl_interface ('%s' -> '%s')",
2309 iface->ctrl_interface,
2310 global->params.override_ctrl_interface);
2311 t_iface.ctrl_interface =
2312 global->params.override_ctrl_interface;
2314 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2315 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2317 wpa_supplicant_deinit_iface(wpa_s, 0);
2322 /* Notify the control interfaces about new iface */
2323 if (wpas_notify_iface_added(wpa_s)) {
2324 wpa_supplicant_deinit_iface(wpa_s, 1);
2329 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2330 wpas_notify_network_added(wpa_s, ssid);
2332 wpa_s->next = global->ifaces;
2333 global->ifaces = wpa_s;
2335 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2342 * wpa_supplicant_remove_iface - Remove a network interface
2343 * @global: Pointer to global data from wpa_supplicant_init()
2344 * @wpa_s: Pointer to the network interface to be removed
2345 * Returns: 0 if interface was removed, -1 if interface was not found
2347 * This function can be used to dynamically remove network interfaces from
2348 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2349 * addition, this function is used to remove all remaining interfaces when
2350 * %wpa_supplicant is terminated.
2352 int wpa_supplicant_remove_iface(struct wpa_global *global,
2353 struct wpa_supplicant *wpa_s)
2355 struct wpa_supplicant *prev;
2357 /* Remove interface from the global list of interfaces */
2358 prev = global->ifaces;
2359 if (prev == wpa_s) {
2360 global->ifaces = wpa_s->next;
2362 while (prev && prev->next != wpa_s)
2366 prev->next = wpa_s->next;
2369 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2371 if (global->p2p_group_formation == wpa_s)
2372 global->p2p_group_formation = NULL;
2373 wpa_supplicant_deinit_iface(wpa_s, 1);
2381 * wpa_supplicant_get_eap_mode - Get the current EAP mode
2382 * @wpa_s: Pointer to the network interface
2383 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
2385 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
2387 const char *eapol_method;
2389 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
2390 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2394 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
2395 if (eapol_method == NULL)
2396 return "UNKNOWN-EAP";
2398 return eapol_method;
2403 * wpa_supplicant_get_iface - Get a new network interface
2404 * @global: Pointer to global data from wpa_supplicant_init()
2405 * @ifname: Interface name
2406 * Returns: Pointer to the interface or %NULL if not found
2408 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2411 struct wpa_supplicant *wpa_s;
2413 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2414 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2421 #ifndef CONFIG_NO_WPA_MSG
2422 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
2424 struct wpa_supplicant *wpa_s = ctx;
2427 return wpa_s->ifname;
2429 #endif /* CONFIG_NO_WPA_MSG */
2433 * wpa_supplicant_init - Initialize %wpa_supplicant
2434 * @params: Parameters for %wpa_supplicant
2435 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2437 * This function is used to initialize %wpa_supplicant. After successful
2438 * initialization, the returned data pointer can be used to add and remove
2439 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2441 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2443 struct wpa_global *global;
2449 #ifndef CONFIG_NO_WPA_MSG
2450 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
2451 #endif /* CONFIG_NO_WPA_MSG */
2453 wpa_debug_open_file(params->wpa_debug_file_path);
2454 if (params->wpa_debug_syslog)
2455 wpa_debug_open_syslog();
2457 ret = eap_register_methods();
2459 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2461 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2462 "the same EAP type.");
2466 global = os_zalloc(sizeof(*global));
2469 dl_list_init(&global->p2p_srv_bonjour);
2470 dl_list_init(&global->p2p_srv_upnp);
2471 global->params.daemonize = params->daemonize;
2472 global->params.wait_for_monitor = params->wait_for_monitor;
2473 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2474 if (params->pid_file)
2475 global->params.pid_file = os_strdup(params->pid_file);
2476 if (params->ctrl_interface)
2477 global->params.ctrl_interface =
2478 os_strdup(params->ctrl_interface);
2479 if (params->override_driver)
2480 global->params.override_driver =
2481 os_strdup(params->override_driver);
2482 if (params->override_ctrl_interface)
2483 global->params.override_ctrl_interface =
2484 os_strdup(params->override_ctrl_interface);
2485 wpa_debug_level = global->params.wpa_debug_level =
2486 params->wpa_debug_level;
2487 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2488 params->wpa_debug_show_keys;
2489 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2490 params->wpa_debug_timestamp;
2492 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
2495 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2496 wpa_supplicant_deinit(global);
2500 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2501 if (global->ctrl_iface == NULL) {
2502 wpa_supplicant_deinit(global);
2506 if (wpas_notify_supplicant_initialized(global)) {
2507 wpa_supplicant_deinit(global);
2511 for (i = 0; wpa_drivers[i]; i++)
2512 global->drv_count++;
2513 if (global->drv_count == 0) {
2514 wpa_printf(MSG_ERROR, "No drivers enabled");
2515 wpa_supplicant_deinit(global);
2518 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2519 if (global->drv_priv == NULL) {
2520 wpa_supplicant_deinit(global);
2523 for (i = 0; wpa_drivers[i]; i++) {
2524 if (!wpa_drivers[i]->global_init)
2526 global->drv_priv[i] = wpa_drivers[i]->global_init();
2527 if (global->drv_priv[i] == NULL) {
2528 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2529 "'%s'", wpa_drivers[i]->name);
2530 wpa_supplicant_deinit(global);
2540 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2541 * @global: Pointer to global data from wpa_supplicant_init()
2542 * Returns: 0 after successful event loop run, -1 on failure
2544 * This function starts the main event loop and continues running as long as
2545 * there are any remaining events. In most cases, this function is running as
2546 * long as the %wpa_supplicant process in still in use.
2548 int wpa_supplicant_run(struct wpa_global *global)
2550 struct wpa_supplicant *wpa_s;
2552 if (global->params.daemonize &&
2553 wpa_supplicant_daemon(global->params.pid_file))
2556 if (global->params.wait_for_monitor) {
2557 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2558 if (wpa_s->ctrl_iface)
2559 wpa_supplicant_ctrl_iface_wait(
2563 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
2564 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
2573 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2574 * @global: Pointer to global data from wpa_supplicant_init()
2576 * This function is called to deinitialize %wpa_supplicant and to free all
2577 * allocated resources. Remaining network interfaces will also be removed.
2579 void wpa_supplicant_deinit(struct wpa_global *global)
2587 wpas_p2p_deinit_global(global);
2588 #endif /* CONFIG_P2P */
2590 while (global->ifaces)
2591 wpa_supplicant_remove_iface(global, global->ifaces);
2593 if (global->ctrl_iface)
2594 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2596 wpas_notify_supplicant_deinitialized(global);
2598 eap_peer_unregister_methods();
2600 eap_server_unregister_methods();
2601 #endif /* CONFIG_AP */
2603 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
2604 if (!global->drv_priv[i])
2606 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
2608 os_free(global->drv_priv);
2612 if (global->params.pid_file) {
2613 os_daemonize_terminate(global->params.pid_file);
2614 os_free(global->params.pid_file);
2616 os_free(global->params.ctrl_interface);
2617 os_free(global->params.override_driver);
2618 os_free(global->params.override_ctrl_interface);
2621 wpa_debug_close_syslog();
2622 wpa_debug_close_file();
2626 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
2629 wpas_wps_update_config(wpa_s);
2630 #endif /* CONFIG_WPS */
2633 wpas_p2p_update_config(wpa_s);
2634 #endif /* CONFIG_P2P */
2636 wpa_s->conf->changed_parameters = 0;
2640 void ieee80211_sta_free_hw_features(struct hostapd_hw_modes *hw_features,
2641 size_t num_hw_features)
2645 if (hw_features == NULL)
2648 for (i = 0; i < num_hw_features; i++) {
2649 os_free(hw_features[i].channels);
2650 os_free(hw_features[i].rates);
2653 os_free(hw_features);
2657 static void add_freq(int *freqs, int *num_freqs, int freq)
2661 for (i = 0; i < *num_freqs; i++) {
2662 if (freqs[i] == freq)
2666 freqs[*num_freqs] = freq;
2671 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
2673 struct wpa_bss *bss, *cbss;
2674 const int max_freqs = 10;
2678 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
2682 cbss = wpa_s->current_bss;
2684 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2687 if (bss->ssid_len == cbss->ssid_len &&
2688 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
2689 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
2690 add_freq(freqs, &num_freqs, bss->freq);
2691 if (num_freqs == max_freqs)
2696 if (num_freqs == 0) {
2705 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
2712 * Add the failed BSSID into the blacklist and speed up next scan
2713 * attempt if there could be other APs that could accept association.
2714 * The current blacklist count indicates how many times we have tried
2715 * connecting to this AP and multiple attempts mean that other APs are
2716 * either not available or has already been tried, so that we can start
2717 * increasing the delay here to avoid constant scanning.
2719 count = wpa_blacklist_add(wpa_s, bssid);
2720 if (count == 1 && wpa_s->current_bss) {
2722 * This BSS was not in the blacklist before. If there is
2723 * another BSS available for the same ESS, we should try that
2724 * next. Otherwise, we may as well try this one once more
2725 * before allowing other, likely worse, ESSes to be considered.
2727 freqs = get_bss_freqs_in_ess(wpa_s);
2729 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
2730 "has been seen; try it next");
2731 wpa_blacklist_add(wpa_s, bssid);
2733 * On the next scan, go through only the known channels
2734 * used in this ESS based on previous scans to speed up
2735 * common load balancing use case.
2737 os_free(wpa_s->next_scan_freqs);
2738 wpa_s->next_scan_freqs = freqs;
2757 * TODO: if more than one possible AP is available in scan results,
2758 * could try the other ones before requesting a new scan.
2760 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
2761 1000 * (timeout % 1000));