3 * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
36 #include "common/hw_features_common.h"
39 #include "blacklist.h"
40 #include "wpas_glue.h"
41 #include "wps_supplicant.h"
44 #include "gas_query.h"
46 #include "p2p_supplicant.h"
47 #include "wifi_display.h"
53 #include "offchannel.h"
54 #include "hs20_supplicant.h"
59 const char *const wpa_supplicant_version =
60 "wpa_supplicant v" VERSION_STR "\n"
61 "Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> and contributors";
63 const char *const wpa_supplicant_license =
64 "This software may be distributed under the terms of the BSD license.\n"
65 "See README for more details.\n"
66 #ifdef EAP_TLS_OPENSSL
67 "\nThis product includes software developed by the OpenSSL Project\n"
68 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
69 #endif /* EAP_TLS_OPENSSL */
72 #ifndef CONFIG_NO_STDOUT_DEBUG
73 /* Long text divided into parts in order to fit in C89 strings size limits. */
74 const char *const wpa_supplicant_full_license1 =
76 const char *const wpa_supplicant_full_license2 =
77 "This software may be distributed under the terms of the BSD license.\n"
79 "Redistribution and use in source and binary forms, with or without\n"
80 "modification, are permitted provided that the following conditions are\n"
83 const char *const wpa_supplicant_full_license3 =
84 "1. Redistributions of source code must retain the above copyright\n"
85 " notice, this list of conditions and the following disclaimer.\n"
87 "2. Redistributions in binary form must reproduce the above copyright\n"
88 " notice, this list of conditions and the following disclaimer in the\n"
89 " documentation and/or other materials provided with the distribution.\n"
91 const char *const wpa_supplicant_full_license4 =
92 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
93 " names of its contributors may be used to endorse or promote products\n"
94 " derived from this software without specific prior written permission.\n"
96 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
97 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
98 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
99 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
100 const char *const wpa_supplicant_full_license5 =
101 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
102 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
103 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
104 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
105 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
106 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
107 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
109 #endif /* CONFIG_NO_STDOUT_DEBUG */
111 /* Configure default/group WEP keys for static WEP */
112 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
116 for (i = 0; i < NUM_WEP_KEYS; i++) {
117 if (ssid->wep_key_len[i] == 0)
121 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
122 i, i == ssid->wep_tx_keyidx, NULL, 0,
123 ssid->wep_key[i], ssid->wep_key_len[i]);
130 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
131 struct wpa_ssid *ssid)
139 /* IBSS/WPA-None uses only one key (Group) for both receiving and
140 * sending unicast and multicast packets. */
142 if (ssid->mode != WPAS_MODE_IBSS) {
143 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
144 "IBSS/ad-hoc) for WPA-None", ssid->mode);
148 if (!ssid->psk_set) {
149 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
154 switch (wpa_s->group_cipher) {
155 case WPA_CIPHER_CCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_GCMP:
161 os_memcpy(key, ssid->psk, 16);
165 case WPA_CIPHER_TKIP:
166 /* WPA-None uses the same Michael MIC key for both TX and RX */
167 os_memcpy(key, ssid->psk, 16 + 8);
168 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
173 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
174 "WPA-None", wpa_s->group_cipher);
178 /* TODO: should actually remember the previously used seq#, both for TX
179 * and RX from each STA.. */
181 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
182 os_memset(key, 0, sizeof(key));
187 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
189 struct wpa_supplicant *wpa_s = eloop_ctx;
190 const u8 *bssid = wpa_s->bssid;
191 if (is_zero_ether_addr(bssid))
192 bssid = wpa_s->pending_bssid;
193 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
195 wpa_blacklist_add(wpa_s, bssid);
196 wpa_sm_notify_disassoc(wpa_s->wpa);
197 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
198 wpa_s->reassociate = 1;
201 * If we timed out, the AP or the local radio may be busy.
202 * So, wait a second until scanning again.
204 wpa_supplicant_req_scan(wpa_s, 1, 0);
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
214 * This function is used to schedule a timeout for the current authentication
217 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
220 if (wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
224 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
239 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
241 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
254 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
256 #ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
260 #ifdef CONFIG_IBSS_RSN
261 if (ssid->mode == WPAS_MODE_IBSS &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
273 #endif /* CONFIG_IBSS_RSN */
275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
296 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
297 eapol_conf.required_keys = 0;
299 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
300 eapol_conf.workaround = ssid->eap_workaround;
301 eapol_conf.eap_disabled =
302 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
305 eapol_conf.external_sim = wpa_s->conf->external_sim;
308 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
309 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
310 if (wpa_s->current_bss) {
312 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
317 EAPOL_PEER_IS_WPS20_AP;
322 #endif /* CONFIG_WPS */
324 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
326 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
327 #endif /* IEEE8021X_EAPOL */
332 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
333 * @wpa_s: Pointer to wpa_supplicant data
334 * @ssid: Configuration data for the network
336 * This function is used to configure WPA state machine and related parameters
337 * to a mode where WPA is not enabled. This is called as part of the
338 * authentication configuration when the selected network does not use WPA.
340 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
341 struct wpa_ssid *ssid)
345 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
346 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
347 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
348 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
350 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
351 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
352 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
353 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
354 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
355 wpa_s->group_cipher = WPA_CIPHER_NONE;
356 wpa_s->mgmt_group_cipher = 0;
358 for (i = 0; i < NUM_WEP_KEYS; i++) {
359 if (ssid->wep_key_len[i] > 5) {
360 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
361 wpa_s->group_cipher = WPA_CIPHER_WEP104;
363 } else if (ssid->wep_key_len[i] > 0) {
364 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
365 wpa_s->group_cipher = WPA_CIPHER_WEP40;
370 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
371 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
372 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
373 wpa_s->pairwise_cipher);
374 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
375 #ifdef CONFIG_IEEE80211W
376 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
377 wpa_s->mgmt_group_cipher);
378 #endif /* CONFIG_IEEE80211W */
380 pmksa_cache_clear_current(wpa_s->wpa);
384 void free_hw_features(struct wpa_supplicant *wpa_s)
387 if (wpa_s->hw.modes == NULL)
390 for (i = 0; i < wpa_s->hw.num_modes; i++) {
391 os_free(wpa_s->hw.modes[i].channels);
392 os_free(wpa_s->hw.modes[i].rates);
395 os_free(wpa_s->hw.modes);
396 wpa_s->hw.modes = NULL;
400 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
404 bgscan_deinit(wpa_s);
405 autoscan_deinit(wpa_s);
406 scard_deinit(wpa_s->scard);
408 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
409 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
410 l2_packet_deinit(wpa_s->l2);
413 l2_packet_deinit(wpa_s->l2_br);
416 #ifdef CONFIG_TESTING_OPTIONS
417 l2_packet_deinit(wpa_s->l2_test);
418 wpa_s->l2_test = NULL;
419 #endif /* CONFIG_TESTING_OPTIONS */
421 if (wpa_s->conf != NULL) {
422 struct wpa_ssid *ssid;
423 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
424 wpas_notify_network_removed(wpa_s, ssid);
427 os_free(wpa_s->confname);
428 wpa_s->confname = NULL;
430 os_free(wpa_s->confanother);
431 wpa_s->confanother = NULL;
433 wpa_sm_set_eapol(wpa_s->wpa, NULL);
434 eapol_sm_deinit(wpa_s->eapol);
437 rsn_preauth_deinit(wpa_s->wpa);
440 wpa_tdls_deinit(wpa_s->wpa);
441 #endif /* CONFIG_TDLS */
443 wmm_ac_clear_saved_tspecs(wpa_s);
444 pmksa_candidate_free(wpa_s->wpa);
445 wpa_sm_deinit(wpa_s->wpa);
447 wpa_blacklist_clear(wpa_s);
449 wpa_bss_deinit(wpa_s);
451 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
452 wpa_supplicant_cancel_scan(wpa_s);
453 wpa_supplicant_cancel_auth_timeout(wpa_s);
454 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
455 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
456 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
458 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
460 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
462 wpas_wps_deinit(wpa_s);
464 wpabuf_free(wpa_s->pending_eapol_rx);
465 wpa_s->pending_eapol_rx = NULL;
467 #ifdef CONFIG_IBSS_RSN
468 ibss_rsn_deinit(wpa_s->ibss_rsn);
469 wpa_s->ibss_rsn = NULL;
470 #endif /* CONFIG_IBSS_RSN */
475 wpa_supplicant_ap_deinit(wpa_s);
476 #endif /* CONFIG_AP */
478 wpas_p2p_deinit(wpa_s);
480 #ifdef CONFIG_OFFCHANNEL
481 offchannel_deinit(wpa_s);
482 #endif /* CONFIG_OFFCHANNEL */
484 wpa_supplicant_cancel_sched_scan(wpa_s);
486 os_free(wpa_s->next_scan_freqs);
487 wpa_s->next_scan_freqs = NULL;
489 os_free(wpa_s->manual_scan_freqs);
490 wpa_s->manual_scan_freqs = NULL;
492 os_free(wpa_s->manual_sched_scan_freqs);
493 wpa_s->manual_sched_scan_freqs = NULL;
495 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
498 * Need to remove any pending gas-query radio work before the
499 * gas_query_deinit() call because gas_query::work has not yet been set
500 * for works that have not been started. gas_query_free() will be unable
501 * to cancel such pending radio works and once the pending gas-query
502 * radio work eventually gets removed, the deinit notification call to
503 * gas_query_start_cb() would result in dereferencing freed memory.
506 radio_remove_works(wpa_s, "gas-query", 0);
507 gas_query_deinit(wpa_s->gas);
510 free_hw_features(wpa_s);
512 ieee802_1x_dealloc_kay_sm(wpa_s);
514 os_free(wpa_s->bssid_filter);
515 wpa_s->bssid_filter = NULL;
517 os_free(wpa_s->disallow_aps_bssid);
518 wpa_s->disallow_aps_bssid = NULL;
519 os_free(wpa_s->disallow_aps_ssid);
520 wpa_s->disallow_aps_ssid = NULL;
522 wnm_bss_keep_alive_deinit(wpa_s);
524 wnm_deallocate_memory(wpa_s);
525 #endif /* CONFIG_WNM */
527 ext_password_deinit(wpa_s->ext_pw);
528 wpa_s->ext_pw = NULL;
530 wpabuf_free(wpa_s->last_gas_resp);
531 wpa_s->last_gas_resp = NULL;
532 wpabuf_free(wpa_s->prev_gas_resp);
533 wpa_s->prev_gas_resp = NULL;
535 os_free(wpa_s->last_scan_res);
536 wpa_s->last_scan_res = NULL;
540 #endif /* CONFIG_HS20 */
542 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
543 wpabuf_free(wpa_s->vendor_elem[i]);
544 wpa_s->vendor_elem[i] = NULL;
547 wmm_ac_notify_disassoc(wpa_s);
552 * wpa_clear_keys - Clear keys configured for the driver
553 * @wpa_s: Pointer to wpa_supplicant data
554 * @addr: Previously used BSSID or %NULL if not available
556 * This function clears the encryption keys that has been previously configured
559 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
563 #ifdef CONFIG_IEEE80211W
565 #else /* CONFIG_IEEE80211W */
567 #endif /* CONFIG_IEEE80211W */
569 /* MLME-DELETEKEYS.request */
570 for (i = 0; i < max; i++) {
571 if (wpa_s->keys_cleared & BIT(i))
573 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
576 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
577 !is_zero_ether_addr(addr)) {
578 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
580 /* MLME-SETPROTECTION.request(None) */
581 wpa_drv_mlme_setprotection(
583 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
584 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
586 wpa_s->keys_cleared = (u32) -1;
591 * wpa_supplicant_state_txt - Get the connection state name as a text string
592 * @state: State (wpa_state; WPA_*)
593 * Returns: The state name as a printable text string
595 const char * wpa_supplicant_state_txt(enum wpa_states state)
598 case WPA_DISCONNECTED:
599 return "DISCONNECTED";
602 case WPA_INTERFACE_DISABLED:
603 return "INTERFACE_DISABLED";
606 case WPA_AUTHENTICATING:
607 return "AUTHENTICATING";
608 case WPA_ASSOCIATING:
609 return "ASSOCIATING";
612 case WPA_4WAY_HANDSHAKE:
613 return "4WAY_HANDSHAKE";
614 case WPA_GROUP_HANDSHAKE:
615 return "GROUP_HANDSHAKE";
626 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
630 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
631 name = wpa_s->current_ssid->bgscan;
633 name = wpa_s->conf->bgscan;
634 if (name == NULL || name[0] == '\0')
636 if (wpas_driver_bss_selection(wpa_s))
638 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
641 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
643 #endif /* CONFIG_P2P */
645 bgscan_deinit(wpa_s);
646 if (wpa_s->current_ssid) {
647 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
648 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
651 * Live without bgscan; it is only used as a roaming
652 * optimization, so the initial connection is not
656 struct wpa_scan_results *scan_res;
657 wpa_s->bgscan_ssid = wpa_s->current_ssid;
658 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
661 bgscan_notify_scan(wpa_s, scan_res);
662 wpa_scan_results_free(scan_res);
666 wpa_s->bgscan_ssid = NULL;
670 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
672 if (wpa_s->bgscan_ssid != NULL) {
673 bgscan_deinit(wpa_s);
674 wpa_s->bgscan_ssid = NULL;
678 #endif /* CONFIG_BGSCAN */
681 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
683 if (autoscan_init(wpa_s, 0))
684 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
688 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
690 autoscan_deinit(wpa_s);
694 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
696 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
697 wpa_s->wpa_state == WPA_SCANNING) {
698 autoscan_deinit(wpa_s);
699 wpa_supplicant_start_autoscan(wpa_s);
705 * wpa_supplicant_set_state - Set current connection state
706 * @wpa_s: Pointer to wpa_supplicant data
707 * @state: The new connection state
709 * This function is called whenever the connection state changes, e.g.,
710 * association is completed for WPA/WPA2 4-Way Handshake is started.
712 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
713 enum wpa_states state)
715 enum wpa_states old_state = wpa_s->wpa_state;
717 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
718 wpa_supplicant_state_txt(wpa_s->wpa_state),
719 wpa_supplicant_state_txt(state));
721 if (state == WPA_INTERFACE_DISABLED) {
722 /* Assure normal scan when interface is restored */
723 wpa_s->normal_scans = 0;
726 if (state == WPA_COMPLETED) {
727 wpas_connect_work_done(wpa_s);
728 /* Reinitialize normal_scan counter */
729 wpa_s->normal_scans = 0;
734 * P2PS client has to reply to Probe Request frames received on the
735 * group operating channel. Enable Probe Request frame reporting for
736 * P2P connected client in case p2p_cli_probe configuration property is
739 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
740 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
741 wpa_s->current_ssid->p2p_group) {
742 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
743 wpa_dbg(wpa_s, MSG_DEBUG,
744 "P2P: Enable CLI Probe Request RX reporting");
745 wpa_s->p2p_cli_probe =
746 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
747 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
748 wpa_dbg(wpa_s, MSG_DEBUG,
749 "P2P: Disable CLI Probe Request RX reporting");
750 wpa_s->p2p_cli_probe = 0;
751 wpa_drv_probe_req_report(wpa_s, 0);
754 #endif /* CONFIG_P2P */
756 if (state != WPA_SCANNING)
757 wpa_supplicant_notify_scanning(wpa_s, 0);
759 if (state == WPA_COMPLETED && wpa_s->new_connection) {
760 struct wpa_ssid *ssid = wpa_s->current_ssid;
761 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
762 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
763 MACSTR " completed [id=%d id_str=%s]",
764 MAC2STR(wpa_s->bssid),
765 ssid ? ssid->id : -1,
766 ssid && ssid->id_str ? ssid->id_str : "");
767 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
768 wpas_clear_temp_disabled(wpa_s, ssid, 1);
769 wpa_blacklist_clear(wpa_s);
770 wpa_s->extra_blacklist_count = 0;
771 wpa_s->new_connection = 0;
772 wpa_drv_set_operstate(wpa_s, 1);
773 #ifndef IEEE8021X_EAPOL
774 wpa_drv_set_supp_port(wpa_s, 1);
775 #endif /* IEEE8021X_EAPOL */
776 wpa_s->after_wps = 0;
777 wpa_s->known_wps_freq = 0;
778 wpas_p2p_completed(wpa_s);
780 sme_sched_obss_scan(wpa_s, 1);
781 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
782 state == WPA_ASSOCIATED) {
783 wpa_s->new_connection = 1;
784 wpa_drv_set_operstate(wpa_s, 0);
785 #ifndef IEEE8021X_EAPOL
786 wpa_drv_set_supp_port(wpa_s, 0);
787 #endif /* IEEE8021X_EAPOL */
788 sme_sched_obss_scan(wpa_s, 0);
790 wpa_s->wpa_state = state;
793 if (state == WPA_COMPLETED)
794 wpa_supplicant_start_bgscan(wpa_s);
795 else if (state < WPA_ASSOCIATED)
796 wpa_supplicant_stop_bgscan(wpa_s);
797 #endif /* CONFIG_BGSCAN */
799 if (state == WPA_AUTHENTICATING)
800 wpa_supplicant_stop_autoscan(wpa_s);
802 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
803 wpa_supplicant_start_autoscan(wpa_s);
805 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
806 wmm_ac_notify_disassoc(wpa_s);
808 if (wpa_s->wpa_state != old_state) {
809 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
812 * Notify the P2P Device interface about a state change in one
815 wpas_p2p_indicate_state_change(wpa_s);
817 if (wpa_s->wpa_state == WPA_COMPLETED ||
818 old_state == WPA_COMPLETED)
819 wpas_notify_auth_changed(wpa_s);
824 void wpa_supplicant_terminate_proc(struct wpa_global *global)
828 struct wpa_supplicant *wpa_s = global->ifaces;
830 struct wpa_supplicant *next = wpa_s->next;
831 if (wpas_wps_terminate_pending(wpa_s) == 1)
834 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
835 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
836 wpas_p2p_disconnect(wpa_s);
837 #endif /* CONFIG_P2P */
840 #endif /* CONFIG_WPS */
847 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
849 struct wpa_global *global = signal_ctx;
850 wpa_supplicant_terminate_proc(global);
854 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
856 enum wpa_states old_state = wpa_s->wpa_state;
858 wpa_s->pairwise_cipher = 0;
859 wpa_s->group_cipher = 0;
860 wpa_s->mgmt_group_cipher = 0;
862 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
863 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
865 if (wpa_s->wpa_state != old_state)
866 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
871 * wpa_supplicant_reload_configuration - Reload configuration data
872 * @wpa_s: Pointer to wpa_supplicant data
873 * Returns: 0 on success or -1 if configuration parsing failed
875 * This function can be used to request that the configuration data is reloaded
876 * (e.g., after configuration file change). This function is reloading
877 * configuration only for one interface, so this may need to be called multiple
878 * times if %wpa_supplicant is controlling multiple interfaces and all
879 * interfaces need reconfiguration.
881 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
883 struct wpa_config *conf;
887 if (wpa_s->confname == NULL)
889 conf = wpa_config_read(wpa_s->confname, NULL);
891 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
892 "file '%s' - exiting", wpa_s->confname);
895 wpa_config_read(wpa_s->confanother, conf);
897 conf->changed_parameters = (unsigned int) -1;
899 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
900 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
901 os_strcmp(conf->ctrl_interface,
902 wpa_s->conf->ctrl_interface) != 0);
904 if (reconf_ctrl && wpa_s->ctrl_iface) {
905 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
906 wpa_s->ctrl_iface = NULL;
909 eapol_sm_invalidate_cached_session(wpa_s->eapol);
910 if (wpa_s->current_ssid) {
911 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
912 wpa_s->own_disconnect_req = 1;
913 wpa_supplicant_deauthenticate(wpa_s,
914 WLAN_REASON_DEAUTH_LEAVING);
918 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
919 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
921 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
923 * Clear forced success to clear EAP state for next
926 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
928 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
929 wpa_sm_set_config(wpa_s->wpa, NULL);
930 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
931 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
932 rsn_preauth_deinit(wpa_s->wpa);
934 old_ap_scan = wpa_s->conf->ap_scan;
935 wpa_config_free(wpa_s->conf);
937 if (old_ap_scan != wpa_s->conf->ap_scan)
938 wpas_notify_ap_scan_changed(wpa_s);
941 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
943 wpa_supplicant_update_config(wpa_s);
945 wpa_supplicant_clear_status(wpa_s);
946 if (wpa_supplicant_enabled_networks(wpa_s)) {
947 wpa_s->reassociate = 1;
948 wpa_supplicant_req_scan(wpa_s, 0, 0);
950 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
955 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
957 struct wpa_global *global = signal_ctx;
958 struct wpa_supplicant *wpa_s;
959 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
960 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
962 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
963 wpa_supplicant_terminate_proc(global);
967 if (wpa_debug_reopen_file() < 0) {
968 /* Ignore errors since we cannot really do much to fix this */
969 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
974 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
975 struct wpa_ssid *ssid,
976 struct wpa_ie_data *ie)
978 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
981 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
982 "from association info");
987 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
989 if (!(ie->group_cipher & ssid->group_cipher)) {
990 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
991 "cipher 0x%x (mask 0x%x) - reject",
992 ie->group_cipher, ssid->group_cipher);
995 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
996 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
997 "cipher 0x%x (mask 0x%x) - reject",
998 ie->pairwise_cipher, ssid->pairwise_cipher);
1001 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1002 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1003 "management 0x%x (mask 0x%x) - reject",
1004 ie->key_mgmt, ssid->key_mgmt);
1008 #ifdef CONFIG_IEEE80211W
1009 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1010 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1011 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1012 "that does not support management frame protection - "
1016 #endif /* CONFIG_IEEE80211W */
1023 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1024 * @wpa_s: Pointer to wpa_supplicant data
1025 * @bss: Scan results for the selected BSS, or %NULL if not available
1026 * @ssid: Configuration data for the selected network
1027 * @wpa_ie: Buffer for the WPA/RSN IE
1028 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1029 * used buffer length in case the functions returns success.
1030 * Returns: 0 on success or -1 on failure
1032 * This function is used to configure authentication and encryption parameters
1033 * based on the network configuration and scan result for the selected BSS (if
1036 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1037 struct wpa_bss *bss, struct wpa_ssid *ssid,
1038 u8 *wpa_ie, size_t *wpa_ie_len)
1040 struct wpa_ie_data ie;
1042 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1045 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1046 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1047 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1049 bss_wpa = bss_rsn = bss_osen = NULL;
1051 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1052 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1053 (ie.group_cipher & ssid->group_cipher) &&
1054 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1055 (ie.key_mgmt & ssid->key_mgmt)) {
1056 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1057 proto = WPA_PROTO_RSN;
1058 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1059 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1060 (ie.group_cipher & ssid->group_cipher) &&
1061 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1062 (ie.key_mgmt & ssid->key_mgmt)) {
1063 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1064 proto = WPA_PROTO_WPA;
1066 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1067 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1068 /* TODO: parse OSEN element */
1069 os_memset(&ie, 0, sizeof(ie));
1070 ie.group_cipher = WPA_CIPHER_CCMP;
1071 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1072 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1073 proto = WPA_PROTO_OSEN;
1074 #endif /* CONFIG_HS20 */
1076 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1077 wpa_dbg(wpa_s, MSG_DEBUG,
1078 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1079 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1081 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1082 MAC2STR(bss->bssid),
1083 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1084 bss_wpa ? " WPA" : "",
1085 bss_rsn ? " RSN" : "",
1086 bss_osen ? " OSEN" : "");
1088 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1089 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1090 wpa_dbg(wpa_s, MSG_DEBUG,
1091 "Could not parse RSN element");
1093 wpa_dbg(wpa_s, MSG_DEBUG,
1094 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1095 ie.pairwise_cipher, ie.group_cipher,
1100 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1101 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1102 wpa_dbg(wpa_s, MSG_DEBUG,
1103 "Could not parse WPA element");
1105 wpa_dbg(wpa_s, MSG_DEBUG,
1106 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1107 ie.pairwise_cipher, ie.group_cipher,
1113 if (ssid->proto & WPA_PROTO_OSEN)
1114 proto = WPA_PROTO_OSEN;
1115 else if (ssid->proto & WPA_PROTO_RSN)
1116 proto = WPA_PROTO_RSN;
1118 proto = WPA_PROTO_WPA;
1119 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1120 os_memset(&ie, 0, sizeof(ie));
1121 ie.group_cipher = ssid->group_cipher;
1122 ie.pairwise_cipher = ssid->pairwise_cipher;
1123 ie.key_mgmt = ssid->key_mgmt;
1124 #ifdef CONFIG_IEEE80211W
1125 ie.mgmt_group_cipher =
1126 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1127 WPA_CIPHER_AES_128_CMAC : 0;
1128 #endif /* CONFIG_IEEE80211W */
1129 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1130 "based on configuration");
1135 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1136 "pairwise %d key_mgmt %d proto %d",
1137 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1138 #ifdef CONFIG_IEEE80211W
1139 if (ssid->ieee80211w) {
1140 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1141 ie.mgmt_group_cipher);
1143 #endif /* CONFIG_IEEE80211W */
1145 wpa_s->wpa_proto = proto;
1146 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1147 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1148 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1150 if (bss || !wpa_s->ap_ies_from_associnfo) {
1151 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1152 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1153 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1154 bss_rsn ? 2 + bss_rsn[1] : 0))
1158 sel = ie.group_cipher & ssid->group_cipher;
1159 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1160 if (wpa_s->group_cipher < 0) {
1161 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1165 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1166 wpa_cipher_txt(wpa_s->group_cipher));
1168 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1169 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1170 if (wpa_s->pairwise_cipher < 0) {
1171 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1175 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1176 wpa_cipher_txt(wpa_s->pairwise_cipher));
1178 sel = ie.key_mgmt & ssid->key_mgmt;
1180 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1181 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1182 #endif /* CONFIG_SAE */
1184 #ifdef CONFIG_SUITEB192
1185 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1186 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1187 wpa_dbg(wpa_s, MSG_DEBUG,
1188 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1189 #endif /* CONFIG_SUITEB192 */
1190 #ifdef CONFIG_SUITEB
1191 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1192 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1193 wpa_dbg(wpa_s, MSG_DEBUG,
1194 "WPA: using KEY_MGMT 802.1X with Suite B");
1195 #endif /* CONFIG_SUITEB */
1196 #ifdef CONFIG_IEEE80211R
1197 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1198 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1199 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1200 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1201 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1202 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1203 #endif /* CONFIG_IEEE80211R */
1205 } else if (sel & WPA_KEY_MGMT_SAE) {
1206 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1207 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1208 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1209 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1210 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1211 #endif /* CONFIG_SAE */
1212 #ifdef CONFIG_IEEE80211W
1213 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1214 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1215 wpa_dbg(wpa_s, MSG_DEBUG,
1216 "WPA: using KEY_MGMT 802.1X with SHA256");
1217 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1218 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1219 wpa_dbg(wpa_s, MSG_DEBUG,
1220 "WPA: using KEY_MGMT PSK with SHA256");
1221 #endif /* CONFIG_IEEE80211W */
1222 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1223 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1224 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1225 } else if (sel & WPA_KEY_MGMT_PSK) {
1226 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1227 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1228 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1229 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1230 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1232 } else if (sel & WPA_KEY_MGMT_OSEN) {
1233 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1234 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1235 #endif /* CONFIG_HS20 */
1237 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1238 "authenticated key management type");
1242 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1243 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1244 wpa_s->pairwise_cipher);
1245 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1247 #ifdef CONFIG_IEEE80211W
1248 sel = ie.mgmt_group_cipher;
1249 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1250 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1252 if (sel & WPA_CIPHER_AES_128_CMAC) {
1253 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1254 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1256 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1257 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1258 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1260 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1261 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1262 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1264 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1265 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1266 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1269 wpa_s->mgmt_group_cipher = 0;
1270 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1272 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1273 wpa_s->mgmt_group_cipher);
1274 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1275 wpas_get_ssid_pmf(wpa_s, ssid));
1276 #endif /* CONFIG_IEEE80211W */
1278 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1279 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1283 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1286 if (ssid->psk_set) {
1287 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL);
1290 #ifndef CONFIG_NO_PBKDF2
1291 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1294 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1295 4096, psk, PMK_LEN);
1296 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1298 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1300 os_memset(psk, 0, sizeof(psk));
1302 #endif /* CONFIG_NO_PBKDF2 */
1303 #ifdef CONFIG_EXT_PASSWORD
1304 if (ssid->ext_psk) {
1305 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1307 char pw_str[64 + 1];
1311 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1312 "found from external storage");
1316 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1317 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1318 "PSK length %d in external storage",
1319 (int) wpabuf_len(pw));
1320 ext_password_free(pw);
1324 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1325 pw_str[wpabuf_len(pw)] = '\0';
1327 #ifndef CONFIG_NO_PBKDF2
1328 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1330 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1331 4096, psk, PMK_LEN);
1332 os_memset(pw_str, 0, sizeof(pw_str));
1333 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1334 "external passphrase)",
1336 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1338 os_memset(psk, 0, sizeof(psk));
1340 #endif /* CONFIG_NO_PBKDF2 */
1341 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1342 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1343 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1344 "Invalid PSK hex string");
1345 os_memset(pw_str, 0, sizeof(pw_str));
1346 ext_password_free(pw);
1349 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1351 os_memset(psk, 0, sizeof(psk));
1353 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1355 os_memset(pw_str, 0, sizeof(pw_str));
1356 ext_password_free(pw);
1360 os_memset(pw_str, 0, sizeof(pw_str));
1361 ext_password_free(pw);
1363 #endif /* CONFIG_EXT_PASSWORD */
1366 wpa_msg(wpa_s, MSG_INFO,
1367 "No PSK available for association");
1371 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1377 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1382 case 0: /* Bits 0-7 */
1384 case 1: /* Bits 8-15 */
1386 case 2: /* Bits 16-23 */
1388 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1389 *pos |= 0x08; /* Bit 19 - BSS Transition */
1390 #endif /* CONFIG_WNM */
1392 case 3: /* Bits 24-31 */
1394 *pos |= 0x02; /* Bit 25 - SSID List */
1395 #endif /* CONFIG_WNM */
1396 #ifdef CONFIG_INTERWORKING
1397 if (wpa_s->conf->interworking)
1398 *pos |= 0x80; /* Bit 31 - Interworking */
1399 #endif /* CONFIG_INTERWORKING */
1401 case 4: /* Bits 32-39 */
1402 #ifdef CONFIG_INTERWORKING
1403 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1404 *pos |= 0x01; /* Bit 32 - QoS Map */
1405 #endif /* CONFIG_INTERWORKING */
1407 case 5: /* Bits 40-47 */
1409 if (wpa_s->conf->hs20)
1410 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1411 #endif /* CONFIG_HS20 */
1413 case 6: /* Bits 48-55 */
1419 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1424 if (len < wpa_s->extended_capa_len)
1425 len = wpa_s->extended_capa_len;
1426 if (buflen < (size_t) len + 2) {
1427 wpa_printf(MSG_INFO,
1428 "Not enough room for building extended capabilities element");
1432 *pos++ = WLAN_EID_EXT_CAPAB;
1434 for (i = 0; i < len; i++, pos++) {
1435 wpas_ext_capab_byte(wpa_s, pos, i);
1437 if (i < wpa_s->extended_capa_len) {
1438 *pos &= ~wpa_s->extended_capa_mask[i];
1439 *pos |= wpa_s->extended_capa[i];
1443 while (len > 0 && buf[1 + len] == 0) {
1454 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1455 struct wpa_bss *test_bss)
1457 struct wpa_bss *bss;
1459 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1460 if (bss == test_bss)
1468 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1469 struct wpa_ssid *test_ssid)
1471 struct wpa_ssid *ssid;
1473 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1474 if (ssid == test_ssid)
1482 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1483 struct wpa_ssid *test_ssid)
1485 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1488 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1492 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1500 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1502 struct wpa_connect_work *cwork;
1503 struct wpa_radio_work *work = wpa_s->connect_work;
1508 wpa_s->connect_work = NULL;
1511 wpas_connect_work_free(cwork);
1512 radio_work_done(work);
1516 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1518 struct os_reltime now;
1521 os_get_reltime(&now);
1522 if (wpa_s->last_mac_addr_style == style &&
1523 wpa_s->last_mac_addr_change.sec != 0 &&
1524 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1525 wpa_s->conf->rand_addr_lifetime)) {
1526 wpa_msg(wpa_s, MSG_DEBUG,
1527 "Previously selected random MAC address has not yet expired");
1533 if (random_mac_addr(addr) < 0)
1537 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1538 if (random_mac_addr_keep_oui(addr) < 0)
1545 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1546 wpa_msg(wpa_s, MSG_INFO,
1547 "Failed to set random MAC address");
1551 os_get_reltime(&wpa_s->last_mac_addr_change);
1552 wpa_s->mac_addr_changed = 1;
1553 wpa_s->last_mac_addr_style = style;
1555 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1556 wpa_msg(wpa_s, MSG_INFO,
1557 "Could not update MAC address information");
1561 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1568 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1570 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1571 !wpa_s->conf->preassoc_mac_addr)
1574 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1578 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1581 * wpa_supplicant_associate - Request association
1582 * @wpa_s: Pointer to wpa_supplicant data
1583 * @bss: Scan results for the selected BSS, or %NULL if not available
1584 * @ssid: Configuration data for the selected network
1586 * This function is used to request %wpa_supplicant to associate with a BSS.
1588 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1589 struct wpa_bss *bss, struct wpa_ssid *ssid)
1591 struct wpa_connect_work *cwork;
1594 wpa_s->own_disconnect_req = 0;
1596 if (ssid->mac_addr == -1)
1597 rand_style = wpa_s->conf->mac_addr;
1599 rand_style = ssid->mac_addr;
1601 wmm_ac_clear_saved_tspecs(wpa_s);
1602 wpa_s->reassoc_same_bss = 0;
1604 if (wpa_s->last_ssid == ssid) {
1605 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1606 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1607 wmm_ac_save_tspecs(wpa_s);
1608 wpa_s->reassoc_same_bss = 1;
1610 } else if (rand_style > 0) {
1611 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1613 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1614 } else if (wpa_s->mac_addr_changed) {
1615 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1616 wpa_msg(wpa_s, MSG_INFO,
1617 "Could not restore permanent MAC address");
1620 wpa_s->mac_addr_changed = 0;
1621 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1622 wpa_msg(wpa_s, MSG_INFO,
1623 "Could not update MAC address information");
1626 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1628 wpa_s->last_ssid = ssid;
1630 #ifdef CONFIG_IBSS_RSN
1631 ibss_rsn_deinit(wpa_s->ibss_rsn);
1632 wpa_s->ibss_rsn = NULL;
1633 #endif /* CONFIG_IBSS_RSN */
1635 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1636 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1638 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1639 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1643 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1644 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1645 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1646 wpas_p2p_ap_setup_failed(wpa_s);
1649 wpa_s->current_bss = bss;
1650 #else /* CONFIG_AP */
1651 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1653 #endif /* CONFIG_AP */
1657 if (ssid->mode == WPAS_MODE_MESH) {
1659 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1660 wpa_msg(wpa_s, MSG_INFO,
1661 "Driver does not support mesh mode");
1665 ssid->frequency = bss->freq;
1666 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1667 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1670 wpa_s->current_bss = bss;
1671 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_STARTED
1672 "ssid=\"%s\" id=%d",
1673 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1675 #else /* CONFIG_MESH */
1676 wpa_msg(wpa_s, MSG_ERROR,
1677 "mesh mode support not included in the build");
1678 #endif /* CONFIG_MESH */
1684 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1686 #endif /* CONFIG_TDLS */
1688 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1689 ssid->mode == IEEE80211_MODE_INFRA) {
1690 sme_authenticate(wpa_s, bss, ssid);
1694 if (wpa_s->connect_work) {
1695 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1699 if (radio_work_pending(wpa_s, "connect")) {
1700 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1704 cwork = os_zalloc(sizeof(*cwork));
1711 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1712 wpas_start_assoc_cb, cwork) < 0) {
1718 static int bss_is_ibss(struct wpa_bss *bss)
1720 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1725 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1726 const struct wpa_ssid *ssid,
1727 struct hostapd_freq_params *freq)
1729 enum hostapd_hw_mode hw_mode;
1730 struct hostapd_hw_modes *mode = NULL;
1731 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1733 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1734 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1736 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1738 struct hostapd_freq_params vht_freq;
1740 freq->freq = ssid->frequency;
1742 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1743 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1745 if (ssid->mode != WPAS_MODE_IBSS)
1748 /* Don't adjust control freq in case of fixed_freq */
1749 if (ssid->fixed_freq)
1752 if (!bss_is_ibss(bss))
1755 if (ssid->ssid_len == bss->ssid_len &&
1756 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1757 wpa_printf(MSG_DEBUG,
1758 "IBSS already found in scan results, adjust control freq: %d",
1760 freq->freq = bss->freq;
1766 /* For IBSS check HT_IBSS flag */
1767 if (ssid->mode == WPAS_MODE_IBSS &&
1768 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1771 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1772 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1773 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1774 wpa_printf(MSG_DEBUG,
1775 "IBSS: WEP/TKIP detected, do not try to enable HT");
1779 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1780 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1781 if (wpa_s->hw.modes[i].mode == hw_mode) {
1782 mode = &wpa_s->hw.modes[i];
1790 freq->ht_enabled = ht_supported(mode);
1791 if (!freq->ht_enabled)
1794 /* Setup higher BW only for 5 GHz */
1795 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1798 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1799 pri_chan = &mode->channels[chan_idx];
1800 if (pri_chan->chan == channel)
1807 /* Check primary channel flags */
1808 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1811 /* Check/setup HT40+/HT40- */
1812 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1813 if (ht40plus[j] == channel) {
1819 /* Find secondary channel */
1820 for (i = 0; i < mode->num_channels; i++) {
1821 sec_chan = &mode->channels[i];
1822 if (sec_chan->chan == channel + ht40 * 4)
1829 /* Check secondary channel flags */
1830 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1833 freq->channel = pri_chan->chan;
1837 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
1839 freq->sec_channel_offset = -1;
1842 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
1844 freq->sec_channel_offset = 1;
1850 if (freq->sec_channel_offset && obss_scan) {
1851 struct wpa_scan_results *scan_res;
1853 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
1854 if (scan_res == NULL) {
1856 freq->sec_channel_offset = 0;
1860 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
1865 freq->sec_channel_offset = 0;
1868 /* Configuration allowed */
1871 /* Switch pri/sec channels */
1872 freq->freq = hw_get_freq(mode, sec_chan->chan);
1873 freq->sec_channel_offset = -freq->sec_channel_offset;
1874 freq->channel = sec_chan->chan;
1877 freq->sec_channel_offset = 0;
1881 wpa_scan_results_free(scan_res);
1884 wpa_printf(MSG_DEBUG,
1885 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
1886 freq->channel, freq->sec_channel_offset);
1888 /* Not sure if mesh is ready for VHT */
1889 if (ssid->mode != WPAS_MODE_IBSS)
1892 /* For IBSS check VHT_IBSS flag */
1893 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
1898 vht_freq.vht_enabled = vht_supported(mode);
1899 if (!vht_freq.vht_enabled)
1902 /* setup center_freq1, bandwidth */
1903 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
1904 if (freq->channel >= vht80[j] &&
1905 freq->channel < vht80[j] + 16)
1909 if (j == ARRAY_SIZE(vht80))
1912 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
1913 struct hostapd_channel_data *chan;
1915 chan = hw_get_channel_chan(mode, i, NULL);
1919 /* Back to HT configuration if channel not usable */
1920 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1924 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
1925 freq->channel, freq->ht_enabled,
1926 vht_freq.vht_enabled,
1927 freq->sec_channel_offset,
1928 VHT_CHANWIDTH_80MHZ,
1929 vht80[j] + 6, 0, 0) != 0)
1934 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
1935 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1939 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1941 struct wpa_connect_work *cwork = work->ctx;
1942 struct wpa_bss *bss = cwork->bss;
1943 struct wpa_ssid *ssid = cwork->ssid;
1944 struct wpa_supplicant *wpa_s = work->wpa_s;
1947 int use_crypt, ret, i, bssid_changed;
1948 int algs = WPA_AUTH_ALG_OPEN;
1949 unsigned int cipher_pairwise, cipher_group;
1950 struct wpa_driver_associate_params params;
1951 int wep_keys_set = 0;
1952 int assoc_failed = 0;
1953 struct wpa_ssid *old_ssid;
1954 #ifdef CONFIG_HT_OVERRIDES
1955 struct ieee80211_ht_capabilities htcaps;
1956 struct ieee80211_ht_capabilities htcaps_mask;
1957 #endif /* CONFIG_HT_OVERRIDES */
1958 #ifdef CONFIG_VHT_OVERRIDES
1959 struct ieee80211_vht_capabilities vhtcaps;
1960 struct ieee80211_vht_capabilities vhtcaps_mask;
1961 #endif /* CONFIG_VHT_OVERRIDES */
1964 if (work->started) {
1965 wpa_s->connect_work = NULL;
1967 /* cancel possible auth. timeout */
1968 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1971 wpas_connect_work_free(cwork);
1975 wpa_s->connect_work = work;
1977 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
1978 wpas_network_disabled(wpa_s, ssid)) {
1979 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1980 wpas_connect_work_done(wpa_s);
1984 os_memset(¶ms, 0, sizeof(params));
1985 wpa_s->reassociate = 0;
1986 wpa_s->eap_expected_failure = 0;
1988 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
1989 #ifdef CONFIG_IEEE80211R
1990 const u8 *ie, *md = NULL;
1991 #endif /* CONFIG_IEEE80211R */
1992 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1993 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1994 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1995 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1996 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1997 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1999 wpas_notify_bssid_changed(wpa_s);
2000 #ifdef CONFIG_IEEE80211R
2001 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
2002 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
2004 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
2006 /* Prepare for the next transition */
2007 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
2009 #endif /* CONFIG_IEEE80211R */
2011 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2012 wpa_s->conf->ap_scan == 2 &&
2013 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2014 /* Use ap_scan==1 style network selection to find the network
2016 wpas_connect_work_done(wpa_s);
2017 wpa_s->scan_req = MANUAL_SCAN_REQ;
2018 wpa_s->reassociate = 1;
2019 wpa_supplicant_req_scan(wpa_s, 0, 0);
2021 #endif /* CONFIG_WPS */
2023 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2024 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2025 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2028 wpa_supplicant_cancel_sched_scan(wpa_s);
2030 wpa_supplicant_cancel_scan(wpa_s);
2032 /* Starting new association, so clear the possibly used WPA IE from the
2033 * previous association. */
2034 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2036 #ifdef IEEE8021X_EAPOL
2037 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2039 if (ssid->non_leap == 0)
2040 algs = WPA_AUTH_ALG_LEAP;
2042 algs |= WPA_AUTH_ALG_LEAP;
2045 #endif /* IEEE8021X_EAPOL */
2046 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2047 if (ssid->auth_alg) {
2048 algs = ssid->auth_alg;
2049 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2053 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2054 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2055 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2056 int try_opportunistic;
2057 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2059 ssid->proactive_key_caching) &&
2060 (ssid->proto & WPA_PROTO_RSN);
2061 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2062 ssid, try_opportunistic) == 0)
2063 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2064 wpa_ie_len = sizeof(wpa_ie);
2065 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2066 wpa_ie, &wpa_ie_len)) {
2067 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2068 "key management and encryption suites");
2069 wpas_connect_work_done(wpa_s);
2072 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2073 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2075 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2076 * use non-WPA since the scan results did not indicate that the
2077 * AP is using WPA or WPA2.
2079 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2081 wpa_s->wpa_proto = 0;
2082 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2083 wpa_ie_len = sizeof(wpa_ie);
2084 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2085 wpa_ie, &wpa_ie_len)) {
2086 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2087 "key management and encryption suites (no "
2089 wpas_connect_work_done(wpa_s);
2093 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2094 struct wpabuf *wps_ie;
2095 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2096 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2097 wpa_ie_len = wpabuf_len(wps_ie);
2098 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2101 wpabuf_free(wps_ie);
2102 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2103 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2104 params.wps = WPS_MODE_PRIVACY;
2106 params.wps = WPS_MODE_OPEN;
2107 wpa_s->wpa_proto = 0;
2108 #endif /* CONFIG_WPS */
2110 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2112 wpa_s->wpa_proto = 0;
2116 if (wpa_s->global->p2p) {
2120 pos = wpa_ie + wpa_ie_len;
2121 len = sizeof(wpa_ie) - wpa_ie_len;
2122 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2128 wpa_s->cross_connect_disallowed = 0;
2131 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2133 wpa_s->cross_connect_disallowed =
2134 p2p_get_cross_connect_disallowed(p2p);
2136 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2138 wpa_s->cross_connect_disallowed ?
2139 "disallows" : "allows");
2143 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2144 #endif /* CONFIG_P2P */
2147 if (is_hs20_network(wpa_s, ssid, bss)) {
2148 struct wpabuf *hs20;
2149 hs20 = wpabuf_alloc(20);
2151 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2154 wpas_hs20_add_indication(hs20, pps_mo_id);
2155 len = sizeof(wpa_ie) - wpa_ie_len;
2156 if (wpabuf_len(hs20) <= len) {
2157 os_memcpy(wpa_ie + wpa_ie_len,
2158 wpabuf_head(hs20), wpabuf_len(hs20));
2159 wpa_ie_len += wpabuf_len(hs20);
2164 #endif /* CONFIG_HS20 */
2167 * Workaround: Add Extended Capabilities element only if the AP
2168 * included this element in Beacon/Probe Response frames. Some older
2169 * APs seem to have interoperability issues if this element is
2170 * included, so while the standard may require us to include the
2171 * element in all cases, it is justifiable to skip it to avoid
2172 * interoperability issues.
2174 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2177 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2179 if (ext_capab_len > 0) {
2181 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2183 os_memmove(pos + ext_capab_len, pos,
2184 wpa_ie_len - (pos - wpa_ie));
2185 wpa_ie_len += ext_capab_len;
2186 os_memcpy(pos, ext_capab, ext_capab_len);
2190 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2191 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2194 len = sizeof(wpa_ie) - wpa_ie_len;
2195 if (wpabuf_len(buf) <= len) {
2196 os_memcpy(wpa_ie + wpa_ie_len,
2197 wpabuf_head(buf), wpabuf_len(buf));
2198 wpa_ie_len += wpabuf_len(buf);
2203 if (wpa_s->fst_ies) {
2204 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
2206 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) {
2207 os_memcpy(wpa_ie + wpa_ie_len,
2208 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
2209 wpa_ie_len += fst_ies_len;
2212 #endif /* CONFIG_FST */
2214 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2216 cipher_pairwise = wpa_s->pairwise_cipher;
2217 cipher_group = wpa_s->group_cipher;
2218 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2219 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2220 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2222 if (wpa_set_wep_keys(wpa_s, ssid)) {
2227 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2230 #ifdef IEEE8021X_EAPOL
2231 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2232 if ((ssid->eapol_flags &
2233 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2234 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2238 /* Assume that dynamic WEP-104 keys will be used and
2239 * set cipher suites in order for drivers to expect
2241 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2244 #endif /* IEEE8021X_EAPOL */
2246 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2247 /* Set the key before (and later after) association */
2248 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2251 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2253 params.ssid = bss->ssid;
2254 params.ssid_len = bss->ssid_len;
2255 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2256 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2257 MACSTR " freq=%u MHz based on scan results "
2259 MAC2STR(bss->bssid), bss->freq,
2261 params.bssid = bss->bssid;
2262 params.freq.freq = bss->freq;
2264 params.bssid_hint = bss->bssid;
2265 params.freq_hint = bss->freq;
2267 params.ssid = ssid->ssid;
2268 params.ssid_len = ssid->ssid_len;
2271 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2272 wpa_s->conf->ap_scan == 2) {
2273 params.bssid = ssid->bssid;
2274 params.fixed_bssid = 1;
2277 /* Initial frequency for IBSS/mesh */
2278 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2279 ssid->frequency > 0 && params.freq.freq == 0)
2280 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
2282 if (ssid->mode == WPAS_MODE_IBSS) {
2283 params.fixed_freq = ssid->fixed_freq;
2284 if (ssid->beacon_int)
2285 params.beacon_int = ssid->beacon_int;
2287 params.beacon_int = wpa_s->conf->beacon_int;
2290 params.wpa_ie = wpa_ie;
2291 params.wpa_ie_len = wpa_ie_len;
2292 params.pairwise_suite = cipher_pairwise;
2293 params.group_suite = cipher_group;
2294 params.key_mgmt_suite = wpa_s->key_mgmt;
2295 params.wpa_proto = wpa_s->wpa_proto;
2296 params.auth_alg = algs;
2297 params.mode = ssid->mode;
2298 params.bg_scan_period = ssid->bg_scan_period;
2299 for (i = 0; i < NUM_WEP_KEYS; i++) {
2300 if (ssid->wep_key_len[i])
2301 params.wep_key[i] = ssid->wep_key[i];
2302 params.wep_key_len[i] = ssid->wep_key_len[i];
2304 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2306 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2307 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2308 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2309 params.passphrase = ssid->passphrase;
2311 params.psk = ssid->psk;
2314 if (wpa_s->conf->key_mgmt_offload) {
2315 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2316 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2317 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2318 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2319 params.req_key_mgmt_offload =
2320 ssid->proactive_key_caching < 0 ?
2321 wpa_s->conf->okc : ssid->proactive_key_caching;
2323 params.req_key_mgmt_offload = 1;
2325 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2326 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2327 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2329 params.psk = ssid->psk;
2332 params.drop_unencrypted = use_crypt;
2334 #ifdef CONFIG_IEEE80211W
2335 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2336 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2337 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2338 struct wpa_ie_data ie;
2339 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2341 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2342 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2343 "MFP: require MFP");
2344 params.mgmt_frame_protection =
2345 MGMT_FRAME_PROTECTION_REQUIRED;
2348 #endif /* CONFIG_IEEE80211W */
2350 params.p2p = ssid->p2p_group;
2352 if (wpa_s->parent->set_sta_uapsd)
2353 params.uapsd = wpa_s->parent->sta_uapsd;
2357 #ifdef CONFIG_HT_OVERRIDES
2358 os_memset(&htcaps, 0, sizeof(htcaps));
2359 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2360 params.htcaps = (u8 *) &htcaps;
2361 params.htcaps_mask = (u8 *) &htcaps_mask;
2362 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
2363 #endif /* CONFIG_HT_OVERRIDES */
2364 #ifdef CONFIG_VHT_OVERRIDES
2365 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2366 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2367 params.vhtcaps = &vhtcaps;
2368 params.vhtcaps_mask = &vhtcaps_mask;
2369 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
2370 #endif /* CONFIG_VHT_OVERRIDES */
2374 * If multi-channel concurrency is not supported, check for any
2375 * frequency conflict. In case of any frequency conflict, remove the
2376 * least prioritized connection.
2378 if (wpa_s->num_multichan_concurrent < 2) {
2380 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2381 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2382 wpa_printf(MSG_DEBUG,
2383 "Assoc conflicting freq found (%d != %d)",
2384 freq, params.freq.freq);
2385 if (wpas_p2p_handle_frequency_conflicts(
2386 wpa_s, params.freq.freq, ssid) < 0) {
2387 wpas_connect_work_done(wpa_s);
2392 #endif /* CONFIG_P2P */
2394 ret = wpa_drv_associate(wpa_s, ¶ms);
2396 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2398 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2400 * The driver is known to mean what is saying, so we
2401 * can stop right here; the association will not
2404 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2405 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2406 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2409 /* try to continue anyway; new association will be tried again
2414 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2415 /* Set the key after the association just in case association
2416 * cleared the previously configured key. */
2417 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2418 /* No need to timeout authentication since there is no key
2420 wpa_supplicant_cancel_auth_timeout(wpa_s);
2421 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2422 #ifdef CONFIG_IBSS_RSN
2423 } else if (ssid->mode == WPAS_MODE_IBSS &&
2424 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2425 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2427 * RSN IBSS authentication is per-STA and we can disable the
2428 * per-BSSID authentication.
2430 wpa_supplicant_cancel_auth_timeout(wpa_s);
2431 #endif /* CONFIG_IBSS_RSN */
2433 /* Timeout for IEEE 802.11 authentication and association */
2437 /* give IBSS a bit more time */
2438 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2439 } else if (wpa_s->conf->ap_scan == 1) {
2440 /* give IBSS a bit more time */
2441 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2443 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2447 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2448 /* Set static WEP keys again */
2449 wpa_set_wep_keys(wpa_s, ssid);
2452 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2454 * Do not allow EAP session resumption between different
2455 * network configurations.
2457 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2459 old_ssid = wpa_s->current_ssid;
2460 wpa_s->current_ssid = ssid;
2461 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set)
2462 wpa_s->current_bss = bss;
2463 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2464 wpa_supplicant_initiate_eapol(wpa_s);
2465 if (old_ssid != wpa_s->current_ssid)
2466 wpas_notify_network_changed(wpa_s);
2470 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2473 struct wpa_ssid *old_ssid;
2475 wpas_connect_work_done(wpa_s);
2476 wpa_clear_keys(wpa_s, addr);
2477 old_ssid = wpa_s->current_ssid;
2478 wpa_supplicant_mark_disassoc(wpa_s);
2479 wpa_sm_set_config(wpa_s->wpa, NULL);
2480 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2481 if (old_ssid != wpa_s->current_ssid)
2482 wpas_notify_network_changed(wpa_s);
2483 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2488 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2489 * @wpa_s: Pointer to wpa_supplicant data
2490 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2492 * This function is used to request %wpa_supplicant to deauthenticate from the
2495 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2499 union wpa_event_data event;
2502 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2503 " pending_bssid=" MACSTR " reason=%d state=%s",
2504 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2505 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2507 if (!is_zero_ether_addr(wpa_s->bssid))
2508 addr = wpa_s->bssid;
2509 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2510 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2511 wpa_s->wpa_state == WPA_ASSOCIATING))
2512 addr = wpa_s->pending_bssid;
2513 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2515 * When using driver-based BSS selection, we may not know the
2516 * BSSID with which we are currently trying to associate. We
2517 * need to notify the driver of this disconnection even in such
2518 * a case, so use the all zeros address here.
2520 addr = wpa_s->bssid;
2525 wpa_tdls_teardown_peers(wpa_s->wpa);
2526 #endif /* CONFIG_TDLS */
2530 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2532 wpa_supplicant_leave_mesh(wpa_s);
2534 #endif /* CONFIG_MESH */
2537 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2538 os_memset(&event, 0, sizeof(event));
2539 event.deauth_info.reason_code = (u16) reason_code;
2540 event.deauth_info.locally_generated = 1;
2541 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2546 wpa_supplicant_clear_connection(wpa_s, addr);
2549 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2550 struct wpa_ssid *ssid)
2552 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2556 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2557 wpas_notify_network_enabled_changed(wpa_s, ssid);
2560 * Try to reassociate since there is no current configuration and a new
2561 * network was made available.
2563 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2564 wpa_s->reassociate = 1;
2569 * wpa_supplicant_enable_network - Mark a configured network as enabled
2570 * @wpa_s: wpa_supplicant structure for a network interface
2571 * @ssid: wpa_ssid structure for a configured network or %NULL
2573 * Enables the specified network or all networks if no network specified.
2575 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2576 struct wpa_ssid *ssid)
2579 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2580 wpa_supplicant_enable_one_network(wpa_s, ssid);
2582 wpa_supplicant_enable_one_network(wpa_s, ssid);
2584 if (wpa_s->reassociate && !wpa_s->disconnected &&
2585 (!wpa_s->current_ssid ||
2586 wpa_s->wpa_state == WPA_DISCONNECTED ||
2587 wpa_s->wpa_state == WPA_SCANNING)) {
2588 if (wpa_s->sched_scanning) {
2589 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2590 "new network to scan filters");
2591 wpa_supplicant_cancel_sched_scan(wpa_s);
2594 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
2595 wpa_s->scan_req = NORMAL_SCAN_REQ;
2596 wpa_supplicant_req_scan(wpa_s, 0, 0);
2603 * wpa_supplicant_disable_network - Mark a configured network as disabled
2604 * @wpa_s: wpa_supplicant structure for a network interface
2605 * @ssid: wpa_ssid structure for a configured network or %NULL
2607 * Disables the specified network or all networks if no network specified.
2609 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2610 struct wpa_ssid *ssid)
2612 struct wpa_ssid *other_ssid;
2616 if (wpa_s->sched_scanning)
2617 wpa_supplicant_cancel_sched_scan(wpa_s);
2619 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2620 other_ssid = other_ssid->next) {
2621 was_disabled = other_ssid->disabled;
2622 if (was_disabled == 2)
2623 continue; /* do not change persistent P2P group
2626 other_ssid->disabled = 1;
2628 if (was_disabled != other_ssid->disabled)
2629 wpas_notify_network_enabled_changed(
2632 if (wpa_s->current_ssid)
2633 wpa_supplicant_deauthenticate(
2634 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2635 } else if (ssid->disabled != 2) {
2636 if (ssid == wpa_s->current_ssid)
2637 wpa_supplicant_deauthenticate(
2638 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2640 was_disabled = ssid->disabled;
2644 if (was_disabled != ssid->disabled) {
2645 wpas_notify_network_enabled_changed(wpa_s, ssid);
2646 if (wpa_s->sched_scanning) {
2647 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2648 "to remove network from filters");
2649 wpa_supplicant_cancel_sched_scan(wpa_s);
2650 wpa_supplicant_req_scan(wpa_s, 0, 0);
2658 * wpa_supplicant_select_network - Attempt association with a network
2659 * @wpa_s: wpa_supplicant structure for a network interface
2660 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2662 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2663 struct wpa_ssid *ssid)
2666 struct wpa_ssid *other_ssid;
2667 int disconnected = 0;
2669 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2670 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2671 wpa_s->own_disconnect_req = 1;
2672 wpa_supplicant_deauthenticate(
2673 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2678 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2681 * Mark all other networks disabled or mark all networks enabled if no
2682 * network specified.
2684 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2685 other_ssid = other_ssid->next) {
2686 int was_disabled = other_ssid->disabled;
2687 if (was_disabled == 2)
2688 continue; /* do not change persistent P2P group data */
2690 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2691 if (was_disabled && !other_ssid->disabled)
2692 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2694 if (was_disabled != other_ssid->disabled)
2695 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2698 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2699 /* We are already associated with the selected network */
2700 wpa_printf(MSG_DEBUG, "Already associated with the "
2701 "selected network - do nothing");
2706 wpa_s->current_ssid = ssid;
2707 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2708 wpa_s->connect_without_scan =
2709 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
2712 * Don't optimize next scan freqs since a new ESS has been
2715 os_free(wpa_s->next_scan_freqs);
2716 wpa_s->next_scan_freqs = NULL;
2718 wpa_s->connect_without_scan = NULL;
2721 wpa_s->disconnected = 0;
2722 wpa_s->reassociate = 1;
2724 if (wpa_s->connect_without_scan ||
2725 wpa_supplicant_fast_associate(wpa_s) != 1) {
2726 wpa_s->scan_req = NORMAL_SCAN_REQ;
2727 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2731 wpas_notify_network_selected(wpa_s, ssid);
2736 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2737 * @wpa_s: wpa_supplicant structure for a network interface
2738 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2739 * @pkcs11_module_path: PKCS #11 module path or NULL
2740 * Returns: 0 on success; -1 on failure
2742 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2743 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2744 * module path fails the paths will be reset to the default value (NULL).
2746 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2747 const char *pkcs11_engine_path,
2748 const char *pkcs11_module_path)
2750 char *pkcs11_engine_path_copy = NULL;
2751 char *pkcs11_module_path_copy = NULL;
2753 if (pkcs11_engine_path != NULL) {
2754 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2755 if (pkcs11_engine_path_copy == NULL)
2758 if (pkcs11_module_path != NULL) {
2759 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2760 if (pkcs11_module_path_copy == NULL) {
2761 os_free(pkcs11_engine_path_copy);
2766 os_free(wpa_s->conf->pkcs11_engine_path);
2767 os_free(wpa_s->conf->pkcs11_module_path);
2768 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2769 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2771 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2772 eapol_sm_deinit(wpa_s->eapol);
2773 wpa_s->eapol = NULL;
2774 if (wpa_supplicant_init_eapol(wpa_s)) {
2775 /* Error -> Reset paths to the default value (NULL) once. */
2776 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2777 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2782 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2789 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2790 * @wpa_s: wpa_supplicant structure for a network interface
2791 * @ap_scan: AP scan mode
2792 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2795 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2800 if (ap_scan < 0 || ap_scan > 2)
2803 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
2804 wpa_printf(MSG_INFO,
2805 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
2809 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2810 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2811 wpa_s->wpa_state < WPA_COMPLETED) {
2812 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2813 "associating", wpa_s->conf->ap_scan, ap_scan);
2816 #endif /* ANDROID */
2818 old_ap_scan = wpa_s->conf->ap_scan;
2819 wpa_s->conf->ap_scan = ap_scan;
2821 if (old_ap_scan != wpa_s->conf->ap_scan)
2822 wpas_notify_ap_scan_changed(wpa_s);
2829 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2830 * @wpa_s: wpa_supplicant structure for a network interface
2831 * @expire_age: Expiration age in seconds
2832 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2835 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2836 unsigned int bss_expire_age)
2838 if (bss_expire_age < 10) {
2839 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2843 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2845 wpa_s->conf->bss_expiration_age = bss_expire_age;
2852 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2853 * @wpa_s: wpa_supplicant structure for a network interface
2854 * @expire_count: number of scans after which an unseen BSS is reclaimed
2855 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2858 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2859 unsigned int bss_expire_count)
2861 if (bss_expire_count < 1) {
2862 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2866 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2868 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2875 * wpa_supplicant_set_scan_interval - Set scan interval
2876 * @wpa_s: wpa_supplicant structure for a network interface
2877 * @scan_interval: scan interval in seconds
2878 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2881 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2884 if (scan_interval < 0) {
2885 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2889 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2891 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2898 * wpa_supplicant_set_debug_params - Set global debug params
2899 * @global: wpa_global structure
2900 * @debug_level: debug level
2901 * @debug_timestamp: determines if show timestamp in debug data
2902 * @debug_show_keys: determines if show keys in debug data
2903 * Returns: 0 if succeed or -1 if debug_level has wrong value
2905 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2906 int debug_timestamp, int debug_show_keys)
2909 int old_level, old_timestamp, old_show_keys;
2911 /* check for allowed debuglevels */
2912 if (debug_level != MSG_EXCESSIVE &&
2913 debug_level != MSG_MSGDUMP &&
2914 debug_level != MSG_DEBUG &&
2915 debug_level != MSG_INFO &&
2916 debug_level != MSG_WARNING &&
2917 debug_level != MSG_ERROR)
2920 old_level = wpa_debug_level;
2921 old_timestamp = wpa_debug_timestamp;
2922 old_show_keys = wpa_debug_show_keys;
2924 wpa_debug_level = debug_level;
2925 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2926 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2928 if (wpa_debug_level != old_level)
2929 wpas_notify_debug_level_changed(global);
2930 if (wpa_debug_timestamp != old_timestamp)
2931 wpas_notify_debug_timestamp_changed(global);
2932 if (wpa_debug_show_keys != old_show_keys)
2933 wpas_notify_debug_show_keys_changed(global);
2940 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2941 * @wpa_s: Pointer to wpa_supplicant data
2942 * Returns: A pointer to the current network structure or %NULL on failure
2944 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2946 struct wpa_ssid *entry;
2947 u8 ssid[SSID_MAX_LEN];
2953 res = wpa_drv_get_ssid(wpa_s, ssid);
2955 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2961 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2962 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2967 wired = wpa_s->conf->ap_scan == 0 &&
2968 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2970 entry = wpa_s->conf->ssid;
2972 if (!wpas_network_disabled(wpa_s, entry) &&
2973 ((ssid_len == entry->ssid_len &&
2974 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2975 (!entry->bssid_set ||
2976 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2979 if (!wpas_network_disabled(wpa_s, entry) &&
2980 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2981 (entry->ssid == NULL || entry->ssid_len == 0) &&
2982 (!entry->bssid_set ||
2983 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2985 #endif /* CONFIG_WPS */
2987 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2988 entry->ssid_len == 0 &&
2989 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2992 entry = entry->next;
2999 static int select_driver(struct wpa_supplicant *wpa_s, int i)
3001 struct wpa_global *global = wpa_s->global;
3003 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
3004 global->drv_priv[i] = wpa_drivers[i]->global_init();
3005 if (global->drv_priv[i] == NULL) {
3006 wpa_printf(MSG_ERROR, "Failed to initialize driver "
3007 "'%s'", wpa_drivers[i]->name);
3012 wpa_s->driver = wpa_drivers[i];
3013 wpa_s->global_drv_priv = global->drv_priv[i];
3019 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
3024 const char *pos, *driver = name;
3029 if (wpa_drivers[0] == NULL) {
3030 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
3036 /* default to first driver in the list */
3037 return select_driver(wpa_s, 0);
3041 pos = os_strchr(driver, ',');
3045 len = os_strlen(driver);
3047 for (i = 0; wpa_drivers[i]; i++) {
3048 if (os_strlen(wpa_drivers[i]->name) == len &&
3049 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3051 /* First driver that succeeds wins */
3052 if (select_driver(wpa_s, i) == 0)
3060 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3066 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3067 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3068 * with struct wpa_driver_ops::init()
3069 * @src_addr: Source address of the EAPOL frame
3070 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3071 * @len: Length of the EAPOL data
3073 * This function is called for each received EAPOL frame. Most driver
3074 * interfaces rely on more generic OS mechanism for receiving frames through
3075 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3076 * take care of received EAPOL frames and deliver them to the core supplicant
3077 * code by calling this function.
3079 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3080 const u8 *buf, size_t len)
3082 struct wpa_supplicant *wpa_s = ctx;
3084 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3085 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3087 #ifdef CONFIG_PEERKEY
3088 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3089 wpa_s->current_ssid->peerkey &&
3090 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3091 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3092 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3095 #endif /* CONFIG_PEERKEY */
3097 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3098 (wpa_s->last_eapol_matches_bssid &&
3101 #endif /* CONFIG_AP */
3102 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3104 * There is possible race condition between receiving the
3105 * association event and the EAPOL frame since they are coming
3106 * through different paths from the driver. In order to avoid
3107 * issues in trying to process the EAPOL frame before receiving
3108 * association information, lets queue it for processing until
3109 * the association event is received. This may also be needed in
3110 * driver-based roaming case, so also use src_addr != BSSID as a
3111 * trigger if we have previously confirmed that the
3112 * Authenticator uses BSSID as the src_addr (which is not the
3113 * case with wired IEEE 802.1X).
3115 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3116 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3117 wpa_supplicant_state_txt(wpa_s->wpa_state),
3118 MAC2STR(wpa_s->bssid));
3119 wpabuf_free(wpa_s->pending_eapol_rx);
3120 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3121 if (wpa_s->pending_eapol_rx) {
3122 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3123 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3129 wpa_s->last_eapol_matches_bssid =
3130 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3133 if (wpa_s->ap_iface) {
3134 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3137 #endif /* CONFIG_AP */
3139 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3140 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3141 "no key management is configured");
3145 if (wpa_s->eapol_received == 0 &&
3146 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3147 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3148 wpa_s->wpa_state != WPA_COMPLETED) &&
3149 (wpa_s->current_ssid == NULL ||
3150 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3151 /* Timeout for completing IEEE 802.1X and WPA authentication */
3154 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3155 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3156 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3157 /* Use longer timeout for IEEE 802.1X/EAP */
3162 if (wpa_s->current_ssid && wpa_s->current_bss &&
3163 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3164 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3166 * Use shorter timeout if going through WPS AP iteration
3167 * for PIN config method with an AP that does not
3168 * advertise Selected Registrar.
3170 struct wpabuf *wps_ie;
3172 wps_ie = wpa_bss_get_vendor_ie_multi(
3173 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3175 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3177 wpabuf_free(wps_ie);
3179 #endif /* CONFIG_WPS */
3181 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3183 wpa_s->eapol_received++;
3185 if (wpa_s->countermeasures) {
3186 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3191 #ifdef CONFIG_IBSS_RSN
3192 if (wpa_s->current_ssid &&
3193 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3194 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3197 #endif /* CONFIG_IBSS_RSN */
3199 /* Source address of the incoming EAPOL frame could be compared to the
3200 * current BSSID. However, it is possible that a centralized
3201 * Authenticator could be using another MAC address than the BSSID of
3202 * an AP, so just allow any address to be used for now. The replies are
3203 * still sent to the current BSSID (if available), though. */
3205 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3206 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3207 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3209 wpa_drv_poll(wpa_s);
3210 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3211 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3212 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3214 * Set portValid = TRUE here since we are going to skip 4-way
3215 * handshake processing which would normally set portValid. We
3216 * need this to allow the EAPOL state machines to be completed
3217 * without going through EAPOL-Key handshake.
3219 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3224 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3226 if ((!wpa_s->p2p_mgmt ||
3227 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3228 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3229 l2_packet_deinit(wpa_s->l2);
3230 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3231 wpa_drv_get_mac_addr(wpa_s),
3233 wpa_supplicant_rx_eapol, wpa_s, 0);
3234 if (wpa_s->l2 == NULL)
3237 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3239 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3242 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3243 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3247 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3253 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3254 const u8 *buf, size_t len)
3256 struct wpa_supplicant *wpa_s = ctx;
3257 const struct l2_ethhdr *eth;
3259 if (len < sizeof(*eth))
3261 eth = (const struct l2_ethhdr *) buf;
3263 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3264 !(eth->h_dest[0] & 0x01)) {
3265 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3266 " (bridge - not for this interface - ignore)",
3267 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3271 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3272 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3273 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3274 len - sizeof(*eth));
3279 * wpa_supplicant_driver_init - Initialize driver interface parameters
3280 * @wpa_s: Pointer to wpa_supplicant data
3281 * Returns: 0 on success, -1 on failure
3283 * This function is called to initialize driver interface parameters.
3284 * wpa_drv_init() must have been called before this function to initialize the
3287 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3289 static int interface_count = 0;
3291 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3294 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3295 MAC2STR(wpa_s->own_addr));
3296 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3297 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3299 if (wpa_s->bridge_ifname[0]) {
3300 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3301 "interface '%s'", wpa_s->bridge_ifname);
3302 wpa_s->l2_br = l2_packet_init_bridge(
3303 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3304 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3305 if (wpa_s->l2_br == NULL) {
3306 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3307 "connection for the bridge interface '%s'",
3308 wpa_s->bridge_ifname);
3313 if (wpa_s->conf->ap_scan == 2 &&
3314 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
3315 wpa_printf(MSG_INFO,
3316 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
3319 wpa_clear_keys(wpa_s, NULL);
3321 /* Make sure that TKIP countermeasures are not left enabled (could
3322 * happen if wpa_supplicant is killed during countermeasures. */
3323 wpa_drv_set_countermeasures(wpa_s, 0);
3325 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3326 wpa_drv_flush_pmkid(wpa_s);
3328 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3329 wpa_s->prev_scan_wildcard = 0;
3331 if (wpa_supplicant_enabled_networks(wpa_s)) {
3332 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3333 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3334 interface_count = 0;
3337 if (!wpa_s->p2p_mgmt &&
3338 wpa_supplicant_delayed_sched_scan(wpa_s,
3339 interface_count % 3,
3341 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3343 #endif /* ANDROID */
3346 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3352 static int wpa_supplicant_daemon(const char *pid_file)
3354 wpa_printf(MSG_DEBUG, "Daemonize..");
3355 return os_daemonize(pid_file);
3359 static struct wpa_supplicant *
3360 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3362 struct wpa_supplicant *wpa_s;
3364 wpa_s = os_zalloc(sizeof(*wpa_s));
3367 wpa_s->scan_req = INITIAL_SCAN_REQ;
3368 wpa_s->scan_interval = 5;
3369 wpa_s->new_connection = 1;
3370 wpa_s->parent = parent ? parent : wpa_s;
3371 wpa_s->sched_scanning = 0;
3377 #ifdef CONFIG_HT_OVERRIDES
3379 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3380 struct ieee80211_ht_capabilities *htcaps,
3381 struct ieee80211_ht_capabilities *htcaps_mask,
3384 /* parse ht_mcs into hex array */
3386 const char *tmp = ht_mcs;
3389 /* If ht_mcs is null, do not set anything */
3393 /* This is what we are setting in the kernel */
3394 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3396 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3398 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3400 long v = strtol(tmp, &end, 16);
3402 wpa_msg(wpa_s, MSG_DEBUG,
3403 "htcap value[%i]: %ld end: %p tmp: %p",
3408 htcaps->supported_mcs_set[i] = v;
3411 wpa_msg(wpa_s, MSG_ERROR,
3412 "Failed to parse ht-mcs: %s, error: %s\n",
3413 ht_mcs, strerror(errno));
3419 * If we were able to parse any values, then set mask for the MCS set.
3422 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3423 IEEE80211_HT_MCS_MASK_LEN - 1);
3424 /* skip the 3 reserved bits */
3425 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3433 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3434 struct ieee80211_ht_capabilities *htcaps,
3435 struct ieee80211_ht_capabilities *htcaps_mask,
3440 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3445 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3446 htcaps_mask->ht_capabilities_info |= msk;
3448 htcaps->ht_capabilities_info &= msk;
3450 htcaps->ht_capabilities_info |= msk;
3456 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3457 struct ieee80211_ht_capabilities *htcaps,
3458 struct ieee80211_ht_capabilities *htcaps_mask,
3461 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3466 if (factor < 0 || factor > 3) {
3467 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3468 "Must be 0-3 or -1", factor);
3472 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3473 htcaps->a_mpdu_params &= ~0x3;
3474 htcaps->a_mpdu_params |= factor & 0x3;
3480 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3481 struct ieee80211_ht_capabilities *htcaps,
3482 struct ieee80211_ht_capabilities *htcaps_mask,
3485 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3490 if (density < 0 || density > 7) {
3491 wpa_msg(wpa_s, MSG_ERROR,
3492 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3497 htcaps_mask->a_mpdu_params |= 0x1C;
3498 htcaps->a_mpdu_params &= ~(0x1C);
3499 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3505 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3506 struct ieee80211_ht_capabilities *htcaps,
3507 struct ieee80211_ht_capabilities *htcaps_mask,
3510 /* Masking these out disables HT40 */
3511 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3512 HT_CAP_INFO_SHORT_GI40MHZ);
3514 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3517 htcaps->ht_capabilities_info &= ~msk;
3519 htcaps->ht_capabilities_info |= msk;
3521 htcaps_mask->ht_capabilities_info |= msk;
3527 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3528 struct ieee80211_ht_capabilities *htcaps,
3529 struct ieee80211_ht_capabilities *htcaps_mask,
3532 /* Masking these out disables SGI */
3533 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3534 HT_CAP_INFO_SHORT_GI40MHZ);
3536 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3539 htcaps->ht_capabilities_info &= ~msk;
3541 htcaps->ht_capabilities_info |= msk;
3543 htcaps_mask->ht_capabilities_info |= msk;
3549 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3550 struct ieee80211_ht_capabilities *htcaps,
3551 struct ieee80211_ht_capabilities *htcaps_mask,
3554 /* Masking these out disables LDPC */
3555 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3557 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3560 htcaps->ht_capabilities_info &= ~msk;
3562 htcaps->ht_capabilities_info |= msk;
3564 htcaps_mask->ht_capabilities_info |= msk;
3570 void wpa_supplicant_apply_ht_overrides(
3571 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3572 struct wpa_driver_associate_params *params)
3574 struct ieee80211_ht_capabilities *htcaps;
3575 struct ieee80211_ht_capabilities *htcaps_mask;
3580 params->disable_ht = ssid->disable_ht;
3581 if (!params->htcaps || !params->htcaps_mask)
3584 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3585 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3586 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3587 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3588 ssid->disable_max_amsdu);
3589 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3590 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3591 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3592 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3593 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3595 if (ssid->ht40_intolerant) {
3596 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3597 htcaps->ht_capabilities_info |= bit;
3598 htcaps_mask->ht_capabilities_info |= bit;
3602 #endif /* CONFIG_HT_OVERRIDES */
3605 #ifdef CONFIG_VHT_OVERRIDES
3606 void wpa_supplicant_apply_vht_overrides(
3607 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3608 struct wpa_driver_associate_params *params)
3610 struct ieee80211_vht_capabilities *vhtcaps;
3611 struct ieee80211_vht_capabilities *vhtcaps_mask;
3616 params->disable_vht = ssid->disable_vht;
3618 vhtcaps = (void *) params->vhtcaps;
3619 vhtcaps_mask = (void *) params->vhtcaps_mask;
3621 if (!vhtcaps || !vhtcaps_mask)
3624 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3625 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3627 #ifdef CONFIG_HT_OVERRIDES
3628 /* if max ampdu is <= 3, we have to make the HT cap the same */
3629 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3632 max_ampdu = (ssid->vht_capa &
3633 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3634 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3636 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3637 wpa_set_ampdu_factor(wpa_s,
3638 (void *) params->htcaps,
3639 (void *) params->htcaps_mask,
3642 #endif /* CONFIG_HT_OVERRIDES */
3644 #define OVERRIDE_MCS(i) \
3645 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3646 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3648 vhtcaps->vht_supported_mcs_set.tx_map |= \
3649 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3651 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3652 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3654 vhtcaps->vht_supported_mcs_set.rx_map |= \
3655 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3667 #endif /* CONFIG_VHT_OVERRIDES */
3670 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3675 if (!wpa_s->conf->pcsc_reader)
3678 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3682 if (wpa_s->conf->pcsc_pin &&
3683 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3684 scard_deinit(wpa_s->scard);
3685 wpa_s->scard = NULL;
3686 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3690 len = sizeof(wpa_s->imsi) - 1;
3691 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3692 scard_deinit(wpa_s->scard);
3693 wpa_s->scard = NULL;
3694 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3697 wpa_s->imsi[len] = '\0';
3699 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3701 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3702 wpa_s->imsi, wpa_s->mnc_len);
3704 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3705 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3706 #endif /* PCSC_FUNCS */
3712 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3716 ext_password_deinit(wpa_s->ext_pw);
3717 wpa_s->ext_pw = NULL;
3718 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3720 if (!wpa_s->conf->ext_password_backend)
3723 val = os_strdup(wpa_s->conf->ext_password_backend);
3726 pos = os_strchr(val, ':');
3730 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3732 wpa_s->ext_pw = ext_password_init(val, pos);
3734 if (wpa_s->ext_pw == NULL) {
3735 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3738 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3746 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
3748 struct wpa_supplicant *wpa_s = ctx;
3750 return (is_zero_ether_addr(wpa_s->bssid) ||
3751 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
3755 static void wpas_fst_get_channel_info_cb(void *ctx,
3756 enum hostapd_hw_mode *hw_mode,
3759 struct wpa_supplicant *wpa_s = ctx;
3761 if (wpa_s->current_bss) {
3762 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
3764 } else if (wpa_s->hw.num_modes) {
3765 *hw_mode = wpa_s->hw.modes[0].mode;
3773 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
3775 struct wpa_supplicant *wpa_s = ctx;
3777 *modes = wpa_s->hw.modes;
3778 return wpa_s->hw.num_modes;
3782 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
3784 struct wpa_supplicant *wpa_s = ctx;
3786 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
3787 wpa_s->fst_ies = fst_ies;
3791 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
3793 struct wpa_supplicant *wpa_s = ctx;
3795 WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0);
3796 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
3797 wpa_s->own_addr, wpa_s->bssid,
3798 wpabuf_head(data), wpabuf_len(data),
3803 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
3805 struct wpa_supplicant *wpa_s = ctx;
3807 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
3808 return wpa_s->received_mb_ies;
3812 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
3813 const u8 *buf, size_t size)
3815 struct wpa_supplicant *wpa_s = ctx;
3816 struct mb_ies_info info;
3818 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
3820 if (!mb_ies_info_by_ies(&info, buf, size)) {
3821 wpabuf_free(wpa_s->received_mb_ies);
3822 wpa_s->received_mb_ies = mb_ies_by_info(&info);
3827 const u8 * wpas_fst_get_peer_first(void *ctx, struct fst_get_peer_ctx **get_ctx,
3830 struct wpa_supplicant *wpa_s = ctx;
3833 if (!is_zero_ether_addr(wpa_s->bssid))
3834 return (wpa_s->received_mb_ies || !mb_only) ?
3835 wpa_s->bssid : NULL;
3840 const u8 * wpas_fst_get_peer_next(void *ctx, struct fst_get_peer_ctx **get_ctx,
3846 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
3847 struct fst_wpa_obj *iface_obj)
3849 iface_obj->ctx = wpa_s;
3850 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
3851 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
3852 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
3853 iface_obj->set_ies = wpas_fst_set_ies_cb;
3854 iface_obj->send_action = wpas_fst_send_action_cb;
3855 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
3856 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
3857 iface_obj->get_peer_first = wpas_fst_get_peer_first;
3858 iface_obj->get_peer_next = wpas_fst_get_peer_next;
3860 #endif /* CONFIG_FST */
3862 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3863 const struct wpa_driver_capa *capa)
3865 struct wowlan_triggers *triggers;
3868 if (!wpa_s->conf->wowlan_triggers)
3871 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
3873 ret = wpa_drv_wowlan(wpa_s, triggers);
3880 static enum wpa_radio_work_band wpas_freq_to_band(int freq)
3883 return BAND_2_4_GHZ;
3890 static unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s,
3894 unsigned int band = 0;
3897 /* freqs are specified for the radio work */
3898 for (i = 0; freqs[i]; i++)
3899 band |= wpas_freq_to_band(freqs[i]);
3902 * freqs are not specified, implies all
3903 * the supported freqs by HW
3905 for (i = 0; i < wpa_s->hw.num_modes; i++) {
3906 if (wpa_s->hw.modes[i].num_channels != 0) {
3907 if (wpa_s->hw.modes[i].mode ==
3908 HOSTAPD_MODE_IEEE80211B ||
3909 wpa_s->hw.modes[i].mode ==
3910 HOSTAPD_MODE_IEEE80211G)
3911 band |= BAND_2_4_GHZ;
3912 else if (wpa_s->hw.modes[i].mode ==
3913 HOSTAPD_MODE_IEEE80211A)
3915 else if (wpa_s->hw.modes[i].mode ==
3916 HOSTAPD_MODE_IEEE80211AD)
3917 band |= BAND_60_GHZ;
3918 else if (wpa_s->hw.modes[i].mode ==
3919 HOSTAPD_MODE_IEEE80211ANY)
3920 band = BAND_2_4_GHZ | BAND_5_GHZ |
3930 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3933 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3934 struct wpa_radio *radio;
3936 while (rn && iface) {
3937 radio = iface->radio;
3938 if (radio && os_strcmp(rn, radio->name) == 0) {
3939 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3941 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3945 iface = iface->next;
3948 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3949 wpa_s->ifname, rn ? rn : "N/A");
3950 radio = os_zalloc(sizeof(*radio));
3955 os_strlcpy(radio->name, rn, sizeof(radio->name));
3956 dl_list_init(&radio->ifaces);
3957 dl_list_init(&radio->work);
3958 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3964 static void radio_work_free(struct wpa_radio_work *work)
3966 if (work->wpa_s->scan_work == work) {
3967 /* This should not really happen. */
3968 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3969 work->type, work, work->started);
3970 work->wpa_s->scan_work = NULL;
3974 if (work->wpa_s->p2p_scan_work == work) {
3975 /* This should not really happen. */
3976 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3977 work->type, work, work->started);
3978 work->wpa_s->p2p_scan_work = NULL;
3980 #endif /* CONFIG_P2P */
3982 if (work->started) {
3983 work->wpa_s->radio->num_active_works--;
3984 wpa_dbg(work->wpa_s, MSG_DEBUG,
3985 "radio_work_free('%s'@%p: num_active_works --> %u",
3987 work->wpa_s->radio->num_active_works);
3990 dl_list_del(&work->list);
3995 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
3997 struct wpa_radio_work *active_work = NULL;
3998 struct wpa_radio_work *tmp;
4000 /* Get the active work to know the type and band. */
4001 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4009 /* No active work, start one */
4010 radio->num_active_works = 0;
4011 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
4013 if (os_strcmp(tmp->type, "scan") == 0 &&
4014 radio->external_scan_running &&
4015 (((struct wpa_driver_scan_params *)
4016 tmp->ctx)->only_new_results ||
4017 tmp->wpa_s->clear_driver_scan_cache))
4024 if (os_strcmp(active_work->type, "sme-connect") == 0 ||
4025 os_strcmp(active_work->type, "connect") == 0) {
4027 * If the active work is either connect or sme-connect,
4028 * do not parallelize them with other radio works.
4030 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4031 "Do not parallelize radio work with %s",
4036 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
4041 * If connect or sme-connect are enqueued, parallelize only
4042 * those operations ahead of them in the queue.
4044 if (os_strcmp(tmp->type, "connect") == 0 ||
4045 os_strcmp(tmp->type, "sme-connect") == 0)
4049 * Check that the radio works are distinct and
4050 * on different bands.
4052 if (os_strcmp(active_work->type, tmp->type) != 0 &&
4053 (active_work->bands != tmp->bands)) {
4055 * If a scan has to be scheduled through nl80211 scan
4056 * interface and if an external scan is already running,
4057 * do not schedule the scan since it is likely to get
4058 * rejected by kernel.
4060 if (os_strcmp(tmp->type, "scan") == 0 &&
4061 radio->external_scan_running &&
4062 (((struct wpa_driver_scan_params *)
4063 tmp->ctx)->only_new_results ||
4064 tmp->wpa_s->clear_driver_scan_cache))
4067 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
4068 "active_work:%s new_work:%s",
4069 active_work->type, tmp->type);
4074 /* Did not find a radio work to schedule in parallel. */
4079 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
4081 struct wpa_radio *radio = eloop_ctx;
4082 struct wpa_radio_work *work;
4083 struct os_reltime now, diff;
4084 struct wpa_supplicant *wpa_s;
4086 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
4088 radio->num_active_works = 0;
4092 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
4096 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
4098 return; /* already started and still in progress */
4100 if (wpa_s && wpa_s->radio->external_scan_running) {
4101 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
4106 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
4107 /* get the work to schedule next */
4108 work = radio_work_get_next_work(radio);
4114 wpa_s = work->wpa_s;
4115 os_get_reltime(&now);
4116 os_reltime_sub(&now, &work->time, &diff);
4117 wpa_dbg(wpa_s, MSG_DEBUG,
4118 "Starting radio work '%s'@%p after %ld.%06ld second wait",
4119 work->type, work, diff.sec, diff.usec);
4122 radio->num_active_works++;
4126 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
4127 radio->num_active_works < MAX_ACTIVE_WORKS)
4128 radio_work_check_next(wpa_s);
4133 * This function removes both started and pending radio works running on
4134 * the provided interface's radio.
4135 * Prior to the removal of the radio work, its callback (cb) is called with
4136 * deinit set to be 1. Each work's callback is responsible for clearing its
4137 * internal data and restoring to a correct state.
4138 * @wpa_s: wpa_supplicant data
4139 * @type: type of works to be removed
4140 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
4141 * this interface's works.
4143 void radio_remove_works(struct wpa_supplicant *wpa_s,
4144 const char *type, int remove_all)
4146 struct wpa_radio_work *work, *tmp;
4147 struct wpa_radio *radio = wpa_s->radio;
4149 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
4151 if (type && os_strcmp(type, work->type) != 0)
4154 /* skip other ifaces' works */
4155 if (!remove_all && work->wpa_s != wpa_s)
4158 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
4159 work->type, work, work->started ? " (started)" : "");
4161 radio_work_free(work);
4164 /* in case we removed the started work */
4165 radio_work_check_next(wpa_s);
4169 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
4171 struct wpa_radio *radio = wpa_s->radio;
4176 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
4177 wpa_s->ifname, radio->name);
4178 dl_list_del(&wpa_s->radio_list);
4179 radio_remove_works(wpa_s, NULL, 0);
4180 wpa_s->radio = NULL;
4181 if (!dl_list_empty(&radio->ifaces))
4182 return; /* Interfaces remain for this radio */
4184 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
4185 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4190 void radio_work_check_next(struct wpa_supplicant *wpa_s)
4192 struct wpa_radio *radio = wpa_s->radio;
4194 if (dl_list_empty(&radio->work))
4196 if (wpa_s->ext_work_in_progress) {
4197 wpa_printf(MSG_DEBUG,
4198 "External radio work in progress - delay start of pending item");
4201 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
4202 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
4207 * radio_add_work - Add a radio work item
4208 * @wpa_s: Pointer to wpa_supplicant data
4209 * @freq: Frequency of the offchannel operation in MHz or 0
4210 * @type: Unique identifier for each type of work
4211 * @next: Force as the next work to be executed
4212 * @cb: Callback function for indicating when radio is available
4213 * @ctx: Context pointer for the work (work->ctx in cb())
4214 * Returns: 0 on success, -1 on failure
4216 * This function is used to request time for an operation that requires
4217 * exclusive radio control. Once the radio is available, the registered callback
4218 * function will be called. radio_work_done() must be called once the exclusive
4219 * radio operation has been completed, so that the radio is freed for other
4220 * operations. The special case of deinit=1 is used to free the context data
4221 * during interface removal. That does not allow the callback function to start
4222 * the radio operation, i.e., it must free any resources allocated for the radio
4225 * The @freq parameter can be used to indicate a single channel on which the
4226 * offchannel operation will occur. This may allow multiple radio work
4227 * operations to be performed in parallel if they apply for the same channel.
4228 * Setting this to 0 indicates that the work item may use multiple channels or
4229 * requires exclusive control of the radio.
4231 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
4232 const char *type, int next,
4233 void (*cb)(struct wpa_radio_work *work, int deinit),
4236 struct wpa_radio *radio = wpa_s->radio;
4237 struct wpa_radio_work *work;
4240 work = os_zalloc(sizeof(*work));
4243 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
4244 os_get_reltime(&work->time);
4247 work->wpa_s = wpa_s;
4252 work->bands = wpas_freq_to_band(freq);
4253 else if (os_strcmp(type, "scan") == 0 ||
4254 os_strcmp(type, "p2p-scan") == 0)
4255 work->bands = wpas_get_bands(wpa_s,
4256 ((struct wpa_driver_scan_params *)
4259 work->bands = wpas_get_bands(wpa_s, NULL);
4261 was_empty = dl_list_empty(&wpa_s->radio->work);
4263 dl_list_add(&wpa_s->radio->work, &work->list);
4265 dl_list_add_tail(&wpa_s->radio->work, &work->list);
4267 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
4268 radio_work_check_next(wpa_s);
4269 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
4270 && radio->num_active_works < MAX_ACTIVE_WORKS) {
4271 wpa_dbg(wpa_s, MSG_DEBUG,
4272 "Try to schedule a radio work (num_active_works=%u)",
4273 radio->num_active_works);
4274 radio_work_check_next(wpa_s);
4282 * radio_work_done - Indicate that a radio work item has been completed
4283 * @work: Completed work
4285 * This function is called once the callback function registered with
4286 * radio_add_work() has completed its work.
4288 void radio_work_done(struct wpa_radio_work *work)
4290 struct wpa_supplicant *wpa_s = work->wpa_s;
4291 struct os_reltime now, diff;
4292 unsigned int started = work->started;
4294 os_get_reltime(&now);
4295 os_reltime_sub(&now, &work->time, &diff);
4296 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
4297 work->type, work, started ? "done" : "canceled",
4298 diff.sec, diff.usec);
4299 radio_work_free(work);
4301 radio_work_check_next(wpa_s);
4305 struct wpa_radio_work *
4306 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
4308 struct wpa_radio_work *work;
4309 struct wpa_radio *radio = wpa_s->radio;
4311 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
4312 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
4320 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
4321 struct wpa_interface *iface)
4323 const char *ifname, *driver, *rn;
4325 driver = iface->driver;
4327 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
4330 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
4331 if (wpa_s->drv_priv == NULL) {
4333 pos = driver ? os_strchr(driver, ',') : NULL;
4335 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
4336 "driver interface - try next driver wrapper");
4340 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4344 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4345 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4346 "driver_param '%s'", wpa_s->conf->driver_param);
4350 ifname = wpa_drv_get_ifname(wpa_s);
4351 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4352 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4353 "interface name with '%s'", ifname);
4354 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4357 rn = wpa_driver_get_radio_name(wpa_s);
4358 if (rn && rn[0] == '\0')
4361 wpa_s->radio = radio_add_interface(wpa_s, rn);
4362 if (wpa_s->radio == NULL)
4369 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4370 struct wpa_interface *iface)
4372 struct wpa_driver_capa capa;
4375 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4376 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4377 iface->confname ? iface->confname : "N/A",
4378 iface->driver ? iface->driver : "default",
4379 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4380 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4382 if (iface->confname) {
4383 #ifdef CONFIG_BACKEND_FILE
4384 wpa_s->confname = os_rel2abs_path(iface->confname);
4385 if (wpa_s->confname == NULL) {
4386 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4387 "for configuration file '%s'.",
4391 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4392 iface->confname, wpa_s->confname);
4393 #else /* CONFIG_BACKEND_FILE */
4394 wpa_s->confname = os_strdup(iface->confname);
4395 #endif /* CONFIG_BACKEND_FILE */
4396 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4397 if (wpa_s->conf == NULL) {
4398 wpa_printf(MSG_ERROR, "Failed to read or parse "
4399 "configuration '%s'.", wpa_s->confname);
4402 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4403 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4406 * Override ctrl_interface and driver_param if set on command
4409 if (iface->ctrl_interface) {
4410 os_free(wpa_s->conf->ctrl_interface);
4411 wpa_s->conf->ctrl_interface =
4412 os_strdup(iface->ctrl_interface);
4415 if (iface->driver_param) {
4416 os_free(wpa_s->conf->driver_param);
4417 wpa_s->conf->driver_param =
4418 os_strdup(iface->driver_param);
4421 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4422 os_free(wpa_s->conf->ctrl_interface);
4423 wpa_s->conf->ctrl_interface = NULL;
4426 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4427 iface->driver_param);
4429 if (wpa_s->conf == NULL) {
4430 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4434 if (iface->ifname == NULL) {
4435 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4438 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4439 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4443 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4445 if (iface->bridge_ifname) {
4446 if (os_strlen(iface->bridge_ifname) >=
4447 sizeof(wpa_s->bridge_ifname)) {
4448 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4449 "name '%s'.", iface->bridge_ifname);
4452 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4453 sizeof(wpa_s->bridge_ifname));
4456 /* RSNA Supplicant Key Management - INITIALIZE */
4457 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4458 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4460 /* Initialize driver interface and register driver event handler before
4461 * L2 receive handler so that association events are processed before
4462 * EAPOL-Key packets if both become available for the same select()
4464 if (wpas_init_driver(wpa_s, iface) < 0)
4467 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4470 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4471 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4473 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4475 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4476 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4477 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4478 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4479 "dot11RSNAConfigPMKLifetime");
4483 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4484 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4485 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4486 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4487 "dot11RSNAConfigPMKReauthThreshold");
4491 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4492 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4493 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4494 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4495 "dot11RSNAConfigSATimeout");
4499 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4500 &wpa_s->hw.num_modes,
4502 if (wpa_s->hw.modes) {
4505 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4506 if (wpa_s->hw.modes[i].vht_capab) {
4507 wpa_s->hw_capab = CAPAB_VHT;
4511 if (wpa_s->hw.modes[i].ht_capab &
4512 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4513 wpa_s->hw_capab = CAPAB_HT40;
4514 else if (wpa_s->hw.modes[i].ht_capab &&
4515 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4516 wpa_s->hw_capab = CAPAB_HT;
4520 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4521 if (capa_res == 0) {
4522 wpa_s->drv_capa_known = 1;
4523 wpa_s->drv_flags = capa.flags;
4524 wpa_s->drv_enc = capa.enc;
4525 wpa_s->drv_smps_modes = capa.smps_modes;
4526 wpa_s->drv_rrm_flags = capa.rrm_flags;
4527 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4528 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4529 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4530 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4531 wpa_s->max_match_sets = capa.max_match_sets;
4532 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4533 wpa_s->max_stations = capa.max_stations;
4534 wpa_s->extended_capa = capa.extended_capa;
4535 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4536 wpa_s->extended_capa_len = capa.extended_capa_len;
4537 wpa_s->num_multichan_concurrent =
4538 capa.num_multichan_concurrent;
4539 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4541 if (capa.mac_addr_rand_scan_supported)
4542 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4543 if (wpa_s->sched_scan_supported &&
4544 capa.mac_addr_rand_sched_scan_supported)
4545 wpa_s->mac_addr_rand_supported |=
4546 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4548 if (wpa_s->max_remain_on_chan == 0)
4549 wpa_s->max_remain_on_chan = 1000;
4552 * Only take p2p_mgmt parameters when P2P Device is supported.
4553 * Doing it here as it determines whether l2_packet_init() will be done
4554 * during wpa_supplicant_driver_init().
4556 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4557 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4559 iface->p2p_mgmt = 1;
4561 if (wpa_s->num_multichan_concurrent == 0)
4562 wpa_s->num_multichan_concurrent = 1;
4564 if (wpa_supplicant_driver_init(wpa_s) < 0)
4568 if ((!iface->p2p_mgmt ||
4569 !(wpa_s->drv_flags &
4570 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4571 wpa_tdls_init(wpa_s->wpa))
4573 #endif /* CONFIG_TDLS */
4575 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4576 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4577 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4582 if (wpa_s->conf->fst_group_id) {
4583 struct fst_iface_cfg cfg;
4584 struct fst_wpa_obj iface_obj;
4586 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
4587 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
4588 sizeof(cfg.group_id));
4589 cfg.priority = wpa_s->conf->fst_priority;
4590 cfg.llt = wpa_s->conf->fst_llt;
4592 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
4595 wpa_msg(wpa_s, MSG_ERROR,
4596 "FST: Cannot attach iface %s to group %s",
4597 wpa_s->ifname, cfg.group_id);
4601 #endif /* CONFIG_FST */
4603 if (wpas_wps_init(wpa_s))
4606 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4608 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4610 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4611 if (wpa_s->ctrl_iface == NULL) {
4612 wpa_printf(MSG_ERROR,
4613 "Failed to initialize control interface '%s'.\n"
4614 "You may have another wpa_supplicant process "
4615 "already running or the file was\n"
4616 "left by an unclean termination of wpa_supplicant "
4617 "in which case you will need\n"
4618 "to manually remove this file before starting "
4619 "wpa_supplicant again.\n",
4620 wpa_s->conf->ctrl_interface);
4624 wpa_s->gas = gas_query_init(wpa_s);
4625 if (wpa_s->gas == NULL) {
4626 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4630 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4631 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4635 if (wpa_bss_init(wpa_s) < 0)
4639 * Set Wake-on-WLAN triggers, if configured.
4640 * Note: We don't restore/remove the triggers on shutdown (it doesn't
4641 * have effect anyway when the interface is down).
4643 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
4646 #ifdef CONFIG_EAP_PROXY
4649 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
4651 if (wpa_s->mnc_len > 0) {
4652 wpa_s->imsi[len] = '\0';
4653 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
4654 wpa_s->imsi, wpa_s->mnc_len);
4656 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
4659 #endif /* CONFIG_EAP_PROXY */
4661 if (pcsc_reader_init(wpa_s) < 0)
4664 if (wpas_init_ext_pw(wpa_s) < 0)
4667 wpas_rrm_reset(wpa_s);
4673 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
4674 int notify, int terminate)
4676 struct wpa_global *global = wpa_s->global;
4677 struct wpa_supplicant *iface, *prev;
4679 if (wpa_s == wpa_s->parent)
4680 wpas_p2p_group_remove(wpa_s, "*");
4682 iface = global->ifaces;
4684 if (iface == wpa_s || iface->parent != wpa_s) {
4685 iface = iface->next;
4688 wpa_printf(MSG_DEBUG,
4689 "Remove remaining child interface %s from parent %s",
4690 iface->ifname, wpa_s->ifname);
4692 iface = iface->next;
4693 wpa_supplicant_remove_iface(global, prev, terminate);
4696 wpa_s->disconnected = 1;
4697 if (wpa_s->drv_priv) {
4698 wpa_supplicant_deauthenticate(wpa_s,
4699 WLAN_REASON_DEAUTH_LEAVING);
4701 wpa_drv_set_countermeasures(wpa_s, 0);
4702 wpa_clear_keys(wpa_s, NULL);
4705 wpa_supplicant_cleanup(wpa_s);
4706 wpas_p2p_deinit_iface(wpa_s);
4708 wpas_ctrl_radio_work_flush(wpa_s);
4709 radio_remove_interface(wpa_s);
4713 fst_detach(wpa_s->fst);
4716 if (wpa_s->received_mb_ies) {
4717 wpabuf_free(wpa_s->received_mb_ies);
4718 wpa_s->received_mb_ies = NULL;
4720 #endif /* CONFIG_FST */
4722 if (wpa_s->drv_priv)
4723 wpa_drv_deinit(wpa_s);
4726 wpas_notify_iface_removed(wpa_s);
4729 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
4731 if (wpa_s->ctrl_iface) {
4732 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
4733 wpa_s->ctrl_iface = NULL;
4738 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
4739 wpa_s->ifmsh = NULL;
4741 #endif /* CONFIG_MESH */
4743 if (wpa_s->conf != NULL) {
4744 wpa_config_free(wpa_s->conf);
4748 os_free(wpa_s->ssids_from_scan_req);
4755 * wpa_supplicant_add_iface - Add a new network interface
4756 * @global: Pointer to global data from wpa_supplicant_init()
4757 * @iface: Interface configuration options
4758 * @parent: Parent interface or %NULL to assign new interface as parent
4759 * Returns: Pointer to the created interface or %NULL on failure
4761 * This function is used to add new network interfaces for %wpa_supplicant.
4762 * This can be called before wpa_supplicant_run() to add interfaces before the
4763 * main event loop has been started. In addition, new interfaces can be added
4764 * dynamically while %wpa_supplicant is already running. This could happen,
4765 * e.g., when a hotplug network adapter is inserted.
4767 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
4768 struct wpa_interface *iface,
4769 struct wpa_supplicant *parent)
4771 struct wpa_supplicant *wpa_s;
4772 struct wpa_interface t_iface;
4773 struct wpa_ssid *ssid;
4775 if (global == NULL || iface == NULL)
4778 wpa_s = wpa_supplicant_alloc(parent);
4782 wpa_s->global = global;
4785 if (global->params.override_driver) {
4786 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
4788 iface->driver, global->params.override_driver);
4789 t_iface.driver = global->params.override_driver;
4791 if (global->params.override_ctrl_interface) {
4792 wpa_printf(MSG_DEBUG, "Override interface parameter: "
4793 "ctrl_interface ('%s' -> '%s')",
4794 iface->ctrl_interface,
4795 global->params.override_ctrl_interface);
4796 t_iface.ctrl_interface =
4797 global->params.override_ctrl_interface;
4799 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
4800 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
4802 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
4806 if (iface->p2p_mgmt == 0) {
4807 /* Notify the control interfaces about new iface */
4808 if (wpas_notify_iface_added(wpa_s)) {
4809 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
4813 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4814 wpas_notify_network_added(wpa_s, ssid);
4817 wpa_s->next = global->ifaces;
4818 global->ifaces = wpa_s;
4820 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
4821 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4824 if (wpa_s->global->p2p == NULL &&
4825 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
4826 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
4827 wpas_p2p_add_p2pdev_interface(
4828 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
4829 wpa_printf(MSG_INFO,
4830 "P2P: Failed to enable P2P Device interface");
4831 /* Try to continue without. P2P will be disabled. */
4833 #endif /* CONFIG_P2P */
4840 * wpa_supplicant_remove_iface - Remove a network interface
4841 * @global: Pointer to global data from wpa_supplicant_init()
4842 * @wpa_s: Pointer to the network interface to be removed
4843 * Returns: 0 if interface was removed, -1 if interface was not found
4845 * This function can be used to dynamically remove network interfaces from
4846 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
4847 * addition, this function is used to remove all remaining interfaces when
4848 * %wpa_supplicant is terminated.
4850 int wpa_supplicant_remove_iface(struct wpa_global *global,
4851 struct wpa_supplicant *wpa_s,
4854 struct wpa_supplicant *prev;
4856 unsigned int mesh_if_created = wpa_s->mesh_if_created;
4857 char *ifname = NULL;
4858 #endif /* CONFIG_MESH */
4860 /* Remove interface from the global list of interfaces */
4861 prev = global->ifaces;
4862 if (prev == wpa_s) {
4863 global->ifaces = wpa_s->next;
4865 while (prev && prev->next != wpa_s)
4869 prev->next = wpa_s->next;
4872 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
4875 if (mesh_if_created) {
4876 ifname = os_strdup(wpa_s->ifname);
4877 if (ifname == NULL) {
4878 wpa_dbg(wpa_s, MSG_ERROR,
4879 "mesh: Failed to malloc ifname");
4883 #endif /* CONFIG_MESH */
4885 if (global->p2p_group_formation == wpa_s)
4886 global->p2p_group_formation = NULL;
4887 if (global->p2p_invite_group == wpa_s)
4888 global->p2p_invite_group = NULL;
4889 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
4892 if (mesh_if_created) {
4893 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
4896 #endif /* CONFIG_MESH */
4903 * wpa_supplicant_get_eap_mode - Get the current EAP mode
4904 * @wpa_s: Pointer to the network interface
4905 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
4907 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
4909 const char *eapol_method;
4911 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
4912 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4916 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
4917 if (eapol_method == NULL)
4918 return "UNKNOWN-EAP";
4920 return eapol_method;
4925 * wpa_supplicant_get_iface - Get a new network interface
4926 * @global: Pointer to global data from wpa_supplicant_init()
4927 * @ifname: Interface name
4928 * Returns: Pointer to the interface or %NULL if not found
4930 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
4933 struct wpa_supplicant *wpa_s;
4935 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
4936 if (os_strcmp(wpa_s->ifname, ifname) == 0)
4943 #ifndef CONFIG_NO_WPA_MSG
4944 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
4946 struct wpa_supplicant *wpa_s = ctx;
4949 return wpa_s->ifname;
4951 #endif /* CONFIG_NO_WPA_MSG */
4954 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
4955 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
4956 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
4958 /* Periodic cleanup tasks */
4959 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
4961 struct wpa_global *global = eloop_ctx;
4962 struct wpa_supplicant *wpa_s;
4964 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
4965 wpas_periodic, global, NULL);
4969 p2p_expire_peers(global->p2p);
4970 #endif /* CONFIG_P2P */
4972 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
4973 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
4976 #endif /* CONFIG_AP */
4982 * wpa_supplicant_init - Initialize %wpa_supplicant
4983 * @params: Parameters for %wpa_supplicant
4984 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
4986 * This function is used to initialize %wpa_supplicant. After successful
4987 * initialization, the returned data pointer can be used to add and remove
4988 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
4990 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
4992 struct wpa_global *global;
4998 #ifdef CONFIG_DRIVER_NDIS
5000 void driver_ndis_init_ops(void);
5001 driver_ndis_init_ops();
5003 #endif /* CONFIG_DRIVER_NDIS */
5005 #ifndef CONFIG_NO_WPA_MSG
5006 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
5007 #endif /* CONFIG_NO_WPA_MSG */
5009 if (params->wpa_debug_file_path)
5010 wpa_debug_open_file(params->wpa_debug_file_path);
5012 wpa_debug_setup_stdout();
5013 if (params->wpa_debug_syslog)
5014 wpa_debug_open_syslog();
5015 if (params->wpa_debug_tracing) {
5016 ret = wpa_debug_open_linux_tracing();
5018 wpa_printf(MSG_ERROR,
5019 "Failed to enable trace logging");
5024 ret = eap_register_methods();
5026 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
5028 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
5029 "the same EAP type.");
5033 global = os_zalloc(sizeof(*global));
5036 dl_list_init(&global->p2p_srv_bonjour);
5037 dl_list_init(&global->p2p_srv_upnp);
5038 global->params.daemonize = params->daemonize;
5039 global->params.wait_for_monitor = params->wait_for_monitor;
5040 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
5041 if (params->pid_file)
5042 global->params.pid_file = os_strdup(params->pid_file);
5043 if (params->ctrl_interface)
5044 global->params.ctrl_interface =
5045 os_strdup(params->ctrl_interface);
5046 if (params->ctrl_interface_group)
5047 global->params.ctrl_interface_group =
5048 os_strdup(params->ctrl_interface_group);
5049 if (params->override_driver)
5050 global->params.override_driver =
5051 os_strdup(params->override_driver);
5052 if (params->override_ctrl_interface)
5053 global->params.override_ctrl_interface =
5054 os_strdup(params->override_ctrl_interface);
5056 if (params->conf_p2p_dev)
5057 global->params.conf_p2p_dev =
5058 os_strdup(params->conf_p2p_dev);
5059 #endif /* CONFIG_P2P */
5060 wpa_debug_level = global->params.wpa_debug_level =
5061 params->wpa_debug_level;
5062 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
5063 params->wpa_debug_show_keys;
5064 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
5065 params->wpa_debug_timestamp;
5067 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
5070 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
5071 wpa_supplicant_deinit(global);
5075 random_init(params->entropy_file);
5077 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
5078 if (global->ctrl_iface == NULL) {
5079 wpa_supplicant_deinit(global);
5083 if (wpas_notify_supplicant_initialized(global)) {
5084 wpa_supplicant_deinit(global);
5088 for (i = 0; wpa_drivers[i]; i++)
5089 global->drv_count++;
5090 if (global->drv_count == 0) {
5091 wpa_printf(MSG_ERROR, "No drivers enabled");
5092 wpa_supplicant_deinit(global);
5095 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
5096 if (global->drv_priv == NULL) {
5097 wpa_supplicant_deinit(global);
5101 #ifdef CONFIG_WIFI_DISPLAY
5102 if (wifi_display_init(global) < 0) {
5103 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
5104 wpa_supplicant_deinit(global);
5107 #endif /* CONFIG_WIFI_DISPLAY */
5109 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
5110 wpas_periodic, global, NULL);
5117 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
5118 * @global: Pointer to global data from wpa_supplicant_init()
5119 * Returns: 0 after successful event loop run, -1 on failure
5121 * This function starts the main event loop and continues running as long as
5122 * there are any remaining events. In most cases, this function is running as
5123 * long as the %wpa_supplicant process in still in use.
5125 int wpa_supplicant_run(struct wpa_global *global)
5127 struct wpa_supplicant *wpa_s;
5129 if (global->params.daemonize &&
5130 wpa_supplicant_daemon(global->params.pid_file))
5133 if (global->params.wait_for_monitor) {
5134 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
5135 if (wpa_s->ctrl_iface)
5136 wpa_supplicant_ctrl_iface_wait(
5140 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
5141 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
5150 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
5151 * @global: Pointer to global data from wpa_supplicant_init()
5153 * This function is called to deinitialize %wpa_supplicant and to free all
5154 * allocated resources. Remaining network interfaces will also be removed.
5156 void wpa_supplicant_deinit(struct wpa_global *global)
5163 eloop_cancel_timeout(wpas_periodic, global, NULL);
5165 #ifdef CONFIG_WIFI_DISPLAY
5166 wifi_display_deinit(global);
5167 #endif /* CONFIG_WIFI_DISPLAY */
5169 while (global->ifaces)
5170 wpa_supplicant_remove_iface(global, global->ifaces, 1);
5172 if (global->ctrl_iface)
5173 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
5175 wpas_notify_supplicant_deinitialized(global);
5177 eap_peer_unregister_methods();
5179 eap_server_unregister_methods();
5180 #endif /* CONFIG_AP */
5182 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
5183 if (!global->drv_priv[i])
5185 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
5187 os_free(global->drv_priv);
5193 if (global->params.pid_file) {
5194 os_daemonize_terminate(global->params.pid_file);
5195 os_free(global->params.pid_file);
5197 os_free(global->params.ctrl_interface);
5198 os_free(global->params.ctrl_interface_group);
5199 os_free(global->params.override_driver);
5200 os_free(global->params.override_ctrl_interface);
5202 os_free(global->params.conf_p2p_dev);
5203 #endif /* CONFIG_P2P */
5205 os_free(global->p2p_disallow_freq.range);
5206 os_free(global->p2p_go_avoid_freq.range);
5207 os_free(global->add_psk);
5210 wpa_debug_close_syslog();
5211 wpa_debug_close_file();
5212 wpa_debug_close_linux_tracing();
5216 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
5218 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
5219 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
5221 country[0] = wpa_s->conf->country[0];
5222 country[1] = wpa_s->conf->country[1];
5224 if (wpa_drv_set_country(wpa_s, country) < 0) {
5225 wpa_printf(MSG_ERROR, "Failed to set country code "
5230 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
5231 wpas_init_ext_pw(wpa_s);
5234 wpas_wps_update_config(wpa_s);
5235 #endif /* CONFIG_WPS */
5236 wpas_p2p_update_config(wpa_s);
5237 wpa_s->conf->changed_parameters = 0;
5241 void add_freq(int *freqs, int *num_freqs, int freq)
5245 for (i = 0; i < *num_freqs; i++) {
5246 if (freqs[i] == freq)
5250 freqs[*num_freqs] = freq;
5255 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
5257 struct wpa_bss *bss, *cbss;
5258 const int max_freqs = 10;
5262 freqs = os_calloc(max_freqs + 1, sizeof(int));
5266 cbss = wpa_s->current_bss;
5268 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
5271 if (bss->ssid_len == cbss->ssid_len &&
5272 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
5273 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
5274 add_freq(freqs, &num_freqs, bss->freq);
5275 if (num_freqs == max_freqs)
5280 if (num_freqs == 0) {
5289 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
5295 wpas_connect_work_done(wpa_s);
5298 * Remove possible authentication timeout since the connection failed.
5300 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
5303 * There is no point in blacklisting the AP if this event is
5304 * generated based on local request to disconnect.
5306 if (wpa_s->own_disconnect_req) {
5307 wpa_s->own_disconnect_req = 0;
5308 wpa_dbg(wpa_s, MSG_DEBUG,
5309 "Ignore connection failure due to local request to disconnect");
5312 if (wpa_s->disconnected) {
5313 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
5314 "indication since interface has been put into "
5315 "disconnected state");
5320 * Add the failed BSSID into the blacklist and speed up next scan
5321 * attempt if there could be other APs that could accept association.
5322 * The current blacklist count indicates how many times we have tried
5323 * connecting to this AP and multiple attempts mean that other APs are
5324 * either not available or has already been tried, so that we can start
5325 * increasing the delay here to avoid constant scanning.
5327 count = wpa_blacklist_add(wpa_s, bssid);
5328 if (count == 1 && wpa_s->current_bss) {
5330 * This BSS was not in the blacklist before. If there is
5331 * another BSS available for the same ESS, we should try that
5332 * next. Otherwise, we may as well try this one once more
5333 * before allowing other, likely worse, ESSes to be considered.
5335 freqs = get_bss_freqs_in_ess(wpa_s);
5337 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
5338 "has been seen; try it next");
5339 wpa_blacklist_add(wpa_s, bssid);
5341 * On the next scan, go through only the known channels
5342 * used in this ESS based on previous scans to speed up
5343 * common load balancing use case.
5345 os_free(wpa_s->next_scan_freqs);
5346 wpa_s->next_scan_freqs = freqs;
5351 * Add previous failure count in case the temporary blacklist was
5352 * cleared due to no other BSSes being available.
5354 count += wpa_s->extra_blacklist_count;
5356 if (count > 3 && wpa_s->current_ssid) {
5357 wpa_printf(MSG_DEBUG, "Continuous association failures - "
5358 "consider temporary network disabling");
5359 wpas_auth_failed(wpa_s, "CONN_FAILED");
5380 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
5381 "ms", count, timeout);
5384 * TODO: if more than one possible AP is available in scan results,
5385 * could try the other ones before requesting a new scan.
5387 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
5388 1000 * (timeout % 1000));
5392 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
5394 return wpa_s->conf->ap_scan == 2 ||
5395 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
5399 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
5400 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
5401 struct wpa_ssid *ssid,
5405 #ifdef IEEE8021X_EAPOL
5406 struct eap_peer_config *eap = &ssid->eap;
5408 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5409 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5410 (const u8 *) value, os_strlen(value));
5412 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5413 case WPA_CTRL_REQ_EAP_IDENTITY:
5414 os_free(eap->identity);
5415 eap->identity = (u8 *) os_strdup(value);
5416 eap->identity_len = os_strlen(value);
5417 eap->pending_req_identity = 0;
5418 if (ssid == wpa_s->current_ssid)
5419 wpa_s->reassociate = 1;
5421 case WPA_CTRL_REQ_EAP_PASSWORD:
5422 bin_clear_free(eap->password, eap->password_len);
5423 eap->password = (u8 *) os_strdup(value);
5424 eap->password_len = os_strlen(value);
5425 eap->pending_req_password = 0;
5426 if (ssid == wpa_s->current_ssid)
5427 wpa_s->reassociate = 1;
5429 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5430 bin_clear_free(eap->new_password, eap->new_password_len);
5431 eap->new_password = (u8 *) os_strdup(value);
5432 eap->new_password_len = os_strlen(value);
5433 eap->pending_req_new_password = 0;
5434 if (ssid == wpa_s->current_ssid)
5435 wpa_s->reassociate = 1;
5437 case WPA_CTRL_REQ_EAP_PIN:
5438 str_clear_free(eap->pin);
5439 eap->pin = os_strdup(value);
5440 eap->pending_req_pin = 0;
5441 if (ssid == wpa_s->current_ssid)
5442 wpa_s->reassociate = 1;
5444 case WPA_CTRL_REQ_EAP_OTP:
5445 bin_clear_free(eap->otp, eap->otp_len);
5446 eap->otp = (u8 *) os_strdup(value);
5447 eap->otp_len = os_strlen(value);
5448 os_free(eap->pending_req_otp);
5449 eap->pending_req_otp = NULL;
5450 eap->pending_req_otp_len = 0;
5452 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5453 str_clear_free(eap->private_key_passwd);
5454 eap->private_key_passwd = os_strdup(value);
5455 eap->pending_req_passphrase = 0;
5456 if (ssid == wpa_s->current_ssid)
5457 wpa_s->reassociate = 1;
5459 case WPA_CTRL_REQ_SIM:
5460 str_clear_free(eap->external_sim_resp);
5461 eap->external_sim_resp = os_strdup(value);
5463 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5464 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5466 ssid->mem_only_psk = 1;
5467 if (ssid->passphrase)
5468 wpa_config_update_psk(ssid);
5469 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5470 wpa_supplicant_req_scan(wpa_s, 0, 0);
5473 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
5478 #else /* IEEE8021X_EAPOL */
5479 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
5481 #endif /* IEEE8021X_EAPOL */
5483 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
5486 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5489 unsigned int drv_enc;
5491 if (wpa_s->p2p_mgmt)
5492 return 1; /* no normal network profiles on p2p_mgmt interface */
5500 if (wpa_s->drv_capa_known)
5501 drv_enc = wpa_s->drv_enc;
5503 drv_enc = (unsigned int) -1;
5505 for (i = 0; i < NUM_WEP_KEYS; i++) {
5506 size_t len = ssid->wep_key_len[i];
5509 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
5511 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
5513 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
5515 return 1; /* invalid WEP key */
5518 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
5519 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
5520 !ssid->mem_only_psk)
5527 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5529 #ifdef CONFIG_IEEE80211W
5530 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
5531 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
5532 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
5534 * Driver does not support BIP -- ignore pmf=1 default
5535 * since the connection with PMF would fail and the
5536 * configuration does not require PMF to be enabled.
5538 return NO_MGMT_FRAME_PROTECTION;
5541 return wpa_s->conf->pmf;
5544 return ssid->ieee80211w;
5545 #else /* CONFIG_IEEE80211W */
5546 return NO_MGMT_FRAME_PROTECTION;
5547 #endif /* CONFIG_IEEE80211W */
5551 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
5553 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
5555 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
5561 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
5563 struct wpa_ssid *ssid = wpa_s->current_ssid;
5565 struct os_reltime now;
5568 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
5573 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
5576 ssid->auth_failures++;
5579 if (ssid->p2p_group &&
5580 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
5582 * Skip the wait time since there is a short timeout on the
5583 * connection to a P2P group.
5587 #endif /* CONFIG_P2P */
5589 if (ssid->auth_failures > 50)
5591 else if (ssid->auth_failures > 10)
5593 else if (ssid->auth_failures > 5)
5595 else if (ssid->auth_failures > 3)
5597 else if (ssid->auth_failures > 2)
5599 else if (ssid->auth_failures > 1)
5604 if (ssid->auth_failures > 1 &&
5605 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
5606 dur += os_random() % (ssid->auth_failures * 10);
5608 os_get_reltime(&now);
5609 if (now.sec + dur <= ssid->disabled_until.sec)
5612 ssid->disabled_until.sec = now.sec + dur;
5614 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
5615 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
5616 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
5617 ssid->auth_failures, dur, reason);
5621 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
5622 struct wpa_ssid *ssid, int clear_failures)
5627 if (ssid->disabled_until.sec) {
5628 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
5629 "id=%d ssid=\"%s\"",
5630 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
5632 ssid->disabled_until.sec = 0;
5633 ssid->disabled_until.usec = 0;
5635 ssid->auth_failures = 0;
5639 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
5643 if (wpa_s->disallow_aps_bssid == NULL)
5646 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
5647 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
5648 bssid, ETH_ALEN) == 0)
5656 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
5661 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
5664 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
5665 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
5666 if (ssid_len == s->ssid_len &&
5667 os_memcmp(ssid, s->ssid, ssid_len) == 0)
5676 * wpas_request_connection - Request a new connection
5677 * @wpa_s: Pointer to the network interface
5679 * This function is used to request a new connection to be found. It will mark
5680 * the interface to allow reassociation and request a new scan to find a
5681 * suitable network to connect to.
5683 void wpas_request_connection(struct wpa_supplicant *wpa_s)
5685 wpa_s->normal_scans = 0;
5686 wpa_s->scan_req = NORMAL_SCAN_REQ;
5687 wpa_supplicant_reinit_autoscan(wpa_s);
5688 wpa_s->extra_blacklist_count = 0;
5689 wpa_s->disconnected = 0;
5690 wpa_s->reassociate = 1;
5692 if (wpa_supplicant_fast_associate(wpa_s) != 1)
5693 wpa_supplicant_req_scan(wpa_s, 0, 0);
5695 wpa_s->reattach = 0;
5699 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
5700 struct wpa_used_freq_data *freqs_data,
5705 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
5707 for (i = 0; i < len; i++) {
5708 struct wpa_used_freq_data *cur = &freqs_data[i];
5709 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
5710 i, cur->freq, cur->flags);
5716 * Find the operating frequencies of any of the virtual interfaces that
5717 * are using the same radio as the current interface, and in addition, get
5718 * information about the interface types that are using the frequency.
5720 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
5721 struct wpa_used_freq_data *freqs_data,
5724 struct wpa_supplicant *ifs;
5727 unsigned int idx = 0, i;
5729 wpa_dbg(wpa_s, MSG_DEBUG,
5730 "Determining shared radio frequencies (max len %u)", len);
5731 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
5733 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
5738 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
5741 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
5742 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
5743 ifs->current_ssid->mode == WPAS_MODE_MESH)
5744 freq = ifs->current_ssid->frequency;
5745 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
5746 freq = ifs->assoc_freq;
5750 /* Hold only distinct freqs */
5751 for (i = 0; i < idx; i++)
5752 if (freqs_data[i].freq == freq)
5756 freqs_data[idx++].freq = freq;
5758 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
5759 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
5760 WPA_FREQ_USED_BY_P2P_CLIENT :
5761 WPA_FREQ_USED_BY_INFRA_STATION;
5765 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
5771 * Find the operating frequencies of any of the virtual interfaces that
5772 * are using the same radio as the current interface.
5774 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
5775 int *freq_array, unsigned int len)
5777 struct wpa_used_freq_data *freqs_data;
5780 os_memset(freq_array, 0, sizeof(int) * len);
5782 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
5786 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
5787 for (i = 0; i < num; i++)
5788 freq_array[i] = freqs_data[i].freq;
5790 os_free(freqs_data);
5796 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
5798 struct rrm_data *rrm = data;
5800 if (!rrm->notify_neighbor_rep) {
5801 wpa_printf(MSG_ERROR,
5802 "RRM: Unexpected neighbor report timeout");
5806 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
5807 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
5809 rrm->notify_neighbor_rep = NULL;
5810 rrm->neighbor_rep_cb_ctx = NULL;
5815 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
5816 * @wpa_s: Pointer to wpa_supplicant
5818 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
5820 wpa_s->rrm.rrm_used = 0;
5822 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5824 if (wpa_s->rrm.notify_neighbor_rep)
5825 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
5826 wpa_s->rrm.next_neighbor_rep_token = 1;
5831 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
5832 * @wpa_s: Pointer to wpa_supplicant
5833 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
5834 * @report_len: Length of neighbor report buffer
5836 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
5837 const u8 *report, size_t report_len)
5839 struct wpabuf *neighbor_rep;
5841 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
5845 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
5846 wpa_printf(MSG_DEBUG,
5847 "RRM: Discarding neighbor report with token %d (expected %d)",
5848 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
5852 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5855 if (!wpa_s->rrm.notify_neighbor_rep) {
5856 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
5860 /* skipping the first byte, which is only an id (dialog token) */
5861 neighbor_rep = wpabuf_alloc(report_len - 1);
5862 if (neighbor_rep == NULL)
5864 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
5865 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
5867 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
5869 wpa_s->rrm.notify_neighbor_rep = NULL;
5870 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
5874 #if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
5875 /* Workaround different, undefined for Windows, error codes used here */
5877 #define EOPNOTSUPP -1
5878 #define ECANCELED -1
5882 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
5883 * @wpa_s: Pointer to wpa_supplicant
5884 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
5885 * is sent in the request.
5886 * @cb: Callback function to be called once the requested report arrives, or
5887 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
5888 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
5889 * the requester's responsibility to free it.
5890 * In the latter case NULL will be sent in 'neighbor_rep'.
5891 * @cb_ctx: Context value to send the callback function
5892 * Returns: 0 in case of success, negative error code otherwise
5894 * In case there is a previous request which has not been answered yet, the
5895 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
5896 * Request must contain a callback function.
5898 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
5899 const struct wpa_ssid *ssid,
5900 void (*cb)(void *ctx,
5901 struct wpabuf *neighbor_rep),
5907 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
5908 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
5912 if (!wpa_s->rrm.rrm_used) {
5913 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
5917 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
5918 WLAN_EID_RRM_ENABLED_CAPABILITIES);
5919 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
5920 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
5921 wpa_printf(MSG_DEBUG,
5922 "RRM: No network support for Neighbor Report.");
5927 wpa_printf(MSG_DEBUG,
5928 "RRM: Neighbor Report request must provide a callback.");
5932 /* Refuse if there's a live request */
5933 if (wpa_s->rrm.notify_neighbor_rep) {
5934 wpa_printf(MSG_DEBUG,
5935 "RRM: Currently handling previous Neighbor Report.");
5939 /* 3 = action category + action code + dialog token */
5940 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0));
5942 wpa_printf(MSG_DEBUG,
5943 "RRM: Failed to allocate Neighbor Report Request");
5947 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
5948 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
5949 wpa_s->rrm.next_neighbor_rep_token);
5951 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5952 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
5953 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
5955 wpabuf_put_u8(buf, WLAN_EID_SSID);
5956 wpabuf_put_u8(buf, ssid->ssid_len);
5957 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
5960 wpa_s->rrm.next_neighbor_rep_token++;
5962 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5963 wpa_s->own_addr, wpa_s->bssid,
5964 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
5965 wpa_printf(MSG_DEBUG,
5966 "RRM: Failed to send Neighbor Report Request");
5971 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
5972 wpa_s->rrm.notify_neighbor_rep = cb;
5973 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
5974 wpas_rrm_neighbor_rep_timeout_handler,
5982 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
5984 const u8 *frame, size_t len,
5988 const struct rrm_link_measurement_request *req;
5989 struct rrm_link_measurement_report report;
5991 if (wpa_s->wpa_state != WPA_COMPLETED) {
5992 wpa_printf(MSG_INFO,
5993 "RRM: Ignoring link measurement request. Not associated");
5997 if (!wpa_s->rrm.rrm_used) {
5998 wpa_printf(MSG_INFO,
5999 "RRM: Ignoring link measurement request. Not RRM network");
6003 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
6004 wpa_printf(MSG_INFO,
6005 "RRM: Measurement report failed. TX power insertion not supported");
6009 req = (const struct rrm_link_measurement_request *) frame;
6010 if (len < sizeof(*req)) {
6011 wpa_printf(MSG_INFO,
6012 "RRM: Link measurement report failed. Request too short");
6016 os_memset(&report, 0, sizeof(report));
6017 report.tpc.eid = WLAN_EID_TPC_REPORT;
6019 report.rsni = 255; /* 255 indicates that RSNI is not available */
6020 report.dialog_token = req->dialog_token;
6023 * It's possible to estimate RCPI based on RSSI in dBm. This
6024 * calculation will not reflect the correct value for high rates,
6025 * but it's good enough for Action frames which are transmitted
6026 * with up to 24 Mbps rates.
6029 report.rcpi = 255; /* not available */
6030 else if (rssi < -110)
6035 report.rcpi = (rssi + 110) * 2;
6037 /* action_category + action_code */
6038 buf = wpabuf_alloc(2 + sizeof(report));
6040 wpa_printf(MSG_ERROR,
6041 "RRM: Link measurement report failed. Buffer allocation failed");
6045 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
6046 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
6047 wpabuf_put_data(buf, &report, sizeof(report));
6048 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
6049 wpabuf_head(buf), wpabuf_len(buf));
6051 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
6052 wpa_s->own_addr, wpa_s->bssid,
6053 wpabuf_head(buf), wpabuf_len(buf), 0)) {
6054 wpa_printf(MSG_ERROR,
6055 "RRM: Link measurement report failed. Send action failed");