events.c revision 8d520ff1dc2da35cdca849e982051b86468016d8
1/* 2 * WPA Supplicant - Driver event processing 3 * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15#include "includes.h" 16 17#include "common.h" 18#include "eapol_supp/eapol_supp_sm.h" 19#include "rsn_supp/wpa.h" 20#include "eloop.h" 21#include "config.h" 22#include "l2_packet/l2_packet.h" 23#include "wpa_supplicant_i.h" 24#include "driver_i.h" 25#include "pcsc_funcs.h" 26#include "rsn_supp/preauth.h" 27#include "rsn_supp/pmksa_cache.h" 28#include "common/wpa_ctrl.h" 29#include "eap_peer/eap.h" 30#include "ap/hostapd.h" 31#include "p2p/p2p.h" 32#include "notify.h" 33#include "common/ieee802_11_defs.h" 34#include "common/ieee802_11_common.h" 35#include "crypto/random.h" 36#include "blacklist.h" 37#include "wpas_glue.h" 38#include "wps_supplicant.h" 39#include "ibss_rsn.h" 40#include "sme.h" 41#include "p2p_supplicant.h" 42#include "bgscan.h" 43#include "ap.h" 44#include "bss.h" 45#include "mlme.h" 46#include "scan.h" 47 48 49static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s) 50{ 51 struct wpa_ssid *ssid, *old_ssid; 52 53 if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid) 54 return 0; 55 56 wpa_dbg(wpa_s, MSG_DEBUG, "Select network based on association " 57 "information"); 58 ssid = wpa_supplicant_get_ssid(wpa_s); 59 if (ssid == NULL) { 60 wpa_msg(wpa_s, MSG_INFO, 61 "No network configuration found for the current AP"); 62 return -1; 63 } 64 65 if (ssid->disabled) { 66 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is disabled"); 67 return -1; 68 } 69 70 wpa_dbg(wpa_s, MSG_DEBUG, "Network configuration found for the " 71 "current AP"); 72 if (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X | 73 WPA_KEY_MGMT_WPA_NONE | 74 WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X | 75 WPA_KEY_MGMT_PSK_SHA256 | 76 WPA_KEY_MGMT_IEEE8021X_SHA256)) { 77 u8 wpa_ie[80]; 78 size_t wpa_ie_len = sizeof(wpa_ie); 79 wpa_supplicant_set_suites(wpa_s, NULL, ssid, 80 wpa_ie, &wpa_ie_len); 81 } else { 82 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 83 } 84 85 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) 86 eapol_sm_invalidate_cached_session(wpa_s->eapol); 87 old_ssid = wpa_s->current_ssid; 88 wpa_s->current_ssid = ssid; 89 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 90 wpa_supplicant_initiate_eapol(wpa_s); 91 if (old_ssid != wpa_s->current_ssid) 92 wpas_notify_network_changed(wpa_s); 93 94 return 0; 95} 96 97 98static void wpa_supplicant_stop_countermeasures(void *eloop_ctx, 99 void *sock_ctx) 100{ 101 struct wpa_supplicant *wpa_s = eloop_ctx; 102 103 if (wpa_s->countermeasures) { 104 wpa_s->countermeasures = 0; 105 wpa_drv_set_countermeasures(wpa_s, 0); 106 wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped"); 107 wpa_supplicant_req_scan(wpa_s, 0, 0); 108 } 109} 110 111 112void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) 113{ 114 int bssid_changed; 115 116#ifdef CONFIG_IBSS_RSN 117 ibss_rsn_deinit(wpa_s->ibss_rsn); 118 wpa_s->ibss_rsn = NULL; 119#endif /* CONFIG_IBSS_RSN */ 120 121 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) 122 return; 123 124 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 125 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 126 os_memset(wpa_s->bssid, 0, ETH_ALEN); 127 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 128 wpa_s->current_bss = NULL; 129 wpa_s->assoc_freq = 0; 130 if (bssid_changed) 131 wpas_notify_bssid_changed(wpa_s); 132 133 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 134 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 135 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) 136 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 137 wpa_s->ap_ies_from_associnfo = 0; 138} 139 140 141static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s) 142{ 143 struct wpa_ie_data ie; 144 int pmksa_set = -1; 145 size_t i; 146 147 if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 || 148 ie.pmkid == NULL) 149 return; 150 151 for (i = 0; i < ie.num_pmkid; i++) { 152 pmksa_set = pmksa_cache_set_current(wpa_s->wpa, 153 ie.pmkid + i * PMKID_LEN, 154 NULL, NULL, 0); 155 if (pmksa_set == 0) { 156 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); 157 break; 158 } 159 } 160 161 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from " 162 "PMKSA cache", pmksa_set == 0 ? "" : "not "); 163} 164 165 166static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s, 167 union wpa_event_data *data) 168{ 169 if (data == NULL) { 170 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: No data in PMKID candidate " 171 "event"); 172 return; 173 } 174 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR 175 " index=%d preauth=%d", 176 MAC2STR(data->pmkid_candidate.bssid), 177 data->pmkid_candidate.index, 178 data->pmkid_candidate.preauth); 179 180 pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid, 181 data->pmkid_candidate.index, 182 data->pmkid_candidate.preauth); 183} 184 185 186static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s) 187{ 188 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 189 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 190 return 0; 191 192#ifdef IEEE8021X_EAPOL 193 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA && 194 wpa_s->current_ssid && 195 !(wpa_s->current_ssid->eapol_flags & 196 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 197 EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) { 198 /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either 199 * plaintext or static WEP keys). */ 200 return 0; 201 } 202#endif /* IEEE8021X_EAPOL */ 203 204 return 1; 205} 206 207 208/** 209 * wpa_supplicant_scard_init - Initialize SIM/USIM access with PC/SC 210 * @wpa_s: pointer to wpa_supplicant data 211 * @ssid: Configuration data for the network 212 * Returns: 0 on success, -1 on failure 213 * 214 * This function is called when starting authentication with a network that is 215 * configured to use PC/SC for SIM/USIM access (EAP-SIM or EAP-AKA). 216 */ 217int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s, 218 struct wpa_ssid *ssid) 219{ 220#ifdef IEEE8021X_EAPOL 221 int aka = 0, sim = 0, type; 222 223 if (ssid->eap.pcsc == NULL || wpa_s->scard != NULL) 224 return 0; 225 226 if (ssid->eap.eap_methods == NULL) { 227 sim = 1; 228 aka = 1; 229 } else { 230 struct eap_method_type *eap = ssid->eap.eap_methods; 231 while (eap->vendor != EAP_VENDOR_IETF || 232 eap->method != EAP_TYPE_NONE) { 233 if (eap->vendor == EAP_VENDOR_IETF) { 234 if (eap->method == EAP_TYPE_SIM) 235 sim = 1; 236 else if (eap->method == EAP_TYPE_AKA) 237 aka = 1; 238 } 239 eap++; 240 } 241 } 242 243 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL) 244 sim = 0; 245 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL) 246 aka = 0; 247 248 if (!sim && !aka) { 249 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to " 250 "use SIM, but neither EAP-SIM nor EAP-AKA are " 251 "enabled"); 252 return 0; 253 } 254 255 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to use SIM " 256 "(sim=%d aka=%d) - initialize PCSC", sim, aka); 257 if (sim && aka) 258 type = SCARD_TRY_BOTH; 259 else if (aka) 260 type = SCARD_USIM_ONLY; 261 else 262 type = SCARD_GSM_SIM_ONLY; 263 264 wpa_s->scard = scard_init(type); 265 if (wpa_s->scard == NULL) { 266 wpa_msg(wpa_s, MSG_WARNING, "Failed to initialize SIM " 267 "(pcsc-lite)"); 268 return -1; 269 } 270 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); 271 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); 272#endif /* IEEE8021X_EAPOL */ 273 274 return 0; 275} 276 277 278#ifndef CONFIG_NO_SCAN_PROCESSING 279static int wpa_supplicant_match_privacy(struct wpa_scan_res *bss, 280 struct wpa_ssid *ssid) 281{ 282 int i, privacy = 0; 283 284 if (ssid->mixed_cell) 285 return 1; 286 287#ifdef CONFIG_WPS 288 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 289 return 1; 290#endif /* CONFIG_WPS */ 291 292 for (i = 0; i < NUM_WEP_KEYS; i++) { 293 if (ssid->wep_key_len[i]) { 294 privacy = 1; 295 break; 296 } 297 } 298#ifdef IEEE8021X_EAPOL 299 if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && 300 ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 301 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) 302 privacy = 1; 303#endif /* IEEE8021X_EAPOL */ 304 305 if (bss->caps & IEEE80211_CAP_PRIVACY) 306 return privacy; 307 return !privacy; 308} 309 310 311static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, 312 struct wpa_ssid *ssid, 313 struct wpa_scan_res *bss) 314{ 315 struct wpa_ie_data ie; 316 int proto_match = 0; 317 const u8 *rsn_ie, *wpa_ie; 318 int ret; 319 int wep_ok; 320 321 ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss); 322 if (ret >= 0) 323 return ret; 324 325 /* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */ 326 wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) && 327 (((ssid->key_mgmt & WPA_KEY_MGMT_NONE) && 328 ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) || 329 (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)); 330 331 rsn_ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); 332 while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) { 333 proto_match++; 334 335 if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) { 336 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - parse " 337 "failed"); 338 break; 339 } 340 341 if (wep_ok && 342 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) 343 { 344 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " 345 "in RSN IE"); 346 return 1; 347 } 348 349 if (!(ie.proto & ssid->proto)) { 350 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - proto " 351 "mismatch"); 352 break; 353 } 354 355 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 356 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - PTK " 357 "cipher mismatch"); 358 break; 359 } 360 361 if (!(ie.group_cipher & ssid->group_cipher)) { 362 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - GTK " 363 "cipher mismatch"); 364 break; 365 } 366 367 if (!(ie.key_mgmt & ssid->key_mgmt)) { 368 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - key mgmt " 369 "mismatch"); 370 break; 371 } 372 373#ifdef CONFIG_IEEE80211W 374 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && 375 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) { 376 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - no mgmt " 377 "frame protection"); 378 break; 379 } 380#endif /* CONFIG_IEEE80211W */ 381 382 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on RSN IE"); 383 return 1; 384 } 385 386 wpa_ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 387 while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { 388 proto_match++; 389 390 if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) { 391 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - parse " 392 "failed"); 393 break; 394 } 395 396 if (wep_ok && 397 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) 398 { 399 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " 400 "in WPA IE"); 401 return 1; 402 } 403 404 if (!(ie.proto & ssid->proto)) { 405 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - proto " 406 "mismatch"); 407 break; 408 } 409 410 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 411 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - PTK " 412 "cipher mismatch"); 413 break; 414 } 415 416 if (!(ie.group_cipher & ssid->group_cipher)) { 417 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - GTK " 418 "cipher mismatch"); 419 break; 420 } 421 422 if (!(ie.key_mgmt & ssid->key_mgmt)) { 423 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - key mgmt " 424 "mismatch"); 425 break; 426 } 427 428 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on WPA IE"); 429 return 1; 430 } 431 432 if ((ssid->proto & (WPA_PROTO_WPA | WPA_PROTO_RSN)) && 433 wpa_key_mgmt_wpa(ssid->key_mgmt) && proto_match == 0) { 434 wpa_dbg(wpa_s, MSG_DEBUG, " skip - no WPA/RSN proto match"); 435 return 0; 436 } 437 438 if (!wpa_key_mgmt_wpa(ssid->key_mgmt)) { 439 wpa_dbg(wpa_s, MSG_DEBUG, " allow in non-WPA/WPA2"); 440 return 1; 441 } 442 443 wpa_dbg(wpa_s, MSG_DEBUG, " reject due to mismatch with " 444 "WPA/WPA2"); 445 446 return 0; 447} 448 449 450static int freq_allowed(int *freqs, int freq) 451{ 452 int i; 453 454 if (freqs == NULL) 455 return 1; 456 457 for (i = 0; freqs[i]; i++) 458 if (freqs[i] == freq) 459 return 1; 460 return 0; 461} 462 463 464static struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, 465 int i, struct wpa_scan_res *bss, 466 struct wpa_ssid *group) 467{ 468 const u8 *ssid_; 469 u8 wpa_ie_len, rsn_ie_len, ssid_len; 470 int wpa; 471 struct wpa_blacklist *e; 472 const u8 *ie; 473 struct wpa_ssid *ssid; 474 475 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); 476 ssid_ = ie ? ie + 2 : (u8 *) ""; 477 ssid_len = ie ? ie[1] : 0; 478 479 ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 480 wpa_ie_len = ie ? ie[1] : 0; 481 482 ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); 483 rsn_ie_len = ie ? ie[1] : 0; 484 485 wpa_dbg(wpa_s, MSG_DEBUG, "%d: " MACSTR " ssid='%s' " 486 "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x level=%d%s", 487 i, MAC2STR(bss->bssid), wpa_ssid_txt(ssid_, ssid_len), 488 wpa_ie_len, rsn_ie_len, bss->caps, bss->level, 489 wpa_scan_get_vendor_ie(bss, WPS_IE_VENDOR_TYPE) ? " wps" : ""); 490 491 e = wpa_blacklist_get(wpa_s, bss->bssid); 492 if (e) { 493 int limit = 1; 494 if (wpa_supplicant_enabled_networks(wpa_s->conf) == 1) { 495 /* 496 * When only a single network is enabled, we can 497 * trigger blacklisting on the first failure. This 498 * should not be done with multiple enabled networks to 499 * avoid getting forced to move into a worse ESS on 500 * single error if there are no other BSSes of the 501 * current ESS. 502 */ 503 limit = 0; 504 } 505 if (e->count > limit) { 506 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " 507 "(count=%d limit=%d)", e->count, limit); 508 return NULL; 509 } 510 } 511 512 if (ssid_len == 0) { 513 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID not known"); 514 return NULL; 515 } 516 517 wpa = wpa_ie_len > 0 || rsn_ie_len > 0; 518 519 for (ssid = group; ssid; ssid = ssid->pnext) { 520 int check_ssid = wpa ? 1 : (ssid->ssid_len != 0); 521 522 if (ssid->disabled) { 523 wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled"); 524 continue; 525 } 526 527#ifdef CONFIG_WPS 528 if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && e && e->count > 0) { 529 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " 530 "(WPS)"); 531 continue; 532 } 533 534 if (wpa && ssid->ssid_len == 0 && 535 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss)) 536 check_ssid = 0; 537 538 if (!wpa && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 539 /* Only allow wildcard SSID match if an AP 540 * advertises active WPS operation that matches 541 * with our mode. */ 542 check_ssid = 1; 543 if (ssid->ssid_len == 0 && 544 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss)) 545 check_ssid = 0; 546 } 547#endif /* CONFIG_WPS */ 548 549 if (check_ssid && 550 (ssid_len != ssid->ssid_len || 551 os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) { 552 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID mismatch"); 553 continue; 554 } 555 556 if (ssid->bssid_set && 557 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) { 558 wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID mismatch"); 559 continue; 560 } 561 562 if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss)) 563 continue; 564 565 if (!wpa && 566 !(ssid->key_mgmt & WPA_KEY_MGMT_NONE) && 567 !(ssid->key_mgmt & WPA_KEY_MGMT_WPS) && 568 !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) { 569 wpa_dbg(wpa_s, MSG_DEBUG, " skip - non-WPA network " 570 "not allowed"); 571 continue; 572 } 573 574 if (!wpa && !wpa_supplicant_match_privacy(bss, ssid)) { 575 wpa_dbg(wpa_s, MSG_DEBUG, " skip - privacy " 576 "mismatch"); 577 continue; 578 } 579 580 if (!wpa && (bss->caps & IEEE80211_CAP_IBSS)) { 581 wpa_dbg(wpa_s, MSG_DEBUG, " skip - IBSS (adhoc) " 582 "network"); 583 continue; 584 } 585 586 if (!freq_allowed(ssid->freq_list, bss->freq)) { 587 wpa_dbg(wpa_s, MSG_DEBUG, " skip - frequency not " 588 "allowed"); 589 continue; 590 } 591 592#ifdef CONFIG_P2P 593 /* 594 * TODO: skip the AP if its P2P IE has Group Formation 595 * bit set in the P2P Group Capability Bitmap and we 596 * are not in Group Formation with that device. 597 */ 598#endif /* CONFIG_P2P */ 599 600 /* Matching configuration found */ 601 return ssid; 602 } 603 604 /* No matching configuration found */ 605 return NULL; 606} 607 608 609static struct wpa_bss * 610wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, 611 struct wpa_scan_results *scan_res, 612 struct wpa_ssid *group, 613 struct wpa_ssid **selected_ssid) 614{ 615 size_t i; 616 617 wpa_dbg(wpa_s, MSG_DEBUG, "Selecting BSS from priority group %d", 618 group->priority); 619 620 for (i = 0; i < scan_res->num; i++) { 621 struct wpa_scan_res *bss = scan_res->res[i]; 622 const u8 *ie, *ssid; 623 u8 ssid_len; 624 625 *selected_ssid = wpa_scan_res_match(wpa_s, i, bss, group); 626 if (!*selected_ssid) 627 continue; 628 629 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); 630 ssid = ie ? ie + 2 : (u8 *) ""; 631 ssid_len = ie ? ie[1] : 0; 632 633 wpa_dbg(wpa_s, MSG_DEBUG, " selected BSS " MACSTR 634 " ssid='%s'", 635 MAC2STR(bss->bssid), wpa_ssid_txt(ssid, ssid_len)); 636 return wpa_bss_get(wpa_s, bss->bssid, ssid, ssid_len); 637 } 638 639 return NULL; 640} 641 642 643static struct wpa_bss * 644wpa_supplicant_pick_network(struct wpa_supplicant *wpa_s, 645 struct wpa_scan_results *scan_res, 646 struct wpa_ssid **selected_ssid) 647{ 648 struct wpa_bss *selected = NULL; 649 int prio; 650 651 while (selected == NULL) { 652 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { 653 selected = wpa_supplicant_select_bss( 654 wpa_s, scan_res, wpa_s->conf->pssid[prio], 655 selected_ssid); 656 if (selected) 657 break; 658 } 659 660 if (selected == NULL && wpa_s->blacklist) { 661 wpa_dbg(wpa_s, MSG_DEBUG, "No APs found - clear " 662 "blacklist and try again"); 663 wpa_blacklist_clear(wpa_s); 664 wpa_s->blacklist_cleared++; 665 } else if (selected == NULL) 666 break; 667 } 668 669 return selected; 670} 671 672 673static void wpa_supplicant_req_new_scan(struct wpa_supplicant *wpa_s, 674 int timeout_sec, int timeout_usec) 675{ 676 if (!wpa_supplicant_enabled_networks(wpa_s->conf)) { 677 /* 678 * No networks are enabled; short-circuit request so 679 * we don't wait timeout seconds before transitioning 680 * to INACTIVE state. 681 */ 682 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 683 return; 684 } 685 wpa_supplicant_req_scan(wpa_s, timeout_sec, timeout_usec); 686} 687 688 689void wpa_supplicant_connect(struct wpa_supplicant *wpa_s, 690 struct wpa_bss *selected, 691 struct wpa_ssid *ssid) 692{ 693 if (wpas_wps_scan_pbc_overlap(wpa_s, selected, ssid)) { 694 wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_OVERLAP 695 "PBC session overlap"); 696#ifdef CONFIG_P2P 697 if (wpas_p2p_notif_pbc_overlap(wpa_s) == 1) 698 return; 699#endif /* CONFIG_P2P */ 700 701#ifdef CONFIG_WPS 702 wpas_wps_cancel(wpa_s); 703#endif /* CONFIG_WPS */ 704 return; 705 } 706 707 /* 708 * Do not trigger new association unless the BSSID has changed or if 709 * reassociation is requested. If we are in process of associating with 710 * the selected BSSID, do not trigger new attempt. 711 */ 712 if (wpa_s->reassociate || 713 (os_memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0 && 714 ((wpa_s->wpa_state != WPA_ASSOCIATING && 715 wpa_s->wpa_state != WPA_AUTHENTICATING) || 716 os_memcmp(selected->bssid, wpa_s->pending_bssid, ETH_ALEN) != 717 0))) { 718 if (wpa_supplicant_scard_init(wpa_s, ssid)) { 719 wpa_supplicant_req_new_scan(wpa_s, 10, 0); 720 return; 721 } 722 wpa_msg(wpa_s, MSG_DEBUG, "Request association: " 723 "reassociate: %d selected: "MACSTR " bssid: " MACSTR 724 " pending: " MACSTR " wpa_state: %s", 725 wpa_s->reassociate, MAC2STR(selected->bssid), 726 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), 727 wpa_supplicant_state_txt(wpa_s->wpa_state)); 728 wpa_supplicant_associate(wpa_s, selected, ssid); 729 } else { 730 wpa_dbg(wpa_s, MSG_DEBUG, "Already associated with the " 731 "selected AP"); 732 } 733} 734 735 736static struct wpa_ssid * 737wpa_supplicant_pick_new_network(struct wpa_supplicant *wpa_s) 738{ 739 int prio; 740 struct wpa_ssid *ssid; 741 742 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { 743 for (ssid = wpa_s->conf->pssid[prio]; ssid; ssid = ssid->pnext) 744 { 745 if (ssid->disabled) 746 continue; 747 if (ssid->mode == IEEE80211_MODE_IBSS || 748 ssid->mode == IEEE80211_MODE_AP) 749 return ssid; 750 } 751 } 752 return NULL; 753} 754 755 756/* TODO: move the rsn_preauth_scan_result*() to be called from notify.c based 757 * on BSS added and BSS changed events */ 758static void wpa_supplicant_rsn_preauth_scan_results( 759 struct wpa_supplicant *wpa_s, struct wpa_scan_results *scan_res) 760{ 761 int i; 762 763 if (rsn_preauth_scan_results(wpa_s->wpa) < 0) 764 return; 765 766 for (i = scan_res->num - 1; i >= 0; i--) { 767 const u8 *ssid, *rsn; 768 struct wpa_scan_res *r; 769 770 r = scan_res->res[i]; 771 772 ssid = wpa_scan_get_ie(r, WLAN_EID_SSID); 773 if (ssid == NULL) 774 continue; 775 776 rsn = wpa_scan_get_ie(r, WLAN_EID_RSN); 777 if (rsn == NULL) 778 continue; 779 780 rsn_preauth_scan_result(wpa_s->wpa, r->bssid, ssid, rsn); 781 } 782 783} 784 785 786static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, 787 struct wpa_bss *selected, 788 struct wpa_ssid *ssid, 789 struct wpa_scan_results *scan_res) 790{ 791 size_t i; 792 struct wpa_scan_res *current_bss = NULL; 793 int min_diff; 794 795 if (wpa_s->reassociate) 796 return 1; /* explicit request to reassociate */ 797 if (wpa_s->wpa_state < WPA_ASSOCIATED) 798 return 1; /* we are not associated; continue */ 799 if (wpa_s->current_ssid == NULL) 800 return 1; /* unknown current SSID */ 801 if (wpa_s->current_ssid != ssid) 802 return 1; /* different network block */ 803 804 for (i = 0; i < scan_res->num; i++) { 805 struct wpa_scan_res *res = scan_res->res[i]; 806 const u8 *ie; 807 if (os_memcmp(res->bssid, wpa_s->bssid, ETH_ALEN) != 0) 808 continue; 809 810 ie = wpa_scan_get_ie(res, WLAN_EID_SSID); 811 if (ie == NULL) 812 continue; 813 if (ie[1] != wpa_s->current_ssid->ssid_len || 814 os_memcmp(ie + 2, wpa_s->current_ssid->ssid, ie[1]) != 0) 815 continue; 816 current_bss = res; 817 break; 818 } 819 820 if (!current_bss) 821 return 1; /* current BSS not seen in scan results */ 822 823 wpa_dbg(wpa_s, MSG_DEBUG, "Considering within-ESS reassociation"); 824 wpa_dbg(wpa_s, MSG_DEBUG, "Current BSS: " MACSTR " level=%d", 825 MAC2STR(current_bss->bssid), current_bss->level); 826 wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS: " MACSTR " level=%d", 827 MAC2STR(selected->bssid), selected->level); 828 829 if (wpa_s->current_ssid->bssid_set && 830 os_memcmp(selected->bssid, wpa_s->current_ssid->bssid, ETH_ALEN) == 831 0) { 832 wpa_dbg(wpa_s, MSG_DEBUG, "Allow reassociation - selected BSS " 833 "has preferred BSSID"); 834 return 1; 835 } 836 837 min_diff = 2; 838 if (current_bss->level < 0) { 839 if (current_bss->level < -85) 840 min_diff = 1; 841 else if (current_bss->level < -80) 842 min_diff = 2; 843 else if (current_bss->level < -75) 844 min_diff = 3; 845 else if (current_bss->level < -70) 846 min_diff = 4; 847 else 848 min_diff = 5; 849 } 850 if (abs(current_bss->level - selected->level) < min_diff) { 851 wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - too small difference " 852 "in signal level"); 853 return 0; 854 } 855 856 return 1; 857} 858 859/* Return < 0 if no scan results could be fetched. */ 860static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 861 union wpa_event_data *data) 862{ 863 struct wpa_bss *selected; 864 struct wpa_ssid *ssid = NULL; 865 struct wpa_scan_results *scan_res; 866 int ap = 0; 867 868#ifdef CONFIG_AP 869 if (wpa_s->ap_iface) 870 ap = 1; 871#endif /* CONFIG_AP */ 872 873 wpa_supplicant_notify_scanning(wpa_s, 0); 874 875 scan_res = wpa_supplicant_get_scan_results(wpa_s, 876 data ? &data->scan_info : 877 NULL, 1); 878 if (scan_res == NULL) { 879 if (wpa_s->conf->ap_scan == 2 || ap) 880 return -1; 881 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to get scan results - try " 882 "scanning again"); 883 wpa_supplicant_req_new_scan(wpa_s, 1, 0); 884 return -1; 885 } 886 887#ifndef CONFIG_NO_RANDOM_POOL 888 size_t i, num; 889 num = scan_res->num; 890 if (num > 10) 891 num = 10; 892 for (i = 0; i < num; i++) { 893 u8 buf[5]; 894 struct wpa_scan_res *res = scan_res->res[i]; 895 buf[0] = res->bssid[5]; 896 buf[1] = res->qual & 0xff; 897 buf[2] = res->noise & 0xff; 898 buf[3] = res->level & 0xff; 899 buf[4] = res->tsf & 0xff; 900 random_add_randomness(buf, sizeof(buf)); 901 } 902#endif /* CONFIG_NO_RANDOM_POOL */ 903 904 if (wpa_s->scan_res_handler) { 905 void (*scan_res_handler)(struct wpa_supplicant *wpa_s, 906 struct wpa_scan_results *scan_res); 907 908 scan_res_handler = wpa_s->scan_res_handler; 909 wpa_s->scan_res_handler = NULL; 910 scan_res_handler(wpa_s, scan_res); 911 912 wpa_scan_results_free(scan_res); 913 return 0; 914 } 915 916 if (ap) { 917 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore scan results in AP mode"); 918#ifdef CONFIG_AP 919 if (wpa_s->ap_iface->scan_cb) 920 wpa_s->ap_iface->scan_cb(wpa_s->ap_iface); 921#endif /* CONFIG_AP */ 922 wpa_scan_results_free(scan_res); 923 return 0; 924 } 925 926 wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available"); 927 wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); 928 wpas_notify_scan_results(wpa_s); 929 930 wpas_notify_scan_done(wpa_s, 1); 931 932 if ((wpa_s->conf->ap_scan == 2 && !wpas_wps_searching(wpa_s))) { 933 wpa_scan_results_free(scan_res); 934 return 0; 935 } 936 937 if (wpa_s->disconnected) { 938 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 939 wpa_scan_results_free(scan_res); 940 return 0; 941 } 942 943 if (bgscan_notify_scan(wpa_s, scan_res) == 1) { 944 wpa_scan_results_free(scan_res); 945 return 0; 946 } 947 948 wpa_supplicant_rsn_preauth_scan_results(wpa_s, scan_res); 949 950 selected = wpa_supplicant_pick_network(wpa_s, scan_res, &ssid); 951 952 if (selected) { 953 int skip; 954 skip = !wpa_supplicant_need_to_roam(wpa_s, selected, ssid, 955 scan_res); 956 wpa_scan_results_free(scan_res); 957 if (skip) 958 return 0; 959 wpa_supplicant_connect(wpa_s, selected, ssid); 960 } else { 961 wpa_scan_results_free(scan_res); 962 wpa_dbg(wpa_s, MSG_DEBUG, "No suitable network found"); 963 ssid = wpa_supplicant_pick_new_network(wpa_s); 964 if (ssid) { 965 wpa_dbg(wpa_s, MSG_DEBUG, "Setup a new network"); 966 wpa_supplicant_associate(wpa_s, NULL, ssid); 967 } else { 968 int timeout_sec = wpa_s->scan_interval; 969 int timeout_usec = 0; 970#ifdef CONFIG_P2P 971 if (wpa_s->p2p_in_provisioning) { 972 /* 973 * Use shorter wait during P2P Provisioning 974 * state to speed up group formation. 975 */ 976 timeout_sec = 0; 977 timeout_usec = 250000; 978 } 979#endif /* CONFIG_P2P */ 980 wpa_supplicant_req_new_scan(wpa_s, timeout_sec, 981 timeout_usec); 982 } 983 } 984 return 0; 985} 986 987 988static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 989 union wpa_event_data *data) 990{ 991 const char *rn, *rn2; 992 struct wpa_supplicant *ifs; 993 994 if (_wpa_supplicant_event_scan_results(wpa_s, data) < 0) { 995 /* 996 * If no scan results could be fetched, then no need to 997 * notify those interfaces that did not actually request 998 * this scan. 999 */ 1000 return; 1001 } 1002 1003 /* 1004 * Check other interfaces to see if they have the same radio-name. If 1005 * so, they get updated with this same scan info. 1006 */ 1007 if (!wpa_s->driver->get_radio_name) 1008 return; 1009 1010 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv); 1011 if (rn == NULL || rn[0] == '\0') 1012 return; 1013 1014 wpa_dbg(wpa_s, MSG_DEBUG, "Checking for other virtual interfaces " 1015 "sharing same radio (%s) in event_scan_results", rn); 1016 1017 for (ifs = wpa_s->global->ifaces; ifs; ifs = ifs->next) { 1018 if (ifs == wpa_s || !ifs->driver->get_radio_name) 1019 continue; 1020 1021 rn2 = ifs->driver->get_radio_name(ifs->drv_priv); 1022 if (rn2 && os_strcmp(rn, rn2) == 0) { 1023 wpa_printf(MSG_DEBUG, "%s: Updating scan results from " 1024 "sibling", ifs->ifname); 1025 _wpa_supplicant_event_scan_results(ifs, data); 1026 } 1027 } 1028} 1029 1030#endif /* CONFIG_NO_SCAN_PROCESSING */ 1031 1032 1033static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, 1034 union wpa_event_data *data) 1035{ 1036 int l, len, found = 0, wpa_found, rsn_found; 1037 const u8 *p; 1038 1039 wpa_dbg(wpa_s, MSG_DEBUG, "Association info event"); 1040 if (data->assoc_info.req_ies) 1041 wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies, 1042 data->assoc_info.req_ies_len); 1043 if (data->assoc_info.resp_ies) { 1044 wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies, 1045 data->assoc_info.resp_ies_len); 1046#ifdef CONFIG_TDLS 1047 wpa_tdls_assoc_resp_ies(wpa_s->wpa, data->assoc_info.resp_ies, 1048 data->assoc_info.resp_ies_len); 1049#endif /* CONFIG_TDLS */ 1050 } 1051 if (data->assoc_info.beacon_ies) 1052 wpa_hexdump(MSG_DEBUG, "beacon_ies", 1053 data->assoc_info.beacon_ies, 1054 data->assoc_info.beacon_ies_len); 1055 if (data->assoc_info.freq) 1056 wpa_dbg(wpa_s, MSG_DEBUG, "freq=%u MHz", 1057 data->assoc_info.freq); 1058 1059 p = data->assoc_info.req_ies; 1060 l = data->assoc_info.req_ies_len; 1061 1062 /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */ 1063 while (p && l >= 2) { 1064 len = p[1] + 2; 1065 if (len > l) { 1066 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", 1067 p, l); 1068 break; 1069 } 1070 if ((p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && 1071 (os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) || 1072 (p[0] == WLAN_EID_RSN && p[1] >= 2)) { 1073 if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len)) 1074 break; 1075 found = 1; 1076 wpa_find_assoc_pmkid(wpa_s); 1077 break; 1078 } 1079 l -= len; 1080 p += len; 1081 } 1082 if (!found && data->assoc_info.req_ies) 1083 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 1084 1085#ifdef CONFIG_IEEE80211R 1086#ifdef CONFIG_SME 1087 if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FT) { 1088 u8 bssid[ETH_ALEN]; 1089 if (wpa_drv_get_bssid(wpa_s, bssid) < 0 || 1090 wpa_ft_validate_reassoc_resp(wpa_s->wpa, 1091 data->assoc_info.resp_ies, 1092 data->assoc_info.resp_ies_len, 1093 bssid) < 0) { 1094 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Validation of " 1095 "Reassociation Response failed"); 1096 wpa_supplicant_deauthenticate( 1097 wpa_s, WLAN_REASON_INVALID_IE); 1098 return -1; 1099 } 1100 } 1101 1102 p = data->assoc_info.resp_ies; 1103 l = data->assoc_info.resp_ies_len; 1104 1105#ifdef CONFIG_WPS_STRICT 1106 if (p && wpa_s->current_ssid && 1107 wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_WPS) { 1108 struct wpabuf *wps; 1109 wps = ieee802_11_vendor_ie_concat(p, l, WPS_IE_VENDOR_TYPE); 1110 if (wps == NULL) { 1111 wpa_msg(wpa_s, MSG_INFO, "WPS-STRICT: AP did not " 1112 "include WPS IE in (Re)Association Response"); 1113 return -1; 1114 } 1115 1116 if (wps_validate_assoc_resp(wps) < 0) { 1117 wpabuf_free(wps); 1118 wpa_supplicant_deauthenticate( 1119 wpa_s, WLAN_REASON_INVALID_IE); 1120 return -1; 1121 } 1122 wpabuf_free(wps); 1123 } 1124#endif /* CONFIG_WPS_STRICT */ 1125 1126 /* Go through the IEs and make a copy of the MDIE, if present. */ 1127 while (p && l >= 2) { 1128 len = p[1] + 2; 1129 if (len > l) { 1130 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", 1131 p, l); 1132 break; 1133 } 1134 if (p[0] == WLAN_EID_MOBILITY_DOMAIN && 1135 p[1] >= MOBILITY_DOMAIN_ID_LEN) { 1136 wpa_s->sme.ft_used = 1; 1137 os_memcpy(wpa_s->sme.mobility_domain, p + 2, 1138 MOBILITY_DOMAIN_ID_LEN); 1139 break; 1140 } 1141 l -= len; 1142 p += len; 1143 } 1144#endif /* CONFIG_SME */ 1145 1146 wpa_sm_set_ft_params(wpa_s->wpa, data->assoc_info.resp_ies, 1147 data->assoc_info.resp_ies_len); 1148#endif /* CONFIG_IEEE80211R */ 1149 1150 /* WPA/RSN IE from Beacon/ProbeResp */ 1151 p = data->assoc_info.beacon_ies; 1152 l = data->assoc_info.beacon_ies_len; 1153 1154 /* Go through the IEs and make a copy of the WPA/RSN IEs, if present. 1155 */ 1156 wpa_found = rsn_found = 0; 1157 while (p && l >= 2) { 1158 len = p[1] + 2; 1159 if (len > l) { 1160 wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies", 1161 p, l); 1162 break; 1163 } 1164 if (!wpa_found && 1165 p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && 1166 os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) { 1167 wpa_found = 1; 1168 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len); 1169 } 1170 1171 if (!rsn_found && 1172 p[0] == WLAN_EID_RSN && p[1] >= 2) { 1173 rsn_found = 1; 1174 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len); 1175 } 1176 1177 l -= len; 1178 p += len; 1179 } 1180 1181 if (!wpa_found && data->assoc_info.beacon_ies) 1182 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 1183 if (!rsn_found && data->assoc_info.beacon_ies) 1184 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 1185 if (wpa_found || rsn_found) 1186 wpa_s->ap_ies_from_associnfo = 1; 1187 1188 wpa_s->assoc_freq = data->assoc_info.freq; 1189 1190 return 0; 1191} 1192 1193 1194static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, 1195 union wpa_event_data *data) 1196{ 1197 u8 bssid[ETH_ALEN]; 1198 int ft_completed; 1199 int bssid_changed; 1200 struct wpa_driver_capa capa; 1201 1202#ifdef CONFIG_AP 1203 if (wpa_s->ap_iface) { 1204 hostapd_notif_assoc(wpa_s->ap_iface->bss[0], 1205 data->assoc_info.addr, 1206 data->assoc_info.req_ies, 1207 data->assoc_info.req_ies_len, 1208 data->assoc_info.reassoc); 1209 return; 1210 } 1211#endif /* CONFIG_AP */ 1212 1213 ft_completed = wpa_ft_is_completed(wpa_s->wpa); 1214 if (data && wpa_supplicant_event_associnfo(wpa_s, data) < 0) 1215 return; 1216 1217 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED); 1218 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) 1219 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN); 1220 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) || 1221 (wpa_drv_get_bssid(wpa_s, bssid) >= 0 && 1222 os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0)) { 1223 wpa_dbg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID=" 1224 MACSTR, MAC2STR(bssid)); 1225 random_add_randomness(bssid, ETH_ALEN); 1226 bssid_changed = os_memcmp(wpa_s->bssid, bssid, ETH_ALEN); 1227 os_memcpy(wpa_s->bssid, bssid, ETH_ALEN); 1228 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 1229 if (bssid_changed) 1230 wpas_notify_bssid_changed(wpa_s); 1231 1232 if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) { 1233 wpa_clear_keys(wpa_s, bssid); 1234 } 1235 if (wpa_supplicant_select_config(wpa_s) < 0) { 1236 wpa_supplicant_disassociate( 1237 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1238 return; 1239 } 1240 if (wpa_s->current_ssid) { 1241 struct wpa_bss *bss = NULL; 1242 struct wpa_ssid *ssid = wpa_s->current_ssid; 1243 if (ssid->ssid_len > 0) 1244 bss = wpa_bss_get(wpa_s, bssid, 1245 ssid->ssid, ssid->ssid_len); 1246 if (!bss) 1247 bss = wpa_bss_get_bssid(wpa_s, bssid); 1248 if (bss) 1249 wpa_s->current_bss = bss; 1250 } 1251 } 1252 1253#ifdef CONFIG_SME 1254 os_memcpy(wpa_s->sme.prev_bssid, bssid, ETH_ALEN); 1255 wpa_s->sme.prev_bssid_set = 1; 1256#endif /* CONFIG_SME */ 1257 1258 wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid)); 1259 if (wpa_s->current_ssid) { 1260 /* When using scanning (ap_scan=1), SIM PC/SC interface can be 1261 * initialized before association, but for other modes, 1262 * initialize PC/SC here, if the current configuration needs 1263 * smartcard or SIM/USIM. */ 1264 wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid); 1265 } 1266 wpa_sm_notify_assoc(wpa_s->wpa, bssid); 1267 if (wpa_s->l2) 1268 l2_packet_notify_auth_start(wpa_s->l2); 1269 1270 /* 1271 * Set portEnabled first to FALSE in order to get EAP state machine out 1272 * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE 1273 * state machine may transit to AUTHENTICATING state based on obsolete 1274 * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to 1275 * AUTHENTICATED without ever giving chance to EAP state machine to 1276 * reset the state. 1277 */ 1278 if (!ft_completed) { 1279 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 1280 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 1281 } 1282 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed) 1283 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 1284 /* 802.1X::portControl = Auto */ 1285 eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE); 1286 wpa_s->eapol_received = 0; 1287 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1288 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE || 1289 (wpa_s->current_ssid && 1290 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS)) { 1291 wpa_supplicant_cancel_auth_timeout(wpa_s); 1292 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1293 } else if (!ft_completed) { 1294 /* Timeout for receiving the first EAPOL packet */ 1295 wpa_supplicant_req_auth_timeout(wpa_s, 10, 0); 1296 } 1297 wpa_supplicant_cancel_scan(wpa_s); 1298 1299 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1300 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 1301 /* 1302 * We are done; the driver will take care of RSN 4-way 1303 * handshake. 1304 */ 1305 wpa_supplicant_cancel_auth_timeout(wpa_s); 1306 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1307 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1308 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 1309 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1310 wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 1311 /* 1312 * The driver will take care of RSN 4-way handshake, so we need 1313 * to allow EAPOL supplicant to complete its work without 1314 * waiting for WPA supplicant. 1315 */ 1316 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1317 } else if (ft_completed) { 1318 /* 1319 * FT protocol completed - make sure EAPOL state machine ends 1320 * up in authenticated. 1321 */ 1322 wpa_supplicant_cancel_auth_timeout(wpa_s); 1323 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1324 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1325 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 1326 } 1327 1328 if (wpa_s->pending_eapol_rx) { 1329 struct os_time now, age; 1330 os_get_time(&now); 1331 os_time_sub(&now, &wpa_s->pending_eapol_rx_time, &age); 1332 if (age.sec == 0 && age.usec < 100000 && 1333 os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) == 1334 0) { 1335 wpa_dbg(wpa_s, MSG_DEBUG, "Process pending EAPOL " 1336 "frame that was received just before " 1337 "association notification"); 1338 wpa_supplicant_rx_eapol( 1339 wpa_s, wpa_s->pending_eapol_rx_src, 1340 wpabuf_head(wpa_s->pending_eapol_rx), 1341 wpabuf_len(wpa_s->pending_eapol_rx)); 1342 } 1343 wpabuf_free(wpa_s->pending_eapol_rx); 1344 wpa_s->pending_eapol_rx = NULL; 1345 } 1346 1347 if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1348 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) && 1349 wpa_s->current_ssid && wpa_drv_get_capa(wpa_s, &capa) == 0 && 1350 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE) { 1351 /* Set static WEP keys again */ 1352 wpa_set_wep_keys(wpa_s, wpa_s->current_ssid); 1353 } 1354 1355#ifdef CONFIG_IBSS_RSN 1356 if (wpa_s->current_ssid && 1357 wpa_s->current_ssid->mode == WPAS_MODE_IBSS && 1358 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 1359 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE && 1360 wpa_s->ibss_rsn == NULL) { 1361 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s); 1362 if (!wpa_s->ibss_rsn) { 1363 wpa_msg(wpa_s, MSG_INFO, "Failed to init IBSS RSN"); 1364 wpa_supplicant_deauthenticate( 1365 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1366 return; 1367 } 1368 1369 ibss_rsn_set_psk(wpa_s->ibss_rsn, wpa_s->current_ssid->psk); 1370 } 1371#endif /* CONFIG_IBSS_RSN */ 1372} 1373 1374 1375static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s, 1376 u16 reason_code) 1377{ 1378 const u8 *bssid; 1379 int authenticating; 1380 u8 prev_pending_bssid[ETH_ALEN]; 1381 1382 authenticating = wpa_s->wpa_state == WPA_AUTHENTICATING; 1383 os_memcpy(prev_pending_bssid, wpa_s->pending_bssid, ETH_ALEN); 1384 1385 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 1386 /* 1387 * At least Host AP driver and a Prism3 card seemed to be 1388 * generating streams of disconnected events when configuring 1389 * IBSS for WPA-None. Ignore them for now. 1390 */ 1391 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - ignore in " 1392 "IBSS/WPA-None mode"); 1393 return; 1394 } 1395 1396 if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE && 1397 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 1398 wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - " 1399 "pre-shared key may be incorrect"); 1400 } 1401 if (!wpa_s->auto_reconnect_disabled || 1402 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 1403 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Auto connect enabled: try to " 1404 "reconnect (wps=%d)", 1405 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS); 1406 if (wpa_s->wpa_state >= WPA_ASSOCIATING) 1407 wpa_supplicant_req_scan(wpa_s, 0, 100000); 1408 } else { 1409 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Auto connect disabled: do not " 1410 "try to re-connect"); 1411 wpa_s->reassociate = 0; 1412 wpa_s->disconnected = 1; 1413 } 1414 bssid = wpa_s->bssid; 1415 if (is_zero_ether_addr(bssid)) 1416 bssid = wpa_s->pending_bssid; 1417 wpas_connection_failed(wpa_s, bssid); 1418 wpa_sm_notify_disassoc(wpa_s->wpa); 1419 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 1420 " reason=%d", 1421 MAC2STR(bssid), reason_code); 1422 if (wpa_supplicant_dynamic_keys(wpa_s)) { 1423 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - remove keys"); 1424 wpa_s->keys_cleared = 0; 1425 wpa_clear_keys(wpa_s, wpa_s->bssid); 1426 } 1427 wpa_supplicant_mark_disassoc(wpa_s); 1428 1429 if (authenticating && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 1430 sme_disassoc_while_authenticating(wpa_s, prev_pending_bssid); 1431} 1432 1433 1434#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 1435static void wpa_supplicant_delayed_mic_error_report(void *eloop_ctx, 1436 void *sock_ctx) 1437{ 1438 struct wpa_supplicant *wpa_s = eloop_ctx; 1439 1440 if (!wpa_s->pending_mic_error_report) 1441 return; 1442 1443 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Sending pending MIC error report"); 1444 wpa_sm_key_request(wpa_s->wpa, 1, wpa_s->pending_mic_error_pairwise); 1445 wpa_s->pending_mic_error_report = 0; 1446} 1447#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1448 1449 1450static void 1451wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s, 1452 union wpa_event_data *data) 1453{ 1454 int pairwise; 1455 struct os_time t; 1456 1457 wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected"); 1458 pairwise = (data && data->michael_mic_failure.unicast); 1459 os_get_time(&t); 1460 if ((wpa_s->last_michael_mic_error && 1461 t.sec - wpa_s->last_michael_mic_error <= 60) || 1462 wpa_s->pending_mic_error_report) { 1463 if (wpa_s->pending_mic_error_report) { 1464 /* 1465 * Send the pending MIC error report immediately since 1466 * we are going to start countermeasures and AP better 1467 * do the same. 1468 */ 1469 wpa_sm_key_request(wpa_s->wpa, 1, 1470 wpa_s->pending_mic_error_pairwise); 1471 } 1472 1473 /* Send the new MIC error report immediately since we are going 1474 * to start countermeasures and AP better do the same. 1475 */ 1476 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1477 1478 /* initialize countermeasures */ 1479 wpa_s->countermeasures = 1; 1480 wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started"); 1481 1482 /* 1483 * Need to wait for completion of request frame. We do not get 1484 * any callback for the message completion, so just wait a 1485 * short while and hope for the best. */ 1486 os_sleep(0, 10000); 1487 1488 wpa_drv_set_countermeasures(wpa_s, 1); 1489 wpa_supplicant_deauthenticate(wpa_s, 1490 WLAN_REASON_MICHAEL_MIC_FAILURE); 1491 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, 1492 wpa_s, NULL); 1493 eloop_register_timeout(60, 0, 1494 wpa_supplicant_stop_countermeasures, 1495 wpa_s, NULL); 1496 /* TODO: mark the AP rejected for 60 second. STA is 1497 * allowed to associate with another AP.. */ 1498 } else { 1499#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 1500 if (wpa_s->mic_errors_seen) { 1501 /* 1502 * Reduce the effectiveness of Michael MIC error 1503 * reports as a means for attacking against TKIP if 1504 * more than one MIC failure is noticed with the same 1505 * PTK. We delay the transmission of the reports by a 1506 * random time between 0 and 60 seconds in order to 1507 * force the attacker wait 60 seconds before getting 1508 * the information on whether a frame resulted in a MIC 1509 * failure. 1510 */ 1511 u8 rval[4]; 1512 int sec; 1513 1514 if (os_get_random(rval, sizeof(rval)) < 0) 1515 sec = os_random() % 60; 1516 else 1517 sec = WPA_GET_BE32(rval) % 60; 1518 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Delay MIC error " 1519 "report %d seconds", sec); 1520 wpa_s->pending_mic_error_report = 1; 1521 wpa_s->pending_mic_error_pairwise = pairwise; 1522 eloop_cancel_timeout( 1523 wpa_supplicant_delayed_mic_error_report, 1524 wpa_s, NULL); 1525 eloop_register_timeout( 1526 sec, os_random() % 1000000, 1527 wpa_supplicant_delayed_mic_error_report, 1528 wpa_s, NULL); 1529 } else { 1530 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1531 } 1532#else /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1533 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1534#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1535 } 1536 wpa_s->last_michael_mic_error = t.sec; 1537 wpa_s->mic_errors_seen++; 1538} 1539 1540 1541#ifdef CONFIG_TERMINATE_ONLASTIF 1542static int any_interfaces(struct wpa_supplicant *head) 1543{ 1544 struct wpa_supplicant *wpa_s; 1545 1546 for (wpa_s = head; wpa_s != NULL; wpa_s = wpa_s->next) 1547 if (!wpa_s->interface_removed) 1548 return 1; 1549 return 0; 1550} 1551#endif /* CONFIG_TERMINATE_ONLASTIF */ 1552 1553 1554static void 1555wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s, 1556 union wpa_event_data *data) 1557{ 1558 if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0) 1559 return; 1560 1561 switch (data->interface_status.ievent) { 1562 case EVENT_INTERFACE_ADDED: 1563 if (!wpa_s->interface_removed) 1564 break; 1565 wpa_s->interface_removed = 0; 1566 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was added"); 1567 if (wpa_supplicant_driver_init(wpa_s) < 0) { 1568 wpa_msg(wpa_s, MSG_INFO, "Failed to initialize the " 1569 "driver after interface was added"); 1570 } 1571 break; 1572 case EVENT_INTERFACE_REMOVED: 1573 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was removed"); 1574 wpa_s->interface_removed = 1; 1575 wpa_supplicant_mark_disassoc(wpa_s); 1576 l2_packet_deinit(wpa_s->l2); 1577 wpa_s->l2 = NULL; 1578#ifdef CONFIG_IBSS_RSN 1579 ibss_rsn_deinit(wpa_s->ibss_rsn); 1580 wpa_s->ibss_rsn = NULL; 1581#endif /* CONFIG_IBSS_RSN */ 1582#ifdef CONFIG_TERMINATE_ONLASTIF 1583 /* check if last interface */ 1584 if (!any_interfaces(wpa_s->global->ifaces)) 1585 eloop_terminate(); 1586#endif /* CONFIG_TERMINATE_ONLASTIF */ 1587 break; 1588 } 1589} 1590 1591 1592#ifdef CONFIG_PEERKEY 1593static void 1594wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s, 1595 union wpa_event_data *data) 1596{ 1597 if (data == NULL) 1598 return; 1599 wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer); 1600} 1601#endif /* CONFIG_PEERKEY */ 1602 1603 1604#ifdef CONFIG_TDLS 1605static void wpa_supplicant_event_tdls(struct wpa_supplicant *wpa_s, 1606 union wpa_event_data *data) 1607{ 1608 if (data == NULL) 1609 return; 1610 switch (data->tdls.oper) { 1611 case TDLS_REQUEST_SETUP: 1612 wpa_tdls_start(wpa_s->wpa, data->tdls.peer); 1613 break; 1614 case TDLS_REQUEST_TEARDOWN: 1615 /* request from driver to add FTIE */ 1616 wpa_tdls_recv_teardown_notify(wpa_s->wpa, data->tdls.peer, 1617 data->tdls.reason_code); 1618 break; 1619 } 1620} 1621#endif /* CONFIG_TDLS */ 1622 1623 1624#ifdef CONFIG_IEEE80211R 1625static void 1626wpa_supplicant_event_ft_response(struct wpa_supplicant *wpa_s, 1627 union wpa_event_data *data) 1628{ 1629 if (data == NULL) 1630 return; 1631 1632 if (wpa_ft_process_response(wpa_s->wpa, data->ft_ies.ies, 1633 data->ft_ies.ies_len, 1634 data->ft_ies.ft_action, 1635 data->ft_ies.target_ap, 1636 data->ft_ies.ric_ies, 1637 data->ft_ies.ric_ies_len) < 0) { 1638 /* TODO: prevent MLME/driver from trying to associate? */ 1639 } 1640} 1641#endif /* CONFIG_IEEE80211R */ 1642 1643 1644#ifdef CONFIG_IBSS_RSN 1645static void wpa_supplicant_event_ibss_rsn_start(struct wpa_supplicant *wpa_s, 1646 union wpa_event_data *data) 1647{ 1648 struct wpa_ssid *ssid; 1649 if (wpa_s->wpa_state < WPA_ASSOCIATED) 1650 return; 1651 if (data == NULL) 1652 return; 1653 ssid = wpa_s->current_ssid; 1654 if (ssid == NULL) 1655 return; 1656 if (ssid->mode != WPAS_MODE_IBSS || !wpa_key_mgmt_wpa(ssid->key_mgmt)) 1657 return; 1658 1659 ibss_rsn_start(wpa_s->ibss_rsn, data->ibss_rsn_start.peer); 1660} 1661#endif /* CONFIG_IBSS_RSN */ 1662 1663 1664#ifdef CONFIG_IEEE80211R 1665static void ft_rx_action(struct wpa_supplicant *wpa_s, const u8 *data, 1666 size_t len) 1667{ 1668 const u8 *sta_addr, *target_ap_addr; 1669 u16 status; 1670 1671 wpa_hexdump(MSG_MSGDUMP, "FT: RX Action", data, len); 1672 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 1673 return; /* only SME case supported for now */ 1674 if (len < 1 + 2 * ETH_ALEN + 2) 1675 return; 1676 if (data[0] != 2) 1677 return; /* Only FT Action Response is supported for now */ 1678 sta_addr = data + 1; 1679 target_ap_addr = data + 1 + ETH_ALEN; 1680 status = WPA_GET_LE16(data + 1 + 2 * ETH_ALEN); 1681 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Received FT Action Response: STA " 1682 MACSTR " TargetAP " MACSTR " status %u", 1683 MAC2STR(sta_addr), MAC2STR(target_ap_addr), status); 1684 1685 if (os_memcmp(sta_addr, wpa_s->own_addr, ETH_ALEN) != 0) { 1686 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Foreign STA Address " MACSTR 1687 " in FT Action Response", MAC2STR(sta_addr)); 1688 return; 1689 } 1690 1691 if (status) { 1692 wpa_dbg(wpa_s, MSG_DEBUG, "FT: FT Action Response indicates " 1693 "failure (status code %d)", status); 1694 /* TODO: report error to FT code(?) */ 1695 return; 1696 } 1697 1698 if (wpa_ft_process_response(wpa_s->wpa, data + 1 + 2 * ETH_ALEN + 2, 1699 len - (1 + 2 * ETH_ALEN + 2), 1, 1700 target_ap_addr, NULL, 0) < 0) 1701 return; 1702 1703#ifdef CONFIG_SME 1704 { 1705 struct wpa_bss *bss; 1706 bss = wpa_bss_get_bssid(wpa_s, target_ap_addr); 1707 if (bss) 1708 wpa_s->sme.freq = bss->freq; 1709 wpa_s->sme.auth_alg = WPA_AUTH_ALG_FT; 1710 sme_associate(wpa_s, WPAS_MODE_INFRA, target_ap_addr, 1711 WLAN_AUTH_FT); 1712 } 1713#endif /* CONFIG_SME */ 1714} 1715#endif /* CONFIG_IEEE80211R */ 1716 1717 1718static void wpa_supplicant_event_unprot_deauth(struct wpa_supplicant *wpa_s, 1719 struct unprot_deauth *e) 1720{ 1721#ifdef CONFIG_IEEE80211W 1722 wpa_printf(MSG_DEBUG, "Unprotected Deauthentication frame " 1723 "dropped: " MACSTR " -> " MACSTR 1724 " (reason code %u)", 1725 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); 1726 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); 1727#endif /* CONFIG_IEEE80211W */ 1728} 1729 1730 1731static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s, 1732 struct unprot_disassoc *e) 1733{ 1734#ifdef CONFIG_IEEE80211W 1735 wpa_printf(MSG_DEBUG, "Unprotected Disassociation frame " 1736 "dropped: " MACSTR " -> " MACSTR 1737 " (reason code %u)", 1738 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); 1739 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); 1740#endif /* CONFIG_IEEE80211W */ 1741} 1742 1743 1744void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 1745 union wpa_event_data *data) 1746{ 1747 struct wpa_supplicant *wpa_s = ctx; 1748 u16 reason_code = 0; 1749 1750 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED && 1751 event != EVENT_INTERFACE_ENABLED && 1752 event != EVENT_INTERFACE_STATUS) { 1753 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore event %d while interface is " 1754 "disabled", event); 1755 return; 1756 } 1757 1758 wpa_dbg(wpa_s, MSG_DEBUG, "Event %d received on interface %s", 1759 event, wpa_s->ifname); 1760 1761 switch (event) { 1762 case EVENT_AUTH: 1763 sme_event_auth(wpa_s, data); 1764 break; 1765 case EVENT_ASSOC: 1766 wpa_supplicant_event_assoc(wpa_s, data); 1767 break; 1768 case EVENT_DISASSOC: 1769 wpa_dbg(wpa_s, MSG_DEBUG, "Disassociation notification"); 1770 if (data) { 1771 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u", 1772 data->disassoc_info.reason_code); 1773 if (data->disassoc_info.addr) 1774 wpa_dbg(wpa_s, MSG_DEBUG, " * address " MACSTR, 1775 MAC2STR(data->disassoc_info.addr)); 1776 } 1777#ifdef CONFIG_AP 1778 if (wpa_s->ap_iface && data && data->disassoc_info.addr) { 1779 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0], 1780 data->disassoc_info.addr); 1781 break; 1782 } 1783#endif /* CONFIG_AP */ 1784 if (data) { 1785 reason_code = data->disassoc_info.reason_code; 1786 wpa_hexdump(MSG_DEBUG, "Disassociation frame IE(s)", 1787 data->disassoc_info.ie, 1788 data->disassoc_info.ie_len); 1789#ifdef CONFIG_P2P 1790 wpas_p2p_disassoc_notif( 1791 wpa_s, data->disassoc_info.addr, reason_code, 1792 data->disassoc_info.ie, 1793 data->disassoc_info.ie_len); 1794#endif /* CONFIG_P2P */ 1795 } 1796 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 1797 sme_event_disassoc(wpa_s, data); 1798 /* fall through */ 1799 case EVENT_DEAUTH: 1800 if (event == EVENT_DEAUTH) { 1801 wpa_dbg(wpa_s, MSG_DEBUG, 1802 "Deauthentication notification"); 1803 if (data) { 1804 reason_code = data->deauth_info.reason_code; 1805 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u", 1806 data->deauth_info.reason_code); 1807 if (data->deauth_info.addr) { 1808 wpa_dbg(wpa_s, MSG_DEBUG, " * address " 1809 MACSTR, 1810 MAC2STR(data->deauth_info. 1811 addr)); 1812 } 1813 wpa_hexdump(MSG_DEBUG, 1814 "Deauthentication frame IE(s)", 1815 data->deauth_info.ie, 1816 data->deauth_info.ie_len); 1817#ifdef CONFIG_P2P 1818 wpas_p2p_deauth_notif( 1819 wpa_s, data->deauth_info.addr, 1820 reason_code, 1821 data->deauth_info.ie, 1822 data->deauth_info.ie_len); 1823#endif /* CONFIG_P2P */ 1824 } 1825 } 1826#ifdef CONFIG_AP 1827 if (wpa_s->ap_iface && data && data->deauth_info.addr) { 1828 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0], 1829 data->deauth_info.addr); 1830 break; 1831 } 1832#endif /* CONFIG_AP */ 1833 wpa_supplicant_event_disassoc(wpa_s, reason_code); 1834 break; 1835 case EVENT_MICHAEL_MIC_FAILURE: 1836 wpa_supplicant_event_michael_mic_failure(wpa_s, data); 1837 break; 1838#ifndef CONFIG_NO_SCAN_PROCESSING 1839 case EVENT_SCAN_RESULTS: 1840 wpa_supplicant_event_scan_results(wpa_s, data); 1841 break; 1842#endif /* CONFIG_NO_SCAN_PROCESSING */ 1843 case EVENT_ASSOCINFO: 1844 wpa_supplicant_event_associnfo(wpa_s, data); 1845 break; 1846 case EVENT_INTERFACE_STATUS: 1847 wpa_supplicant_event_interface_status(wpa_s, data); 1848 break; 1849 case EVENT_PMKID_CANDIDATE: 1850 wpa_supplicant_event_pmkid_candidate(wpa_s, data); 1851 break; 1852#ifdef CONFIG_PEERKEY 1853 case EVENT_STKSTART: 1854 wpa_supplicant_event_stkstart(wpa_s, data); 1855 break; 1856#endif /* CONFIG_PEERKEY */ 1857#ifdef CONFIG_TDLS 1858 case EVENT_TDLS: 1859 wpa_supplicant_event_tdls(wpa_s, data); 1860 break; 1861#endif /* CONFIG_TDLS */ 1862#ifdef CONFIG_IEEE80211R 1863 case EVENT_FT_RESPONSE: 1864 wpa_supplicant_event_ft_response(wpa_s, data); 1865 break; 1866#endif /* CONFIG_IEEE80211R */ 1867#ifdef CONFIG_IBSS_RSN 1868 case EVENT_IBSS_RSN_START: 1869 wpa_supplicant_event_ibss_rsn_start(wpa_s, data); 1870 break; 1871#endif /* CONFIG_IBSS_RSN */ 1872 case EVENT_ASSOC_REJECT: 1873 if (data->assoc_reject.bssid) 1874 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT 1875 "bssid=" MACSTR " status_code=%u", 1876 MAC2STR(data->assoc_reject.bssid), 1877 data->assoc_reject.status_code); 1878 else 1879 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT 1880 "status_code=%u", 1881 data->assoc_reject.status_code); 1882 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 1883 sme_event_assoc_reject(wpa_s, data); 1884 break; 1885 case EVENT_AUTH_TIMED_OUT: 1886 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 1887 sme_event_auth_timed_out(wpa_s, data); 1888 break; 1889 case EVENT_ASSOC_TIMED_OUT: 1890 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 1891 sme_event_assoc_timed_out(wpa_s, data); 1892 break; 1893#ifdef CONFIG_AP 1894 case EVENT_TX_STATUS: 1895 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS dst=" MACSTR 1896 " type=%d stype=%d", 1897 MAC2STR(data->tx_status.dst), 1898 data->tx_status.type, data->tx_status.stype); 1899 if (wpa_s->ap_iface == NULL) { 1900#ifdef CONFIG_P2P 1901 if (data->tx_status.type == WLAN_FC_TYPE_MGMT && 1902 data->tx_status.stype == WLAN_FC_STYPE_ACTION) 1903 wpas_send_action_tx_status( 1904 wpa_s, data->tx_status.dst, 1905 data->tx_status.data, 1906 data->tx_status.data_len, 1907 data->tx_status.ack ? 1908 P2P_SEND_ACTION_SUCCESS : 1909 P2P_SEND_ACTION_NO_ACK); 1910#endif /* CONFIG_P2P */ 1911 break; 1912 } 1913#ifdef CONFIG_P2P 1914 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS pending_dst=" 1915 MACSTR, MAC2STR(wpa_s->parent->pending_action_dst)); 1916 /* 1917 * Catch TX status events for Action frames we sent via group 1918 * interface in GO mode. 1919 */ 1920 if (data->tx_status.type == WLAN_FC_TYPE_MGMT && 1921 data->tx_status.stype == WLAN_FC_STYPE_ACTION && 1922 os_memcmp(wpa_s->parent->pending_action_dst, 1923 data->tx_status.dst, ETH_ALEN) == 0) { 1924 wpas_send_action_tx_status( 1925 wpa_s->parent, data->tx_status.dst, 1926 data->tx_status.data, 1927 data->tx_status.data_len, 1928 data->tx_status.ack ? 1929 P2P_SEND_ACTION_SUCCESS : 1930 P2P_SEND_ACTION_NO_ACK); 1931 break; 1932 } 1933#endif /* CONFIG_P2P */ 1934 switch (data->tx_status.type) { 1935 case WLAN_FC_TYPE_MGMT: 1936 ap_mgmt_tx_cb(wpa_s, data->tx_status.data, 1937 data->tx_status.data_len, 1938 data->tx_status.stype, 1939 data->tx_status.ack); 1940 break; 1941 case WLAN_FC_TYPE_DATA: 1942 ap_tx_status(wpa_s, data->tx_status.dst, 1943 data->tx_status.data, 1944 data->tx_status.data_len, 1945 data->tx_status.ack); 1946 break; 1947 } 1948 break; 1949 case EVENT_RX_FROM_UNKNOWN: 1950 if (wpa_s->ap_iface == NULL) 1951 break; 1952 ap_rx_from_unknown_sta(wpa_s, data->rx_from_unknown.frame, 1953 data->rx_from_unknown.len); 1954 break; 1955 case EVENT_RX_MGMT: 1956 if (wpa_s->ap_iface == NULL) { 1957#ifdef CONFIG_P2P 1958 u16 fc, stype; 1959 const struct ieee80211_mgmt *mgmt; 1960 mgmt = (const struct ieee80211_mgmt *) 1961 data->rx_mgmt.frame; 1962 fc = le_to_host16(mgmt->frame_control); 1963 stype = WLAN_FC_GET_STYPE(fc); 1964 if (stype == WLAN_FC_STYPE_PROBE_REQ && 1965 data->rx_mgmt.frame_len > 24) { 1966 const u8 *src = mgmt->sa; 1967 const u8 *ie = mgmt->u.probe_req.variable; 1968 size_t ie_len = data->rx_mgmt.frame_len - 1969 (mgmt->u.probe_req.variable - 1970 data->rx_mgmt.frame); 1971 wpas_p2p_probe_req_rx(wpa_s, src, ie, ie_len); 1972 break; 1973 } 1974#endif /* CONFIG_P2P */ 1975 wpa_dbg(wpa_s, MSG_DEBUG, "AP: ignore received " 1976 "management frame in non-AP mode"); 1977 break; 1978 } 1979 ap_mgmt_rx(wpa_s, &data->rx_mgmt); 1980 break; 1981#endif /* CONFIG_AP */ 1982 case EVENT_RX_ACTION: 1983 wpa_dbg(wpa_s, MSG_DEBUG, "Received Action frame: SA=" MACSTR 1984 " Category=%u DataLen=%d freq=%d MHz", 1985 MAC2STR(data->rx_action.sa), 1986 data->rx_action.category, (int) data->rx_action.len, 1987 data->rx_action.freq); 1988#ifdef CONFIG_IEEE80211R 1989 if (data->rx_action.category == WLAN_ACTION_FT) { 1990 ft_rx_action(wpa_s, data->rx_action.data, 1991 data->rx_action.len); 1992 break; 1993 } 1994#endif /* CONFIG_IEEE80211R */ 1995#ifdef CONFIG_IEEE80211W 1996#ifdef CONFIG_SME 1997 if (data->rx_action.category == WLAN_ACTION_SA_QUERY) { 1998 sme_sa_query_rx(wpa_s, data->rx_action.sa, 1999 data->rx_action.data, 2000 data->rx_action.len); 2001 break; 2002 } 2003#endif /* CONFIG_SME */ 2004#endif /* CONFIG_IEEE80211W */ 2005#ifdef CONFIG_P2P 2006 wpas_p2p_rx_action(wpa_s, data->rx_action.da, 2007 data->rx_action.sa, 2008 data->rx_action.bssid, 2009 data->rx_action.category, 2010 data->rx_action.data, 2011 data->rx_action.len, data->rx_action.freq); 2012#endif /* CONFIG_P2P */ 2013 break; 2014 case EVENT_RX_PROBE_REQ: 2015 if (data->rx_probe_req.sa == NULL || 2016 data->rx_probe_req.ie == NULL) 2017 break; 2018#ifdef CONFIG_AP 2019 if (wpa_s->ap_iface) { 2020 hostapd_probe_req_rx(wpa_s->ap_iface->bss[0], 2021 data->rx_probe_req.sa, 2022 data->rx_probe_req.ie, 2023 data->rx_probe_req.ie_len); 2024 break; 2025 } 2026#endif /* CONFIG_AP */ 2027#ifdef CONFIG_P2P 2028 wpas_p2p_probe_req_rx(wpa_s, data->rx_probe_req.sa, 2029 data->rx_probe_req.ie, 2030 data->rx_probe_req.ie_len); 2031#endif /* CONFIG_P2P */ 2032 break; 2033#ifdef CONFIG_P2P 2034 case EVENT_REMAIN_ON_CHANNEL: 2035 wpas_p2p_remain_on_channel_cb( 2036 wpa_s, data->remain_on_channel.freq, 2037 data->remain_on_channel.duration); 2038 break; 2039 case EVENT_CANCEL_REMAIN_ON_CHANNEL: 2040 wpas_p2p_cancel_remain_on_channel_cb( 2041 wpa_s, data->remain_on_channel.freq); 2042 break; 2043 case EVENT_P2P_DEV_FOUND: { 2044 struct p2p_peer_info peer_info; 2045 2046 os_memset(&peer_info, 0, sizeof(peer_info)); 2047 if (data->p2p_dev_found.dev_addr) 2048 os_memcpy(peer_info.p2p_device_addr, 2049 data->p2p_dev_found.dev_addr, ETH_ALEN); 2050 if (data->p2p_dev_found.pri_dev_type) 2051 os_memcpy(peer_info.pri_dev_type, 2052 data->p2p_dev_found.pri_dev_type, 2053 sizeof(peer_info.pri_dev_type)); 2054 if (data->p2p_dev_found.dev_name) 2055 os_strlcpy(peer_info.device_name, 2056 data->p2p_dev_found.dev_name, 2057 sizeof(peer_info.device_name)); 2058 peer_info.config_methods = data->p2p_dev_found.config_methods; 2059 peer_info.dev_capab = data->p2p_dev_found.dev_capab; 2060 peer_info.group_capab = data->p2p_dev_found.group_capab; 2061 2062 /* 2063 * FIX: new_device=1 is not necessarily correct. We should 2064 * maintain a P2P peer database in wpa_supplicant and update 2065 * this information based on whether the peer is truly new. 2066 */ 2067 wpas_dev_found(wpa_s, data->p2p_dev_found.addr, &peer_info, 1); 2068 break; 2069 } 2070 case EVENT_P2P_GO_NEG_REQ_RX: 2071 wpas_go_neg_req_rx(wpa_s, data->p2p_go_neg_req_rx.src, 2072 data->p2p_go_neg_req_rx.dev_passwd_id); 2073 break; 2074 case EVENT_P2P_GO_NEG_COMPLETED: 2075 wpas_go_neg_completed(wpa_s, data->p2p_go_neg_completed.res); 2076 break; 2077 case EVENT_P2P_PROV_DISC_REQUEST: 2078 wpas_prov_disc_req(wpa_s, data->p2p_prov_disc_req.peer, 2079 data->p2p_prov_disc_req.config_methods, 2080 data->p2p_prov_disc_req.dev_addr, 2081 data->p2p_prov_disc_req.pri_dev_type, 2082 data->p2p_prov_disc_req.dev_name, 2083 data->p2p_prov_disc_req.supp_config_methods, 2084 data->p2p_prov_disc_req.dev_capab, 2085 data->p2p_prov_disc_req.group_capab); 2086 break; 2087 case EVENT_P2P_PROV_DISC_RESPONSE: 2088 wpas_prov_disc_resp(wpa_s, data->p2p_prov_disc_resp.peer, 2089 data->p2p_prov_disc_resp.config_methods); 2090 break; 2091 case EVENT_P2P_SD_REQUEST: 2092 wpas_sd_request(wpa_s, data->p2p_sd_req.freq, 2093 data->p2p_sd_req.sa, 2094 data->p2p_sd_req.dialog_token, 2095 data->p2p_sd_req.update_indic, 2096 data->p2p_sd_req.tlvs, 2097 data->p2p_sd_req.tlvs_len); 2098 break; 2099 case EVENT_P2P_SD_RESPONSE: 2100 wpas_sd_response(wpa_s, data->p2p_sd_resp.sa, 2101 data->p2p_sd_resp.update_indic, 2102 data->p2p_sd_resp.tlvs, 2103 data->p2p_sd_resp.tlvs_len); 2104 break; 2105#endif /* CONFIG_P2P */ 2106#ifdef CONFIG_CLIENT_MLME 2107 case EVENT_MLME_RX: { 2108 struct ieee80211_rx_status rx_status; 2109 os_memset(&rx_status, 0, sizeof(rx_status)); 2110 rx_status.freq = data->mlme_rx.freq; 2111 rx_status.channel = data->mlme_rx.channel; 2112 rx_status.ssi = data->mlme_rx.ssi; 2113 ieee80211_sta_rx(wpa_s, data->mlme_rx.buf, data->mlme_rx.len, 2114 &rx_status); 2115 break; 2116 } 2117#endif /* CONFIG_CLIENT_MLME */ 2118 case EVENT_EAPOL_RX: 2119 wpa_supplicant_rx_eapol(wpa_s, data->eapol_rx.src, 2120 data->eapol_rx.data, 2121 data->eapol_rx.data_len); 2122 break; 2123 case EVENT_SIGNAL_CHANGE: 2124 bgscan_notify_signal_change( 2125 wpa_s, data->signal_change.above_threshold, 2126 data->signal_change.current_signal, 2127 data->signal_change.current_noise, 2128 data->signal_change.current_txrate); 2129 break; 2130 case EVENT_INTERFACE_ENABLED: 2131 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was enabled"); 2132 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { 2133#ifdef CONFIG_AP 2134 if (!wpa_s->ap_iface) { 2135 wpa_supplicant_set_state(wpa_s, 2136 WPA_DISCONNECTED); 2137 wpa_supplicant_req_scan(wpa_s, 0, 0); 2138 } else 2139 wpa_supplicant_set_state(wpa_s, 2140 WPA_COMPLETED); 2141#else /* CONFIG_AP */ 2142 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 2143 wpa_supplicant_req_scan(wpa_s, 0, 0); 2144#endif /* CONFIG_AP */ 2145 } 2146 break; 2147 case EVENT_INTERFACE_DISABLED: 2148 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was disabled"); 2149 wpa_supplicant_mark_disassoc(wpa_s); 2150 wpa_supplicant_set_state(wpa_s, WPA_INTERFACE_DISABLED); 2151 break; 2152 case EVENT_CHANNEL_LIST_CHANGED: 2153 if (wpa_s->drv_priv == NULL) 2154 break; /* Ignore event during drv initialization */ 2155#ifdef CONFIG_P2P 2156 wpas_p2p_update_channel_list(wpa_s); 2157#endif /* CONFIG_P2P */ 2158 break; 2159 case EVENT_INTERFACE_UNAVAILABLE: 2160#ifdef CONFIG_P2P 2161 wpas_p2p_interface_unavailable(wpa_s); 2162#endif /* CONFIG_P2P */ 2163 break; 2164 case EVENT_BEST_CHANNEL: 2165 wpa_dbg(wpa_s, MSG_DEBUG, "Best channel event received " 2166 "(%d %d %d)", 2167 data->best_chan.freq_24, data->best_chan.freq_5, 2168 data->best_chan.freq_overall); 2169 wpa_s->best_24_freq = data->best_chan.freq_24; 2170 wpa_s->best_5_freq = data->best_chan.freq_5; 2171 wpa_s->best_overall_freq = data->best_chan.freq_overall; 2172#ifdef CONFIG_P2P 2173 wpas_p2p_update_best_channels(wpa_s, data->best_chan.freq_24, 2174 data->best_chan.freq_5, 2175 data->best_chan.freq_overall); 2176#endif /* CONFIG_P2P */ 2177 break; 2178 case EVENT_UNPROT_DEAUTH: 2179 wpa_supplicant_event_unprot_deauth(wpa_s, 2180 &data->unprot_deauth); 2181 break; 2182 case EVENT_UNPROT_DISASSOC: 2183 wpa_supplicant_event_unprot_disassoc(wpa_s, 2184 &data->unprot_disassoc); 2185 break; 2186 case EVENT_STATION_LOW_ACK: 2187#ifdef CONFIG_AP 2188 if (wpa_s->ap_iface && data) 2189 hostapd_event_sta_low_ack(wpa_s->ap_iface->bss[0], 2190 data->low_ack.addr); 2191#endif /* CONFIG_AP */ 2192 break; 2193 case EVENT_IBSS_PEER_LOST: 2194#ifdef CONFIG_IBSS_RSN 2195 ibss_rsn_stop(wpa_s->ibss_rsn, data->ibss_peer_lost.peer); 2196#endif /* CONFIG_IBSS_RSN */ 2197 break; 2198 default: 2199 wpa_msg(wpa_s, MSG_INFO, "Unknown event %d", event); 2200 break; 2201 } 2202} 2203