events.c revision 2fb835aa12088072a839be109acf0f11153857f8
1/* 2 * WPA Supplicant - Driver event processing 3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9#include "includes.h" 10 11#include "common.h" 12#include "eapol_supp/eapol_supp_sm.h" 13#include "rsn_supp/wpa.h" 14#include "eloop.h" 15#include "config.h" 16#include "l2_packet/l2_packet.h" 17#include "wpa_supplicant_i.h" 18#include "driver_i.h" 19#include "pcsc_funcs.h" 20#include "rsn_supp/preauth.h" 21#include "rsn_supp/pmksa_cache.h" 22#include "common/wpa_ctrl.h" 23#include "eap_peer/eap.h" 24#include "ap/hostapd.h" 25#include "p2p/p2p.h" 26#include "notify.h" 27#include "common/ieee802_11_defs.h" 28#include "common/ieee802_11_common.h" 29#include "crypto/random.h" 30#include "blacklist.h" 31#include "wpas_glue.h" 32#include "wps_supplicant.h" 33#include "ibss_rsn.h" 34#include "sme.h" 35#include "gas_query.h" 36#include "p2p_supplicant.h" 37#include "bgscan.h" 38#include "autoscan.h" 39#include "ap.h" 40#include "bss.h" 41#include "scan.h" 42#include "offchannel.h" 43 44 45static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s) 46{ 47 struct wpa_ssid *ssid, *old_ssid; 48 49 if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid) 50 return 0; 51 52 wpa_dbg(wpa_s, MSG_DEBUG, "Select network based on association " 53 "information"); 54 ssid = wpa_supplicant_get_ssid(wpa_s); 55 if (ssid == NULL) { 56 wpa_msg(wpa_s, MSG_INFO, 57 "No network configuration found for the current AP"); 58 return -1; 59 } 60 61 if (wpas_network_disabled(wpa_s, ssid)) { 62 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is disabled"); 63 return -1; 64 } 65 66 wpa_dbg(wpa_s, MSG_DEBUG, "Network configuration found for the " 67 "current AP"); 68 if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { 69 u8 wpa_ie[80]; 70 size_t wpa_ie_len = sizeof(wpa_ie); 71 wpa_supplicant_set_suites(wpa_s, NULL, ssid, 72 wpa_ie, &wpa_ie_len); 73 } else { 74 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 75 } 76 77 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) 78 eapol_sm_invalidate_cached_session(wpa_s->eapol); 79 old_ssid = wpa_s->current_ssid; 80 wpa_s->current_ssid = ssid; 81 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 82 wpa_supplicant_initiate_eapol(wpa_s); 83 if (old_ssid != wpa_s->current_ssid) 84 wpas_notify_network_changed(wpa_s); 85 86 return 0; 87} 88 89 90void wpa_supplicant_stop_countermeasures(void *eloop_ctx, void *sock_ctx) 91{ 92 struct wpa_supplicant *wpa_s = eloop_ctx; 93 94 if (wpa_s->countermeasures) { 95 wpa_s->countermeasures = 0; 96 wpa_drv_set_countermeasures(wpa_s, 0); 97 wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped"); 98 wpa_supplicant_req_scan(wpa_s, 0, 0); 99 } 100} 101 102 103void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) 104{ 105 int bssid_changed; 106 107 wnm_bss_keep_alive_deinit(wpa_s); 108 109#ifdef CONFIG_IBSS_RSN 110 ibss_rsn_deinit(wpa_s->ibss_rsn); 111 wpa_s->ibss_rsn = NULL; 112#endif /* CONFIG_IBSS_RSN */ 113 114#ifdef CONFIG_AP 115 wpa_supplicant_ap_deinit(wpa_s); 116#endif /* CONFIG_AP */ 117 118 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) 119 return; 120 121 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 122#ifdef ANDROID 123 wpa_s->conf->ap_scan = DEFAULT_AP_SCAN; 124#endif 125 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 126 os_memset(wpa_s->bssid, 0, ETH_ALEN); 127 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 128#ifdef CONFIG_SME 129 wpa_s->sme.prev_bssid_set = 0; 130#endif /* CONFIG_SME */ 131#ifdef CONFIG_P2P 132 os_memset(wpa_s->go_dev_addr, 0, ETH_ALEN); 133#endif /* CONFIG_P2P */ 134 wpa_s->current_bss = NULL; 135 wpa_s->assoc_freq = 0; 136#ifdef CONFIG_IEEE80211R 137#ifdef CONFIG_SME 138 if (wpa_s->sme.ft_ies) 139 sme_update_ft_ies(wpa_s, NULL, NULL, 0); 140#endif /* CONFIG_SME */ 141#endif /* CONFIG_IEEE80211R */ 142 143 if (bssid_changed) 144 wpas_notify_bssid_changed(wpa_s); 145 146 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 147 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 148 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) 149 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 150 wpa_s->ap_ies_from_associnfo = 0; 151} 152 153 154static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s) 155{ 156 struct wpa_ie_data ie; 157 int pmksa_set = -1; 158 size_t i; 159 160 if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 || 161 ie.pmkid == NULL) 162 return; 163 164 for (i = 0; i < ie.num_pmkid; i++) { 165 pmksa_set = pmksa_cache_set_current(wpa_s->wpa, 166 ie.pmkid + i * PMKID_LEN, 167 NULL, NULL, 0); 168 if (pmksa_set == 0) { 169 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); 170 break; 171 } 172 } 173 174 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from " 175 "PMKSA cache", pmksa_set == 0 ? "" : "not "); 176} 177 178 179static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s, 180 union wpa_event_data *data) 181{ 182 if (data == NULL) { 183 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: No data in PMKID candidate " 184 "event"); 185 return; 186 } 187 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR 188 " index=%d preauth=%d", 189 MAC2STR(data->pmkid_candidate.bssid), 190 data->pmkid_candidate.index, 191 data->pmkid_candidate.preauth); 192 193 pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid, 194 data->pmkid_candidate.index, 195 data->pmkid_candidate.preauth); 196} 197 198 199static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s) 200{ 201 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 202 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 203 return 0; 204 205#ifdef IEEE8021X_EAPOL 206 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA && 207 wpa_s->current_ssid && 208 !(wpa_s->current_ssid->eapol_flags & 209 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 210 EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) { 211 /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either 212 * plaintext or static WEP keys). */ 213 return 0; 214 } 215#endif /* IEEE8021X_EAPOL */ 216 217 return 1; 218} 219 220 221/** 222 * wpa_supplicant_scard_init - Initialize SIM/USIM access with PC/SC 223 * @wpa_s: pointer to wpa_supplicant data 224 * @ssid: Configuration data for the network 225 * Returns: 0 on success, -1 on failure 226 * 227 * This function is called when starting authentication with a network that is 228 * configured to use PC/SC for SIM/USIM access (EAP-SIM or EAP-AKA). 229 */ 230int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s, 231 struct wpa_ssid *ssid) 232{ 233#ifdef IEEE8021X_EAPOL 234#ifdef PCSC_FUNCS 235 int aka = 0, sim = 0, type; 236 237 if (ssid->eap.pcsc == NULL || wpa_s->scard != NULL) 238 return 0; 239 240 if (ssid->eap.eap_methods == NULL) { 241 sim = 1; 242 aka = 1; 243 } else { 244 struct eap_method_type *eap = ssid->eap.eap_methods; 245 while (eap->vendor != EAP_VENDOR_IETF || 246 eap->method != EAP_TYPE_NONE) { 247 if (eap->vendor == EAP_VENDOR_IETF) { 248 if (eap->method == EAP_TYPE_SIM) 249 sim = 1; 250 else if (eap->method == EAP_TYPE_AKA || 251 eap->method == EAP_TYPE_AKA_PRIME) 252 aka = 1; 253 } 254 eap++; 255 } 256 } 257 258 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL) 259 sim = 0; 260 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL && 261 eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA_PRIME) == 262 NULL) 263 aka = 0; 264 265 if (!sim && !aka) { 266 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to " 267 "use SIM, but neither EAP-SIM nor EAP-AKA are " 268 "enabled"); 269 return 0; 270 } 271 272 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to use SIM " 273 "(sim=%d aka=%d) - initialize PCSC", sim, aka); 274 if (sim && aka) 275 type = SCARD_TRY_BOTH; 276 else if (aka) 277 type = SCARD_USIM_ONLY; 278 else 279 type = SCARD_GSM_SIM_ONLY; 280 281 wpa_s->scard = scard_init(type, NULL); 282 if (wpa_s->scard == NULL) { 283 wpa_msg(wpa_s, MSG_WARNING, "Failed to initialize SIM " 284 "(pcsc-lite)"); 285 return -1; 286 } 287 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); 288 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); 289#endif /* PCSC_FUNCS */ 290#endif /* IEEE8021X_EAPOL */ 291 292 return 0; 293} 294 295 296#ifndef CONFIG_NO_SCAN_PROCESSING 297static int wpa_supplicant_match_privacy(struct wpa_scan_res *bss, 298 struct wpa_ssid *ssid) 299{ 300 int i, privacy = 0; 301 302 if (ssid->mixed_cell) 303 return 1; 304 305#ifdef CONFIG_WPS 306 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 307 return 1; 308#endif /* CONFIG_WPS */ 309 310 for (i = 0; i < NUM_WEP_KEYS; i++) { 311 if (ssid->wep_key_len[i]) { 312 privacy = 1; 313 break; 314 } 315 } 316#ifdef IEEE8021X_EAPOL 317 if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && 318 ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 319 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) 320 privacy = 1; 321#endif /* IEEE8021X_EAPOL */ 322 323 if (wpa_key_mgmt_wpa(ssid->key_mgmt)) 324 privacy = 1; 325 326 if (bss->caps & IEEE80211_CAP_PRIVACY) 327 return privacy; 328 return !privacy; 329} 330 331 332static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, 333 struct wpa_ssid *ssid, 334 struct wpa_scan_res *bss) 335{ 336 struct wpa_ie_data ie; 337 int proto_match = 0; 338 const u8 *rsn_ie, *wpa_ie; 339 int ret; 340 int wep_ok; 341 342 ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss); 343 if (ret >= 0) 344 return ret; 345 346 /* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */ 347 wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) && 348 (((ssid->key_mgmt & WPA_KEY_MGMT_NONE) && 349 ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) || 350 (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)); 351 352 rsn_ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); 353 while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) { 354 proto_match++; 355 356 if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) { 357 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - parse " 358 "failed"); 359 break; 360 } 361 362 if (wep_ok && 363 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) 364 { 365 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " 366 "in RSN IE"); 367 return 1; 368 } 369 370 if (!(ie.proto & ssid->proto)) { 371 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - proto " 372 "mismatch"); 373 break; 374 } 375 376 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 377 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - PTK " 378 "cipher mismatch"); 379 break; 380 } 381 382 if (!(ie.group_cipher & ssid->group_cipher)) { 383 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - GTK " 384 "cipher mismatch"); 385 break; 386 } 387 388 if (!(ie.key_mgmt & ssid->key_mgmt)) { 389 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - key mgmt " 390 "mismatch"); 391 break; 392 } 393 394#ifdef CONFIG_IEEE80211W 395 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && 396 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) { 397 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - no mgmt " 398 "frame protection"); 399 break; 400 } 401#endif /* CONFIG_IEEE80211W */ 402 403 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on RSN IE"); 404 return 1; 405 } 406 407 wpa_ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 408 while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { 409 proto_match++; 410 411 if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) { 412 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - parse " 413 "failed"); 414 break; 415 } 416 417 if (wep_ok && 418 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) 419 { 420 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " 421 "in WPA IE"); 422 return 1; 423 } 424 425 if (!(ie.proto & ssid->proto)) { 426 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - proto " 427 "mismatch"); 428 break; 429 } 430 431 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 432 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - PTK " 433 "cipher mismatch"); 434 break; 435 } 436 437 if (!(ie.group_cipher & ssid->group_cipher)) { 438 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - GTK " 439 "cipher mismatch"); 440 break; 441 } 442 443 if (!(ie.key_mgmt & ssid->key_mgmt)) { 444 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - key mgmt " 445 "mismatch"); 446 break; 447 } 448 449 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on WPA IE"); 450 return 1; 451 } 452 453 if ((ssid->proto & (WPA_PROTO_WPA | WPA_PROTO_RSN)) && 454 wpa_key_mgmt_wpa(ssid->key_mgmt) && proto_match == 0) { 455 wpa_dbg(wpa_s, MSG_DEBUG, " skip - no WPA/RSN proto match"); 456 return 0; 457 } 458 459 if (!wpa_key_mgmt_wpa(ssid->key_mgmt)) { 460 wpa_dbg(wpa_s, MSG_DEBUG, " allow in non-WPA/WPA2"); 461 return 1; 462 } 463 464 wpa_dbg(wpa_s, MSG_DEBUG, " reject due to mismatch with " 465 "WPA/WPA2"); 466 467 return 0; 468} 469 470 471static int freq_allowed(int *freqs, int freq) 472{ 473 int i; 474 475 if (freqs == NULL) 476 return 1; 477 478 for (i = 0; freqs[i]; i++) 479 if (freqs[i] == freq) 480 return 1; 481 return 0; 482} 483 484 485static int ht_supported(const struct hostapd_hw_modes *mode) 486{ 487 if (!(mode->flags & HOSTAPD_MODE_FLAG_HT_INFO_KNOWN)) { 488 /* 489 * The driver did not indicate whether it supports HT. Assume 490 * it does to avoid connection issues. 491 */ 492 return 1; 493 } 494 495 /* 496 * IEEE Std 802.11n-2009 20.1.1: 497 * An HT non-AP STA shall support all EQM rates for one spatial stream. 498 */ 499 return mode->mcs_set[0] == 0xff; 500} 501 502 503static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_scan_res *bss) 504{ 505 const struct hostapd_hw_modes *mode = NULL, *modes; 506 const u8 scan_ie[2] = { WLAN_EID_SUPP_RATES, WLAN_EID_EXT_SUPP_RATES }; 507 const u8 *rate_ie; 508 int i, j, k; 509 510 if (bss->freq == 0) 511 return 1; /* Cannot do matching without knowing band */ 512 513 modes = wpa_s->hw.modes; 514 if (modes == NULL) { 515 /* 516 * The driver does not provide any additional information 517 * about the utilized hardware, so allow the connection attempt 518 * to continue. 519 */ 520 return 1; 521 } 522 523 for (i = 0; i < wpa_s->hw.num_modes; i++) { 524 for (j = 0; j < modes[i].num_channels; j++) { 525 int freq = modes[i].channels[j].freq; 526 if (freq == bss->freq) { 527 if (mode && 528 mode->mode == HOSTAPD_MODE_IEEE80211G) 529 break; /* do not allow 802.11b replace 530 * 802.11g */ 531 mode = &modes[i]; 532 break; 533 } 534 } 535 } 536 537 if (mode == NULL) 538 return 0; 539 540 for (i = 0; i < (int) sizeof(scan_ie); i++) { 541 rate_ie = wpa_scan_get_ie(bss, scan_ie[i]); 542 if (rate_ie == NULL) 543 continue; 544 545 for (j = 2; j < rate_ie[1] + 2; j++) { 546 int flagged = !!(rate_ie[j] & 0x80); 547 int r = (rate_ie[j] & 0x7f) * 5; 548 549 /* 550 * IEEE Std 802.11n-2009 7.3.2.2: 551 * The new BSS Membership selector value is encoded 552 * like a legacy basic rate, but it is not a rate and 553 * only indicates if the BSS members are required to 554 * support the mandatory features of Clause 20 [HT PHY] 555 * in order to join the BSS. 556 */ 557 if (flagged && ((rate_ie[j] & 0x7f) == 558 BSS_MEMBERSHIP_SELECTOR_HT_PHY)) { 559 if (!ht_supported(mode)) { 560 wpa_dbg(wpa_s, MSG_DEBUG, 561 " hardware does not support " 562 "HT PHY"); 563 return 0; 564 } 565 continue; 566 } 567 568 if (!flagged) 569 continue; 570 571 /* check for legacy basic rates */ 572 for (k = 0; k < mode->num_rates; k++) { 573 if (mode->rates[k] == r) 574 break; 575 } 576 if (k == mode->num_rates) { 577 /* 578 * IEEE Std 802.11-2007 7.3.2.2 demands that in 579 * order to join a BSS all required rates 580 * have to be supported by the hardware. 581 */ 582 wpa_dbg(wpa_s, MSG_DEBUG, " hardware does " 583 "not support required rate %d.%d Mbps", 584 r / 10, r % 10); 585 return 0; 586 } 587 } 588 } 589 590 return 1; 591} 592 593 594static struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, 595 int i, struct wpa_scan_res *bss, 596 struct wpa_ssid *group) 597{ 598 const u8 *ssid_; 599 u8 wpa_ie_len, rsn_ie_len, ssid_len; 600 int wpa; 601 struct wpa_blacklist *e; 602 const u8 *ie; 603 struct wpa_ssid *ssid; 604 605 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); 606 ssid_ = ie ? ie + 2 : (u8 *) ""; 607 ssid_len = ie ? ie[1] : 0; 608 609 ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 610 wpa_ie_len = ie ? ie[1] : 0; 611 612 ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); 613 rsn_ie_len = ie ? ie[1] : 0; 614 615 wpa_dbg(wpa_s, MSG_DEBUG, "%d: " MACSTR " ssid='%s' " 616 "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x level=%d%s", 617 i, MAC2STR(bss->bssid), wpa_ssid_txt(ssid_, ssid_len), 618 wpa_ie_len, rsn_ie_len, bss->caps, bss->level, 619 wpa_scan_get_vendor_ie(bss, WPS_IE_VENDOR_TYPE) ? " wps" : ""); 620 621 e = wpa_blacklist_get(wpa_s, bss->bssid); 622 if (e) { 623 int limit = 1; 624 if (wpa_supplicant_enabled_networks(wpa_s) == 1) { 625 /* 626 * When only a single network is enabled, we can 627 * trigger blacklisting on the first failure. This 628 * should not be done with multiple enabled networks to 629 * avoid getting forced to move into a worse ESS on 630 * single error if there are no other BSSes of the 631 * current ESS. 632 */ 633 limit = 0; 634 } 635 if (e->count > limit) { 636 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " 637 "(count=%d limit=%d)", e->count, limit); 638 return NULL; 639 } 640 } 641 642 if (ssid_len == 0) { 643 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID not known"); 644 return NULL; 645 } 646 647 wpa = wpa_ie_len > 0 || rsn_ie_len > 0; 648 649 for (ssid = group; ssid; ssid = ssid->pnext) { 650 int check_ssid = wpa ? 1 : (ssid->ssid_len != 0); 651 652 if (wpas_network_disabled(wpa_s, ssid)) { 653 wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled"); 654 continue; 655 } 656 657#ifdef CONFIG_WPS 658 if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && e && e->count > 0) { 659 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " 660 "(WPS)"); 661 continue; 662 } 663 664 if (wpa && ssid->ssid_len == 0 && 665 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss)) 666 check_ssid = 0; 667 668 if (!wpa && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 669 /* Only allow wildcard SSID match if an AP 670 * advertises active WPS operation that matches 671 * with our mode. */ 672 check_ssid = 1; 673 if (ssid->ssid_len == 0 && 674 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss)) 675 check_ssid = 0; 676 } 677#endif /* CONFIG_WPS */ 678 679 if (ssid->bssid_set && ssid->ssid_len == 0 && 680 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) == 0) 681 check_ssid = 0; 682 683 if (check_ssid && 684 (ssid_len != ssid->ssid_len || 685 os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) { 686 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID mismatch"); 687 continue; 688 } 689 690 if (ssid->bssid_set && 691 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) { 692 wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID mismatch"); 693 continue; 694 } 695 696 if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss)) 697 continue; 698 699 if (!wpa && 700 !(ssid->key_mgmt & WPA_KEY_MGMT_NONE) && 701 !(ssid->key_mgmt & WPA_KEY_MGMT_WPS) && 702 !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) { 703 wpa_dbg(wpa_s, MSG_DEBUG, " skip - non-WPA network " 704 "not allowed"); 705 continue; 706 } 707 708 if (!wpa_supplicant_match_privacy(bss, ssid)) { 709 wpa_dbg(wpa_s, MSG_DEBUG, " skip - privacy " 710 "mismatch"); 711 continue; 712 } 713 714 if (bss->caps & IEEE80211_CAP_IBSS) { 715 wpa_dbg(wpa_s, MSG_DEBUG, " skip - IBSS (adhoc) " 716 "network"); 717 continue; 718 } 719 720 if (!freq_allowed(ssid->freq_list, bss->freq)) { 721 wpa_dbg(wpa_s, MSG_DEBUG, " skip - frequency not " 722 "allowed"); 723 continue; 724 } 725 726 if (!rate_match(wpa_s, bss)) { 727 wpa_dbg(wpa_s, MSG_DEBUG, " skip - rate sets do " 728 "not match"); 729 continue; 730 } 731 732#ifdef CONFIG_P2P 733 /* 734 * TODO: skip the AP if its P2P IE has Group Formation 735 * bit set in the P2P Group Capability Bitmap and we 736 * are not in Group Formation with that device. 737 */ 738#endif /* CONFIG_P2P */ 739 740 /* Matching configuration found */ 741 return ssid; 742 } 743 744 /* No matching configuration found */ 745 return NULL; 746} 747 748 749static struct wpa_bss * 750wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, 751 struct wpa_scan_results *scan_res, 752 struct wpa_ssid *group, 753 struct wpa_ssid **selected_ssid) 754{ 755 size_t i; 756 757 wpa_dbg(wpa_s, MSG_DEBUG, "Selecting BSS from priority group %d", 758 group->priority); 759 760 for (i = 0; i < scan_res->num; i++) { 761 struct wpa_scan_res *bss = scan_res->res[i]; 762 const u8 *ie, *ssid; 763 u8 ssid_len; 764 765 *selected_ssid = wpa_scan_res_match(wpa_s, i, bss, group); 766 if (!*selected_ssid) 767 continue; 768 769 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); 770 ssid = ie ? ie + 2 : (u8 *) ""; 771 ssid_len = ie ? ie[1] : 0; 772 773 wpa_dbg(wpa_s, MSG_DEBUG, " selected BSS " MACSTR 774 " ssid='%s'", 775 MAC2STR(bss->bssid), wpa_ssid_txt(ssid, ssid_len)); 776 return wpa_bss_get(wpa_s, bss->bssid, ssid, ssid_len); 777 } 778 779 return NULL; 780} 781 782 783static struct wpa_bss * 784wpa_supplicant_pick_network(struct wpa_supplicant *wpa_s, 785 struct wpa_scan_results *scan_res, 786 struct wpa_ssid **selected_ssid) 787{ 788 struct wpa_bss *selected = NULL; 789 int prio; 790 791 while (selected == NULL) { 792 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { 793 selected = wpa_supplicant_select_bss( 794 wpa_s, scan_res, wpa_s->conf->pssid[prio], 795 selected_ssid); 796 if (selected) 797 break; 798 } 799 800 if (selected == NULL && wpa_s->blacklist && 801 !wpa_s->countermeasures) { 802 wpa_dbg(wpa_s, MSG_DEBUG, "No APs found - clear " 803 "blacklist and try again"); 804 wpa_blacklist_clear(wpa_s); 805 wpa_s->blacklist_cleared++; 806 } else if (selected == NULL) 807 break; 808 } 809 810 return selected; 811} 812 813 814static void wpa_supplicant_req_new_scan(struct wpa_supplicant *wpa_s, 815 int timeout_sec, int timeout_usec) 816{ 817 if (!wpa_supplicant_enabled_networks(wpa_s)) { 818 /* 819 * No networks are enabled; short-circuit request so 820 * we don't wait timeout seconds before transitioning 821 * to INACTIVE state. 822 */ 823 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 824 return; 825 } 826 wpa_supplicant_req_scan(wpa_s, timeout_sec, timeout_usec); 827} 828 829 830int wpa_supplicant_connect(struct wpa_supplicant *wpa_s, 831 struct wpa_bss *selected, 832 struct wpa_ssid *ssid) 833{ 834 if (wpas_wps_scan_pbc_overlap(wpa_s, selected, ssid)) { 835 wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_OVERLAP 836 "PBC session overlap"); 837#ifdef CONFIG_P2P 838 if (wpas_p2p_notif_pbc_overlap(wpa_s) == 1) 839 return -1; 840#endif /* CONFIG_P2P */ 841 842#ifdef CONFIG_WPS 843 wpas_wps_cancel(wpa_s); 844#endif /* CONFIG_WPS */ 845 return -1; 846 } 847 848 /* 849 * Do not trigger new association unless the BSSID has changed or if 850 * reassociation is requested. If we are in process of associating with 851 * the selected BSSID, do not trigger new attempt. 852 */ 853 if (wpa_s->reassociate || 854 (os_memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0 && 855 ((wpa_s->wpa_state != WPA_ASSOCIATING && 856 wpa_s->wpa_state != WPA_AUTHENTICATING) || 857 os_memcmp(selected->bssid, wpa_s->pending_bssid, ETH_ALEN) != 858 0))) { 859 if (wpa_supplicant_scard_init(wpa_s, ssid)) { 860 wpa_supplicant_req_new_scan(wpa_s, 10, 0); 861 return 0; 862 } 863 wpa_msg(wpa_s, MSG_DEBUG, "Request association: " 864 "reassociate: %d selected: "MACSTR " bssid: " MACSTR 865 " pending: " MACSTR " wpa_state: %s", 866 wpa_s->reassociate, MAC2STR(selected->bssid), 867 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), 868 wpa_supplicant_state_txt(wpa_s->wpa_state)); 869 wpa_supplicant_associate(wpa_s, selected, ssid); 870 } else { 871 wpa_dbg(wpa_s, MSG_DEBUG, "Already associated with the " 872 "selected AP"); 873 } 874 875 return 0; 876} 877 878 879static struct wpa_ssid * 880wpa_supplicant_pick_new_network(struct wpa_supplicant *wpa_s) 881{ 882 int prio; 883 struct wpa_ssid *ssid; 884 885 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { 886 for (ssid = wpa_s->conf->pssid[prio]; ssid; ssid = ssid->pnext) 887 { 888 if (wpas_network_disabled(wpa_s, ssid)) 889 continue; 890 if (ssid->mode == IEEE80211_MODE_IBSS || 891 ssid->mode == IEEE80211_MODE_AP) 892 return ssid; 893 } 894 } 895 return NULL; 896} 897 898 899/* TODO: move the rsn_preauth_scan_result*() to be called from notify.c based 900 * on BSS added and BSS changed events */ 901static void wpa_supplicant_rsn_preauth_scan_results( 902 struct wpa_supplicant *wpa_s) 903{ 904 struct wpa_bss *bss; 905 906 if (rsn_preauth_scan_results(wpa_s->wpa) < 0) 907 return; 908 909 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 910 const u8 *ssid, *rsn; 911 912 ssid = wpa_bss_get_ie(bss, WLAN_EID_SSID); 913 if (ssid == NULL) 914 continue; 915 916 rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 917 if (rsn == NULL) 918 continue; 919 920 rsn_preauth_scan_result(wpa_s->wpa, bss->bssid, ssid, rsn); 921 } 922 923} 924 925 926static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, 927 struct wpa_bss *selected, 928 struct wpa_ssid *ssid, 929 struct wpa_scan_results *scan_res) 930{ 931 size_t i; 932 struct wpa_scan_res *current_bss = NULL; 933 int min_diff; 934 935 if (wpa_s->reassociate) 936 return 1; /* explicit request to reassociate */ 937 if (wpa_s->wpa_state < WPA_ASSOCIATED) 938 return 1; /* we are not associated; continue */ 939 if (wpa_s->current_ssid == NULL) 940 return 1; /* unknown current SSID */ 941 if (wpa_s->current_ssid != ssid) 942 return 1; /* different network block */ 943 944 if (wpas_driver_bss_selection(wpa_s)) 945 return 0; /* Driver-based roaming */ 946 947 for (i = 0; i < scan_res->num; i++) { 948 struct wpa_scan_res *res = scan_res->res[i]; 949 const u8 *ie; 950 if (os_memcmp(res->bssid, wpa_s->bssid, ETH_ALEN) != 0) 951 continue; 952 953 ie = wpa_scan_get_ie(res, WLAN_EID_SSID); 954 if (ie == NULL) 955 continue; 956 if (ie[1] != wpa_s->current_ssid->ssid_len || 957 os_memcmp(ie + 2, wpa_s->current_ssid->ssid, ie[1]) != 0) 958 continue; 959 current_bss = res; 960 break; 961 } 962 963 if (!current_bss) 964 return 1; /* current BSS not seen in scan results */ 965 966#ifndef CONFIG_NO_ROAMING 967 wpa_dbg(wpa_s, MSG_DEBUG, "Considering within-ESS reassociation"); 968 wpa_dbg(wpa_s, MSG_DEBUG, "Current BSS: " MACSTR " level=%d", 969 MAC2STR(current_bss->bssid), current_bss->level); 970 wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS: " MACSTR " level=%d", 971 MAC2STR(selected->bssid), selected->level); 972 973 if (wpa_s->current_ssid->bssid_set && 974 os_memcmp(selected->bssid, wpa_s->current_ssid->bssid, ETH_ALEN) == 975 0) { 976 wpa_dbg(wpa_s, MSG_DEBUG, "Allow reassociation - selected BSS " 977 "has preferred BSSID"); 978 return 1; 979 } 980 981 min_diff = 2; 982 if (current_bss->level < 0) { 983 if (current_bss->level < -85) 984 min_diff = 1; 985 else if (current_bss->level < -80) 986 min_diff = 2; 987 else if (current_bss->level < -75) 988 min_diff = 3; 989 else if (current_bss->level < -70) 990 min_diff = 4; 991 else 992 min_diff = 5; 993 } 994 if (abs(current_bss->level - selected->level) < min_diff) { 995 wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - too small difference " 996 "in signal level"); 997 return 0; 998 } 999 1000 return 1; 1001#else /* CONFIG_NO_ROAMING */ 1002 return 0; 1003#endif /* CONFIG_NO_ROAMING */ 1004} 1005 1006 1007/* Return < 0 if no scan results could be fetched or if scan results should not 1008 * be shared with other virtual interfaces. */ 1009#ifdef ANDROID_P2P 1010static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 1011 union wpa_event_data *data, int suppress_event) 1012#else 1013static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 1014 union wpa_event_data *data) 1015#endif 1016{ 1017 struct wpa_bss *selected; 1018 struct wpa_ssid *ssid = NULL; 1019 struct wpa_scan_results *scan_res; 1020 int ap = 0; 1021 1022#ifdef CONFIG_AP 1023 if (wpa_s->ap_iface) 1024 ap = 1; 1025#endif /* CONFIG_AP */ 1026 1027 wpa_supplicant_notify_scanning(wpa_s, 0); 1028 1029#ifdef CONFIG_P2P 1030#ifdef ANDROID_P2P 1031 if (p2p_search_pending(wpa_s->global->p2p) && !wpa_s->global->p2p_disabled && 1032#else 1033 if (wpa_s->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled && 1034#endif 1035 wpa_s->global->p2p != NULL) { 1036 wpa_s->p2p_cb_on_scan_complete = 0; 1037 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) { 1038 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation " 1039 "stopped scan processing"); 1040 return -1; 1041 } 1042 } 1043#endif /* CONFIG_P2P */ 1044 1045 scan_res = wpa_supplicant_get_scan_results(wpa_s, 1046 data ? &data->scan_info : 1047 NULL, 1); 1048 if (scan_res == NULL) { 1049 if (wpa_s->conf->ap_scan == 2 || ap) 1050 return -1; 1051 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to get scan results - try " 1052 "scanning again"); 1053 wpa_supplicant_req_new_scan(wpa_s, 1, 0); 1054 return -1; 1055 } 1056 1057#ifndef CONFIG_NO_RANDOM_POOL 1058 size_t i, num; 1059 num = scan_res->num; 1060 if (num > 10) 1061 num = 10; 1062 for (i = 0; i < num; i++) { 1063 u8 buf[5]; 1064 struct wpa_scan_res *res = scan_res->res[i]; 1065 buf[0] = res->bssid[5]; 1066 buf[1] = res->qual & 0xff; 1067 buf[2] = res->noise & 0xff; 1068 buf[3] = res->level & 0xff; 1069 buf[4] = res->tsf & 0xff; 1070 random_add_randomness(buf, sizeof(buf)); 1071 } 1072#endif /* CONFIG_NO_RANDOM_POOL */ 1073 1074 if (wpa_s->scan_res_handler) { 1075 void (*scan_res_handler)(struct wpa_supplicant *wpa_s, 1076 struct wpa_scan_results *scan_res); 1077 1078 scan_res_handler = wpa_s->scan_res_handler; 1079 wpa_s->scan_res_handler = NULL; 1080 scan_res_handler(wpa_s, scan_res); 1081 1082 wpa_scan_results_free(scan_res); 1083 return -2; 1084 } 1085 1086 if (ap) { 1087 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore scan results in AP mode"); 1088#ifdef CONFIG_AP 1089 if (wpa_s->ap_iface->scan_cb) 1090 wpa_s->ap_iface->scan_cb(wpa_s->ap_iface); 1091#endif /* CONFIG_AP */ 1092 wpa_scan_results_free(scan_res); 1093 return 0; 1094 } 1095#ifdef ANDROID_P2P 1096 if(!suppress_event) 1097 { 1098 wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available"); 1099 wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); 1100 wpas_notify_scan_results(wpa_s); 1101 } 1102#else 1103 wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available"); 1104 wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); 1105 wpas_notify_scan_results(wpa_s); 1106#endif 1107 1108 wpas_notify_scan_done(wpa_s, 1); 1109 1110 if (sme_proc_obss_scan(wpa_s) > 0) { 1111 wpa_scan_results_free(scan_res); 1112 return 0; 1113 } 1114 1115 if ((wpa_s->conf->ap_scan == 2 && !wpas_wps_searching(wpa_s))) { 1116 wpa_scan_results_free(scan_res); 1117 return 0; 1118 } 1119 1120 if (autoscan_notify_scan(wpa_s, scan_res)) { 1121 wpa_scan_results_free(scan_res); 1122 return 0; 1123 } 1124 1125 if (wpa_s->disconnected) { 1126 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 1127 wpa_scan_results_free(scan_res); 1128 return 0; 1129 } 1130 1131 if (!wpas_driver_bss_selection(wpa_s) && 1132 bgscan_notify_scan(wpa_s, scan_res) == 1) { 1133 wpa_scan_results_free(scan_res); 1134 return 0; 1135 } 1136 1137 selected = wpa_supplicant_pick_network(wpa_s, scan_res, &ssid); 1138 1139 if (selected) { 1140 int skip; 1141 skip = !wpa_supplicant_need_to_roam(wpa_s, selected, ssid, 1142 scan_res); 1143 wpa_scan_results_free(scan_res); 1144 if (skip) { 1145 wpa_supplicant_rsn_preauth_scan_results(wpa_s); 1146 return 0; 1147 } 1148 1149 if (wpa_supplicant_connect(wpa_s, selected, ssid) < 0) { 1150 wpa_dbg(wpa_s, MSG_DEBUG, "Connect failed"); 1151 return -1; 1152 } 1153 wpa_supplicant_rsn_preauth_scan_results(wpa_s); 1154 } else { 1155 wpa_scan_results_free(scan_res); 1156 wpa_dbg(wpa_s, MSG_DEBUG, "No suitable network found"); 1157 ssid = wpa_supplicant_pick_new_network(wpa_s); 1158 if (ssid) { 1159 wpa_dbg(wpa_s, MSG_DEBUG, "Setup a new network"); 1160 wpa_supplicant_associate(wpa_s, NULL, ssid); 1161 wpa_supplicant_rsn_preauth_scan_results(wpa_s); 1162 } else { 1163 int timeout_sec = wpa_s->scan_interval; 1164 int timeout_usec = 0; 1165#ifdef CONFIG_P2P 1166 if (wpas_p2p_scan_no_go_seen(wpa_s) == 1) 1167 return 0; 1168 1169 if (wpa_s->p2p_in_provisioning) { 1170 /* 1171 * Use shorter wait during P2P Provisioning 1172 * state to speed up group formation. 1173 */ 1174 timeout_sec = 0; 1175 timeout_usec = 250000; 1176 wpa_supplicant_req_new_scan(wpa_s, timeout_sec, 1177 timeout_usec); 1178 return 0; 1179 } 1180#endif /* CONFIG_P2P */ 1181 if (wpa_supplicant_req_sched_scan(wpa_s)) 1182 wpa_supplicant_req_new_scan(wpa_s, timeout_sec, 1183 timeout_usec); 1184 } 1185 } 1186 return 0; 1187} 1188 1189 1190static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 1191 union wpa_event_data *data) 1192{ 1193 const char *rn, *rn2; 1194 struct wpa_supplicant *ifs; 1195#ifdef ANDROID_P2P 1196 if (_wpa_supplicant_event_scan_results(wpa_s, data, 0) < 0) { 1197#else 1198 if (_wpa_supplicant_event_scan_results(wpa_s, data) < 0) { 1199#endif 1200 /* 1201 * If no scan results could be fetched, then no need to 1202 * notify those interfaces that did not actually request 1203 * this scan. 1204 */ 1205 return; 1206 } 1207 1208 /* 1209 * Check other interfaces to see if they have the same radio-name. If 1210 * so, they get updated with this same scan info. 1211 */ 1212 if (!wpa_s->driver->get_radio_name) 1213 return; 1214 1215 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv); 1216 if (rn == NULL || rn[0] == '\0') 1217 return; 1218 1219 wpa_dbg(wpa_s, MSG_DEBUG, "Checking for other virtual interfaces " 1220 "sharing same radio (%s) in event_scan_results", rn); 1221 1222 for (ifs = wpa_s->global->ifaces; ifs; ifs = ifs->next) { 1223 if (ifs == wpa_s || !ifs->driver->get_radio_name) 1224 continue; 1225 1226 rn2 = ifs->driver->get_radio_name(ifs->drv_priv); 1227 if (rn2 && os_strcmp(rn, rn2) == 0) { 1228 wpa_printf(MSG_DEBUG, "%s: Updating scan results from " 1229 "sibling", ifs->ifname); 1230#ifdef ANDROID_P2P 1231 if ( (ifs->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE) || (ifs->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)) { 1232 /* Do not update the scan results from STA interface to p2p interfaces */ 1233 wpa_printf(MSG_DEBUG, "Not Updating scan results on interface %s from " 1234 "sibling %s", ifs->ifname, wpa_s->ifname); 1235 continue; 1236 } 1237 else { 1238 /* P2P_FIND will result in too many SCAN_RESULT_EVENTS within 1239 * no time. Avoid announcing it to application as it may not 1240 * be that useful (since results will be that of only 1,6,11). 1241 * over to any other interface as it 1242 */ 1243 if(p2p_search_in_progress(wpa_s->global->p2p)) 1244 _wpa_supplicant_event_scan_results(ifs, data, 1); 1245 else 1246 _wpa_supplicant_event_scan_results(ifs, data, 0); 1247 } 1248#else 1249 _wpa_supplicant_event_scan_results(ifs, data); 1250#endif 1251 } 1252 } 1253} 1254 1255#endif /* CONFIG_NO_SCAN_PROCESSING */ 1256 1257 1258#ifdef CONFIG_WNM 1259 1260static void wnm_bss_keep_alive(void *eloop_ctx, void *sock_ctx) 1261{ 1262 struct wpa_supplicant *wpa_s = eloop_ctx; 1263 1264 if (wpa_s->wpa_state < WPA_ASSOCIATED) 1265 return; 1266 1267 wpa_printf(MSG_DEBUG, "WNM: Send keep-alive to AP " MACSTR, 1268 MAC2STR(wpa_s->bssid)); 1269 /* TODO: could skip this if normal data traffic has been sent */ 1270 /* TODO: Consider using some more appropriate data frame for this */ 1271 if (wpa_s->l2) 1272 l2_packet_send(wpa_s->l2, wpa_s->bssid, 0x0800, (u8 *) "", 0); 1273 1274#ifdef CONFIG_SME 1275 if (wpa_s->sme.bss_max_idle_period) { 1276 unsigned int msec; 1277 msec = wpa_s->sme.bss_max_idle_period * 1024; /* times 1000 */ 1278 if (msec > 100) 1279 msec -= 100; 1280 eloop_register_timeout(msec / 1000, msec % 1000 * 1000, 1281 wnm_bss_keep_alive, wpa_s, NULL); 1282 } 1283#endif /* CONFIG_SME */ 1284} 1285 1286 1287static void wnm_process_assoc_resp(struct wpa_supplicant *wpa_s, 1288 const u8 *ies, size_t ies_len) 1289{ 1290 struct ieee802_11_elems elems; 1291 1292 if (ies == NULL) 1293 return; 1294 1295 if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) 1296 return; 1297 1298#ifdef CONFIG_SME 1299 if (elems.bss_max_idle_period) { 1300 unsigned int msec; 1301 wpa_s->sme.bss_max_idle_period = 1302 WPA_GET_LE16(elems.bss_max_idle_period); 1303 wpa_printf(MSG_DEBUG, "WNM: BSS Max Idle Period: %u (* 1000 " 1304 "TU)%s", wpa_s->sme.bss_max_idle_period, 1305 (elems.bss_max_idle_period[2] & 0x01) ? 1306 " (protected keep-live required)" : ""); 1307 if (wpa_s->sme.bss_max_idle_period == 0) 1308 wpa_s->sme.bss_max_idle_period = 1; 1309 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) { 1310 eloop_cancel_timeout(wnm_bss_keep_alive, wpa_s, NULL); 1311 /* msec times 1000 */ 1312 msec = wpa_s->sme.bss_max_idle_period * 1024; 1313 if (msec > 100) 1314 msec -= 100; 1315 eloop_register_timeout(msec / 1000, msec % 1000 * 1000, 1316 wnm_bss_keep_alive, wpa_s, 1317 NULL); 1318 } 1319 } 1320#endif /* CONFIG_SME */ 1321} 1322 1323#endif /* CONFIG_WNM */ 1324 1325 1326void wnm_bss_keep_alive_deinit(struct wpa_supplicant *wpa_s) 1327{ 1328#ifdef CONFIG_WNM 1329 eloop_cancel_timeout(wnm_bss_keep_alive, wpa_s, NULL); 1330#endif /* CONFIG_WNM */ 1331} 1332 1333 1334static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, 1335 union wpa_event_data *data) 1336{ 1337 int l, len, found = 0, wpa_found, rsn_found; 1338 const u8 *p; 1339 1340 wpa_dbg(wpa_s, MSG_DEBUG, "Association info event"); 1341 if (data->assoc_info.req_ies) 1342 wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies, 1343 data->assoc_info.req_ies_len); 1344 if (data->assoc_info.resp_ies) { 1345 wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies, 1346 data->assoc_info.resp_ies_len); 1347#ifdef CONFIG_TDLS 1348 wpa_tdls_assoc_resp_ies(wpa_s->wpa, data->assoc_info.resp_ies, 1349 data->assoc_info.resp_ies_len); 1350#endif /* CONFIG_TDLS */ 1351#ifdef CONFIG_WNM 1352 wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, 1353 data->assoc_info.resp_ies_len); 1354#endif /* CONFIG_WNM */ 1355 } 1356 if (data->assoc_info.beacon_ies) 1357 wpa_hexdump(MSG_DEBUG, "beacon_ies", 1358 data->assoc_info.beacon_ies, 1359 data->assoc_info.beacon_ies_len); 1360 if (data->assoc_info.freq) 1361 wpa_dbg(wpa_s, MSG_DEBUG, "freq=%u MHz", 1362 data->assoc_info.freq); 1363 1364 p = data->assoc_info.req_ies; 1365 l = data->assoc_info.req_ies_len; 1366 1367 /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */ 1368 while (p && l >= 2) { 1369 len = p[1] + 2; 1370 if (len > l) { 1371 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", 1372 p, l); 1373 break; 1374 } 1375 if ((p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && 1376 (os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) || 1377 (p[0] == WLAN_EID_RSN && p[1] >= 2)) { 1378 if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len)) 1379 break; 1380 found = 1; 1381 wpa_find_assoc_pmkid(wpa_s); 1382 break; 1383 } 1384 l -= len; 1385 p += len; 1386 } 1387 if (!found && data->assoc_info.req_ies) 1388 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 1389 1390#ifdef CONFIG_IEEE80211R 1391#ifdef CONFIG_SME 1392 if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FT) { 1393 u8 bssid[ETH_ALEN]; 1394 if (wpa_drv_get_bssid(wpa_s, bssid) < 0 || 1395 wpa_ft_validate_reassoc_resp(wpa_s->wpa, 1396 data->assoc_info.resp_ies, 1397 data->assoc_info.resp_ies_len, 1398 bssid) < 0) { 1399 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Validation of " 1400 "Reassociation Response failed"); 1401 wpa_supplicant_deauthenticate( 1402 wpa_s, WLAN_REASON_INVALID_IE); 1403 return -1; 1404 } 1405 } 1406 1407 p = data->assoc_info.resp_ies; 1408 l = data->assoc_info.resp_ies_len; 1409 1410#ifdef CONFIG_WPS_STRICT 1411 if (p && wpa_s->current_ssid && 1412 wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_WPS) { 1413 struct wpabuf *wps; 1414 wps = ieee802_11_vendor_ie_concat(p, l, WPS_IE_VENDOR_TYPE); 1415 if (wps == NULL) { 1416 wpa_msg(wpa_s, MSG_INFO, "WPS-STRICT: AP did not " 1417 "include WPS IE in (Re)Association Response"); 1418 return -1; 1419 } 1420 1421 if (wps_validate_assoc_resp(wps) < 0) { 1422 wpabuf_free(wps); 1423 wpa_supplicant_deauthenticate( 1424 wpa_s, WLAN_REASON_INVALID_IE); 1425 return -1; 1426 } 1427 wpabuf_free(wps); 1428 } 1429#endif /* CONFIG_WPS_STRICT */ 1430 1431 /* Go through the IEs and make a copy of the MDIE, if present. */ 1432 while (p && l >= 2) { 1433 len = p[1] + 2; 1434 if (len > l) { 1435 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", 1436 p, l); 1437 break; 1438 } 1439 if (p[0] == WLAN_EID_MOBILITY_DOMAIN && 1440 p[1] >= MOBILITY_DOMAIN_ID_LEN) { 1441 wpa_s->sme.ft_used = 1; 1442 os_memcpy(wpa_s->sme.mobility_domain, p + 2, 1443 MOBILITY_DOMAIN_ID_LEN); 1444 break; 1445 } 1446 l -= len; 1447 p += len; 1448 } 1449#endif /* CONFIG_SME */ 1450 1451 wpa_sm_set_ft_params(wpa_s->wpa, data->assoc_info.resp_ies, 1452 data->assoc_info.resp_ies_len); 1453#endif /* CONFIG_IEEE80211R */ 1454 1455 /* WPA/RSN IE from Beacon/ProbeResp */ 1456 p = data->assoc_info.beacon_ies; 1457 l = data->assoc_info.beacon_ies_len; 1458 1459 /* Go through the IEs and make a copy of the WPA/RSN IEs, if present. 1460 */ 1461 wpa_found = rsn_found = 0; 1462 while (p && l >= 2) { 1463 len = p[1] + 2; 1464 if (len > l) { 1465 wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies", 1466 p, l); 1467 break; 1468 } 1469 if (!wpa_found && 1470 p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && 1471 os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) { 1472 wpa_found = 1; 1473 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len); 1474 } 1475 1476 if (!rsn_found && 1477 p[0] == WLAN_EID_RSN && p[1] >= 2) { 1478 rsn_found = 1; 1479 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len); 1480 } 1481 1482 l -= len; 1483 p += len; 1484 } 1485 1486 if (!wpa_found && data->assoc_info.beacon_ies) 1487 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 1488 if (!rsn_found && data->assoc_info.beacon_ies) 1489 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 1490 if (wpa_found || rsn_found) 1491 wpa_s->ap_ies_from_associnfo = 1; 1492 1493 if (wpa_s->assoc_freq && data->assoc_info.freq && 1494 wpa_s->assoc_freq != data->assoc_info.freq) { 1495 wpa_printf(MSG_DEBUG, "Operating frequency changed from " 1496 "%u to %u MHz", 1497 wpa_s->assoc_freq, data->assoc_info.freq); 1498 wpa_supplicant_update_scan_results(wpa_s); 1499 } 1500 1501 wpa_s->assoc_freq = data->assoc_info.freq; 1502 1503 return 0; 1504} 1505 1506 1507static struct wpa_bss * wpa_supplicant_get_new_bss( 1508 struct wpa_supplicant *wpa_s, const u8 *bssid) 1509{ 1510 struct wpa_bss *bss = NULL; 1511 struct wpa_ssid *ssid = wpa_s->current_ssid; 1512 1513 if (ssid->ssid_len > 0) 1514 bss = wpa_bss_get(wpa_s, bssid, ssid->ssid, ssid->ssid_len); 1515 if (!bss) 1516 bss = wpa_bss_get_bssid(wpa_s, bssid); 1517 1518 return bss; 1519} 1520 1521 1522static int wpa_supplicant_assoc_update_ie(struct wpa_supplicant *wpa_s) 1523{ 1524 const u8 *bss_wpa = NULL, *bss_rsn = NULL; 1525 1526 if (!wpa_s->current_bss || !wpa_s->current_ssid) 1527 return -1; 1528 1529 if (!wpa_key_mgmt_wpa_any(wpa_s->current_ssid->key_mgmt)) 1530 return 0; 1531 1532 bss_wpa = wpa_bss_get_vendor_ie(wpa_s->current_bss, 1533 WPA_IE_VENDOR_TYPE); 1534 bss_rsn = wpa_bss_get_ie(wpa_s->current_bss, WLAN_EID_RSN); 1535 1536 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, 1537 bss_wpa ? 2 + bss_wpa[1] : 0) || 1538 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, 1539 bss_rsn ? 2 + bss_rsn[1] : 0)) 1540 return -1; 1541 1542 return 0; 1543} 1544 1545 1546static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, 1547 union wpa_event_data *data) 1548{ 1549 u8 bssid[ETH_ALEN]; 1550 int ft_completed; 1551 int bssid_changed; 1552 struct wpa_driver_capa capa; 1553 1554#ifdef CONFIG_AP 1555 if (wpa_s->ap_iface) { 1556 hostapd_notif_assoc(wpa_s->ap_iface->bss[0], 1557 data->assoc_info.addr, 1558 data->assoc_info.req_ies, 1559 data->assoc_info.req_ies_len, 1560 data->assoc_info.reassoc); 1561 return; 1562 } 1563#endif /* CONFIG_AP */ 1564 1565 ft_completed = wpa_ft_is_completed(wpa_s->wpa); 1566 if (data && wpa_supplicant_event_associnfo(wpa_s, data) < 0) 1567 return; 1568 1569 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED); 1570 if (wpa_drv_get_bssid(wpa_s, bssid) >= 0 && 1571 os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0) { 1572 wpa_dbg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID=" 1573 MACSTR, MAC2STR(bssid)); 1574 random_add_randomness(bssid, ETH_ALEN); 1575 bssid_changed = os_memcmp(wpa_s->bssid, bssid, ETH_ALEN); 1576 os_memcpy(wpa_s->bssid, bssid, ETH_ALEN); 1577 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 1578 if (bssid_changed) 1579 wpas_notify_bssid_changed(wpa_s); 1580 1581 if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) { 1582 wpa_clear_keys(wpa_s, bssid); 1583 } 1584 if (wpa_supplicant_select_config(wpa_s) < 0) { 1585 wpa_supplicant_disassociate( 1586 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1587 return; 1588 } 1589 if (wpa_s->current_ssid) { 1590 struct wpa_bss *bss = NULL; 1591 1592 bss = wpa_supplicant_get_new_bss(wpa_s, bssid); 1593 if (!bss) { 1594 wpa_supplicant_update_scan_results(wpa_s); 1595 1596 /* Get the BSS from the new scan results */ 1597 bss = wpa_supplicant_get_new_bss(wpa_s, bssid); 1598 } 1599 1600 if (bss) 1601 wpa_s->current_bss = bss; 1602 } 1603 1604 if (wpa_s->conf->ap_scan == 1 && 1605 wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION) { 1606 if (wpa_supplicant_assoc_update_ie(wpa_s) < 0) 1607 wpa_msg(wpa_s, MSG_WARNING, 1608 "WPA/RSN IEs not updated"); 1609 } 1610 } 1611 1612#ifdef CONFIG_SME 1613 os_memcpy(wpa_s->sme.prev_bssid, bssid, ETH_ALEN); 1614 wpa_s->sme.prev_bssid_set = 1; 1615#endif /* CONFIG_SME */ 1616 1617 wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid)); 1618 if (wpa_s->current_ssid) { 1619 /* When using scanning (ap_scan=1), SIM PC/SC interface can be 1620 * initialized before association, but for other modes, 1621 * initialize PC/SC here, if the current configuration needs 1622 * smartcard or SIM/USIM. */ 1623 wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid); 1624 } 1625 wpa_sm_notify_assoc(wpa_s->wpa, bssid); 1626 if (wpa_s->l2) 1627 l2_packet_notify_auth_start(wpa_s->l2); 1628 1629 /* 1630 * Set portEnabled first to FALSE in order to get EAP state machine out 1631 * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE 1632 * state machine may transit to AUTHENTICATING state based on obsolete 1633 * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to 1634 * AUTHENTICATED without ever giving chance to EAP state machine to 1635 * reset the state. 1636 */ 1637 if (!ft_completed) { 1638 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 1639 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 1640 } 1641 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed) 1642 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 1643 /* 802.1X::portControl = Auto */ 1644 eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE); 1645 wpa_s->eapol_received = 0; 1646 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1647 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE || 1648 (wpa_s->current_ssid && 1649 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS)) { 1650 wpa_supplicant_cancel_auth_timeout(wpa_s); 1651 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1652 } else if (!ft_completed) { 1653 /* Timeout for receiving the first EAPOL packet */ 1654 wpa_supplicant_req_auth_timeout(wpa_s, 10, 0); 1655 } 1656 wpa_supplicant_cancel_scan(wpa_s); 1657 1658 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1659 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 1660 /* 1661 * We are done; the driver will take care of RSN 4-way 1662 * handshake. 1663 */ 1664 wpa_supplicant_cancel_auth_timeout(wpa_s); 1665 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1666 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1667 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 1668 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1669 wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 1670 /* 1671 * The driver will take care of RSN 4-way handshake, so we need 1672 * to allow EAPOL supplicant to complete its work without 1673 * waiting for WPA supplicant. 1674 */ 1675 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1676 } else if (ft_completed) { 1677 /* 1678 * FT protocol completed - make sure EAPOL state machine ends 1679 * up in authenticated. 1680 */ 1681 wpa_supplicant_cancel_auth_timeout(wpa_s); 1682 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1683 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1684 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 1685 } 1686 1687 if (wpa_s->pending_eapol_rx) { 1688 struct os_time now, age; 1689 os_get_time(&now); 1690 os_time_sub(&now, &wpa_s->pending_eapol_rx_time, &age); 1691 if (age.sec == 0 && age.usec < 100000 && 1692 os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) == 1693 0) { 1694 wpa_dbg(wpa_s, MSG_DEBUG, "Process pending EAPOL " 1695 "frame that was received just before " 1696 "association notification"); 1697 wpa_supplicant_rx_eapol( 1698 wpa_s, wpa_s->pending_eapol_rx_src, 1699 wpabuf_head(wpa_s->pending_eapol_rx), 1700 wpabuf_len(wpa_s->pending_eapol_rx)); 1701 } 1702 wpabuf_free(wpa_s->pending_eapol_rx); 1703 wpa_s->pending_eapol_rx = NULL; 1704 } 1705 1706 if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1707 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) && 1708 wpa_s->current_ssid && wpa_drv_get_capa(wpa_s, &capa) == 0 && 1709 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE) { 1710 /* Set static WEP keys again */ 1711 wpa_set_wep_keys(wpa_s, wpa_s->current_ssid); 1712 } 1713 1714#ifdef CONFIG_IBSS_RSN 1715 if (wpa_s->current_ssid && 1716 wpa_s->current_ssid->mode == WPAS_MODE_IBSS && 1717 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 1718 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE && 1719 wpa_s->ibss_rsn == NULL) { 1720 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s); 1721 if (!wpa_s->ibss_rsn) { 1722 wpa_msg(wpa_s, MSG_INFO, "Failed to init IBSS RSN"); 1723 wpa_supplicant_deauthenticate( 1724 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1725 return; 1726 } 1727 1728 ibss_rsn_set_psk(wpa_s->ibss_rsn, wpa_s->current_ssid->psk); 1729 } 1730#endif /* CONFIG_IBSS_RSN */ 1731} 1732 1733 1734static int disconnect_reason_recoverable(u16 reason_code) 1735{ 1736 return reason_code == WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY || 1737 reason_code == WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA || 1738 reason_code == WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA; 1739} 1740 1741 1742static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s, 1743 u16 reason_code, 1744 int locally_generated) 1745{ 1746 const u8 *bssid; 1747 int authenticating; 1748 u8 prev_pending_bssid[ETH_ALEN]; 1749 struct wpa_bss *fast_reconnect = NULL; 1750 struct wpa_ssid *fast_reconnect_ssid = NULL; 1751 1752 authenticating = wpa_s->wpa_state == WPA_AUTHENTICATING; 1753 os_memcpy(prev_pending_bssid, wpa_s->pending_bssid, ETH_ALEN); 1754 1755 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 1756 /* 1757 * At least Host AP driver and a Prism3 card seemed to be 1758 * generating streams of disconnected events when configuring 1759 * IBSS for WPA-None. Ignore them for now. 1760 */ 1761 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - ignore in " 1762 "IBSS/WPA-None mode"); 1763 return; 1764 } 1765 1766 if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE && 1767 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 1768 wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - " 1769 "pre-shared key may be incorrect"); 1770 } 1771 if (!wpa_s->auto_reconnect_disabled || 1772 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 1773 wpa_dbg(wpa_s, MSG_DEBUG, "Auto connect enabled: try to " 1774 "reconnect (wps=%d wpa_state=%d)", 1775 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS, 1776 wpa_s->wpa_state); 1777 if (wpa_s->wpa_state == WPA_COMPLETED && 1778 wpa_s->current_ssid && 1779 wpa_s->current_ssid->mode == WPAS_MODE_INFRA && 1780 !locally_generated && 1781 disconnect_reason_recoverable(reason_code)) { 1782 /* 1783 * It looks like the AP has dropped association with 1784 * us, but could allow us to get back in. Try to 1785 * reconnect to the same BSS without full scan to save 1786 * time for some common cases. 1787 */ 1788 fast_reconnect = wpa_s->current_bss; 1789 fast_reconnect_ssid = wpa_s->current_ssid; 1790 } else if (wpa_s->wpa_state >= WPA_ASSOCIATING) 1791#ifdef ANDROID 1792 wpa_supplicant_req_scan(wpa_s, 0, 500000); 1793#else 1794 wpa_supplicant_req_scan(wpa_s, 0, 100000); 1795#endif 1796 else 1797 wpa_dbg(wpa_s, MSG_DEBUG, "Do not request new " 1798 "immediate scan"); 1799 } else { 1800 wpa_dbg(wpa_s, MSG_DEBUG, "Auto connect disabled: do not " 1801 "try to re-connect"); 1802 wpa_s->reassociate = 0; 1803 wpa_s->disconnected = 1; 1804 wpa_supplicant_cancel_sched_scan(wpa_s); 1805 } 1806 bssid = wpa_s->bssid; 1807 if (is_zero_ether_addr(bssid)) 1808 bssid = wpa_s->pending_bssid; 1809 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 1810 wpas_connection_failed(wpa_s, bssid); 1811 wpa_sm_notify_disassoc(wpa_s->wpa); 1812 if (locally_generated) 1813 wpa_s->disconnect_reason = -reason_code; 1814 else 1815 wpa_s->disconnect_reason = reason_code; 1816 wpas_notify_disconnect_reason(wpa_s); 1817 if (!is_zero_ether_addr(bssid) || 1818 wpa_s->wpa_state >= WPA_AUTHENTICATING) { 1819 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 1820 " reason=%d%s", 1821 MAC2STR(bssid), reason_code, 1822 locally_generated ? " locally_generated=1" : ""); 1823 } 1824 if (wpa_supplicant_dynamic_keys(wpa_s)) { 1825 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - remove keys"); 1826 wpa_s->keys_cleared = 0; 1827 wpa_clear_keys(wpa_s, wpa_s->bssid); 1828 } 1829 wpa_supplicant_mark_disassoc(wpa_s); 1830 1831 if (authenticating && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 1832 sme_disassoc_while_authenticating(wpa_s, prev_pending_bssid); 1833 1834 if (fast_reconnect) { 1835#ifndef CONFIG_NO_SCAN_PROCESSING 1836 wpa_dbg(wpa_s, MSG_DEBUG, "Try to reconnect to the same BSS"); 1837 if (wpa_supplicant_connect(wpa_s, fast_reconnect, 1838 fast_reconnect_ssid) < 0) { 1839 /* Recover through full scan */ 1840 wpa_supplicant_req_scan(wpa_s, 0, 100000); 1841 } 1842#endif /* CONFIG_NO_SCAN_PROCESSING */ 1843 } 1844} 1845 1846 1847#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 1848void wpa_supplicant_delayed_mic_error_report(void *eloop_ctx, void *sock_ctx) 1849{ 1850 struct wpa_supplicant *wpa_s = eloop_ctx; 1851 1852 if (!wpa_s->pending_mic_error_report) 1853 return; 1854 1855 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Sending pending MIC error report"); 1856 wpa_sm_key_request(wpa_s->wpa, 1, wpa_s->pending_mic_error_pairwise); 1857 wpa_s->pending_mic_error_report = 0; 1858} 1859#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1860 1861 1862static void 1863wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s, 1864 union wpa_event_data *data) 1865{ 1866 int pairwise; 1867 struct os_time t; 1868 1869 wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected"); 1870 pairwise = (data && data->michael_mic_failure.unicast); 1871 os_get_time(&t); 1872 if ((wpa_s->last_michael_mic_error && 1873 t.sec - wpa_s->last_michael_mic_error <= 60) || 1874 wpa_s->pending_mic_error_report) { 1875 if (wpa_s->pending_mic_error_report) { 1876 /* 1877 * Send the pending MIC error report immediately since 1878 * we are going to start countermeasures and AP better 1879 * do the same. 1880 */ 1881 wpa_sm_key_request(wpa_s->wpa, 1, 1882 wpa_s->pending_mic_error_pairwise); 1883 } 1884 1885 /* Send the new MIC error report immediately since we are going 1886 * to start countermeasures and AP better do the same. 1887 */ 1888 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1889 1890 /* initialize countermeasures */ 1891 wpa_s->countermeasures = 1; 1892 1893 wpa_blacklist_add(wpa_s, wpa_s->bssid); 1894 1895 wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started"); 1896 1897 /* 1898 * Need to wait for completion of request frame. We do not get 1899 * any callback for the message completion, so just wait a 1900 * short while and hope for the best. */ 1901 os_sleep(0, 10000); 1902 1903 wpa_drv_set_countermeasures(wpa_s, 1); 1904 wpa_supplicant_deauthenticate(wpa_s, 1905 WLAN_REASON_MICHAEL_MIC_FAILURE); 1906 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, 1907 wpa_s, NULL); 1908 eloop_register_timeout(60, 0, 1909 wpa_supplicant_stop_countermeasures, 1910 wpa_s, NULL); 1911 /* TODO: mark the AP rejected for 60 second. STA is 1912 * allowed to associate with another AP.. */ 1913 } else { 1914#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 1915 if (wpa_s->mic_errors_seen) { 1916 /* 1917 * Reduce the effectiveness of Michael MIC error 1918 * reports as a means for attacking against TKIP if 1919 * more than one MIC failure is noticed with the same 1920 * PTK. We delay the transmission of the reports by a 1921 * random time between 0 and 60 seconds in order to 1922 * force the attacker wait 60 seconds before getting 1923 * the information on whether a frame resulted in a MIC 1924 * failure. 1925 */ 1926 u8 rval[4]; 1927 int sec; 1928 1929 if (os_get_random(rval, sizeof(rval)) < 0) 1930 sec = os_random() % 60; 1931 else 1932 sec = WPA_GET_BE32(rval) % 60; 1933 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Delay MIC error " 1934 "report %d seconds", sec); 1935 wpa_s->pending_mic_error_report = 1; 1936 wpa_s->pending_mic_error_pairwise = pairwise; 1937 eloop_cancel_timeout( 1938 wpa_supplicant_delayed_mic_error_report, 1939 wpa_s, NULL); 1940 eloop_register_timeout( 1941 sec, os_random() % 1000000, 1942 wpa_supplicant_delayed_mic_error_report, 1943 wpa_s, NULL); 1944 } else { 1945 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1946 } 1947#else /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1948 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1949#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1950 } 1951 wpa_s->last_michael_mic_error = t.sec; 1952 wpa_s->mic_errors_seen++; 1953} 1954 1955 1956#ifdef CONFIG_TERMINATE_ONLASTIF 1957static int any_interfaces(struct wpa_supplicant *head) 1958{ 1959 struct wpa_supplicant *wpa_s; 1960 1961 for (wpa_s = head; wpa_s != NULL; wpa_s = wpa_s->next) 1962 if (!wpa_s->interface_removed) 1963 return 1; 1964 return 0; 1965} 1966#endif /* CONFIG_TERMINATE_ONLASTIF */ 1967 1968 1969static void 1970wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s, 1971 union wpa_event_data *data) 1972{ 1973 if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0) 1974 return; 1975 1976 switch (data->interface_status.ievent) { 1977 case EVENT_INTERFACE_ADDED: 1978 if (!wpa_s->interface_removed) 1979 break; 1980 wpa_s->interface_removed = 0; 1981 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was added"); 1982 if (wpa_supplicant_driver_init(wpa_s) < 0) { 1983 wpa_msg(wpa_s, MSG_INFO, "Failed to initialize the " 1984 "driver after interface was added"); 1985 } 1986 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 1987 break; 1988 case EVENT_INTERFACE_REMOVED: 1989 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was removed"); 1990 wpa_s->interface_removed = 1; 1991 wpa_supplicant_mark_disassoc(wpa_s); 1992 wpa_supplicant_set_state(wpa_s, WPA_INTERFACE_DISABLED); 1993 l2_packet_deinit(wpa_s->l2); 1994 wpa_s->l2 = NULL; 1995#ifdef CONFIG_IBSS_RSN 1996 ibss_rsn_deinit(wpa_s->ibss_rsn); 1997 wpa_s->ibss_rsn = NULL; 1998#endif /* CONFIG_IBSS_RSN */ 1999#ifdef CONFIG_TERMINATE_ONLASTIF 2000 /* check if last interface */ 2001 if (!any_interfaces(wpa_s->global->ifaces)) 2002 eloop_terminate(); 2003#endif /* CONFIG_TERMINATE_ONLASTIF */ 2004 break; 2005 } 2006} 2007 2008 2009#ifdef CONFIG_PEERKEY 2010static void 2011wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s, 2012 union wpa_event_data *data) 2013{ 2014 if (data == NULL) 2015 return; 2016 wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer); 2017} 2018#endif /* CONFIG_PEERKEY */ 2019 2020 2021#ifdef CONFIG_TDLS 2022static void wpa_supplicant_event_tdls(struct wpa_supplicant *wpa_s, 2023 union wpa_event_data *data) 2024{ 2025 if (data == NULL) 2026 return; 2027 switch (data->tdls.oper) { 2028 case TDLS_REQUEST_SETUP: 2029 wpa_tdls_start(wpa_s->wpa, data->tdls.peer); 2030 break; 2031 case TDLS_REQUEST_TEARDOWN: 2032 wpa_tdls_send_teardown(wpa_s->wpa, data->tdls.peer, 2033 data->tdls.reason_code); 2034 break; 2035 } 2036} 2037#endif /* CONFIG_TDLS */ 2038 2039 2040#ifdef CONFIG_IEEE80211R 2041static void 2042wpa_supplicant_event_ft_response(struct wpa_supplicant *wpa_s, 2043 union wpa_event_data *data) 2044{ 2045 if (data == NULL) 2046 return; 2047 2048 if (wpa_ft_process_response(wpa_s->wpa, data->ft_ies.ies, 2049 data->ft_ies.ies_len, 2050 data->ft_ies.ft_action, 2051 data->ft_ies.target_ap, 2052 data->ft_ies.ric_ies, 2053 data->ft_ies.ric_ies_len) < 0) { 2054 /* TODO: prevent MLME/driver from trying to associate? */ 2055 } 2056} 2057#endif /* CONFIG_IEEE80211R */ 2058 2059 2060#ifdef CONFIG_IBSS_RSN 2061static void wpa_supplicant_event_ibss_rsn_start(struct wpa_supplicant *wpa_s, 2062 union wpa_event_data *data) 2063{ 2064 struct wpa_ssid *ssid; 2065 if (wpa_s->wpa_state < WPA_ASSOCIATED) 2066 return; 2067 if (data == NULL) 2068 return; 2069 ssid = wpa_s->current_ssid; 2070 if (ssid == NULL) 2071 return; 2072 if (ssid->mode != WPAS_MODE_IBSS || !wpa_key_mgmt_wpa(ssid->key_mgmt)) 2073 return; 2074 2075 ibss_rsn_start(wpa_s->ibss_rsn, data->ibss_rsn_start.peer); 2076} 2077#endif /* CONFIG_IBSS_RSN */ 2078 2079 2080#ifdef CONFIG_IEEE80211R 2081static void ft_rx_action(struct wpa_supplicant *wpa_s, const u8 *data, 2082 size_t len) 2083{ 2084 const u8 *sta_addr, *target_ap_addr; 2085 u16 status; 2086 2087 wpa_hexdump(MSG_MSGDUMP, "FT: RX Action", data, len); 2088 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 2089 return; /* only SME case supported for now */ 2090 if (len < 1 + 2 * ETH_ALEN + 2) 2091 return; 2092 if (data[0] != 2) 2093 return; /* Only FT Action Response is supported for now */ 2094 sta_addr = data + 1; 2095 target_ap_addr = data + 1 + ETH_ALEN; 2096 status = WPA_GET_LE16(data + 1 + 2 * ETH_ALEN); 2097 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Received FT Action Response: STA " 2098 MACSTR " TargetAP " MACSTR " status %u", 2099 MAC2STR(sta_addr), MAC2STR(target_ap_addr), status); 2100 2101 if (os_memcmp(sta_addr, wpa_s->own_addr, ETH_ALEN) != 0) { 2102 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Foreign STA Address " MACSTR 2103 " in FT Action Response", MAC2STR(sta_addr)); 2104 return; 2105 } 2106 2107 if (status) { 2108 wpa_dbg(wpa_s, MSG_DEBUG, "FT: FT Action Response indicates " 2109 "failure (status code %d)", status); 2110 /* TODO: report error to FT code(?) */ 2111 return; 2112 } 2113 2114 if (wpa_ft_process_response(wpa_s->wpa, data + 1 + 2 * ETH_ALEN + 2, 2115 len - (1 + 2 * ETH_ALEN + 2), 1, 2116 target_ap_addr, NULL, 0) < 0) 2117 return; 2118 2119#ifdef CONFIG_SME 2120 { 2121 struct wpa_bss *bss; 2122 bss = wpa_bss_get_bssid(wpa_s, target_ap_addr); 2123 if (bss) 2124 wpa_s->sme.freq = bss->freq; 2125 wpa_s->sme.auth_alg = WPA_AUTH_ALG_FT; 2126 sme_associate(wpa_s, WPAS_MODE_INFRA, target_ap_addr, 2127 WLAN_AUTH_FT); 2128 } 2129#endif /* CONFIG_SME */ 2130} 2131#endif /* CONFIG_IEEE80211R */ 2132 2133 2134static void wpa_supplicant_event_unprot_deauth(struct wpa_supplicant *wpa_s, 2135 struct unprot_deauth *e) 2136{ 2137#ifdef CONFIG_IEEE80211W 2138 wpa_printf(MSG_DEBUG, "Unprotected Deauthentication frame " 2139 "dropped: " MACSTR " -> " MACSTR 2140 " (reason code %u)", 2141 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); 2142 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); 2143#endif /* CONFIG_IEEE80211W */ 2144} 2145 2146 2147static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s, 2148 struct unprot_disassoc *e) 2149{ 2150#ifdef CONFIG_IEEE80211W 2151 wpa_printf(MSG_DEBUG, "Unprotected Disassociation frame " 2152 "dropped: " MACSTR " -> " MACSTR 2153 " (reason code %u)", 2154 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); 2155 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); 2156#endif /* CONFIG_IEEE80211W */ 2157} 2158 2159 2160static void wnm_action_rx(struct wpa_supplicant *wpa_s, struct rx_action *rx) 2161{ 2162 u8 action, mode; 2163 const u8 *pos, *end; 2164 2165 if (rx->data == NULL || rx->len == 0) 2166 return; 2167 2168 pos = rx->data; 2169 end = pos + rx->len; 2170 action = *pos++; 2171 2172 wpa_printf(MSG_DEBUG, "WNM: RX action %u from " MACSTR, 2173 action, MAC2STR(rx->sa)); 2174 switch (action) { 2175 case WNM_BSS_TRANS_MGMT_REQ: 2176 if (pos + 5 > end) 2177 break; 2178 wpa_printf(MSG_DEBUG, "WNM: BSS Transition Management " 2179 "Request: dialog_token=%u request_mode=0x%x " 2180 "disassoc_timer=%u validity_interval=%u", 2181 pos[0], pos[1], WPA_GET_LE16(pos + 2), pos[4]); 2182 mode = pos[1]; 2183 pos += 5; 2184 if (mode & 0x08) 2185 pos += 12; /* BSS Termination Duration */ 2186 if (mode & 0x10) { 2187 char url[256]; 2188 if (pos + 1 > end || pos + 1 + pos[0] > end) { 2189 wpa_printf(MSG_DEBUG, "WNM: Invalid BSS " 2190 "Transition Management Request " 2191 "(URL)"); 2192 break; 2193 } 2194 os_memcpy(url, pos + 1, pos[0]); 2195 url[pos[0]] = '\0'; 2196 wpa_msg(wpa_s, MSG_INFO, "WNM: ESS Disassociation " 2197 "Imminent - session_info_url=%s", url); 2198 } 2199 break; 2200 } 2201} 2202 2203 2204void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 2205 union wpa_event_data *data) 2206{ 2207 struct wpa_supplicant *wpa_s = ctx; 2208 u16 reason_code = 0; 2209 int locally_generated = 0; 2210 2211 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED && 2212 event != EVENT_INTERFACE_ENABLED && 2213 event != EVENT_INTERFACE_STATUS && 2214 event != EVENT_SCHED_SCAN_STOPPED) { 2215 wpa_dbg(wpa_s, MSG_DEBUG, 2216 "Ignore event %s (%d) while interface is disabled", 2217 event_to_string(event), event); 2218 return; 2219 } 2220 2221#ifndef CONFIG_NO_STDOUT_DEBUG 2222{ 2223 int level = MSG_DEBUG; 2224 2225 if (event == EVENT_RX_MGMT && data->rx_mgmt.frame_len >= 24) { 2226 const struct ieee80211_hdr *hdr; 2227 u16 fc; 2228 hdr = (const struct ieee80211_hdr *) data->rx_mgmt.frame; 2229 fc = le_to_host16(hdr->frame_control); 2230 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 2231 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 2232 level = MSG_EXCESSIVE; 2233 } 2234 2235 wpa_dbg(wpa_s, level, "Event %s (%d) received", 2236 event_to_string(event), event); 2237} 2238#endif /* CONFIG_NO_STDOUT_DEBUG */ 2239 2240 switch (event) { 2241 case EVENT_AUTH: 2242 sme_event_auth(wpa_s, data); 2243 break; 2244 case EVENT_ASSOC: 2245 wpa_supplicant_event_assoc(wpa_s, data); 2246 break; 2247 case EVENT_DISASSOC: 2248 wpa_dbg(wpa_s, MSG_DEBUG, "Disassociation notification"); 2249 if (data) { 2250 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u%s", 2251 data->disassoc_info.reason_code, 2252 data->disassoc_info.locally_generated ? 2253 " (locally generated)" : ""); 2254 if (data->disassoc_info.addr) 2255 wpa_dbg(wpa_s, MSG_DEBUG, " * address " MACSTR, 2256 MAC2STR(data->disassoc_info.addr)); 2257 } 2258#ifdef CONFIG_AP 2259 if (wpa_s->ap_iface && data && data->disassoc_info.addr) { 2260 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0], 2261 data->disassoc_info.addr); 2262 break; 2263 } 2264 if (wpa_s->ap_iface) { 2265 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore disassoc event in " 2266 "AP mode"); 2267 break; 2268 } 2269#endif /* CONFIG_AP */ 2270 if (data) { 2271 reason_code = data->disassoc_info.reason_code; 2272 locally_generated = 2273 data->disassoc_info.locally_generated; 2274 wpa_hexdump(MSG_DEBUG, "Disassociation frame IE(s)", 2275 data->disassoc_info.ie, 2276 data->disassoc_info.ie_len); 2277#ifdef CONFIG_P2P 2278 wpas_p2p_disassoc_notif( 2279 wpa_s, data->disassoc_info.addr, reason_code, 2280 data->disassoc_info.ie, 2281 data->disassoc_info.ie_len, 2282 locally_generated); 2283#endif /* CONFIG_P2P */ 2284 } 2285 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 2286 sme_event_disassoc(wpa_s, data); 2287 /* fall through */ 2288 case EVENT_DEAUTH: 2289 if (event == EVENT_DEAUTH) { 2290 wpa_dbg(wpa_s, MSG_DEBUG, 2291 "Deauthentication notification"); 2292 if (data) { 2293 reason_code = data->deauth_info.reason_code; 2294 locally_generated = 2295 data->deauth_info.locally_generated; 2296 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u%s", 2297 data->deauth_info.reason_code, 2298 data->deauth_info.locally_generated ? 2299 " (locally generated)" : ""); 2300 if (data->deauth_info.addr) { 2301 wpa_dbg(wpa_s, MSG_DEBUG, " * address " 2302 MACSTR, 2303 MAC2STR(data->deauth_info. 2304 addr)); 2305 } 2306 wpa_hexdump(MSG_DEBUG, 2307 "Deauthentication frame IE(s)", 2308 data->deauth_info.ie, 2309 data->deauth_info.ie_len); 2310 } 2311 } 2312#ifdef CONFIG_AP 2313 if (wpa_s->ap_iface && data && data->deauth_info.addr) { 2314 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0], 2315 data->deauth_info.addr); 2316 break; 2317 } 2318 if (wpa_s->ap_iface) { 2319 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore deauth event in " 2320 "AP mode"); 2321 break; 2322 } 2323#endif /* CONFIG_AP */ 2324 wpa_supplicant_event_disassoc(wpa_s, reason_code, 2325 locally_generated); 2326#ifdef CONFIG_P2P 2327 if (event == EVENT_DEAUTH && data) { 2328 wpas_p2p_deauth_notif(wpa_s, data->deauth_info.addr, 2329 reason_code, 2330 data->deauth_info.ie, 2331 data->deauth_info.ie_len, 2332 locally_generated); 2333 } 2334#endif /* CONFIG_P2P */ 2335 break; 2336 case EVENT_MICHAEL_MIC_FAILURE: 2337 wpa_supplicant_event_michael_mic_failure(wpa_s, data); 2338 break; 2339#ifndef CONFIG_NO_SCAN_PROCESSING 2340 case EVENT_SCAN_RESULTS: 2341 wpa_supplicant_event_scan_results(wpa_s, data); 2342 break; 2343#endif /* CONFIG_NO_SCAN_PROCESSING */ 2344 case EVENT_ASSOCINFO: 2345 wpa_supplicant_event_associnfo(wpa_s, data); 2346 break; 2347 case EVENT_INTERFACE_STATUS: 2348 wpa_supplicant_event_interface_status(wpa_s, data); 2349 break; 2350 case EVENT_PMKID_CANDIDATE: 2351 wpa_supplicant_event_pmkid_candidate(wpa_s, data); 2352 break; 2353#ifdef CONFIG_PEERKEY 2354 case EVENT_STKSTART: 2355 wpa_supplicant_event_stkstart(wpa_s, data); 2356 break; 2357#endif /* CONFIG_PEERKEY */ 2358#ifdef CONFIG_TDLS 2359 case EVENT_TDLS: 2360 wpa_supplicant_event_tdls(wpa_s, data); 2361 break; 2362#endif /* CONFIG_TDLS */ 2363#ifdef CONFIG_IEEE80211R 2364 case EVENT_FT_RESPONSE: 2365 wpa_supplicant_event_ft_response(wpa_s, data); 2366 break; 2367#endif /* CONFIG_IEEE80211R */ 2368#ifdef CONFIG_IBSS_RSN 2369 case EVENT_IBSS_RSN_START: 2370 wpa_supplicant_event_ibss_rsn_start(wpa_s, data); 2371 break; 2372#endif /* CONFIG_IBSS_RSN */ 2373 case EVENT_ASSOC_REJECT: 2374 if (data->assoc_reject.bssid) 2375 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT 2376 "bssid=" MACSTR " status_code=%u", 2377 MAC2STR(data->assoc_reject.bssid), 2378 data->assoc_reject.status_code); 2379 else 2380 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT 2381 "status_code=%u", 2382 data->assoc_reject.status_code); 2383 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 2384 sme_event_assoc_reject(wpa_s, data); 2385#ifdef ANDROID_P2P 2386#ifdef CONFIG_P2P 2387 else if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE) { 2388 if(!wpa_s->current_ssid) { 2389 wpa_printf(MSG_ERROR, "current_ssid == NULL"); 2390 break; 2391 } 2392 /* If assoc reject is reported by the driver, then avoid 2393 * waiting for the authentication timeout. Cancel the 2394 * authentication timeout and retry the assoc. 2395 */ 2396 if(wpa_s->current_ssid->assoc_retry++ < 5) { 2397 wpa_printf(MSG_ERROR, "Retrying assoc: %d ", 2398 wpa_s->current_ssid->assoc_retry); 2399 wpa_supplicant_cancel_auth_timeout(wpa_s); 2400 2401 /* Clear the states */ 2402 wpa_sm_notify_disassoc(wpa_s->wpa); 2403 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 2404 2405 wpa_s->reassociate = 1; 2406 wpa_supplicant_req_scan(wpa_s, 1, 0); 2407 } else { 2408 /* If we ASSOC_REJECT's hits threshold, disable the 2409 * network 2410 */ 2411 wpa_printf(MSG_ERROR, "Assoc retry threshold reached. " 2412 "Disabling the network"); 2413 wpa_s->current_ssid->assoc_retry = 0; 2414 wpa_supplicant_disable_network(wpa_s, wpa_s->current_ssid); 2415 wpas_p2p_group_remove(wpa_s, wpa_s->ifname); 2416 } 2417 } 2418#endif 2419#endif /* ANDROID_P2P */ 2420 break; 2421 case EVENT_AUTH_TIMED_OUT: 2422 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 2423 sme_event_auth_timed_out(wpa_s, data); 2424 break; 2425 case EVENT_ASSOC_TIMED_OUT: 2426 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 2427 sme_event_assoc_timed_out(wpa_s, data); 2428 break; 2429 case EVENT_TX_STATUS: 2430 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS dst=" MACSTR 2431 " type=%d stype=%d", 2432 MAC2STR(data->tx_status.dst), 2433 data->tx_status.type, data->tx_status.stype); 2434#ifdef CONFIG_AP 2435 if (wpa_s->ap_iface == NULL) { 2436#ifdef CONFIG_OFFCHANNEL 2437 if (data->tx_status.type == WLAN_FC_TYPE_MGMT && 2438 data->tx_status.stype == WLAN_FC_STYPE_ACTION) 2439 offchannel_send_action_tx_status( 2440 wpa_s, data->tx_status.dst, 2441 data->tx_status.data, 2442 data->tx_status.data_len, 2443 data->tx_status.ack ? 2444 OFFCHANNEL_SEND_ACTION_SUCCESS : 2445 OFFCHANNEL_SEND_ACTION_NO_ACK); 2446#endif /* CONFIG_OFFCHANNEL */ 2447 break; 2448 } 2449#endif /* CONFIG_AP */ 2450#ifdef CONFIG_OFFCHANNEL 2451 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS pending_dst=" 2452 MACSTR, MAC2STR(wpa_s->parent->pending_action_dst)); 2453 /* 2454 * Catch TX status events for Action frames we sent via group 2455 * interface in GO mode. 2456 */ 2457 if (data->tx_status.type == WLAN_FC_TYPE_MGMT && 2458 data->tx_status.stype == WLAN_FC_STYPE_ACTION && 2459 os_memcmp(wpa_s->parent->pending_action_dst, 2460 data->tx_status.dst, ETH_ALEN) == 0) { 2461 offchannel_send_action_tx_status( 2462 wpa_s->parent, data->tx_status.dst, 2463 data->tx_status.data, 2464 data->tx_status.data_len, 2465 data->tx_status.ack ? 2466 OFFCHANNEL_SEND_ACTION_SUCCESS : 2467 OFFCHANNEL_SEND_ACTION_NO_ACK); 2468 break; 2469 } 2470#endif /* CONFIG_OFFCHANNEL */ 2471#ifdef CONFIG_AP 2472 switch (data->tx_status.type) { 2473 case WLAN_FC_TYPE_MGMT: 2474 ap_mgmt_tx_cb(wpa_s, data->tx_status.data, 2475 data->tx_status.data_len, 2476 data->tx_status.stype, 2477 data->tx_status.ack); 2478 break; 2479 case WLAN_FC_TYPE_DATA: 2480 ap_tx_status(wpa_s, data->tx_status.dst, 2481 data->tx_status.data, 2482 data->tx_status.data_len, 2483 data->tx_status.ack); 2484 break; 2485 } 2486#endif /* CONFIG_AP */ 2487 break; 2488#ifdef CONFIG_AP 2489 case EVENT_EAPOL_TX_STATUS: 2490 ap_eapol_tx_status(wpa_s, data->eapol_tx_status.dst, 2491 data->eapol_tx_status.data, 2492 data->eapol_tx_status.data_len, 2493 data->eapol_tx_status.ack); 2494 break; 2495 case EVENT_DRIVER_CLIENT_POLL_OK: 2496 ap_client_poll_ok(wpa_s, data->client_poll.addr); 2497 break; 2498 case EVENT_RX_FROM_UNKNOWN: 2499 if (wpa_s->ap_iface == NULL) 2500 break; 2501 ap_rx_from_unknown_sta(wpa_s, data->rx_from_unknown.addr, 2502 data->rx_from_unknown.wds); 2503 break; 2504 case EVENT_CH_SWITCH: 2505 if (!data) 2506 break; 2507 if (!wpa_s->ap_iface) { 2508 wpa_dbg(wpa_s, MSG_DEBUG, "AP: Ignore channel switch " 2509 "event in non-AP mode"); 2510 break; 2511 } 2512 2513#ifdef CONFIG_AP 2514 wpas_ap_ch_switch(wpa_s, data->ch_switch.freq, 2515 data->ch_switch.ht_enabled, 2516 data->ch_switch.ch_offset); 2517#endif /* CONFIG_AP */ 2518 break; 2519 case EVENT_RX_MGMT: { 2520 u16 fc, stype; 2521 const struct ieee80211_mgmt *mgmt; 2522 2523 mgmt = (const struct ieee80211_mgmt *) 2524 data->rx_mgmt.frame; 2525 fc = le_to_host16(mgmt->frame_control); 2526 stype = WLAN_FC_GET_STYPE(fc); 2527 2528 if (wpa_s->ap_iface == NULL) { 2529#ifdef CONFIG_P2P 2530 if (stype == WLAN_FC_STYPE_PROBE_REQ && 2531 data->rx_mgmt.frame_len > 24) { 2532 const u8 *src = mgmt->sa; 2533 const u8 *ie = mgmt->u.probe_req.variable; 2534 size_t ie_len = data->rx_mgmt.frame_len - 2535 (mgmt->u.probe_req.variable - 2536 data->rx_mgmt.frame); 2537 wpas_p2p_probe_req_rx( 2538 wpa_s, src, mgmt->da, 2539 mgmt->bssid, ie, ie_len, 2540 data->rx_mgmt.ssi_signal); 2541 break; 2542 } 2543#endif /* CONFIG_P2P */ 2544 wpa_dbg(wpa_s, MSG_DEBUG, "AP: ignore received " 2545 "management frame in non-AP mode"); 2546 break; 2547 } 2548 2549 if (stype == WLAN_FC_STYPE_PROBE_REQ && 2550 data->rx_mgmt.frame_len > 24) { 2551 const u8 *ie = mgmt->u.probe_req.variable; 2552 size_t ie_len = data->rx_mgmt.frame_len - 2553 (mgmt->u.probe_req.variable - 2554 data->rx_mgmt.frame); 2555 2556 wpas_notify_preq(wpa_s, mgmt->sa, mgmt->da, 2557 mgmt->bssid, ie, ie_len, 2558 data->rx_mgmt.ssi_signal); 2559 } 2560 2561 ap_mgmt_rx(wpa_s, &data->rx_mgmt); 2562 break; 2563 } 2564#endif /* CONFIG_AP */ 2565 case EVENT_RX_ACTION: 2566 wpa_dbg(wpa_s, MSG_DEBUG, "Received Action frame: SA=" MACSTR 2567 " Category=%u DataLen=%d freq=%d MHz", 2568 MAC2STR(data->rx_action.sa), 2569 data->rx_action.category, (int) data->rx_action.len, 2570 data->rx_action.freq); 2571#ifdef CONFIG_IEEE80211R 2572 if (data->rx_action.category == WLAN_ACTION_FT) { 2573 ft_rx_action(wpa_s, data->rx_action.data, 2574 data->rx_action.len); 2575 break; 2576 } 2577#endif /* CONFIG_IEEE80211R */ 2578#ifdef CONFIG_IEEE80211W 2579#ifdef CONFIG_SME 2580 if (data->rx_action.category == WLAN_ACTION_SA_QUERY) { 2581 sme_sa_query_rx(wpa_s, data->rx_action.sa, 2582 data->rx_action.data, 2583 data->rx_action.len); 2584 break; 2585 } 2586#endif /* CONFIG_SME */ 2587#endif /* CONFIG_IEEE80211W */ 2588#ifdef CONFIG_GAS 2589 if (data->rx_action.category == WLAN_ACTION_PUBLIC && 2590 gas_query_rx(wpa_s->gas, data->rx_action.da, 2591 data->rx_action.sa, data->rx_action.bssid, 2592 data->rx_action.data, data->rx_action.len, 2593 data->rx_action.freq) == 0) 2594 break; 2595#endif /* CONFIG_GAS */ 2596 if (data->rx_action.category == WLAN_ACTION_WNM) { 2597 wnm_action_rx(wpa_s, &data->rx_action); 2598 break; 2599 } 2600#ifdef CONFIG_TDLS 2601 if (data->rx_action.category == WLAN_ACTION_PUBLIC && 2602 data->rx_action.len >= 4 && 2603 data->rx_action.data[0] == WLAN_TDLS_DISCOVERY_RESPONSE) { 2604 wpa_dbg(wpa_s, MSG_DEBUG, "TDLS: Received Discovery " 2605 "Response from " MACSTR, 2606 MAC2STR(data->rx_action.sa)); 2607 break; 2608 } 2609#endif /* CONFIG_TDLS */ 2610#ifdef CONFIG_P2P 2611 wpas_p2p_rx_action(wpa_s, data->rx_action.da, 2612 data->rx_action.sa, 2613 data->rx_action.bssid, 2614 data->rx_action.category, 2615 data->rx_action.data, 2616 data->rx_action.len, data->rx_action.freq); 2617#endif /* CONFIG_P2P */ 2618 break; 2619 case EVENT_RX_PROBE_REQ: 2620 if (data->rx_probe_req.sa == NULL || 2621 data->rx_probe_req.ie == NULL) 2622 break; 2623#ifdef CONFIG_AP 2624 if (wpa_s->ap_iface) { 2625 hostapd_probe_req_rx(wpa_s->ap_iface->bss[0], 2626 data->rx_probe_req.sa, 2627 data->rx_probe_req.da, 2628 data->rx_probe_req.bssid, 2629 data->rx_probe_req.ie, 2630 data->rx_probe_req.ie_len, 2631 data->rx_probe_req.ssi_signal); 2632 break; 2633 } 2634#endif /* CONFIG_AP */ 2635#ifdef CONFIG_P2P 2636 wpas_p2p_probe_req_rx(wpa_s, data->rx_probe_req.sa, 2637 data->rx_probe_req.da, 2638 data->rx_probe_req.bssid, 2639 data->rx_probe_req.ie, 2640 data->rx_probe_req.ie_len, 2641 data->rx_probe_req.ssi_signal); 2642#endif /* CONFIG_P2P */ 2643 break; 2644 case EVENT_REMAIN_ON_CHANNEL: 2645#ifdef CONFIG_OFFCHANNEL 2646 offchannel_remain_on_channel_cb( 2647 wpa_s, data->remain_on_channel.freq, 2648 data->remain_on_channel.duration); 2649#endif /* CONFIG_OFFCHANNEL */ 2650#ifdef CONFIG_P2P 2651 wpas_p2p_remain_on_channel_cb( 2652 wpa_s, data->remain_on_channel.freq, 2653 data->remain_on_channel.duration); 2654#endif /* CONFIG_P2P */ 2655 break; 2656 case EVENT_CANCEL_REMAIN_ON_CHANNEL: 2657#ifdef CONFIG_OFFCHANNEL 2658 offchannel_cancel_remain_on_channel_cb( 2659 wpa_s, data->remain_on_channel.freq); 2660#endif /* CONFIG_OFFCHANNEL */ 2661#ifdef CONFIG_P2P 2662 wpas_p2p_cancel_remain_on_channel_cb( 2663 wpa_s, data->remain_on_channel.freq); 2664#endif /* CONFIG_P2P */ 2665 break; 2666#ifdef CONFIG_P2P 2667 case EVENT_P2P_DEV_FOUND: { 2668 struct p2p_peer_info peer_info; 2669 2670 os_memset(&peer_info, 0, sizeof(peer_info)); 2671 if (data->p2p_dev_found.dev_addr) 2672 os_memcpy(peer_info.p2p_device_addr, 2673 data->p2p_dev_found.dev_addr, ETH_ALEN); 2674 if (data->p2p_dev_found.pri_dev_type) 2675 os_memcpy(peer_info.pri_dev_type, 2676 data->p2p_dev_found.pri_dev_type, 2677 sizeof(peer_info.pri_dev_type)); 2678 if (data->p2p_dev_found.dev_name) 2679 os_strlcpy(peer_info.device_name, 2680 data->p2p_dev_found.dev_name, 2681 sizeof(peer_info.device_name)); 2682 peer_info.config_methods = data->p2p_dev_found.config_methods; 2683 peer_info.dev_capab = data->p2p_dev_found.dev_capab; 2684 peer_info.group_capab = data->p2p_dev_found.group_capab; 2685 2686 /* 2687 * FIX: new_device=1 is not necessarily correct. We should 2688 * maintain a P2P peer database in wpa_supplicant and update 2689 * this information based on whether the peer is truly new. 2690 */ 2691 wpas_dev_found(wpa_s, data->p2p_dev_found.addr, &peer_info, 1); 2692 break; 2693 } 2694 case EVENT_P2P_GO_NEG_REQ_RX: 2695 wpas_go_neg_req_rx(wpa_s, data->p2p_go_neg_req_rx.src, 2696 data->p2p_go_neg_req_rx.dev_passwd_id); 2697 break; 2698 case EVENT_P2P_GO_NEG_COMPLETED: 2699 wpas_go_neg_completed(wpa_s, data->p2p_go_neg_completed.res); 2700 break; 2701 case EVENT_P2P_PROV_DISC_REQUEST: 2702 wpas_prov_disc_req(wpa_s, data->p2p_prov_disc_req.peer, 2703 data->p2p_prov_disc_req.config_methods, 2704 data->p2p_prov_disc_req.dev_addr, 2705 data->p2p_prov_disc_req.pri_dev_type, 2706 data->p2p_prov_disc_req.dev_name, 2707 data->p2p_prov_disc_req.supp_config_methods, 2708 data->p2p_prov_disc_req.dev_capab, 2709 data->p2p_prov_disc_req.group_capab, 2710 NULL, 0); 2711 break; 2712 case EVENT_P2P_PROV_DISC_RESPONSE: 2713 wpas_prov_disc_resp(wpa_s, data->p2p_prov_disc_resp.peer, 2714 data->p2p_prov_disc_resp.config_methods); 2715 break; 2716 case EVENT_P2P_SD_REQUEST: 2717 wpas_sd_request(wpa_s, data->p2p_sd_req.freq, 2718 data->p2p_sd_req.sa, 2719 data->p2p_sd_req.dialog_token, 2720 data->p2p_sd_req.update_indic, 2721 data->p2p_sd_req.tlvs, 2722 data->p2p_sd_req.tlvs_len); 2723 break; 2724 case EVENT_P2P_SD_RESPONSE: 2725 wpas_sd_response(wpa_s, data->p2p_sd_resp.sa, 2726 data->p2p_sd_resp.update_indic, 2727 data->p2p_sd_resp.tlvs, 2728 data->p2p_sd_resp.tlvs_len); 2729 break; 2730#endif /* CONFIG_P2P */ 2731 case EVENT_EAPOL_RX: 2732 wpa_supplicant_rx_eapol(wpa_s, data->eapol_rx.src, 2733 data->eapol_rx.data, 2734 data->eapol_rx.data_len); 2735 break; 2736 case EVENT_SIGNAL_CHANGE: 2737 bgscan_notify_signal_change( 2738 wpa_s, data->signal_change.above_threshold, 2739 data->signal_change.current_signal, 2740 data->signal_change.current_noise, 2741 data->signal_change.current_txrate); 2742 break; 2743 case EVENT_INTERFACE_ENABLED: 2744 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was enabled"); 2745 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { 2746 wpa_supplicant_update_mac_addr(wpa_s); 2747#ifdef CONFIG_AP 2748 if (!wpa_s->ap_iface) { 2749 wpa_supplicant_set_state(wpa_s, 2750 WPA_DISCONNECTED); 2751 wpa_supplicant_req_scan(wpa_s, 0, 0); 2752 } else 2753 wpa_supplicant_set_state(wpa_s, 2754 WPA_COMPLETED); 2755#else /* CONFIG_AP */ 2756 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 2757 wpa_supplicant_req_scan(wpa_s, 0, 0); 2758#endif /* CONFIG_AP */ 2759 } 2760 break; 2761 case EVENT_INTERFACE_DISABLED: 2762 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was disabled"); 2763 wpa_supplicant_mark_disassoc(wpa_s); 2764 wpa_supplicant_set_state(wpa_s, WPA_INTERFACE_DISABLED); 2765 break; 2766 case EVENT_CHANNEL_LIST_CHANGED: 2767 if (wpa_s->drv_priv == NULL) 2768 break; /* Ignore event during drv initialization */ 2769 2770 free_hw_features(wpa_s); 2771 wpa_s->hw.modes = wpa_drv_get_hw_feature_data( 2772 wpa_s, &wpa_s->hw.num_modes, &wpa_s->hw.flags); 2773 2774#ifdef CONFIG_P2P 2775 wpas_p2p_update_channel_list(wpa_s); 2776#endif /* CONFIG_P2P */ 2777 break; 2778 case EVENT_INTERFACE_UNAVAILABLE: 2779#ifdef CONFIG_P2P 2780 wpas_p2p_interface_unavailable(wpa_s); 2781#endif /* CONFIG_P2P */ 2782 break; 2783 case EVENT_BEST_CHANNEL: 2784 wpa_dbg(wpa_s, MSG_DEBUG, "Best channel event received " 2785 "(%d %d %d)", 2786 data->best_chan.freq_24, data->best_chan.freq_5, 2787 data->best_chan.freq_overall); 2788 wpa_s->best_24_freq = data->best_chan.freq_24; 2789 wpa_s->best_5_freq = data->best_chan.freq_5; 2790 wpa_s->best_overall_freq = data->best_chan.freq_overall; 2791#ifdef CONFIG_P2P 2792 wpas_p2p_update_best_channels(wpa_s, data->best_chan.freq_24, 2793 data->best_chan.freq_5, 2794 data->best_chan.freq_overall); 2795#endif /* CONFIG_P2P */ 2796 break; 2797 case EVENT_UNPROT_DEAUTH: 2798 wpa_supplicant_event_unprot_deauth(wpa_s, 2799 &data->unprot_deauth); 2800 break; 2801 case EVENT_UNPROT_DISASSOC: 2802 wpa_supplicant_event_unprot_disassoc(wpa_s, 2803 &data->unprot_disassoc); 2804 break; 2805 case EVENT_STATION_LOW_ACK: 2806#ifdef CONFIG_AP 2807 if (wpa_s->ap_iface && data) 2808 hostapd_event_sta_low_ack(wpa_s->ap_iface->bss[0], 2809 data->low_ack.addr); 2810#endif /* CONFIG_AP */ 2811#ifdef CONFIG_TDLS 2812 if (data) 2813 wpa_tdls_disable_link(wpa_s->wpa, data->low_ack.addr); 2814#endif /* CONFIG_TDLS */ 2815 break; 2816 case EVENT_IBSS_PEER_LOST: 2817#ifdef CONFIG_IBSS_RSN 2818 ibss_rsn_stop(wpa_s->ibss_rsn, data->ibss_peer_lost.peer); 2819#endif /* CONFIG_IBSS_RSN */ 2820 break; 2821 case EVENT_DRIVER_GTK_REKEY: 2822 if (os_memcmp(data->driver_gtk_rekey.bssid, 2823 wpa_s->bssid, ETH_ALEN)) 2824 break; 2825 if (!wpa_s->wpa) 2826 break; 2827 wpa_sm_update_replay_ctr(wpa_s->wpa, 2828 data->driver_gtk_rekey.replay_ctr); 2829 break; 2830 case EVENT_SCHED_SCAN_STOPPED: 2831 wpa_s->sched_scanning = 0; 2832 wpa_supplicant_notify_scanning(wpa_s, 0); 2833 2834 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) 2835 break; 2836 2837 /* 2838 * If we timed out, start a new sched scan to continue 2839 * searching for more SSIDs. 2840 */ 2841 if (wpa_s->sched_scan_timed_out) 2842 wpa_supplicant_req_sched_scan(wpa_s); 2843 break; 2844 case EVENT_WPS_BUTTON_PUSHED: 2845#ifdef CONFIG_WPS 2846 wpas_wps_start_pbc(wpa_s, NULL, 0); 2847#endif /* CONFIG_WPS */ 2848 break; 2849 default: 2850 wpa_msg(wpa_s, MSG_INFO, "Unknown event %d", event); 2851 break; 2852 } 2853} 2854