events.c revision 43007fd3a75a07189a11510e131216284b48e098
1/* 2 * WPA Supplicant - Driver event processing 3 * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 */ 14 15#include "includes.h" 16 17#include "common.h" 18#include "eapol_supp/eapol_supp_sm.h" 19#include "rsn_supp/wpa.h" 20#include "eloop.h" 21#include "config.h" 22#include "l2_packet/l2_packet.h" 23#include "wpa_supplicant_i.h" 24#include "driver_i.h" 25#include "pcsc_funcs.h" 26#include "rsn_supp/preauth.h" 27#include "rsn_supp/pmksa_cache.h" 28#include "common/wpa_ctrl.h" 29#include "eap_peer/eap.h" 30#include "ap/hostapd.h" 31#include "p2p/p2p.h" 32#include "notify.h" 33#include "common/ieee802_11_defs.h" 34#include "common/ieee802_11_common.h" 35#include "crypto/random.h" 36#include "blacklist.h" 37#include "wpas_glue.h" 38#include "wps_supplicant.h" 39#include "ibss_rsn.h" 40#include "sme.h" 41#include "p2p_supplicant.h" 42#include "bgscan.h" 43#include "ap.h" 44#include "bss.h" 45#include "mlme.h" 46#include "scan.h" 47 48 49static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s) 50{ 51 struct wpa_ssid *ssid, *old_ssid; 52 53 if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid) 54 return 0; 55 56 wpa_dbg(wpa_s, MSG_DEBUG, "Select network based on association " 57 "information"); 58 ssid = wpa_supplicant_get_ssid(wpa_s); 59 if (ssid == NULL) { 60 wpa_msg(wpa_s, MSG_INFO, 61 "No network configuration found for the current AP"); 62 return -1; 63 } 64 65 if (ssid->disabled) { 66 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is disabled"); 67 return -1; 68 } 69 70 wpa_dbg(wpa_s, MSG_DEBUG, "Network configuration found for the " 71 "current AP"); 72 if (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X | 73 WPA_KEY_MGMT_WPA_NONE | 74 WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X | 75 WPA_KEY_MGMT_PSK_SHA256 | 76 WPA_KEY_MGMT_IEEE8021X_SHA256)) { 77 u8 wpa_ie[80]; 78 size_t wpa_ie_len = sizeof(wpa_ie); 79 wpa_supplicant_set_suites(wpa_s, NULL, ssid, 80 wpa_ie, &wpa_ie_len); 81 } else { 82 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 83 } 84 85 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) 86 eapol_sm_invalidate_cached_session(wpa_s->eapol); 87 old_ssid = wpa_s->current_ssid; 88 wpa_s->current_ssid = ssid; 89 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 90 wpa_supplicant_initiate_eapol(wpa_s); 91 if (old_ssid != wpa_s->current_ssid) 92 wpas_notify_network_changed(wpa_s); 93 94 return 0; 95} 96 97 98static void wpa_supplicant_stop_countermeasures(void *eloop_ctx, 99 void *sock_ctx) 100{ 101 struct wpa_supplicant *wpa_s = eloop_ctx; 102 103 if (wpa_s->countermeasures) { 104 wpa_s->countermeasures = 0; 105 wpa_drv_set_countermeasures(wpa_s, 0); 106 wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped"); 107 wpa_supplicant_req_scan(wpa_s, 0, 0); 108 } 109} 110 111 112void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) 113{ 114 int bssid_changed; 115 116#ifdef CONFIG_IBSS_RSN 117 ibss_rsn_deinit(wpa_s->ibss_rsn); 118 wpa_s->ibss_rsn = NULL; 119#endif /* CONFIG_IBSS_RSN */ 120 121 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) 122 return; 123 124 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 125 wpa_s->conf->ap_scan = DEFAULT_AP_SCAN; 126 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 127 os_memset(wpa_s->bssid, 0, ETH_ALEN); 128 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 129 wpa_s->current_bss = NULL; 130 wpa_s->assoc_freq = 0; 131 if (bssid_changed) 132 wpas_notify_bssid_changed(wpa_s); 133 134 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 135 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 136 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) 137 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 138 wpa_s->ap_ies_from_associnfo = 0; 139} 140 141 142static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s) 143{ 144 struct wpa_ie_data ie; 145 int pmksa_set = -1; 146 size_t i; 147 148 if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 || 149 ie.pmkid == NULL) 150 return; 151 152 for (i = 0; i < ie.num_pmkid; i++) { 153 pmksa_set = pmksa_cache_set_current(wpa_s->wpa, 154 ie.pmkid + i * PMKID_LEN, 155 NULL, NULL, 0); 156 if (pmksa_set == 0) { 157 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); 158 break; 159 } 160 } 161 162 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from " 163 "PMKSA cache", pmksa_set == 0 ? "" : "not "); 164} 165 166 167static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s, 168 union wpa_event_data *data) 169{ 170 if (data == NULL) { 171 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: No data in PMKID candidate " 172 "event"); 173 return; 174 } 175 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR 176 " index=%d preauth=%d", 177 MAC2STR(data->pmkid_candidate.bssid), 178 data->pmkid_candidate.index, 179 data->pmkid_candidate.preauth); 180 181 pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid, 182 data->pmkid_candidate.index, 183 data->pmkid_candidate.preauth); 184} 185 186 187static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s) 188{ 189 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 190 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 191 return 0; 192 193#ifdef IEEE8021X_EAPOL 194 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA && 195 wpa_s->current_ssid && 196 !(wpa_s->current_ssid->eapol_flags & 197 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 198 EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) { 199 /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either 200 * plaintext or static WEP keys). */ 201 return 0; 202 } 203#endif /* IEEE8021X_EAPOL */ 204 205 return 1; 206} 207 208 209/** 210 * wpa_supplicant_scard_init - Initialize SIM/USIM access with PC/SC 211 * @wpa_s: pointer to wpa_supplicant data 212 * @ssid: Configuration data for the network 213 * Returns: 0 on success, -1 on failure 214 * 215 * This function is called when starting authentication with a network that is 216 * configured to use PC/SC for SIM/USIM access (EAP-SIM or EAP-AKA). 217 */ 218int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s, 219 struct wpa_ssid *ssid) 220{ 221#ifdef IEEE8021X_EAPOL 222 int aka = 0, sim = 0, type; 223 224 if (ssid->eap.pcsc == NULL || wpa_s->scard != NULL) 225 return 0; 226 227 if (ssid->eap.eap_methods == NULL) { 228 sim = 1; 229 aka = 1; 230 } else { 231 struct eap_method_type *eap = ssid->eap.eap_methods; 232 while (eap->vendor != EAP_VENDOR_IETF || 233 eap->method != EAP_TYPE_NONE) { 234 if (eap->vendor == EAP_VENDOR_IETF) { 235 if (eap->method == EAP_TYPE_SIM) 236 sim = 1; 237 else if (eap->method == EAP_TYPE_AKA) 238 aka = 1; 239 } 240 eap++; 241 } 242 } 243 244 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL) 245 sim = 0; 246 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL) 247 aka = 0; 248 249 if (!sim && !aka) { 250 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to " 251 "use SIM, but neither EAP-SIM nor EAP-AKA are " 252 "enabled"); 253 return 0; 254 } 255 256 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to use SIM " 257 "(sim=%d aka=%d) - initialize PCSC", sim, aka); 258 if (sim && aka) 259 type = SCARD_TRY_BOTH; 260 else if (aka) 261 type = SCARD_USIM_ONLY; 262 else 263 type = SCARD_GSM_SIM_ONLY; 264 265 wpa_s->scard = scard_init(type); 266 if (wpa_s->scard == NULL) { 267 wpa_msg(wpa_s, MSG_WARNING, "Failed to initialize SIM " 268 "(pcsc-lite)"); 269 return -1; 270 } 271 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); 272 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); 273#endif /* IEEE8021X_EAPOL */ 274 275 return 0; 276} 277 278 279#ifndef CONFIG_NO_SCAN_PROCESSING 280static int wpa_supplicant_match_privacy(struct wpa_scan_res *bss, 281 struct wpa_ssid *ssid) 282{ 283 int i, privacy = 0; 284 285 if (ssid->mixed_cell) 286 return 1; 287 288#ifdef CONFIG_WPS 289 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 290 return 1; 291#endif /* CONFIG_WPS */ 292 293 for (i = 0; i < NUM_WEP_KEYS; i++) { 294 if (ssid->wep_key_len[i]) { 295 privacy = 1; 296 break; 297 } 298 } 299#ifdef IEEE8021X_EAPOL 300 if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && 301 ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 302 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) 303 privacy = 1; 304#endif /* IEEE8021X_EAPOL */ 305 306 if (bss->caps & IEEE80211_CAP_PRIVACY) 307 return privacy; 308 return !privacy; 309} 310 311 312static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, 313 struct wpa_ssid *ssid, 314 struct wpa_scan_res *bss) 315{ 316 struct wpa_ie_data ie; 317 int proto_match = 0; 318 const u8 *rsn_ie, *wpa_ie; 319 int ret; 320 int wep_ok; 321 322 ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss); 323 if (ret >= 0) 324 return ret; 325 326 /* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */ 327 wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) && 328 (((ssid->key_mgmt & WPA_KEY_MGMT_NONE) && 329 ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) || 330 (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)); 331 332 rsn_ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); 333 while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) { 334 proto_match++; 335 336 if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) { 337 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - parse " 338 "failed"); 339 break; 340 } 341 342 if (wep_ok && 343 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) 344 { 345 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " 346 "in RSN IE"); 347 return 1; 348 } 349 350 if (!(ie.proto & ssid->proto)) { 351 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - proto " 352 "mismatch"); 353 break; 354 } 355 356 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 357 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - PTK " 358 "cipher mismatch"); 359 break; 360 } 361 362 if (!(ie.group_cipher & ssid->group_cipher)) { 363 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - GTK " 364 "cipher mismatch"); 365 break; 366 } 367 368 if (!(ie.key_mgmt & ssid->key_mgmt)) { 369 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - key mgmt " 370 "mismatch"); 371 break; 372 } 373 374#ifdef CONFIG_IEEE80211W 375 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && 376 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) { 377 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - no mgmt " 378 "frame protection"); 379 break; 380 } 381#endif /* CONFIG_IEEE80211W */ 382 383 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on RSN IE"); 384 return 1; 385 } 386 387 wpa_ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 388 while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { 389 proto_match++; 390 391 if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) { 392 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - parse " 393 "failed"); 394 break; 395 } 396 397 if (wep_ok && 398 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) 399 { 400 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " 401 "in WPA IE"); 402 return 1; 403 } 404 405 if (!(ie.proto & ssid->proto)) { 406 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - proto " 407 "mismatch"); 408 break; 409 } 410 411 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 412 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - PTK " 413 "cipher mismatch"); 414 break; 415 } 416 417 if (!(ie.group_cipher & ssid->group_cipher)) { 418 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - GTK " 419 "cipher mismatch"); 420 break; 421 } 422 423 if (!(ie.key_mgmt & ssid->key_mgmt)) { 424 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - key mgmt " 425 "mismatch"); 426 break; 427 } 428 429 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on WPA IE"); 430 return 1; 431 } 432 433 if ((ssid->proto & (WPA_PROTO_WPA | WPA_PROTO_RSN)) && 434 wpa_key_mgmt_wpa(ssid->key_mgmt) && proto_match == 0) { 435 wpa_dbg(wpa_s, MSG_DEBUG, " skip - no WPA/RSN proto match"); 436 return 0; 437 } 438 439 if (!wpa_key_mgmt_wpa(ssid->key_mgmt)) { 440 wpa_dbg(wpa_s, MSG_DEBUG, " allow in non-WPA/WPA2"); 441 return 1; 442 } 443 444 wpa_dbg(wpa_s, MSG_DEBUG, " reject due to mismatch with " 445 "WPA/WPA2"); 446 447 return 0; 448} 449 450 451static int freq_allowed(int *freqs, int freq) 452{ 453 int i; 454 455 if (freqs == NULL) 456 return 1; 457 458 for (i = 0; freqs[i]; i++) 459 if (freqs[i] == freq) 460 return 1; 461 return 0; 462} 463 464 465static struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, 466 int i, struct wpa_scan_res *bss, 467 struct wpa_ssid *group) 468{ 469 const u8 *ssid_; 470 u8 wpa_ie_len, rsn_ie_len, ssid_len; 471 int wpa; 472 struct wpa_blacklist *e; 473 const u8 *ie; 474 struct wpa_ssid *ssid; 475 476 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); 477 ssid_ = ie ? ie + 2 : (u8 *) ""; 478 ssid_len = ie ? ie[1] : 0; 479 480 ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 481 wpa_ie_len = ie ? ie[1] : 0; 482 483 ie = wpa_scan_get_ie(bss, WLAN_EID_RSN); 484 rsn_ie_len = ie ? ie[1] : 0; 485 486 wpa_dbg(wpa_s, MSG_DEBUG, "%d: " MACSTR " ssid='%s' " 487 "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x level=%d%s", 488 i, MAC2STR(bss->bssid), wpa_ssid_txt(ssid_, ssid_len), 489 wpa_ie_len, rsn_ie_len, bss->caps, bss->level, 490 wpa_scan_get_vendor_ie(bss, WPS_IE_VENDOR_TYPE) ? " wps" : ""); 491 492 e = wpa_blacklist_get(wpa_s, bss->bssid); 493 if (e) { 494 int limit = 1; 495 if (wpa_supplicant_enabled_networks(wpa_s->conf) == 1) { 496 /* 497 * When only a single network is enabled, we can 498 * trigger blacklisting on the first failure. This 499 * should not be done with multiple enabled networks to 500 * avoid getting forced to move into a worse ESS on 501 * single error if there are no other BSSes of the 502 * current ESS. 503 */ 504 limit = 0; 505 } 506 if (e->count > limit) { 507 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " 508 "(count=%d limit=%d)", e->count, limit); 509 return NULL; 510 } 511 } 512 513 if (ssid_len == 0) { 514 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID not known"); 515 return NULL; 516 } 517 518 wpa = wpa_ie_len > 0 || rsn_ie_len > 0; 519 520 for (ssid = group; ssid; ssid = ssid->pnext) { 521 int check_ssid = wpa ? 1 : (ssid->ssid_len != 0); 522 523 if (ssid->disabled) { 524 wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled"); 525 continue; 526 } 527 528#ifdef CONFIG_WPS 529 if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && e && e->count > 0) { 530 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " 531 "(WPS)"); 532 continue; 533 } 534 535 if (wpa && ssid->ssid_len == 0 && 536 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss)) 537 check_ssid = 0; 538 539 if (!wpa && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 540 /* Only allow wildcard SSID match if an AP 541 * advertises active WPS operation that matches 542 * with our mode. */ 543 check_ssid = 1; 544 if (ssid->ssid_len == 0 && 545 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss)) 546 check_ssid = 0; 547 } 548#endif /* CONFIG_WPS */ 549 550 if (check_ssid && 551 (ssid_len != ssid->ssid_len || 552 os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) { 553 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID mismatch"); 554 continue; 555 } 556 557 if (ssid->bssid_set && 558 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) { 559 wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID mismatch"); 560 continue; 561 } 562 563 if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss)) 564 continue; 565 566 if (!wpa && 567 !(ssid->key_mgmt & WPA_KEY_MGMT_NONE) && 568 !(ssid->key_mgmt & WPA_KEY_MGMT_WPS) && 569 !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) { 570 wpa_dbg(wpa_s, MSG_DEBUG, " skip - non-WPA network " 571 "not allowed"); 572 continue; 573 } 574 575 if (!wpa && !wpa_supplicant_match_privacy(bss, ssid)) { 576 wpa_dbg(wpa_s, MSG_DEBUG, " skip - privacy " 577 "mismatch"); 578 continue; 579 } 580 581 if (!wpa && (bss->caps & IEEE80211_CAP_IBSS)) { 582 wpa_dbg(wpa_s, MSG_DEBUG, " skip - IBSS (adhoc) " 583 "network"); 584 continue; 585 } 586 587 if (!freq_allowed(ssid->freq_list, bss->freq)) { 588 wpa_dbg(wpa_s, MSG_DEBUG, " skip - frequency not " 589 "allowed"); 590 continue; 591 } 592 593#ifdef CONFIG_P2P 594 /* 595 * TODO: skip the AP if its P2P IE has Group Formation 596 * bit set in the P2P Group Capability Bitmap and we 597 * are not in Group Formation with that device. 598 */ 599#endif /* CONFIG_P2P */ 600 601 /* Matching configuration found */ 602 return ssid; 603 } 604 605 /* No matching configuration found */ 606 return NULL; 607} 608 609 610static struct wpa_bss * 611wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, 612 struct wpa_scan_results *scan_res, 613 struct wpa_ssid *group, 614 struct wpa_ssid **selected_ssid) 615{ 616 size_t i; 617 618 wpa_dbg(wpa_s, MSG_DEBUG, "Selecting BSS from priority group %d", 619 group->priority); 620 621 for (i = 0; i < scan_res->num; i++) { 622 struct wpa_scan_res *bss = scan_res->res[i]; 623 const u8 *ie, *ssid; 624 u8 ssid_len; 625 626 *selected_ssid = wpa_scan_res_match(wpa_s, i, bss, group); 627 if (!*selected_ssid) 628 continue; 629 630 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); 631 ssid = ie ? ie + 2 : (u8 *) ""; 632 ssid_len = ie ? ie[1] : 0; 633 634 wpa_dbg(wpa_s, MSG_DEBUG, " selected BSS " MACSTR 635 " ssid='%s'", 636 MAC2STR(bss->bssid), wpa_ssid_txt(ssid, ssid_len)); 637 return wpa_bss_get(wpa_s, bss->bssid, ssid, ssid_len); 638 } 639 640 return NULL; 641} 642 643 644static struct wpa_bss * 645wpa_supplicant_pick_network(struct wpa_supplicant *wpa_s, 646 struct wpa_scan_results *scan_res, 647 struct wpa_ssid **selected_ssid) 648{ 649 struct wpa_bss *selected = NULL; 650 int prio; 651 652 while (selected == NULL) { 653 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { 654 selected = wpa_supplicant_select_bss( 655 wpa_s, scan_res, wpa_s->conf->pssid[prio], 656 selected_ssid); 657 if (selected) 658 break; 659 } 660 661 if (selected == NULL && wpa_s->blacklist) { 662 wpa_dbg(wpa_s, MSG_DEBUG, "No APs found - clear " 663 "blacklist and try again"); 664 wpa_blacklist_clear(wpa_s); 665 wpa_s->blacklist_cleared++; 666 } else if (selected == NULL) 667 break; 668 } 669 670 return selected; 671} 672 673 674static void wpa_supplicant_req_new_scan(struct wpa_supplicant *wpa_s, 675 int timeout_sec, int timeout_usec) 676{ 677 if (!wpa_supplicant_enabled_networks(wpa_s->conf)) { 678 /* 679 * No networks are enabled; short-circuit request so 680 * we don't wait timeout seconds before transitioning 681 * to INACTIVE state. 682 */ 683 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 684 return; 685 } 686 wpa_supplicant_req_scan(wpa_s, timeout_sec, timeout_usec); 687} 688 689 690void wpa_supplicant_connect(struct wpa_supplicant *wpa_s, 691 struct wpa_bss *selected, 692 struct wpa_ssid *ssid) 693{ 694 if (wpas_wps_scan_pbc_overlap(wpa_s, selected, ssid)) { 695 wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_OVERLAP 696 "PBC session overlap"); 697#ifdef CONFIG_P2P 698 if (wpas_p2p_notif_pbc_overlap(wpa_s) == 1) 699 return; 700#endif /* CONFIG_P2P */ 701 702#ifdef CONFIG_WPS 703 wpas_wps_cancel(wpa_s); 704#endif /* CONFIG_WPS */ 705 return; 706 } 707 708 /* 709 * Do not trigger new association unless the BSSID has changed or if 710 * reassociation is requested. If we are in process of associating with 711 * the selected BSSID, do not trigger new attempt. 712 */ 713 if (wpa_s->reassociate || 714 (os_memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0 && 715 ((wpa_s->wpa_state != WPA_ASSOCIATING && 716 wpa_s->wpa_state != WPA_AUTHENTICATING) || 717 os_memcmp(selected->bssid, wpa_s->pending_bssid, ETH_ALEN) != 718 0))) { 719 if (wpa_supplicant_scard_init(wpa_s, ssid)) { 720 wpa_supplicant_req_new_scan(wpa_s, 10, 0); 721 return; 722 } 723 wpa_msg(wpa_s, MSG_DEBUG, "Request association: " 724 "reassociate: %d selected: "MACSTR " bssid: " MACSTR 725 " pending: " MACSTR " wpa_state: %s", 726 wpa_s->reassociate, MAC2STR(selected->bssid), 727 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), 728 wpa_supplicant_state_txt(wpa_s->wpa_state)); 729 wpa_supplicant_associate(wpa_s, selected, ssid); 730 } else { 731 wpa_dbg(wpa_s, MSG_DEBUG, "Already associated with the " 732 "selected AP"); 733 } 734} 735 736 737static struct wpa_ssid * 738wpa_supplicant_pick_new_network(struct wpa_supplicant *wpa_s) 739{ 740 int prio; 741 struct wpa_ssid *ssid; 742 743 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { 744 for (ssid = wpa_s->conf->pssid[prio]; ssid; ssid = ssid->pnext) 745 { 746 if (ssid->disabled) 747 continue; 748 if (ssid->mode == IEEE80211_MODE_IBSS || 749 ssid->mode == IEEE80211_MODE_AP) 750 return ssid; 751 } 752 } 753 return NULL; 754} 755 756 757/* TODO: move the rsn_preauth_scan_result*() to be called from notify.c based 758 * on BSS added and BSS changed events */ 759static void wpa_supplicant_rsn_preauth_scan_results( 760 struct wpa_supplicant *wpa_s, struct wpa_scan_results *scan_res) 761{ 762 int i; 763 764 if (rsn_preauth_scan_results(wpa_s->wpa) < 0) 765 return; 766 767 for (i = scan_res->num - 1; i >= 0; i--) { 768 const u8 *ssid, *rsn; 769 struct wpa_scan_res *r; 770 771 r = scan_res->res[i]; 772 773 ssid = wpa_scan_get_ie(r, WLAN_EID_SSID); 774 if (ssid == NULL) 775 continue; 776 777 rsn = wpa_scan_get_ie(r, WLAN_EID_RSN); 778 if (rsn == NULL) 779 continue; 780 781 rsn_preauth_scan_result(wpa_s->wpa, r->bssid, ssid, rsn); 782 } 783 784} 785 786 787static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, 788 struct wpa_bss *selected, 789 struct wpa_ssid *ssid, 790 struct wpa_scan_results *scan_res) 791{ 792 size_t i; 793 struct wpa_scan_res *current_bss = NULL; 794 int min_diff; 795 796 if (wpa_s->reassociate) 797 return 1; /* explicit request to reassociate */ 798 if (wpa_s->wpa_state < WPA_ASSOCIATED) 799 return 1; /* we are not associated; continue */ 800 if (wpa_s->current_ssid == NULL) 801 return 1; /* unknown current SSID */ 802 if (wpa_s->current_ssid != ssid) 803 return 1; /* different network block */ 804 805 for (i = 0; i < scan_res->num; i++) { 806 struct wpa_scan_res *res = scan_res->res[i]; 807 const u8 *ie; 808 if (os_memcmp(res->bssid, wpa_s->bssid, ETH_ALEN) != 0) 809 continue; 810 811 ie = wpa_scan_get_ie(res, WLAN_EID_SSID); 812 if (ie == NULL) 813 continue; 814 if (ie[1] != wpa_s->current_ssid->ssid_len || 815 os_memcmp(ie + 2, wpa_s->current_ssid->ssid, ie[1]) != 0) 816 continue; 817 current_bss = res; 818 break; 819 } 820 821 if (!current_bss) 822 return 1; /* current BSS not seen in scan results */ 823 824 wpa_dbg(wpa_s, MSG_DEBUG, "Considering within-ESS reassociation"); 825 wpa_dbg(wpa_s, MSG_DEBUG, "Current BSS: " MACSTR " level=%d", 826 MAC2STR(current_bss->bssid), current_bss->level); 827 wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS: " MACSTR " level=%d", 828 MAC2STR(selected->bssid), selected->level); 829 830 if (wpa_s->current_ssid->bssid_set && 831 os_memcmp(selected->bssid, wpa_s->current_ssid->bssid, ETH_ALEN) == 832 0) { 833 wpa_dbg(wpa_s, MSG_DEBUG, "Allow reassociation - selected BSS " 834 "has preferred BSSID"); 835 return 1; 836 } 837 838 min_diff = 2; 839 if (current_bss->level < 0) { 840 if (current_bss->level < -85) 841 min_diff = 1; 842 else if (current_bss->level < -80) 843 min_diff = 2; 844 else if (current_bss->level < -75) 845 min_diff = 3; 846 else if (current_bss->level < -70) 847 min_diff = 4; 848 else 849 min_diff = 5; 850 } 851 if (abs(current_bss->level - selected->level) < min_diff) { 852 wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - too small difference " 853 "in signal level"); 854 return 0; 855 } 856 857 return 1; 858} 859 860/* Return < 0 if no scan results could be fetched. */ 861static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 862 union wpa_event_data *data) 863{ 864 struct wpa_bss *selected; 865 struct wpa_ssid *ssid = NULL; 866 struct wpa_scan_results *scan_res; 867 int ap = 0; 868 869#ifdef CONFIG_AP 870 if (wpa_s->ap_iface) 871 ap = 1; 872#endif /* CONFIG_AP */ 873 874 wpa_supplicant_notify_scanning(wpa_s, 0); 875 876 scan_res = wpa_supplicant_get_scan_results(wpa_s, 877 data ? &data->scan_info : 878 NULL, 1); 879 if (scan_res == NULL) { 880 if (wpa_s->conf->ap_scan == 2 || ap) 881 return -1; 882 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to get scan results - try " 883 "scanning again"); 884 wpa_supplicant_req_new_scan(wpa_s, 1, 0); 885 return -1; 886 } 887 888#ifndef CONFIG_NO_RANDOM_POOL 889 size_t i, num; 890 num = scan_res->num; 891 if (num > 10) 892 num = 10; 893 for (i = 0; i < num; i++) { 894 u8 buf[5]; 895 struct wpa_scan_res *res = scan_res->res[i]; 896 buf[0] = res->bssid[5]; 897 buf[1] = res->qual & 0xff; 898 buf[2] = res->noise & 0xff; 899 buf[3] = res->level & 0xff; 900 buf[4] = res->tsf & 0xff; 901 random_add_randomness(buf, sizeof(buf)); 902 } 903#endif /* CONFIG_NO_RANDOM_POOL */ 904 905 if (wpa_s->scan_res_handler) { 906 void (*scan_res_handler)(struct wpa_supplicant *wpa_s, 907 struct wpa_scan_results *scan_res); 908 909 scan_res_handler = wpa_s->scan_res_handler; 910 wpa_s->scan_res_handler = NULL; 911 scan_res_handler(wpa_s, scan_res); 912 913 wpa_scan_results_free(scan_res); 914 return 0; 915 } 916 917 if (ap) { 918 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore scan results in AP mode"); 919#ifdef CONFIG_AP 920 if (wpa_s->ap_iface->scan_cb) 921 wpa_s->ap_iface->scan_cb(wpa_s->ap_iface); 922#endif /* CONFIG_AP */ 923 wpa_scan_results_free(scan_res); 924 return 0; 925 } 926 927 wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available"); 928 wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); 929 wpas_notify_scan_results(wpa_s); 930 931 wpas_notify_scan_done(wpa_s, 1); 932 933 if ((wpa_s->conf->ap_scan == 2 && !wpas_wps_searching(wpa_s))) { 934 wpa_scan_results_free(scan_res); 935 return 0; 936 } 937 938 if (wpa_s->disconnected) { 939 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 940 wpa_scan_results_free(scan_res); 941 return 0; 942 } 943 944 if (bgscan_notify_scan(wpa_s, scan_res) == 1) { 945 wpa_scan_results_free(scan_res); 946 return 0; 947 } 948 949 wpa_supplicant_rsn_preauth_scan_results(wpa_s, scan_res); 950 951 selected = wpa_supplicant_pick_network(wpa_s, scan_res, &ssid); 952 953 if (selected) { 954 int skip; 955 skip = !wpa_supplicant_need_to_roam(wpa_s, selected, ssid, 956 scan_res); 957 wpa_scan_results_free(scan_res); 958 if (skip) 959 return 0; 960 wpa_supplicant_connect(wpa_s, selected, ssid); 961 } else { 962 wpa_scan_results_free(scan_res); 963 wpa_dbg(wpa_s, MSG_DEBUG, "No suitable network found"); 964 ssid = wpa_supplicant_pick_new_network(wpa_s); 965 if (ssid) { 966 wpa_dbg(wpa_s, MSG_DEBUG, "Setup a new network"); 967 wpa_supplicant_associate(wpa_s, NULL, ssid); 968 } else { 969 int timeout_sec = wpa_s->scan_interval; 970 int timeout_usec = 0; 971#ifdef CONFIG_P2P 972 if (wpa_s->p2p_in_provisioning) { 973 /* 974 * Use shorter wait during P2P Provisioning 975 * state to speed up group formation. 976 */ 977 timeout_sec = 0; 978 timeout_usec = 250000; 979 } 980#endif /* CONFIG_P2P */ 981 wpa_supplicant_req_new_scan(wpa_s, timeout_sec, 982 timeout_usec); 983 } 984 } 985 return 0; 986} 987 988 989static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 990 union wpa_event_data *data) 991{ 992 const char *rn, *rn2; 993 struct wpa_supplicant *ifs; 994 995 if (_wpa_supplicant_event_scan_results(wpa_s, data) < 0) { 996 /* 997 * If no scan results could be fetched, then no need to 998 * notify those interfaces that did not actually request 999 * this scan. 1000 */ 1001 return; 1002 } 1003 1004 /* 1005 * Check other interfaces to see if they have the same radio-name. If 1006 * so, they get updated with this same scan info. 1007 */ 1008 if (!wpa_s->driver->get_radio_name) 1009 return; 1010 1011 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv); 1012 if (rn == NULL || rn[0] == '\0') 1013 return; 1014 1015 wpa_dbg(wpa_s, MSG_DEBUG, "Checking for other virtual interfaces " 1016 "sharing same radio (%s) in event_scan_results", rn); 1017 1018 for (ifs = wpa_s->global->ifaces; ifs; ifs = ifs->next) { 1019 if (ifs == wpa_s || !ifs->driver->get_radio_name) 1020 continue; 1021 1022 rn2 = ifs->driver->get_radio_name(ifs->drv_priv); 1023 if (rn2 && os_strcmp(rn, rn2) == 0) { 1024 wpa_printf(MSG_DEBUG, "%s: Updating scan results from " 1025 "sibling", ifs->ifname); 1026 _wpa_supplicant_event_scan_results(ifs, data); 1027 } 1028 } 1029} 1030 1031#endif /* CONFIG_NO_SCAN_PROCESSING */ 1032 1033 1034static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, 1035 union wpa_event_data *data) 1036{ 1037 int l, len, found = 0, wpa_found, rsn_found; 1038 const u8 *p; 1039 1040 wpa_dbg(wpa_s, MSG_DEBUG, "Association info event"); 1041 if (data->assoc_info.req_ies) 1042 wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies, 1043 data->assoc_info.req_ies_len); 1044 if (data->assoc_info.resp_ies) { 1045 wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies, 1046 data->assoc_info.resp_ies_len); 1047#ifdef CONFIG_TDLS 1048 wpa_tdls_assoc_resp_ies(wpa_s->wpa, data->assoc_info.resp_ies, 1049 data->assoc_info.resp_ies_len); 1050#endif /* CONFIG_TDLS */ 1051 } 1052 if (data->assoc_info.beacon_ies) 1053 wpa_hexdump(MSG_DEBUG, "beacon_ies", 1054 data->assoc_info.beacon_ies, 1055 data->assoc_info.beacon_ies_len); 1056 if (data->assoc_info.freq) 1057 wpa_dbg(wpa_s, MSG_DEBUG, "freq=%u MHz", 1058 data->assoc_info.freq); 1059 1060 p = data->assoc_info.req_ies; 1061 l = data->assoc_info.req_ies_len; 1062 1063 /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */ 1064 while (p && l >= 2) { 1065 len = p[1] + 2; 1066 if (len > l) { 1067 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", 1068 p, l); 1069 break; 1070 } 1071 if ((p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && 1072 (os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) || 1073 (p[0] == WLAN_EID_RSN && p[1] >= 2)) { 1074 if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len)) 1075 break; 1076 found = 1; 1077 wpa_find_assoc_pmkid(wpa_s); 1078 break; 1079 } 1080 l -= len; 1081 p += len; 1082 } 1083 if (!found && data->assoc_info.req_ies) 1084 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 1085 1086#ifdef CONFIG_IEEE80211R 1087#ifdef CONFIG_SME 1088 if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FT) { 1089 u8 bssid[ETH_ALEN]; 1090 if (wpa_drv_get_bssid(wpa_s, bssid) < 0 || 1091 wpa_ft_validate_reassoc_resp(wpa_s->wpa, 1092 data->assoc_info.resp_ies, 1093 data->assoc_info.resp_ies_len, 1094 bssid) < 0) { 1095 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Validation of " 1096 "Reassociation Response failed"); 1097 wpa_supplicant_deauthenticate( 1098 wpa_s, WLAN_REASON_INVALID_IE); 1099 return -1; 1100 } 1101 } 1102 1103 p = data->assoc_info.resp_ies; 1104 l = data->assoc_info.resp_ies_len; 1105 1106#ifdef CONFIG_WPS_STRICT 1107 if (p && wpa_s->current_ssid && 1108 wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_WPS) { 1109 struct wpabuf *wps; 1110 wps = ieee802_11_vendor_ie_concat(p, l, WPS_IE_VENDOR_TYPE); 1111 if (wps == NULL) { 1112 wpa_msg(wpa_s, MSG_INFO, "WPS-STRICT: AP did not " 1113 "include WPS IE in (Re)Association Response"); 1114 return -1; 1115 } 1116 1117 if (wps_validate_assoc_resp(wps) < 0) { 1118 wpabuf_free(wps); 1119 wpa_supplicant_deauthenticate( 1120 wpa_s, WLAN_REASON_INVALID_IE); 1121 return -1; 1122 } 1123 wpabuf_free(wps); 1124 } 1125#endif /* CONFIG_WPS_STRICT */ 1126 1127 /* Go through the IEs and make a copy of the MDIE, if present. */ 1128 while (p && l >= 2) { 1129 len = p[1] + 2; 1130 if (len > l) { 1131 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", 1132 p, l); 1133 break; 1134 } 1135 if (p[0] == WLAN_EID_MOBILITY_DOMAIN && 1136 p[1] >= MOBILITY_DOMAIN_ID_LEN) { 1137 wpa_s->sme.ft_used = 1; 1138 os_memcpy(wpa_s->sme.mobility_domain, p + 2, 1139 MOBILITY_DOMAIN_ID_LEN); 1140 break; 1141 } 1142 l -= len; 1143 p += len; 1144 } 1145#endif /* CONFIG_SME */ 1146 1147 wpa_sm_set_ft_params(wpa_s->wpa, data->assoc_info.resp_ies, 1148 data->assoc_info.resp_ies_len); 1149#endif /* CONFIG_IEEE80211R */ 1150 1151 /* WPA/RSN IE from Beacon/ProbeResp */ 1152 p = data->assoc_info.beacon_ies; 1153 l = data->assoc_info.beacon_ies_len; 1154 1155 /* Go through the IEs and make a copy of the WPA/RSN IEs, if present. 1156 */ 1157 wpa_found = rsn_found = 0; 1158 while (p && l >= 2) { 1159 len = p[1] + 2; 1160 if (len > l) { 1161 wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies", 1162 p, l); 1163 break; 1164 } 1165 if (!wpa_found && 1166 p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && 1167 os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) { 1168 wpa_found = 1; 1169 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len); 1170 } 1171 1172 if (!rsn_found && 1173 p[0] == WLAN_EID_RSN && p[1] >= 2) { 1174 rsn_found = 1; 1175 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len); 1176 } 1177 1178 l -= len; 1179 p += len; 1180 } 1181 1182 if (!wpa_found && data->assoc_info.beacon_ies) 1183 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 1184 if (!rsn_found && data->assoc_info.beacon_ies) 1185 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 1186 if (wpa_found || rsn_found) 1187 wpa_s->ap_ies_from_associnfo = 1; 1188 1189 wpa_s->assoc_freq = data->assoc_info.freq; 1190 1191 return 0; 1192} 1193 1194 1195static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, 1196 union wpa_event_data *data) 1197{ 1198 u8 bssid[ETH_ALEN]; 1199 int ft_completed; 1200 int bssid_changed; 1201 struct wpa_driver_capa capa; 1202 1203#ifdef CONFIG_AP 1204 if (wpa_s->ap_iface) { 1205 hostapd_notif_assoc(wpa_s->ap_iface->bss[0], 1206 data->assoc_info.addr, 1207 data->assoc_info.req_ies, 1208 data->assoc_info.req_ies_len, 1209 data->assoc_info.reassoc); 1210 return; 1211 } 1212#endif /* CONFIG_AP */ 1213 1214 ft_completed = wpa_ft_is_completed(wpa_s->wpa); 1215 if (data && wpa_supplicant_event_associnfo(wpa_s, data) < 0) 1216 return; 1217 1218 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED); 1219 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) 1220 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN); 1221 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) || 1222 (wpa_drv_get_bssid(wpa_s, bssid) >= 0 && 1223 os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0)) { 1224 wpa_dbg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID=" 1225 MACSTR, MAC2STR(bssid)); 1226 random_add_randomness(bssid, ETH_ALEN); 1227 bssid_changed = os_memcmp(wpa_s->bssid, bssid, ETH_ALEN); 1228 os_memcpy(wpa_s->bssid, bssid, ETH_ALEN); 1229 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 1230 if (bssid_changed) 1231 wpas_notify_bssid_changed(wpa_s); 1232 1233 if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) { 1234 wpa_clear_keys(wpa_s, bssid); 1235 } 1236 if (wpa_supplicant_select_config(wpa_s) < 0) { 1237 wpa_supplicant_disassociate( 1238 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1239 return; 1240 } 1241 if (wpa_s->current_ssid) { 1242 struct wpa_bss *bss = NULL; 1243 struct wpa_ssid *ssid = wpa_s->current_ssid; 1244 if (ssid->ssid_len > 0) 1245 bss = wpa_bss_get(wpa_s, bssid, 1246 ssid->ssid, ssid->ssid_len); 1247 if (!bss) 1248 bss = wpa_bss_get_bssid(wpa_s, bssid); 1249 if (bss) 1250 wpa_s->current_bss = bss; 1251 } 1252 } 1253 1254#ifdef CONFIG_SME 1255 os_memcpy(wpa_s->sme.prev_bssid, bssid, ETH_ALEN); 1256 wpa_s->sme.prev_bssid_set = 1; 1257#endif /* CONFIG_SME */ 1258 1259 wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid)); 1260 if (wpa_s->current_ssid) { 1261 /* When using scanning (ap_scan=1), SIM PC/SC interface can be 1262 * initialized before association, but for other modes, 1263 * initialize PC/SC here, if the current configuration needs 1264 * smartcard or SIM/USIM. */ 1265 wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid); 1266 } 1267 wpa_sm_notify_assoc(wpa_s->wpa, bssid); 1268 if (wpa_s->l2) 1269 l2_packet_notify_auth_start(wpa_s->l2); 1270 1271 /* 1272 * Set portEnabled first to FALSE in order to get EAP state machine out 1273 * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE 1274 * state machine may transit to AUTHENTICATING state based on obsolete 1275 * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to 1276 * AUTHENTICATED without ever giving chance to EAP state machine to 1277 * reset the state. 1278 */ 1279 if (!ft_completed) { 1280 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 1281 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 1282 } 1283 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed) 1284 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 1285 /* 802.1X::portControl = Auto */ 1286 eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE); 1287 wpa_s->eapol_received = 0; 1288 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1289 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE || 1290 (wpa_s->current_ssid && 1291 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS)) { 1292 wpa_supplicant_cancel_auth_timeout(wpa_s); 1293 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1294 } else if (!ft_completed) { 1295 /* Timeout for receiving the first EAPOL packet */ 1296 wpa_supplicant_req_auth_timeout(wpa_s, 10, 0); 1297 } 1298 wpa_supplicant_cancel_scan(wpa_s); 1299 1300 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1301 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 1302 /* 1303 * We are done; the driver will take care of RSN 4-way 1304 * handshake. 1305 */ 1306 wpa_supplicant_cancel_auth_timeout(wpa_s); 1307 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1308 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1309 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 1310 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1311 wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 1312 /* 1313 * The driver will take care of RSN 4-way handshake, so we need 1314 * to allow EAPOL supplicant to complete its work without 1315 * waiting for WPA supplicant. 1316 */ 1317 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1318 } else if (ft_completed) { 1319 /* 1320 * FT protocol completed - make sure EAPOL state machine ends 1321 * up in authenticated. 1322 */ 1323 wpa_supplicant_cancel_auth_timeout(wpa_s); 1324 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1325 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1326 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 1327 } 1328 1329 if (wpa_s->pending_eapol_rx) { 1330 struct os_time now, age; 1331 os_get_time(&now); 1332 os_time_sub(&now, &wpa_s->pending_eapol_rx_time, &age); 1333 if (age.sec == 0 && age.usec < 100000 && 1334 os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) == 1335 0) { 1336 wpa_dbg(wpa_s, MSG_DEBUG, "Process pending EAPOL " 1337 "frame that was received just before " 1338 "association notification"); 1339 wpa_supplicant_rx_eapol( 1340 wpa_s, wpa_s->pending_eapol_rx_src, 1341 wpabuf_head(wpa_s->pending_eapol_rx), 1342 wpabuf_len(wpa_s->pending_eapol_rx)); 1343 } 1344 wpabuf_free(wpa_s->pending_eapol_rx); 1345 wpa_s->pending_eapol_rx = NULL; 1346 } 1347 1348 if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1349 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) && 1350 wpa_s->current_ssid && wpa_drv_get_capa(wpa_s, &capa) == 0 && 1351 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE) { 1352 /* Set static WEP keys again */ 1353 wpa_set_wep_keys(wpa_s, wpa_s->current_ssid); 1354 } 1355 1356#ifdef CONFIG_IBSS_RSN 1357 if (wpa_s->current_ssid && 1358 wpa_s->current_ssid->mode == WPAS_MODE_IBSS && 1359 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 1360 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE && 1361 wpa_s->ibss_rsn == NULL) { 1362 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s); 1363 if (!wpa_s->ibss_rsn) { 1364 wpa_msg(wpa_s, MSG_INFO, "Failed to init IBSS RSN"); 1365 wpa_supplicant_deauthenticate( 1366 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1367 return; 1368 } 1369 1370 ibss_rsn_set_psk(wpa_s->ibss_rsn, wpa_s->current_ssid->psk); 1371 } 1372#endif /* CONFIG_IBSS_RSN */ 1373} 1374 1375 1376static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s, 1377 u16 reason_code) 1378{ 1379 const u8 *bssid; 1380 int authenticating; 1381 u8 prev_pending_bssid[ETH_ALEN]; 1382 1383 authenticating = wpa_s->wpa_state == WPA_AUTHENTICATING; 1384 os_memcpy(prev_pending_bssid, wpa_s->pending_bssid, ETH_ALEN); 1385 1386 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 1387 /* 1388 * At least Host AP driver and a Prism3 card seemed to be 1389 * generating streams of disconnected events when configuring 1390 * IBSS for WPA-None. Ignore them for now. 1391 */ 1392 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - ignore in " 1393 "IBSS/WPA-None mode"); 1394 return; 1395 } 1396 1397 if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE && 1398 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 1399 wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - " 1400 "pre-shared key may be incorrect"); 1401 } 1402 if (!wpa_s->auto_reconnect_disabled || 1403 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 1404 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Auto connect enabled: try to " 1405 "reconnect (wps=%d)", 1406 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS); 1407 if (wpa_s->wpa_state >= WPA_ASSOCIATING) 1408 wpa_supplicant_req_scan(wpa_s, 0, 500000); 1409 } else { 1410 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Auto connect disabled: do not " 1411 "try to re-connect"); 1412 wpa_s->reassociate = 0; 1413 wpa_s->disconnected = 1; 1414 } 1415 bssid = wpa_s->bssid; 1416 if (is_zero_ether_addr(bssid)) 1417 bssid = wpa_s->pending_bssid; 1418 wpas_connection_failed(wpa_s, bssid); 1419 wpa_sm_notify_disassoc(wpa_s->wpa); 1420 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 1421 " reason=%d", 1422 MAC2STR(bssid), reason_code); 1423 if (wpa_supplicant_dynamic_keys(wpa_s)) { 1424 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - remove keys"); 1425 wpa_s->keys_cleared = 0; 1426 wpa_clear_keys(wpa_s, wpa_s->bssid); 1427 } 1428 wpa_supplicant_mark_disassoc(wpa_s); 1429 1430 if (authenticating && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 1431 sme_disassoc_while_authenticating(wpa_s, prev_pending_bssid); 1432} 1433 1434 1435#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 1436static void wpa_supplicant_delayed_mic_error_report(void *eloop_ctx, 1437 void *sock_ctx) 1438{ 1439 struct wpa_supplicant *wpa_s = eloop_ctx; 1440 1441 if (!wpa_s->pending_mic_error_report) 1442 return; 1443 1444 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Sending pending MIC error report"); 1445 wpa_sm_key_request(wpa_s->wpa, 1, wpa_s->pending_mic_error_pairwise); 1446 wpa_s->pending_mic_error_report = 0; 1447} 1448#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1449 1450 1451static void 1452wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s, 1453 union wpa_event_data *data) 1454{ 1455 int pairwise; 1456 struct os_time t; 1457 1458 wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected"); 1459 pairwise = (data && data->michael_mic_failure.unicast); 1460 os_get_time(&t); 1461 if ((wpa_s->last_michael_mic_error && 1462 t.sec - wpa_s->last_michael_mic_error <= 60) || 1463 wpa_s->pending_mic_error_report) { 1464 if (wpa_s->pending_mic_error_report) { 1465 /* 1466 * Send the pending MIC error report immediately since 1467 * we are going to start countermeasures and AP better 1468 * do the same. 1469 */ 1470 wpa_sm_key_request(wpa_s->wpa, 1, 1471 wpa_s->pending_mic_error_pairwise); 1472 } 1473 1474 /* Send the new MIC error report immediately since we are going 1475 * to start countermeasures and AP better do the same. 1476 */ 1477 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1478 1479 /* initialize countermeasures */ 1480 wpa_s->countermeasures = 1; 1481 wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started"); 1482 1483 /* 1484 * Need to wait for completion of request frame. We do not get 1485 * any callback for the message completion, so just wait a 1486 * short while and hope for the best. */ 1487 os_sleep(0, 10000); 1488 1489 wpa_drv_set_countermeasures(wpa_s, 1); 1490 wpa_supplicant_deauthenticate(wpa_s, 1491 WLAN_REASON_MICHAEL_MIC_FAILURE); 1492 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, 1493 wpa_s, NULL); 1494 eloop_register_timeout(60, 0, 1495 wpa_supplicant_stop_countermeasures, 1496 wpa_s, NULL); 1497 /* TODO: mark the AP rejected for 60 second. STA is 1498 * allowed to associate with another AP.. */ 1499 } else { 1500#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 1501 if (wpa_s->mic_errors_seen) { 1502 /* 1503 * Reduce the effectiveness of Michael MIC error 1504 * reports as a means for attacking against TKIP if 1505 * more than one MIC failure is noticed with the same 1506 * PTK. We delay the transmission of the reports by a 1507 * random time between 0 and 60 seconds in order to 1508 * force the attacker wait 60 seconds before getting 1509 * the information on whether a frame resulted in a MIC 1510 * failure. 1511 */ 1512 u8 rval[4]; 1513 int sec; 1514 1515 if (os_get_random(rval, sizeof(rval)) < 0) 1516 sec = os_random() % 60; 1517 else 1518 sec = WPA_GET_BE32(rval) % 60; 1519 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Delay MIC error " 1520 "report %d seconds", sec); 1521 wpa_s->pending_mic_error_report = 1; 1522 wpa_s->pending_mic_error_pairwise = pairwise; 1523 eloop_cancel_timeout( 1524 wpa_supplicant_delayed_mic_error_report, 1525 wpa_s, NULL); 1526 eloop_register_timeout( 1527 sec, os_random() % 1000000, 1528 wpa_supplicant_delayed_mic_error_report, 1529 wpa_s, NULL); 1530 } else { 1531 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1532 } 1533#else /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1534 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 1535#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 1536 } 1537 wpa_s->last_michael_mic_error = t.sec; 1538 wpa_s->mic_errors_seen++; 1539} 1540 1541 1542#ifdef CONFIG_TERMINATE_ONLASTIF 1543static int any_interfaces(struct wpa_supplicant *head) 1544{ 1545 struct wpa_supplicant *wpa_s; 1546 1547 for (wpa_s = head; wpa_s != NULL; wpa_s = wpa_s->next) 1548 if (!wpa_s->interface_removed) 1549 return 1; 1550 return 0; 1551} 1552#endif /* CONFIG_TERMINATE_ONLASTIF */ 1553 1554 1555static void 1556wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s, 1557 union wpa_event_data *data) 1558{ 1559 if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0) 1560 return; 1561 1562 switch (data->interface_status.ievent) { 1563 case EVENT_INTERFACE_ADDED: 1564 if (!wpa_s->interface_removed) 1565 break; 1566 wpa_s->interface_removed = 0; 1567 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was added"); 1568 if (wpa_supplicant_driver_init(wpa_s) < 0) { 1569 wpa_msg(wpa_s, MSG_INFO, "Failed to initialize the " 1570 "driver after interface was added"); 1571 } 1572 break; 1573 case EVENT_INTERFACE_REMOVED: 1574 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was removed"); 1575 wpa_s->interface_removed = 1; 1576 wpa_supplicant_mark_disassoc(wpa_s); 1577 l2_packet_deinit(wpa_s->l2); 1578 wpa_s->l2 = NULL; 1579#ifdef CONFIG_IBSS_RSN 1580 ibss_rsn_deinit(wpa_s->ibss_rsn); 1581 wpa_s->ibss_rsn = NULL; 1582#endif /* CONFIG_IBSS_RSN */ 1583#ifdef CONFIG_TERMINATE_ONLASTIF 1584 /* check if last interface */ 1585 if (!any_interfaces(wpa_s->global->ifaces)) 1586 eloop_terminate(); 1587#endif /* CONFIG_TERMINATE_ONLASTIF */ 1588 break; 1589 } 1590} 1591 1592 1593#ifdef CONFIG_PEERKEY 1594static void 1595wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s, 1596 union wpa_event_data *data) 1597{ 1598 if (data == NULL) 1599 return; 1600 wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer); 1601} 1602#endif /* CONFIG_PEERKEY */ 1603 1604 1605#ifdef CONFIG_TDLS 1606static void wpa_supplicant_event_tdls(struct wpa_supplicant *wpa_s, 1607 union wpa_event_data *data) 1608{ 1609 if (data == NULL) 1610 return; 1611 switch (data->tdls.oper) { 1612 case TDLS_REQUEST_SETUP: 1613 wpa_tdls_start(wpa_s->wpa, data->tdls.peer); 1614 break; 1615 case TDLS_REQUEST_TEARDOWN: 1616 /* request from driver to add FTIE */ 1617 wpa_tdls_recv_teardown_notify(wpa_s->wpa, data->tdls.peer, 1618 data->tdls.reason_code); 1619 break; 1620 } 1621} 1622#endif /* CONFIG_TDLS */ 1623 1624 1625#ifdef CONFIG_IEEE80211R 1626static void 1627wpa_supplicant_event_ft_response(struct wpa_supplicant *wpa_s, 1628 union wpa_event_data *data) 1629{ 1630 if (data == NULL) 1631 return; 1632 1633 if (wpa_ft_process_response(wpa_s->wpa, data->ft_ies.ies, 1634 data->ft_ies.ies_len, 1635 data->ft_ies.ft_action, 1636 data->ft_ies.target_ap, 1637 data->ft_ies.ric_ies, 1638 data->ft_ies.ric_ies_len) < 0) { 1639 /* TODO: prevent MLME/driver from trying to associate? */ 1640 } 1641} 1642#endif /* CONFIG_IEEE80211R */ 1643 1644 1645#ifdef CONFIG_IBSS_RSN 1646static void wpa_supplicant_event_ibss_rsn_start(struct wpa_supplicant *wpa_s, 1647 union wpa_event_data *data) 1648{ 1649 struct wpa_ssid *ssid; 1650 if (wpa_s->wpa_state < WPA_ASSOCIATED) 1651 return; 1652 if (data == NULL) 1653 return; 1654 ssid = wpa_s->current_ssid; 1655 if (ssid == NULL) 1656 return; 1657 if (ssid->mode != WPAS_MODE_IBSS || !wpa_key_mgmt_wpa(ssid->key_mgmt)) 1658 return; 1659 1660 ibss_rsn_start(wpa_s->ibss_rsn, data->ibss_rsn_start.peer); 1661} 1662#endif /* CONFIG_IBSS_RSN */ 1663 1664 1665#ifdef CONFIG_IEEE80211R 1666static void ft_rx_action(struct wpa_supplicant *wpa_s, const u8 *data, 1667 size_t len) 1668{ 1669 const u8 *sta_addr, *target_ap_addr; 1670 u16 status; 1671 1672 wpa_hexdump(MSG_MSGDUMP, "FT: RX Action", data, len); 1673 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 1674 return; /* only SME case supported for now */ 1675 if (len < 1 + 2 * ETH_ALEN + 2) 1676 return; 1677 if (data[0] != 2) 1678 return; /* Only FT Action Response is supported for now */ 1679 sta_addr = data + 1; 1680 target_ap_addr = data + 1 + ETH_ALEN; 1681 status = WPA_GET_LE16(data + 1 + 2 * ETH_ALEN); 1682 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Received FT Action Response: STA " 1683 MACSTR " TargetAP " MACSTR " status %u", 1684 MAC2STR(sta_addr), MAC2STR(target_ap_addr), status); 1685 1686 if (os_memcmp(sta_addr, wpa_s->own_addr, ETH_ALEN) != 0) { 1687 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Foreign STA Address " MACSTR 1688 " in FT Action Response", MAC2STR(sta_addr)); 1689 return; 1690 } 1691 1692 if (status) { 1693 wpa_dbg(wpa_s, MSG_DEBUG, "FT: FT Action Response indicates " 1694 "failure (status code %d)", status); 1695 /* TODO: report error to FT code(?) */ 1696 return; 1697 } 1698 1699 if (wpa_ft_process_response(wpa_s->wpa, data + 1 + 2 * ETH_ALEN + 2, 1700 len - (1 + 2 * ETH_ALEN + 2), 1, 1701 target_ap_addr, NULL, 0) < 0) 1702 return; 1703 1704#ifdef CONFIG_SME 1705 { 1706 struct wpa_bss *bss; 1707 bss = wpa_bss_get_bssid(wpa_s, target_ap_addr); 1708 if (bss) 1709 wpa_s->sme.freq = bss->freq; 1710 wpa_s->sme.auth_alg = WPA_AUTH_ALG_FT; 1711 sme_associate(wpa_s, WPAS_MODE_INFRA, target_ap_addr, 1712 WLAN_AUTH_FT); 1713 } 1714#endif /* CONFIG_SME */ 1715} 1716#endif /* CONFIG_IEEE80211R */ 1717 1718 1719static void wpa_supplicant_event_unprot_deauth(struct wpa_supplicant *wpa_s, 1720 struct unprot_deauth *e) 1721{ 1722#ifdef CONFIG_IEEE80211W 1723 wpa_printf(MSG_DEBUG, "Unprotected Deauthentication frame " 1724 "dropped: " MACSTR " -> " MACSTR 1725 " (reason code %u)", 1726 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); 1727 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); 1728#endif /* CONFIG_IEEE80211W */ 1729} 1730 1731 1732static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s, 1733 struct unprot_disassoc *e) 1734{ 1735#ifdef CONFIG_IEEE80211W 1736 wpa_printf(MSG_DEBUG, "Unprotected Disassociation frame " 1737 "dropped: " MACSTR " -> " MACSTR 1738 " (reason code %u)", 1739 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); 1740 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); 1741#endif /* CONFIG_IEEE80211W */ 1742} 1743 1744 1745void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 1746 union wpa_event_data *data) 1747{ 1748 struct wpa_supplicant *wpa_s = ctx; 1749 u16 reason_code = 0; 1750 1751 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED && 1752 event != EVENT_INTERFACE_ENABLED && 1753 event != EVENT_INTERFACE_STATUS) { 1754 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore event %d while interface is " 1755 "disabled", event); 1756 return; 1757 } 1758 1759 wpa_dbg(wpa_s, MSG_DEBUG, "Event %d received on interface %s", 1760 event, wpa_s->ifname); 1761 1762 switch (event) { 1763 case EVENT_AUTH: 1764 sme_event_auth(wpa_s, data); 1765 break; 1766 case EVENT_ASSOC: 1767 wpa_supplicant_event_assoc(wpa_s, data); 1768 break; 1769 case EVENT_DISASSOC: 1770 wpa_dbg(wpa_s, MSG_DEBUG, "Disassociation notification"); 1771 if (data) { 1772 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u", 1773 data->disassoc_info.reason_code); 1774 if (data->disassoc_info.addr) 1775 wpa_dbg(wpa_s, MSG_DEBUG, " * address " MACSTR, 1776 MAC2STR(data->disassoc_info.addr)); 1777 } 1778#ifdef CONFIG_AP 1779 if (wpa_s->ap_iface && data && data->disassoc_info.addr) { 1780 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0], 1781 data->disassoc_info.addr); 1782 break; 1783 } 1784#endif /* CONFIG_AP */ 1785 if (data) { 1786 reason_code = data->disassoc_info.reason_code; 1787 wpa_hexdump(MSG_DEBUG, "Disassociation frame IE(s)", 1788 data->disassoc_info.ie, 1789 data->disassoc_info.ie_len); 1790#ifdef CONFIG_P2P 1791 wpas_p2p_disassoc_notif( 1792 wpa_s, data->disassoc_info.addr, reason_code, 1793 data->disassoc_info.ie, 1794 data->disassoc_info.ie_len); 1795#endif /* CONFIG_P2P */ 1796 } 1797 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 1798 sme_event_disassoc(wpa_s, data); 1799 /* fall through */ 1800 case EVENT_DEAUTH: 1801 if (event == EVENT_DEAUTH) { 1802 wpa_dbg(wpa_s, MSG_DEBUG, 1803 "Deauthentication notification"); 1804 if (data) { 1805 reason_code = data->deauth_info.reason_code; 1806 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u", 1807 data->deauth_info.reason_code); 1808 if (data->deauth_info.addr) { 1809 wpa_dbg(wpa_s, MSG_DEBUG, " * address " 1810 MACSTR, 1811 MAC2STR(data->deauth_info. 1812 addr)); 1813 } 1814 wpa_hexdump(MSG_DEBUG, 1815 "Deauthentication frame IE(s)", 1816 data->deauth_info.ie, 1817 data->deauth_info.ie_len); 1818#ifdef CONFIG_P2P 1819 wpas_p2p_deauth_notif( 1820 wpa_s, data->deauth_info.addr, 1821 reason_code, 1822 data->deauth_info.ie, 1823 data->deauth_info.ie_len); 1824#endif /* CONFIG_P2P */ 1825 } 1826 } 1827#ifdef CONFIG_AP 1828 if (wpa_s->ap_iface && data && data->deauth_info.addr) { 1829 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0], 1830 data->deauth_info.addr); 1831 break; 1832 } 1833#endif /* CONFIG_AP */ 1834 wpa_supplicant_event_disassoc(wpa_s, reason_code); 1835 break; 1836 case EVENT_MICHAEL_MIC_FAILURE: 1837 wpa_supplicant_event_michael_mic_failure(wpa_s, data); 1838 break; 1839#ifndef CONFIG_NO_SCAN_PROCESSING 1840 case EVENT_SCAN_RESULTS: 1841 wpa_supplicant_event_scan_results(wpa_s, data); 1842 break; 1843#endif /* CONFIG_NO_SCAN_PROCESSING */ 1844 case EVENT_ASSOCINFO: 1845 wpa_supplicant_event_associnfo(wpa_s, data); 1846 break; 1847 case EVENT_INTERFACE_STATUS: 1848 wpa_supplicant_event_interface_status(wpa_s, data); 1849 break; 1850 case EVENT_PMKID_CANDIDATE: 1851 wpa_supplicant_event_pmkid_candidate(wpa_s, data); 1852 break; 1853#ifdef CONFIG_PEERKEY 1854 case EVENT_STKSTART: 1855 wpa_supplicant_event_stkstart(wpa_s, data); 1856 break; 1857#endif /* CONFIG_PEERKEY */ 1858#ifdef CONFIG_TDLS 1859 case EVENT_TDLS: 1860 wpa_supplicant_event_tdls(wpa_s, data); 1861 break; 1862#endif /* CONFIG_TDLS */ 1863#ifdef CONFIG_IEEE80211R 1864 case EVENT_FT_RESPONSE: 1865 wpa_supplicant_event_ft_response(wpa_s, data); 1866 break; 1867#endif /* CONFIG_IEEE80211R */ 1868#ifdef CONFIG_IBSS_RSN 1869 case EVENT_IBSS_RSN_START: 1870 wpa_supplicant_event_ibss_rsn_start(wpa_s, data); 1871 break; 1872#endif /* CONFIG_IBSS_RSN */ 1873 case EVENT_ASSOC_REJECT: 1874 if (data->assoc_reject.bssid) 1875 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT 1876 "bssid=" MACSTR " status_code=%u", 1877 MAC2STR(data->assoc_reject.bssid), 1878 data->assoc_reject.status_code); 1879 else 1880 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT 1881 "status_code=%u", 1882 data->assoc_reject.status_code); 1883 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 1884 sme_event_assoc_reject(wpa_s, data); 1885 break; 1886 case EVENT_AUTH_TIMED_OUT: 1887 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 1888 sme_event_auth_timed_out(wpa_s, data); 1889 break; 1890 case EVENT_ASSOC_TIMED_OUT: 1891 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 1892 sme_event_assoc_timed_out(wpa_s, data); 1893 break; 1894#ifdef CONFIG_AP 1895 case EVENT_TX_STATUS: 1896 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS dst=" MACSTR 1897 " type=%d stype=%d", 1898 MAC2STR(data->tx_status.dst), 1899 data->tx_status.type, data->tx_status.stype); 1900 if (wpa_s->ap_iface == NULL) { 1901#ifdef CONFIG_P2P 1902 if (data->tx_status.type == WLAN_FC_TYPE_MGMT && 1903 data->tx_status.stype == WLAN_FC_STYPE_ACTION) 1904 wpas_send_action_tx_status( 1905 wpa_s, data->tx_status.dst, 1906 data->tx_status.data, 1907 data->tx_status.data_len, 1908 data->tx_status.ack ? 1909 P2P_SEND_ACTION_SUCCESS : 1910 P2P_SEND_ACTION_NO_ACK); 1911#endif /* CONFIG_P2P */ 1912 break; 1913 } 1914#ifdef CONFIG_P2P 1915 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS pending_dst=" 1916 MACSTR, MAC2STR(wpa_s->parent->pending_action_dst)); 1917 /* 1918 * Catch TX status events for Action frames we sent via group 1919 * interface in GO mode. 1920 */ 1921 if (data->tx_status.type == WLAN_FC_TYPE_MGMT && 1922 data->tx_status.stype == WLAN_FC_STYPE_ACTION && 1923 os_memcmp(wpa_s->parent->pending_action_dst, 1924 data->tx_status.dst, ETH_ALEN) == 0) { 1925 wpas_send_action_tx_status( 1926 wpa_s->parent, data->tx_status.dst, 1927 data->tx_status.data, 1928 data->tx_status.data_len, 1929 data->tx_status.ack ? 1930 P2P_SEND_ACTION_SUCCESS : 1931 P2P_SEND_ACTION_NO_ACK); 1932 break; 1933 } 1934#endif /* CONFIG_P2P */ 1935 switch (data->tx_status.type) { 1936 case WLAN_FC_TYPE_MGMT: 1937 ap_mgmt_tx_cb(wpa_s, data->tx_status.data, 1938 data->tx_status.data_len, 1939 data->tx_status.stype, 1940 data->tx_status.ack); 1941 break; 1942 case WLAN_FC_TYPE_DATA: 1943 ap_tx_status(wpa_s, data->tx_status.dst, 1944 data->tx_status.data, 1945 data->tx_status.data_len, 1946 data->tx_status.ack); 1947 break; 1948 } 1949 break; 1950 case EVENT_RX_FROM_UNKNOWN: 1951 if (wpa_s->ap_iface == NULL) 1952 break; 1953 ap_rx_from_unknown_sta(wpa_s, data->rx_from_unknown.frame, 1954 data->rx_from_unknown.len); 1955 break; 1956 case EVENT_RX_MGMT: 1957 if (wpa_s->ap_iface == NULL) { 1958#ifdef CONFIG_P2P 1959 u16 fc, stype; 1960 const struct ieee80211_mgmt *mgmt; 1961 mgmt = (const struct ieee80211_mgmt *) 1962 data->rx_mgmt.frame; 1963 fc = le_to_host16(mgmt->frame_control); 1964 stype = WLAN_FC_GET_STYPE(fc); 1965 if (stype == WLAN_FC_STYPE_PROBE_REQ && 1966 data->rx_mgmt.frame_len > 24) { 1967 const u8 *src = mgmt->sa; 1968 const u8 *ie = mgmt->u.probe_req.variable; 1969 size_t ie_len = data->rx_mgmt.frame_len - 1970 (mgmt->u.probe_req.variable - 1971 data->rx_mgmt.frame); 1972 wpas_p2p_probe_req_rx(wpa_s, src, ie, ie_len); 1973 break; 1974 } 1975#endif /* CONFIG_P2P */ 1976 wpa_dbg(wpa_s, MSG_DEBUG, "AP: ignore received " 1977 "management frame in non-AP mode"); 1978 break; 1979 } 1980 ap_mgmt_rx(wpa_s, &data->rx_mgmt); 1981 break; 1982#endif /* CONFIG_AP */ 1983 case EVENT_RX_ACTION: 1984 wpa_dbg(wpa_s, MSG_DEBUG, "Received Action frame: SA=" MACSTR 1985 " Category=%u DataLen=%d freq=%d MHz", 1986 MAC2STR(data->rx_action.sa), 1987 data->rx_action.category, (int) data->rx_action.len, 1988 data->rx_action.freq); 1989#ifdef CONFIG_IEEE80211R 1990 if (data->rx_action.category == WLAN_ACTION_FT) { 1991 ft_rx_action(wpa_s, data->rx_action.data, 1992 data->rx_action.len); 1993 break; 1994 } 1995#endif /* CONFIG_IEEE80211R */ 1996#ifdef CONFIG_IEEE80211W 1997#ifdef CONFIG_SME 1998 if (data->rx_action.category == WLAN_ACTION_SA_QUERY) { 1999 sme_sa_query_rx(wpa_s, data->rx_action.sa, 2000 data->rx_action.data, 2001 data->rx_action.len); 2002 break; 2003 } 2004#endif /* CONFIG_SME */ 2005#endif /* CONFIG_IEEE80211W */ 2006#ifdef CONFIG_P2P 2007 wpas_p2p_rx_action(wpa_s, data->rx_action.da, 2008 data->rx_action.sa, 2009 data->rx_action.bssid, 2010 data->rx_action.category, 2011 data->rx_action.data, 2012 data->rx_action.len, data->rx_action.freq); 2013#endif /* CONFIG_P2P */ 2014 break; 2015 case EVENT_RX_PROBE_REQ: 2016 if (data->rx_probe_req.sa == NULL || 2017 data->rx_probe_req.ie == NULL) 2018 break; 2019#ifdef CONFIG_AP 2020 if (wpa_s->ap_iface) { 2021 hostapd_probe_req_rx(wpa_s->ap_iface->bss[0], 2022 data->rx_probe_req.sa, 2023 data->rx_probe_req.ie, 2024 data->rx_probe_req.ie_len); 2025 break; 2026 } 2027#endif /* CONFIG_AP */ 2028#ifdef CONFIG_P2P 2029 wpas_p2p_probe_req_rx(wpa_s, data->rx_probe_req.sa, 2030 data->rx_probe_req.ie, 2031 data->rx_probe_req.ie_len); 2032#endif /* CONFIG_P2P */ 2033 break; 2034#ifdef CONFIG_P2P 2035 case EVENT_REMAIN_ON_CHANNEL: 2036 wpas_p2p_remain_on_channel_cb( 2037 wpa_s, data->remain_on_channel.freq, 2038 data->remain_on_channel.duration); 2039 break; 2040 case EVENT_CANCEL_REMAIN_ON_CHANNEL: 2041 wpas_p2p_cancel_remain_on_channel_cb( 2042 wpa_s, data->remain_on_channel.freq); 2043 break; 2044 case EVENT_P2P_DEV_FOUND: { 2045 struct p2p_peer_info peer_info; 2046 2047 os_memset(&peer_info, 0, sizeof(peer_info)); 2048 if (data->p2p_dev_found.dev_addr) 2049 os_memcpy(peer_info.p2p_device_addr, 2050 data->p2p_dev_found.dev_addr, ETH_ALEN); 2051 if (data->p2p_dev_found.pri_dev_type) 2052 os_memcpy(peer_info.pri_dev_type, 2053 data->p2p_dev_found.pri_dev_type, 2054 sizeof(peer_info.pri_dev_type)); 2055 if (data->p2p_dev_found.dev_name) 2056 os_strlcpy(peer_info.device_name, 2057 data->p2p_dev_found.dev_name, 2058 sizeof(peer_info.device_name)); 2059 peer_info.config_methods = data->p2p_dev_found.config_methods; 2060 peer_info.dev_capab = data->p2p_dev_found.dev_capab; 2061 peer_info.group_capab = data->p2p_dev_found.group_capab; 2062 2063 /* 2064 * FIX: new_device=1 is not necessarily correct. We should 2065 * maintain a P2P peer database in wpa_supplicant and update 2066 * this information based on whether the peer is truly new. 2067 */ 2068 wpas_dev_found(wpa_s, data->p2p_dev_found.addr, &peer_info, 1); 2069 break; 2070 } 2071 case EVENT_P2P_GO_NEG_REQ_RX: 2072 wpas_go_neg_req_rx(wpa_s, data->p2p_go_neg_req_rx.src, 2073 data->p2p_go_neg_req_rx.dev_passwd_id); 2074 break; 2075 case EVENT_P2P_GO_NEG_COMPLETED: 2076 wpas_go_neg_completed(wpa_s, data->p2p_go_neg_completed.res); 2077 break; 2078 case EVENT_P2P_PROV_DISC_REQUEST: 2079 wpas_prov_disc_req(wpa_s, data->p2p_prov_disc_req.peer, 2080 data->p2p_prov_disc_req.config_methods, 2081 data->p2p_prov_disc_req.dev_addr, 2082 data->p2p_prov_disc_req.pri_dev_type, 2083 data->p2p_prov_disc_req.dev_name, 2084 data->p2p_prov_disc_req.supp_config_methods, 2085 data->p2p_prov_disc_req.dev_capab, 2086 data->p2p_prov_disc_req.group_capab); 2087 break; 2088 case EVENT_P2P_PROV_DISC_RESPONSE: 2089 wpas_prov_disc_resp(wpa_s, data->p2p_prov_disc_resp.peer, 2090 data->p2p_prov_disc_resp.config_methods); 2091 break; 2092 case EVENT_P2P_SD_REQUEST: 2093 wpas_sd_request(wpa_s, data->p2p_sd_req.freq, 2094 data->p2p_sd_req.sa, 2095 data->p2p_sd_req.dialog_token, 2096 data->p2p_sd_req.update_indic, 2097 data->p2p_sd_req.tlvs, 2098 data->p2p_sd_req.tlvs_len); 2099 break; 2100 case EVENT_P2P_SD_RESPONSE: 2101 wpas_sd_response(wpa_s, data->p2p_sd_resp.sa, 2102 data->p2p_sd_resp.update_indic, 2103 data->p2p_sd_resp.tlvs, 2104 data->p2p_sd_resp.tlvs_len); 2105 break; 2106#endif /* CONFIG_P2P */ 2107#ifdef CONFIG_CLIENT_MLME 2108 case EVENT_MLME_RX: { 2109 struct ieee80211_rx_status rx_status; 2110 os_memset(&rx_status, 0, sizeof(rx_status)); 2111 rx_status.freq = data->mlme_rx.freq; 2112 rx_status.channel = data->mlme_rx.channel; 2113 rx_status.ssi = data->mlme_rx.ssi; 2114 ieee80211_sta_rx(wpa_s, data->mlme_rx.buf, data->mlme_rx.len, 2115 &rx_status); 2116 break; 2117 } 2118#endif /* CONFIG_CLIENT_MLME */ 2119 case EVENT_EAPOL_RX: 2120 wpa_supplicant_rx_eapol(wpa_s, data->eapol_rx.src, 2121 data->eapol_rx.data, 2122 data->eapol_rx.data_len); 2123 break; 2124 case EVENT_SIGNAL_CHANGE: 2125 bgscan_notify_signal_change( 2126 wpa_s, data->signal_change.above_threshold, 2127 data->signal_change.current_signal, 2128 data->signal_change.current_noise, 2129 data->signal_change.current_txrate); 2130 break; 2131 case EVENT_INTERFACE_ENABLED: 2132 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was enabled"); 2133 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { 2134#ifdef CONFIG_AP 2135 if (!wpa_s->ap_iface) { 2136 wpa_supplicant_set_state(wpa_s, 2137 WPA_DISCONNECTED); 2138 wpa_supplicant_req_scan(wpa_s, 0, 0); 2139 } else 2140 wpa_supplicant_set_state(wpa_s, 2141 WPA_COMPLETED); 2142#else /* CONFIG_AP */ 2143 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 2144 wpa_supplicant_req_scan(wpa_s, 0, 0); 2145#endif /* CONFIG_AP */ 2146 } 2147 break; 2148 case EVENT_INTERFACE_DISABLED: 2149 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was disabled"); 2150 wpa_supplicant_mark_disassoc(wpa_s); 2151 wpa_supplicant_set_state(wpa_s, WPA_INTERFACE_DISABLED); 2152 break; 2153 case EVENT_CHANNEL_LIST_CHANGED: 2154 if (wpa_s->drv_priv == NULL) 2155 break; /* Ignore event during drv initialization */ 2156#ifdef CONFIG_P2P 2157 wpas_p2p_update_channel_list(wpa_s); 2158#endif /* CONFIG_P2P */ 2159 break; 2160 case EVENT_INTERFACE_UNAVAILABLE: 2161#ifdef CONFIG_P2P 2162 wpas_p2p_interface_unavailable(wpa_s); 2163#endif /* CONFIG_P2P */ 2164 break; 2165 case EVENT_BEST_CHANNEL: 2166 wpa_dbg(wpa_s, MSG_DEBUG, "Best channel event received " 2167 "(%d %d %d)", 2168 data->best_chan.freq_24, data->best_chan.freq_5, 2169 data->best_chan.freq_overall); 2170 wpa_s->best_24_freq = data->best_chan.freq_24; 2171 wpa_s->best_5_freq = data->best_chan.freq_5; 2172 wpa_s->best_overall_freq = data->best_chan.freq_overall; 2173#ifdef CONFIG_P2P 2174 wpas_p2p_update_best_channels(wpa_s, data->best_chan.freq_24, 2175 data->best_chan.freq_5, 2176 data->best_chan.freq_overall); 2177#endif /* CONFIG_P2P */ 2178 break; 2179 case EVENT_UNPROT_DEAUTH: 2180 wpa_supplicant_event_unprot_deauth(wpa_s, 2181 &data->unprot_deauth); 2182 break; 2183 case EVENT_UNPROT_DISASSOC: 2184 wpa_supplicant_event_unprot_disassoc(wpa_s, 2185 &data->unprot_disassoc); 2186 break; 2187 case EVENT_STATION_LOW_ACK: 2188#ifdef CONFIG_AP 2189 if (wpa_s->ap_iface && data) 2190 hostapd_event_sta_low_ack(wpa_s->ap_iface->bss[0], 2191 data->low_ack.addr); 2192#endif /* CONFIG_AP */ 2193 break; 2194 case EVENT_IBSS_PEER_LOST: 2195#ifdef CONFIG_IBSS_RSN 2196 ibss_rsn_stop(wpa_s->ibss_rsn, data->ibss_peer_lost.peer); 2197#endif /* CONFIG_IBSS_RSN */ 2198 break; 2199 default: 2200 wpa_msg(wpa_s, MSG_INFO, "Unknown event %d", event); 2201 break; 2202 } 2203} 2204