1/* 2 * WPA Supplicant 3 * Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 * 8 * This file implements functions for registering and unregistering 9 * %wpa_supplicant interfaces. In addition, this file contains number of 10 * functions for managing network connections. 11 */ 12 13#include "includes.h" 14#ifdef CONFIG_MATCH_IFACE 15#include <net/if.h> 16#include <fnmatch.h> 17#endif /* CONFIG_MATCH_IFACE */ 18 19#include "common.h" 20#include "crypto/random.h" 21#include "crypto/sha1.h" 22#include "eapol_supp/eapol_supp_sm.h" 23#include "eap_peer/eap.h" 24#include "eap_peer/eap_proxy.h" 25#include "eap_server/eap_methods.h" 26#include "rsn_supp/wpa.h" 27#include "eloop.h" 28#include "config.h" 29#include "utils/ext_password.h" 30#include "l2_packet/l2_packet.h" 31#include "wpa_supplicant_i.h" 32#include "driver_i.h" 33#include "ctrl_iface.h" 34#include "pcsc_funcs.h" 35#include "common/version.h" 36#include "rsn_supp/preauth.h" 37#include "rsn_supp/pmksa_cache.h" 38#include "common/wpa_ctrl.h" 39#include "common/ieee802_11_defs.h" 40#include "common/hw_features_common.h" 41#include "p2p/p2p.h" 42#include "fst/fst.h" 43#include "blacklist.h" 44#include "wpas_glue.h" 45#include "wps_supplicant.h" 46#include "ibss_rsn.h" 47#include "sme.h" 48#include "gas_query.h" 49#include "ap.h" 50#include "p2p_supplicant.h" 51#include "wifi_display.h" 52#include "notify.h" 53#include "bgscan.h" 54#include "autoscan.h" 55#include "bss.h" 56#include "scan.h" 57#include "offchannel.h" 58#include "hs20_supplicant.h" 59#include "wnm_sta.h" 60#include "wpas_kay.h" 61#include "mesh.h" 62 63const char *const wpa_supplicant_version = 64"wpa_supplicant v" VERSION_STR "\n" 65"Copyright (c) 2003-2016, Jouni Malinen <j@w1.fi> and contributors"; 66 67const char *const wpa_supplicant_license = 68"This software may be distributed under the terms of the BSD license.\n" 69"See README for more details.\n" 70#ifdef EAP_TLS_OPENSSL 71"\nThis product includes software developed by the OpenSSL Project\n" 72"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" 73#endif /* EAP_TLS_OPENSSL */ 74; 75 76#ifndef CONFIG_NO_STDOUT_DEBUG 77/* Long text divided into parts in order to fit in C89 strings size limits. */ 78const char *const wpa_supplicant_full_license1 = 79""; 80const char *const wpa_supplicant_full_license2 = 81"This software may be distributed under the terms of the BSD license.\n" 82"\n" 83"Redistribution and use in source and binary forms, with or without\n" 84"modification, are permitted provided that the following conditions are\n" 85"met:\n" 86"\n"; 87const char *const wpa_supplicant_full_license3 = 88"1. Redistributions of source code must retain the above copyright\n" 89" notice, this list of conditions and the following disclaimer.\n" 90"\n" 91"2. Redistributions in binary form must reproduce the above copyright\n" 92" notice, this list of conditions and the following disclaimer in the\n" 93" documentation and/or other materials provided with the distribution.\n" 94"\n"; 95const char *const wpa_supplicant_full_license4 = 96"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" 97" names of its contributors may be used to endorse or promote products\n" 98" derived from this software without specific prior written permission.\n" 99"\n" 100"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" 101"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" 102"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" 103"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; 104const char *const wpa_supplicant_full_license5 = 105"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" 106"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" 107"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" 108"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" 109"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" 110"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" 111"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" 112"\n"; 113#endif /* CONFIG_NO_STDOUT_DEBUG */ 114 115/* Configure default/group WEP keys for static WEP */ 116int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 117{ 118 int i, set = 0; 119 120 for (i = 0; i < NUM_WEP_KEYS; i++) { 121 if (ssid->wep_key_len[i] == 0) 122 continue; 123 124 set = 1; 125 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, 126 i, i == ssid->wep_tx_keyidx, NULL, 0, 127 ssid->wep_key[i], ssid->wep_key_len[i]); 128 } 129 130 return set; 131} 132 133 134int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, 135 struct wpa_ssid *ssid) 136{ 137 u8 key[32]; 138 size_t keylen; 139 enum wpa_alg alg; 140 u8 seq[6] = { 0 }; 141 int ret; 142 143 /* IBSS/WPA-None uses only one key (Group) for both receiving and 144 * sending unicast and multicast packets. */ 145 146 if (ssid->mode != WPAS_MODE_IBSS) { 147 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " 148 "IBSS/ad-hoc) for WPA-None", ssid->mode); 149 return -1; 150 } 151 152 if (!ssid->psk_set) { 153 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " 154 "WPA-None"); 155 return -1; 156 } 157 158 switch (wpa_s->group_cipher) { 159 case WPA_CIPHER_CCMP: 160 os_memcpy(key, ssid->psk, 16); 161 keylen = 16; 162 alg = WPA_ALG_CCMP; 163 break; 164 case WPA_CIPHER_GCMP: 165 os_memcpy(key, ssid->psk, 16); 166 keylen = 16; 167 alg = WPA_ALG_GCMP; 168 break; 169 case WPA_CIPHER_TKIP: 170 /* WPA-None uses the same Michael MIC key for both TX and RX */ 171 os_memcpy(key, ssid->psk, 16 + 8); 172 os_memcpy(key + 16 + 8, ssid->psk + 16, 8); 173 keylen = 32; 174 alg = WPA_ALG_TKIP; 175 break; 176 default: 177 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " 178 "WPA-None", wpa_s->group_cipher); 179 return -1; 180 } 181 182 /* TODO: should actually remember the previously used seq#, both for TX 183 * and RX from each STA.. */ 184 185 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); 186 os_memset(key, 0, sizeof(key)); 187 return ret; 188} 189 190 191static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) 192{ 193 struct wpa_supplicant *wpa_s = eloop_ctx; 194 const u8 *bssid = wpa_s->bssid; 195 if (is_zero_ether_addr(bssid)) 196 bssid = wpa_s->pending_bssid; 197 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", 198 MAC2STR(bssid)); 199 wpa_blacklist_add(wpa_s, bssid); 200 wpa_sm_notify_disassoc(wpa_s->wpa); 201 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 202 wpa_s->reassociate = 1; 203 204 /* 205 * If we timed out, the AP or the local radio may be busy. 206 * So, wait a second until scanning again. 207 */ 208 wpa_supplicant_req_scan(wpa_s, 1, 0); 209} 210 211 212/** 213 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication 214 * @wpa_s: Pointer to wpa_supplicant data 215 * @sec: Number of seconds after which to time out authentication 216 * @usec: Number of microseconds after which to time out authentication 217 * 218 * This function is used to schedule a timeout for the current authentication 219 * attempt. 220 */ 221void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, 222 int sec, int usec) 223{ 224 if (wpa_s->conf->ap_scan == 0 && 225 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) 226 return; 227 228 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " 229 "%d usec", sec, usec); 230 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 231 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); 232} 233 234 235/** 236 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout 237 * @wpa_s: Pointer to wpa_supplicant data 238 * 239 * This function is used to cancel authentication timeout scheduled with 240 * wpa_supplicant_req_auth_timeout() and it is called when authentication has 241 * been completed. 242 */ 243void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) 244{ 245 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); 246 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 247 wpa_blacklist_del(wpa_s, wpa_s->bssid); 248} 249 250 251/** 252 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine 253 * @wpa_s: Pointer to wpa_supplicant data 254 * 255 * This function is used to configure EAPOL state machine based on the selected 256 * authentication mode. 257 */ 258void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) 259{ 260#ifdef IEEE8021X_EAPOL 261 struct eapol_config eapol_conf; 262 struct wpa_ssid *ssid = wpa_s->current_ssid; 263 264#ifdef CONFIG_IBSS_RSN 265 if (ssid->mode == WPAS_MODE_IBSS && 266 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 267 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 268 /* 269 * RSN IBSS authentication is per-STA and we can disable the 270 * per-BSSID EAPOL authentication. 271 */ 272 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 273 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 274 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); 275 return; 276 } 277#endif /* CONFIG_IBSS_RSN */ 278 279 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 280 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); 281 282 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 283 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 284 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 285 else 286 eapol_sm_notify_portControl(wpa_s->eapol, Auto); 287 288 os_memset(&eapol_conf, 0, sizeof(eapol_conf)); 289 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 290 eapol_conf.accept_802_1x_keys = 1; 291 eapol_conf.required_keys = 0; 292 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { 293 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; 294 } 295 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { 296 eapol_conf.required_keys |= 297 EAPOL_REQUIRE_KEY_BROADCAST; 298 } 299 300 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) 301 eapol_conf.required_keys = 0; 302 } 303 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; 304 eapol_conf.workaround = ssid->eap_workaround; 305 eapol_conf.eap_disabled = 306 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && 307 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && 308 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; 309 eapol_conf.external_sim = wpa_s->conf->external_sim; 310 311#ifdef CONFIG_WPS 312 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 313 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE; 314 if (wpa_s->current_bss) { 315 struct wpabuf *ie; 316 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss, 317 WPS_IE_VENDOR_TYPE); 318 if (ie) { 319 if (wps_is_20(ie)) 320 eapol_conf.wps |= 321 EAPOL_PEER_IS_WPS20_AP; 322 wpabuf_free(ie); 323 } 324 } 325 } 326#endif /* CONFIG_WPS */ 327 328 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); 329 330 ieee802_1x_alloc_kay_sm(wpa_s, ssid); 331#endif /* IEEE8021X_EAPOL */ 332} 333 334 335/** 336 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode 337 * @wpa_s: Pointer to wpa_supplicant data 338 * @ssid: Configuration data for the network 339 * 340 * This function is used to configure WPA state machine and related parameters 341 * to a mode where WPA is not enabled. This is called as part of the 342 * authentication configuration when the selected network does not use WPA. 343 */ 344void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, 345 struct wpa_ssid *ssid) 346{ 347 int i; 348 349 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 350 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; 351 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) 352 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; 353 else 354 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 355 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 356 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 357 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 358 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 359 wpa_s->group_cipher = WPA_CIPHER_NONE; 360 wpa_s->mgmt_group_cipher = 0; 361 362 for (i = 0; i < NUM_WEP_KEYS; i++) { 363 if (ssid->wep_key_len[i] > 5) { 364 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; 365 wpa_s->group_cipher = WPA_CIPHER_WEP104; 366 break; 367 } else if (ssid->wep_key_len[i] > 0) { 368 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; 369 wpa_s->group_cipher = WPA_CIPHER_WEP40; 370 break; 371 } 372 } 373 374 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); 375 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 376 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 377 wpa_s->pairwise_cipher); 378 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 379#ifdef CONFIG_IEEE80211W 380 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 381 wpa_s->mgmt_group_cipher); 382#endif /* CONFIG_IEEE80211W */ 383 384 pmksa_cache_clear_current(wpa_s->wpa); 385} 386 387 388void free_hw_features(struct wpa_supplicant *wpa_s) 389{ 390 int i; 391 if (wpa_s->hw.modes == NULL) 392 return; 393 394 for (i = 0; i < wpa_s->hw.num_modes; i++) { 395 os_free(wpa_s->hw.modes[i].channels); 396 os_free(wpa_s->hw.modes[i].rates); 397 } 398 399 os_free(wpa_s->hw.modes); 400 wpa_s->hw.modes = NULL; 401} 402 403 404static void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s) 405{ 406 struct wpa_bss_tmp_disallowed *bss, *prev; 407 408 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed, 409 struct wpa_bss_tmp_disallowed, list) { 410 dl_list_del(&bss->list); 411 os_free(bss); 412 } 413} 414 415 416static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) 417{ 418 int i; 419 420 bgscan_deinit(wpa_s); 421 autoscan_deinit(wpa_s); 422 scard_deinit(wpa_s->scard); 423 wpa_s->scard = NULL; 424 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); 425 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); 426 l2_packet_deinit(wpa_s->l2); 427 wpa_s->l2 = NULL; 428 if (wpa_s->l2_br) { 429 l2_packet_deinit(wpa_s->l2_br); 430 wpa_s->l2_br = NULL; 431 } 432#ifdef CONFIG_TESTING_OPTIONS 433 l2_packet_deinit(wpa_s->l2_test); 434 wpa_s->l2_test = NULL; 435#endif /* CONFIG_TESTING_OPTIONS */ 436 437 if (wpa_s->conf != NULL) { 438 struct wpa_ssid *ssid; 439 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 440 wpas_notify_network_removed(wpa_s, ssid); 441 } 442 443 os_free(wpa_s->confname); 444 wpa_s->confname = NULL; 445 446 os_free(wpa_s->confanother); 447 wpa_s->confanother = NULL; 448 449 wpa_sm_set_eapol(wpa_s->wpa, NULL); 450 eapol_sm_deinit(wpa_s->eapol); 451 wpa_s->eapol = NULL; 452 453 rsn_preauth_deinit(wpa_s->wpa); 454 455#ifdef CONFIG_TDLS 456 wpa_tdls_deinit(wpa_s->wpa); 457#endif /* CONFIG_TDLS */ 458 459 wmm_ac_clear_saved_tspecs(wpa_s); 460 pmksa_candidate_free(wpa_s->wpa); 461 wpa_sm_deinit(wpa_s->wpa); 462 wpa_s->wpa = NULL; 463 wpa_blacklist_clear(wpa_s); 464 465 wpa_bss_deinit(wpa_s); 466 467 wpa_supplicant_cancel_delayed_sched_scan(wpa_s); 468 wpa_supplicant_cancel_scan(wpa_s); 469 wpa_supplicant_cancel_auth_timeout(wpa_s); 470 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); 471#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 472 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, 473 wpa_s, NULL); 474#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 475 476 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); 477 478 wpas_wps_deinit(wpa_s); 479 480 wpabuf_free(wpa_s->pending_eapol_rx); 481 wpa_s->pending_eapol_rx = NULL; 482 483#ifdef CONFIG_IBSS_RSN 484 ibss_rsn_deinit(wpa_s->ibss_rsn); 485 wpa_s->ibss_rsn = NULL; 486#endif /* CONFIG_IBSS_RSN */ 487 488 sme_deinit(wpa_s); 489 490#ifdef CONFIG_AP 491 wpa_supplicant_ap_deinit(wpa_s); 492#endif /* CONFIG_AP */ 493 494 wpas_p2p_deinit(wpa_s); 495 496#ifdef CONFIG_OFFCHANNEL 497 offchannel_deinit(wpa_s); 498#endif /* CONFIG_OFFCHANNEL */ 499 500 wpa_supplicant_cancel_sched_scan(wpa_s); 501 502 os_free(wpa_s->next_scan_freqs); 503 wpa_s->next_scan_freqs = NULL; 504 505 os_free(wpa_s->manual_scan_freqs); 506 wpa_s->manual_scan_freqs = NULL; 507 508 os_free(wpa_s->manual_sched_scan_freqs); 509 wpa_s->manual_sched_scan_freqs = NULL; 510 511 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL); 512 513 /* 514 * Need to remove any pending gas-query radio work before the 515 * gas_query_deinit() call because gas_query::work has not yet been set 516 * for works that have not been started. gas_query_free() will be unable 517 * to cancel such pending radio works and once the pending gas-query 518 * radio work eventually gets removed, the deinit notification call to 519 * gas_query_start_cb() would result in dereferencing freed memory. 520 */ 521 if (wpa_s->radio) 522 radio_remove_works(wpa_s, "gas-query", 0); 523 gas_query_deinit(wpa_s->gas); 524 wpa_s->gas = NULL; 525 526 free_hw_features(wpa_s); 527 528 ieee802_1x_dealloc_kay_sm(wpa_s); 529 530 os_free(wpa_s->bssid_filter); 531 wpa_s->bssid_filter = NULL; 532 533 os_free(wpa_s->disallow_aps_bssid); 534 wpa_s->disallow_aps_bssid = NULL; 535 os_free(wpa_s->disallow_aps_ssid); 536 wpa_s->disallow_aps_ssid = NULL; 537 538 wnm_bss_keep_alive_deinit(wpa_s); 539#ifdef CONFIG_WNM 540 wnm_deallocate_memory(wpa_s); 541#endif /* CONFIG_WNM */ 542 543 ext_password_deinit(wpa_s->ext_pw); 544 wpa_s->ext_pw = NULL; 545 546 wpabuf_free(wpa_s->last_gas_resp); 547 wpa_s->last_gas_resp = NULL; 548 wpabuf_free(wpa_s->prev_gas_resp); 549 wpa_s->prev_gas_resp = NULL; 550 551 os_free(wpa_s->last_scan_res); 552 wpa_s->last_scan_res = NULL; 553 554#ifdef CONFIG_HS20 555 hs20_deinit(wpa_s); 556#endif /* CONFIG_HS20 */ 557 558 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { 559 wpabuf_free(wpa_s->vendor_elem[i]); 560 wpa_s->vendor_elem[i] = NULL; 561 } 562 563 wmm_ac_notify_disassoc(wpa_s); 564 565 wpa_s->sched_scan_plans_num = 0; 566 os_free(wpa_s->sched_scan_plans); 567 wpa_s->sched_scan_plans = NULL; 568 569#ifdef CONFIG_MBO 570 wpa_s->non_pref_chan_num = 0; 571 os_free(wpa_s->non_pref_chan); 572 wpa_s->non_pref_chan = NULL; 573#endif /* CONFIG_MBO */ 574 575 free_bss_tmp_disallowed(wpa_s); 576} 577 578 579/** 580 * wpa_clear_keys - Clear keys configured for the driver 581 * @wpa_s: Pointer to wpa_supplicant data 582 * @addr: Previously used BSSID or %NULL if not available 583 * 584 * This function clears the encryption keys that has been previously configured 585 * for the driver. 586 */ 587void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) 588{ 589 int i, max; 590 591#ifdef CONFIG_IEEE80211W 592 max = 6; 593#else /* CONFIG_IEEE80211W */ 594 max = 4; 595#endif /* CONFIG_IEEE80211W */ 596 597 /* MLME-DELETEKEYS.request */ 598 for (i = 0; i < max; i++) { 599 if (wpa_s->keys_cleared & BIT(i)) 600 continue; 601 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0, 602 NULL, 0); 603 } 604 if (!(wpa_s->keys_cleared & BIT(0)) && addr && 605 !is_zero_ether_addr(addr)) { 606 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, 607 0); 608 /* MLME-SETPROTECTION.request(None) */ 609 wpa_drv_mlme_setprotection( 610 wpa_s, addr, 611 MLME_SETPROTECTION_PROTECT_TYPE_NONE, 612 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); 613 } 614 wpa_s->keys_cleared = (u32) -1; 615} 616 617 618/** 619 * wpa_supplicant_state_txt - Get the connection state name as a text string 620 * @state: State (wpa_state; WPA_*) 621 * Returns: The state name as a printable text string 622 */ 623const char * wpa_supplicant_state_txt(enum wpa_states state) 624{ 625 switch (state) { 626 case WPA_DISCONNECTED: 627 return "DISCONNECTED"; 628 case WPA_INACTIVE: 629 return "INACTIVE"; 630 case WPA_INTERFACE_DISABLED: 631 return "INTERFACE_DISABLED"; 632 case WPA_SCANNING: 633 return "SCANNING"; 634 case WPA_AUTHENTICATING: 635 return "AUTHENTICATING"; 636 case WPA_ASSOCIATING: 637 return "ASSOCIATING"; 638 case WPA_ASSOCIATED: 639 return "ASSOCIATED"; 640 case WPA_4WAY_HANDSHAKE: 641 return "4WAY_HANDSHAKE"; 642 case WPA_GROUP_HANDSHAKE: 643 return "GROUP_HANDSHAKE"; 644 case WPA_COMPLETED: 645 return "COMPLETED"; 646 default: 647 return "UNKNOWN"; 648 } 649} 650 651 652#ifdef CONFIG_BGSCAN 653 654static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s) 655{ 656 const char *name; 657 658 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) 659 name = wpa_s->current_ssid->bgscan; 660 else 661 name = wpa_s->conf->bgscan; 662 if (name == NULL || name[0] == '\0') 663 return; 664 if (wpas_driver_bss_selection(wpa_s)) 665 return; 666 if (wpa_s->current_ssid == wpa_s->bgscan_ssid) 667 return; 668#ifdef CONFIG_P2P 669 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE) 670 return; 671#endif /* CONFIG_P2P */ 672 673 bgscan_deinit(wpa_s); 674 if (wpa_s->current_ssid) { 675 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) { 676 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 677 "bgscan"); 678 /* 679 * Live without bgscan; it is only used as a roaming 680 * optimization, so the initial connection is not 681 * affected. 682 */ 683 } else { 684 struct wpa_scan_results *scan_res; 685 wpa_s->bgscan_ssid = wpa_s->current_ssid; 686 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 687 0); 688 if (scan_res) { 689 bgscan_notify_scan(wpa_s, scan_res); 690 wpa_scan_results_free(scan_res); 691 } 692 } 693 } else 694 wpa_s->bgscan_ssid = NULL; 695} 696 697 698static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) 699{ 700 if (wpa_s->bgscan_ssid != NULL) { 701 bgscan_deinit(wpa_s); 702 wpa_s->bgscan_ssid = NULL; 703 } 704} 705 706#endif /* CONFIG_BGSCAN */ 707 708 709static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s) 710{ 711 if (autoscan_init(wpa_s, 0)) 712 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan"); 713} 714 715 716static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s) 717{ 718 autoscan_deinit(wpa_s); 719} 720 721 722void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s) 723{ 724 if (wpa_s->wpa_state == WPA_DISCONNECTED || 725 wpa_s->wpa_state == WPA_SCANNING) { 726 autoscan_deinit(wpa_s); 727 wpa_supplicant_start_autoscan(wpa_s); 728 } 729} 730 731 732/** 733 * wpa_supplicant_set_state - Set current connection state 734 * @wpa_s: Pointer to wpa_supplicant data 735 * @state: The new connection state 736 * 737 * This function is called whenever the connection state changes, e.g., 738 * association is completed for WPA/WPA2 4-Way Handshake is started. 739 */ 740void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, 741 enum wpa_states state) 742{ 743 enum wpa_states old_state = wpa_s->wpa_state; 744 745 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", 746 wpa_supplicant_state_txt(wpa_s->wpa_state), 747 wpa_supplicant_state_txt(state)); 748 749 if (state == WPA_INTERFACE_DISABLED) { 750 /* Assure normal scan when interface is restored */ 751 wpa_s->normal_scans = 0; 752 } 753 754 if (state == WPA_COMPLETED) { 755 wpas_connect_work_done(wpa_s); 756 /* Reinitialize normal_scan counter */ 757 wpa_s->normal_scans = 0; 758 } 759 760#ifdef CONFIG_P2P 761 /* 762 * P2PS client has to reply to Probe Request frames received on the 763 * group operating channel. Enable Probe Request frame reporting for 764 * P2P connected client in case p2p_cli_probe configuration property is 765 * set to 1. 766 */ 767 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid && 768 wpa_s->current_ssid->mode == WPAS_MODE_INFRA && 769 wpa_s->current_ssid->p2p_group) { 770 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) { 771 wpa_dbg(wpa_s, MSG_DEBUG, 772 "P2P: Enable CLI Probe Request RX reporting"); 773 wpa_s->p2p_cli_probe = 774 wpa_drv_probe_req_report(wpa_s, 1) >= 0; 775 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) { 776 wpa_dbg(wpa_s, MSG_DEBUG, 777 "P2P: Disable CLI Probe Request RX reporting"); 778 wpa_s->p2p_cli_probe = 0; 779 wpa_drv_probe_req_report(wpa_s, 0); 780 } 781 } 782#endif /* CONFIG_P2P */ 783 784 if (state != WPA_SCANNING) 785 wpa_supplicant_notify_scanning(wpa_s, 0); 786 787 if (state == WPA_COMPLETED && wpa_s->new_connection) { 788 struct wpa_ssid *ssid = wpa_s->current_ssid; 789#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) 790 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " 791 MACSTR " completed [id=%d id_str=%s]", 792 MAC2STR(wpa_s->bssid), 793 ssid ? ssid->id : -1, 794 ssid && ssid->id_str ? ssid->id_str : ""); 795#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ 796 wpas_clear_temp_disabled(wpa_s, ssid, 1); 797 wpa_blacklist_clear(wpa_s); 798 wpa_s->extra_blacklist_count = 0; 799 wpa_s->new_connection = 0; 800 wpa_drv_set_operstate(wpa_s, 1); 801#ifndef IEEE8021X_EAPOL 802 wpa_drv_set_supp_port(wpa_s, 1); 803#endif /* IEEE8021X_EAPOL */ 804 wpa_s->after_wps = 0; 805 wpa_s->known_wps_freq = 0; 806 wpas_p2p_completed(wpa_s); 807 808 sme_sched_obss_scan(wpa_s, 1); 809 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || 810 state == WPA_ASSOCIATED) { 811 wpa_s->new_connection = 1; 812 wpa_drv_set_operstate(wpa_s, 0); 813#ifndef IEEE8021X_EAPOL 814 wpa_drv_set_supp_port(wpa_s, 0); 815#endif /* IEEE8021X_EAPOL */ 816 sme_sched_obss_scan(wpa_s, 0); 817 } 818 wpa_s->wpa_state = state; 819 820#ifdef CONFIG_BGSCAN 821 if (state == WPA_COMPLETED) 822 wpa_supplicant_start_bgscan(wpa_s); 823 else if (state < WPA_ASSOCIATED) 824 wpa_supplicant_stop_bgscan(wpa_s); 825#endif /* CONFIG_BGSCAN */ 826 827 if (state == WPA_AUTHENTICATING) 828 wpa_supplicant_stop_autoscan(wpa_s); 829 830 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE) 831 wpa_supplicant_start_autoscan(wpa_s); 832 833 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED) 834 wmm_ac_notify_disassoc(wpa_s); 835 836 if (wpa_s->wpa_state != old_state) { 837 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 838 839 /* 840 * Notify the P2P Device interface about a state change in one 841 * of the interfaces. 842 */ 843 wpas_p2p_indicate_state_change(wpa_s); 844 845 if (wpa_s->wpa_state == WPA_COMPLETED || 846 old_state == WPA_COMPLETED) 847 wpas_notify_auth_changed(wpa_s); 848 } 849} 850 851 852void wpa_supplicant_terminate_proc(struct wpa_global *global) 853{ 854 int pending = 0; 855#ifdef CONFIG_WPS 856 struct wpa_supplicant *wpa_s = global->ifaces; 857 while (wpa_s) { 858 struct wpa_supplicant *next = wpa_s->next; 859 if (wpas_wps_terminate_pending(wpa_s) == 1) 860 pending = 1; 861#ifdef CONFIG_P2P 862 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE || 863 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group)) 864 wpas_p2p_disconnect(wpa_s); 865#endif /* CONFIG_P2P */ 866 wpa_s = next; 867 } 868#endif /* CONFIG_WPS */ 869 if (pending) 870 return; 871 eloop_terminate(); 872} 873 874 875static void wpa_supplicant_terminate(int sig, void *signal_ctx) 876{ 877 struct wpa_global *global = signal_ctx; 878 wpa_supplicant_terminate_proc(global); 879} 880 881 882void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) 883{ 884 enum wpa_states old_state = wpa_s->wpa_state; 885 886 wpa_s->pairwise_cipher = 0; 887 wpa_s->group_cipher = 0; 888 wpa_s->mgmt_group_cipher = 0; 889 wpa_s->key_mgmt = 0; 890 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) 891 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 892 893 if (wpa_s->wpa_state != old_state) 894 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 895} 896 897 898/** 899 * wpa_supplicant_reload_configuration - Reload configuration data 900 * @wpa_s: Pointer to wpa_supplicant data 901 * Returns: 0 on success or -1 if configuration parsing failed 902 * 903 * This function can be used to request that the configuration data is reloaded 904 * (e.g., after configuration file change). This function is reloading 905 * configuration only for one interface, so this may need to be called multiple 906 * times if %wpa_supplicant is controlling multiple interfaces and all 907 * interfaces need reconfiguration. 908 */ 909int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) 910{ 911 struct wpa_config *conf; 912 int reconf_ctrl; 913 int old_ap_scan; 914 915 if (wpa_s->confname == NULL) 916 return -1; 917 conf = wpa_config_read(wpa_s->confname, NULL); 918 if (conf == NULL) { 919 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " 920 "file '%s' - exiting", wpa_s->confname); 921 return -1; 922 } 923 wpa_config_read(wpa_s->confanother, conf); 924 925 conf->changed_parameters = (unsigned int) -1; 926 927 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface 928 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && 929 os_strcmp(conf->ctrl_interface, 930 wpa_s->conf->ctrl_interface) != 0); 931 932 if (reconf_ctrl && wpa_s->ctrl_iface) { 933 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); 934 wpa_s->ctrl_iface = NULL; 935 } 936 937 eapol_sm_invalidate_cached_session(wpa_s->eapol); 938 if (wpa_s->current_ssid) { 939 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 940 wpa_s->own_disconnect_req = 1; 941 wpa_supplicant_deauthenticate(wpa_s, 942 WLAN_REASON_DEAUTH_LEAVING); 943 } 944 945 /* 946 * TODO: should notify EAPOL SM about changes in opensc_engine_path, 947 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers. 948 */ 949 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 950 /* 951 * Clear forced success to clear EAP state for next 952 * authentication. 953 */ 954 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 955 } 956 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 957 wpa_sm_set_config(wpa_s->wpa, NULL); 958 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); 959 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 960 rsn_preauth_deinit(wpa_s->wpa); 961 962 old_ap_scan = wpa_s->conf->ap_scan; 963 wpa_config_free(wpa_s->conf); 964 wpa_s->conf = conf; 965 if (old_ap_scan != wpa_s->conf->ap_scan) 966 wpas_notify_ap_scan_changed(wpa_s); 967 968 if (reconf_ctrl) 969 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 970 971 wpa_supplicant_update_config(wpa_s); 972 973 wpa_supplicant_clear_status(wpa_s); 974 if (wpa_supplicant_enabled_networks(wpa_s)) { 975 wpa_s->reassociate = 1; 976 wpa_supplicant_req_scan(wpa_s, 0, 0); 977 } 978 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); 979 return 0; 980} 981 982 983static void wpa_supplicant_reconfig(int sig, void *signal_ctx) 984{ 985 struct wpa_global *global = signal_ctx; 986 struct wpa_supplicant *wpa_s; 987 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 988 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", 989 sig); 990 if (wpa_supplicant_reload_configuration(wpa_s) < 0) { 991 wpa_supplicant_terminate_proc(global); 992 } 993 } 994 995 if (wpa_debug_reopen_file() < 0) { 996 /* Ignore errors since we cannot really do much to fix this */ 997 wpa_printf(MSG_DEBUG, "Could not reopen debug log file"); 998 } 999} 1000 1001 1002static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, 1003 struct wpa_ssid *ssid, 1004 struct wpa_ie_data *ie) 1005{ 1006 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); 1007 if (ret) { 1008 if (ret == -2) { 1009 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " 1010 "from association info"); 1011 } 1012 return -1; 1013 } 1014 1015 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " 1016 "cipher suites"); 1017 if (!(ie->group_cipher & ssid->group_cipher)) { 1018 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " 1019 "cipher 0x%x (mask 0x%x) - reject", 1020 ie->group_cipher, ssid->group_cipher); 1021 return -1; 1022 } 1023 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { 1024 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " 1025 "cipher 0x%x (mask 0x%x) - reject", 1026 ie->pairwise_cipher, ssid->pairwise_cipher); 1027 return -1; 1028 } 1029 if (!(ie->key_mgmt & ssid->key_mgmt)) { 1030 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " 1031 "management 0x%x (mask 0x%x) - reject", 1032 ie->key_mgmt, ssid->key_mgmt); 1033 return -1; 1034 } 1035 1036#ifdef CONFIG_IEEE80211W 1037 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && 1038 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { 1039 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " 1040 "that does not support management frame protection - " 1041 "reject"); 1042 return -1; 1043 } 1044#endif /* CONFIG_IEEE80211W */ 1045 1046 return 0; 1047} 1048 1049 1050/** 1051 * wpa_supplicant_set_suites - Set authentication and encryption parameters 1052 * @wpa_s: Pointer to wpa_supplicant data 1053 * @bss: Scan results for the selected BSS, or %NULL if not available 1054 * @ssid: Configuration data for the selected network 1055 * @wpa_ie: Buffer for the WPA/RSN IE 1056 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the 1057 * used buffer length in case the functions returns success. 1058 * Returns: 0 on success or -1 on failure 1059 * 1060 * This function is used to configure authentication and encryption parameters 1061 * based on the network configuration and scan result for the selected BSS (if 1062 * available). 1063 */ 1064int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, 1065 struct wpa_bss *bss, struct wpa_ssid *ssid, 1066 u8 *wpa_ie, size_t *wpa_ie_len) 1067{ 1068 struct wpa_ie_data ie; 1069 int sel, proto; 1070 const u8 *bss_wpa, *bss_rsn, *bss_osen; 1071 1072 if (bss) { 1073 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 1074 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 1075 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE); 1076 } else 1077 bss_wpa = bss_rsn = bss_osen = NULL; 1078 1079 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && 1080 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && 1081 (ie.group_cipher & ssid->group_cipher) && 1082 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1083 (ie.key_mgmt & ssid->key_mgmt)) { 1084 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); 1085 proto = WPA_PROTO_RSN; 1086 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && 1087 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 && 1088 (ie.group_cipher & ssid->group_cipher) && 1089 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1090 (ie.key_mgmt & ssid->key_mgmt)) { 1091 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); 1092 proto = WPA_PROTO_WPA; 1093#ifdef CONFIG_HS20 1094 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) { 1095 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN"); 1096 /* TODO: parse OSEN element */ 1097 os_memset(&ie, 0, sizeof(ie)); 1098 ie.group_cipher = WPA_CIPHER_CCMP; 1099 ie.pairwise_cipher = WPA_CIPHER_CCMP; 1100 ie.key_mgmt = WPA_KEY_MGMT_OSEN; 1101 proto = WPA_PROTO_OSEN; 1102#endif /* CONFIG_HS20 */ 1103 } else if (bss) { 1104 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); 1105 wpa_dbg(wpa_s, MSG_DEBUG, 1106 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1107 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher, 1108 ssid->key_mgmt); 1109 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s", 1110 MAC2STR(bss->bssid), 1111 wpa_ssid_txt(bss->ssid, bss->ssid_len), 1112 bss_wpa ? " WPA" : "", 1113 bss_rsn ? " RSN" : "", 1114 bss_osen ? " OSEN" : ""); 1115 if (bss_rsn) { 1116 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]); 1117 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) { 1118 wpa_dbg(wpa_s, MSG_DEBUG, 1119 "Could not parse RSN element"); 1120 } else { 1121 wpa_dbg(wpa_s, MSG_DEBUG, 1122 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1123 ie.pairwise_cipher, ie.group_cipher, 1124 ie.key_mgmt); 1125 } 1126 } 1127 if (bss_wpa) { 1128 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]); 1129 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) { 1130 wpa_dbg(wpa_s, MSG_DEBUG, 1131 "Could not parse WPA element"); 1132 } else { 1133 wpa_dbg(wpa_s, MSG_DEBUG, 1134 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1135 ie.pairwise_cipher, ie.group_cipher, 1136 ie.key_mgmt); 1137 } 1138 } 1139 return -1; 1140 } else { 1141 if (ssid->proto & WPA_PROTO_OSEN) 1142 proto = WPA_PROTO_OSEN; 1143 else if (ssid->proto & WPA_PROTO_RSN) 1144 proto = WPA_PROTO_RSN; 1145 else 1146 proto = WPA_PROTO_WPA; 1147 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { 1148 os_memset(&ie, 0, sizeof(ie)); 1149 ie.group_cipher = ssid->group_cipher; 1150 ie.pairwise_cipher = ssid->pairwise_cipher; 1151 ie.key_mgmt = ssid->key_mgmt; 1152#ifdef CONFIG_IEEE80211W 1153 ie.mgmt_group_cipher = 1154 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ? 1155 WPA_CIPHER_AES_128_CMAC : 0; 1156#endif /* CONFIG_IEEE80211W */ 1157 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " 1158 "based on configuration"); 1159 } else 1160 proto = ie.proto; 1161 } 1162 1163 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " 1164 "pairwise %d key_mgmt %d proto %d", 1165 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); 1166#ifdef CONFIG_IEEE80211W 1167 if (ssid->ieee80211w) { 1168 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", 1169 ie.mgmt_group_cipher); 1170 } 1171#endif /* CONFIG_IEEE80211W */ 1172 1173 wpa_s->wpa_proto = proto; 1174 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); 1175 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 1176 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN))); 1177 1178 if (bss || !wpa_s->ap_ies_from_associnfo) { 1179 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, 1180 bss_wpa ? 2 + bss_wpa[1] : 0) || 1181 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, 1182 bss_rsn ? 2 + bss_rsn[1] : 0)) 1183 return -1; 1184 } 1185 1186#ifdef CONFIG_NO_WPA 1187 wpa_s->group_cipher = WPA_CIPHER_NONE; 1188 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 1189#else /* CONFIG_NO_WPA */ 1190 sel = ie.group_cipher & ssid->group_cipher; 1191 wpa_s->group_cipher = wpa_pick_group_cipher(sel); 1192 if (wpa_s->group_cipher < 0) { 1193 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " 1194 "cipher"); 1195 return -1; 1196 } 1197 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s", 1198 wpa_cipher_txt(wpa_s->group_cipher)); 1199 1200 sel = ie.pairwise_cipher & ssid->pairwise_cipher; 1201 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1); 1202 if (wpa_s->pairwise_cipher < 0) { 1203 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " 1204 "cipher"); 1205 return -1; 1206 } 1207 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s", 1208 wpa_cipher_txt(wpa_s->pairwise_cipher)); 1209#endif /* CONFIG_NO_WPA */ 1210 1211 sel = ie.key_mgmt & ssid->key_mgmt; 1212#ifdef CONFIG_SAE 1213 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) 1214 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE); 1215#endif /* CONFIG_SAE */ 1216 if (0) { 1217#ifdef CONFIG_SUITEB192 1218 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { 1219 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; 1220 wpa_dbg(wpa_s, MSG_DEBUG, 1221 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)"); 1222#endif /* CONFIG_SUITEB192 */ 1223#ifdef CONFIG_SUITEB 1224 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { 1225 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B; 1226 wpa_dbg(wpa_s, MSG_DEBUG, 1227 "WPA: using KEY_MGMT 802.1X with Suite B"); 1228#endif /* CONFIG_SUITEB */ 1229#ifdef CONFIG_IEEE80211R 1230 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) { 1231 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; 1232 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); 1233 } else if (sel & WPA_KEY_MGMT_FT_PSK) { 1234 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; 1235 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); 1236#endif /* CONFIG_IEEE80211R */ 1237#ifdef CONFIG_SAE 1238 } else if (sel & WPA_KEY_MGMT_SAE) { 1239 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; 1240 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE"); 1241 } else if (sel & WPA_KEY_MGMT_FT_SAE) { 1242 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE; 1243 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE"); 1244#endif /* CONFIG_SAE */ 1245#ifdef CONFIG_IEEE80211W 1246 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { 1247 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; 1248 wpa_dbg(wpa_s, MSG_DEBUG, 1249 "WPA: using KEY_MGMT 802.1X with SHA256"); 1250 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { 1251 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; 1252 wpa_dbg(wpa_s, MSG_DEBUG, 1253 "WPA: using KEY_MGMT PSK with SHA256"); 1254#endif /* CONFIG_IEEE80211W */ 1255 } else if (sel & WPA_KEY_MGMT_IEEE8021X) { 1256 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; 1257 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); 1258 } else if (sel & WPA_KEY_MGMT_PSK) { 1259 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 1260 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); 1261 } else if (sel & WPA_KEY_MGMT_WPA_NONE) { 1262 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; 1263 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); 1264#ifdef CONFIG_HS20 1265 } else if (sel & WPA_KEY_MGMT_OSEN) { 1266 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN; 1267 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN"); 1268#endif /* CONFIG_HS20 */ 1269 } else { 1270 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " 1271 "authenticated key management type"); 1272 return -1; 1273 } 1274 1275 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 1276 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 1277 wpa_s->pairwise_cipher); 1278 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 1279 1280#ifdef CONFIG_IEEE80211W 1281 sel = ie.mgmt_group_cipher; 1282 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION || 1283 !(ie.capabilities & WPA_CAPABILITY_MFPC)) 1284 sel = 0; 1285 if (sel & WPA_CIPHER_AES_128_CMAC) { 1286 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; 1287 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1288 "AES-128-CMAC"); 1289 } else if (sel & WPA_CIPHER_BIP_GMAC_128) { 1290 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128; 1291 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1292 "BIP-GMAC-128"); 1293 } else if (sel & WPA_CIPHER_BIP_GMAC_256) { 1294 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256; 1295 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1296 "BIP-GMAC-256"); 1297 } else if (sel & WPA_CIPHER_BIP_CMAC_256) { 1298 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256; 1299 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1300 "BIP-CMAC-256"); 1301 } else { 1302 wpa_s->mgmt_group_cipher = 0; 1303 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); 1304 } 1305 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 1306 wpa_s->mgmt_group_cipher); 1307 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, 1308 wpas_get_ssid_pmf(wpa_s, ssid)); 1309#endif /* CONFIG_IEEE80211W */ 1310 1311 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { 1312 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE"); 1313 return -1; 1314 } 1315 1316 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { 1317 int psk_set = 0; 1318 1319 if (ssid->psk_set) { 1320 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL, 1321 NULL); 1322 psk_set = 1; 1323 } 1324#ifndef CONFIG_NO_PBKDF2 1325 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && 1326 ssid->passphrase) { 1327 u8 psk[PMK_LEN]; 1328 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, 1329 4096, psk, PMK_LEN); 1330 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", 1331 psk, PMK_LEN); 1332 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL); 1333 psk_set = 1; 1334 os_memset(psk, 0, sizeof(psk)); 1335 } 1336#endif /* CONFIG_NO_PBKDF2 */ 1337#ifdef CONFIG_EXT_PASSWORD 1338 if (ssid->ext_psk) { 1339 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, 1340 ssid->ext_psk); 1341 char pw_str[64 + 1]; 1342 u8 psk[PMK_LEN]; 1343 1344 if (pw == NULL) { 1345 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK " 1346 "found from external storage"); 1347 return -1; 1348 } 1349 1350 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) { 1351 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected " 1352 "PSK length %d in external storage", 1353 (int) wpabuf_len(pw)); 1354 ext_password_free(pw); 1355 return -1; 1356 } 1357 1358 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw)); 1359 pw_str[wpabuf_len(pw)] = '\0'; 1360 1361#ifndef CONFIG_NO_PBKDF2 1362 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss) 1363 { 1364 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len, 1365 4096, psk, PMK_LEN); 1366 os_memset(pw_str, 0, sizeof(pw_str)); 1367 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from " 1368 "external passphrase)", 1369 psk, PMK_LEN); 1370 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, 1371 NULL); 1372 psk_set = 1; 1373 os_memset(psk, 0, sizeof(psk)); 1374 } else 1375#endif /* CONFIG_NO_PBKDF2 */ 1376 if (wpabuf_len(pw) == 2 * PMK_LEN) { 1377 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) { 1378 wpa_msg(wpa_s, MSG_INFO, "EXT PW: " 1379 "Invalid PSK hex string"); 1380 os_memset(pw_str, 0, sizeof(pw_str)); 1381 ext_password_free(pw); 1382 return -1; 1383 } 1384 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, 1385 NULL); 1386 psk_set = 1; 1387 os_memset(psk, 0, sizeof(psk)); 1388 } else { 1389 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable " 1390 "PSK available"); 1391 os_memset(pw_str, 0, sizeof(pw_str)); 1392 ext_password_free(pw); 1393 return -1; 1394 } 1395 1396 os_memset(pw_str, 0, sizeof(pw_str)); 1397 ext_password_free(pw); 1398 } 1399#endif /* CONFIG_EXT_PASSWORD */ 1400 1401 if (!psk_set) { 1402 wpa_msg(wpa_s, MSG_INFO, 1403 "No PSK available for association"); 1404 return -1; 1405 } 1406 } else 1407 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 1408 1409 return 0; 1410} 1411 1412 1413static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) 1414{ 1415 *pos = 0x00; 1416 1417 switch (idx) { 1418 case 0: /* Bits 0-7 */ 1419 break; 1420 case 1: /* Bits 8-15 */ 1421 break; 1422 case 2: /* Bits 16-23 */ 1423#ifdef CONFIG_WNM 1424 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */ 1425 *pos |= 0x08; /* Bit 19 - BSS Transition */ 1426#endif /* CONFIG_WNM */ 1427 break; 1428 case 3: /* Bits 24-31 */ 1429#ifdef CONFIG_WNM 1430 *pos |= 0x02; /* Bit 25 - SSID List */ 1431#endif /* CONFIG_WNM */ 1432#ifdef CONFIG_INTERWORKING 1433 if (wpa_s->conf->interworking) 1434 *pos |= 0x80; /* Bit 31 - Interworking */ 1435#endif /* CONFIG_INTERWORKING */ 1436 break; 1437 case 4: /* Bits 32-39 */ 1438#ifdef CONFIG_INTERWORKING 1439 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING) 1440 *pos |= 0x01; /* Bit 32 - QoS Map */ 1441#endif /* CONFIG_INTERWORKING */ 1442 break; 1443 case 5: /* Bits 40-47 */ 1444#ifdef CONFIG_HS20 1445 if (wpa_s->conf->hs20) 1446 *pos |= 0x40; /* Bit 46 - WNM-Notification */ 1447#endif /* CONFIG_HS20 */ 1448#ifdef CONFIG_MBO 1449 *pos |= 0x40; /* Bit 46 - WNM-Notification */ 1450#endif /* CONFIG_MBO */ 1451 break; 1452 case 6: /* Bits 48-55 */ 1453 break; 1454 } 1455} 1456 1457 1458int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen) 1459{ 1460 u8 *pos = buf; 1461 u8 len = 6, i; 1462 1463 if (len < wpa_s->extended_capa_len) 1464 len = wpa_s->extended_capa_len; 1465 if (buflen < (size_t) len + 2) { 1466 wpa_printf(MSG_INFO, 1467 "Not enough room for building extended capabilities element"); 1468 return -1; 1469 } 1470 1471 *pos++ = WLAN_EID_EXT_CAPAB; 1472 *pos++ = len; 1473 for (i = 0; i < len; i++, pos++) { 1474 wpas_ext_capab_byte(wpa_s, pos, i); 1475 1476 if (i < wpa_s->extended_capa_len) { 1477 *pos &= ~wpa_s->extended_capa_mask[i]; 1478 *pos |= wpa_s->extended_capa[i]; 1479 } 1480 } 1481 1482 while (len > 0 && buf[1 + len] == 0) { 1483 len--; 1484 buf[1] = len; 1485 } 1486 if (len == 0) 1487 return 0; 1488 1489 return 2 + len; 1490} 1491 1492 1493static int wpas_valid_bss(struct wpa_supplicant *wpa_s, 1494 struct wpa_bss *test_bss) 1495{ 1496 struct wpa_bss *bss; 1497 1498 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 1499 if (bss == test_bss) 1500 return 1; 1501 } 1502 1503 return 0; 1504} 1505 1506 1507static int wpas_valid_ssid(struct wpa_supplicant *wpa_s, 1508 struct wpa_ssid *test_ssid) 1509{ 1510 struct wpa_ssid *ssid; 1511 1512 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { 1513 if (ssid == test_ssid) 1514 return 1; 1515 } 1516 1517 return 0; 1518} 1519 1520 1521int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss, 1522 struct wpa_ssid *test_ssid) 1523{ 1524 if (test_bss && !wpas_valid_bss(wpa_s, test_bss)) 1525 return 0; 1526 1527 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid); 1528} 1529 1530 1531void wpas_connect_work_free(struct wpa_connect_work *cwork) 1532{ 1533 if (cwork == NULL) 1534 return; 1535 os_free(cwork); 1536} 1537 1538 1539void wpas_connect_work_done(struct wpa_supplicant *wpa_s) 1540{ 1541 struct wpa_connect_work *cwork; 1542 struct wpa_radio_work *work = wpa_s->connect_work; 1543 1544 if (!work) 1545 return; 1546 1547 wpa_s->connect_work = NULL; 1548 cwork = work->ctx; 1549 work->ctx = NULL; 1550 wpas_connect_work_free(cwork); 1551 radio_work_done(work); 1552} 1553 1554 1555int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style) 1556{ 1557 struct os_reltime now; 1558 u8 addr[ETH_ALEN]; 1559 1560 os_get_reltime(&now); 1561 if (wpa_s->last_mac_addr_style == style && 1562 wpa_s->last_mac_addr_change.sec != 0 && 1563 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change, 1564 wpa_s->conf->rand_addr_lifetime)) { 1565 wpa_msg(wpa_s, MSG_DEBUG, 1566 "Previously selected random MAC address has not yet expired"); 1567 return 0; 1568 } 1569 1570 switch (style) { 1571 case 1: 1572 if (random_mac_addr(addr) < 0) 1573 return -1; 1574 break; 1575 case 2: 1576 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN); 1577 if (random_mac_addr_keep_oui(addr) < 0) 1578 return -1; 1579 break; 1580 default: 1581 return -1; 1582 } 1583 1584 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) { 1585 wpa_msg(wpa_s, MSG_INFO, 1586 "Failed to set random MAC address"); 1587 return -1; 1588 } 1589 1590 os_get_reltime(&wpa_s->last_mac_addr_change); 1591 wpa_s->mac_addr_changed = 1; 1592 wpa_s->last_mac_addr_style = style; 1593 1594 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { 1595 wpa_msg(wpa_s, MSG_INFO, 1596 "Could not update MAC address information"); 1597 return -1; 1598 } 1599 1600 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR, 1601 MAC2STR(addr)); 1602 1603 return 0; 1604} 1605 1606 1607int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s) 1608{ 1609 if (wpa_s->wpa_state >= WPA_AUTHENTICATING || 1610 !wpa_s->conf->preassoc_mac_addr) 1611 return 0; 1612 1613 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr); 1614} 1615 1616 1617static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit); 1618 1619/** 1620 * wpa_supplicant_associate - Request association 1621 * @wpa_s: Pointer to wpa_supplicant data 1622 * @bss: Scan results for the selected BSS, or %NULL if not available 1623 * @ssid: Configuration data for the selected network 1624 * 1625 * This function is used to request %wpa_supplicant to associate with a BSS. 1626 */ 1627void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, 1628 struct wpa_bss *bss, struct wpa_ssid *ssid) 1629{ 1630 struct wpa_connect_work *cwork; 1631 int rand_style; 1632 1633 wpa_s->own_disconnect_req = 0; 1634 1635 /* 1636 * If we are starting a new connection, any previously pending EAPOL 1637 * RX cannot be valid anymore. 1638 */ 1639 wpabuf_free(wpa_s->pending_eapol_rx); 1640 wpa_s->pending_eapol_rx = NULL; 1641 1642 if (ssid->mac_addr == -1) 1643 rand_style = wpa_s->conf->mac_addr; 1644 else 1645 rand_style = ssid->mac_addr; 1646 1647 wmm_ac_clear_saved_tspecs(wpa_s); 1648 wpa_s->reassoc_same_bss = 0; 1649 wpa_s->reassoc_same_ess = 0; 1650 1651 if (wpa_s->last_ssid == ssid) { 1652 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS"); 1653 wpa_s->reassoc_same_ess = 1; 1654 if (wpa_s->current_bss && wpa_s->current_bss == bss) { 1655 wmm_ac_save_tspecs(wpa_s); 1656 wpa_s->reassoc_same_bss = 1; 1657 } 1658 } else if (rand_style > 0) { 1659 if (wpas_update_random_addr(wpa_s, rand_style) < 0) 1660 return; 1661 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); 1662 } else if (wpa_s->mac_addr_changed) { 1663 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) { 1664 wpa_msg(wpa_s, MSG_INFO, 1665 "Could not restore permanent MAC address"); 1666 return; 1667 } 1668 wpa_s->mac_addr_changed = 0; 1669 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { 1670 wpa_msg(wpa_s, MSG_INFO, 1671 "Could not update MAC address information"); 1672 return; 1673 } 1674 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address"); 1675 } 1676 wpa_s->last_ssid = ssid; 1677 1678#ifdef CONFIG_IBSS_RSN 1679 ibss_rsn_deinit(wpa_s->ibss_rsn); 1680 wpa_s->ibss_rsn = NULL; 1681#endif /* CONFIG_IBSS_RSN */ 1682 1683 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || 1684 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 1685#ifdef CONFIG_AP 1686 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { 1687 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " 1688 "mode"); 1689 return; 1690 } 1691 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) { 1692 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 1693 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 1694 wpas_p2p_ap_setup_failed(wpa_s); 1695 return; 1696 } 1697 wpa_s->current_bss = bss; 1698#else /* CONFIG_AP */ 1699 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " 1700 "the build"); 1701#endif /* CONFIG_AP */ 1702 return; 1703 } 1704 1705 if (ssid->mode == WPAS_MODE_MESH) { 1706#ifdef CONFIG_MESH 1707 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) { 1708 wpa_msg(wpa_s, MSG_INFO, 1709 "Driver does not support mesh mode"); 1710 return; 1711 } 1712 if (bss) 1713 ssid->frequency = bss->freq; 1714 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) { 1715 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh"); 1716 return; 1717 } 1718 wpa_s->current_bss = bss; 1719 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d", 1720 wpa_ssid_txt(ssid->ssid, ssid->ssid_len), 1721 ssid->id); 1722#else /* CONFIG_MESH */ 1723 wpa_msg(wpa_s, MSG_ERROR, 1724 "mesh mode support not included in the build"); 1725#endif /* CONFIG_MESH */ 1726 return; 1727 } 1728 1729#ifdef CONFIG_TDLS 1730 if (bss) 1731 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1), 1732 bss->ie_len); 1733#endif /* CONFIG_TDLS */ 1734 1735 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 1736 ssid->mode == IEEE80211_MODE_INFRA) { 1737 sme_authenticate(wpa_s, bss, ssid); 1738 return; 1739 } 1740 1741 if (wpa_s->connect_work) { 1742 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist"); 1743 return; 1744 } 1745 1746 if (radio_work_pending(wpa_s, "connect")) { 1747 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist"); 1748 return; 1749 } 1750 1751 wpas_abort_ongoing_scan(wpa_s); 1752 1753 cwork = os_zalloc(sizeof(*cwork)); 1754 if (cwork == NULL) 1755 return; 1756 1757 cwork->bss = bss; 1758 cwork->ssid = ssid; 1759 1760 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1, 1761 wpas_start_assoc_cb, cwork) < 0) { 1762 os_free(cwork); 1763 } 1764} 1765 1766 1767static int bss_is_ibss(struct wpa_bss *bss) 1768{ 1769 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) == 1770 IEEE80211_CAP_IBSS; 1771} 1772 1773 1774static int drv_supports_vht(struct wpa_supplicant *wpa_s, 1775 const struct wpa_ssid *ssid) 1776{ 1777 enum hostapd_hw_mode hw_mode; 1778 struct hostapd_hw_modes *mode = NULL; 1779 u8 channel; 1780 int i; 1781 1782#ifdef CONFIG_HT_OVERRIDES 1783 if (ssid->disable_ht) 1784 return 0; 1785#endif /* CONFIG_HT_OVERRIDES */ 1786 1787 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel); 1788 if (hw_mode == NUM_HOSTAPD_MODES) 1789 return 0; 1790 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { 1791 if (wpa_s->hw.modes[i].mode == hw_mode) { 1792 mode = &wpa_s->hw.modes[i]; 1793 break; 1794 } 1795 } 1796 1797 if (!mode) 1798 return 0; 1799 1800 return mode->vht_capab != 0; 1801} 1802 1803 1804void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s, 1805 const struct wpa_ssid *ssid, 1806 struct hostapd_freq_params *freq) 1807{ 1808 enum hostapd_hw_mode hw_mode; 1809 struct hostapd_hw_modes *mode = NULL; 1810 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 1811 184, 192 }; 1812 int vht80[] = { 36, 52, 100, 116, 132, 149 }; 1813 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; 1814 u8 channel; 1815 int i, chan_idx, ht40 = -1, res, obss_scan = 1; 1816 unsigned int j, k; 1817 struct hostapd_freq_params vht_freq; 1818 int chwidth, seg0, seg1; 1819 u32 vht_caps = 0; 1820 1821 freq->freq = ssid->frequency; 1822 1823 for (j = 0; j < wpa_s->last_scan_res_used; j++) { 1824 struct wpa_bss *bss = wpa_s->last_scan_res[j]; 1825 1826 if (ssid->mode != WPAS_MODE_IBSS) 1827 break; 1828 1829 /* Don't adjust control freq in case of fixed_freq */ 1830 if (ssid->fixed_freq) 1831 break; 1832 1833 if (!bss_is_ibss(bss)) 1834 continue; 1835 1836 if (ssid->ssid_len == bss->ssid_len && 1837 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) { 1838 wpa_printf(MSG_DEBUG, 1839 "IBSS already found in scan results, adjust control freq: %d", 1840 bss->freq); 1841 freq->freq = bss->freq; 1842 obss_scan = 0; 1843 break; 1844 } 1845 } 1846 1847 /* For IBSS check HT_IBSS flag */ 1848 if (ssid->mode == WPAS_MODE_IBSS && 1849 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS)) 1850 return; 1851 1852 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 || 1853 wpa_s->group_cipher == WPA_CIPHER_WEP104 || 1854 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) { 1855 wpa_printf(MSG_DEBUG, 1856 "IBSS: WEP/TKIP detected, do not try to enable HT"); 1857 return; 1858 } 1859 1860 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); 1861 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { 1862 if (wpa_s->hw.modes[i].mode == hw_mode) { 1863 mode = &wpa_s->hw.modes[i]; 1864 break; 1865 } 1866 } 1867 1868 if (!mode) 1869 return; 1870 1871 freq->ht_enabled = ht_supported(mode); 1872 if (!freq->ht_enabled) 1873 return; 1874 1875 /* Setup higher BW only for 5 GHz */ 1876 if (mode->mode != HOSTAPD_MODE_IEEE80211A) 1877 return; 1878 1879 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) { 1880 pri_chan = &mode->channels[chan_idx]; 1881 if (pri_chan->chan == channel) 1882 break; 1883 pri_chan = NULL; 1884 } 1885 if (!pri_chan) 1886 return; 1887 1888 /* Check primary channel flags */ 1889 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 1890 return; 1891 1892 /* Check/setup HT40+/HT40- */ 1893 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) { 1894 if (ht40plus[j] == channel) { 1895 ht40 = 1; 1896 break; 1897 } 1898 } 1899 1900 /* Find secondary channel */ 1901 for (i = 0; i < mode->num_channels; i++) { 1902 sec_chan = &mode->channels[i]; 1903 if (sec_chan->chan == channel + ht40 * 4) 1904 break; 1905 sec_chan = NULL; 1906 } 1907 if (!sec_chan) 1908 return; 1909 1910 /* Check secondary channel flags */ 1911 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 1912 return; 1913 1914 freq->channel = pri_chan->chan; 1915 1916 switch (ht40) { 1917 case -1: 1918 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) 1919 return; 1920 freq->sec_channel_offset = -1; 1921 break; 1922 case 1: 1923 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS)) 1924 return; 1925 freq->sec_channel_offset = 1; 1926 break; 1927 default: 1928 break; 1929 } 1930 1931 if (freq->sec_channel_offset && obss_scan) { 1932 struct wpa_scan_results *scan_res; 1933 1934 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0); 1935 if (scan_res == NULL) { 1936 /* Back to HT20 */ 1937 freq->sec_channel_offset = 0; 1938 return; 1939 } 1940 1941 res = check_40mhz_5g(mode, scan_res, pri_chan->chan, 1942 sec_chan->chan); 1943 switch (res) { 1944 case 0: 1945 /* Back to HT20 */ 1946 freq->sec_channel_offset = 0; 1947 break; 1948 case 1: 1949 /* Configuration allowed */ 1950 break; 1951 case 2: 1952 /* Switch pri/sec channels */ 1953 freq->freq = hw_get_freq(mode, sec_chan->chan); 1954 freq->sec_channel_offset = -freq->sec_channel_offset; 1955 freq->channel = sec_chan->chan; 1956 break; 1957 default: 1958 freq->sec_channel_offset = 0; 1959 break; 1960 } 1961 1962 wpa_scan_results_free(scan_res); 1963 } 1964 1965 wpa_printf(MSG_DEBUG, 1966 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d", 1967 freq->channel, freq->sec_channel_offset); 1968 1969 if (!drv_supports_vht(wpa_s, ssid)) 1970 return; 1971 1972 /* For IBSS check VHT_IBSS flag */ 1973 if (ssid->mode == WPAS_MODE_IBSS && 1974 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS)) 1975 return; 1976 1977 vht_freq = *freq; 1978 1979 vht_freq.vht_enabled = vht_supported(mode); 1980 if (!vht_freq.vht_enabled) 1981 return; 1982 1983 /* setup center_freq1, bandwidth */ 1984 for (j = 0; j < ARRAY_SIZE(vht80); j++) { 1985 if (freq->channel >= vht80[j] && 1986 freq->channel < vht80[j] + 16) 1987 break; 1988 } 1989 1990 if (j == ARRAY_SIZE(vht80)) 1991 return; 1992 1993 for (i = vht80[j]; i < vht80[j] + 16; i += 4) { 1994 struct hostapd_channel_data *chan; 1995 1996 chan = hw_get_channel_chan(mode, i, NULL); 1997 if (!chan) 1998 return; 1999 2000 /* Back to HT configuration if channel not usable */ 2001 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 2002 return; 2003 } 2004 2005 chwidth = VHT_CHANWIDTH_80MHZ; 2006 seg0 = vht80[j] + 6; 2007 seg1 = 0; 2008 2009 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) { 2010 /* setup center_freq2, bandwidth */ 2011 for (k = 0; k < ARRAY_SIZE(vht80); k++) { 2012 /* Only accept 80 MHz segments separated by a gap */ 2013 if (j == k || abs(vht80[j] - vht80[k]) == 16) 2014 continue; 2015 for (i = vht80[k]; i < vht80[k] + 16; i += 4) { 2016 struct hostapd_channel_data *chan; 2017 2018 chan = hw_get_channel_chan(mode, i, NULL); 2019 if (!chan) 2020 continue; 2021 2022 if (chan->flag & (HOSTAPD_CHAN_DISABLED | 2023 HOSTAPD_CHAN_NO_IR | 2024 HOSTAPD_CHAN_RADAR)) 2025 continue; 2026 2027 /* Found a suitable second segment for 80+80 */ 2028 chwidth = VHT_CHANWIDTH_80P80MHZ; 2029 vht_caps |= 2030 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; 2031 seg1 = vht80[k] + 6; 2032 } 2033 2034 if (chwidth == VHT_CHANWIDTH_80P80MHZ) 2035 break; 2036 } 2037 } 2038 2039 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq, 2040 freq->channel, freq->ht_enabled, 2041 vht_freq.vht_enabled, 2042 freq->sec_channel_offset, 2043 chwidth, seg0, seg1, vht_caps) != 0) 2044 return; 2045 2046 *freq = vht_freq; 2047 2048 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d", 2049 freq->center_freq1, freq->center_freq2, freq->bandwidth); 2050} 2051 2052 2053static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) 2054{ 2055 struct wpa_connect_work *cwork = work->ctx; 2056 struct wpa_bss *bss = cwork->bss; 2057 struct wpa_ssid *ssid = cwork->ssid; 2058 struct wpa_supplicant *wpa_s = work->wpa_s; 2059 u8 wpa_ie[200]; 2060 size_t wpa_ie_len; 2061 int use_crypt, ret, i, bssid_changed; 2062 int algs = WPA_AUTH_ALG_OPEN; 2063 unsigned int cipher_pairwise, cipher_group; 2064 struct wpa_driver_associate_params params; 2065 int wep_keys_set = 0; 2066 int assoc_failed = 0; 2067 struct wpa_ssid *old_ssid; 2068 u8 prev_bssid[ETH_ALEN]; 2069#ifdef CONFIG_HT_OVERRIDES 2070 struct ieee80211_ht_capabilities htcaps; 2071 struct ieee80211_ht_capabilities htcaps_mask; 2072#endif /* CONFIG_HT_OVERRIDES */ 2073#ifdef CONFIG_VHT_OVERRIDES 2074 struct ieee80211_vht_capabilities vhtcaps; 2075 struct ieee80211_vht_capabilities vhtcaps_mask; 2076#endif /* CONFIG_VHT_OVERRIDES */ 2077#ifdef CONFIG_MBO 2078 const u8 *mbo = NULL; 2079#endif /* CONFIG_MBO */ 2080 2081 if (deinit) { 2082 if (work->started) { 2083 wpa_s->connect_work = NULL; 2084 2085 /* cancel possible auth. timeout */ 2086 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, 2087 NULL); 2088 } 2089 wpas_connect_work_free(cwork); 2090 return; 2091 } 2092 2093 wpa_s->connect_work = work; 2094 2095 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) || 2096 wpas_network_disabled(wpa_s, ssid)) { 2097 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt"); 2098 wpas_connect_work_done(wpa_s); 2099 return; 2100 } 2101 2102 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN); 2103 os_memset(¶ms, 0, sizeof(params)); 2104 wpa_s->reassociate = 0; 2105 wpa_s->eap_expected_failure = 0; 2106 if (bss && 2107 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) { 2108#ifdef CONFIG_IEEE80211R 2109 const u8 *ie, *md = NULL; 2110#endif /* CONFIG_IEEE80211R */ 2111 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR 2112 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), 2113 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); 2114 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 2115 os_memset(wpa_s->bssid, 0, ETH_ALEN); 2116 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 2117 if (bssid_changed) 2118 wpas_notify_bssid_changed(wpa_s); 2119#ifdef CONFIG_IEEE80211R 2120 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 2121 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) 2122 md = ie + 2; 2123 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); 2124 if (md) { 2125 /* Prepare for the next transition */ 2126 wpa_ft_prepare_auth_request(wpa_s->wpa, ie); 2127 } 2128#endif /* CONFIG_IEEE80211R */ 2129#ifdef CONFIG_WPS 2130 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && 2131 wpa_s->conf->ap_scan == 2 && 2132 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 2133 /* Use ap_scan==1 style network selection to find the network 2134 */ 2135 wpas_connect_work_done(wpa_s); 2136 wpa_s->scan_req = MANUAL_SCAN_REQ; 2137 wpa_s->reassociate = 1; 2138 wpa_supplicant_req_scan(wpa_s, 0, 0); 2139 return; 2140#endif /* CONFIG_WPS */ 2141 } else { 2142 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", 2143 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 2144 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 2145 } 2146 if (!wpa_s->pno) 2147 wpa_supplicant_cancel_sched_scan(wpa_s); 2148 2149 wpa_supplicant_cancel_scan(wpa_s); 2150 2151 /* Starting new association, so clear the possibly used WPA IE from the 2152 * previous association. */ 2153 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 2154 2155#ifdef IEEE8021X_EAPOL 2156 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 2157 if (ssid->leap) { 2158 if (ssid->non_leap == 0) 2159 algs = WPA_AUTH_ALG_LEAP; 2160 else 2161 algs |= WPA_AUTH_ALG_LEAP; 2162 } 2163 } 2164#endif /* IEEE8021X_EAPOL */ 2165 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); 2166 if (ssid->auth_alg) { 2167 algs = ssid->auth_alg; 2168 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: " 2169 "0x%x", algs); 2170 } 2171 2172 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || 2173 wpa_bss_get_ie(bss, WLAN_EID_RSN)) && 2174 wpa_key_mgmt_wpa(ssid->key_mgmt)) { 2175 int try_opportunistic; 2176 try_opportunistic = (ssid->proactive_key_caching < 0 ? 2177 wpa_s->conf->okc : 2178 ssid->proactive_key_caching) && 2179 (ssid->proto & WPA_PROTO_RSN); 2180 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, 2181 ssid, try_opportunistic) == 0) 2182 eapol_sm_notify_pmkid_attempt(wpa_s->eapol); 2183 wpa_ie_len = sizeof(wpa_ie); 2184 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 2185 wpa_ie, &wpa_ie_len)) { 2186 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 2187 "key management and encryption suites"); 2188 wpas_connect_work_done(wpa_s); 2189 return; 2190 } 2191 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && 2192 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { 2193 /* 2194 * Both WPA and non-WPA IEEE 802.1X enabled in configuration - 2195 * use non-WPA since the scan results did not indicate that the 2196 * AP is using WPA or WPA2. 2197 */ 2198 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2199 wpa_ie_len = 0; 2200 wpa_s->wpa_proto = 0; 2201 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { 2202 wpa_ie_len = sizeof(wpa_ie); 2203 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, 2204 wpa_ie, &wpa_ie_len)) { 2205 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 2206 "key management and encryption suites (no " 2207 "scan results)"); 2208 wpas_connect_work_done(wpa_s); 2209 return; 2210 } 2211#ifdef CONFIG_WPS 2212 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { 2213 struct wpabuf *wps_ie; 2214 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); 2215 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) { 2216 wpa_ie_len = wpabuf_len(wps_ie); 2217 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); 2218 } else 2219 wpa_ie_len = 0; 2220 wpabuf_free(wps_ie); 2221 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2222 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) 2223 params.wps = WPS_MODE_PRIVACY; 2224 else 2225 params.wps = WPS_MODE_OPEN; 2226 wpa_s->wpa_proto = 0; 2227#endif /* CONFIG_WPS */ 2228 } else { 2229 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2230 wpa_ie_len = 0; 2231 wpa_s->wpa_proto = 0; 2232 } 2233 2234#ifdef CONFIG_P2P 2235 if (wpa_s->global->p2p) { 2236 u8 *pos; 2237 size_t len; 2238 int res; 2239 pos = wpa_ie + wpa_ie_len; 2240 len = sizeof(wpa_ie) - wpa_ie_len; 2241 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, 2242 ssid->p2p_group); 2243 if (res >= 0) 2244 wpa_ie_len += res; 2245 } 2246 2247 wpa_s->cross_connect_disallowed = 0; 2248 if (bss) { 2249 struct wpabuf *p2p; 2250 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); 2251 if (p2p) { 2252 wpa_s->cross_connect_disallowed = 2253 p2p_get_cross_connect_disallowed(p2p); 2254 wpabuf_free(p2p); 2255 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " 2256 "connection", 2257 wpa_s->cross_connect_disallowed ? 2258 "disallows" : "allows"); 2259 } 2260 } 2261 2262 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info)); 2263#endif /* CONFIG_P2P */ 2264 2265#ifdef CONFIG_MBO 2266 if (bss) { 2267 mbo = wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE); 2268 if (mbo) { 2269 int len; 2270 2271 len = wpas_mbo_supp_op_class_ie(wpa_s, bss->freq, 2272 wpa_ie + wpa_ie_len, 2273 sizeof(wpa_ie) - 2274 wpa_ie_len); 2275 if (len > 0) 2276 wpa_ie_len += len; 2277 } 2278 } 2279#endif /* CONFIG_MBO */ 2280 2281 /* 2282 * Workaround: Add Extended Capabilities element only if the AP 2283 * included this element in Beacon/Probe Response frames. Some older 2284 * APs seem to have interoperability issues if this element is 2285 * included, so while the standard may require us to include the 2286 * element in all cases, it is justifiable to skip it to avoid 2287 * interoperability issues. 2288 */ 2289 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) { 2290 u8 ext_capab[18]; 2291 int ext_capab_len; 2292 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, 2293 sizeof(ext_capab)); 2294 if (ext_capab_len > 0) { 2295 u8 *pos = wpa_ie; 2296 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) 2297 pos += 2 + pos[1]; 2298 os_memmove(pos + ext_capab_len, pos, 2299 wpa_ie_len - (pos - wpa_ie)); 2300 wpa_ie_len += ext_capab_len; 2301 os_memcpy(pos, ext_capab, ext_capab_len); 2302 } 2303 } 2304 2305#ifdef CONFIG_HS20 2306 if (is_hs20_network(wpa_s, ssid, bss)) { 2307 struct wpabuf *hs20; 2308 2309 hs20 = wpabuf_alloc(20); 2310 if (hs20) { 2311 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid); 2312 size_t len; 2313 2314 wpas_hs20_add_indication(hs20, pps_mo_id); 2315 len = sizeof(wpa_ie) - wpa_ie_len; 2316 if (wpabuf_len(hs20) <= len) { 2317 os_memcpy(wpa_ie + wpa_ie_len, 2318 wpabuf_head(hs20), wpabuf_len(hs20)); 2319 wpa_ie_len += wpabuf_len(hs20); 2320 } 2321 wpabuf_free(hs20); 2322 } 2323 } 2324#endif /* CONFIG_HS20 */ 2325 2326 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) { 2327 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]; 2328 size_t len; 2329 2330 len = sizeof(wpa_ie) - wpa_ie_len; 2331 if (wpabuf_len(buf) <= len) { 2332 os_memcpy(wpa_ie + wpa_ie_len, 2333 wpabuf_head(buf), wpabuf_len(buf)); 2334 wpa_ie_len += wpabuf_len(buf); 2335 } 2336 } 2337 2338#ifdef CONFIG_FST 2339 if (wpa_s->fst_ies) { 2340 int fst_ies_len = wpabuf_len(wpa_s->fst_ies); 2341 2342 if (wpa_ie_len + fst_ies_len <= sizeof(wpa_ie)) { 2343 os_memcpy(wpa_ie + wpa_ie_len, 2344 wpabuf_head(wpa_s->fst_ies), fst_ies_len); 2345 wpa_ie_len += fst_ies_len; 2346 } 2347 } 2348#endif /* CONFIG_FST */ 2349 2350#ifdef CONFIG_MBO 2351 if (mbo) { 2352 int len; 2353 2354 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len, 2355 sizeof(wpa_ie) - wpa_ie_len); 2356 if (len >= 0) 2357 wpa_ie_len += len; 2358 } 2359#endif /* CONFIG_MBO */ 2360 2361 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); 2362 use_crypt = 1; 2363 cipher_pairwise = wpa_s->pairwise_cipher; 2364 cipher_group = wpa_s->group_cipher; 2365 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 2366 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 2367 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) 2368 use_crypt = 0; 2369 if (wpa_set_wep_keys(wpa_s, ssid)) { 2370 use_crypt = 1; 2371 wep_keys_set = 1; 2372 } 2373 } 2374 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) 2375 use_crypt = 0; 2376 2377#ifdef IEEE8021X_EAPOL 2378 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 2379 if ((ssid->eapol_flags & 2380 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 2381 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && 2382 !wep_keys_set) { 2383 use_crypt = 0; 2384 } else { 2385 /* Assume that dynamic WEP-104 keys will be used and 2386 * set cipher suites in order for drivers to expect 2387 * encryption. */ 2388 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104; 2389 } 2390 } 2391#endif /* IEEE8021X_EAPOL */ 2392 2393 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 2394 /* Set the key before (and later after) association */ 2395 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 2396 } 2397 2398 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); 2399 if (bss) { 2400 params.ssid = bss->ssid; 2401 params.ssid_len = bss->ssid_len; 2402 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { 2403 wpa_printf(MSG_DEBUG, "Limit connection to BSSID " 2404 MACSTR " freq=%u MHz based on scan results " 2405 "(bssid_set=%d)", 2406 MAC2STR(bss->bssid), bss->freq, 2407 ssid->bssid_set); 2408 params.bssid = bss->bssid; 2409 params.freq.freq = bss->freq; 2410 } 2411 params.bssid_hint = bss->bssid; 2412 params.freq_hint = bss->freq; 2413 params.pbss = bss_is_pbss(bss); 2414 } else { 2415 params.ssid = ssid->ssid; 2416 params.ssid_len = ssid->ssid_len; 2417 params.pbss = ssid->pbss; 2418 } 2419 2420 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && 2421 wpa_s->conf->ap_scan == 2) { 2422 params.bssid = ssid->bssid; 2423 params.fixed_bssid = 1; 2424 } 2425 2426 /* Initial frequency for IBSS/mesh */ 2427 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) && 2428 ssid->frequency > 0 && params.freq.freq == 0) 2429 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq); 2430 2431 if (ssid->mode == WPAS_MODE_IBSS) { 2432 params.fixed_freq = ssid->fixed_freq; 2433 if (ssid->beacon_int) 2434 params.beacon_int = ssid->beacon_int; 2435 else 2436 params.beacon_int = wpa_s->conf->beacon_int; 2437 } 2438 2439 params.wpa_ie = wpa_ie; 2440 params.wpa_ie_len = wpa_ie_len; 2441 params.pairwise_suite = cipher_pairwise; 2442 params.group_suite = cipher_group; 2443 params.key_mgmt_suite = wpa_s->key_mgmt; 2444 params.wpa_proto = wpa_s->wpa_proto; 2445 params.auth_alg = algs; 2446 params.mode = ssid->mode; 2447 params.bg_scan_period = ssid->bg_scan_period; 2448 for (i = 0; i < NUM_WEP_KEYS; i++) { 2449 if (ssid->wep_key_len[i]) 2450 params.wep_key[i] = ssid->wep_key[i]; 2451 params.wep_key_len[i] = ssid->wep_key_len[i]; 2452 } 2453 params.wep_tx_keyidx = ssid->wep_tx_keyidx; 2454 2455 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 2456 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK || 2457 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) { 2458 params.passphrase = ssid->passphrase; 2459 if (ssid->psk_set) 2460 params.psk = ssid->psk; 2461 } 2462 2463 if (wpa_s->conf->key_mgmt_offload) { 2464 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 2465 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 2466 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 2467 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) 2468 params.req_key_mgmt_offload = 2469 ssid->proactive_key_caching < 0 ? 2470 wpa_s->conf->okc : ssid->proactive_key_caching; 2471 else 2472 params.req_key_mgmt_offload = 1; 2473 2474 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK || 2475 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 2476 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) && 2477 ssid->psk_set) 2478 params.psk = ssid->psk; 2479 } 2480 2481 params.drop_unencrypted = use_crypt; 2482 2483#ifdef CONFIG_IEEE80211W 2484 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid); 2485 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { 2486 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 2487 struct wpa_ie_data ie; 2488 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && 2489 ie.capabilities & 2490 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { 2491 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " 2492 "MFP: require MFP"); 2493 params.mgmt_frame_protection = 2494 MGMT_FRAME_PROTECTION_REQUIRED; 2495 } 2496 } 2497#endif /* CONFIG_IEEE80211W */ 2498 2499 params.p2p = ssid->p2p_group; 2500 2501 if (wpa_s->p2pdev->set_sta_uapsd) 2502 params.uapsd = wpa_s->p2pdev->sta_uapsd; 2503 else 2504 params.uapsd = -1; 2505 2506#ifdef CONFIG_HT_OVERRIDES 2507 os_memset(&htcaps, 0, sizeof(htcaps)); 2508 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); 2509 params.htcaps = (u8 *) &htcaps; 2510 params.htcaps_mask = (u8 *) &htcaps_mask; 2511 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); 2512#endif /* CONFIG_HT_OVERRIDES */ 2513#ifdef CONFIG_VHT_OVERRIDES 2514 os_memset(&vhtcaps, 0, sizeof(vhtcaps)); 2515 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask)); 2516 params.vhtcaps = &vhtcaps; 2517 params.vhtcaps_mask = &vhtcaps_mask; 2518 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms); 2519#endif /* CONFIG_VHT_OVERRIDES */ 2520 2521#ifdef CONFIG_P2P 2522 /* 2523 * If multi-channel concurrency is not supported, check for any 2524 * frequency conflict. In case of any frequency conflict, remove the 2525 * least prioritized connection. 2526 */ 2527 if (wpa_s->num_multichan_concurrent < 2) { 2528 int freq, num; 2529 num = get_shared_radio_freqs(wpa_s, &freq, 1); 2530 if (num > 0 && freq > 0 && freq != params.freq.freq) { 2531 wpa_printf(MSG_DEBUG, 2532 "Assoc conflicting freq found (%d != %d)", 2533 freq, params.freq.freq); 2534 if (wpas_p2p_handle_frequency_conflicts( 2535 wpa_s, params.freq.freq, ssid) < 0) { 2536 wpas_connect_work_done(wpa_s); 2537 return; 2538 } 2539 } 2540 } 2541#endif /* CONFIG_P2P */ 2542 2543 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) && 2544 wpa_s->current_ssid) 2545 params.prev_bssid = prev_bssid; 2546 2547 ret = wpa_drv_associate(wpa_s, ¶ms); 2548 if (ret < 0) { 2549 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " 2550 "failed"); 2551 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) { 2552 /* 2553 * The driver is known to mean what is saying, so we 2554 * can stop right here; the association will not 2555 * succeed. 2556 */ 2557 wpas_connection_failed(wpa_s, wpa_s->pending_bssid); 2558 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 2559 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 2560 return; 2561 } 2562 /* try to continue anyway; new association will be tried again 2563 * after timeout */ 2564 assoc_failed = 1; 2565 } 2566 2567 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 2568 /* Set the key after the association just in case association 2569 * cleared the previously configured key. */ 2570 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 2571 /* No need to timeout authentication since there is no key 2572 * management. */ 2573 wpa_supplicant_cancel_auth_timeout(wpa_s); 2574 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 2575#ifdef CONFIG_IBSS_RSN 2576 } else if (ssid->mode == WPAS_MODE_IBSS && 2577 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 2578 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 2579 /* 2580 * RSN IBSS authentication is per-STA and we can disable the 2581 * per-BSSID authentication. 2582 */ 2583 wpa_supplicant_cancel_auth_timeout(wpa_s); 2584#endif /* CONFIG_IBSS_RSN */ 2585 } else { 2586 /* Timeout for IEEE 802.11 authentication and association */ 2587 int timeout = 60; 2588 2589 if (assoc_failed) { 2590 /* give IBSS a bit more time */ 2591 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; 2592 } else if (wpa_s->conf->ap_scan == 1) { 2593 /* give IBSS a bit more time */ 2594 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; 2595 } 2596 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 2597 } 2598 2599 if (wep_keys_set && 2600 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) { 2601 /* Set static WEP keys again */ 2602 wpa_set_wep_keys(wpa_s, ssid); 2603 } 2604 2605 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { 2606 /* 2607 * Do not allow EAP session resumption between different 2608 * network configurations. 2609 */ 2610 eapol_sm_invalidate_cached_session(wpa_s->eapol); 2611 } 2612 old_ssid = wpa_s->current_ssid; 2613 wpa_s->current_ssid = ssid; 2614 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) 2615 wpa_s->current_bss = bss; 2616 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 2617 wpa_supplicant_initiate_eapol(wpa_s); 2618 if (old_ssid != wpa_s->current_ssid) 2619 wpas_notify_network_changed(wpa_s); 2620} 2621 2622 2623static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, 2624 const u8 *addr) 2625{ 2626 struct wpa_ssid *old_ssid; 2627 2628 wpas_connect_work_done(wpa_s); 2629 wpa_clear_keys(wpa_s, addr); 2630 old_ssid = wpa_s->current_ssid; 2631 wpa_supplicant_mark_disassoc(wpa_s); 2632 wpa_sm_set_config(wpa_s->wpa, NULL); 2633 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 2634 if (old_ssid != wpa_s->current_ssid) 2635 wpas_notify_network_changed(wpa_s); 2636 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 2637} 2638 2639 2640/** 2641 * wpa_supplicant_deauthenticate - Deauthenticate the current connection 2642 * @wpa_s: Pointer to wpa_supplicant data 2643 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame 2644 * 2645 * This function is used to request %wpa_supplicant to deauthenticate from the 2646 * current AP. 2647 */ 2648void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, 2649 int reason_code) 2650{ 2651 u8 *addr = NULL; 2652 union wpa_event_data event; 2653 int zero_addr = 0; 2654 2655 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR 2656 " pending_bssid=" MACSTR " reason=%d state=%s", 2657 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), 2658 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state)); 2659 2660 if (!is_zero_ether_addr(wpa_s->bssid)) 2661 addr = wpa_s->bssid; 2662 else if (!is_zero_ether_addr(wpa_s->pending_bssid) && 2663 (wpa_s->wpa_state == WPA_AUTHENTICATING || 2664 wpa_s->wpa_state == WPA_ASSOCIATING)) 2665 addr = wpa_s->pending_bssid; 2666 else if (wpa_s->wpa_state == WPA_ASSOCIATING) { 2667 /* 2668 * When using driver-based BSS selection, we may not know the 2669 * BSSID with which we are currently trying to associate. We 2670 * need to notify the driver of this disconnection even in such 2671 * a case, so use the all zeros address here. 2672 */ 2673 addr = wpa_s->bssid; 2674 zero_addr = 1; 2675 } 2676 2677#ifdef CONFIG_TDLS 2678 wpa_tdls_teardown_peers(wpa_s->wpa); 2679#endif /* CONFIG_TDLS */ 2680 2681#ifdef CONFIG_MESH 2682 if (wpa_s->ifmsh) { 2683 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s", 2684 wpa_s->ifname); 2685 wpa_supplicant_leave_mesh(wpa_s); 2686 } 2687#endif /* CONFIG_MESH */ 2688 2689 if (addr) { 2690 wpa_drv_deauthenticate(wpa_s, addr, reason_code); 2691 os_memset(&event, 0, sizeof(event)); 2692 event.deauth_info.reason_code = (u16) reason_code; 2693 event.deauth_info.locally_generated = 1; 2694 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event); 2695 if (zero_addr) 2696 addr = NULL; 2697 } 2698 2699 wpa_supplicant_clear_connection(wpa_s, addr); 2700} 2701 2702static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s, 2703 struct wpa_ssid *ssid) 2704{ 2705 if (!ssid || !ssid->disabled || ssid->disabled == 2) 2706 return; 2707 2708 ssid->disabled = 0; 2709 wpas_clear_temp_disabled(wpa_s, ssid, 1); 2710 wpas_notify_network_enabled_changed(wpa_s, ssid); 2711 2712 /* 2713 * Try to reassociate since there is no current configuration and a new 2714 * network was made available. 2715 */ 2716 if (!wpa_s->current_ssid && !wpa_s->disconnected) 2717 wpa_s->reassociate = 1; 2718} 2719 2720 2721/** 2722 * wpa_supplicant_enable_network - Mark a configured network as enabled 2723 * @wpa_s: wpa_supplicant structure for a network interface 2724 * @ssid: wpa_ssid structure for a configured network or %NULL 2725 * 2726 * Enables the specified network or all networks if no network specified. 2727 */ 2728void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, 2729 struct wpa_ssid *ssid) 2730{ 2731 if (ssid == NULL) { 2732 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 2733 wpa_supplicant_enable_one_network(wpa_s, ssid); 2734 } else 2735 wpa_supplicant_enable_one_network(wpa_s, ssid); 2736 2737 if (wpa_s->reassociate && !wpa_s->disconnected && 2738 (!wpa_s->current_ssid || 2739 wpa_s->wpa_state == WPA_DISCONNECTED || 2740 wpa_s->wpa_state == WPA_SCANNING)) { 2741 if (wpa_s->sched_scanning) { 2742 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add " 2743 "new network to scan filters"); 2744 wpa_supplicant_cancel_sched_scan(wpa_s); 2745 } 2746 2747 if (wpa_supplicant_fast_associate(wpa_s) != 1) { 2748 wpa_s->scan_req = NORMAL_SCAN_REQ; 2749 wpa_supplicant_req_scan(wpa_s, 0, 0); 2750 } 2751 } 2752} 2753 2754 2755/** 2756 * wpa_supplicant_disable_network - Mark a configured network as disabled 2757 * @wpa_s: wpa_supplicant structure for a network interface 2758 * @ssid: wpa_ssid structure for a configured network or %NULL 2759 * 2760 * Disables the specified network or all networks if no network specified. 2761 */ 2762void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, 2763 struct wpa_ssid *ssid) 2764{ 2765 struct wpa_ssid *other_ssid; 2766 int was_disabled; 2767 2768 if (ssid == NULL) { 2769 if (wpa_s->sched_scanning) 2770 wpa_supplicant_cancel_sched_scan(wpa_s); 2771 2772 for (other_ssid = wpa_s->conf->ssid; other_ssid; 2773 other_ssid = other_ssid->next) { 2774 was_disabled = other_ssid->disabled; 2775 if (was_disabled == 2) 2776 continue; /* do not change persistent P2P group 2777 * data */ 2778 2779 other_ssid->disabled = 1; 2780 2781 if (was_disabled != other_ssid->disabled) 2782 wpas_notify_network_enabled_changed( 2783 wpa_s, other_ssid); 2784 } 2785 if (wpa_s->current_ssid) 2786 wpa_supplicant_deauthenticate( 2787 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 2788 } else if (ssid->disabled != 2) { 2789 if (ssid == wpa_s->current_ssid) 2790 wpa_supplicant_deauthenticate( 2791 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 2792 2793 was_disabled = ssid->disabled; 2794 2795 ssid->disabled = 1; 2796 2797 if (was_disabled != ssid->disabled) { 2798 wpas_notify_network_enabled_changed(wpa_s, ssid); 2799 if (wpa_s->sched_scanning) { 2800 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan " 2801 "to remove network from filters"); 2802 wpa_supplicant_cancel_sched_scan(wpa_s); 2803 wpa_supplicant_req_scan(wpa_s, 0, 0); 2804 } 2805 } 2806 } 2807} 2808 2809 2810/** 2811 * wpa_supplicant_select_network - Attempt association with a network 2812 * @wpa_s: wpa_supplicant structure for a network interface 2813 * @ssid: wpa_ssid structure for a configured network or %NULL for any network 2814 */ 2815void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, 2816 struct wpa_ssid *ssid) 2817{ 2818 2819 struct wpa_ssid *other_ssid; 2820 int disconnected = 0; 2821 2822 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { 2823 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 2824 wpa_s->own_disconnect_req = 1; 2825 wpa_supplicant_deauthenticate( 2826 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 2827 disconnected = 1; 2828 } 2829 2830 if (ssid) 2831 wpas_clear_temp_disabled(wpa_s, ssid, 1); 2832 2833 /* 2834 * Mark all other networks disabled or mark all networks enabled if no 2835 * network specified. 2836 */ 2837 for (other_ssid = wpa_s->conf->ssid; other_ssid; 2838 other_ssid = other_ssid->next) { 2839 int was_disabled = other_ssid->disabled; 2840 if (was_disabled == 2) 2841 continue; /* do not change persistent P2P group data */ 2842 2843 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; 2844 if (was_disabled && !other_ssid->disabled) 2845 wpas_clear_temp_disabled(wpa_s, other_ssid, 0); 2846 2847 if (was_disabled != other_ssid->disabled) 2848 wpas_notify_network_enabled_changed(wpa_s, other_ssid); 2849 } 2850 2851 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid && 2852 wpa_s->wpa_state >= WPA_AUTHENTICATING) { 2853 /* We are already associated with the selected network */ 2854 wpa_printf(MSG_DEBUG, "Already associated with the " 2855 "selected network - do nothing"); 2856 return; 2857 } 2858 2859 if (ssid) { 2860 wpa_s->current_ssid = ssid; 2861 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 2862 wpa_s->connect_without_scan = 2863 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL; 2864 2865 /* 2866 * Don't optimize next scan freqs since a new ESS has been 2867 * selected. 2868 */ 2869 os_free(wpa_s->next_scan_freqs); 2870 wpa_s->next_scan_freqs = NULL; 2871 } else { 2872 wpa_s->connect_without_scan = NULL; 2873 } 2874 2875 wpa_s->disconnected = 0; 2876 wpa_s->reassociate = 1; 2877 2878 if (wpa_s->connect_without_scan || 2879 wpa_supplicant_fast_associate(wpa_s) != 1) { 2880 wpa_s->scan_req = NORMAL_SCAN_REQ; 2881 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); 2882 } 2883 2884 if (ssid) 2885 wpas_notify_network_selected(wpa_s, ssid); 2886} 2887 2888 2889/** 2890 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path 2891 * @wpa_s: wpa_supplicant structure for a network interface 2892 * @pkcs11_engine_path: PKCS #11 engine path or NULL 2893 * @pkcs11_module_path: PKCS #11 module path or NULL 2894 * Returns: 0 on success; -1 on failure 2895 * 2896 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid 2897 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and 2898 * module path fails the paths will be reset to the default value (NULL). 2899 */ 2900int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s, 2901 const char *pkcs11_engine_path, 2902 const char *pkcs11_module_path) 2903{ 2904 char *pkcs11_engine_path_copy = NULL; 2905 char *pkcs11_module_path_copy = NULL; 2906 2907 if (pkcs11_engine_path != NULL) { 2908 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path); 2909 if (pkcs11_engine_path_copy == NULL) 2910 return -1; 2911 } 2912 if (pkcs11_module_path != NULL) { 2913 pkcs11_module_path_copy = os_strdup(pkcs11_module_path); 2914 if (pkcs11_module_path_copy == NULL) { 2915 os_free(pkcs11_engine_path_copy); 2916 return -1; 2917 } 2918 } 2919 2920 os_free(wpa_s->conf->pkcs11_engine_path); 2921 os_free(wpa_s->conf->pkcs11_module_path); 2922 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy; 2923 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy; 2924 2925 wpa_sm_set_eapol(wpa_s->wpa, NULL); 2926 eapol_sm_deinit(wpa_s->eapol); 2927 wpa_s->eapol = NULL; 2928 if (wpa_supplicant_init_eapol(wpa_s)) { 2929 /* Error -> Reset paths to the default value (NULL) once. */ 2930 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL) 2931 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL, 2932 NULL); 2933 2934 return -1; 2935 } 2936 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 2937 2938 return 0; 2939} 2940 2941 2942/** 2943 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface 2944 * @wpa_s: wpa_supplicant structure for a network interface 2945 * @ap_scan: AP scan mode 2946 * Returns: 0 if succeed or -1 if ap_scan has an invalid value 2947 * 2948 */ 2949int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) 2950{ 2951 2952 int old_ap_scan; 2953 2954 if (ap_scan < 0 || ap_scan > 2) 2955 return -1; 2956 2957 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) { 2958 wpa_printf(MSG_INFO, 2959 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); 2960 } 2961 2962#ifdef ANDROID 2963 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && 2964 wpa_s->wpa_state >= WPA_ASSOCIATING && 2965 wpa_s->wpa_state < WPA_COMPLETED) { 2966 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " 2967 "associating", wpa_s->conf->ap_scan, ap_scan); 2968 return 0; 2969 } 2970#endif /* ANDROID */ 2971 2972 old_ap_scan = wpa_s->conf->ap_scan; 2973 wpa_s->conf->ap_scan = ap_scan; 2974 2975 if (old_ap_scan != wpa_s->conf->ap_scan) 2976 wpas_notify_ap_scan_changed(wpa_s); 2977 2978 return 0; 2979} 2980 2981 2982/** 2983 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age 2984 * @wpa_s: wpa_supplicant structure for a network interface 2985 * @expire_age: Expiration age in seconds 2986 * Returns: 0 if succeed or -1 if expire_age has an invalid value 2987 * 2988 */ 2989int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, 2990 unsigned int bss_expire_age) 2991{ 2992 if (bss_expire_age < 10) { 2993 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", 2994 bss_expire_age); 2995 return -1; 2996 } 2997 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", 2998 bss_expire_age); 2999 wpa_s->conf->bss_expiration_age = bss_expire_age; 3000 3001 return 0; 3002} 3003 3004 3005/** 3006 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count 3007 * @wpa_s: wpa_supplicant structure for a network interface 3008 * @expire_count: number of scans after which an unseen BSS is reclaimed 3009 * Returns: 0 if succeed or -1 if expire_count has an invalid value 3010 * 3011 */ 3012int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, 3013 unsigned int bss_expire_count) 3014{ 3015 if (bss_expire_count < 1) { 3016 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", 3017 bss_expire_count); 3018 return -1; 3019 } 3020 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", 3021 bss_expire_count); 3022 wpa_s->conf->bss_expiration_scan_count = bss_expire_count; 3023 3024 return 0; 3025} 3026 3027 3028/** 3029 * wpa_supplicant_set_scan_interval - Set scan interval 3030 * @wpa_s: wpa_supplicant structure for a network interface 3031 * @scan_interval: scan interval in seconds 3032 * Returns: 0 if succeed or -1 if scan_interval has an invalid value 3033 * 3034 */ 3035int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s, 3036 int scan_interval) 3037{ 3038 if (scan_interval < 0) { 3039 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d", 3040 scan_interval); 3041 return -1; 3042 } 3043 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec", 3044 scan_interval); 3045 wpa_supplicant_update_scan_int(wpa_s, scan_interval); 3046 3047 return 0; 3048} 3049 3050 3051/** 3052 * wpa_supplicant_set_debug_params - Set global debug params 3053 * @global: wpa_global structure 3054 * @debug_level: debug level 3055 * @debug_timestamp: determines if show timestamp in debug data 3056 * @debug_show_keys: determines if show keys in debug data 3057 * Returns: 0 if succeed or -1 if debug_level has wrong value 3058 */ 3059int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, 3060 int debug_timestamp, int debug_show_keys) 3061{ 3062 3063 int old_level, old_timestamp, old_show_keys; 3064 3065 /* check for allowed debuglevels */ 3066 if (debug_level != MSG_EXCESSIVE && 3067 debug_level != MSG_MSGDUMP && 3068 debug_level != MSG_DEBUG && 3069 debug_level != MSG_INFO && 3070 debug_level != MSG_WARNING && 3071 debug_level != MSG_ERROR) 3072 return -1; 3073 3074 old_level = wpa_debug_level; 3075 old_timestamp = wpa_debug_timestamp; 3076 old_show_keys = wpa_debug_show_keys; 3077 3078 wpa_debug_level = debug_level; 3079 wpa_debug_timestamp = debug_timestamp ? 1 : 0; 3080 wpa_debug_show_keys = debug_show_keys ? 1 : 0; 3081 3082 if (wpa_debug_level != old_level) 3083 wpas_notify_debug_level_changed(global); 3084 if (wpa_debug_timestamp != old_timestamp) 3085 wpas_notify_debug_timestamp_changed(global); 3086 if (wpa_debug_show_keys != old_show_keys) 3087 wpas_notify_debug_show_keys_changed(global); 3088 3089 return 0; 3090} 3091 3092 3093/** 3094 * wpa_supplicant_get_ssid - Get a pointer to the current network structure 3095 * @wpa_s: Pointer to wpa_supplicant data 3096 * Returns: A pointer to the current network structure or %NULL on failure 3097 */ 3098struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) 3099{ 3100 struct wpa_ssid *entry; 3101 u8 ssid[SSID_MAX_LEN]; 3102 int res; 3103 size_t ssid_len; 3104 u8 bssid[ETH_ALEN]; 3105 int wired; 3106 3107 res = wpa_drv_get_ssid(wpa_s, ssid); 3108 if (res < 0) { 3109 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " 3110 "driver"); 3111 return NULL; 3112 } 3113 ssid_len = res; 3114 3115 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { 3116 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " 3117 "driver"); 3118 return NULL; 3119 } 3120 3121 wired = wpa_s->conf->ap_scan == 0 && 3122 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); 3123 3124 entry = wpa_s->conf->ssid; 3125 while (entry) { 3126 if (!wpas_network_disabled(wpa_s, entry) && 3127 ((ssid_len == entry->ssid_len && 3128 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) && 3129 (!entry->bssid_set || 3130 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 3131 return entry; 3132#ifdef CONFIG_WPS 3133 if (!wpas_network_disabled(wpa_s, entry) && 3134 (entry->key_mgmt & WPA_KEY_MGMT_WPS) && 3135 (entry->ssid == NULL || entry->ssid_len == 0) && 3136 (!entry->bssid_set || 3137 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 3138 return entry; 3139#endif /* CONFIG_WPS */ 3140 3141 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && 3142 entry->ssid_len == 0 && 3143 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0) 3144 return entry; 3145 3146 entry = entry->next; 3147 } 3148 3149 return NULL; 3150} 3151 3152 3153static int select_driver(struct wpa_supplicant *wpa_s, int i) 3154{ 3155 struct wpa_global *global = wpa_s->global; 3156 3157 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { 3158 global->drv_priv[i] = wpa_drivers[i]->global_init(global); 3159 if (global->drv_priv[i] == NULL) { 3160 wpa_printf(MSG_ERROR, "Failed to initialize driver " 3161 "'%s'", wpa_drivers[i]->name); 3162 return -1; 3163 } 3164 } 3165 3166 wpa_s->driver = wpa_drivers[i]; 3167 wpa_s->global_drv_priv = global->drv_priv[i]; 3168 3169 return 0; 3170} 3171 3172 3173static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, 3174 const char *name) 3175{ 3176 int i; 3177 size_t len; 3178 const char *pos, *driver = name; 3179 3180 if (wpa_s == NULL) 3181 return -1; 3182 3183 if (wpa_drivers[0] == NULL) { 3184 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " 3185 "wpa_supplicant"); 3186 return -1; 3187 } 3188 3189 if (name == NULL) { 3190 /* default to first driver in the list */ 3191 return select_driver(wpa_s, 0); 3192 } 3193 3194 do { 3195 pos = os_strchr(driver, ','); 3196 if (pos) 3197 len = pos - driver; 3198 else 3199 len = os_strlen(driver); 3200 3201 for (i = 0; wpa_drivers[i]; i++) { 3202 if (os_strlen(wpa_drivers[i]->name) == len && 3203 os_strncmp(driver, wpa_drivers[i]->name, len) == 3204 0) { 3205 /* First driver that succeeds wins */ 3206 if (select_driver(wpa_s, i) == 0) 3207 return 0; 3208 } 3209 } 3210 3211 driver = pos + 1; 3212 } while (pos); 3213 3214 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); 3215 return -1; 3216} 3217 3218 3219/** 3220 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant 3221 * @ctx: Context pointer (wpa_s); this is the ctx variable registered 3222 * with struct wpa_driver_ops::init() 3223 * @src_addr: Source address of the EAPOL frame 3224 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) 3225 * @len: Length of the EAPOL data 3226 * 3227 * This function is called for each received EAPOL frame. Most driver 3228 * interfaces rely on more generic OS mechanism for receiving frames through 3229 * l2_packet, but if such a mechanism is not available, the driver wrapper may 3230 * take care of received EAPOL frames and deliver them to the core supplicant 3231 * code by calling this function. 3232 */ 3233void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, 3234 const u8 *buf, size_t len) 3235{ 3236 struct wpa_supplicant *wpa_s = ctx; 3237 3238 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); 3239 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); 3240 3241#ifdef CONFIG_PEERKEY 3242 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid && 3243 wpa_s->current_ssid->peerkey && 3244 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 3245 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) { 3246 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key"); 3247 return; 3248 } 3249#endif /* CONFIG_PEERKEY */ 3250 3251 if (wpa_s->wpa_state < WPA_ASSOCIATED || 3252 (wpa_s->last_eapol_matches_bssid && 3253#ifdef CONFIG_AP 3254 !wpa_s->ap_iface && 3255#endif /* CONFIG_AP */ 3256 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) { 3257 /* 3258 * There is possible race condition between receiving the 3259 * association event and the EAPOL frame since they are coming 3260 * through different paths from the driver. In order to avoid 3261 * issues in trying to process the EAPOL frame before receiving 3262 * association information, lets queue it for processing until 3263 * the association event is received. This may also be needed in 3264 * driver-based roaming case, so also use src_addr != BSSID as a 3265 * trigger if we have previously confirmed that the 3266 * Authenticator uses BSSID as the src_addr (which is not the 3267 * case with wired IEEE 802.1X). 3268 */ 3269 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing " 3270 "of received EAPOL frame (state=%s bssid=" MACSTR ")", 3271 wpa_supplicant_state_txt(wpa_s->wpa_state), 3272 MAC2STR(wpa_s->bssid)); 3273 wpabuf_free(wpa_s->pending_eapol_rx); 3274 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); 3275 if (wpa_s->pending_eapol_rx) { 3276 os_get_reltime(&wpa_s->pending_eapol_rx_time); 3277 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, 3278 ETH_ALEN); 3279 } 3280 return; 3281 } 3282 3283 wpa_s->last_eapol_matches_bssid = 3284 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0; 3285 3286#ifdef CONFIG_AP 3287 if (wpa_s->ap_iface) { 3288 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len); 3289 return; 3290 } 3291#endif /* CONFIG_AP */ 3292 3293 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { 3294 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " 3295 "no key management is configured"); 3296 return; 3297 } 3298 3299 if (wpa_s->eapol_received == 0 && 3300 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) || 3301 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 3302 wpa_s->wpa_state != WPA_COMPLETED) && 3303 (wpa_s->current_ssid == NULL || 3304 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) { 3305 /* Timeout for completing IEEE 802.1X and WPA authentication */ 3306 int timeout = 10; 3307 3308 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || 3309 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || 3310 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 3311 /* Use longer timeout for IEEE 802.1X/EAP */ 3312 timeout = 70; 3313 } 3314 3315#ifdef CONFIG_WPS 3316 if (wpa_s->current_ssid && wpa_s->current_bss && 3317 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) && 3318 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) { 3319 /* 3320 * Use shorter timeout if going through WPS AP iteration 3321 * for PIN config method with an AP that does not 3322 * advertise Selected Registrar. 3323 */ 3324 struct wpabuf *wps_ie; 3325 3326 wps_ie = wpa_bss_get_vendor_ie_multi( 3327 wpa_s->current_bss, WPS_IE_VENDOR_TYPE); 3328 if (wps_ie && 3329 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1)) 3330 timeout = 10; 3331 wpabuf_free(wps_ie); 3332 } 3333#endif /* CONFIG_WPS */ 3334 3335 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 3336 } 3337 wpa_s->eapol_received++; 3338 3339 if (wpa_s->countermeasures) { 3340 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " 3341 "EAPOL packet"); 3342 return; 3343 } 3344 3345#ifdef CONFIG_IBSS_RSN 3346 if (wpa_s->current_ssid && 3347 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { 3348 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len); 3349 return; 3350 } 3351#endif /* CONFIG_IBSS_RSN */ 3352 3353 /* Source address of the incoming EAPOL frame could be compared to the 3354 * current BSSID. However, it is possible that a centralized 3355 * Authenticator could be using another MAC address than the BSSID of 3356 * an AP, so just allow any address to be used for now. The replies are 3357 * still sent to the current BSSID (if available), though. */ 3358 3359 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); 3360 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && 3361 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) 3362 return; 3363 wpa_drv_poll(wpa_s); 3364 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) 3365 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); 3366 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 3367 /* 3368 * Set portValid = TRUE here since we are going to skip 4-way 3369 * handshake processing which would normally set portValid. We 3370 * need this to allow the EAPOL state machines to be completed 3371 * without going through EAPOL-Key handshake. 3372 */ 3373 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 3374 } 3375} 3376 3377 3378int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) 3379{ 3380 if ((!wpa_s->p2p_mgmt || 3381 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) && 3382 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { 3383 l2_packet_deinit(wpa_s->l2); 3384 wpa_s->l2 = l2_packet_init(wpa_s->ifname, 3385 wpa_drv_get_mac_addr(wpa_s), 3386 ETH_P_EAPOL, 3387 wpa_supplicant_rx_eapol, wpa_s, 0); 3388 if (wpa_s->l2 == NULL) 3389 return -1; 3390 } else { 3391 const u8 *addr = wpa_drv_get_mac_addr(wpa_s); 3392 if (addr) 3393 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); 3394 } 3395 3396 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { 3397 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address"); 3398 return -1; 3399 } 3400 3401 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 3402 3403 return 0; 3404} 3405 3406 3407static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr, 3408 const u8 *buf, size_t len) 3409{ 3410 struct wpa_supplicant *wpa_s = ctx; 3411 const struct l2_ethhdr *eth; 3412 3413 if (len < sizeof(*eth)) 3414 return; 3415 eth = (const struct l2_ethhdr *) buf; 3416 3417 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 && 3418 !(eth->h_dest[0] & 0x01)) { 3419 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR 3420 " (bridge - not for this interface - ignore)", 3421 MAC2STR(src_addr), MAC2STR(eth->h_dest)); 3422 return; 3423 } 3424 3425 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR 3426 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest)); 3427 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth), 3428 len - sizeof(*eth)); 3429} 3430 3431 3432/** 3433 * wpa_supplicant_driver_init - Initialize driver interface parameters 3434 * @wpa_s: Pointer to wpa_supplicant data 3435 * Returns: 0 on success, -1 on failure 3436 * 3437 * This function is called to initialize driver interface parameters. 3438 * wpa_drv_init() must have been called before this function to initialize the 3439 * driver interface. 3440 */ 3441int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) 3442{ 3443 static int interface_count = 0; 3444 3445 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) 3446 return -1; 3447 3448 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, 3449 MAC2STR(wpa_s->own_addr)); 3450 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN); 3451 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 3452 3453 if (wpa_s->bridge_ifname[0]) { 3454 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " 3455 "interface '%s'", wpa_s->bridge_ifname); 3456 wpa_s->l2_br = l2_packet_init_bridge( 3457 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr, 3458 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1); 3459 if (wpa_s->l2_br == NULL) { 3460 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " 3461 "connection for the bridge interface '%s'", 3462 wpa_s->bridge_ifname); 3463 return -1; 3464 } 3465 } 3466 3467 if (wpa_s->conf->ap_scan == 2 && 3468 os_strcmp(wpa_s->driver->name, "nl80211") == 0) { 3469 wpa_printf(MSG_INFO, 3470 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); 3471 } 3472 3473 wpa_clear_keys(wpa_s, NULL); 3474 3475 /* Make sure that TKIP countermeasures are not left enabled (could 3476 * happen if wpa_supplicant is killed during countermeasures. */ 3477 wpa_drv_set_countermeasures(wpa_s, 0); 3478 3479 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); 3480 wpa_drv_flush_pmkid(wpa_s); 3481 3482 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; 3483 wpa_s->prev_scan_wildcard = 0; 3484 3485 if (wpa_supplicant_enabled_networks(wpa_s)) { 3486 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { 3487 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 3488 interface_count = 0; 3489 } 3490#ifndef ANDROID 3491 if (!wpa_s->p2p_mgmt && 3492 wpa_supplicant_delayed_sched_scan(wpa_s, 3493 interface_count % 3, 3494 100000)) 3495 wpa_supplicant_req_scan(wpa_s, interface_count % 3, 3496 100000); 3497#endif /* ANDROID */ 3498 interface_count++; 3499 } else 3500 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 3501 3502 return 0; 3503} 3504 3505 3506static int wpa_supplicant_daemon(const char *pid_file) 3507{ 3508 wpa_printf(MSG_DEBUG, "Daemonize.."); 3509 return os_daemonize(pid_file); 3510} 3511 3512 3513static struct wpa_supplicant * 3514wpa_supplicant_alloc(struct wpa_supplicant *parent) 3515{ 3516 struct wpa_supplicant *wpa_s; 3517 3518 wpa_s = os_zalloc(sizeof(*wpa_s)); 3519 if (wpa_s == NULL) 3520 return NULL; 3521 wpa_s->scan_req = INITIAL_SCAN_REQ; 3522 wpa_s->scan_interval = 5; 3523 wpa_s->new_connection = 1; 3524 wpa_s->parent = parent ? parent : wpa_s; 3525 wpa_s->p2pdev = wpa_s->parent; 3526 wpa_s->sched_scanning = 0; 3527 3528 dl_list_init(&wpa_s->bss_tmp_disallowed); 3529 3530 return wpa_s; 3531} 3532 3533 3534#ifdef CONFIG_HT_OVERRIDES 3535 3536static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, 3537 struct ieee80211_ht_capabilities *htcaps, 3538 struct ieee80211_ht_capabilities *htcaps_mask, 3539 const char *ht_mcs) 3540{ 3541 /* parse ht_mcs into hex array */ 3542 int i; 3543 const char *tmp = ht_mcs; 3544 char *end = NULL; 3545 3546 /* If ht_mcs is null, do not set anything */ 3547 if (!ht_mcs) 3548 return 0; 3549 3550 /* This is what we are setting in the kernel */ 3551 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); 3552 3553 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); 3554 3555 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { 3556 errno = 0; 3557 long v = strtol(tmp, &end, 16); 3558 if (errno == 0) { 3559 wpa_msg(wpa_s, MSG_DEBUG, 3560 "htcap value[%i]: %ld end: %p tmp: %p", 3561 i, v, end, tmp); 3562 if (end == tmp) 3563 break; 3564 3565 htcaps->supported_mcs_set[i] = v; 3566 tmp = end; 3567 } else { 3568 wpa_msg(wpa_s, MSG_ERROR, 3569 "Failed to parse ht-mcs: %s, error: %s\n", 3570 ht_mcs, strerror(errno)); 3571 return -1; 3572 } 3573 } 3574 3575 /* 3576 * If we were able to parse any values, then set mask for the MCS set. 3577 */ 3578 if (i) { 3579 os_memset(&htcaps_mask->supported_mcs_set, 0xff, 3580 IEEE80211_HT_MCS_MASK_LEN - 1); 3581 /* skip the 3 reserved bits */ 3582 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = 3583 0x1f; 3584 } 3585 3586 return 0; 3587} 3588 3589 3590static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, 3591 struct ieee80211_ht_capabilities *htcaps, 3592 struct ieee80211_ht_capabilities *htcaps_mask, 3593 int disabled) 3594{ 3595 le16 msk; 3596 3597 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); 3598 3599 if (disabled == -1) 3600 return 0; 3601 3602 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); 3603 htcaps_mask->ht_capabilities_info |= msk; 3604 if (disabled) 3605 htcaps->ht_capabilities_info &= msk; 3606 else 3607 htcaps->ht_capabilities_info |= msk; 3608 3609 return 0; 3610} 3611 3612 3613static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, 3614 struct ieee80211_ht_capabilities *htcaps, 3615 struct ieee80211_ht_capabilities *htcaps_mask, 3616 int factor) 3617{ 3618 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); 3619 3620 if (factor == -1) 3621 return 0; 3622 3623 if (factor < 0 || factor > 3) { 3624 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " 3625 "Must be 0-3 or -1", factor); 3626 return -EINVAL; 3627 } 3628 3629 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ 3630 htcaps->a_mpdu_params &= ~0x3; 3631 htcaps->a_mpdu_params |= factor & 0x3; 3632 3633 return 0; 3634} 3635 3636 3637static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, 3638 struct ieee80211_ht_capabilities *htcaps, 3639 struct ieee80211_ht_capabilities *htcaps_mask, 3640 int density) 3641{ 3642 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); 3643 3644 if (density == -1) 3645 return 0; 3646 3647 if (density < 0 || density > 7) { 3648 wpa_msg(wpa_s, MSG_ERROR, 3649 "ampdu_density: %d out of range. Must be 0-7 or -1.", 3650 density); 3651 return -EINVAL; 3652 } 3653 3654 htcaps_mask->a_mpdu_params |= 0x1C; 3655 htcaps->a_mpdu_params &= ~(0x1C); 3656 htcaps->a_mpdu_params |= (density << 2) & 0x1C; 3657 3658 return 0; 3659} 3660 3661 3662static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, 3663 struct ieee80211_ht_capabilities *htcaps, 3664 struct ieee80211_ht_capabilities *htcaps_mask, 3665 int disabled) 3666{ 3667 /* Masking these out disables HT40 */ 3668 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET | 3669 HT_CAP_INFO_SHORT_GI40MHZ); 3670 3671 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); 3672 3673 if (disabled) 3674 htcaps->ht_capabilities_info &= ~msk; 3675 else 3676 htcaps->ht_capabilities_info |= msk; 3677 3678 htcaps_mask->ht_capabilities_info |= msk; 3679 3680 return 0; 3681} 3682 3683 3684static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s, 3685 struct ieee80211_ht_capabilities *htcaps, 3686 struct ieee80211_ht_capabilities *htcaps_mask, 3687 int disabled) 3688{ 3689 /* Masking these out disables SGI */ 3690 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ | 3691 HT_CAP_INFO_SHORT_GI40MHZ); 3692 3693 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled); 3694 3695 if (disabled) 3696 htcaps->ht_capabilities_info &= ~msk; 3697 else 3698 htcaps->ht_capabilities_info |= msk; 3699 3700 htcaps_mask->ht_capabilities_info |= msk; 3701 3702 return 0; 3703} 3704 3705 3706static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s, 3707 struct ieee80211_ht_capabilities *htcaps, 3708 struct ieee80211_ht_capabilities *htcaps_mask, 3709 int disabled) 3710{ 3711 /* Masking these out disables LDPC */ 3712 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP); 3713 3714 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled); 3715 3716 if (disabled) 3717 htcaps->ht_capabilities_info &= ~msk; 3718 else 3719 htcaps->ht_capabilities_info |= msk; 3720 3721 htcaps_mask->ht_capabilities_info |= msk; 3722 3723 return 0; 3724} 3725 3726 3727void wpa_supplicant_apply_ht_overrides( 3728 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 3729 struct wpa_driver_associate_params *params) 3730{ 3731 struct ieee80211_ht_capabilities *htcaps; 3732 struct ieee80211_ht_capabilities *htcaps_mask; 3733 3734 if (!ssid) 3735 return; 3736 3737 params->disable_ht = ssid->disable_ht; 3738 if (!params->htcaps || !params->htcaps_mask) 3739 return; 3740 3741 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; 3742 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; 3743 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); 3744 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, 3745 ssid->disable_max_amsdu); 3746 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); 3747 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); 3748 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); 3749 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi); 3750 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc); 3751 3752 if (ssid->ht40_intolerant) { 3753 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT); 3754 htcaps->ht_capabilities_info |= bit; 3755 htcaps_mask->ht_capabilities_info |= bit; 3756 } 3757} 3758 3759#endif /* CONFIG_HT_OVERRIDES */ 3760 3761 3762#ifdef CONFIG_VHT_OVERRIDES 3763void wpa_supplicant_apply_vht_overrides( 3764 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 3765 struct wpa_driver_associate_params *params) 3766{ 3767 struct ieee80211_vht_capabilities *vhtcaps; 3768 struct ieee80211_vht_capabilities *vhtcaps_mask; 3769 3770 if (!ssid) 3771 return; 3772 3773 params->disable_vht = ssid->disable_vht; 3774 3775 vhtcaps = (void *) params->vhtcaps; 3776 vhtcaps_mask = (void *) params->vhtcaps_mask; 3777 3778 if (!vhtcaps || !vhtcaps_mask) 3779 return; 3780 3781 vhtcaps->vht_capabilities_info = ssid->vht_capa; 3782 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask; 3783 3784#ifdef CONFIG_HT_OVERRIDES 3785 /* if max ampdu is <= 3, we have to make the HT cap the same */ 3786 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) { 3787 int max_ampdu; 3788 3789 max_ampdu = (ssid->vht_capa & 3790 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >> 3791 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT; 3792 3793 max_ampdu = max_ampdu < 3 ? max_ampdu : 3; 3794 wpa_set_ampdu_factor(wpa_s, 3795 (void *) params->htcaps, 3796 (void *) params->htcaps_mask, 3797 max_ampdu); 3798 } 3799#endif /* CONFIG_HT_OVERRIDES */ 3800 3801#define OVERRIDE_MCS(i) \ 3802 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \ 3803 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \ 3804 3 << 2 * (i - 1); \ 3805 vhtcaps->vht_supported_mcs_set.tx_map |= \ 3806 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \ 3807 } \ 3808 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \ 3809 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \ 3810 3 << 2 * (i - 1); \ 3811 vhtcaps->vht_supported_mcs_set.rx_map |= \ 3812 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \ 3813 } 3814 3815 OVERRIDE_MCS(1); 3816 OVERRIDE_MCS(2); 3817 OVERRIDE_MCS(3); 3818 OVERRIDE_MCS(4); 3819 OVERRIDE_MCS(5); 3820 OVERRIDE_MCS(6); 3821 OVERRIDE_MCS(7); 3822 OVERRIDE_MCS(8); 3823} 3824#endif /* CONFIG_VHT_OVERRIDES */ 3825 3826 3827static int pcsc_reader_init(struct wpa_supplicant *wpa_s) 3828{ 3829#ifdef PCSC_FUNCS 3830 size_t len; 3831 3832 if (!wpa_s->conf->pcsc_reader) 3833 return 0; 3834 3835 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader); 3836 if (!wpa_s->scard) 3837 return 1; 3838 3839 if (wpa_s->conf->pcsc_pin && 3840 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) { 3841 scard_deinit(wpa_s->scard); 3842 wpa_s->scard = NULL; 3843 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed"); 3844 return -1; 3845 } 3846 3847 len = sizeof(wpa_s->imsi) - 1; 3848 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) { 3849 scard_deinit(wpa_s->scard); 3850 wpa_s->scard = NULL; 3851 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI"); 3852 return -1; 3853 } 3854 wpa_s->imsi[len] = '\0'; 3855 3856 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard); 3857 3858 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)", 3859 wpa_s->imsi, wpa_s->mnc_len); 3860 3861 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); 3862 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); 3863#endif /* PCSC_FUNCS */ 3864 3865 return 0; 3866} 3867 3868 3869int wpas_init_ext_pw(struct wpa_supplicant *wpa_s) 3870{ 3871 char *val, *pos; 3872 3873 ext_password_deinit(wpa_s->ext_pw); 3874 wpa_s->ext_pw = NULL; 3875 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL); 3876 3877 if (!wpa_s->conf->ext_password_backend) 3878 return 0; 3879 3880 val = os_strdup(wpa_s->conf->ext_password_backend); 3881 if (val == NULL) 3882 return -1; 3883 pos = os_strchr(val, ':'); 3884 if (pos) 3885 *pos++ = '\0'; 3886 3887 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val); 3888 3889 wpa_s->ext_pw = ext_password_init(val, pos); 3890 os_free(val); 3891 if (wpa_s->ext_pw == NULL) { 3892 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend"); 3893 return -1; 3894 } 3895 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw); 3896 3897 return 0; 3898} 3899 3900 3901#ifdef CONFIG_FST 3902 3903static const u8 * wpas_fst_get_bssid_cb(void *ctx) 3904{ 3905 struct wpa_supplicant *wpa_s = ctx; 3906 3907 return (is_zero_ether_addr(wpa_s->bssid) || 3908 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid; 3909} 3910 3911 3912static void wpas_fst_get_channel_info_cb(void *ctx, 3913 enum hostapd_hw_mode *hw_mode, 3914 u8 *channel) 3915{ 3916 struct wpa_supplicant *wpa_s = ctx; 3917 3918 if (wpa_s->current_bss) { 3919 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq, 3920 channel); 3921 } else if (wpa_s->hw.num_modes) { 3922 *hw_mode = wpa_s->hw.modes[0].mode; 3923 } else { 3924 WPA_ASSERT(0); 3925 *hw_mode = 0; 3926 } 3927} 3928 3929 3930static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes) 3931{ 3932 struct wpa_supplicant *wpa_s = ctx; 3933 3934 *modes = wpa_s->hw.modes; 3935 return wpa_s->hw.num_modes; 3936} 3937 3938 3939static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies) 3940{ 3941 struct wpa_supplicant *wpa_s = ctx; 3942 3943 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies); 3944 wpa_s->fst_ies = fst_ies; 3945} 3946 3947 3948static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data) 3949{ 3950 struct wpa_supplicant *wpa_s = ctx; 3951 3952 WPA_ASSERT(os_memcmp(wpa_s->bssid, da, ETH_ALEN) == 0); 3953 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, 3954 wpa_s->own_addr, wpa_s->bssid, 3955 wpabuf_head(data), wpabuf_len(data), 3956 0); 3957} 3958 3959 3960static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr) 3961{ 3962 struct wpa_supplicant *wpa_s = ctx; 3963 3964 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0); 3965 return wpa_s->received_mb_ies; 3966} 3967 3968 3969static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr, 3970 const u8 *buf, size_t size) 3971{ 3972 struct wpa_supplicant *wpa_s = ctx; 3973 struct mb_ies_info info; 3974 3975 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0); 3976 3977 if (!mb_ies_info_by_ies(&info, buf, size)) { 3978 wpabuf_free(wpa_s->received_mb_ies); 3979 wpa_s->received_mb_ies = mb_ies_by_info(&info); 3980 } 3981} 3982 3983 3984const u8 * wpas_fst_get_peer_first(void *ctx, struct fst_get_peer_ctx **get_ctx, 3985 Boolean mb_only) 3986{ 3987 struct wpa_supplicant *wpa_s = ctx; 3988 3989 *get_ctx = NULL; 3990 if (!is_zero_ether_addr(wpa_s->bssid)) 3991 return (wpa_s->received_mb_ies || !mb_only) ? 3992 wpa_s->bssid : NULL; 3993 return NULL; 3994} 3995 3996 3997const u8 * wpas_fst_get_peer_next(void *ctx, struct fst_get_peer_ctx **get_ctx, 3998 Boolean mb_only) 3999{ 4000 return NULL; 4001} 4002 4003void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s, 4004 struct fst_wpa_obj *iface_obj) 4005{ 4006 iface_obj->ctx = wpa_s; 4007 iface_obj->get_bssid = wpas_fst_get_bssid_cb; 4008 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb; 4009 iface_obj->get_hw_modes = wpas_fst_get_hw_modes; 4010 iface_obj->set_ies = wpas_fst_set_ies_cb; 4011 iface_obj->send_action = wpas_fst_send_action_cb; 4012 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb; 4013 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb; 4014 iface_obj->get_peer_first = wpas_fst_get_peer_first; 4015 iface_obj->get_peer_next = wpas_fst_get_peer_next; 4016} 4017#endif /* CONFIG_FST */ 4018 4019static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s, 4020 const struct wpa_driver_capa *capa) 4021{ 4022 struct wowlan_triggers *triggers; 4023 int ret = 0; 4024 4025 if (!wpa_s->conf->wowlan_triggers) 4026 return 0; 4027 4028 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa); 4029 if (triggers) { 4030 ret = wpa_drv_wowlan(wpa_s, triggers); 4031 os_free(triggers); 4032 } 4033 return ret; 4034} 4035 4036 4037enum wpa_radio_work_band wpas_freq_to_band(int freq) 4038{ 4039 if (freq < 3000) 4040 return BAND_2_4_GHZ; 4041 if (freq > 50000) 4042 return BAND_60_GHZ; 4043 return BAND_5_GHZ; 4044} 4045 4046 4047unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs) 4048{ 4049 int i; 4050 unsigned int band = 0; 4051 4052 if (freqs) { 4053 /* freqs are specified for the radio work */ 4054 for (i = 0; freqs[i]; i++) 4055 band |= wpas_freq_to_band(freqs[i]); 4056 } else { 4057 /* 4058 * freqs are not specified, implies all 4059 * the supported freqs by HW 4060 */ 4061 for (i = 0; i < wpa_s->hw.num_modes; i++) { 4062 if (wpa_s->hw.modes[i].num_channels != 0) { 4063 if (wpa_s->hw.modes[i].mode == 4064 HOSTAPD_MODE_IEEE80211B || 4065 wpa_s->hw.modes[i].mode == 4066 HOSTAPD_MODE_IEEE80211G) 4067 band |= BAND_2_4_GHZ; 4068 else if (wpa_s->hw.modes[i].mode == 4069 HOSTAPD_MODE_IEEE80211A) 4070 band |= BAND_5_GHZ; 4071 else if (wpa_s->hw.modes[i].mode == 4072 HOSTAPD_MODE_IEEE80211AD) 4073 band |= BAND_60_GHZ; 4074 else if (wpa_s->hw.modes[i].mode == 4075 HOSTAPD_MODE_IEEE80211ANY) 4076 band = BAND_2_4_GHZ | BAND_5_GHZ | 4077 BAND_60_GHZ; 4078 } 4079 } 4080 } 4081 4082 return band; 4083} 4084 4085 4086static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s, 4087 const char *rn) 4088{ 4089 struct wpa_supplicant *iface = wpa_s->global->ifaces; 4090 struct wpa_radio *radio; 4091 4092 while (rn && iface) { 4093 radio = iface->radio; 4094 if (radio && os_strcmp(rn, radio->name) == 0) { 4095 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s", 4096 wpa_s->ifname, rn); 4097 dl_list_add(&radio->ifaces, &wpa_s->radio_list); 4098 return radio; 4099 } 4100 4101 iface = iface->next; 4102 } 4103 4104 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s", 4105 wpa_s->ifname, rn ? rn : "N/A"); 4106 radio = os_zalloc(sizeof(*radio)); 4107 if (radio == NULL) 4108 return NULL; 4109 4110 if (rn) 4111 os_strlcpy(radio->name, rn, sizeof(radio->name)); 4112 dl_list_init(&radio->ifaces); 4113 dl_list_init(&radio->work); 4114 dl_list_add(&radio->ifaces, &wpa_s->radio_list); 4115 4116 return radio; 4117} 4118 4119 4120static void radio_work_free(struct wpa_radio_work *work) 4121{ 4122 if (work->wpa_s->scan_work == work) { 4123 /* This should not really happen. */ 4124 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work", 4125 work->type, work, work->started); 4126 work->wpa_s->scan_work = NULL; 4127 } 4128 4129#ifdef CONFIG_P2P 4130 if (work->wpa_s->p2p_scan_work == work) { 4131 /* This should not really happen. */ 4132 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work", 4133 work->type, work, work->started); 4134 work->wpa_s->p2p_scan_work = NULL; 4135 } 4136#endif /* CONFIG_P2P */ 4137 4138 if (work->started) { 4139 work->wpa_s->radio->num_active_works--; 4140 wpa_dbg(work->wpa_s, MSG_DEBUG, 4141 "radio_work_free('%s'@%p: num_active_works --> %u", 4142 work->type, work, 4143 work->wpa_s->radio->num_active_works); 4144 } 4145 4146 dl_list_del(&work->list); 4147 os_free(work); 4148} 4149 4150 4151static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio) 4152{ 4153 struct wpa_radio_work *active_work = NULL; 4154 struct wpa_radio_work *tmp; 4155 4156 /* Get the active work to know the type and band. */ 4157 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { 4158 if (tmp->started) { 4159 active_work = tmp; 4160 break; 4161 } 4162 } 4163 4164 if (!active_work) { 4165 /* No active work, start one */ 4166 radio->num_active_works = 0; 4167 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, 4168 list) { 4169 if (os_strcmp(tmp->type, "scan") == 0 && 4170 radio->external_scan_running && 4171 (((struct wpa_driver_scan_params *) 4172 tmp->ctx)->only_new_results || 4173 tmp->wpa_s->clear_driver_scan_cache)) 4174 continue; 4175 return tmp; 4176 } 4177 return NULL; 4178 } 4179 4180 if (os_strcmp(active_work->type, "sme-connect") == 0 || 4181 os_strcmp(active_work->type, "connect") == 0) { 4182 /* 4183 * If the active work is either connect or sme-connect, 4184 * do not parallelize them with other radio works. 4185 */ 4186 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 4187 "Do not parallelize radio work with %s", 4188 active_work->type); 4189 return NULL; 4190 } 4191 4192 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { 4193 if (tmp->started) 4194 continue; 4195 4196 /* 4197 * If connect or sme-connect are enqueued, parallelize only 4198 * those operations ahead of them in the queue. 4199 */ 4200 if (os_strcmp(tmp->type, "connect") == 0 || 4201 os_strcmp(tmp->type, "sme-connect") == 0) 4202 break; 4203 4204 /* 4205 * Check that the radio works are distinct and 4206 * on different bands. 4207 */ 4208 if (os_strcmp(active_work->type, tmp->type) != 0 && 4209 (active_work->bands != tmp->bands)) { 4210 /* 4211 * If a scan has to be scheduled through nl80211 scan 4212 * interface and if an external scan is already running, 4213 * do not schedule the scan since it is likely to get 4214 * rejected by kernel. 4215 */ 4216 if (os_strcmp(tmp->type, "scan") == 0 && 4217 radio->external_scan_running && 4218 (((struct wpa_driver_scan_params *) 4219 tmp->ctx)->only_new_results || 4220 tmp->wpa_s->clear_driver_scan_cache)) 4221 continue; 4222 4223 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 4224 "active_work:%s new_work:%s", 4225 active_work->type, tmp->type); 4226 return tmp; 4227 } 4228 } 4229 4230 /* Did not find a radio work to schedule in parallel. */ 4231 return NULL; 4232} 4233 4234 4235static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx) 4236{ 4237 struct wpa_radio *radio = eloop_ctx; 4238 struct wpa_radio_work *work; 4239 struct os_reltime now, diff; 4240 struct wpa_supplicant *wpa_s; 4241 4242 work = dl_list_first(&radio->work, struct wpa_radio_work, list); 4243 if (work == NULL) { 4244 radio->num_active_works = 0; 4245 return; 4246 } 4247 4248 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant, 4249 radio_list); 4250 4251 if (!(wpa_s && 4252 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) { 4253 if (work->started) 4254 return; /* already started and still in progress */ 4255 4256 if (wpa_s && wpa_s->radio->external_scan_running) { 4257 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes"); 4258 return; 4259 } 4260 } else { 4261 work = NULL; 4262 if (radio->num_active_works < MAX_ACTIVE_WORKS) { 4263 /* get the work to schedule next */ 4264 work = radio_work_get_next_work(radio); 4265 } 4266 if (!work) 4267 return; 4268 } 4269 4270 wpa_s = work->wpa_s; 4271 os_get_reltime(&now); 4272 os_reltime_sub(&now, &work->time, &diff); 4273 wpa_dbg(wpa_s, MSG_DEBUG, 4274 "Starting radio work '%s'@%p after %ld.%06ld second wait", 4275 work->type, work, diff.sec, diff.usec); 4276 work->started = 1; 4277 work->time = now; 4278 radio->num_active_works++; 4279 4280 work->cb(work, 0); 4281 4282 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) && 4283 radio->num_active_works < MAX_ACTIVE_WORKS) 4284 radio_work_check_next(wpa_s); 4285} 4286 4287 4288/* 4289 * This function removes both started and pending radio works running on 4290 * the provided interface's radio. 4291 * Prior to the removal of the radio work, its callback (cb) is called with 4292 * deinit set to be 1. Each work's callback is responsible for clearing its 4293 * internal data and restoring to a correct state. 4294 * @wpa_s: wpa_supplicant data 4295 * @type: type of works to be removed 4296 * @remove_all: 1 to remove all the works on this radio, 0 to remove only 4297 * this interface's works. 4298 */ 4299void radio_remove_works(struct wpa_supplicant *wpa_s, 4300 const char *type, int remove_all) 4301{ 4302 struct wpa_radio_work *work, *tmp; 4303 struct wpa_radio *radio = wpa_s->radio; 4304 4305 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work, 4306 list) { 4307 if (type && os_strcmp(type, work->type) != 0) 4308 continue; 4309 4310 /* skip other ifaces' works */ 4311 if (!remove_all && work->wpa_s != wpa_s) 4312 continue; 4313 4314 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s", 4315 work->type, work, work->started ? " (started)" : ""); 4316 work->cb(work, 1); 4317 radio_work_free(work); 4318 } 4319 4320 /* in case we removed the started work */ 4321 radio_work_check_next(wpa_s); 4322} 4323 4324 4325static void radio_remove_interface(struct wpa_supplicant *wpa_s) 4326{ 4327 struct wpa_radio *radio = wpa_s->radio; 4328 4329 if (!radio) 4330 return; 4331 4332 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s", 4333 wpa_s->ifname, radio->name); 4334 dl_list_del(&wpa_s->radio_list); 4335 radio_remove_works(wpa_s, NULL, 0); 4336 wpa_s->radio = NULL; 4337 if (!dl_list_empty(&radio->ifaces)) 4338 return; /* Interfaces remain for this radio */ 4339 4340 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name); 4341 eloop_cancel_timeout(radio_start_next_work, radio, NULL); 4342 os_free(radio); 4343} 4344 4345 4346void radio_work_check_next(struct wpa_supplicant *wpa_s) 4347{ 4348 struct wpa_radio *radio = wpa_s->radio; 4349 4350 if (dl_list_empty(&radio->work)) 4351 return; 4352 if (wpa_s->ext_work_in_progress) { 4353 wpa_printf(MSG_DEBUG, 4354 "External radio work in progress - delay start of pending item"); 4355 return; 4356 } 4357 eloop_cancel_timeout(radio_start_next_work, radio, NULL); 4358 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL); 4359} 4360 4361 4362/** 4363 * radio_add_work - Add a radio work item 4364 * @wpa_s: Pointer to wpa_supplicant data 4365 * @freq: Frequency of the offchannel operation in MHz or 0 4366 * @type: Unique identifier for each type of work 4367 * @next: Force as the next work to be executed 4368 * @cb: Callback function for indicating when radio is available 4369 * @ctx: Context pointer for the work (work->ctx in cb()) 4370 * Returns: 0 on success, -1 on failure 4371 * 4372 * This function is used to request time for an operation that requires 4373 * exclusive radio control. Once the radio is available, the registered callback 4374 * function will be called. radio_work_done() must be called once the exclusive 4375 * radio operation has been completed, so that the radio is freed for other 4376 * operations. The special case of deinit=1 is used to free the context data 4377 * during interface removal. That does not allow the callback function to start 4378 * the radio operation, i.e., it must free any resources allocated for the radio 4379 * work and return. 4380 * 4381 * The @freq parameter can be used to indicate a single channel on which the 4382 * offchannel operation will occur. This may allow multiple radio work 4383 * operations to be performed in parallel if they apply for the same channel. 4384 * Setting this to 0 indicates that the work item may use multiple channels or 4385 * requires exclusive control of the radio. 4386 */ 4387int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq, 4388 const char *type, int next, 4389 void (*cb)(struct wpa_radio_work *work, int deinit), 4390 void *ctx) 4391{ 4392 struct wpa_radio *radio = wpa_s->radio; 4393 struct wpa_radio_work *work; 4394 int was_empty; 4395 4396 work = os_zalloc(sizeof(*work)); 4397 if (work == NULL) 4398 return -1; 4399 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work); 4400 os_get_reltime(&work->time); 4401 work->freq = freq; 4402 work->type = type; 4403 work->wpa_s = wpa_s; 4404 work->cb = cb; 4405 work->ctx = ctx; 4406 4407 if (freq) 4408 work->bands = wpas_freq_to_band(freq); 4409 else if (os_strcmp(type, "scan") == 0 || 4410 os_strcmp(type, "p2p-scan") == 0) 4411 work->bands = wpas_get_bands(wpa_s, 4412 ((struct wpa_driver_scan_params *) 4413 ctx)->freqs); 4414 else 4415 work->bands = wpas_get_bands(wpa_s, NULL); 4416 4417 was_empty = dl_list_empty(&wpa_s->radio->work); 4418 if (next) 4419 dl_list_add(&wpa_s->radio->work, &work->list); 4420 else 4421 dl_list_add_tail(&wpa_s->radio->work, &work->list); 4422 if (was_empty) { 4423 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately"); 4424 radio_work_check_next(wpa_s); 4425 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) 4426 && radio->num_active_works < MAX_ACTIVE_WORKS) { 4427 wpa_dbg(wpa_s, MSG_DEBUG, 4428 "Try to schedule a radio work (num_active_works=%u)", 4429 radio->num_active_works); 4430 radio_work_check_next(wpa_s); 4431 } 4432 4433 return 0; 4434} 4435 4436 4437/** 4438 * radio_work_done - Indicate that a radio work item has been completed 4439 * @work: Completed work 4440 * 4441 * This function is called once the callback function registered with 4442 * radio_add_work() has completed its work. 4443 */ 4444void radio_work_done(struct wpa_radio_work *work) 4445{ 4446 struct wpa_supplicant *wpa_s = work->wpa_s; 4447 struct os_reltime now, diff; 4448 unsigned int started = work->started; 4449 4450 os_get_reltime(&now); 4451 os_reltime_sub(&now, &work->time, &diff); 4452 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds", 4453 work->type, work, started ? "done" : "canceled", 4454 diff.sec, diff.usec); 4455 radio_work_free(work); 4456 if (started) 4457 radio_work_check_next(wpa_s); 4458} 4459 4460 4461struct wpa_radio_work * 4462radio_work_pending(struct wpa_supplicant *wpa_s, const char *type) 4463{ 4464 struct wpa_radio_work *work; 4465 struct wpa_radio *radio = wpa_s->radio; 4466 4467 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { 4468 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0) 4469 return work; 4470 } 4471 4472 return NULL; 4473} 4474 4475 4476static int wpas_init_driver(struct wpa_supplicant *wpa_s, 4477 struct wpa_interface *iface) 4478{ 4479 const char *ifname, *driver, *rn; 4480 4481 driver = iface->driver; 4482next_driver: 4483 if (wpa_supplicant_set_driver(wpa_s, driver) < 0) 4484 return -1; 4485 4486 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); 4487 if (wpa_s->drv_priv == NULL) { 4488 const char *pos; 4489 pos = driver ? os_strchr(driver, ',') : NULL; 4490 if (pos) { 4491 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 4492 "driver interface - try next driver wrapper"); 4493 driver = pos + 1; 4494 goto next_driver; 4495 } 4496 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver " 4497 "interface"); 4498 return -1; 4499 } 4500 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { 4501 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " 4502 "driver_param '%s'", wpa_s->conf->driver_param); 4503 return -1; 4504 } 4505 4506 ifname = wpa_drv_get_ifname(wpa_s); 4507 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { 4508 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " 4509 "interface name with '%s'", ifname); 4510 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); 4511 } 4512 4513 rn = wpa_driver_get_radio_name(wpa_s); 4514 if (rn && rn[0] == '\0') 4515 rn = NULL; 4516 4517 wpa_s->radio = radio_add_interface(wpa_s, rn); 4518 if (wpa_s->radio == NULL) 4519 return -1; 4520 4521 return 0; 4522} 4523 4524 4525static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, 4526 struct wpa_interface *iface) 4527{ 4528 struct wpa_driver_capa capa; 4529 int capa_res; 4530 4531 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " 4532 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, 4533 iface->confname ? iface->confname : "N/A", 4534 iface->driver ? iface->driver : "default", 4535 iface->ctrl_interface ? iface->ctrl_interface : "N/A", 4536 iface->bridge_ifname ? iface->bridge_ifname : "N/A"); 4537 4538 if (iface->confname) { 4539#ifdef CONFIG_BACKEND_FILE 4540 wpa_s->confname = os_rel2abs_path(iface->confname); 4541 if (wpa_s->confname == NULL) { 4542 wpa_printf(MSG_ERROR, "Failed to get absolute path " 4543 "for configuration file '%s'.", 4544 iface->confname); 4545 return -1; 4546 } 4547 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", 4548 iface->confname, wpa_s->confname); 4549#else /* CONFIG_BACKEND_FILE */ 4550 wpa_s->confname = os_strdup(iface->confname); 4551#endif /* CONFIG_BACKEND_FILE */ 4552 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL); 4553 if (wpa_s->conf == NULL) { 4554 wpa_printf(MSG_ERROR, "Failed to read or parse " 4555 "configuration '%s'.", wpa_s->confname); 4556 return -1; 4557 } 4558 wpa_s->confanother = os_rel2abs_path(iface->confanother); 4559 wpa_config_read(wpa_s->confanother, wpa_s->conf); 4560 4561 /* 4562 * Override ctrl_interface and driver_param if set on command 4563 * line. 4564 */ 4565 if (iface->ctrl_interface) { 4566 os_free(wpa_s->conf->ctrl_interface); 4567 wpa_s->conf->ctrl_interface = 4568 os_strdup(iface->ctrl_interface); 4569 } 4570 4571 if (iface->driver_param) { 4572 os_free(wpa_s->conf->driver_param); 4573 wpa_s->conf->driver_param = 4574 os_strdup(iface->driver_param); 4575 } 4576 4577 if (iface->p2p_mgmt && !iface->ctrl_interface) { 4578 os_free(wpa_s->conf->ctrl_interface); 4579 wpa_s->conf->ctrl_interface = NULL; 4580 } 4581 } else 4582 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, 4583 iface->driver_param); 4584 4585 if (wpa_s->conf == NULL) { 4586 wpa_printf(MSG_ERROR, "\nNo configuration found."); 4587 return -1; 4588 } 4589 4590 if (iface->ifname == NULL) { 4591 wpa_printf(MSG_ERROR, "\nInterface name is required."); 4592 return -1; 4593 } 4594 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { 4595 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", 4596 iface->ifname); 4597 return -1; 4598 } 4599 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); 4600 4601 if (iface->bridge_ifname) { 4602 if (os_strlen(iface->bridge_ifname) >= 4603 sizeof(wpa_s->bridge_ifname)) { 4604 wpa_printf(MSG_ERROR, "\nToo long bridge interface " 4605 "name '%s'.", iface->bridge_ifname); 4606 return -1; 4607 } 4608 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, 4609 sizeof(wpa_s->bridge_ifname)); 4610 } 4611 4612 /* RSNA Supplicant Key Management - INITIALIZE */ 4613 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 4614 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 4615 4616 /* Initialize driver interface and register driver event handler before 4617 * L2 receive handler so that association events are processed before 4618 * EAPOL-Key packets if both become available for the same select() 4619 * call. */ 4620 if (wpas_init_driver(wpa_s, iface) < 0) 4621 return -1; 4622 4623 if (wpa_supplicant_init_wpa(wpa_s) < 0) 4624 return -1; 4625 4626 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, 4627 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : 4628 NULL); 4629 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 4630 4631 if (wpa_s->conf->dot11RSNAConfigPMKLifetime && 4632 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, 4633 wpa_s->conf->dot11RSNAConfigPMKLifetime)) { 4634 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 4635 "dot11RSNAConfigPMKLifetime"); 4636 return -1; 4637 } 4638 4639 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && 4640 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, 4641 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { 4642 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 4643 "dot11RSNAConfigPMKReauthThreshold"); 4644 return -1; 4645 } 4646 4647 if (wpa_s->conf->dot11RSNAConfigSATimeout && 4648 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, 4649 wpa_s->conf->dot11RSNAConfigSATimeout)) { 4650 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 4651 "dot11RSNAConfigSATimeout"); 4652 return -1; 4653 } 4654 4655 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, 4656 &wpa_s->hw.num_modes, 4657 &wpa_s->hw.flags); 4658 if (wpa_s->hw.modes) { 4659 u16 i; 4660 4661 for (i = 0; i < wpa_s->hw.num_modes; i++) { 4662 if (wpa_s->hw.modes[i].vht_capab) { 4663 wpa_s->hw_capab = CAPAB_VHT; 4664 break; 4665 } 4666 4667 if (wpa_s->hw.modes[i].ht_capab & 4668 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) 4669 wpa_s->hw_capab = CAPAB_HT40; 4670 else if (wpa_s->hw.modes[i].ht_capab && 4671 wpa_s->hw_capab == CAPAB_NO_HT_VHT) 4672 wpa_s->hw_capab = CAPAB_HT; 4673 } 4674 } 4675 4676 capa_res = wpa_drv_get_capa(wpa_s, &capa); 4677 if (capa_res == 0) { 4678 wpa_s->drv_capa_known = 1; 4679 wpa_s->drv_flags = capa.flags; 4680 wpa_s->drv_enc = capa.enc; 4681 wpa_s->drv_smps_modes = capa.smps_modes; 4682 wpa_s->drv_rrm_flags = capa.rrm_flags; 4683 wpa_s->probe_resp_offloads = capa.probe_resp_offloads; 4684 wpa_s->max_scan_ssids = capa.max_scan_ssids; 4685 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; 4686 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans; 4687 wpa_s->max_sched_scan_plan_interval = 4688 capa.max_sched_scan_plan_interval; 4689 wpa_s->max_sched_scan_plan_iterations = 4690 capa.max_sched_scan_plan_iterations; 4691 wpa_s->sched_scan_supported = capa.sched_scan_supported; 4692 wpa_s->max_match_sets = capa.max_match_sets; 4693 wpa_s->max_remain_on_chan = capa.max_remain_on_chan; 4694 wpa_s->max_stations = capa.max_stations; 4695 wpa_s->extended_capa = capa.extended_capa; 4696 wpa_s->extended_capa_mask = capa.extended_capa_mask; 4697 wpa_s->extended_capa_len = capa.extended_capa_len; 4698 wpa_s->num_multichan_concurrent = 4699 capa.num_multichan_concurrent; 4700 wpa_s->wmm_ac_supported = capa.wmm_ac_supported; 4701 4702 if (capa.mac_addr_rand_scan_supported) 4703 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN; 4704 if (wpa_s->sched_scan_supported && 4705 capa.mac_addr_rand_sched_scan_supported) 4706 wpa_s->mac_addr_rand_supported |= 4707 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO); 4708 } 4709 if (wpa_s->max_remain_on_chan == 0) 4710 wpa_s->max_remain_on_chan = 1000; 4711 4712 /* 4713 * Only take p2p_mgmt parameters when P2P Device is supported. 4714 * Doing it here as it determines whether l2_packet_init() will be done 4715 * during wpa_supplicant_driver_init(). 4716 */ 4717 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) 4718 wpa_s->p2p_mgmt = iface->p2p_mgmt; 4719 else 4720 iface->p2p_mgmt = 1; 4721 4722 if (wpa_s->num_multichan_concurrent == 0) 4723 wpa_s->num_multichan_concurrent = 1; 4724 4725 if (wpa_supplicant_driver_init(wpa_s) < 0) 4726 return -1; 4727 4728#ifdef CONFIG_TDLS 4729 if ((!iface->p2p_mgmt || 4730 !(wpa_s->drv_flags & 4731 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) && 4732 wpa_tdls_init(wpa_s->wpa)) 4733 return -1; 4734#endif /* CONFIG_TDLS */ 4735 4736 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && 4737 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { 4738 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); 4739 return -1; 4740 } 4741 4742#ifdef CONFIG_FST 4743 if (wpa_s->conf->fst_group_id) { 4744 struct fst_iface_cfg cfg; 4745 struct fst_wpa_obj iface_obj; 4746 4747 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj); 4748 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id, 4749 sizeof(cfg.group_id)); 4750 cfg.priority = wpa_s->conf->fst_priority; 4751 cfg.llt = wpa_s->conf->fst_llt; 4752 4753 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr, 4754 &iface_obj, &cfg); 4755 if (!wpa_s->fst) { 4756 wpa_msg(wpa_s, MSG_ERROR, 4757 "FST: Cannot attach iface %s to group %s", 4758 wpa_s->ifname, cfg.group_id); 4759 return -1; 4760 } 4761 } 4762#endif /* CONFIG_FST */ 4763 4764 if (wpas_wps_init(wpa_s)) 4765 return -1; 4766 4767 if (wpa_supplicant_init_eapol(wpa_s) < 0) 4768 return -1; 4769 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 4770 4771 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 4772 if (wpa_s->ctrl_iface == NULL) { 4773 wpa_printf(MSG_ERROR, 4774 "Failed to initialize control interface '%s'.\n" 4775 "You may have another wpa_supplicant process " 4776 "already running or the file was\n" 4777 "left by an unclean termination of wpa_supplicant " 4778 "in which case you will need\n" 4779 "to manually remove this file before starting " 4780 "wpa_supplicant again.\n", 4781 wpa_s->conf->ctrl_interface); 4782 return -1; 4783 } 4784 4785 wpa_s->gas = gas_query_init(wpa_s); 4786 if (wpa_s->gas == NULL) { 4787 wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); 4788 return -1; 4789 } 4790 4791 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) { 4792 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); 4793 return -1; 4794 } 4795 4796 if (wpa_bss_init(wpa_s) < 0) 4797 return -1; 4798 4799 /* 4800 * Set Wake-on-WLAN triggers, if configured. 4801 * Note: We don't restore/remove the triggers on shutdown (it doesn't 4802 * have effect anyway when the interface is down). 4803 */ 4804 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) 4805 return -1; 4806 4807#ifdef CONFIG_EAP_PROXY 4808{ 4809 size_t len; 4810 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi, 4811 &len); 4812 if (wpa_s->mnc_len > 0) { 4813 wpa_s->imsi[len] = '\0'; 4814 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)", 4815 wpa_s->imsi, wpa_s->mnc_len); 4816 } else { 4817 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available"); 4818 } 4819} 4820#endif /* CONFIG_EAP_PROXY */ 4821 4822 if (pcsc_reader_init(wpa_s) < 0) 4823 return -1; 4824 4825 if (wpas_init_ext_pw(wpa_s) < 0) 4826 return -1; 4827 4828 wpas_rrm_reset(wpa_s); 4829 4830 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); 4831 4832#ifdef CONFIG_HS20 4833 hs20_init(wpa_s); 4834#endif /* CONFIG_HS20 */ 4835#ifdef CONFIG_MBO 4836 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan); 4837#endif /* CONFIG_MBO */ 4838 4839 return 0; 4840} 4841 4842 4843static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, 4844 int notify, int terminate) 4845{ 4846 struct wpa_global *global = wpa_s->global; 4847 struct wpa_supplicant *iface, *prev; 4848 4849 if (wpa_s == wpa_s->parent) 4850 wpas_p2p_group_remove(wpa_s, "*"); 4851 4852 iface = global->ifaces; 4853 while (iface) { 4854 if (iface->p2pdev == wpa_s) 4855 iface->p2pdev = iface->parent; 4856 if (iface == wpa_s || iface->parent != wpa_s) { 4857 iface = iface->next; 4858 continue; 4859 } 4860 wpa_printf(MSG_DEBUG, 4861 "Remove remaining child interface %s from parent %s", 4862 iface->ifname, wpa_s->ifname); 4863 prev = iface; 4864 iface = iface->next; 4865 wpa_supplicant_remove_iface(global, prev, terminate); 4866 } 4867 4868 wpa_s->disconnected = 1; 4869 if (wpa_s->drv_priv) { 4870 wpa_supplicant_deauthenticate(wpa_s, 4871 WLAN_REASON_DEAUTH_LEAVING); 4872 4873 wpa_drv_set_countermeasures(wpa_s, 0); 4874 wpa_clear_keys(wpa_s, NULL); 4875 } 4876 4877 wpa_supplicant_cleanup(wpa_s); 4878 wpas_p2p_deinit_iface(wpa_s); 4879 4880 wpas_ctrl_radio_work_flush(wpa_s); 4881 radio_remove_interface(wpa_s); 4882 4883#ifdef CONFIG_FST 4884 if (wpa_s->fst) { 4885 fst_detach(wpa_s->fst); 4886 wpa_s->fst = NULL; 4887 } 4888 if (wpa_s->received_mb_ies) { 4889 wpabuf_free(wpa_s->received_mb_ies); 4890 wpa_s->received_mb_ies = NULL; 4891 } 4892#endif /* CONFIG_FST */ 4893 4894 if (wpa_s->drv_priv) 4895 wpa_drv_deinit(wpa_s); 4896 4897 if (notify) 4898 wpas_notify_iface_removed(wpa_s); 4899 4900 if (terminate) 4901 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); 4902 4903 if (wpa_s->ctrl_iface) { 4904 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); 4905 wpa_s->ctrl_iface = NULL; 4906 } 4907 4908#ifdef CONFIG_MESH 4909 if (wpa_s->ifmsh) { 4910 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh); 4911 wpa_s->ifmsh = NULL; 4912 } 4913#endif /* CONFIG_MESH */ 4914 4915 if (wpa_s->conf != NULL) { 4916 wpa_config_free(wpa_s->conf); 4917 wpa_s->conf = NULL; 4918 } 4919 4920 os_free(wpa_s->ssids_from_scan_req); 4921 4922 os_free(wpa_s); 4923} 4924 4925 4926#ifdef CONFIG_MATCH_IFACE 4927 4928/** 4929 * wpa_supplicant_match_iface - Match an interface description to a name 4930 * @global: Pointer to global data from wpa_supplicant_init() 4931 * @ifname: Name of the interface to match 4932 * Returns: Pointer to the created interface description or %NULL on failure 4933 */ 4934struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global, 4935 const char *ifname) 4936{ 4937 int i; 4938 struct wpa_interface *iface, *miface; 4939 4940 for (i = 0; i < global->params.match_iface_count; i++) { 4941 miface = &global->params.match_ifaces[i]; 4942 if (!miface->ifname || 4943 fnmatch(miface->ifname, ifname, 0) == 0) { 4944 iface = os_zalloc(sizeof(*iface)); 4945 if (!iface) 4946 return NULL; 4947 *iface = *miface; 4948 iface->ifname = ifname; 4949 return iface; 4950 } 4951 } 4952 4953 return NULL; 4954} 4955 4956 4957/** 4958 * wpa_supplicant_match_existing - Match existing interfaces 4959 * @global: Pointer to global data from wpa_supplicant_init() 4960 * Returns: 0 on success, -1 on failure 4961 */ 4962static int wpa_supplicant_match_existing(struct wpa_global *global) 4963{ 4964 struct if_nameindex *ifi, *ifp; 4965 struct wpa_supplicant *wpa_s; 4966 struct wpa_interface *iface; 4967 4968 ifp = if_nameindex(); 4969 if (!ifp) { 4970 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno)); 4971 return -1; 4972 } 4973 4974 for (ifi = ifp; ifi->if_name; ifi++) { 4975 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name); 4976 if (wpa_s) 4977 continue; 4978 iface = wpa_supplicant_match_iface(global, ifi->if_name); 4979 if (iface) { 4980 wpa_s = wpa_supplicant_add_iface(global, iface, NULL); 4981 os_free(iface); 4982 if (wpa_s) 4983 wpa_s->matched = 1; 4984 } 4985 } 4986 4987 if_freenameindex(ifp); 4988 return 0; 4989} 4990 4991#endif /* CONFIG_MATCH_IFACE */ 4992 4993 4994/** 4995 * wpa_supplicant_add_iface - Add a new network interface 4996 * @global: Pointer to global data from wpa_supplicant_init() 4997 * @iface: Interface configuration options 4998 * @parent: Parent interface or %NULL to assign new interface as parent 4999 * Returns: Pointer to the created interface or %NULL on failure 5000 * 5001 * This function is used to add new network interfaces for %wpa_supplicant. 5002 * This can be called before wpa_supplicant_run() to add interfaces before the 5003 * main event loop has been started. In addition, new interfaces can be added 5004 * dynamically while %wpa_supplicant is already running. This could happen, 5005 * e.g., when a hotplug network adapter is inserted. 5006 */ 5007struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, 5008 struct wpa_interface *iface, 5009 struct wpa_supplicant *parent) 5010{ 5011 struct wpa_supplicant *wpa_s; 5012 struct wpa_interface t_iface; 5013 struct wpa_ssid *ssid; 5014 5015 if (global == NULL || iface == NULL) 5016 return NULL; 5017 5018 wpa_s = wpa_supplicant_alloc(parent); 5019 if (wpa_s == NULL) 5020 return NULL; 5021 5022 wpa_s->global = global; 5023 5024 t_iface = *iface; 5025 if (global->params.override_driver) { 5026 wpa_printf(MSG_DEBUG, "Override interface parameter: driver " 5027 "('%s' -> '%s')", 5028 iface->driver, global->params.override_driver); 5029 t_iface.driver = global->params.override_driver; 5030 } 5031 if (global->params.override_ctrl_interface) { 5032 wpa_printf(MSG_DEBUG, "Override interface parameter: " 5033 "ctrl_interface ('%s' -> '%s')", 5034 iface->ctrl_interface, 5035 global->params.override_ctrl_interface); 5036 t_iface.ctrl_interface = 5037 global->params.override_ctrl_interface; 5038 } 5039 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { 5040 wpa_printf(MSG_DEBUG, "Failed to add interface %s", 5041 iface->ifname); 5042 wpa_supplicant_deinit_iface(wpa_s, 0, 0); 5043 return NULL; 5044 } 5045 5046 if (iface->p2p_mgmt == 0) { 5047 /* Notify the control interfaces about new iface */ 5048 if (wpas_notify_iface_added(wpa_s)) { 5049 wpa_supplicant_deinit_iface(wpa_s, 1, 0); 5050 return NULL; 5051 } 5052 5053 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 5054 wpas_notify_network_added(wpa_s, ssid); 5055 } 5056 5057 wpa_s->next = global->ifaces; 5058 global->ifaces = wpa_s; 5059 5060 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); 5061 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 5062 5063#ifdef CONFIG_P2P 5064 if (wpa_s->global->p2p == NULL && 5065 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled && 5066 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) && 5067 wpas_p2p_add_p2pdev_interface( 5068 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) { 5069 wpa_printf(MSG_INFO, 5070 "P2P: Failed to enable P2P Device interface"); 5071 /* Try to continue without. P2P will be disabled. */ 5072 } 5073#endif /* CONFIG_P2P */ 5074 5075 return wpa_s; 5076} 5077 5078 5079/** 5080 * wpa_supplicant_remove_iface - Remove a network interface 5081 * @global: Pointer to global data from wpa_supplicant_init() 5082 * @wpa_s: Pointer to the network interface to be removed 5083 * Returns: 0 if interface was removed, -1 if interface was not found 5084 * 5085 * This function can be used to dynamically remove network interfaces from 5086 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In 5087 * addition, this function is used to remove all remaining interfaces when 5088 * %wpa_supplicant is terminated. 5089 */ 5090int wpa_supplicant_remove_iface(struct wpa_global *global, 5091 struct wpa_supplicant *wpa_s, 5092 int terminate) 5093{ 5094 struct wpa_supplicant *prev; 5095#ifdef CONFIG_MESH 5096 unsigned int mesh_if_created = wpa_s->mesh_if_created; 5097 char *ifname = NULL; 5098#endif /* CONFIG_MESH */ 5099 5100 /* Remove interface from the global list of interfaces */ 5101 prev = global->ifaces; 5102 if (prev == wpa_s) { 5103 global->ifaces = wpa_s->next; 5104 } else { 5105 while (prev && prev->next != wpa_s) 5106 prev = prev->next; 5107 if (prev == NULL) 5108 return -1; 5109 prev->next = wpa_s->next; 5110 } 5111 5112 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); 5113 5114#ifdef CONFIG_MESH 5115 if (mesh_if_created) { 5116 ifname = os_strdup(wpa_s->ifname); 5117 if (ifname == NULL) { 5118 wpa_dbg(wpa_s, MSG_ERROR, 5119 "mesh: Failed to malloc ifname"); 5120 return -1; 5121 } 5122 } 5123#endif /* CONFIG_MESH */ 5124 5125 if (global->p2p_group_formation == wpa_s) 5126 global->p2p_group_formation = NULL; 5127 if (global->p2p_invite_group == wpa_s) 5128 global->p2p_invite_group = NULL; 5129 wpa_supplicant_deinit_iface(wpa_s, 1, terminate); 5130 5131#ifdef CONFIG_MESH 5132 if (mesh_if_created) { 5133 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname); 5134 os_free(ifname); 5135 } 5136#endif /* CONFIG_MESH */ 5137 5138 return 0; 5139} 5140 5141 5142/** 5143 * wpa_supplicant_get_eap_mode - Get the current EAP mode 5144 * @wpa_s: Pointer to the network interface 5145 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found 5146 */ 5147const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) 5148{ 5149 const char *eapol_method; 5150 5151 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && 5152 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 5153 return "NO-EAP"; 5154 } 5155 5156 eapol_method = eapol_sm_get_method_name(wpa_s->eapol); 5157 if (eapol_method == NULL) 5158 return "UNKNOWN-EAP"; 5159 5160 return eapol_method; 5161} 5162 5163 5164/** 5165 * wpa_supplicant_get_iface - Get a new network interface 5166 * @global: Pointer to global data from wpa_supplicant_init() 5167 * @ifname: Interface name 5168 * Returns: Pointer to the interface or %NULL if not found 5169 */ 5170struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, 5171 const char *ifname) 5172{ 5173 struct wpa_supplicant *wpa_s; 5174 5175 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 5176 if (os_strcmp(wpa_s->ifname, ifname) == 0) 5177 return wpa_s; 5178 } 5179 return NULL; 5180} 5181 5182 5183#ifndef CONFIG_NO_WPA_MSG 5184static const char * wpa_supplicant_msg_ifname_cb(void *ctx) 5185{ 5186 struct wpa_supplicant *wpa_s = ctx; 5187 if (wpa_s == NULL) 5188 return NULL; 5189 return wpa_s->ifname; 5190} 5191#endif /* CONFIG_NO_WPA_MSG */ 5192 5193 5194#ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL 5195#define WPA_SUPPLICANT_CLEANUP_INTERVAL 10 5196#endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */ 5197 5198/* Periodic cleanup tasks */ 5199static void wpas_periodic(void *eloop_ctx, void *timeout_ctx) 5200{ 5201 struct wpa_global *global = eloop_ctx; 5202 struct wpa_supplicant *wpa_s; 5203 5204 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, 5205 wpas_periodic, global, NULL); 5206 5207#ifdef CONFIG_P2P 5208 if (global->p2p) 5209 p2p_expire_peers(global->p2p); 5210#endif /* CONFIG_P2P */ 5211 5212 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 5213 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age); 5214#ifdef CONFIG_AP 5215 ap_periodic(wpa_s); 5216#endif /* CONFIG_AP */ 5217 } 5218} 5219 5220 5221/** 5222 * wpa_supplicant_init - Initialize %wpa_supplicant 5223 * @params: Parameters for %wpa_supplicant 5224 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure 5225 * 5226 * This function is used to initialize %wpa_supplicant. After successful 5227 * initialization, the returned data pointer can be used to add and remove 5228 * network interfaces, and eventually, to deinitialize %wpa_supplicant. 5229 */ 5230struct wpa_global * wpa_supplicant_init(struct wpa_params *params) 5231{ 5232 struct wpa_global *global; 5233 int ret, i; 5234 5235 if (params == NULL) 5236 return NULL; 5237 5238#ifdef CONFIG_DRIVER_NDIS 5239 { 5240 void driver_ndis_init_ops(void); 5241 driver_ndis_init_ops(); 5242 } 5243#endif /* CONFIG_DRIVER_NDIS */ 5244 5245#ifndef CONFIG_NO_WPA_MSG 5246 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); 5247#endif /* CONFIG_NO_WPA_MSG */ 5248 5249 if (params->wpa_debug_file_path) 5250 wpa_debug_open_file(params->wpa_debug_file_path); 5251 else 5252 wpa_debug_setup_stdout(); 5253 if (params->wpa_debug_syslog) 5254 wpa_debug_open_syslog(); 5255 if (params->wpa_debug_tracing) { 5256 ret = wpa_debug_open_linux_tracing(); 5257 if (ret) { 5258 wpa_printf(MSG_ERROR, 5259 "Failed to enable trace logging"); 5260 return NULL; 5261 } 5262 } 5263 5264 ret = eap_register_methods(); 5265 if (ret) { 5266 wpa_printf(MSG_ERROR, "Failed to register EAP methods"); 5267 if (ret == -2) 5268 wpa_printf(MSG_ERROR, "Two or more EAP methods used " 5269 "the same EAP type."); 5270 return NULL; 5271 } 5272 5273 global = os_zalloc(sizeof(*global)); 5274 if (global == NULL) 5275 return NULL; 5276 dl_list_init(&global->p2p_srv_bonjour); 5277 dl_list_init(&global->p2p_srv_upnp); 5278 global->params.daemonize = params->daemonize; 5279 global->params.wait_for_monitor = params->wait_for_monitor; 5280 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; 5281 if (params->pid_file) 5282 global->params.pid_file = os_strdup(params->pid_file); 5283 if (params->ctrl_interface) 5284 global->params.ctrl_interface = 5285 os_strdup(params->ctrl_interface); 5286 if (params->ctrl_interface_group) 5287 global->params.ctrl_interface_group = 5288 os_strdup(params->ctrl_interface_group); 5289 if (params->override_driver) 5290 global->params.override_driver = 5291 os_strdup(params->override_driver); 5292 if (params->override_ctrl_interface) 5293 global->params.override_ctrl_interface = 5294 os_strdup(params->override_ctrl_interface); 5295#ifdef CONFIG_MATCH_IFACE 5296 global->params.match_iface_count = params->match_iface_count; 5297 if (params->match_iface_count) { 5298 global->params.match_ifaces = 5299 os_calloc(params->match_iface_count, 5300 sizeof(struct wpa_interface)); 5301 os_memcpy(global->params.match_ifaces, 5302 params->match_ifaces, 5303 params->match_iface_count * 5304 sizeof(struct wpa_interface)); 5305 } 5306#endif /* CONFIG_MATCH_IFACE */ 5307#ifdef CONFIG_P2P 5308 if (params->conf_p2p_dev) 5309 global->params.conf_p2p_dev = 5310 os_strdup(params->conf_p2p_dev); 5311#endif /* CONFIG_P2P */ 5312 wpa_debug_level = global->params.wpa_debug_level = 5313 params->wpa_debug_level; 5314 wpa_debug_show_keys = global->params.wpa_debug_show_keys = 5315 params->wpa_debug_show_keys; 5316 wpa_debug_timestamp = global->params.wpa_debug_timestamp = 5317 params->wpa_debug_timestamp; 5318 5319 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR); 5320 5321 if (eloop_init()) { 5322 wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 5323 wpa_supplicant_deinit(global); 5324 return NULL; 5325 } 5326 5327 random_init(params->entropy_file); 5328 5329 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); 5330 if (global->ctrl_iface == NULL) { 5331 wpa_supplicant_deinit(global); 5332 return NULL; 5333 } 5334 5335 if (wpas_notify_supplicant_initialized(global)) { 5336 wpa_supplicant_deinit(global); 5337 return NULL; 5338 } 5339 5340 for (i = 0; wpa_drivers[i]; i++) 5341 global->drv_count++; 5342 if (global->drv_count == 0) { 5343 wpa_printf(MSG_ERROR, "No drivers enabled"); 5344 wpa_supplicant_deinit(global); 5345 return NULL; 5346 } 5347 global->drv_priv = os_calloc(global->drv_count, sizeof(void *)); 5348 if (global->drv_priv == NULL) { 5349 wpa_supplicant_deinit(global); 5350 return NULL; 5351 } 5352 5353#ifdef CONFIG_WIFI_DISPLAY 5354 if (wifi_display_init(global) < 0) { 5355 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display"); 5356 wpa_supplicant_deinit(global); 5357 return NULL; 5358 } 5359#endif /* CONFIG_WIFI_DISPLAY */ 5360 5361 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, 5362 wpas_periodic, global, NULL); 5363 5364 return global; 5365} 5366 5367 5368/** 5369 * wpa_supplicant_run - Run the %wpa_supplicant main event loop 5370 * @global: Pointer to global data from wpa_supplicant_init() 5371 * Returns: 0 after successful event loop run, -1 on failure 5372 * 5373 * This function starts the main event loop and continues running as long as 5374 * there are any remaining events. In most cases, this function is running as 5375 * long as the %wpa_supplicant process in still in use. 5376 */ 5377int wpa_supplicant_run(struct wpa_global *global) 5378{ 5379 struct wpa_supplicant *wpa_s; 5380 5381 if (global->params.daemonize && 5382 (wpa_supplicant_daemon(global->params.pid_file) || 5383 eloop_sock_requeue())) 5384 return -1; 5385 5386#ifdef CONFIG_MATCH_IFACE 5387 if (wpa_supplicant_match_existing(global)) 5388 return -1; 5389#endif 5390 5391 if (global->params.wait_for_monitor) { 5392 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) 5393 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt) 5394 wpa_supplicant_ctrl_iface_wait( 5395 wpa_s->ctrl_iface); 5396 } 5397 5398 eloop_register_signal_terminate(wpa_supplicant_terminate, global); 5399 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); 5400 5401 eloop_run(); 5402 5403 return 0; 5404} 5405 5406 5407/** 5408 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant 5409 * @global: Pointer to global data from wpa_supplicant_init() 5410 * 5411 * This function is called to deinitialize %wpa_supplicant and to free all 5412 * allocated resources. Remaining network interfaces will also be removed. 5413 */ 5414void wpa_supplicant_deinit(struct wpa_global *global) 5415{ 5416 int i; 5417 5418 if (global == NULL) 5419 return; 5420 5421 eloop_cancel_timeout(wpas_periodic, global, NULL); 5422 5423#ifdef CONFIG_WIFI_DISPLAY 5424 wifi_display_deinit(global); 5425#endif /* CONFIG_WIFI_DISPLAY */ 5426 5427 while (global->ifaces) 5428 wpa_supplicant_remove_iface(global, global->ifaces, 1); 5429 5430 if (global->ctrl_iface) 5431 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); 5432 5433 wpas_notify_supplicant_deinitialized(global); 5434 5435 eap_peer_unregister_methods(); 5436#ifdef CONFIG_AP 5437 eap_server_unregister_methods(); 5438#endif /* CONFIG_AP */ 5439 5440 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { 5441 if (!global->drv_priv[i]) 5442 continue; 5443 wpa_drivers[i]->global_deinit(global->drv_priv[i]); 5444 } 5445 os_free(global->drv_priv); 5446 5447 random_deinit(); 5448 5449 eloop_destroy(); 5450 5451 if (global->params.pid_file) { 5452 os_daemonize_terminate(global->params.pid_file); 5453 os_free(global->params.pid_file); 5454 } 5455 os_free(global->params.ctrl_interface); 5456 os_free(global->params.ctrl_interface_group); 5457 os_free(global->params.override_driver); 5458 os_free(global->params.override_ctrl_interface); 5459#ifdef CONFIG_MATCH_IFACE 5460 os_free(global->params.match_ifaces); 5461#endif /* CONFIG_MATCH_IFACE */ 5462#ifdef CONFIG_P2P 5463 os_free(global->params.conf_p2p_dev); 5464#endif /* CONFIG_P2P */ 5465 5466 os_free(global->p2p_disallow_freq.range); 5467 os_free(global->p2p_go_avoid_freq.range); 5468 os_free(global->add_psk); 5469 5470 os_free(global); 5471 wpa_debug_close_syslog(); 5472 wpa_debug_close_file(); 5473 wpa_debug_close_linux_tracing(); 5474} 5475 5476 5477void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) 5478{ 5479 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && 5480 wpa_s->conf->country[0] && wpa_s->conf->country[1]) { 5481 char country[3]; 5482 country[0] = wpa_s->conf->country[0]; 5483 country[1] = wpa_s->conf->country[1]; 5484 country[2] = '\0'; 5485 if (wpa_drv_set_country(wpa_s, country) < 0) { 5486 wpa_printf(MSG_ERROR, "Failed to set country code " 5487 "'%s'", country); 5488 } 5489 } 5490 5491 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND) 5492 wpas_init_ext_pw(wpa_s); 5493 5494 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS) 5495 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); 5496 5497#ifdef CONFIG_WPS 5498 wpas_wps_update_config(wpa_s); 5499#endif /* CONFIG_WPS */ 5500 wpas_p2p_update_config(wpa_s); 5501 wpa_s->conf->changed_parameters = 0; 5502} 5503 5504 5505void add_freq(int *freqs, int *num_freqs, int freq) 5506{ 5507 int i; 5508 5509 for (i = 0; i < *num_freqs; i++) { 5510 if (freqs[i] == freq) 5511 return; 5512 } 5513 5514 freqs[*num_freqs] = freq; 5515 (*num_freqs)++; 5516} 5517 5518 5519static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) 5520{ 5521 struct wpa_bss *bss, *cbss; 5522 const int max_freqs = 10; 5523 int *freqs; 5524 int num_freqs = 0; 5525 5526 freqs = os_calloc(max_freqs + 1, sizeof(int)); 5527 if (freqs == NULL) 5528 return NULL; 5529 5530 cbss = wpa_s->current_bss; 5531 5532 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 5533 if (bss == cbss) 5534 continue; 5535 if (bss->ssid_len == cbss->ssid_len && 5536 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && 5537 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) { 5538 add_freq(freqs, &num_freqs, bss->freq); 5539 if (num_freqs == max_freqs) 5540 break; 5541 } 5542 } 5543 5544 if (num_freqs == 0) { 5545 os_free(freqs); 5546 freqs = NULL; 5547 } 5548 5549 return freqs; 5550} 5551 5552 5553void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid) 5554{ 5555 int timeout; 5556 int count; 5557 int *freqs = NULL; 5558 5559 wpas_connect_work_done(wpa_s); 5560 5561 /* 5562 * Remove possible authentication timeout since the connection failed. 5563 */ 5564 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 5565 5566 /* 5567 * There is no point in blacklisting the AP if this event is 5568 * generated based on local request to disconnect. 5569 */ 5570 if (wpa_s->own_disconnect_req) { 5571 wpa_s->own_disconnect_req = 0; 5572 wpa_dbg(wpa_s, MSG_DEBUG, 5573 "Ignore connection failure due to local request to disconnect"); 5574 return; 5575 } 5576 if (wpa_s->disconnected) { 5577 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure " 5578 "indication since interface has been put into " 5579 "disconnected state"); 5580 return; 5581 } 5582 5583 /* 5584 * Add the failed BSSID into the blacklist and speed up next scan 5585 * attempt if there could be other APs that could accept association. 5586 * The current blacklist count indicates how many times we have tried 5587 * connecting to this AP and multiple attempts mean that other APs are 5588 * either not available or has already been tried, so that we can start 5589 * increasing the delay here to avoid constant scanning. 5590 */ 5591 count = wpa_blacklist_add(wpa_s, bssid); 5592 if (count == 1 && wpa_s->current_bss) { 5593 /* 5594 * This BSS was not in the blacklist before. If there is 5595 * another BSS available for the same ESS, we should try that 5596 * next. Otherwise, we may as well try this one once more 5597 * before allowing other, likely worse, ESSes to be considered. 5598 */ 5599 freqs = get_bss_freqs_in_ess(wpa_s); 5600 if (freqs) { 5601 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " 5602 "has been seen; try it next"); 5603 wpa_blacklist_add(wpa_s, bssid); 5604 /* 5605 * On the next scan, go through only the known channels 5606 * used in this ESS based on previous scans to speed up 5607 * common load balancing use case. 5608 */ 5609 os_free(wpa_s->next_scan_freqs); 5610 wpa_s->next_scan_freqs = freqs; 5611 } 5612 } 5613 5614 /* 5615 * Add previous failure count in case the temporary blacklist was 5616 * cleared due to no other BSSes being available. 5617 */ 5618 count += wpa_s->extra_blacklist_count; 5619 5620 if (count > 3 && wpa_s->current_ssid) { 5621 wpa_printf(MSG_DEBUG, "Continuous association failures - " 5622 "consider temporary network disabling"); 5623 wpas_auth_failed(wpa_s, "CONN_FAILED"); 5624 } 5625 5626 switch (count) { 5627 case 1: 5628 timeout = 100; 5629 break; 5630 case 2: 5631 timeout = 500; 5632 break; 5633 case 3: 5634 timeout = 1000; 5635 break; 5636 case 4: 5637 timeout = 5000; 5638 break; 5639 default: 5640 timeout = 10000; 5641 break; 5642 } 5643 5644 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d " 5645 "ms", count, timeout); 5646 5647 /* 5648 * TODO: if more than one possible AP is available in scan results, 5649 * could try the other ones before requesting a new scan. 5650 */ 5651 wpa_supplicant_req_scan(wpa_s, timeout / 1000, 5652 1000 * (timeout % 1000)); 5653} 5654 5655 5656int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) 5657{ 5658 return wpa_s->conf->ap_scan == 2 || 5659 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); 5660} 5661 5662 5663#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) 5664int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, 5665 struct wpa_ssid *ssid, 5666 const char *field, 5667 const char *value) 5668{ 5669#ifdef IEEE8021X_EAPOL 5670 struct eap_peer_config *eap = &ssid->eap; 5671 5672 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field); 5673 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value", 5674 (const u8 *) value, os_strlen(value)); 5675 5676 switch (wpa_supplicant_ctrl_req_from_string(field)) { 5677 case WPA_CTRL_REQ_EAP_IDENTITY: 5678 os_free(eap->identity); 5679 eap->identity = (u8 *) os_strdup(value); 5680 eap->identity_len = os_strlen(value); 5681 eap->pending_req_identity = 0; 5682 if (ssid == wpa_s->current_ssid) 5683 wpa_s->reassociate = 1; 5684 break; 5685 case WPA_CTRL_REQ_EAP_PASSWORD: 5686 bin_clear_free(eap->password, eap->password_len); 5687 eap->password = (u8 *) os_strdup(value); 5688 eap->password_len = os_strlen(value); 5689 eap->pending_req_password = 0; 5690 if (ssid == wpa_s->current_ssid) 5691 wpa_s->reassociate = 1; 5692 break; 5693 case WPA_CTRL_REQ_EAP_NEW_PASSWORD: 5694 bin_clear_free(eap->new_password, eap->new_password_len); 5695 eap->new_password = (u8 *) os_strdup(value); 5696 eap->new_password_len = os_strlen(value); 5697 eap->pending_req_new_password = 0; 5698 if (ssid == wpa_s->current_ssid) 5699 wpa_s->reassociate = 1; 5700 break; 5701 case WPA_CTRL_REQ_EAP_PIN: 5702 str_clear_free(eap->pin); 5703 eap->pin = os_strdup(value); 5704 eap->pending_req_pin = 0; 5705 if (ssid == wpa_s->current_ssid) 5706 wpa_s->reassociate = 1; 5707 break; 5708 case WPA_CTRL_REQ_EAP_OTP: 5709 bin_clear_free(eap->otp, eap->otp_len); 5710 eap->otp = (u8 *) os_strdup(value); 5711 eap->otp_len = os_strlen(value); 5712 os_free(eap->pending_req_otp); 5713 eap->pending_req_otp = NULL; 5714 eap->pending_req_otp_len = 0; 5715 break; 5716 case WPA_CTRL_REQ_EAP_PASSPHRASE: 5717 str_clear_free(eap->private_key_passwd); 5718 eap->private_key_passwd = os_strdup(value); 5719 eap->pending_req_passphrase = 0; 5720 if (ssid == wpa_s->current_ssid) 5721 wpa_s->reassociate = 1; 5722 break; 5723 case WPA_CTRL_REQ_SIM: 5724 str_clear_free(eap->external_sim_resp); 5725 eap->external_sim_resp = os_strdup(value); 5726 break; 5727 case WPA_CTRL_REQ_PSK_PASSPHRASE: 5728 if (wpa_config_set(ssid, "psk", value, 0) < 0) 5729 return -1; 5730 ssid->mem_only_psk = 1; 5731 if (ssid->passphrase) 5732 wpa_config_update_psk(ssid); 5733 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning) 5734 wpa_supplicant_req_scan(wpa_s, 0, 0); 5735 break; 5736 case WPA_CTRL_REQ_EXT_CERT_CHECK: 5737 if (eap->pending_ext_cert_check != PENDING_CHECK) 5738 return -1; 5739 if (os_strcmp(value, "good") == 0) 5740 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD; 5741 else if (os_strcmp(value, "bad") == 0) 5742 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD; 5743 else 5744 return -1; 5745 break; 5746 default: 5747 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field); 5748 return -1; 5749 } 5750 5751 return 0; 5752#else /* IEEE8021X_EAPOL */ 5753 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included"); 5754 return -1; 5755#endif /* IEEE8021X_EAPOL */ 5756} 5757#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */ 5758 5759 5760int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 5761{ 5762 int i; 5763 unsigned int drv_enc; 5764 5765 if (wpa_s->p2p_mgmt) 5766 return 1; /* no normal network profiles on p2p_mgmt interface */ 5767 5768 if (ssid == NULL) 5769 return 1; 5770 5771 if (ssid->disabled) 5772 return 1; 5773 5774 if (wpa_s->drv_capa_known) 5775 drv_enc = wpa_s->drv_enc; 5776 else 5777 drv_enc = (unsigned int) -1; 5778 5779 for (i = 0; i < NUM_WEP_KEYS; i++) { 5780 size_t len = ssid->wep_key_len[i]; 5781 if (len == 0) 5782 continue; 5783 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40)) 5784 continue; 5785 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104)) 5786 continue; 5787 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128)) 5788 continue; 5789 return 1; /* invalid WEP key */ 5790 } 5791 5792 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && 5793 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk && 5794 !ssid->mem_only_psk) 5795 return 1; 5796 5797 return 0; 5798} 5799 5800 5801int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 5802{ 5803#ifdef CONFIG_IEEE80211W 5804 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { 5805 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL && 5806 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) { 5807 /* 5808 * Driver does not support BIP -- ignore pmf=1 default 5809 * since the connection with PMF would fail and the 5810 * configuration does not require PMF to be enabled. 5811 */ 5812 return NO_MGMT_FRAME_PROTECTION; 5813 } 5814 5815 return wpa_s->conf->pmf; 5816 } 5817 5818 return ssid->ieee80211w; 5819#else /* CONFIG_IEEE80211W */ 5820 return NO_MGMT_FRAME_PROTECTION; 5821#endif /* CONFIG_IEEE80211W */ 5822} 5823 5824 5825int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) 5826{ 5827 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) 5828 return 1; 5829 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) 5830 return 0; 5831 return -1; 5832} 5833 5834 5835void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason) 5836{ 5837 struct wpa_ssid *ssid = wpa_s->current_ssid; 5838 int dur; 5839 struct os_reltime now; 5840 5841 if (ssid == NULL) { 5842 wpa_printf(MSG_DEBUG, "Authentication failure but no known " 5843 "SSID block"); 5844 return; 5845 } 5846 5847 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS) 5848 return; 5849 5850 ssid->auth_failures++; 5851 5852#ifdef CONFIG_P2P 5853 if (ssid->p2p_group && 5854 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) { 5855 /* 5856 * Skip the wait time since there is a short timeout on the 5857 * connection to a P2P group. 5858 */ 5859 return; 5860 } 5861#endif /* CONFIG_P2P */ 5862 5863 if (ssid->auth_failures > 50) 5864 dur = 300; 5865 else if (ssid->auth_failures > 10) 5866 dur = 120; 5867 else if (ssid->auth_failures > 5) 5868 dur = 90; 5869 else if (ssid->auth_failures > 3) 5870 dur = 60; 5871 else if (ssid->auth_failures > 2) 5872 dur = 30; 5873 else if (ssid->auth_failures > 1) 5874 dur = 20; 5875 else 5876 dur = 10; 5877 5878 if (ssid->auth_failures > 1 && 5879 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) 5880 dur += os_random() % (ssid->auth_failures * 10); 5881 5882 os_get_reltime(&now); 5883 if (now.sec + dur <= ssid->disabled_until.sec) 5884 return; 5885 5886 ssid->disabled_until.sec = now.sec + dur; 5887 5888 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED 5889 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s", 5890 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len), 5891 ssid->auth_failures, dur, reason); 5892} 5893 5894 5895void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s, 5896 struct wpa_ssid *ssid, int clear_failures) 5897{ 5898 if (ssid == NULL) 5899 return; 5900 5901 if (ssid->disabled_until.sec) { 5902 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED 5903 "id=%d ssid=\"%s\"", 5904 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 5905 } 5906 ssid->disabled_until.sec = 0; 5907 ssid->disabled_until.usec = 0; 5908 if (clear_failures) 5909 ssid->auth_failures = 0; 5910} 5911 5912 5913int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid) 5914{ 5915 size_t i; 5916 5917 if (wpa_s->disallow_aps_bssid == NULL) 5918 return 0; 5919 5920 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) { 5921 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN, 5922 bssid, ETH_ALEN) == 0) 5923 return 1; 5924 } 5925 5926 return 0; 5927} 5928 5929 5930int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, 5931 size_t ssid_len) 5932{ 5933 size_t i; 5934 5935 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL) 5936 return 0; 5937 5938 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) { 5939 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i]; 5940 if (ssid_len == s->ssid_len && 5941 os_memcmp(ssid, s->ssid, ssid_len) == 0) 5942 return 1; 5943 } 5944 5945 return 0; 5946} 5947 5948 5949/** 5950 * wpas_request_connection - Request a new connection 5951 * @wpa_s: Pointer to the network interface 5952 * 5953 * This function is used to request a new connection to be found. It will mark 5954 * the interface to allow reassociation and request a new scan to find a 5955 * suitable network to connect to. 5956 */ 5957void wpas_request_connection(struct wpa_supplicant *wpa_s) 5958{ 5959 wpa_s->normal_scans = 0; 5960 wpa_s->scan_req = NORMAL_SCAN_REQ; 5961 wpa_supplicant_reinit_autoscan(wpa_s); 5962 wpa_s->extra_blacklist_count = 0; 5963 wpa_s->disconnected = 0; 5964 wpa_s->reassociate = 1; 5965 5966 if (wpa_supplicant_fast_associate(wpa_s) != 1) 5967 wpa_supplicant_req_scan(wpa_s, 0, 0); 5968 else 5969 wpa_s->reattach = 0; 5970} 5971 5972 5973void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title, 5974 struct wpa_used_freq_data *freqs_data, 5975 unsigned int len) 5976{ 5977 unsigned int i; 5978 5979 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s", 5980 len, title); 5981 for (i = 0; i < len; i++) { 5982 struct wpa_used_freq_data *cur = &freqs_data[i]; 5983 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X", 5984 i, cur->freq, cur->flags); 5985 } 5986} 5987 5988 5989/* 5990 * Find the operating frequencies of any of the virtual interfaces that 5991 * are using the same radio as the current interface, and in addition, get 5992 * information about the interface types that are using the frequency. 5993 */ 5994int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s, 5995 struct wpa_used_freq_data *freqs_data, 5996 unsigned int len) 5997{ 5998 struct wpa_supplicant *ifs; 5999 u8 bssid[ETH_ALEN]; 6000 int freq; 6001 unsigned int idx = 0, i; 6002 6003 wpa_dbg(wpa_s, MSG_DEBUG, 6004 "Determining shared radio frequencies (max len %u)", len); 6005 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len); 6006 6007 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant, 6008 radio_list) { 6009 if (idx == len) 6010 break; 6011 6012 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0) 6013 continue; 6014 6015 if (ifs->current_ssid->mode == WPAS_MODE_AP || 6016 ifs->current_ssid->mode == WPAS_MODE_P2P_GO || 6017 ifs->current_ssid->mode == WPAS_MODE_MESH) 6018 freq = ifs->current_ssid->frequency; 6019 else if (wpa_drv_get_bssid(ifs, bssid) == 0) 6020 freq = ifs->assoc_freq; 6021 else 6022 continue; 6023 6024 /* Hold only distinct freqs */ 6025 for (i = 0; i < idx; i++) 6026 if (freqs_data[i].freq == freq) 6027 break; 6028 6029 if (i == idx) 6030 freqs_data[idx++].freq = freq; 6031 6032 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) { 6033 freqs_data[i].flags |= ifs->current_ssid->p2p_group ? 6034 WPA_FREQ_USED_BY_P2P_CLIENT : 6035 WPA_FREQ_USED_BY_INFRA_STATION; 6036 } 6037 } 6038 6039 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx); 6040 return idx; 6041} 6042 6043 6044/* 6045 * Find the operating frequencies of any of the virtual interfaces that 6046 * are using the same radio as the current interface. 6047 */ 6048int get_shared_radio_freqs(struct wpa_supplicant *wpa_s, 6049 int *freq_array, unsigned int len) 6050{ 6051 struct wpa_used_freq_data *freqs_data; 6052 int num, i; 6053 6054 os_memset(freq_array, 0, sizeof(int) * len); 6055 6056 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data)); 6057 if (!freqs_data) 6058 return -1; 6059 6060 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len); 6061 for (i = 0; i < num; i++) 6062 freq_array[i] = freqs_data[i].freq; 6063 6064 os_free(freqs_data); 6065 6066 return num; 6067} 6068 6069 6070static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx) 6071{ 6072 struct rrm_data *rrm = data; 6073 6074 if (!rrm->notify_neighbor_rep) { 6075 wpa_printf(MSG_ERROR, 6076 "RRM: Unexpected neighbor report timeout"); 6077 return; 6078 } 6079 6080 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE"); 6081 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL); 6082 6083 rrm->notify_neighbor_rep = NULL; 6084 rrm->neighbor_rep_cb_ctx = NULL; 6085} 6086 6087 6088/* 6089 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant 6090 * @wpa_s: Pointer to wpa_supplicant 6091 */ 6092void wpas_rrm_reset(struct wpa_supplicant *wpa_s) 6093{ 6094 wpa_s->rrm.rrm_used = 0; 6095 6096 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm, 6097 NULL); 6098 if (wpa_s->rrm.notify_neighbor_rep) 6099 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL); 6100 wpa_s->rrm.next_neighbor_rep_token = 1; 6101} 6102 6103 6104/* 6105 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report 6106 * @wpa_s: Pointer to wpa_supplicant 6107 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token 6108 * @report_len: Length of neighbor report buffer 6109 */ 6110void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s, 6111 const u8 *report, size_t report_len) 6112{ 6113 struct wpabuf *neighbor_rep; 6114 6115 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len); 6116 if (report_len < 1) 6117 return; 6118 6119 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) { 6120 wpa_printf(MSG_DEBUG, 6121 "RRM: Discarding neighbor report with token %d (expected %d)", 6122 report[0], wpa_s->rrm.next_neighbor_rep_token - 1); 6123 return; 6124 } 6125 6126 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm, 6127 NULL); 6128 6129 if (!wpa_s->rrm.notify_neighbor_rep) { 6130 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report"); 6131 return; 6132 } 6133 6134 /* skipping the first byte, which is only an id (dialog token) */ 6135 neighbor_rep = wpabuf_alloc(report_len - 1); 6136 if (neighbor_rep == NULL) 6137 return; 6138 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1); 6139 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)", 6140 report[0]); 6141 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx, 6142 neighbor_rep); 6143 wpa_s->rrm.notify_neighbor_rep = NULL; 6144 wpa_s->rrm.neighbor_rep_cb_ctx = NULL; 6145} 6146 6147 6148#if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS) 6149/* Workaround different, undefined for Windows, error codes used here */ 6150#define ENOTCONN -1 6151#define EOPNOTSUPP -1 6152#define ECANCELED -1 6153#endif 6154 6155/** 6156 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP 6157 * @wpa_s: Pointer to wpa_supplicant 6158 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE 6159 * is sent in the request. 6160 * @cb: Callback function to be called once the requested report arrives, or 6161 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds. 6162 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's 6163 * the requester's responsibility to free it. 6164 * In the latter case NULL will be sent in 'neighbor_rep'. 6165 * @cb_ctx: Context value to send the callback function 6166 * Returns: 0 in case of success, negative error code otherwise 6167 * 6168 * In case there is a previous request which has not been answered yet, the 6169 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT. 6170 * Request must contain a callback function. 6171 */ 6172int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s, 6173 const struct wpa_ssid *ssid, 6174 void (*cb)(void *ctx, 6175 struct wpabuf *neighbor_rep), 6176 void *cb_ctx) 6177{ 6178 struct wpabuf *buf; 6179 const u8 *rrm_ie; 6180 6181 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) { 6182 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM."); 6183 return -ENOTCONN; 6184 } 6185 6186 if (!wpa_s->rrm.rrm_used) { 6187 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection."); 6188 return -EOPNOTSUPP; 6189 } 6190 6191 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss, 6192 WLAN_EID_RRM_ENABLED_CAPABILITIES); 6193 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) || 6194 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) { 6195 wpa_printf(MSG_DEBUG, 6196 "RRM: No network support for Neighbor Report."); 6197 return -EOPNOTSUPP; 6198 } 6199 6200 if (!cb) { 6201 wpa_printf(MSG_DEBUG, 6202 "RRM: Neighbor Report request must provide a callback."); 6203 return -EINVAL; 6204 } 6205 6206 /* Refuse if there's a live request */ 6207 if (wpa_s->rrm.notify_neighbor_rep) { 6208 wpa_printf(MSG_DEBUG, 6209 "RRM: Currently handling previous Neighbor Report."); 6210 return -EBUSY; 6211 } 6212 6213 /* 3 = action category + action code + dialog token */ 6214 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0)); 6215 if (buf == NULL) { 6216 wpa_printf(MSG_DEBUG, 6217 "RRM: Failed to allocate Neighbor Report Request"); 6218 return -ENOMEM; 6219 } 6220 6221 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d", 6222 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""), 6223 wpa_s->rrm.next_neighbor_rep_token); 6224 6225 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT); 6226 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST); 6227 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token); 6228 if (ssid) { 6229 wpabuf_put_u8(buf, WLAN_EID_SSID); 6230 wpabuf_put_u8(buf, ssid->ssid_len); 6231 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len); 6232 } 6233 6234 wpa_s->rrm.next_neighbor_rep_token++; 6235 6236 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, 6237 wpa_s->own_addr, wpa_s->bssid, 6238 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) { 6239 wpa_printf(MSG_DEBUG, 6240 "RRM: Failed to send Neighbor Report Request"); 6241 wpabuf_free(buf); 6242 return -ECANCELED; 6243 } 6244 6245 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx; 6246 wpa_s->rrm.notify_neighbor_rep = cb; 6247 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0, 6248 wpas_rrm_neighbor_rep_timeout_handler, 6249 &wpa_s->rrm, NULL); 6250 6251 wpabuf_free(buf); 6252 return 0; 6253} 6254 6255 6256void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s, 6257 const u8 *src, 6258 const u8 *frame, size_t len, 6259 int rssi) 6260{ 6261 struct wpabuf *buf; 6262 const struct rrm_link_measurement_request *req; 6263 struct rrm_link_measurement_report report; 6264 6265 if (wpa_s->wpa_state != WPA_COMPLETED) { 6266 wpa_printf(MSG_INFO, 6267 "RRM: Ignoring link measurement request. Not associated"); 6268 return; 6269 } 6270 6271 if (!wpa_s->rrm.rrm_used) { 6272 wpa_printf(MSG_INFO, 6273 "RRM: Ignoring link measurement request. Not RRM network"); 6274 return; 6275 } 6276 6277 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) { 6278 wpa_printf(MSG_INFO, 6279 "RRM: Measurement report failed. TX power insertion not supported"); 6280 return; 6281 } 6282 6283 req = (const struct rrm_link_measurement_request *) frame; 6284 if (len < sizeof(*req)) { 6285 wpa_printf(MSG_INFO, 6286 "RRM: Link measurement report failed. Request too short"); 6287 return; 6288 } 6289 6290 os_memset(&report, 0, sizeof(report)); 6291 report.tpc.eid = WLAN_EID_TPC_REPORT; 6292 report.tpc.len = 2; 6293 report.rsni = 255; /* 255 indicates that RSNI is not available */ 6294 report.dialog_token = req->dialog_token; 6295 6296 /* 6297 * It's possible to estimate RCPI based on RSSI in dBm. This 6298 * calculation will not reflect the correct value for high rates, 6299 * but it's good enough for Action frames which are transmitted 6300 * with up to 24 Mbps rates. 6301 */ 6302 if (!rssi) 6303 report.rcpi = 255; /* not available */ 6304 else if (rssi < -110) 6305 report.rcpi = 0; 6306 else if (rssi > 0) 6307 report.rcpi = 220; 6308 else 6309 report.rcpi = (rssi + 110) * 2; 6310 6311 /* action_category + action_code */ 6312 buf = wpabuf_alloc(2 + sizeof(report)); 6313 if (buf == NULL) { 6314 wpa_printf(MSG_ERROR, 6315 "RRM: Link measurement report failed. Buffer allocation failed"); 6316 return; 6317 } 6318 6319 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT); 6320 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT); 6321 wpabuf_put_data(buf, &report, sizeof(report)); 6322 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:", 6323 wpabuf_head(buf), wpabuf_len(buf)); 6324 6325 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src, 6326 wpa_s->own_addr, wpa_s->bssid, 6327 wpabuf_head(buf), wpabuf_len(buf), 0)) { 6328 wpa_printf(MSG_ERROR, 6329 "RRM: Link measurement report failed. Send action failed"); 6330 } 6331 wpabuf_free(buf); 6332} 6333 6334 6335struct wpa_supplicant * 6336wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame) 6337{ 6338 switch (frame) { 6339#ifdef CONFIG_P2P 6340 case VENDOR_ELEM_PROBE_REQ_P2P: 6341 case VENDOR_ELEM_PROBE_RESP_P2P: 6342 case VENDOR_ELEM_PROBE_RESP_P2P_GO: 6343 case VENDOR_ELEM_BEACON_P2P_GO: 6344 case VENDOR_ELEM_P2P_PD_REQ: 6345 case VENDOR_ELEM_P2P_PD_RESP: 6346 case VENDOR_ELEM_P2P_GO_NEG_REQ: 6347 case VENDOR_ELEM_P2P_GO_NEG_RESP: 6348 case VENDOR_ELEM_P2P_GO_NEG_CONF: 6349 case VENDOR_ELEM_P2P_INV_REQ: 6350 case VENDOR_ELEM_P2P_INV_RESP: 6351 case VENDOR_ELEM_P2P_ASSOC_REQ: 6352 case VENDOR_ELEM_P2P_ASSOC_RESP: 6353 return wpa_s->p2pdev; 6354#endif /* CONFIG_P2P */ 6355 default: 6356 return wpa_s; 6357 } 6358} 6359 6360 6361void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s) 6362{ 6363 unsigned int i; 6364 char buf[30]; 6365 6366 wpa_printf(MSG_DEBUG, "Update vendor elements"); 6367 6368 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { 6369 if (wpa_s->vendor_elem[i]) { 6370 int res; 6371 6372 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i); 6373 if (!os_snprintf_error(sizeof(buf), res)) { 6374 wpa_hexdump_buf(MSG_DEBUG, buf, 6375 wpa_s->vendor_elem[i]); 6376 } 6377 } 6378 } 6379 6380#ifdef CONFIG_P2P 6381 if (wpa_s->parent == wpa_s && 6382 wpa_s->global->p2p && 6383 !wpa_s->global->p2p_disabled) 6384 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem); 6385#endif /* CONFIG_P2P */ 6386} 6387 6388 6389int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame, 6390 const u8 *elem, size_t len) 6391{ 6392 u8 *ie, *end; 6393 6394 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]); 6395 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]); 6396 6397 for (; ie + 1 < end; ie += 2 + ie[1]) { 6398 if (ie + len > end) 6399 break; 6400 if (os_memcmp(ie, elem, len) != 0) 6401 continue; 6402 6403 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) { 6404 wpabuf_free(wpa_s->vendor_elem[frame]); 6405 wpa_s->vendor_elem[frame] = NULL; 6406 } else { 6407 os_memmove(ie, ie + len, end - (ie + len)); 6408 wpa_s->vendor_elem[frame]->used -= len; 6409 } 6410 wpas_vendor_elem_update(wpa_s); 6411 return 0; 6412 } 6413 6414 return -1; 6415} 6416 6417 6418struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes, 6419 u16 num_modes, enum hostapd_hw_mode mode) 6420{ 6421 u16 i; 6422 6423 for (i = 0; i < num_modes; i++) { 6424 if (modes[i].mode == mode) 6425 return &modes[i]; 6426 } 6427 6428 return NULL; 6429} 6430 6431 6432static struct 6433wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s, 6434 const u8 *bssid) 6435{ 6436 struct wpa_bss_tmp_disallowed *bss; 6437 6438 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed, 6439 struct wpa_bss_tmp_disallowed, list) { 6440 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0) 6441 return bss; 6442 } 6443 6444 return NULL; 6445} 6446 6447 6448void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid, 6449 unsigned int sec) 6450{ 6451 struct wpa_bss_tmp_disallowed *bss; 6452 struct os_reltime until; 6453 6454 os_get_reltime(&until); 6455 until.sec += sec; 6456 6457 bss = wpas_get_disallowed_bss(wpa_s, bssid); 6458 if (bss) { 6459 bss->disallowed_until = until; 6460 return; 6461 } 6462 6463 bss = os_malloc(sizeof(*bss)); 6464 if (!bss) { 6465 wpa_printf(MSG_DEBUG, 6466 "Failed to allocate memory for temp disallow BSS"); 6467 return; 6468 } 6469 6470 bss->disallowed_until = until; 6471 os_memcpy(bss->bssid, bssid, ETH_ALEN); 6472 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list); 6473} 6474 6475 6476int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, const u8 *bssid) 6477{ 6478 struct wpa_bss_tmp_disallowed *bss = NULL, *tmp, *prev; 6479 struct os_reltime now, age; 6480 6481 os_get_reltime(&now); 6482 6483 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed, 6484 struct wpa_bss_tmp_disallowed, list) { 6485 if (!os_reltime_before(&now, &tmp->disallowed_until)) { 6486 /* This BSS is not disallowed anymore */ 6487 dl_list_del(&tmp->list); 6488 os_free(tmp); 6489 continue; 6490 } 6491 if (os_memcmp(bssid, tmp->bssid, ETH_ALEN) == 0) { 6492 bss = tmp; 6493 break; 6494 } 6495 } 6496 if (!bss) 6497 return 0; 6498 6499 os_reltime_sub(&bss->disallowed_until, &now, &age); 6500 wpa_printf(MSG_DEBUG, 6501 "BSS " MACSTR " disabled for %ld.%0ld seconds", 6502 MAC2STR(bss->bssid), age.sec, age.usec); 6503 return 1; 6504} 6505