3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
37 #include "blacklist.h"
38 #include "wpas_glue.h"
39 #include "wps_supplicant.h"
42 #include "gas_query.h"
44 #include "p2p_supplicant.h"
45 #include "wifi_display.h"
51 #include "offchannel.h"
52 #include "hs20_supplicant.h"
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 " notice, this list of conditions and the following disclaimer.\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 " notice, this list of conditions and the following disclaimer in the\n"
85 " documentation and/or other materials provided with the distribution.\n"
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 " names of its contributors may be used to endorse or promote products\n"
90 " derived from this software without specific prior written permission.\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 /* Configure default/group WEP keys for static WEP */
108 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
112 for (i = 0; i < NUM_WEP_KEYS; i++) {
113 if (ssid->wep_key_len[i] == 0)
117 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
118 i, i == ssid->wep_tx_keyidx, NULL, 0,
119 ssid->wep_key[i], ssid->wep_key_len[i]);
126 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
127 struct wpa_ssid *ssid)
134 /* IBSS/WPA-None uses only one key (Group) for both receiving and
135 * sending unicast and multicast packets. */
137 if (ssid->mode != WPAS_MODE_IBSS) {
138 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
139 "IBSS/ad-hoc) for WPA-None", ssid->mode);
143 if (!ssid->psk_set) {
144 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
149 switch (wpa_s->group_cipher) {
150 case WPA_CIPHER_CCMP:
151 os_memcpy(key, ssid->psk, 16);
155 case WPA_CIPHER_GCMP:
156 os_memcpy(key, ssid->psk, 16);
160 case WPA_CIPHER_TKIP:
161 /* WPA-None uses the same Michael MIC key for both TX and RX */
162 os_memcpy(key, ssid->psk, 16 + 8);
163 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
168 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
169 "WPA-None", wpa_s->group_cipher);
173 /* TODO: should actually remember the previously used seq#, both for TX
174 * and RX from each STA.. */
176 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
180 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
182 struct wpa_supplicant *wpa_s = eloop_ctx;
183 const u8 *bssid = wpa_s->bssid;
184 if (is_zero_ether_addr(bssid))
185 bssid = wpa_s->pending_bssid;
186 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
188 wpa_blacklist_add(wpa_s, bssid);
189 wpa_sm_notify_disassoc(wpa_s->wpa);
190 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
191 wpa_s->reassociate = 1;
194 * If we timed out, the AP or the local radio may be busy.
195 * So, wait a second until scanning again.
197 wpa_supplicant_req_scan(wpa_s, 1, 0);
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
207 * This function is used to schedule a timeout for the current authentication
210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
213 if (wpa_s->conf->ap_scan == 0 &&
214 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
217 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
218 "%d usec", sec, usec);
219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
234 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236 wpa_blacklist_del(wpa_s, wpa_s->bssid);
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
249 #ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf;
251 struct wpa_ssid *ssid = wpa_s->current_ssid;
253 #ifdef CONFIG_IBSS_RSN
254 if (ssid->mode == WPAS_MODE_IBSS &&
255 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
256 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
258 * RSN IBSS authentication is per-STA and we can disable the
259 * per-BSSID EAPOL authentication.
261 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
266 #endif /* CONFIG_IBSS_RSN */
268 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
272 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
273 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
275 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
277 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
279 eapol_conf.accept_802_1x_keys = 1;
280 eapol_conf.required_keys = 0;
281 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
282 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
284 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
285 eapol_conf.required_keys |=
286 EAPOL_REQUIRE_KEY_BROADCAST;
289 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
290 eapol_conf.required_keys = 0;
292 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
293 eapol_conf.workaround = ssid->eap_workaround;
294 eapol_conf.eap_disabled =
295 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
296 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
297 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
298 eapol_conf.external_sim = wpa_s->conf->external_sim;
299 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
300 #endif /* IEEE8021X_EAPOL */
305 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306 * @wpa_s: Pointer to wpa_supplicant data
307 * @ssid: Configuration data for the network
309 * This function is used to configure WPA state machine and related parameters
310 * to a mode where WPA is not enabled. This is called as part of the
311 * authentication configuration when the selected network does not use WPA.
313 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
314 struct wpa_ssid *ssid)
318 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
319 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
320 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
321 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
323 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
324 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
325 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
326 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
327 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
328 wpa_s->group_cipher = WPA_CIPHER_NONE;
329 wpa_s->mgmt_group_cipher = 0;
331 for (i = 0; i < NUM_WEP_KEYS; i++) {
332 if (ssid->wep_key_len[i] > 5) {
333 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
334 wpa_s->group_cipher = WPA_CIPHER_WEP104;
336 } else if (ssid->wep_key_len[i] > 0) {
337 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
338 wpa_s->group_cipher = WPA_CIPHER_WEP40;
343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
344 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
345 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
346 wpa_s->pairwise_cipher);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
348 #ifdef CONFIG_IEEE80211W
349 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
350 wpa_s->mgmt_group_cipher);
351 #endif /* CONFIG_IEEE80211W */
353 pmksa_cache_clear_current(wpa_s->wpa);
357 void free_hw_features(struct wpa_supplicant *wpa_s)
360 if (wpa_s->hw.modes == NULL)
363 for (i = 0; i < wpa_s->hw.num_modes; i++) {
364 os_free(wpa_s->hw.modes[i].channels);
365 os_free(wpa_s->hw.modes[i].rates);
368 os_free(wpa_s->hw.modes);
369 wpa_s->hw.modes = NULL;
373 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
375 bgscan_deinit(wpa_s);
376 autoscan_deinit(wpa_s);
377 scard_deinit(wpa_s->scard);
379 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
380 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
381 l2_packet_deinit(wpa_s->l2);
384 l2_packet_deinit(wpa_s->l2_br);
388 if (wpa_s->conf != NULL) {
389 struct wpa_ssid *ssid;
390 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
391 wpas_notify_network_removed(wpa_s, ssid);
394 os_free(wpa_s->confname);
395 wpa_s->confname = NULL;
397 os_free(wpa_s->confanother);
398 wpa_s->confanother = NULL;
400 wpa_sm_set_eapol(wpa_s->wpa, NULL);
401 eapol_sm_deinit(wpa_s->eapol);
404 rsn_preauth_deinit(wpa_s->wpa);
407 wpa_tdls_deinit(wpa_s->wpa);
408 #endif /* CONFIG_TDLS */
410 pmksa_candidate_free(wpa_s->wpa);
411 wpa_sm_deinit(wpa_s->wpa);
413 wpa_blacklist_clear(wpa_s);
415 wpa_bss_deinit(wpa_s);
417 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
418 wpa_supplicant_cancel_scan(wpa_s);
419 wpa_supplicant_cancel_auth_timeout(wpa_s);
420 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
421 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
422 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
424 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
426 wpas_wps_deinit(wpa_s);
428 wpabuf_free(wpa_s->pending_eapol_rx);
429 wpa_s->pending_eapol_rx = NULL;
431 #ifdef CONFIG_IBSS_RSN
432 ibss_rsn_deinit(wpa_s->ibss_rsn);
433 wpa_s->ibss_rsn = NULL;
434 #endif /* CONFIG_IBSS_RSN */
439 wpa_supplicant_ap_deinit(wpa_s);
440 #endif /* CONFIG_AP */
443 wpas_p2p_deinit(wpa_s);
444 #endif /* CONFIG_P2P */
446 #ifdef CONFIG_OFFCHANNEL
447 offchannel_deinit(wpa_s);
448 #endif /* CONFIG_OFFCHANNEL */
450 wpa_supplicant_cancel_sched_scan(wpa_s);
452 os_free(wpa_s->next_scan_freqs);
453 wpa_s->next_scan_freqs = NULL;
455 os_free(wpa_s->manual_scan_freqs);
456 wpa_s->manual_scan_freqs = NULL;
458 gas_query_deinit(wpa_s->gas);
461 free_hw_features(wpa_s);
463 os_free(wpa_s->bssid_filter);
464 wpa_s->bssid_filter = NULL;
466 os_free(wpa_s->disallow_aps_bssid);
467 wpa_s->disallow_aps_bssid = NULL;
468 os_free(wpa_s->disallow_aps_ssid);
469 wpa_s->disallow_aps_ssid = NULL;
471 wnm_bss_keep_alive_deinit(wpa_s);
473 wnm_deallocate_memory(wpa_s);
474 #endif /* CONFIG_WNM */
476 ext_password_deinit(wpa_s->ext_pw);
477 wpa_s->ext_pw = NULL;
479 wpabuf_free(wpa_s->last_gas_resp);
480 wpa_s->last_gas_resp = NULL;
481 wpabuf_free(wpa_s->prev_gas_resp);
482 wpa_s->prev_gas_resp = NULL;
484 os_free(wpa_s->last_scan_res);
485 wpa_s->last_scan_res = NULL;
490 * wpa_clear_keys - Clear keys configured for the driver
491 * @wpa_s: Pointer to wpa_supplicant data
492 * @addr: Previously used BSSID or %NULL if not available
494 * This function clears the encryption keys that has been previously configured
497 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
501 #ifdef CONFIG_IEEE80211W
503 #else /* CONFIG_IEEE80211W */
505 #endif /* CONFIG_IEEE80211W */
507 /* MLME-DELETEKEYS.request */
508 for (i = 0; i < max; i++) {
509 if (wpa_s->keys_cleared & BIT(i))
511 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
514 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
515 !is_zero_ether_addr(addr)) {
516 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
518 /* MLME-SETPROTECTION.request(None) */
519 wpa_drv_mlme_setprotection(
521 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
522 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
524 wpa_s->keys_cleared = (u32) -1;
529 * wpa_supplicant_state_txt - Get the connection state name as a text string
530 * @state: State (wpa_state; WPA_*)
531 * Returns: The state name as a printable text string
533 const char * wpa_supplicant_state_txt(enum wpa_states state)
536 case WPA_DISCONNECTED:
537 return "DISCONNECTED";
540 case WPA_INTERFACE_DISABLED:
541 return "INTERFACE_DISABLED";
544 case WPA_AUTHENTICATING:
545 return "AUTHENTICATING";
546 case WPA_ASSOCIATING:
547 return "ASSOCIATING";
550 case WPA_4WAY_HANDSHAKE:
551 return "4WAY_HANDSHAKE";
552 case WPA_GROUP_HANDSHAKE:
553 return "GROUP_HANDSHAKE";
564 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
568 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
569 name = wpa_s->current_ssid->bgscan;
571 name = wpa_s->conf->bgscan;
574 if (wpas_driver_bss_selection(wpa_s))
576 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
579 bgscan_deinit(wpa_s);
580 if (wpa_s->current_ssid) {
581 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
582 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
585 * Live without bgscan; it is only used as a roaming
586 * optimization, so the initial connection is not
590 struct wpa_scan_results *scan_res;
591 wpa_s->bgscan_ssid = wpa_s->current_ssid;
592 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
595 bgscan_notify_scan(wpa_s, scan_res);
596 wpa_scan_results_free(scan_res);
600 wpa_s->bgscan_ssid = NULL;
604 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
606 if (wpa_s->bgscan_ssid != NULL) {
607 bgscan_deinit(wpa_s);
608 wpa_s->bgscan_ssid = NULL;
612 #endif /* CONFIG_BGSCAN */
615 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
617 if (autoscan_init(wpa_s, 0))
618 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
622 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
624 autoscan_deinit(wpa_s);
628 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
630 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
631 wpa_s->wpa_state == WPA_SCANNING) {
632 autoscan_deinit(wpa_s);
633 wpa_supplicant_start_autoscan(wpa_s);
639 * wpa_supplicant_set_state - Set current connection state
640 * @wpa_s: Pointer to wpa_supplicant data
641 * @state: The new connection state
643 * This function is called whenever the connection state changes, e.g.,
644 * association is completed for WPA/WPA2 4-Way Handshake is started.
646 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
647 enum wpa_states state)
649 enum wpa_states old_state = wpa_s->wpa_state;
651 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
652 wpa_supplicant_state_txt(wpa_s->wpa_state),
653 wpa_supplicant_state_txt(state));
655 if (state == WPA_INTERFACE_DISABLED) {
656 /* Assure normal scan when interface is restored */
657 wpa_s->normal_scans = 0;
660 if (state == WPA_COMPLETED)
661 wpas_connect_work_done(wpa_s);
663 if (state != WPA_SCANNING)
664 wpa_supplicant_notify_scanning(wpa_s, 0);
666 if (state == WPA_COMPLETED && wpa_s->new_connection) {
667 struct wpa_ssid *ssid = wpa_s->current_ssid;
668 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
669 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
670 MACSTR " completed [id=%d id_str=%s]",
671 MAC2STR(wpa_s->bssid),
672 ssid ? ssid->id : -1,
673 ssid && ssid->id_str ? ssid->id_str : "");
674 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
675 wpas_clear_temp_disabled(wpa_s, ssid, 1);
676 wpa_s->extra_blacklist_count = 0;
677 wpa_s->new_connection = 0;
678 wpa_drv_set_operstate(wpa_s, 1);
679 #ifndef IEEE8021X_EAPOL
680 wpa_drv_set_supp_port(wpa_s, 1);
681 #endif /* IEEE8021X_EAPOL */
682 wpa_s->after_wps = 0;
683 wpa_s->known_wps_freq = 0;
685 wpas_p2p_completed(wpa_s);
686 #endif /* CONFIG_P2P */
688 sme_sched_obss_scan(wpa_s, 1);
689 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
690 state == WPA_ASSOCIATED) {
691 wpa_s->new_connection = 1;
692 wpa_drv_set_operstate(wpa_s, 0);
693 #ifndef IEEE8021X_EAPOL
694 wpa_drv_set_supp_port(wpa_s, 0);
695 #endif /* IEEE8021X_EAPOL */
696 sme_sched_obss_scan(wpa_s, 0);
698 wpa_s->wpa_state = state;
701 if (state == WPA_COMPLETED)
702 wpa_supplicant_start_bgscan(wpa_s);
703 else if (state < WPA_ASSOCIATED)
704 wpa_supplicant_stop_bgscan(wpa_s);
705 #endif /* CONFIG_BGSCAN */
707 if (state == WPA_AUTHENTICATING)
708 wpa_supplicant_stop_autoscan(wpa_s);
710 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
711 wpa_supplicant_start_autoscan(wpa_s);
713 if (wpa_s->wpa_state != old_state) {
714 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
716 if (wpa_s->wpa_state == WPA_COMPLETED ||
717 old_state == WPA_COMPLETED)
718 wpas_notify_auth_changed(wpa_s);
723 void wpa_supplicant_terminate_proc(struct wpa_global *global)
727 struct wpa_supplicant *wpa_s = global->ifaces;
729 struct wpa_supplicant *next = wpa_s->next;
731 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
732 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
733 wpas_p2p_disconnect(wpa_s);
734 #endif /* CONFIG_P2P */
735 if (wpas_wps_terminate_pending(wpa_s) == 1)
739 #endif /* CONFIG_WPS */
746 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
748 struct wpa_global *global = signal_ctx;
749 wpa_supplicant_terminate_proc(global);
753 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
755 enum wpa_states old_state = wpa_s->wpa_state;
757 wpa_s->pairwise_cipher = 0;
758 wpa_s->group_cipher = 0;
759 wpa_s->mgmt_group_cipher = 0;
761 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
762 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
764 if (wpa_s->wpa_state != old_state)
765 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
770 * wpa_supplicant_reload_configuration - Reload configuration data
771 * @wpa_s: Pointer to wpa_supplicant data
772 * Returns: 0 on success or -1 if configuration parsing failed
774 * This function can be used to request that the configuration data is reloaded
775 * (e.g., after configuration file change). This function is reloading
776 * configuration only for one interface, so this may need to be called multiple
777 * times if %wpa_supplicant is controlling multiple interfaces and all
778 * interfaces need reconfiguration.
780 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
782 struct wpa_config *conf;
786 if (wpa_s->confname == NULL)
788 conf = wpa_config_read(wpa_s->confname, NULL);
790 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
791 "file '%s' - exiting", wpa_s->confname);
794 wpa_config_read(wpa_s->confanother, conf);
796 conf->changed_parameters = (unsigned int) -1;
798 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
799 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
800 os_strcmp(conf->ctrl_interface,
801 wpa_s->conf->ctrl_interface) != 0);
803 if (reconf_ctrl && wpa_s->ctrl_iface) {
804 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
805 wpa_s->ctrl_iface = NULL;
808 eapol_sm_invalidate_cached_session(wpa_s->eapol);
809 if (wpa_s->current_ssid) {
810 wpa_supplicant_deauthenticate(wpa_s,
811 WLAN_REASON_DEAUTH_LEAVING);
815 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
816 * pkcs11_engine_path, pkcs11_module_path.
818 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
820 * Clear forced success to clear EAP state for next
823 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
825 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
826 wpa_sm_set_config(wpa_s->wpa, NULL);
827 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
828 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
829 rsn_preauth_deinit(wpa_s->wpa);
831 old_ap_scan = wpa_s->conf->ap_scan;
832 wpa_config_free(wpa_s->conf);
834 if (old_ap_scan != wpa_s->conf->ap_scan)
835 wpas_notify_ap_scan_changed(wpa_s);
838 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
840 wpa_supplicant_update_config(wpa_s);
842 wpa_supplicant_clear_status(wpa_s);
843 if (wpa_supplicant_enabled_networks(wpa_s)) {
844 wpa_s->reassociate = 1;
845 wpa_supplicant_req_scan(wpa_s, 0, 0);
847 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
852 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
854 struct wpa_global *global = signal_ctx;
855 struct wpa_supplicant *wpa_s;
856 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
857 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
859 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
860 wpa_supplicant_terminate_proc(global);
866 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
867 struct wpa_ssid *ssid,
868 struct wpa_ie_data *ie)
870 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
873 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
874 "from association info");
879 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
881 if (!(ie->group_cipher & ssid->group_cipher)) {
882 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
883 "cipher 0x%x (mask 0x%x) - reject",
884 ie->group_cipher, ssid->group_cipher);
887 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
888 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
889 "cipher 0x%x (mask 0x%x) - reject",
890 ie->pairwise_cipher, ssid->pairwise_cipher);
893 if (!(ie->key_mgmt & ssid->key_mgmt)) {
894 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
895 "management 0x%x (mask 0x%x) - reject",
896 ie->key_mgmt, ssid->key_mgmt);
900 #ifdef CONFIG_IEEE80211W
901 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
902 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
903 wpa_s->conf->pmf : ssid->ieee80211w) ==
904 MGMT_FRAME_PROTECTION_REQUIRED) {
905 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
906 "that does not support management frame protection - "
910 #endif /* CONFIG_IEEE80211W */
917 * wpa_supplicant_set_suites - Set authentication and encryption parameters
918 * @wpa_s: Pointer to wpa_supplicant data
919 * @bss: Scan results for the selected BSS, or %NULL if not available
920 * @ssid: Configuration data for the selected network
921 * @wpa_ie: Buffer for the WPA/RSN IE
922 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
923 * used buffer length in case the functions returns success.
924 * Returns: 0 on success or -1 on failure
926 * This function is used to configure authentication and encryption parameters
927 * based on the network configuration and scan result for the selected BSS (if
930 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
931 struct wpa_bss *bss, struct wpa_ssid *ssid,
932 u8 *wpa_ie, size_t *wpa_ie_len)
934 struct wpa_ie_data ie;
936 const u8 *bss_wpa, *bss_rsn;
939 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
940 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
942 bss_wpa = bss_rsn = NULL;
944 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
945 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
946 (ie.group_cipher & ssid->group_cipher) &&
947 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
948 (ie.key_mgmt & ssid->key_mgmt)) {
949 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
950 proto = WPA_PROTO_RSN;
951 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
952 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
953 (ie.group_cipher & ssid->group_cipher) &&
954 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
955 (ie.key_mgmt & ssid->key_mgmt)) {
956 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
957 proto = WPA_PROTO_WPA;
959 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
962 if (ssid->proto & WPA_PROTO_RSN)
963 proto = WPA_PROTO_RSN;
965 proto = WPA_PROTO_WPA;
966 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
967 os_memset(&ie, 0, sizeof(ie));
968 ie.group_cipher = ssid->group_cipher;
969 ie.pairwise_cipher = ssid->pairwise_cipher;
970 ie.key_mgmt = ssid->key_mgmt;
971 #ifdef CONFIG_IEEE80211W
972 ie.mgmt_group_cipher =
973 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
974 WPA_CIPHER_AES_128_CMAC : 0;
975 #endif /* CONFIG_IEEE80211W */
976 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
977 "based on configuration");
982 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
983 "pairwise %d key_mgmt %d proto %d",
984 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
985 #ifdef CONFIG_IEEE80211W
986 if (ssid->ieee80211w) {
987 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
988 ie.mgmt_group_cipher);
990 #endif /* CONFIG_IEEE80211W */
992 wpa_s->wpa_proto = proto;
993 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
994 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
995 !!(ssid->proto & WPA_PROTO_RSN));
997 if (bss || !wpa_s->ap_ies_from_associnfo) {
998 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
999 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1000 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1001 bss_rsn ? 2 + bss_rsn[1] : 0))
1005 sel = ie.group_cipher & ssid->group_cipher;
1006 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1007 if (wpa_s->group_cipher < 0) {
1008 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1013 wpa_cipher_txt(wpa_s->group_cipher));
1015 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1016 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1017 if (wpa_s->pairwise_cipher < 0) {
1018 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1022 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1023 wpa_cipher_txt(wpa_s->pairwise_cipher));
1025 sel = ie.key_mgmt & ssid->key_mgmt;
1027 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1028 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1029 #endif /* CONFIG_SAE */
1031 #ifdef CONFIG_IEEE80211R
1032 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1033 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1034 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1035 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1036 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1037 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1038 #endif /* CONFIG_IEEE80211R */
1040 } else if (sel & WPA_KEY_MGMT_SAE) {
1041 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1042 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1043 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1044 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1045 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1046 #endif /* CONFIG_SAE */
1047 #ifdef CONFIG_IEEE80211W
1048 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1049 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1050 wpa_dbg(wpa_s, MSG_DEBUG,
1051 "WPA: using KEY_MGMT 802.1X with SHA256");
1052 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1053 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1054 wpa_dbg(wpa_s, MSG_DEBUG,
1055 "WPA: using KEY_MGMT PSK with SHA256");
1056 #endif /* CONFIG_IEEE80211W */
1057 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1058 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1059 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1060 } else if (sel & WPA_KEY_MGMT_PSK) {
1061 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1062 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1063 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1064 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1065 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1067 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1068 "authenticated key management type");
1072 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1073 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1074 wpa_s->pairwise_cipher);
1075 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1077 #ifdef CONFIG_IEEE80211W
1078 sel = ie.mgmt_group_cipher;
1079 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1080 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1081 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1083 if (sel & WPA_CIPHER_AES_128_CMAC) {
1084 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1085 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1088 wpa_s->mgmt_group_cipher = 0;
1089 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1091 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1092 wpa_s->mgmt_group_cipher);
1093 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1094 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1095 wpa_s->conf->pmf : ssid->ieee80211w));
1096 #endif /* CONFIG_IEEE80211W */
1098 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1099 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1103 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1104 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1105 #ifndef CONFIG_NO_PBKDF2
1106 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1109 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1110 4096, psk, PMK_LEN);
1111 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1113 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1115 #endif /* CONFIG_NO_PBKDF2 */
1116 #ifdef CONFIG_EXT_PASSWORD
1117 if (ssid->ext_psk) {
1118 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1120 char pw_str[64 + 1];
1124 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1125 "found from external storage");
1129 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1130 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1131 "PSK length %d in external storage",
1132 (int) wpabuf_len(pw));
1133 ext_password_free(pw);
1137 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1138 pw_str[wpabuf_len(pw)] = '\0';
1140 #ifndef CONFIG_NO_PBKDF2
1141 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1143 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1144 4096, psk, PMK_LEN);
1145 os_memset(pw_str, 0, sizeof(pw_str));
1146 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1147 "external passphrase)",
1149 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1151 #endif /* CONFIG_NO_PBKDF2 */
1152 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1153 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1154 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1155 "Invalid PSK hex string");
1156 os_memset(pw_str, 0, sizeof(pw_str));
1157 ext_password_free(pw);
1160 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1162 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1164 os_memset(pw_str, 0, sizeof(pw_str));
1165 ext_password_free(pw);
1169 os_memset(pw_str, 0, sizeof(pw_str));
1170 ext_password_free(pw);
1172 #endif /* CONFIG_EXT_PASSWORD */
1174 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1180 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1185 case 0: /* Bits 0-7 */
1187 case 1: /* Bits 8-15 */
1189 case 2: /* Bits 16-23 */
1191 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1192 *pos |= 0x08; /* Bit 19 - BSS Transition */
1193 #endif /* CONFIG_WNM */
1195 case 3: /* Bits 24-31 */
1197 *pos |= 0x02; /* Bit 25 - SSID List */
1198 #endif /* CONFIG_WNM */
1199 #ifdef CONFIG_INTERWORKING
1200 if (wpa_s->conf->interworking)
1201 *pos |= 0x80; /* Bit 31 - Interworking */
1202 #endif /* CONFIG_INTERWORKING */
1204 case 4: /* Bits 32-39 */
1205 #ifdef CONFIG_INTERWORKING
1206 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1207 *pos |= 0x01; /* Bit 32 - QoS Map */
1208 #endif /* CONFIG_INTERWORKING */
1210 case 5: /* Bits 40-47 */
1212 case 6: /* Bits 48-55 */
1218 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1223 if (len < wpa_s->extended_capa_len)
1224 len = wpa_s->extended_capa_len;
1226 *pos++ = WLAN_EID_EXT_CAPAB;
1228 for (i = 0; i < len; i++, pos++) {
1229 wpas_ext_capab_byte(wpa_s, pos, i);
1231 if (i < wpa_s->extended_capa_len) {
1232 *pos &= ~wpa_s->extended_capa_mask[i];
1233 *pos |= wpa_s->extended_capa[i];
1237 while (len > 0 && buf[1 + len] == 0) {
1248 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1249 struct wpa_bss *test_bss)
1251 struct wpa_bss *bss;
1253 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1254 if (bss == test_bss)
1262 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1263 struct wpa_ssid *test_ssid)
1265 struct wpa_ssid *ssid;
1267 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1268 if (ssid == test_ssid)
1276 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1277 struct wpa_ssid *test_ssid)
1279 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1282 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1286 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1294 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1296 struct wpa_connect_work *cwork;
1297 struct wpa_radio_work *work = wpa_s->connect_work;
1302 wpa_s->connect_work = NULL;
1305 wpas_connect_work_free(cwork);
1306 radio_work_done(work);
1310 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1313 * wpa_supplicant_associate - Request association
1314 * @wpa_s: Pointer to wpa_supplicant data
1315 * @bss: Scan results for the selected BSS, or %NULL if not available
1316 * @ssid: Configuration data for the selected network
1318 * This function is used to request %wpa_supplicant to associate with a BSS.
1320 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1321 struct wpa_bss *bss, struct wpa_ssid *ssid)
1323 struct wpa_connect_work *cwork;
1325 #ifdef CONFIG_IBSS_RSN
1326 ibss_rsn_deinit(wpa_s->ibss_rsn);
1327 wpa_s->ibss_rsn = NULL;
1328 #endif /* CONFIG_IBSS_RSN */
1330 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1331 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1333 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1334 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1338 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1339 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1340 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1341 wpas_p2p_ap_setup_failed(wpa_s);
1344 wpa_s->current_bss = bss;
1345 #else /* CONFIG_AP */
1346 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1348 #endif /* CONFIG_AP */
1354 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1356 #endif /* CONFIG_TDLS */
1358 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1359 ssid->mode == IEEE80211_MODE_INFRA) {
1360 sme_authenticate(wpa_s, bss, ssid);
1364 if (wpa_s->connect_work) {
1365 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1369 cwork = os_zalloc(sizeof(*cwork));
1376 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1377 wpas_start_assoc_cb, cwork) < 0) {
1383 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1385 struct wpa_connect_work *cwork = work->ctx;
1386 struct wpa_bss *bss = cwork->bss;
1387 struct wpa_ssid *ssid = cwork->ssid;
1388 struct wpa_supplicant *wpa_s = work->wpa_s;
1391 int use_crypt, ret, i, bssid_changed;
1392 int algs = WPA_AUTH_ALG_OPEN;
1393 unsigned int cipher_pairwise, cipher_group;
1394 struct wpa_driver_associate_params params;
1395 int wep_keys_set = 0;
1396 int assoc_failed = 0;
1397 struct wpa_ssid *old_ssid;
1398 #ifdef CONFIG_HT_OVERRIDES
1399 struct ieee80211_ht_capabilities htcaps;
1400 struct ieee80211_ht_capabilities htcaps_mask;
1401 #endif /* CONFIG_HT_OVERRIDES */
1404 wpas_connect_work_free(cwork);
1408 wpa_s->connect_work = work;
1410 if (!wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1411 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1412 wpas_connect_work_done(wpa_s);
1416 os_memset(¶ms, 0, sizeof(params));
1417 wpa_s->reassociate = 0;
1418 wpa_s->eap_expected_failure = 0;
1419 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1420 #ifdef CONFIG_IEEE80211R
1421 const u8 *ie, *md = NULL;
1422 #endif /* CONFIG_IEEE80211R */
1423 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1424 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1425 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1426 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1427 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1428 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1430 wpas_notify_bssid_changed(wpa_s);
1431 #ifdef CONFIG_IEEE80211R
1432 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1433 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1435 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1437 /* Prepare for the next transition */
1438 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1440 #endif /* CONFIG_IEEE80211R */
1442 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1443 wpa_s->conf->ap_scan == 2 &&
1444 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1445 /* Use ap_scan==1 style network selection to find the network
1447 wpa_s->scan_req = MANUAL_SCAN_REQ;
1448 wpa_s->reassociate = 1;
1449 wpa_supplicant_req_scan(wpa_s, 0, 0);
1451 #endif /* CONFIG_WPS */
1453 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1454 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1455 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1457 wpa_supplicant_cancel_sched_scan(wpa_s);
1458 wpa_supplicant_cancel_scan(wpa_s);
1460 /* Starting new association, so clear the possibly used WPA IE from the
1461 * previous association. */
1462 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1464 #ifdef IEEE8021X_EAPOL
1465 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1467 if (ssid->non_leap == 0)
1468 algs = WPA_AUTH_ALG_LEAP;
1470 algs |= WPA_AUTH_ALG_LEAP;
1473 #endif /* IEEE8021X_EAPOL */
1474 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1475 if (ssid->auth_alg) {
1476 algs = ssid->auth_alg;
1477 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1481 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1482 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1483 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1484 int try_opportunistic;
1485 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1487 ssid->proactive_key_caching) &&
1488 (ssid->proto & WPA_PROTO_RSN);
1489 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1490 ssid, try_opportunistic) == 0)
1491 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1492 wpa_ie_len = sizeof(wpa_ie);
1493 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1494 wpa_ie, &wpa_ie_len)) {
1495 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1496 "key management and encryption suites");
1499 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1500 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1502 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1503 * use non-WPA since the scan results did not indicate that the
1504 * AP is using WPA or WPA2.
1506 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1508 wpa_s->wpa_proto = 0;
1509 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1510 wpa_ie_len = sizeof(wpa_ie);
1511 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1512 wpa_ie, &wpa_ie_len)) {
1513 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1514 "key management and encryption suites (no "
1519 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1520 struct wpabuf *wps_ie;
1521 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1522 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1523 wpa_ie_len = wpabuf_len(wps_ie);
1524 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1527 wpabuf_free(wps_ie);
1528 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1529 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1530 params.wps = WPS_MODE_PRIVACY;
1532 params.wps = WPS_MODE_OPEN;
1533 wpa_s->wpa_proto = 0;
1534 #endif /* CONFIG_WPS */
1536 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1538 wpa_s->wpa_proto = 0;
1542 if (wpa_s->global->p2p) {
1546 pos = wpa_ie + wpa_ie_len;
1547 len = sizeof(wpa_ie) - wpa_ie_len;
1548 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1554 wpa_s->cross_connect_disallowed = 0;
1557 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1559 wpa_s->cross_connect_disallowed =
1560 p2p_get_cross_connect_disallowed(p2p);
1562 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1564 wpa_s->cross_connect_disallowed ?
1565 "disallows" : "allows");
1569 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
1570 #endif /* CONFIG_P2P */
1573 if (is_hs20_network(wpa_s, ssid, bss)) {
1574 struct wpabuf *hs20;
1575 hs20 = wpabuf_alloc(20);
1577 wpas_hs20_add_indication(hs20);
1578 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1580 wpa_ie_len += wpabuf_len(hs20);
1584 #endif /* CONFIG_HS20 */
1587 * Workaround: Add Extended Capabilities element only if the AP
1588 * included this element in Beacon/Probe Response frames. Some older
1589 * APs seem to have interoperability issues if this element is
1590 * included, so while the standard may require us to include the
1591 * element in all cases, it is justifiable to skip it to avoid
1592 * interoperability issues.
1594 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
1597 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1598 if (ext_capab_len > 0) {
1600 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1602 os_memmove(pos + ext_capab_len, pos,
1603 wpa_ie_len - (pos - wpa_ie));
1604 wpa_ie_len += ext_capab_len;
1605 os_memcpy(pos, ext_capab, ext_capab_len);
1609 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1611 cipher_pairwise = wpa_s->pairwise_cipher;
1612 cipher_group = wpa_s->group_cipher;
1613 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1614 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1615 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1617 if (wpa_set_wep_keys(wpa_s, ssid)) {
1622 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1625 #ifdef IEEE8021X_EAPOL
1626 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1627 if ((ssid->eapol_flags &
1628 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1629 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1633 /* Assume that dynamic WEP-104 keys will be used and
1634 * set cipher suites in order for drivers to expect
1636 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
1639 #endif /* IEEE8021X_EAPOL */
1641 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1642 /* Set the key before (and later after) association */
1643 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1646 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1648 params.ssid = bss->ssid;
1649 params.ssid_len = bss->ssid_len;
1650 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1651 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1652 MACSTR " freq=%u MHz based on scan results "
1654 MAC2STR(bss->bssid), bss->freq,
1656 params.bssid = bss->bssid;
1657 params.freq = bss->freq;
1660 params.ssid = ssid->ssid;
1661 params.ssid_len = ssid->ssid_len;
1664 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1665 wpa_s->conf->ap_scan == 2) {
1666 params.bssid = ssid->bssid;
1667 params.fixed_bssid = 1;
1670 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1672 params.freq = ssid->frequency; /* Initial channel for IBSS */
1673 params.wpa_ie = wpa_ie;
1674 params.wpa_ie_len = wpa_ie_len;
1675 params.pairwise_suite = cipher_pairwise;
1676 params.group_suite = cipher_group;
1677 params.key_mgmt_suite = wpa_s->key_mgmt;
1678 params.wpa_proto = wpa_s->wpa_proto;
1679 params.auth_alg = algs;
1680 params.mode = ssid->mode;
1681 params.bg_scan_period = ssid->bg_scan_period;
1682 for (i = 0; i < NUM_WEP_KEYS; i++) {
1683 if (ssid->wep_key_len[i])
1684 params.wep_key[i] = ssid->wep_key[i];
1685 params.wep_key_len[i] = ssid->wep_key_len[i];
1687 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1689 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1690 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
1691 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
1692 params.passphrase = ssid->passphrase;
1694 params.psk = ssid->psk;
1697 params.drop_unencrypted = use_crypt;
1699 #ifdef CONFIG_IEEE80211W
1700 params.mgmt_frame_protection =
1701 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1702 wpa_s->conf->pmf : ssid->ieee80211w;
1703 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1704 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1705 struct wpa_ie_data ie;
1706 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1708 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1709 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1710 "MFP: require MFP");
1711 params.mgmt_frame_protection =
1712 MGMT_FRAME_PROTECTION_REQUIRED;
1715 #endif /* CONFIG_IEEE80211W */
1717 params.p2p = ssid->p2p_group;
1719 if (wpa_s->parent->set_sta_uapsd)
1720 params.uapsd = wpa_s->parent->sta_uapsd;
1724 #ifdef CONFIG_HT_OVERRIDES
1725 os_memset(&htcaps, 0, sizeof(htcaps));
1726 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1727 params.htcaps = (u8 *) &htcaps;
1728 params.htcaps_mask = (u8 *) &htcaps_mask;
1729 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1730 #endif /* CONFIG_HT_OVERRIDES */
1734 * If multi-channel concurrency is not supported, check for any
1735 * frequency conflict. In case of any frequency conflict, remove the
1736 * least prioritized connection.
1738 if (wpa_s->num_multichan_concurrent < 2) {
1739 int freq = wpa_drv_shared_freq(wpa_s);
1740 if (freq > 0 && freq != params.freq) {
1741 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)",
1743 if (wpas_p2p_handle_frequency_conflicts(wpa_s,
1749 #endif /* CONFIG_P2P */
1751 ret = wpa_drv_associate(wpa_s, ¶ms);
1753 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1755 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1757 * The driver is known to mean what is saying, so we
1758 * can stop right here; the association will not
1761 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1762 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1763 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1766 /* try to continue anyway; new association will be tried again
1771 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1772 /* Set the key after the association just in case association
1773 * cleared the previously configured key. */
1774 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1775 /* No need to timeout authentication since there is no key
1777 wpa_supplicant_cancel_auth_timeout(wpa_s);
1778 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1779 #ifdef CONFIG_IBSS_RSN
1780 } else if (ssid->mode == WPAS_MODE_IBSS &&
1781 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1782 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1784 * RSN IBSS authentication is per-STA and we can disable the
1785 * per-BSSID authentication.
1787 wpa_supplicant_cancel_auth_timeout(wpa_s);
1788 #endif /* CONFIG_IBSS_RSN */
1790 /* Timeout for IEEE 802.11 authentication and association */
1794 /* give IBSS a bit more time */
1795 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1796 } else if (wpa_s->conf->ap_scan == 1) {
1797 /* give IBSS a bit more time */
1798 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1800 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1804 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
1805 /* Set static WEP keys again */
1806 wpa_set_wep_keys(wpa_s, ssid);
1809 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1811 * Do not allow EAP session resumption between different
1812 * network configurations.
1814 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1816 old_ssid = wpa_s->current_ssid;
1817 wpa_s->current_ssid = ssid;
1818 wpa_s->current_bss = bss;
1819 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1820 wpa_supplicant_initiate_eapol(wpa_s);
1821 if (old_ssid != wpa_s->current_ssid)
1822 wpas_notify_network_changed(wpa_s);
1826 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1829 struct wpa_ssid *old_ssid;
1831 wpa_clear_keys(wpa_s, addr);
1832 old_ssid = wpa_s->current_ssid;
1833 wpa_supplicant_mark_disassoc(wpa_s);
1834 wpa_sm_set_config(wpa_s->wpa, NULL);
1835 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1836 if (old_ssid != wpa_s->current_ssid)
1837 wpas_notify_network_changed(wpa_s);
1838 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1843 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1844 * @wpa_s: Pointer to wpa_supplicant data
1845 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1847 * This function is used to request %wpa_supplicant to deauthenticate from the
1850 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1854 union wpa_event_data event;
1857 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1858 " pending_bssid=" MACSTR " reason=%d state=%s",
1859 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1860 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1862 if (!is_zero_ether_addr(wpa_s->bssid))
1863 addr = wpa_s->bssid;
1864 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1865 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1866 wpa_s->wpa_state == WPA_ASSOCIATING))
1867 addr = wpa_s->pending_bssid;
1868 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1870 * When using driver-based BSS selection, we may not know the
1871 * BSSID with which we are currently trying to associate. We
1872 * need to notify the driver of this disconnection even in such
1873 * a case, so use the all zeros address here.
1875 addr = wpa_s->bssid;
1880 wpa_tdls_teardown_peers(wpa_s->wpa);
1881 #endif /* CONFIG_TDLS */
1884 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1885 os_memset(&event, 0, sizeof(event));
1886 event.deauth_info.reason_code = (u16) reason_code;
1887 event.deauth_info.locally_generated = 1;
1888 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1893 wpa_supplicant_clear_connection(wpa_s, addr);
1896 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
1897 struct wpa_ssid *ssid)
1899 if (!ssid || !ssid->disabled || ssid->disabled == 2)
1903 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1904 wpas_notify_network_enabled_changed(wpa_s, ssid);
1907 * Try to reassociate since there is no current configuration and a new
1908 * network was made available.
1910 if (!wpa_s->current_ssid && !wpa_s->disconnected)
1911 wpa_s->reassociate = 1;
1916 * wpa_supplicant_enable_network - Mark a configured network as enabled
1917 * @wpa_s: wpa_supplicant structure for a network interface
1918 * @ssid: wpa_ssid structure for a configured network or %NULL
1920 * Enables the specified network or all networks if no network specified.
1922 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1923 struct wpa_ssid *ssid)
1926 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
1927 wpa_supplicant_enable_one_network(wpa_s, ssid);
1929 wpa_supplicant_enable_one_network(wpa_s, ssid);
1931 if (wpa_s->reassociate && !wpa_s->disconnected) {
1932 if (wpa_s->sched_scanning) {
1933 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
1934 "new network to scan filters");
1935 wpa_supplicant_cancel_sched_scan(wpa_s);
1938 if (wpa_supplicant_fast_associate(wpa_s) != 1)
1939 wpa_supplicant_req_scan(wpa_s, 0, 0);
1945 * wpa_supplicant_disable_network - Mark a configured network as disabled
1946 * @wpa_s: wpa_supplicant structure for a network interface
1947 * @ssid: wpa_ssid structure for a configured network or %NULL
1949 * Disables the specified network or all networks if no network specified.
1951 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1952 struct wpa_ssid *ssid)
1954 struct wpa_ssid *other_ssid;
1958 if (wpa_s->sched_scanning)
1959 wpa_supplicant_cancel_sched_scan(wpa_s);
1961 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1962 other_ssid = other_ssid->next) {
1963 was_disabled = other_ssid->disabled;
1964 if (was_disabled == 2)
1965 continue; /* do not change persistent P2P group
1968 other_ssid->disabled = 1;
1970 if (was_disabled != other_ssid->disabled)
1971 wpas_notify_network_enabled_changed(
1974 if (wpa_s->current_ssid)
1975 wpa_supplicant_deauthenticate(
1976 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1977 } else if (ssid->disabled != 2) {
1978 if (ssid == wpa_s->current_ssid)
1979 wpa_supplicant_deauthenticate(
1980 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1982 was_disabled = ssid->disabled;
1986 if (was_disabled != ssid->disabled) {
1987 wpas_notify_network_enabled_changed(wpa_s, ssid);
1988 if (wpa_s->sched_scanning) {
1989 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
1990 "to remove network from filters");
1991 wpa_supplicant_cancel_sched_scan(wpa_s);
1992 wpa_supplicant_req_scan(wpa_s, 0, 0);
2000 * wpa_supplicant_select_network - Attempt association with a network
2001 * @wpa_s: wpa_supplicant structure for a network interface
2002 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2004 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2005 struct wpa_ssid *ssid)
2008 struct wpa_ssid *other_ssid;
2009 int disconnected = 0;
2011 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2012 wpa_supplicant_deauthenticate(
2013 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2018 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2021 * Mark all other networks disabled or mark all networks enabled if no
2022 * network specified.
2024 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2025 other_ssid = other_ssid->next) {
2026 int was_disabled = other_ssid->disabled;
2027 if (was_disabled == 2)
2028 continue; /* do not change persistent P2P group data */
2030 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2031 if (was_disabled && !other_ssid->disabled)
2032 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2034 if (was_disabled != other_ssid->disabled)
2035 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2038 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2039 /* We are already associated with the selected network */
2040 wpa_printf(MSG_DEBUG, "Already associated with the "
2041 "selected network - do nothing");
2046 wpa_s->current_ssid = ssid;
2047 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2049 wpa_s->connect_without_scan = NULL;
2050 wpa_s->disconnected = 0;
2051 wpa_s->reassociate = 1;
2053 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2054 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2057 wpas_notify_network_selected(wpa_s, ssid);
2062 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2063 * @wpa_s: wpa_supplicant structure for a network interface
2064 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2065 * @pkcs11_module_path: PKCS #11 module path or NULL
2066 * Returns: 0 on success; -1 on failure
2068 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2069 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2070 * module path fails the paths will be reset to the default value (NULL).
2072 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2073 const char *pkcs11_engine_path,
2074 const char *pkcs11_module_path)
2076 char *pkcs11_engine_path_copy = NULL;
2077 char *pkcs11_module_path_copy = NULL;
2079 if (pkcs11_engine_path != NULL) {
2080 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2081 if (pkcs11_engine_path_copy == NULL)
2084 if (pkcs11_module_path != NULL) {
2085 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2086 if (pkcs11_module_path_copy == NULL) {
2087 os_free(pkcs11_engine_path_copy);
2092 os_free(wpa_s->conf->pkcs11_engine_path);
2093 os_free(wpa_s->conf->pkcs11_module_path);
2094 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2095 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2097 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2098 eapol_sm_deinit(wpa_s->eapol);
2099 wpa_s->eapol = NULL;
2100 if (wpa_supplicant_init_eapol(wpa_s)) {
2101 /* Error -> Reset paths to the default value (NULL) once. */
2102 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2103 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2108 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2115 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2116 * @wpa_s: wpa_supplicant structure for a network interface
2117 * @ap_scan: AP scan mode
2118 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2121 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2126 if (ap_scan < 0 || ap_scan > 2)
2130 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2131 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2132 wpa_s->wpa_state < WPA_COMPLETED) {
2133 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2134 "associating", wpa_s->conf->ap_scan, ap_scan);
2137 #endif /* ANDROID */
2139 old_ap_scan = wpa_s->conf->ap_scan;
2140 wpa_s->conf->ap_scan = ap_scan;
2142 if (old_ap_scan != wpa_s->conf->ap_scan)
2143 wpas_notify_ap_scan_changed(wpa_s);
2150 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2151 * @wpa_s: wpa_supplicant structure for a network interface
2152 * @expire_age: Expiration age in seconds
2153 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2156 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2157 unsigned int bss_expire_age)
2159 if (bss_expire_age < 10) {
2160 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2164 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2166 wpa_s->conf->bss_expiration_age = bss_expire_age;
2173 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2174 * @wpa_s: wpa_supplicant structure for a network interface
2175 * @expire_count: number of scans after which an unseen BSS is reclaimed
2176 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2179 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2180 unsigned int bss_expire_count)
2182 if (bss_expire_count < 1) {
2183 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2187 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2189 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2196 * wpa_supplicant_set_scan_interval - Set scan interval
2197 * @wpa_s: wpa_supplicant structure for a network interface
2198 * @scan_interval: scan interval in seconds
2199 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2202 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2205 if (scan_interval < 0) {
2206 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2210 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2212 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2219 * wpa_supplicant_set_debug_params - Set global debug params
2220 * @global: wpa_global structure
2221 * @debug_level: debug level
2222 * @debug_timestamp: determines if show timestamp in debug data
2223 * @debug_show_keys: determines if show keys in debug data
2224 * Returns: 0 if succeed or -1 if debug_level has wrong value
2226 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2227 int debug_timestamp, int debug_show_keys)
2230 int old_level, old_timestamp, old_show_keys;
2232 /* check for allowed debuglevels */
2233 if (debug_level != MSG_EXCESSIVE &&
2234 debug_level != MSG_MSGDUMP &&
2235 debug_level != MSG_DEBUG &&
2236 debug_level != MSG_INFO &&
2237 debug_level != MSG_WARNING &&
2238 debug_level != MSG_ERROR)
2241 old_level = wpa_debug_level;
2242 old_timestamp = wpa_debug_timestamp;
2243 old_show_keys = wpa_debug_show_keys;
2245 wpa_debug_level = debug_level;
2246 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2247 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2249 if (wpa_debug_level != old_level)
2250 wpas_notify_debug_level_changed(global);
2251 if (wpa_debug_timestamp != old_timestamp)
2252 wpas_notify_debug_timestamp_changed(global);
2253 if (wpa_debug_show_keys != old_show_keys)
2254 wpas_notify_debug_show_keys_changed(global);
2261 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2262 * @wpa_s: Pointer to wpa_supplicant data
2263 * Returns: A pointer to the current network structure or %NULL on failure
2265 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2267 struct wpa_ssid *entry;
2268 u8 ssid[MAX_SSID_LEN];
2274 res = wpa_drv_get_ssid(wpa_s, ssid);
2276 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2282 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2283 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2288 wired = wpa_s->conf->ap_scan == 0 &&
2289 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2291 entry = wpa_s->conf->ssid;
2293 if (!wpas_network_disabled(wpa_s, entry) &&
2294 ((ssid_len == entry->ssid_len &&
2295 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2296 (!entry->bssid_set ||
2297 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2300 if (!wpas_network_disabled(wpa_s, entry) &&
2301 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2302 (entry->ssid == NULL || entry->ssid_len == 0) &&
2303 (!entry->bssid_set ||
2304 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2306 #endif /* CONFIG_WPS */
2308 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2309 entry->ssid_len == 0 &&
2310 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2313 entry = entry->next;
2320 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2322 struct wpa_global *global = wpa_s->global;
2324 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2325 global->drv_priv[i] = wpa_drivers[i]->global_init();
2326 if (global->drv_priv[i] == NULL) {
2327 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2328 "'%s'", wpa_drivers[i]->name);
2333 wpa_s->driver = wpa_drivers[i];
2334 wpa_s->global_drv_priv = global->drv_priv[i];
2340 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2345 const char *pos, *driver = name;
2350 if (wpa_drivers[0] == NULL) {
2351 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2357 /* default to first driver in the list */
2358 return select_driver(wpa_s, 0);
2362 pos = os_strchr(driver, ',');
2366 len = os_strlen(driver);
2368 for (i = 0; wpa_drivers[i]; i++) {
2369 if (os_strlen(wpa_drivers[i]->name) == len &&
2370 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2372 /* First driver that succeeds wins */
2373 if (select_driver(wpa_s, i) == 0)
2381 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2387 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2388 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2389 * with struct wpa_driver_ops::init()
2390 * @src_addr: Source address of the EAPOL frame
2391 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2392 * @len: Length of the EAPOL data
2394 * This function is called for each received EAPOL frame. Most driver
2395 * interfaces rely on more generic OS mechanism for receiving frames through
2396 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2397 * take care of received EAPOL frames and deliver them to the core supplicant
2398 * code by calling this function.
2400 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2401 const u8 *buf, size_t len)
2403 struct wpa_supplicant *wpa_s = ctx;
2405 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2406 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2408 #ifdef CONFIG_PEERKEY
2409 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
2410 wpa_s->current_ssid->peerkey &&
2411 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2412 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
2413 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
2416 #endif /* CONFIG_PEERKEY */
2418 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2419 (wpa_s->last_eapol_matches_bssid &&
2422 #endif /* CONFIG_AP */
2423 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2425 * There is possible race condition between receiving the
2426 * association event and the EAPOL frame since they are coming
2427 * through different paths from the driver. In order to avoid
2428 * issues in trying to process the EAPOL frame before receiving
2429 * association information, lets queue it for processing until
2430 * the association event is received. This may also be needed in
2431 * driver-based roaming case, so also use src_addr != BSSID as a
2432 * trigger if we have previously confirmed that the
2433 * Authenticator uses BSSID as the src_addr (which is not the
2434 * case with wired IEEE 802.1X).
2436 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2437 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2438 wpa_supplicant_state_txt(wpa_s->wpa_state),
2439 MAC2STR(wpa_s->bssid));
2440 wpabuf_free(wpa_s->pending_eapol_rx);
2441 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2442 if (wpa_s->pending_eapol_rx) {
2443 os_get_reltime(&wpa_s->pending_eapol_rx_time);
2444 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2450 wpa_s->last_eapol_matches_bssid =
2451 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2454 if (wpa_s->ap_iface) {
2455 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2458 #endif /* CONFIG_AP */
2460 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2461 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2462 "no key management is configured");
2466 if (wpa_s->eapol_received == 0 &&
2467 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2468 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2469 wpa_s->wpa_state != WPA_COMPLETED) &&
2470 (wpa_s->current_ssid == NULL ||
2471 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2472 /* Timeout for completing IEEE 802.1X and WPA authentication */
2473 wpa_supplicant_req_auth_timeout(
2475 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2476 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2477 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2480 wpa_s->eapol_received++;
2482 if (wpa_s->countermeasures) {
2483 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2488 #ifdef CONFIG_IBSS_RSN
2489 if (wpa_s->current_ssid &&
2490 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2491 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2494 #endif /* CONFIG_IBSS_RSN */
2496 /* Source address of the incoming EAPOL frame could be compared to the
2497 * current BSSID. However, it is possible that a centralized
2498 * Authenticator could be using another MAC address than the BSSID of
2499 * an AP, so just allow any address to be used for now. The replies are
2500 * still sent to the current BSSID (if available), though. */
2502 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2503 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2504 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2506 wpa_drv_poll(wpa_s);
2507 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2508 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2509 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2511 * Set portValid = TRUE here since we are going to skip 4-way
2512 * handshake processing which would normally set portValid. We
2513 * need this to allow the EAPOL state machines to be completed
2514 * without going through EAPOL-Key handshake.
2516 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2521 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2523 if (wpa_s->driver->send_eapol) {
2524 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2526 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2527 } else if ((!wpa_s->p2p_mgmt ||
2528 !(wpa_s->drv_flags &
2529 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
2530 !(wpa_s->drv_flags &
2531 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2532 l2_packet_deinit(wpa_s->l2);
2533 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2534 wpa_drv_get_mac_addr(wpa_s),
2536 wpa_supplicant_rx_eapol, wpa_s, 0);
2537 if (wpa_s->l2 == NULL)
2540 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2542 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2545 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2546 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2554 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2555 const u8 *buf, size_t len)
2557 struct wpa_supplicant *wpa_s = ctx;
2558 const struct l2_ethhdr *eth;
2560 if (len < sizeof(*eth))
2562 eth = (const struct l2_ethhdr *) buf;
2564 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2565 !(eth->h_dest[0] & 0x01)) {
2566 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2567 " (bridge - not for this interface - ignore)",
2568 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2572 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2573 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2574 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2575 len - sizeof(*eth));
2580 * wpa_supplicant_driver_init - Initialize driver interface parameters
2581 * @wpa_s: Pointer to wpa_supplicant data
2582 * Returns: 0 on success, -1 on failure
2584 * This function is called to initialize driver interface parameters.
2585 * wpa_drv_init() must have been called before this function to initialize the
2588 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2590 static int interface_count = 0;
2592 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2595 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2596 MAC2STR(wpa_s->own_addr));
2597 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2599 if (wpa_s->bridge_ifname[0]) {
2600 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2601 "interface '%s'", wpa_s->bridge_ifname);
2602 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2605 wpa_supplicant_rx_eapol_bridge,
2607 if (wpa_s->l2_br == NULL) {
2608 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2609 "connection for the bridge interface '%s'",
2610 wpa_s->bridge_ifname);
2615 wpa_clear_keys(wpa_s, NULL);
2617 /* Make sure that TKIP countermeasures are not left enabled (could
2618 * happen if wpa_supplicant is killed during countermeasures. */
2619 wpa_drv_set_countermeasures(wpa_s, 0);
2621 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2622 wpa_drv_flush_pmkid(wpa_s);
2624 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2625 wpa_s->prev_scan_wildcard = 0;
2627 if (wpa_supplicant_enabled_networks(wpa_s)) {
2628 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
2629 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2630 interface_count = 0;
2632 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2634 wpa_supplicant_req_scan(wpa_s, interface_count,
2638 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2644 static int wpa_supplicant_daemon(const char *pid_file)
2646 wpa_printf(MSG_DEBUG, "Daemonize..");
2647 return os_daemonize(pid_file);
2651 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2653 struct wpa_supplicant *wpa_s;
2655 wpa_s = os_zalloc(sizeof(*wpa_s));
2658 wpa_s->scan_req = INITIAL_SCAN_REQ;
2659 wpa_s->scan_interval = 5;
2660 wpa_s->new_connection = 1;
2661 wpa_s->parent = wpa_s;
2662 wpa_s->sched_scanning = 0;
2668 #ifdef CONFIG_HT_OVERRIDES
2670 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2671 struct ieee80211_ht_capabilities *htcaps,
2672 struct ieee80211_ht_capabilities *htcaps_mask,
2675 /* parse ht_mcs into hex array */
2677 const char *tmp = ht_mcs;
2680 /* If ht_mcs is null, do not set anything */
2684 /* This is what we are setting in the kernel */
2685 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2687 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2689 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2691 long v = strtol(tmp, &end, 16);
2693 wpa_msg(wpa_s, MSG_DEBUG,
2694 "htcap value[%i]: %ld end: %p tmp: %p",
2699 htcaps->supported_mcs_set[i] = v;
2702 wpa_msg(wpa_s, MSG_ERROR,
2703 "Failed to parse ht-mcs: %s, error: %s\n",
2704 ht_mcs, strerror(errno));
2710 * If we were able to parse any values, then set mask for the MCS set.
2713 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2714 IEEE80211_HT_MCS_MASK_LEN - 1);
2715 /* skip the 3 reserved bits */
2716 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2724 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2725 struct ieee80211_ht_capabilities *htcaps,
2726 struct ieee80211_ht_capabilities *htcaps_mask,
2731 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2736 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2737 htcaps_mask->ht_capabilities_info |= msk;
2739 htcaps->ht_capabilities_info &= msk;
2741 htcaps->ht_capabilities_info |= msk;
2747 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2748 struct ieee80211_ht_capabilities *htcaps,
2749 struct ieee80211_ht_capabilities *htcaps_mask,
2752 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2757 if (factor < 0 || factor > 3) {
2758 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2759 "Must be 0-3 or -1", factor);
2763 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2764 htcaps->a_mpdu_params &= ~0x3;
2765 htcaps->a_mpdu_params |= factor & 0x3;
2771 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2772 struct ieee80211_ht_capabilities *htcaps,
2773 struct ieee80211_ht_capabilities *htcaps_mask,
2776 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2781 if (density < 0 || density > 7) {
2782 wpa_msg(wpa_s, MSG_ERROR,
2783 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2788 htcaps_mask->a_mpdu_params |= 0x1C;
2789 htcaps->a_mpdu_params &= ~(0x1C);
2790 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2796 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2797 struct ieee80211_ht_capabilities *htcaps,
2798 struct ieee80211_ht_capabilities *htcaps_mask,
2801 /* Masking these out disables HT40 */
2802 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2803 HT_CAP_INFO_SHORT_GI40MHZ);
2805 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2808 htcaps->ht_capabilities_info &= ~msk;
2810 htcaps->ht_capabilities_info |= msk;
2812 htcaps_mask->ht_capabilities_info |= msk;
2818 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2819 struct ieee80211_ht_capabilities *htcaps,
2820 struct ieee80211_ht_capabilities *htcaps_mask,
2823 /* Masking these out disables SGI */
2824 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2825 HT_CAP_INFO_SHORT_GI40MHZ);
2827 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2830 htcaps->ht_capabilities_info &= ~msk;
2832 htcaps->ht_capabilities_info |= msk;
2834 htcaps_mask->ht_capabilities_info |= msk;
2840 void wpa_supplicant_apply_ht_overrides(
2841 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2842 struct wpa_driver_associate_params *params)
2844 struct ieee80211_ht_capabilities *htcaps;
2845 struct ieee80211_ht_capabilities *htcaps_mask;
2850 params->disable_ht = ssid->disable_ht;
2851 if (!params->htcaps || !params->htcaps_mask)
2854 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2855 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2856 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2857 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2858 ssid->disable_max_amsdu);
2859 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2860 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2861 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2862 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2865 #endif /* CONFIG_HT_OVERRIDES */
2868 #ifdef CONFIG_VHT_OVERRIDES
2869 void wpa_supplicant_apply_vht_overrides(
2870 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2871 struct wpa_driver_associate_params *params)
2873 struct ieee80211_vht_capabilities *vhtcaps;
2874 struct ieee80211_vht_capabilities *vhtcaps_mask;
2879 params->disable_vht = ssid->disable_vht;
2881 vhtcaps = (void *) params->vhtcaps;
2882 vhtcaps_mask = (void *) params->vhtcaps_mask;
2884 if (!vhtcaps || !vhtcaps_mask)
2887 vhtcaps->vht_capabilities_info = ssid->vht_capa;
2888 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
2890 #define OVERRIDE_MCS(i) \
2891 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
2892 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
2894 vhtcaps->vht_supported_mcs_set.tx_map |= \
2895 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
2897 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
2898 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
2900 vhtcaps->vht_supported_mcs_set.rx_map |= \
2901 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
2913 #endif /* CONFIG_VHT_OVERRIDES */
2916 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2921 if (!wpa_s->conf->pcsc_reader)
2924 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
2928 if (wpa_s->conf->pcsc_pin &&
2929 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2930 scard_deinit(wpa_s->scard);
2931 wpa_s->scard = NULL;
2932 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2936 len = sizeof(wpa_s->imsi) - 1;
2937 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2938 scard_deinit(wpa_s->scard);
2939 wpa_s->scard = NULL;
2940 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2943 wpa_s->imsi[len] = '\0';
2945 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2947 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2948 wpa_s->imsi, wpa_s->mnc_len);
2950 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2951 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2952 #endif /* PCSC_FUNCS */
2958 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2962 ext_password_deinit(wpa_s->ext_pw);
2963 wpa_s->ext_pw = NULL;
2964 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2966 if (!wpa_s->conf->ext_password_backend)
2969 val = os_strdup(wpa_s->conf->ext_password_backend);
2972 pos = os_strchr(val, ':');
2976 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2978 wpa_s->ext_pw = ext_password_init(val, pos);
2980 if (wpa_s->ext_pw == NULL) {
2981 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2984 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2990 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
2993 struct wpa_supplicant *iface = wpa_s->global->ifaces;
2994 struct wpa_radio *radio;
2996 while (rn && iface) {
2997 radio = iface->radio;
2998 if (radio && os_strcmp(rn, radio->name) == 0) {
2999 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3001 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3005 iface = iface->next;
3008 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3009 wpa_s->ifname, rn ? rn : "N/A");
3010 radio = os_zalloc(sizeof(*radio));
3015 os_strlcpy(radio->name, rn, sizeof(radio->name));
3016 dl_list_init(&radio->ifaces);
3017 dl_list_init(&radio->work);
3018 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3024 static void radio_work_free(struct wpa_radio_work *work)
3026 if (work->wpa_s->scan_work == work) {
3027 /* This should not really happen. */
3028 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3029 work->type, work, work->started);
3030 work->wpa_s->scan_work = NULL;
3034 if (work->wpa_s->p2p_scan_work == work) {
3035 /* This should not really happen. */
3036 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3037 work->type, work, work->started);
3038 work->wpa_s->p2p_scan_work = NULL;
3040 #endif /* CONFIG_P2P */
3042 dl_list_del(&work->list);
3047 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3049 struct wpa_radio *radio = eloop_ctx;
3050 struct wpa_radio_work *work;
3051 struct os_reltime now, diff;
3052 struct wpa_supplicant *wpa_s;
3054 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3059 return; /* already started and still in progress */
3061 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3063 if (wpa_s && wpa_s->external_scan_running) {
3064 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3068 os_get_reltime(&now);
3069 os_reltime_sub(&now, &work->time, &diff);
3070 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3071 work->type, work, diff.sec, diff.usec);
3078 void radio_remove_unstarted_work(struct wpa_supplicant *wpa_s, const char *type)
3080 struct wpa_radio_work *work, *tmp;
3081 struct wpa_radio *radio = wpa_s->radio;
3083 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3085 if (type && (work->started || os_strcmp(type, work->type) != 0))
3087 if (work->started) {
3088 wpa_dbg(wpa_s, MSG_DEBUG, "Leaving started radio work '%s'@%p in the list",
3092 wpa_dbg(wpa_s, MSG_DEBUG, "Remove unstarted radio work '%s'@%p",
3095 radio_work_free(work);
3100 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3102 struct wpa_radio *radio = wpa_s->radio;
3107 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3108 wpa_s->ifname, radio->name);
3109 dl_list_del(&wpa_s->radio_list);
3110 if (!dl_list_empty(&radio->ifaces)) {
3111 wpa_s->radio = NULL;
3112 return; /* Interfaces remain for this radio */
3115 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3116 radio_remove_unstarted_work(wpa_s, NULL);
3117 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3118 wpa_s->radio = NULL;
3123 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3125 struct wpa_radio *radio = wpa_s->radio;
3127 if (dl_list_empty(&radio->work))
3129 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3130 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3135 * radio_add_work - Add a radio work item
3136 * @wpa_s: Pointer to wpa_supplicant data
3137 * @freq: Frequency of the offchannel operation in MHz or 0
3138 * @type: Unique identifier for each type of work
3139 * @next: Force as the next work to be executed
3140 * @cb: Callback function for indicating when radio is available
3141 * @ctx: Context pointer for the work (work->ctx in cb())
3142 * Returns: 0 on success, -1 on failure
3144 * This function is used to request time for an operation that requires
3145 * exclusive radio control. Once the radio is available, the registered callback
3146 * function will be called. radio_work_done() must be called once the exclusive
3147 * radio operation has been completed, so that the radio is freed for other
3148 * operations. The special case of deinit=1 is used to free the context data
3149 * during interface removal. That does not allow the callback function to start
3150 * the radio operation, i.e., it must free any resources allocated for the radio
3153 * The @freq parameter can be used to indicate a single channel on which the
3154 * offchannel operation will occur. This may allow multiple radio work
3155 * operations to be performed in parallel if they apply for the same channel.
3156 * Setting this to 0 indicates that the work item may use multiple channels or
3157 * requires exclusive control of the radio.
3159 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3160 const char *type, int next,
3161 void (*cb)(struct wpa_radio_work *work, int deinit),
3164 struct wpa_radio_work *work;
3167 work = os_zalloc(sizeof(*work));
3170 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3171 os_get_reltime(&work->time);
3174 work->wpa_s = wpa_s;
3178 was_empty = dl_list_empty(&wpa_s->radio->work);
3180 dl_list_add(&wpa_s->radio->work, &work->list);
3182 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3184 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3185 radio_work_check_next(wpa_s);
3193 * radio_work_done - Indicate that a radio work item has been completed
3194 * @work: Completed work
3196 * This function is called once the callback function registered with
3197 * radio_add_work() has completed its work.
3199 void radio_work_done(struct wpa_radio_work *work)
3201 struct wpa_supplicant *wpa_s = work->wpa_s;
3202 struct os_reltime now, diff;
3203 unsigned int started = work->started;
3205 os_get_reltime(&now);
3206 os_reltime_sub(&now, &work->time, &diff);
3207 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3208 work->type, work, started ? "done" : "canceled",
3209 diff.sec, diff.usec);
3210 radio_work_free(work);
3212 radio_work_check_next(wpa_s);
3216 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3217 struct wpa_interface *iface)
3219 const char *ifname, *driver, *rn;
3221 driver = iface->driver;
3223 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3226 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3227 if (wpa_s->drv_priv == NULL) {
3229 pos = driver ? os_strchr(driver, ',') : NULL;
3231 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3232 "driver interface - try next driver wrapper");
3236 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
3240 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
3241 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
3242 "driver_param '%s'", wpa_s->conf->driver_param);
3246 ifname = wpa_drv_get_ifname(wpa_s);
3247 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
3248 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
3249 "interface name with '%s'", ifname);
3250 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
3253 if (wpa_s->driver->get_radio_name)
3254 rn = wpa_s->driver->get_radio_name(wpa_s->drv_priv);
3257 if (rn && rn[0] == '\0')
3260 wpa_s->radio = radio_add_interface(wpa_s, rn);
3261 if (wpa_s->radio == NULL)
3268 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
3269 struct wpa_interface *iface)
3271 struct wpa_driver_capa capa;
3273 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
3274 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
3275 iface->confname ? iface->confname : "N/A",
3276 iface->driver ? iface->driver : "default",
3277 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
3278 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
3280 if (iface->confname) {
3281 #ifdef CONFIG_BACKEND_FILE
3282 wpa_s->confname = os_rel2abs_path(iface->confname);
3283 if (wpa_s->confname == NULL) {
3284 wpa_printf(MSG_ERROR, "Failed to get absolute path "
3285 "for configuration file '%s'.",
3289 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
3290 iface->confname, wpa_s->confname);
3291 #else /* CONFIG_BACKEND_FILE */
3292 wpa_s->confname = os_strdup(iface->confname);
3293 #endif /* CONFIG_BACKEND_FILE */
3294 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
3295 if (wpa_s->conf == NULL) {
3296 wpa_printf(MSG_ERROR, "Failed to read or parse "
3297 "configuration '%s'.", wpa_s->confname);
3300 wpa_s->confanother = os_rel2abs_path(iface->confanother);
3301 wpa_config_read(wpa_s->confanother, wpa_s->conf);
3304 * Override ctrl_interface and driver_param if set on command
3307 if (iface->ctrl_interface) {
3308 os_free(wpa_s->conf->ctrl_interface);
3309 wpa_s->conf->ctrl_interface =
3310 os_strdup(iface->ctrl_interface);
3313 if (iface->driver_param) {
3314 os_free(wpa_s->conf->driver_param);
3315 wpa_s->conf->driver_param =
3316 os_strdup(iface->driver_param);
3319 if (iface->p2p_mgmt && !iface->ctrl_interface) {
3320 os_free(wpa_s->conf->ctrl_interface);
3321 wpa_s->conf->ctrl_interface = NULL;
3324 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
3325 iface->driver_param);
3327 if (wpa_s->conf == NULL) {
3328 wpa_printf(MSG_ERROR, "\nNo configuration found.");
3332 if (iface->ifname == NULL) {
3333 wpa_printf(MSG_ERROR, "\nInterface name is required.");
3336 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
3337 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
3341 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
3343 if (iface->bridge_ifname) {
3344 if (os_strlen(iface->bridge_ifname) >=
3345 sizeof(wpa_s->bridge_ifname)) {
3346 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
3347 "name '%s'.", iface->bridge_ifname);
3350 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
3351 sizeof(wpa_s->bridge_ifname));
3354 /* RSNA Supplicant Key Management - INITIALIZE */
3355 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
3356 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
3358 /* Initialize driver interface and register driver event handler before
3359 * L2 receive handler so that association events are processed before
3360 * EAPOL-Key packets if both become available for the same select()
3362 if (wpas_init_driver(wpa_s, iface) < 0)
3365 if (wpa_supplicant_init_wpa(wpa_s) < 0)
3368 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
3369 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
3371 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
3373 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
3374 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
3375 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
3376 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3377 "dot11RSNAConfigPMKLifetime");
3381 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
3382 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
3383 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
3384 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3385 "dot11RSNAConfigPMKReauthThreshold");
3389 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
3390 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
3391 wpa_s->conf->dot11RSNAConfigSATimeout)) {
3392 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
3393 "dot11RSNAConfigSATimeout");
3397 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
3398 &wpa_s->hw.num_modes,
3401 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
3402 wpa_s->drv_capa_known = 1;
3403 wpa_s->drv_flags = capa.flags;
3404 wpa_s->drv_enc = capa.enc;
3405 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
3406 wpa_s->max_scan_ssids = capa.max_scan_ssids;
3407 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
3408 wpa_s->sched_scan_supported = capa.sched_scan_supported;
3409 wpa_s->max_match_sets = capa.max_match_sets;
3410 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
3411 wpa_s->max_stations = capa.max_stations;
3412 wpa_s->extended_capa = capa.extended_capa;
3413 wpa_s->extended_capa_mask = capa.extended_capa_mask;
3414 wpa_s->extended_capa_len = capa.extended_capa_len;
3415 wpa_s->num_multichan_concurrent =
3416 capa.num_multichan_concurrent;
3418 if (wpa_s->max_remain_on_chan == 0)
3419 wpa_s->max_remain_on_chan = 1000;
3422 * Only take p2p_mgmt parameters when P2P Device is supported.
3423 * Doing it here as it determines whether l2_packet_init() will be done
3424 * during wpa_supplicant_driver_init().
3426 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
3427 wpa_s->p2p_mgmt = iface->p2p_mgmt;
3429 iface->p2p_mgmt = 1;
3431 if (wpa_s->num_multichan_concurrent == 0)
3432 wpa_s->num_multichan_concurrent = 1;
3434 if (wpa_supplicant_driver_init(wpa_s) < 0)
3438 if ((!iface->p2p_mgmt ||
3439 !(wpa_s->drv_flags &
3440 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3441 wpa_tdls_init(wpa_s->wpa))
3443 #endif /* CONFIG_TDLS */
3445 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
3446 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
3447 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
3451 if (wpas_wps_init(wpa_s))
3454 if (wpa_supplicant_init_eapol(wpa_s) < 0)
3456 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
3458 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
3459 if (wpa_s->ctrl_iface == NULL) {
3460 wpa_printf(MSG_ERROR,
3461 "Failed to initialize control interface '%s'.\n"
3462 "You may have another wpa_supplicant process "
3463 "already running or the file was\n"
3464 "left by an unclean termination of wpa_supplicant "
3465 "in which case you will need\n"
3466 "to manually remove this file before starting "
3467 "wpa_supplicant again.\n",
3468 wpa_s->conf->ctrl_interface);
3472 wpa_s->gas = gas_query_init(wpa_s);
3473 if (wpa_s->gas == NULL) {
3474 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
3479 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
3480 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
3483 #endif /* CONFIG_P2P */
3485 if (wpa_bss_init(wpa_s) < 0)
3488 #ifdef CONFIG_EAP_PROXY
3491 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
3493 if (wpa_s->mnc_len > 0) {
3494 wpa_s->imsi[len] = '\0';
3495 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
3496 wpa_s->imsi, wpa_s->mnc_len);
3498 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
3501 #endif /* CONFIG_EAP_PROXY */
3503 if (pcsc_reader_init(wpa_s) < 0)
3506 if (wpas_init_ext_pw(wpa_s) < 0)
3513 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
3514 int notify, int terminate)
3516 wpa_s->disconnected = 1;
3517 if (wpa_s->drv_priv) {
3518 wpa_supplicant_deauthenticate(wpa_s,
3519 WLAN_REASON_DEAUTH_LEAVING);
3521 wpa_drv_set_countermeasures(wpa_s, 0);
3522 wpa_clear_keys(wpa_s, NULL);
3525 wpa_supplicant_cleanup(wpa_s);
3528 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
3529 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
3530 "the management interface is being removed");
3531 wpas_p2p_deinit_global(wpa_s->global);
3533 #endif /* CONFIG_P2P */
3535 wpas_ctrl_radio_work_flush(wpa_s);
3536 radio_remove_interface(wpa_s);
3538 if (wpa_s->drv_priv)
3539 wpa_drv_deinit(wpa_s);
3542 wpas_notify_iface_removed(wpa_s);
3545 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
3547 if (wpa_s->ctrl_iface) {
3548 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
3549 wpa_s->ctrl_iface = NULL;
3552 if (wpa_s->conf != NULL) {
3553 wpa_config_free(wpa_s->conf);
3562 * wpa_supplicant_add_iface - Add a new network interface
3563 * @global: Pointer to global data from wpa_supplicant_init()
3564 * @iface: Interface configuration options
3565 * Returns: Pointer to the created interface or %NULL on failure
3567 * This function is used to add new network interfaces for %wpa_supplicant.
3568 * This can be called before wpa_supplicant_run() to add interfaces before the
3569 * main event loop has been started. In addition, new interfaces can be added
3570 * dynamically while %wpa_supplicant is already running. This could happen,
3571 * e.g., when a hotplug network adapter is inserted.
3573 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3574 struct wpa_interface *iface)
3576 struct wpa_supplicant *wpa_s;
3577 struct wpa_interface t_iface;
3578 struct wpa_ssid *ssid;
3580 if (global == NULL || iface == NULL)
3583 wpa_s = wpa_supplicant_alloc();
3587 wpa_s->global = global;
3590 if (global->params.override_driver) {
3591 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3593 iface->driver, global->params.override_driver);
3594 t_iface.driver = global->params.override_driver;
3596 if (global->params.override_ctrl_interface) {
3597 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3598 "ctrl_interface ('%s' -> '%s')",
3599 iface->ctrl_interface,
3600 global->params.override_ctrl_interface);
3601 t_iface.ctrl_interface =
3602 global->params.override_ctrl_interface;
3604 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3605 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3607 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3611 /* Notify the control interfaces about new iface */
3612 if (wpas_notify_iface_added(wpa_s)) {
3613 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3617 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3618 wpas_notify_network_added(wpa_s, ssid);
3620 wpa_s->next = global->ifaces;
3621 global->ifaces = wpa_s;
3623 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3624 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3631 * wpa_supplicant_remove_iface - Remove a network interface
3632 * @global: Pointer to global data from wpa_supplicant_init()
3633 * @wpa_s: Pointer to the network interface to be removed
3634 * Returns: 0 if interface was removed, -1 if interface was not found
3636 * This function can be used to dynamically remove network interfaces from
3637 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3638 * addition, this function is used to remove all remaining interfaces when
3639 * %wpa_supplicant is terminated.
3641 int wpa_supplicant_remove_iface(struct wpa_global *global,
3642 struct wpa_supplicant *wpa_s,
3645 struct wpa_supplicant *prev;
3647 /* Remove interface from the global list of interfaces */
3648 prev = global->ifaces;
3649 if (prev == wpa_s) {
3650 global->ifaces = wpa_s->next;
3652 while (prev && prev->next != wpa_s)
3656 prev->next = wpa_s->next;
3659 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3661 if (global->p2p_group_formation == wpa_s)
3662 global->p2p_group_formation = NULL;
3663 if (global->p2p_invite_group == wpa_s)
3664 global->p2p_invite_group = NULL;
3665 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3672 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3673 * @wpa_s: Pointer to the network interface
3674 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3676 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3678 const char *eapol_method;
3680 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3681 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3685 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3686 if (eapol_method == NULL)
3687 return "UNKNOWN-EAP";
3689 return eapol_method;
3694 * wpa_supplicant_get_iface - Get a new network interface
3695 * @global: Pointer to global data from wpa_supplicant_init()
3696 * @ifname: Interface name
3697 * Returns: Pointer to the interface or %NULL if not found
3699 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3702 struct wpa_supplicant *wpa_s;
3704 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3705 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3712 #ifndef CONFIG_NO_WPA_MSG
3713 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3715 struct wpa_supplicant *wpa_s = ctx;
3718 return wpa_s->ifname;
3720 #endif /* CONFIG_NO_WPA_MSG */
3724 * wpa_supplicant_init - Initialize %wpa_supplicant
3725 * @params: Parameters for %wpa_supplicant
3726 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3728 * This function is used to initialize %wpa_supplicant. After successful
3729 * initialization, the returned data pointer can be used to add and remove
3730 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3732 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3734 struct wpa_global *global;
3740 #ifdef UNMASK__CONFIG_DRIVER_NDIS
3742 void driver_ndis_init_ops(void);
3743 driver_ndis_init_ops();
3745 #endif /* CONFIG_DRIVER_NDIS */
3747 #ifndef CONFIG_NO_WPA_MSG
3748 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3749 #endif /* CONFIG_NO_WPA_MSG */
3751 wpa_debug_open_file(params->wpa_debug_file_path);
3752 if (params->wpa_debug_syslog)
3753 wpa_debug_open_syslog();
3754 if (params->wpa_debug_tracing) {
3755 ret = wpa_debug_open_linux_tracing();
3757 wpa_printf(MSG_ERROR,
3758 "Failed to enable trace logging");
3763 ret = eap_register_methods();
3765 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3767 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3768 "the same EAP type.");
3772 global = os_zalloc(sizeof(*global));
3775 dl_list_init(&global->p2p_srv_bonjour);
3776 dl_list_init(&global->p2p_srv_upnp);
3777 global->params.daemonize = params->daemonize;
3778 global->params.wait_for_monitor = params->wait_for_monitor;
3779 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3780 if (params->pid_file)
3781 global->params.pid_file = os_strdup(params->pid_file);
3782 if (params->ctrl_interface)
3783 global->params.ctrl_interface =
3784 os_strdup(params->ctrl_interface);
3785 if (params->ctrl_interface_group)
3786 global->params.ctrl_interface_group =
3787 os_strdup(params->ctrl_interface_group);
3788 if (params->override_driver)
3789 global->params.override_driver =
3790 os_strdup(params->override_driver);
3791 if (params->override_ctrl_interface)
3792 global->params.override_ctrl_interface =
3793 os_strdup(params->override_ctrl_interface);
3794 wpa_debug_level = global->params.wpa_debug_level =
3795 params->wpa_debug_level;
3796 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3797 params->wpa_debug_show_keys;
3798 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3799 params->wpa_debug_timestamp;
3801 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3804 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3805 wpa_supplicant_deinit(global);
3809 random_init(params->entropy_file);
3811 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3812 if (global->ctrl_iface == NULL) {
3813 wpa_supplicant_deinit(global);
3817 if (wpas_notify_supplicant_initialized(global)) {
3818 wpa_supplicant_deinit(global);
3822 for (i = 0; wpa_drivers[i]; i++)
3823 global->drv_count++;
3824 if (global->drv_count == 0) {
3825 wpa_printf(MSG_ERROR, "No drivers enabled");
3826 wpa_supplicant_deinit(global);
3829 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3830 if (global->drv_priv == NULL) {
3831 wpa_supplicant_deinit(global);
3835 #ifdef CONFIG_WIFI_DISPLAY
3836 if (wifi_display_init(global) < 0) {
3837 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3838 wpa_supplicant_deinit(global);
3841 #endif /* CONFIG_WIFI_DISPLAY */
3848 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3849 * @global: Pointer to global data from wpa_supplicant_init()
3850 * Returns: 0 after successful event loop run, -1 on failure
3852 * This function starts the main event loop and continues running as long as
3853 * there are any remaining events. In most cases, this function is running as
3854 * long as the %wpa_supplicant process in still in use.
3856 int wpa_supplicant_run(struct wpa_global *global)
3858 struct wpa_supplicant *wpa_s;
3860 if (global->params.daemonize &&
3861 wpa_supplicant_daemon(global->params.pid_file))
3864 if (global->params.wait_for_monitor) {
3865 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3866 if (wpa_s->ctrl_iface)
3867 wpa_supplicant_ctrl_iface_wait(
3871 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3872 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3881 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3882 * @global: Pointer to global data from wpa_supplicant_init()
3884 * This function is called to deinitialize %wpa_supplicant and to free all
3885 * allocated resources. Remaining network interfaces will also be removed.
3887 void wpa_supplicant_deinit(struct wpa_global *global)
3894 #ifdef CONFIG_WIFI_DISPLAY
3895 wifi_display_deinit(global);
3896 #endif /* CONFIG_WIFI_DISPLAY */
3898 while (global->ifaces)
3899 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3901 if (global->ctrl_iface)
3902 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3904 wpas_notify_supplicant_deinitialized(global);
3906 eap_peer_unregister_methods();
3908 eap_server_unregister_methods();
3909 #endif /* CONFIG_AP */
3911 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3912 if (!global->drv_priv[i])
3914 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3916 os_free(global->drv_priv);
3922 if (global->params.pid_file) {
3923 os_daemonize_terminate(global->params.pid_file);
3924 os_free(global->params.pid_file);
3926 os_free(global->params.ctrl_interface);
3927 os_free(global->params.ctrl_interface_group);
3928 os_free(global->params.override_driver);
3929 os_free(global->params.override_ctrl_interface);
3931 os_free(global->p2p_disallow_freq.range);
3932 os_free(global->p2p_go_avoid_freq.range);
3933 os_free(global->add_psk);
3936 wpa_debug_close_syslog();
3937 wpa_debug_close_file();
3938 wpa_debug_close_linux_tracing();
3942 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3944 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3945 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3947 country[0] = wpa_s->conf->country[0];
3948 country[1] = wpa_s->conf->country[1];
3950 if (wpa_drv_set_country(wpa_s, country) < 0) {
3951 wpa_printf(MSG_ERROR, "Failed to set country code "
3956 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3957 wpas_init_ext_pw(wpa_s);
3960 wpas_wps_update_config(wpa_s);
3961 #endif /* CONFIG_WPS */
3964 wpas_p2p_update_config(wpa_s);
3965 #endif /* CONFIG_P2P */
3967 wpa_s->conf->changed_parameters = 0;
3971 static void add_freq(int *freqs, int *num_freqs, int freq)
3975 for (i = 0; i < *num_freqs; i++) {
3976 if (freqs[i] == freq)
3980 freqs[*num_freqs] = freq;
3985 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3987 struct wpa_bss *bss, *cbss;
3988 const int max_freqs = 10;
3992 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3996 cbss = wpa_s->current_bss;
3998 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4001 if (bss->ssid_len == cbss->ssid_len &&
4002 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4003 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4004 add_freq(freqs, &num_freqs, bss->freq);
4005 if (num_freqs == max_freqs)
4010 if (num_freqs == 0) {
4019 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4025 wpas_connect_work_done(wpa_s);
4028 * Remove possible authentication timeout since the connection failed.
4030 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4032 if (wpa_s->disconnected) {
4034 * There is no point in blacklisting the AP if this event is
4035 * generated based on local request to disconnect.
4037 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4038 "indication since interface has been put into "
4039 "disconnected state");
4044 * Add the failed BSSID into the blacklist and speed up next scan
4045 * attempt if there could be other APs that could accept association.
4046 * The current blacklist count indicates how many times we have tried
4047 * connecting to this AP and multiple attempts mean that other APs are
4048 * either not available or has already been tried, so that we can start
4049 * increasing the delay here to avoid constant scanning.
4051 count = wpa_blacklist_add(wpa_s, bssid);
4052 if (count == 1 && wpa_s->current_bss) {
4054 * This BSS was not in the blacklist before. If there is
4055 * another BSS available for the same ESS, we should try that
4056 * next. Otherwise, we may as well try this one once more
4057 * before allowing other, likely worse, ESSes to be considered.
4059 freqs = get_bss_freqs_in_ess(wpa_s);
4061 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4062 "has been seen; try it next");
4063 wpa_blacklist_add(wpa_s, bssid);
4065 * On the next scan, go through only the known channels
4066 * used in this ESS based on previous scans to speed up
4067 * common load balancing use case.
4069 os_free(wpa_s->next_scan_freqs);
4070 wpa_s->next_scan_freqs = freqs;
4075 * Add previous failure count in case the temporary blacklist was
4076 * cleared due to no other BSSes being available.
4078 count += wpa_s->extra_blacklist_count;
4080 if (count > 3 && wpa_s->current_ssid) {
4081 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4082 "consider temporary network disabling");
4083 wpas_auth_failed(wpa_s);
4104 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4105 "ms", count, timeout);
4108 * TODO: if more than one possible AP is available in scan results,
4109 * could try the other ones before requesting a new scan.
4111 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4112 1000 * (timeout % 1000));
4116 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4118 return wpa_s->conf->ap_scan == 2 ||
4119 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4123 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
4124 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4125 struct wpa_ssid *ssid,
4129 #ifdef IEEE8021X_EAPOL
4130 struct eap_peer_config *eap = &ssid->eap;
4132 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
4133 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
4134 (const u8 *) value, os_strlen(value));
4136 switch (wpa_supplicant_ctrl_req_from_string(field)) {
4137 case WPA_CTRL_REQ_EAP_IDENTITY:
4138 os_free(eap->identity);
4139 eap->identity = (u8 *) os_strdup(value);
4140 eap->identity_len = os_strlen(value);
4141 eap->pending_req_identity = 0;
4142 if (ssid == wpa_s->current_ssid)
4143 wpa_s->reassociate = 1;
4145 case WPA_CTRL_REQ_EAP_PASSWORD:
4146 os_free(eap->password);
4147 eap->password = (u8 *) os_strdup(value);
4148 eap->password_len = os_strlen(value);
4149 eap->pending_req_password = 0;
4150 if (ssid == wpa_s->current_ssid)
4151 wpa_s->reassociate = 1;
4153 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
4154 os_free(eap->new_password);
4155 eap->new_password = (u8 *) os_strdup(value);
4156 eap->new_password_len = os_strlen(value);
4157 eap->pending_req_new_password = 0;
4158 if (ssid == wpa_s->current_ssid)
4159 wpa_s->reassociate = 1;
4161 case WPA_CTRL_REQ_EAP_PIN:
4163 eap->pin = os_strdup(value);
4164 eap->pending_req_pin = 0;
4165 if (ssid == wpa_s->current_ssid)
4166 wpa_s->reassociate = 1;
4168 case WPA_CTRL_REQ_EAP_OTP:
4170 eap->otp = (u8 *) os_strdup(value);
4171 eap->otp_len = os_strlen(value);
4172 os_free(eap->pending_req_otp);
4173 eap->pending_req_otp = NULL;
4174 eap->pending_req_otp_len = 0;
4176 case WPA_CTRL_REQ_EAP_PASSPHRASE:
4177 os_free(eap->private_key_passwd);
4178 eap->private_key_passwd = (u8 *) os_strdup(value);
4179 eap->pending_req_passphrase = 0;
4180 if (ssid == wpa_s->current_ssid)
4181 wpa_s->reassociate = 1;
4183 case WPA_CTRL_REQ_SIM:
4184 os_free(eap->external_sim_resp);
4185 eap->external_sim_resp = os_strdup(value);
4188 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
4193 #else /* IEEE8021X_EAPOL */
4194 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
4196 #endif /* IEEE8021X_EAPOL */
4198 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
4201 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
4204 unsigned int drv_enc;
4212 if (wpa_s && wpa_s->drv_capa_known)
4213 drv_enc = wpa_s->drv_enc;
4215 drv_enc = (unsigned int) -1;
4217 for (i = 0; i < NUM_WEP_KEYS; i++) {
4218 size_t len = ssid->wep_key_len[i];
4221 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
4223 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
4225 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
4227 return 1; /* invalid WEP key */
4230 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
4238 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
4240 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
4242 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
4248 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
4250 struct wpa_ssid *ssid = wpa_s->current_ssid;
4252 struct os_reltime now;
4255 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
4260 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
4263 ssid->auth_failures++;
4266 if (ssid->p2p_group &&
4267 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
4269 * Skip the wait time since there is a short timeout on the
4270 * connection to a P2P group.
4274 #endif /* CONFIG_P2P */
4276 if (ssid->auth_failures > 50)
4278 else if (ssid->auth_failures > 20)
4280 else if (ssid->auth_failures > 10)
4282 else if (ssid->auth_failures > 5)
4284 else if (ssid->auth_failures > 1)
4289 os_get_reltime(&now);
4290 if (now.sec + dur <= ssid->disabled_until.sec)
4293 ssid->disabled_until.sec = now.sec + dur;
4295 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
4296 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
4297 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
4298 ssid->auth_failures, dur);
4302 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
4303 struct wpa_ssid *ssid, int clear_failures)
4308 if (ssid->disabled_until.sec) {
4309 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
4310 "id=%d ssid=\"%s\"",
4311 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4313 ssid->disabled_until.sec = 0;
4314 ssid->disabled_until.usec = 0;
4316 ssid->auth_failures = 0;
4320 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
4324 if (wpa_s->disallow_aps_bssid == NULL)
4327 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
4328 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
4329 bssid, ETH_ALEN) == 0)
4337 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
4342 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
4345 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
4346 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
4347 if (ssid_len == s->ssid_len &&
4348 os_memcmp(ssid, s->ssid, ssid_len) == 0)
4357 * wpas_request_connection - Request a new connection
4358 * @wpa_s: Pointer to the network interface
4360 * This function is used to request a new connection to be found. It will mark
4361 * the interface to allow reassociation and request a new scan to find a
4362 * suitable network to connect to.
4364 void wpas_request_connection(struct wpa_supplicant *wpa_s)
4366 wpa_s->normal_scans = 0;
4367 wpa_supplicant_reinit_autoscan(wpa_s);
4368 wpa_s->extra_blacklist_count = 0;
4369 wpa_s->disconnected = 0;
4370 wpa_s->reassociate = 1;
4372 if (wpa_supplicant_fast_associate(wpa_s) != 1)
4373 wpa_supplicant_req_scan(wpa_s, 0, 0);
4377 void dump_freq_array(struct wpa_supplicant *wpa_s, const char *title,
4378 int *freq_array, unsigned int len)
4382 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
4384 for (i = 0; i < len; i++)
4385 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d", i, freq_array[i]);
4390 * Find the operating frequencies of any of the virtual interfaces that
4391 * are using the same radio as the current interface.
4393 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
4394 int *freq_array, unsigned int len)
4396 struct wpa_supplicant *ifs;
4399 unsigned int idx = 0, i;
4401 wpa_dbg(wpa_s, MSG_DEBUG,
4402 "Determining shared radio frequencies (max len %u)", len);
4403 os_memset(freq_array, 0, sizeof(int) * len);
4405 /* First add the frequency of the local interface */
4406 if (wpa_s->current_ssid != NULL && wpa_s->assoc_freq != 0) {
4407 if (wpa_s->current_ssid->mode == WPAS_MODE_AP ||
4408 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)
4409 freq_array[idx++] = wpa_s->current_ssid->frequency;
4410 else if (wpa_drv_get_bssid(wpa_s, bssid) == 0)
4411 freq_array[idx++] = wpa_s->assoc_freq;
4414 /* If get_radio_name is not supported, use only the local freq */
4415 if (!wpa_s->driver->get_radio_name) {
4416 freq = wpa_drv_shared_freq(wpa_s);
4417 if (freq > 0 && idx < len &&
4418 (idx == 0 || freq_array[0] != freq))
4419 freq_array[idx++] = freq;
4420 dump_freq_array(wpa_s, "No get_radio_name", freq_array, idx);
4424 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
4429 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
4432 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
4433 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
4434 freq = ifs->current_ssid->frequency;
4435 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
4436 freq = ifs->assoc_freq;
4440 /* Hold only distinct freqs */
4441 for (i = 0; i < idx; i++)
4442 if (freq_array[i] == freq)
4446 freq_array[idx++] = freq;
4449 dump_freq_array(wpa_s, "completed iteration", freq_array, idx);