1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14
15 #include "common.h"
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_peer/eap_proxy.h"
21 #include "eap_server/eap_methods.h"
22 #include "rsn_supp/wpa.h"
23 #include "eloop.h"
24 #include "config.h"
25 #include "utils/ext_password.h"
26 #include "l2_packet/l2_packet.h"
27 #include "wpa_supplicant_i.h"
28 #include "driver_i.h"
29 #include "ctrl_iface.h"
30 #include "pcsc_funcs.h"
31 #include "common/version.h"
32 #include "rsn_supp/preauth.h"
33 #include "rsn_supp/pmksa_cache.h"
34 #include "common/wpa_ctrl.h"
35 #include "common/ieee802_11_defs.h"
36 #include "common/hw_features_common.h"
37 #include "p2p/p2p.h"
38 #include "blacklist.h"
39 #include "wpas_glue.h"
40 #include "wps_supplicant.h"
41 #include "ibss_rsn.h"
42 #include "sme.h"
43 #include "gas_query.h"
44 #include "ap.h"
45 #include "p2p_supplicant.h"
46 #include "wifi_display.h"
47 #include "notify.h"
48 #include "bgscan.h"
49 #include "autoscan.h"
50 #include "bss.h"
51 #include "scan.h"
52 #include "offchannel.h"
53 #include "hs20_supplicant.h"
54 #include "wnm_sta.h"
55 #include "wpas_kay.h"
56 #include "mesh.h"
57
58 const char *const wpa_supplicant_version =
59 "wpa_supplicant v" VERSION_STR "\n"
60 "Copyright (c) 2003-2015, Jouni Malinen <j@w1.fi> and contributors";
61
62 const char *const wpa_supplicant_license =
63 "This software may be distributed under the terms of the BSD license.\n"
64 "See README for more details.\n"
65 #ifdef EAP_TLS_OPENSSL
66 "\nThis product includes software developed by the OpenSSL Project\n"
67 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
68 #endif /* EAP_TLS_OPENSSL */
69 ;
70
71 #ifndef CONFIG_NO_STDOUT_DEBUG
72 /* Long text divided into parts in order to fit in C89 strings size limits. */
73 const char *const wpa_supplicant_full_license1 =
74 "";
75 const char *const wpa_supplicant_full_license2 =
76 "This software may be distributed under the terms of the BSD license.\n"
77 "\n"
78 "Redistribution and use in source and binary forms, with or without\n"
79 "modification, are permitted provided that the following conditions are\n"
80 "met:\n"
81 "\n";
82 const char *const wpa_supplicant_full_license3 =
83 "1. Redistributions of source code must retain the above copyright\n"
84 " notice, this list of conditions and the following disclaimer.\n"
85 "\n"
86 "2. Redistributions in binary form must reproduce the above copyright\n"
87 " notice, this list of conditions and the following disclaimer in the\n"
88 " documentation and/or other materials provided with the distribution.\n"
89 "\n";
90 const char *const wpa_supplicant_full_license4 =
91 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
92 " names of its contributors may be used to endorse or promote products\n"
93 " derived from this software without specific prior written permission.\n"
94 "\n"
95 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
96 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
97 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
98 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
99 const char *const wpa_supplicant_full_license5 =
100 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
101 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
102 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
103 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
104 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
105 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
106 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
107 "\n";
108 #endif /* CONFIG_NO_STDOUT_DEBUG */
109
110 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)111 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
112 {
113 int i, set = 0;
114
115 for (i = 0; i < NUM_WEP_KEYS; i++) {
116 if (ssid->wep_key_len[i] == 0)
117 continue;
118
119 set = 1;
120 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
121 i, i == ssid->wep_tx_keyidx, NULL, 0,
122 ssid->wep_key[i], ssid->wep_key_len[i]);
123 }
124
125 return set;
126 }
127
128
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)129 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
130 struct wpa_ssid *ssid)
131 {
132 u8 key[32];
133 size_t keylen;
134 enum wpa_alg alg;
135 u8 seq[6] = { 0 };
136 int ret;
137
138 /* IBSS/WPA-None uses only one key (Group) for both receiving and
139 * sending unicast and multicast packets. */
140
141 if (ssid->mode != WPAS_MODE_IBSS) {
142 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
143 "IBSS/ad-hoc) for WPA-None", ssid->mode);
144 return -1;
145 }
146
147 if (!ssid->psk_set) {
148 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
149 "WPA-None");
150 return -1;
151 }
152
153 switch (wpa_s->group_cipher) {
154 case WPA_CIPHER_CCMP:
155 os_memcpy(key, ssid->psk, 16);
156 keylen = 16;
157 alg = WPA_ALG_CCMP;
158 break;
159 case WPA_CIPHER_GCMP:
160 os_memcpy(key, ssid->psk, 16);
161 keylen = 16;
162 alg = WPA_ALG_GCMP;
163 break;
164 case WPA_CIPHER_TKIP:
165 /* WPA-None uses the same Michael MIC key for both TX and RX */
166 os_memcpy(key, ssid->psk, 16 + 8);
167 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
168 keylen = 32;
169 alg = WPA_ALG_TKIP;
170 break;
171 default:
172 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
173 "WPA-None", wpa_s->group_cipher);
174 return -1;
175 }
176
177 /* TODO: should actually remember the previously used seq#, both for TX
178 * and RX from each STA.. */
179
180 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
181 os_memset(key, 0, sizeof(key));
182 return ret;
183 }
184
185
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)186 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
187 {
188 struct wpa_supplicant *wpa_s = eloop_ctx;
189 const u8 *bssid = wpa_s->bssid;
190 if (is_zero_ether_addr(bssid))
191 bssid = wpa_s->pending_bssid;
192 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
193 MAC2STR(bssid));
194 wpa_blacklist_add(wpa_s, bssid);
195 wpa_sm_notify_disassoc(wpa_s->wpa);
196 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
197 wpa_s->reassociate = 1;
198
199 /*
200 * If we timed out, the AP or the local radio may be busy.
201 * So, wait a second until scanning again.
202 */
203 wpa_supplicant_req_scan(wpa_s, 1, 0);
204 }
205
206
207 /**
208 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
209 * @wpa_s: Pointer to wpa_supplicant data
210 * @sec: Number of seconds after which to time out authentication
211 * @usec: Number of microseconds after which to time out authentication
212 *
213 * This function is used to schedule a timeout for the current authentication
214 * attempt.
215 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)216 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
217 int sec, int usec)
218 {
219 if (wpa_s->conf->ap_scan == 0 &&
220 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
221 return;
222
223 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
224 "%d usec", sec, usec);
225 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
226 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
227 }
228
229
230 /**
231 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
232 * @wpa_s: Pointer to wpa_supplicant data
233 *
234 * This function is used to cancel authentication timeout scheduled with
235 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
236 * been completed.
237 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)238 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
239 {
240 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
241 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
242 wpa_blacklist_del(wpa_s, wpa_s->bssid);
243 }
244
245
246 /**
247 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
248 * @wpa_s: Pointer to wpa_supplicant data
249 *
250 * This function is used to configure EAPOL state machine based on the selected
251 * authentication mode.
252 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)253 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
254 {
255 #ifdef IEEE8021X_EAPOL
256 struct eapol_config eapol_conf;
257 struct wpa_ssid *ssid = wpa_s->current_ssid;
258
259 #ifdef CONFIG_IBSS_RSN
260 if (ssid->mode == WPAS_MODE_IBSS &&
261 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
263 /*
264 * RSN IBSS authentication is per-STA and we can disable the
265 * per-BSSID EAPOL authentication.
266 */
267 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
268 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
269 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
270 return;
271 }
272 #endif /* CONFIG_IBSS_RSN */
273
274 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
275 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
276
277 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
278 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
279 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
280 else
281 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
282
283 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
284 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
285 eapol_conf.accept_802_1x_keys = 1;
286 eapol_conf.required_keys = 0;
287 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
288 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
289 }
290 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
291 eapol_conf.required_keys |=
292 EAPOL_REQUIRE_KEY_BROADCAST;
293 }
294
295 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
296 eapol_conf.required_keys = 0;
297 }
298 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
299 eapol_conf.workaround = ssid->eap_workaround;
300 eapol_conf.eap_disabled =
301 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
302 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
303 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
304 eapol_conf.external_sim = wpa_s->conf->external_sim;
305
306 #ifdef CONFIG_WPS
307 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
308 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
309 if (wpa_s->current_bss) {
310 struct wpabuf *ie;
311 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
312 WPS_IE_VENDOR_TYPE);
313 if (ie) {
314 if (wps_is_20(ie))
315 eapol_conf.wps |=
316 EAPOL_PEER_IS_WPS20_AP;
317 wpabuf_free(ie);
318 }
319 }
320 }
321 #endif /* CONFIG_WPS */
322
323 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
324
325 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
326 #endif /* IEEE8021X_EAPOL */
327 }
328
329
330 /**
331 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
332 * @wpa_s: Pointer to wpa_supplicant data
333 * @ssid: Configuration data for the network
334 *
335 * This function is used to configure WPA state machine and related parameters
336 * to a mode where WPA is not enabled. This is called as part of the
337 * authentication configuration when the selected network does not use WPA.
338 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)339 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
340 struct wpa_ssid *ssid)
341 {
342 int i;
343
344 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
345 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
346 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
347 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
348 else
349 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
350 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
351 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
352 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
353 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
354 wpa_s->group_cipher = WPA_CIPHER_NONE;
355 wpa_s->mgmt_group_cipher = 0;
356
357 for (i = 0; i < NUM_WEP_KEYS; i++) {
358 if (ssid->wep_key_len[i] > 5) {
359 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
360 wpa_s->group_cipher = WPA_CIPHER_WEP104;
361 break;
362 } else if (ssid->wep_key_len[i] > 0) {
363 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
364 wpa_s->group_cipher = WPA_CIPHER_WEP40;
365 break;
366 }
367 }
368
369 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
370 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
371 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
372 wpa_s->pairwise_cipher);
373 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
374 #ifdef CONFIG_IEEE80211W
375 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
376 wpa_s->mgmt_group_cipher);
377 #endif /* CONFIG_IEEE80211W */
378
379 pmksa_cache_clear_current(wpa_s->wpa);
380 }
381
382
free_hw_features(struct wpa_supplicant * wpa_s)383 void free_hw_features(struct wpa_supplicant *wpa_s)
384 {
385 int i;
386 if (wpa_s->hw.modes == NULL)
387 return;
388
389 for (i = 0; i < wpa_s->hw.num_modes; i++) {
390 os_free(wpa_s->hw.modes[i].channels);
391 os_free(wpa_s->hw.modes[i].rates);
392 }
393
394 os_free(wpa_s->hw.modes);
395 wpa_s->hw.modes = NULL;
396 }
397
398
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)399 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
400 {
401 int i;
402
403 bgscan_deinit(wpa_s);
404 autoscan_deinit(wpa_s);
405 scard_deinit(wpa_s->scard);
406 wpa_s->scard = NULL;
407 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
408 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
409 l2_packet_deinit(wpa_s->l2);
410 wpa_s->l2 = NULL;
411 if (wpa_s->l2_br) {
412 l2_packet_deinit(wpa_s->l2_br);
413 wpa_s->l2_br = NULL;
414 }
415 #ifdef CONFIG_TESTING_OPTIONS
416 l2_packet_deinit(wpa_s->l2_test);
417 wpa_s->l2_test = NULL;
418 #endif /* CONFIG_TESTING_OPTIONS */
419
420 if (wpa_s->conf != NULL) {
421 struct wpa_ssid *ssid;
422 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
423 wpas_notify_network_removed(wpa_s, ssid);
424 }
425
426 os_free(wpa_s->confname);
427 wpa_s->confname = NULL;
428
429 os_free(wpa_s->confanother);
430 wpa_s->confanother = NULL;
431
432 wpa_sm_set_eapol(wpa_s->wpa, NULL);
433 eapol_sm_deinit(wpa_s->eapol);
434 wpa_s->eapol = NULL;
435
436 rsn_preauth_deinit(wpa_s->wpa);
437
438 #ifdef CONFIG_TDLS
439 wpa_tdls_deinit(wpa_s->wpa);
440 #endif /* CONFIG_TDLS */
441
442 wmm_ac_clear_saved_tspecs(wpa_s);
443 pmksa_candidate_free(wpa_s->wpa);
444 wpa_sm_deinit(wpa_s->wpa);
445 wpa_s->wpa = NULL;
446 wpa_blacklist_clear(wpa_s);
447
448 wpa_bss_deinit(wpa_s);
449
450 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
451 wpa_supplicant_cancel_scan(wpa_s);
452 wpa_supplicant_cancel_auth_timeout(wpa_s);
453 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
454 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
455 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
456 wpa_s, NULL);
457 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
458
459 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
460
461 wpas_wps_deinit(wpa_s);
462
463 wpabuf_free(wpa_s->pending_eapol_rx);
464 wpa_s->pending_eapol_rx = NULL;
465
466 #ifdef CONFIG_IBSS_RSN
467 ibss_rsn_deinit(wpa_s->ibss_rsn);
468 wpa_s->ibss_rsn = NULL;
469 #endif /* CONFIG_IBSS_RSN */
470
471 sme_deinit(wpa_s);
472
473 #ifdef CONFIG_AP
474 wpa_supplicant_ap_deinit(wpa_s);
475 #endif /* CONFIG_AP */
476
477 wpas_p2p_deinit(wpa_s);
478
479 #ifdef CONFIG_OFFCHANNEL
480 offchannel_deinit(wpa_s);
481 #endif /* CONFIG_OFFCHANNEL */
482
483 wpa_supplicant_cancel_sched_scan(wpa_s);
484
485 os_free(wpa_s->next_scan_freqs);
486 wpa_s->next_scan_freqs = NULL;
487
488 os_free(wpa_s->manual_scan_freqs);
489 wpa_s->manual_scan_freqs = NULL;
490
491 os_free(wpa_s->manual_sched_scan_freqs);
492 wpa_s->manual_sched_scan_freqs = NULL;
493
494 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
495
496 /*
497 * Need to remove any pending gas-query radio work before the
498 * gas_query_deinit() call because gas_query::work has not yet been set
499 * for works that have not been started. gas_query_free() will be unable
500 * to cancel such pending radio works and once the pending gas-query
501 * radio work eventually gets removed, the deinit notification call to
502 * gas_query_start_cb() would result in dereferencing freed memory.
503 */
504 if (wpa_s->radio)
505 radio_remove_works(wpa_s, "gas-query", 0);
506 gas_query_deinit(wpa_s->gas);
507 wpa_s->gas = NULL;
508
509 free_hw_features(wpa_s);
510
511 ieee802_1x_dealloc_kay_sm(wpa_s);
512
513 os_free(wpa_s->bssid_filter);
514 wpa_s->bssid_filter = NULL;
515
516 os_free(wpa_s->disallow_aps_bssid);
517 wpa_s->disallow_aps_bssid = NULL;
518 os_free(wpa_s->disallow_aps_ssid);
519 wpa_s->disallow_aps_ssid = NULL;
520
521 wnm_bss_keep_alive_deinit(wpa_s);
522 #ifdef CONFIG_WNM
523 wnm_deallocate_memory(wpa_s);
524 #endif /* CONFIG_WNM */
525
526 ext_password_deinit(wpa_s->ext_pw);
527 wpa_s->ext_pw = NULL;
528
529 wpabuf_free(wpa_s->last_gas_resp);
530 wpa_s->last_gas_resp = NULL;
531 wpabuf_free(wpa_s->prev_gas_resp);
532 wpa_s->prev_gas_resp = NULL;
533
534 os_free(wpa_s->last_scan_res);
535 wpa_s->last_scan_res = NULL;
536
537 #ifdef CONFIG_HS20
538 hs20_deinit(wpa_s);
539 #endif /* CONFIG_HS20 */
540
541 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
542 wpabuf_free(wpa_s->vendor_elem[i]);
543 wpa_s->vendor_elem[i] = NULL;
544 }
545
546 wmm_ac_notify_disassoc(wpa_s);
547 }
548
549
550 /**
551 * wpa_clear_keys - Clear keys configured for the driver
552 * @wpa_s: Pointer to wpa_supplicant data
553 * @addr: Previously used BSSID or %NULL if not available
554 *
555 * This function clears the encryption keys that has been previously configured
556 * for the driver.
557 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)558 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
559 {
560 int i, max;
561
562 #ifdef CONFIG_IEEE80211W
563 max = 6;
564 #else /* CONFIG_IEEE80211W */
565 max = 4;
566 #endif /* CONFIG_IEEE80211W */
567
568 /* MLME-DELETEKEYS.request */
569 for (i = 0; i < max; i++) {
570 if (wpa_s->keys_cleared & BIT(i))
571 continue;
572 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
573 NULL, 0);
574 }
575 if (!(wpa_s->keys_cleared & BIT(0)) && addr &&
576 !is_zero_ether_addr(addr)) {
577 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
578 0);
579 /* MLME-SETPROTECTION.request(None) */
580 wpa_drv_mlme_setprotection(
581 wpa_s, addr,
582 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
583 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
584 }
585 wpa_s->keys_cleared = (u32) -1;
586 }
587
588
589 /**
590 * wpa_supplicant_state_txt - Get the connection state name as a text string
591 * @state: State (wpa_state; WPA_*)
592 * Returns: The state name as a printable text string
593 */
wpa_supplicant_state_txt(enum wpa_states state)594 const char * wpa_supplicant_state_txt(enum wpa_states state)
595 {
596 switch (state) {
597 case WPA_DISCONNECTED:
598 return "DISCONNECTED";
599 case WPA_INACTIVE:
600 return "INACTIVE";
601 case WPA_INTERFACE_DISABLED:
602 return "INTERFACE_DISABLED";
603 case WPA_SCANNING:
604 return "SCANNING";
605 case WPA_AUTHENTICATING:
606 return "AUTHENTICATING";
607 case WPA_ASSOCIATING:
608 return "ASSOCIATING";
609 case WPA_ASSOCIATED:
610 return "ASSOCIATED";
611 case WPA_4WAY_HANDSHAKE:
612 return "4WAY_HANDSHAKE";
613 case WPA_GROUP_HANDSHAKE:
614 return "GROUP_HANDSHAKE";
615 case WPA_COMPLETED:
616 return "COMPLETED";
617 default:
618 return "UNKNOWN";
619 }
620 }
621
622
623 #ifdef CONFIG_BGSCAN
624
wpa_supplicant_start_bgscan(struct wpa_supplicant * wpa_s)625 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
626 {
627 const char *name;
628
629 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
630 name = wpa_s->current_ssid->bgscan;
631 else
632 name = wpa_s->conf->bgscan;
633 if (name == NULL || name[0] == '\0')
634 return;
635 if (wpas_driver_bss_selection(wpa_s))
636 return;
637 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
638 return;
639 #ifdef CONFIG_P2P
640 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
641 return;
642 #endif /* CONFIG_P2P */
643
644 bgscan_deinit(wpa_s);
645 if (wpa_s->current_ssid) {
646 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
647 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
648 "bgscan");
649 /*
650 * Live without bgscan; it is only used as a roaming
651 * optimization, so the initial connection is not
652 * affected.
653 */
654 } else {
655 struct wpa_scan_results *scan_res;
656 wpa_s->bgscan_ssid = wpa_s->current_ssid;
657 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
658 0);
659 if (scan_res) {
660 bgscan_notify_scan(wpa_s, scan_res);
661 wpa_scan_results_free(scan_res);
662 }
663 }
664 } else
665 wpa_s->bgscan_ssid = NULL;
666 }
667
668
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)669 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
670 {
671 if (wpa_s->bgscan_ssid != NULL) {
672 bgscan_deinit(wpa_s);
673 wpa_s->bgscan_ssid = NULL;
674 }
675 }
676
677 #endif /* CONFIG_BGSCAN */
678
679
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)680 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
681 {
682 if (autoscan_init(wpa_s, 0))
683 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
684 }
685
686
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)687 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
688 {
689 autoscan_deinit(wpa_s);
690 }
691
692
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)693 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
694 {
695 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
696 wpa_s->wpa_state == WPA_SCANNING) {
697 autoscan_deinit(wpa_s);
698 wpa_supplicant_start_autoscan(wpa_s);
699 }
700 }
701
702
703 /**
704 * wpa_supplicant_set_state - Set current connection state
705 * @wpa_s: Pointer to wpa_supplicant data
706 * @state: The new connection state
707 *
708 * This function is called whenever the connection state changes, e.g.,
709 * association is completed for WPA/WPA2 4-Way Handshake is started.
710 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)711 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
712 enum wpa_states state)
713 {
714 enum wpa_states old_state = wpa_s->wpa_state;
715
716 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
717 wpa_supplicant_state_txt(wpa_s->wpa_state),
718 wpa_supplicant_state_txt(state));
719
720 if (state == WPA_INTERFACE_DISABLED) {
721 /* Assure normal scan when interface is restored */
722 wpa_s->normal_scans = 0;
723 }
724
725 if (state == WPA_COMPLETED) {
726 wpas_connect_work_done(wpa_s);
727 /* Reinitialize normal_scan counter */
728 wpa_s->normal_scans = 0;
729 }
730
731 #ifdef CONFIG_P2P
732 /*
733 * P2PS client has to reply to Probe Request frames received on the
734 * group operating channel. Enable Probe Request frame reporting for
735 * P2P connected client in case p2p_cli_probe configuration property is
736 * set to 1.
737 */
738 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
739 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
740 wpa_s->current_ssid->p2p_group) {
741 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
742 wpa_dbg(wpa_s, MSG_DEBUG,
743 "P2P: Enable CLI Probe Request RX reporting");
744 wpa_s->p2p_cli_probe =
745 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
746 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
747 wpa_dbg(wpa_s, MSG_DEBUG,
748 "P2P: Disable CLI Probe Request RX reporting");
749 wpa_s->p2p_cli_probe = 0;
750 wpa_drv_probe_req_report(wpa_s, 0);
751 }
752 }
753 #endif /* CONFIG_P2P */
754
755 if (state != WPA_SCANNING)
756 wpa_supplicant_notify_scanning(wpa_s, 0);
757
758 if (state == WPA_COMPLETED && wpa_s->new_connection) {
759 struct wpa_ssid *ssid = wpa_s->current_ssid;
760 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
761 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
762 MACSTR " completed [id=%d id_str=%s]",
763 MAC2STR(wpa_s->bssid),
764 ssid ? ssid->id : -1,
765 ssid && ssid->id_str ? ssid->id_str : "");
766 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
767 wpas_clear_temp_disabled(wpa_s, ssid, 1);
768 wpa_blacklist_clear(wpa_s);
769 wpa_s->extra_blacklist_count = 0;
770 wpa_s->new_connection = 0;
771 wpa_drv_set_operstate(wpa_s, 1);
772 #ifndef IEEE8021X_EAPOL
773 wpa_drv_set_supp_port(wpa_s, 1);
774 #endif /* IEEE8021X_EAPOL */
775 wpa_s->after_wps = 0;
776 wpa_s->known_wps_freq = 0;
777 wpas_p2p_completed(wpa_s);
778
779 sme_sched_obss_scan(wpa_s, 1);
780 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
781 state == WPA_ASSOCIATED) {
782 wpa_s->new_connection = 1;
783 wpa_drv_set_operstate(wpa_s, 0);
784 #ifndef IEEE8021X_EAPOL
785 wpa_drv_set_supp_port(wpa_s, 0);
786 #endif /* IEEE8021X_EAPOL */
787 sme_sched_obss_scan(wpa_s, 0);
788 }
789 wpa_s->wpa_state = state;
790
791 #ifdef CONFIG_BGSCAN
792 if (state == WPA_COMPLETED)
793 wpa_supplicant_start_bgscan(wpa_s);
794 else if (state < WPA_ASSOCIATED)
795 wpa_supplicant_stop_bgscan(wpa_s);
796 #endif /* CONFIG_BGSCAN */
797
798 if (state == WPA_AUTHENTICATING)
799 wpa_supplicant_stop_autoscan(wpa_s);
800
801 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
802 wpa_supplicant_start_autoscan(wpa_s);
803
804 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
805 wmm_ac_notify_disassoc(wpa_s);
806
807 if (wpa_s->wpa_state != old_state) {
808 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
809
810 /*
811 * Notify the P2P Device interface about a state change in one
812 * of the interfaces.
813 */
814 wpas_p2p_indicate_state_change(wpa_s);
815
816 if (wpa_s->wpa_state == WPA_COMPLETED ||
817 old_state == WPA_COMPLETED)
818 wpas_notify_auth_changed(wpa_s);
819 }
820 }
821
822
wpa_supplicant_terminate_proc(struct wpa_global * global)823 void wpa_supplicant_terminate_proc(struct wpa_global *global)
824 {
825 int pending = 0;
826 #ifdef CONFIG_WPS
827 struct wpa_supplicant *wpa_s = global->ifaces;
828 while (wpa_s) {
829 struct wpa_supplicant *next = wpa_s->next;
830 if (wpas_wps_terminate_pending(wpa_s) == 1)
831 pending = 1;
832 #ifdef CONFIG_P2P
833 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
834 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
835 wpas_p2p_disconnect(wpa_s);
836 #endif /* CONFIG_P2P */
837 wpa_s = next;
838 }
839 #endif /* CONFIG_WPS */
840 if (pending)
841 return;
842 eloop_terminate();
843 }
844
845
wpa_supplicant_terminate(int sig,void * signal_ctx)846 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
847 {
848 struct wpa_global *global = signal_ctx;
849 wpa_supplicant_terminate_proc(global);
850 }
851
852
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)853 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
854 {
855 enum wpa_states old_state = wpa_s->wpa_state;
856
857 wpa_s->pairwise_cipher = 0;
858 wpa_s->group_cipher = 0;
859 wpa_s->mgmt_group_cipher = 0;
860 wpa_s->key_mgmt = 0;
861 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
862 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
863
864 if (wpa_s->wpa_state != old_state)
865 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
866 }
867
868
869 /**
870 * wpa_supplicant_reload_configuration - Reload configuration data
871 * @wpa_s: Pointer to wpa_supplicant data
872 * Returns: 0 on success or -1 if configuration parsing failed
873 *
874 * This function can be used to request that the configuration data is reloaded
875 * (e.g., after configuration file change). This function is reloading
876 * configuration only for one interface, so this may need to be called multiple
877 * times if %wpa_supplicant is controlling multiple interfaces and all
878 * interfaces need reconfiguration.
879 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)880 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
881 {
882 struct wpa_config *conf;
883 int reconf_ctrl;
884 int old_ap_scan;
885
886 if (wpa_s->confname == NULL)
887 return -1;
888 conf = wpa_config_read(wpa_s->confname, NULL);
889 if (conf == NULL) {
890 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
891 "file '%s' - exiting", wpa_s->confname);
892 return -1;
893 }
894 wpa_config_read(wpa_s->confanother, conf);
895
896 conf->changed_parameters = (unsigned int) -1;
897
898 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
899 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
900 os_strcmp(conf->ctrl_interface,
901 wpa_s->conf->ctrl_interface) != 0);
902
903 if (reconf_ctrl && wpa_s->ctrl_iface) {
904 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
905 wpa_s->ctrl_iface = NULL;
906 }
907
908 eapol_sm_invalidate_cached_session(wpa_s->eapol);
909 if (wpa_s->current_ssid) {
910 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
911 wpa_s->own_disconnect_req = 1;
912 wpa_supplicant_deauthenticate(wpa_s,
913 WLAN_REASON_DEAUTH_LEAVING);
914 }
915
916 /*
917 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
918 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
919 */
920 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
921 /*
922 * Clear forced success to clear EAP state for next
923 * authentication.
924 */
925 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
926 }
927 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
928 wpa_sm_set_config(wpa_s->wpa, NULL);
929 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
930 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
931 rsn_preauth_deinit(wpa_s->wpa);
932
933 old_ap_scan = wpa_s->conf->ap_scan;
934 wpa_config_free(wpa_s->conf);
935 wpa_s->conf = conf;
936 if (old_ap_scan != wpa_s->conf->ap_scan)
937 wpas_notify_ap_scan_changed(wpa_s);
938
939 if (reconf_ctrl)
940 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
941
942 wpa_supplicant_update_config(wpa_s);
943
944 wpa_supplicant_clear_status(wpa_s);
945 if (wpa_supplicant_enabled_networks(wpa_s)) {
946 wpa_s->reassociate = 1;
947 wpa_supplicant_req_scan(wpa_s, 0, 0);
948 }
949 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
950 return 0;
951 }
952
953
wpa_supplicant_reconfig(int sig,void * signal_ctx)954 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
955 {
956 struct wpa_global *global = signal_ctx;
957 struct wpa_supplicant *wpa_s;
958 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
959 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
960 sig);
961 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
962 wpa_supplicant_terminate_proc(global);
963 }
964 }
965 }
966
967
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)968 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
969 struct wpa_ssid *ssid,
970 struct wpa_ie_data *ie)
971 {
972 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
973 if (ret) {
974 if (ret == -2) {
975 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
976 "from association info");
977 }
978 return -1;
979 }
980
981 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
982 "cipher suites");
983 if (!(ie->group_cipher & ssid->group_cipher)) {
984 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
985 "cipher 0x%x (mask 0x%x) - reject",
986 ie->group_cipher, ssid->group_cipher);
987 return -1;
988 }
989 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
990 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
991 "cipher 0x%x (mask 0x%x) - reject",
992 ie->pairwise_cipher, ssid->pairwise_cipher);
993 return -1;
994 }
995 if (!(ie->key_mgmt & ssid->key_mgmt)) {
996 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
997 "management 0x%x (mask 0x%x) - reject",
998 ie->key_mgmt, ssid->key_mgmt);
999 return -1;
1000 }
1001
1002 #ifdef CONFIG_IEEE80211W
1003 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1004 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1005 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1006 "that does not support management frame protection - "
1007 "reject");
1008 return -1;
1009 }
1010 #endif /* CONFIG_IEEE80211W */
1011
1012 return 0;
1013 }
1014
1015
1016 /**
1017 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1018 * @wpa_s: Pointer to wpa_supplicant data
1019 * @bss: Scan results for the selected BSS, or %NULL if not available
1020 * @ssid: Configuration data for the selected network
1021 * @wpa_ie: Buffer for the WPA/RSN IE
1022 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1023 * used buffer length in case the functions returns success.
1024 * Returns: 0 on success or -1 on failure
1025 *
1026 * This function is used to configure authentication and encryption parameters
1027 * based on the network configuration and scan result for the selected BSS (if
1028 * available).
1029 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len)1030 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1031 struct wpa_bss *bss, struct wpa_ssid *ssid,
1032 u8 *wpa_ie, size_t *wpa_ie_len)
1033 {
1034 struct wpa_ie_data ie;
1035 int sel, proto;
1036 const u8 *bss_wpa, *bss_rsn, *bss_osen;
1037
1038 if (bss) {
1039 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1040 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1041 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1042 } else
1043 bss_wpa = bss_rsn = bss_osen = NULL;
1044
1045 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1046 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1047 (ie.group_cipher & ssid->group_cipher) &&
1048 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1049 (ie.key_mgmt & ssid->key_mgmt)) {
1050 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1051 proto = WPA_PROTO_RSN;
1052 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1053 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1054 (ie.group_cipher & ssid->group_cipher) &&
1055 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1056 (ie.key_mgmt & ssid->key_mgmt)) {
1057 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1058 proto = WPA_PROTO_WPA;
1059 #ifdef CONFIG_HS20
1060 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN)) {
1061 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1062 /* TODO: parse OSEN element */
1063 os_memset(&ie, 0, sizeof(ie));
1064 ie.group_cipher = WPA_CIPHER_CCMP;
1065 ie.pairwise_cipher = WPA_CIPHER_CCMP;
1066 ie.key_mgmt = WPA_KEY_MGMT_OSEN;
1067 proto = WPA_PROTO_OSEN;
1068 #endif /* CONFIG_HS20 */
1069 } else if (bss) {
1070 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1071 wpa_dbg(wpa_s, MSG_DEBUG,
1072 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1073 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1074 ssid->key_mgmt);
1075 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1076 MAC2STR(bss->bssid),
1077 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1078 bss_wpa ? " WPA" : "",
1079 bss_rsn ? " RSN" : "",
1080 bss_osen ? " OSEN" : "");
1081 if (bss_rsn) {
1082 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1083 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1084 wpa_dbg(wpa_s, MSG_DEBUG,
1085 "Could not parse RSN element");
1086 } else {
1087 wpa_dbg(wpa_s, MSG_DEBUG,
1088 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1089 ie.pairwise_cipher, ie.group_cipher,
1090 ie.key_mgmt);
1091 }
1092 }
1093 if (bss_wpa) {
1094 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1095 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1096 wpa_dbg(wpa_s, MSG_DEBUG,
1097 "Could not parse WPA element");
1098 } else {
1099 wpa_dbg(wpa_s, MSG_DEBUG,
1100 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1101 ie.pairwise_cipher, ie.group_cipher,
1102 ie.key_mgmt);
1103 }
1104 }
1105 return -1;
1106 } else {
1107 if (ssid->proto & WPA_PROTO_OSEN)
1108 proto = WPA_PROTO_OSEN;
1109 else if (ssid->proto & WPA_PROTO_RSN)
1110 proto = WPA_PROTO_RSN;
1111 else
1112 proto = WPA_PROTO_WPA;
1113 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1114 os_memset(&ie, 0, sizeof(ie));
1115 ie.group_cipher = ssid->group_cipher;
1116 ie.pairwise_cipher = ssid->pairwise_cipher;
1117 ie.key_mgmt = ssid->key_mgmt;
1118 #ifdef CONFIG_IEEE80211W
1119 ie.mgmt_group_cipher =
1120 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1121 WPA_CIPHER_AES_128_CMAC : 0;
1122 #endif /* CONFIG_IEEE80211W */
1123 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1124 "based on configuration");
1125 } else
1126 proto = ie.proto;
1127 }
1128
1129 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1130 "pairwise %d key_mgmt %d proto %d",
1131 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1132 #ifdef CONFIG_IEEE80211W
1133 if (ssid->ieee80211w) {
1134 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1135 ie.mgmt_group_cipher);
1136 }
1137 #endif /* CONFIG_IEEE80211W */
1138
1139 wpa_s->wpa_proto = proto;
1140 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1141 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1142 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1143
1144 if (bss || !wpa_s->ap_ies_from_associnfo) {
1145 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1146 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1147 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1148 bss_rsn ? 2 + bss_rsn[1] : 0))
1149 return -1;
1150 }
1151
1152 sel = ie.group_cipher & ssid->group_cipher;
1153 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1154 if (wpa_s->group_cipher < 0) {
1155 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1156 "cipher");
1157 return -1;
1158 }
1159 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1160 wpa_cipher_txt(wpa_s->group_cipher));
1161
1162 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1163 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1164 if (wpa_s->pairwise_cipher < 0) {
1165 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1166 "cipher");
1167 return -1;
1168 }
1169 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1170 wpa_cipher_txt(wpa_s->pairwise_cipher));
1171
1172 sel = ie.key_mgmt & ssid->key_mgmt;
1173 #ifdef CONFIG_SAE
1174 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1175 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1176 #endif /* CONFIG_SAE */
1177 if (0) {
1178 #ifdef CONFIG_SUITEB192
1179 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1180 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1181 wpa_dbg(wpa_s, MSG_DEBUG,
1182 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1183 #endif /* CONFIG_SUITEB192 */
1184 #ifdef CONFIG_SUITEB
1185 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1186 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1187 wpa_dbg(wpa_s, MSG_DEBUG,
1188 "WPA: using KEY_MGMT 802.1X with Suite B");
1189 #endif /* CONFIG_SUITEB */
1190 #ifdef CONFIG_IEEE80211R
1191 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1192 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1193 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1194 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1195 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1196 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1197 #endif /* CONFIG_IEEE80211R */
1198 #ifdef CONFIG_SAE
1199 } else if (sel & WPA_KEY_MGMT_SAE) {
1200 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1201 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1202 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1203 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1204 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1205 #endif /* CONFIG_SAE */
1206 #ifdef CONFIG_IEEE80211W
1207 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1208 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1209 wpa_dbg(wpa_s, MSG_DEBUG,
1210 "WPA: using KEY_MGMT 802.1X with SHA256");
1211 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1212 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1213 wpa_dbg(wpa_s, MSG_DEBUG,
1214 "WPA: using KEY_MGMT PSK with SHA256");
1215 #endif /* CONFIG_IEEE80211W */
1216 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1217 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1218 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1219 } else if (sel & WPA_KEY_MGMT_PSK) {
1220 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1221 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1222 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1223 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1224 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1225 #ifdef CONFIG_HS20
1226 } else if (sel & WPA_KEY_MGMT_OSEN) {
1227 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1228 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1229 #endif /* CONFIG_HS20 */
1230 } else {
1231 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1232 "authenticated key management type");
1233 return -1;
1234 }
1235
1236 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1237 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1238 wpa_s->pairwise_cipher);
1239 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1240
1241 #ifdef CONFIG_IEEE80211W
1242 sel = ie.mgmt_group_cipher;
1243 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1244 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1245 sel = 0;
1246 if (sel & WPA_CIPHER_AES_128_CMAC) {
1247 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1248 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1249 "AES-128-CMAC");
1250 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1251 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1252 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1253 "BIP-GMAC-128");
1254 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1255 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1256 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1257 "BIP-GMAC-256");
1258 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1259 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1260 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1261 "BIP-CMAC-256");
1262 } else {
1263 wpa_s->mgmt_group_cipher = 0;
1264 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1265 }
1266 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1267 wpa_s->mgmt_group_cipher);
1268 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1269 wpas_get_ssid_pmf(wpa_s, ssid));
1270 #endif /* CONFIG_IEEE80211W */
1271
1272 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1273 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1274 return -1;
1275 }
1276
1277 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1278 int psk_set = 0;
1279
1280 if (ssid->psk_set) {
1281 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL);
1282 psk_set = 1;
1283 }
1284 #ifndef CONFIG_NO_PBKDF2
1285 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1286 ssid->passphrase) {
1287 u8 psk[PMK_LEN];
1288 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1289 4096, psk, PMK_LEN);
1290 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1291 psk, PMK_LEN);
1292 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1293 psk_set = 1;
1294 os_memset(psk, 0, sizeof(psk));
1295 }
1296 #endif /* CONFIG_NO_PBKDF2 */
1297 #ifdef CONFIG_EXT_PASSWORD
1298 if (ssid->ext_psk) {
1299 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1300 ssid->ext_psk);
1301 char pw_str[64 + 1];
1302 u8 psk[PMK_LEN];
1303
1304 if (pw == NULL) {
1305 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1306 "found from external storage");
1307 return -1;
1308 }
1309
1310 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1311 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1312 "PSK length %d in external storage",
1313 (int) wpabuf_len(pw));
1314 ext_password_free(pw);
1315 return -1;
1316 }
1317
1318 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1319 pw_str[wpabuf_len(pw)] = '\0';
1320
1321 #ifndef CONFIG_NO_PBKDF2
1322 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1323 {
1324 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1325 4096, psk, PMK_LEN);
1326 os_memset(pw_str, 0, sizeof(pw_str));
1327 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1328 "external passphrase)",
1329 psk, PMK_LEN);
1330 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1331 psk_set = 1;
1332 os_memset(psk, 0, sizeof(psk));
1333 } else
1334 #endif /* CONFIG_NO_PBKDF2 */
1335 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1336 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1337 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1338 "Invalid PSK hex string");
1339 os_memset(pw_str, 0, sizeof(pw_str));
1340 ext_password_free(pw);
1341 return -1;
1342 }
1343 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL);
1344 psk_set = 1;
1345 os_memset(psk, 0, sizeof(psk));
1346 } else {
1347 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1348 "PSK available");
1349 os_memset(pw_str, 0, sizeof(pw_str));
1350 ext_password_free(pw);
1351 return -1;
1352 }
1353
1354 os_memset(pw_str, 0, sizeof(pw_str));
1355 ext_password_free(pw);
1356 }
1357 #endif /* CONFIG_EXT_PASSWORD */
1358
1359 if (!psk_set) {
1360 wpa_msg(wpa_s, MSG_INFO,
1361 "No PSK available for association");
1362 return -1;
1363 }
1364 } else
1365 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1366
1367 return 0;
1368 }
1369
1370
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx)1371 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1372 {
1373 *pos = 0x00;
1374
1375 switch (idx) {
1376 case 0: /* Bits 0-7 */
1377 break;
1378 case 1: /* Bits 8-15 */
1379 break;
1380 case 2: /* Bits 16-23 */
1381 #ifdef CONFIG_WNM
1382 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1383 *pos |= 0x08; /* Bit 19 - BSS Transition */
1384 #endif /* CONFIG_WNM */
1385 break;
1386 case 3: /* Bits 24-31 */
1387 #ifdef CONFIG_WNM
1388 *pos |= 0x02; /* Bit 25 - SSID List */
1389 #endif /* CONFIG_WNM */
1390 #ifdef CONFIG_INTERWORKING
1391 if (wpa_s->conf->interworking)
1392 *pos |= 0x80; /* Bit 31 - Interworking */
1393 #endif /* CONFIG_INTERWORKING */
1394 break;
1395 case 4: /* Bits 32-39 */
1396 #ifdef CONFIG_INTERWORKING
1397 if (wpa_s->drv_flags / WPA_DRIVER_FLAGS_QOS_MAPPING)
1398 *pos |= 0x01; /* Bit 32 - QoS Map */
1399 #endif /* CONFIG_INTERWORKING */
1400 break;
1401 case 5: /* Bits 40-47 */
1402 #ifdef CONFIG_HS20
1403 if (wpa_s->conf->hs20)
1404 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1405 #endif /* CONFIG_HS20 */
1406 break;
1407 case 6: /* Bits 48-55 */
1408 break;
1409 }
1410 }
1411
1412
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen)1413 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1414 {
1415 u8 *pos = buf;
1416 u8 len = 6, i;
1417
1418 if (len < wpa_s->extended_capa_len)
1419 len = wpa_s->extended_capa_len;
1420 if (buflen < (size_t) len + 2) {
1421 wpa_printf(MSG_INFO,
1422 "Not enough room for building extended capabilities element");
1423 return -1;
1424 }
1425
1426 *pos++ = WLAN_EID_EXT_CAPAB;
1427 *pos++ = len;
1428 for (i = 0; i < len; i++, pos++) {
1429 wpas_ext_capab_byte(wpa_s, pos, i);
1430
1431 if (i < wpa_s->extended_capa_len) {
1432 *pos &= ~wpa_s->extended_capa_mask[i];
1433 *pos |= wpa_s->extended_capa[i];
1434 }
1435 }
1436
1437 while (len > 0 && buf[1 + len] == 0) {
1438 len--;
1439 buf[1] = len;
1440 }
1441 if (len == 0)
1442 return 0;
1443
1444 return 2 + len;
1445 }
1446
1447
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)1448 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1449 struct wpa_bss *test_bss)
1450 {
1451 struct wpa_bss *bss;
1452
1453 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1454 if (bss == test_bss)
1455 return 1;
1456 }
1457
1458 return 0;
1459 }
1460
1461
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)1462 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1463 struct wpa_ssid *test_ssid)
1464 {
1465 struct wpa_ssid *ssid;
1466
1467 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
1468 if (ssid == test_ssid)
1469 return 1;
1470 }
1471
1472 return 0;
1473 }
1474
1475
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)1476 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
1477 struct wpa_ssid *test_ssid)
1478 {
1479 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
1480 return 0;
1481
1482 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
1483 }
1484
1485
wpas_connect_work_free(struct wpa_connect_work * cwork)1486 void wpas_connect_work_free(struct wpa_connect_work *cwork)
1487 {
1488 if (cwork == NULL)
1489 return;
1490 os_free(cwork);
1491 }
1492
1493
wpas_connect_work_done(struct wpa_supplicant * wpa_s)1494 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
1495 {
1496 struct wpa_connect_work *cwork;
1497 struct wpa_radio_work *work = wpa_s->connect_work;
1498
1499 if (!work)
1500 return;
1501
1502 wpa_s->connect_work = NULL;
1503 cwork = work->ctx;
1504 work->ctx = NULL;
1505 wpas_connect_work_free(cwork);
1506 radio_work_done(work);
1507 }
1508
1509
wpas_update_random_addr(struct wpa_supplicant * wpa_s,int style)1510 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
1511 {
1512 struct os_reltime now;
1513 u8 addr[ETH_ALEN];
1514
1515 os_get_reltime(&now);
1516 if (wpa_s->last_mac_addr_style == style &&
1517 wpa_s->last_mac_addr_change.sec != 0 &&
1518 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
1519 wpa_s->conf->rand_addr_lifetime)) {
1520 wpa_msg(wpa_s, MSG_DEBUG,
1521 "Previously selected random MAC address has not yet expired");
1522 return 0;
1523 }
1524
1525 switch (style) {
1526 case 1:
1527 if (random_mac_addr(addr) < 0)
1528 return -1;
1529 break;
1530 case 2:
1531 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
1532 if (random_mac_addr_keep_oui(addr) < 0)
1533 return -1;
1534 break;
1535 default:
1536 return -1;
1537 }
1538
1539 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
1540 wpa_msg(wpa_s, MSG_INFO,
1541 "Failed to set random MAC address");
1542 return -1;
1543 }
1544
1545 os_get_reltime(&wpa_s->last_mac_addr_change);
1546 wpa_s->mac_addr_changed = 1;
1547 wpa_s->last_mac_addr_style = style;
1548
1549 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1550 wpa_msg(wpa_s, MSG_INFO,
1551 "Could not update MAC address information");
1552 return -1;
1553 }
1554
1555 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
1556 MAC2STR(addr));
1557
1558 return 0;
1559 }
1560
1561
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)1562 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
1563 {
1564 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
1565 !wpa_s->conf->preassoc_mac_addr)
1566 return 0;
1567
1568 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
1569 }
1570
1571
1572 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
1573
1574 /**
1575 * wpa_supplicant_associate - Request association
1576 * @wpa_s: Pointer to wpa_supplicant data
1577 * @bss: Scan results for the selected BSS, or %NULL if not available
1578 * @ssid: Configuration data for the selected network
1579 *
1580 * This function is used to request %wpa_supplicant to associate with a BSS.
1581 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)1582 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1583 struct wpa_bss *bss, struct wpa_ssid *ssid)
1584 {
1585 struct wpa_connect_work *cwork;
1586 int rand_style;
1587
1588 if (ssid->mac_addr == -1)
1589 rand_style = wpa_s->conf->mac_addr;
1590 else
1591 rand_style = ssid->mac_addr;
1592
1593 wmm_ac_clear_saved_tspecs(wpa_s);
1594 wpa_s->reassoc_same_bss = 0;
1595
1596 if (wpa_s->last_ssid == ssid) {
1597 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
1598 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
1599 wmm_ac_save_tspecs(wpa_s);
1600 wpa_s->reassoc_same_bss = 1;
1601 }
1602 } else if (rand_style > 0) {
1603 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
1604 return;
1605 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
1606 } else if (wpa_s->mac_addr_changed) {
1607 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
1608 wpa_msg(wpa_s, MSG_INFO,
1609 "Could not restore permanent MAC address");
1610 return;
1611 }
1612 wpa_s->mac_addr_changed = 0;
1613 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
1614 wpa_msg(wpa_s, MSG_INFO,
1615 "Could not update MAC address information");
1616 return;
1617 }
1618 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
1619 }
1620 wpa_s->last_ssid = ssid;
1621
1622 #ifdef CONFIG_IBSS_RSN
1623 ibss_rsn_deinit(wpa_s->ibss_rsn);
1624 wpa_s->ibss_rsn = NULL;
1625 #endif /* CONFIG_IBSS_RSN */
1626
1627 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1628 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1629 #ifdef CONFIG_AP
1630 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1631 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1632 "mode");
1633 return;
1634 }
1635 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1636 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1637 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
1638 wpas_p2p_ap_setup_failed(wpa_s);
1639 return;
1640 }
1641 wpa_s->current_bss = bss;
1642 #else /* CONFIG_AP */
1643 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1644 "the build");
1645 #endif /* CONFIG_AP */
1646 return;
1647 }
1648
1649 if (ssid->mode == WPAS_MODE_MESH) {
1650 #ifdef CONFIG_MESH
1651 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
1652 wpa_msg(wpa_s, MSG_INFO,
1653 "Driver does not support mesh mode");
1654 return;
1655 }
1656 if (bss)
1657 ssid->frequency = bss->freq;
1658 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
1659 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
1660 return;
1661 }
1662 wpa_s->current_bss = bss;
1663 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_STARTED
1664 "ssid=\"%s\" id=%d",
1665 wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
1666 ssid->id);
1667 #else /* CONFIG_MESH */
1668 wpa_msg(wpa_s, MSG_ERROR,
1669 "mesh mode support not included in the build");
1670 #endif /* CONFIG_MESH */
1671 return;
1672 }
1673
1674 #ifdef CONFIG_TDLS
1675 if (bss)
1676 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1677 bss->ie_len);
1678 #endif /* CONFIG_TDLS */
1679
1680 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1681 ssid->mode == IEEE80211_MODE_INFRA) {
1682 sme_authenticate(wpa_s, bss, ssid);
1683 return;
1684 }
1685
1686 if (wpa_s->connect_work) {
1687 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
1688 return;
1689 }
1690
1691 if (radio_work_pending(wpa_s, "connect")) {
1692 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
1693 return;
1694 }
1695
1696 cwork = os_zalloc(sizeof(*cwork));
1697 if (cwork == NULL)
1698 return;
1699
1700 cwork->bss = bss;
1701 cwork->ssid = ssid;
1702
1703 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
1704 wpas_start_assoc_cb, cwork) < 0) {
1705 os_free(cwork);
1706 }
1707 }
1708
1709
bss_is_ibss(struct wpa_bss * bss)1710 static int bss_is_ibss(struct wpa_bss *bss)
1711 {
1712 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
1713 IEEE80211_CAP_IBSS;
1714 }
1715
1716
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)1717 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
1718 const struct wpa_ssid *ssid,
1719 struct hostapd_freq_params *freq)
1720 {
1721 enum hostapd_hw_mode hw_mode;
1722 struct hostapd_hw_modes *mode = NULL;
1723 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
1724 184, 192 };
1725 int vht80[] = { 36, 52, 100, 116, 132, 149 };
1726 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
1727 u8 channel;
1728 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
1729 unsigned int j;
1730 struct hostapd_freq_params vht_freq;
1731
1732 freq->freq = ssid->frequency;
1733
1734 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
1735 struct wpa_bss *bss = wpa_s->last_scan_res[j];
1736
1737 if (ssid->mode != WPAS_MODE_IBSS)
1738 break;
1739
1740 /* Don't adjust control freq in case of fixed_freq */
1741 if (ssid->fixed_freq)
1742 break;
1743
1744 if (!bss_is_ibss(bss))
1745 continue;
1746
1747 if (ssid->ssid_len == bss->ssid_len &&
1748 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
1749 wpa_printf(MSG_DEBUG,
1750 "IBSS already found in scan results, adjust control freq: %d",
1751 bss->freq);
1752 freq->freq = bss->freq;
1753 obss_scan = 0;
1754 break;
1755 }
1756 }
1757
1758 /* For IBSS check HT_IBSS flag */
1759 if (ssid->mode == WPAS_MODE_IBSS &&
1760 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
1761 return;
1762
1763 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
1764 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
1765 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
1766 wpa_printf(MSG_DEBUG,
1767 "IBSS: WEP/TKIP detected, do not try to enable HT");
1768 return;
1769 }
1770
1771 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
1772 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
1773 if (wpa_s->hw.modes[i].mode == hw_mode) {
1774 mode = &wpa_s->hw.modes[i];
1775 break;
1776 }
1777 }
1778
1779 if (!mode)
1780 return;
1781
1782 freq->ht_enabled = ht_supported(mode);
1783 if (!freq->ht_enabled)
1784 return;
1785
1786 /* Setup higher BW only for 5 GHz */
1787 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
1788 return;
1789
1790 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
1791 pri_chan = &mode->channels[chan_idx];
1792 if (pri_chan->chan == channel)
1793 break;
1794 pri_chan = NULL;
1795 }
1796 if (!pri_chan)
1797 return;
1798
1799 /* Check primary channel flags */
1800 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1801 return;
1802
1803 /* Check/setup HT40+/HT40- */
1804 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
1805 if (ht40plus[j] == channel) {
1806 ht40 = 1;
1807 break;
1808 }
1809 }
1810
1811 /* Find secondary channel */
1812 for (i = 0; i < mode->num_channels; i++) {
1813 sec_chan = &mode->channels[i];
1814 if (sec_chan->chan == channel + ht40 * 4)
1815 break;
1816 sec_chan = NULL;
1817 }
1818 if (!sec_chan)
1819 return;
1820
1821 /* Check secondary channel flags */
1822 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1823 return;
1824
1825 freq->channel = pri_chan->chan;
1826
1827 switch (ht40) {
1828 case -1:
1829 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
1830 return;
1831 freq->sec_channel_offset = -1;
1832 break;
1833 case 1:
1834 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
1835 return;
1836 freq->sec_channel_offset = 1;
1837 break;
1838 default:
1839 break;
1840 }
1841
1842 if (freq->sec_channel_offset && obss_scan) {
1843 struct wpa_scan_results *scan_res;
1844
1845 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
1846 if (scan_res == NULL) {
1847 /* Back to HT20 */
1848 freq->sec_channel_offset = 0;
1849 return;
1850 }
1851
1852 res = check_40mhz_5g(mode, scan_res, pri_chan->chan,
1853 sec_chan->chan);
1854 switch (res) {
1855 case 0:
1856 /* Back to HT20 */
1857 freq->sec_channel_offset = 0;
1858 break;
1859 case 1:
1860 /* Configuration allowed */
1861 break;
1862 case 2:
1863 /* Switch pri/sec channels */
1864 freq->freq = hw_get_freq(mode, sec_chan->chan);
1865 freq->sec_channel_offset = -freq->sec_channel_offset;
1866 freq->channel = sec_chan->chan;
1867 break;
1868 default:
1869 freq->sec_channel_offset = 0;
1870 break;
1871 }
1872
1873 wpa_scan_results_free(scan_res);
1874 }
1875
1876 wpa_printf(MSG_DEBUG,
1877 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
1878 freq->channel, freq->sec_channel_offset);
1879
1880 /* Not sure if mesh is ready for VHT */
1881 if (ssid->mode != WPAS_MODE_IBSS)
1882 return;
1883
1884 /* For IBSS check VHT_IBSS flag */
1885 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
1886 return;
1887
1888 vht_freq = *freq;
1889
1890 vht_freq.vht_enabled = vht_supported(mode);
1891 if (!vht_freq.vht_enabled)
1892 return;
1893
1894 /* setup center_freq1, bandwidth */
1895 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
1896 if (freq->channel >= vht80[j] &&
1897 freq->channel < vht80[j] + 16)
1898 break;
1899 }
1900
1901 if (j == ARRAY_SIZE(vht80))
1902 return;
1903
1904 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
1905 struct hostapd_channel_data *chan;
1906
1907 chan = hw_get_channel_chan(mode, i, NULL);
1908 if (!chan)
1909 return;
1910
1911 /* Back to HT configuration if channel not usable */
1912 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
1913 return;
1914 }
1915
1916 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
1917 freq->channel, freq->ht_enabled,
1918 vht_freq.vht_enabled,
1919 freq->sec_channel_offset,
1920 VHT_CHANWIDTH_80MHZ,
1921 vht80[j] + 6, 0, 0) != 0)
1922 return;
1923
1924 *freq = vht_freq;
1925
1926 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
1927 freq->center_freq1, freq->center_freq2, freq->bandwidth);
1928 }
1929
1930
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)1931 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
1932 {
1933 struct wpa_connect_work *cwork = work->ctx;
1934 struct wpa_bss *bss = cwork->bss;
1935 struct wpa_ssid *ssid = cwork->ssid;
1936 struct wpa_supplicant *wpa_s = work->wpa_s;
1937 u8 wpa_ie[200];
1938 size_t wpa_ie_len;
1939 int use_crypt, ret, i, bssid_changed;
1940 int algs = WPA_AUTH_ALG_OPEN;
1941 unsigned int cipher_pairwise, cipher_group;
1942 struct wpa_driver_associate_params params;
1943 int wep_keys_set = 0;
1944 int assoc_failed = 0;
1945 struct wpa_ssid *old_ssid;
1946 #ifdef CONFIG_HT_OVERRIDES
1947 struct ieee80211_ht_capabilities htcaps;
1948 struct ieee80211_ht_capabilities htcaps_mask;
1949 #endif /* CONFIG_HT_OVERRIDES */
1950 #ifdef CONFIG_VHT_OVERRIDES
1951 struct ieee80211_vht_capabilities vhtcaps;
1952 struct ieee80211_vht_capabilities vhtcaps_mask;
1953 #endif /* CONFIG_VHT_OVERRIDES */
1954
1955 if (deinit) {
1956 if (work->started) {
1957 wpa_s->connect_work = NULL;
1958
1959 /* cancel possible auth. timeout */
1960 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
1961 NULL);
1962 }
1963 wpas_connect_work_free(cwork);
1964 return;
1965 }
1966
1967 wpa_s->connect_work = work;
1968
1969 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid)) {
1970 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
1971 wpas_connect_work_done(wpa_s);
1972 return;
1973 }
1974
1975 os_memset(¶ms, 0, sizeof(params));
1976 wpa_s->reassociate = 0;
1977 wpa_s->eap_expected_failure = 0;
1978 if (bss &&
1979 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
1980 #ifdef CONFIG_IEEE80211R
1981 const u8 *ie, *md = NULL;
1982 #endif /* CONFIG_IEEE80211R */
1983 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1984 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1985 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1986 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1987 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1988 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1989 if (bssid_changed)
1990 wpas_notify_bssid_changed(wpa_s);
1991 #ifdef CONFIG_IEEE80211R
1992 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1993 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1994 md = ie + 2;
1995 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1996 if (md) {
1997 /* Prepare for the next transition */
1998 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1999 }
2000 #endif /* CONFIG_IEEE80211R */
2001 #ifdef CONFIG_WPS
2002 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
2003 wpa_s->conf->ap_scan == 2 &&
2004 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
2005 /* Use ap_scan==1 style network selection to find the network
2006 */
2007 wpas_connect_work_done(wpa_s);
2008 wpa_s->scan_req = MANUAL_SCAN_REQ;
2009 wpa_s->reassociate = 1;
2010 wpa_supplicant_req_scan(wpa_s, 0, 0);
2011 return;
2012 #endif /* CONFIG_WPS */
2013 } else {
2014 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
2015 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
2016 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2017 }
2018 wpa_supplicant_cancel_sched_scan(wpa_s);
2019 wpa_supplicant_cancel_scan(wpa_s);
2020
2021 /* Starting new association, so clear the possibly used WPA IE from the
2022 * previous association. */
2023 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
2024
2025 #ifdef IEEE8021X_EAPOL
2026 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2027 if (ssid->leap) {
2028 if (ssid->non_leap == 0)
2029 algs = WPA_AUTH_ALG_LEAP;
2030 else
2031 algs |= WPA_AUTH_ALG_LEAP;
2032 }
2033 }
2034 #endif /* IEEE8021X_EAPOL */
2035 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2036 if (ssid->auth_alg) {
2037 algs = ssid->auth_alg;
2038 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
2039 "0x%x", algs);
2040 }
2041
2042 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2043 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2044 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2045 int try_opportunistic;
2046 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2047 wpa_s->conf->okc :
2048 ssid->proactive_key_caching) &&
2049 (ssid->proto & WPA_PROTO_RSN);
2050 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2051 ssid, try_opportunistic) == 0)
2052 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2053 wpa_ie_len = sizeof(wpa_ie);
2054 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2055 wpa_ie, &wpa_ie_len)) {
2056 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2057 "key management and encryption suites");
2058 wpas_connect_work_done(wpa_s);
2059 return;
2060 }
2061 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2062 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2063 /*
2064 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2065 * use non-WPA since the scan results did not indicate that the
2066 * AP is using WPA or WPA2.
2067 */
2068 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2069 wpa_ie_len = 0;
2070 wpa_s->wpa_proto = 0;
2071 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2072 wpa_ie_len = sizeof(wpa_ie);
2073 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2074 wpa_ie, &wpa_ie_len)) {
2075 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2076 "key management and encryption suites (no "
2077 "scan results)");
2078 wpas_connect_work_done(wpa_s);
2079 return;
2080 }
2081 #ifdef CONFIG_WPS
2082 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2083 struct wpabuf *wps_ie;
2084 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2085 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
2086 wpa_ie_len = wpabuf_len(wps_ie);
2087 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2088 } else
2089 wpa_ie_len = 0;
2090 wpabuf_free(wps_ie);
2091 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2092 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2093 params.wps = WPS_MODE_PRIVACY;
2094 else
2095 params.wps = WPS_MODE_OPEN;
2096 wpa_s->wpa_proto = 0;
2097 #endif /* CONFIG_WPS */
2098 } else {
2099 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2100 wpa_ie_len = 0;
2101 wpa_s->wpa_proto = 0;
2102 }
2103
2104 #ifdef CONFIG_P2P
2105 if (wpa_s->global->p2p) {
2106 u8 *pos;
2107 size_t len;
2108 int res;
2109 pos = wpa_ie + wpa_ie_len;
2110 len = sizeof(wpa_ie) - wpa_ie_len;
2111 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2112 ssid->p2p_group);
2113 if (res >= 0)
2114 wpa_ie_len += res;
2115 }
2116
2117 wpa_s->cross_connect_disallowed = 0;
2118 if (bss) {
2119 struct wpabuf *p2p;
2120 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2121 if (p2p) {
2122 wpa_s->cross_connect_disallowed =
2123 p2p_get_cross_connect_disallowed(p2p);
2124 wpabuf_free(p2p);
2125 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
2126 "connection",
2127 wpa_s->cross_connect_disallowed ?
2128 "disallows" : "allows");
2129 }
2130 }
2131
2132 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
2133 #endif /* CONFIG_P2P */
2134
2135 #ifdef CONFIG_HS20
2136 if (is_hs20_network(wpa_s, ssid, bss)) {
2137 struct wpabuf *hs20;
2138 hs20 = wpabuf_alloc(20);
2139 if (hs20) {
2140 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
2141 size_t len;
2142
2143 wpas_hs20_add_indication(hs20, pps_mo_id);
2144 len = sizeof(wpa_ie) - wpa_ie_len;
2145 if (wpabuf_len(hs20) <= len) {
2146 os_memcpy(wpa_ie + wpa_ie_len,
2147 wpabuf_head(hs20), wpabuf_len(hs20));
2148 wpa_ie_len += wpabuf_len(hs20);
2149 }
2150 wpabuf_free(hs20);
2151 }
2152 }
2153 #endif /* CONFIG_HS20 */
2154
2155 /*
2156 * Workaround: Add Extended Capabilities element only if the AP
2157 * included this element in Beacon/Probe Response frames. Some older
2158 * APs seem to have interoperability issues if this element is
2159 * included, so while the standard may require us to include the
2160 * element in all cases, it is justifiable to skip it to avoid
2161 * interoperability issues.
2162 */
2163 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
2164 u8 ext_capab[18];
2165 int ext_capab_len;
2166 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
2167 sizeof(ext_capab));
2168 if (ext_capab_len > 0) {
2169 u8 *pos = wpa_ie;
2170 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
2171 pos += 2 + pos[1];
2172 os_memmove(pos + ext_capab_len, pos,
2173 wpa_ie_len - (pos - wpa_ie));
2174 wpa_ie_len += ext_capab_len;
2175 os_memcpy(pos, ext_capab, ext_capab_len);
2176 }
2177 }
2178
2179 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
2180 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
2181 size_t len;
2182
2183 len = sizeof(wpa_ie) - wpa_ie_len;
2184 if (wpabuf_len(buf) <= len) {
2185 os_memcpy(wpa_ie + wpa_ie_len,
2186 wpabuf_head(buf), wpabuf_len(buf));
2187 wpa_ie_len += wpabuf_len(buf);
2188 }
2189 }
2190
2191 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
2192 use_crypt = 1;
2193 cipher_pairwise = wpa_s->pairwise_cipher;
2194 cipher_group = wpa_s->group_cipher;
2195 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
2196 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2197 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
2198 use_crypt = 0;
2199 if (wpa_set_wep_keys(wpa_s, ssid)) {
2200 use_crypt = 1;
2201 wep_keys_set = 1;
2202 }
2203 }
2204 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
2205 use_crypt = 0;
2206
2207 #ifdef IEEE8021X_EAPOL
2208 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2209 if ((ssid->eapol_flags &
2210 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
2211 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
2212 !wep_keys_set) {
2213 use_crypt = 0;
2214 } else {
2215 /* Assume that dynamic WEP-104 keys will be used and
2216 * set cipher suites in order for drivers to expect
2217 * encryption. */
2218 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
2219 }
2220 }
2221 #endif /* IEEE8021X_EAPOL */
2222
2223 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2224 /* Set the key before (and later after) association */
2225 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2226 }
2227
2228 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
2229 if (bss) {
2230 params.ssid = bss->ssid;
2231 params.ssid_len = bss->ssid_len;
2232 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
2233 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
2234 MACSTR " freq=%u MHz based on scan results "
2235 "(bssid_set=%d)",
2236 MAC2STR(bss->bssid), bss->freq,
2237 ssid->bssid_set);
2238 params.bssid = bss->bssid;
2239 params.freq.freq = bss->freq;
2240 }
2241 params.bssid_hint = bss->bssid;
2242 params.freq_hint = bss->freq;
2243 } else {
2244 params.ssid = ssid->ssid;
2245 params.ssid_len = ssid->ssid_len;
2246 }
2247
2248 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
2249 wpa_s->conf->ap_scan == 2) {
2250 params.bssid = ssid->bssid;
2251 params.fixed_bssid = 1;
2252 }
2253
2254 /* Initial frequency for IBSS/mesh */
2255 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
2256 ssid->frequency > 0 && params.freq.freq == 0)
2257 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
2258
2259 if (ssid->mode == WPAS_MODE_IBSS) {
2260 params.fixed_freq = ssid->fixed_freq;
2261 if (ssid->beacon_int)
2262 params.beacon_int = ssid->beacon_int;
2263 else
2264 params.beacon_int = wpa_s->conf->beacon_int;
2265 }
2266
2267 params.wpa_ie = wpa_ie;
2268 params.wpa_ie_len = wpa_ie_len;
2269 params.pairwise_suite = cipher_pairwise;
2270 params.group_suite = cipher_group;
2271 params.key_mgmt_suite = wpa_s->key_mgmt;
2272 params.wpa_proto = wpa_s->wpa_proto;
2273 params.auth_alg = algs;
2274 params.mode = ssid->mode;
2275 params.bg_scan_period = ssid->bg_scan_period;
2276 for (i = 0; i < NUM_WEP_KEYS; i++) {
2277 if (ssid->wep_key_len[i])
2278 params.wep_key[i] = ssid->wep_key[i];
2279 params.wep_key_len[i] = ssid->wep_key_len[i];
2280 }
2281 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
2282
2283 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
2284 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2285 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
2286 params.passphrase = ssid->passphrase;
2287 if (ssid->psk_set)
2288 params.psk = ssid->psk;
2289 }
2290
2291 if (wpa_s->conf->key_mgmt_offload) {
2292 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
2293 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
2294 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
2295 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
2296 params.req_key_mgmt_offload =
2297 ssid->proactive_key_caching < 0 ?
2298 wpa_s->conf->okc : ssid->proactive_key_caching;
2299 else
2300 params.req_key_mgmt_offload = 1;
2301
2302 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
2303 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
2304 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
2305 ssid->psk_set)
2306 params.psk = ssid->psk;
2307 }
2308
2309 params.drop_unencrypted = use_crypt;
2310
2311 #ifdef CONFIG_IEEE80211W
2312 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
2313 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
2314 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
2315 struct wpa_ie_data ie;
2316 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
2317 ie.capabilities &
2318 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
2319 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
2320 "MFP: require MFP");
2321 params.mgmt_frame_protection =
2322 MGMT_FRAME_PROTECTION_REQUIRED;
2323 }
2324 }
2325 #endif /* CONFIG_IEEE80211W */
2326
2327 params.p2p = ssid->p2p_group;
2328
2329 if (wpa_s->parent->set_sta_uapsd)
2330 params.uapsd = wpa_s->parent->sta_uapsd;
2331 else
2332 params.uapsd = -1;
2333
2334 #ifdef CONFIG_HT_OVERRIDES
2335 os_memset(&htcaps, 0, sizeof(htcaps));
2336 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
2337 params.htcaps = (u8 *) &htcaps;
2338 params.htcaps_mask = (u8 *) &htcaps_mask;
2339 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
2340 #endif /* CONFIG_HT_OVERRIDES */
2341 #ifdef CONFIG_VHT_OVERRIDES
2342 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
2343 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
2344 params.vhtcaps = &vhtcaps;
2345 params.vhtcaps_mask = &vhtcaps_mask;
2346 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
2347 #endif /* CONFIG_VHT_OVERRIDES */
2348
2349 #ifdef CONFIG_P2P
2350 /*
2351 * If multi-channel concurrency is not supported, check for any
2352 * frequency conflict. In case of any frequency conflict, remove the
2353 * least prioritized connection.
2354 */
2355 if (wpa_s->num_multichan_concurrent < 2) {
2356 int freq, num;
2357 num = get_shared_radio_freqs(wpa_s, &freq, 1);
2358 if (num > 0 && freq > 0 && freq != params.freq.freq) {
2359 wpa_printf(MSG_DEBUG,
2360 "Assoc conflicting freq found (%d != %d)",
2361 freq, params.freq.freq);
2362 if (wpas_p2p_handle_frequency_conflicts(
2363 wpa_s, params.freq.freq, ssid) < 0) {
2364 wpas_connect_work_done(wpa_s);
2365 return;
2366 }
2367 }
2368 }
2369 #endif /* CONFIG_P2P */
2370
2371 ret = wpa_drv_associate(wpa_s, ¶ms);
2372 if (ret < 0) {
2373 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
2374 "failed");
2375 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
2376 /*
2377 * The driver is known to mean what is saying, so we
2378 * can stop right here; the association will not
2379 * succeed.
2380 */
2381 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
2382 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2383 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
2384 return;
2385 }
2386 /* try to continue anyway; new association will be tried again
2387 * after timeout */
2388 assoc_failed = 1;
2389 }
2390
2391 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
2392 /* Set the key after the association just in case association
2393 * cleared the previously configured key. */
2394 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
2395 /* No need to timeout authentication since there is no key
2396 * management. */
2397 wpa_supplicant_cancel_auth_timeout(wpa_s);
2398 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
2399 #ifdef CONFIG_IBSS_RSN
2400 } else if (ssid->mode == WPAS_MODE_IBSS &&
2401 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
2402 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
2403 /*
2404 * RSN IBSS authentication is per-STA and we can disable the
2405 * per-BSSID authentication.
2406 */
2407 wpa_supplicant_cancel_auth_timeout(wpa_s);
2408 #endif /* CONFIG_IBSS_RSN */
2409 } else {
2410 /* Timeout for IEEE 802.11 authentication and association */
2411 int timeout = 60;
2412
2413 if (assoc_failed) {
2414 /* give IBSS a bit more time */
2415 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
2416 } else if (wpa_s->conf->ap_scan == 1) {
2417 /* give IBSS a bit more time */
2418 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
2419 }
2420 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
2421 }
2422
2423 if (wep_keys_set &&
2424 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
2425 /* Set static WEP keys again */
2426 wpa_set_wep_keys(wpa_s, ssid);
2427 }
2428
2429 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
2430 /*
2431 * Do not allow EAP session resumption between different
2432 * network configurations.
2433 */
2434 eapol_sm_invalidate_cached_session(wpa_s->eapol);
2435 }
2436 old_ssid = wpa_s->current_ssid;
2437 wpa_s->current_ssid = ssid;
2438 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set)
2439 wpa_s->current_bss = bss;
2440 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
2441 wpa_supplicant_initiate_eapol(wpa_s);
2442 if (old_ssid != wpa_s->current_ssid)
2443 wpas_notify_network_changed(wpa_s);
2444 }
2445
2446
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)2447 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
2448 const u8 *addr)
2449 {
2450 struct wpa_ssid *old_ssid;
2451
2452 wpas_connect_work_done(wpa_s);
2453 wpa_clear_keys(wpa_s, addr);
2454 old_ssid = wpa_s->current_ssid;
2455 wpa_supplicant_mark_disassoc(wpa_s);
2456 wpa_sm_set_config(wpa_s->wpa, NULL);
2457 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2458 if (old_ssid != wpa_s->current_ssid)
2459 wpas_notify_network_changed(wpa_s);
2460 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
2461 }
2462
2463
2464 /**
2465 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
2466 * @wpa_s: Pointer to wpa_supplicant data
2467 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
2468 *
2469 * This function is used to request %wpa_supplicant to deauthenticate from the
2470 * current AP.
2471 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,int reason_code)2472 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
2473 int reason_code)
2474 {
2475 u8 *addr = NULL;
2476 union wpa_event_data event;
2477 int zero_addr = 0;
2478
2479 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
2480 " pending_bssid=" MACSTR " reason=%d state=%s",
2481 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
2482 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
2483
2484 if (!is_zero_ether_addr(wpa_s->bssid))
2485 addr = wpa_s->bssid;
2486 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
2487 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
2488 wpa_s->wpa_state == WPA_ASSOCIATING))
2489 addr = wpa_s->pending_bssid;
2490 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
2491 /*
2492 * When using driver-based BSS selection, we may not know the
2493 * BSSID with which we are currently trying to associate. We
2494 * need to notify the driver of this disconnection even in such
2495 * a case, so use the all zeros address here.
2496 */
2497 addr = wpa_s->bssid;
2498 zero_addr = 1;
2499 }
2500
2501 #ifdef CONFIG_TDLS
2502 wpa_tdls_teardown_peers(wpa_s->wpa);
2503 #endif /* CONFIG_TDLS */
2504
2505 #ifdef CONFIG_MESH
2506 if (wpa_s->ifmsh) {
2507 wpa_msg_ctrl(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
2508 wpa_s->ifname);
2509 wpa_supplicant_leave_mesh(wpa_s);
2510 }
2511 #endif /* CONFIG_MESH */
2512
2513 if (addr) {
2514 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
2515 os_memset(&event, 0, sizeof(event));
2516 event.deauth_info.reason_code = (u16) reason_code;
2517 event.deauth_info.locally_generated = 1;
2518 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
2519 if (zero_addr)
2520 addr = NULL;
2521 }
2522
2523 wpa_supplicant_clear_connection(wpa_s, addr);
2524 }
2525
wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)2526 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
2527 struct wpa_ssid *ssid)
2528 {
2529 if (!ssid || !ssid->disabled || ssid->disabled == 2)
2530 return;
2531
2532 ssid->disabled = 0;
2533 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2534 wpas_notify_network_enabled_changed(wpa_s, ssid);
2535
2536 /*
2537 * Try to reassociate since there is no current configuration and a new
2538 * network was made available.
2539 */
2540 if (!wpa_s->current_ssid && !wpa_s->disconnected)
2541 wpa_s->reassociate = 1;
2542 }
2543
2544
2545 /**
2546 * wpa_supplicant_enable_network - Mark a configured network as enabled
2547 * @wpa_s: wpa_supplicant structure for a network interface
2548 * @ssid: wpa_ssid structure for a configured network or %NULL
2549 *
2550 * Enables the specified network or all networks if no network specified.
2551 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)2552 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
2553 struct wpa_ssid *ssid)
2554 {
2555 if (ssid == NULL) {
2556 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2557 wpa_supplicant_enable_one_network(wpa_s, ssid);
2558 } else
2559 wpa_supplicant_enable_one_network(wpa_s, ssid);
2560
2561 if (wpa_s->reassociate && !wpa_s->disconnected) {
2562 if (wpa_s->sched_scanning) {
2563 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
2564 "new network to scan filters");
2565 wpa_supplicant_cancel_sched_scan(wpa_s);
2566 }
2567
2568 if (wpa_supplicant_fast_associate(wpa_s) != 1)
2569 wpa_supplicant_req_scan(wpa_s, 0, 0);
2570 }
2571 }
2572
2573
2574 /**
2575 * wpa_supplicant_disable_network - Mark a configured network as disabled
2576 * @wpa_s: wpa_supplicant structure for a network interface
2577 * @ssid: wpa_ssid structure for a configured network or %NULL
2578 *
2579 * Disables the specified network or all networks if no network specified.
2580 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)2581 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
2582 struct wpa_ssid *ssid)
2583 {
2584 struct wpa_ssid *other_ssid;
2585 int was_disabled;
2586
2587 if (ssid == NULL) {
2588 if (wpa_s->sched_scanning)
2589 wpa_supplicant_cancel_sched_scan(wpa_s);
2590
2591 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2592 other_ssid = other_ssid->next) {
2593 was_disabled = other_ssid->disabled;
2594 if (was_disabled == 2)
2595 continue; /* do not change persistent P2P group
2596 * data */
2597
2598 other_ssid->disabled = 1;
2599
2600 if (was_disabled != other_ssid->disabled)
2601 wpas_notify_network_enabled_changed(
2602 wpa_s, other_ssid);
2603 }
2604 if (wpa_s->current_ssid)
2605 wpa_supplicant_deauthenticate(
2606 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2607 } else if (ssid->disabled != 2) {
2608 if (ssid == wpa_s->current_ssid)
2609 wpa_supplicant_deauthenticate(
2610 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2611
2612 was_disabled = ssid->disabled;
2613
2614 ssid->disabled = 1;
2615
2616 if (was_disabled != ssid->disabled) {
2617 wpas_notify_network_enabled_changed(wpa_s, ssid);
2618 if (wpa_s->sched_scanning) {
2619 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
2620 "to remove network from filters");
2621 wpa_supplicant_cancel_sched_scan(wpa_s);
2622 wpa_supplicant_req_scan(wpa_s, 0, 0);
2623 }
2624 }
2625 }
2626 }
2627
2628
2629 /**
2630 * wpa_supplicant_select_network - Attempt association with a network
2631 * @wpa_s: wpa_supplicant structure for a network interface
2632 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
2633 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)2634 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
2635 struct wpa_ssid *ssid)
2636 {
2637
2638 struct wpa_ssid *other_ssid;
2639 int disconnected = 0;
2640
2641 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
2642 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
2643 wpa_s->own_disconnect_req = 1;
2644 wpa_supplicant_deauthenticate(
2645 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
2646 disconnected = 1;
2647 }
2648
2649 if (ssid)
2650 wpas_clear_temp_disabled(wpa_s, ssid, 1);
2651
2652 /*
2653 * Mark all other networks disabled or mark all networks enabled if no
2654 * network specified.
2655 */
2656 for (other_ssid = wpa_s->conf->ssid; other_ssid;
2657 other_ssid = other_ssid->next) {
2658 int was_disabled = other_ssid->disabled;
2659 if (was_disabled == 2)
2660 continue; /* do not change persistent P2P group data */
2661
2662 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
2663 if (was_disabled && !other_ssid->disabled)
2664 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
2665
2666 if (was_disabled != other_ssid->disabled)
2667 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
2668 }
2669
2670 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
2671 /* We are already associated with the selected network */
2672 wpa_printf(MSG_DEBUG, "Already associated with the "
2673 "selected network - do nothing");
2674 return;
2675 }
2676
2677 if (ssid) {
2678 wpa_s->current_ssid = ssid;
2679 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
2680 wpa_s->connect_without_scan =
2681 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
2682
2683 /*
2684 * Don't optimize next scan freqs since a new ESS has been
2685 * selected.
2686 */
2687 os_free(wpa_s->next_scan_freqs);
2688 wpa_s->next_scan_freqs = NULL;
2689 } else {
2690 wpa_s->connect_without_scan = NULL;
2691 }
2692
2693 wpa_s->disconnected = 0;
2694 wpa_s->reassociate = 1;
2695
2696 if (wpa_s->connect_without_scan ||
2697 wpa_supplicant_fast_associate(wpa_s) != 1)
2698 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
2699
2700 if (ssid)
2701 wpas_notify_network_selected(wpa_s, ssid);
2702 }
2703
2704
2705 /**
2706 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
2707 * @wpa_s: wpa_supplicant structure for a network interface
2708 * @pkcs11_engine_path: PKCS #11 engine path or NULL
2709 * @pkcs11_module_path: PKCS #11 module path or NULL
2710 * Returns: 0 on success; -1 on failure
2711 *
2712 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
2713 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
2714 * module path fails the paths will be reset to the default value (NULL).
2715 */
wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)2716 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
2717 const char *pkcs11_engine_path,
2718 const char *pkcs11_module_path)
2719 {
2720 char *pkcs11_engine_path_copy = NULL;
2721 char *pkcs11_module_path_copy = NULL;
2722
2723 if (pkcs11_engine_path != NULL) {
2724 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
2725 if (pkcs11_engine_path_copy == NULL)
2726 return -1;
2727 }
2728 if (pkcs11_module_path != NULL) {
2729 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
2730 if (pkcs11_module_path_copy == NULL) {
2731 os_free(pkcs11_engine_path_copy);
2732 return -1;
2733 }
2734 }
2735
2736 os_free(wpa_s->conf->pkcs11_engine_path);
2737 os_free(wpa_s->conf->pkcs11_module_path);
2738 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
2739 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
2740
2741 wpa_sm_set_eapol(wpa_s->wpa, NULL);
2742 eapol_sm_deinit(wpa_s->eapol);
2743 wpa_s->eapol = NULL;
2744 if (wpa_supplicant_init_eapol(wpa_s)) {
2745 /* Error -> Reset paths to the default value (NULL) once. */
2746 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
2747 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
2748 NULL);
2749
2750 return -1;
2751 }
2752 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2753
2754 return 0;
2755 }
2756
2757
2758 /**
2759 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
2760 * @wpa_s: wpa_supplicant structure for a network interface
2761 * @ap_scan: AP scan mode
2762 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
2763 *
2764 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)2765 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
2766 {
2767
2768 int old_ap_scan;
2769
2770 if (ap_scan < 0 || ap_scan > 2)
2771 return -1;
2772
2773 #ifdef ANDROID
2774 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
2775 wpa_s->wpa_state >= WPA_ASSOCIATING &&
2776 wpa_s->wpa_state < WPA_COMPLETED) {
2777 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
2778 "associating", wpa_s->conf->ap_scan, ap_scan);
2779 return 0;
2780 }
2781 #endif /* ANDROID */
2782
2783 old_ap_scan = wpa_s->conf->ap_scan;
2784 wpa_s->conf->ap_scan = ap_scan;
2785
2786 if (old_ap_scan != wpa_s->conf->ap_scan)
2787 wpas_notify_ap_scan_changed(wpa_s);
2788
2789 return 0;
2790 }
2791
2792
2793 /**
2794 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
2795 * @wpa_s: wpa_supplicant structure for a network interface
2796 * @expire_age: Expiration age in seconds
2797 * Returns: 0 if succeed or -1 if expire_age has an invalid value
2798 *
2799 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)2800 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
2801 unsigned int bss_expire_age)
2802 {
2803 if (bss_expire_age < 10) {
2804 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
2805 bss_expire_age);
2806 return -1;
2807 }
2808 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
2809 bss_expire_age);
2810 wpa_s->conf->bss_expiration_age = bss_expire_age;
2811
2812 return 0;
2813 }
2814
2815
2816 /**
2817 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
2818 * @wpa_s: wpa_supplicant structure for a network interface
2819 * @expire_count: number of scans after which an unseen BSS is reclaimed
2820 * Returns: 0 if succeed or -1 if expire_count has an invalid value
2821 *
2822 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)2823 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
2824 unsigned int bss_expire_count)
2825 {
2826 if (bss_expire_count < 1) {
2827 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
2828 bss_expire_count);
2829 return -1;
2830 }
2831 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
2832 bss_expire_count);
2833 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
2834
2835 return 0;
2836 }
2837
2838
2839 /**
2840 * wpa_supplicant_set_scan_interval - Set scan interval
2841 * @wpa_s: wpa_supplicant structure for a network interface
2842 * @scan_interval: scan interval in seconds
2843 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
2844 *
2845 */
wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)2846 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
2847 int scan_interval)
2848 {
2849 if (scan_interval < 0) {
2850 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2851 scan_interval);
2852 return -1;
2853 }
2854 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2855 scan_interval);
2856 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
2857
2858 return 0;
2859 }
2860
2861
2862 /**
2863 * wpa_supplicant_set_debug_params - Set global debug params
2864 * @global: wpa_global structure
2865 * @debug_level: debug level
2866 * @debug_timestamp: determines if show timestamp in debug data
2867 * @debug_show_keys: determines if show keys in debug data
2868 * Returns: 0 if succeed or -1 if debug_level has wrong value
2869 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)2870 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2871 int debug_timestamp, int debug_show_keys)
2872 {
2873
2874 int old_level, old_timestamp, old_show_keys;
2875
2876 /* check for allowed debuglevels */
2877 if (debug_level != MSG_EXCESSIVE &&
2878 debug_level != MSG_MSGDUMP &&
2879 debug_level != MSG_DEBUG &&
2880 debug_level != MSG_INFO &&
2881 debug_level != MSG_WARNING &&
2882 debug_level != MSG_ERROR)
2883 return -1;
2884
2885 old_level = wpa_debug_level;
2886 old_timestamp = wpa_debug_timestamp;
2887 old_show_keys = wpa_debug_show_keys;
2888
2889 wpa_debug_level = debug_level;
2890 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2891 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2892
2893 if (wpa_debug_level != old_level)
2894 wpas_notify_debug_level_changed(global);
2895 if (wpa_debug_timestamp != old_timestamp)
2896 wpas_notify_debug_timestamp_changed(global);
2897 if (wpa_debug_show_keys != old_show_keys)
2898 wpas_notify_debug_show_keys_changed(global);
2899
2900 return 0;
2901 }
2902
2903
2904 /**
2905 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2906 * @wpa_s: Pointer to wpa_supplicant data
2907 * Returns: A pointer to the current network structure or %NULL on failure
2908 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)2909 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2910 {
2911 struct wpa_ssid *entry;
2912 u8 ssid[SSID_MAX_LEN];
2913 int res;
2914 size_t ssid_len;
2915 u8 bssid[ETH_ALEN];
2916 int wired;
2917
2918 res = wpa_drv_get_ssid(wpa_s, ssid);
2919 if (res < 0) {
2920 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2921 "driver");
2922 return NULL;
2923 }
2924 ssid_len = res;
2925
2926 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2927 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2928 "driver");
2929 return NULL;
2930 }
2931
2932 wired = wpa_s->conf->ap_scan == 0 &&
2933 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2934
2935 entry = wpa_s->conf->ssid;
2936 while (entry) {
2937 if (!wpas_network_disabled(wpa_s, entry) &&
2938 ((ssid_len == entry->ssid_len &&
2939 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2940 (!entry->bssid_set ||
2941 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2942 return entry;
2943 #ifdef CONFIG_WPS
2944 if (!wpas_network_disabled(wpa_s, entry) &&
2945 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2946 (entry->ssid == NULL || entry->ssid_len == 0) &&
2947 (!entry->bssid_set ||
2948 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2949 return entry;
2950 #endif /* CONFIG_WPS */
2951
2952 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2953 entry->ssid_len == 0 &&
2954 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2955 return entry;
2956
2957 entry = entry->next;
2958 }
2959
2960 return NULL;
2961 }
2962
2963
select_driver(struct wpa_supplicant * wpa_s,int i)2964 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2965 {
2966 struct wpa_global *global = wpa_s->global;
2967
2968 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2969 global->drv_priv[i] = wpa_drivers[i]->global_init();
2970 if (global->drv_priv[i] == NULL) {
2971 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2972 "'%s'", wpa_drivers[i]->name);
2973 return -1;
2974 }
2975 }
2976
2977 wpa_s->driver = wpa_drivers[i];
2978 wpa_s->global_drv_priv = global->drv_priv[i];
2979
2980 return 0;
2981 }
2982
2983
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)2984 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2985 const char *name)
2986 {
2987 int i;
2988 size_t len;
2989 const char *pos, *driver = name;
2990
2991 if (wpa_s == NULL)
2992 return -1;
2993
2994 if (wpa_drivers[0] == NULL) {
2995 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2996 "wpa_supplicant");
2997 return -1;
2998 }
2999
3000 if (name == NULL) {
3001 /* default to first driver in the list */
3002 return select_driver(wpa_s, 0);
3003 }
3004
3005 do {
3006 pos = os_strchr(driver, ',');
3007 if (pos)
3008 len = pos - driver;
3009 else
3010 len = os_strlen(driver);
3011
3012 for (i = 0; wpa_drivers[i]; i++) {
3013 if (os_strlen(wpa_drivers[i]->name) == len &&
3014 os_strncmp(driver, wpa_drivers[i]->name, len) ==
3015 0) {
3016 /* First driver that succeeds wins */
3017 if (select_driver(wpa_s, i) == 0)
3018 return 0;
3019 }
3020 }
3021
3022 driver = pos + 1;
3023 } while (pos);
3024
3025 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
3026 return -1;
3027 }
3028
3029
3030 /**
3031 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
3032 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
3033 * with struct wpa_driver_ops::init()
3034 * @src_addr: Source address of the EAPOL frame
3035 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
3036 * @len: Length of the EAPOL data
3037 *
3038 * This function is called for each received EAPOL frame. Most driver
3039 * interfaces rely on more generic OS mechanism for receiving frames through
3040 * l2_packet, but if such a mechanism is not available, the driver wrapper may
3041 * take care of received EAPOL frames and deliver them to the core supplicant
3042 * code by calling this function.
3043 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)3044 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
3045 const u8 *buf, size_t len)
3046 {
3047 struct wpa_supplicant *wpa_s = ctx;
3048
3049 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
3050 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
3051
3052 #ifdef CONFIG_PEERKEY
3053 if (wpa_s->wpa_state > WPA_ASSOCIATED && wpa_s->current_ssid &&
3054 wpa_s->current_ssid->peerkey &&
3055 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
3056 wpa_sm_rx_eapol_peerkey(wpa_s->wpa, src_addr, buf, len) == 1) {
3057 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Processed PeerKey EAPOL-Key");
3058 return;
3059 }
3060 #endif /* CONFIG_PEERKEY */
3061
3062 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
3063 (wpa_s->last_eapol_matches_bssid &&
3064 #ifdef CONFIG_AP
3065 !wpa_s->ap_iface &&
3066 #endif /* CONFIG_AP */
3067 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
3068 /*
3069 * There is possible race condition between receiving the
3070 * association event and the EAPOL frame since they are coming
3071 * through different paths from the driver. In order to avoid
3072 * issues in trying to process the EAPOL frame before receiving
3073 * association information, lets queue it for processing until
3074 * the association event is received. This may also be needed in
3075 * driver-based roaming case, so also use src_addr != BSSID as a
3076 * trigger if we have previously confirmed that the
3077 * Authenticator uses BSSID as the src_addr (which is not the
3078 * case with wired IEEE 802.1X).
3079 */
3080 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
3081 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
3082 wpa_supplicant_state_txt(wpa_s->wpa_state),
3083 MAC2STR(wpa_s->bssid));
3084 wpabuf_free(wpa_s->pending_eapol_rx);
3085 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
3086 if (wpa_s->pending_eapol_rx) {
3087 os_get_reltime(&wpa_s->pending_eapol_rx_time);
3088 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
3089 ETH_ALEN);
3090 }
3091 return;
3092 }
3093
3094 wpa_s->last_eapol_matches_bssid =
3095 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
3096
3097 #ifdef CONFIG_AP
3098 if (wpa_s->ap_iface) {
3099 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
3100 return;
3101 }
3102 #endif /* CONFIG_AP */
3103
3104 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
3105 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
3106 "no key management is configured");
3107 return;
3108 }
3109
3110 if (wpa_s->eapol_received == 0 &&
3111 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
3112 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
3113 wpa_s->wpa_state != WPA_COMPLETED) &&
3114 (wpa_s->current_ssid == NULL ||
3115 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
3116 /* Timeout for completing IEEE 802.1X and WPA authentication */
3117 int timeout = 10;
3118
3119 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
3120 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
3121 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3122 /* Use longer timeout for IEEE 802.1X/EAP */
3123 timeout = 70;
3124 }
3125
3126 #ifdef CONFIG_WPS
3127 if (wpa_s->current_ssid && wpa_s->current_bss &&
3128 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
3129 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
3130 /*
3131 * Use shorter timeout if going through WPS AP iteration
3132 * for PIN config method with an AP that does not
3133 * advertise Selected Registrar.
3134 */
3135 struct wpabuf *wps_ie;
3136
3137 wps_ie = wpa_bss_get_vendor_ie_multi(
3138 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
3139 if (wps_ie &&
3140 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
3141 timeout = 10;
3142 wpabuf_free(wps_ie);
3143 }
3144 #endif /* CONFIG_WPS */
3145
3146 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3147 }
3148 wpa_s->eapol_received++;
3149
3150 if (wpa_s->countermeasures) {
3151 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
3152 "EAPOL packet");
3153 return;
3154 }
3155
3156 #ifdef CONFIG_IBSS_RSN
3157 if (wpa_s->current_ssid &&
3158 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
3159 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
3160 return;
3161 }
3162 #endif /* CONFIG_IBSS_RSN */
3163
3164 /* Source address of the incoming EAPOL frame could be compared to the
3165 * current BSSID. However, it is possible that a centralized
3166 * Authenticator could be using another MAC address than the BSSID of
3167 * an AP, so just allow any address to be used for now. The replies are
3168 * still sent to the current BSSID (if available), though. */
3169
3170 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
3171 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
3172 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
3173 return;
3174 wpa_drv_poll(wpa_s);
3175 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
3176 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
3177 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
3178 /*
3179 * Set portValid = TRUE here since we are going to skip 4-way
3180 * handshake processing which would normally set portValid. We
3181 * need this to allow the EAPOL state machines to be completed
3182 * without going through EAPOL-Key handshake.
3183 */
3184 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
3185 }
3186 }
3187
3188
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)3189 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
3190 {
3191 if ((!wpa_s->p2p_mgmt ||
3192 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
3193 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
3194 l2_packet_deinit(wpa_s->l2);
3195 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
3196 wpa_drv_get_mac_addr(wpa_s),
3197 ETH_P_EAPOL,
3198 wpa_supplicant_rx_eapol, wpa_s, 0);
3199 if (wpa_s->l2 == NULL)
3200 return -1;
3201 } else {
3202 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
3203 if (addr)
3204 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
3205 }
3206
3207 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
3208 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
3209 return -1;
3210 }
3211
3212 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3213
3214 return 0;
3215 }
3216
3217
wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)3218 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
3219 const u8 *buf, size_t len)
3220 {
3221 struct wpa_supplicant *wpa_s = ctx;
3222 const struct l2_ethhdr *eth;
3223
3224 if (len < sizeof(*eth))
3225 return;
3226 eth = (const struct l2_ethhdr *) buf;
3227
3228 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
3229 !(eth->h_dest[0] & 0x01)) {
3230 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3231 " (bridge - not for this interface - ignore)",
3232 MAC2STR(src_addr), MAC2STR(eth->h_dest));
3233 return;
3234 }
3235
3236 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
3237 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
3238 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
3239 len - sizeof(*eth));
3240 }
3241
3242
3243 /**
3244 * wpa_supplicant_driver_init - Initialize driver interface parameters
3245 * @wpa_s: Pointer to wpa_supplicant data
3246 * Returns: 0 on success, -1 on failure
3247 *
3248 * This function is called to initialize driver interface parameters.
3249 * wpa_drv_init() must have been called before this function to initialize the
3250 * driver interface.
3251 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)3252 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
3253 {
3254 static int interface_count = 0;
3255
3256 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
3257 return -1;
3258
3259 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
3260 MAC2STR(wpa_s->own_addr));
3261 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
3262 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
3263
3264 if (wpa_s->bridge_ifname[0]) {
3265 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
3266 "interface '%s'", wpa_s->bridge_ifname);
3267 wpa_s->l2_br = l2_packet_init_bridge(
3268 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
3269 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
3270 if (wpa_s->l2_br == NULL) {
3271 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
3272 "connection for the bridge interface '%s'",
3273 wpa_s->bridge_ifname);
3274 return -1;
3275 }
3276 }
3277
3278 wpa_clear_keys(wpa_s, NULL);
3279
3280 /* Make sure that TKIP countermeasures are not left enabled (could
3281 * happen if wpa_supplicant is killed during countermeasures. */
3282 wpa_drv_set_countermeasures(wpa_s, 0);
3283
3284 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
3285 wpa_drv_flush_pmkid(wpa_s);
3286
3287 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
3288 wpa_s->prev_scan_wildcard = 0;
3289
3290 if (wpa_supplicant_enabled_networks(wpa_s)) {
3291 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
3292 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3293 interface_count = 0;
3294 }
3295 #ifndef ANDROID
3296 if (!wpa_s->p2p_mgmt &&
3297 wpa_supplicant_delayed_sched_scan(wpa_s,
3298 interface_count % 3,
3299 100000))
3300 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
3301 100000);
3302 #endif /* ANDROID */
3303 interface_count++;
3304 } else
3305 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
3306
3307 return 0;
3308 }
3309
3310
wpa_supplicant_daemon(const char * pid_file)3311 static int wpa_supplicant_daemon(const char *pid_file)
3312 {
3313 wpa_printf(MSG_DEBUG, "Daemonize..");
3314 return os_daemonize(pid_file);
3315 }
3316
3317
3318 static struct wpa_supplicant *
wpa_supplicant_alloc(struct wpa_supplicant * parent)3319 wpa_supplicant_alloc(struct wpa_supplicant *parent)
3320 {
3321 struct wpa_supplicant *wpa_s;
3322
3323 wpa_s = os_zalloc(sizeof(*wpa_s));
3324 if (wpa_s == NULL)
3325 return NULL;
3326 wpa_s->scan_req = INITIAL_SCAN_REQ;
3327 wpa_s->scan_interval = 5;
3328 wpa_s->new_connection = 1;
3329 wpa_s->parent = parent ? parent : wpa_s;
3330 wpa_s->sched_scanning = 0;
3331
3332 return wpa_s;
3333 }
3334
3335
3336 #ifdef CONFIG_HT_OVERRIDES
3337
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)3338 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
3339 struct ieee80211_ht_capabilities *htcaps,
3340 struct ieee80211_ht_capabilities *htcaps_mask,
3341 const char *ht_mcs)
3342 {
3343 /* parse ht_mcs into hex array */
3344 int i;
3345 const char *tmp = ht_mcs;
3346 char *end = NULL;
3347
3348 /* If ht_mcs is null, do not set anything */
3349 if (!ht_mcs)
3350 return 0;
3351
3352 /* This is what we are setting in the kernel */
3353 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
3354
3355 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
3356
3357 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
3358 errno = 0;
3359 long v = strtol(tmp, &end, 16);
3360 if (errno == 0) {
3361 wpa_msg(wpa_s, MSG_DEBUG,
3362 "htcap value[%i]: %ld end: %p tmp: %p",
3363 i, v, end, tmp);
3364 if (end == tmp)
3365 break;
3366
3367 htcaps->supported_mcs_set[i] = v;
3368 tmp = end;
3369 } else {
3370 wpa_msg(wpa_s, MSG_ERROR,
3371 "Failed to parse ht-mcs: %s, error: %s\n",
3372 ht_mcs, strerror(errno));
3373 return -1;
3374 }
3375 }
3376
3377 /*
3378 * If we were able to parse any values, then set mask for the MCS set.
3379 */
3380 if (i) {
3381 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
3382 IEEE80211_HT_MCS_MASK_LEN - 1);
3383 /* skip the 3 reserved bits */
3384 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
3385 0x1f;
3386 }
3387
3388 return 0;
3389 }
3390
3391
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)3392 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
3393 struct ieee80211_ht_capabilities *htcaps,
3394 struct ieee80211_ht_capabilities *htcaps_mask,
3395 int disabled)
3396 {
3397 le16 msk;
3398
3399 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
3400
3401 if (disabled == -1)
3402 return 0;
3403
3404 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
3405 htcaps_mask->ht_capabilities_info |= msk;
3406 if (disabled)
3407 htcaps->ht_capabilities_info &= msk;
3408 else
3409 htcaps->ht_capabilities_info |= msk;
3410
3411 return 0;
3412 }
3413
3414
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)3415 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
3416 struct ieee80211_ht_capabilities *htcaps,
3417 struct ieee80211_ht_capabilities *htcaps_mask,
3418 int factor)
3419 {
3420 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
3421
3422 if (factor == -1)
3423 return 0;
3424
3425 if (factor < 0 || factor > 3) {
3426 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
3427 "Must be 0-3 or -1", factor);
3428 return -EINVAL;
3429 }
3430
3431 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
3432 htcaps->a_mpdu_params &= ~0x3;
3433 htcaps->a_mpdu_params |= factor & 0x3;
3434
3435 return 0;
3436 }
3437
3438
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)3439 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
3440 struct ieee80211_ht_capabilities *htcaps,
3441 struct ieee80211_ht_capabilities *htcaps_mask,
3442 int density)
3443 {
3444 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
3445
3446 if (density == -1)
3447 return 0;
3448
3449 if (density < 0 || density > 7) {
3450 wpa_msg(wpa_s, MSG_ERROR,
3451 "ampdu_density: %d out of range. Must be 0-7 or -1.",
3452 density);
3453 return -EINVAL;
3454 }
3455
3456 htcaps_mask->a_mpdu_params |= 0x1C;
3457 htcaps->a_mpdu_params &= ~(0x1C);
3458 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
3459
3460 return 0;
3461 }
3462
3463
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)3464 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
3465 struct ieee80211_ht_capabilities *htcaps,
3466 struct ieee80211_ht_capabilities *htcaps_mask,
3467 int disabled)
3468 {
3469 /* Masking these out disables HT40 */
3470 le16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
3471 HT_CAP_INFO_SHORT_GI40MHZ);
3472
3473 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
3474
3475 if (disabled)
3476 htcaps->ht_capabilities_info &= ~msk;
3477 else
3478 htcaps->ht_capabilities_info |= msk;
3479
3480 htcaps_mask->ht_capabilities_info |= msk;
3481
3482 return 0;
3483 }
3484
3485
wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)3486 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
3487 struct ieee80211_ht_capabilities *htcaps,
3488 struct ieee80211_ht_capabilities *htcaps_mask,
3489 int disabled)
3490 {
3491 /* Masking these out disables SGI */
3492 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
3493 HT_CAP_INFO_SHORT_GI40MHZ);
3494
3495 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
3496
3497 if (disabled)
3498 htcaps->ht_capabilities_info &= ~msk;
3499 else
3500 htcaps->ht_capabilities_info |= msk;
3501
3502 htcaps_mask->ht_capabilities_info |= msk;
3503
3504 return 0;
3505 }
3506
3507
wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)3508 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
3509 struct ieee80211_ht_capabilities *htcaps,
3510 struct ieee80211_ht_capabilities *htcaps_mask,
3511 int disabled)
3512 {
3513 /* Masking these out disables LDPC */
3514 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
3515
3516 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
3517
3518 if (disabled)
3519 htcaps->ht_capabilities_info &= ~msk;
3520 else
3521 htcaps->ht_capabilities_info |= msk;
3522
3523 htcaps_mask->ht_capabilities_info |= msk;
3524
3525 return 0;
3526 }
3527
3528
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)3529 void wpa_supplicant_apply_ht_overrides(
3530 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3531 struct wpa_driver_associate_params *params)
3532 {
3533 struct ieee80211_ht_capabilities *htcaps;
3534 struct ieee80211_ht_capabilities *htcaps_mask;
3535
3536 if (!ssid)
3537 return;
3538
3539 params->disable_ht = ssid->disable_ht;
3540 if (!params->htcaps || !params->htcaps_mask)
3541 return;
3542
3543 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
3544 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
3545 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
3546 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
3547 ssid->disable_max_amsdu);
3548 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
3549 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
3550 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
3551 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
3552 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
3553
3554 if (ssid->ht40_intolerant) {
3555 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
3556 htcaps->ht_capabilities_info |= bit;
3557 htcaps_mask->ht_capabilities_info |= bit;
3558 }
3559 }
3560
3561 #endif /* CONFIG_HT_OVERRIDES */
3562
3563
3564 #ifdef CONFIG_VHT_OVERRIDES
wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)3565 void wpa_supplicant_apply_vht_overrides(
3566 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
3567 struct wpa_driver_associate_params *params)
3568 {
3569 struct ieee80211_vht_capabilities *vhtcaps;
3570 struct ieee80211_vht_capabilities *vhtcaps_mask;
3571
3572 if (!ssid)
3573 return;
3574
3575 params->disable_vht = ssid->disable_vht;
3576
3577 vhtcaps = (void *) params->vhtcaps;
3578 vhtcaps_mask = (void *) params->vhtcaps_mask;
3579
3580 if (!vhtcaps || !vhtcaps_mask)
3581 return;
3582
3583 vhtcaps->vht_capabilities_info = ssid->vht_capa;
3584 vhtcaps_mask->vht_capabilities_info = ssid->vht_capa_mask;
3585
3586 #ifdef CONFIG_HT_OVERRIDES
3587 /* if max ampdu is <= 3, we have to make the HT cap the same */
3588 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
3589 int max_ampdu;
3590
3591 max_ampdu = (ssid->vht_capa &
3592 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
3593 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
3594
3595 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
3596 wpa_set_ampdu_factor(wpa_s,
3597 (void *) params->htcaps,
3598 (void *) params->htcaps_mask,
3599 max_ampdu);
3600 }
3601 #endif /* CONFIG_HT_OVERRIDES */
3602
3603 #define OVERRIDE_MCS(i) \
3604 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
3605 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
3606 3 << 2 * (i - 1); \
3607 vhtcaps->vht_supported_mcs_set.tx_map |= \
3608 ssid->vht_tx_mcs_nss_ ##i << 2 * (i - 1); \
3609 } \
3610 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
3611 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
3612 3 << 2 * (i - 1); \
3613 vhtcaps->vht_supported_mcs_set.rx_map |= \
3614 ssid->vht_rx_mcs_nss_ ##i << 2 * (i - 1); \
3615 }
3616
3617 OVERRIDE_MCS(1);
3618 OVERRIDE_MCS(2);
3619 OVERRIDE_MCS(3);
3620 OVERRIDE_MCS(4);
3621 OVERRIDE_MCS(5);
3622 OVERRIDE_MCS(6);
3623 OVERRIDE_MCS(7);
3624 OVERRIDE_MCS(8);
3625 }
3626 #endif /* CONFIG_VHT_OVERRIDES */
3627
3628
pcsc_reader_init(struct wpa_supplicant * wpa_s)3629 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
3630 {
3631 #ifdef PCSC_FUNCS
3632 size_t len;
3633
3634 if (!wpa_s->conf->pcsc_reader)
3635 return 0;
3636
3637 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
3638 if (!wpa_s->scard)
3639 return 1;
3640
3641 if (wpa_s->conf->pcsc_pin &&
3642 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
3643 scard_deinit(wpa_s->scard);
3644 wpa_s->scard = NULL;
3645 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
3646 return -1;
3647 }
3648
3649 len = sizeof(wpa_s->imsi) - 1;
3650 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
3651 scard_deinit(wpa_s->scard);
3652 wpa_s->scard = NULL;
3653 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
3654 return -1;
3655 }
3656 wpa_s->imsi[len] = '\0';
3657
3658 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
3659
3660 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
3661 wpa_s->imsi, wpa_s->mnc_len);
3662
3663 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
3664 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
3665 #endif /* PCSC_FUNCS */
3666
3667 return 0;
3668 }
3669
3670
wpas_init_ext_pw(struct wpa_supplicant * wpa_s)3671 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
3672 {
3673 char *val, *pos;
3674
3675 ext_password_deinit(wpa_s->ext_pw);
3676 wpa_s->ext_pw = NULL;
3677 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
3678
3679 if (!wpa_s->conf->ext_password_backend)
3680 return 0;
3681
3682 val = os_strdup(wpa_s->conf->ext_password_backend);
3683 if (val == NULL)
3684 return -1;
3685 pos = os_strchr(val, ':');
3686 if (pos)
3687 *pos++ = '\0';
3688
3689 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
3690
3691 wpa_s->ext_pw = ext_password_init(val, pos);
3692 os_free(val);
3693 if (wpa_s->ext_pw == NULL) {
3694 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
3695 return -1;
3696 }
3697 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
3698
3699 return 0;
3700 }
3701
3702
wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)3703 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
3704 const struct wpa_driver_capa *capa)
3705 {
3706 struct wowlan_triggers *triggers;
3707 int ret = 0;
3708
3709 if (!wpa_s->conf->wowlan_triggers)
3710 return 0;
3711
3712 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
3713 if (triggers) {
3714 ret = wpa_drv_wowlan(wpa_s, triggers);
3715 os_free(triggers);
3716 }
3717 return ret;
3718 }
3719
3720
radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)3721 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
3722 const char *rn)
3723 {
3724 struct wpa_supplicant *iface = wpa_s->global->ifaces;
3725 struct wpa_radio *radio;
3726
3727 while (rn && iface) {
3728 radio = iface->radio;
3729 if (radio && os_strcmp(rn, radio->name) == 0) {
3730 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
3731 wpa_s->ifname, rn);
3732 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3733 return radio;
3734 }
3735
3736 iface = iface->next;
3737 }
3738
3739 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
3740 wpa_s->ifname, rn ? rn : "N/A");
3741 radio = os_zalloc(sizeof(*radio));
3742 if (radio == NULL)
3743 return NULL;
3744
3745 if (rn)
3746 os_strlcpy(radio->name, rn, sizeof(radio->name));
3747 dl_list_init(&radio->ifaces);
3748 dl_list_init(&radio->work);
3749 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
3750
3751 return radio;
3752 }
3753
3754
radio_work_free(struct wpa_radio_work * work)3755 static void radio_work_free(struct wpa_radio_work *work)
3756 {
3757 if (work->wpa_s->scan_work == work) {
3758 /* This should not really happen. */
3759 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
3760 work->type, work, work->started);
3761 work->wpa_s->scan_work = NULL;
3762 }
3763
3764 #ifdef CONFIG_P2P
3765 if (work->wpa_s->p2p_scan_work == work) {
3766 /* This should not really happen. */
3767 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
3768 work->type, work, work->started);
3769 work->wpa_s->p2p_scan_work = NULL;
3770 }
3771 #endif /* CONFIG_P2P */
3772
3773 dl_list_del(&work->list);
3774 os_free(work);
3775 }
3776
3777
radio_start_next_work(void * eloop_ctx,void * timeout_ctx)3778 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
3779 {
3780 struct wpa_radio *radio = eloop_ctx;
3781 struct wpa_radio_work *work;
3782 struct os_reltime now, diff;
3783 struct wpa_supplicant *wpa_s;
3784
3785 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
3786 if (work == NULL)
3787 return;
3788
3789 if (work->started)
3790 return; /* already started and still in progress */
3791
3792 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
3793 radio_list);
3794 if (wpa_s && wpa_s->radio->external_scan_running) {
3795 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
3796 return;
3797 }
3798
3799 os_get_reltime(&now);
3800 os_reltime_sub(&now, &work->time, &diff);
3801 wpa_dbg(work->wpa_s, MSG_DEBUG, "Starting radio work '%s'@%p after %ld.%06ld second wait",
3802 work->type, work, diff.sec, diff.usec);
3803 work->started = 1;
3804 work->time = now;
3805 work->cb(work, 0);
3806 }
3807
3808
3809 /*
3810 * This function removes both started and pending radio works running on
3811 * the provided interface's radio.
3812 * Prior to the removal of the radio work, its callback (cb) is called with
3813 * deinit set to be 1. Each work's callback is responsible for clearing its
3814 * internal data and restoring to a correct state.
3815 * @wpa_s: wpa_supplicant data
3816 * @type: type of works to be removed
3817 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
3818 * this interface's works.
3819 */
radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)3820 void radio_remove_works(struct wpa_supplicant *wpa_s,
3821 const char *type, int remove_all)
3822 {
3823 struct wpa_radio_work *work, *tmp;
3824 struct wpa_radio *radio = wpa_s->radio;
3825
3826 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
3827 list) {
3828 if (type && os_strcmp(type, work->type) != 0)
3829 continue;
3830
3831 /* skip other ifaces' works */
3832 if (!remove_all && work->wpa_s != wpa_s)
3833 continue;
3834
3835 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
3836 work->type, work, work->started ? " (started)" : "");
3837 work->cb(work, 1);
3838 radio_work_free(work);
3839 }
3840
3841 /* in case we removed the started work */
3842 radio_work_check_next(wpa_s);
3843 }
3844
3845
radio_remove_interface(struct wpa_supplicant * wpa_s)3846 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
3847 {
3848 struct wpa_radio *radio = wpa_s->radio;
3849
3850 if (!radio)
3851 return;
3852
3853 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
3854 wpa_s->ifname, radio->name);
3855 dl_list_del(&wpa_s->radio_list);
3856 radio_remove_works(wpa_s, NULL, 0);
3857 wpa_s->radio = NULL;
3858 if (!dl_list_empty(&radio->ifaces))
3859 return; /* Interfaces remain for this radio */
3860
3861 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
3862 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3863 os_free(radio);
3864 }
3865
3866
radio_work_check_next(struct wpa_supplicant * wpa_s)3867 void radio_work_check_next(struct wpa_supplicant *wpa_s)
3868 {
3869 struct wpa_radio *radio = wpa_s->radio;
3870
3871 if (dl_list_empty(&radio->work))
3872 return;
3873 if (wpa_s->ext_work_in_progress) {
3874 wpa_printf(MSG_DEBUG,
3875 "External radio work in progress - delay start of pending item");
3876 return;
3877 }
3878 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
3879 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
3880 }
3881
3882
3883 /**
3884 * radio_add_work - Add a radio work item
3885 * @wpa_s: Pointer to wpa_supplicant data
3886 * @freq: Frequency of the offchannel operation in MHz or 0
3887 * @type: Unique identifier for each type of work
3888 * @next: Force as the next work to be executed
3889 * @cb: Callback function for indicating when radio is available
3890 * @ctx: Context pointer for the work (work->ctx in cb())
3891 * Returns: 0 on success, -1 on failure
3892 *
3893 * This function is used to request time for an operation that requires
3894 * exclusive radio control. Once the radio is available, the registered callback
3895 * function will be called. radio_work_done() must be called once the exclusive
3896 * radio operation has been completed, so that the radio is freed for other
3897 * operations. The special case of deinit=1 is used to free the context data
3898 * during interface removal. That does not allow the callback function to start
3899 * the radio operation, i.e., it must free any resources allocated for the radio
3900 * work and return.
3901 *
3902 * The @freq parameter can be used to indicate a single channel on which the
3903 * offchannel operation will occur. This may allow multiple radio work
3904 * operations to be performed in parallel if they apply for the same channel.
3905 * Setting this to 0 indicates that the work item may use multiple channels or
3906 * requires exclusive control of the radio.
3907 */
radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)3908 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
3909 const char *type, int next,
3910 void (*cb)(struct wpa_radio_work *work, int deinit),
3911 void *ctx)
3912 {
3913 struct wpa_radio_work *work;
3914 int was_empty;
3915
3916 work = os_zalloc(sizeof(*work));
3917 if (work == NULL)
3918 return -1;
3919 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
3920 os_get_reltime(&work->time);
3921 work->freq = freq;
3922 work->type = type;
3923 work->wpa_s = wpa_s;
3924 work->cb = cb;
3925 work->ctx = ctx;
3926
3927 was_empty = dl_list_empty(&wpa_s->radio->work);
3928 if (next)
3929 dl_list_add(&wpa_s->radio->work, &work->list);
3930 else
3931 dl_list_add_tail(&wpa_s->radio->work, &work->list);
3932 if (was_empty) {
3933 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
3934 radio_work_check_next(wpa_s);
3935 }
3936
3937 return 0;
3938 }
3939
3940
3941 /**
3942 * radio_work_done - Indicate that a radio work item has been completed
3943 * @work: Completed work
3944 *
3945 * This function is called once the callback function registered with
3946 * radio_add_work() has completed its work.
3947 */
radio_work_done(struct wpa_radio_work * work)3948 void radio_work_done(struct wpa_radio_work *work)
3949 {
3950 struct wpa_supplicant *wpa_s = work->wpa_s;
3951 struct os_reltime now, diff;
3952 unsigned int started = work->started;
3953
3954 os_get_reltime(&now);
3955 os_reltime_sub(&now, &work->time, &diff);
3956 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
3957 work->type, work, started ? "done" : "canceled",
3958 diff.sec, diff.usec);
3959 radio_work_free(work);
3960 if (started)
3961 radio_work_check_next(wpa_s);
3962 }
3963
3964
3965 struct wpa_radio_work *
radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)3966 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
3967 {
3968 struct wpa_radio_work *work;
3969 struct wpa_radio *radio = wpa_s->radio;
3970
3971 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
3972 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
3973 return work;
3974 }
3975
3976 return NULL;
3977 }
3978
3979
wpas_init_driver(struct wpa_supplicant * wpa_s,struct wpa_interface * iface)3980 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
3981 struct wpa_interface *iface)
3982 {
3983 const char *ifname, *driver, *rn;
3984
3985 driver = iface->driver;
3986 next_driver:
3987 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
3988 return -1;
3989
3990 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
3991 if (wpa_s->drv_priv == NULL) {
3992 const char *pos;
3993 pos = driver ? os_strchr(driver, ',') : NULL;
3994 if (pos) {
3995 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
3996 "driver interface - try next driver wrapper");
3997 driver = pos + 1;
3998 goto next_driver;
3999 }
4000 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
4001 "interface");
4002 return -1;
4003 }
4004 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
4005 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
4006 "driver_param '%s'", wpa_s->conf->driver_param);
4007 return -1;
4008 }
4009
4010 ifname = wpa_drv_get_ifname(wpa_s);
4011 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
4012 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
4013 "interface name with '%s'", ifname);
4014 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
4015 }
4016
4017 rn = wpa_driver_get_radio_name(wpa_s);
4018 if (rn && rn[0] == '\0')
4019 rn = NULL;
4020
4021 wpa_s->radio = radio_add_interface(wpa_s, rn);
4022 if (wpa_s->radio == NULL)
4023 return -1;
4024
4025 return 0;
4026 }
4027
4028
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,struct wpa_interface * iface)4029 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
4030 struct wpa_interface *iface)
4031 {
4032 struct wpa_driver_capa capa;
4033 int capa_res;
4034
4035 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
4036 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
4037 iface->confname ? iface->confname : "N/A",
4038 iface->driver ? iface->driver : "default",
4039 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
4040 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
4041
4042 if (iface->confname) {
4043 #ifdef CONFIG_BACKEND_FILE
4044 wpa_s->confname = os_rel2abs_path(iface->confname);
4045 if (wpa_s->confname == NULL) {
4046 wpa_printf(MSG_ERROR, "Failed to get absolute path "
4047 "for configuration file '%s'.",
4048 iface->confname);
4049 return -1;
4050 }
4051 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
4052 iface->confname, wpa_s->confname);
4053 #else /* CONFIG_BACKEND_FILE */
4054 wpa_s->confname = os_strdup(iface->confname);
4055 #endif /* CONFIG_BACKEND_FILE */
4056 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
4057 if (wpa_s->conf == NULL) {
4058 wpa_printf(MSG_ERROR, "Failed to read or parse "
4059 "configuration '%s'.", wpa_s->confname);
4060 return -1;
4061 }
4062 wpa_s->confanother = os_rel2abs_path(iface->confanother);
4063 wpa_config_read(wpa_s->confanother, wpa_s->conf);
4064
4065 /*
4066 * Override ctrl_interface and driver_param if set on command
4067 * line.
4068 */
4069 if (iface->ctrl_interface) {
4070 os_free(wpa_s->conf->ctrl_interface);
4071 wpa_s->conf->ctrl_interface =
4072 os_strdup(iface->ctrl_interface);
4073 }
4074
4075 if (iface->driver_param) {
4076 os_free(wpa_s->conf->driver_param);
4077 wpa_s->conf->driver_param =
4078 os_strdup(iface->driver_param);
4079 }
4080
4081 if (iface->p2p_mgmt && !iface->ctrl_interface) {
4082 os_free(wpa_s->conf->ctrl_interface);
4083 wpa_s->conf->ctrl_interface = NULL;
4084 }
4085 } else
4086 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
4087 iface->driver_param);
4088
4089 if (wpa_s->conf == NULL) {
4090 wpa_printf(MSG_ERROR, "\nNo configuration found.");
4091 return -1;
4092 }
4093
4094 if (iface->ifname == NULL) {
4095 wpa_printf(MSG_ERROR, "\nInterface name is required.");
4096 return -1;
4097 }
4098 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
4099 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
4100 iface->ifname);
4101 return -1;
4102 }
4103 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
4104
4105 if (iface->bridge_ifname) {
4106 if (os_strlen(iface->bridge_ifname) >=
4107 sizeof(wpa_s->bridge_ifname)) {
4108 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
4109 "name '%s'.", iface->bridge_ifname);
4110 return -1;
4111 }
4112 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
4113 sizeof(wpa_s->bridge_ifname));
4114 }
4115
4116 /* RSNA Supplicant Key Management - INITIALIZE */
4117 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
4118 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
4119
4120 /* Initialize driver interface and register driver event handler before
4121 * L2 receive handler so that association events are processed before
4122 * EAPOL-Key packets if both become available for the same select()
4123 * call. */
4124 if (wpas_init_driver(wpa_s, iface) < 0)
4125 return -1;
4126
4127 if (wpa_supplicant_init_wpa(wpa_s) < 0)
4128 return -1;
4129
4130 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
4131 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
4132 NULL);
4133 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
4134
4135 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
4136 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
4137 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
4138 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4139 "dot11RSNAConfigPMKLifetime");
4140 return -1;
4141 }
4142
4143 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
4144 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
4145 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
4146 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4147 "dot11RSNAConfigPMKReauthThreshold");
4148 return -1;
4149 }
4150
4151 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
4152 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
4153 wpa_s->conf->dot11RSNAConfigSATimeout)) {
4154 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
4155 "dot11RSNAConfigSATimeout");
4156 return -1;
4157 }
4158
4159 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
4160 &wpa_s->hw.num_modes,
4161 &wpa_s->hw.flags);
4162 if (wpa_s->hw.modes) {
4163 u16 i;
4164
4165 for (i = 0; i < wpa_s->hw.num_modes; i++) {
4166 if (wpa_s->hw.modes[i].vht_capab) {
4167 wpa_s->hw_capab = CAPAB_VHT;
4168 break;
4169 }
4170
4171 if (wpa_s->hw.modes[i].ht_capab &
4172 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
4173 wpa_s->hw_capab = CAPAB_HT40;
4174 else if (wpa_s->hw.modes[i].ht_capab &&
4175 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
4176 wpa_s->hw_capab = CAPAB_HT;
4177 }
4178 }
4179
4180 capa_res = wpa_drv_get_capa(wpa_s, &capa);
4181 if (capa_res == 0) {
4182 wpa_s->drv_capa_known = 1;
4183 wpa_s->drv_flags = capa.flags;
4184 wpa_s->drv_enc = capa.enc;
4185 wpa_s->drv_smps_modes = capa.smps_modes;
4186 wpa_s->drv_rrm_flags = capa.rrm_flags;
4187 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
4188 wpa_s->max_scan_ssids = capa.max_scan_ssids;
4189 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
4190 wpa_s->sched_scan_supported = capa.sched_scan_supported;
4191 wpa_s->max_match_sets = capa.max_match_sets;
4192 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
4193 wpa_s->max_stations = capa.max_stations;
4194 wpa_s->extended_capa = capa.extended_capa;
4195 wpa_s->extended_capa_mask = capa.extended_capa_mask;
4196 wpa_s->extended_capa_len = capa.extended_capa_len;
4197 wpa_s->num_multichan_concurrent =
4198 capa.num_multichan_concurrent;
4199 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
4200
4201 if (capa.mac_addr_rand_scan_supported)
4202 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
4203 if (wpa_s->sched_scan_supported &&
4204 capa.mac_addr_rand_sched_scan_supported)
4205 wpa_s->mac_addr_rand_supported |=
4206 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
4207 }
4208 if (wpa_s->max_remain_on_chan == 0)
4209 wpa_s->max_remain_on_chan = 1000;
4210
4211 /*
4212 * Only take p2p_mgmt parameters when P2P Device is supported.
4213 * Doing it here as it determines whether l2_packet_init() will be done
4214 * during wpa_supplicant_driver_init().
4215 */
4216 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
4217 wpa_s->p2p_mgmt = iface->p2p_mgmt;
4218 else
4219 iface->p2p_mgmt = 1;
4220
4221 if (wpa_s->num_multichan_concurrent == 0)
4222 wpa_s->num_multichan_concurrent = 1;
4223
4224 if (wpa_supplicant_driver_init(wpa_s) < 0)
4225 return -1;
4226
4227 #ifdef CONFIG_TDLS
4228 if ((!iface->p2p_mgmt ||
4229 !(wpa_s->drv_flags &
4230 WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4231 wpa_tdls_init(wpa_s->wpa))
4232 return -1;
4233 #endif /* CONFIG_TDLS */
4234
4235 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
4236 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
4237 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
4238 return -1;
4239 }
4240
4241 if (wpas_wps_init(wpa_s))
4242 return -1;
4243
4244 if (wpa_supplicant_init_eapol(wpa_s) < 0)
4245 return -1;
4246 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4247
4248 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
4249 if (wpa_s->ctrl_iface == NULL) {
4250 wpa_printf(MSG_ERROR,
4251 "Failed to initialize control interface '%s'.\n"
4252 "You may have another wpa_supplicant process "
4253 "already running or the file was\n"
4254 "left by an unclean termination of wpa_supplicant "
4255 "in which case you will need\n"
4256 "to manually remove this file before starting "
4257 "wpa_supplicant again.\n",
4258 wpa_s->conf->ctrl_interface);
4259 return -1;
4260 }
4261
4262 wpa_s->gas = gas_query_init(wpa_s);
4263 if (wpa_s->gas == NULL) {
4264 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
4265 return -1;
4266 }
4267
4268 if (iface->p2p_mgmt && wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
4269 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
4270 return -1;
4271 }
4272
4273 if (wpa_bss_init(wpa_s) < 0)
4274 return -1;
4275
4276 /*
4277 * Set Wake-on-WLAN triggers, if configured.
4278 * Note: We don't restore/remove the triggers on shutdown (it doesn't
4279 * have effect anyway when the interface is down).
4280 */
4281 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
4282 return -1;
4283
4284 #ifdef CONFIG_EAP_PROXY
4285 {
4286 size_t len;
4287 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, wpa_s->imsi,
4288 &len);
4289 if (wpa_s->mnc_len > 0) {
4290 wpa_s->imsi[len] = '\0';
4291 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
4292 wpa_s->imsi, wpa_s->mnc_len);
4293 } else {
4294 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
4295 }
4296 }
4297 #endif /* CONFIG_EAP_PROXY */
4298
4299 if (pcsc_reader_init(wpa_s) < 0)
4300 return -1;
4301
4302 if (wpas_init_ext_pw(wpa_s) < 0)
4303 return -1;
4304
4305 wpas_rrm_reset(wpa_s);
4306
4307 return 0;
4308 }
4309
4310
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)4311 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
4312 int notify, int terminate)
4313 {
4314 struct wpa_global *global = wpa_s->global;
4315 struct wpa_supplicant *iface, *prev;
4316
4317 if (wpa_s == wpa_s->parent)
4318 wpas_p2p_group_remove(wpa_s, "*");
4319
4320 iface = global->ifaces;
4321 while (iface) {
4322 if (iface == wpa_s || iface->parent != wpa_s) {
4323 iface = iface->next;
4324 continue;
4325 }
4326 wpa_printf(MSG_DEBUG,
4327 "Remove remaining child interface %s from parent %s",
4328 iface->ifname, wpa_s->ifname);
4329 prev = iface;
4330 iface = iface->next;
4331 wpa_supplicant_remove_iface(global, prev, terminate);
4332 }
4333
4334 wpa_s->disconnected = 1;
4335 if (wpa_s->drv_priv) {
4336 wpa_supplicant_deauthenticate(wpa_s,
4337 WLAN_REASON_DEAUTH_LEAVING);
4338
4339 wpa_drv_set_countermeasures(wpa_s, 0);
4340 wpa_clear_keys(wpa_s, NULL);
4341 }
4342
4343 wpa_supplicant_cleanup(wpa_s);
4344 wpas_p2p_deinit_iface(wpa_s);
4345
4346 wpas_ctrl_radio_work_flush(wpa_s);
4347 radio_remove_interface(wpa_s);
4348
4349 if (wpa_s->drv_priv)
4350 wpa_drv_deinit(wpa_s);
4351
4352 if (notify)
4353 wpas_notify_iface_removed(wpa_s);
4354
4355 if (terminate)
4356 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
4357
4358 if (wpa_s->ctrl_iface) {
4359 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
4360 wpa_s->ctrl_iface = NULL;
4361 }
4362
4363 #ifdef CONFIG_MESH
4364 if (wpa_s->ifmsh) {
4365 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh);
4366 wpa_s->ifmsh = NULL;
4367 }
4368 #endif /* CONFIG_MESH */
4369
4370 if (wpa_s->conf != NULL) {
4371 wpa_config_free(wpa_s->conf);
4372 wpa_s->conf = NULL;
4373 }
4374
4375 os_free(wpa_s->ssids_from_scan_req);
4376
4377 os_free(wpa_s);
4378 }
4379
4380
4381 /**
4382 * wpa_supplicant_add_iface - Add a new network interface
4383 * @global: Pointer to global data from wpa_supplicant_init()
4384 * @iface: Interface configuration options
4385 * @parent: Parent interface or %NULL to assign new interface as parent
4386 * Returns: Pointer to the created interface or %NULL on failure
4387 *
4388 * This function is used to add new network interfaces for %wpa_supplicant.
4389 * This can be called before wpa_supplicant_run() to add interfaces before the
4390 * main event loop has been started. In addition, new interfaces can be added
4391 * dynamically while %wpa_supplicant is already running. This could happen,
4392 * e.g., when a hotplug network adapter is inserted.
4393 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)4394 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
4395 struct wpa_interface *iface,
4396 struct wpa_supplicant *parent)
4397 {
4398 struct wpa_supplicant *wpa_s;
4399 struct wpa_interface t_iface;
4400 struct wpa_ssid *ssid;
4401
4402 if (global == NULL || iface == NULL)
4403 return NULL;
4404
4405 wpa_s = wpa_supplicant_alloc(parent);
4406 if (wpa_s == NULL)
4407 return NULL;
4408
4409 wpa_s->global = global;
4410
4411 t_iface = *iface;
4412 if (global->params.override_driver) {
4413 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
4414 "('%s' -> '%s')",
4415 iface->driver, global->params.override_driver);
4416 t_iface.driver = global->params.override_driver;
4417 }
4418 if (global->params.override_ctrl_interface) {
4419 wpa_printf(MSG_DEBUG, "Override interface parameter: "
4420 "ctrl_interface ('%s' -> '%s')",
4421 iface->ctrl_interface,
4422 global->params.override_ctrl_interface);
4423 t_iface.ctrl_interface =
4424 global->params.override_ctrl_interface;
4425 }
4426 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
4427 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
4428 iface->ifname);
4429 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
4430 return NULL;
4431 }
4432
4433 if (iface->p2p_mgmt == 0) {
4434 /* Notify the control interfaces about new iface */
4435 if (wpas_notify_iface_added(wpa_s)) {
4436 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
4437 return NULL;
4438 }
4439
4440 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4441 wpas_notify_network_added(wpa_s, ssid);
4442 }
4443
4444 wpa_s->next = global->ifaces;
4445 global->ifaces = wpa_s;
4446
4447 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
4448 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4449
4450 #ifdef CONFIG_P2P
4451 if (wpa_s->global->p2p == NULL &&
4452 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
4453 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
4454 wpas_p2p_add_p2pdev_interface(
4455 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
4456 wpa_printf(MSG_INFO,
4457 "P2P: Failed to enable P2P Device interface");
4458 /* Try to continue without. P2P will be disabled. */
4459 }
4460 #endif /* CONFIG_P2P */
4461
4462 return wpa_s;
4463 }
4464
4465
4466 /**
4467 * wpa_supplicant_remove_iface - Remove a network interface
4468 * @global: Pointer to global data from wpa_supplicant_init()
4469 * @wpa_s: Pointer to the network interface to be removed
4470 * Returns: 0 if interface was removed, -1 if interface was not found
4471 *
4472 * This function can be used to dynamically remove network interfaces from
4473 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
4474 * addition, this function is used to remove all remaining interfaces when
4475 * %wpa_supplicant is terminated.
4476 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)4477 int wpa_supplicant_remove_iface(struct wpa_global *global,
4478 struct wpa_supplicant *wpa_s,
4479 int terminate)
4480 {
4481 struct wpa_supplicant *prev;
4482 #ifdef CONFIG_MESH
4483 unsigned int mesh_if_created = wpa_s->mesh_if_created;
4484 char *ifname = NULL;
4485 #endif /* CONFIG_MESH */
4486
4487 /* Remove interface from the global list of interfaces */
4488 prev = global->ifaces;
4489 if (prev == wpa_s) {
4490 global->ifaces = wpa_s->next;
4491 } else {
4492 while (prev && prev->next != wpa_s)
4493 prev = prev->next;
4494 if (prev == NULL)
4495 return -1;
4496 prev->next = wpa_s->next;
4497 }
4498
4499 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
4500
4501 #ifdef CONFIG_MESH
4502 if (mesh_if_created) {
4503 ifname = os_strdup(wpa_s->ifname);
4504 if (ifname == NULL) {
4505 wpa_dbg(wpa_s, MSG_ERROR,
4506 "mesh: Failed to malloc ifname");
4507 return -1;
4508 }
4509 }
4510 #endif /* CONFIG_MESH */
4511
4512 if (global->p2p_group_formation == wpa_s)
4513 global->p2p_group_formation = NULL;
4514 if (global->p2p_invite_group == wpa_s)
4515 global->p2p_invite_group = NULL;
4516 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
4517
4518 #ifdef CONFIG_MESH
4519 if (mesh_if_created) {
4520 wpa_drv_if_remove(global->ifaces, WPA_IF_MESH, ifname);
4521 os_free(ifname);
4522 }
4523 #endif /* CONFIG_MESH */
4524
4525 return 0;
4526 }
4527
4528
4529 /**
4530 * wpa_supplicant_get_eap_mode - Get the current EAP mode
4531 * @wpa_s: Pointer to the network interface
4532 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
4533 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)4534 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
4535 {
4536 const char *eapol_method;
4537
4538 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
4539 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4540 return "NO-EAP";
4541 }
4542
4543 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
4544 if (eapol_method == NULL)
4545 return "UNKNOWN-EAP";
4546
4547 return eapol_method;
4548 }
4549
4550
4551 /**
4552 * wpa_supplicant_get_iface - Get a new network interface
4553 * @global: Pointer to global data from wpa_supplicant_init()
4554 * @ifname: Interface name
4555 * Returns: Pointer to the interface or %NULL if not found
4556 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)4557 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
4558 const char *ifname)
4559 {
4560 struct wpa_supplicant *wpa_s;
4561
4562 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
4563 if (os_strcmp(wpa_s->ifname, ifname) == 0)
4564 return wpa_s;
4565 }
4566 return NULL;
4567 }
4568
4569
4570 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)4571 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
4572 {
4573 struct wpa_supplicant *wpa_s = ctx;
4574 if (wpa_s == NULL)
4575 return NULL;
4576 return wpa_s->ifname;
4577 }
4578 #endif /* CONFIG_NO_WPA_MSG */
4579
4580
4581 /**
4582 * wpa_supplicant_init - Initialize %wpa_supplicant
4583 * @params: Parameters for %wpa_supplicant
4584 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
4585 *
4586 * This function is used to initialize %wpa_supplicant. After successful
4587 * initialization, the returned data pointer can be used to add and remove
4588 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
4589 */
wpa_supplicant_init(struct wpa_params * params)4590 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
4591 {
4592 struct wpa_global *global;
4593 int ret, i;
4594
4595 if (params == NULL)
4596 return NULL;
4597
4598 #ifdef CONFIG_DRIVER_NDIS
4599 {
4600 void driver_ndis_init_ops(void);
4601 driver_ndis_init_ops();
4602 }
4603 #endif /* CONFIG_DRIVER_NDIS */
4604
4605 #ifndef CONFIG_NO_WPA_MSG
4606 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
4607 #endif /* CONFIG_NO_WPA_MSG */
4608
4609 if (params->wpa_debug_file_path)
4610 wpa_debug_open_file(params->wpa_debug_file_path);
4611 else
4612 wpa_debug_setup_stdout();
4613 if (params->wpa_debug_syslog)
4614 wpa_debug_open_syslog();
4615 if (params->wpa_debug_tracing) {
4616 ret = wpa_debug_open_linux_tracing();
4617 if (ret) {
4618 wpa_printf(MSG_ERROR,
4619 "Failed to enable trace logging");
4620 return NULL;
4621 }
4622 }
4623
4624 ret = eap_register_methods();
4625 if (ret) {
4626 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
4627 if (ret == -2)
4628 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
4629 "the same EAP type.");
4630 return NULL;
4631 }
4632
4633 global = os_zalloc(sizeof(*global));
4634 if (global == NULL)
4635 return NULL;
4636 dl_list_init(&global->p2p_srv_bonjour);
4637 dl_list_init(&global->p2p_srv_upnp);
4638 global->params.daemonize = params->daemonize;
4639 global->params.wait_for_monitor = params->wait_for_monitor;
4640 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
4641 if (params->pid_file)
4642 global->params.pid_file = os_strdup(params->pid_file);
4643 if (params->ctrl_interface)
4644 global->params.ctrl_interface =
4645 os_strdup(params->ctrl_interface);
4646 if (params->ctrl_interface_group)
4647 global->params.ctrl_interface_group =
4648 os_strdup(params->ctrl_interface_group);
4649 if (params->override_driver)
4650 global->params.override_driver =
4651 os_strdup(params->override_driver);
4652 if (params->override_ctrl_interface)
4653 global->params.override_ctrl_interface =
4654 os_strdup(params->override_ctrl_interface);
4655 if (params->conf_p2p_dev)
4656 global->params.conf_p2p_dev =
4657 os_strdup(params->conf_p2p_dev);
4658 wpa_debug_level = global->params.wpa_debug_level =
4659 params->wpa_debug_level;
4660 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
4661 params->wpa_debug_show_keys;
4662 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
4663 params->wpa_debug_timestamp;
4664
4665 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
4666
4667 if (eloop_init()) {
4668 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
4669 wpa_supplicant_deinit(global);
4670 return NULL;
4671 }
4672
4673 random_init(params->entropy_file);
4674
4675 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
4676 if (global->ctrl_iface == NULL) {
4677 wpa_supplicant_deinit(global);
4678 return NULL;
4679 }
4680
4681 if (wpas_notify_supplicant_initialized(global)) {
4682 wpa_supplicant_deinit(global);
4683 return NULL;
4684 }
4685
4686 for (i = 0; wpa_drivers[i]; i++)
4687 global->drv_count++;
4688 if (global->drv_count == 0) {
4689 wpa_printf(MSG_ERROR, "No drivers enabled");
4690 wpa_supplicant_deinit(global);
4691 return NULL;
4692 }
4693 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
4694 if (global->drv_priv == NULL) {
4695 wpa_supplicant_deinit(global);
4696 return NULL;
4697 }
4698
4699 #ifdef CONFIG_WIFI_DISPLAY
4700 if (wifi_display_init(global) < 0) {
4701 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
4702 wpa_supplicant_deinit(global);
4703 return NULL;
4704 }
4705 #endif /* CONFIG_WIFI_DISPLAY */
4706
4707 return global;
4708 }
4709
4710
4711 /**
4712 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
4713 * @global: Pointer to global data from wpa_supplicant_init()
4714 * Returns: 0 after successful event loop run, -1 on failure
4715 *
4716 * This function starts the main event loop and continues running as long as
4717 * there are any remaining events. In most cases, this function is running as
4718 * long as the %wpa_supplicant process in still in use.
4719 */
wpa_supplicant_run(struct wpa_global * global)4720 int wpa_supplicant_run(struct wpa_global *global)
4721 {
4722 struct wpa_supplicant *wpa_s;
4723
4724 if (global->params.daemonize &&
4725 wpa_supplicant_daemon(global->params.pid_file))
4726 return -1;
4727
4728 if (global->params.wait_for_monitor) {
4729 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
4730 if (wpa_s->ctrl_iface)
4731 wpa_supplicant_ctrl_iface_wait(
4732 wpa_s->ctrl_iface);
4733 }
4734
4735 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
4736 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
4737
4738 eloop_run();
4739
4740 return 0;
4741 }
4742
4743
4744 /**
4745 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
4746 * @global: Pointer to global data from wpa_supplicant_init()
4747 *
4748 * This function is called to deinitialize %wpa_supplicant and to free all
4749 * allocated resources. Remaining network interfaces will also be removed.
4750 */
wpa_supplicant_deinit(struct wpa_global * global)4751 void wpa_supplicant_deinit(struct wpa_global *global)
4752 {
4753 int i;
4754
4755 if (global == NULL)
4756 return;
4757
4758 #ifdef CONFIG_WIFI_DISPLAY
4759 wifi_display_deinit(global);
4760 #endif /* CONFIG_WIFI_DISPLAY */
4761
4762 while (global->ifaces)
4763 wpa_supplicant_remove_iface(global, global->ifaces, 1);
4764
4765 if (global->ctrl_iface)
4766 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
4767
4768 wpas_notify_supplicant_deinitialized(global);
4769
4770 eap_peer_unregister_methods();
4771 #ifdef CONFIG_AP
4772 eap_server_unregister_methods();
4773 #endif /* CONFIG_AP */
4774
4775 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
4776 if (!global->drv_priv[i])
4777 continue;
4778 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
4779 }
4780 os_free(global->drv_priv);
4781
4782 random_deinit();
4783
4784 eloop_destroy();
4785
4786 if (global->params.pid_file) {
4787 os_daemonize_terminate(global->params.pid_file);
4788 os_free(global->params.pid_file);
4789 }
4790 os_free(global->params.ctrl_interface);
4791 os_free(global->params.ctrl_interface_group);
4792 os_free(global->params.override_driver);
4793 os_free(global->params.override_ctrl_interface);
4794 os_free(global->params.conf_p2p_dev);
4795
4796 os_free(global->p2p_disallow_freq.range);
4797 os_free(global->p2p_go_avoid_freq.range);
4798 os_free(global->add_psk);
4799
4800 os_free(global);
4801 wpa_debug_close_syslog();
4802 wpa_debug_close_file();
4803 wpa_debug_close_linux_tracing();
4804 }
4805
4806
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)4807 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
4808 {
4809 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
4810 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
4811 char country[3];
4812 country[0] = wpa_s->conf->country[0];
4813 country[1] = wpa_s->conf->country[1];
4814 country[2] = '\0';
4815 if (wpa_drv_set_country(wpa_s, country) < 0) {
4816 wpa_printf(MSG_ERROR, "Failed to set country code "
4817 "'%s'", country);
4818 }
4819 }
4820
4821 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
4822 wpas_init_ext_pw(wpa_s);
4823
4824 #ifdef CONFIG_WPS
4825 wpas_wps_update_config(wpa_s);
4826 #endif /* CONFIG_WPS */
4827 wpas_p2p_update_config(wpa_s);
4828 wpa_s->conf->changed_parameters = 0;
4829 }
4830
4831
add_freq(int * freqs,int * num_freqs,int freq)4832 void add_freq(int *freqs, int *num_freqs, int freq)
4833 {
4834 int i;
4835
4836 for (i = 0; i < *num_freqs; i++) {
4837 if (freqs[i] == freq)
4838 return;
4839 }
4840
4841 freqs[*num_freqs] = freq;
4842 (*num_freqs)++;
4843 }
4844
4845
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)4846 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
4847 {
4848 struct wpa_bss *bss, *cbss;
4849 const int max_freqs = 10;
4850 int *freqs;
4851 int num_freqs = 0;
4852
4853 freqs = os_calloc(max_freqs + 1, sizeof(int));
4854 if (freqs == NULL)
4855 return NULL;
4856
4857 cbss = wpa_s->current_bss;
4858
4859 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
4860 if (bss == cbss)
4861 continue;
4862 if (bss->ssid_len == cbss->ssid_len &&
4863 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
4864 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
4865 add_freq(freqs, &num_freqs, bss->freq);
4866 if (num_freqs == max_freqs)
4867 break;
4868 }
4869 }
4870
4871 if (num_freqs == 0) {
4872 os_free(freqs);
4873 freqs = NULL;
4874 }
4875
4876 return freqs;
4877 }
4878
4879
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid)4880 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
4881 {
4882 int timeout;
4883 int count;
4884 int *freqs = NULL;
4885
4886 wpas_connect_work_done(wpa_s);
4887
4888 /*
4889 * Remove possible authentication timeout since the connection failed.
4890 */
4891 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4892
4893 /*
4894 * There is no point in blacklisting the AP if this event is
4895 * generated based on local request to disconnect.
4896 */
4897 if (wpa_s->own_disconnect_req) {
4898 wpa_s->own_disconnect_req = 0;
4899 wpa_dbg(wpa_s, MSG_DEBUG,
4900 "Ignore connection failure due to local request to disconnect");
4901 return;
4902 }
4903 if (wpa_s->disconnected) {
4904 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
4905 "indication since interface has been put into "
4906 "disconnected state");
4907 return;
4908 }
4909
4910 /*
4911 * Add the failed BSSID into the blacklist and speed up next scan
4912 * attempt if there could be other APs that could accept association.
4913 * The current blacklist count indicates how many times we have tried
4914 * connecting to this AP and multiple attempts mean that other APs are
4915 * either not available or has already been tried, so that we can start
4916 * increasing the delay here to avoid constant scanning.
4917 */
4918 count = wpa_blacklist_add(wpa_s, bssid);
4919 if (count == 1 && wpa_s->current_bss) {
4920 /*
4921 * This BSS was not in the blacklist before. If there is
4922 * another BSS available for the same ESS, we should try that
4923 * next. Otherwise, we may as well try this one once more
4924 * before allowing other, likely worse, ESSes to be considered.
4925 */
4926 freqs = get_bss_freqs_in_ess(wpa_s);
4927 if (freqs) {
4928 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
4929 "has been seen; try it next");
4930 wpa_blacklist_add(wpa_s, bssid);
4931 /*
4932 * On the next scan, go through only the known channels
4933 * used in this ESS based on previous scans to speed up
4934 * common load balancing use case.
4935 */
4936 os_free(wpa_s->next_scan_freqs);
4937 wpa_s->next_scan_freqs = freqs;
4938 }
4939 }
4940
4941 /*
4942 * Add previous failure count in case the temporary blacklist was
4943 * cleared due to no other BSSes being available.
4944 */
4945 count += wpa_s->extra_blacklist_count;
4946
4947 if (count > 3 && wpa_s->current_ssid) {
4948 wpa_printf(MSG_DEBUG, "Continuous association failures - "
4949 "consider temporary network disabling");
4950 wpas_auth_failed(wpa_s, "CONN_FAILED");
4951 }
4952
4953 switch (count) {
4954 case 1:
4955 timeout = 100;
4956 break;
4957 case 2:
4958 timeout = 500;
4959 break;
4960 case 3:
4961 timeout = 1000;
4962 break;
4963 case 4:
4964 timeout = 5000;
4965 break;
4966 default:
4967 timeout = 10000;
4968 break;
4969 }
4970
4971 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
4972 "ms", count, timeout);
4973
4974 /*
4975 * TODO: if more than one possible AP is available in scan results,
4976 * could try the other ones before requesting a new scan.
4977 */
4978 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
4979 1000 * (timeout % 1000));
4980 }
4981
4982
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)4983 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
4984 {
4985 return wpa_s->conf->ap_scan == 2 ||
4986 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
4987 }
4988
4989
4990 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)4991 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
4992 struct wpa_ssid *ssid,
4993 const char *field,
4994 const char *value)
4995 {
4996 #ifdef IEEE8021X_EAPOL
4997 struct eap_peer_config *eap = &ssid->eap;
4998
4999 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
5000 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
5001 (const u8 *) value, os_strlen(value));
5002
5003 switch (wpa_supplicant_ctrl_req_from_string(field)) {
5004 case WPA_CTRL_REQ_EAP_IDENTITY:
5005 os_free(eap->identity);
5006 eap->identity = (u8 *) os_strdup(value);
5007 eap->identity_len = os_strlen(value);
5008 eap->pending_req_identity = 0;
5009 if (ssid == wpa_s->current_ssid)
5010 wpa_s->reassociate = 1;
5011 break;
5012 case WPA_CTRL_REQ_EAP_PASSWORD:
5013 bin_clear_free(eap->password, eap->password_len);
5014 eap->password = (u8 *) os_strdup(value);
5015 eap->password_len = os_strlen(value);
5016 eap->pending_req_password = 0;
5017 if (ssid == wpa_s->current_ssid)
5018 wpa_s->reassociate = 1;
5019 break;
5020 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
5021 bin_clear_free(eap->new_password, eap->new_password_len);
5022 eap->new_password = (u8 *) os_strdup(value);
5023 eap->new_password_len = os_strlen(value);
5024 eap->pending_req_new_password = 0;
5025 if (ssid == wpa_s->current_ssid)
5026 wpa_s->reassociate = 1;
5027 break;
5028 case WPA_CTRL_REQ_EAP_PIN:
5029 str_clear_free(eap->pin);
5030 eap->pin = os_strdup(value);
5031 eap->pending_req_pin = 0;
5032 if (ssid == wpa_s->current_ssid)
5033 wpa_s->reassociate = 1;
5034 break;
5035 case WPA_CTRL_REQ_EAP_OTP:
5036 bin_clear_free(eap->otp, eap->otp_len);
5037 eap->otp = (u8 *) os_strdup(value);
5038 eap->otp_len = os_strlen(value);
5039 os_free(eap->pending_req_otp);
5040 eap->pending_req_otp = NULL;
5041 eap->pending_req_otp_len = 0;
5042 break;
5043 case WPA_CTRL_REQ_EAP_PASSPHRASE:
5044 str_clear_free(eap->private_key_passwd);
5045 eap->private_key_passwd = os_strdup(value);
5046 eap->pending_req_passphrase = 0;
5047 if (ssid == wpa_s->current_ssid)
5048 wpa_s->reassociate = 1;
5049 break;
5050 case WPA_CTRL_REQ_SIM:
5051 str_clear_free(eap->external_sim_resp);
5052 eap->external_sim_resp = os_strdup(value);
5053 break;
5054 case WPA_CTRL_REQ_PSK_PASSPHRASE:
5055 if (wpa_config_set(ssid, "psk", value, 0) < 0)
5056 return -1;
5057 ssid->mem_only_psk = 1;
5058 if (ssid->passphrase)
5059 wpa_config_update_psk(ssid);
5060 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
5061 wpa_supplicant_req_scan(wpa_s, 0, 0);
5062 break;
5063 default:
5064 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
5065 return -1;
5066 }
5067
5068 return 0;
5069 #else /* IEEE8021X_EAPOL */
5070 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
5071 return -1;
5072 #endif /* IEEE8021X_EAPOL */
5073 }
5074 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
5075
5076
wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5077 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5078 {
5079 int i;
5080 unsigned int drv_enc;
5081
5082 if (wpa_s->p2p_mgmt)
5083 return 1; /* no normal network profiles on p2p_mgmt interface */
5084
5085 if (ssid == NULL)
5086 return 1;
5087
5088 if (ssid->disabled)
5089 return 1;
5090
5091 if (wpa_s->drv_capa_known)
5092 drv_enc = wpa_s->drv_enc;
5093 else
5094 drv_enc = (unsigned int) -1;
5095
5096 for (i = 0; i < NUM_WEP_KEYS; i++) {
5097 size_t len = ssid->wep_key_len[i];
5098 if (len == 0)
5099 continue;
5100 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
5101 continue;
5102 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
5103 continue;
5104 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
5105 continue;
5106 return 1; /* invalid WEP key */
5107 }
5108
5109 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
5110 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
5111 !ssid->mem_only_psk)
5112 return 1;
5113
5114 return 0;
5115 }
5116
5117
wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5118 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
5119 {
5120 #ifdef CONFIG_IEEE80211W
5121 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
5122 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
5123 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
5124 /*
5125 * Driver does not support BIP -- ignore pmf=1 default
5126 * since the connection with PMF would fail and the
5127 * configuration does not require PMF to be enabled.
5128 */
5129 return NO_MGMT_FRAME_PROTECTION;
5130 }
5131
5132 return wpa_s->conf->pmf;
5133 }
5134
5135 return ssid->ieee80211w;
5136 #else /* CONFIG_IEEE80211W */
5137 return NO_MGMT_FRAME_PROTECTION;
5138 #endif /* CONFIG_IEEE80211W */
5139 }
5140
5141
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)5142 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
5143 {
5144 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
5145 return 1;
5146 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
5147 return 0;
5148 return -1;
5149 }
5150
5151
wpas_auth_failed(struct wpa_supplicant * wpa_s,char * reason)5152 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
5153 {
5154 struct wpa_ssid *ssid = wpa_s->current_ssid;
5155 int dur;
5156 struct os_reltime now;
5157
5158 if (ssid == NULL) {
5159 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
5160 "SSID block");
5161 return;
5162 }
5163
5164 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
5165 return;
5166
5167 ssid->auth_failures++;
5168
5169 #ifdef CONFIG_P2P
5170 if (ssid->p2p_group &&
5171 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
5172 /*
5173 * Skip the wait time since there is a short timeout on the
5174 * connection to a P2P group.
5175 */
5176 return;
5177 }
5178 #endif /* CONFIG_P2P */
5179
5180 if (ssid->auth_failures > 50)
5181 dur = 300;
5182 else if (ssid->auth_failures > 10)
5183 dur = 120;
5184 else if (ssid->auth_failures > 5)
5185 dur = 90;
5186 else if (ssid->auth_failures > 3)
5187 dur = 60;
5188 else if (ssid->auth_failures > 2)
5189 dur = 30;
5190 else if (ssid->auth_failures > 1)
5191 dur = 20;
5192 else
5193 dur = 10;
5194
5195 if (ssid->auth_failures > 1 &&
5196 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
5197 dur += os_random() % (ssid->auth_failures * 10);
5198
5199 os_get_reltime(&now);
5200 if (now.sec + dur <= ssid->disabled_until.sec)
5201 return;
5202
5203 ssid->disabled_until.sec = now.sec + dur;
5204
5205 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
5206 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
5207 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
5208 ssid->auth_failures, dur, reason);
5209 }
5210
5211
wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)5212 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
5213 struct wpa_ssid *ssid, int clear_failures)
5214 {
5215 if (ssid == NULL)
5216 return;
5217
5218 if (ssid->disabled_until.sec) {
5219 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
5220 "id=%d ssid=\"%s\"",
5221 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
5222 }
5223 ssid->disabled_until.sec = 0;
5224 ssid->disabled_until.usec = 0;
5225 if (clear_failures)
5226 ssid->auth_failures = 0;
5227 }
5228
5229
disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)5230 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
5231 {
5232 size_t i;
5233
5234 if (wpa_s->disallow_aps_bssid == NULL)
5235 return 0;
5236
5237 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
5238 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
5239 bssid, ETH_ALEN) == 0)
5240 return 1;
5241 }
5242
5243 return 0;
5244 }
5245
5246
disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)5247 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
5248 size_t ssid_len)
5249 {
5250 size_t i;
5251
5252 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
5253 return 0;
5254
5255 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
5256 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
5257 if (ssid_len == s->ssid_len &&
5258 os_memcmp(ssid, s->ssid, ssid_len) == 0)
5259 return 1;
5260 }
5261
5262 return 0;
5263 }
5264
5265
5266 /**
5267 * wpas_request_connection - Request a new connection
5268 * @wpa_s: Pointer to the network interface
5269 *
5270 * This function is used to request a new connection to be found. It will mark
5271 * the interface to allow reassociation and request a new scan to find a
5272 * suitable network to connect to.
5273 */
wpas_request_connection(struct wpa_supplicant * wpa_s)5274 void wpas_request_connection(struct wpa_supplicant *wpa_s)
5275 {
5276 wpa_s->normal_scans = 0;
5277 wpa_s->scan_req = NORMAL_SCAN_REQ;
5278 wpa_supplicant_reinit_autoscan(wpa_s);
5279 wpa_s->extra_blacklist_count = 0;
5280 wpa_s->disconnected = 0;
5281 wpa_s->reassociate = 1;
5282
5283 if (wpa_supplicant_fast_associate(wpa_s) != 1)
5284 wpa_supplicant_req_scan(wpa_s, 0, 0);
5285 else
5286 wpa_s->reattach = 0;
5287 }
5288
5289
dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)5290 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
5291 struct wpa_used_freq_data *freqs_data,
5292 unsigned int len)
5293 {
5294 unsigned int i;
5295
5296 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
5297 len, title);
5298 for (i = 0; i < len; i++) {
5299 struct wpa_used_freq_data *cur = &freqs_data[i];
5300 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
5301 i, cur->freq, cur->flags);
5302 }
5303 }
5304
5305
5306 /*
5307 * Find the operating frequencies of any of the virtual interfaces that
5308 * are using the same radio as the current interface, and in addition, get
5309 * information about the interface types that are using the frequency.
5310 */
get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len)5311 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
5312 struct wpa_used_freq_data *freqs_data,
5313 unsigned int len)
5314 {
5315 struct wpa_supplicant *ifs;
5316 u8 bssid[ETH_ALEN];
5317 int freq;
5318 unsigned int idx = 0, i;
5319
5320 wpa_dbg(wpa_s, MSG_DEBUG,
5321 "Determining shared radio frequencies (max len %u)", len);
5322 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
5323
5324 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
5325 radio_list) {
5326 if (idx == len)
5327 break;
5328
5329 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
5330 continue;
5331
5332 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
5333 ifs->current_ssid->mode == WPAS_MODE_P2P_GO)
5334 freq = ifs->current_ssid->frequency;
5335 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
5336 freq = ifs->assoc_freq;
5337 else
5338 continue;
5339
5340 /* Hold only distinct freqs */
5341 for (i = 0; i < idx; i++)
5342 if (freqs_data[i].freq == freq)
5343 break;
5344
5345 if (i == idx)
5346 freqs_data[idx++].freq = freq;
5347
5348 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
5349 freqs_data[i].flags = ifs->current_ssid->p2p_group ?
5350 WPA_FREQ_USED_BY_P2P_CLIENT :
5351 WPA_FREQ_USED_BY_INFRA_STATION;
5352 }
5353 }
5354
5355 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
5356 return idx;
5357 }
5358
5359
5360 /*
5361 * Find the operating frequencies of any of the virtual interfaces that
5362 * are using the same radio as the current interface.
5363 */
get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len)5364 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
5365 int *freq_array, unsigned int len)
5366 {
5367 struct wpa_used_freq_data *freqs_data;
5368 int num, i;
5369
5370 os_memset(freq_array, 0, sizeof(int) * len);
5371
5372 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
5373 if (!freqs_data)
5374 return -1;
5375
5376 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
5377 for (i = 0; i < num; i++)
5378 freq_array[i] = freqs_data[i].freq;
5379
5380 os_free(freqs_data);
5381
5382 return num;
5383 }
5384
5385
wpas_rrm_neighbor_rep_timeout_handler(void * data,void * user_ctx)5386 static void wpas_rrm_neighbor_rep_timeout_handler(void *data, void *user_ctx)
5387 {
5388 struct rrm_data *rrm = data;
5389
5390 if (!rrm->notify_neighbor_rep) {
5391 wpa_printf(MSG_ERROR,
5392 "RRM: Unexpected neighbor report timeout");
5393 return;
5394 }
5395
5396 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report - NONE");
5397 rrm->notify_neighbor_rep(rrm->neighbor_rep_cb_ctx, NULL);
5398
5399 rrm->notify_neighbor_rep = NULL;
5400 rrm->neighbor_rep_cb_ctx = NULL;
5401 }
5402
5403
5404 /*
5405 * wpas_rrm_reset - Clear and reset all RRM data in wpa_supplicant
5406 * @wpa_s: Pointer to wpa_supplicant
5407 */
wpas_rrm_reset(struct wpa_supplicant * wpa_s)5408 void wpas_rrm_reset(struct wpa_supplicant *wpa_s)
5409 {
5410 wpa_s->rrm.rrm_used = 0;
5411
5412 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5413 NULL);
5414 if (wpa_s->rrm.notify_neighbor_rep)
5415 wpas_rrm_neighbor_rep_timeout_handler(&wpa_s->rrm, NULL);
5416 wpa_s->rrm.next_neighbor_rep_token = 1;
5417 }
5418
5419
5420 /*
5421 * wpas_rrm_process_neighbor_rep - Handle incoming neighbor report
5422 * @wpa_s: Pointer to wpa_supplicant
5423 * @report: Neighbor report buffer, prefixed by a 1-byte dialog token
5424 * @report_len: Length of neighbor report buffer
5425 */
wpas_rrm_process_neighbor_rep(struct wpa_supplicant * wpa_s,const u8 * report,size_t report_len)5426 void wpas_rrm_process_neighbor_rep(struct wpa_supplicant *wpa_s,
5427 const u8 *report, size_t report_len)
5428 {
5429 struct wpabuf *neighbor_rep;
5430
5431 wpa_hexdump(MSG_DEBUG, "RRM: New Neighbor Report", report, report_len);
5432 if (report_len < 1)
5433 return;
5434
5435 if (report[0] != wpa_s->rrm.next_neighbor_rep_token - 1) {
5436 wpa_printf(MSG_DEBUG,
5437 "RRM: Discarding neighbor report with token %d (expected %d)",
5438 report[0], wpa_s->rrm.next_neighbor_rep_token - 1);
5439 return;
5440 }
5441
5442 eloop_cancel_timeout(wpas_rrm_neighbor_rep_timeout_handler, &wpa_s->rrm,
5443 NULL);
5444
5445 if (!wpa_s->rrm.notify_neighbor_rep) {
5446 wpa_printf(MSG_ERROR, "RRM: Unexpected neighbor report");
5447 return;
5448 }
5449
5450 /* skipping the first byte, which is only an id (dialog token) */
5451 neighbor_rep = wpabuf_alloc(report_len - 1);
5452 if (neighbor_rep == NULL)
5453 return;
5454 wpabuf_put_data(neighbor_rep, report + 1, report_len - 1);
5455 wpa_printf(MSG_DEBUG, "RRM: Notifying neighbor report (token = %d)",
5456 report[0]);
5457 wpa_s->rrm.notify_neighbor_rep(wpa_s->rrm.neighbor_rep_cb_ctx,
5458 neighbor_rep);
5459 wpa_s->rrm.notify_neighbor_rep = NULL;
5460 wpa_s->rrm.neighbor_rep_cb_ctx = NULL;
5461 }
5462
5463
5464 #if defined(__CYGWIN__) || defined(CONFIG_NATIVE_WINDOWS)
5465 /* Workaround different, undefined for Windows, error codes used here */
5466 #define ENOTCONN -1
5467 #define EOPNOTSUPP -1
5468 #define ECANCELED -1
5469 #endif
5470
5471 /**
5472 * wpas_rrm_send_neighbor_rep_request - Request a neighbor report from our AP
5473 * @wpa_s: Pointer to wpa_supplicant
5474 * @ssid: if not null, this is sent in the request. Otherwise, no SSID IE
5475 * is sent in the request.
5476 * @cb: Callback function to be called once the requested report arrives, or
5477 * timed out after RRM_NEIGHBOR_REPORT_TIMEOUT seconds.
5478 * In the former case, 'neighbor_rep' is a newly allocated wpabuf, and it's
5479 * the requester's responsibility to free it.
5480 * In the latter case NULL will be sent in 'neighbor_rep'.
5481 * @cb_ctx: Context value to send the callback function
5482 * Returns: 0 in case of success, negative error code otherwise
5483 *
5484 * In case there is a previous request which has not been answered yet, the
5485 * new request fails. The caller may retry after RRM_NEIGHBOR_REPORT_TIMEOUT.
5486 * Request must contain a callback function.
5487 */
wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,void (* cb)(void * ctx,struct wpabuf * neighbor_rep),void * cb_ctx)5488 int wpas_rrm_send_neighbor_rep_request(struct wpa_supplicant *wpa_s,
5489 const struct wpa_ssid *ssid,
5490 void (*cb)(void *ctx,
5491 struct wpabuf *neighbor_rep),
5492 void *cb_ctx)
5493 {
5494 struct wpabuf *buf;
5495 const u8 *rrm_ie;
5496
5497 if (wpa_s->wpa_state != WPA_COMPLETED || wpa_s->current_ssid == NULL) {
5498 wpa_printf(MSG_DEBUG, "RRM: No connection, no RRM.");
5499 return -ENOTCONN;
5500 }
5501
5502 if (!wpa_s->rrm.rrm_used) {
5503 wpa_printf(MSG_DEBUG, "RRM: No RRM in current connection.");
5504 return -EOPNOTSUPP;
5505 }
5506
5507 rrm_ie = wpa_bss_get_ie(wpa_s->current_bss,
5508 WLAN_EID_RRM_ENABLED_CAPABILITIES);
5509 if (!rrm_ie || !(wpa_s->current_bss->caps & IEEE80211_CAP_RRM) ||
5510 !(rrm_ie[2] & WLAN_RRM_CAPS_NEIGHBOR_REPORT)) {
5511 wpa_printf(MSG_DEBUG,
5512 "RRM: No network support for Neighbor Report.");
5513 return -EOPNOTSUPP;
5514 }
5515
5516 if (!cb) {
5517 wpa_printf(MSG_DEBUG,
5518 "RRM: Neighbor Report request must provide a callback.");
5519 return -EINVAL;
5520 }
5521
5522 /* Refuse if there's a live request */
5523 if (wpa_s->rrm.notify_neighbor_rep) {
5524 wpa_printf(MSG_DEBUG,
5525 "RRM: Currently handling previous Neighbor Report.");
5526 return -EBUSY;
5527 }
5528
5529 /* 3 = action category + action code + dialog token */
5530 buf = wpabuf_alloc(3 + (ssid ? 2 + ssid->ssid_len : 0));
5531 if (buf == NULL) {
5532 wpa_printf(MSG_DEBUG,
5533 "RRM: Failed to allocate Neighbor Report Request");
5534 return -ENOMEM;
5535 }
5536
5537 wpa_printf(MSG_DEBUG, "RRM: Neighbor report request (for %s), token=%d",
5538 (ssid ? wpa_ssid_txt(ssid->ssid, ssid->ssid_len) : ""),
5539 wpa_s->rrm.next_neighbor_rep_token);
5540
5541 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5542 wpabuf_put_u8(buf, WLAN_RRM_NEIGHBOR_REPORT_REQUEST);
5543 wpabuf_put_u8(buf, wpa_s->rrm.next_neighbor_rep_token);
5544 if (ssid) {
5545 wpabuf_put_u8(buf, WLAN_EID_SSID);
5546 wpabuf_put_u8(buf, ssid->ssid_len);
5547 wpabuf_put_data(buf, ssid->ssid, ssid->ssid_len);
5548 }
5549
5550 wpa_s->rrm.next_neighbor_rep_token++;
5551
5552 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5553 wpa_s->own_addr, wpa_s->bssid,
5554 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) {
5555 wpa_printf(MSG_DEBUG,
5556 "RRM: Failed to send Neighbor Report Request");
5557 wpabuf_free(buf);
5558 return -ECANCELED;
5559 }
5560
5561 wpa_s->rrm.neighbor_rep_cb_ctx = cb_ctx;
5562 wpa_s->rrm.notify_neighbor_rep = cb;
5563 eloop_register_timeout(RRM_NEIGHBOR_REPORT_TIMEOUT, 0,
5564 wpas_rrm_neighbor_rep_timeout_handler,
5565 &wpa_s->rrm, NULL);
5566
5567 wpabuf_free(buf);
5568 return 0;
5569 }
5570
5571
wpas_rrm_handle_link_measurement_request(struct wpa_supplicant * wpa_s,const u8 * src,const u8 * frame,size_t len,int rssi)5572 void wpas_rrm_handle_link_measurement_request(struct wpa_supplicant *wpa_s,
5573 const u8 *src,
5574 const u8 *frame, size_t len,
5575 int rssi)
5576 {
5577 struct wpabuf *buf;
5578 const struct rrm_link_measurement_request *req;
5579 struct rrm_link_measurement_report report;
5580
5581 if (wpa_s->wpa_state != WPA_COMPLETED) {
5582 wpa_printf(MSG_INFO,
5583 "RRM: Ignoring link measurement request. Not associated");
5584 return;
5585 }
5586
5587 if (!wpa_s->rrm.rrm_used) {
5588 wpa_printf(MSG_INFO,
5589 "RRM: Ignoring link measurement request. Not RRM network");
5590 return;
5591 }
5592
5593 if (!(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION)) {
5594 wpa_printf(MSG_INFO,
5595 "RRM: Measurement report failed. TX power insertion not supported");
5596 return;
5597 }
5598
5599 req = (const struct rrm_link_measurement_request *) frame;
5600 if (len < sizeof(*req)) {
5601 wpa_printf(MSG_INFO,
5602 "RRM: Link measurement report failed. Request too short");
5603 return;
5604 }
5605
5606 os_memset(&report, 0, sizeof(report));
5607 report.tpc.eid = WLAN_EID_TPC_REPORT;
5608 report.tpc.len = 2;
5609 report.rsni = 255; /* 255 indicates that RSNI is not available */
5610 report.dialog_token = req->dialog_token;
5611
5612 /*
5613 * It's possible to estimate RCPI based on RSSI in dBm. This
5614 * calculation will not reflect the correct value for high rates,
5615 * but it's good enough for Action frames which are transmitted
5616 * with up to 24 Mbps rates.
5617 */
5618 if (!rssi)
5619 report.rcpi = 255; /* not available */
5620 else if (rssi < -110)
5621 report.rcpi = 0;
5622 else if (rssi > 0)
5623 report.rcpi = 220;
5624 else
5625 report.rcpi = (rssi + 110) * 2;
5626
5627 /* action_category + action_code */
5628 buf = wpabuf_alloc(2 + sizeof(report));
5629 if (buf == NULL) {
5630 wpa_printf(MSG_ERROR,
5631 "RRM: Link measurement report failed. Buffer allocation failed");
5632 return;
5633 }
5634
5635 wpabuf_put_u8(buf, WLAN_ACTION_RADIO_MEASUREMENT);
5636 wpabuf_put_u8(buf, WLAN_RRM_LINK_MEASUREMENT_REPORT);
5637 wpabuf_put_data(buf, &report, sizeof(report));
5638 wpa_hexdump(MSG_DEBUG, "RRM: Link measurement report:",
5639 wpabuf_head(buf), wpabuf_len(buf));
5640
5641 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, src,
5642 wpa_s->own_addr, wpa_s->bssid,
5643 wpabuf_head(buf), wpabuf_len(buf), 0)) {
5644 wpa_printf(MSG_ERROR,
5645 "RRM: Link measurement report failed. Send action failed");
5646 }
5647 wpabuf_free(buf);
5648 }
5649