You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564156515661567156815691570157115721573157415751576157715781579158015811582158315841585158615871588158915901591159215931594159515961597159815991600160116021603160416051606160716081609161016111612161316141615161616171618161916201621162216231624162516261627162816291630163116321633163416351636163716381639164016411642164316441645164616471648164916501651165216531654165516561657165816591660166116621663166416651666166716681669167016711672167316741675167616771678167916801681168216831684168516861687168816891690169116921693169416951696169716981699170017011702170317041705170617071708170917101711171217131714171517161717171817191720172117221723172417251726172717281729173017311732173317341735173617371738173917401741174217431744174517461747174817491750175117521753175417551756175717581759176017611762176317641765176617671768176917701771177217731774177517761777177817791780178117821783178417851786178717881789179017911792179317941795179617971798179918001801180218031804180518061807180818091810181118121813181418151816181718181819182018211822182318241825182618271828182918301831183218331834183518361837183818391840184118421843184418451846184718481849185018511852185318541855185618571858185918601861186218631864186518661867186818691870187118721873187418751876187718781879188018811882188318841885188618871888188918901891189218931894189518961897189818991900190119021903190419051906190719081909191019111912191319141915191619171918191919201921192219231924192519261927192819291930193119321933193419351936193719381939194019411942194319441945194619471948194919501951195219531954195519561957195819591960196119621963196419651966196719681969197019711972197319741975197619771978197919801981198219831984198519861987198819891990199119921993199419951996199719981999200020012002200320042005200620072008200920102011201220132014201520162017201820192020202120222023202420252026202720282029203020312032203320342035203620372038203920402041204220432044204520462047204820492050205120522053205420552056205720582059206020612062206320642065206620672068206920702071207220732074207520762077207820792080208120822083208420852086208720882089209020912092209320942095209620972098209921002101210221032104210521062107210821092110211121122113211421152116211721182119212021212122212321242125212621272128212921302131213221332134213521362137213821392140214121422143214421452146214721482149215021512152215321542155215621572158215921602161216221632164216521662167216821692170217121722173217421752176217721782179218021812182218321842185218621872188218921902191219221932194219521962197219821992200220122022203220422052206220722082209221022112212221322142215221622172218221922202221222222232224222522262227222822292230223122322233223422352236223722382239224022412242224322442245224622472248224922502251225222532254225522562257225822592260226122622263226422652266226722682269227022712272227322742275227622772278227922802281228222832284228522862287228822892290229122922293229422952296229722982299230023012302230323042305230623072308230923102311231223132314231523162317231823192320232123222323232423252326232723282329233023312332233323342335233623372338233923402341234223432344234523462347234823492350235123522353235423552356235723582359236023612362236323642365236623672368236923702371237223732374237523762377237823792380238123822383238423852386238723882389239023912392239323942395239623972398239924002401240224032404240524062407240824092410241124122413241424152416241724182419242024212422242324242425242624272428242924302431243224332434243524362437243824392440244124422443244424452446244724482449245024512452245324542455245624572458245924602461246224632464246524662467246824692470247124722473247424752476247724782479248024812482248324842485248624872488248924902491249224932494249524962497249824992500250125022503250425052506250725082509251025112512251325142515251625172518251925202521252225232524252525262527252825292530253125322533253425352536253725382539254025412542254325442545254625472548254925502551255225532554255525562557255825592560256125622563256425652566256725682569257025712572257325742575257625772578257925802581258225832584258525862587258825892590259125922593259425952596259725982599260026012602260326042605260626072608260926102611261226132614261526162617261826192620262126222623262426252626262726282629263026312632263326342635263626372638263926402641264226432644264526462647264826492650265126522653265426552656265726582659266026612662266326642665266626672668266926702671267226732674267526762677267826792680268126822683268426852686268726882689269026912692269326942695269626972698269927002701270227032704270527062707270827092710271127122713271427152716271727182719272027212722272327242725272627272728272927302731273227332734273527362737273827392740274127422743274427452746274727482749275027512752275327542755275627572758275927602761276227632764276527662767276827692770277127722773277427752776277727782779278027812782278327842785278627872788278927902791279227932794279527962797279827992800280128022803280428052806280728082809281028112812281328142815281628172818281928202821282228232824282528262827
  1. /*
  2. * WPA Supplicant
  3. * Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi>
  4. *
  5. * This program is free software; you can redistribute it and/or modify
  6. * it under the terms of the GNU General Public License version 2 as
  7. * published by the Free Software Foundation.
  8. *
  9. * Alternatively, this software may be distributed under the terms of BSD
  10. * license.
  11. *
  12. * See README and COPYING for more details.
  13. *
  14. * This file implements functions for registering and unregistering
  15. * %wpa_supplicant interfaces. In addition, this file contains number of
  16. * functions for managing network connections.
  17. */
  18. #include "includes.h"
  19. #include "common.h"
  20. #include "crypto/random.h"
  21. #include "eapol_supp/eapol_supp_sm.h"
  22. #include "eap_peer/eap.h"
  23. #include "eap_server/eap_methods.h"
  24. #include "rsn_supp/wpa.h"
  25. #include "eloop.h"
  26. #include "config.h"
  27. #include "l2_packet/l2_packet.h"
  28. #include "wpa_supplicant_i.h"
  29. #include "driver_i.h"
  30. #include "ctrl_iface.h"
  31. #include "pcsc_funcs.h"
  32. #include "common/version.h"
  33. #include "rsn_supp/preauth.h"
  34. #include "rsn_supp/pmksa_cache.h"
  35. #include "common/wpa_ctrl.h"
  36. #include "mlme.h"
  37. #include "common/ieee802_11_defs.h"
  38. #include "p2p/p2p.h"
  39. #include "blacklist.h"
  40. #include "wpas_glue.h"
  41. #include "wps_supplicant.h"
  42. #include "ibss_rsn.h"
  43. #include "sme.h"
  44. #include "ap.h"
  45. #include "p2p_supplicant.h"
  46. #include "notify.h"
  47. #include "bgscan.h"
  48. #include "bss.h"
  49. #include "scan.h"
  50. const char *wpa_supplicant_version =
  51. "wpa_supplicant v" VERSION_STR "\n"
  52. "Copyright (c) 2003-2011, Jouni Malinen <j@w1.fi> and contributors";
  53. const char *wpa_supplicant_license =
  54. "This program is free software. You can distribute it and/or modify it\n"
  55. "under the terms of the GNU General Public License version 2.\n"
  56. "\n"
  57. "Alternatively, this software may be distributed under the terms of the\n"
  58. "BSD license. See README and COPYING for more details.\n"
  59. #ifdef EAP_TLS_OPENSSL
  60. "\nThis product includes software developed by the OpenSSL Project\n"
  61. "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
  62. #endif /* EAP_TLS_OPENSSL */
  63. ;
  64. #ifndef CONFIG_NO_STDOUT_DEBUG
  65. /* Long text divided into parts in order to fit in C89 strings size limits. */
  66. const char *wpa_supplicant_full_license1 =
  67. "This program is free software; you can redistribute it and/or modify\n"
  68. "it under the terms of the GNU General Public License version 2 as\n"
  69. "published by the Free Software Foundation.\n"
  70. "\n"
  71. "This program is distributed in the hope that it will be useful,\n"
  72. "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
  73. "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
  74. "GNU General Public License for more details.\n"
  75. "\n";
  76. const char *wpa_supplicant_full_license2 =
  77. "You should have received a copy of the GNU General Public License\n"
  78. "along with this program; if not, write to the Free Software\n"
  79. "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
  80. "\n"
  81. "Alternatively, this software may be distributed under the terms of the\n"
  82. "BSD license.\n"
  83. "\n"
  84. "Redistribution and use in source and binary forms, with or without\n"
  85. "modification, are permitted provided that the following conditions are\n"
  86. "met:\n"
  87. "\n";
  88. const char *wpa_supplicant_full_license3 =
  89. "1. Redistributions of source code must retain the above copyright\n"
  90. " notice, this list of conditions and the following disclaimer.\n"
  91. "\n"
  92. "2. Redistributions in binary form must reproduce the above copyright\n"
  93. " notice, this list of conditions and the following disclaimer in the\n"
  94. " documentation and/or other materials provided with the distribution.\n"
  95. "\n";
  96. const char *wpa_supplicant_full_license4 =
  97. "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
  98. " names of its contributors may be used to endorse or promote products\n"
  99. " derived from this software without specific prior written permission.\n"
  100. "\n"
  101. "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
  102. "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
  103. "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
  104. "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
  105. const char *wpa_supplicant_full_license5 =
  106. "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
  107. "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
  108. "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
  109. "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
  110. "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
  111. "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
  112. "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
  113. "\n";
  114. #endif /* CONFIG_NO_STDOUT_DEBUG */
  115. extern int wpa_debug_level;
  116. extern int wpa_debug_show_keys;
  117. extern int wpa_debug_timestamp;
  118. extern struct wpa_driver_ops *wpa_drivers[];
  119. /* Configure default/group WEP keys for static WEP */
  120. int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
  121. {
  122. int i, set = 0;
  123. for (i = 0; i < NUM_WEP_KEYS; i++) {
  124. if (ssid->wep_key_len[i] == 0)
  125. continue;
  126. set = 1;
  127. wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
  128. i, i == ssid->wep_tx_keyidx, NULL, 0,
  129. ssid->wep_key[i], ssid->wep_key_len[i]);
  130. }
  131. return set;
  132. }
  133. static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
  134. struct wpa_ssid *ssid)
  135. {
  136. u8 key[32];
  137. size_t keylen;
  138. enum wpa_alg alg;
  139. u8 seq[6] = { 0 };
  140. /* IBSS/WPA-None uses only one key (Group) for both receiving and
  141. * sending unicast and multicast packets. */
  142. if (ssid->mode != WPAS_MODE_IBSS) {
  143. wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
  144. "IBSS/ad-hoc) for WPA-None", ssid->mode);
  145. return -1;
  146. }
  147. if (!ssid->psk_set) {
  148. wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
  149. "WPA-None");
  150. return -1;
  151. }
  152. switch (wpa_s->group_cipher) {
  153. case WPA_CIPHER_CCMP:
  154. os_memcpy(key, ssid->psk, 16);
  155. keylen = 16;
  156. alg = WPA_ALG_CCMP;
  157. break;
  158. case WPA_CIPHER_TKIP:
  159. /* WPA-None uses the same Michael MIC key for both TX and RX */
  160. os_memcpy(key, ssid->psk, 16 + 8);
  161. os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
  162. keylen = 32;
  163. alg = WPA_ALG_TKIP;
  164. break;
  165. default:
  166. wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
  167. "WPA-None", wpa_s->group_cipher);
  168. return -1;
  169. }
  170. /* TODO: should actually remember the previously used seq#, both for TX
  171. * and RX from each STA.. */
  172. return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
  173. }
  174. static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
  175. {
  176. struct wpa_supplicant *wpa_s = eloop_ctx;
  177. const u8 *bssid = wpa_s->bssid;
  178. if (is_zero_ether_addr(bssid))
  179. bssid = wpa_s->pending_bssid;
  180. wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
  181. MAC2STR(bssid));
  182. wpa_blacklist_add(wpa_s, bssid);
  183. wpa_sm_notify_disassoc(wpa_s->wpa);
  184. wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
  185. wpa_s->reassociate = 1;
  186. /*
  187. * If we timed out, the AP or the local radio may be busy.
  188. * So, wait a second until scanning again.
  189. */
  190. wpa_supplicant_req_scan(wpa_s, 1, 0);
  191. }
  192. /**
  193. * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
  194. * @wpa_s: Pointer to wpa_supplicant data
  195. * @sec: Number of seconds after which to time out authentication
  196. * @usec: Number of microseconds after which to time out authentication
  197. *
  198. * This function is used to schedule a timeout for the current authentication
  199. * attempt.
  200. */
  201. void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
  202. int sec, int usec)
  203. {
  204. if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
  205. (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
  206. return;
  207. wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
  208. "%d usec", sec, usec);
  209. eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
  210. eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
  211. }
  212. /**
  213. * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
  214. * @wpa_s: Pointer to wpa_supplicant data
  215. *
  216. * This function is used to cancel authentication timeout scheduled with
  217. * wpa_supplicant_req_auth_timeout() and it is called when authentication has
  218. * been completed.
  219. */
  220. void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
  221. {
  222. wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
  223. eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
  224. wpa_blacklist_del(wpa_s, wpa_s->bssid);
  225. }
  226. /**
  227. * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
  228. * @wpa_s: Pointer to wpa_supplicant data
  229. *
  230. * This function is used to configure EAPOL state machine based on the selected
  231. * authentication mode.
  232. */
  233. void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
  234. {
  235. #ifdef IEEE8021X_EAPOL
  236. struct eapol_config eapol_conf;
  237. struct wpa_ssid *ssid = wpa_s->current_ssid;
  238. #ifdef CONFIG_IBSS_RSN
  239. if (ssid->mode == WPAS_MODE_IBSS &&
  240. wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
  241. wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
  242. /*
  243. * RSN IBSS authentication is per-STA and we can disable the
  244. * per-BSSID EAPOL authentication.
  245. */
  246. eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
  247. eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
  248. eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
  249. return;
  250. }
  251. #endif /* CONFIG_IBSS_RSN */
  252. eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
  253. eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
  254. if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
  255. wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
  256. eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
  257. else
  258. eapol_sm_notify_portControl(wpa_s->eapol, Auto);
  259. os_memset(&eapol_conf, 0, sizeof(eapol_conf));
  260. if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
  261. eapol_conf.accept_802_1x_keys = 1;
  262. eapol_conf.required_keys = 0;
  263. if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
  264. eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
  265. }
  266. if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
  267. eapol_conf.required_keys |=
  268. EAPOL_REQUIRE_KEY_BROADCAST;
  269. }
  270. if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
  271. eapol_conf.required_keys = 0;
  272. }
  273. if (wpa_s->conf)
  274. eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
  275. eapol_conf.workaround = ssid->eap_workaround;
  276. eapol_conf.eap_disabled =
  277. !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
  278. wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
  279. wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
  280. eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
  281. #endif /* IEEE8021X_EAPOL */
  282. }
  283. /**
  284. * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
  285. * @wpa_s: Pointer to wpa_supplicant data
  286. * @ssid: Configuration data for the network
  287. *
  288. * This function is used to configure WPA state machine and related parameters
  289. * to a mode where WPA is not enabled. This is called as part of the
  290. * authentication configuration when the selected network does not use WPA.
  291. */
  292. void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
  293. struct wpa_ssid *ssid)
  294. {
  295. int i;
  296. if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
  297. wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
  298. else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
  299. wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
  300. else
  301. wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
  302. wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
  303. wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
  304. wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
  305. wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
  306. wpa_s->group_cipher = WPA_CIPHER_NONE;
  307. wpa_s->mgmt_group_cipher = 0;
  308. for (i = 0; i < NUM_WEP_KEYS; i++) {
  309. if (ssid->wep_key_len[i] > 5) {
  310. wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
  311. wpa_s->group_cipher = WPA_CIPHER_WEP104;
  312. break;
  313. } else if (ssid->wep_key_len[i] > 0) {
  314. wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
  315. wpa_s->group_cipher = WPA_CIPHER_WEP40;
  316. break;
  317. }
  318. }
  319. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
  320. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
  321. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
  322. wpa_s->pairwise_cipher);
  323. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
  324. #ifdef CONFIG_IEEE80211W
  325. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
  326. wpa_s->mgmt_group_cipher);
  327. #endif /* CONFIG_IEEE80211W */
  328. pmksa_cache_clear_current(wpa_s->wpa);
  329. }
  330. static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
  331. {
  332. bgscan_deinit(wpa_s);
  333. scard_deinit(wpa_s->scard);
  334. wpa_s->scard = NULL;
  335. wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
  336. eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
  337. l2_packet_deinit(wpa_s->l2);
  338. wpa_s->l2 = NULL;
  339. if (wpa_s->l2_br) {
  340. l2_packet_deinit(wpa_s->l2_br);
  341. wpa_s->l2_br = NULL;
  342. }
  343. if (wpa_s->ctrl_iface) {
  344. wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
  345. wpa_s->ctrl_iface = NULL;
  346. }
  347. if (wpa_s->conf != NULL) {
  348. struct wpa_ssid *ssid;
  349. for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
  350. wpas_notify_network_removed(wpa_s, ssid);
  351. wpa_config_free(wpa_s->conf);
  352. wpa_s->conf = NULL;
  353. }
  354. os_free(wpa_s->confname);
  355. wpa_s->confname = NULL;
  356. wpa_sm_set_eapol(wpa_s->wpa, NULL);
  357. eapol_sm_deinit(wpa_s->eapol);
  358. wpa_s->eapol = NULL;
  359. rsn_preauth_deinit(wpa_s->wpa);
  360. #ifdef CONFIG_TDLS
  361. wpa_tdls_deinit(wpa_s->wpa);
  362. #endif /* CONFIG_TDLS */
  363. pmksa_candidate_free(wpa_s->wpa);
  364. wpa_sm_deinit(wpa_s->wpa);
  365. wpa_s->wpa = NULL;
  366. wpa_blacklist_clear(wpa_s);
  367. wpa_bss_deinit(wpa_s);
  368. wpa_supplicant_cancel_scan(wpa_s);
  369. wpa_supplicant_cancel_auth_timeout(wpa_s);
  370. ieee80211_sta_deinit(wpa_s);
  371. wpas_wps_deinit(wpa_s);
  372. wpabuf_free(wpa_s->pending_eapol_rx);
  373. wpa_s->pending_eapol_rx = NULL;
  374. #ifdef CONFIG_IBSS_RSN
  375. ibss_rsn_deinit(wpa_s->ibss_rsn);
  376. wpa_s->ibss_rsn = NULL;
  377. #endif /* CONFIG_IBSS_RSN */
  378. sme_deinit(wpa_s);
  379. #ifdef CONFIG_AP
  380. wpa_supplicant_ap_deinit(wpa_s);
  381. #endif /* CONFIG_AP */
  382. #ifdef CONFIG_P2P
  383. wpas_p2p_deinit(wpa_s);
  384. #endif /* CONFIG_P2P */
  385. os_free(wpa_s->next_scan_freqs);
  386. wpa_s->next_scan_freqs = NULL;
  387. }
  388. /**
  389. * wpa_clear_keys - Clear keys configured for the driver
  390. * @wpa_s: Pointer to wpa_supplicant data
  391. * @addr: Previously used BSSID or %NULL if not available
  392. *
  393. * This function clears the encryption keys that has been previously configured
  394. * for the driver.
  395. */
  396. void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
  397. {
  398. if (wpa_s->keys_cleared) {
  399. /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
  400. * timing issues with keys being cleared just before new keys
  401. * are set or just after association or something similar. This
  402. * shows up in group key handshake failing often because of the
  403. * client not receiving the first encrypted packets correctly.
  404. * Skipping some of the extra key clearing steps seems to help
  405. * in completing group key handshake more reliably. */
  406. wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
  407. "skip key clearing");
  408. return;
  409. }
  410. /* MLME-DELETEKEYS.request */
  411. wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
  412. wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
  413. wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
  414. wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
  415. #ifdef CONFIG_IEEE80211W
  416. wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
  417. wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
  418. #endif /* CONFIG_IEEE80211W */
  419. if (addr) {
  420. wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
  421. 0);
  422. /* MLME-SETPROTECTION.request(None) */
  423. wpa_drv_mlme_setprotection(
  424. wpa_s, addr,
  425. MLME_SETPROTECTION_PROTECT_TYPE_NONE,
  426. MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
  427. }
  428. wpa_s->keys_cleared = 1;
  429. }
  430. /**
  431. * wpa_supplicant_state_txt - Get the connection state name as a text string
  432. * @state: State (wpa_state; WPA_*)
  433. * Returns: The state name as a printable text string
  434. */
  435. const char * wpa_supplicant_state_txt(enum wpa_states state)
  436. {
  437. switch (state) {
  438. case WPA_DISCONNECTED:
  439. return "DISCONNECTED";
  440. case WPA_INACTIVE:
  441. return "INACTIVE";
  442. case WPA_INTERFACE_DISABLED:
  443. return "INTERFACE_DISABLED";
  444. case WPA_SCANNING:
  445. return "SCANNING";
  446. case WPA_AUTHENTICATING:
  447. return "AUTHENTICATING";
  448. case WPA_ASSOCIATING:
  449. return "ASSOCIATING";
  450. case WPA_ASSOCIATED:
  451. return "ASSOCIATED";
  452. case WPA_4WAY_HANDSHAKE:
  453. return "4WAY_HANDSHAKE";
  454. case WPA_GROUP_HANDSHAKE:
  455. return "GROUP_HANDSHAKE";
  456. case WPA_COMPLETED:
  457. return "COMPLETED";
  458. default:
  459. return "UNKNOWN";
  460. }
  461. }
  462. #ifdef CONFIG_BGSCAN
  463. static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
  464. {
  465. if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
  466. return;
  467. bgscan_deinit(wpa_s);
  468. if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
  469. if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
  470. wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
  471. "bgscan");
  472. /*
  473. * Live without bgscan; it is only used as a roaming
  474. * optimization, so the initial connection is not
  475. * affected.
  476. */
  477. } else
  478. wpa_s->bgscan_ssid = wpa_s->current_ssid;
  479. } else
  480. wpa_s->bgscan_ssid = NULL;
  481. }
  482. static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
  483. {
  484. if (wpa_s->bgscan_ssid != NULL) {
  485. bgscan_deinit(wpa_s);
  486. wpa_s->bgscan_ssid = NULL;
  487. }
  488. }
  489. #endif /* CONFIG_BGSCAN */
  490. /**
  491. * wpa_supplicant_set_state - Set current connection state
  492. * @wpa_s: Pointer to wpa_supplicant data
  493. * @state: The new connection state
  494. *
  495. * This function is called whenever the connection state changes, e.g.,
  496. * association is completed for WPA/WPA2 4-Way Handshake is started.
  497. */
  498. void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
  499. enum wpa_states state)
  500. {
  501. enum wpa_states old_state = wpa_s->wpa_state;
  502. wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
  503. wpa_supplicant_state_txt(wpa_s->wpa_state),
  504. wpa_supplicant_state_txt(state));
  505. if (state != WPA_SCANNING)
  506. wpa_supplicant_notify_scanning(wpa_s, 0);
  507. if (state == WPA_COMPLETED && wpa_s->new_connection) {
  508. #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
  509. struct wpa_ssid *ssid = wpa_s->current_ssid;
  510. wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
  511. MACSTR " completed %s [id=%d id_str=%s]",
  512. MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
  513. "(reauth)" : "(auth)",
  514. ssid ? ssid->id : -1,
  515. ssid && ssid->id_str ? ssid->id_str : "");
  516. #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
  517. wpa_s->new_connection = 0;
  518. wpa_s->reassociated_connection = 1;
  519. wpa_drv_set_operstate(wpa_s, 1);
  520. #ifndef IEEE8021X_EAPOL
  521. wpa_drv_set_supp_port(wpa_s, 1);
  522. #endif /* IEEE8021X_EAPOL */
  523. wpa_s->after_wps = 0;
  524. #ifdef CONFIG_P2P
  525. wpas_p2p_completed(wpa_s);
  526. #endif /* CONFIG_P2P */
  527. } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
  528. state == WPA_ASSOCIATED) {
  529. wpa_s->new_connection = 1;
  530. wpa_drv_set_operstate(wpa_s, 0);
  531. #ifndef IEEE8021X_EAPOL
  532. wpa_drv_set_supp_port(wpa_s, 0);
  533. #endif /* IEEE8021X_EAPOL */
  534. }
  535. wpa_s->wpa_state = state;
  536. #ifdef CONFIG_BGSCAN
  537. if (state == WPA_COMPLETED)
  538. wpa_supplicant_start_bgscan(wpa_s);
  539. else
  540. wpa_supplicant_stop_bgscan(wpa_s);
  541. #endif /* CONFIG_BGSCAN */
  542. if (wpa_s->wpa_state != old_state) {
  543. wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
  544. if (wpa_s->wpa_state == WPA_COMPLETED ||
  545. old_state == WPA_COMPLETED)
  546. wpas_notify_auth_changed(wpa_s);
  547. }
  548. }
  549. void wpa_supplicant_terminate_proc(struct wpa_global *global)
  550. {
  551. int pending = 0;
  552. #ifdef CONFIG_WPS
  553. struct wpa_supplicant *wpa_s = global->ifaces;
  554. while (wpa_s) {
  555. if (wpas_wps_terminate_pending(wpa_s) == 1)
  556. pending = 1;
  557. wpa_s = wpa_s->next;
  558. }
  559. #endif /* CONFIG_WPS */
  560. if (pending)
  561. return;
  562. eloop_terminate();
  563. }
  564. static void wpa_supplicant_terminate(int sig, void *signal_ctx)
  565. {
  566. struct wpa_global *global = signal_ctx;
  567. struct wpa_supplicant *wpa_s;
  568. for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
  569. wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
  570. "received", sig);
  571. }
  572. wpa_supplicant_terminate_proc(global);
  573. }
  574. void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
  575. {
  576. enum wpa_states old_state = wpa_s->wpa_state;
  577. wpa_s->pairwise_cipher = 0;
  578. wpa_s->group_cipher = 0;
  579. wpa_s->mgmt_group_cipher = 0;
  580. wpa_s->key_mgmt = 0;
  581. if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
  582. wpa_s->wpa_state = WPA_DISCONNECTED;
  583. if (wpa_s->wpa_state != old_state)
  584. wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
  585. }
  586. /**
  587. * wpa_supplicant_reload_configuration - Reload configuration data
  588. * @wpa_s: Pointer to wpa_supplicant data
  589. * Returns: 0 on success or -1 if configuration parsing failed
  590. *
  591. * This function can be used to request that the configuration data is reloaded
  592. * (e.g., after configuration file change). This function is reloading
  593. * configuration only for one interface, so this may need to be called multiple
  594. * times if %wpa_supplicant is controlling multiple interfaces and all
  595. * interfaces need reconfiguration.
  596. */
  597. int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
  598. {
  599. struct wpa_config *conf;
  600. struct wpa_ssid *old_ssid;
  601. int reconf_ctrl;
  602. int old_ap_scan;
  603. if (wpa_s->confname == NULL)
  604. return -1;
  605. conf = wpa_config_read(wpa_s->confname);
  606. if (conf == NULL) {
  607. wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
  608. "file '%s' - exiting", wpa_s->confname);
  609. return -1;
  610. }
  611. conf->changed_parameters = (unsigned int) -1;
  612. reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
  613. || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
  614. os_strcmp(conf->ctrl_interface,
  615. wpa_s->conf->ctrl_interface) != 0);
  616. if (reconf_ctrl && wpa_s->ctrl_iface) {
  617. wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
  618. wpa_s->ctrl_iface = NULL;
  619. }
  620. eapol_sm_invalidate_cached_session(wpa_s->eapol);
  621. old_ssid = wpa_s->current_ssid;
  622. wpa_s->current_ssid = NULL;
  623. if (old_ssid != wpa_s->current_ssid)
  624. wpas_notify_network_changed(wpa_s);
  625. /*
  626. * TODO: should notify EAPOL SM about changes in opensc_engine_path,
  627. * pkcs11_engine_path, pkcs11_module_path.
  628. */
  629. if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
  630. /*
  631. * Clear forced success to clear EAP state for next
  632. * authentication.
  633. */
  634. eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
  635. }
  636. eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
  637. wpa_sm_set_config(wpa_s->wpa, NULL);
  638. wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
  639. rsn_preauth_deinit(wpa_s->wpa);
  640. old_ap_scan = wpa_s->conf->ap_scan;
  641. wpa_config_free(wpa_s->conf);
  642. wpa_s->conf = conf;
  643. if (old_ap_scan != wpa_s->conf->ap_scan)
  644. wpas_notify_ap_scan_changed(wpa_s);
  645. if (reconf_ctrl)
  646. wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
  647. wpa_supplicant_update_config(wpa_s);
  648. wpa_supplicant_clear_status(wpa_s);
  649. if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
  650. wpa_s->reassociate = 1;
  651. wpa_supplicant_req_scan(wpa_s, 0, 0);
  652. }
  653. wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
  654. return 0;
  655. }
  656. static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
  657. {
  658. struct wpa_global *global = signal_ctx;
  659. struct wpa_supplicant *wpa_s;
  660. for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
  661. wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
  662. sig);
  663. if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
  664. wpa_supplicant_terminate_proc(global);
  665. }
  666. }
  667. }
  668. enum wpa_cipher cipher_suite2driver(int cipher)
  669. {
  670. switch (cipher) {
  671. case WPA_CIPHER_NONE:
  672. return CIPHER_NONE;
  673. case WPA_CIPHER_WEP40:
  674. return CIPHER_WEP40;
  675. case WPA_CIPHER_WEP104:
  676. return CIPHER_WEP104;
  677. case WPA_CIPHER_CCMP:
  678. return CIPHER_CCMP;
  679. case WPA_CIPHER_TKIP:
  680. default:
  681. return CIPHER_TKIP;
  682. }
  683. }
  684. enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
  685. {
  686. switch (key_mgmt) {
  687. case WPA_KEY_MGMT_NONE:
  688. return KEY_MGMT_NONE;
  689. case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
  690. return KEY_MGMT_802_1X_NO_WPA;
  691. case WPA_KEY_MGMT_IEEE8021X:
  692. return KEY_MGMT_802_1X;
  693. case WPA_KEY_MGMT_WPA_NONE:
  694. return KEY_MGMT_WPA_NONE;
  695. case WPA_KEY_MGMT_FT_IEEE8021X:
  696. return KEY_MGMT_FT_802_1X;
  697. case WPA_KEY_MGMT_FT_PSK:
  698. return KEY_MGMT_FT_PSK;
  699. case WPA_KEY_MGMT_IEEE8021X_SHA256:
  700. return KEY_MGMT_802_1X_SHA256;
  701. case WPA_KEY_MGMT_PSK_SHA256:
  702. return KEY_MGMT_PSK_SHA256;
  703. case WPA_KEY_MGMT_WPS:
  704. return KEY_MGMT_WPS;
  705. case WPA_KEY_MGMT_PSK:
  706. default:
  707. return KEY_MGMT_PSK;
  708. }
  709. }
  710. static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
  711. struct wpa_ssid *ssid,
  712. struct wpa_ie_data *ie)
  713. {
  714. int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
  715. if (ret) {
  716. if (ret == -2) {
  717. wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
  718. "from association info");
  719. }
  720. return -1;
  721. }
  722. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
  723. "cipher suites");
  724. if (!(ie->group_cipher & ssid->group_cipher)) {
  725. wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
  726. "cipher 0x%x (mask 0x%x) - reject",
  727. ie->group_cipher, ssid->group_cipher);
  728. return -1;
  729. }
  730. if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
  731. wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
  732. "cipher 0x%x (mask 0x%x) - reject",
  733. ie->pairwise_cipher, ssid->pairwise_cipher);
  734. return -1;
  735. }
  736. if (!(ie->key_mgmt & ssid->key_mgmt)) {
  737. wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
  738. "management 0x%x (mask 0x%x) - reject",
  739. ie->key_mgmt, ssid->key_mgmt);
  740. return -1;
  741. }
  742. #ifdef CONFIG_IEEE80211W
  743. if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
  744. ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
  745. wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
  746. "that does not support management frame protection - "
  747. "reject");
  748. return -1;
  749. }
  750. #endif /* CONFIG_IEEE80211W */
  751. return 0;
  752. }
  753. /**
  754. * wpa_supplicant_set_suites - Set authentication and encryption parameters
  755. * @wpa_s: Pointer to wpa_supplicant data
  756. * @bss: Scan results for the selected BSS, or %NULL if not available
  757. * @ssid: Configuration data for the selected network
  758. * @wpa_ie: Buffer for the WPA/RSN IE
  759. * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
  760. * used buffer length in case the functions returns success.
  761. * Returns: 0 on success or -1 on failure
  762. *
  763. * This function is used to configure authentication and encryption parameters
  764. * based on the network configuration and scan result for the selected BSS (if
  765. * available).
  766. */
  767. int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
  768. struct wpa_bss *bss, struct wpa_ssid *ssid,
  769. u8 *wpa_ie, size_t *wpa_ie_len)
  770. {
  771. struct wpa_ie_data ie;
  772. int sel, proto;
  773. const u8 *bss_wpa, *bss_rsn;
  774. if (bss) {
  775. bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
  776. bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
  777. } else
  778. bss_wpa = bss_rsn = NULL;
  779. if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
  780. wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
  781. (ie.group_cipher & ssid->group_cipher) &&
  782. (ie.pairwise_cipher & ssid->pairwise_cipher) &&
  783. (ie.key_mgmt & ssid->key_mgmt)) {
  784. wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
  785. proto = WPA_PROTO_RSN;
  786. } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
  787. wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
  788. (ie.group_cipher & ssid->group_cipher) &&
  789. (ie.pairwise_cipher & ssid->pairwise_cipher) &&
  790. (ie.key_mgmt & ssid->key_mgmt)) {
  791. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
  792. proto = WPA_PROTO_WPA;
  793. } else if (bss) {
  794. wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
  795. return -1;
  796. } else {
  797. if (ssid->proto & WPA_PROTO_RSN)
  798. proto = WPA_PROTO_RSN;
  799. else
  800. proto = WPA_PROTO_WPA;
  801. if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
  802. os_memset(&ie, 0, sizeof(ie));
  803. ie.group_cipher = ssid->group_cipher;
  804. ie.pairwise_cipher = ssid->pairwise_cipher;
  805. ie.key_mgmt = ssid->key_mgmt;
  806. #ifdef CONFIG_IEEE80211W
  807. ie.mgmt_group_cipher =
  808. ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
  809. WPA_CIPHER_AES_128_CMAC : 0;
  810. #endif /* CONFIG_IEEE80211W */
  811. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
  812. "based on configuration");
  813. } else
  814. proto = ie.proto;
  815. }
  816. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
  817. "pairwise %d key_mgmt %d proto %d",
  818. ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
  819. #ifdef CONFIG_IEEE80211W
  820. if (ssid->ieee80211w) {
  821. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
  822. ie.mgmt_group_cipher);
  823. }
  824. #endif /* CONFIG_IEEE80211W */
  825. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
  826. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
  827. !!(ssid->proto & WPA_PROTO_RSN));
  828. if (bss || !wpa_s->ap_ies_from_associnfo) {
  829. if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
  830. bss_wpa ? 2 + bss_wpa[1] : 0) ||
  831. wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
  832. bss_rsn ? 2 + bss_rsn[1] : 0))
  833. return -1;
  834. }
  835. sel = ie.group_cipher & ssid->group_cipher;
  836. if (sel & WPA_CIPHER_CCMP) {
  837. wpa_s->group_cipher = WPA_CIPHER_CCMP;
  838. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
  839. } else if (sel & WPA_CIPHER_TKIP) {
  840. wpa_s->group_cipher = WPA_CIPHER_TKIP;
  841. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
  842. } else if (sel & WPA_CIPHER_WEP104) {
  843. wpa_s->group_cipher = WPA_CIPHER_WEP104;
  844. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
  845. } else if (sel & WPA_CIPHER_WEP40) {
  846. wpa_s->group_cipher = WPA_CIPHER_WEP40;
  847. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
  848. } else {
  849. wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
  850. "cipher");
  851. return -1;
  852. }
  853. sel = ie.pairwise_cipher & ssid->pairwise_cipher;
  854. if (sel & WPA_CIPHER_CCMP) {
  855. wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
  856. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
  857. } else if (sel & WPA_CIPHER_TKIP) {
  858. wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
  859. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
  860. } else if (sel & WPA_CIPHER_NONE) {
  861. wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
  862. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
  863. } else {
  864. wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
  865. "cipher");
  866. return -1;
  867. }
  868. sel = ie.key_mgmt & ssid->key_mgmt;
  869. if (0) {
  870. #ifdef CONFIG_IEEE80211R
  871. } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
  872. wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
  873. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
  874. } else if (sel & WPA_KEY_MGMT_FT_PSK) {
  875. wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
  876. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
  877. #endif /* CONFIG_IEEE80211R */
  878. #ifdef CONFIG_IEEE80211W
  879. } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
  880. wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
  881. wpa_dbg(wpa_s, MSG_DEBUG,
  882. "WPA: using KEY_MGMT 802.1X with SHA256");
  883. } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
  884. wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
  885. wpa_dbg(wpa_s, MSG_DEBUG,
  886. "WPA: using KEY_MGMT PSK with SHA256");
  887. #endif /* CONFIG_IEEE80211W */
  888. } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
  889. wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
  890. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
  891. } else if (sel & WPA_KEY_MGMT_PSK) {
  892. wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
  893. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
  894. } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
  895. wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
  896. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
  897. } else {
  898. wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
  899. "authenticated key management type");
  900. return -1;
  901. }
  902. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
  903. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
  904. wpa_s->pairwise_cipher);
  905. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
  906. #ifdef CONFIG_IEEE80211W
  907. sel = ie.mgmt_group_cipher;
  908. if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
  909. !(ie.capabilities & WPA_CAPABILITY_MFPC))
  910. sel = 0;
  911. if (sel & WPA_CIPHER_AES_128_CMAC) {
  912. wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
  913. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
  914. "AES-128-CMAC");
  915. } else {
  916. wpa_s->mgmt_group_cipher = 0;
  917. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
  918. }
  919. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
  920. wpa_s->mgmt_group_cipher);
  921. wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
  922. #endif /* CONFIG_IEEE80211W */
  923. if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
  924. wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
  925. return -1;
  926. }
  927. if (ssid->key_mgmt &
  928. (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
  929. wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
  930. else
  931. wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
  932. return 0;
  933. }
  934. /**
  935. * wpa_supplicant_associate - Request association
  936. * @wpa_s: Pointer to wpa_supplicant data
  937. * @bss: Scan results for the selected BSS, or %NULL if not available
  938. * @ssid: Configuration data for the selected network
  939. *
  940. * This function is used to request %wpa_supplicant to associate with a BSS.
  941. */
  942. void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
  943. struct wpa_bss *bss, struct wpa_ssid *ssid)
  944. {
  945. u8 wpa_ie[200];
  946. size_t wpa_ie_len;
  947. int use_crypt, ret, i, bssid_changed;
  948. int algs = WPA_AUTH_ALG_OPEN;
  949. enum wpa_cipher cipher_pairwise, cipher_group;
  950. struct wpa_driver_associate_params params;
  951. int wep_keys_set = 0;
  952. struct wpa_driver_capa capa;
  953. int assoc_failed = 0;
  954. struct wpa_ssid *old_ssid;
  955. #ifdef CONFIG_IBSS_RSN
  956. ibss_rsn_deinit(wpa_s->ibss_rsn);
  957. wpa_s->ibss_rsn = NULL;
  958. #endif /* CONFIG_IBSS_RSN */
  959. if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
  960. ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
  961. #ifdef CONFIG_AP
  962. if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
  963. wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
  964. "mode");
  965. return;
  966. }
  967. wpa_supplicant_create_ap(wpa_s, ssid);
  968. wpa_s->current_bss = bss;
  969. #else /* CONFIG_AP */
  970. wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
  971. "the build");
  972. #endif /* CONFIG_AP */
  973. return;
  974. }
  975. #ifdef CONFIG_TDLS
  976. if (bss)
  977. wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
  978. bss->ie_len);
  979. #endif /* CONFIG_TDLS */
  980. if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
  981. ssid->mode == IEEE80211_MODE_INFRA) {
  982. sme_authenticate(wpa_s, bss, ssid);
  983. return;
  984. }
  985. os_memset(&params, 0, sizeof(params));
  986. wpa_s->reassociate = 0;
  987. if (bss) {
  988. #ifdef CONFIG_IEEE80211R
  989. const u8 *ie, *md = NULL;
  990. #endif /* CONFIG_IEEE80211R */
  991. wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
  992. " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
  993. wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
  994. bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
  995. os_memset(wpa_s->bssid, 0, ETH_ALEN);
  996. os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
  997. if (bssid_changed)
  998. wpas_notify_bssid_changed(wpa_s);
  999. #ifdef CONFIG_IEEE80211R
  1000. ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
  1001. if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
  1002. md = ie + 2;
  1003. wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
  1004. if (md) {
  1005. /* Prepare for the next transition */
  1006. wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
  1007. }
  1008. #endif /* CONFIG_IEEE80211R */
  1009. #ifdef CONFIG_WPS
  1010. } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
  1011. wpa_s->conf->ap_scan == 2 &&
  1012. (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
  1013. /* Use ap_scan==1 style network selection to find the network
  1014. */
  1015. wpa_s->scan_req = 2;
  1016. wpa_s->reassociate = 1;
  1017. wpa_supplicant_req_scan(wpa_s, 0, 0);
  1018. return;
  1019. #endif /* CONFIG_WPS */
  1020. } else {
  1021. wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
  1022. wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
  1023. os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
  1024. }
  1025. wpa_supplicant_cancel_scan(wpa_s);
  1026. /* Starting new association, so clear the possibly used WPA IE from the
  1027. * previous association. */
  1028. wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
  1029. #ifdef IEEE8021X_EAPOL
  1030. if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
  1031. if (ssid->leap) {
  1032. if (ssid->non_leap == 0)
  1033. algs = WPA_AUTH_ALG_LEAP;
  1034. else
  1035. algs |= WPA_AUTH_ALG_LEAP;
  1036. }
  1037. }
  1038. #endif /* IEEE8021X_EAPOL */
  1039. wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
  1040. if (ssid->auth_alg) {
  1041. algs = ssid->auth_alg;
  1042. wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
  1043. "0x%x", algs);
  1044. }
  1045. if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
  1046. wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
  1047. (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
  1048. WPA_KEY_MGMT_FT_IEEE8021X |
  1049. WPA_KEY_MGMT_FT_PSK |
  1050. WPA_KEY_MGMT_IEEE8021X_SHA256 |
  1051. WPA_KEY_MGMT_PSK_SHA256))) {
  1052. int try_opportunistic;
  1053. try_opportunistic = ssid->proactive_key_caching &&
  1054. (ssid->proto & WPA_PROTO_RSN);
  1055. if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
  1056. wpa_s->current_ssid,
  1057. try_opportunistic) == 0)
  1058. eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
  1059. wpa_ie_len = sizeof(wpa_ie);
  1060. if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
  1061. wpa_ie, &wpa_ie_len)) {
  1062. wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
  1063. "key management and encryption suites");
  1064. return;
  1065. }
  1066. } else if (ssid->key_mgmt &
  1067. (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
  1068. WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
  1069. WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
  1070. WPA_KEY_MGMT_IEEE8021X_SHA256)) {
  1071. wpa_ie_len = sizeof(wpa_ie);
  1072. if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
  1073. wpa_ie, &wpa_ie_len)) {
  1074. wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
  1075. "key management and encryption suites (no "
  1076. "scan results)");
  1077. return;
  1078. }
  1079. #ifdef CONFIG_WPS
  1080. } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
  1081. struct wpabuf *wps_ie;
  1082. wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
  1083. if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
  1084. wpa_ie_len = wpabuf_len(wps_ie);
  1085. os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
  1086. } else
  1087. wpa_ie_len = 0;
  1088. wpabuf_free(wps_ie);
  1089. wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
  1090. if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
  1091. params.wps = WPS_MODE_PRIVACY;
  1092. else
  1093. params.wps = WPS_MODE_OPEN;
  1094. #endif /* CONFIG_WPS */
  1095. } else {
  1096. wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
  1097. wpa_ie_len = 0;
  1098. }
  1099. #ifdef CONFIG_P2P
  1100. if (wpa_s->global->p2p) {
  1101. u8 *pos;
  1102. size_t len;
  1103. int res;
  1104. int p2p_group;
  1105. p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE;
  1106. pos = wpa_ie + wpa_ie_len;
  1107. len = sizeof(wpa_ie) - wpa_ie_len;
  1108. res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group);
  1109. if (res >= 0)
  1110. wpa_ie_len += res;
  1111. }
  1112. wpa_s->cross_connect_disallowed = 0;
  1113. if (bss) {
  1114. struct wpabuf *p2p;
  1115. p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
  1116. if (p2p) {
  1117. wpa_s->cross_connect_disallowed =
  1118. p2p_get_cross_connect_disallowed(p2p);
  1119. wpabuf_free(p2p);
  1120. wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
  1121. "connection",
  1122. wpa_s->cross_connect_disallowed ?
  1123. "disallows" : "allows");
  1124. }
  1125. }
  1126. #endif /* CONFIG_P2P */
  1127. wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
  1128. use_crypt = 1;
  1129. cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
  1130. cipher_group = cipher_suite2driver(wpa_s->group_cipher);
  1131. if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
  1132. wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
  1133. if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
  1134. use_crypt = 0;
  1135. if (wpa_set_wep_keys(wpa_s, ssid)) {
  1136. use_crypt = 1;
  1137. wep_keys_set = 1;
  1138. }
  1139. }
  1140. if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
  1141. use_crypt = 0;
  1142. #ifdef IEEE8021X_EAPOL
  1143. if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
  1144. if ((ssid->eapol_flags &
  1145. (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
  1146. EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
  1147. !wep_keys_set) {
  1148. use_crypt = 0;
  1149. } else {
  1150. /* Assume that dynamic WEP-104 keys will be used and
  1151. * set cipher suites in order for drivers to expect
  1152. * encryption. */
  1153. cipher_pairwise = cipher_group = CIPHER_WEP104;
  1154. }
  1155. }
  1156. #endif /* IEEE8021X_EAPOL */
  1157. if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
  1158. /* Set the key before (and later after) association */
  1159. wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
  1160. }
  1161. wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
  1162. if (bss) {
  1163. params.bssid = bss->bssid;
  1164. params.ssid = bss->ssid;
  1165. params.ssid_len = bss->ssid_len;
  1166. params.freq = bss->freq;
  1167. } else {
  1168. params.ssid = ssid->ssid;
  1169. params.ssid_len = ssid->ssid_len;
  1170. }
  1171. if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
  1172. params.freq == 0)
  1173. params.freq = ssid->frequency; /* Initial channel for IBSS */
  1174. params.wpa_ie = wpa_ie;
  1175. params.wpa_ie_len = wpa_ie_len;
  1176. params.pairwise_suite = cipher_pairwise;
  1177. params.group_suite = cipher_group;
  1178. params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
  1179. params.auth_alg = algs;
  1180. params.mode = ssid->mode;
  1181. for (i = 0; i < NUM_WEP_KEYS; i++) {
  1182. if (ssid->wep_key_len[i])
  1183. params.wep_key[i] = ssid->wep_key[i];
  1184. params.wep_key_len[i] = ssid->wep_key_len[i];
  1185. }
  1186. params.wep_tx_keyidx = ssid->wep_tx_keyidx;
  1187. if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
  1188. (params.key_mgmt_suite == KEY_MGMT_PSK ||
  1189. params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
  1190. params.passphrase = ssid->passphrase;
  1191. if (ssid->psk_set)
  1192. params.psk = ssid->psk;
  1193. }
  1194. params.drop_unencrypted = use_crypt;
  1195. #ifdef CONFIG_IEEE80211W
  1196. params.mgmt_frame_protection = ssid->ieee80211w;
  1197. if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
  1198. const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
  1199. struct wpa_ie_data ie;
  1200. if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
  1201. ie.capabilities &
  1202. (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
  1203. wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
  1204. "MFP: require MFP");
  1205. params.mgmt_frame_protection =
  1206. MGMT_FRAME_PROTECTION_REQUIRED;
  1207. }
  1208. }
  1209. #endif /* CONFIG_IEEE80211W */
  1210. #ifdef CONFIG_P2P
  1211. if (wpa_s->global->p2p &&
  1212. (wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE))
  1213. params.p2p = 1;
  1214. #endif /* CONFIG_P2P */
  1215. if (wpa_s->parent->set_sta_uapsd)
  1216. params.uapsd = wpa_s->parent->sta_uapsd;
  1217. else
  1218. params.uapsd = -1;
  1219. if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
  1220. ret = ieee80211_sta_associate(wpa_s, &params);
  1221. else
  1222. ret = wpa_drv_associate(wpa_s, &params);
  1223. if (ret < 0) {
  1224. wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
  1225. "failed");
  1226. if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
  1227. /*
  1228. * The driver is known to mean what is saying, so we
  1229. * can stop right here; the association will not
  1230. * succeed.
  1231. */
  1232. wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
  1233. os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
  1234. return;
  1235. }
  1236. /* try to continue anyway; new association will be tried again
  1237. * after timeout */
  1238. assoc_failed = 1;
  1239. }
  1240. if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
  1241. /* Set the key after the association just in case association
  1242. * cleared the previously configured key. */
  1243. wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
  1244. /* No need to timeout authentication since there is no key
  1245. * management. */
  1246. wpa_supplicant_cancel_auth_timeout(wpa_s);
  1247. wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
  1248. #ifdef CONFIG_IBSS_RSN
  1249. } else if (ssid->mode == WPAS_MODE_IBSS &&
  1250. wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
  1251. wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
  1252. /*
  1253. * RSN IBSS authentication is per-STA and we can disable the
  1254. * per-BSSID authentication.
  1255. */
  1256. wpa_supplicant_cancel_auth_timeout(wpa_s);
  1257. #endif /* CONFIG_IBSS_RSN */
  1258. } else {
  1259. /* Timeout for IEEE 802.11 authentication and association */
  1260. int timeout = 60;
  1261. if (assoc_failed) {
  1262. /* give IBSS a bit more time */
  1263. timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
  1264. } else if (wpa_s->conf->ap_scan == 1) {
  1265. /* give IBSS a bit more time */
  1266. timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
  1267. }
  1268. wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
  1269. }
  1270. if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
  1271. capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
  1272. /* Set static WEP keys again */
  1273. wpa_set_wep_keys(wpa_s, ssid);
  1274. }
  1275. if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
  1276. /*
  1277. * Do not allow EAP session resumption between different
  1278. * network configurations.
  1279. */
  1280. eapol_sm_invalidate_cached_session(wpa_s->eapol);
  1281. }
  1282. old_ssid = wpa_s->current_ssid;
  1283. wpa_s->current_ssid = ssid;
  1284. wpa_s->current_bss = bss;
  1285. wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
  1286. wpa_supplicant_initiate_eapol(wpa_s);
  1287. if (old_ssid != wpa_s->current_ssid)
  1288. wpas_notify_network_changed(wpa_s);
  1289. }
  1290. static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
  1291. const u8 *addr)
  1292. {
  1293. struct wpa_ssid *old_ssid;
  1294. wpa_clear_keys(wpa_s, addr);
  1295. wpa_supplicant_mark_disassoc(wpa_s);
  1296. old_ssid = wpa_s->current_ssid;
  1297. wpa_s->current_ssid = NULL;
  1298. wpa_s->current_bss = NULL;
  1299. wpa_sm_set_config(wpa_s->wpa, NULL);
  1300. eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
  1301. if (old_ssid != wpa_s->current_ssid)
  1302. wpas_notify_network_changed(wpa_s);
  1303. eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
  1304. }
  1305. /**
  1306. * wpa_supplicant_disassociate - Disassociate the current connection
  1307. * @wpa_s: Pointer to wpa_supplicant data
  1308. * @reason_code: IEEE 802.11 reason code for the disassociate frame
  1309. *
  1310. * This function is used to request %wpa_supplicant to disassociate with the
  1311. * current AP.
  1312. */
  1313. void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
  1314. int reason_code)
  1315. {
  1316. u8 *addr = NULL;
  1317. if (!is_zero_ether_addr(wpa_s->bssid)) {
  1318. if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
  1319. ieee80211_sta_disassociate(wpa_s, reason_code);
  1320. else
  1321. wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
  1322. addr = wpa_s->bssid;
  1323. }
  1324. wpa_supplicant_clear_connection(wpa_s, addr);
  1325. }
  1326. /**
  1327. * wpa_supplicant_deauthenticate - Deauthenticate the current connection
  1328. * @wpa_s: Pointer to wpa_supplicant data
  1329. * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
  1330. *
  1331. * This function is used to request %wpa_supplicant to deauthenticate from the
  1332. * current AP.
  1333. */
  1334. void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
  1335. int reason_code)
  1336. {
  1337. u8 *addr = NULL;
  1338. if (!is_zero_ether_addr(wpa_s->bssid)) {
  1339. if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
  1340. ieee80211_sta_deauthenticate(wpa_s, reason_code);
  1341. else
  1342. wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
  1343. reason_code);
  1344. addr = wpa_s->bssid;
  1345. }
  1346. wpa_supplicant_clear_connection(wpa_s, addr);
  1347. }
  1348. /**
  1349. * wpa_supplicant_enable_network - Mark a configured network as enabled
  1350. * @wpa_s: wpa_supplicant structure for a network interface
  1351. * @ssid: wpa_ssid structure for a configured network or %NULL
  1352. *
  1353. * Enables the specified network or all networks if no network specified.
  1354. */
  1355. void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
  1356. struct wpa_ssid *ssid)
  1357. {
  1358. struct wpa_ssid *other_ssid;
  1359. int was_disabled;
  1360. if (ssid == NULL) {
  1361. for (other_ssid = wpa_s->conf->ssid; other_ssid;
  1362. other_ssid = other_ssid->next) {
  1363. if (other_ssid->disabled == 2)
  1364. continue; /* do not change persistent P2P group
  1365. * data */
  1366. if (other_ssid == wpa_s->current_ssid &&
  1367. other_ssid->disabled)
  1368. wpa_s->reassociate = 1;
  1369. was_disabled = other_ssid->disabled;
  1370. other_ssid->disabled = 0;
  1371. if (was_disabled != other_ssid->disabled)
  1372. wpas_notify_network_enabled_changed(
  1373. wpa_s, other_ssid);
  1374. }
  1375. if (wpa_s->reassociate)
  1376. wpa_supplicant_req_scan(wpa_s, 0, 0);
  1377. } else if (ssid->disabled && ssid->disabled != 2) {
  1378. if (wpa_s->current_ssid == NULL) {
  1379. /*
  1380. * Try to reassociate since there is no current
  1381. * configuration and a new network was made available.
  1382. */
  1383. wpa_s->reassociate = 1;
  1384. wpa_supplicant_req_scan(wpa_s, 0, 0);
  1385. }
  1386. was_disabled = ssid->disabled;
  1387. ssid->disabled = 0;
  1388. if (was_disabled != ssid->disabled)
  1389. wpas_notify_network_enabled_changed(wpa_s, ssid);
  1390. }
  1391. }
  1392. /**
  1393. * wpa_supplicant_disable_network - Mark a configured network as disabled
  1394. * @wpa_s: wpa_supplicant structure for a network interface
  1395. * @ssid: wpa_ssid structure for a configured network or %NULL
  1396. *
  1397. * Disables the specified network or all networks if no network specified.
  1398. */
  1399. void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
  1400. struct wpa_ssid *ssid)
  1401. {
  1402. struct wpa_ssid *other_ssid;
  1403. int was_disabled;
  1404. if (ssid == NULL) {
  1405. for (other_ssid = wpa_s->conf->ssid; other_ssid;
  1406. other_ssid = other_ssid->next) {
  1407. was_disabled = other_ssid->disabled;
  1408. if (was_disabled == 2)
  1409. continue; /* do not change persistent P2P group
  1410. * data */
  1411. other_ssid->disabled = 1;
  1412. if (was_disabled != other_ssid->disabled)
  1413. wpas_notify_network_enabled_changed(
  1414. wpa_s, other_ssid);
  1415. }
  1416. if (wpa_s->current_ssid)
  1417. wpa_supplicant_disassociate(
  1418. wpa_s, WLAN_REASON_DEAUTH_LEAVING);
  1419. } else if (ssid->disabled != 2) {
  1420. if (ssid == wpa_s->current_ssid)
  1421. wpa_supplicant_disassociate(
  1422. wpa_s, WLAN_REASON_DEAUTH_LEAVING);
  1423. was_disabled = ssid->disabled;
  1424. ssid->disabled = 1;
  1425. if (was_disabled != ssid->disabled)
  1426. wpas_notify_network_enabled_changed(wpa_s, ssid);
  1427. }
  1428. }
  1429. /**
  1430. * wpa_supplicant_select_network - Attempt association with a network
  1431. * @wpa_s: wpa_supplicant structure for a network interface
  1432. * @ssid: wpa_ssid structure for a configured network or %NULL for any network
  1433. */
  1434. void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
  1435. struct wpa_ssid *ssid)
  1436. {
  1437. struct wpa_ssid *other_ssid;
  1438. if (ssid
  1439. //&& ssid != wpa_s->current_ssid
  1440. && wpa_s->current_ssid)
  1441. wpa_supplicant_disassociate(
  1442. wpa_s, WLAN_REASON_DEAUTH_LEAVING);
  1443. /*
  1444. * Mark all other networks disabled or mark all networks enabled if no
  1445. * network specified.
  1446. */
  1447. for (other_ssid = wpa_s->conf->ssid; other_ssid;
  1448. other_ssid = other_ssid->next) {
  1449. int was_disabled = other_ssid->disabled;
  1450. if (was_disabled == 2)
  1451. continue; /* do not change persistent P2P group data */
  1452. other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
  1453. if (was_disabled != other_ssid->disabled)
  1454. wpas_notify_network_enabled_changed(wpa_s, other_ssid);
  1455. }
  1456. wpa_s->disconnected = 0;
  1457. wpa_s->reassociate = 1;
  1458. wpa_supplicant_req_scan(wpa_s, 0, 0);
  1459. if (ssid)
  1460. wpas_notify_network_selected(wpa_s, ssid);
  1461. }
  1462. /**
  1463. * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
  1464. * @wpa_s: wpa_supplicant structure for a network interface
  1465. * @ap_scan: AP scan mode
  1466. * Returns: 0 if succeed or -1 if ap_scan has an invalid value
  1467. *
  1468. */
  1469. int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
  1470. {
  1471. int old_ap_scan;
  1472. if (ap_scan < 0 || ap_scan > 2)
  1473. return -1;
  1474. old_ap_scan = wpa_s->conf->ap_scan;
  1475. wpa_s->conf->ap_scan = ap_scan;
  1476. if (old_ap_scan != wpa_s->conf->ap_scan)
  1477. wpas_notify_ap_scan_changed(wpa_s);
  1478. return 0;
  1479. }
  1480. /**
  1481. * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
  1482. * @wpa_s: wpa_supplicant structure for a network interface
  1483. * @expire_age: Expiration age in seconds
  1484. * Returns: 0 if succeed or -1 if expire_age has an invalid value
  1485. *
  1486. */
  1487. int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
  1488. unsigned int bss_expire_age)
  1489. {
  1490. if (bss_expire_age < 10) {
  1491. wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
  1492. bss_expire_age);
  1493. return -1;
  1494. }
  1495. wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
  1496. bss_expire_age);
  1497. wpa_s->conf->bss_expiration_age = bss_expire_age;
  1498. return 0;
  1499. }
  1500. /**
  1501. * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
  1502. * @wpa_s: wpa_supplicant structure for a network interface
  1503. * @expire_count: number of scans after which an unseen BSS is reclaimed
  1504. * Returns: 0 if succeed or -1 if expire_count has an invalid value
  1505. *
  1506. */
  1507. int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
  1508. unsigned int bss_expire_count)
  1509. {
  1510. if (bss_expire_count < 1) {
  1511. wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
  1512. bss_expire_count);
  1513. return -1;
  1514. }
  1515. wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
  1516. bss_expire_count);
  1517. wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
  1518. return 0;
  1519. }
  1520. /**
  1521. * wpa_supplicant_set_debug_params - Set global debug params
  1522. * @global: wpa_global structure
  1523. * @debug_level: debug level
  1524. * @debug_timestamp: determines if show timestamp in debug data
  1525. * @debug_show_keys: determines if show keys in debug data
  1526. * Returns: 0 if succeed or -1 if debug_level has wrong value
  1527. */
  1528. int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
  1529. int debug_timestamp, int debug_show_keys)
  1530. {
  1531. int old_level, old_timestamp, old_show_keys;
  1532. /* check for allowed debuglevels */
  1533. if (debug_level != MSG_EXCESSIVE &&
  1534. debug_level != MSG_MSGDUMP &&
  1535. debug_level != MSG_DEBUG &&
  1536. debug_level != MSG_INFO &&
  1537. debug_level != MSG_WARNING &&
  1538. debug_level != MSG_ERROR)
  1539. return -1;
  1540. old_level = wpa_debug_level;
  1541. old_timestamp = wpa_debug_timestamp;
  1542. old_show_keys = wpa_debug_show_keys;
  1543. wpa_debug_level = debug_level;
  1544. wpa_debug_timestamp = debug_timestamp ? 1 : 0;
  1545. wpa_debug_show_keys = debug_show_keys ? 1 : 0;
  1546. if (wpa_debug_level != old_level)
  1547. wpas_notify_debug_level_changed(global);
  1548. if (wpa_debug_timestamp != old_timestamp)
  1549. wpas_notify_debug_timestamp_changed(global);
  1550. if (wpa_debug_show_keys != old_show_keys)
  1551. wpas_notify_debug_show_keys_changed(global);
  1552. return 0;
  1553. }
  1554. /**
  1555. * wpa_supplicant_get_ssid - Get a pointer to the current network structure
  1556. * @wpa_s: Pointer to wpa_supplicant data
  1557. * Returns: A pointer to the current network structure or %NULL on failure
  1558. */
  1559. struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
  1560. {
  1561. struct wpa_ssid *entry;
  1562. u8 ssid[MAX_SSID_LEN];
  1563. int res;
  1564. size_t ssid_len;
  1565. u8 bssid[ETH_ALEN];
  1566. int wired;
  1567. if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
  1568. if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
  1569. wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
  1570. "MLME");
  1571. return NULL;
  1572. }
  1573. } else {
  1574. res = wpa_drv_get_ssid(wpa_s, ssid);
  1575. if (res < 0) {
  1576. wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
  1577. "driver");
  1578. return NULL;
  1579. }
  1580. ssid_len = res;
  1581. }
  1582. if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
  1583. os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
  1584. else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
  1585. wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
  1586. "driver");
  1587. return NULL;
  1588. }
  1589. wired = wpa_s->conf->ap_scan == 0 &&
  1590. (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
  1591. entry = wpa_s->conf->ssid;
  1592. while (entry) {
  1593. if (!entry->disabled &&
  1594. ((ssid_len == entry->ssid_len &&
  1595. os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
  1596. (!entry->bssid_set ||
  1597. os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
  1598. return entry;
  1599. #ifdef CONFIG_WPS
  1600. if (!entry->disabled &&
  1601. (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
  1602. (entry->ssid == NULL || entry->ssid_len == 0) &&
  1603. (!entry->bssid_set ||
  1604. os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
  1605. return entry;
  1606. #endif /* CONFIG_WPS */
  1607. entry = entry->next;
  1608. }
  1609. return NULL;
  1610. }
  1611. static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
  1612. const char *name)
  1613. {
  1614. int i;
  1615. size_t len;
  1616. const char *pos, *driver = name;
  1617. if (wpa_s == NULL)
  1618. return -1;
  1619. if (wpa_drivers[0] == NULL) {
  1620. wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
  1621. "wpa_supplicant");
  1622. return -1;
  1623. }
  1624. if (name == NULL) {
  1625. /* default to first driver in the list */
  1626. wpa_s->driver = wpa_drivers[0];
  1627. wpa_s->global_drv_priv = wpa_s->global->drv_priv[0];
  1628. return 0;
  1629. }
  1630. do {
  1631. pos = os_strchr(driver, ',');
  1632. if (pos)
  1633. len = pos - driver;
  1634. else
  1635. len = os_strlen(driver);
  1636. for (i = 0; wpa_drivers[i]; i++) {
  1637. if (os_strlen(wpa_drivers[i]->name) == len &&
  1638. os_strncmp(driver, wpa_drivers[i]->name, len) ==
  1639. 0) {
  1640. wpa_s->driver = wpa_drivers[i];
  1641. wpa_s->global_drv_priv =
  1642. wpa_s->global->drv_priv[i];
  1643. return 0;
  1644. }
  1645. }
  1646. driver = pos + 1;
  1647. } while (pos);
  1648. wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
  1649. return -1;
  1650. }
  1651. /**
  1652. * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
  1653. * @ctx: Context pointer (wpa_s); this is the ctx variable registered
  1654. * with struct wpa_driver_ops::init()
  1655. * @src_addr: Source address of the EAPOL frame
  1656. * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
  1657. * @len: Length of the EAPOL data
  1658. *
  1659. * This function is called for each received EAPOL frame. Most driver
  1660. * interfaces rely on more generic OS mechanism for receiving frames through
  1661. * l2_packet, but if such a mechanism is not available, the driver wrapper may
  1662. * take care of received EAPOL frames and deliver them to the core supplicant
  1663. * code by calling this function.
  1664. */
  1665. void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
  1666. const u8 *buf, size_t len)
  1667. {
  1668. struct wpa_supplicant *wpa_s = ctx;
  1669. wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
  1670. wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
  1671. if (wpa_s->wpa_state < WPA_ASSOCIATED) {
  1672. /*
  1673. * There is possible race condition between receiving the
  1674. * association event and the EAPOL frame since they are coming
  1675. * through different paths from the driver. In order to avoid
  1676. * issues in trying to process the EAPOL frame before receiving
  1677. * association information, lets queue it for processing until
  1678. * the association event is received.
  1679. */
  1680. wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
  1681. "of received EAPOL frame");
  1682. wpabuf_free(wpa_s->pending_eapol_rx);
  1683. wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
  1684. if (wpa_s->pending_eapol_rx) {
  1685. os_get_time(&wpa_s->pending_eapol_rx_time);
  1686. os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
  1687. ETH_ALEN);
  1688. }
  1689. return;
  1690. }
  1691. #ifdef CONFIG_AP
  1692. if (wpa_s->ap_iface) {
  1693. wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
  1694. return;
  1695. }
  1696. #endif /* CONFIG_AP */
  1697. if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
  1698. wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
  1699. "no key management is configured");
  1700. return;
  1701. }
  1702. if (wpa_s->eapol_received == 0 &&
  1703. (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
  1704. !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
  1705. wpa_s->wpa_state != WPA_COMPLETED) &&
  1706. (wpa_s->current_ssid == NULL ||
  1707. wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
  1708. /* Timeout for completing IEEE 802.1X and WPA authentication */
  1709. wpa_supplicant_req_auth_timeout(
  1710. wpa_s,
  1711. (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
  1712. wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
  1713. wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
  1714. 70 : 10, 0);
  1715. }
  1716. wpa_s->eapol_received++;
  1717. if (wpa_s->countermeasures) {
  1718. wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
  1719. "EAPOL packet");
  1720. return;
  1721. }
  1722. #ifdef CONFIG_IBSS_RSN
  1723. if (wpa_s->current_ssid &&
  1724. wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
  1725. ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
  1726. return;
  1727. }
  1728. #endif /* CONFIG_IBSS_RSN */
  1729. /* Source address of the incoming EAPOL frame could be compared to the
  1730. * current BSSID. However, it is possible that a centralized
  1731. * Authenticator could be using another MAC address than the BSSID of
  1732. * an AP, so just allow any address to be used for now. The replies are
  1733. * still sent to the current BSSID (if available), though. */
  1734. os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
  1735. if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
  1736. eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
  1737. return;
  1738. wpa_drv_poll(wpa_s);
  1739. if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
  1740. wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
  1741. else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
  1742. /*
  1743. * Set portValid = TRUE here since we are going to skip 4-way
  1744. * handshake processing which would normally set portValid. We
  1745. * need this to allow the EAPOL state machines to be completed
  1746. * without going through EAPOL-Key handshake.
  1747. */
  1748. eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
  1749. }
  1750. }
  1751. /**
  1752. * wpa_supplicant_driver_init - Initialize driver interface parameters
  1753. * @wpa_s: Pointer to wpa_supplicant data
  1754. * Returns: 0 on success, -1 on failure
  1755. *
  1756. * This function is called to initialize driver interface parameters.
  1757. * wpa_drv_init() must have been called before this function to initialize the
  1758. * driver interface.
  1759. */
  1760. int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
  1761. {
  1762. static int interface_count = 0;
  1763. if (wpa_s->driver->send_eapol) {
  1764. const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
  1765. if (addr)
  1766. os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
  1767. } else if (!(wpa_s->drv_flags &
  1768. WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
  1769. wpa_s->l2 = l2_packet_init(wpa_s->ifname,
  1770. wpa_drv_get_mac_addr(wpa_s),
  1771. ETH_P_EAPOL,
  1772. wpa_supplicant_rx_eapol, wpa_s, 0);
  1773. if (wpa_s->l2 == NULL)
  1774. return -1;
  1775. } else {
  1776. const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
  1777. if (addr)
  1778. os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
  1779. }
  1780. if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
  1781. wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
  1782. return -1;
  1783. }
  1784. wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
  1785. MAC2STR(wpa_s->own_addr));
  1786. if (wpa_s->bridge_ifname[0]) {
  1787. wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
  1788. "interface '%s'", wpa_s->bridge_ifname);
  1789. wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
  1790. wpa_s->own_addr,
  1791. ETH_P_EAPOL,
  1792. wpa_supplicant_rx_eapol, wpa_s,
  1793. 0);
  1794. if (wpa_s->l2_br == NULL) {
  1795. wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
  1796. "connection for the bridge interface '%s'",
  1797. wpa_s->bridge_ifname);
  1798. return -1;
  1799. }
  1800. }
  1801. wpa_clear_keys(wpa_s, NULL);
  1802. /* Make sure that TKIP countermeasures are not left enabled (could
  1803. * happen if wpa_supplicant is killed during countermeasures. */
  1804. wpa_drv_set_countermeasures(wpa_s, 0);
  1805. wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
  1806. wpa_drv_flush_pmkid(wpa_s);
  1807. wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
  1808. if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
  1809. wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
  1810. interface_count++;
  1811. } else
  1812. wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
  1813. return 0;
  1814. }
  1815. static int wpa_supplicant_daemon(const char *pid_file)
  1816. {
  1817. wpa_printf(MSG_DEBUG, "Daemonize..");
  1818. return os_daemonize(pid_file);
  1819. }
  1820. static struct wpa_supplicant * wpa_supplicant_alloc(void)
  1821. {
  1822. struct wpa_supplicant *wpa_s;
  1823. wpa_s = os_zalloc(sizeof(*wpa_s));
  1824. if (wpa_s == NULL)
  1825. return NULL;
  1826. wpa_s->scan_req = 1;
  1827. wpa_s->scan_interval = 5;
  1828. wpa_s->new_connection = 1;
  1829. wpa_s->parent = wpa_s;
  1830. return wpa_s;
  1831. }
  1832. static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
  1833. struct wpa_interface *iface)
  1834. {
  1835. const char *ifname, *driver;
  1836. struct wpa_driver_capa capa;
  1837. wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
  1838. "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
  1839. iface->confname ? iface->confname : "N/A",
  1840. iface->driver ? iface->driver : "default",
  1841. iface->ctrl_interface ? iface->ctrl_interface : "N/A",
  1842. iface->bridge_ifname ? iface->bridge_ifname : "N/A");
  1843. if (iface->confname) {
  1844. #ifdef CONFIG_BACKEND_FILE
  1845. wpa_s->confname = os_rel2abs_path(iface->confname);
  1846. if (wpa_s->confname == NULL) {
  1847. wpa_printf(MSG_ERROR, "Failed to get absolute path "
  1848. "for configuration file '%s'.",
  1849. iface->confname);
  1850. return -1;
  1851. }
  1852. wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
  1853. iface->confname, wpa_s->confname);
  1854. #else /* CONFIG_BACKEND_FILE */
  1855. wpa_s->confname = os_strdup(iface->confname);
  1856. #endif /* CONFIG_BACKEND_FILE */
  1857. wpa_s->conf = wpa_config_read(wpa_s->confname);
  1858. if (wpa_s->conf == NULL) {
  1859. wpa_printf(MSG_ERROR, "Failed to read or parse "
  1860. "configuration '%s'.", wpa_s->confname);
  1861. return -1;
  1862. }
  1863. /*
  1864. * Override ctrl_interface and driver_param if set on command
  1865. * line.
  1866. */
  1867. if (iface->ctrl_interface) {
  1868. os_free(wpa_s->conf->ctrl_interface);
  1869. wpa_s->conf->ctrl_interface =
  1870. os_strdup(iface->ctrl_interface);
  1871. }
  1872. if (iface->driver_param) {
  1873. os_free(wpa_s->conf->driver_param);
  1874. wpa_s->conf->driver_param =
  1875. os_strdup(iface->driver_param);
  1876. }
  1877. } else
  1878. wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
  1879. iface->driver_param);
  1880. if (wpa_s->conf == NULL) {
  1881. wpa_printf(MSG_ERROR, "\nNo configuration found.");
  1882. return -1;
  1883. }
  1884. if (iface->ifname == NULL) {
  1885. wpa_printf(MSG_ERROR, "\nInterface name is required.");
  1886. return -1;
  1887. }
  1888. if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
  1889. wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
  1890. iface->ifname);
  1891. return -1;
  1892. }
  1893. os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
  1894. if (iface->bridge_ifname) {
  1895. if (os_strlen(iface->bridge_ifname) >=
  1896. sizeof(wpa_s->bridge_ifname)) {
  1897. wpa_printf(MSG_ERROR, "\nToo long bridge interface "
  1898. "name '%s'.", iface->bridge_ifname);
  1899. return -1;
  1900. }
  1901. os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
  1902. sizeof(wpa_s->bridge_ifname));
  1903. }
  1904. /* RSNA Supplicant Key Management - INITIALIZE */
  1905. eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
  1906. eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
  1907. /* Initialize driver interface and register driver event handler before
  1908. * L2 receive handler so that association events are processed before
  1909. * EAPOL-Key packets if both become available for the same select()
  1910. * call. */
  1911. driver = iface->driver;
  1912. next_driver:
  1913. if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
  1914. return -1;
  1915. wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
  1916. if (wpa_s->drv_priv == NULL) {
  1917. const char *pos;
  1918. pos = driver ? os_strchr(driver, ',') : NULL;
  1919. if (pos) {
  1920. wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
  1921. "driver interface - try next driver wrapper");
  1922. driver = pos + 1;
  1923. goto next_driver;
  1924. }
  1925. wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
  1926. "interface");
  1927. return -1;
  1928. }
  1929. if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
  1930. wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
  1931. "driver_param '%s'", wpa_s->conf->driver_param);
  1932. return -1;
  1933. }
  1934. ifname = wpa_drv_get_ifname(wpa_s);
  1935. if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
  1936. wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
  1937. "interface name with '%s'", ifname);
  1938. os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
  1939. }
  1940. if (wpa_supplicant_init_wpa(wpa_s) < 0)
  1941. return -1;
  1942. wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
  1943. wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
  1944. NULL);
  1945. wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
  1946. if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
  1947. wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
  1948. wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
  1949. wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
  1950. "dot11RSNAConfigPMKLifetime");
  1951. return -1;
  1952. }
  1953. if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
  1954. wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
  1955. wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
  1956. wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
  1957. "dot11RSNAConfigPMKReauthThreshold");
  1958. return -1;
  1959. }
  1960. if (wpa_s->conf->dot11RSNAConfigSATimeout &&
  1961. wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
  1962. wpa_s->conf->dot11RSNAConfigSATimeout)) {
  1963. wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
  1964. "dot11RSNAConfigSATimeout");
  1965. return -1;
  1966. }
  1967. if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
  1968. wpa_s->drv_flags = capa.flags;
  1969. if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
  1970. if (ieee80211_sta_init(wpa_s))
  1971. return -1;
  1972. }
  1973. wpa_s->max_scan_ssids = capa.max_scan_ssids;
  1974. wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
  1975. wpa_s->max_stations = capa.max_stations;
  1976. }
  1977. if (wpa_s->max_remain_on_chan == 0)
  1978. wpa_s->max_remain_on_chan = 1000;
  1979. if (wpa_supplicant_driver_init(wpa_s) < 0)
  1980. return -1;
  1981. #ifdef CONFIG_TDLS
  1982. if (wpa_tdls_init(wpa_s->wpa))
  1983. return -1;
  1984. #endif /* CONFIG_TDLS */
  1985. if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
  1986. wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
  1987. wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
  1988. return -1;
  1989. }
  1990. wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
  1991. if (wpas_wps_init(wpa_s))
  1992. return -1;
  1993. if (wpa_supplicant_init_eapol(wpa_s) < 0)
  1994. return -1;
  1995. wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
  1996. wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
  1997. if (wpa_s->ctrl_iface == NULL) {
  1998. wpa_printf(MSG_ERROR,
  1999. "Failed to initialize control interface '%s'.\n"
  2000. "You may have another wpa_supplicant process "
  2001. "already running or the file was\n"
  2002. "left by an unclean termination of wpa_supplicant "
  2003. "in which case you will need\n"
  2004. "to manually remove this file before starting "
  2005. "wpa_supplicant again.\n",
  2006. wpa_s->conf->ctrl_interface);
  2007. return -1;
  2008. }
  2009. #ifdef CONFIG_P2P
  2010. if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
  2011. wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
  2012. return -1;
  2013. }
  2014. #endif /* CONFIG_P2P */
  2015. if (wpa_bss_init(wpa_s) < 0)
  2016. return -1;
  2017. return 0;
  2018. }
  2019. static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
  2020. int notify)
  2021. {
  2022. if (wpa_s->drv_priv) {
  2023. wpa_supplicant_deauthenticate(wpa_s,
  2024. WLAN_REASON_DEAUTH_LEAVING);
  2025. wpa_drv_set_countermeasures(wpa_s, 0);
  2026. wpa_clear_keys(wpa_s, NULL);
  2027. }
  2028. wpa_supplicant_cleanup(wpa_s);
  2029. if (notify)
  2030. wpas_notify_iface_removed(wpa_s);
  2031. if (wpa_s->drv_priv)
  2032. wpa_drv_deinit(wpa_s);
  2033. }
  2034. /**
  2035. * wpa_supplicant_add_iface - Add a new network interface
  2036. * @global: Pointer to global data from wpa_supplicant_init()
  2037. * @iface: Interface configuration options
  2038. * Returns: Pointer to the created interface or %NULL on failure
  2039. *
  2040. * This function is used to add new network interfaces for %wpa_supplicant.
  2041. * This can be called before wpa_supplicant_run() to add interfaces before the
  2042. * main event loop has been started. In addition, new interfaces can be added
  2043. * dynamically while %wpa_supplicant is already running. This could happen,
  2044. * e.g., when a hotplug network adapter is inserted.
  2045. */
  2046. struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
  2047. struct wpa_interface *iface)
  2048. {
  2049. struct wpa_supplicant *wpa_s;
  2050. struct wpa_interface t_iface;
  2051. struct wpa_ssid *ssid;
  2052. if (global == NULL || iface == NULL)
  2053. return NULL;
  2054. wpa_s = wpa_supplicant_alloc();
  2055. if (wpa_s == NULL)
  2056. return NULL;
  2057. wpa_s->global = global;
  2058. t_iface = *iface;
  2059. if (global->params.override_driver) {
  2060. wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
  2061. "('%s' -> '%s')",
  2062. iface->driver, global->params.override_driver);
  2063. t_iface.driver = global->params.override_driver;
  2064. }
  2065. if (global->params.override_ctrl_interface) {
  2066. wpa_printf(MSG_DEBUG, "Override interface parameter: "
  2067. "ctrl_interface ('%s' -> '%s')",
  2068. iface->ctrl_interface,
  2069. global->params.override_ctrl_interface);
  2070. t_iface.ctrl_interface =
  2071. global->params.override_ctrl_interface;
  2072. }
  2073. if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
  2074. wpa_printf(MSG_DEBUG, "Failed to add interface %s",
  2075. iface->ifname);
  2076. wpa_supplicant_deinit_iface(wpa_s, 0);
  2077. os_free(wpa_s);
  2078. return NULL;
  2079. }
  2080. /* Notify the control interfaces about new iface */
  2081. if (wpas_notify_iface_added(wpa_s)) {
  2082. wpa_supplicant_deinit_iface(wpa_s, 1);
  2083. os_free(wpa_s);
  2084. return NULL;
  2085. }
  2086. for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
  2087. wpas_notify_network_added(wpa_s, ssid);
  2088. wpa_s->next = global->ifaces;
  2089. global->ifaces = wpa_s;
  2090. wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
  2091. return wpa_s;
  2092. }
  2093. /**
  2094. * wpa_supplicant_remove_iface - Remove a network interface
  2095. * @global: Pointer to global data from wpa_supplicant_init()
  2096. * @wpa_s: Pointer to the network interface to be removed
  2097. * Returns: 0 if interface was removed, -1 if interface was not found
  2098. *
  2099. * This function can be used to dynamically remove network interfaces from
  2100. * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
  2101. * addition, this function is used to remove all remaining interfaces when
  2102. * %wpa_supplicant is terminated.
  2103. */
  2104. int wpa_supplicant_remove_iface(struct wpa_global *global,
  2105. struct wpa_supplicant *wpa_s)
  2106. {
  2107. struct wpa_supplicant *prev;
  2108. /* Remove interface from the global list of interfaces */
  2109. prev = global->ifaces;
  2110. if (prev == wpa_s) {
  2111. global->ifaces = wpa_s->next;
  2112. } else {
  2113. while (prev && prev->next != wpa_s)
  2114. prev = prev->next;
  2115. if (prev == NULL)
  2116. return -1;
  2117. prev->next = wpa_s->next;
  2118. }
  2119. wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
  2120. if (global->p2p_group_formation == wpa_s)
  2121. global->p2p_group_formation = NULL;
  2122. wpa_supplicant_deinit_iface(wpa_s, 1);
  2123. os_free(wpa_s);
  2124. return 0;
  2125. }
  2126. /**
  2127. * wpa_supplicant_get_eap_mode - Get the current EAP mode
  2128. * @wpa_s: Pointer to the network interface
  2129. * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
  2130. */
  2131. const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
  2132. {
  2133. const char *eapol_method;
  2134. if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
  2135. wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
  2136. return "NO-EAP";
  2137. }
  2138. eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
  2139. if (eapol_method == NULL)
  2140. return "UNKNOWN-EAP";
  2141. return eapol_method;
  2142. }
  2143. /**
  2144. * wpa_supplicant_get_iface - Get a new network interface
  2145. * @global: Pointer to global data from wpa_supplicant_init()
  2146. * @ifname: Interface name
  2147. * Returns: Pointer to the interface or %NULL if not found
  2148. */
  2149. struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
  2150. const char *ifname)
  2151. {
  2152. struct wpa_supplicant *wpa_s;
  2153. for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
  2154. if (os_strcmp(wpa_s->ifname, ifname) == 0)
  2155. return wpa_s;
  2156. }
  2157. return NULL;
  2158. }
  2159. #ifndef CONFIG_NO_WPA_MSG
  2160. static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
  2161. {
  2162. struct wpa_supplicant *wpa_s = ctx;
  2163. if (wpa_s == NULL)
  2164. return NULL;
  2165. return wpa_s->ifname;
  2166. }
  2167. #endif /* CONFIG_NO_WPA_MSG */
  2168. /**
  2169. * wpa_supplicant_init - Initialize %wpa_supplicant
  2170. * @params: Parameters for %wpa_supplicant
  2171. * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
  2172. *
  2173. * This function is used to initialize %wpa_supplicant. After successful
  2174. * initialization, the returned data pointer can be used to add and remove
  2175. * network interfaces, and eventually, to deinitialize %wpa_supplicant.
  2176. */
  2177. struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
  2178. {
  2179. struct wpa_global *global;
  2180. int ret, i;
  2181. if (params == NULL)
  2182. return NULL;
  2183. #ifndef CONFIG_NO_WPA_MSG
  2184. wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
  2185. #endif /* CONFIG_NO_WPA_MSG */
  2186. wpa_debug_open_file(params->wpa_debug_file_path);
  2187. if (params->wpa_debug_syslog)
  2188. wpa_debug_open_syslog();
  2189. ret = eap_register_methods();
  2190. if (ret) {
  2191. wpa_printf(MSG_ERROR, "Failed to register EAP methods");
  2192. if (ret == -2)
  2193. wpa_printf(MSG_ERROR, "Two or more EAP methods used "
  2194. "the same EAP type.");
  2195. return NULL;
  2196. }
  2197. global = os_zalloc(sizeof(*global));
  2198. if (global == NULL)
  2199. return NULL;
  2200. dl_list_init(&global->p2p_srv_bonjour);
  2201. dl_list_init(&global->p2p_srv_upnp);
  2202. global->params.daemonize = params->daemonize;
  2203. global->params.wait_for_monitor = params->wait_for_monitor;
  2204. global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
  2205. if (params->pid_file)
  2206. global->params.pid_file = os_strdup(params->pid_file);
  2207. if (params->ctrl_interface)
  2208. global->params.ctrl_interface =
  2209. os_strdup(params->ctrl_interface);
  2210. if (params->override_driver)
  2211. global->params.override_driver =
  2212. os_strdup(params->override_driver);
  2213. if (params->override_ctrl_interface)
  2214. global->params.override_ctrl_interface =
  2215. os_strdup(params->override_ctrl_interface);
  2216. wpa_debug_level = global->params.wpa_debug_level =
  2217. params->wpa_debug_level;
  2218. wpa_debug_show_keys = global->params.wpa_debug_show_keys =
  2219. params->wpa_debug_show_keys;
  2220. wpa_debug_timestamp = global->params.wpa_debug_timestamp =
  2221. params->wpa_debug_timestamp;
  2222. wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
  2223. if (eloop_init()) {
  2224. wpa_printf(MSG_ERROR, "Failed to initialize event loop");
  2225. wpa_supplicant_deinit(global);
  2226. return NULL;
  2227. }
  2228. random_init();
  2229. global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
  2230. if (global->ctrl_iface == NULL) {
  2231. wpa_supplicant_deinit(global);
  2232. return NULL;
  2233. }
  2234. if (wpas_notify_supplicant_initialized(global)) {
  2235. wpa_supplicant_deinit(global);
  2236. return NULL;
  2237. }
  2238. for (i = 0; wpa_drivers[i]; i++)
  2239. global->drv_count++;
  2240. if (global->drv_count == 0) {
  2241. wpa_printf(MSG_ERROR, "No drivers enabled");
  2242. wpa_supplicant_deinit(global);
  2243. return NULL;
  2244. }
  2245. global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
  2246. if (global->drv_priv == NULL) {
  2247. wpa_supplicant_deinit(global);
  2248. return NULL;
  2249. }
  2250. for (i = 0; wpa_drivers[i]; i++) {
  2251. if (!wpa_drivers[i]->global_init)
  2252. continue;
  2253. global->drv_priv[i] = wpa_drivers[i]->global_init();
  2254. if (global->drv_priv[i] == NULL) {
  2255. wpa_printf(MSG_ERROR, "Failed to initialize driver "
  2256. "'%s'", wpa_drivers[i]->name);
  2257. wpa_supplicant_deinit(global);
  2258. return NULL;
  2259. }
  2260. }
  2261. return global;
  2262. }
  2263. /**
  2264. * wpa_supplicant_run - Run the %wpa_supplicant main event loop
  2265. * @global: Pointer to global data from wpa_supplicant_init()
  2266. * Returns: 0 after successful event loop run, -1 on failure
  2267. *
  2268. * This function starts the main event loop and continues running as long as
  2269. * there are any remaining events. In most cases, this function is running as
  2270. * long as the %wpa_supplicant process in still in use.
  2271. */
  2272. int wpa_supplicant_run(struct wpa_global *global)
  2273. {
  2274. struct wpa_supplicant *wpa_s;
  2275. if (global->params.daemonize &&
  2276. wpa_supplicant_daemon(global->params.pid_file))
  2277. return -1;
  2278. if (global->params.wait_for_monitor) {
  2279. for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
  2280. if (wpa_s->ctrl_iface)
  2281. wpa_supplicant_ctrl_iface_wait(
  2282. wpa_s->ctrl_iface);
  2283. }
  2284. eloop_register_signal_terminate(wpa_supplicant_terminate, global);
  2285. eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
  2286. eloop_run();
  2287. return 0;
  2288. }
  2289. /**
  2290. * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
  2291. * @global: Pointer to global data from wpa_supplicant_init()
  2292. *
  2293. * This function is called to deinitialize %wpa_supplicant and to free all
  2294. * allocated resources. Remaining network interfaces will also be removed.
  2295. */
  2296. void wpa_supplicant_deinit(struct wpa_global *global)
  2297. {
  2298. int i;
  2299. if (global == NULL)
  2300. return;
  2301. #ifdef CONFIG_P2P
  2302. wpas_p2p_deinit_global(global);
  2303. #endif /* CONFIG_P2P */
  2304. while (global->ifaces)
  2305. wpa_supplicant_remove_iface(global, global->ifaces);
  2306. if (global->ctrl_iface)
  2307. wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
  2308. wpas_notify_supplicant_deinitialized(global);
  2309. eap_peer_unregister_methods();
  2310. #ifdef CONFIG_AP
  2311. eap_server_unregister_methods();
  2312. #endif /* CONFIG_AP */
  2313. for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
  2314. if (!global->drv_priv[i])
  2315. continue;
  2316. wpa_drivers[i]->global_deinit(global->drv_priv[i]);
  2317. }
  2318. os_free(global->drv_priv);
  2319. random_deinit();
  2320. eloop_destroy();
  2321. if (global->params.pid_file) {
  2322. os_daemonize_terminate(global->params.pid_file);
  2323. os_free(global->params.pid_file);
  2324. }
  2325. os_free(global->params.ctrl_interface);
  2326. os_free(global->params.override_driver);
  2327. os_free(global->params.override_ctrl_interface);
  2328. os_free(global);
  2329. wpa_debug_close_syslog();
  2330. wpa_debug_close_file();
  2331. }
  2332. void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
  2333. {
  2334. if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
  2335. wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
  2336. char country[3];
  2337. country[0] = wpa_s->conf->country[0];
  2338. country[1] = wpa_s->conf->country[1];
  2339. country[2] = '\0';
  2340. if (wpa_drv_set_country(wpa_s, country) < 0) {
  2341. wpa_printf(MSG_ERROR, "Failed to set country code "
  2342. "'%s'", country);
  2343. }
  2344. }
  2345. #ifdef CONFIG_WPS
  2346. wpas_wps_update_config(wpa_s);
  2347. #endif /* CONFIG_WPS */
  2348. #ifdef CONFIG_P2P
  2349. wpas_p2p_update_config(wpa_s);
  2350. #endif /* CONFIG_P2P */
  2351. wpa_s->conf->changed_parameters = 0;
  2352. }
  2353. void ieee80211_sta_free_hw_features(struct hostapd_hw_modes *hw_features,
  2354. size_t num_hw_features)
  2355. {
  2356. size_t i;
  2357. if (hw_features == NULL)
  2358. return;
  2359. for (i = 0; i < num_hw_features; i++) {
  2360. os_free(hw_features[i].channels);
  2361. os_free(hw_features[i].rates);
  2362. }
  2363. os_free(hw_features);
  2364. }
  2365. static void add_freq(int *freqs, int *num_freqs, int freq)
  2366. {
  2367. int i;
  2368. for (i = 0; i < *num_freqs; i++) {
  2369. if (freqs[i] == freq)
  2370. return;
  2371. }
  2372. freqs[*num_freqs] = freq;
  2373. (*num_freqs)++;
  2374. }
  2375. static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
  2376. {
  2377. struct wpa_bss *bss, *cbss;
  2378. const int max_freqs = 10;
  2379. int *freqs;
  2380. int num_freqs = 0;
  2381. freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
  2382. if (freqs == NULL)
  2383. return NULL;
  2384. cbss = wpa_s->current_bss;
  2385. dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
  2386. if (bss == cbss)
  2387. continue;
  2388. if (bss->ssid_len == cbss->ssid_len &&
  2389. os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
  2390. wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
  2391. add_freq(freqs, &num_freqs, bss->freq);
  2392. if (num_freqs == max_freqs)
  2393. break;
  2394. }
  2395. }
  2396. if (num_freqs == 0) {
  2397. os_free(freqs);
  2398. freqs = NULL;
  2399. }
  2400. return freqs;
  2401. }
  2402. void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
  2403. {
  2404. int timeout;
  2405. int count;
  2406. int *freqs = NULL;
  2407. /*
  2408. * Add the failed BSSID into the blacklist and speed up next scan
  2409. * attempt if there could be other APs that could accept association.
  2410. * The current blacklist count indicates how many times we have tried
  2411. * connecting to this AP and multiple attempts mean that other APs are
  2412. * either not available or has already been tried, so that we can start
  2413. * increasing the delay here to avoid constant scanning.
  2414. */
  2415. count = wpa_blacklist_add(wpa_s, bssid);
  2416. if (count == 1 && wpa_s->current_bss) {
  2417. /*
  2418. * This BSS was not in the blacklist before. If there is
  2419. * another BSS available for the same ESS, we should try that
  2420. * next. Otherwise, we may as well try this one once more
  2421. * before allowing other, likely worse, ESSes to be considered.
  2422. */
  2423. freqs = get_bss_freqs_in_ess(wpa_s);
  2424. if (freqs) {
  2425. wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
  2426. "has been seen; try it next");
  2427. wpa_blacklist_add(wpa_s, bssid);
  2428. /*
  2429. * On the next scan, go through only the known channels
  2430. * used in this ESS based on previous scans to speed up
  2431. * common load balancing use case.
  2432. */
  2433. os_free(wpa_s->next_scan_freqs);
  2434. wpa_s->next_scan_freqs = freqs;
  2435. }
  2436. }
  2437. switch (count) {
  2438. case 1:
  2439. timeout = 100;
  2440. break;
  2441. case 2:
  2442. timeout = 500;
  2443. break;
  2444. case 3:
  2445. timeout = 1000;
  2446. break;
  2447. default:
  2448. timeout = 5000;
  2449. }
  2450. /*
  2451. * TODO: if more than one possible AP is available in scan results,
  2452. * could try the other ones before requesting a new scan.
  2453. */
  2454. wpa_supplicant_req_scan(wpa_s, timeout / 1000,
  2455. 1000 * (timeout % 1000));
  2456. }