1 /* 2 * WPA Supplicant 3 * Copyright (c) 2003-2012, Jouni Malinen <j (at) w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 * 8 * This file implements functions for registering and unregistering 9 * %wpa_supplicant interfaces. In addition, this file contains number of 10 * functions for managing network connections. 11 */ 12 13 #include "includes.h" 14 15 #include "common.h" 16 #include "crypto/random.h" 17 #include "crypto/sha1.h" 18 #include "eapol_supp/eapol_supp_sm.h" 19 #include "eap_peer/eap.h" 20 #include "eap_server/eap_methods.h" 21 #include "rsn_supp/wpa.h" 22 #include "eloop.h" 23 #include "config.h" 24 #include "l2_packet/l2_packet.h" 25 #include "wpa_supplicant_i.h" 26 #include "driver_i.h" 27 #include "ctrl_iface.h" 28 #include "pcsc_funcs.h" 29 #include "common/version.h" 30 #include "rsn_supp/preauth.h" 31 #include "rsn_supp/pmksa_cache.h" 32 #include "common/wpa_ctrl.h" 33 #include "common/ieee802_11_defs.h" 34 #include "p2p/p2p.h" 35 #include "blacklist.h" 36 #include "wpas_glue.h" 37 #include "wps_supplicant.h" 38 #include "ibss_rsn.h" 39 #include "sme.h" 40 #include "gas_query.h" 41 #include "ap.h" 42 #include "p2p_supplicant.h" 43 #include "notify.h" 44 #include "bgscan.h" 45 #include "bss.h" 46 #include "scan.h" 47 #include "offchannel.h" 48 49 const char *wpa_supplicant_version = 50 "wpa_supplicant v" VERSION_STR "\n" 51 "Copyright (c) 2003-2012, Jouni Malinen <j (at) w1.fi> and contributors"; 52 53 const char *wpa_supplicant_license = 54 "This software may be distributed under the terms of the BSD license.\n" 55 "See README for more details.\n" 56 #ifdef EAP_TLS_OPENSSL 57 "\nThis product includes software developed by the OpenSSL Project\n" 58 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" 59 #endif /* EAP_TLS_OPENSSL */ 60 ; 61 62 #ifndef CONFIG_NO_STDOUT_DEBUG 63 /* Long text divided into parts in order to fit in C89 strings size limits. */ 64 const char *wpa_supplicant_full_license1 = 65 ""; 66 const char *wpa_supplicant_full_license2 = 67 "This software may be distributed under the terms of the BSD license.\n" 68 "\n" 69 "Redistribution and use in source and binary forms, with or without\n" 70 "modification, are permitted provided that the following conditions are\n" 71 "met:\n" 72 "\n"; 73 const char *wpa_supplicant_full_license3 = 74 "1. Redistributions of source code must retain the above copyright\n" 75 " notice, this list of conditions and the following disclaimer.\n" 76 "\n" 77 "2. Redistributions in binary form must reproduce the above copyright\n" 78 " notice, this list of conditions and the following disclaimer in the\n" 79 " documentation and/or other materials provided with the distribution.\n" 80 "\n"; 81 const char *wpa_supplicant_full_license4 = 82 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" 83 " names of its contributors may be used to endorse or promote products\n" 84 " derived from this software without specific prior written permission.\n" 85 "\n" 86 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" 87 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" 88 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" 89 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; 90 const char *wpa_supplicant_full_license5 = 91 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" 92 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" 93 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" 94 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" 95 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" 96 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" 97 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" 98 "\n"; 99 #endif /* CONFIG_NO_STDOUT_DEBUG */ 100 101 extern int wpa_debug_level; 102 extern int wpa_debug_show_keys; 103 extern int wpa_debug_timestamp; 104 extern struct wpa_driver_ops *wpa_drivers[]; 105 106 /* Configure default/group WEP keys for static WEP */ 107 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 108 { 109 int i, set = 0; 110 111 for (i = 0; i < NUM_WEP_KEYS; i++) { 112 if (ssid->wep_key_len[i] == 0) 113 continue; 114 115 set = 1; 116 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, 117 i, i == ssid->wep_tx_keyidx, NULL, 0, 118 ssid->wep_key[i], ssid->wep_key_len[i]); 119 } 120 121 return set; 122 } 123 124 125 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, 126 struct wpa_ssid *ssid) 127 { 128 u8 key[32]; 129 size_t keylen; 130 enum wpa_alg alg; 131 u8 seq[6] = { 0 }; 132 133 /* IBSS/WPA-None uses only one key (Group) for both receiving and 134 * sending unicast and multicast packets. */ 135 136 if (ssid->mode != WPAS_MODE_IBSS) { 137 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " 138 "IBSS/ad-hoc) for WPA-None", ssid->mode); 139 return -1; 140 } 141 142 if (!ssid->psk_set) { 143 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " 144 "WPA-None"); 145 return -1; 146 } 147 148 switch (wpa_s->group_cipher) { 149 case WPA_CIPHER_CCMP: 150 os_memcpy(key, ssid->psk, 16); 151 keylen = 16; 152 alg = WPA_ALG_CCMP; 153 break; 154 case WPA_CIPHER_TKIP: 155 /* WPA-None uses the same Michael MIC key for both TX and RX */ 156 os_memcpy(key, ssid->psk, 16 + 8); 157 os_memcpy(key + 16 + 8, ssid->psk + 16, 8); 158 keylen = 32; 159 alg = WPA_ALG_TKIP; 160 break; 161 default: 162 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " 163 "WPA-None", wpa_s->group_cipher); 164 return -1; 165 } 166 167 /* TODO: should actually remember the previously used seq#, both for TX 168 * and RX from each STA.. */ 169 170 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); 171 } 172 173 174 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) 175 { 176 struct wpa_supplicant *wpa_s = eloop_ctx; 177 const u8 *bssid = wpa_s->bssid; 178 if (is_zero_ether_addr(bssid)) 179 bssid = wpa_s->pending_bssid; 180 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", 181 MAC2STR(bssid)); 182 wpa_blacklist_add(wpa_s, bssid); 183 wpa_sm_notify_disassoc(wpa_s->wpa); 184 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 185 wpa_s->reassociate = 1; 186 187 /* 188 * If we timed out, the AP or the local radio may be busy. 189 * So, wait a second until scanning again. 190 */ 191 wpa_supplicant_req_scan(wpa_s, 1, 0); 192 } 193 194 195 /** 196 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication 197 * @wpa_s: Pointer to wpa_supplicant data 198 * @sec: Number of seconds after which to time out authentication 199 * @usec: Number of microseconds after which to time out authentication 200 * 201 * This function is used to schedule a timeout for the current authentication 202 * attempt. 203 */ 204 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, 205 int sec, int usec) 206 { 207 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 && 208 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) 209 return; 210 211 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " 212 "%d usec", sec, usec); 213 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 214 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); 215 } 216 217 218 /** 219 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout 220 * @wpa_s: Pointer to wpa_supplicant data 221 * 222 * This function is used to cancel authentication timeout scheduled with 223 * wpa_supplicant_req_auth_timeout() and it is called when authentication has 224 * been completed. 225 */ 226 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) 227 { 228 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); 229 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 230 wpa_blacklist_del(wpa_s, wpa_s->bssid); 231 } 232 233 234 /** 235 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine 236 * @wpa_s: Pointer to wpa_supplicant data 237 * 238 * This function is used to configure EAPOL state machine based on the selected 239 * authentication mode. 240 */ 241 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) 242 { 243 #ifdef IEEE8021X_EAPOL 244 struct eapol_config eapol_conf; 245 struct wpa_ssid *ssid = wpa_s->current_ssid; 246 247 #ifdef CONFIG_IBSS_RSN 248 if (ssid->mode == WPAS_MODE_IBSS && 249 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 250 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 251 /* 252 * RSN IBSS authentication is per-STA and we can disable the 253 * per-BSSID EAPOL authentication. 254 */ 255 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 256 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 257 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); 258 return; 259 } 260 #endif /* CONFIG_IBSS_RSN */ 261 262 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); 264 265 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 266 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 267 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 268 else 269 eapol_sm_notify_portControl(wpa_s->eapol, Auto); 270 271 os_memset(&eapol_conf, 0, sizeof(eapol_conf)); 272 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 273 eapol_conf.accept_802_1x_keys = 1; 274 eapol_conf.required_keys = 0; 275 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { 276 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; 277 } 278 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { 279 eapol_conf.required_keys |= 280 EAPOL_REQUIRE_KEY_BROADCAST; 281 } 282 283 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) 284 eapol_conf.required_keys = 0; 285 } 286 if (wpa_s->conf) 287 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; 288 eapol_conf.workaround = ssid->eap_workaround; 289 eapol_conf.eap_disabled = 290 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && 291 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && 292 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; 293 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); 294 #endif /* IEEE8021X_EAPOL */ 295 } 296 297 298 /** 299 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode 300 * @wpa_s: Pointer to wpa_supplicant data 301 * @ssid: Configuration data for the network 302 * 303 * This function is used to configure WPA state machine and related parameters 304 * to a mode where WPA is not enabled. This is called as part of the 305 * authentication configuration when the selected network does not use WPA. 306 */ 307 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, 308 struct wpa_ssid *ssid) 309 { 310 int i; 311 312 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 313 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; 314 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) 315 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; 316 else 317 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 318 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 319 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 320 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 321 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 322 wpa_s->group_cipher = WPA_CIPHER_NONE; 323 wpa_s->mgmt_group_cipher = 0; 324 325 for (i = 0; i < NUM_WEP_KEYS; i++) { 326 if (ssid->wep_key_len[i] > 5) { 327 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; 328 wpa_s->group_cipher = WPA_CIPHER_WEP104; 329 break; 330 } else if (ssid->wep_key_len[i] > 0) { 331 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; 332 wpa_s->group_cipher = WPA_CIPHER_WEP40; 333 break; 334 } 335 } 336 337 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); 338 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 339 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 340 wpa_s->pairwise_cipher); 341 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 342 #ifdef CONFIG_IEEE80211W 343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 344 wpa_s->mgmt_group_cipher); 345 #endif /* CONFIG_IEEE80211W */ 346 347 pmksa_cache_clear_current(wpa_s->wpa); 348 } 349 350 351 static void free_hw_features(struct wpa_supplicant *wpa_s) 352 { 353 int i; 354 if (wpa_s->hw.modes == NULL) 355 return; 356 357 for (i = 0; i < wpa_s->hw.num_modes; i++) { 358 os_free(wpa_s->hw.modes[i].channels); 359 os_free(wpa_s->hw.modes[i].rates); 360 } 361 362 os_free(wpa_s->hw.modes); 363 wpa_s->hw.modes = NULL; 364 } 365 366 367 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) 368 { 369 bgscan_deinit(wpa_s); 370 scard_deinit(wpa_s->scard); 371 wpa_s->scard = NULL; 372 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); 373 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); 374 l2_packet_deinit(wpa_s->l2); 375 wpa_s->l2 = NULL; 376 if (wpa_s->l2_br) { 377 l2_packet_deinit(wpa_s->l2_br); 378 wpa_s->l2_br = NULL; 379 } 380 381 if (wpa_s->conf != NULL) { 382 struct wpa_ssid *ssid; 383 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 384 wpas_notify_network_removed(wpa_s, ssid); 385 } 386 387 os_free(wpa_s->confname); 388 wpa_s->confname = NULL; 389 390 wpa_sm_set_eapol(wpa_s->wpa, NULL); 391 eapol_sm_deinit(wpa_s->eapol); 392 wpa_s->eapol = NULL; 393 394 rsn_preauth_deinit(wpa_s->wpa); 395 396 #ifdef CONFIG_TDLS 397 wpa_tdls_deinit(wpa_s->wpa); 398 #endif /* CONFIG_TDLS */ 399 400 pmksa_candidate_free(wpa_s->wpa); 401 wpa_sm_deinit(wpa_s->wpa); 402 wpa_s->wpa = NULL; 403 wpa_blacklist_clear(wpa_s); 404 405 wpa_bss_deinit(wpa_s); 406 407 wpa_supplicant_cancel_scan(wpa_s); 408 wpa_supplicant_cancel_auth_timeout(wpa_s); 409 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); 410 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 411 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, 412 wpa_s, NULL); 413 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 414 415 wpas_wps_deinit(wpa_s); 416 417 wpabuf_free(wpa_s->pending_eapol_rx); 418 wpa_s->pending_eapol_rx = NULL; 419 420 #ifdef CONFIG_IBSS_RSN 421 ibss_rsn_deinit(wpa_s->ibss_rsn); 422 wpa_s->ibss_rsn = NULL; 423 #endif /* CONFIG_IBSS_RSN */ 424 425 sme_deinit(wpa_s); 426 427 #ifdef CONFIG_AP 428 wpa_supplicant_ap_deinit(wpa_s); 429 #endif /* CONFIG_AP */ 430 431 #ifdef CONFIG_P2P 432 wpas_p2p_deinit(wpa_s); 433 #endif /* CONFIG_P2P */ 434 435 #ifdef CONFIG_OFFCHANNEL 436 offchannel_deinit(wpa_s); 437 #endif /* CONFIG_OFFCHANNEL */ 438 439 wpa_supplicant_cancel_sched_scan(wpa_s); 440 441 os_free(wpa_s->next_scan_freqs); 442 wpa_s->next_scan_freqs = NULL; 443 444 gas_query_deinit(wpa_s->gas); 445 wpa_s->gas = NULL; 446 447 free_hw_features(wpa_s); 448 } 449 450 451 /** 452 * wpa_clear_keys - Clear keys configured for the driver 453 * @wpa_s: Pointer to wpa_supplicant data 454 * @addr: Previously used BSSID or %NULL if not available 455 * 456 * This function clears the encryption keys that has been previously configured 457 * for the driver. 458 */ 459 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) 460 { 461 if (wpa_s->keys_cleared) { 462 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have 463 * timing issues with keys being cleared just before new keys 464 * are set or just after association or something similar. This 465 * shows up in group key handshake failing often because of the 466 * client not receiving the first encrypted packets correctly. 467 * Skipping some of the extra key clearing steps seems to help 468 * in completing group key handshake more reliably. */ 469 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - " 470 "skip key clearing"); 471 return; 472 } 473 474 /* MLME-DELETEKEYS.request */ 475 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0); 476 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0); 477 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0); 478 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0); 479 #ifdef CONFIG_IEEE80211W 480 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0); 481 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0); 482 #endif /* CONFIG_IEEE80211W */ 483 if (addr) { 484 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, 485 0); 486 /* MLME-SETPROTECTION.request(None) */ 487 wpa_drv_mlme_setprotection( 488 wpa_s, addr, 489 MLME_SETPROTECTION_PROTECT_TYPE_NONE, 490 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); 491 } 492 wpa_s->keys_cleared = 1; 493 } 494 495 496 /** 497 * wpa_supplicant_state_txt - Get the connection state name as a text string 498 * @state: State (wpa_state; WPA_*) 499 * Returns: The state name as a printable text string 500 */ 501 const char * wpa_supplicant_state_txt(enum wpa_states state) 502 { 503 switch (state) { 504 case WPA_DISCONNECTED: 505 return "DISCONNECTED"; 506 case WPA_INACTIVE: 507 return "INACTIVE"; 508 case WPA_INTERFACE_DISABLED: 509 return "INTERFACE_DISABLED"; 510 case WPA_SCANNING: 511 return "SCANNING"; 512 case WPA_AUTHENTICATING: 513 return "AUTHENTICATING"; 514 case WPA_ASSOCIATING: 515 return "ASSOCIATING"; 516 case WPA_ASSOCIATED: 517 return "ASSOCIATED"; 518 case WPA_4WAY_HANDSHAKE: 519 return "4WAY_HANDSHAKE"; 520 case WPA_GROUP_HANDSHAKE: 521 return "GROUP_HANDSHAKE"; 522 case WPA_COMPLETED: 523 return "COMPLETED"; 524 default: 525 return "UNKNOWN"; 526 } 527 } 528 529 530 #ifdef CONFIG_BGSCAN 531 532 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s) 533 { 534 if (wpas_driver_bss_selection(wpa_s)) 535 return; 536 if (wpa_s->current_ssid == wpa_s->bgscan_ssid) 537 return; 538 539 bgscan_deinit(wpa_s); 540 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) { 541 if (bgscan_init(wpa_s, wpa_s->current_ssid)) { 542 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 543 "bgscan"); 544 /* 545 * Live without bgscan; it is only used as a roaming 546 * optimization, so the initial connection is not 547 * affected. 548 */ 549 } else 550 wpa_s->bgscan_ssid = wpa_s->current_ssid; 551 } else 552 wpa_s->bgscan_ssid = NULL; 553 } 554 555 556 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) 557 { 558 if (wpa_s->bgscan_ssid != NULL) { 559 bgscan_deinit(wpa_s); 560 wpa_s->bgscan_ssid = NULL; 561 } 562 } 563 564 #endif /* CONFIG_BGSCAN */ 565 566 567 /** 568 * wpa_supplicant_set_state - Set current connection state 569 * @wpa_s: Pointer to wpa_supplicant data 570 * @state: The new connection state 571 * 572 * This function is called whenever the connection state changes, e.g., 573 * association is completed for WPA/WPA2 4-Way Handshake is started. 574 */ 575 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, 576 enum wpa_states state) 577 { 578 enum wpa_states old_state = wpa_s->wpa_state; 579 580 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", 581 wpa_supplicant_state_txt(wpa_s->wpa_state), 582 wpa_supplicant_state_txt(state)); 583 584 #ifdef ANDROID_P2P 585 if(state == WPA_ASSOCIATED && wpa_s->current_ssid) { 586 wpa_s->current_ssid->assoc_retry = 0; 587 } 588 #endif /* ANDROID_P2P */ 589 590 if (state != WPA_SCANNING) 591 wpa_supplicant_notify_scanning(wpa_s, 0); 592 593 if (state == WPA_COMPLETED && wpa_s->new_connection) { 594 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) 595 struct wpa_ssid *ssid = wpa_s->current_ssid; 596 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " 597 MACSTR " completed %s [id=%d id_str=%s]", 598 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ? 599 "(reauth)" : "(auth)", 600 ssid ? ssid->id : -1, 601 ssid && ssid->id_str ? ssid->id_str : ""); 602 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ 603 wpa_s->new_connection = 0; 604 wpa_s->reassociated_connection = 1; 605 wpa_drv_set_operstate(wpa_s, 1); 606 #ifndef IEEE8021X_EAPOL 607 wpa_drv_set_supp_port(wpa_s, 1); 608 #endif /* IEEE8021X_EAPOL */ 609 wpa_s->after_wps = 0; 610 #ifdef CONFIG_P2P 611 wpas_p2p_completed(wpa_s); 612 #endif /* CONFIG_P2P */ 613 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || 614 state == WPA_ASSOCIATED) { 615 wpa_s->new_connection = 1; 616 wpa_drv_set_operstate(wpa_s, 0); 617 #ifndef IEEE8021X_EAPOL 618 wpa_drv_set_supp_port(wpa_s, 0); 619 #endif /* IEEE8021X_EAPOL */ 620 } 621 wpa_s->wpa_state = state; 622 623 #ifdef CONFIG_BGSCAN 624 if (state == WPA_COMPLETED) 625 wpa_supplicant_start_bgscan(wpa_s); 626 else 627 wpa_supplicant_stop_bgscan(wpa_s); 628 #endif /* CONFIG_BGSCAN */ 629 630 if (wpa_s->wpa_state != old_state) { 631 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 632 633 if (wpa_s->wpa_state == WPA_COMPLETED || 634 old_state == WPA_COMPLETED) 635 wpas_notify_auth_changed(wpa_s); 636 } 637 } 638 639 640 void wpa_supplicant_terminate_proc(struct wpa_global *global) 641 { 642 int pending = 0; 643 #ifdef CONFIG_WPS 644 struct wpa_supplicant *wpa_s = global->ifaces; 645 while (wpa_s) { 646 if (wpas_wps_terminate_pending(wpa_s) == 1) 647 pending = 1; 648 wpa_s = wpa_s->next; 649 } 650 #endif /* CONFIG_WPS */ 651 if (pending) 652 return; 653 eloop_terminate(); 654 } 655 656 657 static void wpa_supplicant_terminate(int sig, void *signal_ctx) 658 { 659 struct wpa_global *global = signal_ctx; 660 wpa_supplicant_terminate_proc(global); 661 } 662 663 664 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) 665 { 666 enum wpa_states old_state = wpa_s->wpa_state; 667 668 wpa_s->pairwise_cipher = 0; 669 wpa_s->group_cipher = 0; 670 wpa_s->mgmt_group_cipher = 0; 671 wpa_s->key_mgmt = 0; 672 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) 673 wpa_s->wpa_state = WPA_DISCONNECTED; 674 675 if (wpa_s->wpa_state != old_state) 676 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 677 } 678 679 680 /** 681 * wpa_supplicant_reload_configuration - Reload configuration data 682 * @wpa_s: Pointer to wpa_supplicant data 683 * Returns: 0 on success or -1 if configuration parsing failed 684 * 685 * This function can be used to request that the configuration data is reloaded 686 * (e.g., after configuration file change). This function is reloading 687 * configuration only for one interface, so this may need to be called multiple 688 * times if %wpa_supplicant is controlling multiple interfaces and all 689 * interfaces need reconfiguration. 690 */ 691 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) 692 { 693 struct wpa_config *conf; 694 int reconf_ctrl; 695 int old_ap_scan; 696 697 if (wpa_s->confname == NULL) 698 return -1; 699 conf = wpa_config_read(wpa_s->confname); 700 if (conf == NULL) { 701 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " 702 "file '%s' - exiting", wpa_s->confname); 703 return -1; 704 } 705 conf->changed_parameters = (unsigned int) -1; 706 707 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface 708 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && 709 os_strcmp(conf->ctrl_interface, 710 wpa_s->conf->ctrl_interface) != 0); 711 712 if (reconf_ctrl && wpa_s->ctrl_iface) { 713 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); 714 wpa_s->ctrl_iface = NULL; 715 } 716 717 eapol_sm_invalidate_cached_session(wpa_s->eapol); 718 if (wpa_s->current_ssid) { 719 wpa_supplicant_deauthenticate(wpa_s, 720 WLAN_REASON_DEAUTH_LEAVING); 721 } 722 723 /* 724 * TODO: should notify EAPOL SM about changes in opensc_engine_path, 725 * pkcs11_engine_path, pkcs11_module_path. 726 */ 727 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 728 /* 729 * Clear forced success to clear EAP state for next 730 * authentication. 731 */ 732 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 733 } 734 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 735 wpa_sm_set_config(wpa_s->wpa, NULL); 736 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); 737 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 738 rsn_preauth_deinit(wpa_s->wpa); 739 740 old_ap_scan = wpa_s->conf->ap_scan; 741 wpa_config_free(wpa_s->conf); 742 wpa_s->conf = conf; 743 if (old_ap_scan != wpa_s->conf->ap_scan) 744 wpas_notify_ap_scan_changed(wpa_s); 745 746 if (reconf_ctrl) 747 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 748 749 wpa_supplicant_update_config(wpa_s); 750 751 wpa_supplicant_clear_status(wpa_s); 752 if (wpa_supplicant_enabled_networks(wpa_s->conf)) { 753 wpa_s->reassociate = 1; 754 wpa_supplicant_req_scan(wpa_s, 0, 0); 755 } 756 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); 757 return 0; 758 } 759 760 761 static void wpa_supplicant_reconfig(int sig, void *signal_ctx) 762 { 763 struct wpa_global *global = signal_ctx; 764 struct wpa_supplicant *wpa_s; 765 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 766 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", 767 sig); 768 if (wpa_supplicant_reload_configuration(wpa_s) < 0) { 769 wpa_supplicant_terminate_proc(global); 770 } 771 } 772 } 773 774 775 enum wpa_cipher cipher_suite2driver(int cipher) 776 { 777 switch (cipher) { 778 case WPA_CIPHER_NONE: 779 return CIPHER_NONE; 780 case WPA_CIPHER_WEP40: 781 return CIPHER_WEP40; 782 case WPA_CIPHER_WEP104: 783 return CIPHER_WEP104; 784 case WPA_CIPHER_CCMP: 785 return CIPHER_CCMP; 786 case WPA_CIPHER_TKIP: 787 default: 788 return CIPHER_TKIP; 789 } 790 } 791 792 793 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt) 794 { 795 switch (key_mgmt) { 796 case WPA_KEY_MGMT_NONE: 797 return KEY_MGMT_NONE; 798 case WPA_KEY_MGMT_IEEE8021X_NO_WPA: 799 return KEY_MGMT_802_1X_NO_WPA; 800 case WPA_KEY_MGMT_IEEE8021X: 801 return KEY_MGMT_802_1X; 802 case WPA_KEY_MGMT_WPA_NONE: 803 return KEY_MGMT_WPA_NONE; 804 case WPA_KEY_MGMT_FT_IEEE8021X: 805 return KEY_MGMT_FT_802_1X; 806 case WPA_KEY_MGMT_FT_PSK: 807 return KEY_MGMT_FT_PSK; 808 case WPA_KEY_MGMT_IEEE8021X_SHA256: 809 return KEY_MGMT_802_1X_SHA256; 810 case WPA_KEY_MGMT_PSK_SHA256: 811 return KEY_MGMT_PSK_SHA256; 812 case WPA_KEY_MGMT_WPS: 813 return KEY_MGMT_WPS; 814 case WPA_KEY_MGMT_PSK: 815 default: 816 return KEY_MGMT_PSK; 817 } 818 } 819 820 821 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, 822 struct wpa_ssid *ssid, 823 struct wpa_ie_data *ie) 824 { 825 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); 826 if (ret) { 827 if (ret == -2) { 828 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " 829 "from association info"); 830 } 831 return -1; 832 } 833 834 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " 835 "cipher suites"); 836 if (!(ie->group_cipher & ssid->group_cipher)) { 837 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " 838 "cipher 0x%x (mask 0x%x) - reject", 839 ie->group_cipher, ssid->group_cipher); 840 return -1; 841 } 842 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { 843 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " 844 "cipher 0x%x (mask 0x%x) - reject", 845 ie->pairwise_cipher, ssid->pairwise_cipher); 846 return -1; 847 } 848 if (!(ie->key_mgmt & ssid->key_mgmt)) { 849 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " 850 "management 0x%x (mask 0x%x) - reject", 851 ie->key_mgmt, ssid->key_mgmt); 852 return -1; 853 } 854 855 #ifdef CONFIG_IEEE80211W 856 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && 857 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) { 858 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " 859 "that does not support management frame protection - " 860 "reject"); 861 return -1; 862 } 863 #endif /* CONFIG_IEEE80211W */ 864 865 return 0; 866 } 867 868 869 /** 870 * wpa_supplicant_set_suites - Set authentication and encryption parameters 871 * @wpa_s: Pointer to wpa_supplicant data 872 * @bss: Scan results for the selected BSS, or %NULL if not available 873 * @ssid: Configuration data for the selected network 874 * @wpa_ie: Buffer for the WPA/RSN IE 875 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the 876 * used buffer length in case the functions returns success. 877 * Returns: 0 on success or -1 on failure 878 * 879 * This function is used to configure authentication and encryption parameters 880 * based on the network configuration and scan result for the selected BSS (if 881 * available). 882 */ 883 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, 884 struct wpa_bss *bss, struct wpa_ssid *ssid, 885 u8 *wpa_ie, size_t *wpa_ie_len) 886 { 887 struct wpa_ie_data ie; 888 int sel, proto; 889 const u8 *bss_wpa, *bss_rsn; 890 891 if (bss) { 892 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 893 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 894 } else 895 bss_wpa = bss_rsn = NULL; 896 897 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && 898 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && 899 (ie.group_cipher & ssid->group_cipher) && 900 (ie.pairwise_cipher & ssid->pairwise_cipher) && 901 (ie.key_mgmt & ssid->key_mgmt)) { 902 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); 903 proto = WPA_PROTO_RSN; 904 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && 905 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 && 906 (ie.group_cipher & ssid->group_cipher) && 907 (ie.pairwise_cipher & ssid->pairwise_cipher) && 908 (ie.key_mgmt & ssid->key_mgmt)) { 909 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); 910 proto = WPA_PROTO_WPA; 911 } else if (bss) { 912 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); 913 return -1; 914 } else { 915 if (ssid->proto & WPA_PROTO_RSN) 916 proto = WPA_PROTO_RSN; 917 else 918 proto = WPA_PROTO_WPA; 919 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { 920 os_memset(&ie, 0, sizeof(ie)); 921 ie.group_cipher = ssid->group_cipher; 922 ie.pairwise_cipher = ssid->pairwise_cipher; 923 ie.key_mgmt = ssid->key_mgmt; 924 #ifdef CONFIG_IEEE80211W 925 ie.mgmt_group_cipher = 926 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ? 927 WPA_CIPHER_AES_128_CMAC : 0; 928 #endif /* CONFIG_IEEE80211W */ 929 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " 930 "based on configuration"); 931 } else 932 proto = ie.proto; 933 } 934 935 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " 936 "pairwise %d key_mgmt %d proto %d", 937 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); 938 #ifdef CONFIG_IEEE80211W 939 if (ssid->ieee80211w) { 940 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", 941 ie.mgmt_group_cipher); 942 } 943 #endif /* CONFIG_IEEE80211W */ 944 945 wpa_s->wpa_proto = proto; 946 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); 947 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 948 !!(ssid->proto & WPA_PROTO_RSN)); 949 950 if (bss || !wpa_s->ap_ies_from_associnfo) { 951 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, 952 bss_wpa ? 2 + bss_wpa[1] : 0) || 953 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, 954 bss_rsn ? 2 + bss_rsn[1] : 0)) 955 return -1; 956 } 957 958 sel = ie.group_cipher & ssid->group_cipher; 959 if (sel & WPA_CIPHER_CCMP) { 960 wpa_s->group_cipher = WPA_CIPHER_CCMP; 961 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP"); 962 } else if (sel & WPA_CIPHER_TKIP) { 963 wpa_s->group_cipher = WPA_CIPHER_TKIP; 964 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP"); 965 } else if (sel & WPA_CIPHER_WEP104) { 966 wpa_s->group_cipher = WPA_CIPHER_WEP104; 967 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104"); 968 } else if (sel & WPA_CIPHER_WEP40) { 969 wpa_s->group_cipher = WPA_CIPHER_WEP40; 970 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40"); 971 } else { 972 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " 973 "cipher"); 974 return -1; 975 } 976 977 sel = ie.pairwise_cipher & ssid->pairwise_cipher; 978 if (sel & WPA_CIPHER_CCMP) { 979 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; 980 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP"); 981 } else if (sel & WPA_CIPHER_TKIP) { 982 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; 983 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP"); 984 } else if (sel & WPA_CIPHER_NONE) { 985 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 986 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE"); 987 } else { 988 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " 989 "cipher"); 990 return -1; 991 } 992 993 sel = ie.key_mgmt & ssid->key_mgmt; 994 if (0) { 995 #ifdef CONFIG_IEEE80211R 996 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) { 997 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; 998 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); 999 } else if (sel & WPA_KEY_MGMT_FT_PSK) { 1000 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; 1001 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); 1002 #endif /* CONFIG_IEEE80211R */ 1003 #ifdef CONFIG_IEEE80211W 1004 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { 1005 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; 1006 wpa_dbg(wpa_s, MSG_DEBUG, 1007 "WPA: using KEY_MGMT 802.1X with SHA256"); 1008 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { 1009 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; 1010 wpa_dbg(wpa_s, MSG_DEBUG, 1011 "WPA: using KEY_MGMT PSK with SHA256"); 1012 #endif /* CONFIG_IEEE80211W */ 1013 } else if (sel & WPA_KEY_MGMT_IEEE8021X) { 1014 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; 1015 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); 1016 } else if (sel & WPA_KEY_MGMT_PSK) { 1017 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 1018 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); 1019 } else if (sel & WPA_KEY_MGMT_WPA_NONE) { 1020 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; 1021 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); 1022 } else { 1023 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " 1024 "authenticated key management type"); 1025 return -1; 1026 } 1027 1028 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 1029 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 1030 wpa_s->pairwise_cipher); 1031 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 1032 1033 #ifdef CONFIG_IEEE80211W 1034 sel = ie.mgmt_group_cipher; 1035 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION || 1036 !(ie.capabilities & WPA_CAPABILITY_MFPC)) 1037 sel = 0; 1038 if (sel & WPA_CIPHER_AES_128_CMAC) { 1039 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; 1040 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1041 "AES-128-CMAC"); 1042 } else { 1043 wpa_s->mgmt_group_cipher = 0; 1044 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); 1045 } 1046 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 1047 wpa_s->mgmt_group_cipher); 1048 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w); 1049 #endif /* CONFIG_IEEE80211W */ 1050 1051 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { 1052 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE"); 1053 return -1; 1054 } 1055 1056 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { 1057 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN); 1058 #ifndef CONFIG_NO_PBKDF2 1059 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && 1060 ssid->passphrase) { 1061 u8 psk[PMK_LEN]; 1062 pbkdf2_sha1(ssid->passphrase, (char *) bss->ssid, 1063 bss->ssid_len, 4096, psk, PMK_LEN); 1064 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", 1065 psk, PMK_LEN); 1066 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); 1067 } 1068 #endif /* CONFIG_NO_PBKDF2 */ 1069 } else 1070 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 1071 1072 return 0; 1073 } 1074 1075 1076 /** 1077 * wpa_supplicant_associate - Request association 1078 * @wpa_s: Pointer to wpa_supplicant data 1079 * @bss: Scan results for the selected BSS, or %NULL if not available 1080 * @ssid: Configuration data for the selected network 1081 * 1082 * This function is used to request %wpa_supplicant to associate with a BSS. 1083 */ 1084 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, 1085 struct wpa_bss *bss, struct wpa_ssid *ssid) 1086 { 1087 u8 wpa_ie[200]; 1088 size_t wpa_ie_len; 1089 int use_crypt, ret, i, bssid_changed; 1090 int algs = WPA_AUTH_ALG_OPEN; 1091 enum wpa_cipher cipher_pairwise, cipher_group; 1092 struct wpa_driver_associate_params params; 1093 int wep_keys_set = 0; 1094 struct wpa_driver_capa capa; 1095 int assoc_failed = 0; 1096 struct wpa_ssid *old_ssid; 1097 #ifdef CONFIG_HT_OVERRIDES 1098 struct ieee80211_ht_capabilities htcaps; 1099 struct ieee80211_ht_capabilities htcaps_mask; 1100 #endif /* CONFIG_HT_OVERRIDES */ 1101 1102 #ifdef CONFIG_IBSS_RSN 1103 ibss_rsn_deinit(wpa_s->ibss_rsn); 1104 wpa_s->ibss_rsn = NULL; 1105 #endif /* CONFIG_IBSS_RSN */ 1106 #ifdef ANDROID_P2P 1107 int freq = 0; 1108 #endif 1109 1110 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || 1111 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 1112 #ifdef CONFIG_AP 1113 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { 1114 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " 1115 "mode"); 1116 return; 1117 } 1118 wpa_supplicant_create_ap(wpa_s, ssid); 1119 wpa_s->current_bss = bss; 1120 #else /* CONFIG_AP */ 1121 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " 1122 "the build"); 1123 #endif /* CONFIG_AP */ 1124 return; 1125 } 1126 1127 #ifdef CONFIG_TDLS 1128 if (bss) 1129 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1), 1130 bss->ie_len); 1131 #endif /* CONFIG_TDLS */ 1132 1133 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 1134 ssid->mode == IEEE80211_MODE_INFRA) { 1135 sme_authenticate(wpa_s, bss, ssid); 1136 return; 1137 } 1138 1139 os_memset(¶ms, 0, sizeof(params)); 1140 wpa_s->reassociate = 0; 1141 if (bss && !wpas_driver_bss_selection(wpa_s)) { 1142 #ifdef CONFIG_IEEE80211R 1143 const u8 *ie, *md = NULL; 1144 #endif /* CONFIG_IEEE80211R */ 1145 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR 1146 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), 1147 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); 1148 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 1149 os_memset(wpa_s->bssid, 0, ETH_ALEN); 1150 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 1151 if (bssid_changed) 1152 wpas_notify_bssid_changed(wpa_s); 1153 #ifdef CONFIG_IEEE80211R 1154 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 1155 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) 1156 md = ie + 2; 1157 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); 1158 if (md) { 1159 /* Prepare for the next transition */ 1160 wpa_ft_prepare_auth_request(wpa_s->wpa, ie); 1161 } 1162 #endif /* CONFIG_IEEE80211R */ 1163 #ifdef CONFIG_WPS 1164 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && 1165 wpa_s->conf->ap_scan == 2 && 1166 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 1167 /* Use ap_scan==1 style network selection to find the network 1168 */ 1169 wpa_s->scan_req = 2; 1170 wpa_s->reassociate = 1; 1171 wpa_supplicant_req_scan(wpa_s, 0, 0); 1172 return; 1173 #endif /* CONFIG_WPS */ 1174 } else { 1175 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", 1176 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 1177 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 1178 } 1179 wpa_supplicant_cancel_sched_scan(wpa_s); 1180 wpa_supplicant_cancel_scan(wpa_s); 1181 1182 /* Starting new association, so clear the possibly used WPA IE from the 1183 * previous association. */ 1184 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 1185 1186 #ifdef IEEE8021X_EAPOL 1187 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 1188 if (ssid->leap) { 1189 if (ssid->non_leap == 0) 1190 algs = WPA_AUTH_ALG_LEAP; 1191 else 1192 algs |= WPA_AUTH_ALG_LEAP; 1193 } 1194 } 1195 #endif /* IEEE8021X_EAPOL */ 1196 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); 1197 if (ssid->auth_alg) { 1198 algs = ssid->auth_alg; 1199 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: " 1200 "0x%x", algs); 1201 } 1202 1203 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || 1204 wpa_bss_get_ie(bss, WLAN_EID_RSN)) && 1205 wpa_key_mgmt_wpa(ssid->key_mgmt)) { 1206 int try_opportunistic; 1207 try_opportunistic = ssid->proactive_key_caching && 1208 (ssid->proto & WPA_PROTO_RSN); 1209 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, 1210 wpa_s->current_ssid, 1211 try_opportunistic) == 0) 1212 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); 1213 wpa_ie_len = sizeof(wpa_ie); 1214 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 1215 wpa_ie, &wpa_ie_len)) { 1216 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 1217 "key management and encryption suites"); 1218 return; 1219 } 1220 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { 1221 wpa_ie_len = sizeof(wpa_ie); 1222 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, 1223 wpa_ie, &wpa_ie_len)) { 1224 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 1225 "key management and encryption suites (no " 1226 "scan results)"); 1227 return; 1228 } 1229 #ifdef CONFIG_WPS 1230 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { 1231 struct wpabuf *wps_ie; 1232 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); 1233 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) { 1234 wpa_ie_len = wpabuf_len(wps_ie); 1235 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); 1236 } else 1237 wpa_ie_len = 0; 1238 wpabuf_free(wps_ie); 1239 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 1240 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) 1241 params.wps = WPS_MODE_PRIVACY; 1242 else 1243 params.wps = WPS_MODE_OPEN; 1244 wpa_s->wpa_proto = 0; 1245 #endif /* CONFIG_WPS */ 1246 } else { 1247 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 1248 wpa_ie_len = 0; 1249 wpa_s->wpa_proto = 0; 1250 } 1251 1252 #ifdef CONFIG_P2P 1253 if (wpa_s->global->p2p) { 1254 u8 *pos; 1255 size_t len; 1256 int res; 1257 int p2p_group; 1258 p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE; 1259 pos = wpa_ie + wpa_ie_len; 1260 len = sizeof(wpa_ie) - wpa_ie_len; 1261 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group); 1262 if (res >= 0) 1263 wpa_ie_len += res; 1264 } 1265 1266 wpa_s->cross_connect_disallowed = 0; 1267 if (bss) { 1268 struct wpabuf *p2p; 1269 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); 1270 if (p2p) { 1271 wpa_s->cross_connect_disallowed = 1272 p2p_get_cross_connect_disallowed(p2p); 1273 wpabuf_free(p2p); 1274 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " 1275 "connection", 1276 wpa_s->cross_connect_disallowed ? 1277 "disallows" : "allows"); 1278 } 1279 } 1280 #endif /* CONFIG_P2P */ 1281 1282 #ifdef CONFIG_INTERWORKING 1283 if (wpa_s->conf->interworking) { 1284 u8 *pos = wpa_ie; 1285 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) 1286 pos += 2 + pos[1]; 1287 os_memmove(pos + 6, pos, wpa_ie_len - (pos - wpa_ie)); 1288 wpa_ie_len += 6; 1289 *pos++ = WLAN_EID_EXT_CAPAB; 1290 *pos++ = 4; 1291 *pos++ = 0x00; 1292 *pos++ = 0x00; 1293 *pos++ = 0x00; 1294 *pos++ = 0x80; /* Bit 31 - Interworking */ 1295 } 1296 #endif /* CONFIG_INTERWORKING */ 1297 1298 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); 1299 use_crypt = 1; 1300 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher); 1301 cipher_group = cipher_suite2driver(wpa_s->group_cipher); 1302 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1303 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 1304 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) 1305 use_crypt = 0; 1306 if (wpa_set_wep_keys(wpa_s, ssid)) { 1307 use_crypt = 1; 1308 wep_keys_set = 1; 1309 } 1310 } 1311 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) 1312 use_crypt = 0; 1313 1314 #ifdef IEEE8021X_EAPOL 1315 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 1316 if ((ssid->eapol_flags & 1317 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 1318 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && 1319 !wep_keys_set) { 1320 use_crypt = 0; 1321 } else { 1322 /* Assume that dynamic WEP-104 keys will be used and 1323 * set cipher suites in order for drivers to expect 1324 * encryption. */ 1325 cipher_pairwise = cipher_group = CIPHER_WEP104; 1326 } 1327 } 1328 #endif /* IEEE8021X_EAPOL */ 1329 1330 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 1331 /* Set the key before (and later after) association */ 1332 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 1333 } 1334 1335 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); 1336 if (bss) { 1337 params.ssid = bss->ssid; 1338 params.ssid_len = bss->ssid_len; 1339 if (!wpas_driver_bss_selection(wpa_s)) { 1340 params.bssid = bss->bssid; 1341 params.freq = bss->freq; 1342 } 1343 } else { 1344 params.ssid = ssid->ssid; 1345 params.ssid_len = ssid->ssid_len; 1346 } 1347 1348 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && 1349 wpa_s->conf->ap_scan == 2) { 1350 params.bssid = ssid->bssid; 1351 params.fixed_bssid = 1; 1352 } 1353 1354 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 && 1355 params.freq == 0) 1356 params.freq = ssid->frequency; /* Initial channel for IBSS */ 1357 params.wpa_ie = wpa_ie; 1358 params.wpa_ie_len = wpa_ie_len; 1359 params.pairwise_suite = cipher_pairwise; 1360 params.group_suite = cipher_group; 1361 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 1362 params.wpa_proto = wpa_s->wpa_proto; 1363 params.auth_alg = algs; 1364 params.mode = ssid->mode; 1365 for (i = 0; i < NUM_WEP_KEYS; i++) { 1366 if (ssid->wep_key_len[i]) 1367 params.wep_key[i] = ssid->wep_key[i]; 1368 params.wep_key_len[i] = ssid->wep_key_len[i]; 1369 } 1370 params.wep_tx_keyidx = ssid->wep_tx_keyidx; 1371 1372 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1373 (params.key_mgmt_suite == KEY_MGMT_PSK || 1374 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) { 1375 params.passphrase = ssid->passphrase; 1376 if (ssid->psk_set) 1377 params.psk = ssid->psk; 1378 } 1379 1380 params.drop_unencrypted = use_crypt; 1381 1382 #ifdef CONFIG_IEEE80211W 1383 params.mgmt_frame_protection = ssid->ieee80211w; 1384 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) { 1385 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 1386 struct wpa_ie_data ie; 1387 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && 1388 ie.capabilities & 1389 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { 1390 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " 1391 "MFP: require MFP"); 1392 params.mgmt_frame_protection = 1393 MGMT_FRAME_PROTECTION_REQUIRED; 1394 } 1395 } 1396 #endif /* CONFIG_IEEE80211W */ 1397 1398 params.p2p = ssid->p2p_group; 1399 1400 if (wpa_s->parent->set_sta_uapsd) 1401 params.uapsd = wpa_s->parent->sta_uapsd; 1402 else 1403 params.uapsd = -1; 1404 1405 #ifdef CONFIG_HT_OVERRIDES 1406 os_memset(&htcaps, 0, sizeof(htcaps)); 1407 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); 1408 params.htcaps = (u8 *) &htcaps; 1409 params.htcaps_mask = (u8 *) &htcaps_mask; 1410 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); 1411 #endif /* CONFIG_HT_OVERRIDES */ 1412 1413 #ifdef ANDROID_P2P 1414 /* If multichannel concurrency is not supported, check for any frequency 1415 * conflict and take appropriate action. 1416 */ 1417 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MULTI_CHANNEL_CONCURRENT) && 1418 ((freq = wpa_drv_shared_freq(wpa_s)) > 0) && (freq != params.freq)) { 1419 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)" 1420 , freq, params.freq); 1421 if (wpas_p2p_handle_frequency_conflicts(wpa_s, params.freq) < 0) { 1422 /* Handling conflicts failed. Disable the current connect req and 1423 * notify the userspace to take appropriate action */ 1424 wpa_printf(MSG_DEBUG, "proiritize is not set. Notifying user space to handle the case"); 1425 wpa_supplicant_disable_network(wpa_s, ssid); 1426 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_FREQ_CONFLICT 1427 " id=%d", ssid->id); 1428 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 1429 return; 1430 } 1431 } 1432 #endif 1433 ret = wpa_drv_associate(wpa_s, ¶ms); 1434 if (ret < 0) { 1435 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " 1436 "failed"); 1437 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) { 1438 /* 1439 * The driver is known to mean what is saying, so we 1440 * can stop right here; the association will not 1441 * succeed. 1442 */ 1443 wpas_connection_failed(wpa_s, wpa_s->pending_bssid); 1444 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 1445 return; 1446 } 1447 /* try to continue anyway; new association will be tried again 1448 * after timeout */ 1449 assoc_failed = 1; 1450 } 1451 1452 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 1453 /* Set the key after the association just in case association 1454 * cleared the previously configured key. */ 1455 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 1456 /* No need to timeout authentication since there is no key 1457 * management. */ 1458 wpa_supplicant_cancel_auth_timeout(wpa_s); 1459 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1460 #ifdef CONFIG_IBSS_RSN 1461 } else if (ssid->mode == WPAS_MODE_IBSS && 1462 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 1463 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 1464 /* 1465 * RSN IBSS authentication is per-STA and we can disable the 1466 * per-BSSID authentication. 1467 */ 1468 wpa_supplicant_cancel_auth_timeout(wpa_s); 1469 #endif /* CONFIG_IBSS_RSN */ 1470 } else { 1471 /* Timeout for IEEE 802.11 authentication and association */ 1472 int timeout = 60; 1473 1474 if (assoc_failed) { 1475 /* give IBSS a bit more time */ 1476 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; 1477 } else if (wpa_s->conf->ap_scan == 1) { 1478 /* give IBSS a bit more time */ 1479 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; 1480 } 1481 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 1482 } 1483 1484 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 && 1485 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) { 1486 /* Set static WEP keys again */ 1487 wpa_set_wep_keys(wpa_s, ssid); 1488 } 1489 1490 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { 1491 /* 1492 * Do not allow EAP session resumption between different 1493 * network configurations. 1494 */ 1495 eapol_sm_invalidate_cached_session(wpa_s->eapol); 1496 } 1497 old_ssid = wpa_s->current_ssid; 1498 wpa_s->current_ssid = ssid; 1499 wpa_s->current_bss = bss; 1500 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 1501 wpa_supplicant_initiate_eapol(wpa_s); 1502 if (old_ssid != wpa_s->current_ssid) 1503 wpas_notify_network_changed(wpa_s); 1504 } 1505 1506 1507 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, 1508 const u8 *addr) 1509 { 1510 struct wpa_ssid *old_ssid; 1511 1512 wpa_clear_keys(wpa_s, addr); 1513 wpa_supplicant_mark_disassoc(wpa_s); 1514 old_ssid = wpa_s->current_ssid; 1515 wpa_s->current_ssid = NULL; 1516 wpa_s->current_bss = NULL; 1517 wpa_sm_set_config(wpa_s->wpa, NULL); 1518 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 1519 if (old_ssid != wpa_s->current_ssid) 1520 wpas_notify_network_changed(wpa_s); 1521 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 1522 } 1523 1524 1525 /** 1526 * wpa_supplicant_disassociate - Disassociate the current connection 1527 * @wpa_s: Pointer to wpa_supplicant data 1528 * @reason_code: IEEE 802.11 reason code for the disassociate frame 1529 * 1530 * This function is used to request %wpa_supplicant to disassociate with the 1531 * current AP. 1532 */ 1533 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s, 1534 int reason_code) 1535 { 1536 u8 *addr = NULL; 1537 1538 if (!is_zero_ether_addr(wpa_s->bssid)) { 1539 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code); 1540 addr = wpa_s->bssid; 1541 } 1542 1543 wpa_supplicant_clear_connection(wpa_s, addr); 1544 } 1545 1546 1547 /** 1548 * wpa_supplicant_deauthenticate - Deauthenticate the current connection 1549 * @wpa_s: Pointer to wpa_supplicant data 1550 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame 1551 * 1552 * This function is used to request %wpa_supplicant to deauthenticate from the 1553 * current AP. 1554 */ 1555 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, 1556 int reason_code) 1557 { 1558 u8 *addr = NULL; 1559 1560 if (!is_zero_ether_addr(wpa_s->bssid)) { 1561 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code); 1562 addr = wpa_s->bssid; 1563 } 1564 1565 wpa_supplicant_clear_connection(wpa_s, addr); 1566 } 1567 1568 1569 /** 1570 * wpa_supplicant_enable_network - Mark a configured network as enabled 1571 * @wpa_s: wpa_supplicant structure for a network interface 1572 * @ssid: wpa_ssid structure for a configured network or %NULL 1573 * 1574 * Enables the specified network or all networks if no network specified. 1575 */ 1576 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, 1577 struct wpa_ssid *ssid) 1578 { 1579 struct wpa_ssid *other_ssid; 1580 int was_disabled; 1581 1582 if (ssid == NULL) { 1583 for (other_ssid = wpa_s->conf->ssid; other_ssid; 1584 other_ssid = other_ssid->next) { 1585 if (other_ssid->disabled == 2) 1586 continue; /* do not change persistent P2P group 1587 * data */ 1588 if (other_ssid == wpa_s->current_ssid && 1589 other_ssid->disabled) 1590 wpa_s->reassociate = 1; 1591 1592 was_disabled = other_ssid->disabled; 1593 1594 other_ssid->disabled = 0; 1595 1596 if (was_disabled != other_ssid->disabled) 1597 wpas_notify_network_enabled_changed( 1598 wpa_s, other_ssid); 1599 } 1600 if (wpa_s->reassociate) 1601 wpa_supplicant_req_scan(wpa_s, 0, 0); 1602 } else if (ssid->disabled && ssid->disabled != 2) { 1603 if (wpa_s->current_ssid == NULL) { 1604 /* 1605 * Try to reassociate since there is no current 1606 * configuration and a new network was made available. 1607 */ 1608 wpa_s->reassociate = 1; 1609 wpa_supplicant_req_scan(wpa_s, 0, 0); 1610 } 1611 1612 was_disabled = ssid->disabled; 1613 1614 ssid->disabled = 0; 1615 1616 if (was_disabled != ssid->disabled) 1617 wpas_notify_network_enabled_changed(wpa_s, ssid); 1618 } 1619 } 1620 1621 1622 /** 1623 * wpa_supplicant_disable_network - Mark a configured network as disabled 1624 * @wpa_s: wpa_supplicant structure for a network interface 1625 * @ssid: wpa_ssid structure for a configured network or %NULL 1626 * 1627 * Disables the specified network or all networks if no network specified. 1628 */ 1629 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, 1630 struct wpa_ssid *ssid) 1631 { 1632 struct wpa_ssid *other_ssid; 1633 int was_disabled; 1634 1635 if (ssid == NULL) { 1636 for (other_ssid = wpa_s->conf->ssid; other_ssid; 1637 other_ssid = other_ssid->next) { 1638 was_disabled = other_ssid->disabled; 1639 if (was_disabled == 2) 1640 continue; /* do not change persistent P2P group 1641 * data */ 1642 1643 other_ssid->disabled = 1; 1644 1645 if (was_disabled != other_ssid->disabled) 1646 wpas_notify_network_enabled_changed( 1647 wpa_s, other_ssid); 1648 } 1649 if (wpa_s->current_ssid) 1650 wpa_supplicant_disassociate( 1651 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1652 } else if (ssid->disabled != 2) { 1653 if (ssid == wpa_s->current_ssid) 1654 wpa_supplicant_disassociate( 1655 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1656 1657 was_disabled = ssid->disabled; 1658 1659 ssid->disabled = 1; 1660 1661 if (was_disabled != ssid->disabled) 1662 wpas_notify_network_enabled_changed(wpa_s, ssid); 1663 } 1664 } 1665 1666 1667 /** 1668 * wpa_supplicant_select_network - Attempt association with a network 1669 * @wpa_s: wpa_supplicant structure for a network interface 1670 * @ssid: wpa_ssid structure for a configured network or %NULL for any network 1671 */ 1672 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, 1673 struct wpa_ssid *ssid) 1674 { 1675 1676 struct wpa_ssid *other_ssid; 1677 int disconnected = 0; 1678 1679 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { 1680 wpa_supplicant_disassociate( 1681 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1682 disconnected = 1; 1683 } 1684 1685 /* 1686 * Mark all other networks disabled or mark all networks enabled if no 1687 * network specified. 1688 */ 1689 for (other_ssid = wpa_s->conf->ssid; other_ssid; 1690 other_ssid = other_ssid->next) { 1691 int was_disabled = other_ssid->disabled; 1692 if (was_disabled == 2) 1693 continue; /* do not change persistent P2P group data */ 1694 1695 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; 1696 1697 if (was_disabled != other_ssid->disabled) 1698 wpas_notify_network_enabled_changed(wpa_s, other_ssid); 1699 } 1700 1701 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) { 1702 /* We are already associated with the selected network */ 1703 wpa_printf(MSG_DEBUG, "Already associated with the " 1704 "selected network - do nothing"); 1705 return; 1706 } 1707 1708 if (ssid) 1709 wpa_s->current_ssid = ssid; 1710 wpa_s->connect_without_scan = NULL; 1711 wpa_s->disconnected = 0; 1712 wpa_s->reassociate = 1; 1713 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); 1714 1715 if (ssid) 1716 wpas_notify_network_selected(wpa_s, ssid); 1717 } 1718 1719 1720 /** 1721 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface 1722 * @wpa_s: wpa_supplicant structure for a network interface 1723 * @ap_scan: AP scan mode 1724 * Returns: 0 if succeed or -1 if ap_scan has an invalid value 1725 * 1726 */ 1727 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) 1728 { 1729 1730 int old_ap_scan; 1731 1732 if (ap_scan < 0 || ap_scan > 2) 1733 return -1; 1734 1735 #ifdef ANDROID 1736 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && 1737 wpa_s->wpa_state >= WPA_ASSOCIATING && 1738 wpa_s->wpa_state < WPA_COMPLETED) { 1739 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " 1740 "associating", wpa_s->conf->ap_scan, ap_scan); 1741 return 0; 1742 } 1743 #endif /* ANDROID */ 1744 1745 old_ap_scan = wpa_s->conf->ap_scan; 1746 wpa_s->conf->ap_scan = ap_scan; 1747 1748 if (old_ap_scan != wpa_s->conf->ap_scan) 1749 wpas_notify_ap_scan_changed(wpa_s); 1750 1751 return 0; 1752 } 1753 1754 1755 /** 1756 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age 1757 * @wpa_s: wpa_supplicant structure for a network interface 1758 * @expire_age: Expiration age in seconds 1759 * Returns: 0 if succeed or -1 if expire_age has an invalid value 1760 * 1761 */ 1762 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, 1763 unsigned int bss_expire_age) 1764 { 1765 if (bss_expire_age < 10) { 1766 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", 1767 bss_expire_age); 1768 return -1; 1769 } 1770 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", 1771 bss_expire_age); 1772 wpa_s->conf->bss_expiration_age = bss_expire_age; 1773 1774 return 0; 1775 } 1776 1777 1778 /** 1779 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count 1780 * @wpa_s: wpa_supplicant structure for a network interface 1781 * @expire_count: number of scans after which an unseen BSS is reclaimed 1782 * Returns: 0 if succeed or -1 if expire_count has an invalid value 1783 * 1784 */ 1785 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, 1786 unsigned int bss_expire_count) 1787 { 1788 if (bss_expire_count < 1) { 1789 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", 1790 bss_expire_count); 1791 return -1; 1792 } 1793 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", 1794 bss_expire_count); 1795 wpa_s->conf->bss_expiration_scan_count = bss_expire_count; 1796 1797 return 0; 1798 } 1799 1800 1801 /** 1802 * wpa_supplicant_set_debug_params - Set global debug params 1803 * @global: wpa_global structure 1804 * @debug_level: debug level 1805 * @debug_timestamp: determines if show timestamp in debug data 1806 * @debug_show_keys: determines if show keys in debug data 1807 * Returns: 0 if succeed or -1 if debug_level has wrong value 1808 */ 1809 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, 1810 int debug_timestamp, int debug_show_keys) 1811 { 1812 1813 int old_level, old_timestamp, old_show_keys; 1814 1815 /* check for allowed debuglevels */ 1816 if (debug_level != MSG_EXCESSIVE && 1817 debug_level != MSG_MSGDUMP && 1818 debug_level != MSG_DEBUG && 1819 debug_level != MSG_INFO && 1820 debug_level != MSG_WARNING && 1821 debug_level != MSG_ERROR) 1822 return -1; 1823 1824 old_level = wpa_debug_level; 1825 old_timestamp = wpa_debug_timestamp; 1826 old_show_keys = wpa_debug_show_keys; 1827 1828 wpa_debug_level = debug_level; 1829 wpa_debug_timestamp = debug_timestamp ? 1 : 0; 1830 wpa_debug_show_keys = debug_show_keys ? 1 : 0; 1831 1832 if (wpa_debug_level != old_level) 1833 wpas_notify_debug_level_changed(global); 1834 if (wpa_debug_timestamp != old_timestamp) 1835 wpas_notify_debug_timestamp_changed(global); 1836 if (wpa_debug_show_keys != old_show_keys) 1837 wpas_notify_debug_show_keys_changed(global); 1838 1839 return 0; 1840 } 1841 1842 1843 /** 1844 * wpa_supplicant_get_ssid - Get a pointer to the current network structure 1845 * @wpa_s: Pointer to wpa_supplicant data 1846 * Returns: A pointer to the current network structure or %NULL on failure 1847 */ 1848 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) 1849 { 1850 struct wpa_ssid *entry; 1851 u8 ssid[MAX_SSID_LEN]; 1852 int res; 1853 size_t ssid_len; 1854 u8 bssid[ETH_ALEN]; 1855 int wired; 1856 1857 res = wpa_drv_get_ssid(wpa_s, ssid); 1858 if (res < 0) { 1859 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " 1860 "driver"); 1861 return NULL; 1862 } 1863 ssid_len = res; 1864 1865 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { 1866 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " 1867 "driver"); 1868 return NULL; 1869 } 1870 1871 wired = wpa_s->conf->ap_scan == 0 && 1872 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); 1873 1874 entry = wpa_s->conf->ssid; 1875 while (entry) { 1876 if (!entry->disabled && 1877 ((ssid_len == entry->ssid_len && 1878 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) && 1879 (!entry->bssid_set || 1880 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 1881 return entry; 1882 #ifdef CONFIG_WPS 1883 if (!entry->disabled && 1884 (entry->key_mgmt & WPA_KEY_MGMT_WPS) && 1885 (entry->ssid == NULL || entry->ssid_len == 0) && 1886 (!entry->bssid_set || 1887 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 1888 return entry; 1889 #endif /* CONFIG_WPS */ 1890 1891 if (!entry->disabled && entry->bssid_set && 1892 entry->ssid_len == 0 && 1893 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0) 1894 return entry; 1895 1896 entry = entry->next; 1897 } 1898 1899 return NULL; 1900 } 1901 1902 1903 static int select_driver(struct wpa_supplicant *wpa_s, int i) 1904 { 1905 struct wpa_global *global = wpa_s->global; 1906 1907 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { 1908 global->drv_priv[i] = wpa_drivers[i]->global_init(); 1909 if (global->drv_priv[i] == NULL) { 1910 wpa_printf(MSG_ERROR, "Failed to initialize driver " 1911 "'%s'", wpa_drivers[i]->name); 1912 return -1; 1913 } 1914 } 1915 1916 wpa_s->driver = wpa_drivers[i]; 1917 wpa_s->global_drv_priv = global->drv_priv[i]; 1918 1919 return 0; 1920 } 1921 1922 1923 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, 1924 const char *name) 1925 { 1926 int i; 1927 size_t len; 1928 const char *pos, *driver = name; 1929 1930 if (wpa_s == NULL) 1931 return -1; 1932 1933 if (wpa_drivers[0] == NULL) { 1934 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " 1935 "wpa_supplicant"); 1936 return -1; 1937 } 1938 1939 if (name == NULL) { 1940 /* default to first driver in the list */ 1941 return select_driver(wpa_s, 0); 1942 } 1943 1944 do { 1945 pos = os_strchr(driver, ','); 1946 if (pos) 1947 len = pos - driver; 1948 else 1949 len = os_strlen(driver); 1950 1951 for (i = 0; wpa_drivers[i]; i++) { 1952 if (os_strlen(wpa_drivers[i]->name) == len && 1953 os_strncmp(driver, wpa_drivers[i]->name, len) == 1954 0) { 1955 /* First driver that succeeds wins */ 1956 if (select_driver(wpa_s, i) == 0) 1957 return 0; 1958 } 1959 } 1960 1961 driver = pos + 1; 1962 } while (pos); 1963 1964 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); 1965 return -1; 1966 } 1967 1968 1969 /** 1970 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant 1971 * @ctx: Context pointer (wpa_s); this is the ctx variable registered 1972 * with struct wpa_driver_ops::init() 1973 * @src_addr: Source address of the EAPOL frame 1974 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) 1975 * @len: Length of the EAPOL data 1976 * 1977 * This function is called for each received EAPOL frame. Most driver 1978 * interfaces rely on more generic OS mechanism for receiving frames through 1979 * l2_packet, but if such a mechanism is not available, the driver wrapper may 1980 * take care of received EAPOL frames and deliver them to the core supplicant 1981 * code by calling this function. 1982 */ 1983 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, 1984 const u8 *buf, size_t len) 1985 { 1986 struct wpa_supplicant *wpa_s = ctx; 1987 1988 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); 1989 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); 1990 1991 if (wpa_s->wpa_state < WPA_ASSOCIATED) { 1992 /* 1993 * There is possible race condition between receiving the 1994 * association event and the EAPOL frame since they are coming 1995 * through different paths from the driver. In order to avoid 1996 * issues in trying to process the EAPOL frame before receiving 1997 * association information, lets queue it for processing until 1998 * the association event is received. 1999 */ 2000 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing " 2001 "of received EAPOL frame"); 2002 wpabuf_free(wpa_s->pending_eapol_rx); 2003 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); 2004 if (wpa_s->pending_eapol_rx) { 2005 os_get_time(&wpa_s->pending_eapol_rx_time); 2006 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, 2007 ETH_ALEN); 2008 } 2009 return; 2010 } 2011 2012 #ifdef CONFIG_AP 2013 if (wpa_s->ap_iface) { 2014 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len); 2015 return; 2016 } 2017 #endif /* CONFIG_AP */ 2018 2019 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { 2020 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " 2021 "no key management is configured"); 2022 return; 2023 } 2024 2025 if (wpa_s->eapol_received == 0 && 2026 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) || 2027 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 2028 wpa_s->wpa_state != WPA_COMPLETED) && 2029 (wpa_s->current_ssid == NULL || 2030 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) { 2031 /* Timeout for completing IEEE 802.1X and WPA authentication */ 2032 wpa_supplicant_req_auth_timeout( 2033 wpa_s, 2034 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || 2035 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || 2036 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ? 2037 70 : 10, 0); 2038 } 2039 wpa_s->eapol_received++; 2040 2041 if (wpa_s->countermeasures) { 2042 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " 2043 "EAPOL packet"); 2044 return; 2045 } 2046 2047 #ifdef CONFIG_IBSS_RSN 2048 if (wpa_s->current_ssid && 2049 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { 2050 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len); 2051 return; 2052 } 2053 #endif /* CONFIG_IBSS_RSN */ 2054 2055 /* Source address of the incoming EAPOL frame could be compared to the 2056 * current BSSID. However, it is possible that a centralized 2057 * Authenticator could be using another MAC address than the BSSID of 2058 * an AP, so just allow any address to be used for now. The replies are 2059 * still sent to the current BSSID (if available), though. */ 2060 2061 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); 2062 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && 2063 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) 2064 return; 2065 wpa_drv_poll(wpa_s); 2066 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) 2067 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); 2068 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 2069 /* 2070 * Set portValid = TRUE here since we are going to skip 4-way 2071 * handshake processing which would normally set portValid. We 2072 * need this to allow the EAPOL state machines to be completed 2073 * without going through EAPOL-Key handshake. 2074 */ 2075 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 2076 } 2077 } 2078 2079 2080 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) 2081 { 2082 if (wpa_s->driver->send_eapol) { 2083 const u8 *addr = wpa_drv_get_mac_addr(wpa_s); 2084 if (addr) 2085 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); 2086 } else if (!(wpa_s->drv_flags & 2087 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { 2088 l2_packet_deinit(wpa_s->l2); 2089 wpa_s->l2 = l2_packet_init(wpa_s->ifname, 2090 wpa_drv_get_mac_addr(wpa_s), 2091 ETH_P_EAPOL, 2092 wpa_supplicant_rx_eapol, wpa_s, 0); 2093 if (wpa_s->l2 == NULL) 2094 return -1; 2095 } else { 2096 const u8 *addr = wpa_drv_get_mac_addr(wpa_s); 2097 if (addr) 2098 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); 2099 } 2100 2101 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { 2102 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address"); 2103 return -1; 2104 } 2105 2106 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, 2107 MAC2STR(wpa_s->own_addr)); 2108 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 2109 2110 return 0; 2111 } 2112 2113 2114 /** 2115 * wpa_supplicant_driver_init - Initialize driver interface parameters 2116 * @wpa_s: Pointer to wpa_supplicant data 2117 * Returns: 0 on success, -1 on failure 2118 * 2119 * This function is called to initialize driver interface parameters. 2120 * wpa_drv_init() must have been called before this function to initialize the 2121 * driver interface. 2122 */ 2123 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) 2124 { 2125 static int interface_count = 0; 2126 2127 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) 2128 return -1; 2129 2130 if (wpa_s->bridge_ifname[0]) { 2131 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " 2132 "interface '%s'", wpa_s->bridge_ifname); 2133 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname, 2134 wpa_s->own_addr, 2135 ETH_P_EAPOL, 2136 wpa_supplicant_rx_eapol, wpa_s, 2137 0); 2138 if (wpa_s->l2_br == NULL) { 2139 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " 2140 "connection for the bridge interface '%s'", 2141 wpa_s->bridge_ifname); 2142 return -1; 2143 } 2144 } 2145 2146 wpa_clear_keys(wpa_s, NULL); 2147 2148 /* Make sure that TKIP countermeasures are not left enabled (could 2149 * happen if wpa_supplicant is killed during countermeasures. */ 2150 wpa_drv_set_countermeasures(wpa_s, 0); 2151 2152 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); 2153 wpa_drv_flush_pmkid(wpa_s); 2154 2155 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; 2156 wpa_s->prev_scan_wildcard = 0; 2157 2158 if (wpa_supplicant_enabled_networks(wpa_s->conf)) { 2159 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count, 2160 100000)) 2161 wpa_supplicant_req_scan(wpa_s, interface_count, 2162 100000); 2163 interface_count++; 2164 } else 2165 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 2166 2167 return 0; 2168 } 2169 2170 2171 static int wpa_supplicant_daemon(const char *pid_file) 2172 { 2173 wpa_printf(MSG_DEBUG, "Daemonize.."); 2174 return os_daemonize(pid_file); 2175 } 2176 2177 2178 static struct wpa_supplicant * wpa_supplicant_alloc(void) 2179 { 2180 struct wpa_supplicant *wpa_s; 2181 2182 wpa_s = os_zalloc(sizeof(*wpa_s)); 2183 if (wpa_s == NULL) 2184 return NULL; 2185 wpa_s->scan_req = 1; 2186 wpa_s->scan_interval = 5; 2187 wpa_s->new_connection = 1; 2188 wpa_s->parent = wpa_s; 2189 wpa_s->sched_scanning = 0; 2190 2191 return wpa_s; 2192 } 2193 2194 2195 #ifdef CONFIG_HT_OVERRIDES 2196 2197 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, 2198 struct ieee80211_ht_capabilities *htcaps, 2199 struct ieee80211_ht_capabilities *htcaps_mask, 2200 const char *ht_mcs) 2201 { 2202 /* parse ht_mcs into hex array */ 2203 int i; 2204 const char *tmp = ht_mcs; 2205 char *end = NULL; 2206 2207 /* If ht_mcs is null, do not set anything */ 2208 if (!ht_mcs) 2209 return 0; 2210 2211 /* This is what we are setting in the kernel */ 2212 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); 2213 2214 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); 2215 2216 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { 2217 errno = 0; 2218 long v = strtol(tmp, &end, 16); 2219 if (errno == 0) { 2220 wpa_msg(wpa_s, MSG_DEBUG, 2221 "htcap value[%i]: %ld end: %p tmp: %p", 2222 i, v, end, tmp); 2223 if (end == tmp) 2224 break; 2225 2226 htcaps->supported_mcs_set[i] = v; 2227 tmp = end; 2228 } else { 2229 wpa_msg(wpa_s, MSG_ERROR, 2230 "Failed to parse ht-mcs: %s, error: %s\n", 2231 ht_mcs, strerror(errno)); 2232 return -1; 2233 } 2234 } 2235 2236 /* 2237 * If we were able to parse any values, then set mask for the MCS set. 2238 */ 2239 if (i) { 2240 os_memset(&htcaps_mask->supported_mcs_set, 0xff, 2241 IEEE80211_HT_MCS_MASK_LEN - 1); 2242 /* skip the 3 reserved bits */ 2243 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = 2244 0x1f; 2245 } 2246 2247 return 0; 2248 } 2249 2250 2251 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, 2252 struct ieee80211_ht_capabilities *htcaps, 2253 struct ieee80211_ht_capabilities *htcaps_mask, 2254 int disabled) 2255 { 2256 u16 msk; 2257 2258 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); 2259 2260 if (disabled == -1) 2261 return 0; 2262 2263 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); 2264 htcaps_mask->ht_capabilities_info |= msk; 2265 if (disabled) 2266 htcaps->ht_capabilities_info &= msk; 2267 else 2268 htcaps->ht_capabilities_info |= msk; 2269 2270 return 0; 2271 } 2272 2273 2274 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, 2275 struct ieee80211_ht_capabilities *htcaps, 2276 struct ieee80211_ht_capabilities *htcaps_mask, 2277 int factor) 2278 { 2279 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); 2280 2281 if (factor == -1) 2282 return 0; 2283 2284 if (factor < 0 || factor > 3) { 2285 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " 2286 "Must be 0-3 or -1", factor); 2287 return -EINVAL; 2288 } 2289 2290 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ 2291 htcaps->a_mpdu_params &= ~0x3; 2292 htcaps->a_mpdu_params |= factor & 0x3; 2293 2294 return 0; 2295 } 2296 2297 2298 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, 2299 struct ieee80211_ht_capabilities *htcaps, 2300 struct ieee80211_ht_capabilities *htcaps_mask, 2301 int density) 2302 { 2303 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); 2304 2305 if (density == -1) 2306 return 0; 2307 2308 if (density < 0 || density > 7) { 2309 wpa_msg(wpa_s, MSG_ERROR, 2310 "ampdu_density: %d out of range. Must be 0-7 or -1.", 2311 density); 2312 return -EINVAL; 2313 } 2314 2315 htcaps_mask->a_mpdu_params |= 0x1C; 2316 htcaps->a_mpdu_params &= ~(0x1C); 2317 htcaps->a_mpdu_params |= (density << 2) & 0x1C; 2318 2319 return 0; 2320 } 2321 2322 2323 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, 2324 struct ieee80211_ht_capabilities *htcaps, 2325 struct ieee80211_ht_capabilities *htcaps_mask, 2326 int disabled) 2327 { 2328 /* Masking these out disables HT40 */ 2329 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET | 2330 HT_CAP_INFO_SHORT_GI40MHZ); 2331 2332 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); 2333 2334 if (disabled) 2335 htcaps->ht_capabilities_info &= ~msk; 2336 else 2337 htcaps->ht_capabilities_info |= msk; 2338 2339 htcaps_mask->ht_capabilities_info |= msk; 2340 2341 return 0; 2342 } 2343 2344 2345 void wpa_supplicant_apply_ht_overrides( 2346 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 2347 struct wpa_driver_associate_params *params) 2348 { 2349 struct ieee80211_ht_capabilities *htcaps; 2350 struct ieee80211_ht_capabilities *htcaps_mask; 2351 2352 if (!ssid) 2353 return; 2354 2355 params->disable_ht = ssid->disable_ht; 2356 if (!params->htcaps || !params->htcaps_mask) 2357 return; 2358 2359 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; 2360 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; 2361 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); 2362 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, 2363 ssid->disable_max_amsdu); 2364 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); 2365 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); 2366 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); 2367 } 2368 2369 #endif /* CONFIG_HT_OVERRIDES */ 2370 2371 2372 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, 2373 struct wpa_interface *iface) 2374 { 2375 const char *ifname, *driver; 2376 struct wpa_driver_capa capa; 2377 2378 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " 2379 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, 2380 iface->confname ? iface->confname : "N/A", 2381 iface->driver ? iface->driver : "default", 2382 iface->ctrl_interface ? iface->ctrl_interface : "N/A", 2383 iface->bridge_ifname ? iface->bridge_ifname : "N/A"); 2384 2385 if (iface->confname) { 2386 #ifdef CONFIG_BACKEND_FILE 2387 wpa_s->confname = os_rel2abs_path(iface->confname); 2388 if (wpa_s->confname == NULL) { 2389 wpa_printf(MSG_ERROR, "Failed to get absolute path " 2390 "for configuration file '%s'.", 2391 iface->confname); 2392 return -1; 2393 } 2394 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", 2395 iface->confname, wpa_s->confname); 2396 #else /* CONFIG_BACKEND_FILE */ 2397 wpa_s->confname = os_strdup(iface->confname); 2398 #endif /* CONFIG_BACKEND_FILE */ 2399 wpa_s->conf = wpa_config_read(wpa_s->confname); 2400 if (wpa_s->conf == NULL) { 2401 wpa_printf(MSG_ERROR, "Failed to read or parse " 2402 "configuration '%s'.", wpa_s->confname); 2403 return -1; 2404 } 2405 2406 /* 2407 * Override ctrl_interface and driver_param if set on command 2408 * line. 2409 */ 2410 if (iface->ctrl_interface) { 2411 os_free(wpa_s->conf->ctrl_interface); 2412 wpa_s->conf->ctrl_interface = 2413 os_strdup(iface->ctrl_interface); 2414 } 2415 2416 if (iface->driver_param) { 2417 os_free(wpa_s->conf->driver_param); 2418 wpa_s->conf->driver_param = 2419 os_strdup(iface->driver_param); 2420 } 2421 } else 2422 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, 2423 iface->driver_param); 2424 2425 if (wpa_s->conf == NULL) { 2426 wpa_printf(MSG_ERROR, "\nNo configuration found."); 2427 return -1; 2428 } 2429 2430 if (iface->ifname == NULL) { 2431 wpa_printf(MSG_ERROR, "\nInterface name is required."); 2432 return -1; 2433 } 2434 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { 2435 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", 2436 iface->ifname); 2437 return -1; 2438 } 2439 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); 2440 2441 if (iface->bridge_ifname) { 2442 if (os_strlen(iface->bridge_ifname) >= 2443 sizeof(wpa_s->bridge_ifname)) { 2444 wpa_printf(MSG_ERROR, "\nToo long bridge interface " 2445 "name '%s'.", iface->bridge_ifname); 2446 return -1; 2447 } 2448 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, 2449 sizeof(wpa_s->bridge_ifname)); 2450 } 2451 2452 /* RSNA Supplicant Key Management - INITIALIZE */ 2453 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 2454 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 2455 2456 /* Initialize driver interface and register driver event handler before 2457 * L2 receive handler so that association events are processed before 2458 * EAPOL-Key packets if both become available for the same select() 2459 * call. */ 2460 driver = iface->driver; 2461 next_driver: 2462 if (wpa_supplicant_set_driver(wpa_s, driver) < 0) 2463 return -1; 2464 2465 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); 2466 if (wpa_s->drv_priv == NULL) { 2467 const char *pos; 2468 pos = driver ? os_strchr(driver, ',') : NULL; 2469 if (pos) { 2470 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 2471 "driver interface - try next driver wrapper"); 2472 driver = pos + 1; 2473 goto next_driver; 2474 } 2475 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver " 2476 "interface"); 2477 return -1; 2478 } 2479 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { 2480 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " 2481 "driver_param '%s'", wpa_s->conf->driver_param); 2482 return -1; 2483 } 2484 2485 ifname = wpa_drv_get_ifname(wpa_s); 2486 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { 2487 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " 2488 "interface name with '%s'", ifname); 2489 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); 2490 } 2491 2492 if (wpa_supplicant_init_wpa(wpa_s) < 0) 2493 return -1; 2494 2495 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, 2496 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : 2497 NULL); 2498 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 2499 2500 if (wpa_s->conf->dot11RSNAConfigPMKLifetime && 2501 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, 2502 wpa_s->conf->dot11RSNAConfigPMKLifetime)) { 2503 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 2504 "dot11RSNAConfigPMKLifetime"); 2505 return -1; 2506 } 2507 2508 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && 2509 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, 2510 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { 2511 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 2512 "dot11RSNAConfigPMKReauthThreshold"); 2513 return -1; 2514 } 2515 2516 if (wpa_s->conf->dot11RSNAConfigSATimeout && 2517 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, 2518 wpa_s->conf->dot11RSNAConfigSATimeout)) { 2519 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 2520 "dot11RSNAConfigSATimeout"); 2521 return -1; 2522 } 2523 2524 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, 2525 &wpa_s->hw.num_modes, 2526 &wpa_s->hw.flags); 2527 2528 if (wpa_drv_get_capa(wpa_s, &capa) == 0) { 2529 wpa_s->drv_capa_known = 1; 2530 wpa_s->drv_flags = capa.flags; 2531 wpa_s->probe_resp_offloads = capa.probe_resp_offloads; 2532 wpa_s->max_scan_ssids = capa.max_scan_ssids; 2533 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; 2534 wpa_s->sched_scan_supported = capa.sched_scan_supported; 2535 wpa_s->max_match_sets = capa.max_match_sets; 2536 wpa_s->max_remain_on_chan = capa.max_remain_on_chan; 2537 wpa_s->max_stations = capa.max_stations; 2538 } 2539 if (wpa_s->max_remain_on_chan == 0) 2540 wpa_s->max_remain_on_chan = 1000; 2541 2542 if (wpa_supplicant_driver_init(wpa_s) < 0) 2543 return -1; 2544 2545 #ifdef CONFIG_TDLS 2546 if (wpa_tdls_init(wpa_s->wpa)) 2547 return -1; 2548 #endif /* CONFIG_TDLS */ 2549 2550 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && 2551 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { 2552 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); 2553 return -1; 2554 } 2555 2556 if (wpas_wps_init(wpa_s)) 2557 return -1; 2558 2559 if (wpa_supplicant_init_eapol(wpa_s) < 0) 2560 return -1; 2561 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 2562 2563 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 2564 if (wpa_s->ctrl_iface == NULL) { 2565 wpa_printf(MSG_ERROR, 2566 "Failed to initialize control interface '%s'.\n" 2567 "You may have another wpa_supplicant process " 2568 "already running or the file was\n" 2569 "left by an unclean termination of wpa_supplicant " 2570 "in which case you will need\n" 2571 "to manually remove this file before starting " 2572 "wpa_supplicant again.\n", 2573 wpa_s->conf->ctrl_interface); 2574 return -1; 2575 } 2576 2577 wpa_s->gas = gas_query_init(wpa_s); 2578 if (wpa_s->gas == NULL) { 2579 wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); 2580 return -1; 2581 } 2582 2583 #ifdef CONFIG_P2P 2584 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) { 2585 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); 2586 return -1; 2587 } 2588 #endif /* CONFIG_P2P */ 2589 2590 if (wpa_bss_init(wpa_s) < 0) 2591 return -1; 2592 2593 return 0; 2594 } 2595 2596 2597 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, 2598 int notify, int terminate) 2599 { 2600 if (wpa_s->drv_priv) { 2601 wpa_supplicant_deauthenticate(wpa_s, 2602 WLAN_REASON_DEAUTH_LEAVING); 2603 2604 wpa_drv_set_countermeasures(wpa_s, 0); 2605 wpa_clear_keys(wpa_s, NULL); 2606 } 2607 2608 wpa_supplicant_cleanup(wpa_s); 2609 2610 if (wpa_s->drv_priv) 2611 wpa_drv_deinit(wpa_s); 2612 2613 if (notify) 2614 wpas_notify_iface_removed(wpa_s); 2615 2616 if (terminate) 2617 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); 2618 2619 if (wpa_s->ctrl_iface) { 2620 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); 2621 wpa_s->ctrl_iface = NULL; 2622 } 2623 2624 if (wpa_s->conf != NULL) { 2625 wpa_config_free(wpa_s->conf); 2626 wpa_s->conf = NULL; 2627 } 2628 } 2629 2630 2631 /** 2632 * wpa_supplicant_add_iface - Add a new network interface 2633 * @global: Pointer to global data from wpa_supplicant_init() 2634 * @iface: Interface configuration options 2635 * Returns: Pointer to the created interface or %NULL on failure 2636 * 2637 * This function is used to add new network interfaces for %wpa_supplicant. 2638 * This can be called before wpa_supplicant_run() to add interfaces before the 2639 * main event loop has been started. In addition, new interfaces can be added 2640 * dynamically while %wpa_supplicant is already running. This could happen, 2641 * e.g., when a hotplug network adapter is inserted. 2642 */ 2643 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, 2644 struct wpa_interface *iface) 2645 { 2646 struct wpa_supplicant *wpa_s; 2647 struct wpa_interface t_iface; 2648 struct wpa_ssid *ssid; 2649 2650 if (global == NULL || iface == NULL) 2651 return NULL; 2652 2653 wpa_s = wpa_supplicant_alloc(); 2654 if (wpa_s == NULL) 2655 return NULL; 2656 2657 wpa_s->global = global; 2658 2659 t_iface = *iface; 2660 if (global->params.override_driver) { 2661 wpa_printf(MSG_DEBUG, "Override interface parameter: driver " 2662 "('%s' -> '%s')", 2663 iface->driver, global->params.override_driver); 2664 t_iface.driver = global->params.override_driver; 2665 } 2666 if (global->params.override_ctrl_interface) { 2667 wpa_printf(MSG_DEBUG, "Override interface parameter: " 2668 "ctrl_interface ('%s' -> '%s')", 2669 iface->ctrl_interface, 2670 global->params.override_ctrl_interface); 2671 t_iface.ctrl_interface = 2672 global->params.override_ctrl_interface; 2673 } 2674 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { 2675 wpa_printf(MSG_DEBUG, "Failed to add interface %s", 2676 iface->ifname); 2677 wpa_supplicant_deinit_iface(wpa_s, 0, 0); 2678 os_free(wpa_s); 2679 return NULL; 2680 } 2681 2682 /* Notify the control interfaces about new iface */ 2683 if (wpas_notify_iface_added(wpa_s)) { 2684 wpa_supplicant_deinit_iface(wpa_s, 1, 0); 2685 os_free(wpa_s); 2686 return NULL; 2687 } 2688 2689 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 2690 wpas_notify_network_added(wpa_s, ssid); 2691 2692 wpa_s->next = global->ifaces; 2693 global->ifaces = wpa_s; 2694 2695 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); 2696 2697 return wpa_s; 2698 } 2699 2700 2701 /** 2702 * wpa_supplicant_remove_iface - Remove a network interface 2703 * @global: Pointer to global data from wpa_supplicant_init() 2704 * @wpa_s: Pointer to the network interface to be removed 2705 * Returns: 0 if interface was removed, -1 if interface was not found 2706 * 2707 * This function can be used to dynamically remove network interfaces from 2708 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In 2709 * addition, this function is used to remove all remaining interfaces when 2710 * %wpa_supplicant is terminated. 2711 */ 2712 int wpa_supplicant_remove_iface(struct wpa_global *global, 2713 struct wpa_supplicant *wpa_s, 2714 int terminate) 2715 { 2716 struct wpa_supplicant *prev; 2717 2718 /* Remove interface from the global list of interfaces */ 2719 prev = global->ifaces; 2720 if (prev == wpa_s) { 2721 global->ifaces = wpa_s->next; 2722 } else { 2723 while (prev && prev->next != wpa_s) 2724 prev = prev->next; 2725 if (prev == NULL) 2726 return -1; 2727 prev->next = wpa_s->next; 2728 } 2729 2730 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); 2731 2732 if (global->p2p_group_formation == wpa_s) 2733 global->p2p_group_formation = NULL; 2734 wpa_supplicant_deinit_iface(wpa_s, 1, terminate); 2735 os_free(wpa_s); 2736 2737 return 0; 2738 } 2739 2740 2741 /** 2742 * wpa_supplicant_get_eap_mode - Get the current EAP mode 2743 * @wpa_s: Pointer to the network interface 2744 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found 2745 */ 2746 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) 2747 { 2748 const char *eapol_method; 2749 2750 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && 2751 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 2752 return "NO-EAP"; 2753 } 2754 2755 eapol_method = eapol_sm_get_method_name(wpa_s->eapol); 2756 if (eapol_method == NULL) 2757 return "UNKNOWN-EAP"; 2758 2759 return eapol_method; 2760 } 2761 2762 2763 /** 2764 * wpa_supplicant_get_iface - Get a new network interface 2765 * @global: Pointer to global data from wpa_supplicant_init() 2766 * @ifname: Interface name 2767 * Returns: Pointer to the interface or %NULL if not found 2768 */ 2769 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, 2770 const char *ifname) 2771 { 2772 struct wpa_supplicant *wpa_s; 2773 2774 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 2775 if (os_strcmp(wpa_s->ifname, ifname) == 0) 2776 return wpa_s; 2777 } 2778 return NULL; 2779 } 2780 2781 2782 #ifndef CONFIG_NO_WPA_MSG 2783 static const char * wpa_supplicant_msg_ifname_cb(void *ctx) 2784 { 2785 struct wpa_supplicant *wpa_s = ctx; 2786 if (wpa_s == NULL) 2787 return NULL; 2788 return wpa_s->ifname; 2789 } 2790 #endif /* CONFIG_NO_WPA_MSG */ 2791 2792 2793 /** 2794 * wpa_supplicant_init - Initialize %wpa_supplicant 2795 * @params: Parameters for %wpa_supplicant 2796 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure 2797 * 2798 * This function is used to initialize %wpa_supplicant. After successful 2799 * initialization, the returned data pointer can be used to add and remove 2800 * network interfaces, and eventually, to deinitialize %wpa_supplicant. 2801 */ 2802 struct wpa_global * wpa_supplicant_init(struct wpa_params *params) 2803 { 2804 struct wpa_global *global; 2805 int ret, i; 2806 2807 if (params == NULL) 2808 return NULL; 2809 2810 #ifdef CONFIG_DRIVER_NDIS 2811 { 2812 void driver_ndis_init_ops(void); 2813 driver_ndis_init_ops(); 2814 } 2815 #endif /* CONFIG_DRIVER_NDIS */ 2816 2817 #ifndef CONFIG_NO_WPA_MSG 2818 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); 2819 #endif /* CONFIG_NO_WPA_MSG */ 2820 2821 wpa_debug_open_file(params->wpa_debug_file_path); 2822 if (params->wpa_debug_syslog) 2823 wpa_debug_open_syslog(); 2824 2825 ret = eap_register_methods(); 2826 if (ret) { 2827 wpa_printf(MSG_ERROR, "Failed to register EAP methods"); 2828 if (ret == -2) 2829 wpa_printf(MSG_ERROR, "Two or more EAP methods used " 2830 "the same EAP type."); 2831 return NULL; 2832 } 2833 2834 global = os_zalloc(sizeof(*global)); 2835 if (global == NULL) 2836 return NULL; 2837 dl_list_init(&global->p2p_srv_bonjour); 2838 dl_list_init(&global->p2p_srv_upnp); 2839 global->params.daemonize = params->daemonize; 2840 global->params.wait_for_monitor = params->wait_for_monitor; 2841 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; 2842 if (params->pid_file) 2843 global->params.pid_file = os_strdup(params->pid_file); 2844 if (params->ctrl_interface) 2845 global->params.ctrl_interface = 2846 os_strdup(params->ctrl_interface); 2847 if (params->override_driver) 2848 global->params.override_driver = 2849 os_strdup(params->override_driver); 2850 if (params->override_ctrl_interface) 2851 global->params.override_ctrl_interface = 2852 os_strdup(params->override_ctrl_interface); 2853 wpa_debug_level = global->params.wpa_debug_level = 2854 params->wpa_debug_level; 2855 wpa_debug_show_keys = global->params.wpa_debug_show_keys = 2856 params->wpa_debug_show_keys; 2857 wpa_debug_timestamp = global->params.wpa_debug_timestamp = 2858 params->wpa_debug_timestamp; 2859 2860 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR); 2861 2862 if (eloop_init()) { 2863 wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 2864 wpa_supplicant_deinit(global); 2865 return NULL; 2866 } 2867 2868 random_init(params->entropy_file); 2869 2870 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); 2871 if (global->ctrl_iface == NULL) { 2872 wpa_supplicant_deinit(global); 2873 return NULL; 2874 } 2875 2876 if (wpas_notify_supplicant_initialized(global)) { 2877 wpa_supplicant_deinit(global); 2878 return NULL; 2879 } 2880 2881 for (i = 0; wpa_drivers[i]; i++) 2882 global->drv_count++; 2883 if (global->drv_count == 0) { 2884 wpa_printf(MSG_ERROR, "No drivers enabled"); 2885 wpa_supplicant_deinit(global); 2886 return NULL; 2887 } 2888 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *)); 2889 if (global->drv_priv == NULL) { 2890 wpa_supplicant_deinit(global); 2891 return NULL; 2892 } 2893 2894 return global; 2895 } 2896 2897 2898 /** 2899 * wpa_supplicant_run - Run the %wpa_supplicant main event loop 2900 * @global: Pointer to global data from wpa_supplicant_init() 2901 * Returns: 0 after successful event loop run, -1 on failure 2902 * 2903 * This function starts the main event loop and continues running as long as 2904 * there are any remaining events. In most cases, this function is running as 2905 * long as the %wpa_supplicant process in still in use. 2906 */ 2907 int wpa_supplicant_run(struct wpa_global *global) 2908 { 2909 struct wpa_supplicant *wpa_s; 2910 2911 if (global->params.daemonize && 2912 wpa_supplicant_daemon(global->params.pid_file)) 2913 return -1; 2914 2915 if (global->params.wait_for_monitor) { 2916 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) 2917 if (wpa_s->ctrl_iface) 2918 wpa_supplicant_ctrl_iface_wait( 2919 wpa_s->ctrl_iface); 2920 } 2921 2922 eloop_register_signal_terminate(wpa_supplicant_terminate, global); 2923 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); 2924 2925 eloop_run(); 2926 2927 return 0; 2928 } 2929 2930 2931 /** 2932 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant 2933 * @global: Pointer to global data from wpa_supplicant_init() 2934 * 2935 * This function is called to deinitialize %wpa_supplicant and to free all 2936 * allocated resources. Remaining network interfaces will also be removed. 2937 */ 2938 void wpa_supplicant_deinit(struct wpa_global *global) 2939 { 2940 int i; 2941 2942 if (global == NULL) 2943 return; 2944 2945 #ifdef CONFIG_P2P 2946 wpas_p2p_deinit_global(global); 2947 #endif /* CONFIG_P2P */ 2948 2949 while (global->ifaces) 2950 wpa_supplicant_remove_iface(global, global->ifaces, 1); 2951 2952 if (global->ctrl_iface) 2953 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); 2954 2955 wpas_notify_supplicant_deinitialized(global); 2956 2957 eap_peer_unregister_methods(); 2958 #ifdef CONFIG_AP 2959 eap_server_unregister_methods(); 2960 #endif /* CONFIG_AP */ 2961 2962 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { 2963 if (!global->drv_priv[i]) 2964 continue; 2965 wpa_drivers[i]->global_deinit(global->drv_priv[i]); 2966 } 2967 os_free(global->drv_priv); 2968 2969 random_deinit(); 2970 2971 eloop_destroy(); 2972 2973 if (global->params.pid_file) { 2974 os_daemonize_terminate(global->params.pid_file); 2975 os_free(global->params.pid_file); 2976 } 2977 os_free(global->params.ctrl_interface); 2978 os_free(global->params.override_driver); 2979 os_free(global->params.override_ctrl_interface); 2980 2981 os_free(global); 2982 wpa_debug_close_syslog(); 2983 wpa_debug_close_file(); 2984 } 2985 2986 2987 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) 2988 { 2989 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && 2990 wpa_s->conf->country[0] && wpa_s->conf->country[1]) { 2991 char country[3]; 2992 country[0] = wpa_s->conf->country[0]; 2993 country[1] = wpa_s->conf->country[1]; 2994 country[2] = '\0'; 2995 if (wpa_drv_set_country(wpa_s, country) < 0) { 2996 wpa_printf(MSG_ERROR, "Failed to set country code " 2997 "'%s'", country); 2998 } 2999 } 3000 3001 #ifdef CONFIG_WPS 3002 wpas_wps_update_config(wpa_s); 3003 #endif /* CONFIG_WPS */ 3004 3005 #ifdef CONFIG_P2P 3006 wpas_p2p_update_config(wpa_s); 3007 #endif /* CONFIG_P2P */ 3008 3009 wpa_s->conf->changed_parameters = 0; 3010 } 3011 3012 3013 static void add_freq(int *freqs, int *num_freqs, int freq) 3014 { 3015 int i; 3016 3017 for (i = 0; i < *num_freqs; i++) { 3018 if (freqs[i] == freq) 3019 return; 3020 } 3021 3022 freqs[*num_freqs] = freq; 3023 (*num_freqs)++; 3024 } 3025 3026 3027 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) 3028 { 3029 struct wpa_bss *bss, *cbss; 3030 const int max_freqs = 10; 3031 int *freqs; 3032 int num_freqs = 0; 3033 3034 freqs = os_zalloc(sizeof(int) * (max_freqs + 1)); 3035 if (freqs == NULL) 3036 return NULL; 3037 3038 cbss = wpa_s->current_bss; 3039 3040 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 3041 if (bss == cbss) 3042 continue; 3043 if (bss->ssid_len == cbss->ssid_len && 3044 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && 3045 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) { 3046 add_freq(freqs, &num_freqs, bss->freq); 3047 if (num_freqs == max_freqs) 3048 break; 3049 } 3050 } 3051 3052 if (num_freqs == 0) { 3053 os_free(freqs); 3054 freqs = NULL; 3055 } 3056 3057 return freqs; 3058 } 3059 3060 3061 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid) 3062 { 3063 int timeout; 3064 int count; 3065 int *freqs = NULL; 3066 3067 /* 3068 * Remove possible authentication timeout since the connection failed. 3069 */ 3070 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 3071 3072 /* 3073 * Add the failed BSSID into the blacklist and speed up next scan 3074 * attempt if there could be other APs that could accept association. 3075 * The current blacklist count indicates how many times we have tried 3076 * connecting to this AP and multiple attempts mean that other APs are 3077 * either not available or has already been tried, so that we can start 3078 * increasing the delay here to avoid constant scanning. 3079 */ 3080 count = wpa_blacklist_add(wpa_s, bssid); 3081 if (count == 1 && wpa_s->current_bss) { 3082 /* 3083 * This BSS was not in the blacklist before. If there is 3084 * another BSS available for the same ESS, we should try that 3085 * next. Otherwise, we may as well try this one once more 3086 * before allowing other, likely worse, ESSes to be considered. 3087 */ 3088 freqs = get_bss_freqs_in_ess(wpa_s); 3089 if (freqs) { 3090 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " 3091 "has been seen; try it next"); 3092 wpa_blacklist_add(wpa_s, bssid); 3093 /* 3094 * On the next scan, go through only the known channels 3095 * used in this ESS based on previous scans to speed up 3096 * common load balancing use case. 3097 */ 3098 os_free(wpa_s->next_scan_freqs); 3099 wpa_s->next_scan_freqs = freqs; 3100 } 3101 } 3102 3103 switch (count) { 3104 case 1: 3105 timeout = 100; 3106 break; 3107 case 2: 3108 timeout = 500; 3109 break; 3110 case 3: 3111 timeout = 1000; 3112 break; 3113 default: 3114 timeout = 5000; 3115 } 3116 3117 /* 3118 * TODO: if more than one possible AP is available in scan results, 3119 * could try the other ones before requesting a new scan. 3120 */ 3121 wpa_supplicant_req_scan(wpa_s, timeout / 1000, 3122 1000 * (timeout % 1000)); 3123 } 3124 3125 3126 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) 3127 { 3128 return wpa_s->conf->ap_scan == 2 || 3129 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); 3130 } 3131 3132 #ifdef ANDROID_P2P 3133 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) 3134 { 3135 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) 3136 return 1; 3137 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) 3138 return 0; 3139 3140 /* IF conc_priority is not set, return -1 */ 3141 return -1; 3142 } 3143 #endif 3144
