1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2022, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
44 #include "common/ptksa_cache.h"
45 #include "p2p/p2p.h"
46 #include "fst/fst.h"
47 #include "bssid_ignore.h"
48 #include "wpas_glue.h"
49 #include "wps_supplicant.h"
50 #include "ibss_rsn.h"
51 #include "sme.h"
52 #include "gas_query.h"
53 #include "ap.h"
54 #include "p2p_supplicant.h"
55 #include "wifi_display.h"
56 #include "notify.h"
57 #include "bgscan.h"
58 #include "autoscan.h"
59 #include "bss.h"
60 #include "scan.h"
61 #include "offchannel.h"
62 #include "hs20_supplicant.h"
63 #include "wnm_sta.h"
64 #include "wpas_kay.h"
65 #include "mesh.h"
66 #include "dpp_supplicant.h"
67 #ifdef CONFIG_MESH
68 #include "ap/ap_config.h"
69 #include "ap/hostapd.h"
70 #endif /* CONFIG_MESH */
71
72 const char *const wpa_supplicant_version =
73 "wpa_supplicant v" VERSION_STR "\n"
74 "Copyright (c) 2003-2022, Jouni Malinen <j@w1.fi> and contributors";
75
76 const char *const wpa_supplicant_license =
77 "This software may be distributed under the terms of the BSD license.\n"
78 "See README for more details.\n"
79 #ifdef EAP_TLS_OPENSSL
80 "\nThis product includes software developed by the OpenSSL Project\n"
81 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
82 #endif /* EAP_TLS_OPENSSL */
83 ;
84
85 #ifndef CONFIG_NO_STDOUT_DEBUG
86 /* Long text divided into parts in order to fit in C89 strings size limits. */
87 const char *const wpa_supplicant_full_license1 =
88 "";
89 const char *const wpa_supplicant_full_license2 =
90 "This software may be distributed under the terms of the BSD license.\n"
91 "\n"
92 "Redistribution and use in source and binary forms, with or without\n"
93 "modification, are permitted provided that the following conditions are\n"
94 "met:\n"
95 "\n";
96 const char *const wpa_supplicant_full_license3 =
97 "1. Redistributions of source code must retain the above copyright\n"
98 " notice, this list of conditions and the following disclaimer.\n"
99 "\n"
100 "2. Redistributions in binary form must reproduce the above copyright\n"
101 " notice, this list of conditions and the following disclaimer in the\n"
102 " documentation and/or other materials provided with the distribution.\n"
103 "\n";
104 const char *const wpa_supplicant_full_license4 =
105 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
106 " names of its contributors may be used to endorse or promote products\n"
107 " derived from this software without specific prior written permission.\n"
108 "\n"
109 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
110 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
111 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
112 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
113 const char *const wpa_supplicant_full_license5 =
114 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
115 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
116 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
117 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
118 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
119 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
120 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
121 "\n";
122 #endif /* CONFIG_NO_STDOUT_DEBUG */
123
124
125 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
126 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
127 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
128 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
129 #ifdef CONFIG_OWE
130 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
131 #endif /* CONFIG_OWE */
132
133
134 #ifdef CONFIG_WEP
135 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)136 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
137 {
138 int i, set = 0;
139
140 for (i = 0; i < NUM_WEP_KEYS; i++) {
141 if (ssid->wep_key_len[i] == 0)
142 continue;
143
144 set = 1;
145 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
146 i, i == ssid->wep_tx_keyidx, NULL, 0,
147 ssid->wep_key[i], ssid->wep_key_len[i],
148 i == ssid->wep_tx_keyidx ?
149 KEY_FLAG_GROUP_RX_TX_DEFAULT :
150 KEY_FLAG_GROUP_RX_TX);
151 }
152
153 return set;
154 }
155 #endif /* CONFIG_WEP */
156
157
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)158 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
159 struct wpa_ssid *ssid)
160 {
161 u8 key[32];
162 size_t keylen;
163 enum wpa_alg alg;
164 u8 seq[6] = { 0 };
165 int ret;
166
167 /* IBSS/WPA-None uses only one key (Group) for both receiving and
168 * sending unicast and multicast packets. */
169
170 if (ssid->mode != WPAS_MODE_IBSS) {
171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
172 "IBSS/ad-hoc) for WPA-None", ssid->mode);
173 return -1;
174 }
175
176 if (!ssid->psk_set) {
177 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
178 "WPA-None");
179 return -1;
180 }
181
182 switch (wpa_s->group_cipher) {
183 case WPA_CIPHER_CCMP:
184 os_memcpy(key, ssid->psk, 16);
185 keylen = 16;
186 alg = WPA_ALG_CCMP;
187 break;
188 case WPA_CIPHER_GCMP:
189 os_memcpy(key, ssid->psk, 16);
190 keylen = 16;
191 alg = WPA_ALG_GCMP;
192 break;
193 case WPA_CIPHER_TKIP:
194 /* WPA-None uses the same Michael MIC key for both TX and RX */
195 os_memcpy(key, ssid->psk, 16 + 8);
196 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
197 keylen = 32;
198 alg = WPA_ALG_TKIP;
199 break;
200 default:
201 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
202 "WPA-None", wpa_s->group_cipher);
203 return -1;
204 }
205
206 /* TODO: should actually remember the previously used seq#, both for TX
207 * and RX from each STA.. */
208
209 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
210 KEY_FLAG_GROUP_RX_TX_DEFAULT);
211 os_memset(key, 0, sizeof(key));
212 return ret;
213 }
214
215
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)216 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
217 {
218 struct wpa_supplicant *wpa_s = eloop_ctx;
219 const u8 *bssid = wpa_s->bssid;
220 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
221 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
222 wpa_s->wpa_state == WPA_ASSOCIATING))
223 bssid = wpa_s->pending_bssid;
224 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
225 MAC2STR(bssid));
226 wpa_bssid_ignore_add(wpa_s, bssid);
227 wpa_sm_notify_disassoc(wpa_s->wpa);
228 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
229 wpa_s->reassociate = 1;
230
231 /*
232 * If we timed out, the AP or the local radio may be busy.
233 * So, wait a second until scanning again.
234 */
235 wpa_supplicant_req_scan(wpa_s, 1, 0);
236 }
237
238
239 /**
240 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
241 * @wpa_s: Pointer to wpa_supplicant data
242 * @sec: Number of seconds after which to time out authentication
243 * @usec: Number of microseconds after which to time out authentication
244 *
245 * This function is used to schedule a timeout for the current authentication
246 * attempt.
247 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)248 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
249 int sec, int usec)
250 {
251 if (wpa_s->conf->ap_scan == 0 &&
252 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
253 return;
254
255 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
256 "%d usec", sec, usec);
257 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
258 wpa_s->last_auth_timeout_sec = sec;
259 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
260 }
261
262
263 /*
264 * wpas_auth_timeout_restart - Restart and change timeout for authentication
265 * @wpa_s: Pointer to wpa_supplicant data
266 * @sec_diff: difference in seconds applied to original timeout value
267 */
wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)268 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
269 {
270 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
271
272 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
273 wpa_dbg(wpa_s, MSG_DEBUG,
274 "Authentication timeout restart: %d sec", new_sec);
275 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
276 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
277 wpa_s, NULL);
278 }
279 }
280
281
282 /**
283 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
284 * @wpa_s: Pointer to wpa_supplicant data
285 *
286 * This function is used to cancel authentication timeout scheduled with
287 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
288 * been completed.
289 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)290 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
291 {
292 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
293 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
294 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
295 os_free(wpa_s->last_con_fail_realm);
296 wpa_s->last_con_fail_realm = NULL;
297 wpa_s->last_con_fail_realm_len = 0;
298 }
299
300
301 /**
302 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
303 * @wpa_s: Pointer to wpa_supplicant data
304 *
305 * This function is used to configure EAPOL state machine based on the selected
306 * authentication mode.
307 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)308 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
309 {
310 #ifdef IEEE8021X_EAPOL
311 struct eapol_config eapol_conf;
312 struct wpa_ssid *ssid = wpa_s->current_ssid;
313
314 #ifdef CONFIG_IBSS_RSN
315 if (ssid->mode == WPAS_MODE_IBSS &&
316 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
317 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
318 /*
319 * RSN IBSS authentication is per-STA and we can disable the
320 * per-BSSID EAPOL authentication.
321 */
322 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
323 eapol_sm_notify_eap_success(wpa_s->eapol, true);
324 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
325 return;
326 }
327 #endif /* CONFIG_IBSS_RSN */
328
329 eapol_sm_notify_eap_success(wpa_s->eapol, false);
330 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
331
332 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
333 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
334 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
335 else
336 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
337
338 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
339 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
340 eapol_conf.accept_802_1x_keys = 1;
341 eapol_conf.required_keys = 0;
342 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
343 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
344 }
345 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
346 eapol_conf.required_keys |=
347 EAPOL_REQUIRE_KEY_BROADCAST;
348 }
349
350 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
351 eapol_conf.required_keys = 0;
352 }
353 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
354 eapol_conf.workaround = ssid->eap_workaround;
355 eapol_conf.eap_disabled =
356 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
357 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
358 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
359 eapol_conf.external_sim = wpa_s->conf->external_sim;
360
361 #ifdef CONFIG_WPS
362 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
363 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
364 if (wpa_s->current_bss) {
365 struct wpabuf *ie;
366 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
367 WPS_IE_VENDOR_TYPE);
368 if (ie) {
369 if (wps_is_20(ie))
370 eapol_conf.wps |=
371 EAPOL_PEER_IS_WPS20_AP;
372 wpabuf_free(ie);
373 }
374 }
375 }
376 #endif /* CONFIG_WPS */
377
378 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
379
380 #ifdef CONFIG_MACSEC
381 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
382 ieee802_1x_create_preshared_mka(wpa_s, ssid);
383 else
384 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
385 #endif /* CONFIG_MACSEC */
386 #endif /* IEEE8021X_EAPOL */
387 }
388
389
390 /**
391 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
392 * @wpa_s: Pointer to wpa_supplicant data
393 * @ssid: Configuration data for the network
394 *
395 * This function is used to configure WPA state machine and related parameters
396 * to a mode where WPA is not enabled. This is called as part of the
397 * authentication configuration when the selected network does not use WPA.
398 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)399 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
400 struct wpa_ssid *ssid)
401 {
402 #ifdef CONFIG_WEP
403 int i;
404 #endif /* CONFIG_WEP */
405
406 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
407 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
408 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
409 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
410 else
411 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
412 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
413 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
414 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
415 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
416 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
417 wpa_s->rsnxe_len = 0;
418 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
419 wpa_s->group_cipher = WPA_CIPHER_NONE;
420 wpa_s->mgmt_group_cipher = 0;
421
422 #ifdef CONFIG_WEP
423 for (i = 0; i < NUM_WEP_KEYS; i++) {
424 if (ssid->wep_key_len[i] > 5) {
425 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
426 wpa_s->group_cipher = WPA_CIPHER_WEP104;
427 break;
428 } else if (ssid->wep_key_len[i] > 0) {
429 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
430 wpa_s->group_cipher = WPA_CIPHER_WEP40;
431 break;
432 }
433 }
434 #endif /* CONFIG_WEP */
435
436 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
437 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
438 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
439 wpa_s->pairwise_cipher);
440 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
441 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
442 wpa_s->mgmt_group_cipher);
443
444 pmksa_cache_clear_current(wpa_s->wpa);
445 }
446
447
free_hw_features(struct wpa_supplicant * wpa_s)448 void free_hw_features(struct wpa_supplicant *wpa_s)
449 {
450 int i;
451 if (wpa_s->hw.modes == NULL)
452 return;
453
454 for (i = 0; i < wpa_s->hw.num_modes; i++) {
455 os_free(wpa_s->hw.modes[i].channels);
456 os_free(wpa_s->hw.modes[i].rates);
457 }
458
459 os_free(wpa_s->hw.modes);
460 wpa_s->hw.modes = NULL;
461 }
462
463
remove_bss_tmp_disallowed_entry(struct wpa_supplicant * wpa_s,struct wpa_bss_tmp_disallowed * bss)464 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s,
465 struct wpa_bss_tmp_disallowed *bss)
466 {
467 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
468 dl_list_del(&bss->list);
469 os_free(bss);
470 }
471
472
free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)473 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
474 {
475 struct wpa_bss_tmp_disallowed *bss, *prev;
476
477 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
478 struct wpa_bss_tmp_disallowed, list)
479 remove_bss_tmp_disallowed_entry(wpa_s, bss);
480 }
481
482
wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)483 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
484 {
485 struct fils_hlp_req *req;
486
487 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
488 list)) != NULL) {
489 dl_list_del(&req->list);
490 wpabuf_free(req->pkt);
491 os_free(req);
492 }
493 }
494
495
wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)496 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
497 {
498 struct wpa_supplicant *wpa_s = eloop_ctx;
499
500 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
501 return;
502 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
503 wpa_bss_flush(wpa_s);
504 }
505
506
507 #ifdef CONFIG_TESTING_OPTIONS
wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)508 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
509 {
510 struct driver_signal_override *dso;
511
512 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
513 struct driver_signal_override, list))) {
514 dl_list_del(&dso->list);
515 os_free(dso);
516 }
517 }
518 #endif /* CONFIG_TESTING_OPTIONS */
519
520
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)521 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
522 {
523 int i;
524
525 bgscan_deinit(wpa_s);
526 autoscan_deinit(wpa_s);
527 scard_deinit(wpa_s->scard);
528 wpa_s->scard = NULL;
529 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
530 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
531 l2_packet_deinit(wpa_s->l2);
532 wpa_s->l2 = NULL;
533 if (wpa_s->l2_br) {
534 l2_packet_deinit(wpa_s->l2_br);
535 wpa_s->l2_br = NULL;
536 }
537 #ifdef CONFIG_TESTING_OPTIONS
538 l2_packet_deinit(wpa_s->l2_test);
539 wpa_s->l2_test = NULL;
540 os_free(wpa_s->get_pref_freq_list_override);
541 wpa_s->get_pref_freq_list_override = NULL;
542 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
543 wpa_s->last_assoc_req_wpa_ie = NULL;
544 os_free(wpa_s->extra_sae_rejected_groups);
545 wpa_s->extra_sae_rejected_groups = NULL;
546 wpabuf_free(wpa_s->rsne_override_eapol);
547 wpa_s->rsne_override_eapol = NULL;
548 wpabuf_free(wpa_s->rsnxe_override_assoc);
549 wpa_s->rsnxe_override_assoc = NULL;
550 wpabuf_free(wpa_s->rsnxe_override_eapol);
551 wpa_s->rsnxe_override_eapol = NULL;
552 wpas_clear_driver_signal_override(wpa_s);
553 #endif /* CONFIG_TESTING_OPTIONS */
554
555 if (wpa_s->conf != NULL) {
556 struct wpa_ssid *ssid;
557 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
558 wpas_notify_network_removed(wpa_s, ssid);
559 }
560
561 os_free(wpa_s->confname);
562 wpa_s->confname = NULL;
563
564 os_free(wpa_s->confanother);
565 wpa_s->confanother = NULL;
566
567 os_free(wpa_s->last_con_fail_realm);
568 wpa_s->last_con_fail_realm = NULL;
569 wpa_s->last_con_fail_realm_len = 0;
570
571 wpa_sm_set_eapol(wpa_s->wpa, NULL);
572 eapol_sm_deinit(wpa_s->eapol);
573 wpa_s->eapol = NULL;
574
575 rsn_preauth_deinit(wpa_s->wpa);
576
577 #ifdef CONFIG_TDLS
578 wpa_tdls_deinit(wpa_s->wpa);
579 #endif /* CONFIG_TDLS */
580
581 wmm_ac_clear_saved_tspecs(wpa_s);
582 pmksa_candidate_free(wpa_s->wpa);
583 ptksa_cache_deinit(wpa_s->ptksa);
584 wpa_s->ptksa = NULL;
585 wpa_sm_deinit(wpa_s->wpa);
586 wpa_s->wpa = NULL;
587 wpa_bssid_ignore_clear(wpa_s);
588
589 #ifdef CONFIG_PASN
590 wpas_pasn_auth_stop(wpa_s);
591 #endif /* CONFIG_PASN */
592
593 wpa_bss_deinit(wpa_s);
594
595 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
596 wpa_supplicant_cancel_scan(wpa_s);
597 wpa_supplicant_cancel_auth_timeout(wpa_s);
598 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
599 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
600 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
601 wpa_s, NULL);
602 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
603
604 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
605 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
606
607 wpas_wps_deinit(wpa_s);
608
609 wpabuf_free(wpa_s->pending_eapol_rx);
610 wpa_s->pending_eapol_rx = NULL;
611
612 #ifdef CONFIG_IBSS_RSN
613 ibss_rsn_deinit(wpa_s->ibss_rsn);
614 wpa_s->ibss_rsn = NULL;
615 #endif /* CONFIG_IBSS_RSN */
616
617 sme_deinit(wpa_s);
618
619 #ifdef CONFIG_AP
620 wpa_supplicant_ap_deinit(wpa_s);
621 #endif /* CONFIG_AP */
622
623 wpas_p2p_deinit(wpa_s);
624
625 #ifdef CONFIG_OFFCHANNEL
626 offchannel_deinit(wpa_s);
627 #endif /* CONFIG_OFFCHANNEL */
628
629 wpa_supplicant_cancel_sched_scan(wpa_s);
630
631 os_free(wpa_s->next_scan_freqs);
632 wpa_s->next_scan_freqs = NULL;
633
634 os_free(wpa_s->manual_scan_freqs);
635 wpa_s->manual_scan_freqs = NULL;
636 os_free(wpa_s->select_network_scan_freqs);
637 wpa_s->select_network_scan_freqs = NULL;
638
639 os_free(wpa_s->manual_sched_scan_freqs);
640 wpa_s->manual_sched_scan_freqs = NULL;
641
642 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
643
644 /*
645 * Need to remove any pending gas-query radio work before the
646 * gas_query_deinit() call because gas_query::work has not yet been set
647 * for works that have not been started. gas_query_free() will be unable
648 * to cancel such pending radio works and once the pending gas-query
649 * radio work eventually gets removed, the deinit notification call to
650 * gas_query_start_cb() would result in dereferencing freed memory.
651 */
652 if (wpa_s->radio)
653 radio_remove_works(wpa_s, "gas-query", 0);
654 gas_query_deinit(wpa_s->gas);
655 wpa_s->gas = NULL;
656 gas_server_deinit(wpa_s->gas_server);
657 wpa_s->gas_server = NULL;
658
659 free_hw_features(wpa_s);
660
661 ieee802_1x_dealloc_kay_sm(wpa_s);
662
663 os_free(wpa_s->bssid_filter);
664 wpa_s->bssid_filter = NULL;
665
666 os_free(wpa_s->disallow_aps_bssid);
667 wpa_s->disallow_aps_bssid = NULL;
668 os_free(wpa_s->disallow_aps_ssid);
669 wpa_s->disallow_aps_ssid = NULL;
670
671 wnm_bss_keep_alive_deinit(wpa_s);
672 #ifdef CONFIG_WNM
673 wnm_deallocate_memory(wpa_s);
674 #endif /* CONFIG_WNM */
675
676 ext_password_deinit(wpa_s->ext_pw);
677 wpa_s->ext_pw = NULL;
678
679 wpabuf_free(wpa_s->last_gas_resp);
680 wpa_s->last_gas_resp = NULL;
681 wpabuf_free(wpa_s->prev_gas_resp);
682 wpa_s->prev_gas_resp = NULL;
683
684 os_free(wpa_s->last_scan_res);
685 wpa_s->last_scan_res = NULL;
686
687 #ifdef CONFIG_HS20
688 if (wpa_s->drv_priv)
689 wpa_drv_configure_frame_filters(wpa_s, 0);
690 hs20_deinit(wpa_s);
691 #endif /* CONFIG_HS20 */
692
693 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
694 wpabuf_free(wpa_s->vendor_elem[i]);
695 wpa_s->vendor_elem[i] = NULL;
696 }
697
698 wmm_ac_notify_disassoc(wpa_s);
699
700 wpa_s->sched_scan_plans_num = 0;
701 os_free(wpa_s->sched_scan_plans);
702 wpa_s->sched_scan_plans = NULL;
703
704 #ifdef CONFIG_MBO
705 wpa_s->non_pref_chan_num = 0;
706 os_free(wpa_s->non_pref_chan);
707 wpa_s->non_pref_chan = NULL;
708 #endif /* CONFIG_MBO */
709
710 free_bss_tmp_disallowed(wpa_s);
711
712 wpabuf_free(wpa_s->lci);
713 wpa_s->lci = NULL;
714 wpas_clear_beacon_rep_data(wpa_s);
715
716 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
717 #ifdef CONFIG_MESH
718 {
719 struct external_pmksa_cache *entry;
720
721 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
722 struct external_pmksa_cache,
723 list)) != NULL) {
724 dl_list_del(&entry->list);
725 os_free(entry->pmksa_cache);
726 os_free(entry);
727 }
728 }
729 #endif /* CONFIG_MESH */
730 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
731
732 wpas_flush_fils_hlp_req(wpa_s);
733
734 wpabuf_free(wpa_s->ric_ies);
735 wpa_s->ric_ies = NULL;
736
737 #ifdef CONFIG_DPP
738 wpas_dpp_deinit(wpa_s);
739 dpp_global_deinit(wpa_s->dpp);
740 wpa_s->dpp = NULL;
741 #endif /* CONFIG_DPP */
742
743 #ifdef CONFIG_PASN
744 wpas_pasn_auth_stop(wpa_s);
745 #endif /* CONFIG_PASN */
746 wpas_scs_deinit(wpa_s);
747 wpas_dscp_deinit(wpa_s);
748 }
749
750
751 /**
752 * wpa_clear_keys - Clear keys configured for the driver
753 * @wpa_s: Pointer to wpa_supplicant data
754 * @addr: Previously used BSSID or %NULL if not available
755 *
756 * This function clears the encryption keys that has been previously configured
757 * for the driver.
758 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)759 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
760 {
761 int i, max = 6;
762
763 /* MLME-DELETEKEYS.request */
764 for (i = 0; i < max; i++) {
765 if (wpa_s->keys_cleared & BIT(i))
766 continue;
767 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
768 NULL, 0, KEY_FLAG_GROUP);
769 }
770 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
771 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
772 !is_zero_ether_addr(addr)) {
773 if (!(wpa_s->keys_cleared & BIT(0)))
774 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL,
775 0, NULL, 0, KEY_FLAG_PAIRWISE);
776 if (!(wpa_s->keys_cleared & BIT(15)))
777 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL,
778 0, NULL, 0, KEY_FLAG_PAIRWISE);
779 /* MLME-SETPROTECTION.request(None) */
780 wpa_drv_mlme_setprotection(
781 wpa_s, addr,
782 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
783 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
784 }
785 wpa_s->keys_cleared = (u32) -1;
786 }
787
788
789 /**
790 * wpa_supplicant_state_txt - Get the connection state name as a text string
791 * @state: State (wpa_state; WPA_*)
792 * Returns: The state name as a printable text string
793 */
wpa_supplicant_state_txt(enum wpa_states state)794 const char * wpa_supplicant_state_txt(enum wpa_states state)
795 {
796 switch (state) {
797 case WPA_DISCONNECTED:
798 return "DISCONNECTED";
799 case WPA_INACTIVE:
800 return "INACTIVE";
801 case WPA_INTERFACE_DISABLED:
802 return "INTERFACE_DISABLED";
803 case WPA_SCANNING:
804 return "SCANNING";
805 case WPA_AUTHENTICATING:
806 return "AUTHENTICATING";
807 case WPA_ASSOCIATING:
808 return "ASSOCIATING";
809 case WPA_ASSOCIATED:
810 return "ASSOCIATED";
811 case WPA_4WAY_HANDSHAKE:
812 return "4WAY_HANDSHAKE";
813 case WPA_GROUP_HANDSHAKE:
814 return "GROUP_HANDSHAKE";
815 case WPA_COMPLETED:
816 return "COMPLETED";
817 default:
818 return "UNKNOWN";
819 }
820 }
821
822
823 #ifdef CONFIG_BGSCAN
824
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)825 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
826 {
827 if (wpa_s->bgscan_ssid) {
828 bgscan_deinit(wpa_s);
829 wpa_s->bgscan_ssid = NULL;
830 }
831 }
832
833
834 /**
835 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
836 * @wpa_s: Pointer to the wpa_supplicant data
837 *
838 * Stop, start, or reconfigure the scan parameters depending on the method.
839 */
wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)840 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
841 {
842 const char *name;
843
844 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
845 name = wpa_s->current_ssid->bgscan;
846 else
847 name = wpa_s->conf->bgscan;
848 if (!name || name[0] == '\0') {
849 wpa_supplicant_stop_bgscan(wpa_s);
850 return;
851 }
852 if (wpas_driver_bss_selection(wpa_s))
853 return;
854 #ifdef CONFIG_P2P
855 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
856 return;
857 #endif /* CONFIG_P2P */
858
859 bgscan_deinit(wpa_s);
860 if (wpa_s->current_ssid) {
861 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
862 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
863 "bgscan");
864 /*
865 * Live without bgscan; it is only used as a roaming
866 * optimization, so the initial connection is not
867 * affected.
868 */
869 } else {
870 struct wpa_scan_results *scan_res;
871 wpa_s->bgscan_ssid = wpa_s->current_ssid;
872 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
873 0);
874 if (scan_res) {
875 bgscan_notify_scan(wpa_s, scan_res);
876 wpa_scan_results_free(scan_res);
877 }
878 }
879 } else
880 wpa_s->bgscan_ssid = NULL;
881 }
882
883 #endif /* CONFIG_BGSCAN */
884
885
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)886 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
887 {
888 if (autoscan_init(wpa_s, 0))
889 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
890 }
891
892
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)893 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
894 {
895 autoscan_deinit(wpa_s);
896 }
897
898
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)899 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
900 {
901 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
902 wpa_s->wpa_state == WPA_SCANNING) {
903 autoscan_deinit(wpa_s);
904 wpa_supplicant_start_autoscan(wpa_s);
905 }
906 }
907
908
909 /**
910 * wpa_supplicant_set_state - Set current connection state
911 * @wpa_s: Pointer to wpa_supplicant data
912 * @state: The new connection state
913 *
914 * This function is called whenever the connection state changes, e.g.,
915 * association is completed for WPA/WPA2 4-Way Handshake is started.
916 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)917 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
918 enum wpa_states state)
919 {
920 enum wpa_states old_state = wpa_s->wpa_state;
921 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
922 bool update_fils_connect_params = false;
923 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
924
925 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
926 wpa_supplicant_state_txt(wpa_s->wpa_state),
927 wpa_supplicant_state_txt(state));
928
929 if (state == WPA_COMPLETED &&
930 os_reltime_initialized(&wpa_s->roam_start)) {
931 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
932 wpa_s->roam_start.sec = 0;
933 wpa_s->roam_start.usec = 0;
934 wpas_notify_auth_changed(wpa_s);
935 wpas_notify_roam_time(wpa_s);
936 wpas_notify_roam_complete(wpa_s);
937 } else if (state == WPA_DISCONNECTED &&
938 os_reltime_initialized(&wpa_s->roam_start)) {
939 wpa_s->roam_start.sec = 0;
940 wpa_s->roam_start.usec = 0;
941 wpa_s->roam_time.sec = 0;
942 wpa_s->roam_time.usec = 0;
943 wpas_notify_roam_complete(wpa_s);
944 }
945
946 if (state == WPA_INTERFACE_DISABLED) {
947 /* Assure normal scan when interface is restored */
948 wpa_s->normal_scans = 0;
949 }
950
951 if (state == WPA_COMPLETED) {
952 wpas_connect_work_done(wpa_s);
953 /* Reinitialize normal_scan counter */
954 wpa_s->normal_scans = 0;
955 }
956
957 #ifdef CONFIG_P2P
958 /*
959 * P2PS client has to reply to Probe Request frames received on the
960 * group operating channel. Enable Probe Request frame reporting for
961 * P2P connected client in case p2p_cli_probe configuration property is
962 * set to 1.
963 */
964 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
965 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
966 wpa_s->current_ssid->p2p_group) {
967 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
968 wpa_dbg(wpa_s, MSG_DEBUG,
969 "P2P: Enable CLI Probe Request RX reporting");
970 wpa_s->p2p_cli_probe =
971 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
972 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
973 wpa_dbg(wpa_s, MSG_DEBUG,
974 "P2P: Disable CLI Probe Request RX reporting");
975 wpa_s->p2p_cli_probe = 0;
976 wpa_drv_probe_req_report(wpa_s, 0);
977 }
978 }
979 #endif /* CONFIG_P2P */
980
981 if (state != WPA_SCANNING)
982 wpa_supplicant_notify_scanning(wpa_s, 0);
983
984 if (state == WPA_COMPLETED && wpa_s->new_connection) {
985 struct wpa_ssid *ssid = wpa_s->current_ssid;
986 int fils_hlp_sent = 0;
987
988 #ifdef CONFIG_SME
989 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
990 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
991 fils_hlp_sent = 1;
992 #endif /* CONFIG_SME */
993 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
994 wpa_auth_alg_fils(wpa_s->auth_alg))
995 fils_hlp_sent = 1;
996
997 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
998 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
999 MACSTR " completed [id=%d id_str=%s%s]",
1000 MAC2STR(wpa_s->bssid),
1001 ssid ? ssid->id : -1,
1002 ssid && ssid->id_str ? ssid->id_str : "",
1003 fils_hlp_sent ? " FILS_HLP_SENT" : "");
1004 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1005 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1006 wpa_s->consecutive_conn_failures = 0;
1007 wpa_s->new_connection = 0;
1008 wpa_drv_set_operstate(wpa_s, 1);
1009 #ifndef IEEE8021X_EAPOL
1010 wpa_drv_set_supp_port(wpa_s, 1);
1011 #endif /* IEEE8021X_EAPOL */
1012 wpa_s->after_wps = 0;
1013 wpa_s->known_wps_freq = 0;
1014 wpas_p2p_completed(wpa_s);
1015
1016 sme_sched_obss_scan(wpa_s, 1);
1017
1018 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1019 if (!fils_hlp_sent && ssid && ssid->eap.erp)
1020 update_fils_connect_params = true;
1021 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1022 #ifdef CONFIG_OWE
1023 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1024 wpas_update_owe_connect_params(wpa_s);
1025 #endif /* CONFIG_OWE */
1026 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1027 state == WPA_ASSOCIATED) {
1028 wpa_s->new_connection = 1;
1029 wpa_drv_set_operstate(wpa_s, 0);
1030 #ifndef IEEE8021X_EAPOL
1031 wpa_drv_set_supp_port(wpa_s, 0);
1032 #endif /* IEEE8021X_EAPOL */
1033 sme_sched_obss_scan(wpa_s, 0);
1034 }
1035 wpa_s->wpa_state = state;
1036
1037 #ifdef CONFIG_BGSCAN
1038 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1039 wpa_supplicant_reset_bgscan(wpa_s);
1040 else if (state < WPA_ASSOCIATED)
1041 wpa_supplicant_stop_bgscan(wpa_s);
1042 #endif /* CONFIG_BGSCAN */
1043
1044 if (state > WPA_SCANNING)
1045 wpa_supplicant_stop_autoscan(wpa_s);
1046
1047 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1048 wpa_supplicant_start_autoscan(wpa_s);
1049
1050 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1051 wmm_ac_notify_disassoc(wpa_s);
1052
1053 if (wpa_s->wpa_state != old_state) {
1054 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1055
1056 /*
1057 * Notify the P2P Device interface about a state change in one
1058 * of the interfaces.
1059 */
1060 wpas_p2p_indicate_state_change(wpa_s);
1061
1062 if (wpa_s->wpa_state == WPA_COMPLETED ||
1063 old_state == WPA_COMPLETED)
1064 wpas_notify_auth_changed(wpa_s);
1065 #ifdef CONFIG_DPP2
1066 if (wpa_s->wpa_state == WPA_COMPLETED)
1067 wpas_dpp_connected(wpa_s);
1068 #endif /* CONFIG_DPP2 */
1069 }
1070 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1071 if (update_fils_connect_params)
1072 wpas_update_fils_connect_params(wpa_s);
1073 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1074 }
1075
1076
wpa_supplicant_terminate_proc(struct wpa_global * global)1077 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1078 {
1079 int pending = 0;
1080 #ifdef CONFIG_WPS
1081 struct wpa_supplicant *wpa_s = global->ifaces;
1082 while (wpa_s) {
1083 struct wpa_supplicant *next = wpa_s->next;
1084 if (wpas_wps_terminate_pending(wpa_s) == 1)
1085 pending = 1;
1086 #ifdef CONFIG_P2P
1087 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1088 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1089 wpas_p2p_disconnect(wpa_s);
1090 #endif /* CONFIG_P2P */
1091 wpa_s = next;
1092 }
1093 #endif /* CONFIG_WPS */
1094 if (pending)
1095 return;
1096 eloop_terminate();
1097 }
1098
1099
wpa_supplicant_terminate(int sig,void * signal_ctx)1100 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1101 {
1102 struct wpa_global *global = signal_ctx;
1103 wpa_supplicant_terminate_proc(global);
1104 }
1105
1106
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1107 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1108 {
1109 enum wpa_states old_state = wpa_s->wpa_state;
1110 enum wpa_states new_state;
1111
1112 if (old_state == WPA_SCANNING)
1113 new_state = WPA_SCANNING;
1114 else
1115 new_state = WPA_DISCONNECTED;
1116
1117 wpa_s->pairwise_cipher = 0;
1118 wpa_s->group_cipher = 0;
1119 wpa_s->mgmt_group_cipher = 0;
1120 wpa_s->key_mgmt = 0;
1121 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1122 wpa_supplicant_set_state(wpa_s, new_state);
1123
1124 if (wpa_s->wpa_state != old_state)
1125 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1126 }
1127
1128
1129 /**
1130 * wpa_supplicant_reload_configuration - Reload configuration data
1131 * @wpa_s: Pointer to wpa_supplicant data
1132 * Returns: 0 on success or -1 if configuration parsing failed
1133 *
1134 * This function can be used to request that the configuration data is reloaded
1135 * (e.g., after configuration file change). This function is reloading
1136 * configuration only for one interface, so this may need to be called multiple
1137 * times if %wpa_supplicant is controlling multiple interfaces and all
1138 * interfaces need reconfiguration.
1139 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1140 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1141 {
1142 struct wpa_config *conf;
1143 int reconf_ctrl;
1144 int old_ap_scan;
1145
1146 if (wpa_s->confname == NULL)
1147 return -1;
1148 conf = wpa_config_read(wpa_s->confname, NULL);
1149 if (conf == NULL) {
1150 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1151 "file '%s' - exiting", wpa_s->confname);
1152 return -1;
1153 }
1154 if (wpa_s->confanother &&
1155 !wpa_config_read(wpa_s->confanother, conf)) {
1156 wpa_msg(wpa_s, MSG_ERROR,
1157 "Failed to parse the configuration file '%s' - exiting",
1158 wpa_s->confanother);
1159 return -1;
1160 }
1161
1162 conf->changed_parameters = (unsigned int) -1;
1163
1164 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1165 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1166 os_strcmp(conf->ctrl_interface,
1167 wpa_s->conf->ctrl_interface) != 0);
1168
1169 if (reconf_ctrl) {
1170 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1171 wpa_s->ctrl_iface = NULL;
1172 }
1173
1174 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1175 if (wpa_s->current_ssid) {
1176 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1177 wpa_s->own_disconnect_req = 1;
1178 wpa_supplicant_deauthenticate(wpa_s,
1179 WLAN_REASON_DEAUTH_LEAVING);
1180 }
1181
1182 /*
1183 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1184 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1185 */
1186 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1187 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1188 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1189 /*
1190 * Clear forced success to clear EAP state for next
1191 * authentication.
1192 */
1193 eapol_sm_notify_eap_success(wpa_s->eapol, false);
1194 }
1195 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1196 wpa_sm_set_config(wpa_s->wpa, NULL);
1197 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1198 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1199 rsn_preauth_deinit(wpa_s->wpa);
1200
1201 old_ap_scan = wpa_s->conf->ap_scan;
1202 wpa_config_free(wpa_s->conf);
1203 wpa_s->conf = conf;
1204 if (old_ap_scan != wpa_s->conf->ap_scan)
1205 wpas_notify_ap_scan_changed(wpa_s);
1206
1207 if (reconf_ctrl)
1208 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1209
1210 wpa_supplicant_update_config(wpa_s);
1211
1212 wpa_supplicant_clear_status(wpa_s);
1213 if (wpa_supplicant_enabled_networks(wpa_s)) {
1214 wpa_s->reassociate = 1;
1215 wpa_supplicant_req_scan(wpa_s, 0, 0);
1216 }
1217 wpa_bssid_ignore_clear(wpa_s);
1218 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1219 return 0;
1220 }
1221
1222
wpa_supplicant_reconfig(int sig,void * signal_ctx)1223 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1224 {
1225 struct wpa_global *global = signal_ctx;
1226 struct wpa_supplicant *wpa_s;
1227 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1228 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1229 sig);
1230 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1231 wpa_supplicant_terminate_proc(global);
1232 }
1233 }
1234
1235 if (wpa_debug_reopen_file() < 0) {
1236 /* Ignore errors since we cannot really do much to fix this */
1237 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1238 }
1239 }
1240
1241
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1242 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1243 struct wpa_ssid *ssid,
1244 struct wpa_ie_data *ie)
1245 {
1246 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1247 if (ret) {
1248 if (ret == -2) {
1249 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1250 "from association info");
1251 }
1252 return -1;
1253 }
1254
1255 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1256 "cipher suites");
1257 if (!(ie->group_cipher & ssid->group_cipher)) {
1258 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1259 "cipher 0x%x (mask 0x%x) - reject",
1260 ie->group_cipher, ssid->group_cipher);
1261 return -1;
1262 }
1263 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1264 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1265 "cipher 0x%x (mask 0x%x) - reject",
1266 ie->pairwise_cipher, ssid->pairwise_cipher);
1267 return -1;
1268 }
1269 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1270 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1271 "management 0x%x (mask 0x%x) - reject",
1272 ie->key_mgmt, ssid->key_mgmt);
1273 return -1;
1274 }
1275
1276 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1277 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1278 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1279 "that does not support management frame protection - "
1280 "reject");
1281 return -1;
1282 }
1283
1284 return 0;
1285 }
1286
1287
matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1288 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1289 int freq)
1290 {
1291 if (!ie->has_group)
1292 ie->group_cipher = wpa_default_rsn_cipher(freq);
1293 if (!ie->has_pairwise)
1294 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1295 return (ie->group_cipher & ssid->group_cipher) &&
1296 (ie->pairwise_cipher & ssid->pairwise_cipher);
1297 }
1298
1299
wpas_set_mgmt_group_cipher(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1300 void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
1301 struct wpa_ssid *ssid, struct wpa_ie_data *ie)
1302 {
1303 int sel;
1304
1305 sel = ie->mgmt_group_cipher;
1306 if (ssid->group_mgmt_cipher)
1307 sel &= ssid->group_mgmt_cipher;
1308 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1309 !(ie->capabilities & WPA_CAPABILITY_MFPC))
1310 sel = 0;
1311 wpa_dbg(wpa_s, MSG_DEBUG,
1312 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1313 ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1314 if (sel & WPA_CIPHER_AES_128_CMAC) {
1315 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1316 wpa_dbg(wpa_s, MSG_DEBUG,
1317 "WPA: using MGMT group cipher AES-128-CMAC");
1318 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1319 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1320 wpa_dbg(wpa_s, MSG_DEBUG,
1321 "WPA: using MGMT group cipher BIP-GMAC-128");
1322 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1323 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1324 wpa_dbg(wpa_s, MSG_DEBUG,
1325 "WPA: using MGMT group cipher BIP-GMAC-256");
1326 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1327 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1328 wpa_dbg(wpa_s, MSG_DEBUG,
1329 "WPA: using MGMT group cipher BIP-CMAC-256");
1330 } else {
1331 wpa_s->mgmt_group_cipher = 0;
1332 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1333 }
1334 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1335 wpa_s->mgmt_group_cipher);
1336 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1337 wpas_get_ssid_pmf(wpa_s, ssid));
1338 }
1339
1340
1341 /**
1342 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1343 * @wpa_s: Pointer to wpa_supplicant data
1344 * @bss: Scan results for the selected BSS, or %NULL if not available
1345 * @ssid: Configuration data for the selected network
1346 * @wpa_ie: Buffer for the WPA/RSN IE
1347 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1348 * used buffer length in case the functions returns success.
1349 * Returns: 0 on success or -1 on failure
1350 *
1351 * This function is used to configure authentication and encryption parameters
1352 * based on the network configuration and scan result for the selected BSS (if
1353 * available).
1354 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len)1355 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1356 struct wpa_bss *bss, struct wpa_ssid *ssid,
1357 u8 *wpa_ie, size_t *wpa_ie_len)
1358 {
1359 struct wpa_ie_data ie;
1360 int sel, proto, sae_pwe;
1361 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1362
1363 if (bss) {
1364 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1365 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1366 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1367 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1368 } else {
1369 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1370 }
1371
1372 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1373 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1374 matching_ciphers(ssid, &ie, bss->freq) &&
1375 (ie.key_mgmt & ssid->key_mgmt)) {
1376 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1377 proto = WPA_PROTO_RSN;
1378 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1379 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1380 (ie.group_cipher & ssid->group_cipher) &&
1381 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1382 (ie.key_mgmt & ssid->key_mgmt)) {
1383 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1384 proto = WPA_PROTO_WPA;
1385 #ifdef CONFIG_HS20
1386 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1387 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1388 (ie.group_cipher & ssid->group_cipher) &&
1389 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1390 (ie.key_mgmt & ssid->key_mgmt)) {
1391 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1392 proto = WPA_PROTO_OSEN;
1393 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1394 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1395 (ie.group_cipher & ssid->group_cipher) &&
1396 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1397 (ie.key_mgmt & ssid->key_mgmt)) {
1398 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1399 proto = WPA_PROTO_RSN;
1400 #endif /* CONFIG_HS20 */
1401 } else if (bss) {
1402 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1403 wpa_dbg(wpa_s, MSG_DEBUG,
1404 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1405 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1406 ssid->key_mgmt);
1407 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1408 MAC2STR(bss->bssid),
1409 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1410 bss_wpa ? " WPA" : "",
1411 bss_rsn ? " RSN" : "",
1412 bss_osen ? " OSEN" : "");
1413 if (bss_rsn) {
1414 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1415 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1416 wpa_dbg(wpa_s, MSG_DEBUG,
1417 "Could not parse RSN element");
1418 } else {
1419 wpa_dbg(wpa_s, MSG_DEBUG,
1420 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1421 ie.pairwise_cipher, ie.group_cipher,
1422 ie.key_mgmt);
1423 }
1424 }
1425 if (bss_wpa) {
1426 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1427 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1428 wpa_dbg(wpa_s, MSG_DEBUG,
1429 "Could not parse WPA element");
1430 } else {
1431 wpa_dbg(wpa_s, MSG_DEBUG,
1432 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1433 ie.pairwise_cipher, ie.group_cipher,
1434 ie.key_mgmt);
1435 }
1436 }
1437 return -1;
1438 } else {
1439 if (ssid->proto & WPA_PROTO_OSEN)
1440 proto = WPA_PROTO_OSEN;
1441 else if (ssid->proto & WPA_PROTO_RSN)
1442 proto = WPA_PROTO_RSN;
1443 else
1444 proto = WPA_PROTO_WPA;
1445 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1446 os_memset(&ie, 0, sizeof(ie));
1447 ie.group_cipher = ssid->group_cipher;
1448 ie.pairwise_cipher = ssid->pairwise_cipher;
1449 ie.key_mgmt = ssid->key_mgmt;
1450 ie.mgmt_group_cipher = 0;
1451 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1452 if (ssid->group_mgmt_cipher &
1453 WPA_CIPHER_BIP_GMAC_256)
1454 ie.mgmt_group_cipher =
1455 WPA_CIPHER_BIP_GMAC_256;
1456 else if (ssid->group_mgmt_cipher &
1457 WPA_CIPHER_BIP_CMAC_256)
1458 ie.mgmt_group_cipher =
1459 WPA_CIPHER_BIP_CMAC_256;
1460 else if (ssid->group_mgmt_cipher &
1461 WPA_CIPHER_BIP_GMAC_128)
1462 ie.mgmt_group_cipher =
1463 WPA_CIPHER_BIP_GMAC_128;
1464 else
1465 ie.mgmt_group_cipher =
1466 WPA_CIPHER_AES_128_CMAC;
1467 }
1468 #ifdef CONFIG_OWE
1469 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1470 !ssid->owe_only &&
1471 !bss_wpa && !bss_rsn && !bss_osen) {
1472 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1473 wpa_s->wpa_proto = 0;
1474 *wpa_ie_len = 0;
1475 return 0;
1476 }
1477 #endif /* CONFIG_OWE */
1478 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1479 "based on configuration");
1480 } else
1481 proto = ie.proto;
1482 }
1483
1484 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1485 "pairwise %d key_mgmt %d proto %d",
1486 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1487 if (ssid->ieee80211w) {
1488 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1489 ie.mgmt_group_cipher);
1490 }
1491
1492 wpa_s->wpa_proto = proto;
1493 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1494 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1495 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1496
1497 if (bss || !wpa_s->ap_ies_from_associnfo) {
1498 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1499 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1500 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1501 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1502 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1503 bss_rsnx ? 2 + bss_rsnx[1] : 0))
1504 return -1;
1505 }
1506
1507 #ifdef CONFIG_NO_WPA
1508 wpa_s->group_cipher = WPA_CIPHER_NONE;
1509 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1510 #else /* CONFIG_NO_WPA */
1511 sel = ie.group_cipher & ssid->group_cipher;
1512 wpa_dbg(wpa_s, MSG_DEBUG,
1513 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1514 ie.group_cipher, ssid->group_cipher, sel);
1515 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1516 if (wpa_s->group_cipher < 0) {
1517 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1518 "cipher");
1519 return -1;
1520 }
1521 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1522 wpa_cipher_txt(wpa_s->group_cipher));
1523
1524 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1525 wpa_dbg(wpa_s, MSG_DEBUG,
1526 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1527 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1528 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1529 if (wpa_s->pairwise_cipher < 0) {
1530 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1531 "cipher");
1532 return -1;
1533 }
1534 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1535 wpa_cipher_txt(wpa_s->pairwise_cipher));
1536 #endif /* CONFIG_NO_WPA */
1537
1538 sel = ie.key_mgmt & ssid->key_mgmt;
1539 #ifdef CONFIG_SAE
1540 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1541 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1542 #endif /* CONFIG_SAE */
1543 #ifdef CONFIG_IEEE80211R
1544 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1545 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1546 sel &= ~WPA_KEY_MGMT_FT;
1547 #endif /* CONFIG_IEEE80211R */
1548 wpa_dbg(wpa_s, MSG_DEBUG,
1549 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1550 ie.key_mgmt, ssid->key_mgmt, sel);
1551 if (0) {
1552 #ifdef CONFIG_IEEE80211R
1553 #ifdef CONFIG_SHA384
1554 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1555 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1556 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1557 wpa_dbg(wpa_s, MSG_DEBUG,
1558 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1559 if (!ssid->ft_eap_pmksa_caching &&
1560 pmksa_cache_get_current(wpa_s->wpa)) {
1561 /* PMKSA caching with FT may have interoperability
1562 * issues, so disable that case by default for now. */
1563 wpa_dbg(wpa_s, MSG_DEBUG,
1564 "WPA: Disable PMKSA caching for FT/802.1X connection");
1565 pmksa_cache_clear_current(wpa_s->wpa);
1566 }
1567 #endif /* CONFIG_SHA384 */
1568 #endif /* CONFIG_IEEE80211R */
1569 #ifdef CONFIG_SUITEB192
1570 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1571 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1572 wpa_dbg(wpa_s, MSG_DEBUG,
1573 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1574 #endif /* CONFIG_SUITEB192 */
1575 #ifdef CONFIG_SUITEB
1576 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1577 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1578 wpa_dbg(wpa_s, MSG_DEBUG,
1579 "WPA: using KEY_MGMT 802.1X with Suite B");
1580 #endif /* CONFIG_SUITEB */
1581 #ifdef CONFIG_FILS
1582 #ifdef CONFIG_IEEE80211R
1583 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1584 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1585 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1586 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1587 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1588 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1589 #endif /* CONFIG_IEEE80211R */
1590 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1591 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1592 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1593 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1594 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1595 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1596 #endif /* CONFIG_FILS */
1597 #ifdef CONFIG_IEEE80211R
1598 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1599 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1600 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1601 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1602 if (!ssid->ft_eap_pmksa_caching &&
1603 pmksa_cache_get_current(wpa_s->wpa)) {
1604 /* PMKSA caching with FT may have interoperability
1605 * issues, so disable that case by default for now. */
1606 wpa_dbg(wpa_s, MSG_DEBUG,
1607 "WPA: Disable PMKSA caching for FT/802.1X connection");
1608 pmksa_cache_clear_current(wpa_s->wpa);
1609 }
1610 #endif /* CONFIG_IEEE80211R */
1611 #ifdef CONFIG_DPP
1612 } else if (sel & WPA_KEY_MGMT_DPP) {
1613 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1614 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1615 #endif /* CONFIG_DPP */
1616 #ifdef CONFIG_SAE
1617 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1618 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1619 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1620 } else if (sel & WPA_KEY_MGMT_SAE) {
1621 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1622 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1623 #endif /* CONFIG_SAE */
1624 #ifdef CONFIG_IEEE80211R
1625 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1626 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1627 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1628 #endif /* CONFIG_IEEE80211R */
1629 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1630 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1631 wpa_dbg(wpa_s, MSG_DEBUG,
1632 "WPA: using KEY_MGMT 802.1X with SHA256");
1633 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1634 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1635 wpa_dbg(wpa_s, MSG_DEBUG,
1636 "WPA: using KEY_MGMT PSK with SHA256");
1637 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1638 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1639 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1640 } else if (sel & WPA_KEY_MGMT_PSK) {
1641 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1642 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1643 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1644 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1645 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1646 #ifdef CONFIG_HS20
1647 } else if (sel & WPA_KEY_MGMT_OSEN) {
1648 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1649 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1650 #endif /* CONFIG_HS20 */
1651 #ifdef CONFIG_OWE
1652 } else if (sel & WPA_KEY_MGMT_OWE) {
1653 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1654 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1655 #endif /* CONFIG_OWE */
1656 } else {
1657 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1658 "authenticated key management type");
1659 return -1;
1660 }
1661
1662 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1663 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1664 wpa_s->pairwise_cipher);
1665 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1666
1667 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1668 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1669 wpa_msg(wpa_s, MSG_INFO,
1670 "RSN: Management frame protection required but the selected AP does not enable it");
1671 return -1;
1672 }
1673
1674 wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie);
1675 #ifdef CONFIG_OCV
1676 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
1677 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
1678 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1679 #endif /* CONFIG_OCV */
1680 sae_pwe = wpa_s->conf->sae_pwe;
1681 if (ssid->sae_password_id && sae_pwe != 3)
1682 sae_pwe = 1;
1683 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
1684 #ifdef CONFIG_SAE_PK
1685 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
1686 wpa_key_mgmt_sae(ssid->key_mgmt) &&
1687 ssid->sae_pk != SAE_PK_MODE_DISABLED &&
1688 ((ssid->sae_password &&
1689 sae_pk_valid_password(ssid->sae_password)) ||
1690 (!ssid->sae_password && ssid->passphrase &&
1691 sae_pk_valid_password(ssid->passphrase))));
1692 #endif /* CONFIG_SAE_PK */
1693 #ifdef CONFIG_TESTING_OPTIONS
1694 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
1695 wpa_s->ft_rsnxe_used);
1696 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
1697 wpa_s->oci_freq_override_eapol);
1698 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
1699 wpa_s->oci_freq_override_eapol_g2);
1700 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
1701 wpa_s->oci_freq_override_ft_assoc);
1702 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
1703 wpa_s->oci_freq_override_fils_assoc);
1704 #endif /* CONFIG_TESTING_OPTIONS */
1705
1706 /* Extended Key ID is only supported in infrastructure BSS so far */
1707 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
1708 (ssid->proto & WPA_PROTO_RSN) &&
1709 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
1710 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
1711 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
1712 int use_ext_key_id = 0;
1713
1714 wpa_msg(wpa_s, MSG_DEBUG,
1715 "WPA: Enable Extended Key ID support");
1716 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
1717 wpa_s->conf->extended_key_id);
1718 if (bss_rsn &&
1719 wpa_s->conf->extended_key_id &&
1720 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
1721 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
1722 use_ext_key_id = 1;
1723 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
1724 use_ext_key_id);
1725 } else {
1726 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
1727 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
1728 }
1729
1730 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1731 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1732 return -1;
1733 }
1734
1735 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1736 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1737 &wpa_s->rsnxe_len)) {
1738 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1739 return -1;
1740 }
1741
1742 if (0) {
1743 #ifdef CONFIG_DPP
1744 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1745 /* Use PMK from DPP network introduction (PMKSA entry) */
1746 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1747 #ifdef CONFIG_DPP2
1748 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
1749 #endif /* CONFIG_DPP2 */
1750 #endif /* CONFIG_DPP */
1751 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1752 int psk_set = 0;
1753 int sae_only;
1754
1755 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1756 WPA_KEY_MGMT_FT_PSK |
1757 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1758
1759 if (ssid->psk_set && !sae_only) {
1760 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1761 ssid->psk, PMK_LEN);
1762 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1763 NULL);
1764 psk_set = 1;
1765 }
1766
1767 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1768 (ssid->sae_password || ssid->passphrase))
1769 psk_set = 1;
1770
1771 #ifndef CONFIG_NO_PBKDF2
1772 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1773 ssid->passphrase && !sae_only) {
1774 u8 psk[PMK_LEN];
1775 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1776 4096, psk, PMK_LEN);
1777 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1778 psk, PMK_LEN);
1779 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1780 psk_set = 1;
1781 os_memset(psk, 0, sizeof(psk));
1782 }
1783 #endif /* CONFIG_NO_PBKDF2 */
1784 #ifdef CONFIG_EXT_PASSWORD
1785 if (ssid->ext_psk && !sae_only) {
1786 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1787 ssid->ext_psk);
1788 char pw_str[64 + 1];
1789 u8 psk[PMK_LEN];
1790
1791 if (pw == NULL) {
1792 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1793 "found from external storage");
1794 return -1;
1795 }
1796
1797 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1798 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1799 "PSK length %d in external storage",
1800 (int) wpabuf_len(pw));
1801 ext_password_free(pw);
1802 return -1;
1803 }
1804
1805 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1806 pw_str[wpabuf_len(pw)] = '\0';
1807
1808 #ifndef CONFIG_NO_PBKDF2
1809 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1810 {
1811 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1812 4096, psk, PMK_LEN);
1813 os_memset(pw_str, 0, sizeof(pw_str));
1814 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1815 "external passphrase)",
1816 psk, PMK_LEN);
1817 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1818 NULL);
1819 psk_set = 1;
1820 os_memset(psk, 0, sizeof(psk));
1821 } else
1822 #endif /* CONFIG_NO_PBKDF2 */
1823 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1824 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1825 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1826 "Invalid PSK hex string");
1827 os_memset(pw_str, 0, sizeof(pw_str));
1828 ext_password_free(pw);
1829 return -1;
1830 }
1831 wpa_hexdump_key(MSG_MSGDUMP,
1832 "PSK (from external PSK)",
1833 psk, PMK_LEN);
1834 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1835 NULL);
1836 psk_set = 1;
1837 os_memset(psk, 0, sizeof(psk));
1838 } else {
1839 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1840 "PSK available");
1841 os_memset(pw_str, 0, sizeof(pw_str));
1842 ext_password_free(pw);
1843 return -1;
1844 }
1845
1846 os_memset(pw_str, 0, sizeof(pw_str));
1847 ext_password_free(pw);
1848 }
1849 #endif /* CONFIG_EXT_PASSWORD */
1850
1851 if (!psk_set) {
1852 wpa_msg(wpa_s, MSG_INFO,
1853 "No PSK available for association");
1854 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
1855 return -1;
1856 }
1857 #ifdef CONFIG_OWE
1858 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1859 /* OWE Diffie-Hellman exchange in (Re)Association
1860 * Request/Response frames set the PMK, so do not override it
1861 * here. */
1862 #endif /* CONFIG_OWE */
1863 } else
1864 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1865
1866 if (ssid->mode != WPAS_MODE_IBSS &&
1867 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
1868 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
1869 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
1870 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
1871 wpa_msg(wpa_s, MSG_INFO,
1872 "Disable PTK0 rekey support - replaced with reconnect");
1873 wpa_s->deny_ptk0_rekey = 1;
1874 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
1875 } else {
1876 wpa_s->deny_ptk0_rekey = 0;
1877 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
1878 }
1879
1880 return 0;
1881 }
1882
1883
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx)1884 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1885 {
1886 bool scs = true, mscs = true;
1887
1888 *pos = 0x00;
1889
1890 switch (idx) {
1891 case 0: /* Bits 0-7 */
1892 break;
1893 case 1: /* Bits 8-15 */
1894 if (wpa_s->conf->coloc_intf_reporting) {
1895 /* Bit 13 - Collocated Interference Reporting */
1896 *pos |= 0x20;
1897 }
1898 break;
1899 case 2: /* Bits 16-23 */
1900 #ifdef CONFIG_WNM
1901 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1902 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
1903 *pos |= 0x08; /* Bit 19 - BSS Transition */
1904 #endif /* CONFIG_WNM */
1905 break;
1906 case 3: /* Bits 24-31 */
1907 #ifdef CONFIG_WNM
1908 *pos |= 0x02; /* Bit 25 - SSID List */
1909 #endif /* CONFIG_WNM */
1910 #ifdef CONFIG_INTERWORKING
1911 if (wpa_s->conf->interworking)
1912 *pos |= 0x80; /* Bit 31 - Interworking */
1913 #endif /* CONFIG_INTERWORKING */
1914 break;
1915 case 4: /* Bits 32-39 */
1916 #ifdef CONFIG_INTERWORKING
1917 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
1918 *pos |= 0x01; /* Bit 32 - QoS Map */
1919 #endif /* CONFIG_INTERWORKING */
1920 break;
1921 case 5: /* Bits 40-47 */
1922 #ifdef CONFIG_HS20
1923 if (wpa_s->conf->hs20)
1924 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1925 #endif /* CONFIG_HS20 */
1926 #ifdef CONFIG_MBO
1927 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1928 #endif /* CONFIG_MBO */
1929 break;
1930 case 6: /* Bits 48-55 */
1931 #ifdef CONFIG_TESTING_OPTIONS
1932 if (wpa_s->disable_scs_support)
1933 scs = false;
1934 #endif /* CONFIG_TESTING_OPTIONS */
1935 if (scs)
1936 *pos |= 0x40; /* Bit 54 - SCS */
1937 break;
1938 case 7: /* Bits 56-63 */
1939 break;
1940 case 8: /* Bits 64-71 */
1941 if (wpa_s->conf->ftm_responder)
1942 *pos |= 0x40; /* Bit 70 - FTM responder */
1943 if (wpa_s->conf->ftm_initiator)
1944 *pos |= 0x80; /* Bit 71 - FTM initiator */
1945 break;
1946 case 9: /* Bits 72-79 */
1947 #ifdef CONFIG_FILS
1948 if (!wpa_s->disable_fils)
1949 *pos |= 0x01;
1950 #endif /* CONFIG_FILS */
1951 break;
1952 case 10: /* Bits 80-87 */
1953 #ifdef CONFIG_TESTING_OPTIONS
1954 if (wpa_s->disable_mscs_support)
1955 mscs = false;
1956 #endif /* CONFIG_TESTING_OPTIONS */
1957 if (mscs)
1958 *pos |= 0x20; /* Bit 85 - Mirrored SCS */
1959 break;
1960 }
1961 }
1962
1963
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen)1964 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1965 {
1966 u8 *pos = buf;
1967 u8 len = 11, i;
1968
1969 if (len < wpa_s->extended_capa_len)
1970 len = wpa_s->extended_capa_len;
1971 if (buflen < (size_t) len + 2) {
1972 wpa_printf(MSG_INFO,
1973 "Not enough room for building extended capabilities element");
1974 return -1;
1975 }
1976
1977 *pos++ = WLAN_EID_EXT_CAPAB;
1978 *pos++ = len;
1979 for (i = 0; i < len; i++, pos++) {
1980 wpas_ext_capab_byte(wpa_s, pos, i);
1981
1982 if (i < wpa_s->extended_capa_len) {
1983 *pos &= ~wpa_s->extended_capa_mask[i];
1984 *pos |= wpa_s->extended_capa[i];
1985 }
1986 }
1987
1988 while (len > 0 && buf[1 + len] == 0) {
1989 len--;
1990 buf[1] = len;
1991 }
1992 if (len == 0)
1993 return 0;
1994
1995 return 2 + len;
1996 }
1997
1998
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)1999 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
2000 struct wpa_bss *test_bss)
2001 {
2002 struct wpa_bss *bss;
2003
2004 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2005 if (bss == test_bss)
2006 return 1;
2007 }
2008
2009 return 0;
2010 }
2011
2012
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)2013 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
2014 struct wpa_ssid *test_ssid)
2015 {
2016 struct wpa_ssid *ssid;
2017
2018 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2019 if (ssid == test_ssid)
2020 return 1;
2021 }
2022
2023 return 0;
2024 }
2025
2026
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2027 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2028 struct wpa_ssid *test_ssid)
2029 {
2030 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2031 return 0;
2032
2033 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2034 }
2035
2036
wpas_connect_work_free(struct wpa_connect_work * cwork)2037 void wpas_connect_work_free(struct wpa_connect_work *cwork)
2038 {
2039 if (cwork == NULL)
2040 return;
2041 os_free(cwork);
2042 }
2043
2044
wpas_connect_work_done(struct wpa_supplicant * wpa_s)2045 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2046 {
2047 struct wpa_connect_work *cwork;
2048 struct wpa_radio_work *work = wpa_s->connect_work;
2049
2050 if (!work)
2051 return;
2052
2053 wpa_s->connect_work = NULL;
2054 cwork = work->ctx;
2055 work->ctx = NULL;
2056 wpas_connect_work_free(cwork);
2057 radio_work_done(work);
2058 }
2059
2060
wpas_update_random_addr(struct wpa_supplicant * wpa_s,int style)2061 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
2062 {
2063 struct os_reltime now;
2064 u8 addr[ETH_ALEN];
2065
2066 os_get_reltime(&now);
2067 if (wpa_s->last_mac_addr_style == style &&
2068 wpa_s->last_mac_addr_change.sec != 0 &&
2069 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
2070 wpa_s->conf->rand_addr_lifetime)) {
2071 wpa_msg(wpa_s, MSG_DEBUG,
2072 "Previously selected random MAC address has not yet expired");
2073 return 0;
2074 }
2075
2076 switch (style) {
2077 case 1:
2078 if (random_mac_addr(addr) < 0)
2079 return -1;
2080 break;
2081 case 2:
2082 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2083 if (random_mac_addr_keep_oui(addr) < 0)
2084 return -1;
2085 break;
2086 default:
2087 return -1;
2088 }
2089
2090 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2091 wpa_msg(wpa_s, MSG_INFO,
2092 "Failed to set random MAC address");
2093 return -1;
2094 }
2095
2096 os_get_reltime(&wpa_s->last_mac_addr_change);
2097 wpa_s->mac_addr_changed = 1;
2098 wpa_s->last_mac_addr_style = style;
2099
2100 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2101 wpa_msg(wpa_s, MSG_INFO,
2102 "Could not update MAC address information");
2103 return -1;
2104 }
2105
2106 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2107 MAC2STR(addr));
2108
2109 return 0;
2110 }
2111
2112
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2113 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2114 {
2115 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2116 !wpa_s->conf->preassoc_mac_addr)
2117 return 0;
2118
2119 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
2120 }
2121
2122
wpa_s_setup_sae_pt(struct wpa_config * conf,struct wpa_ssid * ssid)2123 static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
2124 {
2125 #ifdef CONFIG_SAE
2126 int *groups = conf->sae_groups;
2127 int default_groups[] = { 19, 20, 21, 0 };
2128 const char *password;
2129
2130 if (!groups || groups[0] <= 0)
2131 groups = default_groups;
2132
2133 password = ssid->sae_password;
2134 if (!password)
2135 password = ssid->passphrase;
2136
2137 if (!password ||
2138 (conf->sae_pwe == 0 && !ssid->sae_password_id &&
2139 !sae_pk_valid_password(password)) ||
2140 conf->sae_pwe == 3) {
2141 /* PT derivation not needed */
2142 sae_deinit_pt(ssid->pt);
2143 ssid->pt = NULL;
2144 return;
2145 }
2146
2147 if (ssid->pt)
2148 return; /* PT already derived */
2149 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2150 (const u8 *) password, os_strlen(password),
2151 ssid->sae_password_id);
2152 #endif /* CONFIG_SAE */
2153 }
2154
2155
wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2156 static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2157 {
2158 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2159 os_free(wpa_s->sme.sae_rejected_groups);
2160 wpa_s->sme.sae_rejected_groups = NULL;
2161 #ifdef CONFIG_TESTING_OPTIONS
2162 if (wpa_s->extra_sae_rejected_groups) {
2163 int i, *groups = wpa_s->extra_sae_rejected_groups;
2164
2165 for (i = 0; groups[i]; i++) {
2166 wpa_printf(MSG_DEBUG,
2167 "TESTING: Indicate rejection of an extra SAE group %d",
2168 groups[i]);
2169 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2170 groups[i]);
2171 }
2172 }
2173 #endif /* CONFIG_TESTING_OPTIONS */
2174 #endif /* CONFIG_SAE && CONFIG_SME */
2175 }
2176
2177
wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2178 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2179 {
2180 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2181 wpa_msg(wpa_s, MSG_INFO,
2182 "Could not restore permanent MAC address");
2183 return -1;
2184 }
2185 wpa_s->mac_addr_changed = 0;
2186 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2187 wpa_msg(wpa_s, MSG_INFO,
2188 "Could not update MAC address information");
2189 return -1;
2190 }
2191 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2192 return 0;
2193 }
2194
2195
2196 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2197
2198 /**
2199 * wpa_supplicant_associate - Request association
2200 * @wpa_s: Pointer to wpa_supplicant data
2201 * @bss: Scan results for the selected BSS, or %NULL if not available
2202 * @ssid: Configuration data for the selected network
2203 *
2204 * This function is used to request %wpa_supplicant to associate with a BSS.
2205 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2206 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2207 struct wpa_bss *bss, struct wpa_ssid *ssid)
2208 {
2209 struct wpa_connect_work *cwork;
2210 int rand_style;
2211
2212 wpa_s->own_disconnect_req = 0;
2213 wpa_s->own_reconnect_req = 0;
2214
2215 /*
2216 * If we are starting a new connection, any previously pending EAPOL
2217 * RX cannot be valid anymore.
2218 */
2219 wpabuf_free(wpa_s->pending_eapol_rx);
2220 wpa_s->pending_eapol_rx = NULL;
2221
2222 if (ssid->mac_addr == -1)
2223 rand_style = wpa_s->conf->mac_addr;
2224 else
2225 rand_style = ssid->mac_addr;
2226
2227 wpa_s->multi_ap_ie = 0;
2228 wmm_ac_clear_saved_tspecs(wpa_s);
2229 wpa_s->reassoc_same_bss = 0;
2230 wpa_s->reassoc_same_ess = 0;
2231 #ifdef CONFIG_TESTING_OPTIONS
2232 wpa_s->testing_resend_assoc = 0;
2233 #endif /* CONFIG_TESTING_OPTIONS */
2234
2235 if (wpa_s->last_ssid == ssid) {
2236 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2237 wpa_s->reassoc_same_ess = 1;
2238 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2239 wmm_ac_save_tspecs(wpa_s);
2240 wpa_s->reassoc_same_bss = 1;
2241 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2242 os_get_reltime(&wpa_s->roam_start);
2243 }
2244 } else {
2245 #ifdef CONFIG_SAE
2246 wpa_s_clear_sae_rejected(wpa_s);
2247 #endif /* CONFIG_SAE */
2248 }
2249 #ifdef CONFIG_SAE
2250 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2251 #endif /* CONFIG_SAE */
2252
2253 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
2254 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
2255 return;
2256 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2257 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
2258 if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2259 return;
2260 }
2261 wpa_s->last_ssid = ssid;
2262
2263 #ifdef CONFIG_IBSS_RSN
2264 ibss_rsn_deinit(wpa_s->ibss_rsn);
2265 wpa_s->ibss_rsn = NULL;
2266 #else /* CONFIG_IBSS_RSN */
2267 if (ssid->mode == WPAS_MODE_IBSS &&
2268 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2269 wpa_msg(wpa_s, MSG_INFO,
2270 "IBSS RSN not supported in the build");
2271 return;
2272 }
2273 #endif /* CONFIG_IBSS_RSN */
2274
2275 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2276 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2277 #ifdef CONFIG_AP
2278 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2279 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2280 "mode");
2281 return;
2282 }
2283 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2284 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2285 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2286 wpas_p2p_ap_setup_failed(wpa_s);
2287 return;
2288 }
2289 wpa_s->current_bss = bss;
2290 #else /* CONFIG_AP */
2291 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2292 "the build");
2293 #endif /* CONFIG_AP */
2294 return;
2295 }
2296
2297 if (ssid->mode == WPAS_MODE_MESH) {
2298 #ifdef CONFIG_MESH
2299 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2300 wpa_msg(wpa_s, MSG_INFO,
2301 "Driver does not support mesh mode");
2302 return;
2303 }
2304 if (bss)
2305 ssid->frequency = bss->freq;
2306 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2307 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2308 return;
2309 }
2310 wpa_s->current_bss = bss;
2311 #else /* CONFIG_MESH */
2312 wpa_msg(wpa_s, MSG_ERROR,
2313 "mesh mode support not included in the build");
2314 #endif /* CONFIG_MESH */
2315 return;
2316 }
2317
2318 /*
2319 * Set WPA state machine configuration to match the selected network now
2320 * so that the information is available before wpas_start_assoc_cb()
2321 * gets called. This is needed at least for RSN pre-authentication where
2322 * candidate APs are added to a list based on scan result processing
2323 * before completion of the first association.
2324 */
2325 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2326
2327 #ifdef CONFIG_DPP
2328 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2329 return;
2330 #endif /* CONFIG_DPP */
2331
2332 #ifdef CONFIG_TDLS
2333 if (bss)
2334 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2335 #endif /* CONFIG_TDLS */
2336
2337 #ifdef CONFIG_MBO
2338 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2339 #endif /* CONFIG_MBO */
2340
2341 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2342 ssid->mode == WPAS_MODE_INFRA) {
2343 sme_authenticate(wpa_s, bss, ssid);
2344 return;
2345 }
2346
2347 if (wpa_s->connect_work) {
2348 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2349 return;
2350 }
2351
2352 if (radio_work_pending(wpa_s, "connect")) {
2353 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2354 return;
2355 }
2356
2357 #ifdef CONFIG_SME
2358 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2359 /* Clear possibly set auth_alg, if any, from last attempt. */
2360 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2361 }
2362 #endif /* CONFIG_SME */
2363
2364 wpas_abort_ongoing_scan(wpa_s);
2365
2366 cwork = os_zalloc(sizeof(*cwork));
2367 if (cwork == NULL)
2368 return;
2369
2370 cwork->bss = bss;
2371 cwork->ssid = ssid;
2372
2373 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2374 wpas_start_assoc_cb, cwork) < 0) {
2375 os_free(cwork);
2376 }
2377 }
2378
2379
bss_is_ibss(struct wpa_bss * bss)2380 static int bss_is_ibss(struct wpa_bss *bss)
2381 {
2382 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2383 IEEE80211_CAP_IBSS;
2384 }
2385
2386
drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2387 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2388 const struct wpa_ssid *ssid)
2389 {
2390 enum hostapd_hw_mode hw_mode;
2391 struct hostapd_hw_modes *mode = NULL;
2392 u8 channel;
2393 int i;
2394
2395 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2396 if (hw_mode == NUM_HOSTAPD_MODES)
2397 return 0;
2398 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2399 if (wpa_s->hw.modes[i].mode == hw_mode) {
2400 mode = &wpa_s->hw.modes[i];
2401 break;
2402 }
2403 }
2404
2405 if (!mode)
2406 return 0;
2407
2408 return mode->vht_capab != 0;
2409 }
2410
2411
ibss_mesh_is_80mhz_avail(int channel,struct hostapd_hw_modes * mode)2412 static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
2413 {
2414 int i;
2415
2416 for (i = channel; i < channel + 16; i += 4) {
2417 struct hostapd_channel_data *chan;
2418
2419 chan = hw_get_channel_chan(mode, i, NULL);
2420 if (!chan ||
2421 chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2422 return false;
2423 }
2424
2425 return true;
2426 }
2427
2428
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)2429 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2430 const struct wpa_ssid *ssid,
2431 struct hostapd_freq_params *freq)
2432 {
2433 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
2434 enum hostapd_hw_mode hw_mode;
2435 struct hostapd_hw_modes *mode = NULL;
2436 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2437 184, 192 };
2438 int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5955,
2439 6035, 6115, 6195, 6275, 6355, 6435, 6515,
2440 6595, 6675, 6755, 6835, 6915, 6995 };
2441 int bw160[] = { 5955, 6115, 6275, 6435, 6595, 6755, 6915 };
2442 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2443 u8 channel;
2444 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2445 unsigned int j, k;
2446 struct hostapd_freq_params vht_freq;
2447 int chwidth, seg0, seg1;
2448 u32 vht_caps = 0;
2449 bool is_24ghz, is_6ghz;
2450
2451 freq->freq = ssid->frequency;
2452
2453 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2454 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2455
2456 if (ssid->mode != WPAS_MODE_IBSS)
2457 break;
2458
2459 /* Don't adjust control freq in case of fixed_freq */
2460 if (ssid->fixed_freq)
2461 break;
2462
2463 if (!bss_is_ibss(bss))
2464 continue;
2465
2466 if (ssid->ssid_len == bss->ssid_len &&
2467 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2468 wpa_printf(MSG_DEBUG,
2469 "IBSS already found in scan results, adjust control freq: %d",
2470 bss->freq);
2471 freq->freq = bss->freq;
2472 obss_scan = 0;
2473 break;
2474 }
2475 }
2476
2477 /* For IBSS check HT_IBSS flag */
2478 if (ssid->mode == WPAS_MODE_IBSS &&
2479 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2480 return;
2481
2482 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2483 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2484 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2485 wpa_printf(MSG_DEBUG,
2486 "IBSS: WEP/TKIP detected, do not try to enable HT");
2487 return;
2488 }
2489
2490 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2491 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2492 if (wpa_s->hw.modes[i].mode == hw_mode) {
2493 mode = &wpa_s->hw.modes[i];
2494 break;
2495 }
2496 }
2497
2498 if (!mode)
2499 return;
2500
2501 freq->channel = channel;
2502
2503 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2504 hw_mode == HOSTAPD_MODE_IEEE80211B;
2505
2506 /* HT/VHT and corresponding overrides are not applicable to 6 GHz.
2507 * However, HE is mandatory for 6 GHz.
2508 */
2509 is_6ghz = is_6ghz_freq(freq->freq);
2510 if (is_6ghz)
2511 goto skip_to_6ghz;
2512
2513 #ifdef CONFIG_HT_OVERRIDES
2514 if (ssid->disable_ht) {
2515 freq->ht_enabled = 0;
2516 return;
2517 }
2518 #endif /* CONFIG_HT_OVERRIDES */
2519
2520 freq->ht_enabled = ht_supported(mode);
2521 if (!freq->ht_enabled)
2522 return;
2523
2524 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2525 if (is_24ghz)
2526 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2527 #ifdef CONFIG_HE_OVERRIDES
2528 if (is_24ghz && ssid->disable_he)
2529 freq->he_enabled = 0;
2530 #endif /* CONFIG_HE_OVERRIDES */
2531
2532 /* Setup higher BW only for 5 GHz */
2533 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2534 return;
2535
2536 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2537 pri_chan = &mode->channels[chan_idx];
2538 if (pri_chan->chan == channel)
2539 break;
2540 pri_chan = NULL;
2541 }
2542 if (!pri_chan)
2543 return;
2544
2545 /* Check primary channel flags */
2546 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2547 return;
2548
2549 freq->channel = pri_chan->chan;
2550
2551 #ifdef CONFIG_HT_OVERRIDES
2552 if (ssid->disable_ht40) {
2553 #ifdef CONFIG_VHT_OVERRIDES
2554 if (ssid->disable_vht)
2555 return;
2556 #endif /* CONFIG_VHT_OVERRIDES */
2557 goto skip_ht40;
2558 }
2559 #endif /* CONFIG_HT_OVERRIDES */
2560
2561 /* Check/setup HT40+/HT40- */
2562 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2563 if (ht40plus[j] == channel) {
2564 ht40 = 1;
2565 break;
2566 }
2567 }
2568
2569 /* Find secondary channel */
2570 for (i = 0; i < mode->num_channels; i++) {
2571 sec_chan = &mode->channels[i];
2572 if (sec_chan->chan == channel + ht40 * 4)
2573 break;
2574 sec_chan = NULL;
2575 }
2576 if (!sec_chan)
2577 return;
2578
2579 /* Check secondary channel flags */
2580 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2581 return;
2582
2583 if (ht40 == -1) {
2584 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2585 return;
2586 } else {
2587 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2588 return;
2589 }
2590 freq->sec_channel_offset = ht40;
2591
2592 if (obss_scan) {
2593 struct wpa_scan_results *scan_res;
2594
2595 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2596 if (scan_res == NULL) {
2597 /* Back to HT20 */
2598 freq->sec_channel_offset = 0;
2599 return;
2600 }
2601
2602 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
2603 switch (res) {
2604 case 0:
2605 /* Back to HT20 */
2606 freq->sec_channel_offset = 0;
2607 break;
2608 case 1:
2609 /* Configuration allowed */
2610 break;
2611 case 2:
2612 /* Switch pri/sec channels */
2613 freq->freq = hw_get_freq(mode, sec_chan->chan);
2614 freq->sec_channel_offset = -freq->sec_channel_offset;
2615 freq->channel = sec_chan->chan;
2616 break;
2617 default:
2618 freq->sec_channel_offset = 0;
2619 break;
2620 }
2621
2622 wpa_scan_results_free(scan_res);
2623 }
2624
2625 #ifdef CONFIG_HT_OVERRIDES
2626 skip_ht40:
2627 #endif /* CONFIG_HT_OVERRIDES */
2628 wpa_printf(MSG_DEBUG,
2629 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2630 freq->channel, freq->sec_channel_offset);
2631
2632 if (!drv_supports_vht(wpa_s, ssid))
2633 return;
2634
2635 /* For IBSS check VHT_IBSS flag */
2636 if (ssid->mode == WPAS_MODE_IBSS &&
2637 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2638 return;
2639
2640 #ifdef CONFIG_VHT_OVERRIDES
2641 if (ssid->disable_vht) {
2642 freq->vht_enabled = 0;
2643 return;
2644 }
2645 #endif /* CONFIG_VHT_OVERRIDES */
2646
2647 skip_to_6ghz:
2648 vht_freq = *freq;
2649
2650 /* 6 GHz does not have VHT enabled, so allow that exception here. */
2651 vht_freq.vht_enabled = vht_supported(mode);
2652 if (!vht_freq.vht_enabled && !is_6ghz)
2653 return;
2654
2655 /* Enable HE with VHT for 5 GHz */
2656 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2657
2658 /* setup center_freq1, bandwidth */
2659 for (j = 0; j < ARRAY_SIZE(bw80); j++) {
2660 if (freq->freq >= bw80[j] &&
2661 freq->freq < bw80[j] + 80)
2662 break;
2663 }
2664
2665 if (j == ARRAY_SIZE(bw80) ||
2666 ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES)
2667 return;
2668
2669 /* Back to HT configuration if channel not usable */
2670 if (!ibss_mesh_is_80mhz_avail(channel, mode))
2671 return;
2672
2673 chwidth = CHANWIDTH_80MHZ;
2674 seg0 = channel + 6;
2675 seg1 = 0;
2676
2677 if ((mode->he_capab[ieee80211_mode].phy_cap[
2678 HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
2679 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz) {
2680 /* In 160 MHz, the initial four 20 MHz channels were validated
2681 * above; check the remaining four 20 MHz channels for the total
2682 * of 160 MHz bandwidth.
2683 */
2684 if (!ibss_mesh_is_80mhz_avail(channel + 16, mode))
2685 return;
2686
2687 for (j = 0; j < ARRAY_SIZE(bw160); j++) {
2688 if (freq->freq == bw160[j]) {
2689 chwidth = CHANWIDTH_160MHZ;
2690 seg0 = channel + 14;
2691 break;
2692 }
2693 }
2694 }
2695
2696 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
2697 /* setup center_freq2, bandwidth */
2698 for (k = 0; k < ARRAY_SIZE(bw80); k++) {
2699 /* Only accept 80 MHz segments separated by a gap */
2700 if (j == k || abs(bw80[j] - bw80[k]) == 80)
2701 continue;
2702
2703 if (ieee80211_freq_to_chan(bw80[k], &channel) ==
2704 NUM_HOSTAPD_MODES)
2705 return;
2706
2707 for (i = channel; i < channel + 16; i += 4) {
2708 struct hostapd_channel_data *chan;
2709
2710 chan = hw_get_channel_chan(mode, i, NULL);
2711 if (!chan)
2712 continue;
2713
2714 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2715 HOSTAPD_CHAN_NO_IR |
2716 HOSTAPD_CHAN_RADAR))
2717 continue;
2718
2719 /* Found a suitable second segment for 80+80 */
2720 chwidth = CHANWIDTH_80P80MHZ;
2721 if (!is_6ghz)
2722 vht_caps |=
2723 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2724 seg1 = channel + 6;
2725 }
2726
2727 if (chwidth == CHANWIDTH_80P80MHZ)
2728 break;
2729 }
2730 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
2731 if (freq->freq == 5180) {
2732 chwidth = CHANWIDTH_160MHZ;
2733 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2734 seg0 = 50;
2735 } else if (freq->freq == 5520) {
2736 chwidth = CHANWIDTH_160MHZ;
2737 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2738 seg0 = 114;
2739 }
2740 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2741 chwidth = CHANWIDTH_USE_HT;
2742 seg0 = channel + 2;
2743 #ifdef CONFIG_HT_OVERRIDES
2744 if (ssid->disable_ht40)
2745 seg0 = 0;
2746 #endif /* CONFIG_HT_OVERRIDES */
2747 }
2748
2749 #ifdef CONFIG_HE_OVERRIDES
2750 if (ssid->disable_he) {
2751 vht_freq.he_enabled = 0;
2752 freq->he_enabled = 0;
2753 }
2754 #endif /* CONFIG_HE_OVERRIDES */
2755 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2756 freq->channel, ssid->enable_edmg,
2757 ssid->edmg_channel, freq->ht_enabled,
2758 vht_freq.vht_enabled, freq->he_enabled,
2759 freq->sec_channel_offset,
2760 chwidth, seg0, seg1, vht_caps,
2761 &mode->he_capab[ieee80211_mode]) != 0)
2762 return;
2763
2764 *freq = vht_freq;
2765
2766 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2767 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2768 }
2769
2770
2771 #ifdef CONFIG_FILS
wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)2772 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2773 size_t ie_buf_len)
2774 {
2775 struct fils_hlp_req *req;
2776 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2777 const u8 *pos;
2778 u8 *buf = ie_buf;
2779
2780 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2781 list) {
2782 rem_len = ie_buf_len - ie_len;
2783 pos = wpabuf_head(req->pkt);
2784 hdr_len = 1 + 2 * ETH_ALEN + 6;
2785 hlp_len = wpabuf_len(req->pkt);
2786
2787 if (rem_len < 2 + hdr_len + hlp_len) {
2788 wpa_printf(MSG_ERROR,
2789 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2790 (unsigned long) rem_len,
2791 (unsigned long) (2 + hdr_len + hlp_len));
2792 break;
2793 }
2794
2795 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2796 /* Element ID */
2797 *buf++ = WLAN_EID_EXTENSION;
2798 /* Length */
2799 *buf++ = len;
2800 /* Element ID Extension */
2801 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2802 /* Destination MAC address */
2803 os_memcpy(buf, req->dst, ETH_ALEN);
2804 buf += ETH_ALEN;
2805 /* Source MAC address */
2806 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2807 buf += ETH_ALEN;
2808 /* LLC/SNAP Header */
2809 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2810 buf += 6;
2811 /* HLP Packet */
2812 os_memcpy(buf, pos, len - hdr_len);
2813 buf += len - hdr_len;
2814 pos += len - hdr_len;
2815
2816 hlp_len -= len - hdr_len;
2817 ie_len += 2 + len;
2818 rem_len -= 2 + len;
2819
2820 while (hlp_len) {
2821 len = (hlp_len > 255) ? 255 : hlp_len;
2822 if (rem_len < 2 + len)
2823 break;
2824 *buf++ = WLAN_EID_FRAGMENT;
2825 *buf++ = len;
2826 os_memcpy(buf, pos, len);
2827 buf += len;
2828 pos += len;
2829
2830 hlp_len -= len;
2831 ie_len += 2 + len;
2832 rem_len -= 2 + len;
2833 }
2834 }
2835
2836 return ie_len;
2837 }
2838
2839
wpa_is_fils_supported(struct wpa_supplicant * wpa_s)2840 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2841 {
2842 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2843 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2844 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2845 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2846 }
2847
2848
wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)2849 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2850 {
2851 #ifdef CONFIG_FILS_SK_PFS
2852 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2853 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2854 #else /* CONFIG_FILS_SK_PFS */
2855 return 0;
2856 #endif /* CONFIG_FILS_SK_PFS */
2857 }
2858
2859 #endif /* CONFIG_FILS */
2860
2861
wpas_populate_wfa_capa(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,u8 * wpa_ie,size_t wpa_ie_len,size_t max_wpa_ie_len)2862 static int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s,
2863 struct wpa_bss *bss,
2864 u8 *wpa_ie, size_t wpa_ie_len,
2865 size_t max_wpa_ie_len)
2866 {
2867 struct wpabuf *wfa_ie = NULL;
2868 u8 wfa_capa[1];
2869 size_t wfa_ie_len, buf_len;
2870
2871 os_memset(wfa_capa, 0, sizeof(wfa_capa));
2872 if (wpa_s->enable_dscp_policy_capa)
2873 wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY;
2874
2875 if (!wfa_capa[0])
2876 return wpa_ie_len;
2877
2878 /* Wi-Fi Alliance element */
2879 buf_len = 1 + /* Element ID */
2880 1 + /* Length */
2881 3 + /* OUI */
2882 1 + /* OUI Type */
2883 1 + /* Capabilities Length */
2884 sizeof(wfa_capa); /* Capabilities */
2885 wfa_ie = wpabuf_alloc(buf_len);
2886 if (!wfa_ie)
2887 return wpa_ie_len;
2888
2889 wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC);
2890 wpabuf_put_u8(wfa_ie, buf_len - 2);
2891 wpabuf_put_be24(wfa_ie, OUI_WFA);
2892 wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE);
2893 wpabuf_put_u8(wfa_ie, sizeof(wfa_capa));
2894 wpabuf_put_data(wfa_ie, wfa_capa, sizeof(wfa_capa));
2895
2896 wfa_ie_len = wpabuf_len(wfa_ie);
2897 if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) {
2898 wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element",
2899 wfa_ie);
2900 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie),
2901 wfa_ie_len);
2902 wpa_ie_len += wfa_ie_len;
2903 }
2904
2905 wpabuf_free(wfa_ie);
2906 return wpa_ie_len;
2907 }
2908
2909
wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)2910 static u8 * wpas_populate_assoc_ies(
2911 struct wpa_supplicant *wpa_s,
2912 struct wpa_bss *bss, struct wpa_ssid *ssid,
2913 struct wpa_driver_associate_params *params,
2914 enum wpa_drv_update_connect_params_mask *mask)
2915 {
2916 u8 *wpa_ie;
2917 size_t max_wpa_ie_len = 500;
2918 size_t wpa_ie_len;
2919 int algs = WPA_AUTH_ALG_OPEN;
2920 #ifdef CONFIG_MBO
2921 const u8 *mbo_ie;
2922 #endif
2923 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
2924 int pmksa_cached = 0;
2925 #endif /* CONFIG_SAE || CONFIG_FILS */
2926 #ifdef CONFIG_FILS
2927 const u8 *realm, *username, *rrk;
2928 size_t realm_len, username_len, rrk_len;
2929 u16 next_seq_num;
2930 struct fils_hlp_req *req;
2931
2932 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2933 list) {
2934 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2935 2 + 2 * wpabuf_len(req->pkt) / 255;
2936 }
2937 #endif /* CONFIG_FILS */
2938
2939 wpa_ie = os_malloc(max_wpa_ie_len);
2940 if (!wpa_ie) {
2941 wpa_printf(MSG_ERROR,
2942 "Failed to allocate connect IE buffer for %lu bytes",
2943 (unsigned long) max_wpa_ie_len);
2944 return NULL;
2945 }
2946
2947 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2948 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2949 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2950 int try_opportunistic;
2951 const u8 *cache_id = NULL;
2952
2953 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2954 wpa_s->conf->okc :
2955 ssid->proactive_key_caching) &&
2956 (ssid->proto & WPA_PROTO_RSN);
2957 #ifdef CONFIG_FILS
2958 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2959 cache_id = wpa_bss_get_fils_cache_id(bss);
2960 #endif /* CONFIG_FILS */
2961 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2962 ssid, try_opportunistic,
2963 cache_id, 0) == 0) {
2964 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2965 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
2966 pmksa_cached = 1;
2967 #endif /* CONFIG_SAE || CONFIG_FILS */
2968 }
2969 wpa_ie_len = max_wpa_ie_len;
2970 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2971 wpa_ie, &wpa_ie_len)) {
2972 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2973 "key management and encryption suites");
2974 os_free(wpa_ie);
2975 return NULL;
2976 }
2977 #ifdef CONFIG_HS20
2978 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2979 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2980 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2981 wpa_ie_len = max_wpa_ie_len;
2982 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2983 wpa_ie, &wpa_ie_len)) {
2984 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2985 "key management and encryption suites");
2986 os_free(wpa_ie);
2987 return NULL;
2988 }
2989 #endif /* CONFIG_HS20 */
2990 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2991 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2992 /*
2993 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2994 * use non-WPA since the scan results did not indicate that the
2995 * AP is using WPA or WPA2.
2996 */
2997 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2998 wpa_ie_len = 0;
2999 wpa_s->wpa_proto = 0;
3000 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
3001 wpa_ie_len = max_wpa_ie_len;
3002 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
3003 wpa_ie, &wpa_ie_len)) {
3004 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3005 "key management and encryption suites (no "
3006 "scan results)");
3007 os_free(wpa_ie);
3008 return NULL;
3009 }
3010 #ifdef CONFIG_WPS
3011 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
3012 struct wpabuf *wps_ie;
3013 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
3014 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
3015 wpa_ie_len = wpabuf_len(wps_ie);
3016 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
3017 } else
3018 wpa_ie_len = 0;
3019 wpabuf_free(wps_ie);
3020 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3021 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
3022 params->wps = WPS_MODE_PRIVACY;
3023 else
3024 params->wps = WPS_MODE_OPEN;
3025 wpa_s->wpa_proto = 0;
3026 #endif /* CONFIG_WPS */
3027 } else {
3028 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3029 wpa_ie_len = 0;
3030 wpa_s->wpa_proto = 0;
3031 }
3032
3033 #ifdef IEEE8021X_EAPOL
3034 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3035 if (ssid->leap) {
3036 if (ssid->non_leap == 0)
3037 algs = WPA_AUTH_ALG_LEAP;
3038 else
3039 algs |= WPA_AUTH_ALG_LEAP;
3040 }
3041 }
3042
3043 #ifdef CONFIG_FILS
3044 /* Clear FILS association */
3045 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
3046
3047 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3048 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3049 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
3050 &username_len, &realm, &realm_len,
3051 &next_seq_num, &rrk, &rrk_len) == 0 &&
3052 (!wpa_s->last_con_fail_realm ||
3053 wpa_s->last_con_fail_realm_len != realm_len ||
3054 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
3055 algs = WPA_AUTH_ALG_FILS;
3056 params->fils_erp_username = username;
3057 params->fils_erp_username_len = username_len;
3058 params->fils_erp_realm = realm;
3059 params->fils_erp_realm_len = realm_len;
3060 params->fils_erp_next_seq_num = next_seq_num;
3061 params->fils_erp_rrk = rrk;
3062 params->fils_erp_rrk_len = rrk_len;
3063
3064 if (mask)
3065 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
3066 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3067 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3068 pmksa_cached) {
3069 algs = WPA_AUTH_ALG_FILS;
3070 }
3071 #endif /* CONFIG_FILS */
3072 #endif /* IEEE8021X_EAPOL */
3073 #ifdef CONFIG_SAE
3074 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
3075 algs = WPA_AUTH_ALG_SAE;
3076 #endif /* CONFIG_SAE */
3077
3078 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
3079 if (ssid->auth_alg) {
3080 algs = ssid->auth_alg;
3081 wpa_dbg(wpa_s, MSG_DEBUG,
3082 "Overriding auth_alg selection: 0x%x", algs);
3083 }
3084
3085 #ifdef CONFIG_SAE
3086 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
3087 wpa_dbg(wpa_s, MSG_DEBUG,
3088 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
3089 algs = WPA_AUTH_ALG_OPEN;
3090 }
3091 #endif /* CONFIG_SAE */
3092
3093 #ifdef CONFIG_P2P
3094 if (wpa_s->global->p2p) {
3095 u8 *pos;
3096 size_t len;
3097 int res;
3098 pos = wpa_ie + wpa_ie_len;
3099 len = max_wpa_ie_len - wpa_ie_len;
3100 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
3101 ssid->p2p_group);
3102 if (res >= 0)
3103 wpa_ie_len += res;
3104 }
3105
3106 wpa_s->cross_connect_disallowed = 0;
3107 if (bss) {
3108 struct wpabuf *p2p;
3109 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
3110 if (p2p) {
3111 wpa_s->cross_connect_disallowed =
3112 p2p_get_cross_connect_disallowed(p2p);
3113 wpabuf_free(p2p);
3114 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3115 "connection",
3116 wpa_s->cross_connect_disallowed ?
3117 "disallows" : "allows");
3118 }
3119 }
3120
3121 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3122 #endif /* CONFIG_P2P */
3123
3124 if (bss) {
3125 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3126 wpa_ie + wpa_ie_len,
3127 max_wpa_ie_len -
3128 wpa_ie_len);
3129 }
3130
3131 /*
3132 * Workaround: Add Extended Capabilities element only if the AP
3133 * included this element in Beacon/Probe Response frames. Some older
3134 * APs seem to have interoperability issues if this element is
3135 * included, so while the standard may require us to include the
3136 * element in all cases, it is justifiable to skip it to avoid
3137 * interoperability issues.
3138 */
3139 if (ssid->p2p_group)
3140 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3141 else
3142 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3143
3144 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3145 u8 ext_capab[18];
3146 int ext_capab_len;
3147 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3148 sizeof(ext_capab));
3149 if (ext_capab_len > 0 &&
3150 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3151 u8 *pos = wpa_ie;
3152 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3153 pos += 2 + pos[1];
3154 os_memmove(pos + ext_capab_len, pos,
3155 wpa_ie_len - (pos - wpa_ie));
3156 wpa_ie_len += ext_capab_len;
3157 os_memcpy(pos, ext_capab, ext_capab_len);
3158 }
3159 }
3160
3161 #ifdef CONFIG_HS20
3162 if (is_hs20_network(wpa_s, ssid, bss)) {
3163 struct wpabuf *hs20;
3164
3165 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3166 if (hs20) {
3167 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3168 size_t len;
3169
3170 wpas_hs20_add_indication(hs20, pps_mo_id,
3171 get_hs20_version(bss));
3172 wpas_hs20_add_roam_cons_sel(hs20, ssid);
3173 len = max_wpa_ie_len - wpa_ie_len;
3174 if (wpabuf_len(hs20) <= len) {
3175 os_memcpy(wpa_ie + wpa_ie_len,
3176 wpabuf_head(hs20), wpabuf_len(hs20));
3177 wpa_ie_len += wpabuf_len(hs20);
3178 }
3179 wpabuf_free(hs20);
3180
3181 hs20_configure_frame_filters(wpa_s);
3182 }
3183 }
3184 #endif /* CONFIG_HS20 */
3185
3186 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3187 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3188 size_t len;
3189
3190 len = max_wpa_ie_len - wpa_ie_len;
3191 if (wpabuf_len(buf) <= len) {
3192 os_memcpy(wpa_ie + wpa_ie_len,
3193 wpabuf_head(buf), wpabuf_len(buf));
3194 wpa_ie_len += wpabuf_len(buf);
3195 }
3196 }
3197
3198 #ifdef CONFIG_FST
3199 if (wpa_s->fst_ies) {
3200 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3201
3202 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3203 os_memcpy(wpa_ie + wpa_ie_len,
3204 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3205 wpa_ie_len += fst_ies_len;
3206 }
3207 }
3208 #endif /* CONFIG_FST */
3209
3210 #ifdef CONFIG_MBO
3211 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3212 if (!wpa_s->disable_mbo_oce && mbo_ie) {
3213 int len;
3214
3215 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3216 max_wpa_ie_len - wpa_ie_len,
3217 !!mbo_attr_from_mbo_ie(mbo_ie,
3218 OCE_ATTR_ID_CAPA_IND));
3219 if (len >= 0)
3220 wpa_ie_len += len;
3221 }
3222 #endif /* CONFIG_MBO */
3223
3224 #ifdef CONFIG_FILS
3225 if (algs == WPA_AUTH_ALG_FILS) {
3226 size_t len;
3227
3228 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3229 max_wpa_ie_len - wpa_ie_len);
3230 wpa_ie_len += len;
3231 }
3232 #endif /* CONFIG_FILS */
3233
3234 #ifdef CONFIG_OWE
3235 #ifdef CONFIG_TESTING_OPTIONS
3236 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3237 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3238 } else
3239 #endif /* CONFIG_TESTING_OPTIONS */
3240 if (algs == WPA_AUTH_ALG_OPEN &&
3241 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
3242 struct wpabuf *owe_ie;
3243 u16 group;
3244
3245 if (ssid->owe_group) {
3246 group = ssid->owe_group;
3247 } else if (wpa_s->assoc_status_code ==
3248 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3249 if (wpa_s->last_owe_group == 19)
3250 group = 20;
3251 else if (wpa_s->last_owe_group == 20)
3252 group = 21;
3253 else
3254 group = OWE_DH_GROUP;
3255 } else {
3256 group = OWE_DH_GROUP;
3257 }
3258
3259 wpa_s->last_owe_group = group;
3260 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3261 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3262 if (owe_ie &&
3263 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3264 os_memcpy(wpa_ie + wpa_ie_len,
3265 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3266 wpa_ie_len += wpabuf_len(owe_ie);
3267 }
3268 wpabuf_free(owe_ie);
3269 }
3270 #endif /* CONFIG_OWE */
3271
3272 #ifdef CONFIG_DPP2
3273 if (DPP_VERSION > 1 &&
3274 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3275 ssid->dpp_netaccesskey &&
3276 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
3277 struct rsn_pmksa_cache_entry *pmksa;
3278
3279 pmksa = pmksa_cache_get_current(wpa_s->wpa);
3280 if (!pmksa || !pmksa->dpp_pfs)
3281 goto pfs_fail;
3282
3283 dpp_pfs_free(wpa_s->dpp_pfs);
3284 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3285 ssid->dpp_netaccesskey_len);
3286 if (!wpa_s->dpp_pfs) {
3287 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3288 /* Try to continue without PFS */
3289 goto pfs_fail;
3290 }
3291 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3292 max_wpa_ie_len - wpa_ie_len) {
3293 os_memcpy(wpa_ie + wpa_ie_len,
3294 wpabuf_head(wpa_s->dpp_pfs->ie),
3295 wpabuf_len(wpa_s->dpp_pfs->ie));
3296 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3297 }
3298 }
3299 pfs_fail:
3300 #endif /* CONFIG_DPP2 */
3301
3302 #ifdef CONFIG_IEEE80211R
3303 /*
3304 * Add MDIE under these conditions: the network profile allows FT,
3305 * the AP supports FT, and the mobility domain ID matches.
3306 */
3307 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3308 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3309
3310 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3311 size_t len = 0;
3312 const u8 *md = mdie + 2;
3313 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3314
3315 if (os_memcmp(md, wpa_md,
3316 MOBILITY_DOMAIN_ID_LEN) == 0) {
3317 /* Add mobility domain IE */
3318 len = wpa_ft_add_mdie(
3319 wpa_s->wpa, wpa_ie + wpa_ie_len,
3320 max_wpa_ie_len - wpa_ie_len, mdie);
3321 wpa_ie_len += len;
3322 }
3323 #ifdef CONFIG_SME
3324 if (len > 0 && wpa_s->sme.ft_used &&
3325 wpa_sm_has_ptk(wpa_s->wpa)) {
3326 wpa_dbg(wpa_s, MSG_DEBUG,
3327 "SME: Trying to use FT over-the-air");
3328 algs |= WPA_AUTH_ALG_FT;
3329 }
3330 #endif /* CONFIG_SME */
3331 }
3332 }
3333 #endif /* CONFIG_IEEE80211R */
3334
3335 #ifdef CONFIG_TESTING_OPTIONS
3336 if (wpa_s->rsnxe_override_assoc &&
3337 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3338 max_wpa_ie_len - wpa_ie_len) {
3339 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3340 os_memcpy(wpa_ie + wpa_ie_len,
3341 wpabuf_head(wpa_s->rsnxe_override_assoc),
3342 wpabuf_len(wpa_s->rsnxe_override_assoc));
3343 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3344 } else
3345 #endif /* CONFIG_TESTING_OPTIONS */
3346 if (wpa_s->rsnxe_len > 0 &&
3347 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3348 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3349 wpa_ie_len += wpa_s->rsnxe_len;
3350 }
3351
3352 #ifdef CONFIG_TESTING_OPTIONS
3353 if (wpa_s->disable_mscs_support)
3354 goto mscs_end;
3355 #endif /* CONFIG_TESTING_OPTIONS */
3356 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
3357 wpa_s->robust_av.valid_config) {
3358 struct wpabuf *mscs_ie;
3359 size_t mscs_ie_len, buf_len;
3360
3361 buf_len = 3 + /* MSCS descriptor IE header */
3362 1 + /* Request type */
3363 2 + /* User priority control */
3364 4 + /* Stream timeout */
3365 3 + /* TCLAS Mask IE header */
3366 wpa_s->robust_av.frame_classifier_len;
3367 mscs_ie = wpabuf_alloc(buf_len);
3368 if (!mscs_ie) {
3369 wpa_printf(MSG_INFO,
3370 "MSCS: Failed to allocate MSCS IE");
3371 goto mscs_end;
3372 }
3373
3374 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
3375 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
3376 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
3377 mscs_ie_len = wpabuf_len(mscs_ie);
3378 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
3379 mscs_ie_len);
3380 wpa_ie_len += mscs_ie_len;
3381 }
3382
3383 wpabuf_free(mscs_ie);
3384 }
3385 mscs_end:
3386
3387 wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len,
3388 max_wpa_ie_len);
3389
3390 if (ssid->multi_ap_backhaul_sta) {
3391 size_t multi_ap_ie_len;
3392
3393 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3394 max_wpa_ie_len - wpa_ie_len,
3395 MULTI_AP_BACKHAUL_STA);
3396 if (multi_ap_ie_len == 0) {
3397 wpa_printf(MSG_ERROR,
3398 "Multi-AP: Failed to build Multi-AP IE");
3399 os_free(wpa_ie);
3400 return NULL;
3401 }
3402 wpa_ie_len += multi_ap_ie_len;
3403 }
3404
3405 params->wpa_ie = wpa_ie;
3406 params->wpa_ie_len = wpa_ie_len;
3407 params->auth_alg = algs;
3408 if (mask)
3409 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3410
3411 return wpa_ie;
3412 }
3413
3414
3415 #ifdef CONFIG_OWE
wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)3416 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3417 {
3418 struct wpa_driver_associate_params params;
3419 u8 *wpa_ie;
3420
3421 os_memset(¶ms, 0, sizeof(params));
3422 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3423 wpa_s->current_ssid, ¶ms, NULL);
3424 if (!wpa_ie)
3425 return;
3426
3427 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3428 os_free(wpa_ie);
3429 }
3430 #endif /* CONFIG_OWE */
3431
3432
3433 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)3434 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3435 {
3436 struct wpa_driver_associate_params params;
3437 enum wpa_drv_update_connect_params_mask mask = 0;
3438 u8 *wpa_ie;
3439
3440 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3441 return; /* nothing to do */
3442
3443 os_memset(¶ms, 0, sizeof(params));
3444 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3445 wpa_s->current_ssid, ¶ms, &mask);
3446 if (!wpa_ie)
3447 return;
3448
3449 if (params.auth_alg == WPA_AUTH_ALG_FILS) {
3450 wpa_s->auth_alg = params.auth_alg;
3451 wpa_drv_update_connect_params(wpa_s, ¶ms, mask);
3452 }
3453
3454 os_free(wpa_ie);
3455 }
3456 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3457
3458
wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)3459 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3460 {
3461 if (!edmg_ie || edmg_ie[1] < 6)
3462 return 0;
3463 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3464 }
3465
3466
wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)3467 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3468 {
3469 if (!edmg_ie || edmg_ie[1] < 6)
3470 return 0;
3471 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3472 }
3473
3474
3475 /* Returns the intersection of two EDMG configurations.
3476 * Note: The current implementation is limited to CB2 only (CB1 included),
3477 * i.e., the implementation supports up to 2 contiguous channels.
3478 * For supporting non-contiguous (aggregated) channels and for supporting
3479 * CB3 and above, this function will need to be extended.
3480 */
3481 static struct ieee80211_edmg_config
get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)3482 get_edmg_intersection(struct ieee80211_edmg_config a,
3483 struct ieee80211_edmg_config b,
3484 u8 primary_channel)
3485 {
3486 struct ieee80211_edmg_config result;
3487 int i, contiguous = 0;
3488 int max_contiguous = 0;
3489
3490 result.channels = b.channels & a.channels;
3491 if (!result.channels) {
3492 wpa_printf(MSG_DEBUG,
3493 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3494 a.channels, b.channels);
3495 goto fail;
3496 }
3497
3498 if (!(result.channels & BIT(primary_channel - 1))) {
3499 wpa_printf(MSG_DEBUG,
3500 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3501 primary_channel, result.channels);
3502 goto fail;
3503 }
3504
3505 /* Find max contiguous channels */
3506 for (i = 0; i < 6; i++) {
3507 if (result.channels & BIT(i))
3508 contiguous++;
3509 else
3510 contiguous = 0;
3511
3512 if (contiguous > max_contiguous)
3513 max_contiguous = contiguous;
3514 }
3515
3516 /* Assuming AP and STA supports ONLY contiguous channels,
3517 * bw configuration can have value between 4-7.
3518 */
3519 if ((b.bw_config < a.bw_config))
3520 result.bw_config = b.bw_config;
3521 else
3522 result.bw_config = a.bw_config;
3523
3524 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3525 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3526 wpa_printf(MSG_DEBUG,
3527 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3528 max_contiguous);
3529 goto fail;
3530 }
3531
3532 return result;
3533
3534 fail:
3535 result.channels = 0;
3536 result.bw_config = 0;
3537 return result;
3538 }
3539
3540
3541 static struct ieee80211_edmg_config
get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)3542 get_supported_edmg(struct wpa_supplicant *wpa_s,
3543 struct hostapd_freq_params *freq,
3544 struct ieee80211_edmg_config request_edmg)
3545 {
3546 enum hostapd_hw_mode hw_mode;
3547 struct hostapd_hw_modes *mode = NULL;
3548 u8 primary_channel;
3549
3550 if (!wpa_s->hw.modes)
3551 goto fail;
3552
3553 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3554 if (hw_mode == NUM_HOSTAPD_MODES)
3555 goto fail;
3556
3557 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
3558 if (!mode)
3559 goto fail;
3560
3561 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3562
3563 fail:
3564 request_edmg.channels = 0;
3565 request_edmg.bw_config = 0;
3566 return request_edmg;
3567 }
3568
3569
3570 #ifdef CONFIG_MBO
wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)3571 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3572 {
3573 struct wpa_driver_associate_params params;
3574 u8 *wpa_ie;
3575
3576 /*
3577 * Update MBO connect params only in case of change of MBO attributes
3578 * when connected, if the AP support MBO.
3579 */
3580
3581 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3582 !wpa_s->current_bss ||
3583 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3584 return;
3585
3586 os_memset(¶ms, 0, sizeof(params));
3587 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3588 wpa_s->current_ssid, ¶ms, NULL);
3589 if (!wpa_ie)
3590 return;
3591
3592 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3593 os_free(wpa_ie);
3594 }
3595 #endif /* CONFIG_MBO */
3596
3597
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)3598 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3599 {
3600 struct wpa_connect_work *cwork = work->ctx;
3601 struct wpa_bss *bss = cwork->bss;
3602 struct wpa_ssid *ssid = cwork->ssid;
3603 struct wpa_supplicant *wpa_s = work->wpa_s;
3604 u8 *wpa_ie;
3605 const u8 *edmg_ie_oper;
3606 int use_crypt, ret, bssid_changed;
3607 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3608 struct wpa_driver_associate_params params;
3609 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
3610 int wep_keys_set = 0;
3611 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */
3612 int assoc_failed = 0;
3613 struct wpa_ssid *old_ssid;
3614 u8 prev_bssid[ETH_ALEN];
3615 #ifdef CONFIG_HT_OVERRIDES
3616 struct ieee80211_ht_capabilities htcaps;
3617 struct ieee80211_ht_capabilities htcaps_mask;
3618 #endif /* CONFIG_HT_OVERRIDES */
3619 #ifdef CONFIG_VHT_OVERRIDES
3620 struct ieee80211_vht_capabilities vhtcaps;
3621 struct ieee80211_vht_capabilities vhtcaps_mask;
3622 #endif /* CONFIG_VHT_OVERRIDES */
3623
3624 wpa_s->roam_in_progress = false;
3625 #ifdef CONFIG_WNM
3626 wpa_s->bss_trans_mgmt_in_progress = false;
3627 #endif /* CONFIG_WNM */
3628
3629 if (deinit) {
3630 if (work->started) {
3631 wpa_s->connect_work = NULL;
3632
3633 /* cancel possible auth. timeout */
3634 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3635 NULL);
3636 }
3637 wpas_connect_work_free(cwork);
3638 return;
3639 }
3640
3641 wpa_s->connect_work = work;
3642
3643 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3644 wpas_network_disabled(wpa_s, ssid)) {
3645 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3646 wpas_connect_work_done(wpa_s);
3647 return;
3648 }
3649
3650 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3651 os_memset(¶ms, 0, sizeof(params));
3652 wpa_s->reassociate = 0;
3653 wpa_s->eap_expected_failure = 0;
3654
3655 /* Starting new association, so clear the possibly used WPA IE from the
3656 * previous association. */
3657 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
3658 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3659 wpa_s->rsnxe_len = 0;
3660 wpa_s->mscs_setup_done = false;
3661
3662 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL);
3663 if (!wpa_ie) {
3664 wpas_connect_work_done(wpa_s);
3665 return;
3666 }
3667
3668 if (bss &&
3669 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3670 #ifdef CONFIG_IEEE80211R
3671 const u8 *ie, *md = NULL;
3672 #endif /* CONFIG_IEEE80211R */
3673 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3674 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3675 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3676 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3677 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3678 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3679 if (bssid_changed)
3680 wpas_notify_bssid_changed(wpa_s);
3681 #ifdef CONFIG_IEEE80211R
3682 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3683 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3684 md = ie + 2;
3685 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3686 if (md) {
3687 /* Prepare for the next transition */
3688 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3689 }
3690 #endif /* CONFIG_IEEE80211R */
3691 #ifdef CONFIG_WPS
3692 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3693 wpa_s->conf->ap_scan == 2 &&
3694 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3695 /* Use ap_scan==1 style network selection to find the network
3696 */
3697 wpas_connect_work_done(wpa_s);
3698 wpa_s->scan_req = MANUAL_SCAN_REQ;
3699 wpa_s->reassociate = 1;
3700 wpa_supplicant_req_scan(wpa_s, 0, 0);
3701 os_free(wpa_ie);
3702 return;
3703 #endif /* CONFIG_WPS */
3704 } else {
3705 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3706 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3707 if (bss)
3708 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3709 else
3710 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3711 }
3712 if (!wpa_s->pno)
3713 wpa_supplicant_cancel_sched_scan(wpa_s);
3714
3715 wpa_supplicant_cancel_scan(wpa_s);
3716
3717 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3718 use_crypt = 1;
3719 cipher_pairwise = wpa_s->pairwise_cipher;
3720 cipher_group = wpa_s->group_cipher;
3721 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
3722 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3723 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3724 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3725 use_crypt = 0;
3726 #ifdef CONFIG_WEP
3727 if (wpa_set_wep_keys(wpa_s, ssid)) {
3728 use_crypt = 1;
3729 wep_keys_set = 1;
3730 }
3731 #endif /* CONFIG_WEP */
3732 }
3733 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3734 use_crypt = 0;
3735
3736 #ifdef IEEE8021X_EAPOL
3737 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3738 if ((ssid->eapol_flags &
3739 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3740 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3741 !wep_keys_set) {
3742 use_crypt = 0;
3743 } else {
3744 /* Assume that dynamic WEP-104 keys will be used and
3745 * set cipher suites in order for drivers to expect
3746 * encryption. */
3747 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
3748 }
3749 }
3750 #endif /* IEEE8021X_EAPOL */
3751
3752 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3753 /* Set the key before (and later after) association */
3754 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3755 }
3756
3757 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
3758 if (bss) {
3759 params.ssid = bss->ssid;
3760 params.ssid_len = bss->ssid_len;
3761 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3762 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3763 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3764 MACSTR " freq=%u MHz based on scan results "
3765 "(bssid_set=%d wps=%d)",
3766 MAC2STR(bss->bssid), bss->freq,
3767 ssid->bssid_set,
3768 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
3769 params.bssid = bss->bssid;
3770 params.freq.freq = bss->freq;
3771 }
3772 params.bssid_hint = bss->bssid;
3773 params.freq_hint = bss->freq;
3774 params.pbss = bss_is_pbss(bss);
3775 } else {
3776 if (ssid->bssid_hint_set)
3777 params.bssid_hint = ssid->bssid_hint;
3778
3779 params.ssid = ssid->ssid;
3780 params.ssid_len = ssid->ssid_len;
3781 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
3782 }
3783
3784 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3785 wpa_s->conf->ap_scan == 2) {
3786 params.bssid = ssid->bssid;
3787 params.fixed_bssid = 1;
3788 }
3789
3790 /* Initial frequency for IBSS/mesh */
3791 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
3792 ssid->frequency > 0 && params.freq.freq == 0)
3793 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
3794
3795 if (ssid->mode == WPAS_MODE_IBSS) {
3796 params.fixed_freq = ssid->fixed_freq;
3797 if (ssid->beacon_int)
3798 params.beacon_int = ssid->beacon_int;
3799 else
3800 params.beacon_int = wpa_s->conf->beacon_int;
3801 }
3802
3803 if (bss && ssid->enable_edmg)
3804 edmg_ie_oper = wpa_bss_get_ie_ext(bss,
3805 WLAN_EID_EXT_EDMG_OPERATION);
3806 else
3807 edmg_ie_oper = NULL;
3808
3809 if (edmg_ie_oper) {
3810 params.freq.edmg.channels =
3811 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3812 params.freq.edmg.bw_config =
3813 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3814 wpa_printf(MSG_DEBUG,
3815 "AP supports EDMG channels 0x%x, bw_config %d",
3816 params.freq.edmg.channels,
3817 params.freq.edmg.bw_config);
3818
3819 /* User may ask for specific EDMG channel for EDMG connection
3820 * (must be supported by AP)
3821 */
3822 if (ssid->edmg_channel) {
3823 struct ieee80211_edmg_config configured_edmg;
3824 enum hostapd_hw_mode hw_mode;
3825 u8 primary_channel;
3826
3827 hw_mode = ieee80211_freq_to_chan(bss->freq,
3828 &primary_channel);
3829 if (hw_mode == NUM_HOSTAPD_MODES)
3830 goto edmg_fail;
3831
3832 hostapd_encode_edmg_chan(ssid->enable_edmg,
3833 ssid->edmg_channel,
3834 primary_channel,
3835 &configured_edmg);
3836
3837 if (ieee802_edmg_is_allowed(params.freq.edmg,
3838 configured_edmg)) {
3839 params.freq.edmg = configured_edmg;
3840 wpa_printf(MSG_DEBUG,
3841 "Use EDMG channel %d for connection",
3842 ssid->edmg_channel);
3843 } else {
3844 edmg_fail:
3845 params.freq.edmg.channels = 0;
3846 params.freq.edmg.bw_config = 0;
3847 wpa_printf(MSG_WARNING,
3848 "EDMG channel %d not supported by AP, fallback to DMG",
3849 ssid->edmg_channel);
3850 }
3851 }
3852
3853 if (params.freq.edmg.channels) {
3854 wpa_printf(MSG_DEBUG,
3855 "EDMG before: channels 0x%x, bw_config %d",
3856 params.freq.edmg.channels,
3857 params.freq.edmg.bw_config);
3858 params.freq.edmg = get_supported_edmg(wpa_s,
3859 ¶ms.freq,
3860 params.freq.edmg);
3861 wpa_printf(MSG_DEBUG,
3862 "EDMG after: channels 0x%x, bw_config %d",
3863 params.freq.edmg.channels,
3864 params.freq.edmg.bw_config);
3865 }
3866 }
3867
3868 params.pairwise_suite = cipher_pairwise;
3869 params.group_suite = cipher_group;
3870 params.mgmt_group_suite = cipher_group_mgmt;
3871 params.key_mgmt_suite = wpa_s->key_mgmt;
3872 params.wpa_proto = wpa_s->wpa_proto;
3873 wpa_s->auth_alg = params.auth_alg;
3874 params.mode = ssid->mode;
3875 params.bg_scan_period = ssid->bg_scan_period;
3876 #ifdef CONFIG_WEP
3877 {
3878 int i;
3879
3880 for (i = 0; i < NUM_WEP_KEYS; i++) {
3881 if (ssid->wep_key_len[i])
3882 params.wep_key[i] = ssid->wep_key[i];
3883 params.wep_key_len[i] = ssid->wep_key_len[i];
3884 }
3885 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3886 }
3887 #endif /* CONFIG_WEP */
3888
3889 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
3890 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3891 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
3892 params.passphrase = ssid->passphrase;
3893 if (ssid->psk_set)
3894 params.psk = ssid->psk;
3895 }
3896
3897 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3898 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3899 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3900 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3901 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
3902 params.req_handshake_offload = 1;
3903
3904 if (wpa_s->conf->key_mgmt_offload) {
3905 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3906 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3907 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3908 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
3909 params.req_key_mgmt_offload =
3910 ssid->proactive_key_caching < 0 ?
3911 wpa_s->conf->okc : ssid->proactive_key_caching;
3912 else
3913 params.req_key_mgmt_offload = 1;
3914
3915 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3916 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3917 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3918 ssid->psk_set)
3919 params.psk = ssid->psk;
3920 }
3921
3922 params.drop_unencrypted = use_crypt;
3923
3924 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
3925 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
3926 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3927 struct wpa_ie_data ie;
3928 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3929 ie.capabilities &
3930 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
3931 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3932 "MFP: require MFP");
3933 params.mgmt_frame_protection =
3934 MGMT_FRAME_PROTECTION_REQUIRED;
3935 #ifdef CONFIG_OWE
3936 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3937 !ssid->owe_only) {
3938 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3939 #endif /* CONFIG_OWE */
3940 }
3941 }
3942
3943 params.p2p = ssid->p2p_group;
3944
3945 if (wpa_s->p2pdev->set_sta_uapsd)
3946 params.uapsd = wpa_s->p2pdev->sta_uapsd;
3947 else
3948 params.uapsd = -1;
3949
3950 #ifdef CONFIG_HT_OVERRIDES
3951 os_memset(&htcaps, 0, sizeof(htcaps));
3952 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3953 params.htcaps = (u8 *) &htcaps;
3954 params.htcaps_mask = (u8 *) &htcaps_mask;
3955 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
3956 #endif /* CONFIG_HT_OVERRIDES */
3957 #ifdef CONFIG_VHT_OVERRIDES
3958 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3959 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3960 params.vhtcaps = &vhtcaps;
3961 params.vhtcaps_mask = &vhtcaps_mask;
3962 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
3963 #endif /* CONFIG_VHT_OVERRIDES */
3964 #ifdef CONFIG_HE_OVERRIDES
3965 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms);
3966 #endif /* CONFIG_HE_OVERRIDES */
3967
3968 #ifdef CONFIG_P2P
3969 /*
3970 * If multi-channel concurrency is not supported, check for any
3971 * frequency conflict. In case of any frequency conflict, remove the
3972 * least prioritized connection.
3973 */
3974 if (wpa_s->num_multichan_concurrent < 2) {
3975 int freq, num;
3976 num = get_shared_radio_freqs(wpa_s, &freq, 1);
3977 if (num > 0 && freq > 0 && freq != params.freq.freq) {
3978 wpa_printf(MSG_DEBUG,
3979 "Assoc conflicting freq found (%d != %d)",
3980 freq, params.freq.freq);
3981 if (wpas_p2p_handle_frequency_conflicts(
3982 wpa_s, params.freq.freq, ssid) < 0) {
3983 wpas_connect_work_done(wpa_s);
3984 os_free(wpa_ie);
3985 return;
3986 }
3987 }
3988 }
3989 #endif /* CONFIG_P2P */
3990
3991 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3992 wpa_s->current_ssid)
3993 params.prev_bssid = prev_bssid;
3994
3995 #ifdef CONFIG_SAE
3996 params.sae_pwe = wpa_s->conf->sae_pwe;
3997 #endif /* CONFIG_SAE */
3998
3999 ret = wpa_drv_associate(wpa_s, ¶ms);
4000 os_free(wpa_ie);
4001 if (ret < 0) {
4002 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
4003 "failed");
4004 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) {
4005 /*
4006 * The driver is known to mean what is saying, so we
4007 * can stop right here; the association will not
4008 * succeed.
4009 */
4010 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
4011 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4012 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4013 return;
4014 }
4015 /* try to continue anyway; new association will be tried again
4016 * after timeout */
4017 assoc_failed = 1;
4018 }
4019
4020 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4021 /* Set the key after the association just in case association
4022 * cleared the previously configured key. */
4023 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4024 /* No need to timeout authentication since there is no key
4025 * management. */
4026 wpa_supplicant_cancel_auth_timeout(wpa_s);
4027 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
4028 #ifdef CONFIG_IBSS_RSN
4029 } else if (ssid->mode == WPAS_MODE_IBSS &&
4030 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
4031 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
4032 /*
4033 * RSN IBSS authentication is per-STA and we can disable the
4034 * per-BSSID authentication.
4035 */
4036 wpa_supplicant_cancel_auth_timeout(wpa_s);
4037 #endif /* CONFIG_IBSS_RSN */
4038 } else {
4039 /* Timeout for IEEE 802.11 authentication and association */
4040 int timeout = 60;
4041
4042 if (assoc_failed) {
4043 /* give IBSS a bit more time */
4044 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
4045 } else if (wpa_s->conf->ap_scan == 1) {
4046 /* give IBSS a bit more time */
4047 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
4048 }
4049 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4050 }
4051
4052 #ifdef CONFIG_WEP
4053 if (wep_keys_set &&
4054 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
4055 /* Set static WEP keys again */
4056 wpa_set_wep_keys(wpa_s, ssid);
4057 }
4058 #endif /* CONFIG_WEP */
4059
4060 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
4061 /*
4062 * Do not allow EAP session resumption between different
4063 * network configurations.
4064 */
4065 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4066 }
4067 old_ssid = wpa_s->current_ssid;
4068 wpa_s->current_ssid = ssid;
4069
4070 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4071 wpa_s->current_bss = bss;
4072 #ifdef CONFIG_HS20
4073 hs20_configure_frame_filters(wpa_s);
4074 #endif /* CONFIG_HS20 */
4075 }
4076
4077 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
4078 wpa_supplicant_initiate_eapol(wpa_s);
4079 if (old_ssid != wpa_s->current_ssid)
4080 wpas_notify_network_changed(wpa_s);
4081 }
4082
4083
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)4084 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
4085 const u8 *addr)
4086 {
4087 struct wpa_ssid *old_ssid;
4088
4089 wpas_connect_work_done(wpa_s);
4090 wpa_clear_keys(wpa_s, addr);
4091 old_ssid = wpa_s->current_ssid;
4092 wpa_supplicant_mark_disassoc(wpa_s);
4093 wpa_sm_set_config(wpa_s->wpa, NULL);
4094 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4095 if (old_ssid != wpa_s->current_ssid)
4096 wpas_notify_network_changed(wpa_s);
4097
4098 wpas_scs_deinit(wpa_s);
4099 wpas_dscp_deinit(wpa_s);
4100 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4101 }
4102
4103
4104 /**
4105 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
4106 * @wpa_s: Pointer to wpa_supplicant data
4107 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
4108 *
4109 * This function is used to request %wpa_supplicant to deauthenticate from the
4110 * current AP.
4111 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,u16 reason_code)4112 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4113 u16 reason_code)
4114 {
4115 u8 *addr = NULL;
4116 union wpa_event_data event;
4117 int zero_addr = 0;
4118
4119 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
4120 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
4121 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
4122 reason_code, reason2str(reason_code),
4123 wpa_supplicant_state_txt(wpa_s->wpa_state));
4124
4125 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
4126 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
4127 wpa_s->wpa_state == WPA_ASSOCIATING))
4128 addr = wpa_s->pending_bssid;
4129 else if (!is_zero_ether_addr(wpa_s->bssid))
4130 addr = wpa_s->bssid;
4131 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
4132 /*
4133 * When using driver-based BSS selection, we may not know the
4134 * BSSID with which we are currently trying to associate. We
4135 * need to notify the driver of this disconnection even in such
4136 * a case, so use the all zeros address here.
4137 */
4138 addr = wpa_s->bssid;
4139 zero_addr = 1;
4140 }
4141
4142 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
4143 wpa_s->enabled_4addr_mode = 0;
4144
4145 #ifdef CONFIG_TDLS
4146 wpa_tdls_teardown_peers(wpa_s->wpa);
4147 #endif /* CONFIG_TDLS */
4148
4149 #ifdef CONFIG_MESH
4150 if (wpa_s->ifmsh) {
4151 struct mesh_conf *mconf;
4152
4153 mconf = wpa_s->ifmsh->mconf;
4154 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
4155 wpa_s->ifname);
4156 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
4157 mconf->meshid_len, reason_code);
4158 wpa_supplicant_leave_mesh(wpa_s, true);
4159 }
4160 #endif /* CONFIG_MESH */
4161
4162 if (addr) {
4163 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
4164 os_memset(&event, 0, sizeof(event));
4165 event.deauth_info.reason_code = reason_code;
4166 event.deauth_info.locally_generated = 1;
4167 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
4168 if (zero_addr)
4169 addr = NULL;
4170 }
4171
4172 wpa_supplicant_clear_connection(wpa_s, addr);
4173 }
4174
4175
wpa_supplicant_reconnect(struct wpa_supplicant * wpa_s)4176 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
4177 {
4178 wpa_s->own_reconnect_req = 1;
4179 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
4180
4181 }
4182
4183
wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4184 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
4185 struct wpa_ssid *ssid)
4186 {
4187 if (!ssid || !ssid->disabled || ssid->disabled == 2)
4188 return;
4189
4190 ssid->disabled = 0;
4191 ssid->owe_transition_bss_select_count = 0;
4192 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4193 wpas_notify_network_enabled_changed(wpa_s, ssid);
4194
4195 /*
4196 * Try to reassociate since there is no current configuration and a new
4197 * network was made available.
4198 */
4199 if (!wpa_s->current_ssid && !wpa_s->disconnected)
4200 wpa_s->reassociate = 1;
4201 }
4202
4203
4204 /**
4205 * wpa_supplicant_add_network - Add a new network
4206 * @wpa_s: wpa_supplicant structure for a network interface
4207 * Returns: The new network configuration or %NULL if operation failed
4208 *
4209 * This function performs the following operations:
4210 * 1. Adds a new network.
4211 * 2. Send network addition notification.
4212 * 3. Marks the network disabled.
4213 * 4. Set network default parameters.
4214 */
wpa_supplicant_add_network(struct wpa_supplicant * wpa_s)4215 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
4216 {
4217 struct wpa_ssid *ssid;
4218
4219 ssid = wpa_config_add_network(wpa_s->conf);
4220 if (!ssid)
4221 return NULL;
4222 wpas_notify_network_added(wpa_s, ssid);
4223 ssid->disabled = 1;
4224 wpa_config_set_network_defaults(ssid);
4225
4226 return ssid;
4227 }
4228
4229
4230 /**
4231 * wpa_supplicant_remove_network - Remove a configured network based on id
4232 * @wpa_s: wpa_supplicant structure for a network interface
4233 * @id: Unique network id to search for
4234 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
4235 * could not be removed
4236 *
4237 * This function performs the following operations:
4238 * 1. Removes the network.
4239 * 2. Send network removal notification.
4240 * 3. Update internal state machines.
4241 * 4. Stop any running sched scans.
4242 */
wpa_supplicant_remove_network(struct wpa_supplicant * wpa_s,int id)4243 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
4244 {
4245 struct wpa_ssid *ssid;
4246 int was_disabled;
4247
4248 ssid = wpa_config_get_network(wpa_s->conf, id);
4249 if (!ssid)
4250 return -1;
4251 wpas_notify_network_removed(wpa_s, ssid);
4252
4253 if (wpa_s->last_ssid == ssid)
4254 wpa_s->last_ssid = NULL;
4255
4256 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
4257 #ifdef CONFIG_SME
4258 wpa_s->sme.prev_bssid_set = 0;
4259 #endif /* CONFIG_SME */
4260 /*
4261 * Invalidate the EAP session cache if the current or
4262 * previously used network is removed.
4263 */
4264 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4265 }
4266
4267 if (ssid == wpa_s->current_ssid) {
4268 wpa_sm_set_config(wpa_s->wpa, NULL);
4269 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4270
4271 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4272 wpa_s->own_disconnect_req = 1;
4273 wpa_supplicant_deauthenticate(wpa_s,
4274 WLAN_REASON_DEAUTH_LEAVING);
4275 }
4276
4277 was_disabled = ssid->disabled;
4278
4279 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
4280 return -2;
4281
4282 if (!was_disabled && wpa_s->sched_scanning) {
4283 wpa_printf(MSG_DEBUG,
4284 "Stop ongoing sched_scan to remove network from filters");
4285 wpa_supplicant_cancel_sched_scan(wpa_s);
4286 wpa_supplicant_req_scan(wpa_s, 0, 0);
4287 }
4288
4289 return 0;
4290 }
4291
4292
4293 /**
4294 * wpa_supplicant_remove_all_networks - Remove all configured networks
4295 * @wpa_s: wpa_supplicant structure for a network interface
4296 * Returns: 0 on success (errors are currently ignored)
4297 *
4298 * This function performs the following operations:
4299 * 1. Remove all networks.
4300 * 2. Send network removal notifications.
4301 * 3. Update internal state machines.
4302 * 4. Stop any running sched scans.
4303 */
wpa_supplicant_remove_all_networks(struct wpa_supplicant * wpa_s)4304 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
4305 {
4306 struct wpa_ssid *ssid;
4307
4308 if (wpa_s->sched_scanning)
4309 wpa_supplicant_cancel_sched_scan(wpa_s);
4310
4311 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4312 if (wpa_s->current_ssid) {
4313 #ifdef CONFIG_SME
4314 wpa_s->sme.prev_bssid_set = 0;
4315 #endif /* CONFIG_SME */
4316 wpa_sm_set_config(wpa_s->wpa, NULL);
4317 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4318 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4319 wpa_s->own_disconnect_req = 1;
4320 wpa_supplicant_deauthenticate(
4321 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4322 }
4323 ssid = wpa_s->conf->ssid;
4324 while (ssid) {
4325 struct wpa_ssid *remove_ssid = ssid;
4326 int id;
4327
4328 id = ssid->id;
4329 ssid = ssid->next;
4330 if (wpa_s->last_ssid == remove_ssid)
4331 wpa_s->last_ssid = NULL;
4332 wpas_notify_network_removed(wpa_s, remove_ssid);
4333 wpa_config_remove_network(wpa_s->conf, id);
4334 }
4335 return 0;
4336 }
4337
4338
4339 /**
4340 * wpa_supplicant_enable_network - Mark a configured network as enabled
4341 * @wpa_s: wpa_supplicant structure for a network interface
4342 * @ssid: wpa_ssid structure for a configured network or %NULL
4343 *
4344 * Enables the specified network or all networks if no network specified.
4345 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4346 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
4347 struct wpa_ssid *ssid)
4348 {
4349 if (ssid == NULL) {
4350 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4351 wpa_supplicant_enable_one_network(wpa_s, ssid);
4352 } else
4353 wpa_supplicant_enable_one_network(wpa_s, ssid);
4354
4355 if (wpa_s->reassociate && !wpa_s->disconnected &&
4356 (!wpa_s->current_ssid ||
4357 wpa_s->wpa_state == WPA_DISCONNECTED ||
4358 wpa_s->wpa_state == WPA_SCANNING)) {
4359 if (wpa_s->sched_scanning) {
4360 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
4361 "new network to scan filters");
4362 wpa_supplicant_cancel_sched_scan(wpa_s);
4363 }
4364
4365 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
4366 wpa_s->scan_req = NORMAL_SCAN_REQ;
4367 wpa_supplicant_req_scan(wpa_s, 0, 0);
4368 }
4369 }
4370 }
4371
4372
4373 /**
4374 * wpa_supplicant_disable_network - Mark a configured network as disabled
4375 * @wpa_s: wpa_supplicant structure for a network interface
4376 * @ssid: wpa_ssid structure for a configured network or %NULL
4377 *
4378 * Disables the specified network or all networks if no network specified.
4379 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4380 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
4381 struct wpa_ssid *ssid)
4382 {
4383 struct wpa_ssid *other_ssid;
4384 int was_disabled;
4385
4386 if (ssid == NULL) {
4387 if (wpa_s->sched_scanning)
4388 wpa_supplicant_cancel_sched_scan(wpa_s);
4389
4390 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4391 other_ssid = other_ssid->next) {
4392 was_disabled = other_ssid->disabled;
4393 if (was_disabled == 2)
4394 continue; /* do not change persistent P2P group
4395 * data */
4396
4397 other_ssid->disabled = 1;
4398
4399 if (was_disabled != other_ssid->disabled)
4400 wpas_notify_network_enabled_changed(
4401 wpa_s, other_ssid);
4402 }
4403 if (wpa_s->current_ssid) {
4404 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4405 wpa_s->own_disconnect_req = 1;
4406 wpa_supplicant_deauthenticate(
4407 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4408 }
4409 } else if (ssid->disabled != 2) {
4410 if (ssid == wpa_s->current_ssid) {
4411 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4412 wpa_s->own_disconnect_req = 1;
4413 wpa_supplicant_deauthenticate(
4414 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4415 }
4416
4417 was_disabled = ssid->disabled;
4418
4419 ssid->disabled = 1;
4420
4421 if (was_disabled != ssid->disabled) {
4422 wpas_notify_network_enabled_changed(wpa_s, ssid);
4423 if (wpa_s->sched_scanning) {
4424 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4425 "to remove network from filters");
4426 wpa_supplicant_cancel_sched_scan(wpa_s);
4427 wpa_supplicant_req_scan(wpa_s, 0, 0);
4428 }
4429 }
4430 }
4431 }
4432
4433
4434 /**
4435 * wpa_supplicant_select_network - Attempt association with a network
4436 * @wpa_s: wpa_supplicant structure for a network interface
4437 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4438 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4439 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4440 struct wpa_ssid *ssid)
4441 {
4442
4443 struct wpa_ssid *other_ssid;
4444 int disconnected = 0;
4445
4446 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
4447 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4448 wpa_s->own_disconnect_req = 1;
4449 wpa_supplicant_deauthenticate(
4450 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4451 disconnected = 1;
4452 }
4453
4454 if (ssid)
4455 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4456
4457 /*
4458 * Mark all other networks disabled or mark all networks enabled if no
4459 * network specified.
4460 */
4461 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4462 other_ssid = other_ssid->next) {
4463 int was_disabled = other_ssid->disabled;
4464 if (was_disabled == 2)
4465 continue; /* do not change persistent P2P group data */
4466
4467 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
4468 if (was_disabled && !other_ssid->disabled)
4469 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
4470
4471 if (was_disabled != other_ssid->disabled)
4472 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
4473 }
4474
4475 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4476 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4477 /* We are already associated with the selected network */
4478 wpa_printf(MSG_DEBUG, "Already associated with the "
4479 "selected network - do nothing");
4480 return;
4481 }
4482
4483 if (ssid) {
4484 wpa_s->current_ssid = ssid;
4485 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4486 wpa_s->connect_without_scan =
4487 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
4488
4489 /*
4490 * Don't optimize next scan freqs since a new ESS has been
4491 * selected.
4492 */
4493 os_free(wpa_s->next_scan_freqs);
4494 wpa_s->next_scan_freqs = NULL;
4495 } else {
4496 wpa_s->connect_without_scan = NULL;
4497 }
4498
4499 wpa_s->disconnected = 0;
4500 wpa_s->reassociate = 1;
4501 wpa_s_clear_sae_rejected(wpa_s);
4502 wpa_s->last_owe_group = 0;
4503 if (ssid) {
4504 ssid->owe_transition_bss_select_count = 0;
4505 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4506 }
4507
4508 if (wpa_s->connect_without_scan ||
4509 wpa_supplicant_fast_associate(wpa_s) != 1) {
4510 wpa_s->scan_req = NORMAL_SCAN_REQ;
4511 wpas_scan_reset_sched_scan(wpa_s);
4512 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
4513 }
4514
4515 if (ssid)
4516 wpas_notify_network_selected(wpa_s, ssid);
4517 }
4518
4519
4520 /**
4521 * wpas_remove_cred - Remove the specified credential and all the network
4522 * entries created based on the removed credential
4523 * @wpa_s: wpa_supplicant structure for a network interface
4524 * @cred: The credential to remove
4525 * Returns: 0 on success, -1 on failure
4526 */
wpas_remove_cred(struct wpa_supplicant * wpa_s,struct wpa_cred * cred)4527 int wpas_remove_cred(struct wpa_supplicant *wpa_s, struct wpa_cred *cred)
4528 {
4529 struct wpa_ssid *ssid, *next;
4530 int id;
4531
4532 if (!cred) {
4533 wpa_printf(MSG_DEBUG, "Could not find cred");
4534 return -1;
4535 }
4536
4537 id = cred->id;
4538 if (wpa_config_remove_cred(wpa_s->conf, id) < 0) {
4539 wpa_printf(MSG_DEBUG, "Could not find cred %d", id);
4540 return -1;
4541 }
4542
4543 wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id);
4544
4545 /* Remove any network entry created based on the removed credential */
4546 ssid = wpa_s->conf->ssid;
4547 while (ssid) {
4548 next = ssid->next;
4549
4550 if (ssid->parent_cred == cred) {
4551 wpa_printf(MSG_DEBUG,
4552 "Remove network id %d since it used the removed credential",
4553 ssid->id);
4554 if (wpa_supplicant_remove_network(wpa_s, ssid->id) ==
4555 -1) {
4556 wpa_printf(MSG_DEBUG,
4557 "Could not find network id=%d",
4558 ssid->id);
4559 }
4560 }
4561
4562 ssid = next;
4563 }
4564
4565 return 0;
4566 }
4567
4568
4569 /**
4570 * wpas_remove_cred - Remove all the Interworking credentials
4571 * @wpa_s: wpa_supplicant structure for a network interface
4572 * Returns: 0 on success, -1 on failure
4573 */
wpas_remove_all_creds(struct wpa_supplicant * wpa_s)4574 int wpas_remove_all_creds(struct wpa_supplicant *wpa_s)
4575 {
4576 int res, ret = 0;
4577 struct wpa_cred *cred, *prev;
4578
4579 cred = wpa_s->conf->cred;
4580 while (cred) {
4581 prev = cred;
4582 cred = cred->next;
4583 res = wpas_remove_cred(wpa_s, prev);
4584 if (res < 0) {
4585 wpa_printf(MSG_DEBUG,
4586 "Removal of all credentials failed - failed to remove credential id=%d",
4587 prev->id);
4588 ret = -1;
4589 }
4590 }
4591
4592 return ret;
4593 }
4594
4595
4596 /**
4597 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4598 * @wpa_s: wpa_supplicant structure for a network interface
4599 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4600 * @pkcs11_module_path: PKCS #11 module path or NULL
4601 * Returns: 0 on success; -1 on failure
4602 *
4603 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4604 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4605 * module path fails the paths will be reset to the default value (NULL).
4606 */
wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)4607 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4608 const char *pkcs11_engine_path,
4609 const char *pkcs11_module_path)
4610 {
4611 char *pkcs11_engine_path_copy = NULL;
4612 char *pkcs11_module_path_copy = NULL;
4613
4614 if (pkcs11_engine_path != NULL) {
4615 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4616 if (pkcs11_engine_path_copy == NULL)
4617 return -1;
4618 }
4619 if (pkcs11_module_path != NULL) {
4620 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
4621 if (pkcs11_module_path_copy == NULL) {
4622 os_free(pkcs11_engine_path_copy);
4623 return -1;
4624 }
4625 }
4626
4627 os_free(wpa_s->conf->pkcs11_engine_path);
4628 os_free(wpa_s->conf->pkcs11_module_path);
4629 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4630 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4631
4632 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4633 eapol_sm_deinit(wpa_s->eapol);
4634 wpa_s->eapol = NULL;
4635 if (wpa_supplicant_init_eapol(wpa_s)) {
4636 /* Error -> Reset paths to the default value (NULL) once. */
4637 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4638 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4639 NULL);
4640
4641 return -1;
4642 }
4643 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4644
4645 return 0;
4646 }
4647
4648
4649 /**
4650 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4651 * @wpa_s: wpa_supplicant structure for a network interface
4652 * @ap_scan: AP scan mode
4653 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4654 *
4655 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)4656 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4657 {
4658
4659 int old_ap_scan;
4660
4661 if (ap_scan < 0 || ap_scan > 2)
4662 return -1;
4663
4664 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4665 wpa_printf(MSG_INFO,
4666 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4667 }
4668
4669 #ifdef ANDROID
4670 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4671 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4672 wpa_s->wpa_state < WPA_COMPLETED) {
4673 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4674 "associating", wpa_s->conf->ap_scan, ap_scan);
4675 return 0;
4676 }
4677 #endif /* ANDROID */
4678
4679 old_ap_scan = wpa_s->conf->ap_scan;
4680 wpa_s->conf->ap_scan = ap_scan;
4681
4682 if (old_ap_scan != wpa_s->conf->ap_scan)
4683 wpas_notify_ap_scan_changed(wpa_s);
4684
4685 return 0;
4686 }
4687
4688
4689 /**
4690 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4691 * @wpa_s: wpa_supplicant structure for a network interface
4692 * @expire_age: Expiration age in seconds
4693 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4694 *
4695 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)4696 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4697 unsigned int bss_expire_age)
4698 {
4699 if (bss_expire_age < 10) {
4700 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4701 bss_expire_age);
4702 return -1;
4703 }
4704 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4705 bss_expire_age);
4706 wpa_s->conf->bss_expiration_age = bss_expire_age;
4707
4708 return 0;
4709 }
4710
4711
4712 /**
4713 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4714 * @wpa_s: wpa_supplicant structure for a network interface
4715 * @expire_count: number of scans after which an unseen BSS is reclaimed
4716 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4717 *
4718 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)4719 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4720 unsigned int bss_expire_count)
4721 {
4722 if (bss_expire_count < 1) {
4723 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4724 bss_expire_count);
4725 return -1;
4726 }
4727 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4728 bss_expire_count);
4729 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4730
4731 return 0;
4732 }
4733
4734
4735 /**
4736 * wpa_supplicant_set_scan_interval - Set scan interval
4737 * @wpa_s: wpa_supplicant structure for a network interface
4738 * @scan_interval: scan interval in seconds
4739 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4740 *
4741 */
wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)4742 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4743 int scan_interval)
4744 {
4745 if (scan_interval < 0) {
4746 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4747 scan_interval);
4748 return -1;
4749 }
4750 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4751 scan_interval);
4752 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
4753
4754 return 0;
4755 }
4756
4757
4758 /**
4759 * wpa_supplicant_set_debug_params - Set global debug params
4760 * @global: wpa_global structure
4761 * @debug_level: debug level
4762 * @debug_timestamp: determines if show timestamp in debug data
4763 * @debug_show_keys: determines if show keys in debug data
4764 * Returns: 0 if succeed or -1 if debug_level has wrong value
4765 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)4766 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4767 int debug_timestamp, int debug_show_keys)
4768 {
4769
4770 int old_level, old_timestamp, old_show_keys;
4771
4772 /* check for allowed debuglevels */
4773 if (debug_level != MSG_EXCESSIVE &&
4774 debug_level != MSG_MSGDUMP &&
4775 debug_level != MSG_DEBUG &&
4776 debug_level != MSG_INFO &&
4777 debug_level != MSG_WARNING &&
4778 debug_level != MSG_ERROR)
4779 return -1;
4780
4781 old_level = wpa_debug_level;
4782 old_timestamp = wpa_debug_timestamp;
4783 old_show_keys = wpa_debug_show_keys;
4784
4785 wpa_debug_level = debug_level;
4786 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4787 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4788
4789 if (wpa_debug_level != old_level)
4790 wpas_notify_debug_level_changed(global);
4791 if (wpa_debug_timestamp != old_timestamp)
4792 wpas_notify_debug_timestamp_changed(global);
4793 if (wpa_debug_show_keys != old_show_keys)
4794 wpas_notify_debug_show_keys_changed(global);
4795
4796 return 0;
4797 }
4798
4799
4800 #ifdef CONFIG_OWE
owe_trans_ssid_match(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * entry_ssid,size_t entry_ssid_len)4801 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4802 const u8 *entry_ssid, size_t entry_ssid_len)
4803 {
4804 const u8 *owe, *pos, *end;
4805 u8 ssid_len;
4806 struct wpa_bss *bss;
4807
4808 /* Check network profile SSID aganst the SSID in the
4809 * OWE Transition Mode element. */
4810
4811 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4812 if (!bss)
4813 return 0;
4814
4815 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4816 if (!owe)
4817 return 0;
4818
4819 pos = owe + 6;
4820 end = owe + 2 + owe[1];
4821
4822 if (end - pos < ETH_ALEN + 1)
4823 return 0;
4824 pos += ETH_ALEN;
4825 ssid_len = *pos++;
4826 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4827 return 0;
4828
4829 return entry_ssid_len == ssid_len &&
4830 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4831 }
4832 #endif /* CONFIG_OWE */
4833
4834
4835 /**
4836 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4837 * @wpa_s: Pointer to wpa_supplicant data
4838 * Returns: A pointer to the current network structure or %NULL on failure
4839 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)4840 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4841 {
4842 struct wpa_ssid *entry;
4843 u8 ssid[SSID_MAX_LEN];
4844 int res;
4845 size_t ssid_len;
4846 u8 bssid[ETH_ALEN];
4847 int wired;
4848
4849 res = wpa_drv_get_ssid(wpa_s, ssid);
4850 if (res < 0) {
4851 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4852 "driver");
4853 return NULL;
4854 }
4855 ssid_len = res;
4856
4857 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
4858 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4859 "driver");
4860 return NULL;
4861 }
4862
4863 wired = wpa_s->conf->ap_scan == 0 &&
4864 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
4865
4866 entry = wpa_s->conf->ssid;
4867 while (entry) {
4868 if (!wpas_network_disabled(wpa_s, entry) &&
4869 ((ssid_len == entry->ssid_len &&
4870 (!entry->ssid ||
4871 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4872 wired) &&
4873 (!entry->bssid_set ||
4874 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4875 return entry;
4876 #ifdef CONFIG_WPS
4877 if (!wpas_network_disabled(wpa_s, entry) &&
4878 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4879 (entry->ssid == NULL || entry->ssid_len == 0) &&
4880 (!entry->bssid_set ||
4881 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4882 return entry;
4883 #endif /* CONFIG_WPS */
4884
4885 #ifdef CONFIG_OWE
4886 if (!wpas_network_disabled(wpa_s, entry) &&
4887 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4888 entry->ssid_len) &&
4889 (!entry->bssid_set ||
4890 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4891 return entry;
4892 #endif /* CONFIG_OWE */
4893
4894 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
4895 entry->ssid_len == 0 &&
4896 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4897 return entry;
4898
4899 entry = entry->next;
4900 }
4901
4902 return NULL;
4903 }
4904
4905
select_driver(struct wpa_supplicant * wpa_s,int i)4906 static int select_driver(struct wpa_supplicant *wpa_s, int i)
4907 {
4908 struct wpa_global *global = wpa_s->global;
4909
4910 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
4911 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
4912 if (global->drv_priv[i] == NULL) {
4913 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4914 "'%s'", wpa_drivers[i]->name);
4915 return -1;
4916 }
4917 }
4918
4919 wpa_s->driver = wpa_drivers[i];
4920 wpa_s->global_drv_priv = global->drv_priv[i];
4921
4922 return 0;
4923 }
4924
4925
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)4926 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4927 const char *name)
4928 {
4929 int i;
4930 size_t len;
4931 const char *pos, *driver = name;
4932
4933 if (wpa_s == NULL)
4934 return -1;
4935
4936 if (wpa_drivers[0] == NULL) {
4937 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4938 "wpa_supplicant");
4939 return -1;
4940 }
4941
4942 if (name == NULL) {
4943 /* Default to first successful driver in the list */
4944 for (i = 0; wpa_drivers[i]; i++) {
4945 if (select_driver(wpa_s, i) == 0)
4946 return 0;
4947 }
4948 /* Drivers have each reported failure, so no wpa_msg() here. */
4949 return -1;
4950 }
4951
4952 do {
4953 pos = os_strchr(driver, ',');
4954 if (pos)
4955 len = pos - driver;
4956 else
4957 len = os_strlen(driver);
4958
4959 for (i = 0; wpa_drivers[i]; i++) {
4960 if (os_strlen(wpa_drivers[i]->name) == len &&
4961 os_strncmp(driver, wpa_drivers[i]->name, len) ==
4962 0) {
4963 /* First driver that succeeds wins */
4964 if (select_driver(wpa_s, i) == 0)
4965 return 0;
4966 }
4967 }
4968
4969 driver = pos + 1;
4970 } while (pos);
4971
4972 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
4973 return -1;
4974 }
4975
4976
4977 /**
4978 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4979 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4980 * with struct wpa_driver_ops::init()
4981 * @src_addr: Source address of the EAPOL frame
4982 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4983 * @len: Length of the EAPOL data
4984 *
4985 * This function is called for each received EAPOL frame. Most driver
4986 * interfaces rely on more generic OS mechanism for receiving frames through
4987 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4988 * take care of received EAPOL frames and deliver them to the core supplicant
4989 * code by calling this function.
4990 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)4991 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4992 const u8 *buf, size_t len)
4993 {
4994 struct wpa_supplicant *wpa_s = ctx;
4995
4996 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
4997 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4998
4999 if (wpa_s->own_disconnect_req) {
5000 wpa_printf(MSG_DEBUG,
5001 "Drop received EAPOL frame as we are disconnecting");
5002 return;
5003 }
5004
5005 #ifdef CONFIG_TESTING_OPTIONS
5006 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu",
5007 MAC2STR(src_addr), len);
5008 if (wpa_s->ignore_auth_resp) {
5009 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
5010 return;
5011 }
5012 #endif /* CONFIG_TESTING_OPTIONS */
5013
5014 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
5015 (wpa_s->last_eapol_matches_bssid &&
5016 #ifdef CONFIG_AP
5017 !wpa_s->ap_iface &&
5018 #endif /* CONFIG_AP */
5019 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
5020 /*
5021 * There is possible race condition between receiving the
5022 * association event and the EAPOL frame since they are coming
5023 * through different paths from the driver. In order to avoid
5024 * issues in trying to process the EAPOL frame before receiving
5025 * association information, lets queue it for processing until
5026 * the association event is received. This may also be needed in
5027 * driver-based roaming case, so also use src_addr != BSSID as a
5028 * trigger if we have previously confirmed that the
5029 * Authenticator uses BSSID as the src_addr (which is not the
5030 * case with wired IEEE 802.1X).
5031 */
5032 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
5033 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
5034 wpa_supplicant_state_txt(wpa_s->wpa_state),
5035 MAC2STR(wpa_s->bssid));
5036 wpabuf_free(wpa_s->pending_eapol_rx);
5037 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
5038 if (wpa_s->pending_eapol_rx) {
5039 os_get_reltime(&wpa_s->pending_eapol_rx_time);
5040 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
5041 ETH_ALEN);
5042 }
5043 return;
5044 }
5045
5046 wpa_s->last_eapol_matches_bssid =
5047 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
5048
5049 #ifdef CONFIG_AP
5050 if (wpa_s->ap_iface) {
5051 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
5052 return;
5053 }
5054 #endif /* CONFIG_AP */
5055
5056 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
5057 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
5058 "no key management is configured");
5059 return;
5060 }
5061
5062 if (wpa_s->eapol_received == 0 &&
5063 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
5064 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
5065 wpa_s->wpa_state != WPA_COMPLETED) &&
5066 (wpa_s->current_ssid == NULL ||
5067 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
5068 /* Timeout for completing IEEE 802.1X and WPA authentication */
5069 int timeout = 10;
5070
5071 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
5072 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
5073 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
5074 /* Use longer timeout for IEEE 802.1X/EAP */
5075 timeout = 70;
5076 }
5077
5078 #ifdef CONFIG_WPS
5079 if (wpa_s->current_ssid && wpa_s->current_bss &&
5080 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
5081 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
5082 /*
5083 * Use shorter timeout if going through WPS AP iteration
5084 * for PIN config method with an AP that does not
5085 * advertise Selected Registrar.
5086 */
5087 struct wpabuf *wps_ie;
5088
5089 wps_ie = wpa_bss_get_vendor_ie_multi(
5090 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
5091 if (wps_ie &&
5092 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5093 timeout = 10;
5094 wpabuf_free(wps_ie);
5095 }
5096 #endif /* CONFIG_WPS */
5097
5098 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
5099 }
5100 wpa_s->eapol_received++;
5101
5102 if (wpa_s->countermeasures) {
5103 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
5104 "EAPOL packet");
5105 return;
5106 }
5107
5108 #ifdef CONFIG_IBSS_RSN
5109 if (wpa_s->current_ssid &&
5110 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
5111 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
5112 return;
5113 }
5114 #endif /* CONFIG_IBSS_RSN */
5115
5116 /* Source address of the incoming EAPOL frame could be compared to the
5117 * current BSSID. However, it is possible that a centralized
5118 * Authenticator could be using another MAC address than the BSSID of
5119 * an AP, so just allow any address to be used for now. The replies are
5120 * still sent to the current BSSID (if available), though. */
5121
5122 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
5123 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
5124 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
5125 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
5126 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
5127 return;
5128 wpa_drv_poll(wpa_s);
5129 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
5130 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
5131 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
5132 /*
5133 * Set portValid = true here since we are going to skip 4-way
5134 * handshake processing which would normally set portValid. We
5135 * need this to allow the EAPOL state machines to be completed
5136 * without going through EAPOL-Key handshake.
5137 */
5138 eapol_sm_notify_portValid(wpa_s->eapol, true);
5139 }
5140 }
5141
5142
wpas_eapol_needs_l2_packet(struct wpa_supplicant * wpa_s)5143 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s)
5144 {
5145 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) ||
5146 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX);
5147 }
5148
5149
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)5150 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
5151 {
5152 if ((!wpa_s->p2p_mgmt ||
5153 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
5154 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
5155 l2_packet_deinit(wpa_s->l2);
5156 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
5157 wpa_drv_get_mac_addr(wpa_s),
5158 ETH_P_EAPOL,
5159 wpas_eapol_needs_l2_packet(wpa_s) ?
5160 wpa_supplicant_rx_eapol : NULL,
5161 wpa_s, 0);
5162 if (wpa_s->l2 == NULL)
5163 return -1;
5164
5165 if (l2_packet_set_packet_filter(wpa_s->l2,
5166 L2_PACKET_FILTER_PKTTYPE))
5167 wpa_dbg(wpa_s, MSG_DEBUG,
5168 "Failed to attach pkt_type filter");
5169
5170 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
5171 wpa_msg(wpa_s, MSG_ERROR,
5172 "Failed to get own L2 address");
5173 return -1;
5174 }
5175 } else {
5176 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
5177 if (addr)
5178 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
5179 }
5180
5181 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5182 wpas_wps_update_mac_addr(wpa_s);
5183
5184 #ifdef CONFIG_FST
5185 if (wpa_s->fst)
5186 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
5187 #endif /* CONFIG_FST */
5188
5189 return 0;
5190 }
5191
5192
wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)5193 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
5194 const u8 *buf, size_t len)
5195 {
5196 struct wpa_supplicant *wpa_s = ctx;
5197 const struct l2_ethhdr *eth;
5198
5199 if (len < sizeof(*eth))
5200 return;
5201 eth = (const struct l2_ethhdr *) buf;
5202
5203 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
5204 !(eth->h_dest[0] & 0x01)) {
5205 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5206 " (bridge - not for this interface - ignore)",
5207 MAC2STR(src_addr), MAC2STR(eth->h_dest));
5208 return;
5209 }
5210
5211 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5212 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
5213 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
5214 len - sizeof(*eth));
5215 }
5216
5217
wpa_supplicant_update_bridge_ifname(struct wpa_supplicant * wpa_s,const char * bridge_ifname)5218 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
5219 const char *bridge_ifname)
5220 {
5221 if (wpa_s->wpa_state > WPA_SCANNING)
5222 return -EBUSY;
5223
5224 if (bridge_ifname &&
5225 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
5226 return -EINVAL;
5227
5228 if (!bridge_ifname)
5229 bridge_ifname = "";
5230
5231 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
5232 return 0;
5233
5234 if (wpa_s->l2_br) {
5235 l2_packet_deinit(wpa_s->l2_br);
5236 wpa_s->l2_br = NULL;
5237 }
5238
5239 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
5240 sizeof(wpa_s->bridge_ifname));
5241
5242 if (wpa_s->bridge_ifname[0]) {
5243 wpa_dbg(wpa_s, MSG_DEBUG,
5244 "Receiving packets from bridge interface '%s'",
5245 wpa_s->bridge_ifname);
5246 wpa_s->l2_br = l2_packet_init_bridge(
5247 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5248 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5249 if (!wpa_s->l2_br) {
5250 wpa_msg(wpa_s, MSG_ERROR,
5251 "Failed to open l2_packet connection for the bridge interface '%s'",
5252 wpa_s->bridge_ifname);
5253 goto fail;
5254 }
5255 }
5256
5257 #ifdef CONFIG_TDLS
5258 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
5259 goto fail;
5260 #endif /* CONFIG_TDLS */
5261
5262 return 0;
5263 fail:
5264 wpa_s->bridge_ifname[0] = 0;
5265 if (wpa_s->l2_br) {
5266 l2_packet_deinit(wpa_s->l2_br);
5267 wpa_s->l2_br = NULL;
5268 }
5269 #ifdef CONFIG_TDLS
5270 if (!wpa_s->p2p_mgmt)
5271 wpa_tdls_init(wpa_s->wpa);
5272 #endif /* CONFIG_TDLS */
5273 return -EIO;
5274 }
5275
5276
5277 /**
5278 * wpa_supplicant_driver_init - Initialize driver interface parameters
5279 * @wpa_s: Pointer to wpa_supplicant data
5280 * Returns: 0 on success, -1 on failure
5281 *
5282 * This function is called to initialize driver interface parameters.
5283 * wpa_drv_init() must have been called before this function to initialize the
5284 * driver interface.
5285 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)5286 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
5287 {
5288 static int interface_count = 0;
5289
5290 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
5291 return -1;
5292
5293 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
5294 MAC2STR(wpa_s->own_addr));
5295 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
5296 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5297
5298 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) {
5299 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
5300 "interface '%s'", wpa_s->bridge_ifname);
5301 wpa_s->l2_br = l2_packet_init_bridge(
5302 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5303 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5304 if (wpa_s->l2_br == NULL) {
5305 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
5306 "connection for the bridge interface '%s'",
5307 wpa_s->bridge_ifname);
5308 return -1;
5309 }
5310 }
5311
5312 if (wpa_s->conf->ap_scan == 2 &&
5313 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5314 wpa_printf(MSG_INFO,
5315 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5316 }
5317
5318 wpa_clear_keys(wpa_s, NULL);
5319
5320 /* Make sure that TKIP countermeasures are not left enabled (could
5321 * happen if wpa_supplicant is killed during countermeasures. */
5322 wpa_drv_set_countermeasures(wpa_s, 0);
5323
5324 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
5325 wpa_drv_flush_pmkid(wpa_s);
5326
5327 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
5328 wpa_s->prev_scan_wildcard = 0;
5329
5330 if (wpa_supplicant_enabled_networks(wpa_s)) {
5331 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
5332 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5333 interface_count = 0;
5334 }
5335 #ifndef ANDROID
5336 if (!wpa_s->p2p_mgmt &&
5337 wpa_supplicant_delayed_sched_scan(wpa_s,
5338 interface_count % 3,
5339 100000))
5340 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
5341 100000);
5342 #endif /* ANDROID */
5343 interface_count++;
5344 } else
5345 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
5346
5347 return 0;
5348 }
5349
5350
wpa_supplicant_daemon(const char * pid_file)5351 static int wpa_supplicant_daemon(const char *pid_file)
5352 {
5353 wpa_printf(MSG_DEBUG, "Daemonize..");
5354 return os_daemonize(pid_file);
5355 }
5356
5357
5358 static struct wpa_supplicant *
wpa_supplicant_alloc(struct wpa_supplicant * parent)5359 wpa_supplicant_alloc(struct wpa_supplicant *parent)
5360 {
5361 struct wpa_supplicant *wpa_s;
5362
5363 wpa_s = os_zalloc(sizeof(*wpa_s));
5364 if (wpa_s == NULL)
5365 return NULL;
5366 wpa_s->scan_req = INITIAL_SCAN_REQ;
5367 wpa_s->scan_interval = 5;
5368 wpa_s->new_connection = 1;
5369 wpa_s->parent = parent ? parent : wpa_s;
5370 wpa_s->p2pdev = wpa_s->parent;
5371 wpa_s->sched_scanning = 0;
5372 wpa_s->setband_mask = WPA_SETBAND_AUTO;
5373
5374 dl_list_init(&wpa_s->bss_tmp_disallowed);
5375 dl_list_init(&wpa_s->fils_hlp_req);
5376 #ifdef CONFIG_TESTING_OPTIONS
5377 dl_list_init(&wpa_s->drv_signal_override);
5378 #endif /* CONFIG_TESTING_OPTIONS */
5379 dl_list_init(&wpa_s->active_scs_ids);
5380
5381 return wpa_s;
5382 }
5383
5384
5385 #ifdef CONFIG_HT_OVERRIDES
5386
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)5387 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
5388 struct ieee80211_ht_capabilities *htcaps,
5389 struct ieee80211_ht_capabilities *htcaps_mask,
5390 const char *ht_mcs)
5391 {
5392 /* parse ht_mcs into hex array */
5393 int i;
5394 const char *tmp = ht_mcs;
5395 char *end = NULL;
5396
5397 /* If ht_mcs is null, do not set anything */
5398 if (!ht_mcs)
5399 return 0;
5400
5401 /* This is what we are setting in the kernel */
5402 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
5403
5404 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
5405
5406 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
5407 long v;
5408
5409 errno = 0;
5410 v = strtol(tmp, &end, 16);
5411
5412 if (errno == 0) {
5413 wpa_msg(wpa_s, MSG_DEBUG,
5414 "htcap value[%i]: %ld end: %p tmp: %p",
5415 i, v, end, tmp);
5416 if (end == tmp)
5417 break;
5418
5419 htcaps->supported_mcs_set[i] = v;
5420 tmp = end;
5421 } else {
5422 wpa_msg(wpa_s, MSG_ERROR,
5423 "Failed to parse ht-mcs: %s, error: %s\n",
5424 ht_mcs, strerror(errno));
5425 return -1;
5426 }
5427 }
5428
5429 /*
5430 * If we were able to parse any values, then set mask for the MCS set.
5431 */
5432 if (i) {
5433 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
5434 IEEE80211_HT_MCS_MASK_LEN - 1);
5435 /* skip the 3 reserved bits */
5436 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
5437 0x1f;
5438 }
5439
5440 return 0;
5441 }
5442
5443
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5444 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
5445 struct ieee80211_ht_capabilities *htcaps,
5446 struct ieee80211_ht_capabilities *htcaps_mask,
5447 int disabled)
5448 {
5449 le16 msk;
5450
5451 if (disabled == -1)
5452 return 0;
5453
5454 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
5455
5456 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
5457 htcaps_mask->ht_capabilities_info |= msk;
5458 if (disabled)
5459 htcaps->ht_capabilities_info &= msk;
5460 else
5461 htcaps->ht_capabilities_info |= msk;
5462
5463 return 0;
5464 }
5465
5466
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)5467 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
5468 struct ieee80211_ht_capabilities *htcaps,
5469 struct ieee80211_ht_capabilities *htcaps_mask,
5470 int factor)
5471 {
5472 if (factor == -1)
5473 return 0;
5474
5475 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
5476
5477 if (factor < 0 || factor > 3) {
5478 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
5479 "Must be 0-3 or -1", factor);
5480 return -EINVAL;
5481 }
5482
5483 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
5484 htcaps->a_mpdu_params &= ~0x3;
5485 htcaps->a_mpdu_params |= factor & 0x3;
5486
5487 return 0;
5488 }
5489
5490
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)5491 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
5492 struct ieee80211_ht_capabilities *htcaps,
5493 struct ieee80211_ht_capabilities *htcaps_mask,
5494 int density)
5495 {
5496 if (density == -1)
5497 return 0;
5498
5499 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
5500
5501 if (density < 0 || density > 7) {
5502 wpa_msg(wpa_s, MSG_ERROR,
5503 "ampdu_density: %d out of range. Must be 0-7 or -1.",
5504 density);
5505 return -EINVAL;
5506 }
5507
5508 htcaps_mask->a_mpdu_params |= 0x1C;
5509 htcaps->a_mpdu_params &= ~(0x1C);
5510 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
5511
5512 return 0;
5513 }
5514
5515
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5516 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
5517 struct ieee80211_ht_capabilities *htcaps,
5518 struct ieee80211_ht_capabilities *htcaps_mask,
5519 int disabled)
5520 {
5521 if (disabled)
5522 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
5523
5524 set_disable_ht40(htcaps, disabled);
5525 set_disable_ht40(htcaps_mask, 0);
5526
5527 return 0;
5528 }
5529
5530
wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5531 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
5532 struct ieee80211_ht_capabilities *htcaps,
5533 struct ieee80211_ht_capabilities *htcaps_mask,
5534 int disabled)
5535 {
5536 /* Masking these out disables SGI */
5537 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
5538 HT_CAP_INFO_SHORT_GI40MHZ);
5539
5540 if (disabled)
5541 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
5542
5543 if (disabled)
5544 htcaps->ht_capabilities_info &= ~msk;
5545 else
5546 htcaps->ht_capabilities_info |= msk;
5547
5548 htcaps_mask->ht_capabilities_info |= msk;
5549
5550 return 0;
5551 }
5552
5553
wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5554 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5555 struct ieee80211_ht_capabilities *htcaps,
5556 struct ieee80211_ht_capabilities *htcaps_mask,
5557 int disabled)
5558 {
5559 /* Masking these out disables LDPC */
5560 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
5561
5562 if (disabled)
5563 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
5564
5565 if (disabled)
5566 htcaps->ht_capabilities_info &= ~msk;
5567 else
5568 htcaps->ht_capabilities_info |= msk;
5569
5570 htcaps_mask->ht_capabilities_info |= msk;
5571
5572 return 0;
5573 }
5574
5575
wpa_set_tx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int tx_stbc)5576 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5577 struct ieee80211_ht_capabilities *htcaps,
5578 struct ieee80211_ht_capabilities *htcaps_mask,
5579 int tx_stbc)
5580 {
5581 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5582
5583 if (tx_stbc == -1)
5584 return 0;
5585
5586 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5587
5588 if (tx_stbc < 0 || tx_stbc > 1) {
5589 wpa_msg(wpa_s, MSG_ERROR,
5590 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5591 return -EINVAL;
5592 }
5593
5594 htcaps_mask->ht_capabilities_info |= msk;
5595 htcaps->ht_capabilities_info &= ~msk;
5596 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5597
5598 return 0;
5599 }
5600
5601
wpa_set_rx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int rx_stbc)5602 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5603 struct ieee80211_ht_capabilities *htcaps,
5604 struct ieee80211_ht_capabilities *htcaps_mask,
5605 int rx_stbc)
5606 {
5607 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5608
5609 if (rx_stbc == -1)
5610 return 0;
5611
5612 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5613
5614 if (rx_stbc < 0 || rx_stbc > 3) {
5615 wpa_msg(wpa_s, MSG_ERROR,
5616 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5617 return -EINVAL;
5618 }
5619
5620 htcaps_mask->ht_capabilities_info |= msk;
5621 htcaps->ht_capabilities_info &= ~msk;
5622 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5623
5624 return 0;
5625 }
5626
5627
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5628 void wpa_supplicant_apply_ht_overrides(
5629 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5630 struct wpa_driver_associate_params *params)
5631 {
5632 struct ieee80211_ht_capabilities *htcaps;
5633 struct ieee80211_ht_capabilities *htcaps_mask;
5634
5635 if (!ssid)
5636 return;
5637
5638 params->disable_ht = ssid->disable_ht;
5639 if (!params->htcaps || !params->htcaps_mask)
5640 return;
5641
5642 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5643 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5644 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5645 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5646 ssid->disable_max_amsdu);
5647 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5648 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5649 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
5650 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
5651 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
5652 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5653 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
5654
5655 if (ssid->ht40_intolerant) {
5656 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
5657 htcaps->ht_capabilities_info |= bit;
5658 htcaps_mask->ht_capabilities_info |= bit;
5659 }
5660 }
5661
5662 #endif /* CONFIG_HT_OVERRIDES */
5663
5664
5665 #ifdef CONFIG_VHT_OVERRIDES
wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5666 void wpa_supplicant_apply_vht_overrides(
5667 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5668 struct wpa_driver_associate_params *params)
5669 {
5670 struct ieee80211_vht_capabilities *vhtcaps;
5671 struct ieee80211_vht_capabilities *vhtcaps_mask;
5672
5673 if (!ssid)
5674 return;
5675
5676 params->disable_vht = ssid->disable_vht;
5677
5678 vhtcaps = (void *) params->vhtcaps;
5679 vhtcaps_mask = (void *) params->vhtcaps_mask;
5680
5681 if (!vhtcaps || !vhtcaps_mask)
5682 return;
5683
5684 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5685 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
5686
5687 #ifdef CONFIG_HT_OVERRIDES
5688 if (ssid->disable_sgi) {
5689 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5690 VHT_CAP_SHORT_GI_160);
5691 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5692 VHT_CAP_SHORT_GI_160);
5693 wpa_msg(wpa_s, MSG_DEBUG,
5694 "disable-sgi override specified, vht-caps: 0x%x",
5695 vhtcaps->vht_capabilities_info);
5696 }
5697
5698 /* if max ampdu is <= 3, we have to make the HT cap the same */
5699 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5700 int max_ampdu;
5701
5702 max_ampdu = (ssid->vht_capa &
5703 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5704 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
5705
5706 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5707 wpa_set_ampdu_factor(wpa_s,
5708 (void *) params->htcaps,
5709 (void *) params->htcaps_mask,
5710 max_ampdu);
5711 }
5712 #endif /* CONFIG_HT_OVERRIDES */
5713
5714 #define OVERRIDE_MCS(i) \
5715 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5716 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
5717 host_to_le16(3 << 2 * (i - 1)); \
5718 vhtcaps->vht_supported_mcs_set.tx_map |= \
5719 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5720 2 * (i - 1)); \
5721 } \
5722 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5723 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
5724 host_to_le16(3 << 2 * (i - 1)); \
5725 vhtcaps->vht_supported_mcs_set.rx_map |= \
5726 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5727 2 * (i - 1)); \
5728 }
5729
5730 OVERRIDE_MCS(1);
5731 OVERRIDE_MCS(2);
5732 OVERRIDE_MCS(3);
5733 OVERRIDE_MCS(4);
5734 OVERRIDE_MCS(5);
5735 OVERRIDE_MCS(6);
5736 OVERRIDE_MCS(7);
5737 OVERRIDE_MCS(8);
5738 }
5739 #endif /* CONFIG_VHT_OVERRIDES */
5740
5741
5742 #ifdef CONFIG_HE_OVERRIDES
wpa_supplicant_apply_he_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5743 void wpa_supplicant_apply_he_overrides(
5744 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5745 struct wpa_driver_associate_params *params)
5746 {
5747 if (!ssid)
5748 return;
5749
5750 params->disable_he = ssid->disable_he;
5751 }
5752 #endif /* CONFIG_HE_OVERRIDES */
5753
5754
pcsc_reader_init(struct wpa_supplicant * wpa_s)5755 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5756 {
5757 #ifdef PCSC_FUNCS
5758 size_t len;
5759
5760 if (!wpa_s->conf->pcsc_reader)
5761 return 0;
5762
5763 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
5764 if (!wpa_s->scard)
5765 return 1;
5766
5767 if (wpa_s->conf->pcsc_pin &&
5768 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5769 scard_deinit(wpa_s->scard);
5770 wpa_s->scard = NULL;
5771 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5772 return -1;
5773 }
5774
5775 len = sizeof(wpa_s->imsi) - 1;
5776 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5777 scard_deinit(wpa_s->scard);
5778 wpa_s->scard = NULL;
5779 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5780 return -1;
5781 }
5782 wpa_s->imsi[len] = '\0';
5783
5784 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5785
5786 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5787 wpa_s->imsi, wpa_s->mnc_len);
5788
5789 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5790 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5791 #endif /* PCSC_FUNCS */
5792
5793 return 0;
5794 }
5795
5796
wpas_init_ext_pw(struct wpa_supplicant * wpa_s)5797 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5798 {
5799 char *val, *pos;
5800
5801 ext_password_deinit(wpa_s->ext_pw);
5802 wpa_s->ext_pw = NULL;
5803 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5804
5805 if (!wpa_s->conf->ext_password_backend)
5806 return 0;
5807
5808 val = os_strdup(wpa_s->conf->ext_password_backend);
5809 if (val == NULL)
5810 return -1;
5811 pos = os_strchr(val, ':');
5812 if (pos)
5813 *pos++ = '\0';
5814
5815 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5816
5817 wpa_s->ext_pw = ext_password_init(val, pos);
5818 os_free(val);
5819 if (wpa_s->ext_pw == NULL) {
5820 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5821 return -1;
5822 }
5823 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5824
5825 return 0;
5826 }
5827
5828
5829 #ifdef CONFIG_FST
5830
wpas_fst_get_bssid_cb(void * ctx)5831 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5832 {
5833 struct wpa_supplicant *wpa_s = ctx;
5834
5835 return (is_zero_ether_addr(wpa_s->bssid) ||
5836 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5837 }
5838
5839
wpas_fst_get_channel_info_cb(void * ctx,enum hostapd_hw_mode * hw_mode,u8 * channel)5840 static void wpas_fst_get_channel_info_cb(void *ctx,
5841 enum hostapd_hw_mode *hw_mode,
5842 u8 *channel)
5843 {
5844 struct wpa_supplicant *wpa_s = ctx;
5845
5846 if (wpa_s->current_bss) {
5847 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5848 channel);
5849 } else if (wpa_s->hw.num_modes) {
5850 *hw_mode = wpa_s->hw.modes[0].mode;
5851 } else {
5852 WPA_ASSERT(0);
5853 *hw_mode = 0;
5854 }
5855 }
5856
5857
wpas_fst_get_hw_modes(void * ctx,struct hostapd_hw_modes ** modes)5858 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5859 {
5860 struct wpa_supplicant *wpa_s = ctx;
5861
5862 *modes = wpa_s->hw.modes;
5863 return wpa_s->hw.num_modes;
5864 }
5865
5866
wpas_fst_set_ies_cb(void * ctx,const struct wpabuf * fst_ies)5867 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
5868 {
5869 struct wpa_supplicant *wpa_s = ctx;
5870
5871 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
5872 wpa_s->fst_ies = fst_ies;
5873 }
5874
5875
wpas_fst_send_action_cb(void * ctx,const u8 * da,struct wpabuf * data)5876 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5877 {
5878 struct wpa_supplicant *wpa_s = ctx;
5879
5880 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5881 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5882 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5883 return -1;
5884 }
5885 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5886 wpa_s->own_addr, wpa_s->bssid,
5887 wpabuf_head(data), wpabuf_len(data),
5888 0);
5889 }
5890
5891
wpas_fst_get_mb_ie_cb(void * ctx,const u8 * addr)5892 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
5893 {
5894 struct wpa_supplicant *wpa_s = ctx;
5895
5896 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5897 return wpa_s->received_mb_ies;
5898 }
5899
5900
wpas_fst_update_mb_ie_cb(void * ctx,const u8 * addr,const u8 * buf,size_t size)5901 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5902 const u8 *buf, size_t size)
5903 {
5904 struct wpa_supplicant *wpa_s = ctx;
5905 struct mb_ies_info info;
5906
5907 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5908
5909 if (!mb_ies_info_by_ies(&info, buf, size)) {
5910 wpabuf_free(wpa_s->received_mb_ies);
5911 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5912 }
5913 }
5914
5915
wpas_fst_get_peer_first(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)5916 static const u8 * wpas_fst_get_peer_first(void *ctx,
5917 struct fst_get_peer_ctx **get_ctx,
5918 bool mb_only)
5919 {
5920 struct wpa_supplicant *wpa_s = ctx;
5921
5922 *get_ctx = NULL;
5923 if (!is_zero_ether_addr(wpa_s->bssid))
5924 return (wpa_s->received_mb_ies || !mb_only) ?
5925 wpa_s->bssid : NULL;
5926 return NULL;
5927 }
5928
5929
wpas_fst_get_peer_next(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)5930 static const u8 * wpas_fst_get_peer_next(void *ctx,
5931 struct fst_get_peer_ctx **get_ctx,
5932 bool mb_only)
5933 {
5934 return NULL;
5935 }
5936
fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant * wpa_s,struct fst_wpa_obj * iface_obj)5937 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5938 struct fst_wpa_obj *iface_obj)
5939 {
5940 iface_obj->ctx = wpa_s;
5941 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5942 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5943 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5944 iface_obj->set_ies = wpas_fst_set_ies_cb;
5945 iface_obj->send_action = wpas_fst_send_action_cb;
5946 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5947 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5948 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5949 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5950 }
5951 #endif /* CONFIG_FST */
5952
wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)5953 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
5954 const struct wpa_driver_capa *capa)
5955 {
5956 struct wowlan_triggers *triggers;
5957 int ret = 0;
5958
5959 if (!wpa_s->conf->wowlan_triggers)
5960 return 0;
5961
5962 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5963 if (triggers) {
5964 ret = wpa_drv_wowlan(wpa_s, triggers);
5965 os_free(triggers);
5966 }
5967 return ret;
5968 }
5969
5970
wpas_freq_to_band(int freq)5971 enum wpa_radio_work_band wpas_freq_to_band(int freq)
5972 {
5973 if (freq < 3000)
5974 return BAND_2_4_GHZ;
5975 if (freq > 50000)
5976 return BAND_60_GHZ;
5977 return BAND_5_GHZ;
5978 }
5979
5980
wpas_get_bands(struct wpa_supplicant * wpa_s,const int * freqs)5981 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
5982 {
5983 int i;
5984 unsigned int band = 0;
5985
5986 if (freqs) {
5987 /* freqs are specified for the radio work */
5988 for (i = 0; freqs[i]; i++)
5989 band |= wpas_freq_to_band(freqs[i]);
5990 } else {
5991 /*
5992 * freqs are not specified, implies all
5993 * the supported freqs by HW
5994 */
5995 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5996 if (wpa_s->hw.modes[i].num_channels != 0) {
5997 if (wpa_s->hw.modes[i].mode ==
5998 HOSTAPD_MODE_IEEE80211B ||
5999 wpa_s->hw.modes[i].mode ==
6000 HOSTAPD_MODE_IEEE80211G)
6001 band |= BAND_2_4_GHZ;
6002 else if (wpa_s->hw.modes[i].mode ==
6003 HOSTAPD_MODE_IEEE80211A)
6004 band |= BAND_5_GHZ;
6005 else if (wpa_s->hw.modes[i].mode ==
6006 HOSTAPD_MODE_IEEE80211AD)
6007 band |= BAND_60_GHZ;
6008 else if (wpa_s->hw.modes[i].mode ==
6009 HOSTAPD_MODE_IEEE80211ANY)
6010 band = BAND_2_4_GHZ | BAND_5_GHZ |
6011 BAND_60_GHZ;
6012 }
6013 }
6014 }
6015
6016 return band;
6017 }
6018
6019
radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)6020 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
6021 const char *rn)
6022 {
6023 struct wpa_supplicant *iface = wpa_s->global->ifaces;
6024 struct wpa_radio *radio;
6025
6026 while (rn && iface) {
6027 radio = iface->radio;
6028 if (radio && os_strcmp(rn, radio->name) == 0) {
6029 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
6030 wpa_s->ifname, rn);
6031 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6032 return radio;
6033 }
6034
6035 iface = iface->next;
6036 }
6037
6038 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
6039 wpa_s->ifname, rn ? rn : "N/A");
6040 radio = os_zalloc(sizeof(*radio));
6041 if (radio == NULL)
6042 return NULL;
6043
6044 if (rn)
6045 os_strlcpy(radio->name, rn, sizeof(radio->name));
6046 dl_list_init(&radio->ifaces);
6047 dl_list_init(&radio->work);
6048 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6049
6050 return radio;
6051 }
6052
6053
radio_work_free(struct wpa_radio_work * work)6054 static void radio_work_free(struct wpa_radio_work *work)
6055 {
6056 if (work->wpa_s->scan_work == work) {
6057 /* This should not really happen. */
6058 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
6059 work->type, work, work->started);
6060 work->wpa_s->scan_work = NULL;
6061 }
6062
6063 #ifdef CONFIG_P2P
6064 if (work->wpa_s->p2p_scan_work == work) {
6065 /* This should not really happen. */
6066 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
6067 work->type, work, work->started);
6068 work->wpa_s->p2p_scan_work = NULL;
6069 }
6070 #endif /* CONFIG_P2P */
6071
6072 if (work->started) {
6073 work->wpa_s->radio->num_active_works--;
6074 wpa_dbg(work->wpa_s, MSG_DEBUG,
6075 "radio_work_free('%s'@%p): num_active_works --> %u",
6076 work->type, work,
6077 work->wpa_s->radio->num_active_works);
6078 }
6079
6080 dl_list_del(&work->list);
6081 os_free(work);
6082 }
6083
6084
radio_work_is_connect(struct wpa_radio_work * work)6085 static int radio_work_is_connect(struct wpa_radio_work *work)
6086 {
6087 return os_strcmp(work->type, "sme-connect") == 0 ||
6088 os_strcmp(work->type, "connect") == 0;
6089 }
6090
6091
radio_work_is_scan(struct wpa_radio_work * work)6092 static int radio_work_is_scan(struct wpa_radio_work *work)
6093 {
6094 return os_strcmp(work->type, "scan") == 0 ||
6095 os_strcmp(work->type, "p2p-scan") == 0;
6096 }
6097
6098
radio_work_get_next_work(struct wpa_radio * radio)6099 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
6100 {
6101 struct wpa_radio_work *active_work = NULL;
6102 struct wpa_radio_work *tmp;
6103
6104 /* Get the active work to know the type and band. */
6105 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6106 if (tmp->started) {
6107 active_work = tmp;
6108 break;
6109 }
6110 }
6111
6112 if (!active_work) {
6113 /* No active work, start one */
6114 radio->num_active_works = 0;
6115 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
6116 list) {
6117 if (os_strcmp(tmp->type, "scan") == 0 &&
6118 external_scan_running(radio) &&
6119 (((struct wpa_driver_scan_params *)
6120 tmp->ctx)->only_new_results ||
6121 tmp->wpa_s->clear_driver_scan_cache))
6122 continue;
6123 return tmp;
6124 }
6125 return NULL;
6126 }
6127
6128 if (radio_work_is_connect(active_work)) {
6129 /*
6130 * If the active work is either connect or sme-connect,
6131 * do not parallelize them with other radio works.
6132 */
6133 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6134 "Do not parallelize radio work with %s",
6135 active_work->type);
6136 return NULL;
6137 }
6138
6139 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6140 if (tmp->started)
6141 continue;
6142
6143 /*
6144 * If connect or sme-connect are enqueued, parallelize only
6145 * those operations ahead of them in the queue.
6146 */
6147 if (radio_work_is_connect(tmp))
6148 break;
6149
6150 /* Serialize parallel scan and p2p_scan operations on the same
6151 * interface since the driver_nl80211 mechanism for tracking
6152 * scan cookies does not yet have support for this. */
6153 if (active_work->wpa_s == tmp->wpa_s &&
6154 radio_work_is_scan(active_work) &&
6155 radio_work_is_scan(tmp)) {
6156 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6157 "Do not start work '%s' when another work '%s' is already scheduled",
6158 tmp->type, active_work->type);
6159 continue;
6160 }
6161 /*
6162 * Check that the radio works are distinct and
6163 * on different bands.
6164 */
6165 if (os_strcmp(active_work->type, tmp->type) != 0 &&
6166 (active_work->bands != tmp->bands)) {
6167 /*
6168 * If a scan has to be scheduled through nl80211 scan
6169 * interface and if an external scan is already running,
6170 * do not schedule the scan since it is likely to get
6171 * rejected by kernel.
6172 */
6173 if (os_strcmp(tmp->type, "scan") == 0 &&
6174 external_scan_running(radio) &&
6175 (((struct wpa_driver_scan_params *)
6176 tmp->ctx)->only_new_results ||
6177 tmp->wpa_s->clear_driver_scan_cache))
6178 continue;
6179
6180 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6181 "active_work:%s new_work:%s",
6182 active_work->type, tmp->type);
6183 return tmp;
6184 }
6185 }
6186
6187 /* Did not find a radio work to schedule in parallel. */
6188 return NULL;
6189 }
6190
6191
radio_start_next_work(void * eloop_ctx,void * timeout_ctx)6192 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
6193 {
6194 struct wpa_radio *radio = eloop_ctx;
6195 struct wpa_radio_work *work;
6196 struct os_reltime now, diff;
6197 struct wpa_supplicant *wpa_s;
6198
6199 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
6200 if (work == NULL) {
6201 radio->num_active_works = 0;
6202 return;
6203 }
6204
6205 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
6206 radio_list);
6207
6208 if (!(wpa_s &&
6209 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
6210 if (work->started)
6211 return; /* already started and still in progress */
6212
6213 if (wpa_s && external_scan_running(wpa_s->radio)) {
6214 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
6215 return;
6216 }
6217 } else {
6218 work = NULL;
6219 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
6220 /* get the work to schedule next */
6221 work = radio_work_get_next_work(radio);
6222 }
6223 if (!work)
6224 return;
6225 }
6226
6227 wpa_s = work->wpa_s;
6228 os_get_reltime(&now);
6229 os_reltime_sub(&now, &work->time, &diff);
6230 wpa_dbg(wpa_s, MSG_DEBUG,
6231 "Starting radio work '%s'@%p after %ld.%06ld second wait",
6232 work->type, work, diff.sec, diff.usec);
6233 work->started = 1;
6234 work->time = now;
6235 radio->num_active_works++;
6236
6237 work->cb(work, 0);
6238
6239 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
6240 radio->num_active_works < MAX_ACTIVE_WORKS)
6241 radio_work_check_next(wpa_s);
6242 }
6243
6244
6245 /*
6246 * This function removes both started and pending radio works running on
6247 * the provided interface's radio.
6248 * Prior to the removal of the radio work, its callback (cb) is called with
6249 * deinit set to be 1. Each work's callback is responsible for clearing its
6250 * internal data and restoring to a correct state.
6251 * @wpa_s: wpa_supplicant data
6252 * @type: type of works to be removed
6253 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
6254 * this interface's works.
6255 */
radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)6256 void radio_remove_works(struct wpa_supplicant *wpa_s,
6257 const char *type, int remove_all)
6258 {
6259 struct wpa_radio_work *work, *tmp;
6260 struct wpa_radio *radio = wpa_s->radio;
6261
6262 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
6263 list) {
6264 if (type && os_strcmp(type, work->type) != 0)
6265 continue;
6266
6267 /* skip other ifaces' works */
6268 if (!remove_all && work->wpa_s != wpa_s)
6269 continue;
6270
6271 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
6272 work->type, work, work->started ? " (started)" : "");
6273 work->cb(work, 1);
6274 radio_work_free(work);
6275 }
6276
6277 /* in case we removed the started work */
6278 radio_work_check_next(wpa_s);
6279 }
6280
6281
radio_remove_pending_work(struct wpa_supplicant * wpa_s,void * ctx)6282 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
6283 {
6284 struct wpa_radio_work *work;
6285 struct wpa_radio *radio = wpa_s->radio;
6286
6287 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6288 if (work->ctx != ctx)
6289 continue;
6290 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
6291 work->type, work, work->started ? " (started)" : "");
6292 radio_work_free(work);
6293 break;
6294 }
6295 }
6296
6297
radio_remove_interface(struct wpa_supplicant * wpa_s)6298 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
6299 {
6300 struct wpa_radio *radio = wpa_s->radio;
6301
6302 if (!radio)
6303 return;
6304
6305 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
6306 wpa_s->ifname, radio->name);
6307 dl_list_del(&wpa_s->radio_list);
6308 radio_remove_works(wpa_s, NULL, 0);
6309 /* If the interface that triggered the external scan was removed, the
6310 * external scan is no longer running. */
6311 if (wpa_s == radio->external_scan_req_interface)
6312 radio->external_scan_req_interface = NULL;
6313 wpa_s->radio = NULL;
6314 if (!dl_list_empty(&radio->ifaces))
6315 return; /* Interfaces remain for this radio */
6316
6317 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
6318 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6319 os_free(radio);
6320 }
6321
6322
radio_work_check_next(struct wpa_supplicant * wpa_s)6323 void radio_work_check_next(struct wpa_supplicant *wpa_s)
6324 {
6325 struct wpa_radio *radio = wpa_s->radio;
6326
6327 if (dl_list_empty(&radio->work))
6328 return;
6329 if (wpa_s->ext_work_in_progress) {
6330 wpa_printf(MSG_DEBUG,
6331 "External radio work in progress - delay start of pending item");
6332 return;
6333 }
6334 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6335 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
6336 }
6337
6338
6339 /**
6340 * radio_add_work - Add a radio work item
6341 * @wpa_s: Pointer to wpa_supplicant data
6342 * @freq: Frequency of the offchannel operation in MHz or 0
6343 * @type: Unique identifier for each type of work
6344 * @next: Force as the next work to be executed
6345 * @cb: Callback function for indicating when radio is available
6346 * @ctx: Context pointer for the work (work->ctx in cb())
6347 * Returns: 0 on success, -1 on failure
6348 *
6349 * This function is used to request time for an operation that requires
6350 * exclusive radio control. Once the radio is available, the registered callback
6351 * function will be called. radio_work_done() must be called once the exclusive
6352 * radio operation has been completed, so that the radio is freed for other
6353 * operations. The special case of deinit=1 is used to free the context data
6354 * during interface removal. That does not allow the callback function to start
6355 * the radio operation, i.e., it must free any resources allocated for the radio
6356 * work and return.
6357 *
6358 * The @freq parameter can be used to indicate a single channel on which the
6359 * offchannel operation will occur. This may allow multiple radio work
6360 * operations to be performed in parallel if they apply for the same channel.
6361 * Setting this to 0 indicates that the work item may use multiple channels or
6362 * requires exclusive control of the radio.
6363 */
radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)6364 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
6365 const char *type, int next,
6366 void (*cb)(struct wpa_radio_work *work, int deinit),
6367 void *ctx)
6368 {
6369 struct wpa_radio *radio = wpa_s->radio;
6370 struct wpa_radio_work *work;
6371 int was_empty;
6372
6373 work = os_zalloc(sizeof(*work));
6374 if (work == NULL)
6375 return -1;
6376 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
6377 os_get_reltime(&work->time);
6378 work->freq = freq;
6379 work->type = type;
6380 work->wpa_s = wpa_s;
6381 work->cb = cb;
6382 work->ctx = ctx;
6383
6384 if (freq)
6385 work->bands = wpas_freq_to_band(freq);
6386 else if (os_strcmp(type, "scan") == 0 ||
6387 os_strcmp(type, "p2p-scan") == 0)
6388 work->bands = wpas_get_bands(wpa_s,
6389 ((struct wpa_driver_scan_params *)
6390 ctx)->freqs);
6391 else
6392 work->bands = wpas_get_bands(wpa_s, NULL);
6393
6394 was_empty = dl_list_empty(&wpa_s->radio->work);
6395 if (next)
6396 dl_list_add(&wpa_s->radio->work, &work->list);
6397 else
6398 dl_list_add_tail(&wpa_s->radio->work, &work->list);
6399 if (was_empty) {
6400 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
6401 radio_work_check_next(wpa_s);
6402 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
6403 && radio->num_active_works < MAX_ACTIVE_WORKS) {
6404 wpa_dbg(wpa_s, MSG_DEBUG,
6405 "Try to schedule a radio work (num_active_works=%u)",
6406 radio->num_active_works);
6407 radio_work_check_next(wpa_s);
6408 }
6409
6410 return 0;
6411 }
6412
6413
6414 /**
6415 * radio_work_done - Indicate that a radio work item has been completed
6416 * @work: Completed work
6417 *
6418 * This function is called once the callback function registered with
6419 * radio_add_work() has completed its work.
6420 */
radio_work_done(struct wpa_radio_work * work)6421 void radio_work_done(struct wpa_radio_work *work)
6422 {
6423 struct wpa_supplicant *wpa_s = work->wpa_s;
6424 struct os_reltime now, diff;
6425 unsigned int started = work->started;
6426
6427 os_get_reltime(&now);
6428 os_reltime_sub(&now, &work->time, &diff);
6429 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
6430 work->type, work, started ? "done" : "canceled",
6431 diff.sec, diff.usec);
6432 radio_work_free(work);
6433 if (started)
6434 radio_work_check_next(wpa_s);
6435 }
6436
6437
6438 struct wpa_radio_work *
radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)6439 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
6440 {
6441 struct wpa_radio_work *work;
6442 struct wpa_radio *radio = wpa_s->radio;
6443
6444 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6445 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
6446 return work;
6447 }
6448
6449 return NULL;
6450 }
6451
6452
wpas_init_driver(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6453 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
6454 const struct wpa_interface *iface)
6455 {
6456 const char *ifname, *driver, *rn;
6457
6458 driver = iface->driver;
6459 next_driver:
6460 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
6461 return -1;
6462
6463 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
6464 if (wpa_s->drv_priv == NULL) {
6465 const char *pos;
6466 int level = MSG_ERROR;
6467
6468 pos = driver ? os_strchr(driver, ',') : NULL;
6469 if (pos) {
6470 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
6471 "driver interface - try next driver wrapper");
6472 driver = pos + 1;
6473 goto next_driver;
6474 }
6475
6476 #ifdef CONFIG_MATCH_IFACE
6477 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL)
6478 level = MSG_DEBUG;
6479 #endif /* CONFIG_MATCH_IFACE */
6480 wpa_msg(wpa_s, level, "Failed to initialize driver interface");
6481 return -1;
6482 }
6483 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
6484 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
6485 "driver_param '%s'", wpa_s->conf->driver_param);
6486 return -1;
6487 }
6488
6489 ifname = wpa_drv_get_ifname(wpa_s);
6490 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
6491 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
6492 "interface name with '%s'", ifname);
6493 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
6494 }
6495
6496 rn = wpa_driver_get_radio_name(wpa_s);
6497 if (rn && rn[0] == '\0')
6498 rn = NULL;
6499
6500 wpa_s->radio = radio_add_interface(wpa_s, rn);
6501 if (wpa_s->radio == NULL)
6502 return -1;
6503
6504 return 0;
6505 }
6506
6507
6508 #ifdef CONFIG_GAS_SERVER
6509
wpas_gas_server_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)6510 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
6511 unsigned int freq, const u8 *dst,
6512 const u8 *src, const u8 *bssid,
6513 const u8 *data, size_t data_len,
6514 enum offchannel_send_action_result result)
6515 {
6516 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
6517 " result=%s",
6518 freq, MAC2STR(dst),
6519 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
6520 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
6521 "FAILED"));
6522 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
6523 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
6524 }
6525
6526
wpas_gas_server_tx(void * ctx,int freq,const u8 * da,struct wpabuf * buf,unsigned int wait_time)6527 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
6528 struct wpabuf *buf, unsigned int wait_time)
6529 {
6530 struct wpa_supplicant *wpa_s = ctx;
6531 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
6532
6533 if (wait_time > wpa_s->max_remain_on_chan)
6534 wait_time = wpa_s->max_remain_on_chan;
6535
6536 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
6537 wpabuf_head(buf), wpabuf_len(buf),
6538 wait_time, wpas_gas_server_tx_status, 0);
6539 }
6540
6541 #endif /* CONFIG_GAS_SERVER */
6542
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6543 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
6544 const struct wpa_interface *iface)
6545 {
6546 struct wpa_driver_capa capa;
6547 int capa_res;
6548 u8 dfs_domain;
6549
6550 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
6551 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
6552 iface->confname ? iface->confname : "N/A",
6553 iface->driver ? iface->driver : "default",
6554 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
6555 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
6556
6557 if (iface->confname) {
6558 #ifdef CONFIG_BACKEND_FILE
6559 wpa_s->confname = os_rel2abs_path(iface->confname);
6560 if (wpa_s->confname == NULL) {
6561 wpa_printf(MSG_ERROR, "Failed to get absolute path "
6562 "for configuration file '%s'.",
6563 iface->confname);
6564 return -1;
6565 }
6566 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
6567 iface->confname, wpa_s->confname);
6568 #else /* CONFIG_BACKEND_FILE */
6569 wpa_s->confname = os_strdup(iface->confname);
6570 #endif /* CONFIG_BACKEND_FILE */
6571 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6572 if (wpa_s->conf == NULL) {
6573 wpa_printf(MSG_ERROR, "Failed to read or parse "
6574 "configuration '%s'.", wpa_s->confname);
6575 return -1;
6576 }
6577 wpa_s->confanother = os_rel2abs_path(iface->confanother);
6578 if (wpa_s->confanother &&
6579 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6580 wpa_printf(MSG_ERROR,
6581 "Failed to read or parse configuration '%s'.",
6582 wpa_s->confanother);
6583 return -1;
6584 }
6585
6586 /*
6587 * Override ctrl_interface and driver_param if set on command
6588 * line.
6589 */
6590 if (iface->ctrl_interface) {
6591 os_free(wpa_s->conf->ctrl_interface);
6592 wpa_s->conf->ctrl_interface =
6593 os_strdup(iface->ctrl_interface);
6594 }
6595
6596 if (iface->driver_param) {
6597 os_free(wpa_s->conf->driver_param);
6598 wpa_s->conf->driver_param =
6599 os_strdup(iface->driver_param);
6600 }
6601
6602 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6603 os_free(wpa_s->conf->ctrl_interface);
6604 wpa_s->conf->ctrl_interface = NULL;
6605 }
6606 } else
6607 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6608 iface->driver_param);
6609
6610 if (wpa_s->conf == NULL) {
6611 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6612 return -1;
6613 }
6614
6615 if (iface->ifname == NULL) {
6616 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6617 return -1;
6618 }
6619 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6620 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6621 iface->ifname);
6622 return -1;
6623 }
6624 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6625 #ifdef CONFIG_MATCH_IFACE
6626 wpa_s->matched = iface->matched;
6627 #endif /* CONFIG_MATCH_IFACE */
6628
6629 if (iface->bridge_ifname) {
6630 if (os_strlen(iface->bridge_ifname) >=
6631 sizeof(wpa_s->bridge_ifname)) {
6632 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6633 "name '%s'.", iface->bridge_ifname);
6634 return -1;
6635 }
6636 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6637 sizeof(wpa_s->bridge_ifname));
6638 }
6639
6640 /* RSNA Supplicant Key Management - INITIALIZE */
6641 eapol_sm_notify_portEnabled(wpa_s->eapol, false);
6642 eapol_sm_notify_portValid(wpa_s->eapol, false);
6643
6644 /* Initialize driver interface and register driver event handler before
6645 * L2 receive handler so that association events are processed before
6646 * EAPOL-Key packets if both become available for the same select()
6647 * call. */
6648 if (wpas_init_driver(wpa_s, iface) < 0)
6649 return -1;
6650
6651 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6652 return -1;
6653
6654 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6655 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6656 NULL);
6657 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6658
6659 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6660 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6661 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
6662 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6663 "dot11RSNAConfigPMKLifetime");
6664 return -1;
6665 }
6666
6667 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6668 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6669 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
6670 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6671 "dot11RSNAConfigPMKReauthThreshold");
6672 return -1;
6673 }
6674
6675 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6676 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6677 wpa_s->conf->dot11RSNAConfigSATimeout)) {
6678 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6679 "dot11RSNAConfigSATimeout");
6680 return -1;
6681 }
6682
6683 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6684 &wpa_s->hw.num_modes,
6685 &wpa_s->hw.flags,
6686 &dfs_domain);
6687 if (wpa_s->hw.modes) {
6688 u16 i;
6689
6690 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6691 if (wpa_s->hw.modes[i].vht_capab) {
6692 wpa_s->hw_capab = CAPAB_VHT;
6693 break;
6694 }
6695
6696 if (wpa_s->hw.modes[i].ht_capab &
6697 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6698 wpa_s->hw_capab = CAPAB_HT40;
6699 else if (wpa_s->hw.modes[i].ht_capab &&
6700 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6701 wpa_s->hw_capab = CAPAB_HT;
6702 }
6703 }
6704
6705 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6706 if (capa_res == 0) {
6707 wpa_s->drv_capa_known = 1;
6708 wpa_s->drv_flags = capa.flags;
6709 wpa_s->drv_flags2 = capa.flags2;
6710 wpa_s->drv_enc = capa.enc;
6711 wpa_s->drv_rrm_flags = capa.rrm_flags;
6712 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
6713 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6714 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
6715 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6716 wpa_s->max_sched_scan_plan_interval =
6717 capa.max_sched_scan_plan_interval;
6718 wpa_s->max_sched_scan_plan_iterations =
6719 capa.max_sched_scan_plan_iterations;
6720 wpa_s->sched_scan_supported = capa.sched_scan_supported;
6721 wpa_s->max_match_sets = capa.max_match_sets;
6722 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
6723 wpa_s->max_stations = capa.max_stations;
6724 wpa_s->extended_capa = capa.extended_capa;
6725 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6726 wpa_s->extended_capa_len = capa.extended_capa_len;
6727 wpa_s->num_multichan_concurrent =
6728 capa.num_multichan_concurrent;
6729 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
6730
6731 if (capa.mac_addr_rand_scan_supported)
6732 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6733 if (wpa_s->sched_scan_supported &&
6734 capa.mac_addr_rand_sched_scan_supported)
6735 wpa_s->mac_addr_rand_supported |=
6736 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
6737
6738 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6739 if (wpa_s->extended_capa &&
6740 wpa_s->extended_capa_len >= 3 &&
6741 wpa_s->extended_capa[2] & 0x40)
6742 wpa_s->multi_bss_support = 1;
6743 }
6744 if (wpa_s->max_remain_on_chan == 0)
6745 wpa_s->max_remain_on_chan = 1000;
6746
6747 /*
6748 * Only take p2p_mgmt parameters when P2P Device is supported.
6749 * Doing it here as it determines whether l2_packet_init() will be done
6750 * during wpa_supplicant_driver_init().
6751 */
6752 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6753 wpa_s->p2p_mgmt = iface->p2p_mgmt;
6754
6755 if (wpa_s->num_multichan_concurrent == 0)
6756 wpa_s->num_multichan_concurrent = 1;
6757
6758 if (wpa_supplicant_driver_init(wpa_s) < 0)
6759 return -1;
6760
6761 #ifdef CONFIG_TDLS
6762 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
6763 return -1;
6764 #endif /* CONFIG_TDLS */
6765
6766 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6767 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6768 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6769 return -1;
6770 }
6771
6772 #ifdef CONFIG_FST
6773 if (wpa_s->conf->fst_group_id) {
6774 struct fst_iface_cfg cfg;
6775 struct fst_wpa_obj iface_obj;
6776
6777 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6778 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6779 sizeof(cfg.group_id));
6780 cfg.priority = wpa_s->conf->fst_priority;
6781 cfg.llt = wpa_s->conf->fst_llt;
6782
6783 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6784 &iface_obj, &cfg);
6785 if (!wpa_s->fst) {
6786 wpa_msg(wpa_s, MSG_ERROR,
6787 "FST: Cannot attach iface %s to group %s",
6788 wpa_s->ifname, cfg.group_id);
6789 return -1;
6790 }
6791 }
6792 #endif /* CONFIG_FST */
6793
6794 if (wpas_wps_init(wpa_s))
6795 return -1;
6796
6797 #ifdef CONFIG_GAS_SERVER
6798 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6799 if (!wpa_s->gas_server) {
6800 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6801 return -1;
6802 }
6803 #endif /* CONFIG_GAS_SERVER */
6804
6805 #ifdef CONFIG_DPP
6806 if (wpas_dpp_init(wpa_s) < 0)
6807 return -1;
6808 #endif /* CONFIG_DPP */
6809
6810 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6811 return -1;
6812 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6813
6814 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6815 if (wpa_s->ctrl_iface == NULL) {
6816 wpa_printf(MSG_ERROR,
6817 "Failed to initialize control interface '%s'.\n"
6818 "You may have another wpa_supplicant process "
6819 "already running or the file was\n"
6820 "left by an unclean termination of wpa_supplicant "
6821 "in which case you will need\n"
6822 "to manually remove this file before starting "
6823 "wpa_supplicant again.\n",
6824 wpa_s->conf->ctrl_interface);
6825 return -1;
6826 }
6827
6828 wpa_s->gas = gas_query_init(wpa_s);
6829 if (wpa_s->gas == NULL) {
6830 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6831 return -1;
6832 }
6833
6834 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6835 wpa_s->p2p_mgmt) &&
6836 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
6837 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
6838 return -1;
6839 }
6840
6841 if (wpa_bss_init(wpa_s) < 0)
6842 return -1;
6843
6844 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6845 #ifdef CONFIG_MESH
6846 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6847 #endif /* CONFIG_MESH */
6848 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6849
6850 /*
6851 * Set Wake-on-WLAN triggers, if configured.
6852 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6853 * have effect anyway when the interface is down).
6854 */
6855 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6856 return -1;
6857
6858 #ifdef CONFIG_EAP_PROXY
6859 {
6860 size_t len;
6861 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6862 wpa_s->imsi, &len);
6863 if (wpa_s->mnc_len > 0) {
6864 wpa_s->imsi[len] = '\0';
6865 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6866 wpa_s->imsi, wpa_s->mnc_len);
6867 } else {
6868 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6869 }
6870 }
6871 #endif /* CONFIG_EAP_PROXY */
6872
6873 if (pcsc_reader_init(wpa_s) < 0)
6874 return -1;
6875
6876 if (wpas_init_ext_pw(wpa_s) < 0)
6877 return -1;
6878
6879 wpas_rrm_reset(wpa_s);
6880
6881 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6882
6883 #ifdef CONFIG_HS20
6884 hs20_init(wpa_s);
6885 #endif /* CONFIG_HS20 */
6886 #ifdef CONFIG_MBO
6887 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
6888 if ((wpa_s->conf->oce & OCE_STA) &&
6889 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6890 wpa_s->enable_oce = OCE_STA;
6891 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6892 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6893 /* TODO: Need to add STA-CFON support */
6894 wpa_printf(MSG_ERROR,
6895 "OCE STA-CFON feature is not yet supported");
6896 }
6897 }
6898 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6899 #endif /* CONFIG_MBO */
6900
6901 wpa_supplicant_set_default_scan_ies(wpa_s);
6902
6903 return 0;
6904 }
6905
6906
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)6907 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
6908 int notify, int terminate)
6909 {
6910 struct wpa_global *global = wpa_s->global;
6911 struct wpa_supplicant *iface, *prev;
6912
6913 if (wpa_s == wpa_s->parent)
6914 wpas_p2p_group_remove(wpa_s, "*");
6915
6916 iface = global->ifaces;
6917 while (iface) {
6918 if (iface->p2pdev == wpa_s)
6919 iface->p2pdev = iface->parent;
6920 if (iface == wpa_s || iface->parent != wpa_s) {
6921 iface = iface->next;
6922 continue;
6923 }
6924 wpa_printf(MSG_DEBUG,
6925 "Remove remaining child interface %s from parent %s",
6926 iface->ifname, wpa_s->ifname);
6927 prev = iface;
6928 iface = iface->next;
6929 wpa_supplicant_remove_iface(global, prev, terminate);
6930 }
6931
6932 wpa_s->disconnected = 1;
6933 if (wpa_s->drv_priv) {
6934 /*
6935 * Don't deauthenticate if WoWLAN is enable and not explicitly
6936 * been configured to disconnect.
6937 */
6938 if (!wpa_drv_get_wowlan(wpa_s) ||
6939 wpa_s->conf->wowlan_disconnect_on_deinit) {
6940 wpa_supplicant_deauthenticate(
6941 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6942
6943 wpa_drv_set_countermeasures(wpa_s, 0);
6944 wpa_clear_keys(wpa_s, NULL);
6945 } else {
6946 wpa_msg(wpa_s, MSG_INFO,
6947 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6948 }
6949 }
6950
6951 wpa_supplicant_cleanup(wpa_s);
6952 wpas_p2p_deinit_iface(wpa_s);
6953
6954 wpas_ctrl_radio_work_flush(wpa_s);
6955 radio_remove_interface(wpa_s);
6956
6957 #ifdef CONFIG_FST
6958 if (wpa_s->fst) {
6959 fst_detach(wpa_s->fst);
6960 wpa_s->fst = NULL;
6961 }
6962 if (wpa_s->received_mb_ies) {
6963 wpabuf_free(wpa_s->received_mb_ies);
6964 wpa_s->received_mb_ies = NULL;
6965 }
6966 #endif /* CONFIG_FST */
6967
6968 if (wpa_s->drv_priv)
6969 wpa_drv_deinit(wpa_s);
6970
6971 if (notify)
6972 wpas_notify_iface_removed(wpa_s);
6973
6974 if (terminate)
6975 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6976
6977 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
6978 wpa_s->ctrl_iface = NULL;
6979
6980 #ifdef CONFIG_MESH
6981 if (wpa_s->ifmsh) {
6982 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true);
6983 wpa_s->ifmsh = NULL;
6984 }
6985 #endif /* CONFIG_MESH */
6986
6987 if (wpa_s->conf != NULL) {
6988 wpa_config_free(wpa_s->conf);
6989 wpa_s->conf = NULL;
6990 }
6991
6992 os_free(wpa_s->ssids_from_scan_req);
6993 os_free(wpa_s->last_scan_freqs);
6994
6995 os_free(wpa_s);
6996 }
6997
6998
6999 #ifdef CONFIG_MATCH_IFACE
7000
7001 /**
7002 * wpa_supplicant_match_iface - Match an interface description to a name
7003 * @global: Pointer to global data from wpa_supplicant_init()
7004 * @ifname: Name of the interface to match
7005 * Returns: Pointer to the created interface description or %NULL on failure
7006 */
wpa_supplicant_match_iface(struct wpa_global * global,const char * ifname)7007 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
7008 const char *ifname)
7009 {
7010 int i;
7011 struct wpa_interface *iface, *miface;
7012
7013 for (i = 0; i < global->params.match_iface_count; i++) {
7014 miface = &global->params.match_ifaces[i];
7015 if (!miface->ifname ||
7016 fnmatch(miface->ifname, ifname, 0) == 0) {
7017 iface = os_zalloc(sizeof(*iface));
7018 if (!iface)
7019 return NULL;
7020 *iface = *miface;
7021 if (!miface->ifname)
7022 iface->matched = WPA_IFACE_MATCHED_NULL;
7023 else
7024 iface->matched = WPA_IFACE_MATCHED;
7025 iface->ifname = ifname;
7026 return iface;
7027 }
7028 }
7029
7030 return NULL;
7031 }
7032
7033
7034 /**
7035 * wpa_supplicant_match_existing - Match existing interfaces
7036 * @global: Pointer to global data from wpa_supplicant_init()
7037 * Returns: 0 on success, -1 on failure
7038 */
wpa_supplicant_match_existing(struct wpa_global * global)7039 static int wpa_supplicant_match_existing(struct wpa_global *global)
7040 {
7041 struct if_nameindex *ifi, *ifp;
7042 struct wpa_supplicant *wpa_s;
7043 struct wpa_interface *iface;
7044
7045 ifp = if_nameindex();
7046 if (!ifp) {
7047 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
7048 return -1;
7049 }
7050
7051 for (ifi = ifp; ifi->if_name; ifi++) {
7052 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
7053 if (wpa_s)
7054 continue;
7055 iface = wpa_supplicant_match_iface(global, ifi->if_name);
7056 if (iface) {
7057 wpa_supplicant_add_iface(global, iface, NULL);
7058 os_free(iface);
7059 }
7060 }
7061
7062 if_freenameindex(ifp);
7063 return 0;
7064 }
7065
7066 #endif /* CONFIG_MATCH_IFACE */
7067
7068
7069 /**
7070 * wpa_supplicant_add_iface - Add a new network interface
7071 * @global: Pointer to global data from wpa_supplicant_init()
7072 * @iface: Interface configuration options
7073 * @parent: Parent interface or %NULL to assign new interface as parent
7074 * Returns: Pointer to the created interface or %NULL on failure
7075 *
7076 * This function is used to add new network interfaces for %wpa_supplicant.
7077 * This can be called before wpa_supplicant_run() to add interfaces before the
7078 * main event loop has been started. In addition, new interfaces can be added
7079 * dynamically while %wpa_supplicant is already running. This could happen,
7080 * e.g., when a hotplug network adapter is inserted.
7081 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)7082 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
7083 struct wpa_interface *iface,
7084 struct wpa_supplicant *parent)
7085 {
7086 struct wpa_supplicant *wpa_s;
7087 struct wpa_interface t_iface;
7088 struct wpa_ssid *ssid;
7089
7090 if (global == NULL || iface == NULL)
7091 return NULL;
7092
7093 wpa_s = wpa_supplicant_alloc(parent);
7094 if (wpa_s == NULL)
7095 return NULL;
7096
7097 wpa_s->global = global;
7098
7099 t_iface = *iface;
7100 if (global->params.override_driver) {
7101 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
7102 "('%s' -> '%s')",
7103 iface->driver, global->params.override_driver);
7104 t_iface.driver = global->params.override_driver;
7105 }
7106 if (global->params.override_ctrl_interface) {
7107 wpa_printf(MSG_DEBUG, "Override interface parameter: "
7108 "ctrl_interface ('%s' -> '%s')",
7109 iface->ctrl_interface,
7110 global->params.override_ctrl_interface);
7111 t_iface.ctrl_interface =
7112 global->params.override_ctrl_interface;
7113 }
7114 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
7115 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
7116 iface->ifname);
7117 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
7118 return NULL;
7119 }
7120
7121 if (iface->p2p_mgmt == 0) {
7122 /* Notify the control interfaces about new iface */
7123 if (wpas_notify_iface_added(wpa_s)) {
7124 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
7125 return NULL;
7126 }
7127
7128 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
7129 wpas_notify_network_added(wpa_s, ssid);
7130 }
7131
7132 wpa_s->next = global->ifaces;
7133 global->ifaces = wpa_s;
7134
7135 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
7136 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
7137
7138 #ifdef CONFIG_P2P
7139 if (wpa_s->global->p2p == NULL &&
7140 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
7141 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
7142 wpas_p2p_add_p2pdev_interface(
7143 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
7144 wpa_printf(MSG_INFO,
7145 "P2P: Failed to enable P2P Device interface");
7146 /* Try to continue without. P2P will be disabled. */
7147 }
7148 #endif /* CONFIG_P2P */
7149
7150 return wpa_s;
7151 }
7152
7153
7154 /**
7155 * wpa_supplicant_remove_iface - Remove a network interface
7156 * @global: Pointer to global data from wpa_supplicant_init()
7157 * @wpa_s: Pointer to the network interface to be removed
7158 * Returns: 0 if interface was removed, -1 if interface was not found
7159 *
7160 * This function can be used to dynamically remove network interfaces from
7161 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
7162 * addition, this function is used to remove all remaining interfaces when
7163 * %wpa_supplicant is terminated.
7164 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)7165 int wpa_supplicant_remove_iface(struct wpa_global *global,
7166 struct wpa_supplicant *wpa_s,
7167 int terminate)
7168 {
7169 struct wpa_supplicant *prev;
7170 #ifdef CONFIG_MESH
7171 unsigned int mesh_if_created = wpa_s->mesh_if_created;
7172 char *ifname = NULL;
7173 struct wpa_supplicant *parent = wpa_s->parent;
7174 #endif /* CONFIG_MESH */
7175
7176 /* Remove interface from the global list of interfaces */
7177 prev = global->ifaces;
7178 if (prev == wpa_s) {
7179 global->ifaces = wpa_s->next;
7180 } else {
7181 while (prev && prev->next != wpa_s)
7182 prev = prev->next;
7183 if (prev == NULL)
7184 return -1;
7185 prev->next = wpa_s->next;
7186 }
7187
7188 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
7189
7190 #ifdef CONFIG_MESH
7191 if (mesh_if_created) {
7192 ifname = os_strdup(wpa_s->ifname);
7193 if (ifname == NULL) {
7194 wpa_dbg(wpa_s, MSG_ERROR,
7195 "mesh: Failed to malloc ifname");
7196 return -1;
7197 }
7198 }
7199 #endif /* CONFIG_MESH */
7200
7201 if (global->p2p_group_formation == wpa_s)
7202 global->p2p_group_formation = NULL;
7203 if (global->p2p_invite_group == wpa_s)
7204 global->p2p_invite_group = NULL;
7205 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
7206
7207 #ifdef CONFIG_MESH
7208 if (mesh_if_created) {
7209 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
7210 os_free(ifname);
7211 }
7212 #endif /* CONFIG_MESH */
7213
7214 return 0;
7215 }
7216
7217
7218 /**
7219 * wpa_supplicant_get_eap_mode - Get the current EAP mode
7220 * @wpa_s: Pointer to the network interface
7221 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
7222 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)7223 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
7224 {
7225 const char *eapol_method;
7226
7227 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
7228 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
7229 return "NO-EAP";
7230 }
7231
7232 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
7233 if (eapol_method == NULL)
7234 return "UNKNOWN-EAP";
7235
7236 return eapol_method;
7237 }
7238
7239
7240 /**
7241 * wpa_supplicant_get_iface - Get a new network interface
7242 * @global: Pointer to global data from wpa_supplicant_init()
7243 * @ifname: Interface name
7244 * Returns: Pointer to the interface or %NULL if not found
7245 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)7246 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
7247 const char *ifname)
7248 {
7249 struct wpa_supplicant *wpa_s;
7250
7251 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7252 if (os_strcmp(wpa_s->ifname, ifname) == 0)
7253 return wpa_s;
7254 }
7255 return NULL;
7256 }
7257
7258
7259 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)7260 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
7261 {
7262 struct wpa_supplicant *wpa_s = ctx;
7263 if (wpa_s == NULL)
7264 return NULL;
7265 return wpa_s->ifname;
7266 }
7267 #endif /* CONFIG_NO_WPA_MSG */
7268
7269
7270 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
7271 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
7272 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
7273
7274 /* Periodic cleanup tasks */
wpas_periodic(void * eloop_ctx,void * timeout_ctx)7275 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
7276 {
7277 struct wpa_global *global = eloop_ctx;
7278 struct wpa_supplicant *wpa_s;
7279
7280 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7281 wpas_periodic, global, NULL);
7282
7283 #ifdef CONFIG_P2P
7284 if (global->p2p)
7285 p2p_expire_peers(global->p2p);
7286 #endif /* CONFIG_P2P */
7287
7288 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7289 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
7290 #ifdef CONFIG_AP
7291 ap_periodic(wpa_s);
7292 #endif /* CONFIG_AP */
7293 }
7294 }
7295
7296
7297 /**
7298 * wpa_supplicant_init - Initialize %wpa_supplicant
7299 * @params: Parameters for %wpa_supplicant
7300 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
7301 *
7302 * This function is used to initialize %wpa_supplicant. After successful
7303 * initialization, the returned data pointer can be used to add and remove
7304 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
7305 */
wpa_supplicant_init(struct wpa_params * params)7306 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
7307 {
7308 struct wpa_global *global;
7309 int ret, i;
7310
7311 if (params == NULL)
7312 return NULL;
7313
7314 #ifndef CONFIG_NO_WPA_MSG
7315 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
7316 #endif /* CONFIG_NO_WPA_MSG */
7317
7318 if (params->wpa_debug_file_path)
7319 wpa_debug_open_file(params->wpa_debug_file_path);
7320 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
7321 wpa_debug_setup_stdout();
7322 if (params->wpa_debug_syslog)
7323 wpa_debug_open_syslog();
7324 if (params->wpa_debug_tracing) {
7325 ret = wpa_debug_open_linux_tracing();
7326 if (ret) {
7327 wpa_printf(MSG_ERROR,
7328 "Failed to enable trace logging");
7329 return NULL;
7330 }
7331 }
7332
7333 ret = eap_register_methods();
7334 if (ret) {
7335 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
7336 if (ret == -2)
7337 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
7338 "the same EAP type.");
7339 return NULL;
7340 }
7341
7342 global = os_zalloc(sizeof(*global));
7343 if (global == NULL)
7344 return NULL;
7345 dl_list_init(&global->p2p_srv_bonjour);
7346 dl_list_init(&global->p2p_srv_upnp);
7347 global->params.daemonize = params->daemonize;
7348 global->params.wait_for_monitor = params->wait_for_monitor;
7349 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
7350 if (params->pid_file)
7351 global->params.pid_file = os_strdup(params->pid_file);
7352 if (params->ctrl_interface)
7353 global->params.ctrl_interface =
7354 os_strdup(params->ctrl_interface);
7355 if (params->ctrl_interface_group)
7356 global->params.ctrl_interface_group =
7357 os_strdup(params->ctrl_interface_group);
7358 if (params->override_driver)
7359 global->params.override_driver =
7360 os_strdup(params->override_driver);
7361 if (params->override_ctrl_interface)
7362 global->params.override_ctrl_interface =
7363 os_strdup(params->override_ctrl_interface);
7364 #ifdef CONFIG_MATCH_IFACE
7365 global->params.match_iface_count = params->match_iface_count;
7366 if (params->match_iface_count) {
7367 global->params.match_ifaces =
7368 os_calloc(params->match_iface_count,
7369 sizeof(struct wpa_interface));
7370 os_memcpy(global->params.match_ifaces,
7371 params->match_ifaces,
7372 params->match_iface_count *
7373 sizeof(struct wpa_interface));
7374 }
7375 #endif /* CONFIG_MATCH_IFACE */
7376 #ifdef CONFIG_P2P
7377 if (params->conf_p2p_dev)
7378 global->params.conf_p2p_dev =
7379 os_strdup(params->conf_p2p_dev);
7380 #endif /* CONFIG_P2P */
7381 wpa_debug_level = global->params.wpa_debug_level =
7382 params->wpa_debug_level;
7383 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
7384 params->wpa_debug_show_keys;
7385 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
7386 params->wpa_debug_timestamp;
7387
7388 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
7389
7390 if (eloop_init()) {
7391 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
7392 wpa_supplicant_deinit(global);
7393 return NULL;
7394 }
7395
7396 random_init(params->entropy_file);
7397
7398 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
7399 if (global->ctrl_iface == NULL) {
7400 wpa_supplicant_deinit(global);
7401 return NULL;
7402 }
7403
7404 if (wpas_notify_supplicant_initialized(global)) {
7405 wpa_supplicant_deinit(global);
7406 return NULL;
7407 }
7408
7409 for (i = 0; wpa_drivers[i]; i++)
7410 global->drv_count++;
7411 if (global->drv_count == 0) {
7412 wpa_printf(MSG_ERROR, "No drivers enabled");
7413 wpa_supplicant_deinit(global);
7414 return NULL;
7415 }
7416 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
7417 if (global->drv_priv == NULL) {
7418 wpa_supplicant_deinit(global);
7419 return NULL;
7420 }
7421
7422 #ifdef CONFIG_WIFI_DISPLAY
7423 if (wifi_display_init(global) < 0) {
7424 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
7425 wpa_supplicant_deinit(global);
7426 return NULL;
7427 }
7428 #endif /* CONFIG_WIFI_DISPLAY */
7429
7430 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7431 wpas_periodic, global, NULL);
7432
7433 return global;
7434 }
7435
7436
7437 /**
7438 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
7439 * @global: Pointer to global data from wpa_supplicant_init()
7440 * Returns: 0 after successful event loop run, -1 on failure
7441 *
7442 * This function starts the main event loop and continues running as long as
7443 * there are any remaining events. In most cases, this function is running as
7444 * long as the %wpa_supplicant process in still in use.
7445 */
wpa_supplicant_run(struct wpa_global * global)7446 int wpa_supplicant_run(struct wpa_global *global)
7447 {
7448 struct wpa_supplicant *wpa_s;
7449
7450 if (global->params.daemonize &&
7451 (wpa_supplicant_daemon(global->params.pid_file) ||
7452 eloop_sock_requeue()))
7453 return -1;
7454
7455 #ifdef CONFIG_MATCH_IFACE
7456 if (wpa_supplicant_match_existing(global))
7457 return -1;
7458 #endif
7459
7460 if (global->params.wait_for_monitor) {
7461 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
7462 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
7463 wpa_supplicant_ctrl_iface_wait(
7464 wpa_s->ctrl_iface);
7465 }
7466
7467 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
7468 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
7469
7470 eloop_run();
7471
7472 return 0;
7473 }
7474
7475
7476 /**
7477 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
7478 * @global: Pointer to global data from wpa_supplicant_init()
7479 *
7480 * This function is called to deinitialize %wpa_supplicant and to free all
7481 * allocated resources. Remaining network interfaces will also be removed.
7482 */
wpa_supplicant_deinit(struct wpa_global * global)7483 void wpa_supplicant_deinit(struct wpa_global *global)
7484 {
7485 int i;
7486
7487 if (global == NULL)
7488 return;
7489
7490 eloop_cancel_timeout(wpas_periodic, global, NULL);
7491
7492 #ifdef CONFIG_WIFI_DISPLAY
7493 wifi_display_deinit(global);
7494 #endif /* CONFIG_WIFI_DISPLAY */
7495
7496 while (global->ifaces)
7497 wpa_supplicant_remove_iface(global, global->ifaces, 1);
7498
7499 if (global->ctrl_iface)
7500 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
7501
7502 wpas_notify_supplicant_deinitialized(global);
7503
7504 eap_peer_unregister_methods();
7505 #ifdef CONFIG_AP
7506 eap_server_unregister_methods();
7507 #endif /* CONFIG_AP */
7508
7509 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
7510 if (!global->drv_priv[i])
7511 continue;
7512 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
7513 }
7514 os_free(global->drv_priv);
7515
7516 random_deinit();
7517
7518 eloop_destroy();
7519
7520 if (global->params.pid_file) {
7521 os_daemonize_terminate(global->params.pid_file);
7522 os_free(global->params.pid_file);
7523 }
7524 os_free(global->params.ctrl_interface);
7525 os_free(global->params.ctrl_interface_group);
7526 os_free(global->params.override_driver);
7527 os_free(global->params.override_ctrl_interface);
7528 #ifdef CONFIG_MATCH_IFACE
7529 os_free(global->params.match_ifaces);
7530 #endif /* CONFIG_MATCH_IFACE */
7531 #ifdef CONFIG_P2P
7532 os_free(global->params.conf_p2p_dev);
7533 #endif /* CONFIG_P2P */
7534
7535 os_free(global->p2p_disallow_freq.range);
7536 os_free(global->p2p_go_avoid_freq.range);
7537 os_free(global->add_psk);
7538
7539 os_free(global);
7540 wpa_debug_close_syslog();
7541 wpa_debug_close_file();
7542 wpa_debug_close_linux_tracing();
7543 }
7544
7545
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)7546 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
7547 {
7548 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
7549 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
7550 char country[3];
7551 country[0] = wpa_s->conf->country[0];
7552 country[1] = wpa_s->conf->country[1];
7553 country[2] = '\0';
7554 if (wpa_drv_set_country(wpa_s, country) < 0) {
7555 wpa_printf(MSG_ERROR, "Failed to set country code "
7556 "'%s'", country);
7557 }
7558 }
7559
7560 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
7561 wpas_init_ext_pw(wpa_s);
7562
7563 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
7564 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7565
7566 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
7567 struct wpa_driver_capa capa;
7568 int res = wpa_drv_get_capa(wpa_s, &capa);
7569
7570 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7571 wpa_printf(MSG_ERROR,
7572 "Failed to update wowlan_triggers to '%s'",
7573 wpa_s->conf->wowlan_triggers);
7574 }
7575
7576 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7577 wpa_supplicant_set_default_scan_ies(wpa_s);
7578
7579 #ifdef CONFIG_BGSCAN
7580 /*
7581 * We default to global bgscan parameters only when per-network bgscan
7582 * parameters aren't set. Only bother resetting bgscan parameters if
7583 * this is the case.
7584 */
7585 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) &&
7586 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan &&
7587 wpa_s->wpa_state == WPA_COMPLETED)
7588 wpa_supplicant_reset_bgscan(wpa_s);
7589 #endif /* CONFIG_BGSCAN */
7590
7591 #ifdef CONFIG_WPS
7592 wpas_wps_update_config(wpa_s);
7593 #endif /* CONFIG_WPS */
7594 wpas_p2p_update_config(wpa_s);
7595 wpa_s->conf->changed_parameters = 0;
7596 }
7597
7598
add_freq(int * freqs,int * num_freqs,int freq)7599 void add_freq(int *freqs, int *num_freqs, int freq)
7600 {
7601 int i;
7602
7603 for (i = 0; i < *num_freqs; i++) {
7604 if (freqs[i] == freq)
7605 return;
7606 }
7607
7608 freqs[*num_freqs] = freq;
7609 (*num_freqs)++;
7610 }
7611
7612
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)7613 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7614 {
7615 struct wpa_bss *bss, *cbss;
7616 const int max_freqs = 10;
7617 int *freqs;
7618 int num_freqs = 0;
7619
7620 freqs = os_calloc(max_freqs + 1, sizeof(int));
7621 if (freqs == NULL)
7622 return NULL;
7623
7624 cbss = wpa_s->current_bss;
7625
7626 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7627 if (bss == cbss)
7628 continue;
7629 if (bss->ssid_len == cbss->ssid_len &&
7630 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7631 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) {
7632 add_freq(freqs, &num_freqs, bss->freq);
7633 if (num_freqs == max_freqs)
7634 break;
7635 }
7636 }
7637
7638 if (num_freqs == 0) {
7639 os_free(freqs);
7640 freqs = NULL;
7641 }
7642
7643 return freqs;
7644 }
7645
7646
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid)7647 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7648 {
7649 int timeout;
7650 int count;
7651 int *freqs = NULL;
7652
7653 wpas_connect_work_done(wpa_s);
7654
7655 /*
7656 * Remove possible authentication timeout since the connection failed.
7657 */
7658 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7659
7660 /*
7661 * There is no point in ignoring the AP temporarily if this event is
7662 * generated based on local request to disconnect.
7663 */
7664 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
7665 wpa_s->own_disconnect_req = 0;
7666 wpa_dbg(wpa_s, MSG_DEBUG,
7667 "Ignore connection failure due to local request to disconnect");
7668 return;
7669 }
7670 if (wpa_s->disconnected) {
7671 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7672 "indication since interface has been put into "
7673 "disconnected state");
7674 return;
7675 }
7676
7677 /*
7678 * Add the failed BSSID into the ignore list and speed up next scan
7679 * attempt if there could be other APs that could accept association.
7680 */
7681 count = wpa_bssid_ignore_add(wpa_s, bssid);
7682 if (count == 1 && wpa_s->current_bss) {
7683 /*
7684 * This BSS was not in the ignore list before. If there is
7685 * another BSS available for the same ESS, we should try that
7686 * next. Otherwise, we may as well try this one once more
7687 * before allowing other, likely worse, ESSes to be considered.
7688 */
7689 freqs = get_bss_freqs_in_ess(wpa_s);
7690 if (freqs) {
7691 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7692 "has been seen; try it next");
7693 wpa_bssid_ignore_add(wpa_s, bssid);
7694 /*
7695 * On the next scan, go through only the known channels
7696 * used in this ESS based on previous scans to speed up
7697 * common load balancing use case.
7698 */
7699 os_free(wpa_s->next_scan_freqs);
7700 wpa_s->next_scan_freqs = freqs;
7701 }
7702 }
7703
7704 wpa_s->consecutive_conn_failures++;
7705
7706 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) {
7707 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7708 "consider temporary network disabling");
7709 wpas_auth_failed(wpa_s, "CONN_FAILED");
7710 }
7711 /*
7712 * Multiple consecutive connection failures mean that other APs are
7713 * either not available or have already been tried, so we can start
7714 * increasing the delay here to avoid constant scanning.
7715 */
7716 switch (wpa_s->consecutive_conn_failures) {
7717 case 1:
7718 timeout = 100;
7719 break;
7720 case 2:
7721 timeout = 500;
7722 break;
7723 case 3:
7724 timeout = 1000;
7725 break;
7726 case 4:
7727 timeout = 5000;
7728 break;
7729 default:
7730 timeout = 10000;
7731 break;
7732 }
7733
7734 wpa_dbg(wpa_s, MSG_DEBUG,
7735 "Consecutive connection failures: %d --> request scan in %d ms",
7736 wpa_s->consecutive_conn_failures, timeout);
7737
7738 /*
7739 * TODO: if more than one possible AP is available in scan results,
7740 * could try the other ones before requesting a new scan.
7741 */
7742
7743 /* speed up the connection attempt with normal scan */
7744 wpa_s->normal_scans = 0;
7745 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7746 1000 * (timeout % 1000));
7747 }
7748
7749
7750 #ifdef CONFIG_FILS
7751
fils_pmksa_cache_flush(struct wpa_supplicant * wpa_s)7752 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
7753 {
7754 struct wpa_ssid *ssid = wpa_s->current_ssid;
7755 const u8 *realm, *username, *rrk;
7756 size_t realm_len, username_len, rrk_len;
7757 u16 next_seq_num;
7758
7759 /* Clear the PMKSA cache entry if FILS authentication was rejected.
7760 * Check for ERP keys existing to limit when this can be done since
7761 * the rejection response is not protected and such triggers should
7762 * really not allow internal state to be modified unless required to
7763 * avoid significant issues in functionality. In addition, drop
7764 * externally configure PMKSA entries even without ERP keys since it
7765 * is possible for an external component to add PMKSA entries for FILS
7766 * authentication without restoring previously generated ERP keys.
7767 *
7768 * In this case, this is needed to allow recovery from cases where the
7769 * AP or authentication server has dropped PMKSAs and ERP keys. */
7770 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt))
7771 return;
7772
7773 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7774 &username, &username_len,
7775 &realm, &realm_len, &next_seq_num,
7776 &rrk, &rrk_len) != 0 ||
7777 !realm) {
7778 wpa_dbg(wpa_s, MSG_DEBUG,
7779 "FILS: Drop external PMKSA cache entry");
7780 wpa_sm_aborted_external_cached(wpa_s->wpa);
7781 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid);
7782 return;
7783 }
7784
7785 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry");
7786 wpa_sm_aborted_cached(wpa_s->wpa);
7787 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
7788 }
7789
7790
fils_connection_failure(struct wpa_supplicant * wpa_s)7791 void fils_connection_failure(struct wpa_supplicant *wpa_s)
7792 {
7793 struct wpa_ssid *ssid = wpa_s->current_ssid;
7794 const u8 *realm, *username, *rrk;
7795 size_t realm_len, username_len, rrk_len;
7796 u16 next_seq_num;
7797
7798 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7799 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7800 &username, &username_len,
7801 &realm, &realm_len, &next_seq_num,
7802 &rrk, &rrk_len) != 0 ||
7803 !realm)
7804 return;
7805
7806 wpa_hexdump_ascii(MSG_DEBUG,
7807 "FILS: Store last connection failure realm",
7808 realm, realm_len);
7809 os_free(wpa_s->last_con_fail_realm);
7810 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7811 if (wpa_s->last_con_fail_realm) {
7812 wpa_s->last_con_fail_realm_len = realm_len;
7813 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7814 }
7815 }
7816 #endif /* CONFIG_FILS */
7817
7818
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)7819 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7820 {
7821 return wpa_s->conf->ap_scan == 2 ||
7822 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7823 }
7824
7825
7826 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)7827 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7828 struct wpa_ssid *ssid,
7829 const char *field,
7830 const char *value)
7831 {
7832 #ifdef IEEE8021X_EAPOL
7833 struct eap_peer_config *eap = &ssid->eap;
7834
7835 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7836 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7837 (const u8 *) value, os_strlen(value));
7838
7839 switch (wpa_supplicant_ctrl_req_from_string(field)) {
7840 case WPA_CTRL_REQ_EAP_IDENTITY:
7841 os_free(eap->identity);
7842 eap->identity = (u8 *) os_strdup(value);
7843 eap->identity_len = os_strlen(value);
7844 eap->pending_req_identity = 0;
7845 if (ssid == wpa_s->current_ssid)
7846 wpa_s->reassociate = 1;
7847 break;
7848 case WPA_CTRL_REQ_EAP_PASSWORD:
7849 bin_clear_free(eap->password, eap->password_len);
7850 eap->password = (u8 *) os_strdup(value);
7851 eap->password_len = os_strlen(value);
7852 eap->pending_req_password = 0;
7853 if (ssid == wpa_s->current_ssid)
7854 wpa_s->reassociate = 1;
7855 break;
7856 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
7857 bin_clear_free(eap->new_password, eap->new_password_len);
7858 eap->new_password = (u8 *) os_strdup(value);
7859 eap->new_password_len = os_strlen(value);
7860 eap->pending_req_new_password = 0;
7861 if (ssid == wpa_s->current_ssid)
7862 wpa_s->reassociate = 1;
7863 break;
7864 case WPA_CTRL_REQ_EAP_PIN:
7865 str_clear_free(eap->cert.pin);
7866 eap->cert.pin = os_strdup(value);
7867 eap->pending_req_pin = 0;
7868 if (ssid == wpa_s->current_ssid)
7869 wpa_s->reassociate = 1;
7870 break;
7871 case WPA_CTRL_REQ_EAP_OTP:
7872 bin_clear_free(eap->otp, eap->otp_len);
7873 eap->otp = (u8 *) os_strdup(value);
7874 eap->otp_len = os_strlen(value);
7875 os_free(eap->pending_req_otp);
7876 eap->pending_req_otp = NULL;
7877 eap->pending_req_otp_len = 0;
7878 break;
7879 case WPA_CTRL_REQ_EAP_PASSPHRASE:
7880 str_clear_free(eap->cert.private_key_passwd);
7881 eap->cert.private_key_passwd = os_strdup(value);
7882 eap->pending_req_passphrase = 0;
7883 if (ssid == wpa_s->current_ssid)
7884 wpa_s->reassociate = 1;
7885 break;
7886 case WPA_CTRL_REQ_SIM:
7887 str_clear_free(eap->external_sim_resp);
7888 eap->external_sim_resp = os_strdup(value);
7889 eap->pending_req_sim = 0;
7890 break;
7891 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7892 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7893 return -1;
7894 ssid->mem_only_psk = 1;
7895 if (ssid->passphrase)
7896 wpa_config_update_psk(ssid);
7897 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7898 wpa_supplicant_req_scan(wpa_s, 0, 0);
7899 break;
7900 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7901 if (eap->pending_ext_cert_check != PENDING_CHECK)
7902 return -1;
7903 if (os_strcmp(value, "good") == 0)
7904 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7905 else if (os_strcmp(value, "bad") == 0)
7906 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7907 else
7908 return -1;
7909 break;
7910 default:
7911 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
7912 return -1;
7913 }
7914
7915 return 0;
7916 #else /* IEEE8021X_EAPOL */
7917 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7918 return -1;
7919 #endif /* IEEE8021X_EAPOL */
7920 }
7921 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
7922
7923
wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)7924 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7925 {
7926 #ifdef CONFIG_WEP
7927 int i;
7928 unsigned int drv_enc;
7929 #endif /* CONFIG_WEP */
7930
7931 if (wpa_s->p2p_mgmt)
7932 return 1; /* no normal network profiles on p2p_mgmt interface */
7933
7934 if (ssid == NULL)
7935 return 1;
7936
7937 if (ssid->disabled)
7938 return 1;
7939
7940 #ifdef CONFIG_WEP
7941 if (wpa_s->drv_capa_known)
7942 drv_enc = wpa_s->drv_enc;
7943 else
7944 drv_enc = (unsigned int) -1;
7945
7946 for (i = 0; i < NUM_WEP_KEYS; i++) {
7947 size_t len = ssid->wep_key_len[i];
7948 if (len == 0)
7949 continue;
7950 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7951 continue;
7952 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7953 continue;
7954 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7955 continue;
7956 return 1; /* invalid WEP key */
7957 }
7958 #endif /* CONFIG_WEP */
7959
7960 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
7961 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
7962 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
7963 !ssid->mem_only_psk)
7964 return 1;
7965
7966 return 0;
7967 }
7968
7969
wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)7970 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7971 {
7972 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7973 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7974 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7975 /*
7976 * Driver does not support BIP -- ignore pmf=1 default
7977 * since the connection with PMF would fail and the
7978 * configuration does not require PMF to be enabled.
7979 */
7980 return NO_MGMT_FRAME_PROTECTION;
7981 }
7982
7983 if (ssid &&
7984 (ssid->key_mgmt &
7985 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7986 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7987 /*
7988 * Do not use the default PMF value for non-RSN networks
7989 * since PMF is available only with RSN and pmf=2
7990 * configuration would otherwise prevent connections to
7991 * all open networks.
7992 */
7993 return NO_MGMT_FRAME_PROTECTION;
7994 }
7995
7996 return wpa_s->conf->pmf;
7997 }
7998
7999 return ssid->ieee80211w;
8000 }
8001
8002
pmf_in_use(struct wpa_supplicant * wpa_s,const u8 * addr)8003 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr)
8004 {
8005 if (wpa_s->current_ssid == NULL ||
8006 wpa_s->wpa_state < WPA_4WAY_HANDSHAKE ||
8007 os_memcmp(addr, wpa_s->bssid, ETH_ALEN) != 0)
8008 return 0;
8009 return wpa_sm_pmf_enabled(wpa_s->wpa);
8010 }
8011
8012
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)8013 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
8014 {
8015 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
8016 return 1;
8017 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
8018 return 0;
8019 return -1;
8020 }
8021
8022
wpas_auth_failed(struct wpa_supplicant * wpa_s,char * reason)8023 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
8024 {
8025 struct wpa_ssid *ssid = wpa_s->current_ssid;
8026 int dur;
8027 struct os_reltime now;
8028
8029 if (ssid == NULL) {
8030 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
8031 "SSID block");
8032 return;
8033 }
8034
8035 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
8036 return;
8037
8038 ssid->auth_failures++;
8039
8040 #ifdef CONFIG_P2P
8041 if (ssid->p2p_group &&
8042 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
8043 /*
8044 * Skip the wait time since there is a short timeout on the
8045 * connection to a P2P group.
8046 */
8047 return;
8048 }
8049 #endif /* CONFIG_P2P */
8050
8051 if (ssid->auth_failures > 50)
8052 dur = 300;
8053 else if (ssid->auth_failures > 10)
8054 dur = 120;
8055 else if (ssid->auth_failures > 5)
8056 dur = 90;
8057 else if (ssid->auth_failures > 3)
8058 dur = 60;
8059 else if (ssid->auth_failures > 2)
8060 dur = 30;
8061 else if (ssid->auth_failures > 1)
8062 dur = 20;
8063 else
8064 dur = 10;
8065
8066 if (ssid->auth_failures > 1 &&
8067 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
8068 dur += os_random() % (ssid->auth_failures * 10);
8069
8070 os_get_reltime(&now);
8071 if (now.sec + dur <= ssid->disabled_until.sec)
8072 return;
8073
8074 ssid->disabled_until.sec = now.sec + dur;
8075
8076 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
8077 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
8078 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
8079 ssid->auth_failures, dur, reason);
8080 }
8081
8082
wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)8083 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
8084 struct wpa_ssid *ssid, int clear_failures)
8085 {
8086 if (ssid == NULL)
8087 return;
8088
8089 if (ssid->disabled_until.sec) {
8090 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
8091 "id=%d ssid=\"%s\"",
8092 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
8093 }
8094 ssid->disabled_until.sec = 0;
8095 ssid->disabled_until.usec = 0;
8096 if (clear_failures)
8097 ssid->auth_failures = 0;
8098 }
8099
8100
disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)8101 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
8102 {
8103 size_t i;
8104
8105 if (wpa_s->disallow_aps_bssid == NULL)
8106 return 0;
8107
8108 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
8109 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
8110 bssid, ETH_ALEN) == 0)
8111 return 1;
8112 }
8113
8114 return 0;
8115 }
8116
8117
disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)8118 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
8119 size_t ssid_len)
8120 {
8121 size_t i;
8122
8123 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
8124 return 0;
8125
8126 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
8127 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
8128 if (ssid_len == s->ssid_len &&
8129 os_memcmp(ssid, s->ssid, ssid_len) == 0)
8130 return 1;
8131 }
8132
8133 return 0;
8134 }
8135
8136
8137 /**
8138 * wpas_request_connection - Request a new connection
8139 * @wpa_s: Pointer to the network interface
8140 *
8141 * This function is used to request a new connection to be found. It will mark
8142 * the interface to allow reassociation and request a new scan to find a
8143 * suitable network to connect to.
8144 */
wpas_request_connection(struct wpa_supplicant * wpa_s)8145 void wpas_request_connection(struct wpa_supplicant *wpa_s)
8146 {
8147 wpa_s->normal_scans = 0;
8148 wpa_s->scan_req = NORMAL_SCAN_REQ;
8149 wpa_supplicant_reinit_autoscan(wpa_s);
8150 wpa_s->disconnected = 0;
8151 wpa_s->reassociate = 1;
8152 wpa_s->last_owe_group = 0;
8153
8154 if (wpa_supplicant_fast_associate(wpa_s) != 1)
8155 wpa_supplicant_req_scan(wpa_s, 0, 0);
8156 else
8157 wpa_s->reattach = 0;
8158 }
8159
8160
8161 /**
8162 * wpas_request_disconnection - Request disconnection
8163 * @wpa_s: Pointer to the network interface
8164 *
8165 * This function is used to request disconnection from the currently connected
8166 * network. This will stop any ongoing scans and initiate deauthentication.
8167 */
wpas_request_disconnection(struct wpa_supplicant * wpa_s)8168 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
8169 {
8170 #ifdef CONFIG_SME
8171 wpa_s->sme.prev_bssid_set = 0;
8172 #endif /* CONFIG_SME */
8173 wpa_s->reassociate = 0;
8174 wpa_s->disconnected = 1;
8175 wpa_supplicant_cancel_sched_scan(wpa_s);
8176 wpa_supplicant_cancel_scan(wpa_s);
8177 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
8178 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
8179 radio_remove_works(wpa_s, "connect", 0);
8180 radio_remove_works(wpa_s, "sme-connect", 0);
8181 wpa_s->roam_in_progress = false;
8182 #ifdef CONFIG_WNM
8183 wpa_s->bss_trans_mgmt_in_progress = false;
8184 #endif /* CONFIG_WNM */
8185 }
8186
8187
dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)8188 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
8189 struct wpa_used_freq_data *freqs_data,
8190 unsigned int len)
8191 {
8192 unsigned int i;
8193
8194 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
8195 len, title);
8196 for (i = 0; i < len; i++) {
8197 struct wpa_used_freq_data *cur = &freqs_data[i];
8198 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
8199 i, cur->freq, cur->flags);
8200 }
8201 }
8202
8203
8204 /*
8205 * Find the operating frequencies of any of the virtual interfaces that
8206 * are using the same radio as the current interface, and in addition, get
8207 * information about the interface types that are using the frequency.
8208 */
get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len)8209 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
8210 struct wpa_used_freq_data *freqs_data,
8211 unsigned int len)
8212 {
8213 struct wpa_supplicant *ifs;
8214 u8 bssid[ETH_ALEN];
8215 int freq;
8216 unsigned int idx = 0, i;
8217
8218 wpa_dbg(wpa_s, MSG_DEBUG,
8219 "Determining shared radio frequencies (max len %u)", len);
8220 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
8221
8222 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
8223 radio_list) {
8224 if (idx == len)
8225 break;
8226
8227 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
8228 continue;
8229
8230 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
8231 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
8232 ifs->current_ssid->mode == WPAS_MODE_MESH)
8233 freq = ifs->current_ssid->frequency;
8234 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
8235 freq = ifs->assoc_freq;
8236 else
8237 continue;
8238
8239 /* Hold only distinct freqs */
8240 for (i = 0; i < idx; i++)
8241 if (freqs_data[i].freq == freq)
8242 break;
8243
8244 if (i == idx)
8245 freqs_data[idx++].freq = freq;
8246
8247 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
8248 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
8249 WPA_FREQ_USED_BY_P2P_CLIENT :
8250 WPA_FREQ_USED_BY_INFRA_STATION;
8251 }
8252 }
8253
8254 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
8255 return idx;
8256 }
8257
8258
8259 /*
8260 * Find the operating frequencies of any of the virtual interfaces that
8261 * are using the same radio as the current interface.
8262 */
get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len)8263 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
8264 int *freq_array, unsigned int len)
8265 {
8266 struct wpa_used_freq_data *freqs_data;
8267 int num, i;
8268
8269 os_memset(freq_array, 0, sizeof(int) * len);
8270
8271 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
8272 if (!freqs_data)
8273 return -1;
8274
8275 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
8276 for (i = 0; i < num; i++)
8277 freq_array[i] = freqs_data[i].freq;
8278
8279 os_free(freqs_data);
8280
8281 return num;
8282 }
8283
8284
8285 struct wpa_supplicant *
wpas_vendor_elem(struct wpa_supplicant * wpa_s,enum wpa_vendor_elem_frame frame)8286 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
8287 {
8288 switch (frame) {
8289 #ifdef CONFIG_P2P
8290 case VENDOR_ELEM_PROBE_REQ_P2P:
8291 case VENDOR_ELEM_PROBE_RESP_P2P:
8292 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
8293 case VENDOR_ELEM_BEACON_P2P_GO:
8294 case VENDOR_ELEM_P2P_PD_REQ:
8295 case VENDOR_ELEM_P2P_PD_RESP:
8296 case VENDOR_ELEM_P2P_GO_NEG_REQ:
8297 case VENDOR_ELEM_P2P_GO_NEG_RESP:
8298 case VENDOR_ELEM_P2P_GO_NEG_CONF:
8299 case VENDOR_ELEM_P2P_INV_REQ:
8300 case VENDOR_ELEM_P2P_INV_RESP:
8301 case VENDOR_ELEM_P2P_ASSOC_REQ:
8302 case VENDOR_ELEM_P2P_ASSOC_RESP:
8303 return wpa_s->p2pdev;
8304 #endif /* CONFIG_P2P */
8305 default:
8306 return wpa_s;
8307 }
8308 }
8309
8310
wpas_vendor_elem_update(struct wpa_supplicant * wpa_s)8311 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
8312 {
8313 unsigned int i;
8314 char buf[30];
8315
8316 wpa_printf(MSG_DEBUG, "Update vendor elements");
8317
8318 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
8319 if (wpa_s->vendor_elem[i]) {
8320 int res;
8321
8322 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
8323 if (!os_snprintf_error(sizeof(buf), res)) {
8324 wpa_hexdump_buf(MSG_DEBUG, buf,
8325 wpa_s->vendor_elem[i]);
8326 }
8327 }
8328 }
8329
8330 #ifdef CONFIG_P2P
8331 if (wpa_s->parent == wpa_s &&
8332 wpa_s->global->p2p &&
8333 !wpa_s->global->p2p_disabled)
8334 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
8335 #endif /* CONFIG_P2P */
8336 }
8337
8338
wpas_vendor_elem_remove(struct wpa_supplicant * wpa_s,int frame,const u8 * elem,size_t len)8339 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
8340 const u8 *elem, size_t len)
8341 {
8342 u8 *ie, *end;
8343
8344 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
8345 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
8346
8347 for (; ie + 1 < end; ie += 2 + ie[1]) {
8348 if (ie + len > end)
8349 break;
8350 if (os_memcmp(ie, elem, len) != 0)
8351 continue;
8352
8353 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
8354 wpabuf_free(wpa_s->vendor_elem[frame]);
8355 wpa_s->vendor_elem[frame] = NULL;
8356 } else {
8357 os_memmove(ie, ie + len, end - (ie + len));
8358 wpa_s->vendor_elem[frame]->used -= len;
8359 }
8360 wpas_vendor_elem_update(wpa_s);
8361 return 0;
8362 }
8363
8364 return -1;
8365 }
8366
8367
get_mode(struct hostapd_hw_modes * modes,u16 num_modes,enum hostapd_hw_mode mode,bool is_6ghz)8368 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
8369 u16 num_modes, enum hostapd_hw_mode mode,
8370 bool is_6ghz)
8371 {
8372 u16 i;
8373
8374 if (!modes)
8375 return NULL;
8376
8377 for (i = 0; i < num_modes; i++) {
8378 if (modes[i].mode != mode ||
8379 !modes[i].num_channels || !modes[i].channels)
8380 continue;
8381 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
8382 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
8383 return &modes[i];
8384 }
8385
8386 return NULL;
8387 }
8388
8389
get_mode_with_freq(struct hostapd_hw_modes * modes,u16 num_modes,int freq)8390 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes,
8391 u16 num_modes, int freq)
8392 {
8393 int i, j;
8394
8395 for (i = 0; i < num_modes; i++) {
8396 for (j = 0; j < modes[i].num_channels; j++) {
8397 if (freq == modes[i].channels[j].freq)
8398 return &modes[i];
8399 }
8400 }
8401
8402 return NULL;
8403 }
8404
8405
8406 static struct
wpas_get_disallowed_bss(struct wpa_supplicant * wpa_s,const u8 * bssid)8407 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
8408 const u8 *bssid)
8409 {
8410 struct wpa_bss_tmp_disallowed *bss;
8411
8412 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
8413 struct wpa_bss_tmp_disallowed, list) {
8414 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
8415 return bss;
8416 }
8417
8418 return NULL;
8419 }
8420
8421
wpa_set_driver_tmp_disallow_list(struct wpa_supplicant * wpa_s)8422 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
8423 {
8424 struct wpa_bss_tmp_disallowed *tmp;
8425 unsigned int num_bssid = 0;
8426 u8 *bssids;
8427 int ret;
8428
8429 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
8430 if (!bssids)
8431 return -1;
8432 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8433 struct wpa_bss_tmp_disallowed, list) {
8434 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
8435 ETH_ALEN);
8436 num_bssid++;
8437 }
8438 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids);
8439 os_free(bssids);
8440 return ret;
8441 }
8442
8443
wpa_bss_tmp_disallow_timeout(void * eloop_ctx,void * timeout_ctx)8444 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
8445 {
8446 struct wpa_supplicant *wpa_s = eloop_ctx;
8447 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
8448
8449 /* Make sure the bss is not already freed */
8450 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8451 struct wpa_bss_tmp_disallowed, list) {
8452 if (bss == tmp) {
8453 remove_bss_tmp_disallowed_entry(wpa_s, tmp);
8454 wpa_set_driver_tmp_disallow_list(wpa_s);
8455 break;
8456 }
8457 }
8458 }
8459
8460
wpa_bss_tmp_disallow(struct wpa_supplicant * wpa_s,const u8 * bssid,unsigned int sec,int rssi_threshold)8461 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
8462 unsigned int sec, int rssi_threshold)
8463 {
8464 struct wpa_bss_tmp_disallowed *bss;
8465
8466 bss = wpas_get_disallowed_bss(wpa_s, bssid);
8467 if (bss) {
8468 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
8469 goto finish;
8470 }
8471
8472 bss = os_malloc(sizeof(*bss));
8473 if (!bss) {
8474 wpa_printf(MSG_DEBUG,
8475 "Failed to allocate memory for temp disallow BSS");
8476 return;
8477 }
8478
8479 os_memcpy(bss->bssid, bssid, ETH_ALEN);
8480 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
8481 wpa_set_driver_tmp_disallow_list(wpa_s);
8482
8483 finish:
8484 bss->rssi_threshold = rssi_threshold;
8485 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
8486 wpa_s, bss);
8487 }
8488
8489
wpa_is_bss_tmp_disallowed(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)8490 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
8491 struct wpa_bss *bss)
8492 {
8493 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
8494
8495 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
8496 struct wpa_bss_tmp_disallowed, list) {
8497 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
8498 disallowed = tmp;
8499 break;
8500 }
8501 }
8502 if (!disallowed)
8503 return 0;
8504
8505 if (disallowed->rssi_threshold != 0 &&
8506 bss->level > disallowed->rssi_threshold) {
8507 remove_bss_tmp_disallowed_entry(wpa_s, disallowed);
8508 wpa_set_driver_tmp_disallow_list(wpa_s);
8509 return 0;
8510 }
8511
8512 return 1;
8513 }
8514
8515
wpas_enable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type,const u8 * addr,const u8 * mask)8516 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
8517 unsigned int type, const u8 *addr,
8518 const u8 *mask)
8519 {
8520 if ((addr && !mask) || (!addr && mask)) {
8521 wpa_printf(MSG_INFO,
8522 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
8523 return -1;
8524 }
8525
8526 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
8527 wpa_printf(MSG_INFO,
8528 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
8529 return -1;
8530 }
8531
8532 if (type & MAC_ADDR_RAND_SCAN) {
8533 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
8534 addr, mask))
8535 return -1;
8536 }
8537
8538 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
8539 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
8540 addr, mask))
8541 return -1;
8542
8543 if (wpa_s->sched_scanning && !wpa_s->pno)
8544 wpas_scan_restart_sched_scan(wpa_s);
8545 }
8546
8547 if (type & MAC_ADDR_RAND_PNO) {
8548 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
8549 addr, mask))
8550 return -1;
8551
8552 if (wpa_s->pno) {
8553 wpas_stop_pno(wpa_s);
8554 wpas_start_pno(wpa_s);
8555 }
8556 }
8557
8558 return 0;
8559 }
8560
8561
wpas_disable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type)8562 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
8563 unsigned int type)
8564 {
8565 wpas_mac_addr_rand_scan_clear(wpa_s, type);
8566 if (wpa_s->pno) {
8567 if (type & MAC_ADDR_RAND_PNO) {
8568 wpas_stop_pno(wpa_s);
8569 wpas_start_pno(wpa_s);
8570 }
8571 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
8572 wpas_scan_restart_sched_scan(wpa_s);
8573 }
8574
8575 return 0;
8576 }
8577
8578
wpa_drv_signal_poll(struct wpa_supplicant * wpa_s,struct wpa_signal_info * si)8579 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
8580 struct wpa_signal_info *si)
8581 {
8582 int res;
8583
8584 if (!wpa_s->driver->signal_poll)
8585 return -1;
8586
8587 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
8588
8589 #ifdef CONFIG_TESTING_OPTIONS
8590 if (res == 0) {
8591 struct driver_signal_override *dso;
8592
8593 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8594 struct driver_signal_override, list) {
8595 if (os_memcmp(wpa_s->bssid, dso->bssid,
8596 ETH_ALEN) != 0)
8597 continue;
8598 wpa_printf(MSG_DEBUG,
8599 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
8600 si->current_signal,
8601 dso->si_current_signal,
8602 si->avg_signal,
8603 dso->si_avg_signal,
8604 si->avg_beacon_signal,
8605 dso->si_avg_beacon_signal,
8606 si->current_noise,
8607 dso->si_current_noise);
8608 si->current_signal = dso->si_current_signal;
8609 si->avg_signal = dso->si_avg_signal;
8610 si->avg_beacon_signal = dso->si_avg_beacon_signal;
8611 si->current_noise = dso->si_current_noise;
8612 break;
8613 }
8614 }
8615 #endif /* CONFIG_TESTING_OPTIONS */
8616
8617 return res;
8618 }
8619
8620
8621 struct wpa_scan_results *
wpa_drv_get_scan_results2(struct wpa_supplicant * wpa_s)8622 wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
8623 {
8624 struct wpa_scan_results *scan_res;
8625 #ifdef CONFIG_TESTING_OPTIONS
8626 size_t idx;
8627 #endif /* CONFIG_TESTING_OPTIONS */
8628
8629 if (!wpa_s->driver->get_scan_results2)
8630 return NULL;
8631
8632 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
8633
8634 #ifdef CONFIG_TESTING_OPTIONS
8635 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
8636 struct driver_signal_override *dso;
8637 struct wpa_scan_res *res = scan_res->res[idx];
8638
8639 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8640 struct driver_signal_override, list) {
8641 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
8642 continue;
8643 wpa_printf(MSG_DEBUG,
8644 "Override driver scan signal level %d->%d for "
8645 MACSTR,
8646 res->level, dso->scan_level,
8647 MAC2STR(res->bssid));
8648 res->flags |= WPA_SCAN_QUAL_INVALID;
8649 if (dso->scan_level < 0)
8650 res->flags |= WPA_SCAN_LEVEL_DBM;
8651 else
8652 res->flags &= ~WPA_SCAN_LEVEL_DBM;
8653 res->level = dso->scan_level;
8654 break;
8655 }
8656 }
8657 #endif /* CONFIG_TESTING_OPTIONS */
8658
8659 return scan_res;
8660 }
8661