1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
44 #include "common/ptksa_cache.h"
45 #include "p2p/p2p.h"
46 #include "fst/fst.h"
47 #include "bssid_ignore.h"
48 #include "wpas_glue.h"
49 #include "wps_supplicant.h"
50 #include "ibss_rsn.h"
51 #include "sme.h"
52 #include "gas_query.h"
53 #include "ap.h"
54 #include "p2p_supplicant.h"
55 #include "wifi_display.h"
56 #include "notify.h"
57 #include "bgscan.h"
58 #include "autoscan.h"
59 #include "bss.h"
60 #include "scan.h"
61 #include "offchannel.h"
62 #include "hs20_supplicant.h"
63 #include "wnm_sta.h"
64 #include "wpas_kay.h"
65 #include "mesh.h"
66 #include "dpp_supplicant.h"
67 #ifdef CONFIG_MESH
68 #include "ap/ap_config.h"
69 #include "ap/hostapd.h"
70 #endif /* CONFIG_MESH */
71
72 const char *const wpa_supplicant_version =
73 "wpa_supplicant v" VERSION_STR "\n"
74 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
75
76 const char *const wpa_supplicant_license =
77 "This software may be distributed under the terms of the BSD license.\n"
78 "See README for more details.\n"
79 #ifdef EAP_TLS_OPENSSL
80 "\nThis product includes software developed by the OpenSSL Project\n"
81 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
82 #endif /* EAP_TLS_OPENSSL */
83 ;
84
85 #ifndef CONFIG_NO_STDOUT_DEBUG
86 /* Long text divided into parts in order to fit in C89 strings size limits. */
87 const char *const wpa_supplicant_full_license1 =
88 "";
89 const char *const wpa_supplicant_full_license2 =
90 "This software may be distributed under the terms of the BSD license.\n"
91 "\n"
92 "Redistribution and use in source and binary forms, with or without\n"
93 "modification, are permitted provided that the following conditions are\n"
94 "met:\n"
95 "\n";
96 const char *const wpa_supplicant_full_license3 =
97 "1. Redistributions of source code must retain the above copyright\n"
98 " notice, this list of conditions and the following disclaimer.\n"
99 "\n"
100 "2. Redistributions in binary form must reproduce the above copyright\n"
101 " notice, this list of conditions and the following disclaimer in the\n"
102 " documentation and/or other materials provided with the distribution.\n"
103 "\n";
104 const char *const wpa_supplicant_full_license4 =
105 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
106 " names of its contributors may be used to endorse or promote products\n"
107 " derived from this software without specific prior written permission.\n"
108 "\n"
109 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
110 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
111 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
112 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
113 const char *const wpa_supplicant_full_license5 =
114 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
115 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
116 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
117 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
118 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
119 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
120 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
121 "\n";
122 #endif /* CONFIG_NO_STDOUT_DEBUG */
123
124
125 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
126 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
127 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
128 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
129 #ifdef CONFIG_OWE
130 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
131 #endif /* CONFIG_OWE */
132
133
134 #ifdef CONFIG_WEP
135 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)136 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
137 {
138 int i, set = 0;
139
140 for (i = 0; i < NUM_WEP_KEYS; i++) {
141 if (ssid->wep_key_len[i] == 0)
142 continue;
143
144 set = 1;
145 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
146 i, i == ssid->wep_tx_keyidx, NULL, 0,
147 ssid->wep_key[i], ssid->wep_key_len[i],
148 i == ssid->wep_tx_keyidx ?
149 KEY_FLAG_GROUP_RX_TX_DEFAULT :
150 KEY_FLAG_GROUP_RX_TX);
151 }
152
153 return set;
154 }
155 #endif /* CONFIG_WEP */
156
157
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)158 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
159 struct wpa_ssid *ssid)
160 {
161 u8 key[32];
162 size_t keylen;
163 enum wpa_alg alg;
164 u8 seq[6] = { 0 };
165 int ret;
166
167 /* IBSS/WPA-None uses only one key (Group) for both receiving and
168 * sending unicast and multicast packets. */
169
170 if (ssid->mode != WPAS_MODE_IBSS) {
171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
172 "IBSS/ad-hoc) for WPA-None", ssid->mode);
173 return -1;
174 }
175
176 if (!ssid->psk_set) {
177 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
178 "WPA-None");
179 return -1;
180 }
181
182 switch (wpa_s->group_cipher) {
183 case WPA_CIPHER_CCMP:
184 os_memcpy(key, ssid->psk, 16);
185 keylen = 16;
186 alg = WPA_ALG_CCMP;
187 break;
188 case WPA_CIPHER_GCMP:
189 os_memcpy(key, ssid->psk, 16);
190 keylen = 16;
191 alg = WPA_ALG_GCMP;
192 break;
193 case WPA_CIPHER_TKIP:
194 /* WPA-None uses the same Michael MIC key for both TX and RX */
195 os_memcpy(key, ssid->psk, 16 + 8);
196 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
197 keylen = 32;
198 alg = WPA_ALG_TKIP;
199 break;
200 default:
201 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
202 "WPA-None", wpa_s->group_cipher);
203 return -1;
204 }
205
206 /* TODO: should actually remember the previously used seq#, both for TX
207 * and RX from each STA.. */
208
209 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
210 KEY_FLAG_GROUP_RX_TX_DEFAULT);
211 os_memset(key, 0, sizeof(key));
212 return ret;
213 }
214
215
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)216 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
217 {
218 struct wpa_supplicant *wpa_s = eloop_ctx;
219 const u8 *bssid = wpa_s->bssid;
220 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
221 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
222 wpa_s->wpa_state == WPA_ASSOCIATING))
223 bssid = wpa_s->pending_bssid;
224 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
225 MAC2STR(bssid));
226 wpa_bssid_ignore_add(wpa_s, bssid);
227 wpa_sm_notify_disassoc(wpa_s->wpa);
228 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
229 wpa_s->reassociate = 1;
230
231 /*
232 * If we timed out, the AP or the local radio may be busy.
233 * So, wait a second until scanning again.
234 */
235 wpa_supplicant_req_scan(wpa_s, 1, 0);
236 }
237
238
239 /**
240 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
241 * @wpa_s: Pointer to wpa_supplicant data
242 * @sec: Number of seconds after which to time out authentication
243 * @usec: Number of microseconds after which to time out authentication
244 *
245 * This function is used to schedule a timeout for the current authentication
246 * attempt.
247 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)248 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
249 int sec, int usec)
250 {
251 if (wpa_s->conf->ap_scan == 0 &&
252 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
253 return;
254
255 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
256 "%d usec", sec, usec);
257 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
258 wpa_s->last_auth_timeout_sec = sec;
259 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
260 }
261
262
263 /*
264 * wpas_auth_timeout_restart - Restart and change timeout for authentication
265 * @wpa_s: Pointer to wpa_supplicant data
266 * @sec_diff: difference in seconds applied to original timeout value
267 */
wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)268 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
269 {
270 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
271
272 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
273 wpa_dbg(wpa_s, MSG_DEBUG,
274 "Authentication timeout restart: %d sec", new_sec);
275 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
276 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
277 wpa_s, NULL);
278 }
279 }
280
281
282 /**
283 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
284 * @wpa_s: Pointer to wpa_supplicant data
285 *
286 * This function is used to cancel authentication timeout scheduled with
287 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
288 * been completed.
289 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)290 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
291 {
292 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
293 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
294 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
295 os_free(wpa_s->last_con_fail_realm);
296 wpa_s->last_con_fail_realm = NULL;
297 wpa_s->last_con_fail_realm_len = 0;
298 }
299
300
301 /**
302 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
303 * @wpa_s: Pointer to wpa_supplicant data
304 *
305 * This function is used to configure EAPOL state machine based on the selected
306 * authentication mode.
307 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)308 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
309 {
310 #ifdef IEEE8021X_EAPOL
311 struct eapol_config eapol_conf;
312 struct wpa_ssid *ssid = wpa_s->current_ssid;
313
314 #ifdef CONFIG_IBSS_RSN
315 if (ssid->mode == WPAS_MODE_IBSS &&
316 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
317 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
318 /*
319 * RSN IBSS authentication is per-STA and we can disable the
320 * per-BSSID EAPOL authentication.
321 */
322 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
323 eapol_sm_notify_eap_success(wpa_s->eapol, true);
324 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
325 return;
326 }
327 #endif /* CONFIG_IBSS_RSN */
328
329 eapol_sm_notify_eap_success(wpa_s->eapol, false);
330 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
331
332 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
333 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
334 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
335 else
336 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
337
338 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
339 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
340 eapol_conf.accept_802_1x_keys = 1;
341 eapol_conf.required_keys = 0;
342 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
343 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
344 }
345 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
346 eapol_conf.required_keys |=
347 EAPOL_REQUIRE_KEY_BROADCAST;
348 }
349
350 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
351 eapol_conf.required_keys = 0;
352 }
353 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
354 eapol_conf.workaround = ssid->eap_workaround;
355 eapol_conf.eap_disabled =
356 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
357 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
358 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
359 eapol_conf.external_sim = wpa_s->conf->external_sim;
360
361 #ifdef CONFIG_WPS
362 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
363 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
364 if (wpa_s->current_bss) {
365 struct wpabuf *ie;
366 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
367 WPS_IE_VENDOR_TYPE);
368 if (ie) {
369 if (wps_is_20(ie))
370 eapol_conf.wps |=
371 EAPOL_PEER_IS_WPS20_AP;
372 wpabuf_free(ie);
373 }
374 }
375 }
376 #endif /* CONFIG_WPS */
377
378 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
379
380 #ifdef CONFIG_MACSEC
381 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
382 ieee802_1x_create_preshared_mka(wpa_s, ssid);
383 else
384 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
385 #endif /* CONFIG_MACSEC */
386 #endif /* IEEE8021X_EAPOL */
387 }
388
389
390 /**
391 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
392 * @wpa_s: Pointer to wpa_supplicant data
393 * @ssid: Configuration data for the network
394 *
395 * This function is used to configure WPA state machine and related parameters
396 * to a mode where WPA is not enabled. This is called as part of the
397 * authentication configuration when the selected network does not use WPA.
398 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)399 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
400 struct wpa_ssid *ssid)
401 {
402 #ifdef CONFIG_WEP
403 int i;
404 #endif /* CONFIG_WEP */
405
406 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
407 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
408 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
409 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
410 else
411 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
412 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
413 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
414 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
415 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
416 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
417 wpa_s->rsnxe_len = 0;
418 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
419 wpa_s->group_cipher = WPA_CIPHER_NONE;
420 wpa_s->mgmt_group_cipher = 0;
421
422 #ifdef CONFIG_WEP
423 for (i = 0; i < NUM_WEP_KEYS; i++) {
424 if (ssid->wep_key_len[i] > 5) {
425 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
426 wpa_s->group_cipher = WPA_CIPHER_WEP104;
427 break;
428 } else if (ssid->wep_key_len[i] > 0) {
429 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
430 wpa_s->group_cipher = WPA_CIPHER_WEP40;
431 break;
432 }
433 }
434 #endif /* CONFIG_WEP */
435
436 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
437 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
438 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
439 wpa_s->pairwise_cipher);
440 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
441 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
442 wpa_s->mgmt_group_cipher);
443
444 pmksa_cache_clear_current(wpa_s->wpa);
445 }
446
447
free_hw_features(struct wpa_supplicant * wpa_s)448 void free_hw_features(struct wpa_supplicant *wpa_s)
449 {
450 int i;
451 if (wpa_s->hw.modes == NULL)
452 return;
453
454 for (i = 0; i < wpa_s->hw.num_modes; i++) {
455 os_free(wpa_s->hw.modes[i].channels);
456 os_free(wpa_s->hw.modes[i].rates);
457 }
458
459 os_free(wpa_s->hw.modes);
460 wpa_s->hw.modes = NULL;
461 }
462
463
remove_bss_tmp_disallowed_entry(struct wpa_supplicant * wpa_s,struct wpa_bss_tmp_disallowed * bss)464 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s,
465 struct wpa_bss_tmp_disallowed *bss)
466 {
467 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
468 dl_list_del(&bss->list);
469 os_free(bss);
470 }
471
472
free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)473 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
474 {
475 struct wpa_bss_tmp_disallowed *bss, *prev;
476
477 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
478 struct wpa_bss_tmp_disallowed, list)
479 remove_bss_tmp_disallowed_entry(wpa_s, bss);
480 }
481
482
wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)483 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
484 {
485 struct fils_hlp_req *req;
486
487 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
488 list)) != NULL) {
489 dl_list_del(&req->list);
490 wpabuf_free(req->pkt);
491 os_free(req);
492 }
493 }
494
495
wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)496 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
497 {
498 struct wpa_supplicant *wpa_s = eloop_ctx;
499
500 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
501 return;
502 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
503 wpa_bss_flush(wpa_s);
504 }
505
506
507 #ifdef CONFIG_TESTING_OPTIONS
wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)508 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
509 {
510 struct driver_signal_override *dso;
511
512 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
513 struct driver_signal_override, list))) {
514 dl_list_del(&dso->list);
515 os_free(dso);
516 }
517 }
518 #endif /* CONFIG_TESTING_OPTIONS */
519
520
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)521 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
522 {
523 int i;
524
525 bgscan_deinit(wpa_s);
526 autoscan_deinit(wpa_s);
527 scard_deinit(wpa_s->scard);
528 wpa_s->scard = NULL;
529 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
530 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
531 l2_packet_deinit(wpa_s->l2);
532 wpa_s->l2 = NULL;
533 if (wpa_s->l2_br) {
534 l2_packet_deinit(wpa_s->l2_br);
535 wpa_s->l2_br = NULL;
536 }
537 #ifdef CONFIG_TESTING_OPTIONS
538 l2_packet_deinit(wpa_s->l2_test);
539 wpa_s->l2_test = NULL;
540 os_free(wpa_s->get_pref_freq_list_override);
541 wpa_s->get_pref_freq_list_override = NULL;
542 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
543 wpa_s->last_assoc_req_wpa_ie = NULL;
544 os_free(wpa_s->extra_sae_rejected_groups);
545 wpa_s->extra_sae_rejected_groups = NULL;
546 wpabuf_free(wpa_s->rsne_override_eapol);
547 wpa_s->rsne_override_eapol = NULL;
548 wpabuf_free(wpa_s->rsnxe_override_assoc);
549 wpa_s->rsnxe_override_assoc = NULL;
550 wpabuf_free(wpa_s->rsnxe_override_eapol);
551 wpa_s->rsnxe_override_eapol = NULL;
552 wpas_clear_driver_signal_override(wpa_s);
553 #endif /* CONFIG_TESTING_OPTIONS */
554
555 if (wpa_s->conf != NULL) {
556 struct wpa_ssid *ssid;
557 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
558 wpas_notify_network_removed(wpa_s, ssid);
559 }
560
561 os_free(wpa_s->confname);
562 wpa_s->confname = NULL;
563
564 os_free(wpa_s->confanother);
565 wpa_s->confanother = NULL;
566
567 os_free(wpa_s->last_con_fail_realm);
568 wpa_s->last_con_fail_realm = NULL;
569 wpa_s->last_con_fail_realm_len = 0;
570
571 wpa_sm_set_eapol(wpa_s->wpa, NULL);
572 eapol_sm_deinit(wpa_s->eapol);
573 wpa_s->eapol = NULL;
574
575 rsn_preauth_deinit(wpa_s->wpa);
576
577 #ifdef CONFIG_TDLS
578 wpa_tdls_deinit(wpa_s->wpa);
579 #endif /* CONFIG_TDLS */
580
581 wmm_ac_clear_saved_tspecs(wpa_s);
582 pmksa_candidate_free(wpa_s->wpa);
583 ptksa_cache_deinit(wpa_s->ptksa);
584 wpa_s->ptksa = NULL;
585 wpa_sm_deinit(wpa_s->wpa);
586 wpa_s->wpa = NULL;
587 wpa_bssid_ignore_clear(wpa_s);
588
589 #ifdef CONFIG_PASN
590 wpas_pasn_auth_stop(wpa_s);
591 #endif /* CONFIG_PASN */
592
593 wpa_bss_deinit(wpa_s);
594
595 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
596 wpa_supplicant_cancel_scan(wpa_s);
597 wpa_supplicant_cancel_auth_timeout(wpa_s);
598 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
599 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
600 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
601 wpa_s, NULL);
602 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
603
604 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
605 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
606
607 wpas_wps_deinit(wpa_s);
608
609 wpabuf_free(wpa_s->pending_eapol_rx);
610 wpa_s->pending_eapol_rx = NULL;
611
612 #ifdef CONFIG_IBSS_RSN
613 ibss_rsn_deinit(wpa_s->ibss_rsn);
614 wpa_s->ibss_rsn = NULL;
615 #endif /* CONFIG_IBSS_RSN */
616
617 sme_deinit(wpa_s);
618
619 #ifdef CONFIG_AP
620 wpa_supplicant_ap_deinit(wpa_s);
621 #endif /* CONFIG_AP */
622
623 wpas_p2p_deinit(wpa_s);
624
625 #ifdef CONFIG_OFFCHANNEL
626 offchannel_deinit(wpa_s);
627 #endif /* CONFIG_OFFCHANNEL */
628
629 wpa_supplicant_cancel_sched_scan(wpa_s);
630
631 os_free(wpa_s->next_scan_freqs);
632 wpa_s->next_scan_freqs = NULL;
633
634 os_free(wpa_s->manual_scan_freqs);
635 wpa_s->manual_scan_freqs = NULL;
636 os_free(wpa_s->select_network_scan_freqs);
637 wpa_s->select_network_scan_freqs = NULL;
638
639 os_free(wpa_s->manual_sched_scan_freqs);
640 wpa_s->manual_sched_scan_freqs = NULL;
641
642 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
643
644 /*
645 * Need to remove any pending gas-query radio work before the
646 * gas_query_deinit() call because gas_query::work has not yet been set
647 * for works that have not been started. gas_query_free() will be unable
648 * to cancel such pending radio works and once the pending gas-query
649 * radio work eventually gets removed, the deinit notification call to
650 * gas_query_start_cb() would result in dereferencing freed memory.
651 */
652 if (wpa_s->radio)
653 radio_remove_works(wpa_s, "gas-query", 0);
654 gas_query_deinit(wpa_s->gas);
655 wpa_s->gas = NULL;
656 gas_server_deinit(wpa_s->gas_server);
657 wpa_s->gas_server = NULL;
658
659 free_hw_features(wpa_s);
660
661 ieee802_1x_dealloc_kay_sm(wpa_s);
662
663 os_free(wpa_s->bssid_filter);
664 wpa_s->bssid_filter = NULL;
665
666 os_free(wpa_s->disallow_aps_bssid);
667 wpa_s->disallow_aps_bssid = NULL;
668 os_free(wpa_s->disallow_aps_ssid);
669 wpa_s->disallow_aps_ssid = NULL;
670
671 wnm_bss_keep_alive_deinit(wpa_s);
672 #ifdef CONFIG_WNM
673 wnm_deallocate_memory(wpa_s);
674 #endif /* CONFIG_WNM */
675
676 ext_password_deinit(wpa_s->ext_pw);
677 wpa_s->ext_pw = NULL;
678
679 wpabuf_free(wpa_s->last_gas_resp);
680 wpa_s->last_gas_resp = NULL;
681 wpabuf_free(wpa_s->prev_gas_resp);
682 wpa_s->prev_gas_resp = NULL;
683
684 os_free(wpa_s->last_scan_res);
685 wpa_s->last_scan_res = NULL;
686
687 #ifdef CONFIG_HS20
688 if (wpa_s->drv_priv)
689 wpa_drv_configure_frame_filters(wpa_s, 0);
690 hs20_deinit(wpa_s);
691 #endif /* CONFIG_HS20 */
692
693 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
694 wpabuf_free(wpa_s->vendor_elem[i]);
695 wpa_s->vendor_elem[i] = NULL;
696 }
697
698 wmm_ac_notify_disassoc(wpa_s);
699
700 wpa_s->sched_scan_plans_num = 0;
701 os_free(wpa_s->sched_scan_plans);
702 wpa_s->sched_scan_plans = NULL;
703
704 #ifdef CONFIG_MBO
705 wpa_s->non_pref_chan_num = 0;
706 os_free(wpa_s->non_pref_chan);
707 wpa_s->non_pref_chan = NULL;
708 #endif /* CONFIG_MBO */
709
710 free_bss_tmp_disallowed(wpa_s);
711
712 wpabuf_free(wpa_s->lci);
713 wpa_s->lci = NULL;
714 wpas_clear_beacon_rep_data(wpa_s);
715
716 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
717 #ifdef CONFIG_MESH
718 {
719 struct external_pmksa_cache *entry;
720
721 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
722 struct external_pmksa_cache,
723 list)) != NULL) {
724 dl_list_del(&entry->list);
725 os_free(entry->pmksa_cache);
726 os_free(entry);
727 }
728 }
729 #endif /* CONFIG_MESH */
730 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
731
732 wpas_flush_fils_hlp_req(wpa_s);
733
734 wpabuf_free(wpa_s->ric_ies);
735 wpa_s->ric_ies = NULL;
736
737 #ifdef CONFIG_DPP
738 wpas_dpp_deinit(wpa_s);
739 dpp_global_deinit(wpa_s->dpp);
740 wpa_s->dpp = NULL;
741 #endif /* CONFIG_DPP */
742
743 #ifdef CONFIG_PASN
744 wpas_pasn_auth_stop(wpa_s);
745 #endif /* CONFIG_PASN */
746 wpas_scs_deinit(wpa_s);
747 wpas_dscp_deinit(wpa_s);
748 }
749
750
751 /**
752 * wpa_clear_keys - Clear keys configured for the driver
753 * @wpa_s: Pointer to wpa_supplicant data
754 * @addr: Previously used BSSID or %NULL if not available
755 *
756 * This function clears the encryption keys that has been previously configured
757 * for the driver.
758 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)759 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
760 {
761 int i, max = 6;
762
763 /* MLME-DELETEKEYS.request */
764 for (i = 0; i < max; i++) {
765 if (wpa_s->keys_cleared & BIT(i))
766 continue;
767 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
768 NULL, 0, KEY_FLAG_GROUP);
769 }
770 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
771 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
772 !is_zero_ether_addr(addr)) {
773 if (!(wpa_s->keys_cleared & BIT(0)))
774 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL,
775 0, NULL, 0, KEY_FLAG_PAIRWISE);
776 if (!(wpa_s->keys_cleared & BIT(15)))
777 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL,
778 0, NULL, 0, KEY_FLAG_PAIRWISE);
779 /* MLME-SETPROTECTION.request(None) */
780 wpa_drv_mlme_setprotection(
781 wpa_s, addr,
782 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
783 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
784 }
785 wpa_s->keys_cleared = (u32) -1;
786 }
787
788
789 /**
790 * wpa_supplicant_state_txt - Get the connection state name as a text string
791 * @state: State (wpa_state; WPA_*)
792 * Returns: The state name as a printable text string
793 */
wpa_supplicant_state_txt(enum wpa_states state)794 const char * wpa_supplicant_state_txt(enum wpa_states state)
795 {
796 switch (state) {
797 case WPA_DISCONNECTED:
798 return "DISCONNECTED";
799 case WPA_INACTIVE:
800 return "INACTIVE";
801 case WPA_INTERFACE_DISABLED:
802 return "INTERFACE_DISABLED";
803 case WPA_SCANNING:
804 return "SCANNING";
805 case WPA_AUTHENTICATING:
806 return "AUTHENTICATING";
807 case WPA_ASSOCIATING:
808 return "ASSOCIATING";
809 case WPA_ASSOCIATED:
810 return "ASSOCIATED";
811 case WPA_4WAY_HANDSHAKE:
812 return "4WAY_HANDSHAKE";
813 case WPA_GROUP_HANDSHAKE:
814 return "GROUP_HANDSHAKE";
815 case WPA_COMPLETED:
816 return "COMPLETED";
817 default:
818 return "UNKNOWN";
819 }
820 }
821
822
823 #ifdef CONFIG_BGSCAN
824
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)825 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
826 {
827 if (wpa_s->bgscan_ssid) {
828 bgscan_deinit(wpa_s);
829 wpa_s->bgscan_ssid = NULL;
830 }
831 }
832
833
834 /**
835 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
836 * @wpa_s: Pointer to the wpa_supplicant data
837 *
838 * Stop, start, or reconfigure the scan parameters depending on the method.
839 */
wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)840 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
841 {
842 const char *name;
843
844 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
845 name = wpa_s->current_ssid->bgscan;
846 else
847 name = wpa_s->conf->bgscan;
848 if (!name || name[0] == '\0') {
849 wpa_supplicant_stop_bgscan(wpa_s);
850 return;
851 }
852 if (wpas_driver_bss_selection(wpa_s))
853 return;
854 #ifdef CONFIG_P2P
855 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
856 return;
857 #endif /* CONFIG_P2P */
858
859 bgscan_deinit(wpa_s);
860 if (wpa_s->current_ssid) {
861 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
862 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
863 "bgscan");
864 /*
865 * Live without bgscan; it is only used as a roaming
866 * optimization, so the initial connection is not
867 * affected.
868 */
869 } else {
870 struct wpa_scan_results *scan_res;
871 wpa_s->bgscan_ssid = wpa_s->current_ssid;
872 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
873 0);
874 if (scan_res) {
875 bgscan_notify_scan(wpa_s, scan_res);
876 wpa_scan_results_free(scan_res);
877 }
878 }
879 } else
880 wpa_s->bgscan_ssid = NULL;
881 }
882
883 #endif /* CONFIG_BGSCAN */
884
885
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)886 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
887 {
888 if (autoscan_init(wpa_s, 0))
889 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
890 }
891
892
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)893 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
894 {
895 autoscan_deinit(wpa_s);
896 }
897
898
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)899 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
900 {
901 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
902 wpa_s->wpa_state == WPA_SCANNING) {
903 autoscan_deinit(wpa_s);
904 wpa_supplicant_start_autoscan(wpa_s);
905 }
906 }
907
908
909 /**
910 * wpa_supplicant_set_state - Set current connection state
911 * @wpa_s: Pointer to wpa_supplicant data
912 * @state: The new connection state
913 *
914 * This function is called whenever the connection state changes, e.g.,
915 * association is completed for WPA/WPA2 4-Way Handshake is started.
916 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)917 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
918 enum wpa_states state)
919 {
920 enum wpa_states old_state = wpa_s->wpa_state;
921 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
922 bool update_fils_connect_params = false;
923 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
924
925 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
926 wpa_supplicant_state_txt(wpa_s->wpa_state),
927 wpa_supplicant_state_txt(state));
928
929 if (state == WPA_COMPLETED &&
930 os_reltime_initialized(&wpa_s->roam_start)) {
931 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
932 wpa_s->roam_start.sec = 0;
933 wpa_s->roam_start.usec = 0;
934 wpas_notify_auth_changed(wpa_s);
935 wpas_notify_roam_time(wpa_s);
936 wpas_notify_roam_complete(wpa_s);
937 } else if (state == WPA_DISCONNECTED &&
938 os_reltime_initialized(&wpa_s->roam_start)) {
939 wpa_s->roam_start.sec = 0;
940 wpa_s->roam_start.usec = 0;
941 wpa_s->roam_time.sec = 0;
942 wpa_s->roam_time.usec = 0;
943 wpas_notify_roam_complete(wpa_s);
944 }
945
946 if (state == WPA_INTERFACE_DISABLED) {
947 /* Assure normal scan when interface is restored */
948 wpa_s->normal_scans = 0;
949 }
950
951 if (state == WPA_COMPLETED) {
952 wpas_connect_work_done(wpa_s);
953 /* Reinitialize normal_scan counter */
954 wpa_s->normal_scans = 0;
955 }
956
957 #ifdef CONFIG_P2P
958 /*
959 * P2PS client has to reply to Probe Request frames received on the
960 * group operating channel. Enable Probe Request frame reporting for
961 * P2P connected client in case p2p_cli_probe configuration property is
962 * set to 1.
963 */
964 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
965 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
966 wpa_s->current_ssid->p2p_group) {
967 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
968 wpa_dbg(wpa_s, MSG_DEBUG,
969 "P2P: Enable CLI Probe Request RX reporting");
970 wpa_s->p2p_cli_probe =
971 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
972 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
973 wpa_dbg(wpa_s, MSG_DEBUG,
974 "P2P: Disable CLI Probe Request RX reporting");
975 wpa_s->p2p_cli_probe = 0;
976 wpa_drv_probe_req_report(wpa_s, 0);
977 }
978 }
979 #endif /* CONFIG_P2P */
980
981 if (state != WPA_SCANNING)
982 wpa_supplicant_notify_scanning(wpa_s, 0);
983
984 if (state == WPA_COMPLETED && wpa_s->new_connection) {
985 struct wpa_ssid *ssid = wpa_s->current_ssid;
986 int fils_hlp_sent = 0;
987
988 #ifdef CONFIG_SME
989 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
990 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
991 fils_hlp_sent = 1;
992 #endif /* CONFIG_SME */
993 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
994 wpa_auth_alg_fils(wpa_s->auth_alg))
995 fils_hlp_sent = 1;
996
997 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
998 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
999 MACSTR " completed [id=%d id_str=%s%s]",
1000 MAC2STR(wpa_s->bssid),
1001 ssid ? ssid->id : -1,
1002 ssid && ssid->id_str ? ssid->id_str : "",
1003 fils_hlp_sent ? " FILS_HLP_SENT" : "");
1004 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1005 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1006 wpa_s->consecutive_conn_failures = 0;
1007 wpa_s->new_connection = 0;
1008 wpa_drv_set_operstate(wpa_s, 1);
1009 #ifndef IEEE8021X_EAPOL
1010 wpa_drv_set_supp_port(wpa_s, 1);
1011 #endif /* IEEE8021X_EAPOL */
1012 wpa_s->after_wps = 0;
1013 wpa_s->known_wps_freq = 0;
1014 wpas_p2p_completed(wpa_s);
1015
1016 sme_sched_obss_scan(wpa_s, 1);
1017
1018 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1019 if (!fils_hlp_sent && ssid && ssid->eap.erp)
1020 update_fils_connect_params = true;
1021 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1022 #ifdef CONFIG_OWE
1023 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1024 wpas_update_owe_connect_params(wpa_s);
1025 #endif /* CONFIG_OWE */
1026 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1027 state == WPA_ASSOCIATED) {
1028 wpa_s->new_connection = 1;
1029 wpa_drv_set_operstate(wpa_s, 0);
1030 #ifndef IEEE8021X_EAPOL
1031 wpa_drv_set_supp_port(wpa_s, 0);
1032 #endif /* IEEE8021X_EAPOL */
1033 sme_sched_obss_scan(wpa_s, 0);
1034 }
1035 wpa_s->wpa_state = state;
1036
1037 #ifdef CONFIG_BGSCAN
1038 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1039 wpa_supplicant_reset_bgscan(wpa_s);
1040 else if (state < WPA_ASSOCIATED)
1041 wpa_supplicant_stop_bgscan(wpa_s);
1042 #endif /* CONFIG_BGSCAN */
1043
1044 if (state > WPA_SCANNING)
1045 wpa_supplicant_stop_autoscan(wpa_s);
1046
1047 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1048 wpa_supplicant_start_autoscan(wpa_s);
1049
1050 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1051 wmm_ac_notify_disassoc(wpa_s);
1052
1053 if (wpa_s->wpa_state != old_state) {
1054 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1055
1056 /*
1057 * Notify the P2P Device interface about a state change in one
1058 * of the interfaces.
1059 */
1060 wpas_p2p_indicate_state_change(wpa_s);
1061
1062 if (wpa_s->wpa_state == WPA_COMPLETED ||
1063 old_state == WPA_COMPLETED)
1064 wpas_notify_auth_changed(wpa_s);
1065 #ifdef CONFIG_DPP2
1066 if (wpa_s->wpa_state == WPA_COMPLETED)
1067 wpas_dpp_connected(wpa_s);
1068 #endif /* CONFIG_DPP2 */
1069 }
1070 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1071 if (update_fils_connect_params)
1072 wpas_update_fils_connect_params(wpa_s);
1073 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1074 }
1075
1076
wpa_supplicant_terminate_proc(struct wpa_global * global)1077 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1078 {
1079 int pending = 0;
1080 #ifdef CONFIG_WPS
1081 struct wpa_supplicant *wpa_s = global->ifaces;
1082 while (wpa_s) {
1083 struct wpa_supplicant *next = wpa_s->next;
1084 if (wpas_wps_terminate_pending(wpa_s) == 1)
1085 pending = 1;
1086 #ifdef CONFIG_P2P
1087 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1088 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1089 wpas_p2p_disconnect(wpa_s);
1090 #endif /* CONFIG_P2P */
1091 wpa_s = next;
1092 }
1093 #endif /* CONFIG_WPS */
1094 if (pending)
1095 return;
1096 eloop_terminate();
1097 }
1098
1099
wpa_supplicant_terminate(int sig,void * signal_ctx)1100 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1101 {
1102 struct wpa_global *global = signal_ctx;
1103 wpa_supplicant_terminate_proc(global);
1104 }
1105
1106
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1107 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1108 {
1109 enum wpa_states old_state = wpa_s->wpa_state;
1110 enum wpa_states new_state;
1111
1112 if (old_state == WPA_SCANNING)
1113 new_state = WPA_SCANNING;
1114 else
1115 new_state = WPA_DISCONNECTED;
1116
1117 wpa_s->pairwise_cipher = 0;
1118 wpa_s->group_cipher = 0;
1119 wpa_s->mgmt_group_cipher = 0;
1120 wpa_s->key_mgmt = 0;
1121 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1122 wpa_supplicant_set_state(wpa_s, new_state);
1123
1124 if (wpa_s->wpa_state != old_state)
1125 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1126 }
1127
1128
1129 /**
1130 * wpa_supplicant_reload_configuration - Reload configuration data
1131 * @wpa_s: Pointer to wpa_supplicant data
1132 * Returns: 0 on success or -1 if configuration parsing failed
1133 *
1134 * This function can be used to request that the configuration data is reloaded
1135 * (e.g., after configuration file change). This function is reloading
1136 * configuration only for one interface, so this may need to be called multiple
1137 * times if %wpa_supplicant is controlling multiple interfaces and all
1138 * interfaces need reconfiguration.
1139 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1140 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1141 {
1142 struct wpa_config *conf;
1143 int reconf_ctrl;
1144 int old_ap_scan;
1145
1146 if (wpa_s->confname == NULL)
1147 return -1;
1148 conf = wpa_config_read(wpa_s->confname, NULL);
1149 if (conf == NULL) {
1150 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1151 "file '%s' - exiting", wpa_s->confname);
1152 return -1;
1153 }
1154 if (wpa_s->confanother &&
1155 !wpa_config_read(wpa_s->confanother, conf)) {
1156 wpa_msg(wpa_s, MSG_ERROR,
1157 "Failed to parse the configuration file '%s' - exiting",
1158 wpa_s->confanother);
1159 return -1;
1160 }
1161
1162 conf->changed_parameters = (unsigned int) -1;
1163
1164 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1165 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1166 os_strcmp(conf->ctrl_interface,
1167 wpa_s->conf->ctrl_interface) != 0);
1168
1169 if (reconf_ctrl) {
1170 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1171 wpa_s->ctrl_iface = NULL;
1172 }
1173
1174 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1175 if (wpa_s->current_ssid) {
1176 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1177 wpa_s->own_disconnect_req = 1;
1178 wpa_supplicant_deauthenticate(wpa_s,
1179 WLAN_REASON_DEAUTH_LEAVING);
1180 }
1181
1182 /*
1183 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1184 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1185 */
1186 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1187 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1188 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1189 /*
1190 * Clear forced success to clear EAP state for next
1191 * authentication.
1192 */
1193 eapol_sm_notify_eap_success(wpa_s->eapol, false);
1194 }
1195 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1196 wpa_sm_set_config(wpa_s->wpa, NULL);
1197 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1198 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1199 rsn_preauth_deinit(wpa_s->wpa);
1200
1201 old_ap_scan = wpa_s->conf->ap_scan;
1202 wpa_config_free(wpa_s->conf);
1203 wpa_s->conf = conf;
1204 if (old_ap_scan != wpa_s->conf->ap_scan)
1205 wpas_notify_ap_scan_changed(wpa_s);
1206
1207 if (reconf_ctrl)
1208 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1209
1210 wpa_supplicant_update_config(wpa_s);
1211
1212 wpa_supplicant_clear_status(wpa_s);
1213 if (wpa_supplicant_enabled_networks(wpa_s)) {
1214 wpa_s->reassociate = 1;
1215 wpa_supplicant_req_scan(wpa_s, 0, 0);
1216 }
1217 wpa_bssid_ignore_clear(wpa_s);
1218 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1219 return 0;
1220 }
1221
1222
wpa_supplicant_reconfig(int sig,void * signal_ctx)1223 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1224 {
1225 struct wpa_global *global = signal_ctx;
1226 struct wpa_supplicant *wpa_s;
1227 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1228 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1229 sig);
1230 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1231 wpa_supplicant_terminate_proc(global);
1232 }
1233 }
1234
1235 if (wpa_debug_reopen_file() < 0) {
1236 /* Ignore errors since we cannot really do much to fix this */
1237 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1238 }
1239 }
1240
1241
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1242 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1243 struct wpa_ssid *ssid,
1244 struct wpa_ie_data *ie)
1245 {
1246 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1247 if (ret) {
1248 if (ret == -2) {
1249 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1250 "from association info");
1251 }
1252 return -1;
1253 }
1254
1255 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1256 "cipher suites");
1257 if (!(ie->group_cipher & ssid->group_cipher)) {
1258 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1259 "cipher 0x%x (mask 0x%x) - reject",
1260 ie->group_cipher, ssid->group_cipher);
1261 return -1;
1262 }
1263 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1264 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1265 "cipher 0x%x (mask 0x%x) - reject",
1266 ie->pairwise_cipher, ssid->pairwise_cipher);
1267 return -1;
1268 }
1269 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1270 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1271 "management 0x%x (mask 0x%x) - reject",
1272 ie->key_mgmt, ssid->key_mgmt);
1273 return -1;
1274 }
1275
1276 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1277 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1278 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1279 "that does not support management frame protection - "
1280 "reject");
1281 return -1;
1282 }
1283
1284 return 0;
1285 }
1286
1287
matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1288 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1289 int freq)
1290 {
1291 if (!ie->has_group)
1292 ie->group_cipher = wpa_default_rsn_cipher(freq);
1293 if (!ie->has_pairwise)
1294 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1295 return (ie->group_cipher & ssid->group_cipher) &&
1296 (ie->pairwise_cipher & ssid->pairwise_cipher);
1297 }
1298
1299
wpas_set_mgmt_group_cipher(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1300 void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
1301 struct wpa_ssid *ssid, struct wpa_ie_data *ie)
1302 {
1303 int sel;
1304
1305 sel = ie->mgmt_group_cipher;
1306 if (ssid->group_mgmt_cipher)
1307 sel &= ssid->group_mgmt_cipher;
1308 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1309 !(ie->capabilities & WPA_CAPABILITY_MFPC))
1310 sel = 0;
1311 wpa_dbg(wpa_s, MSG_DEBUG,
1312 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1313 ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1314 if (sel & WPA_CIPHER_AES_128_CMAC) {
1315 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1316 wpa_dbg(wpa_s, MSG_DEBUG,
1317 "WPA: using MGMT group cipher AES-128-CMAC");
1318 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1319 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1320 wpa_dbg(wpa_s, MSG_DEBUG,
1321 "WPA: using MGMT group cipher BIP-GMAC-128");
1322 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1323 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1324 wpa_dbg(wpa_s, MSG_DEBUG,
1325 "WPA: using MGMT group cipher BIP-GMAC-256");
1326 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1327 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1328 wpa_dbg(wpa_s, MSG_DEBUG,
1329 "WPA: using MGMT group cipher BIP-CMAC-256");
1330 } else {
1331 wpa_s->mgmt_group_cipher = 0;
1332 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1333 }
1334 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1335 wpa_s->mgmt_group_cipher);
1336 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1337 wpas_get_ssid_pmf(wpa_s, ssid));
1338 }
1339
1340
1341 /**
1342 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1343 * @wpa_s: Pointer to wpa_supplicant data
1344 * @bss: Scan results for the selected BSS, or %NULL if not available
1345 * @ssid: Configuration data for the selected network
1346 * @wpa_ie: Buffer for the WPA/RSN IE
1347 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1348 * used buffer length in case the functions returns success.
1349 * Returns: 0 on success or -1 on failure
1350 *
1351 * This function is used to configure authentication and encryption parameters
1352 * based on the network configuration and scan result for the selected BSS (if
1353 * available).
1354 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len)1355 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1356 struct wpa_bss *bss, struct wpa_ssid *ssid,
1357 u8 *wpa_ie, size_t *wpa_ie_len)
1358 {
1359 struct wpa_ie_data ie;
1360 int sel, proto, sae_pwe;
1361 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1362
1363 if (bss) {
1364 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1365 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1366 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1367 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1368 } else {
1369 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1370 }
1371
1372 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1373 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1374 matching_ciphers(ssid, &ie, bss->freq) &&
1375 (ie.key_mgmt & ssid->key_mgmt)) {
1376 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1377 proto = WPA_PROTO_RSN;
1378 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1379 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1380 (ie.group_cipher & ssid->group_cipher) &&
1381 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1382 (ie.key_mgmt & ssid->key_mgmt)) {
1383 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1384 proto = WPA_PROTO_WPA;
1385 #ifdef CONFIG_HS20
1386 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1387 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1388 (ie.group_cipher & ssid->group_cipher) &&
1389 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1390 (ie.key_mgmt & ssid->key_mgmt)) {
1391 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1392 proto = WPA_PROTO_OSEN;
1393 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1394 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1395 (ie.group_cipher & ssid->group_cipher) &&
1396 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1397 (ie.key_mgmt & ssid->key_mgmt)) {
1398 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1399 proto = WPA_PROTO_RSN;
1400 #endif /* CONFIG_HS20 */
1401 } else if (bss) {
1402 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1403 wpa_dbg(wpa_s, MSG_DEBUG,
1404 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1405 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1406 ssid->key_mgmt);
1407 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1408 MAC2STR(bss->bssid),
1409 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1410 bss_wpa ? " WPA" : "",
1411 bss_rsn ? " RSN" : "",
1412 bss_osen ? " OSEN" : "");
1413 if (bss_rsn) {
1414 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1415 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1416 wpa_dbg(wpa_s, MSG_DEBUG,
1417 "Could not parse RSN element");
1418 } else {
1419 wpa_dbg(wpa_s, MSG_DEBUG,
1420 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1421 ie.pairwise_cipher, ie.group_cipher,
1422 ie.key_mgmt);
1423 }
1424 }
1425 if (bss_wpa) {
1426 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1427 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1428 wpa_dbg(wpa_s, MSG_DEBUG,
1429 "Could not parse WPA element");
1430 } else {
1431 wpa_dbg(wpa_s, MSG_DEBUG,
1432 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1433 ie.pairwise_cipher, ie.group_cipher,
1434 ie.key_mgmt);
1435 }
1436 }
1437 return -1;
1438 } else {
1439 if (ssid->proto & WPA_PROTO_OSEN)
1440 proto = WPA_PROTO_OSEN;
1441 else if (ssid->proto & WPA_PROTO_RSN)
1442 proto = WPA_PROTO_RSN;
1443 else
1444 proto = WPA_PROTO_WPA;
1445 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1446 os_memset(&ie, 0, sizeof(ie));
1447 ie.group_cipher = ssid->group_cipher;
1448 ie.pairwise_cipher = ssid->pairwise_cipher;
1449 ie.key_mgmt = ssid->key_mgmt;
1450 ie.mgmt_group_cipher = 0;
1451 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1452 if (ssid->group_mgmt_cipher &
1453 WPA_CIPHER_BIP_GMAC_256)
1454 ie.mgmt_group_cipher =
1455 WPA_CIPHER_BIP_GMAC_256;
1456 else if (ssid->group_mgmt_cipher &
1457 WPA_CIPHER_BIP_CMAC_256)
1458 ie.mgmt_group_cipher =
1459 WPA_CIPHER_BIP_CMAC_256;
1460 else if (ssid->group_mgmt_cipher &
1461 WPA_CIPHER_BIP_GMAC_128)
1462 ie.mgmt_group_cipher =
1463 WPA_CIPHER_BIP_GMAC_128;
1464 else
1465 ie.mgmt_group_cipher =
1466 WPA_CIPHER_AES_128_CMAC;
1467 }
1468 #ifdef CONFIG_OWE
1469 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1470 !ssid->owe_only &&
1471 !bss_wpa && !bss_rsn && !bss_osen) {
1472 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1473 wpa_s->wpa_proto = 0;
1474 *wpa_ie_len = 0;
1475 return 0;
1476 }
1477 #endif /* CONFIG_OWE */
1478 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1479 "based on configuration");
1480 } else
1481 proto = ie.proto;
1482 }
1483
1484 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1485 "pairwise %d key_mgmt %d proto %d",
1486 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1487 if (ssid->ieee80211w) {
1488 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1489 ie.mgmt_group_cipher);
1490 }
1491
1492 wpa_s->wpa_proto = proto;
1493 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1494 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1495 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1496
1497 if (bss || !wpa_s->ap_ies_from_associnfo) {
1498 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1499 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1500 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1501 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1502 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1503 bss_rsnx ? 2 + bss_rsnx[1] : 0))
1504 return -1;
1505 }
1506
1507 #ifdef CONFIG_NO_WPA
1508 wpa_s->group_cipher = WPA_CIPHER_NONE;
1509 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1510 #else /* CONFIG_NO_WPA */
1511 sel = ie.group_cipher & ssid->group_cipher;
1512 wpa_dbg(wpa_s, MSG_DEBUG,
1513 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1514 ie.group_cipher, ssid->group_cipher, sel);
1515 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1516 if (wpa_s->group_cipher < 0) {
1517 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1518 "cipher");
1519 return -1;
1520 }
1521 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1522 wpa_cipher_txt(wpa_s->group_cipher));
1523
1524 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1525 wpa_dbg(wpa_s, MSG_DEBUG,
1526 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1527 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1528 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1529 if (wpa_s->pairwise_cipher < 0) {
1530 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1531 "cipher");
1532 return -1;
1533 }
1534 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1535 wpa_cipher_txt(wpa_s->pairwise_cipher));
1536 #endif /* CONFIG_NO_WPA */
1537
1538 sel = ie.key_mgmt & ssid->key_mgmt;
1539 #ifdef CONFIG_SAE
1540 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1541 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1542 #endif /* CONFIG_SAE */
1543 #ifdef CONFIG_IEEE80211R
1544 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1545 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1546 sel &= ~WPA_KEY_MGMT_FT;
1547 #endif /* CONFIG_IEEE80211R */
1548 wpa_dbg(wpa_s, MSG_DEBUG,
1549 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1550 ie.key_mgmt, ssid->key_mgmt, sel);
1551 if (0) {
1552 #ifdef CONFIG_IEEE80211R
1553 #ifdef CONFIG_SHA384
1554 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1555 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1556 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1557 wpa_dbg(wpa_s, MSG_DEBUG,
1558 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1559 if (!ssid->ft_eap_pmksa_caching &&
1560 pmksa_cache_get_current(wpa_s->wpa)) {
1561 /* PMKSA caching with FT may have interoperability
1562 * issues, so disable that case by default for now. */
1563 wpa_dbg(wpa_s, MSG_DEBUG,
1564 "WPA: Disable PMKSA caching for FT/802.1X connection");
1565 pmksa_cache_clear_current(wpa_s->wpa);
1566 }
1567 #endif /* CONFIG_SHA384 */
1568 #endif /* CONFIG_IEEE80211R */
1569 #ifdef CONFIG_SUITEB192
1570 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1571 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1572 wpa_dbg(wpa_s, MSG_DEBUG,
1573 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1574 #endif /* CONFIG_SUITEB192 */
1575 #ifdef CONFIG_SUITEB
1576 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1577 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1578 wpa_dbg(wpa_s, MSG_DEBUG,
1579 "WPA: using KEY_MGMT 802.1X with Suite B");
1580 #endif /* CONFIG_SUITEB */
1581 #ifdef CONFIG_FILS
1582 #ifdef CONFIG_IEEE80211R
1583 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1584 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1585 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1586 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1587 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1588 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1589 #endif /* CONFIG_IEEE80211R */
1590 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1591 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1592 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1593 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1594 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1595 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1596 #endif /* CONFIG_FILS */
1597 #ifdef CONFIG_IEEE80211R
1598 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1599 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1600 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1601 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1602 if (!ssid->ft_eap_pmksa_caching &&
1603 pmksa_cache_get_current(wpa_s->wpa)) {
1604 /* PMKSA caching with FT may have interoperability
1605 * issues, so disable that case by default for now. */
1606 wpa_dbg(wpa_s, MSG_DEBUG,
1607 "WPA: Disable PMKSA caching for FT/802.1X connection");
1608 pmksa_cache_clear_current(wpa_s->wpa);
1609 }
1610 #endif /* CONFIG_IEEE80211R */
1611 #ifdef CONFIG_DPP
1612 } else if (sel & WPA_KEY_MGMT_DPP) {
1613 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1614 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1615 #endif /* CONFIG_DPP */
1616 #ifdef CONFIG_SAE
1617 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1618 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1619 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1620 } else if (sel & WPA_KEY_MGMT_SAE) {
1621 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1622 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1623 #endif /* CONFIG_SAE */
1624 #ifdef CONFIG_IEEE80211R
1625 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1626 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1627 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1628 #endif /* CONFIG_IEEE80211R */
1629 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1630 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1631 wpa_dbg(wpa_s, MSG_DEBUG,
1632 "WPA: using KEY_MGMT 802.1X with SHA256");
1633 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1634 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1635 wpa_dbg(wpa_s, MSG_DEBUG,
1636 "WPA: using KEY_MGMT PSK with SHA256");
1637 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1638 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1639 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1640 } else if (sel & WPA_KEY_MGMT_PSK) {
1641 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1642 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1643 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1644 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1645 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1646 #ifdef CONFIG_HS20
1647 } else if (sel & WPA_KEY_MGMT_OSEN) {
1648 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1649 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1650 #endif /* CONFIG_HS20 */
1651 #ifdef CONFIG_OWE
1652 } else if (sel & WPA_KEY_MGMT_OWE) {
1653 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1654 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1655 #endif /* CONFIG_OWE */
1656 } else {
1657 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1658 "authenticated key management type");
1659 return -1;
1660 }
1661
1662 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1663 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1664 wpa_s->pairwise_cipher);
1665 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1666
1667 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1668 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1669 wpa_msg(wpa_s, MSG_INFO,
1670 "RSN: Management frame protection required but the selected AP does not enable it");
1671 return -1;
1672 }
1673
1674 wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie);
1675 #ifdef CONFIG_OCV
1676 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
1677 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
1678 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1679 #endif /* CONFIG_OCV */
1680 sae_pwe = wpa_s->conf->sae_pwe;
1681 if (ssid->sae_password_id && sae_pwe != 3)
1682 sae_pwe = 1;
1683 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
1684 #ifdef CONFIG_SAE_PK
1685 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
1686 wpa_key_mgmt_sae(ssid->key_mgmt) &&
1687 ssid->sae_pk != SAE_PK_MODE_DISABLED &&
1688 ((ssid->sae_password &&
1689 sae_pk_valid_password(ssid->sae_password)) ||
1690 (!ssid->sae_password && ssid->passphrase &&
1691 sae_pk_valid_password(ssid->passphrase))));
1692 #endif /* CONFIG_SAE_PK */
1693 #ifdef CONFIG_TESTING_OPTIONS
1694 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
1695 wpa_s->ft_rsnxe_used);
1696 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
1697 wpa_s->oci_freq_override_eapol);
1698 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
1699 wpa_s->oci_freq_override_eapol_g2);
1700 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
1701 wpa_s->oci_freq_override_ft_assoc);
1702 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
1703 wpa_s->oci_freq_override_fils_assoc);
1704 #endif /* CONFIG_TESTING_OPTIONS */
1705
1706 /* Extended Key ID is only supported in infrastructure BSS so far */
1707 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
1708 (ssid->proto & WPA_PROTO_RSN) &&
1709 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
1710 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
1711 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
1712 int use_ext_key_id = 0;
1713
1714 wpa_msg(wpa_s, MSG_DEBUG,
1715 "WPA: Enable Extended Key ID support");
1716 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
1717 wpa_s->conf->extended_key_id);
1718 if (bss_rsn &&
1719 wpa_s->conf->extended_key_id &&
1720 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
1721 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
1722 use_ext_key_id = 1;
1723 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
1724 use_ext_key_id);
1725 } else {
1726 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
1727 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
1728 }
1729
1730 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1731 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1732 return -1;
1733 }
1734
1735 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1736 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1737 &wpa_s->rsnxe_len)) {
1738 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1739 return -1;
1740 }
1741
1742 if (0) {
1743 #ifdef CONFIG_DPP
1744 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1745 /* Use PMK from DPP network introduction (PMKSA entry) */
1746 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1747 #ifdef CONFIG_DPP2
1748 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
1749 #endif /* CONFIG_DPP2 */
1750 #endif /* CONFIG_DPP */
1751 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1752 int psk_set = 0;
1753 int sae_only;
1754
1755 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1756 WPA_KEY_MGMT_FT_PSK |
1757 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1758
1759 if (ssid->psk_set && !sae_only) {
1760 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1761 ssid->psk, PMK_LEN);
1762 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1763 NULL);
1764 psk_set = 1;
1765 }
1766
1767 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1768 (ssid->sae_password || ssid->passphrase))
1769 psk_set = 1;
1770
1771 #ifndef CONFIG_NO_PBKDF2
1772 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1773 ssid->passphrase && !sae_only) {
1774 u8 psk[PMK_LEN];
1775 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1776 4096, psk, PMK_LEN);
1777 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1778 psk, PMK_LEN);
1779 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1780 psk_set = 1;
1781 os_memset(psk, 0, sizeof(psk));
1782 }
1783 #endif /* CONFIG_NO_PBKDF2 */
1784 #ifdef CONFIG_EXT_PASSWORD
1785 if (ssid->ext_psk && !sae_only) {
1786 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1787 ssid->ext_psk);
1788 char pw_str[64 + 1];
1789 u8 psk[PMK_LEN];
1790
1791 if (pw == NULL) {
1792 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1793 "found from external storage");
1794 return -1;
1795 }
1796
1797 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1798 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1799 "PSK length %d in external storage",
1800 (int) wpabuf_len(pw));
1801 ext_password_free(pw);
1802 return -1;
1803 }
1804
1805 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1806 pw_str[wpabuf_len(pw)] = '\0';
1807
1808 #ifndef CONFIG_NO_PBKDF2
1809 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1810 {
1811 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1812 4096, psk, PMK_LEN);
1813 os_memset(pw_str, 0, sizeof(pw_str));
1814 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1815 "external passphrase)",
1816 psk, PMK_LEN);
1817 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1818 NULL);
1819 psk_set = 1;
1820 os_memset(psk, 0, sizeof(psk));
1821 } else
1822 #endif /* CONFIG_NO_PBKDF2 */
1823 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1824 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1825 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1826 "Invalid PSK hex string");
1827 os_memset(pw_str, 0, sizeof(pw_str));
1828 ext_password_free(pw);
1829 return -1;
1830 }
1831 wpa_hexdump_key(MSG_MSGDUMP,
1832 "PSK (from external PSK)",
1833 psk, PMK_LEN);
1834 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1835 NULL);
1836 psk_set = 1;
1837 os_memset(psk, 0, sizeof(psk));
1838 } else {
1839 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1840 "PSK available");
1841 os_memset(pw_str, 0, sizeof(pw_str));
1842 ext_password_free(pw);
1843 return -1;
1844 }
1845
1846 os_memset(pw_str, 0, sizeof(pw_str));
1847 ext_password_free(pw);
1848 }
1849 #endif /* CONFIG_EXT_PASSWORD */
1850
1851 if (!psk_set) {
1852 wpa_msg(wpa_s, MSG_INFO,
1853 "No PSK available for association");
1854 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
1855 return -1;
1856 }
1857 #ifdef CONFIG_OWE
1858 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1859 /* OWE Diffie-Hellman exchange in (Re)Association
1860 * Request/Response frames set the PMK, so do not override it
1861 * here. */
1862 #endif /* CONFIG_OWE */
1863 } else
1864 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1865
1866 if (ssid->mode != WPAS_MODE_IBSS &&
1867 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
1868 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
1869 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
1870 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
1871 wpa_msg(wpa_s, MSG_INFO,
1872 "Disable PTK0 rekey support - replaced with reconnect");
1873 wpa_s->deny_ptk0_rekey = 1;
1874 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
1875 } else {
1876 wpa_s->deny_ptk0_rekey = 0;
1877 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
1878 }
1879
1880 return 0;
1881 }
1882
1883
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx)1884 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1885 {
1886 bool scs = true, mscs = true;
1887
1888 *pos = 0x00;
1889
1890 switch (idx) {
1891 case 0: /* Bits 0-7 */
1892 break;
1893 case 1: /* Bits 8-15 */
1894 if (wpa_s->conf->coloc_intf_reporting) {
1895 /* Bit 13 - Collocated Interference Reporting */
1896 *pos |= 0x20;
1897 }
1898 break;
1899 case 2: /* Bits 16-23 */
1900 #ifdef CONFIG_WNM
1901 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1902 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
1903 *pos |= 0x08; /* Bit 19 - BSS Transition */
1904 #endif /* CONFIG_WNM */
1905 break;
1906 case 3: /* Bits 24-31 */
1907 #ifdef CONFIG_WNM
1908 *pos |= 0x02; /* Bit 25 - SSID List */
1909 #endif /* CONFIG_WNM */
1910 #ifdef CONFIG_INTERWORKING
1911 if (wpa_s->conf->interworking)
1912 *pos |= 0x80; /* Bit 31 - Interworking */
1913 #endif /* CONFIG_INTERWORKING */
1914 break;
1915 case 4: /* Bits 32-39 */
1916 #ifdef CONFIG_INTERWORKING
1917 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
1918 *pos |= 0x01; /* Bit 32 - QoS Map */
1919 #endif /* CONFIG_INTERWORKING */
1920 break;
1921 case 5: /* Bits 40-47 */
1922 #ifdef CONFIG_HS20
1923 if (wpa_s->conf->hs20)
1924 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1925 #endif /* CONFIG_HS20 */
1926 #ifdef CONFIG_MBO
1927 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1928 #endif /* CONFIG_MBO */
1929 break;
1930 case 6: /* Bits 48-55 */
1931 #ifdef CONFIG_TESTING_OPTIONS
1932 if (wpa_s->disable_scs_support)
1933 scs = false;
1934 #endif /* CONFIG_TESTING_OPTIONS */
1935 if (scs)
1936 *pos |= 0x40; /* Bit 54 - SCS */
1937 break;
1938 case 7: /* Bits 56-63 */
1939 break;
1940 case 8: /* Bits 64-71 */
1941 if (wpa_s->conf->ftm_responder)
1942 *pos |= 0x40; /* Bit 70 - FTM responder */
1943 if (wpa_s->conf->ftm_initiator)
1944 *pos |= 0x80; /* Bit 71 - FTM initiator */
1945 break;
1946 case 9: /* Bits 72-79 */
1947 #ifdef CONFIG_FILS
1948 if (!wpa_s->disable_fils)
1949 *pos |= 0x01;
1950 #endif /* CONFIG_FILS */
1951 break;
1952 case 10: /* Bits 80-87 */
1953 #ifdef CONFIG_TESTING_OPTIONS
1954 if (wpa_s->disable_mscs_support)
1955 mscs = false;
1956 #endif /* CONFIG_TESTING_OPTIONS */
1957 if (mscs)
1958 *pos |= 0x20; /* Bit 85 - Mirrored SCS */
1959 break;
1960 }
1961 }
1962
1963
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen)1964 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1965 {
1966 u8 *pos = buf;
1967 u8 len = 11, i;
1968
1969 if (len < wpa_s->extended_capa_len)
1970 len = wpa_s->extended_capa_len;
1971 if (buflen < (size_t) len + 2) {
1972 wpa_printf(MSG_INFO,
1973 "Not enough room for building extended capabilities element");
1974 return -1;
1975 }
1976
1977 *pos++ = WLAN_EID_EXT_CAPAB;
1978 *pos++ = len;
1979 for (i = 0; i < len; i++, pos++) {
1980 wpas_ext_capab_byte(wpa_s, pos, i);
1981
1982 if (i < wpa_s->extended_capa_len) {
1983 *pos &= ~wpa_s->extended_capa_mask[i];
1984 *pos |= wpa_s->extended_capa[i];
1985 }
1986 }
1987
1988 while (len > 0 && buf[1 + len] == 0) {
1989 len--;
1990 buf[1] = len;
1991 }
1992 if (len == 0)
1993 return 0;
1994
1995 return 2 + len;
1996 }
1997
1998
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)1999 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
2000 struct wpa_bss *test_bss)
2001 {
2002 struct wpa_bss *bss;
2003
2004 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2005 if (bss == test_bss)
2006 return 1;
2007 }
2008
2009 return 0;
2010 }
2011
2012
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)2013 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
2014 struct wpa_ssid *test_ssid)
2015 {
2016 struct wpa_ssid *ssid;
2017
2018 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2019 if (ssid == test_ssid)
2020 return 1;
2021 }
2022
2023 return 0;
2024 }
2025
2026
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2027 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2028 struct wpa_ssid *test_ssid)
2029 {
2030 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2031 return 0;
2032
2033 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2034 }
2035
2036
wpas_connect_work_free(struct wpa_connect_work * cwork)2037 void wpas_connect_work_free(struct wpa_connect_work *cwork)
2038 {
2039 if (cwork == NULL)
2040 return;
2041 os_free(cwork);
2042 }
2043
2044
wpas_connect_work_done(struct wpa_supplicant * wpa_s)2045 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2046 {
2047 struct wpa_connect_work *cwork;
2048 struct wpa_radio_work *work = wpa_s->connect_work;
2049
2050 if (!work)
2051 return;
2052
2053 wpa_s->connect_work = NULL;
2054 cwork = work->ctx;
2055 work->ctx = NULL;
2056 wpas_connect_work_free(cwork);
2057 radio_work_done(work);
2058 }
2059
2060
wpas_update_random_addr(struct wpa_supplicant * wpa_s,int style)2061 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
2062 {
2063 struct os_reltime now;
2064 u8 addr[ETH_ALEN];
2065
2066 os_get_reltime(&now);
2067 if (wpa_s->last_mac_addr_style == style &&
2068 wpa_s->last_mac_addr_change.sec != 0 &&
2069 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
2070 wpa_s->conf->rand_addr_lifetime)) {
2071 wpa_msg(wpa_s, MSG_DEBUG,
2072 "Previously selected random MAC address has not yet expired");
2073 return 0;
2074 }
2075
2076 switch (style) {
2077 case 1:
2078 if (random_mac_addr(addr) < 0)
2079 return -1;
2080 break;
2081 case 2:
2082 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2083 if (random_mac_addr_keep_oui(addr) < 0)
2084 return -1;
2085 break;
2086 default:
2087 return -1;
2088 }
2089
2090 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2091 wpa_msg(wpa_s, MSG_INFO,
2092 "Failed to set random MAC address");
2093 return -1;
2094 }
2095
2096 os_get_reltime(&wpa_s->last_mac_addr_change);
2097 wpa_s->mac_addr_changed = 1;
2098 wpa_s->last_mac_addr_style = style;
2099
2100 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2101 wpa_msg(wpa_s, MSG_INFO,
2102 "Could not update MAC address information");
2103 return -1;
2104 }
2105
2106 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2107 MAC2STR(addr));
2108
2109 return 0;
2110 }
2111
2112
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2113 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2114 {
2115 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2116 !wpa_s->conf->preassoc_mac_addr)
2117 return 0;
2118
2119 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
2120 }
2121
2122
wpa_s_setup_sae_pt(struct wpa_config * conf,struct wpa_ssid * ssid)2123 static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
2124 {
2125 #ifdef CONFIG_SAE
2126 int *groups = conf->sae_groups;
2127 int default_groups[] = { 19, 20, 21, 0 };
2128 const char *password;
2129
2130 if (!groups || groups[0] <= 0)
2131 groups = default_groups;
2132
2133 password = ssid->sae_password;
2134 if (!password)
2135 password = ssid->passphrase;
2136
2137 if (!password ||
2138 (conf->sae_pwe == 0 && !ssid->sae_password_id &&
2139 !sae_pk_valid_password(password)) ||
2140 conf->sae_pwe == 3) {
2141 /* PT derivation not needed */
2142 sae_deinit_pt(ssid->pt);
2143 ssid->pt = NULL;
2144 return;
2145 }
2146
2147 if (ssid->pt)
2148 return; /* PT already derived */
2149 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2150 (const u8 *) password, os_strlen(password),
2151 ssid->sae_password_id);
2152 #endif /* CONFIG_SAE */
2153 }
2154
2155
wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2156 static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2157 {
2158 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2159 os_free(wpa_s->sme.sae_rejected_groups);
2160 wpa_s->sme.sae_rejected_groups = NULL;
2161 #ifdef CONFIG_TESTING_OPTIONS
2162 if (wpa_s->extra_sae_rejected_groups) {
2163 int i, *groups = wpa_s->extra_sae_rejected_groups;
2164
2165 for (i = 0; groups[i]; i++) {
2166 wpa_printf(MSG_DEBUG,
2167 "TESTING: Indicate rejection of an extra SAE group %d",
2168 groups[i]);
2169 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2170 groups[i]);
2171 }
2172 }
2173 #endif /* CONFIG_TESTING_OPTIONS */
2174 #endif /* CONFIG_SAE && CONFIG_SME */
2175 }
2176
2177
wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2178 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2179 {
2180 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2181 wpa_msg(wpa_s, MSG_INFO,
2182 "Could not restore permanent MAC address");
2183 return -1;
2184 }
2185 wpa_s->mac_addr_changed = 0;
2186 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2187 wpa_msg(wpa_s, MSG_INFO,
2188 "Could not update MAC address information");
2189 return -1;
2190 }
2191 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2192 return 0;
2193 }
2194
2195
2196 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2197
2198 /**
2199 * wpa_supplicant_associate - Request association
2200 * @wpa_s: Pointer to wpa_supplicant data
2201 * @bss: Scan results for the selected BSS, or %NULL if not available
2202 * @ssid: Configuration data for the selected network
2203 *
2204 * This function is used to request %wpa_supplicant to associate with a BSS.
2205 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2206 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2207 struct wpa_bss *bss, struct wpa_ssid *ssid)
2208 {
2209 struct wpa_connect_work *cwork;
2210 int rand_style;
2211
2212 wpa_s->own_disconnect_req = 0;
2213 wpa_s->own_reconnect_req = 0;
2214
2215 /*
2216 * If we are starting a new connection, any previously pending EAPOL
2217 * RX cannot be valid anymore.
2218 */
2219 wpabuf_free(wpa_s->pending_eapol_rx);
2220 wpa_s->pending_eapol_rx = NULL;
2221
2222 if (ssid->mac_addr == -1)
2223 rand_style = wpa_s->conf->mac_addr;
2224 else
2225 rand_style = ssid->mac_addr;
2226
2227 wpa_s->multi_ap_ie = 0;
2228 wmm_ac_clear_saved_tspecs(wpa_s);
2229 wpa_s->reassoc_same_bss = 0;
2230 wpa_s->reassoc_same_ess = 0;
2231 #ifdef CONFIG_TESTING_OPTIONS
2232 wpa_s->testing_resend_assoc = 0;
2233 #endif /* CONFIG_TESTING_OPTIONS */
2234
2235 if (wpa_s->last_ssid == ssid) {
2236 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2237 wpa_s->reassoc_same_ess = 1;
2238 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2239 wmm_ac_save_tspecs(wpa_s);
2240 wpa_s->reassoc_same_bss = 1;
2241 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2242 os_get_reltime(&wpa_s->roam_start);
2243 }
2244 } else {
2245 #ifdef CONFIG_SAE
2246 wpa_s_clear_sae_rejected(wpa_s);
2247 #endif /* CONFIG_SAE */
2248 }
2249 #ifdef CONFIG_SAE
2250 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2251 #endif /* CONFIG_SAE */
2252
2253 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
2254 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
2255 return;
2256 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2257 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
2258 if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2259 return;
2260 }
2261 wpa_s->last_ssid = ssid;
2262
2263 #ifdef CONFIG_IBSS_RSN
2264 ibss_rsn_deinit(wpa_s->ibss_rsn);
2265 wpa_s->ibss_rsn = NULL;
2266 #else /* CONFIG_IBSS_RSN */
2267 if (ssid->mode == WPAS_MODE_IBSS &&
2268 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2269 wpa_msg(wpa_s, MSG_INFO,
2270 "IBSS RSN not supported in the build");
2271 return;
2272 }
2273 #endif /* CONFIG_IBSS_RSN */
2274
2275 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2276 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2277 #ifdef CONFIG_AP
2278 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2279 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2280 "mode");
2281 return;
2282 }
2283 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2284 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2285 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2286 wpas_p2p_ap_setup_failed(wpa_s);
2287 return;
2288 }
2289 wpa_s->current_bss = bss;
2290 #else /* CONFIG_AP */
2291 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2292 "the build");
2293 #endif /* CONFIG_AP */
2294 return;
2295 }
2296
2297 if (ssid->mode == WPAS_MODE_MESH) {
2298 #ifdef CONFIG_MESH
2299 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2300 wpa_msg(wpa_s, MSG_INFO,
2301 "Driver does not support mesh mode");
2302 return;
2303 }
2304 if (bss)
2305 ssid->frequency = bss->freq;
2306 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2307 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2308 return;
2309 }
2310 wpa_s->current_bss = bss;
2311 #else /* CONFIG_MESH */
2312 wpa_msg(wpa_s, MSG_ERROR,
2313 "mesh mode support not included in the build");
2314 #endif /* CONFIG_MESH */
2315 return;
2316 }
2317
2318 /*
2319 * Set WPA state machine configuration to match the selected network now
2320 * so that the information is available before wpas_start_assoc_cb()
2321 * gets called. This is needed at least for RSN pre-authentication where
2322 * candidate APs are added to a list based on scan result processing
2323 * before completion of the first association.
2324 */
2325 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2326
2327 #ifdef CONFIG_DPP
2328 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2329 return;
2330 #endif /* CONFIG_DPP */
2331
2332 #ifdef CONFIG_TDLS
2333 if (bss)
2334 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2335 #endif /* CONFIG_TDLS */
2336
2337 #ifdef CONFIG_MBO
2338 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2339 #endif /* CONFIG_MBO */
2340
2341 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2342 ssid->mode == WPAS_MODE_INFRA) {
2343 sme_authenticate(wpa_s, bss, ssid);
2344 return;
2345 }
2346
2347 if (wpa_s->connect_work) {
2348 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2349 return;
2350 }
2351
2352 if (radio_work_pending(wpa_s, "connect")) {
2353 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2354 return;
2355 }
2356
2357 #ifdef CONFIG_SME
2358 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2359 /* Clear possibly set auth_alg, if any, from last attempt. */
2360 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2361 }
2362 #endif /* CONFIG_SME */
2363
2364 wpas_abort_ongoing_scan(wpa_s);
2365
2366 cwork = os_zalloc(sizeof(*cwork));
2367 if (cwork == NULL)
2368 return;
2369
2370 cwork->bss = bss;
2371 cwork->ssid = ssid;
2372
2373 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2374 wpas_start_assoc_cb, cwork) < 0) {
2375 os_free(cwork);
2376 }
2377 }
2378
2379
bss_is_ibss(struct wpa_bss * bss)2380 static int bss_is_ibss(struct wpa_bss *bss)
2381 {
2382 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2383 IEEE80211_CAP_IBSS;
2384 }
2385
2386
drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2387 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2388 const struct wpa_ssid *ssid)
2389 {
2390 enum hostapd_hw_mode hw_mode;
2391 struct hostapd_hw_modes *mode = NULL;
2392 u8 channel;
2393 int i;
2394
2395 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2396 if (hw_mode == NUM_HOSTAPD_MODES)
2397 return 0;
2398 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2399 if (wpa_s->hw.modes[i].mode == hw_mode) {
2400 mode = &wpa_s->hw.modes[i];
2401 break;
2402 }
2403 }
2404
2405 if (!mode)
2406 return 0;
2407
2408 return mode->vht_capab != 0;
2409 }
2410
2411
ibss_mesh_is_80mhz_avail(int channel,struct hostapd_hw_modes * mode)2412 static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
2413 {
2414 int i;
2415
2416 for (i = channel; i < channel + 16; i += 4) {
2417 struct hostapd_channel_data *chan;
2418
2419 chan = hw_get_channel_chan(mode, i, NULL);
2420 if (!chan ||
2421 chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2422 return false;
2423 }
2424
2425 return true;
2426 }
2427
2428
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)2429 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2430 const struct wpa_ssid *ssid,
2431 struct hostapd_freq_params *freq)
2432 {
2433 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
2434 enum hostapd_hw_mode hw_mode;
2435 struct hostapd_hw_modes *mode = NULL;
2436 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2437 184, 192 };
2438 int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5955,
2439 6035, 6115, 6195, 6275, 6355, 6435, 6515,
2440 6595, 6675, 6755, 6835, 6915, 6995 };
2441 int bw160[] = { 5955, 6115, 6275, 6435, 6595, 6755, 6915 };
2442 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2443 u8 channel;
2444 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2445 unsigned int j, k;
2446 struct hostapd_freq_params vht_freq;
2447 int chwidth, seg0, seg1;
2448 u32 vht_caps = 0;
2449 bool is_24ghz, is_6ghz;
2450
2451 freq->freq = ssid->frequency;
2452
2453 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2454 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2455
2456 if (ssid->mode != WPAS_MODE_IBSS)
2457 break;
2458
2459 /* Don't adjust control freq in case of fixed_freq */
2460 if (ssid->fixed_freq)
2461 break;
2462
2463 if (!bss_is_ibss(bss))
2464 continue;
2465
2466 if (ssid->ssid_len == bss->ssid_len &&
2467 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2468 wpa_printf(MSG_DEBUG,
2469 "IBSS already found in scan results, adjust control freq: %d",
2470 bss->freq);
2471 freq->freq = bss->freq;
2472 obss_scan = 0;
2473 break;
2474 }
2475 }
2476
2477 /* For IBSS check HT_IBSS flag */
2478 if (ssid->mode == WPAS_MODE_IBSS &&
2479 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2480 return;
2481
2482 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2483 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2484 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2485 wpa_printf(MSG_DEBUG,
2486 "IBSS: WEP/TKIP detected, do not try to enable HT");
2487 return;
2488 }
2489
2490 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2491 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2492 if (wpa_s->hw.modes[i].mode == hw_mode) {
2493 mode = &wpa_s->hw.modes[i];
2494 break;
2495 }
2496 }
2497
2498 if (!mode)
2499 return;
2500
2501 freq->channel = channel;
2502
2503 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2504 hw_mode == HOSTAPD_MODE_IEEE80211B;
2505
2506 /* HT/VHT and corresponding overrides are not applicable to 6 GHz.
2507 * However, HE is mandatory for 6 GHz.
2508 */
2509 is_6ghz = is_6ghz_freq(freq->freq);
2510 if (is_6ghz)
2511 goto skip_to_6ghz;
2512
2513 #ifdef CONFIG_HT_OVERRIDES
2514 if (ssid->disable_ht) {
2515 freq->ht_enabled = 0;
2516 return;
2517 }
2518 #endif /* CONFIG_HT_OVERRIDES */
2519
2520 freq->ht_enabled = ht_supported(mode);
2521 if (!freq->ht_enabled)
2522 return;
2523
2524 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2525 if (is_24ghz)
2526 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2527 #ifdef CONFIG_HE_OVERRIDES
2528 if (is_24ghz && ssid->disable_he)
2529 freq->he_enabled = 0;
2530 #endif /* CONFIG_HE_OVERRIDES */
2531
2532 /* Setup higher BW only for 5 GHz */
2533 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2534 return;
2535
2536 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2537 pri_chan = &mode->channels[chan_idx];
2538 if (pri_chan->chan == channel)
2539 break;
2540 pri_chan = NULL;
2541 }
2542 if (!pri_chan)
2543 return;
2544
2545 /* Check primary channel flags */
2546 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2547 return;
2548
2549 freq->channel = pri_chan->chan;
2550
2551 #ifdef CONFIG_HT_OVERRIDES
2552 if (ssid->disable_ht40) {
2553 #ifdef CONFIG_VHT_OVERRIDES
2554 if (ssid->disable_vht)
2555 return;
2556 #endif /* CONFIG_VHT_OVERRIDES */
2557 goto skip_ht40;
2558 }
2559 #endif /* CONFIG_HT_OVERRIDES */
2560
2561 /* Check/setup HT40+/HT40- */
2562 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2563 if (ht40plus[j] == channel) {
2564 ht40 = 1;
2565 break;
2566 }
2567 }
2568
2569 /* Find secondary channel */
2570 for (i = 0; i < mode->num_channels; i++) {
2571 sec_chan = &mode->channels[i];
2572 if (sec_chan->chan == channel + ht40 * 4)
2573 break;
2574 sec_chan = NULL;
2575 }
2576 if (!sec_chan)
2577 return;
2578
2579 /* Check secondary channel flags */
2580 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2581 return;
2582
2583 if (ht40 == -1) {
2584 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2585 return;
2586 } else {
2587 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2588 return;
2589 }
2590 freq->sec_channel_offset = ht40;
2591
2592 if (obss_scan) {
2593 struct wpa_scan_results *scan_res;
2594
2595 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2596 if (scan_res == NULL) {
2597 /* Back to HT20 */
2598 freq->sec_channel_offset = 0;
2599 return;
2600 }
2601
2602 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
2603 switch (res) {
2604 case 0:
2605 /* Back to HT20 */
2606 freq->sec_channel_offset = 0;
2607 break;
2608 case 1:
2609 /* Configuration allowed */
2610 break;
2611 case 2:
2612 /* Switch pri/sec channels */
2613 freq->freq = hw_get_freq(mode, sec_chan->chan);
2614 freq->sec_channel_offset = -freq->sec_channel_offset;
2615 freq->channel = sec_chan->chan;
2616 break;
2617 default:
2618 freq->sec_channel_offset = 0;
2619 break;
2620 }
2621
2622 wpa_scan_results_free(scan_res);
2623 }
2624
2625 #ifdef CONFIG_HT_OVERRIDES
2626 skip_ht40:
2627 #endif /* CONFIG_HT_OVERRIDES */
2628 wpa_printf(MSG_DEBUG,
2629 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2630 freq->channel, freq->sec_channel_offset);
2631
2632 if (!drv_supports_vht(wpa_s, ssid))
2633 return;
2634
2635 /* For IBSS check VHT_IBSS flag */
2636 if (ssid->mode == WPAS_MODE_IBSS &&
2637 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2638 return;
2639
2640 #ifdef CONFIG_VHT_OVERRIDES
2641 if (ssid->disable_vht) {
2642 freq->vht_enabled = 0;
2643 return;
2644 }
2645 #endif /* CONFIG_VHT_OVERRIDES */
2646
2647 skip_to_6ghz:
2648 vht_freq = *freq;
2649
2650 /* 6 GHz does not have VHT enabled, so allow that exception here. */
2651 vht_freq.vht_enabled = vht_supported(mode);
2652 if (!vht_freq.vht_enabled && !is_6ghz)
2653 return;
2654
2655 /* Enable HE with VHT for 5 GHz */
2656 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2657
2658 /* setup center_freq1, bandwidth */
2659 for (j = 0; j < ARRAY_SIZE(bw80); j++) {
2660 if (freq->freq >= bw80[j] &&
2661 freq->freq < bw80[j] + 80)
2662 break;
2663 }
2664
2665 if (j == ARRAY_SIZE(bw80) ||
2666 ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES)
2667 return;
2668
2669 /* Back to HT configuration if channel not usable */
2670 if (!ibss_mesh_is_80mhz_avail(channel, mode))
2671 return;
2672
2673 chwidth = CHANWIDTH_80MHZ;
2674 seg0 = channel + 6;
2675 seg1 = 0;
2676
2677 if ((mode->he_capab[ieee80211_mode].phy_cap[
2678 HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
2679 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz) {
2680 /* In 160 MHz, the initial four 20 MHz channels were validated
2681 * above; check the remaining four 20 MHz channels for the total
2682 * of 160 MHz bandwidth.
2683 */
2684 if (!ibss_mesh_is_80mhz_avail(channel + 16, mode))
2685 return;
2686
2687 for (j = 0; j < ARRAY_SIZE(bw160); j++) {
2688 if (freq->freq == bw160[j]) {
2689 chwidth = CHANWIDTH_160MHZ;
2690 seg0 = channel + 14;
2691 break;
2692 }
2693 }
2694 }
2695
2696 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
2697 /* setup center_freq2, bandwidth */
2698 for (k = 0; k < ARRAY_SIZE(bw80); k++) {
2699 /* Only accept 80 MHz segments separated by a gap */
2700 if (j == k || abs(bw80[j] - bw80[k]) == 80)
2701 continue;
2702
2703 if (ieee80211_freq_to_chan(bw80[k], &channel) ==
2704 NUM_HOSTAPD_MODES)
2705 return;
2706
2707 for (i = channel; i < channel + 16; i += 4) {
2708 struct hostapd_channel_data *chan;
2709
2710 chan = hw_get_channel_chan(mode, i, NULL);
2711 if (!chan)
2712 continue;
2713
2714 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2715 HOSTAPD_CHAN_NO_IR |
2716 HOSTAPD_CHAN_RADAR))
2717 continue;
2718
2719 /* Found a suitable second segment for 80+80 */
2720 chwidth = CHANWIDTH_80P80MHZ;
2721 if (!is_6ghz)
2722 vht_caps |=
2723 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2724 seg1 = channel + 6;
2725 }
2726
2727 if (chwidth == CHANWIDTH_80P80MHZ)
2728 break;
2729 }
2730 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
2731 if (freq->freq == 5180) {
2732 chwidth = CHANWIDTH_160MHZ;
2733 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2734 seg0 = 50;
2735 } else if (freq->freq == 5520) {
2736 chwidth = CHANWIDTH_160MHZ;
2737 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2738 seg0 = 114;
2739 }
2740 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2741 chwidth = CHANWIDTH_USE_HT;
2742 seg0 = channel + 2;
2743 #ifdef CONFIG_HT_OVERRIDES
2744 if (ssid->disable_ht40)
2745 seg0 = 0;
2746 #endif /* CONFIG_HT_OVERRIDES */
2747 }
2748
2749 #ifdef CONFIG_HE_OVERRIDES
2750 if (ssid->disable_he) {
2751 vht_freq.he_enabled = 0;
2752 freq->he_enabled = 0;
2753 }
2754 #endif /* CONFIG_HE_OVERRIDES */
2755 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2756 freq->channel, ssid->enable_edmg,
2757 ssid->edmg_channel, freq->ht_enabled,
2758 vht_freq.vht_enabled, freq->he_enabled,
2759 freq->sec_channel_offset,
2760 chwidth, seg0, seg1, vht_caps,
2761 &mode->he_capab[ieee80211_mode]) != 0)
2762 return;
2763
2764 *freq = vht_freq;
2765
2766 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2767 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2768 }
2769
2770
2771 #ifdef CONFIG_FILS
wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)2772 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2773 size_t ie_buf_len)
2774 {
2775 struct fils_hlp_req *req;
2776 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2777 const u8 *pos;
2778 u8 *buf = ie_buf;
2779
2780 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2781 list) {
2782 rem_len = ie_buf_len - ie_len;
2783 pos = wpabuf_head(req->pkt);
2784 hdr_len = 1 + 2 * ETH_ALEN + 6;
2785 hlp_len = wpabuf_len(req->pkt);
2786
2787 if (rem_len < 2 + hdr_len + hlp_len) {
2788 wpa_printf(MSG_ERROR,
2789 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2790 (unsigned long) rem_len,
2791 (unsigned long) (2 + hdr_len + hlp_len));
2792 break;
2793 }
2794
2795 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2796 /* Element ID */
2797 *buf++ = WLAN_EID_EXTENSION;
2798 /* Length */
2799 *buf++ = len;
2800 /* Element ID Extension */
2801 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2802 /* Destination MAC address */
2803 os_memcpy(buf, req->dst, ETH_ALEN);
2804 buf += ETH_ALEN;
2805 /* Source MAC address */
2806 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2807 buf += ETH_ALEN;
2808 /* LLC/SNAP Header */
2809 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2810 buf += 6;
2811 /* HLP Packet */
2812 os_memcpy(buf, pos, len - hdr_len);
2813 buf += len - hdr_len;
2814 pos += len - hdr_len;
2815
2816 hlp_len -= len - hdr_len;
2817 ie_len += 2 + len;
2818 rem_len -= 2 + len;
2819
2820 while (hlp_len) {
2821 len = (hlp_len > 255) ? 255 : hlp_len;
2822 if (rem_len < 2 + len)
2823 break;
2824 *buf++ = WLAN_EID_FRAGMENT;
2825 *buf++ = len;
2826 os_memcpy(buf, pos, len);
2827 buf += len;
2828 pos += len;
2829
2830 hlp_len -= len;
2831 ie_len += 2 + len;
2832 rem_len -= 2 + len;
2833 }
2834 }
2835
2836 return ie_len;
2837 }
2838
2839
wpa_is_fils_supported(struct wpa_supplicant * wpa_s)2840 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2841 {
2842 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2843 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2844 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2845 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2846 }
2847
2848
wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)2849 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2850 {
2851 #ifdef CONFIG_FILS_SK_PFS
2852 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2853 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2854 #else /* CONFIG_FILS_SK_PFS */
2855 return 0;
2856 #endif /* CONFIG_FILS_SK_PFS */
2857 }
2858
2859 #endif /* CONFIG_FILS */
2860
2861
wpas_populate_wfa_capa(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,u8 * wpa_ie,size_t wpa_ie_len,size_t max_wpa_ie_len)2862 static int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s,
2863 struct wpa_bss *bss,
2864 u8 *wpa_ie, size_t wpa_ie_len,
2865 size_t max_wpa_ie_len)
2866 {
2867 struct wpabuf *wfa_ie = NULL;
2868 u8 wfa_capa[1];
2869 size_t wfa_ie_len, buf_len;
2870
2871 os_memset(wfa_capa, 0, sizeof(wfa_capa));
2872 if (wpa_s->enable_dscp_policy_capa)
2873 wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY;
2874
2875 if (!wfa_capa[0])
2876 return wpa_ie_len;
2877
2878 /* Wi-Fi Alliance element */
2879 buf_len = 1 + /* Element ID */
2880 1 + /* Length */
2881 3 + /* OUI */
2882 1 + /* OUI Type */
2883 1 + /* Capabilities Length */
2884 sizeof(wfa_capa); /* Capabilities */
2885 wfa_ie = wpabuf_alloc(buf_len);
2886 if (!wfa_ie)
2887 return wpa_ie_len;
2888
2889 wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC);
2890 wpabuf_put_u8(wfa_ie, buf_len - 2);
2891 wpabuf_put_be24(wfa_ie, OUI_WFA);
2892 wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE);
2893 wpabuf_put_u8(wfa_ie, sizeof(wfa_capa));
2894 wpabuf_put_data(wfa_ie, wfa_capa, sizeof(wfa_capa));
2895
2896 wfa_ie_len = wpabuf_len(wfa_ie);
2897 if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) {
2898 wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element",
2899 wfa_ie);
2900 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie),
2901 wfa_ie_len);
2902 wpa_ie_len += wfa_ie_len;
2903 }
2904
2905 wpabuf_free(wfa_ie);
2906 return wpa_ie_len;
2907 }
2908
2909
wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)2910 static u8 * wpas_populate_assoc_ies(
2911 struct wpa_supplicant *wpa_s,
2912 struct wpa_bss *bss, struct wpa_ssid *ssid,
2913 struct wpa_driver_associate_params *params,
2914 enum wpa_drv_update_connect_params_mask *mask)
2915 {
2916 u8 *wpa_ie;
2917 size_t max_wpa_ie_len = 500;
2918 size_t wpa_ie_len;
2919 int algs = WPA_AUTH_ALG_OPEN;
2920 #ifdef CONFIG_MBO
2921 const u8 *mbo_ie;
2922 #endif
2923 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
2924 int pmksa_cached = 0;
2925 #endif /* CONFIG_SAE || CONFIG_FILS */
2926 #ifdef CONFIG_FILS
2927 const u8 *realm, *username, *rrk;
2928 size_t realm_len, username_len, rrk_len;
2929 u16 next_seq_num;
2930 struct fils_hlp_req *req;
2931
2932 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2933 list) {
2934 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2935 2 + 2 * wpabuf_len(req->pkt) / 255;
2936 }
2937 #endif /* CONFIG_FILS */
2938
2939 wpa_ie = os_malloc(max_wpa_ie_len);
2940 if (!wpa_ie) {
2941 wpa_printf(MSG_ERROR,
2942 "Failed to allocate connect IE buffer for %lu bytes",
2943 (unsigned long) max_wpa_ie_len);
2944 return NULL;
2945 }
2946
2947 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2948 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2949 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2950 int try_opportunistic;
2951 const u8 *cache_id = NULL;
2952
2953 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2954 wpa_s->conf->okc :
2955 ssid->proactive_key_caching) &&
2956 (ssid->proto & WPA_PROTO_RSN);
2957 #ifdef CONFIG_FILS
2958 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2959 cache_id = wpa_bss_get_fils_cache_id(bss);
2960 #endif /* CONFIG_FILS */
2961 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2962 ssid, try_opportunistic,
2963 cache_id, 0) == 0) {
2964 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2965 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
2966 pmksa_cached = 1;
2967 #endif /* CONFIG_SAE || CONFIG_FILS */
2968 }
2969 wpa_ie_len = max_wpa_ie_len;
2970 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2971 wpa_ie, &wpa_ie_len)) {
2972 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2973 "key management and encryption suites");
2974 os_free(wpa_ie);
2975 return NULL;
2976 }
2977 #ifdef CONFIG_HS20
2978 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2979 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2980 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2981 wpa_ie_len = max_wpa_ie_len;
2982 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2983 wpa_ie, &wpa_ie_len)) {
2984 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2985 "key management and encryption suites");
2986 os_free(wpa_ie);
2987 return NULL;
2988 }
2989 #endif /* CONFIG_HS20 */
2990 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2991 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2992 /*
2993 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2994 * use non-WPA since the scan results did not indicate that the
2995 * AP is using WPA or WPA2.
2996 */
2997 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2998 wpa_ie_len = 0;
2999 wpa_s->wpa_proto = 0;
3000 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
3001 wpa_ie_len = max_wpa_ie_len;
3002 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
3003 wpa_ie, &wpa_ie_len)) {
3004 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3005 "key management and encryption suites (no "
3006 "scan results)");
3007 os_free(wpa_ie);
3008 return NULL;
3009 }
3010 #ifdef CONFIG_WPS
3011 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
3012 struct wpabuf *wps_ie;
3013 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
3014 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
3015 wpa_ie_len = wpabuf_len(wps_ie);
3016 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
3017 } else
3018 wpa_ie_len = 0;
3019 wpabuf_free(wps_ie);
3020 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3021 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
3022 params->wps = WPS_MODE_PRIVACY;
3023 else
3024 params->wps = WPS_MODE_OPEN;
3025 wpa_s->wpa_proto = 0;
3026 #endif /* CONFIG_WPS */
3027 } else {
3028 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3029 wpa_ie_len = 0;
3030 wpa_s->wpa_proto = 0;
3031 }
3032
3033 #ifdef IEEE8021X_EAPOL
3034 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3035 if (ssid->leap) {
3036 if (ssid->non_leap == 0)
3037 algs = WPA_AUTH_ALG_LEAP;
3038 else
3039 algs |= WPA_AUTH_ALG_LEAP;
3040 }
3041 }
3042
3043 #ifdef CONFIG_FILS
3044 /* Clear FILS association */
3045 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
3046
3047 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3048 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3049 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
3050 &username_len, &realm, &realm_len,
3051 &next_seq_num, &rrk, &rrk_len) == 0 &&
3052 (!wpa_s->last_con_fail_realm ||
3053 wpa_s->last_con_fail_realm_len != realm_len ||
3054 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
3055 algs = WPA_AUTH_ALG_FILS;
3056 params->fils_erp_username = username;
3057 params->fils_erp_username_len = username_len;
3058 params->fils_erp_realm = realm;
3059 params->fils_erp_realm_len = realm_len;
3060 params->fils_erp_next_seq_num = next_seq_num;
3061 params->fils_erp_rrk = rrk;
3062 params->fils_erp_rrk_len = rrk_len;
3063
3064 if (mask)
3065 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
3066 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3067 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3068 pmksa_cached) {
3069 algs = WPA_AUTH_ALG_FILS;
3070 }
3071 #endif /* CONFIG_FILS */
3072 #endif /* IEEE8021X_EAPOL */
3073 #ifdef CONFIG_SAE
3074 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
3075 algs = WPA_AUTH_ALG_SAE;
3076 #endif /* CONFIG_SAE */
3077
3078 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
3079 if (ssid->auth_alg) {
3080 algs = ssid->auth_alg;
3081 wpa_dbg(wpa_s, MSG_DEBUG,
3082 "Overriding auth_alg selection: 0x%x", algs);
3083 }
3084
3085 #ifdef CONFIG_SAE
3086 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
3087 wpa_dbg(wpa_s, MSG_DEBUG,
3088 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
3089 algs = WPA_AUTH_ALG_OPEN;
3090 }
3091 #endif /* CONFIG_SAE */
3092
3093 #ifdef CONFIG_P2P
3094 if (wpa_s->global->p2p) {
3095 u8 *pos;
3096 size_t len;
3097 int res;
3098 pos = wpa_ie + wpa_ie_len;
3099 len = max_wpa_ie_len - wpa_ie_len;
3100 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
3101 ssid->p2p_group);
3102 if (res >= 0)
3103 wpa_ie_len += res;
3104 }
3105
3106 wpa_s->cross_connect_disallowed = 0;
3107 if (bss) {
3108 struct wpabuf *p2p;
3109 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
3110 if (p2p) {
3111 wpa_s->cross_connect_disallowed =
3112 p2p_get_cross_connect_disallowed(p2p);
3113 wpabuf_free(p2p);
3114 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3115 "connection",
3116 wpa_s->cross_connect_disallowed ?
3117 "disallows" : "allows");
3118 }
3119 }
3120
3121 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3122 #endif /* CONFIG_P2P */
3123
3124 if (bss) {
3125 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3126 wpa_ie + wpa_ie_len,
3127 max_wpa_ie_len -
3128 wpa_ie_len);
3129 }
3130
3131 /*
3132 * Workaround: Add Extended Capabilities element only if the AP
3133 * included this element in Beacon/Probe Response frames. Some older
3134 * APs seem to have interoperability issues if this element is
3135 * included, so while the standard may require us to include the
3136 * element in all cases, it is justifiable to skip it to avoid
3137 * interoperability issues.
3138 */
3139 if (ssid->p2p_group)
3140 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3141 else
3142 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3143
3144 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3145 u8 ext_capab[18];
3146 int ext_capab_len;
3147 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3148 sizeof(ext_capab));
3149 if (ext_capab_len > 0 &&
3150 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3151 u8 *pos = wpa_ie;
3152 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3153 pos += 2 + pos[1];
3154 os_memmove(pos + ext_capab_len, pos,
3155 wpa_ie_len - (pos - wpa_ie));
3156 wpa_ie_len += ext_capab_len;
3157 os_memcpy(pos, ext_capab, ext_capab_len);
3158 }
3159 }
3160
3161 #ifdef CONFIG_HS20
3162 if (is_hs20_network(wpa_s, ssid, bss)) {
3163 struct wpabuf *hs20;
3164
3165 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3166 if (hs20) {
3167 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3168 size_t len;
3169
3170 wpas_hs20_add_indication(hs20, pps_mo_id,
3171 get_hs20_version(bss));
3172 wpas_hs20_add_roam_cons_sel(hs20, ssid);
3173 len = max_wpa_ie_len - wpa_ie_len;
3174 if (wpabuf_len(hs20) <= len) {
3175 os_memcpy(wpa_ie + wpa_ie_len,
3176 wpabuf_head(hs20), wpabuf_len(hs20));
3177 wpa_ie_len += wpabuf_len(hs20);
3178 }
3179 wpabuf_free(hs20);
3180
3181 hs20_configure_frame_filters(wpa_s);
3182 }
3183 }
3184 #endif /* CONFIG_HS20 */
3185
3186 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3187 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3188 size_t len;
3189
3190 len = max_wpa_ie_len - wpa_ie_len;
3191 if (wpabuf_len(buf) <= len) {
3192 os_memcpy(wpa_ie + wpa_ie_len,
3193 wpabuf_head(buf), wpabuf_len(buf));
3194 wpa_ie_len += wpabuf_len(buf);
3195 }
3196 }
3197
3198 #ifdef CONFIG_FST
3199 if (wpa_s->fst_ies) {
3200 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3201
3202 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3203 os_memcpy(wpa_ie + wpa_ie_len,
3204 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3205 wpa_ie_len += fst_ies_len;
3206 }
3207 }
3208 #endif /* CONFIG_FST */
3209
3210 #ifdef CONFIG_MBO
3211 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3212 if (!wpa_s->disable_mbo_oce && mbo_ie) {
3213 int len;
3214
3215 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3216 max_wpa_ie_len - wpa_ie_len,
3217 !!mbo_attr_from_mbo_ie(mbo_ie,
3218 OCE_ATTR_ID_CAPA_IND));
3219 if (len >= 0)
3220 wpa_ie_len += len;
3221 }
3222 #endif /* CONFIG_MBO */
3223
3224 #ifdef CONFIG_FILS
3225 if (algs == WPA_AUTH_ALG_FILS) {
3226 size_t len;
3227
3228 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3229 max_wpa_ie_len - wpa_ie_len);
3230 wpa_ie_len += len;
3231 }
3232 #endif /* CONFIG_FILS */
3233
3234 #ifdef CONFIG_OWE
3235 #ifdef CONFIG_TESTING_OPTIONS
3236 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3237 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3238 } else
3239 #endif /* CONFIG_TESTING_OPTIONS */
3240 if (algs == WPA_AUTH_ALG_OPEN &&
3241 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
3242 struct wpabuf *owe_ie;
3243 u16 group;
3244
3245 if (ssid->owe_group) {
3246 group = ssid->owe_group;
3247 } else if (wpa_s->assoc_status_code ==
3248 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3249 if (wpa_s->last_owe_group == 19)
3250 group = 20;
3251 else if (wpa_s->last_owe_group == 20)
3252 group = 21;
3253 else
3254 group = OWE_DH_GROUP;
3255 } else {
3256 group = OWE_DH_GROUP;
3257 }
3258
3259 wpa_s->last_owe_group = group;
3260 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3261 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3262 if (owe_ie &&
3263 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3264 os_memcpy(wpa_ie + wpa_ie_len,
3265 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3266 wpa_ie_len += wpabuf_len(owe_ie);
3267 }
3268 wpabuf_free(owe_ie);
3269 }
3270 #endif /* CONFIG_OWE */
3271
3272 #ifdef CONFIG_DPP2
3273 if (DPP_VERSION > 1 &&
3274 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3275 ssid->dpp_netaccesskey &&
3276 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
3277 struct rsn_pmksa_cache_entry *pmksa;
3278
3279 pmksa = pmksa_cache_get_current(wpa_s->wpa);
3280 if (!pmksa || !pmksa->dpp_pfs)
3281 goto pfs_fail;
3282
3283 dpp_pfs_free(wpa_s->dpp_pfs);
3284 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3285 ssid->dpp_netaccesskey_len);
3286 if (!wpa_s->dpp_pfs) {
3287 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3288 /* Try to continue without PFS */
3289 goto pfs_fail;
3290 }
3291 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3292 max_wpa_ie_len - wpa_ie_len) {
3293 os_memcpy(wpa_ie + wpa_ie_len,
3294 wpabuf_head(wpa_s->dpp_pfs->ie),
3295 wpabuf_len(wpa_s->dpp_pfs->ie));
3296 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3297 }
3298 }
3299 pfs_fail:
3300 #endif /* CONFIG_DPP2 */
3301
3302 #ifdef CONFIG_IEEE80211R
3303 /*
3304 * Add MDIE under these conditions: the network profile allows FT,
3305 * the AP supports FT, and the mobility domain ID matches.
3306 */
3307 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3308 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3309
3310 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3311 size_t len = 0;
3312 const u8 *md = mdie + 2;
3313 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3314
3315 if (os_memcmp(md, wpa_md,
3316 MOBILITY_DOMAIN_ID_LEN) == 0) {
3317 /* Add mobility domain IE */
3318 len = wpa_ft_add_mdie(
3319 wpa_s->wpa, wpa_ie + wpa_ie_len,
3320 max_wpa_ie_len - wpa_ie_len, mdie);
3321 wpa_ie_len += len;
3322 }
3323 #ifdef CONFIG_SME
3324 if (len > 0 && wpa_s->sme.ft_used &&
3325 wpa_sm_has_ptk(wpa_s->wpa)) {
3326 wpa_dbg(wpa_s, MSG_DEBUG,
3327 "SME: Trying to use FT over-the-air");
3328 algs |= WPA_AUTH_ALG_FT;
3329 }
3330 #endif /* CONFIG_SME */
3331 }
3332 }
3333 #endif /* CONFIG_IEEE80211R */
3334
3335 #ifdef CONFIG_TESTING_OPTIONS
3336 if (wpa_s->rsnxe_override_assoc &&
3337 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3338 max_wpa_ie_len - wpa_ie_len) {
3339 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3340 os_memcpy(wpa_ie + wpa_ie_len,
3341 wpabuf_head(wpa_s->rsnxe_override_assoc),
3342 wpabuf_len(wpa_s->rsnxe_override_assoc));
3343 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3344 } else
3345 #endif /* CONFIG_TESTING_OPTIONS */
3346 if (wpa_s->rsnxe_len > 0 &&
3347 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3348 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3349 wpa_ie_len += wpa_s->rsnxe_len;
3350 }
3351
3352 #ifdef CONFIG_TESTING_OPTIONS
3353 if (wpa_s->disable_mscs_support)
3354 goto mscs_end;
3355 #endif /* CONFIG_TESTING_OPTIONS */
3356 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
3357 wpa_s->robust_av.valid_config) {
3358 struct wpabuf *mscs_ie;
3359 size_t mscs_ie_len, buf_len;
3360
3361 buf_len = 3 + /* MSCS descriptor IE header */
3362 1 + /* Request type */
3363 2 + /* User priority control */
3364 4 + /* Stream timeout */
3365 3 + /* TCLAS Mask IE header */
3366 wpa_s->robust_av.frame_classifier_len;
3367 mscs_ie = wpabuf_alloc(buf_len);
3368 if (!mscs_ie) {
3369 wpa_printf(MSG_INFO,
3370 "MSCS: Failed to allocate MSCS IE");
3371 goto mscs_end;
3372 }
3373
3374 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
3375 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
3376 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
3377 mscs_ie_len = wpabuf_len(mscs_ie);
3378 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
3379 mscs_ie_len);
3380 wpa_ie_len += mscs_ie_len;
3381 }
3382
3383 wpabuf_free(mscs_ie);
3384 }
3385 mscs_end:
3386
3387 wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len,
3388 max_wpa_ie_len);
3389
3390 if (ssid->multi_ap_backhaul_sta) {
3391 size_t multi_ap_ie_len;
3392
3393 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3394 max_wpa_ie_len - wpa_ie_len,
3395 MULTI_AP_BACKHAUL_STA);
3396 if (multi_ap_ie_len == 0) {
3397 wpa_printf(MSG_ERROR,
3398 "Multi-AP: Failed to build Multi-AP IE");
3399 os_free(wpa_ie);
3400 return NULL;
3401 }
3402 wpa_ie_len += multi_ap_ie_len;
3403 }
3404
3405 params->wpa_ie = wpa_ie;
3406 params->wpa_ie_len = wpa_ie_len;
3407 params->auth_alg = algs;
3408 if (mask)
3409 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3410
3411 return wpa_ie;
3412 }
3413
3414
3415 #ifdef CONFIG_OWE
wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)3416 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3417 {
3418 struct wpa_driver_associate_params params;
3419 u8 *wpa_ie;
3420
3421 os_memset(¶ms, 0, sizeof(params));
3422 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3423 wpa_s->current_ssid, ¶ms, NULL);
3424 if (!wpa_ie)
3425 return;
3426
3427 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3428 os_free(wpa_ie);
3429 }
3430 #endif /* CONFIG_OWE */
3431
3432
3433 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)3434 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3435 {
3436 struct wpa_driver_associate_params params;
3437 enum wpa_drv_update_connect_params_mask mask = 0;
3438 u8 *wpa_ie;
3439
3440 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3441 return; /* nothing to do */
3442
3443 os_memset(¶ms, 0, sizeof(params));
3444 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3445 wpa_s->current_ssid, ¶ms, &mask);
3446 if (!wpa_ie)
3447 return;
3448
3449 if (params.auth_alg == WPA_AUTH_ALG_FILS) {
3450 wpa_s->auth_alg = params.auth_alg;
3451 wpa_drv_update_connect_params(wpa_s, ¶ms, mask);
3452 }
3453
3454 os_free(wpa_ie);
3455 }
3456 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3457
3458
wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)3459 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3460 {
3461 if (!edmg_ie || edmg_ie[1] < 6)
3462 return 0;
3463 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3464 }
3465
3466
wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)3467 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3468 {
3469 if (!edmg_ie || edmg_ie[1] < 6)
3470 return 0;
3471 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3472 }
3473
3474
3475 /* Returns the intersection of two EDMG configurations.
3476 * Note: The current implementation is limited to CB2 only (CB1 included),
3477 * i.e., the implementation supports up to 2 contiguous channels.
3478 * For supporting non-contiguous (aggregated) channels and for supporting
3479 * CB3 and above, this function will need to be extended.
3480 */
3481 static struct ieee80211_edmg_config
get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)3482 get_edmg_intersection(struct ieee80211_edmg_config a,
3483 struct ieee80211_edmg_config b,
3484 u8 primary_channel)
3485 {
3486 struct ieee80211_edmg_config result;
3487 int i, contiguous = 0;
3488 int max_contiguous = 0;
3489
3490 result.channels = b.channels & a.channels;
3491 if (!result.channels) {
3492 wpa_printf(MSG_DEBUG,
3493 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3494 a.channels, b.channels);
3495 goto fail;
3496 }
3497
3498 if (!(result.channels & BIT(primary_channel - 1))) {
3499 wpa_printf(MSG_DEBUG,
3500 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3501 primary_channel, result.channels);
3502 goto fail;
3503 }
3504
3505 /* Find max contiguous channels */
3506 for (i = 0; i < 6; i++) {
3507 if (result.channels & BIT(i))
3508 contiguous++;
3509 else
3510 contiguous = 0;
3511
3512 if (contiguous > max_contiguous)
3513 max_contiguous = contiguous;
3514 }
3515
3516 /* Assuming AP and STA supports ONLY contiguous channels,
3517 * bw configuration can have value between 4-7.
3518 */
3519 if ((b.bw_config < a.bw_config))
3520 result.bw_config = b.bw_config;
3521 else
3522 result.bw_config = a.bw_config;
3523
3524 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3525 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3526 wpa_printf(MSG_DEBUG,
3527 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3528 max_contiguous);
3529 goto fail;
3530 }
3531
3532 return result;
3533
3534 fail:
3535 result.channels = 0;
3536 result.bw_config = 0;
3537 return result;
3538 }
3539
3540
3541 static struct ieee80211_edmg_config
get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)3542 get_supported_edmg(struct wpa_supplicant *wpa_s,
3543 struct hostapd_freq_params *freq,
3544 struct ieee80211_edmg_config request_edmg)
3545 {
3546 enum hostapd_hw_mode hw_mode;
3547 struct hostapd_hw_modes *mode = NULL;
3548 u8 primary_channel;
3549
3550 if (!wpa_s->hw.modes)
3551 goto fail;
3552
3553 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3554 if (hw_mode == NUM_HOSTAPD_MODES)
3555 goto fail;
3556
3557 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
3558 if (!mode)
3559 goto fail;
3560
3561 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3562
3563 fail:
3564 request_edmg.channels = 0;
3565 request_edmg.bw_config = 0;
3566 return request_edmg;
3567 }
3568
3569
3570 #ifdef CONFIG_MBO
wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)3571 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3572 {
3573 struct wpa_driver_associate_params params;
3574 u8 *wpa_ie;
3575
3576 /*
3577 * Update MBO connect params only in case of change of MBO attributes
3578 * when connected, if the AP support MBO.
3579 */
3580
3581 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3582 !wpa_s->current_bss ||
3583 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3584 return;
3585
3586 os_memset(¶ms, 0, sizeof(params));
3587 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3588 wpa_s->current_ssid, ¶ms, NULL);
3589 if (!wpa_ie)
3590 return;
3591
3592 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3593 os_free(wpa_ie);
3594 }
3595 #endif /* CONFIG_MBO */
3596
3597
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)3598 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3599 {
3600 struct wpa_connect_work *cwork = work->ctx;
3601 struct wpa_bss *bss = cwork->bss;
3602 struct wpa_ssid *ssid = cwork->ssid;
3603 struct wpa_supplicant *wpa_s = work->wpa_s;
3604 u8 *wpa_ie;
3605 const u8 *edmg_ie_oper;
3606 int use_crypt, ret, bssid_changed;
3607 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3608 struct wpa_driver_associate_params params;
3609 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
3610 int wep_keys_set = 0;
3611 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */
3612 int assoc_failed = 0;
3613 struct wpa_ssid *old_ssid;
3614 u8 prev_bssid[ETH_ALEN];
3615 #ifdef CONFIG_HT_OVERRIDES
3616 struct ieee80211_ht_capabilities htcaps;
3617 struct ieee80211_ht_capabilities htcaps_mask;
3618 #endif /* CONFIG_HT_OVERRIDES */
3619 #ifdef CONFIG_VHT_OVERRIDES
3620 struct ieee80211_vht_capabilities vhtcaps;
3621 struct ieee80211_vht_capabilities vhtcaps_mask;
3622 #endif /* CONFIG_VHT_OVERRIDES */
3623
3624 if (deinit) {
3625 if (work->started) {
3626 wpa_s->connect_work = NULL;
3627
3628 /* cancel possible auth. timeout */
3629 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3630 NULL);
3631 }
3632 wpas_connect_work_free(cwork);
3633 return;
3634 }
3635
3636 wpa_s->connect_work = work;
3637
3638 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3639 wpas_network_disabled(wpa_s, ssid)) {
3640 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3641 wpas_connect_work_done(wpa_s);
3642 return;
3643 }
3644
3645 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3646 os_memset(¶ms, 0, sizeof(params));
3647 wpa_s->reassociate = 0;
3648 wpa_s->eap_expected_failure = 0;
3649
3650 /* Starting new association, so clear the possibly used WPA IE from the
3651 * previous association. */
3652 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
3653 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3654 wpa_s->rsnxe_len = 0;
3655 wpa_s->mscs_setup_done = false;
3656
3657 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL);
3658 if (!wpa_ie) {
3659 wpas_connect_work_done(wpa_s);
3660 return;
3661 }
3662
3663 if (bss &&
3664 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3665 #ifdef CONFIG_IEEE80211R
3666 const u8 *ie, *md = NULL;
3667 #endif /* CONFIG_IEEE80211R */
3668 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3669 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3670 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3671 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3672 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3673 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3674 if (bssid_changed)
3675 wpas_notify_bssid_changed(wpa_s);
3676 #ifdef CONFIG_IEEE80211R
3677 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3678 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3679 md = ie + 2;
3680 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3681 if (md) {
3682 /* Prepare for the next transition */
3683 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3684 }
3685 #endif /* CONFIG_IEEE80211R */
3686 #ifdef CONFIG_WPS
3687 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3688 wpa_s->conf->ap_scan == 2 &&
3689 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3690 /* Use ap_scan==1 style network selection to find the network
3691 */
3692 wpas_connect_work_done(wpa_s);
3693 wpa_s->scan_req = MANUAL_SCAN_REQ;
3694 wpa_s->reassociate = 1;
3695 wpa_supplicant_req_scan(wpa_s, 0, 0);
3696 os_free(wpa_ie);
3697 return;
3698 #endif /* CONFIG_WPS */
3699 } else {
3700 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3701 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3702 if (bss)
3703 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3704 else
3705 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3706 }
3707 if (!wpa_s->pno)
3708 wpa_supplicant_cancel_sched_scan(wpa_s);
3709
3710 wpa_supplicant_cancel_scan(wpa_s);
3711
3712 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3713 use_crypt = 1;
3714 cipher_pairwise = wpa_s->pairwise_cipher;
3715 cipher_group = wpa_s->group_cipher;
3716 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
3717 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3718 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3719 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3720 use_crypt = 0;
3721 #ifdef CONFIG_WEP
3722 if (wpa_set_wep_keys(wpa_s, ssid)) {
3723 use_crypt = 1;
3724 wep_keys_set = 1;
3725 }
3726 #endif /* CONFIG_WEP */
3727 }
3728 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3729 use_crypt = 0;
3730
3731 #ifdef IEEE8021X_EAPOL
3732 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3733 if ((ssid->eapol_flags &
3734 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3735 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3736 !wep_keys_set) {
3737 use_crypt = 0;
3738 } else {
3739 /* Assume that dynamic WEP-104 keys will be used and
3740 * set cipher suites in order for drivers to expect
3741 * encryption. */
3742 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
3743 }
3744 }
3745 #endif /* IEEE8021X_EAPOL */
3746
3747 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3748 /* Set the key before (and later after) association */
3749 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3750 }
3751
3752 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
3753 if (bss) {
3754 params.ssid = bss->ssid;
3755 params.ssid_len = bss->ssid_len;
3756 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3757 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3758 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3759 MACSTR " freq=%u MHz based on scan results "
3760 "(bssid_set=%d wps=%d)",
3761 MAC2STR(bss->bssid), bss->freq,
3762 ssid->bssid_set,
3763 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
3764 params.bssid = bss->bssid;
3765 params.freq.freq = bss->freq;
3766 }
3767 params.bssid_hint = bss->bssid;
3768 params.freq_hint = bss->freq;
3769 params.pbss = bss_is_pbss(bss);
3770 } else {
3771 if (ssid->bssid_hint_set)
3772 params.bssid_hint = ssid->bssid_hint;
3773
3774 params.ssid = ssid->ssid;
3775 params.ssid_len = ssid->ssid_len;
3776 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
3777 }
3778
3779 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3780 wpa_s->conf->ap_scan == 2) {
3781 params.bssid = ssid->bssid;
3782 params.fixed_bssid = 1;
3783 }
3784
3785 /* Initial frequency for IBSS/mesh */
3786 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
3787 ssid->frequency > 0 && params.freq.freq == 0)
3788 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
3789
3790 if (ssid->mode == WPAS_MODE_IBSS) {
3791 params.fixed_freq = ssid->fixed_freq;
3792 if (ssid->beacon_int)
3793 params.beacon_int = ssid->beacon_int;
3794 else
3795 params.beacon_int = wpa_s->conf->beacon_int;
3796 }
3797
3798 if (bss && ssid->enable_edmg)
3799 edmg_ie_oper = wpa_bss_get_ie_ext(bss,
3800 WLAN_EID_EXT_EDMG_OPERATION);
3801 else
3802 edmg_ie_oper = NULL;
3803
3804 if (edmg_ie_oper) {
3805 params.freq.edmg.channels =
3806 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3807 params.freq.edmg.bw_config =
3808 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3809 wpa_printf(MSG_DEBUG,
3810 "AP supports EDMG channels 0x%x, bw_config %d",
3811 params.freq.edmg.channels,
3812 params.freq.edmg.bw_config);
3813
3814 /* User may ask for specific EDMG channel for EDMG connection
3815 * (must be supported by AP)
3816 */
3817 if (ssid->edmg_channel) {
3818 struct ieee80211_edmg_config configured_edmg;
3819 enum hostapd_hw_mode hw_mode;
3820 u8 primary_channel;
3821
3822 hw_mode = ieee80211_freq_to_chan(bss->freq,
3823 &primary_channel);
3824 if (hw_mode == NUM_HOSTAPD_MODES)
3825 goto edmg_fail;
3826
3827 hostapd_encode_edmg_chan(ssid->enable_edmg,
3828 ssid->edmg_channel,
3829 primary_channel,
3830 &configured_edmg);
3831
3832 if (ieee802_edmg_is_allowed(params.freq.edmg,
3833 configured_edmg)) {
3834 params.freq.edmg = configured_edmg;
3835 wpa_printf(MSG_DEBUG,
3836 "Use EDMG channel %d for connection",
3837 ssid->edmg_channel);
3838 } else {
3839 edmg_fail:
3840 params.freq.edmg.channels = 0;
3841 params.freq.edmg.bw_config = 0;
3842 wpa_printf(MSG_WARNING,
3843 "EDMG channel %d not supported by AP, fallback to DMG",
3844 ssid->edmg_channel);
3845 }
3846 }
3847
3848 if (params.freq.edmg.channels) {
3849 wpa_printf(MSG_DEBUG,
3850 "EDMG before: channels 0x%x, bw_config %d",
3851 params.freq.edmg.channels,
3852 params.freq.edmg.bw_config);
3853 params.freq.edmg = get_supported_edmg(wpa_s,
3854 ¶ms.freq,
3855 params.freq.edmg);
3856 wpa_printf(MSG_DEBUG,
3857 "EDMG after: channels 0x%x, bw_config %d",
3858 params.freq.edmg.channels,
3859 params.freq.edmg.bw_config);
3860 }
3861 }
3862
3863 params.pairwise_suite = cipher_pairwise;
3864 params.group_suite = cipher_group;
3865 params.mgmt_group_suite = cipher_group_mgmt;
3866 params.key_mgmt_suite = wpa_s->key_mgmt;
3867 params.wpa_proto = wpa_s->wpa_proto;
3868 wpa_s->auth_alg = params.auth_alg;
3869 params.mode = ssid->mode;
3870 params.bg_scan_period = ssid->bg_scan_period;
3871 #ifdef CONFIG_WEP
3872 {
3873 int i;
3874
3875 for (i = 0; i < NUM_WEP_KEYS; i++) {
3876 if (ssid->wep_key_len[i])
3877 params.wep_key[i] = ssid->wep_key[i];
3878 params.wep_key_len[i] = ssid->wep_key_len[i];
3879 }
3880 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3881 }
3882 #endif /* CONFIG_WEP */
3883
3884 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
3885 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3886 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
3887 params.passphrase = ssid->passphrase;
3888 if (ssid->psk_set)
3889 params.psk = ssid->psk;
3890 }
3891
3892 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3893 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3894 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3895 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3896 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
3897 params.req_handshake_offload = 1;
3898
3899 if (wpa_s->conf->key_mgmt_offload) {
3900 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3901 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3902 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3903 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
3904 params.req_key_mgmt_offload =
3905 ssid->proactive_key_caching < 0 ?
3906 wpa_s->conf->okc : ssid->proactive_key_caching;
3907 else
3908 params.req_key_mgmt_offload = 1;
3909
3910 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3911 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3912 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3913 ssid->psk_set)
3914 params.psk = ssid->psk;
3915 }
3916
3917 params.drop_unencrypted = use_crypt;
3918
3919 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
3920 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
3921 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3922 struct wpa_ie_data ie;
3923 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3924 ie.capabilities &
3925 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
3926 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3927 "MFP: require MFP");
3928 params.mgmt_frame_protection =
3929 MGMT_FRAME_PROTECTION_REQUIRED;
3930 #ifdef CONFIG_OWE
3931 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3932 !ssid->owe_only) {
3933 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3934 #endif /* CONFIG_OWE */
3935 }
3936 }
3937
3938 params.p2p = ssid->p2p_group;
3939
3940 if (wpa_s->p2pdev->set_sta_uapsd)
3941 params.uapsd = wpa_s->p2pdev->sta_uapsd;
3942 else
3943 params.uapsd = -1;
3944
3945 #ifdef CONFIG_HT_OVERRIDES
3946 os_memset(&htcaps, 0, sizeof(htcaps));
3947 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3948 params.htcaps = (u8 *) &htcaps;
3949 params.htcaps_mask = (u8 *) &htcaps_mask;
3950 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
3951 #endif /* CONFIG_HT_OVERRIDES */
3952 #ifdef CONFIG_VHT_OVERRIDES
3953 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3954 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3955 params.vhtcaps = &vhtcaps;
3956 params.vhtcaps_mask = &vhtcaps_mask;
3957 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
3958 #endif /* CONFIG_VHT_OVERRIDES */
3959 #ifdef CONFIG_HE_OVERRIDES
3960 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms);
3961 #endif /* CONFIG_HE_OVERRIDES */
3962
3963 #ifdef CONFIG_P2P
3964 /*
3965 * If multi-channel concurrency is not supported, check for any
3966 * frequency conflict. In case of any frequency conflict, remove the
3967 * least prioritized connection.
3968 */
3969 if (wpa_s->num_multichan_concurrent < 2) {
3970 int freq, num;
3971 num = get_shared_radio_freqs(wpa_s, &freq, 1);
3972 if (num > 0 && freq > 0 && freq != params.freq.freq) {
3973 wpa_printf(MSG_DEBUG,
3974 "Assoc conflicting freq found (%d != %d)",
3975 freq, params.freq.freq);
3976 if (wpas_p2p_handle_frequency_conflicts(
3977 wpa_s, params.freq.freq, ssid) < 0) {
3978 wpas_connect_work_done(wpa_s);
3979 os_free(wpa_ie);
3980 return;
3981 }
3982 }
3983 }
3984 #endif /* CONFIG_P2P */
3985
3986 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3987 wpa_s->current_ssid)
3988 params.prev_bssid = prev_bssid;
3989
3990 #ifdef CONFIG_SAE
3991 params.sae_pwe = wpa_s->conf->sae_pwe;
3992 #endif /* CONFIG_SAE */
3993
3994 ret = wpa_drv_associate(wpa_s, ¶ms);
3995 os_free(wpa_ie);
3996 if (ret < 0) {
3997 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3998 "failed");
3999 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) {
4000 /*
4001 * The driver is known to mean what is saying, so we
4002 * can stop right here; the association will not
4003 * succeed.
4004 */
4005 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
4006 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4007 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4008 return;
4009 }
4010 /* try to continue anyway; new association will be tried again
4011 * after timeout */
4012 assoc_failed = 1;
4013 }
4014
4015 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4016 /* Set the key after the association just in case association
4017 * cleared the previously configured key. */
4018 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4019 /* No need to timeout authentication since there is no key
4020 * management. */
4021 wpa_supplicant_cancel_auth_timeout(wpa_s);
4022 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
4023 #ifdef CONFIG_IBSS_RSN
4024 } else if (ssid->mode == WPAS_MODE_IBSS &&
4025 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
4026 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
4027 /*
4028 * RSN IBSS authentication is per-STA and we can disable the
4029 * per-BSSID authentication.
4030 */
4031 wpa_supplicant_cancel_auth_timeout(wpa_s);
4032 #endif /* CONFIG_IBSS_RSN */
4033 } else {
4034 /* Timeout for IEEE 802.11 authentication and association */
4035 int timeout = 60;
4036
4037 if (assoc_failed) {
4038 /* give IBSS a bit more time */
4039 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
4040 } else if (wpa_s->conf->ap_scan == 1) {
4041 /* give IBSS a bit more time */
4042 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
4043 }
4044 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4045 }
4046
4047 #ifdef CONFIG_WEP
4048 if (wep_keys_set &&
4049 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
4050 /* Set static WEP keys again */
4051 wpa_set_wep_keys(wpa_s, ssid);
4052 }
4053 #endif /* CONFIG_WEP */
4054
4055 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
4056 /*
4057 * Do not allow EAP session resumption between different
4058 * network configurations.
4059 */
4060 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4061 }
4062 old_ssid = wpa_s->current_ssid;
4063 wpa_s->current_ssid = ssid;
4064
4065 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4066 wpa_s->current_bss = bss;
4067 #ifdef CONFIG_HS20
4068 hs20_configure_frame_filters(wpa_s);
4069 #endif /* CONFIG_HS20 */
4070 }
4071
4072 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
4073 wpa_supplicant_initiate_eapol(wpa_s);
4074 if (old_ssid != wpa_s->current_ssid)
4075 wpas_notify_network_changed(wpa_s);
4076 }
4077
4078
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)4079 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
4080 const u8 *addr)
4081 {
4082 struct wpa_ssid *old_ssid;
4083
4084 wpas_connect_work_done(wpa_s);
4085 wpa_clear_keys(wpa_s, addr);
4086 old_ssid = wpa_s->current_ssid;
4087 wpa_supplicant_mark_disassoc(wpa_s);
4088 wpa_sm_set_config(wpa_s->wpa, NULL);
4089 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4090 if (old_ssid != wpa_s->current_ssid)
4091 wpas_notify_network_changed(wpa_s);
4092
4093 wpas_scs_deinit(wpa_s);
4094 wpas_dscp_deinit(wpa_s);
4095 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4096 }
4097
4098
4099 /**
4100 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
4101 * @wpa_s: Pointer to wpa_supplicant data
4102 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
4103 *
4104 * This function is used to request %wpa_supplicant to deauthenticate from the
4105 * current AP.
4106 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,u16 reason_code)4107 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4108 u16 reason_code)
4109 {
4110 u8 *addr = NULL;
4111 union wpa_event_data event;
4112 int zero_addr = 0;
4113
4114 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
4115 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
4116 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
4117 reason_code, reason2str(reason_code),
4118 wpa_supplicant_state_txt(wpa_s->wpa_state));
4119
4120 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
4121 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
4122 wpa_s->wpa_state == WPA_ASSOCIATING))
4123 addr = wpa_s->pending_bssid;
4124 else if (!is_zero_ether_addr(wpa_s->bssid))
4125 addr = wpa_s->bssid;
4126 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
4127 /*
4128 * When using driver-based BSS selection, we may not know the
4129 * BSSID with which we are currently trying to associate. We
4130 * need to notify the driver of this disconnection even in such
4131 * a case, so use the all zeros address here.
4132 */
4133 addr = wpa_s->bssid;
4134 zero_addr = 1;
4135 }
4136
4137 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
4138 wpa_s->enabled_4addr_mode = 0;
4139
4140 #ifdef CONFIG_TDLS
4141 wpa_tdls_teardown_peers(wpa_s->wpa);
4142 #endif /* CONFIG_TDLS */
4143
4144 #ifdef CONFIG_MESH
4145 if (wpa_s->ifmsh) {
4146 struct mesh_conf *mconf;
4147
4148 mconf = wpa_s->ifmsh->mconf;
4149 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
4150 wpa_s->ifname);
4151 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
4152 mconf->meshid_len, reason_code);
4153 wpa_supplicant_leave_mesh(wpa_s, true);
4154 }
4155 #endif /* CONFIG_MESH */
4156
4157 if (addr) {
4158 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
4159 os_memset(&event, 0, sizeof(event));
4160 event.deauth_info.reason_code = reason_code;
4161 event.deauth_info.locally_generated = 1;
4162 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
4163 if (zero_addr)
4164 addr = NULL;
4165 }
4166
4167 wpa_supplicant_clear_connection(wpa_s, addr);
4168 }
4169
4170
wpa_supplicant_reconnect(struct wpa_supplicant * wpa_s)4171 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
4172 {
4173 wpa_s->own_reconnect_req = 1;
4174 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
4175
4176 }
4177
4178
wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4179 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
4180 struct wpa_ssid *ssid)
4181 {
4182 if (!ssid || !ssid->disabled || ssid->disabled == 2)
4183 return;
4184
4185 ssid->disabled = 0;
4186 ssid->owe_transition_bss_select_count = 0;
4187 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4188 wpas_notify_network_enabled_changed(wpa_s, ssid);
4189
4190 /*
4191 * Try to reassociate since there is no current configuration and a new
4192 * network was made available.
4193 */
4194 if (!wpa_s->current_ssid && !wpa_s->disconnected)
4195 wpa_s->reassociate = 1;
4196 }
4197
4198
4199 /**
4200 * wpa_supplicant_add_network - Add a new network
4201 * @wpa_s: wpa_supplicant structure for a network interface
4202 * Returns: The new network configuration or %NULL if operation failed
4203 *
4204 * This function performs the following operations:
4205 * 1. Adds a new network.
4206 * 2. Send network addition notification.
4207 * 3. Marks the network disabled.
4208 * 4. Set network default parameters.
4209 */
wpa_supplicant_add_network(struct wpa_supplicant * wpa_s)4210 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
4211 {
4212 struct wpa_ssid *ssid;
4213
4214 ssid = wpa_config_add_network(wpa_s->conf);
4215 if (!ssid)
4216 return NULL;
4217 wpas_notify_network_added(wpa_s, ssid);
4218 ssid->disabled = 1;
4219 wpa_config_set_network_defaults(ssid);
4220
4221 return ssid;
4222 }
4223
4224
4225 /**
4226 * wpa_supplicant_remove_network - Remove a configured network based on id
4227 * @wpa_s: wpa_supplicant structure for a network interface
4228 * @id: Unique network id to search for
4229 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
4230 * could not be removed
4231 *
4232 * This function performs the following operations:
4233 * 1. Removes the network.
4234 * 2. Send network removal notification.
4235 * 3. Update internal state machines.
4236 * 4. Stop any running sched scans.
4237 */
wpa_supplicant_remove_network(struct wpa_supplicant * wpa_s,int id)4238 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
4239 {
4240 struct wpa_ssid *ssid;
4241 int was_disabled;
4242
4243 ssid = wpa_config_get_network(wpa_s->conf, id);
4244 if (!ssid)
4245 return -1;
4246 wpas_notify_network_removed(wpa_s, ssid);
4247
4248 if (wpa_s->last_ssid == ssid)
4249 wpa_s->last_ssid = NULL;
4250
4251 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
4252 #ifdef CONFIG_SME
4253 wpa_s->sme.prev_bssid_set = 0;
4254 #endif /* CONFIG_SME */
4255 /*
4256 * Invalidate the EAP session cache if the current or
4257 * previously used network is removed.
4258 */
4259 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4260 }
4261
4262 if (ssid == wpa_s->current_ssid) {
4263 wpa_sm_set_config(wpa_s->wpa, NULL);
4264 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4265
4266 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4267 wpa_s->own_disconnect_req = 1;
4268 wpa_supplicant_deauthenticate(wpa_s,
4269 WLAN_REASON_DEAUTH_LEAVING);
4270 }
4271
4272 was_disabled = ssid->disabled;
4273
4274 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
4275 return -2;
4276
4277 if (!was_disabled && wpa_s->sched_scanning) {
4278 wpa_printf(MSG_DEBUG,
4279 "Stop ongoing sched_scan to remove network from filters");
4280 wpa_supplicant_cancel_sched_scan(wpa_s);
4281 wpa_supplicant_req_scan(wpa_s, 0, 0);
4282 }
4283
4284 return 0;
4285 }
4286
4287
4288 /**
4289 * wpa_supplicant_remove_all_networks - Remove all configured networks
4290 * @wpa_s: wpa_supplicant structure for a network interface
4291 * Returns: 0 on success (errors are currently ignored)
4292 *
4293 * This function performs the following operations:
4294 * 1. Remove all networks.
4295 * 2. Send network removal notifications.
4296 * 3. Update internal state machines.
4297 * 4. Stop any running sched scans.
4298 */
wpa_supplicant_remove_all_networks(struct wpa_supplicant * wpa_s)4299 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
4300 {
4301 struct wpa_ssid *ssid;
4302
4303 if (wpa_s->sched_scanning)
4304 wpa_supplicant_cancel_sched_scan(wpa_s);
4305
4306 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4307 if (wpa_s->current_ssid) {
4308 #ifdef CONFIG_SME
4309 wpa_s->sme.prev_bssid_set = 0;
4310 #endif /* CONFIG_SME */
4311 wpa_sm_set_config(wpa_s->wpa, NULL);
4312 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4313 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4314 wpa_s->own_disconnect_req = 1;
4315 wpa_supplicant_deauthenticate(
4316 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4317 }
4318 ssid = wpa_s->conf->ssid;
4319 while (ssid) {
4320 struct wpa_ssid *remove_ssid = ssid;
4321 int id;
4322
4323 id = ssid->id;
4324 ssid = ssid->next;
4325 if (wpa_s->last_ssid == remove_ssid)
4326 wpa_s->last_ssid = NULL;
4327 wpas_notify_network_removed(wpa_s, remove_ssid);
4328 wpa_config_remove_network(wpa_s->conf, id);
4329 }
4330 return 0;
4331 }
4332
4333
4334 /**
4335 * wpa_supplicant_enable_network - Mark a configured network as enabled
4336 * @wpa_s: wpa_supplicant structure for a network interface
4337 * @ssid: wpa_ssid structure for a configured network or %NULL
4338 *
4339 * Enables the specified network or all networks if no network specified.
4340 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4341 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
4342 struct wpa_ssid *ssid)
4343 {
4344 if (ssid == NULL) {
4345 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4346 wpa_supplicant_enable_one_network(wpa_s, ssid);
4347 } else
4348 wpa_supplicant_enable_one_network(wpa_s, ssid);
4349
4350 if (wpa_s->reassociate && !wpa_s->disconnected &&
4351 (!wpa_s->current_ssid ||
4352 wpa_s->wpa_state == WPA_DISCONNECTED ||
4353 wpa_s->wpa_state == WPA_SCANNING)) {
4354 if (wpa_s->sched_scanning) {
4355 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
4356 "new network to scan filters");
4357 wpa_supplicant_cancel_sched_scan(wpa_s);
4358 }
4359
4360 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
4361 wpa_s->scan_req = NORMAL_SCAN_REQ;
4362 wpa_supplicant_req_scan(wpa_s, 0, 0);
4363 }
4364 }
4365 }
4366
4367
4368 /**
4369 * wpa_supplicant_disable_network - Mark a configured network as disabled
4370 * @wpa_s: wpa_supplicant structure for a network interface
4371 * @ssid: wpa_ssid structure for a configured network or %NULL
4372 *
4373 * Disables the specified network or all networks if no network specified.
4374 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4375 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
4376 struct wpa_ssid *ssid)
4377 {
4378 struct wpa_ssid *other_ssid;
4379 int was_disabled;
4380
4381 if (ssid == NULL) {
4382 if (wpa_s->sched_scanning)
4383 wpa_supplicant_cancel_sched_scan(wpa_s);
4384
4385 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4386 other_ssid = other_ssid->next) {
4387 was_disabled = other_ssid->disabled;
4388 if (was_disabled == 2)
4389 continue; /* do not change persistent P2P group
4390 * data */
4391
4392 other_ssid->disabled = 1;
4393
4394 if (was_disabled != other_ssid->disabled)
4395 wpas_notify_network_enabled_changed(
4396 wpa_s, other_ssid);
4397 }
4398 if (wpa_s->current_ssid) {
4399 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4400 wpa_s->own_disconnect_req = 1;
4401 wpa_supplicant_deauthenticate(
4402 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4403 }
4404 } else if (ssid->disabled != 2) {
4405 if (ssid == wpa_s->current_ssid) {
4406 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4407 wpa_s->own_disconnect_req = 1;
4408 wpa_supplicant_deauthenticate(
4409 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4410 }
4411
4412 was_disabled = ssid->disabled;
4413
4414 ssid->disabled = 1;
4415
4416 if (was_disabled != ssid->disabled) {
4417 wpas_notify_network_enabled_changed(wpa_s, ssid);
4418 if (wpa_s->sched_scanning) {
4419 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4420 "to remove network from filters");
4421 wpa_supplicant_cancel_sched_scan(wpa_s);
4422 wpa_supplicant_req_scan(wpa_s, 0, 0);
4423 }
4424 }
4425 }
4426 }
4427
4428
4429 /**
4430 * wpa_supplicant_select_network - Attempt association with a network
4431 * @wpa_s: wpa_supplicant structure for a network interface
4432 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4433 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4434 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4435 struct wpa_ssid *ssid)
4436 {
4437
4438 struct wpa_ssid *other_ssid;
4439 int disconnected = 0;
4440
4441 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
4442 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4443 wpa_s->own_disconnect_req = 1;
4444 wpa_supplicant_deauthenticate(
4445 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4446 disconnected = 1;
4447 }
4448
4449 if (ssid)
4450 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4451
4452 /*
4453 * Mark all other networks disabled or mark all networks enabled if no
4454 * network specified.
4455 */
4456 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4457 other_ssid = other_ssid->next) {
4458 int was_disabled = other_ssid->disabled;
4459 if (was_disabled == 2)
4460 continue; /* do not change persistent P2P group data */
4461
4462 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
4463 if (was_disabled && !other_ssid->disabled)
4464 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
4465
4466 if (was_disabled != other_ssid->disabled)
4467 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
4468 }
4469
4470 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4471 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4472 /* We are already associated with the selected network */
4473 wpa_printf(MSG_DEBUG, "Already associated with the "
4474 "selected network - do nothing");
4475 return;
4476 }
4477
4478 if (ssid) {
4479 wpa_s->current_ssid = ssid;
4480 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4481 wpa_s->connect_without_scan =
4482 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
4483
4484 /*
4485 * Don't optimize next scan freqs since a new ESS has been
4486 * selected.
4487 */
4488 os_free(wpa_s->next_scan_freqs);
4489 wpa_s->next_scan_freqs = NULL;
4490 } else {
4491 wpa_s->connect_without_scan = NULL;
4492 }
4493
4494 wpa_s->disconnected = 0;
4495 wpa_s->reassociate = 1;
4496 wpa_s_clear_sae_rejected(wpa_s);
4497 wpa_s->last_owe_group = 0;
4498 if (ssid) {
4499 ssid->owe_transition_bss_select_count = 0;
4500 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4501 }
4502
4503 if (wpa_s->connect_without_scan ||
4504 wpa_supplicant_fast_associate(wpa_s) != 1) {
4505 wpa_s->scan_req = NORMAL_SCAN_REQ;
4506 wpas_scan_reset_sched_scan(wpa_s);
4507 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
4508 }
4509
4510 if (ssid)
4511 wpas_notify_network_selected(wpa_s, ssid);
4512 }
4513
4514
4515 /**
4516 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4517 * @wpa_s: wpa_supplicant structure for a network interface
4518 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4519 * @pkcs11_module_path: PKCS #11 module path or NULL
4520 * Returns: 0 on success; -1 on failure
4521 *
4522 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4523 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4524 * module path fails the paths will be reset to the default value (NULL).
4525 */
wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)4526 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4527 const char *pkcs11_engine_path,
4528 const char *pkcs11_module_path)
4529 {
4530 char *pkcs11_engine_path_copy = NULL;
4531 char *pkcs11_module_path_copy = NULL;
4532
4533 if (pkcs11_engine_path != NULL) {
4534 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4535 if (pkcs11_engine_path_copy == NULL)
4536 return -1;
4537 }
4538 if (pkcs11_module_path != NULL) {
4539 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
4540 if (pkcs11_module_path_copy == NULL) {
4541 os_free(pkcs11_engine_path_copy);
4542 return -1;
4543 }
4544 }
4545
4546 os_free(wpa_s->conf->pkcs11_engine_path);
4547 os_free(wpa_s->conf->pkcs11_module_path);
4548 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4549 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4550
4551 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4552 eapol_sm_deinit(wpa_s->eapol);
4553 wpa_s->eapol = NULL;
4554 if (wpa_supplicant_init_eapol(wpa_s)) {
4555 /* Error -> Reset paths to the default value (NULL) once. */
4556 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4557 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4558 NULL);
4559
4560 return -1;
4561 }
4562 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4563
4564 return 0;
4565 }
4566
4567
4568 /**
4569 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4570 * @wpa_s: wpa_supplicant structure for a network interface
4571 * @ap_scan: AP scan mode
4572 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4573 *
4574 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)4575 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4576 {
4577
4578 int old_ap_scan;
4579
4580 if (ap_scan < 0 || ap_scan > 2)
4581 return -1;
4582
4583 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4584 wpa_printf(MSG_INFO,
4585 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4586 }
4587
4588 #ifdef ANDROID
4589 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4590 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4591 wpa_s->wpa_state < WPA_COMPLETED) {
4592 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4593 "associating", wpa_s->conf->ap_scan, ap_scan);
4594 return 0;
4595 }
4596 #endif /* ANDROID */
4597
4598 old_ap_scan = wpa_s->conf->ap_scan;
4599 wpa_s->conf->ap_scan = ap_scan;
4600
4601 if (old_ap_scan != wpa_s->conf->ap_scan)
4602 wpas_notify_ap_scan_changed(wpa_s);
4603
4604 return 0;
4605 }
4606
4607
4608 /**
4609 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4610 * @wpa_s: wpa_supplicant structure for a network interface
4611 * @expire_age: Expiration age in seconds
4612 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4613 *
4614 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)4615 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4616 unsigned int bss_expire_age)
4617 {
4618 if (bss_expire_age < 10) {
4619 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4620 bss_expire_age);
4621 return -1;
4622 }
4623 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4624 bss_expire_age);
4625 wpa_s->conf->bss_expiration_age = bss_expire_age;
4626
4627 return 0;
4628 }
4629
4630
4631 /**
4632 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4633 * @wpa_s: wpa_supplicant structure for a network interface
4634 * @expire_count: number of scans after which an unseen BSS is reclaimed
4635 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4636 *
4637 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)4638 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4639 unsigned int bss_expire_count)
4640 {
4641 if (bss_expire_count < 1) {
4642 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4643 bss_expire_count);
4644 return -1;
4645 }
4646 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4647 bss_expire_count);
4648 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4649
4650 return 0;
4651 }
4652
4653
4654 /**
4655 * wpa_supplicant_set_scan_interval - Set scan interval
4656 * @wpa_s: wpa_supplicant structure for a network interface
4657 * @scan_interval: scan interval in seconds
4658 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4659 *
4660 */
wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)4661 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4662 int scan_interval)
4663 {
4664 if (scan_interval < 0) {
4665 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4666 scan_interval);
4667 return -1;
4668 }
4669 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4670 scan_interval);
4671 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
4672
4673 return 0;
4674 }
4675
4676
4677 /**
4678 * wpa_supplicant_set_debug_params - Set global debug params
4679 * @global: wpa_global structure
4680 * @debug_level: debug level
4681 * @debug_timestamp: determines if show timestamp in debug data
4682 * @debug_show_keys: determines if show keys in debug data
4683 * Returns: 0 if succeed or -1 if debug_level has wrong value
4684 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)4685 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4686 int debug_timestamp, int debug_show_keys)
4687 {
4688
4689 int old_level, old_timestamp, old_show_keys;
4690
4691 /* check for allowed debuglevels */
4692 if (debug_level != MSG_EXCESSIVE &&
4693 debug_level != MSG_MSGDUMP &&
4694 debug_level != MSG_DEBUG &&
4695 debug_level != MSG_INFO &&
4696 debug_level != MSG_WARNING &&
4697 debug_level != MSG_ERROR)
4698 return -1;
4699
4700 old_level = wpa_debug_level;
4701 old_timestamp = wpa_debug_timestamp;
4702 old_show_keys = wpa_debug_show_keys;
4703
4704 wpa_debug_level = debug_level;
4705 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4706 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4707
4708 if (wpa_debug_level != old_level)
4709 wpas_notify_debug_level_changed(global);
4710 if (wpa_debug_timestamp != old_timestamp)
4711 wpas_notify_debug_timestamp_changed(global);
4712 if (wpa_debug_show_keys != old_show_keys)
4713 wpas_notify_debug_show_keys_changed(global);
4714
4715 return 0;
4716 }
4717
4718
4719 #ifdef CONFIG_OWE
owe_trans_ssid_match(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * entry_ssid,size_t entry_ssid_len)4720 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4721 const u8 *entry_ssid, size_t entry_ssid_len)
4722 {
4723 const u8 *owe, *pos, *end;
4724 u8 ssid_len;
4725 struct wpa_bss *bss;
4726
4727 /* Check network profile SSID aganst the SSID in the
4728 * OWE Transition Mode element. */
4729
4730 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4731 if (!bss)
4732 return 0;
4733
4734 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4735 if (!owe)
4736 return 0;
4737
4738 pos = owe + 6;
4739 end = owe + 2 + owe[1];
4740
4741 if (end - pos < ETH_ALEN + 1)
4742 return 0;
4743 pos += ETH_ALEN;
4744 ssid_len = *pos++;
4745 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4746 return 0;
4747
4748 return entry_ssid_len == ssid_len &&
4749 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4750 }
4751 #endif /* CONFIG_OWE */
4752
4753
4754 /**
4755 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4756 * @wpa_s: Pointer to wpa_supplicant data
4757 * Returns: A pointer to the current network structure or %NULL on failure
4758 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)4759 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4760 {
4761 struct wpa_ssid *entry;
4762 u8 ssid[SSID_MAX_LEN];
4763 int res;
4764 size_t ssid_len;
4765 u8 bssid[ETH_ALEN];
4766 int wired;
4767
4768 res = wpa_drv_get_ssid(wpa_s, ssid);
4769 if (res < 0) {
4770 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4771 "driver");
4772 return NULL;
4773 }
4774 ssid_len = res;
4775
4776 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
4777 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4778 "driver");
4779 return NULL;
4780 }
4781
4782 wired = wpa_s->conf->ap_scan == 0 &&
4783 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
4784
4785 entry = wpa_s->conf->ssid;
4786 while (entry) {
4787 if (!wpas_network_disabled(wpa_s, entry) &&
4788 ((ssid_len == entry->ssid_len &&
4789 (!entry->ssid ||
4790 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4791 wired) &&
4792 (!entry->bssid_set ||
4793 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4794 return entry;
4795 #ifdef CONFIG_WPS
4796 if (!wpas_network_disabled(wpa_s, entry) &&
4797 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4798 (entry->ssid == NULL || entry->ssid_len == 0) &&
4799 (!entry->bssid_set ||
4800 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4801 return entry;
4802 #endif /* CONFIG_WPS */
4803
4804 #ifdef CONFIG_OWE
4805 if (!wpas_network_disabled(wpa_s, entry) &&
4806 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4807 entry->ssid_len) &&
4808 (!entry->bssid_set ||
4809 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4810 return entry;
4811 #endif /* CONFIG_OWE */
4812
4813 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
4814 entry->ssid_len == 0 &&
4815 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4816 return entry;
4817
4818 entry = entry->next;
4819 }
4820
4821 return NULL;
4822 }
4823
4824
select_driver(struct wpa_supplicant * wpa_s,int i)4825 static int select_driver(struct wpa_supplicant *wpa_s, int i)
4826 {
4827 struct wpa_global *global = wpa_s->global;
4828
4829 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
4830 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
4831 if (global->drv_priv[i] == NULL) {
4832 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4833 "'%s'", wpa_drivers[i]->name);
4834 return -1;
4835 }
4836 }
4837
4838 wpa_s->driver = wpa_drivers[i];
4839 wpa_s->global_drv_priv = global->drv_priv[i];
4840
4841 return 0;
4842 }
4843
4844
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)4845 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4846 const char *name)
4847 {
4848 int i;
4849 size_t len;
4850 const char *pos, *driver = name;
4851
4852 if (wpa_s == NULL)
4853 return -1;
4854
4855 if (wpa_drivers[0] == NULL) {
4856 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4857 "wpa_supplicant");
4858 return -1;
4859 }
4860
4861 if (name == NULL) {
4862 /* Default to first successful driver in the list */
4863 for (i = 0; wpa_drivers[i]; i++) {
4864 if (select_driver(wpa_s, i) == 0)
4865 return 0;
4866 }
4867 /* Drivers have each reported failure, so no wpa_msg() here. */
4868 return -1;
4869 }
4870
4871 do {
4872 pos = os_strchr(driver, ',');
4873 if (pos)
4874 len = pos - driver;
4875 else
4876 len = os_strlen(driver);
4877
4878 for (i = 0; wpa_drivers[i]; i++) {
4879 if (os_strlen(wpa_drivers[i]->name) == len &&
4880 os_strncmp(driver, wpa_drivers[i]->name, len) ==
4881 0) {
4882 /* First driver that succeeds wins */
4883 if (select_driver(wpa_s, i) == 0)
4884 return 0;
4885 }
4886 }
4887
4888 driver = pos + 1;
4889 } while (pos);
4890
4891 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
4892 return -1;
4893 }
4894
4895
4896 /**
4897 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4898 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4899 * with struct wpa_driver_ops::init()
4900 * @src_addr: Source address of the EAPOL frame
4901 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4902 * @len: Length of the EAPOL data
4903 *
4904 * This function is called for each received EAPOL frame. Most driver
4905 * interfaces rely on more generic OS mechanism for receiving frames through
4906 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4907 * take care of received EAPOL frames and deliver them to the core supplicant
4908 * code by calling this function.
4909 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)4910 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4911 const u8 *buf, size_t len)
4912 {
4913 struct wpa_supplicant *wpa_s = ctx;
4914
4915 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
4916 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4917
4918 if (wpa_s->own_disconnect_req) {
4919 wpa_printf(MSG_DEBUG,
4920 "Drop received EAPOL frame as we are disconnecting");
4921 return;
4922 }
4923
4924 #ifdef CONFIG_TESTING_OPTIONS
4925 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu",
4926 MAC2STR(src_addr), len);
4927 if (wpa_s->ignore_auth_resp) {
4928 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4929 return;
4930 }
4931 #endif /* CONFIG_TESTING_OPTIONS */
4932
4933 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4934 (wpa_s->last_eapol_matches_bssid &&
4935 #ifdef CONFIG_AP
4936 !wpa_s->ap_iface &&
4937 #endif /* CONFIG_AP */
4938 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
4939 /*
4940 * There is possible race condition between receiving the
4941 * association event and the EAPOL frame since they are coming
4942 * through different paths from the driver. In order to avoid
4943 * issues in trying to process the EAPOL frame before receiving
4944 * association information, lets queue it for processing until
4945 * the association event is received. This may also be needed in
4946 * driver-based roaming case, so also use src_addr != BSSID as a
4947 * trigger if we have previously confirmed that the
4948 * Authenticator uses BSSID as the src_addr (which is not the
4949 * case with wired IEEE 802.1X).
4950 */
4951 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
4952 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4953 wpa_supplicant_state_txt(wpa_s->wpa_state),
4954 MAC2STR(wpa_s->bssid));
4955 wpabuf_free(wpa_s->pending_eapol_rx);
4956 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4957 if (wpa_s->pending_eapol_rx) {
4958 os_get_reltime(&wpa_s->pending_eapol_rx_time);
4959 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4960 ETH_ALEN);
4961 }
4962 return;
4963 }
4964
4965 wpa_s->last_eapol_matches_bssid =
4966 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4967
4968 #ifdef CONFIG_AP
4969 if (wpa_s->ap_iface) {
4970 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4971 return;
4972 }
4973 #endif /* CONFIG_AP */
4974
4975 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
4976 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4977 "no key management is configured");
4978 return;
4979 }
4980
4981 if (wpa_s->eapol_received == 0 &&
4982 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
4983 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
4984 wpa_s->wpa_state != WPA_COMPLETED) &&
4985 (wpa_s->current_ssid == NULL ||
4986 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
4987 /* Timeout for completing IEEE 802.1X and WPA authentication */
4988 int timeout = 10;
4989
4990 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4991 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4992 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4993 /* Use longer timeout for IEEE 802.1X/EAP */
4994 timeout = 70;
4995 }
4996
4997 #ifdef CONFIG_WPS
4998 if (wpa_s->current_ssid && wpa_s->current_bss &&
4999 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
5000 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
5001 /*
5002 * Use shorter timeout if going through WPS AP iteration
5003 * for PIN config method with an AP that does not
5004 * advertise Selected Registrar.
5005 */
5006 struct wpabuf *wps_ie;
5007
5008 wps_ie = wpa_bss_get_vendor_ie_multi(
5009 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
5010 if (wps_ie &&
5011 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5012 timeout = 10;
5013 wpabuf_free(wps_ie);
5014 }
5015 #endif /* CONFIG_WPS */
5016
5017 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
5018 }
5019 wpa_s->eapol_received++;
5020
5021 if (wpa_s->countermeasures) {
5022 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
5023 "EAPOL packet");
5024 return;
5025 }
5026
5027 #ifdef CONFIG_IBSS_RSN
5028 if (wpa_s->current_ssid &&
5029 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
5030 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
5031 return;
5032 }
5033 #endif /* CONFIG_IBSS_RSN */
5034
5035 /* Source address of the incoming EAPOL frame could be compared to the
5036 * current BSSID. However, it is possible that a centralized
5037 * Authenticator could be using another MAC address than the BSSID of
5038 * an AP, so just allow any address to be used for now. The replies are
5039 * still sent to the current BSSID (if available), though. */
5040
5041 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
5042 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
5043 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
5044 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
5045 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
5046 return;
5047 wpa_drv_poll(wpa_s);
5048 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
5049 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
5050 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
5051 /*
5052 * Set portValid = true here since we are going to skip 4-way
5053 * handshake processing which would normally set portValid. We
5054 * need this to allow the EAPOL state machines to be completed
5055 * without going through EAPOL-Key handshake.
5056 */
5057 eapol_sm_notify_portValid(wpa_s->eapol, true);
5058 }
5059 }
5060
5061
wpas_eapol_needs_l2_packet(struct wpa_supplicant * wpa_s)5062 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s)
5063 {
5064 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) ||
5065 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX);
5066 }
5067
5068
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)5069 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
5070 {
5071 if ((!wpa_s->p2p_mgmt ||
5072 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
5073 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
5074 l2_packet_deinit(wpa_s->l2);
5075 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
5076 wpa_drv_get_mac_addr(wpa_s),
5077 ETH_P_EAPOL,
5078 wpas_eapol_needs_l2_packet(wpa_s) ?
5079 wpa_supplicant_rx_eapol : NULL,
5080 wpa_s, 0);
5081 if (wpa_s->l2 == NULL)
5082 return -1;
5083
5084 if (l2_packet_set_packet_filter(wpa_s->l2,
5085 L2_PACKET_FILTER_PKTTYPE))
5086 wpa_dbg(wpa_s, MSG_DEBUG,
5087 "Failed to attach pkt_type filter");
5088
5089 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
5090 wpa_msg(wpa_s, MSG_ERROR,
5091 "Failed to get own L2 address");
5092 return -1;
5093 }
5094 } else {
5095 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
5096 if (addr)
5097 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
5098 }
5099
5100 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5101 wpas_wps_update_mac_addr(wpa_s);
5102
5103 #ifdef CONFIG_FST
5104 if (wpa_s->fst)
5105 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
5106 #endif /* CONFIG_FST */
5107
5108 return 0;
5109 }
5110
5111
wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)5112 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
5113 const u8 *buf, size_t len)
5114 {
5115 struct wpa_supplicant *wpa_s = ctx;
5116 const struct l2_ethhdr *eth;
5117
5118 if (len < sizeof(*eth))
5119 return;
5120 eth = (const struct l2_ethhdr *) buf;
5121
5122 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
5123 !(eth->h_dest[0] & 0x01)) {
5124 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5125 " (bridge - not for this interface - ignore)",
5126 MAC2STR(src_addr), MAC2STR(eth->h_dest));
5127 return;
5128 }
5129
5130 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5131 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
5132 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
5133 len - sizeof(*eth));
5134 }
5135
5136
wpa_supplicant_update_bridge_ifname(struct wpa_supplicant * wpa_s,const char * bridge_ifname)5137 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
5138 const char *bridge_ifname)
5139 {
5140 if (wpa_s->wpa_state > WPA_SCANNING)
5141 return -EBUSY;
5142
5143 if (bridge_ifname &&
5144 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
5145 return -EINVAL;
5146
5147 if (!bridge_ifname)
5148 bridge_ifname = "";
5149
5150 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
5151 return 0;
5152
5153 if (wpa_s->l2_br) {
5154 l2_packet_deinit(wpa_s->l2_br);
5155 wpa_s->l2_br = NULL;
5156 }
5157
5158 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
5159 sizeof(wpa_s->bridge_ifname));
5160
5161 if (wpa_s->bridge_ifname[0]) {
5162 wpa_dbg(wpa_s, MSG_DEBUG,
5163 "Receiving packets from bridge interface '%s'",
5164 wpa_s->bridge_ifname);
5165 wpa_s->l2_br = l2_packet_init_bridge(
5166 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5167 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5168 if (!wpa_s->l2_br) {
5169 wpa_msg(wpa_s, MSG_ERROR,
5170 "Failed to open l2_packet connection for the bridge interface '%s'",
5171 wpa_s->bridge_ifname);
5172 goto fail;
5173 }
5174 }
5175
5176 #ifdef CONFIG_TDLS
5177 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
5178 goto fail;
5179 #endif /* CONFIG_TDLS */
5180
5181 return 0;
5182 fail:
5183 wpa_s->bridge_ifname[0] = 0;
5184 if (wpa_s->l2_br) {
5185 l2_packet_deinit(wpa_s->l2_br);
5186 wpa_s->l2_br = NULL;
5187 }
5188 #ifdef CONFIG_TDLS
5189 if (!wpa_s->p2p_mgmt)
5190 wpa_tdls_init(wpa_s->wpa);
5191 #endif /* CONFIG_TDLS */
5192 return -EIO;
5193 }
5194
5195
5196 /**
5197 * wpa_supplicant_driver_init - Initialize driver interface parameters
5198 * @wpa_s: Pointer to wpa_supplicant data
5199 * Returns: 0 on success, -1 on failure
5200 *
5201 * This function is called to initialize driver interface parameters.
5202 * wpa_drv_init() must have been called before this function to initialize the
5203 * driver interface.
5204 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)5205 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
5206 {
5207 static int interface_count = 0;
5208
5209 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
5210 return -1;
5211
5212 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
5213 MAC2STR(wpa_s->own_addr));
5214 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
5215 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5216
5217 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) {
5218 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
5219 "interface '%s'", wpa_s->bridge_ifname);
5220 wpa_s->l2_br = l2_packet_init_bridge(
5221 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5222 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5223 if (wpa_s->l2_br == NULL) {
5224 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
5225 "connection for the bridge interface '%s'",
5226 wpa_s->bridge_ifname);
5227 return -1;
5228 }
5229 }
5230
5231 if (wpa_s->conf->ap_scan == 2 &&
5232 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5233 wpa_printf(MSG_INFO,
5234 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5235 }
5236
5237 wpa_clear_keys(wpa_s, NULL);
5238
5239 /* Make sure that TKIP countermeasures are not left enabled (could
5240 * happen if wpa_supplicant is killed during countermeasures. */
5241 wpa_drv_set_countermeasures(wpa_s, 0);
5242
5243 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
5244 wpa_drv_flush_pmkid(wpa_s);
5245
5246 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
5247 wpa_s->prev_scan_wildcard = 0;
5248
5249 if (wpa_supplicant_enabled_networks(wpa_s)) {
5250 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
5251 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5252 interface_count = 0;
5253 }
5254 #ifndef ANDROID
5255 if (!wpa_s->p2p_mgmt &&
5256 wpa_supplicant_delayed_sched_scan(wpa_s,
5257 interface_count % 3,
5258 100000))
5259 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
5260 100000);
5261 #endif /* ANDROID */
5262 interface_count++;
5263 } else
5264 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
5265
5266 return 0;
5267 }
5268
5269
wpa_supplicant_daemon(const char * pid_file)5270 static int wpa_supplicant_daemon(const char *pid_file)
5271 {
5272 wpa_printf(MSG_DEBUG, "Daemonize..");
5273 return os_daemonize(pid_file);
5274 }
5275
5276
5277 static struct wpa_supplicant *
wpa_supplicant_alloc(struct wpa_supplicant * parent)5278 wpa_supplicant_alloc(struct wpa_supplicant *parent)
5279 {
5280 struct wpa_supplicant *wpa_s;
5281
5282 wpa_s = os_zalloc(sizeof(*wpa_s));
5283 if (wpa_s == NULL)
5284 return NULL;
5285 wpa_s->scan_req = INITIAL_SCAN_REQ;
5286 wpa_s->scan_interval = 5;
5287 wpa_s->new_connection = 1;
5288 wpa_s->parent = parent ? parent : wpa_s;
5289 wpa_s->p2pdev = wpa_s->parent;
5290 wpa_s->sched_scanning = 0;
5291 wpa_s->setband_mask = WPA_SETBAND_AUTO;
5292
5293 dl_list_init(&wpa_s->bss_tmp_disallowed);
5294 dl_list_init(&wpa_s->fils_hlp_req);
5295 #ifdef CONFIG_TESTING_OPTIONS
5296 dl_list_init(&wpa_s->drv_signal_override);
5297 #endif /* CONFIG_TESTING_OPTIONS */
5298 dl_list_init(&wpa_s->active_scs_ids);
5299
5300 return wpa_s;
5301 }
5302
5303
5304 #ifdef CONFIG_HT_OVERRIDES
5305
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)5306 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
5307 struct ieee80211_ht_capabilities *htcaps,
5308 struct ieee80211_ht_capabilities *htcaps_mask,
5309 const char *ht_mcs)
5310 {
5311 /* parse ht_mcs into hex array */
5312 int i;
5313 const char *tmp = ht_mcs;
5314 char *end = NULL;
5315
5316 /* If ht_mcs is null, do not set anything */
5317 if (!ht_mcs)
5318 return 0;
5319
5320 /* This is what we are setting in the kernel */
5321 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
5322
5323 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
5324
5325 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
5326 long v;
5327
5328 errno = 0;
5329 v = strtol(tmp, &end, 16);
5330
5331 if (errno == 0) {
5332 wpa_msg(wpa_s, MSG_DEBUG,
5333 "htcap value[%i]: %ld end: %p tmp: %p",
5334 i, v, end, tmp);
5335 if (end == tmp)
5336 break;
5337
5338 htcaps->supported_mcs_set[i] = v;
5339 tmp = end;
5340 } else {
5341 wpa_msg(wpa_s, MSG_ERROR,
5342 "Failed to parse ht-mcs: %s, error: %s\n",
5343 ht_mcs, strerror(errno));
5344 return -1;
5345 }
5346 }
5347
5348 /*
5349 * If we were able to parse any values, then set mask for the MCS set.
5350 */
5351 if (i) {
5352 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
5353 IEEE80211_HT_MCS_MASK_LEN - 1);
5354 /* skip the 3 reserved bits */
5355 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
5356 0x1f;
5357 }
5358
5359 return 0;
5360 }
5361
5362
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5363 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
5364 struct ieee80211_ht_capabilities *htcaps,
5365 struct ieee80211_ht_capabilities *htcaps_mask,
5366 int disabled)
5367 {
5368 le16 msk;
5369
5370 if (disabled == -1)
5371 return 0;
5372
5373 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
5374
5375 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
5376 htcaps_mask->ht_capabilities_info |= msk;
5377 if (disabled)
5378 htcaps->ht_capabilities_info &= msk;
5379 else
5380 htcaps->ht_capabilities_info |= msk;
5381
5382 return 0;
5383 }
5384
5385
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)5386 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
5387 struct ieee80211_ht_capabilities *htcaps,
5388 struct ieee80211_ht_capabilities *htcaps_mask,
5389 int factor)
5390 {
5391 if (factor == -1)
5392 return 0;
5393
5394 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
5395
5396 if (factor < 0 || factor > 3) {
5397 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
5398 "Must be 0-3 or -1", factor);
5399 return -EINVAL;
5400 }
5401
5402 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
5403 htcaps->a_mpdu_params &= ~0x3;
5404 htcaps->a_mpdu_params |= factor & 0x3;
5405
5406 return 0;
5407 }
5408
5409
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)5410 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
5411 struct ieee80211_ht_capabilities *htcaps,
5412 struct ieee80211_ht_capabilities *htcaps_mask,
5413 int density)
5414 {
5415 if (density == -1)
5416 return 0;
5417
5418 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
5419
5420 if (density < 0 || density > 7) {
5421 wpa_msg(wpa_s, MSG_ERROR,
5422 "ampdu_density: %d out of range. Must be 0-7 or -1.",
5423 density);
5424 return -EINVAL;
5425 }
5426
5427 htcaps_mask->a_mpdu_params |= 0x1C;
5428 htcaps->a_mpdu_params &= ~(0x1C);
5429 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
5430
5431 return 0;
5432 }
5433
5434
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5435 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
5436 struct ieee80211_ht_capabilities *htcaps,
5437 struct ieee80211_ht_capabilities *htcaps_mask,
5438 int disabled)
5439 {
5440 if (disabled)
5441 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
5442
5443 set_disable_ht40(htcaps, disabled);
5444 set_disable_ht40(htcaps_mask, 0);
5445
5446 return 0;
5447 }
5448
5449
wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5450 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
5451 struct ieee80211_ht_capabilities *htcaps,
5452 struct ieee80211_ht_capabilities *htcaps_mask,
5453 int disabled)
5454 {
5455 /* Masking these out disables SGI */
5456 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
5457 HT_CAP_INFO_SHORT_GI40MHZ);
5458
5459 if (disabled)
5460 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
5461
5462 if (disabled)
5463 htcaps->ht_capabilities_info &= ~msk;
5464 else
5465 htcaps->ht_capabilities_info |= msk;
5466
5467 htcaps_mask->ht_capabilities_info |= msk;
5468
5469 return 0;
5470 }
5471
5472
wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5473 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5474 struct ieee80211_ht_capabilities *htcaps,
5475 struct ieee80211_ht_capabilities *htcaps_mask,
5476 int disabled)
5477 {
5478 /* Masking these out disables LDPC */
5479 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
5480
5481 if (disabled)
5482 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
5483
5484 if (disabled)
5485 htcaps->ht_capabilities_info &= ~msk;
5486 else
5487 htcaps->ht_capabilities_info |= msk;
5488
5489 htcaps_mask->ht_capabilities_info |= msk;
5490
5491 return 0;
5492 }
5493
5494
wpa_set_tx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int tx_stbc)5495 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5496 struct ieee80211_ht_capabilities *htcaps,
5497 struct ieee80211_ht_capabilities *htcaps_mask,
5498 int tx_stbc)
5499 {
5500 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5501
5502 if (tx_stbc == -1)
5503 return 0;
5504
5505 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5506
5507 if (tx_stbc < 0 || tx_stbc > 1) {
5508 wpa_msg(wpa_s, MSG_ERROR,
5509 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5510 return -EINVAL;
5511 }
5512
5513 htcaps_mask->ht_capabilities_info |= msk;
5514 htcaps->ht_capabilities_info &= ~msk;
5515 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5516
5517 return 0;
5518 }
5519
5520
wpa_set_rx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int rx_stbc)5521 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5522 struct ieee80211_ht_capabilities *htcaps,
5523 struct ieee80211_ht_capabilities *htcaps_mask,
5524 int rx_stbc)
5525 {
5526 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5527
5528 if (rx_stbc == -1)
5529 return 0;
5530
5531 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5532
5533 if (rx_stbc < 0 || rx_stbc > 3) {
5534 wpa_msg(wpa_s, MSG_ERROR,
5535 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5536 return -EINVAL;
5537 }
5538
5539 htcaps_mask->ht_capabilities_info |= msk;
5540 htcaps->ht_capabilities_info &= ~msk;
5541 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5542
5543 return 0;
5544 }
5545
5546
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5547 void wpa_supplicant_apply_ht_overrides(
5548 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5549 struct wpa_driver_associate_params *params)
5550 {
5551 struct ieee80211_ht_capabilities *htcaps;
5552 struct ieee80211_ht_capabilities *htcaps_mask;
5553
5554 if (!ssid)
5555 return;
5556
5557 params->disable_ht = ssid->disable_ht;
5558 if (!params->htcaps || !params->htcaps_mask)
5559 return;
5560
5561 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5562 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5563 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5564 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5565 ssid->disable_max_amsdu);
5566 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5567 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5568 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
5569 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
5570 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
5571 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5572 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
5573
5574 if (ssid->ht40_intolerant) {
5575 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
5576 htcaps->ht_capabilities_info |= bit;
5577 htcaps_mask->ht_capabilities_info |= bit;
5578 }
5579 }
5580
5581 #endif /* CONFIG_HT_OVERRIDES */
5582
5583
5584 #ifdef CONFIG_VHT_OVERRIDES
wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5585 void wpa_supplicant_apply_vht_overrides(
5586 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5587 struct wpa_driver_associate_params *params)
5588 {
5589 struct ieee80211_vht_capabilities *vhtcaps;
5590 struct ieee80211_vht_capabilities *vhtcaps_mask;
5591
5592 if (!ssid)
5593 return;
5594
5595 params->disable_vht = ssid->disable_vht;
5596
5597 vhtcaps = (void *) params->vhtcaps;
5598 vhtcaps_mask = (void *) params->vhtcaps_mask;
5599
5600 if (!vhtcaps || !vhtcaps_mask)
5601 return;
5602
5603 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5604 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
5605
5606 #ifdef CONFIG_HT_OVERRIDES
5607 if (ssid->disable_sgi) {
5608 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5609 VHT_CAP_SHORT_GI_160);
5610 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5611 VHT_CAP_SHORT_GI_160);
5612 wpa_msg(wpa_s, MSG_DEBUG,
5613 "disable-sgi override specified, vht-caps: 0x%x",
5614 vhtcaps->vht_capabilities_info);
5615 }
5616
5617 /* if max ampdu is <= 3, we have to make the HT cap the same */
5618 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5619 int max_ampdu;
5620
5621 max_ampdu = (ssid->vht_capa &
5622 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5623 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
5624
5625 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5626 wpa_set_ampdu_factor(wpa_s,
5627 (void *) params->htcaps,
5628 (void *) params->htcaps_mask,
5629 max_ampdu);
5630 }
5631 #endif /* CONFIG_HT_OVERRIDES */
5632
5633 #define OVERRIDE_MCS(i) \
5634 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5635 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
5636 host_to_le16(3 << 2 * (i - 1)); \
5637 vhtcaps->vht_supported_mcs_set.tx_map |= \
5638 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5639 2 * (i - 1)); \
5640 } \
5641 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5642 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
5643 host_to_le16(3 << 2 * (i - 1)); \
5644 vhtcaps->vht_supported_mcs_set.rx_map |= \
5645 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5646 2 * (i - 1)); \
5647 }
5648
5649 OVERRIDE_MCS(1);
5650 OVERRIDE_MCS(2);
5651 OVERRIDE_MCS(3);
5652 OVERRIDE_MCS(4);
5653 OVERRIDE_MCS(5);
5654 OVERRIDE_MCS(6);
5655 OVERRIDE_MCS(7);
5656 OVERRIDE_MCS(8);
5657 }
5658 #endif /* CONFIG_VHT_OVERRIDES */
5659
5660
5661 #ifdef CONFIG_HE_OVERRIDES
wpa_supplicant_apply_he_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5662 void wpa_supplicant_apply_he_overrides(
5663 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5664 struct wpa_driver_associate_params *params)
5665 {
5666 if (!ssid)
5667 return;
5668
5669 params->disable_he = ssid->disable_he;
5670 }
5671 #endif /* CONFIG_HE_OVERRIDES */
5672
5673
pcsc_reader_init(struct wpa_supplicant * wpa_s)5674 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5675 {
5676 #ifdef PCSC_FUNCS
5677 size_t len;
5678
5679 if (!wpa_s->conf->pcsc_reader)
5680 return 0;
5681
5682 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
5683 if (!wpa_s->scard)
5684 return 1;
5685
5686 if (wpa_s->conf->pcsc_pin &&
5687 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5688 scard_deinit(wpa_s->scard);
5689 wpa_s->scard = NULL;
5690 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5691 return -1;
5692 }
5693
5694 len = sizeof(wpa_s->imsi) - 1;
5695 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5696 scard_deinit(wpa_s->scard);
5697 wpa_s->scard = NULL;
5698 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5699 return -1;
5700 }
5701 wpa_s->imsi[len] = '\0';
5702
5703 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5704
5705 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5706 wpa_s->imsi, wpa_s->mnc_len);
5707
5708 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5709 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5710 #endif /* PCSC_FUNCS */
5711
5712 return 0;
5713 }
5714
5715
wpas_init_ext_pw(struct wpa_supplicant * wpa_s)5716 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5717 {
5718 char *val, *pos;
5719
5720 ext_password_deinit(wpa_s->ext_pw);
5721 wpa_s->ext_pw = NULL;
5722 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5723
5724 if (!wpa_s->conf->ext_password_backend)
5725 return 0;
5726
5727 val = os_strdup(wpa_s->conf->ext_password_backend);
5728 if (val == NULL)
5729 return -1;
5730 pos = os_strchr(val, ':');
5731 if (pos)
5732 *pos++ = '\0';
5733
5734 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5735
5736 wpa_s->ext_pw = ext_password_init(val, pos);
5737 os_free(val);
5738 if (wpa_s->ext_pw == NULL) {
5739 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5740 return -1;
5741 }
5742 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5743
5744 return 0;
5745 }
5746
5747
5748 #ifdef CONFIG_FST
5749
wpas_fst_get_bssid_cb(void * ctx)5750 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5751 {
5752 struct wpa_supplicant *wpa_s = ctx;
5753
5754 return (is_zero_ether_addr(wpa_s->bssid) ||
5755 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5756 }
5757
5758
wpas_fst_get_channel_info_cb(void * ctx,enum hostapd_hw_mode * hw_mode,u8 * channel)5759 static void wpas_fst_get_channel_info_cb(void *ctx,
5760 enum hostapd_hw_mode *hw_mode,
5761 u8 *channel)
5762 {
5763 struct wpa_supplicant *wpa_s = ctx;
5764
5765 if (wpa_s->current_bss) {
5766 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5767 channel);
5768 } else if (wpa_s->hw.num_modes) {
5769 *hw_mode = wpa_s->hw.modes[0].mode;
5770 } else {
5771 WPA_ASSERT(0);
5772 *hw_mode = 0;
5773 }
5774 }
5775
5776
wpas_fst_get_hw_modes(void * ctx,struct hostapd_hw_modes ** modes)5777 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5778 {
5779 struct wpa_supplicant *wpa_s = ctx;
5780
5781 *modes = wpa_s->hw.modes;
5782 return wpa_s->hw.num_modes;
5783 }
5784
5785
wpas_fst_set_ies_cb(void * ctx,const struct wpabuf * fst_ies)5786 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
5787 {
5788 struct wpa_supplicant *wpa_s = ctx;
5789
5790 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
5791 wpa_s->fst_ies = fst_ies;
5792 }
5793
5794
wpas_fst_send_action_cb(void * ctx,const u8 * da,struct wpabuf * data)5795 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5796 {
5797 struct wpa_supplicant *wpa_s = ctx;
5798
5799 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5800 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5801 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5802 return -1;
5803 }
5804 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5805 wpa_s->own_addr, wpa_s->bssid,
5806 wpabuf_head(data), wpabuf_len(data),
5807 0);
5808 }
5809
5810
wpas_fst_get_mb_ie_cb(void * ctx,const u8 * addr)5811 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
5812 {
5813 struct wpa_supplicant *wpa_s = ctx;
5814
5815 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5816 return wpa_s->received_mb_ies;
5817 }
5818
5819
wpas_fst_update_mb_ie_cb(void * ctx,const u8 * addr,const u8 * buf,size_t size)5820 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5821 const u8 *buf, size_t size)
5822 {
5823 struct wpa_supplicant *wpa_s = ctx;
5824 struct mb_ies_info info;
5825
5826 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5827
5828 if (!mb_ies_info_by_ies(&info, buf, size)) {
5829 wpabuf_free(wpa_s->received_mb_ies);
5830 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5831 }
5832 }
5833
5834
wpas_fst_get_peer_first(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)5835 static const u8 * wpas_fst_get_peer_first(void *ctx,
5836 struct fst_get_peer_ctx **get_ctx,
5837 bool mb_only)
5838 {
5839 struct wpa_supplicant *wpa_s = ctx;
5840
5841 *get_ctx = NULL;
5842 if (!is_zero_ether_addr(wpa_s->bssid))
5843 return (wpa_s->received_mb_ies || !mb_only) ?
5844 wpa_s->bssid : NULL;
5845 return NULL;
5846 }
5847
5848
wpas_fst_get_peer_next(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)5849 static const u8 * wpas_fst_get_peer_next(void *ctx,
5850 struct fst_get_peer_ctx **get_ctx,
5851 bool mb_only)
5852 {
5853 return NULL;
5854 }
5855
fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant * wpa_s,struct fst_wpa_obj * iface_obj)5856 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5857 struct fst_wpa_obj *iface_obj)
5858 {
5859 iface_obj->ctx = wpa_s;
5860 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5861 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5862 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5863 iface_obj->set_ies = wpas_fst_set_ies_cb;
5864 iface_obj->send_action = wpas_fst_send_action_cb;
5865 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5866 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5867 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5868 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5869 }
5870 #endif /* CONFIG_FST */
5871
wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)5872 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
5873 const struct wpa_driver_capa *capa)
5874 {
5875 struct wowlan_triggers *triggers;
5876 int ret = 0;
5877
5878 if (!wpa_s->conf->wowlan_triggers)
5879 return 0;
5880
5881 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5882 if (triggers) {
5883 ret = wpa_drv_wowlan(wpa_s, triggers);
5884 os_free(triggers);
5885 }
5886 return ret;
5887 }
5888
5889
wpas_freq_to_band(int freq)5890 enum wpa_radio_work_band wpas_freq_to_band(int freq)
5891 {
5892 if (freq < 3000)
5893 return BAND_2_4_GHZ;
5894 if (freq > 50000)
5895 return BAND_60_GHZ;
5896 return BAND_5_GHZ;
5897 }
5898
5899
wpas_get_bands(struct wpa_supplicant * wpa_s,const int * freqs)5900 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
5901 {
5902 int i;
5903 unsigned int band = 0;
5904
5905 if (freqs) {
5906 /* freqs are specified for the radio work */
5907 for (i = 0; freqs[i]; i++)
5908 band |= wpas_freq_to_band(freqs[i]);
5909 } else {
5910 /*
5911 * freqs are not specified, implies all
5912 * the supported freqs by HW
5913 */
5914 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5915 if (wpa_s->hw.modes[i].num_channels != 0) {
5916 if (wpa_s->hw.modes[i].mode ==
5917 HOSTAPD_MODE_IEEE80211B ||
5918 wpa_s->hw.modes[i].mode ==
5919 HOSTAPD_MODE_IEEE80211G)
5920 band |= BAND_2_4_GHZ;
5921 else if (wpa_s->hw.modes[i].mode ==
5922 HOSTAPD_MODE_IEEE80211A)
5923 band |= BAND_5_GHZ;
5924 else if (wpa_s->hw.modes[i].mode ==
5925 HOSTAPD_MODE_IEEE80211AD)
5926 band |= BAND_60_GHZ;
5927 else if (wpa_s->hw.modes[i].mode ==
5928 HOSTAPD_MODE_IEEE80211ANY)
5929 band = BAND_2_4_GHZ | BAND_5_GHZ |
5930 BAND_60_GHZ;
5931 }
5932 }
5933 }
5934
5935 return band;
5936 }
5937
5938
radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)5939 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5940 const char *rn)
5941 {
5942 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5943 struct wpa_radio *radio;
5944
5945 while (rn && iface) {
5946 radio = iface->radio;
5947 if (radio && os_strcmp(rn, radio->name) == 0) {
5948 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5949 wpa_s->ifname, rn);
5950 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5951 return radio;
5952 }
5953
5954 iface = iface->next;
5955 }
5956
5957 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5958 wpa_s->ifname, rn ? rn : "N/A");
5959 radio = os_zalloc(sizeof(*radio));
5960 if (radio == NULL)
5961 return NULL;
5962
5963 if (rn)
5964 os_strlcpy(radio->name, rn, sizeof(radio->name));
5965 dl_list_init(&radio->ifaces);
5966 dl_list_init(&radio->work);
5967 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5968
5969 return radio;
5970 }
5971
5972
radio_work_free(struct wpa_radio_work * work)5973 static void radio_work_free(struct wpa_radio_work *work)
5974 {
5975 if (work->wpa_s->scan_work == work) {
5976 /* This should not really happen. */
5977 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5978 work->type, work, work->started);
5979 work->wpa_s->scan_work = NULL;
5980 }
5981
5982 #ifdef CONFIG_P2P
5983 if (work->wpa_s->p2p_scan_work == work) {
5984 /* This should not really happen. */
5985 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5986 work->type, work, work->started);
5987 work->wpa_s->p2p_scan_work = NULL;
5988 }
5989 #endif /* CONFIG_P2P */
5990
5991 if (work->started) {
5992 work->wpa_s->radio->num_active_works--;
5993 wpa_dbg(work->wpa_s, MSG_DEBUG,
5994 "radio_work_free('%s'@%p): num_active_works --> %u",
5995 work->type, work,
5996 work->wpa_s->radio->num_active_works);
5997 }
5998
5999 dl_list_del(&work->list);
6000 os_free(work);
6001 }
6002
6003
radio_work_is_connect(struct wpa_radio_work * work)6004 static int radio_work_is_connect(struct wpa_radio_work *work)
6005 {
6006 return os_strcmp(work->type, "sme-connect") == 0 ||
6007 os_strcmp(work->type, "connect") == 0;
6008 }
6009
6010
radio_work_is_scan(struct wpa_radio_work * work)6011 static int radio_work_is_scan(struct wpa_radio_work *work)
6012 {
6013 return os_strcmp(work->type, "scan") == 0 ||
6014 os_strcmp(work->type, "p2p-scan") == 0;
6015 }
6016
6017
radio_work_get_next_work(struct wpa_radio * radio)6018 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
6019 {
6020 struct wpa_radio_work *active_work = NULL;
6021 struct wpa_radio_work *tmp;
6022
6023 /* Get the active work to know the type and band. */
6024 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6025 if (tmp->started) {
6026 active_work = tmp;
6027 break;
6028 }
6029 }
6030
6031 if (!active_work) {
6032 /* No active work, start one */
6033 radio->num_active_works = 0;
6034 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
6035 list) {
6036 if (os_strcmp(tmp->type, "scan") == 0 &&
6037 external_scan_running(radio) &&
6038 (((struct wpa_driver_scan_params *)
6039 tmp->ctx)->only_new_results ||
6040 tmp->wpa_s->clear_driver_scan_cache))
6041 continue;
6042 return tmp;
6043 }
6044 return NULL;
6045 }
6046
6047 if (radio_work_is_connect(active_work)) {
6048 /*
6049 * If the active work is either connect or sme-connect,
6050 * do not parallelize them with other radio works.
6051 */
6052 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6053 "Do not parallelize radio work with %s",
6054 active_work->type);
6055 return NULL;
6056 }
6057
6058 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6059 if (tmp->started)
6060 continue;
6061
6062 /*
6063 * If connect or sme-connect are enqueued, parallelize only
6064 * those operations ahead of them in the queue.
6065 */
6066 if (radio_work_is_connect(tmp))
6067 break;
6068
6069 /* Serialize parallel scan and p2p_scan operations on the same
6070 * interface since the driver_nl80211 mechanism for tracking
6071 * scan cookies does not yet have support for this. */
6072 if (active_work->wpa_s == tmp->wpa_s &&
6073 radio_work_is_scan(active_work) &&
6074 radio_work_is_scan(tmp)) {
6075 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6076 "Do not start work '%s' when another work '%s' is already scheduled",
6077 tmp->type, active_work->type);
6078 continue;
6079 }
6080 /*
6081 * Check that the radio works are distinct and
6082 * on different bands.
6083 */
6084 if (os_strcmp(active_work->type, tmp->type) != 0 &&
6085 (active_work->bands != tmp->bands)) {
6086 /*
6087 * If a scan has to be scheduled through nl80211 scan
6088 * interface and if an external scan is already running,
6089 * do not schedule the scan since it is likely to get
6090 * rejected by kernel.
6091 */
6092 if (os_strcmp(tmp->type, "scan") == 0 &&
6093 external_scan_running(radio) &&
6094 (((struct wpa_driver_scan_params *)
6095 tmp->ctx)->only_new_results ||
6096 tmp->wpa_s->clear_driver_scan_cache))
6097 continue;
6098
6099 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6100 "active_work:%s new_work:%s",
6101 active_work->type, tmp->type);
6102 return tmp;
6103 }
6104 }
6105
6106 /* Did not find a radio work to schedule in parallel. */
6107 return NULL;
6108 }
6109
6110
radio_start_next_work(void * eloop_ctx,void * timeout_ctx)6111 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
6112 {
6113 struct wpa_radio *radio = eloop_ctx;
6114 struct wpa_radio_work *work;
6115 struct os_reltime now, diff;
6116 struct wpa_supplicant *wpa_s;
6117
6118 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
6119 if (work == NULL) {
6120 radio->num_active_works = 0;
6121 return;
6122 }
6123
6124 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
6125 radio_list);
6126
6127 if (!(wpa_s &&
6128 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
6129 if (work->started)
6130 return; /* already started and still in progress */
6131
6132 if (wpa_s && external_scan_running(wpa_s->radio)) {
6133 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
6134 return;
6135 }
6136 } else {
6137 work = NULL;
6138 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
6139 /* get the work to schedule next */
6140 work = radio_work_get_next_work(radio);
6141 }
6142 if (!work)
6143 return;
6144 }
6145
6146 wpa_s = work->wpa_s;
6147 os_get_reltime(&now);
6148 os_reltime_sub(&now, &work->time, &diff);
6149 wpa_dbg(wpa_s, MSG_DEBUG,
6150 "Starting radio work '%s'@%p after %ld.%06ld second wait",
6151 work->type, work, diff.sec, diff.usec);
6152 work->started = 1;
6153 work->time = now;
6154 radio->num_active_works++;
6155
6156 work->cb(work, 0);
6157
6158 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
6159 radio->num_active_works < MAX_ACTIVE_WORKS)
6160 radio_work_check_next(wpa_s);
6161 }
6162
6163
6164 /*
6165 * This function removes both started and pending radio works running on
6166 * the provided interface's radio.
6167 * Prior to the removal of the radio work, its callback (cb) is called with
6168 * deinit set to be 1. Each work's callback is responsible for clearing its
6169 * internal data and restoring to a correct state.
6170 * @wpa_s: wpa_supplicant data
6171 * @type: type of works to be removed
6172 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
6173 * this interface's works.
6174 */
radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)6175 void radio_remove_works(struct wpa_supplicant *wpa_s,
6176 const char *type, int remove_all)
6177 {
6178 struct wpa_radio_work *work, *tmp;
6179 struct wpa_radio *radio = wpa_s->radio;
6180
6181 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
6182 list) {
6183 if (type && os_strcmp(type, work->type) != 0)
6184 continue;
6185
6186 /* skip other ifaces' works */
6187 if (!remove_all && work->wpa_s != wpa_s)
6188 continue;
6189
6190 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
6191 work->type, work, work->started ? " (started)" : "");
6192 work->cb(work, 1);
6193 radio_work_free(work);
6194 }
6195
6196 /* in case we removed the started work */
6197 radio_work_check_next(wpa_s);
6198 }
6199
6200
radio_remove_pending_work(struct wpa_supplicant * wpa_s,void * ctx)6201 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
6202 {
6203 struct wpa_radio_work *work;
6204 struct wpa_radio *radio = wpa_s->radio;
6205
6206 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6207 if (work->ctx != ctx)
6208 continue;
6209 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
6210 work->type, work, work->started ? " (started)" : "");
6211 radio_work_free(work);
6212 break;
6213 }
6214 }
6215
6216
radio_remove_interface(struct wpa_supplicant * wpa_s)6217 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
6218 {
6219 struct wpa_radio *radio = wpa_s->radio;
6220
6221 if (!radio)
6222 return;
6223
6224 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
6225 wpa_s->ifname, radio->name);
6226 dl_list_del(&wpa_s->radio_list);
6227 radio_remove_works(wpa_s, NULL, 0);
6228 /* If the interface that triggered the external scan was removed, the
6229 * external scan is no longer running. */
6230 if (wpa_s == radio->external_scan_req_interface)
6231 radio->external_scan_req_interface = NULL;
6232 wpa_s->radio = NULL;
6233 if (!dl_list_empty(&radio->ifaces))
6234 return; /* Interfaces remain for this radio */
6235
6236 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
6237 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6238 os_free(radio);
6239 }
6240
6241
radio_work_check_next(struct wpa_supplicant * wpa_s)6242 void radio_work_check_next(struct wpa_supplicant *wpa_s)
6243 {
6244 struct wpa_radio *radio = wpa_s->radio;
6245
6246 if (dl_list_empty(&radio->work))
6247 return;
6248 if (wpa_s->ext_work_in_progress) {
6249 wpa_printf(MSG_DEBUG,
6250 "External radio work in progress - delay start of pending item");
6251 return;
6252 }
6253 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6254 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
6255 }
6256
6257
6258 /**
6259 * radio_add_work - Add a radio work item
6260 * @wpa_s: Pointer to wpa_supplicant data
6261 * @freq: Frequency of the offchannel operation in MHz or 0
6262 * @type: Unique identifier for each type of work
6263 * @next: Force as the next work to be executed
6264 * @cb: Callback function for indicating when radio is available
6265 * @ctx: Context pointer for the work (work->ctx in cb())
6266 * Returns: 0 on success, -1 on failure
6267 *
6268 * This function is used to request time for an operation that requires
6269 * exclusive radio control. Once the radio is available, the registered callback
6270 * function will be called. radio_work_done() must be called once the exclusive
6271 * radio operation has been completed, so that the radio is freed for other
6272 * operations. The special case of deinit=1 is used to free the context data
6273 * during interface removal. That does not allow the callback function to start
6274 * the radio operation, i.e., it must free any resources allocated for the radio
6275 * work and return.
6276 *
6277 * The @freq parameter can be used to indicate a single channel on which the
6278 * offchannel operation will occur. This may allow multiple radio work
6279 * operations to be performed in parallel if they apply for the same channel.
6280 * Setting this to 0 indicates that the work item may use multiple channels or
6281 * requires exclusive control of the radio.
6282 */
radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)6283 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
6284 const char *type, int next,
6285 void (*cb)(struct wpa_radio_work *work, int deinit),
6286 void *ctx)
6287 {
6288 struct wpa_radio *radio = wpa_s->radio;
6289 struct wpa_radio_work *work;
6290 int was_empty;
6291
6292 work = os_zalloc(sizeof(*work));
6293 if (work == NULL)
6294 return -1;
6295 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
6296 os_get_reltime(&work->time);
6297 work->freq = freq;
6298 work->type = type;
6299 work->wpa_s = wpa_s;
6300 work->cb = cb;
6301 work->ctx = ctx;
6302
6303 if (freq)
6304 work->bands = wpas_freq_to_band(freq);
6305 else if (os_strcmp(type, "scan") == 0 ||
6306 os_strcmp(type, "p2p-scan") == 0)
6307 work->bands = wpas_get_bands(wpa_s,
6308 ((struct wpa_driver_scan_params *)
6309 ctx)->freqs);
6310 else
6311 work->bands = wpas_get_bands(wpa_s, NULL);
6312
6313 was_empty = dl_list_empty(&wpa_s->radio->work);
6314 if (next)
6315 dl_list_add(&wpa_s->radio->work, &work->list);
6316 else
6317 dl_list_add_tail(&wpa_s->radio->work, &work->list);
6318 if (was_empty) {
6319 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
6320 radio_work_check_next(wpa_s);
6321 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
6322 && radio->num_active_works < MAX_ACTIVE_WORKS) {
6323 wpa_dbg(wpa_s, MSG_DEBUG,
6324 "Try to schedule a radio work (num_active_works=%u)",
6325 radio->num_active_works);
6326 radio_work_check_next(wpa_s);
6327 }
6328
6329 return 0;
6330 }
6331
6332
6333 /**
6334 * radio_work_done - Indicate that a radio work item has been completed
6335 * @work: Completed work
6336 *
6337 * This function is called once the callback function registered with
6338 * radio_add_work() has completed its work.
6339 */
radio_work_done(struct wpa_radio_work * work)6340 void radio_work_done(struct wpa_radio_work *work)
6341 {
6342 struct wpa_supplicant *wpa_s = work->wpa_s;
6343 struct os_reltime now, diff;
6344 unsigned int started = work->started;
6345
6346 os_get_reltime(&now);
6347 os_reltime_sub(&now, &work->time, &diff);
6348 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
6349 work->type, work, started ? "done" : "canceled",
6350 diff.sec, diff.usec);
6351 radio_work_free(work);
6352 if (started)
6353 radio_work_check_next(wpa_s);
6354 }
6355
6356
6357 struct wpa_radio_work *
radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)6358 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
6359 {
6360 struct wpa_radio_work *work;
6361 struct wpa_radio *radio = wpa_s->radio;
6362
6363 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6364 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
6365 return work;
6366 }
6367
6368 return NULL;
6369 }
6370
6371
wpas_init_driver(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6372 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
6373 const struct wpa_interface *iface)
6374 {
6375 const char *ifname, *driver, *rn;
6376
6377 driver = iface->driver;
6378 next_driver:
6379 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
6380 return -1;
6381
6382 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
6383 if (wpa_s->drv_priv == NULL) {
6384 const char *pos;
6385 int level = MSG_ERROR;
6386
6387 pos = driver ? os_strchr(driver, ',') : NULL;
6388 if (pos) {
6389 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
6390 "driver interface - try next driver wrapper");
6391 driver = pos + 1;
6392 goto next_driver;
6393 }
6394
6395 #ifdef CONFIG_MATCH_IFACE
6396 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL)
6397 level = MSG_DEBUG;
6398 #endif /* CONFIG_MATCH_IFACE */
6399 wpa_msg(wpa_s, level, "Failed to initialize driver interface");
6400 return -1;
6401 }
6402 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
6403 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
6404 "driver_param '%s'", wpa_s->conf->driver_param);
6405 return -1;
6406 }
6407
6408 ifname = wpa_drv_get_ifname(wpa_s);
6409 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
6410 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
6411 "interface name with '%s'", ifname);
6412 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
6413 }
6414
6415 rn = wpa_driver_get_radio_name(wpa_s);
6416 if (rn && rn[0] == '\0')
6417 rn = NULL;
6418
6419 wpa_s->radio = radio_add_interface(wpa_s, rn);
6420 if (wpa_s->radio == NULL)
6421 return -1;
6422
6423 return 0;
6424 }
6425
6426
6427 #ifdef CONFIG_GAS_SERVER
6428
wpas_gas_server_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)6429 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
6430 unsigned int freq, const u8 *dst,
6431 const u8 *src, const u8 *bssid,
6432 const u8 *data, size_t data_len,
6433 enum offchannel_send_action_result result)
6434 {
6435 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
6436 " result=%s",
6437 freq, MAC2STR(dst),
6438 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
6439 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
6440 "FAILED"));
6441 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
6442 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
6443 }
6444
6445
wpas_gas_server_tx(void * ctx,int freq,const u8 * da,struct wpabuf * buf,unsigned int wait_time)6446 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
6447 struct wpabuf *buf, unsigned int wait_time)
6448 {
6449 struct wpa_supplicant *wpa_s = ctx;
6450 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
6451
6452 if (wait_time > wpa_s->max_remain_on_chan)
6453 wait_time = wpa_s->max_remain_on_chan;
6454
6455 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
6456 wpabuf_head(buf), wpabuf_len(buf),
6457 wait_time, wpas_gas_server_tx_status, 0);
6458 }
6459
6460 #endif /* CONFIG_GAS_SERVER */
6461
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6462 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
6463 const struct wpa_interface *iface)
6464 {
6465 struct wpa_driver_capa capa;
6466 int capa_res;
6467 u8 dfs_domain;
6468
6469 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
6470 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
6471 iface->confname ? iface->confname : "N/A",
6472 iface->driver ? iface->driver : "default",
6473 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
6474 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
6475
6476 if (iface->confname) {
6477 #ifdef CONFIG_BACKEND_FILE
6478 wpa_s->confname = os_rel2abs_path(iface->confname);
6479 if (wpa_s->confname == NULL) {
6480 wpa_printf(MSG_ERROR, "Failed to get absolute path "
6481 "for configuration file '%s'.",
6482 iface->confname);
6483 return -1;
6484 }
6485 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
6486 iface->confname, wpa_s->confname);
6487 #else /* CONFIG_BACKEND_FILE */
6488 wpa_s->confname = os_strdup(iface->confname);
6489 #endif /* CONFIG_BACKEND_FILE */
6490 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6491 if (wpa_s->conf == NULL) {
6492 wpa_printf(MSG_ERROR, "Failed to read or parse "
6493 "configuration '%s'.", wpa_s->confname);
6494 return -1;
6495 }
6496 wpa_s->confanother = os_rel2abs_path(iface->confanother);
6497 if (wpa_s->confanother &&
6498 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6499 wpa_printf(MSG_ERROR,
6500 "Failed to read or parse configuration '%s'.",
6501 wpa_s->confanother);
6502 return -1;
6503 }
6504
6505 /*
6506 * Override ctrl_interface and driver_param if set on command
6507 * line.
6508 */
6509 if (iface->ctrl_interface) {
6510 os_free(wpa_s->conf->ctrl_interface);
6511 wpa_s->conf->ctrl_interface =
6512 os_strdup(iface->ctrl_interface);
6513 }
6514
6515 if (iface->driver_param) {
6516 os_free(wpa_s->conf->driver_param);
6517 wpa_s->conf->driver_param =
6518 os_strdup(iface->driver_param);
6519 }
6520
6521 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6522 os_free(wpa_s->conf->ctrl_interface);
6523 wpa_s->conf->ctrl_interface = NULL;
6524 }
6525 } else
6526 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6527 iface->driver_param);
6528
6529 if (wpa_s->conf == NULL) {
6530 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6531 return -1;
6532 }
6533
6534 if (iface->ifname == NULL) {
6535 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6536 return -1;
6537 }
6538 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6539 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6540 iface->ifname);
6541 return -1;
6542 }
6543 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6544 #ifdef CONFIG_MATCH_IFACE
6545 wpa_s->matched = iface->matched;
6546 #endif /* CONFIG_MATCH_IFACE */
6547
6548 if (iface->bridge_ifname) {
6549 if (os_strlen(iface->bridge_ifname) >=
6550 sizeof(wpa_s->bridge_ifname)) {
6551 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6552 "name '%s'.", iface->bridge_ifname);
6553 return -1;
6554 }
6555 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6556 sizeof(wpa_s->bridge_ifname));
6557 }
6558
6559 /* RSNA Supplicant Key Management - INITIALIZE */
6560 eapol_sm_notify_portEnabled(wpa_s->eapol, false);
6561 eapol_sm_notify_portValid(wpa_s->eapol, false);
6562
6563 /* Initialize driver interface and register driver event handler before
6564 * L2 receive handler so that association events are processed before
6565 * EAPOL-Key packets if both become available for the same select()
6566 * call. */
6567 if (wpas_init_driver(wpa_s, iface) < 0)
6568 return -1;
6569
6570 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6571 return -1;
6572
6573 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6574 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6575 NULL);
6576 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6577
6578 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6579 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6580 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
6581 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6582 "dot11RSNAConfigPMKLifetime");
6583 return -1;
6584 }
6585
6586 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6587 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6588 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
6589 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6590 "dot11RSNAConfigPMKReauthThreshold");
6591 return -1;
6592 }
6593
6594 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6595 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6596 wpa_s->conf->dot11RSNAConfigSATimeout)) {
6597 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6598 "dot11RSNAConfigSATimeout");
6599 return -1;
6600 }
6601
6602 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6603 &wpa_s->hw.num_modes,
6604 &wpa_s->hw.flags,
6605 &dfs_domain);
6606 if (wpa_s->hw.modes) {
6607 u16 i;
6608
6609 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6610 if (wpa_s->hw.modes[i].vht_capab) {
6611 wpa_s->hw_capab = CAPAB_VHT;
6612 break;
6613 }
6614
6615 if (wpa_s->hw.modes[i].ht_capab &
6616 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6617 wpa_s->hw_capab = CAPAB_HT40;
6618 else if (wpa_s->hw.modes[i].ht_capab &&
6619 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6620 wpa_s->hw_capab = CAPAB_HT;
6621 }
6622 }
6623
6624 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6625 if (capa_res == 0) {
6626 wpa_s->drv_capa_known = 1;
6627 wpa_s->drv_flags = capa.flags;
6628 wpa_s->drv_flags2 = capa.flags2;
6629 wpa_s->drv_enc = capa.enc;
6630 wpa_s->drv_rrm_flags = capa.rrm_flags;
6631 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
6632 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6633 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
6634 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6635 wpa_s->max_sched_scan_plan_interval =
6636 capa.max_sched_scan_plan_interval;
6637 wpa_s->max_sched_scan_plan_iterations =
6638 capa.max_sched_scan_plan_iterations;
6639 wpa_s->sched_scan_supported = capa.sched_scan_supported;
6640 wpa_s->max_match_sets = capa.max_match_sets;
6641 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
6642 wpa_s->max_stations = capa.max_stations;
6643 wpa_s->extended_capa = capa.extended_capa;
6644 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6645 wpa_s->extended_capa_len = capa.extended_capa_len;
6646 wpa_s->num_multichan_concurrent =
6647 capa.num_multichan_concurrent;
6648 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
6649
6650 if (capa.mac_addr_rand_scan_supported)
6651 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6652 if (wpa_s->sched_scan_supported &&
6653 capa.mac_addr_rand_sched_scan_supported)
6654 wpa_s->mac_addr_rand_supported |=
6655 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
6656
6657 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6658 if (wpa_s->extended_capa &&
6659 wpa_s->extended_capa_len >= 3 &&
6660 wpa_s->extended_capa[2] & 0x40)
6661 wpa_s->multi_bss_support = 1;
6662 }
6663 if (wpa_s->max_remain_on_chan == 0)
6664 wpa_s->max_remain_on_chan = 1000;
6665
6666 /*
6667 * Only take p2p_mgmt parameters when P2P Device is supported.
6668 * Doing it here as it determines whether l2_packet_init() will be done
6669 * during wpa_supplicant_driver_init().
6670 */
6671 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6672 wpa_s->p2p_mgmt = iface->p2p_mgmt;
6673
6674 if (wpa_s->num_multichan_concurrent == 0)
6675 wpa_s->num_multichan_concurrent = 1;
6676
6677 if (wpa_supplicant_driver_init(wpa_s) < 0)
6678 return -1;
6679
6680 #ifdef CONFIG_TDLS
6681 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
6682 return -1;
6683 #endif /* CONFIG_TDLS */
6684
6685 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6686 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6687 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6688 return -1;
6689 }
6690
6691 #ifdef CONFIG_FST
6692 if (wpa_s->conf->fst_group_id) {
6693 struct fst_iface_cfg cfg;
6694 struct fst_wpa_obj iface_obj;
6695
6696 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6697 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6698 sizeof(cfg.group_id));
6699 cfg.priority = wpa_s->conf->fst_priority;
6700 cfg.llt = wpa_s->conf->fst_llt;
6701
6702 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6703 &iface_obj, &cfg);
6704 if (!wpa_s->fst) {
6705 wpa_msg(wpa_s, MSG_ERROR,
6706 "FST: Cannot attach iface %s to group %s",
6707 wpa_s->ifname, cfg.group_id);
6708 return -1;
6709 }
6710 }
6711 #endif /* CONFIG_FST */
6712
6713 if (wpas_wps_init(wpa_s))
6714 return -1;
6715
6716 #ifdef CONFIG_GAS_SERVER
6717 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6718 if (!wpa_s->gas_server) {
6719 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6720 return -1;
6721 }
6722 #endif /* CONFIG_GAS_SERVER */
6723
6724 #ifdef CONFIG_DPP
6725 if (wpas_dpp_init(wpa_s) < 0)
6726 return -1;
6727 #endif /* CONFIG_DPP */
6728
6729 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6730 return -1;
6731 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6732
6733 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6734 if (wpa_s->ctrl_iface == NULL) {
6735 wpa_printf(MSG_ERROR,
6736 "Failed to initialize control interface '%s'.\n"
6737 "You may have another wpa_supplicant process "
6738 "already running or the file was\n"
6739 "left by an unclean termination of wpa_supplicant "
6740 "in which case you will need\n"
6741 "to manually remove this file before starting "
6742 "wpa_supplicant again.\n",
6743 wpa_s->conf->ctrl_interface);
6744 return -1;
6745 }
6746
6747 wpa_s->gas = gas_query_init(wpa_s);
6748 if (wpa_s->gas == NULL) {
6749 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6750 return -1;
6751 }
6752
6753 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6754 wpa_s->p2p_mgmt) &&
6755 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
6756 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
6757 return -1;
6758 }
6759
6760 if (wpa_bss_init(wpa_s) < 0)
6761 return -1;
6762
6763 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6764 #ifdef CONFIG_MESH
6765 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6766 #endif /* CONFIG_MESH */
6767 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6768
6769 /*
6770 * Set Wake-on-WLAN triggers, if configured.
6771 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6772 * have effect anyway when the interface is down).
6773 */
6774 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6775 return -1;
6776
6777 #ifdef CONFIG_EAP_PROXY
6778 {
6779 size_t len;
6780 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6781 wpa_s->imsi, &len);
6782 if (wpa_s->mnc_len > 0) {
6783 wpa_s->imsi[len] = '\0';
6784 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6785 wpa_s->imsi, wpa_s->mnc_len);
6786 } else {
6787 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6788 }
6789 }
6790 #endif /* CONFIG_EAP_PROXY */
6791
6792 if (pcsc_reader_init(wpa_s) < 0)
6793 return -1;
6794
6795 if (wpas_init_ext_pw(wpa_s) < 0)
6796 return -1;
6797
6798 wpas_rrm_reset(wpa_s);
6799
6800 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6801
6802 #ifdef CONFIG_HS20
6803 hs20_init(wpa_s);
6804 #endif /* CONFIG_HS20 */
6805 #ifdef CONFIG_MBO
6806 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
6807 if ((wpa_s->conf->oce & OCE_STA) &&
6808 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6809 wpa_s->enable_oce = OCE_STA;
6810 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6811 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6812 /* TODO: Need to add STA-CFON support */
6813 wpa_printf(MSG_ERROR,
6814 "OCE STA-CFON feature is not yet supported");
6815 }
6816 }
6817 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6818 #endif /* CONFIG_MBO */
6819
6820 wpa_supplicant_set_default_scan_ies(wpa_s);
6821
6822 return 0;
6823 }
6824
6825
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)6826 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
6827 int notify, int terminate)
6828 {
6829 struct wpa_global *global = wpa_s->global;
6830 struct wpa_supplicant *iface, *prev;
6831
6832 if (wpa_s == wpa_s->parent)
6833 wpas_p2p_group_remove(wpa_s, "*");
6834
6835 iface = global->ifaces;
6836 while (iface) {
6837 if (iface->p2pdev == wpa_s)
6838 iface->p2pdev = iface->parent;
6839 if (iface == wpa_s || iface->parent != wpa_s) {
6840 iface = iface->next;
6841 continue;
6842 }
6843 wpa_printf(MSG_DEBUG,
6844 "Remove remaining child interface %s from parent %s",
6845 iface->ifname, wpa_s->ifname);
6846 prev = iface;
6847 iface = iface->next;
6848 wpa_supplicant_remove_iface(global, prev, terminate);
6849 }
6850
6851 wpa_s->disconnected = 1;
6852 if (wpa_s->drv_priv) {
6853 /*
6854 * Don't deauthenticate if WoWLAN is enable and not explicitly
6855 * been configured to disconnect.
6856 */
6857 if (!wpa_drv_get_wowlan(wpa_s) ||
6858 wpa_s->conf->wowlan_disconnect_on_deinit) {
6859 wpa_supplicant_deauthenticate(
6860 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6861
6862 wpa_drv_set_countermeasures(wpa_s, 0);
6863 wpa_clear_keys(wpa_s, NULL);
6864 } else {
6865 wpa_msg(wpa_s, MSG_INFO,
6866 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6867 }
6868 }
6869
6870 wpa_supplicant_cleanup(wpa_s);
6871 wpas_p2p_deinit_iface(wpa_s);
6872
6873 wpas_ctrl_radio_work_flush(wpa_s);
6874 radio_remove_interface(wpa_s);
6875
6876 #ifdef CONFIG_FST
6877 if (wpa_s->fst) {
6878 fst_detach(wpa_s->fst);
6879 wpa_s->fst = NULL;
6880 }
6881 if (wpa_s->received_mb_ies) {
6882 wpabuf_free(wpa_s->received_mb_ies);
6883 wpa_s->received_mb_ies = NULL;
6884 }
6885 #endif /* CONFIG_FST */
6886
6887 if (wpa_s->drv_priv)
6888 wpa_drv_deinit(wpa_s);
6889
6890 if (notify)
6891 wpas_notify_iface_removed(wpa_s);
6892
6893 if (terminate)
6894 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6895
6896 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
6897 wpa_s->ctrl_iface = NULL;
6898
6899 #ifdef CONFIG_MESH
6900 if (wpa_s->ifmsh) {
6901 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true);
6902 wpa_s->ifmsh = NULL;
6903 }
6904 #endif /* CONFIG_MESH */
6905
6906 if (wpa_s->conf != NULL) {
6907 wpa_config_free(wpa_s->conf);
6908 wpa_s->conf = NULL;
6909 }
6910
6911 os_free(wpa_s->ssids_from_scan_req);
6912 os_free(wpa_s->last_scan_freqs);
6913
6914 os_free(wpa_s);
6915 }
6916
6917
6918 #ifdef CONFIG_MATCH_IFACE
6919
6920 /**
6921 * wpa_supplicant_match_iface - Match an interface description to a name
6922 * @global: Pointer to global data from wpa_supplicant_init()
6923 * @ifname: Name of the interface to match
6924 * Returns: Pointer to the created interface description or %NULL on failure
6925 */
wpa_supplicant_match_iface(struct wpa_global * global,const char * ifname)6926 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6927 const char *ifname)
6928 {
6929 int i;
6930 struct wpa_interface *iface, *miface;
6931
6932 for (i = 0; i < global->params.match_iface_count; i++) {
6933 miface = &global->params.match_ifaces[i];
6934 if (!miface->ifname ||
6935 fnmatch(miface->ifname, ifname, 0) == 0) {
6936 iface = os_zalloc(sizeof(*iface));
6937 if (!iface)
6938 return NULL;
6939 *iface = *miface;
6940 if (!miface->ifname)
6941 iface->matched = WPA_IFACE_MATCHED_NULL;
6942 else
6943 iface->matched = WPA_IFACE_MATCHED;
6944 iface->ifname = ifname;
6945 return iface;
6946 }
6947 }
6948
6949 return NULL;
6950 }
6951
6952
6953 /**
6954 * wpa_supplicant_match_existing - Match existing interfaces
6955 * @global: Pointer to global data from wpa_supplicant_init()
6956 * Returns: 0 on success, -1 on failure
6957 */
wpa_supplicant_match_existing(struct wpa_global * global)6958 static int wpa_supplicant_match_existing(struct wpa_global *global)
6959 {
6960 struct if_nameindex *ifi, *ifp;
6961 struct wpa_supplicant *wpa_s;
6962 struct wpa_interface *iface;
6963
6964 ifp = if_nameindex();
6965 if (!ifp) {
6966 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6967 return -1;
6968 }
6969
6970 for (ifi = ifp; ifi->if_name; ifi++) {
6971 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6972 if (wpa_s)
6973 continue;
6974 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6975 if (iface) {
6976 wpa_supplicant_add_iface(global, iface, NULL);
6977 os_free(iface);
6978 }
6979 }
6980
6981 if_freenameindex(ifp);
6982 return 0;
6983 }
6984
6985 #endif /* CONFIG_MATCH_IFACE */
6986
6987
6988 /**
6989 * wpa_supplicant_add_iface - Add a new network interface
6990 * @global: Pointer to global data from wpa_supplicant_init()
6991 * @iface: Interface configuration options
6992 * @parent: Parent interface or %NULL to assign new interface as parent
6993 * Returns: Pointer to the created interface or %NULL on failure
6994 *
6995 * This function is used to add new network interfaces for %wpa_supplicant.
6996 * This can be called before wpa_supplicant_run() to add interfaces before the
6997 * main event loop has been started. In addition, new interfaces can be added
6998 * dynamically while %wpa_supplicant is already running. This could happen,
6999 * e.g., when a hotplug network adapter is inserted.
7000 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)7001 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
7002 struct wpa_interface *iface,
7003 struct wpa_supplicant *parent)
7004 {
7005 struct wpa_supplicant *wpa_s;
7006 struct wpa_interface t_iface;
7007 struct wpa_ssid *ssid;
7008
7009 if (global == NULL || iface == NULL)
7010 return NULL;
7011
7012 wpa_s = wpa_supplicant_alloc(parent);
7013 if (wpa_s == NULL)
7014 return NULL;
7015
7016 wpa_s->global = global;
7017
7018 t_iface = *iface;
7019 if (global->params.override_driver) {
7020 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
7021 "('%s' -> '%s')",
7022 iface->driver, global->params.override_driver);
7023 t_iface.driver = global->params.override_driver;
7024 }
7025 if (global->params.override_ctrl_interface) {
7026 wpa_printf(MSG_DEBUG, "Override interface parameter: "
7027 "ctrl_interface ('%s' -> '%s')",
7028 iface->ctrl_interface,
7029 global->params.override_ctrl_interface);
7030 t_iface.ctrl_interface =
7031 global->params.override_ctrl_interface;
7032 }
7033 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
7034 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
7035 iface->ifname);
7036 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
7037 return NULL;
7038 }
7039
7040 if (iface->p2p_mgmt == 0) {
7041 /* Notify the control interfaces about new iface */
7042 if (wpas_notify_iface_added(wpa_s)) {
7043 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
7044 return NULL;
7045 }
7046
7047 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
7048 wpas_notify_network_added(wpa_s, ssid);
7049 }
7050
7051 wpa_s->next = global->ifaces;
7052 global->ifaces = wpa_s;
7053
7054 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
7055 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
7056
7057 #ifdef CONFIG_P2P
7058 if (wpa_s->global->p2p == NULL &&
7059 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
7060 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
7061 wpas_p2p_add_p2pdev_interface(
7062 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
7063 wpa_printf(MSG_INFO,
7064 "P2P: Failed to enable P2P Device interface");
7065 /* Try to continue without. P2P will be disabled. */
7066 }
7067 #endif /* CONFIG_P2P */
7068
7069 return wpa_s;
7070 }
7071
7072
7073 /**
7074 * wpa_supplicant_remove_iface - Remove a network interface
7075 * @global: Pointer to global data from wpa_supplicant_init()
7076 * @wpa_s: Pointer to the network interface to be removed
7077 * Returns: 0 if interface was removed, -1 if interface was not found
7078 *
7079 * This function can be used to dynamically remove network interfaces from
7080 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
7081 * addition, this function is used to remove all remaining interfaces when
7082 * %wpa_supplicant is terminated.
7083 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)7084 int wpa_supplicant_remove_iface(struct wpa_global *global,
7085 struct wpa_supplicant *wpa_s,
7086 int terminate)
7087 {
7088 struct wpa_supplicant *prev;
7089 #ifdef CONFIG_MESH
7090 unsigned int mesh_if_created = wpa_s->mesh_if_created;
7091 char *ifname = NULL;
7092 struct wpa_supplicant *parent = wpa_s->parent;
7093 #endif /* CONFIG_MESH */
7094
7095 /* Remove interface from the global list of interfaces */
7096 prev = global->ifaces;
7097 if (prev == wpa_s) {
7098 global->ifaces = wpa_s->next;
7099 } else {
7100 while (prev && prev->next != wpa_s)
7101 prev = prev->next;
7102 if (prev == NULL)
7103 return -1;
7104 prev->next = wpa_s->next;
7105 }
7106
7107 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
7108
7109 #ifdef CONFIG_MESH
7110 if (mesh_if_created) {
7111 ifname = os_strdup(wpa_s->ifname);
7112 if (ifname == NULL) {
7113 wpa_dbg(wpa_s, MSG_ERROR,
7114 "mesh: Failed to malloc ifname");
7115 return -1;
7116 }
7117 }
7118 #endif /* CONFIG_MESH */
7119
7120 if (global->p2p_group_formation == wpa_s)
7121 global->p2p_group_formation = NULL;
7122 if (global->p2p_invite_group == wpa_s)
7123 global->p2p_invite_group = NULL;
7124 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
7125
7126 #ifdef CONFIG_MESH
7127 if (mesh_if_created) {
7128 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
7129 os_free(ifname);
7130 }
7131 #endif /* CONFIG_MESH */
7132
7133 return 0;
7134 }
7135
7136
7137 /**
7138 * wpa_supplicant_get_eap_mode - Get the current EAP mode
7139 * @wpa_s: Pointer to the network interface
7140 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
7141 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)7142 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
7143 {
7144 const char *eapol_method;
7145
7146 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
7147 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
7148 return "NO-EAP";
7149 }
7150
7151 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
7152 if (eapol_method == NULL)
7153 return "UNKNOWN-EAP";
7154
7155 return eapol_method;
7156 }
7157
7158
7159 /**
7160 * wpa_supplicant_get_iface - Get a new network interface
7161 * @global: Pointer to global data from wpa_supplicant_init()
7162 * @ifname: Interface name
7163 * Returns: Pointer to the interface or %NULL if not found
7164 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)7165 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
7166 const char *ifname)
7167 {
7168 struct wpa_supplicant *wpa_s;
7169
7170 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7171 if (os_strcmp(wpa_s->ifname, ifname) == 0)
7172 return wpa_s;
7173 }
7174 return NULL;
7175 }
7176
7177
7178 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)7179 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
7180 {
7181 struct wpa_supplicant *wpa_s = ctx;
7182 if (wpa_s == NULL)
7183 return NULL;
7184 return wpa_s->ifname;
7185 }
7186 #endif /* CONFIG_NO_WPA_MSG */
7187
7188
7189 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
7190 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
7191 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
7192
7193 /* Periodic cleanup tasks */
wpas_periodic(void * eloop_ctx,void * timeout_ctx)7194 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
7195 {
7196 struct wpa_global *global = eloop_ctx;
7197 struct wpa_supplicant *wpa_s;
7198
7199 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7200 wpas_periodic, global, NULL);
7201
7202 #ifdef CONFIG_P2P
7203 if (global->p2p)
7204 p2p_expire_peers(global->p2p);
7205 #endif /* CONFIG_P2P */
7206
7207 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7208 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
7209 #ifdef CONFIG_AP
7210 ap_periodic(wpa_s);
7211 #endif /* CONFIG_AP */
7212 }
7213 }
7214
7215
7216 /**
7217 * wpa_supplicant_init - Initialize %wpa_supplicant
7218 * @params: Parameters for %wpa_supplicant
7219 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
7220 *
7221 * This function is used to initialize %wpa_supplicant. After successful
7222 * initialization, the returned data pointer can be used to add and remove
7223 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
7224 */
wpa_supplicant_init(struct wpa_params * params)7225 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
7226 {
7227 struct wpa_global *global;
7228 int ret, i;
7229
7230 if (params == NULL)
7231 return NULL;
7232
7233 #ifndef CONFIG_NO_WPA_MSG
7234 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
7235 #endif /* CONFIG_NO_WPA_MSG */
7236
7237 if (params->wpa_debug_file_path)
7238 wpa_debug_open_file(params->wpa_debug_file_path);
7239 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
7240 wpa_debug_setup_stdout();
7241 if (params->wpa_debug_syslog)
7242 wpa_debug_open_syslog();
7243 if (params->wpa_debug_tracing) {
7244 ret = wpa_debug_open_linux_tracing();
7245 if (ret) {
7246 wpa_printf(MSG_ERROR,
7247 "Failed to enable trace logging");
7248 return NULL;
7249 }
7250 }
7251
7252 ret = eap_register_methods();
7253 if (ret) {
7254 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
7255 if (ret == -2)
7256 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
7257 "the same EAP type.");
7258 return NULL;
7259 }
7260
7261 global = os_zalloc(sizeof(*global));
7262 if (global == NULL)
7263 return NULL;
7264 dl_list_init(&global->p2p_srv_bonjour);
7265 dl_list_init(&global->p2p_srv_upnp);
7266 global->params.daemonize = params->daemonize;
7267 global->params.wait_for_monitor = params->wait_for_monitor;
7268 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
7269 if (params->pid_file)
7270 global->params.pid_file = os_strdup(params->pid_file);
7271 if (params->ctrl_interface)
7272 global->params.ctrl_interface =
7273 os_strdup(params->ctrl_interface);
7274 if (params->ctrl_interface_group)
7275 global->params.ctrl_interface_group =
7276 os_strdup(params->ctrl_interface_group);
7277 if (params->override_driver)
7278 global->params.override_driver =
7279 os_strdup(params->override_driver);
7280 if (params->override_ctrl_interface)
7281 global->params.override_ctrl_interface =
7282 os_strdup(params->override_ctrl_interface);
7283 #ifdef CONFIG_MATCH_IFACE
7284 global->params.match_iface_count = params->match_iface_count;
7285 if (params->match_iface_count) {
7286 global->params.match_ifaces =
7287 os_calloc(params->match_iface_count,
7288 sizeof(struct wpa_interface));
7289 os_memcpy(global->params.match_ifaces,
7290 params->match_ifaces,
7291 params->match_iface_count *
7292 sizeof(struct wpa_interface));
7293 }
7294 #endif /* CONFIG_MATCH_IFACE */
7295 #ifdef CONFIG_P2P
7296 if (params->conf_p2p_dev)
7297 global->params.conf_p2p_dev =
7298 os_strdup(params->conf_p2p_dev);
7299 #endif /* CONFIG_P2P */
7300 wpa_debug_level = global->params.wpa_debug_level =
7301 params->wpa_debug_level;
7302 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
7303 params->wpa_debug_show_keys;
7304 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
7305 params->wpa_debug_timestamp;
7306
7307 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
7308
7309 if (eloop_init()) {
7310 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
7311 wpa_supplicant_deinit(global);
7312 return NULL;
7313 }
7314
7315 random_init(params->entropy_file);
7316
7317 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
7318 if (global->ctrl_iface == NULL) {
7319 wpa_supplicant_deinit(global);
7320 return NULL;
7321 }
7322
7323 if (wpas_notify_supplicant_initialized(global)) {
7324 wpa_supplicant_deinit(global);
7325 return NULL;
7326 }
7327
7328 for (i = 0; wpa_drivers[i]; i++)
7329 global->drv_count++;
7330 if (global->drv_count == 0) {
7331 wpa_printf(MSG_ERROR, "No drivers enabled");
7332 wpa_supplicant_deinit(global);
7333 return NULL;
7334 }
7335 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
7336 if (global->drv_priv == NULL) {
7337 wpa_supplicant_deinit(global);
7338 return NULL;
7339 }
7340
7341 #ifdef CONFIG_WIFI_DISPLAY
7342 if (wifi_display_init(global) < 0) {
7343 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
7344 wpa_supplicant_deinit(global);
7345 return NULL;
7346 }
7347 #endif /* CONFIG_WIFI_DISPLAY */
7348
7349 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7350 wpas_periodic, global, NULL);
7351
7352 return global;
7353 }
7354
7355
7356 /**
7357 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
7358 * @global: Pointer to global data from wpa_supplicant_init()
7359 * Returns: 0 after successful event loop run, -1 on failure
7360 *
7361 * This function starts the main event loop and continues running as long as
7362 * there are any remaining events. In most cases, this function is running as
7363 * long as the %wpa_supplicant process in still in use.
7364 */
wpa_supplicant_run(struct wpa_global * global)7365 int wpa_supplicant_run(struct wpa_global *global)
7366 {
7367 struct wpa_supplicant *wpa_s;
7368
7369 if (global->params.daemonize &&
7370 (wpa_supplicant_daemon(global->params.pid_file) ||
7371 eloop_sock_requeue()))
7372 return -1;
7373
7374 #ifdef CONFIG_MATCH_IFACE
7375 if (wpa_supplicant_match_existing(global))
7376 return -1;
7377 #endif
7378
7379 if (global->params.wait_for_monitor) {
7380 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
7381 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
7382 wpa_supplicant_ctrl_iface_wait(
7383 wpa_s->ctrl_iface);
7384 }
7385
7386 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
7387 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
7388
7389 eloop_run();
7390
7391 return 0;
7392 }
7393
7394
7395 /**
7396 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
7397 * @global: Pointer to global data from wpa_supplicant_init()
7398 *
7399 * This function is called to deinitialize %wpa_supplicant and to free all
7400 * allocated resources. Remaining network interfaces will also be removed.
7401 */
wpa_supplicant_deinit(struct wpa_global * global)7402 void wpa_supplicant_deinit(struct wpa_global *global)
7403 {
7404 int i;
7405
7406 if (global == NULL)
7407 return;
7408
7409 eloop_cancel_timeout(wpas_periodic, global, NULL);
7410
7411 #ifdef CONFIG_WIFI_DISPLAY
7412 wifi_display_deinit(global);
7413 #endif /* CONFIG_WIFI_DISPLAY */
7414
7415 while (global->ifaces)
7416 wpa_supplicant_remove_iface(global, global->ifaces, 1);
7417
7418 if (global->ctrl_iface)
7419 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
7420
7421 wpas_notify_supplicant_deinitialized(global);
7422
7423 eap_peer_unregister_methods();
7424 #ifdef CONFIG_AP
7425 eap_server_unregister_methods();
7426 #endif /* CONFIG_AP */
7427
7428 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
7429 if (!global->drv_priv[i])
7430 continue;
7431 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
7432 }
7433 os_free(global->drv_priv);
7434
7435 random_deinit();
7436
7437 eloop_destroy();
7438
7439 if (global->params.pid_file) {
7440 os_daemonize_terminate(global->params.pid_file);
7441 os_free(global->params.pid_file);
7442 }
7443 os_free(global->params.ctrl_interface);
7444 os_free(global->params.ctrl_interface_group);
7445 os_free(global->params.override_driver);
7446 os_free(global->params.override_ctrl_interface);
7447 #ifdef CONFIG_MATCH_IFACE
7448 os_free(global->params.match_ifaces);
7449 #endif /* CONFIG_MATCH_IFACE */
7450 #ifdef CONFIG_P2P
7451 os_free(global->params.conf_p2p_dev);
7452 #endif /* CONFIG_P2P */
7453
7454 os_free(global->p2p_disallow_freq.range);
7455 os_free(global->p2p_go_avoid_freq.range);
7456 os_free(global->add_psk);
7457
7458 os_free(global);
7459 wpa_debug_close_syslog();
7460 wpa_debug_close_file();
7461 wpa_debug_close_linux_tracing();
7462 }
7463
7464
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)7465 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
7466 {
7467 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
7468 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
7469 char country[3];
7470 country[0] = wpa_s->conf->country[0];
7471 country[1] = wpa_s->conf->country[1];
7472 country[2] = '\0';
7473 if (wpa_drv_set_country(wpa_s, country) < 0) {
7474 wpa_printf(MSG_ERROR, "Failed to set country code "
7475 "'%s'", country);
7476 }
7477 }
7478
7479 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
7480 wpas_init_ext_pw(wpa_s);
7481
7482 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
7483 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7484
7485 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
7486 struct wpa_driver_capa capa;
7487 int res = wpa_drv_get_capa(wpa_s, &capa);
7488
7489 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7490 wpa_printf(MSG_ERROR,
7491 "Failed to update wowlan_triggers to '%s'",
7492 wpa_s->conf->wowlan_triggers);
7493 }
7494
7495 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7496 wpa_supplicant_set_default_scan_ies(wpa_s);
7497
7498 #ifdef CONFIG_BGSCAN
7499 /*
7500 * We default to global bgscan parameters only when per-network bgscan
7501 * parameters aren't set. Only bother resetting bgscan parameters if
7502 * this is the case.
7503 */
7504 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) &&
7505 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan &&
7506 wpa_s->wpa_state == WPA_COMPLETED)
7507 wpa_supplicant_reset_bgscan(wpa_s);
7508 #endif /* CONFIG_BGSCAN */
7509
7510 #ifdef CONFIG_WPS
7511 wpas_wps_update_config(wpa_s);
7512 #endif /* CONFIG_WPS */
7513 wpas_p2p_update_config(wpa_s);
7514 wpa_s->conf->changed_parameters = 0;
7515 }
7516
7517
add_freq(int * freqs,int * num_freqs,int freq)7518 void add_freq(int *freqs, int *num_freqs, int freq)
7519 {
7520 int i;
7521
7522 for (i = 0; i < *num_freqs; i++) {
7523 if (freqs[i] == freq)
7524 return;
7525 }
7526
7527 freqs[*num_freqs] = freq;
7528 (*num_freqs)++;
7529 }
7530
7531
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)7532 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7533 {
7534 struct wpa_bss *bss, *cbss;
7535 const int max_freqs = 10;
7536 int *freqs;
7537 int num_freqs = 0;
7538
7539 freqs = os_calloc(max_freqs + 1, sizeof(int));
7540 if (freqs == NULL)
7541 return NULL;
7542
7543 cbss = wpa_s->current_bss;
7544
7545 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7546 if (bss == cbss)
7547 continue;
7548 if (bss->ssid_len == cbss->ssid_len &&
7549 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7550 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) {
7551 add_freq(freqs, &num_freqs, bss->freq);
7552 if (num_freqs == max_freqs)
7553 break;
7554 }
7555 }
7556
7557 if (num_freqs == 0) {
7558 os_free(freqs);
7559 freqs = NULL;
7560 }
7561
7562 return freqs;
7563 }
7564
7565
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid)7566 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7567 {
7568 int timeout;
7569 int count;
7570 int *freqs = NULL;
7571
7572 wpas_connect_work_done(wpa_s);
7573
7574 /*
7575 * Remove possible authentication timeout since the connection failed.
7576 */
7577 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7578
7579 /*
7580 * There is no point in ignoring the AP temporarily if this event is
7581 * generated based on local request to disconnect.
7582 */
7583 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
7584 wpa_s->own_disconnect_req = 0;
7585 wpa_dbg(wpa_s, MSG_DEBUG,
7586 "Ignore connection failure due to local request to disconnect");
7587 return;
7588 }
7589 if (wpa_s->disconnected) {
7590 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7591 "indication since interface has been put into "
7592 "disconnected state");
7593 return;
7594 }
7595
7596 /*
7597 * Add the failed BSSID into the ignore list and speed up next scan
7598 * attempt if there could be other APs that could accept association.
7599 */
7600 count = wpa_bssid_ignore_add(wpa_s, bssid);
7601 if (count == 1 && wpa_s->current_bss) {
7602 /*
7603 * This BSS was not in the ignore list before. If there is
7604 * another BSS available for the same ESS, we should try that
7605 * next. Otherwise, we may as well try this one once more
7606 * before allowing other, likely worse, ESSes to be considered.
7607 */
7608 freqs = get_bss_freqs_in_ess(wpa_s);
7609 if (freqs) {
7610 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7611 "has been seen; try it next");
7612 wpa_bssid_ignore_add(wpa_s, bssid);
7613 /*
7614 * On the next scan, go through only the known channels
7615 * used in this ESS based on previous scans to speed up
7616 * common load balancing use case.
7617 */
7618 os_free(wpa_s->next_scan_freqs);
7619 wpa_s->next_scan_freqs = freqs;
7620 }
7621 }
7622
7623 wpa_s->consecutive_conn_failures++;
7624
7625 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) {
7626 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7627 "consider temporary network disabling");
7628 wpas_auth_failed(wpa_s, "CONN_FAILED");
7629 }
7630 /*
7631 * Multiple consecutive connection failures mean that other APs are
7632 * either not available or have already been tried, so we can start
7633 * increasing the delay here to avoid constant scanning.
7634 */
7635 switch (wpa_s->consecutive_conn_failures) {
7636 case 1:
7637 timeout = 100;
7638 break;
7639 case 2:
7640 timeout = 500;
7641 break;
7642 case 3:
7643 timeout = 1000;
7644 break;
7645 case 4:
7646 timeout = 5000;
7647 break;
7648 default:
7649 timeout = 10000;
7650 break;
7651 }
7652
7653 wpa_dbg(wpa_s, MSG_DEBUG,
7654 "Consecutive connection failures: %d --> request scan in %d ms",
7655 wpa_s->consecutive_conn_failures, timeout);
7656
7657 /*
7658 * TODO: if more than one possible AP is available in scan results,
7659 * could try the other ones before requesting a new scan.
7660 */
7661
7662 /* speed up the connection attempt with normal scan */
7663 wpa_s->normal_scans = 0;
7664 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7665 1000 * (timeout % 1000));
7666 }
7667
7668
7669 #ifdef CONFIG_FILS
7670
fils_pmksa_cache_flush(struct wpa_supplicant * wpa_s)7671 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
7672 {
7673 struct wpa_ssid *ssid = wpa_s->current_ssid;
7674 const u8 *realm, *username, *rrk;
7675 size_t realm_len, username_len, rrk_len;
7676 u16 next_seq_num;
7677
7678 /* Clear the PMKSA cache entry if FILS authentication was rejected.
7679 * Check for ERP keys existing to limit when this can be done since
7680 * the rejection response is not protected and such triggers should
7681 * really not allow internal state to be modified unless required to
7682 * avoid significant issues in functionality. In addition, drop
7683 * externally configure PMKSA entries even without ERP keys since it
7684 * is possible for an external component to add PMKSA entries for FILS
7685 * authentication without restoring previously generated ERP keys.
7686 *
7687 * In this case, this is needed to allow recovery from cases where the
7688 * AP or authentication server has dropped PMKSAs and ERP keys. */
7689 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt))
7690 return;
7691
7692 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7693 &username, &username_len,
7694 &realm, &realm_len, &next_seq_num,
7695 &rrk, &rrk_len) != 0 ||
7696 !realm) {
7697 wpa_dbg(wpa_s, MSG_DEBUG,
7698 "FILS: Drop external PMKSA cache entry");
7699 wpa_sm_aborted_external_cached(wpa_s->wpa);
7700 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid);
7701 return;
7702 }
7703
7704 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry");
7705 wpa_sm_aborted_cached(wpa_s->wpa);
7706 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
7707 }
7708
7709
fils_connection_failure(struct wpa_supplicant * wpa_s)7710 void fils_connection_failure(struct wpa_supplicant *wpa_s)
7711 {
7712 struct wpa_ssid *ssid = wpa_s->current_ssid;
7713 const u8 *realm, *username, *rrk;
7714 size_t realm_len, username_len, rrk_len;
7715 u16 next_seq_num;
7716
7717 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7718 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7719 &username, &username_len,
7720 &realm, &realm_len, &next_seq_num,
7721 &rrk, &rrk_len) != 0 ||
7722 !realm)
7723 return;
7724
7725 wpa_hexdump_ascii(MSG_DEBUG,
7726 "FILS: Store last connection failure realm",
7727 realm, realm_len);
7728 os_free(wpa_s->last_con_fail_realm);
7729 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7730 if (wpa_s->last_con_fail_realm) {
7731 wpa_s->last_con_fail_realm_len = realm_len;
7732 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7733 }
7734 }
7735 #endif /* CONFIG_FILS */
7736
7737
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)7738 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7739 {
7740 return wpa_s->conf->ap_scan == 2 ||
7741 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7742 }
7743
7744
7745 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)7746 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7747 struct wpa_ssid *ssid,
7748 const char *field,
7749 const char *value)
7750 {
7751 #ifdef IEEE8021X_EAPOL
7752 struct eap_peer_config *eap = &ssid->eap;
7753
7754 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7755 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7756 (const u8 *) value, os_strlen(value));
7757
7758 switch (wpa_supplicant_ctrl_req_from_string(field)) {
7759 case WPA_CTRL_REQ_EAP_IDENTITY:
7760 os_free(eap->identity);
7761 eap->identity = (u8 *) os_strdup(value);
7762 eap->identity_len = os_strlen(value);
7763 eap->pending_req_identity = 0;
7764 if (ssid == wpa_s->current_ssid)
7765 wpa_s->reassociate = 1;
7766 break;
7767 case WPA_CTRL_REQ_EAP_PASSWORD:
7768 bin_clear_free(eap->password, eap->password_len);
7769 eap->password = (u8 *) os_strdup(value);
7770 eap->password_len = os_strlen(value);
7771 eap->pending_req_password = 0;
7772 if (ssid == wpa_s->current_ssid)
7773 wpa_s->reassociate = 1;
7774 break;
7775 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
7776 bin_clear_free(eap->new_password, eap->new_password_len);
7777 eap->new_password = (u8 *) os_strdup(value);
7778 eap->new_password_len = os_strlen(value);
7779 eap->pending_req_new_password = 0;
7780 if (ssid == wpa_s->current_ssid)
7781 wpa_s->reassociate = 1;
7782 break;
7783 case WPA_CTRL_REQ_EAP_PIN:
7784 str_clear_free(eap->cert.pin);
7785 eap->cert.pin = os_strdup(value);
7786 eap->pending_req_pin = 0;
7787 if (ssid == wpa_s->current_ssid)
7788 wpa_s->reassociate = 1;
7789 break;
7790 case WPA_CTRL_REQ_EAP_OTP:
7791 bin_clear_free(eap->otp, eap->otp_len);
7792 eap->otp = (u8 *) os_strdup(value);
7793 eap->otp_len = os_strlen(value);
7794 os_free(eap->pending_req_otp);
7795 eap->pending_req_otp = NULL;
7796 eap->pending_req_otp_len = 0;
7797 break;
7798 case WPA_CTRL_REQ_EAP_PASSPHRASE:
7799 str_clear_free(eap->cert.private_key_passwd);
7800 eap->cert.private_key_passwd = os_strdup(value);
7801 eap->pending_req_passphrase = 0;
7802 if (ssid == wpa_s->current_ssid)
7803 wpa_s->reassociate = 1;
7804 break;
7805 case WPA_CTRL_REQ_SIM:
7806 str_clear_free(eap->external_sim_resp);
7807 eap->external_sim_resp = os_strdup(value);
7808 eap->pending_req_sim = 0;
7809 break;
7810 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7811 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7812 return -1;
7813 ssid->mem_only_psk = 1;
7814 if (ssid->passphrase)
7815 wpa_config_update_psk(ssid);
7816 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7817 wpa_supplicant_req_scan(wpa_s, 0, 0);
7818 break;
7819 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7820 if (eap->pending_ext_cert_check != PENDING_CHECK)
7821 return -1;
7822 if (os_strcmp(value, "good") == 0)
7823 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7824 else if (os_strcmp(value, "bad") == 0)
7825 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7826 else
7827 return -1;
7828 break;
7829 default:
7830 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
7831 return -1;
7832 }
7833
7834 return 0;
7835 #else /* IEEE8021X_EAPOL */
7836 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7837 return -1;
7838 #endif /* IEEE8021X_EAPOL */
7839 }
7840 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
7841
7842
wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)7843 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7844 {
7845 #ifdef CONFIG_WEP
7846 int i;
7847 unsigned int drv_enc;
7848 #endif /* CONFIG_WEP */
7849
7850 if (wpa_s->p2p_mgmt)
7851 return 1; /* no normal network profiles on p2p_mgmt interface */
7852
7853 if (ssid == NULL)
7854 return 1;
7855
7856 if (ssid->disabled)
7857 return 1;
7858
7859 #ifdef CONFIG_WEP
7860 if (wpa_s->drv_capa_known)
7861 drv_enc = wpa_s->drv_enc;
7862 else
7863 drv_enc = (unsigned int) -1;
7864
7865 for (i = 0; i < NUM_WEP_KEYS; i++) {
7866 size_t len = ssid->wep_key_len[i];
7867 if (len == 0)
7868 continue;
7869 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7870 continue;
7871 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7872 continue;
7873 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7874 continue;
7875 return 1; /* invalid WEP key */
7876 }
7877 #endif /* CONFIG_WEP */
7878
7879 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
7880 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
7881 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
7882 !ssid->mem_only_psk)
7883 return 1;
7884
7885 return 0;
7886 }
7887
7888
wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)7889 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7890 {
7891 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7892 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7893 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7894 /*
7895 * Driver does not support BIP -- ignore pmf=1 default
7896 * since the connection with PMF would fail and the
7897 * configuration does not require PMF to be enabled.
7898 */
7899 return NO_MGMT_FRAME_PROTECTION;
7900 }
7901
7902 if (ssid &&
7903 (ssid->key_mgmt &
7904 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7905 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7906 /*
7907 * Do not use the default PMF value for non-RSN networks
7908 * since PMF is available only with RSN and pmf=2
7909 * configuration would otherwise prevent connections to
7910 * all open networks.
7911 */
7912 return NO_MGMT_FRAME_PROTECTION;
7913 }
7914
7915 return wpa_s->conf->pmf;
7916 }
7917
7918 return ssid->ieee80211w;
7919 }
7920
7921
pmf_in_use(struct wpa_supplicant * wpa_s,const u8 * addr)7922 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr)
7923 {
7924 if (wpa_s->current_ssid == NULL ||
7925 wpa_s->wpa_state < WPA_4WAY_HANDSHAKE ||
7926 os_memcmp(addr, wpa_s->bssid, ETH_ALEN) != 0)
7927 return 0;
7928 return wpa_sm_pmf_enabled(wpa_s->wpa);
7929 }
7930
7931
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)7932 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7933 {
7934 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7935 return 1;
7936 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7937 return 0;
7938 return -1;
7939 }
7940
7941
wpas_auth_failed(struct wpa_supplicant * wpa_s,char * reason)7942 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
7943 {
7944 struct wpa_ssid *ssid = wpa_s->current_ssid;
7945 int dur;
7946 struct os_reltime now;
7947
7948 if (ssid == NULL) {
7949 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7950 "SSID block");
7951 return;
7952 }
7953
7954 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7955 return;
7956
7957 ssid->auth_failures++;
7958
7959 #ifdef CONFIG_P2P
7960 if (ssid->p2p_group &&
7961 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7962 /*
7963 * Skip the wait time since there is a short timeout on the
7964 * connection to a P2P group.
7965 */
7966 return;
7967 }
7968 #endif /* CONFIG_P2P */
7969
7970 if (ssid->auth_failures > 50)
7971 dur = 300;
7972 else if (ssid->auth_failures > 10)
7973 dur = 120;
7974 else if (ssid->auth_failures > 5)
7975 dur = 90;
7976 else if (ssid->auth_failures > 3)
7977 dur = 60;
7978 else if (ssid->auth_failures > 2)
7979 dur = 30;
7980 else if (ssid->auth_failures > 1)
7981 dur = 20;
7982 else
7983 dur = 10;
7984
7985 if (ssid->auth_failures > 1 &&
7986 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7987 dur += os_random() % (ssid->auth_failures * 10);
7988
7989 os_get_reltime(&now);
7990 if (now.sec + dur <= ssid->disabled_until.sec)
7991 return;
7992
7993 ssid->disabled_until.sec = now.sec + dur;
7994
7995 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
7996 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
7997 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
7998 ssid->auth_failures, dur, reason);
7999 }
8000
8001
wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)8002 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
8003 struct wpa_ssid *ssid, int clear_failures)
8004 {
8005 if (ssid == NULL)
8006 return;
8007
8008 if (ssid->disabled_until.sec) {
8009 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
8010 "id=%d ssid=\"%s\"",
8011 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
8012 }
8013 ssid->disabled_until.sec = 0;
8014 ssid->disabled_until.usec = 0;
8015 if (clear_failures)
8016 ssid->auth_failures = 0;
8017 }
8018
8019
disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)8020 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
8021 {
8022 size_t i;
8023
8024 if (wpa_s->disallow_aps_bssid == NULL)
8025 return 0;
8026
8027 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
8028 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
8029 bssid, ETH_ALEN) == 0)
8030 return 1;
8031 }
8032
8033 return 0;
8034 }
8035
8036
disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)8037 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
8038 size_t ssid_len)
8039 {
8040 size_t i;
8041
8042 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
8043 return 0;
8044
8045 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
8046 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
8047 if (ssid_len == s->ssid_len &&
8048 os_memcmp(ssid, s->ssid, ssid_len) == 0)
8049 return 1;
8050 }
8051
8052 return 0;
8053 }
8054
8055
8056 /**
8057 * wpas_request_connection - Request a new connection
8058 * @wpa_s: Pointer to the network interface
8059 *
8060 * This function is used to request a new connection to be found. It will mark
8061 * the interface to allow reassociation and request a new scan to find a
8062 * suitable network to connect to.
8063 */
wpas_request_connection(struct wpa_supplicant * wpa_s)8064 void wpas_request_connection(struct wpa_supplicant *wpa_s)
8065 {
8066 wpa_s->normal_scans = 0;
8067 wpa_s->scan_req = NORMAL_SCAN_REQ;
8068 wpa_supplicant_reinit_autoscan(wpa_s);
8069 wpa_s->disconnected = 0;
8070 wpa_s->reassociate = 1;
8071 wpa_s->last_owe_group = 0;
8072
8073 if (wpa_supplicant_fast_associate(wpa_s) != 1)
8074 wpa_supplicant_req_scan(wpa_s, 0, 0);
8075 else
8076 wpa_s->reattach = 0;
8077 }
8078
8079
8080 /**
8081 * wpas_request_disconnection - Request disconnection
8082 * @wpa_s: Pointer to the network interface
8083 *
8084 * This function is used to request disconnection from the currently connected
8085 * network. This will stop any ongoing scans and initiate deauthentication.
8086 */
wpas_request_disconnection(struct wpa_supplicant * wpa_s)8087 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
8088 {
8089 #ifdef CONFIG_SME
8090 wpa_s->sme.prev_bssid_set = 0;
8091 #endif /* CONFIG_SME */
8092 wpa_s->reassociate = 0;
8093 wpa_s->disconnected = 1;
8094 wpa_supplicant_cancel_sched_scan(wpa_s);
8095 wpa_supplicant_cancel_scan(wpa_s);
8096 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
8097 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
8098 radio_remove_works(wpa_s, "connect", 0);
8099 radio_remove_works(wpa_s, "sme-connect", 0);
8100 }
8101
8102
dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)8103 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
8104 struct wpa_used_freq_data *freqs_data,
8105 unsigned int len)
8106 {
8107 unsigned int i;
8108
8109 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
8110 len, title);
8111 for (i = 0; i < len; i++) {
8112 struct wpa_used_freq_data *cur = &freqs_data[i];
8113 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
8114 i, cur->freq, cur->flags);
8115 }
8116 }
8117
8118
8119 /*
8120 * Find the operating frequencies of any of the virtual interfaces that
8121 * are using the same radio as the current interface, and in addition, get
8122 * information about the interface types that are using the frequency.
8123 */
get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len)8124 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
8125 struct wpa_used_freq_data *freqs_data,
8126 unsigned int len)
8127 {
8128 struct wpa_supplicant *ifs;
8129 u8 bssid[ETH_ALEN];
8130 int freq;
8131 unsigned int idx = 0, i;
8132
8133 wpa_dbg(wpa_s, MSG_DEBUG,
8134 "Determining shared radio frequencies (max len %u)", len);
8135 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
8136
8137 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
8138 radio_list) {
8139 if (idx == len)
8140 break;
8141
8142 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
8143 continue;
8144
8145 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
8146 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
8147 ifs->current_ssid->mode == WPAS_MODE_MESH)
8148 freq = ifs->current_ssid->frequency;
8149 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
8150 freq = ifs->assoc_freq;
8151 else
8152 continue;
8153
8154 /* Hold only distinct freqs */
8155 for (i = 0; i < idx; i++)
8156 if (freqs_data[i].freq == freq)
8157 break;
8158
8159 if (i == idx)
8160 freqs_data[idx++].freq = freq;
8161
8162 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
8163 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
8164 WPA_FREQ_USED_BY_P2P_CLIENT :
8165 WPA_FREQ_USED_BY_INFRA_STATION;
8166 }
8167 }
8168
8169 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
8170 return idx;
8171 }
8172
8173
8174 /*
8175 * Find the operating frequencies of any of the virtual interfaces that
8176 * are using the same radio as the current interface.
8177 */
get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len)8178 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
8179 int *freq_array, unsigned int len)
8180 {
8181 struct wpa_used_freq_data *freqs_data;
8182 int num, i;
8183
8184 os_memset(freq_array, 0, sizeof(int) * len);
8185
8186 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
8187 if (!freqs_data)
8188 return -1;
8189
8190 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
8191 for (i = 0; i < num; i++)
8192 freq_array[i] = freqs_data[i].freq;
8193
8194 os_free(freqs_data);
8195
8196 return num;
8197 }
8198
8199
8200 struct wpa_supplicant *
wpas_vendor_elem(struct wpa_supplicant * wpa_s,enum wpa_vendor_elem_frame frame)8201 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
8202 {
8203 switch (frame) {
8204 #ifdef CONFIG_P2P
8205 case VENDOR_ELEM_PROBE_REQ_P2P:
8206 case VENDOR_ELEM_PROBE_RESP_P2P:
8207 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
8208 case VENDOR_ELEM_BEACON_P2P_GO:
8209 case VENDOR_ELEM_P2P_PD_REQ:
8210 case VENDOR_ELEM_P2P_PD_RESP:
8211 case VENDOR_ELEM_P2P_GO_NEG_REQ:
8212 case VENDOR_ELEM_P2P_GO_NEG_RESP:
8213 case VENDOR_ELEM_P2P_GO_NEG_CONF:
8214 case VENDOR_ELEM_P2P_INV_REQ:
8215 case VENDOR_ELEM_P2P_INV_RESP:
8216 case VENDOR_ELEM_P2P_ASSOC_REQ:
8217 case VENDOR_ELEM_P2P_ASSOC_RESP:
8218 return wpa_s->p2pdev;
8219 #endif /* CONFIG_P2P */
8220 default:
8221 return wpa_s;
8222 }
8223 }
8224
8225
wpas_vendor_elem_update(struct wpa_supplicant * wpa_s)8226 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
8227 {
8228 unsigned int i;
8229 char buf[30];
8230
8231 wpa_printf(MSG_DEBUG, "Update vendor elements");
8232
8233 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
8234 if (wpa_s->vendor_elem[i]) {
8235 int res;
8236
8237 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
8238 if (!os_snprintf_error(sizeof(buf), res)) {
8239 wpa_hexdump_buf(MSG_DEBUG, buf,
8240 wpa_s->vendor_elem[i]);
8241 }
8242 }
8243 }
8244
8245 #ifdef CONFIG_P2P
8246 if (wpa_s->parent == wpa_s &&
8247 wpa_s->global->p2p &&
8248 !wpa_s->global->p2p_disabled)
8249 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
8250 #endif /* CONFIG_P2P */
8251 }
8252
8253
wpas_vendor_elem_remove(struct wpa_supplicant * wpa_s,int frame,const u8 * elem,size_t len)8254 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
8255 const u8 *elem, size_t len)
8256 {
8257 u8 *ie, *end;
8258
8259 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
8260 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
8261
8262 for (; ie + 1 < end; ie += 2 + ie[1]) {
8263 if (ie + len > end)
8264 break;
8265 if (os_memcmp(ie, elem, len) != 0)
8266 continue;
8267
8268 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
8269 wpabuf_free(wpa_s->vendor_elem[frame]);
8270 wpa_s->vendor_elem[frame] = NULL;
8271 } else {
8272 os_memmove(ie, ie + len, end - (ie + len));
8273 wpa_s->vendor_elem[frame]->used -= len;
8274 }
8275 wpas_vendor_elem_update(wpa_s);
8276 return 0;
8277 }
8278
8279 return -1;
8280 }
8281
8282
get_mode(struct hostapd_hw_modes * modes,u16 num_modes,enum hostapd_hw_mode mode,bool is_6ghz)8283 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
8284 u16 num_modes, enum hostapd_hw_mode mode,
8285 bool is_6ghz)
8286 {
8287 u16 i;
8288
8289 if (!modes)
8290 return NULL;
8291
8292 for (i = 0; i < num_modes; i++) {
8293 if (modes[i].mode != mode ||
8294 !modes[i].num_channels || !modes[i].channels)
8295 continue;
8296 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
8297 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
8298 return &modes[i];
8299 }
8300
8301 return NULL;
8302 }
8303
8304
get_mode_with_freq(struct hostapd_hw_modes * modes,u16 num_modes,int freq)8305 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes,
8306 u16 num_modes, int freq)
8307 {
8308 int i, j;
8309
8310 for (i = 0; i < num_modes; i++) {
8311 for (j = 0; j < modes[i].num_channels; j++) {
8312 if (freq == modes[i].channels[j].freq)
8313 return &modes[i];
8314 }
8315 }
8316
8317 return NULL;
8318 }
8319
8320
8321 static struct
wpas_get_disallowed_bss(struct wpa_supplicant * wpa_s,const u8 * bssid)8322 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
8323 const u8 *bssid)
8324 {
8325 struct wpa_bss_tmp_disallowed *bss;
8326
8327 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
8328 struct wpa_bss_tmp_disallowed, list) {
8329 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
8330 return bss;
8331 }
8332
8333 return NULL;
8334 }
8335
8336
wpa_set_driver_tmp_disallow_list(struct wpa_supplicant * wpa_s)8337 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
8338 {
8339 struct wpa_bss_tmp_disallowed *tmp;
8340 unsigned int num_bssid = 0;
8341 u8 *bssids;
8342 int ret;
8343
8344 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
8345 if (!bssids)
8346 return -1;
8347 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8348 struct wpa_bss_tmp_disallowed, list) {
8349 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
8350 ETH_ALEN);
8351 num_bssid++;
8352 }
8353 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids);
8354 os_free(bssids);
8355 return ret;
8356 }
8357
8358
wpa_bss_tmp_disallow_timeout(void * eloop_ctx,void * timeout_ctx)8359 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
8360 {
8361 struct wpa_supplicant *wpa_s = eloop_ctx;
8362 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
8363
8364 /* Make sure the bss is not already freed */
8365 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8366 struct wpa_bss_tmp_disallowed, list) {
8367 if (bss == tmp) {
8368 remove_bss_tmp_disallowed_entry(wpa_s, tmp);
8369 wpa_set_driver_tmp_disallow_list(wpa_s);
8370 break;
8371 }
8372 }
8373 }
8374
8375
wpa_bss_tmp_disallow(struct wpa_supplicant * wpa_s,const u8 * bssid,unsigned int sec,int rssi_threshold)8376 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
8377 unsigned int sec, int rssi_threshold)
8378 {
8379 struct wpa_bss_tmp_disallowed *bss;
8380
8381 bss = wpas_get_disallowed_bss(wpa_s, bssid);
8382 if (bss) {
8383 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
8384 goto finish;
8385 }
8386
8387 bss = os_malloc(sizeof(*bss));
8388 if (!bss) {
8389 wpa_printf(MSG_DEBUG,
8390 "Failed to allocate memory for temp disallow BSS");
8391 return;
8392 }
8393
8394 os_memcpy(bss->bssid, bssid, ETH_ALEN);
8395 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
8396 wpa_set_driver_tmp_disallow_list(wpa_s);
8397
8398 finish:
8399 bss->rssi_threshold = rssi_threshold;
8400 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
8401 wpa_s, bss);
8402 }
8403
8404
wpa_is_bss_tmp_disallowed(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)8405 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
8406 struct wpa_bss *bss)
8407 {
8408 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
8409
8410 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
8411 struct wpa_bss_tmp_disallowed, list) {
8412 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
8413 disallowed = tmp;
8414 break;
8415 }
8416 }
8417 if (!disallowed)
8418 return 0;
8419
8420 if (disallowed->rssi_threshold != 0 &&
8421 bss->level > disallowed->rssi_threshold) {
8422 remove_bss_tmp_disallowed_entry(wpa_s, disallowed);
8423 wpa_set_driver_tmp_disallow_list(wpa_s);
8424 return 0;
8425 }
8426
8427 return 1;
8428 }
8429
8430
wpas_enable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type,const u8 * addr,const u8 * mask)8431 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
8432 unsigned int type, const u8 *addr,
8433 const u8 *mask)
8434 {
8435 if ((addr && !mask) || (!addr && mask)) {
8436 wpa_printf(MSG_INFO,
8437 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
8438 return -1;
8439 }
8440
8441 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
8442 wpa_printf(MSG_INFO,
8443 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
8444 return -1;
8445 }
8446
8447 if (type & MAC_ADDR_RAND_SCAN) {
8448 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
8449 addr, mask))
8450 return -1;
8451 }
8452
8453 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
8454 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
8455 addr, mask))
8456 return -1;
8457
8458 if (wpa_s->sched_scanning && !wpa_s->pno)
8459 wpas_scan_restart_sched_scan(wpa_s);
8460 }
8461
8462 if (type & MAC_ADDR_RAND_PNO) {
8463 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
8464 addr, mask))
8465 return -1;
8466
8467 if (wpa_s->pno) {
8468 wpas_stop_pno(wpa_s);
8469 wpas_start_pno(wpa_s);
8470 }
8471 }
8472
8473 return 0;
8474 }
8475
8476
wpas_disable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type)8477 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
8478 unsigned int type)
8479 {
8480 wpas_mac_addr_rand_scan_clear(wpa_s, type);
8481 if (wpa_s->pno) {
8482 if (type & MAC_ADDR_RAND_PNO) {
8483 wpas_stop_pno(wpa_s);
8484 wpas_start_pno(wpa_s);
8485 }
8486 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
8487 wpas_scan_restart_sched_scan(wpa_s);
8488 }
8489
8490 return 0;
8491 }
8492
8493
wpa_drv_signal_poll(struct wpa_supplicant * wpa_s,struct wpa_signal_info * si)8494 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
8495 struct wpa_signal_info *si)
8496 {
8497 int res;
8498
8499 if (!wpa_s->driver->signal_poll)
8500 return -1;
8501
8502 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
8503
8504 #ifdef CONFIG_TESTING_OPTIONS
8505 if (res == 0) {
8506 struct driver_signal_override *dso;
8507
8508 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8509 struct driver_signal_override, list) {
8510 if (os_memcmp(wpa_s->bssid, dso->bssid,
8511 ETH_ALEN) != 0)
8512 continue;
8513 wpa_printf(MSG_DEBUG,
8514 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
8515 si->current_signal,
8516 dso->si_current_signal,
8517 si->avg_signal,
8518 dso->si_avg_signal,
8519 si->avg_beacon_signal,
8520 dso->si_avg_beacon_signal,
8521 si->current_noise,
8522 dso->si_current_noise);
8523 si->current_signal = dso->si_current_signal;
8524 si->avg_signal = dso->si_avg_signal;
8525 si->avg_beacon_signal = dso->si_avg_beacon_signal;
8526 si->current_noise = dso->si_current_noise;
8527 break;
8528 }
8529 }
8530 #endif /* CONFIG_TESTING_OPTIONS */
8531
8532 return res;
8533 }
8534
8535
8536 struct wpa_scan_results *
wpa_drv_get_scan_results2(struct wpa_supplicant * wpa_s)8537 wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
8538 {
8539 struct wpa_scan_results *scan_res;
8540 #ifdef CONFIG_TESTING_OPTIONS
8541 size_t idx;
8542 #endif /* CONFIG_TESTING_OPTIONS */
8543
8544 if (!wpa_s->driver->get_scan_results2)
8545 return NULL;
8546
8547 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
8548
8549 #ifdef CONFIG_TESTING_OPTIONS
8550 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
8551 struct driver_signal_override *dso;
8552 struct wpa_scan_res *res = scan_res->res[idx];
8553
8554 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8555 struct driver_signal_override, list) {
8556 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
8557 continue;
8558 wpa_printf(MSG_DEBUG,
8559 "Override driver scan signal level %d->%d for "
8560 MACSTR,
8561 res->level, dso->scan_level,
8562 MAC2STR(res->bssid));
8563 res->flags |= WPA_SCAN_QUAL_INVALID;
8564 if (dso->scan_level < 0)
8565 res->flags |= WPA_SCAN_LEVEL_DBM;
8566 else
8567 res->flags &= ~WPA_SCAN_LEVEL_DBM;
8568 res->level = dso->scan_level;
8569 break;
8570 }
8571 }
8572 #endif /* CONFIG_TESTING_OPTIONS */
8573
8574 return scan_res;
8575 }
8576