1 /* 2 * WPA Supplicant - Driver event processing 3 * Copyright (c) 2003-2014, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 */ 8 9 #include "includes.h" 10 11 #include "common.h" 12 #include "eapol_supp/eapol_supp_sm.h" 13 #include "rsn_supp/wpa.h" 14 #include "eloop.h" 15 #include "config.h" 16 #include "l2_packet/l2_packet.h" 17 #include "wpa_supplicant_i.h" 18 #include "driver_i.h" 19 #include "pcsc_funcs.h" 20 #include "rsn_supp/preauth.h" 21 #include "rsn_supp/pmksa_cache.h" 22 #include "common/wpa_ctrl.h" 23 #include "eap_peer/eap.h" 24 #include "ap/hostapd.h" 25 #include "p2p/p2p.h" 26 #include "wnm_sta.h" 27 #include "notify.h" 28 #include "common/ieee802_11_defs.h" 29 #include "common/ieee802_11_common.h" 30 #include "crypto/random.h" 31 #include "blacklist.h" 32 #include "wpas_glue.h" 33 #include "wps_supplicant.h" 34 #include "ibss_rsn.h" 35 #include "sme.h" 36 #include "gas_query.h" 37 #include "p2p_supplicant.h" 38 #include "bgscan.h" 39 #include "autoscan.h" 40 #include "ap.h" 41 #include "bss.h" 42 #include "scan.h" 43 #include "offchannel.h" 44 #include "interworking.h" 45 46 47 #ifndef CONFIG_NO_SCAN_PROCESSING 48 static int wpas_select_network_from_last_scan(struct wpa_supplicant *wpa_s, 49 int new_scan, int own_request); 50 #endif /* CONFIG_NO_SCAN_PROCESSING */ 51 52 53 static int wpas_temp_disabled(struct wpa_supplicant *wpa_s, 54 struct wpa_ssid *ssid) 55 { 56 struct os_reltime now; 57 58 if (ssid == NULL || ssid->disabled_until.sec == 0) 59 return 0; 60 61 os_get_reltime(&now); 62 if (ssid->disabled_until.sec > now.sec) 63 return ssid->disabled_until.sec - now.sec; 64 65 wpas_clear_temp_disabled(wpa_s, ssid, 0); 66 67 return 0; 68 } 69 70 71 static struct wpa_bss * wpa_supplicant_get_new_bss( 72 struct wpa_supplicant *wpa_s, const u8 *bssid) 73 { 74 struct wpa_bss *bss = NULL; 75 struct wpa_ssid *ssid = wpa_s->current_ssid; 76 77 if (ssid->ssid_len > 0) 78 bss = wpa_bss_get(wpa_s, bssid, ssid->ssid, ssid->ssid_len); 79 if (!bss) 80 bss = wpa_bss_get_bssid(wpa_s, bssid); 81 82 return bss; 83 } 84 85 86 static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s) 87 { 88 struct wpa_ssid *ssid, *old_ssid; 89 struct wpa_bss *bss; 90 int res; 91 92 if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid) 93 return 0; 94 95 wpa_dbg(wpa_s, MSG_DEBUG, "Select network based on association " 96 "information"); 97 ssid = wpa_supplicant_get_ssid(wpa_s); 98 if (ssid == NULL) { 99 wpa_msg(wpa_s, MSG_INFO, 100 "No network configuration found for the current AP"); 101 return -1; 102 } 103 104 if (wpas_network_disabled(wpa_s, ssid)) { 105 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is disabled"); 106 return -1; 107 } 108 109 if (disallowed_bssid(wpa_s, wpa_s->bssid) || 110 disallowed_ssid(wpa_s, ssid->ssid, ssid->ssid_len)) { 111 wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS is disallowed"); 112 return -1; 113 } 114 115 res = wpas_temp_disabled(wpa_s, ssid); 116 if (res > 0) { 117 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is temporarily " 118 "disabled for %d second(s)", res); 119 return -1; 120 } 121 122 wpa_dbg(wpa_s, MSG_DEBUG, "Network configuration found for the " 123 "current AP"); 124 if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { 125 u8 wpa_ie[80]; 126 size_t wpa_ie_len = sizeof(wpa_ie); 127 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, 128 wpa_ie, &wpa_ie_len) < 0) 129 wpa_dbg(wpa_s, MSG_DEBUG, "Could not set WPA suites"); 130 } else { 131 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 132 } 133 134 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) 135 eapol_sm_invalidate_cached_session(wpa_s->eapol); 136 old_ssid = wpa_s->current_ssid; 137 wpa_s->current_ssid = ssid; 138 139 bss = wpa_supplicant_get_new_bss(wpa_s, wpa_s->bssid); 140 if (!bss) { 141 wpa_supplicant_update_scan_results(wpa_s); 142 143 /* Get the BSS from the new scan results */ 144 bss = wpa_supplicant_get_new_bss(wpa_s, wpa_s->bssid); 145 } 146 147 if (bss) 148 wpa_s->current_bss = bss; 149 150 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 151 wpa_supplicant_initiate_eapol(wpa_s); 152 if (old_ssid != wpa_s->current_ssid) 153 wpas_notify_network_changed(wpa_s); 154 155 return 0; 156 } 157 158 159 void wpa_supplicant_stop_countermeasures(void *eloop_ctx, void *sock_ctx) 160 { 161 struct wpa_supplicant *wpa_s = eloop_ctx; 162 163 if (wpa_s->countermeasures) { 164 wpa_s->countermeasures = 0; 165 wpa_drv_set_countermeasures(wpa_s, 0); 166 wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped"); 167 wpa_supplicant_req_scan(wpa_s, 0, 0); 168 } 169 } 170 171 172 void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s) 173 { 174 int bssid_changed; 175 176 wnm_bss_keep_alive_deinit(wpa_s); 177 178 #ifdef CONFIG_IBSS_RSN 179 ibss_rsn_deinit(wpa_s->ibss_rsn); 180 wpa_s->ibss_rsn = NULL; 181 #endif /* CONFIG_IBSS_RSN */ 182 183 #ifdef CONFIG_AP 184 wpa_supplicant_ap_deinit(wpa_s); 185 #endif /* CONFIG_AP */ 186 187 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) 188 return; 189 190 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 191 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 192 os_memset(wpa_s->bssid, 0, ETH_ALEN); 193 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 194 #ifdef CONFIG_SME 195 wpa_s->sme.prev_bssid_set = 0; 196 #endif /* CONFIG_SME */ 197 #ifdef CONFIG_P2P 198 os_memset(wpa_s->go_dev_addr, 0, ETH_ALEN); 199 #endif /* CONFIG_P2P */ 200 wpa_s->current_bss = NULL; 201 wpa_s->assoc_freq = 0; 202 #ifdef CONFIG_IEEE80211R 203 #ifdef CONFIG_SME 204 if (wpa_s->sme.ft_ies) 205 sme_update_ft_ies(wpa_s, NULL, NULL, 0); 206 #endif /* CONFIG_SME */ 207 #endif /* CONFIG_IEEE80211R */ 208 209 if (bssid_changed) 210 wpas_notify_bssid_changed(wpa_s); 211 212 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 213 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 214 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) 215 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 216 wpa_s->ap_ies_from_associnfo = 0; 217 wpa_s->current_ssid = NULL; 218 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 219 wpa_s->key_mgmt = 0; 220 } 221 222 223 static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s) 224 { 225 struct wpa_ie_data ie; 226 int pmksa_set = -1; 227 size_t i; 228 229 if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 || 230 ie.pmkid == NULL) 231 return; 232 233 for (i = 0; i < ie.num_pmkid; i++) { 234 pmksa_set = pmksa_cache_set_current(wpa_s->wpa, 235 ie.pmkid + i * PMKID_LEN, 236 NULL, NULL, 0); 237 if (pmksa_set == 0) { 238 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); 239 break; 240 } 241 } 242 243 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from " 244 "PMKSA cache", pmksa_set == 0 ? "" : "not "); 245 } 246 247 248 static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s, 249 union wpa_event_data *data) 250 { 251 if (data == NULL) { 252 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: No data in PMKID candidate " 253 "event"); 254 return; 255 } 256 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR 257 " index=%d preauth=%d", 258 MAC2STR(data->pmkid_candidate.bssid), 259 data->pmkid_candidate.index, 260 data->pmkid_candidate.preauth); 261 262 pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid, 263 data->pmkid_candidate.index, 264 data->pmkid_candidate.preauth); 265 } 266 267 268 static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s) 269 { 270 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 271 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 272 return 0; 273 274 #ifdef IEEE8021X_EAPOL 275 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA && 276 wpa_s->current_ssid && 277 !(wpa_s->current_ssid->eapol_flags & 278 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 279 EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) { 280 /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either 281 * plaintext or static WEP keys). */ 282 return 0; 283 } 284 #endif /* IEEE8021X_EAPOL */ 285 286 return 1; 287 } 288 289 290 /** 291 * wpa_supplicant_scard_init - Initialize SIM/USIM access with PC/SC 292 * @wpa_s: pointer to wpa_supplicant data 293 * @ssid: Configuration data for the network 294 * Returns: 0 on success, -1 on failure 295 * 296 * This function is called when starting authentication with a network that is 297 * configured to use PC/SC for SIM/USIM access (EAP-SIM or EAP-AKA). 298 */ 299 int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s, 300 struct wpa_ssid *ssid) 301 { 302 #ifdef IEEE8021X_EAPOL 303 #ifdef PCSC_FUNCS 304 int aka = 0, sim = 0; 305 306 if (ssid->eap.pcsc == NULL || wpa_s->scard != NULL || 307 wpa_s->conf->external_sim) 308 return 0; 309 310 if (ssid->eap.eap_methods == NULL) { 311 sim = 1; 312 aka = 1; 313 } else { 314 struct eap_method_type *eap = ssid->eap.eap_methods; 315 while (eap->vendor != EAP_VENDOR_IETF || 316 eap->method != EAP_TYPE_NONE) { 317 if (eap->vendor == EAP_VENDOR_IETF) { 318 if (eap->method == EAP_TYPE_SIM) 319 sim = 1; 320 else if (eap->method == EAP_TYPE_AKA || 321 eap->method == EAP_TYPE_AKA_PRIME) 322 aka = 1; 323 } 324 eap++; 325 } 326 } 327 328 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL) 329 sim = 0; 330 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL && 331 eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA_PRIME) == 332 NULL) 333 aka = 0; 334 335 if (!sim && !aka) { 336 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to " 337 "use SIM, but neither EAP-SIM nor EAP-AKA are " 338 "enabled"); 339 return 0; 340 } 341 342 wpa_dbg(wpa_s, MSG_DEBUG, "Selected network is configured to use SIM " 343 "(sim=%d aka=%d) - initialize PCSC", sim, aka); 344 345 wpa_s->scard = scard_init(NULL); 346 if (wpa_s->scard == NULL) { 347 wpa_msg(wpa_s, MSG_WARNING, "Failed to initialize SIM " 348 "(pcsc-lite)"); 349 return -1; 350 } 351 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); 352 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); 353 #endif /* PCSC_FUNCS */ 354 #endif /* IEEE8021X_EAPOL */ 355 356 return 0; 357 } 358 359 360 #ifndef CONFIG_NO_SCAN_PROCESSING 361 362 static int has_wep_key(struct wpa_ssid *ssid) 363 { 364 int i; 365 366 for (i = 0; i < NUM_WEP_KEYS; i++) { 367 if (ssid->wep_key_len[i]) 368 return 1; 369 } 370 371 return 0; 372 } 373 374 375 static int wpa_supplicant_match_privacy(struct wpa_bss *bss, 376 struct wpa_ssid *ssid) 377 { 378 int privacy = 0; 379 380 if (ssid->mixed_cell) 381 return 1; 382 383 #ifdef CONFIG_WPS 384 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 385 return 1; 386 #endif /* CONFIG_WPS */ 387 388 if (has_wep_key(ssid)) 389 privacy = 1; 390 391 #ifdef IEEE8021X_EAPOL 392 if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && 393 ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 394 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) 395 privacy = 1; 396 #endif /* IEEE8021X_EAPOL */ 397 398 if (wpa_key_mgmt_wpa(ssid->key_mgmt)) 399 privacy = 1; 400 401 if (bss->caps & IEEE80211_CAP_PRIVACY) 402 return privacy; 403 return !privacy; 404 } 405 406 407 static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s, 408 struct wpa_ssid *ssid, 409 struct wpa_bss *bss) 410 { 411 struct wpa_ie_data ie; 412 int proto_match = 0; 413 const u8 *rsn_ie, *wpa_ie; 414 int ret; 415 int wep_ok; 416 417 ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss); 418 if (ret >= 0) 419 return ret; 420 421 /* Allow TSN if local configuration accepts WEP use without WPA/WPA2 */ 422 wep_ok = !wpa_key_mgmt_wpa(ssid->key_mgmt) && 423 (((ssid->key_mgmt & WPA_KEY_MGMT_NONE) && 424 ssid->wep_key_len[ssid->wep_tx_keyidx] > 0) || 425 (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)); 426 427 rsn_ie = wpa_bss_get_ie(bss, WLAN_EID_RSN); 428 while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) { 429 proto_match++; 430 431 if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) { 432 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - parse " 433 "failed"); 434 break; 435 } 436 437 if (wep_ok && 438 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) 439 { 440 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " 441 "in RSN IE"); 442 return 1; 443 } 444 445 if (!(ie.proto & ssid->proto)) { 446 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - proto " 447 "mismatch"); 448 break; 449 } 450 451 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 452 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - PTK " 453 "cipher mismatch"); 454 break; 455 } 456 457 if (!(ie.group_cipher & ssid->group_cipher)) { 458 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - GTK " 459 "cipher mismatch"); 460 break; 461 } 462 463 if (!(ie.key_mgmt & ssid->key_mgmt)) { 464 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - key mgmt " 465 "mismatch"); 466 break; 467 } 468 469 #ifdef CONFIG_IEEE80211W 470 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && 471 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? 472 wpa_s->conf->pmf : ssid->ieee80211w) == 473 MGMT_FRAME_PROTECTION_REQUIRED) { 474 wpa_dbg(wpa_s, MSG_DEBUG, " skip RSN IE - no mgmt " 475 "frame protection"); 476 break; 477 } 478 #endif /* CONFIG_IEEE80211W */ 479 480 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on RSN IE"); 481 return 1; 482 } 483 484 wpa_ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 485 while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) { 486 proto_match++; 487 488 if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) { 489 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - parse " 490 "failed"); 491 break; 492 } 493 494 if (wep_ok && 495 (ie.group_cipher & (WPA_CIPHER_WEP40 | WPA_CIPHER_WEP104))) 496 { 497 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on TSN " 498 "in WPA IE"); 499 return 1; 500 } 501 502 if (!(ie.proto & ssid->proto)) { 503 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - proto " 504 "mismatch"); 505 break; 506 } 507 508 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) { 509 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - PTK " 510 "cipher mismatch"); 511 break; 512 } 513 514 if (!(ie.group_cipher & ssid->group_cipher)) { 515 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - GTK " 516 "cipher mismatch"); 517 break; 518 } 519 520 if (!(ie.key_mgmt & ssid->key_mgmt)) { 521 wpa_dbg(wpa_s, MSG_DEBUG, " skip WPA IE - key mgmt " 522 "mismatch"); 523 break; 524 } 525 526 wpa_dbg(wpa_s, MSG_DEBUG, " selected based on WPA IE"); 527 return 1; 528 } 529 530 if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && !wpa_ie && 531 !rsn_ie) { 532 wpa_dbg(wpa_s, MSG_DEBUG, " allow for non-WPA IEEE 802.1X"); 533 return 1; 534 } 535 536 if ((ssid->proto & (WPA_PROTO_WPA | WPA_PROTO_RSN)) && 537 wpa_key_mgmt_wpa(ssid->key_mgmt) && proto_match == 0) { 538 wpa_dbg(wpa_s, MSG_DEBUG, " skip - no WPA/RSN proto match"); 539 return 0; 540 } 541 542 if (!wpa_key_mgmt_wpa(ssid->key_mgmt)) { 543 wpa_dbg(wpa_s, MSG_DEBUG, " allow in non-WPA/WPA2"); 544 return 1; 545 } 546 547 wpa_dbg(wpa_s, MSG_DEBUG, " reject due to mismatch with " 548 "WPA/WPA2"); 549 550 return 0; 551 } 552 553 554 static int freq_allowed(int *freqs, int freq) 555 { 556 int i; 557 558 if (freqs == NULL) 559 return 1; 560 561 for (i = 0; freqs[i]; i++) 562 if (freqs[i] == freq) 563 return 1; 564 return 0; 565 } 566 567 568 static int ht_supported(const struct hostapd_hw_modes *mode) 569 { 570 if (!(mode->flags & HOSTAPD_MODE_FLAG_HT_INFO_KNOWN)) { 571 /* 572 * The driver did not indicate whether it supports HT. Assume 573 * it does to avoid connection issues. 574 */ 575 return 1; 576 } 577 578 /* 579 * IEEE Std 802.11n-2009 20.1.1: 580 * An HT non-AP STA shall support all EQM rates for one spatial stream. 581 */ 582 return mode->mcs_set[0] == 0xff; 583 } 584 585 586 static int vht_supported(const struct hostapd_hw_modes *mode) 587 { 588 if (!(mode->flags & HOSTAPD_MODE_FLAG_VHT_INFO_KNOWN)) { 589 /* 590 * The driver did not indicate whether it supports VHT. Assume 591 * it does to avoid connection issues. 592 */ 593 return 1; 594 } 595 596 /* 597 * A VHT non-AP STA shall support MCS 0-7 for one spatial stream. 598 * TODO: Verify if this complies with the standard 599 */ 600 return (mode->vht_mcs_set[0] & 0x3) != 3; 601 } 602 603 604 static int rate_match(struct wpa_supplicant *wpa_s, struct wpa_bss *bss) 605 { 606 const struct hostapd_hw_modes *mode = NULL, *modes; 607 const u8 scan_ie[2] = { WLAN_EID_SUPP_RATES, WLAN_EID_EXT_SUPP_RATES }; 608 const u8 *rate_ie; 609 int i, j, k; 610 611 if (bss->freq == 0) 612 return 1; /* Cannot do matching without knowing band */ 613 614 modes = wpa_s->hw.modes; 615 if (modes == NULL) { 616 /* 617 * The driver does not provide any additional information 618 * about the utilized hardware, so allow the connection attempt 619 * to continue. 620 */ 621 return 1; 622 } 623 624 for (i = 0; i < wpa_s->hw.num_modes; i++) { 625 for (j = 0; j < modes[i].num_channels; j++) { 626 int freq = modes[i].channels[j].freq; 627 if (freq == bss->freq) { 628 if (mode && 629 mode->mode == HOSTAPD_MODE_IEEE80211G) 630 break; /* do not allow 802.11b replace 631 * 802.11g */ 632 mode = &modes[i]; 633 break; 634 } 635 } 636 } 637 638 if (mode == NULL) 639 return 0; 640 641 for (i = 0; i < (int) sizeof(scan_ie); i++) { 642 rate_ie = wpa_bss_get_ie(bss, scan_ie[i]); 643 if (rate_ie == NULL) 644 continue; 645 646 for (j = 2; j < rate_ie[1] + 2; j++) { 647 int flagged = !!(rate_ie[j] & 0x80); 648 int r = (rate_ie[j] & 0x7f) * 5; 649 650 /* 651 * IEEE Std 802.11n-2009 7.3.2.2: 652 * The new BSS Membership selector value is encoded 653 * like a legacy basic rate, but it is not a rate and 654 * only indicates if the BSS members are required to 655 * support the mandatory features of Clause 20 [HT PHY] 656 * in order to join the BSS. 657 */ 658 if (flagged && ((rate_ie[j] & 0x7f) == 659 BSS_MEMBERSHIP_SELECTOR_HT_PHY)) { 660 if (!ht_supported(mode)) { 661 wpa_dbg(wpa_s, MSG_DEBUG, 662 " hardware does not support " 663 "HT PHY"); 664 return 0; 665 } 666 continue; 667 } 668 669 /* There's also a VHT selector for 802.11ac */ 670 if (flagged && ((rate_ie[j] & 0x7f) == 671 BSS_MEMBERSHIP_SELECTOR_VHT_PHY)) { 672 if (!vht_supported(mode)) { 673 wpa_dbg(wpa_s, MSG_DEBUG, 674 " hardware does not support " 675 "VHT PHY"); 676 return 0; 677 } 678 continue; 679 } 680 681 if (!flagged) 682 continue; 683 684 /* check for legacy basic rates */ 685 for (k = 0; k < mode->num_rates; k++) { 686 if (mode->rates[k] == r) 687 break; 688 } 689 if (k == mode->num_rates) { 690 /* 691 * IEEE Std 802.11-2007 7.3.2.2 demands that in 692 * order to join a BSS all required rates 693 * have to be supported by the hardware. 694 */ 695 wpa_dbg(wpa_s, MSG_DEBUG, " hardware does " 696 "not support required rate %d.%d Mbps", 697 r / 10, r % 10); 698 return 0; 699 } 700 } 701 } 702 703 return 1; 704 } 705 706 707 static int bss_is_dmg(struct wpa_bss *bss) 708 { 709 return bss->freq > 45000; 710 } 711 712 713 /* 714 * Test whether BSS is in an ESS. 715 * This is done differently in DMG (60 GHz) and non-DMG bands 716 */ 717 static int bss_is_ess(struct wpa_bss *bss) 718 { 719 if (bss_is_dmg(bss)) { 720 return (bss->caps & IEEE80211_CAP_DMG_MASK) == 721 IEEE80211_CAP_DMG_AP; 722 } 723 724 return ((bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) == 725 IEEE80211_CAP_ESS); 726 } 727 728 729 static struct wpa_ssid * wpa_scan_res_match(struct wpa_supplicant *wpa_s, 730 int i, struct wpa_bss *bss, 731 struct wpa_ssid *group) 732 { 733 u8 wpa_ie_len, rsn_ie_len; 734 int wpa; 735 struct wpa_blacklist *e; 736 const u8 *ie; 737 struct wpa_ssid *ssid; 738 739 ie = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 740 wpa_ie_len = ie ? ie[1] : 0; 741 742 ie = wpa_bss_get_ie(bss, WLAN_EID_RSN); 743 rsn_ie_len = ie ? ie[1] : 0; 744 745 wpa_dbg(wpa_s, MSG_DEBUG, "%d: " MACSTR " ssid='%s' " 746 "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x level=%d%s%s", 747 i, MAC2STR(bss->bssid), wpa_ssid_txt(bss->ssid, bss->ssid_len), 748 wpa_ie_len, rsn_ie_len, bss->caps, bss->level, 749 wpa_bss_get_vendor_ie(bss, WPS_IE_VENDOR_TYPE) ? " wps" : "", 750 (wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE) || 751 wpa_bss_get_vendor_ie_beacon(bss, P2P_IE_VENDOR_TYPE)) ? 752 " p2p" : ""); 753 754 e = wpa_blacklist_get(wpa_s, bss->bssid); 755 if (e) { 756 int limit = 1; 757 if (wpa_supplicant_enabled_networks(wpa_s) == 1) { 758 /* 759 * When only a single network is enabled, we can 760 * trigger blacklisting on the first failure. This 761 * should not be done with multiple enabled networks to 762 * avoid getting forced to move into a worse ESS on 763 * single error if there are no other BSSes of the 764 * current ESS. 765 */ 766 limit = 0; 767 } 768 if (e->count > limit) { 769 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " 770 "(count=%d limit=%d)", e->count, limit); 771 return NULL; 772 } 773 } 774 775 if (bss->ssid_len == 0) { 776 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID not known"); 777 return NULL; 778 } 779 780 if (disallowed_bssid(wpa_s, bss->bssid)) { 781 wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID disallowed"); 782 return NULL; 783 } 784 785 if (disallowed_ssid(wpa_s, bss->ssid, bss->ssid_len)) { 786 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID disallowed"); 787 return NULL; 788 } 789 790 wpa = wpa_ie_len > 0 || rsn_ie_len > 0; 791 792 for (ssid = group; ssid; ssid = ssid->pnext) { 793 int check_ssid = wpa ? 1 : (ssid->ssid_len != 0); 794 int res; 795 796 if (wpas_network_disabled(wpa_s, ssid)) { 797 wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled"); 798 continue; 799 } 800 801 res = wpas_temp_disabled(wpa_s, ssid); 802 if (res > 0) { 803 wpa_dbg(wpa_s, MSG_DEBUG, " skip - disabled " 804 "temporarily for %d second(s)", res); 805 continue; 806 } 807 808 #ifdef CONFIG_WPS 809 if ((ssid->key_mgmt & WPA_KEY_MGMT_WPS) && e && e->count > 0) { 810 wpa_dbg(wpa_s, MSG_DEBUG, " skip - blacklisted " 811 "(WPS)"); 812 continue; 813 } 814 815 if (wpa && ssid->ssid_len == 0 && 816 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss)) 817 check_ssid = 0; 818 819 if (!wpa && (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 820 /* Only allow wildcard SSID match if an AP 821 * advertises active WPS operation that matches 822 * with our mode. */ 823 check_ssid = 1; 824 if (ssid->ssid_len == 0 && 825 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss)) 826 check_ssid = 0; 827 } 828 #endif /* CONFIG_WPS */ 829 830 if (ssid->bssid_set && ssid->ssid_len == 0 && 831 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) == 0) 832 check_ssid = 0; 833 834 if (check_ssid && 835 (bss->ssid_len != ssid->ssid_len || 836 os_memcmp(bss->ssid, ssid->ssid, bss->ssid_len) != 0)) { 837 wpa_dbg(wpa_s, MSG_DEBUG, " skip - SSID mismatch"); 838 continue; 839 } 840 841 if (ssid->bssid_set && 842 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) { 843 wpa_dbg(wpa_s, MSG_DEBUG, " skip - BSSID mismatch"); 844 continue; 845 } 846 847 if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss)) 848 continue; 849 850 if (!wpa && 851 !(ssid->key_mgmt & WPA_KEY_MGMT_NONE) && 852 !(ssid->key_mgmt & WPA_KEY_MGMT_WPS) && 853 !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) { 854 wpa_dbg(wpa_s, MSG_DEBUG, " skip - non-WPA network " 855 "not allowed"); 856 continue; 857 } 858 859 if (wpa && !wpa_key_mgmt_wpa(ssid->key_mgmt) && 860 has_wep_key(ssid)) { 861 wpa_dbg(wpa_s, MSG_DEBUG, " skip - ignore WPA/WPA2 AP for WEP network block"); 862 continue; 863 } 864 865 if (!wpa_supplicant_match_privacy(bss, ssid)) { 866 wpa_dbg(wpa_s, MSG_DEBUG, " skip - privacy " 867 "mismatch"); 868 continue; 869 } 870 871 if (!bss_is_ess(bss)) { 872 wpa_dbg(wpa_s, MSG_DEBUG, " skip - not ESS network"); 873 continue; 874 } 875 876 if (!freq_allowed(ssid->freq_list, bss->freq)) { 877 wpa_dbg(wpa_s, MSG_DEBUG, " skip - frequency not " 878 "allowed"); 879 continue; 880 } 881 882 if (!rate_match(wpa_s, bss)) { 883 wpa_dbg(wpa_s, MSG_DEBUG, " skip - rate sets do " 884 "not match"); 885 continue; 886 } 887 888 #ifdef CONFIG_P2P 889 if (ssid->p2p_group && 890 !wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE) && 891 !wpa_bss_get_vendor_ie_beacon(bss, P2P_IE_VENDOR_TYPE)) { 892 wpa_dbg(wpa_s, MSG_DEBUG, " skip - no P2P IE seen"); 893 continue; 894 } 895 896 if (!is_zero_ether_addr(ssid->go_p2p_dev_addr)) { 897 struct wpabuf *p2p_ie; 898 u8 dev_addr[ETH_ALEN]; 899 900 ie = wpa_bss_get_vendor_ie(bss, P2P_IE_VENDOR_TYPE); 901 if (ie == NULL) { 902 wpa_dbg(wpa_s, MSG_DEBUG, " skip - no P2P element"); 903 continue; 904 } 905 p2p_ie = wpa_bss_get_vendor_ie_multi( 906 bss, P2P_IE_VENDOR_TYPE); 907 if (p2p_ie == NULL) { 908 wpa_dbg(wpa_s, MSG_DEBUG, " skip - could not fetch P2P element"); 909 continue; 910 } 911 912 if (p2p_parse_dev_addr_in_p2p_ie(p2p_ie, dev_addr) < 0 913 || os_memcmp(dev_addr, ssid->go_p2p_dev_addr, 914 ETH_ALEN) != 0) { 915 wpa_dbg(wpa_s, MSG_DEBUG, " skip - no matching GO P2P Device Address in P2P element"); 916 wpabuf_free(p2p_ie); 917 continue; 918 } 919 wpabuf_free(p2p_ie); 920 } 921 922 /* 923 * TODO: skip the AP if its P2P IE has Group Formation 924 * bit set in the P2P Group Capability Bitmap and we 925 * are not in Group Formation with that device. 926 */ 927 #endif /* CONFIG_P2P */ 928 929 /* Matching configuration found */ 930 return ssid; 931 } 932 933 /* No matching configuration found */ 934 return NULL; 935 } 936 937 938 static struct wpa_bss * 939 wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, 940 struct wpa_ssid *group, 941 struct wpa_ssid **selected_ssid) 942 { 943 unsigned int i; 944 945 wpa_dbg(wpa_s, MSG_DEBUG, "Selecting BSS from priority group %d", 946 group->priority); 947 948 for (i = 0; i < wpa_s->last_scan_res_used; i++) { 949 struct wpa_bss *bss = wpa_s->last_scan_res[i]; 950 *selected_ssid = wpa_scan_res_match(wpa_s, i, bss, group); 951 if (!*selected_ssid) 952 continue; 953 wpa_dbg(wpa_s, MSG_DEBUG, " selected BSS " MACSTR 954 " ssid='%s'", 955 MAC2STR(bss->bssid), 956 wpa_ssid_txt(bss->ssid, bss->ssid_len)); 957 return bss; 958 } 959 960 return NULL; 961 } 962 963 964 struct wpa_bss * wpa_supplicant_pick_network(struct wpa_supplicant *wpa_s, 965 struct wpa_ssid **selected_ssid) 966 { 967 struct wpa_bss *selected = NULL; 968 int prio; 969 970 if (wpa_s->last_scan_res == NULL || 971 wpa_s->last_scan_res_used == 0) 972 return NULL; /* no scan results from last update */ 973 974 while (selected == NULL) { 975 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { 976 selected = wpa_supplicant_select_bss( 977 wpa_s, wpa_s->conf->pssid[prio], 978 selected_ssid); 979 if (selected) 980 break; 981 } 982 983 if (selected == NULL && wpa_s->blacklist && 984 !wpa_s->countermeasures) { 985 wpa_dbg(wpa_s, MSG_DEBUG, "No APs found - clear " 986 "blacklist and try again"); 987 wpa_blacklist_clear(wpa_s); 988 wpa_s->blacklist_cleared++; 989 } else if (selected == NULL) 990 break; 991 } 992 993 return selected; 994 } 995 996 997 static void wpa_supplicant_req_new_scan(struct wpa_supplicant *wpa_s, 998 int timeout_sec, int timeout_usec) 999 { 1000 if (!wpa_supplicant_enabled_networks(wpa_s)) { 1001 /* 1002 * No networks are enabled; short-circuit request so 1003 * we don't wait timeout seconds before transitioning 1004 * to INACTIVE state. 1005 */ 1006 wpa_dbg(wpa_s, MSG_DEBUG, "Short-circuit new scan request " 1007 "since there are no enabled networks"); 1008 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 1009 return; 1010 } 1011 1012 wpa_s->scan_for_connection = 1; 1013 wpa_supplicant_req_scan(wpa_s, timeout_sec, timeout_usec); 1014 } 1015 1016 1017 int wpa_supplicant_connect(struct wpa_supplicant *wpa_s, 1018 struct wpa_bss *selected, 1019 struct wpa_ssid *ssid) 1020 { 1021 if (wpas_wps_scan_pbc_overlap(wpa_s, selected, ssid)) { 1022 wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_OVERLAP 1023 "PBC session overlap"); 1024 #ifdef CONFIG_P2P 1025 if (wpas_p2p_notif_pbc_overlap(wpa_s) == 1) 1026 return -1; 1027 #endif /* CONFIG_P2P */ 1028 1029 #ifdef CONFIG_WPS 1030 wpas_wps_cancel(wpa_s); 1031 #endif /* CONFIG_WPS */ 1032 return -1; 1033 } 1034 1035 wpa_msg(wpa_s, MSG_DEBUG, 1036 "Considering connect request: reassociate: %d selected: " 1037 MACSTR " bssid: " MACSTR " pending: " MACSTR 1038 " wpa_state: %s ssid=%p current_ssid=%p", 1039 wpa_s->reassociate, MAC2STR(selected->bssid), 1040 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), 1041 wpa_supplicant_state_txt(wpa_s->wpa_state), 1042 ssid, wpa_s->current_ssid); 1043 1044 /* 1045 * Do not trigger new association unless the BSSID has changed or if 1046 * reassociation is requested. If we are in process of associating with 1047 * the selected BSSID, do not trigger new attempt. 1048 */ 1049 if (wpa_s->reassociate || 1050 (os_memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0 && 1051 ((wpa_s->wpa_state != WPA_ASSOCIATING && 1052 wpa_s->wpa_state != WPA_AUTHENTICATING) || 1053 (!is_zero_ether_addr(wpa_s->pending_bssid) && 1054 os_memcmp(selected->bssid, wpa_s->pending_bssid, ETH_ALEN) != 1055 0) || 1056 (is_zero_ether_addr(wpa_s->pending_bssid) && 1057 ssid != wpa_s->current_ssid)))) { 1058 if (wpa_supplicant_scard_init(wpa_s, ssid)) { 1059 wpa_supplicant_req_new_scan(wpa_s, 10, 0); 1060 return 0; 1061 } 1062 wpa_msg(wpa_s, MSG_DEBUG, "Request association with " MACSTR, 1063 MAC2STR(selected->bssid)); 1064 wpa_supplicant_associate(wpa_s, selected, ssid); 1065 } else { 1066 wpa_dbg(wpa_s, MSG_DEBUG, "Already associated or trying to " 1067 "connect with the selected AP"); 1068 } 1069 1070 return 0; 1071 } 1072 1073 1074 static struct wpa_ssid * 1075 wpa_supplicant_pick_new_network(struct wpa_supplicant *wpa_s) 1076 { 1077 int prio; 1078 struct wpa_ssid *ssid; 1079 1080 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) { 1081 for (ssid = wpa_s->conf->pssid[prio]; ssid; ssid = ssid->pnext) 1082 { 1083 if (wpas_network_disabled(wpa_s, ssid)) 1084 continue; 1085 if (ssid->mode == IEEE80211_MODE_IBSS || 1086 ssid->mode == IEEE80211_MODE_AP) 1087 return ssid; 1088 } 1089 } 1090 return NULL; 1091 } 1092 1093 1094 /* TODO: move the rsn_preauth_scan_result*() to be called from notify.c based 1095 * on BSS added and BSS changed events */ 1096 static void wpa_supplicant_rsn_preauth_scan_results( 1097 struct wpa_supplicant *wpa_s) 1098 { 1099 struct wpa_bss *bss; 1100 1101 if (rsn_preauth_scan_results(wpa_s->wpa) < 0) 1102 return; 1103 1104 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 1105 const u8 *ssid, *rsn; 1106 1107 ssid = wpa_bss_get_ie(bss, WLAN_EID_SSID); 1108 if (ssid == NULL) 1109 continue; 1110 1111 rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 1112 if (rsn == NULL) 1113 continue; 1114 1115 rsn_preauth_scan_result(wpa_s->wpa, bss->bssid, ssid, rsn); 1116 } 1117 1118 } 1119 1120 1121 static int wpa_supplicant_need_to_roam(struct wpa_supplicant *wpa_s, 1122 struct wpa_bss *selected, 1123 struct wpa_ssid *ssid) 1124 { 1125 struct wpa_bss *current_bss = NULL; 1126 int min_diff; 1127 1128 if (wpa_s->reassociate) 1129 return 1; /* explicit request to reassociate */ 1130 if (wpa_s->wpa_state < WPA_ASSOCIATED) 1131 return 1; /* we are not associated; continue */ 1132 if (wpa_s->current_ssid == NULL) 1133 return 1; /* unknown current SSID */ 1134 if (wpa_s->current_ssid != ssid) 1135 return 1; /* different network block */ 1136 1137 if (wpas_driver_bss_selection(wpa_s)) 1138 return 0; /* Driver-based roaming */ 1139 1140 if (wpa_s->current_ssid->ssid) 1141 current_bss = wpa_bss_get(wpa_s, wpa_s->bssid, 1142 wpa_s->current_ssid->ssid, 1143 wpa_s->current_ssid->ssid_len); 1144 if (!current_bss) 1145 current_bss = wpa_bss_get_bssid(wpa_s, wpa_s->bssid); 1146 1147 if (!current_bss) 1148 return 1; /* current BSS not seen in scan results */ 1149 1150 if (current_bss == selected) 1151 return 0; 1152 1153 if (selected->last_update_idx > current_bss->last_update_idx) 1154 return 1; /* current BSS not seen in the last scan */ 1155 1156 #ifndef CONFIG_NO_ROAMING 1157 wpa_dbg(wpa_s, MSG_DEBUG, "Considering within-ESS reassociation"); 1158 wpa_dbg(wpa_s, MSG_DEBUG, "Current BSS: " MACSTR " level=%d", 1159 MAC2STR(current_bss->bssid), current_bss->level); 1160 wpa_dbg(wpa_s, MSG_DEBUG, "Selected BSS: " MACSTR " level=%d", 1161 MAC2STR(selected->bssid), selected->level); 1162 1163 if (wpa_s->current_ssid->bssid_set && 1164 os_memcmp(selected->bssid, wpa_s->current_ssid->bssid, ETH_ALEN) == 1165 0) { 1166 wpa_dbg(wpa_s, MSG_DEBUG, "Allow reassociation - selected BSS " 1167 "has preferred BSSID"); 1168 return 1; 1169 } 1170 1171 if (current_bss->level < 0 && current_bss->level > selected->level) { 1172 wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - Current BSS has better " 1173 "signal level"); 1174 return 0; 1175 } 1176 1177 min_diff = 2; 1178 if (current_bss->level < 0) { 1179 if (current_bss->level < -85) 1180 min_diff = 1; 1181 else if (current_bss->level < -80) 1182 min_diff = 2; 1183 else if (current_bss->level < -75) 1184 min_diff = 3; 1185 else if (current_bss->level < -70) 1186 min_diff = 4; 1187 else 1188 min_diff = 5; 1189 } 1190 if (abs(current_bss->level - selected->level) < min_diff) { 1191 wpa_dbg(wpa_s, MSG_DEBUG, "Skip roam - too small difference " 1192 "in signal level"); 1193 return 0; 1194 } 1195 1196 return 1; 1197 #else /* CONFIG_NO_ROAMING */ 1198 return 0; 1199 #endif /* CONFIG_NO_ROAMING */ 1200 } 1201 1202 1203 /* Return != 0 if no scan results could be fetched or if scan results should not 1204 * be shared with other virtual interfaces. */ 1205 static int _wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 1206 union wpa_event_data *data, 1207 int own_request) 1208 { 1209 struct wpa_scan_results *scan_res = NULL; 1210 int ret = 0; 1211 int ap = 0; 1212 #ifndef CONFIG_NO_RANDOM_POOL 1213 size_t i, num; 1214 #endif /* CONFIG_NO_RANDOM_POOL */ 1215 1216 #ifdef CONFIG_AP 1217 if (wpa_s->ap_iface) 1218 ap = 1; 1219 #endif /* CONFIG_AP */ 1220 1221 wpa_supplicant_notify_scanning(wpa_s, 0); 1222 1223 scan_res = wpa_supplicant_get_scan_results(wpa_s, 1224 data ? &data->scan_info : 1225 NULL, 1); 1226 if (scan_res == NULL) { 1227 if (wpa_s->conf->ap_scan == 2 || ap || 1228 wpa_s->scan_res_handler == scan_only_handler) 1229 return -1; 1230 if (!own_request) 1231 return -1; 1232 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to get scan results - try " 1233 "scanning again"); 1234 wpa_supplicant_req_new_scan(wpa_s, 1, 0); 1235 ret = -1; 1236 goto scan_work_done; 1237 } 1238 1239 #ifndef CONFIG_NO_RANDOM_POOL 1240 num = scan_res->num; 1241 if (num > 10) 1242 num = 10; 1243 for (i = 0; i < num; i++) { 1244 u8 buf[5]; 1245 struct wpa_scan_res *res = scan_res->res[i]; 1246 buf[0] = res->bssid[5]; 1247 buf[1] = res->qual & 0xff; 1248 buf[2] = res->noise & 0xff; 1249 buf[3] = res->level & 0xff; 1250 buf[4] = res->tsf & 0xff; 1251 random_add_randomness(buf, sizeof(buf)); 1252 } 1253 #endif /* CONFIG_NO_RANDOM_POOL */ 1254 1255 if (own_request && wpa_s->scan_res_handler && 1256 (wpa_s->own_scan_running || !wpa_s->external_scan_running)) { 1257 void (*scan_res_handler)(struct wpa_supplicant *wpa_s, 1258 struct wpa_scan_results *scan_res); 1259 1260 scan_res_handler = wpa_s->scan_res_handler; 1261 wpa_s->scan_res_handler = NULL; 1262 scan_res_handler(wpa_s, scan_res); 1263 ret = -2; 1264 goto scan_work_done; 1265 } 1266 1267 if (ap) { 1268 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore scan results in AP mode"); 1269 #ifdef CONFIG_AP 1270 if (wpa_s->ap_iface->scan_cb) 1271 wpa_s->ap_iface->scan_cb(wpa_s->ap_iface); 1272 #endif /* CONFIG_AP */ 1273 goto scan_work_done; 1274 } 1275 1276 wpa_dbg(wpa_s, MSG_DEBUG, "New scan results available (own=%u ext=%u)", 1277 wpa_s->own_scan_running, wpa_s->external_scan_running); 1278 if (wpa_s->last_scan_req == MANUAL_SCAN_REQ && 1279 wpa_s->manual_scan_use_id && wpa_s->own_scan_running) { 1280 wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS "id=%u", 1281 wpa_s->manual_scan_id); 1282 wpa_s->manual_scan_use_id = 0; 1283 } else { 1284 wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS); 1285 } 1286 wpas_notify_scan_results(wpa_s); 1287 1288 wpas_notify_scan_done(wpa_s, 1); 1289 1290 if (!wpa_s->own_scan_running && wpa_s->external_scan_running) { 1291 wpa_dbg(wpa_s, MSG_DEBUG, "Do not use results from externally requested scan operation for network selection"); 1292 wpa_scan_results_free(scan_res); 1293 return 0; 1294 } 1295 1296 if (sme_proc_obss_scan(wpa_s) > 0) 1297 goto scan_work_done; 1298 1299 if ((wpa_s->conf->ap_scan == 2 && !wpas_wps_searching(wpa_s))) 1300 goto scan_work_done; 1301 1302 if (autoscan_notify_scan(wpa_s, scan_res)) 1303 goto scan_work_done; 1304 1305 if (wpa_s->disconnected) { 1306 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 1307 goto scan_work_done; 1308 } 1309 1310 if (!wpas_driver_bss_selection(wpa_s) && 1311 bgscan_notify_scan(wpa_s, scan_res) == 1) 1312 goto scan_work_done; 1313 1314 wpas_wps_update_ap_info(wpa_s, scan_res); 1315 1316 wpa_scan_results_free(scan_res); 1317 1318 if (wpa_s->scan_work) { 1319 struct wpa_radio_work *work = wpa_s->scan_work; 1320 wpa_s->scan_work = NULL; 1321 radio_work_done(work); 1322 } 1323 1324 return wpas_select_network_from_last_scan(wpa_s, 1, own_request); 1325 1326 scan_work_done: 1327 wpa_scan_results_free(scan_res); 1328 if (wpa_s->scan_work) { 1329 struct wpa_radio_work *work = wpa_s->scan_work; 1330 wpa_s->scan_work = NULL; 1331 radio_work_done(work); 1332 } 1333 return ret; 1334 } 1335 1336 1337 static int wpas_select_network_from_last_scan(struct wpa_supplicant *wpa_s, 1338 int new_scan, int own_request) 1339 { 1340 struct wpa_bss *selected; 1341 struct wpa_ssid *ssid = NULL; 1342 1343 selected = wpa_supplicant_pick_network(wpa_s, &ssid); 1344 1345 if (selected) { 1346 int skip; 1347 skip = !wpa_supplicant_need_to_roam(wpa_s, selected, ssid); 1348 if (skip) { 1349 if (new_scan) 1350 wpa_supplicant_rsn_preauth_scan_results(wpa_s); 1351 return 0; 1352 } 1353 1354 if (wpa_supplicant_connect(wpa_s, selected, ssid) < 0) { 1355 wpa_dbg(wpa_s, MSG_DEBUG, "Connect failed"); 1356 return -1; 1357 } 1358 if (new_scan) 1359 wpa_supplicant_rsn_preauth_scan_results(wpa_s); 1360 /* 1361 * Do not notify other virtual radios of scan results since we do not 1362 * want them to start other associations at the same time. 1363 */ 1364 return 1; 1365 } else { 1366 wpa_dbg(wpa_s, MSG_DEBUG, "No suitable network found"); 1367 ssid = wpa_supplicant_pick_new_network(wpa_s); 1368 if (ssid) { 1369 wpa_dbg(wpa_s, MSG_DEBUG, "Setup a new network"); 1370 wpa_supplicant_associate(wpa_s, NULL, ssid); 1371 if (new_scan) 1372 wpa_supplicant_rsn_preauth_scan_results(wpa_s); 1373 } else if (own_request) { 1374 /* 1375 * No SSID found. If SCAN results are as a result of 1376 * own scan request and not due to a scan request on 1377 * another shared interface, try another scan. 1378 */ 1379 int timeout_sec = wpa_s->scan_interval; 1380 int timeout_usec = 0; 1381 #ifdef CONFIG_P2P 1382 if (wpas_p2p_scan_no_go_seen(wpa_s) == 1) 1383 return 0; 1384 1385 if (wpa_s->p2p_in_provisioning || 1386 wpa_s->show_group_started) { 1387 /* 1388 * Use shorter wait during P2P Provisioning 1389 * state and during P2P join-a-group operation 1390 * to speed up group formation. 1391 */ 1392 timeout_sec = 0; 1393 timeout_usec = 250000; 1394 wpa_supplicant_req_new_scan(wpa_s, timeout_sec, 1395 timeout_usec); 1396 return 0; 1397 } 1398 #endif /* CONFIG_P2P */ 1399 #ifdef CONFIG_INTERWORKING 1400 if (wpa_s->conf->auto_interworking && 1401 wpa_s->conf->interworking && 1402 wpa_s->conf->cred) { 1403 wpa_dbg(wpa_s, MSG_DEBUG, "Interworking: " 1404 "start ANQP fetch since no matching " 1405 "networks found"); 1406 wpa_s->network_select = 1; 1407 wpa_s->auto_network_select = 1; 1408 interworking_start_fetch_anqp(wpa_s); 1409 return 1; 1410 } 1411 #endif /* CONFIG_INTERWORKING */ 1412 #ifdef CONFIG_WPS 1413 if (wpa_s->after_wps > 0 || wpas_wps_searching(wpa_s)) { 1414 wpa_dbg(wpa_s, MSG_DEBUG, "Use shorter wait during WPS processing"); 1415 timeout_sec = 0; 1416 timeout_usec = 500000; 1417 wpa_supplicant_req_new_scan(wpa_s, timeout_sec, 1418 timeout_usec); 1419 return 0; 1420 } 1421 #endif /* CONFIG_WPS */ 1422 if (wpa_supplicant_req_sched_scan(wpa_s)) 1423 wpa_supplicant_req_new_scan(wpa_s, timeout_sec, 1424 timeout_usec); 1425 } 1426 } 1427 return 0; 1428 } 1429 1430 1431 static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s, 1432 union wpa_event_data *data) 1433 { 1434 struct wpa_supplicant *ifs; 1435 1436 if (_wpa_supplicant_event_scan_results(wpa_s, data, 1) != 0) { 1437 /* 1438 * If no scan results could be fetched, then no need to 1439 * notify those interfaces that did not actually request 1440 * this scan. Similarly, if scan results started a new operation on this 1441 * interface, do not notify other interfaces to avoid concurrent 1442 * operations during a connection attempt. 1443 */ 1444 return; 1445 } 1446 1447 /* 1448 * Check other interfaces to see if they share the same radio. If 1449 * so, they get updated with this same scan info. 1450 */ 1451 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant, 1452 radio_list) { 1453 if (ifs != wpa_s) { 1454 wpa_printf(MSG_DEBUG, "%s: Updating scan results from " 1455 "sibling", ifs->ifname); 1456 _wpa_supplicant_event_scan_results(ifs, data, 0); 1457 } 1458 } 1459 } 1460 1461 #endif /* CONFIG_NO_SCAN_PROCESSING */ 1462 1463 1464 int wpa_supplicant_fast_associate(struct wpa_supplicant *wpa_s) 1465 { 1466 #ifdef CONFIG_NO_SCAN_PROCESSING 1467 return -1; 1468 #else /* CONFIG_NO_SCAN_PROCESSING */ 1469 struct os_reltime now; 1470 1471 if (wpa_s->last_scan_res_used <= 0) 1472 return -1; 1473 1474 os_get_reltime(&now); 1475 if (os_reltime_expired(&now, &wpa_s->last_scan, 5)) { 1476 wpa_printf(MSG_DEBUG, "Fast associate: Old scan results"); 1477 return -1; 1478 } 1479 1480 return wpas_select_network_from_last_scan(wpa_s, 0, 1); 1481 #endif /* CONFIG_NO_SCAN_PROCESSING */ 1482 } 1483 1484 #ifdef CONFIG_WNM 1485 1486 static void wnm_bss_keep_alive(void *eloop_ctx, void *sock_ctx) 1487 { 1488 struct wpa_supplicant *wpa_s = eloop_ctx; 1489 1490 if (wpa_s->wpa_state < WPA_ASSOCIATED) 1491 return; 1492 1493 if (!wpa_s->no_keep_alive) { 1494 wpa_printf(MSG_DEBUG, "WNM: Send keep-alive to AP " MACSTR, 1495 MAC2STR(wpa_s->bssid)); 1496 /* TODO: could skip this if normal data traffic has been sent */ 1497 /* TODO: Consider using some more appropriate data frame for 1498 * this */ 1499 if (wpa_s->l2) 1500 l2_packet_send(wpa_s->l2, wpa_s->bssid, 0x0800, 1501 (u8 *) "", 0); 1502 } 1503 1504 #ifdef CONFIG_SME 1505 if (wpa_s->sme.bss_max_idle_period) { 1506 unsigned int msec; 1507 msec = wpa_s->sme.bss_max_idle_period * 1024; /* times 1000 */ 1508 if (msec > 100) 1509 msec -= 100; 1510 eloop_register_timeout(msec / 1000, msec % 1000 * 1000, 1511 wnm_bss_keep_alive, wpa_s, NULL); 1512 } 1513 #endif /* CONFIG_SME */ 1514 } 1515 1516 1517 static void wnm_process_assoc_resp(struct wpa_supplicant *wpa_s, 1518 const u8 *ies, size_t ies_len) 1519 { 1520 struct ieee802_11_elems elems; 1521 1522 if (ies == NULL) 1523 return; 1524 1525 if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) 1526 return; 1527 1528 #ifdef CONFIG_SME 1529 if (elems.bss_max_idle_period) { 1530 unsigned int msec; 1531 wpa_s->sme.bss_max_idle_period = 1532 WPA_GET_LE16(elems.bss_max_idle_period); 1533 wpa_printf(MSG_DEBUG, "WNM: BSS Max Idle Period: %u (* 1000 " 1534 "TU)%s", wpa_s->sme.bss_max_idle_period, 1535 (elems.bss_max_idle_period[2] & 0x01) ? 1536 " (protected keep-live required)" : ""); 1537 if (wpa_s->sme.bss_max_idle_period == 0) 1538 wpa_s->sme.bss_max_idle_period = 1; 1539 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) { 1540 eloop_cancel_timeout(wnm_bss_keep_alive, wpa_s, NULL); 1541 /* msec times 1000 */ 1542 msec = wpa_s->sme.bss_max_idle_period * 1024; 1543 if (msec > 100) 1544 msec -= 100; 1545 eloop_register_timeout(msec / 1000, msec % 1000 * 1000, 1546 wnm_bss_keep_alive, wpa_s, 1547 NULL); 1548 } 1549 } 1550 #endif /* CONFIG_SME */ 1551 } 1552 1553 #endif /* CONFIG_WNM */ 1554 1555 1556 void wnm_bss_keep_alive_deinit(struct wpa_supplicant *wpa_s) 1557 { 1558 #ifdef CONFIG_WNM 1559 eloop_cancel_timeout(wnm_bss_keep_alive, wpa_s, NULL); 1560 #endif /* CONFIG_WNM */ 1561 } 1562 1563 1564 #ifdef CONFIG_INTERWORKING 1565 1566 static int wpas_qos_map_set(struct wpa_supplicant *wpa_s, const u8 *qos_map, 1567 size_t len) 1568 { 1569 int res; 1570 1571 wpa_hexdump(MSG_DEBUG, "Interworking: QoS Map Set", qos_map, len); 1572 res = wpa_drv_set_qos_map(wpa_s, qos_map, len); 1573 if (res) { 1574 wpa_printf(MSG_DEBUG, "Interworking: Failed to configure QoS Map Set to the driver"); 1575 } 1576 1577 return res; 1578 } 1579 1580 1581 static void interworking_process_assoc_resp(struct wpa_supplicant *wpa_s, 1582 const u8 *ies, size_t ies_len) 1583 { 1584 struct ieee802_11_elems elems; 1585 1586 if (ies == NULL) 1587 return; 1588 1589 if (ieee802_11_parse_elems(ies, ies_len, &elems, 1) == ParseFailed) 1590 return; 1591 1592 if (elems.qos_map_set) { 1593 wpas_qos_map_set(wpa_s, elems.qos_map_set, 1594 elems.qos_map_set_len); 1595 } 1596 } 1597 1598 #endif /* CONFIG_INTERWORKING */ 1599 1600 1601 static int wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s, 1602 union wpa_event_data *data) 1603 { 1604 int l, len, found = 0, wpa_found, rsn_found; 1605 const u8 *p; 1606 #ifdef CONFIG_IEEE80211R 1607 u8 bssid[ETH_ALEN]; 1608 #endif /* CONFIG_IEEE80211R */ 1609 1610 wpa_dbg(wpa_s, MSG_DEBUG, "Association info event"); 1611 if (data->assoc_info.req_ies) 1612 wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies, 1613 data->assoc_info.req_ies_len); 1614 if (data->assoc_info.resp_ies) { 1615 wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies, 1616 data->assoc_info.resp_ies_len); 1617 #ifdef CONFIG_TDLS 1618 wpa_tdls_assoc_resp_ies(wpa_s->wpa, data->assoc_info.resp_ies, 1619 data->assoc_info.resp_ies_len); 1620 #endif /* CONFIG_TDLS */ 1621 #ifdef CONFIG_WNM 1622 wnm_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, 1623 data->assoc_info.resp_ies_len); 1624 #endif /* CONFIG_WNM */ 1625 #ifdef CONFIG_INTERWORKING 1626 interworking_process_assoc_resp(wpa_s, data->assoc_info.resp_ies, 1627 data->assoc_info.resp_ies_len); 1628 #endif /* CONFIG_INTERWORKING */ 1629 } 1630 if (data->assoc_info.beacon_ies) 1631 wpa_hexdump(MSG_DEBUG, "beacon_ies", 1632 data->assoc_info.beacon_ies, 1633 data->assoc_info.beacon_ies_len); 1634 if (data->assoc_info.freq) 1635 wpa_dbg(wpa_s, MSG_DEBUG, "freq=%u MHz", 1636 data->assoc_info.freq); 1637 1638 p = data->assoc_info.req_ies; 1639 l = data->assoc_info.req_ies_len; 1640 1641 /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */ 1642 while (p && l >= 2) { 1643 len = p[1] + 2; 1644 if (len > l) { 1645 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", 1646 p, l); 1647 break; 1648 } 1649 if ((p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && 1650 (os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) || 1651 (p[0] == WLAN_EID_RSN && p[1] >= 2)) { 1652 if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len)) 1653 break; 1654 found = 1; 1655 wpa_find_assoc_pmkid(wpa_s); 1656 break; 1657 } 1658 l -= len; 1659 p += len; 1660 } 1661 if (!found && data->assoc_info.req_ies) 1662 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 1663 1664 #ifdef CONFIG_IEEE80211R 1665 #ifdef CONFIG_SME 1666 if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FT) { 1667 if (wpa_drv_get_bssid(wpa_s, bssid) < 0 || 1668 wpa_ft_validate_reassoc_resp(wpa_s->wpa, 1669 data->assoc_info.resp_ies, 1670 data->assoc_info.resp_ies_len, 1671 bssid) < 0) { 1672 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Validation of " 1673 "Reassociation Response failed"); 1674 wpa_supplicant_deauthenticate( 1675 wpa_s, WLAN_REASON_INVALID_IE); 1676 return -1; 1677 } 1678 } 1679 1680 p = data->assoc_info.resp_ies; 1681 l = data->assoc_info.resp_ies_len; 1682 1683 #ifdef CONFIG_WPS_STRICT 1684 if (p && wpa_s->current_ssid && 1685 wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_WPS) { 1686 struct wpabuf *wps; 1687 wps = ieee802_11_vendor_ie_concat(p, l, WPS_IE_VENDOR_TYPE); 1688 if (wps == NULL) { 1689 wpa_msg(wpa_s, MSG_INFO, "WPS-STRICT: AP did not " 1690 "include WPS IE in (Re)Association Response"); 1691 return -1; 1692 } 1693 1694 if (wps_validate_assoc_resp(wps) < 0) { 1695 wpabuf_free(wps); 1696 wpa_supplicant_deauthenticate( 1697 wpa_s, WLAN_REASON_INVALID_IE); 1698 return -1; 1699 } 1700 wpabuf_free(wps); 1701 } 1702 #endif /* CONFIG_WPS_STRICT */ 1703 1704 /* Go through the IEs and make a copy of the MDIE, if present. */ 1705 while (p && l >= 2) { 1706 len = p[1] + 2; 1707 if (len > l) { 1708 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info", 1709 p, l); 1710 break; 1711 } 1712 if (p[0] == WLAN_EID_MOBILITY_DOMAIN && 1713 p[1] >= MOBILITY_DOMAIN_ID_LEN) { 1714 wpa_s->sme.ft_used = 1; 1715 os_memcpy(wpa_s->sme.mobility_domain, p + 2, 1716 MOBILITY_DOMAIN_ID_LEN); 1717 break; 1718 } 1719 l -= len; 1720 p += len; 1721 } 1722 #endif /* CONFIG_SME */ 1723 1724 /* Process FT when SME is in the driver */ 1725 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 1726 wpa_ft_is_completed(wpa_s->wpa)) { 1727 if (wpa_drv_get_bssid(wpa_s, bssid) < 0 || 1728 wpa_ft_validate_reassoc_resp(wpa_s->wpa, 1729 data->assoc_info.resp_ies, 1730 data->assoc_info.resp_ies_len, 1731 bssid) < 0) { 1732 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Validation of " 1733 "Reassociation Response failed"); 1734 wpa_supplicant_deauthenticate( 1735 wpa_s, WLAN_REASON_INVALID_IE); 1736 return -1; 1737 } 1738 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Reassociation Response done"); 1739 } 1740 1741 wpa_sm_set_ft_params(wpa_s->wpa, data->assoc_info.resp_ies, 1742 data->assoc_info.resp_ies_len); 1743 #endif /* CONFIG_IEEE80211R */ 1744 1745 /* WPA/RSN IE from Beacon/ProbeResp */ 1746 p = data->assoc_info.beacon_ies; 1747 l = data->assoc_info.beacon_ies_len; 1748 1749 /* Go through the IEs and make a copy of the WPA/RSN IEs, if present. 1750 */ 1751 wpa_found = rsn_found = 0; 1752 while (p && l >= 2) { 1753 len = p[1] + 2; 1754 if (len > l) { 1755 wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies", 1756 p, l); 1757 break; 1758 } 1759 if (!wpa_found && 1760 p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 && 1761 os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) { 1762 wpa_found = 1; 1763 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len); 1764 } 1765 1766 if (!rsn_found && 1767 p[0] == WLAN_EID_RSN && p[1] >= 2) { 1768 rsn_found = 1; 1769 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len); 1770 } 1771 1772 l -= len; 1773 p += len; 1774 } 1775 1776 if (!wpa_found && data->assoc_info.beacon_ies) 1777 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 1778 if (!rsn_found && data->assoc_info.beacon_ies) 1779 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 1780 if (wpa_found || rsn_found) 1781 wpa_s->ap_ies_from_associnfo = 1; 1782 1783 if (wpa_s->assoc_freq && data->assoc_info.freq && 1784 wpa_s->assoc_freq != data->assoc_info.freq) { 1785 wpa_printf(MSG_DEBUG, "Operating frequency changed from " 1786 "%u to %u MHz", 1787 wpa_s->assoc_freq, data->assoc_info.freq); 1788 wpa_supplicant_update_scan_results(wpa_s); 1789 } 1790 1791 wpa_s->assoc_freq = data->assoc_info.freq; 1792 1793 return 0; 1794 } 1795 1796 1797 static int wpa_supplicant_assoc_update_ie(struct wpa_supplicant *wpa_s) 1798 { 1799 const u8 *bss_wpa = NULL, *bss_rsn = NULL; 1800 1801 if (!wpa_s->current_bss || !wpa_s->current_ssid) 1802 return -1; 1803 1804 if (!wpa_key_mgmt_wpa_any(wpa_s->current_ssid->key_mgmt)) 1805 return 0; 1806 1807 bss_wpa = wpa_bss_get_vendor_ie(wpa_s->current_bss, 1808 WPA_IE_VENDOR_TYPE); 1809 bss_rsn = wpa_bss_get_ie(wpa_s->current_bss, WLAN_EID_RSN); 1810 1811 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, 1812 bss_wpa ? 2 + bss_wpa[1] : 0) || 1813 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, 1814 bss_rsn ? 2 + bss_rsn[1] : 0)) 1815 return -1; 1816 1817 return 0; 1818 } 1819 1820 1821 static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s, 1822 union wpa_event_data *data) 1823 { 1824 u8 bssid[ETH_ALEN]; 1825 int ft_completed; 1826 1827 #ifdef CONFIG_AP 1828 if (wpa_s->ap_iface) { 1829 hostapd_notif_assoc(wpa_s->ap_iface->bss[0], 1830 data->assoc_info.addr, 1831 data->assoc_info.req_ies, 1832 data->assoc_info.req_ies_len, 1833 data->assoc_info.reassoc); 1834 return; 1835 } 1836 #endif /* CONFIG_AP */ 1837 1838 ft_completed = wpa_ft_is_completed(wpa_s->wpa); 1839 if (data && wpa_supplicant_event_associnfo(wpa_s, data) < 0) 1840 return; 1841 1842 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { 1843 wpa_dbg(wpa_s, MSG_ERROR, "Failed to get BSSID"); 1844 wpa_supplicant_deauthenticate( 1845 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1846 return; 1847 } 1848 1849 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED); 1850 if (os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0) { 1851 wpa_dbg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID=" 1852 MACSTR, MAC2STR(bssid)); 1853 random_add_randomness(bssid, ETH_ALEN); 1854 os_memcpy(wpa_s->bssid, bssid, ETH_ALEN); 1855 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 1856 wpas_notify_bssid_changed(wpa_s); 1857 1858 if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) { 1859 wpa_clear_keys(wpa_s, bssid); 1860 } 1861 if (wpa_supplicant_select_config(wpa_s) < 0) { 1862 wpa_supplicant_deauthenticate( 1863 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 1864 return; 1865 } 1866 1867 if (wpa_s->conf->ap_scan == 1 && 1868 wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION) { 1869 if (wpa_supplicant_assoc_update_ie(wpa_s) < 0) 1870 wpa_msg(wpa_s, MSG_WARNING, 1871 "WPA/RSN IEs not updated"); 1872 } 1873 } 1874 1875 #ifdef CONFIG_SME 1876 os_memcpy(wpa_s->sme.prev_bssid, bssid, ETH_ALEN); 1877 wpa_s->sme.prev_bssid_set = 1; 1878 #endif /* CONFIG_SME */ 1879 1880 wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid)); 1881 if (wpa_s->current_ssid) { 1882 /* When using scanning (ap_scan=1), SIM PC/SC interface can be 1883 * initialized before association, but for other modes, 1884 * initialize PC/SC here, if the current configuration needs 1885 * smartcard or SIM/USIM. */ 1886 wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid); 1887 } 1888 wpa_sm_notify_assoc(wpa_s->wpa, bssid); 1889 if (wpa_s->l2) 1890 l2_packet_notify_auth_start(wpa_s->l2); 1891 1892 /* 1893 * Set portEnabled first to FALSE in order to get EAP state machine out 1894 * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE 1895 * state machine may transit to AUTHENTICATING state based on obsolete 1896 * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to 1897 * AUTHENTICATED without ever giving chance to EAP state machine to 1898 * reset the state. 1899 */ 1900 if (!ft_completed) { 1901 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 1902 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 1903 } 1904 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed) 1905 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 1906 /* 802.1X::portControl = Auto */ 1907 eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE); 1908 wpa_s->eapol_received = 0; 1909 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1910 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE || 1911 (wpa_s->current_ssid && 1912 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS)) { 1913 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE && 1914 (wpa_s->drv_flags & 1915 WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE)) { 1916 /* 1917 * Set the key after having received joined-IBSS event 1918 * from the driver. 1919 */ 1920 wpa_supplicant_set_wpa_none_key(wpa_s, 1921 wpa_s->current_ssid); 1922 } 1923 wpa_supplicant_cancel_auth_timeout(wpa_s); 1924 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1925 } else if (!ft_completed) { 1926 /* Timeout for receiving the first EAPOL packet */ 1927 wpa_supplicant_req_auth_timeout(wpa_s, 10, 0); 1928 } 1929 wpa_supplicant_cancel_scan(wpa_s); 1930 1931 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1932 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 1933 /* 1934 * We are done; the driver will take care of RSN 4-way 1935 * handshake. 1936 */ 1937 wpa_supplicant_cancel_auth_timeout(wpa_s); 1938 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1939 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1940 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 1941 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && 1942 wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 1943 /* 1944 * The driver will take care of RSN 4-way handshake, so we need 1945 * to allow EAPOL supplicant to complete its work without 1946 * waiting for WPA supplicant. 1947 */ 1948 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1949 } else if (ft_completed) { 1950 /* 1951 * FT protocol completed - make sure EAPOL state machine ends 1952 * up in authenticated. 1953 */ 1954 wpa_supplicant_cancel_auth_timeout(wpa_s); 1955 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1956 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1957 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 1958 } 1959 1960 wpa_s->last_eapol_matches_bssid = 0; 1961 1962 if (wpa_s->pending_eapol_rx) { 1963 struct os_reltime now, age; 1964 os_get_reltime(&now); 1965 os_reltime_sub(&now, &wpa_s->pending_eapol_rx_time, &age); 1966 if (age.sec == 0 && age.usec < 100000 && 1967 os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) == 1968 0) { 1969 wpa_dbg(wpa_s, MSG_DEBUG, "Process pending EAPOL " 1970 "frame that was received just before " 1971 "association notification"); 1972 wpa_supplicant_rx_eapol( 1973 wpa_s, wpa_s->pending_eapol_rx_src, 1974 wpabuf_head(wpa_s->pending_eapol_rx), 1975 wpabuf_len(wpa_s->pending_eapol_rx)); 1976 } 1977 wpabuf_free(wpa_s->pending_eapol_rx); 1978 wpa_s->pending_eapol_rx = NULL; 1979 } 1980 1981 if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1982 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) && 1983 wpa_s->current_ssid && 1984 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE)) { 1985 /* Set static WEP keys again */ 1986 wpa_set_wep_keys(wpa_s, wpa_s->current_ssid); 1987 } 1988 1989 #ifdef CONFIG_IBSS_RSN 1990 if (wpa_s->current_ssid && 1991 wpa_s->current_ssid->mode == WPAS_MODE_IBSS && 1992 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 1993 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE && 1994 wpa_s->ibss_rsn == NULL) { 1995 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s); 1996 if (!wpa_s->ibss_rsn) { 1997 wpa_msg(wpa_s, MSG_INFO, "Failed to init IBSS RSN"); 1998 wpa_supplicant_deauthenticate( 1999 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 2000 return; 2001 } 2002 2003 ibss_rsn_set_psk(wpa_s->ibss_rsn, wpa_s->current_ssid->psk); 2004 } 2005 #endif /* CONFIG_IBSS_RSN */ 2006 2007 wpas_wps_notify_assoc(wpa_s, bssid); 2008 } 2009 2010 2011 static int disconnect_reason_recoverable(u16 reason_code) 2012 { 2013 return reason_code == WLAN_REASON_DISASSOC_DUE_TO_INACTIVITY || 2014 reason_code == WLAN_REASON_CLASS2_FRAME_FROM_NONAUTH_STA || 2015 reason_code == WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA; 2016 } 2017 2018 2019 static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s, 2020 u16 reason_code, 2021 int locally_generated) 2022 { 2023 const u8 *bssid; 2024 2025 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 2026 /* 2027 * At least Host AP driver and a Prism3 card seemed to be 2028 * generating streams of disconnected events when configuring 2029 * IBSS for WPA-None. Ignore them for now. 2030 */ 2031 return; 2032 } 2033 2034 bssid = wpa_s->bssid; 2035 if (is_zero_ether_addr(bssid)) 2036 bssid = wpa_s->pending_bssid; 2037 2038 if (!is_zero_ether_addr(bssid) || 2039 wpa_s->wpa_state >= WPA_AUTHENTICATING) { 2040 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "bssid=" MACSTR 2041 " reason=%d%s", 2042 MAC2STR(bssid), reason_code, 2043 locally_generated ? " locally_generated=1" : ""); 2044 } 2045 } 2046 2047 2048 static int could_be_psk_mismatch(struct wpa_supplicant *wpa_s, u16 reason_code, 2049 int locally_generated) 2050 { 2051 if (wpa_s->wpa_state != WPA_4WAY_HANDSHAKE || 2052 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) 2053 return 0; /* Not in 4-way handshake with PSK */ 2054 2055 /* 2056 * It looks like connection was lost while trying to go through PSK 2057 * 4-way handshake. Filter out known disconnection cases that are caused 2058 * by something else than PSK mismatch to avoid confusing reports. 2059 */ 2060 2061 if (locally_generated) { 2062 if (reason_code == WLAN_REASON_IE_IN_4WAY_DIFFERS) 2063 return 0; 2064 } 2065 2066 return 1; 2067 } 2068 2069 2070 static void wpa_supplicant_event_disassoc_finish(struct wpa_supplicant *wpa_s, 2071 u16 reason_code, 2072 int locally_generated) 2073 { 2074 const u8 *bssid; 2075 int authenticating; 2076 u8 prev_pending_bssid[ETH_ALEN]; 2077 struct wpa_bss *fast_reconnect = NULL; 2078 #ifndef CONFIG_NO_SCAN_PROCESSING 2079 struct wpa_ssid *fast_reconnect_ssid = NULL; 2080 #endif /* CONFIG_NO_SCAN_PROCESSING */ 2081 struct wpa_ssid *last_ssid; 2082 2083 authenticating = wpa_s->wpa_state == WPA_AUTHENTICATING; 2084 os_memcpy(prev_pending_bssid, wpa_s->pending_bssid, ETH_ALEN); 2085 2086 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 2087 /* 2088 * At least Host AP driver and a Prism3 card seemed to be 2089 * generating streams of disconnected events when configuring 2090 * IBSS for WPA-None. Ignore them for now. 2091 */ 2092 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - ignore in " 2093 "IBSS/WPA-None mode"); 2094 return; 2095 } 2096 2097 if (could_be_psk_mismatch(wpa_s, reason_code, locally_generated)) { 2098 wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - " 2099 "pre-shared key may be incorrect"); 2100 if (wpas_p2p_4way_hs_failed(wpa_s) > 0) 2101 return; /* P2P group removed */ 2102 wpas_auth_failed(wpa_s); 2103 } 2104 if (!wpa_s->disconnected && 2105 (!wpa_s->auto_reconnect_disabled || 2106 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)) { 2107 wpa_dbg(wpa_s, MSG_DEBUG, "Auto connect enabled: try to " 2108 "reconnect (wps=%d wpa_state=%d)", 2109 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS, 2110 wpa_s->wpa_state); 2111 if (wpa_s->wpa_state == WPA_COMPLETED && 2112 wpa_s->current_ssid && 2113 wpa_s->current_ssid->mode == WPAS_MODE_INFRA && 2114 !locally_generated && 2115 disconnect_reason_recoverable(reason_code)) { 2116 /* 2117 * It looks like the AP has dropped association with 2118 * us, but could allow us to get back in. Try to 2119 * reconnect to the same BSS without full scan to save 2120 * time for some common cases. 2121 */ 2122 fast_reconnect = wpa_s->current_bss; 2123 #ifndef CONFIG_NO_SCAN_PROCESSING 2124 fast_reconnect_ssid = wpa_s->current_ssid; 2125 #endif /* CONFIG_NO_SCAN_PROCESSING */ 2126 } else if (wpa_s->wpa_state >= WPA_ASSOCIATING) 2127 wpa_supplicant_req_scan(wpa_s, 0, 100000); 2128 else 2129 wpa_dbg(wpa_s, MSG_DEBUG, "Do not request new " 2130 "immediate scan"); 2131 } else { 2132 wpa_dbg(wpa_s, MSG_DEBUG, "Auto connect disabled: do not " 2133 "try to re-connect"); 2134 wpa_s->reassociate = 0; 2135 wpa_s->disconnected = 1; 2136 wpa_supplicant_cancel_sched_scan(wpa_s); 2137 } 2138 bssid = wpa_s->bssid; 2139 if (is_zero_ether_addr(bssid)) 2140 bssid = wpa_s->pending_bssid; 2141 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 2142 wpas_connection_failed(wpa_s, bssid); 2143 wpa_sm_notify_disassoc(wpa_s->wpa); 2144 if (locally_generated) 2145 wpa_s->disconnect_reason = -reason_code; 2146 else 2147 wpa_s->disconnect_reason = reason_code; 2148 wpas_notify_disconnect_reason(wpa_s); 2149 if (wpa_supplicant_dynamic_keys(wpa_s)) { 2150 wpa_dbg(wpa_s, MSG_DEBUG, "Disconnect event - remove keys"); 2151 wpa_clear_keys(wpa_s, wpa_s->bssid); 2152 } 2153 last_ssid = wpa_s->current_ssid; 2154 wpa_supplicant_mark_disassoc(wpa_s); 2155 2156 if (authenticating && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) { 2157 sme_disassoc_while_authenticating(wpa_s, prev_pending_bssid); 2158 wpa_s->current_ssid = last_ssid; 2159 } 2160 2161 if (fast_reconnect) { 2162 #ifndef CONFIG_NO_SCAN_PROCESSING 2163 wpa_dbg(wpa_s, MSG_DEBUG, "Try to reconnect to the same BSS"); 2164 if (wpa_supplicant_connect(wpa_s, fast_reconnect, 2165 fast_reconnect_ssid) < 0) { 2166 /* Recover through full scan */ 2167 wpa_supplicant_req_scan(wpa_s, 0, 100000); 2168 } 2169 #endif /* CONFIG_NO_SCAN_PROCESSING */ 2170 } 2171 } 2172 2173 2174 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 2175 void wpa_supplicant_delayed_mic_error_report(void *eloop_ctx, void *sock_ctx) 2176 { 2177 struct wpa_supplicant *wpa_s = eloop_ctx; 2178 2179 if (!wpa_s->pending_mic_error_report) 2180 return; 2181 2182 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Sending pending MIC error report"); 2183 wpa_sm_key_request(wpa_s->wpa, 1, wpa_s->pending_mic_error_pairwise); 2184 wpa_s->pending_mic_error_report = 0; 2185 } 2186 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 2187 2188 2189 static void 2190 wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s, 2191 union wpa_event_data *data) 2192 { 2193 int pairwise; 2194 struct os_reltime t; 2195 2196 wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected"); 2197 pairwise = (data && data->michael_mic_failure.unicast); 2198 os_get_reltime(&t); 2199 if ((wpa_s->last_michael_mic_error.sec && 2200 !os_reltime_expired(&t, &wpa_s->last_michael_mic_error, 60)) || 2201 wpa_s->pending_mic_error_report) { 2202 if (wpa_s->pending_mic_error_report) { 2203 /* 2204 * Send the pending MIC error report immediately since 2205 * we are going to start countermeasures and AP better 2206 * do the same. 2207 */ 2208 wpa_sm_key_request(wpa_s->wpa, 1, 2209 wpa_s->pending_mic_error_pairwise); 2210 } 2211 2212 /* Send the new MIC error report immediately since we are going 2213 * to start countermeasures and AP better do the same. 2214 */ 2215 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 2216 2217 /* initialize countermeasures */ 2218 wpa_s->countermeasures = 1; 2219 2220 wpa_blacklist_add(wpa_s, wpa_s->bssid); 2221 2222 wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started"); 2223 2224 /* 2225 * Need to wait for completion of request frame. We do not get 2226 * any callback for the message completion, so just wait a 2227 * short while and hope for the best. */ 2228 os_sleep(0, 10000); 2229 2230 wpa_drv_set_countermeasures(wpa_s, 1); 2231 wpa_supplicant_deauthenticate(wpa_s, 2232 WLAN_REASON_MICHAEL_MIC_FAILURE); 2233 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, 2234 wpa_s, NULL); 2235 eloop_register_timeout(60, 0, 2236 wpa_supplicant_stop_countermeasures, 2237 wpa_s, NULL); 2238 /* TODO: mark the AP rejected for 60 second. STA is 2239 * allowed to associate with another AP.. */ 2240 } else { 2241 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 2242 if (wpa_s->mic_errors_seen) { 2243 /* 2244 * Reduce the effectiveness of Michael MIC error 2245 * reports as a means for attacking against TKIP if 2246 * more than one MIC failure is noticed with the same 2247 * PTK. We delay the transmission of the reports by a 2248 * random time between 0 and 60 seconds in order to 2249 * force the attacker wait 60 seconds before getting 2250 * the information on whether a frame resulted in a MIC 2251 * failure. 2252 */ 2253 u8 rval[4]; 2254 int sec; 2255 2256 if (os_get_random(rval, sizeof(rval)) < 0) 2257 sec = os_random() % 60; 2258 else 2259 sec = WPA_GET_BE32(rval) % 60; 2260 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Delay MIC error " 2261 "report %d seconds", sec); 2262 wpa_s->pending_mic_error_report = 1; 2263 wpa_s->pending_mic_error_pairwise = pairwise; 2264 eloop_cancel_timeout( 2265 wpa_supplicant_delayed_mic_error_report, 2266 wpa_s, NULL); 2267 eloop_register_timeout( 2268 sec, os_random() % 1000000, 2269 wpa_supplicant_delayed_mic_error_report, 2270 wpa_s, NULL); 2271 } else { 2272 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 2273 } 2274 #else /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 2275 wpa_sm_key_request(wpa_s->wpa, 1, pairwise); 2276 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 2277 } 2278 wpa_s->last_michael_mic_error = t; 2279 wpa_s->mic_errors_seen++; 2280 } 2281 2282 2283 #ifdef CONFIG_TERMINATE_ONLASTIF 2284 static int any_interfaces(struct wpa_supplicant *head) 2285 { 2286 struct wpa_supplicant *wpa_s; 2287 2288 for (wpa_s = head; wpa_s != NULL; wpa_s = wpa_s->next) 2289 if (!wpa_s->interface_removed) 2290 return 1; 2291 return 0; 2292 } 2293 #endif /* CONFIG_TERMINATE_ONLASTIF */ 2294 2295 2296 static void 2297 wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s, 2298 union wpa_event_data *data) 2299 { 2300 if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0) 2301 return; 2302 2303 switch (data->interface_status.ievent) { 2304 case EVENT_INTERFACE_ADDED: 2305 if (!wpa_s->interface_removed) 2306 break; 2307 wpa_s->interface_removed = 0; 2308 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was added"); 2309 if (wpa_supplicant_driver_init(wpa_s) < 0) { 2310 wpa_msg(wpa_s, MSG_INFO, "Failed to initialize the " 2311 "driver after interface was added"); 2312 } 2313 break; 2314 case EVENT_INTERFACE_REMOVED: 2315 wpa_dbg(wpa_s, MSG_DEBUG, "Configured interface was removed"); 2316 wpa_s->interface_removed = 1; 2317 wpa_supplicant_mark_disassoc(wpa_s); 2318 wpa_supplicant_set_state(wpa_s, WPA_INTERFACE_DISABLED); 2319 l2_packet_deinit(wpa_s->l2); 2320 wpa_s->l2 = NULL; 2321 #ifdef CONFIG_IBSS_RSN 2322 ibss_rsn_deinit(wpa_s->ibss_rsn); 2323 wpa_s->ibss_rsn = NULL; 2324 #endif /* CONFIG_IBSS_RSN */ 2325 #ifdef CONFIG_TERMINATE_ONLASTIF 2326 /* check if last interface */ 2327 if (!any_interfaces(wpa_s->global->ifaces)) 2328 eloop_terminate(); 2329 #endif /* CONFIG_TERMINATE_ONLASTIF */ 2330 break; 2331 } 2332 } 2333 2334 2335 #ifdef CONFIG_PEERKEY 2336 static void 2337 wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s, 2338 union wpa_event_data *data) 2339 { 2340 if (data == NULL) 2341 return; 2342 wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer); 2343 } 2344 #endif /* CONFIG_PEERKEY */ 2345 2346 2347 #ifdef CONFIG_TDLS 2348 static void wpa_supplicant_event_tdls(struct wpa_supplicant *wpa_s, 2349 union wpa_event_data *data) 2350 { 2351 if (data == NULL) 2352 return; 2353 switch (data->tdls.oper) { 2354 case TDLS_REQUEST_SETUP: 2355 wpa_tdls_remove(wpa_s->wpa, data->tdls.peer); 2356 if (wpa_tdls_is_external_setup(wpa_s->wpa)) 2357 wpa_tdls_start(wpa_s->wpa, data->tdls.peer); 2358 else 2359 wpa_drv_tdls_oper(wpa_s, TDLS_SETUP, data->tdls.peer); 2360 break; 2361 case TDLS_REQUEST_TEARDOWN: 2362 if (wpa_tdls_is_external_setup(wpa_s->wpa)) 2363 wpa_tdls_teardown_link(wpa_s->wpa, data->tdls.peer, 2364 data->tdls.reason_code); 2365 else 2366 wpa_drv_tdls_oper(wpa_s, TDLS_TEARDOWN, 2367 data->tdls.peer); 2368 break; 2369 } 2370 } 2371 #endif /* CONFIG_TDLS */ 2372 2373 2374 #ifdef CONFIG_WNM 2375 static void wpa_supplicant_event_wnm(struct wpa_supplicant *wpa_s, 2376 union wpa_event_data *data) 2377 { 2378 if (data == NULL) 2379 return; 2380 switch (data->wnm.oper) { 2381 case WNM_OPER_SLEEP: 2382 wpa_printf(MSG_DEBUG, "Start sending WNM-Sleep Request " 2383 "(action=%d, intval=%d)", 2384 data->wnm.sleep_action, data->wnm.sleep_intval); 2385 ieee802_11_send_wnmsleep_req(wpa_s, data->wnm.sleep_action, 2386 data->wnm.sleep_intval, NULL); 2387 break; 2388 } 2389 } 2390 #endif /* CONFIG_WNM */ 2391 2392 2393 #ifdef CONFIG_IEEE80211R 2394 static void 2395 wpa_supplicant_event_ft_response(struct wpa_supplicant *wpa_s, 2396 union wpa_event_data *data) 2397 { 2398 if (data == NULL) 2399 return; 2400 2401 if (wpa_ft_process_response(wpa_s->wpa, data->ft_ies.ies, 2402 data->ft_ies.ies_len, 2403 data->ft_ies.ft_action, 2404 data->ft_ies.target_ap, 2405 data->ft_ies.ric_ies, 2406 data->ft_ies.ric_ies_len) < 0) { 2407 /* TODO: prevent MLME/driver from trying to associate? */ 2408 } 2409 } 2410 #endif /* CONFIG_IEEE80211R */ 2411 2412 2413 #ifdef CONFIG_IBSS_RSN 2414 static void wpa_supplicant_event_ibss_rsn_start(struct wpa_supplicant *wpa_s, 2415 union wpa_event_data *data) 2416 { 2417 struct wpa_ssid *ssid; 2418 if (wpa_s->wpa_state < WPA_ASSOCIATED) 2419 return; 2420 if (data == NULL) 2421 return; 2422 ssid = wpa_s->current_ssid; 2423 if (ssid == NULL) 2424 return; 2425 if (ssid->mode != WPAS_MODE_IBSS || !wpa_key_mgmt_wpa(ssid->key_mgmt)) 2426 return; 2427 2428 ibss_rsn_start(wpa_s->ibss_rsn, data->ibss_rsn_start.peer); 2429 } 2430 2431 2432 static void wpa_supplicant_event_ibss_auth(struct wpa_supplicant *wpa_s, 2433 union wpa_event_data *data) 2434 { 2435 struct wpa_ssid *ssid = wpa_s->current_ssid; 2436 2437 if (ssid == NULL) 2438 return; 2439 2440 /* check if the ssid is correctly configured as IBSS/RSN */ 2441 if (ssid->mode != WPAS_MODE_IBSS || !wpa_key_mgmt_wpa(ssid->key_mgmt)) 2442 return; 2443 2444 ibss_rsn_handle_auth(wpa_s->ibss_rsn, data->rx_mgmt.frame, 2445 data->rx_mgmt.frame_len); 2446 } 2447 #endif /* CONFIG_IBSS_RSN */ 2448 2449 2450 #ifdef CONFIG_IEEE80211R 2451 static void ft_rx_action(struct wpa_supplicant *wpa_s, const u8 *data, 2452 size_t len) 2453 { 2454 const u8 *sta_addr, *target_ap_addr; 2455 u16 status; 2456 2457 wpa_hexdump(MSG_MSGDUMP, "FT: RX Action", data, len); 2458 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 2459 return; /* only SME case supported for now */ 2460 if (len < 1 + 2 * ETH_ALEN + 2) 2461 return; 2462 if (data[0] != 2) 2463 return; /* Only FT Action Response is supported for now */ 2464 sta_addr = data + 1; 2465 target_ap_addr = data + 1 + ETH_ALEN; 2466 status = WPA_GET_LE16(data + 1 + 2 * ETH_ALEN); 2467 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Received FT Action Response: STA " 2468 MACSTR " TargetAP " MACSTR " status %u", 2469 MAC2STR(sta_addr), MAC2STR(target_ap_addr), status); 2470 2471 if (os_memcmp(sta_addr, wpa_s->own_addr, ETH_ALEN) != 0) { 2472 wpa_dbg(wpa_s, MSG_DEBUG, "FT: Foreign STA Address " MACSTR 2473 " in FT Action Response", MAC2STR(sta_addr)); 2474 return; 2475 } 2476 2477 if (status) { 2478 wpa_dbg(wpa_s, MSG_DEBUG, "FT: FT Action Response indicates " 2479 "failure (status code %d)", status); 2480 /* TODO: report error to FT code(?) */ 2481 return; 2482 } 2483 2484 if (wpa_ft_process_response(wpa_s->wpa, data + 1 + 2 * ETH_ALEN + 2, 2485 len - (1 + 2 * ETH_ALEN + 2), 1, 2486 target_ap_addr, NULL, 0) < 0) 2487 return; 2488 2489 #ifdef CONFIG_SME 2490 { 2491 struct wpa_bss *bss; 2492 bss = wpa_bss_get_bssid(wpa_s, target_ap_addr); 2493 if (bss) 2494 wpa_s->sme.freq = bss->freq; 2495 wpa_s->sme.auth_alg = WPA_AUTH_ALG_FT; 2496 sme_associate(wpa_s, WPAS_MODE_INFRA, target_ap_addr, 2497 WLAN_AUTH_FT); 2498 } 2499 #endif /* CONFIG_SME */ 2500 } 2501 #endif /* CONFIG_IEEE80211R */ 2502 2503 2504 static void wpa_supplicant_event_unprot_deauth(struct wpa_supplicant *wpa_s, 2505 struct unprot_deauth *e) 2506 { 2507 #ifdef CONFIG_IEEE80211W 2508 wpa_printf(MSG_DEBUG, "Unprotected Deauthentication frame " 2509 "dropped: " MACSTR " -> " MACSTR 2510 " (reason code %u)", 2511 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); 2512 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); 2513 #endif /* CONFIG_IEEE80211W */ 2514 } 2515 2516 2517 static void wpa_supplicant_event_unprot_disassoc(struct wpa_supplicant *wpa_s, 2518 struct unprot_disassoc *e) 2519 { 2520 #ifdef CONFIG_IEEE80211W 2521 wpa_printf(MSG_DEBUG, "Unprotected Disassociation frame " 2522 "dropped: " MACSTR " -> " MACSTR 2523 " (reason code %u)", 2524 MAC2STR(e->sa), MAC2STR(e->da), e->reason_code); 2525 sme_event_unprot_disconnect(wpa_s, e->sa, e->da, e->reason_code); 2526 #endif /* CONFIG_IEEE80211W */ 2527 } 2528 2529 2530 static void wpas_event_disconnect(struct wpa_supplicant *wpa_s, const u8 *addr, 2531 u16 reason_code, int locally_generated, 2532 const u8 *ie, size_t ie_len, int deauth) 2533 { 2534 #ifdef CONFIG_AP 2535 if (wpa_s->ap_iface && addr) { 2536 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0], addr); 2537 return; 2538 } 2539 2540 if (wpa_s->ap_iface) { 2541 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore deauth event in AP mode"); 2542 return; 2543 } 2544 #endif /* CONFIG_AP */ 2545 2546 wpa_supplicant_event_disassoc(wpa_s, reason_code, locally_generated); 2547 2548 if (((reason_code == WLAN_REASON_IEEE_802_1X_AUTH_FAILED || 2549 ((wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || 2550 (wpa_s->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)) && 2551 eapol_sm_failed(wpa_s->eapol))) && 2552 !wpa_s->eap_expected_failure)) 2553 wpas_auth_failed(wpa_s); 2554 2555 #ifdef CONFIG_P2P 2556 if (deauth && reason_code > 0) { 2557 if (wpas_p2p_deauth_notif(wpa_s, addr, reason_code, ie, ie_len, 2558 locally_generated) > 0) { 2559 /* 2560 * The interface was removed, so cannot continue 2561 * processing any additional operations after this. 2562 */ 2563 return; 2564 } 2565 } 2566 #endif /* CONFIG_P2P */ 2567 2568 wpa_supplicant_event_disassoc_finish(wpa_s, reason_code, 2569 locally_generated); 2570 } 2571 2572 2573 static void wpas_event_disassoc(struct wpa_supplicant *wpa_s, 2574 struct disassoc_info *info) 2575 { 2576 u16 reason_code = 0; 2577 int locally_generated = 0; 2578 const u8 *addr = NULL; 2579 const u8 *ie = NULL; 2580 size_t ie_len = 0; 2581 2582 wpa_dbg(wpa_s, MSG_DEBUG, "Disassociation notification"); 2583 2584 if (info) { 2585 addr = info->addr; 2586 ie = info->ie; 2587 ie_len = info->ie_len; 2588 reason_code = info->reason_code; 2589 locally_generated = info->locally_generated; 2590 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u%s", reason_code, 2591 locally_generated ? " (locally generated)" : ""); 2592 if (addr) 2593 wpa_dbg(wpa_s, MSG_DEBUG, " * address " MACSTR, 2594 MAC2STR(addr)); 2595 wpa_hexdump(MSG_DEBUG, "Disassociation frame IE(s)", 2596 ie, ie_len); 2597 } 2598 2599 #ifdef CONFIG_AP 2600 if (wpa_s->ap_iface && info && info->addr) { 2601 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0], info->addr); 2602 return; 2603 } 2604 2605 if (wpa_s->ap_iface) { 2606 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore disassoc event in AP mode"); 2607 return; 2608 } 2609 #endif /* CONFIG_AP */ 2610 2611 #ifdef CONFIG_P2P 2612 if (info) { 2613 wpas_p2p_disassoc_notif( 2614 wpa_s, info->addr, reason_code, info->ie, info->ie_len, 2615 locally_generated); 2616 } 2617 #endif /* CONFIG_P2P */ 2618 2619 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 2620 sme_event_disassoc(wpa_s, info); 2621 2622 wpas_event_disconnect(wpa_s, addr, reason_code, locally_generated, 2623 ie, ie_len, 0); 2624 } 2625 2626 2627 static void wpas_event_deauth(struct wpa_supplicant *wpa_s, 2628 struct deauth_info *info) 2629 { 2630 u16 reason_code = 0; 2631 int locally_generated = 0; 2632 const u8 *addr = NULL; 2633 const u8 *ie = NULL; 2634 size_t ie_len = 0; 2635 2636 wpa_dbg(wpa_s, MSG_DEBUG, "Deauthentication notification"); 2637 2638 if (info) { 2639 addr = info->addr; 2640 ie = info->ie; 2641 ie_len = info->ie_len; 2642 reason_code = info->reason_code; 2643 locally_generated = info->locally_generated; 2644 wpa_dbg(wpa_s, MSG_DEBUG, " * reason %u%s", 2645 reason_code, 2646 locally_generated ? " (locally generated)" : ""); 2647 if (addr) { 2648 wpa_dbg(wpa_s, MSG_DEBUG, " * address " MACSTR, 2649 MAC2STR(addr)); 2650 } 2651 wpa_hexdump(MSG_DEBUG, "Deauthentication frame IE(s)", 2652 ie, ie_len); 2653 } 2654 2655 wpa_reset_ft_completed(wpa_s->wpa); 2656 2657 wpas_event_disconnect(wpa_s, addr, reason_code, 2658 locally_generated, ie, ie_len, 1); 2659 } 2660 2661 2662 static void wpa_supplicant_update_channel_list(struct wpa_supplicant *wpa_s) 2663 { 2664 struct wpa_supplicant *ifs; 2665 2666 if (wpa_s->drv_priv == NULL) 2667 return; /* Ignore event during drv initialization */ 2668 2669 free_hw_features(wpa_s); 2670 wpa_s->hw.modes = wpa_drv_get_hw_feature_data( 2671 wpa_s, &wpa_s->hw.num_modes, &wpa_s->hw.flags); 2672 2673 #ifdef CONFIG_P2P 2674 wpas_p2p_update_channel_list(wpa_s); 2675 #endif /* CONFIG_P2P */ 2676 2677 /* 2678 * Check other interfaces to see if they share the same radio. If 2679 * so, they get updated with this same hw mode info. 2680 */ 2681 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant, 2682 radio_list) { 2683 if (ifs != wpa_s) { 2684 wpa_printf(MSG_DEBUG, "%s: Updating hw mode", 2685 ifs->ifname); 2686 free_hw_features(ifs); 2687 ifs->hw.modes = wpa_drv_get_hw_feature_data( 2688 ifs, &ifs->hw.num_modes, &ifs->hw.flags); 2689 } 2690 } 2691 } 2692 2693 2694 static void wpas_event_rx_mgmt_action(struct wpa_supplicant *wpa_s, 2695 const struct ieee80211_mgmt *mgmt, 2696 size_t len, int freq) 2697 { 2698 const u8 *payload; 2699 size_t plen; 2700 u8 category; 2701 2702 if (len < IEEE80211_HDRLEN + 2) 2703 return; 2704 2705 payload = &mgmt->u.action.category; 2706 category = *payload++; 2707 plen = (((const u8 *) mgmt) + len) - payload; 2708 2709 wpa_dbg(wpa_s, MSG_DEBUG, "Received Action frame: SA=" MACSTR 2710 " Category=%u DataLen=%d freq=%d MHz", 2711 MAC2STR(mgmt->sa), category, (int) plen, freq); 2712 2713 #ifdef CONFIG_IEEE80211R 2714 if (category == WLAN_ACTION_FT) { 2715 ft_rx_action(wpa_s, payload, plen); 2716 return; 2717 } 2718 #endif /* CONFIG_IEEE80211R */ 2719 2720 #ifdef CONFIG_IEEE80211W 2721 #ifdef CONFIG_SME 2722 if (category == WLAN_ACTION_SA_QUERY) { 2723 sme_sa_query_rx(wpa_s, mgmt->sa, payload, plen); 2724 return; 2725 } 2726 #endif /* CONFIG_SME */ 2727 #endif /* CONFIG_IEEE80211W */ 2728 2729 #ifdef CONFIG_WNM 2730 if (mgmt->u.action.category == WLAN_ACTION_WNM) { 2731 ieee802_11_rx_wnm_action(wpa_s, mgmt, len); 2732 return; 2733 } 2734 #endif /* CONFIG_WNM */ 2735 2736 #ifdef CONFIG_GAS 2737 if ((mgmt->u.action.category == WLAN_ACTION_PUBLIC || 2738 mgmt->u.action.category == WLAN_ACTION_PROTECTED_DUAL) && 2739 gas_query_rx(wpa_s->gas, mgmt->da, mgmt->sa, mgmt->bssid, 2740 mgmt->u.action.category, 2741 payload, plen, freq) == 0) 2742 return; 2743 #endif /* CONFIG_GAS */ 2744 2745 #ifdef CONFIG_TDLS 2746 if (category == WLAN_ACTION_PUBLIC && plen >= 4 && 2747 payload[0] == WLAN_TDLS_DISCOVERY_RESPONSE) { 2748 wpa_dbg(wpa_s, MSG_DEBUG, 2749 "TDLS: Received Discovery Response from " MACSTR, 2750 MAC2STR(mgmt->sa)); 2751 return; 2752 } 2753 #endif /* CONFIG_TDLS */ 2754 2755 #ifdef CONFIG_INTERWORKING 2756 if (category == WLAN_ACTION_QOS && plen >= 1 && 2757 payload[0] == QOS_QOS_MAP_CONFIG) { 2758 const u8 *pos = payload + 1; 2759 size_t qlen = plen - 1; 2760 wpa_dbg(wpa_s, MSG_DEBUG, "Interworking: Received QoS Map Configure frame from " 2761 MACSTR, MAC2STR(mgmt->sa)); 2762 if (os_memcmp(mgmt->sa, wpa_s->bssid, ETH_ALEN) == 0 && 2763 qlen > 2 && pos[0] == WLAN_EID_QOS_MAP_SET && 2764 pos[1] <= qlen - 2 && pos[1] >= 16) 2765 wpas_qos_map_set(wpa_s, pos + 2, pos[1]); 2766 return; 2767 } 2768 #endif /* CONFIG_INTERWORKING */ 2769 2770 #ifdef CONFIG_P2P 2771 wpas_p2p_rx_action(wpa_s, mgmt->da, mgmt->sa, mgmt->bssid, 2772 category, payload, plen, freq); 2773 #endif /* CONFIG_P2P */ 2774 } 2775 2776 2777 static void wpa_supplicant_notify_avoid_freq(struct wpa_supplicant *wpa_s, 2778 union wpa_event_data *event) 2779 { 2780 #ifdef CONFIG_P2P 2781 struct wpa_supplicant *ifs; 2782 #endif /* CONFIG_P2P */ 2783 struct wpa_freq_range_list *list; 2784 char *str = NULL; 2785 2786 list = &event->freq_range; 2787 2788 if (list->num) 2789 str = freq_range_list_str(list); 2790 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_AVOID_FREQ "ranges=%s", 2791 str ? str : ""); 2792 2793 #ifdef CONFIG_P2P 2794 if (freq_range_list_parse(&wpa_s->global->p2p_go_avoid_freq, str)) { 2795 wpa_dbg(wpa_s, MSG_ERROR, "%s: Failed to parse freq range", 2796 __func__); 2797 } else { 2798 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Update channel list based on frequency avoid event"); 2799 wpas_p2p_update_channel_list(wpa_s); 2800 } 2801 2802 for (ifs = wpa_s->global->ifaces; ifs; ifs = ifs->next) { 2803 int freq; 2804 if (!ifs->current_ssid || 2805 !ifs->current_ssid->p2p_group || 2806 (ifs->current_ssid->mode != WPAS_MODE_P2P_GO && 2807 ifs->current_ssid->mode != WPAS_MODE_P2P_GROUP_FORMATION)) 2808 continue; 2809 2810 freq = ifs->current_ssid->frequency; 2811 if (!freq_range_list_includes(list, freq)) { 2812 wpa_dbg(ifs, MSG_DEBUG, "P2P GO operating frequency %d MHz in safe range", 2813 freq); 2814 continue; 2815 } 2816 2817 wpa_dbg(ifs, MSG_DEBUG, "P2P GO operating in unsafe frequency %d MHz", 2818 freq); 2819 /* TODO: Consider using CSA or removing the group within 2820 * wpa_supplicant */ 2821 wpa_msg(ifs, MSG_INFO, P2P_EVENT_REMOVE_AND_REFORM_GROUP); 2822 } 2823 #endif /* CONFIG_P2P */ 2824 2825 os_free(str); 2826 } 2827 2828 2829 void wpa_supplicant_event(void *ctx, enum wpa_event_type event, 2830 union wpa_event_data *data) 2831 { 2832 struct wpa_supplicant *wpa_s = ctx; 2833 2834 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED && 2835 event != EVENT_INTERFACE_ENABLED && 2836 event != EVENT_INTERFACE_STATUS && 2837 event != EVENT_SCHED_SCAN_STOPPED) { 2838 wpa_dbg(wpa_s, MSG_DEBUG, 2839 "Ignore event %s (%d) while interface is disabled", 2840 event_to_string(event), event); 2841 return; 2842 } 2843 2844 #ifndef CONFIG_NO_STDOUT_DEBUG 2845 { 2846 int level = MSG_DEBUG; 2847 2848 if (event == EVENT_RX_MGMT && data->rx_mgmt.frame_len >= 24) { 2849 const struct ieee80211_hdr *hdr; 2850 u16 fc; 2851 hdr = (const struct ieee80211_hdr *) data->rx_mgmt.frame; 2852 fc = le_to_host16(hdr->frame_control); 2853 if (WLAN_FC_GET_TYPE(fc) == WLAN_FC_TYPE_MGMT && 2854 WLAN_FC_GET_STYPE(fc) == WLAN_FC_STYPE_BEACON) 2855 level = MSG_EXCESSIVE; 2856 } 2857 2858 wpa_dbg(wpa_s, level, "Event %s (%d) received", 2859 event_to_string(event), event); 2860 } 2861 #endif /* CONFIG_NO_STDOUT_DEBUG */ 2862 2863 switch (event) { 2864 case EVENT_AUTH: 2865 sme_event_auth(wpa_s, data); 2866 break; 2867 case EVENT_ASSOC: 2868 wpa_supplicant_event_assoc(wpa_s, data); 2869 break; 2870 case EVENT_DISASSOC: 2871 wpas_event_disassoc(wpa_s, 2872 data ? &data->disassoc_info : NULL); 2873 break; 2874 case EVENT_DEAUTH: 2875 wpas_event_deauth(wpa_s, 2876 data ? &data->deauth_info : NULL); 2877 break; 2878 case EVENT_MICHAEL_MIC_FAILURE: 2879 wpa_supplicant_event_michael_mic_failure(wpa_s, data); 2880 break; 2881 #ifndef CONFIG_NO_SCAN_PROCESSING 2882 case EVENT_SCAN_STARTED: 2883 os_get_reltime(&wpa_s->scan_start_time); 2884 if (wpa_s->own_scan_requested) { 2885 struct os_reltime diff; 2886 2887 os_reltime_sub(&wpa_s->scan_start_time, 2888 &wpa_s->scan_trigger_time, &diff); 2889 wpa_dbg(wpa_s, MSG_DEBUG, "Own scan request started a scan in %ld.%06ld seconds", 2890 diff.sec, diff.usec); 2891 wpa_s->own_scan_requested = 0; 2892 wpa_s->own_scan_running = 1; 2893 if (wpa_s->last_scan_req == MANUAL_SCAN_REQ && 2894 wpa_s->manual_scan_use_id) { 2895 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_STARTED "id=%u", 2896 wpa_s->manual_scan_id); 2897 } else { 2898 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_STARTED); 2899 } 2900 } else { 2901 wpa_dbg(wpa_s, MSG_DEBUG, "External program started a scan"); 2902 wpa_s->external_scan_running = 1; 2903 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_SCAN_STARTED); 2904 } 2905 break; 2906 case EVENT_SCAN_RESULTS: 2907 if (os_reltime_initialized(&wpa_s->scan_start_time)) { 2908 struct os_reltime now, diff; 2909 os_get_reltime(&now); 2910 os_reltime_sub(&now, &wpa_s->scan_start_time, &diff); 2911 wpa_s->scan_start_time.sec = 0; 2912 wpa_s->scan_start_time.usec = 0; 2913 wpa_dbg(wpa_s, MSG_DEBUG, "Scan completed in %ld.%06ld seconds", 2914 diff.sec, diff.usec); 2915 } 2916 wpa_supplicant_event_scan_results(wpa_s, data); 2917 wpa_s->own_scan_running = 0; 2918 wpa_s->external_scan_running = 0; 2919 radio_work_check_next(wpa_s); 2920 break; 2921 #endif /* CONFIG_NO_SCAN_PROCESSING */ 2922 case EVENT_ASSOCINFO: 2923 wpa_supplicant_event_associnfo(wpa_s, data); 2924 break; 2925 case EVENT_INTERFACE_STATUS: 2926 wpa_supplicant_event_interface_status(wpa_s, data); 2927 break; 2928 case EVENT_PMKID_CANDIDATE: 2929 wpa_supplicant_event_pmkid_candidate(wpa_s, data); 2930 break; 2931 #ifdef CONFIG_PEERKEY 2932 case EVENT_STKSTART: 2933 wpa_supplicant_event_stkstart(wpa_s, data); 2934 break; 2935 #endif /* CONFIG_PEERKEY */ 2936 #ifdef CONFIG_TDLS 2937 case EVENT_TDLS: 2938 wpa_supplicant_event_tdls(wpa_s, data); 2939 break; 2940 #endif /* CONFIG_TDLS */ 2941 #ifdef CONFIG_WNM 2942 case EVENT_WNM: 2943 wpa_supplicant_event_wnm(wpa_s, data); 2944 break; 2945 #endif /* CONFIG_WNM */ 2946 #ifdef CONFIG_IEEE80211R 2947 case EVENT_FT_RESPONSE: 2948 wpa_supplicant_event_ft_response(wpa_s, data); 2949 break; 2950 #endif /* CONFIG_IEEE80211R */ 2951 #ifdef CONFIG_IBSS_RSN 2952 case EVENT_IBSS_RSN_START: 2953 wpa_supplicant_event_ibss_rsn_start(wpa_s, data); 2954 break; 2955 #endif /* CONFIG_IBSS_RSN */ 2956 case EVENT_ASSOC_REJECT: 2957 if (data->assoc_reject.bssid) 2958 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT 2959 "bssid=" MACSTR " status_code=%u", 2960 MAC2STR(data->assoc_reject.bssid), 2961 data->assoc_reject.status_code); 2962 else 2963 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_ASSOC_REJECT 2964 "status_code=%u", 2965 data->assoc_reject.status_code); 2966 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 2967 sme_event_assoc_reject(wpa_s, data); 2968 else { 2969 const u8 *bssid = data->assoc_reject.bssid; 2970 if (bssid == NULL || is_zero_ether_addr(bssid)) 2971 bssid = wpa_s->pending_bssid; 2972 wpas_connection_failed(wpa_s, bssid); 2973 wpa_supplicant_mark_disassoc(wpa_s); 2974 } 2975 break; 2976 case EVENT_AUTH_TIMED_OUT: 2977 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 2978 sme_event_auth_timed_out(wpa_s, data); 2979 break; 2980 case EVENT_ASSOC_TIMED_OUT: 2981 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) 2982 sme_event_assoc_timed_out(wpa_s, data); 2983 break; 2984 case EVENT_TX_STATUS: 2985 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS dst=" MACSTR 2986 " type=%d stype=%d", 2987 MAC2STR(data->tx_status.dst), 2988 data->tx_status.type, data->tx_status.stype); 2989 #ifdef CONFIG_AP 2990 if (wpa_s->ap_iface == NULL) { 2991 #ifdef CONFIG_OFFCHANNEL 2992 if (data->tx_status.type == WLAN_FC_TYPE_MGMT && 2993 data->tx_status.stype == WLAN_FC_STYPE_ACTION) 2994 offchannel_send_action_tx_status( 2995 wpa_s, data->tx_status.dst, 2996 data->tx_status.data, 2997 data->tx_status.data_len, 2998 data->tx_status.ack ? 2999 OFFCHANNEL_SEND_ACTION_SUCCESS : 3000 OFFCHANNEL_SEND_ACTION_NO_ACK); 3001 #endif /* CONFIG_OFFCHANNEL */ 3002 break; 3003 } 3004 #endif /* CONFIG_AP */ 3005 #ifdef CONFIG_OFFCHANNEL 3006 wpa_dbg(wpa_s, MSG_DEBUG, "EVENT_TX_STATUS pending_dst=" 3007 MACSTR, MAC2STR(wpa_s->parent->pending_action_dst)); 3008 /* 3009 * Catch TX status events for Action frames we sent via group 3010 * interface in GO mode. 3011 */ 3012 if (data->tx_status.type == WLAN_FC_TYPE_MGMT && 3013 data->tx_status.stype == WLAN_FC_STYPE_ACTION && 3014 os_memcmp(wpa_s->parent->pending_action_dst, 3015 data->tx_status.dst, ETH_ALEN) == 0) { 3016 offchannel_send_action_tx_status( 3017 wpa_s->parent, data->tx_status.dst, 3018 data->tx_status.data, 3019 data->tx_status.data_len, 3020 data->tx_status.ack ? 3021 OFFCHANNEL_SEND_ACTION_SUCCESS : 3022 OFFCHANNEL_SEND_ACTION_NO_ACK); 3023 break; 3024 } 3025 #endif /* CONFIG_OFFCHANNEL */ 3026 #ifdef CONFIG_AP 3027 switch (data->tx_status.type) { 3028 case WLAN_FC_TYPE_MGMT: 3029 ap_mgmt_tx_cb(wpa_s, data->tx_status.data, 3030 data->tx_status.data_len, 3031 data->tx_status.stype, 3032 data->tx_status.ack); 3033 break; 3034 case WLAN_FC_TYPE_DATA: 3035 ap_tx_status(wpa_s, data->tx_status.dst, 3036 data->tx_status.data, 3037 data->tx_status.data_len, 3038 data->tx_status.ack); 3039 break; 3040 } 3041 #endif /* CONFIG_AP */ 3042 break; 3043 #ifdef CONFIG_AP 3044 case EVENT_EAPOL_TX_STATUS: 3045 ap_eapol_tx_status(wpa_s, data->eapol_tx_status.dst, 3046 data->eapol_tx_status.data, 3047 data->eapol_tx_status.data_len, 3048 data->eapol_tx_status.ack); 3049 break; 3050 case EVENT_DRIVER_CLIENT_POLL_OK: 3051 ap_client_poll_ok(wpa_s, data->client_poll.addr); 3052 break; 3053 case EVENT_RX_FROM_UNKNOWN: 3054 if (wpa_s->ap_iface == NULL) 3055 break; 3056 ap_rx_from_unknown_sta(wpa_s, data->rx_from_unknown.addr, 3057 data->rx_from_unknown.wds); 3058 break; 3059 case EVENT_CH_SWITCH: 3060 if (!data) 3061 break; 3062 if (!wpa_s->ap_iface) { 3063 wpa_dbg(wpa_s, MSG_DEBUG, "AP: Ignore channel switch " 3064 "event in non-AP mode"); 3065 break; 3066 } 3067 3068 wpas_ap_ch_switch(wpa_s, data->ch_switch.freq, 3069 data->ch_switch.ht_enabled, 3070 data->ch_switch.ch_offset, 3071 data->ch_switch.ch_width, 3072 data->ch_switch.cf1, 3073 data->ch_switch.cf2); 3074 break; 3075 #endif /* CONFIG_AP */ 3076 case EVENT_RX_MGMT: { 3077 u16 fc, stype; 3078 const struct ieee80211_mgmt *mgmt; 3079 3080 mgmt = (const struct ieee80211_mgmt *) 3081 data->rx_mgmt.frame; 3082 fc = le_to_host16(mgmt->frame_control); 3083 stype = WLAN_FC_GET_STYPE(fc); 3084 3085 #ifdef CONFIG_AP 3086 if (wpa_s->ap_iface == NULL) { 3087 #endif /* CONFIG_AP */ 3088 #ifdef CONFIG_P2P 3089 if (stype == WLAN_FC_STYPE_PROBE_REQ && 3090 data->rx_mgmt.frame_len > 24) { 3091 const u8 *src = mgmt->sa; 3092 const u8 *ie = mgmt->u.probe_req.variable; 3093 size_t ie_len = data->rx_mgmt.frame_len - 3094 (mgmt->u.probe_req.variable - 3095 data->rx_mgmt.frame); 3096 wpas_p2p_probe_req_rx( 3097 wpa_s, src, mgmt->da, 3098 mgmt->bssid, ie, ie_len, 3099 data->rx_mgmt.ssi_signal); 3100 break; 3101 } 3102 #endif /* CONFIG_P2P */ 3103 #ifdef CONFIG_IBSS_RSN 3104 if (stype == WLAN_FC_STYPE_AUTH && 3105 data->rx_mgmt.frame_len >= 30) { 3106 wpa_supplicant_event_ibss_auth(wpa_s, data); 3107 break; 3108 } 3109 #endif /* CONFIG_IBSS_RSN */ 3110 3111 if (stype == WLAN_FC_STYPE_ACTION) { 3112 wpas_event_rx_mgmt_action( 3113 wpa_s, mgmt, data->rx_mgmt.frame_len, 3114 data->rx_mgmt.freq); 3115 break; 3116 } 3117 3118 wpa_dbg(wpa_s, MSG_DEBUG, "AP: ignore received " 3119 "management frame in non-AP mode"); 3120 break; 3121 #ifdef CONFIG_AP 3122 } 3123 3124 if (stype == WLAN_FC_STYPE_PROBE_REQ && 3125 data->rx_mgmt.frame_len > 24) { 3126 const u8 *ie = mgmt->u.probe_req.variable; 3127 size_t ie_len = data->rx_mgmt.frame_len - 3128 (mgmt->u.probe_req.variable - 3129 data->rx_mgmt.frame); 3130 3131 wpas_notify_preq(wpa_s, mgmt->sa, mgmt->da, 3132 mgmt->bssid, ie, ie_len, 3133 data->rx_mgmt.ssi_signal); 3134 } 3135 3136 ap_mgmt_rx(wpa_s, &data->rx_mgmt); 3137 #endif /* CONFIG_AP */ 3138 break; 3139 } 3140 case EVENT_RX_PROBE_REQ: 3141 if (data->rx_probe_req.sa == NULL || 3142 data->rx_probe_req.ie == NULL) 3143 break; 3144 #ifdef CONFIG_AP 3145 if (wpa_s->ap_iface) { 3146 hostapd_probe_req_rx(wpa_s->ap_iface->bss[0], 3147 data->rx_probe_req.sa, 3148 data->rx_probe_req.da, 3149 data->rx_probe_req.bssid, 3150 data->rx_probe_req.ie, 3151 data->rx_probe_req.ie_len, 3152 data->rx_probe_req.ssi_signal); 3153 break; 3154 } 3155 #endif /* CONFIG_AP */ 3156 #ifdef CONFIG_P2P 3157 wpas_p2p_probe_req_rx(wpa_s, data->rx_probe_req.sa, 3158 data->rx_probe_req.da, 3159 data->rx_probe_req.bssid, 3160 data->rx_probe_req.ie, 3161 data->rx_probe_req.ie_len, 3162 data->rx_probe_req.ssi_signal); 3163 #endif /* CONFIG_P2P */ 3164 break; 3165 case EVENT_REMAIN_ON_CHANNEL: 3166 #ifdef CONFIG_OFFCHANNEL 3167 offchannel_remain_on_channel_cb( 3168 wpa_s, data->remain_on_channel.freq, 3169 data->remain_on_channel.duration); 3170 #endif /* CONFIG_OFFCHANNEL */ 3171 #ifdef CONFIG_P2P 3172 wpas_p2p_remain_on_channel_cb( 3173 wpa_s, data->remain_on_channel.freq, 3174 data->remain_on_channel.duration); 3175 #endif /* CONFIG_P2P */ 3176 break; 3177 case EVENT_CANCEL_REMAIN_ON_CHANNEL: 3178 #ifdef CONFIG_OFFCHANNEL 3179 offchannel_cancel_remain_on_channel_cb( 3180 wpa_s, data->remain_on_channel.freq); 3181 #endif /* CONFIG_OFFCHANNEL */ 3182 #ifdef CONFIG_P2P 3183 wpas_p2p_cancel_remain_on_channel_cb( 3184 wpa_s, data->remain_on_channel.freq); 3185 #endif /* CONFIG_P2P */ 3186 break; 3187 case EVENT_EAPOL_RX: 3188 wpa_supplicant_rx_eapol(wpa_s, data->eapol_rx.src, 3189 data->eapol_rx.data, 3190 data->eapol_rx.data_len); 3191 break; 3192 case EVENT_SIGNAL_CHANGE: 3193 bgscan_notify_signal_change( 3194 wpa_s, data->signal_change.above_threshold, 3195 data->signal_change.current_signal, 3196 data->signal_change.current_noise, 3197 data->signal_change.current_txrate); 3198 break; 3199 case EVENT_INTERFACE_ENABLED: 3200 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was enabled"); 3201 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { 3202 wpa_supplicant_update_mac_addr(wpa_s); 3203 #ifdef CONFIG_AP 3204 if (!wpa_s->ap_iface) { 3205 wpa_supplicant_set_state(wpa_s, 3206 WPA_DISCONNECTED); 3207 wpa_supplicant_req_scan(wpa_s, 0, 0); 3208 } else 3209 wpa_supplicant_set_state(wpa_s, 3210 WPA_COMPLETED); 3211 #else /* CONFIG_AP */ 3212 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 3213 wpa_supplicant_req_scan(wpa_s, 0, 0); 3214 #endif /* CONFIG_AP */ 3215 } 3216 break; 3217 case EVENT_INTERFACE_DISABLED: 3218 wpa_dbg(wpa_s, MSG_DEBUG, "Interface was disabled"); 3219 #ifdef CONFIG_P2P 3220 if (wpa_s->p2p_group_interface == P2P_GROUP_INTERFACE_GO || 3221 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group && 3222 wpa_s->current_ssid->mode == WPAS_MODE_P2P_GO)) { 3223 /* 3224 * The interface was externally disabled. Remove 3225 * it assuming an external entity will start a 3226 * new session if needed. 3227 */ 3228 wpas_p2p_disconnect(wpa_s); 3229 break; 3230 } 3231 #endif /* CONFIG_P2P */ 3232 3233 wpa_supplicant_mark_disassoc(wpa_s); 3234 wpa_supplicant_set_state(wpa_s, WPA_INTERFACE_DISABLED); 3235 break; 3236 case EVENT_CHANNEL_LIST_CHANGED: 3237 wpa_supplicant_update_channel_list(wpa_s); 3238 break; 3239 case EVENT_INTERFACE_UNAVAILABLE: 3240 #ifdef CONFIG_P2P 3241 wpas_p2p_interface_unavailable(wpa_s); 3242 #endif /* CONFIG_P2P */ 3243 break; 3244 case EVENT_BEST_CHANNEL: 3245 wpa_dbg(wpa_s, MSG_DEBUG, "Best channel event received " 3246 "(%d %d %d)", 3247 data->best_chan.freq_24, data->best_chan.freq_5, 3248 data->best_chan.freq_overall); 3249 wpa_s->best_24_freq = data->best_chan.freq_24; 3250 wpa_s->best_5_freq = data->best_chan.freq_5; 3251 wpa_s->best_overall_freq = data->best_chan.freq_overall; 3252 #ifdef CONFIG_P2P 3253 wpas_p2p_update_best_channels(wpa_s, data->best_chan.freq_24, 3254 data->best_chan.freq_5, 3255 data->best_chan.freq_overall); 3256 #endif /* CONFIG_P2P */ 3257 break; 3258 case EVENT_UNPROT_DEAUTH: 3259 wpa_supplicant_event_unprot_deauth(wpa_s, 3260 &data->unprot_deauth); 3261 break; 3262 case EVENT_UNPROT_DISASSOC: 3263 wpa_supplicant_event_unprot_disassoc(wpa_s, 3264 &data->unprot_disassoc); 3265 break; 3266 case EVENT_STATION_LOW_ACK: 3267 #ifdef CONFIG_AP 3268 if (wpa_s->ap_iface && data) 3269 hostapd_event_sta_low_ack(wpa_s->ap_iface->bss[0], 3270 data->low_ack.addr); 3271 #endif /* CONFIG_AP */ 3272 #ifdef CONFIG_TDLS 3273 if (data) 3274 wpa_tdls_disable_link(wpa_s->wpa, data->low_ack.addr); 3275 #endif /* CONFIG_TDLS */ 3276 break; 3277 case EVENT_IBSS_PEER_LOST: 3278 #ifdef CONFIG_IBSS_RSN 3279 ibss_rsn_stop(wpa_s->ibss_rsn, data->ibss_peer_lost.peer); 3280 #endif /* CONFIG_IBSS_RSN */ 3281 break; 3282 case EVENT_DRIVER_GTK_REKEY: 3283 if (os_memcmp(data->driver_gtk_rekey.bssid, 3284 wpa_s->bssid, ETH_ALEN)) 3285 break; 3286 if (!wpa_s->wpa) 3287 break; 3288 wpa_sm_update_replay_ctr(wpa_s->wpa, 3289 data->driver_gtk_rekey.replay_ctr); 3290 break; 3291 case EVENT_SCHED_SCAN_STOPPED: 3292 wpa_s->pno = 0; 3293 wpa_s->sched_scanning = 0; 3294 wpa_supplicant_notify_scanning(wpa_s, 0); 3295 3296 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) 3297 break; 3298 3299 /* 3300 * Start a new sched scan to continue searching for more SSIDs 3301 * either if timed out or PNO schedule scan is pending. 3302 */ 3303 if (wpa_s->sched_scan_timed_out || wpa_s->pno_sched_pending) { 3304 3305 if (wpa_supplicant_req_sched_scan(wpa_s) < 0 && 3306 wpa_s->pno_sched_pending) { 3307 wpa_msg(wpa_s, MSG_ERROR, "Failed to schedule PNO"); 3308 } else if (wpa_s->pno_sched_pending) { 3309 wpa_s->pno_sched_pending = 0; 3310 wpa_s->pno = 1; 3311 } 3312 } 3313 3314 break; 3315 case EVENT_WPS_BUTTON_PUSHED: 3316 #ifdef CONFIG_WPS 3317 wpas_wps_start_pbc(wpa_s, NULL, 0); 3318 #endif /* CONFIG_WPS */ 3319 break; 3320 case EVENT_AVOID_FREQUENCIES: 3321 wpa_supplicant_notify_avoid_freq(wpa_s, data); 3322 break; 3323 case EVENT_CONNECT_FAILED_REASON: 3324 #ifdef CONFIG_AP 3325 if (!wpa_s->ap_iface || !data) 3326 break; 3327 hostapd_event_connect_failed_reason( 3328 wpa_s->ap_iface->bss[0], 3329 data->connect_failed_reason.addr, 3330 data->connect_failed_reason.code); 3331 #endif /* CONFIG_AP */ 3332 break; 3333 default: 3334 wpa_msg(wpa_s, MSG_INFO, "Unknown event %d", event); 3335 break; 3336 } 3337 } 3338