1 /* 2 * WPA Supplicant 3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> 4 * 5 * This program is free software; you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License version 2 as 7 * published by the Free Software Foundation. 8 * 9 * Alternatively, this software may be distributed under the terms of BSD 10 * license. 11 * 12 * See README and COPYING for more details. 13 * 14 * This file implements functions for registering and unregistering 15 * %wpa_supplicant interfaces. In addition, this file contains number of 16 * functions for managing network connections. 17 */ 18 19 #include "includes.h" 20 21 #include "common.h" 22 #include "eapol_supp/eapol_supp_sm.h" 23 #include "eap_peer/eap.h" 24 #include "wpa.h" 25 #include "eloop.h" 26 #include "drivers/driver.h" 27 #include "config.h" 28 #include "l2_packet/l2_packet.h" 29 #include "wpa_supplicant_i.h" 30 #include "ctrl_iface.h" 31 #include "ctrl_iface_dbus.h" 32 #include "pcsc_funcs.h" 33 #include "version.h" 34 #include "preauth.h" 35 #include "pmksa_cache.h" 36 #include "wpa_ctrl.h" 37 #include "mlme.h" 38 #include "ieee802_11_defs.h" 39 #include "blacklist.h" 40 #include "wpas_glue.h" 41 #include "wps_supplicant.h" 42 43 const char *wpa_supplicant_version = 44 "wpa_supplicant v" VERSION_STR "\n" 45 "Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors"; 46 47 const char *wpa_supplicant_license = 48 "This program is free software. You can distribute it and/or modify it\n" 49 "under the terms of the GNU General Public License version 2.\n" 50 "\n" 51 "Alternatively, this software may be distributed under the terms of the\n" 52 "BSD license. See README and COPYING for more details.\n" 53 #ifdef EAP_TLS_OPENSSL 54 "\nThis product includes software developed by the OpenSSL Project\n" 55 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" 56 #endif /* EAP_TLS_OPENSSL */ 57 ; 58 59 #ifndef CONFIG_NO_STDOUT_DEBUG 60 /* Long text divided into parts in order to fit in C89 strings size limits. */ 61 const char *wpa_supplicant_full_license1 = 62 "This program is free software; you can redistribute it and/or modify\n" 63 "it under the terms of the GNU General Public License version 2 as\n" 64 "published by the Free Software Foundation.\n" 65 "\n" 66 "This program is distributed in the hope that it will be useful,\n" 67 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n" 68 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n" 69 "GNU General Public License for more details.\n" 70 "\n"; 71 const char *wpa_supplicant_full_license2 = 72 "You should have received a copy of the GNU General Public License\n" 73 "along with this program; if not, write to the Free Software\n" 74 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n" 75 "\n" 76 "Alternatively, this software may be distributed under the terms of the\n" 77 "BSD license.\n" 78 "\n" 79 "Redistribution and use in source and binary forms, with or without\n" 80 "modification, are permitted provided that the following conditions are\n" 81 "met:\n" 82 "\n"; 83 const char *wpa_supplicant_full_license3 = 84 "1. Redistributions of source code must retain the above copyright\n" 85 " notice, this list of conditions and the following disclaimer.\n" 86 "\n" 87 "2. Redistributions in binary form must reproduce the above copyright\n" 88 " notice, this list of conditions and the following disclaimer in the\n" 89 " documentation and/or other materials provided with the distribution.\n" 90 "\n"; 91 const char *wpa_supplicant_full_license4 = 92 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" 93 " names of its contributors may be used to endorse or promote products\n" 94 " derived from this software without specific prior written permission.\n" 95 "\n" 96 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" 97 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" 98 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" 99 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; 100 const char *wpa_supplicant_full_license5 = 101 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" 102 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" 103 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" 104 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" 105 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" 106 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" 107 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" 108 "\n"; 109 #endif /* CONFIG_NO_STDOUT_DEBUG */ 110 111 extern int wpa_debug_level; 112 extern int wpa_debug_show_keys; 113 extern int wpa_debug_timestamp; 114 115 /* Configure default/group WEP keys for static WEP */ 116 static int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, 117 struct wpa_ssid *ssid) 118 { 119 int i, set = 0; 120 121 for (i = 0; i < NUM_WEP_KEYS; i++) { 122 if (ssid->wep_key_len[i] == 0) 123 continue; 124 125 set = 1; 126 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, 127 (u8 *) "\xff\xff\xff\xff\xff\xff", 128 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0, 129 ssid->wep_key[i], ssid->wep_key_len[i]); 130 } 131 132 return set; 133 } 134 135 136 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, 137 struct wpa_ssid *ssid) 138 { 139 u8 key[32]; 140 size_t keylen; 141 wpa_alg alg; 142 u8 seq[6] = { 0 }; 143 144 /* IBSS/WPA-None uses only one key (Group) for both receiving and 145 * sending unicast and multicast packets. */ 146 147 if (ssid->mode != IEEE80211_MODE_IBSS) { 148 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) " 149 "for WPA-None", ssid->mode); 150 return -1; 151 } 152 153 if (!ssid->psk_set) { 154 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None"); 155 return -1; 156 } 157 158 switch (wpa_s->group_cipher) { 159 case WPA_CIPHER_CCMP: 160 os_memcpy(key, ssid->psk, 16); 161 keylen = 16; 162 alg = WPA_ALG_CCMP; 163 break; 164 case WPA_CIPHER_TKIP: 165 /* WPA-None uses the same Michael MIC key for both TX and RX */ 166 os_memcpy(key, ssid->psk, 16 + 8); 167 os_memcpy(key + 16 + 8, ssid->psk + 16, 8); 168 keylen = 32; 169 alg = WPA_ALG_TKIP; 170 break; 171 default: 172 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for " 173 "WPA-None", wpa_s->group_cipher); 174 return -1; 175 } 176 177 /* TODO: should actually remember the previously used seq#, both for TX 178 * and RX from each STA.. */ 179 180 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff", 181 0, 1, seq, 6, key, keylen); 182 } 183 184 185 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) 186 { 187 struct wpa_supplicant *wpa_s = eloop_ctx; 188 const u8 *bssid = wpa_s->bssid; 189 if (is_zero_ether_addr(bssid)) 190 bssid = wpa_s->pending_bssid; 191 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", 192 MAC2STR(bssid)); 193 wpa_blacklist_add(wpa_s, bssid); 194 wpa_sm_notify_disassoc(wpa_s->wpa); 195 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 196 wpa_s->reassociate = 1; 197 wpa_supplicant_req_scan(wpa_s, 0, 0); 198 } 199 200 201 /** 202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication 203 * @wpa_s: Pointer to wpa_supplicant data 204 * @sec: Number of seconds after which to time out authentication 205 * @usec: Number of microseconds after which to time out authentication 206 * 207 * This function is used to schedule a timeout for the current authentication 208 * attempt. 209 */ 210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, 211 int sec, int usec) 212 { 213 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 && 214 wpa_s->driver && IS_WIRED(wpa_s->driver)) 215 return; 216 217 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " 218 "%d usec", sec, usec); 219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); 221 } 222 223 224 /** 225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout 226 * @wpa_s: Pointer to wpa_supplicant data 227 * 228 * This function is used to cancel authentication timeout scheduled with 229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has 230 * been completed. 231 */ 232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) 233 { 234 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); 235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 236 wpa_blacklist_del(wpa_s, wpa_s->bssid); 237 } 238 239 240 /** 241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine 242 * @wpa_s: Pointer to wpa_supplicant data 243 * 244 * This function is used to configure EAPOL state machine based on the selected 245 * authentication mode. 246 */ 247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) 248 { 249 #ifdef IEEE8021X_EAPOL 250 struct eapol_config eapol_conf; 251 struct wpa_ssid *ssid = wpa_s->current_ssid; 252 253 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 254 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); 255 256 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 257 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 258 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 259 else 260 eapol_sm_notify_portControl(wpa_s->eapol, Auto); 261 262 os_memset(&eapol_conf, 0, sizeof(eapol_conf)); 263 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 264 eapol_conf.accept_802_1x_keys = 1; 265 eapol_conf.required_keys = 0; 266 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { 267 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; 268 } 269 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { 270 eapol_conf.required_keys |= 271 EAPOL_REQUIRE_KEY_BROADCAST; 272 } 273 274 if (wpa_s->conf && wpa_s->driver && IS_WIRED(wpa_s->driver)) { 275 eapol_conf.required_keys = 0; 276 } 277 } 278 if (wpa_s->conf) 279 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; 280 eapol_conf.workaround = ssid->eap_workaround; 281 eapol_conf.eap_disabled = 282 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && 283 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && 284 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; 285 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); 286 #endif /* IEEE8021X_EAPOL */ 287 } 288 289 290 /** 291 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode 292 * @wpa_s: Pointer to wpa_supplicant data 293 * @ssid: Configuration data for the network 294 * 295 * This function is used to configure WPA state machine and related parameters 296 * to a mode where WPA is not enabled. This is called as part of the 297 * authentication configuration when the selected network does not use WPA. 298 */ 299 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, 300 struct wpa_ssid *ssid) 301 { 302 int i; 303 304 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 305 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; 306 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) 307 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; 308 else 309 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 310 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 311 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 312 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 313 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 314 wpa_s->group_cipher = WPA_CIPHER_NONE; 315 wpa_s->mgmt_group_cipher = 0; 316 317 for (i = 0; i < NUM_WEP_KEYS; i++) { 318 if (ssid->wep_key_len[i] > 5) { 319 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; 320 wpa_s->group_cipher = WPA_CIPHER_WEP104; 321 break; 322 } else if (ssid->wep_key_len[i] > 0) { 323 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; 324 wpa_s->group_cipher = WPA_CIPHER_WEP40; 325 break; 326 } 327 } 328 329 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); 330 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 331 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 332 wpa_s->pairwise_cipher); 333 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 334 #ifdef CONFIG_IEEE80211W 335 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 336 wpa_s->mgmt_group_cipher); 337 #endif /* CONFIG_IEEE80211W */ 338 339 pmksa_cache_clear_current(wpa_s->wpa); 340 } 341 342 343 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) 344 { 345 scard_deinit(wpa_s->scard); 346 wpa_s->scard = NULL; 347 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); 348 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); 349 l2_packet_deinit(wpa_s->l2); 350 wpa_s->l2 = NULL; 351 if (wpa_s->l2_br) { 352 l2_packet_deinit(wpa_s->l2_br); 353 wpa_s->l2_br = NULL; 354 } 355 356 if (wpa_s->ctrl_iface) { 357 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); 358 wpa_s->ctrl_iface = NULL; 359 } 360 if (wpa_s->conf != NULL) { 361 wpa_config_free(wpa_s->conf); 362 wpa_s->conf = NULL; 363 } 364 365 os_free(wpa_s->confname); 366 wpa_s->confname = NULL; 367 368 wpa_sm_set_eapol(wpa_s->wpa, NULL); 369 eapol_sm_deinit(wpa_s->eapol); 370 wpa_s->eapol = NULL; 371 372 rsn_preauth_deinit(wpa_s->wpa); 373 374 pmksa_candidate_free(wpa_s->wpa); 375 wpa_sm_deinit(wpa_s->wpa); 376 wpa_s->wpa = NULL; 377 wpa_blacklist_clear(wpa_s); 378 379 wpa_scan_results_free(wpa_s->scan_res); 380 wpa_s->scan_res = NULL; 381 382 wpa_supplicant_cancel_scan(wpa_s); 383 wpa_supplicant_cancel_auth_timeout(wpa_s); 384 385 ieee80211_sta_deinit(wpa_s); 386 387 wpas_wps_deinit(wpa_s); 388 389 wpabuf_free(wpa_s->pending_eapol_rx); 390 wpa_s->pending_eapol_rx = NULL; 391 } 392 393 394 /** 395 * wpa_clear_keys - Clear keys configured for the driver 396 * @wpa_s: Pointer to wpa_supplicant data 397 * @addr: Previously used BSSID or %NULL if not available 398 * 399 * This function clears the encryption keys that has been previously configured 400 * for the driver. 401 */ 402 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) 403 { 404 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff"; 405 406 if (wpa_s->keys_cleared) { 407 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have 408 * timing issues with keys being cleared just before new keys 409 * are set or just after association or something similar. This 410 * shows up in group key handshake failing often because of the 411 * client not receiving the first encrypted packets correctly. 412 * Skipping some of the extra key clearing steps seems to help 413 * in completing group key handshake more reliably. */ 414 wpa_printf(MSG_DEBUG, "No keys have been configured - " 415 "skip key clearing"); 416 return; 417 } 418 419 /* MLME-DELETEKEYS.request */ 420 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0); 421 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0); 422 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0); 423 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0); 424 #ifdef CONFIG_IEEE80211W 425 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0); 426 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0); 427 #endif /* CONFIG_IEEE80211W */ 428 if (addr) { 429 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, 430 0); 431 /* MLME-SETPROTECTION.request(None) */ 432 wpa_drv_mlme_setprotection( 433 wpa_s, addr, 434 MLME_SETPROTECTION_PROTECT_TYPE_NONE, 435 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); 436 } 437 wpa_s->keys_cleared = 1; 438 } 439 440 441 /** 442 * wpa_supplicant_state_txt - Get the connection state name as a text string 443 * @state: State (wpa_state; WPA_*) 444 * Returns: The state name as a printable text string 445 */ 446 const char * wpa_supplicant_state_txt(int state) 447 { 448 switch (state) { 449 case WPA_DISCONNECTED: 450 return "DISCONNECTED"; 451 case WPA_INACTIVE: 452 return "INACTIVE"; 453 case WPA_SCANNING: 454 return "SCANNING"; 455 case WPA_ASSOCIATING: 456 return "ASSOCIATING"; 457 case WPA_ASSOCIATED: 458 return "ASSOCIATED"; 459 case WPA_4WAY_HANDSHAKE: 460 return "4WAY_HANDSHAKE"; 461 case WPA_GROUP_HANDSHAKE: 462 return "GROUP_HANDSHAKE"; 463 case WPA_COMPLETED: 464 return "COMPLETED"; 465 default: 466 return "UNKNOWN"; 467 } 468 } 469 470 471 /** 472 * wpa_supplicant_set_state - Set current connection state 473 * @wpa_s: Pointer to wpa_supplicant data 474 * @state: The new connection state 475 * 476 * This function is called whenever the connection state changes, e.g., 477 * association is completed for WPA/WPA2 4-Way Handshake is started. 478 */ 479 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state) 480 { 481 wpa_printf(MSG_DEBUG, "State: %s -> %s", 482 wpa_supplicant_state_txt(wpa_s->wpa_state), 483 wpa_supplicant_state_txt(state)); 484 485 if (state != WPA_SCANNING) 486 wpa_supplicant_notify_scanning(wpa_s, 0); 487 488 wpa_supplicant_dbus_notify_state_change(wpa_s, state, 489 wpa_s->wpa_state); 490 491 if (state == WPA_COMPLETED && wpa_s->new_connection) { 492 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) 493 struct wpa_ssid *ssid = wpa_s->current_ssid; 494 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " 495 MACSTR " completed %s [id=%d id_str=%s]", 496 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ? 497 "(reauth)" : "(auth)", 498 ssid ? ssid->id : -1, 499 ssid && ssid->id_str ? ssid->id_str : ""); 500 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ 501 wpa_s->new_connection = 0; 502 wpa_s->reassociated_connection = 1; 503 wpa_drv_set_operstate(wpa_s, 1); 504 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || 505 state == WPA_ASSOCIATED) { 506 wpa_s->new_connection = 1; 507 wpa_drv_set_operstate(wpa_s, 0); 508 } 509 wpa_s->wpa_state = state; 510 } 511 512 513 static void wpa_supplicant_terminate(int sig, void *eloop_ctx, 514 void *signal_ctx) 515 { 516 struct wpa_global *global = eloop_ctx; 517 struct wpa_supplicant *wpa_s; 518 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 519 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d " 520 "received", sig); 521 } 522 eloop_terminate(); 523 } 524 525 526 static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) 527 { 528 wpa_s->pairwise_cipher = 0; 529 wpa_s->group_cipher = 0; 530 wpa_s->mgmt_group_cipher = 0; 531 wpa_s->key_mgmt = 0; 532 wpa_s->wpa_state = WPA_DISCONNECTED; 533 } 534 535 536 /** 537 * wpa_supplicant_reload_configuration - Reload configuration data 538 * @wpa_s: Pointer to wpa_supplicant data 539 * Returns: 0 on success or -1 if configuration parsing failed 540 * 541 * This function can be used to request that the configuration data is reloaded 542 * (e.g., after configuration file change). This function is reloading 543 * configuration only for one interface, so this may need to be called multiple 544 * times if %wpa_supplicant is controlling multiple interfaces and all 545 * interfaces need reconfiguration. 546 */ 547 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) 548 { 549 struct wpa_config *conf; 550 int reconf_ctrl; 551 if (wpa_s->confname == NULL) 552 return -1; 553 conf = wpa_config_read(wpa_s->confname); 554 if (conf == NULL) { 555 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " 556 "file '%s' - exiting", wpa_s->confname); 557 return -1; 558 } 559 560 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface 561 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && 562 os_strcmp(conf->ctrl_interface, 563 wpa_s->conf->ctrl_interface) != 0); 564 565 if (reconf_ctrl && wpa_s->ctrl_iface) { 566 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); 567 wpa_s->ctrl_iface = NULL; 568 } 569 570 eapol_sm_invalidate_cached_session(wpa_s->eapol); 571 wpa_s->current_ssid = NULL; 572 /* 573 * TODO: should notify EAPOL SM about changes in opensc_engine_path, 574 * pkcs11_engine_path, pkcs11_module_path. 575 */ 576 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { 577 /* 578 * Clear forced success to clear EAP state for next 579 * authentication. 580 */ 581 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 582 } 583 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 584 wpa_sm_set_config(wpa_s->wpa, NULL); 585 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 586 rsn_preauth_deinit(wpa_s->wpa); 587 wpa_config_free(wpa_s->conf); 588 wpa_s->conf = conf; 589 if (reconf_ctrl) 590 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 591 592 wpa_supplicant_clear_status(wpa_s); 593 wpa_s->reassociate = 1; 594 wpa_supplicant_req_scan(wpa_s, 0, 0); 595 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); 596 return 0; 597 } 598 599 600 static void wpa_supplicant_reconfig(int sig, void *eloop_ctx, 601 void *signal_ctx) 602 { 603 struct wpa_global *global = eloop_ctx; 604 struct wpa_supplicant *wpa_s; 605 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig); 606 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 607 if (wpa_supplicant_reload_configuration(wpa_s) < 0) { 608 eloop_terminate(); 609 } 610 } 611 } 612 613 614 static wpa_cipher cipher_suite2driver(int cipher) 615 { 616 switch (cipher) { 617 case WPA_CIPHER_NONE: 618 return CIPHER_NONE; 619 case WPA_CIPHER_WEP40: 620 return CIPHER_WEP40; 621 case WPA_CIPHER_WEP104: 622 return CIPHER_WEP104; 623 case WPA_CIPHER_CCMP: 624 return CIPHER_CCMP; 625 case WPA_CIPHER_TKIP: 626 default: 627 return CIPHER_TKIP; 628 } 629 } 630 631 632 static wpa_key_mgmt key_mgmt2driver(int key_mgmt) 633 { 634 switch (key_mgmt) { 635 case WPA_KEY_MGMT_NONE: 636 return KEY_MGMT_NONE; 637 case WPA_KEY_MGMT_IEEE8021X_NO_WPA: 638 return KEY_MGMT_802_1X_NO_WPA; 639 case WPA_KEY_MGMT_IEEE8021X: 640 return KEY_MGMT_802_1X; 641 case WPA_KEY_MGMT_WPA_NONE: 642 return KEY_MGMT_WPA_NONE; 643 case WPA_KEY_MGMT_FT_IEEE8021X: 644 return KEY_MGMT_FT_802_1X; 645 case WPA_KEY_MGMT_FT_PSK: 646 return KEY_MGMT_FT_PSK; 647 case WPA_KEY_MGMT_IEEE8021X_SHA256: 648 return KEY_MGMT_802_1X_SHA256; 649 case WPA_KEY_MGMT_PSK_SHA256: 650 return KEY_MGMT_PSK_SHA256; 651 case WPA_KEY_MGMT_WPS: 652 return KEY_MGMT_WPS; 653 case WPA_KEY_MGMT_PSK: 654 default: 655 return KEY_MGMT_PSK; 656 } 657 } 658 659 660 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, 661 struct wpa_ssid *ssid, 662 struct wpa_ie_data *ie) 663 { 664 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); 665 if (ret) { 666 if (ret == -2) { 667 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " 668 "from association info"); 669 } 670 return -1; 671 } 672 673 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher " 674 "suites"); 675 if (!(ie->group_cipher & ssid->group_cipher)) { 676 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " 677 "cipher 0x%x (mask 0x%x) - reject", 678 ie->group_cipher, ssid->group_cipher); 679 return -1; 680 } 681 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { 682 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " 683 "cipher 0x%x (mask 0x%x) - reject", 684 ie->pairwise_cipher, ssid->pairwise_cipher); 685 return -1; 686 } 687 if (!(ie->key_mgmt & ssid->key_mgmt)) { 688 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " 689 "management 0x%x (mask 0x%x) - reject", 690 ie->key_mgmt, ssid->key_mgmt); 691 return -1; 692 } 693 694 #ifdef CONFIG_IEEE80211W 695 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && 696 ssid->ieee80211w == IEEE80211W_REQUIRED) { 697 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " 698 "that does not support management frame protection - " 699 "reject"); 700 return -1; 701 } 702 #endif /* CONFIG_IEEE80211W */ 703 704 return 0; 705 } 706 707 708 /** 709 * wpa_supplicant_set_suites - Set authentication and encryption parameters 710 * @wpa_s: Pointer to wpa_supplicant data 711 * @bss: Scan results for the selected BSS, or %NULL if not available 712 * @ssid: Configuration data for the selected network 713 * @wpa_ie: Buffer for the WPA/RSN IE 714 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the 715 * used buffer length in case the functions returns success. 716 * Returns: 0 on success or -1 on failure 717 * 718 * This function is used to configure authentication and encryption parameters 719 * based on the network configuration and scan result for the selected BSS (if 720 * available). 721 */ 722 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, 723 struct wpa_scan_res *bss, 724 struct wpa_ssid *ssid, 725 u8 *wpa_ie, size_t *wpa_ie_len) 726 { 727 struct wpa_ie_data ie; 728 int sel, proto; 729 const u8 *bss_wpa, *bss_rsn; 730 731 if (bss) { 732 bss_wpa = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 733 bss_rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN); 734 } else 735 bss_wpa = bss_rsn = NULL; 736 737 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && 738 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && 739 (ie.group_cipher & ssid->group_cipher) && 740 (ie.pairwise_cipher & ssid->pairwise_cipher) && 741 (ie.key_mgmt & ssid->key_mgmt)) { 742 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); 743 proto = WPA_PROTO_RSN; 744 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && 745 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 && 746 (ie.group_cipher & ssid->group_cipher) && 747 (ie.pairwise_cipher & ssid->pairwise_cipher) && 748 (ie.key_mgmt & ssid->key_mgmt)) { 749 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); 750 proto = WPA_PROTO_WPA; 751 } else if (bss) { 752 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); 753 return -1; 754 } else { 755 if (ssid->proto & WPA_PROTO_RSN) 756 proto = WPA_PROTO_RSN; 757 else 758 proto = WPA_PROTO_WPA; 759 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { 760 os_memset(&ie, 0, sizeof(ie)); 761 ie.group_cipher = ssid->group_cipher; 762 ie.pairwise_cipher = ssid->pairwise_cipher; 763 ie.key_mgmt = ssid->key_mgmt; 764 #ifdef CONFIG_IEEE80211W 765 ie.mgmt_group_cipher = 766 ssid->ieee80211w != NO_IEEE80211W ? 767 WPA_CIPHER_AES_128_CMAC : 0; 768 #endif /* CONFIG_IEEE80211W */ 769 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based " 770 "on configuration"); 771 } else 772 proto = ie.proto; 773 } 774 775 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d " 776 "pairwise %d key_mgmt %d proto %d", 777 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); 778 #ifdef CONFIG_IEEE80211W 779 if (ssid->ieee80211w) { 780 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d", 781 ie.mgmt_group_cipher); 782 } 783 #endif /* CONFIG_IEEE80211W */ 784 785 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); 786 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 787 !!(ssid->proto & WPA_PROTO_RSN)); 788 789 if (bss || !wpa_s->ap_ies_from_associnfo) { 790 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, 791 bss_wpa ? 2 + bss_wpa[1] : 0) || 792 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, 793 bss_rsn ? 2 + bss_rsn[1] : 0)) 794 return -1; 795 } 796 797 sel = ie.group_cipher & ssid->group_cipher; 798 if (sel & WPA_CIPHER_CCMP) { 799 wpa_s->group_cipher = WPA_CIPHER_CCMP; 800 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP"); 801 } else if (sel & WPA_CIPHER_TKIP) { 802 wpa_s->group_cipher = WPA_CIPHER_TKIP; 803 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP"); 804 } else if (sel & WPA_CIPHER_WEP104) { 805 wpa_s->group_cipher = WPA_CIPHER_WEP104; 806 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104"); 807 } else if (sel & WPA_CIPHER_WEP40) { 808 wpa_s->group_cipher = WPA_CIPHER_WEP40; 809 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40"); 810 } else { 811 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher."); 812 return -1; 813 } 814 815 sel = ie.pairwise_cipher & ssid->pairwise_cipher; 816 if (sel & WPA_CIPHER_CCMP) { 817 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; 818 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP"); 819 } else if (sel & WPA_CIPHER_TKIP) { 820 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; 821 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP"); 822 } else if (sel & WPA_CIPHER_NONE) { 823 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 824 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE"); 825 } else { 826 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise " 827 "cipher."); 828 return -1; 829 } 830 831 sel = ie.key_mgmt & ssid->key_mgmt; 832 if (0) { 833 #ifdef CONFIG_IEEE80211R 834 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) { 835 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; 836 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); 837 } else if (sel & WPA_KEY_MGMT_FT_PSK) { 838 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; 839 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); 840 #endif /* CONFIG_IEEE80211R */ 841 #ifdef CONFIG_IEEE80211W 842 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { 843 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; 844 wpa_msg(wpa_s, MSG_DEBUG, 845 "WPA: using KEY_MGMT 802.1X with SHA256"); 846 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { 847 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; 848 wpa_msg(wpa_s, MSG_DEBUG, 849 "WPA: using KEY_MGMT PSK with SHA256"); 850 #endif /* CONFIG_IEEE80211W */ 851 } else if (sel & WPA_KEY_MGMT_IEEE8021X) { 852 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; 853 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); 854 } else if (sel & WPA_KEY_MGMT_PSK) { 855 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 856 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); 857 } else if (sel & WPA_KEY_MGMT_WPA_NONE) { 858 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; 859 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); 860 } else { 861 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated " 862 "key management type."); 863 return -1; 864 } 865 866 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 867 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 868 wpa_s->pairwise_cipher); 869 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 870 871 #ifdef CONFIG_IEEE80211W 872 sel = ie.mgmt_group_cipher; 873 if (ssid->ieee80211w == NO_IEEE80211W || 874 !(ie.capabilities & WPA_CAPABILITY_MFPC)) 875 sel = 0; 876 if (sel & WPA_CIPHER_AES_128_CMAC) { 877 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; 878 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 879 "AES-128-CMAC"); 880 } else { 881 wpa_s->mgmt_group_cipher = 0; 882 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); 883 } 884 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 885 wpa_s->mgmt_group_cipher); 886 #endif /* CONFIG_IEEE80211W */ 887 888 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { 889 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE."); 890 return -1; 891 } 892 893 if (ssid->key_mgmt & 894 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256)) 895 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN); 896 else 897 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 898 899 return 0; 900 } 901 902 903 /** 904 * wpa_supplicant_associate - Request association 905 * @wpa_s: Pointer to wpa_supplicant data 906 * @bss: Scan results for the selected BSS, or %NULL if not available 907 * @ssid: Configuration data for the selected network 908 * 909 * This function is used to request %wpa_supplicant to associate with a BSS. 910 */ 911 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, 912 struct wpa_scan_res *bss, struct wpa_ssid *ssid) 913 { 914 u8 wpa_ie[80]; 915 size_t wpa_ie_len; 916 int use_crypt, ret, i; 917 int algs = AUTH_ALG_OPEN_SYSTEM; 918 wpa_cipher cipher_pairwise, cipher_group; 919 struct wpa_driver_associate_params params; 920 int wep_keys_set = 0; 921 struct wpa_driver_capa capa; 922 int assoc_failed = 0; 923 924 wpa_s->reassociate = 0; 925 if (bss) { 926 #ifdef CONFIG_IEEE80211R 927 const u8 *md = NULL; 928 #endif /* CONFIG_IEEE80211R */ 929 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); 930 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR 931 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), 932 ie ? wpa_ssid_txt(ie + 2, ie[1]) : "", bss->freq); 933 os_memset(wpa_s->bssid, 0, ETH_ALEN); 934 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 935 #ifdef CONFIG_IEEE80211R 936 ie = wpa_scan_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 937 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) 938 md = ie + 2; 939 wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL); 940 if (md) { 941 /* Prepare for the next transition */ 942 wpa_ft_prepare_auth_request(wpa_s->wpa); 943 } 944 #endif /* CONFIG_IEEE80211R */ 945 #ifdef CONFIG_WPS 946 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && 947 wpa_s->conf->ap_scan == 2 && 948 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 949 /* Use ap_scan==1 style network selection to find the network 950 */ 951 wpa_s->scan_req = 2; 952 wpa_s->reassociate = 1; 953 wpa_supplicant_req_scan(wpa_s, 0, 0); 954 return; 955 #endif /* CONFIG_WPS */ 956 } else { 957 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", 958 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 959 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 960 } 961 wpa_supplicant_cancel_scan(wpa_s); 962 963 /* Starting new association, so clear the possibly used WPA IE from the 964 * previous association. */ 965 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 966 967 if (wpa_drv_set_mode(wpa_s, ssid->mode)) { 968 wpa_printf(MSG_WARNING, "Failed to set operating mode"); 969 assoc_failed = 1; 970 } 971 972 #ifdef IEEE8021X_EAPOL 973 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 974 if (ssid->leap) { 975 if (ssid->non_leap == 0) 976 algs = AUTH_ALG_LEAP; 977 else 978 algs |= AUTH_ALG_LEAP; 979 } 980 } 981 #endif /* IEEE8021X_EAPOL */ 982 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); 983 if (ssid->auth_alg) { 984 algs = 0; 985 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN) 986 algs |= AUTH_ALG_OPEN_SYSTEM; 987 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED) 988 algs |= AUTH_ALG_SHARED_KEY; 989 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP) 990 algs |= AUTH_ALG_LEAP; 991 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x", 992 algs); 993 } 994 wpa_drv_set_auth_alg(wpa_s, algs); 995 996 if (bss && (wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || 997 wpa_scan_get_ie(bss, WLAN_EID_RSN)) && 998 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK | 999 WPA_KEY_MGMT_FT_IEEE8021X | 1000 WPA_KEY_MGMT_FT_PSK | 1001 WPA_KEY_MGMT_IEEE8021X_SHA256 | 1002 WPA_KEY_MGMT_PSK_SHA256))) { 1003 int try_opportunistic; 1004 try_opportunistic = ssid->proactive_key_caching && 1005 (ssid->proto & WPA_PROTO_RSN); 1006 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, 1007 wpa_s->current_ssid, 1008 try_opportunistic) == 0) 1009 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); 1010 wpa_ie_len = sizeof(wpa_ie); 1011 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 1012 wpa_ie, &wpa_ie_len)) { 1013 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key " 1014 "management and encryption suites"); 1015 return; 1016 } 1017 } else if (ssid->key_mgmt & 1018 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X | 1019 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK | 1020 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 | 1021 WPA_KEY_MGMT_IEEE8021X_SHA256)) { 1022 wpa_ie_len = sizeof(wpa_ie); 1023 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, 1024 wpa_ie, &wpa_ie_len)) { 1025 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key " 1026 "management and encryption suites (no scan " 1027 "results)"); 1028 return; 1029 } 1030 #ifdef CONFIG_WPS 1031 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { 1032 struct wpabuf *wps_ie; 1033 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); 1034 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) { 1035 wpa_ie_len = wpabuf_len(wps_ie); 1036 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); 1037 } else 1038 wpa_ie_len = 0; 1039 wpabuf_free(wps_ie); 1040 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 1041 #endif /* CONFIG_WPS */ 1042 } else { 1043 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 1044 wpa_ie_len = 0; 1045 } 1046 1047 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); 1048 use_crypt = 1; 1049 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher); 1050 cipher_group = cipher_suite2driver(wpa_s->group_cipher); 1051 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 1052 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 1053 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) 1054 use_crypt = 0; 1055 if (wpa_set_wep_keys(wpa_s, ssid)) { 1056 use_crypt = 1; 1057 wep_keys_set = 1; 1058 } 1059 } 1060 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) 1061 use_crypt = 0; 1062 1063 #ifdef IEEE8021X_EAPOL 1064 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 1065 if ((ssid->eapol_flags & 1066 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 1067 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && 1068 !wep_keys_set) { 1069 use_crypt = 0; 1070 } else { 1071 /* Assume that dynamic WEP-104 keys will be used and 1072 * set cipher suites in order for drivers to expect 1073 * encryption. */ 1074 cipher_pairwise = cipher_group = CIPHER_WEP104; 1075 } 1076 } 1077 #endif /* IEEE8021X_EAPOL */ 1078 1079 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 1080 /* Set the key before (and later after) association */ 1081 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 1082 } 1083 1084 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt); 1085 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); 1086 os_memset(¶ms, 0, sizeof(params)); 1087 if (bss) { 1088 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID); 1089 params.bssid = bss->bssid; 1090 params.ssid = ie ? ie + 2 : (u8 *) ""; 1091 params.ssid_len = ie ? ie[1] : 0; 1092 params.freq = bss->freq; 1093 } else { 1094 params.ssid = ssid->ssid; 1095 params.ssid_len = ssid->ssid_len; 1096 } 1097 if (ssid->mode == 1 && ssid->frequency > 0 && params.freq == 0) 1098 params.freq = ssid->frequency; /* Initial channel for IBSS */ 1099 params.wpa_ie = wpa_ie; 1100 params.wpa_ie_len = wpa_ie_len; 1101 params.pairwise_suite = cipher_pairwise; 1102 params.group_suite = cipher_group; 1103 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); 1104 params.auth_alg = algs; 1105 params.mode = ssid->mode; 1106 for (i = 0; i < NUM_WEP_KEYS; i++) { 1107 if (ssid->wep_key_len[i]) 1108 params.wep_key[i] = ssid->wep_key[i]; 1109 params.wep_key_len[i] = ssid->wep_key_len[i]; 1110 } 1111 params.wep_tx_keyidx = ssid->wep_tx_keyidx; 1112 1113 if (wpa_s->driver_4way_handshake && 1114 (params.key_mgmt_suite == KEY_MGMT_PSK || 1115 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) { 1116 params.passphrase = ssid->passphrase; 1117 if (ssid->psk_set) 1118 params.psk = ssid->psk; 1119 } 1120 1121 #ifdef CONFIG_IEEE80211W 1122 switch (ssid->ieee80211w) { 1123 case NO_IEEE80211W: 1124 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION; 1125 break; 1126 case IEEE80211W_OPTIONAL: 1127 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_OPTIONAL; 1128 break; 1129 case IEEE80211W_REQUIRED: 1130 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED; 1131 break; 1132 } 1133 if (ssid->ieee80211w != NO_IEEE80211W && bss) { 1134 const u8 *rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN); 1135 struct wpa_ie_data ie; 1136 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && 1137 ie.capabilities & 1138 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { 1139 wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: " 1140 "require MFP"); 1141 params.mgmt_frame_protection = 1142 MGMT_FRAME_PROTECTION_REQUIRED; 1143 } 1144 } 1145 #endif /* CONFIG_IEEE80211W */ 1146 1147 if (wpa_s->use_client_mlme) 1148 ret = ieee80211_sta_associate(wpa_s, ¶ms); 1149 else 1150 ret = wpa_drv_associate(wpa_s, ¶ms); 1151 if (ret < 0) { 1152 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " 1153 "failed"); 1154 /* try to continue anyway; new association will be tried again 1155 * after timeout */ 1156 assoc_failed = 1; 1157 } 1158 1159 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 1160 /* Set the key after the association just in case association 1161 * cleared the previously configured key. */ 1162 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 1163 /* No need to timeout authentication since there is no key 1164 * management. */ 1165 wpa_supplicant_cancel_auth_timeout(wpa_s); 1166 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 1167 } else { 1168 /* Timeout for IEEE 802.11 authentication and association */ 1169 int timeout = 60; 1170 1171 if (assoc_failed) { 1172 /* give IBSS a bit more time */ 1173 timeout = ssid->mode ? 10 : 5; 1174 } else if (wpa_s->conf->ap_scan == 1) { 1175 /* give IBSS a bit more time */ 1176 timeout = ssid->mode ? 20 : 10; 1177 } 1178 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 1179 } 1180 1181 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 && 1182 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) { 1183 /* Set static WEP keys again */ 1184 wpa_set_wep_keys(wpa_s, ssid); 1185 } 1186 1187 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { 1188 /* 1189 * Do not allow EAP session resumption between different 1190 * network configurations. 1191 */ 1192 eapol_sm_invalidate_cached_session(wpa_s->eapol); 1193 } 1194 wpa_s->current_ssid = ssid; 1195 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 1196 wpa_supplicant_initiate_eapol(wpa_s); 1197 } 1198 1199 1200 /** 1201 * wpa_supplicant_disassociate - Disassociate the current connection 1202 * @wpa_s: Pointer to wpa_supplicant data 1203 * @reason_code: IEEE 802.11 reason code for the disassociate frame 1204 * 1205 * This function is used to request %wpa_supplicant to disassociate with the 1206 * current AP. 1207 */ 1208 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s, 1209 int reason_code) 1210 { 1211 u8 *addr = NULL; 1212 if (!is_zero_ether_addr(wpa_s->bssid)) { 1213 if (wpa_s->use_client_mlme) 1214 ieee80211_sta_disassociate(wpa_s, reason_code); 1215 else 1216 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code); 1217 addr = wpa_s->bssid; 1218 } 1219 wpa_clear_keys(wpa_s, addr); 1220 wpa_supplicant_mark_disassoc(wpa_s); 1221 wpa_s->current_ssid = NULL; 1222 wpa_sm_set_config(wpa_s->wpa, NULL); 1223 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 1224 } 1225 1226 1227 /** 1228 * wpa_supplicant_deauthenticate - Deauthenticate the current connection 1229 * @wpa_s: Pointer to wpa_supplicant data 1230 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame 1231 * 1232 * This function is used to request %wpa_supplicant to deauthenticate from the 1233 * current AP. 1234 */ 1235 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, 1236 int reason_code) 1237 { 1238 u8 *addr = NULL; 1239 if (!is_zero_ether_addr(wpa_s->bssid)) { 1240 if (wpa_s->use_client_mlme) 1241 ieee80211_sta_deauthenticate(wpa_s, reason_code); 1242 else 1243 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, 1244 reason_code); 1245 addr = wpa_s->bssid; 1246 } 1247 wpa_clear_keys(wpa_s, addr); 1248 wpa_supplicant_mark_disassoc(wpa_s); 1249 wpa_s->current_ssid = NULL; 1250 wpa_sm_set_config(wpa_s->wpa, NULL); 1251 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 1252 } 1253 1254 1255 static int wpa_supplicant_get_scan_results_old(struct wpa_supplicant *wpa_s) 1256 { 1257 #define SCAN_AP_LIMIT 128 1258 struct wpa_scan_result *results; 1259 int num, i; 1260 struct wpa_scan_results *res; 1261 1262 results = os_malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result)); 1263 if (results == NULL) { 1264 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan " 1265 "results"); 1266 return -1; 1267 } 1268 1269 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT); 1270 wpa_printf(MSG_DEBUG, "Scan results: %d", num); 1271 if (num < 0) { 1272 wpa_printf(MSG_DEBUG, "Failed to get scan results"); 1273 os_free(results); 1274 return -1; 1275 } 1276 if (num > SCAN_AP_LIMIT) { 1277 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)", 1278 num, SCAN_AP_LIMIT); 1279 num = SCAN_AP_LIMIT; 1280 } 1281 1282 wpa_scan_results_free(wpa_s->scan_res); 1283 wpa_s->scan_res = NULL; 1284 1285 /* Convert old scan result data structure to the new one */ 1286 res = os_zalloc(sizeof(*res)); 1287 if (res == NULL) { 1288 os_free(results); 1289 return -1; 1290 } 1291 res->res = os_zalloc(num * sizeof(struct wpa_scan_res *)); 1292 if (res->res == NULL) { 1293 os_free(results); 1294 os_free(res); 1295 return -1; 1296 } 1297 1298 for (i = 0; i < num; i++) { 1299 struct wpa_scan_result *bss = &results[i]; 1300 struct wpa_scan_res *r; 1301 size_t ie_len; 1302 u8 *pos; 1303 1304 ie_len = 2 + bss->ssid_len + bss->rsn_ie_len + bss->wpa_ie_len; 1305 if (bss->maxrate) 1306 ie_len += 3; 1307 if (bss->mdie_present) 1308 ie_len += 5; 1309 1310 r = os_zalloc(sizeof(*r) + ie_len); 1311 if (r == NULL) 1312 break; 1313 1314 os_memcpy(r->bssid, bss->bssid, ETH_ALEN); 1315 r->freq = bss->freq; 1316 r->caps = bss->caps; 1317 r->qual = bss->qual; 1318 r->noise = bss->noise; 1319 r->level = bss->level; 1320 r->tsf = bss->tsf; 1321 r->ie_len = ie_len; 1322 1323 pos = (u8 *) (r + 1); 1324 1325 /* SSID IE */ 1326 *pos++ = WLAN_EID_SSID; 1327 *pos++ = bss->ssid_len; 1328 os_memcpy(pos, bss->ssid, bss->ssid_len); 1329 pos += bss->ssid_len; 1330 1331 if (bss->maxrate) { 1332 /* Fake Supported Rate IE to include max rate */ 1333 *pos++ = WLAN_EID_SUPP_RATES; 1334 *pos++ = 1; 1335 *pos++ = bss->maxrate; 1336 } 1337 1338 if (bss->rsn_ie_len) { 1339 os_memcpy(pos, bss->rsn_ie, bss->rsn_ie_len); 1340 pos += bss->rsn_ie_len; 1341 } 1342 1343 if (bss->mdie_present) { 1344 os_memcpy(pos, bss->mdie, 5); 1345 pos += 5; 1346 } 1347 1348 if (bss->wpa_ie_len) { 1349 os_memcpy(pos, bss->wpa_ie, bss->wpa_ie_len); 1350 pos += bss->wpa_ie_len; 1351 } 1352 1353 res->res[res->num++] = r; 1354 } 1355 1356 os_free(results); 1357 wpa_s->scan_res = res; 1358 1359 return 0; 1360 } 1361 1362 1363 /** 1364 * wpa_supplicant_get_scan_results - Get scan results 1365 * @wpa_s: Pointer to wpa_supplicant data 1366 * Returns: 0 on success, -1 on failure 1367 * 1368 * This function is request the current scan results from the driver and stores 1369 * a local copy of the results in wpa_s->scan_res. 1370 */ 1371 int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s) 1372 { 1373 int ret; 1374 1375 if (wpa_s->use_client_mlme) { 1376 wpa_scan_results_free(wpa_s->scan_res); 1377 wpa_s->scan_res = ieee80211_sta_get_scan_results(wpa_s); 1378 if (wpa_s->scan_res == NULL) { 1379 wpa_printf(MSG_DEBUG, "Failed to get scan results"); 1380 ret = -1; 1381 } else 1382 ret = 0; 1383 } else if (wpa_s->driver->get_scan_results2 == NULL) 1384 ret = wpa_supplicant_get_scan_results_old(wpa_s); 1385 else { 1386 wpa_scan_results_free(wpa_s->scan_res); 1387 wpa_s->scan_res = wpa_drv_get_scan_results2(wpa_s); 1388 if (wpa_s->scan_res == NULL) { 1389 wpa_printf(MSG_DEBUG, "Failed to get scan results"); 1390 ret = -1; 1391 } else 1392 ret = 0; 1393 } 1394 1395 if (wpa_s->scan_res) 1396 wpa_scan_sort_results(wpa_s->scan_res); 1397 1398 return ret; 1399 } 1400 1401 1402 /** 1403 * wpa_supplicant_get_ssid - Get a pointer to the current network structure 1404 * @wpa_s: Pointer to wpa_supplicant data 1405 * Returns: A pointer to the current network structure or %NULL on failure 1406 */ 1407 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) 1408 { 1409 struct wpa_ssid *entry; 1410 u8 ssid[MAX_SSID_LEN]; 1411 int res; 1412 size_t ssid_len; 1413 u8 bssid[ETH_ALEN]; 1414 int wired; 1415 1416 if (wpa_s->use_client_mlme) { 1417 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) { 1418 wpa_printf(MSG_WARNING, "Could not read SSID from " 1419 "MLME."); 1420 return NULL; 1421 } 1422 } else { 1423 res = wpa_drv_get_ssid(wpa_s, ssid); 1424 if (res < 0) { 1425 wpa_printf(MSG_WARNING, "Could not read SSID from " 1426 "driver."); 1427 return NULL; 1428 } 1429 ssid_len = res; 1430 } 1431 1432 if (wpa_s->use_client_mlme) 1433 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN); 1434 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { 1435 wpa_printf(MSG_WARNING, "Could not read BSSID from driver."); 1436 return NULL; 1437 } 1438 1439 wired = wpa_s->conf->ap_scan == 0 && wpa_s->driver && 1440 IS_WIRED(wpa_s->driver); 1441 1442 entry = wpa_s->conf->ssid; 1443 while (entry) { 1444 if (!entry->disabled && 1445 ((ssid_len == entry->ssid_len && 1446 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) && 1447 (!entry->bssid_set || 1448 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 1449 return entry; 1450 #ifdef CONFIG_WPS 1451 if (!entry->disabled && 1452 (entry->key_mgmt & WPA_KEY_MGMT_WPS) && 1453 (entry->ssid == NULL || entry->ssid_len == 0) && 1454 (!entry->bssid_set || 1455 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 1456 return entry; 1457 #endif /* CONFIG_WPS */ 1458 entry = entry->next; 1459 } 1460 1461 return NULL; 1462 } 1463 1464 1465 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, 1466 const char *name) 1467 { 1468 int i; 1469 1470 if (wpa_s == NULL) 1471 return -1; 1472 1473 if (wpa_supplicant_drivers[0] == NULL) { 1474 wpa_printf(MSG_ERROR, "No driver interfaces build into " 1475 "wpa_supplicant."); 1476 return -1; 1477 } 1478 1479 if (name == NULL) { 1480 /* default to first driver in the list */ 1481 wpa_s->driver = wpa_supplicant_drivers[0]; 1482 wpa_s->global_drv_priv = wpa_s->global->drv_priv[0]; 1483 return 0; 1484 } 1485 1486 for (i = 0; wpa_supplicant_drivers[i]; i++) { 1487 if (os_strcmp(name, wpa_supplicant_drivers[i]->name) == 0) { 1488 wpa_s->driver = wpa_supplicant_drivers[i]; 1489 wpa_s->global_drv_priv = wpa_s->global->drv_priv[i]; 1490 return 0; 1491 } 1492 } 1493 1494 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.\n", name); 1495 return -1; 1496 } 1497 1498 1499 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, 1500 const u8 *buf, size_t len) 1501 { 1502 struct wpa_supplicant *wpa_s = ctx; 1503 1504 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); 1505 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); 1506 1507 if (wpa_s->wpa_state < WPA_ASSOCIATED) { 1508 /* 1509 * There is possible race condition between receiving the 1510 * association event and the EAPOL frame since they are coming 1511 * through different paths from the driver. In order to avoid 1512 * issues in trying to process the EAPOL frame before receiving 1513 * association information, lets queue it for processing until 1514 * the association event is received. 1515 */ 1516 wpa_printf(MSG_DEBUG, "Not associated - Delay processing of " 1517 "received EAPOL frame"); 1518 wpabuf_free(wpa_s->pending_eapol_rx); 1519 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); 1520 if (wpa_s->pending_eapol_rx) { 1521 os_get_time(&wpa_s->pending_eapol_rx_time); 1522 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, 1523 ETH_ALEN); 1524 } 1525 return; 1526 } 1527 1528 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { 1529 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since " 1530 "no key management is configured"); 1531 return; 1532 } 1533 1534 if (wpa_s->eapol_received == 0 && 1535 (!wpa_s->driver_4way_handshake || 1536 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 1537 wpa_s->wpa_state != WPA_COMPLETED)) { 1538 /* Timeout for completing IEEE 802.1X and WPA authentication */ 1539 wpa_supplicant_req_auth_timeout( 1540 wpa_s, 1541 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || 1542 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || 1543 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ? 1544 70 : 10, 0); 1545 } 1546 wpa_s->eapol_received++; 1547 1548 if (wpa_s->countermeasures) { 1549 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL " 1550 "packet"); 1551 return; 1552 } 1553 1554 /* Source address of the incoming EAPOL frame could be compared to the 1555 * current BSSID. However, it is possible that a centralized 1556 * Authenticator could be using another MAC address than the BSSID of 1557 * an AP, so just allow any address to be used for now. The replies are 1558 * still sent to the current BSSID (if available), though. */ 1559 1560 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); 1561 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && 1562 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) 1563 return; 1564 wpa_drv_poll(wpa_s); 1565 if (!wpa_s->driver_4way_handshake) 1566 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); 1567 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 1568 /* 1569 * Set portValid = TRUE here since we are going to skip 4-way 1570 * handshake processing which would normally set portValid. We 1571 * need this to allow the EAPOL state machines to be completed 1572 * without going through EAPOL-Key handshake. 1573 */ 1574 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 1575 } 1576 } 1577 1578 1579 void wpa_supplicant_sta_free_hw_features(struct wpa_hw_modes *hw_features, 1580 size_t num_hw_features) 1581 { 1582 ieee80211_sta_free_hw_features(hw_features, num_hw_features); 1583 } 1584 1585 1586 void wpa_supplicant_sta_rx(void *ctx, const u8 *buf, size_t len, 1587 struct ieee80211_rx_status *rx_status) 1588 { 1589 struct wpa_supplicant *wpa_s = ctx; 1590 ieee80211_sta_rx(wpa_s, buf, len, rx_status); 1591 } 1592 1593 1594 /** 1595 * wpa_supplicant_driver_init - Initialize driver interface parameters 1596 * @wpa_s: Pointer to wpa_supplicant data 1597 * Returns: 0 on success, -1 on failure 1598 * 1599 * This function is called to initialize driver interface parameters. 1600 * wpa_drv_init() must have been called before this function to initialize the 1601 * driver interface. 1602 */ 1603 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) 1604 { 1605 static int interface_count = 0; 1606 1607 if (wpa_s->driver->send_eapol) { 1608 const u8 *addr = wpa_drv_get_mac_addr(wpa_s); 1609 if (addr) 1610 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); 1611 } else { 1612 wpa_s->l2 = l2_packet_init(wpa_s->ifname, 1613 wpa_drv_get_mac_addr(wpa_s), 1614 ETH_P_EAPOL, 1615 wpa_supplicant_rx_eapol, wpa_s, 0); 1616 if (wpa_s->l2 == NULL) 1617 return -1; 1618 } 1619 1620 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { 1621 wpa_printf(MSG_ERROR, "Failed to get own L2 address"); 1622 return -1; 1623 } 1624 1625 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR, 1626 MAC2STR(wpa_s->own_addr)); 1627 1628 if (wpa_s->bridge_ifname[0]) { 1629 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface" 1630 " '%s'", wpa_s->bridge_ifname); 1631 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname, 1632 wpa_s->own_addr, 1633 ETH_P_EAPOL, 1634 wpa_supplicant_rx_eapol, wpa_s, 1635 0); 1636 if (wpa_s->l2_br == NULL) { 1637 wpa_printf(MSG_ERROR, "Failed to open l2_packet " 1638 "connection for the bridge interface '%s'", 1639 wpa_s->bridge_ifname); 1640 return -1; 1641 } 1642 } 1643 1644 /* Backwards compatibility call to set_wpa() handler. This is called 1645 * only just after init and just before deinit, so these handler can be 1646 * used to implement same functionality. */ 1647 if (wpa_drv_set_wpa(wpa_s, 1) < 0) { 1648 struct wpa_driver_capa capa; 1649 if (wpa_drv_get_capa(wpa_s, &capa) < 0 || 1650 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA | 1651 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) { 1652 wpa_printf(MSG_DEBUG, "Driver does not support WPA."); 1653 /* Continue to allow non-WPA modes to be used. */ 1654 } else { 1655 wpa_printf(MSG_ERROR, "Failed to enable WPA in the " 1656 "driver."); 1657 return -1; 1658 } 1659 } 1660 1661 wpa_clear_keys(wpa_s, NULL); 1662 1663 /* Make sure that TKIP countermeasures are not left enabled (could 1664 * happen if wpa_supplicant is killed during countermeasures. */ 1665 wpa_drv_set_countermeasures(wpa_s, 0); 1666 1667 wpa_drv_set_drop_unencrypted(wpa_s, 1); 1668 1669 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver"); 1670 wpa_drv_flush_pmkid(wpa_s); 1671 1672 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN; 1673 wpa_supplicant_req_scan(wpa_s, interface_count, 100000); 1674 interface_count++; 1675 1676 return 0; 1677 } 1678 1679 1680 static int wpa_supplicant_daemon(const char *pid_file) 1681 { 1682 wpa_printf(MSG_DEBUG, "Daemonize.."); 1683 return os_daemonize(pid_file); 1684 } 1685 1686 1687 static struct wpa_supplicant * wpa_supplicant_alloc(void) 1688 { 1689 struct wpa_supplicant *wpa_s; 1690 1691 wpa_s = os_zalloc(sizeof(*wpa_s)); 1692 if (wpa_s == NULL) 1693 return NULL; 1694 wpa_s->scan_req = 1; 1695 1696 return wpa_s; 1697 } 1698 1699 1700 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, 1701 struct wpa_interface *iface) 1702 { 1703 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " 1704 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, 1705 iface->confname ? iface->confname : "N/A", 1706 iface->driver ? iface->driver : "default", 1707 iface->ctrl_interface ? iface->ctrl_interface : "N/A", 1708 iface->bridge_ifname ? iface->bridge_ifname : "N/A"); 1709 1710 if (wpa_supplicant_set_driver(wpa_s, iface->driver) < 0) { 1711 return -1; 1712 } 1713 1714 if (iface->confname) { 1715 #ifdef CONFIG_BACKEND_FILE 1716 wpa_s->confname = os_rel2abs_path(iface->confname); 1717 if (wpa_s->confname == NULL) { 1718 wpa_printf(MSG_ERROR, "Failed to get absolute path " 1719 "for configuration file '%s'.", 1720 iface->confname); 1721 return -1; 1722 } 1723 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", 1724 iface->confname, wpa_s->confname); 1725 #else /* CONFIG_BACKEND_FILE */ 1726 wpa_s->confname = os_strdup(iface->confname); 1727 #endif /* CONFIG_BACKEND_FILE */ 1728 wpa_s->conf = wpa_config_read(wpa_s->confname); 1729 if (wpa_s->conf == NULL) { 1730 wpa_printf(MSG_ERROR, "Failed to read or parse " 1731 "configuration '%s'.", wpa_s->confname); 1732 return -1; 1733 } 1734 1735 /* 1736 * Override ctrl_interface and driver_param if set on command 1737 * line. 1738 */ 1739 if (iface->ctrl_interface) { 1740 os_free(wpa_s->conf->ctrl_interface); 1741 wpa_s->conf->ctrl_interface = 1742 os_strdup(iface->ctrl_interface); 1743 } 1744 1745 if (iface->driver_param) { 1746 os_free(wpa_s->conf->driver_param); 1747 wpa_s->conf->driver_param = 1748 os_strdup(iface->driver_param); 1749 } 1750 } else 1751 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, 1752 iface->driver_param); 1753 1754 if (wpa_s->conf == NULL) { 1755 wpa_printf(MSG_ERROR, "\nNo configuration found."); 1756 return -1; 1757 } 1758 1759 if (iface->ifname == NULL) { 1760 wpa_printf(MSG_ERROR, "\nInterface name is required."); 1761 return -1; 1762 } 1763 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { 1764 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", 1765 iface->ifname); 1766 return -1; 1767 } 1768 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); 1769 1770 if (iface->bridge_ifname) { 1771 if (os_strlen(iface->bridge_ifname) >= 1772 sizeof(wpa_s->bridge_ifname)) { 1773 wpa_printf(MSG_ERROR, "\nToo long bridge interface " 1774 "name '%s'.", iface->bridge_ifname); 1775 return -1; 1776 } 1777 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, 1778 sizeof(wpa_s->bridge_ifname)); 1779 } 1780 1781 return 0; 1782 } 1783 1784 1785 static int wpa_supplicant_init_iface2(struct wpa_supplicant *wpa_s) 1786 { 1787 const char *ifname; 1788 struct wpa_driver_capa capa; 1789 1790 wpa_printf(MSG_DEBUG, "Initializing interface (2) '%s'", 1791 wpa_s->ifname); 1792 1793 /* RSNA Supplicant Key Management - INITIALIZE */ 1794 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 1795 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 1796 1797 /* Initialize driver interface and register driver event handler before 1798 * L2 receive handler so that association events are processed before 1799 * EAPOL-Key packets if both become available for the same select() 1800 * call. */ 1801 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); 1802 if (wpa_s->drv_priv == NULL) { 1803 wpa_printf(MSG_ERROR, "Failed to initialize driver interface"); 1804 return -1; 1805 } 1806 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { 1807 wpa_printf(MSG_ERROR, "Driver interface rejected " 1808 "driver_param '%s'", wpa_s->conf->driver_param); 1809 return -1; 1810 } 1811 1812 ifname = wpa_drv_get_ifname(wpa_s); 1813 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { 1814 wpa_printf(MSG_DEBUG, "Driver interface replaced interface " 1815 "name with '%s'", ifname); 1816 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); 1817 } 1818 1819 if (wpa_supplicant_init_wpa(wpa_s) < 0) 1820 return -1; 1821 1822 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, 1823 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : 1824 NULL); 1825 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 1826 1827 if (wpa_s->conf->dot11RSNAConfigPMKLifetime && 1828 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, 1829 wpa_s->conf->dot11RSNAConfigPMKLifetime)) { 1830 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for " 1831 "dot11RSNAConfigPMKLifetime"); 1832 return -1; 1833 } 1834 1835 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && 1836 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, 1837 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { 1838 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for " 1839 "dot11RSNAConfigPMKReauthThreshold"); 1840 return -1; 1841 } 1842 1843 if (wpa_s->conf->dot11RSNAConfigSATimeout && 1844 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, 1845 wpa_s->conf->dot11RSNAConfigSATimeout)) { 1846 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for " 1847 "dot11RSNAConfigSATimeout"); 1848 return -1; 1849 } 1850 1851 if (wpa_supplicant_driver_init(wpa_s) < 0) 1852 return -1; 1853 1854 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && 1855 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { 1856 wpa_printf(MSG_DEBUG, "Failed to set country"); 1857 return -1; 1858 } 1859 1860 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 1861 1862 if (wpas_wps_init(wpa_s)) 1863 return -1; 1864 1865 if (wpa_supplicant_init_eapol(wpa_s) < 0) 1866 return -1; 1867 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 1868 1869 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 1870 if (wpa_s->ctrl_iface == NULL) { 1871 wpa_printf(MSG_ERROR, 1872 "Failed to initialize control interface '%s'.\n" 1873 "You may have another wpa_supplicant process " 1874 "already running or the file was\n" 1875 "left by an unclean termination of wpa_supplicant " 1876 "in which case you will need\n" 1877 "to manually remove this file before starting " 1878 "wpa_supplicant again.\n", 1879 wpa_s->conf->ctrl_interface); 1880 return -1; 1881 } 1882 1883 if (wpa_drv_get_capa(wpa_s, &capa) == 0) { 1884 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) { 1885 wpa_s->use_client_mlme = 1; 1886 if (ieee80211_sta_init(wpa_s)) 1887 return -1; 1888 } 1889 if (capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) 1890 wpa_s->driver_4way_handshake = 1; 1891 } 1892 1893 return 0; 1894 } 1895 1896 1897 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s) 1898 { 1899 if (wpa_s->drv_priv) { 1900 wpa_supplicant_deauthenticate(wpa_s, 1901 WLAN_REASON_DEAUTH_LEAVING); 1902 1903 /* Backwards compatibility call to set_wpa() handler. This is 1904 * called only just after init and just before deinit, so these 1905 * handler can be used to implement same functionality. */ 1906 if (wpa_drv_set_wpa(wpa_s, 0) < 0) { 1907 wpa_printf(MSG_ERROR, "Failed to disable WPA in the " 1908 "driver."); 1909 } 1910 1911 wpa_drv_set_drop_unencrypted(wpa_s, 0); 1912 wpa_drv_set_countermeasures(wpa_s, 0); 1913 wpa_clear_keys(wpa_s, NULL); 1914 } 1915 1916 wpas_dbus_unregister_iface(wpa_s); 1917 1918 wpa_supplicant_cleanup(wpa_s); 1919 1920 if (wpa_s->drv_priv) 1921 wpa_drv_deinit(wpa_s); 1922 } 1923 1924 1925 /** 1926 * wpa_supplicant_add_iface - Add a new network interface 1927 * @global: Pointer to global data from wpa_supplicant_init() 1928 * @iface: Interface configuration options 1929 * Returns: Pointer to the created interface or %NULL on failure 1930 * 1931 * This function is used to add new network interfaces for %wpa_supplicant. 1932 * This can be called before wpa_supplicant_run() to add interfaces before the 1933 * main event loop has been started. In addition, new interfaces can be added 1934 * dynamically while %wpa_supplicant is already running. This could happen, 1935 * e.g., when a hotplug network adapter is inserted. 1936 */ 1937 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, 1938 struct wpa_interface *iface) 1939 { 1940 struct wpa_supplicant *wpa_s; 1941 1942 if (global == NULL || iface == NULL) 1943 return NULL; 1944 1945 wpa_s = wpa_supplicant_alloc(); 1946 if (wpa_s == NULL) 1947 return NULL; 1948 1949 wpa_s->global = global; 1950 1951 if (wpa_supplicant_init_iface(wpa_s, iface) || 1952 wpa_supplicant_init_iface2(wpa_s)) { 1953 wpa_printf(MSG_DEBUG, "Failed to add interface %s", 1954 iface->ifname); 1955 wpa_supplicant_deinit_iface(wpa_s); 1956 os_free(wpa_s); 1957 return NULL; 1958 } 1959 1960 /* Register the interface with the dbus control interface */ 1961 if (wpas_dbus_register_iface(wpa_s)) { 1962 wpa_supplicant_deinit_iface(wpa_s); 1963 os_free(wpa_s); 1964 return NULL; 1965 } 1966 1967 wpa_s->next = global->ifaces; 1968 global->ifaces = wpa_s; 1969 1970 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname); 1971 1972 return wpa_s; 1973 } 1974 1975 1976 /** 1977 * wpa_supplicant_remove_iface - Remove a network interface 1978 * @global: Pointer to global data from wpa_supplicant_init() 1979 * @wpa_s: Pointer to the network interface to be removed 1980 * Returns: 0 if interface was removed, -1 if interface was not found 1981 * 1982 * This function can be used to dynamically remove network interfaces from 1983 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In 1984 * addition, this function is used to remove all remaining interfaces when 1985 * %wpa_supplicant is terminated. 1986 */ 1987 int wpa_supplicant_remove_iface(struct wpa_global *global, 1988 struct wpa_supplicant *wpa_s) 1989 { 1990 struct wpa_supplicant *prev; 1991 1992 /* Remove interface from the global list of interfaces */ 1993 prev = global->ifaces; 1994 if (prev == wpa_s) { 1995 global->ifaces = wpa_s->next; 1996 } else { 1997 while (prev && prev->next != wpa_s) 1998 prev = prev->next; 1999 if (prev == NULL) 2000 return -1; 2001 prev->next = wpa_s->next; 2002 } 2003 2004 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname); 2005 2006 wpa_supplicant_deinit_iface(wpa_s); 2007 os_free(wpa_s); 2008 2009 return 0; 2010 } 2011 2012 2013 /** 2014 * wpa_supplicant_get_iface - Get a new network interface 2015 * @global: Pointer to global data from wpa_supplicant_init() 2016 * @ifname: Interface name 2017 * Returns: Pointer to the interface or %NULL if not found 2018 */ 2019 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, 2020 const char *ifname) 2021 { 2022 struct wpa_supplicant *wpa_s; 2023 2024 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 2025 if (os_strcmp(wpa_s->ifname, ifname) == 0) 2026 return wpa_s; 2027 } 2028 return NULL; 2029 } 2030 2031 2032 /** 2033 * wpa_supplicant_init - Initialize %wpa_supplicant 2034 * @params: Parameters for %wpa_supplicant 2035 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure 2036 * 2037 * This function is used to initialize %wpa_supplicant. After successful 2038 * initialization, the returned data pointer can be used to add and remove 2039 * network interfaces, and eventually, to deinitialize %wpa_supplicant. 2040 */ 2041 struct wpa_global * wpa_supplicant_init(struct wpa_params *params) 2042 { 2043 struct wpa_global *global; 2044 int ret, i; 2045 2046 if (params == NULL) 2047 return NULL; 2048 2049 wpa_debug_open_file(params->wpa_debug_file_path); 2050 2051 ret = eap_peer_register_methods(); 2052 if (ret) { 2053 wpa_printf(MSG_ERROR, "Failed to register EAP methods"); 2054 if (ret == -2) 2055 wpa_printf(MSG_ERROR, "Two or more EAP methods used " 2056 "the same EAP type."); 2057 return NULL; 2058 } 2059 2060 global = os_zalloc(sizeof(*global)); 2061 if (global == NULL) 2062 return NULL; 2063 global->params.daemonize = params->daemonize; 2064 global->params.wait_for_monitor = params->wait_for_monitor; 2065 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; 2066 if (params->pid_file) 2067 global->params.pid_file = os_strdup(params->pid_file); 2068 if (params->ctrl_interface) 2069 global->params.ctrl_interface = 2070 os_strdup(params->ctrl_interface); 2071 wpa_debug_level = global->params.wpa_debug_level = 2072 params->wpa_debug_level; 2073 wpa_debug_show_keys = global->params.wpa_debug_show_keys = 2074 params->wpa_debug_show_keys; 2075 wpa_debug_timestamp = global->params.wpa_debug_timestamp = 2076 params->wpa_debug_timestamp; 2077 2078 if (eloop_init(global)) { 2079 wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 2080 wpa_supplicant_deinit(global); 2081 return NULL; 2082 } 2083 2084 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); 2085 if (global->ctrl_iface == NULL) { 2086 wpa_supplicant_deinit(global); 2087 return NULL; 2088 } 2089 2090 if (global->params.dbus_ctrl_interface) { 2091 global->dbus_ctrl_iface = 2092 wpa_supplicant_dbus_ctrl_iface_init(global); 2093 if (global->dbus_ctrl_iface == NULL) { 2094 wpa_supplicant_deinit(global); 2095 return NULL; 2096 } 2097 } 2098 2099 for (i = 0; wpa_supplicant_drivers[i]; i++) 2100 global->drv_count++; 2101 if (global->drv_count == 0) { 2102 wpa_printf(MSG_ERROR, "No drivers enabled"); 2103 wpa_supplicant_deinit(global); 2104 return NULL; 2105 } 2106 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *)); 2107 if (global->drv_priv == NULL) { 2108 wpa_supplicant_deinit(global); 2109 return NULL; 2110 } 2111 for (i = 0; wpa_supplicant_drivers[i]; i++) { 2112 if (!wpa_supplicant_drivers[i]->global_init) 2113 continue; 2114 global->drv_priv[i] = wpa_supplicant_drivers[i]->global_init(); 2115 if (global->drv_priv[i] == NULL) { 2116 wpa_printf(MSG_ERROR, "Failed to initialize driver " 2117 "'%s'", wpa_supplicant_drivers[i]->name); 2118 wpa_supplicant_deinit(global); 2119 return NULL; 2120 } 2121 } 2122 2123 return global; 2124 } 2125 2126 2127 /** 2128 * wpa_supplicant_run - Run the %wpa_supplicant main event loop 2129 * @global: Pointer to global data from wpa_supplicant_init() 2130 * Returns: 0 after successful event loop run, -1 on failure 2131 * 2132 * This function starts the main event loop and continues running as long as 2133 * there are any remaining events. In most cases, this function is running as 2134 * long as the %wpa_supplicant process in still in use. 2135 */ 2136 int wpa_supplicant_run(struct wpa_global *global) 2137 { 2138 struct wpa_supplicant *wpa_s; 2139 2140 if (global->params.daemonize && 2141 wpa_supplicant_daemon(global->params.pid_file)) 2142 return -1; 2143 2144 if (global->params.wait_for_monitor) { 2145 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) 2146 if (wpa_s->ctrl_iface) 2147 wpa_supplicant_ctrl_iface_wait( 2148 wpa_s->ctrl_iface); 2149 } 2150 2151 eloop_register_signal_terminate(wpa_supplicant_terminate, NULL); 2152 eloop_register_signal_reconfig(wpa_supplicant_reconfig, NULL); 2153 2154 eloop_run(); 2155 2156 return 0; 2157 } 2158 2159 2160 /** 2161 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant 2162 * @global: Pointer to global data from wpa_supplicant_init() 2163 * 2164 * This function is called to deinitialize %wpa_supplicant and to free all 2165 * allocated resources. Remaining network interfaces will also be removed. 2166 */ 2167 void wpa_supplicant_deinit(struct wpa_global *global) 2168 { 2169 int i; 2170 2171 if (global == NULL) 2172 return; 2173 2174 while (global->ifaces) 2175 wpa_supplicant_remove_iface(global, global->ifaces); 2176 2177 if (global->ctrl_iface) 2178 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); 2179 if (global->dbus_ctrl_iface) 2180 wpa_supplicant_dbus_ctrl_iface_deinit(global->dbus_ctrl_iface); 2181 2182 eap_peer_unregister_methods(); 2183 2184 for (i = 0; wpa_supplicant_drivers[i] && global->drv_priv; i++) { 2185 if (!global->drv_priv[i]) 2186 continue; 2187 wpa_supplicant_drivers[i]->global_deinit(global->drv_priv[i]); 2188 } 2189 os_free(global->drv_priv); 2190 2191 eloop_destroy(); 2192 2193 if (global->params.pid_file) { 2194 os_daemonize_terminate(global->params.pid_file); 2195 os_free(global->params.pid_file); 2196 } 2197 os_free(global->params.ctrl_interface); 2198 2199 os_free(global); 2200 wpa_debug_close_file(); 2201 } 2202