1 /* 2 * WPA Supplicant 3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 * 8 * This file implements functions for registering and unregistering 9 * %wpa_supplicant interfaces. In addition, this file contains number of 10 * functions for managing network connections. 11 */ 12 13 #include "includes.h" 14 #ifdef CONFIG_MATCH_IFACE 15 #include <net/if.h> 16 #include <fnmatch.h> 17 #endif /* CONFIG_MATCH_IFACE */ 18 19 #include "common.h" 20 #include "crypto/random.h" 21 #include "crypto/sha1.h" 22 #include "eapol_supp/eapol_supp_sm.h" 23 #include "eap_peer/eap.h" 24 #include "eap_peer/eap_proxy.h" 25 #include "eap_server/eap_methods.h" 26 #include "rsn_supp/wpa.h" 27 #include "eloop.h" 28 #include "config.h" 29 #include "utils/ext_password.h" 30 #include "l2_packet/l2_packet.h" 31 #include "wpa_supplicant_i.h" 32 #include "driver_i.h" 33 #include "ctrl_iface.h" 34 #include "pcsc_funcs.h" 35 #include "common/version.h" 36 #include "rsn_supp/preauth.h" 37 #include "rsn_supp/pmksa_cache.h" 38 #include "common/wpa_ctrl.h" 39 #include "common/ieee802_11_defs.h" 40 #include "common/hw_features_common.h" 41 #include "common/gas_server.h" 42 #include "common/dpp.h" 43 #include "p2p/p2p.h" 44 #include "fst/fst.h" 45 #include "blacklist.h" 46 #include "wpas_glue.h" 47 #include "wps_supplicant.h" 48 #include "ibss_rsn.h" 49 #include "sme.h" 50 #include "gas_query.h" 51 #include "ap.h" 52 #include "p2p_supplicant.h" 53 #include "wifi_display.h" 54 #include "notify.h" 55 #include "bgscan.h" 56 #include "autoscan.h" 57 #include "bss.h" 58 #include "scan.h" 59 #include "offchannel.h" 60 #include "hs20_supplicant.h" 61 #include "wnm_sta.h" 62 #include "wpas_kay.h" 63 #include "mesh.h" 64 #include "dpp_supplicant.h" 65 #ifdef CONFIG_MESH 66 #include "ap/ap_config.h" 67 #include "ap/hostapd.h" 68 #endif /* CONFIG_MESH */ 69 70 const char *const wpa_supplicant_version = 71 "wpa_supplicant v" VERSION_STR "\n" 72 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors"; 73 74 const char *const wpa_supplicant_license = 75 "This software may be distributed under the terms of the BSD license.\n" 76 "See README for more details.\n" 77 #ifdef EAP_TLS_OPENSSL 78 "\nThis product includes software developed by the OpenSSL Project\n" 79 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" 80 #endif /* EAP_TLS_OPENSSL */ 81 ; 82 83 #ifndef CONFIG_NO_STDOUT_DEBUG 84 /* Long text divided into parts in order to fit in C89 strings size limits. */ 85 const char *const wpa_supplicant_full_license1 = 86 ""; 87 const char *const wpa_supplicant_full_license2 = 88 "This software may be distributed under the terms of the BSD license.\n" 89 "\n" 90 "Redistribution and use in source and binary forms, with or without\n" 91 "modification, are permitted provided that the following conditions are\n" 92 "met:\n" 93 "\n"; 94 const char *const wpa_supplicant_full_license3 = 95 "1. Redistributions of source code must retain the above copyright\n" 96 " notice, this list of conditions and the following disclaimer.\n" 97 "\n" 98 "2. Redistributions in binary form must reproduce the above copyright\n" 99 " notice, this list of conditions and the following disclaimer in the\n" 100 " documentation and/or other materials provided with the distribution.\n" 101 "\n"; 102 const char *const wpa_supplicant_full_license4 = 103 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" 104 " names of its contributors may be used to endorse or promote products\n" 105 " derived from this software without specific prior written permission.\n" 106 "\n" 107 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" 108 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" 109 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" 110 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; 111 const char *const wpa_supplicant_full_license5 = 112 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" 113 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" 114 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" 115 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" 116 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" 117 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" 118 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" 119 "\n"; 120 #endif /* CONFIG_NO_STDOUT_DEBUG */ 121 122 123 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx); 124 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 125 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s); 126 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 127 128 129 /* Configure default/group WEP keys for static WEP */ 130 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 131 { 132 int i, set = 0; 133 134 for (i = 0; i < NUM_WEP_KEYS; i++) { 135 if (ssid->wep_key_len[i] == 0) 136 continue; 137 138 set = 1; 139 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, 140 i, i == ssid->wep_tx_keyidx, NULL, 0, 141 ssid->wep_key[i], ssid->wep_key_len[i]); 142 } 143 144 return set; 145 } 146 147 148 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, 149 struct wpa_ssid *ssid) 150 { 151 u8 key[32]; 152 size_t keylen; 153 enum wpa_alg alg; 154 u8 seq[6] = { 0 }; 155 int ret; 156 157 /* IBSS/WPA-None uses only one key (Group) for both receiving and 158 * sending unicast and multicast packets. */ 159 160 if (ssid->mode != WPAS_MODE_IBSS) { 161 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " 162 "IBSS/ad-hoc) for WPA-None", ssid->mode); 163 return -1; 164 } 165 166 if (!ssid->psk_set) { 167 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " 168 "WPA-None"); 169 return -1; 170 } 171 172 switch (wpa_s->group_cipher) { 173 case WPA_CIPHER_CCMP: 174 os_memcpy(key, ssid->psk, 16); 175 keylen = 16; 176 alg = WPA_ALG_CCMP; 177 break; 178 case WPA_CIPHER_GCMP: 179 os_memcpy(key, ssid->psk, 16); 180 keylen = 16; 181 alg = WPA_ALG_GCMP; 182 break; 183 case WPA_CIPHER_TKIP: 184 /* WPA-None uses the same Michael MIC key for both TX and RX */ 185 os_memcpy(key, ssid->psk, 16 + 8); 186 os_memcpy(key + 16 + 8, ssid->psk + 16, 8); 187 keylen = 32; 188 alg = WPA_ALG_TKIP; 189 break; 190 default: 191 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " 192 "WPA-None", wpa_s->group_cipher); 193 return -1; 194 } 195 196 /* TODO: should actually remember the previously used seq#, both for TX 197 * and RX from each STA.. */ 198 199 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); 200 os_memset(key, 0, sizeof(key)); 201 return ret; 202 } 203 204 205 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) 206 { 207 struct wpa_supplicant *wpa_s = eloop_ctx; 208 const u8 *bssid = wpa_s->bssid; 209 if (!is_zero_ether_addr(wpa_s->pending_bssid) && 210 (wpa_s->wpa_state == WPA_AUTHENTICATING || 211 wpa_s->wpa_state == WPA_ASSOCIATING)) 212 bssid = wpa_s->pending_bssid; 213 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", 214 MAC2STR(bssid)); 215 wpa_blacklist_add(wpa_s, bssid); 216 wpa_sm_notify_disassoc(wpa_s->wpa); 217 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 218 wpa_s->reassociate = 1; 219 220 /* 221 * If we timed out, the AP or the local radio may be busy. 222 * So, wait a second until scanning again. 223 */ 224 wpa_supplicant_req_scan(wpa_s, 1, 0); 225 } 226 227 228 /** 229 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication 230 * @wpa_s: Pointer to wpa_supplicant data 231 * @sec: Number of seconds after which to time out authentication 232 * @usec: Number of microseconds after which to time out authentication 233 * 234 * This function is used to schedule a timeout for the current authentication 235 * attempt. 236 */ 237 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, 238 int sec, int usec) 239 { 240 if (wpa_s->conf->ap_scan == 0 && 241 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) 242 return; 243 244 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " 245 "%d usec", sec, usec); 246 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 247 wpa_s->last_auth_timeout_sec = sec; 248 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); 249 } 250 251 252 /* 253 * wpas_auth_timeout_restart - Restart and change timeout for authentication 254 * @wpa_s: Pointer to wpa_supplicant data 255 * @sec_diff: difference in seconds applied to original timeout value 256 */ 257 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff) 258 { 259 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff; 260 261 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) { 262 wpa_dbg(wpa_s, MSG_DEBUG, 263 "Authentication timeout restart: %d sec", new_sec); 264 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 265 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout, 266 wpa_s, NULL); 267 } 268 } 269 270 271 /** 272 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout 273 * @wpa_s: Pointer to wpa_supplicant data 274 * 275 * This function is used to cancel authentication timeout scheduled with 276 * wpa_supplicant_req_auth_timeout() and it is called when authentication has 277 * been completed. 278 */ 279 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) 280 { 281 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); 282 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 283 wpa_blacklist_del(wpa_s, wpa_s->bssid); 284 os_free(wpa_s->last_con_fail_realm); 285 wpa_s->last_con_fail_realm = NULL; 286 wpa_s->last_con_fail_realm_len = 0; 287 } 288 289 290 /** 291 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine 292 * @wpa_s: Pointer to wpa_supplicant data 293 * 294 * This function is used to configure EAPOL state machine based on the selected 295 * authentication mode. 296 */ 297 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) 298 { 299 #ifdef IEEE8021X_EAPOL 300 struct eapol_config eapol_conf; 301 struct wpa_ssid *ssid = wpa_s->current_ssid; 302 303 #ifdef CONFIG_IBSS_RSN 304 if (ssid->mode == WPAS_MODE_IBSS && 305 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 306 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 307 /* 308 * RSN IBSS authentication is per-STA and we can disable the 309 * per-BSSID EAPOL authentication. 310 */ 311 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 312 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); 313 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); 314 return; 315 } 316 #endif /* CONFIG_IBSS_RSN */ 317 318 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 319 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); 320 321 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 322 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 323 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 324 else 325 eapol_sm_notify_portControl(wpa_s->eapol, Auto); 326 327 os_memset(&eapol_conf, 0, sizeof(eapol_conf)); 328 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 329 eapol_conf.accept_802_1x_keys = 1; 330 eapol_conf.required_keys = 0; 331 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { 332 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; 333 } 334 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { 335 eapol_conf.required_keys |= 336 EAPOL_REQUIRE_KEY_BROADCAST; 337 } 338 339 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) 340 eapol_conf.required_keys = 0; 341 } 342 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; 343 eapol_conf.workaround = ssid->eap_workaround; 344 eapol_conf.eap_disabled = 345 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && 346 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && 347 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; 348 eapol_conf.external_sim = wpa_s->conf->external_sim; 349 350 #ifdef CONFIG_WPS 351 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 352 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE; 353 if (wpa_s->current_bss) { 354 struct wpabuf *ie; 355 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss, 356 WPS_IE_VENDOR_TYPE); 357 if (ie) { 358 if (wps_is_20(ie)) 359 eapol_conf.wps |= 360 EAPOL_PEER_IS_WPS20_AP; 361 wpabuf_free(ie); 362 } 363 } 364 } 365 #endif /* CONFIG_WPS */ 366 367 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); 368 369 #ifdef CONFIG_MACSEC 370 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set) 371 ieee802_1x_create_preshared_mka(wpa_s, ssid); 372 else 373 ieee802_1x_alloc_kay_sm(wpa_s, ssid); 374 #endif /* CONFIG_MACSEC */ 375 #endif /* IEEE8021X_EAPOL */ 376 } 377 378 379 /** 380 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode 381 * @wpa_s: Pointer to wpa_supplicant data 382 * @ssid: Configuration data for the network 383 * 384 * This function is used to configure WPA state machine and related parameters 385 * to a mode where WPA is not enabled. This is called as part of the 386 * authentication configuration when the selected network does not use WPA. 387 */ 388 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, 389 struct wpa_ssid *ssid) 390 { 391 int i; 392 393 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 394 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; 395 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) 396 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; 397 else 398 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 399 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 400 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 401 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 402 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 403 wpa_s->group_cipher = WPA_CIPHER_NONE; 404 wpa_s->mgmt_group_cipher = 0; 405 406 for (i = 0; i < NUM_WEP_KEYS; i++) { 407 if (ssid->wep_key_len[i] > 5) { 408 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; 409 wpa_s->group_cipher = WPA_CIPHER_WEP104; 410 break; 411 } else if (ssid->wep_key_len[i] > 0) { 412 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; 413 wpa_s->group_cipher = WPA_CIPHER_WEP40; 414 break; 415 } 416 } 417 418 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); 419 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 420 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 421 wpa_s->pairwise_cipher); 422 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 423 #ifdef CONFIG_IEEE80211W 424 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 425 wpa_s->mgmt_group_cipher); 426 #endif /* CONFIG_IEEE80211W */ 427 428 pmksa_cache_clear_current(wpa_s->wpa); 429 } 430 431 432 void free_hw_features(struct wpa_supplicant *wpa_s) 433 { 434 int i; 435 if (wpa_s->hw.modes == NULL) 436 return; 437 438 for (i = 0; i < wpa_s->hw.num_modes; i++) { 439 os_free(wpa_s->hw.modes[i].channels); 440 os_free(wpa_s->hw.modes[i].rates); 441 } 442 443 os_free(wpa_s->hw.modes); 444 wpa_s->hw.modes = NULL; 445 } 446 447 448 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s) 449 { 450 struct wpa_bss_tmp_disallowed *bss, *prev; 451 452 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed, 453 struct wpa_bss_tmp_disallowed, list) { 454 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); 455 dl_list_del(&bss->list); 456 os_free(bss); 457 } 458 } 459 460 461 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s) 462 { 463 struct fils_hlp_req *req; 464 465 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req, 466 list)) != NULL) { 467 dl_list_del(&req->list); 468 wpabuf_free(req->pkt); 469 os_free(req); 470 } 471 } 472 473 474 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) 475 { 476 int i; 477 478 bgscan_deinit(wpa_s); 479 autoscan_deinit(wpa_s); 480 scard_deinit(wpa_s->scard); 481 wpa_s->scard = NULL; 482 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); 483 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); 484 l2_packet_deinit(wpa_s->l2); 485 wpa_s->l2 = NULL; 486 if (wpa_s->l2_br) { 487 l2_packet_deinit(wpa_s->l2_br); 488 wpa_s->l2_br = NULL; 489 } 490 #ifdef CONFIG_TESTING_OPTIONS 491 l2_packet_deinit(wpa_s->l2_test); 492 wpa_s->l2_test = NULL; 493 os_free(wpa_s->get_pref_freq_list_override); 494 wpa_s->get_pref_freq_list_override = NULL; 495 wpabuf_free(wpa_s->last_assoc_req_wpa_ie); 496 wpa_s->last_assoc_req_wpa_ie = NULL; 497 #endif /* CONFIG_TESTING_OPTIONS */ 498 499 if (wpa_s->conf != NULL) { 500 struct wpa_ssid *ssid; 501 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 502 wpas_notify_network_removed(wpa_s, ssid); 503 } 504 505 os_free(wpa_s->confname); 506 wpa_s->confname = NULL; 507 508 os_free(wpa_s->confanother); 509 wpa_s->confanother = NULL; 510 511 os_free(wpa_s->last_con_fail_realm); 512 wpa_s->last_con_fail_realm = NULL; 513 wpa_s->last_con_fail_realm_len = 0; 514 515 wpa_sm_set_eapol(wpa_s->wpa, NULL); 516 eapol_sm_deinit(wpa_s->eapol); 517 wpa_s->eapol = NULL; 518 519 rsn_preauth_deinit(wpa_s->wpa); 520 521 #ifdef CONFIG_TDLS 522 wpa_tdls_deinit(wpa_s->wpa); 523 #endif /* CONFIG_TDLS */ 524 525 wmm_ac_clear_saved_tspecs(wpa_s); 526 pmksa_candidate_free(wpa_s->wpa); 527 wpa_sm_deinit(wpa_s->wpa); 528 wpa_s->wpa = NULL; 529 wpa_blacklist_clear(wpa_s); 530 531 wpa_bss_deinit(wpa_s); 532 533 wpa_supplicant_cancel_delayed_sched_scan(wpa_s); 534 wpa_supplicant_cancel_scan(wpa_s); 535 wpa_supplicant_cancel_auth_timeout(wpa_s); 536 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); 537 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 538 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, 539 wpa_s, NULL); 540 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 541 542 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); 543 544 wpas_wps_deinit(wpa_s); 545 546 wpabuf_free(wpa_s->pending_eapol_rx); 547 wpa_s->pending_eapol_rx = NULL; 548 549 #ifdef CONFIG_IBSS_RSN 550 ibss_rsn_deinit(wpa_s->ibss_rsn); 551 wpa_s->ibss_rsn = NULL; 552 #endif /* CONFIG_IBSS_RSN */ 553 554 sme_deinit(wpa_s); 555 556 #ifdef CONFIG_AP 557 wpa_supplicant_ap_deinit(wpa_s); 558 #endif /* CONFIG_AP */ 559 560 wpas_p2p_deinit(wpa_s); 561 562 #ifdef CONFIG_OFFCHANNEL 563 offchannel_deinit(wpa_s); 564 #endif /* CONFIG_OFFCHANNEL */ 565 566 wpa_supplicant_cancel_sched_scan(wpa_s); 567 568 os_free(wpa_s->next_scan_freqs); 569 wpa_s->next_scan_freqs = NULL; 570 571 os_free(wpa_s->manual_scan_freqs); 572 wpa_s->manual_scan_freqs = NULL; 573 os_free(wpa_s->select_network_scan_freqs); 574 wpa_s->select_network_scan_freqs = NULL; 575 576 os_free(wpa_s->manual_sched_scan_freqs); 577 wpa_s->manual_sched_scan_freqs = NULL; 578 579 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL); 580 581 /* 582 * Need to remove any pending gas-query radio work before the 583 * gas_query_deinit() call because gas_query::work has not yet been set 584 * for works that have not been started. gas_query_free() will be unable 585 * to cancel such pending radio works and once the pending gas-query 586 * radio work eventually gets removed, the deinit notification call to 587 * gas_query_start_cb() would result in dereferencing freed memory. 588 */ 589 if (wpa_s->radio) 590 radio_remove_works(wpa_s, "gas-query", 0); 591 gas_query_deinit(wpa_s->gas); 592 wpa_s->gas = NULL; 593 gas_server_deinit(wpa_s->gas_server); 594 wpa_s->gas_server = NULL; 595 596 free_hw_features(wpa_s); 597 598 ieee802_1x_dealloc_kay_sm(wpa_s); 599 600 os_free(wpa_s->bssid_filter); 601 wpa_s->bssid_filter = NULL; 602 603 os_free(wpa_s->disallow_aps_bssid); 604 wpa_s->disallow_aps_bssid = NULL; 605 os_free(wpa_s->disallow_aps_ssid); 606 wpa_s->disallow_aps_ssid = NULL; 607 608 wnm_bss_keep_alive_deinit(wpa_s); 609 #ifdef CONFIG_WNM 610 wnm_deallocate_memory(wpa_s); 611 #endif /* CONFIG_WNM */ 612 613 ext_password_deinit(wpa_s->ext_pw); 614 wpa_s->ext_pw = NULL; 615 616 wpabuf_free(wpa_s->last_gas_resp); 617 wpa_s->last_gas_resp = NULL; 618 wpabuf_free(wpa_s->prev_gas_resp); 619 wpa_s->prev_gas_resp = NULL; 620 621 os_free(wpa_s->last_scan_res); 622 wpa_s->last_scan_res = NULL; 623 624 #ifdef CONFIG_HS20 625 if (wpa_s->drv_priv) 626 wpa_drv_configure_frame_filters(wpa_s, 0); 627 hs20_deinit(wpa_s); 628 #endif /* CONFIG_HS20 */ 629 630 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { 631 wpabuf_free(wpa_s->vendor_elem[i]); 632 wpa_s->vendor_elem[i] = NULL; 633 } 634 635 wmm_ac_notify_disassoc(wpa_s); 636 637 wpa_s->sched_scan_plans_num = 0; 638 os_free(wpa_s->sched_scan_plans); 639 wpa_s->sched_scan_plans = NULL; 640 641 #ifdef CONFIG_MBO 642 wpa_s->non_pref_chan_num = 0; 643 os_free(wpa_s->non_pref_chan); 644 wpa_s->non_pref_chan = NULL; 645 #endif /* CONFIG_MBO */ 646 647 free_bss_tmp_disallowed(wpa_s); 648 649 wpabuf_free(wpa_s->lci); 650 wpa_s->lci = NULL; 651 wpas_clear_beacon_rep_data(wpa_s); 652 653 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 654 #ifdef CONFIG_MESH 655 { 656 struct external_pmksa_cache *entry; 657 658 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache, 659 struct external_pmksa_cache, 660 list)) != NULL) { 661 dl_list_del(&entry->list); 662 os_free(entry->pmksa_cache); 663 os_free(entry); 664 } 665 } 666 #endif /* CONFIG_MESH */ 667 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 668 669 wpas_flush_fils_hlp_req(wpa_s); 670 671 wpabuf_free(wpa_s->ric_ies); 672 wpa_s->ric_ies = NULL; 673 674 #ifdef CONFIG_DPP 675 wpas_dpp_deinit(wpa_s); 676 dpp_global_deinit(wpa_s->dpp); 677 wpa_s->dpp = NULL; 678 #endif /* CONFIG_DPP */ 679 } 680 681 682 /** 683 * wpa_clear_keys - Clear keys configured for the driver 684 * @wpa_s: Pointer to wpa_supplicant data 685 * @addr: Previously used BSSID or %NULL if not available 686 * 687 * This function clears the encryption keys that has been previously configured 688 * for the driver. 689 */ 690 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) 691 { 692 int i, max; 693 694 #ifdef CONFIG_IEEE80211W 695 max = 6; 696 #else /* CONFIG_IEEE80211W */ 697 max = 4; 698 #endif /* CONFIG_IEEE80211W */ 699 700 /* MLME-DELETEKEYS.request */ 701 for (i = 0; i < max; i++) { 702 if (wpa_s->keys_cleared & BIT(i)) 703 continue; 704 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0, 705 NULL, 0); 706 } 707 if (!(wpa_s->keys_cleared & BIT(0)) && addr && 708 !is_zero_ether_addr(addr)) { 709 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, 710 0); 711 /* MLME-SETPROTECTION.request(None) */ 712 wpa_drv_mlme_setprotection( 713 wpa_s, addr, 714 MLME_SETPROTECTION_PROTECT_TYPE_NONE, 715 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); 716 } 717 wpa_s->keys_cleared = (u32) -1; 718 } 719 720 721 /** 722 * wpa_supplicant_state_txt - Get the connection state name as a text string 723 * @state: State (wpa_state; WPA_*) 724 * Returns: The state name as a printable text string 725 */ 726 const char * wpa_supplicant_state_txt(enum wpa_states state) 727 { 728 switch (state) { 729 case WPA_DISCONNECTED: 730 return "DISCONNECTED"; 731 case WPA_INACTIVE: 732 return "INACTIVE"; 733 case WPA_INTERFACE_DISABLED: 734 return "INTERFACE_DISABLED"; 735 case WPA_SCANNING: 736 return "SCANNING"; 737 case WPA_AUTHENTICATING: 738 return "AUTHENTICATING"; 739 case WPA_ASSOCIATING: 740 return "ASSOCIATING"; 741 case WPA_ASSOCIATED: 742 return "ASSOCIATED"; 743 case WPA_4WAY_HANDSHAKE: 744 return "4WAY_HANDSHAKE"; 745 case WPA_GROUP_HANDSHAKE: 746 return "GROUP_HANDSHAKE"; 747 case WPA_COMPLETED: 748 return "COMPLETED"; 749 default: 750 return "UNKNOWN"; 751 } 752 } 753 754 755 #ifdef CONFIG_BGSCAN 756 757 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s) 758 { 759 const char *name; 760 761 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) 762 name = wpa_s->current_ssid->bgscan; 763 else 764 name = wpa_s->conf->bgscan; 765 if (name == NULL || name[0] == '\0') 766 return; 767 if (wpas_driver_bss_selection(wpa_s)) 768 return; 769 if (wpa_s->current_ssid == wpa_s->bgscan_ssid) 770 return; 771 #ifdef CONFIG_P2P 772 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE) 773 return; 774 #endif /* CONFIG_P2P */ 775 776 bgscan_deinit(wpa_s); 777 if (wpa_s->current_ssid) { 778 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) { 779 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 780 "bgscan"); 781 /* 782 * Live without bgscan; it is only used as a roaming 783 * optimization, so the initial connection is not 784 * affected. 785 */ 786 } else { 787 struct wpa_scan_results *scan_res; 788 wpa_s->bgscan_ssid = wpa_s->current_ssid; 789 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 790 0); 791 if (scan_res) { 792 bgscan_notify_scan(wpa_s, scan_res); 793 wpa_scan_results_free(scan_res); 794 } 795 } 796 } else 797 wpa_s->bgscan_ssid = NULL; 798 } 799 800 801 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) 802 { 803 if (wpa_s->bgscan_ssid != NULL) { 804 bgscan_deinit(wpa_s); 805 wpa_s->bgscan_ssid = NULL; 806 } 807 } 808 809 #endif /* CONFIG_BGSCAN */ 810 811 812 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s) 813 { 814 if (autoscan_init(wpa_s, 0)) 815 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan"); 816 } 817 818 819 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s) 820 { 821 autoscan_deinit(wpa_s); 822 } 823 824 825 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s) 826 { 827 if (wpa_s->wpa_state == WPA_DISCONNECTED || 828 wpa_s->wpa_state == WPA_SCANNING) { 829 autoscan_deinit(wpa_s); 830 wpa_supplicant_start_autoscan(wpa_s); 831 } 832 } 833 834 835 /** 836 * wpa_supplicant_set_state - Set current connection state 837 * @wpa_s: Pointer to wpa_supplicant data 838 * @state: The new connection state 839 * 840 * This function is called whenever the connection state changes, e.g., 841 * association is completed for WPA/WPA2 4-Way Handshake is started. 842 */ 843 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, 844 enum wpa_states state) 845 { 846 enum wpa_states old_state = wpa_s->wpa_state; 847 848 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", 849 wpa_supplicant_state_txt(wpa_s->wpa_state), 850 wpa_supplicant_state_txt(state)); 851 852 if (state == WPA_COMPLETED && 853 os_reltime_initialized(&wpa_s->roam_start)) { 854 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time); 855 wpa_s->roam_start.sec = 0; 856 wpa_s->roam_start.usec = 0; 857 wpas_notify_auth_changed(wpa_s); 858 wpas_notify_roam_time(wpa_s); 859 wpas_notify_roam_complete(wpa_s); 860 } else if (state == WPA_DISCONNECTED && 861 os_reltime_initialized(&wpa_s->roam_start)) { 862 wpa_s->roam_start.sec = 0; 863 wpa_s->roam_start.usec = 0; 864 wpa_s->roam_time.sec = 0; 865 wpa_s->roam_time.usec = 0; 866 wpas_notify_roam_complete(wpa_s); 867 } 868 869 if (state == WPA_INTERFACE_DISABLED) { 870 /* Assure normal scan when interface is restored */ 871 wpa_s->normal_scans = 0; 872 } 873 874 if (state == WPA_COMPLETED) { 875 wpas_connect_work_done(wpa_s); 876 /* Reinitialize normal_scan counter */ 877 wpa_s->normal_scans = 0; 878 } 879 880 #ifdef CONFIG_P2P 881 /* 882 * P2PS client has to reply to Probe Request frames received on the 883 * group operating channel. Enable Probe Request frame reporting for 884 * P2P connected client in case p2p_cli_probe configuration property is 885 * set to 1. 886 */ 887 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid && 888 wpa_s->current_ssid->mode == WPAS_MODE_INFRA && 889 wpa_s->current_ssid->p2p_group) { 890 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) { 891 wpa_dbg(wpa_s, MSG_DEBUG, 892 "P2P: Enable CLI Probe Request RX reporting"); 893 wpa_s->p2p_cli_probe = 894 wpa_drv_probe_req_report(wpa_s, 1) >= 0; 895 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) { 896 wpa_dbg(wpa_s, MSG_DEBUG, 897 "P2P: Disable CLI Probe Request RX reporting"); 898 wpa_s->p2p_cli_probe = 0; 899 wpa_drv_probe_req_report(wpa_s, 0); 900 } 901 } 902 #endif /* CONFIG_P2P */ 903 904 if (state != WPA_SCANNING) 905 wpa_supplicant_notify_scanning(wpa_s, 0); 906 907 if (state == WPA_COMPLETED && wpa_s->new_connection) { 908 struct wpa_ssid *ssid = wpa_s->current_ssid; 909 int fils_hlp_sent = 0; 910 911 #ifdef CONFIG_SME 912 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 913 wpa_auth_alg_fils(wpa_s->sme.auth_alg)) 914 fils_hlp_sent = 1; 915 #endif /* CONFIG_SME */ 916 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 917 wpa_auth_alg_fils(wpa_s->auth_alg)) 918 fils_hlp_sent = 1; 919 920 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) 921 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " 922 MACSTR " completed [id=%d id_str=%s%s]", 923 MAC2STR(wpa_s->bssid), 924 ssid ? ssid->id : -1, 925 ssid && ssid->id_str ? ssid->id_str : "", 926 fils_hlp_sent ? " FILS_HLP_SENT" : ""); 927 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ 928 wpas_clear_temp_disabled(wpa_s, ssid, 1); 929 wpa_blacklist_clear(wpa_s); 930 wpa_s->extra_blacklist_count = 0; 931 wpa_s->new_connection = 0; 932 wpa_drv_set_operstate(wpa_s, 1); 933 #ifndef IEEE8021X_EAPOL 934 wpa_drv_set_supp_port(wpa_s, 1); 935 #endif /* IEEE8021X_EAPOL */ 936 wpa_s->after_wps = 0; 937 wpa_s->known_wps_freq = 0; 938 wpas_p2p_completed(wpa_s); 939 940 sme_sched_obss_scan(wpa_s, 1); 941 942 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 943 if (!fils_hlp_sent && ssid && ssid->eap.erp) 944 wpas_update_fils_connect_params(wpa_s); 945 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 946 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || 947 state == WPA_ASSOCIATED) { 948 wpa_s->new_connection = 1; 949 wpa_drv_set_operstate(wpa_s, 0); 950 #ifndef IEEE8021X_EAPOL 951 wpa_drv_set_supp_port(wpa_s, 0); 952 #endif /* IEEE8021X_EAPOL */ 953 sme_sched_obss_scan(wpa_s, 0); 954 } 955 wpa_s->wpa_state = state; 956 957 #ifdef CONFIG_BGSCAN 958 if (state == WPA_COMPLETED) 959 wpa_supplicant_start_bgscan(wpa_s); 960 else if (state < WPA_ASSOCIATED) 961 wpa_supplicant_stop_bgscan(wpa_s); 962 #endif /* CONFIG_BGSCAN */ 963 964 if (state > WPA_SCANNING) 965 wpa_supplicant_stop_autoscan(wpa_s); 966 967 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE) 968 wpa_supplicant_start_autoscan(wpa_s); 969 970 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED) 971 wmm_ac_notify_disassoc(wpa_s); 972 973 if (wpa_s->wpa_state != old_state) { 974 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 975 976 /* 977 * Notify the P2P Device interface about a state change in one 978 * of the interfaces. 979 */ 980 wpas_p2p_indicate_state_change(wpa_s); 981 982 if (wpa_s->wpa_state == WPA_COMPLETED || 983 old_state == WPA_COMPLETED) 984 wpas_notify_auth_changed(wpa_s); 985 } 986 } 987 988 989 void wpa_supplicant_terminate_proc(struct wpa_global *global) 990 { 991 int pending = 0; 992 #ifdef CONFIG_WPS 993 struct wpa_supplicant *wpa_s = global->ifaces; 994 while (wpa_s) { 995 struct wpa_supplicant *next = wpa_s->next; 996 if (wpas_wps_terminate_pending(wpa_s) == 1) 997 pending = 1; 998 #ifdef CONFIG_P2P 999 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE || 1000 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group)) 1001 wpas_p2p_disconnect(wpa_s); 1002 #endif /* CONFIG_P2P */ 1003 wpa_s = next; 1004 } 1005 #endif /* CONFIG_WPS */ 1006 if (pending) 1007 return; 1008 eloop_terminate(); 1009 } 1010 1011 1012 static void wpa_supplicant_terminate(int sig, void *signal_ctx) 1013 { 1014 struct wpa_global *global = signal_ctx; 1015 wpa_supplicant_terminate_proc(global); 1016 } 1017 1018 1019 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) 1020 { 1021 enum wpa_states old_state = wpa_s->wpa_state; 1022 1023 wpa_s->pairwise_cipher = 0; 1024 wpa_s->group_cipher = 0; 1025 wpa_s->mgmt_group_cipher = 0; 1026 wpa_s->key_mgmt = 0; 1027 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) 1028 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 1029 1030 if (wpa_s->wpa_state != old_state) 1031 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 1032 } 1033 1034 1035 /** 1036 * wpa_supplicant_reload_configuration - Reload configuration data 1037 * @wpa_s: Pointer to wpa_supplicant data 1038 * Returns: 0 on success or -1 if configuration parsing failed 1039 * 1040 * This function can be used to request that the configuration data is reloaded 1041 * (e.g., after configuration file change). This function is reloading 1042 * configuration only for one interface, so this may need to be called multiple 1043 * times if %wpa_supplicant is controlling multiple interfaces and all 1044 * interfaces need reconfiguration. 1045 */ 1046 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) 1047 { 1048 struct wpa_config *conf; 1049 int reconf_ctrl; 1050 int old_ap_scan; 1051 1052 if (wpa_s->confname == NULL) 1053 return -1; 1054 conf = wpa_config_read(wpa_s->confname, NULL); 1055 if (conf == NULL) { 1056 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " 1057 "file '%s' - exiting", wpa_s->confname); 1058 return -1; 1059 } 1060 if (wpa_s->confanother && 1061 !wpa_config_read(wpa_s->confanother, conf)) { 1062 wpa_msg(wpa_s, MSG_ERROR, 1063 "Failed to parse the configuration file '%s' - exiting", 1064 wpa_s->confanother); 1065 return -1; 1066 } 1067 1068 conf->changed_parameters = (unsigned int) -1; 1069 1070 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface 1071 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && 1072 os_strcmp(conf->ctrl_interface, 1073 wpa_s->conf->ctrl_interface) != 0); 1074 1075 if (reconf_ctrl && wpa_s->ctrl_iface) { 1076 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); 1077 wpa_s->ctrl_iface = NULL; 1078 } 1079 1080 eapol_sm_invalidate_cached_session(wpa_s->eapol); 1081 if (wpa_s->current_ssid) { 1082 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 1083 wpa_s->own_disconnect_req = 1; 1084 wpa_supplicant_deauthenticate(wpa_s, 1085 WLAN_REASON_DEAUTH_LEAVING); 1086 } 1087 1088 /* 1089 * TODO: should notify EAPOL SM about changes in opensc_engine_path, 1090 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers. 1091 */ 1092 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 1093 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE || 1094 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { 1095 /* 1096 * Clear forced success to clear EAP state for next 1097 * authentication. 1098 */ 1099 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); 1100 } 1101 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 1102 wpa_sm_set_config(wpa_s->wpa, NULL); 1103 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); 1104 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 1105 rsn_preauth_deinit(wpa_s->wpa); 1106 1107 old_ap_scan = wpa_s->conf->ap_scan; 1108 wpa_config_free(wpa_s->conf); 1109 wpa_s->conf = conf; 1110 if (old_ap_scan != wpa_s->conf->ap_scan) 1111 wpas_notify_ap_scan_changed(wpa_s); 1112 1113 if (reconf_ctrl) 1114 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 1115 1116 wpa_supplicant_update_config(wpa_s); 1117 1118 wpa_supplicant_clear_status(wpa_s); 1119 if (wpa_supplicant_enabled_networks(wpa_s)) { 1120 wpa_s->reassociate = 1; 1121 wpa_supplicant_req_scan(wpa_s, 0, 0); 1122 } 1123 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); 1124 return 0; 1125 } 1126 1127 1128 static void wpa_supplicant_reconfig(int sig, void *signal_ctx) 1129 { 1130 struct wpa_global *global = signal_ctx; 1131 struct wpa_supplicant *wpa_s; 1132 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 1133 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", 1134 sig); 1135 if (wpa_supplicant_reload_configuration(wpa_s) < 0) { 1136 wpa_supplicant_terminate_proc(global); 1137 } 1138 } 1139 1140 if (wpa_debug_reopen_file() < 0) { 1141 /* Ignore errors since we cannot really do much to fix this */ 1142 wpa_printf(MSG_DEBUG, "Could not reopen debug log file"); 1143 } 1144 } 1145 1146 1147 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, 1148 struct wpa_ssid *ssid, 1149 struct wpa_ie_data *ie) 1150 { 1151 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); 1152 if (ret) { 1153 if (ret == -2) { 1154 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " 1155 "from association info"); 1156 } 1157 return -1; 1158 } 1159 1160 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " 1161 "cipher suites"); 1162 if (!(ie->group_cipher & ssid->group_cipher)) { 1163 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " 1164 "cipher 0x%x (mask 0x%x) - reject", 1165 ie->group_cipher, ssid->group_cipher); 1166 return -1; 1167 } 1168 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { 1169 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " 1170 "cipher 0x%x (mask 0x%x) - reject", 1171 ie->pairwise_cipher, ssid->pairwise_cipher); 1172 return -1; 1173 } 1174 if (!(ie->key_mgmt & ssid->key_mgmt)) { 1175 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " 1176 "management 0x%x (mask 0x%x) - reject", 1177 ie->key_mgmt, ssid->key_mgmt); 1178 return -1; 1179 } 1180 1181 #ifdef CONFIG_IEEE80211W 1182 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && 1183 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { 1184 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " 1185 "that does not support management frame protection - " 1186 "reject"); 1187 return -1; 1188 } 1189 #endif /* CONFIG_IEEE80211W */ 1190 1191 return 0; 1192 } 1193 1194 1195 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie, 1196 int freq) 1197 { 1198 if (!ie->has_group) 1199 ie->group_cipher = wpa_default_rsn_cipher(freq); 1200 if (!ie->has_pairwise) 1201 ie->pairwise_cipher = wpa_default_rsn_cipher(freq); 1202 return (ie->group_cipher & ssid->group_cipher) && 1203 (ie->pairwise_cipher & ssid->pairwise_cipher); 1204 } 1205 1206 1207 /** 1208 * wpa_supplicant_set_suites - Set authentication and encryption parameters 1209 * @wpa_s: Pointer to wpa_supplicant data 1210 * @bss: Scan results for the selected BSS, or %NULL if not available 1211 * @ssid: Configuration data for the selected network 1212 * @wpa_ie: Buffer for the WPA/RSN IE 1213 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the 1214 * used buffer length in case the functions returns success. 1215 * Returns: 0 on success or -1 on failure 1216 * 1217 * This function is used to configure authentication and encryption parameters 1218 * based on the network configuration and scan result for the selected BSS (if 1219 * available). 1220 */ 1221 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, 1222 struct wpa_bss *bss, struct wpa_ssid *ssid, 1223 u8 *wpa_ie, size_t *wpa_ie_len) 1224 { 1225 struct wpa_ie_data ie; 1226 int sel, proto; 1227 const u8 *bss_wpa, *bss_rsn, *bss_osen; 1228 1229 if (bss) { 1230 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 1231 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 1232 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE); 1233 } else 1234 bss_wpa = bss_rsn = bss_osen = NULL; 1235 1236 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && 1237 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && 1238 matching_ciphers(ssid, &ie, bss->freq) && 1239 (ie.key_mgmt & ssid->key_mgmt)) { 1240 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); 1241 proto = WPA_PROTO_RSN; 1242 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && 1243 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 && 1244 (ie.group_cipher & ssid->group_cipher) && 1245 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1246 (ie.key_mgmt & ssid->key_mgmt)) { 1247 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); 1248 proto = WPA_PROTO_WPA; 1249 #ifdef CONFIG_HS20 1250 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) && 1251 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 && 1252 (ie.group_cipher & ssid->group_cipher) && 1253 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1254 (ie.key_mgmt & ssid->key_mgmt)) { 1255 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN"); 1256 proto = WPA_PROTO_OSEN; 1257 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) && 1258 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && 1259 (ie.group_cipher & ssid->group_cipher) && 1260 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1261 (ie.key_mgmt & ssid->key_mgmt)) { 1262 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)"); 1263 proto = WPA_PROTO_RSN; 1264 #endif /* CONFIG_HS20 */ 1265 } else if (bss) { 1266 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); 1267 wpa_dbg(wpa_s, MSG_DEBUG, 1268 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1269 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher, 1270 ssid->key_mgmt); 1271 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s", 1272 MAC2STR(bss->bssid), 1273 wpa_ssid_txt(bss->ssid, bss->ssid_len), 1274 bss_wpa ? " WPA" : "", 1275 bss_rsn ? " RSN" : "", 1276 bss_osen ? " OSEN" : ""); 1277 if (bss_rsn) { 1278 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]); 1279 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) { 1280 wpa_dbg(wpa_s, MSG_DEBUG, 1281 "Could not parse RSN element"); 1282 } else { 1283 wpa_dbg(wpa_s, MSG_DEBUG, 1284 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1285 ie.pairwise_cipher, ie.group_cipher, 1286 ie.key_mgmt); 1287 } 1288 } 1289 if (bss_wpa) { 1290 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]); 1291 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) { 1292 wpa_dbg(wpa_s, MSG_DEBUG, 1293 "Could not parse WPA element"); 1294 } else { 1295 wpa_dbg(wpa_s, MSG_DEBUG, 1296 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1297 ie.pairwise_cipher, ie.group_cipher, 1298 ie.key_mgmt); 1299 } 1300 } 1301 return -1; 1302 } else { 1303 if (ssid->proto & WPA_PROTO_OSEN) 1304 proto = WPA_PROTO_OSEN; 1305 else if (ssid->proto & WPA_PROTO_RSN) 1306 proto = WPA_PROTO_RSN; 1307 else 1308 proto = WPA_PROTO_WPA; 1309 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { 1310 os_memset(&ie, 0, sizeof(ie)); 1311 ie.group_cipher = ssid->group_cipher; 1312 ie.pairwise_cipher = ssid->pairwise_cipher; 1313 ie.key_mgmt = ssid->key_mgmt; 1314 #ifdef CONFIG_IEEE80211W 1315 ie.mgmt_group_cipher = 0; 1316 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) { 1317 if (ssid->group_mgmt_cipher & 1318 WPA_CIPHER_BIP_GMAC_256) 1319 ie.mgmt_group_cipher = 1320 WPA_CIPHER_BIP_GMAC_256; 1321 else if (ssid->group_mgmt_cipher & 1322 WPA_CIPHER_BIP_CMAC_256) 1323 ie.mgmt_group_cipher = 1324 WPA_CIPHER_BIP_CMAC_256; 1325 else if (ssid->group_mgmt_cipher & 1326 WPA_CIPHER_BIP_GMAC_128) 1327 ie.mgmt_group_cipher = 1328 WPA_CIPHER_BIP_GMAC_128; 1329 else 1330 ie.mgmt_group_cipher = 1331 WPA_CIPHER_AES_128_CMAC; 1332 } 1333 #endif /* CONFIG_IEEE80211W */ 1334 #ifdef CONFIG_OWE 1335 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && 1336 !ssid->owe_only && 1337 !bss_wpa && !bss_rsn && !bss_osen) { 1338 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 1339 wpa_s->wpa_proto = 0; 1340 *wpa_ie_len = 0; 1341 return 0; 1342 } 1343 #endif /* CONFIG_OWE */ 1344 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " 1345 "based on configuration"); 1346 } else 1347 proto = ie.proto; 1348 } 1349 1350 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " 1351 "pairwise %d key_mgmt %d proto %d", 1352 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); 1353 #ifdef CONFIG_IEEE80211W 1354 if (ssid->ieee80211w) { 1355 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", 1356 ie.mgmt_group_cipher); 1357 } 1358 #endif /* CONFIG_IEEE80211W */ 1359 1360 wpa_s->wpa_proto = proto; 1361 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); 1362 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 1363 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN))); 1364 1365 if (bss || !wpa_s->ap_ies_from_associnfo) { 1366 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, 1367 bss_wpa ? 2 + bss_wpa[1] : 0) || 1368 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, 1369 bss_rsn ? 2 + bss_rsn[1] : 0)) 1370 return -1; 1371 } 1372 1373 #ifdef CONFIG_NO_WPA 1374 wpa_s->group_cipher = WPA_CIPHER_NONE; 1375 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 1376 #else /* CONFIG_NO_WPA */ 1377 sel = ie.group_cipher & ssid->group_cipher; 1378 wpa_dbg(wpa_s, MSG_DEBUG, 1379 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x", 1380 ie.group_cipher, ssid->group_cipher, sel); 1381 wpa_s->group_cipher = wpa_pick_group_cipher(sel); 1382 if (wpa_s->group_cipher < 0) { 1383 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " 1384 "cipher"); 1385 return -1; 1386 } 1387 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s", 1388 wpa_cipher_txt(wpa_s->group_cipher)); 1389 1390 sel = ie.pairwise_cipher & ssid->pairwise_cipher; 1391 wpa_dbg(wpa_s, MSG_DEBUG, 1392 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x", 1393 ie.pairwise_cipher, ssid->pairwise_cipher, sel); 1394 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1); 1395 if (wpa_s->pairwise_cipher < 0) { 1396 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " 1397 "cipher"); 1398 return -1; 1399 } 1400 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s", 1401 wpa_cipher_txt(wpa_s->pairwise_cipher)); 1402 #endif /* CONFIG_NO_WPA */ 1403 1404 sel = ie.key_mgmt & ssid->key_mgmt; 1405 wpa_dbg(wpa_s, MSG_DEBUG, 1406 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x", 1407 ie.key_mgmt, ssid->key_mgmt, sel); 1408 #ifdef CONFIG_SAE 1409 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) 1410 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE); 1411 #endif /* CONFIG_SAE */ 1412 if (0) { 1413 #ifdef CONFIG_IEEE80211R 1414 #ifdef CONFIG_SHA384 1415 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) { 1416 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; 1417 wpa_dbg(wpa_s, MSG_DEBUG, 1418 "WPA: using KEY_MGMT FT/802.1X-SHA384"); 1419 if (pmksa_cache_get_current(wpa_s->wpa)) { 1420 /* PMKSA caching with FT is not fully functional, so 1421 * disable the case for now. */ 1422 wpa_dbg(wpa_s, MSG_DEBUG, 1423 "WPA: Disable PMKSA caching for FT/802.1X connection"); 1424 pmksa_cache_clear_current(wpa_s->wpa); 1425 } 1426 #endif /* CONFIG_SHA384 */ 1427 #endif /* CONFIG_IEEE80211R */ 1428 #ifdef CONFIG_SUITEB192 1429 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { 1430 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; 1431 wpa_dbg(wpa_s, MSG_DEBUG, 1432 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)"); 1433 #endif /* CONFIG_SUITEB192 */ 1434 #ifdef CONFIG_SUITEB 1435 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { 1436 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B; 1437 wpa_dbg(wpa_s, MSG_DEBUG, 1438 "WPA: using KEY_MGMT 802.1X with Suite B"); 1439 #endif /* CONFIG_SUITEB */ 1440 #ifdef CONFIG_FILS 1441 #ifdef CONFIG_IEEE80211R 1442 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) { 1443 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384; 1444 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384"); 1445 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) { 1446 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256; 1447 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256"); 1448 #endif /* CONFIG_IEEE80211R */ 1449 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) { 1450 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384; 1451 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384"); 1452 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) { 1453 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256; 1454 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256"); 1455 #endif /* CONFIG_FILS */ 1456 #ifdef CONFIG_IEEE80211R 1457 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) { 1458 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; 1459 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); 1460 if (pmksa_cache_get_current(wpa_s->wpa)) { 1461 /* PMKSA caching with FT is not fully functional, so 1462 * disable the case for now. */ 1463 wpa_dbg(wpa_s, MSG_DEBUG, 1464 "WPA: Disable PMKSA caching for FT/802.1X connection"); 1465 pmksa_cache_clear_current(wpa_s->wpa); 1466 } 1467 #endif /* CONFIG_IEEE80211R */ 1468 #ifdef CONFIG_DPP 1469 } else if (sel & WPA_KEY_MGMT_DPP) { 1470 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP; 1471 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP"); 1472 #endif /* CONFIG_DPP */ 1473 #ifdef CONFIG_SAE 1474 } else if (sel & WPA_KEY_MGMT_FT_SAE) { 1475 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE; 1476 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE"); 1477 } else if (sel & WPA_KEY_MGMT_SAE) { 1478 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; 1479 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE"); 1480 #endif /* CONFIG_SAE */ 1481 #ifdef CONFIG_IEEE80211R 1482 } else if (sel & WPA_KEY_MGMT_FT_PSK) { 1483 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; 1484 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); 1485 #endif /* CONFIG_IEEE80211R */ 1486 #ifdef CONFIG_IEEE80211W 1487 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { 1488 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; 1489 wpa_dbg(wpa_s, MSG_DEBUG, 1490 "WPA: using KEY_MGMT 802.1X with SHA256"); 1491 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { 1492 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; 1493 wpa_dbg(wpa_s, MSG_DEBUG, 1494 "WPA: using KEY_MGMT PSK with SHA256"); 1495 #endif /* CONFIG_IEEE80211W */ 1496 } else if (sel & WPA_KEY_MGMT_IEEE8021X) { 1497 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; 1498 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); 1499 } else if (sel & WPA_KEY_MGMT_PSK) { 1500 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 1501 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); 1502 } else if (sel & WPA_KEY_MGMT_WPA_NONE) { 1503 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; 1504 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); 1505 #ifdef CONFIG_HS20 1506 } else if (sel & WPA_KEY_MGMT_OSEN) { 1507 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN; 1508 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN"); 1509 #endif /* CONFIG_HS20 */ 1510 #ifdef CONFIG_OWE 1511 } else if (sel & WPA_KEY_MGMT_OWE) { 1512 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE; 1513 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE"); 1514 #endif /* CONFIG_OWE */ 1515 } else { 1516 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " 1517 "authenticated key management type"); 1518 return -1; 1519 } 1520 1521 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 1522 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 1523 wpa_s->pairwise_cipher); 1524 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 1525 1526 #ifdef CONFIG_IEEE80211W 1527 sel = ie.mgmt_group_cipher; 1528 if (ssid->group_mgmt_cipher) 1529 sel &= ssid->group_mgmt_cipher; 1530 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION || 1531 !(ie.capabilities & WPA_CAPABILITY_MFPC)) 1532 sel = 0; 1533 wpa_dbg(wpa_s, MSG_DEBUG, 1534 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x", 1535 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel); 1536 if (sel & WPA_CIPHER_AES_128_CMAC) { 1537 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; 1538 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1539 "AES-128-CMAC"); 1540 } else if (sel & WPA_CIPHER_BIP_GMAC_128) { 1541 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128; 1542 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1543 "BIP-GMAC-128"); 1544 } else if (sel & WPA_CIPHER_BIP_GMAC_256) { 1545 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256; 1546 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1547 "BIP-GMAC-256"); 1548 } else if (sel & WPA_CIPHER_BIP_CMAC_256) { 1549 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256; 1550 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1551 "BIP-CMAC-256"); 1552 } else { 1553 wpa_s->mgmt_group_cipher = 0; 1554 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); 1555 } 1556 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 1557 wpa_s->mgmt_group_cipher); 1558 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, 1559 wpas_get_ssid_pmf(wpa_s, ssid)); 1560 #endif /* CONFIG_IEEE80211W */ 1561 #ifdef CONFIG_OCV 1562 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv); 1563 #endif /* CONFIG_OCV */ 1564 1565 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { 1566 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE"); 1567 return -1; 1568 } 1569 1570 if (0) { 1571 #ifdef CONFIG_DPP 1572 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { 1573 /* Use PMK from DPP network introduction (PMKSA entry) */ 1574 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 1575 #endif /* CONFIG_DPP */ 1576 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { 1577 int psk_set = 0; 1578 int sae_only; 1579 1580 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | 1581 WPA_KEY_MGMT_FT_PSK | 1582 WPA_KEY_MGMT_PSK_SHA256)) == 0; 1583 1584 if (ssid->psk_set && !sae_only) { 1585 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)", 1586 ssid->psk, PMK_LEN); 1587 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL, 1588 NULL); 1589 psk_set = 1; 1590 } 1591 1592 if (wpa_key_mgmt_sae(ssid->key_mgmt) && 1593 (ssid->sae_password || ssid->passphrase)) 1594 psk_set = 1; 1595 1596 #ifndef CONFIG_NO_PBKDF2 1597 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && 1598 ssid->passphrase && !sae_only) { 1599 u8 psk[PMK_LEN]; 1600 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, 1601 4096, psk, PMK_LEN); 1602 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", 1603 psk, PMK_LEN); 1604 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL); 1605 psk_set = 1; 1606 os_memset(psk, 0, sizeof(psk)); 1607 } 1608 #endif /* CONFIG_NO_PBKDF2 */ 1609 #ifdef CONFIG_EXT_PASSWORD 1610 if (ssid->ext_psk && !sae_only) { 1611 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, 1612 ssid->ext_psk); 1613 char pw_str[64 + 1]; 1614 u8 psk[PMK_LEN]; 1615 1616 if (pw == NULL) { 1617 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK " 1618 "found from external storage"); 1619 return -1; 1620 } 1621 1622 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) { 1623 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected " 1624 "PSK length %d in external storage", 1625 (int) wpabuf_len(pw)); 1626 ext_password_free(pw); 1627 return -1; 1628 } 1629 1630 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw)); 1631 pw_str[wpabuf_len(pw)] = '\0'; 1632 1633 #ifndef CONFIG_NO_PBKDF2 1634 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss) 1635 { 1636 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len, 1637 4096, psk, PMK_LEN); 1638 os_memset(pw_str, 0, sizeof(pw_str)); 1639 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from " 1640 "external passphrase)", 1641 psk, PMK_LEN); 1642 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, 1643 NULL); 1644 psk_set = 1; 1645 os_memset(psk, 0, sizeof(psk)); 1646 } else 1647 #endif /* CONFIG_NO_PBKDF2 */ 1648 if (wpabuf_len(pw) == 2 * PMK_LEN) { 1649 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) { 1650 wpa_msg(wpa_s, MSG_INFO, "EXT PW: " 1651 "Invalid PSK hex string"); 1652 os_memset(pw_str, 0, sizeof(pw_str)); 1653 ext_password_free(pw); 1654 return -1; 1655 } 1656 wpa_hexdump_key(MSG_MSGDUMP, 1657 "PSK (from external PSK)", 1658 psk, PMK_LEN); 1659 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, 1660 NULL); 1661 psk_set = 1; 1662 os_memset(psk, 0, sizeof(psk)); 1663 } else { 1664 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable " 1665 "PSK available"); 1666 os_memset(pw_str, 0, sizeof(pw_str)); 1667 ext_password_free(pw); 1668 return -1; 1669 } 1670 1671 os_memset(pw_str, 0, sizeof(pw_str)); 1672 ext_password_free(pw); 1673 } 1674 #endif /* CONFIG_EXT_PASSWORD */ 1675 1676 if (!psk_set) { 1677 wpa_msg(wpa_s, MSG_INFO, 1678 "No PSK available for association"); 1679 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE"); 1680 return -1; 1681 } 1682 #ifdef CONFIG_OWE 1683 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) { 1684 /* OWE Diffie-Hellman exchange in (Re)Association 1685 * Request/Response frames set the PMK, so do not override it 1686 * here. */ 1687 #endif /* CONFIG_OWE */ 1688 } else 1689 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 1690 1691 return 0; 1692 } 1693 1694 1695 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) 1696 { 1697 *pos = 0x00; 1698 1699 switch (idx) { 1700 case 0: /* Bits 0-7 */ 1701 break; 1702 case 1: /* Bits 8-15 */ 1703 if (wpa_s->conf->coloc_intf_reporting) { 1704 /* Bit 13 - Collocated Interference Reporting */ 1705 *pos |= 0x20; 1706 } 1707 break; 1708 case 2: /* Bits 16-23 */ 1709 #ifdef CONFIG_WNM 1710 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */ 1711 *pos |= 0x08; /* Bit 19 - BSS Transition */ 1712 #endif /* CONFIG_WNM */ 1713 break; 1714 case 3: /* Bits 24-31 */ 1715 #ifdef CONFIG_WNM 1716 *pos |= 0x02; /* Bit 25 - SSID List */ 1717 #endif /* CONFIG_WNM */ 1718 #ifdef CONFIG_INTERWORKING 1719 if (wpa_s->conf->interworking) 1720 *pos |= 0x80; /* Bit 31 - Interworking */ 1721 #endif /* CONFIG_INTERWORKING */ 1722 break; 1723 case 4: /* Bits 32-39 */ 1724 #ifdef CONFIG_INTERWORKING 1725 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING) 1726 *pos |= 0x01; /* Bit 32 - QoS Map */ 1727 #endif /* CONFIG_INTERWORKING */ 1728 break; 1729 case 5: /* Bits 40-47 */ 1730 #ifdef CONFIG_HS20 1731 if (wpa_s->conf->hs20) 1732 *pos |= 0x40; /* Bit 46 - WNM-Notification */ 1733 #endif /* CONFIG_HS20 */ 1734 #ifdef CONFIG_MBO 1735 *pos |= 0x40; /* Bit 46 - WNM-Notification */ 1736 #endif /* CONFIG_MBO */ 1737 break; 1738 case 6: /* Bits 48-55 */ 1739 break; 1740 case 7: /* Bits 56-63 */ 1741 break; 1742 case 8: /* Bits 64-71 */ 1743 if (wpa_s->conf->ftm_responder) 1744 *pos |= 0x40; /* Bit 70 - FTM responder */ 1745 if (wpa_s->conf->ftm_initiator) 1746 *pos |= 0x80; /* Bit 71 - FTM initiator */ 1747 break; 1748 case 9: /* Bits 72-79 */ 1749 #ifdef CONFIG_FILS 1750 if (!wpa_s->disable_fils) 1751 *pos |= 0x01; 1752 #endif /* CONFIG_FILS */ 1753 break; 1754 } 1755 } 1756 1757 1758 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen) 1759 { 1760 u8 *pos = buf; 1761 u8 len = 10, i; 1762 1763 if (len < wpa_s->extended_capa_len) 1764 len = wpa_s->extended_capa_len; 1765 if (buflen < (size_t) len + 2) { 1766 wpa_printf(MSG_INFO, 1767 "Not enough room for building extended capabilities element"); 1768 return -1; 1769 } 1770 1771 *pos++ = WLAN_EID_EXT_CAPAB; 1772 *pos++ = len; 1773 for (i = 0; i < len; i++, pos++) { 1774 wpas_ext_capab_byte(wpa_s, pos, i); 1775 1776 if (i < wpa_s->extended_capa_len) { 1777 *pos &= ~wpa_s->extended_capa_mask[i]; 1778 *pos |= wpa_s->extended_capa[i]; 1779 } 1780 } 1781 1782 while (len > 0 && buf[1 + len] == 0) { 1783 len--; 1784 buf[1] = len; 1785 } 1786 if (len == 0) 1787 return 0; 1788 1789 return 2 + len; 1790 } 1791 1792 1793 static int wpas_valid_bss(struct wpa_supplicant *wpa_s, 1794 struct wpa_bss *test_bss) 1795 { 1796 struct wpa_bss *bss; 1797 1798 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 1799 if (bss == test_bss) 1800 return 1; 1801 } 1802 1803 return 0; 1804 } 1805 1806 1807 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s, 1808 struct wpa_ssid *test_ssid) 1809 { 1810 struct wpa_ssid *ssid; 1811 1812 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { 1813 if (ssid == test_ssid) 1814 return 1; 1815 } 1816 1817 return 0; 1818 } 1819 1820 1821 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss, 1822 struct wpa_ssid *test_ssid) 1823 { 1824 if (test_bss && !wpas_valid_bss(wpa_s, test_bss)) 1825 return 0; 1826 1827 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid); 1828 } 1829 1830 1831 void wpas_connect_work_free(struct wpa_connect_work *cwork) 1832 { 1833 if (cwork == NULL) 1834 return; 1835 os_free(cwork); 1836 } 1837 1838 1839 void wpas_connect_work_done(struct wpa_supplicant *wpa_s) 1840 { 1841 struct wpa_connect_work *cwork; 1842 struct wpa_radio_work *work = wpa_s->connect_work; 1843 1844 if (!work) 1845 return; 1846 1847 wpa_s->connect_work = NULL; 1848 cwork = work->ctx; 1849 work->ctx = NULL; 1850 wpas_connect_work_free(cwork); 1851 radio_work_done(work); 1852 } 1853 1854 1855 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style) 1856 { 1857 struct os_reltime now; 1858 u8 addr[ETH_ALEN]; 1859 1860 os_get_reltime(&now); 1861 if (wpa_s->last_mac_addr_style == style && 1862 wpa_s->last_mac_addr_change.sec != 0 && 1863 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change, 1864 wpa_s->conf->rand_addr_lifetime)) { 1865 wpa_msg(wpa_s, MSG_DEBUG, 1866 "Previously selected random MAC address has not yet expired"); 1867 return 0; 1868 } 1869 1870 switch (style) { 1871 case 1: 1872 if (random_mac_addr(addr) < 0) 1873 return -1; 1874 break; 1875 case 2: 1876 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN); 1877 if (random_mac_addr_keep_oui(addr) < 0) 1878 return -1; 1879 break; 1880 default: 1881 return -1; 1882 } 1883 1884 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) { 1885 wpa_msg(wpa_s, MSG_INFO, 1886 "Failed to set random MAC address"); 1887 return -1; 1888 } 1889 1890 os_get_reltime(&wpa_s->last_mac_addr_change); 1891 wpa_s->mac_addr_changed = 1; 1892 wpa_s->last_mac_addr_style = style; 1893 1894 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { 1895 wpa_msg(wpa_s, MSG_INFO, 1896 "Could not update MAC address information"); 1897 return -1; 1898 } 1899 1900 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR, 1901 MAC2STR(addr)); 1902 1903 return 0; 1904 } 1905 1906 1907 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s) 1908 { 1909 if (wpa_s->wpa_state >= WPA_AUTHENTICATING || 1910 !wpa_s->conf->preassoc_mac_addr) 1911 return 0; 1912 1913 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr); 1914 } 1915 1916 1917 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit); 1918 1919 /** 1920 * wpa_supplicant_associate - Request association 1921 * @wpa_s: Pointer to wpa_supplicant data 1922 * @bss: Scan results for the selected BSS, or %NULL if not available 1923 * @ssid: Configuration data for the selected network 1924 * 1925 * This function is used to request %wpa_supplicant to associate with a BSS. 1926 */ 1927 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, 1928 struct wpa_bss *bss, struct wpa_ssid *ssid) 1929 { 1930 struct wpa_connect_work *cwork; 1931 int rand_style; 1932 1933 wpa_s->own_disconnect_req = 0; 1934 1935 /* 1936 * If we are starting a new connection, any previously pending EAPOL 1937 * RX cannot be valid anymore. 1938 */ 1939 wpabuf_free(wpa_s->pending_eapol_rx); 1940 wpa_s->pending_eapol_rx = NULL; 1941 1942 if (ssid->mac_addr == -1) 1943 rand_style = wpa_s->conf->mac_addr; 1944 else 1945 rand_style = ssid->mac_addr; 1946 1947 wmm_ac_clear_saved_tspecs(wpa_s); 1948 wpa_s->reassoc_same_bss = 0; 1949 wpa_s->reassoc_same_ess = 0; 1950 #ifdef CONFIG_TESTING_OPTIONS 1951 wpa_s->testing_resend_assoc = 0; 1952 #endif /* CONFIG_TESTING_OPTIONS */ 1953 1954 if (wpa_s->last_ssid == ssid) { 1955 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS"); 1956 wpa_s->reassoc_same_ess = 1; 1957 if (wpa_s->current_bss && wpa_s->current_bss == bss) { 1958 wmm_ac_save_tspecs(wpa_s); 1959 wpa_s->reassoc_same_bss = 1; 1960 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) { 1961 os_get_reltime(&wpa_s->roam_start); 1962 } 1963 } 1964 1965 if (rand_style > 0 && !wpa_s->reassoc_same_ess) { 1966 if (wpas_update_random_addr(wpa_s, rand_style) < 0) 1967 return; 1968 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); 1969 } else if (rand_style == 0 && wpa_s->mac_addr_changed) { 1970 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) { 1971 wpa_msg(wpa_s, MSG_INFO, 1972 "Could not restore permanent MAC address"); 1973 return; 1974 } 1975 wpa_s->mac_addr_changed = 0; 1976 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { 1977 wpa_msg(wpa_s, MSG_INFO, 1978 "Could not update MAC address information"); 1979 return; 1980 } 1981 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address"); 1982 } 1983 wpa_s->last_ssid = ssid; 1984 1985 #ifdef CONFIG_IBSS_RSN 1986 ibss_rsn_deinit(wpa_s->ibss_rsn); 1987 wpa_s->ibss_rsn = NULL; 1988 #else /* CONFIG_IBSS_RSN */ 1989 if (ssid->mode == WPAS_MODE_IBSS && 1990 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) { 1991 wpa_msg(wpa_s, MSG_INFO, 1992 "IBSS RSN not supported in the build"); 1993 return; 1994 } 1995 #endif /* CONFIG_IBSS_RSN */ 1996 1997 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || 1998 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 1999 #ifdef CONFIG_AP 2000 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { 2001 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " 2002 "mode"); 2003 return; 2004 } 2005 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) { 2006 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 2007 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 2008 wpas_p2p_ap_setup_failed(wpa_s); 2009 return; 2010 } 2011 wpa_s->current_bss = bss; 2012 #else /* CONFIG_AP */ 2013 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " 2014 "the build"); 2015 #endif /* CONFIG_AP */ 2016 return; 2017 } 2018 2019 if (ssid->mode == WPAS_MODE_MESH) { 2020 #ifdef CONFIG_MESH 2021 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) { 2022 wpa_msg(wpa_s, MSG_INFO, 2023 "Driver does not support mesh mode"); 2024 return; 2025 } 2026 if (bss) 2027 ssid->frequency = bss->freq; 2028 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) { 2029 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh"); 2030 return; 2031 } 2032 wpa_s->current_bss = bss; 2033 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_STARTED "ssid=\"%s\" id=%d", 2034 wpa_ssid_txt(ssid->ssid, ssid->ssid_len), 2035 ssid->id); 2036 wpas_notify_mesh_group_started(wpa_s, ssid); 2037 #else /* CONFIG_MESH */ 2038 wpa_msg(wpa_s, MSG_ERROR, 2039 "mesh mode support not included in the build"); 2040 #endif /* CONFIG_MESH */ 2041 return; 2042 } 2043 2044 /* 2045 * Set WPA state machine configuration to match the selected network now 2046 * so that the information is available before wpas_start_assoc_cb() 2047 * gets called. This is needed at least for RSN pre-authentication where 2048 * candidate APs are added to a list based on scan result processing 2049 * before completion of the first association. 2050 */ 2051 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid); 2052 2053 #ifdef CONFIG_DPP 2054 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0) 2055 return; 2056 #endif /* CONFIG_DPP */ 2057 2058 #ifdef CONFIG_TDLS 2059 if (bss) 2060 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1), 2061 bss->ie_len); 2062 #endif /* CONFIG_TDLS */ 2063 2064 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2065 ssid->mode == IEEE80211_MODE_INFRA) { 2066 sme_authenticate(wpa_s, bss, ssid); 2067 return; 2068 } 2069 2070 if (wpa_s->connect_work) { 2071 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist"); 2072 return; 2073 } 2074 2075 if (radio_work_pending(wpa_s, "connect")) { 2076 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist"); 2077 return; 2078 } 2079 2080 #ifdef CONFIG_SME 2081 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) { 2082 /* Clear possibly set auth_alg, if any, from last attempt. */ 2083 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN; 2084 } 2085 #endif /* CONFIG_SME */ 2086 2087 wpas_abort_ongoing_scan(wpa_s); 2088 2089 cwork = os_zalloc(sizeof(*cwork)); 2090 if (cwork == NULL) 2091 return; 2092 2093 cwork->bss = bss; 2094 cwork->ssid = ssid; 2095 2096 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1, 2097 wpas_start_assoc_cb, cwork) < 0) { 2098 os_free(cwork); 2099 } 2100 } 2101 2102 2103 static int bss_is_ibss(struct wpa_bss *bss) 2104 { 2105 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) == 2106 IEEE80211_CAP_IBSS; 2107 } 2108 2109 2110 static int drv_supports_vht(struct wpa_supplicant *wpa_s, 2111 const struct wpa_ssid *ssid) 2112 { 2113 enum hostapd_hw_mode hw_mode; 2114 struct hostapd_hw_modes *mode = NULL; 2115 u8 channel; 2116 int i; 2117 2118 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel); 2119 if (hw_mode == NUM_HOSTAPD_MODES) 2120 return 0; 2121 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { 2122 if (wpa_s->hw.modes[i].mode == hw_mode) { 2123 mode = &wpa_s->hw.modes[i]; 2124 break; 2125 } 2126 } 2127 2128 if (!mode) 2129 return 0; 2130 2131 return mode->vht_capab != 0; 2132 } 2133 2134 2135 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s, 2136 const struct wpa_ssid *ssid, 2137 struct hostapd_freq_params *freq) 2138 { 2139 enum hostapd_hw_mode hw_mode; 2140 struct hostapd_hw_modes *mode = NULL; 2141 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 2142 184, 192 }; 2143 int vht80[] = { 36, 52, 100, 116, 132, 149 }; 2144 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; 2145 u8 channel; 2146 int i, chan_idx, ht40 = -1, res, obss_scan = 1; 2147 unsigned int j, k; 2148 struct hostapd_freq_params vht_freq; 2149 int chwidth, seg0, seg1; 2150 u32 vht_caps = 0; 2151 2152 freq->freq = ssid->frequency; 2153 2154 for (j = 0; j < wpa_s->last_scan_res_used; j++) { 2155 struct wpa_bss *bss = wpa_s->last_scan_res[j]; 2156 2157 if (ssid->mode != WPAS_MODE_IBSS) 2158 break; 2159 2160 /* Don't adjust control freq in case of fixed_freq */ 2161 if (ssid->fixed_freq) 2162 break; 2163 2164 if (!bss_is_ibss(bss)) 2165 continue; 2166 2167 if (ssid->ssid_len == bss->ssid_len && 2168 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) { 2169 wpa_printf(MSG_DEBUG, 2170 "IBSS already found in scan results, adjust control freq: %d", 2171 bss->freq); 2172 freq->freq = bss->freq; 2173 obss_scan = 0; 2174 break; 2175 } 2176 } 2177 2178 /* For IBSS check HT_IBSS flag */ 2179 if (ssid->mode == WPAS_MODE_IBSS && 2180 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS)) 2181 return; 2182 2183 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 || 2184 wpa_s->group_cipher == WPA_CIPHER_WEP104 || 2185 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) { 2186 wpa_printf(MSG_DEBUG, 2187 "IBSS: WEP/TKIP detected, do not try to enable HT"); 2188 return; 2189 } 2190 2191 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); 2192 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { 2193 if (wpa_s->hw.modes[i].mode == hw_mode) { 2194 mode = &wpa_s->hw.modes[i]; 2195 break; 2196 } 2197 } 2198 2199 if (!mode) 2200 return; 2201 2202 #ifdef CONFIG_HT_OVERRIDES 2203 if (ssid->disable_ht) { 2204 freq->ht_enabled = 0; 2205 return; 2206 } 2207 #endif /* CONFIG_HT_OVERRIDES */ 2208 2209 freq->ht_enabled = ht_supported(mode); 2210 if (!freq->ht_enabled) 2211 return; 2212 2213 /* Setup higher BW only for 5 GHz */ 2214 if (mode->mode != HOSTAPD_MODE_IEEE80211A) 2215 return; 2216 2217 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) { 2218 pri_chan = &mode->channels[chan_idx]; 2219 if (pri_chan->chan == channel) 2220 break; 2221 pri_chan = NULL; 2222 } 2223 if (!pri_chan) 2224 return; 2225 2226 /* Check primary channel flags */ 2227 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 2228 return; 2229 2230 freq->channel = pri_chan->chan; 2231 2232 #ifdef CONFIG_HT_OVERRIDES 2233 if (ssid->disable_ht40) { 2234 if (ssid->disable_vht) 2235 return; 2236 goto skip_ht40; 2237 } 2238 #endif /* CONFIG_HT_OVERRIDES */ 2239 2240 /* Check/setup HT40+/HT40- */ 2241 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) { 2242 if (ht40plus[j] == channel) { 2243 ht40 = 1; 2244 break; 2245 } 2246 } 2247 2248 /* Find secondary channel */ 2249 for (i = 0; i < mode->num_channels; i++) { 2250 sec_chan = &mode->channels[i]; 2251 if (sec_chan->chan == channel + ht40 * 4) 2252 break; 2253 sec_chan = NULL; 2254 } 2255 if (!sec_chan) 2256 return; 2257 2258 /* Check secondary channel flags */ 2259 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 2260 return; 2261 2262 if (ht40 == -1) { 2263 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) 2264 return; 2265 } else { 2266 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS)) 2267 return; 2268 } 2269 freq->sec_channel_offset = ht40; 2270 2271 if (obss_scan) { 2272 struct wpa_scan_results *scan_res; 2273 2274 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0); 2275 if (scan_res == NULL) { 2276 /* Back to HT20 */ 2277 freq->sec_channel_offset = 0; 2278 return; 2279 } 2280 2281 res = check_40mhz_5g(mode, scan_res, pri_chan->chan, 2282 sec_chan->chan); 2283 switch (res) { 2284 case 0: 2285 /* Back to HT20 */ 2286 freq->sec_channel_offset = 0; 2287 break; 2288 case 1: 2289 /* Configuration allowed */ 2290 break; 2291 case 2: 2292 /* Switch pri/sec channels */ 2293 freq->freq = hw_get_freq(mode, sec_chan->chan); 2294 freq->sec_channel_offset = -freq->sec_channel_offset; 2295 freq->channel = sec_chan->chan; 2296 break; 2297 default: 2298 freq->sec_channel_offset = 0; 2299 break; 2300 } 2301 2302 wpa_scan_results_free(scan_res); 2303 } 2304 2305 #ifdef CONFIG_HT_OVERRIDES 2306 skip_ht40: 2307 #endif /* CONFIG_HT_OVERRIDES */ 2308 wpa_printf(MSG_DEBUG, 2309 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d", 2310 freq->channel, freq->sec_channel_offset); 2311 2312 if (!drv_supports_vht(wpa_s, ssid)) 2313 return; 2314 2315 /* For IBSS check VHT_IBSS flag */ 2316 if (ssid->mode == WPAS_MODE_IBSS && 2317 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS)) 2318 return; 2319 2320 vht_freq = *freq; 2321 2322 #ifdef CONFIG_VHT_OVERRIDES 2323 if (ssid->disable_vht) { 2324 freq->vht_enabled = 0; 2325 return; 2326 } 2327 #endif /* CONFIG_VHT_OVERRIDES */ 2328 2329 vht_freq.vht_enabled = vht_supported(mode); 2330 if (!vht_freq.vht_enabled) 2331 return; 2332 2333 /* setup center_freq1, bandwidth */ 2334 for (j = 0; j < ARRAY_SIZE(vht80); j++) { 2335 if (freq->channel >= vht80[j] && 2336 freq->channel < vht80[j] + 16) 2337 break; 2338 } 2339 2340 if (j == ARRAY_SIZE(vht80)) 2341 return; 2342 2343 for (i = vht80[j]; i < vht80[j] + 16; i += 4) { 2344 struct hostapd_channel_data *chan; 2345 2346 chan = hw_get_channel_chan(mode, i, NULL); 2347 if (!chan) 2348 return; 2349 2350 /* Back to HT configuration if channel not usable */ 2351 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 2352 return; 2353 } 2354 2355 chwidth = VHT_CHANWIDTH_80MHZ; 2356 seg0 = vht80[j] + 6; 2357 seg1 = 0; 2358 2359 if (ssid->max_oper_chwidth == VHT_CHANWIDTH_80P80MHZ) { 2360 /* setup center_freq2, bandwidth */ 2361 for (k = 0; k < ARRAY_SIZE(vht80); k++) { 2362 /* Only accept 80 MHz segments separated by a gap */ 2363 if (j == k || abs(vht80[j] - vht80[k]) == 16) 2364 continue; 2365 for (i = vht80[k]; i < vht80[k] + 16; i += 4) { 2366 struct hostapd_channel_data *chan; 2367 2368 chan = hw_get_channel_chan(mode, i, NULL); 2369 if (!chan) 2370 continue; 2371 2372 if (chan->flag & (HOSTAPD_CHAN_DISABLED | 2373 HOSTAPD_CHAN_NO_IR | 2374 HOSTAPD_CHAN_RADAR)) 2375 continue; 2376 2377 /* Found a suitable second segment for 80+80 */ 2378 chwidth = VHT_CHANWIDTH_80P80MHZ; 2379 vht_caps |= 2380 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; 2381 seg1 = vht80[k] + 6; 2382 } 2383 2384 if (chwidth == VHT_CHANWIDTH_80P80MHZ) 2385 break; 2386 } 2387 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_160MHZ) { 2388 if (freq->freq == 5180) { 2389 chwidth = VHT_CHANWIDTH_160MHZ; 2390 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 2391 seg0 = 50; 2392 } else if (freq->freq == 5520) { 2393 chwidth = VHT_CHANWIDTH_160MHZ; 2394 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 2395 seg0 = 114; 2396 } 2397 } else if (ssid->max_oper_chwidth == VHT_CHANWIDTH_USE_HT) { 2398 chwidth = VHT_CHANWIDTH_USE_HT; 2399 seg0 = vht80[j] + 2; 2400 #ifdef CONFIG_HT_OVERRIDES 2401 if (ssid->disable_ht40) 2402 seg0 = 0; 2403 #endif /* CONFIG_HT_OVERRIDES */ 2404 } 2405 2406 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq, 2407 freq->channel, freq->ht_enabled, 2408 vht_freq.vht_enabled, 2409 freq->sec_channel_offset, 2410 chwidth, seg0, seg1, vht_caps) != 0) 2411 return; 2412 2413 *freq = vht_freq; 2414 2415 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d", 2416 freq->center_freq1, freq->center_freq2, freq->bandwidth); 2417 } 2418 2419 2420 #ifdef CONFIG_FILS 2421 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf, 2422 size_t ie_buf_len) 2423 { 2424 struct fils_hlp_req *req; 2425 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0; 2426 const u8 *pos; 2427 u8 *buf = ie_buf; 2428 2429 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, 2430 list) { 2431 rem_len = ie_buf_len - ie_len; 2432 pos = wpabuf_head(req->pkt); 2433 hdr_len = 1 + 2 * ETH_ALEN + 6; 2434 hlp_len = wpabuf_len(req->pkt); 2435 2436 if (rem_len < 2 + hdr_len + hlp_len) { 2437 wpa_printf(MSG_ERROR, 2438 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu", 2439 (unsigned long) rem_len, 2440 (unsigned long) (2 + hdr_len + hlp_len)); 2441 break; 2442 } 2443 2444 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len; 2445 /* Element ID */ 2446 *buf++ = WLAN_EID_EXTENSION; 2447 /* Length */ 2448 *buf++ = len; 2449 /* Element ID Extension */ 2450 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER; 2451 /* Destination MAC address */ 2452 os_memcpy(buf, req->dst, ETH_ALEN); 2453 buf += ETH_ALEN; 2454 /* Source MAC address */ 2455 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN); 2456 buf += ETH_ALEN; 2457 /* LLC/SNAP Header */ 2458 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6); 2459 buf += 6; 2460 /* HLP Packet */ 2461 os_memcpy(buf, pos, len - hdr_len); 2462 buf += len - hdr_len; 2463 pos += len - hdr_len; 2464 2465 hlp_len -= len - hdr_len; 2466 ie_len += 2 + len; 2467 rem_len -= 2 + len; 2468 2469 while (hlp_len) { 2470 len = (hlp_len > 255) ? 255 : hlp_len; 2471 if (rem_len < 2 + len) 2472 break; 2473 *buf++ = WLAN_EID_FRAGMENT; 2474 *buf++ = len; 2475 os_memcpy(buf, pos, len); 2476 buf += len; 2477 pos += len; 2478 2479 hlp_len -= len; 2480 ie_len += 2 + len; 2481 rem_len -= 2 + len; 2482 } 2483 } 2484 2485 return ie_len; 2486 } 2487 2488 2489 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s) 2490 { 2491 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2492 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) || 2493 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2494 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD))); 2495 } 2496 2497 2498 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s) 2499 { 2500 #ifdef CONFIG_FILS_SK_PFS 2501 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2502 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS); 2503 #else /* CONFIG_FILS_SK_PFS */ 2504 return 0; 2505 #endif /* CONFIG_FILS_SK_PFS */ 2506 } 2507 2508 #endif /* CONFIG_FILS */ 2509 2510 2511 static u8 * wpas_populate_assoc_ies( 2512 struct wpa_supplicant *wpa_s, 2513 struct wpa_bss *bss, struct wpa_ssid *ssid, 2514 struct wpa_driver_associate_params *params, 2515 enum wpa_drv_update_connect_params_mask *mask) 2516 { 2517 u8 *wpa_ie; 2518 size_t max_wpa_ie_len = 500; 2519 size_t wpa_ie_len; 2520 int algs = WPA_AUTH_ALG_OPEN; 2521 #ifdef CONFIG_MBO 2522 const u8 *mbo_ie; 2523 #endif 2524 #ifdef CONFIG_SAE 2525 int sae_pmksa_cached = 0; 2526 #endif /* CONFIG_SAE */ 2527 #ifdef CONFIG_FILS 2528 const u8 *realm, *username, *rrk; 2529 size_t realm_len, username_len, rrk_len; 2530 u16 next_seq_num; 2531 struct fils_hlp_req *req; 2532 2533 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, 2534 list) { 2535 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) + 2536 2 + 2 * wpabuf_len(req->pkt) / 255; 2537 } 2538 #endif /* CONFIG_FILS */ 2539 2540 wpa_ie = os_malloc(max_wpa_ie_len); 2541 if (!wpa_ie) { 2542 wpa_printf(MSG_ERROR, 2543 "Failed to allocate connect IE buffer for %lu bytes", 2544 (unsigned long) max_wpa_ie_len); 2545 return NULL; 2546 } 2547 2548 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || 2549 wpa_bss_get_ie(bss, WLAN_EID_RSN)) && 2550 wpa_key_mgmt_wpa(ssid->key_mgmt)) { 2551 int try_opportunistic; 2552 const u8 *cache_id = NULL; 2553 2554 try_opportunistic = (ssid->proactive_key_caching < 0 ? 2555 wpa_s->conf->okc : 2556 ssid->proactive_key_caching) && 2557 (ssid->proto & WPA_PROTO_RSN); 2558 #ifdef CONFIG_FILS 2559 if (wpa_key_mgmt_fils(ssid->key_mgmt)) 2560 cache_id = wpa_bss_get_fils_cache_id(bss); 2561 #endif /* CONFIG_FILS */ 2562 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, 2563 ssid, try_opportunistic, 2564 cache_id, 0) == 0) { 2565 eapol_sm_notify_pmkid_attempt(wpa_s->eapol); 2566 #ifdef CONFIG_SAE 2567 sae_pmksa_cached = 1; 2568 #endif /* CONFIG_SAE */ 2569 } 2570 wpa_ie_len = max_wpa_ie_len; 2571 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 2572 wpa_ie, &wpa_ie_len)) { 2573 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 2574 "key management and encryption suites"); 2575 os_free(wpa_ie); 2576 return NULL; 2577 } 2578 #ifdef CONFIG_HS20 2579 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) && 2580 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) { 2581 /* No PMKSA caching, but otherwise similar to RSN/WPA */ 2582 wpa_ie_len = max_wpa_ie_len; 2583 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 2584 wpa_ie, &wpa_ie_len)) { 2585 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 2586 "key management and encryption suites"); 2587 os_free(wpa_ie); 2588 return NULL; 2589 } 2590 #endif /* CONFIG_HS20 */ 2591 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && 2592 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { 2593 /* 2594 * Both WPA and non-WPA IEEE 802.1X enabled in configuration - 2595 * use non-WPA since the scan results did not indicate that the 2596 * AP is using WPA or WPA2. 2597 */ 2598 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2599 wpa_ie_len = 0; 2600 wpa_s->wpa_proto = 0; 2601 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { 2602 wpa_ie_len = max_wpa_ie_len; 2603 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, 2604 wpa_ie, &wpa_ie_len)) { 2605 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 2606 "key management and encryption suites (no " 2607 "scan results)"); 2608 os_free(wpa_ie); 2609 return NULL; 2610 } 2611 #ifdef CONFIG_WPS 2612 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { 2613 struct wpabuf *wps_ie; 2614 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); 2615 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) { 2616 wpa_ie_len = wpabuf_len(wps_ie); 2617 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); 2618 } else 2619 wpa_ie_len = 0; 2620 wpabuf_free(wps_ie); 2621 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2622 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) 2623 params->wps = WPS_MODE_PRIVACY; 2624 else 2625 params->wps = WPS_MODE_OPEN; 2626 wpa_s->wpa_proto = 0; 2627 #endif /* CONFIG_WPS */ 2628 } else { 2629 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2630 wpa_ie_len = 0; 2631 wpa_s->wpa_proto = 0; 2632 } 2633 2634 #ifdef IEEE8021X_EAPOL 2635 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 2636 if (ssid->leap) { 2637 if (ssid->non_leap == 0) 2638 algs = WPA_AUTH_ALG_LEAP; 2639 else 2640 algs |= WPA_AUTH_ALG_LEAP; 2641 } 2642 } 2643 2644 #ifdef CONFIG_FILS 2645 /* Clear FILS association */ 2646 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0); 2647 2648 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) && 2649 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) && 2650 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username, 2651 &username_len, &realm, &realm_len, 2652 &next_seq_num, &rrk, &rrk_len) == 0 && 2653 (!wpa_s->last_con_fail_realm || 2654 wpa_s->last_con_fail_realm_len != realm_len || 2655 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) { 2656 algs = WPA_AUTH_ALG_FILS; 2657 params->fils_erp_username = username; 2658 params->fils_erp_username_len = username_len; 2659 params->fils_erp_realm = realm; 2660 params->fils_erp_realm_len = realm_len; 2661 params->fils_erp_next_seq_num = next_seq_num; 2662 params->fils_erp_rrk = rrk; 2663 params->fils_erp_rrk_len = rrk_len; 2664 2665 if (mask) 2666 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO; 2667 } 2668 #endif /* CONFIG_FILS */ 2669 #endif /* IEEE8021X_EAPOL */ 2670 #ifdef CONFIG_SAE 2671 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE)) 2672 algs = WPA_AUTH_ALG_SAE; 2673 #endif /* CONFIG_SAE */ 2674 2675 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); 2676 if (ssid->auth_alg) { 2677 algs = ssid->auth_alg; 2678 wpa_dbg(wpa_s, MSG_DEBUG, 2679 "Overriding auth_alg selection: 0x%x", algs); 2680 } 2681 2682 #ifdef CONFIG_SAE 2683 if (sae_pmksa_cached && algs == WPA_AUTH_ALG_SAE) { 2684 wpa_dbg(wpa_s, MSG_DEBUG, 2685 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt"); 2686 algs = WPA_AUTH_ALG_OPEN; 2687 } 2688 #endif /* CONFIG_SAE */ 2689 2690 #ifdef CONFIG_P2P 2691 if (wpa_s->global->p2p) { 2692 u8 *pos; 2693 size_t len; 2694 int res; 2695 pos = wpa_ie + wpa_ie_len; 2696 len = max_wpa_ie_len - wpa_ie_len; 2697 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, 2698 ssid->p2p_group); 2699 if (res >= 0) 2700 wpa_ie_len += res; 2701 } 2702 2703 wpa_s->cross_connect_disallowed = 0; 2704 if (bss) { 2705 struct wpabuf *p2p; 2706 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); 2707 if (p2p) { 2708 wpa_s->cross_connect_disallowed = 2709 p2p_get_cross_connect_disallowed(p2p); 2710 wpabuf_free(p2p); 2711 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " 2712 "connection", 2713 wpa_s->cross_connect_disallowed ? 2714 "disallows" : "allows"); 2715 } 2716 } 2717 2718 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info)); 2719 #endif /* CONFIG_P2P */ 2720 2721 if (bss) { 2722 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss->freq, 2723 wpa_ie + wpa_ie_len, 2724 max_wpa_ie_len - 2725 wpa_ie_len); 2726 } 2727 2728 /* 2729 * Workaround: Add Extended Capabilities element only if the AP 2730 * included this element in Beacon/Probe Response frames. Some older 2731 * APs seem to have interoperability issues if this element is 2732 * included, so while the standard may require us to include the 2733 * element in all cases, it is justifiable to skip it to avoid 2734 * interoperability issues. 2735 */ 2736 if (ssid->p2p_group) 2737 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT); 2738 else 2739 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); 2740 2741 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) { 2742 u8 ext_capab[18]; 2743 int ext_capab_len; 2744 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, 2745 sizeof(ext_capab)); 2746 if (ext_capab_len > 0 && 2747 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) { 2748 u8 *pos = wpa_ie; 2749 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) 2750 pos += 2 + pos[1]; 2751 os_memmove(pos + ext_capab_len, pos, 2752 wpa_ie_len - (pos - wpa_ie)); 2753 wpa_ie_len += ext_capab_len; 2754 os_memcpy(pos, ext_capab, ext_capab_len); 2755 } 2756 } 2757 2758 #ifdef CONFIG_HS20 2759 if (is_hs20_network(wpa_s, ssid, bss)) { 2760 struct wpabuf *hs20; 2761 2762 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN); 2763 if (hs20) { 2764 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid); 2765 size_t len; 2766 2767 wpas_hs20_add_indication(hs20, pps_mo_id, 2768 get_hs20_version(bss)); 2769 wpas_hs20_add_roam_cons_sel(hs20, ssid); 2770 len = max_wpa_ie_len - wpa_ie_len; 2771 if (wpabuf_len(hs20) <= len) { 2772 os_memcpy(wpa_ie + wpa_ie_len, 2773 wpabuf_head(hs20), wpabuf_len(hs20)); 2774 wpa_ie_len += wpabuf_len(hs20); 2775 } 2776 wpabuf_free(hs20); 2777 2778 hs20_configure_frame_filters(wpa_s); 2779 } 2780 } 2781 #endif /* CONFIG_HS20 */ 2782 2783 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) { 2784 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]; 2785 size_t len; 2786 2787 len = max_wpa_ie_len - wpa_ie_len; 2788 if (wpabuf_len(buf) <= len) { 2789 os_memcpy(wpa_ie + wpa_ie_len, 2790 wpabuf_head(buf), wpabuf_len(buf)); 2791 wpa_ie_len += wpabuf_len(buf); 2792 } 2793 } 2794 2795 #ifdef CONFIG_FST 2796 if (wpa_s->fst_ies) { 2797 int fst_ies_len = wpabuf_len(wpa_s->fst_ies); 2798 2799 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) { 2800 os_memcpy(wpa_ie + wpa_ie_len, 2801 wpabuf_head(wpa_s->fst_ies), fst_ies_len); 2802 wpa_ie_len += fst_ies_len; 2803 } 2804 } 2805 #endif /* CONFIG_FST */ 2806 2807 #ifdef CONFIG_MBO 2808 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL; 2809 if (mbo_ie) { 2810 int len; 2811 2812 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len, 2813 max_wpa_ie_len - wpa_ie_len, 2814 !!mbo_attr_from_mbo_ie(mbo_ie, 2815 OCE_ATTR_ID_CAPA_IND)); 2816 if (len >= 0) 2817 wpa_ie_len += len; 2818 } 2819 #endif /* CONFIG_MBO */ 2820 2821 #ifdef CONFIG_FILS 2822 if (algs == WPA_AUTH_ALG_FILS) { 2823 size_t len; 2824 2825 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len, 2826 max_wpa_ie_len - wpa_ie_len); 2827 wpa_ie_len += len; 2828 } 2829 #endif /* CONFIG_FILS */ 2830 2831 #ifdef CONFIG_OWE 2832 #ifdef CONFIG_TESTING_OPTIONS 2833 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) { 2834 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element"); 2835 } else 2836 #endif /* CONFIG_TESTING_OPTIONS */ 2837 if (algs == WPA_AUTH_ALG_OPEN && 2838 ssid->key_mgmt == WPA_KEY_MGMT_OWE) { 2839 struct wpabuf *owe_ie; 2840 u16 group; 2841 2842 if (ssid->owe_group) { 2843 group = ssid->owe_group; 2844 } else if (wpa_s->assoc_status_code == 2845 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { 2846 if (wpa_s->last_owe_group == 19) 2847 group = 20; 2848 else if (wpa_s->last_owe_group == 20) 2849 group = 21; 2850 else 2851 group = OWE_DH_GROUP; 2852 } else { 2853 group = OWE_DH_GROUP; 2854 } 2855 2856 wpa_s->last_owe_group = group; 2857 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group); 2858 owe_ie = owe_build_assoc_req(wpa_s->wpa, group); 2859 if (owe_ie && 2860 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) { 2861 os_memcpy(wpa_ie + wpa_ie_len, 2862 wpabuf_head(owe_ie), wpabuf_len(owe_ie)); 2863 wpa_ie_len += wpabuf_len(owe_ie); 2864 } 2865 wpabuf_free(owe_ie); 2866 } 2867 #endif /* CONFIG_OWE */ 2868 2869 #ifdef CONFIG_DPP2 2870 if (wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP && 2871 ssid->dpp_netaccesskey) { 2872 dpp_pfs_free(wpa_s->dpp_pfs); 2873 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey, 2874 ssid->dpp_netaccesskey_len); 2875 if (!wpa_s->dpp_pfs) { 2876 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS"); 2877 /* Try to continue without PFS */ 2878 goto pfs_fail; 2879 } 2880 if (wpabuf_len(wpa_s->dpp_pfs->ie) <= 2881 max_wpa_ie_len - wpa_ie_len) { 2882 os_memcpy(wpa_ie + wpa_ie_len, 2883 wpabuf_head(wpa_s->dpp_pfs->ie), 2884 wpabuf_len(wpa_s->dpp_pfs->ie)); 2885 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie); 2886 } 2887 } 2888 pfs_fail: 2889 #endif /* CONFIG_DPP2 */ 2890 2891 #ifdef CONFIG_IEEE80211R 2892 /* 2893 * Add MDIE under these conditions: the network profile allows FT, 2894 * the AP supports FT, and the mobility domain ID matches. 2895 */ 2896 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) { 2897 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 2898 2899 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) { 2900 size_t len = 0; 2901 const u8 *md = mdie + 2; 2902 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa); 2903 2904 if (os_memcmp(md, wpa_md, 2905 MOBILITY_DOMAIN_ID_LEN) == 0) { 2906 /* Add mobility domain IE */ 2907 len = wpa_ft_add_mdie( 2908 wpa_s->wpa, wpa_ie + wpa_ie_len, 2909 max_wpa_ie_len - wpa_ie_len, mdie); 2910 wpa_ie_len += len; 2911 } 2912 #ifdef CONFIG_SME 2913 if (len > 0 && wpa_s->sme.ft_used && 2914 wpa_sm_has_ptk(wpa_s->wpa)) { 2915 wpa_dbg(wpa_s, MSG_DEBUG, 2916 "SME: Trying to use FT over-the-air"); 2917 algs |= WPA_AUTH_ALG_FT; 2918 } 2919 #endif /* CONFIG_SME */ 2920 } 2921 } 2922 #endif /* CONFIG_IEEE80211R */ 2923 2924 if (ssid->multi_ap_backhaul_sta) { 2925 size_t multi_ap_ie_len; 2926 2927 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len, 2928 max_wpa_ie_len - wpa_ie_len, 2929 MULTI_AP_BACKHAUL_STA); 2930 if (multi_ap_ie_len == 0) { 2931 wpa_printf(MSG_ERROR, 2932 "Multi-AP: Failed to build Multi-AP IE"); 2933 os_free(wpa_ie); 2934 return NULL; 2935 } 2936 wpa_ie_len += multi_ap_ie_len; 2937 } 2938 2939 params->wpa_ie = wpa_ie; 2940 params->wpa_ie_len = wpa_ie_len; 2941 params->auth_alg = algs; 2942 if (mask) 2943 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE; 2944 2945 return wpa_ie; 2946 } 2947 2948 2949 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 2950 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s) 2951 { 2952 struct wpa_driver_associate_params params; 2953 enum wpa_drv_update_connect_params_mask mask = 0; 2954 u8 *wpa_ie; 2955 2956 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN) 2957 return; /* nothing to do */ 2958 2959 os_memset(¶ms, 0, sizeof(params)); 2960 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, 2961 wpa_s->current_ssid, ¶ms, &mask); 2962 if (!wpa_ie) 2963 return; 2964 2965 if (params.auth_alg != WPA_AUTH_ALG_FILS) { 2966 os_free(wpa_ie); 2967 return; 2968 } 2969 2970 wpa_s->auth_alg = params.auth_alg; 2971 wpa_drv_update_connect_params(wpa_s, ¶ms, mask); 2972 os_free(wpa_ie); 2973 } 2974 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 2975 2976 2977 #ifdef CONFIG_MBO 2978 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s) 2979 { 2980 struct wpa_driver_associate_params params; 2981 u8 *wpa_ie; 2982 2983 /* 2984 * Update MBO connect params only in case of change of MBO attributes 2985 * when connected, if the AP support MBO. 2986 */ 2987 2988 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid || 2989 !wpa_s->current_bss || 2990 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE)) 2991 return; 2992 2993 os_memset(¶ms, 0, sizeof(params)); 2994 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, 2995 wpa_s->current_ssid, ¶ms, NULL); 2996 if (!wpa_ie) 2997 return; 2998 2999 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES); 3000 os_free(wpa_ie); 3001 } 3002 #endif /* CONFIG_MBO */ 3003 3004 3005 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) 3006 { 3007 struct wpa_connect_work *cwork = work->ctx; 3008 struct wpa_bss *bss = cwork->bss; 3009 struct wpa_ssid *ssid = cwork->ssid; 3010 struct wpa_supplicant *wpa_s = work->wpa_s; 3011 u8 *wpa_ie; 3012 int use_crypt, ret, i, bssid_changed; 3013 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt; 3014 struct wpa_driver_associate_params params; 3015 int wep_keys_set = 0; 3016 int assoc_failed = 0; 3017 struct wpa_ssid *old_ssid; 3018 u8 prev_bssid[ETH_ALEN]; 3019 #ifdef CONFIG_HT_OVERRIDES 3020 struct ieee80211_ht_capabilities htcaps; 3021 struct ieee80211_ht_capabilities htcaps_mask; 3022 #endif /* CONFIG_HT_OVERRIDES */ 3023 #ifdef CONFIG_VHT_OVERRIDES 3024 struct ieee80211_vht_capabilities vhtcaps; 3025 struct ieee80211_vht_capabilities vhtcaps_mask; 3026 #endif /* CONFIG_VHT_OVERRIDES */ 3027 3028 if (deinit) { 3029 if (work->started) { 3030 wpa_s->connect_work = NULL; 3031 3032 /* cancel possible auth. timeout */ 3033 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, 3034 NULL); 3035 } 3036 wpas_connect_work_free(cwork); 3037 return; 3038 } 3039 3040 wpa_s->connect_work = work; 3041 3042 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) || 3043 wpas_network_disabled(wpa_s, ssid)) { 3044 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt"); 3045 wpas_connect_work_done(wpa_s); 3046 return; 3047 } 3048 3049 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN); 3050 os_memset(¶ms, 0, sizeof(params)); 3051 wpa_s->reassociate = 0; 3052 wpa_s->eap_expected_failure = 0; 3053 if (bss && 3054 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) { 3055 #ifdef CONFIG_IEEE80211R 3056 const u8 *ie, *md = NULL; 3057 #endif /* CONFIG_IEEE80211R */ 3058 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR 3059 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), 3060 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); 3061 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 3062 os_memset(wpa_s->bssid, 0, ETH_ALEN); 3063 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 3064 if (bssid_changed) 3065 wpas_notify_bssid_changed(wpa_s); 3066 #ifdef CONFIG_IEEE80211R 3067 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 3068 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) 3069 md = ie + 2; 3070 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); 3071 if (md) { 3072 /* Prepare for the next transition */ 3073 wpa_ft_prepare_auth_request(wpa_s->wpa, ie); 3074 } 3075 #endif /* CONFIG_IEEE80211R */ 3076 #ifdef CONFIG_WPS 3077 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && 3078 wpa_s->conf->ap_scan == 2 && 3079 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 3080 /* Use ap_scan==1 style network selection to find the network 3081 */ 3082 wpas_connect_work_done(wpa_s); 3083 wpa_s->scan_req = MANUAL_SCAN_REQ; 3084 wpa_s->reassociate = 1; 3085 wpa_supplicant_req_scan(wpa_s, 0, 0); 3086 return; 3087 #endif /* CONFIG_WPS */ 3088 } else { 3089 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", 3090 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 3091 if (bss) 3092 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 3093 else 3094 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 3095 } 3096 if (!wpa_s->pno) 3097 wpa_supplicant_cancel_sched_scan(wpa_s); 3098 3099 wpa_supplicant_cancel_scan(wpa_s); 3100 3101 /* Starting new association, so clear the possibly used WPA IE from the 3102 * previous association. */ 3103 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 3104 3105 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL); 3106 if (!wpa_ie) { 3107 wpas_connect_work_done(wpa_s); 3108 return; 3109 } 3110 3111 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); 3112 use_crypt = 1; 3113 cipher_pairwise = wpa_s->pairwise_cipher; 3114 cipher_group = wpa_s->group_cipher; 3115 cipher_group_mgmt = wpa_s->mgmt_group_cipher; 3116 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 3117 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 3118 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) 3119 use_crypt = 0; 3120 if (wpa_set_wep_keys(wpa_s, ssid)) { 3121 use_crypt = 1; 3122 wep_keys_set = 1; 3123 } 3124 } 3125 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) 3126 use_crypt = 0; 3127 3128 #ifdef IEEE8021X_EAPOL 3129 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 3130 if ((ssid->eapol_flags & 3131 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 3132 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && 3133 !wep_keys_set) { 3134 use_crypt = 0; 3135 } else { 3136 /* Assume that dynamic WEP-104 keys will be used and 3137 * set cipher suites in order for drivers to expect 3138 * encryption. */ 3139 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104; 3140 } 3141 } 3142 #endif /* IEEE8021X_EAPOL */ 3143 3144 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 3145 /* Set the key before (and later after) association */ 3146 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 3147 } 3148 3149 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); 3150 if (bss) { 3151 params.ssid = bss->ssid; 3152 params.ssid_len = bss->ssid_len; 3153 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set || 3154 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 3155 wpa_printf(MSG_DEBUG, "Limit connection to BSSID " 3156 MACSTR " freq=%u MHz based on scan results " 3157 "(bssid_set=%d wps=%d)", 3158 MAC2STR(bss->bssid), bss->freq, 3159 ssid->bssid_set, 3160 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS); 3161 params.bssid = bss->bssid; 3162 params.freq.freq = bss->freq; 3163 } 3164 params.bssid_hint = bss->bssid; 3165 params.freq_hint = bss->freq; 3166 params.pbss = bss_is_pbss(bss); 3167 } else { 3168 if (ssid->bssid_hint_set) 3169 params.bssid_hint = ssid->bssid_hint; 3170 3171 params.ssid = ssid->ssid; 3172 params.ssid_len = ssid->ssid_len; 3173 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0; 3174 } 3175 3176 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && 3177 wpa_s->conf->ap_scan == 2) { 3178 params.bssid = ssid->bssid; 3179 params.fixed_bssid = 1; 3180 } 3181 3182 /* Initial frequency for IBSS/mesh */ 3183 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) && 3184 ssid->frequency > 0 && params.freq.freq == 0) 3185 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq); 3186 3187 if (ssid->mode == WPAS_MODE_IBSS) { 3188 params.fixed_freq = ssid->fixed_freq; 3189 if (ssid->beacon_int) 3190 params.beacon_int = ssid->beacon_int; 3191 else 3192 params.beacon_int = wpa_s->conf->beacon_int; 3193 } 3194 3195 params.pairwise_suite = cipher_pairwise; 3196 params.group_suite = cipher_group; 3197 params.mgmt_group_suite = cipher_group_mgmt; 3198 params.key_mgmt_suite = wpa_s->key_mgmt; 3199 params.wpa_proto = wpa_s->wpa_proto; 3200 wpa_s->auth_alg = params.auth_alg; 3201 params.mode = ssid->mode; 3202 params.bg_scan_period = ssid->bg_scan_period; 3203 for (i = 0; i < NUM_WEP_KEYS; i++) { 3204 if (ssid->wep_key_len[i]) 3205 params.wep_key[i] = ssid->wep_key[i]; 3206 params.wep_key_len[i] = ssid->wep_key_len[i]; 3207 } 3208 params.wep_tx_keyidx = ssid->wep_tx_keyidx; 3209 3210 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && 3211 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK || 3212 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) { 3213 params.passphrase = ssid->passphrase; 3214 if (ssid->psk_set) 3215 params.psk = ssid->psk; 3216 } 3217 3218 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && 3219 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 3220 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 3221 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 3222 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)) 3223 params.req_key_mgmt_offload = 1; 3224 3225 if (wpa_s->conf->key_mgmt_offload) { 3226 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 3227 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 3228 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 3229 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) 3230 params.req_key_mgmt_offload = 3231 ssid->proactive_key_caching < 0 ? 3232 wpa_s->conf->okc : ssid->proactive_key_caching; 3233 else 3234 params.req_key_mgmt_offload = 1; 3235 3236 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK || 3237 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 3238 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) && 3239 ssid->psk_set) 3240 params.psk = ssid->psk; 3241 } 3242 3243 params.drop_unencrypted = use_crypt; 3244 3245 #ifdef CONFIG_IEEE80211W 3246 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid); 3247 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { 3248 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 3249 struct wpa_ie_data ie; 3250 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && 3251 ie.capabilities & 3252 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { 3253 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " 3254 "MFP: require MFP"); 3255 params.mgmt_frame_protection = 3256 MGMT_FRAME_PROTECTION_REQUIRED; 3257 #ifdef CONFIG_OWE 3258 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) && 3259 !ssid->owe_only) { 3260 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION; 3261 #endif /* CONFIG_OWE */ 3262 } 3263 } 3264 #endif /* CONFIG_IEEE80211W */ 3265 3266 params.p2p = ssid->p2p_group; 3267 3268 if (wpa_s->p2pdev->set_sta_uapsd) 3269 params.uapsd = wpa_s->p2pdev->sta_uapsd; 3270 else 3271 params.uapsd = -1; 3272 3273 #ifdef CONFIG_HT_OVERRIDES 3274 os_memset(&htcaps, 0, sizeof(htcaps)); 3275 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); 3276 params.htcaps = (u8 *) &htcaps; 3277 params.htcaps_mask = (u8 *) &htcaps_mask; 3278 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); 3279 #endif /* CONFIG_HT_OVERRIDES */ 3280 #ifdef CONFIG_VHT_OVERRIDES 3281 os_memset(&vhtcaps, 0, sizeof(vhtcaps)); 3282 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask)); 3283 params.vhtcaps = &vhtcaps; 3284 params.vhtcaps_mask = &vhtcaps_mask; 3285 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms); 3286 #endif /* CONFIG_VHT_OVERRIDES */ 3287 3288 #ifdef CONFIG_P2P 3289 /* 3290 * If multi-channel concurrency is not supported, check for any 3291 * frequency conflict. In case of any frequency conflict, remove the 3292 * least prioritized connection. 3293 */ 3294 if (wpa_s->num_multichan_concurrent < 2) { 3295 int freq, num; 3296 num = get_shared_radio_freqs(wpa_s, &freq, 1); 3297 if (num > 0 && freq > 0 && freq != params.freq.freq) { 3298 wpa_printf(MSG_DEBUG, 3299 "Assoc conflicting freq found (%d != %d)", 3300 freq, params.freq.freq); 3301 if (wpas_p2p_handle_frequency_conflicts( 3302 wpa_s, params.freq.freq, ssid) < 0) { 3303 wpas_connect_work_done(wpa_s); 3304 os_free(wpa_ie); 3305 return; 3306 } 3307 } 3308 } 3309 #endif /* CONFIG_P2P */ 3310 3311 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) && 3312 wpa_s->current_ssid) 3313 params.prev_bssid = prev_bssid; 3314 3315 ret = wpa_drv_associate(wpa_s, ¶ms); 3316 os_free(wpa_ie); 3317 if (ret < 0) { 3318 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " 3319 "failed"); 3320 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) { 3321 /* 3322 * The driver is known to mean what is saying, so we 3323 * can stop right here; the association will not 3324 * succeed. 3325 */ 3326 wpas_connection_failed(wpa_s, wpa_s->pending_bssid); 3327 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 3328 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 3329 return; 3330 } 3331 /* try to continue anyway; new association will be tried again 3332 * after timeout */ 3333 assoc_failed = 1; 3334 } 3335 3336 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 3337 /* Set the key after the association just in case association 3338 * cleared the previously configured key. */ 3339 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 3340 /* No need to timeout authentication since there is no key 3341 * management. */ 3342 wpa_supplicant_cancel_auth_timeout(wpa_s); 3343 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 3344 #ifdef CONFIG_IBSS_RSN 3345 } else if (ssid->mode == WPAS_MODE_IBSS && 3346 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 3347 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 3348 /* 3349 * RSN IBSS authentication is per-STA and we can disable the 3350 * per-BSSID authentication. 3351 */ 3352 wpa_supplicant_cancel_auth_timeout(wpa_s); 3353 #endif /* CONFIG_IBSS_RSN */ 3354 } else { 3355 /* Timeout for IEEE 802.11 authentication and association */ 3356 int timeout = 60; 3357 3358 if (assoc_failed) { 3359 /* give IBSS a bit more time */ 3360 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; 3361 } else if (wpa_s->conf->ap_scan == 1) { 3362 /* give IBSS a bit more time */ 3363 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; 3364 } 3365 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 3366 } 3367 3368 if (wep_keys_set && 3369 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) { 3370 /* Set static WEP keys again */ 3371 wpa_set_wep_keys(wpa_s, ssid); 3372 } 3373 3374 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { 3375 /* 3376 * Do not allow EAP session resumption between different 3377 * network configurations. 3378 */ 3379 eapol_sm_invalidate_cached_session(wpa_s->eapol); 3380 } 3381 old_ssid = wpa_s->current_ssid; 3382 wpa_s->current_ssid = ssid; 3383 3384 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { 3385 wpa_s->current_bss = bss; 3386 #ifdef CONFIG_HS20 3387 hs20_configure_frame_filters(wpa_s); 3388 #endif /* CONFIG_HS20 */ 3389 } 3390 3391 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 3392 wpa_supplicant_initiate_eapol(wpa_s); 3393 if (old_ssid != wpa_s->current_ssid) 3394 wpas_notify_network_changed(wpa_s); 3395 } 3396 3397 3398 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, 3399 const u8 *addr) 3400 { 3401 struct wpa_ssid *old_ssid; 3402 3403 wpas_connect_work_done(wpa_s); 3404 wpa_clear_keys(wpa_s, addr); 3405 old_ssid = wpa_s->current_ssid; 3406 wpa_supplicant_mark_disassoc(wpa_s); 3407 wpa_sm_set_config(wpa_s->wpa, NULL); 3408 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 3409 if (old_ssid != wpa_s->current_ssid) 3410 wpas_notify_network_changed(wpa_s); 3411 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 3412 } 3413 3414 3415 /** 3416 * wpa_supplicant_deauthenticate - Deauthenticate the current connection 3417 * @wpa_s: Pointer to wpa_supplicant data 3418 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame 3419 * 3420 * This function is used to request %wpa_supplicant to deauthenticate from the 3421 * current AP. 3422 */ 3423 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, 3424 int reason_code) 3425 { 3426 u8 *addr = NULL; 3427 union wpa_event_data event; 3428 int zero_addr = 0; 3429 3430 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR 3431 " pending_bssid=" MACSTR " reason=%d state=%s", 3432 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), 3433 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state)); 3434 3435 if (!is_zero_ether_addr(wpa_s->pending_bssid) && 3436 (wpa_s->wpa_state == WPA_AUTHENTICATING || 3437 wpa_s->wpa_state == WPA_ASSOCIATING)) 3438 addr = wpa_s->pending_bssid; 3439 else if (!is_zero_ether_addr(wpa_s->bssid)) 3440 addr = wpa_s->bssid; 3441 else if (wpa_s->wpa_state == WPA_ASSOCIATING) { 3442 /* 3443 * When using driver-based BSS selection, we may not know the 3444 * BSSID with which we are currently trying to associate. We 3445 * need to notify the driver of this disconnection even in such 3446 * a case, so use the all zeros address here. 3447 */ 3448 addr = wpa_s->bssid; 3449 zero_addr = 1; 3450 } 3451 3452 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0) 3453 wpa_s->enabled_4addr_mode = 0; 3454 3455 #ifdef CONFIG_TDLS 3456 wpa_tdls_teardown_peers(wpa_s->wpa); 3457 #endif /* CONFIG_TDLS */ 3458 3459 #ifdef CONFIG_MESH 3460 if (wpa_s->ifmsh) { 3461 struct mesh_conf *mconf; 3462 3463 mconf = wpa_s->ifmsh->mconf; 3464 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s", 3465 wpa_s->ifname); 3466 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid, 3467 mconf->meshid_len, reason_code); 3468 wpa_supplicant_leave_mesh(wpa_s); 3469 } 3470 #endif /* CONFIG_MESH */ 3471 3472 if (addr) { 3473 wpa_drv_deauthenticate(wpa_s, addr, reason_code); 3474 os_memset(&event, 0, sizeof(event)); 3475 event.deauth_info.reason_code = (u16) reason_code; 3476 event.deauth_info.locally_generated = 1; 3477 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event); 3478 if (zero_addr) 3479 addr = NULL; 3480 } 3481 3482 wpa_supplicant_clear_connection(wpa_s, addr); 3483 } 3484 3485 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s, 3486 struct wpa_ssid *ssid) 3487 { 3488 if (!ssid || !ssid->disabled || ssid->disabled == 2) 3489 return; 3490 3491 ssid->disabled = 0; 3492 ssid->owe_transition_bss_select_count = 0; 3493 wpas_clear_temp_disabled(wpa_s, ssid, 1); 3494 wpas_notify_network_enabled_changed(wpa_s, ssid); 3495 3496 /* 3497 * Try to reassociate since there is no current configuration and a new 3498 * network was made available. 3499 */ 3500 if (!wpa_s->current_ssid && !wpa_s->disconnected) 3501 wpa_s->reassociate = 1; 3502 } 3503 3504 3505 /** 3506 * wpa_supplicant_add_network - Add a new network 3507 * @wpa_s: wpa_supplicant structure for a network interface 3508 * Returns: The new network configuration or %NULL if operation failed 3509 * 3510 * This function performs the following operations: 3511 * 1. Adds a new network. 3512 * 2. Send network addition notification. 3513 * 3. Marks the network disabled. 3514 * 4. Set network default parameters. 3515 */ 3516 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s) 3517 { 3518 struct wpa_ssid *ssid; 3519 3520 ssid = wpa_config_add_network(wpa_s->conf); 3521 if (!ssid) 3522 return NULL; 3523 wpas_notify_network_added(wpa_s, ssid); 3524 ssid->disabled = 1; 3525 wpa_config_set_network_defaults(ssid); 3526 3527 return ssid; 3528 } 3529 3530 3531 /** 3532 * wpa_supplicant_remove_network - Remove a configured network based on id 3533 * @wpa_s: wpa_supplicant structure for a network interface 3534 * @id: Unique network id to search for 3535 * Returns: 0 on success, or -1 if the network was not found, -2 if the network 3536 * could not be removed 3537 * 3538 * This function performs the following operations: 3539 * 1. Removes the network. 3540 * 2. Send network removal notification. 3541 * 3. Update internal state machines. 3542 * 4. Stop any running sched scans. 3543 */ 3544 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id) 3545 { 3546 struct wpa_ssid *ssid; 3547 int was_disabled; 3548 3549 ssid = wpa_config_get_network(wpa_s->conf, id); 3550 if (!ssid) 3551 return -1; 3552 wpas_notify_network_removed(wpa_s, ssid); 3553 3554 if (wpa_s->last_ssid == ssid) 3555 wpa_s->last_ssid = NULL; 3556 3557 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) { 3558 #ifdef CONFIG_SME 3559 wpa_s->sme.prev_bssid_set = 0; 3560 #endif /* CONFIG_SME */ 3561 /* 3562 * Invalidate the EAP session cache if the current or 3563 * previously used network is removed. 3564 */ 3565 eapol_sm_invalidate_cached_session(wpa_s->eapol); 3566 } 3567 3568 if (ssid == wpa_s->current_ssid) { 3569 wpa_sm_set_config(wpa_s->wpa, NULL); 3570 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 3571 3572 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 3573 wpa_s->own_disconnect_req = 1; 3574 wpa_supplicant_deauthenticate(wpa_s, 3575 WLAN_REASON_DEAUTH_LEAVING); 3576 } 3577 3578 was_disabled = ssid->disabled; 3579 3580 if (wpa_config_remove_network(wpa_s->conf, id) < 0) 3581 return -2; 3582 3583 if (!was_disabled && wpa_s->sched_scanning) { 3584 wpa_printf(MSG_DEBUG, 3585 "Stop ongoing sched_scan to remove network from filters"); 3586 wpa_supplicant_cancel_sched_scan(wpa_s); 3587 wpa_supplicant_req_scan(wpa_s, 0, 0); 3588 } 3589 3590 return 0; 3591 } 3592 3593 3594 /** 3595 * wpa_supplicant_enable_network - Mark a configured network as enabled 3596 * @wpa_s: wpa_supplicant structure for a network interface 3597 * @ssid: wpa_ssid structure for a configured network or %NULL 3598 * 3599 * Enables the specified network or all networks if no network specified. 3600 */ 3601 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, 3602 struct wpa_ssid *ssid) 3603 { 3604 if (ssid == NULL) { 3605 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 3606 wpa_supplicant_enable_one_network(wpa_s, ssid); 3607 } else 3608 wpa_supplicant_enable_one_network(wpa_s, ssid); 3609 3610 if (wpa_s->reassociate && !wpa_s->disconnected && 3611 (!wpa_s->current_ssid || 3612 wpa_s->wpa_state == WPA_DISCONNECTED || 3613 wpa_s->wpa_state == WPA_SCANNING)) { 3614 if (wpa_s->sched_scanning) { 3615 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add " 3616 "new network to scan filters"); 3617 wpa_supplicant_cancel_sched_scan(wpa_s); 3618 } 3619 3620 if (wpa_supplicant_fast_associate(wpa_s) != 1) { 3621 wpa_s->scan_req = NORMAL_SCAN_REQ; 3622 wpa_supplicant_req_scan(wpa_s, 0, 0); 3623 } 3624 } 3625 } 3626 3627 3628 /** 3629 * wpa_supplicant_disable_network - Mark a configured network as disabled 3630 * @wpa_s: wpa_supplicant structure for a network interface 3631 * @ssid: wpa_ssid structure for a configured network or %NULL 3632 * 3633 * Disables the specified network or all networks if no network specified. 3634 */ 3635 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, 3636 struct wpa_ssid *ssid) 3637 { 3638 struct wpa_ssid *other_ssid; 3639 int was_disabled; 3640 3641 if (ssid == NULL) { 3642 if (wpa_s->sched_scanning) 3643 wpa_supplicant_cancel_sched_scan(wpa_s); 3644 3645 for (other_ssid = wpa_s->conf->ssid; other_ssid; 3646 other_ssid = other_ssid->next) { 3647 was_disabled = other_ssid->disabled; 3648 if (was_disabled == 2) 3649 continue; /* do not change persistent P2P group 3650 * data */ 3651 3652 other_ssid->disabled = 1; 3653 3654 if (was_disabled != other_ssid->disabled) 3655 wpas_notify_network_enabled_changed( 3656 wpa_s, other_ssid); 3657 } 3658 if (wpa_s->current_ssid) { 3659 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 3660 wpa_s->own_disconnect_req = 1; 3661 wpa_supplicant_deauthenticate( 3662 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 3663 } 3664 } else if (ssid->disabled != 2) { 3665 if (ssid == wpa_s->current_ssid) { 3666 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 3667 wpa_s->own_disconnect_req = 1; 3668 wpa_supplicant_deauthenticate( 3669 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 3670 } 3671 3672 was_disabled = ssid->disabled; 3673 3674 ssid->disabled = 1; 3675 3676 if (was_disabled != ssid->disabled) { 3677 wpas_notify_network_enabled_changed(wpa_s, ssid); 3678 if (wpa_s->sched_scanning) { 3679 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan " 3680 "to remove network from filters"); 3681 wpa_supplicant_cancel_sched_scan(wpa_s); 3682 wpa_supplicant_req_scan(wpa_s, 0, 0); 3683 } 3684 } 3685 } 3686 } 3687 3688 3689 /** 3690 * wpa_supplicant_select_network - Attempt association with a network 3691 * @wpa_s: wpa_supplicant structure for a network interface 3692 * @ssid: wpa_ssid structure for a configured network or %NULL for any network 3693 */ 3694 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, 3695 struct wpa_ssid *ssid) 3696 { 3697 3698 struct wpa_ssid *other_ssid; 3699 int disconnected = 0; 3700 3701 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { 3702 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 3703 wpa_s->own_disconnect_req = 1; 3704 wpa_supplicant_deauthenticate( 3705 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 3706 disconnected = 1; 3707 } 3708 3709 if (ssid) 3710 wpas_clear_temp_disabled(wpa_s, ssid, 1); 3711 3712 /* 3713 * Mark all other networks disabled or mark all networks enabled if no 3714 * network specified. 3715 */ 3716 for (other_ssid = wpa_s->conf->ssid; other_ssid; 3717 other_ssid = other_ssid->next) { 3718 int was_disabled = other_ssid->disabled; 3719 if (was_disabled == 2) 3720 continue; /* do not change persistent P2P group data */ 3721 3722 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; 3723 if (was_disabled && !other_ssid->disabled) 3724 wpas_clear_temp_disabled(wpa_s, other_ssid, 0); 3725 3726 if (was_disabled != other_ssid->disabled) 3727 wpas_notify_network_enabled_changed(wpa_s, other_ssid); 3728 } 3729 3730 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid && 3731 wpa_s->wpa_state >= WPA_AUTHENTICATING) { 3732 /* We are already associated with the selected network */ 3733 wpa_printf(MSG_DEBUG, "Already associated with the " 3734 "selected network - do nothing"); 3735 return; 3736 } 3737 3738 if (ssid) { 3739 wpa_s->current_ssid = ssid; 3740 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 3741 wpa_s->connect_without_scan = 3742 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL; 3743 3744 /* 3745 * Don't optimize next scan freqs since a new ESS has been 3746 * selected. 3747 */ 3748 os_free(wpa_s->next_scan_freqs); 3749 wpa_s->next_scan_freqs = NULL; 3750 } else { 3751 wpa_s->connect_without_scan = NULL; 3752 } 3753 3754 wpa_s->disconnected = 0; 3755 wpa_s->reassociate = 1; 3756 wpa_s->last_owe_group = 0; 3757 if (ssid) 3758 ssid->owe_transition_bss_select_count = 0; 3759 3760 if (wpa_s->connect_without_scan || 3761 wpa_supplicant_fast_associate(wpa_s) != 1) { 3762 wpa_s->scan_req = NORMAL_SCAN_REQ; 3763 wpas_scan_reset_sched_scan(wpa_s); 3764 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); 3765 } 3766 3767 if (ssid) 3768 wpas_notify_network_selected(wpa_s, ssid); 3769 } 3770 3771 3772 /** 3773 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path 3774 * @wpa_s: wpa_supplicant structure for a network interface 3775 * @pkcs11_engine_path: PKCS #11 engine path or NULL 3776 * @pkcs11_module_path: PKCS #11 module path or NULL 3777 * Returns: 0 on success; -1 on failure 3778 * 3779 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid 3780 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and 3781 * module path fails the paths will be reset to the default value (NULL). 3782 */ 3783 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s, 3784 const char *pkcs11_engine_path, 3785 const char *pkcs11_module_path) 3786 { 3787 char *pkcs11_engine_path_copy = NULL; 3788 char *pkcs11_module_path_copy = NULL; 3789 3790 if (pkcs11_engine_path != NULL) { 3791 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path); 3792 if (pkcs11_engine_path_copy == NULL) 3793 return -1; 3794 } 3795 if (pkcs11_module_path != NULL) { 3796 pkcs11_module_path_copy = os_strdup(pkcs11_module_path); 3797 if (pkcs11_module_path_copy == NULL) { 3798 os_free(pkcs11_engine_path_copy); 3799 return -1; 3800 } 3801 } 3802 3803 os_free(wpa_s->conf->pkcs11_engine_path); 3804 os_free(wpa_s->conf->pkcs11_module_path); 3805 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy; 3806 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy; 3807 3808 wpa_sm_set_eapol(wpa_s->wpa, NULL); 3809 eapol_sm_deinit(wpa_s->eapol); 3810 wpa_s->eapol = NULL; 3811 if (wpa_supplicant_init_eapol(wpa_s)) { 3812 /* Error -> Reset paths to the default value (NULL) once. */ 3813 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL) 3814 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL, 3815 NULL); 3816 3817 return -1; 3818 } 3819 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 3820 3821 return 0; 3822 } 3823 3824 3825 /** 3826 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface 3827 * @wpa_s: wpa_supplicant structure for a network interface 3828 * @ap_scan: AP scan mode 3829 * Returns: 0 if succeed or -1 if ap_scan has an invalid value 3830 * 3831 */ 3832 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) 3833 { 3834 3835 int old_ap_scan; 3836 3837 if (ap_scan < 0 || ap_scan > 2) 3838 return -1; 3839 3840 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) { 3841 wpa_printf(MSG_INFO, 3842 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); 3843 } 3844 3845 #ifdef ANDROID 3846 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && 3847 wpa_s->wpa_state >= WPA_ASSOCIATING && 3848 wpa_s->wpa_state < WPA_COMPLETED) { 3849 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " 3850 "associating", wpa_s->conf->ap_scan, ap_scan); 3851 return 0; 3852 } 3853 #endif /* ANDROID */ 3854 3855 old_ap_scan = wpa_s->conf->ap_scan; 3856 wpa_s->conf->ap_scan = ap_scan; 3857 3858 if (old_ap_scan != wpa_s->conf->ap_scan) 3859 wpas_notify_ap_scan_changed(wpa_s); 3860 3861 return 0; 3862 } 3863 3864 3865 /** 3866 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age 3867 * @wpa_s: wpa_supplicant structure for a network interface 3868 * @expire_age: Expiration age in seconds 3869 * Returns: 0 if succeed or -1 if expire_age has an invalid value 3870 * 3871 */ 3872 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, 3873 unsigned int bss_expire_age) 3874 { 3875 if (bss_expire_age < 10) { 3876 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", 3877 bss_expire_age); 3878 return -1; 3879 } 3880 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", 3881 bss_expire_age); 3882 wpa_s->conf->bss_expiration_age = bss_expire_age; 3883 3884 return 0; 3885 } 3886 3887 3888 /** 3889 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count 3890 * @wpa_s: wpa_supplicant structure for a network interface 3891 * @expire_count: number of scans after which an unseen BSS is reclaimed 3892 * Returns: 0 if succeed or -1 if expire_count has an invalid value 3893 * 3894 */ 3895 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, 3896 unsigned int bss_expire_count) 3897 { 3898 if (bss_expire_count < 1) { 3899 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", 3900 bss_expire_count); 3901 return -1; 3902 } 3903 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", 3904 bss_expire_count); 3905 wpa_s->conf->bss_expiration_scan_count = bss_expire_count; 3906 3907 return 0; 3908 } 3909 3910 3911 /** 3912 * wpa_supplicant_set_scan_interval - Set scan interval 3913 * @wpa_s: wpa_supplicant structure for a network interface 3914 * @scan_interval: scan interval in seconds 3915 * Returns: 0 if succeed or -1 if scan_interval has an invalid value 3916 * 3917 */ 3918 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s, 3919 int scan_interval) 3920 { 3921 if (scan_interval < 0) { 3922 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d", 3923 scan_interval); 3924 return -1; 3925 } 3926 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec", 3927 scan_interval); 3928 wpa_supplicant_update_scan_int(wpa_s, scan_interval); 3929 3930 return 0; 3931 } 3932 3933 3934 /** 3935 * wpa_supplicant_set_debug_params - Set global debug params 3936 * @global: wpa_global structure 3937 * @debug_level: debug level 3938 * @debug_timestamp: determines if show timestamp in debug data 3939 * @debug_show_keys: determines if show keys in debug data 3940 * Returns: 0 if succeed or -1 if debug_level has wrong value 3941 */ 3942 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, 3943 int debug_timestamp, int debug_show_keys) 3944 { 3945 3946 int old_level, old_timestamp, old_show_keys; 3947 3948 /* check for allowed debuglevels */ 3949 if (debug_level != MSG_EXCESSIVE && 3950 debug_level != MSG_MSGDUMP && 3951 debug_level != MSG_DEBUG && 3952 debug_level != MSG_INFO && 3953 debug_level != MSG_WARNING && 3954 debug_level != MSG_ERROR) 3955 return -1; 3956 3957 old_level = wpa_debug_level; 3958 old_timestamp = wpa_debug_timestamp; 3959 old_show_keys = wpa_debug_show_keys; 3960 3961 wpa_debug_level = debug_level; 3962 wpa_debug_timestamp = debug_timestamp ? 1 : 0; 3963 wpa_debug_show_keys = debug_show_keys ? 1 : 0; 3964 3965 if (wpa_debug_level != old_level) 3966 wpas_notify_debug_level_changed(global); 3967 if (wpa_debug_timestamp != old_timestamp) 3968 wpas_notify_debug_timestamp_changed(global); 3969 if (wpa_debug_show_keys != old_show_keys) 3970 wpas_notify_debug_show_keys_changed(global); 3971 3972 return 0; 3973 } 3974 3975 3976 #ifdef CONFIG_OWE 3977 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid, 3978 const u8 *entry_ssid, size_t entry_ssid_len) 3979 { 3980 const u8 *owe, *pos, *end; 3981 u8 ssid_len; 3982 struct wpa_bss *bss; 3983 3984 /* Check network profile SSID aganst the SSID in the 3985 * OWE Transition Mode element. */ 3986 3987 bss = wpa_bss_get_bssid_latest(wpa_s, bssid); 3988 if (!bss) 3989 return 0; 3990 3991 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); 3992 if (!owe) 3993 return 0; 3994 3995 pos = owe + 6; 3996 end = owe + 2 + owe[1]; 3997 3998 if (end - pos < ETH_ALEN + 1) 3999 return 0; 4000 pos += ETH_ALEN; 4001 ssid_len = *pos++; 4002 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN) 4003 return 0; 4004 4005 return entry_ssid_len == ssid_len && 4006 os_memcmp(pos, entry_ssid, ssid_len) == 0; 4007 } 4008 #endif /* CONFIG_OWE */ 4009 4010 4011 /** 4012 * wpa_supplicant_get_ssid - Get a pointer to the current network structure 4013 * @wpa_s: Pointer to wpa_supplicant data 4014 * Returns: A pointer to the current network structure or %NULL on failure 4015 */ 4016 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) 4017 { 4018 struct wpa_ssid *entry; 4019 u8 ssid[SSID_MAX_LEN]; 4020 int res; 4021 size_t ssid_len; 4022 u8 bssid[ETH_ALEN]; 4023 int wired; 4024 4025 res = wpa_drv_get_ssid(wpa_s, ssid); 4026 if (res < 0) { 4027 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " 4028 "driver"); 4029 return NULL; 4030 } 4031 ssid_len = res; 4032 4033 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { 4034 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " 4035 "driver"); 4036 return NULL; 4037 } 4038 4039 wired = wpa_s->conf->ap_scan == 0 && 4040 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); 4041 4042 entry = wpa_s->conf->ssid; 4043 while (entry) { 4044 if (!wpas_network_disabled(wpa_s, entry) && 4045 ((ssid_len == entry->ssid_len && 4046 (!entry->ssid || 4047 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) || 4048 wired) && 4049 (!entry->bssid_set || 4050 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 4051 return entry; 4052 #ifdef CONFIG_WPS 4053 if (!wpas_network_disabled(wpa_s, entry) && 4054 (entry->key_mgmt & WPA_KEY_MGMT_WPS) && 4055 (entry->ssid == NULL || entry->ssid_len == 0) && 4056 (!entry->bssid_set || 4057 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 4058 return entry; 4059 #endif /* CONFIG_WPS */ 4060 4061 #ifdef CONFIG_OWE 4062 if (!wpas_network_disabled(wpa_s, entry) && 4063 owe_trans_ssid_match(wpa_s, bssid, entry->ssid, 4064 entry->ssid_len) && 4065 (!entry->bssid_set || 4066 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 4067 return entry; 4068 #endif /* CONFIG_OWE */ 4069 4070 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && 4071 entry->ssid_len == 0 && 4072 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0) 4073 return entry; 4074 4075 entry = entry->next; 4076 } 4077 4078 return NULL; 4079 } 4080 4081 4082 static int select_driver(struct wpa_supplicant *wpa_s, int i) 4083 { 4084 struct wpa_global *global = wpa_s->global; 4085 4086 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { 4087 global->drv_priv[i] = wpa_drivers[i]->global_init(global); 4088 if (global->drv_priv[i] == NULL) { 4089 wpa_printf(MSG_ERROR, "Failed to initialize driver " 4090 "'%s'", wpa_drivers[i]->name); 4091 return -1; 4092 } 4093 } 4094 4095 wpa_s->driver = wpa_drivers[i]; 4096 wpa_s->global_drv_priv = global->drv_priv[i]; 4097 4098 return 0; 4099 } 4100 4101 4102 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, 4103 const char *name) 4104 { 4105 int i; 4106 size_t len; 4107 const char *pos, *driver = name; 4108 4109 if (wpa_s == NULL) 4110 return -1; 4111 4112 if (wpa_drivers[0] == NULL) { 4113 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " 4114 "wpa_supplicant"); 4115 return -1; 4116 } 4117 4118 if (name == NULL) { 4119 /* default to first driver in the list */ 4120 return select_driver(wpa_s, 0); 4121 } 4122 4123 do { 4124 pos = os_strchr(driver, ','); 4125 if (pos) 4126 len = pos - driver; 4127 else 4128 len = os_strlen(driver); 4129 4130 for (i = 0; wpa_drivers[i]; i++) { 4131 if (os_strlen(wpa_drivers[i]->name) == len && 4132 os_strncmp(driver, wpa_drivers[i]->name, len) == 4133 0) { 4134 /* First driver that succeeds wins */ 4135 if (select_driver(wpa_s, i) == 0) 4136 return 0; 4137 } 4138 } 4139 4140 driver = pos + 1; 4141 } while (pos); 4142 4143 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); 4144 return -1; 4145 } 4146 4147 4148 /** 4149 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant 4150 * @ctx: Context pointer (wpa_s); this is the ctx variable registered 4151 * with struct wpa_driver_ops::init() 4152 * @src_addr: Source address of the EAPOL frame 4153 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) 4154 * @len: Length of the EAPOL data 4155 * 4156 * This function is called for each received EAPOL frame. Most driver 4157 * interfaces rely on more generic OS mechanism for receiving frames through 4158 * l2_packet, but if such a mechanism is not available, the driver wrapper may 4159 * take care of received EAPOL frames and deliver them to the core supplicant 4160 * code by calling this function. 4161 */ 4162 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, 4163 const u8 *buf, size_t len) 4164 { 4165 struct wpa_supplicant *wpa_s = ctx; 4166 4167 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); 4168 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); 4169 4170 #ifdef CONFIG_TESTING_OPTIONS 4171 if (wpa_s->ignore_auth_resp) { 4172 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!"); 4173 return; 4174 } 4175 #endif /* CONFIG_TESTING_OPTIONS */ 4176 4177 if (wpa_s->wpa_state < WPA_ASSOCIATED || 4178 (wpa_s->last_eapol_matches_bssid && 4179 #ifdef CONFIG_AP 4180 !wpa_s->ap_iface && 4181 #endif /* CONFIG_AP */ 4182 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) { 4183 /* 4184 * There is possible race condition between receiving the 4185 * association event and the EAPOL frame since they are coming 4186 * through different paths from the driver. In order to avoid 4187 * issues in trying to process the EAPOL frame before receiving 4188 * association information, lets queue it for processing until 4189 * the association event is received. This may also be needed in 4190 * driver-based roaming case, so also use src_addr != BSSID as a 4191 * trigger if we have previously confirmed that the 4192 * Authenticator uses BSSID as the src_addr (which is not the 4193 * case with wired IEEE 802.1X). 4194 */ 4195 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing " 4196 "of received EAPOL frame (state=%s bssid=" MACSTR ")", 4197 wpa_supplicant_state_txt(wpa_s->wpa_state), 4198 MAC2STR(wpa_s->bssid)); 4199 wpabuf_free(wpa_s->pending_eapol_rx); 4200 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); 4201 if (wpa_s->pending_eapol_rx) { 4202 os_get_reltime(&wpa_s->pending_eapol_rx_time); 4203 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, 4204 ETH_ALEN); 4205 } 4206 return; 4207 } 4208 4209 wpa_s->last_eapol_matches_bssid = 4210 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0; 4211 4212 #ifdef CONFIG_AP 4213 if (wpa_s->ap_iface) { 4214 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len); 4215 return; 4216 } 4217 #endif /* CONFIG_AP */ 4218 4219 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { 4220 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " 4221 "no key management is configured"); 4222 return; 4223 } 4224 4225 if (wpa_s->eapol_received == 0 && 4226 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) || 4227 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 4228 wpa_s->wpa_state != WPA_COMPLETED) && 4229 (wpa_s->current_ssid == NULL || 4230 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) { 4231 /* Timeout for completing IEEE 802.1X and WPA authentication */ 4232 int timeout = 10; 4233 4234 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || 4235 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || 4236 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 4237 /* Use longer timeout for IEEE 802.1X/EAP */ 4238 timeout = 70; 4239 } 4240 4241 #ifdef CONFIG_WPS 4242 if (wpa_s->current_ssid && wpa_s->current_bss && 4243 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) && 4244 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) { 4245 /* 4246 * Use shorter timeout if going through WPS AP iteration 4247 * for PIN config method with an AP that does not 4248 * advertise Selected Registrar. 4249 */ 4250 struct wpabuf *wps_ie; 4251 4252 wps_ie = wpa_bss_get_vendor_ie_multi( 4253 wpa_s->current_bss, WPS_IE_VENDOR_TYPE); 4254 if (wps_ie && 4255 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1)) 4256 timeout = 10; 4257 wpabuf_free(wps_ie); 4258 } 4259 #endif /* CONFIG_WPS */ 4260 4261 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 4262 } 4263 wpa_s->eapol_received++; 4264 4265 if (wpa_s->countermeasures) { 4266 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " 4267 "EAPOL packet"); 4268 return; 4269 } 4270 4271 #ifdef CONFIG_IBSS_RSN 4272 if (wpa_s->current_ssid && 4273 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { 4274 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len); 4275 return; 4276 } 4277 #endif /* CONFIG_IBSS_RSN */ 4278 4279 /* Source address of the incoming EAPOL frame could be compared to the 4280 * current BSSID. However, it is possible that a centralized 4281 * Authenticator could be using another MAC address than the BSSID of 4282 * an AP, so just allow any address to be used for now. The replies are 4283 * still sent to the current BSSID (if available), though. */ 4284 4285 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); 4286 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && 4287 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE && 4288 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP && 4289 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) 4290 return; 4291 wpa_drv_poll(wpa_s); 4292 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) 4293 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); 4294 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 4295 /* 4296 * Set portValid = TRUE here since we are going to skip 4-way 4297 * handshake processing which would normally set portValid. We 4298 * need this to allow the EAPOL state machines to be completed 4299 * without going through EAPOL-Key handshake. 4300 */ 4301 eapol_sm_notify_portValid(wpa_s->eapol, TRUE); 4302 } 4303 } 4304 4305 4306 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) 4307 { 4308 if ((!wpa_s->p2p_mgmt || 4309 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) && 4310 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { 4311 l2_packet_deinit(wpa_s->l2); 4312 wpa_s->l2 = l2_packet_init(wpa_s->ifname, 4313 wpa_drv_get_mac_addr(wpa_s), 4314 ETH_P_EAPOL, 4315 wpa_supplicant_rx_eapol, wpa_s, 0); 4316 if (wpa_s->l2 == NULL) 4317 return -1; 4318 4319 if (l2_packet_set_packet_filter(wpa_s->l2, 4320 L2_PACKET_FILTER_PKTTYPE)) 4321 wpa_dbg(wpa_s, MSG_DEBUG, 4322 "Failed to attach pkt_type filter"); 4323 } else { 4324 const u8 *addr = wpa_drv_get_mac_addr(wpa_s); 4325 if (addr) 4326 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); 4327 } 4328 4329 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { 4330 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address"); 4331 return -1; 4332 } 4333 4334 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 4335 4336 return 0; 4337 } 4338 4339 4340 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr, 4341 const u8 *buf, size_t len) 4342 { 4343 struct wpa_supplicant *wpa_s = ctx; 4344 const struct l2_ethhdr *eth; 4345 4346 if (len < sizeof(*eth)) 4347 return; 4348 eth = (const struct l2_ethhdr *) buf; 4349 4350 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 && 4351 !(eth->h_dest[0] & 0x01)) { 4352 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR 4353 " (bridge - not for this interface - ignore)", 4354 MAC2STR(src_addr), MAC2STR(eth->h_dest)); 4355 return; 4356 } 4357 4358 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR 4359 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest)); 4360 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth), 4361 len - sizeof(*eth)); 4362 } 4363 4364 4365 /** 4366 * wpa_supplicant_driver_init - Initialize driver interface parameters 4367 * @wpa_s: Pointer to wpa_supplicant data 4368 * Returns: 0 on success, -1 on failure 4369 * 4370 * This function is called to initialize driver interface parameters. 4371 * wpa_drv_init() must have been called before this function to initialize the 4372 * driver interface. 4373 */ 4374 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) 4375 { 4376 static int interface_count = 0; 4377 4378 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) 4379 return -1; 4380 4381 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, 4382 MAC2STR(wpa_s->own_addr)); 4383 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN); 4384 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 4385 4386 if (wpa_s->bridge_ifname[0]) { 4387 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " 4388 "interface '%s'", wpa_s->bridge_ifname); 4389 wpa_s->l2_br = l2_packet_init_bridge( 4390 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr, 4391 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1); 4392 if (wpa_s->l2_br == NULL) { 4393 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " 4394 "connection for the bridge interface '%s'", 4395 wpa_s->bridge_ifname); 4396 return -1; 4397 } 4398 } 4399 4400 if (wpa_s->conf->ap_scan == 2 && 4401 os_strcmp(wpa_s->driver->name, "nl80211") == 0) { 4402 wpa_printf(MSG_INFO, 4403 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); 4404 } 4405 4406 wpa_clear_keys(wpa_s, NULL); 4407 4408 /* Make sure that TKIP countermeasures are not left enabled (could 4409 * happen if wpa_supplicant is killed during countermeasures. */ 4410 wpa_drv_set_countermeasures(wpa_s, 0); 4411 4412 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); 4413 wpa_drv_flush_pmkid(wpa_s); 4414 4415 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; 4416 wpa_s->prev_scan_wildcard = 0; 4417 4418 if (wpa_supplicant_enabled_networks(wpa_s)) { 4419 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { 4420 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 4421 interface_count = 0; 4422 } 4423 #ifndef ANDROID 4424 if (!wpa_s->p2p_mgmt && 4425 wpa_supplicant_delayed_sched_scan(wpa_s, 4426 interface_count % 3, 4427 100000)) 4428 wpa_supplicant_req_scan(wpa_s, interface_count % 3, 4429 100000); 4430 #endif /* ANDROID */ 4431 interface_count++; 4432 } else 4433 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 4434 4435 return 0; 4436 } 4437 4438 4439 static int wpa_supplicant_daemon(const char *pid_file) 4440 { 4441 wpa_printf(MSG_DEBUG, "Daemonize.."); 4442 return os_daemonize(pid_file); 4443 } 4444 4445 4446 static struct wpa_supplicant * 4447 wpa_supplicant_alloc(struct wpa_supplicant *parent) 4448 { 4449 struct wpa_supplicant *wpa_s; 4450 4451 wpa_s = os_zalloc(sizeof(*wpa_s)); 4452 if (wpa_s == NULL) 4453 return NULL; 4454 wpa_s->scan_req = INITIAL_SCAN_REQ; 4455 wpa_s->scan_interval = 5; 4456 wpa_s->new_connection = 1; 4457 wpa_s->parent = parent ? parent : wpa_s; 4458 wpa_s->p2pdev = wpa_s->parent; 4459 wpa_s->sched_scanning = 0; 4460 4461 dl_list_init(&wpa_s->bss_tmp_disallowed); 4462 dl_list_init(&wpa_s->fils_hlp_req); 4463 4464 return wpa_s; 4465 } 4466 4467 4468 #ifdef CONFIG_HT_OVERRIDES 4469 4470 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, 4471 struct ieee80211_ht_capabilities *htcaps, 4472 struct ieee80211_ht_capabilities *htcaps_mask, 4473 const char *ht_mcs) 4474 { 4475 /* parse ht_mcs into hex array */ 4476 int i; 4477 const char *tmp = ht_mcs; 4478 char *end = NULL; 4479 4480 /* If ht_mcs is null, do not set anything */ 4481 if (!ht_mcs) 4482 return 0; 4483 4484 /* This is what we are setting in the kernel */ 4485 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); 4486 4487 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); 4488 4489 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { 4490 long v; 4491 4492 errno = 0; 4493 v = strtol(tmp, &end, 16); 4494 4495 if (errno == 0) { 4496 wpa_msg(wpa_s, MSG_DEBUG, 4497 "htcap value[%i]: %ld end: %p tmp: %p", 4498 i, v, end, tmp); 4499 if (end == tmp) 4500 break; 4501 4502 htcaps->supported_mcs_set[i] = v; 4503 tmp = end; 4504 } else { 4505 wpa_msg(wpa_s, MSG_ERROR, 4506 "Failed to parse ht-mcs: %s, error: %s\n", 4507 ht_mcs, strerror(errno)); 4508 return -1; 4509 } 4510 } 4511 4512 /* 4513 * If we were able to parse any values, then set mask for the MCS set. 4514 */ 4515 if (i) { 4516 os_memset(&htcaps_mask->supported_mcs_set, 0xff, 4517 IEEE80211_HT_MCS_MASK_LEN - 1); 4518 /* skip the 3 reserved bits */ 4519 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = 4520 0x1f; 4521 } 4522 4523 return 0; 4524 } 4525 4526 4527 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, 4528 struct ieee80211_ht_capabilities *htcaps, 4529 struct ieee80211_ht_capabilities *htcaps_mask, 4530 int disabled) 4531 { 4532 le16 msk; 4533 4534 if (disabled == -1) 4535 return 0; 4536 4537 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); 4538 4539 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); 4540 htcaps_mask->ht_capabilities_info |= msk; 4541 if (disabled) 4542 htcaps->ht_capabilities_info &= msk; 4543 else 4544 htcaps->ht_capabilities_info |= msk; 4545 4546 return 0; 4547 } 4548 4549 4550 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, 4551 struct ieee80211_ht_capabilities *htcaps, 4552 struct ieee80211_ht_capabilities *htcaps_mask, 4553 int factor) 4554 { 4555 if (factor == -1) 4556 return 0; 4557 4558 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); 4559 4560 if (factor < 0 || factor > 3) { 4561 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " 4562 "Must be 0-3 or -1", factor); 4563 return -EINVAL; 4564 } 4565 4566 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ 4567 htcaps->a_mpdu_params &= ~0x3; 4568 htcaps->a_mpdu_params |= factor & 0x3; 4569 4570 return 0; 4571 } 4572 4573 4574 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, 4575 struct ieee80211_ht_capabilities *htcaps, 4576 struct ieee80211_ht_capabilities *htcaps_mask, 4577 int density) 4578 { 4579 if (density == -1) 4580 return 0; 4581 4582 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); 4583 4584 if (density < 0 || density > 7) { 4585 wpa_msg(wpa_s, MSG_ERROR, 4586 "ampdu_density: %d out of range. Must be 0-7 or -1.", 4587 density); 4588 return -EINVAL; 4589 } 4590 4591 htcaps_mask->a_mpdu_params |= 0x1C; 4592 htcaps->a_mpdu_params &= ~(0x1C); 4593 htcaps->a_mpdu_params |= (density << 2) & 0x1C; 4594 4595 return 0; 4596 } 4597 4598 4599 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, 4600 struct ieee80211_ht_capabilities *htcaps, 4601 struct ieee80211_ht_capabilities *htcaps_mask, 4602 int disabled) 4603 { 4604 if (disabled) 4605 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); 4606 4607 set_disable_ht40(htcaps, disabled); 4608 set_disable_ht40(htcaps_mask, 0); 4609 4610 return 0; 4611 } 4612 4613 4614 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s, 4615 struct ieee80211_ht_capabilities *htcaps, 4616 struct ieee80211_ht_capabilities *htcaps_mask, 4617 int disabled) 4618 { 4619 /* Masking these out disables SGI */ 4620 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ | 4621 HT_CAP_INFO_SHORT_GI40MHZ); 4622 4623 if (disabled) 4624 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled); 4625 4626 if (disabled) 4627 htcaps->ht_capabilities_info &= ~msk; 4628 else 4629 htcaps->ht_capabilities_info |= msk; 4630 4631 htcaps_mask->ht_capabilities_info |= msk; 4632 4633 return 0; 4634 } 4635 4636 4637 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s, 4638 struct ieee80211_ht_capabilities *htcaps, 4639 struct ieee80211_ht_capabilities *htcaps_mask, 4640 int disabled) 4641 { 4642 /* Masking these out disables LDPC */ 4643 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP); 4644 4645 if (disabled) 4646 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled); 4647 4648 if (disabled) 4649 htcaps->ht_capabilities_info &= ~msk; 4650 else 4651 htcaps->ht_capabilities_info |= msk; 4652 4653 htcaps_mask->ht_capabilities_info |= msk; 4654 4655 return 0; 4656 } 4657 4658 4659 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s, 4660 struct ieee80211_ht_capabilities *htcaps, 4661 struct ieee80211_ht_capabilities *htcaps_mask, 4662 int tx_stbc) 4663 { 4664 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC); 4665 4666 if (tx_stbc == -1) 4667 return 0; 4668 4669 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc); 4670 4671 if (tx_stbc < 0 || tx_stbc > 1) { 4672 wpa_msg(wpa_s, MSG_ERROR, 4673 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc); 4674 return -EINVAL; 4675 } 4676 4677 htcaps_mask->ht_capabilities_info |= msk; 4678 htcaps->ht_capabilities_info &= ~msk; 4679 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk; 4680 4681 return 0; 4682 } 4683 4684 4685 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s, 4686 struct ieee80211_ht_capabilities *htcaps, 4687 struct ieee80211_ht_capabilities *htcaps_mask, 4688 int rx_stbc) 4689 { 4690 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK); 4691 4692 if (rx_stbc == -1) 4693 return 0; 4694 4695 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc); 4696 4697 if (rx_stbc < 0 || rx_stbc > 3) { 4698 wpa_msg(wpa_s, MSG_ERROR, 4699 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc); 4700 return -EINVAL; 4701 } 4702 4703 htcaps_mask->ht_capabilities_info |= msk; 4704 htcaps->ht_capabilities_info &= ~msk; 4705 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk; 4706 4707 return 0; 4708 } 4709 4710 4711 void wpa_supplicant_apply_ht_overrides( 4712 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 4713 struct wpa_driver_associate_params *params) 4714 { 4715 struct ieee80211_ht_capabilities *htcaps; 4716 struct ieee80211_ht_capabilities *htcaps_mask; 4717 4718 if (!ssid) 4719 return; 4720 4721 params->disable_ht = ssid->disable_ht; 4722 if (!params->htcaps || !params->htcaps_mask) 4723 return; 4724 4725 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; 4726 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; 4727 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); 4728 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, 4729 ssid->disable_max_amsdu); 4730 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); 4731 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); 4732 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); 4733 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi); 4734 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc); 4735 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc); 4736 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc); 4737 4738 if (ssid->ht40_intolerant) { 4739 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT); 4740 htcaps->ht_capabilities_info |= bit; 4741 htcaps_mask->ht_capabilities_info |= bit; 4742 } 4743 } 4744 4745 #endif /* CONFIG_HT_OVERRIDES */ 4746 4747 4748 #ifdef CONFIG_VHT_OVERRIDES 4749 void wpa_supplicant_apply_vht_overrides( 4750 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 4751 struct wpa_driver_associate_params *params) 4752 { 4753 struct ieee80211_vht_capabilities *vhtcaps; 4754 struct ieee80211_vht_capabilities *vhtcaps_mask; 4755 4756 if (!ssid) 4757 return; 4758 4759 params->disable_vht = ssid->disable_vht; 4760 4761 vhtcaps = (void *) params->vhtcaps; 4762 vhtcaps_mask = (void *) params->vhtcaps_mask; 4763 4764 if (!vhtcaps || !vhtcaps_mask) 4765 return; 4766 4767 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa); 4768 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask); 4769 4770 #ifdef CONFIG_HT_OVERRIDES 4771 if (ssid->disable_sgi) { 4772 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 | 4773 VHT_CAP_SHORT_GI_160); 4774 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 | 4775 VHT_CAP_SHORT_GI_160); 4776 wpa_msg(wpa_s, MSG_DEBUG, 4777 "disable-sgi override specified, vht-caps: 0x%x", 4778 vhtcaps->vht_capabilities_info); 4779 } 4780 4781 /* if max ampdu is <= 3, we have to make the HT cap the same */ 4782 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) { 4783 int max_ampdu; 4784 4785 max_ampdu = (ssid->vht_capa & 4786 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >> 4787 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT; 4788 4789 max_ampdu = max_ampdu < 3 ? max_ampdu : 3; 4790 wpa_set_ampdu_factor(wpa_s, 4791 (void *) params->htcaps, 4792 (void *) params->htcaps_mask, 4793 max_ampdu); 4794 } 4795 #endif /* CONFIG_HT_OVERRIDES */ 4796 4797 #define OVERRIDE_MCS(i) \ 4798 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \ 4799 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \ 4800 host_to_le16(3 << 2 * (i - 1)); \ 4801 vhtcaps->vht_supported_mcs_set.tx_map |= \ 4802 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \ 4803 2 * (i - 1)); \ 4804 } \ 4805 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \ 4806 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \ 4807 host_to_le16(3 << 2 * (i - 1)); \ 4808 vhtcaps->vht_supported_mcs_set.rx_map |= \ 4809 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \ 4810 2 * (i - 1)); \ 4811 } 4812 4813 OVERRIDE_MCS(1); 4814 OVERRIDE_MCS(2); 4815 OVERRIDE_MCS(3); 4816 OVERRIDE_MCS(4); 4817 OVERRIDE_MCS(5); 4818 OVERRIDE_MCS(6); 4819 OVERRIDE_MCS(7); 4820 OVERRIDE_MCS(8); 4821 } 4822 #endif /* CONFIG_VHT_OVERRIDES */ 4823 4824 4825 static int pcsc_reader_init(struct wpa_supplicant *wpa_s) 4826 { 4827 #ifdef PCSC_FUNCS 4828 size_t len; 4829 4830 if (!wpa_s->conf->pcsc_reader) 4831 return 0; 4832 4833 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader); 4834 if (!wpa_s->scard) 4835 return 1; 4836 4837 if (wpa_s->conf->pcsc_pin && 4838 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) { 4839 scard_deinit(wpa_s->scard); 4840 wpa_s->scard = NULL; 4841 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed"); 4842 return -1; 4843 } 4844 4845 len = sizeof(wpa_s->imsi) - 1; 4846 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) { 4847 scard_deinit(wpa_s->scard); 4848 wpa_s->scard = NULL; 4849 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI"); 4850 return -1; 4851 } 4852 wpa_s->imsi[len] = '\0'; 4853 4854 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard); 4855 4856 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)", 4857 wpa_s->imsi, wpa_s->mnc_len); 4858 4859 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); 4860 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); 4861 #endif /* PCSC_FUNCS */ 4862 4863 return 0; 4864 } 4865 4866 4867 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s) 4868 { 4869 char *val, *pos; 4870 4871 ext_password_deinit(wpa_s->ext_pw); 4872 wpa_s->ext_pw = NULL; 4873 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL); 4874 4875 if (!wpa_s->conf->ext_password_backend) 4876 return 0; 4877 4878 val = os_strdup(wpa_s->conf->ext_password_backend); 4879 if (val == NULL) 4880 return -1; 4881 pos = os_strchr(val, ':'); 4882 if (pos) 4883 *pos++ = '\0'; 4884 4885 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val); 4886 4887 wpa_s->ext_pw = ext_password_init(val, pos); 4888 os_free(val); 4889 if (wpa_s->ext_pw == NULL) { 4890 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend"); 4891 return -1; 4892 } 4893 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw); 4894 4895 return 0; 4896 } 4897 4898 4899 #ifdef CONFIG_FST 4900 4901 static const u8 * wpas_fst_get_bssid_cb(void *ctx) 4902 { 4903 struct wpa_supplicant *wpa_s = ctx; 4904 4905 return (is_zero_ether_addr(wpa_s->bssid) || 4906 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid; 4907 } 4908 4909 4910 static void wpas_fst_get_channel_info_cb(void *ctx, 4911 enum hostapd_hw_mode *hw_mode, 4912 u8 *channel) 4913 { 4914 struct wpa_supplicant *wpa_s = ctx; 4915 4916 if (wpa_s->current_bss) { 4917 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq, 4918 channel); 4919 } else if (wpa_s->hw.num_modes) { 4920 *hw_mode = wpa_s->hw.modes[0].mode; 4921 } else { 4922 WPA_ASSERT(0); 4923 *hw_mode = 0; 4924 } 4925 } 4926 4927 4928 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes) 4929 { 4930 struct wpa_supplicant *wpa_s = ctx; 4931 4932 *modes = wpa_s->hw.modes; 4933 return wpa_s->hw.num_modes; 4934 } 4935 4936 4937 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies) 4938 { 4939 struct wpa_supplicant *wpa_s = ctx; 4940 4941 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies); 4942 wpa_s->fst_ies = fst_ies; 4943 } 4944 4945 4946 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data) 4947 { 4948 struct wpa_supplicant *wpa_s = ctx; 4949 4950 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) { 4951 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR, 4952 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da)); 4953 return -1; 4954 } 4955 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, 4956 wpa_s->own_addr, wpa_s->bssid, 4957 wpabuf_head(data), wpabuf_len(data), 4958 0); 4959 } 4960 4961 4962 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr) 4963 { 4964 struct wpa_supplicant *wpa_s = ctx; 4965 4966 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0); 4967 return wpa_s->received_mb_ies; 4968 } 4969 4970 4971 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr, 4972 const u8 *buf, size_t size) 4973 { 4974 struct wpa_supplicant *wpa_s = ctx; 4975 struct mb_ies_info info; 4976 4977 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0); 4978 4979 if (!mb_ies_info_by_ies(&info, buf, size)) { 4980 wpabuf_free(wpa_s->received_mb_ies); 4981 wpa_s->received_mb_ies = mb_ies_by_info(&info); 4982 } 4983 } 4984 4985 4986 static const u8 * wpas_fst_get_peer_first(void *ctx, 4987 struct fst_get_peer_ctx **get_ctx, 4988 Boolean mb_only) 4989 { 4990 struct wpa_supplicant *wpa_s = ctx; 4991 4992 *get_ctx = NULL; 4993 if (!is_zero_ether_addr(wpa_s->bssid)) 4994 return (wpa_s->received_mb_ies || !mb_only) ? 4995 wpa_s->bssid : NULL; 4996 return NULL; 4997 } 4998 4999 5000 static const u8 * wpas_fst_get_peer_next(void *ctx, 5001 struct fst_get_peer_ctx **get_ctx, 5002 Boolean mb_only) 5003 { 5004 return NULL; 5005 } 5006 5007 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s, 5008 struct fst_wpa_obj *iface_obj) 5009 { 5010 iface_obj->ctx = wpa_s; 5011 iface_obj->get_bssid = wpas_fst_get_bssid_cb; 5012 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb; 5013 iface_obj->get_hw_modes = wpas_fst_get_hw_modes; 5014 iface_obj->set_ies = wpas_fst_set_ies_cb; 5015 iface_obj->send_action = wpas_fst_send_action_cb; 5016 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb; 5017 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb; 5018 iface_obj->get_peer_first = wpas_fst_get_peer_first; 5019 iface_obj->get_peer_next = wpas_fst_get_peer_next; 5020 } 5021 #endif /* CONFIG_FST */ 5022 5023 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s, 5024 const struct wpa_driver_capa *capa) 5025 { 5026 struct wowlan_triggers *triggers; 5027 int ret = 0; 5028 5029 if (!wpa_s->conf->wowlan_triggers) 5030 return 0; 5031 5032 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa); 5033 if (triggers) { 5034 ret = wpa_drv_wowlan(wpa_s, triggers); 5035 os_free(triggers); 5036 } 5037 return ret; 5038 } 5039 5040 5041 enum wpa_radio_work_band wpas_freq_to_band(int freq) 5042 { 5043 if (freq < 3000) 5044 return BAND_2_4_GHZ; 5045 if (freq > 50000) 5046 return BAND_60_GHZ; 5047 return BAND_5_GHZ; 5048 } 5049 5050 5051 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs) 5052 { 5053 int i; 5054 unsigned int band = 0; 5055 5056 if (freqs) { 5057 /* freqs are specified for the radio work */ 5058 for (i = 0; freqs[i]; i++) 5059 band |= wpas_freq_to_band(freqs[i]); 5060 } else { 5061 /* 5062 * freqs are not specified, implies all 5063 * the supported freqs by HW 5064 */ 5065 for (i = 0; i < wpa_s->hw.num_modes; i++) { 5066 if (wpa_s->hw.modes[i].num_channels != 0) { 5067 if (wpa_s->hw.modes[i].mode == 5068 HOSTAPD_MODE_IEEE80211B || 5069 wpa_s->hw.modes[i].mode == 5070 HOSTAPD_MODE_IEEE80211G) 5071 band |= BAND_2_4_GHZ; 5072 else if (wpa_s->hw.modes[i].mode == 5073 HOSTAPD_MODE_IEEE80211A) 5074 band |= BAND_5_GHZ; 5075 else if (wpa_s->hw.modes[i].mode == 5076 HOSTAPD_MODE_IEEE80211AD) 5077 band |= BAND_60_GHZ; 5078 else if (wpa_s->hw.modes[i].mode == 5079 HOSTAPD_MODE_IEEE80211ANY) 5080 band = BAND_2_4_GHZ | BAND_5_GHZ | 5081 BAND_60_GHZ; 5082 } 5083 } 5084 } 5085 5086 return band; 5087 } 5088 5089 5090 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s, 5091 const char *rn) 5092 { 5093 struct wpa_supplicant *iface = wpa_s->global->ifaces; 5094 struct wpa_radio *radio; 5095 5096 while (rn && iface) { 5097 radio = iface->radio; 5098 if (radio && os_strcmp(rn, radio->name) == 0) { 5099 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s", 5100 wpa_s->ifname, rn); 5101 dl_list_add(&radio->ifaces, &wpa_s->radio_list); 5102 return radio; 5103 } 5104 5105 iface = iface->next; 5106 } 5107 5108 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s", 5109 wpa_s->ifname, rn ? rn : "N/A"); 5110 radio = os_zalloc(sizeof(*radio)); 5111 if (radio == NULL) 5112 return NULL; 5113 5114 if (rn) 5115 os_strlcpy(radio->name, rn, sizeof(radio->name)); 5116 dl_list_init(&radio->ifaces); 5117 dl_list_init(&radio->work); 5118 dl_list_add(&radio->ifaces, &wpa_s->radio_list); 5119 5120 return radio; 5121 } 5122 5123 5124 static void radio_work_free(struct wpa_radio_work *work) 5125 { 5126 if (work->wpa_s->scan_work == work) { 5127 /* This should not really happen. */ 5128 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work", 5129 work->type, work, work->started); 5130 work->wpa_s->scan_work = NULL; 5131 } 5132 5133 #ifdef CONFIG_P2P 5134 if (work->wpa_s->p2p_scan_work == work) { 5135 /* This should not really happen. */ 5136 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work", 5137 work->type, work, work->started); 5138 work->wpa_s->p2p_scan_work = NULL; 5139 } 5140 #endif /* CONFIG_P2P */ 5141 5142 if (work->started) { 5143 work->wpa_s->radio->num_active_works--; 5144 wpa_dbg(work->wpa_s, MSG_DEBUG, 5145 "radio_work_free('%s'@%p): num_active_works --> %u", 5146 work->type, work, 5147 work->wpa_s->radio->num_active_works); 5148 } 5149 5150 dl_list_del(&work->list); 5151 os_free(work); 5152 } 5153 5154 5155 static int radio_work_is_connect(struct wpa_radio_work *work) 5156 { 5157 return os_strcmp(work->type, "sme-connect") == 0 || 5158 os_strcmp(work->type, "connect") == 0; 5159 } 5160 5161 5162 static int radio_work_is_scan(struct wpa_radio_work *work) 5163 { 5164 return os_strcmp(work->type, "scan") == 0 || 5165 os_strcmp(work->type, "p2p-scan") == 0; 5166 } 5167 5168 5169 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio) 5170 { 5171 struct wpa_radio_work *active_work = NULL; 5172 struct wpa_radio_work *tmp; 5173 5174 /* Get the active work to know the type and band. */ 5175 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { 5176 if (tmp->started) { 5177 active_work = tmp; 5178 break; 5179 } 5180 } 5181 5182 if (!active_work) { 5183 /* No active work, start one */ 5184 radio->num_active_works = 0; 5185 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, 5186 list) { 5187 if (os_strcmp(tmp->type, "scan") == 0 && 5188 radio->external_scan_running && 5189 (((struct wpa_driver_scan_params *) 5190 tmp->ctx)->only_new_results || 5191 tmp->wpa_s->clear_driver_scan_cache)) 5192 continue; 5193 return tmp; 5194 } 5195 return NULL; 5196 } 5197 5198 if (radio_work_is_connect(active_work)) { 5199 /* 5200 * If the active work is either connect or sme-connect, 5201 * do not parallelize them with other radio works. 5202 */ 5203 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 5204 "Do not parallelize radio work with %s", 5205 active_work->type); 5206 return NULL; 5207 } 5208 5209 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { 5210 if (tmp->started) 5211 continue; 5212 5213 /* 5214 * If connect or sme-connect are enqueued, parallelize only 5215 * those operations ahead of them in the queue. 5216 */ 5217 if (radio_work_is_connect(tmp)) 5218 break; 5219 5220 /* Serialize parallel scan and p2p_scan operations on the same 5221 * interface since the driver_nl80211 mechanism for tracking 5222 * scan cookies does not yet have support for this. */ 5223 if (active_work->wpa_s == tmp->wpa_s && 5224 radio_work_is_scan(active_work) && 5225 radio_work_is_scan(tmp)) { 5226 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 5227 "Do not start work '%s' when another work '%s' is already scheduled", 5228 tmp->type, active_work->type); 5229 continue; 5230 } 5231 /* 5232 * Check that the radio works are distinct and 5233 * on different bands. 5234 */ 5235 if (os_strcmp(active_work->type, tmp->type) != 0 && 5236 (active_work->bands != tmp->bands)) { 5237 /* 5238 * If a scan has to be scheduled through nl80211 scan 5239 * interface and if an external scan is already running, 5240 * do not schedule the scan since it is likely to get 5241 * rejected by kernel. 5242 */ 5243 if (os_strcmp(tmp->type, "scan") == 0 && 5244 radio->external_scan_running && 5245 (((struct wpa_driver_scan_params *) 5246 tmp->ctx)->only_new_results || 5247 tmp->wpa_s->clear_driver_scan_cache)) 5248 continue; 5249 5250 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 5251 "active_work:%s new_work:%s", 5252 active_work->type, tmp->type); 5253 return tmp; 5254 } 5255 } 5256 5257 /* Did not find a radio work to schedule in parallel. */ 5258 return NULL; 5259 } 5260 5261 5262 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx) 5263 { 5264 struct wpa_radio *radio = eloop_ctx; 5265 struct wpa_radio_work *work; 5266 struct os_reltime now, diff; 5267 struct wpa_supplicant *wpa_s; 5268 5269 work = dl_list_first(&radio->work, struct wpa_radio_work, list); 5270 if (work == NULL) { 5271 radio->num_active_works = 0; 5272 return; 5273 } 5274 5275 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant, 5276 radio_list); 5277 5278 if (!(wpa_s && 5279 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) { 5280 if (work->started) 5281 return; /* already started and still in progress */ 5282 5283 if (wpa_s && wpa_s->radio->external_scan_running) { 5284 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes"); 5285 return; 5286 } 5287 } else { 5288 work = NULL; 5289 if (radio->num_active_works < MAX_ACTIVE_WORKS) { 5290 /* get the work to schedule next */ 5291 work = radio_work_get_next_work(radio); 5292 } 5293 if (!work) 5294 return; 5295 } 5296 5297 wpa_s = work->wpa_s; 5298 os_get_reltime(&now); 5299 os_reltime_sub(&now, &work->time, &diff); 5300 wpa_dbg(wpa_s, MSG_DEBUG, 5301 "Starting radio work '%s'@%p after %ld.%06ld second wait", 5302 work->type, work, diff.sec, diff.usec); 5303 work->started = 1; 5304 work->time = now; 5305 radio->num_active_works++; 5306 5307 work->cb(work, 0); 5308 5309 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) && 5310 radio->num_active_works < MAX_ACTIVE_WORKS) 5311 radio_work_check_next(wpa_s); 5312 } 5313 5314 5315 /* 5316 * This function removes both started and pending radio works running on 5317 * the provided interface's radio. 5318 * Prior to the removal of the radio work, its callback (cb) is called with 5319 * deinit set to be 1. Each work's callback is responsible for clearing its 5320 * internal data and restoring to a correct state. 5321 * @wpa_s: wpa_supplicant data 5322 * @type: type of works to be removed 5323 * @remove_all: 1 to remove all the works on this radio, 0 to remove only 5324 * this interface's works. 5325 */ 5326 void radio_remove_works(struct wpa_supplicant *wpa_s, 5327 const char *type, int remove_all) 5328 { 5329 struct wpa_radio_work *work, *tmp; 5330 struct wpa_radio *radio = wpa_s->radio; 5331 5332 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work, 5333 list) { 5334 if (type && os_strcmp(type, work->type) != 0) 5335 continue; 5336 5337 /* skip other ifaces' works */ 5338 if (!remove_all && work->wpa_s != wpa_s) 5339 continue; 5340 5341 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s", 5342 work->type, work, work->started ? " (started)" : ""); 5343 work->cb(work, 1); 5344 radio_work_free(work); 5345 } 5346 5347 /* in case we removed the started work */ 5348 radio_work_check_next(wpa_s); 5349 } 5350 5351 5352 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx) 5353 { 5354 struct wpa_radio_work *work; 5355 struct wpa_radio *radio = wpa_s->radio; 5356 5357 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { 5358 if (work->ctx != ctx) 5359 continue; 5360 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s", 5361 work->type, work, work->started ? " (started)" : ""); 5362 radio_work_free(work); 5363 break; 5364 } 5365 } 5366 5367 5368 static void radio_remove_interface(struct wpa_supplicant *wpa_s) 5369 { 5370 struct wpa_radio *radio = wpa_s->radio; 5371 5372 if (!radio) 5373 return; 5374 5375 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s", 5376 wpa_s->ifname, radio->name); 5377 dl_list_del(&wpa_s->radio_list); 5378 radio_remove_works(wpa_s, NULL, 0); 5379 wpa_s->radio = NULL; 5380 if (!dl_list_empty(&radio->ifaces)) 5381 return; /* Interfaces remain for this radio */ 5382 5383 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name); 5384 eloop_cancel_timeout(radio_start_next_work, radio, NULL); 5385 os_free(radio); 5386 } 5387 5388 5389 void radio_work_check_next(struct wpa_supplicant *wpa_s) 5390 { 5391 struct wpa_radio *radio = wpa_s->radio; 5392 5393 if (dl_list_empty(&radio->work)) 5394 return; 5395 if (wpa_s->ext_work_in_progress) { 5396 wpa_printf(MSG_DEBUG, 5397 "External radio work in progress - delay start of pending item"); 5398 return; 5399 } 5400 eloop_cancel_timeout(radio_start_next_work, radio, NULL); 5401 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL); 5402 } 5403 5404 5405 /** 5406 * radio_add_work - Add a radio work item 5407 * @wpa_s: Pointer to wpa_supplicant data 5408 * @freq: Frequency of the offchannel operation in MHz or 0 5409 * @type: Unique identifier for each type of work 5410 * @next: Force as the next work to be executed 5411 * @cb: Callback function for indicating when radio is available 5412 * @ctx: Context pointer for the work (work->ctx in cb()) 5413 * Returns: 0 on success, -1 on failure 5414 * 5415 * This function is used to request time for an operation that requires 5416 * exclusive radio control. Once the radio is available, the registered callback 5417 * function will be called. radio_work_done() must be called once the exclusive 5418 * radio operation has been completed, so that the radio is freed for other 5419 * operations. The special case of deinit=1 is used to free the context data 5420 * during interface removal. That does not allow the callback function to start 5421 * the radio operation, i.e., it must free any resources allocated for the radio 5422 * work and return. 5423 * 5424 * The @freq parameter can be used to indicate a single channel on which the 5425 * offchannel operation will occur. This may allow multiple radio work 5426 * operations to be performed in parallel if they apply for the same channel. 5427 * Setting this to 0 indicates that the work item may use multiple channels or 5428 * requires exclusive control of the radio. 5429 */ 5430 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq, 5431 const char *type, int next, 5432 void (*cb)(struct wpa_radio_work *work, int deinit), 5433 void *ctx) 5434 { 5435 struct wpa_radio *radio = wpa_s->radio; 5436 struct wpa_radio_work *work; 5437 int was_empty; 5438 5439 work = os_zalloc(sizeof(*work)); 5440 if (work == NULL) 5441 return -1; 5442 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work); 5443 os_get_reltime(&work->time); 5444 work->freq = freq; 5445 work->type = type; 5446 work->wpa_s = wpa_s; 5447 work->cb = cb; 5448 work->ctx = ctx; 5449 5450 if (freq) 5451 work->bands = wpas_freq_to_band(freq); 5452 else if (os_strcmp(type, "scan") == 0 || 5453 os_strcmp(type, "p2p-scan") == 0) 5454 work->bands = wpas_get_bands(wpa_s, 5455 ((struct wpa_driver_scan_params *) 5456 ctx)->freqs); 5457 else 5458 work->bands = wpas_get_bands(wpa_s, NULL); 5459 5460 was_empty = dl_list_empty(&wpa_s->radio->work); 5461 if (next) 5462 dl_list_add(&wpa_s->radio->work, &work->list); 5463 else 5464 dl_list_add_tail(&wpa_s->radio->work, &work->list); 5465 if (was_empty) { 5466 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately"); 5467 radio_work_check_next(wpa_s); 5468 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) 5469 && radio->num_active_works < MAX_ACTIVE_WORKS) { 5470 wpa_dbg(wpa_s, MSG_DEBUG, 5471 "Try to schedule a radio work (num_active_works=%u)", 5472 radio->num_active_works); 5473 radio_work_check_next(wpa_s); 5474 } 5475 5476 return 0; 5477 } 5478 5479 5480 /** 5481 * radio_work_done - Indicate that a radio work item has been completed 5482 * @work: Completed work 5483 * 5484 * This function is called once the callback function registered with 5485 * radio_add_work() has completed its work. 5486 */ 5487 void radio_work_done(struct wpa_radio_work *work) 5488 { 5489 struct wpa_supplicant *wpa_s = work->wpa_s; 5490 struct os_reltime now, diff; 5491 unsigned int started = work->started; 5492 5493 os_get_reltime(&now); 5494 os_reltime_sub(&now, &work->time, &diff); 5495 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds", 5496 work->type, work, started ? "done" : "canceled", 5497 diff.sec, diff.usec); 5498 radio_work_free(work); 5499 if (started) 5500 radio_work_check_next(wpa_s); 5501 } 5502 5503 5504 struct wpa_radio_work * 5505 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type) 5506 { 5507 struct wpa_radio_work *work; 5508 struct wpa_radio *radio = wpa_s->radio; 5509 5510 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { 5511 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0) 5512 return work; 5513 } 5514 5515 return NULL; 5516 } 5517 5518 5519 static int wpas_init_driver(struct wpa_supplicant *wpa_s, 5520 const struct wpa_interface *iface) 5521 { 5522 const char *ifname, *driver, *rn; 5523 5524 driver = iface->driver; 5525 next_driver: 5526 if (wpa_supplicant_set_driver(wpa_s, driver) < 0) 5527 return -1; 5528 5529 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); 5530 if (wpa_s->drv_priv == NULL) { 5531 const char *pos; 5532 pos = driver ? os_strchr(driver, ',') : NULL; 5533 if (pos) { 5534 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 5535 "driver interface - try next driver wrapper"); 5536 driver = pos + 1; 5537 goto next_driver; 5538 } 5539 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver " 5540 "interface"); 5541 return -1; 5542 } 5543 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { 5544 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " 5545 "driver_param '%s'", wpa_s->conf->driver_param); 5546 return -1; 5547 } 5548 5549 ifname = wpa_drv_get_ifname(wpa_s); 5550 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { 5551 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " 5552 "interface name with '%s'", ifname); 5553 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); 5554 } 5555 5556 rn = wpa_driver_get_radio_name(wpa_s); 5557 if (rn && rn[0] == '\0') 5558 rn = NULL; 5559 5560 wpa_s->radio = radio_add_interface(wpa_s, rn); 5561 if (wpa_s->radio == NULL) 5562 return -1; 5563 5564 return 0; 5565 } 5566 5567 5568 #ifdef CONFIG_GAS_SERVER 5569 5570 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s, 5571 unsigned int freq, const u8 *dst, 5572 const u8 *src, const u8 *bssid, 5573 const u8 *data, size_t data_len, 5574 enum offchannel_send_action_result result) 5575 { 5576 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR 5577 " result=%s", 5578 freq, MAC2STR(dst), 5579 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 5580 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 5581 "FAILED")); 5582 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len, 5583 result == OFFCHANNEL_SEND_ACTION_SUCCESS); 5584 } 5585 5586 5587 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da, 5588 struct wpabuf *buf, unsigned int wait_time) 5589 { 5590 struct wpa_supplicant *wpa_s = ctx; 5591 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 5592 5593 if (wait_time > wpa_s->max_remain_on_chan) 5594 wait_time = wpa_s->max_remain_on_chan; 5595 5596 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast, 5597 wpabuf_head(buf), wpabuf_len(buf), 5598 wait_time, wpas_gas_server_tx_status, 0); 5599 } 5600 5601 #endif /* CONFIG_GAS_SERVER */ 5602 5603 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, 5604 const struct wpa_interface *iface) 5605 { 5606 struct wpa_driver_capa capa; 5607 int capa_res; 5608 u8 dfs_domain; 5609 5610 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " 5611 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, 5612 iface->confname ? iface->confname : "N/A", 5613 iface->driver ? iface->driver : "default", 5614 iface->ctrl_interface ? iface->ctrl_interface : "N/A", 5615 iface->bridge_ifname ? iface->bridge_ifname : "N/A"); 5616 5617 if (iface->confname) { 5618 #ifdef CONFIG_BACKEND_FILE 5619 wpa_s->confname = os_rel2abs_path(iface->confname); 5620 if (wpa_s->confname == NULL) { 5621 wpa_printf(MSG_ERROR, "Failed to get absolute path " 5622 "for configuration file '%s'.", 5623 iface->confname); 5624 return -1; 5625 } 5626 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", 5627 iface->confname, wpa_s->confname); 5628 #else /* CONFIG_BACKEND_FILE */ 5629 wpa_s->confname = os_strdup(iface->confname); 5630 #endif /* CONFIG_BACKEND_FILE */ 5631 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL); 5632 if (wpa_s->conf == NULL) { 5633 wpa_printf(MSG_ERROR, "Failed to read or parse " 5634 "configuration '%s'.", wpa_s->confname); 5635 return -1; 5636 } 5637 wpa_s->confanother = os_rel2abs_path(iface->confanother); 5638 if (wpa_s->confanother && 5639 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) { 5640 wpa_printf(MSG_ERROR, 5641 "Failed to read or parse configuration '%s'.", 5642 wpa_s->confanother); 5643 return -1; 5644 } 5645 5646 /* 5647 * Override ctrl_interface and driver_param if set on command 5648 * line. 5649 */ 5650 if (iface->ctrl_interface) { 5651 os_free(wpa_s->conf->ctrl_interface); 5652 wpa_s->conf->ctrl_interface = 5653 os_strdup(iface->ctrl_interface); 5654 } 5655 5656 if (iface->driver_param) { 5657 os_free(wpa_s->conf->driver_param); 5658 wpa_s->conf->driver_param = 5659 os_strdup(iface->driver_param); 5660 } 5661 5662 if (iface->p2p_mgmt && !iface->ctrl_interface) { 5663 os_free(wpa_s->conf->ctrl_interface); 5664 wpa_s->conf->ctrl_interface = NULL; 5665 } 5666 } else 5667 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, 5668 iface->driver_param); 5669 5670 if (wpa_s->conf == NULL) { 5671 wpa_printf(MSG_ERROR, "\nNo configuration found."); 5672 return -1; 5673 } 5674 5675 if (iface->ifname == NULL) { 5676 wpa_printf(MSG_ERROR, "\nInterface name is required."); 5677 return -1; 5678 } 5679 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { 5680 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", 5681 iface->ifname); 5682 return -1; 5683 } 5684 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); 5685 5686 if (iface->bridge_ifname) { 5687 if (os_strlen(iface->bridge_ifname) >= 5688 sizeof(wpa_s->bridge_ifname)) { 5689 wpa_printf(MSG_ERROR, "\nToo long bridge interface " 5690 "name '%s'.", iface->bridge_ifname); 5691 return -1; 5692 } 5693 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, 5694 sizeof(wpa_s->bridge_ifname)); 5695 } 5696 5697 /* RSNA Supplicant Key Management - INITIALIZE */ 5698 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); 5699 eapol_sm_notify_portValid(wpa_s->eapol, FALSE); 5700 5701 /* Initialize driver interface and register driver event handler before 5702 * L2 receive handler so that association events are processed before 5703 * EAPOL-Key packets if both become available for the same select() 5704 * call. */ 5705 if (wpas_init_driver(wpa_s, iface) < 0) 5706 return -1; 5707 5708 if (wpa_supplicant_init_wpa(wpa_s) < 0) 5709 return -1; 5710 5711 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, 5712 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : 5713 NULL); 5714 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 5715 5716 if (wpa_s->conf->dot11RSNAConfigPMKLifetime && 5717 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, 5718 wpa_s->conf->dot11RSNAConfigPMKLifetime)) { 5719 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 5720 "dot11RSNAConfigPMKLifetime"); 5721 return -1; 5722 } 5723 5724 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && 5725 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, 5726 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { 5727 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 5728 "dot11RSNAConfigPMKReauthThreshold"); 5729 return -1; 5730 } 5731 5732 if (wpa_s->conf->dot11RSNAConfigSATimeout && 5733 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, 5734 wpa_s->conf->dot11RSNAConfigSATimeout)) { 5735 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 5736 "dot11RSNAConfigSATimeout"); 5737 return -1; 5738 } 5739 5740 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, 5741 &wpa_s->hw.num_modes, 5742 &wpa_s->hw.flags, 5743 &dfs_domain); 5744 if (wpa_s->hw.modes) { 5745 u16 i; 5746 5747 for (i = 0; i < wpa_s->hw.num_modes; i++) { 5748 if (wpa_s->hw.modes[i].vht_capab) { 5749 wpa_s->hw_capab = CAPAB_VHT; 5750 break; 5751 } 5752 5753 if (wpa_s->hw.modes[i].ht_capab & 5754 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) 5755 wpa_s->hw_capab = CAPAB_HT40; 5756 else if (wpa_s->hw.modes[i].ht_capab && 5757 wpa_s->hw_capab == CAPAB_NO_HT_VHT) 5758 wpa_s->hw_capab = CAPAB_HT; 5759 } 5760 } 5761 5762 capa_res = wpa_drv_get_capa(wpa_s, &capa); 5763 if (capa_res == 0) { 5764 wpa_s->drv_capa_known = 1; 5765 wpa_s->drv_flags = capa.flags; 5766 wpa_s->drv_enc = capa.enc; 5767 wpa_s->drv_smps_modes = capa.smps_modes; 5768 wpa_s->drv_rrm_flags = capa.rrm_flags; 5769 wpa_s->probe_resp_offloads = capa.probe_resp_offloads; 5770 wpa_s->max_scan_ssids = capa.max_scan_ssids; 5771 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; 5772 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans; 5773 wpa_s->max_sched_scan_plan_interval = 5774 capa.max_sched_scan_plan_interval; 5775 wpa_s->max_sched_scan_plan_iterations = 5776 capa.max_sched_scan_plan_iterations; 5777 wpa_s->sched_scan_supported = capa.sched_scan_supported; 5778 wpa_s->max_match_sets = capa.max_match_sets; 5779 wpa_s->max_remain_on_chan = capa.max_remain_on_chan; 5780 wpa_s->max_stations = capa.max_stations; 5781 wpa_s->extended_capa = capa.extended_capa; 5782 wpa_s->extended_capa_mask = capa.extended_capa_mask; 5783 wpa_s->extended_capa_len = capa.extended_capa_len; 5784 wpa_s->num_multichan_concurrent = 5785 capa.num_multichan_concurrent; 5786 wpa_s->wmm_ac_supported = capa.wmm_ac_supported; 5787 5788 if (capa.mac_addr_rand_scan_supported) 5789 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN; 5790 if (wpa_s->sched_scan_supported && 5791 capa.mac_addr_rand_sched_scan_supported) 5792 wpa_s->mac_addr_rand_supported |= 5793 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO); 5794 5795 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); 5796 if (wpa_s->extended_capa && 5797 wpa_s->extended_capa_len >= 3 && 5798 wpa_s->extended_capa[2] & 0x40) 5799 wpa_s->multi_bss_support = 1; 5800 } 5801 if (wpa_s->max_remain_on_chan == 0) 5802 wpa_s->max_remain_on_chan = 1000; 5803 5804 /* 5805 * Only take p2p_mgmt parameters when P2P Device is supported. 5806 * Doing it here as it determines whether l2_packet_init() will be done 5807 * during wpa_supplicant_driver_init(). 5808 */ 5809 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) 5810 wpa_s->p2p_mgmt = iface->p2p_mgmt; 5811 5812 if (wpa_s->num_multichan_concurrent == 0) 5813 wpa_s->num_multichan_concurrent = 1; 5814 5815 if (wpa_supplicant_driver_init(wpa_s) < 0) 5816 return -1; 5817 5818 #ifdef CONFIG_TDLS 5819 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa)) 5820 return -1; 5821 #endif /* CONFIG_TDLS */ 5822 5823 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && 5824 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { 5825 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); 5826 return -1; 5827 } 5828 5829 #ifdef CONFIG_FST 5830 if (wpa_s->conf->fst_group_id) { 5831 struct fst_iface_cfg cfg; 5832 struct fst_wpa_obj iface_obj; 5833 5834 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj); 5835 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id, 5836 sizeof(cfg.group_id)); 5837 cfg.priority = wpa_s->conf->fst_priority; 5838 cfg.llt = wpa_s->conf->fst_llt; 5839 5840 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr, 5841 &iface_obj, &cfg); 5842 if (!wpa_s->fst) { 5843 wpa_msg(wpa_s, MSG_ERROR, 5844 "FST: Cannot attach iface %s to group %s", 5845 wpa_s->ifname, cfg.group_id); 5846 return -1; 5847 } 5848 } 5849 #endif /* CONFIG_FST */ 5850 5851 if (wpas_wps_init(wpa_s)) 5852 return -1; 5853 5854 #ifdef CONFIG_GAS_SERVER 5855 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx); 5856 if (!wpa_s->gas_server) { 5857 wpa_printf(MSG_ERROR, "Failed to initialize GAS server"); 5858 return -1; 5859 } 5860 #endif /* CONFIG_GAS_SERVER */ 5861 5862 #ifdef CONFIG_DPP 5863 if (wpas_dpp_init(wpa_s) < 0) 5864 return -1; 5865 #endif /* CONFIG_DPP */ 5866 5867 if (wpa_supplicant_init_eapol(wpa_s) < 0) 5868 return -1; 5869 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 5870 5871 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 5872 if (wpa_s->ctrl_iface == NULL) { 5873 wpa_printf(MSG_ERROR, 5874 "Failed to initialize control interface '%s'.\n" 5875 "You may have another wpa_supplicant process " 5876 "already running or the file was\n" 5877 "left by an unclean termination of wpa_supplicant " 5878 "in which case you will need\n" 5879 "to manually remove this file before starting " 5880 "wpa_supplicant again.\n", 5881 wpa_s->conf->ctrl_interface); 5882 return -1; 5883 } 5884 5885 wpa_s->gas = gas_query_init(wpa_s); 5886 if (wpa_s->gas == NULL) { 5887 wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); 5888 return -1; 5889 } 5890 5891 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) || 5892 wpa_s->p2p_mgmt) && 5893 wpas_p2p_init(wpa_s->global, wpa_s) < 0) { 5894 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); 5895 return -1; 5896 } 5897 5898 if (wpa_bss_init(wpa_s) < 0) 5899 return -1; 5900 5901 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 5902 #ifdef CONFIG_MESH 5903 dl_list_init(&wpa_s->mesh_external_pmksa_cache); 5904 #endif /* CONFIG_MESH */ 5905 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 5906 5907 /* 5908 * Set Wake-on-WLAN triggers, if configured. 5909 * Note: We don't restore/remove the triggers on shutdown (it doesn't 5910 * have effect anyway when the interface is down). 5911 */ 5912 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) 5913 return -1; 5914 5915 #ifdef CONFIG_EAP_PROXY 5916 { 5917 size_t len; 5918 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1, 5919 wpa_s->imsi, &len); 5920 if (wpa_s->mnc_len > 0) { 5921 wpa_s->imsi[len] = '\0'; 5922 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)", 5923 wpa_s->imsi, wpa_s->mnc_len); 5924 } else { 5925 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available"); 5926 } 5927 } 5928 #endif /* CONFIG_EAP_PROXY */ 5929 5930 if (pcsc_reader_init(wpa_s) < 0) 5931 return -1; 5932 5933 if (wpas_init_ext_pw(wpa_s) < 0) 5934 return -1; 5935 5936 wpas_rrm_reset(wpa_s); 5937 5938 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); 5939 5940 #ifdef CONFIG_HS20 5941 hs20_init(wpa_s); 5942 #endif /* CONFIG_HS20 */ 5943 #ifdef CONFIG_MBO 5944 if (wpa_s->conf->oce) { 5945 if ((wpa_s->conf->oce & OCE_STA) && 5946 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA)) 5947 wpa_s->enable_oce = OCE_STA; 5948 if ((wpa_s->conf->oce & OCE_STA_CFON) && 5949 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) { 5950 /* TODO: Need to add STA-CFON support */ 5951 wpa_printf(MSG_ERROR, 5952 "OCE STA-CFON feature is not yet supported"); 5953 } 5954 } 5955 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan); 5956 #endif /* CONFIG_MBO */ 5957 5958 wpa_supplicant_set_default_scan_ies(wpa_s); 5959 5960 return 0; 5961 } 5962 5963 5964 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, 5965 int notify, int terminate) 5966 { 5967 struct wpa_global *global = wpa_s->global; 5968 struct wpa_supplicant *iface, *prev; 5969 5970 if (wpa_s == wpa_s->parent) 5971 wpas_p2p_group_remove(wpa_s, "*"); 5972 5973 iface = global->ifaces; 5974 while (iface) { 5975 if (iface->p2pdev == wpa_s) 5976 iface->p2pdev = iface->parent; 5977 if (iface == wpa_s || iface->parent != wpa_s) { 5978 iface = iface->next; 5979 continue; 5980 } 5981 wpa_printf(MSG_DEBUG, 5982 "Remove remaining child interface %s from parent %s", 5983 iface->ifname, wpa_s->ifname); 5984 prev = iface; 5985 iface = iface->next; 5986 wpa_supplicant_remove_iface(global, prev, terminate); 5987 } 5988 5989 wpa_s->disconnected = 1; 5990 if (wpa_s->drv_priv) { 5991 wpa_supplicant_deauthenticate(wpa_s, 5992 WLAN_REASON_DEAUTH_LEAVING); 5993 5994 wpa_drv_set_countermeasures(wpa_s, 0); 5995 wpa_clear_keys(wpa_s, NULL); 5996 } 5997 5998 wpa_supplicant_cleanup(wpa_s); 5999 wpas_p2p_deinit_iface(wpa_s); 6000 6001 wpas_ctrl_radio_work_flush(wpa_s); 6002 radio_remove_interface(wpa_s); 6003 6004 #ifdef CONFIG_FST 6005 if (wpa_s->fst) { 6006 fst_detach(wpa_s->fst); 6007 wpa_s->fst = NULL; 6008 } 6009 if (wpa_s->received_mb_ies) { 6010 wpabuf_free(wpa_s->received_mb_ies); 6011 wpa_s->received_mb_ies = NULL; 6012 } 6013 #endif /* CONFIG_FST */ 6014 6015 if (wpa_s->drv_priv) 6016 wpa_drv_deinit(wpa_s); 6017 6018 if (notify) 6019 wpas_notify_iface_removed(wpa_s); 6020 6021 if (terminate) 6022 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); 6023 6024 if (wpa_s->ctrl_iface) { 6025 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); 6026 wpa_s->ctrl_iface = NULL; 6027 } 6028 6029 #ifdef CONFIG_MESH 6030 if (wpa_s->ifmsh) { 6031 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh); 6032 wpa_s->ifmsh = NULL; 6033 } 6034 #endif /* CONFIG_MESH */ 6035 6036 if (wpa_s->conf != NULL) { 6037 wpa_config_free(wpa_s->conf); 6038 wpa_s->conf = NULL; 6039 } 6040 6041 os_free(wpa_s->ssids_from_scan_req); 6042 6043 os_free(wpa_s); 6044 } 6045 6046 6047 #ifdef CONFIG_MATCH_IFACE 6048 6049 /** 6050 * wpa_supplicant_match_iface - Match an interface description to a name 6051 * @global: Pointer to global data from wpa_supplicant_init() 6052 * @ifname: Name of the interface to match 6053 * Returns: Pointer to the created interface description or %NULL on failure 6054 */ 6055 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global, 6056 const char *ifname) 6057 { 6058 int i; 6059 struct wpa_interface *iface, *miface; 6060 6061 for (i = 0; i < global->params.match_iface_count; i++) { 6062 miface = &global->params.match_ifaces[i]; 6063 if (!miface->ifname || 6064 fnmatch(miface->ifname, ifname, 0) == 0) { 6065 iface = os_zalloc(sizeof(*iface)); 6066 if (!iface) 6067 return NULL; 6068 *iface = *miface; 6069 iface->ifname = ifname; 6070 return iface; 6071 } 6072 } 6073 6074 return NULL; 6075 } 6076 6077 6078 /** 6079 * wpa_supplicant_match_existing - Match existing interfaces 6080 * @global: Pointer to global data from wpa_supplicant_init() 6081 * Returns: 0 on success, -1 on failure 6082 */ 6083 static int wpa_supplicant_match_existing(struct wpa_global *global) 6084 { 6085 struct if_nameindex *ifi, *ifp; 6086 struct wpa_supplicant *wpa_s; 6087 struct wpa_interface *iface; 6088 6089 ifp = if_nameindex(); 6090 if (!ifp) { 6091 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno)); 6092 return -1; 6093 } 6094 6095 for (ifi = ifp; ifi->if_name; ifi++) { 6096 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name); 6097 if (wpa_s) 6098 continue; 6099 iface = wpa_supplicant_match_iface(global, ifi->if_name); 6100 if (iface) { 6101 wpa_s = wpa_supplicant_add_iface(global, iface, NULL); 6102 os_free(iface); 6103 if (wpa_s) 6104 wpa_s->matched = 1; 6105 } 6106 } 6107 6108 if_freenameindex(ifp); 6109 return 0; 6110 } 6111 6112 #endif /* CONFIG_MATCH_IFACE */ 6113 6114 6115 /** 6116 * wpa_supplicant_add_iface - Add a new network interface 6117 * @global: Pointer to global data from wpa_supplicant_init() 6118 * @iface: Interface configuration options 6119 * @parent: Parent interface or %NULL to assign new interface as parent 6120 * Returns: Pointer to the created interface or %NULL on failure 6121 * 6122 * This function is used to add new network interfaces for %wpa_supplicant. 6123 * This can be called before wpa_supplicant_run() to add interfaces before the 6124 * main event loop has been started. In addition, new interfaces can be added 6125 * dynamically while %wpa_supplicant is already running. This could happen, 6126 * e.g., when a hotplug network adapter is inserted. 6127 */ 6128 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, 6129 struct wpa_interface *iface, 6130 struct wpa_supplicant *parent) 6131 { 6132 struct wpa_supplicant *wpa_s; 6133 struct wpa_interface t_iface; 6134 struct wpa_ssid *ssid; 6135 6136 if (global == NULL || iface == NULL) 6137 return NULL; 6138 6139 wpa_s = wpa_supplicant_alloc(parent); 6140 if (wpa_s == NULL) 6141 return NULL; 6142 6143 wpa_s->global = global; 6144 6145 t_iface = *iface; 6146 if (global->params.override_driver) { 6147 wpa_printf(MSG_DEBUG, "Override interface parameter: driver " 6148 "('%s' -> '%s')", 6149 iface->driver, global->params.override_driver); 6150 t_iface.driver = global->params.override_driver; 6151 } 6152 if (global->params.override_ctrl_interface) { 6153 wpa_printf(MSG_DEBUG, "Override interface parameter: " 6154 "ctrl_interface ('%s' -> '%s')", 6155 iface->ctrl_interface, 6156 global->params.override_ctrl_interface); 6157 t_iface.ctrl_interface = 6158 global->params.override_ctrl_interface; 6159 } 6160 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { 6161 wpa_printf(MSG_DEBUG, "Failed to add interface %s", 6162 iface->ifname); 6163 wpa_supplicant_deinit_iface(wpa_s, 0, 0); 6164 return NULL; 6165 } 6166 6167 if (iface->p2p_mgmt == 0) { 6168 /* Notify the control interfaces about new iface */ 6169 if (wpas_notify_iface_added(wpa_s)) { 6170 wpa_supplicant_deinit_iface(wpa_s, 1, 0); 6171 return NULL; 6172 } 6173 6174 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 6175 wpas_notify_network_added(wpa_s, ssid); 6176 } 6177 6178 wpa_s->next = global->ifaces; 6179 global->ifaces = wpa_s; 6180 6181 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); 6182 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 6183 6184 #ifdef CONFIG_P2P 6185 if (wpa_s->global->p2p == NULL && 6186 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled && 6187 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) && 6188 wpas_p2p_add_p2pdev_interface( 6189 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) { 6190 wpa_printf(MSG_INFO, 6191 "P2P: Failed to enable P2P Device interface"); 6192 /* Try to continue without. P2P will be disabled. */ 6193 } 6194 #endif /* CONFIG_P2P */ 6195 6196 return wpa_s; 6197 } 6198 6199 6200 /** 6201 * wpa_supplicant_remove_iface - Remove a network interface 6202 * @global: Pointer to global data from wpa_supplicant_init() 6203 * @wpa_s: Pointer to the network interface to be removed 6204 * Returns: 0 if interface was removed, -1 if interface was not found 6205 * 6206 * This function can be used to dynamically remove network interfaces from 6207 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In 6208 * addition, this function is used to remove all remaining interfaces when 6209 * %wpa_supplicant is terminated. 6210 */ 6211 int wpa_supplicant_remove_iface(struct wpa_global *global, 6212 struct wpa_supplicant *wpa_s, 6213 int terminate) 6214 { 6215 struct wpa_supplicant *prev; 6216 #ifdef CONFIG_MESH 6217 unsigned int mesh_if_created = wpa_s->mesh_if_created; 6218 char *ifname = NULL; 6219 struct wpa_supplicant *parent = wpa_s->parent; 6220 #endif /* CONFIG_MESH */ 6221 6222 /* Remove interface from the global list of interfaces */ 6223 prev = global->ifaces; 6224 if (prev == wpa_s) { 6225 global->ifaces = wpa_s->next; 6226 } else { 6227 while (prev && prev->next != wpa_s) 6228 prev = prev->next; 6229 if (prev == NULL) 6230 return -1; 6231 prev->next = wpa_s->next; 6232 } 6233 6234 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); 6235 6236 #ifdef CONFIG_MESH 6237 if (mesh_if_created) { 6238 ifname = os_strdup(wpa_s->ifname); 6239 if (ifname == NULL) { 6240 wpa_dbg(wpa_s, MSG_ERROR, 6241 "mesh: Failed to malloc ifname"); 6242 return -1; 6243 } 6244 } 6245 #endif /* CONFIG_MESH */ 6246 6247 if (global->p2p_group_formation == wpa_s) 6248 global->p2p_group_formation = NULL; 6249 if (global->p2p_invite_group == wpa_s) 6250 global->p2p_invite_group = NULL; 6251 wpa_supplicant_deinit_iface(wpa_s, 1, terminate); 6252 6253 #ifdef CONFIG_MESH 6254 if (mesh_if_created) { 6255 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname); 6256 os_free(ifname); 6257 } 6258 #endif /* CONFIG_MESH */ 6259 6260 return 0; 6261 } 6262 6263 6264 /** 6265 * wpa_supplicant_get_eap_mode - Get the current EAP mode 6266 * @wpa_s: Pointer to the network interface 6267 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found 6268 */ 6269 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) 6270 { 6271 const char *eapol_method; 6272 6273 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && 6274 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 6275 return "NO-EAP"; 6276 } 6277 6278 eapol_method = eapol_sm_get_method_name(wpa_s->eapol); 6279 if (eapol_method == NULL) 6280 return "UNKNOWN-EAP"; 6281 6282 return eapol_method; 6283 } 6284 6285 6286 /** 6287 * wpa_supplicant_get_iface - Get a new network interface 6288 * @global: Pointer to global data from wpa_supplicant_init() 6289 * @ifname: Interface name 6290 * Returns: Pointer to the interface or %NULL if not found 6291 */ 6292 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, 6293 const char *ifname) 6294 { 6295 struct wpa_supplicant *wpa_s; 6296 6297 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 6298 if (os_strcmp(wpa_s->ifname, ifname) == 0) 6299 return wpa_s; 6300 } 6301 return NULL; 6302 } 6303 6304 6305 #ifndef CONFIG_NO_WPA_MSG 6306 static const char * wpa_supplicant_msg_ifname_cb(void *ctx) 6307 { 6308 struct wpa_supplicant *wpa_s = ctx; 6309 if (wpa_s == NULL) 6310 return NULL; 6311 return wpa_s->ifname; 6312 } 6313 #endif /* CONFIG_NO_WPA_MSG */ 6314 6315 6316 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL 6317 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10 6318 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */ 6319 6320 /* Periodic cleanup tasks */ 6321 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx) 6322 { 6323 struct wpa_global *global = eloop_ctx; 6324 struct wpa_supplicant *wpa_s; 6325 6326 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, 6327 wpas_periodic, global, NULL); 6328 6329 #ifdef CONFIG_P2P 6330 if (global->p2p) 6331 p2p_expire_peers(global->p2p); 6332 #endif /* CONFIG_P2P */ 6333 6334 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 6335 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age); 6336 #ifdef CONFIG_AP 6337 ap_periodic(wpa_s); 6338 #endif /* CONFIG_AP */ 6339 } 6340 } 6341 6342 6343 /** 6344 * wpa_supplicant_init - Initialize %wpa_supplicant 6345 * @params: Parameters for %wpa_supplicant 6346 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure 6347 * 6348 * This function is used to initialize %wpa_supplicant. After successful 6349 * initialization, the returned data pointer can be used to add and remove 6350 * network interfaces, and eventually, to deinitialize %wpa_supplicant. 6351 */ 6352 struct wpa_global * wpa_supplicant_init(struct wpa_params *params) 6353 { 6354 struct wpa_global *global; 6355 int ret, i; 6356 6357 if (params == NULL) 6358 return NULL; 6359 6360 #ifdef CONFIG_DRIVER_NDIS 6361 { 6362 void driver_ndis_init_ops(void); 6363 driver_ndis_init_ops(); 6364 } 6365 #endif /* CONFIG_DRIVER_NDIS */ 6366 6367 #ifndef CONFIG_NO_WPA_MSG 6368 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); 6369 #endif /* CONFIG_NO_WPA_MSG */ 6370 6371 if (params->wpa_debug_file_path) 6372 wpa_debug_open_file(params->wpa_debug_file_path); 6373 else 6374 wpa_debug_setup_stdout(); 6375 if (params->wpa_debug_syslog) 6376 wpa_debug_open_syslog(); 6377 if (params->wpa_debug_tracing) { 6378 ret = wpa_debug_open_linux_tracing(); 6379 if (ret) { 6380 wpa_printf(MSG_ERROR, 6381 "Failed to enable trace logging"); 6382 return NULL; 6383 } 6384 } 6385 6386 ret = eap_register_methods(); 6387 if (ret) { 6388 wpa_printf(MSG_ERROR, "Failed to register EAP methods"); 6389 if (ret == -2) 6390 wpa_printf(MSG_ERROR, "Two or more EAP methods used " 6391 "the same EAP type."); 6392 return NULL; 6393 } 6394 6395 global = os_zalloc(sizeof(*global)); 6396 if (global == NULL) 6397 return NULL; 6398 dl_list_init(&global->p2p_srv_bonjour); 6399 dl_list_init(&global->p2p_srv_upnp); 6400 global->params.daemonize = params->daemonize; 6401 global->params.wait_for_monitor = params->wait_for_monitor; 6402 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; 6403 if (params->pid_file) 6404 global->params.pid_file = os_strdup(params->pid_file); 6405 if (params->ctrl_interface) 6406 global->params.ctrl_interface = 6407 os_strdup(params->ctrl_interface); 6408 if (params->ctrl_interface_group) 6409 global->params.ctrl_interface_group = 6410 os_strdup(params->ctrl_interface_group); 6411 if (params->override_driver) 6412 global->params.override_driver = 6413 os_strdup(params->override_driver); 6414 if (params->override_ctrl_interface) 6415 global->params.override_ctrl_interface = 6416 os_strdup(params->override_ctrl_interface); 6417 #ifdef CONFIG_MATCH_IFACE 6418 global->params.match_iface_count = params->match_iface_count; 6419 if (params->match_iface_count) { 6420 global->params.match_ifaces = 6421 os_calloc(params->match_iface_count, 6422 sizeof(struct wpa_interface)); 6423 os_memcpy(global->params.match_ifaces, 6424 params->match_ifaces, 6425 params->match_iface_count * 6426 sizeof(struct wpa_interface)); 6427 } 6428 #endif /* CONFIG_MATCH_IFACE */ 6429 #ifdef CONFIG_P2P 6430 if (params->conf_p2p_dev) 6431 global->params.conf_p2p_dev = 6432 os_strdup(params->conf_p2p_dev); 6433 #endif /* CONFIG_P2P */ 6434 wpa_debug_level = global->params.wpa_debug_level = 6435 params->wpa_debug_level; 6436 wpa_debug_show_keys = global->params.wpa_debug_show_keys = 6437 params->wpa_debug_show_keys; 6438 wpa_debug_timestamp = global->params.wpa_debug_timestamp = 6439 params->wpa_debug_timestamp; 6440 6441 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR); 6442 6443 if (eloop_init()) { 6444 wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 6445 wpa_supplicant_deinit(global); 6446 return NULL; 6447 } 6448 6449 random_init(params->entropy_file); 6450 6451 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); 6452 if (global->ctrl_iface == NULL) { 6453 wpa_supplicant_deinit(global); 6454 return NULL; 6455 } 6456 6457 if (wpas_notify_supplicant_initialized(global)) { 6458 wpa_supplicant_deinit(global); 6459 return NULL; 6460 } 6461 6462 for (i = 0; wpa_drivers[i]; i++) 6463 global->drv_count++; 6464 if (global->drv_count == 0) { 6465 wpa_printf(MSG_ERROR, "No drivers enabled"); 6466 wpa_supplicant_deinit(global); 6467 return NULL; 6468 } 6469 global->drv_priv = os_calloc(global->drv_count, sizeof(void *)); 6470 if (global->drv_priv == NULL) { 6471 wpa_supplicant_deinit(global); 6472 return NULL; 6473 } 6474 6475 #ifdef CONFIG_WIFI_DISPLAY 6476 if (wifi_display_init(global) < 0) { 6477 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display"); 6478 wpa_supplicant_deinit(global); 6479 return NULL; 6480 } 6481 #endif /* CONFIG_WIFI_DISPLAY */ 6482 6483 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, 6484 wpas_periodic, global, NULL); 6485 6486 return global; 6487 } 6488 6489 6490 /** 6491 * wpa_supplicant_run - Run the %wpa_supplicant main event loop 6492 * @global: Pointer to global data from wpa_supplicant_init() 6493 * Returns: 0 after successful event loop run, -1 on failure 6494 * 6495 * This function starts the main event loop and continues running as long as 6496 * there are any remaining events. In most cases, this function is running as 6497 * long as the %wpa_supplicant process in still in use. 6498 */ 6499 int wpa_supplicant_run(struct wpa_global *global) 6500 { 6501 struct wpa_supplicant *wpa_s; 6502 6503 if (global->params.daemonize && 6504 (wpa_supplicant_daemon(global->params.pid_file) || 6505 eloop_sock_requeue())) 6506 return -1; 6507 6508 #ifdef CONFIG_MATCH_IFACE 6509 if (wpa_supplicant_match_existing(global)) 6510 return -1; 6511 #endif 6512 6513 if (global->params.wait_for_monitor) { 6514 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) 6515 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt) 6516 wpa_supplicant_ctrl_iface_wait( 6517 wpa_s->ctrl_iface); 6518 } 6519 6520 eloop_register_signal_terminate(wpa_supplicant_terminate, global); 6521 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); 6522 6523 eloop_run(); 6524 6525 return 0; 6526 } 6527 6528 6529 /** 6530 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant 6531 * @global: Pointer to global data from wpa_supplicant_init() 6532 * 6533 * This function is called to deinitialize %wpa_supplicant and to free all 6534 * allocated resources. Remaining network interfaces will also be removed. 6535 */ 6536 void wpa_supplicant_deinit(struct wpa_global *global) 6537 { 6538 int i; 6539 6540 if (global == NULL) 6541 return; 6542 6543 eloop_cancel_timeout(wpas_periodic, global, NULL); 6544 6545 #ifdef CONFIG_WIFI_DISPLAY 6546 wifi_display_deinit(global); 6547 #endif /* CONFIG_WIFI_DISPLAY */ 6548 6549 while (global->ifaces) 6550 wpa_supplicant_remove_iface(global, global->ifaces, 1); 6551 6552 if (global->ctrl_iface) 6553 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); 6554 6555 wpas_notify_supplicant_deinitialized(global); 6556 6557 eap_peer_unregister_methods(); 6558 #ifdef CONFIG_AP 6559 eap_server_unregister_methods(); 6560 #endif /* CONFIG_AP */ 6561 6562 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { 6563 if (!global->drv_priv[i]) 6564 continue; 6565 wpa_drivers[i]->global_deinit(global->drv_priv[i]); 6566 } 6567 os_free(global->drv_priv); 6568 6569 random_deinit(); 6570 6571 eloop_destroy(); 6572 6573 if (global->params.pid_file) { 6574 os_daemonize_terminate(global->params.pid_file); 6575 os_free(global->params.pid_file); 6576 } 6577 os_free(global->params.ctrl_interface); 6578 os_free(global->params.ctrl_interface_group); 6579 os_free(global->params.override_driver); 6580 os_free(global->params.override_ctrl_interface); 6581 #ifdef CONFIG_MATCH_IFACE 6582 os_free(global->params.match_ifaces); 6583 #endif /* CONFIG_MATCH_IFACE */ 6584 #ifdef CONFIG_P2P 6585 os_free(global->params.conf_p2p_dev); 6586 #endif /* CONFIG_P2P */ 6587 6588 os_free(global->p2p_disallow_freq.range); 6589 os_free(global->p2p_go_avoid_freq.range); 6590 os_free(global->add_psk); 6591 6592 os_free(global); 6593 wpa_debug_close_syslog(); 6594 wpa_debug_close_file(); 6595 wpa_debug_close_linux_tracing(); 6596 } 6597 6598 6599 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) 6600 { 6601 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && 6602 wpa_s->conf->country[0] && wpa_s->conf->country[1]) { 6603 char country[3]; 6604 country[0] = wpa_s->conf->country[0]; 6605 country[1] = wpa_s->conf->country[1]; 6606 country[2] = '\0'; 6607 if (wpa_drv_set_country(wpa_s, country) < 0) { 6608 wpa_printf(MSG_ERROR, "Failed to set country code " 6609 "'%s'", country); 6610 } 6611 } 6612 6613 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND) 6614 wpas_init_ext_pw(wpa_s); 6615 6616 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS) 6617 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); 6618 6619 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) { 6620 struct wpa_driver_capa capa; 6621 int res = wpa_drv_get_capa(wpa_s, &capa); 6622 6623 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) 6624 wpa_printf(MSG_ERROR, 6625 "Failed to update wowlan_triggers to '%s'", 6626 wpa_s->conf->wowlan_triggers); 6627 } 6628 6629 #ifdef CONFIG_WPS 6630 wpas_wps_update_config(wpa_s); 6631 #endif /* CONFIG_WPS */ 6632 wpas_p2p_update_config(wpa_s); 6633 wpa_s->conf->changed_parameters = 0; 6634 } 6635 6636 6637 void add_freq(int *freqs, int *num_freqs, int freq) 6638 { 6639 int i; 6640 6641 for (i = 0; i < *num_freqs; i++) { 6642 if (freqs[i] == freq) 6643 return; 6644 } 6645 6646 freqs[*num_freqs] = freq; 6647 (*num_freqs)++; 6648 } 6649 6650 6651 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) 6652 { 6653 struct wpa_bss *bss, *cbss; 6654 const int max_freqs = 10; 6655 int *freqs; 6656 int num_freqs = 0; 6657 6658 freqs = os_calloc(max_freqs + 1, sizeof(int)); 6659 if (freqs == NULL) 6660 return NULL; 6661 6662 cbss = wpa_s->current_bss; 6663 6664 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 6665 if (bss == cbss) 6666 continue; 6667 if (bss->ssid_len == cbss->ssid_len && 6668 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && 6669 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) { 6670 add_freq(freqs, &num_freqs, bss->freq); 6671 if (num_freqs == max_freqs) 6672 break; 6673 } 6674 } 6675 6676 if (num_freqs == 0) { 6677 os_free(freqs); 6678 freqs = NULL; 6679 } 6680 6681 return freqs; 6682 } 6683 6684 6685 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid) 6686 { 6687 int timeout; 6688 int count; 6689 int *freqs = NULL; 6690 6691 wpas_connect_work_done(wpa_s); 6692 6693 /* 6694 * Remove possible authentication timeout since the connection failed. 6695 */ 6696 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 6697 6698 /* 6699 * There is no point in blacklisting the AP if this event is 6700 * generated based on local request to disconnect. 6701 */ 6702 if (wpa_s->own_disconnect_req) { 6703 wpa_s->own_disconnect_req = 0; 6704 wpa_dbg(wpa_s, MSG_DEBUG, 6705 "Ignore connection failure due to local request to disconnect"); 6706 return; 6707 } 6708 if (wpa_s->disconnected) { 6709 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure " 6710 "indication since interface has been put into " 6711 "disconnected state"); 6712 return; 6713 } 6714 6715 /* 6716 * Add the failed BSSID into the blacklist and speed up next scan 6717 * attempt if there could be other APs that could accept association. 6718 * The current blacklist count indicates how many times we have tried 6719 * connecting to this AP and multiple attempts mean that other APs are 6720 * either not available or has already been tried, so that we can start 6721 * increasing the delay here to avoid constant scanning. 6722 */ 6723 count = wpa_blacklist_add(wpa_s, bssid); 6724 if (count == 1 && wpa_s->current_bss) { 6725 /* 6726 * This BSS was not in the blacklist before. If there is 6727 * another BSS available for the same ESS, we should try that 6728 * next. Otherwise, we may as well try this one once more 6729 * before allowing other, likely worse, ESSes to be considered. 6730 */ 6731 freqs = get_bss_freqs_in_ess(wpa_s); 6732 if (freqs) { 6733 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " 6734 "has been seen; try it next"); 6735 wpa_blacklist_add(wpa_s, bssid); 6736 /* 6737 * On the next scan, go through only the known channels 6738 * used in this ESS based on previous scans to speed up 6739 * common load balancing use case. 6740 */ 6741 os_free(wpa_s->next_scan_freqs); 6742 wpa_s->next_scan_freqs = freqs; 6743 } 6744 } 6745 6746 /* 6747 * Add previous failure count in case the temporary blacklist was 6748 * cleared due to no other BSSes being available. 6749 */ 6750 count += wpa_s->extra_blacklist_count; 6751 6752 if (count > 3 && wpa_s->current_ssid) { 6753 wpa_printf(MSG_DEBUG, "Continuous association failures - " 6754 "consider temporary network disabling"); 6755 wpas_auth_failed(wpa_s, "CONN_FAILED"); 6756 } 6757 6758 switch (count) { 6759 case 1: 6760 timeout = 100; 6761 break; 6762 case 2: 6763 timeout = 500; 6764 break; 6765 case 3: 6766 timeout = 1000; 6767 break; 6768 case 4: 6769 timeout = 5000; 6770 break; 6771 default: 6772 timeout = 10000; 6773 break; 6774 } 6775 6776 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d " 6777 "ms", count, timeout); 6778 6779 /* 6780 * TODO: if more than one possible AP is available in scan results, 6781 * could try the other ones before requesting a new scan. 6782 */ 6783 6784 /* speed up the connection attempt with normal scan */ 6785 wpa_s->normal_scans = 0; 6786 wpa_supplicant_req_scan(wpa_s, timeout / 1000, 6787 1000 * (timeout % 1000)); 6788 } 6789 6790 6791 #ifdef CONFIG_FILS 6792 void fils_connection_failure(struct wpa_supplicant *wpa_s) 6793 { 6794 struct wpa_ssid *ssid = wpa_s->current_ssid; 6795 const u8 *realm, *username, *rrk; 6796 size_t realm_len, username_len, rrk_len; 6797 u16 next_seq_num; 6798 6799 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) || 6800 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, 6801 &username, &username_len, 6802 &realm, &realm_len, &next_seq_num, 6803 &rrk, &rrk_len) != 0 || 6804 !realm) 6805 return; 6806 6807 wpa_hexdump_ascii(MSG_DEBUG, 6808 "FILS: Store last connection failure realm", 6809 realm, realm_len); 6810 os_free(wpa_s->last_con_fail_realm); 6811 wpa_s->last_con_fail_realm = os_malloc(realm_len); 6812 if (wpa_s->last_con_fail_realm) { 6813 wpa_s->last_con_fail_realm_len = realm_len; 6814 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len); 6815 } 6816 } 6817 #endif /* CONFIG_FILS */ 6818 6819 6820 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) 6821 { 6822 return wpa_s->conf->ap_scan == 2 || 6823 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); 6824 } 6825 6826 6827 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) 6828 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, 6829 struct wpa_ssid *ssid, 6830 const char *field, 6831 const char *value) 6832 { 6833 #ifdef IEEE8021X_EAPOL 6834 struct eap_peer_config *eap = &ssid->eap; 6835 6836 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field); 6837 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value", 6838 (const u8 *) value, os_strlen(value)); 6839 6840 switch (wpa_supplicant_ctrl_req_from_string(field)) { 6841 case WPA_CTRL_REQ_EAP_IDENTITY: 6842 os_free(eap->identity); 6843 eap->identity = (u8 *) os_strdup(value); 6844 eap->identity_len = os_strlen(value); 6845 eap->pending_req_identity = 0; 6846 if (ssid == wpa_s->current_ssid) 6847 wpa_s->reassociate = 1; 6848 break; 6849 case WPA_CTRL_REQ_EAP_PASSWORD: 6850 bin_clear_free(eap->password, eap->password_len); 6851 eap->password = (u8 *) os_strdup(value); 6852 eap->password_len = os_strlen(value); 6853 eap->pending_req_password = 0; 6854 if (ssid == wpa_s->current_ssid) 6855 wpa_s->reassociate = 1; 6856 break; 6857 case WPA_CTRL_REQ_EAP_NEW_PASSWORD: 6858 bin_clear_free(eap->new_password, eap->new_password_len); 6859 eap->new_password = (u8 *) os_strdup(value); 6860 eap->new_password_len = os_strlen(value); 6861 eap->pending_req_new_password = 0; 6862 if (ssid == wpa_s->current_ssid) 6863 wpa_s->reassociate = 1; 6864 break; 6865 case WPA_CTRL_REQ_EAP_PIN: 6866 str_clear_free(eap->pin); 6867 eap->pin = os_strdup(value); 6868 eap->pending_req_pin = 0; 6869 if (ssid == wpa_s->current_ssid) 6870 wpa_s->reassociate = 1; 6871 break; 6872 case WPA_CTRL_REQ_EAP_OTP: 6873 bin_clear_free(eap->otp, eap->otp_len); 6874 eap->otp = (u8 *) os_strdup(value); 6875 eap->otp_len = os_strlen(value); 6876 os_free(eap->pending_req_otp); 6877 eap->pending_req_otp = NULL; 6878 eap->pending_req_otp_len = 0; 6879 break; 6880 case WPA_CTRL_REQ_EAP_PASSPHRASE: 6881 str_clear_free(eap->private_key_passwd); 6882 eap->private_key_passwd = os_strdup(value); 6883 eap->pending_req_passphrase = 0; 6884 if (ssid == wpa_s->current_ssid) 6885 wpa_s->reassociate = 1; 6886 break; 6887 case WPA_CTRL_REQ_SIM: 6888 str_clear_free(eap->external_sim_resp); 6889 eap->external_sim_resp = os_strdup(value); 6890 eap->pending_req_sim = 0; 6891 break; 6892 case WPA_CTRL_REQ_PSK_PASSPHRASE: 6893 if (wpa_config_set(ssid, "psk", value, 0) < 0) 6894 return -1; 6895 ssid->mem_only_psk = 1; 6896 if (ssid->passphrase) 6897 wpa_config_update_psk(ssid); 6898 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning) 6899 wpa_supplicant_req_scan(wpa_s, 0, 0); 6900 break; 6901 case WPA_CTRL_REQ_EXT_CERT_CHECK: 6902 if (eap->pending_ext_cert_check != PENDING_CHECK) 6903 return -1; 6904 if (os_strcmp(value, "good") == 0) 6905 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD; 6906 else if (os_strcmp(value, "bad") == 0) 6907 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD; 6908 else 6909 return -1; 6910 break; 6911 default: 6912 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field); 6913 return -1; 6914 } 6915 6916 return 0; 6917 #else /* IEEE8021X_EAPOL */ 6918 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included"); 6919 return -1; 6920 #endif /* IEEE8021X_EAPOL */ 6921 } 6922 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */ 6923 6924 6925 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 6926 { 6927 int i; 6928 unsigned int drv_enc; 6929 6930 if (wpa_s->p2p_mgmt) 6931 return 1; /* no normal network profiles on p2p_mgmt interface */ 6932 6933 if (ssid == NULL) 6934 return 1; 6935 6936 if (ssid->disabled) 6937 return 1; 6938 6939 if (wpa_s->drv_capa_known) 6940 drv_enc = wpa_s->drv_enc; 6941 else 6942 drv_enc = (unsigned int) -1; 6943 6944 for (i = 0; i < NUM_WEP_KEYS; i++) { 6945 size_t len = ssid->wep_key_len[i]; 6946 if (len == 0) 6947 continue; 6948 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40)) 6949 continue; 6950 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104)) 6951 continue; 6952 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128)) 6953 continue; 6954 return 1; /* invalid WEP key */ 6955 } 6956 6957 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && 6958 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk && 6959 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) && 6960 !ssid->mem_only_psk) 6961 return 1; 6962 6963 return 0; 6964 } 6965 6966 6967 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 6968 { 6969 #ifdef CONFIG_IEEE80211W 6970 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { 6971 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL && 6972 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) { 6973 /* 6974 * Driver does not support BIP -- ignore pmf=1 default 6975 * since the connection with PMF would fail and the 6976 * configuration does not require PMF to be enabled. 6977 */ 6978 return NO_MGMT_FRAME_PROTECTION; 6979 } 6980 6981 if (ssid && 6982 (ssid->key_mgmt & 6983 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS | 6984 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) { 6985 /* 6986 * Do not use the default PMF value for non-RSN networks 6987 * since PMF is available only with RSN and pmf=2 6988 * configuration would otherwise prevent connections to 6989 * all open networks. 6990 */ 6991 return NO_MGMT_FRAME_PROTECTION; 6992 } 6993 6994 return wpa_s->conf->pmf; 6995 } 6996 6997 return ssid->ieee80211w; 6998 #else /* CONFIG_IEEE80211W */ 6999 return NO_MGMT_FRAME_PROTECTION; 7000 #endif /* CONFIG_IEEE80211W */ 7001 } 7002 7003 7004 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) 7005 { 7006 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) 7007 return 1; 7008 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) 7009 return 0; 7010 return -1; 7011 } 7012 7013 7014 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason) 7015 { 7016 struct wpa_ssid *ssid = wpa_s->current_ssid; 7017 int dur; 7018 struct os_reltime now; 7019 7020 if (ssid == NULL) { 7021 wpa_printf(MSG_DEBUG, "Authentication failure but no known " 7022 "SSID block"); 7023 return; 7024 } 7025 7026 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS) 7027 return; 7028 7029 ssid->auth_failures++; 7030 7031 #ifdef CONFIG_P2P 7032 if (ssid->p2p_group && 7033 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) { 7034 /* 7035 * Skip the wait time since there is a short timeout on the 7036 * connection to a P2P group. 7037 */ 7038 return; 7039 } 7040 #endif /* CONFIG_P2P */ 7041 7042 if (ssid->auth_failures > 50) 7043 dur = 300; 7044 else if (ssid->auth_failures > 10) 7045 dur = 120; 7046 else if (ssid->auth_failures > 5) 7047 dur = 90; 7048 else if (ssid->auth_failures > 3) 7049 dur = 60; 7050 else if (ssid->auth_failures > 2) 7051 dur = 30; 7052 else if (ssid->auth_failures > 1) 7053 dur = 20; 7054 else 7055 dur = 10; 7056 7057 if (ssid->auth_failures > 1 && 7058 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) 7059 dur += os_random() % (ssid->auth_failures * 10); 7060 7061 os_get_reltime(&now); 7062 if (now.sec + dur <= ssid->disabled_until.sec) 7063 return; 7064 7065 ssid->disabled_until.sec = now.sec + dur; 7066 7067 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED 7068 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s", 7069 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len), 7070 ssid->auth_failures, dur, reason); 7071 } 7072 7073 7074 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s, 7075 struct wpa_ssid *ssid, int clear_failures) 7076 { 7077 if (ssid == NULL) 7078 return; 7079 7080 if (ssid->disabled_until.sec) { 7081 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED 7082 "id=%d ssid=\"%s\"", 7083 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 7084 } 7085 ssid->disabled_until.sec = 0; 7086 ssid->disabled_until.usec = 0; 7087 if (clear_failures) 7088 ssid->auth_failures = 0; 7089 } 7090 7091 7092 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid) 7093 { 7094 size_t i; 7095 7096 if (wpa_s->disallow_aps_bssid == NULL) 7097 return 0; 7098 7099 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) { 7100 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN, 7101 bssid, ETH_ALEN) == 0) 7102 return 1; 7103 } 7104 7105 return 0; 7106 } 7107 7108 7109 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, 7110 size_t ssid_len) 7111 { 7112 size_t i; 7113 7114 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL) 7115 return 0; 7116 7117 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) { 7118 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i]; 7119 if (ssid_len == s->ssid_len && 7120 os_memcmp(ssid, s->ssid, ssid_len) == 0) 7121 return 1; 7122 } 7123 7124 return 0; 7125 } 7126 7127 7128 /** 7129 * wpas_request_connection - Request a new connection 7130 * @wpa_s: Pointer to the network interface 7131 * 7132 * This function is used to request a new connection to be found. It will mark 7133 * the interface to allow reassociation and request a new scan to find a 7134 * suitable network to connect to. 7135 */ 7136 void wpas_request_connection(struct wpa_supplicant *wpa_s) 7137 { 7138 wpa_s->normal_scans = 0; 7139 wpa_s->scan_req = NORMAL_SCAN_REQ; 7140 wpa_supplicant_reinit_autoscan(wpa_s); 7141 wpa_s->extra_blacklist_count = 0; 7142 wpa_s->disconnected = 0; 7143 wpa_s->reassociate = 1; 7144 wpa_s->last_owe_group = 0; 7145 7146 if (wpa_supplicant_fast_associate(wpa_s) != 1) 7147 wpa_supplicant_req_scan(wpa_s, 0, 0); 7148 else 7149 wpa_s->reattach = 0; 7150 } 7151 7152 7153 /** 7154 * wpas_request_disconnection - Request disconnection 7155 * @wpa_s: Pointer to the network interface 7156 * 7157 * This function is used to request disconnection from the currently connected 7158 * network. This will stop any ongoing scans and initiate deauthentication. 7159 */ 7160 void wpas_request_disconnection(struct wpa_supplicant *wpa_s) 7161 { 7162 #ifdef CONFIG_SME 7163 wpa_s->sme.prev_bssid_set = 0; 7164 #endif /* CONFIG_SME */ 7165 wpa_s->reassociate = 0; 7166 wpa_s->disconnected = 1; 7167 wpa_supplicant_cancel_sched_scan(wpa_s); 7168 wpa_supplicant_cancel_scan(wpa_s); 7169 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 7170 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); 7171 radio_remove_works(wpa_s, "connect", 0); 7172 radio_remove_works(wpa_s, "sme-connect", 0); 7173 } 7174 7175 7176 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title, 7177 struct wpa_used_freq_data *freqs_data, 7178 unsigned int len) 7179 { 7180 unsigned int i; 7181 7182 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s", 7183 len, title); 7184 for (i = 0; i < len; i++) { 7185 struct wpa_used_freq_data *cur = &freqs_data[i]; 7186 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X", 7187 i, cur->freq, cur->flags); 7188 } 7189 } 7190 7191 7192 /* 7193 * Find the operating frequencies of any of the virtual interfaces that 7194 * are using the same radio as the current interface, and in addition, get 7195 * information about the interface types that are using the frequency. 7196 */ 7197 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s, 7198 struct wpa_used_freq_data *freqs_data, 7199 unsigned int len) 7200 { 7201 struct wpa_supplicant *ifs; 7202 u8 bssid[ETH_ALEN]; 7203 int freq; 7204 unsigned int idx = 0, i; 7205 7206 wpa_dbg(wpa_s, MSG_DEBUG, 7207 "Determining shared radio frequencies (max len %u)", len); 7208 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len); 7209 7210 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant, 7211 radio_list) { 7212 if (idx == len) 7213 break; 7214 7215 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0) 7216 continue; 7217 7218 if (ifs->current_ssid->mode == WPAS_MODE_AP || 7219 ifs->current_ssid->mode == WPAS_MODE_P2P_GO || 7220 ifs->current_ssid->mode == WPAS_MODE_MESH) 7221 freq = ifs->current_ssid->frequency; 7222 else if (wpa_drv_get_bssid(ifs, bssid) == 0) 7223 freq = ifs->assoc_freq; 7224 else 7225 continue; 7226 7227 /* Hold only distinct freqs */ 7228 for (i = 0; i < idx; i++) 7229 if (freqs_data[i].freq == freq) 7230 break; 7231 7232 if (i == idx) 7233 freqs_data[idx++].freq = freq; 7234 7235 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) { 7236 freqs_data[i].flags |= ifs->current_ssid->p2p_group ? 7237 WPA_FREQ_USED_BY_P2P_CLIENT : 7238 WPA_FREQ_USED_BY_INFRA_STATION; 7239 } 7240 } 7241 7242 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx); 7243 return idx; 7244 } 7245 7246 7247 /* 7248 * Find the operating frequencies of any of the virtual interfaces that 7249 * are using the same radio as the current interface. 7250 */ 7251 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s, 7252 int *freq_array, unsigned int len) 7253 { 7254 struct wpa_used_freq_data *freqs_data; 7255 int num, i; 7256 7257 os_memset(freq_array, 0, sizeof(int) * len); 7258 7259 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data)); 7260 if (!freqs_data) 7261 return -1; 7262 7263 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len); 7264 for (i = 0; i < num; i++) 7265 freq_array[i] = freqs_data[i].freq; 7266 7267 os_free(freqs_data); 7268 7269 return num; 7270 } 7271 7272 7273 struct wpa_supplicant * 7274 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame) 7275 { 7276 switch (frame) { 7277 #ifdef CONFIG_P2P 7278 case VENDOR_ELEM_PROBE_REQ_P2P: 7279 case VENDOR_ELEM_PROBE_RESP_P2P: 7280 case VENDOR_ELEM_PROBE_RESP_P2P_GO: 7281 case VENDOR_ELEM_BEACON_P2P_GO: 7282 case VENDOR_ELEM_P2P_PD_REQ: 7283 case VENDOR_ELEM_P2P_PD_RESP: 7284 case VENDOR_ELEM_P2P_GO_NEG_REQ: 7285 case VENDOR_ELEM_P2P_GO_NEG_RESP: 7286 case VENDOR_ELEM_P2P_GO_NEG_CONF: 7287 case VENDOR_ELEM_P2P_INV_REQ: 7288 case VENDOR_ELEM_P2P_INV_RESP: 7289 case VENDOR_ELEM_P2P_ASSOC_REQ: 7290 case VENDOR_ELEM_P2P_ASSOC_RESP: 7291 return wpa_s->p2pdev; 7292 #endif /* CONFIG_P2P */ 7293 default: 7294 return wpa_s; 7295 } 7296 } 7297 7298 7299 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s) 7300 { 7301 unsigned int i; 7302 char buf[30]; 7303 7304 wpa_printf(MSG_DEBUG, "Update vendor elements"); 7305 7306 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { 7307 if (wpa_s->vendor_elem[i]) { 7308 int res; 7309 7310 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i); 7311 if (!os_snprintf_error(sizeof(buf), res)) { 7312 wpa_hexdump_buf(MSG_DEBUG, buf, 7313 wpa_s->vendor_elem[i]); 7314 } 7315 } 7316 } 7317 7318 #ifdef CONFIG_P2P 7319 if (wpa_s->parent == wpa_s && 7320 wpa_s->global->p2p && 7321 !wpa_s->global->p2p_disabled) 7322 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem); 7323 #endif /* CONFIG_P2P */ 7324 } 7325 7326 7327 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame, 7328 const u8 *elem, size_t len) 7329 { 7330 u8 *ie, *end; 7331 7332 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]); 7333 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]); 7334 7335 for (; ie + 1 < end; ie += 2 + ie[1]) { 7336 if (ie + len > end) 7337 break; 7338 if (os_memcmp(ie, elem, len) != 0) 7339 continue; 7340 7341 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) { 7342 wpabuf_free(wpa_s->vendor_elem[frame]); 7343 wpa_s->vendor_elem[frame] = NULL; 7344 } else { 7345 os_memmove(ie, ie + len, end - (ie + len)); 7346 wpa_s->vendor_elem[frame]->used -= len; 7347 } 7348 wpas_vendor_elem_update(wpa_s); 7349 return 0; 7350 } 7351 7352 return -1; 7353 } 7354 7355 7356 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes, 7357 u16 num_modes, enum hostapd_hw_mode mode) 7358 { 7359 u16 i; 7360 7361 for (i = 0; i < num_modes; i++) { 7362 if (modes[i].mode == mode) 7363 return &modes[i]; 7364 } 7365 7366 return NULL; 7367 } 7368 7369 7370 static struct 7371 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s, 7372 const u8 *bssid) 7373 { 7374 struct wpa_bss_tmp_disallowed *bss; 7375 7376 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed, 7377 struct wpa_bss_tmp_disallowed, list) { 7378 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0) 7379 return bss; 7380 } 7381 7382 return NULL; 7383 } 7384 7385 7386 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s) 7387 { 7388 struct wpa_bss_tmp_disallowed *tmp; 7389 unsigned int num_bssid = 0; 7390 u8 *bssids; 7391 int ret; 7392 7393 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN); 7394 if (!bssids) 7395 return -1; 7396 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, 7397 struct wpa_bss_tmp_disallowed, list) { 7398 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid, 7399 ETH_ALEN); 7400 num_bssid++; 7401 } 7402 ret = wpa_drv_set_bssid_blacklist(wpa_s, num_bssid, bssids); 7403 os_free(bssids); 7404 return ret; 7405 } 7406 7407 7408 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx) 7409 { 7410 struct wpa_supplicant *wpa_s = eloop_ctx; 7411 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx; 7412 7413 /* Make sure the bss is not already freed */ 7414 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, 7415 struct wpa_bss_tmp_disallowed, list) { 7416 if (bss == tmp) { 7417 dl_list_del(&tmp->list); 7418 os_free(tmp); 7419 wpa_set_driver_tmp_disallow_list(wpa_s); 7420 break; 7421 } 7422 } 7423 } 7424 7425 7426 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid, 7427 unsigned int sec, int rssi_threshold) 7428 { 7429 struct wpa_bss_tmp_disallowed *bss; 7430 7431 bss = wpas_get_disallowed_bss(wpa_s, bssid); 7432 if (bss) { 7433 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); 7434 goto finish; 7435 } 7436 7437 bss = os_malloc(sizeof(*bss)); 7438 if (!bss) { 7439 wpa_printf(MSG_DEBUG, 7440 "Failed to allocate memory for temp disallow BSS"); 7441 return; 7442 } 7443 7444 os_memcpy(bss->bssid, bssid, ETH_ALEN); 7445 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list); 7446 wpa_set_driver_tmp_disallow_list(wpa_s); 7447 7448 finish: 7449 bss->rssi_threshold = rssi_threshold; 7450 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout, 7451 wpa_s, bss); 7452 } 7453 7454 7455 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, 7456 struct wpa_bss *bss) 7457 { 7458 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev; 7459 7460 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed, 7461 struct wpa_bss_tmp_disallowed, list) { 7462 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) { 7463 disallowed = tmp; 7464 break; 7465 } 7466 } 7467 if (!disallowed) 7468 return 0; 7469 7470 if (disallowed->rssi_threshold != 0 && 7471 bss->level > disallowed->rssi_threshold) 7472 return 0; 7473 7474 return 1; 7475 } 7476