2 * WPA Supplicant - driver interaction with generic Linux Wireless Extensions
3 * Copyright (c) 2003-2007, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements a driver interface for the Linux Wireless Extensions.
15 * When used with WE-18 or newer, this interface can be used as-is with number
16 * of drivers. In addition to this, some of the common functions in this file
17 * can be used by other driver interface implementations that use generic WE
18 * ioctls, but require private ioctls for some of the functionality.
22 #include <sys/ioctl.h>
23 #include <net/if_arp.h>
26 #include "wireless_copy.h"
30 #include "priv_netlink.h"
31 #include "driver_wext.h"
32 #include "ieee802_11_defs.h"
33 #include "wpa_common.h"
35 #include "wpa_supplicant_i.h"
36 #include "config_ssid.h"
39 static int wpa_driver_wext_flush_pmkid(void *priv);
40 static int wpa_driver_wext_get_range(void *priv);
41 static void wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv);
42 static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv);
45 static int wpa_driver_wext_send_oper_ifla(struct wpa_driver_wext_data *drv,
46 int linkmode, int operstate)
50 struct ifinfomsg ifinfo;
57 os_memset(&req, 0, sizeof(req));
59 req.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg));
60 req.hdr.nlmsg_type = RTM_SETLINK;
61 req.hdr.nlmsg_flags = NLM_F_REQUEST;
62 req.hdr.nlmsg_seq = ++nl_seq;
63 req.hdr.nlmsg_pid = 0;
65 req.ifinfo.ifi_family = AF_UNSPEC;
66 req.ifinfo.ifi_type = 0;
67 req.ifinfo.ifi_index = drv->ifindex;
68 req.ifinfo.ifi_flags = 0;
69 req.ifinfo.ifi_change = 0;
72 rta = aliasing_hide_typecast(
73 ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len)),
75 rta->rta_type = IFLA_LINKMODE;
76 rta->rta_len = RTA_LENGTH(sizeof(char));
77 *((char *) RTA_DATA(rta)) = linkmode;
78 req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) +
79 RTA_LENGTH(sizeof(char));
81 if (operstate != -1) {
82 rta = (struct rtattr *)
83 ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len));
84 rta->rta_type = IFLA_OPERSTATE;
85 rta->rta_len = RTA_LENGTH(sizeof(char));
86 *((char *) RTA_DATA(rta)) = operstate;
87 req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) +
88 RTA_LENGTH(sizeof(char));
91 wpa_printf(MSG_DEBUG, "WEXT: Operstate: linkmode=%d, operstate=%d",
94 ret = send(drv->event_sock, &req, req.hdr.nlmsg_len, 0);
96 wpa_printf(MSG_DEBUG, "WEXT: Sending operstate IFLA failed: "
97 "%s (assume operstate is not supported)",
101 return ret < 0 ? -1 : 0;
105 int wpa_driver_wext_set_auth_param(struct wpa_driver_wext_data *drv,
111 os_memset(&iwr, 0, sizeof(iwr));
112 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
113 iwr.u.param.flags = idx & IW_AUTH_INDEX;
114 iwr.u.param.value = value;
116 if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) {
117 if (errno != EOPNOTSUPP) {
118 wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d "
119 "value 0x%x) failed: %s)",
120 idx, value, strerror(errno));
122 ret = errno == EOPNOTSUPP ? -2 : -1;
130 * wpa_driver_wext_get_bssid - Get BSSID, SIOCGIWAP
131 * @priv: Pointer to private wext data from wpa_driver_wext_init()
132 * @bssid: Buffer for BSSID
133 * Returns: 0 on success, -1 on failure
135 int wpa_driver_wext_get_bssid(void *priv, u8 *bssid)
137 struct wpa_driver_wext_data *drv = priv;
141 os_memset(&iwr, 0, sizeof(iwr));
142 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
144 if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) {
145 perror("ioctl[SIOCGIWAP]");
148 os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN);
155 * wpa_driver_wext_set_bssid - Set BSSID, SIOCSIWAP
156 * @priv: Pointer to private wext data from wpa_driver_wext_init()
158 * Returns: 0 on success, -1 on failure
160 int wpa_driver_wext_set_bssid(void *priv, const u8 *bssid)
162 struct wpa_driver_wext_data *drv = priv;
166 os_memset(&iwr, 0, sizeof(iwr));
167 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
168 iwr.u.ap_addr.sa_family = ARPHRD_ETHER;
170 os_memcpy(iwr.u.ap_addr.sa_data, bssid, ETH_ALEN);
172 os_memset(iwr.u.ap_addr.sa_data, 0, ETH_ALEN);
174 if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr) < 0) {
175 perror("ioctl[SIOCSIWAP]");
184 * wpa_driver_wext_get_ssid - Get SSID, SIOCGIWESSID
185 * @priv: Pointer to private wext data from wpa_driver_wext_init()
186 * @ssid: Buffer for the SSID; must be at least 32 bytes long
187 * Returns: SSID length on success, -1 on failure
189 int wpa_driver_wext_get_ssid(void *priv, u8 *ssid)
191 struct wpa_driver_wext_data *drv = priv;
195 os_memset(&iwr, 0, sizeof(iwr));
196 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
197 iwr.u.essid.pointer = (caddr_t) ssid;
198 iwr.u.essid.length = 32;
200 if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) {
201 perror("ioctl[SIOCGIWESSID]");
204 ret = iwr.u.essid.length;
207 /* Some drivers include nul termination in the SSID, so let's
208 * remove it here before further processing. WE-21 changes this
209 * to explicitly require the length _not_ to include nul
211 if (ret > 0 && ssid[ret - 1] == '\0' &&
212 drv->we_version_compiled < 21)
221 * wpa_driver_wext_set_ssid - Set SSID, SIOCSIWESSID
222 * @priv: Pointer to private wext data from wpa_driver_wext_init()
224 * @ssid_len: Length of SSID (0..32)
225 * Returns: 0 on success, -1 on failure
227 int wpa_driver_wext_set_ssid(void *priv, const u8 *ssid, size_t ssid_len)
229 struct wpa_driver_wext_data *drv = priv;
237 os_memset(&iwr, 0, sizeof(iwr));
238 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
239 /* flags: 1 = ESSID is active, 0 = not (promiscuous) */
240 iwr.u.essid.flags = (ssid_len != 0);
241 os_memset(buf, 0, sizeof(buf));
242 os_memcpy(buf, ssid, ssid_len);
243 iwr.u.essid.pointer = (caddr_t) buf;
244 if (drv->we_version_compiled < 21) {
245 /* For historic reasons, set SSID length to include one extra
246 * character, C string nul termination, even though SSID is
247 * really an octet string that should not be presented as a C
248 * string. Some Linux drivers decrement the length by one and
249 * can thus end up missing the last octet of the SSID if the
250 * length is not incremented here. WE-21 changes this to
251 * explicitly require the length _not_ to include nul
256 iwr.u.essid.length = ssid_len;
258 if (ioctl(drv->ioctl_sock, SIOCSIWESSID, &iwr) < 0) {
259 perror("ioctl[SIOCSIWESSID]");
268 * wpa_driver_wext_set_freq - Set frequency/channel, SIOCSIWFREQ
269 * @priv: Pointer to private wext data from wpa_driver_wext_init()
270 * @freq: Frequency in MHz
271 * Returns: 0 on success, -1 on failure
273 int wpa_driver_wext_set_freq(void *priv, int freq)
275 struct wpa_driver_wext_data *drv = priv;
279 os_memset(&iwr, 0, sizeof(iwr));
280 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
281 iwr.u.freq.m = freq * 100000;
284 if (ioctl(drv->ioctl_sock, SIOCSIWFREQ, &iwr) < 0) {
285 perror("ioctl[SIOCSIWFREQ]");
294 wpa_driver_wext_event_wireless_custom(void *ctx, char *custom)
296 union wpa_event_data data;
298 wpa_printf(MSG_MSGDUMP, "WEXT: Custom wireless event: '%s'",
301 os_memset(&data, 0, sizeof(data));
303 if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
304 data.michael_mic_failure.unicast =
305 os_strstr(custom, " unicast ") != NULL;
306 /* TODO: parse parameters(?) */
307 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
308 } else if (os_strncmp(custom, "ASSOCINFO(ReqIEs=", 17) == 0) {
314 bytes = strspn(spos, "0123456789abcdefABCDEF");
315 if (!bytes || (bytes & 1))
319 data.assoc_info.req_ies = os_malloc(bytes);
320 if (data.assoc_info.req_ies == NULL)
323 data.assoc_info.req_ies_len = bytes;
324 hexstr2bin(spos, data.assoc_info.req_ies, bytes);
328 data.assoc_info.resp_ies = NULL;
329 data.assoc_info.resp_ies_len = 0;
331 if (os_strncmp(spos, " RespIEs=", 9) == 0) {
334 bytes = strspn(spos, "0123456789abcdefABCDEF");
335 if (!bytes || (bytes & 1))
339 data.assoc_info.resp_ies = os_malloc(bytes);
340 if (data.assoc_info.resp_ies == NULL)
343 data.assoc_info.resp_ies_len = bytes;
344 hexstr2bin(spos, data.assoc_info.resp_ies, bytes);
347 wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data);
350 os_free(data.assoc_info.resp_ies);
351 os_free(data.assoc_info.req_ies);
352 #ifdef CONFIG_PEERKEY
353 } else if (os_strncmp(custom, "STKSTART.request=", 17) == 0) {
354 if (hwaddr_aton(custom + 17, data.stkstart.peer)) {
355 wpa_printf(MSG_DEBUG, "WEXT: unrecognized "
356 "STKSTART.request '%s'", custom + 17);
359 wpa_supplicant_event(ctx, EVENT_STKSTART, &data);
360 #endif /* CONFIG_PEERKEY */
362 } else if (os_strncmp(custom, "STOP", 4) == 0) {
363 wpa_msg(ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "STOPPED");
364 } else if (os_strncmp(custom, "START", 5) == 0) {
365 wpa_msg(ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "STARTED");
371 static int wpa_driver_wext_event_wireless_michaelmicfailure(
372 void *ctx, const char *ev, size_t len)
374 const struct iw_michaelmicfailure *mic;
375 union wpa_event_data data;
377 if (len < sizeof(*mic))
380 mic = (const struct iw_michaelmicfailure *) ev;
382 wpa_printf(MSG_DEBUG, "Michael MIC failure wireless event: "
383 "flags=0x%x src_addr=" MACSTR, mic->flags,
384 MAC2STR(mic->src_addr.sa_data));
386 os_memset(&data, 0, sizeof(data));
387 data.michael_mic_failure.unicast = !(mic->flags & IW_MICFAILURE_GROUP);
388 wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data);
394 static int wpa_driver_wext_event_wireless_pmkidcand(
395 struct wpa_driver_wext_data *drv, const char *ev, size_t len)
397 const struct iw_pmkid_cand *cand;
398 union wpa_event_data data;
401 if (len < sizeof(*cand))
404 cand = (const struct iw_pmkid_cand *) ev;
405 addr = (const u8 *) cand->bssid.sa_data;
407 wpa_printf(MSG_DEBUG, "PMKID candidate wireless event: "
408 "flags=0x%x index=%d bssid=" MACSTR, cand->flags,
409 cand->index, MAC2STR(addr));
411 os_memset(&data, 0, sizeof(data));
412 os_memcpy(data.pmkid_candidate.bssid, addr, ETH_ALEN);
413 data.pmkid_candidate.index = cand->index;
414 data.pmkid_candidate.preauth = cand->flags & IW_PMKID_CAND_PREAUTH;
415 wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data);
421 static int wpa_driver_wext_event_wireless_assocreqie(
422 struct wpa_driver_wext_data *drv, const char *ev, int len)
427 wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev,
429 os_free(drv->assoc_req_ies);
430 drv->assoc_req_ies = os_malloc(len);
431 if (drv->assoc_req_ies == NULL) {
432 drv->assoc_req_ies_len = 0;
435 os_memcpy(drv->assoc_req_ies, ev, len);
436 drv->assoc_req_ies_len = len;
442 static int wpa_driver_wext_event_wireless_assocrespie(
443 struct wpa_driver_wext_data *drv, const char *ev, int len)
448 wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev,
450 os_free(drv->assoc_resp_ies);
451 drv->assoc_resp_ies = os_malloc(len);
452 if (drv->assoc_resp_ies == NULL) {
453 drv->assoc_resp_ies_len = 0;
456 os_memcpy(drv->assoc_resp_ies, ev, len);
457 drv->assoc_resp_ies_len = len;
463 static void wpa_driver_wext_event_assoc_ies(struct wpa_driver_wext_data *drv)
465 union wpa_event_data data;
467 if (drv->assoc_req_ies == NULL && drv->assoc_resp_ies == NULL)
470 os_memset(&data, 0, sizeof(data));
471 if (drv->assoc_req_ies) {
472 data.assoc_info.req_ies = drv->assoc_req_ies;
473 drv->assoc_req_ies = NULL;
474 data.assoc_info.req_ies_len = drv->assoc_req_ies_len;
476 if (drv->assoc_resp_ies) {
477 data.assoc_info.resp_ies = drv->assoc_resp_ies;
478 drv->assoc_resp_ies = NULL;
479 data.assoc_info.resp_ies_len = drv->assoc_resp_ies_len;
482 wpa_supplicant_event(drv->ctx, EVENT_ASSOCINFO, &data);
484 os_free(data.assoc_info.req_ies);
485 os_free(data.assoc_info.resp_ies);
489 static void wpa_driver_wext_event_wireless(struct wpa_driver_wext_data *drv,
490 void *ctx, char *data, int len)
492 struct iw_event iwe_buf, *iwe = &iwe_buf;
493 char *pos, *end, *custom, *buf;
498 while (pos + IW_EV_LCP_LEN <= end) {
499 /* Event data may be unaligned, so make a local, aligned copy
500 * before processing. */
501 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
502 wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d",
504 if (iwe->len <= IW_EV_LCP_LEN)
507 custom = pos + IW_EV_POINT_LEN;
508 if (drv->we_version_compiled > 18 &&
509 (iwe->cmd == IWEVMICHAELMICFAILURE ||
510 iwe->cmd == IWEVCUSTOM ||
511 iwe->cmd == IWEVASSOCREQIE ||
512 iwe->cmd == IWEVASSOCRESPIE ||
513 iwe->cmd == IWEVPMKIDCAND)) {
514 /* WE-19 removed the pointer from struct iw_point */
515 char *dpos = (char *) &iwe_buf.u.data.length;
516 int dlen = dpos - (char *) &iwe_buf;
517 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
518 sizeof(struct iw_event) - dlen);
520 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
521 custom += IW_EV_POINT_OFF;
526 wpa_printf(MSG_DEBUG, "Wireless event: new AP: "
528 MAC2STR((u8 *) iwe->u.ap_addr.sa_data));
529 if (is_zero_ether_addr(
530 (const u8 *) iwe->u.ap_addr.sa_data) ||
531 os_memcmp(iwe->u.ap_addr.sa_data,
532 "\x44\x44\x44\x44\x44\x44", ETH_ALEN) ==
534 os_free(drv->assoc_req_ies);
535 drv->assoc_req_ies = NULL;
536 os_free(drv->assoc_resp_ies);
537 drv->assoc_resp_ies = NULL;
539 if (!drv->skip_disconnect) {
540 drv->skip_disconnect = 1;
542 wpa_supplicant_event(ctx, EVENT_DISASSOC,
550 drv->skip_disconnect = 0;
552 wpa_driver_wext_event_assoc_ies(drv);
553 wpa_supplicant_event(ctx, EVENT_ASSOC, NULL);
556 case IWEVMICHAELMICFAILURE:
557 if (custom + iwe->u.data.length > end) {
558 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
559 "IWEVMICHAELMICFAILURE length");
562 wpa_driver_wext_event_wireless_michaelmicfailure(
563 ctx, custom, iwe->u.data.length);
566 if (custom + iwe->u.data.length > end) {
567 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
568 "IWEVCUSTOM length");
571 buf = os_malloc(iwe->u.data.length + 1);
574 os_memcpy(buf, custom, iwe->u.data.length);
575 buf[iwe->u.data.length] = '\0';
576 wpa_driver_wext_event_wireless_custom(ctx, buf);
580 drv->scan_complete_events = 1;
581 eloop_cancel_timeout(wpa_driver_wext_scan_timeout,
583 wpa_supplicant_event(ctx, EVENT_SCAN_RESULTS, NULL);
586 if (custom + iwe->u.data.length > end) {
587 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
588 "IWEVASSOCREQIE length");
591 wpa_driver_wext_event_wireless_assocreqie(
592 drv, custom, iwe->u.data.length);
594 case IWEVASSOCRESPIE:
595 if (custom + iwe->u.data.length > end) {
596 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
597 "IWEVASSOCRESPIE length");
600 wpa_driver_wext_event_wireless_assocrespie(
601 drv, custom, iwe->u.data.length);
604 if (custom + iwe->u.data.length > end) {
605 wpa_printf(MSG_DEBUG, "WEXT: Invalid "
606 "IWEVPMKIDCAND length");
609 wpa_driver_wext_event_wireless_pmkidcand(
610 drv, custom, iwe->u.data.length);
619 static void wpa_driver_wext_event_link(struct wpa_driver_wext_data *drv,
620 void *ctx, char *buf, size_t len,
623 union wpa_event_data event;
625 os_memset(&event, 0, sizeof(event));
626 if (len > sizeof(event.interface_status.ifname))
627 len = sizeof(event.interface_status.ifname) - 1;
628 os_memcpy(event.interface_status.ifname, buf, len);
629 event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED :
630 EVENT_INTERFACE_ADDED;
632 wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
634 event.interface_status.ifname,
635 del ? "removed" : "added");
637 if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) {
644 wpa_supplicant_event(ctx, EVENT_INTERFACE_STATUS, &event);
648 static int wpa_driver_wext_own_ifname(struct wpa_driver_wext_data *drv,
651 struct ifinfomsg *ifi;
652 int attrlen, nlmsg_len, rta_len;
657 nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
659 attrlen = h->nlmsg_len - nlmsg_len;
663 attr = (struct rtattr *) (((char *) ifi) + nlmsg_len);
665 rta_len = RTA_ALIGN(sizeof(struct rtattr));
666 while (RTA_OK(attr, attrlen)) {
667 if (attr->rta_type == IFLA_IFNAME) {
668 if (os_strcmp(((char *) attr) + rta_len, drv->ifname)
674 attr = RTA_NEXT(attr, attrlen);
681 static int wpa_driver_wext_own_ifindex(struct wpa_driver_wext_data *drv,
682 int ifindex, struct nlmsghdr *h)
684 if (drv->ifindex == ifindex || drv->ifindex2 == ifindex)
687 if (drv->if_removed && wpa_driver_wext_own_ifname(drv, h)) {
688 drv->ifindex = if_nametoindex(drv->ifname);
689 wpa_printf(MSG_DEBUG, "WEXT: Update ifindex for a removed "
691 wpa_driver_wext_finish_drv_init(drv);
699 static void wpa_driver_wext_event_rtm_newlink(struct wpa_driver_wext_data *drv,
700 void *ctx, struct nlmsghdr *h,
703 struct ifinfomsg *ifi;
704 int attrlen, nlmsg_len, rta_len;
705 struct rtattr * attr;
707 if (len < sizeof(*ifi))
712 if (!wpa_driver_wext_own_ifindex(drv, ifi->ifi_index, h)) {
713 wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d",
718 wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
720 drv->operstate, ifi->ifi_flags,
721 (ifi->ifi_flags & IFF_UP) ? "[UP]" : "",
722 (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "",
723 (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "",
724 (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : "");
726 * Some drivers send the association event before the operup event--in
727 * this case, lifting operstate in wpa_driver_wext_set_operstate()
728 * fails. This will hit us when wpa_supplicant does not need to do
729 * IEEE 802.1X authentication
731 if (drv->operstate == 1 &&
732 (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP &&
733 !(ifi->ifi_flags & IFF_RUNNING))
734 wpa_driver_wext_send_oper_ifla(drv, -1, IF_OPER_UP);
736 nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
738 attrlen = h->nlmsg_len - nlmsg_len;
742 attr = (struct rtattr *) (((char *) ifi) + nlmsg_len);
744 rta_len = RTA_ALIGN(sizeof(struct rtattr));
745 while (RTA_OK(attr, attrlen)) {
746 if (attr->rta_type == IFLA_WIRELESS) {
747 wpa_driver_wext_event_wireless(
748 drv, ctx, ((char *) attr) + rta_len,
749 attr->rta_len - rta_len);
750 } else if (attr->rta_type == IFLA_IFNAME) {
751 wpa_driver_wext_event_link(drv, ctx,
752 ((char *) attr) + rta_len,
753 attr->rta_len - rta_len, 0);
755 attr = RTA_NEXT(attr, attrlen);
760 static void wpa_driver_wext_event_rtm_dellink(struct wpa_driver_wext_data *drv,
761 void *ctx, struct nlmsghdr *h,
764 struct ifinfomsg *ifi;
765 int attrlen, nlmsg_len, rta_len;
766 struct rtattr * attr;
768 if (len < sizeof(*ifi))
773 nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg));
775 attrlen = h->nlmsg_len - nlmsg_len;
779 attr = (struct rtattr *) (((char *) ifi) + nlmsg_len);
781 rta_len = RTA_ALIGN(sizeof(struct rtattr));
782 while (RTA_OK(attr, attrlen)) {
783 if (attr->rta_type == IFLA_IFNAME) {
784 wpa_driver_wext_event_link(drv, ctx,
785 ((char *) attr) + rta_len,
786 attr->rta_len - rta_len, 1);
788 attr = RTA_NEXT(attr, attrlen);
793 static void wpa_driver_wext_event_receive(int sock, void *eloop_ctx,
798 struct sockaddr_nl from;
804 fromlen = sizeof(from);
805 left = recvfrom(sock, buf, sizeof(buf), MSG_DONTWAIT,
806 (struct sockaddr *) &from, &fromlen);
808 if (errno != EINTR && errno != EAGAIN)
809 perror("recvfrom(netlink)");
813 h = (struct nlmsghdr *) buf;
814 while (left >= (int) sizeof(*h)) {
818 plen = len - sizeof(*h);
819 if (len > left || plen < 0) {
820 wpa_printf(MSG_DEBUG, "Malformed netlink message: "
821 "len=%d left=%d plen=%d",
826 switch (h->nlmsg_type) {
828 wpa_driver_wext_event_rtm_newlink(eloop_ctx, sock_ctx,
832 wpa_driver_wext_event_rtm_dellink(eloop_ctx, sock_ctx,
837 len = NLMSG_ALIGN(len);
839 h = (struct nlmsghdr *) ((char *) h + len);
843 wpa_printf(MSG_DEBUG, "%d extra bytes in the end of netlink "
847 if (--max_events > 0) {
849 * Try to receive all events in one eloop call in order to
850 * limit race condition on cases where AssocInfo event, Assoc
851 * event, and EAPOL frames are received more or less at the
852 * same time. We want to process the event messages first
853 * before starting EAPOL processing.
860 static int wpa_driver_wext_get_ifflags_ifname(struct wpa_driver_wext_data *drv,
861 const char *ifname, int *flags)
865 os_memset(&ifr, 0, sizeof(ifr));
866 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
867 if (ioctl(drv->ioctl_sock, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) {
868 perror("ioctl[SIOCGIFFLAGS]");
871 *flags = ifr.ifr_flags & 0xffff;
877 * wpa_driver_wext_get_ifflags - Get interface flags (SIOCGIFFLAGS)
878 * @drv: driver_wext private data
879 * @flags: Pointer to returned flags value
880 * Returns: 0 on success, -1 on failure
882 int wpa_driver_wext_get_ifflags(struct wpa_driver_wext_data *drv, int *flags)
884 return wpa_driver_wext_get_ifflags_ifname(drv, drv->ifname, flags);
888 static int wpa_driver_wext_set_ifflags_ifname(struct wpa_driver_wext_data *drv,
889 const char *ifname, int flags)
893 os_memset(&ifr, 0, sizeof(ifr));
894 os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ);
895 ifr.ifr_flags = flags & 0xffff;
896 if (ioctl(drv->ioctl_sock, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) {
897 perror("SIOCSIFFLAGS");
905 * wpa_driver_wext_set_ifflags - Set interface flags (SIOCSIFFLAGS)
906 * @drv: driver_wext private data
907 * @flags: New value for flags
908 * Returns: 0 on success, -1 on failure
910 int wpa_driver_wext_set_ifflags(struct wpa_driver_wext_data *drv, int flags)
912 return wpa_driver_wext_set_ifflags_ifname(drv, drv->ifname, flags);
917 * wpa_driver_wext_init - Initialize WE driver interface
918 * @ctx: context to be used when calling wpa_supplicant functions,
919 * e.g., wpa_supplicant_event()
920 * @ifname: interface name, e.g., wlan0
921 * Returns: Pointer to private data, %NULL on failure
923 void * wpa_driver_wext_init(void *ctx, const char *ifname)
926 struct sockaddr_nl local;
927 struct wpa_driver_wext_data *drv;
929 drv = os_zalloc(sizeof(*drv));
933 os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname));
935 drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0);
936 if (drv->ioctl_sock < 0) {
937 perror("socket(PF_INET,SOCK_DGRAM)");
942 s = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE);
944 perror("socket(PF_NETLINK,SOCK_RAW,NETLINK_ROUTE)");
945 close(drv->ioctl_sock);
950 os_memset(&local, 0, sizeof(local));
951 local.nl_family = AF_NETLINK;
952 local.nl_groups = RTMGRP_LINK;
953 if (bind(s, (struct sockaddr *) &local, sizeof(local)) < 0) {
954 perror("bind(netlink)");
956 close(drv->ioctl_sock);
961 eloop_register_read_sock(s, wpa_driver_wext_event_receive, drv, ctx);
967 drv->driver_is_loaded = TRUE;
968 drv->skip_disconnect = 0;
970 wpa_driver_wext_finish_drv_init(drv);
976 static void wpa_driver_wext_finish_drv_init(struct wpa_driver_wext_data *drv)
980 if (wpa_driver_wext_get_ifflags(drv, &flags) != 0)
981 printf("Could not get interface '%s' flags\n", drv->ifname);
982 else if (!(flags & IFF_UP)) {
983 if (wpa_driver_wext_set_ifflags(drv, flags | IFF_UP) != 0) {
984 printf("Could not set interface '%s' UP\n",
988 * Wait some time to allow driver to initialize before
989 * starting configuring the driver. This seems to be
990 * needed at least some drivers that load firmware etc.
991 * when the interface is set up.
993 wpa_printf(MSG_DEBUG, "Interface %s set UP - waiting "
994 "a second for the driver to complete "
995 "initialization", drv->ifname);
1001 * Make sure that the driver does not have any obsolete PMKID entries.
1003 wpa_driver_wext_flush_pmkid(drv);
1005 if (wpa_driver_wext_set_mode(drv, 0) < 0) {
1006 printf("Could not configure driver to use managed mode\n");
1009 wpa_driver_wext_get_range(drv);
1012 * Unlock the driver's BSSID and force to a random SSID to clear any
1013 * previous association the driver might have when the supplicant
1016 wpa_driver_wext_disconnect(drv);
1018 drv->ifindex = if_nametoindex(drv->ifname);
1020 if (os_strncmp(drv->ifname, "wlan", 4) == 0) {
1022 * Host AP driver may use both wlan# and wifi# interface in
1023 * wireless events. Since some of the versions included WE-18
1024 * support, let's add the alternative ifindex also from
1025 * driver_wext.c for the time being. This may be removed at
1026 * some point once it is believed that old versions of the
1027 * driver are not in use anymore.
1029 char ifname2[IFNAMSIZ + 1];
1030 os_strlcpy(ifname2, drv->ifname, sizeof(ifname2));
1031 os_memcpy(ifname2, "wifi", 4);
1032 wpa_driver_wext_alternative_ifindex(drv, ifname2);
1035 wpa_driver_wext_send_oper_ifla(drv, 1, IF_OPER_DORMANT);
1040 * wpa_driver_wext_deinit - Deinitialize WE driver interface
1041 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1043 * Shut down driver interface and processing of driver events. Free
1044 * private data buffer if one was allocated in wpa_driver_wext_init().
1046 void wpa_driver_wext_deinit(void *priv)
1048 struct wpa_driver_wext_data *drv = priv;
1051 eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
1054 * Clear possibly configured driver parameters in order to make it
1055 * easier to use the driver after wpa_supplicant has been terminated.
1057 wpa_driver_wext_disconnect(drv);
1059 wpa_driver_wext_send_oper_ifla(priv, 0, IF_OPER_UP);
1061 eloop_unregister_read_sock(drv->event_sock);
1062 if (drv->mlme_sock >= 0)
1063 eloop_unregister_read_sock(drv->mlme_sock);
1065 if (wpa_driver_wext_get_ifflags(drv, &flags) == 0)
1066 (void) wpa_driver_wext_set_ifflags(drv, flags & ~IFF_UP);
1068 close(drv->event_sock);
1069 close(drv->ioctl_sock);
1070 if (drv->mlme_sock >= 0)
1071 close(drv->mlme_sock);
1072 os_free(drv->assoc_req_ies);
1073 os_free(drv->assoc_resp_ies);
1079 * wpa_driver_wext_scan_timeout - Scan timeout to report scan completion
1080 * @eloop_ctx: Unused
1081 * @timeout_ctx: ctx argument given to wpa_driver_wext_init()
1083 * This function can be used as registered timeout when starting a scan to
1084 * generate a scan completed event if the driver does not report this.
1086 void wpa_driver_wext_scan_timeout(void *eloop_ctx, void *timeout_ctx)
1088 wpa_printf(MSG_DEBUG, "Scan timeout - try to get results");
1089 wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL);
1094 * wpa_driver_wext_scan - Request the driver to initiate scan
1095 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1096 * @ssid: Specific SSID to scan for (ProbeReq) or %NULL to scan for
1097 * all SSIDs (either active scan with broadcast SSID or passive
1099 * @ssid_len: Length of the SSID
1100 * Returns: 0 on success, -1 on failure
1102 int wpa_driver_wext_scan(void *priv, const u8 *ssid, size_t ssid_len)
1104 struct wpa_driver_wext_data *drv = priv;
1106 int ret = 0, timeout;
1107 struct iw_scan_req req;
1109 struct wpa_supplicant *wpa_s = (struct wpa_supplicant *)(drv->ctx);
1110 int scan_probe_flag = 0;
1113 if (ssid_len > IW_ESSID_MAX_SIZE) {
1114 wpa_printf(MSG_DEBUG, "%s: too long SSID (%lu)",
1115 __FUNCTION__, (unsigned long) ssid_len);
1119 os_memset(&iwr, 0, sizeof(iwr));
1120 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1123 if (wpa_s->prev_scan_ssid != BROADCAST_SSID_SCAN) {
1124 scan_probe_flag = wpa_s->prev_scan_ssid->scan_ssid;
1126 if (scan_probe_flag && (ssid && ssid_len)) {
1128 if (ssid && ssid_len) {
1130 os_memset(&req, 0, sizeof(req));
1131 req.essid_len = ssid_len;
1132 req.bssid.sa_family = ARPHRD_ETHER;
1133 os_memset(req.bssid.sa_data, 0xff, ETH_ALEN);
1134 os_memcpy(req.essid, ssid, ssid_len);
1135 iwr.u.data.pointer = (caddr_t) &req;
1136 iwr.u.data.length = sizeof(req);
1137 iwr.u.data.flags = IW_SCAN_THIS_ESSID;
1140 if (ioctl(drv->ioctl_sock, SIOCSIWSCAN, &iwr) < 0) {
1141 perror("ioctl[SIOCSIWSCAN]");
1145 /* Not all drivers generate "scan completed" wireless event, so try to
1146 * read results after a timeout. */
1148 if (drv->scan_complete_events) {
1150 * The driver seems to deliver SIOCGIWSCAN events to notify
1151 * when scan is complete, so use longer timeout to avoid race
1152 * conditions with scanning and following association request.
1156 wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d "
1157 "seconds", ret, timeout);
1158 eloop_cancel_timeout(wpa_driver_wext_scan_timeout, drv, drv->ctx);
1159 eloop_register_timeout(timeout, 0, wpa_driver_wext_scan_timeout, drv,
1166 static u8 * wpa_driver_wext_giwscan(struct wpa_driver_wext_data *drv,
1173 res_buf_len = IW_SCAN_MAX_DATA;
1175 res_buf = os_malloc(res_buf_len);
1176 if (res_buf == NULL)
1178 os_memset(&iwr, 0, sizeof(iwr));
1179 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1180 iwr.u.data.pointer = res_buf;
1181 iwr.u.data.length = res_buf_len;
1183 if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0)
1186 if (errno == E2BIG && res_buf_len < 65535) {
1190 if (res_buf_len > 65535)
1191 res_buf_len = 65535; /* 16-bit length field */
1192 wpa_printf(MSG_DEBUG, "Scan results did not fit - "
1193 "trying larger buffer (%lu bytes)",
1194 (unsigned long) res_buf_len);
1196 perror("ioctl[SIOCGIWSCAN]");
1202 if (iwr.u.data.length > res_buf_len) {
1206 *len = iwr.u.data.length;
1213 * Data structure for collecting WEXT scan results. This is needed to allow
1214 * the various methods of reporting IEs to be combined into a single IE buffer.
1216 struct wext_scan_data {
1217 struct wpa_scan_res res;
1226 static void wext_get_scan_mode(struct iw_event *iwe,
1227 struct wext_scan_data *res)
1229 if (iwe->u.mode == IW_MODE_ADHOC)
1230 res->res.caps |= IEEE80211_CAP_IBSS;
1231 else if (iwe->u.mode == IW_MODE_MASTER || iwe->u.mode == IW_MODE_INFRA)
1232 res->res.caps |= IEEE80211_CAP_ESS;
1236 static void wext_get_scan_ssid(struct iw_event *iwe,
1237 struct wext_scan_data *res, char *custom,
1240 int ssid_len = iwe->u.essid.length;
1241 if (custom + ssid_len > end)
1243 if (iwe->u.essid.flags &&
1245 ssid_len <= IW_ESSID_MAX_SIZE) {
1246 os_memcpy(res->ssid, custom, ssid_len);
1247 res->ssid_len = ssid_len;
1252 static void wext_get_scan_freq(struct iw_event *iwe,
1253 struct wext_scan_data *res)
1255 int divi = 1000000, i;
1257 if (iwe->u.freq.e == 0) {
1259 * Some drivers do not report frequency, but a channel.
1260 * Try to map this to frequency by assuming they are using
1261 * IEEE 802.11b/g. But don't overwrite a previously parsed
1262 * frequency if the driver sends both frequency and channel,
1263 * since the driver may be sending an A-band channel that we
1264 * don't handle here.
1270 if (iwe->u.freq.m >= 1 && iwe->u.freq.m <= 13) {
1271 res->res.freq = 2407 + 5 * iwe->u.freq.m;
1273 } else if (iwe->u.freq.m == 14) {
1274 res->res.freq = 2484;
1279 if (iwe->u.freq.e > 6) {
1280 wpa_printf(MSG_DEBUG, "Invalid freq in scan results (BSSID="
1281 MACSTR " m=%d e=%d)",
1282 MAC2STR(res->res.bssid), iwe->u.freq.m,
1287 for (i = 0; i < iwe->u.freq.e; i++)
1289 res->res.freq = iwe->u.freq.m / divi;
1293 static void wext_get_scan_qual(struct iw_event *iwe,
1294 struct wext_scan_data *res)
1296 res->res.qual = iwe->u.qual.qual;
1297 res->res.noise = iwe->u.qual.noise;
1298 res->res.level = iwe->u.qual.level;
1302 static void wext_get_scan_encode(struct iw_event *iwe,
1303 struct wext_scan_data *res)
1305 if (!(iwe->u.data.flags & IW_ENCODE_DISABLED))
1306 res->res.caps |= IEEE80211_CAP_PRIVACY;
1310 static void wext_get_scan_rate(struct iw_event *iwe,
1311 struct wext_scan_data *res, char *pos,
1315 char *custom = pos + IW_EV_LCP_LEN;
1320 if (custom + clen > end)
1323 while (((ssize_t) clen) >= (ssize_t) sizeof(struct iw_param)) {
1324 /* Note: may be misaligned, make a local, aligned copy */
1325 os_memcpy(&p, custom, sizeof(struct iw_param));
1326 if (p.value > maxrate)
1328 clen -= sizeof(struct iw_param);
1329 custom += sizeof(struct iw_param);
1332 /* Convert the maxrate from WE-style (b/s units) to
1333 * 802.11 rates (500000 b/s units).
1335 res->maxrate = maxrate / 500000;
1339 static void wext_get_scan_iwevgenie(struct iw_event *iwe,
1340 struct wext_scan_data *res, char *custom,
1343 char *genie, *gpos, *gend;
1346 if (iwe->u.data.length == 0)
1349 gpos = genie = custom;
1350 gend = genie + iwe->u.data.length;
1352 wpa_printf(MSG_INFO, "IWEVGENIE overflow");
1356 tmp = os_realloc(res->ie, res->ie_len + gend - gpos);
1359 os_memcpy(tmp + res->ie_len, gpos, gend - gpos);
1361 res->ie_len += gend - gpos;
1365 static void wext_get_scan_custom(struct iw_event *iwe,
1366 struct wext_scan_data *res, char *custom,
1372 clen = iwe->u.data.length;
1373 if (custom + clen > end)
1376 if (clen > 7 && os_strncmp(custom, "wpa_ie=", 7) == 0) {
1380 bytes = custom + clen - spos;
1381 if (bytes & 1 || bytes == 0)
1384 tmp = os_realloc(res->ie, res->ie_len + bytes);
1387 hexstr2bin(spos, tmp + res->ie_len, bytes);
1389 res->ie_len += bytes;
1390 } else if (clen > 7 && os_strncmp(custom, "rsn_ie=", 7) == 0) {
1394 bytes = custom + clen - spos;
1395 if (bytes & 1 || bytes == 0)
1398 tmp = os_realloc(res->ie, res->ie_len + bytes);
1401 hexstr2bin(spos, tmp + res->ie_len, bytes);
1403 res->ie_len += bytes;
1404 } else if (clen > 4 && os_strncmp(custom, "tsf=", 4) == 0) {
1409 bytes = custom + clen - spos;
1411 wpa_printf(MSG_INFO, "Invalid TSF length (%d)", bytes);
1415 hexstr2bin(spos, bin, bytes);
1416 res->res.tsf += WPA_GET_BE64(bin);
1421 static int wext_19_iw_point(struct wpa_driver_wext_data *drv, u16 cmd)
1423 return drv->we_version_compiled > 18 &&
1424 (cmd == SIOCGIWESSID || cmd == SIOCGIWENCODE ||
1425 cmd == IWEVGENIE || cmd == IWEVCUSTOM);
1429 static void wpa_driver_wext_add_scan_entry(struct wpa_scan_results *res,
1430 struct wext_scan_data *data)
1432 struct wpa_scan_res **tmp;
1433 struct wpa_scan_res *r;
1435 u8 *pos, *end, *ssid_ie = NULL, *rate_ie = NULL;
1437 /* Figure out whether we need to fake any IEs */
1439 end = pos + data->ie_len;
1440 while (pos && pos + 1 < end) {
1441 if (pos + 2 + pos[1] > end)
1443 if (pos[0] == WLAN_EID_SSID)
1445 else if (pos[0] == WLAN_EID_SUPP_RATES)
1447 else if (pos[0] == WLAN_EID_EXT_SUPP_RATES)
1453 if (ssid_ie == NULL)
1454 extra_len += 2 + data->ssid_len;
1455 if (rate_ie == NULL && data->maxrate)
1458 r = os_zalloc(sizeof(*r) + extra_len + data->ie_len);
1461 os_memcpy(r, &data->res, sizeof(*r));
1462 r->ie_len = extra_len + data->ie_len;
1463 pos = (u8 *) (r + 1);
1464 if (ssid_ie == NULL) {
1466 * Generate a fake SSID IE since the driver did not report
1469 *pos++ = WLAN_EID_SSID;
1470 *pos++ = data->ssid_len;
1471 os_memcpy(pos, data->ssid, data->ssid_len);
1472 pos += data->ssid_len;
1474 if (rate_ie == NULL && data->maxrate) {
1476 * Generate a fake Supported Rates IE since the driver did not
1477 * report a full IE list.
1479 *pos++ = WLAN_EID_SUPP_RATES;
1481 *pos++ = data->maxrate;
1484 os_memcpy(pos, data->ie, data->ie_len);
1486 tmp = os_realloc(res->res,
1487 (res->num + 1) * sizeof(struct wpa_scan_res *));
1492 tmp[res->num++] = r;
1498 * wpa_driver_wext_get_scan_results - Fetch the latest scan results
1499 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1500 * Returns: Scan results on success, -1 on failure
1502 struct wpa_scan_results * wpa_driver_wext_get_scan_results(void *priv)
1504 struct wpa_driver_wext_data *drv = priv;
1505 size_t ap_num = 0, len;
1508 struct iw_event iwe_buf, *iwe = &iwe_buf;
1509 char *pos, *end, *custom;
1510 struct wpa_scan_results *res;
1511 struct wext_scan_data data;
1514 /* To make sure correctly parse scan results which is impacted by wext
1515 * version, first check range->we_version, if it is default value (0),
1516 * update again here */
1517 if (drv->we_version_compiled == 0)
1518 wpa_driver_wext_get_range(drv);
1521 res_buf = wpa_driver_wext_giwscan(drv, &len);
1522 if (res_buf == NULL)
1528 res = os_zalloc(sizeof(*res));
1534 pos = (char *) res_buf;
1535 end = (char *) res_buf + len;
1536 os_memset(&data, 0, sizeof(data));
1538 while (pos + IW_EV_LCP_LEN <= end) {
1539 /* Event data may be unaligned, so make a local, aligned copy
1540 * before processing. */
1541 os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN);
1542 if (iwe->len <= IW_EV_LCP_LEN)
1545 custom = pos + IW_EV_POINT_LEN;
1546 if (wext_19_iw_point(drv, iwe->cmd)) {
1547 /* WE-19 removed the pointer from struct iw_point */
1548 char *dpos = (char *) &iwe_buf.u.data.length;
1549 int dlen = dpos - (char *) &iwe_buf;
1550 os_memcpy(dpos, pos + IW_EV_LCP_LEN,
1551 sizeof(struct iw_event) - dlen);
1553 os_memcpy(&iwe_buf, pos, sizeof(struct iw_event));
1554 custom += IW_EV_POINT_OFF;
1560 wpa_driver_wext_add_scan_entry(res, &data);
1563 os_memset(&data, 0, sizeof(data));
1564 os_memcpy(data.res.bssid,
1565 iwe->u.ap_addr.sa_data, ETH_ALEN);
1568 wext_get_scan_mode(iwe, &data);
1571 wext_get_scan_ssid(iwe, &data, custom, end);
1574 wext_get_scan_freq(iwe, &data);
1577 wext_get_scan_qual(iwe, &data);
1580 wext_get_scan_encode(iwe, &data);
1583 wext_get_scan_rate(iwe, &data, pos, end);
1586 wext_get_scan_iwevgenie(iwe, &data, custom, end);
1589 wext_get_scan_custom(iwe, &data, custom, end);
1598 wpa_driver_wext_add_scan_entry(res, &data);
1601 wpa_printf(MSG_DEBUG, "Received %lu bytes of scan results (%lu BSSes)",
1602 (unsigned long) len, (unsigned long) res->num);
1608 static int wpa_driver_wext_get_range(void *priv)
1610 struct wpa_driver_wext_data *drv = priv;
1611 struct iw_range *range;
1617 * Use larger buffer than struct iw_range in order to allow the
1618 * structure to grow in the future.
1620 buflen = sizeof(struct iw_range) + 500;
1621 range = os_zalloc(buflen);
1625 os_memset(&iwr, 0, sizeof(iwr));
1626 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1627 iwr.u.data.pointer = (caddr_t) range;
1628 iwr.u.data.length = buflen;
1630 minlen = ((char *) &range->enc_capa) - (char *) range +
1631 sizeof(range->enc_capa);
1633 if (ioctl(drv->ioctl_sock, SIOCGIWRANGE, &iwr) < 0) {
1634 perror("ioctl[SIOCGIWRANGE]");
1637 } else if (iwr.u.data.length >= minlen &&
1638 range->we_version_compiled >= 18) {
1639 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: WE(compiled)=%d "
1640 "WE(source)=%d enc_capa=0x%x",
1641 range->we_version_compiled,
1642 range->we_version_source,
1644 drv->has_capability = 1;
1645 drv->we_version_compiled = range->we_version_compiled;
1646 if (range->enc_capa & IW_ENC_CAPA_WPA) {
1647 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1648 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK;
1650 if (range->enc_capa & IW_ENC_CAPA_WPA2) {
1651 drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA2 |
1652 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK;
1654 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 |
1655 WPA_DRIVER_CAPA_ENC_WEP104;
1656 if (range->enc_capa & IW_ENC_CAPA_CIPHER_TKIP)
1657 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP;
1658 if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP)
1659 drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP;
1660 if (range->enc_capa & IW_ENC_CAPA_4WAY_HANDSHAKE)
1661 drv->capa.flags |= WPA_DRIVER_FLAGS_4WAY_HANDSHAKE;
1662 drv->capa.auth = WPA_DRIVER_AUTH_OPEN |
1663 WPA_DRIVER_AUTH_SHARED |
1664 WPA_DRIVER_AUTH_LEAP;
1666 wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x "
1668 drv->capa.key_mgmt, drv->capa.enc, drv->capa.flags);
1670 wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: too old (short) data - "
1671 "assuming WPA is not supported");
1679 static int wpa_driver_wext_set_wpa(void *priv, int enabled)
1681 struct wpa_driver_wext_data *drv = priv;
1682 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1684 return wpa_driver_wext_set_auth_param(drv, IW_AUTH_WPA_ENABLED,
1689 static int wpa_driver_wext_set_psk(struct wpa_driver_wext_data *drv,
1692 struct iw_encode_ext *ext;
1696 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1698 if (!(drv->capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1704 os_memset(&iwr, 0, sizeof(iwr));
1705 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1707 ext = os_zalloc(sizeof(*ext) + PMK_LEN);
1711 iwr.u.encoding.pointer = (caddr_t) ext;
1712 iwr.u.encoding.length = sizeof(*ext) + PMK_LEN;
1713 ext->key_len = PMK_LEN;
1714 os_memcpy(&ext->key, psk, ext->key_len);
1715 ext->alg = IW_ENCODE_ALG_PMK;
1717 ret = ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr);
1719 perror("ioctl[SIOCSIWENCODEEXT] PMK");
1726 static int wpa_driver_wext_set_key_ext(void *priv, wpa_alg alg,
1727 const u8 *addr, int key_idx,
1728 int set_tx, const u8 *seq,
1730 const u8 *key, size_t key_len)
1732 struct wpa_driver_wext_data *drv = priv;
1735 struct iw_encode_ext *ext;
1737 if (seq_len > IW_ENCODE_SEQ_MAX_SIZE) {
1738 wpa_printf(MSG_DEBUG, "%s: Invalid seq_len %lu",
1739 __FUNCTION__, (unsigned long) seq_len);
1743 ext = os_zalloc(sizeof(*ext) + key_len);
1746 os_memset(&iwr, 0, sizeof(iwr));
1747 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1748 iwr.u.encoding.flags = key_idx + 1;
1749 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1750 if (alg == WPA_ALG_NONE)
1751 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1752 iwr.u.encoding.pointer = (caddr_t) ext;
1753 iwr.u.encoding.length = sizeof(*ext) + key_len;
1756 os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) == 0)
1757 ext->ext_flags |= IW_ENCODE_EXT_GROUP_KEY;
1759 ext->ext_flags |= IW_ENCODE_EXT_SET_TX_KEY;
1761 ext->addr.sa_family = ARPHRD_ETHER;
1763 os_memcpy(ext->addr.sa_data, addr, ETH_ALEN);
1765 os_memset(ext->addr.sa_data, 0xff, ETH_ALEN);
1766 if (key && key_len) {
1767 os_memcpy(ext + 1, key, key_len);
1768 ext->key_len = key_len;
1772 ext->alg = IW_ENCODE_ALG_NONE;
1775 ext->alg = IW_ENCODE_ALG_WEP;
1778 ext->alg = IW_ENCODE_ALG_TKIP;
1781 ext->alg = IW_ENCODE_ALG_CCMP;
1784 ext->alg = IW_ENCODE_ALG_PMK;
1786 #ifdef CONFIG_IEEE80211W
1788 ext->alg = IW_ENCODE_ALG_AES_CMAC;
1790 #endif /* CONFIG_IEEE80211W */
1792 wpa_printf(MSG_DEBUG, "%s: Unknown algorithm %d",
1798 if (seq && seq_len) {
1799 ext->ext_flags |= IW_ENCODE_EXT_RX_SEQ_VALID;
1800 os_memcpy(ext->rx_seq, seq, seq_len);
1803 if (ioctl(drv->ioctl_sock, SIOCSIWENCODEEXT, &iwr) < 0) {
1804 ret = errno == EOPNOTSUPP ? -2 : -1;
1805 if (errno == ENODEV) {
1807 * ndiswrapper seems to be returning incorrect error
1812 perror("ioctl[SIOCSIWENCODEEXT]");
1821 * wpa_driver_wext_set_key - Configure encryption key
1822 * @priv: Pointer to private wext data from wpa_driver_wext_init()
1823 * @priv: Private driver interface data
1824 * @alg: Encryption algorithm (%WPA_ALG_NONE, %WPA_ALG_WEP,
1825 * %WPA_ALG_TKIP, %WPA_ALG_CCMP); %WPA_ALG_NONE clears the key.
1826 * @addr: Address of the peer STA or ff:ff:ff:ff:ff:ff for
1827 * broadcast/default keys
1828 * @key_idx: key index (0..3), usually 0 for unicast keys
1829 * @set_tx: Configure this key as the default Tx key (only used when
1830 * driver does not support separate unicast/individual key
1831 * @seq: Sequence number/packet number, seq_len octets, the next
1832 * packet number to be used for in replay protection; configured
1833 * for Rx keys (in most cases, this is only used with broadcast
1834 * keys and set to zero for unicast keys)
1835 * @seq_len: Length of the seq, depends on the algorithm:
1836 * TKIP: 6 octets, CCMP: 6 octets
1837 * @key: Key buffer; TKIP: 16-byte temporal key, 8-byte Tx Mic key,
1839 * @key_len: Length of the key buffer in octets (WEP: 5 or 13,
1840 * TKIP: 32, CCMP: 16)
1841 * Returns: 0 on success, -1 on failure
1843 * This function uses SIOCSIWENCODEEXT by default, but tries to use
1844 * SIOCSIWENCODE if the extended ioctl fails when configuring a WEP key.
1846 int wpa_driver_wext_set_key(void *priv, wpa_alg alg,
1847 const u8 *addr, int key_idx,
1848 int set_tx, const u8 *seq, size_t seq_len,
1849 const u8 *key, size_t key_len)
1851 struct wpa_driver_wext_data *drv = priv;
1855 wpa_printf(MSG_DEBUG, "%s: alg=%d key_idx=%d set_tx=%d seq_len=%lu "
1857 __FUNCTION__, alg, key_idx, set_tx,
1858 (unsigned long) seq_len, (unsigned long) key_len);
1860 ret = wpa_driver_wext_set_key_ext(drv, alg, addr, key_idx, set_tx,
1861 seq, seq_len, key, key_len);
1866 (alg == WPA_ALG_NONE || alg == WPA_ALG_WEP)) {
1867 wpa_printf(MSG_DEBUG, "Driver did not support "
1868 "SIOCSIWENCODEEXT, trying SIOCSIWENCODE");
1871 wpa_printf(MSG_DEBUG, "Driver did not support "
1872 "SIOCSIWENCODEEXT");
1876 os_memset(&iwr, 0, sizeof(iwr));
1877 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1878 iwr.u.encoding.flags = key_idx + 1;
1879 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1880 if (alg == WPA_ALG_NONE)
1881 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
1882 iwr.u.encoding.pointer = (caddr_t) key;
1883 iwr.u.encoding.length = key_len;
1885 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1886 perror("ioctl[SIOCSIWENCODE]");
1890 if (set_tx && alg != WPA_ALG_NONE) {
1891 os_memset(&iwr, 0, sizeof(iwr));
1892 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1893 iwr.u.encoding.flags = key_idx + 1;
1894 iwr.u.encoding.flags |= IW_ENCODE_TEMP;
1895 iwr.u.encoding.pointer = (caddr_t) NULL;
1896 iwr.u.encoding.length = 0;
1897 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
1898 perror("ioctl[SIOCSIWENCODE] (set_tx)");
1907 static int wpa_driver_wext_set_countermeasures(void *priv,
1910 struct wpa_driver_wext_data *drv = priv;
1911 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1912 return wpa_driver_wext_set_auth_param(drv,
1913 IW_AUTH_TKIP_COUNTERMEASURES,
1918 static int wpa_driver_wext_set_drop_unencrypted(void *priv,
1921 struct wpa_driver_wext_data *drv = priv;
1922 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1923 drv->use_crypt = enabled;
1924 return wpa_driver_wext_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED,
1929 static int wpa_driver_wext_mlme(struct wpa_driver_wext_data *drv,
1930 const u8 *addr, int cmd, int reason_code)
1933 struct iw_mlme mlme;
1936 os_memset(&iwr, 0, sizeof(iwr));
1937 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1938 os_memset(&mlme, 0, sizeof(mlme));
1940 mlme.reason_code = reason_code;
1941 mlme.addr.sa_family = ARPHRD_ETHER;
1942 os_memcpy(mlme.addr.sa_data, addr, ETH_ALEN);
1943 iwr.u.data.pointer = (caddr_t) &mlme;
1944 iwr.u.data.length = sizeof(mlme);
1946 if (ioctl(drv->ioctl_sock, SIOCSIWMLME, &iwr) < 0) {
1947 perror("ioctl[SIOCSIWMLME]");
1955 static void wpa_driver_wext_disconnect(struct wpa_driver_wext_data *drv)
1958 const u8 null_bssid[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 };
1963 * Only force-disconnect when the card is in infrastructure mode,
1964 * otherwise the driver might interpret the cleared BSSID and random
1965 * SSID as an attempt to create a new ad-hoc network.
1967 os_memset(&iwr, 0, sizeof(iwr));
1968 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
1969 if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
1970 perror("ioctl[SIOCGIWMODE]");
1971 iwr.u.mode = IW_MODE_INFRA;
1974 if (iwr.u.mode == IW_MODE_INFRA) {
1976 * Clear the BSSID selection and set a random SSID to make sure
1977 * the driver will not be trying to associate with something
1978 * even if it does not understand SIOCSIWMLME commands (or
1979 * tries to associate automatically after deauth/disassoc).
1981 wpa_driver_wext_set_bssid(drv, null_bssid);
1983 for (i = 0; i < 32; i++)
1984 ssid[i] = rand() & 0xFF;
1985 wpa_driver_wext_set_ssid(drv, ssid, 32);
1990 static int wpa_driver_wext_deauthenticate(void *priv, const u8 *addr,
1993 struct wpa_driver_wext_data *drv = priv;
1995 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
1996 ret = wpa_driver_wext_mlme(drv, addr, IW_MLME_DEAUTH, reason_code);
1997 wpa_driver_wext_disconnect(drv);
2002 static int wpa_driver_wext_disassociate(void *priv, const u8 *addr,
2005 struct wpa_driver_wext_data *drv = priv;
2007 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
2008 ret = wpa_driver_wext_mlme(drv, addr, IW_MLME_DISASSOC, reason_code);
2009 wpa_driver_wext_disconnect(drv);
2014 static int wpa_driver_wext_set_gen_ie(void *priv, const u8 *ie,
2017 struct wpa_driver_wext_data *drv = priv;
2021 os_memset(&iwr, 0, sizeof(iwr));
2022 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2023 iwr.u.data.pointer = (caddr_t) ie;
2024 iwr.u.data.length = ie_len;
2026 if (ioctl(drv->ioctl_sock, SIOCSIWGENIE, &iwr) < 0) {
2027 perror("ioctl[SIOCSIWGENIE]");
2035 int wpa_driver_wext_cipher2wext(int cipher)
2039 return IW_AUTH_CIPHER_NONE;
2041 return IW_AUTH_CIPHER_WEP40;
2043 return IW_AUTH_CIPHER_TKIP;
2045 return IW_AUTH_CIPHER_CCMP;
2047 return IW_AUTH_CIPHER_WEP104;
2054 int wpa_driver_wext_keymgmt2wext(int keymgmt)
2057 case KEY_MGMT_802_1X:
2058 case KEY_MGMT_802_1X_NO_WPA:
2059 return IW_AUTH_KEY_MGMT_802_1X;
2061 return IW_AUTH_KEY_MGMT_PSK;
2069 wpa_driver_wext_auth_alg_fallback(struct wpa_driver_wext_data *drv,
2070 struct wpa_driver_associate_params *params)
2075 wpa_printf(MSG_DEBUG, "WEXT: Driver did not support "
2076 "SIOCSIWAUTH for AUTH_ALG, trying SIOCSIWENCODE");
2078 os_memset(&iwr, 0, sizeof(iwr));
2079 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2080 /* Just changing mode, not actual keys */
2081 iwr.u.encoding.flags = 0;
2082 iwr.u.encoding.pointer = (caddr_t) NULL;
2083 iwr.u.encoding.length = 0;
2086 * Note: IW_ENCODE_{OPEN,RESTRICTED} can be interpreted to mean two
2087 * different things. Here they are used to indicate Open System vs.
2088 * Shared Key authentication algorithm. However, some drivers may use
2089 * them to select between open/restricted WEP encrypted (open = allow
2090 * both unencrypted and encrypted frames; restricted = only allow
2091 * encrypted frames).
2094 if (!drv->use_crypt) {
2095 iwr.u.encoding.flags |= IW_ENCODE_DISABLED;
2097 if (params->auth_alg & AUTH_ALG_OPEN_SYSTEM)
2098 iwr.u.encoding.flags |= IW_ENCODE_OPEN;
2099 if (params->auth_alg & AUTH_ALG_SHARED_KEY)
2100 iwr.u.encoding.flags |= IW_ENCODE_RESTRICTED;
2103 if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) {
2104 perror("ioctl[SIOCSIWENCODE]");
2112 int wpa_driver_wext_associate(void *priv,
2113 struct wpa_driver_associate_params *params)
2115 struct wpa_driver_wext_data *drv = priv;
2117 int allow_unencrypted_eapol;
2120 wpa_printf(MSG_DEBUG, "%s", __FUNCTION__);
2123 drv->skip_disconnect = 0;
2126 if (wpa_driver_wext_get_ifflags(drv, &flags) == 0) {
2127 if (!(flags & IFF_UP)) {
2128 wpa_driver_wext_set_ifflags(drv, flags | IFF_UP);
2133 * If the driver did not support SIOCSIWAUTH, fallback to
2134 * SIOCSIWENCODE here.
2136 if (drv->auth_alg_fallback &&
2137 wpa_driver_wext_auth_alg_fallback(drv, params) < 0)
2140 if (!params->bssid &&
2141 wpa_driver_wext_set_bssid(drv, NULL) < 0)
2144 /* TODO: should consider getting wpa version and cipher/key_mgmt suites
2145 * from configuration, not from here, where only the selected suite is
2147 if (wpa_driver_wext_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len)
2150 if (params->wpa_ie == NULL || params->wpa_ie_len == 0)
2151 value = IW_AUTH_WPA_VERSION_DISABLED;
2152 else if (params->wpa_ie[0] == WLAN_EID_RSN)
2153 value = IW_AUTH_WPA_VERSION_WPA2;
2155 value = IW_AUTH_WPA_VERSION_WPA;
2156 if (wpa_driver_wext_set_auth_param(drv,
2157 IW_AUTH_WPA_VERSION, value) < 0)
2159 value = wpa_driver_wext_cipher2wext(params->pairwise_suite);
2160 if (wpa_driver_wext_set_auth_param(drv,
2161 IW_AUTH_CIPHER_PAIRWISE, value) < 0)
2163 value = wpa_driver_wext_cipher2wext(params->group_suite);
2164 if (wpa_driver_wext_set_auth_param(drv,
2165 IW_AUTH_CIPHER_GROUP, value) < 0)
2167 value = wpa_driver_wext_keymgmt2wext(params->key_mgmt_suite);
2168 if (wpa_driver_wext_set_auth_param(drv,
2169 IW_AUTH_KEY_MGMT, value) < 0)
2171 value = params->key_mgmt_suite != KEY_MGMT_NONE ||
2172 params->pairwise_suite != CIPHER_NONE ||
2173 params->group_suite != CIPHER_NONE ||
2175 if (wpa_driver_wext_set_auth_param(drv,
2176 IW_AUTH_PRIVACY_INVOKED, value) < 0)
2179 /* Allow unencrypted EAPOL messages even if pairwise keys are set when
2180 * not using WPA. IEEE 802.1X specifies that these frames are not
2181 * encrypted, but WPA encrypts them when pairwise keys are in use. */
2182 if (params->key_mgmt_suite == KEY_MGMT_802_1X ||
2183 params->key_mgmt_suite == KEY_MGMT_PSK)
2184 allow_unencrypted_eapol = 0;
2186 allow_unencrypted_eapol = 1;
2188 if (wpa_driver_wext_set_psk(drv, params->psk) < 0)
2190 if (wpa_driver_wext_set_auth_param(drv,
2191 IW_AUTH_RX_UNENCRYPTED_EAPOL,
2192 allow_unencrypted_eapol) < 0)
2194 #ifdef CONFIG_IEEE80211W
2195 switch (params->mgmt_frame_protection) {
2196 case NO_MGMT_FRAME_PROTECTION:
2197 value = IW_AUTH_MFP_DISABLED;
2199 case MGMT_FRAME_PROTECTION_OPTIONAL:
2200 value = IW_AUTH_MFP_OPTIONAL;
2202 case MGMT_FRAME_PROTECTION_REQUIRED:
2203 value = IW_AUTH_MFP_REQUIRED;
2206 if (wpa_driver_wext_set_auth_param(drv, IW_AUTH_MFP, value) < 0)
2208 #endif /* CONFIG_IEEE80211W */
2209 if (params->freq && wpa_driver_wext_set_freq(drv, params->freq) < 0)
2211 if (wpa_driver_wext_set_ssid(drv, params->ssid, params->ssid_len) < 0)
2213 if (params->bssid &&
2214 wpa_driver_wext_set_bssid(drv, params->bssid) < 0)
2221 static int wpa_driver_wext_set_auth_alg(void *priv, int auth_alg)
2223 struct wpa_driver_wext_data *drv = priv;
2226 if (auth_alg & AUTH_ALG_OPEN_SYSTEM)
2227 algs |= IW_AUTH_ALG_OPEN_SYSTEM;
2228 if (auth_alg & AUTH_ALG_SHARED_KEY)
2229 algs |= IW_AUTH_ALG_SHARED_KEY;
2230 if (auth_alg & AUTH_ALG_LEAP)
2231 algs |= IW_AUTH_ALG_LEAP;
2233 /* at least one algorithm should be set */
2234 algs = IW_AUTH_ALG_OPEN_SYSTEM;
2237 res = wpa_driver_wext_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG,
2239 drv->auth_alg_fallback = res == -2;
2245 * wpa_driver_wext_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE
2246 * @priv: Pointer to private wext data from wpa_driver_wext_init()
2247 * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS
2248 * Returns: 0 on success, -1 on failure
2250 int wpa_driver_wext_set_mode(void *priv, int mode)
2252 struct wpa_driver_wext_data *drv = priv;
2254 int ret = -1, flags;
2255 unsigned int new_mode = mode ? IW_MODE_ADHOC : IW_MODE_INFRA;
2257 os_memset(&iwr, 0, sizeof(iwr));
2258 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2259 iwr.u.mode = new_mode;
2260 if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) == 0) {
2265 if (errno != EBUSY) {
2266 perror("ioctl[SIOCSIWMODE]");
2270 /* mac80211 doesn't allow mode changes while the device is up, so if
2271 * the device isn't in the mode we're about to change to, take device
2272 * down, try to set the mode again, and bring it back up.
2274 if (ioctl(drv->ioctl_sock, SIOCGIWMODE, &iwr) < 0) {
2275 perror("ioctl[SIOCGIWMODE]");
2279 if (iwr.u.mode == new_mode) {
2284 if (wpa_driver_wext_get_ifflags(drv, &flags) == 0) {
2285 (void) wpa_driver_wext_set_ifflags(drv, flags & ~IFF_UP);
2287 /* Try to set the mode again while the interface is down */
2288 iwr.u.mode = new_mode;
2289 if (ioctl(drv->ioctl_sock, SIOCSIWMODE, &iwr) < 0)
2290 perror("ioctl[SIOCSIWMODE]");
2294 /* Ignore return value of get_ifflags to ensure that the device
2295 * is always up like it was before this function was called.
2297 (void) wpa_driver_wext_get_ifflags(drv, &flags);
2298 (void) wpa_driver_wext_set_ifflags(drv, flags | IFF_UP);
2306 static int wpa_driver_wext_pmksa(struct wpa_driver_wext_data *drv,
2307 u32 cmd, const u8 *bssid, const u8 *pmkid)
2310 struct iw_pmksa pmksa;
2313 os_memset(&iwr, 0, sizeof(iwr));
2314 os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2315 os_memset(&pmksa, 0, sizeof(pmksa));
2317 pmksa.bssid.sa_family = ARPHRD_ETHER;
2319 os_memcpy(pmksa.bssid.sa_data, bssid, ETH_ALEN);
2321 os_memcpy(pmksa.pmkid, pmkid, IW_PMKID_LEN);
2322 iwr.u.data.pointer = (caddr_t) &pmksa;
2323 iwr.u.data.length = sizeof(pmksa);
2325 if (ioctl(drv->ioctl_sock, SIOCSIWPMKSA, &iwr) < 0) {
2326 if (errno != EOPNOTSUPP)
2327 perror("ioctl[SIOCSIWPMKSA]");
2335 static int wpa_driver_wext_add_pmkid(void *priv, const u8 *bssid,
2338 struct wpa_driver_wext_data *drv = priv;
2339 return wpa_driver_wext_pmksa(drv, IW_PMKSA_ADD, bssid, pmkid);
2343 static int wpa_driver_wext_remove_pmkid(void *priv, const u8 *bssid,
2346 struct wpa_driver_wext_data *drv = priv;
2347 return wpa_driver_wext_pmksa(drv, IW_PMKSA_REMOVE, bssid, pmkid);
2351 static int wpa_driver_wext_flush_pmkid(void *priv)
2353 struct wpa_driver_wext_data *drv = priv;
2354 return wpa_driver_wext_pmksa(drv, IW_PMKSA_FLUSH, NULL, NULL);
2358 int wpa_driver_wext_get_capa(void *priv, struct wpa_driver_capa *capa)
2360 struct wpa_driver_wext_data *drv = priv;
2361 if (!drv->has_capability)
2363 os_memcpy(capa, &drv->capa, sizeof(*capa));
2368 int wpa_driver_wext_alternative_ifindex(struct wpa_driver_wext_data *drv,
2371 if (ifname == NULL) {
2376 drv->ifindex2 = if_nametoindex(ifname);
2377 if (drv->ifindex2 <= 0)
2380 wpa_printf(MSG_DEBUG, "Added alternative ifindex %d (%s) for "
2381 "wireless events", drv->ifindex2, ifname);
2387 int wpa_driver_wext_set_operstate(void *priv, int state)
2389 struct wpa_driver_wext_data *drv = priv;
2391 wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)",
2392 __func__, drv->operstate, state, state ? "UP" : "DORMANT");
2393 drv->operstate = state;
2394 return wpa_driver_wext_send_oper_ifla(
2395 drv, -1, state ? IF_OPER_UP : IF_OPER_DORMANT);
2399 int wpa_driver_wext_get_version(struct wpa_driver_wext_data *drv)
2401 return drv->we_version_compiled;
2406 static char *wpa_driver_get_country_code(int channels)
2408 char *country = "US"; /* WEXT_NUMBER_SCAN_CHANNELS_FCC */
2410 if (channels == WEXT_NUMBER_SCAN_CHANNELS_ETSI)
2412 else if( channels == WEXT_NUMBER_SCAN_CHANNELS_MKK1)
2417 static int wpa_driver_priv_driver_cmd( void *priv, char *cmd, char *buf, size_t buf_len )
2419 struct wpa_driver_wext_data *drv = priv;
2420 struct wpa_supplicant *wpa_s = (struct wpa_supplicant *)(drv->ctx);
2424 wpa_printf(MSG_DEBUG, "%s %s len = %d", __func__, cmd, buf_len);
2426 if (!drv->driver_is_loaded && (os_strcasecmp(cmd, "START") != 0)) {
2427 wpa_printf(MSG_ERROR,"WEXT: Driver not initialized yet");
2431 if (os_strcasecmp(cmd, "RSSI-APPROX") == 0) {
2432 os_strncpy(cmd, "RSSI", MAX_DRV_CMD_SIZE);
2434 else if( os_strncasecmp(cmd, "SCAN-CHANNELS", 13) == 0 ) {
2437 no_of_chan = atoi(cmd + 13);
2438 os_snprintf(cmd, MAX_DRV_CMD_SIZE, "COUNTRY %s",
2439 wpa_driver_get_country_code(no_of_chan));
2441 else if (os_strcasecmp(cmd, "STOP") == 0) {
2442 if ((wpa_driver_wext_get_ifflags(drv, &flags) == 0) &&
2444 wpa_printf(MSG_ERROR, "WEXT: %s when iface is UP", cmd);
2445 wpa_driver_wext_set_ifflags(drv, flags & ~IFF_UP);
2448 else if( os_strcasecmp(cmd, "RELOAD") == 0 ) {
2449 wpa_printf(MSG_DEBUG,"Reload command");
2450 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
2454 os_memset(&iwr, 0, sizeof(iwr));
2455 os_strncpy(iwr.ifr_name, drv->ifname, IFNAMSIZ);
2456 os_memcpy(buf, cmd, strlen(cmd) + 1);
2457 iwr.u.data.pointer = buf;
2458 iwr.u.data.length = buf_len;
2460 if ((ret = ioctl(drv->ioctl_sock, SIOCSIWPRIV, &iwr)) < 0) {
2461 perror("ioctl[SIOCSIWPRIV]");
2465 wpa_printf(MSG_ERROR, "%s failed (%d): %s", __func__, ret, cmd);
2467 if (drv->errors > WEXT_NUMBER_SEQUENTIAL_ERRORS) {
2469 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "HANGED");
2475 if ((os_strcasecmp(cmd, "RSSI") == 0) ||
2476 (os_strcasecmp(cmd, "LINKSPEED") == 0) ||
2477 (os_strcasecmp(cmd, "MACADDR") == 0)) {
2480 else if (os_strcasecmp(cmd, "START") == 0) {
2481 drv->driver_is_loaded = TRUE;
2482 /* os_sleep(0, WPA_DRIVER_WEXT_WAIT_US);
2483 wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "STARTED"); */
2485 else if (os_strcasecmp(cmd, "STOP") == 0) {
2486 drv->driver_is_loaded = FALSE;
2487 /* wpa_msg(drv->ctx, MSG_INFO, WPA_EVENT_DRIVER_STATE "STOPPED"); */
2489 wpa_printf(MSG_DEBUG, "%s %s len = %d, %d", __func__, buf, ret, strlen(buf));
2496 const struct wpa_driver_ops wpa_driver_wext_ops = {
2498 .desc = "Linux wireless extensions (generic)",
2499 .get_bssid = wpa_driver_wext_get_bssid,
2500 .get_ssid = wpa_driver_wext_get_ssid,
2501 .set_wpa = wpa_driver_wext_set_wpa,
2502 .set_key = wpa_driver_wext_set_key,
2503 .set_countermeasures = wpa_driver_wext_set_countermeasures,
2504 .set_drop_unencrypted = wpa_driver_wext_set_drop_unencrypted,
2505 .scan = wpa_driver_wext_scan,
2506 .get_scan_results2 = wpa_driver_wext_get_scan_results,
2507 .deauthenticate = wpa_driver_wext_deauthenticate,
2508 .disassociate = wpa_driver_wext_disassociate,
2509 .set_mode = wpa_driver_wext_set_mode,
2510 .associate = wpa_driver_wext_associate,
2511 .set_auth_alg = wpa_driver_wext_set_auth_alg,
2512 .init = wpa_driver_wext_init,
2513 .deinit = wpa_driver_wext_deinit,
2514 .add_pmkid = wpa_driver_wext_add_pmkid,
2515 .remove_pmkid = wpa_driver_wext_remove_pmkid,
2516 .flush_pmkid = wpa_driver_wext_flush_pmkid,
2517 .get_capa = wpa_driver_wext_get_capa,
2518 .set_operstate = wpa_driver_wext_set_operstate,
2520 .driver_cmd = wpa_driver_priv_driver_cmd,