3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_server/eap_methods.h"
21 #include "rsn_supp/wpa.h"
24 #include "utils/ext_password.h"
25 #include "l2_packet/l2_packet.h"
26 #include "wpa_supplicant_i.h"
28 #include "ctrl_iface.h"
29 #include "pcsc_funcs.h"
30 #include "common/version.h"
31 #include "rsn_supp/preauth.h"
32 #include "rsn_supp/pmksa_cache.h"
33 #include "common/wpa_ctrl.h"
34 #include "common/ieee802_11_defs.h"
36 #include "blacklist.h"
37 #include "wpas_glue.h"
38 #include "wps_supplicant.h"
41 #include "gas_query.h"
43 #include "p2p_supplicant.h"
44 #include "wifi_display.h"
50 #include "offchannel.h"
51 #include "hs20_supplicant.h"
53 const char *wpa_supplicant_version =
54 "wpa_supplicant v" VERSION_STR "\n"
55 "Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors";
57 const char *wpa_supplicant_license =
58 "This software may be distributed under the terms of the BSD license.\n"
59 "See README for more details.\n"
60 #ifdef EAP_TLS_OPENSSL
61 "\nThis product includes software developed by the OpenSSL Project\n"
62 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
63 #endif /* EAP_TLS_OPENSSL */
66 #ifndef CONFIG_NO_STDOUT_DEBUG
67 /* Long text divided into parts in order to fit in C89 strings size limits. */
68 const char *wpa_supplicant_full_license1 =
70 const char *wpa_supplicant_full_license2 =
71 "This software may be distributed under the terms of the BSD license.\n"
73 "Redistribution and use in source and binary forms, with or without\n"
74 "modification, are permitted provided that the following conditions are\n"
77 const char *wpa_supplicant_full_license3 =
78 "1. Redistributions of source code must retain the above copyright\n"
79 " notice, this list of conditions and the following disclaimer.\n"
81 "2. Redistributions in binary form must reproduce the above copyright\n"
82 " notice, this list of conditions and the following disclaimer in the\n"
83 " documentation and/or other materials provided with the distribution.\n"
85 const char *wpa_supplicant_full_license4 =
86 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
87 " names of its contributors may be used to endorse or promote products\n"
88 " derived from this software without specific prior written permission.\n"
90 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
91 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
92 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
93 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
94 const char *wpa_supplicant_full_license5 =
95 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
96 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
97 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
98 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
99 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
100 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
101 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
103 #endif /* CONFIG_NO_STDOUT_DEBUG */
105 extern int wpa_debug_level;
106 extern int wpa_debug_show_keys;
107 extern int wpa_debug_timestamp;
108 extern struct wpa_driver_ops *wpa_drivers[];
110 /* Configure default/group WEP keys for static WEP */
111 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
115 for (i = 0; i < NUM_WEP_KEYS; i++) {
116 if (ssid->wep_key_len[i] == 0)
120 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
121 i, i == ssid->wep_tx_keyidx, NULL, 0,
122 ssid->wep_key[i], ssid->wep_key_len[i]);
129 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
130 struct wpa_ssid *ssid)
137 /* IBSS/WPA-None uses only one key (Group) for both receiving and
138 * sending unicast and multicast packets. */
140 if (ssid->mode != WPAS_MODE_IBSS) {
141 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
142 "IBSS/ad-hoc) for WPA-None", ssid->mode);
146 if (!ssid->psk_set) {
147 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
152 switch (wpa_s->group_cipher) {
153 case WPA_CIPHER_CCMP:
154 os_memcpy(key, ssid->psk, 16);
158 case WPA_CIPHER_GCMP:
159 os_memcpy(key, ssid->psk, 16);
163 case WPA_CIPHER_TKIP:
164 /* WPA-None uses the same Michael MIC key for both TX and RX */
165 os_memcpy(key, ssid->psk, 16 + 8);
166 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
172 "WPA-None", wpa_s->group_cipher);
176 /* TODO: should actually remember the previously used seq#, both for TX
177 * and RX from each STA.. */
179 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
183 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
185 struct wpa_supplicant *wpa_s = eloop_ctx;
186 const u8 *bssid = wpa_s->bssid;
187 if (is_zero_ether_addr(bssid))
188 bssid = wpa_s->pending_bssid;
189 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
191 wpa_blacklist_add(wpa_s, bssid);
192 wpa_sm_notify_disassoc(wpa_s->wpa);
193 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
194 wpa_s->reassociate = 1;
197 * If we timed out, the AP or the local radio may be busy.
198 * So, wait a second until scanning again.
200 wpa_supplicant_req_scan(wpa_s, 1, 0);
203 if (wpa_s->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
204 wpa_s->global->p2p != NULL) {
205 wpa_s->p2p_cb_on_scan_complete = 0;
206 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
207 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
208 "continued after timed out authentication");
211 #endif /* CONFIG_P2P */
216 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
217 * @wpa_s: Pointer to wpa_supplicant data
218 * @sec: Number of seconds after which to time out authentication
219 * @usec: Number of microseconds after which to time out authentication
221 * This function is used to schedule a timeout for the current authentication
224 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
227 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
228 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
231 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
232 "%d usec", sec, usec);
233 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
234 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
239 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
240 * @wpa_s: Pointer to wpa_supplicant data
242 * This function is used to cancel authentication timeout scheduled with
243 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
246 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
248 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
249 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
250 wpa_blacklist_del(wpa_s, wpa_s->bssid);
255 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
256 * @wpa_s: Pointer to wpa_supplicant data
258 * This function is used to configure EAPOL state machine based on the selected
259 * authentication mode.
261 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
263 #ifdef IEEE8021X_EAPOL
264 struct eapol_config eapol_conf;
265 struct wpa_ssid *ssid = wpa_s->current_ssid;
267 #ifdef CONFIG_IBSS_RSN
268 if (ssid->mode == WPAS_MODE_IBSS &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
270 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
272 * RSN IBSS authentication is per-STA and we can disable the
273 * per-BSSID EAPOL authentication.
275 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
276 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
277 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
280 #endif /* CONFIG_IBSS_RSN */
282 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
283 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
286 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
287 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
289 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
291 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
292 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
293 eapol_conf.accept_802_1x_keys = 1;
294 eapol_conf.required_keys = 0;
295 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
296 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
298 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
299 eapol_conf.required_keys |=
300 EAPOL_REQUIRE_KEY_BROADCAST;
303 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
304 eapol_conf.required_keys = 0;
307 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
308 eapol_conf.workaround = ssid->eap_workaround;
309 eapol_conf.eap_disabled =
310 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
311 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
312 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
313 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
314 #endif /* IEEE8021X_EAPOL */
319 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
320 * @wpa_s: Pointer to wpa_supplicant data
321 * @ssid: Configuration data for the network
323 * This function is used to configure WPA state machine and related parameters
324 * to a mode where WPA is not enabled. This is called as part of the
325 * authentication configuration when the selected network does not use WPA.
327 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
328 struct wpa_ssid *ssid)
332 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
333 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
334 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
335 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
337 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
338 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
339 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
340 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
341 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
342 wpa_s->group_cipher = WPA_CIPHER_NONE;
343 wpa_s->mgmt_group_cipher = 0;
345 for (i = 0; i < NUM_WEP_KEYS; i++) {
346 if (ssid->wep_key_len[i] > 5) {
347 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
348 wpa_s->group_cipher = WPA_CIPHER_WEP104;
350 } else if (ssid->wep_key_len[i] > 0) {
351 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
352 wpa_s->group_cipher = WPA_CIPHER_WEP40;
357 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
358 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
359 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
360 wpa_s->pairwise_cipher);
361 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
362 #ifdef CONFIG_IEEE80211W
363 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
364 wpa_s->mgmt_group_cipher);
365 #endif /* CONFIG_IEEE80211W */
367 pmksa_cache_clear_current(wpa_s->wpa);
371 void free_hw_features(struct wpa_supplicant *wpa_s)
374 if (wpa_s->hw.modes == NULL)
377 for (i = 0; i < wpa_s->hw.num_modes; i++) {
378 os_free(wpa_s->hw.modes[i].channels);
379 os_free(wpa_s->hw.modes[i].rates);
382 os_free(wpa_s->hw.modes);
383 wpa_s->hw.modes = NULL;
387 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
389 bgscan_deinit(wpa_s);
390 autoscan_deinit(wpa_s);
391 scard_deinit(wpa_s->scard);
393 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
394 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
395 l2_packet_deinit(wpa_s->l2);
398 l2_packet_deinit(wpa_s->l2_br);
402 if (wpa_s->conf != NULL) {
403 struct wpa_ssid *ssid;
404 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
405 wpas_notify_network_removed(wpa_s, ssid);
408 os_free(wpa_s->confname);
409 wpa_s->confname = NULL;
411 wpa_sm_set_eapol(wpa_s->wpa, NULL);
412 eapol_sm_deinit(wpa_s->eapol);
415 rsn_preauth_deinit(wpa_s->wpa);
418 wpa_tdls_deinit(wpa_s->wpa);
419 #endif /* CONFIG_TDLS */
421 pmksa_candidate_free(wpa_s->wpa);
422 wpa_sm_deinit(wpa_s->wpa);
424 wpa_blacklist_clear(wpa_s);
426 wpa_bss_deinit(wpa_s);
428 wpa_supplicant_cancel_scan(wpa_s);
429 wpa_supplicant_cancel_auth_timeout(wpa_s);
430 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
431 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
432 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
434 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
436 wpas_wps_deinit(wpa_s);
438 wpabuf_free(wpa_s->pending_eapol_rx);
439 wpa_s->pending_eapol_rx = NULL;
441 #ifdef CONFIG_IBSS_RSN
442 ibss_rsn_deinit(wpa_s->ibss_rsn);
443 wpa_s->ibss_rsn = NULL;
444 #endif /* CONFIG_IBSS_RSN */
449 wpa_supplicant_ap_deinit(wpa_s);
450 #endif /* CONFIG_AP */
453 wpas_p2p_deinit(wpa_s);
454 #endif /* CONFIG_P2P */
456 #ifdef CONFIG_OFFCHANNEL
457 offchannel_deinit(wpa_s);
458 #endif /* CONFIG_OFFCHANNEL */
460 wpa_supplicant_cancel_sched_scan(wpa_s);
462 os_free(wpa_s->next_scan_freqs);
463 wpa_s->next_scan_freqs = NULL;
465 gas_query_deinit(wpa_s->gas);
468 free_hw_features(wpa_s);
470 os_free(wpa_s->bssid_filter);
471 wpa_s->bssid_filter = NULL;
473 wnm_bss_keep_alive_deinit(wpa_s);
475 ext_password_deinit(wpa_s->ext_pw);
476 wpa_s->ext_pw = NULL;
478 wpabuf_free(wpa_s->last_gas_resp);
483 * wpa_clear_keys - Clear keys configured for the driver
484 * @wpa_s: Pointer to wpa_supplicant data
485 * @addr: Previously used BSSID or %NULL if not available
487 * This function clears the encryption keys that has been previously configured
490 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
492 if (wpa_s->keys_cleared) {
493 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
494 * timing issues with keys being cleared just before new keys
495 * are set or just after association or something similar. This
496 * shows up in group key handshake failing often because of the
497 * client not receiving the first encrypted packets correctly.
498 * Skipping some of the extra key clearing steps seems to help
499 * in completing group key handshake more reliably. */
500 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
501 "skip key clearing");
505 /* MLME-DELETEKEYS.request */
506 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
507 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
508 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
509 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
510 #ifdef CONFIG_IEEE80211W
511 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
512 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
513 #endif /* CONFIG_IEEE80211W */
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
517 /* MLME-SETPROTECTION.request(None) */
518 wpa_drv_mlme_setprotection(
520 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
521 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
523 wpa_s->keys_cleared = 1;
528 * wpa_supplicant_state_txt - Get the connection state name as a text string
529 * @state: State (wpa_state; WPA_*)
530 * Returns: The state name as a printable text string
532 const char * wpa_supplicant_state_txt(enum wpa_states state)
535 case WPA_DISCONNECTED:
536 return "DISCONNECTED";
539 case WPA_INTERFACE_DISABLED:
540 return "INTERFACE_DISABLED";
543 case WPA_AUTHENTICATING:
544 return "AUTHENTICATING";
545 case WPA_ASSOCIATING:
546 return "ASSOCIATING";
549 case WPA_4WAY_HANDSHAKE:
550 return "4WAY_HANDSHAKE";
551 case WPA_GROUP_HANDSHAKE:
552 return "GROUP_HANDSHAKE";
563 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
565 if (wpas_driver_bss_selection(wpa_s))
567 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
570 bgscan_deinit(wpa_s);
571 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
572 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
573 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
576 * Live without bgscan; it is only used as a roaming
577 * optimization, so the initial connection is not
581 struct wpa_scan_results *scan_res;
582 wpa_s->bgscan_ssid = wpa_s->current_ssid;
583 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
586 bgscan_notify_scan(wpa_s, scan_res);
587 wpa_scan_results_free(scan_res);
591 wpa_s->bgscan_ssid = NULL;
595 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
597 if (wpa_s->bgscan_ssid != NULL) {
598 bgscan_deinit(wpa_s);
599 wpa_s->bgscan_ssid = NULL;
603 #endif /* CONFIG_BGSCAN */
606 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
608 if (autoscan_init(wpa_s, 0))
609 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
613 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
615 autoscan_deinit(wpa_s);
619 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
621 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
622 wpa_s->wpa_state == WPA_SCANNING) {
623 autoscan_deinit(wpa_s);
624 wpa_supplicant_start_autoscan(wpa_s);
630 * wpa_supplicant_set_state - Set current connection state
631 * @wpa_s: Pointer to wpa_supplicant data
632 * @state: The new connection state
634 * This function is called whenever the connection state changes, e.g.,
635 * association is completed for WPA/WPA2 4-Way Handshake is started.
637 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
638 enum wpa_states state)
640 enum wpa_states old_state = wpa_s->wpa_state;
642 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
643 wpa_supplicant_state_txt(wpa_s->wpa_state),
644 wpa_supplicant_state_txt(state));
647 if(state == WPA_ASSOCIATED && wpa_s->current_ssid) {
648 wpa_s->current_ssid->assoc_retry = 0;
650 #endif /* ANDROID_P2P */
652 if (state != WPA_SCANNING)
653 wpa_supplicant_notify_scanning(wpa_s, 0);
655 if (state == WPA_COMPLETED && wpa_s->new_connection) {
656 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
657 struct wpa_ssid *ssid = wpa_s->current_ssid;
658 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
659 MACSTR " completed %s [id=%d id_str=%s]",
660 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
661 "(reauth)" : "(auth)",
662 ssid ? ssid->id : -1,
663 ssid && ssid->id_str ? ssid->id_str : "");
664 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
665 wpas_clear_temp_disabled(wpa_s, ssid, 1);
666 wpa_s->new_connection = 0;
667 wpa_s->reassociated_connection = 1;
668 wpa_drv_set_operstate(wpa_s, 1);
669 #ifndef IEEE8021X_EAPOL
670 wpa_drv_set_supp_port(wpa_s, 1);
671 #endif /* IEEE8021X_EAPOL */
672 wpa_s->after_wps = 0;
674 wpas_p2p_completed(wpa_s);
675 #endif /* CONFIG_P2P */
677 sme_sched_obss_scan(wpa_s, 1);
678 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
679 state == WPA_ASSOCIATED) {
680 wpa_s->new_connection = 1;
681 wpa_drv_set_operstate(wpa_s, 0);
682 #ifndef IEEE8021X_EAPOL
683 wpa_drv_set_supp_port(wpa_s, 0);
684 #endif /* IEEE8021X_EAPOL */
685 sme_sched_obss_scan(wpa_s, 0);
687 wpa_s->wpa_state = state;
690 if (state == WPA_COMPLETED)
691 wpa_supplicant_start_bgscan(wpa_s);
693 wpa_supplicant_stop_bgscan(wpa_s);
694 #endif /* CONFIG_BGSCAN */
696 if (state == WPA_AUTHENTICATING)
697 wpa_supplicant_stop_autoscan(wpa_s);
699 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
700 wpa_supplicant_start_autoscan(wpa_s);
702 if (wpa_s->wpa_state != old_state) {
703 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
705 if (wpa_s->wpa_state == WPA_COMPLETED ||
706 old_state == WPA_COMPLETED)
707 wpas_notify_auth_changed(wpa_s);
712 void wpa_supplicant_terminate_proc(struct wpa_global *global)
716 struct wpa_supplicant *wpa_s = global->ifaces;
718 if (wpas_wps_terminate_pending(wpa_s) == 1)
722 #endif /* CONFIG_WPS */
729 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
731 struct wpa_global *global = signal_ctx;
732 wpa_supplicant_terminate_proc(global);
736 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
738 enum wpa_states old_state = wpa_s->wpa_state;
740 wpa_s->pairwise_cipher = 0;
741 wpa_s->group_cipher = 0;
742 wpa_s->mgmt_group_cipher = 0;
744 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
745 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
747 if (wpa_s->wpa_state != old_state)
748 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
753 * wpa_supplicant_reload_configuration - Reload configuration data
754 * @wpa_s: Pointer to wpa_supplicant data
755 * Returns: 0 on success or -1 if configuration parsing failed
757 * This function can be used to request that the configuration data is reloaded
758 * (e.g., after configuration file change). This function is reloading
759 * configuration only for one interface, so this may need to be called multiple
760 * times if %wpa_supplicant is controlling multiple interfaces and all
761 * interfaces need reconfiguration.
763 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
765 struct wpa_config *conf;
769 if (wpa_s->confname == NULL)
771 conf = wpa_config_read(wpa_s->confname);
773 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
774 "file '%s' - exiting", wpa_s->confname);
777 conf->changed_parameters = (unsigned int) -1;
779 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
780 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
781 os_strcmp(conf->ctrl_interface,
782 wpa_s->conf->ctrl_interface) != 0);
784 if (reconf_ctrl && wpa_s->ctrl_iface) {
785 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
786 wpa_s->ctrl_iface = NULL;
789 eapol_sm_invalidate_cached_session(wpa_s->eapol);
790 if (wpa_s->current_ssid) {
791 wpa_supplicant_deauthenticate(wpa_s,
792 WLAN_REASON_DEAUTH_LEAVING);
796 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
797 * pkcs11_engine_path, pkcs11_module_path.
799 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
801 * Clear forced success to clear EAP state for next
804 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
806 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
807 wpa_sm_set_config(wpa_s->wpa, NULL);
808 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
809 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
810 rsn_preauth_deinit(wpa_s->wpa);
812 old_ap_scan = wpa_s->conf->ap_scan;
813 wpa_config_free(wpa_s->conf);
815 if (old_ap_scan != wpa_s->conf->ap_scan)
816 wpas_notify_ap_scan_changed(wpa_s);
819 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
821 wpa_supplicant_update_config(wpa_s);
823 wpa_supplicant_clear_status(wpa_s);
824 if (wpa_supplicant_enabled_networks(wpa_s)) {
825 wpa_s->reassociate = 1;
826 wpa_supplicant_req_scan(wpa_s, 0, 0);
828 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
833 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
835 struct wpa_global *global = signal_ctx;
836 struct wpa_supplicant *wpa_s;
837 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
838 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
840 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
841 wpa_supplicant_terminate_proc(global);
847 enum wpa_cipher cipher_suite2driver(int cipher)
850 case WPA_CIPHER_NONE:
852 case WPA_CIPHER_WEP40:
854 case WPA_CIPHER_WEP104:
855 return CIPHER_WEP104;
856 case WPA_CIPHER_CCMP:
858 case WPA_CIPHER_GCMP:
860 case WPA_CIPHER_TKIP:
867 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
870 case WPA_KEY_MGMT_NONE:
871 return KEY_MGMT_NONE;
872 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
873 return KEY_MGMT_802_1X_NO_WPA;
874 case WPA_KEY_MGMT_IEEE8021X:
875 return KEY_MGMT_802_1X;
876 case WPA_KEY_MGMT_WPA_NONE:
877 return KEY_MGMT_WPA_NONE;
878 case WPA_KEY_MGMT_FT_IEEE8021X:
879 return KEY_MGMT_FT_802_1X;
880 case WPA_KEY_MGMT_FT_PSK:
881 return KEY_MGMT_FT_PSK;
882 case WPA_KEY_MGMT_IEEE8021X_SHA256:
883 return KEY_MGMT_802_1X_SHA256;
884 case WPA_KEY_MGMT_PSK_SHA256:
885 return KEY_MGMT_PSK_SHA256;
886 case WPA_KEY_MGMT_WPS:
888 case WPA_KEY_MGMT_PSK:
895 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
896 struct wpa_ssid *ssid,
897 struct wpa_ie_data *ie)
899 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
902 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
903 "from association info");
908 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
910 if (!(ie->group_cipher & ssid->group_cipher)) {
911 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
912 "cipher 0x%x (mask 0x%x) - reject",
913 ie->group_cipher, ssid->group_cipher);
916 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
917 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
918 "cipher 0x%x (mask 0x%x) - reject",
919 ie->pairwise_cipher, ssid->pairwise_cipher);
922 if (!(ie->key_mgmt & ssid->key_mgmt)) {
923 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
924 "management 0x%x (mask 0x%x) - reject",
925 ie->key_mgmt, ssid->key_mgmt);
929 #ifdef CONFIG_IEEE80211W
930 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
931 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
932 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
933 "that does not support management frame protection - "
937 #endif /* CONFIG_IEEE80211W */
944 * wpa_supplicant_set_suites - Set authentication and encryption parameters
945 * @wpa_s: Pointer to wpa_supplicant data
946 * @bss: Scan results for the selected BSS, or %NULL if not available
947 * @ssid: Configuration data for the selected network
948 * @wpa_ie: Buffer for the WPA/RSN IE
949 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
950 * used buffer length in case the functions returns success.
951 * Returns: 0 on success or -1 on failure
953 * This function is used to configure authentication and encryption parameters
954 * based on the network configuration and scan result for the selected BSS (if
957 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
958 struct wpa_bss *bss, struct wpa_ssid *ssid,
959 u8 *wpa_ie, size_t *wpa_ie_len)
961 struct wpa_ie_data ie;
963 const u8 *bss_wpa, *bss_rsn;
966 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
967 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
969 bss_wpa = bss_rsn = NULL;
971 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
972 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
973 (ie.group_cipher & ssid->group_cipher) &&
974 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
975 (ie.key_mgmt & ssid->key_mgmt)) {
976 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
977 proto = WPA_PROTO_RSN;
978 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
979 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
980 (ie.group_cipher & ssid->group_cipher) &&
981 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
982 (ie.key_mgmt & ssid->key_mgmt)) {
983 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
984 proto = WPA_PROTO_WPA;
986 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
989 if (ssid->proto & WPA_PROTO_RSN)
990 proto = WPA_PROTO_RSN;
992 proto = WPA_PROTO_WPA;
993 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
994 os_memset(&ie, 0, sizeof(ie));
995 ie.group_cipher = ssid->group_cipher;
996 ie.pairwise_cipher = ssid->pairwise_cipher;
997 ie.key_mgmt = ssid->key_mgmt;
998 #ifdef CONFIG_IEEE80211W
999 ie.mgmt_group_cipher =
1000 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1001 WPA_CIPHER_AES_128_CMAC : 0;
1002 #endif /* CONFIG_IEEE80211W */
1003 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1004 "based on configuration");
1009 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1010 "pairwise %d key_mgmt %d proto %d",
1011 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1012 #ifdef CONFIG_IEEE80211W
1013 if (ssid->ieee80211w) {
1014 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1015 ie.mgmt_group_cipher);
1017 #endif /* CONFIG_IEEE80211W */
1019 wpa_s->wpa_proto = proto;
1020 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1021 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1022 !!(ssid->proto & WPA_PROTO_RSN));
1024 if (bss || !wpa_s->ap_ies_from_associnfo) {
1025 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1026 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1027 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1028 bss_rsn ? 2 + bss_rsn[1] : 0))
1032 sel = ie.group_cipher & ssid->group_cipher;
1033 if (sel & WPA_CIPHER_CCMP) {
1034 wpa_s->group_cipher = WPA_CIPHER_CCMP;
1035 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
1036 } else if (sel & WPA_CIPHER_GCMP) {
1037 wpa_s->group_cipher = WPA_CIPHER_GCMP;
1038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK GCMP");
1039 } else if (sel & WPA_CIPHER_TKIP) {
1040 wpa_s->group_cipher = WPA_CIPHER_TKIP;
1041 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
1042 } else if (sel & WPA_CIPHER_WEP104) {
1043 wpa_s->group_cipher = WPA_CIPHER_WEP104;
1044 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
1045 } else if (sel & WPA_CIPHER_WEP40) {
1046 wpa_s->group_cipher = WPA_CIPHER_WEP40;
1047 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
1049 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1054 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1055 if (sel & WPA_CIPHER_CCMP) {
1056 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
1057 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
1058 } else if (sel & WPA_CIPHER_GCMP) {
1059 wpa_s->pairwise_cipher = WPA_CIPHER_GCMP;
1060 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK GCMP");
1061 } else if (sel & WPA_CIPHER_TKIP) {
1062 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
1063 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
1064 } else if (sel & WPA_CIPHER_NONE) {
1065 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1066 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
1068 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1073 sel = ie.key_mgmt & ssid->key_mgmt;
1075 #ifdef CONFIG_IEEE80211R
1076 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1077 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1078 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1079 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1080 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1081 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1082 #endif /* CONFIG_IEEE80211R */
1083 #ifdef CONFIG_IEEE80211W
1084 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1085 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1086 wpa_dbg(wpa_s, MSG_DEBUG,
1087 "WPA: using KEY_MGMT 802.1X with SHA256");
1088 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1089 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1090 wpa_dbg(wpa_s, MSG_DEBUG,
1091 "WPA: using KEY_MGMT PSK with SHA256");
1092 #endif /* CONFIG_IEEE80211W */
1093 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1094 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1095 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1096 } else if (sel & WPA_KEY_MGMT_PSK) {
1097 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1098 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1099 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1100 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1101 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1103 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1104 "authenticated key management type");
1108 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1109 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1110 wpa_s->pairwise_cipher);
1111 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1113 #ifdef CONFIG_IEEE80211W
1114 sel = ie.mgmt_group_cipher;
1115 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
1116 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1118 if (sel & WPA_CIPHER_AES_128_CMAC) {
1119 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1120 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1123 wpa_s->mgmt_group_cipher = 0;
1124 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1126 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1127 wpa_s->mgmt_group_cipher);
1128 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
1129 #endif /* CONFIG_IEEE80211W */
1131 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1132 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1136 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1137 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1138 #ifndef CONFIG_NO_PBKDF2
1139 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1142 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1143 4096, psk, PMK_LEN);
1144 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1146 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1148 #endif /* CONFIG_NO_PBKDF2 */
1149 #ifdef CONFIG_EXT_PASSWORD
1150 if (ssid->ext_psk) {
1151 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1153 char pw_str[64 + 1];
1157 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1158 "found from external storage");
1162 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1163 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1164 "PSK length %d in external storage",
1165 (int) wpabuf_len(pw));
1166 ext_password_free(pw);
1170 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1171 pw_str[wpabuf_len(pw)] = '\0';
1173 #ifndef CONFIG_NO_PBKDF2
1174 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1176 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1177 4096, psk, PMK_LEN);
1178 os_memset(pw_str, 0, sizeof(pw_str));
1179 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1180 "external passphrase)",
1182 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1184 #endif /* CONFIG_NO_PBKDF2 */
1185 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1186 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1187 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1188 "Invalid PSK hex string");
1189 os_memset(pw_str, 0, sizeof(pw_str));
1190 ext_password_free(pw);
1193 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1195 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1197 os_memset(pw_str, 0, sizeof(pw_str));
1198 ext_password_free(pw);
1202 os_memset(pw_str, 0, sizeof(pw_str));
1203 ext_password_free(pw);
1205 #endif /* CONFIG_EXT_PASSWORD */
1207 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1214 * wpa_supplicant_associate - Request association
1215 * @wpa_s: Pointer to wpa_supplicant data
1216 * @bss: Scan results for the selected BSS, or %NULL if not available
1217 * @ssid: Configuration data for the selected network
1219 * This function is used to request %wpa_supplicant to associate with a BSS.
1221 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1222 struct wpa_bss *bss, struct wpa_ssid *ssid)
1226 int use_crypt, ret, i, bssid_changed;
1227 int algs = WPA_AUTH_ALG_OPEN;
1228 enum wpa_cipher cipher_pairwise, cipher_group;
1229 struct wpa_driver_associate_params params;
1230 int wep_keys_set = 0;
1231 struct wpa_driver_capa capa;
1232 int assoc_failed = 0;
1233 struct wpa_ssid *old_ssid;
1234 #ifdef CONFIG_HT_OVERRIDES
1235 struct ieee80211_ht_capabilities htcaps;
1236 struct ieee80211_ht_capabilities htcaps_mask;
1237 #endif /* CONFIG_HT_OVERRIDES */
1239 #ifdef CONFIG_IBSS_RSN
1240 ibss_rsn_deinit(wpa_s->ibss_rsn);
1241 wpa_s->ibss_rsn = NULL;
1242 #endif /* CONFIG_IBSS_RSN */
1247 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1248 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1250 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1251 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1255 wpa_supplicant_create_ap(wpa_s, ssid);
1256 wpa_s->current_bss = bss;
1257 #else /* CONFIG_AP */
1258 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1260 #endif /* CONFIG_AP */
1266 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1268 #endif /* CONFIG_TDLS */
1270 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1271 ssid->mode == IEEE80211_MODE_INFRA) {
1272 sme_authenticate(wpa_s, bss, ssid);
1276 os_memset(¶ms, 0, sizeof(params));
1277 wpa_s->reassociate = 0;
1278 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1279 #ifdef CONFIG_IEEE80211R
1280 const u8 *ie, *md = NULL;
1281 #endif /* CONFIG_IEEE80211R */
1282 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1283 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1284 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1285 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1286 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1287 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1289 wpas_notify_bssid_changed(wpa_s);
1290 #ifdef CONFIG_IEEE80211R
1291 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1292 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1294 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1296 /* Prepare for the next transition */
1297 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1299 #endif /* CONFIG_IEEE80211R */
1301 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1302 wpa_s->conf->ap_scan == 2 &&
1303 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1304 /* Use ap_scan==1 style network selection to find the network
1306 wpa_s->scan_req = 2;
1307 wpa_s->reassociate = 1;
1308 wpa_supplicant_req_scan(wpa_s, 0, 0);
1310 #endif /* CONFIG_WPS */
1312 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1313 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1314 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1316 wpa_supplicant_cancel_sched_scan(wpa_s);
1317 wpa_supplicant_cancel_scan(wpa_s);
1319 /* Starting new association, so clear the possibly used WPA IE from the
1320 * previous association. */
1321 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1323 #ifdef IEEE8021X_EAPOL
1324 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1326 if (ssid->non_leap == 0)
1327 algs = WPA_AUTH_ALG_LEAP;
1329 algs |= WPA_AUTH_ALG_LEAP;
1332 #endif /* IEEE8021X_EAPOL */
1333 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1334 if (ssid->auth_alg) {
1335 algs = ssid->auth_alg;
1336 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1340 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1341 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1342 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1343 int try_opportunistic;
1344 try_opportunistic = ssid->proactive_key_caching &&
1345 (ssid->proto & WPA_PROTO_RSN);
1346 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1347 wpa_s->current_ssid,
1348 try_opportunistic) == 0)
1349 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1350 wpa_ie_len = sizeof(wpa_ie);
1351 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1352 wpa_ie, &wpa_ie_len)) {
1353 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1354 "key management and encryption suites");
1357 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1358 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1360 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1361 * use non-WPA since the scan results did not indicate that the
1362 * AP is using WPA or WPA2.
1364 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1366 wpa_s->wpa_proto = 0;
1367 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1368 wpa_ie_len = sizeof(wpa_ie);
1369 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1370 wpa_ie, &wpa_ie_len)) {
1371 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1372 "key management and encryption suites (no "
1377 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1378 struct wpabuf *wps_ie;
1379 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1380 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1381 wpa_ie_len = wpabuf_len(wps_ie);
1382 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1385 wpabuf_free(wps_ie);
1386 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1387 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1388 params.wps = WPS_MODE_PRIVACY;
1390 params.wps = WPS_MODE_OPEN;
1391 wpa_s->wpa_proto = 0;
1392 #endif /* CONFIG_WPS */
1394 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1396 wpa_s->wpa_proto = 0;
1400 if (wpa_s->global->p2p) {
1404 pos = wpa_ie + wpa_ie_len;
1405 len = sizeof(wpa_ie) - wpa_ie_len;
1406 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1412 wpa_s->cross_connect_disallowed = 0;
1415 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1417 wpa_s->cross_connect_disallowed =
1418 p2p_get_cross_connect_disallowed(p2p);
1420 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1422 wpa_s->cross_connect_disallowed ?
1423 "disallows" : "allows");
1426 #endif /* CONFIG_P2P */
1429 if (wpa_s->conf->hs20) {
1430 struct wpabuf *hs20;
1431 hs20 = wpabuf_alloc(20);
1433 wpas_hs20_add_indication(hs20);
1434 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1436 wpa_ie_len += wpabuf_len(hs20);
1440 #endif /* CONFIG_HS20 */
1442 #ifdef CONFIG_INTERWORKING
1443 if (wpa_s->conf->interworking) {
1445 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1447 os_memmove(pos + 6, pos, wpa_ie_len - (pos - wpa_ie));
1449 *pos++ = WLAN_EID_EXT_CAPAB;
1454 *pos++ = 0x80; /* Bit 31 - Interworking */
1456 #endif /* CONFIG_INTERWORKING */
1458 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1460 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1461 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1462 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1463 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1464 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1466 if (wpa_set_wep_keys(wpa_s, ssid)) {
1471 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1474 #ifdef IEEE8021X_EAPOL
1475 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1476 if ((ssid->eapol_flags &
1477 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1478 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1482 /* Assume that dynamic WEP-104 keys will be used and
1483 * set cipher suites in order for drivers to expect
1485 cipher_pairwise = cipher_group = CIPHER_WEP104;
1488 #endif /* IEEE8021X_EAPOL */
1490 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1491 /* Set the key before (and later after) association */
1492 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1495 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1497 params.ssid = bss->ssid;
1498 params.ssid_len = bss->ssid_len;
1499 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1500 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1501 MACSTR " freq=%u MHz based on scan results "
1503 MAC2STR(bss->bssid), bss->freq,
1505 params.bssid = bss->bssid;
1506 params.freq = bss->freq;
1509 params.ssid = ssid->ssid;
1510 params.ssid_len = ssid->ssid_len;
1513 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1514 wpa_s->conf->ap_scan == 2) {
1515 params.bssid = ssid->bssid;
1516 params.fixed_bssid = 1;
1519 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1521 params.freq = ssid->frequency; /* Initial channel for IBSS */
1522 params.wpa_ie = wpa_ie;
1523 params.wpa_ie_len = wpa_ie_len;
1524 params.pairwise_suite = cipher_pairwise;
1525 params.group_suite = cipher_group;
1526 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1527 params.wpa_proto = wpa_s->wpa_proto;
1528 params.auth_alg = algs;
1529 params.mode = ssid->mode;
1530 params.bg_scan_period = ssid->bg_scan_period;
1531 for (i = 0; i < NUM_WEP_KEYS; i++) {
1532 if (ssid->wep_key_len[i])
1533 params.wep_key[i] = ssid->wep_key[i];
1534 params.wep_key_len[i] = ssid->wep_key_len[i];
1536 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1538 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1539 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1540 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1541 params.passphrase = ssid->passphrase;
1543 params.psk = ssid->psk;
1546 params.drop_unencrypted = use_crypt;
1548 #ifdef CONFIG_IEEE80211W
1549 params.mgmt_frame_protection = ssid->ieee80211w;
1550 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1551 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1552 struct wpa_ie_data ie;
1553 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1555 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1556 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1557 "MFP: require MFP");
1558 params.mgmt_frame_protection =
1559 MGMT_FRAME_PROTECTION_REQUIRED;
1562 #endif /* CONFIG_IEEE80211W */
1564 params.p2p = ssid->p2p_group;
1566 if (wpa_s->parent->set_sta_uapsd)
1567 params.uapsd = wpa_s->parent->sta_uapsd;
1571 #ifdef CONFIG_HT_OVERRIDES
1572 os_memset(&htcaps, 0, sizeof(htcaps));
1573 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1574 params.htcaps = (u8 *) &htcaps;
1575 params.htcaps_mask = (u8 *) &htcaps_mask;
1576 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1577 #endif /* CONFIG_HT_OVERRIDES */
1580 /* If multichannel concurrency is not supported, check for any frequency
1581 * conflict and take appropriate action.
1583 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MULTI_CHANNEL_CONCURRENT) &&
1584 ((freq = wpa_drv_shared_freq(wpa_s)) > 0) && (freq != params.freq)) {
1585 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)"
1586 , freq, params.freq);
1587 if (wpas_p2p_handle_frequency_conflicts(wpa_s, params.freq) < 0) {
1588 /* Handling conflicts failed. Disable the current connect req and
1589 * notify the userspace to take appropriate action */
1590 wpa_printf(MSG_DEBUG, "proiritize is not set. Notifying user space to handle the case");
1591 wpa_supplicant_disable_network(wpa_s, ssid);
1592 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_FREQ_CONFLICT
1593 " id=%d", ssid->id);
1594 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1599 ret = wpa_drv_associate(wpa_s, ¶ms);
1601 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1603 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1605 * The driver is known to mean what is saying, so we
1606 * can stop right here; the association will not
1609 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1610 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1611 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1614 /* try to continue anyway; new association will be tried again
1619 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1620 /* Set the key after the association just in case association
1621 * cleared the previously configured key. */
1622 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1623 /* No need to timeout authentication since there is no key
1625 wpa_supplicant_cancel_auth_timeout(wpa_s);
1626 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1627 #ifdef CONFIG_IBSS_RSN
1628 } else if (ssid->mode == WPAS_MODE_IBSS &&
1629 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1630 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1632 * RSN IBSS authentication is per-STA and we can disable the
1633 * per-BSSID authentication.
1635 wpa_supplicant_cancel_auth_timeout(wpa_s);
1636 #endif /* CONFIG_IBSS_RSN */
1638 /* Timeout for IEEE 802.11 authentication and association */
1642 /* give IBSS a bit more time */
1643 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1644 } else if (wpa_s->conf->ap_scan == 1) {
1645 /* give IBSS a bit more time */
1646 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1648 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1651 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1652 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1653 /* Set static WEP keys again */
1654 wpa_set_wep_keys(wpa_s, ssid);
1657 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1659 * Do not allow EAP session resumption between different
1660 * network configurations.
1662 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1664 old_ssid = wpa_s->current_ssid;
1665 wpa_s->current_ssid = ssid;
1666 wpa_s->current_bss = bss;
1667 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1668 wpa_supplicant_initiate_eapol(wpa_s);
1669 if (old_ssid != wpa_s->current_ssid)
1670 wpas_notify_network_changed(wpa_s);
1674 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1677 struct wpa_ssid *old_ssid;
1679 wpa_clear_keys(wpa_s, addr);
1680 old_ssid = wpa_s->current_ssid;
1681 wpa_supplicant_mark_disassoc(wpa_s);
1682 wpa_sm_set_config(wpa_s->wpa, NULL);
1683 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1684 if (old_ssid != wpa_s->current_ssid)
1685 wpas_notify_network_changed(wpa_s);
1686 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1691 * wpa_supplicant_disassociate - Disassociate the current connection
1692 * @wpa_s: Pointer to wpa_supplicant data
1693 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1695 * This function is used to request %wpa_supplicant to disassociate with the
1698 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1702 union wpa_event_data event;
1704 if (!is_zero_ether_addr(wpa_s->bssid)) {
1705 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1706 addr = wpa_s->bssid;
1707 os_memset(&event, 0, sizeof(event));
1708 event.disassoc_info.reason_code = (u16) reason_code;
1709 event.disassoc_info.locally_generated = 1;
1710 wpa_supplicant_event(wpa_s, EVENT_DISASSOC, &event);
1713 wpa_supplicant_clear_connection(wpa_s, addr);
1718 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1719 * @wpa_s: Pointer to wpa_supplicant data
1720 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1722 * This function is used to request %wpa_supplicant to deauthenticate from the
1725 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1729 union wpa_event_data event;
1731 if (!is_zero_ether_addr(wpa_s->bssid)) {
1732 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
1733 addr = wpa_s->bssid;
1734 os_memset(&event, 0, sizeof(event));
1735 event.deauth_info.reason_code = (u16) reason_code;
1736 event.deauth_info.locally_generated = 1;
1737 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1740 wpa_supplicant_clear_connection(wpa_s, addr);
1745 * wpa_supplicant_enable_network - Mark a configured network as enabled
1746 * @wpa_s: wpa_supplicant structure for a network interface
1747 * @ssid: wpa_ssid structure for a configured network or %NULL
1749 * Enables the specified network or all networks if no network specified.
1751 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1752 struct wpa_ssid *ssid)
1754 struct wpa_ssid *other_ssid;
1758 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1759 other_ssid = other_ssid->next) {
1760 if (other_ssid->disabled == 2)
1761 continue; /* do not change persistent P2P group
1763 if (other_ssid == wpa_s->current_ssid &&
1764 other_ssid->disabled)
1765 wpa_s->reassociate = 1;
1767 was_disabled = other_ssid->disabled;
1769 other_ssid->disabled = 0;
1771 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1773 if (was_disabled != other_ssid->disabled)
1774 wpas_notify_network_enabled_changed(
1777 if (wpa_s->reassociate)
1778 wpa_supplicant_req_scan(wpa_s, 0, 0);
1779 } else if (ssid->disabled && ssid->disabled != 2) {
1780 if (wpa_s->current_ssid == NULL) {
1782 * Try to reassociate since there is no current
1783 * configuration and a new network was made available.
1785 wpa_s->reassociate = 1;
1786 wpa_supplicant_req_scan(wpa_s, 0, 0);
1789 was_disabled = ssid->disabled;
1792 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1794 if (was_disabled != ssid->disabled)
1795 wpas_notify_network_enabled_changed(wpa_s, ssid);
1801 * wpa_supplicant_disable_network - Mark a configured network as disabled
1802 * @wpa_s: wpa_supplicant structure for a network interface
1803 * @ssid: wpa_ssid structure for a configured network or %NULL
1805 * Disables the specified network or all networks if no network specified.
1807 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1808 struct wpa_ssid *ssid)
1810 struct wpa_ssid *other_ssid;
1814 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1815 other_ssid = other_ssid->next) {
1816 was_disabled = other_ssid->disabled;
1817 if (was_disabled == 2)
1818 continue; /* do not change persistent P2P group
1821 other_ssid->disabled = 1;
1823 if (was_disabled != other_ssid->disabled)
1824 wpas_notify_network_enabled_changed(
1827 if (wpa_s->current_ssid)
1828 wpa_supplicant_disassociate(
1829 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1830 } else if (ssid->disabled != 2) {
1831 if (ssid == wpa_s->current_ssid)
1832 wpa_supplicant_disassociate(
1833 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1835 was_disabled = ssid->disabled;
1839 if (was_disabled != ssid->disabled)
1840 wpas_notify_network_enabled_changed(wpa_s, ssid);
1846 * wpa_supplicant_select_network - Attempt association with a network
1847 * @wpa_s: wpa_supplicant structure for a network interface
1848 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1850 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1851 struct wpa_ssid *ssid)
1854 struct wpa_ssid *other_ssid;
1855 int disconnected = 0;
1857 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
1858 wpa_supplicant_disassociate(
1859 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1864 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1867 * Mark all other networks disabled or mark all networks enabled if no
1868 * network specified.
1870 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1871 other_ssid = other_ssid->next) {
1872 int was_disabled = other_ssid->disabled;
1873 if (was_disabled == 2)
1874 continue; /* do not change persistent P2P group data */
1876 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1877 if (was_disabled && !other_ssid->disabled)
1878 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1880 if (was_disabled != other_ssid->disabled)
1881 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1884 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1885 /* We are already associated with the selected network */
1886 wpa_printf(MSG_DEBUG, "Already associated with the "
1887 "selected network - do nothing");
1892 wpa_s->current_ssid = ssid;
1893 wpa_s->connect_without_scan = NULL;
1894 wpa_s->disconnected = 0;
1895 wpa_s->reassociate = 1;
1896 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
1899 wpas_notify_network_selected(wpa_s, ssid);
1904 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1905 * @wpa_s: wpa_supplicant structure for a network interface
1906 * @ap_scan: AP scan mode
1907 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1910 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1915 if (ap_scan < 0 || ap_scan > 2)
1919 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1920 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1921 wpa_s->wpa_state < WPA_COMPLETED) {
1922 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1923 "associating", wpa_s->conf->ap_scan, ap_scan);
1926 #endif /* ANDROID */
1928 old_ap_scan = wpa_s->conf->ap_scan;
1929 wpa_s->conf->ap_scan = ap_scan;
1931 if (old_ap_scan != wpa_s->conf->ap_scan)
1932 wpas_notify_ap_scan_changed(wpa_s);
1939 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1940 * @wpa_s: wpa_supplicant structure for a network interface
1941 * @expire_age: Expiration age in seconds
1942 * Returns: 0 if succeed or -1 if expire_age has an invalid value
1945 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1946 unsigned int bss_expire_age)
1948 if (bss_expire_age < 10) {
1949 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1953 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1955 wpa_s->conf->bss_expiration_age = bss_expire_age;
1962 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1963 * @wpa_s: wpa_supplicant structure for a network interface
1964 * @expire_count: number of scans after which an unseen BSS is reclaimed
1965 * Returns: 0 if succeed or -1 if expire_count has an invalid value
1968 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1969 unsigned int bss_expire_count)
1971 if (bss_expire_count < 1) {
1972 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1976 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
1978 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
1985 * wpa_supplicant_set_scan_interval - Set scan interval
1986 * @wpa_s: wpa_supplicant structure for a network interface
1987 * @scan_interval: scan interval in seconds
1988 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
1991 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
1994 if (scan_interval < 0) {
1995 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
1999 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2001 wpa_s->scan_interval = scan_interval;
2008 * wpa_supplicant_set_debug_params - Set global debug params
2009 * @global: wpa_global structure
2010 * @debug_level: debug level
2011 * @debug_timestamp: determines if show timestamp in debug data
2012 * @debug_show_keys: determines if show keys in debug data
2013 * Returns: 0 if succeed or -1 if debug_level has wrong value
2015 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2016 int debug_timestamp, int debug_show_keys)
2019 int old_level, old_timestamp, old_show_keys;
2021 /* check for allowed debuglevels */
2022 if (debug_level != MSG_EXCESSIVE &&
2023 debug_level != MSG_MSGDUMP &&
2024 debug_level != MSG_DEBUG &&
2025 debug_level != MSG_INFO &&
2026 debug_level != MSG_WARNING &&
2027 debug_level != MSG_ERROR)
2030 old_level = wpa_debug_level;
2031 old_timestamp = wpa_debug_timestamp;
2032 old_show_keys = wpa_debug_show_keys;
2034 wpa_debug_level = debug_level;
2035 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2036 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2038 if (wpa_debug_level != old_level)
2039 wpas_notify_debug_level_changed(global);
2040 if (wpa_debug_timestamp != old_timestamp)
2041 wpas_notify_debug_timestamp_changed(global);
2042 if (wpa_debug_show_keys != old_show_keys)
2043 wpas_notify_debug_show_keys_changed(global);
2050 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2051 * @wpa_s: Pointer to wpa_supplicant data
2052 * Returns: A pointer to the current network structure or %NULL on failure
2054 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2056 struct wpa_ssid *entry;
2057 u8 ssid[MAX_SSID_LEN];
2063 res = wpa_drv_get_ssid(wpa_s, ssid);
2065 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2071 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2072 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2077 wired = wpa_s->conf->ap_scan == 0 &&
2078 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2080 entry = wpa_s->conf->ssid;
2082 if (!wpas_network_disabled(wpa_s, entry) &&
2083 ((ssid_len == entry->ssid_len &&
2084 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2085 (!entry->bssid_set ||
2086 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2089 if (!wpas_network_disabled(wpa_s, entry) &&
2090 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2091 (entry->ssid == NULL || entry->ssid_len == 0) &&
2092 (!entry->bssid_set ||
2093 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2095 #endif /* CONFIG_WPS */
2097 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2098 entry->ssid_len == 0 &&
2099 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2102 entry = entry->next;
2109 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2111 struct wpa_global *global = wpa_s->global;
2113 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2114 global->drv_priv[i] = wpa_drivers[i]->global_init();
2115 if (global->drv_priv[i] == NULL) {
2116 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2117 "'%s'", wpa_drivers[i]->name);
2122 wpa_s->driver = wpa_drivers[i];
2123 wpa_s->global_drv_priv = global->drv_priv[i];
2129 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2134 const char *pos, *driver = name;
2139 if (wpa_drivers[0] == NULL) {
2140 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2146 /* default to first driver in the list */
2147 return select_driver(wpa_s, 0);
2151 pos = os_strchr(driver, ',');
2155 len = os_strlen(driver);
2157 for (i = 0; wpa_drivers[i]; i++) {
2158 if (os_strlen(wpa_drivers[i]->name) == len &&
2159 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2161 /* First driver that succeeds wins */
2162 if (select_driver(wpa_s, i) == 0)
2170 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2176 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2177 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2178 * with struct wpa_driver_ops::init()
2179 * @src_addr: Source address of the EAPOL frame
2180 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2181 * @len: Length of the EAPOL data
2183 * This function is called for each received EAPOL frame. Most driver
2184 * interfaces rely on more generic OS mechanism for receiving frames through
2185 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2186 * take care of received EAPOL frames and deliver them to the core supplicant
2187 * code by calling this function.
2189 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2190 const u8 *buf, size_t len)
2192 struct wpa_supplicant *wpa_s = ctx;
2194 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2195 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2197 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
2199 * There is possible race condition between receiving the
2200 * association event and the EAPOL frame since they are coming
2201 * through different paths from the driver. In order to avoid
2202 * issues in trying to process the EAPOL frame before receiving
2203 * association information, lets queue it for processing until
2204 * the association event is received.
2206 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2207 "of received EAPOL frame");
2208 wpabuf_free(wpa_s->pending_eapol_rx);
2209 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2210 if (wpa_s->pending_eapol_rx) {
2211 os_get_time(&wpa_s->pending_eapol_rx_time);
2212 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2219 if (wpa_s->ap_iface) {
2220 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2223 #endif /* CONFIG_AP */
2225 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2226 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2227 "no key management is configured");
2231 if (wpa_s->eapol_received == 0 &&
2232 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2233 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2234 wpa_s->wpa_state != WPA_COMPLETED) &&
2235 (wpa_s->current_ssid == NULL ||
2236 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2237 /* Timeout for completing IEEE 802.1X and WPA authentication */
2238 wpa_supplicant_req_auth_timeout(
2240 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2241 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2242 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2245 wpa_s->eapol_received++;
2247 if (wpa_s->countermeasures) {
2248 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2253 #ifdef CONFIG_IBSS_RSN
2254 if (wpa_s->current_ssid &&
2255 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2256 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2259 #endif /* CONFIG_IBSS_RSN */
2261 /* Source address of the incoming EAPOL frame could be compared to the
2262 * current BSSID. However, it is possible that a centralized
2263 * Authenticator could be using another MAC address than the BSSID of
2264 * an AP, so just allow any address to be used for now. The replies are
2265 * still sent to the current BSSID (if available), though. */
2267 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2268 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2269 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2271 wpa_drv_poll(wpa_s);
2272 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2273 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2274 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2276 * Set portValid = TRUE here since we are going to skip 4-way
2277 * handshake processing which would normally set portValid. We
2278 * need this to allow the EAPOL state machines to be completed
2279 * without going through EAPOL-Key handshake.
2281 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2286 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2288 if (wpa_s->driver->send_eapol) {
2289 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2291 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2292 } else if (!(wpa_s->drv_flags &
2293 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2294 l2_packet_deinit(wpa_s->l2);
2295 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2296 wpa_drv_get_mac_addr(wpa_s),
2298 wpa_supplicant_rx_eapol, wpa_s, 0);
2299 if (wpa_s->l2 == NULL)
2302 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2304 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2307 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2308 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2312 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2313 MAC2STR(wpa_s->own_addr));
2314 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2320 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2321 const u8 *buf, size_t len)
2323 struct wpa_supplicant *wpa_s = ctx;
2324 const struct l2_ethhdr *eth;
2326 if (len < sizeof(*eth))
2328 eth = (const struct l2_ethhdr *) buf;
2330 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2331 !(eth->h_dest[0] & 0x01)) {
2332 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2333 " (bridge - not for this interface - ignore)",
2334 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2338 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2339 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2340 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2341 len - sizeof(*eth));
2346 * wpa_supplicant_driver_init - Initialize driver interface parameters
2347 * @wpa_s: Pointer to wpa_supplicant data
2348 * Returns: 0 on success, -1 on failure
2350 * This function is called to initialize driver interface parameters.
2351 * wpa_drv_init() must have been called before this function to initialize the
2354 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2356 static int interface_count = 0;
2358 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2361 if (wpa_s->bridge_ifname[0]) {
2362 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2363 "interface '%s'", wpa_s->bridge_ifname);
2364 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2367 wpa_supplicant_rx_eapol_bridge,
2369 if (wpa_s->l2_br == NULL) {
2370 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2371 "connection for the bridge interface '%s'",
2372 wpa_s->bridge_ifname);
2377 wpa_clear_keys(wpa_s, NULL);
2379 /* Make sure that TKIP countermeasures are not left enabled (could
2380 * happen if wpa_supplicant is killed during countermeasures. */
2381 wpa_drv_set_countermeasures(wpa_s, 0);
2383 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2384 wpa_drv_flush_pmkid(wpa_s);
2386 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2387 wpa_s->prev_scan_wildcard = 0;
2389 if (wpa_supplicant_enabled_networks(wpa_s)) {
2390 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2392 wpa_supplicant_req_scan(wpa_s, interface_count,
2396 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2402 static int wpa_supplicant_daemon(const char *pid_file)
2404 wpa_printf(MSG_DEBUG, "Daemonize..");
2405 return os_daemonize(pid_file);
2409 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2411 struct wpa_supplicant *wpa_s;
2413 wpa_s = os_zalloc(sizeof(*wpa_s));
2416 wpa_s->scan_req = 1;
2417 wpa_s->scan_interval = 5;
2418 wpa_s->new_connection = 1;
2419 wpa_s->parent = wpa_s;
2420 wpa_s->sched_scanning = 0;
2426 #ifdef CONFIG_HT_OVERRIDES
2428 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2429 struct ieee80211_ht_capabilities *htcaps,
2430 struct ieee80211_ht_capabilities *htcaps_mask,
2433 /* parse ht_mcs into hex array */
2435 const char *tmp = ht_mcs;
2438 /* If ht_mcs is null, do not set anything */
2442 /* This is what we are setting in the kernel */
2443 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2445 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2447 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2449 long v = strtol(tmp, &end, 16);
2451 wpa_msg(wpa_s, MSG_DEBUG,
2452 "htcap value[%i]: %ld end: %p tmp: %p",
2457 htcaps->supported_mcs_set[i] = v;
2460 wpa_msg(wpa_s, MSG_ERROR,
2461 "Failed to parse ht-mcs: %s, error: %s\n",
2462 ht_mcs, strerror(errno));
2468 * If we were able to parse any values, then set mask for the MCS set.
2471 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2472 IEEE80211_HT_MCS_MASK_LEN - 1);
2473 /* skip the 3 reserved bits */
2474 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2482 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2483 struct ieee80211_ht_capabilities *htcaps,
2484 struct ieee80211_ht_capabilities *htcaps_mask,
2489 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2494 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2495 htcaps_mask->ht_capabilities_info |= msk;
2497 htcaps->ht_capabilities_info &= msk;
2499 htcaps->ht_capabilities_info |= msk;
2505 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2506 struct ieee80211_ht_capabilities *htcaps,
2507 struct ieee80211_ht_capabilities *htcaps_mask,
2510 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2515 if (factor < 0 || factor > 3) {
2516 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2517 "Must be 0-3 or -1", factor);
2521 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2522 htcaps->a_mpdu_params &= ~0x3;
2523 htcaps->a_mpdu_params |= factor & 0x3;
2529 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2530 struct ieee80211_ht_capabilities *htcaps,
2531 struct ieee80211_ht_capabilities *htcaps_mask,
2534 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2539 if (density < 0 || density > 7) {
2540 wpa_msg(wpa_s, MSG_ERROR,
2541 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2546 htcaps_mask->a_mpdu_params |= 0x1C;
2547 htcaps->a_mpdu_params &= ~(0x1C);
2548 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2554 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2555 struct ieee80211_ht_capabilities *htcaps,
2556 struct ieee80211_ht_capabilities *htcaps_mask,
2559 /* Masking these out disables HT40 */
2560 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2561 HT_CAP_INFO_SHORT_GI40MHZ);
2563 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2566 htcaps->ht_capabilities_info &= ~msk;
2568 htcaps->ht_capabilities_info |= msk;
2570 htcaps_mask->ht_capabilities_info |= msk;
2576 void wpa_supplicant_apply_ht_overrides(
2577 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2578 struct wpa_driver_associate_params *params)
2580 struct ieee80211_ht_capabilities *htcaps;
2581 struct ieee80211_ht_capabilities *htcaps_mask;
2586 params->disable_ht = ssid->disable_ht;
2587 if (!params->htcaps || !params->htcaps_mask)
2590 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2591 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2592 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2593 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2594 ssid->disable_max_amsdu);
2595 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2596 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2597 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2600 #endif /* CONFIG_HT_OVERRIDES */
2603 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2608 if (!wpa_s->conf->pcsc_reader)
2611 wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader);
2615 if (wpa_s->conf->pcsc_pin &&
2616 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2617 scard_deinit(wpa_s->scard);
2618 wpa_s->scard = NULL;
2619 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2623 len = sizeof(wpa_s->imsi) - 1;
2624 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2625 scard_deinit(wpa_s->scard);
2626 wpa_s->scard = NULL;
2627 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2630 wpa_s->imsi[len] = '\0';
2632 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2634 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2635 wpa_s->imsi, wpa_s->mnc_len);
2637 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2638 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2639 #endif /* PCSC_FUNCS */
2645 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2649 ext_password_deinit(wpa_s->ext_pw);
2650 wpa_s->ext_pw = NULL;
2651 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2653 if (!wpa_s->conf->ext_password_backend)
2656 val = os_strdup(wpa_s->conf->ext_password_backend);
2659 pos = os_strchr(val, ':');
2663 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2665 wpa_s->ext_pw = ext_password_init(val, pos);
2667 if (wpa_s->ext_pw == NULL) {
2668 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2671 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2677 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2678 struct wpa_interface *iface)
2680 const char *ifname, *driver;
2681 struct wpa_driver_capa capa;
2683 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2684 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2685 iface->confname ? iface->confname : "N/A",
2686 iface->driver ? iface->driver : "default",
2687 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2688 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2690 if (iface->confname) {
2691 #ifdef CONFIG_BACKEND_FILE
2692 wpa_s->confname = os_rel2abs_path(iface->confname);
2693 if (wpa_s->confname == NULL) {
2694 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2695 "for configuration file '%s'.",
2699 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2700 iface->confname, wpa_s->confname);
2701 #else /* CONFIG_BACKEND_FILE */
2702 wpa_s->confname = os_strdup(iface->confname);
2703 #endif /* CONFIG_BACKEND_FILE */
2704 wpa_s->conf = wpa_config_read(wpa_s->confname);
2705 if (wpa_s->conf == NULL) {
2706 wpa_printf(MSG_ERROR, "Failed to read or parse "
2707 "configuration '%s'.", wpa_s->confname);
2712 * Override ctrl_interface and driver_param if set on command
2715 if (iface->ctrl_interface) {
2716 os_free(wpa_s->conf->ctrl_interface);
2717 wpa_s->conf->ctrl_interface =
2718 os_strdup(iface->ctrl_interface);
2721 if (iface->driver_param) {
2722 os_free(wpa_s->conf->driver_param);
2723 wpa_s->conf->driver_param =
2724 os_strdup(iface->driver_param);
2727 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2728 iface->driver_param);
2730 if (wpa_s->conf == NULL) {
2731 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2735 if (iface->ifname == NULL) {
2736 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2739 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2740 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2744 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2746 if (iface->bridge_ifname) {
2747 if (os_strlen(iface->bridge_ifname) >=
2748 sizeof(wpa_s->bridge_ifname)) {
2749 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2750 "name '%s'.", iface->bridge_ifname);
2753 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2754 sizeof(wpa_s->bridge_ifname));
2757 /* RSNA Supplicant Key Management - INITIALIZE */
2758 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2759 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2761 /* Initialize driver interface and register driver event handler before
2762 * L2 receive handler so that association events are processed before
2763 * EAPOL-Key packets if both become available for the same select()
2765 driver = iface->driver;
2767 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2770 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2771 if (wpa_s->drv_priv == NULL) {
2773 pos = driver ? os_strchr(driver, ',') : NULL;
2775 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2776 "driver interface - try next driver wrapper");
2780 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2784 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2785 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2786 "driver_param '%s'", wpa_s->conf->driver_param);
2790 ifname = wpa_drv_get_ifname(wpa_s);
2791 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2792 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2793 "interface name with '%s'", ifname);
2794 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2797 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2800 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2801 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2803 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2805 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2806 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2807 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2808 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2809 "dot11RSNAConfigPMKLifetime");
2813 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2814 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2815 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2816 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2817 "dot11RSNAConfigPMKReauthThreshold");
2821 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2822 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2823 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2824 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2825 "dot11RSNAConfigSATimeout");
2829 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2830 &wpa_s->hw.num_modes,
2833 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2834 wpa_s->drv_capa_known = 1;
2835 wpa_s->drv_flags = capa.flags;
2836 wpa_s->drv_enc = capa.enc;
2837 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
2838 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2839 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2840 wpa_s->sched_scan_supported = capa.sched_scan_supported;
2841 wpa_s->max_match_sets = capa.max_match_sets;
2842 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2843 wpa_s->max_stations = capa.max_stations;
2845 if (wpa_s->max_remain_on_chan == 0)
2846 wpa_s->max_remain_on_chan = 1000;
2848 if (wpa_supplicant_driver_init(wpa_s) < 0)
2852 if (wpa_tdls_init(wpa_s->wpa))
2854 #endif /* CONFIG_TDLS */
2856 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2857 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2858 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2862 if (wpas_wps_init(wpa_s))
2865 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2867 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2869 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2870 if (wpa_s->ctrl_iface == NULL) {
2871 wpa_printf(MSG_ERROR,
2872 "Failed to initialize control interface '%s'.\n"
2873 "You may have another wpa_supplicant process "
2874 "already running or the file was\n"
2875 "left by an unclean termination of wpa_supplicant "
2876 "in which case you will need\n"
2877 "to manually remove this file before starting "
2878 "wpa_supplicant again.\n",
2879 wpa_s->conf->ctrl_interface);
2883 wpa_s->gas = gas_query_init(wpa_s);
2884 if (wpa_s->gas == NULL) {
2885 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
2890 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2891 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2894 #endif /* CONFIG_P2P */
2896 if (wpa_bss_init(wpa_s) < 0)
2899 if (pcsc_reader_init(wpa_s) < 0)
2902 if (wpas_init_ext_pw(wpa_s) < 0)
2909 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2910 int notify, int terminate)
2912 if (wpa_s->drv_priv) {
2913 wpa_supplicant_deauthenticate(wpa_s,
2914 WLAN_REASON_DEAUTH_LEAVING);
2916 wpa_drv_set_countermeasures(wpa_s, 0);
2917 wpa_clear_keys(wpa_s, NULL);
2920 wpa_supplicant_cleanup(wpa_s);
2923 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
2924 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
2925 "the management interface is being removed");
2926 wpas_p2p_deinit_global(wpa_s->global);
2928 #endif /* CONFIG_P2P */
2930 if (wpa_s->drv_priv)
2931 wpa_drv_deinit(wpa_s);
2934 wpas_notify_iface_removed(wpa_s);
2937 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
2939 if (wpa_s->ctrl_iface) {
2940 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
2941 wpa_s->ctrl_iface = NULL;
2944 if (wpa_s->conf != NULL) {
2945 wpa_config_free(wpa_s->conf);
2952 * wpa_supplicant_add_iface - Add a new network interface
2953 * @global: Pointer to global data from wpa_supplicant_init()
2954 * @iface: Interface configuration options
2955 * Returns: Pointer to the created interface or %NULL on failure
2957 * This function is used to add new network interfaces for %wpa_supplicant.
2958 * This can be called before wpa_supplicant_run() to add interfaces before the
2959 * main event loop has been started. In addition, new interfaces can be added
2960 * dynamically while %wpa_supplicant is already running. This could happen,
2961 * e.g., when a hotplug network adapter is inserted.
2963 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2964 struct wpa_interface *iface)
2966 struct wpa_supplicant *wpa_s;
2967 struct wpa_interface t_iface;
2968 struct wpa_ssid *ssid;
2970 if (global == NULL || iface == NULL)
2973 wpa_s = wpa_supplicant_alloc();
2977 wpa_s->global = global;
2980 if (global->params.override_driver) {
2981 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2983 iface->driver, global->params.override_driver);
2984 t_iface.driver = global->params.override_driver;
2986 if (global->params.override_ctrl_interface) {
2987 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2988 "ctrl_interface ('%s' -> '%s')",
2989 iface->ctrl_interface,
2990 global->params.override_ctrl_interface);
2991 t_iface.ctrl_interface =
2992 global->params.override_ctrl_interface;
2994 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2995 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2997 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3002 /* Notify the control interfaces about new iface */
3003 if (wpas_notify_iface_added(wpa_s)) {
3004 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3009 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3010 wpas_notify_network_added(wpa_s, ssid);
3012 wpa_s->next = global->ifaces;
3013 global->ifaces = wpa_s;
3015 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3016 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3023 * wpa_supplicant_remove_iface - Remove a network interface
3024 * @global: Pointer to global data from wpa_supplicant_init()
3025 * @wpa_s: Pointer to the network interface to be removed
3026 * Returns: 0 if interface was removed, -1 if interface was not found
3028 * This function can be used to dynamically remove network interfaces from
3029 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3030 * addition, this function is used to remove all remaining interfaces when
3031 * %wpa_supplicant is terminated.
3033 int wpa_supplicant_remove_iface(struct wpa_global *global,
3034 struct wpa_supplicant *wpa_s,
3037 struct wpa_supplicant *prev;
3039 /* Remove interface from the global list of interfaces */
3040 prev = global->ifaces;
3041 if (prev == wpa_s) {
3042 global->ifaces = wpa_s->next;
3044 while (prev && prev->next != wpa_s)
3048 prev->next = wpa_s->next;
3051 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3053 if (global->p2p_group_formation == wpa_s)
3054 global->p2p_group_formation = NULL;
3055 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3063 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3064 * @wpa_s: Pointer to the network interface
3065 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3067 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3069 const char *eapol_method;
3071 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3072 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3076 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3077 if (eapol_method == NULL)
3078 return "UNKNOWN-EAP";
3080 return eapol_method;
3085 * wpa_supplicant_get_iface - Get a new network interface
3086 * @global: Pointer to global data from wpa_supplicant_init()
3087 * @ifname: Interface name
3088 * Returns: Pointer to the interface or %NULL if not found
3090 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3093 struct wpa_supplicant *wpa_s;
3095 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3096 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3103 #ifndef CONFIG_NO_WPA_MSG
3104 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3106 struct wpa_supplicant *wpa_s = ctx;
3109 return wpa_s->ifname;
3111 #endif /* CONFIG_NO_WPA_MSG */
3115 * wpa_supplicant_init - Initialize %wpa_supplicant
3116 * @params: Parameters for %wpa_supplicant
3117 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3119 * This function is used to initialize %wpa_supplicant. After successful
3120 * initialization, the returned data pointer can be used to add and remove
3121 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3123 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3125 struct wpa_global *global;
3131 #ifdef CONFIG_DRIVER_NDIS
3133 void driver_ndis_init_ops(void);
3134 driver_ndis_init_ops();
3136 #endif /* CONFIG_DRIVER_NDIS */
3138 #ifndef CONFIG_NO_WPA_MSG
3139 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3140 #endif /* CONFIG_NO_WPA_MSG */
3142 wpa_debug_open_file(params->wpa_debug_file_path);
3143 if (params->wpa_debug_syslog)
3144 wpa_debug_open_syslog();
3145 if (params->wpa_debug_tracing) {
3146 ret = wpa_debug_open_linux_tracing();
3148 wpa_printf(MSG_ERROR,
3149 "Failed to enable trace logging");
3154 ret = eap_register_methods();
3156 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3158 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3159 "the same EAP type.");
3163 global = os_zalloc(sizeof(*global));
3166 dl_list_init(&global->p2p_srv_bonjour);
3167 dl_list_init(&global->p2p_srv_upnp);
3168 global->params.daemonize = params->daemonize;
3169 global->params.wait_for_monitor = params->wait_for_monitor;
3170 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3171 if (params->pid_file)
3172 global->params.pid_file = os_strdup(params->pid_file);
3173 if (params->ctrl_interface)
3174 global->params.ctrl_interface =
3175 os_strdup(params->ctrl_interface);
3176 if (params->override_driver)
3177 global->params.override_driver =
3178 os_strdup(params->override_driver);
3179 if (params->override_ctrl_interface)
3180 global->params.override_ctrl_interface =
3181 os_strdup(params->override_ctrl_interface);
3182 wpa_debug_level = global->params.wpa_debug_level =
3183 params->wpa_debug_level;
3184 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3185 params->wpa_debug_show_keys;
3186 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3187 params->wpa_debug_timestamp;
3189 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3192 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3193 wpa_supplicant_deinit(global);
3197 random_init(params->entropy_file);
3199 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3200 if (global->ctrl_iface == NULL) {
3201 wpa_supplicant_deinit(global);
3205 if (wpas_notify_supplicant_initialized(global)) {
3206 wpa_supplicant_deinit(global);
3210 for (i = 0; wpa_drivers[i]; i++)
3211 global->drv_count++;
3212 if (global->drv_count == 0) {
3213 wpa_printf(MSG_ERROR, "No drivers enabled");
3214 wpa_supplicant_deinit(global);
3217 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3218 if (global->drv_priv == NULL) {
3219 wpa_supplicant_deinit(global);
3223 #ifdef CONFIG_WIFI_DISPLAY
3224 if (wifi_display_init(global) < 0) {
3225 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3226 wpa_supplicant_deinit(global);
3229 #endif /* CONFIG_WIFI_DISPLAY */
3236 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3237 * @global: Pointer to global data from wpa_supplicant_init()
3238 * Returns: 0 after successful event loop run, -1 on failure
3240 * This function starts the main event loop and continues running as long as
3241 * there are any remaining events. In most cases, this function is running as
3242 * long as the %wpa_supplicant process in still in use.
3244 int wpa_supplicant_run(struct wpa_global *global)
3246 struct wpa_supplicant *wpa_s;
3248 if (global->params.daemonize &&
3249 wpa_supplicant_daemon(global->params.pid_file))
3252 if (global->params.wait_for_monitor) {
3253 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3254 if (wpa_s->ctrl_iface)
3255 wpa_supplicant_ctrl_iface_wait(
3259 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3260 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3269 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3270 * @global: Pointer to global data from wpa_supplicant_init()
3272 * This function is called to deinitialize %wpa_supplicant and to free all
3273 * allocated resources. Remaining network interfaces will also be removed.
3275 void wpa_supplicant_deinit(struct wpa_global *global)
3282 #ifdef CONFIG_WIFI_DISPLAY
3283 wifi_display_deinit(global);
3284 #endif /* CONFIG_WIFI_DISPLAY */
3286 wpas_p2p_deinit_global(global);
3287 #endif /* CONFIG_P2P */
3289 while (global->ifaces)
3290 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3292 if (global->ctrl_iface)
3293 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3295 wpas_notify_supplicant_deinitialized(global);
3297 eap_peer_unregister_methods();
3299 eap_server_unregister_methods();
3300 #endif /* CONFIG_AP */
3302 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3303 if (!global->drv_priv[i])
3305 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3307 os_free(global->drv_priv);
3313 if (global->params.pid_file) {
3314 os_daemonize_terminate(global->params.pid_file);
3315 os_free(global->params.pid_file);
3317 os_free(global->params.ctrl_interface);
3318 os_free(global->params.override_driver);
3319 os_free(global->params.override_ctrl_interface);
3321 os_free(global->p2p_disallow_freq);
3324 wpa_debug_close_syslog();
3325 wpa_debug_close_file();
3326 wpa_debug_close_linux_tracing();
3330 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3332 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3333 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3335 country[0] = wpa_s->conf->country[0];
3336 country[1] = wpa_s->conf->country[1];
3338 if (wpa_drv_set_country(wpa_s, country) < 0) {
3339 wpa_printf(MSG_ERROR, "Failed to set country code "
3344 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3345 wpas_init_ext_pw(wpa_s);
3348 wpas_wps_update_config(wpa_s);
3349 #endif /* CONFIG_WPS */
3352 wpas_p2p_update_config(wpa_s);
3353 #endif /* CONFIG_P2P */
3355 wpa_s->conf->changed_parameters = 0;
3359 static void add_freq(int *freqs, int *num_freqs, int freq)
3363 for (i = 0; i < *num_freqs; i++) {
3364 if (freqs[i] == freq)
3368 freqs[*num_freqs] = freq;
3373 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3375 struct wpa_bss *bss, *cbss;
3376 const int max_freqs = 10;
3380 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3384 cbss = wpa_s->current_bss;
3386 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3389 if (bss->ssid_len == cbss->ssid_len &&
3390 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3391 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3392 add_freq(freqs, &num_freqs, bss->freq);
3393 if (num_freqs == max_freqs)
3398 if (num_freqs == 0) {
3407 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3414 * Remove possible authentication timeout since the connection failed.
3416 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3419 * Add the failed BSSID into the blacklist and speed up next scan
3420 * attempt if there could be other APs that could accept association.
3421 * The current blacklist count indicates how many times we have tried
3422 * connecting to this AP and multiple attempts mean that other APs are
3423 * either not available or has already been tried, so that we can start
3424 * increasing the delay here to avoid constant scanning.
3426 count = wpa_blacklist_add(wpa_s, bssid);
3427 if (count == 1 && wpa_s->current_bss) {
3429 * This BSS was not in the blacklist before. If there is
3430 * another BSS available for the same ESS, we should try that
3431 * next. Otherwise, we may as well try this one once more
3432 * before allowing other, likely worse, ESSes to be considered.
3434 freqs = get_bss_freqs_in_ess(wpa_s);
3436 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3437 "has been seen; try it next");
3438 wpa_blacklist_add(wpa_s, bssid);
3440 * On the next scan, go through only the known channels
3441 * used in this ESS based on previous scans to speed up
3442 * common load balancing use case.
3444 os_free(wpa_s->next_scan_freqs);
3445 wpa_s->next_scan_freqs = freqs;
3464 * TODO: if more than one possible AP is available in scan results,
3465 * could try the other ones before requesting a new scan.
3467 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3468 1000 * (timeout % 1000));
3471 if (wpa_s->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
3472 wpa_s->global->p2p != NULL) {
3473 wpa_s->p2p_cb_on_scan_complete = 0;
3474 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
3475 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
3476 "continued after failed association");
3479 #endif /* CONFIG_P2P */
3483 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3485 return wpa_s->conf->ap_scan == 2 ||
3486 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3490 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3491 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3492 struct wpa_ssid *ssid,
3496 #ifdef IEEE8021X_EAPOL
3497 struct eap_peer_config *eap = &ssid->eap;
3499 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3500 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3501 (const u8 *) value, os_strlen(value));
3503 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3504 case WPA_CTRL_REQ_EAP_IDENTITY:
3505 os_free(eap->identity);
3506 eap->identity = (u8 *) os_strdup(value);
3507 eap->identity_len = os_strlen(value);
3508 eap->pending_req_identity = 0;
3509 if (ssid == wpa_s->current_ssid)
3510 wpa_s->reassociate = 1;
3512 case WPA_CTRL_REQ_EAP_PASSWORD:
3513 os_free(eap->password);
3514 eap->password = (u8 *) os_strdup(value);
3515 eap->password_len = os_strlen(value);
3516 eap->pending_req_password = 0;
3517 if (ssid == wpa_s->current_ssid)
3518 wpa_s->reassociate = 1;
3520 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3521 os_free(eap->new_password);
3522 eap->new_password = (u8 *) os_strdup(value);
3523 eap->new_password_len = os_strlen(value);
3524 eap->pending_req_new_password = 0;
3525 if (ssid == wpa_s->current_ssid)
3526 wpa_s->reassociate = 1;
3528 case WPA_CTRL_REQ_EAP_PIN:
3530 eap->pin = os_strdup(value);
3531 eap->pending_req_pin = 0;
3532 if (ssid == wpa_s->current_ssid)
3533 wpa_s->reassociate = 1;
3535 case WPA_CTRL_REQ_EAP_OTP:
3537 eap->otp = (u8 *) os_strdup(value);
3538 eap->otp_len = os_strlen(value);
3539 os_free(eap->pending_req_otp);
3540 eap->pending_req_otp = NULL;
3541 eap->pending_req_otp_len = 0;
3543 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3544 os_free(eap->private_key_passwd);
3545 eap->private_key_passwd = (u8 *) os_strdup(value);
3546 eap->pending_req_passphrase = 0;
3547 if (ssid == wpa_s->current_ssid)
3548 wpa_s->reassociate = 1;
3551 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3556 #else /* IEEE8021X_EAPOL */
3557 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3559 #endif /* IEEE8021X_EAPOL */
3561 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
3564 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3567 unsigned int drv_enc;
3575 if (wpa_s && wpa_s->drv_capa_known)
3576 drv_enc = wpa_s->drv_enc;
3578 drv_enc = (unsigned int) -1;
3580 for (i = 0; i < NUM_WEP_KEYS; i++) {
3581 size_t len = ssid->wep_key_len[i];
3584 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3586 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3588 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3590 return 1; /* invalid WEP key */
3593 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3601 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3603 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3605 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3611 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3613 struct wpa_ssid *ssid = wpa_s->current_ssid;
3618 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3623 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3626 ssid->auth_failures++;
3627 if (ssid->auth_failures > 50)
3629 else if (ssid->auth_failures > 20)
3631 else if (ssid->auth_failures > 10)
3633 else if (ssid->auth_failures > 5)
3635 else if (ssid->auth_failures > 1)
3641 if (now.sec + dur <= ssid->disabled_until.sec)
3644 ssid->disabled_until.sec = now.sec + dur;
3646 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
3647 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
3648 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
3649 ssid->auth_failures, dur);
3653 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
3654 struct wpa_ssid *ssid, int clear_failures)
3659 if (ssid->disabled_until.sec) {
3660 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
3661 "id=%d ssid=\"%s\"",
3662 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3664 ssid->disabled_until.sec = 0;
3665 ssid->disabled_until.usec = 0;
3667 ssid->auth_failures = 0;