3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_server/eap_methods.h"
21 #include "rsn_supp/wpa.h"
24 #include "utils/ext_password.h"
25 #include "l2_packet/l2_packet.h"
26 #include "wpa_supplicant_i.h"
28 #include "ctrl_iface.h"
29 #include "pcsc_funcs.h"
30 #include "common/version.h"
31 #include "rsn_supp/preauth.h"
32 #include "rsn_supp/pmksa_cache.h"
33 #include "common/wpa_ctrl.h"
34 #include "common/ieee802_11_defs.h"
36 #include "blacklist.h"
37 #include "wpas_glue.h"
38 #include "wps_supplicant.h"
41 #include "gas_query.h"
43 #include "p2p_supplicant.h"
44 #include "wifi_display.h"
50 #include "offchannel.h"
51 #include "hs20_supplicant.h"
53 const char *wpa_supplicant_version =
54 "wpa_supplicant v" VERSION_STR "\n"
55 "Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors";
57 const char *wpa_supplicant_license =
58 "This software may be distributed under the terms of the BSD license.\n"
59 "See README for more details.\n"
60 #ifdef EAP_TLS_OPENSSL
61 "\nThis product includes software developed by the OpenSSL Project\n"
62 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
63 #endif /* EAP_TLS_OPENSSL */
66 #ifndef CONFIG_NO_STDOUT_DEBUG
67 /* Long text divided into parts in order to fit in C89 strings size limits. */
68 const char *wpa_supplicant_full_license1 =
70 const char *wpa_supplicant_full_license2 =
71 "This software may be distributed under the terms of the BSD license.\n"
73 "Redistribution and use in source and binary forms, with or without\n"
74 "modification, are permitted provided that the following conditions are\n"
77 const char *wpa_supplicant_full_license3 =
78 "1. Redistributions of source code must retain the above copyright\n"
79 " notice, this list of conditions and the following disclaimer.\n"
81 "2. Redistributions in binary form must reproduce the above copyright\n"
82 " notice, this list of conditions and the following disclaimer in the\n"
83 " documentation and/or other materials provided with the distribution.\n"
85 const char *wpa_supplicant_full_license4 =
86 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
87 " names of its contributors may be used to endorse or promote products\n"
88 " derived from this software without specific prior written permission.\n"
90 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
91 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
92 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
93 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
94 const char *wpa_supplicant_full_license5 =
95 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
96 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
97 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
98 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
99 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
100 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
101 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
103 #endif /* CONFIG_NO_STDOUT_DEBUG */
105 extern int wpa_debug_level;
106 extern int wpa_debug_show_keys;
107 extern int wpa_debug_timestamp;
108 extern struct wpa_driver_ops *wpa_drivers[];
110 /* Configure default/group WEP keys for static WEP */
111 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
115 for (i = 0; i < NUM_WEP_KEYS; i++) {
116 if (ssid->wep_key_len[i] == 0)
120 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
121 i, i == ssid->wep_tx_keyidx, NULL, 0,
122 ssid->wep_key[i], ssid->wep_key_len[i]);
129 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
130 struct wpa_ssid *ssid)
137 /* IBSS/WPA-None uses only one key (Group) for both receiving and
138 * sending unicast and multicast packets. */
140 if (ssid->mode != WPAS_MODE_IBSS) {
141 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
142 "IBSS/ad-hoc) for WPA-None", ssid->mode);
146 if (!ssid->psk_set) {
147 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
152 switch (wpa_s->group_cipher) {
153 case WPA_CIPHER_CCMP:
154 os_memcpy(key, ssid->psk, 16);
158 case WPA_CIPHER_GCMP:
159 os_memcpy(key, ssid->psk, 16);
163 case WPA_CIPHER_TKIP:
164 /* WPA-None uses the same Michael MIC key for both TX and RX */
165 os_memcpy(key, ssid->psk, 16 + 8);
166 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
172 "WPA-None", wpa_s->group_cipher);
176 /* TODO: should actually remember the previously used seq#, both for TX
177 * and RX from each STA.. */
179 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
183 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
185 struct wpa_supplicant *wpa_s = eloop_ctx;
186 const u8 *bssid = wpa_s->bssid;
187 if (is_zero_ether_addr(bssid))
188 bssid = wpa_s->pending_bssid;
189 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
191 wpa_blacklist_add(wpa_s, bssid);
192 wpa_sm_notify_disassoc(wpa_s->wpa);
193 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
194 wpa_s->reassociate = 1;
197 * If we timed out, the AP or the local radio may be busy.
198 * So, wait a second until scanning again.
200 wpa_supplicant_req_scan(wpa_s, 1, 0);
203 if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
204 wpa_s->global->p2p != NULL) {
205 wpa_s->global->p2p_cb_on_scan_complete = 0;
206 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
207 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
208 "continued after timed out authentication");
211 #endif /* CONFIG_P2P */
216 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
217 * @wpa_s: Pointer to wpa_supplicant data
218 * @sec: Number of seconds after which to time out authentication
219 * @usec: Number of microseconds after which to time out authentication
221 * This function is used to schedule a timeout for the current authentication
224 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
227 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
228 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
231 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
232 "%d usec", sec, usec);
233 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
234 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
239 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
240 * @wpa_s: Pointer to wpa_supplicant data
242 * This function is used to cancel authentication timeout scheduled with
243 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
246 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
248 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
249 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
250 wpa_blacklist_del(wpa_s, wpa_s->bssid);
255 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
256 * @wpa_s: Pointer to wpa_supplicant data
258 * This function is used to configure EAPOL state machine based on the selected
259 * authentication mode.
261 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
263 #ifdef IEEE8021X_EAPOL
264 struct eapol_config eapol_conf;
265 struct wpa_ssid *ssid = wpa_s->current_ssid;
267 #ifdef CONFIG_IBSS_RSN
268 if (ssid->mode == WPAS_MODE_IBSS &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
270 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
272 * RSN IBSS authentication is per-STA and we can disable the
273 * per-BSSID EAPOL authentication.
275 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
276 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
277 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
280 #endif /* CONFIG_IBSS_RSN */
282 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
283 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
286 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
287 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
289 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
291 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
292 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
293 eapol_conf.accept_802_1x_keys = 1;
294 eapol_conf.required_keys = 0;
295 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
296 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
298 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
299 eapol_conf.required_keys |=
300 EAPOL_REQUIRE_KEY_BROADCAST;
303 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
304 eapol_conf.required_keys = 0;
307 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
308 eapol_conf.workaround = ssid->eap_workaround;
309 eapol_conf.eap_disabled =
310 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
311 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
312 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
313 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
314 #endif /* IEEE8021X_EAPOL */
319 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
320 * @wpa_s: Pointer to wpa_supplicant data
321 * @ssid: Configuration data for the network
323 * This function is used to configure WPA state machine and related parameters
324 * to a mode where WPA is not enabled. This is called as part of the
325 * authentication configuration when the selected network does not use WPA.
327 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
328 struct wpa_ssid *ssid)
332 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
333 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
334 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
335 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
337 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
338 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
339 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
340 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
341 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
342 wpa_s->group_cipher = WPA_CIPHER_NONE;
343 wpa_s->mgmt_group_cipher = 0;
345 for (i = 0; i < NUM_WEP_KEYS; i++) {
346 if (ssid->wep_key_len[i] > 5) {
347 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
348 wpa_s->group_cipher = WPA_CIPHER_WEP104;
350 } else if (ssid->wep_key_len[i] > 0) {
351 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
352 wpa_s->group_cipher = WPA_CIPHER_WEP40;
357 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
358 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
359 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
360 wpa_s->pairwise_cipher);
361 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
362 #ifdef CONFIG_IEEE80211W
363 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
364 wpa_s->mgmt_group_cipher);
365 #endif /* CONFIG_IEEE80211W */
367 pmksa_cache_clear_current(wpa_s->wpa);
371 void free_hw_features(struct wpa_supplicant *wpa_s)
374 if (wpa_s->hw.modes == NULL)
377 for (i = 0; i < wpa_s->hw.num_modes; i++) {
378 os_free(wpa_s->hw.modes[i].channels);
379 os_free(wpa_s->hw.modes[i].rates);
382 os_free(wpa_s->hw.modes);
383 wpa_s->hw.modes = NULL;
387 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
389 bgscan_deinit(wpa_s);
390 autoscan_deinit(wpa_s);
391 scard_deinit(wpa_s->scard);
393 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
394 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
395 l2_packet_deinit(wpa_s->l2);
398 l2_packet_deinit(wpa_s->l2_br);
402 if (wpa_s->conf != NULL) {
403 struct wpa_ssid *ssid;
404 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
405 wpas_notify_network_removed(wpa_s, ssid);
408 os_free(wpa_s->confname);
409 wpa_s->confname = NULL;
411 wpa_sm_set_eapol(wpa_s->wpa, NULL);
412 eapol_sm_deinit(wpa_s->eapol);
415 rsn_preauth_deinit(wpa_s->wpa);
418 wpa_tdls_deinit(wpa_s->wpa);
419 #endif /* CONFIG_TDLS */
421 pmksa_candidate_free(wpa_s->wpa);
422 wpa_sm_deinit(wpa_s->wpa);
424 wpa_blacklist_clear(wpa_s);
426 wpa_bss_deinit(wpa_s);
428 wpa_supplicant_cancel_scan(wpa_s);
429 wpa_supplicant_cancel_auth_timeout(wpa_s);
430 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
431 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
432 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
434 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
436 wpas_wps_deinit(wpa_s);
438 wpabuf_free(wpa_s->pending_eapol_rx);
439 wpa_s->pending_eapol_rx = NULL;
441 #ifdef CONFIG_IBSS_RSN
442 ibss_rsn_deinit(wpa_s->ibss_rsn);
443 wpa_s->ibss_rsn = NULL;
444 #endif /* CONFIG_IBSS_RSN */
449 wpa_supplicant_ap_deinit(wpa_s);
450 #endif /* CONFIG_AP */
453 wpas_p2p_deinit(wpa_s);
454 #endif /* CONFIG_P2P */
456 #ifdef CONFIG_OFFCHANNEL
457 offchannel_deinit(wpa_s);
458 #endif /* CONFIG_OFFCHANNEL */
460 wpa_supplicant_cancel_sched_scan(wpa_s);
462 os_free(wpa_s->next_scan_freqs);
463 wpa_s->next_scan_freqs = NULL;
465 gas_query_deinit(wpa_s->gas);
468 free_hw_features(wpa_s);
470 os_free(wpa_s->bssid_filter);
471 wpa_s->bssid_filter = NULL;
473 wnm_bss_keep_alive_deinit(wpa_s);
475 ext_password_deinit(wpa_s->ext_pw);
476 wpa_s->ext_pw = NULL;
478 wpabuf_free(wpa_s->last_gas_resp);
480 os_free(wpa_s->last_scan_res);
481 wpa_s->last_scan_res = NULL;
486 * wpa_clear_keys - Clear keys configured for the driver
487 * @wpa_s: Pointer to wpa_supplicant data
488 * @addr: Previously used BSSID or %NULL if not available
490 * This function clears the encryption keys that has been previously configured
493 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
495 if (wpa_s->keys_cleared) {
496 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
497 * timing issues with keys being cleared just before new keys
498 * are set or just after association or something similar. This
499 * shows up in group key handshake failing often because of the
500 * client not receiving the first encrypted packets correctly.
501 * Skipping some of the extra key clearing steps seems to help
502 * in completing group key handshake more reliably. */
503 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
504 "skip key clearing");
508 /* MLME-DELETEKEYS.request */
509 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
510 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
511 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
512 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
513 #ifdef CONFIG_IEEE80211W
514 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
516 #endif /* CONFIG_IEEE80211W */
518 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
520 /* MLME-SETPROTECTION.request(None) */
521 wpa_drv_mlme_setprotection(
523 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
524 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
526 wpa_s->keys_cleared = 1;
531 * wpa_supplicant_state_txt - Get the connection state name as a text string
532 * @state: State (wpa_state; WPA_*)
533 * Returns: The state name as a printable text string
535 const char * wpa_supplicant_state_txt(enum wpa_states state)
538 case WPA_DISCONNECTED:
539 return "DISCONNECTED";
542 case WPA_INTERFACE_DISABLED:
543 return "INTERFACE_DISABLED";
546 case WPA_AUTHENTICATING:
547 return "AUTHENTICATING";
548 case WPA_ASSOCIATING:
549 return "ASSOCIATING";
552 case WPA_4WAY_HANDSHAKE:
553 return "4WAY_HANDSHAKE";
554 case WPA_GROUP_HANDSHAKE:
555 return "GROUP_HANDSHAKE";
566 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
568 if (wpas_driver_bss_selection(wpa_s))
570 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
573 bgscan_deinit(wpa_s);
574 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
575 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
576 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
579 * Live without bgscan; it is only used as a roaming
580 * optimization, so the initial connection is not
584 struct wpa_scan_results *scan_res;
585 wpa_s->bgscan_ssid = wpa_s->current_ssid;
586 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
589 bgscan_notify_scan(wpa_s, scan_res);
590 wpa_scan_results_free(scan_res);
594 wpa_s->bgscan_ssid = NULL;
598 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
600 if (wpa_s->bgscan_ssid != NULL) {
601 bgscan_deinit(wpa_s);
602 wpa_s->bgscan_ssid = NULL;
606 #endif /* CONFIG_BGSCAN */
609 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
611 if (autoscan_init(wpa_s, 0))
612 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
616 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
618 autoscan_deinit(wpa_s);
622 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
624 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
625 wpa_s->wpa_state == WPA_SCANNING) {
626 autoscan_deinit(wpa_s);
627 wpa_supplicant_start_autoscan(wpa_s);
633 * wpa_supplicant_set_state - Set current connection state
634 * @wpa_s: Pointer to wpa_supplicant data
635 * @state: The new connection state
637 * This function is called whenever the connection state changes, e.g.,
638 * association is completed for WPA/WPA2 4-Way Handshake is started.
640 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
641 enum wpa_states state)
643 enum wpa_states old_state = wpa_s->wpa_state;
645 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
646 wpa_supplicant_state_txt(wpa_s->wpa_state),
647 wpa_supplicant_state_txt(state));
650 if(state == WPA_ASSOCIATED && wpa_s->current_ssid) {
651 wpa_s->current_ssid->assoc_retry = 0;
653 #endif /* ANDROID_P2P */
655 if (state != WPA_SCANNING)
656 wpa_supplicant_notify_scanning(wpa_s, 0);
658 if (state == WPA_COMPLETED && wpa_s->new_connection) {
659 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
660 struct wpa_ssid *ssid = wpa_s->current_ssid;
661 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
662 MACSTR " completed %s [id=%d id_str=%s]",
663 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
664 "(reauth)" : "(auth)",
665 ssid ? ssid->id : -1,
666 ssid && ssid->id_str ? ssid->id_str : "");
667 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
668 wpas_clear_temp_disabled(wpa_s, ssid, 1);
669 wpa_s->new_connection = 0;
670 wpa_s->reassociated_connection = 1;
671 wpa_drv_set_operstate(wpa_s, 1);
672 #ifndef IEEE8021X_EAPOL
673 wpa_drv_set_supp_port(wpa_s, 1);
674 #endif /* IEEE8021X_EAPOL */
675 wpa_s->after_wps = 0;
677 wpas_p2p_completed(wpa_s);
678 #endif /* CONFIG_P2P */
680 sme_sched_obss_scan(wpa_s, 1);
681 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
682 state == WPA_ASSOCIATED) {
683 wpa_s->new_connection = 1;
684 wpa_drv_set_operstate(wpa_s, 0);
685 #ifndef IEEE8021X_EAPOL
686 wpa_drv_set_supp_port(wpa_s, 0);
687 #endif /* IEEE8021X_EAPOL */
688 sme_sched_obss_scan(wpa_s, 0);
690 wpa_s->wpa_state = state;
693 if (state == WPA_COMPLETED)
694 wpa_supplicant_start_bgscan(wpa_s);
696 wpa_supplicant_stop_bgscan(wpa_s);
697 #endif /* CONFIG_BGSCAN */
699 if (state == WPA_AUTHENTICATING)
700 wpa_supplicant_stop_autoscan(wpa_s);
702 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
703 wpa_supplicant_start_autoscan(wpa_s);
705 if (wpa_s->wpa_state != old_state) {
706 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
708 if (wpa_s->wpa_state == WPA_COMPLETED ||
709 old_state == WPA_COMPLETED)
710 wpas_notify_auth_changed(wpa_s);
715 void wpa_supplicant_terminate_proc(struct wpa_global *global)
719 struct wpa_supplicant *wpa_s = global->ifaces;
721 if (wpas_wps_terminate_pending(wpa_s) == 1)
725 #endif /* CONFIG_WPS */
732 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
734 struct wpa_global *global = signal_ctx;
735 wpa_supplicant_terminate_proc(global);
739 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
741 enum wpa_states old_state = wpa_s->wpa_state;
743 wpa_s->pairwise_cipher = 0;
744 wpa_s->group_cipher = 0;
745 wpa_s->mgmt_group_cipher = 0;
747 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
748 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
750 if (wpa_s->wpa_state != old_state)
751 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
756 * wpa_supplicant_reload_configuration - Reload configuration data
757 * @wpa_s: Pointer to wpa_supplicant data
758 * Returns: 0 on success or -1 if configuration parsing failed
760 * This function can be used to request that the configuration data is reloaded
761 * (e.g., after configuration file change). This function is reloading
762 * configuration only for one interface, so this may need to be called multiple
763 * times if %wpa_supplicant is controlling multiple interfaces and all
764 * interfaces need reconfiguration.
766 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
768 struct wpa_config *conf;
772 if (wpa_s->confname == NULL)
774 conf = wpa_config_read(wpa_s->confname);
776 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
777 "file '%s' - exiting", wpa_s->confname);
780 conf->changed_parameters = (unsigned int) -1;
782 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
783 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
784 os_strcmp(conf->ctrl_interface,
785 wpa_s->conf->ctrl_interface) != 0);
787 if (reconf_ctrl && wpa_s->ctrl_iface) {
788 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
789 wpa_s->ctrl_iface = NULL;
792 eapol_sm_invalidate_cached_session(wpa_s->eapol);
793 if (wpa_s->current_ssid) {
794 wpa_supplicant_deauthenticate(wpa_s,
795 WLAN_REASON_DEAUTH_LEAVING);
799 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
800 * pkcs11_engine_path, pkcs11_module_path.
802 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
804 * Clear forced success to clear EAP state for next
807 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
809 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
810 wpa_sm_set_config(wpa_s->wpa, NULL);
811 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
812 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
813 rsn_preauth_deinit(wpa_s->wpa);
815 old_ap_scan = wpa_s->conf->ap_scan;
816 wpa_config_free(wpa_s->conf);
818 if (old_ap_scan != wpa_s->conf->ap_scan)
819 wpas_notify_ap_scan_changed(wpa_s);
822 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
824 wpa_supplicant_update_config(wpa_s);
826 wpa_supplicant_clear_status(wpa_s);
827 if (wpa_supplicant_enabled_networks(wpa_s)) {
828 wpa_s->reassociate = 1;
829 wpa_supplicant_req_scan(wpa_s, 0, 0);
831 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
836 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
838 struct wpa_global *global = signal_ctx;
839 struct wpa_supplicant *wpa_s;
840 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
841 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
843 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
844 wpa_supplicant_terminate_proc(global);
850 enum wpa_cipher cipher_suite2driver(int cipher)
853 case WPA_CIPHER_NONE:
855 case WPA_CIPHER_WEP40:
857 case WPA_CIPHER_WEP104:
858 return CIPHER_WEP104;
859 case WPA_CIPHER_CCMP:
861 case WPA_CIPHER_GCMP:
863 case WPA_CIPHER_TKIP:
870 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
873 case WPA_KEY_MGMT_NONE:
874 return KEY_MGMT_NONE;
875 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
876 return KEY_MGMT_802_1X_NO_WPA;
877 case WPA_KEY_MGMT_IEEE8021X:
878 return KEY_MGMT_802_1X;
879 case WPA_KEY_MGMT_WPA_NONE:
880 return KEY_MGMT_WPA_NONE;
881 case WPA_KEY_MGMT_FT_IEEE8021X:
882 return KEY_MGMT_FT_802_1X;
883 case WPA_KEY_MGMT_FT_PSK:
884 return KEY_MGMT_FT_PSK;
885 case WPA_KEY_MGMT_IEEE8021X_SHA256:
886 return KEY_MGMT_802_1X_SHA256;
887 case WPA_KEY_MGMT_PSK_SHA256:
888 return KEY_MGMT_PSK_SHA256;
889 case WPA_KEY_MGMT_WPS:
891 case WPA_KEY_MGMT_PSK:
898 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
899 struct wpa_ssid *ssid,
900 struct wpa_ie_data *ie)
902 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
905 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
906 "from association info");
911 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
913 if (!(ie->group_cipher & ssid->group_cipher)) {
914 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
915 "cipher 0x%x (mask 0x%x) - reject",
916 ie->group_cipher, ssid->group_cipher);
919 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
920 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
921 "cipher 0x%x (mask 0x%x) - reject",
922 ie->pairwise_cipher, ssid->pairwise_cipher);
925 if (!(ie->key_mgmt & ssid->key_mgmt)) {
926 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
927 "management 0x%x (mask 0x%x) - reject",
928 ie->key_mgmt, ssid->key_mgmt);
932 #ifdef CONFIG_IEEE80211W
933 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
934 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
935 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
936 "that does not support management frame protection - "
940 #endif /* CONFIG_IEEE80211W */
947 * wpa_supplicant_set_suites - Set authentication and encryption parameters
948 * @wpa_s: Pointer to wpa_supplicant data
949 * @bss: Scan results for the selected BSS, or %NULL if not available
950 * @ssid: Configuration data for the selected network
951 * @wpa_ie: Buffer for the WPA/RSN IE
952 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
953 * used buffer length in case the functions returns success.
954 * Returns: 0 on success or -1 on failure
956 * This function is used to configure authentication and encryption parameters
957 * based on the network configuration and scan result for the selected BSS (if
960 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
961 struct wpa_bss *bss, struct wpa_ssid *ssid,
962 u8 *wpa_ie, size_t *wpa_ie_len)
964 struct wpa_ie_data ie;
966 const u8 *bss_wpa, *bss_rsn;
969 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
970 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
972 bss_wpa = bss_rsn = NULL;
974 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
975 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
976 (ie.group_cipher & ssid->group_cipher) &&
977 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
978 (ie.key_mgmt & ssid->key_mgmt)) {
979 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
980 proto = WPA_PROTO_RSN;
981 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
982 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
983 (ie.group_cipher & ssid->group_cipher) &&
984 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
985 (ie.key_mgmt & ssid->key_mgmt)) {
986 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
987 proto = WPA_PROTO_WPA;
989 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
992 if (ssid->proto & WPA_PROTO_RSN)
993 proto = WPA_PROTO_RSN;
995 proto = WPA_PROTO_WPA;
996 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
997 os_memset(&ie, 0, sizeof(ie));
998 ie.group_cipher = ssid->group_cipher;
999 ie.pairwise_cipher = ssid->pairwise_cipher;
1000 ie.key_mgmt = ssid->key_mgmt;
1001 #ifdef CONFIG_IEEE80211W
1002 ie.mgmt_group_cipher =
1003 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
1004 WPA_CIPHER_AES_128_CMAC : 0;
1005 #endif /* CONFIG_IEEE80211W */
1006 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1007 "based on configuration");
1012 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1013 "pairwise %d key_mgmt %d proto %d",
1014 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1015 #ifdef CONFIG_IEEE80211W
1016 if (ssid->ieee80211w) {
1017 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1018 ie.mgmt_group_cipher);
1020 #endif /* CONFIG_IEEE80211W */
1022 wpa_s->wpa_proto = proto;
1023 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1024 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1025 !!(ssid->proto & WPA_PROTO_RSN));
1027 if (bss || !wpa_s->ap_ies_from_associnfo) {
1028 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1029 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1030 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1031 bss_rsn ? 2 + bss_rsn[1] : 0))
1035 sel = ie.group_cipher & ssid->group_cipher;
1036 if (sel & WPA_CIPHER_CCMP) {
1037 wpa_s->group_cipher = WPA_CIPHER_CCMP;
1038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
1039 } else if (sel & WPA_CIPHER_GCMP) {
1040 wpa_s->group_cipher = WPA_CIPHER_GCMP;
1041 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK GCMP");
1042 } else if (sel & WPA_CIPHER_TKIP) {
1043 wpa_s->group_cipher = WPA_CIPHER_TKIP;
1044 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
1045 } else if (sel & WPA_CIPHER_WEP104) {
1046 wpa_s->group_cipher = WPA_CIPHER_WEP104;
1047 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
1048 } else if (sel & WPA_CIPHER_WEP40) {
1049 wpa_s->group_cipher = WPA_CIPHER_WEP40;
1050 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
1052 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1057 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1058 if (sel & WPA_CIPHER_CCMP) {
1059 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
1060 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
1061 } else if (sel & WPA_CIPHER_GCMP) {
1062 wpa_s->pairwise_cipher = WPA_CIPHER_GCMP;
1063 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK GCMP");
1064 } else if (sel & WPA_CIPHER_TKIP) {
1065 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
1066 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
1067 } else if (sel & WPA_CIPHER_NONE) {
1068 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1069 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
1071 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1076 sel = ie.key_mgmt & ssid->key_mgmt;
1078 #ifdef CONFIG_IEEE80211R
1079 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1080 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1081 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1082 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1083 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1084 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1085 #endif /* CONFIG_IEEE80211R */
1086 #ifdef CONFIG_IEEE80211W
1087 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1088 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1089 wpa_dbg(wpa_s, MSG_DEBUG,
1090 "WPA: using KEY_MGMT 802.1X with SHA256");
1091 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1092 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1093 wpa_dbg(wpa_s, MSG_DEBUG,
1094 "WPA: using KEY_MGMT PSK with SHA256");
1095 #endif /* CONFIG_IEEE80211W */
1096 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1097 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1098 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1099 } else if (sel & WPA_KEY_MGMT_PSK) {
1100 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1101 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1102 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1103 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1104 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1106 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1107 "authenticated key management type");
1111 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1112 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1113 wpa_s->pairwise_cipher);
1114 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1116 #ifdef CONFIG_IEEE80211W
1117 sel = ie.mgmt_group_cipher;
1118 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
1119 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1121 if (sel & WPA_CIPHER_AES_128_CMAC) {
1122 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1123 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1126 wpa_s->mgmt_group_cipher = 0;
1127 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1129 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1130 wpa_s->mgmt_group_cipher);
1131 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
1132 #endif /* CONFIG_IEEE80211W */
1134 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1135 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1139 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1140 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1141 #ifndef CONFIG_NO_PBKDF2
1142 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1145 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1146 4096, psk, PMK_LEN);
1147 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1149 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1151 #endif /* CONFIG_NO_PBKDF2 */
1152 #ifdef CONFIG_EXT_PASSWORD
1153 if (ssid->ext_psk) {
1154 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1156 char pw_str[64 + 1];
1160 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1161 "found from external storage");
1165 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1166 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1167 "PSK length %d in external storage",
1168 (int) wpabuf_len(pw));
1169 ext_password_free(pw);
1173 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1174 pw_str[wpabuf_len(pw)] = '\0';
1176 #ifndef CONFIG_NO_PBKDF2
1177 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1179 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1180 4096, psk, PMK_LEN);
1181 os_memset(pw_str, 0, sizeof(pw_str));
1182 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1183 "external passphrase)",
1185 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1187 #endif /* CONFIG_NO_PBKDF2 */
1188 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1189 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1190 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1191 "Invalid PSK hex string");
1192 os_memset(pw_str, 0, sizeof(pw_str));
1193 ext_password_free(pw);
1196 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1198 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1200 os_memset(pw_str, 0, sizeof(pw_str));
1201 ext_password_free(pw);
1205 os_memset(pw_str, 0, sizeof(pw_str));
1206 ext_password_free(pw);
1208 #endif /* CONFIG_EXT_PASSWORD */
1210 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1217 * wpa_supplicant_associate - Request association
1218 * @wpa_s: Pointer to wpa_supplicant data
1219 * @bss: Scan results for the selected BSS, or %NULL if not available
1220 * @ssid: Configuration data for the selected network
1222 * This function is used to request %wpa_supplicant to associate with a BSS.
1224 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1225 struct wpa_bss *bss, struct wpa_ssid *ssid)
1229 int use_crypt, ret, i, bssid_changed;
1230 int algs = WPA_AUTH_ALG_OPEN;
1231 enum wpa_cipher cipher_pairwise, cipher_group;
1232 struct wpa_driver_associate_params params;
1233 int wep_keys_set = 0;
1234 struct wpa_driver_capa capa;
1235 int assoc_failed = 0;
1236 struct wpa_ssid *old_ssid;
1237 #ifdef CONFIG_HT_OVERRIDES
1238 struct ieee80211_ht_capabilities htcaps;
1239 struct ieee80211_ht_capabilities htcaps_mask;
1240 #endif /* CONFIG_HT_OVERRIDES */
1242 #ifdef CONFIG_IBSS_RSN
1243 ibss_rsn_deinit(wpa_s->ibss_rsn);
1244 wpa_s->ibss_rsn = NULL;
1245 #endif /* CONFIG_IBSS_RSN */
1250 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1251 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1253 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1254 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1258 wpa_supplicant_create_ap(wpa_s, ssid);
1259 wpa_s->current_bss = bss;
1260 #else /* CONFIG_AP */
1261 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1263 #endif /* CONFIG_AP */
1269 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1271 #endif /* CONFIG_TDLS */
1273 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1274 ssid->mode == IEEE80211_MODE_INFRA) {
1275 sme_authenticate(wpa_s, bss, ssid);
1279 os_memset(¶ms, 0, sizeof(params));
1280 wpa_s->reassociate = 0;
1281 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1282 #ifdef CONFIG_IEEE80211R
1283 const u8 *ie, *md = NULL;
1284 #endif /* CONFIG_IEEE80211R */
1285 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1286 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1287 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1288 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1289 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1290 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1292 wpas_notify_bssid_changed(wpa_s);
1293 #ifdef CONFIG_IEEE80211R
1294 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1295 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1297 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1299 /* Prepare for the next transition */
1300 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1302 #endif /* CONFIG_IEEE80211R */
1304 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1305 wpa_s->conf->ap_scan == 2 &&
1306 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1307 /* Use ap_scan==1 style network selection to find the network
1309 wpa_s->scan_req = 2;
1310 wpa_s->reassociate = 1;
1311 wpa_supplicant_req_scan(wpa_s, 0, 0);
1313 #endif /* CONFIG_WPS */
1315 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1316 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1317 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1319 wpa_supplicant_cancel_sched_scan(wpa_s);
1320 wpa_supplicant_cancel_scan(wpa_s);
1322 /* Starting new association, so clear the possibly used WPA IE from the
1323 * previous association. */
1324 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1326 #ifdef IEEE8021X_EAPOL
1327 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1329 if (ssid->non_leap == 0)
1330 algs = WPA_AUTH_ALG_LEAP;
1332 algs |= WPA_AUTH_ALG_LEAP;
1335 #endif /* IEEE8021X_EAPOL */
1336 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1337 if (ssid->auth_alg) {
1338 algs = ssid->auth_alg;
1339 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1343 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1344 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1345 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1346 int try_opportunistic;
1347 try_opportunistic = ssid->proactive_key_caching &&
1348 (ssid->proto & WPA_PROTO_RSN);
1349 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1350 wpa_s->current_ssid,
1351 try_opportunistic) == 0)
1352 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1353 wpa_ie_len = sizeof(wpa_ie);
1354 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1355 wpa_ie, &wpa_ie_len)) {
1356 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1357 "key management and encryption suites");
1360 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1361 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1363 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1364 * use non-WPA since the scan results did not indicate that the
1365 * AP is using WPA or WPA2.
1367 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1369 wpa_s->wpa_proto = 0;
1370 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1371 wpa_ie_len = sizeof(wpa_ie);
1372 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1373 wpa_ie, &wpa_ie_len)) {
1374 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1375 "key management and encryption suites (no "
1380 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1381 struct wpabuf *wps_ie;
1382 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1383 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1384 wpa_ie_len = wpabuf_len(wps_ie);
1385 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1388 wpabuf_free(wps_ie);
1389 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1390 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1391 params.wps = WPS_MODE_PRIVACY;
1393 params.wps = WPS_MODE_OPEN;
1394 wpa_s->wpa_proto = 0;
1395 #endif /* CONFIG_WPS */
1397 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1399 wpa_s->wpa_proto = 0;
1403 if (wpa_s->global->p2p) {
1407 pos = wpa_ie + wpa_ie_len;
1408 len = sizeof(wpa_ie) - wpa_ie_len;
1409 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1415 wpa_s->cross_connect_disallowed = 0;
1418 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1420 wpa_s->cross_connect_disallowed =
1421 p2p_get_cross_connect_disallowed(p2p);
1423 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1425 wpa_s->cross_connect_disallowed ?
1426 "disallows" : "allows");
1429 #endif /* CONFIG_P2P */
1432 if (wpa_s->conf->hs20) {
1433 struct wpabuf *hs20;
1434 hs20 = wpabuf_alloc(20);
1436 wpas_hs20_add_indication(hs20);
1437 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1439 wpa_ie_len += wpabuf_len(hs20);
1443 #endif /* CONFIG_HS20 */
1445 #ifdef CONFIG_INTERWORKING
1446 if (wpa_s->conf->interworking) {
1448 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1450 os_memmove(pos + 6, pos, wpa_ie_len - (pos - wpa_ie));
1452 *pos++ = WLAN_EID_EXT_CAPAB;
1457 *pos++ = 0x80; /* Bit 31 - Interworking */
1459 #endif /* CONFIG_INTERWORKING */
1461 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1463 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1464 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1465 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1466 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1467 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1469 if (wpa_set_wep_keys(wpa_s, ssid)) {
1474 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1477 #ifdef IEEE8021X_EAPOL
1478 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1479 if ((ssid->eapol_flags &
1480 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1481 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1485 /* Assume that dynamic WEP-104 keys will be used and
1486 * set cipher suites in order for drivers to expect
1488 cipher_pairwise = cipher_group = CIPHER_WEP104;
1491 #endif /* IEEE8021X_EAPOL */
1493 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1494 /* Set the key before (and later after) association */
1495 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1498 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1500 params.ssid = bss->ssid;
1501 params.ssid_len = bss->ssid_len;
1502 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1503 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1504 MACSTR " freq=%u MHz based on scan results "
1506 MAC2STR(bss->bssid), bss->freq,
1508 params.bssid = bss->bssid;
1509 params.freq = bss->freq;
1512 params.ssid = ssid->ssid;
1513 params.ssid_len = ssid->ssid_len;
1516 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1517 wpa_s->conf->ap_scan == 2) {
1518 params.bssid = ssid->bssid;
1519 params.fixed_bssid = 1;
1522 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1524 params.freq = ssid->frequency; /* Initial channel for IBSS */
1525 params.wpa_ie = wpa_ie;
1526 params.wpa_ie_len = wpa_ie_len;
1527 params.pairwise_suite = cipher_pairwise;
1528 params.group_suite = cipher_group;
1529 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1530 params.wpa_proto = wpa_s->wpa_proto;
1531 params.auth_alg = algs;
1532 params.mode = ssid->mode;
1533 params.bg_scan_period = ssid->bg_scan_period;
1534 for (i = 0; i < NUM_WEP_KEYS; i++) {
1535 if (ssid->wep_key_len[i])
1536 params.wep_key[i] = ssid->wep_key[i];
1537 params.wep_key_len[i] = ssid->wep_key_len[i];
1539 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1541 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1542 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1543 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1544 params.passphrase = ssid->passphrase;
1546 params.psk = ssid->psk;
1549 params.drop_unencrypted = use_crypt;
1551 #ifdef CONFIG_IEEE80211W
1552 params.mgmt_frame_protection = ssid->ieee80211w;
1553 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1554 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1555 struct wpa_ie_data ie;
1556 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1558 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1559 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1560 "MFP: require MFP");
1561 params.mgmt_frame_protection =
1562 MGMT_FRAME_PROTECTION_REQUIRED;
1565 #endif /* CONFIG_IEEE80211W */
1567 params.p2p = ssid->p2p_group;
1569 if (wpa_s->parent->set_sta_uapsd)
1570 params.uapsd = wpa_s->parent->sta_uapsd;
1574 #ifdef CONFIG_HT_OVERRIDES
1575 os_memset(&htcaps, 0, sizeof(htcaps));
1576 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1577 params.htcaps = (u8 *) &htcaps;
1578 params.htcaps_mask = (u8 *) &htcaps_mask;
1579 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1580 #endif /* CONFIG_HT_OVERRIDES */
1583 /* If multichannel concurrency is not supported, check for any frequency
1584 * conflict and take appropriate action.
1586 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MULTI_CHANNEL_CONCURRENT) &&
1587 ((freq = wpa_drv_shared_freq(wpa_s)) > 0) && (freq != params.freq)) {
1588 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)"
1589 , freq, params.freq);
1590 if (wpas_p2p_handle_frequency_conflicts(wpa_s, params.freq) < 0) {
1591 /* Handling conflicts failed. Disable the current connect req and
1592 * notify the userspace to take appropriate action */
1593 wpa_printf(MSG_DEBUG, "proiritize is not set. Notifying user space to handle the case");
1594 wpa_supplicant_disable_network(wpa_s, ssid);
1595 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_FREQ_CONFLICT
1596 " id=%d", ssid->id);
1597 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1602 ret = wpa_drv_associate(wpa_s, ¶ms);
1604 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1606 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1608 * The driver is known to mean what is saying, so we
1609 * can stop right here; the association will not
1612 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1613 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1614 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1617 /* try to continue anyway; new association will be tried again
1622 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1623 /* Set the key after the association just in case association
1624 * cleared the previously configured key. */
1625 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1626 /* No need to timeout authentication since there is no key
1628 wpa_supplicant_cancel_auth_timeout(wpa_s);
1629 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1630 #ifdef CONFIG_IBSS_RSN
1631 } else if (ssid->mode == WPAS_MODE_IBSS &&
1632 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1633 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1635 * RSN IBSS authentication is per-STA and we can disable the
1636 * per-BSSID authentication.
1638 wpa_supplicant_cancel_auth_timeout(wpa_s);
1639 #endif /* CONFIG_IBSS_RSN */
1641 /* Timeout for IEEE 802.11 authentication and association */
1645 /* give IBSS a bit more time */
1646 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1647 } else if (wpa_s->conf->ap_scan == 1) {
1648 /* give IBSS a bit more time */
1649 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1651 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1654 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1655 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1656 /* Set static WEP keys again */
1657 wpa_set_wep_keys(wpa_s, ssid);
1660 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1662 * Do not allow EAP session resumption between different
1663 * network configurations.
1665 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1667 old_ssid = wpa_s->current_ssid;
1668 wpa_s->current_ssid = ssid;
1669 wpa_s->current_bss = bss;
1670 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1671 wpa_supplicant_initiate_eapol(wpa_s);
1672 if (old_ssid != wpa_s->current_ssid)
1673 wpas_notify_network_changed(wpa_s);
1677 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1680 struct wpa_ssid *old_ssid;
1682 wpa_clear_keys(wpa_s, addr);
1683 old_ssid = wpa_s->current_ssid;
1684 wpa_supplicant_mark_disassoc(wpa_s);
1685 wpa_sm_set_config(wpa_s->wpa, NULL);
1686 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1687 if (old_ssid != wpa_s->current_ssid)
1688 wpas_notify_network_changed(wpa_s);
1689 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1694 * wpa_supplicant_disassociate - Disassociate the current connection
1695 * @wpa_s: Pointer to wpa_supplicant data
1696 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1698 * This function is used to request %wpa_supplicant to disassociate with the
1701 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1705 union wpa_event_data event;
1707 if (!is_zero_ether_addr(wpa_s->bssid)) {
1708 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1709 addr = wpa_s->bssid;
1710 os_memset(&event, 0, sizeof(event));
1711 event.disassoc_info.reason_code = (u16) reason_code;
1712 event.disassoc_info.locally_generated = 1;
1713 wpa_supplicant_event(wpa_s, EVENT_DISASSOC, &event);
1716 wpa_supplicant_clear_connection(wpa_s, addr);
1721 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1722 * @wpa_s: Pointer to wpa_supplicant data
1723 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1725 * This function is used to request %wpa_supplicant to deauthenticate from the
1728 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1732 union wpa_event_data event;
1734 if (!is_zero_ether_addr(wpa_s->bssid)) {
1735 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
1736 addr = wpa_s->bssid;
1737 os_memset(&event, 0, sizeof(event));
1738 event.deauth_info.reason_code = (u16) reason_code;
1739 event.deauth_info.locally_generated = 1;
1740 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1743 wpa_supplicant_clear_connection(wpa_s, addr);
1748 * wpa_supplicant_enable_network - Mark a configured network as enabled
1749 * @wpa_s: wpa_supplicant structure for a network interface
1750 * @ssid: wpa_ssid structure for a configured network or %NULL
1752 * Enables the specified network or all networks if no network specified.
1754 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1755 struct wpa_ssid *ssid)
1757 struct wpa_ssid *other_ssid;
1761 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1762 other_ssid = other_ssid->next) {
1763 if (other_ssid->disabled == 2)
1764 continue; /* do not change persistent P2P group
1766 if (other_ssid == wpa_s->current_ssid &&
1767 other_ssid->disabled)
1768 wpa_s->reassociate = 1;
1770 was_disabled = other_ssid->disabled;
1772 other_ssid->disabled = 0;
1774 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1776 if (was_disabled != other_ssid->disabled)
1777 wpas_notify_network_enabled_changed(
1780 if (wpa_s->reassociate)
1781 wpa_supplicant_req_scan(wpa_s, 0, 0);
1782 } else if (ssid->disabled && ssid->disabled != 2) {
1783 if (wpa_s->current_ssid == NULL) {
1785 * Try to reassociate since there is no current
1786 * configuration and a new network was made available.
1788 wpa_s->reassociate = 1;
1789 wpa_supplicant_req_scan(wpa_s, 0, 0);
1792 was_disabled = ssid->disabled;
1795 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1797 if (was_disabled != ssid->disabled)
1798 wpas_notify_network_enabled_changed(wpa_s, ssid);
1804 * wpa_supplicant_disable_network - Mark a configured network as disabled
1805 * @wpa_s: wpa_supplicant structure for a network interface
1806 * @ssid: wpa_ssid structure for a configured network or %NULL
1808 * Disables the specified network or all networks if no network specified.
1810 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1811 struct wpa_ssid *ssid)
1813 struct wpa_ssid *other_ssid;
1817 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1818 other_ssid = other_ssid->next) {
1819 was_disabled = other_ssid->disabled;
1820 if (was_disabled == 2)
1821 continue; /* do not change persistent P2P group
1824 other_ssid->disabled = 1;
1826 if (was_disabled != other_ssid->disabled)
1827 wpas_notify_network_enabled_changed(
1830 if (wpa_s->current_ssid)
1831 wpa_supplicant_disassociate(
1832 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1833 } else if (ssid->disabled != 2) {
1834 if (ssid == wpa_s->current_ssid)
1835 wpa_supplicant_disassociate(
1836 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1838 was_disabled = ssid->disabled;
1842 if (was_disabled != ssid->disabled)
1843 wpas_notify_network_enabled_changed(wpa_s, ssid);
1849 * wpa_supplicant_select_network - Attempt association with a network
1850 * @wpa_s: wpa_supplicant structure for a network interface
1851 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1853 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1854 struct wpa_ssid *ssid)
1857 struct wpa_ssid *other_ssid;
1858 int disconnected = 0;
1860 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
1861 wpa_supplicant_disassociate(
1862 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1867 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1870 * Mark all other networks disabled or mark all networks enabled if no
1871 * network specified.
1873 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1874 other_ssid = other_ssid->next) {
1875 int was_disabled = other_ssid->disabled;
1876 if (was_disabled == 2)
1877 continue; /* do not change persistent P2P group data */
1879 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1880 if (was_disabled && !other_ssid->disabled)
1881 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1883 if (was_disabled != other_ssid->disabled)
1884 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1887 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1888 /* We are already associated with the selected network */
1889 wpa_printf(MSG_DEBUG, "Already associated with the "
1890 "selected network - do nothing");
1895 wpa_s->current_ssid = ssid;
1896 wpa_s->connect_without_scan = NULL;
1897 wpa_s->disconnected = 0;
1898 wpa_s->reassociate = 1;
1899 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
1902 wpas_notify_network_selected(wpa_s, ssid);
1907 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1908 * @wpa_s: wpa_supplicant structure for a network interface
1909 * @ap_scan: AP scan mode
1910 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1913 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1918 if (ap_scan < 0 || ap_scan > 2)
1922 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1923 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1924 wpa_s->wpa_state < WPA_COMPLETED) {
1925 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1926 "associating", wpa_s->conf->ap_scan, ap_scan);
1929 #endif /* ANDROID */
1931 old_ap_scan = wpa_s->conf->ap_scan;
1932 wpa_s->conf->ap_scan = ap_scan;
1934 if (old_ap_scan != wpa_s->conf->ap_scan)
1935 wpas_notify_ap_scan_changed(wpa_s);
1942 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1943 * @wpa_s: wpa_supplicant structure for a network interface
1944 * @expire_age: Expiration age in seconds
1945 * Returns: 0 if succeed or -1 if expire_age has an invalid value
1948 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1949 unsigned int bss_expire_age)
1951 if (bss_expire_age < 10) {
1952 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1956 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1958 wpa_s->conf->bss_expiration_age = bss_expire_age;
1965 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1966 * @wpa_s: wpa_supplicant structure for a network interface
1967 * @expire_count: number of scans after which an unseen BSS is reclaimed
1968 * Returns: 0 if succeed or -1 if expire_count has an invalid value
1971 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1972 unsigned int bss_expire_count)
1974 if (bss_expire_count < 1) {
1975 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1979 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
1981 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
1988 * wpa_supplicant_set_scan_interval - Set scan interval
1989 * @wpa_s: wpa_supplicant structure for a network interface
1990 * @scan_interval: scan interval in seconds
1991 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
1994 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
1997 if (scan_interval < 0) {
1998 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2002 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2004 wpa_s->scan_interval = scan_interval;
2011 * wpa_supplicant_set_debug_params - Set global debug params
2012 * @global: wpa_global structure
2013 * @debug_level: debug level
2014 * @debug_timestamp: determines if show timestamp in debug data
2015 * @debug_show_keys: determines if show keys in debug data
2016 * Returns: 0 if succeed or -1 if debug_level has wrong value
2018 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2019 int debug_timestamp, int debug_show_keys)
2022 int old_level, old_timestamp, old_show_keys;
2024 /* check for allowed debuglevels */
2025 if (debug_level != MSG_EXCESSIVE &&
2026 debug_level != MSG_MSGDUMP &&
2027 debug_level != MSG_DEBUG &&
2028 debug_level != MSG_INFO &&
2029 debug_level != MSG_WARNING &&
2030 debug_level != MSG_ERROR)
2033 old_level = wpa_debug_level;
2034 old_timestamp = wpa_debug_timestamp;
2035 old_show_keys = wpa_debug_show_keys;
2037 wpa_debug_level = debug_level;
2038 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2039 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2041 if (wpa_debug_level != old_level)
2042 wpas_notify_debug_level_changed(global);
2043 if (wpa_debug_timestamp != old_timestamp)
2044 wpas_notify_debug_timestamp_changed(global);
2045 if (wpa_debug_show_keys != old_show_keys)
2046 wpas_notify_debug_show_keys_changed(global);
2053 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2054 * @wpa_s: Pointer to wpa_supplicant data
2055 * Returns: A pointer to the current network structure or %NULL on failure
2057 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2059 struct wpa_ssid *entry;
2060 u8 ssid[MAX_SSID_LEN];
2066 res = wpa_drv_get_ssid(wpa_s, ssid);
2068 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2074 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2075 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2080 wired = wpa_s->conf->ap_scan == 0 &&
2081 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2083 entry = wpa_s->conf->ssid;
2085 if (!wpas_network_disabled(wpa_s, entry) &&
2086 ((ssid_len == entry->ssid_len &&
2087 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2088 (!entry->bssid_set ||
2089 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2092 if (!wpas_network_disabled(wpa_s, entry) &&
2093 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2094 (entry->ssid == NULL || entry->ssid_len == 0) &&
2095 (!entry->bssid_set ||
2096 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2098 #endif /* CONFIG_WPS */
2100 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2101 entry->ssid_len == 0 &&
2102 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2105 entry = entry->next;
2112 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2114 struct wpa_global *global = wpa_s->global;
2116 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2117 global->drv_priv[i] = wpa_drivers[i]->global_init();
2118 if (global->drv_priv[i] == NULL) {
2119 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2120 "'%s'", wpa_drivers[i]->name);
2125 wpa_s->driver = wpa_drivers[i];
2126 wpa_s->global_drv_priv = global->drv_priv[i];
2132 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2137 const char *pos, *driver = name;
2142 if (wpa_drivers[0] == NULL) {
2143 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2149 /* default to first driver in the list */
2150 return select_driver(wpa_s, 0);
2154 pos = os_strchr(driver, ',');
2158 len = os_strlen(driver);
2160 for (i = 0; wpa_drivers[i]; i++) {
2161 if (os_strlen(wpa_drivers[i]->name) == len &&
2162 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2164 /* First driver that succeeds wins */
2165 if (select_driver(wpa_s, i) == 0)
2173 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2179 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2180 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2181 * with struct wpa_driver_ops::init()
2182 * @src_addr: Source address of the EAPOL frame
2183 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2184 * @len: Length of the EAPOL data
2186 * This function is called for each received EAPOL frame. Most driver
2187 * interfaces rely on more generic OS mechanism for receiving frames through
2188 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2189 * take care of received EAPOL frames and deliver them to the core supplicant
2190 * code by calling this function.
2192 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2193 const u8 *buf, size_t len)
2195 struct wpa_supplicant *wpa_s = ctx;
2197 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2198 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2200 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
2202 * There is possible race condition between receiving the
2203 * association event and the EAPOL frame since they are coming
2204 * through different paths from the driver. In order to avoid
2205 * issues in trying to process the EAPOL frame before receiving
2206 * association information, lets queue it for processing until
2207 * the association event is received.
2209 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2210 "of received EAPOL frame");
2211 wpabuf_free(wpa_s->pending_eapol_rx);
2212 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2213 if (wpa_s->pending_eapol_rx) {
2214 os_get_time(&wpa_s->pending_eapol_rx_time);
2215 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2222 if (wpa_s->ap_iface) {
2223 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2226 #endif /* CONFIG_AP */
2228 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2229 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2230 "no key management is configured");
2234 if (wpa_s->eapol_received == 0 &&
2235 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2236 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2237 wpa_s->wpa_state != WPA_COMPLETED) &&
2238 (wpa_s->current_ssid == NULL ||
2239 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2240 /* Timeout for completing IEEE 802.1X and WPA authentication */
2241 wpa_supplicant_req_auth_timeout(
2243 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2244 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2245 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2248 wpa_s->eapol_received++;
2250 if (wpa_s->countermeasures) {
2251 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2256 #ifdef CONFIG_IBSS_RSN
2257 if (wpa_s->current_ssid &&
2258 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2259 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2262 #endif /* CONFIG_IBSS_RSN */
2264 /* Source address of the incoming EAPOL frame could be compared to the
2265 * current BSSID. However, it is possible that a centralized
2266 * Authenticator could be using another MAC address than the BSSID of
2267 * an AP, so just allow any address to be used for now. The replies are
2268 * still sent to the current BSSID (if available), though. */
2270 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2271 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2272 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2274 wpa_drv_poll(wpa_s);
2275 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2276 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2277 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2279 * Set portValid = TRUE here since we are going to skip 4-way
2280 * handshake processing which would normally set portValid. We
2281 * need this to allow the EAPOL state machines to be completed
2282 * without going through EAPOL-Key handshake.
2284 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2289 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2291 if (wpa_s->driver->send_eapol) {
2292 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2294 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2295 } else if (!(wpa_s->drv_flags &
2296 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2297 l2_packet_deinit(wpa_s->l2);
2298 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2299 wpa_drv_get_mac_addr(wpa_s),
2301 wpa_supplicant_rx_eapol, wpa_s, 0);
2302 if (wpa_s->l2 == NULL)
2305 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2307 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2310 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2311 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2315 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2316 MAC2STR(wpa_s->own_addr));
2317 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2323 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2324 const u8 *buf, size_t len)
2326 struct wpa_supplicant *wpa_s = ctx;
2327 const struct l2_ethhdr *eth;
2329 if (len < sizeof(*eth))
2331 eth = (const struct l2_ethhdr *) buf;
2333 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2334 !(eth->h_dest[0] & 0x01)) {
2335 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2336 " (bridge - not for this interface - ignore)",
2337 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2341 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2342 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2343 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2344 len - sizeof(*eth));
2349 * wpa_supplicant_driver_init - Initialize driver interface parameters
2350 * @wpa_s: Pointer to wpa_supplicant data
2351 * Returns: 0 on success, -1 on failure
2353 * This function is called to initialize driver interface parameters.
2354 * wpa_drv_init() must have been called before this function to initialize the
2357 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2359 static int interface_count = 0;
2361 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2364 if (wpa_s->bridge_ifname[0]) {
2365 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2366 "interface '%s'", wpa_s->bridge_ifname);
2367 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2370 wpa_supplicant_rx_eapol_bridge,
2372 if (wpa_s->l2_br == NULL) {
2373 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2374 "connection for the bridge interface '%s'",
2375 wpa_s->bridge_ifname);
2380 wpa_clear_keys(wpa_s, NULL);
2382 /* Make sure that TKIP countermeasures are not left enabled (could
2383 * happen if wpa_supplicant is killed during countermeasures. */
2384 wpa_drv_set_countermeasures(wpa_s, 0);
2386 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2387 wpa_drv_flush_pmkid(wpa_s);
2389 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2390 wpa_s->prev_scan_wildcard = 0;
2392 if (wpa_supplicant_enabled_networks(wpa_s)) {
2393 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2395 wpa_supplicant_req_scan(wpa_s, interface_count,
2399 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2405 static int wpa_supplicant_daemon(const char *pid_file)
2407 wpa_printf(MSG_DEBUG, "Daemonize..");
2408 return os_daemonize(pid_file);
2412 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2414 struct wpa_supplicant *wpa_s;
2416 wpa_s = os_zalloc(sizeof(*wpa_s));
2419 wpa_s->scan_req = 1;
2420 wpa_s->scan_interval = 5;
2421 wpa_s->new_connection = 1;
2422 wpa_s->parent = wpa_s;
2423 wpa_s->sched_scanning = 0;
2429 #ifdef CONFIG_HT_OVERRIDES
2431 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2432 struct ieee80211_ht_capabilities *htcaps,
2433 struct ieee80211_ht_capabilities *htcaps_mask,
2436 /* parse ht_mcs into hex array */
2438 const char *tmp = ht_mcs;
2441 /* If ht_mcs is null, do not set anything */
2445 /* This is what we are setting in the kernel */
2446 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2448 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2450 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2452 long v = strtol(tmp, &end, 16);
2454 wpa_msg(wpa_s, MSG_DEBUG,
2455 "htcap value[%i]: %ld end: %p tmp: %p",
2460 htcaps->supported_mcs_set[i] = v;
2463 wpa_msg(wpa_s, MSG_ERROR,
2464 "Failed to parse ht-mcs: %s, error: %s\n",
2465 ht_mcs, strerror(errno));
2471 * If we were able to parse any values, then set mask for the MCS set.
2474 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2475 IEEE80211_HT_MCS_MASK_LEN - 1);
2476 /* skip the 3 reserved bits */
2477 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2485 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2486 struct ieee80211_ht_capabilities *htcaps,
2487 struct ieee80211_ht_capabilities *htcaps_mask,
2492 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2497 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2498 htcaps_mask->ht_capabilities_info |= msk;
2500 htcaps->ht_capabilities_info &= msk;
2502 htcaps->ht_capabilities_info |= msk;
2508 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2509 struct ieee80211_ht_capabilities *htcaps,
2510 struct ieee80211_ht_capabilities *htcaps_mask,
2513 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2518 if (factor < 0 || factor > 3) {
2519 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2520 "Must be 0-3 or -1", factor);
2524 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2525 htcaps->a_mpdu_params &= ~0x3;
2526 htcaps->a_mpdu_params |= factor & 0x3;
2532 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2533 struct ieee80211_ht_capabilities *htcaps,
2534 struct ieee80211_ht_capabilities *htcaps_mask,
2537 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2542 if (density < 0 || density > 7) {
2543 wpa_msg(wpa_s, MSG_ERROR,
2544 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2549 htcaps_mask->a_mpdu_params |= 0x1C;
2550 htcaps->a_mpdu_params &= ~(0x1C);
2551 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2557 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2558 struct ieee80211_ht_capabilities *htcaps,
2559 struct ieee80211_ht_capabilities *htcaps_mask,
2562 /* Masking these out disables HT40 */
2563 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2564 HT_CAP_INFO_SHORT_GI40MHZ);
2566 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2569 htcaps->ht_capabilities_info &= ~msk;
2571 htcaps->ht_capabilities_info |= msk;
2573 htcaps_mask->ht_capabilities_info |= msk;
2579 void wpa_supplicant_apply_ht_overrides(
2580 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2581 struct wpa_driver_associate_params *params)
2583 struct ieee80211_ht_capabilities *htcaps;
2584 struct ieee80211_ht_capabilities *htcaps_mask;
2589 params->disable_ht = ssid->disable_ht;
2590 if (!params->htcaps || !params->htcaps_mask)
2593 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2594 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2595 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2596 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2597 ssid->disable_max_amsdu);
2598 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2599 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2600 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2603 #endif /* CONFIG_HT_OVERRIDES */
2606 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2611 if (!wpa_s->conf->pcsc_reader)
2614 wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader);
2618 if (wpa_s->conf->pcsc_pin &&
2619 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2620 scard_deinit(wpa_s->scard);
2621 wpa_s->scard = NULL;
2622 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2626 len = sizeof(wpa_s->imsi) - 1;
2627 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2628 scard_deinit(wpa_s->scard);
2629 wpa_s->scard = NULL;
2630 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2633 wpa_s->imsi[len] = '\0';
2635 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2637 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2638 wpa_s->imsi, wpa_s->mnc_len);
2640 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2641 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2642 #endif /* PCSC_FUNCS */
2648 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2652 ext_password_deinit(wpa_s->ext_pw);
2653 wpa_s->ext_pw = NULL;
2654 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2656 if (!wpa_s->conf->ext_password_backend)
2659 val = os_strdup(wpa_s->conf->ext_password_backend);
2662 pos = os_strchr(val, ':');
2666 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2668 wpa_s->ext_pw = ext_password_init(val, pos);
2670 if (wpa_s->ext_pw == NULL) {
2671 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2674 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2680 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2681 struct wpa_interface *iface)
2683 const char *ifname, *driver;
2684 struct wpa_driver_capa capa;
2686 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2687 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2688 iface->confname ? iface->confname : "N/A",
2689 iface->driver ? iface->driver : "default",
2690 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2691 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2693 if (iface->confname) {
2694 #ifdef CONFIG_BACKEND_FILE
2695 wpa_s->confname = os_rel2abs_path(iface->confname);
2696 if (wpa_s->confname == NULL) {
2697 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2698 "for configuration file '%s'.",
2702 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2703 iface->confname, wpa_s->confname);
2704 #else /* CONFIG_BACKEND_FILE */
2705 wpa_s->confname = os_strdup(iface->confname);
2706 #endif /* CONFIG_BACKEND_FILE */
2707 wpa_s->conf = wpa_config_read(wpa_s->confname);
2708 if (wpa_s->conf == NULL) {
2709 wpa_printf(MSG_ERROR, "Failed to read or parse "
2710 "configuration '%s'.", wpa_s->confname);
2715 * Override ctrl_interface and driver_param if set on command
2718 if (iface->ctrl_interface) {
2719 os_free(wpa_s->conf->ctrl_interface);
2720 wpa_s->conf->ctrl_interface =
2721 os_strdup(iface->ctrl_interface);
2724 if (iface->driver_param) {
2725 os_free(wpa_s->conf->driver_param);
2726 wpa_s->conf->driver_param =
2727 os_strdup(iface->driver_param);
2730 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2731 iface->driver_param);
2733 if (wpa_s->conf == NULL) {
2734 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2738 if (iface->ifname == NULL) {
2739 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2742 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2743 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2747 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2749 if (iface->bridge_ifname) {
2750 if (os_strlen(iface->bridge_ifname) >=
2751 sizeof(wpa_s->bridge_ifname)) {
2752 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2753 "name '%s'.", iface->bridge_ifname);
2756 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2757 sizeof(wpa_s->bridge_ifname));
2760 /* RSNA Supplicant Key Management - INITIALIZE */
2761 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2762 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2764 /* Initialize driver interface and register driver event handler before
2765 * L2 receive handler so that association events are processed before
2766 * EAPOL-Key packets if both become available for the same select()
2768 driver = iface->driver;
2770 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2773 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2774 if (wpa_s->drv_priv == NULL) {
2776 pos = driver ? os_strchr(driver, ',') : NULL;
2778 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2779 "driver interface - try next driver wrapper");
2783 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2787 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2788 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2789 "driver_param '%s'", wpa_s->conf->driver_param);
2793 ifname = wpa_drv_get_ifname(wpa_s);
2794 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2795 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2796 "interface name with '%s'", ifname);
2797 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2800 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2803 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2804 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2806 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2808 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2809 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2810 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2811 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2812 "dot11RSNAConfigPMKLifetime");
2816 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2817 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2818 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2819 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2820 "dot11RSNAConfigPMKReauthThreshold");
2824 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2825 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2826 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2827 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2828 "dot11RSNAConfigSATimeout");
2832 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2833 &wpa_s->hw.num_modes,
2836 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2837 wpa_s->drv_capa_known = 1;
2838 wpa_s->drv_flags = capa.flags;
2839 wpa_s->drv_enc = capa.enc;
2840 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
2841 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2842 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2843 wpa_s->sched_scan_supported = capa.sched_scan_supported;
2844 wpa_s->max_match_sets = capa.max_match_sets;
2845 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2846 wpa_s->max_stations = capa.max_stations;
2848 if (wpa_s->max_remain_on_chan == 0)
2849 wpa_s->max_remain_on_chan = 1000;
2851 if (wpa_supplicant_driver_init(wpa_s) < 0)
2855 if (wpa_tdls_init(wpa_s->wpa))
2857 #endif /* CONFIG_TDLS */
2859 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2860 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2861 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2865 if (wpas_wps_init(wpa_s))
2868 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2870 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2872 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2873 if (wpa_s->ctrl_iface == NULL) {
2874 wpa_printf(MSG_ERROR,
2875 "Failed to initialize control interface '%s'.\n"
2876 "You may have another wpa_supplicant process "
2877 "already running or the file was\n"
2878 "left by an unclean termination of wpa_supplicant "
2879 "in which case you will need\n"
2880 "to manually remove this file before starting "
2881 "wpa_supplicant again.\n",
2882 wpa_s->conf->ctrl_interface);
2886 wpa_s->gas = gas_query_init(wpa_s);
2887 if (wpa_s->gas == NULL) {
2888 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
2893 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2894 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2897 #endif /* CONFIG_P2P */
2899 if (wpa_bss_init(wpa_s) < 0)
2902 if (pcsc_reader_init(wpa_s) < 0)
2905 if (wpas_init_ext_pw(wpa_s) < 0)
2912 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2913 int notify, int terminate)
2915 if (wpa_s->drv_priv) {
2916 wpa_supplicant_deauthenticate(wpa_s,
2917 WLAN_REASON_DEAUTH_LEAVING);
2919 wpa_drv_set_countermeasures(wpa_s, 0);
2920 wpa_clear_keys(wpa_s, NULL);
2923 wpa_supplicant_cleanup(wpa_s);
2926 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
2927 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
2928 "the management interface is being removed");
2929 wpas_p2p_deinit_global(wpa_s->global);
2931 #endif /* CONFIG_P2P */
2933 if (wpa_s->drv_priv)
2934 wpa_drv_deinit(wpa_s);
2937 wpas_notify_iface_removed(wpa_s);
2940 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
2942 if (wpa_s->ctrl_iface) {
2943 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
2944 wpa_s->ctrl_iface = NULL;
2947 if (wpa_s->conf != NULL) {
2948 wpa_config_free(wpa_s->conf);
2955 * wpa_supplicant_add_iface - Add a new network interface
2956 * @global: Pointer to global data from wpa_supplicant_init()
2957 * @iface: Interface configuration options
2958 * Returns: Pointer to the created interface or %NULL on failure
2960 * This function is used to add new network interfaces for %wpa_supplicant.
2961 * This can be called before wpa_supplicant_run() to add interfaces before the
2962 * main event loop has been started. In addition, new interfaces can be added
2963 * dynamically while %wpa_supplicant is already running. This could happen,
2964 * e.g., when a hotplug network adapter is inserted.
2966 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2967 struct wpa_interface *iface)
2969 struct wpa_supplicant *wpa_s;
2970 struct wpa_interface t_iface;
2971 struct wpa_ssid *ssid;
2973 if (global == NULL || iface == NULL)
2976 wpa_s = wpa_supplicant_alloc();
2980 wpa_s->global = global;
2983 if (global->params.override_driver) {
2984 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2986 iface->driver, global->params.override_driver);
2987 t_iface.driver = global->params.override_driver;
2989 if (global->params.override_ctrl_interface) {
2990 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2991 "ctrl_interface ('%s' -> '%s')",
2992 iface->ctrl_interface,
2993 global->params.override_ctrl_interface);
2994 t_iface.ctrl_interface =
2995 global->params.override_ctrl_interface;
2997 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2998 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3000 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3005 /* Notify the control interfaces about new iface */
3006 if (wpas_notify_iface_added(wpa_s)) {
3007 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3012 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3013 wpas_notify_network_added(wpa_s, ssid);
3015 wpa_s->next = global->ifaces;
3016 global->ifaces = wpa_s;
3018 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3019 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3026 * wpa_supplicant_remove_iface - Remove a network interface
3027 * @global: Pointer to global data from wpa_supplicant_init()
3028 * @wpa_s: Pointer to the network interface to be removed
3029 * Returns: 0 if interface was removed, -1 if interface was not found
3031 * This function can be used to dynamically remove network interfaces from
3032 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3033 * addition, this function is used to remove all remaining interfaces when
3034 * %wpa_supplicant is terminated.
3036 int wpa_supplicant_remove_iface(struct wpa_global *global,
3037 struct wpa_supplicant *wpa_s,
3040 struct wpa_supplicant *prev;
3042 /* Remove interface from the global list of interfaces */
3043 prev = global->ifaces;
3044 if (prev == wpa_s) {
3045 global->ifaces = wpa_s->next;
3047 while (prev && prev->next != wpa_s)
3051 prev->next = wpa_s->next;
3054 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3056 if (global->p2p_group_formation == wpa_s)
3057 global->p2p_group_formation = NULL;
3058 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3066 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3067 * @wpa_s: Pointer to the network interface
3068 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3070 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3072 const char *eapol_method;
3074 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3075 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3079 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3080 if (eapol_method == NULL)
3081 return "UNKNOWN-EAP";
3083 return eapol_method;
3088 * wpa_supplicant_get_iface - Get a new network interface
3089 * @global: Pointer to global data from wpa_supplicant_init()
3090 * @ifname: Interface name
3091 * Returns: Pointer to the interface or %NULL if not found
3093 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3096 struct wpa_supplicant *wpa_s;
3098 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3099 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3106 #ifndef CONFIG_NO_WPA_MSG
3107 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3109 struct wpa_supplicant *wpa_s = ctx;
3112 return wpa_s->ifname;
3114 #endif /* CONFIG_NO_WPA_MSG */
3118 * wpa_supplicant_init - Initialize %wpa_supplicant
3119 * @params: Parameters for %wpa_supplicant
3120 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3122 * This function is used to initialize %wpa_supplicant. After successful
3123 * initialization, the returned data pointer can be used to add and remove
3124 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3126 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3128 struct wpa_global *global;
3134 #ifdef CONFIG_DRIVER_NDIS
3136 void driver_ndis_init_ops(void);
3137 driver_ndis_init_ops();
3139 #endif /* CONFIG_DRIVER_NDIS */
3141 #ifndef CONFIG_NO_WPA_MSG
3142 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3143 #endif /* CONFIG_NO_WPA_MSG */
3145 wpa_debug_open_file(params->wpa_debug_file_path);
3146 if (params->wpa_debug_syslog)
3147 wpa_debug_open_syslog();
3148 if (params->wpa_debug_tracing) {
3149 ret = wpa_debug_open_linux_tracing();
3151 wpa_printf(MSG_ERROR,
3152 "Failed to enable trace logging");
3157 ret = eap_register_methods();
3159 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3161 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3162 "the same EAP type.");
3166 global = os_zalloc(sizeof(*global));
3169 dl_list_init(&global->p2p_srv_bonjour);
3170 dl_list_init(&global->p2p_srv_upnp);
3171 global->params.daemonize = params->daemonize;
3172 global->params.wait_for_monitor = params->wait_for_monitor;
3173 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3174 if (params->pid_file)
3175 global->params.pid_file = os_strdup(params->pid_file);
3176 if (params->ctrl_interface)
3177 global->params.ctrl_interface =
3178 os_strdup(params->ctrl_interface);
3179 if (params->override_driver)
3180 global->params.override_driver =
3181 os_strdup(params->override_driver);
3182 if (params->override_ctrl_interface)
3183 global->params.override_ctrl_interface =
3184 os_strdup(params->override_ctrl_interface);
3185 wpa_debug_level = global->params.wpa_debug_level =
3186 params->wpa_debug_level;
3187 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3188 params->wpa_debug_show_keys;
3189 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3190 params->wpa_debug_timestamp;
3192 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3195 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3196 wpa_supplicant_deinit(global);
3200 random_init(params->entropy_file);
3202 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3203 if (global->ctrl_iface == NULL) {
3204 wpa_supplicant_deinit(global);
3208 if (wpas_notify_supplicant_initialized(global)) {
3209 wpa_supplicant_deinit(global);
3213 for (i = 0; wpa_drivers[i]; i++)
3214 global->drv_count++;
3215 if (global->drv_count == 0) {
3216 wpa_printf(MSG_ERROR, "No drivers enabled");
3217 wpa_supplicant_deinit(global);
3220 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3221 if (global->drv_priv == NULL) {
3222 wpa_supplicant_deinit(global);
3226 #ifdef CONFIG_WIFI_DISPLAY
3227 if (wifi_display_init(global) < 0) {
3228 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3229 wpa_supplicant_deinit(global);
3232 #endif /* CONFIG_WIFI_DISPLAY */
3239 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3240 * @global: Pointer to global data from wpa_supplicant_init()
3241 * Returns: 0 after successful event loop run, -1 on failure
3243 * This function starts the main event loop and continues running as long as
3244 * there are any remaining events. In most cases, this function is running as
3245 * long as the %wpa_supplicant process in still in use.
3247 int wpa_supplicant_run(struct wpa_global *global)
3249 struct wpa_supplicant *wpa_s;
3251 if (global->params.daemonize &&
3252 wpa_supplicant_daemon(global->params.pid_file))
3255 if (global->params.wait_for_monitor) {
3256 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3257 if (wpa_s->ctrl_iface)
3258 wpa_supplicant_ctrl_iface_wait(
3262 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3263 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3272 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3273 * @global: Pointer to global data from wpa_supplicant_init()
3275 * This function is called to deinitialize %wpa_supplicant and to free all
3276 * allocated resources. Remaining network interfaces will also be removed.
3278 void wpa_supplicant_deinit(struct wpa_global *global)
3285 #ifdef CONFIG_WIFI_DISPLAY
3286 wifi_display_deinit(global);
3287 #endif /* CONFIG_WIFI_DISPLAY */
3289 wpas_p2p_deinit_global(global);
3290 #endif /* CONFIG_P2P */
3292 while (global->ifaces)
3293 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3295 if (global->ctrl_iface)
3296 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3298 wpas_notify_supplicant_deinitialized(global);
3300 eap_peer_unregister_methods();
3302 eap_server_unregister_methods();
3303 #endif /* CONFIG_AP */
3305 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3306 if (!global->drv_priv[i])
3308 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3310 os_free(global->drv_priv);
3316 if (global->params.pid_file) {
3317 os_daemonize_terminate(global->params.pid_file);
3318 os_free(global->params.pid_file);
3320 os_free(global->params.ctrl_interface);
3321 os_free(global->params.override_driver);
3322 os_free(global->params.override_ctrl_interface);
3324 os_free(global->p2p_disallow_freq);
3327 wpa_debug_close_syslog();
3328 wpa_debug_close_file();
3329 wpa_debug_close_linux_tracing();
3333 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3335 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3336 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3338 country[0] = wpa_s->conf->country[0];
3339 country[1] = wpa_s->conf->country[1];
3341 if (wpa_drv_set_country(wpa_s, country) < 0) {
3342 wpa_printf(MSG_ERROR, "Failed to set country code "
3347 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3348 wpas_init_ext_pw(wpa_s);
3351 wpas_wps_update_config(wpa_s);
3352 #endif /* CONFIG_WPS */
3355 wpas_p2p_update_config(wpa_s);
3356 #endif /* CONFIG_P2P */
3358 wpa_s->conf->changed_parameters = 0;
3362 static void add_freq(int *freqs, int *num_freqs, int freq)
3366 for (i = 0; i < *num_freqs; i++) {
3367 if (freqs[i] == freq)
3371 freqs[*num_freqs] = freq;
3376 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3378 struct wpa_bss *bss, *cbss;
3379 const int max_freqs = 10;
3383 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3387 cbss = wpa_s->current_bss;
3389 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3392 if (bss->ssid_len == cbss->ssid_len &&
3393 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3394 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3395 add_freq(freqs, &num_freqs, bss->freq);
3396 if (num_freqs == max_freqs)
3401 if (num_freqs == 0) {
3410 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3417 * Remove possible authentication timeout since the connection failed.
3419 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3422 * Add the failed BSSID into the blacklist and speed up next scan
3423 * attempt if there could be other APs that could accept association.
3424 * The current blacklist count indicates how many times we have tried
3425 * connecting to this AP and multiple attempts mean that other APs are
3426 * either not available or has already been tried, so that we can start
3427 * increasing the delay here to avoid constant scanning.
3429 count = wpa_blacklist_add(wpa_s, bssid);
3430 if (count == 1 && wpa_s->current_bss) {
3432 * This BSS was not in the blacklist before. If there is
3433 * another BSS available for the same ESS, we should try that
3434 * next. Otherwise, we may as well try this one once more
3435 * before allowing other, likely worse, ESSes to be considered.
3437 freqs = get_bss_freqs_in_ess(wpa_s);
3439 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3440 "has been seen; try it next");
3441 wpa_blacklist_add(wpa_s, bssid);
3443 * On the next scan, go through only the known channels
3444 * used in this ESS based on previous scans to speed up
3445 * common load balancing use case.
3447 os_free(wpa_s->next_scan_freqs);
3448 wpa_s->next_scan_freqs = freqs;
3467 * TODO: if more than one possible AP is available in scan results,
3468 * could try the other ones before requesting a new scan.
3470 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3471 1000 * (timeout % 1000));
3474 if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
3475 wpa_s->global->p2p != NULL) {
3476 wpa_s->global->p2p_cb_on_scan_complete = 0;
3477 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
3478 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
3479 "continued after failed association");
3482 #endif /* CONFIG_P2P */
3486 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3488 return wpa_s->conf->ap_scan == 2 ||
3489 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3493 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3494 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3495 struct wpa_ssid *ssid,
3499 #ifdef IEEE8021X_EAPOL
3500 struct eap_peer_config *eap = &ssid->eap;
3502 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3503 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3504 (const u8 *) value, os_strlen(value));
3506 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3507 case WPA_CTRL_REQ_EAP_IDENTITY:
3508 os_free(eap->identity);
3509 eap->identity = (u8 *) os_strdup(value);
3510 eap->identity_len = os_strlen(value);
3511 eap->pending_req_identity = 0;
3512 if (ssid == wpa_s->current_ssid)
3513 wpa_s->reassociate = 1;
3515 case WPA_CTRL_REQ_EAP_PASSWORD:
3516 os_free(eap->password);
3517 eap->password = (u8 *) os_strdup(value);
3518 eap->password_len = os_strlen(value);
3519 eap->pending_req_password = 0;
3520 if (ssid == wpa_s->current_ssid)
3521 wpa_s->reassociate = 1;
3523 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3524 os_free(eap->new_password);
3525 eap->new_password = (u8 *) os_strdup(value);
3526 eap->new_password_len = os_strlen(value);
3527 eap->pending_req_new_password = 0;
3528 if (ssid == wpa_s->current_ssid)
3529 wpa_s->reassociate = 1;
3531 case WPA_CTRL_REQ_EAP_PIN:
3533 eap->pin = os_strdup(value);
3534 eap->pending_req_pin = 0;
3535 if (ssid == wpa_s->current_ssid)
3536 wpa_s->reassociate = 1;
3538 case WPA_CTRL_REQ_EAP_OTP:
3540 eap->otp = (u8 *) os_strdup(value);
3541 eap->otp_len = os_strlen(value);
3542 os_free(eap->pending_req_otp);
3543 eap->pending_req_otp = NULL;
3544 eap->pending_req_otp_len = 0;
3546 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3547 os_free(eap->private_key_passwd);
3548 eap->private_key_passwd = (u8 *) os_strdup(value);
3549 eap->pending_req_passphrase = 0;
3550 if (ssid == wpa_s->current_ssid)
3551 wpa_s->reassociate = 1;
3554 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3559 #else /* IEEE8021X_EAPOL */
3560 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3562 #endif /* IEEE8021X_EAPOL */
3564 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
3567 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3570 unsigned int drv_enc;
3578 if (wpa_s && wpa_s->drv_capa_known)
3579 drv_enc = wpa_s->drv_enc;
3581 drv_enc = (unsigned int) -1;
3583 for (i = 0; i < NUM_WEP_KEYS; i++) {
3584 size_t len = ssid->wep_key_len[i];
3587 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3589 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3591 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3593 return 1; /* invalid WEP key */
3596 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3604 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3606 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3608 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3614 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3616 struct wpa_ssid *ssid = wpa_s->current_ssid;
3621 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3626 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3629 ssid->auth_failures++;
3630 if (ssid->auth_failures > 50)
3632 else if (ssid->auth_failures > 20)
3634 else if (ssid->auth_failures > 10)
3636 else if (ssid->auth_failures > 5)
3638 else if (ssid->auth_failures > 1)
3644 if (now.sec + dur <= ssid->disabled_until.sec)
3647 ssid->disabled_until.sec = now.sec + dur;
3649 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
3650 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
3651 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
3652 ssid->auth_failures, dur);
3656 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
3657 struct wpa_ssid *ssid, int clear_failures)
3662 if (ssid->disabled_until.sec) {
3663 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
3664 "id=%d ssid=\"%s\"",
3665 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3667 ssid->disabled_until.sec = 0;
3668 ssid->disabled_until.usec = 0;
3670 ssid->auth_failures = 0;