3 * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
26 #include "wpa_supplicant.h"
28 #include "l2_packet.h"
29 #include "wpa_supplicant_i.h"
30 #include "ctrl_iface.h"
31 #include "ctrl_iface_dbus.h"
32 #include "pcsc_funcs.h"
35 #include "pmksa_cache.h"
39 #include <cutils/properties.h>
42 const char *wpa_supplicant_version =
43 "wpa_supplicant v" VERSION_STR "\n"
44 "Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> and contributors";
46 const char *wpa_supplicant_license =
47 "This program is free software. You can distribute it and/or modify it\n"
48 "under the terms of the GNU General Public License version 2.\n"
50 "Alternatively, this software may be distributed under the terms of the\n"
51 "BSD license. See README and COPYING for more details.\n"
52 #ifdef EAP_TLS_OPENSSL
53 "\nThis product includes software developed by the OpenSSL Project\n"
54 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
55 #endif /* EAP_TLS_OPENSSL */
58 #ifndef CONFIG_NO_STDOUT_DEBUG
59 /* Long text divided into parts in order to fit in C89 strings size limits. */
60 const char *wpa_supplicant_full_license1 =
61 "This program is free software; you can redistribute it and/or modify\n"
62 "it under the terms of the GNU General Public License version 2 as\n"
63 "published by the Free Software Foundation.\n"
65 "This program is distributed in the hope that it will be useful,\n"
66 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
67 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
68 "GNU General Public License for more details.\n"
70 const char *wpa_supplicant_full_license2 =
71 "You should have received a copy of the GNU General Public License\n"
72 "along with this program; if not, write to the Free Software\n"
73 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
75 "Alternatively, this software may be distributed under the terms of the\n"
78 "Redistribution and use in source and binary forms, with or without\n"
79 "modification, are permitted provided that the following conditions are\n"
82 const char *wpa_supplicant_full_license3 =
83 "1. Redistributions of source code must retain the above copyright\n"
84 " notice, this list of conditions and the following disclaimer.\n"
86 "2. Redistributions in binary form must reproduce the above copyright\n"
87 " notice, this list of conditions and the following disclaimer in the\n"
88 " documentation and/or other materials provided with the distribution.\n"
90 const char *wpa_supplicant_full_license4 =
91 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
92 " names of its contributors may be used to endorse or promote products\n"
93 " derived from this software without specific prior written permission.\n"
95 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
96 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
97 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
98 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
99 const char *wpa_supplicant_full_license5 =
100 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
101 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
102 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
103 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
104 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
105 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
106 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
108 #endif /* CONFIG_NO_STDOUT_DEBUG */
110 extern struct wpa_driver_ops *wpa_supplicant_drivers[];
112 extern int wpa_debug_level;
113 extern int wpa_debug_show_keys;
114 extern int wpa_debug_timestamp;
116 static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx);
118 #if defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA)
119 static u8 * wpa_alloc_eapol(const struct wpa_supplicant *wpa_s, u8 type,
120 const void *data, u16 data_len,
121 size_t *msg_len, void **data_pos)
123 struct ieee802_1x_hdr *hdr;
125 *msg_len = sizeof(*hdr) + data_len;
126 hdr = os_malloc(*msg_len);
130 hdr->version = wpa_s->conf->eapol_version;
132 hdr->length = host_to_be16(data_len);
135 os_memcpy(hdr + 1, data, data_len);
137 os_memset(hdr + 1, 0, data_len);
147 * wpa_ether_send - Send Ethernet frame
148 * @wpa_s: Pointer to wpa_supplicant data
149 * @dest: Destination MAC address
150 * @proto: Ethertype in host byte order
151 * @buf: Frame payload starting from IEEE 802.1X header
152 * @len: Frame payload length
153 * Returns: >=0 on success, <0 on failure
155 static int wpa_ether_send(struct wpa_supplicant *wpa_s, const u8 *dest,
156 u16 proto, const u8 *buf, size_t len)
159 return l2_packet_send(wpa_s->l2, dest, proto, buf, len);
162 return wpa_drv_send_eapol(wpa_s, dest, proto, buf, len);
164 #endif /* IEEE8021X_EAPOL || !CONFIG_NO_WPA */
167 #ifdef IEEE8021X_EAPOL
169 * wpa_supplicant_eapol_send - Send IEEE 802.1X EAPOL packet to Authenticator
170 * @ctx: Pointer to wpa_supplicant data (wpa_s)
171 * @type: IEEE 802.1X packet type (IEEE802_1X_TYPE_*)
172 * @buf: EAPOL payload (after IEEE 802.1X header)
173 * @len: EAPOL payload length
174 * Returns: >=0 on success, <0 on failure
176 * This function adds Ethernet and IEEE 802.1X header and sends the EAPOL frame
177 * to the current Authenticator.
179 static int wpa_supplicant_eapol_send(void *ctx, int type, const u8 *buf,
182 struct wpa_supplicant *wpa_s = ctx;
183 u8 *msg, *dst, bssid[ETH_ALEN];
187 /* TODO: could add l2_packet_sendmsg that allows fragments to avoid
190 if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK ||
191 wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
192 /* Current SSID is not using IEEE 802.1X/EAP, so drop possible
193 * EAPOL frames (mainly, EAPOL-Start) from EAPOL state
195 wpa_printf(MSG_DEBUG, "WPA: drop TX EAPOL in non-IEEE 802.1X "
196 "mode (type=%d len=%lu)", type,
197 (unsigned long) len);
201 if (pmksa_cache_get_current(wpa_s->wpa) &&
202 type == IEEE802_1X_TYPE_EAPOL_START) {
203 /* Trying to use PMKSA caching - do not send EAPOL-Start frames
204 * since they will trigger full EAPOL authentication. */
205 wpa_printf(MSG_DEBUG, "RSN: PMKSA caching - do not send "
210 if (os_memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0)
212 wpa_printf(MSG_DEBUG, "BSSID not set when trying to send an "
214 if (wpa_drv_get_bssid(wpa_s, bssid) == 0 &&
215 os_memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) !=
218 wpa_printf(MSG_DEBUG, "Using current BSSID " MACSTR
219 " from the driver as the EAPOL destination",
222 dst = wpa_s->last_eapol_src;
223 wpa_printf(MSG_DEBUG, "Using the source address of the"
224 " last received EAPOL frame " MACSTR " as "
225 "the EAPOL destination",
229 /* BSSID was already set (from (Re)Assoc event, so use it as
230 * the EAPOL destination. */
234 msg = wpa_alloc_eapol(wpa_s, type, buf, len, &msglen, NULL);
238 wpa_hexdump(MSG_MSGDUMP, "TX EAPOL", msg, msglen);
239 res = wpa_ether_send(wpa_s, dst, ETH_P_EAPOL, msg, msglen);
246 * wpa_eapol_set_wep_key - set WEP key for the driver
247 * @ctx: Pointer to wpa_supplicant data (wpa_s)
248 * @unicast: 1 = individual unicast key, 0 = broadcast key
249 * @keyidx: WEP key index (0..3)
250 * @key: Pointer to key data
251 * @keylen: Key length in bytes
252 * Returns: 0 on success or < 0 on error.
254 static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
255 const u8 *key, size_t keylen)
257 struct wpa_supplicant *wpa_s = ctx;
258 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
259 int cipher = (keylen == 5) ? WPA_CIPHER_WEP40 :
262 wpa_s->pairwise_cipher = cipher;
264 wpa_s->group_cipher = cipher;
266 return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
267 unicast ? wpa_s->bssid :
268 (u8 *) "\xff\xff\xff\xff\xff\xff",
269 keyidx, unicast, (u8 *) "", 0, key, keylen);
273 static void wpa_supplicant_aborted_cached(void *ctx)
275 struct wpa_supplicant *wpa_s = ctx;
276 wpa_sm_aborted_cached(wpa_s->wpa);
279 #endif /* IEEE8021X_EAPOL */
282 #if defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA)
283 static void wpa_supplicant_set_config_blob(void *ctx,
284 struct wpa_config_blob *blob)
286 struct wpa_supplicant *wpa_s = ctx;
287 wpa_config_set_blob(wpa_s->conf, blob);
291 static const struct wpa_config_blob *
292 wpa_supplicant_get_config_blob(void *ctx, const char *name)
294 struct wpa_supplicant *wpa_s = ctx;
295 return wpa_config_get_blob(wpa_s->conf, name);
297 #endif /* defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA) */
300 /* Configure default/group WEP key for static WEP */
301 static int wpa_set_wep_key(void *ctx, int set_tx, int keyidx, const u8 *key,
304 struct wpa_supplicant *wpa_s = ctx;
305 return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
306 (u8 *) "\xff\xff\xff\xff\xff\xff",
307 keyidx, set_tx, (u8 *) "", 0, key, keylen);
311 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
312 struct wpa_ssid *ssid)
319 /* IBSS/WPA-None uses only one key (Group) for both receiving and
320 * sending unicast and multicast packets. */
322 if (ssid->mode != IEEE80211_MODE_IBSS) {
323 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
324 "for WPA-None", ssid->mode);
328 if (!ssid->psk_set) {
329 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
333 switch (wpa_s->group_cipher) {
334 case WPA_CIPHER_CCMP:
335 os_memcpy(key, ssid->psk, 16);
339 case WPA_CIPHER_TKIP:
340 /* WPA-None uses the same Michael MIC key for both TX and RX */
341 os_memcpy(key, ssid->psk, 16 + 8);
342 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
347 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
348 "WPA-None", wpa_s->group_cipher);
352 /* TODO: should actually remember the previously used seq#, both for TX
353 * and RX from each STA.. */
355 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
356 0, 1, seq, 6, key, keylen);
360 #ifdef IEEE8021X_EAPOL
361 static void wpa_supplicant_notify_eapol_done(void *ctx)
363 struct wpa_supplicant *wpa_s = ctx;
364 wpa_msg(wpa_s, MSG_DEBUG, "WPA: EAPOL processing complete");
365 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X) {
366 wpa_supplicant_set_state(wpa_s, WPA_4WAY_HANDSHAKE);
368 wpa_supplicant_cancel_auth_timeout(wpa_s);
369 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
372 #endif /* IEEE8021X_EAPOL */
376 * wpa_blacklist_get - Get the blacklist entry for a BSSID
377 * @wpa_s: Pointer to wpa_supplicant data
379 * Returns: Matching blacklist entry for the BSSID or %NULL if not found
381 struct wpa_blacklist * wpa_blacklist_get(struct wpa_supplicant *wpa_s,
384 struct wpa_blacklist *e;
386 e = wpa_s->blacklist;
388 if (os_memcmp(e->bssid, bssid, ETH_ALEN) == 0)
398 * wpa_blacklist_add - Add an BSSID to the blacklist
399 * @wpa_s: Pointer to wpa_supplicant data
400 * @bssid: BSSID to be added to the blacklist
401 * Returns: 0 on success, -1 on failure
403 * This function adds the specified BSSID to the blacklist or increases the
404 * blacklist count if the BSSID was already listed. It should be called when
405 * an association attempt fails either due to the selected BSS rejecting
406 * association or due to timeout.
408 * This blacklist is used to force %wpa_supplicant to go through all available
409 * BSSes before retrying to associate with an BSS that rejected or timed out
410 * association. It does not prevent the listed BSS from being used; it only
411 * changes the order in which they are tried.
413 int wpa_blacklist_add(struct wpa_supplicant *wpa_s, const u8 *bssid)
415 struct wpa_blacklist *e;
417 e = wpa_blacklist_get(wpa_s, bssid);
420 wpa_printf(MSG_DEBUG, "BSSID " MACSTR " blacklist count "
422 MAC2STR(bssid), e->count);
426 e = os_zalloc(sizeof(*e));
429 os_memcpy(e->bssid, bssid, ETH_ALEN);
431 e->next = wpa_s->blacklist;
432 wpa_s->blacklist = e;
433 wpa_printf(MSG_DEBUG, "Added BSSID " MACSTR " into blacklist",
440 static int wpa_blacklist_del(struct wpa_supplicant *wpa_s, const u8 *bssid)
442 struct wpa_blacklist *e, *prev = NULL;
444 e = wpa_s->blacklist;
446 if (os_memcmp(e->bssid, bssid, ETH_ALEN) == 0) {
448 wpa_s->blacklist = e->next;
450 prev->next = e->next;
452 wpa_printf(MSG_DEBUG, "Removed BSSID " MACSTR " from "
453 "blacklist", MAC2STR(bssid));
465 * wpa_blacklist_clear - Clear the blacklist of all entries
466 * @wpa_s: Pointer to wpa_supplicant data
468 void wpa_blacklist_clear(struct wpa_supplicant *wpa_s)
470 struct wpa_blacklist *e, *prev;
472 e = wpa_s->blacklist;
473 wpa_s->blacklist = NULL;
477 wpa_printf(MSG_DEBUG, "Removed BSSID " MACSTR " from "
478 "blacklist (clear)", MAC2STR(prev->bssid));
485 * wpa_supplicant_req_scan - Schedule a scan for neighboring access points
486 * @wpa_s: Pointer to wpa_supplicant data
487 * @sec: Number of seconds after which to scan
488 * @usec: Number of microseconds after which to scan
490 * This function is used to schedule a scan for neighboring access points after
491 * the specified time.
493 void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
495 /* If there's at least one network that should be specifically scanned
496 * then don't cancel the scan and reschedule. Some drivers do
497 * background scanning which generates frequent scan results, and that
498 * causes the specific SSID scan to get continually pushed back and
499 * never happen, which causes hidden APs to never get probe-scanned.
501 if (eloop_is_timeout_registered(wpa_supplicant_scan, wpa_s, NULL) &&
502 wpa_s->conf->ap_scan == 1) {
503 struct wpa_ssid *ssid = wpa_s->conf->ssid;
506 if (!ssid->disabled && ssid->scan_ssid)
511 wpa_msg(wpa_s, MSG_DEBUG, "Not rescheduling scan to "
512 "ensure that specific SSID scans occur");
517 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan request: %d sec %d usec",
519 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
520 eloop_register_timeout(sec, usec, wpa_supplicant_scan, wpa_s, NULL);
525 * wpa_supplicant_cancel_scan - Cancel a scheduled scan request
526 * @wpa_s: Pointer to wpa_supplicant data
528 * This function is used to cancel a scan request scheduled with
529 * wpa_supplicant_req_scan().
531 void wpa_supplicant_cancel_scan(struct wpa_supplicant *wpa_s)
533 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling scan request");
534 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
538 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
540 struct wpa_supplicant *wpa_s = eloop_ctx;
541 const u8 *bssid = wpa_s->bssid;
542 if (os_memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0)
543 bssid = wpa_s->pending_bssid;
544 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
546 wpa_blacklist_add(wpa_s, bssid);
547 wpa_sm_notify_disassoc(wpa_s->wpa);
548 wpa_supplicant_disassociate(wpa_s, REASON_DEAUTH_LEAVING);
549 wpa_s->reassociate = 1;
550 wpa_supplicant_req_scan(wpa_s, 0, 0);
555 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
556 * @wpa_s: Pointer to wpa_supplicant data
557 * @sec: Number of seconds after which to time out authentication
558 * @usec: Number of microseconds after which to time out authentication
560 * This function is used to schedule a timeout for the current authentication
563 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
566 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
567 wpa_s->driver && os_strcmp(wpa_s->driver->name, "wired") == 0)
570 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
571 "%d usec", sec, usec);
572 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
573 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
578 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
579 * @wpa_s: Pointer to wpa_supplicant data
581 * This function is used to cancel authentication timeout scheduled with
582 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
585 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
587 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
588 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
589 wpa_blacklist_del(wpa_s, wpa_s->bssid);
594 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
595 * @wpa_s: Pointer to wpa_supplicant data
597 * This function is used to configure EAPOL state machine based on the selected
598 * authentication mode.
600 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
602 #ifdef IEEE8021X_EAPOL
603 struct eapol_config eapol_conf;
604 struct wpa_ssid *ssid = wpa_s->current_ssid;
606 if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK) {
607 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
608 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
610 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
611 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
612 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
614 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
616 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
617 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
618 eapol_conf.accept_802_1x_keys = 1;
619 eapol_conf.required_keys = 0;
620 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
621 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
623 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
624 eapol_conf.required_keys |=
625 EAPOL_REQUIRE_KEY_BROADCAST;
628 if (wpa_s->conf && wpa_s->driver &&
629 os_strcmp(wpa_s->driver->name, "wired") == 0) {
630 eapol_conf.required_keys = 0;
634 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
635 eapol_conf.workaround = ssid->eap_workaround;
636 eapol_conf.eap_disabled = wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X &&
637 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA;
638 eapol_sm_notify_config(wpa_s->eapol, ssid, &eapol_conf);
639 #endif /* IEEE8021X_EAPOL */
644 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
645 * @wpa_s: Pointer to wpa_supplicant data
646 * @ssid: Configuration data for the network
648 * This function is used to configure WPA state machine and related parameters
649 * to a mode where WPA is not enabled. This is called as part of the
650 * authentication configuration when the selected network does not use WPA.
652 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
653 struct wpa_ssid *ssid)
657 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
658 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
660 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
661 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
662 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
663 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
664 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
665 wpa_s->group_cipher = WPA_CIPHER_NONE;
666 wpa_s->mgmt_group_cipher = 0;
668 for (i = 0; i < NUM_WEP_KEYS; i++) {
669 if (ssid->wep_key_len[i] > 5) {
670 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
671 wpa_s->group_cipher = WPA_CIPHER_WEP104;
673 } else if (ssid->wep_key_len[i] > 0) {
674 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
675 wpa_s->group_cipher = WPA_CIPHER_WEP40;
680 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
681 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
682 wpa_s->pairwise_cipher);
683 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
684 #ifdef CONFIG_IEEE80211W
685 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
686 wpa_s->mgmt_group_cipher);
687 #endif /* CONFIG_IEEE80211W */
689 pmksa_cache_clear_current(wpa_s->wpa);
693 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
695 scard_deinit(wpa_s->scard);
697 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
698 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
699 l2_packet_deinit(wpa_s->l2);
702 l2_packet_deinit(wpa_s->l2_br);
706 if (wpa_s->ctrl_iface) {
707 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
708 wpa_s->ctrl_iface = NULL;
710 if (wpa_s->conf != NULL) {
711 wpa_config_free(wpa_s->conf);
715 os_free(wpa_s->confname);
716 wpa_s->confname = NULL;
718 wpa_sm_set_eapol(wpa_s->wpa, NULL);
719 eapol_sm_deinit(wpa_s->eapol);
722 rsn_preauth_deinit(wpa_s->wpa);
724 pmksa_candidate_free(wpa_s->wpa);
725 wpa_sm_deinit(wpa_s->wpa);
727 wpa_blacklist_clear(wpa_s);
729 os_free(wpa_s->scan_results);
730 wpa_s->scan_results = NULL;
731 wpa_s->num_scan_results = 0;
733 wpa_supplicant_cancel_scan(wpa_s);
734 wpa_supplicant_cancel_auth_timeout(wpa_s);
736 ieee80211_sta_deinit(wpa_s);
741 * wpa_clear_keys - Clear keys configured for the driver
742 * @wpa_s: Pointer to wpa_supplicant data
743 * @addr: Previously used BSSID or %NULL if not available
745 * This function clears the encryption keys that has been previously configured
748 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
750 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
752 if (wpa_s->keys_cleared) {
753 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
754 * timing issues with keys being cleared just before new keys
755 * are set or just after association or something similar. This
756 * shows up in group key handshake failing often because of the
757 * client not receiving the first encrypted packets correctly.
758 * Skipping some of the extra key clearing steps seems to help
759 * in completing group key handshake more reliably. */
760 wpa_printf(MSG_DEBUG, "No keys have been configured - "
761 "skip key clearing");
765 /* MLME-DELETEKEYS.request */
766 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
767 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
768 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
769 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
771 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
773 /* MLME-SETPROTECTION.request(None) */
774 wpa_drv_mlme_setprotection(
776 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
777 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
779 wpa_s->keys_cleared = 1;
784 * wpa_supplicant_state_txt - Get the connection state name as a text string
785 * @state: State (wpa_state; WPA_*)
786 * Returns: The state name as a printable text string
788 const char * wpa_supplicant_state_txt(int state)
791 case WPA_DISCONNECTED:
792 return "DISCONNECTED";
797 case WPA_ASSOCIATING:
798 return "ASSOCIATING";
801 case WPA_4WAY_HANDSHAKE:
802 return "4WAY_HANDSHAKE";
803 case WPA_GROUP_HANDSHAKE:
804 return "GROUP_HANDSHAKE";
814 * wpa_supplicant_set_state - Set current connection state
815 * @wpa_s: Pointer to wpa_supplicant data
816 * @state: The new connection state
818 * This function is called whenever the connection state changes, e.g.,
819 * association is completed for WPA/WPA2 4-Way Handshake is started.
821 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
825 if (wpa_s && wpa_s->current_ssid) {
826 network_id = wpa_s->current_ssid->id;
828 wpa_states reported_state = state;
829 if (state == WPA_DISCONNECTED && wpa_s->disconnected) {
830 reported_state = WPA_IDLE;
833 wpa_printf(MSG_DEBUG, "State: %s -> %s",
834 wpa_supplicant_state_txt(wpa_s->wpa_state),
835 wpa_supplicant_state_txt(state));
837 wpa_supplicant_dbus_notify_state_change(wpa_s, state,
840 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_STATE_CHANGE "id=%d state=%d",
841 network_id, reported_state); /* Dm: */
843 if (state == WPA_COMPLETED && wpa_s->new_connection) {
844 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
845 struct wpa_ssid *ssid = wpa_s->current_ssid;
846 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
847 MACSTR " completed %s [id=%d id_str=%s]",
848 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
849 "(reauth)" : "(auth)",
850 ssid ? ssid->id : -1,
851 ssid && ssid->id_str ? ssid->id_str : "");
852 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
853 wpa_s->new_connection = 0;
854 wpa_s->reassociated_connection = 1;
855 wpa_drv_set_operstate(wpa_s, 1);
856 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
857 state == WPA_ASSOCIATED) {
858 wpa_s->new_connection = 1;
859 wpa_drv_set_operstate(wpa_s, 0);
861 wpa_s->wpa_state = state;
866 * wpa_supplicant_get_state - Get the connection state
867 * @wpa_s: Pointer to wpa_supplicant data
868 * Returns: The current connection state (WPA_*)
870 wpa_states wpa_supplicant_get_state(struct wpa_supplicant *wpa_s)
872 return wpa_s->wpa_state;
876 static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
879 struct wpa_global *global = eloop_ctx;
880 struct wpa_supplicant *wpa_s;
881 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
882 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
889 static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
891 wpa_s->pairwise_cipher = 0;
892 wpa_s->group_cipher = 0;
893 wpa_s->mgmt_group_cipher = 0;
895 wpa_s->wpa_state = WPA_DISCONNECTED;
900 * wpa_supplicant_reload_configuration - Reload configuration data
901 * @wpa_s: Pointer to wpa_supplicant data
902 * Returns: 0 on success or -1 if configuration parsing failed
904 * This function can be used to request that the configuration data is reloaded
905 * (e.g., after configuration file change). This function is reloading
906 * configuration only for one interface, so this may need to be called multiple
907 * times if %wpa_supplicant is controlling multiple interfaces and all
908 * interfaces need reconfiguration.
910 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
912 struct wpa_config *conf;
914 if (wpa_s->confname == NULL)
916 conf = wpa_config_read(wpa_s->confname);
918 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
919 "file '%s' - exiting", wpa_s->confname);
923 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
924 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
925 os_strcmp(conf->ctrl_interface,
926 wpa_s->conf->ctrl_interface) != 0);
928 if (reconf_ctrl && wpa_s->ctrl_iface) {
929 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
930 wpa_s->ctrl_iface = NULL;
933 eapol_sm_invalidate_cached_session(wpa_s->eapol);
934 wpa_s->current_ssid = NULL;
936 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
937 * pkcs11_engine_path, pkcs11_module_path.
939 if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK) {
941 * Clear forced success to clear EAP state for next
944 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
946 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
947 wpa_sm_set_config(wpa_s->wpa, NULL);
948 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
949 rsn_preauth_deinit(wpa_s->wpa);
950 wpa_config_free(wpa_s->conf);
953 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
955 wpa_supplicant_clear_status(wpa_s);
956 wpa_s->reassociate = 1;
957 wpa_supplicant_req_scan(wpa_s, 0, 0);
958 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
963 static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
966 struct wpa_global *global = eloop_ctx;
967 struct wpa_supplicant *wpa_s;
968 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
969 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
970 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
977 static void wpa_supplicant_gen_assoc_event(struct wpa_supplicant *wpa_s)
979 struct wpa_ssid *ssid;
980 union wpa_event_data data;
982 ssid = wpa_supplicant_get_ssid(wpa_s);
986 if (wpa_s->current_ssid == NULL)
987 wpa_s->current_ssid = ssid;
988 wpa_supplicant_initiate_eapol(wpa_s);
989 wpa_printf(MSG_DEBUG, "Already associated with a configured network - "
990 "generating associated event");
991 os_memset(&data, 0, sizeof(data));
992 wpa_supplicant_event(wpa_s, EVENT_ASSOC, &data);
996 static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
998 struct wpa_supplicant *wpa_s = eloop_ctx;
999 struct wpa_ssid *ssid;
1000 int enabled, scan_req = 0, ret;
1002 if (wpa_s->disconnected && !wpa_s->scan_req)
1006 ssid = wpa_s->conf->ssid;
1008 if (!ssid->disabled) {
1014 if (!enabled && !wpa_s->scan_req) {
1015 wpa_printf(MSG_DEBUG, "No enabled networks - do not scan");
1016 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
1019 scan_req = wpa_s->scan_req;
1020 wpa_s->scan_req = 0;
1022 if (wpa_s->conf->ap_scan != 0 &&
1023 wpa_s->driver && os_strcmp(wpa_s->driver->name, "wired") == 0) {
1024 wpa_printf(MSG_DEBUG, "Using wired driver - overriding "
1025 "ap_scan configuration");
1026 wpa_s->conf->ap_scan = 0;
1029 if (wpa_s->conf->ap_scan == 0) {
1030 wpa_supplicant_gen_assoc_event(wpa_s);
1034 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
1035 wpa_s->wpa_state == WPA_INACTIVE)
1036 wpa_supplicant_set_state(wpa_s, WPA_SCANNING);
1038 ssid = wpa_s->conf->ssid;
1039 if (wpa_s->prev_scan_ssid != BROADCAST_SSID_SCAN) {
1041 if (ssid == wpa_s->prev_scan_ssid) {
1049 if (!ssid->disabled &&
1050 (ssid->scan_ssid || wpa_s->conf->ap_scan == 2))
1055 if (scan_req != 2 && wpa_s->conf->ap_scan == 2) {
1057 * ap_scan=2 mode - try to associate with each SSID instead of
1058 * scanning for each scan_ssid=1 network.
1061 wpa_printf(MSG_DEBUG, "wpa_supplicant_scan: Reached "
1062 "end of scan list - go back to beginning");
1063 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
1064 wpa_supplicant_req_scan(wpa_s, 0, 0);
1068 /* Continue from the next SSID on the next attempt. */
1069 wpa_s->prev_scan_ssid = ssid;
1071 /* Start from the beginning of the SSID list. */
1072 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
1074 wpa_supplicant_associate(wpa_s, NULL, ssid);
1078 wpa_printf(MSG_DEBUG, "Starting AP scan (%s SSID)",
1079 ssid ? "specific": "broadcast");
1081 wpa_hexdump_ascii(MSG_DEBUG, "Scan SSID",
1082 ssid->ssid, ssid->ssid_len);
1083 wpa_s->prev_scan_ssid = ssid;
1085 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
1087 if (wpa_s->scan_res_tried == 0 && wpa_s->conf->ap_scan == 1) {
1088 wpa_s->scan_res_tried++;
1089 wpa_s->scan_req = scan_req;
1090 wpa_printf(MSG_DEBUG, "Trying to get current scan results "
1091 "first without requesting a new scan to speed up "
1092 "initial association");
1093 wpa_supplicant_event(wpa_s, EVENT_SCAN_RESULTS, NULL);
1097 if (wpa_s->use_client_mlme) {
1098 ret = ieee80211_sta_req_scan(wpa_s, ssid ? ssid->ssid : NULL,
1099 ssid ? ssid->ssid_len : 0);
1101 ret = wpa_drv_scan(wpa_s, ssid ? ssid->ssid : NULL,
1102 ssid ? ssid->ssid_len : 0);
1105 wpa_printf(MSG_WARNING, "Failed to initiate AP scan.");
1106 wpa_supplicant_req_scan(wpa_s, 10, 0);
1111 static wpa_cipher cipher_suite2driver(int cipher)
1114 case WPA_CIPHER_NONE:
1116 case WPA_CIPHER_WEP40:
1117 return CIPHER_WEP40;
1118 case WPA_CIPHER_WEP104:
1119 return CIPHER_WEP104;
1120 case WPA_CIPHER_CCMP:
1122 case WPA_CIPHER_TKIP:
1129 static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
1132 case WPA_KEY_MGMT_NONE:
1133 return KEY_MGMT_NONE;
1134 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
1135 return KEY_MGMT_802_1X_NO_WPA;
1136 case WPA_KEY_MGMT_IEEE8021X:
1137 return KEY_MGMT_802_1X;
1138 case WPA_KEY_MGMT_WPA_NONE:
1139 return KEY_MGMT_WPA_NONE;
1140 case WPA_KEY_MGMT_PSK:
1142 return KEY_MGMT_PSK;
1147 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1148 struct wpa_ssid *ssid,
1149 struct wpa_ie_data *ie)
1151 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1154 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1155 "from association info");
1160 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
1162 if (!(ie->group_cipher & ssid->group_cipher)) {
1163 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1164 "cipher 0x%x (mask 0x%x) - reject",
1165 ie->group_cipher, ssid->group_cipher);
1168 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1169 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1170 "cipher 0x%x (mask 0x%x) - reject",
1171 ie->pairwise_cipher, ssid->pairwise_cipher);
1174 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1175 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1176 "management 0x%x (mask 0x%x) - reject",
1177 ie->key_mgmt, ssid->key_mgmt);
1181 #ifdef CONFIG_IEEE80211W
1182 if (!(ie->capabilities & WPA_CAPABILITY_MGMT_FRAME_PROTECTION) &&
1183 ssid->ieee80211w == IEEE80211W_REQUIRED) {
1184 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1185 "that does not support management frame protection - "
1189 #endif /* CONFIG_IEEE80211W */
1196 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1197 * @wpa_s: Pointer to wpa_supplicant data
1198 * @bss: Scan results for the selected BSS, or %NULL if not available
1199 * @ssid: Configuration data for the selected network
1200 * @wpa_ie: Buffer for the WPA/RSN IE
1201 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1202 * used buffer length in case the functions returns success.
1203 * Returns: 0 on success or -1 on failure
1205 * This function is used to configure authentication and encryption parameters
1206 * based on the network configuration and scan result for the selected BSS (if
1209 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1210 struct wpa_scan_result *bss,
1211 struct wpa_ssid *ssid,
1212 u8 *wpa_ie, size_t *wpa_ie_len)
1214 struct wpa_ie_data ie;
1217 if (bss && bss->rsn_ie_len && (ssid->proto & WPA_PROTO_RSN) &&
1218 wpa_parse_wpa_ie(bss->rsn_ie, bss->rsn_ie_len, &ie) == 0 &&
1219 (ie.group_cipher & ssid->group_cipher) &&
1220 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1221 (ie.key_mgmt & ssid->key_mgmt)) {
1222 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1223 proto = WPA_PROTO_RSN;
1224 } else if (bss && bss->wpa_ie_len && (ssid->proto & WPA_PROTO_WPA) &&
1225 wpa_parse_wpa_ie(bss->wpa_ie, bss->wpa_ie_len, &ie) == 0 &&
1226 (ie.group_cipher & ssid->group_cipher) &&
1227 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1228 (ie.key_mgmt & ssid->key_mgmt)) {
1229 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1230 proto = WPA_PROTO_WPA;
1232 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1235 if (ssid->proto & WPA_PROTO_RSN)
1236 proto = WPA_PROTO_RSN;
1238 proto = WPA_PROTO_WPA;
1239 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1240 os_memset(&ie, 0, sizeof(ie));
1241 ie.group_cipher = ssid->group_cipher;
1242 ie.pairwise_cipher = ssid->pairwise_cipher;
1243 ie.key_mgmt = ssid->key_mgmt;
1244 #ifdef CONFIG_IEEE80211W
1245 ie.mgmt_group_cipher =
1246 ssid->ieee80211w != NO_IEEE80211W ?
1247 WPA_CIPHER_AES_128_CMAC : 0;
1248 #endif /* CONFIG_IEEE80211W */
1249 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
1250 "on configuration");
1255 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1256 "pairwise %d key_mgmt %d proto %d",
1257 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1258 #ifdef CONFIG_IEEE80211W
1259 if (ssid->ieee80211w) {
1260 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1261 ie.mgmt_group_cipher);
1263 #endif /* CONFIG_IEEE80211W */
1265 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1267 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss ? bss->wpa_ie : NULL,
1268 bss ? bss->wpa_ie_len : 0) ||
1269 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss ? bss->rsn_ie : NULL,
1270 bss ? bss->rsn_ie_len : 0))
1273 sel = ie.group_cipher & ssid->group_cipher;
1274 if (sel & WPA_CIPHER_CCMP) {
1275 wpa_s->group_cipher = WPA_CIPHER_CCMP;
1276 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
1277 } else if (sel & WPA_CIPHER_TKIP) {
1278 wpa_s->group_cipher = WPA_CIPHER_TKIP;
1279 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
1280 } else if (sel & WPA_CIPHER_WEP104) {
1281 wpa_s->group_cipher = WPA_CIPHER_WEP104;
1282 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
1283 } else if (sel & WPA_CIPHER_WEP40) {
1284 wpa_s->group_cipher = WPA_CIPHER_WEP40;
1285 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
1287 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
1291 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1292 if (sel & WPA_CIPHER_CCMP) {
1293 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
1294 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
1295 } else if (sel & WPA_CIPHER_TKIP) {
1296 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
1297 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
1298 } else if (sel & WPA_CIPHER_NONE) {
1299 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1300 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
1302 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
1307 sel = ie.key_mgmt & ssid->key_mgmt;
1308 if (sel & WPA_KEY_MGMT_IEEE8021X) {
1309 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1310 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1311 } else if (sel & WPA_KEY_MGMT_PSK) {
1312 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1313 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1314 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1315 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1316 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1318 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
1319 "key management type.");
1323 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1324 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1325 wpa_s->pairwise_cipher);
1326 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1328 #ifdef CONFIG_IEEE80211W
1329 sel = ie.mgmt_group_cipher;
1330 if (ssid->ieee80211w == NO_IEEE80211W ||
1331 !(ie.capabilities & WPA_CAPABILITY_MGMT_FRAME_PROTECTION))
1333 if (sel & WPA_CIPHER_AES_128_CMAC) {
1334 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1335 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1338 wpa_s->mgmt_group_cipher = 0;
1339 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1341 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1342 wpa_s->mgmt_group_cipher);
1343 #endif /* CONFIG_IEEE80211W */
1345 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1346 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
1350 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
1351 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1353 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1360 * wpa_supplicant_associate - Request association
1361 * @wpa_s: Pointer to wpa_supplicant data
1362 * @bss: Scan results for the selected BSS, or %NULL if not available
1363 * @ssid: Configuration data for the selected network
1365 * This function is used to request %wpa_supplicant to associate with a BSS.
1367 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1368 struct wpa_scan_result *bss,
1369 struct wpa_ssid *ssid)
1373 int use_crypt, ret, i;
1374 int algs = AUTH_ALG_OPEN_SYSTEM;
1375 wpa_cipher cipher_pairwise, cipher_group;
1376 struct wpa_driver_associate_params params;
1377 int wep_keys_set = 0;
1378 struct wpa_driver_capa capa;
1379 int assoc_failed = 0;
1381 wpa_s->reassociate = 0;
1383 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1384 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1385 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1386 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1387 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1389 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1390 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1391 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1393 wpa_supplicant_cancel_scan(wpa_s);
1395 /* Starting new association, so clear the possibly used WPA IE from the
1396 * previous association. */
1397 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1399 #ifdef IEEE8021X_EAPOL
1400 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1402 if (ssid->non_leap == 0)
1403 algs = AUTH_ALG_LEAP;
1405 algs |= AUTH_ALG_LEAP;
1408 #endif /* IEEE8021X_EAPOL */
1409 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1410 if (ssid->auth_alg) {
1412 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
1413 algs |= AUTH_ALG_OPEN_SYSTEM;
1414 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
1415 algs |= AUTH_ALG_SHARED_KEY;
1416 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
1417 algs |= AUTH_ALG_LEAP;
1418 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
1421 wpa_drv_set_auth_alg(wpa_s, algs);
1423 if (bss && (bss->wpa_ie_len || bss->rsn_ie_len) &&
1424 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK))) {
1425 int try_opportunistic;
1426 try_opportunistic = ssid->proactive_key_caching &&
1427 (ssid->proto & WPA_PROTO_RSN);
1428 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1429 wpa_s->current_ssid,
1430 try_opportunistic) == 0)
1431 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1432 wpa_ie_len = sizeof(wpa_ie);
1433 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1434 wpa_ie, &wpa_ie_len)) {
1435 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1436 "management and encryption suites");
1439 } else if (ssid->key_mgmt &
1440 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1441 WPA_KEY_MGMT_WPA_NONE)) {
1442 wpa_ie_len = sizeof(wpa_ie);
1443 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1444 wpa_ie, &wpa_ie_len)) {
1445 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1446 "management and encryption suites (no scan "
1451 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1455 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1457 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1458 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1459 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1460 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1461 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1463 for (i = 0; i < NUM_WEP_KEYS; i++) {
1464 if (ssid->wep_key_len[i]) {
1467 wpa_set_wep_key(wpa_s,
1468 i == ssid->wep_tx_keyidx,
1469 i, ssid->wep_key[i],
1470 ssid->wep_key_len[i]);
1475 #ifdef IEEE8021X_EAPOL
1476 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1477 if ((ssid->eapol_flags &
1478 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1479 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1483 /* Assume that dynamic WEP-104 keys will be used and
1484 * set cipher suites in order for drivers to expect
1486 cipher_pairwise = cipher_group = CIPHER_WEP104;
1489 #endif /* IEEE8021X_EAPOL */
1491 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1492 /* Set the key before (and later after) association */
1493 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1496 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
1497 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1498 os_memset(¶ms, 0, sizeof(params));
1500 params.bssid = bss->bssid;
1501 params.ssid = bss->ssid;
1502 params.ssid_len = bss->ssid_len;
1503 params.freq = bss->freq;
1505 params.ssid = ssid->ssid;
1506 params.ssid_len = ssid->ssid_len;
1508 if (ssid->mode == 1 && ssid->frequency > 0 && params.freq == 0)
1509 params.freq = ssid->frequency; /* Initial channel for IBSS */
1510 params.wpa_ie = wpa_ie;
1511 params.wpa_ie_len = wpa_ie_len;
1512 params.pairwise_suite = cipher_pairwise;
1513 params.group_suite = cipher_group;
1514 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1515 params.auth_alg = algs;
1516 params.mode = ssid->mode;
1517 for (i = 0; i < NUM_WEP_KEYS; i++) {
1518 if (ssid->wep_key_len[i])
1519 params.wep_key[i] = ssid->wep_key[i];
1520 params.wep_key_len[i] = ssid->wep_key_len[i];
1522 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1524 #ifdef CONFIG_IEEE80211W
1525 switch (ssid->ieee80211w) {
1527 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
1529 case IEEE80211W_OPTIONAL:
1530 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_OPTIONAL;
1532 case IEEE80211W_REQUIRED:
1533 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED;
1536 #endif /* CONFIG_IEEE80211W */
1538 if (wpa_s->use_client_mlme)
1539 ret = ieee80211_sta_associate(wpa_s, ¶ms);
1541 ret = wpa_drv_associate(wpa_s, ¶ms);
1543 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1545 /* try to continue anyway; new association will be tried again
1550 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1551 /* Set the key after the association just in case association
1552 * cleared the previously configured key. */
1553 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1554 /* No need to timeout authentication since there is no key
1556 wpa_supplicant_cancel_auth_timeout(wpa_s);
1557 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1559 /* Timeout for IEEE 802.11 authentication and association */
1563 /* give IBSS a bit more time */
1564 timeout = ssid->mode ? 10 : 5;
1565 } else if (wpa_s->conf->ap_scan == 1) {
1566 /* give IBSS a bit more time */
1567 timeout = ssid->mode ? 20 : 10;
1569 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1572 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1573 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1574 /* Set static WEP keys again */
1576 for (j = 0; j < NUM_WEP_KEYS; j++) {
1577 if (ssid->wep_key_len[j]) {
1578 wpa_set_wep_key(wpa_s,
1579 j == ssid->wep_tx_keyidx,
1580 j, ssid->wep_key[j],
1581 ssid->wep_key_len[j]);
1586 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1588 * Do not allow EAP session resumption between different
1589 * network configurations.
1591 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1593 wpa_s->current_ssid = ssid;
1594 wpa_sm_set_config(wpa_s->wpa, wpa_s->current_ssid);
1595 wpa_supplicant_initiate_eapol(wpa_s);
1600 * wpa_supplicant_disassociate - Disassociate the current connection
1601 * @wpa_s: Pointer to wpa_supplicant data
1602 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1604 * This function is used to request %wpa_supplicant to disassociate with the
1607 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1611 if (os_memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0)
1613 if (wpa_s->use_client_mlme)
1614 ieee80211_sta_disassociate(wpa_s, reason_code);
1616 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1617 addr = wpa_s->bssid;
1619 wpa_clear_keys(wpa_s, addr);
1620 wpa_supplicant_mark_disassoc(wpa_s);
1621 wpa_s->current_ssid = NULL;
1622 wpa_sm_set_config(wpa_s->wpa, NULL);
1623 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1628 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1629 * @wpa_s: Pointer to wpa_supplicant data
1630 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1632 * This function is used to request %wpa_supplicant to disassociate with the
1635 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1639 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1640 if (os_memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0)
1642 if (wpa_s->use_client_mlme)
1643 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1645 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1647 addr = wpa_s->bssid;
1649 wpa_clear_keys(wpa_s, addr);
1650 wpa_s->current_ssid = NULL;
1651 wpa_sm_set_config(wpa_s->wpa, NULL);
1652 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1653 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1654 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1659 * wpa_supplicant_get_scan_results - Get scan results
1660 * @wpa_s: Pointer to wpa_supplicant data
1661 * Returns: 0 on success, -1 on failure
1663 * This function is request the current scan results from the driver and stores
1664 * a local copy of the results in wpa_s->scan_results.
1666 int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
1668 #define SCAN_AP_LIMIT 128
1669 struct wpa_scan_result *results, *tmp;
1672 results = os_malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
1673 if (results == NULL) {
1674 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
1679 if (wpa_s->use_client_mlme) {
1680 num = ieee80211_sta_get_scan_results(wpa_s, results,
1683 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
1684 wpa_printf(MSG_DEBUG, "Scan results: %d", num);
1686 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1690 if (num > SCAN_AP_LIMIT) {
1691 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
1692 num, SCAN_AP_LIMIT);
1693 num = SCAN_AP_LIMIT;
1696 /* Free unneeded memory for unused scan result entries */
1697 tmp = os_realloc(results, num * sizeof(struct wpa_scan_result));
1698 if (tmp || num == 0) {
1702 os_free(wpa_s->scan_results);
1703 wpa_s->scan_results = results;
1704 wpa_s->num_scan_results = num;
1710 #ifndef CONFIG_NO_WPA
1711 static int wpa_get_beacon_ie(struct wpa_supplicant *wpa_s)
1714 struct wpa_scan_result *results, *curr = NULL;
1716 results = wpa_s->scan_results;
1717 if (results == NULL) {
1721 for (i = 0; i < wpa_s->num_scan_results; i++) {
1722 struct wpa_ssid *ssid = wpa_s->current_ssid;
1723 if (os_memcmp(results[i].bssid, wpa_s->bssid, ETH_ALEN) != 0)
1726 ((results[i].ssid_len == ssid->ssid_len &&
1727 os_memcmp(results[i].ssid, ssid->ssid, ssid->ssid_len)
1729 ssid->ssid_len == 0)) {
1736 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, curr->wpa_ie,
1737 curr->wpa_ie_len) ||
1738 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, curr->rsn_ie,
1749 static int wpa_supplicant_get_beacon_ie(void *ctx)
1751 struct wpa_supplicant *wpa_s = ctx;
1752 if (wpa_get_beacon_ie(wpa_s) == 0) {
1756 /* No WPA/RSN IE found in the cached scan results. Try to get updated
1757 * scan results from the driver. */
1758 if (wpa_supplicant_get_scan_results(wpa_s) < 0) {
1762 return wpa_get_beacon_ie(wpa_s);
1764 #endif /* CONFIG_NO_WPA */
1768 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1769 * @wpa_s: Pointer to wpa_supplicant data
1770 * Returns: A pointer to the current network structure or %NULL on failure
1772 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1774 struct wpa_ssid *entry;
1775 u8 ssid[MAX_SSID_LEN];
1781 if (wpa_s->use_client_mlme) {
1782 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1783 wpa_printf(MSG_WARNING, "Could not read SSID from "
1788 res = wpa_drv_get_ssid(wpa_s, ssid);
1790 wpa_printf(MSG_WARNING, "Could not read SSID from "
1797 if (wpa_s->use_client_mlme)
1798 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1799 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1800 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1804 wired = wpa_s->conf->ap_scan == 0 && wpa_s->driver &&
1805 os_strcmp(wpa_s->driver->name, "wired") == 0;
1807 entry = wpa_s->conf->ssid;
1809 if (!entry->disabled &&
1810 ((ssid_len == entry->ssid_len &&
1811 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1812 (!entry->bssid_set ||
1813 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1815 entry = entry->next;
1822 #ifndef CONFIG_NO_WPA
1823 static u8 * _wpa_alloc_eapol(void *wpa_s, u8 type,
1824 const void *data, u16 data_len,
1825 size_t *msg_len, void **data_pos)
1827 return wpa_alloc_eapol(wpa_s, type, data, data_len, msg_len, data_pos);
1831 static int _wpa_ether_send(void *wpa_s, const u8 *dest, u16 proto,
1832 const u8 *buf, size_t len)
1834 return wpa_ether_send(wpa_s, dest, proto, buf, len);
1838 static void _wpa_supplicant_cancel_auth_timeout(void *wpa_s)
1840 wpa_supplicant_cancel_auth_timeout(wpa_s);
1844 static void _wpa_supplicant_set_state(void *wpa_s, wpa_states state)
1846 wpa_supplicant_set_state(wpa_s, state);
1850 static wpa_states _wpa_supplicant_get_state(void *wpa_s)
1852 return wpa_supplicant_get_state(wpa_s);
1856 static void _wpa_supplicant_disassociate(void *wpa_s, int reason_code)
1858 wpa_supplicant_disassociate(wpa_s, reason_code);
1859 /* Schedule a scan to make sure we continue looking for networks */
1860 wpa_supplicant_req_scan(wpa_s, 0, 0);
1864 static void _wpa_supplicant_deauthenticate(void *wpa_s, int reason_code)
1866 wpa_supplicant_deauthenticate(wpa_s, reason_code);
1867 /* Schedule a scan to make sure we continue looking for networks */
1868 wpa_supplicant_req_scan(wpa_s, 0, 0);
1872 static struct wpa_ssid * _wpa_supplicant_get_ssid(void *wpa_s)
1874 return wpa_supplicant_get_ssid(wpa_s);
1878 static int wpa_supplicant_get_bssid(void *ctx, u8 *bssid)
1880 struct wpa_supplicant *wpa_s = ctx;
1881 if (wpa_s->use_client_mlme) {
1882 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1885 return wpa_drv_get_bssid(wpa_s, bssid);
1889 static int wpa_supplicant_set_key(void *wpa_s, wpa_alg alg,
1890 const u8 *addr, int key_idx, int set_tx,
1891 const u8 *seq, size_t seq_len,
1892 const u8 *key, size_t key_len)
1894 return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len,
1899 static int wpa_supplicant_mlme_setprotection(void *wpa_s, const u8 *addr,
1900 int protection_type,
1903 return wpa_drv_mlme_setprotection(wpa_s, addr, protection_type,
1908 static int wpa_supplicant_add_pmkid(void *wpa_s,
1909 const u8 *bssid, const u8 *pmkid)
1911 return wpa_drv_add_pmkid(wpa_s, bssid, pmkid);
1915 static int wpa_supplicant_remove_pmkid(void *wpa_s,
1916 const u8 *bssid, const u8 *pmkid)
1918 return wpa_drv_remove_pmkid(wpa_s, bssid, pmkid);
1920 #endif /* CONFIG_NO_WPA */
1923 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1931 if (wpa_supplicant_drivers[0] == NULL) {
1932 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1938 /* default to first driver in the list */
1939 wpa_s->driver = wpa_supplicant_drivers[0];
1943 for (i = 0; wpa_supplicant_drivers[i]; i++) {
1944 if (os_strcmp(name, wpa_supplicant_drivers[i]->name) == 0) {
1945 wpa_s->driver = wpa_supplicant_drivers[i];
1950 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.\n", name);
1955 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1956 const u8 *buf, size_t len)
1958 struct wpa_supplicant *wpa_s = ctx;
1960 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1961 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1963 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1964 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1965 "no key management is configured");
1969 if (wpa_s->eapol_received == 0) {
1970 /* Timeout for completing IEEE 802.1X and WPA authentication */
1971 wpa_supplicant_req_auth_timeout(
1973 (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X ||
1974 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) ?
1977 wpa_s->eapol_received++;
1979 if (wpa_s->countermeasures) {
1980 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1985 /* Source address of the incoming EAPOL frame could be compared to the
1986 * current BSSID. However, it is possible that a centralized
1987 * Authenticator could be using another MAC address than the BSSID of
1988 * an AP, so just allow any address to be used for now. The replies are
1989 * still sent to the current BSSID (if available), though. */
1991 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
1992 if (wpa_s->key_mgmt != WPA_KEY_MGMT_PSK &&
1993 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1995 wpa_drv_poll(wpa_s);
1996 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2001 * wpa_supplicant_driver_init - Initialize driver interface parameters
2002 * @wpa_s: Pointer to wpa_supplicant data
2003 * @wait_for_interface: 0 = do not wait for the interface (reports a failure if
2004 * the interface is not present), 1 = wait until the interface is available
2005 * Returns: 0 on success, -1 on failure
2007 * This function is called to initialize driver interface parameters.
2008 * wpa_drv_init() must have been called before this function to initialize the
2011 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s,
2012 int wait_for_interface)
2014 static int interface_count = 0;
2017 if (wpa_s->driver->send_eapol) {
2018 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2020 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2023 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2024 wpa_drv_get_mac_addr(wpa_s),
2026 wpa_supplicant_rx_eapol, wpa_s, 0);
2029 else if (!wait_for_interface)
2031 wpa_printf(MSG_DEBUG, "Waiting for interface..");
2035 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2036 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
2040 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
2041 MAC2STR(wpa_s->own_addr));
2043 if (wpa_s->bridge_ifname[0]) {
2044 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
2045 " '%s'", wpa_s->bridge_ifname);
2046 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2049 wpa_supplicant_rx_eapol, wpa_s,
2051 if (wpa_s->l2_br == NULL) {
2052 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
2053 "connection for the bridge interface '%s'",
2054 wpa_s->bridge_ifname);
2059 /* Backwards compatibility call to set_wpa() handler. This is called
2060 * only just after init and just before deinit, so these handler can be
2061 * used to implement same functionality. */
2062 if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
2063 struct wpa_driver_capa capa;
2064 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
2065 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
2066 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
2067 wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
2068 /* Continue to allow non-WPA modes to be used. */
2070 wpa_printf(MSG_ERROR, "Failed to enable WPA in the "
2076 wpa_clear_keys(wpa_s, NULL);
2078 /* Make sure that TKIP countermeasures are not left enabled (could
2079 * happen if wpa_supplicant is killed during countermeasures. */
2080 wpa_drv_set_countermeasures(wpa_s, 0);
2082 wpa_drv_set_drop_unencrypted(wpa_s, 1);
2084 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
2085 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
2092 static int wpa_supplicant_daemon(const char *pid_file)
2094 wpa_printf(MSG_DEBUG, "Daemonize..");
2095 return os_daemonize(pid_file);
2099 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2101 struct wpa_supplicant *wpa_s;
2103 wpa_s = os_zalloc(sizeof(*wpa_s));
2106 wpa_s->scan_req = 1;
2112 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2113 struct wpa_interface *iface)
2115 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2116 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2117 iface->confname ? iface->confname : "N/A",
2118 iface->driver ? iface->driver : "default",
2119 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2120 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2122 if (wpa_supplicant_set_driver(wpa_s, iface->driver) < 0) {
2126 if (iface->confname) {
2127 #ifdef CONFIG_BACKEND_FILE
2128 wpa_s->confname = os_rel2abs_path(iface->confname);
2129 if (wpa_s->confname == NULL) {
2130 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2131 "for configuration file '%s'.",
2135 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2136 iface->confname, wpa_s->confname);
2137 #else /* CONFIG_BACKEND_FILE */
2138 wpa_s->confname = os_strdup(iface->confname);
2139 #endif /* CONFIG_BACKEND_FILE */
2140 wpa_s->conf = wpa_config_read(wpa_s->confname);
2141 if (wpa_s->conf == NULL) {
2142 wpa_printf(MSG_ERROR, "Failed to read or parse "
2143 "configuration '%s'.", wpa_s->confname);
2148 * Override ctrl_interface and driver_param if set on command
2151 if (iface->ctrl_interface) {
2152 os_free(wpa_s->conf->ctrl_interface);
2153 wpa_s->conf->ctrl_interface =
2154 os_strdup(iface->ctrl_interface);
2157 if (iface->driver_param) {
2158 os_free(wpa_s->conf->driver_param);
2159 wpa_s->conf->driver_param =
2160 os_strdup(iface->driver_param);
2163 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2164 iface->driver_param);
2166 if (wpa_s->conf == NULL) {
2167 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2171 if (iface->ifname == NULL) {
2172 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2175 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2176 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2180 os_strncpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2182 if (iface->bridge_ifname) {
2183 if (os_strlen(iface->bridge_ifname) >=
2184 sizeof(wpa_s->bridge_ifname)) {
2185 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2186 "name '%s'.", iface->bridge_ifname);
2189 os_strncpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2190 sizeof(wpa_s->bridge_ifname));
2197 static int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s)
2199 #ifdef IEEE8021X_EAPOL
2200 struct eapol_ctx *ctx;
2201 ctx = os_zalloc(sizeof(*ctx));
2203 wpa_printf(MSG_ERROR, "Failed to allocate EAPOL context.");
2208 ctx->msg_ctx = wpa_s;
2209 ctx->eapol_send_ctx = wpa_s;
2211 ctx->eapol_done_cb = wpa_supplicant_notify_eapol_done;
2212 ctx->eapol_send = wpa_supplicant_eapol_send;
2213 ctx->set_wep_key = wpa_eapol_set_wep_key;
2214 ctx->set_config_blob = wpa_supplicant_set_config_blob;
2215 ctx->get_config_blob = wpa_supplicant_get_config_blob;
2216 ctx->aborted_cached = wpa_supplicant_aborted_cached;
2217 ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
2218 ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
2219 ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
2220 wpa_s->eapol = eapol_sm_init(ctx);
2221 if (wpa_s->eapol == NULL) {
2223 wpa_printf(MSG_ERROR, "Failed to initialize EAPOL state "
2227 #endif /* IEEE8021X_EAPOL */
2233 static int wpa_supplicant_init_wpa(struct wpa_supplicant *wpa_s)
2235 #ifndef CONFIG_NO_WPA
2236 struct wpa_sm_ctx *ctx;
2237 ctx = os_zalloc(sizeof(*ctx));
2239 wpa_printf(MSG_ERROR, "Failed to allocate WPA context.");
2244 ctx->set_state = _wpa_supplicant_set_state;
2245 ctx->get_state = _wpa_supplicant_get_state;
2246 ctx->deauthenticate = _wpa_supplicant_deauthenticate;
2247 ctx->disassociate = _wpa_supplicant_disassociate;
2248 ctx->set_key = wpa_supplicant_set_key;
2249 ctx->scan = wpa_supplicant_scan;
2250 ctx->get_ssid = _wpa_supplicant_get_ssid;
2251 ctx->get_bssid = wpa_supplicant_get_bssid;
2252 ctx->ether_send = _wpa_ether_send;
2253 ctx->get_beacon_ie = wpa_supplicant_get_beacon_ie;
2254 ctx->alloc_eapol = _wpa_alloc_eapol;
2255 ctx->cancel_auth_timeout = _wpa_supplicant_cancel_auth_timeout;
2256 ctx->add_pmkid = wpa_supplicant_add_pmkid;
2257 ctx->remove_pmkid = wpa_supplicant_remove_pmkid;
2258 ctx->set_config_blob = wpa_supplicant_set_config_blob;
2259 ctx->get_config_blob = wpa_supplicant_get_config_blob;
2260 ctx->mlme_setprotection = wpa_supplicant_mlme_setprotection;
2262 wpa_s->wpa = wpa_sm_init(ctx);
2263 if (wpa_s->wpa == NULL) {
2264 wpa_printf(MSG_ERROR, "Failed to initialize WPA state "
2268 #endif /* CONFIG_NO_WPA */
2274 static int wpa_supplicant_init_iface2(struct wpa_supplicant *wpa_s,
2275 int wait_for_interface)
2278 struct wpa_driver_capa capa;
2280 wpa_printf(MSG_DEBUG, "Initializing interface (2) '%s'",
2283 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2286 /* RSNA Supplicant Key Management - INITIALIZE */
2287 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2288 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2290 /* Initialize driver interface and register driver event handler before
2291 * L2 receive handler so that association events are processed before
2292 * EAPOL-Key packets if both become available for the same select()
2294 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2295 if (wpa_s->drv_priv == NULL) {
2296 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
2299 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2300 wpa_printf(MSG_ERROR, "Driver interface rejected "
2301 "driver_param '%s'", wpa_s->conf->driver_param);
2305 ifname = wpa_drv_get_ifname(wpa_s);
2306 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2307 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
2308 "name with '%s'", ifname);
2309 os_strncpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2312 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2315 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2316 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2318 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2319 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2321 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2322 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2323 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2324 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2325 "dot11RSNAConfigPMKLifetime");
2329 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2330 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2331 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2332 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2333 "dot11RSNAConfigPMKReauthThreshold");
2337 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2338 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2339 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2340 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2341 "dot11RSNAConfigSATimeout");
2345 if (wpa_supplicant_driver_init(wpa_s, wait_for_interface) < 0) {
2348 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2350 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2351 if (wpa_s->ctrl_iface == NULL) {
2352 wpa_printf(MSG_ERROR,
2353 "Failed to initialize control interface '%s'.\n"
2354 "You may have another wpa_supplicant process "
2355 "already running or the file was\n"
2356 "left by an unclean termination of wpa_supplicant "
2357 "in which case you will need\n"
2358 "to manually remove this file before starting "
2359 "wpa_supplicant again.\n",
2360 wpa_s->conf->ctrl_interface);
2364 if (wpa_drv_get_capa(wpa_s, &capa) == 0 &&
2365 capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
2366 wpa_s->use_client_mlme = 1;
2367 if (ieee80211_sta_init(wpa_s))
2375 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
2377 if (wpa_s->drv_priv) {
2378 wpa_supplicant_deauthenticate(wpa_s, REASON_DEAUTH_LEAVING);
2380 /* Backwards compatibility call to set_wpa() handler. This is
2381 * called only just after init and just before deinit, so these
2382 * handler can be used to implement same functionality. */
2383 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
2384 wpa_printf(MSG_ERROR, "Failed to disable WPA in the "
2388 wpa_drv_set_drop_unencrypted(wpa_s, 0);
2389 wpa_drv_set_countermeasures(wpa_s, 0);
2390 wpa_clear_keys(wpa_s, NULL);
2393 wpas_dbus_unregister_iface(wpa_s);
2395 wpa_supplicant_cleanup(wpa_s);
2397 if (wpa_s->drv_priv)
2398 wpa_drv_deinit(wpa_s);
2403 * wpa_supplicant_add_iface - Add a new network interface
2404 * @global: Pointer to global data from wpa_supplicant_init()
2405 * @iface: Interface configuration options
2406 * Returns: Pointer to the created interface or %NULL on failure
2408 * This function is used to add new network interfaces for %wpa_supplicant.
2409 * This can be called before wpa_supplicant_run() to add interfaces before the
2410 * main event loop has been started. In addition, new interfaces can be added
2411 * dynamically while %wpa_supplicant is already running. This could happen,
2412 * e.g., when a hotplug network adapter is inserted.
2414 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2415 struct wpa_interface *iface)
2417 struct wpa_supplicant *wpa_s;
2419 if (global == NULL || iface == NULL)
2422 wpa_s = wpa_supplicant_alloc();
2426 if (wpa_supplicant_init_iface(wpa_s, iface) ||
2427 wpa_supplicant_init_iface2(wpa_s,
2428 global->params.wait_for_interface)) {
2429 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2431 wpa_supplicant_deinit_iface(wpa_s);
2436 wpa_s->global = global;
2438 /* Register the interface with the dbus control interface */
2439 if (wpas_dbus_register_iface(wpa_s)) {
2440 wpa_supplicant_deinit_iface(wpa_s);
2446 char scan_prop[PROPERTY_VALUE_MAX];
2448 if (property_get("wifi.supplicant_scan_interval", scan_prop, "5") != 0) {
2449 wpa_s->scan_interval = (int)strtol(scan_prop, &endp, 0);
2450 if (endp == scan_prop) {
2451 wpa_s->scan_interval = 5;
2455 wpa_s->next = global->ifaces;
2456 global->ifaces = wpa_s;
2458 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2465 * wpa_supplicant_remove_iface - Remove a network interface
2466 * @global: Pointer to global data from wpa_supplicant_init()
2467 * @wpa_s: Pointer to the network interface to be removed
2468 * Returns: 0 if interface was removed, -1 if interface was not found
2470 * This function can be used to dynamically remove network interfaces from
2471 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2472 * addition, this function is used to remove all remaining interfaces when
2473 * %wpa_supplicant is terminated.
2475 int wpa_supplicant_remove_iface(struct wpa_global *global,
2476 struct wpa_supplicant *wpa_s)
2478 struct wpa_supplicant *prev;
2480 /* Remove interface from the global list of interfaces */
2481 prev = global->ifaces;
2482 if (prev == wpa_s) {
2483 global->ifaces = wpa_s->next;
2485 while (prev && prev->next != wpa_s)
2489 prev->next = wpa_s->next;
2492 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2494 wpa_supplicant_deinit_iface(wpa_s);
2502 * wpa_supplicant_get_iface - Get a new network interface
2503 * @global: Pointer to global data from wpa_supplicant_init()
2504 * @ifname: Interface name
2505 * Returns: Pointer to the interface or %NULL if not found
2507 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2510 struct wpa_supplicant *wpa_s;
2512 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2513 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2521 * wpa_supplicant_init - Initialize %wpa_supplicant
2522 * @params: Parameters for %wpa_supplicant
2523 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2525 * This function is used to initialize %wpa_supplicant. After successful
2526 * initialization, the returned data pointer can be used to add and remove
2527 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2529 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2531 struct wpa_global *global;
2537 wpa_debug_open_file(params->wpa_debug_file_path);
2539 ret = eap_peer_register_methods();
2541 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2543 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2544 "the same EAP type.");
2548 global = os_zalloc(sizeof(*global));
2551 global->params.daemonize = params->daemonize;
2552 global->params.wait_for_interface = params->wait_for_interface;
2553 global->params.wait_for_monitor = params->wait_for_monitor;
2554 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2555 if (params->pid_file)
2556 global->params.pid_file = os_strdup(params->pid_file);
2557 if (params->ctrl_interface)
2558 global->params.ctrl_interface =
2559 os_strdup(params->ctrl_interface);
2560 wpa_debug_level = global->params.wpa_debug_level =
2561 params->wpa_debug_level;
2562 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2563 params->wpa_debug_show_keys;
2564 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2565 params->wpa_debug_timestamp;
2567 if (eloop_init(global)) {
2568 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2569 wpa_supplicant_deinit(global);
2573 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2574 if (global->ctrl_iface == NULL) {
2575 wpa_supplicant_deinit(global);
2579 if (global->params.dbus_ctrl_interface) {
2580 global->dbus_ctrl_iface =
2581 wpa_supplicant_dbus_ctrl_iface_init(global);
2582 if (global->dbus_ctrl_iface == NULL) {
2583 wpa_supplicant_deinit(global);
2588 if (global->params.wait_for_interface && global->params.daemonize &&
2589 wpa_supplicant_daemon(global->params.pid_file)) {
2590 wpa_supplicant_deinit(global);
2599 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2600 * @global: Pointer to global data from wpa_supplicant_init()
2601 * Returns: 0 after successful event loop run, -1 on failure
2603 * This function starts the main event loop and continues running as long as
2604 * there are any remaining events. In most cases, this function is running as
2605 * long as the %wpa_supplicant process in still in use.
2607 int wpa_supplicant_run(struct wpa_global *global)
2609 struct wpa_supplicant *wpa_s;
2611 if (!global->params.wait_for_interface && global->params.daemonize &&
2612 wpa_supplicant_daemon(global->params.pid_file))
2615 if (global->params.wait_for_monitor) {
2616 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2617 if (wpa_s->ctrl_iface)
2618 wpa_supplicant_ctrl_iface_wait(
2622 eloop_register_signal_terminate(wpa_supplicant_terminate, NULL);
2623 eloop_register_signal_reconfig(wpa_supplicant_reconfig, NULL);
2632 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2633 * @global: Pointer to global data from wpa_supplicant_init()
2635 * This function is called to deinitialize %wpa_supplicant and to free all
2636 * allocated resources. Remaining network interfaces will also be removed.
2638 void wpa_supplicant_deinit(struct wpa_global *global)
2643 wpa_supplicant_terminate(0, global, NULL);
2645 while (global->ifaces)
2646 wpa_supplicant_remove_iface(global, global->ifaces);
2648 if (global->ctrl_iface)
2649 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2650 if (global->dbus_ctrl_iface)
2651 wpa_supplicant_dbus_ctrl_iface_deinit(global->dbus_ctrl_iface);
2653 eap_peer_unregister_methods();
2657 if (global->params.pid_file) {
2658 os_daemonize_terminate(global->params.pid_file);
2659 os_free(global->params.pid_file);
2661 os_free(global->params.ctrl_interface);
2664 wpa_debug_close_file();