wpa_supplicant: Update to 07-Jul-2012 TOT

[android-x86/external-wpa_supplicant_8.git] / wpa_supplicant / ctrl_iface.c

diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c
index a22cce5..2224738 100644 (file)
--- a/wpa_supplicant/ctrl_iface.c
+++ b/wpa_supplicant/ctrl_iface.c
@@ -1,6 +1,6 @@
 /*
  * WPA Supplicant / Control interface (shared code for all backends)
- * Copyright (c) 2004-2010, Jouni Malinen <j@w1.fi>
+ * Copyright (c) 2004-2012, Jouni Malinen <j@w1.fi>
  *
  * This software may be distributed under the terms of the BSD license.
  * See README for more details.
@@ -28,6 +28,7 @@
 #include "ap.h"
 #include "p2p_supplicant.h"
 #include "p2p/p2p.h"
+#include "hs20_supplicant.h"
 #include "notify.h"
 #include "bss.h"
 #include "scan.h"
@@ -35,6 +36,7 @@
 #include "interworking.h"
 #include "blacklist.h"
 #include "wpas_glue.h"
+#include "autoscan.h"
 
 extern struct wpa_driver_ops *wpa_drivers[];
 
@@ -59,7 +61,7 @@ static int pno_start(struct wpa_supplicant *wpa_s)
        num_ssid = 0;
        ssid = wpa_s->conf->ssid;
        while (ssid) {
-               if (!ssid->disabled)
+               if (!wpas_network_disabled(wpa_s, ssid))
                        num_ssid++;
                ssid = ssid->next;
        }
@@ -81,7 +83,7 @@ static int pno_start(struct wpa_supplicant *wpa_s)
        i = 0;
        ssid = wpa_s->conf->ssid;
        while (ssid) {
-               if (!ssid->disabled) {
+               if (!wpas_network_disabled(wpa_s, ssid)) {
                        params.ssids[i].ssid = ssid->ssid;
                        params.ssids[i].ssid_len = ssid->ssid_len;
                        params.num_ssids++;
@@ -114,6 +116,43 @@ static int pno_stop(struct wpa_supplicant *wpa_s)
 }
 
 
+static int set_bssid_filter(struct wpa_supplicant *wpa_s, char *val)
+{
+       char *pos;
+       u8 addr[ETH_ALEN], *filter = NULL, *n;
+       size_t count = 0;
+
+       pos = val;
+       while (pos) {
+               if (*pos == '\0')
+                       break;
+               if (hwaddr_aton(pos, addr)) {
+                       os_free(filter);
+                       return -1;
+               }
+               n = os_realloc(filter, (count + 1) * ETH_ALEN);
+               if (n == NULL) {
+                       os_free(filter);
+                       return -1;
+               }
+               filter = n;
+               os_memcpy(filter + count * ETH_ALEN, addr, ETH_ALEN);
+               count++;
+
+               pos = os_strchr(pos, ' ');
+               if (pos)
+                       pos++;
+       }
+
+       wpa_hexdump(MSG_DEBUG, "bssid_filter", filter, count * ETH_ALEN);
+       os_free(wpa_s->bssid_filter);
+       wpa_s->bssid_filter = filter;
+       wpa_s->bssid_filter_count = count;
+
+       return 0;
+}
+
+
 static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
                                         char *cmd)
 {
@@ -197,8 +236,52 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
                        ret = pno_start(wpa_s);
                else
                        ret = pno_stop(wpa_s);
+       } else if (os_strcasecmp(cmd, "radio_disabled") == 0) {
+               int disabled = atoi(value);
+               if (wpa_drv_radio_disable(wpa_s, disabled) < 0)
+                       ret = -1;
+               else if (disabled)
+                       wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
+       } else if (os_strcasecmp(cmd, "uapsd") == 0) {
+               if (os_strcmp(value, "disable") == 0)
+                       wpa_s->set_sta_uapsd = 0;
+               else {
+                       int be, bk, vi, vo;
+                       char *pos;
+                       /* format: BE,BK,VI,VO;max SP Length */
+                       be = atoi(value);
+                       pos = os_strchr(value, ',');
+                       if (pos == NULL)
+                               return -1;
+                       pos++;
+                       bk = atoi(pos);
+                       pos = os_strchr(pos, ',');
+                       if (pos == NULL)
+                               return -1;
+                       pos++;
+                       vi = atoi(pos);
+                       pos = os_strchr(pos, ',');
+                       if (pos == NULL)
+                               return -1;
+                       pos++;
+                       vo = atoi(pos);
+                       /* ignore max SP Length for now */
+
+                       wpa_s->set_sta_uapsd = 1;
+                       wpa_s->sta_uapsd = 0;
+                       if (be)
+                               wpa_s->sta_uapsd |= BIT(0);
+                       if (bk)
+                               wpa_s->sta_uapsd |= BIT(1);
+                       if (vi)
+                               wpa_s->sta_uapsd |= BIT(2);
+                       if (vo)
+                               wpa_s->sta_uapsd |= BIT(3);
+               }
        } else if (os_strcasecmp(cmd, "ps") == 0) {
                ret = wpa_drv_set_p2p_powersave(wpa_s, atoi(value), -1, -1);
+       } else if (os_strcasecmp(cmd, "bssid_filter") == 0) {
+               ret = set_bssid_filter(wpa_s, value);
        } else {
                value[-1] = '=';
                ret = wpa_config_process_global(wpa_s->conf, cmd, -1);
@@ -539,6 +622,80 @@ static int wpa_supplicant_ctrl_iface_wps_oob(struct wpa_supplicant *wpa_s,
 #endif /* CONFIG_WPS_OOB */
 
 
+#ifdef CONFIG_WPS_NFC
+
+static int wpa_supplicant_ctrl_iface_wps_nfc(struct wpa_supplicant *wpa_s,
+                                            char *cmd)
+{
+       u8 bssid[ETH_ALEN], *_bssid = bssid;
+
+       if (cmd == NULL || cmd[0] == '\0')
+               _bssid = NULL;
+       else if (hwaddr_aton(cmd, bssid))
+               return -1;
+
+       return wpas_wps_start_nfc(wpa_s, _bssid);
+}
+
+
+static int wpa_supplicant_ctrl_iface_wps_nfc_token(
+       struct wpa_supplicant *wpa_s, char *cmd, char *reply, size_t max_len)
+{
+       int ndef;
+       struct wpabuf *buf;
+       int res;
+
+       if (os_strcmp(cmd, "WPS") == 0)
+               ndef = 0;
+       else if (os_strcmp(cmd, "NDEF") == 0)
+               ndef = 1;
+       else
+               return -1;
+
+       buf = wpas_wps_nfc_token(wpa_s, ndef);
+       if (buf == NULL)
+               return -1;
+
+       res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
+                                        wpabuf_len(buf));
+       reply[res++] = '\n';
+       reply[res] = '\0';
+
+       wpabuf_free(buf);
+
+       return res;
+}
+
+
+static int wpa_supplicant_ctrl_iface_wps_nfc_tag_read(
+       struct wpa_supplicant *wpa_s, char *pos)
+{
+       size_t len;
+       struct wpabuf *buf;
+       int ret;
+
+       len = os_strlen(pos);
+       if (len & 0x01)
+               return -1;
+       len /= 2;
+
+       buf = wpabuf_alloc(len);
+       if (buf == NULL)
+               return -1;
+       if (hexstr2bin(pos, wpabuf_put(buf, len), len) < 0) {
+               wpabuf_free(buf);
+               return -1;
+       }
+
+       ret = wpas_wps_nfc_tag_read(wpa_s, buf);
+       wpabuf_free(buf);
+
+       return ret;
+}
+
+#endif /* CONFIG_WPS_NFC */
+
+
 static int wpa_supplicant_ctrl_iface_wps_reg(struct wpa_supplicant *wpa_s,
                                             char *cmd)
 {
@@ -735,6 +892,43 @@ static int wpa_supplicant_ctrl_iface_wps_er_config(
        ap.key_hex = new_key;
        return wpas_wps_er_config(wpa_s, cmd, pin, &ap);
 }
+
+
+#ifdef CONFIG_WPS_NFC
+static int wpa_supplicant_ctrl_iface_wps_er_nfc_config_token(
+       struct wpa_supplicant *wpa_s, char *cmd, char *reply, size_t max_len)
+{
+       int ndef;
+       struct wpabuf *buf;
+       int res;
+       char *uuid;
+
+       uuid = os_strchr(cmd, ' ');
+       if (uuid == NULL)
+               return -1;
+       *uuid++ = '\0';
+
+       if (os_strcmp(cmd, "WPS") == 0)
+               ndef = 0;
+       else if (os_strcmp(cmd, "NDEF") == 0)
+               ndef = 1;
+       else
+               return -1;
+
+       buf = wpas_wps_er_nfc_config_token(wpa_s, ndef, uuid);
+       if (buf == NULL)
+               return -1;
+
+       res = wpa_snprintf_hex_uppercase(reply, max_len, wpabuf_head(buf),
+                                        wpabuf_len(buf));
+       reply[res++] = '\n';
+       reply[res] = '\0';
+
+       wpabuf_free(buf);
+
+       return res;
+}
+#endif /* CONFIG_WPS_NFC */
 #endif /* CONFIG_WPS_ER */
 
 #endif /* CONFIG_WPS */
@@ -760,78 +954,6 @@ static int wpa_supplicant_ctrl_iface_ibss_rsn(
 #endif /* CONFIG_IBSS_RSN */
 
 
-int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
-                                             struct wpa_ssid *ssid,
-                                             const char *field,
-                                             const char *value)
-{
-#ifdef IEEE8021X_EAPOL
-       struct eap_peer_config *eap = &ssid->eap;
-
-       wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
-       wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
-                             (const u8 *) value, os_strlen(value));
-
-       switch (wpa_supplicant_ctrl_req_from_string(field)) {
-       case WPA_CTRL_REQ_EAP_IDENTITY:
-               os_free(eap->identity);
-               eap->identity = (u8 *) os_strdup(value);
-               eap->identity_len = os_strlen(value);
-               eap->pending_req_identity = 0;
-               if (ssid == wpa_s->current_ssid)
-                       wpa_s->reassociate = 1;
-               break;
-       case WPA_CTRL_REQ_EAP_PASSWORD:
-               os_free(eap->password);
-               eap->password = (u8 *) os_strdup(value);
-               eap->password_len = os_strlen(value);
-               eap->pending_req_password = 0;
-               if (ssid == wpa_s->current_ssid)
-                       wpa_s->reassociate = 1;
-               break;
-       case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
-               os_free(eap->new_password);
-               eap->new_password = (u8 *) os_strdup(value);
-               eap->new_password_len = os_strlen(value);
-               eap->pending_req_new_password = 0;
-               if (ssid == wpa_s->current_ssid)
-                       wpa_s->reassociate = 1;
-               break;
-       case WPA_CTRL_REQ_EAP_PIN:
-               os_free(eap->pin);
-               eap->pin = os_strdup(value);
-               eap->pending_req_pin = 0;
-               if (ssid == wpa_s->current_ssid)
-                       wpa_s->reassociate = 1;
-               break;
-       case WPA_CTRL_REQ_EAP_OTP:
-               os_free(eap->otp);
-               eap->otp = (u8 *) os_strdup(value);
-               eap->otp_len = os_strlen(value);
-               os_free(eap->pending_req_otp);
-               eap->pending_req_otp = NULL;
-               eap->pending_req_otp_len = 0;
-               break;
-       case WPA_CTRL_REQ_EAP_PASSPHRASE:
-               os_free(eap->private_key_passwd);
-               eap->private_key_passwd = (u8 *) os_strdup(value);
-               eap->pending_req_passphrase = 0;
-               if (ssid == wpa_s->current_ssid)
-                       wpa_s->reassociate = 1;
-               break;
-       default:
-               wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
-               return -1;
-       }
-
-       return 0;
-#else /* IEEE8021X_EAPOL */
-       wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
-       return -1;
-#endif /* IEEE8021X_EAPOL */
-}
-
-
 static int wpa_supplicant_ctrl_iface_ctrl_rsp(struct wpa_supplicant *wpa_s,
                                              char *rsp)
 {
@@ -997,6 +1119,16 @@ static int wpa_supplicant_ctrl_iface_status(struct wpa_supplicant *wpa_s,
                return pos - buf;
        pos += ret;
 
+#ifdef CONFIG_HS20
+       if (wpa_s->current_bss &&
+           wpa_bss_get_vendor_ie(wpa_s->current_bss, HS20_IE_VENDOR_TYPE)) {
+               ret = os_snprintf(pos, end - pos, "hs20=1\n");
+               if (ret < 0 || ret >= end - pos)
+                       return pos - buf;
+               pos += ret;
+       }
+#endif /* CONFIG_HS20 */
+
        if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
            wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
                res = eapol_sm_get_status(wpa_s->eapol, pos, end - pos,
@@ -1507,6 +1639,14 @@ static int wpa_supplicant_ctrl_iface_scan_result(
                        return -1;
                pos += ret;
        }
+#ifdef CONFIG_HS20
+       if (wpa_bss_get_vendor_ie(bss, HS20_IE_VENDOR_TYPE)) {
+               ret = os_snprintf(pos, end - pos, "[HS20]");
+               if (ret < 0 || ret >= end - pos)
+                       return -1;
+               pos += ret;
+       }
+#endif /* CONFIG_HS20 */
 
        ret = os_snprintf(pos, end - pos, "\t%s",
                          wpa_ssid_txt(bss->ssid, bss->ssid_len));
@@ -1608,6 +1748,11 @@ static int wpa_supplicant_ctrl_iface_enable_network(
                                   "ENABLE_NETWORK with persistent P2P group");
                        return -1;
                }
+
+               if (os_strstr(cmd, " no-connect")) {
+                       ssid->disabled = 0;
+                       return 0;
+               }
        }
        wpa_supplicant_enable_network(wpa_s, ssid);
 
@@ -1691,6 +1836,9 @@ static int wpa_supplicant_ctrl_iface_remove_network(
                }
                eapol_sm_invalidate_cached_session(wpa_s->eapol);
                if (wpa_s->current_ssid) {
+#ifdef CONFIG_SME
+                       wpa_s->sme.prev_bssid_set = 0;
+#endif /* CONFIG_SME */
                        wpa_sm_set_config(wpa_s->wpa, NULL);
                        eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
                        wpa_supplicant_disassociate(wpa_s,
@@ -1713,6 +1861,9 @@ static int wpa_supplicant_ctrl_iface_remove_network(
        }
 
        if (ssid == wpa_s->current_ssid || wpa_s->current_ssid == NULL) {
+#ifdef CONFIG_SME
+               wpa_s->sme.prev_bssid_set = 0;
+#endif /* CONFIG_SME */
                /*
                 * Invalidate the EAP session cache if the current or
                 * previously used network is removed.
@@ -1833,6 +1984,132 @@ static int wpa_supplicant_ctrl_iface_get_network(
 }
 
 
+static int wpa_supplicant_ctrl_iface_list_creds(struct wpa_supplicant *wpa_s,
+                                               char *buf, size_t buflen)
+{
+       char *pos, *end;
+       struct wpa_cred *cred;
+       int ret;
+
+       pos = buf;
+       end = buf + buflen;
+       ret = os_snprintf(pos, end - pos,
+                         "cred id / realm / username / domain / imsi\n");
+       if (ret < 0 || ret >= end - pos)
+               return pos - buf;
+       pos += ret;
+
+       cred = wpa_s->conf->cred;
+       while (cred) {
+               ret = os_snprintf(pos, end - pos, "%d\t%s\t%s\t%s\t%s\n",
+                                 cred->id, cred->realm ? cred->realm : "",
+                                 cred->username ? cred->username : "",
+                                 cred->domain ? cred->domain : "",
+                                 cred->imsi ? cred->imsi : "");
+               if (ret < 0 || ret >= end - pos)
+                       return pos - buf;
+               pos += ret;
+
+               cred = cred->next;
+       }
+
+       return pos - buf;
+}
+
+
+static int wpa_supplicant_ctrl_iface_add_cred(struct wpa_supplicant *wpa_s,
+                                             char *buf, size_t buflen)
+{
+       struct wpa_cred *cred;
+       int ret;
+
+       wpa_printf(MSG_DEBUG, "CTRL_IFACE: ADD_CRED");
+
+       cred = wpa_config_add_cred(wpa_s->conf);
+       if (cred == NULL)
+               return -1;
+
+       ret = os_snprintf(buf, buflen, "%d\n", cred->id);
+       if (ret < 0 || (size_t) ret >= buflen)
+               return -1;
+       return ret;
+}
+
+
+static int wpa_supplicant_ctrl_iface_remove_cred(struct wpa_supplicant *wpa_s,
+                                                char *cmd)
+{
+       int id;
+       struct wpa_cred *cred;
+
+       /* cmd: "<cred id>" or "all" */
+       if (os_strcmp(cmd, "all") == 0) {
+               wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_CRED all");
+               cred = wpa_s->conf->cred;
+               while (cred) {
+                       id = cred->id;
+                       cred = cred->next;
+                       wpa_config_remove_cred(wpa_s->conf, id);
+               }
+               return 0;
+       }
+
+       id = atoi(cmd);
+       wpa_printf(MSG_DEBUG, "CTRL_IFACE: REMOVE_CRED id=%d", id);
+
+       cred = wpa_config_get_cred(wpa_s->conf, id);
+       if (cred == NULL ||
+           wpa_config_remove_cred(wpa_s->conf, id) < 0) {
+               wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find cred id=%d",
+                          id);
+               return -1;
+       }
+
+       return 0;
+}
+
+
+static int wpa_supplicant_ctrl_iface_set_cred(struct wpa_supplicant *wpa_s,
+                                             char *cmd)
+{
+       int id;
+       struct wpa_cred *cred;
+       char *name, *value;
+
+       /* cmd: "<cred id> <variable name> <value>" */
+       name = os_strchr(cmd, ' ');
+       if (name == NULL)
+               return -1;
+       *name++ = '\0';
+
+       value = os_strchr(name, ' ');
+       if (value == NULL)
+               return -1;
+       *value++ = '\0';
+
+       id = atoi(cmd);
+       wpa_printf(MSG_DEBUG, "CTRL_IFACE: SET_CRED id=%d name='%s'",
+                  id, name);
+       wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: value",
+                             (u8 *) value, os_strlen(value));
+
+       cred = wpa_config_get_cred(wpa_s->conf, id);
+       if (cred == NULL) {
+               wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find cred id=%d",
+                          id);
+               return -1;
+       }
+
+       if (wpa_config_set_cred(cred, name, value, 0) < 0) {
+               wpa_printf(MSG_DEBUG, "CTRL_IFACE: Failed to set cred "
+                          "variable '%s'", name);
+               return -1;
+       }
+
+       return 0;
+}
+
+
 #ifndef CONFIG_NO_CONFIG_WRITE
 static int wpa_supplicant_ctrl_iface_save_config(struct wpa_supplicant *wpa_s)
 {
@@ -2254,9 +2531,7 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
        int ret;
        char *pos, *end;
        const u8 *ie, *ie2;
-       struct os_time now;
 
-       os_get_time(&now);
        pos = buf;
        end = buf + buflen;
 
@@ -2328,6 +2603,9 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
        }
 
        if (mask & WPA_BSS_MASK_AGE) {
+               struct os_time now;
+
+               os_get_time(&now);
                ret = os_snprintf(pos, end - pos, "age=%d\n",
                                  (int) (now.sec - bss->last_update.sec));
                if (ret < 0 || ret >= end - pos)
@@ -2394,6 +2672,14 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
                                return 0;
                        pos += ret;
                }
+#ifdef CONFIG_HS20
+               if (wpa_bss_get_vendor_ie(bss, HS20_IE_VENDOR_TYPE)) {
+                       ret = os_snprintf(pos, end - pos, "[HS20]");
+                       if (ret < 0 || ret >= end - pos)
+                               return -1;
+                       pos += ret;
+               }
+#endif /* CONFIG_HS20 */
 
                ret = os_snprintf(pos, end - pos, "\n");
                if (ret < 0 || ret >= end - pos)
@@ -2444,19 +2730,28 @@ static int print_bss_info(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
                pos = anqp_add_hex(pos, end, "anqp_3gpp", bss->anqp_3gpp);
                pos = anqp_add_hex(pos, end, "anqp_domain_name",
                                   bss->anqp_domain_name);
+#ifdef CONFIG_HS20
+               pos = anqp_add_hex(pos, end, "hs20_operator_friendly_name",
+                                  bss->hs20_operator_friendly_name);
+               pos = anqp_add_hex(pos, end, "hs20_wan_metrics",
+                                  bss->hs20_wan_metrics);
+               pos = anqp_add_hex(pos, end, "hs20_connection_capability",
+                                  bss->hs20_connection_capability);
+#endif /* CONFIG_HS20 */
        }
 #endif /* CONFIG_INTERWORKING */
 
        return pos - buf;
 }
 
+
 static int wpa_supplicant_ctrl_iface_bss(struct wpa_supplicant *wpa_s,
                                         const char *cmd, char *buf,
                                         size_t buflen)
 {
        u8 bssid[ETH_ALEN];
        size_t i;
-       struct wpa_bss *bss = NULL;
+       struct wpa_bss *bss;
        struct wpa_bss *bsslast = NULL;
        struct dl_list *next;
        int ret = 0;
@@ -2467,33 +2762,45 @@ static int wpa_supplicant_ctrl_iface_bss(struct wpa_supplicant *wpa_s,
        if (os_strncmp(cmd, "RANGE=", 6) == 0) {
                if (os_strncmp(cmd + 6, "ALL", 3) == 0) {
                        bss = dl_list_first(&wpa_s->bss_id, struct wpa_bss,
-                                           list_id);
+                                           list_id);
                        bsslast = dl_list_last(&wpa_s->bss_id, struct wpa_bss,
                                               list_id);
                } else { /* N1-N2 */
-                       if ((ctmp = os_strchr(cmd + 6, '-')) != NULL) {
-                               int id1, id2;
-                               id1 = atoi(cmd + 6);
-                               bss = wpa_bss_get_id(wpa_s, id1);
-                               id2 = atoi(ctmp + 1);
-                               if (id2 == 0)
-                                       bsslast = dl_list_last(&wpa_s->bss_id,
-                                                              struct wpa_bss,
-                                                              list_id);
-                               else
-                                       bsslast = wpa_bss_get_id(wpa_s, id2);
-                       } else {
-                               wpa_printf(MSG_ERROR, "Wrong range format");
+                       unsigned int id1, id2;
+
+                       if ((ctmp = os_strchr(cmd + 6, '-')) == NULL) {
+                               wpa_printf(MSG_INFO, "Wrong BSS range "
+                                          "format");
                                return 0;
                        }
-               }
-               if ((ctmp = os_strstr(cmd, "MASK=")) != NULL) {
-                       mask = strtoul(ctmp + 5, NULL, 0x10);
-                       if (mask == 0)
-                               mask = WPA_BSS_MASK_ALL;
+
+                       id1 = atoi(cmd + 6);
+                       bss = wpa_bss_get_id(wpa_s, id1);
+                       id2 = atoi(ctmp + 1);
+                       if (id2 == 0)
+                               bsslast = dl_list_last(&wpa_s->bss_id,
+                                                      struct wpa_bss,
+                                                      list_id);
+                       else {
+                               bsslast = wpa_bss_get_id(wpa_s, id2);
+                               if (bsslast == NULL && bss && id2 > id1) {
+                                       struct wpa_bss *tmp = bss;
+                                       for (;;) {
+                                               next = tmp->list_id.next;
+                                               if (next == &wpa_s->bss_id)
+                                                       break;
+                                               tmp = dl_list_entry(
+                                                       next, struct wpa_bss,
+                                                       list_id);
+                                               if (tmp->id > id2)
+                                                       break;
+                                               bsslast = tmp;
+                                       }
+                               }
+                       }
                }
        } else if (os_strcmp(cmd, "FIRST") == 0)
-               bss = dl_list_first(&wpa_s->bss, struct wpa_bss, list);
+               bss = dl_list_first(&wpa_s->bss_id, struct wpa_bss, list_id);
        else if (os_strncmp(cmd, "ID-", 3) == 0) {
                i = atoi(cmd + 3);
                bss = wpa_bss_get_id(wpa_s, i);
@@ -2530,6 +2837,12 @@ static int wpa_supplicant_ctrl_iface_bss(struct wpa_supplicant *wpa_s,
                }
        }
 
+       if ((ctmp = os_strstr(cmd, "MASK=")) != NULL) {
+               mask = strtoul(ctmp + 5, NULL, 0x10);
+               if (mask == 0)
+                       mask = WPA_BSS_MASK_ALL;
+       }
+
        if (bss == NULL)
                return 0;
 
@@ -2564,10 +2877,7 @@ static int wpa_supplicant_ctrl_iface_scan_interval(
        struct wpa_supplicant *wpa_s, char *cmd)
 {
        int scan_int = atoi(cmd);
-       if (scan_int < 0)
-               return -1;
-       wpa_s->scan_interval = scan_int;
-       return 0;
+       return wpa_supplicant_set_scan_interval(wpa_s, scan_int);
 }
 
 
@@ -2688,14 +2998,17 @@ static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd,
        enum p2p_wps_method wps_method;
        int new_pin;
        int ret;
-       int persistent_group;
+       int persistent_group, persistent_id = -1;
        int join;
        int auth;
+       int automatic;
        int go_intent = -1;
        int freq = 0;
+       int pd;
 
-       /* <addr> <"pbc" | "pin" | PIN> [label|display|keypad] [persistent]
-        * [join] [auth] [go_intent=<0..15>] [freq=<in MHz>] */
+       /* <addr> <"pbc" | "pin" | PIN> [label|display|keypad]
+        * [persistent|persistent=<network id>]
+        * [join] [auth] [go_intent=<0..15>] [freq=<in MHz>] [provdisc] */
 
        if (hwaddr_aton(cmd, addr))
                return -1;
@@ -2706,8 +3019,23 @@ static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd,
        pos++;
 
        persistent_group = os_strstr(pos, " persistent") != NULL;
+       pos2 = os_strstr(pos, " persistent=");
+       if (pos2) {
+               struct wpa_ssid *ssid;
+               persistent_id = atoi(pos2 + 12);
+               ssid = wpa_config_get_network(wpa_s->conf, persistent_id);
+               if (ssid == NULL || ssid->disabled != 2 ||
+                   ssid->mode != WPAS_MODE_P2P_GO) {
+                       wpa_printf(MSG_DEBUG, "CTRL_IFACE: Could not find "
+                                  "SSID id=%d for persistent P2P group (GO)",
+                                  persistent_id);
+                       return -1;
+               }
+       }
        join = os_strstr(pos, " join") != NULL;
        auth = os_strstr(pos, " auth") != NULL;
+       automatic = os_strstr(pos, " auto") != NULL;
+       pd = os_strstr(pos, " provdisc") != NULL;
 
        pos2 = os_strstr(pos, " go_intent=");
        if (pos2) {
@@ -2739,11 +3067,15 @@ static int p2p_ctrl_connect(struct wpa_supplicant *wpa_s, char *cmd,
                        if (os_strncmp(pos, "display", 7) == 0)
                                wps_method = WPS_PIN_DISPLAY;
                }
+               if (!wps_pin_str_valid(pin)) {
+                       os_memcpy(buf, "FAIL-INVALID-PIN\n", 17);
+                       return 17;
+               }
        }
 
        new_pin = wpas_p2p_connect(wpa_s, addr, pin, wps_method,
-                                  persistent_group, join, auth, go_intent,
-                                  freq);
+                                  persistent_group, automatic, join,
+                                  auth, go_intent, freq, persistent_id, pd);
        if (new_pin == -2) {
                os_memcpy(buf, "FAIL-CHANNEL-UNAVAILABLE\n", 25);
                return 25;
@@ -2777,8 +3109,9 @@ static int p2p_ctrl_prov_disc(struct wpa_supplicant *wpa_s, char *cmd)
 {
        u8 addr[ETH_ALEN];
        char *pos;
+       enum wpas_p2p_prov_disc_use use = WPAS_P2P_PD_FOR_GO_NEG;
 
-       /* <addr> <config method> [join] */
+       /* <addr> <config method> [join|auto] */
 
        if (hwaddr_aton(cmd, addr))
                return -1;
@@ -2788,8 +3121,12 @@ static int p2p_ctrl_prov_disc(struct wpa_supplicant *wpa_s, char *cmd)
                return -1;
        pos++;
 
-       return wpas_p2p_prov_disc(wpa_s, addr, pos,
-                                 os_strstr(pos, "join") != NULL);
+       if (os_strstr(pos, " join") != NULL)
+               use = WPAS_P2P_PD_FOR_JOIN;
+       else if (os_strstr(pos, " auto") != NULL)
+               use = WPAS_P2P_PD_AUTO;
+
+       return wpas_p2p_prov_disc(wpa_s, addr, pos, use);
 }
 
 
@@ -2926,6 +3263,8 @@ static int p2p_ctrl_serv_disc_resp(struct wpa_supplicant *wpa_s, char *cmd)
 static int p2p_ctrl_serv_disc_external(struct wpa_supplicant *wpa_s,
                                       char *cmd)
 {
+       if (os_strcmp(cmd, "0") && os_strcmp(cmd, "1"))
+               return -1;
        wpa_s->p2p_sd_over_ctrl_iface = atoi(cmd);
        return 0;
 }
@@ -3278,6 +3617,56 @@ static int p2p_ctrl_peer(struct wpa_supplicant *wpa_s, char *cmd,
 }
 
 
+static int p2p_ctrl_disallow_freq(struct wpa_supplicant *wpa_s,
+                                 const char *param)
+{
+       struct wpa_freq_range *freq = NULL, *n;
+       unsigned int count = 0, i;
+       const char *pos, *pos2, *pos3;
+
+       if (wpa_s->global->p2p == NULL)
+               return -1;
+
+       /*
+        * param includes comma separated frequency range.
+        * For example: 2412-2432,2462,5000-6000
+        */
+       pos = param;
+       while (pos && pos[0]) {
+               n = os_realloc(freq,
+                              (count + 1) * sizeof(struct wpa_freq_range));
+               if (n == NULL) {
+                       os_free(freq);
+                       return -1;
+               }
+               freq = n;
+               freq[count].min = atoi(pos);
+               pos2 = os_strchr(pos, '-');
+               pos3 = os_strchr(pos, ',');
+               if (pos2 && (!pos3 || pos2 < pos3)) {
+                       pos2++;
+                       freq[count].max = atoi(pos2);
+               } else
+                       freq[count].max = freq[count].min;
+               pos = pos3;
+               if (pos)
+                       pos++;
+               count++;
+       }
+
+       for (i = 0; i < count; i++) {
+               wpa_printf(MSG_DEBUG, "P2P: Disallowed frequency range %u-%u",
+                          freq[i].min, freq[i].max);
+       }
+
+       os_free(wpa_s->global->p2p_disallow_freq);
+       wpa_s->global->p2p_disallow_freq = freq;
+       wpa_s->global->num_p2p_disallow_freq = count;
+       wpas_p2p_update_channel_list(wpa_s);
+       return 0;
+}
+
+
 static int p2p_ctrl_set(struct wpa_supplicant *wpa_s, char *cmd)
 {
        char *param;
@@ -3356,7 +3745,7 @@ static int p2p_ctrl_set(struct wpa_supplicant *wpa_s, char *cmd)
                }
                return 0;
        }
-#ifdef ANDROID_P2P
+
        if (os_strcmp(cmd, "conc_pref") == 0) {
                if (os_strcmp(param, "sta") == 0)
                        wpa_s->global->conc_pref = WPA_CONC_PREF_STA;
@@ -3367,10 +3756,10 @@ static int p2p_ctrl_set(struct wpa_supplicant *wpa_s, char *cmd)
                        return -1;
                }
                wpa_printf(MSG_DEBUG, "Single channel concurrency preference: "
-                       "%s", param);
+                          "%s", param);
                return 0;
        }
-#endif
+
        if (os_strcmp(cmd, "force_long_sd") == 0) {
                wpa_s->force_long_sd = atoi(param);
                return 0;
@@ -3436,6 +3825,9 @@ static int p2p_ctrl_set(struct wpa_supplicant *wpa_s, char *cmd)
                return 0;
        }
 
+       if (os_strcmp(cmd, "disallow_freq") == 0)
+               return p2p_ctrl_disallow_freq(wpa_s, param);
+
        wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown P2P_SET field value '%s'",
                   cmd);
 
@@ -3548,6 +3940,111 @@ static int get_anqp(struct wpa_supplicant *wpa_s, char *dst)
 #endif /* CONFIG_INTERWORKING */
 
 
+#ifdef CONFIG_HS20
+
+static int get_hs20_anqp(struct wpa_supplicant *wpa_s, char *dst)
+{
+       u8 dst_addr[ETH_ALEN];
+       int used;
+       char *pos;
+       u32 subtypes = 0;
+
+       used = hwaddr_aton2(dst, dst_addr);
+       if (used < 0)
+               return -1;
+       pos = dst + used;
+       for (;;) {
+               int num = atoi(pos);
+               if (num <= 0 || num > 31)
+                       return -1;
+               subtypes |= BIT(num);
+               pos = os_strchr(pos + 1, ',');
+               if (pos == NULL)
+                       break;
+               pos++;
+       }
+
+       if (subtypes == 0)
+               return -1;
+
+       return hs20_anqp_send_req(wpa_s, dst_addr, subtypes, NULL, 0);
+}
+
+
+static int hs20_nai_home_realm_list(struct wpa_supplicant *wpa_s,
+                                   const u8 *addr, const char *realm)
+{
+       u8 *buf;
+       size_t rlen, len;
+       int ret;
+
+       rlen = os_strlen(realm);
+       len = 3 + rlen;
+       buf = os_malloc(len);
+       if (buf == NULL)
+               return -1;
+       buf[0] = 1; /* NAI Home Realm Count */
+       buf[1] = 0; /* Formatted in accordance with RFC 4282 */
+       buf[2] = rlen;
+       os_memcpy(buf + 3, realm, rlen);
+
+       ret = hs20_anqp_send_req(wpa_s, addr,
+                                BIT(HS20_STYPE_NAI_HOME_REALM_QUERY),
+                                buf, len);
+
+       os_free(buf);
+
+       return ret;
+}
+
+
+static int hs20_get_nai_home_realm_list(struct wpa_supplicant *wpa_s,
+                                       char *dst)
+{
+       struct wpa_cred *cred = wpa_s->conf->cred;
+       u8 dst_addr[ETH_ALEN];
+       int used;
+       u8 *buf;
+       size_t len;
+       int ret;
+
+       used = hwaddr_aton2(dst, dst_addr);
+       if (used < 0)
+               return -1;
+
+       while (dst[used] == ' ')
+               used++;
+       if (os_strncmp(dst + used, "realm=", 6) == 0)
+               return hs20_nai_home_realm_list(wpa_s, dst_addr,
+                                               dst + used + 6);
+
+       len = os_strlen(dst + used);
+
+       if (len == 0 && cred && cred->realm)
+               return hs20_nai_home_realm_list(wpa_s, dst_addr, cred->realm);
+
+       if (len % 1)
+               return -1;
+       len /= 2;
+       buf = os_malloc(len);
+       if (buf == NULL)
+               return -1;
+       if (hexstr2bin(dst + used, buf, len) < 0) {
+               os_free(buf);
+               return -1;
+       }
+
+       ret = hs20_anqp_send_req(wpa_s, dst_addr,
+                                BIT(HS20_STYPE_NAI_HOME_REALM_QUERY),
+                                buf, len);
+       os_free(buf);
+
+       return ret;
+}
+
+#endif /* CONFIG_HS20 */
+
+
 static int wpa_supplicant_ctrl_iface_sta_autoconnect(
        struct wpa_supplicant *wpa_s, char *cmd)
 {
@@ -3556,6 +4053,36 @@ static int wpa_supplicant_ctrl_iface_sta_autoconnect(
 }
 
 
+#ifdef CONFIG_AUTOSCAN
+
+static int wpa_supplicant_ctrl_iface_autoscan(struct wpa_supplicant *wpa_s,
+                                             char *cmd)
+{
+       enum wpa_states state = wpa_s->wpa_state;
+       char *new_params = NULL;
+
+       if (os_strlen(cmd) > 0) {
+               new_params = os_strdup(cmd);
+               if (new_params == NULL)
+                       return -1;
+       }
+
+       os_free(wpa_s->conf->autoscan);
+       wpa_s->conf->autoscan = new_params;
+
+       if (wpa_s->conf->autoscan == NULL)
+               autoscan_deinit(wpa_s);
+       else if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
+               autoscan_init(wpa_s, 1);
+       else if (state == WPA_SCANNING)
+               wpa_supplicant_reinit_autoscan(wpa_s);
+
+       return 0;
+}
+
+#endif /* CONFIG_AUTOSCAN */
+
+
 static int wpa_supplicant_signal_poll(struct wpa_supplicant *wpa_s, char *buf,
                                      size_t buflen)
 {
@@ -3654,6 +4181,7 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
                eapol_sm_notify_logoff(wpa_s->eapol, TRUE);
        } else if (os_strcmp(buf, "REASSOCIATE") == 0) {
                wpa_s->normal_scans = 0;
+               wpa_supplicant_reinit_autoscan(wpa_s);
                if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
                        reply_len = -1;
                else {
@@ -3663,6 +4191,7 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
                }
        } else if (os_strcmp(buf, "RECONNECT") == 0) {
                wpa_s->normal_scans = 0;
+               wpa_supplicant_reinit_autoscan(wpa_s);
                if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
                        reply_len = -1;
                else if (wpa_s->disconnected) {
@@ -3715,6 +4244,21 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
                if (wpa_supplicant_ctrl_iface_wps_oob(wpa_s, buf + 8))
                        reply_len = -1;
 #endif /* CONFIG_WPS_OOB */
+#ifdef CONFIG_WPS_NFC
+       } else if (os_strcmp(buf, "WPS_NFC") == 0) {
+               if (wpa_supplicant_ctrl_iface_wps_nfc(wpa_s, NULL))
+                       reply_len = -1;
+       } else if (os_strncmp(buf, "WPS_NFC ", 8) == 0) {
+               if (wpa_supplicant_ctrl_iface_wps_nfc(wpa_s, buf + 8))
+                       reply_len = -1;
+       } else if (os_strncmp(buf, "WPS_NFC_TOKEN ", 14) == 0) {
+               reply_len = wpa_supplicant_ctrl_iface_wps_nfc_token(
+                       wpa_s, buf + 14, reply, reply_size);
+       } else if (os_strncmp(buf, "WPS_NFC_TAG_READ ", 17) == 0) {
+               if (wpa_supplicant_ctrl_iface_wps_nfc_tag_read(wpa_s,
+                                                              buf + 17))
+                       reply_len = -1;
+#endif /* CONFIG_WPS_NFC */
        } else if (os_strncmp(buf, "WPS_REG ", 8) == 0) {
                if (wpa_supplicant_ctrl_iface_wps_reg(wpa_s, buf + 8))
                        reply_len = -1;
@@ -3759,6 +4303,11 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
        } else if (os_strncmp(buf, "WPS_ER_CONFIG ", 14) == 0) {
                if (wpa_supplicant_ctrl_iface_wps_er_config(wpa_s, buf + 14))
                        reply_len = -1;
+#ifdef CONFIG_WPS_NFC
+       } else if (os_strncmp(buf, "WPS_ER_NFC_CONFIG_TOKEN ", 24) == 0) {
+               reply_len = wpa_supplicant_ctrl_iface_wps_er_nfc_config_token(
+                       wpa_s, buf + 24, reply, reply_size);
+#endif /* CONFIG_WPS_NFC */
 #endif /* CONFIG_WPS_ER */
 #endif /* CONFIG_WPS */
 #ifdef CONFIG_IBSS_RSN
@@ -3873,6 +4422,14 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
                if (get_anqp(wpa_s, buf + 9) < 0)
                        reply_len = -1;
 #endif /* CONFIG_INTERWORKING */
+#ifdef CONFIG_HS20
+       } else if (os_strncmp(buf, "HS20_ANQP_GET ", 14) == 0) {
+               if (get_hs20_anqp(wpa_s, buf + 14) < 0)
+                       reply_len = -1;
+       } else if (os_strncmp(buf, "HS20_GET_NAI_HOME_REALM_LIST ", 29) == 0) {
+               if (hs20_get_nai_home_realm_list(wpa_s, buf + 29) < 0)
+                       reply_len = -1;
+#endif /* CONFIG_HS20 */
        } else if (os_strncmp(buf, WPA_CTRL_RSP, os_strlen(WPA_CTRL_RSP)) == 0)
        {
                if (wpa_supplicant_ctrl_iface_ctrl_rsp(
@@ -3898,19 +4455,30 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
                reply_len = wpa_supplicant_ctrl_iface_list_networks(
                        wpa_s, reply, reply_size);
        } else if (os_strcmp(buf, "DISCONNECT") == 0) {
+#ifdef CONFIG_SME
+               wpa_s->sme.prev_bssid_set = 0;
+#endif /* CONFIG_SME */
                wpa_s->reassociate = 0;
                wpa_s->disconnected = 1;
                wpa_supplicant_cancel_sched_scan(wpa_s);
+               wpa_supplicant_cancel_scan(wpa_s);
                wpa_supplicant_deauthenticate(wpa_s,
                                              WLAN_REASON_DEAUTH_LEAVING);
        } else if (os_strcmp(buf, "SCAN") == 0) {
-               wpa_s->normal_scans = 0;
                if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED)
                        reply_len = -1;
                else {
                        if (!wpa_s->scanning &&
                            ((wpa_s->wpa_state <= WPA_SCANNING) ||
                             (wpa_s->wpa_state == WPA_COMPLETED))) {
+                               wpa_s->normal_scans = 0;
+                               wpa_s->scan_req = 2;
+                               wpa_supplicant_req_scan(wpa_s, 0, 0);
+                       } else if (wpa_s->sched_scanning) {
+                               wpa_printf(MSG_DEBUG, "Stop ongoing "
+                                          "sched_scan to allow requested "
+                                          "full scan to proceed");
+                               wpa_supplicant_cancel_sched_scan(wpa_s);
                                wpa_s->scan_req = 2;
                                wpa_supplicant_req_scan(wpa_s, 0, 0);
                        } else {
@@ -3944,6 +4512,18 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
        } else if (os_strncmp(buf, "GET_NETWORK ", 12) == 0) {
                reply_len = wpa_supplicant_ctrl_iface_get_network(
                        wpa_s, buf + 12, reply, reply_size);
+       } else if (os_strcmp(buf, "LIST_CREDS") == 0) {
+               reply_len = wpa_supplicant_ctrl_iface_list_creds(
+                       wpa_s, reply, reply_size);
+       } else if (os_strcmp(buf, "ADD_CRED") == 0) {
+               reply_len = wpa_supplicant_ctrl_iface_add_cred(
+                       wpa_s, reply, reply_size);
+       } else if (os_strncmp(buf, "REMOVE_CRED ", 12) == 0) {
+               if (wpa_supplicant_ctrl_iface_remove_cred(wpa_s, buf + 12))
+                       reply_len = -1;
+       } else if (os_strncmp(buf, "SET_CRED ", 9) == 0) {
+               if (wpa_supplicant_ctrl_iface_set_cred(wpa_s, buf + 9))
+                       reply_len = -1;
 #ifndef CONFIG_NO_CONFIG_WRITE
        } else if (os_strcmp(buf, "SAVE_CONFIG") == 0) {
                if (wpa_supplicant_ctrl_iface_save_config(wpa_s))
@@ -3976,6 +4556,12 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
        } else if (os_strncmp(buf, "STA-NEXT ", 9) == 0) {
                reply_len = ap_ctrl_iface_sta_next(wpa_s, buf + 9, reply,
                                                   reply_size);
+       } else if (os_strncmp(buf, "DEAUTHENTICATE ", 15) == 0) {
+               if (ap_ctrl_iface_sta_deauthenticate(wpa_s, buf + 15))
+                       reply_len = -1;
+       } else if (os_strncmp(buf, "DISASSOCIATE ", 13) == 0) {
+               if (ap_ctrl_iface_sta_disassociate(wpa_s, buf + 13))
+                       reply_len = -1;
 #endif /* CONFIG_AP */
        } else if (os_strcmp(buf, "SUSPEND") == 0) {
                wpas_notify_suspend(wpa_s->global);
@@ -4010,6 +4596,11 @@ char * wpa_supplicant_ctrl_iface_process(struct wpa_supplicant *wpa_s,
        } else if (os_strncmp(buf, "SIGNAL_POLL", 11) == 0) {
                reply_len = wpa_supplicant_signal_poll(wpa_s, reply,
                                                       reply_size);
+#ifdef CONFIG_AUTOSCAN
+       } else if (os_strncmp(buf, "AUTOSCAN ", 9) == 0) {
+               if (wpa_supplicant_ctrl_iface_autoscan(wpa_s, buf + 9))
+                       reply_len = -1;
+#endif /* CONFIG_AUTOSCAN */
 #ifdef ANDROID
        } else if (os_strncmp(buf, "DRIVER ", 7) == 0) {
                reply_len = wpa_supplicant_driver_cmd(wpa_s, buf + 7, reply,