3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_server/eap_methods.h"
21 #include "rsn_supp/wpa.h"
24 #include "utils/ext_password.h"
25 #include "l2_packet/l2_packet.h"
26 #include "wpa_supplicant_i.h"
28 #include "ctrl_iface.h"
29 #include "pcsc_funcs.h"
30 #include "common/version.h"
31 #include "rsn_supp/preauth.h"
32 #include "rsn_supp/pmksa_cache.h"
33 #include "common/wpa_ctrl.h"
34 #include "common/ieee802_11_defs.h"
36 #include "blacklist.h"
37 #include "wpas_glue.h"
38 #include "wps_supplicant.h"
41 #include "gas_query.h"
43 #include "p2p_supplicant.h"
44 #include "wifi_display.h"
50 #include "offchannel.h"
51 #include "hs20_supplicant.h"
53 const char *wpa_supplicant_version =
54 "wpa_supplicant v" VERSION_STR "\n"
55 "Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi> and contributors";
57 const char *wpa_supplicant_license =
58 "This software may be distributed under the terms of the BSD license.\n"
59 "See README for more details.\n"
60 #ifdef EAP_TLS_OPENSSL
61 "\nThis product includes software developed by the OpenSSL Project\n"
62 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
63 #endif /* EAP_TLS_OPENSSL */
66 #ifndef CONFIG_NO_STDOUT_DEBUG
67 /* Long text divided into parts in order to fit in C89 strings size limits. */
68 const char *wpa_supplicant_full_license1 =
70 const char *wpa_supplicant_full_license2 =
71 "This software may be distributed under the terms of the BSD license.\n"
73 "Redistribution and use in source and binary forms, with or without\n"
74 "modification, are permitted provided that the following conditions are\n"
77 const char *wpa_supplicant_full_license3 =
78 "1. Redistributions of source code must retain the above copyright\n"
79 " notice, this list of conditions and the following disclaimer.\n"
81 "2. Redistributions in binary form must reproduce the above copyright\n"
82 " notice, this list of conditions and the following disclaimer in the\n"
83 " documentation and/or other materials provided with the distribution.\n"
85 const char *wpa_supplicant_full_license4 =
86 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
87 " names of its contributors may be used to endorse or promote products\n"
88 " derived from this software without specific prior written permission.\n"
90 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
91 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
92 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
93 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
94 const char *wpa_supplicant_full_license5 =
95 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
96 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
97 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
98 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
99 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
100 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
101 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
103 #endif /* CONFIG_NO_STDOUT_DEBUG */
105 extern int wpa_debug_level;
106 extern int wpa_debug_show_keys;
107 extern int wpa_debug_timestamp;
108 extern struct wpa_driver_ops *wpa_drivers[];
110 /* Configure default/group WEP keys for static WEP */
111 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
115 for (i = 0; i < NUM_WEP_KEYS; i++) {
116 if (ssid->wep_key_len[i] == 0)
120 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
121 i, i == ssid->wep_tx_keyidx, NULL, 0,
122 ssid->wep_key[i], ssid->wep_key_len[i]);
129 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
130 struct wpa_ssid *ssid)
137 /* IBSS/WPA-None uses only one key (Group) for both receiving and
138 * sending unicast and multicast packets. */
140 if (ssid->mode != WPAS_MODE_IBSS) {
141 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
142 "IBSS/ad-hoc) for WPA-None", ssid->mode);
146 if (!ssid->psk_set) {
147 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
152 switch (wpa_s->group_cipher) {
153 case WPA_CIPHER_CCMP:
154 os_memcpy(key, ssid->psk, 16);
158 case WPA_CIPHER_GCMP:
159 os_memcpy(key, ssid->psk, 16);
163 case WPA_CIPHER_TKIP:
164 /* WPA-None uses the same Michael MIC key for both TX and RX */
165 os_memcpy(key, ssid->psk, 16 + 8);
166 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
172 "WPA-None", wpa_s->group_cipher);
176 /* TODO: should actually remember the previously used seq#, both for TX
177 * and RX from each STA.. */
179 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
183 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
185 struct wpa_supplicant *wpa_s = eloop_ctx;
186 const u8 *bssid = wpa_s->bssid;
187 if (is_zero_ether_addr(bssid))
188 bssid = wpa_s->pending_bssid;
189 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
191 wpa_blacklist_add(wpa_s, bssid);
192 wpa_sm_notify_disassoc(wpa_s->wpa);
193 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
194 wpa_s->reassociate = 1;
197 * If we timed out, the AP or the local radio may be busy.
198 * So, wait a second until scanning again.
200 wpa_supplicant_req_scan(wpa_s, 1, 0);
203 if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
204 wpa_s->global->p2p != NULL) {
205 wpa_s->global->p2p_cb_on_scan_complete = 0;
206 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
207 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
208 "continued after timed out authentication");
211 #endif /* CONFIG_P2P */
216 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
217 * @wpa_s: Pointer to wpa_supplicant data
218 * @sec: Number of seconds after which to time out authentication
219 * @usec: Number of microseconds after which to time out authentication
221 * This function is used to schedule a timeout for the current authentication
224 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
227 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
228 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
231 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
232 "%d usec", sec, usec);
233 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
234 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
239 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
240 * @wpa_s: Pointer to wpa_supplicant data
242 * This function is used to cancel authentication timeout scheduled with
243 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
246 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
248 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
249 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
250 wpa_blacklist_del(wpa_s, wpa_s->bssid);
255 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
256 * @wpa_s: Pointer to wpa_supplicant data
258 * This function is used to configure EAPOL state machine based on the selected
259 * authentication mode.
261 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
263 #ifdef IEEE8021X_EAPOL
264 struct eapol_config eapol_conf;
265 struct wpa_ssid *ssid = wpa_s->current_ssid;
267 #ifdef CONFIG_IBSS_RSN
268 if (ssid->mode == WPAS_MODE_IBSS &&
269 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
270 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
272 * RSN IBSS authentication is per-STA and we can disable the
273 * per-BSSID EAPOL authentication.
275 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
276 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
277 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
280 #endif /* CONFIG_IBSS_RSN */
282 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
283 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
286 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
287 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
289 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
291 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
292 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
293 eapol_conf.accept_802_1x_keys = 1;
294 eapol_conf.required_keys = 0;
295 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
296 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
298 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
299 eapol_conf.required_keys |=
300 EAPOL_REQUIRE_KEY_BROADCAST;
303 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
304 eapol_conf.required_keys = 0;
307 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
308 eapol_conf.workaround = ssid->eap_workaround;
309 eapol_conf.eap_disabled =
310 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
311 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
312 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
313 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
314 #endif /* IEEE8021X_EAPOL */
319 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
320 * @wpa_s: Pointer to wpa_supplicant data
321 * @ssid: Configuration data for the network
323 * This function is used to configure WPA state machine and related parameters
324 * to a mode where WPA is not enabled. This is called as part of the
325 * authentication configuration when the selected network does not use WPA.
327 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
328 struct wpa_ssid *ssid)
332 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
333 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
334 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
335 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
337 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
338 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
339 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
340 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
341 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
342 wpa_s->group_cipher = WPA_CIPHER_NONE;
343 wpa_s->mgmt_group_cipher = 0;
345 for (i = 0; i < NUM_WEP_KEYS; i++) {
346 if (ssid->wep_key_len[i] > 5) {
347 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
348 wpa_s->group_cipher = WPA_CIPHER_WEP104;
350 } else if (ssid->wep_key_len[i] > 0) {
351 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
352 wpa_s->group_cipher = WPA_CIPHER_WEP40;
357 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
358 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
359 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
360 wpa_s->pairwise_cipher);
361 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
362 #ifdef CONFIG_IEEE80211W
363 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
364 wpa_s->mgmt_group_cipher);
365 #endif /* CONFIG_IEEE80211W */
367 pmksa_cache_clear_current(wpa_s->wpa);
371 void free_hw_features(struct wpa_supplicant *wpa_s)
374 if (wpa_s->hw.modes == NULL)
377 for (i = 0; i < wpa_s->hw.num_modes; i++) {
378 os_free(wpa_s->hw.modes[i].channels);
379 os_free(wpa_s->hw.modes[i].rates);
382 os_free(wpa_s->hw.modes);
383 wpa_s->hw.modes = NULL;
387 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
389 bgscan_deinit(wpa_s);
390 autoscan_deinit(wpa_s);
391 scard_deinit(wpa_s->scard);
393 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
394 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
395 l2_packet_deinit(wpa_s->l2);
398 l2_packet_deinit(wpa_s->l2_br);
402 if (wpa_s->conf != NULL) {
403 struct wpa_ssid *ssid;
404 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
405 wpas_notify_network_removed(wpa_s, ssid);
408 os_free(wpa_s->confname);
409 wpa_s->confname = NULL;
411 wpa_sm_set_eapol(wpa_s->wpa, NULL);
412 eapol_sm_deinit(wpa_s->eapol);
415 rsn_preauth_deinit(wpa_s->wpa);
418 wpa_tdls_deinit(wpa_s->wpa);
419 #endif /* CONFIG_TDLS */
421 pmksa_candidate_free(wpa_s->wpa);
422 wpa_sm_deinit(wpa_s->wpa);
424 wpa_blacklist_clear(wpa_s);
426 wpa_bss_deinit(wpa_s);
428 wpa_supplicant_cancel_scan(wpa_s);
429 wpa_supplicant_cancel_auth_timeout(wpa_s);
430 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
431 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
432 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
434 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
436 wpas_wps_deinit(wpa_s);
438 wpabuf_free(wpa_s->pending_eapol_rx);
439 wpa_s->pending_eapol_rx = NULL;
441 #ifdef CONFIG_IBSS_RSN
442 ibss_rsn_deinit(wpa_s->ibss_rsn);
443 wpa_s->ibss_rsn = NULL;
444 #endif /* CONFIG_IBSS_RSN */
449 wpa_supplicant_ap_deinit(wpa_s);
450 #endif /* CONFIG_AP */
453 wpas_p2p_deinit(wpa_s);
454 #endif /* CONFIG_P2P */
456 #ifdef CONFIG_OFFCHANNEL
457 offchannel_deinit(wpa_s);
458 #endif /* CONFIG_OFFCHANNEL */
460 wpa_supplicant_cancel_sched_scan(wpa_s);
462 os_free(wpa_s->next_scan_freqs);
463 wpa_s->next_scan_freqs = NULL;
465 gas_query_deinit(wpa_s->gas);
468 free_hw_features(wpa_s);
470 os_free(wpa_s->bssid_filter);
471 wpa_s->bssid_filter = NULL;
473 os_free(wpa_s->disallow_aps_bssid);
474 wpa_s->disallow_aps_bssid = NULL;
475 os_free(wpa_s->disallow_aps_ssid);
476 wpa_s->disallow_aps_ssid = NULL;
478 wnm_bss_keep_alive_deinit(wpa_s);
480 ext_password_deinit(wpa_s->ext_pw);
481 wpa_s->ext_pw = NULL;
483 wpabuf_free(wpa_s->last_gas_resp);
485 os_free(wpa_s->last_scan_res);
486 wpa_s->last_scan_res = NULL;
491 * wpa_clear_keys - Clear keys configured for the driver
492 * @wpa_s: Pointer to wpa_supplicant data
493 * @addr: Previously used BSSID or %NULL if not available
495 * This function clears the encryption keys that has been previously configured
498 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
500 if (wpa_s->keys_cleared) {
501 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
502 * timing issues with keys being cleared just before new keys
503 * are set or just after association or something similar. This
504 * shows up in group key handshake failing often because of the
505 * client not receiving the first encrypted packets correctly.
506 * Skipping some of the extra key clearing steps seems to help
507 * in completing group key handshake more reliably. */
508 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
509 "skip key clearing");
513 /* MLME-DELETEKEYS.request */
514 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
515 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
516 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
517 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
518 #ifdef CONFIG_IEEE80211W
519 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
520 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
521 #endif /* CONFIG_IEEE80211W */
523 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
525 /* MLME-SETPROTECTION.request(None) */
526 wpa_drv_mlme_setprotection(
528 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
529 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
531 wpa_s->keys_cleared = 1;
536 * wpa_supplicant_state_txt - Get the connection state name as a text string
537 * @state: State (wpa_state; WPA_*)
538 * Returns: The state name as a printable text string
540 const char * wpa_supplicant_state_txt(enum wpa_states state)
543 case WPA_DISCONNECTED:
544 return "DISCONNECTED";
547 case WPA_INTERFACE_DISABLED:
548 return "INTERFACE_DISABLED";
551 case WPA_AUTHENTICATING:
552 return "AUTHENTICATING";
553 case WPA_ASSOCIATING:
554 return "ASSOCIATING";
557 case WPA_4WAY_HANDSHAKE:
558 return "4WAY_HANDSHAKE";
559 case WPA_GROUP_HANDSHAKE:
560 return "GROUP_HANDSHAKE";
571 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
573 if (wpas_driver_bss_selection(wpa_s))
575 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
578 bgscan_deinit(wpa_s);
579 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
580 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
581 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
584 * Live without bgscan; it is only used as a roaming
585 * optimization, so the initial connection is not
589 struct wpa_scan_results *scan_res;
590 wpa_s->bgscan_ssid = wpa_s->current_ssid;
591 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
594 bgscan_notify_scan(wpa_s, scan_res);
595 wpa_scan_results_free(scan_res);
599 wpa_s->bgscan_ssid = NULL;
603 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
605 if (wpa_s->bgscan_ssid != NULL) {
606 bgscan_deinit(wpa_s);
607 wpa_s->bgscan_ssid = NULL;
611 #endif /* CONFIG_BGSCAN */
614 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
616 if (autoscan_init(wpa_s, 0))
617 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
621 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
623 autoscan_deinit(wpa_s);
627 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
629 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
630 wpa_s->wpa_state == WPA_SCANNING) {
631 autoscan_deinit(wpa_s);
632 wpa_supplicant_start_autoscan(wpa_s);
638 * wpa_supplicant_set_state - Set current connection state
639 * @wpa_s: Pointer to wpa_supplicant data
640 * @state: The new connection state
642 * This function is called whenever the connection state changes, e.g.,
643 * association is completed for WPA/WPA2 4-Way Handshake is started.
645 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
646 enum wpa_states state)
648 enum wpa_states old_state = wpa_s->wpa_state;
650 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
651 wpa_supplicant_state_txt(wpa_s->wpa_state),
652 wpa_supplicant_state_txt(state));
655 if(state == WPA_ASSOCIATED && wpa_s->current_ssid) {
656 wpa_s->current_ssid->assoc_retry = 0;
658 #endif /* ANDROID_P2P */
660 if (state != WPA_SCANNING)
661 wpa_supplicant_notify_scanning(wpa_s, 0);
663 if (state == WPA_COMPLETED && wpa_s->new_connection) {
664 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
665 struct wpa_ssid *ssid = wpa_s->current_ssid;
666 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
667 MACSTR " completed %s [id=%d id_str=%s]",
668 MAC2STR(wpa_s->bssid), "(auth)",
669 ssid ? ssid->id : -1,
670 ssid && ssid->id_str ? ssid->id_str : "");
671 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
672 wpas_clear_temp_disabled(wpa_s, ssid, 1);
673 wpa_s->extra_blacklist_count = 0;
674 wpa_s->new_connection = 0;
675 wpa_drv_set_operstate(wpa_s, 1);
676 #ifndef IEEE8021X_EAPOL
677 wpa_drv_set_supp_port(wpa_s, 1);
678 #endif /* IEEE8021X_EAPOL */
679 wpa_s->after_wps = 0;
681 wpas_p2p_completed(wpa_s);
682 #endif /* CONFIG_P2P */
684 sme_sched_obss_scan(wpa_s, 1);
685 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
686 state == WPA_ASSOCIATED) {
687 wpa_s->new_connection = 1;
688 wpa_drv_set_operstate(wpa_s, 0);
689 #ifndef IEEE8021X_EAPOL
690 wpa_drv_set_supp_port(wpa_s, 0);
691 #endif /* IEEE8021X_EAPOL */
692 sme_sched_obss_scan(wpa_s, 0);
694 wpa_s->wpa_state = state;
697 if (state == WPA_COMPLETED)
698 wpa_supplicant_start_bgscan(wpa_s);
700 wpa_supplicant_stop_bgscan(wpa_s);
701 #endif /* CONFIG_BGSCAN */
703 if (state == WPA_AUTHENTICATING)
704 wpa_supplicant_stop_autoscan(wpa_s);
706 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
707 wpa_supplicant_start_autoscan(wpa_s);
709 if (wpa_s->wpa_state != old_state) {
710 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
712 if (wpa_s->wpa_state == WPA_COMPLETED ||
713 old_state == WPA_COMPLETED)
714 wpas_notify_auth_changed(wpa_s);
719 void wpa_supplicant_terminate_proc(struct wpa_global *global)
723 struct wpa_supplicant *wpa_s = global->ifaces;
725 if (wpas_wps_terminate_pending(wpa_s) == 1)
729 #endif /* CONFIG_WPS */
736 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
738 struct wpa_global *global = signal_ctx;
739 wpa_supplicant_terminate_proc(global);
743 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
745 enum wpa_states old_state = wpa_s->wpa_state;
747 wpa_s->pairwise_cipher = 0;
748 wpa_s->group_cipher = 0;
749 wpa_s->mgmt_group_cipher = 0;
751 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
752 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
754 if (wpa_s->wpa_state != old_state)
755 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
760 * wpa_supplicant_reload_configuration - Reload configuration data
761 * @wpa_s: Pointer to wpa_supplicant data
762 * Returns: 0 on success or -1 if configuration parsing failed
764 * This function can be used to request that the configuration data is reloaded
765 * (e.g., after configuration file change). This function is reloading
766 * configuration only for one interface, so this may need to be called multiple
767 * times if %wpa_supplicant is controlling multiple interfaces and all
768 * interfaces need reconfiguration.
770 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
772 struct wpa_config *conf;
776 if (wpa_s->confname == NULL)
778 conf = wpa_config_read(wpa_s->confname);
780 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
781 "file '%s' - exiting", wpa_s->confname);
784 conf->changed_parameters = (unsigned int) -1;
786 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
787 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
788 os_strcmp(conf->ctrl_interface,
789 wpa_s->conf->ctrl_interface) != 0);
791 if (reconf_ctrl && wpa_s->ctrl_iface) {
792 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
793 wpa_s->ctrl_iface = NULL;
796 eapol_sm_invalidate_cached_session(wpa_s->eapol);
797 if (wpa_s->current_ssid) {
798 wpa_supplicant_deauthenticate(wpa_s,
799 WLAN_REASON_DEAUTH_LEAVING);
803 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
804 * pkcs11_engine_path, pkcs11_module_path.
806 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
808 * Clear forced success to clear EAP state for next
811 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
813 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
814 wpa_sm_set_config(wpa_s->wpa, NULL);
815 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
816 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
817 rsn_preauth_deinit(wpa_s->wpa);
819 old_ap_scan = wpa_s->conf->ap_scan;
820 wpa_config_free(wpa_s->conf);
822 if (old_ap_scan != wpa_s->conf->ap_scan)
823 wpas_notify_ap_scan_changed(wpa_s);
826 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
828 wpa_supplicant_update_config(wpa_s);
830 wpa_supplicant_clear_status(wpa_s);
831 if (wpa_supplicant_enabled_networks(wpa_s)) {
832 wpa_s->reassociate = 1;
833 wpa_supplicant_req_scan(wpa_s, 0, 0);
835 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
840 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
842 struct wpa_global *global = signal_ctx;
843 struct wpa_supplicant *wpa_s;
844 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
845 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
847 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
848 wpa_supplicant_terminate_proc(global);
854 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
857 case WPA_KEY_MGMT_NONE:
858 return KEY_MGMT_NONE;
859 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
860 return KEY_MGMT_802_1X_NO_WPA;
861 case WPA_KEY_MGMT_IEEE8021X:
862 return KEY_MGMT_802_1X;
863 case WPA_KEY_MGMT_WPA_NONE:
864 return KEY_MGMT_WPA_NONE;
865 case WPA_KEY_MGMT_FT_IEEE8021X:
866 return KEY_MGMT_FT_802_1X;
867 case WPA_KEY_MGMT_FT_PSK:
868 return KEY_MGMT_FT_PSK;
869 case WPA_KEY_MGMT_IEEE8021X_SHA256:
870 return KEY_MGMT_802_1X_SHA256;
871 case WPA_KEY_MGMT_PSK_SHA256:
872 return KEY_MGMT_PSK_SHA256;
873 case WPA_KEY_MGMT_WPS:
875 case WPA_KEY_MGMT_PSK:
882 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
883 struct wpa_ssid *ssid,
884 struct wpa_ie_data *ie)
886 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
889 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
890 "from association info");
895 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
897 if (!(ie->group_cipher & ssid->group_cipher)) {
898 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
899 "cipher 0x%x (mask 0x%x) - reject",
900 ie->group_cipher, ssid->group_cipher);
903 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
904 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
905 "cipher 0x%x (mask 0x%x) - reject",
906 ie->pairwise_cipher, ssid->pairwise_cipher);
909 if (!(ie->key_mgmt & ssid->key_mgmt)) {
910 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
911 "management 0x%x (mask 0x%x) - reject",
912 ie->key_mgmt, ssid->key_mgmt);
916 #ifdef CONFIG_IEEE80211W
917 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
918 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
919 wpa_s->conf->pmf : ssid->ieee80211w) ==
920 MGMT_FRAME_PROTECTION_REQUIRED) {
921 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
922 "that does not support management frame protection - "
926 #endif /* CONFIG_IEEE80211W */
933 * wpa_supplicant_set_suites - Set authentication and encryption parameters
934 * @wpa_s: Pointer to wpa_supplicant data
935 * @bss: Scan results for the selected BSS, or %NULL if not available
936 * @ssid: Configuration data for the selected network
937 * @wpa_ie: Buffer for the WPA/RSN IE
938 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
939 * used buffer length in case the functions returns success.
940 * Returns: 0 on success or -1 on failure
942 * This function is used to configure authentication and encryption parameters
943 * based on the network configuration and scan result for the selected BSS (if
946 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
947 struct wpa_bss *bss, struct wpa_ssid *ssid,
948 u8 *wpa_ie, size_t *wpa_ie_len)
950 struct wpa_ie_data ie;
952 const u8 *bss_wpa, *bss_rsn;
955 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
956 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
958 bss_wpa = bss_rsn = NULL;
960 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
961 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
962 (ie.group_cipher & ssid->group_cipher) &&
963 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
964 (ie.key_mgmt & ssid->key_mgmt)) {
965 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
966 proto = WPA_PROTO_RSN;
967 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
968 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
969 (ie.group_cipher & ssid->group_cipher) &&
970 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
971 (ie.key_mgmt & ssid->key_mgmt)) {
972 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
973 proto = WPA_PROTO_WPA;
975 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
978 if (ssid->proto & WPA_PROTO_RSN)
979 proto = WPA_PROTO_RSN;
981 proto = WPA_PROTO_WPA;
982 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
983 os_memset(&ie, 0, sizeof(ie));
984 ie.group_cipher = ssid->group_cipher;
985 ie.pairwise_cipher = ssid->pairwise_cipher;
986 ie.key_mgmt = ssid->key_mgmt;
987 #ifdef CONFIG_IEEE80211W
988 ie.mgmt_group_cipher =
989 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
990 WPA_CIPHER_AES_128_CMAC : 0;
991 #endif /* CONFIG_IEEE80211W */
992 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
993 "based on configuration");
998 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
999 "pairwise %d key_mgmt %d proto %d",
1000 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1001 #ifdef CONFIG_IEEE80211W
1002 if (ssid->ieee80211w) {
1003 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1004 ie.mgmt_group_cipher);
1006 #endif /* CONFIG_IEEE80211W */
1008 wpa_s->wpa_proto = proto;
1009 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1010 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1011 !!(ssid->proto & WPA_PROTO_RSN));
1013 if (bss || !wpa_s->ap_ies_from_associnfo) {
1014 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1015 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1016 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1017 bss_rsn ? 2 + bss_rsn[1] : 0))
1021 sel = ie.group_cipher & ssid->group_cipher;
1022 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1023 if (wpa_s->group_cipher < 0) {
1024 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1028 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1029 wpa_cipher_txt(wpa_s->group_cipher));
1031 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1032 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1033 if (wpa_s->pairwise_cipher < 0) {
1034 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1038 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1039 wpa_cipher_txt(wpa_s->pairwise_cipher));
1041 sel = ie.key_mgmt & ssid->key_mgmt;
1043 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1044 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1045 #endif /* CONFIG_SAE */
1047 #ifdef CONFIG_IEEE80211R
1048 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
1049 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1050 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1051 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1052 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1053 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1054 #endif /* CONFIG_IEEE80211R */
1056 } else if (sel & WPA_KEY_MGMT_SAE) {
1057 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1058 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1059 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1060 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1061 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1062 #endif /* CONFIG_SAE */
1063 #ifdef CONFIG_IEEE80211W
1064 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1065 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1066 wpa_dbg(wpa_s, MSG_DEBUG,
1067 "WPA: using KEY_MGMT 802.1X with SHA256");
1068 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1069 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1070 wpa_dbg(wpa_s, MSG_DEBUG,
1071 "WPA: using KEY_MGMT PSK with SHA256");
1072 #endif /* CONFIG_IEEE80211W */
1073 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1074 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1075 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1076 } else if (sel & WPA_KEY_MGMT_PSK) {
1077 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1078 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1079 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1080 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1081 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1083 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1084 "authenticated key management type");
1088 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1089 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1090 wpa_s->pairwise_cipher);
1091 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1093 #ifdef CONFIG_IEEE80211W
1094 sel = ie.mgmt_group_cipher;
1095 if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1096 wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION ||
1097 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1099 if (sel & WPA_CIPHER_AES_128_CMAC) {
1100 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1101 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1104 wpa_s->mgmt_group_cipher = 0;
1105 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1107 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1108 wpa_s->mgmt_group_cipher);
1109 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1110 (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1111 wpa_s->conf->pmf : ssid->ieee80211w));
1112 #endif /* CONFIG_IEEE80211W */
1114 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1115 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1119 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1120 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1121 #ifndef CONFIG_NO_PBKDF2
1122 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1125 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1126 4096, psk, PMK_LEN);
1127 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1129 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1131 #endif /* CONFIG_NO_PBKDF2 */
1132 #ifdef CONFIG_EXT_PASSWORD
1133 if (ssid->ext_psk) {
1134 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1136 char pw_str[64 + 1];
1140 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1141 "found from external storage");
1145 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1146 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1147 "PSK length %d in external storage",
1148 (int) wpabuf_len(pw));
1149 ext_password_free(pw);
1153 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1154 pw_str[wpabuf_len(pw)] = '\0';
1156 #ifndef CONFIG_NO_PBKDF2
1157 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1159 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1160 4096, psk, PMK_LEN);
1161 os_memset(pw_str, 0, sizeof(pw_str));
1162 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1163 "external passphrase)",
1165 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1167 #endif /* CONFIG_NO_PBKDF2 */
1168 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1169 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1170 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1171 "Invalid PSK hex string");
1172 os_memset(pw_str, 0, sizeof(pw_str));
1173 ext_password_free(pw);
1176 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1178 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1180 os_memset(pw_str, 0, sizeof(pw_str));
1181 ext_password_free(pw);
1185 os_memset(pw_str, 0, sizeof(pw_str));
1186 ext_password_free(pw);
1188 #endif /* CONFIG_EXT_PASSWORD */
1190 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1196 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf)
1201 #ifdef CONFIG_INTERWORKING
1202 if (wpa_s->conf->interworking)
1203 ext_capab |= BIT(31); /* Interworking */
1204 #endif /* CONFIG_INTERWORKING */
1207 ext_capab |= BIT(17); /* WNM-Sleep Mode */
1208 ext_capab |= BIT(19); /* BSS Transition */
1209 #endif /* CONFIG_WNM */
1214 *pos++ = WLAN_EID_EXT_CAPAB;
1216 WPA_PUT_LE32(pos, ext_capab);
1224 * wpa_supplicant_associate - Request association
1225 * @wpa_s: Pointer to wpa_supplicant data
1226 * @bss: Scan results for the selected BSS, or %NULL if not available
1227 * @ssid: Configuration data for the selected network
1229 * This function is used to request %wpa_supplicant to associate with a BSS.
1231 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1232 struct wpa_bss *bss, struct wpa_ssid *ssid)
1236 int use_crypt, ret, i, bssid_changed;
1237 int algs = WPA_AUTH_ALG_OPEN;
1238 enum wpa_cipher cipher_pairwise, cipher_group;
1239 struct wpa_driver_associate_params params;
1240 int wep_keys_set = 0;
1241 struct wpa_driver_capa capa;
1242 int assoc_failed = 0;
1243 struct wpa_ssid *old_ssid;
1246 #ifdef CONFIG_HT_OVERRIDES
1247 struct ieee80211_ht_capabilities htcaps;
1248 struct ieee80211_ht_capabilities htcaps_mask;
1249 #endif /* CONFIG_HT_OVERRIDES */
1251 #ifdef CONFIG_IBSS_RSN
1252 ibss_rsn_deinit(wpa_s->ibss_rsn);
1253 wpa_s->ibss_rsn = NULL;
1254 #endif /* CONFIG_IBSS_RSN */
1259 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1260 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1262 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1263 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1267 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
1268 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1271 wpa_s->current_bss = bss;
1272 #else /* CONFIG_AP */
1273 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1275 #endif /* CONFIG_AP */
1281 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1283 #endif /* CONFIG_TDLS */
1285 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1286 ssid->mode == IEEE80211_MODE_INFRA) {
1287 sme_authenticate(wpa_s, bss, ssid);
1291 os_memset(¶ms, 0, sizeof(params));
1292 wpa_s->reassociate = 0;
1293 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1294 #ifdef CONFIG_IEEE80211R
1295 const u8 *ie, *md = NULL;
1296 #endif /* CONFIG_IEEE80211R */
1297 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1298 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1299 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1300 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1301 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1302 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1304 wpas_notify_bssid_changed(wpa_s);
1305 #ifdef CONFIG_IEEE80211R
1306 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1307 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1309 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1311 /* Prepare for the next transition */
1312 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1314 #endif /* CONFIG_IEEE80211R */
1316 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1317 wpa_s->conf->ap_scan == 2 &&
1318 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1319 /* Use ap_scan==1 style network selection to find the network
1321 wpa_s->scan_req = MANUAL_SCAN_REQ;
1322 wpa_s->reassociate = 1;
1323 wpa_supplicant_req_scan(wpa_s, 0, 0);
1325 #endif /* CONFIG_WPS */
1327 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1328 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1329 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1331 wpa_supplicant_cancel_sched_scan(wpa_s);
1332 wpa_supplicant_cancel_scan(wpa_s);
1334 /* Starting new association, so clear the possibly used WPA IE from the
1335 * previous association. */
1336 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1338 #ifdef IEEE8021X_EAPOL
1339 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1341 if (ssid->non_leap == 0)
1342 algs = WPA_AUTH_ALG_LEAP;
1344 algs |= WPA_AUTH_ALG_LEAP;
1347 #endif /* IEEE8021X_EAPOL */
1348 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1349 if (ssid->auth_alg) {
1350 algs = ssid->auth_alg;
1351 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1355 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1356 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1357 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1358 int try_opportunistic;
1359 try_opportunistic = (ssid->proactive_key_caching < 0 ?
1361 ssid->proactive_key_caching) &&
1362 (ssid->proto & WPA_PROTO_RSN);
1363 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1364 wpa_s->current_ssid,
1365 try_opportunistic) == 0)
1366 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1367 wpa_ie_len = sizeof(wpa_ie);
1368 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1369 wpa_ie, &wpa_ie_len)) {
1370 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1371 "key management and encryption suites");
1374 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
1375 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
1377 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
1378 * use non-WPA since the scan results did not indicate that the
1379 * AP is using WPA or WPA2.
1381 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1383 wpa_s->wpa_proto = 0;
1384 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1385 wpa_ie_len = sizeof(wpa_ie);
1386 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1387 wpa_ie, &wpa_ie_len)) {
1388 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1389 "key management and encryption suites (no "
1394 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1395 struct wpabuf *wps_ie;
1396 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1397 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1398 wpa_ie_len = wpabuf_len(wps_ie);
1399 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1402 wpabuf_free(wps_ie);
1403 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1404 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1405 params.wps = WPS_MODE_PRIVACY;
1407 params.wps = WPS_MODE_OPEN;
1408 wpa_s->wpa_proto = 0;
1409 #endif /* CONFIG_WPS */
1411 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1413 wpa_s->wpa_proto = 0;
1417 if (wpa_s->global->p2p) {
1421 pos = wpa_ie + wpa_ie_len;
1422 len = sizeof(wpa_ie) - wpa_ie_len;
1423 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
1429 wpa_s->cross_connect_disallowed = 0;
1432 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1434 wpa_s->cross_connect_disallowed =
1435 p2p_get_cross_connect_disallowed(p2p);
1437 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1439 wpa_s->cross_connect_disallowed ?
1440 "disallows" : "allows");
1443 #endif /* CONFIG_P2P */
1446 if (wpa_s->conf->hs20) {
1447 struct wpabuf *hs20;
1448 hs20 = wpabuf_alloc(20);
1450 wpas_hs20_add_indication(hs20);
1451 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20),
1453 wpa_ie_len += wpabuf_len(hs20);
1457 #endif /* CONFIG_HS20 */
1459 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab);
1460 if (ext_capab_len > 0) {
1462 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1464 os_memmove(pos + ext_capab_len, pos,
1465 wpa_ie_len - (pos - wpa_ie));
1466 wpa_ie_len += ext_capab_len;
1467 os_memcpy(pos, ext_capab, ext_capab_len);
1470 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1472 cipher_pairwise = wpa_cipher_to_suite_driver(wpa_s->pairwise_cipher);
1473 cipher_group = wpa_cipher_to_suite_driver(wpa_s->group_cipher);
1474 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1475 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1476 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1478 if (wpa_set_wep_keys(wpa_s, ssid)) {
1483 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1486 #ifdef IEEE8021X_EAPOL
1487 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1488 if ((ssid->eapol_flags &
1489 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1490 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1494 /* Assume that dynamic WEP-104 keys will be used and
1495 * set cipher suites in order for drivers to expect
1497 cipher_pairwise = cipher_group = CIPHER_WEP104;
1500 #endif /* IEEE8021X_EAPOL */
1502 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1503 /* Set the key before (and later after) association */
1504 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1507 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1509 params.ssid = bss->ssid;
1510 params.ssid_len = bss->ssid_len;
1511 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
1512 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
1513 MACSTR " freq=%u MHz based on scan results "
1515 MAC2STR(bss->bssid), bss->freq,
1517 params.bssid = bss->bssid;
1518 params.freq = bss->freq;
1521 params.ssid = ssid->ssid;
1522 params.ssid_len = ssid->ssid_len;
1525 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1526 wpa_s->conf->ap_scan == 2) {
1527 params.bssid = ssid->bssid;
1528 params.fixed_bssid = 1;
1531 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1533 params.freq = ssid->frequency; /* Initial channel for IBSS */
1534 params.wpa_ie = wpa_ie;
1535 params.wpa_ie_len = wpa_ie_len;
1536 params.pairwise_suite = cipher_pairwise;
1537 params.group_suite = cipher_group;
1538 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1539 params.wpa_proto = wpa_s->wpa_proto;
1540 params.auth_alg = algs;
1541 params.mode = ssid->mode;
1542 params.bg_scan_period = ssid->bg_scan_period;
1543 for (i = 0; i < NUM_WEP_KEYS; i++) {
1544 if (ssid->wep_key_len[i])
1545 params.wep_key[i] = ssid->wep_key[i];
1546 params.wep_key_len[i] = ssid->wep_key_len[i];
1548 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1550 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1551 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1552 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1553 params.passphrase = ssid->passphrase;
1555 params.psk = ssid->psk;
1558 params.drop_unencrypted = use_crypt;
1560 #ifdef CONFIG_IEEE80211W
1561 params.mgmt_frame_protection =
1562 ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ?
1563 wpa_s->conf->pmf : ssid->ieee80211w;
1564 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
1565 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1566 struct wpa_ie_data ie;
1567 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1569 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1570 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1571 "MFP: require MFP");
1572 params.mgmt_frame_protection =
1573 MGMT_FRAME_PROTECTION_REQUIRED;
1576 #endif /* CONFIG_IEEE80211W */
1578 params.p2p = ssid->p2p_group;
1580 if (wpa_s->parent->set_sta_uapsd)
1581 params.uapsd = wpa_s->parent->sta_uapsd;
1585 #ifdef CONFIG_HT_OVERRIDES
1586 os_memset(&htcaps, 0, sizeof(htcaps));
1587 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1588 params.htcaps = (u8 *) &htcaps;
1589 params.htcaps_mask = (u8 *) &htcaps_mask;
1590 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1591 #endif /* CONFIG_HT_OVERRIDES */
1594 /* If multichannel concurrency is not supported, check for any frequency
1595 * conflict and take appropriate action.
1597 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MULTI_CHANNEL_CONCURRENT) &&
1598 ((freq = wpa_drv_shared_freq(wpa_s)) > 0) && (freq != params.freq)) {
1599 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)"
1600 , freq, params.freq);
1601 if (wpas_p2p_handle_frequency_conflicts(wpa_s, params.freq, ssid) < 0)
1605 ret = wpa_drv_associate(wpa_s, ¶ms);
1607 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1609 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1611 * The driver is known to mean what is saying, so we
1612 * can stop right here; the association will not
1615 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1616 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1617 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1620 /* try to continue anyway; new association will be tried again
1625 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1626 /* Set the key after the association just in case association
1627 * cleared the previously configured key. */
1628 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1629 /* No need to timeout authentication since there is no key
1631 wpa_supplicant_cancel_auth_timeout(wpa_s);
1632 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1633 #ifdef CONFIG_IBSS_RSN
1634 } else if (ssid->mode == WPAS_MODE_IBSS &&
1635 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1636 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1638 * RSN IBSS authentication is per-STA and we can disable the
1639 * per-BSSID authentication.
1641 wpa_supplicant_cancel_auth_timeout(wpa_s);
1642 #endif /* CONFIG_IBSS_RSN */
1644 /* Timeout for IEEE 802.11 authentication and association */
1648 /* give IBSS a bit more time */
1649 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1650 } else if (wpa_s->conf->ap_scan == 1) {
1651 /* give IBSS a bit more time */
1652 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1654 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1657 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1658 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1659 /* Set static WEP keys again */
1660 wpa_set_wep_keys(wpa_s, ssid);
1663 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1665 * Do not allow EAP session resumption between different
1666 * network configurations.
1668 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1670 old_ssid = wpa_s->current_ssid;
1671 wpa_s->current_ssid = ssid;
1672 wpa_s->current_bss = bss;
1673 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1674 wpa_supplicant_initiate_eapol(wpa_s);
1675 if (old_ssid != wpa_s->current_ssid)
1676 wpas_notify_network_changed(wpa_s);
1680 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1683 struct wpa_ssid *old_ssid;
1685 wpa_clear_keys(wpa_s, addr);
1686 old_ssid = wpa_s->current_ssid;
1687 wpa_supplicant_mark_disassoc(wpa_s);
1688 wpa_sm_set_config(wpa_s->wpa, NULL);
1689 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1690 if (old_ssid != wpa_s->current_ssid)
1691 wpas_notify_network_changed(wpa_s);
1692 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1697 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1698 * @wpa_s: Pointer to wpa_supplicant data
1699 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1701 * This function is used to request %wpa_supplicant to deauthenticate from the
1704 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1708 union wpa_event_data event;
1711 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
1712 " pending_bssid=" MACSTR " reason=%d state=%s",
1713 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
1714 reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state));
1716 if (!is_zero_ether_addr(wpa_s->bssid))
1717 addr = wpa_s->bssid;
1718 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
1719 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
1720 wpa_s->wpa_state == WPA_ASSOCIATING))
1721 addr = wpa_s->pending_bssid;
1722 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
1724 * When using driver-based BSS selection, we may not know the
1725 * BSSID with which we are currently trying to associate. We
1726 * need to notify the driver of this disconnection even in such
1727 * a case, so use the all zeros address here.
1729 addr = wpa_s->bssid;
1734 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
1735 os_memset(&event, 0, sizeof(event));
1736 event.deauth_info.reason_code = (u16) reason_code;
1737 event.deauth_info.locally_generated = 1;
1738 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
1743 wpa_supplicant_clear_connection(wpa_s, addr);
1748 * wpa_supplicant_enable_network - Mark a configured network as enabled
1749 * @wpa_s: wpa_supplicant structure for a network interface
1750 * @ssid: wpa_ssid structure for a configured network or %NULL
1752 * Enables the specified network or all networks if no network specified.
1754 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1755 struct wpa_ssid *ssid)
1757 struct wpa_ssid *other_ssid;
1761 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1762 other_ssid = other_ssid->next) {
1763 if (other_ssid->disabled == 2)
1764 continue; /* do not change persistent P2P group
1766 if (other_ssid == wpa_s->current_ssid &&
1767 other_ssid->disabled)
1768 wpa_s->reassociate = 1;
1770 was_disabled = other_ssid->disabled;
1772 other_ssid->disabled = 0;
1774 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1776 if (was_disabled != other_ssid->disabled)
1777 wpas_notify_network_enabled_changed(
1780 if (wpa_s->reassociate)
1781 wpa_supplicant_req_scan(wpa_s, 0, 0);
1782 } else if (ssid->disabled && ssid->disabled != 2) {
1783 if (wpa_s->current_ssid == NULL) {
1785 * Try to reassociate since there is no current
1786 * configuration and a new network was made available.
1788 wpa_s->reassociate = 1;
1789 wpa_supplicant_req_scan(wpa_s, 0, 0);
1792 was_disabled = ssid->disabled;
1795 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1797 if (was_disabled != ssid->disabled)
1798 wpas_notify_network_enabled_changed(wpa_s, ssid);
1804 * wpa_supplicant_disable_network - Mark a configured network as disabled
1805 * @wpa_s: wpa_supplicant structure for a network interface
1806 * @ssid: wpa_ssid structure for a configured network or %NULL
1808 * Disables the specified network or all networks if no network specified.
1810 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1811 struct wpa_ssid *ssid)
1813 struct wpa_ssid *other_ssid;
1817 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1818 other_ssid = other_ssid->next) {
1819 was_disabled = other_ssid->disabled;
1820 if (was_disabled == 2)
1821 continue; /* do not change persistent P2P group
1824 other_ssid->disabled = 1;
1826 if (was_disabled != other_ssid->disabled)
1827 wpas_notify_network_enabled_changed(
1830 if (wpa_s->current_ssid)
1831 wpa_supplicant_deauthenticate(
1832 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1833 } else if (ssid->disabled != 2) {
1834 if (ssid == wpa_s->current_ssid)
1835 wpa_supplicant_deauthenticate(
1836 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1838 was_disabled = ssid->disabled;
1842 if (was_disabled != ssid->disabled)
1843 wpas_notify_network_enabled_changed(wpa_s, ssid);
1849 * wpa_supplicant_select_network - Attempt association with a network
1850 * @wpa_s: wpa_supplicant structure for a network interface
1851 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1853 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1854 struct wpa_ssid *ssid)
1857 struct wpa_ssid *other_ssid;
1858 int disconnected = 0;
1860 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
1861 wpa_supplicant_deauthenticate(
1862 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1867 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1870 * Mark all other networks disabled or mark all networks enabled if no
1871 * network specified.
1873 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1874 other_ssid = other_ssid->next) {
1875 int was_disabled = other_ssid->disabled;
1876 if (was_disabled == 2)
1877 continue; /* do not change persistent P2P group data */
1879 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1880 if (was_disabled && !other_ssid->disabled)
1881 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
1883 if (was_disabled != other_ssid->disabled)
1884 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1887 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1888 /* We are already associated with the selected network */
1889 wpa_printf(MSG_DEBUG, "Already associated with the "
1890 "selected network - do nothing");
1895 wpa_s->current_ssid = ssid;
1896 wpa_s->connect_without_scan = NULL;
1897 wpa_s->disconnected = 0;
1898 wpa_s->reassociate = 1;
1899 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
1902 wpas_notify_network_selected(wpa_s, ssid);
1907 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1908 * @wpa_s: wpa_supplicant structure for a network interface
1909 * @ap_scan: AP scan mode
1910 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1913 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1918 if (ap_scan < 0 || ap_scan > 2)
1922 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1923 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1924 wpa_s->wpa_state < WPA_COMPLETED) {
1925 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1926 "associating", wpa_s->conf->ap_scan, ap_scan);
1929 #endif /* ANDROID */
1931 old_ap_scan = wpa_s->conf->ap_scan;
1932 wpa_s->conf->ap_scan = ap_scan;
1934 if (old_ap_scan != wpa_s->conf->ap_scan)
1935 wpas_notify_ap_scan_changed(wpa_s);
1942 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1943 * @wpa_s: wpa_supplicant structure for a network interface
1944 * @expire_age: Expiration age in seconds
1945 * Returns: 0 if succeed or -1 if expire_age has an invalid value
1948 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1949 unsigned int bss_expire_age)
1951 if (bss_expire_age < 10) {
1952 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1956 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1958 wpa_s->conf->bss_expiration_age = bss_expire_age;
1965 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1966 * @wpa_s: wpa_supplicant structure for a network interface
1967 * @expire_count: number of scans after which an unseen BSS is reclaimed
1968 * Returns: 0 if succeed or -1 if expire_count has an invalid value
1971 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1972 unsigned int bss_expire_count)
1974 if (bss_expire_count < 1) {
1975 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1979 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
1981 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
1988 * wpa_supplicant_set_scan_interval - Set scan interval
1989 * @wpa_s: wpa_supplicant structure for a network interface
1990 * @scan_interval: scan interval in seconds
1991 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
1994 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
1997 if (scan_interval < 0) {
1998 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
2002 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
2004 wpa_s->scan_interval = scan_interval;
2011 * wpa_supplicant_set_debug_params - Set global debug params
2012 * @global: wpa_global structure
2013 * @debug_level: debug level
2014 * @debug_timestamp: determines if show timestamp in debug data
2015 * @debug_show_keys: determines if show keys in debug data
2016 * Returns: 0 if succeed or -1 if debug_level has wrong value
2018 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
2019 int debug_timestamp, int debug_show_keys)
2022 int old_level, old_timestamp, old_show_keys;
2024 /* check for allowed debuglevels */
2025 if (debug_level != MSG_EXCESSIVE &&
2026 debug_level != MSG_MSGDUMP &&
2027 debug_level != MSG_DEBUG &&
2028 debug_level != MSG_INFO &&
2029 debug_level != MSG_WARNING &&
2030 debug_level != MSG_ERROR)
2033 old_level = wpa_debug_level;
2034 old_timestamp = wpa_debug_timestamp;
2035 old_show_keys = wpa_debug_show_keys;
2037 wpa_debug_level = debug_level;
2038 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
2039 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
2041 if (wpa_debug_level != old_level)
2042 wpas_notify_debug_level_changed(global);
2043 if (wpa_debug_timestamp != old_timestamp)
2044 wpas_notify_debug_timestamp_changed(global);
2045 if (wpa_debug_show_keys != old_show_keys)
2046 wpas_notify_debug_show_keys_changed(global);
2053 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
2054 * @wpa_s: Pointer to wpa_supplicant data
2055 * Returns: A pointer to the current network structure or %NULL on failure
2057 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
2059 struct wpa_ssid *entry;
2060 u8 ssid[MAX_SSID_LEN];
2066 res = wpa_drv_get_ssid(wpa_s, ssid);
2068 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
2074 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
2075 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
2080 wired = wpa_s->conf->ap_scan == 0 &&
2081 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
2083 entry = wpa_s->conf->ssid;
2085 if (!wpas_network_disabled(wpa_s, entry) &&
2086 ((ssid_len == entry->ssid_len &&
2087 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
2088 (!entry->bssid_set ||
2089 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2092 if (!wpas_network_disabled(wpa_s, entry) &&
2093 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
2094 (entry->ssid == NULL || entry->ssid_len == 0) &&
2095 (!entry->bssid_set ||
2096 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
2098 #endif /* CONFIG_WPS */
2100 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
2101 entry->ssid_len == 0 &&
2102 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
2105 entry = entry->next;
2112 static int select_driver(struct wpa_supplicant *wpa_s, int i)
2114 struct wpa_global *global = wpa_s->global;
2116 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
2117 global->drv_priv[i] = wpa_drivers[i]->global_init();
2118 if (global->drv_priv[i] == NULL) {
2119 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2120 "'%s'", wpa_drivers[i]->name);
2125 wpa_s->driver = wpa_drivers[i];
2126 wpa_s->global_drv_priv = global->drv_priv[i];
2132 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
2137 const char *pos, *driver = name;
2142 if (wpa_drivers[0] == NULL) {
2143 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
2149 /* default to first driver in the list */
2150 return select_driver(wpa_s, 0);
2154 pos = os_strchr(driver, ',');
2158 len = os_strlen(driver);
2160 for (i = 0; wpa_drivers[i]; i++) {
2161 if (os_strlen(wpa_drivers[i]->name) == len &&
2162 os_strncmp(driver, wpa_drivers[i]->name, len) ==
2164 /* First driver that succeeds wins */
2165 if (select_driver(wpa_s, i) == 0)
2173 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
2179 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
2180 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
2181 * with struct wpa_driver_ops::init()
2182 * @src_addr: Source address of the EAPOL frame
2183 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
2184 * @len: Length of the EAPOL data
2186 * This function is called for each received EAPOL frame. Most driver
2187 * interfaces rely on more generic OS mechanism for receiving frames through
2188 * l2_packet, but if such a mechanism is not available, the driver wrapper may
2189 * take care of received EAPOL frames and deliver them to the core supplicant
2190 * code by calling this function.
2192 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
2193 const u8 *buf, size_t len)
2195 struct wpa_supplicant *wpa_s = ctx;
2197 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
2198 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
2200 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
2201 (wpa_s->last_eapol_matches_bssid &&
2204 #endif /* CONFIG_AP */
2205 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
2207 * There is possible race condition between receiving the
2208 * association event and the EAPOL frame since they are coming
2209 * through different paths from the driver. In order to avoid
2210 * issues in trying to process the EAPOL frame before receiving
2211 * association information, lets queue it for processing until
2212 * the association event is received. This may also be needed in
2213 * driver-based roaming case, so also use src_addr != BSSID as a
2214 * trigger if we have previously confirmed that the
2215 * Authenticator uses BSSID as the src_addr (which is not the
2216 * case with wired IEEE 802.1X).
2218 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2219 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
2220 wpa_supplicant_state_txt(wpa_s->wpa_state),
2221 MAC2STR(wpa_s->bssid));
2222 wpabuf_free(wpa_s->pending_eapol_rx);
2223 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2224 if (wpa_s->pending_eapol_rx) {
2225 os_get_time(&wpa_s->pending_eapol_rx_time);
2226 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2232 wpa_s->last_eapol_matches_bssid =
2233 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
2236 if (wpa_s->ap_iface) {
2237 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2240 #endif /* CONFIG_AP */
2242 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2243 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2244 "no key management is configured");
2248 if (wpa_s->eapol_received == 0 &&
2249 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2250 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2251 wpa_s->wpa_state != WPA_COMPLETED) &&
2252 (wpa_s->current_ssid == NULL ||
2253 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2254 /* Timeout for completing IEEE 802.1X and WPA authentication */
2255 wpa_supplicant_req_auth_timeout(
2257 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2258 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2259 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2262 wpa_s->eapol_received++;
2264 if (wpa_s->countermeasures) {
2265 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2270 #ifdef CONFIG_IBSS_RSN
2271 if (wpa_s->current_ssid &&
2272 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2273 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2276 #endif /* CONFIG_IBSS_RSN */
2278 /* Source address of the incoming EAPOL frame could be compared to the
2279 * current BSSID. However, it is possible that a centralized
2280 * Authenticator could be using another MAC address than the BSSID of
2281 * an AP, so just allow any address to be used for now. The replies are
2282 * still sent to the current BSSID (if available), though. */
2284 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2285 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2286 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2288 wpa_drv_poll(wpa_s);
2289 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2290 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2291 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2293 * Set portValid = TRUE here since we are going to skip 4-way
2294 * handshake processing which would normally set portValid. We
2295 * need this to allow the EAPOL state machines to be completed
2296 * without going through EAPOL-Key handshake.
2298 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2303 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2305 if (wpa_s->driver->send_eapol) {
2306 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2308 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2309 } else if (!(wpa_s->drv_flags &
2310 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2311 l2_packet_deinit(wpa_s->l2);
2312 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2313 wpa_drv_get_mac_addr(wpa_s),
2315 wpa_supplicant_rx_eapol, wpa_s, 0);
2316 if (wpa_s->l2 == NULL)
2319 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2321 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2324 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2325 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2329 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2330 MAC2STR(wpa_s->own_addr));
2331 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2337 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
2338 const u8 *buf, size_t len)
2340 struct wpa_supplicant *wpa_s = ctx;
2341 const struct l2_ethhdr *eth;
2343 if (len < sizeof(*eth))
2345 eth = (const struct l2_ethhdr *) buf;
2347 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
2348 !(eth->h_dest[0] & 0x01)) {
2349 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2350 " (bridge - not for this interface - ignore)",
2351 MAC2STR(src_addr), MAC2STR(eth->h_dest));
2355 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
2356 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
2357 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
2358 len - sizeof(*eth));
2363 * wpa_supplicant_driver_init - Initialize driver interface parameters
2364 * @wpa_s: Pointer to wpa_supplicant data
2365 * Returns: 0 on success, -1 on failure
2367 * This function is called to initialize driver interface parameters.
2368 * wpa_drv_init() must have been called before this function to initialize the
2371 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2373 static int interface_count = 0;
2375 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2378 if (wpa_s->bridge_ifname[0]) {
2379 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2380 "interface '%s'", wpa_s->bridge_ifname);
2381 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2384 wpa_supplicant_rx_eapol_bridge,
2386 if (wpa_s->l2_br == NULL) {
2387 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2388 "connection for the bridge interface '%s'",
2389 wpa_s->bridge_ifname);
2394 wpa_clear_keys(wpa_s, NULL);
2396 /* Make sure that TKIP countermeasures are not left enabled (could
2397 * happen if wpa_supplicant is killed during countermeasures. */
2398 wpa_drv_set_countermeasures(wpa_s, 0);
2400 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2401 wpa_drv_flush_pmkid(wpa_s);
2403 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2404 wpa_s->prev_scan_wildcard = 0;
2406 if (wpa_supplicant_enabled_networks(wpa_s)) {
2407 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2409 wpa_supplicant_req_scan(wpa_s, interface_count,
2413 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2419 static int wpa_supplicant_daemon(const char *pid_file)
2421 wpa_printf(MSG_DEBUG, "Daemonize..");
2422 return os_daemonize(pid_file);
2426 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2428 struct wpa_supplicant *wpa_s;
2430 wpa_s = os_zalloc(sizeof(*wpa_s));
2433 wpa_s->scan_req = INITIAL_SCAN_REQ;
2434 wpa_s->scan_interval = 5;
2435 wpa_s->new_connection = 1;
2436 wpa_s->parent = wpa_s;
2437 wpa_s->sched_scanning = 0;
2443 #ifdef CONFIG_HT_OVERRIDES
2445 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2446 struct ieee80211_ht_capabilities *htcaps,
2447 struct ieee80211_ht_capabilities *htcaps_mask,
2450 /* parse ht_mcs into hex array */
2452 const char *tmp = ht_mcs;
2455 /* If ht_mcs is null, do not set anything */
2459 /* This is what we are setting in the kernel */
2460 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2462 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2464 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2466 long v = strtol(tmp, &end, 16);
2468 wpa_msg(wpa_s, MSG_DEBUG,
2469 "htcap value[%i]: %ld end: %p tmp: %p",
2474 htcaps->supported_mcs_set[i] = v;
2477 wpa_msg(wpa_s, MSG_ERROR,
2478 "Failed to parse ht-mcs: %s, error: %s\n",
2479 ht_mcs, strerror(errno));
2485 * If we were able to parse any values, then set mask for the MCS set.
2488 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2489 IEEE80211_HT_MCS_MASK_LEN - 1);
2490 /* skip the 3 reserved bits */
2491 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2499 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2500 struct ieee80211_ht_capabilities *htcaps,
2501 struct ieee80211_ht_capabilities *htcaps_mask,
2506 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2511 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2512 htcaps_mask->ht_capabilities_info |= msk;
2514 htcaps->ht_capabilities_info &= msk;
2516 htcaps->ht_capabilities_info |= msk;
2522 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2523 struct ieee80211_ht_capabilities *htcaps,
2524 struct ieee80211_ht_capabilities *htcaps_mask,
2527 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2532 if (factor < 0 || factor > 3) {
2533 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2534 "Must be 0-3 or -1", factor);
2538 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2539 htcaps->a_mpdu_params &= ~0x3;
2540 htcaps->a_mpdu_params |= factor & 0x3;
2546 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2547 struct ieee80211_ht_capabilities *htcaps,
2548 struct ieee80211_ht_capabilities *htcaps_mask,
2551 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2556 if (density < 0 || density > 7) {
2557 wpa_msg(wpa_s, MSG_ERROR,
2558 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2563 htcaps_mask->a_mpdu_params |= 0x1C;
2564 htcaps->a_mpdu_params &= ~(0x1C);
2565 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2571 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2572 struct ieee80211_ht_capabilities *htcaps,
2573 struct ieee80211_ht_capabilities *htcaps_mask,
2576 /* Masking these out disables HT40 */
2577 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2578 HT_CAP_INFO_SHORT_GI40MHZ);
2580 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2583 htcaps->ht_capabilities_info &= ~msk;
2585 htcaps->ht_capabilities_info |= msk;
2587 htcaps_mask->ht_capabilities_info |= msk;
2593 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
2594 struct ieee80211_ht_capabilities *htcaps,
2595 struct ieee80211_ht_capabilities *htcaps_mask,
2598 /* Masking these out disables SGI */
2599 u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
2600 HT_CAP_INFO_SHORT_GI40MHZ);
2602 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
2605 htcaps->ht_capabilities_info &= ~msk;
2607 htcaps->ht_capabilities_info |= msk;
2609 htcaps_mask->ht_capabilities_info |= msk;
2615 void wpa_supplicant_apply_ht_overrides(
2616 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2617 struct wpa_driver_associate_params *params)
2619 struct ieee80211_ht_capabilities *htcaps;
2620 struct ieee80211_ht_capabilities *htcaps_mask;
2625 params->disable_ht = ssid->disable_ht;
2626 if (!params->htcaps || !params->htcaps_mask)
2629 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2630 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2631 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2632 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2633 ssid->disable_max_amsdu);
2634 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2635 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2636 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2637 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
2640 #endif /* CONFIG_HT_OVERRIDES */
2643 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
2648 if (!wpa_s->conf->pcsc_reader)
2651 wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader);
2655 if (wpa_s->conf->pcsc_pin &&
2656 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
2657 scard_deinit(wpa_s->scard);
2658 wpa_s->scard = NULL;
2659 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
2663 len = sizeof(wpa_s->imsi) - 1;
2664 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
2665 scard_deinit(wpa_s->scard);
2666 wpa_s->scard = NULL;
2667 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
2670 wpa_s->imsi[len] = '\0';
2672 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
2674 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
2675 wpa_s->imsi, wpa_s->mnc_len);
2677 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
2678 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
2679 #endif /* PCSC_FUNCS */
2685 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
2689 ext_password_deinit(wpa_s->ext_pw);
2690 wpa_s->ext_pw = NULL;
2691 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
2693 if (!wpa_s->conf->ext_password_backend)
2696 val = os_strdup(wpa_s->conf->ext_password_backend);
2699 pos = os_strchr(val, ':');
2703 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
2705 wpa_s->ext_pw = ext_password_init(val, pos);
2707 if (wpa_s->ext_pw == NULL) {
2708 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
2711 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
2717 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2718 struct wpa_interface *iface)
2720 const char *ifname, *driver;
2721 struct wpa_driver_capa capa;
2723 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2724 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2725 iface->confname ? iface->confname : "N/A",
2726 iface->driver ? iface->driver : "default",
2727 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2728 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2730 if (iface->confname) {
2731 #ifdef CONFIG_BACKEND_FILE
2732 wpa_s->confname = os_rel2abs_path(iface->confname);
2733 if (wpa_s->confname == NULL) {
2734 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2735 "for configuration file '%s'.",
2739 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2740 iface->confname, wpa_s->confname);
2741 #else /* CONFIG_BACKEND_FILE */
2742 wpa_s->confname = os_strdup(iface->confname);
2743 #endif /* CONFIG_BACKEND_FILE */
2744 wpa_s->conf = wpa_config_read(wpa_s->confname);
2745 if (wpa_s->conf == NULL) {
2746 wpa_printf(MSG_ERROR, "Failed to read or parse "
2747 "configuration '%s'.", wpa_s->confname);
2752 * Override ctrl_interface and driver_param if set on command
2755 if (iface->ctrl_interface) {
2756 os_free(wpa_s->conf->ctrl_interface);
2757 wpa_s->conf->ctrl_interface =
2758 os_strdup(iface->ctrl_interface);
2761 if (iface->driver_param) {
2762 os_free(wpa_s->conf->driver_param);
2763 wpa_s->conf->driver_param =
2764 os_strdup(iface->driver_param);
2767 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2768 iface->driver_param);
2770 if (wpa_s->conf == NULL) {
2771 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2775 if (iface->ifname == NULL) {
2776 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2779 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2780 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2784 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2786 if (iface->bridge_ifname) {
2787 if (os_strlen(iface->bridge_ifname) >=
2788 sizeof(wpa_s->bridge_ifname)) {
2789 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2790 "name '%s'.", iface->bridge_ifname);
2793 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2794 sizeof(wpa_s->bridge_ifname));
2797 /* RSNA Supplicant Key Management - INITIALIZE */
2798 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2799 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2801 /* Initialize driver interface and register driver event handler before
2802 * L2 receive handler so that association events are processed before
2803 * EAPOL-Key packets if both become available for the same select()
2805 driver = iface->driver;
2807 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2810 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2811 if (wpa_s->drv_priv == NULL) {
2813 pos = driver ? os_strchr(driver, ',') : NULL;
2815 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2816 "driver interface - try next driver wrapper");
2820 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2824 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2825 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2826 "driver_param '%s'", wpa_s->conf->driver_param);
2830 ifname = wpa_drv_get_ifname(wpa_s);
2831 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2832 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2833 "interface name with '%s'", ifname);
2834 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2837 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2840 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2841 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2843 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2845 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2846 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2847 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2848 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2849 "dot11RSNAConfigPMKLifetime");
2853 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2854 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2855 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2856 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2857 "dot11RSNAConfigPMKReauthThreshold");
2861 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2862 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2863 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2864 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2865 "dot11RSNAConfigSATimeout");
2869 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2870 &wpa_s->hw.num_modes,
2873 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2874 wpa_s->drv_capa_known = 1;
2875 wpa_s->drv_flags = capa.flags;
2876 wpa_s->drv_enc = capa.enc;
2877 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
2878 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2879 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2880 wpa_s->sched_scan_supported = capa.sched_scan_supported;
2881 wpa_s->max_match_sets = capa.max_match_sets;
2882 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2883 wpa_s->max_stations = capa.max_stations;
2885 if (wpa_s->max_remain_on_chan == 0)
2886 wpa_s->max_remain_on_chan = 1000;
2888 if (wpa_supplicant_driver_init(wpa_s) < 0)
2892 if (wpa_tdls_init(wpa_s->wpa))
2894 #endif /* CONFIG_TDLS */
2896 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2897 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2898 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2902 if (wpas_wps_init(wpa_s))
2905 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2907 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2909 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2910 if (wpa_s->ctrl_iface == NULL) {
2911 wpa_printf(MSG_ERROR,
2912 "Failed to initialize control interface '%s'.\n"
2913 "You may have another wpa_supplicant process "
2914 "already running or the file was\n"
2915 "left by an unclean termination of wpa_supplicant "
2916 "in which case you will need\n"
2917 "to manually remove this file before starting "
2918 "wpa_supplicant again.\n",
2919 wpa_s->conf->ctrl_interface);
2923 wpa_s->gas = gas_query_init(wpa_s);
2924 if (wpa_s->gas == NULL) {
2925 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
2930 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2931 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2934 #endif /* CONFIG_P2P */
2936 if (wpa_bss_init(wpa_s) < 0)
2939 if (pcsc_reader_init(wpa_s) < 0)
2942 if (wpas_init_ext_pw(wpa_s) < 0)
2949 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2950 int notify, int terminate)
2952 if (wpa_s->drv_priv) {
2953 wpa_supplicant_deauthenticate(wpa_s,
2954 WLAN_REASON_DEAUTH_LEAVING);
2956 wpa_drv_set_countermeasures(wpa_s, 0);
2957 wpa_clear_keys(wpa_s, NULL);
2960 wpa_supplicant_cleanup(wpa_s);
2963 if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) {
2964 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing "
2965 "the management interface is being removed");
2966 wpas_p2p_deinit_global(wpa_s->global);
2968 #endif /* CONFIG_P2P */
2970 if (wpa_s->drv_priv)
2971 wpa_drv_deinit(wpa_s);
2974 wpas_notify_iface_removed(wpa_s);
2977 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
2979 if (wpa_s->ctrl_iface) {
2980 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
2981 wpa_s->ctrl_iface = NULL;
2984 if (wpa_s->conf != NULL) {
2985 wpa_config_free(wpa_s->conf);
2992 * wpa_supplicant_add_iface - Add a new network interface
2993 * @global: Pointer to global data from wpa_supplicant_init()
2994 * @iface: Interface configuration options
2995 * Returns: Pointer to the created interface or %NULL on failure
2997 * This function is used to add new network interfaces for %wpa_supplicant.
2998 * This can be called before wpa_supplicant_run() to add interfaces before the
2999 * main event loop has been started. In addition, new interfaces can be added
3000 * dynamically while %wpa_supplicant is already running. This could happen,
3001 * e.g., when a hotplug network adapter is inserted.
3003 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
3004 struct wpa_interface *iface)
3006 struct wpa_supplicant *wpa_s;
3007 struct wpa_interface t_iface;
3008 struct wpa_ssid *ssid;
3010 if (global == NULL || iface == NULL)
3013 wpa_s = wpa_supplicant_alloc();
3017 wpa_s->global = global;
3020 if (global->params.override_driver) {
3021 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
3023 iface->driver, global->params.override_driver);
3024 t_iface.driver = global->params.override_driver;
3026 if (global->params.override_ctrl_interface) {
3027 wpa_printf(MSG_DEBUG, "Override interface parameter: "
3028 "ctrl_interface ('%s' -> '%s')",
3029 iface->ctrl_interface,
3030 global->params.override_ctrl_interface);
3031 t_iface.ctrl_interface =
3032 global->params.override_ctrl_interface;
3034 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
3035 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
3037 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
3042 /* Notify the control interfaces about new iface */
3043 if (wpas_notify_iface_added(wpa_s)) {
3044 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
3049 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
3050 wpas_notify_network_added(wpa_s, ssid);
3052 wpa_s->next = global->ifaces;
3053 global->ifaces = wpa_s;
3055 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
3056 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3063 * wpa_supplicant_remove_iface - Remove a network interface
3064 * @global: Pointer to global data from wpa_supplicant_init()
3065 * @wpa_s: Pointer to the network interface to be removed
3066 * Returns: 0 if interface was removed, -1 if interface was not found
3068 * This function can be used to dynamically remove network interfaces from
3069 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
3070 * addition, this function is used to remove all remaining interfaces when
3071 * %wpa_supplicant is terminated.
3073 int wpa_supplicant_remove_iface(struct wpa_global *global,
3074 struct wpa_supplicant *wpa_s,
3077 struct wpa_supplicant *prev;
3079 /* Remove interface from the global list of interfaces */
3080 prev = global->ifaces;
3081 if (prev == wpa_s) {
3082 global->ifaces = wpa_s->next;
3084 while (prev && prev->next != wpa_s)
3088 prev->next = wpa_s->next;
3091 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
3093 if (global->p2p_group_formation == wpa_s)
3094 global->p2p_group_formation = NULL;
3095 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
3103 * wpa_supplicant_get_eap_mode - Get the current EAP mode
3104 * @wpa_s: Pointer to the network interface
3105 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
3107 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
3109 const char *eapol_method;
3111 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
3112 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3116 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
3117 if (eapol_method == NULL)
3118 return "UNKNOWN-EAP";
3120 return eapol_method;
3125 * wpa_supplicant_get_iface - Get a new network interface
3126 * @global: Pointer to global data from wpa_supplicant_init()
3127 * @ifname: Interface name
3128 * Returns: Pointer to the interface or %NULL if not found
3130 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
3133 struct wpa_supplicant *wpa_s;
3135 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
3136 if (os_strcmp(wpa_s->ifname, ifname) == 0)
3143 #ifndef CONFIG_NO_WPA_MSG
3144 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
3146 struct wpa_supplicant *wpa_s = ctx;
3149 return wpa_s->ifname;
3151 #endif /* CONFIG_NO_WPA_MSG */
3155 * wpa_supplicant_init - Initialize %wpa_supplicant
3156 * @params: Parameters for %wpa_supplicant
3157 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
3159 * This function is used to initialize %wpa_supplicant. After successful
3160 * initialization, the returned data pointer can be used to add and remove
3161 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
3163 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
3165 struct wpa_global *global;
3171 #ifdef CONFIG_DRIVER_NDIS
3173 void driver_ndis_init_ops(void);
3174 driver_ndis_init_ops();
3176 #endif /* CONFIG_DRIVER_NDIS */
3178 #ifndef CONFIG_NO_WPA_MSG
3179 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
3180 #endif /* CONFIG_NO_WPA_MSG */
3182 wpa_debug_open_file(params->wpa_debug_file_path);
3183 if (params->wpa_debug_syslog)
3184 wpa_debug_open_syslog();
3185 if (params->wpa_debug_tracing) {
3186 ret = wpa_debug_open_linux_tracing();
3188 wpa_printf(MSG_ERROR,
3189 "Failed to enable trace logging");
3194 ret = eap_register_methods();
3196 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
3198 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
3199 "the same EAP type.");
3203 global = os_zalloc(sizeof(*global));
3206 dl_list_init(&global->p2p_srv_bonjour);
3207 dl_list_init(&global->p2p_srv_upnp);
3208 global->params.daemonize = params->daemonize;
3209 global->params.wait_for_monitor = params->wait_for_monitor;
3210 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
3211 if (params->pid_file)
3212 global->params.pid_file = os_strdup(params->pid_file);
3213 if (params->ctrl_interface)
3214 global->params.ctrl_interface =
3215 os_strdup(params->ctrl_interface);
3216 if (params->override_driver)
3217 global->params.override_driver =
3218 os_strdup(params->override_driver);
3219 if (params->override_ctrl_interface)
3220 global->params.override_ctrl_interface =
3221 os_strdup(params->override_ctrl_interface);
3222 wpa_debug_level = global->params.wpa_debug_level =
3223 params->wpa_debug_level;
3224 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
3225 params->wpa_debug_show_keys;
3226 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
3227 params->wpa_debug_timestamp;
3229 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
3232 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
3233 wpa_supplicant_deinit(global);
3237 random_init(params->entropy_file);
3239 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
3240 if (global->ctrl_iface == NULL) {
3241 wpa_supplicant_deinit(global);
3245 if (wpas_notify_supplicant_initialized(global)) {
3246 wpa_supplicant_deinit(global);
3250 for (i = 0; wpa_drivers[i]; i++)
3251 global->drv_count++;
3252 if (global->drv_count == 0) {
3253 wpa_printf(MSG_ERROR, "No drivers enabled");
3254 wpa_supplicant_deinit(global);
3257 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
3258 if (global->drv_priv == NULL) {
3259 wpa_supplicant_deinit(global);
3263 #ifdef CONFIG_WIFI_DISPLAY
3264 if (wifi_display_init(global) < 0) {
3265 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
3266 wpa_supplicant_deinit(global);
3269 #endif /* CONFIG_WIFI_DISPLAY */
3276 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
3277 * @global: Pointer to global data from wpa_supplicant_init()
3278 * Returns: 0 after successful event loop run, -1 on failure
3280 * This function starts the main event loop and continues running as long as
3281 * there are any remaining events. In most cases, this function is running as
3282 * long as the %wpa_supplicant process in still in use.
3284 int wpa_supplicant_run(struct wpa_global *global)
3286 struct wpa_supplicant *wpa_s;
3288 if (global->params.daemonize &&
3289 wpa_supplicant_daemon(global->params.pid_file))
3292 if (global->params.wait_for_monitor) {
3293 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
3294 if (wpa_s->ctrl_iface)
3295 wpa_supplicant_ctrl_iface_wait(
3299 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
3300 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
3309 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
3310 * @global: Pointer to global data from wpa_supplicant_init()
3312 * This function is called to deinitialize %wpa_supplicant and to free all
3313 * allocated resources. Remaining network interfaces will also be removed.
3315 void wpa_supplicant_deinit(struct wpa_global *global)
3322 #ifdef CONFIG_WIFI_DISPLAY
3323 wifi_display_deinit(global);
3324 #endif /* CONFIG_WIFI_DISPLAY */
3326 wpas_p2p_deinit_global(global);
3327 #endif /* CONFIG_P2P */
3329 while (global->ifaces)
3330 wpa_supplicant_remove_iface(global, global->ifaces, 1);
3332 if (global->ctrl_iface)
3333 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
3335 wpas_notify_supplicant_deinitialized(global);
3337 eap_peer_unregister_methods();
3339 eap_server_unregister_methods();
3340 #endif /* CONFIG_AP */
3342 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
3343 if (!global->drv_priv[i])
3345 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
3347 os_free(global->drv_priv);
3353 if (global->params.pid_file) {
3354 os_daemonize_terminate(global->params.pid_file);
3355 os_free(global->params.pid_file);
3357 os_free(global->params.ctrl_interface);
3358 os_free(global->params.override_driver);
3359 os_free(global->params.override_ctrl_interface);
3361 os_free(global->p2p_disallow_freq);
3364 wpa_debug_close_syslog();
3365 wpa_debug_close_file();
3366 wpa_debug_close_linux_tracing();
3370 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
3372 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
3373 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
3375 country[0] = wpa_s->conf->country[0];
3376 country[1] = wpa_s->conf->country[1];
3378 if (wpa_drv_set_country(wpa_s, country) < 0) {
3379 wpa_printf(MSG_ERROR, "Failed to set country code "
3384 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
3385 wpas_init_ext_pw(wpa_s);
3388 wpas_wps_update_config(wpa_s);
3389 #endif /* CONFIG_WPS */
3392 wpas_p2p_update_config(wpa_s);
3393 #endif /* CONFIG_P2P */
3395 wpa_s->conf->changed_parameters = 0;
3399 static void add_freq(int *freqs, int *num_freqs, int freq)
3403 for (i = 0; i < *num_freqs; i++) {
3404 if (freqs[i] == freq)
3408 freqs[*num_freqs] = freq;
3413 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3415 struct wpa_bss *bss, *cbss;
3416 const int max_freqs = 10;
3420 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3424 cbss = wpa_s->current_bss;
3426 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3429 if (bss->ssid_len == cbss->ssid_len &&
3430 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3431 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3432 add_freq(freqs, &num_freqs, bss->freq);
3433 if (num_freqs == max_freqs)
3438 if (num_freqs == 0) {
3447 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3454 * Remove possible authentication timeout since the connection failed.
3456 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3459 * Add the failed BSSID into the blacklist and speed up next scan
3460 * attempt if there could be other APs that could accept association.
3461 * The current blacklist count indicates how many times we have tried
3462 * connecting to this AP and multiple attempts mean that other APs are
3463 * either not available or has already been tried, so that we can start
3464 * increasing the delay here to avoid constant scanning.
3466 count = wpa_blacklist_add(wpa_s, bssid);
3467 if (count == 1 && wpa_s->current_bss) {
3469 * This BSS was not in the blacklist before. If there is
3470 * another BSS available for the same ESS, we should try that
3471 * next. Otherwise, we may as well try this one once more
3472 * before allowing other, likely worse, ESSes to be considered.
3474 freqs = get_bss_freqs_in_ess(wpa_s);
3476 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3477 "has been seen; try it next");
3478 wpa_blacklist_add(wpa_s, bssid);
3480 * On the next scan, go through only the known channels
3481 * used in this ESS based on previous scans to speed up
3482 * common load balancing use case.
3484 os_free(wpa_s->next_scan_freqs);
3485 wpa_s->next_scan_freqs = freqs;
3490 * Add previous failure count in case the temporary blacklist was
3491 * cleared due to no other BSSes being available.
3493 count += wpa_s->extra_blacklist_count;
3513 wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d "
3514 "ms", count, timeout);
3517 * TODO: if more than one possible AP is available in scan results,
3518 * could try the other ones before requesting a new scan.
3520 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3521 1000 * (timeout % 1000));
3524 if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled &&
3525 wpa_s->global->p2p != NULL) {
3526 wpa_s->global->p2p_cb_on_scan_complete = 0;
3527 if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) {
3528 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation "
3529 "continued after failed association");
3532 #endif /* CONFIG_P2P */
3536 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3538 return wpa_s->conf->ap_scan == 2 ||
3539 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3543 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
3544 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
3545 struct wpa_ssid *ssid,
3549 #ifdef IEEE8021X_EAPOL
3550 struct eap_peer_config *eap = &ssid->eap;
3552 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
3553 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
3554 (const u8 *) value, os_strlen(value));
3556 switch (wpa_supplicant_ctrl_req_from_string(field)) {
3557 case WPA_CTRL_REQ_EAP_IDENTITY:
3558 os_free(eap->identity);
3559 eap->identity = (u8 *) os_strdup(value);
3560 eap->identity_len = os_strlen(value);
3561 eap->pending_req_identity = 0;
3562 if (ssid == wpa_s->current_ssid)
3563 wpa_s->reassociate = 1;
3565 case WPA_CTRL_REQ_EAP_PASSWORD:
3566 os_free(eap->password);
3567 eap->password = (u8 *) os_strdup(value);
3568 eap->password_len = os_strlen(value);
3569 eap->pending_req_password = 0;
3570 if (ssid == wpa_s->current_ssid)
3571 wpa_s->reassociate = 1;
3573 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
3574 os_free(eap->new_password);
3575 eap->new_password = (u8 *) os_strdup(value);
3576 eap->new_password_len = os_strlen(value);
3577 eap->pending_req_new_password = 0;
3578 if (ssid == wpa_s->current_ssid)
3579 wpa_s->reassociate = 1;
3581 case WPA_CTRL_REQ_EAP_PIN:
3583 eap->pin = os_strdup(value);
3584 eap->pending_req_pin = 0;
3585 if (ssid == wpa_s->current_ssid)
3586 wpa_s->reassociate = 1;
3588 case WPA_CTRL_REQ_EAP_OTP:
3590 eap->otp = (u8 *) os_strdup(value);
3591 eap->otp_len = os_strlen(value);
3592 os_free(eap->pending_req_otp);
3593 eap->pending_req_otp = NULL;
3594 eap->pending_req_otp_len = 0;
3596 case WPA_CTRL_REQ_EAP_PASSPHRASE:
3597 os_free(eap->private_key_passwd);
3598 eap->private_key_passwd = (u8 *) os_strdup(value);
3599 eap->pending_req_passphrase = 0;
3600 if (ssid == wpa_s->current_ssid)
3601 wpa_s->reassociate = 1;
3604 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
3609 #else /* IEEE8021X_EAPOL */
3610 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
3612 #endif /* IEEE8021X_EAPOL */
3614 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
3617 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
3620 unsigned int drv_enc;
3628 if (wpa_s && wpa_s->drv_capa_known)
3629 drv_enc = wpa_s->drv_enc;
3631 drv_enc = (unsigned int) -1;
3633 for (i = 0; i < NUM_WEP_KEYS; i++) {
3634 size_t len = ssid->wep_key_len[i];
3637 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
3639 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
3641 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
3643 return 1; /* invalid WEP key */
3646 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
3654 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3656 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3658 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3664 void wpas_auth_failed(struct wpa_supplicant *wpa_s)
3666 struct wpa_ssid *ssid = wpa_s->current_ssid;
3671 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
3676 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
3679 ssid->auth_failures++;
3680 if (ssid->auth_failures > 50)
3682 else if (ssid->auth_failures > 20)
3684 else if (ssid->auth_failures > 10)
3686 else if (ssid->auth_failures > 5)
3688 else if (ssid->auth_failures > 1)
3694 if (now.sec + dur <= ssid->disabled_until.sec)
3697 ssid->disabled_until.sec = now.sec + dur;
3699 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
3700 "id=%d ssid=\"%s\" auth_failures=%u duration=%d",
3701 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
3702 ssid->auth_failures, dur);
3706 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
3707 struct wpa_ssid *ssid, int clear_failures)
3712 if (ssid->disabled_until.sec) {
3713 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
3714 "id=%d ssid=\"%s\"",
3715 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3717 ssid->disabled_until.sec = 0;
3718 ssid->disabled_until.usec = 0;
3720 ssid->auth_failures = 0;
3724 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
3728 if (wpa_s->disallow_aps_bssid == NULL)
3731 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
3732 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
3733 bssid, ETH_ALEN) == 0)
3741 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
3746 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
3749 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
3750 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
3751 if (ssid_len == s->ssid_len &&
3752 os_memcmp(ssid, s->ssid, ssid_len) == 0)
3761 * wpas_request_connection - Request a new connection
3762 * @wpa_s: Pointer to the network interface
3764 * This function is used to request a new connection to be found. It will mark
3765 * the interface to allow reassociation and request a new scan to find a
3766 * suitable network to connect to.
3768 void wpas_request_connection(struct wpa_supplicant *wpa_s)
3770 wpa_s->normal_scans = 0;
3771 wpa_supplicant_reinit_autoscan(wpa_s);
3772 wpa_s->extra_blacklist_count = 0;
3773 wpa_s->disconnected = 0;
3774 wpa_s->reassociate = 1;
3775 wpa_supplicant_req_scan(wpa_s, 0, 0);