1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
44 #include "common/ptksa_cache.h"
45 #include "p2p/p2p.h"
46 #include "fst/fst.h"
47 #include "bssid_ignore.h"
48 #include "wpas_glue.h"
49 #include "wps_supplicant.h"
50 #include "ibss_rsn.h"
51 #include "sme.h"
52 #include "gas_query.h"
53 #include "ap.h"
54 #include "p2p_supplicant.h"
55 #include "wifi_display.h"
56 #include "notify.h"
57 #include "bgscan.h"
58 #include "autoscan.h"
59 #include "bss.h"
60 #include "scan.h"
61 #include "offchannel.h"
62 #include "hs20_supplicant.h"
63 #include "wnm_sta.h"
64 #include "wpas_kay.h"
65 #include "mesh.h"
66 #include "dpp_supplicant.h"
67 #ifdef CONFIG_MESH
68 #include "ap/ap_config.h"
69 #include "ap/hostapd.h"
70 #endif /* CONFIG_MESH */
71
72 const char *const wpa_supplicant_version =
73 "wpa_supplicant v" VERSION_STR "\n"
74 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors";
75
76 const char *const wpa_supplicant_license =
77 "This software may be distributed under the terms of the BSD license.\n"
78 "See README for more details.\n"
79 #ifdef EAP_TLS_OPENSSL
80 "\nThis product includes software developed by the OpenSSL Project\n"
81 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
82 #endif /* EAP_TLS_OPENSSL */
83 ;
84
85 #ifndef CONFIG_NO_STDOUT_DEBUG
86 /* Long text divided into parts in order to fit in C89 strings size limits. */
87 const char *const wpa_supplicant_full_license1 =
88 "";
89 const char *const wpa_supplicant_full_license2 =
90 "This software may be distributed under the terms of the BSD license.\n"
91 "\n"
92 "Redistribution and use in source and binary forms, with or without\n"
93 "modification, are permitted provided that the following conditions are\n"
94 "met:\n"
95 "\n";
96 const char *const wpa_supplicant_full_license3 =
97 "1. Redistributions of source code must retain the above copyright\n"
98 " notice, this list of conditions and the following disclaimer.\n"
99 "\n"
100 "2. Redistributions in binary form must reproduce the above copyright\n"
101 " notice, this list of conditions and the following disclaimer in the\n"
102 " documentation and/or other materials provided with the distribution.\n"
103 "\n";
104 const char *const wpa_supplicant_full_license4 =
105 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
106 " names of its contributors may be used to endorse or promote products\n"
107 " derived from this software without specific prior written permission.\n"
108 "\n"
109 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
110 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
111 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
112 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
113 const char *const wpa_supplicant_full_license5 =
114 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
115 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
116 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
117 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
118 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
119 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
120 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
121 "\n";
122 #endif /* CONFIG_NO_STDOUT_DEBUG */
123
124
125 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
126 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
127 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
128 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
129 #ifdef CONFIG_OWE
130 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
131 #endif /* CONFIG_OWE */
132
133
134 #ifdef CONFIG_WEP
135 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)136 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
137 {
138 int i, set = 0;
139
140 for (i = 0; i < NUM_WEP_KEYS; i++) {
141 if (ssid->wep_key_len[i] == 0)
142 continue;
143
144 set = 1;
145 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
146 i, i == ssid->wep_tx_keyidx, NULL, 0,
147 ssid->wep_key[i], ssid->wep_key_len[i],
148 i == ssid->wep_tx_keyidx ?
149 KEY_FLAG_GROUP_RX_TX_DEFAULT :
150 KEY_FLAG_GROUP_RX_TX);
151 }
152
153 return set;
154 }
155 #endif /* CONFIG_WEP */
156
157
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)158 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
159 struct wpa_ssid *ssid)
160 {
161 u8 key[32];
162 size_t keylen;
163 enum wpa_alg alg;
164 u8 seq[6] = { 0 };
165 int ret;
166
167 /* IBSS/WPA-None uses only one key (Group) for both receiving and
168 * sending unicast and multicast packets. */
169
170 if (ssid->mode != WPAS_MODE_IBSS) {
171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
172 "IBSS/ad-hoc) for WPA-None", ssid->mode);
173 return -1;
174 }
175
176 if (!ssid->psk_set) {
177 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
178 "WPA-None");
179 return -1;
180 }
181
182 switch (wpa_s->group_cipher) {
183 case WPA_CIPHER_CCMP:
184 os_memcpy(key, ssid->psk, 16);
185 keylen = 16;
186 alg = WPA_ALG_CCMP;
187 break;
188 case WPA_CIPHER_GCMP:
189 os_memcpy(key, ssid->psk, 16);
190 keylen = 16;
191 alg = WPA_ALG_GCMP;
192 break;
193 case WPA_CIPHER_TKIP:
194 /* WPA-None uses the same Michael MIC key for both TX and RX */
195 os_memcpy(key, ssid->psk, 16 + 8);
196 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
197 keylen = 32;
198 alg = WPA_ALG_TKIP;
199 break;
200 default:
201 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
202 "WPA-None", wpa_s->group_cipher);
203 return -1;
204 }
205
206 /* TODO: should actually remember the previously used seq#, both for TX
207 * and RX from each STA.. */
208
209 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
210 KEY_FLAG_GROUP_RX_TX_DEFAULT);
211 os_memset(key, 0, sizeof(key));
212 return ret;
213 }
214
215
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)216 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
217 {
218 struct wpa_supplicant *wpa_s = eloop_ctx;
219 const u8 *bssid = wpa_s->bssid;
220 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
221 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
222 wpa_s->wpa_state == WPA_ASSOCIATING))
223 bssid = wpa_s->pending_bssid;
224 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
225 MAC2STR(bssid));
226 wpa_bssid_ignore_add(wpa_s, bssid);
227 wpas_notify_auth_timeout(wpa_s);
228 wpa_sm_notify_disassoc(wpa_s->wpa);
229 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
230 wpa_s->reassociate = 1;
231
232 /*
233 * If we timed out, the AP or the local radio may be busy.
234 * So, wait a second until scanning again.
235 */
236 wpa_supplicant_req_scan(wpa_s, 1, 0);
237 }
238
239
240 /**
241 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
242 * @wpa_s: Pointer to wpa_supplicant data
243 * @sec: Number of seconds after which to time out authentication
244 * @usec: Number of microseconds after which to time out authentication
245 *
246 * This function is used to schedule a timeout for the current authentication
247 * attempt.
248 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)249 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
250 int sec, int usec)
251 {
252 if (wpa_s->conf->ap_scan == 0 &&
253 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
254 return;
255
256 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
257 "%d usec", sec, usec);
258 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
259 wpa_s->last_auth_timeout_sec = sec;
260 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
261 }
262
263
264 /*
265 * wpas_auth_timeout_restart - Restart and change timeout for authentication
266 * @wpa_s: Pointer to wpa_supplicant data
267 * @sec_diff: difference in seconds applied to original timeout value
268 */
wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)269 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
270 {
271 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
272
273 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
274 wpa_dbg(wpa_s, MSG_DEBUG,
275 "Authentication timeout restart: %d sec", new_sec);
276 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
277 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
278 wpa_s, NULL);
279 }
280 }
281
282
283 /**
284 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
285 * @wpa_s: Pointer to wpa_supplicant data
286 *
287 * This function is used to cancel authentication timeout scheduled with
288 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
289 * been completed.
290 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)291 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
292 {
293 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
294 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
295 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
296 os_free(wpa_s->last_con_fail_realm);
297 wpa_s->last_con_fail_realm = NULL;
298 wpa_s->last_con_fail_realm_len = 0;
299 }
300
301
302 /**
303 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
304 * @wpa_s: Pointer to wpa_supplicant data
305 *
306 * This function is used to configure EAPOL state machine based on the selected
307 * authentication mode.
308 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)309 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
310 {
311 #ifdef IEEE8021X_EAPOL
312 struct eapol_config eapol_conf;
313 struct wpa_ssid *ssid = wpa_s->current_ssid;
314
315 #ifdef CONFIG_IBSS_RSN
316 if (ssid->mode == WPAS_MODE_IBSS &&
317 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
318 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
319 /*
320 * RSN IBSS authentication is per-STA and we can disable the
321 * per-BSSID EAPOL authentication.
322 */
323 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
324 eapol_sm_notify_eap_success(wpa_s->eapol, true);
325 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
326 return;
327 }
328 #endif /* CONFIG_IBSS_RSN */
329
330 eapol_sm_notify_eap_success(wpa_s->eapol, false);
331 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
332
333 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
334 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
335 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
336 else
337 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
338
339 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
340 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
341 eapol_conf.accept_802_1x_keys = 1;
342 eapol_conf.required_keys = 0;
343 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
344 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
345 }
346 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
347 eapol_conf.required_keys |=
348 EAPOL_REQUIRE_KEY_BROADCAST;
349 }
350
351 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
352 eapol_conf.required_keys = 0;
353 }
354 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
355 eapol_conf.workaround = ssid->eap_workaround;
356 eapol_conf.eap_disabled =
357 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
358 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
359 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
360 eapol_conf.external_sim = wpa_s->conf->external_sim;
361
362 #ifdef CONFIG_WPS
363 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
364 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
365 if (wpa_s->current_bss) {
366 struct wpabuf *ie;
367 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
368 WPS_IE_VENDOR_TYPE);
369 if (ie) {
370 if (wps_is_20(ie))
371 eapol_conf.wps |=
372 EAPOL_PEER_IS_WPS20_AP;
373 wpabuf_free(ie);
374 }
375 }
376 }
377 #endif /* CONFIG_WPS */
378
379 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
380
381 #ifdef CONFIG_MACSEC
382 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
383 ieee802_1x_create_preshared_mka(wpa_s, ssid);
384 else
385 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
386 #endif /* CONFIG_MACSEC */
387 #endif /* IEEE8021X_EAPOL */
388 }
389
390
391 /**
392 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
393 * @wpa_s: Pointer to wpa_supplicant data
394 * @ssid: Configuration data for the network
395 *
396 * This function is used to configure WPA state machine and related parameters
397 * to a mode where WPA is not enabled. This is called as part of the
398 * authentication configuration when the selected network does not use WPA.
399 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)400 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
401 struct wpa_ssid *ssid)
402 {
403 #ifdef CONFIG_WEP
404 int i;
405 #endif /* CONFIG_WEP */
406
407 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
408 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
409 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
410 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
411 else
412 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
413 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
414 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
415 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
416 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
417 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
418 wpa_s->rsnxe_len = 0;
419 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
420 wpa_s->group_cipher = WPA_CIPHER_NONE;
421 wpa_s->mgmt_group_cipher = 0;
422
423 #ifdef CONFIG_WEP
424 for (i = 0; i < NUM_WEP_KEYS; i++) {
425 if (ssid->wep_key_len[i] > 5) {
426 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
427 wpa_s->group_cipher = WPA_CIPHER_WEP104;
428 break;
429 } else if (ssid->wep_key_len[i] > 0) {
430 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
431 wpa_s->group_cipher = WPA_CIPHER_WEP40;
432 break;
433 }
434 }
435 #endif /* CONFIG_WEP */
436
437 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
438 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
439 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
440 wpa_s->pairwise_cipher);
441 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
442 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
443 wpa_s->mgmt_group_cipher);
444
445 pmksa_cache_clear_current(wpa_s->wpa);
446 }
447
448
free_hw_features(struct wpa_supplicant * wpa_s)449 void free_hw_features(struct wpa_supplicant *wpa_s)
450 {
451 int i;
452 if (wpa_s->hw.modes == NULL)
453 return;
454
455 for (i = 0; i < wpa_s->hw.num_modes; i++) {
456 os_free(wpa_s->hw.modes[i].channels);
457 os_free(wpa_s->hw.modes[i].rates);
458 }
459
460 os_free(wpa_s->hw.modes);
461 wpa_s->hw.modes = NULL;
462 }
463
464
free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)465 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
466 {
467 struct wpa_bss_tmp_disallowed *bss, *prev;
468
469 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
470 struct wpa_bss_tmp_disallowed, list) {
471 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
472 dl_list_del(&bss->list);
473 os_free(bss);
474 }
475 }
476
477
wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)478 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
479 {
480 struct fils_hlp_req *req;
481
482 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
483 list)) != NULL) {
484 dl_list_del(&req->list);
485 wpabuf_free(req->pkt);
486 os_free(req);
487 }
488 }
489
490
wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)491 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
492 {
493 struct wpa_supplicant *wpa_s = eloop_ctx;
494
495 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
496 return;
497 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
498 wpa_bss_flush(wpa_s);
499 }
500
501
502 #ifdef CONFIG_TESTING_OPTIONS
wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)503 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
504 {
505 struct driver_signal_override *dso;
506
507 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
508 struct driver_signal_override, list))) {
509 dl_list_del(&dso->list);
510 os_free(dso);
511 }
512 }
513 #endif /* CONFIG_TESTING_OPTIONS */
514
515
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)516 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
517 {
518 int i;
519
520 bgscan_deinit(wpa_s);
521 autoscan_deinit(wpa_s);
522 scard_deinit(wpa_s->scard);
523 wpa_s->scard = NULL;
524 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
525 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
526 l2_packet_deinit(wpa_s->l2);
527 wpa_s->l2 = NULL;
528 if (wpa_s->l2_br) {
529 l2_packet_deinit(wpa_s->l2_br);
530 wpa_s->l2_br = NULL;
531 }
532 #ifdef CONFIG_TESTING_OPTIONS
533 l2_packet_deinit(wpa_s->l2_test);
534 wpa_s->l2_test = NULL;
535 os_free(wpa_s->get_pref_freq_list_override);
536 wpa_s->get_pref_freq_list_override = NULL;
537 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
538 wpa_s->last_assoc_req_wpa_ie = NULL;
539 os_free(wpa_s->extra_sae_rejected_groups);
540 wpa_s->extra_sae_rejected_groups = NULL;
541 wpabuf_free(wpa_s->rsne_override_eapol);
542 wpa_s->rsne_override_eapol = NULL;
543 wpabuf_free(wpa_s->rsnxe_override_assoc);
544 wpa_s->rsnxe_override_assoc = NULL;
545 wpabuf_free(wpa_s->rsnxe_override_eapol);
546 wpa_s->rsnxe_override_eapol = NULL;
547 wpas_clear_driver_signal_override(wpa_s);
548 #endif /* CONFIG_TESTING_OPTIONS */
549
550 if (wpa_s->conf != NULL) {
551 struct wpa_ssid *ssid;
552 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
553 wpas_notify_network_removed(wpa_s, ssid);
554 }
555
556 os_free(wpa_s->confname);
557 wpa_s->confname = NULL;
558
559 os_free(wpa_s->confanother);
560 wpa_s->confanother = NULL;
561
562 os_free(wpa_s->last_con_fail_realm);
563 wpa_s->last_con_fail_realm = NULL;
564 wpa_s->last_con_fail_realm_len = 0;
565
566 wpa_sm_set_eapol(wpa_s->wpa, NULL);
567 eapol_sm_deinit(wpa_s->eapol);
568 wpa_s->eapol = NULL;
569
570 rsn_preauth_deinit(wpa_s->wpa);
571
572 #ifdef CONFIG_TDLS
573 wpa_tdls_deinit(wpa_s->wpa);
574 #endif /* CONFIG_TDLS */
575
576 wmm_ac_clear_saved_tspecs(wpa_s);
577 pmksa_candidate_free(wpa_s->wpa);
578 ptksa_cache_deinit(wpa_s->ptksa);
579 wpa_s->ptksa = NULL;
580 wpa_sm_deinit(wpa_s->wpa);
581 wpa_s->wpa = NULL;
582 wpa_bssid_ignore_clear(wpa_s);
583
584 #ifdef CONFIG_PASN
585 wpas_pasn_auth_stop(wpa_s);
586 #endif /* CONFIG_PASN */
587
588 wpa_bss_deinit(wpa_s);
589
590 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
591 wpa_supplicant_cancel_scan(wpa_s);
592 wpa_supplicant_cancel_auth_timeout(wpa_s);
593 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
594 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
595 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
596 wpa_s, NULL);
597 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
598
599 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
600 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
601
602 wpas_wps_deinit(wpa_s);
603
604 wpabuf_free(wpa_s->pending_eapol_rx);
605 wpa_s->pending_eapol_rx = NULL;
606
607 #ifdef CONFIG_IBSS_RSN
608 ibss_rsn_deinit(wpa_s->ibss_rsn);
609 wpa_s->ibss_rsn = NULL;
610 #endif /* CONFIG_IBSS_RSN */
611
612 sme_deinit(wpa_s);
613
614 #ifdef CONFIG_AP
615 wpa_supplicant_ap_deinit(wpa_s);
616 #endif /* CONFIG_AP */
617
618 wpas_p2p_deinit(wpa_s);
619
620 #ifdef CONFIG_OFFCHANNEL
621 offchannel_deinit(wpa_s);
622 #endif /* CONFIG_OFFCHANNEL */
623
624 wpa_supplicant_cancel_sched_scan(wpa_s);
625
626 os_free(wpa_s->next_scan_freqs);
627 wpa_s->next_scan_freqs = NULL;
628
629 os_free(wpa_s->manual_scan_freqs);
630 wpa_s->manual_scan_freqs = NULL;
631 os_free(wpa_s->select_network_scan_freqs);
632 wpa_s->select_network_scan_freqs = NULL;
633
634 os_free(wpa_s->manual_sched_scan_freqs);
635 wpa_s->manual_sched_scan_freqs = NULL;
636
637 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
638
639 /*
640 * Need to remove any pending gas-query radio work before the
641 * gas_query_deinit() call because gas_query::work has not yet been set
642 * for works that have not been started. gas_query_free() will be unable
643 * to cancel such pending radio works and once the pending gas-query
644 * radio work eventually gets removed, the deinit notification call to
645 * gas_query_start_cb() would result in dereferencing freed memory.
646 */
647 if (wpa_s->radio)
648 radio_remove_works(wpa_s, "gas-query", 0);
649 gas_query_deinit(wpa_s->gas);
650 wpa_s->gas = NULL;
651 gas_server_deinit(wpa_s->gas_server);
652 wpa_s->gas_server = NULL;
653
654 free_hw_features(wpa_s);
655
656 ieee802_1x_dealloc_kay_sm(wpa_s);
657
658 os_free(wpa_s->bssid_filter);
659 wpa_s->bssid_filter = NULL;
660
661 os_free(wpa_s->disallow_aps_bssid);
662 wpa_s->disallow_aps_bssid = NULL;
663 os_free(wpa_s->disallow_aps_ssid);
664 wpa_s->disallow_aps_ssid = NULL;
665
666 wnm_bss_keep_alive_deinit(wpa_s);
667 #ifdef CONFIG_WNM
668 wnm_deallocate_memory(wpa_s);
669 #endif /* CONFIG_WNM */
670
671 ext_password_deinit(wpa_s->ext_pw);
672 wpa_s->ext_pw = NULL;
673
674 wpabuf_free(wpa_s->last_gas_resp);
675 wpa_s->last_gas_resp = NULL;
676 wpabuf_free(wpa_s->prev_gas_resp);
677 wpa_s->prev_gas_resp = NULL;
678
679 os_free(wpa_s->last_scan_res);
680 wpa_s->last_scan_res = NULL;
681
682 #ifdef CONFIG_HS20
683 if (wpa_s->drv_priv)
684 wpa_drv_configure_frame_filters(wpa_s, 0);
685 hs20_deinit(wpa_s);
686 #endif /* CONFIG_HS20 */
687
688 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
689 wpabuf_free(wpa_s->vendor_elem[i]);
690 wpa_s->vendor_elem[i] = NULL;
691 }
692
693 wmm_ac_notify_disassoc(wpa_s);
694
695 wpa_s->sched_scan_plans_num = 0;
696 os_free(wpa_s->sched_scan_plans);
697 wpa_s->sched_scan_plans = NULL;
698
699 #ifdef CONFIG_MBO
700 wpa_s->non_pref_chan_num = 0;
701 os_free(wpa_s->non_pref_chan);
702 wpa_s->non_pref_chan = NULL;
703 #endif /* CONFIG_MBO */
704
705 free_bss_tmp_disallowed(wpa_s);
706
707 wpabuf_free(wpa_s->lci);
708 wpa_s->lci = NULL;
709 wpas_clear_beacon_rep_data(wpa_s);
710
711 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
712 #ifdef CONFIG_MESH
713 {
714 struct external_pmksa_cache *entry;
715
716 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
717 struct external_pmksa_cache,
718 list)) != NULL) {
719 dl_list_del(&entry->list);
720 os_free(entry->pmksa_cache);
721 os_free(entry);
722 }
723 }
724 #endif /* CONFIG_MESH */
725 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
726
727 wpas_flush_fils_hlp_req(wpa_s);
728
729 wpabuf_free(wpa_s->ric_ies);
730 wpa_s->ric_ies = NULL;
731
732 #ifdef CONFIG_DPP
733 wpas_dpp_deinit(wpa_s);
734 dpp_global_deinit(wpa_s->dpp);
735 wpa_s->dpp = NULL;
736 #endif /* CONFIG_DPP */
737
738 #ifdef CONFIG_PASN
739 wpas_pasn_auth_stop(wpa_s);
740 #endif /* CONFIG_PASN */
741 }
742
743
744 /**
745 * wpa_clear_keys - Clear keys configured for the driver
746 * @wpa_s: Pointer to wpa_supplicant data
747 * @addr: Previously used BSSID or %NULL if not available
748 *
749 * This function clears the encryption keys that has been previously configured
750 * for the driver.
751 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)752 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
753 {
754 int i, max = 6;
755
756 /* MLME-DELETEKEYS.request */
757 for (i = 0; i < max; i++) {
758 if (wpa_s->keys_cleared & BIT(i))
759 continue;
760 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
761 NULL, 0, KEY_FLAG_GROUP);
762 }
763 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
764 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
765 !is_zero_ether_addr(addr)) {
766 if (!(wpa_s->keys_cleared & BIT(0)))
767 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL,
768 0, NULL, 0, KEY_FLAG_PAIRWISE);
769 if (!(wpa_s->keys_cleared & BIT(15)))
770 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL,
771 0, NULL, 0, KEY_FLAG_PAIRWISE);
772 /* MLME-SETPROTECTION.request(None) */
773 wpa_drv_mlme_setprotection(
774 wpa_s, addr,
775 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
776 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
777 }
778 wpa_s->keys_cleared = (u32) -1;
779 }
780
781
782 /**
783 * wpa_supplicant_state_txt - Get the connection state name as a text string
784 * @state: State (wpa_state; WPA_*)
785 * Returns: The state name as a printable text string
786 */
wpa_supplicant_state_txt(enum wpa_states state)787 const char * wpa_supplicant_state_txt(enum wpa_states state)
788 {
789 switch (state) {
790 case WPA_DISCONNECTED:
791 return "DISCONNECTED";
792 case WPA_INACTIVE:
793 return "INACTIVE";
794 case WPA_INTERFACE_DISABLED:
795 return "INTERFACE_DISABLED";
796 case WPA_SCANNING:
797 return "SCANNING";
798 case WPA_AUTHENTICATING:
799 return "AUTHENTICATING";
800 case WPA_ASSOCIATING:
801 return "ASSOCIATING";
802 case WPA_ASSOCIATED:
803 return "ASSOCIATED";
804 case WPA_4WAY_HANDSHAKE:
805 return "4WAY_HANDSHAKE";
806 case WPA_GROUP_HANDSHAKE:
807 return "GROUP_HANDSHAKE";
808 case WPA_COMPLETED:
809 return "COMPLETED";
810 default:
811 return "UNKNOWN";
812 }
813 }
814
815
816 #ifdef CONFIG_BGSCAN
817
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)818 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
819 {
820 if (wpa_s->bgscan_ssid) {
821 bgscan_deinit(wpa_s);
822 wpa_s->bgscan_ssid = NULL;
823 }
824 }
825
826
827 /**
828 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
829 * @wpa_s: Pointer to the wpa_supplicant data
830 *
831 * Stop, start, or reconfigure the scan parameters depending on the method.
832 */
wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)833 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
834 {
835 const char *name;
836
837 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
838 name = wpa_s->current_ssid->bgscan;
839 else
840 name = wpa_s->conf->bgscan;
841 if (!name || name[0] == '\0') {
842 wpa_supplicant_stop_bgscan(wpa_s);
843 return;
844 }
845 if (wpas_driver_bss_selection(wpa_s))
846 return;
847 #ifdef CONFIG_P2P
848 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
849 return;
850 #endif /* CONFIG_P2P */
851
852 bgscan_deinit(wpa_s);
853 if (wpa_s->current_ssid) {
854 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
855 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
856 "bgscan");
857 /*
858 * Live without bgscan; it is only used as a roaming
859 * optimization, so the initial connection is not
860 * affected.
861 */
862 } else {
863 struct wpa_scan_results *scan_res;
864 wpa_s->bgscan_ssid = wpa_s->current_ssid;
865 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
866 0);
867 if (scan_res) {
868 bgscan_notify_scan(wpa_s, scan_res);
869 wpa_scan_results_free(scan_res);
870 }
871 }
872 } else
873 wpa_s->bgscan_ssid = NULL;
874 }
875
876 #endif /* CONFIG_BGSCAN */
877
878
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)879 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
880 {
881 if (autoscan_init(wpa_s, 0))
882 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
883 }
884
885
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)886 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
887 {
888 autoscan_deinit(wpa_s);
889 }
890
891
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)892 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
893 {
894 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
895 wpa_s->wpa_state == WPA_SCANNING) {
896 autoscan_deinit(wpa_s);
897 wpa_supplicant_start_autoscan(wpa_s);
898 }
899 }
900
901
902 /**
903 * wpa_supplicant_set_state - Set current connection state
904 * @wpa_s: Pointer to wpa_supplicant data
905 * @state: The new connection state
906 *
907 * This function is called whenever the connection state changes, e.g.,
908 * association is completed for WPA/WPA2 4-Way Handshake is started.
909 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)910 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
911 enum wpa_states state)
912 {
913 enum wpa_states old_state = wpa_s->wpa_state;
914 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
915 bool update_fils_connect_params = false;
916 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
917
918 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
919 wpa_supplicant_state_txt(wpa_s->wpa_state),
920 wpa_supplicant_state_txt(state));
921
922 if (state == WPA_COMPLETED &&
923 os_reltime_initialized(&wpa_s->roam_start)) {
924 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
925 wpa_s->roam_start.sec = 0;
926 wpa_s->roam_start.usec = 0;
927 wpas_notify_auth_changed(wpa_s);
928 wpas_notify_roam_time(wpa_s);
929 wpas_notify_roam_complete(wpa_s);
930 } else if (state == WPA_DISCONNECTED &&
931 os_reltime_initialized(&wpa_s->roam_start)) {
932 wpa_s->roam_start.sec = 0;
933 wpa_s->roam_start.usec = 0;
934 wpa_s->roam_time.sec = 0;
935 wpa_s->roam_time.usec = 0;
936 wpas_notify_roam_complete(wpa_s);
937 }
938
939 if (state == WPA_INTERFACE_DISABLED) {
940 /* Assure normal scan when interface is restored */
941 wpa_s->normal_scans = 0;
942 }
943
944 if (state == WPA_COMPLETED) {
945 wpas_connect_work_done(wpa_s);
946 /* Reinitialize normal_scan counter */
947 wpa_s->normal_scans = 0;
948 }
949
950 #ifdef CONFIG_P2P
951 /*
952 * P2PS client has to reply to Probe Request frames received on the
953 * group operating channel. Enable Probe Request frame reporting for
954 * P2P connected client in case p2p_cli_probe configuration property is
955 * set to 1.
956 */
957 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
958 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
959 wpa_s->current_ssid->p2p_group) {
960 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
961 wpa_dbg(wpa_s, MSG_DEBUG,
962 "P2P: Enable CLI Probe Request RX reporting");
963 wpa_s->p2p_cli_probe =
964 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
965 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
966 wpa_dbg(wpa_s, MSG_DEBUG,
967 "P2P: Disable CLI Probe Request RX reporting");
968 wpa_s->p2p_cli_probe = 0;
969 wpa_drv_probe_req_report(wpa_s, 0);
970 }
971 }
972 #endif /* CONFIG_P2P */
973
974 if (state != WPA_SCANNING)
975 wpa_supplicant_notify_scanning(wpa_s, 0);
976
977 if (state == WPA_COMPLETED && wpa_s->new_connection) {
978 struct wpa_ssid *ssid = wpa_s->current_ssid;
979 int fils_hlp_sent = 0;
980
981 #ifdef CONFIG_SME
982 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
983 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
984 fils_hlp_sent = 1;
985 #endif /* CONFIG_SME */
986 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
987 wpa_auth_alg_fils(wpa_s->auth_alg))
988 fils_hlp_sent = 1;
989
990 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
991 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
992 MACSTR " completed [id=%d id_str=%s%s]",
993 MAC2STR(wpa_s->bssid),
994 ssid ? ssid->id : -1,
995 ssid && ssid->id_str ? ssid->id_str : "",
996 fils_hlp_sent ? " FILS_HLP_SENT" : "");
997 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
998 wpas_clear_temp_disabled(wpa_s, ssid, 1);
999 wpa_s->consecutive_conn_failures = 0;
1000 wpa_s->new_connection = 0;
1001 wpa_drv_set_operstate(wpa_s, 1);
1002 #ifndef IEEE8021X_EAPOL
1003 wpa_drv_set_supp_port(wpa_s, 1);
1004 #endif /* IEEE8021X_EAPOL */
1005 wpa_s->after_wps = 0;
1006 wpa_s->known_wps_freq = 0;
1007 wpas_p2p_completed(wpa_s);
1008
1009 sme_sched_obss_scan(wpa_s, 1);
1010
1011 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1012 if (!fils_hlp_sent && ssid && ssid->eap.erp)
1013 update_fils_connect_params = true;
1014 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1015 #ifdef CONFIG_OWE
1016 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1017 wpas_update_owe_connect_params(wpa_s);
1018 #endif /* CONFIG_OWE */
1019 #ifdef CONFIG_HS20
1020 hs20_configure_frame_filters(wpa_s);
1021 #endif
1022 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1023 state == WPA_ASSOCIATED) {
1024 wpa_s->new_connection = 1;
1025 wpa_drv_set_operstate(wpa_s, 0);
1026 #ifndef IEEE8021X_EAPOL
1027 wpa_drv_set_supp_port(wpa_s, 0);
1028 #endif /* IEEE8021X_EAPOL */
1029 sme_sched_obss_scan(wpa_s, 0);
1030 }
1031 wpa_s->wpa_state = state;
1032
1033 #ifdef CONFIG_BGSCAN
1034 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1035 wpa_supplicant_reset_bgscan(wpa_s);
1036 else if (state < WPA_ASSOCIATED)
1037 wpa_supplicant_stop_bgscan(wpa_s);
1038 #endif /* CONFIG_BGSCAN */
1039
1040 if (state > WPA_SCANNING)
1041 wpa_supplicant_stop_autoscan(wpa_s);
1042
1043 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1044 wpa_supplicant_start_autoscan(wpa_s);
1045
1046 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1047 wmm_ac_notify_disassoc(wpa_s);
1048
1049 if (wpa_s->wpa_state != old_state) {
1050 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1051
1052 /*
1053 * Notify the P2P Device interface about a state change in one
1054 * of the interfaces.
1055 */
1056 wpas_p2p_indicate_state_change(wpa_s);
1057
1058 if (wpa_s->wpa_state == WPA_COMPLETED ||
1059 old_state == WPA_COMPLETED)
1060 wpas_notify_auth_changed(wpa_s);
1061 #ifdef CONFIG_DPP2
1062 if (wpa_s->wpa_state == WPA_COMPLETED)
1063 wpas_dpp_connected(wpa_s);
1064 #endif /* CONFIG_DPP2 */
1065 }
1066 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1067 if (update_fils_connect_params)
1068 wpas_update_fils_connect_params(wpa_s);
1069 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1070 }
1071
1072
wpa_supplicant_terminate_proc(struct wpa_global * global)1073 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1074 {
1075 int pending = 0;
1076 #ifdef CONFIG_WPS
1077 struct wpa_supplicant *wpa_s = global->ifaces;
1078 while (wpa_s) {
1079 struct wpa_supplicant *next = wpa_s->next;
1080 if (wpas_wps_terminate_pending(wpa_s) == 1)
1081 pending = 1;
1082 #ifdef CONFIG_P2P
1083 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1084 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1085 wpas_p2p_disconnect(wpa_s);
1086 #endif /* CONFIG_P2P */
1087 wpa_s = next;
1088 }
1089 #endif /* CONFIG_WPS */
1090 if (pending)
1091 return;
1092 eloop_terminate();
1093 }
1094
1095
wpa_supplicant_terminate(int sig,void * signal_ctx)1096 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1097 {
1098 struct wpa_global *global = signal_ctx;
1099 wpa_supplicant_terminate_proc(global);
1100 }
1101
1102
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1103 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1104 {
1105 enum wpa_states old_state = wpa_s->wpa_state;
1106 enum wpa_states new_state;
1107
1108 if (old_state == WPA_SCANNING)
1109 new_state = WPA_SCANNING;
1110 else
1111 new_state = WPA_DISCONNECTED;
1112
1113 wpa_s->pairwise_cipher = 0;
1114 wpa_s->group_cipher = 0;
1115 wpa_s->mgmt_group_cipher = 0;
1116 wpa_s->key_mgmt = 0;
1117 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1118 wpa_supplicant_set_state(wpa_s, new_state);
1119
1120 if (wpa_s->wpa_state != old_state)
1121 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1122 }
1123
1124
1125 /**
1126 * wpa_supplicant_reload_configuration - Reload configuration data
1127 * @wpa_s: Pointer to wpa_supplicant data
1128 * Returns: 0 on success or -1 if configuration parsing failed
1129 *
1130 * This function can be used to request that the configuration data is reloaded
1131 * (e.g., after configuration file change). This function is reloading
1132 * configuration only for one interface, so this may need to be called multiple
1133 * times if %wpa_supplicant is controlling multiple interfaces and all
1134 * interfaces need reconfiguration.
1135 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1136 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1137 {
1138 struct wpa_config *conf;
1139 int reconf_ctrl;
1140 int old_ap_scan;
1141
1142 if (wpa_s->confname == NULL)
1143 return -1;
1144 conf = wpa_config_read(wpa_s->confname, NULL);
1145 if (conf == NULL) {
1146 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1147 "file '%s' - exiting", wpa_s->confname);
1148 return -1;
1149 }
1150 if (wpa_s->confanother &&
1151 !wpa_config_read(wpa_s->confanother, conf)) {
1152 wpa_msg(wpa_s, MSG_ERROR,
1153 "Failed to parse the configuration file '%s' - exiting",
1154 wpa_s->confanother);
1155 return -1;
1156 }
1157
1158 conf->changed_parameters = (unsigned int) -1;
1159
1160 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1161 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1162 os_strcmp(conf->ctrl_interface,
1163 wpa_s->conf->ctrl_interface) != 0);
1164
1165 if (reconf_ctrl) {
1166 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1167 wpa_s->ctrl_iface = NULL;
1168 }
1169
1170 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1171 if (wpa_s->current_ssid) {
1172 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1173 wpa_s->own_disconnect_req = 1;
1174 wpa_supplicant_deauthenticate(wpa_s,
1175 WLAN_REASON_DEAUTH_LEAVING);
1176 }
1177
1178 /*
1179 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1180 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1181 */
1182 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1183 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1184 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1185 /*
1186 * Clear forced success to clear EAP state for next
1187 * authentication.
1188 */
1189 eapol_sm_notify_eap_success(wpa_s->eapol, false);
1190 }
1191 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1192 wpa_sm_set_config(wpa_s->wpa, NULL);
1193 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1194 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1195 rsn_preauth_deinit(wpa_s->wpa);
1196
1197 old_ap_scan = wpa_s->conf->ap_scan;
1198 wpa_config_free(wpa_s->conf);
1199 wpa_s->conf = conf;
1200 if (old_ap_scan != wpa_s->conf->ap_scan)
1201 wpas_notify_ap_scan_changed(wpa_s);
1202
1203 if (reconf_ctrl)
1204 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1205
1206 wpa_supplicant_update_config(wpa_s);
1207
1208 wpa_supplicant_clear_status(wpa_s);
1209 if (wpa_supplicant_enabled_networks(wpa_s)) {
1210 wpa_s->reassociate = 1;
1211 wpa_supplicant_req_scan(wpa_s, 0, 0);
1212 }
1213 wpa_bssid_ignore_clear(wpa_s);
1214 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1215 return 0;
1216 }
1217
1218
wpa_supplicant_reconfig(int sig,void * signal_ctx)1219 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1220 {
1221 struct wpa_global *global = signal_ctx;
1222 struct wpa_supplicant *wpa_s;
1223 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1224 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1225 sig);
1226 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1227 wpa_supplicant_terminate_proc(global);
1228 }
1229 }
1230
1231 if (wpa_debug_reopen_file() < 0) {
1232 /* Ignore errors since we cannot really do much to fix this */
1233 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1234 }
1235 }
1236
1237
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1238 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1239 struct wpa_ssid *ssid,
1240 struct wpa_ie_data *ie)
1241 {
1242 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1243 if (ret) {
1244 if (ret == -2) {
1245 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1246 "from association info");
1247 }
1248 return -1;
1249 }
1250
1251 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1252 "cipher suites");
1253 if (!(ie->group_cipher & ssid->group_cipher)) {
1254 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1255 "cipher 0x%x (mask 0x%x) - reject",
1256 ie->group_cipher, ssid->group_cipher);
1257 return -1;
1258 }
1259 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1260 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1261 "cipher 0x%x (mask 0x%x) - reject",
1262 ie->pairwise_cipher, ssid->pairwise_cipher);
1263 return -1;
1264 }
1265 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1266 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1267 "management 0x%x (mask 0x%x) - reject",
1268 ie->key_mgmt, ssid->key_mgmt);
1269 return -1;
1270 }
1271
1272 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1273 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1274 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1275 "that does not support management frame protection - "
1276 "reject");
1277 return -1;
1278 }
1279
1280 return 0;
1281 }
1282
1283
matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1284 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1285 int freq)
1286 {
1287 if (!ie->has_group)
1288 ie->group_cipher = wpa_default_rsn_cipher(freq);
1289 if (!ie->has_pairwise)
1290 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1291 return (ie->group_cipher & ssid->group_cipher) &&
1292 (ie->pairwise_cipher & ssid->pairwise_cipher);
1293 }
1294
1295
1296 /**
1297 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1298 * @wpa_s: Pointer to wpa_supplicant data
1299 * @bss: Scan results for the selected BSS, or %NULL if not available
1300 * @ssid: Configuration data for the selected network
1301 * @wpa_ie: Buffer for the WPA/RSN IE
1302 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1303 * used buffer length in case the functions returns success.
1304 * Returns: 0 on success or -1 on failure
1305 *
1306 * This function is used to configure authentication and encryption parameters
1307 * based on the network configuration and scan result for the selected BSS (if
1308 * available).
1309 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len)1310 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1311 struct wpa_bss *bss, struct wpa_ssid *ssid,
1312 u8 *wpa_ie, size_t *wpa_ie_len)
1313 {
1314 struct wpa_ie_data ie;
1315 int sel, proto, sae_pwe;
1316 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1317
1318 if (bss) {
1319 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1320 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1321 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1322 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1323 } else {
1324 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1325 }
1326
1327 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1328 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1329 matching_ciphers(ssid, &ie, bss->freq) &&
1330 (ie.key_mgmt & ssid->key_mgmt)) {
1331 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1332 proto = WPA_PROTO_RSN;
1333 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1334 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1335 (ie.group_cipher & ssid->group_cipher) &&
1336 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1337 (ie.key_mgmt & ssid->key_mgmt)) {
1338 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1339 proto = WPA_PROTO_WPA;
1340 #ifdef CONFIG_HS20
1341 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1342 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1343 (ie.group_cipher & ssid->group_cipher) &&
1344 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1345 (ie.key_mgmt & ssid->key_mgmt)) {
1346 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1347 proto = WPA_PROTO_OSEN;
1348 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1349 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1350 (ie.group_cipher & ssid->group_cipher) &&
1351 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1352 (ie.key_mgmt & ssid->key_mgmt)) {
1353 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1354 proto = WPA_PROTO_RSN;
1355 #endif /* CONFIG_HS20 */
1356 } else if (bss) {
1357 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1358 wpa_dbg(wpa_s, MSG_DEBUG,
1359 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1360 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1361 ssid->key_mgmt);
1362 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1363 MAC2STR(bss->bssid),
1364 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1365 bss_wpa ? " WPA" : "",
1366 bss_rsn ? " RSN" : "",
1367 bss_osen ? " OSEN" : "");
1368 if (bss_rsn) {
1369 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1370 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1371 wpa_dbg(wpa_s, MSG_DEBUG,
1372 "Could not parse RSN element");
1373 } else {
1374 wpa_dbg(wpa_s, MSG_DEBUG,
1375 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1376 ie.pairwise_cipher, ie.group_cipher,
1377 ie.key_mgmt);
1378 }
1379 }
1380 if (bss_wpa) {
1381 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1382 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1383 wpa_dbg(wpa_s, MSG_DEBUG,
1384 "Could not parse WPA element");
1385 } else {
1386 wpa_dbg(wpa_s, MSG_DEBUG,
1387 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1388 ie.pairwise_cipher, ie.group_cipher,
1389 ie.key_mgmt);
1390 }
1391 }
1392 return -1;
1393 } else {
1394 if (ssid->proto & WPA_PROTO_OSEN)
1395 proto = WPA_PROTO_OSEN;
1396 else if (ssid->proto & WPA_PROTO_RSN)
1397 proto = WPA_PROTO_RSN;
1398 else
1399 proto = WPA_PROTO_WPA;
1400 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1401 os_memset(&ie, 0, sizeof(ie));
1402 ie.group_cipher = ssid->group_cipher;
1403 ie.pairwise_cipher = ssid->pairwise_cipher;
1404 ie.key_mgmt = ssid->key_mgmt;
1405 ie.mgmt_group_cipher = 0;
1406 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1407 if (ssid->group_mgmt_cipher &
1408 WPA_CIPHER_BIP_GMAC_256)
1409 ie.mgmt_group_cipher =
1410 WPA_CIPHER_BIP_GMAC_256;
1411 else if (ssid->group_mgmt_cipher &
1412 WPA_CIPHER_BIP_CMAC_256)
1413 ie.mgmt_group_cipher =
1414 WPA_CIPHER_BIP_CMAC_256;
1415 else if (ssid->group_mgmt_cipher &
1416 WPA_CIPHER_BIP_GMAC_128)
1417 ie.mgmt_group_cipher =
1418 WPA_CIPHER_BIP_GMAC_128;
1419 else
1420 ie.mgmt_group_cipher =
1421 WPA_CIPHER_AES_128_CMAC;
1422 }
1423 #ifdef CONFIG_OWE
1424 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1425 !ssid->owe_only &&
1426 !bss_wpa && !bss_rsn && !bss_osen) {
1427 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1428 wpa_s->wpa_proto = 0;
1429 *wpa_ie_len = 0;
1430 return 0;
1431 }
1432 #endif /* CONFIG_OWE */
1433 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1434 "based on configuration");
1435 } else
1436 proto = ie.proto;
1437 }
1438
1439 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1440 "pairwise %d key_mgmt %d proto %d",
1441 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1442 if (ssid->ieee80211w) {
1443 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1444 ie.mgmt_group_cipher);
1445 }
1446
1447 wpa_s->wpa_proto = proto;
1448 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1449 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1450 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1451
1452 if (bss || !wpa_s->ap_ies_from_associnfo) {
1453 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1454 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1455 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1456 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1457 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1458 bss_rsnx ? 2 + bss_rsnx[1] : 0))
1459 return -1;
1460 }
1461
1462 #ifdef CONFIG_NO_WPA
1463 wpa_s->group_cipher = WPA_CIPHER_NONE;
1464 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1465 #else /* CONFIG_NO_WPA */
1466 sel = ie.group_cipher & ssid->group_cipher;
1467 wpa_dbg(wpa_s, MSG_DEBUG,
1468 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1469 ie.group_cipher, ssid->group_cipher, sel);
1470 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1471 if (wpa_s->group_cipher < 0) {
1472 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1473 "cipher");
1474 return -1;
1475 }
1476 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1477 wpa_cipher_txt(wpa_s->group_cipher));
1478
1479 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1480 wpa_dbg(wpa_s, MSG_DEBUG,
1481 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1482 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1483 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1484 if (wpa_s->pairwise_cipher < 0) {
1485 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1486 "cipher");
1487 return -1;
1488 }
1489 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1490 wpa_cipher_txt(wpa_s->pairwise_cipher));
1491 #endif /* CONFIG_NO_WPA */
1492
1493 sel = ie.key_mgmt & ssid->key_mgmt;
1494 #ifdef CONFIG_SAE
1495 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1496 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1497 #endif /* CONFIG_SAE */
1498 #ifdef CONFIG_IEEE80211R
1499 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1500 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1501 sel &= ~WPA_KEY_MGMT_FT;
1502 #endif /* CONFIG_IEEE80211R */
1503 wpa_dbg(wpa_s, MSG_DEBUG,
1504 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1505 ie.key_mgmt, ssid->key_mgmt, sel);
1506 if (0) {
1507 #ifdef CONFIG_IEEE80211R
1508 #ifdef CONFIG_SHA384
1509 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1510 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1511 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1512 wpa_dbg(wpa_s, MSG_DEBUG,
1513 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1514 if (!ssid->ft_eap_pmksa_caching &&
1515 pmksa_cache_get_current(wpa_s->wpa)) {
1516 /* PMKSA caching with FT may have interoperability
1517 * issues, so disable that case by default for now. */
1518 wpa_dbg(wpa_s, MSG_DEBUG,
1519 "WPA: Disable PMKSA caching for FT/802.1X connection");
1520 pmksa_cache_clear_current(wpa_s->wpa);
1521 }
1522 #endif /* CONFIG_SHA384 */
1523 #endif /* CONFIG_IEEE80211R */
1524 #ifdef CONFIG_SUITEB192
1525 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1526 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1527 wpa_dbg(wpa_s, MSG_DEBUG,
1528 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1529 #endif /* CONFIG_SUITEB192 */
1530 #ifdef CONFIG_SUITEB
1531 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1532 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1533 wpa_dbg(wpa_s, MSG_DEBUG,
1534 "WPA: using KEY_MGMT 802.1X with Suite B");
1535 #endif /* CONFIG_SUITEB */
1536 #ifdef CONFIG_FILS
1537 #ifdef CONFIG_IEEE80211R
1538 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1539 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1540 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1541 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1542 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1543 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1544 #endif /* CONFIG_IEEE80211R */
1545 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1546 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1547 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1548 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1549 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1550 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1551 #endif /* CONFIG_FILS */
1552 #ifdef CONFIG_IEEE80211R
1553 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1554 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1555 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1556 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1557 if (!ssid->ft_eap_pmksa_caching &&
1558 pmksa_cache_get_current(wpa_s->wpa)) {
1559 /* PMKSA caching with FT may have interoperability
1560 * issues, so disable that case by default for now. */
1561 wpa_dbg(wpa_s, MSG_DEBUG,
1562 "WPA: Disable PMKSA caching for FT/802.1X connection");
1563 pmksa_cache_clear_current(wpa_s->wpa);
1564 }
1565 #endif /* CONFIG_IEEE80211R */
1566 #ifdef CONFIG_DPP
1567 } else if (sel & WPA_KEY_MGMT_DPP) {
1568 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1569 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1570 #endif /* CONFIG_DPP */
1571 #ifdef CONFIG_SAE
1572 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1573 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1574 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1575 } else if (sel & WPA_KEY_MGMT_SAE) {
1576 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1577 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1578 #endif /* CONFIG_SAE */
1579 #ifdef CONFIG_IEEE80211R
1580 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1581 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1582 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1583 #endif /* CONFIG_IEEE80211R */
1584 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1585 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1586 wpa_dbg(wpa_s, MSG_DEBUG,
1587 "WPA: using KEY_MGMT 802.1X with SHA256");
1588 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1589 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1590 wpa_dbg(wpa_s, MSG_DEBUG,
1591 "WPA: using KEY_MGMT PSK with SHA256");
1592 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1593 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1594 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1595 } else if (sel & WPA_KEY_MGMT_PSK) {
1596 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1597 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1598 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1599 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1600 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1601 #ifdef CONFIG_HS20
1602 } else if (sel & WPA_KEY_MGMT_OSEN) {
1603 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1604 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1605 #endif /* CONFIG_HS20 */
1606 #ifdef CONFIG_OWE
1607 } else if (sel & WPA_KEY_MGMT_OWE) {
1608 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1609 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1610 #endif /* CONFIG_OWE */
1611 } else {
1612 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1613 "authenticated key management type");
1614 return -1;
1615 }
1616
1617 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1618 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1619 wpa_s->pairwise_cipher);
1620 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1621
1622 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1623 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1624 wpa_msg(wpa_s, MSG_INFO,
1625 "RSN: Management frame protection required but the selected AP does not enable it");
1626 return -1;
1627 }
1628
1629 sel = ie.mgmt_group_cipher;
1630 if (ssid->group_mgmt_cipher)
1631 sel &= ssid->group_mgmt_cipher;
1632 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1633 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1634 sel = 0;
1635 wpa_dbg(wpa_s, MSG_DEBUG,
1636 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1637 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1638 if (sel & WPA_CIPHER_AES_128_CMAC) {
1639 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1640 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1641 "AES-128-CMAC");
1642 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1643 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1644 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1645 "BIP-GMAC-128");
1646 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1647 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1648 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1649 "BIP-GMAC-256");
1650 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1651 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1652 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1653 "BIP-CMAC-256");
1654 } else {
1655 wpa_s->mgmt_group_cipher = 0;
1656 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1657 }
1658 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1659 wpa_s->mgmt_group_cipher);
1660 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1661 wpas_get_ssid_pmf(wpa_s, ssid));
1662 #ifdef CONFIG_OCV
1663 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
1664 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
1665 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1666 #endif /* CONFIG_OCV */
1667 sae_pwe = wpa_s->conf->sae_pwe;
1668 if (ssid->sae_password_id && sae_pwe != 3)
1669 sae_pwe = 1;
1670 if (bss && is_6ghz_freq(bss->freq)) {
1671 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: force hash-to-element mode for 6GHz BSS.");
1672 sae_pwe = 1;
1673 }
1674 #ifdef CONFIG_TESTING_OPTIONS
1675 if (wpa_s->force_hunting_and_pecking_pwe) {
1676 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: force hunting and pecking mode.");
1677 sae_pwe = 0;
1678 }
1679 #endif
1680 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
1681 #ifdef CONFIG_SAE_PK
1682 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
1683 wpa_key_mgmt_sae(ssid->key_mgmt) &&
1684 ssid->sae_pk != SAE_PK_MODE_DISABLED &&
1685 ((ssid->sae_password &&
1686 sae_pk_valid_password(ssid->sae_password)) ||
1687 (!ssid->sae_password && ssid->passphrase &&
1688 sae_pk_valid_password(ssid->passphrase))));
1689 #endif /* CONFIG_SAE_PK */
1690 #ifdef CONFIG_TESTING_OPTIONS
1691 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
1692 wpa_s->ft_rsnxe_used);
1693 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
1694 wpa_s->oci_freq_override_eapol);
1695 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
1696 wpa_s->oci_freq_override_eapol_g2);
1697 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
1698 wpa_s->oci_freq_override_ft_assoc);
1699 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
1700 wpa_s->oci_freq_override_fils_assoc);
1701 #endif /* CONFIG_TESTING_OPTIONS */
1702
1703 /* Extended Key ID is only supported in infrastructure BSS so far */
1704 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
1705 (ssid->proto & WPA_PROTO_RSN) &&
1706 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
1707 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
1708 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
1709 int use_ext_key_id = 0;
1710
1711 wpa_msg(wpa_s, MSG_DEBUG,
1712 "WPA: Enable Extended Key ID support");
1713 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
1714 wpa_s->conf->extended_key_id);
1715 if (bss_rsn &&
1716 wpa_s->conf->extended_key_id &&
1717 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
1718 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
1719 use_ext_key_id = 1;
1720 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
1721 use_ext_key_id);
1722 } else {
1723 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
1724 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
1725 }
1726
1727 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1728 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1729 return -1;
1730 }
1731
1732 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1733 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1734 &wpa_s->rsnxe_len)) {
1735 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1736 return -1;
1737 }
1738
1739 if (0) {
1740 #ifdef CONFIG_DPP
1741 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1742 /* Use PMK from DPP network introduction (PMKSA entry) */
1743 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1744 #ifdef CONFIG_DPP2
1745 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
1746 #endif /* CONFIG_DPP2 */
1747 #endif /* CONFIG_DPP */
1748 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1749 int psk_set = 0;
1750 int sae_only;
1751
1752 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1753 WPA_KEY_MGMT_FT_PSK |
1754 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1755
1756 if (ssid->psk_set && !sae_only) {
1757 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1758 ssid->psk, PMK_LEN);
1759 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1760 NULL);
1761 psk_set = 1;
1762 }
1763
1764 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1765 (ssid->sae_password || ssid->passphrase))
1766 psk_set = 1;
1767
1768 #ifndef CONFIG_NO_PBKDF2
1769 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1770 ssid->passphrase && !sae_only) {
1771 u8 psk[PMK_LEN];
1772 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1773 4096, psk, PMK_LEN);
1774 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1775 psk, PMK_LEN);
1776 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1777 psk_set = 1;
1778 os_memset(psk, 0, sizeof(psk));
1779 }
1780 #endif /* CONFIG_NO_PBKDF2 */
1781 #ifdef CONFIG_EXT_PASSWORD
1782 if (ssid->ext_psk && !sae_only) {
1783 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1784 ssid->ext_psk);
1785 char pw_str[64 + 1];
1786 u8 psk[PMK_LEN];
1787
1788 if (pw == NULL) {
1789 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1790 "found from external storage");
1791 return -1;
1792 }
1793
1794 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1795 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1796 "PSK length %d in external storage",
1797 (int) wpabuf_len(pw));
1798 ext_password_free(pw);
1799 return -1;
1800 }
1801
1802 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1803 pw_str[wpabuf_len(pw)] = '\0';
1804
1805 #ifndef CONFIG_NO_PBKDF2
1806 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1807 {
1808 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1809 4096, psk, PMK_LEN);
1810 os_memset(pw_str, 0, sizeof(pw_str));
1811 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1812 "external passphrase)",
1813 psk, PMK_LEN);
1814 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1815 NULL);
1816 psk_set = 1;
1817 os_memset(psk, 0, sizeof(psk));
1818 } else
1819 #endif /* CONFIG_NO_PBKDF2 */
1820 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1821 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1822 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1823 "Invalid PSK hex string");
1824 os_memset(pw_str, 0, sizeof(pw_str));
1825 ext_password_free(pw);
1826 return -1;
1827 }
1828 wpa_hexdump_key(MSG_MSGDUMP,
1829 "PSK (from external PSK)",
1830 psk, PMK_LEN);
1831 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1832 NULL);
1833 psk_set = 1;
1834 os_memset(psk, 0, sizeof(psk));
1835 } else {
1836 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1837 "PSK available");
1838 os_memset(pw_str, 0, sizeof(pw_str));
1839 ext_password_free(pw);
1840 return -1;
1841 }
1842
1843 os_memset(pw_str, 0, sizeof(pw_str));
1844 ext_password_free(pw);
1845 }
1846 #endif /* CONFIG_EXT_PASSWORD */
1847
1848 if (!psk_set) {
1849 wpa_msg(wpa_s, MSG_INFO,
1850 "No PSK available for association");
1851 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
1852 return -1;
1853 }
1854 #ifdef CONFIG_OWE
1855 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1856 /* OWE Diffie-Hellman exchange in (Re)Association
1857 * Request/Response frames set the PMK, so do not override it
1858 * here. */
1859 #endif /* CONFIG_OWE */
1860 } else
1861 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1862
1863 if (ssid->mode != WPAS_MODE_IBSS &&
1864 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
1865 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
1866 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
1867 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
1868 wpa_msg(wpa_s, MSG_INFO,
1869 "Disable PTK0 rekey support - replaced with reconnect");
1870 wpa_s->deny_ptk0_rekey = 1;
1871 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
1872 } else {
1873 wpa_s->deny_ptk0_rekey = 0;
1874 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
1875 }
1876
1877 return 0;
1878 }
1879
1880
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx)1881 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1882 {
1883 *pos = 0x00;
1884
1885 switch (idx) {
1886 case 0: /* Bits 0-7 */
1887 break;
1888 case 1: /* Bits 8-15 */
1889 if (wpa_s->conf->coloc_intf_reporting) {
1890 /* Bit 13 - Collocated Interference Reporting */
1891 *pos |= 0x20;
1892 }
1893 break;
1894 case 2: /* Bits 16-23 */
1895 #ifdef CONFIG_WNM
1896 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1897 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
1898 *pos |= 0x08; /* Bit 19 - BSS Transition */
1899 #endif /* CONFIG_WNM */
1900 break;
1901 case 3: /* Bits 24-31 */
1902 #ifdef CONFIG_WNM
1903 *pos |= 0x02; /* Bit 25 - SSID List */
1904 #endif /* CONFIG_WNM */
1905 #ifdef CONFIG_INTERWORKING
1906 if (wpa_s->conf->interworking)
1907 *pos |= 0x80; /* Bit 31 - Interworking */
1908 #endif /* CONFIG_INTERWORKING */
1909 break;
1910 case 4: /* Bits 32-39 */
1911 #ifdef CONFIG_INTERWORKING
1912 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
1913 *pos |= 0x01; /* Bit 32 - QoS Map */
1914 #endif /* CONFIG_INTERWORKING */
1915 break;
1916 case 5: /* Bits 40-47 */
1917 #ifdef CONFIG_HS20
1918 if (wpa_s->conf->hs20)
1919 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1920 #endif /* CONFIG_HS20 */
1921 #ifdef CONFIG_MBO
1922 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1923 #endif /* CONFIG_MBO */
1924 break;
1925 case 6: /* Bits 48-55 */
1926 break;
1927 case 7: /* Bits 56-63 */
1928 break;
1929 case 8: /* Bits 64-71 */
1930 if (wpa_s->conf->ftm_responder)
1931 *pos |= 0x40; /* Bit 70 - FTM responder */
1932 if (wpa_s->conf->ftm_initiator)
1933 *pos |= 0x80; /* Bit 71 - FTM initiator */
1934 break;
1935 case 9: /* Bits 72-79 */
1936 #ifdef CONFIG_FILS
1937 if (!wpa_s->disable_fils)
1938 *pos |= 0x01;
1939 #endif /* CONFIG_FILS */
1940 break;
1941 case 10: /* Bits 80-87 */
1942 *pos |= 0x20; /* Bit 85 - Mirrored SCS */
1943 break;
1944 }
1945 }
1946
1947
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen)1948 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
1949 {
1950 u8 *pos = buf;
1951 u8 len = 11, i;
1952
1953 if (len < wpa_s->extended_capa_len)
1954 len = wpa_s->extended_capa_len;
1955 if (buflen < (size_t) len + 2) {
1956 wpa_printf(MSG_INFO,
1957 "Not enough room for building extended capabilities element");
1958 return -1;
1959 }
1960
1961 *pos++ = WLAN_EID_EXT_CAPAB;
1962 *pos++ = len;
1963 for (i = 0; i < len; i++, pos++) {
1964 wpas_ext_capab_byte(wpa_s, pos, i);
1965
1966 if (i < wpa_s->extended_capa_len) {
1967 *pos &= ~wpa_s->extended_capa_mask[i];
1968 *pos |= wpa_s->extended_capa[i];
1969 }
1970 }
1971
1972 while (len > 0 && buf[1 + len] == 0) {
1973 len--;
1974 buf[1] = len;
1975 }
1976 if (len == 0)
1977 return 0;
1978
1979 return 2 + len;
1980 }
1981
1982
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)1983 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
1984 struct wpa_bss *test_bss)
1985 {
1986 struct wpa_bss *bss;
1987
1988 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
1989 if (bss == test_bss)
1990 return 1;
1991 }
1992
1993 return 0;
1994 }
1995
1996
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)1997 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
1998 struct wpa_ssid *test_ssid)
1999 {
2000 struct wpa_ssid *ssid;
2001
2002 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2003 if (ssid == test_ssid)
2004 return 1;
2005 }
2006
2007 return 0;
2008 }
2009
2010
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2011 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2012 struct wpa_ssid *test_ssid)
2013 {
2014 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2015 return 0;
2016
2017 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2018 }
2019
2020
wpas_connect_work_free(struct wpa_connect_work * cwork)2021 void wpas_connect_work_free(struct wpa_connect_work *cwork)
2022 {
2023 if (cwork == NULL)
2024 return;
2025 os_free(cwork);
2026 }
2027
2028
wpas_connect_work_done(struct wpa_supplicant * wpa_s)2029 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2030 {
2031 struct wpa_connect_work *cwork;
2032 struct wpa_radio_work *work = wpa_s->connect_work;
2033
2034 if (!work)
2035 return;
2036
2037 wpa_s->connect_work = NULL;
2038 cwork = work->ctx;
2039 work->ctx = NULL;
2040 wpas_connect_work_free(cwork);
2041 radio_work_done(work);
2042 }
2043
2044
wpas_update_random_addr(struct wpa_supplicant * wpa_s,int style)2045 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
2046 {
2047 struct os_reltime now;
2048 u8 addr[ETH_ALEN];
2049
2050 os_get_reltime(&now);
2051 if (wpa_s->last_mac_addr_style == style &&
2052 wpa_s->last_mac_addr_change.sec != 0 &&
2053 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
2054 wpa_s->conf->rand_addr_lifetime)) {
2055 wpa_msg(wpa_s, MSG_DEBUG,
2056 "Previously selected random MAC address has not yet expired");
2057 return 0;
2058 }
2059
2060 switch (style) {
2061 case 1:
2062 if (random_mac_addr(addr) < 0)
2063 return -1;
2064 break;
2065 case 2:
2066 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2067 if (random_mac_addr_keep_oui(addr) < 0)
2068 return -1;
2069 break;
2070 default:
2071 return -1;
2072 }
2073
2074 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2075 wpa_msg(wpa_s, MSG_INFO,
2076 "Failed to set random MAC address");
2077 return -1;
2078 }
2079
2080 os_get_reltime(&wpa_s->last_mac_addr_change);
2081 wpa_s->mac_addr_changed = 1;
2082 wpa_s->last_mac_addr_style = style;
2083
2084 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2085 wpa_msg(wpa_s, MSG_INFO,
2086 "Could not update MAC address information");
2087 return -1;
2088 }
2089
2090 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2091 MAC2STR(addr));
2092
2093 return 0;
2094 }
2095
2096
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2097 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2098 {
2099 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2100 !wpa_s->conf->preassoc_mac_addr)
2101 return 0;
2102
2103 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
2104 }
2105
2106
wpa_s_setup_sae_pt(struct wpa_config * conf,struct wpa_ssid * ssid)2107 static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
2108 {
2109 #ifdef CONFIG_SAE
2110 int *groups = conf->sae_groups;
2111 int default_groups[] = { 19, 20, 21, 0 };
2112 const char *password;
2113
2114 if (!groups || groups[0] <= 0)
2115 groups = default_groups;
2116
2117 password = ssid->sae_password;
2118 if (!password)
2119 password = ssid->passphrase;
2120
2121 if (!password ||
2122 (conf->sae_pwe == 0 && !ssid->sae_password_id &&
2123 !sae_pk_valid_password(password)) ||
2124 conf->sae_pwe == 3) {
2125 /* PT derivation not needed */
2126 sae_deinit_pt(ssid->pt);
2127 ssid->pt = NULL;
2128 return;
2129 }
2130
2131 if (ssid->pt)
2132 return; /* PT already derived */
2133 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2134 (const u8 *) password, os_strlen(password),
2135 ssid->sae_password_id);
2136 #endif /* CONFIG_SAE */
2137 }
2138
2139
wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2140 static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2141 {
2142 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2143 os_free(wpa_s->sme.sae_rejected_groups);
2144 wpa_s->sme.sae_rejected_groups = NULL;
2145 #ifdef CONFIG_TESTING_OPTIONS
2146 if (wpa_s->extra_sae_rejected_groups) {
2147 int i, *groups = wpa_s->extra_sae_rejected_groups;
2148
2149 for (i = 0; groups[i]; i++) {
2150 wpa_printf(MSG_DEBUG,
2151 "TESTING: Indicate rejection of an extra SAE group %d",
2152 groups[i]);
2153 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2154 groups[i]);
2155 }
2156 }
2157 #endif /* CONFIG_TESTING_OPTIONS */
2158 #endif /* CONFIG_SAE && CONFIG_SME */
2159 }
2160
2161
wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2162 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2163 {
2164 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2165 wpa_msg(wpa_s, MSG_INFO,
2166 "Could not restore permanent MAC address");
2167 return -1;
2168 }
2169 wpa_s->mac_addr_changed = 0;
2170 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2171 wpa_msg(wpa_s, MSG_INFO,
2172 "Could not update MAC address information");
2173 return -1;
2174 }
2175 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2176 return 0;
2177 }
2178
2179
2180 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2181
2182 /**
2183 * wpa_supplicant_associate - Request association
2184 * @wpa_s: Pointer to wpa_supplicant data
2185 * @bss: Scan results for the selected BSS, or %NULL if not available
2186 * @ssid: Configuration data for the selected network
2187 *
2188 * This function is used to request %wpa_supplicant to associate with a BSS.
2189 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2190 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2191 struct wpa_bss *bss, struct wpa_ssid *ssid)
2192 {
2193 struct wpa_connect_work *cwork;
2194 int rand_style;
2195
2196 wpa_s->own_disconnect_req = 0;
2197 wpa_s->own_reconnect_req = 0;
2198
2199 /*
2200 * If we are starting a new connection, any previously pending EAPOL
2201 * RX cannot be valid anymore.
2202 */
2203 wpabuf_free(wpa_s->pending_eapol_rx);
2204 wpa_s->pending_eapol_rx = NULL;
2205
2206 if (ssid->mac_addr == -1)
2207 rand_style = wpa_s->conf->mac_addr;
2208 else
2209 rand_style = ssid->mac_addr;
2210
2211 wpa_s->multi_ap_ie = 0;
2212 wmm_ac_clear_saved_tspecs(wpa_s);
2213 wpa_s->reassoc_same_bss = 0;
2214 wpa_s->reassoc_same_ess = 0;
2215 #ifdef CONFIG_TESTING_OPTIONS
2216 wpa_s->testing_resend_assoc = 0;
2217 #endif /* CONFIG_TESTING_OPTIONS */
2218
2219 if (wpa_s->last_ssid == ssid) {
2220 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2221 wpa_s->reassoc_same_ess = 1;
2222 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2223 wmm_ac_save_tspecs(wpa_s);
2224 wpa_s->reassoc_same_bss = 1;
2225 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2226 os_get_reltime(&wpa_s->roam_start);
2227 }
2228 } else {
2229 #ifdef CONFIG_SAE
2230 wpa_s_clear_sae_rejected(wpa_s);
2231 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2232 #endif /* CONFIG_SAE */
2233 }
2234
2235 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
2236 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
2237 return;
2238 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2239 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
2240 if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2241 return;
2242 }
2243 wpa_s->last_ssid = ssid;
2244
2245 #ifdef CONFIG_IBSS_RSN
2246 ibss_rsn_deinit(wpa_s->ibss_rsn);
2247 wpa_s->ibss_rsn = NULL;
2248 #else /* CONFIG_IBSS_RSN */
2249 if (ssid->mode == WPAS_MODE_IBSS &&
2250 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2251 wpa_msg(wpa_s, MSG_INFO,
2252 "IBSS RSN not supported in the build");
2253 return;
2254 }
2255 #endif /* CONFIG_IBSS_RSN */
2256
2257 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2258 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2259 #ifdef CONFIG_AP
2260 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2261 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2262 "mode");
2263 return;
2264 }
2265 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2266 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2267 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2268 wpas_p2p_ap_setup_failed(wpa_s);
2269 return;
2270 }
2271 wpa_s->current_bss = bss;
2272 #else /* CONFIG_AP */
2273 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2274 "the build");
2275 #endif /* CONFIG_AP */
2276 return;
2277 }
2278
2279 if (ssid->mode == WPAS_MODE_MESH) {
2280 #ifdef CONFIG_MESH
2281 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2282 wpa_msg(wpa_s, MSG_INFO,
2283 "Driver does not support mesh mode");
2284 return;
2285 }
2286 if (bss)
2287 ssid->frequency = bss->freq;
2288 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2289 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2290 return;
2291 }
2292 wpa_s->current_bss = bss;
2293 #else /* CONFIG_MESH */
2294 wpa_msg(wpa_s, MSG_ERROR,
2295 "mesh mode support not included in the build");
2296 #endif /* CONFIG_MESH */
2297 return;
2298 }
2299
2300 /*
2301 * Set WPA state machine configuration to match the selected network now
2302 * so that the information is available before wpas_start_assoc_cb()
2303 * gets called. This is needed at least for RSN pre-authentication where
2304 * candidate APs are added to a list based on scan result processing
2305 * before completion of the first association.
2306 */
2307 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2308
2309 #ifdef CONFIG_DPP
2310 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2311 return;
2312 #endif /* CONFIG_DPP */
2313
2314 #ifdef CONFIG_TDLS
2315 if (bss)
2316 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2317 #endif /* CONFIG_TDLS */
2318
2319 #ifdef CONFIG_MBO
2320 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2321 #endif /* CONFIG_MBO */
2322
2323 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2324 ssid->mode == WPAS_MODE_INFRA) {
2325 sme_authenticate(wpa_s, bss, ssid);
2326 return;
2327 }
2328
2329 if (wpa_s->connect_work) {
2330 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2331 return;
2332 }
2333
2334 if (radio_work_pending(wpa_s, "connect")) {
2335 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2336 return;
2337 }
2338
2339 #ifdef CONFIG_SME
2340 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2341 /* Clear possibly set auth_alg, if any, from last attempt. */
2342 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2343 }
2344 #endif /* CONFIG_SME */
2345
2346 wpas_abort_ongoing_scan(wpa_s);
2347
2348 cwork = os_zalloc(sizeof(*cwork));
2349 if (cwork == NULL)
2350 return;
2351
2352 cwork->bss = bss;
2353 cwork->ssid = ssid;
2354
2355 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2356 wpas_start_assoc_cb, cwork) < 0) {
2357 os_free(cwork);
2358 }
2359 }
2360
2361
bss_is_ibss(struct wpa_bss * bss)2362 static int bss_is_ibss(struct wpa_bss *bss)
2363 {
2364 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2365 IEEE80211_CAP_IBSS;
2366 }
2367
2368
drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2369 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2370 const struct wpa_ssid *ssid)
2371 {
2372 enum hostapd_hw_mode hw_mode;
2373 struct hostapd_hw_modes *mode = NULL;
2374 u8 channel;
2375 int i;
2376
2377 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2378 if (hw_mode == NUM_HOSTAPD_MODES)
2379 return 0;
2380 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2381 if (wpa_s->hw.modes[i].mode == hw_mode) {
2382 mode = &wpa_s->hw.modes[i];
2383 break;
2384 }
2385 }
2386
2387 if (!mode)
2388 return 0;
2389
2390 return mode->vht_capab != 0;
2391 }
2392
2393
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)2394 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2395 const struct wpa_ssid *ssid,
2396 struct hostapd_freq_params *freq)
2397 {
2398 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
2399 enum hostapd_hw_mode hw_mode;
2400 struct hostapd_hw_modes *mode = NULL;
2401 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2402 184, 192 };
2403 int vht80[] = { 36, 52, 100, 116, 132, 149 };
2404 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2405 u8 channel;
2406 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2407 unsigned int j, k;
2408 struct hostapd_freq_params vht_freq;
2409 int chwidth, seg0, seg1;
2410 u32 vht_caps = 0;
2411 int is_24ghz;
2412
2413 freq->freq = ssid->frequency;
2414
2415 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2416 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2417
2418 if (ssid->mode != WPAS_MODE_IBSS)
2419 break;
2420
2421 /* Don't adjust control freq in case of fixed_freq */
2422 if (ssid->fixed_freq)
2423 break;
2424
2425 if (!bss_is_ibss(bss))
2426 continue;
2427
2428 if (ssid->ssid_len == bss->ssid_len &&
2429 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2430 wpa_printf(MSG_DEBUG,
2431 "IBSS already found in scan results, adjust control freq: %d",
2432 bss->freq);
2433 freq->freq = bss->freq;
2434 obss_scan = 0;
2435 break;
2436 }
2437 }
2438
2439 /* For IBSS check HT_IBSS flag */
2440 if (ssid->mode == WPAS_MODE_IBSS &&
2441 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2442 return;
2443
2444 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2445 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2446 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2447 wpa_printf(MSG_DEBUG,
2448 "IBSS: WEP/TKIP detected, do not try to enable HT");
2449 return;
2450 }
2451
2452 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2453 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2454 if (wpa_s->hw.modes[i].mode == hw_mode) {
2455 mode = &wpa_s->hw.modes[i];
2456 break;
2457 }
2458 }
2459
2460 if (!mode)
2461 return;
2462
2463 freq->channel = channel;
2464
2465 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2466 hw_mode == HOSTAPD_MODE_IEEE80211B;
2467
2468 #ifdef CONFIG_HT_OVERRIDES
2469 if (ssid->disable_ht) {
2470 freq->ht_enabled = 0;
2471 return;
2472 }
2473 #endif /* CONFIG_HT_OVERRIDES */
2474
2475 freq->ht_enabled = ht_supported(mode);
2476 if (!freq->ht_enabled)
2477 return;
2478
2479 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2480 if (is_24ghz)
2481 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2482 #ifdef CONFIG_HE_OVERRIDES
2483 if (is_24ghz && ssid->disable_he)
2484 freq->he_enabled = 0;
2485 #endif /* CONFIG_HE_OVERRIDES */
2486
2487 /* Setup higher BW only for 5 GHz */
2488 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2489 return;
2490
2491 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2492 pri_chan = &mode->channels[chan_idx];
2493 if (pri_chan->chan == channel)
2494 break;
2495 pri_chan = NULL;
2496 }
2497 if (!pri_chan)
2498 return;
2499
2500 /* Check primary channel flags */
2501 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2502 return;
2503
2504 freq->channel = pri_chan->chan;
2505
2506 #ifdef CONFIG_HT_OVERRIDES
2507 if (ssid->disable_ht40) {
2508 #ifdef CONFIG_VHT_OVERRIDES
2509 if (ssid->disable_vht)
2510 return;
2511 #endif /* CONFIG_VHT_OVERRIDES */
2512 goto skip_ht40;
2513 }
2514 #endif /* CONFIG_HT_OVERRIDES */
2515
2516 /* Check/setup HT40+/HT40- */
2517 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2518 if (ht40plus[j] == channel) {
2519 ht40 = 1;
2520 break;
2521 }
2522 }
2523
2524 /* Find secondary channel */
2525 for (i = 0; i < mode->num_channels; i++) {
2526 sec_chan = &mode->channels[i];
2527 if (sec_chan->chan == channel + ht40 * 4)
2528 break;
2529 sec_chan = NULL;
2530 }
2531 if (!sec_chan)
2532 return;
2533
2534 /* Check secondary channel flags */
2535 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2536 return;
2537
2538 if (ht40 == -1) {
2539 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2540 return;
2541 } else {
2542 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2543 return;
2544 }
2545 freq->sec_channel_offset = ht40;
2546
2547 if (obss_scan) {
2548 struct wpa_scan_results *scan_res;
2549
2550 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2551 if (scan_res == NULL) {
2552 /* Back to HT20 */
2553 freq->sec_channel_offset = 0;
2554 return;
2555 }
2556
2557 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
2558 switch (res) {
2559 case 0:
2560 /* Back to HT20 */
2561 freq->sec_channel_offset = 0;
2562 break;
2563 case 1:
2564 /* Configuration allowed */
2565 break;
2566 case 2:
2567 /* Switch pri/sec channels */
2568 freq->freq = hw_get_freq(mode, sec_chan->chan);
2569 freq->sec_channel_offset = -freq->sec_channel_offset;
2570 freq->channel = sec_chan->chan;
2571 break;
2572 default:
2573 freq->sec_channel_offset = 0;
2574 break;
2575 }
2576
2577 wpa_scan_results_free(scan_res);
2578 }
2579
2580 #ifdef CONFIG_HT_OVERRIDES
2581 skip_ht40:
2582 #endif /* CONFIG_HT_OVERRIDES */
2583 wpa_printf(MSG_DEBUG,
2584 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2585 freq->channel, freq->sec_channel_offset);
2586
2587 if (!drv_supports_vht(wpa_s, ssid))
2588 return;
2589
2590 /* For IBSS check VHT_IBSS flag */
2591 if (ssid->mode == WPAS_MODE_IBSS &&
2592 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2593 return;
2594
2595 vht_freq = *freq;
2596
2597 #ifdef CONFIG_VHT_OVERRIDES
2598 if (ssid->disable_vht) {
2599 freq->vht_enabled = 0;
2600 return;
2601 }
2602 #endif /* CONFIG_VHT_OVERRIDES */
2603
2604 vht_freq.vht_enabled = vht_supported(mode);
2605 if (!vht_freq.vht_enabled)
2606 return;
2607
2608 /* Enable HE with VHT for 5 GHz */
2609 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2610
2611 /* setup center_freq1, bandwidth */
2612 for (j = 0; j < ARRAY_SIZE(vht80); j++) {
2613 if (freq->channel >= vht80[j] &&
2614 freq->channel < vht80[j] + 16)
2615 break;
2616 }
2617
2618 if (j == ARRAY_SIZE(vht80))
2619 return;
2620
2621 for (i = vht80[j]; i < vht80[j] + 16; i += 4) {
2622 struct hostapd_channel_data *chan;
2623
2624 chan = hw_get_channel_chan(mode, i, NULL);
2625 if (!chan)
2626 return;
2627
2628 /* Back to HT configuration if channel not usable */
2629 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2630 return;
2631 }
2632
2633 chwidth = CHANWIDTH_80MHZ;
2634 seg0 = vht80[j] + 6;
2635 seg1 = 0;
2636
2637 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
2638 /* setup center_freq2, bandwidth */
2639 for (k = 0; k < ARRAY_SIZE(vht80); k++) {
2640 /* Only accept 80 MHz segments separated by a gap */
2641 if (j == k || abs(vht80[j] - vht80[k]) == 16)
2642 continue;
2643 for (i = vht80[k]; i < vht80[k] + 16; i += 4) {
2644 struct hostapd_channel_data *chan;
2645
2646 chan = hw_get_channel_chan(mode, i, NULL);
2647 if (!chan)
2648 continue;
2649
2650 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2651 HOSTAPD_CHAN_NO_IR |
2652 HOSTAPD_CHAN_RADAR))
2653 continue;
2654
2655 /* Found a suitable second segment for 80+80 */
2656 chwidth = CHANWIDTH_80P80MHZ;
2657 vht_caps |=
2658 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2659 seg1 = vht80[k] + 6;
2660 }
2661
2662 if (chwidth == CHANWIDTH_80P80MHZ)
2663 break;
2664 }
2665 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
2666 if (freq->freq == 5180) {
2667 chwidth = CHANWIDTH_160MHZ;
2668 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2669 seg0 = 50;
2670 } else if (freq->freq == 5520) {
2671 chwidth = CHANWIDTH_160MHZ;
2672 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2673 seg0 = 114;
2674 }
2675 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2676 chwidth = CHANWIDTH_USE_HT;
2677 seg0 = vht80[j] + 2;
2678 #ifdef CONFIG_HT_OVERRIDES
2679 if (ssid->disable_ht40)
2680 seg0 = 0;
2681 #endif /* CONFIG_HT_OVERRIDES */
2682 }
2683
2684 #ifdef CONFIG_HE_OVERRIDES
2685 if (ssid->disable_he) {
2686 vht_freq.he_enabled = 0;
2687 freq->he_enabled = 0;
2688 }
2689 #endif /* CONFIG_HE_OVERRIDES */
2690 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2691 freq->channel, ssid->enable_edmg,
2692 ssid->edmg_channel, freq->ht_enabled,
2693 vht_freq.vht_enabled, freq->he_enabled,
2694 freq->sec_channel_offset,
2695 chwidth, seg0, seg1, vht_caps,
2696 &mode->he_capab[ieee80211_mode]) != 0)
2697 return;
2698
2699 *freq = vht_freq;
2700
2701 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2702 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2703 }
2704
2705
2706 #ifdef CONFIG_FILS
wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)2707 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2708 size_t ie_buf_len)
2709 {
2710 struct fils_hlp_req *req;
2711 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2712 const u8 *pos;
2713 u8 *buf = ie_buf;
2714
2715 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2716 list) {
2717 rem_len = ie_buf_len - ie_len;
2718 pos = wpabuf_head(req->pkt);
2719 hdr_len = 1 + 2 * ETH_ALEN + 6;
2720 hlp_len = wpabuf_len(req->pkt);
2721
2722 if (rem_len < 2 + hdr_len + hlp_len) {
2723 wpa_printf(MSG_ERROR,
2724 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2725 (unsigned long) rem_len,
2726 (unsigned long) (2 + hdr_len + hlp_len));
2727 break;
2728 }
2729
2730 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2731 /* Element ID */
2732 *buf++ = WLAN_EID_EXTENSION;
2733 /* Length */
2734 *buf++ = len;
2735 /* Element ID Extension */
2736 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2737 /* Destination MAC address */
2738 os_memcpy(buf, req->dst, ETH_ALEN);
2739 buf += ETH_ALEN;
2740 /* Source MAC address */
2741 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2742 buf += ETH_ALEN;
2743 /* LLC/SNAP Header */
2744 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2745 buf += 6;
2746 /* HLP Packet */
2747 os_memcpy(buf, pos, len - hdr_len);
2748 buf += len - hdr_len;
2749 pos += len - hdr_len;
2750
2751 hlp_len -= len - hdr_len;
2752 ie_len += 2 + len;
2753 rem_len -= 2 + len;
2754
2755 while (hlp_len) {
2756 len = (hlp_len > 255) ? 255 : hlp_len;
2757 if (rem_len < 2 + len)
2758 break;
2759 *buf++ = WLAN_EID_FRAGMENT;
2760 *buf++ = len;
2761 os_memcpy(buf, pos, len);
2762 buf += len;
2763 pos += len;
2764
2765 hlp_len -= len;
2766 ie_len += 2 + len;
2767 rem_len -= 2 + len;
2768 }
2769 }
2770
2771 return ie_len;
2772 }
2773
2774
wpa_is_fils_supported(struct wpa_supplicant * wpa_s)2775 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2776 {
2777 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2778 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2779 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2780 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2781 }
2782
2783
wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)2784 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2785 {
2786 #ifdef CONFIG_FILS_SK_PFS
2787 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2788 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2789 #else /* CONFIG_FILS_SK_PFS */
2790 return 0;
2791 #endif /* CONFIG_FILS_SK_PFS */
2792 }
2793
2794 #endif /* CONFIG_FILS */
2795
2796
wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)2797 static u8 * wpas_populate_assoc_ies(
2798 struct wpa_supplicant *wpa_s,
2799 struct wpa_bss *bss, struct wpa_ssid *ssid,
2800 struct wpa_driver_associate_params *params,
2801 enum wpa_drv_update_connect_params_mask *mask)
2802 {
2803 u8 *wpa_ie;
2804 size_t max_wpa_ie_len = 500;
2805 size_t wpa_ie_len;
2806 int algs = WPA_AUTH_ALG_OPEN;
2807 #ifdef CONFIG_MBO
2808 const u8 *mbo_ie;
2809 #endif
2810 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
2811 int pmksa_cached = 0;
2812 #endif /* CONFIG_SAE || CONFIG_FILS */
2813 #ifdef CONFIG_FILS
2814 const u8 *realm, *username, *rrk;
2815 size_t realm_len, username_len, rrk_len;
2816 u16 next_seq_num;
2817 struct fils_hlp_req *req;
2818
2819 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2820 list) {
2821 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2822 2 + 2 * wpabuf_len(req->pkt) / 255;
2823 }
2824 #endif /* CONFIG_FILS */
2825
2826 wpa_ie = os_malloc(max_wpa_ie_len);
2827 if (!wpa_ie) {
2828 wpa_printf(MSG_ERROR,
2829 "Failed to allocate connect IE buffer for %lu bytes",
2830 (unsigned long) max_wpa_ie_len);
2831 return NULL;
2832 }
2833
2834 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2835 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2836 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2837 int try_opportunistic;
2838 const u8 *cache_id = NULL;
2839
2840 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2841 wpa_s->conf->okc :
2842 ssid->proactive_key_caching) &&
2843 (ssid->proto & WPA_PROTO_RSN);
2844 #ifdef CONFIG_FILS
2845 if (wpa_key_mgmt_fils(ssid->key_mgmt))
2846 cache_id = wpa_bss_get_fils_cache_id(bss);
2847 #endif /* CONFIG_FILS */
2848 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
2849 ssid, try_opportunistic,
2850 cache_id, 0) == 0) {
2851 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
2852 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
2853 pmksa_cached = 1;
2854 #endif /* CONFIG_SAE || CONFIG_FILS */
2855 }
2856 wpa_ie_len = max_wpa_ie_len;
2857 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2858 wpa_ie, &wpa_ie_len)) {
2859 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2860 "key management and encryption suites");
2861 os_free(wpa_ie);
2862 return NULL;
2863 }
2864 #ifdef CONFIG_HS20
2865 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
2866 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
2867 /* No PMKSA caching, but otherwise similar to RSN/WPA */
2868 wpa_ie_len = max_wpa_ie_len;
2869 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
2870 wpa_ie, &wpa_ie_len)) {
2871 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2872 "key management and encryption suites");
2873 os_free(wpa_ie);
2874 return NULL;
2875 }
2876 #endif /* CONFIG_HS20 */
2877 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
2878 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
2879 /*
2880 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
2881 * use non-WPA since the scan results did not indicate that the
2882 * AP is using WPA or WPA2.
2883 */
2884 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2885 wpa_ie_len = 0;
2886 wpa_s->wpa_proto = 0;
2887 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
2888 wpa_ie_len = max_wpa_ie_len;
2889 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
2890 wpa_ie, &wpa_ie_len)) {
2891 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
2892 "key management and encryption suites (no "
2893 "scan results)");
2894 os_free(wpa_ie);
2895 return NULL;
2896 }
2897 #ifdef CONFIG_WPS
2898 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
2899 struct wpabuf *wps_ie;
2900 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
2901 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
2902 wpa_ie_len = wpabuf_len(wps_ie);
2903 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
2904 } else
2905 wpa_ie_len = 0;
2906 wpabuf_free(wps_ie);
2907 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2908 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
2909 params->wps = WPS_MODE_PRIVACY;
2910 else
2911 params->wps = WPS_MODE_OPEN;
2912 wpa_s->wpa_proto = 0;
2913 #endif /* CONFIG_WPS */
2914 } else {
2915 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
2916 wpa_ie_len = 0;
2917 wpa_s->wpa_proto = 0;
2918 }
2919
2920 #ifdef IEEE8021X_EAPOL
2921 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2922 if (ssid->leap) {
2923 if (ssid->non_leap == 0)
2924 algs = WPA_AUTH_ALG_LEAP;
2925 else
2926 algs |= WPA_AUTH_ALG_LEAP;
2927 }
2928 }
2929
2930 #ifdef CONFIG_FILS
2931 /* Clear FILS association */
2932 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
2933
2934 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2935 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2936 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
2937 &username_len, &realm, &realm_len,
2938 &next_seq_num, &rrk, &rrk_len) == 0 &&
2939 (!wpa_s->last_con_fail_realm ||
2940 wpa_s->last_con_fail_realm_len != realm_len ||
2941 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
2942 algs = WPA_AUTH_ALG_FILS;
2943 params->fils_erp_username = username;
2944 params->fils_erp_username_len = username_len;
2945 params->fils_erp_realm = realm;
2946 params->fils_erp_realm_len = realm_len;
2947 params->fils_erp_next_seq_num = next_seq_num;
2948 params->fils_erp_rrk = rrk;
2949 params->fils_erp_rrk_len = rrk_len;
2950
2951 if (mask)
2952 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
2953 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
2954 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
2955 pmksa_cached) {
2956 algs = WPA_AUTH_ALG_FILS;
2957 }
2958 #endif /* CONFIG_FILS */
2959 #endif /* IEEE8021X_EAPOL */
2960 #ifdef CONFIG_SAE
2961 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
2962 algs = WPA_AUTH_ALG_SAE;
2963 #endif /* CONFIG_SAE */
2964
2965 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
2966 if (ssid->auth_alg) {
2967 algs = ssid->auth_alg;
2968 wpa_dbg(wpa_s, MSG_DEBUG,
2969 "Overriding auth_alg selection: 0x%x", algs);
2970 }
2971
2972 #ifdef CONFIG_SAE
2973 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
2974 wpa_dbg(wpa_s, MSG_DEBUG,
2975 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
2976 algs = WPA_AUTH_ALG_OPEN;
2977 }
2978 #endif /* CONFIG_SAE */
2979
2980 #ifdef CONFIG_P2P
2981 if (wpa_s->global->p2p) {
2982 u8 *pos;
2983 size_t len;
2984 int res;
2985 pos = wpa_ie + wpa_ie_len;
2986 len = max_wpa_ie_len - wpa_ie_len;
2987 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
2988 ssid->p2p_group);
2989 if (res >= 0)
2990 wpa_ie_len += res;
2991 }
2992
2993 wpa_s->cross_connect_disallowed = 0;
2994 if (bss) {
2995 struct wpabuf *p2p;
2996 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
2997 if (p2p) {
2998 wpa_s->cross_connect_disallowed =
2999 p2p_get_cross_connect_disallowed(p2p);
3000 wpabuf_free(p2p);
3001 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3002 "connection",
3003 wpa_s->cross_connect_disallowed ?
3004 "disallows" : "allows");
3005 }
3006 }
3007
3008 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3009 #endif /* CONFIG_P2P */
3010
3011 if (bss) {
3012 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3013 wpa_ie + wpa_ie_len,
3014 max_wpa_ie_len -
3015 wpa_ie_len);
3016 }
3017
3018 /*
3019 * Workaround: Add Extended Capabilities element only if the AP
3020 * included this element in Beacon/Probe Response frames. Some older
3021 * APs seem to have interoperability issues if this element is
3022 * included, so while the standard may require us to include the
3023 * element in all cases, it is justifiable to skip it to avoid
3024 * interoperability issues.
3025 */
3026 if (ssid->p2p_group)
3027 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3028 else
3029 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3030
3031 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3032 u8 ext_capab[18];
3033 int ext_capab_len;
3034 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3035 sizeof(ext_capab));
3036 if (ext_capab_len > 0 &&
3037 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3038 u8 *pos = wpa_ie;
3039 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3040 pos += 2 + pos[1];
3041 os_memmove(pos + ext_capab_len, pos,
3042 wpa_ie_len - (pos - wpa_ie));
3043 wpa_ie_len += ext_capab_len;
3044 os_memcpy(pos, ext_capab, ext_capab_len);
3045 }
3046 }
3047
3048 #ifdef CONFIG_HS20
3049 if (is_hs20_config(wpa_s) && is_hs20_network(wpa_s, ssid, bss)) {
3050 struct wpabuf *hs20;
3051
3052 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3053 if (hs20) {
3054 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3055 size_t len;
3056
3057 wpas_hs20_add_indication(hs20, pps_mo_id,
3058 get_hs20_version(bss));
3059 wpas_hs20_add_roam_cons_sel(hs20, ssid);
3060 len = max_wpa_ie_len - wpa_ie_len;
3061 if (wpabuf_len(hs20) <= len) {
3062 os_memcpy(wpa_ie + wpa_ie_len,
3063 wpabuf_head(hs20), wpabuf_len(hs20));
3064 wpa_ie_len += wpabuf_len(hs20);
3065 }
3066 wpabuf_free(hs20);
3067 }
3068 }
3069 hs20_configure_frame_filters(wpa_s);
3070 #endif /* CONFIG_HS20 */
3071
3072 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3073 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3074 size_t len;
3075
3076 len = max_wpa_ie_len - wpa_ie_len;
3077 if (wpabuf_len(buf) <= len) {
3078 os_memcpy(wpa_ie + wpa_ie_len,
3079 wpabuf_head(buf), wpabuf_len(buf));
3080 wpa_ie_len += wpabuf_len(buf);
3081 }
3082 }
3083
3084 #ifdef CONFIG_FST
3085 if (wpa_s->fst_ies) {
3086 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3087
3088 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3089 os_memcpy(wpa_ie + wpa_ie_len,
3090 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3091 wpa_ie_len += fst_ies_len;
3092 }
3093 }
3094 #endif /* CONFIG_FST */
3095
3096 #ifdef CONFIG_MBO
3097 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3098 if (!wpa_s->disable_mbo_oce && mbo_ie) {
3099 int len;
3100
3101 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3102 max_wpa_ie_len - wpa_ie_len,
3103 !!mbo_attr_from_mbo_ie(mbo_ie,
3104 OCE_ATTR_ID_CAPA_IND));
3105 if (len >= 0)
3106 wpa_ie_len += len;
3107 }
3108 #endif /* CONFIG_MBO */
3109
3110 #ifdef CONFIG_FILS
3111 if (algs == WPA_AUTH_ALG_FILS) {
3112 size_t len;
3113
3114 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3115 max_wpa_ie_len - wpa_ie_len);
3116 wpa_ie_len += len;
3117 }
3118 #endif /* CONFIG_FILS */
3119
3120 #ifdef CONFIG_OWE
3121 #ifdef CONFIG_TESTING_OPTIONS
3122 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3123 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3124 } else
3125 #endif /* CONFIG_TESTING_OPTIONS */
3126 if (algs == WPA_AUTH_ALG_OPEN &&
3127 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
3128 struct wpabuf *owe_ie;
3129 u16 group;
3130
3131 if (ssid->owe_group) {
3132 group = ssid->owe_group;
3133 } else if (wpa_s->assoc_status_code ==
3134 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3135 if (wpa_s->last_owe_group == 19)
3136 group = 20;
3137 else if (wpa_s->last_owe_group == 20)
3138 group = 21;
3139 else
3140 group = OWE_DH_GROUP;
3141 } else {
3142 group = OWE_DH_GROUP;
3143 }
3144
3145 wpa_s->last_owe_group = group;
3146 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3147 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3148 if (owe_ie &&
3149 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3150 os_memcpy(wpa_ie + wpa_ie_len,
3151 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3152 wpa_ie_len += wpabuf_len(owe_ie);
3153 }
3154 wpabuf_free(owe_ie);
3155 }
3156 #endif /* CONFIG_OWE */
3157
3158 #ifdef CONFIG_DPP2
3159 if (DPP_VERSION > 1 &&
3160 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3161 ssid->dpp_netaccesskey &&
3162 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
3163 struct rsn_pmksa_cache_entry *pmksa;
3164
3165 pmksa = pmksa_cache_get_current(wpa_s->wpa);
3166 if (!pmksa || !pmksa->dpp_pfs)
3167 goto pfs_fail;
3168
3169 dpp_pfs_free(wpa_s->dpp_pfs);
3170 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3171 ssid->dpp_netaccesskey_len);
3172 if (!wpa_s->dpp_pfs) {
3173 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3174 /* Try to continue without PFS */
3175 goto pfs_fail;
3176 }
3177 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3178 max_wpa_ie_len - wpa_ie_len) {
3179 os_memcpy(wpa_ie + wpa_ie_len,
3180 wpabuf_head(wpa_s->dpp_pfs->ie),
3181 wpabuf_len(wpa_s->dpp_pfs->ie));
3182 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3183 }
3184 }
3185 pfs_fail:
3186 #endif /* CONFIG_DPP2 */
3187
3188 #ifdef CONFIG_IEEE80211R
3189 /*
3190 * Add MDIE under these conditions: the network profile allows FT,
3191 * the AP supports FT, and the mobility domain ID matches.
3192 */
3193 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3194 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3195
3196 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3197 size_t len = 0;
3198 const u8 *md = mdie + 2;
3199 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3200
3201 if (os_memcmp(md, wpa_md,
3202 MOBILITY_DOMAIN_ID_LEN) == 0) {
3203 /* Add mobility domain IE */
3204 len = wpa_ft_add_mdie(
3205 wpa_s->wpa, wpa_ie + wpa_ie_len,
3206 max_wpa_ie_len - wpa_ie_len, mdie);
3207 wpa_ie_len += len;
3208 }
3209 #ifdef CONFIG_SME
3210 if (len > 0 && wpa_s->sme.ft_used &&
3211 wpa_sm_has_ptk(wpa_s->wpa)) {
3212 wpa_dbg(wpa_s, MSG_DEBUG,
3213 "SME: Trying to use FT over-the-air");
3214 algs |= WPA_AUTH_ALG_FT;
3215 }
3216 #endif /* CONFIG_SME */
3217 }
3218 }
3219 #endif /* CONFIG_IEEE80211R */
3220
3221 #ifdef CONFIG_TESTING_OPTIONS
3222 if (wpa_s->rsnxe_override_assoc &&
3223 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3224 max_wpa_ie_len - wpa_ie_len) {
3225 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3226 os_memcpy(wpa_ie + wpa_ie_len,
3227 wpabuf_head(wpa_s->rsnxe_override_assoc),
3228 wpabuf_len(wpa_s->rsnxe_override_assoc));
3229 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3230 } else
3231 #endif /* CONFIG_TESTING_OPTIONS */
3232 if (wpa_s->rsnxe_len > 0 &&
3233 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3234 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3235 wpa_ie_len += wpa_s->rsnxe_len;
3236 }
3237
3238 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
3239 wpa_s->robust_av.valid_config) {
3240 struct wpabuf *mscs_ie;
3241 size_t mscs_ie_len, buf_len;
3242
3243 buf_len = 3 + /* MSCS descriptor IE header */
3244 1 + /* Request type */
3245 2 + /* User priority control */
3246 4 + /* Stream timeout */
3247 3 + /* TCLAS Mask IE header */
3248 wpa_s->robust_av.frame_classifier_len;
3249 mscs_ie = wpabuf_alloc(buf_len);
3250 if (!mscs_ie) {
3251 wpa_printf(MSG_INFO,
3252 "MSCS: Failed to allocate MSCS IE");
3253 goto mscs_fail;
3254 }
3255
3256 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
3257 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
3258 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
3259 mscs_ie_len = wpabuf_len(mscs_ie);
3260 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
3261 mscs_ie_len);
3262 wpa_ie_len += mscs_ie_len;
3263 }
3264
3265 wpabuf_free(mscs_ie);
3266 }
3267 mscs_fail:
3268
3269 if (ssid->multi_ap_backhaul_sta) {
3270 size_t multi_ap_ie_len;
3271
3272 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3273 max_wpa_ie_len - wpa_ie_len,
3274 MULTI_AP_BACKHAUL_STA);
3275 if (multi_ap_ie_len == 0) {
3276 wpa_printf(MSG_ERROR,
3277 "Multi-AP: Failed to build Multi-AP IE");
3278 os_free(wpa_ie);
3279 return NULL;
3280 }
3281 wpa_ie_len += multi_ap_ie_len;
3282 }
3283
3284 params->wpa_ie = wpa_ie;
3285 params->wpa_ie_len = wpa_ie_len;
3286 params->auth_alg = algs;
3287 if (mask)
3288 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3289
3290 return wpa_ie;
3291 }
3292
3293
3294 #ifdef CONFIG_OWE
wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)3295 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3296 {
3297 struct wpa_driver_associate_params params;
3298 u8 *wpa_ie;
3299
3300 os_memset(¶ms, 0, sizeof(params));
3301 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3302 wpa_s->current_ssid, ¶ms, NULL);
3303 if (!wpa_ie)
3304 return;
3305
3306 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3307 os_free(wpa_ie);
3308 }
3309 #endif /* CONFIG_OWE */
3310
3311
3312 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)3313 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3314 {
3315 struct wpa_driver_associate_params params;
3316 enum wpa_drv_update_connect_params_mask mask = 0;
3317 u8 *wpa_ie;
3318
3319 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3320 return; /* nothing to do */
3321
3322 os_memset(¶ms, 0, sizeof(params));
3323 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3324 wpa_s->current_ssid, ¶ms, &mask);
3325 if (!wpa_ie)
3326 return;
3327
3328 if (params.auth_alg != WPA_AUTH_ALG_FILS) {
3329 os_free(wpa_ie);
3330 return;
3331 }
3332
3333 wpa_s->auth_alg = params.auth_alg;
3334 wpa_drv_update_connect_params(wpa_s, ¶ms, mask);
3335 os_free(wpa_ie);
3336 }
3337 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3338
3339
wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)3340 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3341 {
3342 if (!edmg_ie || edmg_ie[1] < 6)
3343 return 0;
3344 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3345 }
3346
3347
wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)3348 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3349 {
3350 if (!edmg_ie || edmg_ie[1] < 6)
3351 return 0;
3352 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3353 }
3354
3355
3356 /* Returns the intersection of two EDMG configurations.
3357 * Note: The current implementation is limited to CB2 only (CB1 included),
3358 * i.e., the implementation supports up to 2 contiguous channels.
3359 * For supporting non-contiguous (aggregated) channels and for supporting
3360 * CB3 and above, this function will need to be extended.
3361 */
3362 static struct ieee80211_edmg_config
get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)3363 get_edmg_intersection(struct ieee80211_edmg_config a,
3364 struct ieee80211_edmg_config b,
3365 u8 primary_channel)
3366 {
3367 struct ieee80211_edmg_config result;
3368 int i, contiguous = 0;
3369 int max_contiguous = 0;
3370
3371 result.channels = b.channels & a.channels;
3372 if (!result.channels) {
3373 wpa_printf(MSG_DEBUG,
3374 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3375 a.channels, b.channels);
3376 goto fail;
3377 }
3378
3379 if (!(result.channels & BIT(primary_channel - 1))) {
3380 wpa_printf(MSG_DEBUG,
3381 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3382 primary_channel, result.channels);
3383 goto fail;
3384 }
3385
3386 /* Find max contiguous channels */
3387 for (i = 0; i < 6; i++) {
3388 if (result.channels & BIT(i))
3389 contiguous++;
3390 else
3391 contiguous = 0;
3392
3393 if (contiguous > max_contiguous)
3394 max_contiguous = contiguous;
3395 }
3396
3397 /* Assuming AP and STA supports ONLY contiguous channels,
3398 * bw configuration can have value between 4-7.
3399 */
3400 if ((b.bw_config < a.bw_config))
3401 result.bw_config = b.bw_config;
3402 else
3403 result.bw_config = a.bw_config;
3404
3405 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3406 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3407 wpa_printf(MSG_DEBUG,
3408 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3409 max_contiguous);
3410 goto fail;
3411 }
3412
3413 return result;
3414
3415 fail:
3416 result.channels = 0;
3417 result.bw_config = 0;
3418 return result;
3419 }
3420
3421
3422 static struct ieee80211_edmg_config
get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)3423 get_supported_edmg(struct wpa_supplicant *wpa_s,
3424 struct hostapd_freq_params *freq,
3425 struct ieee80211_edmg_config request_edmg)
3426 {
3427 enum hostapd_hw_mode hw_mode;
3428 struct hostapd_hw_modes *mode = NULL;
3429 u8 primary_channel;
3430
3431 if (!wpa_s->hw.modes)
3432 goto fail;
3433
3434 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3435 if (hw_mode == NUM_HOSTAPD_MODES)
3436 goto fail;
3437
3438 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
3439 if (!mode)
3440 goto fail;
3441
3442 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3443
3444 fail:
3445 request_edmg.channels = 0;
3446 request_edmg.bw_config = 0;
3447 return request_edmg;
3448 }
3449
3450
3451 #ifdef CONFIG_MBO
wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)3452 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3453 {
3454 struct wpa_driver_associate_params params;
3455 u8 *wpa_ie;
3456
3457 /*
3458 * Update MBO connect params only in case of change of MBO attributes
3459 * when connected, if the AP support MBO.
3460 */
3461
3462 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3463 !wpa_s->current_bss ||
3464 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3465 return;
3466
3467 os_memset(¶ms, 0, sizeof(params));
3468 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3469 wpa_s->current_ssid, ¶ms, NULL);
3470 if (!wpa_ie)
3471 return;
3472
3473 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3474 os_free(wpa_ie);
3475 }
3476 #endif /* CONFIG_MBO */
3477
3478
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)3479 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3480 {
3481 struct wpa_connect_work *cwork = work->ctx;
3482 struct wpa_bss *bss = cwork->bss;
3483 struct wpa_ssid *ssid = cwork->ssid;
3484 struct wpa_supplicant *wpa_s = work->wpa_s;
3485 u8 *wpa_ie;
3486 const u8 *edmg_ie_oper;
3487 int use_crypt, ret, bssid_changed;
3488 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3489 struct wpa_driver_associate_params params;
3490 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
3491 int wep_keys_set = 0;
3492 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */
3493 int assoc_failed = 0;
3494 struct wpa_ssid *old_ssid;
3495 u8 prev_bssid[ETH_ALEN];
3496 #ifdef CONFIG_HT_OVERRIDES
3497 struct ieee80211_ht_capabilities htcaps;
3498 struct ieee80211_ht_capabilities htcaps_mask;
3499 #endif /* CONFIG_HT_OVERRIDES */
3500 #ifdef CONFIG_VHT_OVERRIDES
3501 struct ieee80211_vht_capabilities vhtcaps;
3502 struct ieee80211_vht_capabilities vhtcaps_mask;
3503 #endif /* CONFIG_VHT_OVERRIDES */
3504
3505 if (deinit) {
3506 if (work->started) {
3507 wpa_s->connect_work = NULL;
3508
3509 /* cancel possible auth. timeout */
3510 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3511 NULL);
3512 }
3513 wpas_connect_work_free(cwork);
3514 return;
3515 }
3516
3517 wpa_s->connect_work = work;
3518
3519 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3520 wpas_network_disabled(wpa_s, ssid)) {
3521 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3522 wpas_connect_work_done(wpa_s);
3523 return;
3524 }
3525
3526 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3527 os_memset(¶ms, 0, sizeof(params));
3528 wpa_s->reassociate = 0;
3529 wpa_s->eap_expected_failure = 0;
3530
3531 /* Starting new association, so clear the possibly used WPA IE from the
3532 * previous association. */
3533 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
3534 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3535 wpa_s->rsnxe_len = 0;
3536 wpa_s->mscs_setup_done = false;
3537
3538 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL);
3539 if (!wpa_ie) {
3540 wpas_connect_work_done(wpa_s);
3541 return;
3542 }
3543
3544 if (bss &&
3545 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3546 #ifdef CONFIG_IEEE80211R
3547 const u8 *ie, *md = NULL;
3548 #endif /* CONFIG_IEEE80211R */
3549 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3550 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3551 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3552 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3553 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3554 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3555 if (bssid_changed)
3556 wpas_notify_bssid_changed(wpa_s);
3557 #ifdef CONFIG_IEEE80211R
3558 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3559 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3560 md = ie + 2;
3561 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3562 if (md) {
3563 /* Prepare for the next transition */
3564 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3565 }
3566 #endif /* CONFIG_IEEE80211R */
3567 #ifdef CONFIG_WPS
3568 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3569 wpa_s->conf->ap_scan == 2 &&
3570 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3571 /* Use ap_scan==1 style network selection to find the network
3572 */
3573 wpas_connect_work_done(wpa_s);
3574 wpa_s->scan_req = MANUAL_SCAN_REQ;
3575 wpa_s->reassociate = 1;
3576 wpa_supplicant_req_scan(wpa_s, 0, 0);
3577 return;
3578 #endif /* CONFIG_WPS */
3579 } else {
3580 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3581 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3582 if (bss)
3583 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3584 else
3585 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3586 }
3587 if (!wpa_s->pno)
3588 wpa_supplicant_cancel_sched_scan(wpa_s);
3589
3590 wpa_supplicant_cancel_scan(wpa_s);
3591
3592 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3593 use_crypt = 1;
3594 cipher_pairwise = wpa_s->pairwise_cipher;
3595 cipher_group = wpa_s->group_cipher;
3596 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
3597 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3598 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3599 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3600 use_crypt = 0;
3601 #ifdef CONFIG_WEP
3602 if (wpa_set_wep_keys(wpa_s, ssid)) {
3603 use_crypt = 1;
3604 wep_keys_set = 1;
3605 }
3606 #endif /* CONFIG_WEP */
3607 }
3608 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3609 use_crypt = 0;
3610
3611 #ifdef IEEE8021X_EAPOL
3612 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3613 if ((ssid->eapol_flags &
3614 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3615 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3616 !wep_keys_set) {
3617 use_crypt = 0;
3618 } else {
3619 /* Assume that dynamic WEP-104 keys will be used and
3620 * set cipher suites in order for drivers to expect
3621 * encryption. */
3622 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
3623 }
3624 }
3625 #endif /* IEEE8021X_EAPOL */
3626
3627 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3628 /* Set the key before (and later after) association */
3629 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3630 }
3631
3632 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
3633 if (bss) {
3634 params.ssid = bss->ssid;
3635 params.ssid_len = bss->ssid_len;
3636 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3637 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3638 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3639 MACSTR " freq=%u MHz based on scan results "
3640 "(bssid_set=%d wps=%d)",
3641 MAC2STR(bss->bssid), bss->freq,
3642 ssid->bssid_set,
3643 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
3644 params.bssid = bss->bssid;
3645 params.freq.freq = bss->freq;
3646 }
3647 params.bssid_hint = bss->bssid;
3648 params.freq_hint = bss->freq;
3649 params.pbss = bss_is_pbss(bss);
3650 } else {
3651 if (ssid->bssid_hint_set)
3652 params.bssid_hint = ssid->bssid_hint;
3653
3654 params.ssid = ssid->ssid;
3655 params.ssid_len = ssid->ssid_len;
3656 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
3657 }
3658
3659 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3660 wpa_s->conf->ap_scan == 2) {
3661 params.bssid = ssid->bssid;
3662 params.fixed_bssid = 1;
3663 }
3664
3665 /* Initial frequency for IBSS/mesh */
3666 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
3667 ssid->frequency > 0 && params.freq.freq == 0)
3668 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
3669
3670 if (ssid->mode == WPAS_MODE_IBSS) {
3671 params.fixed_freq = ssid->fixed_freq;
3672 if (ssid->beacon_int)
3673 params.beacon_int = ssid->beacon_int;
3674 else
3675 params.beacon_int = wpa_s->conf->beacon_int;
3676 }
3677
3678 if (bss && ssid->enable_edmg)
3679 edmg_ie_oper = wpa_bss_get_ie_ext(bss,
3680 WLAN_EID_EXT_EDMG_OPERATION);
3681 else
3682 edmg_ie_oper = NULL;
3683
3684 if (edmg_ie_oper) {
3685 params.freq.edmg.channels =
3686 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3687 params.freq.edmg.bw_config =
3688 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3689 wpa_printf(MSG_DEBUG,
3690 "AP supports EDMG channels 0x%x, bw_config %d",
3691 params.freq.edmg.channels,
3692 params.freq.edmg.bw_config);
3693
3694 /* User may ask for specific EDMG channel for EDMG connection
3695 * (must be supported by AP)
3696 */
3697 if (ssid->edmg_channel) {
3698 struct ieee80211_edmg_config configured_edmg;
3699 enum hostapd_hw_mode hw_mode;
3700 u8 primary_channel;
3701
3702 hw_mode = ieee80211_freq_to_chan(bss->freq,
3703 &primary_channel);
3704 if (hw_mode == NUM_HOSTAPD_MODES)
3705 goto edmg_fail;
3706
3707 hostapd_encode_edmg_chan(ssid->enable_edmg,
3708 ssid->edmg_channel,
3709 primary_channel,
3710 &configured_edmg);
3711
3712 if (ieee802_edmg_is_allowed(params.freq.edmg,
3713 configured_edmg)) {
3714 params.freq.edmg = configured_edmg;
3715 wpa_printf(MSG_DEBUG,
3716 "Use EDMG channel %d for connection",
3717 ssid->edmg_channel);
3718 } else {
3719 edmg_fail:
3720 params.freq.edmg.channels = 0;
3721 params.freq.edmg.bw_config = 0;
3722 wpa_printf(MSG_WARNING,
3723 "EDMG channel %d not supported by AP, fallback to DMG",
3724 ssid->edmg_channel);
3725 }
3726 }
3727
3728 if (params.freq.edmg.channels) {
3729 wpa_printf(MSG_DEBUG,
3730 "EDMG before: channels 0x%x, bw_config %d",
3731 params.freq.edmg.channels,
3732 params.freq.edmg.bw_config);
3733 params.freq.edmg = get_supported_edmg(wpa_s,
3734 ¶ms.freq,
3735 params.freq.edmg);
3736 wpa_printf(MSG_DEBUG,
3737 "EDMG after: channels 0x%x, bw_config %d",
3738 params.freq.edmg.channels,
3739 params.freq.edmg.bw_config);
3740 }
3741 }
3742
3743 params.pairwise_suite = cipher_pairwise;
3744 params.group_suite = cipher_group;
3745 params.mgmt_group_suite = cipher_group_mgmt;
3746 params.key_mgmt_suite = wpa_s->key_mgmt;
3747 params.wpa_proto = wpa_s->wpa_proto;
3748 wpa_s->auth_alg = params.auth_alg;
3749 params.mode = ssid->mode;
3750 params.bg_scan_period = ssid->bg_scan_period;
3751 #ifdef CONFIG_WEP
3752 {
3753 int i;
3754
3755 for (i = 0; i < NUM_WEP_KEYS; i++) {
3756 if (ssid->wep_key_len[i])
3757 params.wep_key[i] = ssid->wep_key[i];
3758 params.wep_key_len[i] = ssid->wep_key_len[i];
3759 }
3760 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3761 }
3762 #endif /* CONFIG_WEP */
3763
3764 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
3765 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3766 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
3767 params.passphrase = ssid->passphrase;
3768 if (ssid->psk_set)
3769 params.psk = ssid->psk;
3770 }
3771
3772 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3773 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3774 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3775 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3776 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
3777 params.req_handshake_offload = 1;
3778
3779 if (wpa_s->conf->key_mgmt_offload) {
3780 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3781 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3782 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3783 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
3784 params.req_key_mgmt_offload =
3785 ssid->proactive_key_caching < 0 ?
3786 wpa_s->conf->okc : ssid->proactive_key_caching;
3787 else
3788 params.req_key_mgmt_offload = 1;
3789
3790 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3791 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3792 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3793 ssid->psk_set)
3794 params.psk = ssid->psk;
3795 }
3796
3797 params.drop_unencrypted = use_crypt;
3798
3799 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
3800 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
3801 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3802 struct wpa_ie_data ie;
3803 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3804 ie.capabilities &
3805 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
3806 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3807 "MFP: require MFP");
3808 params.mgmt_frame_protection =
3809 MGMT_FRAME_PROTECTION_REQUIRED;
3810 #ifdef CONFIG_OWE
3811 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3812 !ssid->owe_only) {
3813 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3814 #endif /* CONFIG_OWE */
3815 }
3816 }
3817
3818 params.p2p = ssid->p2p_group;
3819
3820 if (wpa_s->p2pdev->set_sta_uapsd)
3821 params.uapsd = wpa_s->p2pdev->sta_uapsd;
3822 else
3823 params.uapsd = -1;
3824
3825 #ifdef CONFIG_HT_OVERRIDES
3826 os_memset(&htcaps, 0, sizeof(htcaps));
3827 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
3828 params.htcaps = (u8 *) &htcaps;
3829 params.htcaps_mask = (u8 *) &htcaps_mask;
3830 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
3831 #endif /* CONFIG_HT_OVERRIDES */
3832 #ifdef CONFIG_VHT_OVERRIDES
3833 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
3834 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
3835 params.vhtcaps = &vhtcaps;
3836 params.vhtcaps_mask = &vhtcaps_mask;
3837 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
3838 #endif /* CONFIG_VHT_OVERRIDES */
3839 #ifdef CONFIG_HE_OVERRIDES
3840 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms);
3841 #endif /* CONFIG_HE_OVERRIDES */
3842
3843 #ifdef CONFIG_P2P
3844 /*
3845 * If multi-channel concurrency is not supported, check for any
3846 * frequency conflict. In case of any frequency conflict, remove the
3847 * least prioritized connection.
3848 */
3849 if (wpa_s->num_multichan_concurrent < 2) {
3850 int freq, num;
3851 num = get_shared_radio_freqs(wpa_s, &freq, 1);
3852 if (num > 0 && freq > 0 && freq != params.freq.freq) {
3853 wpa_printf(MSG_DEBUG,
3854 "Assoc conflicting freq found (%d != %d)",
3855 freq, params.freq.freq);
3856 if (wpas_p2p_handle_frequency_conflicts(
3857 wpa_s, params.freq.freq, ssid) < 0) {
3858 wpas_connect_work_done(wpa_s);
3859 os_free(wpa_ie);
3860 return;
3861 }
3862 }
3863 }
3864 #endif /* CONFIG_P2P */
3865
3866 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
3867 wpa_s->current_ssid)
3868 params.prev_bssid = prev_bssid;
3869
3870 #ifdef CONFIG_SAE
3871 params.sae_pwe = wpa_s->conf->sae_pwe;
3872 #endif /* CONFIG_SAE */
3873
3874 ret = wpa_drv_associate(wpa_s, ¶ms);
3875 os_free(wpa_ie);
3876 if (ret < 0) {
3877 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
3878 "failed");
3879 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
3880 /*
3881 * The driver is known to mean what is saying, so we
3882 * can stop right here; the association will not
3883 * succeed.
3884 */
3885 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
3886 wpa_s->assoc_status_code = WLAN_STATUS_UNSPECIFIED_FAILURE;
3887 wpas_notify_assoc_status_code(wpa_s, wpa_s->pending_bssid, 0, NULL, 0);
3888 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
3889 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3890 return;
3891 }
3892 /* try to continue anyway; new association will be tried again
3893 * after timeout */
3894 assoc_failed = 1;
3895 }
3896
3897 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3898 /* Set the key after the association just in case association
3899 * cleared the previously configured key. */
3900 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3901 /* No need to timeout authentication since there is no key
3902 * management. */
3903 wpa_supplicant_cancel_auth_timeout(wpa_s);
3904 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
3905 #ifdef CONFIG_IBSS_RSN
3906 } else if (ssid->mode == WPAS_MODE_IBSS &&
3907 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
3908 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
3909 /*
3910 * RSN IBSS authentication is per-STA and we can disable the
3911 * per-BSSID authentication.
3912 */
3913 wpa_supplicant_cancel_auth_timeout(wpa_s);
3914 #endif /* CONFIG_IBSS_RSN */
3915 } else {
3916 /* Timeout for IEEE 802.11 authentication and association */
3917 int timeout = 60;
3918
3919 if (assoc_failed) {
3920 /* give IBSS a bit more time */
3921 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
3922 } else if (wpa_s->conf->ap_scan == 1) {
3923 /* give IBSS a bit more time */
3924 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
3925 }
3926 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
3927 }
3928
3929 #ifdef CONFIG_WEP
3930 if (wep_keys_set &&
3931 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
3932 /* Set static WEP keys again */
3933 wpa_set_wep_keys(wpa_s, ssid);
3934 }
3935 #endif /* CONFIG_WEP */
3936
3937 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
3938 /*
3939 * Do not allow EAP session resumption between different
3940 * network configurations.
3941 */
3942 eapol_sm_invalidate_cached_session(wpa_s->eapol);
3943 }
3944 old_ssid = wpa_s->current_ssid;
3945 wpa_s->current_ssid = ssid;
3946
3947 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
3948 wpa_s->current_bss = bss;
3949 #ifdef CONFIG_HS20
3950 hs20_configure_frame_filters(wpa_s);
3951 #endif /* CONFIG_HS20 */
3952 }
3953
3954 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
3955 wpa_supplicant_initiate_eapol(wpa_s);
3956 if (old_ssid != wpa_s->current_ssid)
3957 wpas_notify_network_changed(wpa_s);
3958 }
3959
3960
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)3961 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
3962 const u8 *addr)
3963 {
3964 struct wpa_ssid *old_ssid;
3965
3966 wpas_connect_work_done(wpa_s);
3967 wpa_clear_keys(wpa_s, addr);
3968 old_ssid = wpa_s->current_ssid;
3969 wpa_supplicant_mark_disassoc(wpa_s);
3970 wpa_sm_set_config(wpa_s->wpa, NULL);
3971 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
3972 if (old_ssid != wpa_s->current_ssid)
3973 wpas_notify_network_changed(wpa_s);
3974 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3975 }
3976
3977
3978 /**
3979 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
3980 * @wpa_s: Pointer to wpa_supplicant data
3981 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
3982 *
3983 * This function is used to request %wpa_supplicant to deauthenticate from the
3984 * current AP.
3985 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,u16 reason_code)3986 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
3987 u16 reason_code)
3988 {
3989 u8 *addr = NULL;
3990 union wpa_event_data event;
3991 int zero_addr = 0;
3992
3993 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
3994 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
3995 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
3996 reason_code, reason2str(reason_code),
3997 wpa_supplicant_state_txt(wpa_s->wpa_state));
3998
3999 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
4000 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
4001 wpa_s->wpa_state == WPA_ASSOCIATING))
4002 addr = wpa_s->pending_bssid;
4003 else if (!is_zero_ether_addr(wpa_s->bssid))
4004 addr = wpa_s->bssid;
4005 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
4006 /*
4007 * When using driver-based BSS selection, we may not know the
4008 * BSSID with which we are currently trying to associate. We
4009 * need to notify the driver of this disconnection even in such
4010 * a case, so use the all zeros address here.
4011 */
4012 addr = wpa_s->bssid;
4013 zero_addr = 1;
4014 }
4015
4016 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
4017 wpa_s->enabled_4addr_mode = 0;
4018
4019 #ifdef CONFIG_TDLS
4020 wpa_tdls_teardown_peers(wpa_s->wpa);
4021 #endif /* CONFIG_TDLS */
4022
4023 #ifdef CONFIG_MESH
4024 if (wpa_s->ifmsh) {
4025 struct mesh_conf *mconf;
4026
4027 mconf = wpa_s->ifmsh->mconf;
4028 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
4029 wpa_s->ifname);
4030 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
4031 mconf->meshid_len, reason_code);
4032 wpa_supplicant_leave_mesh(wpa_s, true);
4033 }
4034 #endif /* CONFIG_MESH */
4035
4036 if (addr) {
4037 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
4038 os_memset(&event, 0, sizeof(event));
4039 event.deauth_info.reason_code = reason_code;
4040 event.deauth_info.locally_generated = 1;
4041 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
4042 if (zero_addr)
4043 addr = NULL;
4044 }
4045
4046 wpa_supplicant_clear_connection(wpa_s, addr);
4047 }
4048
4049
wpa_supplicant_reconnect(struct wpa_supplicant * wpa_s)4050 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
4051 {
4052 wpa_s->own_reconnect_req = 1;
4053 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
4054
4055 }
4056
4057
wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4058 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
4059 struct wpa_ssid *ssid)
4060 {
4061 if (!ssid || !ssid->disabled || ssid->disabled == 2)
4062 return;
4063
4064 ssid->disabled = 0;
4065 ssid->owe_transition_bss_select_count = 0;
4066 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4067 wpas_notify_network_enabled_changed(wpa_s, ssid);
4068
4069 /*
4070 * Try to reassociate since there is no current configuration and a new
4071 * network was made available.
4072 */
4073 if (!wpa_s->current_ssid && !wpa_s->disconnected)
4074 wpa_s->reassociate = 1;
4075 }
4076
4077
4078 /**
4079 * wpa_supplicant_add_network - Add a new network
4080 * @wpa_s: wpa_supplicant structure for a network interface
4081 * Returns: The new network configuration or %NULL if operation failed
4082 *
4083 * This function performs the following operations:
4084 * 1. Adds a new network.
4085 * 2. Send network addition notification.
4086 * 3. Marks the network disabled.
4087 * 4. Set network default parameters.
4088 */
wpa_supplicant_add_network(struct wpa_supplicant * wpa_s)4089 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
4090 {
4091 struct wpa_ssid *ssid;
4092
4093 ssid = wpa_config_add_network(wpa_s->conf);
4094 if (!ssid)
4095 return NULL;
4096 wpas_notify_network_added(wpa_s, ssid);
4097 ssid->disabled = 1;
4098 wpa_config_set_network_defaults(ssid);
4099
4100 return ssid;
4101 }
4102
4103
4104 /**
4105 * wpa_supplicant_remove_network - Remove a configured network based on id
4106 * @wpa_s: wpa_supplicant structure for a network interface
4107 * @id: Unique network id to search for
4108 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
4109 * could not be removed
4110 *
4111 * This function performs the following operations:
4112 * 1. Removes the network.
4113 * 2. Send network removal notification.
4114 * 3. Update internal state machines.
4115 * 4. Stop any running sched scans.
4116 */
wpa_supplicant_remove_network(struct wpa_supplicant * wpa_s,int id)4117 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
4118 {
4119 struct wpa_ssid *ssid;
4120 int was_disabled;
4121
4122 ssid = wpa_config_get_network(wpa_s->conf, id);
4123 if (!ssid)
4124 return -1;
4125 wpas_notify_network_removed(wpa_s, ssid);
4126
4127 if (wpa_s->last_ssid == ssid)
4128 wpa_s->last_ssid = NULL;
4129
4130 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) {
4131 #ifdef CONFIG_SME
4132 wpa_s->sme.prev_bssid_set = 0;
4133 #endif /* CONFIG_SME */
4134 /*
4135 * Invalidate the EAP session cache if the current or
4136 * previously used network is removed.
4137 */
4138 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4139 }
4140
4141 if (ssid == wpa_s->current_ssid) {
4142 wpa_sm_set_config(wpa_s->wpa, NULL);
4143 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4144
4145 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4146 wpa_s->own_disconnect_req = 1;
4147 wpa_supplicant_deauthenticate(wpa_s,
4148 WLAN_REASON_DEAUTH_LEAVING);
4149 }
4150
4151 was_disabled = ssid->disabled;
4152
4153 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
4154 return -2;
4155
4156 if (!was_disabled && wpa_s->sched_scanning) {
4157 wpa_printf(MSG_DEBUG,
4158 "Stop ongoing sched_scan to remove network from filters");
4159 wpa_supplicant_cancel_sched_scan(wpa_s);
4160 wpa_supplicant_req_scan(wpa_s, 0, 0);
4161 }
4162
4163 return 0;
4164 }
4165
4166
4167 /**
4168 * wpa_supplicant_remove_all_networks - Remove all configured networks
4169 * @wpa_s: wpa_supplicant structure for a network interface
4170 * Returns: 0 on success (errors are currently ignored)
4171 *
4172 * This function performs the following operations:
4173 * 1. Remove all networks.
4174 * 2. Send network removal notifications.
4175 * 3. Update internal state machines.
4176 * 4. Stop any running sched scans.
4177 */
wpa_supplicant_remove_all_networks(struct wpa_supplicant * wpa_s)4178 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
4179 {
4180 struct wpa_ssid *ssid;
4181
4182 if (wpa_s->sched_scanning)
4183 wpa_supplicant_cancel_sched_scan(wpa_s);
4184
4185 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4186 if (wpa_s->current_ssid) {
4187 #ifdef CONFIG_SME
4188 wpa_s->sme.prev_bssid_set = 0;
4189 #endif /* CONFIG_SME */
4190 wpa_sm_set_config(wpa_s->wpa, NULL);
4191 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4192 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4193 wpa_s->own_disconnect_req = 1;
4194 wpa_supplicant_deauthenticate(
4195 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4196 }
4197 ssid = wpa_s->conf->ssid;
4198 while (ssid) {
4199 struct wpa_ssid *remove_ssid = ssid;
4200 int id;
4201
4202 id = ssid->id;
4203 ssid = ssid->next;
4204 if (wpa_s->last_ssid == remove_ssid)
4205 wpa_s->last_ssid = NULL;
4206 wpas_notify_network_removed(wpa_s, remove_ssid);
4207 wpa_config_remove_network(wpa_s->conf, id);
4208 }
4209 return 0;
4210 }
4211
4212
4213 /**
4214 * wpa_supplicant_enable_network - Mark a configured network as enabled
4215 * @wpa_s: wpa_supplicant structure for a network interface
4216 * @ssid: wpa_ssid structure for a configured network or %NULL
4217 *
4218 * Enables the specified network or all networks if no network specified.
4219 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4220 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
4221 struct wpa_ssid *ssid)
4222 {
4223 if (ssid == NULL) {
4224 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4225 wpa_supplicant_enable_one_network(wpa_s, ssid);
4226 } else
4227 wpa_supplicant_enable_one_network(wpa_s, ssid);
4228
4229 if (wpa_s->reassociate && !wpa_s->disconnected &&
4230 (!wpa_s->current_ssid ||
4231 wpa_s->wpa_state == WPA_DISCONNECTED ||
4232 wpa_s->wpa_state == WPA_SCANNING)) {
4233 if (wpa_s->sched_scanning) {
4234 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
4235 "new network to scan filters");
4236 wpa_supplicant_cancel_sched_scan(wpa_s);
4237 }
4238
4239 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
4240 wpa_s->scan_req = NORMAL_SCAN_REQ;
4241 wpa_supplicant_req_scan(wpa_s, 0, 0);
4242 }
4243 }
4244 }
4245
4246
4247 /**
4248 * wpa_supplicant_disable_network - Mark a configured network as disabled
4249 * @wpa_s: wpa_supplicant structure for a network interface
4250 * @ssid: wpa_ssid structure for a configured network or %NULL
4251 *
4252 * Disables the specified network or all networks if no network specified.
4253 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4254 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
4255 struct wpa_ssid *ssid)
4256 {
4257 struct wpa_ssid *other_ssid;
4258 int was_disabled;
4259
4260 if (ssid == NULL) {
4261 if (wpa_s->sched_scanning)
4262 wpa_supplicant_cancel_sched_scan(wpa_s);
4263
4264 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4265 other_ssid = other_ssid->next) {
4266 was_disabled = other_ssid->disabled;
4267 if (was_disabled == 2)
4268 continue; /* do not change persistent P2P group
4269 * data */
4270
4271 other_ssid->disabled = 1;
4272
4273 if (was_disabled != other_ssid->disabled)
4274 wpas_notify_network_enabled_changed(
4275 wpa_s, other_ssid);
4276 }
4277 if (wpa_s->current_ssid) {
4278 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4279 wpa_s->own_disconnect_req = 1;
4280 wpa_supplicant_deauthenticate(
4281 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4282 }
4283 } else if (ssid->disabled != 2) {
4284 if (ssid == wpa_s->current_ssid) {
4285 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4286 wpa_s->own_disconnect_req = 1;
4287 wpa_supplicant_deauthenticate(
4288 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4289 }
4290
4291 was_disabled = ssid->disabled;
4292
4293 ssid->disabled = 1;
4294
4295 if (was_disabled != ssid->disabled) {
4296 wpas_notify_network_enabled_changed(wpa_s, ssid);
4297 if (wpa_s->sched_scanning) {
4298 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4299 "to remove network from filters");
4300 wpa_supplicant_cancel_sched_scan(wpa_s);
4301 wpa_supplicant_req_scan(wpa_s, 0, 0);
4302 }
4303 }
4304 }
4305 }
4306
4307
4308 /**
4309 * wpa_supplicant_select_network - Attempt association with a network
4310 * @wpa_s: wpa_supplicant structure for a network interface
4311 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4312 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4313 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4314 struct wpa_ssid *ssid)
4315 {
4316
4317 struct wpa_ssid *other_ssid;
4318 int disconnected = 0;
4319
4320 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
4321 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4322 wpa_s->own_disconnect_req = 1;
4323 wpa_supplicant_deauthenticate(
4324 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4325 disconnected = 1;
4326 }
4327
4328 if (ssid)
4329 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4330
4331 /*
4332 * Mark all other networks disabled or mark all networks enabled if no
4333 * network specified.
4334 */
4335 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4336 other_ssid = other_ssid->next) {
4337 int was_disabled = other_ssid->disabled;
4338 if (was_disabled == 2)
4339 continue; /* do not change persistent P2P group data */
4340
4341 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
4342 if (was_disabled && !other_ssid->disabled)
4343 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
4344
4345 if (was_disabled != other_ssid->disabled)
4346 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
4347 }
4348
4349 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4350 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4351 /* We are already associated with the selected network */
4352 wpa_printf(MSG_DEBUG, "Already associated with the "
4353 "selected network - do nothing");
4354 return;
4355 }
4356
4357 if (ssid) {
4358 wpa_s->current_ssid = ssid;
4359 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4360 wpa_s->connect_without_scan =
4361 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
4362
4363 /*
4364 * Don't optimize next scan freqs since a new ESS has been
4365 * selected.
4366 */
4367 os_free(wpa_s->next_scan_freqs);
4368 wpa_s->next_scan_freqs = NULL;
4369 } else {
4370 wpa_s->connect_without_scan = NULL;
4371 }
4372
4373 wpa_s->disconnected = 0;
4374 wpa_s->reassociate = 1;
4375 wpa_s_clear_sae_rejected(wpa_s);
4376 wpa_s->last_owe_group = 0;
4377 if (ssid) {
4378 ssid->owe_transition_bss_select_count = 0;
4379 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4380 }
4381
4382 if (wpa_s->connect_without_scan ||
4383 wpa_supplicant_fast_associate(wpa_s) != 1) {
4384 wpa_s->scan_req = NORMAL_SCAN_REQ;
4385 wpas_scan_reset_sched_scan(wpa_s);
4386 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
4387 }
4388
4389 if (ssid)
4390 wpas_notify_network_selected(wpa_s, ssid);
4391 }
4392
4393
4394 /**
4395 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4396 * @wpa_s: wpa_supplicant structure for a network interface
4397 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4398 * @pkcs11_module_path: PKCS #11 module path or NULL
4399 * Returns: 0 on success; -1 on failure
4400 *
4401 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4402 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4403 * module path fails the paths will be reset to the default value (NULL).
4404 */
wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)4405 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4406 const char *pkcs11_engine_path,
4407 const char *pkcs11_module_path)
4408 {
4409 char *pkcs11_engine_path_copy = NULL;
4410 char *pkcs11_module_path_copy = NULL;
4411
4412 if (pkcs11_engine_path != NULL) {
4413 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4414 if (pkcs11_engine_path_copy == NULL)
4415 return -1;
4416 }
4417 if (pkcs11_module_path != NULL) {
4418 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
4419 if (pkcs11_module_path_copy == NULL) {
4420 os_free(pkcs11_engine_path_copy);
4421 return -1;
4422 }
4423 }
4424
4425 os_free(wpa_s->conf->pkcs11_engine_path);
4426 os_free(wpa_s->conf->pkcs11_module_path);
4427 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4428 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4429
4430 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4431 eapol_sm_deinit(wpa_s->eapol);
4432 wpa_s->eapol = NULL;
4433 if (wpa_supplicant_init_eapol(wpa_s)) {
4434 /* Error -> Reset paths to the default value (NULL) once. */
4435 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4436 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4437 NULL);
4438
4439 return -1;
4440 }
4441 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4442
4443 return 0;
4444 }
4445
4446
4447 /**
4448 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4449 * @wpa_s: wpa_supplicant structure for a network interface
4450 * @ap_scan: AP scan mode
4451 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4452 *
4453 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)4454 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4455 {
4456
4457 int old_ap_scan;
4458
4459 if (ap_scan < 0 || ap_scan > 2)
4460 return -1;
4461
4462 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4463 wpa_printf(MSG_INFO,
4464 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4465 }
4466
4467 #ifdef ANDROID
4468 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4469 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4470 wpa_s->wpa_state < WPA_COMPLETED) {
4471 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4472 "associating", wpa_s->conf->ap_scan, ap_scan);
4473 return 0;
4474 }
4475 #endif /* ANDROID */
4476
4477 old_ap_scan = wpa_s->conf->ap_scan;
4478 wpa_s->conf->ap_scan = ap_scan;
4479
4480 if (old_ap_scan != wpa_s->conf->ap_scan)
4481 wpas_notify_ap_scan_changed(wpa_s);
4482
4483 return 0;
4484 }
4485
4486
4487 /**
4488 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4489 * @wpa_s: wpa_supplicant structure for a network interface
4490 * @expire_age: Expiration age in seconds
4491 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4492 *
4493 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)4494 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4495 unsigned int bss_expire_age)
4496 {
4497 if (bss_expire_age < 10) {
4498 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4499 bss_expire_age);
4500 return -1;
4501 }
4502 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4503 bss_expire_age);
4504 wpa_s->conf->bss_expiration_age = bss_expire_age;
4505
4506 return 0;
4507 }
4508
4509
4510 /**
4511 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4512 * @wpa_s: wpa_supplicant structure for a network interface
4513 * @expire_count: number of scans after which an unseen BSS is reclaimed
4514 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4515 *
4516 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)4517 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4518 unsigned int bss_expire_count)
4519 {
4520 if (bss_expire_count < 1) {
4521 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4522 bss_expire_count);
4523 return -1;
4524 }
4525 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4526 bss_expire_count);
4527 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4528
4529 return 0;
4530 }
4531
4532
4533 /**
4534 * wpa_supplicant_set_scan_interval - Set scan interval
4535 * @wpa_s: wpa_supplicant structure for a network interface
4536 * @scan_interval: scan interval in seconds
4537 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4538 *
4539 */
wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)4540 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4541 int scan_interval)
4542 {
4543 if (scan_interval < 0) {
4544 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4545 scan_interval);
4546 return -1;
4547 }
4548 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4549 scan_interval);
4550 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
4551
4552 return 0;
4553 }
4554
4555
4556 /**
4557 * wpa_supplicant_set_debug_params - Set global debug params
4558 * @global: wpa_global structure
4559 * @debug_level: debug level
4560 * @debug_timestamp: determines if show timestamp in debug data
4561 * @debug_show_keys: determines if show keys in debug data
4562 * Returns: 0 if succeed or -1 if debug_level has wrong value
4563 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)4564 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4565 int debug_timestamp, int debug_show_keys)
4566 {
4567
4568 int old_level, old_timestamp, old_show_keys;
4569
4570 /* check for allowed debuglevels */
4571 if (debug_level != MSG_EXCESSIVE &&
4572 debug_level != MSG_MSGDUMP &&
4573 debug_level != MSG_DEBUG &&
4574 debug_level != MSG_INFO &&
4575 debug_level != MSG_WARNING &&
4576 debug_level != MSG_ERROR)
4577 return -1;
4578
4579 old_level = wpa_debug_level;
4580 old_timestamp = wpa_debug_timestamp;
4581 old_show_keys = wpa_debug_show_keys;
4582
4583 wpa_debug_level = debug_level;
4584 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4585 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4586
4587 if (wpa_debug_level != old_level)
4588 wpas_notify_debug_level_changed(global);
4589 if (wpa_debug_timestamp != old_timestamp)
4590 wpas_notify_debug_timestamp_changed(global);
4591 if (wpa_debug_show_keys != old_show_keys)
4592 wpas_notify_debug_show_keys_changed(global);
4593
4594 return 0;
4595 }
4596
4597
4598 #ifdef CONFIG_OWE
owe_trans_ssid_match(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * entry_ssid,size_t entry_ssid_len)4599 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4600 const u8 *entry_ssid, size_t entry_ssid_len)
4601 {
4602 const u8 *owe, *pos, *end;
4603 u8 ssid_len;
4604 struct wpa_bss *bss;
4605
4606 /* Check network profile SSID aganst the SSID in the
4607 * OWE Transition Mode element. */
4608
4609 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4610 if (!bss)
4611 return 0;
4612
4613 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4614 if (!owe)
4615 return 0;
4616
4617 pos = owe + 6;
4618 end = owe + 2 + owe[1];
4619
4620 if (end - pos < ETH_ALEN + 1)
4621 return 0;
4622 pos += ETH_ALEN;
4623 ssid_len = *pos++;
4624 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4625 return 0;
4626
4627 return entry_ssid_len == ssid_len &&
4628 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4629 }
4630 #endif /* CONFIG_OWE */
4631
4632
4633 /**
4634 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4635 * @wpa_s: Pointer to wpa_supplicant data
4636 * Returns: A pointer to the current network structure or %NULL on failure
4637 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)4638 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4639 {
4640 struct wpa_ssid *entry;
4641 u8 ssid[SSID_MAX_LEN];
4642 int res;
4643 size_t ssid_len;
4644 u8 bssid[ETH_ALEN];
4645 int wired;
4646
4647 res = wpa_drv_get_ssid(wpa_s, ssid);
4648 if (res < 0) {
4649 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4650 "driver");
4651 return NULL;
4652 }
4653 ssid_len = res;
4654
4655 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
4656 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4657 "driver");
4658 return NULL;
4659 }
4660
4661 wired = wpa_s->conf->ap_scan == 0 &&
4662 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
4663
4664 entry = wpa_s->conf->ssid;
4665 while (entry) {
4666 if (!wpas_network_disabled(wpa_s, entry) &&
4667 ((ssid_len == entry->ssid_len &&
4668 (!entry->ssid ||
4669 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4670 wired) &&
4671 (!entry->bssid_set ||
4672 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4673 return entry;
4674 #ifdef CONFIG_WPS
4675 if (!wpas_network_disabled(wpa_s, entry) &&
4676 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4677 (entry->ssid == NULL || entry->ssid_len == 0) &&
4678 (!entry->bssid_set ||
4679 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4680 return entry;
4681 #endif /* CONFIG_WPS */
4682
4683 #ifdef CONFIG_OWE
4684 if (!wpas_network_disabled(wpa_s, entry) &&
4685 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4686 entry->ssid_len) &&
4687 (!entry->bssid_set ||
4688 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4689 return entry;
4690 #endif /* CONFIG_OWE */
4691
4692 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
4693 entry->ssid_len == 0 &&
4694 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4695 return entry;
4696
4697 entry = entry->next;
4698 }
4699
4700 return NULL;
4701 }
4702
4703
select_driver(struct wpa_supplicant * wpa_s,int i)4704 static int select_driver(struct wpa_supplicant *wpa_s, int i)
4705 {
4706 struct wpa_global *global = wpa_s->global;
4707
4708 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
4709 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
4710 if (global->drv_priv[i] == NULL) {
4711 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4712 "'%s'", wpa_drivers[i]->name);
4713 return -1;
4714 }
4715 }
4716
4717 wpa_s->driver = wpa_drivers[i];
4718 wpa_s->global_drv_priv = global->drv_priv[i];
4719
4720 return 0;
4721 }
4722
4723
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)4724 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4725 const char *name)
4726 {
4727 int i;
4728 size_t len;
4729 const char *pos, *driver = name;
4730
4731 if (wpa_s == NULL)
4732 return -1;
4733
4734 if (wpa_drivers[0] == NULL) {
4735 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4736 "wpa_supplicant");
4737 return -1;
4738 }
4739
4740 if (name == NULL) {
4741 /* default to first driver in the list */
4742 return select_driver(wpa_s, 0);
4743 }
4744
4745 do {
4746 pos = os_strchr(driver, ',');
4747 if (pos)
4748 len = pos - driver;
4749 else
4750 len = os_strlen(driver);
4751
4752 for (i = 0; wpa_drivers[i]; i++) {
4753 if (os_strlen(wpa_drivers[i]->name) == len &&
4754 os_strncmp(driver, wpa_drivers[i]->name, len) ==
4755 0) {
4756 /* First driver that succeeds wins */
4757 if (select_driver(wpa_s, i) == 0)
4758 return 0;
4759 }
4760 }
4761
4762 driver = pos + 1;
4763 } while (pos);
4764
4765 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
4766 return -1;
4767 }
4768
4769
4770 /**
4771 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
4772 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
4773 * with struct wpa_driver_ops::init()
4774 * @src_addr: Source address of the EAPOL frame
4775 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
4776 * @len: Length of the EAPOL data
4777 *
4778 * This function is called for each received EAPOL frame. Most driver
4779 * interfaces rely on more generic OS mechanism for receiving frames through
4780 * l2_packet, but if such a mechanism is not available, the driver wrapper may
4781 * take care of received EAPOL frames and deliver them to the core supplicant
4782 * code by calling this function.
4783 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)4784 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
4785 const u8 *buf, size_t len)
4786 {
4787 struct wpa_supplicant *wpa_s = ctx;
4788
4789 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
4790 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
4791
4792 #ifdef CONFIG_TESTING_OPTIONS
4793 if (wpa_s->ignore_auth_resp) {
4794 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
4795 return;
4796 }
4797 #endif /* CONFIG_TESTING_OPTIONS */
4798
4799 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
4800 (wpa_s->last_eapol_matches_bssid &&
4801 #ifdef CONFIG_AP
4802 !wpa_s->ap_iface &&
4803 #endif /* CONFIG_AP */
4804 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
4805 /*
4806 * There is possible race condition between receiving the
4807 * association event and the EAPOL frame since they are coming
4808 * through different paths from the driver. In order to avoid
4809 * issues in trying to process the EAPOL frame before receiving
4810 * association information, lets queue it for processing until
4811 * the association event is received. This may also be needed in
4812 * driver-based roaming case, so also use src_addr != BSSID as a
4813 * trigger if we have previously confirmed that the
4814 * Authenticator uses BSSID as the src_addr (which is not the
4815 * case with wired IEEE 802.1X).
4816 */
4817 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
4818 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
4819 wpa_supplicant_state_txt(wpa_s->wpa_state),
4820 MAC2STR(wpa_s->bssid));
4821 wpabuf_free(wpa_s->pending_eapol_rx);
4822 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
4823 if (wpa_s->pending_eapol_rx) {
4824 os_get_reltime(&wpa_s->pending_eapol_rx_time);
4825 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
4826 ETH_ALEN);
4827 }
4828 return;
4829 }
4830
4831 wpa_s->last_eapol_matches_bssid =
4832 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
4833
4834 #ifdef CONFIG_AP
4835 if (wpa_s->ap_iface) {
4836 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
4837 return;
4838 }
4839 #endif /* CONFIG_AP */
4840
4841 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
4842 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
4843 "no key management is configured");
4844 return;
4845 }
4846
4847 if (wpa_s->eapol_received == 0 &&
4848 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
4849 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
4850 wpa_s->wpa_state != WPA_COMPLETED) &&
4851 (wpa_s->current_ssid == NULL ||
4852 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
4853 /* Timeout for completing IEEE 802.1X and WPA authentication */
4854 int timeout = 10;
4855
4856 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
4857 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
4858 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4859 /* Use longer timeout for IEEE 802.1X/EAP */
4860 timeout = 70;
4861 }
4862
4863 #ifdef CONFIG_WPS
4864 if (wpa_s->current_ssid && wpa_s->current_bss &&
4865 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
4866 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
4867 /*
4868 * Use shorter timeout if going through WPS AP iteration
4869 * for PIN config method with an AP that does not
4870 * advertise Selected Registrar.
4871 */
4872 struct wpabuf *wps_ie;
4873
4874 wps_ie = wpa_bss_get_vendor_ie_multi(
4875 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
4876 if (wps_ie &&
4877 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
4878 timeout = 10;
4879 wpabuf_free(wps_ie);
4880 }
4881 #endif /* CONFIG_WPS */
4882
4883 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4884 }
4885 wpa_s->eapol_received++;
4886
4887 if (wpa_s->countermeasures) {
4888 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
4889 "EAPOL packet");
4890 return;
4891 }
4892
4893 #ifdef CONFIG_IBSS_RSN
4894 if (wpa_s->current_ssid &&
4895 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
4896 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
4897 return;
4898 }
4899 #endif /* CONFIG_IBSS_RSN */
4900
4901 /* Source address of the incoming EAPOL frame could be compared to the
4902 * current BSSID. However, it is possible that a centralized
4903 * Authenticator could be using another MAC address than the BSSID of
4904 * an AP, so just allow any address to be used for now. The replies are
4905 * still sent to the current BSSID (if available), though. */
4906
4907 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
4908 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
4909 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
4910 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
4911 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
4912 return;
4913 wpa_drv_poll(wpa_s);
4914 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
4915 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
4916 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
4917 /*
4918 * Set portValid = true here since we are going to skip 4-way
4919 * handshake processing which would normally set portValid. We
4920 * need this to allow the EAPOL state machines to be completed
4921 * without going through EAPOL-Key handshake.
4922 */
4923 eapol_sm_notify_portValid(wpa_s->eapol, true);
4924 }
4925 }
4926
4927
wpas_eapol_needs_l2_packet(struct wpa_supplicant * wpa_s)4928 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s)
4929 {
4930 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) ||
4931 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX);
4932 }
4933
4934
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)4935 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
4936 {
4937 if ((!wpa_s->p2p_mgmt ||
4938 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
4939 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
4940 l2_packet_deinit(wpa_s->l2);
4941 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
4942 wpa_drv_get_mac_addr(wpa_s),
4943 ETH_P_EAPOL,
4944 wpas_eapol_needs_l2_packet(wpa_s) ?
4945 wpa_supplicant_rx_eapol : NULL,
4946 wpa_s, 0);
4947 if (wpa_s->l2 == NULL)
4948 return -1;
4949
4950 if (l2_packet_set_packet_filter(wpa_s->l2,
4951 L2_PACKET_FILTER_PKTTYPE))
4952 wpa_dbg(wpa_s, MSG_DEBUG,
4953 "Failed to attach pkt_type filter");
4954
4955 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
4956 wpa_msg(wpa_s, MSG_ERROR,
4957 "Failed to get own L2 address");
4958 return -1;
4959 }
4960 } else {
4961 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
4962 if (addr)
4963 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
4964 }
4965
4966 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
4967 wpas_wps_update_mac_addr(wpa_s);
4968
4969 #ifdef CONFIG_FST
4970 if (wpa_s->fst)
4971 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
4972 #endif /* CONFIG_FST */
4973
4974 return 0;
4975 }
4976
4977
wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)4978 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
4979 const u8 *buf, size_t len)
4980 {
4981 struct wpa_supplicant *wpa_s = ctx;
4982 const struct l2_ethhdr *eth;
4983
4984 if (len < sizeof(*eth))
4985 return;
4986 eth = (const struct l2_ethhdr *) buf;
4987
4988 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
4989 !(eth->h_dest[0] & 0x01)) {
4990 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4991 " (bridge - not for this interface - ignore)",
4992 MAC2STR(src_addr), MAC2STR(eth->h_dest));
4993 return;
4994 }
4995
4996 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
4997 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
4998 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
4999 len - sizeof(*eth));
5000 }
5001
5002
wpa_supplicant_update_bridge_ifname(struct wpa_supplicant * wpa_s,const char * bridge_ifname)5003 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
5004 const char *bridge_ifname)
5005 {
5006 if (wpa_s->wpa_state > WPA_SCANNING)
5007 return -EBUSY;
5008
5009 if (bridge_ifname &&
5010 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
5011 return -EINVAL;
5012
5013 if (!bridge_ifname)
5014 bridge_ifname = "";
5015
5016 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
5017 return 0;
5018
5019 if (wpa_s->l2_br) {
5020 l2_packet_deinit(wpa_s->l2_br);
5021 wpa_s->l2_br = NULL;
5022 }
5023
5024 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
5025 sizeof(wpa_s->bridge_ifname));
5026
5027 if (wpa_s->bridge_ifname[0]) {
5028 wpa_dbg(wpa_s, MSG_DEBUG,
5029 "Receiving packets from bridge interface '%s'",
5030 wpa_s->bridge_ifname);
5031 wpa_s->l2_br = l2_packet_init_bridge(
5032 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5033 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5034 if (!wpa_s->l2_br) {
5035 wpa_msg(wpa_s, MSG_ERROR,
5036 "Failed to open l2_packet connection for the bridge interface '%s'",
5037 wpa_s->bridge_ifname);
5038 goto fail;
5039 }
5040 }
5041
5042 #ifdef CONFIG_TDLS
5043 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
5044 goto fail;
5045 #endif /* CONFIG_TDLS */
5046
5047 return 0;
5048 fail:
5049 wpa_s->bridge_ifname[0] = 0;
5050 if (wpa_s->l2_br) {
5051 l2_packet_deinit(wpa_s->l2_br);
5052 wpa_s->l2_br = NULL;
5053 }
5054 #ifdef CONFIG_TDLS
5055 if (!wpa_s->p2p_mgmt)
5056 wpa_tdls_init(wpa_s->wpa);
5057 #endif /* CONFIG_TDLS */
5058 return -EIO;
5059 }
5060
5061
5062 /**
5063 * wpa_supplicant_driver_init - Initialize driver interface parameters
5064 * @wpa_s: Pointer to wpa_supplicant data
5065 * Returns: 0 on success, -1 on failure
5066 *
5067 * This function is called to initialize driver interface parameters.
5068 * wpa_drv_init() must have been called before this function to initialize the
5069 * driver interface.
5070 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)5071 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
5072 {
5073 static int interface_count = 0;
5074
5075 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
5076 return -1;
5077
5078 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
5079 MAC2STR(wpa_s->own_addr));
5080 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
5081 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5082
5083 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) {
5084 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
5085 "interface '%s'", wpa_s->bridge_ifname);
5086 wpa_s->l2_br = l2_packet_init_bridge(
5087 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5088 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5089 if (wpa_s->l2_br == NULL) {
5090 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
5091 "connection for the bridge interface '%s'",
5092 wpa_s->bridge_ifname);
5093 return -1;
5094 }
5095 }
5096
5097 if (wpa_s->conf->ap_scan == 2 &&
5098 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5099 wpa_printf(MSG_INFO,
5100 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5101 }
5102
5103 wpa_clear_keys(wpa_s, NULL);
5104
5105 /* Make sure that TKIP countermeasures are not left enabled (could
5106 * happen if wpa_supplicant is killed during countermeasures. */
5107 wpa_drv_set_countermeasures(wpa_s, 0);
5108
5109 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
5110 wpa_drv_flush_pmkid(wpa_s);
5111
5112 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
5113 wpa_s->prev_scan_wildcard = 0;
5114
5115 if (wpa_supplicant_enabled_networks(wpa_s)) {
5116 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
5117 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5118 interface_count = 0;
5119 }
5120 #ifndef ANDROID
5121 if (!wpa_s->p2p_mgmt &&
5122 wpa_supplicant_delayed_sched_scan(wpa_s,
5123 interface_count % 3,
5124 100000))
5125 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
5126 100000);
5127 #endif /* ANDROID */
5128 interface_count++;
5129 } else
5130 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
5131
5132 return 0;
5133 }
5134
5135
wpa_supplicant_daemon(const char * pid_file)5136 static int wpa_supplicant_daemon(const char *pid_file)
5137 {
5138 wpa_printf(MSG_DEBUG, "Daemonize..");
5139 return os_daemonize(pid_file);
5140 }
5141
5142
5143 static struct wpa_supplicant *
wpa_supplicant_alloc(struct wpa_supplicant * parent)5144 wpa_supplicant_alloc(struct wpa_supplicant *parent)
5145 {
5146 struct wpa_supplicant *wpa_s;
5147
5148 wpa_s = os_zalloc(sizeof(*wpa_s));
5149 if (wpa_s == NULL)
5150 return NULL;
5151 wpa_s->scan_req = INITIAL_SCAN_REQ;
5152 wpa_s->scan_interval = 5;
5153 wpa_s->new_connection = 1;
5154 wpa_s->parent = parent ? parent : wpa_s;
5155 wpa_s->p2pdev = wpa_s->parent;
5156 wpa_s->sched_scanning = 0;
5157 wpa_s->setband_mask = WPA_SETBAND_AUTO;
5158
5159 dl_list_init(&wpa_s->bss_tmp_disallowed);
5160 dl_list_init(&wpa_s->fils_hlp_req);
5161 #ifdef CONFIG_TESTING_OPTIONS
5162 dl_list_init(&wpa_s->drv_signal_override);
5163 #endif /* CONFIG_TESTING_OPTIONS */
5164
5165 return wpa_s;
5166 }
5167
5168
5169 #ifdef CONFIG_HT_OVERRIDES
5170
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)5171 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
5172 struct ieee80211_ht_capabilities *htcaps,
5173 struct ieee80211_ht_capabilities *htcaps_mask,
5174 const char *ht_mcs)
5175 {
5176 /* parse ht_mcs into hex array */
5177 int i;
5178 const char *tmp = ht_mcs;
5179 char *end = NULL;
5180
5181 /* If ht_mcs is null, do not set anything */
5182 if (!ht_mcs)
5183 return 0;
5184
5185 /* This is what we are setting in the kernel */
5186 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
5187
5188 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
5189
5190 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
5191 long v;
5192
5193 errno = 0;
5194 v = strtol(tmp, &end, 16);
5195
5196 if (errno == 0) {
5197 wpa_msg(wpa_s, MSG_DEBUG,
5198 "htcap value[%i]: %ld end: %p tmp: %p",
5199 i, v, end, tmp);
5200 if (end == tmp)
5201 break;
5202
5203 htcaps->supported_mcs_set[i] = v;
5204 tmp = end;
5205 } else {
5206 wpa_msg(wpa_s, MSG_ERROR,
5207 "Failed to parse ht-mcs: %s, error: %s\n",
5208 ht_mcs, strerror(errno));
5209 return -1;
5210 }
5211 }
5212
5213 /*
5214 * If we were able to parse any values, then set mask for the MCS set.
5215 */
5216 if (i) {
5217 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
5218 IEEE80211_HT_MCS_MASK_LEN - 1);
5219 /* skip the 3 reserved bits */
5220 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
5221 0x1f;
5222 }
5223
5224 return 0;
5225 }
5226
5227
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5228 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
5229 struct ieee80211_ht_capabilities *htcaps,
5230 struct ieee80211_ht_capabilities *htcaps_mask,
5231 int disabled)
5232 {
5233 le16 msk;
5234
5235 if (disabled == -1)
5236 return 0;
5237
5238 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
5239
5240 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
5241 htcaps_mask->ht_capabilities_info |= msk;
5242 if (disabled)
5243 htcaps->ht_capabilities_info &= msk;
5244 else
5245 htcaps->ht_capabilities_info |= msk;
5246
5247 return 0;
5248 }
5249
5250
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)5251 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
5252 struct ieee80211_ht_capabilities *htcaps,
5253 struct ieee80211_ht_capabilities *htcaps_mask,
5254 int factor)
5255 {
5256 if (factor == -1)
5257 return 0;
5258
5259 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
5260
5261 if (factor < 0 || factor > 3) {
5262 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
5263 "Must be 0-3 or -1", factor);
5264 return -EINVAL;
5265 }
5266
5267 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
5268 htcaps->a_mpdu_params &= ~0x3;
5269 htcaps->a_mpdu_params |= factor & 0x3;
5270
5271 return 0;
5272 }
5273
5274
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)5275 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
5276 struct ieee80211_ht_capabilities *htcaps,
5277 struct ieee80211_ht_capabilities *htcaps_mask,
5278 int density)
5279 {
5280 if (density == -1)
5281 return 0;
5282
5283 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
5284
5285 if (density < 0 || density > 7) {
5286 wpa_msg(wpa_s, MSG_ERROR,
5287 "ampdu_density: %d out of range. Must be 0-7 or -1.",
5288 density);
5289 return -EINVAL;
5290 }
5291
5292 htcaps_mask->a_mpdu_params |= 0x1C;
5293 htcaps->a_mpdu_params &= ~(0x1C);
5294 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
5295
5296 return 0;
5297 }
5298
5299
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5300 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
5301 struct ieee80211_ht_capabilities *htcaps,
5302 struct ieee80211_ht_capabilities *htcaps_mask,
5303 int disabled)
5304 {
5305 if (disabled)
5306 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
5307
5308 set_disable_ht40(htcaps, disabled);
5309 set_disable_ht40(htcaps_mask, 0);
5310
5311 return 0;
5312 }
5313
5314
wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5315 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
5316 struct ieee80211_ht_capabilities *htcaps,
5317 struct ieee80211_ht_capabilities *htcaps_mask,
5318 int disabled)
5319 {
5320 /* Masking these out disables SGI */
5321 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
5322 HT_CAP_INFO_SHORT_GI40MHZ);
5323
5324 if (disabled)
5325 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
5326
5327 if (disabled)
5328 htcaps->ht_capabilities_info &= ~msk;
5329 else
5330 htcaps->ht_capabilities_info |= msk;
5331
5332 htcaps_mask->ht_capabilities_info |= msk;
5333
5334 return 0;
5335 }
5336
5337
wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5338 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5339 struct ieee80211_ht_capabilities *htcaps,
5340 struct ieee80211_ht_capabilities *htcaps_mask,
5341 int disabled)
5342 {
5343 /* Masking these out disables LDPC */
5344 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
5345
5346 if (disabled)
5347 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
5348
5349 if (disabled)
5350 htcaps->ht_capabilities_info &= ~msk;
5351 else
5352 htcaps->ht_capabilities_info |= msk;
5353
5354 htcaps_mask->ht_capabilities_info |= msk;
5355
5356 return 0;
5357 }
5358
5359
wpa_set_tx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int tx_stbc)5360 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5361 struct ieee80211_ht_capabilities *htcaps,
5362 struct ieee80211_ht_capabilities *htcaps_mask,
5363 int tx_stbc)
5364 {
5365 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5366
5367 if (tx_stbc == -1)
5368 return 0;
5369
5370 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5371
5372 if (tx_stbc < 0 || tx_stbc > 1) {
5373 wpa_msg(wpa_s, MSG_ERROR,
5374 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5375 return -EINVAL;
5376 }
5377
5378 htcaps_mask->ht_capabilities_info |= msk;
5379 htcaps->ht_capabilities_info &= ~msk;
5380 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5381
5382 return 0;
5383 }
5384
5385
wpa_set_rx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int rx_stbc)5386 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5387 struct ieee80211_ht_capabilities *htcaps,
5388 struct ieee80211_ht_capabilities *htcaps_mask,
5389 int rx_stbc)
5390 {
5391 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5392
5393 if (rx_stbc == -1)
5394 return 0;
5395
5396 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5397
5398 if (rx_stbc < 0 || rx_stbc > 3) {
5399 wpa_msg(wpa_s, MSG_ERROR,
5400 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5401 return -EINVAL;
5402 }
5403
5404 htcaps_mask->ht_capabilities_info |= msk;
5405 htcaps->ht_capabilities_info &= ~msk;
5406 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5407
5408 return 0;
5409 }
5410
5411
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5412 void wpa_supplicant_apply_ht_overrides(
5413 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5414 struct wpa_driver_associate_params *params)
5415 {
5416 struct ieee80211_ht_capabilities *htcaps;
5417 struct ieee80211_ht_capabilities *htcaps_mask;
5418
5419 if (!ssid)
5420 return;
5421
5422 params->disable_ht = ssid->disable_ht;
5423 if (!params->htcaps || !params->htcaps_mask)
5424 return;
5425
5426 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5427 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5428 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5429 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5430 ssid->disable_max_amsdu);
5431 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5432 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5433 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
5434 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
5435 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
5436 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5437 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
5438
5439 if (ssid->ht40_intolerant) {
5440 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
5441 htcaps->ht_capabilities_info |= bit;
5442 htcaps_mask->ht_capabilities_info |= bit;
5443 }
5444 }
5445
5446 #endif /* CONFIG_HT_OVERRIDES */
5447
5448
5449 #ifdef CONFIG_VHT_OVERRIDES
wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5450 void wpa_supplicant_apply_vht_overrides(
5451 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5452 struct wpa_driver_associate_params *params)
5453 {
5454 struct ieee80211_vht_capabilities *vhtcaps;
5455 struct ieee80211_vht_capabilities *vhtcaps_mask;
5456
5457 if (!ssid)
5458 return;
5459
5460 params->disable_vht = ssid->disable_vht;
5461
5462 vhtcaps = (void *) params->vhtcaps;
5463 vhtcaps_mask = (void *) params->vhtcaps_mask;
5464
5465 if (!vhtcaps || !vhtcaps_mask)
5466 return;
5467
5468 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5469 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
5470
5471 #ifdef CONFIG_HT_OVERRIDES
5472 if (ssid->disable_sgi) {
5473 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5474 VHT_CAP_SHORT_GI_160);
5475 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5476 VHT_CAP_SHORT_GI_160);
5477 wpa_msg(wpa_s, MSG_DEBUG,
5478 "disable-sgi override specified, vht-caps: 0x%x",
5479 vhtcaps->vht_capabilities_info);
5480 }
5481
5482 /* if max ampdu is <= 3, we have to make the HT cap the same */
5483 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5484 int max_ampdu;
5485
5486 max_ampdu = (ssid->vht_capa &
5487 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5488 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
5489
5490 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5491 wpa_set_ampdu_factor(wpa_s,
5492 (void *) params->htcaps,
5493 (void *) params->htcaps_mask,
5494 max_ampdu);
5495 }
5496 #endif /* CONFIG_HT_OVERRIDES */
5497
5498 #define OVERRIDE_MCS(i) \
5499 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5500 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
5501 host_to_le16(3 << 2 * (i - 1)); \
5502 vhtcaps->vht_supported_mcs_set.tx_map |= \
5503 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5504 2 * (i - 1)); \
5505 } \
5506 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5507 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
5508 host_to_le16(3 << 2 * (i - 1)); \
5509 vhtcaps->vht_supported_mcs_set.rx_map |= \
5510 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5511 2 * (i - 1)); \
5512 }
5513
5514 OVERRIDE_MCS(1);
5515 OVERRIDE_MCS(2);
5516 OVERRIDE_MCS(3);
5517 OVERRIDE_MCS(4);
5518 OVERRIDE_MCS(5);
5519 OVERRIDE_MCS(6);
5520 OVERRIDE_MCS(7);
5521 OVERRIDE_MCS(8);
5522 }
5523 #endif /* CONFIG_VHT_OVERRIDES */
5524
5525
5526 #ifdef CONFIG_HE_OVERRIDES
wpa_supplicant_apply_he_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5527 void wpa_supplicant_apply_he_overrides(
5528 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5529 struct wpa_driver_associate_params *params)
5530 {
5531 if (!ssid)
5532 return;
5533
5534 params->disable_he = ssid->disable_he;
5535 }
5536 #endif /* CONFIG_HE_OVERRIDES */
5537
5538
pcsc_reader_init(struct wpa_supplicant * wpa_s)5539 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5540 {
5541 #ifdef PCSC_FUNCS
5542 size_t len;
5543
5544 if (!wpa_s->conf->pcsc_reader)
5545 return 0;
5546
5547 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
5548 if (!wpa_s->scard)
5549 return 1;
5550
5551 if (wpa_s->conf->pcsc_pin &&
5552 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5553 scard_deinit(wpa_s->scard);
5554 wpa_s->scard = NULL;
5555 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5556 return -1;
5557 }
5558
5559 len = sizeof(wpa_s->imsi) - 1;
5560 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5561 scard_deinit(wpa_s->scard);
5562 wpa_s->scard = NULL;
5563 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5564 return -1;
5565 }
5566 wpa_s->imsi[len] = '\0';
5567
5568 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5569
5570 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5571 wpa_s->imsi, wpa_s->mnc_len);
5572
5573 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5574 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5575 #endif /* PCSC_FUNCS */
5576
5577 return 0;
5578 }
5579
5580
wpas_init_ext_pw(struct wpa_supplicant * wpa_s)5581 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5582 {
5583 char *val, *pos;
5584
5585 ext_password_deinit(wpa_s->ext_pw);
5586 wpa_s->ext_pw = NULL;
5587 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5588
5589 if (!wpa_s->conf->ext_password_backend)
5590 return 0;
5591
5592 val = os_strdup(wpa_s->conf->ext_password_backend);
5593 if (val == NULL)
5594 return -1;
5595 pos = os_strchr(val, ':');
5596 if (pos)
5597 *pos++ = '\0';
5598
5599 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5600
5601 wpa_s->ext_pw = ext_password_init(val, pos);
5602 os_free(val);
5603 if (wpa_s->ext_pw == NULL) {
5604 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5605 return -1;
5606 }
5607 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5608
5609 return 0;
5610 }
5611
5612
5613 #ifdef CONFIG_FST
5614
wpas_fst_get_bssid_cb(void * ctx)5615 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5616 {
5617 struct wpa_supplicant *wpa_s = ctx;
5618
5619 return (is_zero_ether_addr(wpa_s->bssid) ||
5620 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5621 }
5622
5623
wpas_fst_get_channel_info_cb(void * ctx,enum hostapd_hw_mode * hw_mode,u8 * channel)5624 static void wpas_fst_get_channel_info_cb(void *ctx,
5625 enum hostapd_hw_mode *hw_mode,
5626 u8 *channel)
5627 {
5628 struct wpa_supplicant *wpa_s = ctx;
5629
5630 if (wpa_s->current_bss) {
5631 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5632 channel);
5633 } else if (wpa_s->hw.num_modes) {
5634 *hw_mode = wpa_s->hw.modes[0].mode;
5635 } else {
5636 WPA_ASSERT(0);
5637 *hw_mode = 0;
5638 }
5639 }
5640
5641
wpas_fst_get_hw_modes(void * ctx,struct hostapd_hw_modes ** modes)5642 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5643 {
5644 struct wpa_supplicant *wpa_s = ctx;
5645
5646 *modes = wpa_s->hw.modes;
5647 return wpa_s->hw.num_modes;
5648 }
5649
5650
wpas_fst_set_ies_cb(void * ctx,const struct wpabuf * fst_ies)5651 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
5652 {
5653 struct wpa_supplicant *wpa_s = ctx;
5654
5655 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
5656 wpa_s->fst_ies = fst_ies;
5657 }
5658
5659
wpas_fst_send_action_cb(void * ctx,const u8 * da,struct wpabuf * data)5660 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5661 {
5662 struct wpa_supplicant *wpa_s = ctx;
5663
5664 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5665 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5666 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5667 return -1;
5668 }
5669 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5670 wpa_s->own_addr, wpa_s->bssid,
5671 wpabuf_head(data), wpabuf_len(data),
5672 0);
5673 }
5674
5675
wpas_fst_get_mb_ie_cb(void * ctx,const u8 * addr)5676 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
5677 {
5678 struct wpa_supplicant *wpa_s = ctx;
5679
5680 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5681 return wpa_s->received_mb_ies;
5682 }
5683
5684
wpas_fst_update_mb_ie_cb(void * ctx,const u8 * addr,const u8 * buf,size_t size)5685 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5686 const u8 *buf, size_t size)
5687 {
5688 struct wpa_supplicant *wpa_s = ctx;
5689 struct mb_ies_info info;
5690
5691 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5692
5693 if (!mb_ies_info_by_ies(&info, buf, size)) {
5694 wpabuf_free(wpa_s->received_mb_ies);
5695 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5696 }
5697 }
5698
5699
wpas_fst_get_peer_first(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)5700 static const u8 * wpas_fst_get_peer_first(void *ctx,
5701 struct fst_get_peer_ctx **get_ctx,
5702 bool mb_only)
5703 {
5704 struct wpa_supplicant *wpa_s = ctx;
5705
5706 *get_ctx = NULL;
5707 if (!is_zero_ether_addr(wpa_s->bssid))
5708 return (wpa_s->received_mb_ies || !mb_only) ?
5709 wpa_s->bssid : NULL;
5710 return NULL;
5711 }
5712
5713
wpas_fst_get_peer_next(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)5714 static const u8 * wpas_fst_get_peer_next(void *ctx,
5715 struct fst_get_peer_ctx **get_ctx,
5716 bool mb_only)
5717 {
5718 return NULL;
5719 }
5720
fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant * wpa_s,struct fst_wpa_obj * iface_obj)5721 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5722 struct fst_wpa_obj *iface_obj)
5723 {
5724 iface_obj->ctx = wpa_s;
5725 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5726 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5727 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5728 iface_obj->set_ies = wpas_fst_set_ies_cb;
5729 iface_obj->send_action = wpas_fst_send_action_cb;
5730 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
5731 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
5732 iface_obj->get_peer_first = wpas_fst_get_peer_first;
5733 iface_obj->get_peer_next = wpas_fst_get_peer_next;
5734 }
5735 #endif /* CONFIG_FST */
5736
wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)5737 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
5738 const struct wpa_driver_capa *capa)
5739 {
5740 struct wowlan_triggers *triggers;
5741 int ret = 0;
5742
5743 if (!wpa_s->conf->wowlan_triggers)
5744 return 0;
5745
5746 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
5747 if (triggers) {
5748 ret = wpa_drv_wowlan(wpa_s, triggers);
5749 os_free(triggers);
5750 }
5751 return ret;
5752 }
5753
5754
wpas_freq_to_band(int freq)5755 enum wpa_radio_work_band wpas_freq_to_band(int freq)
5756 {
5757 if (freq < 3000)
5758 return BAND_2_4_GHZ;
5759 if (freq > 50000)
5760 return BAND_60_GHZ;
5761 return BAND_5_GHZ;
5762 }
5763
5764
wpas_get_bands(struct wpa_supplicant * wpa_s,const int * freqs)5765 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
5766 {
5767 int i;
5768 unsigned int band = 0;
5769
5770 if (freqs) {
5771 /* freqs are specified for the radio work */
5772 for (i = 0; freqs[i]; i++)
5773 band |= wpas_freq_to_band(freqs[i]);
5774 } else {
5775 /*
5776 * freqs are not specified, implies all
5777 * the supported freqs by HW
5778 */
5779 for (i = 0; i < wpa_s->hw.num_modes; i++) {
5780 if (wpa_s->hw.modes[i].num_channels != 0) {
5781 if (wpa_s->hw.modes[i].mode ==
5782 HOSTAPD_MODE_IEEE80211B ||
5783 wpa_s->hw.modes[i].mode ==
5784 HOSTAPD_MODE_IEEE80211G)
5785 band |= BAND_2_4_GHZ;
5786 else if (wpa_s->hw.modes[i].mode ==
5787 HOSTAPD_MODE_IEEE80211A)
5788 band |= BAND_5_GHZ;
5789 else if (wpa_s->hw.modes[i].mode ==
5790 HOSTAPD_MODE_IEEE80211AD)
5791 band |= BAND_60_GHZ;
5792 else if (wpa_s->hw.modes[i].mode ==
5793 HOSTAPD_MODE_IEEE80211ANY)
5794 band = BAND_2_4_GHZ | BAND_5_GHZ |
5795 BAND_60_GHZ;
5796 }
5797 }
5798 }
5799
5800 return band;
5801 }
5802
5803
radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)5804 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
5805 const char *rn)
5806 {
5807 struct wpa_supplicant *iface = wpa_s->global->ifaces;
5808 struct wpa_radio *radio;
5809
5810 while (rn && iface) {
5811 radio = iface->radio;
5812 if (radio && os_strcmp(rn, radio->name) == 0) {
5813 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
5814 wpa_s->ifname, rn);
5815 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5816 return radio;
5817 }
5818
5819 iface = iface->next;
5820 }
5821
5822 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
5823 wpa_s->ifname, rn ? rn : "N/A");
5824 radio = os_zalloc(sizeof(*radio));
5825 if (radio == NULL)
5826 return NULL;
5827
5828 if (rn)
5829 os_strlcpy(radio->name, rn, sizeof(radio->name));
5830 dl_list_init(&radio->ifaces);
5831 dl_list_init(&radio->work);
5832 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
5833
5834 return radio;
5835 }
5836
5837
radio_work_free(struct wpa_radio_work * work)5838 static void radio_work_free(struct wpa_radio_work *work)
5839 {
5840 if (work->wpa_s->scan_work == work) {
5841 /* This should not really happen. */
5842 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
5843 work->type, work, work->started);
5844 work->wpa_s->scan_work = NULL;
5845 }
5846
5847 #ifdef CONFIG_P2P
5848 if (work->wpa_s->p2p_scan_work == work) {
5849 /* This should not really happen. */
5850 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
5851 work->type, work, work->started);
5852 work->wpa_s->p2p_scan_work = NULL;
5853 }
5854 #endif /* CONFIG_P2P */
5855
5856 if (work->started) {
5857 work->wpa_s->radio->num_active_works--;
5858 wpa_dbg(work->wpa_s, MSG_DEBUG,
5859 "radio_work_free('%s'@%p): num_active_works --> %u",
5860 work->type, work,
5861 work->wpa_s->radio->num_active_works);
5862 }
5863
5864 dl_list_del(&work->list);
5865 os_free(work);
5866 }
5867
5868
radio_work_is_connect(struct wpa_radio_work * work)5869 static int radio_work_is_connect(struct wpa_radio_work *work)
5870 {
5871 return os_strcmp(work->type, "sme-connect") == 0 ||
5872 os_strcmp(work->type, "connect") == 0;
5873 }
5874
5875
radio_work_is_scan(struct wpa_radio_work * work)5876 static int radio_work_is_scan(struct wpa_radio_work *work)
5877 {
5878 return os_strcmp(work->type, "scan") == 0 ||
5879 os_strcmp(work->type, "p2p-scan") == 0;
5880 }
5881
5882
radio_work_get_next_work(struct wpa_radio * radio)5883 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
5884 {
5885 struct wpa_radio_work *active_work = NULL;
5886 struct wpa_radio_work *tmp;
5887
5888 /* Get the active work to know the type and band. */
5889 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5890 if (tmp->started) {
5891 active_work = tmp;
5892 break;
5893 }
5894 }
5895
5896 if (!active_work) {
5897 /* No active work, start one */
5898 radio->num_active_works = 0;
5899 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
5900 list) {
5901 if (os_strcmp(tmp->type, "scan") == 0 &&
5902 external_scan_running(radio) &&
5903 (((struct wpa_driver_scan_params *)
5904 tmp->ctx)->only_new_results ||
5905 tmp->wpa_s->clear_driver_scan_cache))
5906 continue;
5907 return tmp;
5908 }
5909 return NULL;
5910 }
5911
5912 if (radio_work_is_connect(active_work)) {
5913 /*
5914 * If the active work is either connect or sme-connect,
5915 * do not parallelize them with other radio works.
5916 */
5917 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5918 "Do not parallelize radio work with %s",
5919 active_work->type);
5920 return NULL;
5921 }
5922
5923 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
5924 if (tmp->started)
5925 continue;
5926
5927 /*
5928 * If connect or sme-connect are enqueued, parallelize only
5929 * those operations ahead of them in the queue.
5930 */
5931 if (radio_work_is_connect(tmp))
5932 break;
5933
5934 /* Serialize parallel scan and p2p_scan operations on the same
5935 * interface since the driver_nl80211 mechanism for tracking
5936 * scan cookies does not yet have support for this. */
5937 if (active_work->wpa_s == tmp->wpa_s &&
5938 radio_work_is_scan(active_work) &&
5939 radio_work_is_scan(tmp)) {
5940 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5941 "Do not start work '%s' when another work '%s' is already scheduled",
5942 tmp->type, active_work->type);
5943 continue;
5944 }
5945 /*
5946 * Check that the radio works are distinct and
5947 * on different bands.
5948 */
5949 if (os_strcmp(active_work->type, tmp->type) != 0 &&
5950 (active_work->bands != tmp->bands)) {
5951 /*
5952 * If a scan has to be scheduled through nl80211 scan
5953 * interface and if an external scan is already running,
5954 * do not schedule the scan since it is likely to get
5955 * rejected by kernel.
5956 */
5957 if (os_strcmp(tmp->type, "scan") == 0 &&
5958 external_scan_running(radio) &&
5959 (((struct wpa_driver_scan_params *)
5960 tmp->ctx)->only_new_results ||
5961 tmp->wpa_s->clear_driver_scan_cache))
5962 continue;
5963
5964 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
5965 "active_work:%s new_work:%s",
5966 active_work->type, tmp->type);
5967 return tmp;
5968 }
5969 }
5970
5971 /* Did not find a radio work to schedule in parallel. */
5972 return NULL;
5973 }
5974
5975
radio_start_next_work(void * eloop_ctx,void * timeout_ctx)5976 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
5977 {
5978 struct wpa_radio *radio = eloop_ctx;
5979 struct wpa_radio_work *work;
5980 struct os_reltime now, diff;
5981 struct wpa_supplicant *wpa_s;
5982
5983 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
5984 if (work == NULL) {
5985 radio->num_active_works = 0;
5986 return;
5987 }
5988
5989 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
5990 radio_list);
5991
5992 if (!(wpa_s &&
5993 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
5994 if (work->started)
5995 return; /* already started and still in progress */
5996
5997 if (wpa_s && external_scan_running(wpa_s->radio)) {
5998 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
5999 return;
6000 }
6001 } else {
6002 work = NULL;
6003 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
6004 /* get the work to schedule next */
6005 work = radio_work_get_next_work(radio);
6006 }
6007 if (!work)
6008 return;
6009 }
6010
6011 wpa_s = work->wpa_s;
6012 os_get_reltime(&now);
6013 os_reltime_sub(&now, &work->time, &diff);
6014 wpa_dbg(wpa_s, MSG_DEBUG,
6015 "Starting radio work '%s'@%p after %ld.%06ld second wait",
6016 work->type, work, diff.sec, diff.usec);
6017 work->started = 1;
6018 work->time = now;
6019 radio->num_active_works++;
6020
6021 work->cb(work, 0);
6022
6023 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
6024 radio->num_active_works < MAX_ACTIVE_WORKS)
6025 radio_work_check_next(wpa_s);
6026 }
6027
6028
6029 /*
6030 * This function removes both started and pending radio works running on
6031 * the provided interface's radio.
6032 * Prior to the removal of the radio work, its callback (cb) is called with
6033 * deinit set to be 1. Each work's callback is responsible for clearing its
6034 * internal data and restoring to a correct state.
6035 * @wpa_s: wpa_supplicant data
6036 * @type: type of works to be removed
6037 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
6038 * this interface's works.
6039 */
radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)6040 void radio_remove_works(struct wpa_supplicant *wpa_s,
6041 const char *type, int remove_all)
6042 {
6043 struct wpa_radio_work *work, *tmp;
6044 struct wpa_radio *radio = wpa_s->radio;
6045
6046 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
6047 list) {
6048 if (type && os_strcmp(type, work->type) != 0)
6049 continue;
6050
6051 /* skip other ifaces' works */
6052 if (!remove_all && work->wpa_s != wpa_s)
6053 continue;
6054
6055 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
6056 work->type, work, work->started ? " (started)" : "");
6057 work->cb(work, 1);
6058 radio_work_free(work);
6059 }
6060
6061 /* in case we removed the started work */
6062 radio_work_check_next(wpa_s);
6063 }
6064
6065
radio_remove_pending_work(struct wpa_supplicant * wpa_s,void * ctx)6066 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
6067 {
6068 struct wpa_radio_work *work;
6069 struct wpa_radio *radio = wpa_s->radio;
6070
6071 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6072 if (work->ctx != ctx)
6073 continue;
6074 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
6075 work->type, work, work->started ? " (started)" : "");
6076 radio_work_free(work);
6077 break;
6078 }
6079 }
6080
6081
radio_remove_interface(struct wpa_supplicant * wpa_s)6082 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
6083 {
6084 struct wpa_radio *radio = wpa_s->radio;
6085
6086 if (!radio)
6087 return;
6088
6089 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
6090 wpa_s->ifname, radio->name);
6091 dl_list_del(&wpa_s->radio_list);
6092 radio_remove_works(wpa_s, NULL, 0);
6093 /* If the interface that triggered the external scan was removed, the
6094 * external scan is no longer running. */
6095 if (wpa_s == radio->external_scan_req_interface)
6096 radio->external_scan_req_interface = NULL;
6097 wpa_s->radio = NULL;
6098 if (!dl_list_empty(&radio->ifaces))
6099 return; /* Interfaces remain for this radio */
6100
6101 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
6102 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6103 os_free(radio);
6104 }
6105
6106
radio_work_check_next(struct wpa_supplicant * wpa_s)6107 void radio_work_check_next(struct wpa_supplicant *wpa_s)
6108 {
6109 struct wpa_radio *radio = wpa_s->radio;
6110
6111 if (dl_list_empty(&radio->work))
6112 return;
6113 if (wpa_s->ext_work_in_progress) {
6114 wpa_printf(MSG_DEBUG,
6115 "External radio work in progress - delay start of pending item");
6116 return;
6117 }
6118 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6119 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
6120 }
6121
6122
6123 /**
6124 * radio_add_work - Add a radio work item
6125 * @wpa_s: Pointer to wpa_supplicant data
6126 * @freq: Frequency of the offchannel operation in MHz or 0
6127 * @type: Unique identifier for each type of work
6128 * @next: Force as the next work to be executed
6129 * @cb: Callback function for indicating when radio is available
6130 * @ctx: Context pointer for the work (work->ctx in cb())
6131 * Returns: 0 on success, -1 on failure
6132 *
6133 * This function is used to request time for an operation that requires
6134 * exclusive radio control. Once the radio is available, the registered callback
6135 * function will be called. radio_work_done() must be called once the exclusive
6136 * radio operation has been completed, so that the radio is freed for other
6137 * operations. The special case of deinit=1 is used to free the context data
6138 * during interface removal. That does not allow the callback function to start
6139 * the radio operation, i.e., it must free any resources allocated for the radio
6140 * work and return.
6141 *
6142 * The @freq parameter can be used to indicate a single channel on which the
6143 * offchannel operation will occur. This may allow multiple radio work
6144 * operations to be performed in parallel if they apply for the same channel.
6145 * Setting this to 0 indicates that the work item may use multiple channels or
6146 * requires exclusive control of the radio.
6147 */
radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)6148 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
6149 const char *type, int next,
6150 void (*cb)(struct wpa_radio_work *work, int deinit),
6151 void *ctx)
6152 {
6153 struct wpa_radio *radio = wpa_s->radio;
6154 struct wpa_radio_work *work;
6155 int was_empty;
6156
6157 work = os_zalloc(sizeof(*work));
6158 if (work == NULL)
6159 return -1;
6160 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
6161 os_get_reltime(&work->time);
6162 work->freq = freq;
6163 work->type = type;
6164 work->wpa_s = wpa_s;
6165 work->cb = cb;
6166 work->ctx = ctx;
6167
6168 if (freq)
6169 work->bands = wpas_freq_to_band(freq);
6170 else if (os_strcmp(type, "scan") == 0 ||
6171 os_strcmp(type, "p2p-scan") == 0)
6172 work->bands = wpas_get_bands(wpa_s,
6173 ((struct wpa_driver_scan_params *)
6174 ctx)->freqs);
6175 else
6176 work->bands = wpas_get_bands(wpa_s, NULL);
6177
6178 was_empty = dl_list_empty(&wpa_s->radio->work);
6179 if (next)
6180 dl_list_add(&wpa_s->radio->work, &work->list);
6181 else
6182 dl_list_add_tail(&wpa_s->radio->work, &work->list);
6183 if (was_empty) {
6184 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
6185 radio_work_check_next(wpa_s);
6186 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
6187 && radio->num_active_works < MAX_ACTIVE_WORKS) {
6188 wpa_dbg(wpa_s, MSG_DEBUG,
6189 "Try to schedule a radio work (num_active_works=%u)",
6190 radio->num_active_works);
6191 radio_work_check_next(wpa_s);
6192 }
6193
6194 return 0;
6195 }
6196
6197
6198 /**
6199 * radio_work_done - Indicate that a radio work item has been completed
6200 * @work: Completed work
6201 *
6202 * This function is called once the callback function registered with
6203 * radio_add_work() has completed its work.
6204 */
radio_work_done(struct wpa_radio_work * work)6205 void radio_work_done(struct wpa_radio_work *work)
6206 {
6207 struct wpa_supplicant *wpa_s = work->wpa_s;
6208 struct os_reltime now, diff;
6209 unsigned int started = work->started;
6210
6211 os_get_reltime(&now);
6212 os_reltime_sub(&now, &work->time, &diff);
6213 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
6214 work->type, work, started ? "done" : "canceled",
6215 diff.sec, diff.usec);
6216 radio_work_free(work);
6217 if (started)
6218 radio_work_check_next(wpa_s);
6219 }
6220
6221
6222 struct wpa_radio_work *
radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)6223 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
6224 {
6225 struct wpa_radio_work *work;
6226 struct wpa_radio *radio = wpa_s->radio;
6227
6228 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6229 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
6230 return work;
6231 }
6232
6233 return NULL;
6234 }
6235
6236
wpas_init_driver(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6237 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
6238 const struct wpa_interface *iface)
6239 {
6240 const char *ifname, *driver, *rn;
6241
6242 driver = iface->driver;
6243 next_driver:
6244 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
6245 return -1;
6246
6247 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
6248 if (wpa_s->drv_priv == NULL) {
6249 const char *pos;
6250 int level = MSG_ERROR;
6251
6252 pos = driver ? os_strchr(driver, ',') : NULL;
6253 if (pos) {
6254 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
6255 "driver interface - try next driver wrapper");
6256 driver = pos + 1;
6257 goto next_driver;
6258 }
6259
6260 #ifdef CONFIG_MATCH_IFACE
6261 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL)
6262 level = MSG_DEBUG;
6263 #endif /* CONFIG_MATCH_IFACE */
6264 wpa_msg(wpa_s, level, "Failed to initialize driver interface");
6265 return -1;
6266 }
6267 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
6268 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
6269 "driver_param '%s'", wpa_s->conf->driver_param);
6270 return -1;
6271 }
6272
6273 ifname = wpa_drv_get_ifname(wpa_s);
6274 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
6275 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
6276 "interface name with '%s'", ifname);
6277 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
6278 }
6279
6280 rn = wpa_driver_get_radio_name(wpa_s);
6281 if (rn && rn[0] == '\0')
6282 rn = NULL;
6283
6284 wpa_s->radio = radio_add_interface(wpa_s, rn);
6285 if (wpa_s->radio == NULL)
6286 return -1;
6287
6288 return 0;
6289 }
6290
6291
6292 #ifdef CONFIG_GAS_SERVER
6293
wpas_gas_server_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)6294 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
6295 unsigned int freq, const u8 *dst,
6296 const u8 *src, const u8 *bssid,
6297 const u8 *data, size_t data_len,
6298 enum offchannel_send_action_result result)
6299 {
6300 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
6301 " result=%s",
6302 freq, MAC2STR(dst),
6303 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
6304 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
6305 "FAILED"));
6306 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
6307 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
6308 }
6309
6310
wpas_gas_server_tx(void * ctx,int freq,const u8 * da,struct wpabuf * buf,unsigned int wait_time)6311 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
6312 struct wpabuf *buf, unsigned int wait_time)
6313 {
6314 struct wpa_supplicant *wpa_s = ctx;
6315 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
6316
6317 if (wait_time > wpa_s->max_remain_on_chan)
6318 wait_time = wpa_s->max_remain_on_chan;
6319
6320 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
6321 wpabuf_head(buf), wpabuf_len(buf),
6322 wait_time, wpas_gas_server_tx_status, 0);
6323 }
6324
6325 #endif /* CONFIG_GAS_SERVER */
6326
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6327 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
6328 const struct wpa_interface *iface)
6329 {
6330 struct wpa_driver_capa capa;
6331 int capa_res;
6332 u8 dfs_domain;
6333
6334 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
6335 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
6336 iface->confname ? iface->confname : "N/A",
6337 iface->driver ? iface->driver : "default",
6338 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
6339 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
6340
6341 if (iface->confname) {
6342 #ifdef CONFIG_BACKEND_FILE
6343 wpa_s->confname = os_rel2abs_path(iface->confname);
6344 if (wpa_s->confname == NULL) {
6345 wpa_printf(MSG_ERROR, "Failed to get absolute path "
6346 "for configuration file '%s'.",
6347 iface->confname);
6348 return -1;
6349 }
6350 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
6351 iface->confname, wpa_s->confname);
6352 #else /* CONFIG_BACKEND_FILE */
6353 wpa_s->confname = os_strdup(iface->confname);
6354 #endif /* CONFIG_BACKEND_FILE */
6355 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6356 if (wpa_s->conf == NULL) {
6357 wpa_printf(MSG_ERROR, "Failed to read or parse "
6358 "configuration '%s'.", wpa_s->confname);
6359 return -1;
6360 }
6361 wpa_s->confanother = os_rel2abs_path(iface->confanother);
6362 if (wpa_s->confanother &&
6363 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6364 wpa_printf(MSG_ERROR,
6365 "Failed to read or parse configuration '%s'.",
6366 wpa_s->confanother);
6367 return -1;
6368 }
6369
6370 /*
6371 * Override ctrl_interface and driver_param if set on command
6372 * line.
6373 */
6374 if (iface->ctrl_interface) {
6375 os_free(wpa_s->conf->ctrl_interface);
6376 wpa_s->conf->ctrl_interface =
6377 os_strdup(iface->ctrl_interface);
6378 }
6379
6380 if (iface->driver_param) {
6381 os_free(wpa_s->conf->driver_param);
6382 wpa_s->conf->driver_param =
6383 os_strdup(iface->driver_param);
6384 }
6385
6386 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6387 os_free(wpa_s->conf->ctrl_interface);
6388 wpa_s->conf->ctrl_interface = NULL;
6389 }
6390 } else
6391 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6392 iface->driver_param);
6393
6394 if (wpa_s->conf == NULL) {
6395 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6396 return -1;
6397 }
6398
6399 if (iface->ifname == NULL) {
6400 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6401 return -1;
6402 }
6403 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6404 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6405 iface->ifname);
6406 return -1;
6407 }
6408 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6409 #ifdef CONFIG_MATCH_IFACE
6410 wpa_s->matched = iface->matched;
6411 #endif /* CONFIG_MATCH_IFACE */
6412
6413 if (iface->bridge_ifname) {
6414 if (os_strlen(iface->bridge_ifname) >=
6415 sizeof(wpa_s->bridge_ifname)) {
6416 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6417 "name '%s'.", iface->bridge_ifname);
6418 return -1;
6419 }
6420 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6421 sizeof(wpa_s->bridge_ifname));
6422 }
6423
6424 /* RSNA Supplicant Key Management - INITIALIZE */
6425 eapol_sm_notify_portEnabled(wpa_s->eapol, false);
6426 eapol_sm_notify_portValid(wpa_s->eapol, false);
6427
6428 /* Initialize driver interface and register driver event handler before
6429 * L2 receive handler so that association events are processed before
6430 * EAPOL-Key packets if both become available for the same select()
6431 * call. */
6432 if (wpas_init_driver(wpa_s, iface) < 0)
6433 return -1;
6434
6435 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6436 return -1;
6437
6438 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6439 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6440 NULL);
6441 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6442
6443 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6444 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6445 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
6446 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6447 "dot11RSNAConfigPMKLifetime");
6448 return -1;
6449 }
6450
6451 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6452 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6453 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
6454 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6455 "dot11RSNAConfigPMKReauthThreshold");
6456 return -1;
6457 }
6458
6459 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6460 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6461 wpa_s->conf->dot11RSNAConfigSATimeout)) {
6462 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6463 "dot11RSNAConfigSATimeout");
6464 return -1;
6465 }
6466
6467 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6468 &wpa_s->hw.num_modes,
6469 &wpa_s->hw.flags,
6470 &dfs_domain);
6471 if (wpa_s->hw.modes) {
6472 u16 i;
6473
6474 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6475 if (wpa_s->hw.modes[i].vht_capab) {
6476 wpa_s->hw_capab = CAPAB_VHT;
6477 break;
6478 }
6479
6480 if (wpa_s->hw.modes[i].ht_capab &
6481 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6482 wpa_s->hw_capab = CAPAB_HT40;
6483 else if (wpa_s->hw.modes[i].ht_capab &&
6484 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6485 wpa_s->hw_capab = CAPAB_HT;
6486 }
6487 }
6488
6489 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6490 if (capa_res == 0) {
6491 wpa_s->drv_capa_known = 1;
6492 wpa_s->drv_flags = capa.flags;
6493 wpa_s->drv_flags2 = capa.flags2;
6494 wpa_s->drv_enc = capa.enc;
6495 wpa_s->drv_rrm_flags = capa.rrm_flags;
6496 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
6497 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6498 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
6499 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6500 wpa_s->max_sched_scan_plan_interval =
6501 capa.max_sched_scan_plan_interval;
6502 wpa_s->max_sched_scan_plan_iterations =
6503 capa.max_sched_scan_plan_iterations;
6504 wpa_s->sched_scan_supported = capa.sched_scan_supported;
6505 wpa_s->max_match_sets = capa.max_match_sets;
6506 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
6507 wpa_s->max_stations = capa.max_stations;
6508 wpa_s->extended_capa = capa.extended_capa;
6509 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6510 wpa_s->extended_capa_len = capa.extended_capa_len;
6511 wpa_s->num_multichan_concurrent =
6512 capa.num_multichan_concurrent;
6513 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
6514
6515 if (capa.mac_addr_rand_scan_supported)
6516 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6517 if (wpa_s->sched_scan_supported &&
6518 capa.mac_addr_rand_sched_scan_supported)
6519 wpa_s->mac_addr_rand_supported |=
6520 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
6521
6522 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6523 if (wpa_s->extended_capa &&
6524 wpa_s->extended_capa_len >= 3 &&
6525 wpa_s->extended_capa[2] & 0x40)
6526 wpa_s->multi_bss_support = 1;
6527 }
6528 if (wpa_s->max_remain_on_chan == 0)
6529 wpa_s->max_remain_on_chan = 1000;
6530
6531 /*
6532 * Only take p2p_mgmt parameters when P2P Device is supported.
6533 * Doing it here as it determines whether l2_packet_init() will be done
6534 * during wpa_supplicant_driver_init().
6535 */
6536 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6537 wpa_s->p2p_mgmt = iface->p2p_mgmt;
6538
6539 if (wpa_s->num_multichan_concurrent == 0)
6540 wpa_s->num_multichan_concurrent = 1;
6541
6542 if (wpa_supplicant_driver_init(wpa_s) < 0)
6543 return -1;
6544
6545 #ifdef CONFIG_TDLS
6546 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
6547 return -1;
6548 #endif /* CONFIG_TDLS */
6549
6550 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6551 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6552 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6553 return -1;
6554 }
6555
6556 #ifdef CONFIG_FST
6557 if (wpa_s->conf->fst_group_id) {
6558 struct fst_iface_cfg cfg;
6559 struct fst_wpa_obj iface_obj;
6560
6561 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6562 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6563 sizeof(cfg.group_id));
6564 cfg.priority = wpa_s->conf->fst_priority;
6565 cfg.llt = wpa_s->conf->fst_llt;
6566
6567 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6568 &iface_obj, &cfg);
6569 if (!wpa_s->fst) {
6570 wpa_msg(wpa_s, MSG_ERROR,
6571 "FST: Cannot attach iface %s to group %s",
6572 wpa_s->ifname, cfg.group_id);
6573 return -1;
6574 }
6575 }
6576 #endif /* CONFIG_FST */
6577
6578 if (wpas_wps_init(wpa_s))
6579 return -1;
6580
6581 #ifdef CONFIG_GAS_SERVER
6582 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6583 if (!wpa_s->gas_server) {
6584 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6585 return -1;
6586 }
6587 #endif /* CONFIG_GAS_SERVER */
6588
6589 #ifdef CONFIG_DPP
6590 if (wpas_dpp_init(wpa_s) < 0)
6591 return -1;
6592 #endif /* CONFIG_DPP */
6593
6594 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6595 return -1;
6596 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6597
6598 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6599 if (wpa_s->ctrl_iface == NULL) {
6600 wpa_printf(MSG_ERROR,
6601 "Failed to initialize control interface '%s'.\n"
6602 "You may have another wpa_supplicant process "
6603 "already running or the file was\n"
6604 "left by an unclean termination of wpa_supplicant "
6605 "in which case you will need\n"
6606 "to manually remove this file before starting "
6607 "wpa_supplicant again.\n",
6608 wpa_s->conf->ctrl_interface);
6609 return -1;
6610 }
6611
6612 wpa_s->gas = gas_query_init(wpa_s);
6613 if (wpa_s->gas == NULL) {
6614 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6615 return -1;
6616 }
6617
6618 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6619 wpa_s->p2p_mgmt) &&
6620 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
6621 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
6622 return -1;
6623 }
6624
6625 if (wpa_bss_init(wpa_s) < 0)
6626 return -1;
6627
6628 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6629 #ifdef CONFIG_MESH
6630 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6631 #endif /* CONFIG_MESH */
6632 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6633
6634 /*
6635 * Set Wake-on-WLAN triggers, if configured.
6636 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6637 * have effect anyway when the interface is down).
6638 */
6639 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6640 return -1;
6641
6642 #ifdef CONFIG_EAP_PROXY
6643 {
6644 size_t len;
6645 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6646 wpa_s->imsi, &len);
6647 if (wpa_s->mnc_len > 0) {
6648 wpa_s->imsi[len] = '\0';
6649 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6650 wpa_s->imsi, wpa_s->mnc_len);
6651 } else {
6652 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6653 }
6654 }
6655 #endif /* CONFIG_EAP_PROXY */
6656
6657 if (pcsc_reader_init(wpa_s) < 0)
6658 return -1;
6659
6660 if (wpas_init_ext_pw(wpa_s) < 0)
6661 return -1;
6662
6663 wpas_rrm_reset(wpa_s);
6664
6665 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6666
6667 #ifdef CONFIG_HS20
6668 hs20_init(wpa_s);
6669 #endif /* CONFIG_HS20 */
6670 #ifdef CONFIG_MBO
6671 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
6672 if ((wpa_s->conf->oce & OCE_STA) &&
6673 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6674 wpa_s->enable_oce = OCE_STA;
6675 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6676 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6677 /* TODO: Need to add STA-CFON support */
6678 wpa_printf(MSG_ERROR,
6679 "OCE STA-CFON feature is not yet supported");
6680 }
6681 }
6682 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6683 #endif /* CONFIG_MBO */
6684
6685 wpa_supplicant_set_default_scan_ies(wpa_s);
6686
6687 return 0;
6688 }
6689
6690
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)6691 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
6692 int notify, int terminate)
6693 {
6694 struct wpa_global *global = wpa_s->global;
6695 struct wpa_supplicant *iface, *prev;
6696
6697 if (wpa_s == wpa_s->parent)
6698 wpas_p2p_group_remove(wpa_s, "*");
6699
6700 iface = global->ifaces;
6701 while (iface) {
6702 if (iface->p2pdev == wpa_s)
6703 iface->p2pdev = iface->parent;
6704 if (iface == wpa_s || iface->parent != wpa_s) {
6705 iface = iface->next;
6706 continue;
6707 }
6708 wpa_printf(MSG_DEBUG,
6709 "Remove remaining child interface %s from parent %s",
6710 iface->ifname, wpa_s->ifname);
6711 prev = iface;
6712 iface = iface->next;
6713 wpa_supplicant_remove_iface(global, prev, terminate);
6714 }
6715
6716 wpa_s->disconnected = 1;
6717 if (wpa_s->drv_priv) {
6718 /*
6719 * Don't deauthenticate if WoWLAN is enable and not explicitly
6720 * been configured to disconnect.
6721 */
6722 if (!wpa_drv_get_wowlan(wpa_s) ||
6723 wpa_s->conf->wowlan_disconnect_on_deinit) {
6724 wpa_supplicant_deauthenticate(
6725 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6726
6727 wpa_drv_set_countermeasures(wpa_s, 0);
6728 wpa_clear_keys(wpa_s, NULL);
6729 } else {
6730 wpa_msg(wpa_s, MSG_INFO,
6731 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
6732 }
6733 }
6734
6735 wpa_supplicant_cleanup(wpa_s);
6736 wpas_p2p_deinit_iface(wpa_s);
6737
6738 wpas_ctrl_radio_work_flush(wpa_s);
6739 radio_remove_interface(wpa_s);
6740
6741 #ifdef CONFIG_FST
6742 if (wpa_s->fst) {
6743 fst_detach(wpa_s->fst);
6744 wpa_s->fst = NULL;
6745 }
6746 if (wpa_s->received_mb_ies) {
6747 wpabuf_free(wpa_s->received_mb_ies);
6748 wpa_s->received_mb_ies = NULL;
6749 }
6750 #endif /* CONFIG_FST */
6751
6752 if (wpa_s->drv_priv)
6753 wpa_drv_deinit(wpa_s);
6754
6755 if (notify)
6756 wpas_notify_iface_removed(wpa_s);
6757
6758 if (terminate)
6759 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
6760
6761 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
6762 wpa_s->ctrl_iface = NULL;
6763
6764 #ifdef CONFIG_MESH
6765 if (wpa_s->ifmsh) {
6766 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true);
6767 wpa_s->ifmsh = NULL;
6768 }
6769 #endif /* CONFIG_MESH */
6770
6771 if (wpa_s->conf != NULL) {
6772 wpa_config_free(wpa_s->conf);
6773 wpa_s->conf = NULL;
6774 }
6775
6776 os_free(wpa_s->ssids_from_scan_req);
6777 os_free(wpa_s->last_scan_freqs);
6778
6779 os_free(wpa_s);
6780 }
6781
6782
6783 #ifdef CONFIG_MATCH_IFACE
6784
6785 /**
6786 * wpa_supplicant_match_iface - Match an interface description to a name
6787 * @global: Pointer to global data from wpa_supplicant_init()
6788 * @ifname: Name of the interface to match
6789 * Returns: Pointer to the created interface description or %NULL on failure
6790 */
wpa_supplicant_match_iface(struct wpa_global * global,const char * ifname)6791 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
6792 const char *ifname)
6793 {
6794 int i;
6795 struct wpa_interface *iface, *miface;
6796
6797 for (i = 0; i < global->params.match_iface_count; i++) {
6798 miface = &global->params.match_ifaces[i];
6799 if (!miface->ifname ||
6800 fnmatch(miface->ifname, ifname, 0) == 0) {
6801 iface = os_zalloc(sizeof(*iface));
6802 if (!iface)
6803 return NULL;
6804 *iface = *miface;
6805 if (!miface->ifname)
6806 iface->matched = WPA_IFACE_MATCHED_NULL;
6807 else
6808 iface->matched = WPA_IFACE_MATCHED;
6809 iface->ifname = ifname;
6810 return iface;
6811 }
6812 }
6813
6814 return NULL;
6815 }
6816
6817
6818 /**
6819 * wpa_supplicant_match_existing - Match existing interfaces
6820 * @global: Pointer to global data from wpa_supplicant_init()
6821 * Returns: 0 on success, -1 on failure
6822 */
wpa_supplicant_match_existing(struct wpa_global * global)6823 static int wpa_supplicant_match_existing(struct wpa_global *global)
6824 {
6825 struct if_nameindex *ifi, *ifp;
6826 struct wpa_supplicant *wpa_s;
6827 struct wpa_interface *iface;
6828
6829 ifp = if_nameindex();
6830 if (!ifp) {
6831 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
6832 return -1;
6833 }
6834
6835 for (ifi = ifp; ifi->if_name; ifi++) {
6836 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
6837 if (wpa_s)
6838 continue;
6839 iface = wpa_supplicant_match_iface(global, ifi->if_name);
6840 if (iface) {
6841 wpa_supplicant_add_iface(global, iface, NULL);
6842 os_free(iface);
6843 }
6844 }
6845
6846 if_freenameindex(ifp);
6847 return 0;
6848 }
6849
6850 #endif /* CONFIG_MATCH_IFACE */
6851
6852
6853 /**
6854 * wpa_supplicant_add_iface - Add a new network interface
6855 * @global: Pointer to global data from wpa_supplicant_init()
6856 * @iface: Interface configuration options
6857 * @parent: Parent interface or %NULL to assign new interface as parent
6858 * Returns: Pointer to the created interface or %NULL on failure
6859 *
6860 * This function is used to add new network interfaces for %wpa_supplicant.
6861 * This can be called before wpa_supplicant_run() to add interfaces before the
6862 * main event loop has been started. In addition, new interfaces can be added
6863 * dynamically while %wpa_supplicant is already running. This could happen,
6864 * e.g., when a hotplug network adapter is inserted.
6865 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)6866 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
6867 struct wpa_interface *iface,
6868 struct wpa_supplicant *parent)
6869 {
6870 struct wpa_supplicant *wpa_s;
6871 struct wpa_interface t_iface;
6872 struct wpa_ssid *ssid;
6873
6874 if (global == NULL || iface == NULL)
6875 return NULL;
6876
6877 wpa_s = wpa_supplicant_alloc(parent);
6878 if (wpa_s == NULL)
6879 return NULL;
6880
6881 wpa_s->global = global;
6882
6883 t_iface = *iface;
6884 if (global->params.override_driver) {
6885 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
6886 "('%s' -> '%s')",
6887 iface->driver, global->params.override_driver);
6888 t_iface.driver = global->params.override_driver;
6889 }
6890 if (global->params.override_ctrl_interface) {
6891 wpa_printf(MSG_DEBUG, "Override interface parameter: "
6892 "ctrl_interface ('%s' -> '%s')",
6893 iface->ctrl_interface,
6894 global->params.override_ctrl_interface);
6895 t_iface.ctrl_interface =
6896 global->params.override_ctrl_interface;
6897 }
6898 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
6899 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
6900 iface->ifname);
6901 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
6902 return NULL;
6903 }
6904
6905 /* Notify the control interfaces about new iface */
6906 if (wpas_notify_iface_added(wpa_s)) {
6907 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
6908 return NULL;
6909 }
6910
6911 /* Notify the control interfaces about new networks for non p2p mgmt
6912 * ifaces. */
6913 if (iface->p2p_mgmt == 0) {
6914 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
6915 wpas_notify_network_added(wpa_s, ssid);
6916 }
6917
6918 wpa_s->next = global->ifaces;
6919 global->ifaces = wpa_s;
6920
6921 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
6922 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6923
6924 #ifdef CONFIG_P2P
6925 if (wpa_s->global->p2p == NULL &&
6926 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
6927 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
6928 wpas_p2p_add_p2pdev_interface(
6929 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
6930 wpa_printf(MSG_INFO,
6931 "P2P: Failed to enable P2P Device interface");
6932 /* Try to continue without. P2P will be disabled. */
6933 }
6934 #endif /* CONFIG_P2P */
6935
6936 return wpa_s;
6937 }
6938
6939
6940 /**
6941 * wpa_supplicant_remove_iface - Remove a network interface
6942 * @global: Pointer to global data from wpa_supplicant_init()
6943 * @wpa_s: Pointer to the network interface to be removed
6944 * Returns: 0 if interface was removed, -1 if interface was not found
6945 *
6946 * This function can be used to dynamically remove network interfaces from
6947 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
6948 * addition, this function is used to remove all remaining interfaces when
6949 * %wpa_supplicant is terminated.
6950 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)6951 int wpa_supplicant_remove_iface(struct wpa_global *global,
6952 struct wpa_supplicant *wpa_s,
6953 int terminate)
6954 {
6955 struct wpa_supplicant *prev;
6956 #ifdef CONFIG_MESH
6957 unsigned int mesh_if_created = wpa_s->mesh_if_created;
6958 char *ifname = NULL;
6959 struct wpa_supplicant *parent = wpa_s->parent;
6960 #endif /* CONFIG_MESH */
6961
6962 /* Remove interface from the global list of interfaces */
6963 prev = global->ifaces;
6964 if (prev == wpa_s) {
6965 global->ifaces = wpa_s->next;
6966 } else {
6967 while (prev && prev->next != wpa_s)
6968 prev = prev->next;
6969 if (prev == NULL)
6970 return -1;
6971 prev->next = wpa_s->next;
6972 }
6973
6974 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
6975
6976 #ifdef CONFIG_MESH
6977 if (mesh_if_created) {
6978 ifname = os_strdup(wpa_s->ifname);
6979 if (ifname == NULL) {
6980 wpa_dbg(wpa_s, MSG_ERROR,
6981 "mesh: Failed to malloc ifname");
6982 return -1;
6983 }
6984 }
6985 #endif /* CONFIG_MESH */
6986
6987 if (global->p2p_group_formation == wpa_s)
6988 global->p2p_group_formation = NULL;
6989 if (global->p2p_invite_group == wpa_s)
6990 global->p2p_invite_group = NULL;
6991 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
6992
6993 #ifdef CONFIG_MESH
6994 if (mesh_if_created) {
6995 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
6996 os_free(ifname);
6997 }
6998 #endif /* CONFIG_MESH */
6999
7000 return 0;
7001 }
7002
7003
7004 /**
7005 * wpa_supplicant_get_eap_mode - Get the current EAP mode
7006 * @wpa_s: Pointer to the network interface
7007 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
7008 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)7009 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
7010 {
7011 const char *eapol_method;
7012
7013 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
7014 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
7015 return "NO-EAP";
7016 }
7017
7018 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
7019 if (eapol_method == NULL)
7020 return "UNKNOWN-EAP";
7021
7022 return eapol_method;
7023 }
7024
7025
7026 /**
7027 * wpa_supplicant_get_iface - Get a new network interface
7028 * @global: Pointer to global data from wpa_supplicant_init()
7029 * @ifname: Interface name
7030 * Returns: Pointer to the interface or %NULL if not found
7031 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)7032 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
7033 const char *ifname)
7034 {
7035 struct wpa_supplicant *wpa_s;
7036
7037 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7038 if (os_strcmp(wpa_s->ifname, ifname) == 0)
7039 return wpa_s;
7040 }
7041 return NULL;
7042 }
7043
7044
7045 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)7046 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
7047 {
7048 struct wpa_supplicant *wpa_s = ctx;
7049 if (wpa_s == NULL)
7050 return NULL;
7051 return wpa_s->ifname;
7052 }
7053 #endif /* CONFIG_NO_WPA_MSG */
7054
7055
7056 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
7057 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
7058 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
7059
7060 /* Periodic cleanup tasks */
wpas_periodic(void * eloop_ctx,void * timeout_ctx)7061 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
7062 {
7063 struct wpa_global *global = eloop_ctx;
7064 struct wpa_supplicant *wpa_s;
7065
7066 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7067 wpas_periodic, global, NULL);
7068
7069 #ifdef CONFIG_P2P
7070 if (global->p2p)
7071 p2p_expire_peers(global->p2p);
7072 #endif /* CONFIG_P2P */
7073
7074 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7075 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
7076 #ifdef CONFIG_AP
7077 ap_periodic(wpa_s);
7078 #endif /* CONFIG_AP */
7079 }
7080 }
7081
7082
7083 /**
7084 * wpa_supplicant_init - Initialize %wpa_supplicant
7085 * @params: Parameters for %wpa_supplicant
7086 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
7087 *
7088 * This function is used to initialize %wpa_supplicant. After successful
7089 * initialization, the returned data pointer can be used to add and remove
7090 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
7091 */
wpa_supplicant_init(struct wpa_params * params)7092 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
7093 {
7094 struct wpa_global *global;
7095 int ret, i;
7096
7097 if (params == NULL)
7098 return NULL;
7099
7100 #ifdef CONFIG_DRIVER_NDIS
7101 {
7102 void driver_ndis_init_ops(void);
7103 driver_ndis_init_ops();
7104 }
7105 #endif /* CONFIG_DRIVER_NDIS */
7106
7107 #ifndef CONFIG_NO_WPA_MSG
7108 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
7109 #endif /* CONFIG_NO_WPA_MSG */
7110
7111 if (params->wpa_debug_file_path)
7112 wpa_debug_open_file(params->wpa_debug_file_path);
7113 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
7114 wpa_debug_setup_stdout();
7115 if (params->wpa_debug_syslog)
7116 wpa_debug_open_syslog();
7117 if (params->wpa_debug_tracing) {
7118 ret = wpa_debug_open_linux_tracing();
7119 if (ret) {
7120 wpa_printf(MSG_ERROR,
7121 "Failed to enable trace logging");
7122 return NULL;
7123 }
7124 }
7125
7126 ret = eap_register_methods();
7127 if (ret) {
7128 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
7129 if (ret == -2)
7130 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
7131 "the same EAP type.");
7132 return NULL;
7133 }
7134
7135 global = os_zalloc(sizeof(*global));
7136 if (global == NULL)
7137 return NULL;
7138 dl_list_init(&global->p2p_srv_bonjour);
7139 dl_list_init(&global->p2p_srv_upnp);
7140 global->params.daemonize = params->daemonize;
7141 global->params.wait_for_monitor = params->wait_for_monitor;
7142 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
7143 if (params->pid_file)
7144 global->params.pid_file = os_strdup(params->pid_file);
7145 if (params->ctrl_interface)
7146 global->params.ctrl_interface =
7147 os_strdup(params->ctrl_interface);
7148 if (params->ctrl_interface_group)
7149 global->params.ctrl_interface_group =
7150 os_strdup(params->ctrl_interface_group);
7151 if (params->override_driver)
7152 global->params.override_driver =
7153 os_strdup(params->override_driver);
7154 if (params->override_ctrl_interface)
7155 global->params.override_ctrl_interface =
7156 os_strdup(params->override_ctrl_interface);
7157 #ifdef CONFIG_MATCH_IFACE
7158 global->params.match_iface_count = params->match_iface_count;
7159 if (params->match_iface_count) {
7160 global->params.match_ifaces =
7161 os_calloc(params->match_iface_count,
7162 sizeof(struct wpa_interface));
7163 os_memcpy(global->params.match_ifaces,
7164 params->match_ifaces,
7165 params->match_iface_count *
7166 sizeof(struct wpa_interface));
7167 }
7168 #endif /* CONFIG_MATCH_IFACE */
7169 #ifdef CONFIG_P2P
7170 if (params->conf_p2p_dev)
7171 global->params.conf_p2p_dev =
7172 os_strdup(params->conf_p2p_dev);
7173 #endif /* CONFIG_P2P */
7174 wpa_debug_level = global->params.wpa_debug_level =
7175 params->wpa_debug_level;
7176 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
7177 params->wpa_debug_show_keys;
7178 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
7179 params->wpa_debug_timestamp;
7180
7181 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
7182
7183 if (eloop_init()) {
7184 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
7185 wpa_supplicant_deinit(global);
7186 return NULL;
7187 }
7188
7189 random_init(params->entropy_file);
7190
7191 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
7192 if (global->ctrl_iface == NULL) {
7193 wpa_supplicant_deinit(global);
7194 return NULL;
7195 }
7196
7197 if (wpas_notify_supplicant_initialized(global)) {
7198 wpa_supplicant_deinit(global);
7199 return NULL;
7200 }
7201
7202 for (i = 0; wpa_drivers[i]; i++)
7203 global->drv_count++;
7204 if (global->drv_count == 0) {
7205 wpa_printf(MSG_ERROR, "No drivers enabled");
7206 wpa_supplicant_deinit(global);
7207 return NULL;
7208 }
7209 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
7210 if (global->drv_priv == NULL) {
7211 wpa_supplicant_deinit(global);
7212 return NULL;
7213 }
7214
7215 #ifdef CONFIG_WIFI_DISPLAY
7216 if (wifi_display_init(global) < 0) {
7217 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
7218 wpa_supplicant_deinit(global);
7219 return NULL;
7220 }
7221 #endif /* CONFIG_WIFI_DISPLAY */
7222
7223 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7224 wpas_periodic, global, NULL);
7225
7226 return global;
7227 }
7228
7229
7230 /**
7231 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
7232 * @global: Pointer to global data from wpa_supplicant_init()
7233 * Returns: 0 after successful event loop run, -1 on failure
7234 *
7235 * This function starts the main event loop and continues running as long as
7236 * there are any remaining events. In most cases, this function is running as
7237 * long as the %wpa_supplicant process in still in use.
7238 */
wpa_supplicant_run(struct wpa_global * global)7239 int wpa_supplicant_run(struct wpa_global *global)
7240 {
7241 struct wpa_supplicant *wpa_s;
7242
7243 if (global->params.daemonize &&
7244 (wpa_supplicant_daemon(global->params.pid_file) ||
7245 eloop_sock_requeue()))
7246 return -1;
7247
7248 #ifdef CONFIG_MATCH_IFACE
7249 if (wpa_supplicant_match_existing(global))
7250 return -1;
7251 #endif
7252
7253 if (global->params.wait_for_monitor) {
7254 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
7255 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
7256 wpa_supplicant_ctrl_iface_wait(
7257 wpa_s->ctrl_iface);
7258 }
7259
7260 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
7261 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
7262
7263 eloop_run();
7264
7265 return 0;
7266 }
7267
7268
7269 /**
7270 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
7271 * @global: Pointer to global data from wpa_supplicant_init()
7272 *
7273 * This function is called to deinitialize %wpa_supplicant and to free all
7274 * allocated resources. Remaining network interfaces will also be removed.
7275 */
wpa_supplicant_deinit(struct wpa_global * global)7276 void wpa_supplicant_deinit(struct wpa_global *global)
7277 {
7278 int i;
7279
7280 if (global == NULL)
7281 return;
7282
7283 eloop_cancel_timeout(wpas_periodic, global, NULL);
7284
7285 #ifdef CONFIG_WIFI_DISPLAY
7286 wifi_display_deinit(global);
7287 #endif /* CONFIG_WIFI_DISPLAY */
7288
7289 while (global->ifaces)
7290 wpa_supplicant_remove_iface(global, global->ifaces, 1);
7291
7292 if (global->ctrl_iface)
7293 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
7294
7295 wpas_notify_supplicant_deinitialized(global);
7296
7297 eap_peer_unregister_methods();
7298 #ifdef CONFIG_AP
7299 eap_server_unregister_methods();
7300 #endif /* CONFIG_AP */
7301
7302 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
7303 if (!global->drv_priv[i])
7304 continue;
7305 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
7306 }
7307 os_free(global->drv_priv);
7308
7309 random_deinit();
7310
7311 eloop_destroy();
7312
7313 if (global->params.pid_file) {
7314 os_daemonize_terminate(global->params.pid_file);
7315 os_free(global->params.pid_file);
7316 }
7317 os_free(global->params.ctrl_interface);
7318 os_free(global->params.ctrl_interface_group);
7319 os_free(global->params.override_driver);
7320 os_free(global->params.override_ctrl_interface);
7321 #ifdef CONFIG_MATCH_IFACE
7322 os_free(global->params.match_ifaces);
7323 #endif /* CONFIG_MATCH_IFACE */
7324 #ifdef CONFIG_P2P
7325 os_free(global->params.conf_p2p_dev);
7326 #endif /* CONFIG_P2P */
7327
7328 os_free(global->p2p_disallow_freq.range);
7329 os_free(global->p2p_go_avoid_freq.range);
7330 os_free(global->add_psk);
7331
7332 os_free(global);
7333 wpa_debug_close_syslog();
7334 wpa_debug_close_file();
7335 wpa_debug_close_linux_tracing();
7336 }
7337
7338
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)7339 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
7340 {
7341 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
7342 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
7343 char country[3];
7344 country[0] = wpa_s->conf->country[0];
7345 country[1] = wpa_s->conf->country[1];
7346 country[2] = '\0';
7347 if (wpa_drv_set_country(wpa_s, country) < 0) {
7348 wpa_printf(MSG_ERROR, "Failed to set country code "
7349 "'%s'", country);
7350 }
7351 }
7352
7353 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
7354 wpas_init_ext_pw(wpa_s);
7355
7356 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
7357 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7358
7359 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
7360 struct wpa_driver_capa capa;
7361 int res = wpa_drv_get_capa(wpa_s, &capa);
7362
7363 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7364 wpa_printf(MSG_ERROR,
7365 "Failed to update wowlan_triggers to '%s'",
7366 wpa_s->conf->wowlan_triggers);
7367 }
7368
7369 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7370 wpa_supplicant_set_default_scan_ies(wpa_s);
7371
7372 #ifdef CONFIG_BGSCAN
7373 /*
7374 * We default to global bgscan parameters only when per-network bgscan
7375 * parameters aren't set. Only bother resetting bgscan parameters if
7376 * this is the case.
7377 */
7378 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) &&
7379 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan &&
7380 wpa_s->wpa_state == WPA_COMPLETED)
7381 wpa_supplicant_reset_bgscan(wpa_s);
7382 #endif /* CONFIG_BGSCAN */
7383
7384 #ifdef CONFIG_WPS
7385 wpas_wps_update_config(wpa_s);
7386 #endif /* CONFIG_WPS */
7387 wpas_p2p_update_config(wpa_s);
7388 wpa_s->conf->changed_parameters = 0;
7389 }
7390
7391
add_freq(int * freqs,int * num_freqs,int freq)7392 void add_freq(int *freqs, int *num_freqs, int freq)
7393 {
7394 int i;
7395
7396 for (i = 0; i < *num_freqs; i++) {
7397 if (freqs[i] == freq)
7398 return;
7399 }
7400
7401 freqs[*num_freqs] = freq;
7402 (*num_freqs)++;
7403 }
7404
7405
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)7406 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7407 {
7408 struct wpa_bss *bss, *cbss;
7409 const int max_freqs = 10;
7410 int *freqs;
7411 int num_freqs = 0;
7412
7413 freqs = os_calloc(max_freqs + 1, sizeof(int));
7414 if (freqs == NULL)
7415 return NULL;
7416
7417 cbss = wpa_s->current_bss;
7418
7419 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7420 if (bss == cbss)
7421 continue;
7422 if (bss->ssid_len == cbss->ssid_len &&
7423 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7424 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) {
7425 add_freq(freqs, &num_freqs, bss->freq);
7426 if (num_freqs == max_freqs)
7427 break;
7428 }
7429 }
7430
7431 if (num_freqs == 0) {
7432 os_free(freqs);
7433 freqs = NULL;
7434 }
7435
7436 return freqs;
7437 }
7438
7439
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid)7440 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7441 {
7442 int timeout;
7443 int count;
7444 int *freqs = NULL;
7445
7446 wpas_connect_work_done(wpa_s);
7447
7448 /*
7449 * Remove possible authentication timeout since the connection failed.
7450 */
7451 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7452
7453 /*
7454 * There is no point in ignoring the AP temporarily if this event is
7455 * generated based on local request to disconnect.
7456 */
7457 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
7458 wpa_s->own_disconnect_req = 0;
7459 wpa_dbg(wpa_s, MSG_DEBUG,
7460 "Ignore connection failure due to local request to disconnect");
7461 return;
7462 }
7463 if (wpa_s->disconnected) {
7464 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7465 "indication since interface has been put into "
7466 "disconnected state");
7467 return;
7468 }
7469 if (wpa_s->auto_reconnect_disabled) {
7470 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7471 "indication since auto connect is disabled");
7472 return;
7473 }
7474
7475 /*
7476 * Add the failed BSSID into the ignore list and speed up next scan
7477 * attempt if there could be other APs that could accept association.
7478 */
7479 count = wpa_bssid_ignore_add(wpa_s, bssid);
7480 if (count == 1 && wpa_s->current_bss) {
7481 /*
7482 * This BSS was not in the ignore list before. If there is
7483 * another BSS available for the same ESS, we should try that
7484 * next. Otherwise, we may as well try this one once more
7485 * before allowing other, likely worse, ESSes to be considered.
7486 */
7487 freqs = get_bss_freqs_in_ess(wpa_s);
7488 if (freqs) {
7489 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7490 "has been seen; try it next");
7491 wpa_bssid_ignore_add(wpa_s, bssid);
7492 /*
7493 * On the next scan, go through only the known channels
7494 * used in this ESS based on previous scans to speed up
7495 * common load balancing use case.
7496 */
7497 os_free(wpa_s->next_scan_freqs);
7498 wpa_s->next_scan_freqs = freqs;
7499 }
7500 }
7501
7502 wpa_s->consecutive_conn_failures++;
7503
7504 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) {
7505 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7506 "consider temporary network disabling");
7507 wpas_auth_failed(wpa_s, "CONN_FAILED");
7508 }
7509 /*
7510 * Multiple consecutive connection failures mean that other APs are
7511 * either not available or have already been tried, so we can start
7512 * increasing the delay here to avoid constant scanning.
7513 */
7514 switch (wpa_s->consecutive_conn_failures) {
7515 case 1:
7516 timeout = 100;
7517 break;
7518 case 2:
7519 timeout = 500;
7520 break;
7521 case 3:
7522 timeout = 1000;
7523 break;
7524 case 4:
7525 timeout = 5000;
7526 break;
7527 default:
7528 timeout = 10000;
7529 break;
7530 }
7531
7532 wpa_dbg(wpa_s, MSG_DEBUG,
7533 "Consecutive connection failures: %d --> request scan in %d ms",
7534 wpa_s->consecutive_conn_failures, timeout);
7535
7536 /*
7537 * TODO: if more than one possible AP is available in scan results,
7538 * could try the other ones before requesting a new scan.
7539 */
7540
7541 /* speed up the connection attempt with normal scan */
7542 wpa_s->normal_scans = 0;
7543 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7544 1000 * (timeout % 1000));
7545 }
7546
7547
7548 #ifdef CONFIG_FILS
fils_connection_failure(struct wpa_supplicant * wpa_s)7549 void fils_connection_failure(struct wpa_supplicant *wpa_s)
7550 {
7551 struct wpa_ssid *ssid = wpa_s->current_ssid;
7552 const u8 *realm, *username, *rrk;
7553 size_t realm_len, username_len, rrk_len;
7554 u16 next_seq_num;
7555
7556 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7557 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7558 &username, &username_len,
7559 &realm, &realm_len, &next_seq_num,
7560 &rrk, &rrk_len) != 0 ||
7561 !realm)
7562 return;
7563
7564 wpa_hexdump_ascii(MSG_DEBUG,
7565 "FILS: Store last connection failure realm",
7566 realm, realm_len);
7567 os_free(wpa_s->last_con_fail_realm);
7568 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7569 if (wpa_s->last_con_fail_realm) {
7570 wpa_s->last_con_fail_realm_len = realm_len;
7571 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7572 }
7573 }
7574 #endif /* CONFIG_FILS */
7575
7576
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)7577 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7578 {
7579 return wpa_s->conf->ap_scan == 2 ||
7580 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7581 }
7582
7583
7584 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) || defined (CONFIG_CTRL_IFACE_HIDL)
wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)7585 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7586 struct wpa_ssid *ssid,
7587 const char *field,
7588 const char *value)
7589 {
7590 #ifdef IEEE8021X_EAPOL
7591 enum wpa_ctrl_req_type rtype;
7592
7593 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7594 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7595 (const u8 *) value, os_strlen(value));
7596
7597 rtype = wpa_supplicant_ctrl_req_from_string(field);
7598 return wpa_supplicant_ctrl_rsp_handle(wpa_s, ssid, rtype, value, strlen(value));
7599 #else /* IEEE8021X_EAPOL */
7600 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7601 return -1;
7602 #endif /* IEEE8021X_EAPOL */
7603 }
7604
wpa_supplicant_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,enum wpa_ctrl_req_type rtype,const char * value,int value_len)7605 int wpa_supplicant_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7606 struct wpa_ssid *ssid,
7607 enum wpa_ctrl_req_type rtype,
7608 const char *value, int value_len)
7609 {
7610 #ifdef IEEE8021X_EAPOL
7611 struct eap_peer_config *eap = &ssid->eap;
7612 char *identity, *imsi_identity;
7613
7614 switch (rtype) {
7615 case WPA_CTRL_REQ_EAP_IDENTITY:
7616 os_free(eap->identity);
7617 os_free(eap->imsi_identity);
7618 if (value == NULL)
7619 return -1;
7620 identity = os_strchr(value, ':');
7621 if (identity == NULL) {
7622 /* plain identity */
7623 eap->identity = (u8 *)os_strdup(value);
7624 eap->identity_len = os_strlen(value);
7625 } else {
7626 /* have both plain identity and encrypted identity */
7627 imsi_identity = value;
7628 *identity++ = '\0';
7629 /* plain identity */
7630 eap->imsi_identity = (u8 *)dup_binstr(imsi_identity, strlen(imsi_identity));
7631 eap->imsi_identity_len = strlen(imsi_identity);
7632 /* encrypted identity */
7633 eap->identity = (u8 *)dup_binstr(identity,
7634 value_len - strlen(imsi_identity) - 1);
7635 eap->identity_len = value_len - strlen(imsi_identity) - 1;
7636 }
7637 eap->pending_req_identity = 0;
7638 if (ssid == wpa_s->current_ssid)
7639 wpa_s->reassociate = 1;
7640 break;
7641 case WPA_CTRL_REQ_EAP_PASSWORD:
7642 bin_clear_free(eap->password, eap->password_len);
7643 eap->password = (u8 *) os_strdup(value);
7644 eap->password_len = value_len;
7645 eap->pending_req_password = 0;
7646 if (ssid == wpa_s->current_ssid)
7647 wpa_s->reassociate = 1;
7648 break;
7649 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
7650 bin_clear_free(eap->new_password, eap->new_password_len);
7651 eap->new_password = (u8 *) os_strdup(value);
7652 eap->new_password_len = value_len;
7653 eap->pending_req_new_password = 0;
7654 if (ssid == wpa_s->current_ssid)
7655 wpa_s->reassociate = 1;
7656 break;
7657 case WPA_CTRL_REQ_EAP_PIN:
7658 str_clear_free(eap->cert.pin);
7659 eap->cert.pin = os_strdup(value);
7660 eap->pending_req_pin = 0;
7661 if (ssid == wpa_s->current_ssid)
7662 wpa_s->reassociate = 1;
7663 break;
7664 case WPA_CTRL_REQ_EAP_OTP:
7665 bin_clear_free(eap->otp, eap->otp_len);
7666 eap->otp = (u8 *) os_strdup(value);
7667 eap->otp_len = value_len;
7668 os_free(eap->pending_req_otp);
7669 eap->pending_req_otp = NULL;
7670 eap->pending_req_otp_len = 0;
7671 break;
7672 case WPA_CTRL_REQ_EAP_PASSPHRASE:
7673 str_clear_free(eap->cert.private_key_passwd);
7674 eap->cert.private_key_passwd = os_strdup(value);
7675 eap->pending_req_passphrase = 0;
7676 if (ssid == wpa_s->current_ssid)
7677 wpa_s->reassociate = 1;
7678 break;
7679 case WPA_CTRL_REQ_SIM:
7680 str_clear_free(eap->external_sim_resp);
7681 eap->external_sim_resp = os_strdup(value);
7682 eap->pending_req_sim = 0;
7683 break;
7684 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7685 if (wpa_config_set(ssid, "psk", value, 0) < 0)
7686 return -1;
7687 ssid->mem_only_psk = 1;
7688 if (ssid->passphrase)
7689 wpa_config_update_psk(ssid);
7690 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
7691 wpa_supplicant_req_scan(wpa_s, 0, 0);
7692 break;
7693 case WPA_CTRL_REQ_EXT_CERT_CHECK:
7694 if (eap->pending_ext_cert_check != PENDING_CHECK)
7695 return -1;
7696 if (os_strcmp(value, "good") == 0)
7697 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
7698 else if (os_strcmp(value, "bad") == 0)
7699 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
7700 else
7701 return -1;
7702 break;
7703 default:
7704 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown type %d", rtype);
7705 return -1;
7706 }
7707
7708 return 0;
7709 #else /* IEEE8021X_EAPOL */
7710 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7711 return -1;
7712 #endif /* IEEE8021X_EAPOL */
7713 }
7714 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW || CONFIG_CTRL_IFACE_HIDL */
7715
7716
wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)7717 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7718 {
7719 #ifdef CONFIG_WEP
7720 int i;
7721 unsigned int drv_enc;
7722 #endif /* CONFIG_WEP */
7723
7724 if (wpa_s->p2p_mgmt)
7725 return 1; /* no normal network profiles on p2p_mgmt interface */
7726
7727 if (ssid == NULL)
7728 return 1;
7729
7730 if (ssid->disabled)
7731 return 1;
7732
7733 #ifdef CONFIG_WEP
7734 if (wpa_s->drv_capa_known)
7735 drv_enc = wpa_s->drv_enc;
7736 else
7737 drv_enc = (unsigned int) -1;
7738
7739 for (i = 0; i < NUM_WEP_KEYS; i++) {
7740 size_t len = ssid->wep_key_len[i];
7741 if (len == 0)
7742 continue;
7743 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
7744 continue;
7745 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
7746 continue;
7747 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
7748 continue;
7749 return 1; /* invalid WEP key */
7750 }
7751 #endif /* CONFIG_WEP */
7752
7753 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
7754 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
7755 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
7756 !ssid->mem_only_psk)
7757 return 1;
7758
7759 return 0;
7760 }
7761
7762
wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)7763 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
7764 {
7765 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
7766 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
7767 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
7768 /*
7769 * Driver does not support BIP -- ignore pmf=1 default
7770 * since the connection with PMF would fail and the
7771 * configuration does not require PMF to be enabled.
7772 */
7773 return NO_MGMT_FRAME_PROTECTION;
7774 }
7775
7776 if (ssid &&
7777 (ssid->key_mgmt &
7778 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
7779 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
7780 /*
7781 * Do not use the default PMF value for non-RSN networks
7782 * since PMF is available only with RSN and pmf=2
7783 * configuration would otherwise prevent connections to
7784 * all open networks.
7785 */
7786 return NO_MGMT_FRAME_PROTECTION;
7787 }
7788
7789 return wpa_s->conf->pmf;
7790 }
7791
7792 return ssid->ieee80211w;
7793 }
7794
7795
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)7796 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
7797 {
7798 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
7799 return 1;
7800 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
7801 return 0;
7802 return -1;
7803 }
7804
7805
wpas_auth_failed(struct wpa_supplicant * wpa_s,char * reason)7806 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
7807 {
7808 struct wpa_ssid *ssid = wpa_s->current_ssid;
7809 int dur;
7810 struct os_reltime now;
7811
7812 if (ssid == NULL) {
7813 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
7814 "SSID block");
7815 return;
7816 }
7817
7818 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
7819 return;
7820
7821 ssid->auth_failures++;
7822
7823 #ifdef CONFIG_P2P
7824 if (ssid->p2p_group &&
7825 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
7826 /*
7827 * Skip the wait time since there is a short timeout on the
7828 * connection to a P2P group.
7829 */
7830 return;
7831 }
7832 #endif /* CONFIG_P2P */
7833
7834 if (ssid->auth_failures > 50)
7835 dur = 300;
7836 else if (ssid->auth_failures > 10)
7837 dur = 120;
7838 else if (ssid->auth_failures > 5)
7839 dur = 90;
7840 else if (ssid->auth_failures > 3)
7841 dur = 60;
7842 else if (ssid->auth_failures > 2)
7843 dur = 30;
7844 else if (ssid->auth_failures > 1)
7845 dur = 20;
7846 else
7847 dur = 10;
7848
7849 if (ssid->auth_failures > 1 &&
7850 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
7851 dur += os_random() % (ssid->auth_failures * 10);
7852
7853 os_get_reltime(&now);
7854 if (now.sec + dur <= ssid->disabled_until.sec)
7855 return;
7856
7857 ssid->disabled_until.sec = now.sec + dur;
7858
7859 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
7860 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
7861 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
7862 ssid->auth_failures, dur, reason);
7863 }
7864
7865
wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)7866 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
7867 struct wpa_ssid *ssid, int clear_failures)
7868 {
7869 if (ssid == NULL)
7870 return;
7871
7872 if (ssid->disabled_until.sec) {
7873 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
7874 "id=%d ssid=\"%s\"",
7875 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
7876 }
7877 ssid->disabled_until.sec = 0;
7878 ssid->disabled_until.usec = 0;
7879 if (clear_failures)
7880 ssid->auth_failures = 0;
7881 }
7882
7883
disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)7884 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
7885 {
7886 size_t i;
7887
7888 if (wpa_s->disallow_aps_bssid == NULL)
7889 return 0;
7890
7891 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
7892 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
7893 bssid, ETH_ALEN) == 0)
7894 return 1;
7895 }
7896
7897 return 0;
7898 }
7899
7900
disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)7901 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
7902 size_t ssid_len)
7903 {
7904 size_t i;
7905
7906 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
7907 return 0;
7908
7909 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
7910 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
7911 if (ssid_len == s->ssid_len &&
7912 os_memcmp(ssid, s->ssid, ssid_len) == 0)
7913 return 1;
7914 }
7915
7916 return 0;
7917 }
7918
7919
7920 /**
7921 * wpas_request_connection - Request a new connection
7922 * @wpa_s: Pointer to the network interface
7923 *
7924 * This function is used to request a new connection to be found. It will mark
7925 * the interface to allow reassociation and request a new scan to find a
7926 * suitable network to connect to.
7927 */
wpas_request_connection(struct wpa_supplicant * wpa_s)7928 void wpas_request_connection(struct wpa_supplicant *wpa_s)
7929 {
7930 wpa_s->normal_scans = 0;
7931 wpa_s->scan_req = NORMAL_SCAN_REQ;
7932 wpa_supplicant_reinit_autoscan(wpa_s);
7933 wpa_s->disconnected = 0;
7934 wpa_s->reassociate = 1;
7935 wpa_s->last_owe_group = 0;
7936
7937 if (wpa_supplicant_fast_associate(wpa_s) != 1)
7938 wpa_supplicant_req_scan(wpa_s, 0, 0);
7939 else
7940 wpa_s->reattach = 0;
7941 }
7942
7943
7944 /**
7945 * wpas_request_disconnection - Request disconnection
7946 * @wpa_s: Pointer to the network interface
7947 *
7948 * This function is used to request disconnection from the currently connected
7949 * network. This will stop any ongoing scans and initiate deauthentication.
7950 */
wpas_request_disconnection(struct wpa_supplicant * wpa_s)7951 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
7952 {
7953 #ifdef CONFIG_SME
7954 wpa_s->sme.prev_bssid_set = 0;
7955 #endif /* CONFIG_SME */
7956 wpa_s->reassociate = 0;
7957 wpa_s->disconnected = 1;
7958 wpa_supplicant_cancel_sched_scan(wpa_s);
7959 wpa_supplicant_cancel_scan(wpa_s);
7960 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7961 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
7962 radio_remove_works(wpa_s, "connect", 0);
7963 radio_remove_works(wpa_s, "sme-connect", 0);
7964 }
7965
7966
dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)7967 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
7968 struct wpa_used_freq_data *freqs_data,
7969 unsigned int len)
7970 {
7971 unsigned int i;
7972
7973 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
7974 len, title);
7975 for (i = 0; i < len; i++) {
7976 struct wpa_used_freq_data *cur = &freqs_data[i];
7977 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
7978 i, cur->freq, cur->flags);
7979 }
7980 }
7981
7982
7983 /*
7984 * Find the operating frequencies of any of the virtual interfaces that
7985 * are using the same radio as the current interface, and in addition, get
7986 * information about the interface types that are using the frequency.
7987 */
get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len)7988 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
7989 struct wpa_used_freq_data *freqs_data,
7990 unsigned int len)
7991 {
7992 struct wpa_supplicant *ifs;
7993 u8 bssid[ETH_ALEN];
7994 int freq;
7995 unsigned int idx = 0, i;
7996
7997 wpa_dbg(wpa_s, MSG_DEBUG,
7998 "Determining shared radio frequencies (max len %u)", len);
7999 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
8000
8001 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
8002 radio_list) {
8003 if (idx == len)
8004 break;
8005
8006 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
8007 continue;
8008
8009 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
8010 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
8011 ifs->current_ssid->mode == WPAS_MODE_MESH)
8012 freq = ifs->current_ssid->frequency;
8013 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
8014 freq = ifs->assoc_freq;
8015 else
8016 continue;
8017
8018 /* Hold only distinct freqs */
8019 for (i = 0; i < idx; i++)
8020 if (freqs_data[i].freq == freq)
8021 break;
8022
8023 if (i == idx)
8024 freqs_data[idx++].freq = freq;
8025
8026 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
8027 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
8028 WPA_FREQ_USED_BY_P2P_CLIENT :
8029 WPA_FREQ_USED_BY_INFRA_STATION;
8030 }
8031 }
8032
8033 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
8034 return idx;
8035 }
8036
8037
8038 /*
8039 * Find the operating frequencies of any of the virtual interfaces that
8040 * are using the same radio as the current interface.
8041 */
get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len)8042 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
8043 int *freq_array, unsigned int len)
8044 {
8045 struct wpa_used_freq_data *freqs_data;
8046 int num, i;
8047
8048 os_memset(freq_array, 0, sizeof(int) * len);
8049
8050 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
8051 if (!freqs_data)
8052 return -1;
8053
8054 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
8055 for (i = 0; i < num; i++)
8056 freq_array[i] = freqs_data[i].freq;
8057
8058 os_free(freqs_data);
8059
8060 return num;
8061 }
8062
8063
8064 struct wpa_supplicant *
wpas_vendor_elem(struct wpa_supplicant * wpa_s,enum wpa_vendor_elem_frame frame)8065 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
8066 {
8067 switch (frame) {
8068 #ifdef CONFIG_P2P
8069 case VENDOR_ELEM_PROBE_REQ_P2P:
8070 case VENDOR_ELEM_PROBE_RESP_P2P:
8071 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
8072 case VENDOR_ELEM_BEACON_P2P_GO:
8073 case VENDOR_ELEM_P2P_PD_REQ:
8074 case VENDOR_ELEM_P2P_PD_RESP:
8075 case VENDOR_ELEM_P2P_GO_NEG_REQ:
8076 case VENDOR_ELEM_P2P_GO_NEG_RESP:
8077 case VENDOR_ELEM_P2P_GO_NEG_CONF:
8078 case VENDOR_ELEM_P2P_INV_REQ:
8079 case VENDOR_ELEM_P2P_INV_RESP:
8080 case VENDOR_ELEM_P2P_ASSOC_REQ:
8081 case VENDOR_ELEM_P2P_ASSOC_RESP:
8082 return wpa_s->p2pdev;
8083 #endif /* CONFIG_P2P */
8084 default:
8085 return wpa_s;
8086 }
8087 }
8088
8089
wpas_vendor_elem_update(struct wpa_supplicant * wpa_s)8090 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
8091 {
8092 unsigned int i;
8093 char buf[30];
8094
8095 wpa_printf(MSG_DEBUG, "Update vendor elements");
8096
8097 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
8098 if (wpa_s->vendor_elem[i]) {
8099 int res;
8100
8101 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
8102 if (!os_snprintf_error(sizeof(buf), res)) {
8103 wpa_hexdump_buf(MSG_DEBUG, buf,
8104 wpa_s->vendor_elem[i]);
8105 }
8106 }
8107 }
8108
8109 #ifdef CONFIG_P2P
8110 if (wpa_s->parent == wpa_s &&
8111 wpa_s->global->p2p &&
8112 !wpa_s->global->p2p_disabled)
8113 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
8114 #endif /* CONFIG_P2P */
8115 }
8116
8117
wpas_vendor_elem_remove(struct wpa_supplicant * wpa_s,int frame,const u8 * elem,size_t len)8118 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
8119 const u8 *elem, size_t len)
8120 {
8121 u8 *ie, *end;
8122
8123 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
8124 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
8125
8126 for (; ie + 1 < end; ie += 2 + ie[1]) {
8127 if (ie + len > end)
8128 break;
8129 if (os_memcmp(ie, elem, len) != 0)
8130 continue;
8131
8132 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
8133 wpabuf_free(wpa_s->vendor_elem[frame]);
8134 wpa_s->vendor_elem[frame] = NULL;
8135 } else {
8136 os_memmove(ie, ie + len, end - (ie + len));
8137 wpa_s->vendor_elem[frame]->used -= len;
8138 }
8139 wpas_vendor_elem_update(wpa_s);
8140 return 0;
8141 }
8142
8143 return -1;
8144 }
8145
8146
get_mode(struct hostapd_hw_modes * modes,u16 num_modes,enum hostapd_hw_mode mode,bool is_6ghz)8147 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
8148 u16 num_modes, enum hostapd_hw_mode mode,
8149 bool is_6ghz)
8150 {
8151 u16 i;
8152
8153 for (i = 0; i < num_modes; i++) {
8154 if (modes[i].mode != mode ||
8155 !modes[i].num_channels || !modes[i].channels)
8156 continue;
8157 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
8158 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
8159 return &modes[i];
8160 }
8161
8162 return NULL;
8163 }
8164
8165
8166 static struct
wpas_get_disallowed_bss(struct wpa_supplicant * wpa_s,const u8 * bssid)8167 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
8168 const u8 *bssid)
8169 {
8170 struct wpa_bss_tmp_disallowed *bss;
8171
8172 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
8173 struct wpa_bss_tmp_disallowed, list) {
8174 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
8175 return bss;
8176 }
8177
8178 return NULL;
8179 }
8180
8181
wpa_set_driver_tmp_disallow_list(struct wpa_supplicant * wpa_s)8182 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
8183 {
8184 struct wpa_bss_tmp_disallowed *tmp;
8185 unsigned int num_bssid = 0;
8186 u8 *bssids;
8187 int ret;
8188
8189 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
8190 if (!bssids)
8191 return -1;
8192 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8193 struct wpa_bss_tmp_disallowed, list) {
8194 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
8195 ETH_ALEN);
8196 num_bssid++;
8197 }
8198 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids);
8199 os_free(bssids);
8200 return ret;
8201 }
8202
8203
wpa_bss_tmp_disallow_timeout(void * eloop_ctx,void * timeout_ctx)8204 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
8205 {
8206 struct wpa_supplicant *wpa_s = eloop_ctx;
8207 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
8208
8209 /* Make sure the bss is not already freed */
8210 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8211 struct wpa_bss_tmp_disallowed, list) {
8212 if (bss == tmp) {
8213 dl_list_del(&tmp->list);
8214 os_free(tmp);
8215 wpa_set_driver_tmp_disallow_list(wpa_s);
8216 break;
8217 }
8218 }
8219 }
8220
8221
wpa_bss_tmp_disallow(struct wpa_supplicant * wpa_s,const u8 * bssid,unsigned int sec,int rssi_threshold)8222 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
8223 unsigned int sec, int rssi_threshold)
8224 {
8225 struct wpa_bss_tmp_disallowed *bss;
8226
8227 bss = wpas_get_disallowed_bss(wpa_s, bssid);
8228 if (bss) {
8229 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
8230 goto finish;
8231 }
8232
8233 bss = os_malloc(sizeof(*bss));
8234 if (!bss) {
8235 wpa_printf(MSG_DEBUG,
8236 "Failed to allocate memory for temp disallow BSS");
8237 return;
8238 }
8239
8240 os_memcpy(bss->bssid, bssid, ETH_ALEN);
8241 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
8242 wpa_set_driver_tmp_disallow_list(wpa_s);
8243
8244 finish:
8245 bss->rssi_threshold = rssi_threshold;
8246 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
8247 wpa_s, bss);
8248 }
8249
8250
wpa_is_bss_tmp_disallowed(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)8251 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
8252 struct wpa_bss *bss)
8253 {
8254 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
8255
8256 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
8257 struct wpa_bss_tmp_disallowed, list) {
8258 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
8259 disallowed = tmp;
8260 break;
8261 }
8262 }
8263 if (!disallowed)
8264 return 0;
8265
8266 if (disallowed->rssi_threshold != 0 &&
8267 bss->level > disallowed->rssi_threshold)
8268 return 0;
8269
8270 return 1;
8271 }
8272
8273
wpas_enable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type,const u8 * addr,const u8 * mask)8274 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
8275 unsigned int type, const u8 *addr,
8276 const u8 *mask)
8277 {
8278 if ((addr && !mask) || (!addr && mask)) {
8279 wpa_printf(MSG_INFO,
8280 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
8281 return -1;
8282 }
8283
8284 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
8285 wpa_printf(MSG_INFO,
8286 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
8287 return -1;
8288 }
8289
8290 if (type & MAC_ADDR_RAND_SCAN) {
8291 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
8292 addr, mask))
8293 return -1;
8294 }
8295
8296 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
8297 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
8298 addr, mask))
8299 return -1;
8300
8301 if (wpa_s->sched_scanning && !wpa_s->pno)
8302 wpas_scan_restart_sched_scan(wpa_s);
8303 }
8304
8305 if (type & MAC_ADDR_RAND_PNO) {
8306 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
8307 addr, mask))
8308 return -1;
8309
8310 if (wpa_s->pno) {
8311 wpas_stop_pno(wpa_s);
8312 wpas_start_pno(wpa_s);
8313 }
8314 }
8315
8316 return 0;
8317 }
8318
8319
wpas_disable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type)8320 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
8321 unsigned int type)
8322 {
8323 wpas_mac_addr_rand_scan_clear(wpa_s, type);
8324 if (wpa_s->pno) {
8325 if (type & MAC_ADDR_RAND_PNO) {
8326 wpas_stop_pno(wpa_s);
8327 wpas_start_pno(wpa_s);
8328 }
8329 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
8330 wpas_scan_restart_sched_scan(wpa_s);
8331 }
8332
8333 return 0;
8334 }
8335
8336
wpa_drv_signal_poll(struct wpa_supplicant * wpa_s,struct wpa_signal_info * si)8337 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
8338 struct wpa_signal_info *si)
8339 {
8340 int res;
8341
8342 if (!wpa_s->driver->signal_poll)
8343 return -1;
8344
8345 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
8346
8347 #ifdef CONFIG_TESTING_OPTIONS
8348 if (res == 0) {
8349 struct driver_signal_override *dso;
8350
8351 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8352 struct driver_signal_override, list) {
8353 if (os_memcmp(wpa_s->bssid, dso->bssid,
8354 ETH_ALEN) != 0)
8355 continue;
8356 wpa_printf(MSG_DEBUG,
8357 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
8358 si->current_signal,
8359 dso->si_current_signal,
8360 si->avg_signal,
8361 dso->si_avg_signal,
8362 si->avg_beacon_signal,
8363 dso->si_avg_beacon_signal,
8364 si->current_noise,
8365 dso->si_current_noise);
8366 si->current_signal = dso->si_current_signal;
8367 si->avg_signal = dso->si_avg_signal;
8368 si->avg_beacon_signal = dso->si_avg_beacon_signal;
8369 si->current_noise = dso->si_current_noise;
8370 break;
8371 }
8372 }
8373 #endif /* CONFIG_TESTING_OPTIONS */
8374
8375 return res;
8376 }
8377
8378
8379 struct wpa_scan_results *
wpa_drv_get_scan_results2(struct wpa_supplicant * wpa_s)8380 wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
8381 {
8382 struct wpa_scan_results *scan_res;
8383 #ifdef CONFIG_TESTING_OPTIONS
8384 size_t idx;
8385 #endif /* CONFIG_TESTING_OPTIONS */
8386
8387 if (!wpa_s->driver->get_scan_results2)
8388 return NULL;
8389
8390 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
8391
8392 #ifdef CONFIG_TESTING_OPTIONS
8393 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
8394 struct driver_signal_override *dso;
8395 struct wpa_scan_res *res = scan_res->res[idx];
8396
8397 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8398 struct driver_signal_override, list) {
8399 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
8400 continue;
8401 wpa_printf(MSG_DEBUG,
8402 "Override driver scan signal level %d->%d for "
8403 MACSTR,
8404 res->level, dso->scan_level,
8405 MAC2STR(res->bssid));
8406 res->flags |= WPA_SCAN_QUAL_INVALID;
8407 if (dso->scan_level < 0)
8408 res->flags |= WPA_SCAN_LEVEL_DBM;
8409 else
8410 res->flags &= ~WPA_SCAN_LEVEL_DBM;
8411 res->level = dso->scan_level;
8412 break;
8413 }
8414 }
8415 #endif /* CONFIG_TESTING_OPTIONS */
8416
8417 return scan_res;
8418 }
8419