1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2022, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/random.h"
21 #include "crypto/sha1.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_peer/eap_proxy.h"
25 #include "eap_server/eap_methods.h"
26 #include "rsn_supp/wpa.h"
27 #include "eloop.h"
28 #include "config.h"
29 #include "utils/ext_password.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_common.h"
40 #include "common/ieee802_11_defs.h"
41 #include "common/hw_features_common.h"
42 #include "common/gas_server.h"
43 #include "common/dpp.h"
44 #include "common/ptksa_cache.h"
45 #include "p2p/p2p.h"
46 #include "fst/fst.h"
47 #include "bssid_ignore.h"
48 #include "wpas_glue.h"
49 #include "wps_supplicant.h"
50 #include "ibss_rsn.h"
51 #include "sme.h"
52 #include "gas_query.h"
53 #include "ap.h"
54 #include "p2p_supplicant.h"
55 #include "wifi_display.h"
56 #include "notify.h"
57 #include "bgscan.h"
58 #include "autoscan.h"
59 #include "bss.h"
60 #include "scan.h"
61 #include "offchannel.h"
62 #include "hs20_supplicant.h"
63 #include "wnm_sta.h"
64 #include "wpas_kay.h"
65 #include "mesh.h"
66 #include "dpp_supplicant.h"
67 #ifdef CONFIG_MESH
68 #include "ap/ap_config.h"
69 #include "ap/hostapd.h"
70 #endif /* CONFIG_MESH */
71
72 const char *const wpa_supplicant_version =
73 "wpa_supplicant v" VERSION_STR "\n"
74 "Copyright (c) 2003-2022, Jouni Malinen <j@w1.fi> and contributors";
75
76 const char *const wpa_supplicant_license =
77 "This software may be distributed under the terms of the BSD license.\n"
78 "See README for more details.\n"
79 #ifdef EAP_TLS_OPENSSL
80 "\nThis product includes software developed by the OpenSSL Project\n"
81 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
82 #endif /* EAP_TLS_OPENSSL */
83 ;
84
85 #ifndef CONFIG_NO_STDOUT_DEBUG
86 /* Long text divided into parts in order to fit in C89 strings size limits. */
87 const char *const wpa_supplicant_full_license1 =
88 "";
89 const char *const wpa_supplicant_full_license2 =
90 "This software may be distributed under the terms of the BSD license.\n"
91 "\n"
92 "Redistribution and use in source and binary forms, with or without\n"
93 "modification, are permitted provided that the following conditions are\n"
94 "met:\n"
95 "\n";
96 const char *const wpa_supplicant_full_license3 =
97 "1. Redistributions of source code must retain the above copyright\n"
98 " notice, this list of conditions and the following disclaimer.\n"
99 "\n"
100 "2. Redistributions in binary form must reproduce the above copyright\n"
101 " notice, this list of conditions and the following disclaimer in the\n"
102 " documentation and/or other materials provided with the distribution.\n"
103 "\n";
104 const char *const wpa_supplicant_full_license4 =
105 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
106 " names of its contributors may be used to endorse or promote products\n"
107 " derived from this software without specific prior written permission.\n"
108 "\n"
109 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
110 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
111 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
112 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
113 const char *const wpa_supplicant_full_license5 =
114 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
115 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
116 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
117 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
118 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
119 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
120 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
121 "\n";
122 #endif /* CONFIG_NO_STDOUT_DEBUG */
123
124
125 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
126 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
127 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
128 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
129 #ifdef CONFIG_OWE
130 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
131 #endif /* CONFIG_OWE */
132
133
134 #ifdef CONFIG_WEP
135 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)136 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
137 {
138 int i, set = 0;
139
140 for (i = 0; i < NUM_WEP_KEYS; i++) {
141 if (ssid->wep_key_len[i] == 0)
142 continue;
143
144 set = 1;
145 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
146 i, i == ssid->wep_tx_keyidx, NULL, 0,
147 ssid->wep_key[i], ssid->wep_key_len[i],
148 i == ssid->wep_tx_keyidx ?
149 KEY_FLAG_GROUP_RX_TX_DEFAULT :
150 KEY_FLAG_GROUP_RX_TX);
151 }
152
153 return set;
154 }
155 #endif /* CONFIG_WEP */
156
157
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)158 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
159 struct wpa_ssid *ssid)
160 {
161 u8 key[32];
162 size_t keylen;
163 enum wpa_alg alg;
164 u8 seq[6] = { 0 };
165 int ret;
166
167 /* IBSS/WPA-None uses only one key (Group) for both receiving and
168 * sending unicast and multicast packets. */
169
170 if (ssid->mode != WPAS_MODE_IBSS) {
171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
172 "IBSS/ad-hoc) for WPA-None", ssid->mode);
173 return -1;
174 }
175
176 if (!ssid->psk_set) {
177 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
178 "WPA-None");
179 return -1;
180 }
181
182 switch (wpa_s->group_cipher) {
183 case WPA_CIPHER_CCMP:
184 os_memcpy(key, ssid->psk, 16);
185 keylen = 16;
186 alg = WPA_ALG_CCMP;
187 break;
188 case WPA_CIPHER_GCMP:
189 os_memcpy(key, ssid->psk, 16);
190 keylen = 16;
191 alg = WPA_ALG_GCMP;
192 break;
193 case WPA_CIPHER_TKIP:
194 /* WPA-None uses the same Michael MIC key for both TX and RX */
195 os_memcpy(key, ssid->psk, 16 + 8);
196 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
197 keylen = 32;
198 alg = WPA_ALG_TKIP;
199 break;
200 default:
201 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
202 "WPA-None", wpa_s->group_cipher);
203 return -1;
204 }
205
206 /* TODO: should actually remember the previously used seq#, both for TX
207 * and RX from each STA.. */
208
209 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen,
210 KEY_FLAG_GROUP_RX_TX_DEFAULT);
211 os_memset(key, 0, sizeof(key));
212 return ret;
213 }
214
215
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)216 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
217 {
218 struct wpa_supplicant *wpa_s = eloop_ctx;
219 const u8 *bssid = wpa_s->bssid;
220 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
221 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
222 wpa_s->wpa_state == WPA_ASSOCIATING))
223 bssid = wpa_s->pending_bssid;
224 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
225 MAC2STR(bssid));
226 wpa_bssid_ignore_add(wpa_s, bssid);
227 wpas_notify_auth_timeout(wpa_s);
228 wpa_sm_notify_disassoc(wpa_s->wpa);
229 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
230 wpa_s->reassociate = 1;
231
232 /*
233 * If we timed out, the AP or the local radio may be busy.
234 * So, wait a second until scanning again.
235 */
236 wpa_supplicant_req_scan(wpa_s, 1, 0);
237 }
238
239
240 /**
241 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
242 * @wpa_s: Pointer to wpa_supplicant data
243 * @sec: Number of seconds after which to time out authentication
244 * @usec: Number of microseconds after which to time out authentication
245 *
246 * This function is used to schedule a timeout for the current authentication
247 * attempt.
248 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)249 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
250 int sec, int usec)
251 {
252 if (wpa_s->conf->ap_scan == 0 &&
253 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
254 return;
255
256 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
257 "%d usec", sec, usec);
258 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
259 wpa_s->last_auth_timeout_sec = sec;
260 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
261 }
262
263
264 /*
265 * wpas_auth_timeout_restart - Restart and change timeout for authentication
266 * @wpa_s: Pointer to wpa_supplicant data
267 * @sec_diff: difference in seconds applied to original timeout value
268 */
wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)269 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
270 {
271 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
272
273 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
274 wpa_dbg(wpa_s, MSG_DEBUG,
275 "Authentication timeout restart: %d sec", new_sec);
276 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
277 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
278 wpa_s, NULL);
279 }
280 }
281
282
283 /**
284 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
285 * @wpa_s: Pointer to wpa_supplicant data
286 *
287 * This function is used to cancel authentication timeout scheduled with
288 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
289 * been completed.
290 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)291 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
292 {
293 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
294 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
295 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
296 os_free(wpa_s->last_con_fail_realm);
297 wpa_s->last_con_fail_realm = NULL;
298 wpa_s->last_con_fail_realm_len = 0;
299 }
300
301
302 /**
303 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
304 * @wpa_s: Pointer to wpa_supplicant data
305 *
306 * This function is used to configure EAPOL state machine based on the selected
307 * authentication mode.
308 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)309 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
310 {
311 #ifdef IEEE8021X_EAPOL
312 struct eapol_config eapol_conf;
313 struct wpa_ssid *ssid = wpa_s->current_ssid;
314
315 #ifdef CONFIG_IBSS_RSN
316 if (ssid->mode == WPAS_MODE_IBSS &&
317 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
318 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
319 /*
320 * RSN IBSS authentication is per-STA and we can disable the
321 * per-BSSID EAPOL authentication.
322 */
323 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
324 eapol_sm_notify_eap_success(wpa_s->eapol, true);
325 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
326 return;
327 }
328 #endif /* CONFIG_IBSS_RSN */
329
330 eapol_sm_notify_eap_success(wpa_s->eapol, false);
331 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
332
333 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
334 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
335 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
336 else
337 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
338
339 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
340 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
341 eapol_conf.accept_802_1x_keys = 1;
342 eapol_conf.required_keys = 0;
343 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
344 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
345 }
346 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
347 eapol_conf.required_keys |=
348 EAPOL_REQUIRE_KEY_BROADCAST;
349 }
350
351 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
352 eapol_conf.required_keys = 0;
353 }
354 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
355 eapol_conf.workaround = ssid->eap_workaround;
356 eapol_conf.eap_disabled =
357 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
358 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
359 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
360 eapol_conf.external_sim = wpa_s->conf->external_sim;
361
362 #ifdef CONFIG_WPS
363 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
364 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
365 if (wpa_s->current_bss) {
366 struct wpabuf *ie;
367 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
368 WPS_IE_VENDOR_TYPE);
369 if (ie) {
370 if (wps_is_20(ie))
371 eapol_conf.wps |=
372 EAPOL_PEER_IS_WPS20_AP;
373 wpabuf_free(ie);
374 }
375 }
376 }
377 #endif /* CONFIG_WPS */
378
379 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
380
381 #ifdef CONFIG_MACSEC
382 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
383 ieee802_1x_create_preshared_mka(wpa_s, ssid);
384 else
385 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
386 #endif /* CONFIG_MACSEC */
387 #endif /* IEEE8021X_EAPOL */
388 }
389
390
391 /**
392 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
393 * @wpa_s: Pointer to wpa_supplicant data
394 * @ssid: Configuration data for the network
395 *
396 * This function is used to configure WPA state machine and related parameters
397 * to a mode where WPA is not enabled. This is called as part of the
398 * authentication configuration when the selected network does not use WPA.
399 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)400 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
401 struct wpa_ssid *ssid)
402 {
403 #ifdef CONFIG_WEP
404 int i;
405 #endif /* CONFIG_WEP */
406
407 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
408 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
409 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
410 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
411 else
412 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
413 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
414 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
415 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
416 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
417 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
418 wpa_s->rsnxe_len = 0;
419 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
420 wpa_s->group_cipher = WPA_CIPHER_NONE;
421 wpa_s->mgmt_group_cipher = 0;
422
423 #ifdef CONFIG_WEP
424 for (i = 0; i < NUM_WEP_KEYS; i++) {
425 if (ssid->wep_key_len[i] > 5) {
426 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
427 wpa_s->group_cipher = WPA_CIPHER_WEP104;
428 break;
429 } else if (ssid->wep_key_len[i] > 0) {
430 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
431 wpa_s->group_cipher = WPA_CIPHER_WEP40;
432 break;
433 }
434 }
435 #endif /* CONFIG_WEP */
436
437 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
438 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
439 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
440 wpa_s->pairwise_cipher);
441 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
442 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
443 wpa_s->mgmt_group_cipher);
444
445 pmksa_cache_clear_current(wpa_s->wpa);
446 }
447
448
free_hw_features(struct wpa_supplicant * wpa_s)449 void free_hw_features(struct wpa_supplicant *wpa_s)
450 {
451 int i;
452 if (wpa_s->hw.modes == NULL)
453 return;
454
455 for (i = 0; i < wpa_s->hw.num_modes; i++) {
456 os_free(wpa_s->hw.modes[i].channels);
457 os_free(wpa_s->hw.modes[i].rates);
458 }
459
460 os_free(wpa_s->hw.modes);
461 wpa_s->hw.modes = NULL;
462 }
463
464
remove_bss_tmp_disallowed_entry(struct wpa_supplicant * wpa_s,struct wpa_bss_tmp_disallowed * bss)465 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s,
466 struct wpa_bss_tmp_disallowed *bss)
467 {
468 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
469 dl_list_del(&bss->list);
470 os_free(bss);
471 }
472
473
free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)474 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
475 {
476 struct wpa_bss_tmp_disallowed *bss, *prev;
477
478 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
479 struct wpa_bss_tmp_disallowed, list)
480 remove_bss_tmp_disallowed_entry(wpa_s, bss);
481 }
482
483
wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)484 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
485 {
486 struct fils_hlp_req *req;
487
488 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
489 list)) != NULL) {
490 dl_list_del(&req->list);
491 wpabuf_free(req->pkt);
492 os_free(req);
493 }
494 }
495
496
wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)497 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
498 {
499 struct wpa_supplicant *wpa_s = eloop_ctx;
500
501 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
502 return;
503 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
504 wpa_bss_flush(wpa_s);
505 }
506
507
508 #ifdef CONFIG_TESTING_OPTIONS
wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)509 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
510 {
511 struct driver_signal_override *dso;
512
513 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
514 struct driver_signal_override, list))) {
515 dl_list_del(&dso->list);
516 os_free(dso);
517 }
518 }
519 #endif /* CONFIG_TESTING_OPTIONS */
520
521
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)522 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
523 {
524 int i;
525
526 bgscan_deinit(wpa_s);
527 autoscan_deinit(wpa_s);
528 scard_deinit(wpa_s->scard);
529 wpa_s->scard = NULL;
530 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
531 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
532 l2_packet_deinit(wpa_s->l2);
533 wpa_s->l2 = NULL;
534 if (wpa_s->l2_br) {
535 l2_packet_deinit(wpa_s->l2_br);
536 wpa_s->l2_br = NULL;
537 }
538 #ifdef CONFIG_TESTING_OPTIONS
539 l2_packet_deinit(wpa_s->l2_test);
540 wpa_s->l2_test = NULL;
541 os_free(wpa_s->get_pref_freq_list_override);
542 wpa_s->get_pref_freq_list_override = NULL;
543 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
544 wpa_s->last_assoc_req_wpa_ie = NULL;
545 os_free(wpa_s->extra_sae_rejected_groups);
546 wpa_s->extra_sae_rejected_groups = NULL;
547 wpabuf_free(wpa_s->rsne_override_eapol);
548 wpa_s->rsne_override_eapol = NULL;
549 wpabuf_free(wpa_s->rsnxe_override_assoc);
550 wpa_s->rsnxe_override_assoc = NULL;
551 wpabuf_free(wpa_s->rsnxe_override_eapol);
552 wpa_s->rsnxe_override_eapol = NULL;
553 wpas_clear_driver_signal_override(wpa_s);
554 #endif /* CONFIG_TESTING_OPTIONS */
555
556 if (wpa_s->conf != NULL) {
557 struct wpa_ssid *ssid;
558 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
559 wpas_notify_network_removed(wpa_s, ssid);
560 }
561
562 os_free(wpa_s->confname);
563 wpa_s->confname = NULL;
564
565 os_free(wpa_s->confanother);
566 wpa_s->confanother = NULL;
567
568 os_free(wpa_s->last_con_fail_realm);
569 wpa_s->last_con_fail_realm = NULL;
570 wpa_s->last_con_fail_realm_len = 0;
571
572 wpa_sm_set_eapol(wpa_s->wpa, NULL);
573 eapol_sm_deinit(wpa_s->eapol);
574 wpa_s->eapol = NULL;
575
576 rsn_preauth_deinit(wpa_s->wpa);
577
578 #ifdef CONFIG_TDLS
579 wpa_tdls_deinit(wpa_s->wpa);
580 #endif /* CONFIG_TDLS */
581
582 wmm_ac_clear_saved_tspecs(wpa_s);
583 pmksa_candidate_free(wpa_s->wpa);
584 ptksa_cache_deinit(wpa_s->ptksa);
585 wpa_s->ptksa = NULL;
586 wpa_sm_deinit(wpa_s->wpa);
587 wpa_s->wpa = NULL;
588 wpa_bssid_ignore_clear(wpa_s);
589
590 #ifdef CONFIG_PASN
591 wpas_pasn_auth_stop(wpa_s);
592 #endif /* CONFIG_PASN */
593
594 wpa_bss_deinit(wpa_s);
595
596 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
597 wpa_supplicant_cancel_scan(wpa_s);
598 wpa_supplicant_cancel_auth_timeout(wpa_s);
599 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
600 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
601 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
602 wpa_s, NULL);
603 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
604
605 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
606 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
607
608 wpas_wps_deinit(wpa_s);
609
610 wpabuf_free(wpa_s->pending_eapol_rx);
611 wpa_s->pending_eapol_rx = NULL;
612
613 #ifdef CONFIG_IBSS_RSN
614 ibss_rsn_deinit(wpa_s->ibss_rsn);
615 wpa_s->ibss_rsn = NULL;
616 #endif /* CONFIG_IBSS_RSN */
617
618 sme_deinit(wpa_s);
619
620 #ifdef CONFIG_AP
621 wpa_supplicant_ap_deinit(wpa_s);
622 #endif /* CONFIG_AP */
623
624 wpas_p2p_deinit(wpa_s);
625
626 #ifdef CONFIG_OFFCHANNEL
627 offchannel_deinit(wpa_s);
628 #endif /* CONFIG_OFFCHANNEL */
629
630 wpa_supplicant_cancel_sched_scan(wpa_s);
631
632 os_free(wpa_s->next_scan_freqs);
633 wpa_s->next_scan_freqs = NULL;
634
635 os_free(wpa_s->manual_scan_freqs);
636 wpa_s->manual_scan_freqs = NULL;
637 os_free(wpa_s->select_network_scan_freqs);
638 wpa_s->select_network_scan_freqs = NULL;
639
640 os_free(wpa_s->manual_sched_scan_freqs);
641 wpa_s->manual_sched_scan_freqs = NULL;
642
643 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
644
645 /*
646 * Need to remove any pending gas-query radio work before the
647 * gas_query_deinit() call because gas_query::work has not yet been set
648 * for works that have not been started. gas_query_free() will be unable
649 * to cancel such pending radio works and once the pending gas-query
650 * radio work eventually gets removed, the deinit notification call to
651 * gas_query_start_cb() would result in dereferencing freed memory.
652 */
653 if (wpa_s->radio)
654 radio_remove_works(wpa_s, "gas-query", 0);
655 gas_query_deinit(wpa_s->gas);
656 wpa_s->gas = NULL;
657 gas_server_deinit(wpa_s->gas_server);
658 wpa_s->gas_server = NULL;
659
660 free_hw_features(wpa_s);
661
662 ieee802_1x_dealloc_kay_sm(wpa_s);
663
664 os_free(wpa_s->bssid_filter);
665 wpa_s->bssid_filter = NULL;
666
667 os_free(wpa_s->disallow_aps_bssid);
668 wpa_s->disallow_aps_bssid = NULL;
669 os_free(wpa_s->disallow_aps_ssid);
670 wpa_s->disallow_aps_ssid = NULL;
671
672 wnm_bss_keep_alive_deinit(wpa_s);
673 #ifdef CONFIG_WNM
674 wnm_deallocate_memory(wpa_s);
675 #endif /* CONFIG_WNM */
676
677 ext_password_deinit(wpa_s->ext_pw);
678 wpa_s->ext_pw = NULL;
679
680 wpabuf_free(wpa_s->last_gas_resp);
681 wpa_s->last_gas_resp = NULL;
682 wpabuf_free(wpa_s->prev_gas_resp);
683 wpa_s->prev_gas_resp = NULL;
684
685 os_free(wpa_s->last_scan_res);
686 wpa_s->last_scan_res = NULL;
687
688 #ifdef CONFIG_HS20
689 if (wpa_s->drv_priv)
690 wpa_drv_configure_frame_filters(wpa_s, 0);
691 hs20_deinit(wpa_s);
692 #endif /* CONFIG_HS20 */
693
694 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
695 wpabuf_free(wpa_s->vendor_elem[i]);
696 wpa_s->vendor_elem[i] = NULL;
697 }
698
699 wmm_ac_notify_disassoc(wpa_s);
700
701 wpa_s->sched_scan_plans_num = 0;
702 os_free(wpa_s->sched_scan_plans);
703 wpa_s->sched_scan_plans = NULL;
704
705 #ifdef CONFIG_MBO
706 wpa_s->non_pref_chan_num = 0;
707 os_free(wpa_s->non_pref_chan);
708 wpa_s->non_pref_chan = NULL;
709 #endif /* CONFIG_MBO */
710
711 free_bss_tmp_disallowed(wpa_s);
712
713 wpabuf_free(wpa_s->lci);
714 wpa_s->lci = NULL;
715 wpas_clear_beacon_rep_data(wpa_s);
716
717 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
718 #ifdef CONFIG_MESH
719 {
720 struct external_pmksa_cache *entry;
721
722 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
723 struct external_pmksa_cache,
724 list)) != NULL) {
725 dl_list_del(&entry->list);
726 os_free(entry->pmksa_cache);
727 os_free(entry);
728 }
729 }
730 #endif /* CONFIG_MESH */
731 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
732
733 wpas_flush_fils_hlp_req(wpa_s);
734
735 wpabuf_free(wpa_s->ric_ies);
736 wpa_s->ric_ies = NULL;
737
738 #ifdef CONFIG_DPP
739 wpas_dpp_deinit(wpa_s);
740 dpp_global_deinit(wpa_s->dpp);
741 wpa_s->dpp = NULL;
742 #endif /* CONFIG_DPP */
743
744 #ifdef CONFIG_PASN
745 wpas_pasn_auth_stop(wpa_s);
746 #endif /* CONFIG_PASN */
747 wpas_scs_deinit(wpa_s);
748 wpas_dscp_deinit(wpa_s);
749 }
750
751
752 /**
753 * wpa_clear_keys - Clear keys configured for the driver
754 * @wpa_s: Pointer to wpa_supplicant data
755 * @addr: Previously used BSSID or %NULL if not available
756 *
757 * This function clears the encryption keys that has been previously configured
758 * for the driver.
759 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)760 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
761 {
762 int i, max = 6;
763
764 /* MLME-DELETEKEYS.request */
765 for (i = 0; i < max; i++) {
766 if (wpa_s->keys_cleared & BIT(i))
767 continue;
768 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
769 NULL, 0, KEY_FLAG_GROUP);
770 }
771 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
772 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
773 !is_zero_ether_addr(addr)) {
774 if (!(wpa_s->keys_cleared & BIT(0)))
775 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL,
776 0, NULL, 0, KEY_FLAG_PAIRWISE);
777 if (!(wpa_s->keys_cleared & BIT(15)))
778 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL,
779 0, NULL, 0, KEY_FLAG_PAIRWISE);
780 /* MLME-SETPROTECTION.request(None) */
781 wpa_drv_mlme_setprotection(
782 wpa_s, addr,
783 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
784 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
785 }
786 wpa_s->keys_cleared = (u32) -1;
787 }
788
789
790 /**
791 * wpa_supplicant_state_txt - Get the connection state name as a text string
792 * @state: State (wpa_state; WPA_*)
793 * Returns: The state name as a printable text string
794 */
wpa_supplicant_state_txt(enum wpa_states state)795 const char * wpa_supplicant_state_txt(enum wpa_states state)
796 {
797 switch (state) {
798 case WPA_DISCONNECTED:
799 return "DISCONNECTED";
800 case WPA_INACTIVE:
801 return "INACTIVE";
802 case WPA_INTERFACE_DISABLED:
803 return "INTERFACE_DISABLED";
804 case WPA_SCANNING:
805 return "SCANNING";
806 case WPA_AUTHENTICATING:
807 return "AUTHENTICATING";
808 case WPA_ASSOCIATING:
809 return "ASSOCIATING";
810 case WPA_ASSOCIATED:
811 return "ASSOCIATED";
812 case WPA_4WAY_HANDSHAKE:
813 return "4WAY_HANDSHAKE";
814 case WPA_GROUP_HANDSHAKE:
815 return "GROUP_HANDSHAKE";
816 case WPA_COMPLETED:
817 return "COMPLETED";
818 default:
819 return "UNKNOWN";
820 }
821 }
822
823
824 #ifdef CONFIG_BGSCAN
825
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)826 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
827 {
828 if (wpa_s->bgscan_ssid) {
829 bgscan_deinit(wpa_s);
830 wpa_s->bgscan_ssid = NULL;
831 }
832 }
833
834
835 /**
836 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
837 * @wpa_s: Pointer to the wpa_supplicant data
838 *
839 * Stop, start, or reconfigure the scan parameters depending on the method.
840 */
wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)841 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
842 {
843 const char *name;
844
845 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
846 name = wpa_s->current_ssid->bgscan;
847 else
848 name = wpa_s->conf->bgscan;
849 if (!name || name[0] == '\0') {
850 wpa_supplicant_stop_bgscan(wpa_s);
851 return;
852 }
853 if (wpas_driver_bss_selection(wpa_s))
854 return;
855 #ifdef CONFIG_P2P
856 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
857 return;
858 #endif /* CONFIG_P2P */
859
860 bgscan_deinit(wpa_s);
861 if (wpa_s->current_ssid) {
862 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
863 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
864 "bgscan");
865 /*
866 * Live without bgscan; it is only used as a roaming
867 * optimization, so the initial connection is not
868 * affected.
869 */
870 } else {
871 struct wpa_scan_results *scan_res;
872 wpa_s->bgscan_ssid = wpa_s->current_ssid;
873 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
874 0);
875 if (scan_res) {
876 bgscan_notify_scan(wpa_s, scan_res);
877 wpa_scan_results_free(scan_res);
878 }
879 }
880 } else
881 wpa_s->bgscan_ssid = NULL;
882 }
883
884 #endif /* CONFIG_BGSCAN */
885
886
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)887 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
888 {
889 if (autoscan_init(wpa_s, 0))
890 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
891 }
892
893
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)894 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
895 {
896 autoscan_deinit(wpa_s);
897 }
898
899
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)900 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
901 {
902 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
903 wpa_s->wpa_state == WPA_SCANNING) {
904 autoscan_deinit(wpa_s);
905 wpa_supplicant_start_autoscan(wpa_s);
906 }
907 }
908
909
910 /**
911 * wpa_supplicant_set_state - Set current connection state
912 * @wpa_s: Pointer to wpa_supplicant data
913 * @state: The new connection state
914 *
915 * This function is called whenever the connection state changes, e.g.,
916 * association is completed for WPA/WPA2 4-Way Handshake is started.
917 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)918 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
919 enum wpa_states state)
920 {
921 enum wpa_states old_state = wpa_s->wpa_state;
922 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
923 bool update_fils_connect_params = false;
924 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
925
926 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
927 wpa_supplicant_state_txt(wpa_s->wpa_state),
928 wpa_supplicant_state_txt(state));
929
930 if (state == WPA_COMPLETED &&
931 os_reltime_initialized(&wpa_s->roam_start)) {
932 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
933 wpa_s->roam_start.sec = 0;
934 wpa_s->roam_start.usec = 0;
935 wpas_notify_auth_changed(wpa_s);
936 wpas_notify_roam_time(wpa_s);
937 wpas_notify_roam_complete(wpa_s);
938 } else if (state == WPA_DISCONNECTED &&
939 os_reltime_initialized(&wpa_s->roam_start)) {
940 wpa_s->roam_start.sec = 0;
941 wpa_s->roam_start.usec = 0;
942 wpa_s->roam_time.sec = 0;
943 wpa_s->roam_time.usec = 0;
944 wpas_notify_roam_complete(wpa_s);
945 }
946
947 if (state == WPA_INTERFACE_DISABLED) {
948 /* Assure normal scan when interface is restored */
949 wpa_s->normal_scans = 0;
950 }
951
952 if (state == WPA_COMPLETED) {
953 wpas_connect_work_done(wpa_s);
954 /* Reinitialize normal_scan counter */
955 wpa_s->normal_scans = 0;
956 }
957
958 #ifdef CONFIG_P2P
959 /*
960 * P2PS client has to reply to Probe Request frames received on the
961 * group operating channel. Enable Probe Request frame reporting for
962 * P2P connected client in case p2p_cli_probe configuration property is
963 * set to 1.
964 */
965 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
966 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
967 wpa_s->current_ssid->p2p_group) {
968 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
969 wpa_dbg(wpa_s, MSG_DEBUG,
970 "P2P: Enable CLI Probe Request RX reporting");
971 wpa_s->p2p_cli_probe =
972 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
973 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
974 wpa_dbg(wpa_s, MSG_DEBUG,
975 "P2P: Disable CLI Probe Request RX reporting");
976 wpa_s->p2p_cli_probe = 0;
977 wpa_drv_probe_req_report(wpa_s, 0);
978 }
979 }
980 #endif /* CONFIG_P2P */
981
982 if (state != WPA_SCANNING)
983 wpa_supplicant_notify_scanning(wpa_s, 0);
984
985 if (state == WPA_COMPLETED && wpa_s->new_connection) {
986 struct wpa_ssid *ssid = wpa_s->current_ssid;
987 int fils_hlp_sent = 0;
988
989 #ifdef CONFIG_SME
990 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
991 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
992 fils_hlp_sent = 1;
993 #endif /* CONFIG_SME */
994 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
995 wpa_auth_alg_fils(wpa_s->auth_alg))
996 fils_hlp_sent = 1;
997
998 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
999 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1000 MACSTR " completed [id=%d id_str=%s%s]",
1001 MAC2STR(wpa_s->bssid),
1002 ssid ? ssid->id : -1,
1003 ssid && ssid->id_str ? ssid->id_str : "",
1004 fils_hlp_sent ? " FILS_HLP_SENT" : "");
1005 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1006 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1007 wpa_s->consecutive_conn_failures = 0;
1008 wpa_s->new_connection = 0;
1009 wpa_drv_set_operstate(wpa_s, 1);
1010 #ifndef IEEE8021X_EAPOL
1011 wpa_drv_set_supp_port(wpa_s, 1);
1012 #endif /* IEEE8021X_EAPOL */
1013 wpa_s->after_wps = 0;
1014 wpa_s->known_wps_freq = 0;
1015 wpas_p2p_completed(wpa_s);
1016
1017 sme_sched_obss_scan(wpa_s, 1);
1018
1019 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1020 if (!fils_hlp_sent && ssid && ssid->eap.erp)
1021 update_fils_connect_params = true;
1022 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1023 #ifdef CONFIG_OWE
1024 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1025 wpas_update_owe_connect_params(wpa_s);
1026 #endif /* CONFIG_OWE */
1027 #ifdef CONFIG_HS20
1028 hs20_configure_frame_filters(wpa_s);
1029 #endif
1030 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1031 state == WPA_ASSOCIATED) {
1032 wpa_s->new_connection = 1;
1033 wpa_drv_set_operstate(wpa_s, 0);
1034 #ifndef IEEE8021X_EAPOL
1035 wpa_drv_set_supp_port(wpa_s, 0);
1036 #endif /* IEEE8021X_EAPOL */
1037 sme_sched_obss_scan(wpa_s, 0);
1038 }
1039 wpa_s->wpa_state = state;
1040
1041 #ifdef CONFIG_BGSCAN
1042 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1043 wpa_supplicant_reset_bgscan(wpa_s);
1044 else if (state < WPA_ASSOCIATED)
1045 wpa_supplicant_stop_bgscan(wpa_s);
1046 #endif /* CONFIG_BGSCAN */
1047
1048 if (state > WPA_SCANNING)
1049 wpa_supplicant_stop_autoscan(wpa_s);
1050
1051 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1052 wpa_supplicant_start_autoscan(wpa_s);
1053
1054 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1055 wmm_ac_notify_disassoc(wpa_s);
1056
1057 if (wpa_s->wpa_state != old_state) {
1058 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1059
1060 /*
1061 * Notify the P2P Device interface about a state change in one
1062 * of the interfaces.
1063 */
1064 wpas_p2p_indicate_state_change(wpa_s);
1065
1066 if (wpa_s->wpa_state == WPA_COMPLETED ||
1067 old_state == WPA_COMPLETED)
1068 wpas_notify_auth_changed(wpa_s);
1069 #ifdef CONFIG_DPP2
1070 if (wpa_s->wpa_state == WPA_COMPLETED)
1071 wpas_dpp_connected(wpa_s);
1072 #endif /* CONFIG_DPP2 */
1073 }
1074 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1075 if (update_fils_connect_params)
1076 wpas_update_fils_connect_params(wpa_s);
1077 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1078 }
1079
1080
wpa_supplicant_terminate_proc(struct wpa_global * global)1081 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1082 {
1083 int pending = 0;
1084 #ifdef CONFIG_WPS
1085 struct wpa_supplicant *wpa_s = global->ifaces;
1086 while (wpa_s) {
1087 struct wpa_supplicant *next = wpa_s->next;
1088 if (wpas_wps_terminate_pending(wpa_s) == 1)
1089 pending = 1;
1090 #ifdef CONFIG_P2P
1091 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1092 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1093 wpas_p2p_disconnect(wpa_s);
1094 #endif /* CONFIG_P2P */
1095 wpa_s = next;
1096 }
1097 #endif /* CONFIG_WPS */
1098 if (pending)
1099 return;
1100 eloop_terminate();
1101 }
1102
1103
wpa_supplicant_terminate(int sig,void * signal_ctx)1104 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1105 {
1106 struct wpa_global *global = signal_ctx;
1107 wpa_supplicant_terminate_proc(global);
1108 }
1109
1110
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1111 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1112 {
1113 enum wpa_states old_state = wpa_s->wpa_state;
1114 enum wpa_states new_state;
1115
1116 if (old_state == WPA_SCANNING)
1117 new_state = WPA_SCANNING;
1118 else
1119 new_state = WPA_DISCONNECTED;
1120
1121 wpa_s->pairwise_cipher = 0;
1122 wpa_s->group_cipher = 0;
1123 wpa_s->mgmt_group_cipher = 0;
1124 wpa_s->key_mgmt = 0;
1125 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1126 wpa_supplicant_set_state(wpa_s, new_state);
1127
1128 if (wpa_s->wpa_state != old_state)
1129 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1130 }
1131
1132
1133 /**
1134 * wpa_supplicant_reload_configuration - Reload configuration data
1135 * @wpa_s: Pointer to wpa_supplicant data
1136 * Returns: 0 on success or -1 if configuration parsing failed
1137 *
1138 * This function can be used to request that the configuration data is reloaded
1139 * (e.g., after configuration file change). This function is reloading
1140 * configuration only for one interface, so this may need to be called multiple
1141 * times if %wpa_supplicant is controlling multiple interfaces and all
1142 * interfaces need reconfiguration.
1143 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1144 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1145 {
1146 struct wpa_config *conf;
1147 int reconf_ctrl;
1148 int old_ap_scan;
1149
1150 if (wpa_s->confname == NULL)
1151 return -1;
1152 conf = wpa_config_read(wpa_s->confname, NULL);
1153 if (conf == NULL) {
1154 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1155 "file '%s' - exiting", wpa_s->confname);
1156 return -1;
1157 }
1158 if (wpa_s->confanother &&
1159 !wpa_config_read(wpa_s->confanother, conf)) {
1160 wpa_msg(wpa_s, MSG_ERROR,
1161 "Failed to parse the configuration file '%s' - exiting",
1162 wpa_s->confanother);
1163 return -1;
1164 }
1165
1166 conf->changed_parameters = (unsigned int) -1;
1167
1168 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1169 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1170 os_strcmp(conf->ctrl_interface,
1171 wpa_s->conf->ctrl_interface) != 0);
1172
1173 if (reconf_ctrl) {
1174 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1175 wpa_s->ctrl_iface = NULL;
1176 }
1177
1178 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1179 if (wpa_s->current_ssid) {
1180 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1181 wpa_s->own_disconnect_req = 1;
1182 wpa_supplicant_deauthenticate(wpa_s,
1183 WLAN_REASON_DEAUTH_LEAVING);
1184 }
1185
1186 /*
1187 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1188 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1189 */
1190 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1191 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1192 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1193 /*
1194 * Clear forced success to clear EAP state for next
1195 * authentication.
1196 */
1197 eapol_sm_notify_eap_success(wpa_s->eapol, false);
1198 }
1199 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1200 wpa_sm_set_config(wpa_s->wpa, NULL);
1201 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1202 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1203 rsn_preauth_deinit(wpa_s->wpa);
1204
1205 old_ap_scan = wpa_s->conf->ap_scan;
1206 wpa_config_free(wpa_s->conf);
1207 wpa_s->conf = conf;
1208 if (old_ap_scan != wpa_s->conf->ap_scan)
1209 wpas_notify_ap_scan_changed(wpa_s);
1210
1211 if (reconf_ctrl)
1212 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1213
1214 wpa_supplicant_update_config(wpa_s);
1215
1216 wpa_supplicant_clear_status(wpa_s);
1217 if (wpa_supplicant_enabled_networks(wpa_s)) {
1218 wpa_s->reassociate = 1;
1219 wpa_supplicant_req_scan(wpa_s, 0, 0);
1220 }
1221 wpa_bssid_ignore_clear(wpa_s);
1222 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1223 return 0;
1224 }
1225
1226
wpa_supplicant_reconfig(int sig,void * signal_ctx)1227 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1228 {
1229 struct wpa_global *global = signal_ctx;
1230 struct wpa_supplicant *wpa_s;
1231 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1232 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1233 sig);
1234 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1235 wpa_supplicant_terminate_proc(global);
1236 }
1237 }
1238
1239 if (wpa_debug_reopen_file() < 0) {
1240 /* Ignore errors since we cannot really do much to fix this */
1241 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1242 }
1243 }
1244
1245
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1246 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1247 struct wpa_ssid *ssid,
1248 struct wpa_ie_data *ie)
1249 {
1250 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1251 if (ret) {
1252 if (ret == -2) {
1253 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1254 "from association info");
1255 }
1256 return -1;
1257 }
1258
1259 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1260 "cipher suites");
1261 if (!(ie->group_cipher & ssid->group_cipher)) {
1262 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1263 "cipher 0x%x (mask 0x%x) - reject",
1264 ie->group_cipher, ssid->group_cipher);
1265 return -1;
1266 }
1267 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1268 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1269 "cipher 0x%x (mask 0x%x) - reject",
1270 ie->pairwise_cipher, ssid->pairwise_cipher);
1271 return -1;
1272 }
1273 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1274 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1275 "management 0x%x (mask 0x%x) - reject",
1276 ie->key_mgmt, ssid->key_mgmt);
1277 return -1;
1278 }
1279
1280 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1281 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1282 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1283 "that does not support management frame protection - "
1284 "reject");
1285 return -1;
1286 }
1287
1288 return 0;
1289 }
1290
1291
matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1292 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1293 int freq)
1294 {
1295 if (!ie->has_group)
1296 ie->group_cipher = wpa_default_rsn_cipher(freq);
1297 if (!ie->has_pairwise)
1298 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1299 return (ie->group_cipher & ssid->group_cipher) &&
1300 (ie->pairwise_cipher & ssid->pairwise_cipher);
1301 }
1302
1303
wpas_set_mgmt_group_cipher(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1304 void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
1305 struct wpa_ssid *ssid, struct wpa_ie_data *ie)
1306 {
1307 int sel;
1308
1309 sel = ie->mgmt_group_cipher;
1310 if (ssid->group_mgmt_cipher)
1311 sel &= ssid->group_mgmt_cipher;
1312 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1313 !(ie->capabilities & WPA_CAPABILITY_MFPC))
1314 sel = 0;
1315 wpa_dbg(wpa_s, MSG_DEBUG,
1316 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1317 ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1318 if (sel & WPA_CIPHER_AES_128_CMAC) {
1319 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1320 wpa_dbg(wpa_s, MSG_DEBUG,
1321 "WPA: using MGMT group cipher AES-128-CMAC");
1322 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1323 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1324 wpa_dbg(wpa_s, MSG_DEBUG,
1325 "WPA: using MGMT group cipher BIP-GMAC-128");
1326 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1327 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1328 wpa_dbg(wpa_s, MSG_DEBUG,
1329 "WPA: using MGMT group cipher BIP-GMAC-256");
1330 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1331 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1332 wpa_dbg(wpa_s, MSG_DEBUG,
1333 "WPA: using MGMT group cipher BIP-CMAC-256");
1334 } else {
1335 wpa_s->mgmt_group_cipher = 0;
1336 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1337 }
1338 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1339 wpa_s->mgmt_group_cipher);
1340 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1341 wpas_get_ssid_pmf(wpa_s, ssid));
1342 }
1343
1344
1345 /**
1346 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1347 * @wpa_s: Pointer to wpa_supplicant data
1348 * @bss: Scan results for the selected BSS, or %NULL if not available
1349 * @ssid: Configuration data for the selected network
1350 * @wpa_ie: Buffer for the WPA/RSN IE
1351 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1352 * used buffer length in case the functions returns success.
1353 * Returns: 0 on success or -1 on failure
1354 *
1355 * This function is used to configure authentication and encryption parameters
1356 * based on the network configuration and scan result for the selected BSS (if
1357 * available).
1358 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len)1359 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1360 struct wpa_bss *bss, struct wpa_ssid *ssid,
1361 u8 *wpa_ie, size_t *wpa_ie_len)
1362 {
1363 struct wpa_ie_data ie;
1364 int sel, proto, sae_pwe;
1365 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1366
1367 if (bss) {
1368 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1369 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1370 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1371 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1372 } else {
1373 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1374 }
1375
1376 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1377 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1378 matching_ciphers(ssid, &ie, bss->freq) &&
1379 (ie.key_mgmt & ssid->key_mgmt)) {
1380 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1381 proto = WPA_PROTO_RSN;
1382 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1383 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1384 (ie.group_cipher & ssid->group_cipher) &&
1385 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1386 (ie.key_mgmt & ssid->key_mgmt)) {
1387 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1388 proto = WPA_PROTO_WPA;
1389 #ifdef CONFIG_HS20
1390 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1391 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1392 (ie.group_cipher & ssid->group_cipher) &&
1393 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1394 (ie.key_mgmt & ssid->key_mgmt)) {
1395 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1396 proto = WPA_PROTO_OSEN;
1397 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1398 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1399 (ie.group_cipher & ssid->group_cipher) &&
1400 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1401 (ie.key_mgmt & ssid->key_mgmt)) {
1402 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1403 proto = WPA_PROTO_RSN;
1404 #endif /* CONFIG_HS20 */
1405 } else if (bss) {
1406 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1407 wpa_dbg(wpa_s, MSG_DEBUG,
1408 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1409 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1410 ssid->key_mgmt);
1411 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1412 MAC2STR(bss->bssid),
1413 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1414 bss_wpa ? " WPA" : "",
1415 bss_rsn ? " RSN" : "",
1416 bss_osen ? " OSEN" : "");
1417 if (bss_rsn) {
1418 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1419 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1420 wpa_dbg(wpa_s, MSG_DEBUG,
1421 "Could not parse RSN element");
1422 } else {
1423 wpa_dbg(wpa_s, MSG_DEBUG,
1424 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1425 ie.pairwise_cipher, ie.group_cipher,
1426 ie.key_mgmt);
1427 }
1428 }
1429 if (bss_wpa) {
1430 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1431 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1432 wpa_dbg(wpa_s, MSG_DEBUG,
1433 "Could not parse WPA element");
1434 } else {
1435 wpa_dbg(wpa_s, MSG_DEBUG,
1436 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1437 ie.pairwise_cipher, ie.group_cipher,
1438 ie.key_mgmt);
1439 }
1440 }
1441 return -1;
1442 } else {
1443 if (ssid->proto & WPA_PROTO_OSEN)
1444 proto = WPA_PROTO_OSEN;
1445 else if (ssid->proto & WPA_PROTO_RSN)
1446 proto = WPA_PROTO_RSN;
1447 else
1448 proto = WPA_PROTO_WPA;
1449 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1450 os_memset(&ie, 0, sizeof(ie));
1451 ie.group_cipher = ssid->group_cipher;
1452 ie.pairwise_cipher = ssid->pairwise_cipher;
1453 ie.key_mgmt = ssid->key_mgmt;
1454 ie.mgmt_group_cipher = 0;
1455 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1456 if (ssid->group_mgmt_cipher &
1457 WPA_CIPHER_BIP_GMAC_256)
1458 ie.mgmt_group_cipher =
1459 WPA_CIPHER_BIP_GMAC_256;
1460 else if (ssid->group_mgmt_cipher &
1461 WPA_CIPHER_BIP_CMAC_256)
1462 ie.mgmt_group_cipher =
1463 WPA_CIPHER_BIP_CMAC_256;
1464 else if (ssid->group_mgmt_cipher &
1465 WPA_CIPHER_BIP_GMAC_128)
1466 ie.mgmt_group_cipher =
1467 WPA_CIPHER_BIP_GMAC_128;
1468 else
1469 ie.mgmt_group_cipher =
1470 WPA_CIPHER_AES_128_CMAC;
1471 }
1472 #ifdef CONFIG_OWE
1473 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1474 !ssid->owe_only &&
1475 !bss_wpa && !bss_rsn && !bss_osen) {
1476 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1477 wpa_s->wpa_proto = 0;
1478 *wpa_ie_len = 0;
1479 return 0;
1480 }
1481 #endif /* CONFIG_OWE */
1482 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1483 "based on configuration");
1484 } else
1485 proto = ie.proto;
1486 }
1487
1488 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1489 "pairwise %d key_mgmt %d proto %d",
1490 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1491 if (ssid->ieee80211w) {
1492 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1493 ie.mgmt_group_cipher);
1494 }
1495
1496 wpa_s->wpa_proto = proto;
1497 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1498 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1499 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1500
1501 if (bss || !wpa_s->ap_ies_from_associnfo) {
1502 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1503 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1504 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1505 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1506 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1507 bss_rsnx ? 2 + bss_rsnx[1] : 0))
1508 return -1;
1509 }
1510
1511 #ifdef CONFIG_NO_WPA
1512 wpa_s->group_cipher = WPA_CIPHER_NONE;
1513 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1514 #else /* CONFIG_NO_WPA */
1515 sel = ie.group_cipher & ssid->group_cipher;
1516 wpa_dbg(wpa_s, MSG_DEBUG,
1517 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1518 ie.group_cipher, ssid->group_cipher, sel);
1519 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1520 if (wpa_s->group_cipher < 0) {
1521 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1522 "cipher");
1523 return -1;
1524 }
1525 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1526 wpa_cipher_txt(wpa_s->group_cipher));
1527
1528 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1529 wpa_dbg(wpa_s, MSG_DEBUG,
1530 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1531 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1532 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1533 if (wpa_s->pairwise_cipher < 0) {
1534 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1535 "cipher");
1536 return -1;
1537 }
1538 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1539 wpa_cipher_txt(wpa_s->pairwise_cipher));
1540 #endif /* CONFIG_NO_WPA */
1541
1542 sel = ie.key_mgmt & ssid->key_mgmt;
1543 #ifdef CONFIG_SAE
1544 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE))
1545 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE);
1546 #endif /* CONFIG_SAE */
1547 #ifdef CONFIG_IEEE80211R
1548 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1549 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1550 sel &= ~WPA_KEY_MGMT_FT;
1551 #endif /* CONFIG_IEEE80211R */
1552 wpa_dbg(wpa_s, MSG_DEBUG,
1553 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1554 ie.key_mgmt, ssid->key_mgmt, sel);
1555 if (0) {
1556 #ifdef CONFIG_IEEE80211R
1557 #ifdef CONFIG_SHA384
1558 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1559 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1560 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1561 wpa_dbg(wpa_s, MSG_DEBUG,
1562 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1563 if (!ssid->ft_eap_pmksa_caching &&
1564 pmksa_cache_get_current(wpa_s->wpa)) {
1565 /* PMKSA caching with FT may have interoperability
1566 * issues, so disable that case by default for now. */
1567 wpa_dbg(wpa_s, MSG_DEBUG,
1568 "WPA: Disable PMKSA caching for FT/802.1X connection");
1569 pmksa_cache_clear_current(wpa_s->wpa);
1570 }
1571 #endif /* CONFIG_SHA384 */
1572 #endif /* CONFIG_IEEE80211R */
1573 #ifdef CONFIG_SUITEB192
1574 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1575 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1576 wpa_dbg(wpa_s, MSG_DEBUG,
1577 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1578 #endif /* CONFIG_SUITEB192 */
1579 #ifdef CONFIG_SUITEB
1580 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1581 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1582 wpa_dbg(wpa_s, MSG_DEBUG,
1583 "WPA: using KEY_MGMT 802.1X with Suite B");
1584 #endif /* CONFIG_SUITEB */
1585 #ifdef CONFIG_FILS
1586 #ifdef CONFIG_IEEE80211R
1587 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1588 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1589 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1590 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1591 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1592 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1593 #endif /* CONFIG_IEEE80211R */
1594 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1595 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1596 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1597 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1598 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1599 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1600 #endif /* CONFIG_FILS */
1601 #ifdef CONFIG_IEEE80211R
1602 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1603 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1604 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1605 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1606 if (!ssid->ft_eap_pmksa_caching &&
1607 pmksa_cache_get_current(wpa_s->wpa)) {
1608 /* PMKSA caching with FT may have interoperability
1609 * issues, so disable that case by default for now. */
1610 wpa_dbg(wpa_s, MSG_DEBUG,
1611 "WPA: Disable PMKSA caching for FT/802.1X connection");
1612 pmksa_cache_clear_current(wpa_s->wpa);
1613 }
1614 #endif /* CONFIG_IEEE80211R */
1615 #ifdef CONFIG_DPP
1616 } else if (sel & WPA_KEY_MGMT_DPP) {
1617 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1618 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1619 #endif /* CONFIG_DPP */
1620 #ifdef CONFIG_SAE
1621 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1622 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1623 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1624 } else if (sel & WPA_KEY_MGMT_SAE) {
1625 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1626 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1627 #endif /* CONFIG_SAE */
1628 #ifdef CONFIG_IEEE80211R
1629 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1630 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1631 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1632 #endif /* CONFIG_IEEE80211R */
1633 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1634 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1635 wpa_dbg(wpa_s, MSG_DEBUG,
1636 "WPA: using KEY_MGMT 802.1X with SHA256");
1637 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1638 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1639 wpa_dbg(wpa_s, MSG_DEBUG,
1640 "WPA: using KEY_MGMT PSK with SHA256");
1641 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1642 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1643 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1644 } else if (sel & WPA_KEY_MGMT_PSK) {
1645 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1646 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1647 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1648 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1649 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1650 #ifdef CONFIG_HS20
1651 } else if (sel & WPA_KEY_MGMT_OSEN) {
1652 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1653 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1654 #endif /* CONFIG_HS20 */
1655 #ifdef CONFIG_OWE
1656 } else if (sel & WPA_KEY_MGMT_OWE) {
1657 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1658 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1659 #endif /* CONFIG_OWE */
1660 } else {
1661 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1662 "authenticated key management type");
1663 return -1;
1664 }
1665
1666 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1667 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1668 wpa_s->pairwise_cipher);
1669 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1670
1671 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1672 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1673 wpa_msg(wpa_s, MSG_INFO,
1674 "RSN: Management frame protection required but the selected AP does not enable it");
1675 return -1;
1676 }
1677
1678 wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie);
1679 #ifdef CONFIG_OCV
1680 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
1681 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
1682 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1683 #endif /* CONFIG_OCV */
1684 sae_pwe = wpa_s->conf->sae_pwe;
1685 if (ssid->sae_password_id && sae_pwe != 3)
1686 sae_pwe = 1;
1687 if (bss && is_6ghz_freq(bss->freq)) {
1688 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: force hash-to-element mode for 6GHz BSS.");
1689 sae_pwe = 1;
1690 }
1691 #ifdef CONFIG_TESTING_OPTIONS
1692 if (wpa_s->force_hunting_and_pecking_pwe) {
1693 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: force hunting and pecking mode.");
1694 sae_pwe = 0;
1695 }
1696 #endif
1697 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
1698 #ifdef CONFIG_SAE_PK
1699 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
1700 wpa_key_mgmt_sae(ssid->key_mgmt) &&
1701 ssid->sae_pk != SAE_PK_MODE_DISABLED &&
1702 ((ssid->sae_password &&
1703 sae_pk_valid_password(ssid->sae_password)) ||
1704 (!ssid->sae_password && ssid->passphrase &&
1705 sae_pk_valid_password(ssid->passphrase))));
1706 #endif /* CONFIG_SAE_PK */
1707 #ifdef CONFIG_TESTING_OPTIONS
1708 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
1709 wpa_s->ft_rsnxe_used);
1710 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
1711 wpa_s->oci_freq_override_eapol);
1712 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
1713 wpa_s->oci_freq_override_eapol_g2);
1714 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
1715 wpa_s->oci_freq_override_ft_assoc);
1716 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
1717 wpa_s->oci_freq_override_fils_assoc);
1718 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DISABLE_EAPOL_G2_TX,
1719 wpa_s->disable_eapol_g2_tx);
1720 #endif /* CONFIG_TESTING_OPTIONS */
1721
1722 /* Extended Key ID is only supported in infrastructure BSS so far */
1723 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
1724 (ssid->proto & WPA_PROTO_RSN) &&
1725 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
1726 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
1727 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
1728 int use_ext_key_id = 0;
1729
1730 wpa_msg(wpa_s, MSG_DEBUG,
1731 "WPA: Enable Extended Key ID support");
1732 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
1733 wpa_s->conf->extended_key_id);
1734 if (bss_rsn &&
1735 wpa_s->conf->extended_key_id &&
1736 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
1737 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
1738 use_ext_key_id = 1;
1739 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
1740 use_ext_key_id);
1741 } else {
1742 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
1743 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
1744 }
1745
1746 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1747 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1748 return -1;
1749 }
1750
1751 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
1752 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
1753 &wpa_s->rsnxe_len)) {
1754 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE");
1755 return -1;
1756 }
1757
1758 if (0) {
1759 #ifdef CONFIG_DPP
1760 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1761 /* Use PMK from DPP network introduction (PMKSA entry) */
1762 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1763 #ifdef CONFIG_DPP2
1764 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
1765 #endif /* CONFIG_DPP2 */
1766 #endif /* CONFIG_DPP */
1767 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1768 int psk_set = 0;
1769 int sae_only;
1770
1771 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK |
1772 WPA_KEY_MGMT_FT_PSK |
1773 WPA_KEY_MGMT_PSK_SHA256)) == 0;
1774
1775 if (ssid->psk_set && !sae_only) {
1776 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1777 ssid->psk, PMK_LEN);
1778 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL,
1779 NULL);
1780 psk_set = 1;
1781 }
1782
1783 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
1784 (ssid->sae_password || ssid->passphrase))
1785 psk_set = 1;
1786
1787 #ifndef CONFIG_NO_PBKDF2
1788 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1789 ssid->passphrase && !sae_only) {
1790 u8 psk[PMK_LEN];
1791
1792 if (pbkdf2_sha1(ssid->passphrase, bss->ssid,
1793 bss->ssid_len,
1794 4096, psk, PMK_LEN) != 0) {
1795 wpa_msg(wpa_s, MSG_WARNING,
1796 "Error in pbkdf2_sha1()");
1797 return -1;
1798 }
1799 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1800 psk, PMK_LEN);
1801 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL);
1802 psk_set = 1;
1803 os_memset(psk, 0, sizeof(psk));
1804 }
1805 #endif /* CONFIG_NO_PBKDF2 */
1806 #ifdef CONFIG_EXT_PASSWORD
1807 if (ssid->ext_psk && !sae_only) {
1808 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1809 ssid->ext_psk);
1810 char pw_str[64 + 1];
1811 u8 psk[PMK_LEN];
1812
1813 if (pw == NULL) {
1814 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK "
1815 "found from external storage");
1816 return -1;
1817 }
1818
1819 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1820 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected "
1821 "PSK length %d in external storage",
1822 (int) wpabuf_len(pw));
1823 ext_password_free(pw);
1824 return -1;
1825 }
1826
1827 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1828 pw_str[wpabuf_len(pw)] = '\0';
1829
1830 #ifndef CONFIG_NO_PBKDF2
1831 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1832 {
1833 if (pbkdf2_sha1(pw_str, bss->ssid,
1834 bss->ssid_len,
1835 4096, psk, PMK_LEN) != 0) {
1836 wpa_msg(wpa_s, MSG_WARNING,
1837 "Error in pbkdf2_sha1()");
1838 ext_password_free(pw);
1839 return -1;
1840 }
1841 os_memset(pw_str, 0, sizeof(pw_str));
1842 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from "
1843 "external passphrase)",
1844 psk, PMK_LEN);
1845 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1846 NULL);
1847 psk_set = 1;
1848 os_memset(psk, 0, sizeof(psk));
1849 } else
1850 #endif /* CONFIG_NO_PBKDF2 */
1851 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1852 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1853 wpa_msg(wpa_s, MSG_INFO, "EXT PW: "
1854 "Invalid PSK hex string");
1855 os_memset(pw_str, 0, sizeof(pw_str));
1856 ext_password_free(pw);
1857 return -1;
1858 }
1859 wpa_hexdump_key(MSG_MSGDUMP,
1860 "PSK (from external PSK)",
1861 psk, PMK_LEN);
1862 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
1863 NULL);
1864 psk_set = 1;
1865 os_memset(psk, 0, sizeof(psk));
1866 } else {
1867 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable "
1868 "PSK available");
1869 os_memset(pw_str, 0, sizeof(pw_str));
1870 ext_password_free(pw);
1871 return -1;
1872 }
1873
1874 os_memset(pw_str, 0, sizeof(pw_str));
1875 ext_password_free(pw);
1876 }
1877 #endif /* CONFIG_EXT_PASSWORD */
1878
1879 if (!psk_set) {
1880 wpa_msg(wpa_s, MSG_INFO,
1881 "No PSK available for association");
1882 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE");
1883 return -1;
1884 }
1885 #ifdef CONFIG_OWE
1886 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
1887 /* OWE Diffie-Hellman exchange in (Re)Association
1888 * Request/Response frames set the PMK, so do not override it
1889 * here. */
1890 #endif /* CONFIG_OWE */
1891 } else
1892 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1893
1894 if (ssid->mode != WPAS_MODE_IBSS &&
1895 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
1896 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
1897 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
1898 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
1899 wpa_msg(wpa_s, MSG_INFO,
1900 "Disable PTK0 rekey support - replaced with reconnect");
1901 wpa_s->deny_ptk0_rekey = 1;
1902 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
1903 } else {
1904 wpa_s->deny_ptk0_rekey = 0;
1905 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
1906 }
1907
1908 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
1909 if ((wpa_s->key_mgmt & WPA_KEY_MGMT_CROSS_AKM_ROAM) &&
1910 IS_CROSS_AKM_ROAM_KEY_MGMT(ssid->key_mgmt) &&
1911 (wpa_s->group_cipher == WPA_CIPHER_CCMP) &&
1912 (wpa_s->pairwise_cipher == WPA_CIPHER_CCMP) &&
1913 (wpa_s->wpa_proto == WPA_PROTO_RSN)) {
1914 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_PSK;
1915 wpa_dbg(wpa_s, MSG_INFO,
1916 "WPA: Updating to KEY_MGMT SAE+PSK for seamless roaming");
1917 }
1918 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
1919
1920 return 0;
1921 }
1922
1923
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx)1924 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx)
1925 {
1926 bool scs = true, mscs = true;
1927
1928 *pos = 0x00;
1929
1930 switch (idx) {
1931 case 0: /* Bits 0-7 */
1932 break;
1933 case 1: /* Bits 8-15 */
1934 if (wpa_s->conf->coloc_intf_reporting) {
1935 /* Bit 13 - Collocated Interference Reporting */
1936 *pos |= 0x20;
1937 }
1938 break;
1939 case 2: /* Bits 16-23 */
1940 #ifdef CONFIG_WNM
1941 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
1942 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm)
1943 *pos |= 0x08; /* Bit 19 - BSS Transition */
1944 #endif /* CONFIG_WNM */
1945 break;
1946 case 3: /* Bits 24-31 */
1947 #ifdef CONFIG_WNM
1948 *pos |= 0x02; /* Bit 25 - SSID List */
1949 #endif /* CONFIG_WNM */
1950 #ifdef CONFIG_INTERWORKING
1951 if (wpa_s->conf->interworking)
1952 *pos |= 0x80; /* Bit 31 - Interworking */
1953 #endif /* CONFIG_INTERWORKING */
1954 break;
1955 case 4: /* Bits 32-39 */
1956 #ifdef CONFIG_INTERWORKING
1957 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
1958 *pos |= 0x01; /* Bit 32 - QoS Map */
1959 #endif /* CONFIG_INTERWORKING */
1960 break;
1961 case 5: /* Bits 40-47 */
1962 #ifdef CONFIG_HS20
1963 if (wpa_s->conf->hs20)
1964 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1965 #endif /* CONFIG_HS20 */
1966 #ifdef CONFIG_MBO
1967 *pos |= 0x40; /* Bit 46 - WNM-Notification */
1968 #endif /* CONFIG_MBO */
1969 break;
1970 case 6: /* Bits 48-55 */
1971 #ifdef CONFIG_TESTING_OPTIONS
1972 if (wpa_s->disable_scs_support)
1973 scs = false;
1974 #endif /* CONFIG_TESTING_OPTIONS */
1975 if (scs)
1976 *pos |= 0x40; /* Bit 54 - SCS */
1977 break;
1978 case 7: /* Bits 56-63 */
1979 break;
1980 case 8: /* Bits 64-71 */
1981 if (wpa_s->conf->ftm_responder)
1982 *pos |= 0x40; /* Bit 70 - FTM responder */
1983 if (wpa_s->conf->ftm_initiator)
1984 *pos |= 0x80; /* Bit 71 - FTM initiator */
1985 break;
1986 case 9: /* Bits 72-79 */
1987 #ifdef CONFIG_FILS
1988 if (!wpa_s->disable_fils)
1989 *pos |= 0x01;
1990 #endif /* CONFIG_FILS */
1991 break;
1992 case 10: /* Bits 80-87 */
1993 #ifdef CONFIG_TESTING_OPTIONS
1994 if (wpa_s->disable_mscs_support)
1995 mscs = false;
1996 #endif /* CONFIG_TESTING_OPTIONS */
1997 if (mscs)
1998 *pos |= 0x20; /* Bit 85 - Mirrored SCS */
1999 break;
2000 }
2001 }
2002
2003
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen)2004 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen)
2005 {
2006 u8 *pos = buf;
2007 u8 len = 11, i;
2008
2009 if (len < wpa_s->extended_capa_len)
2010 len = wpa_s->extended_capa_len;
2011 if (buflen < (size_t) len + 2) {
2012 wpa_printf(MSG_INFO,
2013 "Not enough room for building extended capabilities element");
2014 return -1;
2015 }
2016
2017 *pos++ = WLAN_EID_EXT_CAPAB;
2018 *pos++ = len;
2019 for (i = 0; i < len; i++, pos++) {
2020 wpas_ext_capab_byte(wpa_s, pos, i);
2021
2022 if (i < wpa_s->extended_capa_len) {
2023 *pos &= ~wpa_s->extended_capa_mask[i];
2024 *pos |= wpa_s->extended_capa[i];
2025 }
2026 }
2027
2028 while (len > 0 && buf[1 + len] == 0) {
2029 len--;
2030 buf[1] = len;
2031 }
2032 if (len == 0)
2033 return 0;
2034
2035 return 2 + len;
2036 }
2037
2038
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)2039 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
2040 struct wpa_bss *test_bss)
2041 {
2042 struct wpa_bss *bss;
2043
2044 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2045 if (bss == test_bss)
2046 return 1;
2047 }
2048
2049 return 0;
2050 }
2051
2052
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)2053 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
2054 struct wpa_ssid *test_ssid)
2055 {
2056 struct wpa_ssid *ssid;
2057
2058 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2059 if (ssid == test_ssid)
2060 return 1;
2061 }
2062
2063 return 0;
2064 }
2065
2066
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2067 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2068 struct wpa_ssid *test_ssid)
2069 {
2070 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2071 return 0;
2072
2073 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2074 }
2075
2076
wpas_connect_work_free(struct wpa_connect_work * cwork)2077 void wpas_connect_work_free(struct wpa_connect_work *cwork)
2078 {
2079 if (cwork == NULL)
2080 return;
2081 os_free(cwork);
2082 }
2083
2084
wpas_connect_work_done(struct wpa_supplicant * wpa_s)2085 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2086 {
2087 struct wpa_connect_work *cwork;
2088 struct wpa_radio_work *work = wpa_s->connect_work;
2089
2090 if (!work)
2091 return;
2092
2093 wpa_s->connect_work = NULL;
2094 cwork = work->ctx;
2095 work->ctx = NULL;
2096 wpas_connect_work_free(cwork);
2097 radio_work_done(work);
2098 }
2099
2100
wpas_update_random_addr(struct wpa_supplicant * wpa_s,int style)2101 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style)
2102 {
2103 struct os_reltime now;
2104 u8 addr[ETH_ALEN];
2105
2106 os_get_reltime(&now);
2107 if (wpa_s->last_mac_addr_style == style &&
2108 wpa_s->last_mac_addr_change.sec != 0 &&
2109 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change,
2110 wpa_s->conf->rand_addr_lifetime)) {
2111 wpa_msg(wpa_s, MSG_DEBUG,
2112 "Previously selected random MAC address has not yet expired");
2113 return 0;
2114 }
2115
2116 switch (style) {
2117 case 1:
2118 if (random_mac_addr(addr) < 0)
2119 return -1;
2120 break;
2121 case 2:
2122 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2123 if (random_mac_addr_keep_oui(addr) < 0)
2124 return -1;
2125 break;
2126 default:
2127 return -1;
2128 }
2129
2130 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2131 wpa_msg(wpa_s, MSG_INFO,
2132 "Failed to set random MAC address");
2133 return -1;
2134 }
2135
2136 os_get_reltime(&wpa_s->last_mac_addr_change);
2137 wpa_s->mac_addr_changed = 1;
2138 wpa_s->last_mac_addr_style = style;
2139
2140 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2141 wpa_msg(wpa_s, MSG_INFO,
2142 "Could not update MAC address information");
2143 return -1;
2144 }
2145
2146 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2147 MAC2STR(addr));
2148
2149 return 0;
2150 }
2151
2152
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2153 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2154 {
2155 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2156 !wpa_s->conf->preassoc_mac_addr)
2157 return 0;
2158
2159 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr);
2160 }
2161
2162
wpa_s_setup_sae_pt(struct wpa_config * conf,struct wpa_ssid * ssid)2163 static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid)
2164 {
2165 #ifdef CONFIG_SAE
2166 int *groups = conf->sae_groups;
2167 int default_groups[] = { 19, 20, 21, 0 };
2168 const char *password;
2169
2170 if (!groups || groups[0] <= 0)
2171 groups = default_groups;
2172
2173 password = ssid->sae_password;
2174 if (!password)
2175 password = ssid->passphrase;
2176
2177 if (!password ||
2178 (conf->sae_pwe == 0 && !ssid->sae_password_id &&
2179 !sae_pk_valid_password(password)) ||
2180 conf->sae_pwe == 3) {
2181 /* PT derivation not needed */
2182 sae_deinit_pt(ssid->pt);
2183 ssid->pt = NULL;
2184 return;
2185 }
2186
2187 if (ssid->pt)
2188 return; /* PT already derived */
2189 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2190 (const u8 *) password, os_strlen(password),
2191 ssid->sae_password_id);
2192 #endif /* CONFIG_SAE */
2193 }
2194
2195
wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2196 static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2197 {
2198 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2199 os_free(wpa_s->sme.sae_rejected_groups);
2200 wpa_s->sme.sae_rejected_groups = NULL;
2201 #ifdef CONFIG_TESTING_OPTIONS
2202 if (wpa_s->extra_sae_rejected_groups) {
2203 int i, *groups = wpa_s->extra_sae_rejected_groups;
2204
2205 for (i = 0; groups[i]; i++) {
2206 wpa_printf(MSG_DEBUG,
2207 "TESTING: Indicate rejection of an extra SAE group %d",
2208 groups[i]);
2209 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2210 groups[i]);
2211 }
2212 }
2213 #endif /* CONFIG_TESTING_OPTIONS */
2214 #endif /* CONFIG_SAE && CONFIG_SME */
2215 }
2216
2217
wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2218 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2219 {
2220 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2221 wpa_msg(wpa_s, MSG_INFO,
2222 "Could not restore permanent MAC address");
2223 return -1;
2224 }
2225 wpa_s->mac_addr_changed = 0;
2226 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2227 wpa_msg(wpa_s, MSG_INFO,
2228 "Could not update MAC address information");
2229 return -1;
2230 }
2231 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2232 return 0;
2233 }
2234
2235
2236 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2237
2238 /**
2239 * wpa_supplicant_associate - Request association
2240 * @wpa_s: Pointer to wpa_supplicant data
2241 * @bss: Scan results for the selected BSS, or %NULL if not available
2242 * @ssid: Configuration data for the selected network
2243 *
2244 * This function is used to request %wpa_supplicant to associate with a BSS.
2245 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2246 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2247 struct wpa_bss *bss, struct wpa_ssid *ssid)
2248 {
2249 struct wpa_connect_work *cwork;
2250 int rand_style;
2251
2252 wpa_s->own_disconnect_req = 0;
2253 wpa_s->own_reconnect_req = 0;
2254
2255 /*
2256 * If we are starting a new connection, any previously pending EAPOL
2257 * RX cannot be valid anymore.
2258 */
2259 wpabuf_free(wpa_s->pending_eapol_rx);
2260 wpa_s->pending_eapol_rx = NULL;
2261
2262 if (ssid->mac_addr == -1)
2263 rand_style = wpa_s->conf->mac_addr;
2264 else
2265 rand_style = ssid->mac_addr;
2266
2267 wpa_s->eapol_failed = 0;
2268 wpa_s->multi_ap_ie = 0;
2269 wmm_ac_clear_saved_tspecs(wpa_s);
2270 wpa_s->reassoc_same_bss = 0;
2271 wpa_s->reassoc_same_ess = 0;
2272 #ifdef CONFIG_TESTING_OPTIONS
2273 wpa_s->testing_resend_assoc = 0;
2274 #endif /* CONFIG_TESTING_OPTIONS */
2275
2276 if (wpa_s->last_ssid == ssid) {
2277 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2278 wpa_s->reassoc_same_ess = 1;
2279 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2280 wmm_ac_save_tspecs(wpa_s);
2281 wpa_s->reassoc_same_bss = 1;
2282 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2283 os_get_reltime(&wpa_s->roam_start);
2284 }
2285 } else {
2286 #ifdef CONFIG_SAE
2287 wpa_s_clear_sae_rejected(wpa_s);
2288 #endif /* CONFIG_SAE */
2289 }
2290 #ifdef CONFIG_SAE
2291 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
2292 #endif /* CONFIG_SAE */
2293
2294 if (rand_style > 0 && !wpa_s->reassoc_same_ess) {
2295 if (wpas_update_random_addr(wpa_s, rand_style) < 0)
2296 return;
2297 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2298 } else if (rand_style == 0 && wpa_s->mac_addr_changed) {
2299 if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2300 return;
2301 }
2302 wpa_s->last_ssid = ssid;
2303
2304 #ifdef CONFIG_IBSS_RSN
2305 ibss_rsn_deinit(wpa_s->ibss_rsn);
2306 wpa_s->ibss_rsn = NULL;
2307 #else /* CONFIG_IBSS_RSN */
2308 if (ssid->mode == WPAS_MODE_IBSS &&
2309 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2310 wpa_msg(wpa_s, MSG_INFO,
2311 "IBSS RSN not supported in the build");
2312 return;
2313 }
2314 #endif /* CONFIG_IBSS_RSN */
2315
2316 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2317 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2318 #ifdef CONFIG_AP
2319 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2320 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2321 "mode");
2322 return;
2323 }
2324 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2325 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2326 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2327 wpas_p2p_ap_setup_failed(wpa_s);
2328 return;
2329 }
2330 wpa_s->current_bss = bss;
2331 #else /* CONFIG_AP */
2332 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2333 "the build");
2334 #endif /* CONFIG_AP */
2335 return;
2336 }
2337
2338 if (ssid->mode == WPAS_MODE_MESH) {
2339 #ifdef CONFIG_MESH
2340 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2341 wpa_msg(wpa_s, MSG_INFO,
2342 "Driver does not support mesh mode");
2343 return;
2344 }
2345 if (bss)
2346 ssid->frequency = bss->freq;
2347 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2348 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2349 return;
2350 }
2351 wpa_s->current_bss = bss;
2352 #else /* CONFIG_MESH */
2353 wpa_msg(wpa_s, MSG_ERROR,
2354 "mesh mode support not included in the build");
2355 #endif /* CONFIG_MESH */
2356 return;
2357 }
2358
2359 /*
2360 * Set WPA state machine configuration to match the selected network now
2361 * so that the information is available before wpas_start_assoc_cb()
2362 * gets called. This is needed at least for RSN pre-authentication where
2363 * candidate APs are added to a list based on scan result processing
2364 * before completion of the first association.
2365 */
2366 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2367
2368 #ifdef CONFIG_DPP
2369 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2370 return;
2371 #endif /* CONFIG_DPP */
2372
2373 #ifdef CONFIG_TDLS
2374 if (bss)
2375 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2376 #endif /* CONFIG_TDLS */
2377
2378 #ifdef CONFIG_MBO
2379 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2380 #endif /* CONFIG_MBO */
2381
2382 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2383 ssid->mode == WPAS_MODE_INFRA) {
2384 sme_authenticate(wpa_s, bss, ssid);
2385 return;
2386 }
2387
2388 if (wpa_s->connect_work) {
2389 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2390 return;
2391 }
2392
2393 if (radio_work_pending(wpa_s, "connect")) {
2394 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2395 return;
2396 }
2397
2398 #ifdef CONFIG_SME
2399 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2400 /* Clear possibly set auth_alg, if any, from last attempt. */
2401 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2402 }
2403 #endif /* CONFIG_SME */
2404
2405 wpas_abort_ongoing_scan(wpa_s);
2406
2407 cwork = os_zalloc(sizeof(*cwork));
2408 if (cwork == NULL)
2409 return;
2410
2411 cwork->bss = bss;
2412 cwork->ssid = ssid;
2413
2414 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2415 wpas_start_assoc_cb, cwork) < 0) {
2416 os_free(cwork);
2417 }
2418 }
2419
2420
bss_is_ibss(struct wpa_bss * bss)2421 static int bss_is_ibss(struct wpa_bss *bss)
2422 {
2423 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2424 IEEE80211_CAP_IBSS;
2425 }
2426
2427
drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2428 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2429 const struct wpa_ssid *ssid)
2430 {
2431 enum hostapd_hw_mode hw_mode;
2432 struct hostapd_hw_modes *mode = NULL;
2433 u8 channel;
2434 int i;
2435
2436 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2437 if (hw_mode == NUM_HOSTAPD_MODES)
2438 return 0;
2439 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2440 if (wpa_s->hw.modes[i].mode == hw_mode) {
2441 mode = &wpa_s->hw.modes[i];
2442 break;
2443 }
2444 }
2445
2446 if (!mode)
2447 return 0;
2448
2449 return mode->vht_capab != 0;
2450 }
2451
2452
ibss_mesh_is_80mhz_avail(int channel,struct hostapd_hw_modes * mode)2453 static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
2454 {
2455 int i;
2456
2457 for (i = channel; i < channel + 16; i += 4) {
2458 struct hostapd_channel_data *chan;
2459
2460 chan = hw_get_channel_chan(mode, i, NULL);
2461 if (!chan ||
2462 chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2463 return false;
2464 }
2465
2466 return true;
2467 }
2468
2469
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)2470 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2471 const struct wpa_ssid *ssid,
2472 struct hostapd_freq_params *freq)
2473 {
2474 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
2475 enum hostapd_hw_mode hw_mode;
2476 struct hostapd_hw_modes *mode = NULL;
2477 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2478 184, 192 };
2479 int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5955,
2480 6035, 6115, 6195, 6275, 6355, 6435, 6515,
2481 6595, 6675, 6755, 6835, 6915, 6995 };
2482 int bw160[] = { 5955, 6115, 6275, 6435, 6595, 6755, 6915 };
2483 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2484 u8 channel;
2485 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2486 unsigned int j, k;
2487 struct hostapd_freq_params vht_freq;
2488 int chwidth, seg0, seg1;
2489 u32 vht_caps = 0;
2490 bool is_24ghz, is_6ghz;
2491
2492 freq->freq = ssid->frequency;
2493
2494 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2495 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2496
2497 if (ssid->mode != WPAS_MODE_IBSS)
2498 break;
2499
2500 /* Don't adjust control freq in case of fixed_freq */
2501 if (ssid->fixed_freq)
2502 break;
2503
2504 if (!bss_is_ibss(bss))
2505 continue;
2506
2507 if (ssid->ssid_len == bss->ssid_len &&
2508 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2509 wpa_printf(MSG_DEBUG,
2510 "IBSS already found in scan results, adjust control freq: %d",
2511 bss->freq);
2512 freq->freq = bss->freq;
2513 obss_scan = 0;
2514 break;
2515 }
2516 }
2517
2518 /* For IBSS check HT_IBSS flag */
2519 if (ssid->mode == WPAS_MODE_IBSS &&
2520 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2521 return;
2522
2523 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2524 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2525 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2526 wpa_printf(MSG_DEBUG,
2527 "IBSS: WEP/TKIP detected, do not try to enable HT");
2528 return;
2529 }
2530
2531 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2532 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2533 if (wpa_s->hw.modes[i].mode == hw_mode) {
2534 mode = &wpa_s->hw.modes[i];
2535 break;
2536 }
2537 }
2538
2539 if (!mode)
2540 return;
2541
2542 freq->channel = channel;
2543
2544 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2545 hw_mode == HOSTAPD_MODE_IEEE80211B;
2546
2547 /* HT/VHT and corresponding overrides are not applicable to 6 GHz.
2548 * However, HE is mandatory for 6 GHz.
2549 */
2550 is_6ghz = is_6ghz_freq(freq->freq);
2551 if (is_6ghz)
2552 goto skip_to_6ghz;
2553
2554 #ifdef CONFIG_HT_OVERRIDES
2555 if (ssid->disable_ht) {
2556 freq->ht_enabled = 0;
2557 return;
2558 }
2559 #endif /* CONFIG_HT_OVERRIDES */
2560
2561 freq->ht_enabled = ht_supported(mode);
2562 if (!freq->ht_enabled)
2563 return;
2564
2565 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2566 if (is_24ghz)
2567 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2568 #ifdef CONFIG_HE_OVERRIDES
2569 if (is_24ghz && ssid->disable_he)
2570 freq->he_enabled = 0;
2571 #endif /* CONFIG_HE_OVERRIDES */
2572
2573 /* Setup higher BW only for 5 GHz */
2574 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2575 return;
2576
2577 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2578 pri_chan = &mode->channels[chan_idx];
2579 if (pri_chan->chan == channel)
2580 break;
2581 pri_chan = NULL;
2582 }
2583 if (!pri_chan)
2584 return;
2585
2586 /* Check primary channel flags */
2587 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2588 return;
2589
2590 freq->channel = pri_chan->chan;
2591
2592 #ifdef CONFIG_HT_OVERRIDES
2593 if (ssid->disable_ht40) {
2594 #ifdef CONFIG_VHT_OVERRIDES
2595 if (ssid->disable_vht)
2596 return;
2597 #endif /* CONFIG_VHT_OVERRIDES */
2598 goto skip_ht40;
2599 }
2600 #endif /* CONFIG_HT_OVERRIDES */
2601
2602 /* Check/setup HT40+/HT40- */
2603 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2604 if (ht40plus[j] == channel) {
2605 ht40 = 1;
2606 break;
2607 }
2608 }
2609
2610 /* Find secondary channel */
2611 for (i = 0; i < mode->num_channels; i++) {
2612 sec_chan = &mode->channels[i];
2613 if (sec_chan->chan == channel + ht40 * 4)
2614 break;
2615 sec_chan = NULL;
2616 }
2617 if (!sec_chan)
2618 return;
2619
2620 /* Check secondary channel flags */
2621 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2622 return;
2623
2624 if (ht40 == -1) {
2625 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2626 return;
2627 } else {
2628 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2629 return;
2630 }
2631 freq->sec_channel_offset = ht40;
2632
2633 if (obss_scan) {
2634 struct wpa_scan_results *scan_res;
2635
2636 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2637 if (scan_res == NULL) {
2638 /* Back to HT20 */
2639 freq->sec_channel_offset = 0;
2640 return;
2641 }
2642
2643 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
2644 switch (res) {
2645 case 0:
2646 /* Back to HT20 */
2647 freq->sec_channel_offset = 0;
2648 break;
2649 case 1:
2650 /* Configuration allowed */
2651 break;
2652 case 2:
2653 /* Switch pri/sec channels */
2654 freq->freq = hw_get_freq(mode, sec_chan->chan);
2655 freq->sec_channel_offset = -freq->sec_channel_offset;
2656 freq->channel = sec_chan->chan;
2657 break;
2658 default:
2659 freq->sec_channel_offset = 0;
2660 break;
2661 }
2662
2663 wpa_scan_results_free(scan_res);
2664 }
2665
2666 #ifdef CONFIG_HT_OVERRIDES
2667 skip_ht40:
2668 #endif /* CONFIG_HT_OVERRIDES */
2669 wpa_printf(MSG_DEBUG,
2670 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2671 freq->channel, freq->sec_channel_offset);
2672
2673 if (!drv_supports_vht(wpa_s, ssid))
2674 return;
2675
2676 /* For IBSS check VHT_IBSS flag */
2677 if (ssid->mode == WPAS_MODE_IBSS &&
2678 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2679 return;
2680
2681 #ifdef CONFIG_VHT_OVERRIDES
2682 if (ssid->disable_vht) {
2683 freq->vht_enabled = 0;
2684 return;
2685 }
2686 #endif /* CONFIG_VHT_OVERRIDES */
2687
2688 skip_to_6ghz:
2689 vht_freq = *freq;
2690
2691 /* 6 GHz does not have VHT enabled, so allow that exception here. */
2692 vht_freq.vht_enabled = vht_supported(mode);
2693 if (!vht_freq.vht_enabled && !is_6ghz)
2694 return;
2695
2696 /* Enable HE with VHT for 5 GHz */
2697 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2698
2699 /* setup center_freq1, bandwidth */
2700 for (j = 0; j < ARRAY_SIZE(bw80); j++) {
2701 if (freq->freq >= bw80[j] &&
2702 freq->freq < bw80[j] + 80)
2703 break;
2704 }
2705
2706 if (j == ARRAY_SIZE(bw80) ||
2707 ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES)
2708 return;
2709
2710 /* Back to HT configuration if channel not usable */
2711 if (!ibss_mesh_is_80mhz_avail(channel, mode))
2712 return;
2713
2714 chwidth = CHANWIDTH_80MHZ;
2715 seg0 = channel + 6;
2716 seg1 = 0;
2717
2718 if ((mode->he_capab[ieee80211_mode].phy_cap[
2719 HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
2720 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz) {
2721 /* In 160 MHz, the initial four 20 MHz channels were validated
2722 * above; check the remaining four 20 MHz channels for the total
2723 * of 160 MHz bandwidth.
2724 */
2725 if (!ibss_mesh_is_80mhz_avail(channel + 16, mode))
2726 return;
2727
2728 for (j = 0; j < ARRAY_SIZE(bw160); j++) {
2729 if (freq->freq == bw160[j]) {
2730 chwidth = CHANWIDTH_160MHZ;
2731 seg0 = channel + 14;
2732 break;
2733 }
2734 }
2735 }
2736
2737 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
2738 /* setup center_freq2, bandwidth */
2739 for (k = 0; k < ARRAY_SIZE(bw80); k++) {
2740 /* Only accept 80 MHz segments separated by a gap */
2741 if (j == k || abs(bw80[j] - bw80[k]) == 80)
2742 continue;
2743
2744 if (ieee80211_freq_to_chan(bw80[k], &channel) ==
2745 NUM_HOSTAPD_MODES)
2746 return;
2747
2748 for (i = channel; i < channel + 16; i += 4) {
2749 struct hostapd_channel_data *chan;
2750
2751 chan = hw_get_channel_chan(mode, i, NULL);
2752 if (!chan)
2753 continue;
2754
2755 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
2756 HOSTAPD_CHAN_NO_IR |
2757 HOSTAPD_CHAN_RADAR))
2758 continue;
2759
2760 /* Found a suitable second segment for 80+80 */
2761 chwidth = CHANWIDTH_80P80MHZ;
2762 if (!is_6ghz)
2763 vht_caps |=
2764 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
2765 seg1 = channel + 6;
2766 }
2767
2768 if (chwidth == CHANWIDTH_80P80MHZ)
2769 break;
2770 }
2771 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
2772 if (freq->freq == 5180) {
2773 chwidth = CHANWIDTH_160MHZ;
2774 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2775 seg0 = 50;
2776 } else if (freq->freq == 5520) {
2777 chwidth = CHANWIDTH_160MHZ;
2778 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
2779 seg0 = 114;
2780 }
2781 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
2782 chwidth = CHANWIDTH_USE_HT;
2783 seg0 = channel + 2;
2784 #ifdef CONFIG_HT_OVERRIDES
2785 if (ssid->disable_ht40)
2786 seg0 = 0;
2787 #endif /* CONFIG_HT_OVERRIDES */
2788 }
2789
2790 #ifdef CONFIG_HE_OVERRIDES
2791 if (ssid->disable_he) {
2792 vht_freq.he_enabled = 0;
2793 freq->he_enabled = 0;
2794 }
2795 #endif /* CONFIG_HE_OVERRIDES */
2796 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
2797 freq->channel, ssid->enable_edmg,
2798 ssid->edmg_channel, freq->ht_enabled,
2799 vht_freq.vht_enabled, freq->he_enabled,
2800 false,
2801 freq->sec_channel_offset,
2802 chwidth, seg0, seg1, vht_caps,
2803 &mode->he_capab[ieee80211_mode],
2804 NULL) != 0)
2805 return;
2806
2807 *freq = vht_freq;
2808
2809 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
2810 freq->center_freq1, freq->center_freq2, freq->bandwidth);
2811 }
2812
2813
2814 #ifdef CONFIG_FILS
wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)2815 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
2816 size_t ie_buf_len)
2817 {
2818 struct fils_hlp_req *req;
2819 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
2820 const u8 *pos;
2821 u8 *buf = ie_buf;
2822
2823 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2824 list) {
2825 rem_len = ie_buf_len - ie_len;
2826 pos = wpabuf_head(req->pkt);
2827 hdr_len = 1 + 2 * ETH_ALEN + 6;
2828 hlp_len = wpabuf_len(req->pkt);
2829
2830 if (rem_len < 2 + hdr_len + hlp_len) {
2831 wpa_printf(MSG_ERROR,
2832 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
2833 (unsigned long) rem_len,
2834 (unsigned long) (2 + hdr_len + hlp_len));
2835 break;
2836 }
2837
2838 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
2839 /* Element ID */
2840 *buf++ = WLAN_EID_EXTENSION;
2841 /* Length */
2842 *buf++ = len;
2843 /* Element ID Extension */
2844 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
2845 /* Destination MAC address */
2846 os_memcpy(buf, req->dst, ETH_ALEN);
2847 buf += ETH_ALEN;
2848 /* Source MAC address */
2849 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
2850 buf += ETH_ALEN;
2851 /* LLC/SNAP Header */
2852 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
2853 buf += 6;
2854 /* HLP Packet */
2855 os_memcpy(buf, pos, len - hdr_len);
2856 buf += len - hdr_len;
2857 pos += len - hdr_len;
2858
2859 hlp_len -= len - hdr_len;
2860 ie_len += 2 + len;
2861 rem_len -= 2 + len;
2862
2863 while (hlp_len) {
2864 len = (hlp_len > 255) ? 255 : hlp_len;
2865 if (rem_len < 2 + len)
2866 break;
2867 *buf++ = WLAN_EID_FRAGMENT;
2868 *buf++ = len;
2869 os_memcpy(buf, pos, len);
2870 buf += len;
2871 pos += len;
2872
2873 hlp_len -= len;
2874 ie_len += 2 + len;
2875 rem_len -= 2 + len;
2876 }
2877 }
2878
2879 return ie_len;
2880 }
2881
2882
wpa_is_fils_supported(struct wpa_supplicant * wpa_s)2883 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
2884 {
2885 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2886 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
2887 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2888 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
2889 }
2890
2891
wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)2892 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
2893 {
2894 #ifdef CONFIG_FILS_SK_PFS
2895 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2896 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
2897 #else /* CONFIG_FILS_SK_PFS */
2898 return 0;
2899 #endif /* CONFIG_FILS_SK_PFS */
2900 }
2901
2902 #endif /* CONFIG_FILS */
2903
2904
wpas_populate_wfa_capa(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,u8 * wpa_ie,size_t wpa_ie_len,size_t max_wpa_ie_len)2905 static int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s,
2906 struct wpa_bss *bss,
2907 u8 *wpa_ie, size_t wpa_ie_len,
2908 size_t max_wpa_ie_len)
2909 {
2910 struct wpabuf *wfa_ie = NULL;
2911 u8 wfa_capa[1];
2912 size_t wfa_ie_len, buf_len;
2913
2914 os_memset(wfa_capa, 0, sizeof(wfa_capa));
2915 if (wpa_s->enable_dscp_policy_capa)
2916 wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY;
2917
2918 if (!wfa_capa[0])
2919 return wpa_ie_len;
2920
2921 /* Wi-Fi Alliance element */
2922 buf_len = 1 + /* Element ID */
2923 1 + /* Length */
2924 3 + /* OUI */
2925 1 + /* OUI Type */
2926 1 + /* Capabilities Length */
2927 sizeof(wfa_capa); /* Capabilities */
2928 wfa_ie = wpabuf_alloc(buf_len);
2929 if (!wfa_ie)
2930 return wpa_ie_len;
2931
2932 wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC);
2933 wpabuf_put_u8(wfa_ie, buf_len - 2);
2934 wpabuf_put_be24(wfa_ie, OUI_WFA);
2935 wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE);
2936 wpabuf_put_u8(wfa_ie, sizeof(wfa_capa));
2937 wpabuf_put_data(wfa_ie, wfa_capa, sizeof(wfa_capa));
2938
2939 wfa_ie_len = wpabuf_len(wfa_ie);
2940 if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) {
2941 wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element",
2942 wfa_ie);
2943 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie),
2944 wfa_ie_len);
2945 wpa_ie_len += wfa_ie_len;
2946 }
2947
2948 wpabuf_free(wfa_ie);
2949 return wpa_ie_len;
2950 }
2951
2952
wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)2953 static u8 * wpas_populate_assoc_ies(
2954 struct wpa_supplicant *wpa_s,
2955 struct wpa_bss *bss, struct wpa_ssid *ssid,
2956 struct wpa_driver_associate_params *params,
2957 enum wpa_drv_update_connect_params_mask *mask)
2958 {
2959 u8 *wpa_ie;
2960 size_t max_wpa_ie_len = 500;
2961 size_t wpa_ie_len;
2962 int algs = WPA_AUTH_ALG_OPEN;
2963 #ifdef CONFIG_MBO
2964 const u8 *mbo_ie;
2965 #endif
2966 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
2967 int pmksa_cached = 0;
2968 #endif /* CONFIG_SAE || CONFIG_FILS */
2969 #ifdef CONFIG_FILS
2970 const u8 *realm, *username, *rrk;
2971 size_t realm_len, username_len, rrk_len;
2972 u16 next_seq_num;
2973 struct fils_hlp_req *req;
2974
2975 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
2976 list) {
2977 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
2978 2 + 2 * wpabuf_len(req->pkt) / 255;
2979 }
2980 #endif /* CONFIG_FILS */
2981
2982 wpa_ie = os_malloc(max_wpa_ie_len);
2983 if (!wpa_ie) {
2984 wpa_printf(MSG_ERROR,
2985 "Failed to allocate connect IE buffer for %lu bytes",
2986 (unsigned long) max_wpa_ie_len);
2987 return NULL;
2988 }
2989
2990 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
2991 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
2992 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
2993 int try_opportunistic;
2994 const u8 *cache_id = NULL;
2995
2996 try_opportunistic = (ssid->proactive_key_caching < 0 ?
2997 wpa_s->conf->okc :
2998 ssid->proactive_key_caching) &&
2999 (ssid->proto & WPA_PROTO_RSN);
3000 #ifdef CONFIG_FILS
3001 if (wpa_key_mgmt_fils(ssid->key_mgmt))
3002 cache_id = wpa_bss_get_fils_cache_id(bss);
3003 #endif /* CONFIG_FILS */
3004 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
3005 ssid, try_opportunistic,
3006 cache_id, 0) == 0) {
3007 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
3008 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3009 pmksa_cached = 1;
3010 #endif /* CONFIG_SAE || CONFIG_FILS */
3011 }
3012 wpa_ie_len = max_wpa_ie_len;
3013 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3014 wpa_ie, &wpa_ie_len)) {
3015 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3016 "key management and encryption suites");
3017 os_free(wpa_ie);
3018 return NULL;
3019 }
3020 #ifdef CONFIG_HS20
3021 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
3022 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
3023 /* No PMKSA caching, but otherwise similar to RSN/WPA */
3024 wpa_ie_len = max_wpa_ie_len;
3025 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3026 wpa_ie, &wpa_ie_len)) {
3027 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3028 "key management and encryption suites");
3029 os_free(wpa_ie);
3030 return NULL;
3031 }
3032 #endif /* CONFIG_HS20 */
3033 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
3034 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
3035 /*
3036 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
3037 * use non-WPA since the scan results did not indicate that the
3038 * AP is using WPA or WPA2.
3039 */
3040 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3041 wpa_ie_len = 0;
3042 wpa_s->wpa_proto = 0;
3043 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
3044 wpa_ie_len = max_wpa_ie_len;
3045 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
3046 wpa_ie, &wpa_ie_len)) {
3047 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3048 "key management and encryption suites (no "
3049 "scan results)");
3050 os_free(wpa_ie);
3051 return NULL;
3052 }
3053 #ifdef CONFIG_WPS
3054 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
3055 struct wpabuf *wps_ie;
3056 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
3057 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
3058 wpa_ie_len = wpabuf_len(wps_ie);
3059 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
3060 } else
3061 wpa_ie_len = 0;
3062 wpabuf_free(wps_ie);
3063 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3064 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
3065 params->wps = WPS_MODE_PRIVACY;
3066 else
3067 params->wps = WPS_MODE_OPEN;
3068 wpa_s->wpa_proto = 0;
3069 #endif /* CONFIG_WPS */
3070 } else {
3071 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3072 wpa_ie_len = 0;
3073 wpa_s->wpa_proto = 0;
3074 }
3075
3076 #ifdef IEEE8021X_EAPOL
3077 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3078 if (ssid->leap) {
3079 if (ssid->non_leap == 0)
3080 algs = WPA_AUTH_ALG_LEAP;
3081 else
3082 algs |= WPA_AUTH_ALG_LEAP;
3083 }
3084 }
3085
3086 #ifdef CONFIG_FILS
3087 /* Clear FILS association */
3088 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
3089
3090 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3091 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3092 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
3093 &username_len, &realm, &realm_len,
3094 &next_seq_num, &rrk, &rrk_len) == 0 &&
3095 (!wpa_s->last_con_fail_realm ||
3096 wpa_s->last_con_fail_realm_len != realm_len ||
3097 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
3098 algs = WPA_AUTH_ALG_FILS;
3099 params->fils_erp_username = username;
3100 params->fils_erp_username_len = username_len;
3101 params->fils_erp_realm = realm;
3102 params->fils_erp_realm_len = realm_len;
3103 params->fils_erp_next_seq_num = next_seq_num;
3104 params->fils_erp_rrk = rrk;
3105 params->fils_erp_rrk_len = rrk_len;
3106
3107 if (mask)
3108 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
3109 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3110 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3111 pmksa_cached) {
3112 algs = WPA_AUTH_ALG_FILS;
3113 }
3114 #endif /* CONFIG_FILS */
3115 #endif /* IEEE8021X_EAPOL */
3116 #ifdef CONFIG_SAE
3117 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
3118 algs = WPA_AUTH_ALG_SAE;
3119 #endif /* CONFIG_SAE */
3120
3121 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
3122 if (ssid->auth_alg) {
3123 algs = ssid->auth_alg;
3124 wpa_dbg(wpa_s, MSG_DEBUG,
3125 "Overriding auth_alg selection: 0x%x", algs);
3126 }
3127
3128 #ifdef CONFIG_SAE
3129 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
3130 wpa_dbg(wpa_s, MSG_DEBUG,
3131 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
3132 algs = WPA_AUTH_ALG_OPEN;
3133 }
3134 #endif /* CONFIG_SAE */
3135
3136 #ifdef CONFIG_P2P
3137 if (wpa_s->global->p2p) {
3138 u8 *pos;
3139 size_t len;
3140 int res;
3141 pos = wpa_ie + wpa_ie_len;
3142 len = max_wpa_ie_len - wpa_ie_len;
3143 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
3144 ssid->p2p_group);
3145 if (res >= 0)
3146 wpa_ie_len += res;
3147 }
3148
3149 wpa_s->cross_connect_disallowed = 0;
3150 if (bss) {
3151 struct wpabuf *p2p;
3152 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
3153 if (p2p) {
3154 wpa_s->cross_connect_disallowed =
3155 p2p_get_cross_connect_disallowed(p2p);
3156 wpabuf_free(p2p);
3157 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3158 "connection",
3159 wpa_s->cross_connect_disallowed ?
3160 "disallows" : "allows");
3161 }
3162 }
3163
3164 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3165 #endif /* CONFIG_P2P */
3166
3167 if (bss) {
3168 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3169 wpa_ie + wpa_ie_len,
3170 max_wpa_ie_len -
3171 wpa_ie_len);
3172 }
3173
3174 /*
3175 * Workaround: Add Extended Capabilities element only if the AP
3176 * included this element in Beacon/Probe Response frames. Some older
3177 * APs seem to have interoperability issues if this element is
3178 * included, so while the standard may require us to include the
3179 * element in all cases, it is justifiable to skip it to avoid
3180 * interoperability issues.
3181 */
3182 if (ssid->p2p_group)
3183 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3184 else
3185 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3186
3187 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3188 u8 ext_capab[18];
3189 int ext_capab_len;
3190 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3191 sizeof(ext_capab));
3192 if (ext_capab_len > 0 &&
3193 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3194 u8 *pos = wpa_ie;
3195 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3196 pos += 2 + pos[1];
3197 os_memmove(pos + ext_capab_len, pos,
3198 wpa_ie_len - (pos - wpa_ie));
3199 wpa_ie_len += ext_capab_len;
3200 os_memcpy(pos, ext_capab, ext_capab_len);
3201 }
3202 }
3203
3204 #ifdef CONFIG_HS20
3205 if (is_hs20_network(wpa_s, ssid, bss)
3206 #ifndef ANDROID /* Android does not use the native HS 2.0 config */
3207 && is_hs20_config(wpa_s)
3208 #endif /* ANDROID */
3209 ) {
3210 struct wpabuf *hs20;
3211
3212 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3213 if (hs20) {
3214 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3215 size_t len;
3216
3217 wpas_hs20_add_indication(hs20, pps_mo_id,
3218 get_hs20_version(bss));
3219 wpas_hs20_add_roam_cons_sel(hs20, ssid);
3220 len = max_wpa_ie_len - wpa_ie_len;
3221 if (wpabuf_len(hs20) <= len) {
3222 os_memcpy(wpa_ie + wpa_ie_len,
3223 wpabuf_head(hs20), wpabuf_len(hs20));
3224 wpa_ie_len += wpabuf_len(hs20);
3225 }
3226 wpabuf_free(hs20);
3227 }
3228 }
3229 hs20_configure_frame_filters(wpa_s);
3230 #endif /* CONFIG_HS20 */
3231
3232 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3233 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3234 size_t len;
3235
3236 len = max_wpa_ie_len - wpa_ie_len;
3237 if (wpabuf_len(buf) <= len) {
3238 os_memcpy(wpa_ie + wpa_ie_len,
3239 wpabuf_head(buf), wpabuf_len(buf));
3240 wpa_ie_len += wpabuf_len(buf);
3241 }
3242 }
3243
3244 #ifdef CONFIG_FST
3245 if (wpa_s->fst_ies) {
3246 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3247
3248 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3249 os_memcpy(wpa_ie + wpa_ie_len,
3250 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3251 wpa_ie_len += fst_ies_len;
3252 }
3253 }
3254 #endif /* CONFIG_FST */
3255
3256 #ifdef CONFIG_MBO
3257 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3258 if (!wpa_s->disable_mbo_oce && mbo_ie) {
3259 int len;
3260
3261 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3262 max_wpa_ie_len - wpa_ie_len,
3263 !!mbo_attr_from_mbo_ie(mbo_ie,
3264 OCE_ATTR_ID_CAPA_IND));
3265 if (len >= 0)
3266 wpa_ie_len += len;
3267 }
3268 #endif /* CONFIG_MBO */
3269
3270 #ifdef CONFIG_FILS
3271 if (algs == WPA_AUTH_ALG_FILS) {
3272 size_t len;
3273
3274 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3275 max_wpa_ie_len - wpa_ie_len);
3276 wpa_ie_len += len;
3277 }
3278 #endif /* CONFIG_FILS */
3279
3280 #ifdef CONFIG_OWE
3281 #ifdef CONFIG_TESTING_OPTIONS
3282 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3283 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3284 } else
3285 #endif /* CONFIG_TESTING_OPTIONS */
3286 if (algs == WPA_AUTH_ALG_OPEN &&
3287 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
3288 struct wpabuf *owe_ie;
3289 u16 group;
3290
3291 if (ssid->owe_group) {
3292 group = ssid->owe_group;
3293 } else if (wpa_s->assoc_status_code ==
3294 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3295 if (wpa_s->last_owe_group == 19)
3296 group = 20;
3297 else if (wpa_s->last_owe_group == 20)
3298 group = 21;
3299 else
3300 group = OWE_DH_GROUP;
3301 } else {
3302 group = OWE_DH_GROUP;
3303 }
3304
3305 wpa_s->last_owe_group = group;
3306 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3307 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3308 if (owe_ie &&
3309 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3310 os_memcpy(wpa_ie + wpa_ie_len,
3311 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3312 wpa_ie_len += wpabuf_len(owe_ie);
3313 }
3314 wpabuf_free(owe_ie);
3315 }
3316 #endif /* CONFIG_OWE */
3317
3318 #ifdef CONFIG_DPP2
3319 if (DPP_VERSION > 1 &&
3320 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3321 ssid->dpp_netaccesskey &&
3322 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
3323 struct rsn_pmksa_cache_entry *pmksa;
3324
3325 pmksa = pmksa_cache_get_current(wpa_s->wpa);
3326 if (!pmksa || !pmksa->dpp_pfs)
3327 goto pfs_fail;
3328
3329 dpp_pfs_free(wpa_s->dpp_pfs);
3330 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3331 ssid->dpp_netaccesskey_len);
3332 if (!wpa_s->dpp_pfs) {
3333 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3334 /* Try to continue without PFS */
3335 goto pfs_fail;
3336 }
3337 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3338 max_wpa_ie_len - wpa_ie_len) {
3339 os_memcpy(wpa_ie + wpa_ie_len,
3340 wpabuf_head(wpa_s->dpp_pfs->ie),
3341 wpabuf_len(wpa_s->dpp_pfs->ie));
3342 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3343 }
3344 }
3345 pfs_fail:
3346 #endif /* CONFIG_DPP2 */
3347
3348 #ifdef CONFIG_IEEE80211R
3349 /*
3350 * Add MDIE under these conditions: the network profile allows FT,
3351 * the AP supports FT, and the mobility domain ID matches.
3352 */
3353 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3354 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3355
3356 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3357 size_t len = 0;
3358 const u8 *md = mdie + 2;
3359 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3360
3361 if (os_memcmp(md, wpa_md,
3362 MOBILITY_DOMAIN_ID_LEN) == 0) {
3363 /* Add mobility domain IE */
3364 len = wpa_ft_add_mdie(
3365 wpa_s->wpa, wpa_ie + wpa_ie_len,
3366 max_wpa_ie_len - wpa_ie_len, mdie);
3367 wpa_ie_len += len;
3368 }
3369 #ifdef CONFIG_SME
3370 if (len > 0 && wpa_s->sme.ft_used &&
3371 wpa_sm_has_ptk(wpa_s->wpa)) {
3372 wpa_dbg(wpa_s, MSG_DEBUG,
3373 "SME: Trying to use FT over-the-air");
3374 algs |= WPA_AUTH_ALG_FT;
3375 }
3376 #endif /* CONFIG_SME */
3377 }
3378 }
3379 #endif /* CONFIG_IEEE80211R */
3380
3381 #ifdef CONFIG_TESTING_OPTIONS
3382 if (wpa_s->rsnxe_override_assoc &&
3383 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3384 max_wpa_ie_len - wpa_ie_len) {
3385 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3386 os_memcpy(wpa_ie + wpa_ie_len,
3387 wpabuf_head(wpa_s->rsnxe_override_assoc),
3388 wpabuf_len(wpa_s->rsnxe_override_assoc));
3389 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3390 } else
3391 #endif /* CONFIG_TESTING_OPTIONS */
3392 if (wpa_s->rsnxe_len > 0 &&
3393 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3394 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3395 wpa_ie_len += wpa_s->rsnxe_len;
3396 }
3397
3398 #ifdef CONFIG_TESTING_OPTIONS
3399 if (wpa_s->disable_mscs_support)
3400 goto mscs_end;
3401 #endif /* CONFIG_TESTING_OPTIONS */
3402 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
3403 wpa_s->robust_av.valid_config) {
3404 struct wpabuf *mscs_ie;
3405 size_t mscs_ie_len, buf_len;
3406
3407 buf_len = 3 + /* MSCS descriptor IE header */
3408 1 + /* Request type */
3409 2 + /* User priority control */
3410 4 + /* Stream timeout */
3411 3 + /* TCLAS Mask IE header */
3412 wpa_s->robust_av.frame_classifier_len;
3413 mscs_ie = wpabuf_alloc(buf_len);
3414 if (!mscs_ie) {
3415 wpa_printf(MSG_INFO,
3416 "MSCS: Failed to allocate MSCS IE");
3417 goto mscs_end;
3418 }
3419
3420 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
3421 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
3422 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
3423 mscs_ie_len = wpabuf_len(mscs_ie);
3424 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
3425 mscs_ie_len);
3426 wpa_ie_len += mscs_ie_len;
3427 }
3428
3429 wpabuf_free(mscs_ie);
3430 }
3431 mscs_end:
3432
3433 wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len,
3434 max_wpa_ie_len);
3435
3436 if (ssid->multi_ap_backhaul_sta) {
3437 size_t multi_ap_ie_len;
3438
3439 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3440 max_wpa_ie_len - wpa_ie_len,
3441 MULTI_AP_BACKHAUL_STA);
3442 if (multi_ap_ie_len == 0) {
3443 wpa_printf(MSG_ERROR,
3444 "Multi-AP: Failed to build Multi-AP IE");
3445 os_free(wpa_ie);
3446 return NULL;
3447 }
3448 wpa_ie_len += multi_ap_ie_len;
3449 }
3450
3451 params->wpa_ie = wpa_ie;
3452 params->wpa_ie_len = wpa_ie_len;
3453 params->auth_alg = algs;
3454 if (mask)
3455 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3456
3457 return wpa_ie;
3458 }
3459
3460
3461 #ifdef CONFIG_OWE
wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)3462 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3463 {
3464 struct wpa_driver_associate_params params;
3465 u8 *wpa_ie;
3466
3467 os_memset(¶ms, 0, sizeof(params));
3468 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3469 wpa_s->current_ssid, ¶ms, NULL);
3470 if (!wpa_ie)
3471 return;
3472
3473 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3474 os_free(wpa_ie);
3475 }
3476 #endif /* CONFIG_OWE */
3477
3478
3479 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)3480 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3481 {
3482 struct wpa_driver_associate_params params;
3483 enum wpa_drv_update_connect_params_mask mask = 0;
3484 u8 *wpa_ie;
3485
3486 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3487 return; /* nothing to do */
3488
3489 os_memset(¶ms, 0, sizeof(params));
3490 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3491 wpa_s->current_ssid, ¶ms, &mask);
3492 if (!wpa_ie)
3493 return;
3494
3495 if (params.auth_alg == WPA_AUTH_ALG_FILS) {
3496 wpa_s->auth_alg = params.auth_alg;
3497 wpa_drv_update_connect_params(wpa_s, ¶ms, mask);
3498 }
3499
3500 os_free(wpa_ie);
3501 }
3502 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3503
3504
wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)3505 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3506 {
3507 if (!edmg_ie || edmg_ie[1] < 6)
3508 return 0;
3509 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3510 }
3511
3512
wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)3513 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3514 {
3515 if (!edmg_ie || edmg_ie[1] < 6)
3516 return 0;
3517 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3518 }
3519
3520
3521 /* Returns the intersection of two EDMG configurations.
3522 * Note: The current implementation is limited to CB2 only (CB1 included),
3523 * i.e., the implementation supports up to 2 contiguous channels.
3524 * For supporting non-contiguous (aggregated) channels and for supporting
3525 * CB3 and above, this function will need to be extended.
3526 */
3527 static struct ieee80211_edmg_config
get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)3528 get_edmg_intersection(struct ieee80211_edmg_config a,
3529 struct ieee80211_edmg_config b,
3530 u8 primary_channel)
3531 {
3532 struct ieee80211_edmg_config result;
3533 int i, contiguous = 0;
3534 int max_contiguous = 0;
3535
3536 result.channels = b.channels & a.channels;
3537 if (!result.channels) {
3538 wpa_printf(MSG_DEBUG,
3539 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3540 a.channels, b.channels);
3541 goto fail;
3542 }
3543
3544 if (!(result.channels & BIT(primary_channel - 1))) {
3545 wpa_printf(MSG_DEBUG,
3546 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3547 primary_channel, result.channels);
3548 goto fail;
3549 }
3550
3551 /* Find max contiguous channels */
3552 for (i = 0; i < 6; i++) {
3553 if (result.channels & BIT(i))
3554 contiguous++;
3555 else
3556 contiguous = 0;
3557
3558 if (contiguous > max_contiguous)
3559 max_contiguous = contiguous;
3560 }
3561
3562 /* Assuming AP and STA supports ONLY contiguous channels,
3563 * bw configuration can have value between 4-7.
3564 */
3565 if ((b.bw_config < a.bw_config))
3566 result.bw_config = b.bw_config;
3567 else
3568 result.bw_config = a.bw_config;
3569
3570 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3571 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3572 wpa_printf(MSG_DEBUG,
3573 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3574 max_contiguous);
3575 goto fail;
3576 }
3577
3578 return result;
3579
3580 fail:
3581 result.channels = 0;
3582 result.bw_config = 0;
3583 return result;
3584 }
3585
3586
3587 static struct ieee80211_edmg_config
get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)3588 get_supported_edmg(struct wpa_supplicant *wpa_s,
3589 struct hostapd_freq_params *freq,
3590 struct ieee80211_edmg_config request_edmg)
3591 {
3592 enum hostapd_hw_mode hw_mode;
3593 struct hostapd_hw_modes *mode = NULL;
3594 u8 primary_channel;
3595
3596 if (!wpa_s->hw.modes)
3597 goto fail;
3598
3599 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3600 if (hw_mode == NUM_HOSTAPD_MODES)
3601 goto fail;
3602
3603 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
3604 if (!mode)
3605 goto fail;
3606
3607 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3608
3609 fail:
3610 request_edmg.channels = 0;
3611 request_edmg.bw_config = 0;
3612 return request_edmg;
3613 }
3614
3615
3616 #ifdef CONFIG_MBO
wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)3617 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3618 {
3619 struct wpa_driver_associate_params params;
3620 u8 *wpa_ie;
3621
3622 /*
3623 * Update MBO connect params only in case of change of MBO attributes
3624 * when connected, if the AP support MBO.
3625 */
3626
3627 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3628 !wpa_s->current_bss ||
3629 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
3630 return;
3631
3632 os_memset(¶ms, 0, sizeof(params));
3633 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3634 wpa_s->current_ssid, ¶ms, NULL);
3635 if (!wpa_ie)
3636 return;
3637
3638 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3639 os_free(wpa_ie);
3640 }
3641 #endif /* CONFIG_MBO */
3642
3643
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)3644 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
3645 {
3646 struct wpa_connect_work *cwork = work->ctx;
3647 struct wpa_bss *bss = cwork->bss;
3648 struct wpa_ssid *ssid = cwork->ssid;
3649 struct wpa_supplicant *wpa_s = work->wpa_s;
3650 u8 *wpa_ie;
3651 const u8 *edmg_ie_oper;
3652 int use_crypt, ret, bssid_changed;
3653 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
3654 struct wpa_driver_associate_params params;
3655 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
3656 int wep_keys_set = 0;
3657 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */
3658 int assoc_failed = 0;
3659 struct wpa_ssid *old_ssid;
3660 u8 prev_bssid[ETH_ALEN];
3661 #ifdef CONFIG_HT_OVERRIDES
3662 struct ieee80211_ht_capabilities htcaps;
3663 struct ieee80211_ht_capabilities htcaps_mask;
3664 #endif /* CONFIG_HT_OVERRIDES */
3665 #ifdef CONFIG_VHT_OVERRIDES
3666 struct ieee80211_vht_capabilities vhtcaps;
3667 struct ieee80211_vht_capabilities vhtcaps_mask;
3668 #endif /* CONFIG_VHT_OVERRIDES */
3669
3670 wpa_s->roam_in_progress = false;
3671 #ifdef CONFIG_WNM
3672 wpa_s->bss_trans_mgmt_in_progress = false;
3673 #endif /* CONFIG_WNM */
3674
3675 if (deinit) {
3676 if (work->started) {
3677 wpa_s->connect_work = NULL;
3678
3679 /* cancel possible auth. timeout */
3680 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
3681 NULL);
3682 }
3683 wpas_connect_work_free(cwork);
3684 return;
3685 }
3686
3687 wpa_s->connect_work = work;
3688
3689 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
3690 wpas_network_disabled(wpa_s, ssid)) {
3691 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
3692 wpas_connect_work_done(wpa_s);
3693 return;
3694 }
3695
3696 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
3697 os_memset(¶ms, 0, sizeof(params));
3698 wpa_s->reassociate = 0;
3699 wpa_s->eap_expected_failure = 0;
3700
3701 /* Starting new association, so clear the possibly used WPA IE from the
3702 * previous association. */
3703 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
3704 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
3705 wpa_s->rsnxe_len = 0;
3706 wpa_s->mscs_setup_done = false;
3707
3708 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL);
3709 if (!wpa_ie) {
3710 wpas_connect_work_done(wpa_s);
3711 return;
3712 }
3713
3714 if (bss &&
3715 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
3716 #ifdef CONFIG_IEEE80211R
3717 const u8 *ie, *md = NULL;
3718 #endif /* CONFIG_IEEE80211R */
3719 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
3720 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
3721 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
3722 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
3723 os_memset(wpa_s->bssid, 0, ETH_ALEN);
3724 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3725 if (bssid_changed)
3726 wpas_notify_bssid_changed(wpa_s);
3727 #ifdef CONFIG_IEEE80211R
3728 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3729 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
3730 md = ie + 2;
3731 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
3732 if (md) {
3733 /* Prepare for the next transition */
3734 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
3735 }
3736 #endif /* CONFIG_IEEE80211R */
3737 #ifdef CONFIG_WPS
3738 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
3739 wpa_s->conf->ap_scan == 2 &&
3740 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
3741 /* Use ap_scan==1 style network selection to find the network
3742 */
3743 wpas_connect_work_done(wpa_s);
3744 wpa_s->scan_req = MANUAL_SCAN_REQ;
3745 wpa_s->reassociate = 1;
3746 wpa_supplicant_req_scan(wpa_s, 0, 0);
3747 os_free(wpa_ie);
3748 return;
3749 #endif /* CONFIG_WPS */
3750 } else {
3751 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
3752 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
3753 if (bss)
3754 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
3755 else
3756 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
3757 }
3758 if (!wpa_s->pno)
3759 wpa_supplicant_cancel_sched_scan(wpa_s);
3760
3761 wpa_supplicant_cancel_scan(wpa_s);
3762
3763 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
3764 use_crypt = 1;
3765 cipher_pairwise = wpa_s->pairwise_cipher;
3766 cipher_group = wpa_s->group_cipher;
3767 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
3768 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
3769 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3770 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
3771 use_crypt = 0;
3772 #ifdef CONFIG_WEP
3773 if (wpa_set_wep_keys(wpa_s, ssid)) {
3774 use_crypt = 1;
3775 wep_keys_set = 1;
3776 }
3777 #endif /* CONFIG_WEP */
3778 }
3779 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
3780 use_crypt = 0;
3781
3782 #ifdef IEEE8021X_EAPOL
3783 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3784 if ((ssid->eapol_flags &
3785 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
3786 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
3787 !wep_keys_set) {
3788 use_crypt = 0;
3789 } else {
3790 /* Assume that dynamic WEP-104 keys will be used and
3791 * set cipher suites in order for drivers to expect
3792 * encryption. */
3793 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
3794 }
3795 }
3796 #endif /* IEEE8021X_EAPOL */
3797
3798 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
3799 /* Set the key before (and later after) association */
3800 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
3801 }
3802
3803 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
3804 if (bss) {
3805 params.ssid = bss->ssid;
3806 params.ssid_len = bss->ssid_len;
3807 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
3808 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
3809 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
3810 MACSTR " freq=%u MHz based on scan results "
3811 "(bssid_set=%d wps=%d)",
3812 MAC2STR(bss->bssid), bss->freq,
3813 ssid->bssid_set,
3814 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
3815 params.bssid = bss->bssid;
3816 params.freq.freq = bss->freq;
3817 }
3818 params.bssid_hint = bss->bssid;
3819 params.freq_hint = bss->freq;
3820 params.pbss = bss_is_pbss(bss);
3821 } else {
3822 if (ssid->bssid_hint_set)
3823 params.bssid_hint = ssid->bssid_hint;
3824
3825 params.ssid = ssid->ssid;
3826 params.ssid_len = ssid->ssid_len;
3827 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
3828 }
3829
3830 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
3831 wpa_s->conf->ap_scan == 2) {
3832 params.bssid = ssid->bssid;
3833 params.fixed_bssid = 1;
3834 }
3835
3836 /* Initial frequency for IBSS/mesh */
3837 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
3838 ssid->frequency > 0 && params.freq.freq == 0)
3839 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
3840
3841 if (ssid->mode == WPAS_MODE_IBSS) {
3842 params.fixed_freq = ssid->fixed_freq;
3843 if (ssid->beacon_int)
3844 params.beacon_int = ssid->beacon_int;
3845 else
3846 params.beacon_int = wpa_s->conf->beacon_int;
3847 }
3848
3849 if (bss && ssid->enable_edmg)
3850 edmg_ie_oper = wpa_bss_get_ie_ext(bss,
3851 WLAN_EID_EXT_EDMG_OPERATION);
3852 else
3853 edmg_ie_oper = NULL;
3854
3855 if (edmg_ie_oper) {
3856 params.freq.edmg.channels =
3857 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
3858 params.freq.edmg.bw_config =
3859 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
3860 wpa_printf(MSG_DEBUG,
3861 "AP supports EDMG channels 0x%x, bw_config %d",
3862 params.freq.edmg.channels,
3863 params.freq.edmg.bw_config);
3864
3865 /* User may ask for specific EDMG channel for EDMG connection
3866 * (must be supported by AP)
3867 */
3868 if (ssid->edmg_channel) {
3869 struct ieee80211_edmg_config configured_edmg;
3870 enum hostapd_hw_mode hw_mode;
3871 u8 primary_channel;
3872
3873 hw_mode = ieee80211_freq_to_chan(bss->freq,
3874 &primary_channel);
3875 if (hw_mode == NUM_HOSTAPD_MODES)
3876 goto edmg_fail;
3877
3878 hostapd_encode_edmg_chan(ssid->enable_edmg,
3879 ssid->edmg_channel,
3880 primary_channel,
3881 &configured_edmg);
3882
3883 if (ieee802_edmg_is_allowed(params.freq.edmg,
3884 configured_edmg)) {
3885 params.freq.edmg = configured_edmg;
3886 wpa_printf(MSG_DEBUG,
3887 "Use EDMG channel %d for connection",
3888 ssid->edmg_channel);
3889 } else {
3890 edmg_fail:
3891 params.freq.edmg.channels = 0;
3892 params.freq.edmg.bw_config = 0;
3893 wpa_printf(MSG_WARNING,
3894 "EDMG channel %d not supported by AP, fallback to DMG",
3895 ssid->edmg_channel);
3896 }
3897 }
3898
3899 if (params.freq.edmg.channels) {
3900 wpa_printf(MSG_DEBUG,
3901 "EDMG before: channels 0x%x, bw_config %d",
3902 params.freq.edmg.channels,
3903 params.freq.edmg.bw_config);
3904 params.freq.edmg = get_supported_edmg(wpa_s,
3905 ¶ms.freq,
3906 params.freq.edmg);
3907 wpa_printf(MSG_DEBUG,
3908 "EDMG after: channels 0x%x, bw_config %d",
3909 params.freq.edmg.channels,
3910 params.freq.edmg.bw_config);
3911 }
3912 }
3913
3914 params.pairwise_suite = cipher_pairwise;
3915 params.group_suite = cipher_group;
3916 params.mgmt_group_suite = cipher_group_mgmt;
3917 params.key_mgmt_suite = wpa_s->key_mgmt;
3918 params.wpa_proto = wpa_s->wpa_proto;
3919 wpa_s->auth_alg = params.auth_alg;
3920 params.mode = ssid->mode;
3921 params.bg_scan_period = ssid->bg_scan_period;
3922 #ifdef CONFIG_WEP
3923 {
3924 int i;
3925
3926 for (i = 0; i < NUM_WEP_KEYS; i++) {
3927 if (ssid->wep_key_len[i])
3928 params.wep_key[i] = ssid->wep_key[i];
3929 params.wep_key_len[i] = ssid->wep_key_len[i];
3930 }
3931 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
3932 }
3933 #endif /* CONFIG_WEP */
3934
3935 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
3936 (
3937 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
3938 (params.key_mgmt_suite & WPA_KEY_MGMT_PSK) ||
3939 #else
3940 params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3941 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
3942 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
3943 params.passphrase = ssid->passphrase;
3944 if (ssid->psk_set)
3945 params.psk = ssid->psk;
3946 }
3947
3948 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
3949 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3950 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3951 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3952 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
3953 params.req_handshake_offload = 1;
3954
3955 if (wpa_s->conf->key_mgmt_offload) {
3956 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
3957 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
3958 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
3959 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
3960 params.req_key_mgmt_offload =
3961 ssid->proactive_key_caching < 0 ?
3962 wpa_s->conf->okc : ssid->proactive_key_caching;
3963 else
3964 params.req_key_mgmt_offload = 1;
3965
3966 if ((
3967 #if defined(CONFIG_DRIVER_NL80211_BRCM) || defined(CONFIG_DRIVER_NL80211_SYNA)
3968 (params.key_mgmt_suite & WPA_KEY_MGMT_PSK) ||
3969 #else
3970 params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
3971 #endif /* CONFIG_DRIVER_NL80211_BRCM || CONFIG_DRIVER_NL80211_SYNA */
3972 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
3973 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
3974 ssid->psk_set)
3975 params.psk = ssid->psk;
3976 }
3977
3978 params.drop_unencrypted = use_crypt;
3979
3980 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
3981 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
3982 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
3983 struct wpa_ie_data ie;
3984 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
3985 ie.capabilities &
3986 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
3987 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
3988 "MFP: require MFP");
3989 params.mgmt_frame_protection =
3990 MGMT_FRAME_PROTECTION_REQUIRED;
3991 #ifdef CONFIG_OWE
3992 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
3993 !ssid->owe_only) {
3994 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
3995 #endif /* CONFIG_OWE */
3996 }
3997 }
3998
3999 params.p2p = ssid->p2p_group;
4000
4001 if (wpa_s->p2pdev->set_sta_uapsd)
4002 params.uapsd = wpa_s->p2pdev->sta_uapsd;
4003 else
4004 params.uapsd = -1;
4005
4006 #ifdef CONFIG_HT_OVERRIDES
4007 os_memset(&htcaps, 0, sizeof(htcaps));
4008 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
4009 params.htcaps = (u8 *) &htcaps;
4010 params.htcaps_mask = (u8 *) &htcaps_mask;
4011 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
4012 #endif /* CONFIG_HT_OVERRIDES */
4013 #ifdef CONFIG_VHT_OVERRIDES
4014 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
4015 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
4016 params.vhtcaps = &vhtcaps;
4017 params.vhtcaps_mask = &vhtcaps_mask;
4018 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
4019 #endif /* CONFIG_VHT_OVERRIDES */
4020 #ifdef CONFIG_HE_OVERRIDES
4021 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms);
4022 #endif /* CONFIG_HE_OVERRIDES */
4023
4024 #ifdef CONFIG_P2P
4025 /*
4026 * If multi-channel concurrency is not supported, check for any
4027 * frequency conflict. In case of any frequency conflict, remove the
4028 * least prioritized connection.
4029 */
4030 if (wpa_s->num_multichan_concurrent < 2) {
4031 int freq, num;
4032 num = get_shared_radio_freqs(wpa_s, &freq, 1);
4033 if (num > 0 && freq > 0 && freq != params.freq.freq) {
4034 wpa_printf(MSG_DEBUG,
4035 "Assoc conflicting freq found (%d != %d)",
4036 freq, params.freq.freq);
4037 if (wpas_p2p_handle_frequency_conflicts(
4038 wpa_s, params.freq.freq, ssid) < 0) {
4039 wpas_connect_work_done(wpa_s);
4040 os_free(wpa_ie);
4041 return;
4042 }
4043 }
4044 }
4045 #endif /* CONFIG_P2P */
4046
4047 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
4048 wpa_s->current_ssid)
4049 params.prev_bssid = prev_bssid;
4050
4051 #ifdef CONFIG_SAE
4052 params.sae_pwe = wpa_s->conf->sae_pwe;
4053 #endif /* CONFIG_SAE */
4054
4055 ret = wpa_drv_associate(wpa_s, ¶ms);
4056 os_free(wpa_ie);
4057 if (ret < 0) {
4058 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
4059 "failed");
4060 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) {
4061 /*
4062 * The driver is known to mean what is saying, so we
4063 * can stop right here; the association will not
4064 * succeed.
4065 */
4066 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
4067 wpa_s->assoc_status_code = WLAN_STATUS_UNSPECIFIED_FAILURE;
4068 wpas_notify_assoc_status_code(wpa_s, wpa_s->pending_bssid, 0, NULL, 0);
4069 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4070 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4071 return;
4072 }
4073 /* try to continue anyway; new association will be tried again
4074 * after timeout */
4075 assoc_failed = 1;
4076 }
4077
4078 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4079 /* Set the key after the association just in case association
4080 * cleared the previously configured key. */
4081 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4082 /* No need to timeout authentication since there is no key
4083 * management. */
4084 wpa_supplicant_cancel_auth_timeout(wpa_s);
4085 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
4086 #ifdef CONFIG_IBSS_RSN
4087 } else if (ssid->mode == WPAS_MODE_IBSS &&
4088 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
4089 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
4090 /*
4091 * RSN IBSS authentication is per-STA and we can disable the
4092 * per-BSSID authentication.
4093 */
4094 wpa_supplicant_cancel_auth_timeout(wpa_s);
4095 #endif /* CONFIG_IBSS_RSN */
4096 } else {
4097 /* Timeout for IEEE 802.11 authentication and association */
4098 int timeout = 60;
4099
4100 if (assoc_failed) {
4101 /* give IBSS a bit more time */
4102 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
4103 } else if (wpa_s->conf->ap_scan == 1) {
4104 /* give IBSS a bit more time */
4105 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
4106 }
4107 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4108 }
4109
4110 #ifdef CONFIG_WEP
4111 if (wep_keys_set &&
4112 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
4113 /* Set static WEP keys again */
4114 wpa_set_wep_keys(wpa_s, ssid);
4115 }
4116 #endif /* CONFIG_WEP */
4117
4118 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
4119 /*
4120 * Do not allow EAP session resumption between different
4121 * network configurations.
4122 */
4123 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4124 }
4125 old_ssid = wpa_s->current_ssid;
4126 wpa_s->current_ssid = ssid;
4127
4128 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4129 wpa_s->current_bss = bss;
4130 #ifdef CONFIG_HS20
4131 hs20_configure_frame_filters(wpa_s);
4132 #endif /* CONFIG_HS20 */
4133 }
4134
4135 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
4136 wpa_supplicant_initiate_eapol(wpa_s);
4137 if (old_ssid != wpa_s->current_ssid)
4138 wpas_notify_network_changed(wpa_s);
4139 }
4140
4141
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)4142 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
4143 const u8 *addr)
4144 {
4145 struct wpa_ssid *old_ssid;
4146
4147 wpas_connect_work_done(wpa_s);
4148 wpa_clear_keys(wpa_s, addr);
4149 old_ssid = wpa_s->current_ssid;
4150 wpa_supplicant_mark_disassoc(wpa_s);
4151 wpa_sm_set_config(wpa_s->wpa, NULL);
4152 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4153 if (old_ssid != wpa_s->current_ssid)
4154 wpas_notify_network_changed(wpa_s);
4155
4156 wpas_scs_deinit(wpa_s);
4157 wpas_dscp_deinit(wpa_s);
4158 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4159 }
4160
4161
4162 /**
4163 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
4164 * @wpa_s: Pointer to wpa_supplicant data
4165 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
4166 *
4167 * This function is used to request %wpa_supplicant to deauthenticate from the
4168 * current AP.
4169 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,u16 reason_code)4170 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4171 u16 reason_code)
4172 {
4173 u8 *addr = NULL;
4174 union wpa_event_data event;
4175 int zero_addr = 0;
4176
4177 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
4178 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
4179 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
4180 reason_code, reason2str(reason_code),
4181 wpa_supplicant_state_txt(wpa_s->wpa_state));
4182
4183 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
4184 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
4185 wpa_s->wpa_state == WPA_ASSOCIATING))
4186 addr = wpa_s->pending_bssid;
4187 else if (!is_zero_ether_addr(wpa_s->bssid))
4188 addr = wpa_s->bssid;
4189 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
4190 /*
4191 * When using driver-based BSS selection, we may not know the
4192 * BSSID with which we are currently trying to associate. We
4193 * need to notify the driver of this disconnection even in such
4194 * a case, so use the all zeros address here.
4195 */
4196 addr = wpa_s->bssid;
4197 zero_addr = 1;
4198 }
4199
4200 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
4201 wpa_s->enabled_4addr_mode = 0;
4202
4203 #ifdef CONFIG_TDLS
4204 wpa_tdls_teardown_peers(wpa_s->wpa);
4205 #endif /* CONFIG_TDLS */
4206
4207 #ifdef CONFIG_MESH
4208 if (wpa_s->ifmsh) {
4209 struct mesh_conf *mconf;
4210
4211 mconf = wpa_s->ifmsh->mconf;
4212 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
4213 wpa_s->ifname);
4214 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
4215 mconf->meshid_len, reason_code);
4216 wpa_supplicant_leave_mesh(wpa_s, true);
4217 }
4218 #endif /* CONFIG_MESH */
4219
4220 if (addr) {
4221 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
4222 os_memset(&event, 0, sizeof(event));
4223 event.deauth_info.reason_code = reason_code;
4224 event.deauth_info.locally_generated = 1;
4225 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
4226 if (zero_addr)
4227 addr = NULL;
4228 }
4229
4230 wpa_supplicant_clear_connection(wpa_s, addr);
4231 }
4232
4233
wpa_supplicant_reconnect(struct wpa_supplicant * wpa_s)4234 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
4235 {
4236 wpa_s->own_reconnect_req = 1;
4237 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
4238
4239 }
4240
4241
wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4242 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
4243 struct wpa_ssid *ssid)
4244 {
4245 if (!ssid || !ssid->disabled || ssid->disabled == 2)
4246 return;
4247
4248 ssid->disabled = 0;
4249 ssid->owe_transition_bss_select_count = 0;
4250 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4251 wpas_notify_network_enabled_changed(wpa_s, ssid);
4252
4253 /*
4254 * Try to reassociate since there is no current configuration and a new
4255 * network was made available.
4256 */
4257 if (!wpa_s->current_ssid && !wpa_s->disconnected)
4258 wpa_s->reassociate = 1;
4259 }
4260
4261
4262 /**
4263 * wpa_supplicant_add_network - Add a new network
4264 * @wpa_s: wpa_supplicant structure for a network interface
4265 * Returns: The new network configuration or %NULL if operation failed
4266 *
4267 * This function performs the following operations:
4268 * 1. Adds a new network.
4269 * 2. Send network addition notification.
4270 * 3. Marks the network disabled.
4271 * 4. Set network default parameters.
4272 */
wpa_supplicant_add_network(struct wpa_supplicant * wpa_s)4273 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
4274 {
4275 struct wpa_ssid *ssid;
4276
4277 ssid = wpa_config_add_network(wpa_s->conf);
4278 if (!ssid)
4279 return NULL;
4280 wpas_notify_network_added(wpa_s, ssid);
4281 ssid->disabled = 1;
4282 wpa_config_set_network_defaults(ssid);
4283
4284 return ssid;
4285 }
4286
4287
4288 /**
4289 * wpa_supplicant_remove_network - Remove a configured network based on id
4290 * @wpa_s: wpa_supplicant structure for a network interface
4291 * @id: Unique network id to search for
4292 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
4293 * could not be removed
4294 *
4295 * This function performs the following operations:
4296 * 1. Removes the network.
4297 * 2. Send network removal notification.
4298 * 3. Update internal state machines.
4299 * 4. Stop any running sched scans.
4300 */
wpa_supplicant_remove_network(struct wpa_supplicant * wpa_s,int id)4301 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
4302 {
4303 struct wpa_ssid *ssid, *prev = wpa_s->current_ssid;
4304 int was_disabled;
4305
4306 ssid = wpa_config_get_network(wpa_s->conf, id);
4307 if (!ssid)
4308 return -1;
4309 wpas_notify_network_removed(wpa_s, ssid);
4310
4311 if (ssid == prev || !prev) {
4312 #ifdef CONFIG_SME
4313 wpa_s->sme.prev_bssid_set = 0;
4314 #endif /* CONFIG_SME */
4315 /*
4316 * Invalidate the EAP session cache if the current or
4317 * previously used network is removed.
4318 */
4319 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4320 }
4321
4322 if (ssid == prev) {
4323 wpa_sm_set_config(wpa_s->wpa, NULL);
4324 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4325
4326 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4327 wpa_s->own_disconnect_req = 1;
4328 wpa_supplicant_deauthenticate(wpa_s,
4329 WLAN_REASON_DEAUTH_LEAVING);
4330 }
4331
4332 was_disabled = ssid->disabled;
4333
4334 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
4335 return -2;
4336
4337 if (!was_disabled && wpa_s->sched_scanning) {
4338 wpa_printf(MSG_DEBUG,
4339 "Stop ongoing sched_scan to remove network from filters");
4340 wpa_supplicant_cancel_sched_scan(wpa_s);
4341 wpa_supplicant_req_scan(wpa_s, 0, 0);
4342 }
4343
4344 return 0;
4345 }
4346
4347
4348 /**
4349 * wpa_supplicant_remove_all_networks - Remove all configured networks
4350 * @wpa_s: wpa_supplicant structure for a network interface
4351 * Returns: 0 on success (errors are currently ignored)
4352 *
4353 * This function performs the following operations:
4354 * 1. Remove all networks.
4355 * 2. Send network removal notifications.
4356 * 3. Update internal state machines.
4357 * 4. Stop any running sched scans.
4358 */
wpa_supplicant_remove_all_networks(struct wpa_supplicant * wpa_s)4359 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
4360 {
4361 struct wpa_ssid *ssid;
4362
4363 if (wpa_s->sched_scanning)
4364 wpa_supplicant_cancel_sched_scan(wpa_s);
4365
4366 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4367 if (wpa_s->current_ssid) {
4368 #ifdef CONFIG_SME
4369 wpa_s->sme.prev_bssid_set = 0;
4370 #endif /* CONFIG_SME */
4371 wpa_sm_set_config(wpa_s->wpa, NULL);
4372 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4373 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4374 wpa_s->own_disconnect_req = 1;
4375 wpa_supplicant_deauthenticate(
4376 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4377 }
4378 ssid = wpa_s->conf->ssid;
4379 while (ssid) {
4380 struct wpa_ssid *remove_ssid = ssid;
4381 int id;
4382
4383 id = ssid->id;
4384 ssid = ssid->next;
4385 wpas_notify_network_removed(wpa_s, remove_ssid);
4386 wpa_config_remove_network(wpa_s->conf, id);
4387 }
4388 return 0;
4389 }
4390
4391
4392 /**
4393 * wpa_supplicant_enable_network - Mark a configured network as enabled
4394 * @wpa_s: wpa_supplicant structure for a network interface
4395 * @ssid: wpa_ssid structure for a configured network or %NULL
4396 *
4397 * Enables the specified network or all networks if no network specified.
4398 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4399 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
4400 struct wpa_ssid *ssid)
4401 {
4402 if (ssid == NULL) {
4403 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4404 wpa_supplicant_enable_one_network(wpa_s, ssid);
4405 } else
4406 wpa_supplicant_enable_one_network(wpa_s, ssid);
4407
4408 if (wpa_s->reassociate && !wpa_s->disconnected &&
4409 (!wpa_s->current_ssid ||
4410 wpa_s->wpa_state == WPA_DISCONNECTED ||
4411 wpa_s->wpa_state == WPA_SCANNING)) {
4412 if (wpa_s->sched_scanning) {
4413 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
4414 "new network to scan filters");
4415 wpa_supplicant_cancel_sched_scan(wpa_s);
4416 }
4417
4418 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
4419 wpa_s->scan_req = NORMAL_SCAN_REQ;
4420 wpa_supplicant_req_scan(wpa_s, 0, 0);
4421 }
4422 }
4423 }
4424
4425
4426 /**
4427 * wpa_supplicant_disable_network - Mark a configured network as disabled
4428 * @wpa_s: wpa_supplicant structure for a network interface
4429 * @ssid: wpa_ssid structure for a configured network or %NULL
4430 *
4431 * Disables the specified network or all networks if no network specified.
4432 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4433 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
4434 struct wpa_ssid *ssid)
4435 {
4436 struct wpa_ssid *other_ssid;
4437 int was_disabled;
4438
4439 if (ssid == NULL) {
4440 if (wpa_s->sched_scanning)
4441 wpa_supplicant_cancel_sched_scan(wpa_s);
4442
4443 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4444 other_ssid = other_ssid->next) {
4445 was_disabled = other_ssid->disabled;
4446 if (was_disabled == 2)
4447 continue; /* do not change persistent P2P group
4448 * data */
4449
4450 other_ssid->disabled = 1;
4451
4452 if (was_disabled != other_ssid->disabled)
4453 wpas_notify_network_enabled_changed(
4454 wpa_s, other_ssid);
4455 }
4456 if (wpa_s->current_ssid) {
4457 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4458 wpa_s->own_disconnect_req = 1;
4459 wpa_supplicant_deauthenticate(
4460 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4461 }
4462 } else if (ssid->disabled != 2) {
4463 if (ssid == wpa_s->current_ssid) {
4464 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4465 wpa_s->own_disconnect_req = 1;
4466 wpa_supplicant_deauthenticate(
4467 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4468 }
4469
4470 was_disabled = ssid->disabled;
4471
4472 ssid->disabled = 1;
4473
4474 if (was_disabled != ssid->disabled) {
4475 wpas_notify_network_enabled_changed(wpa_s, ssid);
4476 if (wpa_s->sched_scanning) {
4477 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4478 "to remove network from filters");
4479 wpa_supplicant_cancel_sched_scan(wpa_s);
4480 wpa_supplicant_req_scan(wpa_s, 0, 0);
4481 }
4482 }
4483 }
4484 }
4485
4486
4487 /**
4488 * wpa_supplicant_select_network - Attempt association with a network
4489 * @wpa_s: wpa_supplicant structure for a network interface
4490 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4491 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4492 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4493 struct wpa_ssid *ssid)
4494 {
4495
4496 struct wpa_ssid *other_ssid;
4497 int disconnected = 0;
4498
4499 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
4500 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4501 wpa_s->own_disconnect_req = 1;
4502 wpa_supplicant_deauthenticate(
4503 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4504 disconnected = 1;
4505 }
4506
4507 if (ssid)
4508 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4509
4510 /*
4511 * Mark all other networks disabled or mark all networks enabled if no
4512 * network specified.
4513 */
4514 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4515 other_ssid = other_ssid->next) {
4516 int was_disabled = other_ssid->disabled;
4517 if (was_disabled == 2)
4518 continue; /* do not change persistent P2P group data */
4519
4520 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
4521 if (was_disabled && !other_ssid->disabled)
4522 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
4523
4524 if (was_disabled != other_ssid->disabled)
4525 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
4526 }
4527
4528 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4529 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4530 /* We are already associated with the selected network */
4531 wpa_printf(MSG_DEBUG, "Already associated with the "
4532 "selected network - do nothing");
4533 return;
4534 }
4535
4536 if (ssid) {
4537 wpa_s->current_ssid = ssid;
4538 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4539 wpa_s->connect_without_scan =
4540 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
4541
4542 /*
4543 * Don't optimize next scan freqs since a new ESS has been
4544 * selected.
4545 */
4546 os_free(wpa_s->next_scan_freqs);
4547 wpa_s->next_scan_freqs = NULL;
4548 } else {
4549 wpa_s->connect_without_scan = NULL;
4550 }
4551
4552 wpa_s->disconnected = 0;
4553 wpa_s->reassociate = 1;
4554 wpa_s_clear_sae_rejected(wpa_s);
4555 wpa_s->last_owe_group = 0;
4556 if (ssid) {
4557 ssid->owe_transition_bss_select_count = 0;
4558 wpa_s_setup_sae_pt(wpa_s->conf, ssid);
4559 }
4560
4561 if (wpa_s->connect_without_scan ||
4562 wpa_supplicant_fast_associate(wpa_s) != 1) {
4563 wpa_s->scan_req = NORMAL_SCAN_REQ;
4564 wpas_scan_reset_sched_scan(wpa_s);
4565 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
4566 }
4567
4568 if (ssid)
4569 wpas_notify_network_selected(wpa_s, ssid);
4570 }
4571
4572
4573 /**
4574 * wpas_remove_cred - Remove the specified credential and all the network
4575 * entries created based on the removed credential
4576 * @wpa_s: wpa_supplicant structure for a network interface
4577 * @cred: The credential to remove
4578 * Returns: 0 on success, -1 on failure
4579 */
wpas_remove_cred(struct wpa_supplicant * wpa_s,struct wpa_cred * cred)4580 int wpas_remove_cred(struct wpa_supplicant *wpa_s, struct wpa_cred *cred)
4581 {
4582 struct wpa_ssid *ssid, *next;
4583 int id;
4584
4585 if (!cred) {
4586 wpa_printf(MSG_DEBUG, "Could not find cred");
4587 return -1;
4588 }
4589
4590 id = cred->id;
4591 if (wpa_config_remove_cred(wpa_s->conf, id) < 0) {
4592 wpa_printf(MSG_DEBUG, "Could not find cred %d", id);
4593 return -1;
4594 }
4595
4596 wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id);
4597
4598 /* Remove any network entry created based on the removed credential */
4599 ssid = wpa_s->conf->ssid;
4600 while (ssid) {
4601 next = ssid->next;
4602
4603 if (ssid->parent_cred == cred) {
4604 wpa_printf(MSG_DEBUG,
4605 "Remove network id %d since it used the removed credential",
4606 ssid->id);
4607 if (wpa_supplicant_remove_network(wpa_s, ssid->id) ==
4608 -1) {
4609 wpa_printf(MSG_DEBUG,
4610 "Could not find network id=%d",
4611 ssid->id);
4612 }
4613 }
4614
4615 ssid = next;
4616 }
4617
4618 return 0;
4619 }
4620
4621
4622 /**
4623 * wpas_remove_cred - Remove all the Interworking credentials
4624 * @wpa_s: wpa_supplicant structure for a network interface
4625 * Returns: 0 on success, -1 on failure
4626 */
wpas_remove_all_creds(struct wpa_supplicant * wpa_s)4627 int wpas_remove_all_creds(struct wpa_supplicant *wpa_s)
4628 {
4629 int res, ret = 0;
4630 struct wpa_cred *cred, *prev;
4631
4632 cred = wpa_s->conf->cred;
4633 while (cred) {
4634 prev = cred;
4635 cred = cred->next;
4636 res = wpas_remove_cred(wpa_s, prev);
4637 if (res < 0) {
4638 wpa_printf(MSG_DEBUG,
4639 "Removal of all credentials failed - failed to remove credential id=%d",
4640 prev->id);
4641 ret = -1;
4642 }
4643 }
4644
4645 return ret;
4646 }
4647
4648
4649 /**
4650 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
4651 * @wpa_s: wpa_supplicant structure for a network interface
4652 * @pkcs11_engine_path: PKCS #11 engine path or NULL
4653 * @pkcs11_module_path: PKCS #11 module path or NULL
4654 * Returns: 0 on success; -1 on failure
4655 *
4656 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
4657 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
4658 * module path fails the paths will be reset to the default value (NULL).
4659 */
wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)4660 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
4661 const char *pkcs11_engine_path,
4662 const char *pkcs11_module_path)
4663 {
4664 char *pkcs11_engine_path_copy = NULL;
4665 char *pkcs11_module_path_copy = NULL;
4666
4667 if (pkcs11_engine_path != NULL) {
4668 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
4669 if (pkcs11_engine_path_copy == NULL)
4670 return -1;
4671 }
4672 if (pkcs11_module_path != NULL) {
4673 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
4674 if (pkcs11_module_path_copy == NULL) {
4675 os_free(pkcs11_engine_path_copy);
4676 return -1;
4677 }
4678 }
4679
4680 os_free(wpa_s->conf->pkcs11_engine_path);
4681 os_free(wpa_s->conf->pkcs11_module_path);
4682 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
4683 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
4684
4685 wpa_sm_set_eapol(wpa_s->wpa, NULL);
4686 eapol_sm_deinit(wpa_s->eapol);
4687 wpa_s->eapol = NULL;
4688 if (wpa_supplicant_init_eapol(wpa_s)) {
4689 /* Error -> Reset paths to the default value (NULL) once. */
4690 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
4691 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
4692 NULL);
4693
4694 return -1;
4695 }
4696 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
4697
4698 return 0;
4699 }
4700
4701
4702 /**
4703 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
4704 * @wpa_s: wpa_supplicant structure for a network interface
4705 * @ap_scan: AP scan mode
4706 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
4707 *
4708 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)4709 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
4710 {
4711
4712 int old_ap_scan;
4713
4714 if (ap_scan < 0 || ap_scan > 2)
4715 return -1;
4716
4717 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
4718 wpa_printf(MSG_INFO,
4719 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
4720 }
4721
4722 #ifdef ANDROID
4723 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
4724 wpa_s->wpa_state >= WPA_ASSOCIATING &&
4725 wpa_s->wpa_state < WPA_COMPLETED) {
4726 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
4727 "associating", wpa_s->conf->ap_scan, ap_scan);
4728 return 0;
4729 }
4730 #endif /* ANDROID */
4731
4732 old_ap_scan = wpa_s->conf->ap_scan;
4733 wpa_s->conf->ap_scan = ap_scan;
4734
4735 if (old_ap_scan != wpa_s->conf->ap_scan)
4736 wpas_notify_ap_scan_changed(wpa_s);
4737
4738 return 0;
4739 }
4740
4741
4742 /**
4743 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
4744 * @wpa_s: wpa_supplicant structure for a network interface
4745 * @expire_age: Expiration age in seconds
4746 * Returns: 0 if succeed or -1 if expire_age has an invalid value
4747 *
4748 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)4749 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
4750 unsigned int bss_expire_age)
4751 {
4752 if (bss_expire_age < 10) {
4753 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
4754 bss_expire_age);
4755 return -1;
4756 }
4757 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
4758 bss_expire_age);
4759 wpa_s->conf->bss_expiration_age = bss_expire_age;
4760
4761 return 0;
4762 }
4763
4764
4765 /**
4766 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
4767 * @wpa_s: wpa_supplicant structure for a network interface
4768 * @expire_count: number of scans after which an unseen BSS is reclaimed
4769 * Returns: 0 if succeed or -1 if expire_count has an invalid value
4770 *
4771 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)4772 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
4773 unsigned int bss_expire_count)
4774 {
4775 if (bss_expire_count < 1) {
4776 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
4777 bss_expire_count);
4778 return -1;
4779 }
4780 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
4781 bss_expire_count);
4782 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
4783
4784 return 0;
4785 }
4786
4787
4788 /**
4789 * wpa_supplicant_set_scan_interval - Set scan interval
4790 * @wpa_s: wpa_supplicant structure for a network interface
4791 * @scan_interval: scan interval in seconds
4792 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
4793 *
4794 */
wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)4795 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
4796 int scan_interval)
4797 {
4798 if (scan_interval < 0) {
4799 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
4800 scan_interval);
4801 return -1;
4802 }
4803 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
4804 scan_interval);
4805 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
4806
4807 return 0;
4808 }
4809
4810
4811 /**
4812 * wpa_supplicant_set_debug_params - Set global debug params
4813 * @global: wpa_global structure
4814 * @debug_level: debug level
4815 * @debug_timestamp: determines if show timestamp in debug data
4816 * @debug_show_keys: determines if show keys in debug data
4817 * Returns: 0 if succeed or -1 if debug_level has wrong value
4818 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)4819 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
4820 int debug_timestamp, int debug_show_keys)
4821 {
4822
4823 int old_level, old_timestamp, old_show_keys;
4824
4825 /* check for allowed debuglevels */
4826 if (debug_level != MSG_EXCESSIVE &&
4827 debug_level != MSG_MSGDUMP &&
4828 debug_level != MSG_DEBUG &&
4829 debug_level != MSG_INFO &&
4830 debug_level != MSG_WARNING &&
4831 debug_level != MSG_ERROR)
4832 return -1;
4833
4834 old_level = wpa_debug_level;
4835 old_timestamp = wpa_debug_timestamp;
4836 old_show_keys = wpa_debug_show_keys;
4837
4838 wpa_debug_level = debug_level;
4839 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
4840 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
4841
4842 if (wpa_debug_level != old_level)
4843 wpas_notify_debug_level_changed(global);
4844 if (wpa_debug_timestamp != old_timestamp)
4845 wpas_notify_debug_timestamp_changed(global);
4846 if (wpa_debug_show_keys != old_show_keys)
4847 wpas_notify_debug_show_keys_changed(global);
4848
4849 return 0;
4850 }
4851
4852
4853 #ifdef CONFIG_OWE
owe_trans_ssid_match(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * entry_ssid,size_t entry_ssid_len)4854 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
4855 const u8 *entry_ssid, size_t entry_ssid_len)
4856 {
4857 const u8 *owe, *pos, *end;
4858 u8 ssid_len;
4859 struct wpa_bss *bss;
4860
4861 /* Check network profile SSID aganst the SSID in the
4862 * OWE Transition Mode element. */
4863
4864 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
4865 if (!bss)
4866 return 0;
4867
4868 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
4869 if (!owe)
4870 return 0;
4871
4872 pos = owe + 6;
4873 end = owe + 2 + owe[1];
4874
4875 if (end - pos < ETH_ALEN + 1)
4876 return 0;
4877 pos += ETH_ALEN;
4878 ssid_len = *pos++;
4879 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
4880 return 0;
4881
4882 return entry_ssid_len == ssid_len &&
4883 os_memcmp(pos, entry_ssid, ssid_len) == 0;
4884 }
4885 #endif /* CONFIG_OWE */
4886
4887
4888 /**
4889 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
4890 * @wpa_s: Pointer to wpa_supplicant data
4891 * Returns: A pointer to the current network structure or %NULL on failure
4892 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)4893 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
4894 {
4895 struct wpa_ssid *entry;
4896 u8 ssid[SSID_MAX_LEN];
4897 int res;
4898 size_t ssid_len;
4899 u8 bssid[ETH_ALEN];
4900 int wired;
4901
4902 res = wpa_drv_get_ssid(wpa_s, ssid);
4903 if (res < 0) {
4904 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
4905 "driver");
4906 return NULL;
4907 }
4908 ssid_len = res;
4909
4910 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
4911 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
4912 "driver");
4913 return NULL;
4914 }
4915
4916 wired = wpa_s->conf->ap_scan == 0 &&
4917 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
4918
4919 entry = wpa_s->conf->ssid;
4920 while (entry) {
4921 if (!wpas_network_disabled(wpa_s, entry) &&
4922 ((ssid_len == entry->ssid_len &&
4923 (!entry->ssid ||
4924 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
4925 wired) &&
4926 (!entry->bssid_set ||
4927 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4928 return entry;
4929 #ifdef CONFIG_WPS
4930 if (!wpas_network_disabled(wpa_s, entry) &&
4931 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
4932 (entry->ssid == NULL || entry->ssid_len == 0) &&
4933 (!entry->bssid_set ||
4934 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4935 return entry;
4936 #endif /* CONFIG_WPS */
4937
4938 #ifdef CONFIG_OWE
4939 if (!wpas_network_disabled(wpa_s, entry) &&
4940 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
4941 entry->ssid_len) &&
4942 (!entry->bssid_set ||
4943 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
4944 return entry;
4945 #endif /* CONFIG_OWE */
4946
4947 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
4948 entry->ssid_len == 0 &&
4949 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
4950 return entry;
4951
4952 entry = entry->next;
4953 }
4954
4955 return NULL;
4956 }
4957
4958
select_driver(struct wpa_supplicant * wpa_s,int i)4959 static int select_driver(struct wpa_supplicant *wpa_s, int i)
4960 {
4961 struct wpa_global *global = wpa_s->global;
4962
4963 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
4964 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
4965 if (global->drv_priv[i] == NULL) {
4966 wpa_printf(MSG_ERROR, "Failed to initialize driver "
4967 "'%s'", wpa_drivers[i]->name);
4968 return -1;
4969 }
4970 }
4971
4972 wpa_s->driver = wpa_drivers[i];
4973 wpa_s->global_drv_priv = global->drv_priv[i];
4974
4975 return 0;
4976 }
4977
4978
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)4979 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
4980 const char *name)
4981 {
4982 int i;
4983 size_t len;
4984 const char *pos, *driver = name;
4985
4986 if (wpa_s == NULL)
4987 return -1;
4988
4989 if (wpa_drivers[0] == NULL) {
4990 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
4991 "wpa_supplicant");
4992 return -1;
4993 }
4994
4995 if (name == NULL) {
4996 /* Default to first successful driver in the list */
4997 for (i = 0; wpa_drivers[i]; i++) {
4998 if (select_driver(wpa_s, i) == 0)
4999 return 0;
5000 }
5001 /* Drivers have each reported failure, so no wpa_msg() here. */
5002 return -1;
5003 }
5004
5005 do {
5006 pos = os_strchr(driver, ',');
5007 if (pos)
5008 len = pos - driver;
5009 else
5010 len = os_strlen(driver);
5011
5012 for (i = 0; wpa_drivers[i]; i++) {
5013 if (os_strlen(wpa_drivers[i]->name) == len &&
5014 os_strncmp(driver, wpa_drivers[i]->name, len) ==
5015 0) {
5016 /* First driver that succeeds wins */
5017 if (select_driver(wpa_s, i) == 0)
5018 return 0;
5019 }
5020 }
5021
5022 driver = pos + 1;
5023 } while (pos);
5024
5025 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
5026 return -1;
5027 }
5028
5029
5030 /**
5031 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
5032 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
5033 * with struct wpa_driver_ops::init()
5034 * @src_addr: Source address of the EAPOL frame
5035 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
5036 * @len: Length of the EAPOL data
5037 *
5038 * This function is called for each received EAPOL frame. Most driver
5039 * interfaces rely on more generic OS mechanism for receiving frames through
5040 * l2_packet, but if such a mechanism is not available, the driver wrapper may
5041 * take care of received EAPOL frames and deliver them to the core supplicant
5042 * code by calling this function.
5043 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)5044 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
5045 const u8 *buf, size_t len)
5046 {
5047 struct wpa_supplicant *wpa_s = ctx;
5048
5049 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
5050 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
5051
5052 if (wpa_s->own_disconnect_req) {
5053 wpa_printf(MSG_DEBUG,
5054 "Drop received EAPOL frame as we are disconnecting");
5055 return;
5056 }
5057
5058 #ifdef CONFIG_TESTING_OPTIONS
5059 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu",
5060 MAC2STR(src_addr), len);
5061 if (wpa_s->ignore_auth_resp) {
5062 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
5063 return;
5064 }
5065 #endif /* CONFIG_TESTING_OPTIONS */
5066
5067 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
5068 (wpa_s->last_eapol_matches_bssid &&
5069 #ifdef CONFIG_AP
5070 !wpa_s->ap_iface &&
5071 #endif /* CONFIG_AP */
5072 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
5073 /*
5074 * There is possible race condition between receiving the
5075 * association event and the EAPOL frame since they are coming
5076 * through different paths from the driver. In order to avoid
5077 * issues in trying to process the EAPOL frame before receiving
5078 * association information, lets queue it for processing until
5079 * the association event is received. This may also be needed in
5080 * driver-based roaming case, so also use src_addr != BSSID as a
5081 * trigger if we have previously confirmed that the
5082 * Authenticator uses BSSID as the src_addr (which is not the
5083 * case with wired IEEE 802.1X).
5084 */
5085 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
5086 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
5087 wpa_supplicant_state_txt(wpa_s->wpa_state),
5088 MAC2STR(wpa_s->bssid));
5089 wpabuf_free(wpa_s->pending_eapol_rx);
5090 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
5091 if (wpa_s->pending_eapol_rx) {
5092 os_get_reltime(&wpa_s->pending_eapol_rx_time);
5093 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
5094 ETH_ALEN);
5095 }
5096 return;
5097 }
5098
5099 wpa_s->last_eapol_matches_bssid =
5100 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
5101
5102 #ifdef CONFIG_AP
5103 if (wpa_s->ap_iface) {
5104 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
5105 return;
5106 }
5107 #endif /* CONFIG_AP */
5108
5109 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
5110 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
5111 "no key management is configured");
5112 return;
5113 }
5114
5115 if (wpa_s->eapol_received == 0 &&
5116 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
5117 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
5118 wpa_s->wpa_state != WPA_COMPLETED) &&
5119 (wpa_s->current_ssid == NULL ||
5120 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
5121 /* Timeout for completing IEEE 802.1X and WPA authentication */
5122 int timeout = 10;
5123
5124 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
5125 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
5126 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
5127 /* Use longer timeout for IEEE 802.1X/EAP */
5128 timeout = 70;
5129 }
5130
5131 #ifdef CONFIG_WPS
5132 if (wpa_s->current_ssid && wpa_s->current_bss &&
5133 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
5134 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
5135 /*
5136 * Use shorter timeout if going through WPS AP iteration
5137 * for PIN config method with an AP that does not
5138 * advertise Selected Registrar.
5139 */
5140 struct wpabuf *wps_ie;
5141
5142 wps_ie = wpa_bss_get_vendor_ie_multi(
5143 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
5144 if (wps_ie &&
5145 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5146 timeout = 10;
5147 wpabuf_free(wps_ie);
5148 }
5149 #endif /* CONFIG_WPS */
5150
5151 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
5152 }
5153 wpa_s->eapol_received++;
5154
5155 if (wpa_s->countermeasures) {
5156 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
5157 "EAPOL packet");
5158 return;
5159 }
5160
5161 #ifdef CONFIG_IBSS_RSN
5162 if (wpa_s->current_ssid &&
5163 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
5164 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
5165 return;
5166 }
5167 #endif /* CONFIG_IBSS_RSN */
5168
5169 /* Source address of the incoming EAPOL frame could be compared to the
5170 * current BSSID. However, it is possible that a centralized
5171 * Authenticator could be using another MAC address than the BSSID of
5172 * an AP, so just allow any address to be used for now. The replies are
5173 * still sent to the current BSSID (if available), though. */
5174
5175 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
5176 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
5177 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
5178 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
5179 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
5180 return;
5181 wpa_drv_poll(wpa_s);
5182 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
5183 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
5184 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
5185 /*
5186 * Set portValid = true here since we are going to skip 4-way
5187 * handshake processing which would normally set portValid. We
5188 * need this to allow the EAPOL state machines to be completed
5189 * without going through EAPOL-Key handshake.
5190 */
5191 eapol_sm_notify_portValid(wpa_s->eapol, true);
5192 }
5193 }
5194
5195
wpas_eapol_needs_l2_packet(struct wpa_supplicant * wpa_s)5196 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s)
5197 {
5198 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) ||
5199 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX);
5200 }
5201
5202
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)5203 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
5204 {
5205 if ((!wpa_s->p2p_mgmt ||
5206 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
5207 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
5208 l2_packet_deinit(wpa_s->l2);
5209 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
5210 wpa_drv_get_mac_addr(wpa_s),
5211 ETH_P_EAPOL,
5212 wpas_eapol_needs_l2_packet(wpa_s) ?
5213 wpa_supplicant_rx_eapol : NULL,
5214 wpa_s, 0);
5215 if (wpa_s->l2 == NULL)
5216 return -1;
5217
5218 if (l2_packet_set_packet_filter(wpa_s->l2,
5219 L2_PACKET_FILTER_PKTTYPE))
5220 wpa_dbg(wpa_s, MSG_DEBUG,
5221 "Failed to attach pkt_type filter");
5222
5223 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
5224 wpa_msg(wpa_s, MSG_ERROR,
5225 "Failed to get own L2 address");
5226 return -1;
5227 }
5228 } else {
5229 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
5230 if (addr)
5231 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
5232 }
5233
5234 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5235 wpas_wps_update_mac_addr(wpa_s);
5236
5237 #ifdef CONFIG_FST
5238 if (wpa_s->fst)
5239 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
5240 #endif /* CONFIG_FST */
5241
5242 return 0;
5243 }
5244
5245
wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)5246 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
5247 const u8 *buf, size_t len)
5248 {
5249 struct wpa_supplicant *wpa_s = ctx;
5250 const struct l2_ethhdr *eth;
5251
5252 if (len < sizeof(*eth))
5253 return;
5254 eth = (const struct l2_ethhdr *) buf;
5255
5256 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
5257 !(eth->h_dest[0] & 0x01)) {
5258 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5259 " (bridge - not for this interface - ignore)",
5260 MAC2STR(src_addr), MAC2STR(eth->h_dest));
5261 return;
5262 }
5263
5264 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5265 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
5266 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
5267 len - sizeof(*eth));
5268 }
5269
5270
wpa_supplicant_update_bridge_ifname(struct wpa_supplicant * wpa_s,const char * bridge_ifname)5271 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
5272 const char *bridge_ifname)
5273 {
5274 if (wpa_s->wpa_state > WPA_SCANNING)
5275 return -EBUSY;
5276
5277 if (bridge_ifname &&
5278 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
5279 return -EINVAL;
5280
5281 if (!bridge_ifname)
5282 bridge_ifname = "";
5283
5284 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
5285 return 0;
5286
5287 if (wpa_s->l2_br) {
5288 l2_packet_deinit(wpa_s->l2_br);
5289 wpa_s->l2_br = NULL;
5290 }
5291
5292 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
5293 sizeof(wpa_s->bridge_ifname));
5294
5295 if (wpa_s->bridge_ifname[0]) {
5296 wpa_dbg(wpa_s, MSG_DEBUG,
5297 "Receiving packets from bridge interface '%s'",
5298 wpa_s->bridge_ifname);
5299 wpa_s->l2_br = l2_packet_init_bridge(
5300 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5301 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5302 if (!wpa_s->l2_br) {
5303 wpa_msg(wpa_s, MSG_ERROR,
5304 "Failed to open l2_packet connection for the bridge interface '%s'",
5305 wpa_s->bridge_ifname);
5306 goto fail;
5307 }
5308 }
5309
5310 #ifdef CONFIG_TDLS
5311 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
5312 goto fail;
5313 #endif /* CONFIG_TDLS */
5314
5315 return 0;
5316 fail:
5317 wpa_s->bridge_ifname[0] = 0;
5318 if (wpa_s->l2_br) {
5319 l2_packet_deinit(wpa_s->l2_br);
5320 wpa_s->l2_br = NULL;
5321 }
5322 #ifdef CONFIG_TDLS
5323 if (!wpa_s->p2p_mgmt)
5324 wpa_tdls_init(wpa_s->wpa);
5325 #endif /* CONFIG_TDLS */
5326 return -EIO;
5327 }
5328
5329
5330 /**
5331 * wpa_supplicant_driver_init - Initialize driver interface parameters
5332 * @wpa_s: Pointer to wpa_supplicant data
5333 * Returns: 0 on success, -1 on failure
5334 *
5335 * This function is called to initialize driver interface parameters.
5336 * wpa_drv_init() must have been called before this function to initialize the
5337 * driver interface.
5338 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)5339 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
5340 {
5341 static int interface_count = 0;
5342
5343 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
5344 return -1;
5345
5346 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
5347 MAC2STR(wpa_s->own_addr));
5348 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
5349 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5350
5351 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) {
5352 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
5353 "interface '%s'", wpa_s->bridge_ifname);
5354 wpa_s->l2_br = l2_packet_init_bridge(
5355 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5356 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5357 if (wpa_s->l2_br == NULL) {
5358 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
5359 "connection for the bridge interface '%s'",
5360 wpa_s->bridge_ifname);
5361 return -1;
5362 }
5363 }
5364
5365 if (wpa_s->conf->ap_scan == 2 &&
5366 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5367 wpa_printf(MSG_INFO,
5368 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5369 }
5370
5371 wpa_clear_keys(wpa_s, NULL);
5372
5373 /* Make sure that TKIP countermeasures are not left enabled (could
5374 * happen if wpa_supplicant is killed during countermeasures. */
5375 wpa_drv_set_countermeasures(wpa_s, 0);
5376
5377 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
5378 wpa_drv_flush_pmkid(wpa_s);
5379
5380 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
5381 wpa_s->prev_scan_wildcard = 0;
5382
5383 if (wpa_supplicant_enabled_networks(wpa_s)) {
5384 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
5385 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5386 interface_count = 0;
5387 }
5388 #ifndef ANDROID
5389 if (!wpa_s->p2p_mgmt &&
5390 wpa_supplicant_delayed_sched_scan(wpa_s,
5391 interface_count % 3,
5392 100000))
5393 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
5394 100000);
5395 #endif /* ANDROID */
5396 interface_count++;
5397 } else
5398 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
5399
5400 return 0;
5401 }
5402
5403
wpa_supplicant_daemon(const char * pid_file)5404 static int wpa_supplicant_daemon(const char *pid_file)
5405 {
5406 wpa_printf(MSG_DEBUG, "Daemonize..");
5407 return os_daemonize(pid_file);
5408 }
5409
5410
5411 static struct wpa_supplicant *
wpa_supplicant_alloc(struct wpa_supplicant * parent)5412 wpa_supplicant_alloc(struct wpa_supplicant *parent)
5413 {
5414 struct wpa_supplicant *wpa_s;
5415
5416 wpa_s = os_zalloc(sizeof(*wpa_s));
5417 if (wpa_s == NULL)
5418 return NULL;
5419 wpa_s->scan_req = INITIAL_SCAN_REQ;
5420 wpa_s->scan_interval = 5;
5421 wpa_s->new_connection = 1;
5422 wpa_s->parent = parent ? parent : wpa_s;
5423 wpa_s->p2pdev = wpa_s->parent;
5424 wpa_s->sched_scanning = 0;
5425 wpa_s->setband_mask = WPA_SETBAND_AUTO;
5426
5427 dl_list_init(&wpa_s->bss_tmp_disallowed);
5428 dl_list_init(&wpa_s->fils_hlp_req);
5429 #ifdef CONFIG_TESTING_OPTIONS
5430 dl_list_init(&wpa_s->drv_signal_override);
5431 #endif /* CONFIG_TESTING_OPTIONS */
5432 dl_list_init(&wpa_s->active_scs_ids);
5433
5434 return wpa_s;
5435 }
5436
5437
5438 #ifdef CONFIG_HT_OVERRIDES
5439
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)5440 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
5441 struct ieee80211_ht_capabilities *htcaps,
5442 struct ieee80211_ht_capabilities *htcaps_mask,
5443 const char *ht_mcs)
5444 {
5445 /* parse ht_mcs into hex array */
5446 int i;
5447 const char *tmp = ht_mcs;
5448 char *end = NULL;
5449
5450 /* If ht_mcs is null, do not set anything */
5451 if (!ht_mcs)
5452 return 0;
5453
5454 /* This is what we are setting in the kernel */
5455 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
5456
5457 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
5458
5459 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
5460 long v;
5461
5462 errno = 0;
5463 v = strtol(tmp, &end, 16);
5464
5465 if (errno == 0) {
5466 wpa_msg(wpa_s, MSG_DEBUG,
5467 "htcap value[%i]: %ld end: %p tmp: %p",
5468 i, v, end, tmp);
5469 if (end == tmp)
5470 break;
5471
5472 htcaps->supported_mcs_set[i] = v;
5473 tmp = end;
5474 } else {
5475 wpa_msg(wpa_s, MSG_ERROR,
5476 "Failed to parse ht-mcs: %s, error: %s\n",
5477 ht_mcs, strerror(errno));
5478 return -1;
5479 }
5480 }
5481
5482 /*
5483 * If we were able to parse any values, then set mask for the MCS set.
5484 */
5485 if (i) {
5486 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
5487 IEEE80211_HT_MCS_MASK_LEN - 1);
5488 /* skip the 3 reserved bits */
5489 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
5490 0x1f;
5491 }
5492
5493 return 0;
5494 }
5495
5496
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5497 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
5498 struct ieee80211_ht_capabilities *htcaps,
5499 struct ieee80211_ht_capabilities *htcaps_mask,
5500 int disabled)
5501 {
5502 le16 msk;
5503
5504 if (disabled == -1)
5505 return 0;
5506
5507 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
5508
5509 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
5510 htcaps_mask->ht_capabilities_info |= msk;
5511 if (disabled)
5512 htcaps->ht_capabilities_info &= msk;
5513 else
5514 htcaps->ht_capabilities_info |= msk;
5515
5516 return 0;
5517 }
5518
5519
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)5520 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
5521 struct ieee80211_ht_capabilities *htcaps,
5522 struct ieee80211_ht_capabilities *htcaps_mask,
5523 int factor)
5524 {
5525 if (factor == -1)
5526 return 0;
5527
5528 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
5529
5530 if (factor < 0 || factor > 3) {
5531 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
5532 "Must be 0-3 or -1", factor);
5533 return -EINVAL;
5534 }
5535
5536 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
5537 htcaps->a_mpdu_params &= ~0x3;
5538 htcaps->a_mpdu_params |= factor & 0x3;
5539
5540 return 0;
5541 }
5542
5543
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)5544 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
5545 struct ieee80211_ht_capabilities *htcaps,
5546 struct ieee80211_ht_capabilities *htcaps_mask,
5547 int density)
5548 {
5549 if (density == -1)
5550 return 0;
5551
5552 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
5553
5554 if (density < 0 || density > 7) {
5555 wpa_msg(wpa_s, MSG_ERROR,
5556 "ampdu_density: %d out of range. Must be 0-7 or -1.",
5557 density);
5558 return -EINVAL;
5559 }
5560
5561 htcaps_mask->a_mpdu_params |= 0x1C;
5562 htcaps->a_mpdu_params &= ~(0x1C);
5563 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
5564
5565 return 0;
5566 }
5567
5568
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5569 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
5570 struct ieee80211_ht_capabilities *htcaps,
5571 struct ieee80211_ht_capabilities *htcaps_mask,
5572 int disabled)
5573 {
5574 if (disabled)
5575 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
5576
5577 set_disable_ht40(htcaps, disabled);
5578 set_disable_ht40(htcaps_mask, 0);
5579
5580 return 0;
5581 }
5582
5583
wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5584 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
5585 struct ieee80211_ht_capabilities *htcaps,
5586 struct ieee80211_ht_capabilities *htcaps_mask,
5587 int disabled)
5588 {
5589 /* Masking these out disables SGI */
5590 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
5591 HT_CAP_INFO_SHORT_GI40MHZ);
5592
5593 if (disabled)
5594 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
5595
5596 if (disabled)
5597 htcaps->ht_capabilities_info &= ~msk;
5598 else
5599 htcaps->ht_capabilities_info |= msk;
5600
5601 htcaps_mask->ht_capabilities_info |= msk;
5602
5603 return 0;
5604 }
5605
5606
wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5607 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
5608 struct ieee80211_ht_capabilities *htcaps,
5609 struct ieee80211_ht_capabilities *htcaps_mask,
5610 int disabled)
5611 {
5612 /* Masking these out disables LDPC */
5613 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
5614
5615 if (disabled)
5616 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
5617
5618 if (disabled)
5619 htcaps->ht_capabilities_info &= ~msk;
5620 else
5621 htcaps->ht_capabilities_info |= msk;
5622
5623 htcaps_mask->ht_capabilities_info |= msk;
5624
5625 return 0;
5626 }
5627
5628
wpa_set_tx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int tx_stbc)5629 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
5630 struct ieee80211_ht_capabilities *htcaps,
5631 struct ieee80211_ht_capabilities *htcaps_mask,
5632 int tx_stbc)
5633 {
5634 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
5635
5636 if (tx_stbc == -1)
5637 return 0;
5638
5639 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
5640
5641 if (tx_stbc < 0 || tx_stbc > 1) {
5642 wpa_msg(wpa_s, MSG_ERROR,
5643 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
5644 return -EINVAL;
5645 }
5646
5647 htcaps_mask->ht_capabilities_info |= msk;
5648 htcaps->ht_capabilities_info &= ~msk;
5649 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
5650
5651 return 0;
5652 }
5653
5654
wpa_set_rx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int rx_stbc)5655 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
5656 struct ieee80211_ht_capabilities *htcaps,
5657 struct ieee80211_ht_capabilities *htcaps_mask,
5658 int rx_stbc)
5659 {
5660 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
5661
5662 if (rx_stbc == -1)
5663 return 0;
5664
5665 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
5666
5667 if (rx_stbc < 0 || rx_stbc > 3) {
5668 wpa_msg(wpa_s, MSG_ERROR,
5669 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
5670 return -EINVAL;
5671 }
5672
5673 htcaps_mask->ht_capabilities_info |= msk;
5674 htcaps->ht_capabilities_info &= ~msk;
5675 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
5676
5677 return 0;
5678 }
5679
5680
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5681 void wpa_supplicant_apply_ht_overrides(
5682 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5683 struct wpa_driver_associate_params *params)
5684 {
5685 struct ieee80211_ht_capabilities *htcaps;
5686 struct ieee80211_ht_capabilities *htcaps_mask;
5687
5688 if (!ssid)
5689 return;
5690
5691 params->disable_ht = ssid->disable_ht;
5692 if (!params->htcaps || !params->htcaps_mask)
5693 return;
5694
5695 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
5696 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
5697 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
5698 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
5699 ssid->disable_max_amsdu);
5700 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
5701 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
5702 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
5703 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
5704 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
5705 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
5706 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
5707
5708 if (ssid->ht40_intolerant) {
5709 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
5710 htcaps->ht_capabilities_info |= bit;
5711 htcaps_mask->ht_capabilities_info |= bit;
5712 }
5713 }
5714
5715 #endif /* CONFIG_HT_OVERRIDES */
5716
5717
5718 #ifdef CONFIG_VHT_OVERRIDES
wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5719 void wpa_supplicant_apply_vht_overrides(
5720 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5721 struct wpa_driver_associate_params *params)
5722 {
5723 struct ieee80211_vht_capabilities *vhtcaps;
5724 struct ieee80211_vht_capabilities *vhtcaps_mask;
5725
5726 if (!ssid)
5727 return;
5728
5729 params->disable_vht = ssid->disable_vht;
5730
5731 vhtcaps = (void *) params->vhtcaps;
5732 vhtcaps_mask = (void *) params->vhtcaps_mask;
5733
5734 if (!vhtcaps || !vhtcaps_mask)
5735 return;
5736
5737 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
5738 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
5739
5740 #ifdef CONFIG_HT_OVERRIDES
5741 if (ssid->disable_sgi) {
5742 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
5743 VHT_CAP_SHORT_GI_160);
5744 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
5745 VHT_CAP_SHORT_GI_160);
5746 wpa_msg(wpa_s, MSG_DEBUG,
5747 "disable-sgi override specified, vht-caps: 0x%x",
5748 vhtcaps->vht_capabilities_info);
5749 }
5750
5751 /* if max ampdu is <= 3, we have to make the HT cap the same */
5752 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
5753 int max_ampdu;
5754
5755 max_ampdu = (ssid->vht_capa &
5756 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
5757 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
5758
5759 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
5760 wpa_set_ampdu_factor(wpa_s,
5761 (void *) params->htcaps,
5762 (void *) params->htcaps_mask,
5763 max_ampdu);
5764 }
5765 #endif /* CONFIG_HT_OVERRIDES */
5766
5767 #define OVERRIDE_MCS(i) \
5768 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
5769 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
5770 host_to_le16(3 << 2 * (i - 1)); \
5771 vhtcaps->vht_supported_mcs_set.tx_map |= \
5772 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
5773 2 * (i - 1)); \
5774 } \
5775 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
5776 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
5777 host_to_le16(3 << 2 * (i - 1)); \
5778 vhtcaps->vht_supported_mcs_set.rx_map |= \
5779 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
5780 2 * (i - 1)); \
5781 }
5782
5783 OVERRIDE_MCS(1);
5784 OVERRIDE_MCS(2);
5785 OVERRIDE_MCS(3);
5786 OVERRIDE_MCS(4);
5787 OVERRIDE_MCS(5);
5788 OVERRIDE_MCS(6);
5789 OVERRIDE_MCS(7);
5790 OVERRIDE_MCS(8);
5791 }
5792 #endif /* CONFIG_VHT_OVERRIDES */
5793
5794
5795 #ifdef CONFIG_HE_OVERRIDES
wpa_supplicant_apply_he_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)5796 void wpa_supplicant_apply_he_overrides(
5797 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
5798 struct wpa_driver_associate_params *params)
5799 {
5800 if (!ssid)
5801 return;
5802
5803 params->disable_he = ssid->disable_he;
5804 }
5805 #endif /* CONFIG_HE_OVERRIDES */
5806
5807
pcsc_reader_init(struct wpa_supplicant * wpa_s)5808 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
5809 {
5810 #ifdef PCSC_FUNCS
5811 size_t len;
5812
5813 if (!wpa_s->conf->pcsc_reader)
5814 return 0;
5815
5816 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
5817 if (!wpa_s->scard)
5818 return 1;
5819
5820 if (wpa_s->conf->pcsc_pin &&
5821 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
5822 scard_deinit(wpa_s->scard);
5823 wpa_s->scard = NULL;
5824 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
5825 return -1;
5826 }
5827
5828 len = sizeof(wpa_s->imsi) - 1;
5829 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
5830 scard_deinit(wpa_s->scard);
5831 wpa_s->scard = NULL;
5832 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
5833 return -1;
5834 }
5835 wpa_s->imsi[len] = '\0';
5836
5837 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
5838
5839 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
5840 wpa_s->imsi, wpa_s->mnc_len);
5841
5842 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
5843 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
5844 #endif /* PCSC_FUNCS */
5845
5846 return 0;
5847 }
5848
5849
wpas_init_ext_pw(struct wpa_supplicant * wpa_s)5850 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
5851 {
5852 char *val, *pos;
5853
5854 ext_password_deinit(wpa_s->ext_pw);
5855 wpa_s->ext_pw = NULL;
5856 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
5857
5858 if (!wpa_s->conf->ext_password_backend)
5859 return 0;
5860
5861 val = os_strdup(wpa_s->conf->ext_password_backend);
5862 if (val == NULL)
5863 return -1;
5864 pos = os_strchr(val, ':');
5865 if (pos)
5866 *pos++ = '\0';
5867
5868 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
5869
5870 wpa_s->ext_pw = ext_password_init(val, pos);
5871 os_free(val);
5872 if (wpa_s->ext_pw == NULL) {
5873 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
5874 return -1;
5875 }
5876 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
5877
5878 return 0;
5879 }
5880
5881
5882 #ifdef CONFIG_FST
5883
wpas_fst_get_bssid_cb(void * ctx)5884 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
5885 {
5886 struct wpa_supplicant *wpa_s = ctx;
5887
5888 return (is_zero_ether_addr(wpa_s->bssid) ||
5889 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
5890 }
5891
5892
wpas_fst_get_channel_info_cb(void * ctx,enum hostapd_hw_mode * hw_mode,u8 * channel)5893 static void wpas_fst_get_channel_info_cb(void *ctx,
5894 enum hostapd_hw_mode *hw_mode,
5895 u8 *channel)
5896 {
5897 struct wpa_supplicant *wpa_s = ctx;
5898
5899 if (wpa_s->current_bss) {
5900 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
5901 channel);
5902 } else if (wpa_s->hw.num_modes) {
5903 *hw_mode = wpa_s->hw.modes[0].mode;
5904 } else {
5905 WPA_ASSERT(0);
5906 *hw_mode = 0;
5907 }
5908 }
5909
5910
wpas_fst_get_hw_modes(void * ctx,struct hostapd_hw_modes ** modes)5911 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
5912 {
5913 struct wpa_supplicant *wpa_s = ctx;
5914
5915 *modes = wpa_s->hw.modes;
5916 return wpa_s->hw.num_modes;
5917 }
5918
5919
wpas_fst_set_ies_cb(void * ctx,const struct wpabuf * fst_ies)5920 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
5921 {
5922 struct wpa_supplicant *wpa_s = ctx;
5923
5924 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
5925 wpa_s->fst_ies = fst_ies;
5926 }
5927
5928
wpas_fst_send_action_cb(void * ctx,const u8 * da,struct wpabuf * data)5929 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
5930 {
5931 struct wpa_supplicant *wpa_s = ctx;
5932
5933 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
5934 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
5935 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
5936 return -1;
5937 }
5938 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
5939 wpa_s->own_addr, wpa_s->bssid,
5940 wpabuf_head(data), wpabuf_len(data),
5941 0);
5942 }
5943
5944
wpas_fst_get_mb_ie_cb(void * ctx,const u8 * addr)5945 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
5946 {
5947 struct wpa_supplicant *wpa_s = ctx;
5948
5949 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5950 return wpa_s->received_mb_ies;
5951 }
5952
5953
wpas_fst_update_mb_ie_cb(void * ctx,const u8 * addr,const u8 * buf,size_t size)5954 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
5955 const u8 *buf, size_t size)
5956 {
5957 struct wpa_supplicant *wpa_s = ctx;
5958 struct mb_ies_info info;
5959
5960 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
5961
5962 if (!mb_ies_info_by_ies(&info, buf, size)) {
5963 wpabuf_free(wpa_s->received_mb_ies);
5964 wpa_s->received_mb_ies = mb_ies_by_info(&info);
5965 }
5966 }
5967
5968
wpas_fst_get_peer_first(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)5969 static const u8 * wpas_fst_get_peer_first(void *ctx,
5970 struct fst_get_peer_ctx **get_ctx,
5971 bool mb_only)
5972 {
5973 struct wpa_supplicant *wpa_s = ctx;
5974
5975 *get_ctx = NULL;
5976 if (!is_zero_ether_addr(wpa_s->bssid))
5977 return (wpa_s->received_mb_ies || !mb_only) ?
5978 wpa_s->bssid : NULL;
5979 return NULL;
5980 }
5981
5982
wpas_fst_get_peer_next(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)5983 static const u8 * wpas_fst_get_peer_next(void *ctx,
5984 struct fst_get_peer_ctx **get_ctx,
5985 bool mb_only)
5986 {
5987 return NULL;
5988 }
5989
fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant * wpa_s,struct fst_wpa_obj * iface_obj)5990 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
5991 struct fst_wpa_obj *iface_obj)
5992 {
5993 iface_obj->ctx = wpa_s;
5994 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
5995 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
5996 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
5997 iface_obj->set_ies = wpas_fst_set_ies_cb;
5998 iface_obj->send_action = wpas_fst_send_action_cb;
5999 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
6000 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
6001 iface_obj->get_peer_first = wpas_fst_get_peer_first;
6002 iface_obj->get_peer_next = wpas_fst_get_peer_next;
6003 }
6004 #endif /* CONFIG_FST */
6005
wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)6006 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6007 const struct wpa_driver_capa *capa)
6008 {
6009 struct wowlan_triggers *triggers;
6010 int ret = 0;
6011
6012 if (!wpa_s->conf->wowlan_triggers)
6013 return 0;
6014
6015 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
6016 if (triggers) {
6017 ret = wpa_drv_wowlan(wpa_s, triggers);
6018 os_free(triggers);
6019 }
6020 return ret;
6021 }
6022
6023
wpas_freq_to_band(int freq)6024 enum wpa_radio_work_band wpas_freq_to_band(int freq)
6025 {
6026 if (freq < 3000)
6027 return BAND_2_4_GHZ;
6028 if (freq > 50000)
6029 return BAND_60_GHZ;
6030 return BAND_5_GHZ;
6031 }
6032
6033
wpas_get_bands(struct wpa_supplicant * wpa_s,const int * freqs)6034 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
6035 {
6036 int i;
6037 unsigned int band = 0;
6038
6039 if (freqs) {
6040 /* freqs are specified for the radio work */
6041 for (i = 0; freqs[i]; i++)
6042 band |= wpas_freq_to_band(freqs[i]);
6043 } else {
6044 /*
6045 * freqs are not specified, implies all
6046 * the supported freqs by HW
6047 */
6048 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6049 if (wpa_s->hw.modes[i].num_channels != 0) {
6050 if (wpa_s->hw.modes[i].mode ==
6051 HOSTAPD_MODE_IEEE80211B ||
6052 wpa_s->hw.modes[i].mode ==
6053 HOSTAPD_MODE_IEEE80211G)
6054 band |= BAND_2_4_GHZ;
6055 else if (wpa_s->hw.modes[i].mode ==
6056 HOSTAPD_MODE_IEEE80211A)
6057 band |= BAND_5_GHZ;
6058 else if (wpa_s->hw.modes[i].mode ==
6059 HOSTAPD_MODE_IEEE80211AD)
6060 band |= BAND_60_GHZ;
6061 else if (wpa_s->hw.modes[i].mode ==
6062 HOSTAPD_MODE_IEEE80211ANY)
6063 band = BAND_2_4_GHZ | BAND_5_GHZ |
6064 BAND_60_GHZ;
6065 }
6066 }
6067 }
6068
6069 return band;
6070 }
6071
6072
radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)6073 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
6074 const char *rn)
6075 {
6076 struct wpa_supplicant *iface = wpa_s->global->ifaces;
6077 struct wpa_radio *radio;
6078
6079 while (rn && iface) {
6080 radio = iface->radio;
6081 if (radio && os_strcmp(rn, radio->name) == 0) {
6082 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
6083 wpa_s->ifname, rn);
6084 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6085 return radio;
6086 }
6087
6088 iface = iface->next;
6089 }
6090
6091 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
6092 wpa_s->ifname, rn ? rn : "N/A");
6093 radio = os_zalloc(sizeof(*radio));
6094 if (radio == NULL)
6095 return NULL;
6096
6097 if (rn)
6098 os_strlcpy(radio->name, rn, sizeof(radio->name));
6099 dl_list_init(&radio->ifaces);
6100 dl_list_init(&radio->work);
6101 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6102
6103 return radio;
6104 }
6105
6106
radio_work_free(struct wpa_radio_work * work)6107 static void radio_work_free(struct wpa_radio_work *work)
6108 {
6109 if (work->wpa_s->scan_work == work) {
6110 /* This should not really happen. */
6111 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
6112 work->type, work, work->started);
6113 work->wpa_s->scan_work = NULL;
6114 }
6115
6116 #ifdef CONFIG_P2P
6117 if (work->wpa_s->p2p_scan_work == work) {
6118 /* This should not really happen. */
6119 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
6120 work->type, work, work->started);
6121 work->wpa_s->p2p_scan_work = NULL;
6122 }
6123 #endif /* CONFIG_P2P */
6124
6125 if (work->started) {
6126 work->wpa_s->radio->num_active_works--;
6127 wpa_dbg(work->wpa_s, MSG_DEBUG,
6128 "radio_work_free('%s'@%p): num_active_works --> %u",
6129 work->type, work,
6130 work->wpa_s->radio->num_active_works);
6131 }
6132
6133 dl_list_del(&work->list);
6134 os_free(work);
6135 }
6136
6137
radio_work_is_connect(struct wpa_radio_work * work)6138 static int radio_work_is_connect(struct wpa_radio_work *work)
6139 {
6140 return os_strcmp(work->type, "sme-connect") == 0 ||
6141 os_strcmp(work->type, "connect") == 0;
6142 }
6143
6144
radio_work_is_scan(struct wpa_radio_work * work)6145 static int radio_work_is_scan(struct wpa_radio_work *work)
6146 {
6147 return os_strcmp(work->type, "scan") == 0 ||
6148 os_strcmp(work->type, "p2p-scan") == 0;
6149 }
6150
6151
radio_work_get_next_work(struct wpa_radio * radio)6152 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
6153 {
6154 struct wpa_radio_work *active_work = NULL;
6155 struct wpa_radio_work *tmp;
6156
6157 /* Get the active work to know the type and band. */
6158 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6159 if (tmp->started) {
6160 active_work = tmp;
6161 break;
6162 }
6163 }
6164
6165 if (!active_work) {
6166 /* No active work, start one */
6167 radio->num_active_works = 0;
6168 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
6169 list) {
6170 if (os_strcmp(tmp->type, "scan") == 0 &&
6171 external_scan_running(radio) &&
6172 (((struct wpa_driver_scan_params *)
6173 tmp->ctx)->only_new_results ||
6174 tmp->wpa_s->clear_driver_scan_cache))
6175 continue;
6176 return tmp;
6177 }
6178 return NULL;
6179 }
6180
6181 if (radio_work_is_connect(active_work)) {
6182 /*
6183 * If the active work is either connect or sme-connect,
6184 * do not parallelize them with other radio works.
6185 */
6186 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6187 "Do not parallelize radio work with %s",
6188 active_work->type);
6189 return NULL;
6190 }
6191
6192 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6193 if (tmp->started)
6194 continue;
6195
6196 /*
6197 * If connect or sme-connect are enqueued, parallelize only
6198 * those operations ahead of them in the queue.
6199 */
6200 if (radio_work_is_connect(tmp))
6201 break;
6202
6203 /* Serialize parallel scan and p2p_scan operations on the same
6204 * interface since the driver_nl80211 mechanism for tracking
6205 * scan cookies does not yet have support for this. */
6206 if (active_work->wpa_s == tmp->wpa_s &&
6207 radio_work_is_scan(active_work) &&
6208 radio_work_is_scan(tmp)) {
6209 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6210 "Do not start work '%s' when another work '%s' is already scheduled",
6211 tmp->type, active_work->type);
6212 continue;
6213 }
6214 /*
6215 * Check that the radio works are distinct and
6216 * on different bands.
6217 */
6218 if (os_strcmp(active_work->type, tmp->type) != 0 &&
6219 (active_work->bands != tmp->bands)) {
6220 /*
6221 * If a scan has to be scheduled through nl80211 scan
6222 * interface and if an external scan is already running,
6223 * do not schedule the scan since it is likely to get
6224 * rejected by kernel.
6225 */
6226 if (os_strcmp(tmp->type, "scan") == 0 &&
6227 external_scan_running(radio) &&
6228 (((struct wpa_driver_scan_params *)
6229 tmp->ctx)->only_new_results ||
6230 tmp->wpa_s->clear_driver_scan_cache))
6231 continue;
6232
6233 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6234 "active_work:%s new_work:%s",
6235 active_work->type, tmp->type);
6236 return tmp;
6237 }
6238 }
6239
6240 /* Did not find a radio work to schedule in parallel. */
6241 return NULL;
6242 }
6243
6244
radio_start_next_work(void * eloop_ctx,void * timeout_ctx)6245 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
6246 {
6247 struct wpa_radio *radio = eloop_ctx;
6248 struct wpa_radio_work *work;
6249 struct os_reltime now, diff;
6250 struct wpa_supplicant *wpa_s;
6251
6252 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
6253 if (work == NULL) {
6254 radio->num_active_works = 0;
6255 return;
6256 }
6257
6258 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
6259 radio_list);
6260
6261 if (!(wpa_s &&
6262 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
6263 if (work->started)
6264 return; /* already started and still in progress */
6265
6266 if (wpa_s && external_scan_running(wpa_s->radio)) {
6267 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
6268 return;
6269 }
6270 } else {
6271 work = NULL;
6272 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
6273 /* get the work to schedule next */
6274 work = radio_work_get_next_work(radio);
6275 }
6276 if (!work)
6277 return;
6278 }
6279
6280 wpa_s = work->wpa_s;
6281 os_get_reltime(&now);
6282 os_reltime_sub(&now, &work->time, &diff);
6283 wpa_dbg(wpa_s, MSG_DEBUG,
6284 "Starting radio work '%s'@%p after %ld.%06ld second wait",
6285 work->type, work, diff.sec, diff.usec);
6286 work->started = 1;
6287 work->time = now;
6288 radio->num_active_works++;
6289
6290 work->cb(work, 0);
6291
6292 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
6293 radio->num_active_works < MAX_ACTIVE_WORKS)
6294 radio_work_check_next(wpa_s);
6295 }
6296
6297
6298 /*
6299 * This function removes both started and pending radio works running on
6300 * the provided interface's radio.
6301 * Prior to the removal of the radio work, its callback (cb) is called with
6302 * deinit set to be 1. Each work's callback is responsible for clearing its
6303 * internal data and restoring to a correct state.
6304 * @wpa_s: wpa_supplicant data
6305 * @type: type of works to be removed
6306 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
6307 * this interface's works.
6308 */
radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)6309 void radio_remove_works(struct wpa_supplicant *wpa_s,
6310 const char *type, int remove_all)
6311 {
6312 struct wpa_radio_work *work, *tmp;
6313 struct wpa_radio *radio = wpa_s->radio;
6314
6315 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
6316 list) {
6317 if (type && os_strcmp(type, work->type) != 0)
6318 continue;
6319
6320 /* skip other ifaces' works */
6321 if (!remove_all && work->wpa_s != wpa_s)
6322 continue;
6323
6324 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
6325 work->type, work, work->started ? " (started)" : "");
6326 work->cb(work, 1);
6327 radio_work_free(work);
6328 }
6329
6330 /* in case we removed the started work */
6331 radio_work_check_next(wpa_s);
6332 }
6333
6334
radio_remove_pending_work(struct wpa_supplicant * wpa_s,void * ctx)6335 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
6336 {
6337 struct wpa_radio_work *work;
6338 struct wpa_radio *radio = wpa_s->radio;
6339
6340 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6341 if (work->ctx != ctx)
6342 continue;
6343 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
6344 work->type, work, work->started ? " (started)" : "");
6345 radio_work_free(work);
6346 break;
6347 }
6348 }
6349
6350
radio_remove_interface(struct wpa_supplicant * wpa_s)6351 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
6352 {
6353 struct wpa_radio *radio = wpa_s->radio;
6354
6355 if (!radio)
6356 return;
6357
6358 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
6359 wpa_s->ifname, radio->name);
6360 dl_list_del(&wpa_s->radio_list);
6361 radio_remove_works(wpa_s, NULL, 0);
6362 /* If the interface that triggered the external scan was removed, the
6363 * external scan is no longer running. */
6364 if (wpa_s == radio->external_scan_req_interface)
6365 radio->external_scan_req_interface = NULL;
6366 wpa_s->radio = NULL;
6367 if (!dl_list_empty(&radio->ifaces))
6368 return; /* Interfaces remain for this radio */
6369
6370 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
6371 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6372 os_free(radio);
6373 }
6374
6375
radio_work_check_next(struct wpa_supplicant * wpa_s)6376 void radio_work_check_next(struct wpa_supplicant *wpa_s)
6377 {
6378 struct wpa_radio *radio = wpa_s->radio;
6379
6380 if (dl_list_empty(&radio->work))
6381 return;
6382 if (wpa_s->ext_work_in_progress) {
6383 wpa_printf(MSG_DEBUG,
6384 "External radio work in progress - delay start of pending item");
6385 return;
6386 }
6387 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6388 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
6389 }
6390
6391
6392 /**
6393 * radio_add_work - Add a radio work item
6394 * @wpa_s: Pointer to wpa_supplicant data
6395 * @freq: Frequency of the offchannel operation in MHz or 0
6396 * @type: Unique identifier for each type of work
6397 * @next: Force as the next work to be executed
6398 * @cb: Callback function for indicating when radio is available
6399 * @ctx: Context pointer for the work (work->ctx in cb())
6400 * Returns: 0 on success, -1 on failure
6401 *
6402 * This function is used to request time for an operation that requires
6403 * exclusive radio control. Once the radio is available, the registered callback
6404 * function will be called. radio_work_done() must be called once the exclusive
6405 * radio operation has been completed, so that the radio is freed for other
6406 * operations. The special case of deinit=1 is used to free the context data
6407 * during interface removal. That does not allow the callback function to start
6408 * the radio operation, i.e., it must free any resources allocated for the radio
6409 * work and return.
6410 *
6411 * The @freq parameter can be used to indicate a single channel on which the
6412 * offchannel operation will occur. This may allow multiple radio work
6413 * operations to be performed in parallel if they apply for the same channel.
6414 * Setting this to 0 indicates that the work item may use multiple channels or
6415 * requires exclusive control of the radio.
6416 */
radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)6417 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
6418 const char *type, int next,
6419 void (*cb)(struct wpa_radio_work *work, int deinit),
6420 void *ctx)
6421 {
6422 struct wpa_radio *radio = wpa_s->radio;
6423 struct wpa_radio_work *work;
6424 int was_empty;
6425
6426 work = os_zalloc(sizeof(*work));
6427 if (work == NULL)
6428 return -1;
6429 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
6430 os_get_reltime(&work->time);
6431 work->freq = freq;
6432 work->type = type;
6433 work->wpa_s = wpa_s;
6434 work->cb = cb;
6435 work->ctx = ctx;
6436
6437 if (freq)
6438 work->bands = wpas_freq_to_band(freq);
6439 else if (os_strcmp(type, "scan") == 0 ||
6440 os_strcmp(type, "p2p-scan") == 0)
6441 work->bands = wpas_get_bands(wpa_s,
6442 ((struct wpa_driver_scan_params *)
6443 ctx)->freqs);
6444 else
6445 work->bands = wpas_get_bands(wpa_s, NULL);
6446
6447 was_empty = dl_list_empty(&wpa_s->radio->work);
6448 if (next)
6449 dl_list_add(&wpa_s->radio->work, &work->list);
6450 else
6451 dl_list_add_tail(&wpa_s->radio->work, &work->list);
6452 if (was_empty) {
6453 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
6454 radio_work_check_next(wpa_s);
6455 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
6456 && radio->num_active_works < MAX_ACTIVE_WORKS) {
6457 wpa_dbg(wpa_s, MSG_DEBUG,
6458 "Try to schedule a radio work (num_active_works=%u)",
6459 radio->num_active_works);
6460 radio_work_check_next(wpa_s);
6461 }
6462
6463 return 0;
6464 }
6465
6466
6467 /**
6468 * radio_work_done - Indicate that a radio work item has been completed
6469 * @work: Completed work
6470 *
6471 * This function is called once the callback function registered with
6472 * radio_add_work() has completed its work.
6473 */
radio_work_done(struct wpa_radio_work * work)6474 void radio_work_done(struct wpa_radio_work *work)
6475 {
6476 struct wpa_supplicant *wpa_s = work->wpa_s;
6477 struct os_reltime now, diff;
6478 unsigned int started = work->started;
6479
6480 os_get_reltime(&now);
6481 os_reltime_sub(&now, &work->time, &diff);
6482 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
6483 work->type, work, started ? "done" : "canceled",
6484 diff.sec, diff.usec);
6485 radio_work_free(work);
6486 if (started)
6487 radio_work_check_next(wpa_s);
6488 }
6489
6490
6491 struct wpa_radio_work *
radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)6492 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
6493 {
6494 struct wpa_radio_work *work;
6495 struct wpa_radio *radio = wpa_s->radio;
6496
6497 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6498 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
6499 return work;
6500 }
6501
6502 return NULL;
6503 }
6504
6505
wpas_init_driver(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6506 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
6507 const struct wpa_interface *iface)
6508 {
6509 const char *ifname, *driver, *rn;
6510
6511 driver = iface->driver;
6512 next_driver:
6513 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
6514 return -1;
6515
6516 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
6517 if (wpa_s->drv_priv == NULL) {
6518 const char *pos;
6519 int level = MSG_ERROR;
6520
6521 pos = driver ? os_strchr(driver, ',') : NULL;
6522 if (pos) {
6523 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
6524 "driver interface - try next driver wrapper");
6525 driver = pos + 1;
6526 goto next_driver;
6527 }
6528
6529 #ifdef CONFIG_MATCH_IFACE
6530 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL)
6531 level = MSG_DEBUG;
6532 #endif /* CONFIG_MATCH_IFACE */
6533 wpa_msg(wpa_s, level, "Failed to initialize driver interface");
6534 return -1;
6535 }
6536 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
6537 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
6538 "driver_param '%s'", wpa_s->conf->driver_param);
6539 return -1;
6540 }
6541
6542 ifname = wpa_drv_get_ifname(wpa_s);
6543 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
6544 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
6545 "interface name with '%s'", ifname);
6546 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
6547 }
6548
6549 rn = wpa_driver_get_radio_name(wpa_s);
6550 if (rn && rn[0] == '\0')
6551 rn = NULL;
6552
6553 wpa_s->radio = radio_add_interface(wpa_s, rn);
6554 if (wpa_s->radio == NULL)
6555 return -1;
6556
6557 return 0;
6558 }
6559
6560
6561 #ifdef CONFIG_GAS_SERVER
6562
wpas_gas_server_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)6563 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
6564 unsigned int freq, const u8 *dst,
6565 const u8 *src, const u8 *bssid,
6566 const u8 *data, size_t data_len,
6567 enum offchannel_send_action_result result)
6568 {
6569 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
6570 " result=%s",
6571 freq, MAC2STR(dst),
6572 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
6573 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
6574 "FAILED"));
6575 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
6576 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
6577 }
6578
6579
wpas_gas_server_tx(void * ctx,int freq,const u8 * da,struct wpabuf * buf,unsigned int wait_time)6580 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
6581 struct wpabuf *buf, unsigned int wait_time)
6582 {
6583 struct wpa_supplicant *wpa_s = ctx;
6584 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
6585
6586 if (wait_time > wpa_s->max_remain_on_chan)
6587 wait_time = wpa_s->max_remain_on_chan;
6588
6589 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
6590 wpabuf_head(buf), wpabuf_len(buf),
6591 wait_time, wpas_gas_server_tx_status, 0);
6592 }
6593
6594 #endif /* CONFIG_GAS_SERVER */
6595
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6596 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
6597 const struct wpa_interface *iface)
6598 {
6599 struct wpa_driver_capa capa;
6600 int capa_res;
6601 u8 dfs_domain;
6602
6603 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
6604 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
6605 iface->confname ? iface->confname : "N/A",
6606 iface->driver ? iface->driver : "default",
6607 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
6608 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
6609
6610 if (iface->confname) {
6611 #ifdef CONFIG_BACKEND_FILE
6612 wpa_s->confname = os_rel2abs_path(iface->confname);
6613 if (wpa_s->confname == NULL) {
6614 wpa_printf(MSG_ERROR, "Failed to get absolute path "
6615 "for configuration file '%s'.",
6616 iface->confname);
6617 return -1;
6618 }
6619 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
6620 iface->confname, wpa_s->confname);
6621 #else /* CONFIG_BACKEND_FILE */
6622 wpa_s->confname = os_strdup(iface->confname);
6623 #endif /* CONFIG_BACKEND_FILE */
6624 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL);
6625 if (wpa_s->conf == NULL) {
6626 wpa_printf(MSG_ERROR, "Failed to read or parse "
6627 "configuration '%s'.", wpa_s->confname);
6628 return -1;
6629 }
6630 wpa_s->confanother = os_rel2abs_path(iface->confanother);
6631 if (wpa_s->confanother &&
6632 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) {
6633 wpa_printf(MSG_ERROR,
6634 "Failed to read or parse configuration '%s'.",
6635 wpa_s->confanother);
6636 return -1;
6637 }
6638
6639 /*
6640 * Override ctrl_interface and driver_param if set on command
6641 * line.
6642 */
6643 if (iface->ctrl_interface) {
6644 os_free(wpa_s->conf->ctrl_interface);
6645 wpa_s->conf->ctrl_interface =
6646 os_strdup(iface->ctrl_interface);
6647 }
6648
6649 if (iface->driver_param) {
6650 os_free(wpa_s->conf->driver_param);
6651 wpa_s->conf->driver_param =
6652 os_strdup(iface->driver_param);
6653 }
6654
6655 if (iface->p2p_mgmt && !iface->ctrl_interface) {
6656 os_free(wpa_s->conf->ctrl_interface);
6657 wpa_s->conf->ctrl_interface = NULL;
6658 }
6659 } else
6660 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
6661 iface->driver_param);
6662
6663 if (wpa_s->conf == NULL) {
6664 wpa_printf(MSG_ERROR, "\nNo configuration found.");
6665 return -1;
6666 }
6667
6668 if (iface->ifname == NULL) {
6669 wpa_printf(MSG_ERROR, "\nInterface name is required.");
6670 return -1;
6671 }
6672 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
6673 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
6674 iface->ifname);
6675 return -1;
6676 }
6677 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
6678 #ifdef CONFIG_MATCH_IFACE
6679 wpa_s->matched = iface->matched;
6680 #endif /* CONFIG_MATCH_IFACE */
6681
6682 if (iface->bridge_ifname) {
6683 if (os_strlen(iface->bridge_ifname) >=
6684 sizeof(wpa_s->bridge_ifname)) {
6685 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
6686 "name '%s'.", iface->bridge_ifname);
6687 return -1;
6688 }
6689 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
6690 sizeof(wpa_s->bridge_ifname));
6691 }
6692
6693 /* RSNA Supplicant Key Management - INITIALIZE */
6694 eapol_sm_notify_portEnabled(wpa_s->eapol, false);
6695 eapol_sm_notify_portValid(wpa_s->eapol, false);
6696
6697 /* Initialize driver interface and register driver event handler before
6698 * L2 receive handler so that association events are processed before
6699 * EAPOL-Key packets if both become available for the same select()
6700 * call. */
6701 if (wpas_init_driver(wpa_s, iface) < 0)
6702 return -1;
6703
6704 if (wpa_supplicant_init_wpa(wpa_s) < 0)
6705 return -1;
6706
6707 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
6708 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
6709 NULL);
6710 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
6711
6712 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
6713 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
6714 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
6715 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6716 "dot11RSNAConfigPMKLifetime");
6717 return -1;
6718 }
6719
6720 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
6721 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
6722 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
6723 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6724 "dot11RSNAConfigPMKReauthThreshold");
6725 return -1;
6726 }
6727
6728 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
6729 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
6730 wpa_s->conf->dot11RSNAConfigSATimeout)) {
6731 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
6732 "dot11RSNAConfigSATimeout");
6733 return -1;
6734 }
6735
6736 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
6737 &wpa_s->hw.num_modes,
6738 &wpa_s->hw.flags,
6739 &dfs_domain);
6740 if (wpa_s->hw.modes) {
6741 u16 i;
6742
6743 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6744 if (wpa_s->hw.modes[i].vht_capab) {
6745 wpa_s->hw_capab = CAPAB_VHT;
6746 break;
6747 }
6748
6749 if (wpa_s->hw.modes[i].ht_capab &
6750 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
6751 wpa_s->hw_capab = CAPAB_HT40;
6752 else if (wpa_s->hw.modes[i].ht_capab &&
6753 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
6754 wpa_s->hw_capab = CAPAB_HT;
6755 }
6756 }
6757
6758 capa_res = wpa_drv_get_capa(wpa_s, &capa);
6759 if (capa_res == 0) {
6760 wpa_s->drv_capa_known = 1;
6761 wpa_s->drv_flags = capa.flags;
6762 wpa_s->drv_flags2 = capa.flags2;
6763 wpa_s->drv_enc = capa.enc;
6764 wpa_s->drv_rrm_flags = capa.rrm_flags;
6765 wpa_s->drv_max_acl_mac_addrs = capa.max_acl_mac_addrs;
6766 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
6767 wpa_s->max_scan_ssids = capa.max_scan_ssids;
6768 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
6769 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
6770 wpa_s->max_sched_scan_plan_interval =
6771 capa.max_sched_scan_plan_interval;
6772 wpa_s->max_sched_scan_plan_iterations =
6773 capa.max_sched_scan_plan_iterations;
6774 wpa_s->sched_scan_supported = capa.sched_scan_supported;
6775 wpa_s->max_match_sets = capa.max_match_sets;
6776 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
6777 wpa_s->max_stations = capa.max_stations;
6778 wpa_s->extended_capa = capa.extended_capa;
6779 wpa_s->extended_capa_mask = capa.extended_capa_mask;
6780 wpa_s->extended_capa_len = capa.extended_capa_len;
6781 wpa_s->num_multichan_concurrent =
6782 capa.num_multichan_concurrent;
6783 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
6784
6785 if (capa.mac_addr_rand_scan_supported)
6786 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
6787 if (wpa_s->sched_scan_supported &&
6788 capa.mac_addr_rand_sched_scan_supported)
6789 wpa_s->mac_addr_rand_supported |=
6790 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
6791
6792 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
6793 if (wpa_s->extended_capa &&
6794 wpa_s->extended_capa_len >= 3 &&
6795 wpa_s->extended_capa[2] & 0x40)
6796 wpa_s->multi_bss_support = 1;
6797 }
6798 if (wpa_s->max_remain_on_chan == 0)
6799 wpa_s->max_remain_on_chan = 1000;
6800
6801 /*
6802 * Only take p2p_mgmt parameters when P2P Device is supported.
6803 * Doing it here as it determines whether l2_packet_init() will be done
6804 * during wpa_supplicant_driver_init().
6805 */
6806 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
6807 wpa_s->p2p_mgmt = iface->p2p_mgmt;
6808
6809 if (wpa_s->num_multichan_concurrent == 0)
6810 wpa_s->num_multichan_concurrent = 1;
6811
6812 if (wpa_supplicant_driver_init(wpa_s) < 0)
6813 return -1;
6814
6815 #ifdef CONFIG_TDLS
6816 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
6817 return -1;
6818 #endif /* CONFIG_TDLS */
6819
6820 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
6821 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
6822 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
6823 return -1;
6824 }
6825
6826 #ifdef CONFIG_FST
6827 if (wpa_s->conf->fst_group_id) {
6828 struct fst_iface_cfg cfg;
6829 struct fst_wpa_obj iface_obj;
6830
6831 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
6832 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
6833 sizeof(cfg.group_id));
6834 cfg.priority = wpa_s->conf->fst_priority;
6835 cfg.llt = wpa_s->conf->fst_llt;
6836
6837 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
6838 &iface_obj, &cfg);
6839 if (!wpa_s->fst) {
6840 wpa_msg(wpa_s, MSG_ERROR,
6841 "FST: Cannot attach iface %s to group %s",
6842 wpa_s->ifname, cfg.group_id);
6843 return -1;
6844 }
6845 }
6846 #endif /* CONFIG_FST */
6847
6848 if (wpas_wps_init(wpa_s))
6849 return -1;
6850
6851 #ifdef CONFIG_GAS_SERVER
6852 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
6853 if (!wpa_s->gas_server) {
6854 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
6855 return -1;
6856 }
6857 #endif /* CONFIG_GAS_SERVER */
6858
6859 #ifdef CONFIG_DPP
6860 if (wpas_dpp_init(wpa_s) < 0)
6861 return -1;
6862 #endif /* CONFIG_DPP */
6863
6864 if (wpa_supplicant_init_eapol(wpa_s) < 0)
6865 return -1;
6866 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
6867
6868 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
6869 if (wpa_s->ctrl_iface == NULL) {
6870 wpa_printf(MSG_ERROR,
6871 "Failed to initialize control interface '%s'.\n"
6872 "You may have another wpa_supplicant process "
6873 "already running or the file was\n"
6874 "left by an unclean termination of wpa_supplicant "
6875 "in which case you will need\n"
6876 "to manually remove this file before starting "
6877 "wpa_supplicant again.\n",
6878 wpa_s->conf->ctrl_interface);
6879 return -1;
6880 }
6881
6882 wpa_s->gas = gas_query_init(wpa_s);
6883 if (wpa_s->gas == NULL) {
6884 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
6885 return -1;
6886 }
6887
6888 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
6889 wpa_s->p2p_mgmt) &&
6890 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
6891 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
6892 return -1;
6893 }
6894
6895 if (wpa_bss_init(wpa_s) < 0)
6896 return -1;
6897
6898 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6899 #ifdef CONFIG_MESH
6900 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6901 #endif /* CONFIG_MESH */
6902 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6903
6904 /*
6905 * Set Wake-on-WLAN triggers, if configured.
6906 * Note: We don't restore/remove the triggers on shutdown (it doesn't
6907 * have effect anyway when the interface is down).
6908 */
6909 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
6910 return -1;
6911
6912 #ifdef CONFIG_EAP_PROXY
6913 {
6914 size_t len;
6915 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
6916 wpa_s->imsi, &len);
6917 if (wpa_s->mnc_len > 0) {
6918 wpa_s->imsi[len] = '\0';
6919 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
6920 wpa_s->imsi, wpa_s->mnc_len);
6921 } else {
6922 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
6923 }
6924 }
6925 #endif /* CONFIG_EAP_PROXY */
6926
6927 if (pcsc_reader_init(wpa_s) < 0)
6928 return -1;
6929
6930 if (wpas_init_ext_pw(wpa_s) < 0)
6931 return -1;
6932
6933 wpas_rrm_reset(wpa_s);
6934
6935 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
6936
6937 #ifdef CONFIG_HS20
6938 hs20_init(wpa_s);
6939 #endif /* CONFIG_HS20 */
6940 #ifdef CONFIG_MBO
6941 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
6942 if ((wpa_s->conf->oce & OCE_STA) &&
6943 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
6944 wpa_s->enable_oce = OCE_STA;
6945 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
6946 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
6947 /* TODO: Need to add STA-CFON support */
6948 wpa_printf(MSG_ERROR,
6949 "OCE STA-CFON feature is not yet supported");
6950 }
6951 }
6952 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
6953 #endif /* CONFIG_MBO */
6954
6955 wpa_supplicant_set_default_scan_ies(wpa_s);
6956
6957 return 0;
6958 }
6959
6960
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)6961 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
6962 int notify, int terminate)
6963 {
6964 struct wpa_global *global = wpa_s->global;
6965 struct wpa_supplicant *iface, *prev;
6966
6967 if (wpa_s == wpa_s->parent || (wpa_s == wpa_s->p2pdev && wpa_s->p2p_mgmt))
6968 wpas_p2p_group_remove(wpa_s, "*");
6969
6970 iface = global->ifaces;
6971 while (iface) {
6972 if (iface->p2pdev == wpa_s)
6973 iface->p2pdev = iface->parent;
6974 if (iface == wpa_s || iface->parent != wpa_s) {
6975 iface = iface->next;
6976 continue;
6977 }
6978 wpa_printf(MSG_DEBUG,
6979 "Remove remaining child interface %s from parent %s",
6980 iface->ifname, wpa_s->ifname);
6981 prev = iface;
6982 iface = iface->next;
6983 wpa_supplicant_remove_iface(global, prev, terminate);
6984 }
6985
6986 wpa_s->disconnected = 1;
6987 if (wpa_s->drv_priv) {
6988 /*
6989 * Don't deauthenticate if WoWLAN is enable and not explicitly
6990 * been configured to disconnect.
6991 */
6992 if (!wpa_drv_get_wowlan(wpa_s) ||
6993 wpa_s->conf->wowlan_disconnect_on_deinit) {
6994 wpa_supplicant_deauthenticate(
6995 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
6996
6997 wpa_drv_set_countermeasures(wpa_s, 0);
6998 wpa_clear_keys(wpa_s, NULL);
6999 } else {
7000 wpa_msg(wpa_s, MSG_INFO,
7001 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
7002 }
7003 }
7004
7005 wpa_supplicant_cleanup(wpa_s);
7006 wpas_p2p_deinit_iface(wpa_s);
7007
7008 wpas_ctrl_radio_work_flush(wpa_s);
7009 radio_remove_interface(wpa_s);
7010
7011 #ifdef CONFIG_FST
7012 if (wpa_s->fst) {
7013 fst_detach(wpa_s->fst);
7014 wpa_s->fst = NULL;
7015 }
7016 if (wpa_s->received_mb_ies) {
7017 wpabuf_free(wpa_s->received_mb_ies);
7018 wpa_s->received_mb_ies = NULL;
7019 }
7020 #endif /* CONFIG_FST */
7021
7022 if (wpa_s->drv_priv)
7023 wpa_drv_deinit(wpa_s);
7024
7025 if (notify)
7026 wpas_notify_iface_removed(wpa_s);
7027
7028 if (terminate)
7029 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
7030
7031 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
7032 wpa_s->ctrl_iface = NULL;
7033
7034 #ifdef CONFIG_MESH
7035 if (wpa_s->ifmsh) {
7036 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true);
7037 wpa_s->ifmsh = NULL;
7038 }
7039 #endif /* CONFIG_MESH */
7040
7041 if (wpa_s->conf != NULL) {
7042 wpa_config_free(wpa_s->conf);
7043 wpa_s->conf = NULL;
7044 }
7045
7046 os_free(wpa_s->ssids_from_scan_req);
7047 os_free(wpa_s->last_scan_freqs);
7048
7049 os_free(wpa_s);
7050 }
7051
7052
7053 #ifdef CONFIG_MATCH_IFACE
7054
7055 /**
7056 * wpa_supplicant_match_iface - Match an interface description to a name
7057 * @global: Pointer to global data from wpa_supplicant_init()
7058 * @ifname: Name of the interface to match
7059 * Returns: Pointer to the created interface description or %NULL on failure
7060 */
wpa_supplicant_match_iface(struct wpa_global * global,const char * ifname)7061 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
7062 const char *ifname)
7063 {
7064 int i;
7065 struct wpa_interface *iface, *miface;
7066
7067 for (i = 0; i < global->params.match_iface_count; i++) {
7068 miface = &global->params.match_ifaces[i];
7069 if (!miface->ifname ||
7070 fnmatch(miface->ifname, ifname, 0) == 0) {
7071 iface = os_zalloc(sizeof(*iface));
7072 if (!iface)
7073 return NULL;
7074 *iface = *miface;
7075 if (!miface->ifname)
7076 iface->matched = WPA_IFACE_MATCHED_NULL;
7077 else
7078 iface->matched = WPA_IFACE_MATCHED;
7079 iface->ifname = ifname;
7080 return iface;
7081 }
7082 }
7083
7084 return NULL;
7085 }
7086
7087
7088 /**
7089 * wpa_supplicant_match_existing - Match existing interfaces
7090 * @global: Pointer to global data from wpa_supplicant_init()
7091 * Returns: 0 on success, -1 on failure
7092 */
wpa_supplicant_match_existing(struct wpa_global * global)7093 static int wpa_supplicant_match_existing(struct wpa_global *global)
7094 {
7095 struct if_nameindex *ifi, *ifp;
7096 struct wpa_supplicant *wpa_s;
7097 struct wpa_interface *iface;
7098
7099 ifp = if_nameindex();
7100 if (!ifp) {
7101 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
7102 return -1;
7103 }
7104
7105 for (ifi = ifp; ifi->if_name; ifi++) {
7106 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
7107 if (wpa_s)
7108 continue;
7109 iface = wpa_supplicant_match_iface(global, ifi->if_name);
7110 if (iface) {
7111 wpa_supplicant_add_iface(global, iface, NULL);
7112 os_free(iface);
7113 }
7114 }
7115
7116 if_freenameindex(ifp);
7117 return 0;
7118 }
7119
7120 #endif /* CONFIG_MATCH_IFACE */
7121
7122
7123 /**
7124 * wpa_supplicant_add_iface - Add a new network interface
7125 * @global: Pointer to global data from wpa_supplicant_init()
7126 * @iface: Interface configuration options
7127 * @parent: Parent interface or %NULL to assign new interface as parent
7128 * Returns: Pointer to the created interface or %NULL on failure
7129 *
7130 * This function is used to add new network interfaces for %wpa_supplicant.
7131 * This can be called before wpa_supplicant_run() to add interfaces before the
7132 * main event loop has been started. In addition, new interfaces can be added
7133 * dynamically while %wpa_supplicant is already running. This could happen,
7134 * e.g., when a hotplug network adapter is inserted.
7135 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)7136 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
7137 struct wpa_interface *iface,
7138 struct wpa_supplicant *parent)
7139 {
7140 struct wpa_supplicant *wpa_s;
7141 struct wpa_interface t_iface;
7142 struct wpa_ssid *ssid;
7143
7144 if (global == NULL || iface == NULL)
7145 return NULL;
7146
7147 wpa_s = wpa_supplicant_alloc(parent);
7148 if (wpa_s == NULL)
7149 return NULL;
7150
7151 wpa_s->global = global;
7152
7153 t_iface = *iface;
7154 if (global->params.override_driver) {
7155 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
7156 "('%s' -> '%s')",
7157 iface->driver, global->params.override_driver);
7158 t_iface.driver = global->params.override_driver;
7159 }
7160 if (global->params.override_ctrl_interface) {
7161 wpa_printf(MSG_DEBUG, "Override interface parameter: "
7162 "ctrl_interface ('%s' -> '%s')",
7163 iface->ctrl_interface,
7164 global->params.override_ctrl_interface);
7165 t_iface.ctrl_interface =
7166 global->params.override_ctrl_interface;
7167 }
7168 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
7169 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
7170 iface->ifname);
7171 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
7172 return NULL;
7173 }
7174
7175 /* Notify the control interfaces about new iface */
7176 if (wpas_notify_iface_added(wpa_s)) {
7177 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
7178 return NULL;
7179 }
7180
7181 /* Notify the control interfaces about new networks */
7182 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
7183 if (iface->p2p_mgmt == 0) {
7184 wpas_notify_network_added(wpa_s, ssid);
7185 } else if (ssid->ssid_len > P2P_WILDCARD_SSID_LEN
7186 && os_strncmp((const char *) ssid->ssid,
7187 P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN) == 0) {
7188 wpas_notify_persistent_group_added(wpa_s, ssid);
7189 }
7190 }
7191
7192 wpa_s->next = global->ifaces;
7193 global->ifaces = wpa_s;
7194
7195 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
7196 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
7197
7198 #ifdef CONFIG_P2P
7199 if (wpa_s->global->p2p == NULL &&
7200 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
7201 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
7202 wpas_p2p_add_p2pdev_interface(
7203 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
7204 wpa_printf(MSG_INFO,
7205 "P2P: Failed to enable P2P Device interface");
7206 /* Try to continue without. P2P will be disabled. */
7207 }
7208 #endif /* CONFIG_P2P */
7209
7210 return wpa_s;
7211 }
7212
7213
7214 /**
7215 * wpa_supplicant_remove_iface - Remove a network interface
7216 * @global: Pointer to global data from wpa_supplicant_init()
7217 * @wpa_s: Pointer to the network interface to be removed
7218 * Returns: 0 if interface was removed, -1 if interface was not found
7219 *
7220 * This function can be used to dynamically remove network interfaces from
7221 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
7222 * addition, this function is used to remove all remaining interfaces when
7223 * %wpa_supplicant is terminated.
7224 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)7225 int wpa_supplicant_remove_iface(struct wpa_global *global,
7226 struct wpa_supplicant *wpa_s,
7227 int terminate)
7228 {
7229 struct wpa_supplicant *prev;
7230 #ifdef CONFIG_MESH
7231 unsigned int mesh_if_created = wpa_s->mesh_if_created;
7232 char *ifname = NULL;
7233 struct wpa_supplicant *parent = wpa_s->parent;
7234 #endif /* CONFIG_MESH */
7235
7236 /* Remove interface from the global list of interfaces */
7237 prev = global->ifaces;
7238 if (prev == wpa_s) {
7239 global->ifaces = wpa_s->next;
7240 } else {
7241 while (prev && prev->next != wpa_s)
7242 prev = prev->next;
7243 if (prev == NULL)
7244 return -1;
7245 prev->next = wpa_s->next;
7246 }
7247
7248 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
7249
7250 #ifdef CONFIG_MESH
7251 if (mesh_if_created) {
7252 ifname = os_strdup(wpa_s->ifname);
7253 if (ifname == NULL) {
7254 wpa_dbg(wpa_s, MSG_ERROR,
7255 "mesh: Failed to malloc ifname");
7256 return -1;
7257 }
7258 }
7259 #endif /* CONFIG_MESH */
7260
7261 if (global->p2p_group_formation == wpa_s)
7262 global->p2p_group_formation = NULL;
7263 if (global->p2p_invite_group == wpa_s)
7264 global->p2p_invite_group = NULL;
7265 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
7266
7267 #ifdef CONFIG_MESH
7268 if (mesh_if_created) {
7269 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
7270 os_free(ifname);
7271 }
7272 #endif /* CONFIG_MESH */
7273
7274 return 0;
7275 }
7276
7277
7278 /**
7279 * wpa_supplicant_get_eap_mode - Get the current EAP mode
7280 * @wpa_s: Pointer to the network interface
7281 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
7282 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)7283 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
7284 {
7285 const char *eapol_method;
7286
7287 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
7288 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
7289 return "NO-EAP";
7290 }
7291
7292 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
7293 if (eapol_method == NULL)
7294 return "UNKNOWN-EAP";
7295
7296 return eapol_method;
7297 }
7298
7299
7300 /**
7301 * wpa_supplicant_get_iface - Get a new network interface
7302 * @global: Pointer to global data from wpa_supplicant_init()
7303 * @ifname: Interface name
7304 * Returns: Pointer to the interface or %NULL if not found
7305 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)7306 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
7307 const char *ifname)
7308 {
7309 struct wpa_supplicant *wpa_s;
7310
7311 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7312 if (os_strcmp(wpa_s->ifname, ifname) == 0)
7313 return wpa_s;
7314 }
7315 return NULL;
7316 }
7317
7318
7319 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)7320 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
7321 {
7322 struct wpa_supplicant *wpa_s = ctx;
7323 if (wpa_s == NULL)
7324 return NULL;
7325 return wpa_s->ifname;
7326 }
7327 #endif /* CONFIG_NO_WPA_MSG */
7328
7329
7330 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
7331 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
7332 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
7333
7334 /* Periodic cleanup tasks */
wpas_periodic(void * eloop_ctx,void * timeout_ctx)7335 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
7336 {
7337 struct wpa_global *global = eloop_ctx;
7338 struct wpa_supplicant *wpa_s;
7339
7340 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7341 wpas_periodic, global, NULL);
7342
7343 #ifdef CONFIG_P2P
7344 if (global->p2p)
7345 p2p_expire_peers(global->p2p);
7346 #endif /* CONFIG_P2P */
7347
7348 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7349 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
7350 #ifdef CONFIG_AP
7351 ap_periodic(wpa_s);
7352 #endif /* CONFIG_AP */
7353 }
7354 }
7355
7356
7357 /**
7358 * wpa_supplicant_init - Initialize %wpa_supplicant
7359 * @params: Parameters for %wpa_supplicant
7360 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
7361 *
7362 * This function is used to initialize %wpa_supplicant. After successful
7363 * initialization, the returned data pointer can be used to add and remove
7364 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
7365 */
wpa_supplicant_init(struct wpa_params * params)7366 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
7367 {
7368 struct wpa_global *global;
7369 int ret, i;
7370
7371 if (params == NULL)
7372 return NULL;
7373
7374 #ifdef CONFIG_DRIVER_NDIS
7375 {
7376 void driver_ndis_init_ops(void);
7377 driver_ndis_init_ops();
7378 }
7379 #endif /* CONFIG_DRIVER_NDIS */
7380
7381 #ifndef CONFIG_NO_WPA_MSG
7382 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
7383 #endif /* CONFIG_NO_WPA_MSG */
7384
7385 if (params->wpa_debug_file_path)
7386 wpa_debug_open_file(params->wpa_debug_file_path);
7387 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
7388 wpa_debug_setup_stdout();
7389 if (params->wpa_debug_syslog)
7390 wpa_debug_open_syslog();
7391 if (params->wpa_debug_tracing) {
7392 ret = wpa_debug_open_linux_tracing();
7393 if (ret) {
7394 wpa_printf(MSG_ERROR,
7395 "Failed to enable trace logging");
7396 return NULL;
7397 }
7398 }
7399
7400 ret = eap_register_methods();
7401 if (ret) {
7402 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
7403 if (ret == -2)
7404 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
7405 "the same EAP type.");
7406 return NULL;
7407 }
7408
7409 global = os_zalloc(sizeof(*global));
7410 if (global == NULL)
7411 return NULL;
7412 dl_list_init(&global->p2p_srv_bonjour);
7413 dl_list_init(&global->p2p_srv_upnp);
7414 global->params.daemonize = params->daemonize;
7415 global->params.wait_for_monitor = params->wait_for_monitor;
7416 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
7417 if (params->pid_file)
7418 global->params.pid_file = os_strdup(params->pid_file);
7419 if (params->ctrl_interface)
7420 global->params.ctrl_interface =
7421 os_strdup(params->ctrl_interface);
7422 if (params->ctrl_interface_group)
7423 global->params.ctrl_interface_group =
7424 os_strdup(params->ctrl_interface_group);
7425 if (params->override_driver)
7426 global->params.override_driver =
7427 os_strdup(params->override_driver);
7428 if (params->override_ctrl_interface)
7429 global->params.override_ctrl_interface =
7430 os_strdup(params->override_ctrl_interface);
7431 #ifdef CONFIG_MATCH_IFACE
7432 global->params.match_iface_count = params->match_iface_count;
7433 if (params->match_iface_count) {
7434 global->params.match_ifaces =
7435 os_calloc(params->match_iface_count,
7436 sizeof(struct wpa_interface));
7437 os_memcpy(global->params.match_ifaces,
7438 params->match_ifaces,
7439 params->match_iface_count *
7440 sizeof(struct wpa_interface));
7441 }
7442 #endif /* CONFIG_MATCH_IFACE */
7443 #ifdef CONFIG_P2P
7444 if (params->conf_p2p_dev)
7445 global->params.conf_p2p_dev =
7446 os_strdup(params->conf_p2p_dev);
7447 #endif /* CONFIG_P2P */
7448 wpa_debug_level = global->params.wpa_debug_level =
7449 params->wpa_debug_level;
7450 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
7451 params->wpa_debug_show_keys;
7452 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
7453 params->wpa_debug_timestamp;
7454
7455 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
7456
7457 if (eloop_init()) {
7458 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
7459 wpa_supplicant_deinit(global);
7460 return NULL;
7461 }
7462
7463 random_init(params->entropy_file);
7464
7465 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
7466 if (global->ctrl_iface == NULL) {
7467 wpa_supplicant_deinit(global);
7468 return NULL;
7469 }
7470
7471 if (wpas_notify_supplicant_initialized(global)) {
7472 wpa_supplicant_deinit(global);
7473 return NULL;
7474 }
7475
7476 for (i = 0; wpa_drivers[i]; i++)
7477 global->drv_count++;
7478 if (global->drv_count == 0) {
7479 wpa_printf(MSG_ERROR, "No drivers enabled");
7480 wpa_supplicant_deinit(global);
7481 return NULL;
7482 }
7483 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
7484 if (global->drv_priv == NULL) {
7485 wpa_supplicant_deinit(global);
7486 return NULL;
7487 }
7488
7489 #ifdef CONFIG_WIFI_DISPLAY
7490 if (wifi_display_init(global) < 0) {
7491 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
7492 wpa_supplicant_deinit(global);
7493 return NULL;
7494 }
7495 #endif /* CONFIG_WIFI_DISPLAY */
7496
7497 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7498 wpas_periodic, global, NULL);
7499
7500 return global;
7501 }
7502
7503
7504 /**
7505 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
7506 * @global: Pointer to global data from wpa_supplicant_init()
7507 * Returns: 0 after successful event loop run, -1 on failure
7508 *
7509 * This function starts the main event loop and continues running as long as
7510 * there are any remaining events. In most cases, this function is running as
7511 * long as the %wpa_supplicant process in still in use.
7512 */
wpa_supplicant_run(struct wpa_global * global)7513 int wpa_supplicant_run(struct wpa_global *global)
7514 {
7515 struct wpa_supplicant *wpa_s;
7516
7517 if (global->params.daemonize &&
7518 (wpa_supplicant_daemon(global->params.pid_file) ||
7519 eloop_sock_requeue()))
7520 return -1;
7521
7522 #ifdef CONFIG_MATCH_IFACE
7523 if (wpa_supplicant_match_existing(global))
7524 return -1;
7525 #endif
7526
7527 if (global->params.wait_for_monitor) {
7528 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
7529 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
7530 wpa_supplicant_ctrl_iface_wait(
7531 wpa_s->ctrl_iface);
7532 }
7533
7534 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
7535 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
7536
7537 eloop_run();
7538
7539 return 0;
7540 }
7541
7542
7543 /**
7544 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
7545 * @global: Pointer to global data from wpa_supplicant_init()
7546 *
7547 * This function is called to deinitialize %wpa_supplicant and to free all
7548 * allocated resources. Remaining network interfaces will also be removed.
7549 */
wpa_supplicant_deinit(struct wpa_global * global)7550 void wpa_supplicant_deinit(struct wpa_global *global)
7551 {
7552 int i;
7553
7554 if (global == NULL)
7555 return;
7556
7557 eloop_cancel_timeout(wpas_periodic, global, NULL);
7558
7559 #ifdef CONFIG_WIFI_DISPLAY
7560 wifi_display_deinit(global);
7561 #endif /* CONFIG_WIFI_DISPLAY */
7562
7563 while (global->ifaces)
7564 wpa_supplicant_remove_iface(global, global->ifaces, 1);
7565
7566 if (global->ctrl_iface)
7567 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
7568
7569 wpas_notify_supplicant_deinitialized(global);
7570
7571 eap_peer_unregister_methods();
7572 #ifdef CONFIG_AP
7573 eap_server_unregister_methods();
7574 #endif /* CONFIG_AP */
7575
7576 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
7577 if (!global->drv_priv[i])
7578 continue;
7579 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
7580 }
7581 os_free(global->drv_priv);
7582
7583 random_deinit();
7584
7585 eloop_destroy();
7586
7587 if (global->params.pid_file) {
7588 os_daemonize_terminate(global->params.pid_file);
7589 os_free(global->params.pid_file);
7590 }
7591 os_free(global->params.ctrl_interface);
7592 os_free(global->params.ctrl_interface_group);
7593 os_free(global->params.override_driver);
7594 os_free(global->params.override_ctrl_interface);
7595 #ifdef CONFIG_MATCH_IFACE
7596 os_free(global->params.match_ifaces);
7597 #endif /* CONFIG_MATCH_IFACE */
7598 #ifdef CONFIG_P2P
7599 os_free(global->params.conf_p2p_dev);
7600 #endif /* CONFIG_P2P */
7601
7602 os_free(global->p2p_disallow_freq.range);
7603 os_free(global->p2p_go_avoid_freq.range);
7604 os_free(global->add_psk);
7605
7606 os_free(global);
7607 wpa_debug_close_syslog();
7608 wpa_debug_close_file();
7609 wpa_debug_close_linux_tracing();
7610 }
7611
7612
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)7613 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
7614 {
7615 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
7616 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
7617 char country[3];
7618 country[0] = wpa_s->conf->country[0];
7619 country[1] = wpa_s->conf->country[1];
7620 country[2] = '\0';
7621 if (wpa_drv_set_country(wpa_s, country) < 0) {
7622 wpa_printf(MSG_ERROR, "Failed to set country code "
7623 "'%s'", country);
7624 }
7625 }
7626
7627 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
7628 wpas_init_ext_pw(wpa_s);
7629
7630 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
7631 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7632
7633 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
7634 struct wpa_driver_capa capa;
7635 int res = wpa_drv_get_capa(wpa_s, &capa);
7636
7637 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7638 wpa_printf(MSG_ERROR,
7639 "Failed to update wowlan_triggers to '%s'",
7640 wpa_s->conf->wowlan_triggers);
7641 }
7642
7643 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
7644 wpa_supplicant_set_default_scan_ies(wpa_s);
7645
7646 #ifdef CONFIG_BGSCAN
7647 /*
7648 * We default to global bgscan parameters only when per-network bgscan
7649 * parameters aren't set. Only bother resetting bgscan parameters if
7650 * this is the case.
7651 */
7652 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) &&
7653 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan &&
7654 wpa_s->wpa_state == WPA_COMPLETED)
7655 wpa_supplicant_reset_bgscan(wpa_s);
7656 #endif /* CONFIG_BGSCAN */
7657
7658 #ifdef CONFIG_WPS
7659 wpas_wps_update_config(wpa_s);
7660 #endif /* CONFIG_WPS */
7661 wpas_p2p_update_config(wpa_s);
7662 wpa_s->conf->changed_parameters = 0;
7663 }
7664
7665
add_freq(int * freqs,int * num_freqs,int freq)7666 void add_freq(int *freqs, int *num_freqs, int freq)
7667 {
7668 int i;
7669
7670 for (i = 0; i < *num_freqs; i++) {
7671 if (freqs[i] == freq)
7672 return;
7673 }
7674
7675 freqs[*num_freqs] = freq;
7676 (*num_freqs)++;
7677 }
7678
7679
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)7680 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
7681 {
7682 struct wpa_bss *bss, *cbss;
7683 const int max_freqs = 10;
7684 int *freqs;
7685 int num_freqs = 0;
7686
7687 freqs = os_calloc(max_freqs + 1, sizeof(int));
7688 if (freqs == NULL)
7689 return NULL;
7690
7691 cbss = wpa_s->current_bss;
7692
7693 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
7694 if (bss == cbss)
7695 continue;
7696 if (bss->ssid_len == cbss->ssid_len &&
7697 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
7698 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) {
7699 add_freq(freqs, &num_freqs, bss->freq);
7700 if (num_freqs == max_freqs)
7701 break;
7702 }
7703 }
7704
7705 if (num_freqs == 0) {
7706 os_free(freqs);
7707 freqs = NULL;
7708 }
7709
7710 return freqs;
7711 }
7712
7713
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid)7714 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
7715 {
7716 int timeout;
7717 int count;
7718 int *freqs = NULL;
7719
7720 wpas_connect_work_done(wpa_s);
7721
7722 /*
7723 * Remove possible authentication timeout since the connection failed.
7724 */
7725 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
7726
7727 /*
7728 * There is no point in ignoring the AP temporarily if this event is
7729 * generated based on local request to disconnect.
7730 */
7731 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
7732 wpa_s->own_disconnect_req = 0;
7733 wpa_dbg(wpa_s, MSG_DEBUG,
7734 "Ignore connection failure due to local request to disconnect");
7735 return;
7736 }
7737 if (wpa_s->disconnected) {
7738 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7739 "indication since interface has been put into "
7740 "disconnected state");
7741 return;
7742 }
7743 if (wpa_s->auto_reconnect_disabled) {
7744 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
7745 "indication since auto connect is disabled");
7746 return;
7747 }
7748
7749 /*
7750 * Add the failed BSSID into the ignore list and speed up next scan
7751 * attempt if there could be other APs that could accept association.
7752 */
7753 count = wpa_bssid_ignore_add(wpa_s, bssid);
7754 if (count == 1 && wpa_s->current_bss) {
7755 /*
7756 * This BSS was not in the ignore list before. If there is
7757 * another BSS available for the same ESS, we should try that
7758 * next. Otherwise, we may as well try this one once more
7759 * before allowing other, likely worse, ESSes to be considered.
7760 */
7761 freqs = get_bss_freqs_in_ess(wpa_s);
7762 if (freqs) {
7763 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
7764 "has been seen; try it next");
7765 wpa_bssid_ignore_add(wpa_s, bssid);
7766 /*
7767 * On the next scan, go through only the known channels
7768 * used in this ESS based on previous scans to speed up
7769 * common load balancing use case.
7770 */
7771 os_free(wpa_s->next_scan_freqs);
7772 wpa_s->next_scan_freqs = freqs;
7773 }
7774 }
7775
7776 wpa_s->consecutive_conn_failures++;
7777
7778 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) {
7779 wpa_printf(MSG_DEBUG, "Continuous association failures - "
7780 "consider temporary network disabling");
7781 wpas_auth_failed(wpa_s, "CONN_FAILED");
7782 }
7783 /*
7784 * Multiple consecutive connection failures mean that other APs are
7785 * either not available or have already been tried, so we can start
7786 * increasing the delay here to avoid constant scanning.
7787 */
7788 switch (wpa_s->consecutive_conn_failures) {
7789 case 1:
7790 timeout = 100;
7791 break;
7792 case 2:
7793 timeout = 500;
7794 break;
7795 case 3:
7796 timeout = 1000;
7797 break;
7798 case 4:
7799 timeout = 5000;
7800 break;
7801 default:
7802 timeout = 10000;
7803 break;
7804 }
7805
7806 wpa_dbg(wpa_s, MSG_DEBUG,
7807 "Consecutive connection failures: %d --> request scan in %d ms",
7808 wpa_s->consecutive_conn_failures, timeout);
7809
7810 /*
7811 * TODO: if more than one possible AP is available in scan results,
7812 * could try the other ones before requesting a new scan.
7813 */
7814
7815 /* speed up the connection attempt with normal scan */
7816 wpa_s->normal_scans = 0;
7817 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
7818 1000 * (timeout % 1000));
7819 }
7820
7821
7822 #ifdef CONFIG_FILS
7823
fils_pmksa_cache_flush(struct wpa_supplicant * wpa_s)7824 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
7825 {
7826 struct wpa_ssid *ssid = wpa_s->current_ssid;
7827 const u8 *realm, *username, *rrk;
7828 size_t realm_len, username_len, rrk_len;
7829 u16 next_seq_num;
7830
7831 /* Clear the PMKSA cache entry if FILS authentication was rejected.
7832 * Check for ERP keys existing to limit when this can be done since
7833 * the rejection response is not protected and such triggers should
7834 * really not allow internal state to be modified unless required to
7835 * avoid significant issues in functionality. In addition, drop
7836 * externally configure PMKSA entries even without ERP keys since it
7837 * is possible for an external component to add PMKSA entries for FILS
7838 * authentication without restoring previously generated ERP keys.
7839 *
7840 * In this case, this is needed to allow recovery from cases where the
7841 * AP or authentication server has dropped PMKSAs and ERP keys. */
7842 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt))
7843 return;
7844
7845 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7846 &username, &username_len,
7847 &realm, &realm_len, &next_seq_num,
7848 &rrk, &rrk_len) != 0 ||
7849 !realm) {
7850 wpa_dbg(wpa_s, MSG_DEBUG,
7851 "FILS: Drop external PMKSA cache entry");
7852 wpa_sm_aborted_external_cached(wpa_s->wpa);
7853 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid);
7854 return;
7855 }
7856
7857 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry");
7858 wpa_sm_aborted_cached(wpa_s->wpa);
7859 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
7860 }
7861
7862
fils_connection_failure(struct wpa_supplicant * wpa_s)7863 void fils_connection_failure(struct wpa_supplicant *wpa_s)
7864 {
7865 struct wpa_ssid *ssid = wpa_s->current_ssid;
7866 const u8 *realm, *username, *rrk;
7867 size_t realm_len, username_len, rrk_len;
7868 u16 next_seq_num;
7869
7870 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
7871 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
7872 &username, &username_len,
7873 &realm, &realm_len, &next_seq_num,
7874 &rrk, &rrk_len) != 0 ||
7875 !realm)
7876 return;
7877
7878 wpa_hexdump_ascii(MSG_DEBUG,
7879 "FILS: Store last connection failure realm",
7880 realm, realm_len);
7881 os_free(wpa_s->last_con_fail_realm);
7882 wpa_s->last_con_fail_realm = os_malloc(realm_len);
7883 if (wpa_s->last_con_fail_realm) {
7884 wpa_s->last_con_fail_realm_len = realm_len;
7885 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
7886 }
7887 }
7888 #endif /* CONFIG_FILS */
7889
7890
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)7891 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
7892 {
7893 return wpa_s->conf->ap_scan == 2 ||
7894 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
7895 }
7896
7897
7898 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) || defined (CONFIG_CTRL_IFACE_AIDL)
wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)7899 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7900 struct wpa_ssid *ssid,
7901 const char *field,
7902 const char *value)
7903 {
7904 #ifdef IEEE8021X_EAPOL
7905 enum wpa_ctrl_req_type rtype;
7906
7907 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
7908 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
7909 (const u8 *) value, os_strlen(value));
7910
7911 rtype = wpa_supplicant_ctrl_req_from_string(field);
7912 return wpa_supplicant_ctrl_rsp_handle(wpa_s, ssid, rtype, value, strlen(value));
7913 #else /* IEEE8021X_EAPOL */
7914 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
7915 return -1;
7916 #endif /* IEEE8021X_EAPOL */
7917 }
7918
wpa_supplicant_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,enum wpa_ctrl_req_type rtype,const char * value,int value_len)7919 int wpa_supplicant_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
7920 struct wpa_ssid *ssid,
7921 enum wpa_ctrl_req_type rtype,
7922 const char *value, int value_len)
7923 {
7924 #ifdef IEEE8021X_EAPOL
7925 struct eap_peer_config *eap = &ssid->eap;
7926 char *identity, *imsi_identity;
7927
7928 switch (rtype) {
7929 case WPA_CTRL_REQ_EAP_IDENTITY:
7930 os_free(eap->identity);
7931 os_free(eap->imsi_identity);
7932 if (value == NULL)
7933 return -1;
7934 identity = os_strchr(value, ':');
7935 if (identity == NULL) {
7936 /* plain identity */
7937 eap->identity = (u8 *)os_strdup(value);
7938 eap->identity_len = os_strlen(value);
7939 } else {
7940 /* have both plain identity and encrypted identity */
7941 imsi_identity = value;
7942 *identity++ = '\0';
7943 /* plain identity */
7944 eap->imsi_identity = (u8 *)dup_binstr(imsi_identity, strlen(imsi_identity));
7945 eap->imsi_identity_len = strlen(imsi_identity);
7946 /* encrypted identity */
7947 eap->identity = (u8 *)dup_binstr(identity,
7948 value_len - strlen(imsi_identity) - 1);
7949 eap->identity_len = value_len - strlen(imsi_identity) - 1;
7950 }
7951 eap->pending_req_identity = 0;
7952 if (ssid == wpa_s->current_ssid)
7953 wpa_s->reassociate = 1;
7954 break;
7955 case WPA_CTRL_REQ_EAP_PASSWORD:
7956 bin_clear_free(eap->password, eap->password_len);
7957 eap->password = (u8 *) os_strdup(value);
7958 eap->password_len = value_len;
7959 eap->pending_req_password = 0;
7960 if (ssid == wpa_s->current_ssid)
7961 wpa_s->reassociate = 1;
7962 break;
7963 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
7964 bin_clear_free(eap->new_password, eap->new_password_len);
7965 eap->new_password = (u8 *) os_strdup(value);
7966 eap->new_password_len = value_len;
7967 eap->pending_req_new_password = 0;
7968 if (ssid == wpa_s->current_ssid)
7969 wpa_s->reassociate = 1;
7970 break;
7971 case WPA_CTRL_REQ_EAP_PIN:
7972 str_clear_free(eap->cert.pin);
7973 eap->cert.pin = os_strdup(value);
7974 eap->pending_req_pin = 0;
7975 if (ssid == wpa_s->current_ssid)
7976 wpa_s->reassociate = 1;
7977 break;
7978 case WPA_CTRL_REQ_EAP_OTP:
7979 bin_clear_free(eap->otp, eap->otp_len);
7980 eap->otp = (u8 *) os_strdup(value);
7981 eap->otp_len = value_len;
7982 os_free(eap->pending_req_otp);
7983 eap->pending_req_otp = NULL;
7984 eap->pending_req_otp_len = 0;
7985 break;
7986 case WPA_CTRL_REQ_EAP_PASSPHRASE:
7987 str_clear_free(eap->cert.private_key_passwd);
7988 eap->cert.private_key_passwd = os_strdup(value);
7989 eap->pending_req_passphrase = 0;
7990 if (ssid == wpa_s->current_ssid)
7991 wpa_s->reassociate = 1;
7992 break;
7993 case WPA_CTRL_REQ_SIM:
7994 str_clear_free(eap->external_sim_resp);
7995 eap->external_sim_resp = os_strdup(value);
7996 eap->pending_req_sim = 0;
7997 break;
7998 case WPA_CTRL_REQ_PSK_PASSPHRASE:
7999 if (wpa_config_set(ssid, "psk", value, 0) < 0)
8000 return -1;
8001 ssid->mem_only_psk = 1;
8002 if (ssid->passphrase)
8003 wpa_config_update_psk(ssid);
8004 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
8005 wpa_supplicant_req_scan(wpa_s, 0, 0);
8006 break;
8007 case WPA_CTRL_REQ_EXT_CERT_CHECK:
8008 if (eap->pending_ext_cert_check != PENDING_CHECK)
8009 return -1;
8010 if (os_strcmp(value, "good") == 0)
8011 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
8012 else if (os_strcmp(value, "bad") == 0)
8013 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
8014 else
8015 return -1;
8016 break;
8017 default:
8018 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown type %d", rtype);
8019 return -1;
8020 }
8021
8022 return 0;
8023 #else /* IEEE8021X_EAPOL */
8024 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
8025 return -1;
8026 #endif /* IEEE8021X_EAPOL */
8027 }
8028 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW || CONFIG_CTRL_IFACE_AIDL */
8029
8030
wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8031 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8032 {
8033 #ifdef CONFIG_WEP
8034 int i;
8035 unsigned int drv_enc;
8036 #endif /* CONFIG_WEP */
8037
8038 if (wpa_s->p2p_mgmt)
8039 return 1; /* no normal network profiles on p2p_mgmt interface */
8040
8041 if (ssid == NULL)
8042 return 1;
8043
8044 if (ssid->disabled)
8045 return 1;
8046
8047 #ifdef CONFIG_WEP
8048 if (wpa_s->drv_capa_known)
8049 drv_enc = wpa_s->drv_enc;
8050 else
8051 drv_enc = (unsigned int) -1;
8052
8053 for (i = 0; i < NUM_WEP_KEYS; i++) {
8054 size_t len = ssid->wep_key_len[i];
8055 if (len == 0)
8056 continue;
8057 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
8058 continue;
8059 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
8060 continue;
8061 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
8062 continue;
8063 return 1; /* invalid WEP key */
8064 }
8065 #endif /* CONFIG_WEP */
8066
8067 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
8068 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
8069 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
8070 !ssid->mem_only_psk)
8071 return 1;
8072
8073 return 0;
8074 }
8075
8076
wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8077 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8078 {
8079 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
8080 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
8081 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
8082 /*
8083 * Driver does not support BIP -- ignore pmf=1 default
8084 * since the connection with PMF would fail and the
8085 * configuration does not require PMF to be enabled.
8086 */
8087 return NO_MGMT_FRAME_PROTECTION;
8088 }
8089
8090 if (ssid &&
8091 (ssid->key_mgmt &
8092 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
8093 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
8094 /*
8095 * Do not use the default PMF value for non-RSN networks
8096 * since PMF is available only with RSN and pmf=2
8097 * configuration would otherwise prevent connections to
8098 * all open networks.
8099 */
8100 return NO_MGMT_FRAME_PROTECTION;
8101 }
8102
8103 return wpa_s->conf->pmf;
8104 }
8105
8106 return ssid->ieee80211w;
8107 }
8108
8109
pmf_in_use(struct wpa_supplicant * wpa_s,const u8 * addr)8110 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr)
8111 {
8112 if (wpa_s->current_ssid == NULL ||
8113 wpa_s->wpa_state < WPA_4WAY_HANDSHAKE ||
8114 os_memcmp(addr, wpa_s->bssid, ETH_ALEN) != 0)
8115 return 0;
8116 return wpa_sm_pmf_enabled(wpa_s->wpa);
8117 }
8118
8119
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)8120 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
8121 {
8122 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
8123 return 1;
8124 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
8125 return 0;
8126 return -1;
8127 }
8128
8129
wpas_auth_failed(struct wpa_supplicant * wpa_s,char * reason)8130 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason)
8131 {
8132 struct wpa_ssid *ssid = wpa_s->current_ssid;
8133 int dur;
8134 struct os_reltime now;
8135
8136 if (ssid == NULL) {
8137 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
8138 "SSID block");
8139 return;
8140 }
8141
8142 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
8143 return;
8144
8145 ssid->auth_failures++;
8146
8147 #ifdef CONFIG_P2P
8148 if (ssid->p2p_group &&
8149 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
8150 /*
8151 * Skip the wait time since there is a short timeout on the
8152 * connection to a P2P group.
8153 */
8154 return;
8155 }
8156 #endif /* CONFIG_P2P */
8157
8158 if (ssid->auth_failures > 50)
8159 dur = 300;
8160 else if (ssid->auth_failures > 10)
8161 dur = 120;
8162 else if (ssid->auth_failures > 5)
8163 dur = 90;
8164 else if (ssid->auth_failures > 3)
8165 dur = 60;
8166 else if (ssid->auth_failures > 2)
8167 dur = 30;
8168 else if (ssid->auth_failures > 1)
8169 dur = 20;
8170 else
8171 dur = 10;
8172
8173 if (ssid->auth_failures > 1 &&
8174 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
8175 dur += os_random() % (ssid->auth_failures * 10);
8176
8177 os_get_reltime(&now);
8178 if (now.sec + dur <= ssid->disabled_until.sec)
8179 return;
8180
8181 ssid->disabled_until.sec = now.sec + dur;
8182
8183 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
8184 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
8185 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
8186 ssid->auth_failures, dur, reason);
8187
8188 char *format_str = "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s";
8189 int msg_len = snprintf(NULL, 0, format_str,
8190 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
8191 ssid->auth_failures, dur, reason) + 1;
8192 char *msg = os_malloc(msg_len);
8193 snprintf(msg, msg_len, format_str,
8194 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
8195 ssid->auth_failures, dur, reason);
8196 wpas_notify_ssid_temp_disabled(wpa_s, msg);
8197 os_free(msg);
8198 }
8199
8200
wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)8201 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
8202 struct wpa_ssid *ssid, int clear_failures)
8203 {
8204 if (ssid == NULL)
8205 return;
8206
8207 if (ssid->disabled_until.sec) {
8208 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
8209 "id=%d ssid=\"%s\"",
8210 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
8211 }
8212 ssid->disabled_until.sec = 0;
8213 ssid->disabled_until.usec = 0;
8214 if (clear_failures)
8215 ssid->auth_failures = 0;
8216 }
8217
8218
disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)8219 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
8220 {
8221 size_t i;
8222
8223 if (wpa_s->disallow_aps_bssid == NULL)
8224 return 0;
8225
8226 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
8227 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
8228 bssid, ETH_ALEN) == 0)
8229 return 1;
8230 }
8231
8232 return 0;
8233 }
8234
8235
disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)8236 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
8237 size_t ssid_len)
8238 {
8239 size_t i;
8240
8241 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
8242 return 0;
8243
8244 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
8245 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
8246 if (ssid_len == s->ssid_len &&
8247 os_memcmp(ssid, s->ssid, ssid_len) == 0)
8248 return 1;
8249 }
8250
8251 return 0;
8252 }
8253
8254
8255 /**
8256 * wpas_request_connection - Request a new connection
8257 * @wpa_s: Pointer to the network interface
8258 *
8259 * This function is used to request a new connection to be found. It will mark
8260 * the interface to allow reassociation and request a new scan to find a
8261 * suitable network to connect to.
8262 */
wpas_request_connection(struct wpa_supplicant * wpa_s)8263 void wpas_request_connection(struct wpa_supplicant *wpa_s)
8264 {
8265 wpa_s->normal_scans = 0;
8266 wpa_s->scan_req = NORMAL_SCAN_REQ;
8267 wpa_supplicant_reinit_autoscan(wpa_s);
8268 wpa_s->disconnected = 0;
8269 wpa_s->reassociate = 1;
8270 wpa_s->last_owe_group = 0;
8271
8272 if (wpa_supplicant_fast_associate(wpa_s) != 1)
8273 wpa_supplicant_req_scan(wpa_s, 0, 0);
8274 else
8275 wpa_s->reattach = 0;
8276 }
8277
8278
8279 /**
8280 * wpas_request_disconnection - Request disconnection
8281 * @wpa_s: Pointer to the network interface
8282 *
8283 * This function is used to request disconnection from the currently connected
8284 * network. This will stop any ongoing scans and initiate deauthentication.
8285 */
wpas_request_disconnection(struct wpa_supplicant * wpa_s)8286 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
8287 {
8288 #ifdef CONFIG_SME
8289 wpa_s->sme.prev_bssid_set = 0;
8290 #endif /* CONFIG_SME */
8291 wpa_s->reassociate = 0;
8292 wpa_s->disconnected = 1;
8293 wpa_supplicant_cancel_sched_scan(wpa_s);
8294 wpa_supplicant_cancel_scan(wpa_s);
8295 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
8296 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
8297 radio_remove_works(wpa_s, "connect", 0);
8298 radio_remove_works(wpa_s, "sme-connect", 0);
8299 wpa_s->roam_in_progress = false;
8300 #ifdef CONFIG_WNM
8301 wpa_s->bss_trans_mgmt_in_progress = false;
8302 #endif /* CONFIG_WNM */
8303 }
8304
8305
dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)8306 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
8307 struct wpa_used_freq_data *freqs_data,
8308 unsigned int len)
8309 {
8310 unsigned int i;
8311
8312 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
8313 len, title);
8314 for (i = 0; i < len; i++) {
8315 struct wpa_used_freq_data *cur = &freqs_data[i];
8316 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
8317 i, cur->freq, cur->flags);
8318 }
8319 }
8320
8321
8322 /*
8323 * Find the operating frequencies of any of the virtual interfaces that
8324 * are using the same radio as the current interface, and in addition, get
8325 * information about the interface types that are using the frequency.
8326 */
get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len)8327 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
8328 struct wpa_used_freq_data *freqs_data,
8329 unsigned int len)
8330 {
8331 struct wpa_supplicant *ifs;
8332 u8 bssid[ETH_ALEN];
8333 int freq;
8334 unsigned int idx = 0, i;
8335
8336 wpa_dbg(wpa_s, MSG_DEBUG,
8337 "Determining shared radio frequencies (max len %u)", len);
8338 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
8339
8340 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
8341 radio_list) {
8342 if (idx == len)
8343 break;
8344
8345 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
8346 continue;
8347
8348 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
8349 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
8350 ifs->current_ssid->mode == WPAS_MODE_MESH)
8351 freq = ifs->current_ssid->frequency;
8352 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
8353 freq = ifs->assoc_freq;
8354 else
8355 continue;
8356
8357 /* Hold only distinct freqs */
8358 for (i = 0; i < idx; i++)
8359 if (freqs_data[i].freq == freq)
8360 break;
8361
8362 if (i == idx)
8363 freqs_data[idx++].freq = freq;
8364
8365 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
8366 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
8367 WPA_FREQ_USED_BY_P2P_CLIENT :
8368 WPA_FREQ_USED_BY_INFRA_STATION;
8369 }
8370 }
8371
8372 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
8373 return idx;
8374 }
8375
8376
8377 /*
8378 * Find the operating frequencies of any of the virtual interfaces that
8379 * are using the same radio as the current interface.
8380 */
get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len)8381 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
8382 int *freq_array, unsigned int len)
8383 {
8384 struct wpa_used_freq_data *freqs_data;
8385 int num, i;
8386
8387 os_memset(freq_array, 0, sizeof(int) * len);
8388
8389 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
8390 if (!freqs_data)
8391 return -1;
8392
8393 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len);
8394 for (i = 0; i < num; i++)
8395 freq_array[i] = freqs_data[i].freq;
8396
8397 os_free(freqs_data);
8398
8399 return num;
8400 }
8401
8402
8403 struct wpa_supplicant *
wpas_vendor_elem(struct wpa_supplicant * wpa_s,enum wpa_vendor_elem_frame frame)8404 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
8405 {
8406 switch (frame) {
8407 #ifdef CONFIG_P2P
8408 case VENDOR_ELEM_PROBE_REQ_P2P:
8409 case VENDOR_ELEM_PROBE_RESP_P2P:
8410 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
8411 case VENDOR_ELEM_BEACON_P2P_GO:
8412 case VENDOR_ELEM_P2P_PD_REQ:
8413 case VENDOR_ELEM_P2P_PD_RESP:
8414 case VENDOR_ELEM_P2P_GO_NEG_REQ:
8415 case VENDOR_ELEM_P2P_GO_NEG_RESP:
8416 case VENDOR_ELEM_P2P_GO_NEG_CONF:
8417 case VENDOR_ELEM_P2P_INV_REQ:
8418 case VENDOR_ELEM_P2P_INV_RESP:
8419 case VENDOR_ELEM_P2P_ASSOC_REQ:
8420 case VENDOR_ELEM_P2P_ASSOC_RESP:
8421 return wpa_s->p2pdev;
8422 #endif /* CONFIG_P2P */
8423 default:
8424 return wpa_s;
8425 }
8426 }
8427
8428
wpas_vendor_elem_update(struct wpa_supplicant * wpa_s)8429 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
8430 {
8431 unsigned int i;
8432 char buf[30];
8433
8434 wpa_printf(MSG_DEBUG, "Update vendor elements");
8435
8436 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
8437 if (wpa_s->vendor_elem[i]) {
8438 int res;
8439
8440 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
8441 if (!os_snprintf_error(sizeof(buf), res)) {
8442 wpa_hexdump_buf(MSG_DEBUG, buf,
8443 wpa_s->vendor_elem[i]);
8444 }
8445 }
8446 }
8447
8448 #ifdef CONFIG_P2P
8449 if ((wpa_s->parent == wpa_s || (wpa_s == wpa_s->p2pdev && wpa_s->p2p_mgmt)) &&
8450 wpa_s->global->p2p &&
8451 !wpa_s->global->p2p_disabled)
8452 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
8453 #endif /* CONFIG_P2P */
8454 }
8455
8456
wpas_vendor_elem_remove(struct wpa_supplicant * wpa_s,int frame,const u8 * elem,size_t len)8457 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
8458 const u8 *elem, size_t len)
8459 {
8460 u8 *ie, *end;
8461
8462 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
8463 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
8464
8465 for (; ie + 1 < end; ie += 2 + ie[1]) {
8466 if (ie + len > end)
8467 break;
8468 if (os_memcmp(ie, elem, len) != 0)
8469 continue;
8470
8471 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
8472 wpabuf_free(wpa_s->vendor_elem[frame]);
8473 wpa_s->vendor_elem[frame] = NULL;
8474 } else {
8475 os_memmove(ie, ie + len, end - (ie + len));
8476 wpa_s->vendor_elem[frame]->used -= len;
8477 }
8478 wpas_vendor_elem_update(wpa_s);
8479 return 0;
8480 }
8481
8482 return -1;
8483 }
8484
8485
get_mode(struct hostapd_hw_modes * modes,u16 num_modes,enum hostapd_hw_mode mode,bool is_6ghz)8486 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
8487 u16 num_modes, enum hostapd_hw_mode mode,
8488 bool is_6ghz)
8489 {
8490 u16 i;
8491
8492 if (!modes)
8493 return NULL;
8494
8495 for (i = 0; i < num_modes; i++) {
8496 if (modes[i].mode != mode ||
8497 !modes[i].num_channels || !modes[i].channels)
8498 continue;
8499 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
8500 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
8501 return &modes[i];
8502 }
8503
8504 return NULL;
8505 }
8506
8507
get_mode_with_freq(struct hostapd_hw_modes * modes,u16 num_modes,int freq)8508 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes,
8509 u16 num_modes, int freq)
8510 {
8511 int i, j;
8512
8513 for (i = 0; i < num_modes; i++) {
8514 for (j = 0; j < modes[i].num_channels; j++) {
8515 if (freq == modes[i].channels[j].freq)
8516 return &modes[i];
8517 }
8518 }
8519
8520 return NULL;
8521 }
8522
8523
8524 static struct
wpas_get_disallowed_bss(struct wpa_supplicant * wpa_s,const u8 * bssid)8525 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
8526 const u8 *bssid)
8527 {
8528 struct wpa_bss_tmp_disallowed *bss;
8529
8530 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
8531 struct wpa_bss_tmp_disallowed, list) {
8532 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
8533 return bss;
8534 }
8535
8536 return NULL;
8537 }
8538
8539
wpa_set_driver_tmp_disallow_list(struct wpa_supplicant * wpa_s)8540 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
8541 {
8542 struct wpa_bss_tmp_disallowed *tmp;
8543 unsigned int num_bssid = 0;
8544 u8 *bssids;
8545 int ret;
8546
8547 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
8548 if (!bssids)
8549 return -1;
8550 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8551 struct wpa_bss_tmp_disallowed, list) {
8552 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
8553 ETH_ALEN);
8554 num_bssid++;
8555 }
8556 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids);
8557 os_free(bssids);
8558 return ret;
8559 }
8560
8561
wpa_bss_tmp_disallow_timeout(void * eloop_ctx,void * timeout_ctx)8562 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
8563 {
8564 struct wpa_supplicant *wpa_s = eloop_ctx;
8565 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
8566
8567 /* Make sure the bss is not already freed */
8568 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8569 struct wpa_bss_tmp_disallowed, list) {
8570 if (bss == tmp) {
8571 remove_bss_tmp_disallowed_entry(wpa_s, tmp);
8572 wpa_set_driver_tmp_disallow_list(wpa_s);
8573 break;
8574 }
8575 }
8576 }
8577
8578
wpa_bss_tmp_disallow(struct wpa_supplicant * wpa_s,const u8 * bssid,unsigned int sec,int rssi_threshold)8579 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
8580 unsigned int sec, int rssi_threshold)
8581 {
8582 struct wpa_bss_tmp_disallowed *bss;
8583
8584 bss = wpas_get_disallowed_bss(wpa_s, bssid);
8585 if (bss) {
8586 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
8587 goto finish;
8588 }
8589
8590 bss = os_malloc(sizeof(*bss));
8591 if (!bss) {
8592 wpa_printf(MSG_DEBUG,
8593 "Failed to allocate memory for temp disallow BSS");
8594 return;
8595 }
8596
8597 os_memcpy(bss->bssid, bssid, ETH_ALEN);
8598 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
8599 wpa_set_driver_tmp_disallow_list(wpa_s);
8600
8601 finish:
8602 bss->rssi_threshold = rssi_threshold;
8603 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
8604 wpa_s, bss);
8605 }
8606
8607
wpa_is_bss_tmp_disallowed(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)8608 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
8609 struct wpa_bss *bss)
8610 {
8611 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
8612
8613 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
8614 struct wpa_bss_tmp_disallowed, list) {
8615 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
8616 disallowed = tmp;
8617 break;
8618 }
8619 }
8620 if (!disallowed)
8621 return 0;
8622
8623 if (disallowed->rssi_threshold != 0 &&
8624 bss->level > disallowed->rssi_threshold) {
8625 remove_bss_tmp_disallowed_entry(wpa_s, disallowed);
8626 wpa_set_driver_tmp_disallow_list(wpa_s);
8627 return 0;
8628 }
8629
8630 return 1;
8631 }
8632
8633
wpas_enable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type,const u8 * addr,const u8 * mask)8634 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
8635 unsigned int type, const u8 *addr,
8636 const u8 *mask)
8637 {
8638 if ((addr && !mask) || (!addr && mask)) {
8639 wpa_printf(MSG_INFO,
8640 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
8641 return -1;
8642 }
8643
8644 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
8645 wpa_printf(MSG_INFO,
8646 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
8647 return -1;
8648 }
8649
8650 if (type & MAC_ADDR_RAND_SCAN) {
8651 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
8652 addr, mask))
8653 return -1;
8654 }
8655
8656 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
8657 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
8658 addr, mask))
8659 return -1;
8660
8661 if (wpa_s->sched_scanning && !wpa_s->pno)
8662 wpas_scan_restart_sched_scan(wpa_s);
8663 }
8664
8665 if (type & MAC_ADDR_RAND_PNO) {
8666 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
8667 addr, mask))
8668 return -1;
8669
8670 if (wpa_s->pno) {
8671 wpas_stop_pno(wpa_s);
8672 wpas_start_pno(wpa_s);
8673 }
8674 }
8675
8676 return 0;
8677 }
8678
8679
wpas_disable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type)8680 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
8681 unsigned int type)
8682 {
8683 wpas_mac_addr_rand_scan_clear(wpa_s, type);
8684 if (wpa_s->pno) {
8685 if (type & MAC_ADDR_RAND_PNO) {
8686 wpas_stop_pno(wpa_s);
8687 wpas_start_pno(wpa_s);
8688 }
8689 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
8690 wpas_scan_restart_sched_scan(wpa_s);
8691 }
8692
8693 return 0;
8694 }
8695
8696
wpa_drv_signal_poll(struct wpa_supplicant * wpa_s,struct wpa_signal_info * si)8697 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
8698 struct wpa_signal_info *si)
8699 {
8700 int res;
8701
8702 if (!wpa_s->driver->signal_poll)
8703 return -1;
8704
8705 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
8706
8707 #ifdef CONFIG_TESTING_OPTIONS
8708 if (res == 0) {
8709 struct driver_signal_override *dso;
8710
8711 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8712 struct driver_signal_override, list) {
8713 if (os_memcmp(wpa_s->bssid, dso->bssid,
8714 ETH_ALEN) != 0)
8715 continue;
8716 wpa_printf(MSG_DEBUG,
8717 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
8718 si->current_signal,
8719 dso->si_current_signal,
8720 si->avg_signal,
8721 dso->si_avg_signal,
8722 si->avg_beacon_signal,
8723 dso->si_avg_beacon_signal,
8724 si->current_noise,
8725 dso->si_current_noise);
8726 si->current_signal = dso->si_current_signal;
8727 si->avg_signal = dso->si_avg_signal;
8728 si->avg_beacon_signal = dso->si_avg_beacon_signal;
8729 si->current_noise = dso->si_current_noise;
8730 break;
8731 }
8732 }
8733 #endif /* CONFIG_TESTING_OPTIONS */
8734
8735 return res;
8736 }
8737
8738
8739 struct wpa_scan_results *
wpa_drv_get_scan_results2(struct wpa_supplicant * wpa_s)8740 wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s)
8741 {
8742 struct wpa_scan_results *scan_res;
8743 #ifdef CONFIG_TESTING_OPTIONS
8744 size_t idx;
8745 #endif /* CONFIG_TESTING_OPTIONS */
8746
8747 if (!wpa_s->driver->get_scan_results2)
8748 return NULL;
8749
8750 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
8751
8752 #ifdef CONFIG_TESTING_OPTIONS
8753 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
8754 struct driver_signal_override *dso;
8755 struct wpa_scan_res *res = scan_res->res[idx];
8756
8757 dl_list_for_each(dso, &wpa_s->drv_signal_override,
8758 struct driver_signal_override, list) {
8759 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0)
8760 continue;
8761 wpa_printf(MSG_DEBUG,
8762 "Override driver scan signal level %d->%d for "
8763 MACSTR,
8764 res->level, dso->scan_level,
8765 MAC2STR(res->bssid));
8766 res->flags |= WPA_SCAN_QUAL_INVALID;
8767 if (dso->scan_level < 0)
8768 res->flags |= WPA_SCAN_LEVEL_DBM;
8769 else
8770 res->flags &= ~WPA_SCAN_LEVEL_DBM;
8771 res->level = dso->scan_level;
8772 break;
8773 }
8774 }
8775 #endif /* CONFIG_TESTING_OPTIONS */
8776
8777 return scan_res;
8778 }
8779