1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/crypto.h"
21 #include "crypto/random.h"
22 #include "crypto/sha1.h"
23 #include "eapol_supp/eapol_supp_sm.h"
24 #include "eap_peer/eap.h"
25 #include "eap_peer/eap_proxy.h"
26 #include "eap_server/eap_methods.h"
27 #include "rsn_supp/wpa.h"
28 #include "eloop.h"
29 #include "config.h"
30 #include "utils/ext_password.h"
31 #include "l2_packet/l2_packet.h"
32 #include "wpa_supplicant_i.h"
33 #include "driver_i.h"
34 #include "ctrl_iface.h"
35 #include "pcsc_funcs.h"
36 #include "common/version.h"
37 #include "rsn_supp/preauth.h"
38 #include "rsn_supp/pmksa_cache.h"
39 #include "common/wpa_ctrl.h"
40 #include "common/ieee802_11_common.h"
41 #include "common/ieee802_11_defs.h"
42 #include "common/hw_features_common.h"
43 #include "common/gas_server.h"
44 #include "common/dpp.h"
45 #include "common/ptksa_cache.h"
46 #include "p2p/p2p.h"
47 #include "fst/fst.h"
48 #include "bssid_ignore.h"
49 #include "wpas_glue.h"
50 #include "wps_supplicant.h"
51 #include "ibss_rsn.h"
52 #include "sme.h"
53 #include "gas_query.h"
54 #include "ap.h"
55 #include "p2p_supplicant.h"
56 #include "wifi_display.h"
57 #include "notify.h"
58 #include "bgscan.h"
59 #include "autoscan.h"
60 #include "bss.h"
61 #include "scan.h"
62 #include "offchannel.h"
63 #include "hs20_supplicant.h"
64 #include "wnm_sta.h"
65 #include "wpas_kay.h"
66 #include "mesh.h"
67 #include "dpp_supplicant.h"
68 #include "nan_usd.h"
69 #ifdef CONFIG_MESH
70 #include "ap/ap_config.h"
71 #include "ap/hostapd.h"
72 #endif /* CONFIG_MESH */
73 #include "aidl/vendor/aidl.h"
74
75 const char *const wpa_supplicant_version =
76 "wpa_supplicant v" VERSION_STR "\n"
77 "Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi> and contributors";
78
79 const char *const wpa_supplicant_license =
80 "This software may be distributed under the terms of the BSD license.\n"
81 "See README for more details.\n"
82 #ifdef EAP_TLS_OPENSSL
83 "\nThis product includes software developed by the OpenSSL Project\n"
84 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
85 #endif /* EAP_TLS_OPENSSL */
86 ;
87
88 #ifndef CONFIG_NO_STDOUT_DEBUG
89 /* Long text divided into parts in order to fit in C89 strings size limits. */
90 const char *const wpa_supplicant_full_license1 =
91 "";
92 const char *const wpa_supplicant_full_license2 =
93 "This software may be distributed under the terms of the BSD license.\n"
94 "\n"
95 "Redistribution and use in source and binary forms, with or without\n"
96 "modification, are permitted provided that the following conditions are\n"
97 "met:\n"
98 "\n";
99 const char *const wpa_supplicant_full_license3 =
100 "1. Redistributions of source code must retain the above copyright\n"
101 " notice, this list of conditions and the following disclaimer.\n"
102 "\n"
103 "2. Redistributions in binary form must reproduce the above copyright\n"
104 " notice, this list of conditions and the following disclaimer in the\n"
105 " documentation and/or other materials provided with the distribution.\n"
106 "\n";
107 const char *const wpa_supplicant_full_license4 =
108 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
109 " names of its contributors may be used to endorse or promote products\n"
110 " derived from this software without specific prior written permission.\n"
111 "\n"
112 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
113 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
114 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
115 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
116 const char *const wpa_supplicant_full_license5 =
117 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
118 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
119 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
120 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
121 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
122 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
123 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
124 "\n";
125 #endif /* CONFIG_NO_STDOUT_DEBUG */
126
127
128 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
129 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx);
130 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
131 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
132 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
133 #ifdef CONFIG_OWE
134 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
135 #endif /* CONFIG_OWE */
136
137
138 #ifdef CONFIG_WEP
139 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)140 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
141 {
142 int i, set = 0;
143
144 for (i = 0; i < NUM_WEP_KEYS; i++) {
145 if (ssid->wep_key_len[i] == 0)
146 continue;
147
148 set = 1;
149 wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL,
150 i, i == ssid->wep_tx_keyidx, NULL, 0,
151 ssid->wep_key[i], ssid->wep_key_len[i],
152 i == ssid->wep_tx_keyidx ?
153 KEY_FLAG_GROUP_RX_TX_DEFAULT :
154 KEY_FLAG_GROUP_RX_TX);
155 }
156
157 return set;
158 }
159 #endif /* CONFIG_WEP */
160
161
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)162 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
163 struct wpa_ssid *ssid)
164 {
165 u8 key[32];
166 size_t keylen;
167 enum wpa_alg alg;
168 u8 seq[6] = { 0 };
169 int ret;
170
171 /* IBSS/WPA-None uses only one key (Group) for both receiving and
172 * sending unicast and multicast packets. */
173
174 if (ssid->mode != WPAS_MODE_IBSS) {
175 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
176 "IBSS/ad-hoc) for WPA-None", ssid->mode);
177 return -1;
178 }
179
180 if (!ssid->psk_set) {
181 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
182 "WPA-None");
183 return -1;
184 }
185
186 switch (wpa_s->group_cipher) {
187 case WPA_CIPHER_CCMP:
188 os_memcpy(key, ssid->psk, 16);
189 keylen = 16;
190 alg = WPA_ALG_CCMP;
191 break;
192 case WPA_CIPHER_GCMP:
193 os_memcpy(key, ssid->psk, 16);
194 keylen = 16;
195 alg = WPA_ALG_GCMP;
196 break;
197 case WPA_CIPHER_TKIP:
198 /* WPA-None uses the same Michael MIC key for both TX and RX */
199 os_memcpy(key, ssid->psk, 16 + 8);
200 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
201 keylen = 32;
202 alg = WPA_ALG_TKIP;
203 break;
204 default:
205 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
206 "WPA-None", wpa_s->group_cipher);
207 return -1;
208 }
209
210 /* TODO: should actually remember the previously used seq#, both for TX
211 * and RX from each STA.. */
212
213 ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen,
214 KEY_FLAG_GROUP_RX_TX_DEFAULT);
215 os_memset(key, 0, sizeof(key));
216 return ret;
217 }
218
219
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)220 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
221 {
222 struct wpa_supplicant *wpa_s = eloop_ctx;
223 const u8 *bssid = wpa_s->bssid;
224 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
225 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
226 wpa_s->wpa_state == WPA_ASSOCIATING))
227 bssid = wpa_s->pending_bssid;
228 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
229 MAC2STR(bssid));
230 wpa_bssid_ignore_add(wpa_s, bssid);
231 wpas_notify_auth_timeout(wpa_s);
232 wpa_sm_notify_disassoc(wpa_s->wpa);
233 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
234 wpa_s->reassociate = 1;
235
236 /*
237 * If we timed out, the AP or the local radio may be busy.
238 * So, wait a second until scanning again.
239 */
240 wpa_supplicant_req_scan(wpa_s, 1, 0);
241 }
242
243
244 /**
245 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
246 * @wpa_s: Pointer to wpa_supplicant data
247 * @sec: Number of seconds after which to time out authentication
248 * @usec: Number of microseconds after which to time out authentication
249 *
250 * This function is used to schedule a timeout for the current authentication
251 * attempt.
252 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)253 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
254 int sec, int usec)
255 {
256 if (wpa_s->conf->ap_scan == 0 &&
257 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
258 return;
259
260 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
261 "%d usec", sec, usec);
262 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
263 wpa_s->last_auth_timeout_sec = sec;
264 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
265 }
266
267
268 /*
269 * wpas_auth_timeout_restart - Restart and change timeout for authentication
270 * @wpa_s: Pointer to wpa_supplicant data
271 * @sec_diff: difference in seconds applied to original timeout value
272 */
wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)273 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
274 {
275 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
276
277 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
278 wpa_dbg(wpa_s, MSG_DEBUG,
279 "Authentication timeout restart: %d sec", new_sec);
280 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
281 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
282 wpa_s, NULL);
283 }
284 }
285
286
287 /**
288 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
289 * @wpa_s: Pointer to wpa_supplicant data
290 *
291 * This function is used to cancel authentication timeout scheduled with
292 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
293 * been completed.
294 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)295 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
296 {
297 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
298 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
299 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
300 os_free(wpa_s->last_con_fail_realm);
301 wpa_s->last_con_fail_realm = NULL;
302 wpa_s->last_con_fail_realm_len = 0;
303 }
304
305
306 /**
307 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
308 * @wpa_s: Pointer to wpa_supplicant data
309 *
310 * This function is used to configure EAPOL state machine based on the selected
311 * authentication mode.
312 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)313 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
314 {
315 #ifdef IEEE8021X_EAPOL
316 struct eapol_config eapol_conf;
317 struct wpa_ssid *ssid = wpa_s->current_ssid;
318
319 #ifdef CONFIG_IBSS_RSN
320 if (ssid->mode == WPAS_MODE_IBSS &&
321 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
322 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
323 /*
324 * RSN IBSS authentication is per-STA and we can disable the
325 * per-BSSID EAPOL authentication.
326 */
327 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
328 eapol_sm_notify_eap_success(wpa_s->eapol, true);
329 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
330 return;
331 }
332 #endif /* CONFIG_IBSS_RSN */
333
334 eapol_sm_notify_eap_success(wpa_s->eapol, false);
335 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
336
337 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
338 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
339 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
340 else
341 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
342
343 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
344 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
345 eapol_conf.accept_802_1x_keys = 1;
346 eapol_conf.required_keys = 0;
347 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
348 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
349 }
350 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
351 eapol_conf.required_keys |=
352 EAPOL_REQUIRE_KEY_BROADCAST;
353 }
354
355 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
356 eapol_conf.required_keys = 0;
357 }
358 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
359 eapol_conf.workaround = ssid->eap_workaround;
360 eapol_conf.eap_disabled =
361 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
362 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
363 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
364 eapol_conf.external_sim = wpa_s->conf->external_sim;
365
366 #ifdef CONFIG_WPS
367 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
368 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
369 if (wpa_s->current_bss) {
370 struct wpabuf *ie;
371 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
372 WPS_IE_VENDOR_TYPE);
373 if (ie) {
374 if (wps_is_20(ie))
375 eapol_conf.wps |=
376 EAPOL_PEER_IS_WPS20_AP;
377 wpabuf_free(ie);
378 }
379 }
380 }
381 #endif /* CONFIG_WPS */
382
383 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
384
385 #ifdef CONFIG_MACSEC
386 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
387 ieee802_1x_create_preshared_mka(wpa_s, ssid);
388 else
389 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
390 #endif /* CONFIG_MACSEC */
391 #endif /* IEEE8021X_EAPOL */
392 }
393
394
395 /**
396 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
397 * @wpa_s: Pointer to wpa_supplicant data
398 * @ssid: Configuration data for the network
399 *
400 * This function is used to configure WPA state machine and related parameters
401 * to a mode where WPA is not enabled. This is called as part of the
402 * authentication configuration when the selected network does not use WPA.
403 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)404 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
405 struct wpa_ssid *ssid)
406 {
407 #ifdef CONFIG_WEP
408 int i;
409 #endif /* CONFIG_WEP */
410 struct wpa_sm_mlo mlo;
411
412 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
413 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
414 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
415 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
416 else
417 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
418 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
419 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
420 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
421 wpa_sm_set_ap_rsne_override(wpa_s->wpa, NULL, 0);
422 wpa_sm_set_ap_rsne_override_2(wpa_s->wpa, NULL, 0);
423 wpa_sm_set_ap_rsnxe_override(wpa_s->wpa, NULL, 0);
424 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
425 #ifndef CONFIG_NO_WPA
426 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
427 #endif /* CONFIG_NO_WPA */
428 wpa_s->rsnxe_len = 0;
429 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
430 wpa_s->group_cipher = WPA_CIPHER_NONE;
431 wpa_s->mgmt_group_cipher = 0;
432
433 #ifdef CONFIG_WEP
434 for (i = 0; i < NUM_WEP_KEYS; i++) {
435 if (ssid->wep_key_len[i] > 5) {
436 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
437 wpa_s->group_cipher = WPA_CIPHER_WEP104;
438 break;
439 } else if (ssid->wep_key_len[i] > 0) {
440 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
441 wpa_s->group_cipher = WPA_CIPHER_WEP40;
442 break;
443 }
444 }
445 #endif /* CONFIG_WEP */
446
447 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
448 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
449 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
450 wpa_s->pairwise_cipher);
451 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
452 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
453 wpa_s->mgmt_group_cipher);
454 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, 0);
455
456 pmksa_cache_clear_current(wpa_s->wpa);
457 os_memset(&mlo, 0, sizeof(mlo));
458 wpa_sm_set_mlo_params(wpa_s->wpa, &mlo);
459 }
460
461
free_hw_features(struct wpa_supplicant * wpa_s)462 void free_hw_features(struct wpa_supplicant *wpa_s)
463 {
464 int i;
465 if (wpa_s->hw.modes == NULL)
466 return;
467
468 for (i = 0; i < wpa_s->hw.num_modes; i++) {
469 os_free(wpa_s->hw.modes[i].channels);
470 os_free(wpa_s->hw.modes[i].rates);
471 }
472
473 os_free(wpa_s->hw.modes);
474 wpa_s->hw.modes = NULL;
475 }
476
477
remove_bss_tmp_disallowed_entry(struct wpa_supplicant * wpa_s,struct wpa_bss_tmp_disallowed * bss)478 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s,
479 struct wpa_bss_tmp_disallowed *bss)
480 {
481 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
482 dl_list_del(&bss->list);
483 os_free(bss);
484 }
485
486
free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)487 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
488 {
489 struct wpa_bss_tmp_disallowed *bss, *prev;
490
491 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
492 struct wpa_bss_tmp_disallowed, list)
493 remove_bss_tmp_disallowed_entry(wpa_s, bss);
494 }
495
496
wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)497 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
498 {
499 struct fils_hlp_req *req;
500
501 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
502 list)) != NULL) {
503 dl_list_del(&req->list);
504 wpabuf_free(req->pkt);
505 os_free(req);
506 }
507 }
508
509
wpas_wfa_gen_capab_attr(struct wpa_supplicant * wpa_s)510 static struct wpabuf * wpas_wfa_gen_capab_attr(struct wpa_supplicant *wpa_s)
511 {
512 struct wpabuf *attr;
513 size_t gen_len, supp_len;
514 const u8 *supp;
515 u8 supp_buf[1];
516 bool add_cert;
517
518 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_DISABLED)
519 return NULL;
520
521 if (!wpa_s->conf->wfa_gen_capa_supp ||
522 wpabuf_len(wpa_s->conf->wfa_gen_capa_supp) == 0) {
523 supp_len = 1;
524 supp_buf[0] = 0;
525 if (wpa_s->hw_capab & BIT(CAPAB_HT))
526 supp_buf[0] |= BIT(0); /* Wi-Fi 4 */
527 if (wpa_s->hw_capab & BIT(CAPAB_VHT))
528 supp_buf[0] |= BIT(1); /* Wi-Fi 5 */
529 if (wpa_s->hw_capab & BIT(CAPAB_HE))
530 supp_buf[0] |= BIT(2); /* Wi-Fi 6 */
531 if (wpa_s->hw_capab & BIT(CAPAB_EHT))
532 supp_buf[0] |= BIT(3); /* Wi-Fi 7 */
533 supp = supp_buf;
534 } else {
535 supp_len = wpabuf_len(wpa_s->conf->wfa_gen_capa_supp);
536 supp = wpabuf_head(wpa_s->conf->wfa_gen_capa_supp);
537 }
538
539 add_cert = wpa_s->conf->wfa_gen_capa_cert &&
540 wpabuf_len(wpa_s->conf->wfa_gen_capa_cert) == supp_len;
541
542 gen_len = 1 + supp_len;
543 if (add_cert) {
544 gen_len++;
545 gen_len += wpabuf_len(wpa_s->conf->wfa_gen_capa_cert);
546 }
547
548 attr = wpabuf_alloc(2 + gen_len);
549 if (!attr)
550 return NULL;
551
552 wpabuf_put_u8(attr, WFA_CAPA_ATTR_GENERATIONAL_CAPAB);
553 wpabuf_put_u8(attr, gen_len);
554 wpabuf_put_u8(attr, supp_len);
555 wpabuf_put_data(attr, supp, supp_len);
556 if (add_cert) {
557 wpabuf_put_u8(attr,
558 wpabuf_len(wpa_s->conf->wfa_gen_capa_cert));
559 wpabuf_put_buf(attr, wpa_s->conf->wfa_gen_capa_cert);
560 }
561
562 return attr;
563 }
564
565
566
wpas_wfa_capab_tx(void * eloop_ctx,void * timeout_ctx)567 static void wpas_wfa_capab_tx(void *eloop_ctx, void *timeout_ctx)
568 {
569 struct wpa_supplicant *wpa_s = eloop_ctx;
570 struct wpabuf *attr, *buf;
571 size_t buf_len;
572
573 if (wpa_s->conf->wfa_gen_capa != WFA_GEN_CAPA_PROTECTED ||
574 wpa_s->wpa_state != WPA_COMPLETED ||
575 !pmf_in_use(wpa_s, wpa_s->bssid))
576 return;
577
578 attr = wpas_wfa_gen_capab_attr(wpa_s);
579 if (!attr)
580 return;
581
582 buf_len = 1 + 3 + 1 + 1 + wpabuf_len(attr);
583 buf = wpabuf_alloc(buf_len);
584 if (!buf) {
585 wpabuf_free(attr);
586 return;
587 }
588
589 wpabuf_put_u8(buf, WLAN_ACTION_VENDOR_SPECIFIC_PROTECTED);
590 wpabuf_put_be32(buf, WFA_CAPAB_VENDOR_TYPE);
591 wpabuf_put_u8(buf, 0); /* Capabilities Length */
592 wpabuf_put_buf(buf, attr);
593 wpabuf_free(attr);
594
595 wpa_printf(MSG_DEBUG, "WFA: Send WFA Capabilities frame");
596 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
597 wpa_s->own_addr, wpa_s->bssid,
598 wpabuf_head(buf), wpabuf_len(buf), 0) < 0)
599 wpa_printf(MSG_DEBUG,
600 "WFA: Failed to send WFA Capabilities frame");
601
602 wpabuf_free(buf);
603 }
604
605
wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)606 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
607 {
608 struct wpa_supplicant *wpa_s = eloop_ctx;
609
610 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
611 return;
612 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
613 wpa_bss_flush(wpa_s);
614 }
615
616
617 #ifdef CONFIG_TESTING_OPTIONS
wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)618 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
619 {
620 struct driver_signal_override *dso;
621
622 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
623 struct driver_signal_override, list))) {
624 dl_list_del(&dso->list);
625 os_free(dso);
626 }
627 }
628 #endif /* CONFIG_TESTING_OPTIONS */
629
630
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)631 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
632 {
633 int i;
634
635 bgscan_deinit(wpa_s);
636 autoscan_deinit(wpa_s);
637 scard_deinit(wpa_s->scard);
638 wpa_s->scard = NULL;
639 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
640 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
641 l2_packet_deinit(wpa_s->l2);
642 wpa_s->l2 = NULL;
643 if (wpa_s->l2_br) {
644 l2_packet_deinit(wpa_s->l2_br);
645 wpa_s->l2_br = NULL;
646 }
647 #ifdef CONFIG_TESTING_OPTIONS
648 l2_packet_deinit(wpa_s->l2_test);
649 wpa_s->l2_test = NULL;
650 os_free(wpa_s->get_pref_freq_list_override);
651 wpa_s->get_pref_freq_list_override = NULL;
652 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
653 wpa_s->last_assoc_req_wpa_ie = NULL;
654 os_free(wpa_s->extra_sae_rejected_groups);
655 wpa_s->extra_sae_rejected_groups = NULL;
656 wpabuf_free(wpa_s->rsne_override_eapol);
657 wpa_s->rsne_override_eapol = NULL;
658 wpabuf_free(wpa_s->rsnxe_override_assoc);
659 wpa_s->rsnxe_override_assoc = NULL;
660 wpabuf_free(wpa_s->rsnxe_override_eapol);
661 wpa_s->rsnxe_override_eapol = NULL;
662 wpas_clear_driver_signal_override(wpa_s);
663 #endif /* CONFIG_TESTING_OPTIONS */
664
665 if (wpa_s->conf != NULL) {
666 struct wpa_ssid *ssid;
667 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
668 wpas_notify_network_removed(wpa_s, ssid);
669 }
670
671 os_free(wpa_s->confname);
672 wpa_s->confname = NULL;
673
674 os_free(wpa_s->confanother);
675 wpa_s->confanother = NULL;
676
677 os_free(wpa_s->last_con_fail_realm);
678 wpa_s->last_con_fail_realm = NULL;
679 wpa_s->last_con_fail_realm_len = 0;
680
681 wpa_sm_set_eapol(wpa_s->wpa, NULL);
682 eapol_sm_deinit(wpa_s->eapol);
683 wpa_s->eapol = NULL;
684
685 rsn_preauth_deinit(wpa_s->wpa);
686
687 #ifdef CONFIG_TDLS
688 wpa_tdls_deinit(wpa_s->wpa);
689 #endif /* CONFIG_TDLS */
690
691 #ifndef CONFIG_NO_WMM_AC
692 wmm_ac_clear_saved_tspecs(wpa_s);
693 #endif /* CONFIG_NO_WMM_AC */
694 pmksa_candidate_free(wpa_s->wpa);
695 ptksa_cache_deinit(wpa_s->ptksa);
696 wpa_s->ptksa = NULL;
697 wpa_sm_deinit(wpa_s->wpa);
698 wpa_s->wpa = NULL;
699 wpa_bssid_ignore_clear(wpa_s);
700
701 #ifdef CONFIG_PASN
702 wpas_pasn_auth_stop(wpa_s);
703 #endif /* CONFIG_PASN */
704
705 wpa_bss_deinit(wpa_s);
706
707 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
708 wpa_supplicant_cancel_scan(wpa_s);
709 wpa_supplicant_cancel_auth_timeout(wpa_s);
710 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
711 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
712 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
713 wpa_s, NULL);
714 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
715
716 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
717 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
718 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL);
719 eloop_cancel_timeout(wpas_wfa_capab_tx, wpa_s, NULL);
720
721 wpas_wps_deinit(wpa_s);
722
723 wpabuf_free(wpa_s->pending_eapol_rx);
724 wpa_s->pending_eapol_rx = NULL;
725
726 #ifdef CONFIG_IBSS_RSN
727 ibss_rsn_deinit(wpa_s->ibss_rsn);
728 wpa_s->ibss_rsn = NULL;
729 #endif /* CONFIG_IBSS_RSN */
730
731 sme_deinit(wpa_s);
732
733 #ifdef CONFIG_AP
734 wpa_supplicant_ap_deinit(wpa_s);
735 #endif /* CONFIG_AP */
736
737 wpas_p2p_deinit(wpa_s);
738
739 #ifdef CONFIG_OFFCHANNEL
740 offchannel_deinit(wpa_s);
741 #endif /* CONFIG_OFFCHANNEL */
742
743 wpa_supplicant_cancel_sched_scan(wpa_s);
744
745 os_free(wpa_s->next_scan_freqs);
746 wpa_s->next_scan_freqs = NULL;
747
748 os_free(wpa_s->manual_scan_freqs);
749 wpa_s->manual_scan_freqs = NULL;
750 os_free(wpa_s->select_network_scan_freqs);
751 wpa_s->select_network_scan_freqs = NULL;
752
753 os_free(wpa_s->manual_sched_scan_freqs);
754 wpa_s->manual_sched_scan_freqs = NULL;
755
756 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
757
758 /*
759 * Need to remove any pending gas-query radio work before the
760 * gas_query_deinit() call because gas_query::work has not yet been set
761 * for works that have not been started. gas_query_free() will be unable
762 * to cancel such pending radio works and once the pending gas-query
763 * radio work eventually gets removed, the deinit notification call to
764 * gas_query_start_cb() would result in dereferencing freed memory.
765 */
766 if (wpa_s->radio)
767 radio_remove_works(wpa_s, "gas-query", 0);
768 gas_query_deinit(wpa_s->gas);
769 wpa_s->gas = NULL;
770 gas_server_deinit(wpa_s->gas_server);
771 wpa_s->gas_server = NULL;
772
773 free_hw_features(wpa_s);
774
775 ieee802_1x_dealloc_kay_sm(wpa_s);
776
777 os_free(wpa_s->bssid_filter);
778 wpa_s->bssid_filter = NULL;
779
780 os_free(wpa_s->disallow_aps_bssid);
781 wpa_s->disallow_aps_bssid = NULL;
782 os_free(wpa_s->disallow_aps_ssid);
783 wpa_s->disallow_aps_ssid = NULL;
784
785 wnm_bss_keep_alive_deinit(wpa_s);
786 wnm_btm_reset(wpa_s);
787
788 ext_password_deinit(wpa_s->ext_pw);
789 wpa_s->ext_pw = NULL;
790
791 wpabuf_free(wpa_s->last_gas_resp);
792 wpa_s->last_gas_resp = NULL;
793 wpabuf_free(wpa_s->prev_gas_resp);
794 wpa_s->prev_gas_resp = NULL;
795
796 os_free(wpa_s->last_scan_res);
797 wpa_s->last_scan_res = NULL;
798
799 #ifdef CONFIG_HS20
800 if (wpa_s->drv_priv)
801 wpa_drv_configure_frame_filters(wpa_s, 0);
802 #endif /* CONFIG_HS20 */
803
804 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
805 wpabuf_free(wpa_s->vendor_elem[i]);
806 wpa_s->vendor_elem[i] = NULL;
807 }
808
809 #ifndef CONFIG_NO_WMM_AC
810 wmm_ac_notify_disassoc(wpa_s);
811 #endif /* CONFIG_NO_WMM_AC */
812
813 wpa_s->sched_scan_plans_num = 0;
814 os_free(wpa_s->sched_scan_plans);
815 wpa_s->sched_scan_plans = NULL;
816
817 #ifdef CONFIG_MBO
818 wpa_s->non_pref_chan_num = 0;
819 os_free(wpa_s->non_pref_chan);
820 wpa_s->non_pref_chan = NULL;
821 #endif /* CONFIG_MBO */
822
823 free_bss_tmp_disallowed(wpa_s);
824
825 wpabuf_free(wpa_s->lci);
826 wpa_s->lci = NULL;
827 #ifndef CONFIG_NO_RRM
828 wpas_clear_beacon_rep_data(wpa_s);
829 #endif /* CONFIG_NO_RRM */
830
831 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
832 #ifdef CONFIG_MESH
833 {
834 struct external_pmksa_cache *entry;
835
836 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
837 struct external_pmksa_cache,
838 list)) != NULL) {
839 dl_list_del(&entry->list);
840 os_free(entry->pmksa_cache);
841 os_free(entry);
842 }
843 }
844 #endif /* CONFIG_MESH */
845 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
846
847 wpas_flush_fils_hlp_req(wpa_s);
848
849 wpabuf_free(wpa_s->ric_ies);
850 wpa_s->ric_ies = NULL;
851
852 #ifdef CONFIG_DPP
853 wpas_dpp_deinit(wpa_s);
854 dpp_global_deinit(wpa_s->dpp);
855 wpa_s->dpp = NULL;
856 #endif /* CONFIG_DPP */
857
858 #ifdef CONFIG_NAN_USD
859 wpas_nan_usd_deinit(wpa_s);
860 #endif /* CONFIG_NAN_USD */
861
862 #ifdef CONFIG_PASN
863 wpas_pasn_auth_stop(wpa_s);
864 #endif /* CONFIG_PASN */
865 #ifndef CONFIG_NO_ROBUST_AV
866 wpas_scs_deinit(wpa_s);
867 wpas_dscp_deinit(wpa_s);
868 #endif /* CONFIG_NO_ROBUST_AV */
869
870 #ifdef CONFIG_OWE
871 os_free(wpa_s->owe_trans_scan_freq);
872 wpa_s->owe_trans_scan_freq = NULL;
873 #endif /* CONFIG_OWE */
874 }
875
876
877 /**
878 * wpa_clear_keys - Clear keys configured for the driver
879 * @wpa_s: Pointer to wpa_supplicant data
880 * @addr: Previously used BSSID or %NULL if not available
881 *
882 * This function clears the encryption keys that has been previously configured
883 * for the driver.
884 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)885 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
886 {
887 int i, max = 6;
888
889 /* MLME-DELETEKEYS.request */
890 for (i = 0; i < max; i++) {
891 if (wpa_s->keys_cleared & BIT(i))
892 continue;
893 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
894 NULL, 0, KEY_FLAG_GROUP);
895 }
896 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
897 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
898 !is_zero_ether_addr(addr)) {
899 if (!(wpa_s->keys_cleared & BIT(0)))
900 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0,
901 NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE);
902 if (!(wpa_s->keys_cleared & BIT(15)))
903 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0,
904 NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE);
905 /* MLME-SETPROTECTION.request(None) */
906 wpa_drv_mlme_setprotection(
907 wpa_s, addr,
908 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
909 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
910 }
911 wpa_s->keys_cleared = (u32) -1;
912 }
913
914
915 /**
916 * wpa_supplicant_state_txt - Get the connection state name as a text string
917 * @state: State (wpa_state; WPA_*)
918 * Returns: The state name as a printable text string
919 */
wpa_supplicant_state_txt(enum wpa_states state)920 const char * wpa_supplicant_state_txt(enum wpa_states state)
921 {
922 switch (state) {
923 case WPA_DISCONNECTED:
924 return "DISCONNECTED";
925 case WPA_INACTIVE:
926 return "INACTIVE";
927 case WPA_INTERFACE_DISABLED:
928 return "INTERFACE_DISABLED";
929 case WPA_SCANNING:
930 return "SCANNING";
931 case WPA_AUTHENTICATING:
932 return "AUTHENTICATING";
933 case WPA_ASSOCIATING:
934 return "ASSOCIATING";
935 case WPA_ASSOCIATED:
936 return "ASSOCIATED";
937 case WPA_4WAY_HANDSHAKE:
938 return "4WAY_HANDSHAKE";
939 case WPA_GROUP_HANDSHAKE:
940 return "GROUP_HANDSHAKE";
941 case WPA_COMPLETED:
942 return "COMPLETED";
943 default:
944 return "UNKNOWN";
945 }
946 }
947
948
949 #ifdef CONFIG_BGSCAN
950
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)951 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
952 {
953 if (wpa_s->bgscan_ssid) {
954 bgscan_deinit(wpa_s);
955 wpa_s->bgscan_ssid = NULL;
956 }
957 }
958
959
960 /**
961 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
962 * @wpa_s: Pointer to the wpa_supplicant data
963 *
964 * Stop, start, or reconfigure the scan parameters depending on the method.
965 */
wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)966 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
967 {
968 const char *name;
969
970 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
971 name = wpa_s->current_ssid->bgscan;
972 else
973 name = wpa_s->conf->bgscan;
974 if (!name || name[0] == '\0') {
975 wpa_supplicant_stop_bgscan(wpa_s);
976 return;
977 }
978 if (wpas_driver_bss_selection(wpa_s))
979 return;
980 #ifdef CONFIG_P2P
981 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
982 return;
983 #endif /* CONFIG_P2P */
984
985 bgscan_deinit(wpa_s);
986 if (wpa_s->current_ssid) {
987 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
988 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
989 "bgscan");
990 /*
991 * Live without bgscan; it is only used as a roaming
992 * optimization, so the initial connection is not
993 * affected.
994 */
995 } else {
996 struct wpa_scan_results *scan_res;
997 wpa_s->bgscan_ssid = wpa_s->current_ssid;
998 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
999 0, NULL);
1000 if (scan_res) {
1001 bgscan_notify_scan(wpa_s, scan_res);
1002 wpa_scan_results_free(scan_res);
1003 }
1004 }
1005 } else
1006 wpa_s->bgscan_ssid = NULL;
1007 }
1008
1009 #endif /* CONFIG_BGSCAN */
1010
1011
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)1012 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
1013 {
1014 if (autoscan_init(wpa_s, 0))
1015 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
1016 }
1017
1018
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)1019 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
1020 {
1021 autoscan_deinit(wpa_s);
1022 }
1023
1024
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)1025 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
1026 {
1027 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
1028 wpa_s->wpa_state == WPA_SCANNING) {
1029 autoscan_deinit(wpa_s);
1030 wpa_supplicant_start_autoscan(wpa_s);
1031 }
1032 }
1033
1034
wpas_verify_ssid_beacon(void * eloop_ctx,void * timeout_ctx)1035 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx)
1036 {
1037 struct wpa_supplicant *wpa_s = eloop_ctx;
1038 struct wpa_bss *bss;
1039 const u8 *ssid;
1040 size_t ssid_len;
1041
1042 if (!wpa_s->current_ssid || !wpa_s->current_bss)
1043 return;
1044
1045 ssid = wpa_s->current_bss->ssid;
1046 ssid_len = wpa_s->current_bss->ssid_len;
1047
1048 if (wpa_s->current_ssid->ssid_len &&
1049 (wpa_s->current_ssid->ssid_len != ssid_len ||
1050 os_memcmp(wpa_s->current_ssid->ssid, ssid, ssid_len) != 0))
1051 return;
1052
1053 if (wpa_s->wpa_state < WPA_4WAY_HANDSHAKE ||
1054 !wpa_s->bigtk_set || wpa_s->ssid_verified)
1055 return;
1056
1057 wpa_printf(MSG_DEBUG,
1058 "SSID not yet verified; check if the driver has received a verified Beacon frame");
1059 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0)
1060 return;
1061
1062 /* wpa->current_bss might have changed due to memory reallocation, so
1063 * need to update ssid/ssid_len */
1064 if (!wpa_s->current_bss)
1065 return;
1066 ssid = wpa_s->current_bss->ssid;
1067 ssid_len = wpa_s->current_bss->ssid_len;
1068
1069 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid);
1070 if (!bss)
1071 return;
1072 wpa_printf(MSG_DEBUG, "The current beacon time stamp: 0x%llx",
1073 (long long unsigned int) bss->tsf);
1074 if (bss->tsf > wpa_s->first_beacon_tsf) {
1075 const u8 *ie;
1076
1077 wpa_printf(MSG_DEBUG,
1078 "Verified Beacon frame has been received");
1079 wpa_s->beacons_checked++;
1080
1081 ie = wpa_bss_get_ie_beacon(bss, WLAN_EID_SSID);
1082 if (ie && ie[1] == ssid_len &&
1083 os_memcmp(&ie[2], ssid, ssid_len) == 0) {
1084 wpa_printf(MSG_DEBUG,
1085 "SSID verified based on a Beacon frame and beacon protection");
1086 wpa_s->ssid_verified = true;
1087 return;
1088 }
1089
1090 /* TODO: Multiple BSSID element */
1091 }
1092
1093 if (wpa_s->beacons_checked < 16) {
1094 eloop_register_timeout(wpa_s->next_beacon_check, 0,
1095 wpas_verify_ssid_beacon, wpa_s, NULL);
1096 wpa_s->next_beacon_check++;
1097 }
1098 }
1099
1100
wpas_verify_ssid_beacon_prot(struct wpa_supplicant * wpa_s)1101 static void wpas_verify_ssid_beacon_prot(struct wpa_supplicant *wpa_s)
1102 {
1103 struct wpa_bss *bss;
1104
1105 wpa_printf(MSG_DEBUG,
1106 "SSID not yet verified; try to verify using beacon protection");
1107 /* Fetch the current scan result which is likely based on not yet
1108 * verified payload since the current BIGTK was just received. Any
1109 * newer update in the future with a larger timestamp value is an
1110 * indication that a verified Beacon frame has been received. */
1111 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0)
1112 return;
1113
1114 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid);
1115 if (!bss)
1116 return;
1117 wpa_printf(MSG_DEBUG, "The initial beacon time stamp: 0x%llx",
1118 (long long unsigned int) bss->tsf);
1119 wpa_s->first_beacon_tsf = bss->tsf;
1120 wpa_s->beacons_checked = 0;
1121 wpa_s->next_beacon_check = 1;
1122 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL);
1123 eloop_register_timeout(1, 0, wpas_verify_ssid_beacon, wpa_s, NULL);
1124 }
1125
1126
1127 /**
1128 * wpa_supplicant_set_state - Set current connection state
1129 * @wpa_s: Pointer to wpa_supplicant data
1130 * @state: The new connection state
1131 *
1132 * This function is called whenever the connection state changes, e.g.,
1133 * association is completed for WPA/WPA2 4-Way Handshake is started.
1134 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)1135 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
1136 enum wpa_states state)
1137 {
1138 enum wpa_states old_state = wpa_s->wpa_state;
1139 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1140 bool update_fils_connect_params = false;
1141 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1142
1143 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
1144 wpa_supplicant_state_txt(wpa_s->wpa_state),
1145 wpa_supplicant_state_txt(state));
1146
1147 if (state == WPA_COMPLETED &&
1148 os_reltime_initialized(&wpa_s->roam_start)) {
1149 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
1150 wpa_s->roam_start.sec = 0;
1151 wpa_s->roam_start.usec = 0;
1152 wpas_notify_auth_changed(wpa_s);
1153 wpas_notify_roam_time(wpa_s);
1154 wpas_notify_roam_complete(wpa_s);
1155 } else if (state == WPA_DISCONNECTED &&
1156 os_reltime_initialized(&wpa_s->roam_start)) {
1157 wpa_s->roam_start.sec = 0;
1158 wpa_s->roam_start.usec = 0;
1159 wpa_s->roam_time.sec = 0;
1160 wpa_s->roam_time.usec = 0;
1161 wpas_notify_roam_complete(wpa_s);
1162 }
1163
1164 if (state == WPA_INTERFACE_DISABLED) {
1165 /* Assure normal scan when interface is restored */
1166 wpa_s->normal_scans = 0;
1167 }
1168
1169 if (state == WPA_COMPLETED) {
1170 wpas_connect_work_done(wpa_s);
1171 /* Reinitialize normal_scan counter */
1172 wpa_s->normal_scans = 0;
1173 }
1174
1175 #ifdef CONFIG_P2P
1176 /*
1177 * P2PS client has to reply to Probe Request frames received on the
1178 * group operating channel. Enable Probe Request frame reporting for
1179 * P2P connected client in case p2p_cli_probe configuration property is
1180 * set to 1.
1181 */
1182 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
1183 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
1184 wpa_s->current_ssid->p2p_group) {
1185 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
1186 wpa_dbg(wpa_s, MSG_DEBUG,
1187 "P2P: Enable CLI Probe Request RX reporting");
1188 wpa_s->p2p_cli_probe =
1189 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
1190 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
1191 wpa_dbg(wpa_s, MSG_DEBUG,
1192 "P2P: Disable CLI Probe Request RX reporting");
1193 wpa_s->p2p_cli_probe = 0;
1194 wpa_drv_probe_req_report(wpa_s, 0);
1195 }
1196 }
1197 #endif /* CONFIG_P2P */
1198
1199 if (state != WPA_SCANNING)
1200 wpa_supplicant_notify_scanning(wpa_s, 0);
1201
1202 if (state == WPA_COMPLETED && wpa_s->new_connection) {
1203 struct wpa_ssid *ssid = wpa_s->current_ssid;
1204 int fils_hlp_sent = 0;
1205 char mld_addr[50];
1206
1207 mld_addr[0] = '\0';
1208 if (wpa_s->valid_links)
1209 os_snprintf(mld_addr, sizeof(mld_addr),
1210 " ap_mld_addr=" MACSTR,
1211 MAC2STR(wpa_s->ap_mld_addr));
1212
1213 #ifdef CONFIG_SME
1214 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1215 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
1216 fils_hlp_sent = 1;
1217 #endif /* CONFIG_SME */
1218 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1219 wpa_auth_alg_fils(wpa_s->auth_alg))
1220 fils_hlp_sent = 1;
1221
1222 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
1223 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1224 MACSTR " completed [id=%d id_str=%s%s]%s",
1225 MAC2STR(wpa_s->bssid),
1226 ssid ? ssid->id : -1,
1227 ssid && ssid->id_str ? ssid->id_str : "",
1228 fils_hlp_sent ? " FILS_HLP_SENT" : "", mld_addr);
1229 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1230 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1231 wpa_s->consecutive_conn_failures = 0;
1232 wpa_s->new_connection = 0;
1233 wpa_drv_set_operstate(wpa_s, 1);
1234 #ifndef IEEE8021X_EAPOL
1235 wpa_drv_set_supp_port(wpa_s, 1);
1236 #endif /* IEEE8021X_EAPOL */
1237 wpa_s->after_wps = 0;
1238 wpa_s->known_wps_freq = 0;
1239 wpas_p2p_completed(wpa_s);
1240
1241 sme_sched_obss_scan(wpa_s, 1);
1242
1243 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1244 if (!fils_hlp_sent && ssid && ssid->eap.erp)
1245 update_fils_connect_params = true;
1246 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1247 #ifdef CONFIG_OWE
1248 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1249 wpas_update_owe_connect_params(wpa_s);
1250 #endif /* CONFIG_OWE */
1251 #ifdef CONFIG_HS20
1252 hs20_configure_frame_filters(wpa_s);
1253 #endif
1254 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_PROTECTED &&
1255 pmf_in_use(wpa_s, wpa_s->bssid)) {
1256 eloop_cancel_timeout(wpas_wfa_capab_tx, wpa_s, NULL);
1257 eloop_register_timeout(0, 100000, wpas_wfa_capab_tx,
1258 wpa_s, NULL);
1259 }
1260 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1261 state == WPA_ASSOCIATED) {
1262 wpa_s->new_connection = 1;
1263 wpa_drv_set_operstate(wpa_s, 0);
1264 #ifndef IEEE8021X_EAPOL
1265 wpa_drv_set_supp_port(wpa_s, 0);
1266 #endif /* IEEE8021X_EAPOL */
1267 sme_sched_obss_scan(wpa_s, 0);
1268 }
1269 wpa_s->wpa_state = state;
1270
1271 #ifdef CONFIG_BGSCAN
1272 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1273 wpa_supplicant_reset_bgscan(wpa_s);
1274 else if (state < WPA_ASSOCIATED)
1275 wpa_supplicant_stop_bgscan(wpa_s);
1276 #endif /* CONFIG_BGSCAN */
1277
1278 if (state > WPA_SCANNING)
1279 wpa_supplicant_stop_autoscan(wpa_s);
1280
1281 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1282 wpa_supplicant_start_autoscan(wpa_s);
1283
1284 if (state == WPA_COMPLETED || state == WPA_INTERFACE_DISABLED ||
1285 state == WPA_INACTIVE)
1286 wnm_btm_reset(wpa_s);
1287
1288 #ifndef CONFIG_NO_WMM_AC
1289 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1290 wmm_ac_notify_disassoc(wpa_s);
1291 #endif /* CONFIG_NO_WMM_AC */
1292
1293 if (wpa_s->wpa_state != old_state) {
1294 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1295
1296 /*
1297 * Notify the P2P Device interface about a state change in one
1298 * of the interfaces.
1299 */
1300 wpas_p2p_indicate_state_change(wpa_s);
1301
1302 if (wpa_s->wpa_state == WPA_COMPLETED ||
1303 old_state == WPA_COMPLETED)
1304 wpas_notify_auth_changed(wpa_s);
1305 #ifdef CONFIG_DPP2
1306 if (wpa_s->wpa_state == WPA_COMPLETED)
1307 wpas_dpp_connected(wpa_s);
1308 #endif /* CONFIG_DPP2 */
1309
1310 if (wpa_s->wpa_state == WPA_COMPLETED &&
1311 wpa_s->bigtk_set && !wpa_s->ssid_verified)
1312 wpas_verify_ssid_beacon_prot(wpa_s);
1313 }
1314 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1315 if (update_fils_connect_params)
1316 wpas_update_fils_connect_params(wpa_s);
1317 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1318 }
1319
1320
wpa_supplicant_terminate_proc(struct wpa_global * global)1321 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1322 {
1323 int pending = 0;
1324 #ifdef CONFIG_WPS
1325 struct wpa_supplicant *wpa_s = global->ifaces;
1326 while (wpa_s) {
1327 struct wpa_supplicant *next = wpa_s->next;
1328 if (wpas_wps_terminate_pending(wpa_s) == 1)
1329 pending = 1;
1330 #ifdef CONFIG_P2P
1331 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1332 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1333 wpas_p2p_disconnect(wpa_s);
1334 #endif /* CONFIG_P2P */
1335 wpa_s = next;
1336 }
1337 #endif /* CONFIG_WPS */
1338 if (pending)
1339 return;
1340 eloop_terminate();
1341 }
1342
1343
wpa_supplicant_terminate(int sig,void * signal_ctx)1344 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1345 {
1346 struct wpa_global *global = signal_ctx;
1347 wpa_supplicant_terminate_proc(global);
1348 }
1349
1350
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1351 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1352 {
1353 enum wpa_states old_state = wpa_s->wpa_state;
1354 enum wpa_states new_state;
1355
1356 if (old_state == WPA_SCANNING)
1357 new_state = WPA_SCANNING;
1358 else
1359 new_state = WPA_DISCONNECTED;
1360
1361 wpa_s->pairwise_cipher = 0;
1362 wpa_s->group_cipher = 0;
1363 wpa_s->mgmt_group_cipher = 0;
1364 wpa_s->key_mgmt = 0;
1365 wpa_s->allowed_key_mgmts = 0;
1366 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1367 wpa_supplicant_set_state(wpa_s, new_state);
1368
1369 if (wpa_s->wpa_state != old_state)
1370 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1371 }
1372
1373
1374 /**
1375 * wpa_supplicant_reload_configuration - Reload configuration data
1376 * @wpa_s: Pointer to wpa_supplicant data
1377 * Returns: 0 on success or -1 if configuration parsing failed
1378 *
1379 * This function can be used to request that the configuration data is reloaded
1380 * (e.g., after configuration file change). This function is reloading
1381 * configuration only for one interface, so this may need to be called multiple
1382 * times if %wpa_supplicant is controlling multiple interfaces and all
1383 * interfaces need reconfiguration.
1384 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1385 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1386 {
1387 struct wpa_config *conf;
1388 int reconf_ctrl;
1389 int old_ap_scan;
1390
1391 if (wpa_s->confname == NULL)
1392 return -1;
1393 conf = wpa_config_read(wpa_s->confname, NULL, false);
1394 if (conf == NULL) {
1395 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1396 "file '%s' - exiting", wpa_s->confname);
1397 return -1;
1398 }
1399 if (wpa_s->confanother &&
1400 !wpa_config_read(wpa_s->confanother, conf, true)) {
1401 wpa_msg(wpa_s, MSG_ERROR,
1402 "Failed to parse the configuration file '%s' - exiting",
1403 wpa_s->confanother);
1404 return -1;
1405 }
1406
1407 conf->changed_parameters = (unsigned int) -1;
1408
1409 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1410 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1411 os_strcmp(conf->ctrl_interface,
1412 wpa_s->conf->ctrl_interface) != 0);
1413
1414 if (reconf_ctrl) {
1415 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1416 wpa_s->ctrl_iface = NULL;
1417 }
1418
1419 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1420 if (wpa_s->current_ssid) {
1421 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1422 wpa_s->own_disconnect_req = 1;
1423 wpa_supplicant_deauthenticate(wpa_s,
1424 WLAN_REASON_DEAUTH_LEAVING);
1425 }
1426
1427 /*
1428 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1429 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1430 */
1431 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1432 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1433 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1434 /*
1435 * Clear forced success to clear EAP state for next
1436 * authentication.
1437 */
1438 eapol_sm_notify_eap_success(wpa_s->eapol, false);
1439 }
1440 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1441 wpa_sm_set_config(wpa_s->wpa, NULL);
1442 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1443 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1444 rsn_preauth_deinit(wpa_s->wpa);
1445
1446 old_ap_scan = wpa_s->conf->ap_scan;
1447 wpa_config_free(wpa_s->conf);
1448 wpa_s->conf = conf;
1449 if (old_ap_scan != wpa_s->conf->ap_scan)
1450 wpas_notify_ap_scan_changed(wpa_s);
1451
1452 if (reconf_ctrl)
1453 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1454
1455 wpa_supplicant_update_config(wpa_s);
1456
1457 wpa_supplicant_clear_status(wpa_s);
1458 if (wpa_supplicant_enabled_networks(wpa_s)) {
1459 wpa_s->reassociate = 1;
1460 wpa_supplicant_req_scan(wpa_s, 0, 0);
1461 }
1462 wpa_bssid_ignore_clear(wpa_s);
1463 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1464 return 0;
1465 }
1466
1467
wpa_supplicant_reconfig(int sig,void * signal_ctx)1468 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1469 {
1470 struct wpa_global *global = signal_ctx;
1471 struct wpa_supplicant *wpa_s;
1472 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1473 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1474 sig);
1475 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1476 wpa_supplicant_terminate_proc(global);
1477 }
1478 }
1479
1480 if (wpa_debug_reopen_file() < 0) {
1481 /* Ignore errors since we cannot really do much to fix this */
1482 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1483 }
1484 }
1485
1486
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1487 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1488 struct wpa_ssid *ssid,
1489 struct wpa_ie_data *ie)
1490 {
1491 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1492 if (ret) {
1493 if (ret == -2) {
1494 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1495 "from association info");
1496 }
1497 return -1;
1498 }
1499
1500 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1501 "cipher suites");
1502 if (!(ie->group_cipher & ssid->group_cipher)) {
1503 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1504 "cipher 0x%x (mask 0x%x) - reject",
1505 ie->group_cipher, ssid->group_cipher);
1506 return -1;
1507 }
1508 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1509 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1510 "cipher 0x%x (mask 0x%x) - reject",
1511 ie->pairwise_cipher, ssid->pairwise_cipher);
1512 return -1;
1513 }
1514 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1515 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1516 "management 0x%x (mask 0x%x) - reject",
1517 ie->key_mgmt, ssid->key_mgmt);
1518 return -1;
1519 }
1520
1521 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1522 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1523 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1524 "that does not support management frame protection - "
1525 "reject");
1526 return -1;
1527 }
1528
1529 return 0;
1530 }
1531
1532
matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1533 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1534 int freq)
1535 {
1536 if (!ie->has_group)
1537 ie->group_cipher = wpa_default_rsn_cipher(freq);
1538 if (!ie->has_pairwise)
1539 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1540 return (ie->group_cipher & ssid->group_cipher) &&
1541 (ie->pairwise_cipher & ssid->pairwise_cipher);
1542 }
1543
1544
wpas_set_mgmt_group_cipher(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1545 void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
1546 struct wpa_ssid *ssid, struct wpa_ie_data *ie)
1547 {
1548 int sel;
1549
1550 sel = ie->mgmt_group_cipher;
1551 if (ssid->group_mgmt_cipher)
1552 sel &= ssid->group_mgmt_cipher;
1553 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1554 !(ie->capabilities & WPA_CAPABILITY_MFPC))
1555 sel = 0;
1556 wpa_dbg(wpa_s, MSG_DEBUG,
1557 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1558 ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1559 if (sel & WPA_CIPHER_AES_128_CMAC) {
1560 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1561 wpa_dbg(wpa_s, MSG_DEBUG,
1562 "WPA: using MGMT group cipher AES-128-CMAC");
1563 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1564 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1565 wpa_dbg(wpa_s, MSG_DEBUG,
1566 "WPA: using MGMT group cipher BIP-GMAC-128");
1567 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1568 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1569 wpa_dbg(wpa_s, MSG_DEBUG,
1570 "WPA: using MGMT group cipher BIP-GMAC-256");
1571 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1572 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1573 wpa_dbg(wpa_s, MSG_DEBUG,
1574 "WPA: using MGMT group cipher BIP-CMAC-256");
1575 } else {
1576 wpa_s->mgmt_group_cipher = 0;
1577 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1578 }
1579 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1580 wpa_s->mgmt_group_cipher);
1581 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1582 wpas_get_ssid_pmf(wpa_s, ssid));
1583 }
1584
1585 /**
1586 * wpa_supplicant_get_psk - Get PSK from config or external database
1587 * @wpa_s: Pointer to wpa_supplicant data
1588 * @bss: Scan results for the selected BSS, or %NULL if not available
1589 * @ssid: Configuration data for the selected network
1590 * @psk: Buffer for the PSK
1591 * Returns: 0 on success or -1 if configuration parsing failed
1592 *
1593 * This function obtains the PSK for a network, either included inline in the
1594 * config or retrieved from an external database.
1595 */
wpa_supplicant_get_psk(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * psk)1596 static int wpa_supplicant_get_psk(struct wpa_supplicant *wpa_s,
1597 struct wpa_bss *bss, struct wpa_ssid *ssid,
1598 u8 *psk)
1599 {
1600 if (ssid->psk_set) {
1601 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1602 ssid->psk, PMK_LEN);
1603 os_memcpy(psk, ssid->psk, PMK_LEN);
1604 return 0;
1605 }
1606
1607 #ifndef CONFIG_NO_PBKDF2
1608 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && ssid->passphrase) {
1609 if (pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1610 4096, psk, PMK_LEN) != 0) {
1611 wpa_msg(wpa_s, MSG_WARNING, "Error in pbkdf2_sha1()");
1612 return -1;
1613 }
1614 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1615 psk, PMK_LEN);
1616 return 0;
1617 }
1618 #endif /* CONFIG_NO_PBKDF2 */
1619
1620 #ifdef CONFIG_EXT_PASSWORD
1621 if (ssid->ext_psk) {
1622 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1623 ssid->ext_psk);
1624 char pw_str[64 + 1];
1625
1626 if (!pw) {
1627 wpa_msg(wpa_s, MSG_INFO,
1628 "EXT PW: No PSK found from external storage");
1629 return -1;
1630 }
1631
1632 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1633 wpa_msg(wpa_s, MSG_INFO,
1634 "EXT PW: Unexpected PSK length %d in external storage",
1635 (int) wpabuf_len(pw));
1636 ext_password_free(pw);
1637 return -1;
1638 }
1639
1640 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1641 pw_str[wpabuf_len(pw)] = '\0';
1642
1643 #ifndef CONFIG_NO_PBKDF2
1644 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1645 {
1646 if (pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1647 4096, psk, PMK_LEN) != 0) {
1648 wpa_msg(wpa_s, MSG_WARNING,
1649 "Error in pbkdf2_sha1()");
1650 forced_memzero(pw_str, sizeof(pw_str));
1651 ext_password_free(pw);
1652 return -1;
1653 }
1654 wpa_hexdump_key(MSG_MSGDUMP,
1655 "PSK (from external passphrase)",
1656 psk, PMK_LEN);
1657 } else
1658 #endif /* CONFIG_NO_PBKDF2 */
1659 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1660 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1661 wpa_msg(wpa_s, MSG_INFO,
1662 "EXT PW: Invalid PSK hex string");
1663 forced_memzero(pw_str, sizeof(pw_str));
1664 ext_password_free(pw);
1665 return -1;
1666 }
1667 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from external PSK)",
1668 psk, PMK_LEN);
1669 } else {
1670 wpa_msg(wpa_s, MSG_INFO,
1671 "EXT PW: No suitable PSK available");
1672 forced_memzero(pw_str, sizeof(pw_str));
1673 ext_password_free(pw);
1674 return -1;
1675 }
1676
1677 forced_memzero(pw_str, sizeof(pw_str));
1678 ext_password_free(pw);
1679
1680 return 0;
1681 }
1682 #endif /* CONFIG_EXT_PASSWORD */
1683
1684 return -1;
1685 }
1686
1687
wpas_update_allowed_key_mgmt(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)1688 static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s,
1689 struct wpa_ssid *ssid)
1690 {
1691 int akm_count = wpa_s->max_num_akms;
1692 u8 capab = 0;
1693 #ifdef CONFIG_SAE
1694 enum sae_pwe sae_pwe;
1695 #endif /* CONFIG_SAE */
1696
1697 if (akm_count < 2)
1698 return;
1699
1700 akm_count--;
1701 wpa_s->allowed_key_mgmts = 0;
1702 switch (wpa_s->key_mgmt) {
1703 case WPA_KEY_MGMT_PSK:
1704 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1705 akm_count--;
1706 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1707 }
1708 if (!akm_count)
1709 break;
1710 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1711 akm_count--;
1712 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1713 }
1714 if (!akm_count)
1715 break;
1716 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1717 wpa_s->allowed_key_mgmts |=
1718 WPA_KEY_MGMT_PSK_SHA256;
1719 break;
1720 case WPA_KEY_MGMT_PSK_SHA256:
1721 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1722 akm_count--;
1723 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1724 }
1725 if (!akm_count)
1726 break;
1727 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1728 akm_count--;
1729 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1730 }
1731 if (!akm_count)
1732 break;
1733 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
1734 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1735 break;
1736 case WPA_KEY_MGMT_SAE:
1737 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1738 akm_count--;
1739 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1740 }
1741 if (!akm_count)
1742 break;
1743 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1744 akm_count--;
1745 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1746 }
1747 if (!akm_count)
1748 break;
1749 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1750 wpa_s->allowed_key_mgmts |=
1751 WPA_KEY_MGMT_PSK_SHA256;
1752 break;
1753 case WPA_KEY_MGMT_SAE_EXT_KEY:
1754 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1755 akm_count--;
1756 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1757 }
1758 if (!akm_count)
1759 break;
1760 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1761 akm_count--;
1762 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1763 }
1764 if (!akm_count)
1765 break;
1766 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1767 wpa_s->allowed_key_mgmts |=
1768 WPA_KEY_MGMT_PSK_SHA256;
1769 break;
1770 default:
1771 return;
1772 }
1773
1774 #ifdef CONFIG_SAE
1775 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid);
1776 if (sae_pwe != SAE_PWE_HUNT_AND_PECK &&
1777 sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
1778 capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
1779 #ifdef CONFIG_SAE_PK
1780 if (ssid->sae_pk)
1781 capab |= BIT(WLAN_RSNX_CAPAB_SAE_PK);
1782 #endif /* CONFIG_SAE_PK */
1783 #endif /* CONFIG_SAE */
1784
1785 if (!((wpa_s->allowed_key_mgmts &
1786 (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY)) && capab))
1787 return;
1788
1789 if (!wpa_s->rsnxe_len) {
1790 wpa_s->rsnxe_len = 3;
1791 wpa_s->rsnxe[0] = WLAN_EID_RSNX;
1792 wpa_s->rsnxe[1] = 1;
1793 wpa_s->rsnxe[2] = 0;
1794 }
1795
1796 wpa_s->rsnxe[2] |= capab;
1797 }
1798
1799
1800 /**
1801 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1802 * @wpa_s: Pointer to wpa_supplicant data
1803 * @bss: Scan results for the selected BSS, or %NULL if not available
1804 * @ssid: Configuration data for the selected network
1805 * @wpa_ie: Buffer for the WPA/RSN IE
1806 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1807 * used buffer length in case the functions returns success.
1808 * @skip_default_rsne: Whether to skip setting of the default RSNE/RSNXE
1809 * Returns: 0 on success or -1 on failure
1810 *
1811 * This function is used to configure authentication and encryption parameters
1812 * based on the network configuration and scan result for the selected BSS (if
1813 * available).
1814 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len,bool skip_default_rsne)1815 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1816 struct wpa_bss *bss, struct wpa_ssid *ssid,
1817 u8 *wpa_ie, size_t *wpa_ie_len,
1818 bool skip_default_rsne)
1819 {
1820 struct wpa_ie_data ie;
1821 int sel, proto;
1822 #ifdef CONFIG_SAE
1823 enum sae_pwe sae_pwe;
1824 #endif /* CONFIG_SAE */
1825 const u8 *bss_wpa, *bss_rsn, *bss_rsnx;
1826 bool wmm;
1827
1828 if (bss) {
1829 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1830 bss_rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false);
1831 bss_rsnx = wpa_bss_get_rsnxe(wpa_s, bss, ssid, false);
1832 } else {
1833 bss_wpa = bss_rsn = bss_rsnx = NULL;
1834 }
1835
1836 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1837 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1838 matching_ciphers(ssid, &ie, bss->freq) &&
1839 (ie.key_mgmt & ssid->key_mgmt)) {
1840 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1841 proto = WPA_PROTO_RSN;
1842 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1843 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1844 (ie.group_cipher & ssid->group_cipher) &&
1845 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1846 (ie.key_mgmt & ssid->key_mgmt)) {
1847 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1848 proto = WPA_PROTO_WPA;
1849 } else if (bss) {
1850 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1851 wpa_dbg(wpa_s, MSG_DEBUG,
1852 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1853 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1854 ssid->key_mgmt);
1855 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s",
1856 MAC2STR(bss->bssid),
1857 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1858 bss_wpa ? " WPA" : "",
1859 bss_rsn ? " RSN" : "");
1860 if (bss_rsn) {
1861 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1862 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1863 wpa_dbg(wpa_s, MSG_DEBUG,
1864 "Could not parse RSN element");
1865 } else {
1866 wpa_dbg(wpa_s, MSG_DEBUG,
1867 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1868 ie.pairwise_cipher, ie.group_cipher,
1869 ie.key_mgmt);
1870 }
1871 }
1872 if (bss_wpa) {
1873 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1874 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1875 wpa_dbg(wpa_s, MSG_DEBUG,
1876 "Could not parse WPA element");
1877 } else {
1878 wpa_dbg(wpa_s, MSG_DEBUG,
1879 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1880 ie.pairwise_cipher, ie.group_cipher,
1881 ie.key_mgmt);
1882 }
1883 }
1884 return -1;
1885 } else {
1886 if (ssid->proto & WPA_PROTO_RSN)
1887 proto = WPA_PROTO_RSN;
1888 else
1889 proto = WPA_PROTO_WPA;
1890 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1891 os_memset(&ie, 0, sizeof(ie));
1892 ie.group_cipher = ssid->group_cipher;
1893 ie.pairwise_cipher = ssid->pairwise_cipher;
1894 ie.key_mgmt = ssid->key_mgmt;
1895 ie.mgmt_group_cipher = 0;
1896 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1897 if (ssid->group_mgmt_cipher &
1898 WPA_CIPHER_BIP_GMAC_256)
1899 ie.mgmt_group_cipher =
1900 WPA_CIPHER_BIP_GMAC_256;
1901 else if (ssid->group_mgmt_cipher &
1902 WPA_CIPHER_BIP_CMAC_256)
1903 ie.mgmt_group_cipher =
1904 WPA_CIPHER_BIP_CMAC_256;
1905 else if (ssid->group_mgmt_cipher &
1906 WPA_CIPHER_BIP_GMAC_128)
1907 ie.mgmt_group_cipher =
1908 WPA_CIPHER_BIP_GMAC_128;
1909 else
1910 ie.mgmt_group_cipher =
1911 WPA_CIPHER_AES_128_CMAC;
1912 }
1913 #ifdef CONFIG_OWE
1914 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1915 !ssid->owe_only &&
1916 !bss_wpa && !bss_rsn) {
1917 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1918 wpa_s->wpa_proto = 0;
1919 *wpa_ie_len = 0;
1920 return 0;
1921 }
1922 #endif /* CONFIG_OWE */
1923 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1924 "based on configuration");
1925 } else
1926 proto = ie.proto;
1927 }
1928
1929 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1930 "pairwise %d key_mgmt %d proto %d",
1931 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1932 if (ssid->ieee80211w) {
1933 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1934 ie.mgmt_group_cipher);
1935 }
1936
1937 wpa_s->wpa_proto = proto;
1938 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1939 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1940 !!(ssid->proto & WPA_PROTO_RSN));
1941
1942 if (bss || !wpa_s->ap_ies_from_associnfo) {
1943 const u8 *rsnoe = NULL, *rsno2e = NULL, *rsnxoe = NULL;
1944
1945 if (bss) {
1946 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1947 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1948 rsnoe = wpa_bss_get_vendor_ie(
1949 bss, RSNE_OVERRIDE_IE_VENDOR_TYPE);
1950 rsno2e = wpa_bss_get_vendor_ie(
1951 bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE);
1952 rsnxoe = wpa_bss_get_vendor_ie(
1953 bss, RSNXE_OVERRIDE_IE_VENDOR_TYPE);
1954 }
1955
1956 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1957 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1958 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1959 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1960 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1961 bss_rsnx ? 2 + bss_rsnx[1] : 0) ||
1962 wpa_sm_set_ap_rsne_override(wpa_s->wpa, rsnoe,
1963 rsnoe ? 2 + rsnoe[1] : 0) ||
1964 wpa_sm_set_ap_rsne_override_2(wpa_s->wpa, rsno2e,
1965 rsno2e ? 2 + rsno2e[1] : 0) ||
1966 wpa_sm_set_ap_rsnxe_override(wpa_s->wpa, rsnxoe,
1967 rsnxoe ? 2 + rsnxoe[1] : 0))
1968 return -1;
1969 }
1970
1971 #ifdef CONFIG_NO_WPA
1972 wpa_s->group_cipher = WPA_CIPHER_NONE;
1973 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1974 #else /* CONFIG_NO_WPA */
1975 sel = ie.group_cipher & ssid->group_cipher;
1976 wpa_dbg(wpa_s, MSG_DEBUG,
1977 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1978 ie.group_cipher, ssid->group_cipher, sel);
1979 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1980 if (wpa_s->group_cipher < 0) {
1981 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1982 "cipher");
1983 return -1;
1984 }
1985 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1986 wpa_cipher_txt(wpa_s->group_cipher));
1987
1988 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1989 wpa_dbg(wpa_s, MSG_DEBUG,
1990 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1991 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1992 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1993 if (wpa_s->pairwise_cipher < 0) {
1994 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1995 "cipher");
1996 return -1;
1997 }
1998 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1999 wpa_cipher_txt(wpa_s->pairwise_cipher));
2000 #endif /* CONFIG_NO_WPA */
2001
2002 sel = ie.key_mgmt & ssid->key_mgmt;
2003 #ifdef CONFIG_SAE
2004 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) &&
2005 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA)) ||
2006 wpas_is_sae_avoided(wpa_s, ssid, &ie))
2007 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY |
2008 WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY);
2009 #endif /* CONFIG_SAE */
2010 #ifdef CONFIG_IEEE80211R
2011 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
2012 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
2013 sel &= ~WPA_KEY_MGMT_FT;
2014 #endif /* CONFIG_IEEE80211R */
2015 wpa_dbg(wpa_s, MSG_DEBUG,
2016 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
2017 ie.key_mgmt, ssid->key_mgmt, sel);
2018 if (0) {
2019 #ifdef CONFIG_IEEE80211R
2020 #ifdef CONFIG_SHA384
2021 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
2022 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
2023 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
2024 wpa_dbg(wpa_s, MSG_DEBUG,
2025 "WPA: using KEY_MGMT FT/802.1X-SHA384");
2026 if (!ssid->ft_eap_pmksa_caching &&
2027 pmksa_cache_get_current(wpa_s->wpa)) {
2028 /* PMKSA caching with FT may have interoperability
2029 * issues, so disable that case by default for now. */
2030 wpa_dbg(wpa_s, MSG_DEBUG,
2031 "WPA: Disable PMKSA caching for FT/802.1X connection");
2032 pmksa_cache_clear_current(wpa_s->wpa);
2033 }
2034 #endif /* CONFIG_SHA384 */
2035 #endif /* CONFIG_IEEE80211R */
2036 #ifdef CONFIG_SUITEB192
2037 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
2038 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
2039 wpa_dbg(wpa_s, MSG_DEBUG,
2040 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
2041 #endif /* CONFIG_SUITEB192 */
2042 #ifdef CONFIG_SUITEB
2043 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
2044 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
2045 wpa_dbg(wpa_s, MSG_DEBUG,
2046 "WPA: using KEY_MGMT 802.1X with Suite B");
2047 #endif /* CONFIG_SUITEB */
2048 #ifdef CONFIG_SHA384
2049 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA384) {
2050 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA384;
2051 wpa_dbg(wpa_s, MSG_DEBUG,
2052 "WPA: using KEY_MGMT 802.1X with SHA384");
2053 #endif /* CONFIG_SHA384 */
2054 #ifdef CONFIG_FILS
2055 #ifdef CONFIG_IEEE80211R
2056 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
2057 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
2058 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
2059 #endif /* CONFIG_IEEE80211R */
2060 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
2061 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
2062 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
2063 #ifdef CONFIG_IEEE80211R
2064 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
2065 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
2066 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
2067 #endif /* CONFIG_IEEE80211R */
2068 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
2069 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
2070 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
2071 #endif /* CONFIG_FILS */
2072 #ifdef CONFIG_IEEE80211R
2073 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
2074 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
2075 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
2076 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
2077 if (!ssid->ft_eap_pmksa_caching &&
2078 pmksa_cache_get_current(wpa_s->wpa)) {
2079 /* PMKSA caching with FT may have interoperability
2080 * issues, so disable that case by default for now. */
2081 wpa_dbg(wpa_s, MSG_DEBUG,
2082 "WPA: Disable PMKSA caching for FT/802.1X connection");
2083 pmksa_cache_clear_current(wpa_s->wpa);
2084 }
2085 #endif /* CONFIG_IEEE80211R */
2086 #ifdef CONFIG_DPP
2087 } else if (sel & WPA_KEY_MGMT_DPP) {
2088 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
2089 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
2090 #endif /* CONFIG_DPP */
2091 #ifdef CONFIG_SAE
2092 } else if (sel & WPA_KEY_MGMT_FT_SAE_EXT_KEY) {
2093 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY;
2094 wpa_dbg(wpa_s, MSG_DEBUG,
2095 "RSN: using KEY_MGMT FT/SAE (ext key)");
2096 } else if (sel & WPA_KEY_MGMT_SAE_EXT_KEY) {
2097 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
2098 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE (ext key)");
2099 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
2100 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
2101 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
2102 } else if (sel & WPA_KEY_MGMT_SAE) {
2103 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
2104 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
2105 #endif /* CONFIG_SAE */
2106 #ifdef CONFIG_IEEE80211R
2107 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
2108 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
2109 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
2110 #endif /* CONFIG_IEEE80211R */
2111 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
2112 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
2113 wpa_dbg(wpa_s, MSG_DEBUG,
2114 "WPA: using KEY_MGMT 802.1X with SHA256");
2115 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
2116 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
2117 wpa_dbg(wpa_s, MSG_DEBUG,
2118 "WPA: using KEY_MGMT PSK with SHA256");
2119 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
2120 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
2121 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
2122 } else if (sel & WPA_KEY_MGMT_PSK) {
2123 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
2124 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
2125 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
2126 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
2127 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
2128 #ifdef CONFIG_OWE
2129 } else if (sel & WPA_KEY_MGMT_OWE) {
2130 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
2131 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
2132 #endif /* CONFIG_OWE */
2133 } else {
2134 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
2135 "authenticated key management type");
2136 return -1;
2137 }
2138
2139 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
2140 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
2141 wpa_s->pairwise_cipher);
2142 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
2143
2144 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
2145 (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED ||
2146 (bss && is_6ghz_freq(bss->freq)))) {
2147 wpa_msg(wpa_s, MSG_INFO,
2148 "RSN: Management frame protection required but the selected AP does not enable it");
2149 return -1;
2150 }
2151
2152 wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie);
2153 #ifdef CONFIG_OCV
2154 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
2155 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
2156 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
2157 #endif /* CONFIG_OCV */
2158 #ifdef CONFIG_SAE
2159 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid);
2160 if ((ssid->sae_password_id ||
2161 wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) &&
2162 sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
2163 sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
2164 if (bss && is_6ghz_freq(bss->freq) &&
2165 sae_pwe == SAE_PWE_HUNT_AND_PECK) {
2166 wpa_dbg(wpa_s, MSG_DEBUG,
2167 "RSN: Enable SAE hash-to-element mode for 6 GHz BSS");
2168 sae_pwe = SAE_PWE_BOTH;
2169 }
2170 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
2171 #ifdef CONFIG_SAE_PK
2172 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
2173 wpa_key_mgmt_sae(ssid->key_mgmt) &&
2174 ssid->sae_pk != SAE_PK_MODE_DISABLED &&
2175 ((ssid->sae_password &&
2176 sae_pk_valid_password(ssid->sae_password)) ||
2177 (!ssid->sae_password && ssid->passphrase &&
2178 sae_pk_valid_password(ssid->passphrase))));
2179 #endif /* CONFIG_SAE_PK */
2180 #endif /* CONFIG_SAE */
2181 if (bss && is_6ghz_freq(bss->freq) &&
2182 wpas_get_ssid_pmf(wpa_s, ssid) != MGMT_FRAME_PROTECTION_REQUIRED) {
2183 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Force MFPR=1 on 6 GHz");
2184 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
2185 MGMT_FRAME_PROTECTION_REQUIRED);
2186 }
2187 #ifdef CONFIG_TESTING_OPTIONS
2188 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
2189 wpa_s->ft_rsnxe_used);
2190 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
2191 wpa_s->oci_freq_override_eapol);
2192 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
2193 wpa_s->oci_freq_override_eapol_g2);
2194 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
2195 wpa_s->oci_freq_override_ft_assoc);
2196 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
2197 wpa_s->oci_freq_override_fils_assoc);
2198 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DISABLE_EAPOL_G2_TX,
2199 wpa_s->disable_eapol_g2_tx);
2200 wpa_sm_set_param(wpa_s->wpa,
2201 WPA_PARAM_EAPOL_2_KEY_INFO_SET_MASK,
2202 wpa_s->eapol_2_key_info_set_mask);
2203 #endif /* CONFIG_TESTING_OPTIONS */
2204
2205 /* Extended Key ID is only supported in infrastructure BSS so far */
2206 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
2207 (ssid->proto & WPA_PROTO_RSN) &&
2208 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
2209 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
2210 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
2211 int use_ext_key_id = 0;
2212
2213 wpa_msg(wpa_s, MSG_DEBUG,
2214 "WPA: Enable Extended Key ID support");
2215 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
2216 wpa_s->conf->extended_key_id);
2217 if (bss_rsn &&
2218 wpa_s->conf->extended_key_id &&
2219 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
2220 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
2221 use_ext_key_id = 1;
2222 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
2223 use_ext_key_id);
2224 } else {
2225 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
2226 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
2227 }
2228
2229 /* Mark WMM enabled for any HT/VHT/HE/EHT association to get more
2230 * appropriate advertisement of the supported number of PTKSA receive
2231 * counters. In theory, this could be based on a driver capability, but
2232 * in practice all cases using WMM support at least eight replay
2233 * counters, so use a hardcoded value for now since there is no explicit
2234 * driver capability indication for this.
2235 *
2236 * In addition, claim WMM to be enabled if the AP supports it since it
2237 * is far more likely for any current device to support WMM. */
2238 wmm = wpa_s->connection_set &&
2239 (wpa_s->connection_ht || wpa_s->connection_vht ||
2240 wpa_s->connection_he || wpa_s->connection_eht);
2241 if (!wmm && bss)
2242 wmm = !!wpa_bss_get_vendor_ie(bss, WMM_IE_VENDOR_TYPE);
2243 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_WMM_ENABLED, wmm);
2244
2245 if (ssid->ssid_protection && proto == WPA_PROTO_RSN) {
2246 bool ssid_prot;
2247
2248 /* Enable SSID protection based on the AP advertising support
2249 * for it to avoid potential interoperability issues with
2250 * incorrect AP behavior if we were to send an "unexpected"
2251 * RSNXE with multiple octets of payload. */
2252 ssid_prot = ieee802_11_rsnx_capab(
2253 bss_rsnx, WLAN_RSNX_CAPAB_SSID_PROTECTION);
2254 if (!skip_default_rsne)
2255 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION,
2256 proto == WPA_PROTO_RSN && ssid_prot);
2257 } else {
2258 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, false);
2259 }
2260
2261 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SPP_AMSDU,
2262 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SPP_AMSDU) &&
2263 ieee802_11_rsnx_capab(bss_rsnx,
2264 WLAN_RSNX_CAPAB_SPP_A_MSDU) &&
2265 wpa_s->pairwise_cipher & (WPA_CIPHER_CCMP_256 |
2266 WPA_CIPHER_GCMP_256 |
2267 WPA_CIPHER_CCMP |
2268 WPA_CIPHER_GCMP) &&
2269 (wpa_s->wpa_proto & WPA_PROTO_RSN));
2270
2271 if (!skip_default_rsne) {
2272 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie,
2273 wpa_ie_len)) {
2274 wpa_msg(wpa_s, MSG_WARNING,
2275 "RSN: Failed to generate RSNE/WPA IE");
2276 return -1;
2277 }
2278
2279 #ifndef CONFIG_NO_WPA
2280 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
2281 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
2282 &wpa_s->rsnxe_len)) {
2283 wpa_msg(wpa_s, MSG_WARNING,
2284 "RSN: Failed to generate RSNXE");
2285 return -1;
2286 }
2287 #endif /* CONFIG_NO_WPA */
2288 }
2289
2290 if (0) {
2291 #ifdef CONFIG_DPP
2292 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
2293 /* Use PMK from DPP network introduction (PMKSA entry) */
2294 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2295 #ifdef CONFIG_DPP2
2296 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
2297 #endif /* CONFIG_DPP2 */
2298 #endif /* CONFIG_DPP */
2299 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
2300 int psk_set = 0;
2301
2302 if (wpa_key_mgmt_wpa_psk_no_sae(ssid->key_mgmt)) {
2303 u8 psk[PMK_LEN];
2304
2305 if (wpa_supplicant_get_psk(wpa_s, bss, ssid,
2306 psk) == 0) {
2307 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
2308 NULL);
2309 psk_set = 1;
2310 }
2311 forced_memzero(psk, sizeof(psk));
2312 }
2313
2314 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
2315 (ssid->sae_password || ssid->passphrase || ssid->ext_psk))
2316 psk_set = 1;
2317
2318 if (!psk_set && !ssid->pmk_valid) {
2319 wpa_msg(wpa_s, MSG_INFO,
2320 "No PSK/PMK available for association");
2321 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE", NULL);
2322 return -1;
2323 }
2324 #ifdef CONFIG_OWE
2325 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
2326 /* OWE Diffie-Hellman exchange in (Re)Association
2327 * Request/Response frames set the PMK, so do not override it
2328 * here. */
2329 #endif /* CONFIG_OWE */
2330 } else
2331 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2332
2333 if (ssid->mode != WPAS_MODE_IBSS &&
2334 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
2335 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
2336 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
2337 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
2338 wpa_msg(wpa_s, MSG_INFO,
2339 "Disable PTK0 rekey support - replaced with reconnect");
2340 wpa_s->deny_ptk0_rekey = 1;
2341 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
2342 } else {
2343 wpa_s->deny_ptk0_rekey = 0;
2344 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
2345 }
2346
2347 #if (defined(CONFIG_DRIVER_NL80211_BRCM) && !defined(WIFI_BRCM_OPEN_SOURCE_MULTI_AKM)) || \
2348 defined(CONFIG_DRIVER_NL80211_SYNA)
2349 if ((wpa_s->key_mgmt & WPA_KEY_MGMT_CROSS_AKM_ROAM) &&
2350 IS_CROSS_AKM_ROAM_KEY_MGMT(ssid->key_mgmt) &&
2351 (wpa_s->group_cipher == WPA_CIPHER_CCMP) &&
2352 (wpa_s->pairwise_cipher == WPA_CIPHER_CCMP) &&
2353 (wpa_s->wpa_proto == WPA_PROTO_RSN)) {
2354 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_PSK;
2355 wpa_dbg(wpa_s, MSG_INFO,
2356 "WPA: Updating to KEY_MGMT SAE+PSK for seamless roaming");
2357 }
2358 #else
2359 if (wpa_key_mgmt_cross_akm(wpa_s->key_mgmt) &&
2360 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
2361 wpas_update_allowed_key_mgmt(wpa_s, ssid);
2362 #endif /* (CONFIG_DRIVER_NL80211_BRCM && !WIFI_BRCM_OPEN_SOURCE_MULTI_AKM) ||
2363 * CONFIG_DRIVER_NL80211_SYNA */
2364
2365 return 0;
2366 }
2367
2368
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx,struct wpa_bss * bss)2369 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx,
2370 struct wpa_bss *bss)
2371 {
2372 #ifndef CONFIG_NO_ROBUST_AV
2373 bool scs = true, mscs = true;
2374 #endif /* CONFIG_NO_ROBUST_AV */
2375
2376 *pos = 0x00;
2377
2378 switch (idx) {
2379 case 0: /* Bits 0-7 */
2380 break;
2381 case 1: /* Bits 8-15 */
2382 if (wpa_s->conf->coloc_intf_reporting) {
2383 /* Bit 13 - Collocated Interference Reporting */
2384 *pos |= 0x20;
2385 }
2386 break;
2387 case 2: /* Bits 16-23 */
2388 #ifdef CONFIG_WNM
2389 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2390 if ((wpas_driver_bss_selection(wpa_s) ||
2391 !wpa_s->disable_mbo_oce) &&
2392 !wpa_s->conf->disable_btm)
2393 *pos |= 0x08; /* Bit 19 - BSS Transition */
2394 #endif /* CONFIG_WNM */
2395 break;
2396 case 3: /* Bits 24-31 */
2397 #ifdef CONFIG_WNM
2398 *pos |= 0x02; /* Bit 25 - SSID List */
2399 #endif /* CONFIG_WNM */
2400 #ifdef CONFIG_INTERWORKING
2401 if (wpa_s->conf->interworking)
2402 *pos |= 0x80; /* Bit 31 - Interworking */
2403 #endif /* CONFIG_INTERWORKING */
2404 break;
2405 case 4: /* Bits 32-39 */
2406 #ifdef CONFIG_INTERWORKING
2407 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
2408 *pos |= 0x01; /* Bit 32 - QoS Map */
2409 #endif /* CONFIG_INTERWORKING */
2410 break;
2411 case 5: /* Bits 40-47 */
2412 #ifdef CONFIG_HS20
2413 if (wpa_s->conf->hs20)
2414 *pos |= 0x40; /* Bit 46 - WNM-Notification */
2415 #endif /* CONFIG_HS20 */
2416 #ifdef CONFIG_MBO
2417 *pos |= 0x40; /* Bit 46 - WNM-Notification */
2418 #endif /* CONFIG_MBO */
2419 break;
2420 case 6: /* Bits 48-55 */
2421 #ifndef CONFIG_NO_ROBUST_AV
2422 #ifdef CONFIG_TESTING_OPTIONS
2423 if (wpa_s->disable_scs_support)
2424 scs = false;
2425 #endif /* CONFIG_TESTING_OPTIONS */
2426 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_SCS)) {
2427 /* Drop own SCS capability indication since the AP does
2428 * not support it. This is needed to avoid
2429 * interoperability issues with APs that get confused
2430 * with Extended Capabilities element. */
2431 scs = false;
2432 }
2433 if (scs)
2434 *pos |= 0x40; /* Bit 54 - SCS */
2435 #endif /* CONFIG_NO_ROBUST_AV */
2436 break;
2437 case 7: /* Bits 56-63 */
2438 break;
2439 case 8: /* Bits 64-71 */
2440 if (wpa_s->conf->ftm_responder)
2441 *pos |= 0x40; /* Bit 70 - FTM responder */
2442 if (wpa_s->conf->ftm_initiator)
2443 *pos |= 0x80; /* Bit 71 - FTM initiator */
2444 break;
2445 case 9: /* Bits 72-79 */
2446 #ifdef CONFIG_FILS
2447 if (!wpa_s->disable_fils)
2448 *pos |= 0x01;
2449 #endif /* CONFIG_FILS */
2450 if (wpa_s->conf->twt_requester)
2451 *pos |= 0x20; /* Bit 77 - TWT Requester Support */
2452 break;
2453 case 10: /* Bits 80-87 */
2454 #ifndef CONFIG_NO_ROBUST_AV
2455 #ifdef CONFIG_TESTING_OPTIONS
2456 if (wpa_s->disable_mscs_support)
2457 mscs = false;
2458 #endif /* CONFIG_TESTING_OPTIONS */
2459 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS)) {
2460 /* Drop own MSCS capability indication since the AP does
2461 * not support it. This is needed to avoid
2462 * interoperability issues with APs that get confused
2463 * with Extended Capabilities element. */
2464 mscs = false;
2465 }
2466 if (mscs)
2467 *pos |= 0x20; /* Bit 85 - Mirrored SCS */
2468 #endif /* CONFIG_NO_ROBUST_AV */
2469 break;
2470 }
2471 }
2472
2473
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen,struct wpa_bss * bss)2474 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf,
2475 size_t buflen, struct wpa_bss *bss)
2476 {
2477 u8 *pos = buf;
2478 u8 len = 11, i;
2479
2480 if (len < wpa_s->extended_capa_len)
2481 len = wpa_s->extended_capa_len;
2482 if (buflen < (size_t) len + 2) {
2483 wpa_printf(MSG_INFO,
2484 "Not enough room for building extended capabilities element");
2485 return -1;
2486 }
2487
2488 *pos++ = WLAN_EID_EXT_CAPAB;
2489 *pos++ = len;
2490 for (i = 0; i < len; i++, pos++) {
2491 wpas_ext_capab_byte(wpa_s, pos, i, bss);
2492
2493 if (i < wpa_s->extended_capa_len) {
2494 *pos &= ~wpa_s->extended_capa_mask[i];
2495 *pos |= wpa_s->extended_capa[i];
2496 }
2497 }
2498
2499 while (len > 0 && buf[1 + len] == 0) {
2500 len--;
2501 buf[1] = len;
2502 }
2503 if (len == 0)
2504 return 0;
2505
2506 return 2 + len;
2507 }
2508
2509
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)2510 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
2511 struct wpa_bss *test_bss)
2512 {
2513 struct wpa_bss *bss;
2514
2515 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2516 if (bss == test_bss)
2517 return 1;
2518 }
2519
2520 return 0;
2521 }
2522
2523
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)2524 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
2525 struct wpa_ssid *test_ssid)
2526 {
2527 struct wpa_ssid *ssid;
2528
2529 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2530 if (ssid == test_ssid)
2531 return 1;
2532 }
2533
2534 return 0;
2535 }
2536
2537
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2538 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2539 struct wpa_ssid *test_ssid)
2540 {
2541 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2542 return 0;
2543
2544 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2545 }
2546
2547
wpas_connect_work_free(struct wpa_connect_work * cwork)2548 void wpas_connect_work_free(struct wpa_connect_work *cwork)
2549 {
2550 if (cwork == NULL)
2551 return;
2552 os_free(cwork);
2553 }
2554
2555
wpas_connect_work_done(struct wpa_supplicant * wpa_s)2556 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2557 {
2558 struct wpa_connect_work *cwork;
2559 struct wpa_radio_work *work = wpa_s->connect_work;
2560
2561 if (!work)
2562 return;
2563
2564 wpa_s->connect_work = NULL;
2565 cwork = work->ctx;
2566 work->ctx = NULL;
2567 wpas_connect_work_free(cwork);
2568 radio_work_done(work);
2569 }
2570
2571
wpas_update_random_addr(struct wpa_supplicant * wpa_s,enum wpas_mac_addr_style style,struct wpa_ssid * ssid)2572 int wpas_update_random_addr(struct wpa_supplicant *wpa_s,
2573 enum wpas_mac_addr_style style,
2574 struct wpa_ssid *ssid)
2575 {
2576 struct os_reltime now;
2577 u8 addr[ETH_ALEN];
2578
2579 os_get_reltime(&now);
2580 /* Random addresses are valid within a given ESS so check
2581 * expiration/value only when continuing to use the same ESS. */
2582 if (wpa_s->last_mac_addr_style == style && wpa_s->reassoc_same_ess) {
2583 if (style == WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS) {
2584 /* Pregenerated addresses do not expire but their value
2585 * might have changed, so let's check that. */
2586 if (ssid &&
2587 ether_addr_equal(wpa_s->own_addr, ssid->mac_value))
2588 return 0;
2589 } else if ((wpa_s->last_mac_addr_change.sec != 0 ||
2590 wpa_s->last_mac_addr_change.usec != 0) &&
2591 !os_reltime_expired(
2592 &now,
2593 &wpa_s->last_mac_addr_change,
2594 wpa_s->conf->rand_addr_lifetime)) {
2595 wpa_msg(wpa_s, MSG_DEBUG,
2596 "Previously selected random MAC address has not yet expired");
2597 return 0;
2598 }
2599 }
2600
2601 switch (style) {
2602 case WPAS_MAC_ADDR_STYLE_RANDOM:
2603 if (random_mac_addr(addr) < 0)
2604 return -1;
2605 break;
2606 case WPAS_MAC_ADDR_STYLE_RANDOM_SAME_OUI:
2607 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2608 if (random_mac_addr_keep_oui(addr) < 0)
2609 return -1;
2610 break;
2611 case WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS:
2612 if (!ssid) {
2613 wpa_msg(wpa_s, MSG_INFO,
2614 "Invalid 'ssid' for address policy 3");
2615 return -1;
2616 }
2617 os_memcpy(addr, ssid->mac_value, ETH_ALEN);
2618 break;
2619 default:
2620 return -1;
2621 }
2622
2623 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2624 wpa_msg(wpa_s, MSG_INFO,
2625 "Failed to set random MAC address");
2626 return -1;
2627 }
2628
2629 os_get_reltime(&wpa_s->last_mac_addr_change);
2630 wpa_s->mac_addr_changed = 1;
2631 wpa_s->last_mac_addr_style = style;
2632
2633 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2634 wpa_msg(wpa_s, MSG_INFO,
2635 "Could not update MAC address information");
2636 return -1;
2637 }
2638
2639 wpas_p2p_update_dev_addr(wpa_s);
2640
2641 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2642 MAC2STR(addr));
2643
2644 return 1;
2645 }
2646
2647
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2648 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2649 {
2650 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2651 !wpa_s->conf->preassoc_mac_addr)
2652 return 0;
2653
2654 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr,
2655 NULL);
2656 }
2657
2658
wpa_s_setup_sae_pt(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,bool force)2659 void wpa_s_setup_sae_pt(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2660 bool force)
2661 {
2662 #ifdef CONFIG_SAE
2663 struct wpa_config *conf = wpa_s->conf;
2664 int *groups = conf->sae_groups;
2665 int default_groups[] = { 19, 20, 21, 0 };
2666 const char *password;
2667 enum sae_pwe sae_pwe;
2668
2669 if (!groups || groups[0] <= 0)
2670 groups = default_groups;
2671
2672 password = ssid->sae_password;
2673 if (!password)
2674 password = ssid->passphrase;
2675
2676 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid);
2677
2678 if (!password ||
2679 !wpa_key_mgmt_sae(ssid->key_mgmt) ||
2680 (sae_pwe == SAE_PWE_HUNT_AND_PECK && !ssid->sae_password_id &&
2681 !wpa_key_mgmt_sae_ext_key(ssid->key_mgmt) &&
2682 !force &&
2683 !sae_pk_valid_password(password)) ||
2684 sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK) {
2685 /* PT derivation not needed */
2686 sae_deinit_pt(ssid->pt);
2687 ssid->pt = NULL;
2688 return;
2689 }
2690
2691 if (ssid->pt)
2692 return; /* PT already derived */
2693 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2694 (const u8 *) password, os_strlen(password),
2695 ssid->sae_password_id);
2696 #endif /* CONFIG_SAE */
2697 }
2698
2699
wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2700 void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2701 {
2702 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2703 os_free(wpa_s->sme.sae_rejected_groups);
2704 wpa_s->sme.sae_rejected_groups = NULL;
2705 #ifdef CONFIG_TESTING_OPTIONS
2706 if (wpa_s->extra_sae_rejected_groups) {
2707 int i, *groups = wpa_s->extra_sae_rejected_groups;
2708
2709 for (i = 0; groups[i]; i++) {
2710 wpa_printf(MSG_DEBUG,
2711 "TESTING: Indicate rejection of an extra SAE group %d",
2712 groups[i]);
2713 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2714 groups[i]);
2715 }
2716 }
2717 #endif /* CONFIG_TESTING_OPTIONS */
2718 #endif /* CONFIG_SAE && CONFIG_SME */
2719 }
2720
2721
wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2722 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2723 {
2724 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2725 wpa_msg(wpa_s, MSG_INFO,
2726 "Could not restore permanent MAC address");
2727 return -1;
2728 }
2729 wpa_s->mac_addr_changed = 0;
2730 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2731 wpa_msg(wpa_s, MSG_INFO,
2732 "Could not update MAC address information");
2733 return -1;
2734 }
2735
2736 wpas_p2p_update_dev_addr(wpa_s);
2737
2738 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2739 return 0;
2740 }
2741
2742
2743 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2744
2745 /**
2746 * wpa_supplicant_associate - Request association
2747 * @wpa_s: Pointer to wpa_supplicant data
2748 * @bss: Scan results for the selected BSS, or %NULL if not available
2749 * @ssid: Configuration data for the selected network
2750 *
2751 * This function is used to request %wpa_supplicant to associate with a BSS.
2752 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2753 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2754 struct wpa_bss *bss, struct wpa_ssid *ssid)
2755 {
2756 bool clear_rejected = true;
2757 struct wpa_connect_work *cwork;
2758 enum wpas_mac_addr_style rand_style;
2759
2760 wpa_s->own_disconnect_req = 0;
2761 wpa_s->own_reconnect_req = 0;
2762
2763 /*
2764 * If we are starting a new connection, any previously pending EAPOL
2765 * RX cannot be valid anymore.
2766 */
2767 wpabuf_free(wpa_s->pending_eapol_rx);
2768 wpa_s->pending_eapol_rx = NULL;
2769
2770 if (ssid->mac_addr == WPAS_MAC_ADDR_STYLE_NOT_SET)
2771 rand_style = wpa_s->conf->mac_addr;
2772 else
2773 rand_style = ssid->mac_addr;
2774
2775 wpa_s->eapol_failed = 0;
2776 wpa_s->multi_ap_ie = 0;
2777 #ifndef CONFIG_NO_WMM_AC
2778 wmm_ac_clear_saved_tspecs(wpa_s);
2779 #endif /* CONFIG_NO_WMM_AC */
2780 #ifdef CONFIG_WNM
2781 wpa_s->wnm_mode = 0;
2782 wpa_s->wnm_target_bss = NULL;
2783 #endif /* CONFIG_WNM */
2784 wpa_s->reassoc_same_bss = 0;
2785 wpa_s->reassoc_same_ess = 0;
2786 #ifdef CONFIG_TESTING_OPTIONS
2787 wpa_s->testing_resend_assoc = 0;
2788 #endif /* CONFIG_TESTING_OPTIONS */
2789
2790 if (wpa_s->last_ssid == ssid) {
2791 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2792 wpa_s->reassoc_same_ess = 1;
2793 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2794 #ifndef CONFIG_NO_WMM_AC
2795 wmm_ac_save_tspecs(wpa_s);
2796 #endif /* CONFIG_NO_WMM_AC */
2797 wpa_s->reassoc_same_bss = 1;
2798 clear_rejected = false;
2799 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2800 os_get_reltime(&wpa_s->roam_start);
2801 }
2802 }
2803
2804 if (clear_rejected)
2805 wpa_s_clear_sae_rejected(wpa_s);
2806
2807 #ifdef CONFIG_SAE
2808 wpa_s_setup_sae_pt(wpa_s, ssid, false);
2809 #endif /* CONFIG_SAE */
2810
2811 if (rand_style > WPAS_MAC_ADDR_STYLE_PERMANENT) {
2812 int status = wpas_update_random_addr(wpa_s, rand_style, ssid);
2813
2814 if (status < 0)
2815 return;
2816 if (rand_style != WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS &&
2817 status > 0) /* MAC changed */
2818 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2819 } else if (rand_style == WPAS_MAC_ADDR_STYLE_PERMANENT &&
2820 wpa_s->mac_addr_changed) {
2821 if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2822 return;
2823 }
2824 wpa_s->last_ssid = ssid;
2825
2826 #ifdef CONFIG_IBSS_RSN
2827 ibss_rsn_deinit(wpa_s->ibss_rsn);
2828 wpa_s->ibss_rsn = NULL;
2829 #else /* CONFIG_IBSS_RSN */
2830 if (ssid->mode == WPAS_MODE_IBSS &&
2831 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2832 wpa_msg(wpa_s, MSG_INFO,
2833 "IBSS RSN not supported in the build");
2834 return;
2835 }
2836 #endif /* CONFIG_IBSS_RSN */
2837
2838 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2839 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2840 #ifdef CONFIG_AP
2841 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2842 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2843 "mode");
2844 return;
2845 }
2846 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2847 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2848 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION ||
2849 ssid->mode == WPAS_MODE_P2P_GO) {
2850 wpa_msg(wpa_s, MSG_ERROR, "create ap failed. clean up the states");
2851 wpas_p2p_ap_setup_failed(wpa_s);
2852 }
2853 return;
2854 }
2855 wpa_s->current_bss = bss;
2856 #else /* CONFIG_AP */
2857 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2858 "the build");
2859 #endif /* CONFIG_AP */
2860 return;
2861 }
2862
2863 if (ssid->mode == WPAS_MODE_MESH) {
2864 #ifdef CONFIG_MESH
2865 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2866 wpa_msg(wpa_s, MSG_INFO,
2867 "Driver does not support mesh mode");
2868 return;
2869 }
2870 if (bss)
2871 ssid->frequency = bss->freq;
2872 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2873 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2874 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2875 return;
2876 }
2877 wpa_s->current_bss = bss;
2878 #else /* CONFIG_MESH */
2879 wpa_msg(wpa_s, MSG_ERROR,
2880 "mesh mode support not included in the build");
2881 #endif /* CONFIG_MESH */
2882 return;
2883 }
2884
2885 /*
2886 * Set WPA state machine configuration to match the selected network now
2887 * so that the information is available before wpas_start_assoc_cb()
2888 * gets called. This is needed at least for RSN pre-authentication where
2889 * candidate APs are added to a list based on scan result processing
2890 * before completion of the first association.
2891 */
2892 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2893
2894 #ifdef CONFIG_DPP
2895 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2896 return;
2897 #endif /* CONFIG_DPP */
2898
2899 #ifdef CONFIG_TDLS
2900 if (bss)
2901 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2902 #endif /* CONFIG_TDLS */
2903
2904 #ifdef CONFIG_MBO
2905 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2906 #endif /* CONFIG_MBO */
2907
2908 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2909 ssid->mode == WPAS_MODE_INFRA) {
2910 sme_authenticate(wpa_s, bss, ssid);
2911 return;
2912 }
2913
2914 if (wpa_s->connect_work) {
2915 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2916 return;
2917 }
2918
2919 if (radio_work_pending(wpa_s, "connect")) {
2920 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2921 return;
2922 }
2923
2924 #ifdef CONFIG_SME
2925 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2926 /* Clear possibly set auth_alg, if any, from last attempt. */
2927 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2928 }
2929 #endif /* CONFIG_SME */
2930
2931 wpas_abort_ongoing_scan(wpa_s);
2932
2933 cwork = os_zalloc(sizeof(*cwork));
2934 if (cwork == NULL)
2935 return;
2936
2937 cwork->bss = bss;
2938 cwork->ssid = ssid;
2939
2940 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2941 wpas_start_assoc_cb, cwork) < 0) {
2942 os_free(cwork);
2943 }
2944 }
2945
2946
bss_is_ibss(struct wpa_bss * bss)2947 static int bss_is_ibss(struct wpa_bss *bss)
2948 {
2949 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2950 IEEE80211_CAP_IBSS;
2951 }
2952
2953
drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2954 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2955 const struct wpa_ssid *ssid)
2956 {
2957 enum hostapd_hw_mode hw_mode;
2958 struct hostapd_hw_modes *mode = NULL;
2959 u8 channel;
2960 int i;
2961
2962 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2963 if (hw_mode == NUM_HOSTAPD_MODES)
2964 return 0;
2965 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2966 if (wpa_s->hw.modes[i].mode == hw_mode) {
2967 mode = &wpa_s->hw.modes[i];
2968 break;
2969 }
2970 }
2971
2972 if (!mode)
2973 return 0;
2974
2975 return mode->vht_capab != 0;
2976 }
2977
2978
ibss_mesh_is_80mhz_avail(int channel,struct hostapd_hw_modes * mode)2979 static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
2980 {
2981 int i;
2982
2983 for (i = channel; i < channel + 16; i += 4) {
2984 struct hostapd_channel_data *chan;
2985
2986 chan = hw_get_channel_chan(mode, i, NULL);
2987 if (!chan ||
2988 chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2989 return false;
2990 }
2991
2992 return true;
2993 }
2994
2995
ibss_find_existing_bss(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2996 static struct wpa_bss * ibss_find_existing_bss(struct wpa_supplicant *wpa_s,
2997 const struct wpa_ssid *ssid)
2998 {
2999 unsigned int j;
3000
3001 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
3002 struct wpa_bss *bss = wpa_s->last_scan_res[j];
3003
3004 if (!bss_is_ibss(bss))
3005 continue;
3006
3007 if (ssid->ssid_len == bss->ssid_len &&
3008 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0)
3009 return bss;
3010 }
3011 return NULL;
3012 }
3013
3014
ibss_mesh_can_use_ht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode)3015 static bool ibss_mesh_can_use_ht(struct wpa_supplicant *wpa_s,
3016 const struct wpa_ssid *ssid,
3017 struct hostapd_hw_modes *mode)
3018 {
3019 /* For IBSS check HT_IBSS flag */
3020 if (ssid->mode == WPAS_MODE_IBSS &&
3021 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
3022 return false;
3023
3024 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
3025 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
3026 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
3027 wpa_printf(MSG_DEBUG,
3028 "IBSS: WEP/TKIP detected, do not try to enable HT");
3029 return false;
3030 }
3031
3032 if (!ht_supported(mode))
3033 return false;
3034
3035 #ifdef CONFIG_HT_OVERRIDES
3036 if (ssid->disable_ht)
3037 return false;
3038 #endif /* CONFIG_HT_OVERRIDES */
3039
3040 return true;
3041 }
3042
3043
ibss_mesh_can_use_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode)3044 static bool ibss_mesh_can_use_vht(struct wpa_supplicant *wpa_s,
3045 const struct wpa_ssid *ssid,
3046 struct hostapd_hw_modes *mode)
3047 {
3048 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
3049 return false;
3050
3051 if (!drv_supports_vht(wpa_s, ssid))
3052 return false;
3053
3054 /* For IBSS check VHT_IBSS flag */
3055 if (ssid->mode == WPAS_MODE_IBSS &&
3056 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
3057 return false;
3058
3059 if (!vht_supported(mode))
3060 return false;
3061
3062 #ifdef CONFIG_VHT_OVERRIDES
3063 if (ssid->disable_vht)
3064 return false;
3065 #endif /* CONFIG_VHT_OVERRIDES */
3066
3067 return true;
3068 }
3069
3070
ibss_mesh_can_use_he(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,const struct hostapd_hw_modes * mode,int ieee80211_mode)3071 static bool ibss_mesh_can_use_he(struct wpa_supplicant *wpa_s,
3072 const struct wpa_ssid *ssid,
3073 const struct hostapd_hw_modes *mode,
3074 int ieee80211_mode)
3075 {
3076 #ifdef CONFIG_HE_OVERRIDES
3077 if (ssid->disable_he)
3078 return false;
3079 #endif /* CONFIG_HE_OVERRIDES */
3080
3081 switch (mode->mode) {
3082 case HOSTAPD_MODE_IEEE80211G:
3083 case HOSTAPD_MODE_IEEE80211B:
3084 case HOSTAPD_MODE_IEEE80211A:
3085 return mode->he_capab[ieee80211_mode].he_supported;
3086 default:
3087 return false;
3088 }
3089 }
3090
3091
ibss_mesh_can_use_eht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,const struct hostapd_hw_modes * mode,int ieee80211_mode)3092 static bool ibss_mesh_can_use_eht(struct wpa_supplicant *wpa_s,
3093 const struct wpa_ssid *ssid,
3094 const struct hostapd_hw_modes *mode,
3095 int ieee80211_mode)
3096 {
3097 if (ssid->disable_eht)
3098 return false;
3099
3100 switch(mode->mode) {
3101 case HOSTAPD_MODE_IEEE80211G:
3102 case HOSTAPD_MODE_IEEE80211B:
3103 case HOSTAPD_MODE_IEEE80211A:
3104 return mode->eht_capab[ieee80211_mode].eht_supported;
3105 default:
3106 return false;
3107 }
3108 }
3109
3110
ibss_mesh_select_40mhz(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode,struct hostapd_freq_params * freq,int obss_scan)3111 static void ibss_mesh_select_40mhz(struct wpa_supplicant *wpa_s,
3112 const struct wpa_ssid *ssid,
3113 struct hostapd_hw_modes *mode,
3114 struct hostapd_freq_params *freq,
3115 int obss_scan) {
3116 int chan_idx;
3117 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
3118 int i, res;
3119 unsigned int j;
3120 static const int ht40plus[] = {
3121 36, 44, 52, 60, 100, 108, 116, 124, 132, 140,
3122 149, 157, 165, 173, 184, 192
3123 };
3124 int ht40 = -1;
3125
3126 if (!freq->ht_enabled)
3127 return;
3128
3129 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
3130 pri_chan = &mode->channels[chan_idx];
3131 if (pri_chan->chan == freq->channel)
3132 break;
3133 pri_chan = NULL;
3134 }
3135 if (!pri_chan)
3136 return;
3137
3138 /* Check primary channel flags */
3139 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
3140 return;
3141
3142 #ifdef CONFIG_HT_OVERRIDES
3143 if (ssid->disable_ht40)
3144 return;
3145 #endif
3146
3147 /* Check/setup HT40+/HT40- */
3148 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
3149 if (ht40plus[j] == freq->channel) {
3150 ht40 = 1;
3151 break;
3152 }
3153 }
3154
3155 /* Find secondary channel */
3156 for (i = 0; i < mode->num_channels; i++) {
3157 sec_chan = &mode->channels[i];
3158 if (sec_chan->chan == freq->channel + ht40 * 4)
3159 break;
3160 sec_chan = NULL;
3161 }
3162 if (!sec_chan)
3163 return;
3164
3165 /* Check secondary channel flags */
3166 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
3167 return;
3168
3169 if (ht40 == -1) {
3170 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
3171 return;
3172 } else {
3173 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
3174 return;
3175 }
3176 freq->sec_channel_offset = ht40;
3177
3178 if (obss_scan) {
3179 struct wpa_scan_results *scan_res;
3180
3181 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0,
3182 NULL);
3183 if (scan_res == NULL) {
3184 /* Back to HT20 */
3185 freq->sec_channel_offset = 0;
3186 return;
3187 }
3188
3189 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
3190 switch (res) {
3191 case 0:
3192 /* Back to HT20 */
3193 freq->sec_channel_offset = 0;
3194 break;
3195 case 1:
3196 /* Configuration allowed */
3197 break;
3198 case 2:
3199 /* Switch pri/sec channels */
3200 freq->freq = hw_get_freq(mode, sec_chan->chan);
3201 freq->sec_channel_offset = -freq->sec_channel_offset;
3202 freq->channel = sec_chan->chan;
3203 break;
3204 default:
3205 freq->sec_channel_offset = 0;
3206 break;
3207 }
3208
3209 wpa_scan_results_free(scan_res);
3210 }
3211
3212 wpa_printf(MSG_DEBUG,
3213 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
3214 freq->channel, freq->sec_channel_offset);
3215 }
3216
3217
ibss_get_center_320mhz(int channel)3218 static int ibss_get_center_320mhz(int channel)
3219 {
3220 int seg0;
3221
3222 if (channel >= 1 && channel <= 45)
3223 seg0 = 31;
3224 else if (channel >= 49 && channel <= 77)
3225 seg0 = 63;
3226 else if (channel >= 81 && channel <= 109)
3227 seg0 = 95;
3228 else if (channel >= 113 && channel <= 141)
3229 seg0 = 127;
3230 else if (channel >= 145 && channel <= 173)
3231 seg0 = 159;
3232 else
3233 seg0 = 191;
3234
3235 return seg0;
3236 }
3237
3238
ibss_mesh_select_80_160mhz(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode,struct hostapd_freq_params * freq,int ieee80211_mode,bool is_6ghz)3239 static bool ibss_mesh_select_80_160mhz(struct wpa_supplicant *wpa_s,
3240 const struct wpa_ssid *ssid,
3241 struct hostapd_hw_modes *mode,
3242 struct hostapd_freq_params *freq,
3243 int ieee80211_mode, bool is_6ghz) {
3244 static const int bw80[] = {
3245 5180, 5260, 5500, 5580, 5660, 5745, 5825,
3246 5955, 6035, 6115, 6195, 6275, 6355, 6435,
3247 6515, 6595, 6675, 6755, 6835, 6915, 6995
3248 };
3249 static const int bw160[] = {
3250 5955, 6115, 6275, 6435, 6595, 6755, 6915
3251 };
3252 static const int bw320[]= {
3253 5955, 6255, 6115, 6415, 6275, 6575, 6435,
3254 6735, 6595, 6895, 6755, 7055
3255 };
3256
3257 struct hostapd_freq_params vht_freq;
3258 int i;
3259 unsigned int j, k;
3260 int chwidth, seg0, seg1;
3261 u32 vht_caps = 0;
3262 u8 channel = freq->channel;
3263
3264 if (!freq->vht_enabled && !freq->he_enabled)
3265 return true;
3266
3267 vht_freq = *freq;
3268
3269 chwidth = CONF_OPER_CHWIDTH_USE_HT;
3270 seg0 = freq->channel + 2 * freq->sec_channel_offset;
3271 seg1 = 0;
3272 if (freq->sec_channel_offset == 0) {
3273 seg0 = 0;
3274 /* Don't try 80 MHz if 40 MHz failed, except in 6 GHz */
3275 if (freq->ht_enabled && !is_6ghz)
3276 goto skip_80mhz;
3277 }
3278 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_USE_HT)
3279 goto skip_80mhz;
3280
3281 /* setup center_freq1, bandwidth */
3282 for (j = 0; j < ARRAY_SIZE(bw80); j++) {
3283 if (freq->freq >= bw80[j] &&
3284 freq->freq < bw80[j] + 80)
3285 break;
3286 }
3287
3288 if (j == ARRAY_SIZE(bw80) ||
3289 ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES)
3290 goto skip_80mhz;
3291
3292 /* Use 40 MHz if channel not usable */
3293 if (!ibss_mesh_is_80mhz_avail(channel, mode))
3294 goto skip_80mhz;
3295
3296 chwidth = CONF_OPER_CHWIDTH_80MHZ;
3297 seg0 = channel + 6;
3298 seg1 = 0;
3299
3300 /* In 160 MHz, the initial four 20 MHz channels were validated
3301 * above. If 160 MHz is supported, check the remaining four 20 MHz
3302 * channels for the total of 160 MHz bandwidth for 6 GHz.
3303 */
3304 if ((mode->he_capab[ieee80211_mode].phy_cap[
3305 HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
3306 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
3307 ibss_mesh_is_80mhz_avail(channel + 16, mode)) {
3308 for (j = 0; j < ARRAY_SIZE(bw160); j++) {
3309 if (freq->freq == bw160[j]) {
3310 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3311 seg0 = channel + 14;
3312 break;
3313 }
3314 }
3315 }
3316
3317 /* In 320 MHz, the initial four 20 MHz channels were validated
3318 * above. If 320 MHz is supported, check the remaining 12 20 MHz
3319 * channels for the total of 320 MHz bandwidth for 6 GHz.
3320 */
3321 if ((mode->eht_capab[ieee80211_mode].phy_cap[
3322 EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_IDX] &
3323 EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK) && is_6ghz &&
3324 ibss_mesh_is_80mhz_avail(channel + 16, mode) &&
3325 ibss_mesh_is_80mhz_avail(channel + 32, mode) &&
3326 ibss_mesh_is_80mhz_avail(channel + 48, mode)) {
3327 for (j = 0; j < ARRAY_SIZE(bw320); j += 2) {
3328 if (freq->freq >= bw320[j] &&
3329 freq->freq <= bw320[j + 1]) {
3330 chwidth = CONF_OPER_CHWIDTH_320MHZ;
3331 seg0 = ibss_get_center_320mhz(freq->channel);
3332 break;
3333 }
3334 }
3335 }
3336
3337 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_80P80MHZ) {
3338 /* setup center_freq2, bandwidth */
3339 for (k = 0; k < ARRAY_SIZE(bw80); k++) {
3340 /* Only accept 80 MHz segments separated by a gap */
3341 if (j == k || abs(bw80[j] - bw80[k]) == 80)
3342 continue;
3343
3344 if (ieee80211_freq_to_chan(bw80[k], &channel) ==
3345 NUM_HOSTAPD_MODES)
3346 break;
3347
3348 for (i = channel; i < channel + 16; i += 4) {
3349 struct hostapd_channel_data *chan;
3350
3351 chan = hw_get_channel_chan(mode, i, NULL);
3352 if (!chan)
3353 continue;
3354
3355 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
3356 HOSTAPD_CHAN_NO_IR |
3357 HOSTAPD_CHAN_RADAR))
3358 continue;
3359
3360 /* Found a suitable second segment for 80+80 */
3361 chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
3362 if (!is_6ghz)
3363 vht_caps |=
3364 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
3365 seg1 = channel + 6;
3366 }
3367
3368 if (chwidth == CONF_OPER_CHWIDTH_80P80MHZ)
3369 break;
3370 }
3371 } else if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) {
3372 if (freq->freq == 5180) {
3373 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3374 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3375 seg0 = 50;
3376 } else if (freq->freq == 5520) {
3377 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3378 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3379 seg0 = 114;
3380 }
3381 }
3382
3383 skip_80mhz:
3384 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
3385 freq->channel, ssid->enable_edmg,
3386 ssid->edmg_channel, freq->ht_enabled,
3387 freq->vht_enabled, freq->he_enabled,
3388 freq->eht_enabled,
3389 freq->sec_channel_offset,
3390 chwidth, seg0, seg1, vht_caps,
3391 &mode->he_capab[ieee80211_mode],
3392 &mode->eht_capab[ieee80211_mode], 0) != 0)
3393 return false;
3394
3395 *freq = vht_freq;
3396
3397 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
3398 freq->center_freq1, freq->center_freq2, freq->bandwidth);
3399 return true;
3400 }
3401
3402
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)3403 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
3404 const struct wpa_ssid *ssid,
3405 struct hostapd_freq_params *freq)
3406 {
3407 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
3408 enum hostapd_hw_mode hw_mode;
3409 struct hostapd_hw_modes *mode = NULL;
3410 int obss_scan = 1;
3411 u8 channel;
3412 bool is_6ghz, is_24ghz;
3413
3414 freq->freq = ssid->frequency;
3415
3416 if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) {
3417 struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid);
3418
3419 if (bss) {
3420 wpa_printf(MSG_DEBUG,
3421 "IBSS already found in scan results, adjust control freq: %d",
3422 bss->freq);
3423 freq->freq = bss->freq;
3424 obss_scan = 0;
3425 }
3426 }
3427
3428 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
3429 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
3430 hw_mode, is_6ghz_freq(ssid->frequency));
3431
3432 if (!mode)
3433 return;
3434
3435 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
3436 hw_mode == HOSTAPD_MODE_IEEE80211B;
3437
3438 is_6ghz = is_6ghz_freq(freq->freq);
3439
3440 freq->ht_enabled = 0;
3441 freq->vht_enabled = 0;
3442 freq->he_enabled = 0;
3443 freq->eht_enabled = 0;
3444
3445 if (!is_6ghz)
3446 freq->ht_enabled = ibss_mesh_can_use_ht(wpa_s, ssid, mode);
3447 if (freq->ht_enabled)
3448 freq->vht_enabled = ibss_mesh_can_use_vht(wpa_s, ssid, mode);
3449 if (freq->vht_enabled || (freq->ht_enabled && is_24ghz) || is_6ghz)
3450 freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
3451 ieee80211_mode);
3452 freq->channel = channel;
3453 /* Setup higher BW only for 5 GHz */
3454 if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
3455 ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan);
3456 if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq,
3457 ieee80211_mode, is_6ghz))
3458 freq->he_enabled = freq->vht_enabled = false;
3459 }
3460
3461 if (freq->he_enabled)
3462 freq->eht_enabled = ibss_mesh_can_use_eht(wpa_s, ssid, mode,
3463 ieee80211_mode);
3464 }
3465
3466
3467 #ifdef CONFIG_FILS
wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)3468 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
3469 size_t ie_buf_len)
3470 {
3471 struct fils_hlp_req *req;
3472 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
3473 const u8 *pos;
3474 u8 *buf = ie_buf;
3475
3476 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3477 list) {
3478 rem_len = ie_buf_len - ie_len;
3479 pos = wpabuf_head(req->pkt);
3480 hdr_len = 1 + 2 * ETH_ALEN + 6;
3481 hlp_len = wpabuf_len(req->pkt);
3482
3483 if (rem_len < 2 + hdr_len + hlp_len) {
3484 wpa_printf(MSG_ERROR,
3485 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
3486 (unsigned long) rem_len,
3487 (unsigned long) (2 + hdr_len + hlp_len));
3488 break;
3489 }
3490
3491 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
3492 /* Element ID */
3493 *buf++ = WLAN_EID_EXTENSION;
3494 /* Length */
3495 *buf++ = len;
3496 /* Element ID Extension */
3497 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
3498 /* Destination MAC address */
3499 os_memcpy(buf, req->dst, ETH_ALEN);
3500 buf += ETH_ALEN;
3501 /* Source MAC address */
3502 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
3503 buf += ETH_ALEN;
3504 /* LLC/SNAP Header */
3505 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
3506 buf += 6;
3507 /* HLP Packet */
3508 os_memcpy(buf, pos, len - hdr_len);
3509 buf += len - hdr_len;
3510 pos += len - hdr_len;
3511
3512 hlp_len -= len - hdr_len;
3513 ie_len += 2 + len;
3514 rem_len -= 2 + len;
3515
3516 while (hlp_len) {
3517 len = (hlp_len > 255) ? 255 : hlp_len;
3518 if (rem_len < 2 + len)
3519 break;
3520 *buf++ = WLAN_EID_FRAGMENT;
3521 *buf++ = len;
3522 os_memcpy(buf, pos, len);
3523 buf += len;
3524 pos += len;
3525
3526 hlp_len -= len;
3527 ie_len += 2 + len;
3528 rem_len -= 2 + len;
3529 }
3530 }
3531
3532 return ie_len;
3533 }
3534
3535
wpa_is_fils_supported(struct wpa_supplicant * wpa_s)3536 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
3537 {
3538 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3539 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
3540 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3541 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
3542 }
3543
3544
wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)3545 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
3546 {
3547 #ifdef CONFIG_FILS_SK_PFS
3548 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3549 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
3550 #else /* CONFIG_FILS_SK_PFS */
3551 return 0;
3552 #endif /* CONFIG_FILS_SK_PFS */
3553 }
3554
3555 #endif /* CONFIG_FILS */
3556
3557
wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss * bss)3558 bool wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss *bss)
3559 {
3560 const u8 *wfa_capa;
3561
3562 if (!bss)
3563 return false;
3564
3565 /* Get WFA capability from Beacon or Probe Response frame elements */
3566 wfa_capa = wpa_bss_get_vendor_ie(bss, WFA_CAPA_IE_VENDOR_TYPE);
3567 if (!wfa_capa)
3568 wfa_capa = wpa_bss_get_vendor_ie_beacon(
3569 bss, WFA_CAPA_IE_VENDOR_TYPE);
3570
3571 if (!wfa_capa || wfa_capa[1] < 6 || wfa_capa[6] < 1 ||
3572 !(wfa_capa[7] & WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC)) {
3573 /* AP does not enable QM non EHT traffic description policy */
3574 return false;
3575 }
3576
3577 return true;
3578 }
3579
3580
wpas_populate_wfa_capa(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,u8 * wpa_ie,size_t wpa_ie_len,size_t max_wpa_ie_len)3581 int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
3582 u8 *wpa_ie, size_t wpa_ie_len, size_t max_wpa_ie_len)
3583 {
3584 struct wpabuf *wfa_ie = NULL, *attr = NULL;
3585 u8 wfa_capa[1];
3586 u8 capab_len = 0;
3587 size_t wfa_ie_len, buf_len;
3588
3589 os_memset(wfa_capa, 0, sizeof(wfa_capa));
3590 #ifndef CONFIG_NO_ROBUST_AV
3591 if (wpa_s->enable_dscp_policy_capa)
3592 wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY;
3593 #endif /* CONFIG_NO_ROBUST_AV */
3594
3595 if (wpa_is_non_eht_scs_traffic_desc_supported(bss))
3596 wfa_capa[0] |= WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC;
3597
3598 if (wfa_capa[0])
3599 capab_len = 1;
3600
3601 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_UNPROTECTED)
3602 attr = wpas_wfa_gen_capab_attr(wpa_s);
3603
3604 if (capab_len == 0 && !attr)
3605 return wpa_ie_len;
3606
3607 /* Wi-Fi Alliance element */
3608 buf_len = 1 + /* Element ID */
3609 1 + /* Length */
3610 3 + /* OUI */
3611 1 + /* OUI Type */
3612 1 + /* Capabilities Length */
3613 capab_len + /* Capabilities */
3614 (attr ? wpabuf_len(attr) : 0) /* Attributes */;
3615 wfa_ie = wpabuf_alloc(buf_len);
3616 if (!wfa_ie) {
3617 wpabuf_free(attr);
3618 return wpa_ie_len;
3619 }
3620
3621 wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC);
3622 wpabuf_put_u8(wfa_ie, buf_len - 2);
3623 wpabuf_put_be24(wfa_ie, OUI_WFA);
3624 wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE);
3625 wpabuf_put_u8(wfa_ie, capab_len);
3626 wpabuf_put_data(wfa_ie, wfa_capa, capab_len);
3627 if (attr)
3628 wpabuf_put_buf(wfa_ie, attr);
3629 wpabuf_free(attr);
3630
3631 wfa_ie_len = wpabuf_len(wfa_ie);
3632 if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) {
3633 wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element",
3634 wfa_ie);
3635 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie),
3636 wfa_ie_len);
3637 wpa_ie_len += wfa_ie_len;
3638 }
3639
3640 wpabuf_free(wfa_ie);
3641 return wpa_ie_len;
3642 }
3643
3644
wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)3645 static u8 * wpas_populate_assoc_ies(
3646 struct wpa_supplicant *wpa_s,
3647 struct wpa_bss *bss, struct wpa_ssid *ssid,
3648 struct wpa_driver_associate_params *params,
3649 enum wpa_drv_update_connect_params_mask *mask)
3650 {
3651 u8 *wpa_ie;
3652 size_t max_wpa_ie_len = 500;
3653 size_t wpa_ie_len;
3654 int algs = WPA_AUTH_ALG_OPEN;
3655 #ifdef CONFIG_MBO
3656 const u8 *mbo_ie;
3657 #endif
3658 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3659 int pmksa_cached = 0;
3660 #endif /* CONFIG_SAE || CONFIG_FILS */
3661 #ifdef CONFIG_FILS
3662 const u8 *realm, *username, *rrk;
3663 size_t realm_len, username_len, rrk_len;
3664 u16 next_seq_num;
3665 struct fils_hlp_req *req;
3666
3667 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3668 list) {
3669 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
3670 2 + 2 * wpabuf_len(req->pkt) / 255;
3671 }
3672 #endif /* CONFIG_FILS */
3673
3674 wpa_ie = os_malloc(max_wpa_ie_len);
3675 if (!wpa_ie) {
3676 wpa_printf(MSG_ERROR,
3677 "Failed to allocate connect IE buffer for %lu bytes",
3678 (unsigned long) max_wpa_ie_len);
3679 return NULL;
3680 }
3681
3682 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
3683 wpa_bss_get_rsne(wpa_s, bss, ssid, false)) &&
3684 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
3685 int try_opportunistic;
3686 const u8 *cache_id = NULL;
3687 const u8 *addr = bss->bssid;
3688
3689 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3690 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_MLO) &&
3691 !is_zero_ether_addr(bss->mld_addr))
3692 addr = bss->mld_addr;
3693
3694 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3695 wpa_s->valid_links)
3696 addr = wpa_s->ap_mld_addr;
3697
3698 try_opportunistic = (ssid->proactive_key_caching < 0 ?
3699 wpa_s->conf->okc :
3700 ssid->proactive_key_caching) &&
3701 (ssid->proto & WPA_PROTO_RSN);
3702 #ifdef CONFIG_FILS
3703 if (wpa_key_mgmt_fils(ssid->key_mgmt))
3704 cache_id = wpa_bss_get_fils_cache_id(bss);
3705 #endif /* CONFIG_FILS */
3706 if (pmksa_cache_set_current(wpa_s->wpa, NULL, addr,
3707 ssid, try_opportunistic,
3708 cache_id, 0, false) == 0) {
3709 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
3710 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3711 pmksa_cached = 1;
3712 #endif /* CONFIG_SAE || CONFIG_FILS */
3713 }
3714 wpa_ie_len = max_wpa_ie_len;
3715 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3716 wpa_ie, &wpa_ie_len, false)) {
3717 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3718 "key management and encryption suites");
3719 os_free(wpa_ie);
3720 return NULL;
3721 }
3722 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
3723 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
3724 /*
3725 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
3726 * use non-WPA since the scan results did not indicate that the
3727 * AP is using WPA or WPA2.
3728 */
3729 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3730 wpa_ie_len = 0;
3731 wpa_s->wpa_proto = 0;
3732 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
3733 wpa_ie_len = max_wpa_ie_len;
3734 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
3735 wpa_ie, &wpa_ie_len, false)) {
3736 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3737 "key management and encryption suites (no "
3738 "scan results)");
3739 os_free(wpa_ie);
3740 return NULL;
3741 }
3742 #ifdef CONFIG_WPS
3743 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
3744 struct wpabuf *wps_ie;
3745 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
3746 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
3747 wpa_ie_len = wpabuf_len(wps_ie);
3748 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
3749 } else
3750 wpa_ie_len = 0;
3751 wpabuf_free(wps_ie);
3752 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3753 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
3754 params->wps = WPS_MODE_PRIVACY;
3755 else
3756 params->wps = WPS_MODE_OPEN;
3757 wpa_s->wpa_proto = 0;
3758 #endif /* CONFIG_WPS */
3759 } else {
3760 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3761 wpa_ie_len = 0;
3762 wpa_s->wpa_proto = 0;
3763 }
3764
3765 #ifdef IEEE8021X_EAPOL
3766 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3767 if (ssid->leap) {
3768 if (ssid->non_leap == 0)
3769 algs = WPA_AUTH_ALG_LEAP;
3770 else
3771 algs |= WPA_AUTH_ALG_LEAP;
3772 }
3773 }
3774
3775 #ifdef CONFIG_FILS
3776 /* Clear FILS association */
3777 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
3778
3779 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3780 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3781 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
3782 &username_len, &realm, &realm_len,
3783 &next_seq_num, &rrk, &rrk_len) == 0 &&
3784 (!wpa_s->last_con_fail_realm ||
3785 wpa_s->last_con_fail_realm_len != realm_len ||
3786 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
3787 algs = WPA_AUTH_ALG_FILS;
3788 params->fils_erp_username = username;
3789 params->fils_erp_username_len = username_len;
3790 params->fils_erp_realm = realm;
3791 params->fils_erp_realm_len = realm_len;
3792 params->fils_erp_next_seq_num = next_seq_num;
3793 params->fils_erp_rrk = rrk;
3794 params->fils_erp_rrk_len = rrk_len;
3795
3796 if (mask)
3797 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
3798 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3799 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3800 pmksa_cached) {
3801 algs = WPA_AUTH_ALG_FILS;
3802 }
3803 #endif /* CONFIG_FILS */
3804 #endif /* IEEE8021X_EAPOL */
3805 #ifdef CONFIG_SAE
3806 if (wpa_key_mgmt_sae(wpa_s->key_mgmt))
3807 algs = WPA_AUTH_ALG_SAE;
3808 #endif /* CONFIG_SAE */
3809
3810 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
3811 if (ssid->auth_alg) {
3812 algs = ssid->auth_alg;
3813 wpa_dbg(wpa_s, MSG_DEBUG,
3814 "Overriding auth_alg selection: 0x%x", algs);
3815 }
3816
3817 #ifdef CONFIG_SAE
3818 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
3819 wpa_dbg(wpa_s, MSG_DEBUG,
3820 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
3821 algs = WPA_AUTH_ALG_OPEN;
3822 }
3823 #endif /* CONFIG_SAE */
3824
3825 #ifdef CONFIG_P2P
3826 if (wpa_s->global->p2p) {
3827 u8 *pos;
3828 size_t len;
3829 int res;
3830 pos = wpa_ie + wpa_ie_len;
3831 len = max_wpa_ie_len - wpa_ie_len;
3832 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
3833 ssid->p2p_group);
3834 if (res >= 0)
3835 wpa_ie_len += res;
3836 }
3837
3838 wpa_s->cross_connect_disallowed = 0;
3839 if (bss) {
3840 struct wpabuf *p2p;
3841 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
3842 if (p2p) {
3843 wpa_s->cross_connect_disallowed =
3844 p2p_get_cross_connect_disallowed(p2p);
3845 wpabuf_free(p2p);
3846 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3847 "connection",
3848 wpa_s->cross_connect_disallowed ?
3849 "disallows" : "allows");
3850 }
3851 }
3852
3853 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3854 #endif /* CONFIG_P2P */
3855
3856 #ifndef CONFIG_NO_RRM
3857 if (bss) {
3858 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3859 wpa_ie + wpa_ie_len,
3860 max_wpa_ie_len -
3861 wpa_ie_len);
3862 }
3863 #endif /* CONFIG_NO_RRM */
3864
3865 /*
3866 * Workaround: Add Extended Capabilities element only if the AP
3867 * included this element in Beacon/Probe Response frames. Some older
3868 * APs seem to have interoperability issues if this element is
3869 * included, so while the standard may require us to include the
3870 * element in all cases, it is justifiable to skip it to avoid
3871 * interoperability issues.
3872 */
3873 if (ssid->p2p_group)
3874 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3875 else
3876 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3877
3878 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3879 u8 ext_capab[18];
3880 int ext_capab_len;
3881 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3882 sizeof(ext_capab), bss);
3883 if (ext_capab_len > 0 &&
3884 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3885 u8 *pos = wpa_ie;
3886 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3887 pos += 2 + pos[1];
3888 os_memmove(pos + ext_capab_len, pos,
3889 wpa_ie_len - (pos - wpa_ie));
3890 wpa_ie_len += ext_capab_len;
3891 os_memcpy(pos, ext_capab, ext_capab_len);
3892 }
3893 }
3894
3895 if (ssid->max_idle && wpa_ie_len + 5 <= max_wpa_ie_len) {
3896 u8 *pos = wpa_ie;
3897
3898 *pos++ = WLAN_EID_BSS_MAX_IDLE_PERIOD;
3899 *pos++ = 3;
3900 WPA_PUT_LE16(pos, ssid->max_idle);
3901 pos += 2;
3902 *pos = 0; /* Idle Options */
3903 wpa_ie_len += 5;
3904 }
3905
3906 #ifdef CONFIG_HS20
3907 if (is_hs20_network(wpa_s, ssid, bss)
3908 #ifndef ANDROID /* Android does not use the native HS 2.0 config */
3909 && is_hs20_config(wpa_s)
3910 #endif /* ANDROID */
3911 ) {
3912 struct wpabuf *hs20;
3913
3914 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3915 if (hs20) {
3916 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3917 size_t len;
3918
3919 wpas_hs20_add_indication(hs20, pps_mo_id,
3920 get_hs20_version(bss));
3921 wpas_hs20_add_roam_cons_sel(hs20, ssid);
3922 len = max_wpa_ie_len - wpa_ie_len;
3923 if (wpabuf_len(hs20) <= len) {
3924 os_memcpy(wpa_ie + wpa_ie_len,
3925 wpabuf_head(hs20), wpabuf_len(hs20));
3926 wpa_ie_len += wpabuf_len(hs20);
3927 }
3928 wpabuf_free(hs20);
3929 }
3930 }
3931 hs20_configure_frame_filters(wpa_s);
3932 #endif /* CONFIG_HS20 */
3933
3934 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3935 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3936 size_t len;
3937
3938 len = max_wpa_ie_len - wpa_ie_len;
3939 if (wpabuf_len(buf) <= len) {
3940 os_memcpy(wpa_ie + wpa_ie_len,
3941 wpabuf_head(buf), wpabuf_len(buf));
3942 wpa_ie_len += wpabuf_len(buf);
3943 }
3944 }
3945
3946 #ifdef CONFIG_FST
3947 if (wpa_s->fst_ies) {
3948 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3949
3950 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3951 os_memcpy(wpa_ie + wpa_ie_len,
3952 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3953 wpa_ie_len += fst_ies_len;
3954 }
3955 }
3956 #endif /* CONFIG_FST */
3957
3958 #ifdef CONFIG_MBO
3959 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3960 if (!wpa_s->disable_mbo_oce && mbo_ie) {
3961 int len;
3962
3963 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3964 max_wpa_ie_len - wpa_ie_len,
3965 !!mbo_attr_from_mbo_ie(mbo_ie,
3966 OCE_ATTR_ID_CAPA_IND));
3967 if (len >= 0)
3968 wpa_ie_len += len;
3969 }
3970 #endif /* CONFIG_MBO */
3971
3972 #ifdef CONFIG_FILS
3973 if (algs == WPA_AUTH_ALG_FILS) {
3974 size_t len;
3975
3976 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3977 max_wpa_ie_len - wpa_ie_len);
3978 wpa_ie_len += len;
3979 }
3980 #endif /* CONFIG_FILS */
3981
3982 #ifdef CONFIG_OWE
3983 #ifdef CONFIG_TESTING_OPTIONS
3984 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3985 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3986 } else
3987 #endif /* CONFIG_TESTING_OPTIONS */
3988 if (algs == WPA_AUTH_ALG_OPEN &&
3989 ssid->key_mgmt == WPA_KEY_MGMT_OWE &&
3990 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA)) {
3991 struct wpabuf *owe_ie;
3992 u16 group;
3993
3994 if (ssid->owe_group) {
3995 group = ssid->owe_group;
3996 } else if (wpa_s->assoc_status_code ==
3997 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3998 if (wpa_s->last_owe_group == 19)
3999 group = 20;
4000 else if (wpa_s->last_owe_group == 20)
4001 group = 21;
4002 else
4003 group = OWE_DH_GROUP;
4004 } else {
4005 group = OWE_DH_GROUP;
4006 }
4007
4008 wpa_s->last_owe_group = group;
4009 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
4010 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
4011 if (owe_ie &&
4012 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
4013 os_memcpy(wpa_ie + wpa_ie_len,
4014 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
4015 wpa_ie_len += wpabuf_len(owe_ie);
4016 }
4017 wpabuf_free(owe_ie);
4018 }
4019 #endif /* CONFIG_OWE */
4020
4021 #ifdef CONFIG_DPP2
4022 if (DPP_VERSION > 1 &&
4023 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
4024 ssid->dpp_netaccesskey &&
4025 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
4026 struct rsn_pmksa_cache_entry *pmksa;
4027
4028 pmksa = pmksa_cache_get_current(wpa_s->wpa);
4029 if (!pmksa || !pmksa->dpp_pfs)
4030 goto pfs_fail;
4031
4032 dpp_pfs_free(wpa_s->dpp_pfs);
4033 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
4034 ssid->dpp_netaccesskey_len);
4035 if (!wpa_s->dpp_pfs) {
4036 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
4037 /* Try to continue without PFS */
4038 goto pfs_fail;
4039 }
4040 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
4041 max_wpa_ie_len - wpa_ie_len) {
4042 os_memcpy(wpa_ie + wpa_ie_len,
4043 wpabuf_head(wpa_s->dpp_pfs->ie),
4044 wpabuf_len(wpa_s->dpp_pfs->ie));
4045 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
4046 }
4047 }
4048 pfs_fail:
4049 #endif /* CONFIG_DPP2 */
4050
4051 #ifdef CONFIG_IEEE80211R
4052 /*
4053 * Add MDIE under these conditions: the network profile allows FT,
4054 * the AP supports FT, and the mobility domain ID matches.
4055 */
4056 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
4057 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
4058
4059 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
4060 size_t len = 0;
4061 const u8 *md = mdie + 2;
4062 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
4063
4064 if (os_memcmp(md, wpa_md,
4065 MOBILITY_DOMAIN_ID_LEN) == 0) {
4066 /* Add mobility domain IE */
4067 len = wpa_ft_add_mdie(
4068 wpa_s->wpa, wpa_ie + wpa_ie_len,
4069 max_wpa_ie_len - wpa_ie_len, mdie);
4070 wpa_ie_len += len;
4071 }
4072 #ifdef CONFIG_SME
4073 if (len > 0 && wpa_s->sme.ft_used &&
4074 wpa_sm_has_ft_keys(wpa_s->wpa, md)) {
4075 wpa_dbg(wpa_s, MSG_DEBUG,
4076 "SME: Trying to use FT over-the-air");
4077 algs |= WPA_AUTH_ALG_FT;
4078 }
4079 #endif /* CONFIG_SME */
4080 }
4081 }
4082 #endif /* CONFIG_IEEE80211R */
4083
4084 #ifdef CONFIG_TESTING_OPTIONS
4085 if (wpa_s->rsnxe_override_assoc &&
4086 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
4087 max_wpa_ie_len - wpa_ie_len) {
4088 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
4089 os_memcpy(wpa_ie + wpa_ie_len,
4090 wpabuf_head(wpa_s->rsnxe_override_assoc),
4091 wpabuf_len(wpa_s->rsnxe_override_assoc));
4092 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
4093 } else
4094 #endif /* CONFIG_TESTING_OPTIONS */
4095 if (wpa_s->rsnxe_len > 0 &&
4096 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
4097 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
4098 wpa_ie_len += wpa_s->rsnxe_len;
4099 }
4100
4101 #ifndef CONFIG_NO_ROBUST_AV
4102 #ifdef CONFIG_TESTING_OPTIONS
4103 if (wpa_s->disable_mscs_support)
4104 goto mscs_end;
4105 #endif /* CONFIG_TESTING_OPTIONS */
4106 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
4107 wpa_s->robust_av.valid_config) {
4108 struct wpabuf *mscs_ie;
4109 size_t mscs_ie_len, buf_len;
4110
4111 buf_len = 3 + /* MSCS descriptor IE header */
4112 1 + /* Request type */
4113 2 + /* User priority control */
4114 4 + /* Stream timeout */
4115 3 + /* TCLAS Mask IE header */
4116 wpa_s->robust_av.frame_classifier_len;
4117 mscs_ie = wpabuf_alloc(buf_len);
4118 if (!mscs_ie) {
4119 wpa_printf(MSG_INFO,
4120 "MSCS: Failed to allocate MSCS IE");
4121 goto mscs_end;
4122 }
4123
4124 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
4125 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
4126 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
4127 mscs_ie_len = wpabuf_len(mscs_ie);
4128 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
4129 mscs_ie_len);
4130 wpa_ie_len += mscs_ie_len;
4131 }
4132
4133 wpabuf_free(mscs_ie);
4134 }
4135 mscs_end:
4136 #endif /* CONFIG_NO_ROBUST_AV */
4137
4138 wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len,
4139 max_wpa_ie_len);
4140
4141 if (ssid->multi_ap_backhaul_sta) {
4142 size_t multi_ap_ie_len;
4143 struct multi_ap_params multi_ap = { 0 };
4144
4145 multi_ap.capability = MULTI_AP_BACKHAUL_STA;
4146 multi_ap.profile = ssid->multi_ap_profile;
4147
4148 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
4149 max_wpa_ie_len - wpa_ie_len,
4150 &multi_ap);
4151 if (multi_ap_ie_len == 0) {
4152 wpa_printf(MSG_ERROR,
4153 "Multi-AP: Failed to build Multi-AP IE");
4154 os_free(wpa_ie);
4155 return NULL;
4156 }
4157 wpa_ie_len += multi_ap_ie_len;
4158 }
4159
4160 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE_SUPPORT,
4161 wpas_rsn_overriding(wpa_s, ssid));
4162 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
4163 RSN_OVERRIDE_NOT_USED);
4164 if (wpas_rsn_overriding(wpa_s, ssid) &&
4165 wpas_ap_supports_rsn_overriding(wpa_s, bss) &&
4166 wpa_ie_len + 2 + 4 + 1 <= max_wpa_ie_len) {
4167 u8 *pos = wpa_ie + wpa_ie_len, *start = pos;
4168 const u8 *ie;
4169 enum rsn_selection_variant variant = RSN_SELECTION_RSNE;
4170
4171 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
4172 RSN_OVERRIDE_RSNE);
4173 ie = wpa_bss_get_rsne(wpa_s, bss, ssid, wpa_s->valid_links);
4174 if (ie && ie[0] == WLAN_EID_VENDOR_SPECIFIC && ie[1] >= 4) {
4175 u32 type;
4176
4177 type = WPA_GET_BE32(&ie[2]);
4178 if (type == RSNE_OVERRIDE_IE_VENDOR_TYPE) {
4179 variant = RSN_SELECTION_RSNE_OVERRIDE;
4180 wpa_sm_set_param(wpa_s->wpa,
4181 WPA_PARAM_RSN_OVERRIDE,
4182 RSN_OVERRIDE_RSNE_OVERRIDE);
4183 } else if (type == RSNE_OVERRIDE_2_IE_VENDOR_TYPE) {
4184 variant = RSN_SELECTION_RSNE_OVERRIDE_2;
4185 wpa_sm_set_param(wpa_s->wpa,
4186 WPA_PARAM_RSN_OVERRIDE,
4187 RSN_OVERRIDE_RSNE_OVERRIDE_2);
4188 }
4189 }
4190
4191 /* Indicate which RSNE variant was used */
4192 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
4193 *pos++ = 4 + 1;
4194 WPA_PUT_BE32(pos, RSN_SELECTION_IE_VENDOR_TYPE);
4195 pos += 4;
4196 *pos++ = variant;
4197 wpa_hexdump(MSG_MSGDUMP, "RSN Selection", start, pos - start);
4198 wpa_ie_len += pos - start;
4199 }
4200
4201 params->rsn_overriding = wpas_rsn_overriding(wpa_s, ssid);
4202 params->wpa_ie = wpa_ie;
4203 params->wpa_ie_len = wpa_ie_len;
4204 params->auth_alg = algs;
4205 if (mask)
4206 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
4207
4208 return wpa_ie;
4209 }
4210
4211
4212 #ifdef CONFIG_OWE
wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)4213 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
4214 {
4215 struct wpa_driver_associate_params params;
4216 u8 *wpa_ie;
4217
4218 os_memset(¶ms, 0, sizeof(params));
4219 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4220 wpa_s->current_ssid, ¶ms, NULL);
4221 if (!wpa_ie)
4222 return;
4223
4224 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
4225 os_free(wpa_ie);
4226 }
4227 #endif /* CONFIG_OWE */
4228
4229
4230 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)4231 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
4232 {
4233 struct wpa_driver_associate_params params;
4234 enum wpa_drv_update_connect_params_mask mask = 0;
4235 u8 *wpa_ie;
4236
4237 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
4238 return; /* nothing to do */
4239
4240 os_memset(¶ms, 0, sizeof(params));
4241 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4242 wpa_s->current_ssid, ¶ms, &mask);
4243 if (!wpa_ie)
4244 return;
4245
4246 if (params.auth_alg == WPA_AUTH_ALG_FILS) {
4247 wpa_s->auth_alg = params.auth_alg;
4248 wpa_drv_update_connect_params(wpa_s, ¶ms, mask);
4249 }
4250
4251 os_free(wpa_ie);
4252 }
4253 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
4254
4255
wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)4256 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
4257 {
4258 if (!edmg_ie || edmg_ie[1] < 6)
4259 return 0;
4260 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
4261 }
4262
4263
wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)4264 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
4265 {
4266 if (!edmg_ie || edmg_ie[1] < 6)
4267 return 0;
4268 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
4269 }
4270
4271
4272 /* Returns the intersection of two EDMG configurations.
4273 * Note: The current implementation is limited to CB2 only (CB1 included),
4274 * i.e., the implementation supports up to 2 contiguous channels.
4275 * For supporting non-contiguous (aggregated) channels and for supporting
4276 * CB3 and above, this function will need to be extended.
4277 */
4278 static struct ieee80211_edmg_config
get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)4279 get_edmg_intersection(struct ieee80211_edmg_config a,
4280 struct ieee80211_edmg_config b,
4281 u8 primary_channel)
4282 {
4283 struct ieee80211_edmg_config result;
4284 int i, contiguous = 0;
4285 int max_contiguous = 0;
4286
4287 result.channels = b.channels & a.channels;
4288 if (!result.channels) {
4289 wpa_printf(MSG_DEBUG,
4290 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
4291 a.channels, b.channels);
4292 goto fail;
4293 }
4294
4295 if (!(result.channels & BIT(primary_channel - 1))) {
4296 wpa_printf(MSG_DEBUG,
4297 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
4298 primary_channel, result.channels);
4299 goto fail;
4300 }
4301
4302 /* Find max contiguous channels */
4303 for (i = 0; i < 6; i++) {
4304 if (result.channels & BIT(i))
4305 contiguous++;
4306 else
4307 contiguous = 0;
4308
4309 if (contiguous > max_contiguous)
4310 max_contiguous = contiguous;
4311 }
4312
4313 /* Assuming AP and STA supports ONLY contiguous channels,
4314 * bw configuration can have value between 4-7.
4315 */
4316 if ((b.bw_config < a.bw_config))
4317 result.bw_config = b.bw_config;
4318 else
4319 result.bw_config = a.bw_config;
4320
4321 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
4322 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
4323 wpa_printf(MSG_DEBUG,
4324 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
4325 max_contiguous);
4326 goto fail;
4327 }
4328
4329 return result;
4330
4331 fail:
4332 result.channels = 0;
4333 result.bw_config = 0;
4334 return result;
4335 }
4336
4337
4338 static struct ieee80211_edmg_config
get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)4339 get_supported_edmg(struct wpa_supplicant *wpa_s,
4340 struct hostapd_freq_params *freq,
4341 struct ieee80211_edmg_config request_edmg)
4342 {
4343 enum hostapd_hw_mode hw_mode;
4344 struct hostapd_hw_modes *mode = NULL;
4345 u8 primary_channel;
4346
4347 if (!wpa_s->hw.modes)
4348 goto fail;
4349
4350 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
4351 if (hw_mode == NUM_HOSTAPD_MODES)
4352 goto fail;
4353
4354 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
4355 if (!mode)
4356 goto fail;
4357
4358 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
4359
4360 fail:
4361 request_edmg.channels = 0;
4362 request_edmg.bw_config = 0;
4363 return request_edmg;
4364 }
4365
4366
4367 #ifdef CONFIG_MBO
wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)4368 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
4369 {
4370 struct wpa_driver_associate_params params;
4371 u8 *wpa_ie;
4372
4373 /*
4374 * Update MBO connect params only in case of change of MBO attributes
4375 * when connected, if the AP support MBO.
4376 */
4377
4378 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
4379 !wpa_s->current_bss ||
4380 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
4381 return;
4382
4383 os_memset(¶ms, 0, sizeof(params));
4384 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4385 wpa_s->current_ssid, ¶ms, NULL);
4386 if (!wpa_ie)
4387 return;
4388
4389 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
4390 os_free(wpa_ie);
4391 }
4392 #endif /* CONFIG_MBO */
4393
4394
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)4395 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
4396 {
4397 struct wpa_connect_work *cwork = work->ctx;
4398 struct wpa_bss *bss = cwork->bss;
4399 struct wpa_ssid *ssid = cwork->ssid;
4400 struct wpa_supplicant *wpa_s = work->wpa_s;
4401 u8 *wpa_ie;
4402 const u8 *edmg_ie_oper;
4403 int use_crypt, ret, bssid_changed;
4404 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
4405 struct wpa_driver_associate_params params;
4406 u8 psk[PMK_LEN];
4407 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
4408 int wep_keys_set = 0;
4409 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */
4410 int assoc_failed = 0;
4411 struct wpa_ssid *old_ssid;
4412 u8 prev_bssid[ETH_ALEN];
4413 #ifdef CONFIG_HT_OVERRIDES
4414 struct ieee80211_ht_capabilities htcaps;
4415 struct ieee80211_ht_capabilities htcaps_mask;
4416 #endif /* CONFIG_HT_OVERRIDES */
4417 #ifdef CONFIG_VHT_OVERRIDES
4418 struct ieee80211_vht_capabilities vhtcaps;
4419 struct ieee80211_vht_capabilities vhtcaps_mask;
4420 #endif /* CONFIG_VHT_OVERRIDES */
4421
4422 wpa_s->roam_in_progress = false;
4423 #ifdef CONFIG_WNM
4424 wpa_s->bss_trans_mgmt_in_progress = false;
4425 #endif /* CONFIG_WNM */
4426 wpa_s->no_suitable_network = 0;
4427
4428 if (deinit) {
4429 if (work->started) {
4430 wpa_s->connect_work = NULL;
4431
4432 /* cancel possible auth. timeout */
4433 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
4434 NULL);
4435 }
4436 wpas_connect_work_free(cwork);
4437 return;
4438 }
4439
4440 wpa_s->connect_work = work;
4441
4442 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
4443 wpas_network_disabled(wpa_s, ssid)) {
4444 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
4445 wpas_connect_work_done(wpa_s);
4446 return;
4447 }
4448
4449 /*
4450 * Set the current AP's BSSID (for non-MLO connection) or MLD address
4451 * (for MLO connection) as the previous BSSID for reassociation requests
4452 * handled by SME-in-driver. If wpa_supplicant is in disconnected state,
4453 * prev_bssid will be zero as both wpa_s->valid_links and wpa_s->bssid
4454 * will be zero.
4455 */
4456 os_memcpy(prev_bssid,
4457 wpa_s->valid_links ? wpa_s->ap_mld_addr : wpa_s->bssid,
4458 ETH_ALEN);
4459 os_memset(¶ms, 0, sizeof(params));
4460 wpa_s->reassociate = 0;
4461 wpa_s->eap_expected_failure = 0;
4462
4463 /* Starting new association, so clear the possibly used WPA IE from the
4464 * previous association. */
4465 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
4466 #ifndef CONFIG_NO_WPA
4467 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
4468 #endif /* CONFIG_NO_WPA */
4469 wpa_s->rsnxe_len = 0;
4470 #ifndef CONFIG_NO_ROBUST_AV
4471 wpa_s->mscs_setup_done = false;
4472 #endif /* CONFIG_NO_ROBUST_AV */
4473
4474 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL);
4475 if (!wpa_ie) {
4476 wpas_connect_work_done(wpa_s);
4477 return;
4478 }
4479
4480 if (bss &&
4481 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
4482 #ifdef CONFIG_IEEE80211R
4483 const u8 *ie, *md = NULL;
4484 #endif /* CONFIG_IEEE80211R */
4485 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
4486 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
4487 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
4488 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
4489 os_memset(wpa_s->bssid, 0, ETH_ALEN);
4490 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4491 if (bssid_changed)
4492 wpas_notify_bssid_changed(wpa_s);
4493 #ifdef CONFIG_IEEE80211R
4494 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
4495 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
4496 md = ie + 2;
4497 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
4498 if (md) {
4499 /* Prepare for the next transition */
4500 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
4501 }
4502 #endif /* CONFIG_IEEE80211R */
4503 #ifdef CONFIG_WPS
4504 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
4505 wpa_s->conf->ap_scan == 2 &&
4506 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
4507 /* Use ap_scan==1 style network selection to find the network
4508 */
4509 wpas_connect_work_done(wpa_s);
4510 wpa_s->scan_req = MANUAL_SCAN_REQ;
4511 wpa_s->reassociate = 1;
4512 wpa_supplicant_req_scan(wpa_s, 0, 0);
4513 os_free(wpa_ie);
4514 return;
4515 #endif /* CONFIG_WPS */
4516 } else {
4517 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
4518 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4519 if (bss)
4520 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4521 else
4522 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4523 }
4524 if (!wpa_s->pno)
4525 wpa_supplicant_cancel_sched_scan(wpa_s);
4526
4527 wpa_supplicant_cancel_scan(wpa_s);
4528
4529 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
4530 use_crypt = 1;
4531 cipher_pairwise = wpa_s->pairwise_cipher;
4532 cipher_group = wpa_s->group_cipher;
4533 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
4534 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
4535 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4536 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
4537 use_crypt = 0;
4538 #ifdef CONFIG_WEP
4539 if (wpa_set_wep_keys(wpa_s, ssid)) {
4540 use_crypt = 1;
4541 wep_keys_set = 1;
4542 }
4543 #endif /* CONFIG_WEP */
4544 }
4545 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
4546 use_crypt = 0;
4547
4548 #ifdef IEEE8021X_EAPOL
4549 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4550 if ((ssid->eapol_flags &
4551 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
4552 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
4553 !wep_keys_set) {
4554 use_crypt = 0;
4555 } else {
4556 /* Assume that dynamic WEP-104 keys will be used and
4557 * set cipher suites in order for drivers to expect
4558 * encryption. */
4559 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
4560 }
4561 }
4562 #endif /* IEEE8021X_EAPOL */
4563
4564 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4565 /* Set the key before (and later after) association */
4566 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4567 }
4568
4569 /* Set current_ssid before changing state to ASSOCIATING, so that the
4570 * selected SSID is available to wpas_notify_state_changed(). */
4571 old_ssid = wpa_s->current_ssid;
4572 wpa_s->current_ssid = ssid;
4573
4574 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
4575 if (bss) {
4576 params.ssid = bss->ssid;
4577 params.ssid_len = bss->ssid_len;
4578 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
4579 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4580 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
4581 MACSTR " freq=%u MHz based on scan results "
4582 "(bssid_set=%d wps=%d)",
4583 MAC2STR(bss->bssid), bss->freq,
4584 ssid->bssid_set,
4585 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
4586 params.bssid = bss->bssid;
4587 params.freq.freq = bss->freq;
4588 }
4589 params.bssid_hint = bss->bssid;
4590 params.freq_hint = bss->freq;
4591 params.pbss = bss_is_pbss(bss);
4592 } else {
4593 if (ssid->bssid_hint_set)
4594 params.bssid_hint = ssid->bssid_hint;
4595
4596 params.ssid = ssid->ssid;
4597 params.ssid_len = ssid->ssid_len;
4598 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
4599 }
4600
4601 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
4602 wpa_s->conf->ap_scan == 2) {
4603 params.bssid = ssid->bssid;
4604 params.fixed_bssid = 1;
4605 }
4606
4607 /* Initial frequency for IBSS/mesh */
4608 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
4609 ssid->frequency > 0 && params.freq.freq == 0)
4610 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
4611
4612 if (ssid->mode == WPAS_MODE_IBSS) {
4613 params.fixed_freq = ssid->fixed_freq;
4614 if (ssid->beacon_int)
4615 params.beacon_int = ssid->beacon_int;
4616 else
4617 params.beacon_int = wpa_s->conf->beacon_int;
4618 }
4619
4620 if (bss && ssid->enable_edmg)
4621 edmg_ie_oper = wpa_bss_get_ie_ext(bss,
4622 WLAN_EID_EXT_EDMG_OPERATION);
4623 else
4624 edmg_ie_oper = NULL;
4625
4626 if (edmg_ie_oper) {
4627 params.freq.edmg.channels =
4628 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
4629 params.freq.edmg.bw_config =
4630 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
4631 wpa_printf(MSG_DEBUG,
4632 "AP supports EDMG channels 0x%x, bw_config %d",
4633 params.freq.edmg.channels,
4634 params.freq.edmg.bw_config);
4635
4636 /* User may ask for specific EDMG channel for EDMG connection
4637 * (must be supported by AP)
4638 */
4639 if (ssid->edmg_channel) {
4640 struct ieee80211_edmg_config configured_edmg;
4641 enum hostapd_hw_mode hw_mode;
4642 u8 primary_channel;
4643
4644 hw_mode = ieee80211_freq_to_chan(bss->freq,
4645 &primary_channel);
4646 if (hw_mode == NUM_HOSTAPD_MODES)
4647 goto edmg_fail;
4648
4649 hostapd_encode_edmg_chan(ssid->enable_edmg,
4650 ssid->edmg_channel,
4651 primary_channel,
4652 &configured_edmg);
4653
4654 if (ieee802_edmg_is_allowed(params.freq.edmg,
4655 configured_edmg)) {
4656 params.freq.edmg = configured_edmg;
4657 wpa_printf(MSG_DEBUG,
4658 "Use EDMG channel %d for connection",
4659 ssid->edmg_channel);
4660 } else {
4661 edmg_fail:
4662 params.freq.edmg.channels = 0;
4663 params.freq.edmg.bw_config = 0;
4664 wpa_printf(MSG_WARNING,
4665 "EDMG channel %d not supported by AP, fallback to DMG",
4666 ssid->edmg_channel);
4667 }
4668 }
4669
4670 if (params.freq.edmg.channels) {
4671 wpa_printf(MSG_DEBUG,
4672 "EDMG before: channels 0x%x, bw_config %d",
4673 params.freq.edmg.channels,
4674 params.freq.edmg.bw_config);
4675 params.freq.edmg = get_supported_edmg(wpa_s,
4676 ¶ms.freq,
4677 params.freq.edmg);
4678 wpa_printf(MSG_DEBUG,
4679 "EDMG after: channels 0x%x, bw_config %d",
4680 params.freq.edmg.channels,
4681 params.freq.edmg.bw_config);
4682 }
4683 }
4684
4685 params.pairwise_suite = cipher_pairwise;
4686 params.group_suite = cipher_group;
4687 params.mgmt_group_suite = cipher_group_mgmt;
4688 params.key_mgmt_suite = wpa_s->key_mgmt;
4689 params.allowed_key_mgmts = wpa_s->allowed_key_mgmts;
4690 params.wpa_proto = wpa_s->wpa_proto;
4691 wpa_s->auth_alg = params.auth_alg;
4692 params.mode = ssid->mode;
4693 params.bg_scan_period = ssid->bg_scan_period;
4694 #ifdef CONFIG_WEP
4695 {
4696 int i;
4697
4698 for (i = 0; i < NUM_WEP_KEYS; i++) {
4699 if (ssid->wep_key_len[i])
4700 params.wep_key[i] = ssid->wep_key[i];
4701 params.wep_key_len[i] = ssid->wep_key_len[i];
4702 }
4703 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
4704 }
4705 #endif /* CONFIG_WEP */
4706
4707 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4708 #if (defined(CONFIG_DRIVER_NL80211_BRCM) && !defined(WIFI_BRCM_OPEN_SOURCE_MULTI_AKM)) || \
4709 defined(CONFIG_DRIVER_NL80211_SYNA)
4710 ((params.key_mgmt_suite & WPA_KEY_MGMT_PSK) ||
4711 (params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK))) {
4712 #elif (defined(CONFIG_DRIVER_NL80211_BRCM) && defined(WIFI_BRCM_OPEN_SOURCE_MULTI_AKM)) || \
4713 defined(CONFIG_DRIVER_NL80211_SYNA)
4714 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4715 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
4716 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
4717 wpa_key_mgmt_wpa_psk_no_sae(params.allowed_key_mgmts))) {
4718 #else
4719 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4720 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
4721 (params.allowed_key_mgmts &
4722 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK)))) {
4723 #endif /* (CONFIG_DRIVER_NL80211_BRCM && !WIFI_BRCM_OPEN_SOURCE_MULTI_AKM) ||
4724 * CONFIG_DRIVER_NL80211_SYNA */
4725 params.passphrase = ssid->passphrase;
4726 if (wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0)
4727 params.psk = psk;
4728 }
4729
4730 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
4731 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4732 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4733 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4734 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
4735 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384))
4736 params.req_handshake_offload = 1;
4737
4738 if (wpa_s->conf->key_mgmt_offload) {
4739 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4740 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4741 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4742 params.key_mgmt_suite ==
4743 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
4744 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384)
4745 params.req_key_mgmt_offload =
4746 ssid->proactive_key_caching < 0 ?
4747 wpa_s->conf->okc : ssid->proactive_key_caching;
4748 else
4749 params.req_key_mgmt_offload = 1;
4750
4751 #if (defined(CONFIG_DRIVER_NL80211_BRCM) && !defined(WIFI_BRCM_OPEN_SOURCE_MULTI_AKM)) || \
4752 defined(CONFIG_DRIVER_NL80211_SYNA)
4753 if (((params.key_mgmt_suite & WPA_KEY_MGMT_PSK) ||
4754 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
4755 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
4756 #else
4757 if ((wpa_key_mgmt_wpa_psk_no_sae(params.key_mgmt_suite) ||
4758 wpa_key_mgmt_wpa_psk_no_sae(params.allowed_key_mgmts)) &&
4759 #endif /* (CONFIG_DRIVER_NL80211_BRCM && !WIFI_BRCM_OPEN_SOURCE_MULTI_AKM) ||
4760 * CONFIG_DRIVER_NL80211_SYNA */
4761 wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0)
4762 params.psk = psk;
4763 }
4764
4765 if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA) &&
4766 wpa_key_mgmt_sae(params.key_mgmt_suite)) {
4767 params.auth_alg = WPA_AUTH_ALG_SAE;
4768 if (ssid->sae_password) {
4769 params.sae_password = ssid->sae_password;
4770 params.sae_password_id = ssid->sae_password_id;
4771 } else if (ssid->passphrase) {
4772 params.passphrase = ssid->passphrase;
4773 }
4774 }
4775
4776 params.drop_unencrypted = use_crypt;
4777
4778 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
4779 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
4780 const u8 *rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false);
4781 struct wpa_ie_data ie;
4782 if (!wpas_driver_bss_selection(wpa_s) && rsn &&
4783 wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
4784 ie.capabilities &
4785 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
4786 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
4787 "MFP: require MFP");
4788 params.mgmt_frame_protection =
4789 MGMT_FRAME_PROTECTION_REQUIRED;
4790 #ifdef CONFIG_OWE
4791 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
4792 !ssid->owe_only) {
4793 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
4794 #endif /* CONFIG_OWE */
4795 }
4796 }
4797
4798 params.p2p = ssid->p2p_group;
4799
4800 if (wpa_s->p2pdev->set_sta_uapsd)
4801 params.uapsd = wpa_s->p2pdev->sta_uapsd;
4802 else
4803 params.uapsd = -1;
4804
4805 #ifdef CONFIG_HT_OVERRIDES
4806 os_memset(&htcaps, 0, sizeof(htcaps));
4807 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
4808 params.htcaps = (u8 *) &htcaps;
4809 params.htcaps_mask = (u8 *) &htcaps_mask;
4810 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
4811 #endif /* CONFIG_HT_OVERRIDES */
4812 #ifdef CONFIG_VHT_OVERRIDES
4813 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
4814 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
4815 params.vhtcaps = &vhtcaps;
4816 params.vhtcaps_mask = &vhtcaps_mask;
4817 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
4818 #endif /* CONFIG_VHT_OVERRIDES */
4819 #ifdef CONFIG_HE_OVERRIDES
4820 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms);
4821 #endif /* CONFIG_HE_OVERRIDES */
4822 wpa_supplicant_apply_eht_overrides(wpa_s, ssid, ¶ms);
4823
4824 #ifdef CONFIG_P2P
4825 /*
4826 * If multi-channel concurrency is not supported, check for any
4827 * frequency conflict. In case of any frequency conflict, remove the
4828 * least prioritized connection.
4829 */
4830 if (wpa_s->num_multichan_concurrent < 2) {
4831 int freq, num;
4832 num = get_shared_radio_freqs(wpa_s, &freq, 1, false);
4833 if (num > 0 && freq > 0 && freq != params.freq.freq) {
4834 wpa_printf(MSG_DEBUG,
4835 "Assoc conflicting freq found (%d != %d)",
4836 freq, params.freq.freq);
4837 if (wpas_p2p_handle_frequency_conflicts(
4838 wpa_s, params.freq.freq, ssid) < 0) {
4839 wpas_connect_work_done(wpa_s);
4840 os_free(wpa_ie);
4841 return;
4842 }
4843 }
4844 }
4845 #endif /* CONFIG_P2P */
4846
4847 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
4848 old_ssid)
4849 params.prev_bssid = prev_bssid;
4850
4851 #ifdef CONFIG_SAE
4852 params.sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid);
4853 #endif /* CONFIG_SAE */
4854
4855 ret = wpa_drv_associate(wpa_s, ¶ms);
4856 forced_memzero(psk, sizeof(psk));
4857 os_free(wpa_ie);
4858 if (ret < 0) {
4859 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
4860 "failed");
4861 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) {
4862 /*
4863 * The driver is known to mean what is saying, so we
4864 * can stop right here; the association will not
4865 * succeed.
4866 */
4867 wpas_connection_failed(wpa_s, wpa_s->pending_bssid,
4868 NULL);
4869 wpa_s->assoc_status_code = WLAN_STATUS_UNSPECIFIED_FAILURE;
4870 wpas_notify_assoc_status_code(wpa_s, wpa_s->pending_bssid, 0, NULL, 0);
4871 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4872 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4873 return;
4874 }
4875 /* try to continue anyway; new association will be tried again
4876 * after timeout */
4877 assoc_failed = 1;
4878 }
4879
4880 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4881 /* Set the key after the association just in case association
4882 * cleared the previously configured key. */
4883 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4884 /* No need to timeout authentication since there is no key
4885 * management. */
4886 wpa_supplicant_cancel_auth_timeout(wpa_s);
4887 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
4888 #ifdef CONFIG_IBSS_RSN
4889 } else if (ssid->mode == WPAS_MODE_IBSS &&
4890 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
4891 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
4892 /*
4893 * RSN IBSS authentication is per-STA and we can disable the
4894 * per-BSSID authentication.
4895 */
4896 wpa_supplicant_cancel_auth_timeout(wpa_s);
4897 #endif /* CONFIG_IBSS_RSN */
4898 } else {
4899 /* Timeout for IEEE 802.11 authentication and association */
4900 int timeout = 60;
4901
4902 if (assoc_failed) {
4903 /* give IBSS a bit more time */
4904 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
4905 } else if (wpa_s->conf->ap_scan == 1) {
4906 /* give IBSS a bit more time */
4907 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
4908 }
4909 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4910 }
4911
4912 #ifdef CONFIG_WEP
4913 if (wep_keys_set &&
4914 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
4915 /* Set static WEP keys again */
4916 wpa_set_wep_keys(wpa_s, ssid);
4917 }
4918 #endif /* CONFIG_WEP */
4919
4920 if (old_ssid && old_ssid != ssid) {
4921 /*
4922 * Do not allow EAP session resumption between different
4923 * network configurations.
4924 */
4925 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4926 }
4927
4928 if (!wpas_driver_bss_selection(wpa_s) ||
4929 #ifdef CONFIG_P2P
4930 wpa_s->p2p_in_invitation ||
4931 #endif /* CONFIG_P2P */
4932 ssid->bssid_set) {
4933 wpa_s->current_bss = bss;
4934 #ifdef CONFIG_HS20
4935 hs20_configure_frame_filters(wpa_s);
4936 #endif /* CONFIG_HS20 */
4937 }
4938
4939 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
4940 #ifndef CONFIG_NO_WPA
4941 if (bss)
4942 wpa_sm_set_ssid(wpa_s->wpa, bss->ssid, bss->ssid_len);
4943 #endif /* CONFIG_NO_WPA */
4944 wpa_supplicant_initiate_eapol(wpa_s);
4945 if (old_ssid != wpa_s->current_ssid)
4946 wpas_notify_network_changed(wpa_s);
4947 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
4948 wpas_notify_auth_changed(wpa_s);
4949 }
4950
4951
4952 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
4953 const u8 *addr)
4954 {
4955 struct wpa_ssid *old_ssid;
4956
4957 wpa_s->ml_connect_probe_ssid = NULL;
4958 wpa_s->ml_connect_probe_bss = NULL;
4959 wpas_connect_work_done(wpa_s);
4960 wpa_clear_keys(wpa_s, addr);
4961 old_ssid = wpa_s->current_ssid;
4962 wpa_supplicant_mark_disassoc(wpa_s);
4963 wpa_sm_set_config(wpa_s->wpa, NULL);
4964 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4965 if (old_ssid != wpa_s->current_ssid)
4966 wpas_notify_network_changed(wpa_s);
4967
4968 #ifndef CONFIG_NO_ROBUST_AV
4969 wpas_scs_deinit(wpa_s);
4970 wpas_dscp_deinit(wpa_s);
4971 #endif /* CONFIG_NO_ROBUST_AV */
4972 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4973 }
4974
4975
4976 /**
4977 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
4978 * @wpa_s: Pointer to wpa_supplicant data
4979 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
4980 *
4981 * This function is used to request %wpa_supplicant to deauthenticate from the
4982 * current AP.
4983 */
4984 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4985 u16 reason_code)
4986 {
4987 u8 *addr = NULL;
4988 union wpa_event_data event;
4989 int zero_addr = 0;
4990
4991 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
4992 " pending_bssid=" MACSTR
4993 " reason=%d (%s) state=%s valid_links=0x%x ap_mld_addr=" MACSTR,
4994 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
4995 reason_code, reason2str(reason_code),
4996 wpa_supplicant_state_txt(wpa_s->wpa_state), wpa_s->valid_links,
4997 MAC2STR(wpa_s->ap_mld_addr));
4998
4999 if (wpa_s->valid_links && !is_zero_ether_addr(wpa_s->ap_mld_addr))
5000 addr = wpa_s->ap_mld_addr;
5001 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
5002 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
5003 wpa_s->wpa_state == WPA_ASSOCIATING))
5004 addr = wpa_s->pending_bssid;
5005 else if (!is_zero_ether_addr(wpa_s->bssid))
5006 addr = wpa_s->bssid;
5007 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
5008 /*
5009 * When using driver-based BSS selection, we may not know the
5010 * BSSID with which we are currently trying to associate. We
5011 * need to notify the driver of this disconnection even in such
5012 * a case, so use the all zeros address here.
5013 */
5014 addr = wpa_s->bssid;
5015 zero_addr = 1;
5016 }
5017
5018 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
5019 wpa_s->enabled_4addr_mode = 0;
5020
5021 #ifdef CONFIG_TDLS
5022 wpa_tdls_teardown_peers(wpa_s->wpa);
5023 #endif /* CONFIG_TDLS */
5024
5025 #ifdef CONFIG_MESH
5026 if (wpa_s->ifmsh) {
5027 struct mesh_conf *mconf;
5028
5029 mconf = wpa_s->ifmsh->mconf;
5030 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
5031 wpa_s->ifname);
5032 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
5033 mconf->meshid_len, reason_code);
5034 wpa_supplicant_leave_mesh(wpa_s, true);
5035 }
5036 #endif /* CONFIG_MESH */
5037
5038 if (addr) {
5039 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
5040 os_memset(&event, 0, sizeof(event));
5041 event.deauth_info.reason_code = reason_code;
5042 event.deauth_info.locally_generated = 1;
5043 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
5044 if (zero_addr)
5045 addr = NULL;
5046 }
5047
5048 wpa_supplicant_clear_connection(wpa_s, addr);
5049 }
5050
5051
5052 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
5053 {
5054 wpa_s->own_reconnect_req = 1;
5055 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
5056
5057 }
5058
5059
5060 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
5061 struct wpa_ssid *ssid)
5062 {
5063 if (!ssid || !ssid->disabled || ssid->disabled == 2)
5064 return;
5065
5066 ssid->disabled = 0;
5067 ssid->owe_transition_bss_select_count = 0;
5068 wpas_clear_temp_disabled(wpa_s, ssid, 1);
5069 wpas_notify_network_enabled_changed(wpa_s, ssid);
5070
5071 /*
5072 * Try to reassociate since there is no current configuration and a new
5073 * network was made available.
5074 */
5075 if (!wpa_s->current_ssid && !wpa_s->disconnected)
5076 wpa_s->reassociate = 1;
5077 }
5078
5079
5080 /**
5081 * wpa_supplicant_add_network - Add a new network
5082 * @wpa_s: wpa_supplicant structure for a network interface
5083 * Returns: The new network configuration or %NULL if operation failed
5084 *
5085 * This function performs the following operations:
5086 * 1. Adds a new network.
5087 * 2. Send network addition notification.
5088 * 3. Marks the network disabled.
5089 * 4. Set network default parameters.
5090 */
5091 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
5092 {
5093 struct wpa_ssid *ssid;
5094
5095 ssid = wpa_config_add_network(wpa_s->conf);
5096 if (!ssid)
5097 return NULL;
5098 wpas_notify_network_added(wpa_s, ssid);
5099 ssid->disabled = 1;
5100 wpa_config_set_network_defaults(ssid);
5101
5102 return ssid;
5103 }
5104
5105
5106 /**
5107 * wpa_supplicant_remove_network - Remove a configured network based on id
5108 * @wpa_s: wpa_supplicant structure for a network interface
5109 * @id: Unique network id to search for
5110 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
5111 * could not be removed
5112 *
5113 * This function performs the following operations:
5114 * 1. Removes the network.
5115 * 2. Send network removal notification.
5116 * 3. Update internal state machines.
5117 * 4. Stop any running sched scans.
5118 */
5119 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
5120 {
5121 struct wpa_ssid *ssid, *prev = wpa_s->current_ssid;
5122 int was_disabled;
5123
5124 ssid = wpa_config_get_network(wpa_s->conf, id);
5125 if (!ssid)
5126 return -1;
5127 wpas_notify_network_removed(wpa_s, ssid);
5128
5129 if (ssid == prev || !prev) {
5130 #ifdef CONFIG_SME
5131 wpa_s->sme.prev_bssid_set = 0;
5132 #endif /* CONFIG_SME */
5133 /*
5134 * Invalidate the EAP session cache if the current or
5135 * previously used network is removed.
5136 */
5137 eapol_sm_invalidate_cached_session(wpa_s->eapol);
5138 }
5139
5140 if (ssid == prev) {
5141 wpa_sm_set_config(wpa_s->wpa, NULL);
5142 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
5143
5144 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5145 wpa_s->own_disconnect_req = 1;
5146 wpa_supplicant_deauthenticate(wpa_s,
5147 WLAN_REASON_DEAUTH_LEAVING);
5148 }
5149
5150 was_disabled = ssid->disabled;
5151
5152 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
5153 return -2;
5154
5155 if (!was_disabled && wpa_s->sched_scanning) {
5156 wpa_printf(MSG_DEBUG,
5157 "Stop ongoing sched_scan to remove network from filters");
5158 wpa_supplicant_cancel_sched_scan(wpa_s);
5159 wpa_supplicant_req_scan(wpa_s, 0, 0);
5160 }
5161
5162 return 0;
5163 }
5164
5165
5166 /**
5167 * wpa_supplicant_remove_all_networks - Remove all configured networks
5168 * @wpa_s: wpa_supplicant structure for a network interface
5169 * Returns: 0 on success (errors are currently ignored)
5170 *
5171 * This function performs the following operations:
5172 * 1. Remove all networks.
5173 * 2. Send network removal notifications.
5174 * 3. Update internal state machines.
5175 * 4. Stop any running sched scans.
5176 */
5177 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
5178 {
5179 struct wpa_ssid *ssid;
5180
5181 if (wpa_s->drv_flags2 &
5182 (WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA |
5183 WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA))
5184 wpa_drv_flush_pmkid(wpa_s);
5185
5186 if (wpa_s->sched_scanning)
5187 wpa_supplicant_cancel_sched_scan(wpa_s);
5188
5189 eapol_sm_invalidate_cached_session(wpa_s->eapol);
5190 if (wpa_s->current_ssid) {
5191 #ifdef CONFIG_SME
5192 wpa_s->sme.prev_bssid_set = 0;
5193 #endif /* CONFIG_SME */
5194 wpa_sm_set_config(wpa_s->wpa, NULL);
5195 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
5196 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5197 wpa_s->own_disconnect_req = 1;
5198 wpa_supplicant_deauthenticate(
5199 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5200 }
5201 ssid = wpa_s->conf->ssid;
5202 while (ssid) {
5203 struct wpa_ssid *remove_ssid = ssid;
5204 int id;
5205
5206 id = ssid->id;
5207 ssid = ssid->next;
5208 wpas_notify_network_removed(wpa_s, remove_ssid);
5209 wpa_config_remove_network(wpa_s->conf, id);
5210 }
5211 return 0;
5212 }
5213
5214
5215 /**
5216 * wpa_supplicant_enable_network - Mark a configured network as enabled
5217 * @wpa_s: wpa_supplicant structure for a network interface
5218 * @ssid: wpa_ssid structure for a configured network or %NULL
5219 *
5220 * Enables the specified network or all networks if no network specified.
5221 */
5222 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
5223 struct wpa_ssid *ssid)
5224 {
5225 if (ssid == NULL) {
5226 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5227 wpa_supplicant_enable_one_network(wpa_s, ssid);
5228 } else
5229 wpa_supplicant_enable_one_network(wpa_s, ssid);
5230
5231 if (wpa_s->reassociate && !wpa_s->disconnected &&
5232 (!wpa_s->current_ssid ||
5233 wpa_s->wpa_state == WPA_DISCONNECTED ||
5234 wpa_s->wpa_state == WPA_SCANNING)) {
5235 if (wpa_s->sched_scanning) {
5236 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
5237 "new network to scan filters");
5238 wpa_supplicant_cancel_sched_scan(wpa_s);
5239 }
5240
5241 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
5242 wpa_s->scan_req = NORMAL_SCAN_REQ;
5243 wpa_supplicant_req_scan(wpa_s, 0, 0);
5244 }
5245 }
5246 }
5247
5248
5249 /**
5250 * wpa_supplicant_disable_network - Mark a configured network as disabled
5251 * @wpa_s: wpa_supplicant structure for a network interface
5252 * @ssid: wpa_ssid structure for a configured network or %NULL
5253 *
5254 * Disables the specified network or all networks if no network specified.
5255 */
5256 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
5257 struct wpa_ssid *ssid)
5258 {
5259 struct wpa_ssid *other_ssid;
5260 int was_disabled;
5261
5262 if (ssid == NULL) {
5263 if (wpa_s->sched_scanning)
5264 wpa_supplicant_cancel_sched_scan(wpa_s);
5265
5266 for (other_ssid = wpa_s->conf->ssid; other_ssid;
5267 other_ssid = other_ssid->next) {
5268 was_disabled = other_ssid->disabled;
5269 if (was_disabled == 2)
5270 continue; /* do not change persistent P2P group
5271 * data */
5272
5273 other_ssid->disabled = 1;
5274
5275 if (was_disabled != other_ssid->disabled)
5276 wpas_notify_network_enabled_changed(
5277 wpa_s, other_ssid);
5278 }
5279 if (wpa_s->current_ssid) {
5280 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5281 wpa_s->own_disconnect_req = 1;
5282 wpa_supplicant_deauthenticate(
5283 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5284 }
5285 } else if (ssid->disabled != 2) {
5286 if (ssid == wpa_s->current_ssid) {
5287 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5288 wpa_s->own_disconnect_req = 1;
5289 wpa_supplicant_deauthenticate(
5290 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5291 }
5292
5293 was_disabled = ssid->disabled;
5294
5295 ssid->disabled = 1;
5296
5297 if (was_disabled != ssid->disabled) {
5298 wpas_notify_network_enabled_changed(wpa_s, ssid);
5299 if (wpa_s->sched_scanning) {
5300 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
5301 "to remove network from filters");
5302 wpa_supplicant_cancel_sched_scan(wpa_s);
5303 wpa_supplicant_req_scan(wpa_s, 0, 0);
5304 }
5305 }
5306 }
5307 }
5308
5309
5310 static bool ssid_in_last_scan(struct wpa_supplicant *wpa_s,
5311 struct wpa_ssid *ssid)
5312 {
5313 size_t i;
5314
5315 /* Check if the previous scan included the selected network */
5316 if (wpa_s->last_scan_num_ssids <= 1 ||
5317 !ssid->ssid || ssid->ssid_len == 0)
5318 return false;
5319
5320 /* Iterate through the previous scan SSIDs */
5321 for (i = 0; i < wpa_s->last_scan_num_ssids; i++) {
5322 if (os_memcmp(wpa_s->last_scan_ssids[i].ssid, ssid->ssid,
5323 ssid->ssid_len) == 0)
5324 return true;
5325 }
5326
5327 return false;
5328 }
5329
5330
5331 /**
5332 * Checks whether an SSID was discovered in the last scan.
5333 * @wpa_s: wpa_supplicant structure for a network interface.
5334 * @ssid: wpa_ssid structure for a configured network.
5335 * Returns: true if ssid found, false otherwise.
5336 */
5337 static bool ssid_in_last_scan_res(struct wpa_supplicant *wpa_s,
5338 struct wpa_ssid *ssid)
5339 {
5340 size_t i;
5341
5342 if (!wpa_s->last_scan_res || !ssid->ssid || ssid->ssid_len == 0)
5343 return false;
5344
5345 for (i = 0; i < wpa_s->last_scan_res_used; i++) {
5346 if (os_memcmp(wpa_s->last_scan_res[i]->ssid,
5347 ssid->ssid, ssid->ssid_len) == 0)
5348 return true;
5349 }
5350
5351 return false;
5352 }
5353
5354
5355 /**
5356 * wpa_supplicant_select_network - Attempt association with a network
5357 * @wpa_s: wpa_supplicant structure for a network interface
5358 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
5359 */
5360 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
5361 struct wpa_ssid *ssid)
5362 {
5363
5364 struct wpa_ssid *other_ssid;
5365 int disconnected = 0;
5366 bool request_new_scan = false;
5367
5368 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
5369 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5370 wpa_s->own_disconnect_req = 1;
5371 wpa_supplicant_deauthenticate(
5372 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5373 disconnected = 1;
5374 }
5375
5376 if (ssid)
5377 wpas_clear_temp_disabled(wpa_s, ssid, 1);
5378
5379 /*
5380 * Mark all other networks disabled or mark all networks enabled if no
5381 * network specified.
5382 */
5383 for (other_ssid = wpa_s->conf->ssid; other_ssid;
5384 other_ssid = other_ssid->next) {
5385 int was_disabled = other_ssid->disabled;
5386 if (was_disabled == 2)
5387 continue; /* do not change persistent P2P group data */
5388
5389 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
5390 if (was_disabled && !other_ssid->disabled)
5391 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
5392
5393 if (was_disabled != other_ssid->disabled)
5394 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
5395 }
5396
5397 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
5398 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
5399 /* We are already associated with the selected network */
5400 wpa_printf(MSG_DEBUG, "Already associated with the "
5401 "selected network - do nothing");
5402 return;
5403 }
5404
5405 if (ssid) {
5406 wpa_s->current_ssid = ssid;
5407 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
5408 wpa_s->connect_without_scan =
5409 (ssid->mode == WPAS_MODE_MESH ||
5410 ssid->mode == WPAS_MODE_AP) ? ssid : NULL;
5411
5412 if (ssid->scan_ssid) {
5413 if (ssid_in_last_scan(wpa_s, ssid)) {
5414 wpa_printf(MSG_DEBUG,
5415 "Hidden network was scanned for in last scan");
5416 } else if (ssid_in_last_scan_res(wpa_s, ssid)) {
5417 wpa_printf(MSG_DEBUG,
5418 "Hidden network was found in last scan results");
5419 } else {
5420 request_new_scan = true;
5421 wpa_printf(MSG_DEBUG,
5422 "Request a new scan for hidden network");
5423 }
5424 }
5425
5426 if (!request_new_scan && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
5427 !ssid->owe_only) {
5428 wpa_printf(MSG_DEBUG,
5429 "Request a new scan for OWE transition SSID");
5430 request_new_scan = true;
5431 }
5432
5433 /*
5434 * Don't optimize next scan freqs since a new ESS has been
5435 * selected.
5436 */
5437 os_free(wpa_s->next_scan_freqs);
5438 wpa_s->next_scan_freqs = NULL;
5439 } else {
5440 wpa_s->connect_without_scan = NULL;
5441 }
5442
5443 wpa_s->disconnected = 0;
5444 wpa_s->reassociate = 1;
5445 wpa_s_clear_sae_rejected(wpa_s);
5446 wpa_s->last_owe_group = 0;
5447 if (ssid) {
5448 ssid->owe_transition_bss_select_count = 0;
5449 wpa_s_setup_sae_pt(wpa_s, ssid, false);
5450 }
5451
5452 if (wpa_s->connect_without_scan || request_new_scan ||
5453 wpa_supplicant_fast_associate(wpa_s) != 1) {
5454 wpa_s->scan_req = NORMAL_SCAN_REQ;
5455 wpas_scan_reset_sched_scan(wpa_s);
5456 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
5457 }
5458
5459 if (ssid)
5460 wpas_notify_network_selected(wpa_s, ssid);
5461 }
5462
5463
5464 /**
5465 * wpas_remove_cred - Remove the specified credential and all the network
5466 * entries created based on the removed credential
5467 * @wpa_s: wpa_supplicant structure for a network interface
5468 * @cred: The credential to remove
5469 * Returns: 0 on success, -1 on failure
5470 */
5471 int wpas_remove_cred(struct wpa_supplicant *wpa_s, struct wpa_cred *cred)
5472 {
5473 struct wpa_ssid *ssid, *next;
5474 int id;
5475
5476 if (!cred) {
5477 wpa_printf(MSG_DEBUG, "Could not find cred");
5478 return -1;
5479 }
5480
5481 id = cred->id;
5482 if (wpa_config_remove_cred(wpa_s->conf, id) < 0) {
5483 wpa_printf(MSG_DEBUG, "Could not find cred %d", id);
5484 return -1;
5485 }
5486
5487 wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id);
5488
5489 /* Remove any network entry created based on the removed credential */
5490 ssid = wpa_s->conf->ssid;
5491 while (ssid) {
5492 next = ssid->next;
5493
5494 if (ssid->parent_cred == cred) {
5495 wpa_printf(MSG_DEBUG,
5496 "Remove network id %d since it used the removed credential",
5497 ssid->id);
5498 if (wpa_supplicant_remove_network(wpa_s, ssid->id) ==
5499 -1) {
5500 wpa_printf(MSG_DEBUG,
5501 "Could not find network id=%d",
5502 ssid->id);
5503 }
5504 }
5505
5506 ssid = next;
5507 }
5508
5509 return 0;
5510 }
5511
5512
5513 /**
5514 * wpas_remove_cred - Remove all the Interworking credentials
5515 * @wpa_s: wpa_supplicant structure for a network interface
5516 * Returns: 0 on success, -1 on failure
5517 */
5518 int wpas_remove_all_creds(struct wpa_supplicant *wpa_s)
5519 {
5520 int res, ret = 0;
5521 struct wpa_cred *cred, *prev;
5522
5523 cred = wpa_s->conf->cred;
5524 while (cred) {
5525 prev = cred;
5526 cred = cred->next;
5527 res = wpas_remove_cred(wpa_s, prev);
5528 if (res < 0) {
5529 wpa_printf(MSG_DEBUG,
5530 "Removal of all credentials failed - failed to remove credential id=%d",
5531 prev->id);
5532 ret = -1;
5533 }
5534 }
5535
5536 return ret;
5537 }
5538
5539
5540 /**
5541 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
5542 * @wpa_s: wpa_supplicant structure for a network interface
5543 * @pkcs11_engine_path: PKCS #11 engine path or NULL
5544 * @pkcs11_module_path: PKCS #11 module path or NULL
5545 * Returns: 0 on success; -1 on failure
5546 *
5547 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
5548 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
5549 * module path fails the paths will be reset to the default value (NULL).
5550 */
5551 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
5552 const char *pkcs11_engine_path,
5553 const char *pkcs11_module_path)
5554 {
5555 char *pkcs11_engine_path_copy = NULL;
5556 char *pkcs11_module_path_copy = NULL;
5557
5558 if (pkcs11_engine_path != NULL) {
5559 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
5560 if (pkcs11_engine_path_copy == NULL)
5561 return -1;
5562 }
5563 if (pkcs11_module_path != NULL) {
5564 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
5565 if (pkcs11_module_path_copy == NULL) {
5566 os_free(pkcs11_engine_path_copy);
5567 return -1;
5568 }
5569 }
5570
5571 #ifndef CONFIG_PKCS11_ENGINE_PATH
5572 os_free(wpa_s->conf->pkcs11_engine_path);
5573 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
5574 #endif /* CONFIG_PKCS11_ENGINE_PATH */
5575 #ifndef CONFIG_PKCS11_MODULE_PATH
5576 os_free(wpa_s->conf->pkcs11_module_path);
5577 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
5578 #endif /* CONFIG_PKCS11_MODULE_PATH */
5579
5580 wpa_sm_set_eapol(wpa_s->wpa, NULL);
5581 eapol_sm_deinit(wpa_s->eapol);
5582 wpa_s->eapol = NULL;
5583 if (wpa_supplicant_init_eapol(wpa_s)) {
5584 /* Error -> Reset paths to the default value (NULL) once. */
5585 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
5586 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
5587 NULL);
5588
5589 return -1;
5590 }
5591 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5592
5593 return 0;
5594 }
5595
5596
5597 /**
5598 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
5599 * @wpa_s: wpa_supplicant structure for a network interface
5600 * @ap_scan: AP scan mode
5601 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
5602 *
5603 */
5604 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
5605 {
5606
5607 int old_ap_scan;
5608
5609 if (ap_scan < 0 || ap_scan > 2)
5610 return -1;
5611
5612 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5613 wpa_printf(MSG_INFO,
5614 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5615 }
5616
5617 #ifdef ANDROID
5618 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
5619 wpa_s->wpa_state >= WPA_ASSOCIATING &&
5620 wpa_s->wpa_state < WPA_COMPLETED) {
5621 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
5622 "associating", wpa_s->conf->ap_scan, ap_scan);
5623 return 0;
5624 }
5625 #endif /* ANDROID */
5626
5627 old_ap_scan = wpa_s->conf->ap_scan;
5628 wpa_s->conf->ap_scan = ap_scan;
5629
5630 if (old_ap_scan != wpa_s->conf->ap_scan)
5631 wpas_notify_ap_scan_changed(wpa_s);
5632
5633 return 0;
5634 }
5635
5636
5637 /**
5638 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
5639 * @wpa_s: wpa_supplicant structure for a network interface
5640 * @expire_age: Expiration age in seconds
5641 * Returns: 0 if succeed or -1 if expire_age has an invalid value
5642 *
5643 */
5644 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
5645 unsigned int bss_expire_age)
5646 {
5647 if (bss_expire_age < 10) {
5648 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
5649 bss_expire_age);
5650 return -1;
5651 }
5652 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
5653 bss_expire_age);
5654 wpa_s->conf->bss_expiration_age = bss_expire_age;
5655
5656 return 0;
5657 }
5658
5659
5660 /**
5661 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
5662 * @wpa_s: wpa_supplicant structure for a network interface
5663 * @expire_count: number of scans after which an unseen BSS is reclaimed
5664 * Returns: 0 if succeed or -1 if expire_count has an invalid value
5665 *
5666 */
5667 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
5668 unsigned int bss_expire_count)
5669 {
5670 if (bss_expire_count < 1) {
5671 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
5672 bss_expire_count);
5673 return -1;
5674 }
5675 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
5676 bss_expire_count);
5677 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
5678
5679 return 0;
5680 }
5681
5682
5683 /**
5684 * wpa_supplicant_set_scan_interval - Set scan interval
5685 * @wpa_s: wpa_supplicant structure for a network interface
5686 * @scan_interval: scan interval in seconds
5687 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
5688 *
5689 */
5690 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
5691 int scan_interval)
5692 {
5693 if (scan_interval < 0) {
5694 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
5695 scan_interval);
5696 return -1;
5697 }
5698 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
5699 scan_interval);
5700 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
5701
5702 return 0;
5703 }
5704
5705
5706 /**
5707 * wpa_supplicant_set_debug_params - Set global debug params
5708 * @global: wpa_global structure
5709 * @debug_level: debug level
5710 * @debug_timestamp: determines if show timestamp in debug data
5711 * @debug_show_keys: determines if show keys in debug data
5712 * Returns: 0 if succeed or -1 if debug_level has wrong value
5713 */
5714 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
5715 int debug_timestamp, int debug_show_keys)
5716 {
5717
5718 int old_level, old_timestamp, old_show_keys;
5719
5720 /* check for allowed debuglevels */
5721 if (debug_level != MSG_EXCESSIVE &&
5722 debug_level != MSG_MSGDUMP &&
5723 debug_level != MSG_DEBUG &&
5724 debug_level != MSG_INFO &&
5725 debug_level != MSG_WARNING &&
5726 debug_level != MSG_ERROR)
5727 return -1;
5728
5729 old_level = wpa_debug_level;
5730 old_timestamp = wpa_debug_timestamp;
5731 old_show_keys = wpa_debug_show_keys;
5732
5733 wpa_debug_level = debug_level;
5734 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
5735 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
5736
5737 if (wpa_debug_level != old_level)
5738 wpas_notify_debug_level_changed(global);
5739 if (wpa_debug_timestamp != old_timestamp)
5740 wpas_notify_debug_timestamp_changed(global);
5741 if (wpa_debug_show_keys != old_show_keys)
5742 wpas_notify_debug_show_keys_changed(global);
5743
5744 return 0;
5745 }
5746
5747
5748 #ifdef CONFIG_OWE
5749 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
5750 const u8 *entry_ssid, size_t entry_ssid_len)
5751 {
5752 const u8 *owe, *owe_bssid, *owe_ssid;
5753 size_t owe_ssid_len;
5754 struct wpa_bss *bss;
5755
5756 /* Check network profile SSID aganst the SSID in the
5757 * OWE Transition Mode element. */
5758
5759 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
5760 if (!bss)
5761 return 0;
5762
5763 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
5764 if (!owe)
5765 return 0;
5766
5767 if (wpas_get_owe_trans_network(owe, &owe_bssid, &owe_ssid,
5768 &owe_ssid_len))
5769 return 0;
5770
5771 return entry_ssid_len == owe_ssid_len &&
5772 os_memcmp(owe_ssid, entry_ssid, owe_ssid_len) == 0;
5773 }
5774 #endif /* CONFIG_OWE */
5775
5776
5777 /**
5778 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
5779 * @wpa_s: Pointer to wpa_supplicant data
5780 * Returns: A pointer to the current network structure or %NULL on failure
5781 */
5782 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
5783 {
5784 struct wpa_ssid *entry;
5785 u8 ssid[SSID_MAX_LEN];
5786 int res;
5787 size_t ssid_len;
5788 u8 bssid[ETH_ALEN];
5789 int wired;
5790
5791 res = wpa_drv_get_ssid(wpa_s, ssid);
5792 if (res < 0) {
5793 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
5794 "driver");
5795 return NULL;
5796 }
5797 ssid_len = res;
5798
5799 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
5800 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
5801 "driver");
5802 return NULL;
5803 }
5804
5805 wired = wpa_s->conf->ap_scan == 0 &&
5806 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
5807
5808 entry = wpa_s->conf->ssid;
5809 while (entry) {
5810 if (!wpas_network_disabled(wpa_s, entry) &&
5811 ((ssid_len == entry->ssid_len &&
5812 (!entry->ssid ||
5813 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
5814 wired) &&
5815 (!entry->bssid_set ||
5816 ether_addr_equal(bssid, entry->bssid)))
5817 return entry;
5818 #ifdef CONFIG_WPS
5819 if (!wpas_network_disabled(wpa_s, entry) &&
5820 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
5821 (entry->ssid == NULL || entry->ssid_len == 0) &&
5822 (!entry->bssid_set ||
5823 ether_addr_equal(bssid, entry->bssid)))
5824 return entry;
5825 #endif /* CONFIG_WPS */
5826
5827 #ifdef CONFIG_OWE
5828 if (!wpas_network_disabled(wpa_s, entry) &&
5829 (entry->ssid &&
5830 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
5831 entry->ssid_len)) &&
5832 (!entry->bssid_set ||
5833 ether_addr_equal(bssid, entry->bssid)))
5834 return entry;
5835 #endif /* CONFIG_OWE */
5836
5837 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
5838 entry->ssid_len == 0 &&
5839 ether_addr_equal(bssid, entry->bssid))
5840 return entry;
5841
5842 entry = entry->next;
5843 }
5844
5845 return NULL;
5846 }
5847
5848
5849 static int select_driver(struct wpa_supplicant *wpa_s, int i)
5850 {
5851 struct wpa_global *global = wpa_s->global;
5852
5853 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
5854 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
5855 if (global->drv_priv[i] == NULL) {
5856 wpa_printf(MSG_ERROR, "Failed to initialize driver "
5857 "'%s'", wpa_drivers[i]->name);
5858 return -1;
5859 }
5860 }
5861
5862 wpa_s->driver = wpa_drivers[i];
5863 wpa_s->global_drv_priv = global->drv_priv[i];
5864
5865 return 0;
5866 }
5867
5868
5869 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
5870 const char *name)
5871 {
5872 int i;
5873 size_t len;
5874 const char *pos, *driver = name;
5875
5876 if (wpa_s == NULL)
5877 return -1;
5878
5879 if (wpa_drivers[0] == NULL) {
5880 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
5881 "wpa_supplicant");
5882 return -1;
5883 }
5884
5885 if (name == NULL) {
5886 /* Default to first successful driver in the list */
5887 for (i = 0; wpa_drivers[i]; i++) {
5888 if (select_driver(wpa_s, i) == 0)
5889 return 0;
5890 }
5891 /* Drivers have each reported failure, so no wpa_msg() here. */
5892 return -1;
5893 }
5894
5895 do {
5896 pos = os_strchr(driver, ',');
5897 if (pos)
5898 len = pos - driver;
5899 else
5900 len = os_strlen(driver);
5901
5902 for (i = 0; wpa_drivers[i]; i++) {
5903 if (os_strlen(wpa_drivers[i]->name) == len &&
5904 os_strncmp(driver, wpa_drivers[i]->name, len) ==
5905 0) {
5906 /* First driver that succeeds wins */
5907 if (select_driver(wpa_s, i) == 0)
5908 return 0;
5909 }
5910 }
5911
5912 driver = pos + 1;
5913 } while (pos);
5914
5915 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
5916 return -1;
5917 }
5918
5919
5920 /**
5921 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
5922 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
5923 * with struct wpa_driver_ops::init()
5924 * @src_addr: Source address of the EAPOL frame
5925 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
5926 * @len: Length of the EAPOL data
5927 * @encrypted: Whether the frame was encrypted
5928 *
5929 * This function is called for each received EAPOL frame. Most driver
5930 * interfaces rely on more generic OS mechanism for receiving frames through
5931 * l2_packet, but if such a mechanism is not available, the driver wrapper may
5932 * take care of received EAPOL frames and deliver them to the core supplicant
5933 * code by calling this function.
5934 */
5935 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
5936 const u8 *buf, size_t len,
5937 enum frame_encryption encrypted)
5938 {
5939 struct wpa_supplicant *wpa_s = ctx;
5940 const u8 *connected_addr = wpa_s->valid_links ?
5941 wpa_s->ap_mld_addr : wpa_s->bssid;
5942
5943 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " (encrypted=%d)",
5944 MAC2STR(src_addr), encrypted);
5945 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
5946
5947 if (wpa_s->own_disconnect_req) {
5948 wpa_printf(MSG_DEBUG,
5949 "Drop received EAPOL frame as we are disconnecting");
5950 return;
5951 }
5952
5953 #ifdef CONFIG_TESTING_OPTIONS
5954 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu",
5955 MAC2STR(src_addr), len);
5956 if (wpa_s->ignore_auth_resp) {
5957 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
5958 return;
5959 }
5960 #endif /* CONFIG_TESTING_OPTIONS */
5961
5962 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
5963 (wpa_s->last_eapol_matches_bssid &&
5964 #ifdef CONFIG_AP
5965 !wpa_s->ap_iface &&
5966 #endif /* CONFIG_AP */
5967 !ether_addr_equal(src_addr, connected_addr))) {
5968 /*
5969 * There is possible race condition between receiving the
5970 * association event and the EAPOL frame since they are coming
5971 * through different paths from the driver. In order to avoid
5972 * issues in trying to process the EAPOL frame before receiving
5973 * association information, lets queue it for processing until
5974 * the association event is received. This may also be needed in
5975 * driver-based roaming case, so also use src_addr != BSSID as a
5976 * trigger if we have previously confirmed that the
5977 * Authenticator uses BSSID as the src_addr (which is not the
5978 * case with wired IEEE 802.1X).
5979 */
5980 wpa_dbg(wpa_s, MSG_DEBUG,
5981 "Not associated - Delay processing of received EAPOL frame (state=%s connected_addr="
5982 MACSTR ")",
5983 wpa_supplicant_state_txt(wpa_s->wpa_state),
5984 MAC2STR(connected_addr));
5985 delay_processing:
5986 wpabuf_free(wpa_s->pending_eapol_rx);
5987 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
5988 if (wpa_s->pending_eapol_rx) {
5989 os_get_reltime(&wpa_s->pending_eapol_rx_time);
5990 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
5991 ETH_ALEN);
5992 wpa_s->pending_eapol_encrypted = encrypted;
5993 }
5994 return;
5995 }
5996
5997 wpa_s->last_eapol_matches_bssid =
5998 ether_addr_equal(src_addr, connected_addr);
5999
6000 #ifdef CONFIG_AP
6001 if (wpa_s->ap_iface) {
6002 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len,
6003 encrypted);
6004 return;
6005 }
6006 #endif /* CONFIG_AP */
6007
6008 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
6009 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
6010 "no key management is configured");
6011 return;
6012 }
6013
6014 if (wpa_s->eapol_received == 0 &&
6015 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
6016 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
6017 wpa_s->wpa_state != WPA_COMPLETED) &&
6018 (wpa_s->current_ssid == NULL ||
6019 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
6020 /* Timeout for completing IEEE 802.1X and WPA authentication */
6021 int timeout = 10;
6022
6023 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
6024 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
6025 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
6026 /* Use longer timeout for IEEE 802.1X/EAP */
6027 timeout = 70;
6028 }
6029
6030 #ifdef CONFIG_WPS
6031 if (wpa_s->current_ssid && wpa_s->current_bss &&
6032 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
6033 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
6034 /*
6035 * Use shorter timeout if going through WPS AP iteration
6036 * for PIN config method with an AP that does not
6037 * advertise Selected Registrar.
6038 */
6039 struct wpabuf *wps_ie;
6040
6041 wps_ie = wpa_bss_get_vendor_ie_multi(
6042 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
6043 if (wps_ie &&
6044 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
6045 timeout = 10;
6046 wpabuf_free(wps_ie);
6047 }
6048 #endif /* CONFIG_WPS */
6049
6050 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6051 }
6052 wpa_s->eapol_received++;
6053
6054 if (wpa_s->countermeasures) {
6055 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
6056 "EAPOL packet");
6057 return;
6058 }
6059
6060 #ifdef CONFIG_IBSS_RSN
6061 if (wpa_s->current_ssid &&
6062 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
6063 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len,
6064 encrypted);
6065 return;
6066 }
6067 #endif /* CONFIG_IBSS_RSN */
6068
6069 /* Source address of the incoming EAPOL frame could be compared to the
6070 * current BSSID. However, it is possible that a centralized
6071 * Authenticator could be using another MAC address than the BSSID of
6072 * an AP, so just allow any address to be used for now. The replies are
6073 * still sent to the current BSSID (if available), though. */
6074
6075 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
6076 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6077 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
6078 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6079 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len,
6080 encrypted) > 0)
6081 return;
6082 wpa_drv_poll(wpa_s);
6083 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) {
6084 if (wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len,
6085 encrypted) == -2 &&
6086 #ifdef CONFIG_AP
6087 !wpa_s->ap_iface &&
6088 #endif /* CONFIG_AP */
6089 wpa_s->last_eapol_matches_bssid) {
6090 /* Handle the case where reassociation occurs to the
6091 * current connected AP */
6092 wpa_dbg(wpa_s, MSG_DEBUG,
6093 "Delay processing of received EAPOL frame for reassociation to the current connected AP (state=%s connected_addr="
6094 MACSTR ")",
6095 wpa_supplicant_state_txt(wpa_s->wpa_state),
6096 MAC2STR(connected_addr));
6097 goto delay_processing;
6098 }
6099 } else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6100 /*
6101 * Set portValid = true here since we are going to skip 4-way
6102 * handshake processing which would normally set portValid. We
6103 * need this to allow the EAPOL state machines to be completed
6104 * without going through EAPOL-Key handshake.
6105 */
6106 eapol_sm_notify_portValid(wpa_s->eapol, true);
6107 }
6108 }
6109
6110
6111 static void wpa_supplicant_rx_eapol_cb(void *ctx, const u8 *src_addr,
6112 const u8 *buf, size_t len)
6113 {
6114 wpa_supplicant_rx_eapol(ctx, src_addr, buf, len,
6115 FRAME_ENCRYPTION_UNKNOWN);
6116 }
6117
6118
6119 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s)
6120 {
6121 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) ||
6122 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX);
6123 }
6124
6125
6126 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6127 {
6128 u8 prev_mac_addr[ETH_ALEN];
6129
6130 os_memcpy(prev_mac_addr, wpa_s->own_addr, ETH_ALEN);
6131
6132 if ((!wpa_s->p2p_mgmt ||
6133 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
6134 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
6135 l2_packet_deinit(wpa_s->l2);
6136 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
6137 wpa_drv_get_mac_addr(wpa_s),
6138 ETH_P_EAPOL,
6139 wpas_eapol_needs_l2_packet(wpa_s) ?
6140 wpa_supplicant_rx_eapol_cb : NULL,
6141 wpa_s, 0);
6142 if (wpa_s->l2 == NULL)
6143 return -1;
6144
6145 if (l2_packet_set_packet_filter(wpa_s->l2,
6146 L2_PACKET_FILTER_PKTTYPE))
6147 wpa_dbg(wpa_s, MSG_DEBUG,
6148 "Failed to attach pkt_type filter");
6149
6150 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
6151 wpa_msg(wpa_s, MSG_ERROR,
6152 "Failed to get own L2 address");
6153 return -1;
6154 }
6155 } else {
6156 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
6157 if (addr)
6158 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6159 }
6160
6161 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
6162 wpas_wps_update_mac_addr(wpa_s);
6163
6164 #ifdef CONFIG_FST
6165 if (wpa_s->fst)
6166 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
6167 #endif /* CONFIG_FST */
6168
6169 if (!ether_addr_equal(prev_mac_addr, wpa_s->own_addr))
6170 wpas_notify_mac_address_changed(wpa_s);
6171
6172 return 0;
6173 }
6174
6175
6176 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
6177 const u8 *buf, size_t len)
6178 {
6179 struct wpa_supplicant *wpa_s = ctx;
6180 const struct l2_ethhdr *eth;
6181
6182 if (len < sizeof(*eth))
6183 return;
6184 eth = (const struct l2_ethhdr *) buf;
6185
6186 if (!ether_addr_equal(eth->h_dest, wpa_s->own_addr) &&
6187 !(eth->h_dest[0] & 0x01)) {
6188 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
6189 " (bridge - not for this interface - ignore)",
6190 MAC2STR(src_addr), MAC2STR(eth->h_dest));
6191 return;
6192 }
6193
6194 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
6195 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
6196 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
6197 len - sizeof(*eth), FRAME_ENCRYPTION_UNKNOWN);
6198 }
6199
6200
6201 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
6202 const char *bridge_ifname)
6203 {
6204 if (wpa_s->wpa_state > WPA_SCANNING)
6205 return -EBUSY;
6206
6207 if (bridge_ifname &&
6208 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
6209 return -EINVAL;
6210
6211 if (!bridge_ifname)
6212 bridge_ifname = "";
6213
6214 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
6215 return 0;
6216
6217 if (wpa_s->l2_br) {
6218 l2_packet_deinit(wpa_s->l2_br);
6219 wpa_s->l2_br = NULL;
6220 }
6221
6222 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
6223 sizeof(wpa_s->bridge_ifname));
6224
6225 if (wpa_s->bridge_ifname[0]) {
6226 wpa_dbg(wpa_s, MSG_DEBUG,
6227 "Receiving packets from bridge interface '%s'",
6228 wpa_s->bridge_ifname);
6229 wpa_s->l2_br = l2_packet_init_bridge(
6230 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
6231 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6232 if (!wpa_s->l2_br) {
6233 wpa_msg(wpa_s, MSG_ERROR,
6234 "Failed to open l2_packet connection for the bridge interface '%s'",
6235 wpa_s->bridge_ifname);
6236 goto fail;
6237 }
6238 }
6239
6240 #ifdef CONFIG_TDLS
6241 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
6242 goto fail;
6243 #endif /* CONFIG_TDLS */
6244
6245 return 0;
6246 fail:
6247 wpa_s->bridge_ifname[0] = 0;
6248 if (wpa_s->l2_br) {
6249 l2_packet_deinit(wpa_s->l2_br);
6250 wpa_s->l2_br = NULL;
6251 }
6252 #ifdef CONFIG_TDLS
6253 if (!wpa_s->p2p_mgmt)
6254 wpa_tdls_init(wpa_s->wpa);
6255 #endif /* CONFIG_TDLS */
6256 return -EIO;
6257 }
6258
6259
6260 /**
6261 * wpa_supplicant_driver_init - Initialize driver interface parameters
6262 * @wpa_s: Pointer to wpa_supplicant data
6263 * Returns: 0 on success, -1 on failure
6264 *
6265 * This function is called to initialize driver interface parameters.
6266 * wpa_drv_init() must have been called before this function to initialize the
6267 * driver interface.
6268 */
6269 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
6270 {
6271 static int interface_count = 0;
6272
6273 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
6274 return -1;
6275
6276 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
6277 MAC2STR(wpa_s->own_addr));
6278 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
6279 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
6280
6281 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) {
6282 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
6283 "interface '%s'", wpa_s->bridge_ifname);
6284 wpa_s->l2_br = l2_packet_init_bridge(
6285 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
6286 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6287 if (wpa_s->l2_br == NULL) {
6288 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
6289 "connection for the bridge interface '%s'",
6290 wpa_s->bridge_ifname);
6291 return -1;
6292 }
6293 }
6294
6295 if (wpa_s->conf->ap_scan == 2 &&
6296 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
6297 wpa_printf(MSG_INFO,
6298 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
6299 }
6300
6301 wpa_clear_keys(wpa_s, NULL);
6302
6303 /* Make sure that TKIP countermeasures are not left enabled (could
6304 * happen if wpa_supplicant is killed during countermeasures. */
6305 wpa_drv_set_countermeasures(wpa_s, 0);
6306
6307 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6308 wpa_drv_flush_pmkid(wpa_s);
6309
6310 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
6311 wpa_s->prev_scan_wildcard = 0;
6312
6313 if (wpa_supplicant_enabled_networks(wpa_s)) {
6314 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
6315 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6316 interface_count = 0;
6317 }
6318 #ifndef CONFIG_CTRL_IFACE_AIDL
6319 if (!wpa_s->p2p_mgmt &&
6320 wpa_supplicant_delayed_sched_scan(wpa_s,
6321 interface_count % 3,
6322 100000))
6323 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
6324 100000);
6325 #endif /* CONFIG_CTRL_IFACE_AIDL */
6326 interface_count++;
6327 } else
6328 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6329
6330 return 0;
6331 }
6332
6333
6334 static int wpa_supplicant_daemon(const char *pid_file)
6335 {
6336 wpa_printf(MSG_DEBUG, "Daemonize..");
6337 return os_daemonize(pid_file);
6338 }
6339
6340
6341 static struct wpa_supplicant *
6342 wpa_supplicant_alloc(struct wpa_supplicant *parent)
6343 {
6344 struct wpa_supplicant *wpa_s;
6345
6346 wpa_s = os_zalloc(sizeof(*wpa_s));
6347 if (wpa_s == NULL)
6348 return NULL;
6349 wpa_s->scan_req = INITIAL_SCAN_REQ;
6350 wpa_s->scan_interval = 5;
6351 wpa_s->new_connection = 1;
6352 wpa_s->parent = parent ? parent : wpa_s;
6353 wpa_s->p2pdev = wpa_s->parent;
6354 #ifdef CONFIG_P2P
6355 if (parent)
6356 wpa_s->p2p_mode = parent->p2p_mode;
6357 #endif /* CONFIG_P2P */
6358 wpa_s->sched_scanning = 0;
6359 wpa_s->setband_mask = WPA_SETBAND_AUTO;
6360
6361 dl_list_init(&wpa_s->bss_tmp_disallowed);
6362 dl_list_init(&wpa_s->fils_hlp_req);
6363 #ifdef CONFIG_TESTING_OPTIONS
6364 dl_list_init(&wpa_s->drv_signal_override);
6365 wpa_s->test_assoc_comeback_type = -1;
6366 #endif /* CONFIG_TESTING_OPTIONS */
6367 #ifndef CONFIG_NO_ROBUST_AV
6368 dl_list_init(&wpa_s->active_scs_ids);
6369 #endif /* CONFIG_NO_ROBUST_AV */
6370 wpa_s->ml_probe_mld_id = -1;
6371
6372 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6373 #ifdef CONFIG_MESH
6374 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6375 #endif /* CONFIG_MESH */
6376 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6377
6378 return wpa_s;
6379 }
6380
6381
6382 #ifdef CONFIG_HT_OVERRIDES
6383
6384 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
6385 struct ieee80211_ht_capabilities *htcaps,
6386 struct ieee80211_ht_capabilities *htcaps_mask,
6387 const char *ht_mcs)
6388 {
6389 /* parse ht_mcs into hex array */
6390 int i;
6391 const char *tmp = ht_mcs;
6392 char *end = NULL;
6393
6394 /* If ht_mcs is null, do not set anything */
6395 if (!ht_mcs)
6396 return 0;
6397
6398 /* This is what we are setting in the kernel */
6399 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
6400
6401 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
6402
6403 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
6404 long v;
6405
6406 errno = 0;
6407 v = strtol(tmp, &end, 16);
6408
6409 if (errno == 0) {
6410 wpa_msg(wpa_s, MSG_DEBUG,
6411 "htcap value[%i]: %ld end: %p tmp: %p",
6412 i, v, end, tmp);
6413 if (end == tmp)
6414 break;
6415
6416 htcaps->supported_mcs_set[i] = v;
6417 tmp = end;
6418 } else {
6419 wpa_msg(wpa_s, MSG_ERROR,
6420 "Failed to parse ht-mcs: %s, error: %s\n",
6421 ht_mcs, strerror(errno));
6422 return -1;
6423 }
6424 }
6425
6426 /*
6427 * If we were able to parse any values, then set mask for the MCS set.
6428 */
6429 if (i) {
6430 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
6431 IEEE80211_HT_MCS_MASK_LEN - 1);
6432 /* skip the 3 reserved bits */
6433 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
6434 0x1f;
6435 }
6436
6437 return 0;
6438 }
6439
6440
6441 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
6442 struct ieee80211_ht_capabilities *htcaps,
6443 struct ieee80211_ht_capabilities *htcaps_mask,
6444 int disabled)
6445 {
6446 le16 msk;
6447
6448 if (disabled == -1)
6449 return 0;
6450
6451 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
6452
6453 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
6454 htcaps_mask->ht_capabilities_info |= msk;
6455 if (disabled)
6456 htcaps->ht_capabilities_info &= msk;
6457 else
6458 htcaps->ht_capabilities_info |= msk;
6459
6460 return 0;
6461 }
6462
6463
6464 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
6465 struct ieee80211_ht_capabilities *htcaps,
6466 struct ieee80211_ht_capabilities *htcaps_mask,
6467 int factor)
6468 {
6469 if (factor == -1)
6470 return 0;
6471
6472 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
6473
6474 if (factor < 0 || factor > 3) {
6475 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
6476 "Must be 0-3 or -1", factor);
6477 return -EINVAL;
6478 }
6479
6480 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
6481 htcaps->a_mpdu_params &= ~0x3;
6482 htcaps->a_mpdu_params |= factor & 0x3;
6483
6484 return 0;
6485 }
6486
6487
6488 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
6489 struct ieee80211_ht_capabilities *htcaps,
6490 struct ieee80211_ht_capabilities *htcaps_mask,
6491 int density)
6492 {
6493 if (density == -1)
6494 return 0;
6495
6496 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
6497
6498 if (density < 0 || density > 7) {
6499 wpa_msg(wpa_s, MSG_ERROR,
6500 "ampdu_density: %d out of range. Must be 0-7 or -1.",
6501 density);
6502 return -EINVAL;
6503 }
6504
6505 htcaps_mask->a_mpdu_params |= 0x1C;
6506 htcaps->a_mpdu_params &= ~(0x1C);
6507 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
6508
6509 return 0;
6510 }
6511
6512
6513 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
6514 struct ieee80211_ht_capabilities *htcaps,
6515 struct ieee80211_ht_capabilities *htcaps_mask,
6516 int disabled)
6517 {
6518 if (disabled)
6519 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
6520
6521 set_disable_ht40(htcaps, disabled);
6522 set_disable_ht40(htcaps_mask, 0);
6523
6524 return 0;
6525 }
6526
6527
6528 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
6529 struct ieee80211_ht_capabilities *htcaps,
6530 struct ieee80211_ht_capabilities *htcaps_mask,
6531 int disabled)
6532 {
6533 /* Masking these out disables SGI */
6534 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
6535 HT_CAP_INFO_SHORT_GI40MHZ);
6536
6537 if (disabled)
6538 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
6539
6540 if (disabled)
6541 htcaps->ht_capabilities_info &= ~msk;
6542 else
6543 htcaps->ht_capabilities_info |= msk;
6544
6545 htcaps_mask->ht_capabilities_info |= msk;
6546
6547 return 0;
6548 }
6549
6550
6551 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
6552 struct ieee80211_ht_capabilities *htcaps,
6553 struct ieee80211_ht_capabilities *htcaps_mask,
6554 int disabled)
6555 {
6556 /* Masking these out disables LDPC */
6557 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
6558
6559 if (disabled)
6560 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
6561
6562 if (disabled)
6563 htcaps->ht_capabilities_info &= ~msk;
6564 else
6565 htcaps->ht_capabilities_info |= msk;
6566
6567 htcaps_mask->ht_capabilities_info |= msk;
6568
6569 return 0;
6570 }
6571
6572
6573 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
6574 struct ieee80211_ht_capabilities *htcaps,
6575 struct ieee80211_ht_capabilities *htcaps_mask,
6576 int tx_stbc)
6577 {
6578 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
6579
6580 if (tx_stbc == -1)
6581 return 0;
6582
6583 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
6584
6585 if (tx_stbc < 0 || tx_stbc > 1) {
6586 wpa_msg(wpa_s, MSG_ERROR,
6587 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
6588 return -EINVAL;
6589 }
6590
6591 htcaps_mask->ht_capabilities_info |= msk;
6592 htcaps->ht_capabilities_info &= ~msk;
6593 htcaps->ht_capabilities_info |= host_to_le16(tx_stbc << 7) & msk;
6594
6595 return 0;
6596 }
6597
6598
6599 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
6600 struct ieee80211_ht_capabilities *htcaps,
6601 struct ieee80211_ht_capabilities *htcaps_mask,
6602 int rx_stbc)
6603 {
6604 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
6605
6606 if (rx_stbc == -1)
6607 return 0;
6608
6609 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
6610
6611 if (rx_stbc < 0 || rx_stbc > 3) {
6612 wpa_msg(wpa_s, MSG_ERROR,
6613 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
6614 return -EINVAL;
6615 }
6616
6617 htcaps_mask->ht_capabilities_info |= msk;
6618 htcaps->ht_capabilities_info &= ~msk;
6619 htcaps->ht_capabilities_info |= host_to_le16(rx_stbc << 8) & msk;
6620
6621 return 0;
6622 }
6623
6624
6625 void wpa_supplicant_apply_ht_overrides(
6626 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6627 struct wpa_driver_associate_params *params)
6628 {
6629 struct ieee80211_ht_capabilities *htcaps;
6630 struct ieee80211_ht_capabilities *htcaps_mask;
6631
6632 if (!ssid)
6633 return;
6634
6635 params->disable_ht = ssid->disable_ht;
6636 if (!params->htcaps || !params->htcaps_mask)
6637 return;
6638
6639 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
6640 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
6641 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
6642 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
6643 ssid->disable_max_amsdu);
6644 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
6645 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
6646 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
6647 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
6648 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
6649 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
6650 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
6651
6652 if (ssid->ht40_intolerant) {
6653 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
6654 htcaps->ht_capabilities_info |= bit;
6655 htcaps_mask->ht_capabilities_info |= bit;
6656 }
6657 }
6658
6659 #endif /* CONFIG_HT_OVERRIDES */
6660
6661
6662 #ifdef CONFIG_VHT_OVERRIDES
6663 void wpa_supplicant_apply_vht_overrides(
6664 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6665 struct wpa_driver_associate_params *params)
6666 {
6667 struct ieee80211_vht_capabilities *vhtcaps;
6668 struct ieee80211_vht_capabilities *vhtcaps_mask;
6669
6670 if (!ssid)
6671 return;
6672
6673 params->disable_vht = ssid->disable_vht;
6674
6675 vhtcaps = (void *) params->vhtcaps;
6676 vhtcaps_mask = (void *) params->vhtcaps_mask;
6677
6678 if (!vhtcaps || !vhtcaps_mask)
6679 return;
6680
6681 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
6682 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
6683
6684 #ifdef CONFIG_HT_OVERRIDES
6685 if (ssid->disable_sgi) {
6686 vhtcaps_mask->vht_capabilities_info |=
6687 host_to_le32(VHT_CAP_SHORT_GI_80 |
6688 VHT_CAP_SHORT_GI_160);
6689 vhtcaps->vht_capabilities_info &=
6690 host_to_le32(~(VHT_CAP_SHORT_GI_80 |
6691 VHT_CAP_SHORT_GI_160));
6692 wpa_msg(wpa_s, MSG_DEBUG,
6693 "disable-sgi override specified, vht-caps: 0x%x",
6694 le_to_host32(vhtcaps->vht_capabilities_info));
6695 }
6696
6697 /* if max ampdu is <= 3, we have to make the HT cap the same */
6698 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
6699 int max_ampdu;
6700
6701 max_ampdu = (ssid->vht_capa &
6702 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
6703 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
6704
6705 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
6706 wpa_set_ampdu_factor(wpa_s,
6707 (void *) params->htcaps,
6708 (void *) params->htcaps_mask,
6709 max_ampdu);
6710 }
6711 #endif /* CONFIG_HT_OVERRIDES */
6712
6713 #define OVERRIDE_MCS(i) \
6714 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
6715 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
6716 host_to_le16(3 << 2 * (i - 1)); \
6717 vhtcaps->vht_supported_mcs_set.tx_map |= \
6718 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
6719 2 * (i - 1)); \
6720 } \
6721 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
6722 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
6723 host_to_le16(3 << 2 * (i - 1)); \
6724 vhtcaps->vht_supported_mcs_set.rx_map |= \
6725 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
6726 2 * (i - 1)); \
6727 }
6728
6729 OVERRIDE_MCS(1);
6730 OVERRIDE_MCS(2);
6731 OVERRIDE_MCS(3);
6732 OVERRIDE_MCS(4);
6733 OVERRIDE_MCS(5);
6734 OVERRIDE_MCS(6);
6735 OVERRIDE_MCS(7);
6736 OVERRIDE_MCS(8);
6737 }
6738 #endif /* CONFIG_VHT_OVERRIDES */
6739
6740
6741 #ifdef CONFIG_HE_OVERRIDES
6742 void wpa_supplicant_apply_he_overrides(
6743 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6744 struct wpa_driver_associate_params *params)
6745 {
6746 if (!ssid)
6747 return;
6748
6749 params->disable_he = ssid->disable_he;
6750 }
6751 #endif /* CONFIG_HE_OVERRIDES */
6752
6753
6754 void wpa_supplicant_apply_eht_overrides(
6755 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6756 struct wpa_driver_associate_params *params)
6757 {
6758 if (!ssid)
6759 return;
6760
6761 params->disable_eht = ssid->disable_eht;
6762 }
6763
6764
6765 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
6766 {
6767 #ifdef PCSC_FUNCS
6768 size_t len;
6769
6770 if (!wpa_s->conf->pcsc_reader)
6771 return 0;
6772
6773 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
6774 if (!wpa_s->scard)
6775 return 1;
6776
6777 if (wpa_s->conf->pcsc_pin &&
6778 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
6779 scard_deinit(wpa_s->scard);
6780 wpa_s->scard = NULL;
6781 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
6782 return -1;
6783 }
6784
6785 len = sizeof(wpa_s->imsi) - 1;
6786 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
6787 scard_deinit(wpa_s->scard);
6788 wpa_s->scard = NULL;
6789 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
6790 return -1;
6791 }
6792 wpa_s->imsi[len] = '\0';
6793
6794 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
6795
6796 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
6797 wpa_s->imsi, wpa_s->mnc_len);
6798
6799 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
6800 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
6801 #endif /* PCSC_FUNCS */
6802
6803 return 0;
6804 }
6805
6806
6807 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
6808 {
6809 char *val, *pos;
6810
6811 ext_password_deinit(wpa_s->ext_pw);
6812 wpa_s->ext_pw = NULL;
6813 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
6814
6815 if (!wpa_s->conf->ext_password_backend)
6816 return 0;
6817
6818 val = os_strdup(wpa_s->conf->ext_password_backend);
6819 if (val == NULL)
6820 return -1;
6821 pos = os_strchr(val, ':');
6822 if (pos)
6823 *pos++ = '\0';
6824
6825 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
6826
6827 wpa_s->ext_pw = ext_password_init(val, pos);
6828 os_free(val);
6829 if (wpa_s->ext_pw == NULL) {
6830 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
6831 return -1;
6832 }
6833 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
6834
6835 return 0;
6836 }
6837
6838
6839 #ifdef CONFIG_FST
6840
6841 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
6842 {
6843 struct wpa_supplicant *wpa_s = ctx;
6844
6845 return (is_zero_ether_addr(wpa_s->bssid) ||
6846 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
6847 }
6848
6849
6850 static void wpas_fst_get_channel_info_cb(void *ctx,
6851 enum hostapd_hw_mode *hw_mode,
6852 u8 *channel)
6853 {
6854 struct wpa_supplicant *wpa_s = ctx;
6855
6856 if (wpa_s->current_bss) {
6857 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
6858 channel);
6859 } else if (wpa_s->hw.num_modes) {
6860 *hw_mode = wpa_s->hw.modes[0].mode;
6861 } else {
6862 WPA_ASSERT(0);
6863 *hw_mode = 0;
6864 }
6865 }
6866
6867
6868 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
6869 {
6870 struct wpa_supplicant *wpa_s = ctx;
6871
6872 *modes = wpa_s->hw.modes;
6873 return wpa_s->hw.num_modes;
6874 }
6875
6876
6877 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
6878 {
6879 struct wpa_supplicant *wpa_s = ctx;
6880
6881 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
6882 wpa_s->fst_ies = fst_ies;
6883 }
6884
6885
6886 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
6887 {
6888 struct wpa_supplicant *wpa_s = ctx;
6889
6890 if (!ether_addr_equal(wpa_s->bssid, da)) {
6891 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
6892 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
6893 return -1;
6894 }
6895 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
6896 wpa_s->own_addr, wpa_s->bssid,
6897 wpabuf_head(data), wpabuf_len(data),
6898 0);
6899 }
6900
6901
6902 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
6903 {
6904 struct wpa_supplicant *wpa_s = ctx;
6905
6906 WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr));
6907 return wpa_s->received_mb_ies;
6908 }
6909
6910
6911 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
6912 const u8 *buf, size_t size)
6913 {
6914 struct wpa_supplicant *wpa_s = ctx;
6915 struct mb_ies_info info;
6916
6917 WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr));
6918
6919 if (!mb_ies_info_by_ies(&info, buf, size)) {
6920 wpabuf_free(wpa_s->received_mb_ies);
6921 wpa_s->received_mb_ies = mb_ies_by_info(&info);
6922 }
6923 }
6924
6925
6926 static const u8 * wpas_fst_get_peer_first(void *ctx,
6927 struct fst_get_peer_ctx **get_ctx,
6928 bool mb_only)
6929 {
6930 struct wpa_supplicant *wpa_s = ctx;
6931
6932 *get_ctx = NULL;
6933 if (!is_zero_ether_addr(wpa_s->bssid))
6934 return (wpa_s->received_mb_ies || !mb_only) ?
6935 wpa_s->bssid : NULL;
6936 return NULL;
6937 }
6938
6939
6940 static const u8 * wpas_fst_get_peer_next(void *ctx,
6941 struct fst_get_peer_ctx **get_ctx,
6942 bool mb_only)
6943 {
6944 return NULL;
6945 }
6946
6947 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
6948 struct fst_wpa_obj *iface_obj)
6949 {
6950 os_memset(iface_obj, 0, sizeof(*iface_obj));
6951 iface_obj->ctx = wpa_s;
6952 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
6953 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
6954 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
6955 iface_obj->set_ies = wpas_fst_set_ies_cb;
6956 iface_obj->send_action = wpas_fst_send_action_cb;
6957 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
6958 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
6959 iface_obj->get_peer_first = wpas_fst_get_peer_first;
6960 iface_obj->get_peer_next = wpas_fst_get_peer_next;
6961 }
6962 #endif /* CONFIG_FST */
6963
6964 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6965 const struct wpa_driver_capa *capa)
6966 {
6967 struct wowlan_triggers *triggers;
6968 int ret = 0;
6969
6970 if (!wpa_s->conf->wowlan_triggers)
6971 return 0;
6972
6973 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
6974 if (triggers) {
6975 ret = wpa_drv_wowlan(wpa_s, triggers);
6976 os_free(triggers);
6977 }
6978 return ret;
6979 }
6980
6981
6982 enum wpa_radio_work_band wpas_freq_to_band(int freq)
6983 {
6984 if (freq < 3000)
6985 return BAND_2_4_GHZ;
6986 if (freq > 50000)
6987 return BAND_60_GHZ;
6988 return BAND_5_GHZ;
6989 }
6990
6991
6992 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
6993 {
6994 int i;
6995 unsigned int band = 0;
6996
6997 if (freqs) {
6998 /* freqs are specified for the radio work */
6999 for (i = 0; freqs[i]; i++)
7000 band |= wpas_freq_to_band(freqs[i]);
7001 } else {
7002 /*
7003 * freqs are not specified, implies all
7004 * the supported freqs by HW
7005 */
7006 for (i = 0; i < wpa_s->hw.num_modes; i++) {
7007 if (wpa_s->hw.modes[i].num_channels != 0) {
7008 if (wpa_s->hw.modes[i].mode ==
7009 HOSTAPD_MODE_IEEE80211B ||
7010 wpa_s->hw.modes[i].mode ==
7011 HOSTAPD_MODE_IEEE80211G)
7012 band |= BAND_2_4_GHZ;
7013 else if (wpa_s->hw.modes[i].mode ==
7014 HOSTAPD_MODE_IEEE80211A)
7015 band |= BAND_5_GHZ;
7016 else if (wpa_s->hw.modes[i].mode ==
7017 HOSTAPD_MODE_IEEE80211AD)
7018 band |= BAND_60_GHZ;
7019 else if (wpa_s->hw.modes[i].mode ==
7020 HOSTAPD_MODE_IEEE80211ANY)
7021 band = BAND_2_4_GHZ | BAND_5_GHZ |
7022 BAND_60_GHZ;
7023 }
7024 }
7025 }
7026
7027 return band;
7028 }
7029
7030
7031 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
7032 const char *rn)
7033 {
7034 struct wpa_supplicant *iface = wpa_s->global->ifaces;
7035 struct wpa_radio *radio;
7036
7037 while (rn && iface) {
7038 radio = iface->radio;
7039 if (radio && os_strcmp(rn, radio->name) == 0) {
7040 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
7041 wpa_s->ifname, rn);
7042 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
7043 return radio;
7044 }
7045
7046 iface = iface->next;
7047 }
7048
7049 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
7050 wpa_s->ifname, rn ? rn : "N/A");
7051 radio = os_zalloc(sizeof(*radio));
7052 if (radio == NULL)
7053 return NULL;
7054
7055 if (rn)
7056 os_strlcpy(radio->name, rn, sizeof(radio->name));
7057 dl_list_init(&radio->ifaces);
7058 dl_list_init(&radio->work);
7059 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
7060
7061 return radio;
7062 }
7063
7064
7065 static void radio_work_free(struct wpa_radio_work *work)
7066 {
7067 if (work->wpa_s->scan_work == work) {
7068 /* This should not really happen. */
7069 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
7070 work->type, work, work->started);
7071 work->wpa_s->scan_work = NULL;
7072 }
7073
7074 #ifdef CONFIG_P2P
7075 if (work->wpa_s->p2p_scan_work == work) {
7076 /* This should not really happen. */
7077 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
7078 work->type, work, work->started);
7079 work->wpa_s->p2p_scan_work = NULL;
7080 }
7081 #endif /* CONFIG_P2P */
7082
7083 if (work->started) {
7084 work->wpa_s->radio->num_active_works--;
7085 wpa_dbg(work->wpa_s, MSG_DEBUG,
7086 "radio_work_free('%s'@%p): num_active_works --> %u",
7087 work->type, work,
7088 work->wpa_s->radio->num_active_works);
7089 }
7090
7091 dl_list_del(&work->list);
7092 os_free(work);
7093 }
7094
7095
7096 static int radio_work_is_connect(struct wpa_radio_work *work)
7097 {
7098 return os_strcmp(work->type, "sme-connect") == 0 ||
7099 os_strcmp(work->type, "connect") == 0;
7100 }
7101
7102
7103 static int radio_work_is_scan(struct wpa_radio_work *work)
7104 {
7105 return os_strcmp(work->type, "scan") == 0 ||
7106 os_strcmp(work->type, "p2p-scan") == 0;
7107 }
7108
7109
7110 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
7111 {
7112 struct wpa_radio_work *active_work = NULL;
7113 struct wpa_radio_work *tmp;
7114
7115 /* Get the active work to know the type and band. */
7116 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
7117 if (tmp->started) {
7118 active_work = tmp;
7119 break;
7120 }
7121 }
7122
7123 if (!active_work) {
7124 /* No active work, start one */
7125 radio->num_active_works = 0;
7126 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
7127 list) {
7128 if (os_strcmp(tmp->type, "scan") == 0 &&
7129 external_scan_running(radio) &&
7130 (((struct wpa_driver_scan_params *)
7131 tmp->ctx)->only_new_results ||
7132 tmp->wpa_s->clear_driver_scan_cache))
7133 continue;
7134 return tmp;
7135 }
7136 return NULL;
7137 }
7138
7139 if (radio_work_is_connect(active_work)) {
7140 /*
7141 * If the active work is either connect or sme-connect,
7142 * do not parallelize them with other radio works.
7143 */
7144 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
7145 "Do not parallelize radio work with %s",
7146 active_work->type);
7147 return NULL;
7148 }
7149
7150 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
7151 if (tmp->started)
7152 continue;
7153
7154 /*
7155 * If connect or sme-connect are enqueued, parallelize only
7156 * those operations ahead of them in the queue.
7157 */
7158 if (radio_work_is_connect(tmp))
7159 break;
7160
7161 /* Serialize parallel scan and p2p_scan operations on the same
7162 * interface since the driver_nl80211 mechanism for tracking
7163 * scan cookies does not yet have support for this. */
7164 if (active_work->wpa_s == tmp->wpa_s &&
7165 radio_work_is_scan(active_work) &&
7166 radio_work_is_scan(tmp)) {
7167 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
7168 "Do not start work '%s' when another work '%s' is already scheduled",
7169 tmp->type, active_work->type);
7170 continue;
7171 }
7172 /*
7173 * Check that the radio works are distinct and
7174 * on different bands.
7175 */
7176 if (os_strcmp(active_work->type, tmp->type) != 0 &&
7177 (active_work->bands != tmp->bands)) {
7178 /*
7179 * If a scan has to be scheduled through nl80211 scan
7180 * interface and if an external scan is already running,
7181 * do not schedule the scan since it is likely to get
7182 * rejected by kernel.
7183 */
7184 if (os_strcmp(tmp->type, "scan") == 0 &&
7185 external_scan_running(radio) &&
7186 (((struct wpa_driver_scan_params *)
7187 tmp->ctx)->only_new_results ||
7188 tmp->wpa_s->clear_driver_scan_cache))
7189 continue;
7190
7191 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
7192 "active_work:%s new_work:%s",
7193 active_work->type, tmp->type);
7194 return tmp;
7195 }
7196 }
7197
7198 /* Did not find a radio work to schedule in parallel. */
7199 return NULL;
7200 }
7201
7202
7203 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
7204 {
7205 struct wpa_radio *radio = eloop_ctx;
7206 struct wpa_radio_work *work;
7207 struct os_reltime now, diff;
7208 struct wpa_supplicant *wpa_s;
7209
7210 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
7211 if (work == NULL) {
7212 radio->num_active_works = 0;
7213 return;
7214 }
7215
7216 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
7217 radio_list);
7218
7219 if (!(wpa_s &&
7220 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
7221 if (work->started)
7222 return; /* already started and still in progress */
7223
7224 if (wpa_s && external_scan_running(wpa_s->radio)) {
7225 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
7226 return;
7227 }
7228 } else {
7229 work = NULL;
7230 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
7231 /* get the work to schedule next */
7232 work = radio_work_get_next_work(radio);
7233 }
7234 if (!work)
7235 return;
7236 }
7237
7238 wpa_s = work->wpa_s;
7239 os_get_reltime(&now);
7240 os_reltime_sub(&now, &work->time, &diff);
7241 wpa_dbg(wpa_s, MSG_DEBUG,
7242 "Starting radio work '%s'@%p after %ld.%06ld second wait",
7243 work->type, work, diff.sec, diff.usec);
7244 work->started = 1;
7245 work->time = now;
7246 radio->num_active_works++;
7247
7248 work->cb(work, 0);
7249
7250 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
7251 radio->num_active_works < MAX_ACTIVE_WORKS)
7252 radio_work_check_next(wpa_s);
7253 }
7254
7255
7256 /*
7257 * This function removes both started and pending radio works running on
7258 * the provided interface's radio.
7259 * Prior to the removal of the radio work, its callback (cb) is called with
7260 * deinit set to be 1. Each work's callback is responsible for clearing its
7261 * internal data and restoring to a correct state.
7262 * @wpa_s: wpa_supplicant data
7263 * @type: type of works to be removed
7264 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
7265 * this interface's works.
7266 */
7267 void radio_remove_works(struct wpa_supplicant *wpa_s,
7268 const char *type, int remove_all)
7269 {
7270 struct wpa_radio_work *work, *tmp;
7271 struct wpa_radio *radio = wpa_s->radio;
7272
7273 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
7274 list) {
7275 if (type && os_strcmp(type, work->type) != 0)
7276 continue;
7277
7278 /* skip other ifaces' works */
7279 if (!remove_all && work->wpa_s != wpa_s)
7280 continue;
7281
7282 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
7283 work->type, work, work->started ? " (started)" : "");
7284 work->cb(work, 1);
7285 radio_work_free(work);
7286 }
7287
7288 /* in case we removed the started work */
7289 radio_work_check_next(wpa_s);
7290 }
7291
7292
7293 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
7294 {
7295 struct wpa_radio_work *work;
7296 struct wpa_radio *radio = wpa_s->radio;
7297
7298 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
7299 if (work->ctx != ctx)
7300 continue;
7301 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
7302 work->type, work, work->started ? " (started)" : "");
7303 radio_work_free(work);
7304 break;
7305 }
7306 }
7307
7308
7309 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
7310 {
7311 struct wpa_radio *radio = wpa_s->radio;
7312
7313 if (!radio)
7314 return;
7315
7316 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
7317 wpa_s->ifname, radio->name);
7318 dl_list_del(&wpa_s->radio_list);
7319 radio_remove_works(wpa_s, NULL, 0);
7320 /* If the interface that triggered the external scan was removed, the
7321 * external scan is no longer running. */
7322 if (wpa_s == radio->external_scan_req_interface)
7323 radio->external_scan_req_interface = NULL;
7324 wpa_s->radio = NULL;
7325 if (!dl_list_empty(&radio->ifaces))
7326 return; /* Interfaces remain for this radio */
7327
7328 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
7329 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
7330 os_free(radio);
7331 }
7332
7333
7334 void radio_work_check_next(struct wpa_supplicant *wpa_s)
7335 {
7336 struct wpa_radio *radio = wpa_s->radio;
7337
7338 if (dl_list_empty(&radio->work))
7339 return;
7340 if (wpa_s->ext_work_in_progress) {
7341 wpa_printf(MSG_DEBUG,
7342 "External radio work in progress - delay start of pending item");
7343 return;
7344 }
7345 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
7346 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
7347 }
7348
7349
7350 /**
7351 * radio_add_work - Add a radio work item
7352 * @wpa_s: Pointer to wpa_supplicant data
7353 * @freq: Frequency of the offchannel operation in MHz or 0
7354 * @type: Unique identifier for each type of work
7355 * @next: Force as the next work to be executed
7356 * @cb: Callback function for indicating when radio is available
7357 * @ctx: Context pointer for the work (work->ctx in cb())
7358 * Returns: 0 on success, -1 on failure
7359 *
7360 * This function is used to request time for an operation that requires
7361 * exclusive radio control. Once the radio is available, the registered callback
7362 * function will be called. radio_work_done() must be called once the exclusive
7363 * radio operation has been completed, so that the radio is freed for other
7364 * operations. The special case of deinit=1 is used to free the context data
7365 * during interface removal. That does not allow the callback function to start
7366 * the radio operation, i.e., it must free any resources allocated for the radio
7367 * work and return.
7368 *
7369 * The @freq parameter can be used to indicate a single channel on which the
7370 * offchannel operation will occur. This may allow multiple radio work
7371 * operations to be performed in parallel if they apply for the same channel.
7372 * Setting this to 0 indicates that the work item may use multiple channels or
7373 * requires exclusive control of the radio.
7374 */
7375 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
7376 const char *type, int next,
7377 void (*cb)(struct wpa_radio_work *work, int deinit),
7378 void *ctx)
7379 {
7380 struct wpa_radio *radio = wpa_s->radio;
7381 struct wpa_radio_work *work;
7382 int was_empty;
7383
7384 work = os_zalloc(sizeof(*work));
7385 if (work == NULL)
7386 return -1;
7387 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
7388 os_get_reltime(&work->time);
7389 work->freq = freq;
7390 work->type = type;
7391 work->wpa_s = wpa_s;
7392 work->cb = cb;
7393 work->ctx = ctx;
7394
7395 if (freq)
7396 work->bands = wpas_freq_to_band(freq);
7397 else if (os_strcmp(type, "scan") == 0 ||
7398 os_strcmp(type, "p2p-scan") == 0)
7399 work->bands = wpas_get_bands(wpa_s,
7400 ((struct wpa_driver_scan_params *)
7401 ctx)->freqs);
7402 else
7403 work->bands = wpas_get_bands(wpa_s, NULL);
7404
7405 was_empty = dl_list_empty(&wpa_s->radio->work);
7406 if (next)
7407 dl_list_add(&wpa_s->radio->work, &work->list);
7408 else
7409 dl_list_add_tail(&wpa_s->radio->work, &work->list);
7410 if (was_empty) {
7411 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
7412 radio_work_check_next(wpa_s);
7413 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
7414 && radio->num_active_works < MAX_ACTIVE_WORKS) {
7415 wpa_dbg(wpa_s, MSG_DEBUG,
7416 "Try to schedule a radio work (num_active_works=%u)",
7417 radio->num_active_works);
7418 radio_work_check_next(wpa_s);
7419 }
7420
7421 return 0;
7422 }
7423
7424
7425 /**
7426 * radio_work_done - Indicate that a radio work item has been completed
7427 * @work: Completed work
7428 *
7429 * This function is called once the callback function registered with
7430 * radio_add_work() has completed its work.
7431 */
7432 void radio_work_done(struct wpa_radio_work *work)
7433 {
7434 struct wpa_supplicant *wpa_s = work->wpa_s;
7435 struct os_reltime now, diff;
7436 unsigned int started = work->started;
7437
7438 os_get_reltime(&now);
7439 os_reltime_sub(&now, &work->time, &diff);
7440 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
7441 work->type, work, started ? "done" : "canceled",
7442 diff.sec, diff.usec);
7443 radio_work_free(work);
7444 if (started)
7445 radio_work_check_next(wpa_s);
7446 }
7447
7448
7449 struct wpa_radio_work *
7450 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
7451 {
7452 struct wpa_radio_work *work;
7453 struct wpa_radio *radio = wpa_s->radio;
7454
7455 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
7456 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
7457 return work;
7458 }
7459
7460 return NULL;
7461 }
7462
7463
7464 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
7465 const struct wpa_interface *iface)
7466 {
7467 const char *ifname, *driver, *rn;
7468
7469 driver = iface->driver;
7470 next_driver:
7471 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
7472 return -1;
7473
7474 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
7475 if (wpa_s->drv_priv == NULL) {
7476 const char *pos;
7477 int level = MSG_ERROR;
7478
7479 pos = driver ? os_strchr(driver, ',') : NULL;
7480 if (pos) {
7481 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
7482 "driver interface - try next driver wrapper");
7483 driver = pos + 1;
7484 goto next_driver;
7485 }
7486
7487 #ifdef CONFIG_MATCH_IFACE
7488 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL)
7489 level = MSG_DEBUG;
7490 #endif /* CONFIG_MATCH_IFACE */
7491 wpa_msg(wpa_s, level, "Failed to initialize driver interface");
7492 return -1;
7493 }
7494 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
7495 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
7496 "driver_param '%s'", wpa_s->conf->driver_param);
7497 return -1;
7498 }
7499
7500 ifname = wpa_drv_get_ifname(wpa_s);
7501 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
7502 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
7503 "interface name with '%s'", ifname);
7504 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
7505 }
7506
7507 rn = wpa_driver_get_radio_name(wpa_s);
7508 if (rn && rn[0] == '\0')
7509 rn = NULL;
7510
7511 wpa_s->radio = radio_add_interface(wpa_s, rn);
7512 if (wpa_s->radio == NULL)
7513 return -1;
7514
7515 return 0;
7516 }
7517
7518
7519 #ifdef CONFIG_GAS_SERVER
7520
7521 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
7522 unsigned int freq, const u8 *dst,
7523 const u8 *src, const u8 *bssid,
7524 const u8 *data, size_t data_len,
7525 enum offchannel_send_action_result result)
7526 {
7527 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
7528 " result=%s",
7529 freq, MAC2STR(dst),
7530 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
7531 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
7532 "FAILED"));
7533 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
7534 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
7535 }
7536
7537
7538 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
7539 struct wpabuf *buf, unsigned int wait_time)
7540 {
7541 struct wpa_supplicant *wpa_s = ctx;
7542 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
7543
7544 if (wait_time > wpa_s->max_remain_on_chan)
7545 wait_time = wpa_s->max_remain_on_chan;
7546
7547 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
7548 wpabuf_head(buf), wpabuf_len(buf),
7549 wait_time, wpas_gas_server_tx_status, 0);
7550 }
7551
7552 #endif /* CONFIG_GAS_SERVER */
7553
7554 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
7555 const struct wpa_interface *iface)
7556 {
7557 struct wpa_driver_capa capa;
7558 int capa_res;
7559 u8 dfs_domain;
7560
7561 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
7562 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
7563 iface->confname ? iface->confname : "N/A",
7564 iface->driver ? iface->driver : "default",
7565 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
7566 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
7567
7568 if (iface->confname) {
7569 #ifdef CONFIG_BACKEND_FILE
7570 wpa_s->confname = os_rel2abs_path(iface->confname);
7571 if (wpa_s->confname == NULL) {
7572 wpa_printf(MSG_ERROR, "Failed to get absolute path "
7573 "for configuration file '%s'.",
7574 iface->confname);
7575 return -1;
7576 }
7577 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
7578 iface->confname, wpa_s->confname);
7579 #else /* CONFIG_BACKEND_FILE */
7580 wpa_s->confname = os_strdup(iface->confname);
7581 #endif /* CONFIG_BACKEND_FILE */
7582 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL, false);
7583 if (wpa_s->conf == NULL) {
7584 wpa_printf(MSG_ERROR, "Failed to read or parse "
7585 "configuration '%s'.", wpa_s->confname);
7586 return -1;
7587 }
7588 wpa_s->confanother = os_rel2abs_path(iface->confanother);
7589 if (wpa_s->confanother &&
7590 !wpa_config_read(wpa_s->confanother, wpa_s->conf, true)) {
7591 wpa_printf(MSG_ERROR,
7592 "Failed to read or parse configuration '%s'.",
7593 wpa_s->confanother);
7594 return -1;
7595 }
7596
7597 /*
7598 * Override ctrl_interface and driver_param if set on command
7599 * line.
7600 */
7601 if (iface->ctrl_interface) {
7602 os_free(wpa_s->conf->ctrl_interface);
7603 wpa_s->conf->ctrl_interface =
7604 os_strdup(iface->ctrl_interface);
7605 if (!wpa_s->conf->ctrl_interface) {
7606 wpa_printf(MSG_ERROR,
7607 "Failed to duplicate control interface '%s'.",
7608 iface->ctrl_interface);
7609 return -1;
7610 }
7611 }
7612
7613 if (iface->driver_param) {
7614 os_free(wpa_s->conf->driver_param);
7615 wpa_s->conf->driver_param =
7616 os_strdup(iface->driver_param);
7617 if (!wpa_s->conf->driver_param) {
7618 wpa_printf(MSG_ERROR,
7619 "Failed to duplicate driver param '%s'.",
7620 iface->driver_param);
7621 return -1;
7622 }
7623 }
7624
7625 if (iface->p2p_mgmt && !iface->ctrl_interface) {
7626 os_free(wpa_s->conf->ctrl_interface);
7627 wpa_s->conf->ctrl_interface = NULL;
7628 }
7629 } else
7630 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
7631 iface->driver_param);
7632
7633 if (wpa_s->conf == NULL) {
7634 wpa_printf(MSG_ERROR, "\nNo configuration found.");
7635 return -1;
7636 }
7637
7638 if (iface->ifname == NULL) {
7639 wpa_printf(MSG_ERROR, "\nInterface name is required.");
7640 return -1;
7641 }
7642 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
7643 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
7644 iface->ifname);
7645 return -1;
7646 }
7647 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
7648 #ifdef CONFIG_MATCH_IFACE
7649 wpa_s->matched = iface->matched;
7650 #endif /* CONFIG_MATCH_IFACE */
7651
7652 if (iface->bridge_ifname) {
7653 if (os_strlen(iface->bridge_ifname) >=
7654 sizeof(wpa_s->bridge_ifname)) {
7655 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
7656 "name '%s'.", iface->bridge_ifname);
7657 return -1;
7658 }
7659 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
7660 sizeof(wpa_s->bridge_ifname));
7661 }
7662
7663 /* RSNA Supplicant Key Management - INITIALIZE */
7664 eapol_sm_notify_portEnabled(wpa_s->eapol, false);
7665 eapol_sm_notify_portValid(wpa_s->eapol, false);
7666
7667 /* Initialize driver interface and register driver event handler before
7668 * L2 receive handler so that association events are processed before
7669 * EAPOL-Key packets if both become available for the same select()
7670 * call. */
7671 if (wpas_init_driver(wpa_s, iface) < 0)
7672 return -1;
7673
7674 if (wpa_supplicant_init_wpa(wpa_s) < 0)
7675 return -1;
7676
7677 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
7678 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
7679 NULL);
7680 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
7681
7682 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
7683 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
7684 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
7685 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7686 "dot11RSNAConfigPMKLifetime");
7687 return -1;
7688 }
7689
7690 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
7691 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
7692 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
7693 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7694 "dot11RSNAConfigPMKReauthThreshold");
7695 return -1;
7696 }
7697
7698 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
7699 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
7700 wpa_s->conf->dot11RSNAConfigSATimeout)) {
7701 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7702 "dot11RSNAConfigSATimeout");
7703 return -1;
7704 }
7705
7706 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID,
7707 wpa_s->conf->ft_prepend_pmkid);
7708
7709 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
7710 &wpa_s->hw.num_modes,
7711 &wpa_s->hw.flags,
7712 &dfs_domain);
7713 if (wpa_s->hw.modes) {
7714 u16 i;
7715
7716 for (i = 0; i < wpa_s->hw.num_modes; i++) {
7717 if (wpa_s->hw.modes[i].eht_capab[IEEE80211_MODE_INFRA].
7718 eht_supported)
7719 wpa_s->hw_capab |= BIT(CAPAB_EHT);
7720 if (wpa_s->hw.modes[i].he_capab[IEEE80211_MODE_INFRA].
7721 he_supported)
7722 wpa_s->hw_capab |= BIT(CAPAB_HE);
7723 if (wpa_s->hw.modes[i].vht_capab)
7724 wpa_s->hw_capab |= BIT(CAPAB_VHT);
7725 if (wpa_s->hw.modes[i].ht_capab)
7726 wpa_s->hw_capab |= BIT(CAPAB_HT);
7727 }
7728 wpa_s->support_6ghz = wpas_is_6ghz_supported(wpa_s, false);
7729 }
7730
7731 capa_res = wpa_drv_get_capa(wpa_s, &capa);
7732 if (capa_res == 0) {
7733 wpa_s->drv_capa_known = 1;
7734 wpa_s->drv_flags = capa.flags;
7735 wpa_s->drv_flags2 = capa.flags2;
7736 wpa_s->drv_enc = capa.enc;
7737 wpa_s->drv_key_mgmt = capa.key_mgmt;
7738 wpa_s->drv_rrm_flags = capa.rrm_flags;
7739 wpa_s->drv_max_acl_mac_addrs = capa.max_acl_mac_addrs;
7740 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
7741 wpa_s->max_scan_ssids = capa.max_scan_ssids;
7742 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
7743 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
7744 wpa_s->max_sched_scan_plan_interval =
7745 capa.max_sched_scan_plan_interval;
7746 wpa_s->max_sched_scan_plan_iterations =
7747 capa.max_sched_scan_plan_iterations;
7748 wpa_s->sched_scan_supported = capa.sched_scan_supported;
7749 wpa_s->max_match_sets = capa.max_match_sets;
7750 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
7751 wpa_s->max_stations = capa.max_stations;
7752 wpa_s->extended_capa = capa.extended_capa;
7753 wpa_s->extended_capa_mask = capa.extended_capa_mask;
7754 wpa_s->extended_capa_len = capa.extended_capa_len;
7755 wpa_s->num_multichan_concurrent =
7756 capa.num_multichan_concurrent;
7757 #ifndef CONFIG_NO_WMM_AC
7758 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
7759 #endif /* CONFIG_NO_WMM_AC */
7760 wpa_s->max_num_akms = capa.max_num_akms;
7761
7762 if (capa.mac_addr_rand_scan_supported)
7763 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
7764 if (wpa_s->sched_scan_supported &&
7765 capa.mac_addr_rand_sched_scan_supported)
7766 wpa_s->mac_addr_rand_supported |=
7767 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
7768 wpa_s->drv_max_probe_req_ie_len = capa.max_probe_req_ie_len;
7769
7770 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
7771 if (wpa_s->extended_capa &&
7772 wpa_s->extended_capa_len >= 3 &&
7773 wpa_s->extended_capa[2] & 0x40)
7774 wpa_s->multi_bss_support = 1;
7775 } else {
7776 wpa_s->drv_max_probe_req_ie_len = 1500;
7777 }
7778 #ifdef CONFIG_PASN
7779 wpa_pasn_sm_set_caps(wpa_s->wpa, wpa_s->drv_flags2);
7780 #endif /* CONFIG_PASN */
7781 #ifndef CONFIG_NO_WPA
7782 wpa_sm_set_driver_bss_selection(wpa_s->wpa,
7783 !!(wpa_s->drv_flags &
7784 WPA_DRIVER_FLAGS_BSS_SELECTION));
7785 #endif /* CONFIG_NO_WPA */
7786 if (wpa_s->max_remain_on_chan == 0)
7787 wpa_s->max_remain_on_chan = 1000;
7788
7789 /*
7790 * Only take p2p_mgmt parameters when P2P Device is supported.
7791 * Doing it here as it determines whether l2_packet_init() will be done
7792 * during wpa_supplicant_driver_init().
7793 */
7794 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
7795 wpa_s->p2p_mgmt = iface->p2p_mgmt;
7796
7797 if (wpa_s->num_multichan_concurrent == 0)
7798 wpa_s->num_multichan_concurrent = 1;
7799
7800 if (wpa_supplicant_driver_init(wpa_s) < 0)
7801 return -1;
7802
7803 #ifdef CONFIG_TDLS
7804 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
7805 return -1;
7806 #endif /* CONFIG_TDLS */
7807
7808 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
7809 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
7810 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
7811 return -1;
7812 }
7813
7814 #ifdef CONFIG_FST
7815 if (wpa_s->conf->fst_group_id) {
7816 struct fst_iface_cfg cfg;
7817 struct fst_wpa_obj iface_obj;
7818
7819 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
7820 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
7821 sizeof(cfg.group_id));
7822 cfg.priority = wpa_s->conf->fst_priority;
7823 cfg.llt = wpa_s->conf->fst_llt;
7824
7825 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
7826 &iface_obj, &cfg);
7827 if (!wpa_s->fst) {
7828 wpa_msg(wpa_s, MSG_ERROR,
7829 "FST: Cannot attach iface %s to group %s",
7830 wpa_s->ifname, cfg.group_id);
7831 return -1;
7832 }
7833 }
7834 #endif /* CONFIG_FST */
7835
7836 if (wpas_wps_init(wpa_s))
7837 return -1;
7838
7839 #ifdef CONFIG_GAS_SERVER
7840 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
7841 if (!wpa_s->gas_server) {
7842 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
7843 return -1;
7844 }
7845 #endif /* CONFIG_GAS_SERVER */
7846
7847 #ifdef CONFIG_DPP
7848 if (wpas_dpp_init(wpa_s) < 0)
7849 return -1;
7850 #endif /* CONFIG_DPP */
7851
7852 #ifdef CONFIG_NAN_USD
7853 if (wpas_nan_usd_init(wpa_s) < 0)
7854 return -1;
7855 #endif /* CONFIG_NAN_USD */
7856
7857 if (wpa_supplicant_init_eapol(wpa_s) < 0)
7858 return -1;
7859 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
7860
7861 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
7862 if (wpa_s->ctrl_iface == NULL) {
7863 wpa_printf(MSG_ERROR,
7864 "Failed to initialize control interface '%s'.\n"
7865 "You may have another wpa_supplicant process "
7866 "already running or the file was\n"
7867 "left by an unclean termination of wpa_supplicant "
7868 "in which case you will need\n"
7869 "to manually remove this file before starting "
7870 "wpa_supplicant again.\n",
7871 wpa_s->conf->ctrl_interface);
7872 return -1;
7873 }
7874
7875 wpa_s->gas = gas_query_init(wpa_s);
7876 if (wpa_s->gas == NULL) {
7877 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
7878 return -1;
7879 }
7880
7881 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
7882 wpa_s->p2p_mgmt) &&
7883 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
7884 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
7885 return -1;
7886 }
7887
7888 if (wpa_bss_init(wpa_s) < 0)
7889 return -1;
7890
7891 /*
7892 * Set Wake-on-WLAN triggers, if configured.
7893 * Note: We don't restore/remove the triggers on shutdown (it doesn't
7894 * have effect anyway when the interface is down).
7895 */
7896 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7897 return -1;
7898
7899 #ifdef CONFIG_EAP_PROXY
7900 {
7901 size_t len;
7902 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
7903 wpa_s->imsi, &len);
7904 if (wpa_s->mnc_len > 0) {
7905 wpa_s->imsi[len] = '\0';
7906 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
7907 wpa_s->imsi, wpa_s->mnc_len);
7908 } else {
7909 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
7910 }
7911 }
7912 #endif /* CONFIG_EAP_PROXY */
7913
7914 if (pcsc_reader_init(wpa_s) < 0)
7915 return -1;
7916
7917 if (wpas_init_ext_pw(wpa_s) < 0)
7918 return -1;
7919
7920 #ifndef CONFIG_NO_RRM
7921 wpas_rrm_reset(wpa_s);
7922 #endif /* CONFIG_NO_RRM */
7923
7924 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7925
7926 #ifdef CONFIG_MBO
7927 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
7928 if ((wpa_s->conf->oce & OCE_STA) &&
7929 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
7930 wpa_s->enable_oce = OCE_STA;
7931 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
7932 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
7933 /* TODO: Need to add STA-CFON support */
7934 wpa_printf(MSG_ERROR,
7935 "OCE STA-CFON feature is not yet supported");
7936 }
7937 }
7938 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
7939 #endif /* CONFIG_MBO */
7940
7941 wpa_supplicant_set_default_scan_ies(wpa_s);
7942
7943 return 0;
7944 }
7945
7946
7947 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
7948 int notify, int terminate)
7949 {
7950 struct wpa_global *global = wpa_s->global;
7951 struct wpa_supplicant *iface, *prev;
7952
7953 if (wpa_s == wpa_s->parent || (wpa_s == wpa_s->p2pdev && wpa_s->p2p_mgmt))
7954 wpas_p2p_group_remove(wpa_s, "*");
7955
7956 iface = global->ifaces;
7957 while (iface) {
7958 if (iface->p2pdev == wpa_s)
7959 iface->p2pdev = iface->parent;
7960 if (iface == wpa_s || iface->parent != wpa_s) {
7961 iface = iface->next;
7962 continue;
7963 }
7964 wpa_printf(MSG_DEBUG,
7965 "Remove remaining child interface %s from parent %s",
7966 iface->ifname, wpa_s->ifname);
7967 prev = iface;
7968 iface = iface->next;
7969 wpa_supplicant_remove_iface(global, prev, terminate);
7970 }
7971
7972 wpa_s->disconnected = 1;
7973 if (wpa_s->drv_priv) {
7974 /*
7975 * Don't deauthenticate if WoWLAN is enable and not explicitly
7976 * been configured to disconnect.
7977 */
7978 if (!wpa_drv_get_wowlan(wpa_s) ||
7979 wpa_s->conf->wowlan_disconnect_on_deinit) {
7980 wpa_supplicant_deauthenticate(
7981 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7982
7983 wpa_drv_set_countermeasures(wpa_s, 0);
7984 wpa_clear_keys(wpa_s, NULL);
7985 } else {
7986 wpa_msg(wpa_s, MSG_INFO,
7987 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
7988 }
7989 }
7990
7991 wpa_supplicant_cleanup(wpa_s);
7992 wpas_p2p_deinit_iface(wpa_s);
7993
7994 wpas_ctrl_radio_work_flush(wpa_s);
7995 radio_remove_interface(wpa_s);
7996
7997 #ifdef CONFIG_FST
7998 if (wpa_s->fst) {
7999 fst_detach(wpa_s->fst);
8000 wpa_s->fst = NULL;
8001 }
8002 if (wpa_s->received_mb_ies) {
8003 wpabuf_free(wpa_s->received_mb_ies);
8004 wpa_s->received_mb_ies = NULL;
8005 }
8006 #endif /* CONFIG_FST */
8007
8008 if (wpa_s->drv_priv)
8009 wpa_drv_deinit(wpa_s);
8010
8011 if (notify)
8012 wpas_notify_iface_removed(wpa_s);
8013
8014 if (terminate)
8015 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
8016
8017 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
8018 wpa_s->ctrl_iface = NULL;
8019
8020 #ifdef CONFIG_MESH
8021 if (wpa_s->ifmsh) {
8022 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true);
8023 wpa_s->ifmsh = NULL;
8024 }
8025 #endif /* CONFIG_MESH */
8026
8027 if (wpa_s->conf != NULL) {
8028 wpa_config_free(wpa_s->conf);
8029 wpa_s->conf = NULL;
8030 }
8031
8032 os_free(wpa_s->ssids_from_scan_req);
8033 os_free(wpa_s->last_scan_freqs);
8034
8035 os_free(wpa_s);
8036 }
8037
8038
8039 #ifdef CONFIG_MATCH_IFACE
8040
8041 /**
8042 * wpa_supplicant_match_iface - Match an interface description to a name
8043 * @global: Pointer to global data from wpa_supplicant_init()
8044 * @ifname: Name of the interface to match
8045 * Returns: Pointer to the created interface description or %NULL on failure
8046 */
8047 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
8048 const char *ifname)
8049 {
8050 int i;
8051 struct wpa_interface *iface, *miface;
8052
8053 for (i = 0; i < global->params.match_iface_count; i++) {
8054 miface = &global->params.match_ifaces[i];
8055 if (!miface->ifname ||
8056 fnmatch(miface->ifname, ifname, 0) == 0) {
8057 iface = os_zalloc(sizeof(*iface));
8058 if (!iface)
8059 return NULL;
8060 *iface = *miface;
8061 if (!miface->ifname)
8062 iface->matched = WPA_IFACE_MATCHED_NULL;
8063 else
8064 iface->matched = WPA_IFACE_MATCHED;
8065 iface->ifname = ifname;
8066 return iface;
8067 }
8068 }
8069
8070 return NULL;
8071 }
8072
8073
8074 /**
8075 * wpa_supplicant_match_existing - Match existing interfaces
8076 * @global: Pointer to global data from wpa_supplicant_init()
8077 * Returns: 0 on success, -1 on failure
8078 */
8079 static int wpa_supplicant_match_existing(struct wpa_global *global)
8080 {
8081 struct if_nameindex *ifi, *ifp;
8082 struct wpa_supplicant *wpa_s;
8083 struct wpa_interface *iface;
8084
8085 ifp = if_nameindex();
8086 if (!ifp) {
8087 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
8088 return -1;
8089 }
8090
8091 for (ifi = ifp; ifi->if_name; ifi++) {
8092 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
8093 if (wpa_s)
8094 continue;
8095 iface = wpa_supplicant_match_iface(global, ifi->if_name);
8096 if (iface) {
8097 wpa_supplicant_add_iface(global, iface, NULL);
8098 os_free(iface);
8099 }
8100 }
8101
8102 if_freenameindex(ifp);
8103 return 0;
8104 }
8105
8106 #endif /* CONFIG_MATCH_IFACE */
8107
8108
8109 /**
8110 * wpa_supplicant_add_iface - Add a new network interface
8111 * @global: Pointer to global data from wpa_supplicant_init()
8112 * @iface: Interface configuration options
8113 * @parent: Parent interface or %NULL to assign new interface as parent
8114 * Returns: Pointer to the created interface or %NULL on failure
8115 *
8116 * This function is used to add new network interfaces for %wpa_supplicant.
8117 * This can be called before wpa_supplicant_run() to add interfaces before the
8118 * main event loop has been started. In addition, new interfaces can be added
8119 * dynamically while %wpa_supplicant is already running. This could happen,
8120 * e.g., when a hotplug network adapter is inserted.
8121 */
8122 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
8123 struct wpa_interface *iface,
8124 struct wpa_supplicant *parent)
8125 {
8126 struct wpa_supplicant *wpa_s;
8127 struct wpa_interface t_iface;
8128 struct wpa_ssid *ssid;
8129
8130 if (global == NULL || iface == NULL)
8131 return NULL;
8132
8133 wpa_s = wpa_supplicant_alloc(parent);
8134 if (wpa_s == NULL)
8135 return NULL;
8136
8137 wpa_s->global = global;
8138
8139 t_iface = *iface;
8140 if (global->params.override_driver) {
8141 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
8142 "('%s' -> '%s')",
8143 iface->driver, global->params.override_driver);
8144 t_iface.driver = global->params.override_driver;
8145 }
8146 if (global->params.override_ctrl_interface) {
8147 wpa_printf(MSG_DEBUG, "Override interface parameter: "
8148 "ctrl_interface ('%s' -> '%s')",
8149 iface->ctrl_interface,
8150 global->params.override_ctrl_interface);
8151 t_iface.ctrl_interface =
8152 global->params.override_ctrl_interface;
8153 }
8154 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
8155 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
8156 iface->ifname);
8157 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
8158 return NULL;
8159 }
8160
8161 /* Notify the control interfaces about new iface */
8162 if (wpas_notify_iface_added(wpa_s)) {
8163 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
8164 return NULL;
8165 }
8166
8167 /* Notify the control interfaces about new networks */
8168 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
8169 if (iface->p2p_mgmt == 0) {
8170 wpas_notify_network_added(wpa_s, ssid);
8171 } else if (ssid->ssid_len > P2P_WILDCARD_SSID_LEN
8172 && os_strncmp((const char *) ssid->ssid,
8173 P2P_WILDCARD_SSID, P2P_WILDCARD_SSID_LEN) == 0) {
8174 wpas_notify_persistent_group_added(wpa_s, ssid);
8175 }
8176 }
8177
8178 wpa_s->next = global->ifaces;
8179 global->ifaces = wpa_s;
8180
8181 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
8182 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
8183
8184 #ifdef CONFIG_P2P
8185 if (wpa_s->global->p2p == NULL &&
8186 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
8187 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
8188 wpas_p2p_add_p2pdev_interface(
8189 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
8190 wpa_printf(MSG_INFO,
8191 "P2P: Failed to enable P2P Device interface");
8192 /* Try to continue without. P2P will be disabled. */
8193 }
8194 #endif /* CONFIG_P2P */
8195
8196 return wpa_s;
8197 }
8198
8199
8200 /**
8201 * wpa_supplicant_remove_iface - Remove a network interface
8202 * @global: Pointer to global data from wpa_supplicant_init()
8203 * @wpa_s: Pointer to the network interface to be removed
8204 * Returns: 0 if interface was removed, -1 if interface was not found
8205 *
8206 * This function can be used to dynamically remove network interfaces from
8207 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
8208 * addition, this function is used to remove all remaining interfaces when
8209 * %wpa_supplicant is terminated.
8210 */
8211 int wpa_supplicant_remove_iface(struct wpa_global *global,
8212 struct wpa_supplicant *wpa_s,
8213 int terminate)
8214 {
8215 struct wpa_supplicant *prev;
8216 #ifdef CONFIG_MESH
8217 unsigned int mesh_if_created = wpa_s->mesh_if_created;
8218 char *ifname = NULL;
8219 struct wpa_supplicant *parent = wpa_s->parent;
8220 #endif /* CONFIG_MESH */
8221
8222 /* Remove interface from the global list of interfaces */
8223 prev = global->ifaces;
8224 if (prev == wpa_s) {
8225 global->ifaces = wpa_s->next;
8226 } else {
8227 while (prev && prev->next != wpa_s)
8228 prev = prev->next;
8229 if (prev == NULL)
8230 return -1;
8231 prev->next = wpa_s->next;
8232 }
8233
8234 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
8235
8236 #ifdef CONFIG_MESH
8237 if (mesh_if_created) {
8238 ifname = os_strdup(wpa_s->ifname);
8239 if (ifname == NULL) {
8240 wpa_dbg(wpa_s, MSG_ERROR,
8241 "mesh: Failed to malloc ifname");
8242 return -1;
8243 }
8244 }
8245 #endif /* CONFIG_MESH */
8246
8247 if (global->p2p_group_formation == wpa_s)
8248 global->p2p_group_formation = NULL;
8249 if (global->p2p_invite_group == wpa_s)
8250 global->p2p_invite_group = NULL;
8251 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
8252
8253 #ifdef CONFIG_MESH
8254 if (mesh_if_created) {
8255 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
8256 os_free(ifname);
8257 }
8258 #endif /* CONFIG_MESH */
8259
8260 return 0;
8261 }
8262
8263
8264 /**
8265 * wpa_supplicant_get_eap_mode - Get the current EAP mode
8266 * @wpa_s: Pointer to the network interface
8267 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
8268 */
8269 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
8270 {
8271 const char *eapol_method;
8272
8273 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
8274 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
8275 return "NO-EAP";
8276 }
8277
8278 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
8279 if (eapol_method == NULL)
8280 return "UNKNOWN-EAP";
8281
8282 return eapol_method;
8283 }
8284
8285
8286 /**
8287 * wpa_supplicant_get_iface - Get a new network interface
8288 * @global: Pointer to global data from wpa_supplicant_init()
8289 * @ifname: Interface name
8290 * Returns: Pointer to the interface or %NULL if not found
8291 */
8292 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
8293 const char *ifname)
8294 {
8295 struct wpa_supplicant *wpa_s;
8296
8297 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8298 if (os_strcmp(wpa_s->ifname, ifname) == 0)
8299 return wpa_s;
8300 }
8301 return NULL;
8302 }
8303
8304
8305 #ifndef CONFIG_NO_WPA_MSG
8306 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
8307 {
8308 struct wpa_supplicant *wpa_s = ctx;
8309 if (wpa_s == NULL)
8310 return NULL;
8311 return wpa_s->ifname;
8312 }
8313 #endif /* CONFIG_NO_WPA_MSG */
8314
8315
8316 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
8317 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
8318 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
8319
8320 /* Periodic cleanup tasks */
8321 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
8322 {
8323 struct wpa_global *global = eloop_ctx;
8324 struct wpa_supplicant *wpa_s;
8325
8326 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
8327 wpas_periodic, global, NULL);
8328
8329 #ifdef CONFIG_P2P
8330 if (global->p2p)
8331 p2p_expire_peers(global->p2p);
8332 #endif /* CONFIG_P2P */
8333
8334 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8335 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
8336 #ifdef CONFIG_AP
8337 ap_periodic(wpa_s);
8338 #endif /* CONFIG_AP */
8339 }
8340 }
8341
8342
8343 /**
8344 * wpa_supplicant_init - Initialize %wpa_supplicant
8345 * @params: Parameters for %wpa_supplicant
8346 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
8347 *
8348 * This function is used to initialize %wpa_supplicant. After successful
8349 * initialization, the returned data pointer can be used to add and remove
8350 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
8351 */
8352 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
8353 {
8354 struct wpa_global *global;
8355 int ret, i;
8356
8357 if (params == NULL)
8358 return NULL;
8359
8360 #ifdef CONFIG_DRIVER_NDIS
8361 {
8362 void driver_ndis_init_ops(void);
8363 driver_ndis_init_ops();
8364 }
8365 #endif /* CONFIG_DRIVER_NDIS */
8366
8367 #ifndef CONFIG_NO_WPA_MSG
8368 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
8369 #endif /* CONFIG_NO_WPA_MSG */
8370
8371 if (params->wpa_debug_file_path)
8372 wpa_debug_open_file(params->wpa_debug_file_path);
8373 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
8374 wpa_debug_setup_stdout();
8375 if (params->wpa_debug_syslog)
8376 wpa_debug_open_syslog();
8377 if (params->wpa_debug_tracing) {
8378 ret = wpa_debug_open_linux_tracing();
8379 if (ret) {
8380 wpa_printf(MSG_ERROR,
8381 "Failed to enable trace logging");
8382 return NULL;
8383 }
8384 }
8385
8386 ret = eap_register_methods();
8387 if (ret) {
8388 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
8389 if (ret == -2)
8390 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
8391 "the same EAP type.");
8392 return NULL;
8393 }
8394
8395 global = os_zalloc(sizeof(*global));
8396 if (global == NULL)
8397 return NULL;
8398 dl_list_init(&global->p2p_srv_bonjour);
8399 dl_list_init(&global->p2p_srv_upnp);
8400 global->params.daemonize = params->daemonize;
8401 global->params.wait_for_monitor = params->wait_for_monitor;
8402 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
8403
8404 if (params->pid_file) {
8405 global->params.pid_file = os_strdup(params->pid_file);
8406 if (!global->params.pid_file) {
8407 wpa_supplicant_deinit(global);
8408 return NULL;
8409 }
8410 }
8411
8412 if (params->ctrl_interface) {
8413 global->params.ctrl_interface =
8414 os_strdup(params->ctrl_interface);
8415 if (!global->params.ctrl_interface) {
8416 wpa_supplicant_deinit(global);
8417 return NULL;
8418 }
8419 }
8420
8421 if (params->ctrl_interface_group) {
8422 global->params.ctrl_interface_group =
8423 os_strdup(params->ctrl_interface_group);
8424 if (!global->params.ctrl_interface_group) {
8425 wpa_supplicant_deinit(global);
8426 return NULL;
8427 }
8428 }
8429
8430 if (params->override_driver) {
8431 global->params.override_driver =
8432 os_strdup(params->override_driver);
8433 if (!global->params.override_driver) {
8434 wpa_supplicant_deinit(global);
8435 return NULL;
8436 }
8437 }
8438
8439 if (params->override_ctrl_interface) {
8440 global->params.override_ctrl_interface =
8441 os_strdup(params->override_ctrl_interface);
8442 if (!global->params.override_ctrl_interface) {
8443 wpa_supplicant_deinit(global);
8444 return NULL;
8445 }
8446 }
8447
8448 #ifdef CONFIG_MATCH_IFACE
8449 global->params.match_iface_count = params->match_iface_count;
8450 if (params->match_iface_count) {
8451 global->params.match_ifaces =
8452 os_calloc(params->match_iface_count,
8453 sizeof(struct wpa_interface));
8454 if (!global->params.match_ifaces) {
8455 wpa_printf(MSG_ERROR,
8456 "Failed to allocate match interfaces");
8457 wpa_supplicant_deinit(global);
8458 return NULL;
8459 }
8460 os_memcpy(global->params.match_ifaces,
8461 params->match_ifaces,
8462 params->match_iface_count *
8463 sizeof(struct wpa_interface));
8464 }
8465 #endif /* CONFIG_MATCH_IFACE */
8466 #ifdef CONFIG_P2P
8467 if (params->conf_p2p_dev) {
8468 global->params.conf_p2p_dev =
8469 os_strdup(params->conf_p2p_dev);
8470 if (!global->params.conf_p2p_dev) {
8471 wpa_printf(MSG_ERROR, "Failed to allocate conf p2p");
8472 wpa_supplicant_deinit(global);
8473 return NULL;
8474 }
8475 }
8476 #endif /* CONFIG_P2P */
8477 wpa_debug_level = global->params.wpa_debug_level =
8478 params->wpa_debug_level;
8479 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
8480 params->wpa_debug_show_keys;
8481 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
8482 params->wpa_debug_timestamp;
8483
8484 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
8485
8486 if (eloop_init()) {
8487 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
8488 wpa_supplicant_deinit(global);
8489 return NULL;
8490 }
8491
8492 random_init(params->entropy_file);
8493
8494 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
8495 if (global->ctrl_iface == NULL) {
8496 wpa_supplicant_deinit(global);
8497 return NULL;
8498 }
8499
8500 if (wpas_notify_supplicant_initialized(global)) {
8501 wpa_supplicant_deinit(global);
8502 return NULL;
8503 }
8504
8505 for (i = 0; wpa_drivers[i]; i++)
8506 global->drv_count++;
8507 if (global->drv_count == 0) {
8508 wpa_printf(MSG_ERROR, "No drivers enabled");
8509 wpa_supplicant_deinit(global);
8510 return NULL;
8511 }
8512 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
8513 if (global->drv_priv == NULL) {
8514 wpa_supplicant_deinit(global);
8515 return NULL;
8516 }
8517
8518 #ifdef CONFIG_WIFI_DISPLAY
8519 if (wifi_display_init(global) < 0) {
8520 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
8521 wpa_supplicant_deinit(global);
8522 return NULL;
8523 }
8524 #endif /* CONFIG_WIFI_DISPLAY */
8525
8526 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
8527 wpas_periodic, global, NULL);
8528
8529 return global;
8530 }
8531
8532
8533 /**
8534 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
8535 * @global: Pointer to global data from wpa_supplicant_init()
8536 * Returns: 0 after successful event loop run, -1 on failure
8537 *
8538 * This function starts the main event loop and continues running as long as
8539 * there are any remaining events. In most cases, this function is running as
8540 * long as the %wpa_supplicant process in still in use.
8541 */
8542 int wpa_supplicant_run(struct wpa_global *global)
8543 {
8544 struct wpa_supplicant *wpa_s;
8545
8546 if (global->params.daemonize &&
8547 (wpa_supplicant_daemon(global->params.pid_file) ||
8548 eloop_sock_requeue()))
8549 return -1;
8550
8551 #ifdef CONFIG_MATCH_IFACE
8552 if (wpa_supplicant_match_existing(global))
8553 return -1;
8554 #endif
8555
8556 if (global->params.wait_for_monitor) {
8557 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
8558 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
8559 wpa_supplicant_ctrl_iface_wait(
8560 wpa_s->ctrl_iface);
8561 }
8562
8563 #ifdef CONFIG_AIDL
8564 // If daemonize is enabled, initialize AIDL here.
8565 if (global->params.daemonize) {
8566 global->aidl = wpas_aidl_init(global);
8567 if (!global->aidl)
8568 return -1;
8569 }
8570 #endif /* CONFIG_AIDL */
8571
8572 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
8573 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
8574
8575 eloop_run();
8576
8577 return 0;
8578 }
8579
8580
8581 /**
8582 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
8583 * @global: Pointer to global data from wpa_supplicant_init()
8584 *
8585 * This function is called to deinitialize %wpa_supplicant and to free all
8586 * allocated resources. Remaining network interfaces will also be removed.
8587 */
8588 void wpa_supplicant_deinit(struct wpa_global *global)
8589 {
8590 int i;
8591
8592 if (global == NULL)
8593 return;
8594
8595 eloop_cancel_timeout(wpas_periodic, global, NULL);
8596
8597 #ifdef CONFIG_WIFI_DISPLAY
8598 wifi_display_deinit(global);
8599 #endif /* CONFIG_WIFI_DISPLAY */
8600
8601 while (global->ifaces)
8602 wpa_supplicant_remove_iface(global, global->ifaces, 1);
8603
8604 if (global->ctrl_iface)
8605 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
8606
8607 wpas_notify_supplicant_deinitialized(global);
8608
8609 eap_peer_unregister_methods();
8610 #ifdef CONFIG_AP
8611 eap_server_unregister_methods();
8612 #endif /* CONFIG_AP */
8613
8614 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
8615 if (!global->drv_priv[i])
8616 continue;
8617 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
8618 }
8619 os_free(global->drv_priv);
8620
8621 random_deinit();
8622
8623 eloop_destroy();
8624
8625 if (global->params.pid_file) {
8626 os_daemonize_terminate(global->params.pid_file);
8627 os_free(global->params.pid_file);
8628 }
8629 os_free(global->params.ctrl_interface);
8630 os_free(global->params.ctrl_interface_group);
8631 os_free(global->params.override_driver);
8632 os_free(global->params.override_ctrl_interface);
8633 #ifdef CONFIG_MATCH_IFACE
8634 os_free(global->params.match_ifaces);
8635 #endif /* CONFIG_MATCH_IFACE */
8636 #ifdef CONFIG_P2P
8637 os_free(global->params.conf_p2p_dev);
8638 #endif /* CONFIG_P2P */
8639
8640 os_free(global->p2p_disallow_freq.range);
8641 os_free(global->p2p_go_avoid_freq.range);
8642 os_free(global->add_psk);
8643
8644 os_free(global);
8645 wpa_debug_close_syslog();
8646 wpa_debug_close_file();
8647 wpa_debug_close_linux_tracing();
8648 }
8649
8650
8651 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
8652 {
8653 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
8654 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
8655 char country[3];
8656 country[0] = wpa_s->conf->country[0];
8657 country[1] = wpa_s->conf->country[1];
8658 country[2] = '\0';
8659 if (wpa_drv_set_country(wpa_s, country) < 0) {
8660 wpa_printf(MSG_ERROR, "Failed to set country code "
8661 "'%s'", country);
8662 }
8663 }
8664
8665 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
8666 wpas_init_ext_pw(wpa_s);
8667
8668 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
8669 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
8670
8671 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
8672 struct wpa_driver_capa capa;
8673 int res = wpa_drv_get_capa(wpa_s, &capa);
8674
8675 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
8676 wpa_printf(MSG_ERROR,
8677 "Failed to update wowlan_triggers to '%s'",
8678 wpa_s->conf->wowlan_triggers);
8679 }
8680
8681 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
8682 wpa_supplicant_set_default_scan_ies(wpa_s);
8683
8684 if (wpa_s->conf->changed_parameters & CFG_CHANGED_FT_PREPEND_PMKID)
8685 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID,
8686 wpa_s->conf->ft_prepend_pmkid);
8687
8688 #ifdef CONFIG_BGSCAN
8689 /*
8690 * We default to global bgscan parameters only when per-network bgscan
8691 * parameters aren't set. Only bother resetting bgscan parameters if
8692 * this is the case.
8693 */
8694 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) &&
8695 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan &&
8696 wpa_s->wpa_state == WPA_COMPLETED)
8697 wpa_supplicant_reset_bgscan(wpa_s);
8698 #endif /* CONFIG_BGSCAN */
8699
8700 #ifdef CONFIG_WPS
8701 wpas_wps_update_config(wpa_s);
8702 #endif /* CONFIG_WPS */
8703 wpas_p2p_update_config(wpa_s);
8704 wpa_s->conf->changed_parameters = 0;
8705 }
8706
8707
8708 void add_freq(int *freqs, int *num_freqs, int freq)
8709 {
8710 int i;
8711
8712 for (i = 0; i < *num_freqs; i++) {
8713 if (freqs[i] == freq)
8714 return;
8715 }
8716
8717 freqs[*num_freqs] = freq;
8718 (*num_freqs)++;
8719 }
8720
8721
8722 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
8723 {
8724 struct wpa_bss *bss, *cbss;
8725 const int max_freqs = 10;
8726 int *freqs;
8727 int num_freqs = 0;
8728
8729 freqs = os_calloc(max_freqs + 1, sizeof(int));
8730 if (freqs == NULL)
8731 return NULL;
8732
8733 cbss = wpa_s->current_bss;
8734
8735 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
8736 if (bss == cbss)
8737 continue;
8738 if (bss->ssid_len == cbss->ssid_len &&
8739 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
8740 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) {
8741 add_freq(freqs, &num_freqs, bss->freq);
8742 if (num_freqs == max_freqs)
8743 break;
8744 }
8745 }
8746
8747 if (num_freqs == 0) {
8748 os_free(freqs);
8749 freqs = NULL;
8750 }
8751
8752 return freqs;
8753 }
8754
8755
8756 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid,
8757 const u8 **link_bssids)
8758 {
8759 int timeout;
8760 int count;
8761 int *freqs = NULL;
8762
8763 wpas_connect_work_done(wpa_s);
8764
8765 /*
8766 * Remove possible authentication timeout since the connection failed.
8767 */
8768 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
8769
8770 /*
8771 * There is no point in ignoring the AP temporarily if this event is
8772 * generated based on local request to disconnect.
8773 */
8774 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
8775 wpa_s->own_disconnect_req = 0;
8776 wpa_dbg(wpa_s, MSG_DEBUG,
8777 "Ignore connection failure due to local request to disconnect");
8778 return;
8779 }
8780 if (wpa_s->disconnected) {
8781 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
8782 "indication since interface has been put into "
8783 "disconnected state");
8784 return;
8785 }
8786 if (wpa_s->auto_reconnect_disabled) {
8787 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
8788 "indication since auto connect is disabled");
8789 return;
8790 }
8791
8792 /* Also mark links as failed */
8793 while (link_bssids && *link_bssids) {
8794 wpa_bssid_ignore_add(wpa_s, *link_bssids);
8795 link_bssids++;
8796 }
8797
8798 /*
8799 * Add the failed BSSID into the ignore list and speed up next scan
8800 * attempt if there could be other APs that could accept association.
8801 */
8802 count = wpa_bssid_ignore_add(wpa_s, bssid);
8803 if (count == 1 && wpa_s->current_bss) {
8804 /*
8805 * This BSS was not in the ignore list before. If there is
8806 * another BSS available for the same ESS, we should try that
8807 * next. Otherwise, we may as well try this one once more
8808 * before allowing other, likely worse, ESSes to be considered.
8809 */
8810 freqs = get_bss_freqs_in_ess(wpa_s);
8811 if (freqs) {
8812 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
8813 "has been seen; try it next");
8814 wpa_bssid_ignore_add(wpa_s, bssid);
8815 /*
8816 * On the next scan, go through only the known channels
8817 * used in this ESS based on previous scans to speed up
8818 * common load balancing use case.
8819 */
8820 os_free(wpa_s->next_scan_freqs);
8821 wpa_s->next_scan_freqs = freqs;
8822 }
8823 }
8824
8825 wpa_s->consecutive_conn_failures++;
8826
8827 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) {
8828 wpa_printf(MSG_DEBUG, "Continuous association failures - "
8829 "consider temporary network disabling");
8830 wpas_auth_failed(wpa_s, "CONN_FAILED", bssid);
8831 }
8832 /*
8833 * Multiple consecutive connection failures mean that other APs are
8834 * either not available or have already been tried, so we can start
8835 * increasing the delay here to avoid constant scanning.
8836 */
8837 switch (wpa_s->consecutive_conn_failures) {
8838 case 1:
8839 timeout = 100;
8840 break;
8841 case 2:
8842 timeout = 500;
8843 break;
8844 case 3:
8845 timeout = 1000;
8846 break;
8847 case 4:
8848 timeout = 5000;
8849 break;
8850 default:
8851 timeout = 10000;
8852 break;
8853 }
8854
8855 wpa_dbg(wpa_s, MSG_DEBUG,
8856 "Consecutive connection failures: %d --> request scan in %d ms",
8857 wpa_s->consecutive_conn_failures, timeout);
8858
8859 /*
8860 * TODO: if more than one possible AP is available in scan results,
8861 * could try the other ones before requesting a new scan.
8862 */
8863
8864 /* speed up the connection attempt with normal scan */
8865 wpa_s->normal_scans = 0;
8866 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
8867 1000 * (timeout % 1000));
8868 }
8869
8870
8871 #ifdef CONFIG_FILS
8872
8873 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
8874 {
8875 struct wpa_ssid *ssid = wpa_s->current_ssid;
8876 const u8 *realm, *username, *rrk;
8877 size_t realm_len, username_len, rrk_len;
8878 u16 next_seq_num;
8879
8880 /* Clear the PMKSA cache entry if FILS authentication was rejected.
8881 * Check for ERP keys existing to limit when this can be done since
8882 * the rejection response is not protected and such triggers should
8883 * really not allow internal state to be modified unless required to
8884 * avoid significant issues in functionality. In addition, drop
8885 * externally configure PMKSA entries even without ERP keys since it
8886 * is possible for an external component to add PMKSA entries for FILS
8887 * authentication without restoring previously generated ERP keys.
8888 *
8889 * In this case, this is needed to allow recovery from cases where the
8890 * AP or authentication server has dropped PMKSAs and ERP keys. */
8891 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt))
8892 return;
8893
8894 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
8895 &username, &username_len,
8896 &realm, &realm_len, &next_seq_num,
8897 &rrk, &rrk_len) != 0 ||
8898 !realm) {
8899 wpa_dbg(wpa_s, MSG_DEBUG,
8900 "FILS: Drop external PMKSA cache entry");
8901 wpa_sm_aborted_external_cached(wpa_s->wpa);
8902 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid);
8903 return;
8904 }
8905
8906 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry");
8907 wpa_sm_aborted_cached(wpa_s->wpa);
8908 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
8909 }
8910
8911
8912 void fils_connection_failure(struct wpa_supplicant *wpa_s)
8913 {
8914 struct wpa_ssid *ssid = wpa_s->current_ssid;
8915 const u8 *realm, *username, *rrk;
8916 size_t realm_len, username_len, rrk_len;
8917 u16 next_seq_num;
8918
8919 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
8920 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
8921 &username, &username_len,
8922 &realm, &realm_len, &next_seq_num,
8923 &rrk, &rrk_len) != 0 ||
8924 !realm)
8925 return;
8926
8927 wpa_hexdump_ascii(MSG_DEBUG,
8928 "FILS: Store last connection failure realm",
8929 realm, realm_len);
8930 os_free(wpa_s->last_con_fail_realm);
8931 wpa_s->last_con_fail_realm = os_malloc(realm_len);
8932 if (wpa_s->last_con_fail_realm) {
8933 wpa_s->last_con_fail_realm_len = realm_len;
8934 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
8935 }
8936 }
8937 #endif /* CONFIG_FILS */
8938
8939
8940 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
8941 {
8942 return wpa_s->conf->ap_scan == 2 ||
8943 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
8944 }
8945
8946
8947 static bool wpas_driver_rsn_override(struct wpa_supplicant *wpa_s)
8948 {
8949 return !!(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_RSN_OVERRIDE_STA);
8950 }
8951
8952
8953 bool wpas_rsn_overriding(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8954 {
8955 enum wpas_rsn_overriding rsno;
8956
8957 if (ssid && ssid->rsn_overriding != RSN_OVERRIDING_NOT_SET)
8958 rsno = ssid->rsn_overriding;
8959 else
8960 rsno = wpa_s->conf->rsn_overriding;
8961
8962 if (rsno == RSN_OVERRIDING_DISABLED)
8963 return false;
8964
8965 if (rsno == RSN_OVERRIDING_ENABLED)
8966 return true;
8967
8968 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
8969 wpas_driver_bss_selection(wpa_s))
8970 return wpas_driver_rsn_override(wpa_s);
8971
8972 return true;
8973 }
8974
8975
8976 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) || defined (CONFIG_CTRL_IFACE_AIDL)
8977 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
8978 struct wpa_ssid *ssid,
8979 const char *field,
8980 const char *value)
8981 {
8982 #ifdef IEEE8021X_EAPOL
8983 enum wpa_ctrl_req_type rtype;
8984
8985 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
8986 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
8987 (const u8 *) value, os_strlen(value));
8988
8989 rtype = wpa_supplicant_ctrl_req_from_string(field);
8990 return wpa_supplicant_ctrl_rsp_handle(wpa_s, ssid, rtype, value, strlen(value));
8991 #else /* IEEE8021X_EAPOL */
8992 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
8993 return -1;
8994 #endif /* IEEE8021X_EAPOL */
8995 }
8996
8997 int wpa_supplicant_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
8998 struct wpa_ssid *ssid,
8999 enum wpa_ctrl_req_type rtype,
9000 const char *value, int value_len)
9001 {
9002 #ifdef IEEE8021X_EAPOL
9003 struct eap_peer_config *eap = &ssid->eap;
9004 char *identity, *imsi_identity;
9005
9006 switch (rtype) {
9007 case WPA_CTRL_REQ_EAP_IDENTITY:
9008 os_free(eap->identity);
9009 os_free(eap->imsi_identity);
9010 if (value == NULL)
9011 return -1;
9012 identity = os_strchr(value, ':');
9013 if (identity == NULL) {
9014 /* plain identity */
9015 eap->identity = (u8 *)os_strdup(value);
9016 eap->identity_len = os_strlen(value);
9017 } else {
9018 /* have both plain identity and encrypted identity */
9019 imsi_identity = value;
9020 *identity++ = '\0';
9021 /* plain identity */
9022 eap->imsi_identity = (u8 *)dup_binstr(imsi_identity, strlen(imsi_identity));
9023 eap->imsi_identity_len = strlen(imsi_identity);
9024 /* encrypted identity */
9025 eap->identity = (u8 *)dup_binstr(identity,
9026 value_len - strlen(imsi_identity) - 1);
9027 eap->identity_len = value_len - strlen(imsi_identity) - 1;
9028 }
9029 eap->pending_req_identity = 0;
9030 if (ssid == wpa_s->current_ssid)
9031 wpa_s->reassociate = 1;
9032 break;
9033 case WPA_CTRL_REQ_EAP_PASSWORD:
9034 bin_clear_free(eap->password, eap->password_len);
9035 eap->password = (u8 *) os_strdup(value);
9036 if (!eap->password)
9037 return -1;
9038 eap->password_len = value_len;
9039 eap->pending_req_password = 0;
9040 if (ssid == wpa_s->current_ssid)
9041 wpa_s->reassociate = 1;
9042 break;
9043 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
9044 bin_clear_free(eap->new_password, eap->new_password_len);
9045 eap->new_password = (u8 *) os_strdup(value);
9046 if (!eap->new_password)
9047 return -1;
9048 eap->new_password_len = value_len;
9049 eap->pending_req_new_password = 0;
9050 if (ssid == wpa_s->current_ssid)
9051 wpa_s->reassociate = 1;
9052 break;
9053 case WPA_CTRL_REQ_EAP_PIN:
9054 str_clear_free(eap->cert.pin);
9055 eap->cert.pin = os_strdup(value);
9056 if (!eap->cert.pin)
9057 return -1;
9058 eap->pending_req_pin = 0;
9059 if (ssid == wpa_s->current_ssid)
9060 wpa_s->reassociate = 1;
9061 break;
9062 case WPA_CTRL_REQ_EAP_OTP:
9063 bin_clear_free(eap->otp, eap->otp_len);
9064 eap->otp = (u8 *) os_strdup(value);
9065 if (!eap->otp)
9066 return -1;
9067 eap->otp_len = value_len;
9068 os_free(eap->pending_req_otp);
9069 eap->pending_req_otp = NULL;
9070 eap->pending_req_otp_len = 0;
9071 break;
9072 case WPA_CTRL_REQ_EAP_PASSPHRASE:
9073 str_clear_free(eap->cert.private_key_passwd);
9074 eap->cert.private_key_passwd = os_strdup(value);
9075 if (!eap->cert.private_key_passwd)
9076 return -1;
9077 eap->pending_req_passphrase = 0;
9078 if (ssid == wpa_s->current_ssid)
9079 wpa_s->reassociate = 1;
9080 break;
9081 case WPA_CTRL_REQ_SIM:
9082 str_clear_free(eap->external_sim_resp);
9083 eap->external_sim_resp = os_strdup(value);
9084 if (!eap->external_sim_resp)
9085 return -1;
9086 eap->pending_req_sim = 0;
9087 break;
9088 case WPA_CTRL_REQ_PSK_PASSPHRASE:
9089 if (wpa_config_set(ssid, "psk", value, 0) < 0)
9090 return -1;
9091 ssid->mem_only_psk = 1;
9092 if (ssid->passphrase)
9093 wpa_config_update_psk(ssid);
9094 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
9095 wpa_supplicant_req_scan(wpa_s, 0, 0);
9096 break;
9097 case WPA_CTRL_REQ_EXT_CERT_CHECK:
9098 if (eap->pending_ext_cert_check != PENDING_CHECK)
9099 return -1;
9100 if (os_strcmp(value, "good") == 0)
9101 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
9102 else if (os_strcmp(value, "bad") == 0)
9103 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
9104 else
9105 return -1;
9106 break;
9107 default:
9108 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown type %d", rtype);
9109 return -1;
9110 }
9111
9112 return 0;
9113 #else /* IEEE8021X_EAPOL */
9114 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
9115 return -1;
9116 #endif /* IEEE8021X_EAPOL */
9117 }
9118 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW || CONFIG_CTRL_IFACE_AIDL */
9119
9120
9121 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
9122 {
9123 #ifdef CONFIG_WEP
9124 int i;
9125 unsigned int drv_enc;
9126 #endif /* CONFIG_WEP */
9127
9128 if (wpa_s->p2p_mgmt)
9129 return 1; /* no normal network profiles on p2p_mgmt interface */
9130
9131 if (ssid == NULL)
9132 return 1;
9133
9134 if (ssid->disabled)
9135 return 1;
9136
9137 #ifdef CONFIG_WEP
9138 if (wpa_s->drv_capa_known)
9139 drv_enc = wpa_s->drv_enc;
9140 else
9141 drv_enc = (unsigned int) -1;
9142
9143 for (i = 0; i < NUM_WEP_KEYS; i++) {
9144 size_t len = ssid->wep_key_len[i];
9145 if (len == 0)
9146 continue;
9147 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
9148 continue;
9149 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
9150 continue;
9151 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
9152 continue;
9153 return 1; /* invalid WEP key */
9154 }
9155 #endif /* CONFIG_WEP */
9156
9157 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
9158 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
9159 !(wpa_key_mgmt_sae(ssid->key_mgmt) &&
9160 (ssid->passphrase || ssid->sae_password || ssid->pmk_valid)) &&
9161 !ssid->mem_only_psk)
9162 return 1;
9163
9164 #ifdef IEEE8021X_EAPOL
9165 #ifdef CRYPTO_RSA_OAEP_SHA256
9166 if (ssid->eap.imsi_privacy_cert) {
9167 struct crypto_rsa_key *key;
9168 bool failed = false;
9169
9170 key = crypto_rsa_key_read(ssid->eap.imsi_privacy_cert, false);
9171 if (!key)
9172 failed = true;
9173 crypto_rsa_key_free(key);
9174 if (failed) {
9175 wpa_printf(MSG_DEBUG,
9176 "Invalid imsi_privacy_cert (%s) - disable network",
9177 ssid->eap.imsi_privacy_cert);
9178 return 1;
9179 }
9180 }
9181 #endif /* CRYPTO_RSA_OAEP_SHA256 */
9182 #endif /* IEEE8021X_EAPOL */
9183
9184 return 0;
9185 }
9186
9187
9188 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
9189 {
9190 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
9191 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
9192 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
9193 /*
9194 * Driver does not support BIP -- ignore pmf=1 default
9195 * since the connection with PMF would fail and the
9196 * configuration does not require PMF to be enabled.
9197 */
9198 return NO_MGMT_FRAME_PROTECTION;
9199 }
9200
9201 if (ssid &&
9202 (ssid->key_mgmt &
9203 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
9204 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
9205 /*
9206 * Do not use the default PMF value for non-RSN networks
9207 * since PMF is available only with RSN and pmf=2
9208 * configuration would otherwise prevent connections to
9209 * all open networks.
9210 */
9211 return NO_MGMT_FRAME_PROTECTION;
9212 }
9213
9214 #ifdef CONFIG_OCV
9215 /* Enable PMF if OCV is being enabled */
9216 if (wpa_s->conf->pmf == NO_MGMT_FRAME_PROTECTION &&
9217 ssid && ssid->ocv)
9218 return MGMT_FRAME_PROTECTION_OPTIONAL;
9219 #endif /* CONFIG_OCV */
9220
9221 return wpa_s->conf->pmf;
9222 }
9223
9224 return ssid->ieee80211w;
9225 }
9226
9227
9228 #ifdef CONFIG_SAE
9229
9230 enum sae_pwe wpas_get_ssid_sae_pwe(struct wpa_supplicant *wpa_s,
9231 struct wpa_ssid *ssid)
9232 {
9233 if (!ssid || ssid->sae_pwe == DEFAULT_SAE_PWE)
9234 return wpa_s->conf->sae_pwe;
9235 return ssid->sae_pwe;
9236 }
9237
9238
9239 bool wpas_is_sae_avoided(struct wpa_supplicant *wpa_s,
9240 struct wpa_ssid *ssid,
9241 const struct wpa_ie_data *ie)
9242 {
9243 return wpa_s->conf->sae_check_mfp &&
9244 (!(ie->capabilities &
9245 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) ||
9246 wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION);
9247 }
9248
9249 #endif /* CONFIG_SAE */
9250
9251
9252 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr)
9253 {
9254 if (wpa_s->current_ssid == NULL ||
9255 wpa_s->wpa_state < WPA_4WAY_HANDSHAKE)
9256 return 0;
9257 if (wpa_s->valid_links) {
9258 if (!ether_addr_equal(addr, wpa_s->ap_mld_addr) &&
9259 !wpas_ap_link_address(wpa_s, addr))
9260 return 0;
9261 } else {
9262 if (!ether_addr_equal(addr, wpa_s->bssid))
9263 return 0;
9264 }
9265 return wpa_sm_pmf_enabled(wpa_s->wpa);
9266 }
9267
9268
9269 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
9270 {
9271 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
9272 return 1;
9273 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
9274 return 0;
9275 return -1;
9276 }
9277
9278
9279 void wpas_auth_failed(struct wpa_supplicant *wpa_s, const char *reason,
9280 const u8 *bssid)
9281 {
9282 struct wpa_ssid *ssid = wpa_s->current_ssid;
9283 int dur;
9284 struct os_reltime now;
9285
9286 if (ssid == NULL) {
9287 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
9288 "SSID block");
9289 return;
9290 }
9291
9292 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
9293 return;
9294
9295 ssid->auth_failures++;
9296
9297 #ifdef CONFIG_P2P
9298 if (ssid->p2p_group &&
9299 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
9300 /*
9301 * Skip the wait time since there is a short timeout on the
9302 * connection to a P2P group.
9303 */
9304 return;
9305 }
9306 #endif /* CONFIG_P2P */
9307
9308 if (ssid->auth_failures > 50)
9309 dur = 300;
9310 else if (ssid->auth_failures > 10)
9311 dur = 120;
9312 else if (ssid->auth_failures > 5)
9313 dur = 90;
9314 else if (ssid->auth_failures > 3)
9315 dur = 60;
9316 else if (ssid->auth_failures > 2)
9317 dur = 30;
9318 else if (ssid->auth_failures > 1)
9319 dur = 20;
9320 else
9321 dur = 10;
9322
9323 if (ssid->auth_failures > 1 &&
9324 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
9325 dur += os_random() % (ssid->auth_failures * 10);
9326
9327 os_get_reltime(&now);
9328 if (now.sec + dur <= ssid->disabled_until.sec)
9329 return;
9330
9331 ssid->disabled_until.sec = now.sec + dur;
9332
9333 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
9334 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
9335 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
9336 ssid->auth_failures, dur, reason);
9337
9338 char *format_str = "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s";
9339 int msg_len = snprintf(NULL, 0, format_str,
9340 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
9341 ssid->auth_failures, dur, reason) + 1;
9342 char *msg = os_malloc(msg_len);
9343 if (!msg)
9344 return;
9345 snprintf(msg, msg_len, format_str,
9346 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
9347 ssid->auth_failures, dur, reason);
9348 wpas_notify_ssid_temp_disabled(wpa_s, msg);
9349 os_free(msg);
9350
9351 if (bssid)
9352 os_memcpy(ssid->disabled_due_to, bssid, ETH_ALEN);
9353 }
9354
9355
9356 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
9357 struct wpa_ssid *ssid, int clear_failures)
9358 {
9359 if (ssid == NULL)
9360 return;
9361
9362 if (ssid->disabled_until.sec) {
9363 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
9364 "id=%d ssid=\"%s\"",
9365 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
9366 }
9367 ssid->disabled_until.sec = 0;
9368 ssid->disabled_until.usec = 0;
9369 if (clear_failures) {
9370 ssid->auth_failures = 0;
9371 } else if (!is_zero_ether_addr(ssid->disabled_due_to)) {
9372 wpa_printf(MSG_DEBUG, "Mark BSSID " MACSTR
9373 " ignored to allow a lower priority BSS, if any, to be tried next",
9374 MAC2STR(ssid->disabled_due_to));
9375 wpa_bssid_ignore_add(wpa_s, ssid->disabled_due_to);
9376 os_memset(ssid->disabled_due_to, 0, ETH_ALEN);
9377 }
9378 }
9379
9380
9381 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
9382 {
9383 size_t i;
9384
9385 if (wpa_s->disallow_aps_bssid == NULL)
9386 return 0;
9387
9388 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
9389 if (ether_addr_equal(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
9390 bssid))
9391 return 1;
9392 }
9393
9394 return 0;
9395 }
9396
9397
9398 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
9399 size_t ssid_len)
9400 {
9401 size_t i;
9402
9403 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
9404 return 0;
9405
9406 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
9407 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
9408 if (ssid_len == s->ssid_len &&
9409 os_memcmp(ssid, s->ssid, ssid_len) == 0)
9410 return 1;
9411 }
9412
9413 return 0;
9414 }
9415
9416
9417 /**
9418 * wpas_request_connection - Request a new connection
9419 * @wpa_s: Pointer to the network interface
9420 *
9421 * This function is used to request a new connection to be found. It will mark
9422 * the interface to allow reassociation and request a new scan to find a
9423 * suitable network to connect to.
9424 */
9425 void wpas_request_connection(struct wpa_supplicant *wpa_s)
9426 {
9427 wpa_s->normal_scans = 0;
9428 wpa_s->scan_req = NORMAL_SCAN_REQ;
9429 wpa_supplicant_reinit_autoscan(wpa_s);
9430 wpa_s->disconnected = 0;
9431 wpa_s->reassociate = 1;
9432 wpa_s->last_owe_group = 0;
9433
9434 if (wpa_supplicant_fast_associate(wpa_s) != 1)
9435 wpa_supplicant_req_scan(wpa_s, 0, 0);
9436 else
9437 wpa_s->reattach = 0;
9438 }
9439
9440
9441 /**
9442 * wpas_request_disconnection - Request disconnection
9443 * @wpa_s: Pointer to the network interface
9444 *
9445 * This function is used to request disconnection from the currently connected
9446 * network. This will stop any ongoing scans and initiate deauthentication.
9447 */
9448 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
9449 {
9450 #ifdef CONFIG_SME
9451 wpa_s->sme.prev_bssid_set = 0;
9452 #endif /* CONFIG_SME */
9453 wpa_s->reassociate = 0;
9454 wpa_s->disconnected = 1;
9455 wpa_supplicant_cancel_sched_scan(wpa_s);
9456 wpa_supplicant_cancel_scan(wpa_s);
9457 wpas_abort_ongoing_scan(wpa_s);
9458 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
9459 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
9460 radio_remove_works(wpa_s, "connect", 0);
9461 radio_remove_works(wpa_s, "sme-connect", 0);
9462 wpa_s->roam_in_progress = false;
9463 #ifdef CONFIG_WNM
9464 wpa_s->bss_trans_mgmt_in_progress = false;
9465 #endif /* CONFIG_WNM */
9466 }
9467
9468
9469 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
9470 struct wpa_used_freq_data *freqs_data,
9471 unsigned int len)
9472 {
9473 unsigned int i;
9474
9475 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
9476 len, title);
9477 for (i = 0; i < len; i++) {
9478 struct wpa_used_freq_data *cur = &freqs_data[i];
9479 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
9480 i, cur->freq, cur->flags);
9481 }
9482 }
9483
9484
9485 /*
9486 * Find the operating frequencies of any of the virtual interfaces that
9487 * are using the same radio as the current interface, and in addition, get
9488 * information about the interface types that are using the frequency.
9489 */
9490 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
9491 struct wpa_used_freq_data *freqs_data,
9492 unsigned int len, bool exclude_current)
9493 {
9494 struct wpa_supplicant *ifs;
9495 u8 bssid[ETH_ALEN];
9496 int freq;
9497 unsigned int idx = 0, i;
9498
9499 wpa_dbg(wpa_s, MSG_DEBUG,
9500 "Determining shared radio frequencies (max len %u)", len);
9501 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
9502
9503 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
9504 radio_list) {
9505 if (idx == len)
9506 break;
9507
9508 if (exclude_current && ifs == wpa_s)
9509 continue;
9510
9511 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
9512 continue;
9513
9514 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
9515 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
9516 ifs->current_ssid->mode == WPAS_MODE_MESH)
9517 freq = ifs->current_ssid->frequency;
9518 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
9519 freq = ifs->assoc_freq;
9520 else
9521 continue;
9522
9523 /* Hold only distinct freqs */
9524 for (i = 0; i < idx; i++)
9525 if (freqs_data[i].freq == freq)
9526 break;
9527
9528 if (i == idx)
9529 freqs_data[idx++].freq = freq;
9530
9531 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
9532 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
9533 WPA_FREQ_USED_BY_P2P_CLIENT :
9534 WPA_FREQ_USED_BY_INFRA_STATION;
9535 }
9536 }
9537
9538 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
9539 return idx;
9540 }
9541
9542
9543 /*
9544 * Find the operating frequencies of any of the virtual interfaces that
9545 * are using the same radio as the current interface.
9546 */
9547 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
9548 int *freq_array, unsigned int len,
9549 bool exclude_current)
9550 {
9551 struct wpa_used_freq_data *freqs_data;
9552 int num, i;
9553
9554 os_memset(freq_array, 0, sizeof(int) * len);
9555
9556 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
9557 if (!freqs_data)
9558 return -1;
9559
9560 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len,
9561 exclude_current);
9562 for (i = 0; i < num; i++)
9563 freq_array[i] = freqs_data[i].freq;
9564
9565 os_free(freqs_data);
9566
9567 return num;
9568 }
9569
9570
9571 struct wpa_supplicant *
9572 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
9573 {
9574 switch (frame) {
9575 #ifdef CONFIG_P2P
9576 case VENDOR_ELEM_PROBE_REQ_P2P:
9577 case VENDOR_ELEM_PROBE_RESP_P2P:
9578 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
9579 case VENDOR_ELEM_BEACON_P2P_GO:
9580 case VENDOR_ELEM_P2P_PD_REQ:
9581 case VENDOR_ELEM_P2P_PD_RESP:
9582 case VENDOR_ELEM_P2P_GO_NEG_REQ:
9583 case VENDOR_ELEM_P2P_GO_NEG_RESP:
9584 case VENDOR_ELEM_P2P_GO_NEG_CONF:
9585 case VENDOR_ELEM_P2P_INV_REQ:
9586 case VENDOR_ELEM_P2P_INV_RESP:
9587 case VENDOR_ELEM_P2P_ASSOC_REQ:
9588 case VENDOR_ELEM_P2P_ASSOC_RESP:
9589 return wpa_s->p2pdev;
9590 #endif /* CONFIG_P2P */
9591 default:
9592 return wpa_s;
9593 }
9594 }
9595
9596
9597 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
9598 {
9599 unsigned int i;
9600 char buf[30];
9601
9602 wpa_printf(MSG_DEBUG, "Update vendor elements");
9603
9604 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
9605 if (wpa_s->vendor_elem[i]) {
9606 int res;
9607
9608 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
9609 if (!os_snprintf_error(sizeof(buf), res)) {
9610 wpa_hexdump_buf(MSG_DEBUG, buf,
9611 wpa_s->vendor_elem[i]);
9612 }
9613 }
9614 }
9615
9616 #ifdef CONFIG_P2P
9617 if ((wpa_s->parent == wpa_s || (wpa_s == wpa_s->p2pdev && wpa_s->p2p_mgmt)) &&
9618 wpa_s->global->p2p &&
9619 !wpa_s->global->p2p_disabled)
9620 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
9621 #endif /* CONFIG_P2P */
9622 }
9623
9624
9625 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
9626 const u8 *elem, size_t len)
9627 {
9628 u8 *ie, *end;
9629
9630 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
9631 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
9632
9633 for (; ie + 1 < end; ie += 2 + ie[1]) {
9634 if (ie + len > end)
9635 break;
9636 if (os_memcmp(ie, elem, len) != 0)
9637 continue;
9638
9639 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
9640 wpabuf_free(wpa_s->vendor_elem[frame]);
9641 wpa_s->vendor_elem[frame] = NULL;
9642 } else {
9643 os_memmove(ie, ie + len, end - (ie + len));
9644 wpa_s->vendor_elem[frame]->used -= len;
9645 }
9646 wpas_vendor_elem_update(wpa_s);
9647 return 0;
9648 }
9649
9650 return -1;
9651 }
9652
9653
9654 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
9655 u16 num_modes, enum hostapd_hw_mode mode,
9656 bool is_6ghz)
9657 {
9658 u16 i;
9659
9660 if (!modes)
9661 return NULL;
9662
9663 for (i = 0; i < num_modes; i++) {
9664 if (modes[i].mode != mode ||
9665 !modes[i].num_channels || !modes[i].channels)
9666 continue;
9667 if (is_6ghz == modes[i].is_6ghz)
9668 return &modes[i];
9669 }
9670
9671 return NULL;
9672 }
9673
9674
9675 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes,
9676 u16 num_modes, int freq)
9677 {
9678 int i, j;
9679
9680 for (i = 0; i < num_modes; i++) {
9681 for (j = 0; j < modes[i].num_channels; j++) {
9682 if (freq == modes[i].channels[j].freq)
9683 return &modes[i];
9684 }
9685 }
9686
9687 return NULL;
9688 }
9689
9690
9691 static struct
9692 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
9693 const u8 *bssid)
9694 {
9695 struct wpa_bss_tmp_disallowed *bss;
9696
9697 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
9698 struct wpa_bss_tmp_disallowed, list) {
9699 if (ether_addr_equal(bssid, bss->bssid))
9700 return bss;
9701 }
9702
9703 return NULL;
9704 }
9705
9706
9707 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
9708 {
9709 struct wpa_bss_tmp_disallowed *tmp;
9710 unsigned int num_bssid = 0;
9711 u8 *bssids;
9712 int ret;
9713
9714 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
9715 if (!bssids)
9716 return -1;
9717 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
9718 struct wpa_bss_tmp_disallowed, list) {
9719 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
9720 ETH_ALEN);
9721 num_bssid++;
9722 }
9723 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids);
9724 os_free(bssids);
9725 return ret;
9726 }
9727
9728
9729 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
9730 {
9731 struct wpa_supplicant *wpa_s = eloop_ctx;
9732 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
9733
9734 /* Make sure the bss is not already freed */
9735 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
9736 struct wpa_bss_tmp_disallowed, list) {
9737 if (bss == tmp) {
9738 remove_bss_tmp_disallowed_entry(wpa_s, tmp);
9739 wpa_set_driver_tmp_disallow_list(wpa_s);
9740 break;
9741 }
9742 }
9743 }
9744
9745
9746 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
9747 unsigned int sec, int rssi_threshold)
9748 {
9749 struct wpa_bss_tmp_disallowed *bss;
9750
9751 bss = wpas_get_disallowed_bss(wpa_s, bssid);
9752 if (bss) {
9753 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
9754 goto finish;
9755 }
9756
9757 bss = os_malloc(sizeof(*bss));
9758 if (!bss) {
9759 wpa_printf(MSG_DEBUG,
9760 "Failed to allocate memory for temp disallow BSS");
9761 return;
9762 }
9763
9764 os_memcpy(bss->bssid, bssid, ETH_ALEN);
9765 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
9766 wpa_set_driver_tmp_disallow_list(wpa_s);
9767
9768 finish:
9769 bss->rssi_threshold = rssi_threshold;
9770 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
9771 wpa_s, bss);
9772 }
9773
9774
9775 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
9776 struct wpa_bss *bss)
9777 {
9778 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
9779
9780 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
9781 struct wpa_bss_tmp_disallowed, list) {
9782 if (ether_addr_equal(bss->bssid, tmp->bssid)) {
9783 disallowed = tmp;
9784 break;
9785 }
9786 }
9787 if (!disallowed)
9788 return 0;
9789
9790 if (disallowed->rssi_threshold != 0 &&
9791 bss->level > disallowed->rssi_threshold) {
9792 remove_bss_tmp_disallowed_entry(wpa_s, disallowed);
9793 wpa_set_driver_tmp_disallow_list(wpa_s);
9794 return 0;
9795 }
9796
9797 return 1;
9798 }
9799
9800
9801 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
9802 unsigned int type, const u8 *addr,
9803 const u8 *mask)
9804 {
9805 if ((addr && !mask) || (!addr && mask)) {
9806 wpa_printf(MSG_INFO,
9807 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
9808 return -1;
9809 }
9810
9811 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
9812 wpa_printf(MSG_INFO,
9813 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
9814 return -1;
9815 }
9816
9817 if (type & MAC_ADDR_RAND_SCAN) {
9818 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
9819 addr, mask))
9820 return -1;
9821 }
9822
9823 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
9824 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
9825 addr, mask))
9826 return -1;
9827
9828 if (wpa_s->sched_scanning && !wpa_s->pno)
9829 wpas_scan_restart_sched_scan(wpa_s);
9830 }
9831
9832 if (type & MAC_ADDR_RAND_PNO) {
9833 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
9834 addr, mask))
9835 return -1;
9836
9837 if (wpa_s->pno) {
9838 wpas_stop_pno(wpa_s);
9839 wpas_start_pno(wpa_s);
9840 }
9841 }
9842
9843 return 0;
9844 }
9845
9846
9847 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
9848 unsigned int type)
9849 {
9850 wpas_mac_addr_rand_scan_clear(wpa_s, type);
9851 if (wpa_s->pno) {
9852 if (type & MAC_ADDR_RAND_PNO) {
9853 wpas_stop_pno(wpa_s);
9854 wpas_start_pno(wpa_s);
9855 }
9856 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
9857 wpas_scan_restart_sched_scan(wpa_s);
9858 }
9859
9860 return 0;
9861 }
9862
9863
9864 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
9865 struct wpa_signal_info *si)
9866 {
9867 int res;
9868
9869 if (!wpa_s->driver->signal_poll)
9870 return -1;
9871
9872 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
9873
9874 #ifdef CONFIG_TESTING_OPTIONS
9875 if (res == 0) {
9876 struct driver_signal_override *dso;
9877
9878 dl_list_for_each(dso, &wpa_s->drv_signal_override,
9879 struct driver_signal_override, list) {
9880 if (!ether_addr_equal(wpa_s->bssid, dso->bssid))
9881 continue;
9882 wpa_printf(MSG_DEBUG,
9883 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
9884 si->data.signal,
9885 dso->si_current_signal,
9886 si->data.avg_signal,
9887 dso->si_avg_signal,
9888 si->data.avg_beacon_signal,
9889 dso->si_avg_beacon_signal,
9890 si->current_noise,
9891 dso->si_current_noise);
9892 si->data.signal = dso->si_current_signal;
9893 si->data.avg_signal = dso->si_avg_signal;
9894 si->data.avg_beacon_signal = dso->si_avg_beacon_signal;
9895 si->current_noise = dso->si_current_noise;
9896 break;
9897 }
9898 }
9899 #endif /* CONFIG_TESTING_OPTIONS */
9900
9901 return res;
9902 }
9903
9904
9905 struct wpa_scan_results *
9906 wpa_drv_get_scan_results(struct wpa_supplicant *wpa_s, const u8 *bssid)
9907 {
9908 struct wpa_scan_results *scan_res;
9909 #ifdef CONFIG_TESTING_OPTIONS
9910 size_t idx;
9911 #endif /* CONFIG_TESTING_OPTIONS */
9912
9913 if (wpa_s->driver->get_scan_results)
9914 scan_res = wpa_s->driver->get_scan_results(wpa_s->drv_priv,
9915 bssid);
9916 else if (wpa_s->driver->get_scan_results2)
9917 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
9918 else
9919 return NULL;
9920
9921
9922 #ifdef CONFIG_TESTING_OPTIONS
9923 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
9924 struct driver_signal_override *dso;
9925 struct wpa_scan_res *res = scan_res->res[idx];
9926
9927 dl_list_for_each(dso, &wpa_s->drv_signal_override,
9928 struct driver_signal_override, list) {
9929 if (!ether_addr_equal(res->bssid, dso->bssid))
9930 continue;
9931 wpa_printf(MSG_DEBUG,
9932 "Override driver scan signal level %d->%d for "
9933 MACSTR,
9934 res->level, dso->scan_level,
9935 MAC2STR(res->bssid));
9936 res->flags |= WPA_SCAN_QUAL_INVALID;
9937 if (dso->scan_level < 0)
9938 res->flags |= WPA_SCAN_LEVEL_DBM;
9939 else
9940 res->flags &= ~WPA_SCAN_LEVEL_DBM;
9941 res->level = dso->scan_level;
9942 break;
9943 }
9944 }
9945 #endif /* CONFIG_TESTING_OPTIONS */
9946
9947 return scan_res;
9948 }
9949
9950
9951 bool wpas_ap_link_address(struct wpa_supplicant *wpa_s, const u8 *addr)
9952 {
9953 int i;
9954
9955 if (!wpa_s->valid_links)
9956 return false;
9957
9958 for_each_link(wpa_s->valid_links, i) {
9959 if (ether_addr_equal(wpa_s->links[i].bssid, addr))
9960 return true;
9961 }
9962
9963 return false;
9964 }
9965
9966
9967 int wpa_drv_send_action(struct wpa_supplicant *wpa_s, unsigned int freq,
9968 unsigned int wait, const u8 *dst, const u8 *src,
9969 const u8 *bssid, const u8 *data, size_t data_len,
9970 int no_cck)
9971 {
9972 if (!wpa_s->driver->send_action)
9973 return -1;
9974
9975 if (data_len > 0 && data[0] != WLAN_ACTION_PUBLIC) {
9976 if (wpas_ap_link_address(wpa_s, dst))
9977 dst = wpa_s->ap_mld_addr;
9978
9979 if (wpas_ap_link_address(wpa_s, bssid))
9980 bssid = wpa_s->ap_mld_addr;
9981 }
9982
9983 return wpa_s->driver->send_action(wpa_s->drv_priv, freq, wait, dst, src,
9984 bssid, data, data_len, no_cck, -1);
9985 }
9986
9987
9988 bool wpas_is_6ghz_supported(struct wpa_supplicant *wpa_s, bool only_enabled)
9989 {
9990 struct hostapd_channel_data *chnl;
9991 int i, j;
9992
9993 for (i = 0; i < wpa_s->hw.num_modes; i++) {
9994 if (wpa_s->hw.modes[i].mode == HOSTAPD_MODE_IEEE80211A) {
9995 chnl = wpa_s->hw.modes[i].channels;
9996 for (j = 0; j < wpa_s->hw.modes[i].num_channels; j++) {
9997 if (only_enabled &&
9998 (chnl[j].flag & HOSTAPD_CHAN_DISABLED))
9999 continue;
10000 if (is_6ghz_freq(chnl[j].freq))
10001 return true;
10002 }
10003 }
10004 }
10005
10006 return false;
10007 }
10008
10009
10010 bool wpas_ap_supports_rsn_overriding(struct wpa_supplicant *wpa_s,
10011 struct wpa_bss *bss)
10012 {
10013 int i;
10014
10015 if (!bss)
10016 return false;
10017 if (wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_IE_VENDOR_TYPE) ||
10018 wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
10019 return true;
10020
10021 if (!wpa_s->valid_links)
10022 return false;
10023
10024 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
10025 if (!(wpa_s->valid_links & BIT(i)))
10026 continue;
10027 if (wpa_s->links[i].bss &&
10028 (wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
10029 RSNE_OVERRIDE_IE_VENDOR_TYPE) ||
10030 wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
10031 RSNE_OVERRIDE_2_IE_VENDOR_TYPE)))
10032 return true;
10033 }
10034
10035 return false;
10036 }
10037
10038
10039 bool wpas_ap_supports_rsn_overriding_2(struct wpa_supplicant *wpa_s,
10040 struct wpa_bss *bss)
10041 {
10042 int i;
10043
10044 if (!bss)
10045 return false;
10046 if (wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
10047 return true;
10048
10049 if (!wpa_s->valid_links)
10050 return false;
10051
10052 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
10053 if (!(wpa_s->valid_links & BIT(i)))
10054 continue;
10055 if (wpa_s->links[i].bss &&
10056 wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
10057 RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
10058 return true;
10059 }
10060
10061 return false;
10062 }
10063
10064
10065 int wpas_get_owe_trans_network(const u8 *owe_ie, const u8 **bssid,
10066 const u8 **ssid, size_t *ssid_len)
10067 {
10068 #ifdef CONFIG_OWE
10069 const u8 *pos, *end;
10070 u8 ssid_len_tmp;
10071
10072 if (!owe_ie)
10073 return -1;
10074
10075 pos = owe_ie + 6;
10076 end = owe_ie + 2 + owe_ie[1];
10077
10078 if (end - pos < ETH_ALEN + 1)
10079 return -1;
10080 *bssid = pos;
10081 pos += ETH_ALEN;
10082 ssid_len_tmp = *pos++;
10083 if (end - pos < ssid_len_tmp || ssid_len_tmp > SSID_MAX_LEN)
10084 return -1;
10085
10086 *ssid = pos;
10087 *ssid_len = ssid_len_tmp;
10088
10089 return 0;
10090 #else /* CONFIG_OWE */
10091 return -1;
10092 #endif /* CONFIG_OWE */
10093 }
10094