1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
17 */
18
19 #include "includes.h"
20
21 #include "common.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "wpa.h"
25 #include "eloop.h"
26 #include "drivers/driver.h"
27 #include "config.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
30 #include "ctrl_iface.h"
31 #include "ctrl_iface_dbus.h"
32 #include "pcsc_funcs.h"
33 #include "version.h"
34 #include "preauth.h"
35 #include "pmksa_cache.h"
36 #include "wpa_ctrl.h"
37 #include "mlme.h"
38 #include "ieee802_11_defs.h"
39 #include "blacklist.h"
40 #include "wpas_glue.h"
41 #include "wps_supplicant.h"
42
43 const char *wpa_supplicant_version =
44 "wpa_supplicant v" VERSION_STR "\n"
45 "Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors";
46
47 const char *wpa_supplicant_license =
48 "This program is free software. You can distribute it and/or modify it\n"
49 "under the terms of the GNU General Public License version 2.\n"
50 "\n"
51 "Alternatively, this software may be distributed under the terms of the\n"
52 "BSD license. See README and COPYING for more details.\n"
53 #ifdef EAP_TLS_OPENSSL
54 "\nThis product includes software developed by the OpenSSL Project\n"
55 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
56 #endif /* EAP_TLS_OPENSSL */
57 ;
58
59 #ifndef CONFIG_NO_STDOUT_DEBUG
60 /* Long text divided into parts in order to fit in C89 strings size limits. */
61 const char *wpa_supplicant_full_license1 =
62 "This program is free software; you can redistribute it and/or modify\n"
63 "it under the terms of the GNU General Public License version 2 as\n"
64 "published by the Free Software Foundation.\n"
65 "\n"
66 "This program is distributed in the hope that it will be useful,\n"
67 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
68 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
69 "GNU General Public License for more details.\n"
70 "\n";
71 const char *wpa_supplicant_full_license2 =
72 "You should have received a copy of the GNU General Public License\n"
73 "along with this program; if not, write to the Free Software\n"
74 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
75 "\n"
76 "Alternatively, this software may be distributed under the terms of the\n"
77 "BSD license.\n"
78 "\n"
79 "Redistribution and use in source and binary forms, with or without\n"
80 "modification, are permitted provided that the following conditions are\n"
81 "met:\n"
82 "\n";
83 const char *wpa_supplicant_full_license3 =
84 "1. Redistributions of source code must retain the above copyright\n"
85 " notice, this list of conditions and the following disclaimer.\n"
86 "\n"
87 "2. Redistributions in binary form must reproduce the above copyright\n"
88 " notice, this list of conditions and the following disclaimer in the\n"
89 " documentation and/or other materials provided with the distribution.\n"
90 "\n";
91 const char *wpa_supplicant_full_license4 =
92 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
93 " names of its contributors may be used to endorse or promote products\n"
94 " derived from this software without specific prior written permission.\n"
95 "\n"
96 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
97 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
98 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
99 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
100 const char *wpa_supplicant_full_license5 =
101 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
102 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
103 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
104 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
105 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
106 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
107 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
108 "\n";
109 #endif /* CONFIG_NO_STDOUT_DEBUG */
110
111 extern int wpa_debug_level;
112 extern int wpa_debug_show_keys;
113 extern int wpa_debug_timestamp;
114
115 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)116 static int wpa_set_wep_keys(struct wpa_supplicant *wpa_s,
117 struct wpa_ssid *ssid)
118 {
119 int i, set = 0;
120
121 for (i = 0; i < NUM_WEP_KEYS; i++) {
122 if (ssid->wep_key_len[i] == 0)
123 continue;
124
125 set = 1;
126 wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
127 (u8 *) "\xff\xff\xff\xff\xff\xff",
128 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0,
129 ssid->wep_key[i], ssid->wep_key_len[i]);
130 }
131
132 return set;
133 }
134
135
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)136 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
137 struct wpa_ssid *ssid)
138 {
139 u8 key[32];
140 size_t keylen;
141 wpa_alg alg;
142 u8 seq[6] = { 0 };
143
144 /* IBSS/WPA-None uses only one key (Group) for both receiving and
145 * sending unicast and multicast packets. */
146
147 if (ssid->mode != IEEE80211_MODE_IBSS) {
148 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
149 "for WPA-None", ssid->mode);
150 return -1;
151 }
152
153 if (!ssid->psk_set) {
154 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
155 return -1;
156 }
157
158 switch (wpa_s->group_cipher) {
159 case WPA_CIPHER_CCMP:
160 os_memcpy(key, ssid->psk, 16);
161 keylen = 16;
162 alg = WPA_ALG_CCMP;
163 break;
164 case WPA_CIPHER_TKIP:
165 /* WPA-None uses the same Michael MIC key for both TX and RX */
166 os_memcpy(key, ssid->psk, 16 + 8);
167 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
168 keylen = 32;
169 alg = WPA_ALG_TKIP;
170 break;
171 default:
172 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
173 "WPA-None", wpa_s->group_cipher);
174 return -1;
175 }
176
177 /* TODO: should actually remember the previously used seq#, both for TX
178 * and RX from each STA.. */
179
180 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
181 0, 1, seq, 6, key, keylen);
182 }
183
184
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)185 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
186 {
187 struct wpa_supplicant *wpa_s = eloop_ctx;
188 const u8 *bssid = wpa_s->bssid;
189 if (is_zero_ether_addr(bssid))
190 bssid = wpa_s->pending_bssid;
191 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
192 MAC2STR(bssid));
193 wpa_blacklist_add(wpa_s, bssid);
194 wpa_sm_notify_disassoc(wpa_s->wpa);
195 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
196 wpa_s->reassociate = 1;
197 wpa_supplicant_req_scan(wpa_s, 0, 0);
198 }
199
200
201 /**
202 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203 * @wpa_s: Pointer to wpa_supplicant data
204 * @sec: Number of seconds after which to time out authentication
205 * @usec: Number of microseconds after which to time out authentication
206 *
207 * This function is used to schedule a timeout for the current authentication
208 * attempt.
209 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
211 int sec, int usec)
212 {
213 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
214 wpa_s->driver && IS_WIRED(wpa_s->driver))
215 return;
216
217 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
218 "%d usec", sec, usec);
219 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
221 }
222
223
224 /**
225 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226 * @wpa_s: Pointer to wpa_supplicant data
227 *
228 * This function is used to cancel authentication timeout scheduled with
229 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
230 * been completed.
231 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
233 {
234 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
235 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236 wpa_blacklist_del(wpa_s, wpa_s->bssid);
237 }
238
239
240 /**
241 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242 * @wpa_s: Pointer to wpa_supplicant data
243 *
244 * This function is used to configure EAPOL state machine based on the selected
245 * authentication mode.
246 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
248 {
249 #ifdef IEEE8021X_EAPOL
250 struct eapol_config eapol_conf;
251 struct wpa_ssid *ssid = wpa_s->current_ssid;
252
253 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
254 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
255
256 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
257 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
258 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
259 else
260 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
261
262 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
263 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
264 eapol_conf.accept_802_1x_keys = 1;
265 eapol_conf.required_keys = 0;
266 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
267 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
268 }
269 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
270 eapol_conf.required_keys |=
271 EAPOL_REQUIRE_KEY_BROADCAST;
272 }
273
274 if (wpa_s->conf && wpa_s->driver && IS_WIRED(wpa_s->driver)) {
275 eapol_conf.required_keys = 0;
276 }
277 }
278 if (wpa_s->conf)
279 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
280 eapol_conf.workaround = ssid->eap_workaround;
281 eapol_conf.eap_disabled =
282 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
283 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
284 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
285 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
286 #endif /* IEEE8021X_EAPOL */
287 }
288
289
290 /**
291 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
292 * @wpa_s: Pointer to wpa_supplicant data
293 * @ssid: Configuration data for the network
294 *
295 * This function is used to configure WPA state machine and related parameters
296 * to a mode where WPA is not enabled. This is called as part of the
297 * authentication configuration when the selected network does not use WPA.
298 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)299 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
300 struct wpa_ssid *ssid)
301 {
302 int i;
303
304 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
305 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
306 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
307 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
308 else
309 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
310 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
311 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
312 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
313 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
314 wpa_s->group_cipher = WPA_CIPHER_NONE;
315 wpa_s->mgmt_group_cipher = 0;
316
317 for (i = 0; i < NUM_WEP_KEYS; i++) {
318 if (ssid->wep_key_len[i] > 5) {
319 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
320 wpa_s->group_cipher = WPA_CIPHER_WEP104;
321 break;
322 } else if (ssid->wep_key_len[i] > 0) {
323 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
324 wpa_s->group_cipher = WPA_CIPHER_WEP40;
325 break;
326 }
327 }
328
329 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
330 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
331 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
332 wpa_s->pairwise_cipher);
333 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
334 #ifdef CONFIG_IEEE80211W
335 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
336 wpa_s->mgmt_group_cipher);
337 #endif /* CONFIG_IEEE80211W */
338
339 pmksa_cache_clear_current(wpa_s->wpa);
340 }
341
342
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)343 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
344 {
345 scard_deinit(wpa_s->scard);
346 wpa_s->scard = NULL;
347 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
348 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
349 l2_packet_deinit(wpa_s->l2);
350 wpa_s->l2 = NULL;
351 if (wpa_s->l2_br) {
352 l2_packet_deinit(wpa_s->l2_br);
353 wpa_s->l2_br = NULL;
354 }
355
356 if (wpa_s->ctrl_iface) {
357 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
358 wpa_s->ctrl_iface = NULL;
359 }
360 if (wpa_s->conf != NULL) {
361 wpa_config_free(wpa_s->conf);
362 wpa_s->conf = NULL;
363 }
364
365 os_free(wpa_s->confname);
366 wpa_s->confname = NULL;
367
368 wpa_sm_set_eapol(wpa_s->wpa, NULL);
369 eapol_sm_deinit(wpa_s->eapol);
370 wpa_s->eapol = NULL;
371
372 rsn_preauth_deinit(wpa_s->wpa);
373
374 pmksa_candidate_free(wpa_s->wpa);
375 wpa_sm_deinit(wpa_s->wpa);
376 wpa_s->wpa = NULL;
377 wpa_blacklist_clear(wpa_s);
378
379 wpa_scan_results_free(wpa_s->scan_res);
380 wpa_s->scan_res = NULL;
381
382 wpa_supplicant_cancel_scan(wpa_s);
383 wpa_supplicant_cancel_auth_timeout(wpa_s);
384
385 ieee80211_sta_deinit(wpa_s);
386
387 wpas_wps_deinit(wpa_s);
388
389 wpabuf_free(wpa_s->pending_eapol_rx);
390 wpa_s->pending_eapol_rx = NULL;
391 }
392
393
394 /**
395 * wpa_clear_keys - Clear keys configured for the driver
396 * @wpa_s: Pointer to wpa_supplicant data
397 * @addr: Previously used BSSID or %NULL if not available
398 *
399 * This function clears the encryption keys that has been previously configured
400 * for the driver.
401 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)402 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
403 {
404 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
405
406 if (wpa_s->keys_cleared) {
407 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
408 * timing issues with keys being cleared just before new keys
409 * are set or just after association or something similar. This
410 * shows up in group key handshake failing often because of the
411 * client not receiving the first encrypted packets correctly.
412 * Skipping some of the extra key clearing steps seems to help
413 * in completing group key handshake more reliably. */
414 wpa_printf(MSG_DEBUG, "No keys have been configured - "
415 "skip key clearing");
416 return;
417 }
418
419 /* MLME-DELETEKEYS.request */
420 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
421 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
422 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
423 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
424 #ifdef CONFIG_IEEE80211W
425 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
426 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
427 #endif /* CONFIG_IEEE80211W */
428 if (addr) {
429 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
430 0);
431 /* MLME-SETPROTECTION.request(None) */
432 wpa_drv_mlme_setprotection(
433 wpa_s, addr,
434 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
435 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
436 }
437 wpa_s->keys_cleared = 1;
438 }
439
440
441 /**
442 * wpa_supplicant_state_txt - Get the connection state name as a text string
443 * @state: State (wpa_state; WPA_*)
444 * Returns: The state name as a printable text string
445 */
wpa_supplicant_state_txt(int state)446 const char * wpa_supplicant_state_txt(int state)
447 {
448 switch (state) {
449 case WPA_DISCONNECTED:
450 return "DISCONNECTED";
451 case WPA_INACTIVE:
452 return "INACTIVE";
453 case WPA_SCANNING:
454 return "SCANNING";
455 case WPA_ASSOCIATING:
456 return "ASSOCIATING";
457 case WPA_ASSOCIATED:
458 return "ASSOCIATED";
459 case WPA_4WAY_HANDSHAKE:
460 return "4WAY_HANDSHAKE";
461 case WPA_GROUP_HANDSHAKE:
462 return "GROUP_HANDSHAKE";
463 case WPA_COMPLETED:
464 return "COMPLETED";
465 default:
466 return "UNKNOWN";
467 }
468 }
469
470
471 /**
472 * wpa_supplicant_set_state - Set current connection state
473 * @wpa_s: Pointer to wpa_supplicant data
474 * @state: The new connection state
475 *
476 * This function is called whenever the connection state changes, e.g.,
477 * association is completed for WPA/WPA2 4-Way Handshake is started.
478 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,wpa_states state)479 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
480 {
481 #ifdef ANDROID
482 int network_id = -1;
483
484 if (wpa_s && wpa_s->current_ssid)
485 network_id = wpa_s->current_ssid->id;
486 #endif
487 wpa_printf(MSG_DEBUG, "State: %s -> %s",
488 wpa_supplicant_state_txt(wpa_s->wpa_state),
489 wpa_supplicant_state_txt(state));
490
491 if (state != WPA_SCANNING)
492 wpa_supplicant_notify_scanning(wpa_s, 0);
493
494 wpa_supplicant_dbus_notify_state_change(wpa_s, state,
495 wpa_s->wpa_state);
496 #ifdef ANDROID
497 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_STATE_CHANGE "id=%d state=%d BSSID=" MACSTR,
498 network_id, state, MAC2STR(wpa_s->pending_bssid));
499 #endif
500
501 if (state == WPA_COMPLETED && wpa_s->new_connection) {
502 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
503 struct wpa_ssid *ssid = wpa_s->current_ssid;
504 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
505 MACSTR " completed %s [id=%d id_str=%s]",
506 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
507 "(reauth)" : "(auth)",
508 ssid ? ssid->id : -1,
509 ssid && ssid->id_str ? ssid->id_str : "");
510 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
511 wpa_s->new_connection = 0;
512 wpa_s->reassociated_connection = 1;
513 wpa_drv_set_operstate(wpa_s, 1);
514 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
515 state == WPA_ASSOCIATED) {
516 wpa_s->new_connection = 1;
517 wpa_drv_set_operstate(wpa_s, 0);
518 }
519 wpa_s->wpa_state = state;
520 }
521
522
wpa_supplicant_terminate(int sig,void * eloop_ctx,void * signal_ctx)523 static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
524 void *signal_ctx)
525 {
526 struct wpa_global *global = eloop_ctx;
527 struct wpa_supplicant *wpa_s;
528 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
529 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
530 "received", sig);
531 }
532 eloop_terminate();
533 }
534
535
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)536 static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
537 {
538 wpa_s->pairwise_cipher = 0;
539 wpa_s->group_cipher = 0;
540 wpa_s->mgmt_group_cipher = 0;
541 wpa_s->key_mgmt = 0;
542 wpa_s->wpa_state = WPA_DISCONNECTED;
543 }
544
545
546 /**
547 * wpa_supplicant_reload_configuration - Reload configuration data
548 * @wpa_s: Pointer to wpa_supplicant data
549 * Returns: 0 on success or -1 if configuration parsing failed
550 *
551 * This function can be used to request that the configuration data is reloaded
552 * (e.g., after configuration file change). This function is reloading
553 * configuration only for one interface, so this may need to be called multiple
554 * times if %wpa_supplicant is controlling multiple interfaces and all
555 * interfaces need reconfiguration.
556 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)557 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
558 {
559 struct wpa_config *conf;
560 int reconf_ctrl;
561 if (wpa_s->confname == NULL)
562 return -1;
563 conf = wpa_config_read(wpa_s->confname);
564 if (conf == NULL) {
565 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
566 "file '%s' - exiting", wpa_s->confname);
567 return -1;
568 }
569
570 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
571 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
572 os_strcmp(conf->ctrl_interface,
573 wpa_s->conf->ctrl_interface) != 0);
574
575 if (reconf_ctrl && wpa_s->ctrl_iface) {
576 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
577 wpa_s->ctrl_iface = NULL;
578 }
579
580 eapol_sm_invalidate_cached_session(wpa_s->eapol);
581 wpa_s->current_ssid = NULL;
582 /*
583 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
584 * pkcs11_engine_path, pkcs11_module_path.
585 */
586 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
587 /*
588 * Clear forced success to clear EAP state for next
589 * authentication.
590 */
591 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
592 }
593 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
594 wpa_sm_set_config(wpa_s->wpa, NULL);
595 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
596 rsn_preauth_deinit(wpa_s->wpa);
597 wpa_config_free(wpa_s->conf);
598 wpa_s->conf = conf;
599 if (reconf_ctrl)
600 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
601
602 wpa_supplicant_clear_status(wpa_s);
603 wpa_s->reassociate = 1;
604 #ifdef ANDROID
605 wpa_supplicant_req_scan(wpa_s, 2, 0);
606 #else
607 wpa_supplicant_req_scan(wpa_s, 0, 0);
608 #endif
609 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
610 return 0;
611 }
612
613
wpa_supplicant_reconfig(int sig,void * eloop_ctx,void * signal_ctx)614 static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
615 void *signal_ctx)
616 {
617 struct wpa_global *global = eloop_ctx;
618 struct wpa_supplicant *wpa_s;
619 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
620 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
621 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
622 eloop_terminate();
623 }
624 }
625 }
626
627
cipher_suite2driver(int cipher)628 static wpa_cipher cipher_suite2driver(int cipher)
629 {
630 switch (cipher) {
631 case WPA_CIPHER_NONE:
632 return CIPHER_NONE;
633 case WPA_CIPHER_WEP40:
634 return CIPHER_WEP40;
635 case WPA_CIPHER_WEP104:
636 return CIPHER_WEP104;
637 case WPA_CIPHER_CCMP:
638 return CIPHER_CCMP;
639 case WPA_CIPHER_TKIP:
640 default:
641 return CIPHER_TKIP;
642 }
643 }
644
645
key_mgmt2driver(int key_mgmt)646 static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
647 {
648 switch (key_mgmt) {
649 case WPA_KEY_MGMT_NONE:
650 return KEY_MGMT_NONE;
651 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
652 return KEY_MGMT_802_1X_NO_WPA;
653 case WPA_KEY_MGMT_IEEE8021X:
654 return KEY_MGMT_802_1X;
655 case WPA_KEY_MGMT_WPA_NONE:
656 return KEY_MGMT_WPA_NONE;
657 case WPA_KEY_MGMT_FT_IEEE8021X:
658 return KEY_MGMT_FT_802_1X;
659 case WPA_KEY_MGMT_FT_PSK:
660 return KEY_MGMT_FT_PSK;
661 case WPA_KEY_MGMT_IEEE8021X_SHA256:
662 return KEY_MGMT_802_1X_SHA256;
663 case WPA_KEY_MGMT_PSK_SHA256:
664 return KEY_MGMT_PSK_SHA256;
665 case WPA_KEY_MGMT_WPS:
666 return KEY_MGMT_WPS;
667 case WPA_KEY_MGMT_PSK:
668 default:
669 return KEY_MGMT_PSK;
670 }
671 }
672
673
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)674 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
675 struct wpa_ssid *ssid,
676 struct wpa_ie_data *ie)
677 {
678 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
679 if (ret) {
680 if (ret == -2) {
681 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
682 "from association info");
683 }
684 return -1;
685 }
686
687 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
688 "suites");
689 if (!(ie->group_cipher & ssid->group_cipher)) {
690 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
691 "cipher 0x%x (mask 0x%x) - reject",
692 ie->group_cipher, ssid->group_cipher);
693 return -1;
694 }
695 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
696 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
697 "cipher 0x%x (mask 0x%x) - reject",
698 ie->pairwise_cipher, ssid->pairwise_cipher);
699 return -1;
700 }
701 if (!(ie->key_mgmt & ssid->key_mgmt)) {
702 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
703 "management 0x%x (mask 0x%x) - reject",
704 ie->key_mgmt, ssid->key_mgmt);
705 return -1;
706 }
707
708 #ifdef CONFIG_IEEE80211W
709 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
710 ssid->ieee80211w == IEEE80211W_REQUIRED) {
711 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
712 "that does not support management frame protection - "
713 "reject");
714 return -1;
715 }
716 #endif /* CONFIG_IEEE80211W */
717
718 return 0;
719 }
720
721
722 /**
723 * wpa_supplicant_set_suites - Set authentication and encryption parameters
724 * @wpa_s: Pointer to wpa_supplicant data
725 * @bss: Scan results for the selected BSS, or %NULL if not available
726 * @ssid: Configuration data for the selected network
727 * @wpa_ie: Buffer for the WPA/RSN IE
728 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
729 * used buffer length in case the functions returns success.
730 * Returns: 0 on success or -1 on failure
731 *
732 * This function is used to configure authentication and encryption parameters
733 * based on the network configuration and scan result for the selected BSS (if
734 * available).
735 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_scan_res * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len)736 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
737 struct wpa_scan_res *bss,
738 struct wpa_ssid *ssid,
739 u8 *wpa_ie, size_t *wpa_ie_len)
740 {
741 struct wpa_ie_data ie;
742 int sel, proto;
743 const u8 *bss_wpa, *bss_rsn;
744
745 if (bss) {
746 bss_wpa = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
747 bss_rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
748 } else
749 bss_wpa = bss_rsn = NULL;
750
751 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
752 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
753 (ie.group_cipher & ssid->group_cipher) &&
754 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
755 (ie.key_mgmt & ssid->key_mgmt)) {
756 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
757 proto = WPA_PROTO_RSN;
758 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
759 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
760 (ie.group_cipher & ssid->group_cipher) &&
761 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
762 (ie.key_mgmt & ssid->key_mgmt)) {
763 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
764 proto = WPA_PROTO_WPA;
765 } else if (bss) {
766 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
767 return -1;
768 } else {
769 if (ssid->proto & WPA_PROTO_RSN)
770 proto = WPA_PROTO_RSN;
771 else
772 proto = WPA_PROTO_WPA;
773 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
774 os_memset(&ie, 0, sizeof(ie));
775 ie.group_cipher = ssid->group_cipher;
776 ie.pairwise_cipher = ssid->pairwise_cipher;
777 ie.key_mgmt = ssid->key_mgmt;
778 #ifdef CONFIG_IEEE80211W
779 ie.mgmt_group_cipher =
780 ssid->ieee80211w != NO_IEEE80211W ?
781 WPA_CIPHER_AES_128_CMAC : 0;
782 #endif /* CONFIG_IEEE80211W */
783 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
784 "on configuration");
785 } else
786 proto = ie.proto;
787 }
788
789 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
790 "pairwise %d key_mgmt %d proto %d",
791 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
792 #ifdef CONFIG_IEEE80211W
793 if (ssid->ieee80211w) {
794 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
795 ie.mgmt_group_cipher);
796 }
797 #endif /* CONFIG_IEEE80211W */
798
799 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
800 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
801 !!(ssid->proto & WPA_PROTO_RSN));
802
803 if (bss || !wpa_s->ap_ies_from_associnfo) {
804 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
805 bss_wpa ? 2 + bss_wpa[1] : 0) ||
806 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
807 bss_rsn ? 2 + bss_rsn[1] : 0))
808 return -1;
809 }
810
811 sel = ie.group_cipher & ssid->group_cipher;
812 if (sel & WPA_CIPHER_CCMP) {
813 wpa_s->group_cipher = WPA_CIPHER_CCMP;
814 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
815 } else if (sel & WPA_CIPHER_TKIP) {
816 wpa_s->group_cipher = WPA_CIPHER_TKIP;
817 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
818 } else if (sel & WPA_CIPHER_WEP104) {
819 wpa_s->group_cipher = WPA_CIPHER_WEP104;
820 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
821 } else if (sel & WPA_CIPHER_WEP40) {
822 wpa_s->group_cipher = WPA_CIPHER_WEP40;
823 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
824 } else {
825 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
826 return -1;
827 }
828
829 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
830 if (sel & WPA_CIPHER_CCMP) {
831 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
832 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
833 } else if (sel & WPA_CIPHER_TKIP) {
834 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
835 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
836 } else if (sel & WPA_CIPHER_NONE) {
837 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
838 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
839 } else {
840 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
841 "cipher.");
842 return -1;
843 }
844
845 sel = ie.key_mgmt & ssid->key_mgmt;
846 if (0) {
847 #ifdef CONFIG_IEEE80211R
848 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
849 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
850 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
851 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
852 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
853 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
854 #endif /* CONFIG_IEEE80211R */
855 #ifdef CONFIG_IEEE80211W
856 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
857 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
858 wpa_msg(wpa_s, MSG_DEBUG,
859 "WPA: using KEY_MGMT 802.1X with SHA256");
860 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
861 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
862 wpa_msg(wpa_s, MSG_DEBUG,
863 "WPA: using KEY_MGMT PSK with SHA256");
864 #endif /* CONFIG_IEEE80211W */
865 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
866 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
867 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
868 } else if (sel & WPA_KEY_MGMT_PSK) {
869 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
870 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
871 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
872 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
873 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
874 } else {
875 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
876 "key management type.");
877 return -1;
878 }
879
880 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
881 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
882 wpa_s->pairwise_cipher);
883 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
884
885 #ifdef CONFIG_IEEE80211W
886 sel = ie.mgmt_group_cipher;
887 if (ssid->ieee80211w == NO_IEEE80211W ||
888 !(ie.capabilities & WPA_CAPABILITY_MFPC))
889 sel = 0;
890 if (sel & WPA_CIPHER_AES_128_CMAC) {
891 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
892 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
893 "AES-128-CMAC");
894 } else {
895 wpa_s->mgmt_group_cipher = 0;
896 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
897 }
898 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
899 wpa_s->mgmt_group_cipher);
900 #endif /* CONFIG_IEEE80211W */
901
902 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
903 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
904 return -1;
905 }
906
907 if (ssid->key_mgmt &
908 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
909 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
910 else
911 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
912
913 return 0;
914 }
915
916
917 /**
918 * wpa_supplicant_associate - Request association
919 * @wpa_s: Pointer to wpa_supplicant data
920 * @bss: Scan results for the selected BSS, or %NULL if not available
921 * @ssid: Configuration data for the selected network
922 *
923 * This function is used to request %wpa_supplicant to associate with a BSS.
924 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_scan_res * bss,struct wpa_ssid * ssid)925 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
926 struct wpa_scan_res *bss, struct wpa_ssid *ssid)
927 {
928 u8 wpa_ie[80];
929 size_t wpa_ie_len;
930 int use_crypt, ret, i;
931 int algs = AUTH_ALG_OPEN_SYSTEM;
932 wpa_cipher cipher_pairwise, cipher_group;
933 struct wpa_driver_associate_params params;
934 int wep_keys_set = 0;
935 struct wpa_driver_capa capa;
936 int assoc_failed = 0;
937
938 wpa_s->reassociate = 0;
939 if (bss) {
940 #ifdef CONFIG_IEEE80211R
941 const u8 *md = NULL;
942 #endif /* CONFIG_IEEE80211R */
943 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
944 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
945 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
946 ie ? wpa_ssid_txt(ie + 2, ie[1]) : "", bss->freq);
947 os_memset(wpa_s->bssid, 0, ETH_ALEN);
948 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
949 wpa_s->link_speed = wpa_scan_get_max_rate(bss) * 500000;
950 wpa_s->rssi = bss->level;
951 #ifdef CONFIG_IEEE80211R
952 ie = wpa_scan_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
953 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
954 md = ie + 2;
955 wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL);
956 if (md) {
957 /* Prepare for the next transition */
958 wpa_ft_prepare_auth_request(wpa_s->wpa);
959 }
960 #endif /* CONFIG_IEEE80211R */
961 #ifdef CONFIG_WPS
962 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
963 wpa_s->conf->ap_scan == 2 &&
964 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
965 /* Use ap_scan==1 style network selection to find the network
966 */
967 wpa_s->scan_req = 2;
968 wpa_s->reassociate = 1;
969 wpa_supplicant_req_scan(wpa_s, 0, 0);
970 return;
971 #endif /* CONFIG_WPS */
972 } else {
973 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
974 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
975 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
976 }
977 wpa_supplicant_cancel_scan(wpa_s);
978
979 /* Starting new association, so clear the possibly used WPA IE from the
980 * previous association. */
981 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
982
983 if (wpa_drv_set_mode(wpa_s, ssid->mode)) {
984 wpa_printf(MSG_WARNING, "Failed to set operating mode");
985 assoc_failed = 1;
986 }
987
988 #ifdef IEEE8021X_EAPOL
989 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
990 if (ssid->leap) {
991 if (ssid->non_leap == 0)
992 algs = AUTH_ALG_LEAP;
993 else
994 algs |= AUTH_ALG_LEAP;
995 }
996 }
997 #endif /* IEEE8021X_EAPOL */
998 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
999 if (ssid->auth_alg) {
1000 algs = 0;
1001 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
1002 algs |= AUTH_ALG_OPEN_SYSTEM;
1003 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
1004 algs |= AUTH_ALG_SHARED_KEY;
1005 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
1006 algs |= AUTH_ALG_LEAP;
1007 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
1008 algs);
1009 }
1010 wpa_drv_set_auth_alg(wpa_s, algs);
1011
1012 if (bss && (wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1013 wpa_scan_get_ie(bss, WLAN_EID_RSN)) &&
1014 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1015 WPA_KEY_MGMT_FT_IEEE8021X |
1016 WPA_KEY_MGMT_FT_PSK |
1017 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1018 WPA_KEY_MGMT_PSK_SHA256))) {
1019 int try_opportunistic;
1020 try_opportunistic = ssid->proactive_key_caching &&
1021 (ssid->proto & WPA_PROTO_RSN);
1022 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1023 wpa_s->current_ssid,
1024 try_opportunistic) == 0)
1025 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1026 wpa_ie_len = sizeof(wpa_ie);
1027 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1028 wpa_ie, &wpa_ie_len)) {
1029 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1030 "management and encryption suites");
1031 return;
1032 }
1033 } else if (ssid->key_mgmt &
1034 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1035 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
1036 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1037 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
1038 wpa_ie_len = sizeof(wpa_ie);
1039 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1040 wpa_ie, &wpa_ie_len)) {
1041 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1042 "management and encryption suites (no scan "
1043 "results)");
1044 return;
1045 }
1046 #ifdef CONFIG_WPS
1047 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1048 struct wpabuf *wps_ie;
1049 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1050 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1051 wpa_ie_len = wpabuf_len(wps_ie);
1052 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1053 } else
1054 wpa_ie_len = 0;
1055 wpabuf_free(wps_ie);
1056 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1057 #endif /* CONFIG_WPS */
1058 } else {
1059 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1060 wpa_ie_len = 0;
1061 }
1062
1063 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1064 use_crypt = 1;
1065 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1066 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1067 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1068 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1069 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1070 use_crypt = 0;
1071 if (wpa_set_wep_keys(wpa_s, ssid)) {
1072 use_crypt = 1;
1073 wep_keys_set = 1;
1074 }
1075 }
1076 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1077 use_crypt = 0;
1078
1079 #ifdef IEEE8021X_EAPOL
1080 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1081 if ((ssid->eapol_flags &
1082 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1083 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1084 !wep_keys_set) {
1085 use_crypt = 0;
1086 } else {
1087 /* Assume that dynamic WEP-104 keys will be used and
1088 * set cipher suites in order for drivers to expect
1089 * encryption. */
1090 cipher_pairwise = cipher_group = CIPHER_WEP104;
1091 }
1092 }
1093 #endif /* IEEE8021X_EAPOL */
1094
1095 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1096 /* Set the key before (and later after) association */
1097 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1098 }
1099
1100 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
1101 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1102 os_memset(¶ms, 0, sizeof(params));
1103 if (bss) {
1104 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
1105 params.bssid = bss->bssid;
1106 params.ssid = ie ? ie + 2 : (u8 *) "";
1107 params.ssid_len = ie ? ie[1] : 0;
1108 params.freq = bss->freq;
1109 } else {
1110 params.ssid = ssid->ssid;
1111 params.ssid_len = ssid->ssid_len;
1112 }
1113 if (ssid->mode == 1 && ssid->frequency > 0 && params.freq == 0)
1114 params.freq = ssid->frequency; /* Initial channel for IBSS */
1115 params.wpa_ie = wpa_ie;
1116 params.wpa_ie_len = wpa_ie_len;
1117 params.pairwise_suite = cipher_pairwise;
1118 params.group_suite = cipher_group;
1119 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1120 params.auth_alg = algs;
1121 params.mode = ssid->mode;
1122 for (i = 0; i < NUM_WEP_KEYS; i++) {
1123 if (ssid->wep_key_len[i])
1124 params.wep_key[i] = ssid->wep_key[i];
1125 params.wep_key_len[i] = ssid->wep_key_len[i];
1126 }
1127 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1128
1129 if (wpa_s->driver_4way_handshake &&
1130 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1131 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1132 params.passphrase = ssid->passphrase;
1133 if (ssid->psk_set)
1134 params.psk = ssid->psk;
1135 }
1136
1137 #ifdef CONFIG_IEEE80211W
1138 switch (ssid->ieee80211w) {
1139 case NO_IEEE80211W:
1140 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
1141 break;
1142 case IEEE80211W_OPTIONAL:
1143 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_OPTIONAL;
1144 break;
1145 case IEEE80211W_REQUIRED:
1146 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED;
1147 break;
1148 }
1149 if (ssid->ieee80211w != NO_IEEE80211W && bss) {
1150 const u8 *rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
1151 struct wpa_ie_data ie;
1152 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1153 ie.capabilities &
1154 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1155 wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: "
1156 "require MFP");
1157 params.mgmt_frame_protection =
1158 MGMT_FRAME_PROTECTION_REQUIRED;
1159 }
1160 }
1161 #endif /* CONFIG_IEEE80211W */
1162
1163 if (wpa_s->use_client_mlme)
1164 ret = ieee80211_sta_associate(wpa_s, ¶ms);
1165 else
1166 ret = wpa_drv_associate(wpa_s, ¶ms);
1167 if (ret < 0) {
1168 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1169 "failed");
1170 /* try to continue anyway; new association will be tried again
1171 * after timeout */
1172 assoc_failed = 1;
1173 }
1174
1175 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1176 /* Set the key after the association just in case association
1177 * cleared the previously configured key. */
1178 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1179 /* No need to timeout authentication since there is no key
1180 * management. */
1181 wpa_supplicant_cancel_auth_timeout(wpa_s);
1182 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1183 } else {
1184 /* Timeout for IEEE 802.11 authentication and association */
1185 int timeout = 60;
1186
1187 if (assoc_failed) {
1188 /* give IBSS a bit more time */
1189 timeout = ssid->mode ? 10 : 5;
1190 } else if (wpa_s->conf->ap_scan == 1) {
1191 /* give IBSS a bit more time */
1192 timeout = ssid->mode ? 20 : 10;
1193 }
1194 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1195 }
1196
1197 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1198 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1199 /* Set static WEP keys again */
1200 wpa_set_wep_keys(wpa_s, ssid);
1201 }
1202
1203 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1204 /*
1205 * Do not allow EAP session resumption between different
1206 * network configurations.
1207 */
1208 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1209 }
1210 wpa_s->current_ssid = ssid;
1211 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1212 wpa_supplicant_initiate_eapol(wpa_s);
1213 }
1214
1215
1216 /**
1217 * wpa_supplicant_disassociate - Disassociate the current connection
1218 * @wpa_s: Pointer to wpa_supplicant data
1219 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1220 *
1221 * This function is used to request %wpa_supplicant to disassociate with the
1222 * current AP.
1223 */
wpa_supplicant_disassociate(struct wpa_supplicant * wpa_s,int reason_code)1224 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1225 int reason_code)
1226 {
1227 u8 *addr = NULL;
1228 if (!is_zero_ether_addr(wpa_s->bssid)) {
1229 if (wpa_s->use_client_mlme)
1230 ieee80211_sta_disassociate(wpa_s, reason_code);
1231 else
1232 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1233 addr = wpa_s->bssid;
1234 }
1235 wpa_clear_keys(wpa_s, addr);
1236 wpa_supplicant_mark_disassoc(wpa_s);
1237 wpa_s->current_ssid = NULL;
1238 wpa_sm_set_config(wpa_s->wpa, NULL);
1239 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1240 }
1241
1242
1243 /**
1244 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1245 * @wpa_s: Pointer to wpa_supplicant data
1246 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1247 *
1248 * This function is used to request %wpa_supplicant to deauthenticate from the
1249 * current AP.
1250 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,int reason_code)1251 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1252 int reason_code)
1253 {
1254 u8 *addr = NULL;
1255 if (!is_zero_ether_addr(wpa_s->bssid)) {
1256 if (wpa_s->use_client_mlme)
1257 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1258 else
1259 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1260 reason_code);
1261 addr = wpa_s->bssid;
1262 }
1263 wpa_clear_keys(wpa_s, addr);
1264 wpa_supplicant_mark_disassoc(wpa_s);
1265 wpa_s->current_ssid = NULL;
1266 wpa_sm_set_config(wpa_s->wpa, NULL);
1267 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1268 }
1269
1270
wpa_supplicant_get_scan_results_old(struct wpa_supplicant * wpa_s)1271 static int wpa_supplicant_get_scan_results_old(struct wpa_supplicant *wpa_s)
1272 {
1273 #define SCAN_AP_LIMIT 128
1274 struct wpa_scan_result *results;
1275 int num, i;
1276 struct wpa_scan_results *res;
1277
1278 results = os_malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
1279 if (results == NULL) {
1280 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
1281 "results");
1282 return -1;
1283 }
1284
1285 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
1286 wpa_printf(MSG_DEBUG, "Scan results: %d", num);
1287 if (num < 0) {
1288 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1289 os_free(results);
1290 return -1;
1291 }
1292 if (num > SCAN_AP_LIMIT) {
1293 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
1294 num, SCAN_AP_LIMIT);
1295 num = SCAN_AP_LIMIT;
1296 }
1297
1298 wpa_scan_results_free(wpa_s->scan_res);
1299 wpa_s->scan_res = NULL;
1300
1301 /* Convert old scan result data structure to the new one */
1302 res = os_zalloc(sizeof(*res));
1303 if (res == NULL) {
1304 os_free(results);
1305 return -1;
1306 }
1307 res->res = os_zalloc(num * sizeof(struct wpa_scan_res *));
1308 if (res->res == NULL) {
1309 os_free(results);
1310 os_free(res);
1311 return -1;
1312 }
1313
1314 for (i = 0; i < num; i++) {
1315 struct wpa_scan_result *bss = &results[i];
1316 struct wpa_scan_res *r;
1317 size_t ie_len;
1318 u8 *pos;
1319
1320 ie_len = 2 + bss->ssid_len + bss->rsn_ie_len + bss->wpa_ie_len;
1321 if (bss->maxrate)
1322 ie_len += 3;
1323 if (bss->mdie_present)
1324 ie_len += 5;
1325
1326 r = os_zalloc(sizeof(*r) + ie_len);
1327 if (r == NULL)
1328 break;
1329
1330 os_memcpy(r->bssid, bss->bssid, ETH_ALEN);
1331 r->freq = bss->freq;
1332 r->caps = bss->caps;
1333 r->qual = bss->qual;
1334 r->noise = bss->noise;
1335 r->level = bss->level;
1336 r->tsf = bss->tsf;
1337 r->ie_len = ie_len;
1338
1339 pos = (u8 *) (r + 1);
1340
1341 /* SSID IE */
1342 *pos++ = WLAN_EID_SSID;
1343 *pos++ = bss->ssid_len;
1344 os_memcpy(pos, bss->ssid, bss->ssid_len);
1345 pos += bss->ssid_len;
1346
1347 if (bss->maxrate) {
1348 /* Fake Supported Rate IE to include max rate */
1349 *pos++ = WLAN_EID_SUPP_RATES;
1350 *pos++ = 1;
1351 *pos++ = bss->maxrate;
1352 }
1353
1354 if (bss->rsn_ie_len) {
1355 os_memcpy(pos, bss->rsn_ie, bss->rsn_ie_len);
1356 pos += bss->rsn_ie_len;
1357 }
1358
1359 if (bss->mdie_present) {
1360 os_memcpy(pos, bss->mdie, 5);
1361 pos += 5;
1362 }
1363
1364 if (bss->wpa_ie_len) {
1365 os_memcpy(pos, bss->wpa_ie, bss->wpa_ie_len);
1366 pos += bss->wpa_ie_len;
1367 }
1368
1369 res->res[res->num++] = r;
1370 }
1371
1372 os_free(results);
1373 wpa_s->scan_res = res;
1374
1375 return 0;
1376 }
1377
1378
1379 /**
1380 * wpa_supplicant_get_scan_results - Get scan results
1381 * @wpa_s: Pointer to wpa_supplicant data
1382 * Returns: 0 on success, -1 on failure
1383 *
1384 * This function is request the current scan results from the driver and stores
1385 * a local copy of the results in wpa_s->scan_res.
1386 */
wpa_supplicant_get_scan_results(struct wpa_supplicant * wpa_s)1387 int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
1388 {
1389 int ret;
1390
1391 if (wpa_s->use_client_mlme) {
1392 wpa_scan_results_free(wpa_s->scan_res);
1393 wpa_s->scan_res = ieee80211_sta_get_scan_results(wpa_s);
1394 if (wpa_s->scan_res == NULL) {
1395 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1396 ret = -1;
1397 } else
1398 ret = 0;
1399 } else if (wpa_s->driver->get_scan_results2 == NULL)
1400 ret = wpa_supplicant_get_scan_results_old(wpa_s);
1401 else {
1402 wpa_scan_results_free(wpa_s->scan_res);
1403 wpa_s->scan_res = wpa_drv_get_scan_results2(wpa_s);
1404 if (wpa_s->scan_res == NULL) {
1405 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1406 ret = -1;
1407 } else
1408 ret = 0;
1409 }
1410
1411 if (wpa_s->scan_res)
1412 wpa_scan_sort_results(wpa_s->scan_res);
1413
1414 return ret;
1415 }
1416
1417
1418 /**
1419 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1420 * @wpa_s: Pointer to wpa_supplicant data
1421 * Returns: A pointer to the current network structure or %NULL on failure
1422 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)1423 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1424 {
1425 struct wpa_ssid *entry;
1426 u8 ssid[MAX_SSID_LEN];
1427 int res;
1428 size_t ssid_len;
1429 u8 bssid[ETH_ALEN];
1430 int wired;
1431
1432 if (wpa_s->use_client_mlme) {
1433 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1434 wpa_printf(MSG_WARNING, "Could not read SSID from "
1435 "MLME.");
1436 return NULL;
1437 }
1438 } else {
1439 res = wpa_drv_get_ssid(wpa_s, ssid);
1440 if (res < 0) {
1441 wpa_printf(MSG_WARNING, "Could not read SSID from "
1442 "driver.");
1443 return NULL;
1444 }
1445 ssid_len = res;
1446 }
1447
1448 if (wpa_s->use_client_mlme)
1449 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1450 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1451 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1452 return NULL;
1453 }
1454
1455 wired = wpa_s->conf->ap_scan == 0 && wpa_s->driver &&
1456 IS_WIRED(wpa_s->driver);
1457
1458 entry = wpa_s->conf->ssid;
1459 while (entry) {
1460 if (!entry->disabled &&
1461 ((ssid_len == entry->ssid_len &&
1462 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1463 (!entry->bssid_set ||
1464 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1465 return entry;
1466 #ifdef CONFIG_WPS
1467 if (!entry->disabled &&
1468 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1469 (entry->ssid == NULL || entry->ssid_len == 0) &&
1470 (!entry->bssid_set ||
1471 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1472 return entry;
1473 #endif /* CONFIG_WPS */
1474 entry = entry->next;
1475 }
1476
1477 return NULL;
1478 }
1479
wpa_drv_scan(struct wpa_supplicant * wpa_s,struct wpa_ssid ** ssid_ptr)1480 int wpa_drv_scan(struct wpa_supplicant *wpa_s, struct wpa_ssid **ssid_ptr)
1481 {
1482 u8 *ssid_nm = NULL;
1483 size_t ssid_len = 0;
1484 int ret = -1;
1485
1486 if (wpa_s->driver->combo_scan) {
1487 ret = wpa_s->driver->combo_scan(wpa_s->drv_priv, ssid_ptr,
1488 wpa_s->conf->ssid);
1489 wpa_s->prev_scan_ssid = (*ssid_ptr && !ret) ?
1490 (*ssid_ptr) : BROADCAST_SSID_SCAN;
1491 }
1492 else if (wpa_s->driver->scan) {
1493 if (*ssid_ptr) {
1494 ssid_nm = (*ssid_ptr)->ssid;
1495 ssid_len = (*ssid_ptr)->ssid_len;
1496 }
1497
1498 ret = wpa_s->driver->scan(wpa_s->drv_priv, ssid_nm, ssid_len);
1499 }
1500 return ret;
1501 }
1502
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)1503 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1504 const char *name)
1505 {
1506 int i;
1507
1508 if (wpa_s == NULL)
1509 return -1;
1510
1511 if (wpa_supplicant_drivers[0] == NULL) {
1512 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1513 "wpa_supplicant.");
1514 return -1;
1515 }
1516
1517 if (name == NULL) {
1518 /* default to first driver in the list */
1519 wpa_s->driver = wpa_supplicant_drivers[0];
1520 wpa_s->global_drv_priv = wpa_s->global->drv_priv[0];
1521 return 0;
1522 }
1523
1524 for (i = 0; wpa_supplicant_drivers[i]; i++) {
1525 if (os_strcmp(name, wpa_supplicant_drivers[i]->name) == 0) {
1526 wpa_s->driver = wpa_supplicant_drivers[i];
1527 wpa_s->global_drv_priv = wpa_s->global->drv_priv[i];
1528 return 0;
1529 }
1530 }
1531
1532 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.\n", name);
1533 return -1;
1534 }
1535
1536
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)1537 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1538 const u8 *buf, size_t len)
1539 {
1540 struct wpa_supplicant *wpa_s = ctx;
1541
1542 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1543 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1544
1545 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1546 /*
1547 * There is possible race condition between receiving the
1548 * association event and the EAPOL frame since they are coming
1549 * through different paths from the driver. In order to avoid
1550 * issues in trying to process the EAPOL frame before receiving
1551 * association information, lets queue it for processing until
1552 * the association event is received.
1553 */
1554 wpa_printf(MSG_DEBUG, "Not associated - Delay processing of "
1555 "received EAPOL frame");
1556 wpabuf_free(wpa_s->pending_eapol_rx);
1557 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1558 if (wpa_s->pending_eapol_rx) {
1559 os_get_time(&wpa_s->pending_eapol_rx_time);
1560 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1561 ETH_ALEN);
1562 }
1563 return;
1564 }
1565
1566 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1567 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1568 "no key management is configured");
1569 return;
1570 }
1571
1572 if (wpa_s->eapol_received == 0 &&
1573 (!wpa_s->driver_4way_handshake ||
1574 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1575 wpa_s->wpa_state != WPA_COMPLETED)) {
1576 /* Timeout for completing IEEE 802.1X and WPA authentication */
1577 wpa_supplicant_req_auth_timeout(
1578 wpa_s,
1579 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
1580 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1581 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
1582 70 : 10, 0);
1583 }
1584 wpa_s->eapol_received++;
1585
1586 if (wpa_s->countermeasures) {
1587 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1588 "packet");
1589 return;
1590 }
1591
1592 /* Source address of the incoming EAPOL frame could be compared to the
1593 * current BSSID. However, it is possible that a centralized
1594 * Authenticator could be using another MAC address than the BSSID of
1595 * an AP, so just allow any address to be used for now. The replies are
1596 * still sent to the current BSSID (if available), though. */
1597
1598 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
1599 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
1600 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1601 return;
1602 wpa_drv_poll(wpa_s);
1603 if (!wpa_s->driver_4way_handshake)
1604 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
1605 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
1606 /*
1607 * Set portValid = TRUE here since we are going to skip 4-way
1608 * handshake processing which would normally set portValid. We
1609 * need this to allow the EAPOL state machines to be completed
1610 * without going through EAPOL-Key handshake.
1611 */
1612 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1613 }
1614 }
1615
1616
wpa_supplicant_sta_free_hw_features(struct wpa_hw_modes * hw_features,size_t num_hw_features)1617 void wpa_supplicant_sta_free_hw_features(struct wpa_hw_modes *hw_features,
1618 size_t num_hw_features)
1619 {
1620 ieee80211_sta_free_hw_features(hw_features, num_hw_features);
1621 }
1622
1623
wpa_supplicant_sta_rx(void * ctx,const u8 * buf,size_t len,struct ieee80211_rx_status * rx_status)1624 void wpa_supplicant_sta_rx(void *ctx, const u8 *buf, size_t len,
1625 struct ieee80211_rx_status *rx_status)
1626 {
1627 struct wpa_supplicant *wpa_s = ctx;
1628 ieee80211_sta_rx(wpa_s, buf, len, rx_status);
1629 }
1630
1631
1632 /**
1633 * wpa_supplicant_driver_init - Initialize driver interface parameters
1634 * @wpa_s: Pointer to wpa_supplicant data
1635 * Returns: 0 on success, -1 on failure
1636 *
1637 * This function is called to initialize driver interface parameters.
1638 * wpa_drv_init() must have been called before this function to initialize the
1639 * driver interface.
1640 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)1641 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1642 {
1643 static int interface_count = 0;
1644
1645 if (wpa_s->driver->send_eapol) {
1646 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1647 if (addr)
1648 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1649 } else {
1650 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1651 wpa_drv_get_mac_addr(wpa_s),
1652 ETH_P_EAPOL,
1653 wpa_supplicant_rx_eapol, wpa_s, 0);
1654 if (wpa_s->l2 == NULL)
1655 return -1;
1656 }
1657
1658 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1659 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
1660 return -1;
1661 }
1662
1663 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
1664 MAC2STR(wpa_s->own_addr));
1665
1666 if (wpa_s->bridge_ifname[0]) {
1667 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
1668 " '%s'", wpa_s->bridge_ifname);
1669 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1670 wpa_s->own_addr,
1671 ETH_P_EAPOL,
1672 wpa_supplicant_rx_eapol, wpa_s,
1673 0);
1674 if (wpa_s->l2_br == NULL) {
1675 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
1676 "connection for the bridge interface '%s'",
1677 wpa_s->bridge_ifname);
1678 return -1;
1679 }
1680 }
1681
1682 /* Backwards compatibility call to set_wpa() handler. This is called
1683 * only just after init and just before deinit, so these handler can be
1684 * used to implement same functionality. */
1685 if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
1686 struct wpa_driver_capa capa;
1687 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
1688 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1689 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
1690 wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
1691 /* Continue to allow non-WPA modes to be used. */
1692 } else {
1693 wpa_printf(MSG_ERROR, "Failed to enable WPA in the "
1694 "driver.");
1695 return -1;
1696 }
1697 }
1698
1699 wpa_clear_keys(wpa_s, NULL);
1700
1701 /* Make sure that TKIP countermeasures are not left enabled (could
1702 * happen if wpa_supplicant is killed during countermeasures. */
1703 wpa_drv_set_countermeasures(wpa_s, 0);
1704
1705 wpa_drv_set_drop_unencrypted(wpa_s, 1);
1706
1707 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1708 wpa_drv_flush_pmkid(wpa_s);
1709
1710 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
1711 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1712 interface_count++;
1713
1714 return 0;
1715 }
1716
1717
wpa_supplicant_daemon(const char * pid_file)1718 static int wpa_supplicant_daemon(const char *pid_file)
1719 {
1720 wpa_printf(MSG_DEBUG, "Daemonize..");
1721 return os_daemonize(pid_file);
1722 }
1723
1724
wpa_supplicant_alloc(void)1725 static struct wpa_supplicant * wpa_supplicant_alloc(void)
1726 {
1727 struct wpa_supplicant *wpa_s;
1728
1729 wpa_s = os_zalloc(sizeof(*wpa_s));
1730 if (wpa_s == NULL)
1731 return NULL;
1732 wpa_s->scan_req = 1;
1733 #ifdef ANDROID
1734 wpa_s->scan_interval = 5;
1735 #endif
1736 return wpa_s;
1737 }
1738
1739
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,struct wpa_interface * iface)1740 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1741 struct wpa_interface *iface)
1742 {
1743 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
1744 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
1745 iface->confname ? iface->confname : "N/A",
1746 iface->driver ? iface->driver : "default",
1747 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
1748 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
1749
1750 if (wpa_supplicant_set_driver(wpa_s, iface->driver) < 0) {
1751 return -1;
1752 }
1753
1754 if (iface->confname) {
1755 #ifdef CONFIG_BACKEND_FILE
1756 wpa_s->confname = os_rel2abs_path(iface->confname);
1757 if (wpa_s->confname == NULL) {
1758 wpa_printf(MSG_ERROR, "Failed to get absolute path "
1759 "for configuration file '%s'.",
1760 iface->confname);
1761 return -1;
1762 }
1763 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
1764 iface->confname, wpa_s->confname);
1765 #else /* CONFIG_BACKEND_FILE */
1766 wpa_s->confname = os_strdup(iface->confname);
1767 #endif /* CONFIG_BACKEND_FILE */
1768 wpa_s->conf = wpa_config_read(wpa_s->confname);
1769 if (wpa_s->conf == NULL) {
1770 wpa_printf(MSG_ERROR, "Failed to read or parse "
1771 "configuration '%s'.", wpa_s->confname);
1772 return -1;
1773 }
1774
1775 /*
1776 * Override ctrl_interface and driver_param if set on command
1777 * line.
1778 */
1779 if (iface->ctrl_interface) {
1780 os_free(wpa_s->conf->ctrl_interface);
1781 wpa_s->conf->ctrl_interface =
1782 os_strdup(iface->ctrl_interface);
1783 }
1784
1785 if (iface->driver_param) {
1786 os_free(wpa_s->conf->driver_param);
1787 wpa_s->conf->driver_param =
1788 os_strdup(iface->driver_param);
1789 }
1790 } else
1791 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
1792 iface->driver_param);
1793
1794 if (wpa_s->conf == NULL) {
1795 wpa_printf(MSG_ERROR, "\nNo configuration found.");
1796 return -1;
1797 }
1798
1799 if (iface->ifname == NULL) {
1800 wpa_printf(MSG_ERROR, "\nInterface name is required.");
1801 return -1;
1802 }
1803 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
1804 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
1805 iface->ifname);
1806 return -1;
1807 }
1808 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
1809
1810 if (iface->bridge_ifname) {
1811 if (os_strlen(iface->bridge_ifname) >=
1812 sizeof(wpa_s->bridge_ifname)) {
1813 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
1814 "name '%s'.", iface->bridge_ifname);
1815 return -1;
1816 }
1817 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
1818 sizeof(wpa_s->bridge_ifname));
1819 }
1820
1821 return 0;
1822 }
1823
1824
wpa_supplicant_init_iface2(struct wpa_supplicant * wpa_s)1825 static int wpa_supplicant_init_iface2(struct wpa_supplicant *wpa_s)
1826 {
1827 const char *ifname;
1828 struct wpa_driver_capa capa;
1829
1830 wpa_printf(MSG_DEBUG, "Initializing interface (2) '%s'",
1831 wpa_s->ifname);
1832
1833 /* RSNA Supplicant Key Management - INITIALIZE */
1834 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1835 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1836
1837 /* Initialize driver interface and register driver event handler before
1838 * L2 receive handler so that association events are processed before
1839 * EAPOL-Key packets if both become available for the same select()
1840 * call. */
1841 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
1842 if (wpa_s->drv_priv == NULL) {
1843 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
1844 return -1;
1845 }
1846 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
1847 wpa_printf(MSG_ERROR, "Driver interface rejected "
1848 "driver_param '%s'", wpa_s->conf->driver_param);
1849 return -1;
1850 }
1851
1852 ifname = wpa_drv_get_ifname(wpa_s);
1853 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
1854 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
1855 "name with '%s'", ifname);
1856 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
1857 }
1858
1859 if (wpa_supplicant_init_wpa(wpa_s) < 0)
1860 return -1;
1861
1862 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
1863 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
1864 NULL);
1865 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1866
1867 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
1868 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
1869 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
1870 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1871 "dot11RSNAConfigPMKLifetime");
1872 return -1;
1873 }
1874
1875 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
1876 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
1877 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
1878 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1879 "dot11RSNAConfigPMKReauthThreshold");
1880 return -1;
1881 }
1882
1883 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
1884 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
1885 wpa_s->conf->dot11RSNAConfigSATimeout)) {
1886 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1887 "dot11RSNAConfigSATimeout");
1888 return -1;
1889 }
1890
1891 if (wpa_supplicant_driver_init(wpa_s) < 0)
1892 return -1;
1893
1894 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
1895 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
1896 wpa_printf(MSG_DEBUG, "Failed to set country");
1897 return -1;
1898 }
1899
1900 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
1901
1902 if (wpas_wps_init(wpa_s))
1903 return -1;
1904
1905 if (wpa_supplicant_init_eapol(wpa_s) < 0)
1906 return -1;
1907 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
1908
1909 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1910 if (wpa_s->ctrl_iface == NULL) {
1911 wpa_printf(MSG_ERROR,
1912 "Failed to initialize control interface '%s'.\n"
1913 "You may have another wpa_supplicant process "
1914 "already running or the file was\n"
1915 "left by an unclean termination of wpa_supplicant "
1916 "in which case you will need\n"
1917 "to manually remove this file before starting "
1918 "wpa_supplicant again.\n",
1919 wpa_s->conf->ctrl_interface);
1920 return -1;
1921 }
1922
1923 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
1924 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1925 wpa_s->use_client_mlme = 1;
1926 if (ieee80211_sta_init(wpa_s))
1927 return -1;
1928 }
1929 if (capa.flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)
1930 wpa_s->driver_4way_handshake = 1;
1931 }
1932
1933 return 0;
1934 }
1935
1936
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s)1937 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
1938 {
1939 if (wpa_s->drv_priv) {
1940 wpa_supplicant_deauthenticate(wpa_s,
1941 WLAN_REASON_DEAUTH_LEAVING);
1942
1943 /* Backwards compatibility call to set_wpa() handler. This is
1944 * called only just after init and just before deinit, so these
1945 * handler can be used to implement same functionality. */
1946 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
1947 wpa_printf(MSG_ERROR, "Failed to disable WPA in the "
1948 "driver.");
1949 }
1950
1951 wpa_drv_set_drop_unencrypted(wpa_s, 0);
1952 wpa_drv_set_countermeasures(wpa_s, 0);
1953 wpa_clear_keys(wpa_s, NULL);
1954 }
1955
1956 wpas_dbus_unregister_iface(wpa_s);
1957
1958 wpa_supplicant_cleanup(wpa_s);
1959
1960 if (wpa_s->drv_priv)
1961 wpa_drv_deinit(wpa_s);
1962 }
1963
1964
1965 /**
1966 * wpa_supplicant_add_iface - Add a new network interface
1967 * @global: Pointer to global data from wpa_supplicant_init()
1968 * @iface: Interface configuration options
1969 * Returns: Pointer to the created interface or %NULL on failure
1970 *
1971 * This function is used to add new network interfaces for %wpa_supplicant.
1972 * This can be called before wpa_supplicant_run() to add interfaces before the
1973 * main event loop has been started. In addition, new interfaces can be added
1974 * dynamically while %wpa_supplicant is already running. This could happen,
1975 * e.g., when a hotplug network adapter is inserted.
1976 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface)1977 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1978 struct wpa_interface *iface)
1979 {
1980 struct wpa_supplicant *wpa_s;
1981
1982 if (global == NULL || iface == NULL)
1983 return NULL;
1984
1985 wpa_s = wpa_supplicant_alloc();
1986 if (wpa_s == NULL)
1987 return NULL;
1988
1989 wpa_s->global = global;
1990
1991 if (wpa_supplicant_init_iface(wpa_s, iface) ||
1992 wpa_supplicant_init_iface2(wpa_s)) {
1993 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
1994 iface->ifname);
1995 wpa_supplicant_deinit_iface(wpa_s);
1996 os_free(wpa_s);
1997 return NULL;
1998 }
1999
2000 /* Register the interface with the dbus control interface */
2001 if (wpas_dbus_register_iface(wpa_s)) {
2002 wpa_supplicant_deinit_iface(wpa_s);
2003 os_free(wpa_s);
2004 return NULL;
2005 }
2006
2007 wpa_s->next = global->ifaces;
2008 global->ifaces = wpa_s;
2009
2010 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2011
2012 return wpa_s;
2013 }
2014
2015
2016 /**
2017 * wpa_supplicant_remove_iface - Remove a network interface
2018 * @global: Pointer to global data from wpa_supplicant_init()
2019 * @wpa_s: Pointer to the network interface to be removed
2020 * Returns: 0 if interface was removed, -1 if interface was not found
2021 *
2022 * This function can be used to dynamically remove network interfaces from
2023 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2024 * addition, this function is used to remove all remaining interfaces when
2025 * %wpa_supplicant is terminated.
2026 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s)2027 int wpa_supplicant_remove_iface(struct wpa_global *global,
2028 struct wpa_supplicant *wpa_s)
2029 {
2030 struct wpa_supplicant *prev;
2031
2032 /* Remove interface from the global list of interfaces */
2033 prev = global->ifaces;
2034 if (prev == wpa_s) {
2035 global->ifaces = wpa_s->next;
2036 } else {
2037 while (prev && prev->next != wpa_s)
2038 prev = prev->next;
2039 if (prev == NULL)
2040 return -1;
2041 prev->next = wpa_s->next;
2042 }
2043
2044 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2045
2046 wpa_supplicant_deinit_iface(wpa_s);
2047 os_free(wpa_s);
2048
2049 return 0;
2050 }
2051
2052
2053 /**
2054 * wpa_supplicant_get_iface - Get a new network interface
2055 * @global: Pointer to global data from wpa_supplicant_init()
2056 * @ifname: Interface name
2057 * Returns: Pointer to the interface or %NULL if not found
2058 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)2059 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2060 const char *ifname)
2061 {
2062 struct wpa_supplicant *wpa_s;
2063
2064 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2065 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2066 return wpa_s;
2067 }
2068 return NULL;
2069 }
2070
2071
2072 /**
2073 * wpa_supplicant_init - Initialize %wpa_supplicant
2074 * @params: Parameters for %wpa_supplicant
2075 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2076 *
2077 * This function is used to initialize %wpa_supplicant. After successful
2078 * initialization, the returned data pointer can be used to add and remove
2079 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2080 */
wpa_supplicant_init(struct wpa_params * params)2081 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2082 {
2083 struct wpa_global *global;
2084 int ret, i;
2085
2086 if (params == NULL)
2087 return NULL;
2088
2089 wpa_debug_open_file(params->wpa_debug_file_path);
2090
2091 ret = eap_peer_register_methods();
2092 if (ret) {
2093 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2094 if (ret == -2)
2095 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2096 "the same EAP type.");
2097 return NULL;
2098 }
2099
2100 global = os_zalloc(sizeof(*global));
2101 if (global == NULL)
2102 return NULL;
2103 global->params.daemonize = params->daemonize;
2104 global->params.wait_for_monitor = params->wait_for_monitor;
2105 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2106 if (params->pid_file)
2107 global->params.pid_file = os_strdup(params->pid_file);
2108 if (params->ctrl_interface)
2109 global->params.ctrl_interface =
2110 os_strdup(params->ctrl_interface);
2111 wpa_debug_level = global->params.wpa_debug_level =
2112 params->wpa_debug_level;
2113 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2114 params->wpa_debug_show_keys;
2115 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2116 params->wpa_debug_timestamp;
2117
2118 if (eloop_init(global)) {
2119 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2120 wpa_supplicant_deinit(global);
2121 return NULL;
2122 }
2123
2124 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2125 if (global->ctrl_iface == NULL) {
2126 wpa_supplicant_deinit(global);
2127 return NULL;
2128 }
2129
2130 if (global->params.dbus_ctrl_interface) {
2131 global->dbus_ctrl_iface =
2132 wpa_supplicant_dbus_ctrl_iface_init(global);
2133 if (global->dbus_ctrl_iface == NULL) {
2134 wpa_supplicant_deinit(global);
2135 return NULL;
2136 }
2137 }
2138
2139 for (i = 0; wpa_supplicant_drivers[i]; i++)
2140 global->drv_count++;
2141 if (global->drv_count == 0) {
2142 wpa_printf(MSG_ERROR, "No drivers enabled");
2143 wpa_supplicant_deinit(global);
2144 return NULL;
2145 }
2146 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2147 if (global->drv_priv == NULL) {
2148 wpa_supplicant_deinit(global);
2149 return NULL;
2150 }
2151 for (i = 0; wpa_supplicant_drivers[i]; i++) {
2152 if (!wpa_supplicant_drivers[i]->global_init)
2153 continue;
2154 global->drv_priv[i] = wpa_supplicant_drivers[i]->global_init();
2155 if (global->drv_priv[i] == NULL) {
2156 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2157 "'%s'", wpa_supplicant_drivers[i]->name);
2158 wpa_supplicant_deinit(global);
2159 return NULL;
2160 }
2161 }
2162
2163 return global;
2164 }
2165
2166
2167 /**
2168 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2169 * @global: Pointer to global data from wpa_supplicant_init()
2170 * Returns: 0 after successful event loop run, -1 on failure
2171 *
2172 * This function starts the main event loop and continues running as long as
2173 * there are any remaining events. In most cases, this function is running as
2174 * long as the %wpa_supplicant process in still in use.
2175 */
wpa_supplicant_run(struct wpa_global * global)2176 int wpa_supplicant_run(struct wpa_global *global)
2177 {
2178 struct wpa_supplicant *wpa_s;
2179
2180 if (global->params.daemonize &&
2181 wpa_supplicant_daemon(global->params.pid_file))
2182 return -1;
2183
2184 if (global->params.wait_for_monitor) {
2185 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2186 if (wpa_s->ctrl_iface)
2187 wpa_supplicant_ctrl_iface_wait(
2188 wpa_s->ctrl_iface);
2189 }
2190
2191 eloop_register_signal_terminate(wpa_supplicant_terminate, NULL);
2192 eloop_register_signal_reconfig(wpa_supplicant_reconfig, NULL);
2193
2194 eloop_run();
2195
2196 return 0;
2197 }
2198
2199
2200 /**
2201 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2202 * @global: Pointer to global data from wpa_supplicant_init()
2203 *
2204 * This function is called to deinitialize %wpa_supplicant and to free all
2205 * allocated resources. Remaining network interfaces will also be removed.
2206 */
wpa_supplicant_deinit(struct wpa_global * global)2207 void wpa_supplicant_deinit(struct wpa_global *global)
2208 {
2209 int i;
2210
2211 if (global == NULL)
2212 return;
2213
2214 wpa_supplicant_terminate(0, global, NULL);
2215
2216 while (global->ifaces)
2217 wpa_supplicant_remove_iface(global, global->ifaces);
2218
2219 if (global->ctrl_iface)
2220 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2221 if (global->dbus_ctrl_iface)
2222 wpa_supplicant_dbus_ctrl_iface_deinit(global->dbus_ctrl_iface);
2223
2224 eap_peer_unregister_methods();
2225
2226 for (i = 0; wpa_supplicant_drivers[i] && global->drv_priv; i++) {
2227 if (!global->drv_priv[i])
2228 continue;
2229 wpa_supplicant_drivers[i]->global_deinit(global->drv_priv[i]);
2230 }
2231 os_free(global->drv_priv);
2232
2233 eloop_destroy();
2234
2235 if (global->params.pid_file) {
2236 os_daemonize_terminate(global->params.pid_file);
2237 os_free(global->params.pid_file);
2238 }
2239 os_free(global->params.ctrl_interface);
2240
2241 os_free(global);
2242 wpa_debug_close_file();
2243 }
2244