1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14
15 #include "common.h"
16 #include "crypto/random.h"
17 #include "crypto/sha1.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "eap_peer/eap.h"
20 #include "eap_server/eap_methods.h"
21 #include "rsn_supp/wpa.h"
22 #include "eloop.h"
23 #include "config.h"
24 #include "l2_packet/l2_packet.h"
25 #include "wpa_supplicant_i.h"
26 #include "driver_i.h"
27 #include "ctrl_iface.h"
28 #include "pcsc_funcs.h"
29 #include "common/version.h"
30 #include "rsn_supp/preauth.h"
31 #include "rsn_supp/pmksa_cache.h"
32 #include "common/wpa_ctrl.h"
33 #include "common/ieee802_11_defs.h"
34 #include "p2p/p2p.h"
35 #include "blacklist.h"
36 #include "wpas_glue.h"
37 #include "wps_supplicant.h"
38 #include "ibss_rsn.h"
39 #include "sme.h"
40 #include "gas_query.h"
41 #include "ap.h"
42 #include "p2p_supplicant.h"
43 #include "notify.h"
44 #include "bgscan.h"
45 #include "bss.h"
46 #include "scan.h"
47 #include "offchannel.h"
48
49 const char *wpa_supplicant_version =
50 "wpa_supplicant v" VERSION_STR "\n"
51 "Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors";
52
53 const char *wpa_supplicant_license =
54 "This software may be distributed under the terms of the BSD license.\n"
55 "See README for more details.\n"
56 #ifdef EAP_TLS_OPENSSL
57 "\nThis product includes software developed by the OpenSSL Project\n"
58 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
59 #endif /* EAP_TLS_OPENSSL */
60 ;
61
62 #ifndef CONFIG_NO_STDOUT_DEBUG
63 /* Long text divided into parts in order to fit in C89 strings size limits. */
64 const char *wpa_supplicant_full_license1 =
65 "";
66 const char *wpa_supplicant_full_license2 =
67 "This software may be distributed under the terms of the BSD license.\n"
68 "\n"
69 "Redistribution and use in source and binary forms, with or without\n"
70 "modification, are permitted provided that the following conditions are\n"
71 "met:\n"
72 "\n";
73 const char *wpa_supplicant_full_license3 =
74 "1. Redistributions of source code must retain the above copyright\n"
75 " notice, this list of conditions and the following disclaimer.\n"
76 "\n"
77 "2. Redistributions in binary form must reproduce the above copyright\n"
78 " notice, this list of conditions and the following disclaimer in the\n"
79 " documentation and/or other materials provided with the distribution.\n"
80 "\n";
81 const char *wpa_supplicant_full_license4 =
82 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
83 " names of its contributors may be used to endorse or promote products\n"
84 " derived from this software without specific prior written permission.\n"
85 "\n"
86 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
87 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
88 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
89 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
90 const char *wpa_supplicant_full_license5 =
91 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
92 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
93 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
94 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
95 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
96 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
97 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
98 "\n";
99 #endif /* CONFIG_NO_STDOUT_DEBUG */
100
101 extern int wpa_debug_level;
102 extern int wpa_debug_show_keys;
103 extern int wpa_debug_timestamp;
104 extern struct wpa_driver_ops *wpa_drivers[];
105
106 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)107 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
108 {
109 int i, set = 0;
110
111 for (i = 0; i < NUM_WEP_KEYS; i++) {
112 if (ssid->wep_key_len[i] == 0)
113 continue;
114
115 set = 1;
116 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
117 i, i == ssid->wep_tx_keyidx, NULL, 0,
118 ssid->wep_key[i], ssid->wep_key_len[i]);
119 }
120
121 return set;
122 }
123
124
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)125 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
126 struct wpa_ssid *ssid)
127 {
128 u8 key[32];
129 size_t keylen;
130 enum wpa_alg alg;
131 u8 seq[6] = { 0 };
132
133 /* IBSS/WPA-None uses only one key (Group) for both receiving and
134 * sending unicast and multicast packets. */
135
136 if (ssid->mode != WPAS_MODE_IBSS) {
137 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
138 "IBSS/ad-hoc) for WPA-None", ssid->mode);
139 return -1;
140 }
141
142 if (!ssid->psk_set) {
143 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
144 "WPA-None");
145 return -1;
146 }
147
148 switch (wpa_s->group_cipher) {
149 case WPA_CIPHER_CCMP:
150 os_memcpy(key, ssid->psk, 16);
151 keylen = 16;
152 alg = WPA_ALG_CCMP;
153 break;
154 case WPA_CIPHER_TKIP:
155 /* WPA-None uses the same Michael MIC key for both TX and RX */
156 os_memcpy(key, ssid->psk, 16 + 8);
157 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
158 keylen = 32;
159 alg = WPA_ALG_TKIP;
160 break;
161 default:
162 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
163 "WPA-None", wpa_s->group_cipher);
164 return -1;
165 }
166
167 /* TODO: should actually remember the previously used seq#, both for TX
168 * and RX from each STA.. */
169
170 return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
171 }
172
173
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)174 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
175 {
176 struct wpa_supplicant *wpa_s = eloop_ctx;
177 const u8 *bssid = wpa_s->bssid;
178 if (is_zero_ether_addr(bssid))
179 bssid = wpa_s->pending_bssid;
180 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
181 MAC2STR(bssid));
182 wpa_blacklist_add(wpa_s, bssid);
183 wpa_sm_notify_disassoc(wpa_s->wpa);
184 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
185 wpa_s->reassociate = 1;
186
187 /*
188 * If we timed out, the AP or the local radio may be busy.
189 * So, wait a second until scanning again.
190 */
191 wpa_supplicant_req_scan(wpa_s, 1, 0);
192 }
193
194
195 /**
196 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
197 * @wpa_s: Pointer to wpa_supplicant data
198 * @sec: Number of seconds after which to time out authentication
199 * @usec: Number of microseconds after which to time out authentication
200 *
201 * This function is used to schedule a timeout for the current authentication
202 * attempt.
203 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)204 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
205 int sec, int usec)
206 {
207 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
208 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
209 return;
210
211 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
212 "%d usec", sec, usec);
213 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
214 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
215 }
216
217
218 /**
219 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
220 * @wpa_s: Pointer to wpa_supplicant data
221 *
222 * This function is used to cancel authentication timeout scheduled with
223 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
224 * been completed.
225 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)226 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
227 {
228 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
229 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
230 wpa_blacklist_del(wpa_s, wpa_s->bssid);
231 }
232
233
234 /**
235 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
236 * @wpa_s: Pointer to wpa_supplicant data
237 *
238 * This function is used to configure EAPOL state machine based on the selected
239 * authentication mode.
240 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)241 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
242 {
243 #ifdef IEEE8021X_EAPOL
244 struct eapol_config eapol_conf;
245 struct wpa_ssid *ssid = wpa_s->current_ssid;
246
247 #ifdef CONFIG_IBSS_RSN
248 if (ssid->mode == WPAS_MODE_IBSS &&
249 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
250 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
251 /*
252 * RSN IBSS authentication is per-STA and we can disable the
253 * per-BSSID EAPOL authentication.
254 */
255 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
256 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
257 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
258 return;
259 }
260 #endif /* CONFIG_IBSS_RSN */
261
262 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
263 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
264
265 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
266 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
267 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
268 else
269 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
270
271 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
272 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
273 eapol_conf.accept_802_1x_keys = 1;
274 eapol_conf.required_keys = 0;
275 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
276 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
277 }
278 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
279 eapol_conf.required_keys |=
280 EAPOL_REQUIRE_KEY_BROADCAST;
281 }
282
283 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
284 eapol_conf.required_keys = 0;
285 }
286 if (wpa_s->conf)
287 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
288 eapol_conf.workaround = ssid->eap_workaround;
289 eapol_conf.eap_disabled =
290 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
291 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
292 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
293 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
294 #endif /* IEEE8021X_EAPOL */
295 }
296
297
298 /**
299 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
300 * @wpa_s: Pointer to wpa_supplicant data
301 * @ssid: Configuration data for the network
302 *
303 * This function is used to configure WPA state machine and related parameters
304 * to a mode where WPA is not enabled. This is called as part of the
305 * authentication configuration when the selected network does not use WPA.
306 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)307 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
308 struct wpa_ssid *ssid)
309 {
310 int i;
311
312 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
313 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
314 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
315 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
316 else
317 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
318 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
319 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
320 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
321 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
322 wpa_s->group_cipher = WPA_CIPHER_NONE;
323 wpa_s->mgmt_group_cipher = 0;
324
325 for (i = 0; i < NUM_WEP_KEYS; i++) {
326 if (ssid->wep_key_len[i] > 5) {
327 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
328 wpa_s->group_cipher = WPA_CIPHER_WEP104;
329 break;
330 } else if (ssid->wep_key_len[i] > 0) {
331 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
332 wpa_s->group_cipher = WPA_CIPHER_WEP40;
333 break;
334 }
335 }
336
337 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
338 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
339 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
340 wpa_s->pairwise_cipher);
341 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
342 #ifdef CONFIG_IEEE80211W
343 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
344 wpa_s->mgmt_group_cipher);
345 #endif /* CONFIG_IEEE80211W */
346
347 pmksa_cache_clear_current(wpa_s->wpa);
348 }
349
350
free_hw_features(struct wpa_supplicant * wpa_s)351 static void free_hw_features(struct wpa_supplicant *wpa_s)
352 {
353 int i;
354 if (wpa_s->hw.modes == NULL)
355 return;
356
357 for (i = 0; i < wpa_s->hw.num_modes; i++) {
358 os_free(wpa_s->hw.modes[i].channels);
359 os_free(wpa_s->hw.modes[i].rates);
360 }
361
362 os_free(wpa_s->hw.modes);
363 wpa_s->hw.modes = NULL;
364 }
365
366
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)367 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
368 {
369 bgscan_deinit(wpa_s);
370 scard_deinit(wpa_s->scard);
371 wpa_s->scard = NULL;
372 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
373 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
374 l2_packet_deinit(wpa_s->l2);
375 wpa_s->l2 = NULL;
376 if (wpa_s->l2_br) {
377 l2_packet_deinit(wpa_s->l2_br);
378 wpa_s->l2_br = NULL;
379 }
380
381 if (wpa_s->conf != NULL) {
382 struct wpa_ssid *ssid;
383 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
384 wpas_notify_network_removed(wpa_s, ssid);
385 }
386
387 os_free(wpa_s->confname);
388 wpa_s->confname = NULL;
389
390 wpa_sm_set_eapol(wpa_s->wpa, NULL);
391 eapol_sm_deinit(wpa_s->eapol);
392 wpa_s->eapol = NULL;
393
394 rsn_preauth_deinit(wpa_s->wpa);
395
396 #ifdef CONFIG_TDLS
397 wpa_tdls_deinit(wpa_s->wpa);
398 #endif /* CONFIG_TDLS */
399
400 pmksa_candidate_free(wpa_s->wpa);
401 wpa_sm_deinit(wpa_s->wpa);
402 wpa_s->wpa = NULL;
403 wpa_blacklist_clear(wpa_s);
404
405 wpa_bss_deinit(wpa_s);
406
407 wpa_supplicant_cancel_scan(wpa_s);
408 wpa_supplicant_cancel_auth_timeout(wpa_s);
409 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
410 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
411 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
412 wpa_s, NULL);
413 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
414
415 wpas_wps_deinit(wpa_s);
416
417 wpabuf_free(wpa_s->pending_eapol_rx);
418 wpa_s->pending_eapol_rx = NULL;
419
420 #ifdef CONFIG_IBSS_RSN
421 ibss_rsn_deinit(wpa_s->ibss_rsn);
422 wpa_s->ibss_rsn = NULL;
423 #endif /* CONFIG_IBSS_RSN */
424
425 sme_deinit(wpa_s);
426
427 #ifdef CONFIG_AP
428 wpa_supplicant_ap_deinit(wpa_s);
429 #endif /* CONFIG_AP */
430
431 #ifdef CONFIG_P2P
432 wpas_p2p_deinit(wpa_s);
433 #endif /* CONFIG_P2P */
434
435 #ifdef CONFIG_OFFCHANNEL
436 offchannel_deinit(wpa_s);
437 #endif /* CONFIG_OFFCHANNEL */
438
439 wpa_supplicant_cancel_sched_scan(wpa_s);
440
441 os_free(wpa_s->next_scan_freqs);
442 wpa_s->next_scan_freqs = NULL;
443
444 gas_query_deinit(wpa_s->gas);
445 wpa_s->gas = NULL;
446
447 free_hw_features(wpa_s);
448 }
449
450
451 /**
452 * wpa_clear_keys - Clear keys configured for the driver
453 * @wpa_s: Pointer to wpa_supplicant data
454 * @addr: Previously used BSSID or %NULL if not available
455 *
456 * This function clears the encryption keys that has been previously configured
457 * for the driver.
458 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)459 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
460 {
461 if (wpa_s->keys_cleared) {
462 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
463 * timing issues with keys being cleared just before new keys
464 * are set or just after association or something similar. This
465 * shows up in group key handshake failing often because of the
466 * client not receiving the first encrypted packets correctly.
467 * Skipping some of the extra key clearing steps seems to help
468 * in completing group key handshake more reliably. */
469 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
470 "skip key clearing");
471 return;
472 }
473
474 /* MLME-DELETEKEYS.request */
475 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
476 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
477 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
478 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
479 #ifdef CONFIG_IEEE80211W
480 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
481 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
482 #endif /* CONFIG_IEEE80211W */
483 if (addr) {
484 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
485 0);
486 /* MLME-SETPROTECTION.request(None) */
487 wpa_drv_mlme_setprotection(
488 wpa_s, addr,
489 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
490 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
491 }
492 wpa_s->keys_cleared = 1;
493 }
494
495
496 /**
497 * wpa_supplicant_state_txt - Get the connection state name as a text string
498 * @state: State (wpa_state; WPA_*)
499 * Returns: The state name as a printable text string
500 */
wpa_supplicant_state_txt(enum wpa_states state)501 const char * wpa_supplicant_state_txt(enum wpa_states state)
502 {
503 switch (state) {
504 case WPA_DISCONNECTED:
505 return "DISCONNECTED";
506 case WPA_INACTIVE:
507 return "INACTIVE";
508 case WPA_INTERFACE_DISABLED:
509 return "INTERFACE_DISABLED";
510 case WPA_SCANNING:
511 return "SCANNING";
512 case WPA_AUTHENTICATING:
513 return "AUTHENTICATING";
514 case WPA_ASSOCIATING:
515 return "ASSOCIATING";
516 case WPA_ASSOCIATED:
517 return "ASSOCIATED";
518 case WPA_4WAY_HANDSHAKE:
519 return "4WAY_HANDSHAKE";
520 case WPA_GROUP_HANDSHAKE:
521 return "GROUP_HANDSHAKE";
522 case WPA_COMPLETED:
523 return "COMPLETED";
524 default:
525 return "UNKNOWN";
526 }
527 }
528
529
530 #ifdef CONFIG_BGSCAN
531
wpa_supplicant_start_bgscan(struct wpa_supplicant * wpa_s)532 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
533 {
534 if (wpas_driver_bss_selection(wpa_s))
535 return;
536 if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
537 return;
538
539 bgscan_deinit(wpa_s);
540 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
541 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
542 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
543 "bgscan");
544 /*
545 * Live without bgscan; it is only used as a roaming
546 * optimization, so the initial connection is not
547 * affected.
548 */
549 } else
550 wpa_s->bgscan_ssid = wpa_s->current_ssid;
551 } else
552 wpa_s->bgscan_ssid = NULL;
553 }
554
555
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)556 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
557 {
558 if (wpa_s->bgscan_ssid != NULL) {
559 bgscan_deinit(wpa_s);
560 wpa_s->bgscan_ssid = NULL;
561 }
562 }
563
564 #endif /* CONFIG_BGSCAN */
565
566
567 /**
568 * wpa_supplicant_set_state - Set current connection state
569 * @wpa_s: Pointer to wpa_supplicant data
570 * @state: The new connection state
571 *
572 * This function is called whenever the connection state changes, e.g.,
573 * association is completed for WPA/WPA2 4-Way Handshake is started.
574 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)575 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
576 enum wpa_states state)
577 {
578 enum wpa_states old_state = wpa_s->wpa_state;
579
580 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
581 wpa_supplicant_state_txt(wpa_s->wpa_state),
582 wpa_supplicant_state_txt(state));
583
584 #ifdef ANDROID_P2P
585 if(state == WPA_ASSOCIATED || (state <= WPA_INACTIVE))
586 wpa_s->assoc_retries = 0;
587 #endif /* ANDROID_P2P */
588
589 if (state != WPA_SCANNING)
590 wpa_supplicant_notify_scanning(wpa_s, 0);
591
592 if (state == WPA_COMPLETED && wpa_s->new_connection) {
593 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
594 struct wpa_ssid *ssid = wpa_s->current_ssid;
595 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
596 MACSTR " completed %s [id=%d id_str=%s]",
597 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
598 "(reauth)" : "(auth)",
599 ssid ? ssid->id : -1,
600 ssid && ssid->id_str ? ssid->id_str : "");
601 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
602 wpa_s->new_connection = 0;
603 wpa_s->reassociated_connection = 1;
604 wpa_drv_set_operstate(wpa_s, 1);
605 #ifndef IEEE8021X_EAPOL
606 wpa_drv_set_supp_port(wpa_s, 1);
607 #endif /* IEEE8021X_EAPOL */
608 wpa_s->after_wps = 0;
609 #ifdef CONFIG_P2P
610 wpas_p2p_completed(wpa_s);
611 #endif /* CONFIG_P2P */
612 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
613 state == WPA_ASSOCIATED) {
614 wpa_s->new_connection = 1;
615 wpa_drv_set_operstate(wpa_s, 0);
616 #ifndef IEEE8021X_EAPOL
617 wpa_drv_set_supp_port(wpa_s, 0);
618 #endif /* IEEE8021X_EAPOL */
619 }
620 wpa_s->wpa_state = state;
621
622 #ifdef CONFIG_BGSCAN
623 if (state == WPA_COMPLETED)
624 wpa_supplicant_start_bgscan(wpa_s);
625 else
626 wpa_supplicant_stop_bgscan(wpa_s);
627 #endif /* CONFIG_BGSCAN */
628
629 if (wpa_s->wpa_state != old_state) {
630 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
631
632 if (wpa_s->wpa_state == WPA_COMPLETED ||
633 old_state == WPA_COMPLETED)
634 wpas_notify_auth_changed(wpa_s);
635 }
636 }
637
638
wpa_supplicant_terminate_proc(struct wpa_global * global)639 void wpa_supplicant_terminate_proc(struct wpa_global *global)
640 {
641 int pending = 0;
642 #ifdef CONFIG_WPS
643 struct wpa_supplicant *wpa_s = global->ifaces;
644 while (wpa_s) {
645 if (wpas_wps_terminate_pending(wpa_s) == 1)
646 pending = 1;
647 wpa_s = wpa_s->next;
648 }
649 #endif /* CONFIG_WPS */
650 if (pending)
651 return;
652 eloop_terminate();
653 }
654
655
wpa_supplicant_terminate(int sig,void * signal_ctx)656 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
657 {
658 struct wpa_global *global = signal_ctx;
659 wpa_supplicant_terminate_proc(global);
660 }
661
662
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)663 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
664 {
665 enum wpa_states old_state = wpa_s->wpa_state;
666
667 wpa_s->pairwise_cipher = 0;
668 wpa_s->group_cipher = 0;
669 wpa_s->mgmt_group_cipher = 0;
670 wpa_s->key_mgmt = 0;
671 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
672 wpa_s->wpa_state = WPA_DISCONNECTED;
673
674 if (wpa_s->wpa_state != old_state)
675 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
676 }
677
678
679 /**
680 * wpa_supplicant_reload_configuration - Reload configuration data
681 * @wpa_s: Pointer to wpa_supplicant data
682 * Returns: 0 on success or -1 if configuration parsing failed
683 *
684 * This function can be used to request that the configuration data is reloaded
685 * (e.g., after configuration file change). This function is reloading
686 * configuration only for one interface, so this may need to be called multiple
687 * times if %wpa_supplicant is controlling multiple interfaces and all
688 * interfaces need reconfiguration.
689 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)690 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
691 {
692 struct wpa_config *conf;
693 int reconf_ctrl;
694 int old_ap_scan;
695
696 if (wpa_s->confname == NULL)
697 return -1;
698 conf = wpa_config_read(wpa_s->confname);
699 if (conf == NULL) {
700 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
701 "file '%s' - exiting", wpa_s->confname);
702 return -1;
703 }
704 conf->changed_parameters = (unsigned int) -1;
705
706 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
707 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
708 os_strcmp(conf->ctrl_interface,
709 wpa_s->conf->ctrl_interface) != 0);
710
711 if (reconf_ctrl && wpa_s->ctrl_iface) {
712 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
713 wpa_s->ctrl_iface = NULL;
714 }
715
716 eapol_sm_invalidate_cached_session(wpa_s->eapol);
717 if (wpa_s->current_ssid) {
718 wpa_supplicant_deauthenticate(wpa_s,
719 WLAN_REASON_DEAUTH_LEAVING);
720 }
721
722 /*
723 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
724 * pkcs11_engine_path, pkcs11_module_path.
725 */
726 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
727 /*
728 * Clear forced success to clear EAP state for next
729 * authentication.
730 */
731 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
732 }
733 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
734 wpa_sm_set_config(wpa_s->wpa, NULL);
735 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
736 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
737 rsn_preauth_deinit(wpa_s->wpa);
738
739 old_ap_scan = wpa_s->conf->ap_scan;
740 wpa_config_free(wpa_s->conf);
741 wpa_s->conf = conf;
742 if (old_ap_scan != wpa_s->conf->ap_scan)
743 wpas_notify_ap_scan_changed(wpa_s);
744
745 if (reconf_ctrl)
746 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
747
748 wpa_supplicant_update_config(wpa_s);
749
750 wpa_supplicant_clear_status(wpa_s);
751 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
752 wpa_s->reassociate = 1;
753 wpa_supplicant_req_scan(wpa_s, 0, 0);
754 }
755 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
756 return 0;
757 }
758
759
wpa_supplicant_reconfig(int sig,void * signal_ctx)760 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
761 {
762 struct wpa_global *global = signal_ctx;
763 struct wpa_supplicant *wpa_s;
764 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
765 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
766 sig);
767 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
768 wpa_supplicant_terminate_proc(global);
769 }
770 }
771 }
772
773
cipher_suite2driver(int cipher)774 enum wpa_cipher cipher_suite2driver(int cipher)
775 {
776 switch (cipher) {
777 case WPA_CIPHER_NONE:
778 return CIPHER_NONE;
779 case WPA_CIPHER_WEP40:
780 return CIPHER_WEP40;
781 case WPA_CIPHER_WEP104:
782 return CIPHER_WEP104;
783 case WPA_CIPHER_CCMP:
784 return CIPHER_CCMP;
785 case WPA_CIPHER_TKIP:
786 default:
787 return CIPHER_TKIP;
788 }
789 }
790
791
key_mgmt2driver(int key_mgmt)792 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
793 {
794 switch (key_mgmt) {
795 case WPA_KEY_MGMT_NONE:
796 return KEY_MGMT_NONE;
797 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
798 return KEY_MGMT_802_1X_NO_WPA;
799 case WPA_KEY_MGMT_IEEE8021X:
800 return KEY_MGMT_802_1X;
801 case WPA_KEY_MGMT_WPA_NONE:
802 return KEY_MGMT_WPA_NONE;
803 case WPA_KEY_MGMT_FT_IEEE8021X:
804 return KEY_MGMT_FT_802_1X;
805 case WPA_KEY_MGMT_FT_PSK:
806 return KEY_MGMT_FT_PSK;
807 case WPA_KEY_MGMT_IEEE8021X_SHA256:
808 return KEY_MGMT_802_1X_SHA256;
809 case WPA_KEY_MGMT_PSK_SHA256:
810 return KEY_MGMT_PSK_SHA256;
811 case WPA_KEY_MGMT_WPS:
812 return KEY_MGMT_WPS;
813 case WPA_KEY_MGMT_PSK:
814 default:
815 return KEY_MGMT_PSK;
816 }
817 }
818
819
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)820 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
821 struct wpa_ssid *ssid,
822 struct wpa_ie_data *ie)
823 {
824 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
825 if (ret) {
826 if (ret == -2) {
827 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
828 "from association info");
829 }
830 return -1;
831 }
832
833 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
834 "cipher suites");
835 if (!(ie->group_cipher & ssid->group_cipher)) {
836 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
837 "cipher 0x%x (mask 0x%x) - reject",
838 ie->group_cipher, ssid->group_cipher);
839 return -1;
840 }
841 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
842 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
843 "cipher 0x%x (mask 0x%x) - reject",
844 ie->pairwise_cipher, ssid->pairwise_cipher);
845 return -1;
846 }
847 if (!(ie->key_mgmt & ssid->key_mgmt)) {
848 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
849 "management 0x%x (mask 0x%x) - reject",
850 ie->key_mgmt, ssid->key_mgmt);
851 return -1;
852 }
853
854 #ifdef CONFIG_IEEE80211W
855 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
856 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
857 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
858 "that does not support management frame protection - "
859 "reject");
860 return -1;
861 }
862 #endif /* CONFIG_IEEE80211W */
863
864 return 0;
865 }
866
867
868 /**
869 * wpa_supplicant_set_suites - Set authentication and encryption parameters
870 * @wpa_s: Pointer to wpa_supplicant data
871 * @bss: Scan results for the selected BSS, or %NULL if not available
872 * @ssid: Configuration data for the selected network
873 * @wpa_ie: Buffer for the WPA/RSN IE
874 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
875 * used buffer length in case the functions returns success.
876 * Returns: 0 on success or -1 on failure
877 *
878 * This function is used to configure authentication and encryption parameters
879 * based on the network configuration and scan result for the selected BSS (if
880 * available).
881 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len)882 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
883 struct wpa_bss *bss, struct wpa_ssid *ssid,
884 u8 *wpa_ie, size_t *wpa_ie_len)
885 {
886 struct wpa_ie_data ie;
887 int sel, proto;
888 const u8 *bss_wpa, *bss_rsn;
889
890 if (bss) {
891 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
892 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
893 } else
894 bss_wpa = bss_rsn = NULL;
895
896 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
897 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
898 (ie.group_cipher & ssid->group_cipher) &&
899 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
900 (ie.key_mgmt & ssid->key_mgmt)) {
901 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
902 proto = WPA_PROTO_RSN;
903 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
904 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
905 (ie.group_cipher & ssid->group_cipher) &&
906 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
907 (ie.key_mgmt & ssid->key_mgmt)) {
908 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
909 proto = WPA_PROTO_WPA;
910 } else if (bss) {
911 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
912 return -1;
913 } else {
914 if (ssid->proto & WPA_PROTO_RSN)
915 proto = WPA_PROTO_RSN;
916 else
917 proto = WPA_PROTO_WPA;
918 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
919 os_memset(&ie, 0, sizeof(ie));
920 ie.group_cipher = ssid->group_cipher;
921 ie.pairwise_cipher = ssid->pairwise_cipher;
922 ie.key_mgmt = ssid->key_mgmt;
923 #ifdef CONFIG_IEEE80211W
924 ie.mgmt_group_cipher =
925 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
926 WPA_CIPHER_AES_128_CMAC : 0;
927 #endif /* CONFIG_IEEE80211W */
928 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
929 "based on configuration");
930 } else
931 proto = ie.proto;
932 }
933
934 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
935 "pairwise %d key_mgmt %d proto %d",
936 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
937 #ifdef CONFIG_IEEE80211W
938 if (ssid->ieee80211w) {
939 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
940 ie.mgmt_group_cipher);
941 }
942 #endif /* CONFIG_IEEE80211W */
943
944 wpa_s->wpa_proto = proto;
945 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
946 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
947 !!(ssid->proto & WPA_PROTO_RSN));
948
949 if (bss || !wpa_s->ap_ies_from_associnfo) {
950 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
951 bss_wpa ? 2 + bss_wpa[1] : 0) ||
952 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
953 bss_rsn ? 2 + bss_rsn[1] : 0))
954 return -1;
955 }
956
957 sel = ie.group_cipher & ssid->group_cipher;
958 if (sel & WPA_CIPHER_CCMP) {
959 wpa_s->group_cipher = WPA_CIPHER_CCMP;
960 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
961 } else if (sel & WPA_CIPHER_TKIP) {
962 wpa_s->group_cipher = WPA_CIPHER_TKIP;
963 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
964 } else if (sel & WPA_CIPHER_WEP104) {
965 wpa_s->group_cipher = WPA_CIPHER_WEP104;
966 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
967 } else if (sel & WPA_CIPHER_WEP40) {
968 wpa_s->group_cipher = WPA_CIPHER_WEP40;
969 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
970 } else {
971 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
972 "cipher");
973 return -1;
974 }
975
976 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
977 if (sel & WPA_CIPHER_CCMP) {
978 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
979 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
980 } else if (sel & WPA_CIPHER_TKIP) {
981 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
982 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
983 } else if (sel & WPA_CIPHER_NONE) {
984 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
985 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
986 } else {
987 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
988 "cipher");
989 return -1;
990 }
991
992 sel = ie.key_mgmt & ssid->key_mgmt;
993 if (0) {
994 #ifdef CONFIG_IEEE80211R
995 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
996 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
997 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
998 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
999 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1000 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1001 #endif /* CONFIG_IEEE80211R */
1002 #ifdef CONFIG_IEEE80211W
1003 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1004 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1005 wpa_dbg(wpa_s, MSG_DEBUG,
1006 "WPA: using KEY_MGMT 802.1X with SHA256");
1007 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1008 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1009 wpa_dbg(wpa_s, MSG_DEBUG,
1010 "WPA: using KEY_MGMT PSK with SHA256");
1011 #endif /* CONFIG_IEEE80211W */
1012 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1013 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1014 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1015 } else if (sel & WPA_KEY_MGMT_PSK) {
1016 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1017 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1018 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1019 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1020 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1021 } else {
1022 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1023 "authenticated key management type");
1024 return -1;
1025 }
1026
1027 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1028 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1029 wpa_s->pairwise_cipher);
1030 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1031
1032 #ifdef CONFIG_IEEE80211W
1033 sel = ie.mgmt_group_cipher;
1034 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
1035 !(ie.capabilities & WPA_CAPABILITY_MFPC))
1036 sel = 0;
1037 if (sel & WPA_CIPHER_AES_128_CMAC) {
1038 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1039 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1040 "AES-128-CMAC");
1041 } else {
1042 wpa_s->mgmt_group_cipher = 0;
1043 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1044 }
1045 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1046 wpa_s->mgmt_group_cipher);
1047 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
1048 #endif /* CONFIG_IEEE80211W */
1049
1050 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1051 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1052 return -1;
1053 }
1054
1055 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1056 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1057 #ifndef CONFIG_NO_PBKDF2
1058 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1059 ssid->passphrase) {
1060 u8 psk[PMK_LEN];
1061 pbkdf2_sha1(ssid->passphrase, (char *) bss->ssid,
1062 bss->ssid_len, 4096, psk, PMK_LEN);
1063 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1064 psk, PMK_LEN);
1065 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1066 }
1067 #endif /* CONFIG_NO_PBKDF2 */
1068 } else
1069 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1070
1071 return 0;
1072 }
1073
1074
1075 /**
1076 * wpa_supplicant_associate - Request association
1077 * @wpa_s: Pointer to wpa_supplicant data
1078 * @bss: Scan results for the selected BSS, or %NULL if not available
1079 * @ssid: Configuration data for the selected network
1080 *
1081 * This function is used to request %wpa_supplicant to associate with a BSS.
1082 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)1083 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1084 struct wpa_bss *bss, struct wpa_ssid *ssid)
1085 {
1086 u8 wpa_ie[200];
1087 size_t wpa_ie_len;
1088 int use_crypt, ret, i, bssid_changed;
1089 int algs = WPA_AUTH_ALG_OPEN;
1090 enum wpa_cipher cipher_pairwise, cipher_group;
1091 struct wpa_driver_associate_params params;
1092 int wep_keys_set = 0;
1093 struct wpa_driver_capa capa;
1094 int assoc_failed = 0;
1095 struct wpa_ssid *old_ssid;
1096 #ifdef CONFIG_HT_OVERRIDES
1097 struct ieee80211_ht_capabilities htcaps;
1098 struct ieee80211_ht_capabilities htcaps_mask;
1099 #endif /* CONFIG_HT_OVERRIDES */
1100
1101 #ifdef CONFIG_IBSS_RSN
1102 ibss_rsn_deinit(wpa_s->ibss_rsn);
1103 wpa_s->ibss_rsn = NULL;
1104 #endif /* CONFIG_IBSS_RSN */
1105 #ifdef ANDROID_P2P
1106 int freq = 0;
1107 #endif
1108
1109 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1110 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1111 #ifdef CONFIG_AP
1112 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1113 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1114 "mode");
1115 return;
1116 }
1117 wpa_supplicant_create_ap(wpa_s, ssid);
1118 wpa_s->current_bss = bss;
1119 #else /* CONFIG_AP */
1120 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1121 "the build");
1122 #endif /* CONFIG_AP */
1123 return;
1124 }
1125
1126 #ifdef CONFIG_TDLS
1127 if (bss)
1128 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1129 bss->ie_len);
1130 #endif /* CONFIG_TDLS */
1131
1132 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1133 ssid->mode == IEEE80211_MODE_INFRA) {
1134 sme_authenticate(wpa_s, bss, ssid);
1135 return;
1136 }
1137
1138 os_memset(¶ms, 0, sizeof(params));
1139 wpa_s->reassociate = 0;
1140 if (bss && !wpas_driver_bss_selection(wpa_s)) {
1141 #ifdef CONFIG_IEEE80211R
1142 const u8 *ie, *md = NULL;
1143 #endif /* CONFIG_IEEE80211R */
1144 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1145 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1146 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1147 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1148 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1149 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1150 if (bssid_changed)
1151 wpas_notify_bssid_changed(wpa_s);
1152 #ifdef CONFIG_IEEE80211R
1153 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1154 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1155 md = ie + 2;
1156 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1157 if (md) {
1158 /* Prepare for the next transition */
1159 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1160 }
1161 #endif /* CONFIG_IEEE80211R */
1162 #ifdef CONFIG_WPS
1163 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1164 wpa_s->conf->ap_scan == 2 &&
1165 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1166 /* Use ap_scan==1 style network selection to find the network
1167 */
1168 wpa_s->scan_req = 2;
1169 wpa_s->reassociate = 1;
1170 wpa_supplicant_req_scan(wpa_s, 0, 0);
1171 return;
1172 #endif /* CONFIG_WPS */
1173 } else {
1174 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1175 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1176 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1177 }
1178 wpa_supplicant_cancel_sched_scan(wpa_s);
1179 wpa_supplicant_cancel_scan(wpa_s);
1180
1181 /* Starting new association, so clear the possibly used WPA IE from the
1182 * previous association. */
1183 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1184
1185 #ifdef IEEE8021X_EAPOL
1186 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1187 if (ssid->leap) {
1188 if (ssid->non_leap == 0)
1189 algs = WPA_AUTH_ALG_LEAP;
1190 else
1191 algs |= WPA_AUTH_ALG_LEAP;
1192 }
1193 }
1194 #endif /* IEEE8021X_EAPOL */
1195 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1196 if (ssid->auth_alg) {
1197 algs = ssid->auth_alg;
1198 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1199 "0x%x", algs);
1200 }
1201
1202 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1203 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1204 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1205 int try_opportunistic;
1206 try_opportunistic = ssid->proactive_key_caching &&
1207 (ssid->proto & WPA_PROTO_RSN);
1208 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1209 wpa_s->current_ssid,
1210 try_opportunistic) == 0)
1211 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1212 wpa_ie_len = sizeof(wpa_ie);
1213 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1214 wpa_ie, &wpa_ie_len)) {
1215 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1216 "key management and encryption suites");
1217 return;
1218 }
1219 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1220 wpa_ie_len = sizeof(wpa_ie);
1221 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1222 wpa_ie, &wpa_ie_len)) {
1223 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1224 "key management and encryption suites (no "
1225 "scan results)");
1226 return;
1227 }
1228 #ifdef CONFIG_WPS
1229 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1230 struct wpabuf *wps_ie;
1231 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1232 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1233 wpa_ie_len = wpabuf_len(wps_ie);
1234 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1235 } else
1236 wpa_ie_len = 0;
1237 wpabuf_free(wps_ie);
1238 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1239 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1240 params.wps = WPS_MODE_PRIVACY;
1241 else
1242 params.wps = WPS_MODE_OPEN;
1243 wpa_s->wpa_proto = 0;
1244 #endif /* CONFIG_WPS */
1245 } else {
1246 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1247 wpa_ie_len = 0;
1248 wpa_s->wpa_proto = 0;
1249 }
1250
1251 #ifdef CONFIG_P2P
1252 if (wpa_s->global->p2p) {
1253 u8 *pos;
1254 size_t len;
1255 int res;
1256 int p2p_group;
1257 p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE;
1258 pos = wpa_ie + wpa_ie_len;
1259 len = sizeof(wpa_ie) - wpa_ie_len;
1260 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group);
1261 if (res >= 0)
1262 wpa_ie_len += res;
1263 }
1264
1265 wpa_s->cross_connect_disallowed = 0;
1266 if (bss) {
1267 struct wpabuf *p2p;
1268 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1269 if (p2p) {
1270 wpa_s->cross_connect_disallowed =
1271 p2p_get_cross_connect_disallowed(p2p);
1272 wpabuf_free(p2p);
1273 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1274 "connection",
1275 wpa_s->cross_connect_disallowed ?
1276 "disallows" : "allows");
1277 }
1278 }
1279 #endif /* CONFIG_P2P */
1280
1281 #ifdef CONFIG_INTERWORKING
1282 if (wpa_s->conf->interworking) {
1283 u8 *pos = wpa_ie;
1284 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1285 pos += 2 + pos[1];
1286 os_memmove(pos + 6, pos, wpa_ie_len - (pos - wpa_ie));
1287 wpa_ie_len += 6;
1288 *pos++ = WLAN_EID_EXT_CAPAB;
1289 *pos++ = 4;
1290 *pos++ = 0x00;
1291 *pos++ = 0x00;
1292 *pos++ = 0x00;
1293 *pos++ = 0x80; /* Bit 31 - Interworking */
1294 }
1295 #endif /* CONFIG_INTERWORKING */
1296
1297 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1298 use_crypt = 1;
1299 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1300 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1301 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1302 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1303 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1304 use_crypt = 0;
1305 if (wpa_set_wep_keys(wpa_s, ssid)) {
1306 use_crypt = 1;
1307 wep_keys_set = 1;
1308 }
1309 }
1310 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1311 use_crypt = 0;
1312
1313 #ifdef IEEE8021X_EAPOL
1314 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1315 if ((ssid->eapol_flags &
1316 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1317 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1318 !wep_keys_set) {
1319 use_crypt = 0;
1320 } else {
1321 /* Assume that dynamic WEP-104 keys will be used and
1322 * set cipher suites in order for drivers to expect
1323 * encryption. */
1324 cipher_pairwise = cipher_group = CIPHER_WEP104;
1325 }
1326 }
1327 #endif /* IEEE8021X_EAPOL */
1328
1329 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1330 /* Set the key before (and later after) association */
1331 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1332 }
1333
1334 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1335 if (bss) {
1336 params.ssid = bss->ssid;
1337 params.ssid_len = bss->ssid_len;
1338 if (!wpas_driver_bss_selection(wpa_s)) {
1339 params.bssid = bss->bssid;
1340 params.freq = bss->freq;
1341 }
1342 } else {
1343 params.ssid = ssid->ssid;
1344 params.ssid_len = ssid->ssid_len;
1345 }
1346
1347 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1348 wpa_s->conf->ap_scan == 2) {
1349 params.bssid = ssid->bssid;
1350 params.fixed_bssid = 1;
1351 }
1352
1353 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1354 params.freq == 0)
1355 params.freq = ssid->frequency; /* Initial channel for IBSS */
1356 params.wpa_ie = wpa_ie;
1357 params.wpa_ie_len = wpa_ie_len;
1358 params.pairwise_suite = cipher_pairwise;
1359 params.group_suite = cipher_group;
1360 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1361 params.wpa_proto = wpa_s->wpa_proto;
1362 params.auth_alg = algs;
1363 params.mode = ssid->mode;
1364 for (i = 0; i < NUM_WEP_KEYS; i++) {
1365 if (ssid->wep_key_len[i])
1366 params.wep_key[i] = ssid->wep_key[i];
1367 params.wep_key_len[i] = ssid->wep_key_len[i];
1368 }
1369 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1370
1371 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1372 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1373 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1374 params.passphrase = ssid->passphrase;
1375 if (ssid->psk_set)
1376 params.psk = ssid->psk;
1377 }
1378
1379 params.drop_unencrypted = use_crypt;
1380
1381 #ifdef CONFIG_IEEE80211W
1382 params.mgmt_frame_protection = ssid->ieee80211w;
1383 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1384 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1385 struct wpa_ie_data ie;
1386 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1387 ie.capabilities &
1388 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1389 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1390 "MFP: require MFP");
1391 params.mgmt_frame_protection =
1392 MGMT_FRAME_PROTECTION_REQUIRED;
1393 }
1394 }
1395 #endif /* CONFIG_IEEE80211W */
1396
1397 params.p2p = ssid->p2p_group;
1398
1399 if (wpa_s->parent->set_sta_uapsd)
1400 params.uapsd = wpa_s->parent->sta_uapsd;
1401 else
1402 params.uapsd = -1;
1403
1404 #ifdef CONFIG_HT_OVERRIDES
1405 os_memset(&htcaps, 0, sizeof(htcaps));
1406 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1407 params.htcaps = (u8 *) &htcaps;
1408 params.htcaps_mask = (u8 *) &htcaps_mask;
1409 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
1410 #endif /* CONFIG_HT_OVERRIDES */
1411
1412 #ifdef ANDROID_P2P
1413 /* If multichannel concurrency is not supported, check for any frequency
1414 * conflict and take appropriate action.
1415 */
1416 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MULTI_CHANNEL_CONCURRENT) &&
1417 ((freq = wpa_drv_shared_freq(wpa_s)) > 0) && (freq != params.freq)) {
1418 wpa_printf(MSG_DEBUG, "Shared interface with conflicting frequency found (%d != %d)"
1419 , freq, params.freq);
1420 if (wpas_p2p_handle_frequency_conflicts(wpa_s, params.freq) < 0) {
1421 /* Handling conflicts failed. Disable the current connect req and
1422 * notify the userspace to take appropriate action */
1423 wpa_printf(MSG_DEBUG, "proiritize is not set. Notifying user space to handle the case");
1424 wpa_supplicant_disable_network(wpa_s, ssid);
1425 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_FREQ_CONFLICT
1426 " id=%d", ssid->id);
1427 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1428 return;
1429 }
1430 }
1431 #endif
1432 ret = wpa_drv_associate(wpa_s, ¶ms);
1433 if (ret < 0) {
1434 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1435 "failed");
1436 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1437 /*
1438 * The driver is known to mean what is saying, so we
1439 * can stop right here; the association will not
1440 * succeed.
1441 */
1442 wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1443 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1444 return;
1445 }
1446 /* try to continue anyway; new association will be tried again
1447 * after timeout */
1448 assoc_failed = 1;
1449 }
1450
1451 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1452 /* Set the key after the association just in case association
1453 * cleared the previously configured key. */
1454 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1455 /* No need to timeout authentication since there is no key
1456 * management. */
1457 wpa_supplicant_cancel_auth_timeout(wpa_s);
1458 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1459 #ifdef CONFIG_IBSS_RSN
1460 } else if (ssid->mode == WPAS_MODE_IBSS &&
1461 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1462 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1463 /*
1464 * RSN IBSS authentication is per-STA and we can disable the
1465 * per-BSSID authentication.
1466 */
1467 wpa_supplicant_cancel_auth_timeout(wpa_s);
1468 #endif /* CONFIG_IBSS_RSN */
1469 } else {
1470 /* Timeout for IEEE 802.11 authentication and association */
1471 int timeout = 60;
1472
1473 if (assoc_failed) {
1474 /* give IBSS a bit more time */
1475 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1476 } else if (wpa_s->conf->ap_scan == 1) {
1477 /* give IBSS a bit more time */
1478 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1479 }
1480 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1481 }
1482
1483 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1484 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1485 /* Set static WEP keys again */
1486 wpa_set_wep_keys(wpa_s, ssid);
1487 }
1488
1489 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1490 /*
1491 * Do not allow EAP session resumption between different
1492 * network configurations.
1493 */
1494 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1495 }
1496 old_ssid = wpa_s->current_ssid;
1497 wpa_s->current_ssid = ssid;
1498 wpa_s->current_bss = bss;
1499 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1500 wpa_supplicant_initiate_eapol(wpa_s);
1501 if (old_ssid != wpa_s->current_ssid)
1502 wpas_notify_network_changed(wpa_s);
1503 }
1504
1505
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)1506 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1507 const u8 *addr)
1508 {
1509 struct wpa_ssid *old_ssid;
1510
1511 wpa_clear_keys(wpa_s, addr);
1512 wpa_supplicant_mark_disassoc(wpa_s);
1513 old_ssid = wpa_s->current_ssid;
1514 wpa_s->current_ssid = NULL;
1515 wpa_s->current_bss = NULL;
1516 wpa_sm_set_config(wpa_s->wpa, NULL);
1517 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1518 if (old_ssid != wpa_s->current_ssid)
1519 wpas_notify_network_changed(wpa_s);
1520 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1521 }
1522
1523
1524 /**
1525 * wpa_supplicant_disassociate - Disassociate the current connection
1526 * @wpa_s: Pointer to wpa_supplicant data
1527 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1528 *
1529 * This function is used to request %wpa_supplicant to disassociate with the
1530 * current AP.
1531 */
wpa_supplicant_disassociate(struct wpa_supplicant * wpa_s,int reason_code)1532 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1533 int reason_code)
1534 {
1535 u8 *addr = NULL;
1536
1537 if (!is_zero_ether_addr(wpa_s->bssid)) {
1538 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1539 addr = wpa_s->bssid;
1540 }
1541
1542 wpa_supplicant_clear_connection(wpa_s, addr);
1543 }
1544
1545
1546 /**
1547 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1548 * @wpa_s: Pointer to wpa_supplicant data
1549 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1550 *
1551 * This function is used to request %wpa_supplicant to deauthenticate from the
1552 * current AP.
1553 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,int reason_code)1554 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1555 int reason_code)
1556 {
1557 u8 *addr = NULL;
1558
1559 if (!is_zero_ether_addr(wpa_s->bssid)) {
1560 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
1561 addr = wpa_s->bssid;
1562 }
1563
1564 wpa_supplicant_clear_connection(wpa_s, addr);
1565 }
1566
1567
1568 /**
1569 * wpa_supplicant_enable_network - Mark a configured network as enabled
1570 * @wpa_s: wpa_supplicant structure for a network interface
1571 * @ssid: wpa_ssid structure for a configured network or %NULL
1572 *
1573 * Enables the specified network or all networks if no network specified.
1574 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)1575 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1576 struct wpa_ssid *ssid)
1577 {
1578 struct wpa_ssid *other_ssid;
1579 int was_disabled;
1580
1581 if (ssid == NULL) {
1582 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1583 other_ssid = other_ssid->next) {
1584 if (other_ssid->disabled == 2)
1585 continue; /* do not change persistent P2P group
1586 * data */
1587 if (other_ssid == wpa_s->current_ssid &&
1588 other_ssid->disabled)
1589 wpa_s->reassociate = 1;
1590
1591 was_disabled = other_ssid->disabled;
1592
1593 other_ssid->disabled = 0;
1594
1595 if (was_disabled != other_ssid->disabled)
1596 wpas_notify_network_enabled_changed(
1597 wpa_s, other_ssid);
1598 }
1599 if (wpa_s->reassociate)
1600 wpa_supplicant_req_scan(wpa_s, 0, 0);
1601 } else if (ssid->disabled && ssid->disabled != 2) {
1602 if (wpa_s->current_ssid == NULL) {
1603 /*
1604 * Try to reassociate since there is no current
1605 * configuration and a new network was made available.
1606 */
1607 wpa_s->reassociate = 1;
1608 wpa_supplicant_req_scan(wpa_s, 0, 0);
1609 }
1610
1611 was_disabled = ssid->disabled;
1612
1613 ssid->disabled = 0;
1614
1615 if (was_disabled != ssid->disabled)
1616 wpas_notify_network_enabled_changed(wpa_s, ssid);
1617 }
1618 }
1619
1620
1621 /**
1622 * wpa_supplicant_disable_network - Mark a configured network as disabled
1623 * @wpa_s: wpa_supplicant structure for a network interface
1624 * @ssid: wpa_ssid structure for a configured network or %NULL
1625 *
1626 * Disables the specified network or all networks if no network specified.
1627 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)1628 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1629 struct wpa_ssid *ssid)
1630 {
1631 struct wpa_ssid *other_ssid;
1632 int was_disabled;
1633
1634 if (ssid == NULL) {
1635 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1636 other_ssid = other_ssid->next) {
1637 was_disabled = other_ssid->disabled;
1638 if (was_disabled == 2)
1639 continue; /* do not change persistent P2P group
1640 * data */
1641
1642 other_ssid->disabled = 1;
1643
1644 if (was_disabled != other_ssid->disabled)
1645 wpas_notify_network_enabled_changed(
1646 wpa_s, other_ssid);
1647 }
1648 if (wpa_s->current_ssid)
1649 wpa_supplicant_disassociate(
1650 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1651 } else if (ssid->disabled != 2) {
1652 if (ssid == wpa_s->current_ssid)
1653 wpa_supplicant_disassociate(
1654 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1655
1656 was_disabled = ssid->disabled;
1657
1658 ssid->disabled = 1;
1659
1660 if (was_disabled != ssid->disabled)
1661 wpas_notify_network_enabled_changed(wpa_s, ssid);
1662 }
1663 }
1664
1665
1666 /**
1667 * wpa_supplicant_select_network - Attempt association with a network
1668 * @wpa_s: wpa_supplicant structure for a network interface
1669 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1670 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)1671 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1672 struct wpa_ssid *ssid)
1673 {
1674
1675 struct wpa_ssid *other_ssid;
1676 int disconnected = 0;
1677
1678 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
1679 wpa_supplicant_disassociate(
1680 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1681 disconnected = 1;
1682 }
1683
1684 /*
1685 * Mark all other networks disabled or mark all networks enabled if no
1686 * network specified.
1687 */
1688 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1689 other_ssid = other_ssid->next) {
1690 int was_disabled = other_ssid->disabled;
1691 if (was_disabled == 2)
1692 continue; /* do not change persistent P2P group data */
1693
1694 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1695
1696 if (was_disabled != other_ssid->disabled)
1697 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1698 }
1699
1700 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1701 /* We are already associated with the selected network */
1702 wpa_printf(MSG_DEBUG, "Already associated with the "
1703 "selected network - do nothing");
1704 return;
1705 }
1706
1707 if (ssid)
1708 wpa_s->current_ssid = ssid;
1709 wpa_s->connect_without_scan = NULL;
1710 wpa_s->disconnected = 0;
1711 wpa_s->reassociate = 1;
1712 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
1713
1714 if (ssid)
1715 wpas_notify_network_selected(wpa_s, ssid);
1716 }
1717
1718
1719 /**
1720 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1721 * @wpa_s: wpa_supplicant structure for a network interface
1722 * @ap_scan: AP scan mode
1723 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1724 *
1725 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)1726 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1727 {
1728
1729 int old_ap_scan;
1730
1731 if (ap_scan < 0 || ap_scan > 2)
1732 return -1;
1733
1734 #ifdef ANDROID
1735 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1736 wpa_s->wpa_state >= WPA_ASSOCIATING &&
1737 wpa_s->wpa_state < WPA_COMPLETED) {
1738 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1739 "associating", wpa_s->conf->ap_scan, ap_scan);
1740 return 0;
1741 }
1742 #endif /* ANDROID */
1743
1744 old_ap_scan = wpa_s->conf->ap_scan;
1745 wpa_s->conf->ap_scan = ap_scan;
1746
1747 if (old_ap_scan != wpa_s->conf->ap_scan)
1748 wpas_notify_ap_scan_changed(wpa_s);
1749
1750 return 0;
1751 }
1752
1753
1754 /**
1755 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1756 * @wpa_s: wpa_supplicant structure for a network interface
1757 * @expire_age: Expiration age in seconds
1758 * Returns: 0 if succeed or -1 if expire_age has an invalid value
1759 *
1760 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)1761 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1762 unsigned int bss_expire_age)
1763 {
1764 if (bss_expire_age < 10) {
1765 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1766 bss_expire_age);
1767 return -1;
1768 }
1769 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1770 bss_expire_age);
1771 wpa_s->conf->bss_expiration_age = bss_expire_age;
1772
1773 return 0;
1774 }
1775
1776
1777 /**
1778 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1779 * @wpa_s: wpa_supplicant structure for a network interface
1780 * @expire_count: number of scans after which an unseen BSS is reclaimed
1781 * Returns: 0 if succeed or -1 if expire_count has an invalid value
1782 *
1783 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)1784 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1785 unsigned int bss_expire_count)
1786 {
1787 if (bss_expire_count < 1) {
1788 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1789 bss_expire_count);
1790 return -1;
1791 }
1792 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
1793 bss_expire_count);
1794 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
1795
1796 return 0;
1797 }
1798
1799
1800 /**
1801 * wpa_supplicant_set_debug_params - Set global debug params
1802 * @global: wpa_global structure
1803 * @debug_level: debug level
1804 * @debug_timestamp: determines if show timestamp in debug data
1805 * @debug_show_keys: determines if show keys in debug data
1806 * Returns: 0 if succeed or -1 if debug_level has wrong value
1807 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)1808 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1809 int debug_timestamp, int debug_show_keys)
1810 {
1811
1812 int old_level, old_timestamp, old_show_keys;
1813
1814 /* check for allowed debuglevels */
1815 if (debug_level != MSG_EXCESSIVE &&
1816 debug_level != MSG_MSGDUMP &&
1817 debug_level != MSG_DEBUG &&
1818 debug_level != MSG_INFO &&
1819 debug_level != MSG_WARNING &&
1820 debug_level != MSG_ERROR)
1821 return -1;
1822
1823 old_level = wpa_debug_level;
1824 old_timestamp = wpa_debug_timestamp;
1825 old_show_keys = wpa_debug_show_keys;
1826
1827 wpa_debug_level = debug_level;
1828 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1829 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1830
1831 if (wpa_debug_level != old_level)
1832 wpas_notify_debug_level_changed(global);
1833 if (wpa_debug_timestamp != old_timestamp)
1834 wpas_notify_debug_timestamp_changed(global);
1835 if (wpa_debug_show_keys != old_show_keys)
1836 wpas_notify_debug_show_keys_changed(global);
1837
1838 return 0;
1839 }
1840
1841
1842 /**
1843 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1844 * @wpa_s: Pointer to wpa_supplicant data
1845 * Returns: A pointer to the current network structure or %NULL on failure
1846 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)1847 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1848 {
1849 struct wpa_ssid *entry;
1850 u8 ssid[MAX_SSID_LEN];
1851 int res;
1852 size_t ssid_len;
1853 u8 bssid[ETH_ALEN];
1854 int wired;
1855
1856 res = wpa_drv_get_ssid(wpa_s, ssid);
1857 if (res < 0) {
1858 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
1859 "driver");
1860 return NULL;
1861 }
1862 ssid_len = res;
1863
1864 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1865 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
1866 "driver");
1867 return NULL;
1868 }
1869
1870 wired = wpa_s->conf->ap_scan == 0 &&
1871 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
1872
1873 entry = wpa_s->conf->ssid;
1874 while (entry) {
1875 if (!entry->disabled &&
1876 ((ssid_len == entry->ssid_len &&
1877 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1878 (!entry->bssid_set ||
1879 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1880 return entry;
1881 #ifdef CONFIG_WPS
1882 if (!entry->disabled &&
1883 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1884 (entry->ssid == NULL || entry->ssid_len == 0) &&
1885 (!entry->bssid_set ||
1886 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1887 return entry;
1888 #endif /* CONFIG_WPS */
1889
1890 if (!entry->disabled && entry->bssid_set &&
1891 entry->ssid_len == 0 &&
1892 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
1893 return entry;
1894
1895 entry = entry->next;
1896 }
1897
1898 return NULL;
1899 }
1900
1901
select_driver(struct wpa_supplicant * wpa_s,int i)1902 static int select_driver(struct wpa_supplicant *wpa_s, int i)
1903 {
1904 struct wpa_global *global = wpa_s->global;
1905
1906 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
1907 global->drv_priv[i] = wpa_drivers[i]->global_init();
1908 if (global->drv_priv[i] == NULL) {
1909 wpa_printf(MSG_ERROR, "Failed to initialize driver "
1910 "'%s'", wpa_drivers[i]->name);
1911 return -1;
1912 }
1913 }
1914
1915 wpa_s->driver = wpa_drivers[i];
1916 wpa_s->global_drv_priv = global->drv_priv[i];
1917
1918 return 0;
1919 }
1920
1921
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)1922 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1923 const char *name)
1924 {
1925 int i;
1926 size_t len;
1927 const char *pos, *driver = name;
1928
1929 if (wpa_s == NULL)
1930 return -1;
1931
1932 if (wpa_drivers[0] == NULL) {
1933 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
1934 "wpa_supplicant");
1935 return -1;
1936 }
1937
1938 if (name == NULL) {
1939 /* default to first driver in the list */
1940 return select_driver(wpa_s, 0);
1941 }
1942
1943 do {
1944 pos = os_strchr(driver, ',');
1945 if (pos)
1946 len = pos - driver;
1947 else
1948 len = os_strlen(driver);
1949
1950 for (i = 0; wpa_drivers[i]; i++) {
1951 if (os_strlen(wpa_drivers[i]->name) == len &&
1952 os_strncmp(driver, wpa_drivers[i]->name, len) ==
1953 0) {
1954 /* First driver that succeeds wins */
1955 if (select_driver(wpa_s, i) == 0)
1956 return 0;
1957 }
1958 }
1959
1960 driver = pos + 1;
1961 } while (pos);
1962
1963 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
1964 return -1;
1965 }
1966
1967
1968 /**
1969 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1970 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1971 * with struct wpa_driver_ops::init()
1972 * @src_addr: Source address of the EAPOL frame
1973 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1974 * @len: Length of the EAPOL data
1975 *
1976 * This function is called for each received EAPOL frame. Most driver
1977 * interfaces rely on more generic OS mechanism for receiving frames through
1978 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1979 * take care of received EAPOL frames and deliver them to the core supplicant
1980 * code by calling this function.
1981 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)1982 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1983 const u8 *buf, size_t len)
1984 {
1985 struct wpa_supplicant *wpa_s = ctx;
1986
1987 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1988 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1989
1990 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1991 /*
1992 * There is possible race condition between receiving the
1993 * association event and the EAPOL frame since they are coming
1994 * through different paths from the driver. In order to avoid
1995 * issues in trying to process the EAPOL frame before receiving
1996 * association information, lets queue it for processing until
1997 * the association event is received.
1998 */
1999 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
2000 "of received EAPOL frame");
2001 wpabuf_free(wpa_s->pending_eapol_rx);
2002 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
2003 if (wpa_s->pending_eapol_rx) {
2004 os_get_time(&wpa_s->pending_eapol_rx_time);
2005 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
2006 ETH_ALEN);
2007 }
2008 return;
2009 }
2010
2011 #ifdef CONFIG_AP
2012 if (wpa_s->ap_iface) {
2013 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
2014 return;
2015 }
2016 #endif /* CONFIG_AP */
2017
2018 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
2019 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
2020 "no key management is configured");
2021 return;
2022 }
2023
2024 if (wpa_s->eapol_received == 0 &&
2025 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2026 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2027 wpa_s->wpa_state != WPA_COMPLETED) &&
2028 (wpa_s->current_ssid == NULL ||
2029 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2030 /* Timeout for completing IEEE 802.1X and WPA authentication */
2031 wpa_supplicant_req_auth_timeout(
2032 wpa_s,
2033 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2034 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2035 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2036 70 : 10, 0);
2037 }
2038 wpa_s->eapol_received++;
2039
2040 if (wpa_s->countermeasures) {
2041 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2042 "EAPOL packet");
2043 return;
2044 }
2045
2046 #ifdef CONFIG_IBSS_RSN
2047 if (wpa_s->current_ssid &&
2048 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2049 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2050 return;
2051 }
2052 #endif /* CONFIG_IBSS_RSN */
2053
2054 /* Source address of the incoming EAPOL frame could be compared to the
2055 * current BSSID. However, it is possible that a centralized
2056 * Authenticator could be using another MAC address than the BSSID of
2057 * an AP, so just allow any address to be used for now. The replies are
2058 * still sent to the current BSSID (if available), though. */
2059
2060 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2061 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2062 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2063 return;
2064 wpa_drv_poll(wpa_s);
2065 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2066 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2067 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2068 /*
2069 * Set portValid = TRUE here since we are going to skip 4-way
2070 * handshake processing which would normally set portValid. We
2071 * need this to allow the EAPOL state machines to be completed
2072 * without going through EAPOL-Key handshake.
2073 */
2074 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2075 }
2076 }
2077
2078
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)2079 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2080 {
2081 if (wpa_s->driver->send_eapol) {
2082 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2083 if (addr)
2084 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2085 } else if (!(wpa_s->drv_flags &
2086 WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2087 l2_packet_deinit(wpa_s->l2);
2088 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2089 wpa_drv_get_mac_addr(wpa_s),
2090 ETH_P_EAPOL,
2091 wpa_supplicant_rx_eapol, wpa_s, 0);
2092 if (wpa_s->l2 == NULL)
2093 return -1;
2094 } else {
2095 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2096 if (addr)
2097 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2098 }
2099
2100 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2101 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2102 return -1;
2103 }
2104
2105 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2106 MAC2STR(wpa_s->own_addr));
2107 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2108
2109 return 0;
2110 }
2111
2112
2113 /**
2114 * wpa_supplicant_driver_init - Initialize driver interface parameters
2115 * @wpa_s: Pointer to wpa_supplicant data
2116 * Returns: 0 on success, -1 on failure
2117 *
2118 * This function is called to initialize driver interface parameters.
2119 * wpa_drv_init() must have been called before this function to initialize the
2120 * driver interface.
2121 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)2122 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2123 {
2124 static int interface_count = 0;
2125
2126 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2127 return -1;
2128
2129 if (wpa_s->bridge_ifname[0]) {
2130 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2131 "interface '%s'", wpa_s->bridge_ifname);
2132 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2133 wpa_s->own_addr,
2134 ETH_P_EAPOL,
2135 wpa_supplicant_rx_eapol, wpa_s,
2136 0);
2137 if (wpa_s->l2_br == NULL) {
2138 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2139 "connection for the bridge interface '%s'",
2140 wpa_s->bridge_ifname);
2141 return -1;
2142 }
2143 }
2144
2145 wpa_clear_keys(wpa_s, NULL);
2146
2147 /* Make sure that TKIP countermeasures are not left enabled (could
2148 * happen if wpa_supplicant is killed during countermeasures. */
2149 wpa_drv_set_countermeasures(wpa_s, 0);
2150
2151 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2152 wpa_drv_flush_pmkid(wpa_s);
2153
2154 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2155 wpa_s->prev_scan_wildcard = 0;
2156
2157 if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
2158 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2159 100000))
2160 wpa_supplicant_req_scan(wpa_s, interface_count,
2161 100000);
2162 interface_count++;
2163 } else
2164 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2165
2166 return 0;
2167 }
2168
2169
wpa_supplicant_daemon(const char * pid_file)2170 static int wpa_supplicant_daemon(const char *pid_file)
2171 {
2172 wpa_printf(MSG_DEBUG, "Daemonize..");
2173 return os_daemonize(pid_file);
2174 }
2175
2176
wpa_supplicant_alloc(void)2177 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2178 {
2179 struct wpa_supplicant *wpa_s;
2180
2181 wpa_s = os_zalloc(sizeof(*wpa_s));
2182 if (wpa_s == NULL)
2183 return NULL;
2184 wpa_s->scan_req = 1;
2185 wpa_s->scan_interval = 5;
2186 wpa_s->new_connection = 1;
2187 wpa_s->parent = wpa_s;
2188 wpa_s->sched_scanning = 0;
2189
2190 return wpa_s;
2191 }
2192
2193
2194 #ifdef CONFIG_HT_OVERRIDES
2195
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)2196 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2197 struct ieee80211_ht_capabilities *htcaps,
2198 struct ieee80211_ht_capabilities *htcaps_mask,
2199 const char *ht_mcs)
2200 {
2201 /* parse ht_mcs into hex array */
2202 int i;
2203 const char *tmp = ht_mcs;
2204 char *end = NULL;
2205
2206 /* If ht_mcs is null, do not set anything */
2207 if (!ht_mcs)
2208 return 0;
2209
2210 /* This is what we are setting in the kernel */
2211 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2212
2213 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2214
2215 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2216 errno = 0;
2217 long v = strtol(tmp, &end, 16);
2218 if (errno == 0) {
2219 wpa_msg(wpa_s, MSG_DEBUG,
2220 "htcap value[%i]: %ld end: %p tmp: %p",
2221 i, v, end, tmp);
2222 if (end == tmp)
2223 break;
2224
2225 htcaps->supported_mcs_set[i] = v;
2226 tmp = end;
2227 } else {
2228 wpa_msg(wpa_s, MSG_ERROR,
2229 "Failed to parse ht-mcs: %s, error: %s\n",
2230 ht_mcs, strerror(errno));
2231 return -1;
2232 }
2233 }
2234
2235 /*
2236 * If we were able to parse any values, then set mask for the MCS set.
2237 */
2238 if (i) {
2239 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2240 IEEE80211_HT_MCS_MASK_LEN - 1);
2241 /* skip the 3 reserved bits */
2242 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2243 0x1f;
2244 }
2245
2246 return 0;
2247 }
2248
2249
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)2250 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2251 struct ieee80211_ht_capabilities *htcaps,
2252 struct ieee80211_ht_capabilities *htcaps_mask,
2253 int disabled)
2254 {
2255 u16 msk;
2256
2257 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2258
2259 if (disabled == -1)
2260 return 0;
2261
2262 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2263 htcaps_mask->ht_capabilities_info |= msk;
2264 if (disabled)
2265 htcaps->ht_capabilities_info &= msk;
2266 else
2267 htcaps->ht_capabilities_info |= msk;
2268
2269 return 0;
2270 }
2271
2272
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)2273 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2274 struct ieee80211_ht_capabilities *htcaps,
2275 struct ieee80211_ht_capabilities *htcaps_mask,
2276 int factor)
2277 {
2278 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2279
2280 if (factor == -1)
2281 return 0;
2282
2283 if (factor < 0 || factor > 3) {
2284 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2285 "Must be 0-3 or -1", factor);
2286 return -EINVAL;
2287 }
2288
2289 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2290 htcaps->a_mpdu_params &= ~0x3;
2291 htcaps->a_mpdu_params |= factor & 0x3;
2292
2293 return 0;
2294 }
2295
2296
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)2297 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2298 struct ieee80211_ht_capabilities *htcaps,
2299 struct ieee80211_ht_capabilities *htcaps_mask,
2300 int density)
2301 {
2302 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2303
2304 if (density == -1)
2305 return 0;
2306
2307 if (density < 0 || density > 7) {
2308 wpa_msg(wpa_s, MSG_ERROR,
2309 "ampdu_density: %d out of range. Must be 0-7 or -1.",
2310 density);
2311 return -EINVAL;
2312 }
2313
2314 htcaps_mask->a_mpdu_params |= 0x1C;
2315 htcaps->a_mpdu_params &= ~(0x1C);
2316 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2317
2318 return 0;
2319 }
2320
2321
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)2322 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2323 struct ieee80211_ht_capabilities *htcaps,
2324 struct ieee80211_ht_capabilities *htcaps_mask,
2325 int disabled)
2326 {
2327 /* Masking these out disables HT40 */
2328 u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2329 HT_CAP_INFO_SHORT_GI40MHZ);
2330
2331 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2332
2333 if (disabled)
2334 htcaps->ht_capabilities_info &= ~msk;
2335 else
2336 htcaps->ht_capabilities_info |= msk;
2337
2338 htcaps_mask->ht_capabilities_info |= msk;
2339
2340 return 0;
2341 }
2342
2343
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)2344 void wpa_supplicant_apply_ht_overrides(
2345 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2346 struct wpa_driver_associate_params *params)
2347 {
2348 struct ieee80211_ht_capabilities *htcaps;
2349 struct ieee80211_ht_capabilities *htcaps_mask;
2350
2351 if (!ssid)
2352 return;
2353
2354 params->disable_ht = ssid->disable_ht;
2355 if (!params->htcaps || !params->htcaps_mask)
2356 return;
2357
2358 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2359 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2360 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2361 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2362 ssid->disable_max_amsdu);
2363 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2364 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2365 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2366 }
2367
2368 #endif /* CONFIG_HT_OVERRIDES */
2369
2370
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,struct wpa_interface * iface)2371 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2372 struct wpa_interface *iface)
2373 {
2374 const char *ifname, *driver;
2375 struct wpa_driver_capa capa;
2376
2377 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2378 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2379 iface->confname ? iface->confname : "N/A",
2380 iface->driver ? iface->driver : "default",
2381 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2382 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2383
2384 if (iface->confname) {
2385 #ifdef CONFIG_BACKEND_FILE
2386 wpa_s->confname = os_rel2abs_path(iface->confname);
2387 if (wpa_s->confname == NULL) {
2388 wpa_printf(MSG_ERROR, "Failed to get absolute path "
2389 "for configuration file '%s'.",
2390 iface->confname);
2391 return -1;
2392 }
2393 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2394 iface->confname, wpa_s->confname);
2395 #else /* CONFIG_BACKEND_FILE */
2396 wpa_s->confname = os_strdup(iface->confname);
2397 #endif /* CONFIG_BACKEND_FILE */
2398 wpa_s->conf = wpa_config_read(wpa_s->confname);
2399 if (wpa_s->conf == NULL) {
2400 wpa_printf(MSG_ERROR, "Failed to read or parse "
2401 "configuration '%s'.", wpa_s->confname);
2402 return -1;
2403 }
2404
2405 /*
2406 * Override ctrl_interface and driver_param if set on command
2407 * line.
2408 */
2409 if (iface->ctrl_interface) {
2410 os_free(wpa_s->conf->ctrl_interface);
2411 wpa_s->conf->ctrl_interface =
2412 os_strdup(iface->ctrl_interface);
2413 }
2414
2415 if (iface->driver_param) {
2416 os_free(wpa_s->conf->driver_param);
2417 wpa_s->conf->driver_param =
2418 os_strdup(iface->driver_param);
2419 }
2420 } else
2421 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2422 iface->driver_param);
2423
2424 if (wpa_s->conf == NULL) {
2425 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2426 return -1;
2427 }
2428
2429 if (iface->ifname == NULL) {
2430 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2431 return -1;
2432 }
2433 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2434 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2435 iface->ifname);
2436 return -1;
2437 }
2438 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2439
2440 if (iface->bridge_ifname) {
2441 if (os_strlen(iface->bridge_ifname) >=
2442 sizeof(wpa_s->bridge_ifname)) {
2443 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2444 "name '%s'.", iface->bridge_ifname);
2445 return -1;
2446 }
2447 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2448 sizeof(wpa_s->bridge_ifname));
2449 }
2450
2451 /* RSNA Supplicant Key Management - INITIALIZE */
2452 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2453 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2454
2455 /* Initialize driver interface and register driver event handler before
2456 * L2 receive handler so that association events are processed before
2457 * EAPOL-Key packets if both become available for the same select()
2458 * call. */
2459 driver = iface->driver;
2460 next_driver:
2461 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2462 return -1;
2463
2464 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2465 if (wpa_s->drv_priv == NULL) {
2466 const char *pos;
2467 pos = driver ? os_strchr(driver, ',') : NULL;
2468 if (pos) {
2469 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2470 "driver interface - try next driver wrapper");
2471 driver = pos + 1;
2472 goto next_driver;
2473 }
2474 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2475 "interface");
2476 return -1;
2477 }
2478 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2479 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2480 "driver_param '%s'", wpa_s->conf->driver_param);
2481 return -1;
2482 }
2483
2484 ifname = wpa_drv_get_ifname(wpa_s);
2485 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2486 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2487 "interface name with '%s'", ifname);
2488 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2489 }
2490
2491 if (wpa_supplicant_init_wpa(wpa_s) < 0)
2492 return -1;
2493
2494 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2495 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2496 NULL);
2497 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2498
2499 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2500 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2501 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2502 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2503 "dot11RSNAConfigPMKLifetime");
2504 return -1;
2505 }
2506
2507 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2508 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2509 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2510 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2511 "dot11RSNAConfigPMKReauthThreshold");
2512 return -1;
2513 }
2514
2515 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2516 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2517 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2518 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2519 "dot11RSNAConfigSATimeout");
2520 return -1;
2521 }
2522
2523 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2524 &wpa_s->hw.num_modes,
2525 &wpa_s->hw.flags);
2526
2527 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2528 wpa_s->drv_capa_known = 1;
2529 wpa_s->drv_flags = capa.flags;
2530 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
2531 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2532 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2533 wpa_s->sched_scan_supported = capa.sched_scan_supported;
2534 wpa_s->max_match_sets = capa.max_match_sets;
2535 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2536 wpa_s->max_stations = capa.max_stations;
2537 }
2538 if (wpa_s->max_remain_on_chan == 0)
2539 wpa_s->max_remain_on_chan = 1000;
2540
2541 if (wpa_supplicant_driver_init(wpa_s) < 0)
2542 return -1;
2543
2544 #ifdef CONFIG_TDLS
2545 if (wpa_tdls_init(wpa_s->wpa))
2546 return -1;
2547 #endif /* CONFIG_TDLS */
2548
2549 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2550 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2551 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2552 return -1;
2553 }
2554
2555 if (wpas_wps_init(wpa_s))
2556 return -1;
2557
2558 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2559 return -1;
2560 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2561
2562 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2563 if (wpa_s->ctrl_iface == NULL) {
2564 wpa_printf(MSG_ERROR,
2565 "Failed to initialize control interface '%s'.\n"
2566 "You may have another wpa_supplicant process "
2567 "already running or the file was\n"
2568 "left by an unclean termination of wpa_supplicant "
2569 "in which case you will need\n"
2570 "to manually remove this file before starting "
2571 "wpa_supplicant again.\n",
2572 wpa_s->conf->ctrl_interface);
2573 return -1;
2574 }
2575
2576 wpa_s->gas = gas_query_init(wpa_s);
2577 if (wpa_s->gas == NULL) {
2578 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
2579 return -1;
2580 }
2581
2582 #ifdef CONFIG_P2P
2583 if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2584 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2585 return -1;
2586 }
2587 #endif /* CONFIG_P2P */
2588
2589 if (wpa_bss_init(wpa_s) < 0)
2590 return -1;
2591
2592 return 0;
2593 }
2594
2595
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)2596 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2597 int notify, int terminate)
2598 {
2599 if (wpa_s->drv_priv) {
2600 wpa_supplicant_deauthenticate(wpa_s,
2601 WLAN_REASON_DEAUTH_LEAVING);
2602
2603 wpa_drv_set_countermeasures(wpa_s, 0);
2604 wpa_clear_keys(wpa_s, NULL);
2605 }
2606
2607 wpa_supplicant_cleanup(wpa_s);
2608
2609 if (wpa_s->drv_priv)
2610 wpa_drv_deinit(wpa_s);
2611
2612 if (notify)
2613 wpas_notify_iface_removed(wpa_s);
2614
2615 if (terminate)
2616 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
2617
2618 if (wpa_s->ctrl_iface) {
2619 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
2620 wpa_s->ctrl_iface = NULL;
2621 }
2622
2623 if (wpa_s->conf != NULL) {
2624 wpa_config_free(wpa_s->conf);
2625 wpa_s->conf = NULL;
2626 }
2627 }
2628
2629
2630 /**
2631 * wpa_supplicant_add_iface - Add a new network interface
2632 * @global: Pointer to global data from wpa_supplicant_init()
2633 * @iface: Interface configuration options
2634 * Returns: Pointer to the created interface or %NULL on failure
2635 *
2636 * This function is used to add new network interfaces for %wpa_supplicant.
2637 * This can be called before wpa_supplicant_run() to add interfaces before the
2638 * main event loop has been started. In addition, new interfaces can be added
2639 * dynamically while %wpa_supplicant is already running. This could happen,
2640 * e.g., when a hotplug network adapter is inserted.
2641 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface)2642 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2643 struct wpa_interface *iface)
2644 {
2645 struct wpa_supplicant *wpa_s;
2646 struct wpa_interface t_iface;
2647 struct wpa_ssid *ssid;
2648
2649 if (global == NULL || iface == NULL)
2650 return NULL;
2651
2652 wpa_s = wpa_supplicant_alloc();
2653 if (wpa_s == NULL)
2654 return NULL;
2655
2656 wpa_s->global = global;
2657
2658 t_iface = *iface;
2659 if (global->params.override_driver) {
2660 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2661 "('%s' -> '%s')",
2662 iface->driver, global->params.override_driver);
2663 t_iface.driver = global->params.override_driver;
2664 }
2665 if (global->params.override_ctrl_interface) {
2666 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2667 "ctrl_interface ('%s' -> '%s')",
2668 iface->ctrl_interface,
2669 global->params.override_ctrl_interface);
2670 t_iface.ctrl_interface =
2671 global->params.override_ctrl_interface;
2672 }
2673 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2674 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2675 iface->ifname);
2676 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
2677 os_free(wpa_s);
2678 return NULL;
2679 }
2680
2681 /* Notify the control interfaces about new iface */
2682 if (wpas_notify_iface_added(wpa_s)) {
2683 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
2684 os_free(wpa_s);
2685 return NULL;
2686 }
2687
2688 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2689 wpas_notify_network_added(wpa_s, ssid);
2690
2691 wpa_s->next = global->ifaces;
2692 global->ifaces = wpa_s;
2693
2694 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2695
2696 return wpa_s;
2697 }
2698
2699
2700 /**
2701 * wpa_supplicant_remove_iface - Remove a network interface
2702 * @global: Pointer to global data from wpa_supplicant_init()
2703 * @wpa_s: Pointer to the network interface to be removed
2704 * Returns: 0 if interface was removed, -1 if interface was not found
2705 *
2706 * This function can be used to dynamically remove network interfaces from
2707 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2708 * addition, this function is used to remove all remaining interfaces when
2709 * %wpa_supplicant is terminated.
2710 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)2711 int wpa_supplicant_remove_iface(struct wpa_global *global,
2712 struct wpa_supplicant *wpa_s,
2713 int terminate)
2714 {
2715 struct wpa_supplicant *prev;
2716
2717 /* Remove interface from the global list of interfaces */
2718 prev = global->ifaces;
2719 if (prev == wpa_s) {
2720 global->ifaces = wpa_s->next;
2721 } else {
2722 while (prev && prev->next != wpa_s)
2723 prev = prev->next;
2724 if (prev == NULL)
2725 return -1;
2726 prev->next = wpa_s->next;
2727 }
2728
2729 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2730
2731 if (global->p2p_group_formation == wpa_s)
2732 global->p2p_group_formation = NULL;
2733 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
2734 os_free(wpa_s);
2735
2736 return 0;
2737 }
2738
2739
2740 /**
2741 * wpa_supplicant_get_eap_mode - Get the current EAP mode
2742 * @wpa_s: Pointer to the network interface
2743 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
2744 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)2745 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
2746 {
2747 const char *eapol_method;
2748
2749 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
2750 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2751 return "NO-EAP";
2752 }
2753
2754 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
2755 if (eapol_method == NULL)
2756 return "UNKNOWN-EAP";
2757
2758 return eapol_method;
2759 }
2760
2761
2762 /**
2763 * wpa_supplicant_get_iface - Get a new network interface
2764 * @global: Pointer to global data from wpa_supplicant_init()
2765 * @ifname: Interface name
2766 * Returns: Pointer to the interface or %NULL if not found
2767 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)2768 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2769 const char *ifname)
2770 {
2771 struct wpa_supplicant *wpa_s;
2772
2773 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2774 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2775 return wpa_s;
2776 }
2777 return NULL;
2778 }
2779
2780
2781 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)2782 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
2783 {
2784 struct wpa_supplicant *wpa_s = ctx;
2785 if (wpa_s == NULL)
2786 return NULL;
2787 return wpa_s->ifname;
2788 }
2789 #endif /* CONFIG_NO_WPA_MSG */
2790
2791
2792 /**
2793 * wpa_supplicant_init - Initialize %wpa_supplicant
2794 * @params: Parameters for %wpa_supplicant
2795 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2796 *
2797 * This function is used to initialize %wpa_supplicant. After successful
2798 * initialization, the returned data pointer can be used to add and remove
2799 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2800 */
wpa_supplicant_init(struct wpa_params * params)2801 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2802 {
2803 struct wpa_global *global;
2804 int ret, i;
2805
2806 if (params == NULL)
2807 return NULL;
2808
2809 #ifdef CONFIG_DRIVER_NDIS
2810 {
2811 void driver_ndis_init_ops(void);
2812 driver_ndis_init_ops();
2813 }
2814 #endif /* CONFIG_DRIVER_NDIS */
2815
2816 #ifndef CONFIG_NO_WPA_MSG
2817 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
2818 #endif /* CONFIG_NO_WPA_MSG */
2819
2820 wpa_debug_open_file(params->wpa_debug_file_path);
2821 if (params->wpa_debug_syslog)
2822 wpa_debug_open_syslog();
2823
2824 ret = eap_register_methods();
2825 if (ret) {
2826 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2827 if (ret == -2)
2828 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2829 "the same EAP type.");
2830 return NULL;
2831 }
2832
2833 global = os_zalloc(sizeof(*global));
2834 if (global == NULL)
2835 return NULL;
2836 dl_list_init(&global->p2p_srv_bonjour);
2837 dl_list_init(&global->p2p_srv_upnp);
2838 global->params.daemonize = params->daemonize;
2839 global->params.wait_for_monitor = params->wait_for_monitor;
2840 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2841 if (params->pid_file)
2842 global->params.pid_file = os_strdup(params->pid_file);
2843 if (params->ctrl_interface)
2844 global->params.ctrl_interface =
2845 os_strdup(params->ctrl_interface);
2846 if (params->override_driver)
2847 global->params.override_driver =
2848 os_strdup(params->override_driver);
2849 if (params->override_ctrl_interface)
2850 global->params.override_ctrl_interface =
2851 os_strdup(params->override_ctrl_interface);
2852 wpa_debug_level = global->params.wpa_debug_level =
2853 params->wpa_debug_level;
2854 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2855 params->wpa_debug_show_keys;
2856 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2857 params->wpa_debug_timestamp;
2858
2859 wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
2860
2861 if (eloop_init()) {
2862 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2863 wpa_supplicant_deinit(global);
2864 return NULL;
2865 }
2866
2867 random_init(params->entropy_file);
2868
2869 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2870 if (global->ctrl_iface == NULL) {
2871 wpa_supplicant_deinit(global);
2872 return NULL;
2873 }
2874
2875 if (wpas_notify_supplicant_initialized(global)) {
2876 wpa_supplicant_deinit(global);
2877 return NULL;
2878 }
2879
2880 for (i = 0; wpa_drivers[i]; i++)
2881 global->drv_count++;
2882 if (global->drv_count == 0) {
2883 wpa_printf(MSG_ERROR, "No drivers enabled");
2884 wpa_supplicant_deinit(global);
2885 return NULL;
2886 }
2887 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2888 if (global->drv_priv == NULL) {
2889 wpa_supplicant_deinit(global);
2890 return NULL;
2891 }
2892
2893 return global;
2894 }
2895
2896
2897 /**
2898 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2899 * @global: Pointer to global data from wpa_supplicant_init()
2900 * Returns: 0 after successful event loop run, -1 on failure
2901 *
2902 * This function starts the main event loop and continues running as long as
2903 * there are any remaining events. In most cases, this function is running as
2904 * long as the %wpa_supplicant process in still in use.
2905 */
wpa_supplicant_run(struct wpa_global * global)2906 int wpa_supplicant_run(struct wpa_global *global)
2907 {
2908 struct wpa_supplicant *wpa_s;
2909
2910 if (global->params.daemonize &&
2911 wpa_supplicant_daemon(global->params.pid_file))
2912 return -1;
2913
2914 if (global->params.wait_for_monitor) {
2915 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2916 if (wpa_s->ctrl_iface)
2917 wpa_supplicant_ctrl_iface_wait(
2918 wpa_s->ctrl_iface);
2919 }
2920
2921 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
2922 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
2923
2924 eloop_run();
2925
2926 return 0;
2927 }
2928
2929
2930 /**
2931 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2932 * @global: Pointer to global data from wpa_supplicant_init()
2933 *
2934 * This function is called to deinitialize %wpa_supplicant and to free all
2935 * allocated resources. Remaining network interfaces will also be removed.
2936 */
wpa_supplicant_deinit(struct wpa_global * global)2937 void wpa_supplicant_deinit(struct wpa_global *global)
2938 {
2939 int i;
2940
2941 if (global == NULL)
2942 return;
2943
2944 #ifdef CONFIG_P2P
2945 wpas_p2p_deinit_global(global);
2946 #endif /* CONFIG_P2P */
2947
2948 while (global->ifaces)
2949 wpa_supplicant_remove_iface(global, global->ifaces, 1);
2950
2951 if (global->ctrl_iface)
2952 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2953
2954 wpas_notify_supplicant_deinitialized(global);
2955
2956 eap_peer_unregister_methods();
2957 #ifdef CONFIG_AP
2958 eap_server_unregister_methods();
2959 #endif /* CONFIG_AP */
2960
2961 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
2962 if (!global->drv_priv[i])
2963 continue;
2964 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
2965 }
2966 os_free(global->drv_priv);
2967
2968 random_deinit();
2969
2970 eloop_destroy();
2971
2972 if (global->params.pid_file) {
2973 os_daemonize_terminate(global->params.pid_file);
2974 os_free(global->params.pid_file);
2975 }
2976 os_free(global->params.ctrl_interface);
2977 os_free(global->params.override_driver);
2978 os_free(global->params.override_ctrl_interface);
2979
2980 os_free(global);
2981 wpa_debug_close_syslog();
2982 wpa_debug_close_file();
2983 }
2984
2985
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)2986 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
2987 {
2988 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
2989 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
2990 char country[3];
2991 country[0] = wpa_s->conf->country[0];
2992 country[1] = wpa_s->conf->country[1];
2993 country[2] = '\0';
2994 if (wpa_drv_set_country(wpa_s, country) < 0) {
2995 wpa_printf(MSG_ERROR, "Failed to set country code "
2996 "'%s'", country);
2997 }
2998 }
2999
3000 #ifdef CONFIG_WPS
3001 wpas_wps_update_config(wpa_s);
3002 #endif /* CONFIG_WPS */
3003
3004 #ifdef CONFIG_P2P
3005 wpas_p2p_update_config(wpa_s);
3006 #endif /* CONFIG_P2P */
3007
3008 wpa_s->conf->changed_parameters = 0;
3009 }
3010
3011
add_freq(int * freqs,int * num_freqs,int freq)3012 static void add_freq(int *freqs, int *num_freqs, int freq)
3013 {
3014 int i;
3015
3016 for (i = 0; i < *num_freqs; i++) {
3017 if (freqs[i] == freq)
3018 return;
3019 }
3020
3021 freqs[*num_freqs] = freq;
3022 (*num_freqs)++;
3023 }
3024
3025
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)3026 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3027 {
3028 struct wpa_bss *bss, *cbss;
3029 const int max_freqs = 10;
3030 int *freqs;
3031 int num_freqs = 0;
3032
3033 freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3034 if (freqs == NULL)
3035 return NULL;
3036
3037 cbss = wpa_s->current_bss;
3038
3039 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3040 if (bss == cbss)
3041 continue;
3042 if (bss->ssid_len == cbss->ssid_len &&
3043 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3044 wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3045 add_freq(freqs, &num_freqs, bss->freq);
3046 if (num_freqs == max_freqs)
3047 break;
3048 }
3049 }
3050
3051 if (num_freqs == 0) {
3052 os_free(freqs);
3053 freqs = NULL;
3054 }
3055
3056 return freqs;
3057 }
3058
3059
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid)3060 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3061 {
3062 int timeout;
3063 int count;
3064 int *freqs = NULL;
3065
3066 /*
3067 * Remove possible authentication timeout since the connection failed.
3068 */
3069 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3070
3071 /*
3072 * Add the failed BSSID into the blacklist and speed up next scan
3073 * attempt if there could be other APs that could accept association.
3074 * The current blacklist count indicates how many times we have tried
3075 * connecting to this AP and multiple attempts mean that other APs are
3076 * either not available or has already been tried, so that we can start
3077 * increasing the delay here to avoid constant scanning.
3078 */
3079 count = wpa_blacklist_add(wpa_s, bssid);
3080 if (count == 1 && wpa_s->current_bss) {
3081 /*
3082 * This BSS was not in the blacklist before. If there is
3083 * another BSS available for the same ESS, we should try that
3084 * next. Otherwise, we may as well try this one once more
3085 * before allowing other, likely worse, ESSes to be considered.
3086 */
3087 freqs = get_bss_freqs_in_ess(wpa_s);
3088 if (freqs) {
3089 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3090 "has been seen; try it next");
3091 wpa_blacklist_add(wpa_s, bssid);
3092 /*
3093 * On the next scan, go through only the known channels
3094 * used in this ESS based on previous scans to speed up
3095 * common load balancing use case.
3096 */
3097 os_free(wpa_s->next_scan_freqs);
3098 wpa_s->next_scan_freqs = freqs;
3099 }
3100 }
3101
3102 switch (count) {
3103 case 1:
3104 timeout = 100;
3105 break;
3106 case 2:
3107 timeout = 500;
3108 break;
3109 case 3:
3110 timeout = 1000;
3111 break;
3112 default:
3113 timeout = 5000;
3114 }
3115
3116 /*
3117 * TODO: if more than one possible AP is available in scan results,
3118 * could try the other ones before requesting a new scan.
3119 */
3120 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
3121 1000 * (timeout % 1000));
3122 }
3123
3124
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)3125 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
3126 {
3127 return wpa_s->conf->ap_scan == 2 ||
3128 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
3129 }
3130
3131 #ifdef ANDROID_P2P
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)3132 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
3133 {
3134 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
3135 return 1;
3136 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
3137 return 0;
3138
3139 /* IF conc_priority is not set, return -1 */
3140 return -1;
3141 }
3142 #endif
3143