Select the BSD license terms as the only license alternative
[build-utilities/hostap.git] / wpa_supplicant / wpa_supplicant.c
1 /*
2  * WPA Supplicant
3  * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi>
4  *
5  * This program is free software; you can redistribute it and/or modify
6  * it under the terms of the GNU General Public License version 2 as
7  * published by the Free Software Foundation.
8  *
9  * Alternatively, this software may be distributed under the terms of BSD
10  * license.
11  *
12  * See README and COPYING for more details.
13  *
14  * This file implements functions for registering and unregistering
15  * %wpa_supplicant interfaces. In addition, this file contains number of
16  * functions for managing network connections.
17  */
19 #include "includes.h"
21 #include "common.h"
22 #include "crypto/random.h"
23 #include "crypto/sha1.h"
24 #include "eapol_supp/eapol_supp_sm.h"
25 #include "eap_peer/eap.h"
26 #include "eap_server/eap_methods.h"
27 #include "rsn_supp/wpa.h"
28 #include "eloop.h"
29 #include "config.h"
30 #include "l2_packet/l2_packet.h"
31 #include "wpa_supplicant_i.h"
32 #include "driver_i.h"
33 #include "ctrl_iface.h"
34 #include "pcsc_funcs.h"
35 #include "common/version.h"
36 #include "rsn_supp/preauth.h"
37 #include "rsn_supp/pmksa_cache.h"
38 #include "common/wpa_ctrl.h"
39 #include "common/ieee802_11_defs.h"
40 #include "p2p/p2p.h"
41 #include "blacklist.h"
42 #include "wpas_glue.h"
43 #include "wps_supplicant.h"
44 #include "ibss_rsn.h"
45 #include "sme.h"
46 #include "gas_query.h"
47 #include "ap.h"
48 #include "p2p_supplicant.h"
49 #include "notify.h"
50 #include "bgscan.h"
51 #include "bss.h"
52 #include "scan.h"
53 #include "offchannel.h"
55 const char *wpa_supplicant_version =
56 "wpa_supplicant v" VERSION_STR "\n"
57 "Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors";
59 const char *wpa_supplicant_license =
60 "This software may be distributed under the terms of the BSD license.\n"
61 "See README for more details.\n"
62 #ifdef EAP_TLS_OPENSSL
63 "\nThis product includes software developed by the OpenSSL Project\n"
64 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
65 #endif /* EAP_TLS_OPENSSL */
66 ;
68 #ifndef CONFIG_NO_STDOUT_DEBUG
69 /* Long text divided into parts in order to fit in C89 strings size limits. */
70 const char *wpa_supplicant_full_license1 =
71 "";
72 const char *wpa_supplicant_full_license2 =
73 "This software may be distributed under the terms of the BSD license.\n"
74 "\n"
75 "Redistribution and use in source and binary forms, with or without\n"
76 "modification, are permitted provided that the following conditions are\n"
77 "met:\n"
78 "\n";
79 const char *wpa_supplicant_full_license3 =
80 "1. Redistributions of source code must retain the above copyright\n"
81 "   notice, this list of conditions and the following disclaimer.\n"
82 "\n"
83 "2. Redistributions in binary form must reproduce the above copyright\n"
84 "   notice, this list of conditions and the following disclaimer in the\n"
85 "   documentation and/or other materials provided with the distribution.\n"
86 "\n";
87 const char *wpa_supplicant_full_license4 =
88 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
89 "   names of its contributors may be used to endorse or promote products\n"
90 "   derived from this software without specific prior written permission.\n"
91 "\n"
92 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
93 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
94 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
95 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
96 const char *wpa_supplicant_full_license5 =
97 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
98 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
99 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
100 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
101 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
102 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
103 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
104 "\n";
105 #endif /* CONFIG_NO_STDOUT_DEBUG */
107 extern int wpa_debug_level;
108 extern int wpa_debug_show_keys;
109 extern int wpa_debug_timestamp;
110 extern struct wpa_driver_ops *wpa_drivers[];
112 /* Configure default/group WEP keys for static WEP */
113 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
115         int i, set = 0;
117         for (i = 0; i < NUM_WEP_KEYS; i++) {
118                 if (ssid->wep_key_len[i] == 0)
119                         continue;
121                 set = 1;
122                 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL,
123                                 i, i == ssid->wep_tx_keyidx, NULL, 0,
124                                 ssid->wep_key[i], ssid->wep_key_len[i]);
125         }
127         return set;
131 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
132                                            struct wpa_ssid *ssid)
134         u8 key[32];
135         size_t keylen;
136         enum wpa_alg alg;
137         u8 seq[6] = { 0 };
139         /* IBSS/WPA-None uses only one key (Group) for both receiving and
140          * sending unicast and multicast packets. */
142         if (ssid->mode != WPAS_MODE_IBSS) {
143                 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
144                         "IBSS/ad-hoc) for WPA-None", ssid->mode);
145                 return -1;
146         }
148         if (!ssid->psk_set) {
149                 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
150                         "WPA-None");
151                 return -1;
152         }
154         switch (wpa_s->group_cipher) {
155         case WPA_CIPHER_CCMP:
156                 os_memcpy(key, ssid->psk, 16);
157                 keylen = 16;
158                 alg = WPA_ALG_CCMP;
159                 break;
160         case WPA_CIPHER_TKIP:
161                 /* WPA-None uses the same Michael MIC key for both TX and RX */
162                 os_memcpy(key, ssid->psk, 16 + 8);
163                 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
164                 keylen = 32;
165                 alg = WPA_ALG_TKIP;
166                 break;
167         default:
168                 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
169                         "WPA-None", wpa_s->group_cipher);
170                 return -1;
171         }
173         /* TODO: should actually remember the previously used seq#, both for TX
174          * and RX from each STA.. */
176         return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen);
180 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
182         struct wpa_supplicant *wpa_s = eloop_ctx;
183         const u8 *bssid = wpa_s->bssid;
184         if (is_zero_ether_addr(bssid))
185                 bssid = wpa_s->pending_bssid;
186         wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
187                 MAC2STR(bssid));
188         wpa_blacklist_add(wpa_s, bssid);
189         wpa_sm_notify_disassoc(wpa_s->wpa);
190         wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
191         wpa_s->reassociate = 1;
193         /*
194          * If we timed out, the AP or the local radio may be busy.
195          * So, wait a second until scanning again.
196          */
197         wpa_supplicant_req_scan(wpa_s, 1, 0);
201 /**
202  * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
203  * @wpa_s: Pointer to wpa_supplicant data
204  * @sec: Number of seconds after which to time out authentication
205  * @usec: Number of microseconds after which to time out authentication
206  *
207  * This function is used to schedule a timeout for the current authentication
208  * attempt.
209  */
210 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
211                                      int sec, int usec)
213         if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
214             (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
215                 return;
217         wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
218                 "%d usec", sec, usec);
219         eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
220         eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
224 /**
225  * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
226  * @wpa_s: Pointer to wpa_supplicant data
227  *
228  * This function is used to cancel authentication timeout scheduled with
229  * wpa_supplicant_req_auth_timeout() and it is called when authentication has
230  * been completed.
231  */
232 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
234         wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
235         eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
236         wpa_blacklist_del(wpa_s, wpa_s->bssid);
240 /**
241  * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
242  * @wpa_s: Pointer to wpa_supplicant data
243  *
244  * This function is used to configure EAPOL state machine based on the selected
245  * authentication mode.
246  */
247 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
249 #ifdef IEEE8021X_EAPOL
250         struct eapol_config eapol_conf;
251         struct wpa_ssid *ssid = wpa_s->current_ssid;
253 #ifdef CONFIG_IBSS_RSN
254         if (ssid->mode == WPAS_MODE_IBSS &&
255             wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
256             wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
257                 /*
258                  * RSN IBSS authentication is per-STA and we can disable the
259                  * per-BSSID EAPOL authentication.
260                  */
261                 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
262                 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
263                 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
264                 return;
265         }
266 #endif /* CONFIG_IBSS_RSN */
268         eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
269         eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271         if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
272             wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
273                 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
274         else
275                 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
277         os_memset(&eapol_conf, 0, sizeof(eapol_conf));
278         if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
279                 eapol_conf.accept_802_1x_keys = 1;
280                 eapol_conf.required_keys = 0;
281                 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
282                         eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
283                 }
284                 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
285                         eapol_conf.required_keys |=
286                                 EAPOL_REQUIRE_KEY_BROADCAST;
287                 }
289                 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
290                         eapol_conf.required_keys = 0;
291         }
292         if (wpa_s->conf)
293                 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
294         eapol_conf.workaround = ssid->eap_workaround;
295         eapol_conf.eap_disabled =
296                 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
297                 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
298                 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
299         eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
300 #endif /* IEEE8021X_EAPOL */
304 /**
305  * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
306  * @wpa_s: Pointer to wpa_supplicant data
307  * @ssid: Configuration data for the network
308  *
309  * This function is used to configure WPA state machine and related parameters
310  * to a mode where WPA is not enabled. This is called as part of the
311  * authentication configuration when the selected network does not use WPA.
312  */
313 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
314                                        struct wpa_ssid *ssid)
316         int i;
318         if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
319                 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
320         else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
321                 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
322         else
323                 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
324         wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
325         wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
326         wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
327         wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
328         wpa_s->group_cipher = WPA_CIPHER_NONE;
329         wpa_s->mgmt_group_cipher = 0;
331         for (i = 0; i < NUM_WEP_KEYS; i++) {
332                 if (ssid->wep_key_len[i] > 5) {
333                         wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
334                         wpa_s->group_cipher = WPA_CIPHER_WEP104;
335                         break;
336                 } else if (ssid->wep_key_len[i] > 0) {
337                         wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
338                         wpa_s->group_cipher = WPA_CIPHER_WEP40;
339                         break;
340                 }
341         }
343         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
344         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
345         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
346                          wpa_s->pairwise_cipher);
347         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
348 #ifdef CONFIG_IEEE80211W
349         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
350                          wpa_s->mgmt_group_cipher);
351 #endif /* CONFIG_IEEE80211W */
353         pmksa_cache_clear_current(wpa_s->wpa);
357 static void free_hw_features(struct wpa_supplicant *wpa_s)
359         int i;
360         if (wpa_s->hw.modes == NULL)
361                 return;
363         for (i = 0; i < wpa_s->hw.num_modes; i++) {
364                 os_free(wpa_s->hw.modes[i].channels);
365                 os_free(wpa_s->hw.modes[i].rates);
366         }
368         os_free(wpa_s->hw.modes);
369         wpa_s->hw.modes = NULL;
373 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
375         bgscan_deinit(wpa_s);
376         scard_deinit(wpa_s->scard);
377         wpa_s->scard = NULL;
378         wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
379         eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
380         l2_packet_deinit(wpa_s->l2);
381         wpa_s->l2 = NULL;
382         if (wpa_s->l2_br) {
383                 l2_packet_deinit(wpa_s->l2_br);
384                 wpa_s->l2_br = NULL;
385         }
387         if (wpa_s->conf != NULL) {
388                 struct wpa_ssid *ssid;
389                 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
390                         wpas_notify_network_removed(wpa_s, ssid);
391         }
393         os_free(wpa_s->confname);
394         wpa_s->confname = NULL;
396         wpa_sm_set_eapol(wpa_s->wpa, NULL);
397         eapol_sm_deinit(wpa_s->eapol);
398         wpa_s->eapol = NULL;
400         rsn_preauth_deinit(wpa_s->wpa);
402 #ifdef CONFIG_TDLS
403         wpa_tdls_deinit(wpa_s->wpa);
404 #endif /* CONFIG_TDLS */
406         pmksa_candidate_free(wpa_s->wpa);
407         wpa_sm_deinit(wpa_s->wpa);
408         wpa_s->wpa = NULL;
409         wpa_blacklist_clear(wpa_s);
411         wpa_bss_deinit(wpa_s);
413         wpa_supplicant_cancel_scan(wpa_s);
414         wpa_supplicant_cancel_auth_timeout(wpa_s);
415         eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
416 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
417         eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
418                              wpa_s, NULL);
419 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
421         wpas_wps_deinit(wpa_s);
423         wpabuf_free(wpa_s->pending_eapol_rx);
424         wpa_s->pending_eapol_rx = NULL;
426 #ifdef CONFIG_IBSS_RSN
427         ibss_rsn_deinit(wpa_s->ibss_rsn);
428         wpa_s->ibss_rsn = NULL;
429 #endif /* CONFIG_IBSS_RSN */
431         sme_deinit(wpa_s);
433 #ifdef CONFIG_AP
434         wpa_supplicant_ap_deinit(wpa_s);
435 #endif /* CONFIG_AP */
437 #ifdef CONFIG_P2P
438         wpas_p2p_deinit(wpa_s);
439 #endif /* CONFIG_P2P */
441 #ifdef CONFIG_OFFCHANNEL
442         offchannel_deinit(wpa_s);
443 #endif /* CONFIG_OFFCHANNEL */
445         wpa_supplicant_cancel_sched_scan(wpa_s);
447         os_free(wpa_s->next_scan_freqs);
448         wpa_s->next_scan_freqs = NULL;
450         gas_query_deinit(wpa_s->gas);
451         wpa_s->gas = NULL;
453         free_hw_features(wpa_s);
457 /**
458  * wpa_clear_keys - Clear keys configured for the driver
459  * @wpa_s: Pointer to wpa_supplicant data
460  * @addr: Previously used BSSID or %NULL if not available
461  *
462  * This function clears the encryption keys that has been previously configured
463  * for the driver.
464  */
465 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
467         if (wpa_s->keys_cleared) {
468                 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
469                  * timing issues with keys being cleared just before new keys
470                  * are set or just after association or something similar. This
471                  * shows up in group key handshake failing often because of the
472                  * client not receiving the first encrypted packets correctly.
473                  * Skipping some of the extra key clearing steps seems to help
474                  * in completing group key handshake more reliably. */
475                 wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - "
476                         "skip key clearing");
477                 return;
478         }
480         /* MLME-DELETEKEYS.request */
481         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0);
482         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0);
483         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0);
484         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0);
485 #ifdef CONFIG_IEEE80211W
486         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0);
487         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0);
488 #endif /* CONFIG_IEEE80211W */
489         if (addr) {
490                 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
491                                 0);
492                 /* MLME-SETPROTECTION.request(None) */
493                 wpa_drv_mlme_setprotection(
494                         wpa_s, addr,
495                         MLME_SETPROTECTION_PROTECT_TYPE_NONE,
496                         MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
497         }
498         wpa_s->keys_cleared = 1;
502 /**
503  * wpa_supplicant_state_txt - Get the connection state name as a text string
504  * @state: State (wpa_state; WPA_*)
505  * Returns: The state name as a printable text string
506  */
507 const char * wpa_supplicant_state_txt(enum wpa_states state)
509         switch (state) {
510         case WPA_DISCONNECTED:
511                 return "DISCONNECTED";
512         case WPA_INACTIVE:
513                 return "INACTIVE";
514         case WPA_INTERFACE_DISABLED:
515                 return "INTERFACE_DISABLED";
516         case WPA_SCANNING:
517                 return "SCANNING";
518         case WPA_AUTHENTICATING:
519                 return "AUTHENTICATING";
520         case WPA_ASSOCIATING:
521                 return "ASSOCIATING";
522         case WPA_ASSOCIATED:
523                 return "ASSOCIATED";
524         case WPA_4WAY_HANDSHAKE:
525                 return "4WAY_HANDSHAKE";
526         case WPA_GROUP_HANDSHAKE:
527                 return "GROUP_HANDSHAKE";
528         case WPA_COMPLETED:
529                 return "COMPLETED";
530         default:
531                 return "UNKNOWN";
532         }
536 #ifdef CONFIG_BGSCAN
538 static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s)
540         if (wpas_driver_bss_selection(wpa_s))
541                 return;
542         if (wpa_s->current_ssid == wpa_s->bgscan_ssid)
543                 return;
545         bgscan_deinit(wpa_s);
546         if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
547                 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
548                         wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
549                                 "bgscan");
550                         /*
551                          * Live without bgscan; it is only used as a roaming
552                          * optimization, so the initial connection is not
553                          * affected.
554                          */
555                 } else
556                         wpa_s->bgscan_ssid = wpa_s->current_ssid;
557         } else
558                 wpa_s->bgscan_ssid = NULL;
562 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
564         if (wpa_s->bgscan_ssid != NULL) {
565                 bgscan_deinit(wpa_s);
566                 wpa_s->bgscan_ssid = NULL;
567         }
570 #endif /* CONFIG_BGSCAN */
573 /**
574  * wpa_supplicant_set_state - Set current connection state
575  * @wpa_s: Pointer to wpa_supplicant data
576  * @state: The new connection state
577  *
578  * This function is called whenever the connection state changes, e.g.,
579  * association is completed for WPA/WPA2 4-Way Handshake is started.
580  */
581 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
582                               enum wpa_states state)
584         enum wpa_states old_state = wpa_s->wpa_state;
586         wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
587                 wpa_supplicant_state_txt(wpa_s->wpa_state),
588                 wpa_supplicant_state_txt(state));
590         if (state != WPA_SCANNING)
591                 wpa_supplicant_notify_scanning(wpa_s, 0);
593         if (state == WPA_COMPLETED && wpa_s->new_connection) {
594 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
595                 struct wpa_ssid *ssid = wpa_s->current_ssid;
596                 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
597                         MACSTR " completed %s [id=%d id_str=%s]",
598                         MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
599                         "(reauth)" : "(auth)",
600                         ssid ? ssid->id : -1,
601                         ssid && ssid->id_str ? ssid->id_str : "");
602 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
603                 wpa_s->new_connection = 0;
604                 wpa_s->reassociated_connection = 1;
605                 wpa_drv_set_operstate(wpa_s, 1);
606 #ifndef IEEE8021X_EAPOL
607                 wpa_drv_set_supp_port(wpa_s, 1);
608 #endif /* IEEE8021X_EAPOL */
609                 wpa_s->after_wps = 0;
610 #ifdef CONFIG_P2P
611                 wpas_p2p_completed(wpa_s);
612 #endif /* CONFIG_P2P */
613         } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
614                    state == WPA_ASSOCIATED) {
615                 wpa_s->new_connection = 1;
616                 wpa_drv_set_operstate(wpa_s, 0);
617 #ifndef IEEE8021X_EAPOL
618                 wpa_drv_set_supp_port(wpa_s, 0);
619 #endif /* IEEE8021X_EAPOL */
620         }
621         wpa_s->wpa_state = state;
623 #ifdef CONFIG_BGSCAN
624         if (state == WPA_COMPLETED)
625                 wpa_supplicant_start_bgscan(wpa_s);
626         else
627                 wpa_supplicant_stop_bgscan(wpa_s);
628 #endif /* CONFIG_BGSCAN */
630         if (wpa_s->wpa_state != old_state) {
631                 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
633                 if (wpa_s->wpa_state == WPA_COMPLETED ||
634                     old_state == WPA_COMPLETED)
635                         wpas_notify_auth_changed(wpa_s);
636         }
640 void wpa_supplicant_terminate_proc(struct wpa_global *global)
642         int pending = 0;
643 #ifdef CONFIG_WPS
644         struct wpa_supplicant *wpa_s = global->ifaces;
645         while (wpa_s) {
646                 if (wpas_wps_terminate_pending(wpa_s) == 1)
647                         pending = 1;
648                 wpa_s = wpa_s->next;
649         }
650 #endif /* CONFIG_WPS */
651         if (pending)
652                 return;
653         eloop_terminate();
657 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
659         struct wpa_global *global = signal_ctx;
660         wpa_supplicant_terminate_proc(global);
664 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
666         enum wpa_states old_state = wpa_s->wpa_state;
668         wpa_s->pairwise_cipher = 0;
669         wpa_s->group_cipher = 0;
670         wpa_s->mgmt_group_cipher = 0;
671         wpa_s->key_mgmt = 0;
672         if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
673                 wpa_s->wpa_state = WPA_DISCONNECTED;
675         if (wpa_s->wpa_state != old_state)
676                 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
680 /**
681  * wpa_supplicant_reload_configuration - Reload configuration data
682  * @wpa_s: Pointer to wpa_supplicant data
683  * Returns: 0 on success or -1 if configuration parsing failed
684  *
685  * This function can be used to request that the configuration data is reloaded
686  * (e.g., after configuration file change). This function is reloading
687  * configuration only for one interface, so this may need to be called multiple
688  * times if %wpa_supplicant is controlling multiple interfaces and all
689  * interfaces need reconfiguration.
690  */
691 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
693         struct wpa_config *conf;
694         int reconf_ctrl;
695         int old_ap_scan;
697         if (wpa_s->confname == NULL)
698                 return -1;
699         conf = wpa_config_read(wpa_s->confname);
700         if (conf == NULL) {
701                 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
702                         "file '%s' - exiting", wpa_s->confname);
703                 return -1;
704         }
705         conf->changed_parameters = (unsigned int) -1;
707         reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
708                 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
709                     os_strcmp(conf->ctrl_interface,
710                               wpa_s->conf->ctrl_interface) != 0);
712         if (reconf_ctrl && wpa_s->ctrl_iface) {
713                 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
714                 wpa_s->ctrl_iface = NULL;
715         }
717         eapol_sm_invalidate_cached_session(wpa_s->eapol);
718         if (wpa_s->current_ssid) {
719                 wpa_supplicant_deauthenticate(wpa_s,
720                                               WLAN_REASON_DEAUTH_LEAVING);
721         }
723         /*
724          * TODO: should notify EAPOL SM about changes in opensc_engine_path,
725          * pkcs11_engine_path, pkcs11_module_path.
726          */
727         if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
728                 /*
729                  * Clear forced success to clear EAP state for next
730                  * authentication.
731                  */
732                 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
733         }
734         eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
735         wpa_sm_set_config(wpa_s->wpa, NULL);
736         wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
737         wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
738         rsn_preauth_deinit(wpa_s->wpa);
740         old_ap_scan = wpa_s->conf->ap_scan;
741         wpa_config_free(wpa_s->conf);
742         wpa_s->conf = conf;
743         if (old_ap_scan != wpa_s->conf->ap_scan)
744                 wpas_notify_ap_scan_changed(wpa_s);
746         if (reconf_ctrl)
747                 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
749         wpa_supplicant_update_config(wpa_s);
751         wpa_supplicant_clear_status(wpa_s);
752         if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
753                 wpa_s->reassociate = 1;
754                 wpa_supplicant_req_scan(wpa_s, 0, 0);
755         }
756         wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
757         return 0;
761 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
763         struct wpa_global *global = signal_ctx;
764         struct wpa_supplicant *wpa_s;
765         for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
766                 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
767                         sig);
768                 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
769                         wpa_supplicant_terminate_proc(global);
770                 }
771         }
775 enum wpa_cipher cipher_suite2driver(int cipher)
777         switch (cipher) {
778         case WPA_CIPHER_NONE:
779                 return CIPHER_NONE;
780         case WPA_CIPHER_WEP40:
781                 return CIPHER_WEP40;
782         case WPA_CIPHER_WEP104:
783                 return CIPHER_WEP104;
784         case WPA_CIPHER_CCMP:
785                 return CIPHER_CCMP;
786         case WPA_CIPHER_TKIP:
787         default:
788                 return CIPHER_TKIP;
789         }
793 enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
795         switch (key_mgmt) {
796         case WPA_KEY_MGMT_NONE:
797                 return KEY_MGMT_NONE;
798         case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
799                 return KEY_MGMT_802_1X_NO_WPA;
800         case WPA_KEY_MGMT_IEEE8021X:
801                 return KEY_MGMT_802_1X;
802         case WPA_KEY_MGMT_WPA_NONE:
803                 return KEY_MGMT_WPA_NONE;
804         case WPA_KEY_MGMT_FT_IEEE8021X:
805                 return KEY_MGMT_FT_802_1X;
806         case WPA_KEY_MGMT_FT_PSK:
807                 return KEY_MGMT_FT_PSK;
808         case WPA_KEY_MGMT_IEEE8021X_SHA256:
809                 return KEY_MGMT_802_1X_SHA256;
810         case WPA_KEY_MGMT_PSK_SHA256:
811                 return KEY_MGMT_PSK_SHA256;
812         case WPA_KEY_MGMT_WPS:
813                 return KEY_MGMT_WPS;
814         case WPA_KEY_MGMT_PSK:
815         default:
816                 return KEY_MGMT_PSK;
817         }
821 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
822                                          struct wpa_ssid *ssid,
823                                          struct wpa_ie_data *ie)
825         int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
826         if (ret) {
827                 if (ret == -2) {
828                         wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
829                                 "from association info");
830                 }
831                 return -1;
832         }
834         wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
835                 "cipher suites");
836         if (!(ie->group_cipher & ssid->group_cipher)) {
837                 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
838                         "cipher 0x%x (mask 0x%x) - reject",
839                         ie->group_cipher, ssid->group_cipher);
840                 return -1;
841         }
842         if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
843                 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
844                         "cipher 0x%x (mask 0x%x) - reject",
845                         ie->pairwise_cipher, ssid->pairwise_cipher);
846                 return -1;
847         }
848         if (!(ie->key_mgmt & ssid->key_mgmt)) {
849                 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
850                         "management 0x%x (mask 0x%x) - reject",
851                         ie->key_mgmt, ssid->key_mgmt);
852                 return -1;
853         }
855 #ifdef CONFIG_IEEE80211W
856         if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
857             ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
858                 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
859                         "that does not support management frame protection - "
860                         "reject");
861                 return -1;
862         }
863 #endif /* CONFIG_IEEE80211W */
865         return 0;
869 /**
870  * wpa_supplicant_set_suites - Set authentication and encryption parameters
871  * @wpa_s: Pointer to wpa_supplicant data
872  * @bss: Scan results for the selected BSS, or %NULL if not available
873  * @ssid: Configuration data for the selected network
874  * @wpa_ie: Buffer for the WPA/RSN IE
875  * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
876  * used buffer length in case the functions returns success.
877  * Returns: 0 on success or -1 on failure
878  *
879  * This function is used to configure authentication and encryption parameters
880  * based on the network configuration and scan result for the selected BSS (if
881  * available).
882  */
883 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
884                               struct wpa_bss *bss, struct wpa_ssid *ssid,
885                               u8 *wpa_ie, size_t *wpa_ie_len)
887         struct wpa_ie_data ie;
888         int sel, proto;
889         const u8 *bss_wpa, *bss_rsn;
891         if (bss) {
892                 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
893                 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
894         } else
895                 bss_wpa = bss_rsn = NULL;
897         if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
898             wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
899             (ie.group_cipher & ssid->group_cipher) &&
900             (ie.pairwise_cipher & ssid->pairwise_cipher) &&
901             (ie.key_mgmt & ssid->key_mgmt)) {
902                 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
903                 proto = WPA_PROTO_RSN;
904         } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
905                    wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
906                    (ie.group_cipher & ssid->group_cipher) &&
907                    (ie.pairwise_cipher & ssid->pairwise_cipher) &&
908                    (ie.key_mgmt & ssid->key_mgmt)) {
909                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
910                 proto = WPA_PROTO_WPA;
911         } else if (bss) {
912                 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
913                 return -1;
914         } else {
915                 if (ssid->proto & WPA_PROTO_RSN)
916                         proto = WPA_PROTO_RSN;
917                 else
918                         proto = WPA_PROTO_WPA;
919                 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
920                         os_memset(&ie, 0, sizeof(ie));
921                         ie.group_cipher = ssid->group_cipher;
922                         ie.pairwise_cipher = ssid->pairwise_cipher;
923                         ie.key_mgmt = ssid->key_mgmt;
924 #ifdef CONFIG_IEEE80211W
925                         ie.mgmt_group_cipher =
926                                 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
927                                 WPA_CIPHER_AES_128_CMAC : 0;
928 #endif /* CONFIG_IEEE80211W */
929                         wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
930                                 "based on configuration");
931                 } else
932                         proto = ie.proto;
933         }
935         wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
936                 "pairwise %d key_mgmt %d proto %d",
937                 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
938 #ifdef CONFIG_IEEE80211W
939         if (ssid->ieee80211w) {
940                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
941                         ie.mgmt_group_cipher);
942         }
943 #endif /* CONFIG_IEEE80211W */
945         wpa_s->wpa_proto = proto;
946         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
947         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
948                          !!(ssid->proto & WPA_PROTO_RSN));
950         if (bss || !wpa_s->ap_ies_from_associnfo) {
951                 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
952                                          bss_wpa ? 2 + bss_wpa[1] : 0) ||
953                     wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
954                                          bss_rsn ? 2 + bss_rsn[1] : 0))
955                         return -1;
956         }
958         sel = ie.group_cipher & ssid->group_cipher;
959         if (sel & WPA_CIPHER_CCMP) {
960                 wpa_s->group_cipher = WPA_CIPHER_CCMP;
961                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
962         } else if (sel & WPA_CIPHER_TKIP) {
963                 wpa_s->group_cipher = WPA_CIPHER_TKIP;
964                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
965         } else if (sel & WPA_CIPHER_WEP104) {
966                 wpa_s->group_cipher = WPA_CIPHER_WEP104;
967                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
968         } else if (sel & WPA_CIPHER_WEP40) {
969                 wpa_s->group_cipher = WPA_CIPHER_WEP40;
970                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
971         } else {
972                 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
973                         "cipher");
974                 return -1;
975         }
977         sel = ie.pairwise_cipher & ssid->pairwise_cipher;
978         if (sel & WPA_CIPHER_CCMP) {
979                 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
980                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
981         } else if (sel & WPA_CIPHER_TKIP) {
982                 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
983                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
984         } else if (sel & WPA_CIPHER_NONE) {
985                 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
986                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
987         } else {
988                 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
989                         "cipher");
990                 return -1;
991         }
993         sel = ie.key_mgmt & ssid->key_mgmt;
994         if (0) {
995 #ifdef CONFIG_IEEE80211R
996         } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
997                 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
998                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
999         } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1000                 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1001                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1002 #endif /* CONFIG_IEEE80211R */
1003 #ifdef CONFIG_IEEE80211W
1004         } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1005                 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1006                 wpa_dbg(wpa_s, MSG_DEBUG,
1007                         "WPA: using KEY_MGMT 802.1X with SHA256");
1008         } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1009                 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1010                 wpa_dbg(wpa_s, MSG_DEBUG,
1011                         "WPA: using KEY_MGMT PSK with SHA256");
1012 #endif /* CONFIG_IEEE80211W */
1013         } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1014                 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1015                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1016         } else if (sel & WPA_KEY_MGMT_PSK) {
1017                 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1018                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1019         } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1020                 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1021                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1022         } else {
1023                 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1024                         "authenticated key management type");
1025                 return -1;
1026         }
1028         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1029         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1030                          wpa_s->pairwise_cipher);
1031         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1033 #ifdef CONFIG_IEEE80211W
1034         sel = ie.mgmt_group_cipher;
1035         if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
1036             !(ie.capabilities & WPA_CAPABILITY_MFPC))
1037                 sel = 0;
1038         if (sel & WPA_CIPHER_AES_128_CMAC) {
1039                 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1040                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
1041                         "AES-128-CMAC");
1042         } else {
1043                 wpa_s->mgmt_group_cipher = 0;
1044                 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1045         }
1046         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1047                          wpa_s->mgmt_group_cipher);
1048         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, ssid->ieee80211w);
1049 #endif /* CONFIG_IEEE80211W */
1051         if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
1052                 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE");
1053                 return -1;
1054         }
1056         if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
1057                 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
1058 #ifndef CONFIG_NO_PBKDF2
1059                 if (bss && ssid->bssid_set && ssid->ssid_len == 0 &&
1060                     ssid->passphrase) {
1061                         u8 psk[PMK_LEN];
1062                         pbkdf2_sha1(ssid->passphrase, (char *) bss->ssid,
1063                                     bss->ssid_len, 4096, psk, PMK_LEN);
1064                         wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1065                                         psk, PMK_LEN);
1066                         wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN);
1067                 }
1068 #endif /* CONFIG_NO_PBKDF2 */
1069         } else
1070                 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
1072         return 0;
1076 /**
1077  * wpa_supplicant_associate - Request association
1078  * @wpa_s: Pointer to wpa_supplicant data
1079  * @bss: Scan results for the selected BSS, or %NULL if not available
1080  * @ssid: Configuration data for the selected network
1081  *
1082  * This function is used to request %wpa_supplicant to associate with a BSS.
1083  */
1084 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
1085                               struct wpa_bss *bss, struct wpa_ssid *ssid)
1087         u8 wpa_ie[200];
1088         size_t wpa_ie_len;
1089         int use_crypt, ret, i, bssid_changed;
1090         int algs = WPA_AUTH_ALG_OPEN;
1091         enum wpa_cipher cipher_pairwise, cipher_group;
1092         struct wpa_driver_associate_params params;
1093         int wep_keys_set = 0;
1094         struct wpa_driver_capa capa;
1095         int assoc_failed = 0;
1096         struct wpa_ssid *old_ssid;
1097 #ifdef CONFIG_HT_OVERRIDES
1098         struct ieee80211_ht_capabilities htcaps;
1099         struct ieee80211_ht_capabilities htcaps_mask;
1100 #endif /* CONFIG_HT_OVERRIDES */
1102 #ifdef CONFIG_IBSS_RSN
1103         ibss_rsn_deinit(wpa_s->ibss_rsn);
1104         wpa_s->ibss_rsn = NULL;
1105 #endif /* CONFIG_IBSS_RSN */
1107         if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
1108             ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
1109 #ifdef CONFIG_AP
1110                 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
1111                         wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
1112                                 "mode");
1113                         return;
1114                 }
1115                 wpa_supplicant_create_ap(wpa_s, ssid);
1116                 wpa_s->current_bss = bss;
1117 #else /* CONFIG_AP */
1118                 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
1119                         "the build");
1120 #endif /* CONFIG_AP */
1121                 return;
1122         }
1124 #ifdef CONFIG_TDLS
1125         if (bss)
1126                 wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1),
1127                                 bss->ie_len);
1128 #endif /* CONFIG_TDLS */
1130         if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1131             ssid->mode == IEEE80211_MODE_INFRA) {
1132                 sme_authenticate(wpa_s, bss, ssid);
1133                 return;
1134         }
1136         os_memset(&params, 0, sizeof(params));
1137         wpa_s->reassociate = 0;
1138         if (bss && !wpas_driver_bss_selection(wpa_s)) {
1139 #ifdef CONFIG_IEEE80211R
1140                 const u8 *ie, *md = NULL;
1141 #endif /* CONFIG_IEEE80211R */
1142                 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1143                         " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1144                         wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1145                 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1146                 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1147                 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1148                 if (bssid_changed)
1149                         wpas_notify_bssid_changed(wpa_s);
1150 #ifdef CONFIG_IEEE80211R
1151                 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1152                 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1153                         md = ie + 2;
1154                 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
1155                 if (md) {
1156                         /* Prepare for the next transition */
1157                         wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
1158                 }
1159 #endif /* CONFIG_IEEE80211R */
1160 #ifdef CONFIG_WPS
1161         } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1162                    wpa_s->conf->ap_scan == 2 &&
1163                    (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1164                 /* Use ap_scan==1 style network selection to find the network
1165                  */
1166                 wpa_s->scan_req = 2;
1167                 wpa_s->reassociate = 1;
1168                 wpa_supplicant_req_scan(wpa_s, 0, 0);
1169                 return;
1170 #endif /* CONFIG_WPS */
1171         } else {
1172                 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1173                         wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1174                 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1175         }
1176         wpa_supplicant_cancel_sched_scan(wpa_s);
1177         wpa_supplicant_cancel_scan(wpa_s);
1179         /* Starting new association, so clear the possibly used WPA IE from the
1180          * previous association. */
1181         wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1183 #ifdef IEEE8021X_EAPOL
1184         if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1185                 if (ssid->leap) {
1186                         if (ssid->non_leap == 0)
1187                                 algs = WPA_AUTH_ALG_LEAP;
1188                         else
1189                                 algs |= WPA_AUTH_ALG_LEAP;
1190                 }
1191         }
1192 #endif /* IEEE8021X_EAPOL */
1193         wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1194         if (ssid->auth_alg) {
1195                 algs = ssid->auth_alg;
1196                 wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: "
1197                         "0x%x", algs);
1198         }
1200         if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1201                     wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1202             wpa_key_mgmt_wpa(ssid->key_mgmt)) {
1203                 int try_opportunistic;
1204                 try_opportunistic = ssid->proactive_key_caching &&
1205                         (ssid->proto & WPA_PROTO_RSN);
1206                 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1207                                             wpa_s->current_ssid,
1208                                             try_opportunistic) == 0)
1209                         eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1210                 wpa_ie_len = sizeof(wpa_ie);
1211                 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1212                                               wpa_ie, &wpa_ie_len)) {
1213                         wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1214                                 "key management and encryption suites");
1215                         return;
1216                 }
1217         } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
1218                 wpa_ie_len = sizeof(wpa_ie);
1219                 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1220                                               wpa_ie, &wpa_ie_len)) {
1221                         wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
1222                                 "key management and encryption suites (no "
1223                                 "scan results)");
1224                         return;
1225                 }
1226 #ifdef CONFIG_WPS
1227         } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1228                 struct wpabuf *wps_ie;
1229                 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1230                 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1231                         wpa_ie_len = wpabuf_len(wps_ie);
1232                         os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1233                 } else
1234                         wpa_ie_len = 0;
1235                 wpabuf_free(wps_ie);
1236                 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1237                 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
1238                         params.wps = WPS_MODE_PRIVACY;
1239                 else
1240                         params.wps = WPS_MODE_OPEN;
1241                 wpa_s->wpa_proto = 0;
1242 #endif /* CONFIG_WPS */
1243         } else {
1244                 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1245                 wpa_ie_len = 0;
1246                 wpa_s->wpa_proto = 0;
1247         }
1249 #ifdef CONFIG_P2P
1250         if (wpa_s->global->p2p) {
1251                 u8 *pos;
1252                 size_t len;
1253                 int res;
1254                 int p2p_group;
1255                 p2p_group = wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_CAPABLE;
1256                 pos = wpa_ie + wpa_ie_len;
1257                 len = sizeof(wpa_ie) - wpa_ie_len;
1258                 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, p2p_group);
1259                 if (res >= 0)
1260                         wpa_ie_len += res;
1261         }
1263         wpa_s->cross_connect_disallowed = 0;
1264         if (bss) {
1265                 struct wpabuf *p2p;
1266                 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
1267                 if (p2p) {
1268                         wpa_s->cross_connect_disallowed =
1269                                 p2p_get_cross_connect_disallowed(p2p);
1270                         wpabuf_free(p2p);
1271                         wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
1272                                 "connection",
1273                                 wpa_s->cross_connect_disallowed ?
1274                                 "disallows" : "allows");
1275                 }
1276         }
1277 #endif /* CONFIG_P2P */
1279 #ifdef CONFIG_INTERWORKING
1280         if (wpa_s->conf->interworking) {
1281                 u8 *pos = wpa_ie;
1282                 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
1283                         pos += 2 + pos[1];
1284                 os_memmove(pos + 6, pos, wpa_ie_len - (pos - wpa_ie));
1285                 wpa_ie_len += 6;
1286                 *pos++ = WLAN_EID_EXT_CAPAB;
1287                 *pos++ = 4;
1288                 *pos++ = 0x00;
1289                 *pos++ = 0x00;
1290                 *pos++ = 0x00;
1291                 *pos++ = 0x80; /* Bit 31 - Interworking */
1292         }
1293 #endif /* CONFIG_INTERWORKING */
1295         wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1296         use_crypt = 1;
1297         cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1298         cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1299         if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1300             wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1301                 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1302                         use_crypt = 0;
1303                 if (wpa_set_wep_keys(wpa_s, ssid)) {
1304                         use_crypt = 1;
1305                         wep_keys_set = 1;
1306                 }
1307         }
1308         if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1309                 use_crypt = 0;
1311 #ifdef IEEE8021X_EAPOL
1312         if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1313                 if ((ssid->eapol_flags &
1314                      (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1315                       EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1316                     !wep_keys_set) {
1317                         use_crypt = 0;
1318                 } else {
1319                         /* Assume that dynamic WEP-104 keys will be used and
1320                          * set cipher suites in order for drivers to expect
1321                          * encryption. */
1322                         cipher_pairwise = cipher_group = CIPHER_WEP104;
1323                 }
1324         }
1325 #endif /* IEEE8021X_EAPOL */
1327         if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1328                 /* Set the key before (and later after) association */
1329                 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1330         }
1332         wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1333         if (bss) {
1334                 params.ssid = bss->ssid;
1335                 params.ssid_len = bss->ssid_len;
1336                 if (!wpas_driver_bss_selection(wpa_s)) {
1337                         params.bssid = bss->bssid;
1338                         params.freq = bss->freq;
1339                 }
1340         } else {
1341                 params.ssid = ssid->ssid;
1342                 params.ssid_len = ssid->ssid_len;
1343         }
1345         if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
1346             wpa_s->conf->ap_scan == 2) {
1347                 params.bssid = ssid->bssid;
1348                 params.fixed_bssid = 1;
1349         }
1351         if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1352             params.freq == 0)
1353                 params.freq = ssid->frequency; /* Initial channel for IBSS */
1354         params.wpa_ie = wpa_ie;
1355         params.wpa_ie_len = wpa_ie_len;
1356         params.pairwise_suite = cipher_pairwise;
1357         params.group_suite = cipher_group;
1358         params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1359         params.wpa_proto = wpa_s->wpa_proto;
1360         params.auth_alg = algs;
1361         params.mode = ssid->mode;
1362         for (i = 0; i < NUM_WEP_KEYS; i++) {
1363                 if (ssid->wep_key_len[i])
1364                         params.wep_key[i] = ssid->wep_key[i];
1365                 params.wep_key_len[i] = ssid->wep_key_len[i];
1366         }
1367         params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1369         if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1370             (params.key_mgmt_suite == KEY_MGMT_PSK ||
1371              params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1372                 params.passphrase = ssid->passphrase;
1373                 if (ssid->psk_set)
1374                         params.psk = ssid->psk;
1375         }
1377         params.drop_unencrypted = use_crypt;
1379 #ifdef CONFIG_IEEE80211W
1380         params.mgmt_frame_protection = ssid->ieee80211w;
1381         if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1382                 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1383                 struct wpa_ie_data ie;
1384                 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1385                     ie.capabilities &
1386                     (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1387                         wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
1388                                 "MFP: require MFP");
1389                         params.mgmt_frame_protection =
1390                                 MGMT_FRAME_PROTECTION_REQUIRED;
1391                 }
1392         }
1393 #endif /* CONFIG_IEEE80211W */
1395         params.p2p = ssid->p2p_group;
1397         if (wpa_s->parent->set_sta_uapsd)
1398                 params.uapsd = wpa_s->parent->sta_uapsd;
1399         else
1400                 params.uapsd = -1;
1402 #ifdef CONFIG_HT_OVERRIDES
1403         os_memset(&htcaps, 0, sizeof(htcaps));
1404         os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
1405         params.htcaps = (u8 *) &htcaps;
1406         params.htcaps_mask = (u8 *) &htcaps_mask;
1407         wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
1408 #endif /* CONFIG_HT_OVERRIDES */
1410         ret = wpa_drv_associate(wpa_s, &params);
1411         if (ret < 0) {
1412                 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1413                         "failed");
1414                 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) {
1415                         /*
1416                          * The driver is known to mean what is saying, so we
1417                          * can stop right here; the association will not
1418                          * succeed.
1419                          */
1420                         wpas_connection_failed(wpa_s, wpa_s->pending_bssid);
1421                         os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1422                         return;
1423                 }
1424                 /* try to continue anyway; new association will be tried again
1425                  * after timeout */
1426                 assoc_failed = 1;
1427         }
1429         if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1430                 /* Set the key after the association just in case association
1431                  * cleared the previously configured key. */
1432                 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1433                 /* No need to timeout authentication since there is no key
1434                  * management. */
1435                 wpa_supplicant_cancel_auth_timeout(wpa_s);
1436                 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1437 #ifdef CONFIG_IBSS_RSN
1438         } else if (ssid->mode == WPAS_MODE_IBSS &&
1439                    wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1440                    wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1441                 /*
1442                  * RSN IBSS authentication is per-STA and we can disable the
1443                  * per-BSSID authentication.
1444                  */
1445                 wpa_supplicant_cancel_auth_timeout(wpa_s);
1446 #endif /* CONFIG_IBSS_RSN */
1447         } else {
1448                 /* Timeout for IEEE 802.11 authentication and association */
1449                 int timeout = 60;
1451                 if (assoc_failed) {
1452                         /* give IBSS a bit more time */
1453                         timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1454                 } else if (wpa_s->conf->ap_scan == 1) {
1455                         /* give IBSS a bit more time */
1456                         timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1457                 }
1458                 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1459         }
1461         if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1462             capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1463                 /* Set static WEP keys again */
1464                 wpa_set_wep_keys(wpa_s, ssid);
1465         }
1467         if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1468                 /*
1469                  * Do not allow EAP session resumption between different
1470                  * network configurations.
1471                  */
1472                 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1473         }
1474         old_ssid = wpa_s->current_ssid;
1475         wpa_s->current_ssid = ssid;
1476         wpa_s->current_bss = bss;
1477         wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1478         wpa_supplicant_initiate_eapol(wpa_s);
1479         if (old_ssid != wpa_s->current_ssid)
1480                 wpas_notify_network_changed(wpa_s);
1484 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
1485                                             const u8 *addr)
1487         struct wpa_ssid *old_ssid;
1489         wpa_clear_keys(wpa_s, addr);
1490         wpa_supplicant_mark_disassoc(wpa_s);
1491         old_ssid = wpa_s->current_ssid;
1492         wpa_s->current_ssid = NULL;
1493         wpa_s->current_bss = NULL;
1494         wpa_sm_set_config(wpa_s->wpa, NULL);
1495         eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1496         if (old_ssid != wpa_s->current_ssid)
1497                 wpas_notify_network_changed(wpa_s);
1498         eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
1502 /**
1503  * wpa_supplicant_disassociate - Disassociate the current connection
1504  * @wpa_s: Pointer to wpa_supplicant data
1505  * @reason_code: IEEE 802.11 reason code for the disassociate frame
1506  *
1507  * This function is used to request %wpa_supplicant to disassociate with the
1508  * current AP.
1509  */
1510 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1511                                  int reason_code)
1513         u8 *addr = NULL;
1515         if (!is_zero_ether_addr(wpa_s->bssid)) {
1516                 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1517                 addr = wpa_s->bssid;
1518         }
1520         wpa_supplicant_clear_connection(wpa_s, addr);
1524 /**
1525  * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1526  * @wpa_s: Pointer to wpa_supplicant data
1527  * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1528  *
1529  * This function is used to request %wpa_supplicant to deauthenticate from the
1530  * current AP.
1531  */
1532 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1533                                    int reason_code)
1535         u8 *addr = NULL;
1537         if (!is_zero_ether_addr(wpa_s->bssid)) {
1538                 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
1539                 addr = wpa_s->bssid;
1540         }
1542         wpa_supplicant_clear_connection(wpa_s, addr);
1546 /**
1547  * wpa_supplicant_enable_network - Mark a configured network as enabled
1548  * @wpa_s: wpa_supplicant structure for a network interface
1549  * @ssid: wpa_ssid structure for a configured network or %NULL
1550  *
1551  * Enables the specified network or all networks if no network specified.
1552  */
1553 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1554                                    struct wpa_ssid *ssid)
1556         struct wpa_ssid *other_ssid;
1557         int was_disabled;
1559         if (ssid == NULL) {
1560                 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1561                      other_ssid = other_ssid->next) {
1562                         if (other_ssid->disabled == 2)
1563                                 continue; /* do not change persistent P2P group
1564                                            * data */
1565                         if (other_ssid == wpa_s->current_ssid &&
1566                             other_ssid->disabled)
1567                                 wpa_s->reassociate = 1;
1569                         was_disabled = other_ssid->disabled;
1571                         other_ssid->disabled = 0;
1573                         if (was_disabled != other_ssid->disabled)
1574                                 wpas_notify_network_enabled_changed(
1575                                         wpa_s, other_ssid);
1576                 }
1577                 if (wpa_s->reassociate)
1578                         wpa_supplicant_req_scan(wpa_s, 0, 0);
1579         } else if (ssid->disabled && ssid->disabled != 2) {
1580                 if (wpa_s->current_ssid == NULL) {
1581                         /*
1582                          * Try to reassociate since there is no current
1583                          * configuration and a new network was made available.
1584                          */
1585                         wpa_s->reassociate = 1;
1586                         wpa_supplicant_req_scan(wpa_s, 0, 0);
1587                 }
1589                 was_disabled = ssid->disabled;
1591                 ssid->disabled = 0;
1593                 if (was_disabled != ssid->disabled)
1594                         wpas_notify_network_enabled_changed(wpa_s, ssid);
1595         }
1599 /**
1600  * wpa_supplicant_disable_network - Mark a configured network as disabled
1601  * @wpa_s: wpa_supplicant structure for a network interface
1602  * @ssid: wpa_ssid structure for a configured network or %NULL
1603  *
1604  * Disables the specified network or all networks if no network specified.
1605  */
1606 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1607                                     struct wpa_ssid *ssid)
1609         struct wpa_ssid *other_ssid;
1610         int was_disabled;
1612         if (ssid == NULL) {
1613                 for (other_ssid = wpa_s->conf->ssid; other_ssid;
1614                      other_ssid = other_ssid->next) {
1615                         was_disabled = other_ssid->disabled;
1616                         if (was_disabled == 2)
1617                                 continue; /* do not change persistent P2P group
1618                                            * data */
1620                         other_ssid->disabled = 1;
1622                         if (was_disabled != other_ssid->disabled)
1623                                 wpas_notify_network_enabled_changed(
1624                                         wpa_s, other_ssid);
1625                 }
1626                 if (wpa_s->current_ssid)
1627                         wpa_supplicant_disassociate(
1628                                 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1629         } else if (ssid->disabled != 2) {
1630                 if (ssid == wpa_s->current_ssid)
1631                         wpa_supplicant_disassociate(
1632                                 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1634                 was_disabled = ssid->disabled;
1636                 ssid->disabled = 1;
1638                 if (was_disabled != ssid->disabled)
1639                         wpas_notify_network_enabled_changed(wpa_s, ssid);
1640         }
1644 /**
1645  * wpa_supplicant_select_network - Attempt association with a network
1646  * @wpa_s: wpa_supplicant structure for a network interface
1647  * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1648  */
1649 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1650                                    struct wpa_ssid *ssid)
1653         struct wpa_ssid *other_ssid;
1654         int disconnected = 0;
1656         if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
1657                 wpa_supplicant_disassociate(
1658                         wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1659                 disconnected = 1;
1660         }
1662         /*
1663          * Mark all other networks disabled or mark all networks enabled if no
1664          * network specified.
1665          */
1666         for (other_ssid = wpa_s->conf->ssid; other_ssid;
1667              other_ssid = other_ssid->next) {
1668                 int was_disabled = other_ssid->disabled;
1669                 if (was_disabled == 2)
1670                         continue; /* do not change persistent P2P group data */
1672                 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1674                 if (was_disabled != other_ssid->disabled)
1675                         wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1676         }
1678         if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) {
1679                 /* We are already associated with the selected network */
1680                 wpa_printf(MSG_DEBUG, "Already associated with the "
1681                            "selected network - do nothing");
1682                 return;
1683         }
1685         if (ssid)
1686                 wpa_s->current_ssid = ssid;
1687         wpa_s->connect_without_scan = NULL;
1688         wpa_s->disconnected = 0;
1689         wpa_s->reassociate = 1;
1690         wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
1692         if (ssid)
1693                 wpas_notify_network_selected(wpa_s, ssid);
1697 /**
1698  * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1699  * @wpa_s: wpa_supplicant structure for a network interface
1700  * @ap_scan: AP scan mode
1701  * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1702  *
1703  */
1704 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1707         int old_ap_scan;
1709         if (ap_scan < 0 || ap_scan > 2)
1710                 return -1;
1712 #ifdef ANDROID
1713         if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
1714             wpa_s->wpa_state >= WPA_ASSOCIATING &&
1715             wpa_s->wpa_state < WPA_COMPLETED) {
1716                 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
1717                            "associating", wpa_s->conf->ap_scan, ap_scan);
1718                 return 0;
1719         }
1720 #endif /* ANDROID */
1722         old_ap_scan = wpa_s->conf->ap_scan;
1723         wpa_s->conf->ap_scan = ap_scan;
1725         if (old_ap_scan != wpa_s->conf->ap_scan)
1726                 wpas_notify_ap_scan_changed(wpa_s);
1728         return 0;
1732 /**
1733  * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
1734  * @wpa_s: wpa_supplicant structure for a network interface
1735  * @expire_age: Expiration age in seconds
1736  * Returns: 0 if succeed or -1 if expire_age has an invalid value
1737  *
1738  */
1739 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
1740                                           unsigned int bss_expire_age)
1742         if (bss_expire_age < 10) {
1743                 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
1744                         bss_expire_age);
1745                 return -1;
1746         }
1747         wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
1748                 bss_expire_age);
1749         wpa_s->conf->bss_expiration_age = bss_expire_age;
1751         return 0;
1755 /**
1756  * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
1757  * @wpa_s: wpa_supplicant structure for a network interface
1758  * @expire_count: number of scans after which an unseen BSS is reclaimed
1759  * Returns: 0 if succeed or -1 if expire_count has an invalid value
1760  *
1761  */
1762 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
1763                                             unsigned int bss_expire_count)
1765         if (bss_expire_count < 1) {
1766                 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
1767                         bss_expire_count);
1768                 return -1;
1769         }
1770         wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
1771                 bss_expire_count);
1772         wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
1774         return 0;
1778 /**
1779  * wpa_supplicant_set_debug_params - Set global debug params
1780  * @global: wpa_global structure
1781  * @debug_level: debug level
1782  * @debug_timestamp: determines if show timestamp in debug data
1783  * @debug_show_keys: determines if show keys in debug data
1784  * Returns: 0 if succeed or -1 if debug_level has wrong value
1785  */
1786 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1787                                     int debug_timestamp, int debug_show_keys)
1790         int old_level, old_timestamp, old_show_keys;
1792         /* check for allowed debuglevels */
1793         if (debug_level != MSG_EXCESSIVE &&
1794             debug_level != MSG_MSGDUMP &&
1795             debug_level != MSG_DEBUG &&
1796             debug_level != MSG_INFO &&
1797             debug_level != MSG_WARNING &&
1798             debug_level != MSG_ERROR)
1799                 return -1;
1801         old_level = wpa_debug_level;
1802         old_timestamp = wpa_debug_timestamp;
1803         old_show_keys = wpa_debug_show_keys;
1805         wpa_debug_level = debug_level;
1806         wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1807         wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1809         if (wpa_debug_level != old_level)
1810                 wpas_notify_debug_level_changed(global);
1811         if (wpa_debug_timestamp != old_timestamp)
1812                 wpas_notify_debug_timestamp_changed(global);
1813         if (wpa_debug_show_keys != old_show_keys)
1814                 wpas_notify_debug_show_keys_changed(global);
1816         return 0;
1820 /**
1821  * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1822  * @wpa_s: Pointer to wpa_supplicant data
1823  * Returns: A pointer to the current network structure or %NULL on failure
1824  */
1825 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1827         struct wpa_ssid *entry;
1828         u8 ssid[MAX_SSID_LEN];
1829         int res;
1830         size_t ssid_len;
1831         u8 bssid[ETH_ALEN];
1832         int wired;
1834         res = wpa_drv_get_ssid(wpa_s, ssid);
1835         if (res < 0) {
1836                 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
1837                         "driver");
1838                 return NULL;
1839         }
1840         ssid_len = res;
1842         if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1843                 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
1844                         "driver");
1845                 return NULL;
1846         }
1848         wired = wpa_s->conf->ap_scan == 0 &&
1849                 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
1851         entry = wpa_s->conf->ssid;
1852         while (entry) {
1853                 if (!entry->disabled &&
1854                     ((ssid_len == entry->ssid_len &&
1855                       os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1856                     (!entry->bssid_set ||
1857                      os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1858                         return entry;
1859 #ifdef CONFIG_WPS
1860                 if (!entry->disabled &&
1861                     (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1862                     (entry->ssid == NULL || entry->ssid_len == 0) &&
1863                     (!entry->bssid_set ||
1864                      os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1865                         return entry;
1866 #endif /* CONFIG_WPS */
1868                 if (!entry->disabled && entry->bssid_set &&
1869                     entry->ssid_len == 0 &&
1870                     os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
1871                         return entry;
1873                 entry = entry->next;
1874         }
1876         return NULL;
1880 static int select_driver(struct wpa_supplicant *wpa_s, int i)
1882         struct wpa_global *global = wpa_s->global;
1884         if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
1885                 global->drv_priv[i] = wpa_drivers[i]->global_init();
1886                 if (global->drv_priv[i] == NULL) {
1887                         wpa_printf(MSG_ERROR, "Failed to initialize driver "
1888                                    "'%s'", wpa_drivers[i]->name);
1889                         return -1;
1890                 }
1891         }
1893         wpa_s->driver = wpa_drivers[i];
1894         wpa_s->global_drv_priv = global->drv_priv[i];
1896         return 0;
1900 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1901                                      const char *name)
1903         int i;
1904         size_t len;
1905         const char *pos, *driver = name;
1907         if (wpa_s == NULL)
1908                 return -1;
1910         if (wpa_drivers[0] == NULL) {
1911                 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
1912                         "wpa_supplicant");
1913                 return -1;
1914         }
1916         if (name == NULL) {
1917                 /* default to first driver in the list */
1918                 return select_driver(wpa_s, 0);
1919         }
1921         do {
1922                 pos = os_strchr(driver, ',');
1923                 if (pos)
1924                         len = pos - driver;
1925                 else
1926                         len = os_strlen(driver);
1928                 for (i = 0; wpa_drivers[i]; i++) {
1929                         if (os_strlen(wpa_drivers[i]->name) == len &&
1930                             os_strncmp(driver, wpa_drivers[i]->name, len) ==
1931                             0) {
1932                                 /* First driver that succeeds wins */
1933                                 if (select_driver(wpa_s, i) == 0)
1934                                         return 0;
1935                         }
1936                 }
1938                 driver = pos + 1;
1939         } while (pos);
1941         wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
1942         return -1;
1946 /**
1947  * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1948  * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1949  *      with struct wpa_driver_ops::init()
1950  * @src_addr: Source address of the EAPOL frame
1951  * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1952  * @len: Length of the EAPOL data
1953  *
1954  * This function is called for each received EAPOL frame. Most driver
1955  * interfaces rely on more generic OS mechanism for receiving frames through
1956  * l2_packet, but if such a mechanism is not available, the driver wrapper may
1957  * take care of received EAPOL frames and deliver them to the core supplicant
1958  * code by calling this function.
1959  */
1960 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1961                              const u8 *buf, size_t len)
1963         struct wpa_supplicant *wpa_s = ctx;
1965         wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1966         wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1968         if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1969                 /*
1970                  * There is possible race condition between receiving the
1971                  * association event and the EAPOL frame since they are coming
1972                  * through different paths from the driver. In order to avoid
1973                  * issues in trying to process the EAPOL frame before receiving
1974                  * association information, lets queue it for processing until
1975                  * the association event is received.
1976                  */
1977                 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
1978                         "of received EAPOL frame");
1979                 wpabuf_free(wpa_s->pending_eapol_rx);
1980                 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1981                 if (wpa_s->pending_eapol_rx) {
1982                         os_get_time(&wpa_s->pending_eapol_rx_time);
1983                         os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1984                                   ETH_ALEN);
1985                 }
1986                 return;
1987         }
1989 #ifdef CONFIG_AP
1990         if (wpa_s->ap_iface) {
1991                 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1992                 return;
1993         }
1994 #endif /* CONFIG_AP */
1996         if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1997                 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
1998                         "no key management is configured");
1999                 return;
2000         }
2002         if (wpa_s->eapol_received == 0 &&
2003             (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
2004              !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
2005              wpa_s->wpa_state != WPA_COMPLETED) &&
2006             (wpa_s->current_ssid == NULL ||
2007              wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
2008                 /* Timeout for completing IEEE 802.1X and WPA authentication */
2009                 wpa_supplicant_req_auth_timeout(
2010                         wpa_s,
2011                         (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
2012                          wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
2013                          wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
2014                         70 : 10, 0);
2015         }
2016         wpa_s->eapol_received++;
2018         if (wpa_s->countermeasures) {
2019                 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
2020                         "EAPOL packet");
2021                 return;
2022         }
2024 #ifdef CONFIG_IBSS_RSN
2025         if (wpa_s->current_ssid &&
2026             wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
2027                 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
2028                 return;
2029         }
2030 #endif /* CONFIG_IBSS_RSN */
2032         /* Source address of the incoming EAPOL frame could be compared to the
2033          * current BSSID. However, it is possible that a centralized
2034          * Authenticator could be using another MAC address than the BSSID of
2035          * an AP, so just allow any address to be used for now. The replies are
2036          * still sent to the current BSSID (if available), though. */
2038         os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
2039         if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
2040             eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
2041                 return;
2042         wpa_drv_poll(wpa_s);
2043         if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
2044                 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
2045         else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
2046                 /*
2047                  * Set portValid = TRUE here since we are going to skip 4-way
2048                  * handshake processing which would normally set portValid. We
2049                  * need this to allow the EAPOL state machines to be completed
2050                  * without going through EAPOL-Key handshake.
2051                  */
2052                 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
2053         }
2057 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
2059         if (wpa_s->driver->send_eapol) {
2060                 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2061                 if (addr)
2062                         os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2063         } else if (!(wpa_s->drv_flags &
2064                      WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
2065                 l2_packet_deinit(wpa_s->l2);
2066                 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
2067                                            wpa_drv_get_mac_addr(wpa_s),
2068                                            ETH_P_EAPOL,
2069                                            wpa_supplicant_rx_eapol, wpa_s, 0);
2070                 if (wpa_s->l2 == NULL)
2071                         return -1;
2072         } else {
2073                 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
2074                 if (addr)
2075                         os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
2076         }
2078         if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
2079                 wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address");
2080                 return -1;
2081         }
2083         wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
2084                 MAC2STR(wpa_s->own_addr));
2085         wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2087         return 0;
2091 /**
2092  * wpa_supplicant_driver_init - Initialize driver interface parameters
2093  * @wpa_s: Pointer to wpa_supplicant data
2094  * Returns: 0 on success, -1 on failure
2095  *
2096  * This function is called to initialize driver interface parameters.
2097  * wpa_drv_init() must have been called before this function to initialize the
2098  * driver interface.
2099  */
2100 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
2102         static int interface_count = 0;
2104         if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
2105                 return -1;
2107         if (wpa_s->bridge_ifname[0]) {
2108                 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
2109                         "interface '%s'", wpa_s->bridge_ifname);
2110                 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
2111                                               wpa_s->own_addr,
2112                                               ETH_P_EAPOL,
2113                                               wpa_supplicant_rx_eapol, wpa_s,
2114                                               0);
2115                 if (wpa_s->l2_br == NULL) {
2116                         wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
2117                                 "connection for the bridge interface '%s'",
2118                                 wpa_s->bridge_ifname);
2119                         return -1;
2120                 }
2121         }
2123         wpa_clear_keys(wpa_s, NULL);
2125         /* Make sure that TKIP countermeasures are not left enabled (could
2126          * happen if wpa_supplicant is killed during countermeasures. */
2127         wpa_drv_set_countermeasures(wpa_s, 0);
2129         wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
2130         wpa_drv_flush_pmkid(wpa_s);
2132         wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
2133         wpa_s->prev_scan_wildcard = 0;
2135         if (wpa_supplicant_enabled_networks(wpa_s->conf)) {
2136                 if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count,
2137                                                       100000))
2138                         wpa_supplicant_req_scan(wpa_s, interface_count,
2139                                                 100000);
2140                 interface_count++;
2141         } else
2142                 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2144         return 0;
2148 static int wpa_supplicant_daemon(const char *pid_file)
2150         wpa_printf(MSG_DEBUG, "Daemonize..");
2151         return os_daemonize(pid_file);
2155 static struct wpa_supplicant * wpa_supplicant_alloc(void)
2157         struct wpa_supplicant *wpa_s;
2159         wpa_s = os_zalloc(sizeof(*wpa_s));
2160         if (wpa_s == NULL)
2161                 return NULL;
2162         wpa_s->scan_req = 1;
2163         wpa_s->scan_interval = 5;
2164         wpa_s->new_connection = 1;
2165         wpa_s->parent = wpa_s;
2166         wpa_s->sched_scanning = 0;
2168         return wpa_s;
2172 #ifdef CONFIG_HT_OVERRIDES
2174 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
2175                              struct ieee80211_ht_capabilities *htcaps,
2176                              struct ieee80211_ht_capabilities *htcaps_mask,
2177                              const char *ht_mcs)
2179         /* parse ht_mcs into hex array */
2180         int i;
2181         const char *tmp = ht_mcs;
2182         char *end = NULL;
2184         /* If ht_mcs is null, do not set anything */
2185         if (!ht_mcs)
2186                 return 0;
2188         /* This is what we are setting in the kernel */
2189         os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
2191         wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
2193         for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
2194                 errno = 0;
2195                 long v = strtol(tmp, &end, 16);
2196                 if (errno == 0) {
2197                         wpa_msg(wpa_s, MSG_DEBUG,
2198                                 "htcap value[%i]: %ld end: %p  tmp: %p",
2199                                 i, v, end, tmp);
2200                         if (end == tmp)
2201                                 break;
2203                         htcaps->supported_mcs_set[i] = v;
2204                         tmp = end;
2205                 } else {
2206                         wpa_msg(wpa_s, MSG_ERROR,
2207                                 "Failed to parse ht-mcs: %s, error: %s\n",
2208                                 ht_mcs, strerror(errno));
2209                         return -1;
2210                 }
2211         }
2213         /*
2214          * If we were able to parse any values, then set mask for the MCS set.
2215          */
2216         if (i) {
2217                 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
2218                           IEEE80211_HT_MCS_MASK_LEN - 1);
2219                 /* skip the 3 reserved bits */
2220                 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
2221                         0x1f;
2222         }
2224         return 0;
2228 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
2229                                  struct ieee80211_ht_capabilities *htcaps,
2230                                  struct ieee80211_ht_capabilities *htcaps_mask,
2231                                  int disabled)
2233         u16 msk;
2235         wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
2237         if (disabled == -1)
2238                 return 0;
2240         msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
2241         htcaps_mask->ht_capabilities_info |= msk;
2242         if (disabled)
2243                 htcaps->ht_capabilities_info &= msk;
2244         else
2245                 htcaps->ht_capabilities_info |= msk;
2247         return 0;
2251 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
2252                                 struct ieee80211_ht_capabilities *htcaps,
2253                                 struct ieee80211_ht_capabilities *htcaps_mask,
2254                                 int factor)
2256         wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
2258         if (factor == -1)
2259                 return 0;
2261         if (factor < 0 || factor > 3) {
2262                 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
2263                         "Must be 0-3 or -1", factor);
2264                 return -EINVAL;
2265         }
2267         htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
2268         htcaps->a_mpdu_params &= ~0x3;
2269         htcaps->a_mpdu_params |= factor & 0x3;
2271         return 0;
2275 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
2276                                  struct ieee80211_ht_capabilities *htcaps,
2277                                  struct ieee80211_ht_capabilities *htcaps_mask,
2278                                  int density)
2280         wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
2282         if (density == -1)
2283                 return 0;
2285         if (density < 0 || density > 7) {
2286                 wpa_msg(wpa_s, MSG_ERROR,
2287                         "ampdu_density: %d out of range. Must be 0-7 or -1.",
2288                         density);
2289                 return -EINVAL;
2290         }
2292         htcaps_mask->a_mpdu_params |= 0x1C;
2293         htcaps->a_mpdu_params &= ~(0x1C);
2294         htcaps->a_mpdu_params |= (density << 2) & 0x1C;
2296         return 0;
2300 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
2301                                 struct ieee80211_ht_capabilities *htcaps,
2302                                 struct ieee80211_ht_capabilities *htcaps_mask,
2303                                 int disabled)
2305         /* Masking these out disables HT40 */
2306         u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET |
2307                                HT_CAP_INFO_SHORT_GI40MHZ);
2309         wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
2311         if (disabled)
2312                 htcaps->ht_capabilities_info &= ~msk;
2313         else
2314                 htcaps->ht_capabilities_info |= msk;
2316         htcaps_mask->ht_capabilities_info |= msk;
2318         return 0;
2322 void wpa_supplicant_apply_ht_overrides(
2323         struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2324         struct wpa_driver_associate_params *params)
2326         struct ieee80211_ht_capabilities *htcaps;
2327         struct ieee80211_ht_capabilities *htcaps_mask;
2329         if (!ssid)
2330                 return;
2332         params->disable_ht = ssid->disable_ht;
2333         if (!params->htcaps || !params->htcaps_mask)
2334                 return;
2336         htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
2337         htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
2338         wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
2339         wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
2340                               ssid->disable_max_amsdu);
2341         wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
2342         wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
2343         wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
2346 #endif /* CONFIG_HT_OVERRIDES */
2349 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
2350                                      struct wpa_interface *iface)
2352         const char *ifname, *driver;
2353         struct wpa_driver_capa capa;
2355         wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
2356                    "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
2357                    iface->confname ? iface->confname : "N/A",
2358                    iface->driver ? iface->driver : "default",
2359                    iface->ctrl_interface ? iface->ctrl_interface : "N/A",
2360                    iface->bridge_ifname ? iface->bridge_ifname : "N/A");
2362         if (iface->confname) {
2363 #ifdef CONFIG_BACKEND_FILE
2364                 wpa_s->confname = os_rel2abs_path(iface->confname);
2365                 if (wpa_s->confname == NULL) {
2366                         wpa_printf(MSG_ERROR, "Failed to get absolute path "
2367                                    "for configuration file '%s'.",
2368                                    iface->confname);
2369                         return -1;
2370                 }
2371                 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
2372                            iface->confname, wpa_s->confname);
2373 #else /* CONFIG_BACKEND_FILE */
2374                 wpa_s->confname = os_strdup(iface->confname);
2375 #endif /* CONFIG_BACKEND_FILE */
2376                 wpa_s->conf = wpa_config_read(wpa_s->confname);
2377                 if (wpa_s->conf == NULL) {
2378                         wpa_printf(MSG_ERROR, "Failed to read or parse "
2379                                    "configuration '%s'.", wpa_s->confname);
2380                         return -1;
2381                 }
2383                 /*
2384                  * Override ctrl_interface and driver_param if set on command
2385                  * line.
2386                  */
2387                 if (iface->ctrl_interface) {
2388                         os_free(wpa_s->conf->ctrl_interface);
2389                         wpa_s->conf->ctrl_interface =
2390                                 os_strdup(iface->ctrl_interface);
2391                 }
2393                 if (iface->driver_param) {
2394                         os_free(wpa_s->conf->driver_param);
2395                         wpa_s->conf->driver_param =
2396                                 os_strdup(iface->driver_param);
2397                 }
2398         } else
2399                 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
2400                                                      iface->driver_param);
2402         if (wpa_s->conf == NULL) {
2403                 wpa_printf(MSG_ERROR, "\nNo configuration found.");
2404                 return -1;
2405         }
2407         if (iface->ifname == NULL) {
2408                 wpa_printf(MSG_ERROR, "\nInterface name is required.");
2409                 return -1;
2410         }
2411         if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
2412                 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
2413                            iface->ifname);
2414                 return -1;
2415         }
2416         os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
2418         if (iface->bridge_ifname) {
2419                 if (os_strlen(iface->bridge_ifname) >=
2420                     sizeof(wpa_s->bridge_ifname)) {
2421                         wpa_printf(MSG_ERROR, "\nToo long bridge interface "
2422                                    "name '%s'.", iface->bridge_ifname);
2423                         return -1;
2424                 }
2425                 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
2426                            sizeof(wpa_s->bridge_ifname));
2427         }
2429         /* RSNA Supplicant Key Management - INITIALIZE */
2430         eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
2431         eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
2433         /* Initialize driver interface and register driver event handler before
2434          * L2 receive handler so that association events are processed before
2435          * EAPOL-Key packets if both become available for the same select()
2436          * call. */
2437         driver = iface->driver;
2438 next_driver:
2439         if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
2440                 return -1;
2442         wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
2443         if (wpa_s->drv_priv == NULL) {
2444                 const char *pos;
2445                 pos = driver ? os_strchr(driver, ',') : NULL;
2446                 if (pos) {
2447                         wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
2448                                 "driver interface - try next driver wrapper");
2449                         driver = pos + 1;
2450                         goto next_driver;
2451                 }
2452                 wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver "
2453                         "interface");
2454                 return -1;
2455         }
2456         if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
2457                 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
2458                         "driver_param '%s'", wpa_s->conf->driver_param);
2459                 return -1;
2460         }
2462         ifname = wpa_drv_get_ifname(wpa_s);
2463         if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
2464                 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
2465                         "interface name with '%s'", ifname);
2466                 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
2467         }
2469         if (wpa_supplicant_init_wpa(wpa_s) < 0)
2470                 return -1;
2472         wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
2473                           wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
2474                           NULL);
2475         wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
2477         if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
2478             wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
2479                              wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
2480                 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2481                         "dot11RSNAConfigPMKLifetime");
2482                 return -1;
2483         }
2485         if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
2486             wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
2487                              wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
2488                 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2489                         "dot11RSNAConfigPMKReauthThreshold");
2490                 return -1;
2491         }
2493         if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2494             wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2495                              wpa_s->conf->dot11RSNAConfigSATimeout)) {
2496                 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
2497                         "dot11RSNAConfigSATimeout");
2498                 return -1;
2499         }
2501         wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
2502                                                       &wpa_s->hw.num_modes,
2503                                                       &wpa_s->hw.flags);
2505         if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2506                 wpa_s->drv_capa_known = 1;
2507                 wpa_s->drv_flags = capa.flags;
2508                 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
2509                 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2510                 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
2511                 wpa_s->sched_scan_supported = capa.sched_scan_supported;
2512                 wpa_s->max_match_sets = capa.max_match_sets;
2513                 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
2514                 wpa_s->max_stations = capa.max_stations;
2515         }
2516         if (wpa_s->max_remain_on_chan == 0)
2517                 wpa_s->max_remain_on_chan = 1000;
2519         if (wpa_supplicant_driver_init(wpa_s) < 0)
2520                 return -1;
2522 #ifdef CONFIG_TDLS
2523         if (wpa_tdls_init(wpa_s->wpa))
2524                 return -1;
2525 #endif /* CONFIG_TDLS */
2527         if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2528             wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2529                 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
2530                 return -1;
2531         }
2533         if (wpas_wps_init(wpa_s))
2534                 return -1;
2536         if (wpa_supplicant_init_eapol(wpa_s) < 0)
2537                 return -1;
2538         wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2540         wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2541         if (wpa_s->ctrl_iface == NULL) {
2542                 wpa_printf(MSG_ERROR,
2543                            "Failed to initialize control interface '%s'.\n"
2544                            "You may have another wpa_supplicant process "
2545                            "already running or the file was\n"
2546                            "left by an unclean termination of wpa_supplicant "
2547                            "in which case you will need\n"
2548                            "to manually remove this file before starting "
2549                            "wpa_supplicant again.\n",
2550                            wpa_s->conf->ctrl_interface);
2551                 return -1;
2552         }
2554         wpa_s->gas = gas_query_init(wpa_s);
2555         if (wpa_s->gas == NULL) {
2556                 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
2557                 return -1;
2558         }
2560 #ifdef CONFIG_P2P
2561         if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
2562                 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
2563                 return -1;
2564         }
2565 #endif /* CONFIG_P2P */
2567         if (wpa_bss_init(wpa_s) < 0)
2568                 return -1;
2570         return 0;
2574 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2575                                         int notify, int terminate)
2577         if (wpa_s->drv_priv) {
2578                 wpa_supplicant_deauthenticate(wpa_s,
2579                                               WLAN_REASON_DEAUTH_LEAVING);
2581                 wpa_drv_set_countermeasures(wpa_s, 0);
2582                 wpa_clear_keys(wpa_s, NULL);
2583         }
2585         wpa_supplicant_cleanup(wpa_s);
2587         if (wpa_s->drv_priv)
2588                 wpa_drv_deinit(wpa_s);
2590         if (notify)
2591                 wpas_notify_iface_removed(wpa_s);
2593         if (terminate)
2594                 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
2596         if (wpa_s->ctrl_iface) {
2597                 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
2598                 wpa_s->ctrl_iface = NULL;
2599         }
2601         if (wpa_s->conf != NULL) {
2602                 wpa_config_free(wpa_s->conf);
2603                 wpa_s->conf = NULL;
2604         }
2608 /**
2609  * wpa_supplicant_add_iface - Add a new network interface
2610  * @global: Pointer to global data from wpa_supplicant_init()
2611  * @iface: Interface configuration options
2612  * Returns: Pointer to the created interface or %NULL on failure
2613  *
2614  * This function is used to add new network interfaces for %wpa_supplicant.
2615  * This can be called before wpa_supplicant_run() to add interfaces before the
2616  * main event loop has been started. In addition, new interfaces can be added
2617  * dynamically while %wpa_supplicant is already running. This could happen,
2618  * e.g., when a hotplug network adapter is inserted.
2619  */
2620 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2621                                                  struct wpa_interface *iface)
2623         struct wpa_supplicant *wpa_s;
2624         struct wpa_interface t_iface;
2625         struct wpa_ssid *ssid;
2627         if (global == NULL || iface == NULL)
2628                 return NULL;
2630         wpa_s = wpa_supplicant_alloc();
2631         if (wpa_s == NULL)
2632                 return NULL;
2634         wpa_s->global = global;
2636         t_iface = *iface;
2637         if (global->params.override_driver) {
2638                 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2639                            "('%s' -> '%s')",
2640                            iface->driver, global->params.override_driver);
2641                 t_iface.driver = global->params.override_driver;
2642         }
2643         if (global->params.override_ctrl_interface) {
2644                 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2645                            "ctrl_interface ('%s' -> '%s')",
2646                            iface->ctrl_interface,
2647                            global->params.override_ctrl_interface);
2648                 t_iface.ctrl_interface =
2649                         global->params.override_ctrl_interface;
2650         }
2651         if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2652                 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2653                            iface->ifname);
2654                 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
2655                 os_free(wpa_s);
2656                 return NULL;
2657         }
2659         /* Notify the control interfaces about new iface */
2660         if (wpas_notify_iface_added(wpa_s)) {
2661                 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
2662                 os_free(wpa_s);
2663                 return NULL;
2664         }
2666         for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2667                 wpas_notify_network_added(wpa_s, ssid);
2669         wpa_s->next = global->ifaces;
2670         global->ifaces = wpa_s;
2672         wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2674         return wpa_s;
2678 /**
2679  * wpa_supplicant_remove_iface - Remove a network interface
2680  * @global: Pointer to global data from wpa_supplicant_init()
2681  * @wpa_s: Pointer to the network interface to be removed
2682  * Returns: 0 if interface was removed, -1 if interface was not found
2683  *
2684  * This function can be used to dynamically remove network interfaces from
2685  * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2686  * addition, this function is used to remove all remaining interfaces when
2687  * %wpa_supplicant is terminated.
2688  */
2689 int wpa_supplicant_remove_iface(struct wpa_global *global,
2690                                 struct wpa_supplicant *wpa_s,
2691                                 int terminate)
2693         struct wpa_supplicant *prev;
2695         /* Remove interface from the global list of interfaces */
2696         prev = global->ifaces;
2697         if (prev == wpa_s) {
2698                 global->ifaces = wpa_s->next;
2699         } else {
2700                 while (prev && prev->next != wpa_s)
2701                         prev = prev->next;
2702                 if (prev == NULL)
2703                         return -1;
2704                 prev->next = wpa_s->next;
2705         }
2707         wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2709         if (global->p2p_group_formation == wpa_s)
2710                 global->p2p_group_formation = NULL;
2711         wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
2712         os_free(wpa_s);
2714         return 0;
2718 /**
2719  * wpa_supplicant_get_eap_mode - Get the current EAP mode
2720  * @wpa_s: Pointer to the network interface
2721  * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
2722  */
2723 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
2725         const char *eapol_method;
2727         if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
2728             wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
2729                 return "NO-EAP";
2730         }
2732         eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
2733         if (eapol_method == NULL)
2734                 return "UNKNOWN-EAP";
2736         return eapol_method;
2740 /**
2741  * wpa_supplicant_get_iface - Get a new network interface
2742  * @global: Pointer to global data from wpa_supplicant_init()
2743  * @ifname: Interface name
2744  * Returns: Pointer to the interface or %NULL if not found
2745  */
2746 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2747                                                  const char *ifname)
2749         struct wpa_supplicant *wpa_s;
2751         for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2752                 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2753                         return wpa_s;
2754         }
2755         return NULL;
2759 #ifndef CONFIG_NO_WPA_MSG
2760 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
2762         struct wpa_supplicant *wpa_s = ctx;
2763         if (wpa_s == NULL)
2764                 return NULL;
2765         return wpa_s->ifname;
2767 #endif /* CONFIG_NO_WPA_MSG */
2770 /**
2771  * wpa_supplicant_init - Initialize %wpa_supplicant
2772  * @params: Parameters for %wpa_supplicant
2773  * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2774  *
2775  * This function is used to initialize %wpa_supplicant. After successful
2776  * initialization, the returned data pointer can be used to add and remove
2777  * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2778  */
2779 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2781         struct wpa_global *global;
2782         int ret, i;
2784         if (params == NULL)
2785                 return NULL;
2787 #ifdef CONFIG_DRIVER_NDIS
2788         {
2789                 void driver_ndis_init_ops(void);
2790                 driver_ndis_init_ops();
2791         }
2792 #endif /* CONFIG_DRIVER_NDIS */
2794 #ifndef CONFIG_NO_WPA_MSG
2795         wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
2796 #endif /* CONFIG_NO_WPA_MSG */
2798         wpa_debug_open_file(params->wpa_debug_file_path);
2799         if (params->wpa_debug_syslog)
2800                 wpa_debug_open_syslog();
2802         ret = eap_register_methods();
2803         if (ret) {
2804                 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2805                 if (ret == -2)
2806                         wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2807                                    "the same EAP type.");
2808                 return NULL;
2809         }
2811         global = os_zalloc(sizeof(*global));
2812         if (global == NULL)
2813                 return NULL;
2814         dl_list_init(&global->p2p_srv_bonjour);
2815         dl_list_init(&global->p2p_srv_upnp);
2816         global->params.daemonize = params->daemonize;
2817         global->params.wait_for_monitor = params->wait_for_monitor;
2818         global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2819         if (params->pid_file)
2820                 global->params.pid_file = os_strdup(params->pid_file);
2821         if (params->ctrl_interface)
2822                 global->params.ctrl_interface =
2823                         os_strdup(params->ctrl_interface);
2824         if (params->override_driver)
2825                 global->params.override_driver =
2826                         os_strdup(params->override_driver);
2827         if (params->override_ctrl_interface)
2828                 global->params.override_ctrl_interface =
2829                         os_strdup(params->override_ctrl_interface);
2830         wpa_debug_level = global->params.wpa_debug_level =
2831                 params->wpa_debug_level;
2832         wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2833                 params->wpa_debug_show_keys;
2834         wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2835                 params->wpa_debug_timestamp;
2837         wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR);
2839         if (eloop_init()) {
2840                 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2841                 wpa_supplicant_deinit(global);
2842                 return NULL;
2843         }
2845         random_init(params->entropy_file);
2847         global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2848         if (global->ctrl_iface == NULL) {
2849                 wpa_supplicant_deinit(global);
2850                 return NULL;
2851         }
2853         if (wpas_notify_supplicant_initialized(global)) {
2854                 wpa_supplicant_deinit(global);
2855                 return NULL;
2856         }
2858         for (i = 0; wpa_drivers[i]; i++)
2859                 global->drv_count++;
2860         if (global->drv_count == 0) {
2861                 wpa_printf(MSG_ERROR, "No drivers enabled");
2862                 wpa_supplicant_deinit(global);
2863                 return NULL;
2864         }
2865         global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2866         if (global->drv_priv == NULL) {
2867                 wpa_supplicant_deinit(global);
2868                 return NULL;
2869         }
2871         return global;
2875 /**
2876  * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2877  * @global: Pointer to global data from wpa_supplicant_init()
2878  * Returns: 0 after successful event loop run, -1 on failure
2879  *
2880  * This function starts the main event loop and continues running as long as
2881  * there are any remaining events. In most cases, this function is running as
2882  * long as the %wpa_supplicant process in still in use.
2883  */
2884 int wpa_supplicant_run(struct wpa_global *global)
2886         struct wpa_supplicant *wpa_s;
2888         if (global->params.daemonize &&
2889             wpa_supplicant_daemon(global->params.pid_file))
2890                 return -1;
2892         if (global->params.wait_for_monitor) {
2893                 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2894                         if (wpa_s->ctrl_iface)
2895                                 wpa_supplicant_ctrl_iface_wait(
2896                                         wpa_s->ctrl_iface);
2897         }
2899         eloop_register_signal_terminate(wpa_supplicant_terminate, global);
2900         eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
2902         eloop_run();
2904         return 0;
2908 /**
2909  * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2910  * @global: Pointer to global data from wpa_supplicant_init()
2911  *
2912  * This function is called to deinitialize %wpa_supplicant and to free all
2913  * allocated resources. Remaining network interfaces will also be removed.
2914  */
2915 void wpa_supplicant_deinit(struct wpa_global *global)
2917         int i;
2919         if (global == NULL)
2920                 return;
2922 #ifdef CONFIG_P2P
2923         wpas_p2p_deinit_global(global);
2924 #endif /* CONFIG_P2P */
2926         while (global->ifaces)
2927                 wpa_supplicant_remove_iface(global, global->ifaces, 1);
2929         if (global->ctrl_iface)
2930                 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2932         wpas_notify_supplicant_deinitialized(global);
2934         eap_peer_unregister_methods();
2935 #ifdef CONFIG_AP
2936         eap_server_unregister_methods();
2937 #endif /* CONFIG_AP */
2939         for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
2940                 if (!global->drv_priv[i])
2941                         continue;
2942                 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
2943         }
2944         os_free(global->drv_priv);
2946         random_deinit();
2948         eloop_destroy();
2950         if (global->params.pid_file) {
2951                 os_daemonize_terminate(global->params.pid_file);
2952                 os_free(global->params.pid_file);
2953         }
2954         os_free(global->params.ctrl_interface);
2955         os_free(global->params.override_driver);
2956         os_free(global->params.override_ctrl_interface);
2958         os_free(global);
2959         wpa_debug_close_syslog();
2960         wpa_debug_close_file();
2964 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
2966         if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
2967             wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
2968                 char country[3];
2969                 country[0] = wpa_s->conf->country[0];
2970                 country[1] = wpa_s->conf->country[1];
2971                 country[2] = '\0';
2972                 if (wpa_drv_set_country(wpa_s, country) < 0) {
2973                         wpa_printf(MSG_ERROR, "Failed to set country code "
2974                                    "'%s'", country);
2975                 }
2976         }
2978 #ifdef CONFIG_WPS
2979         wpas_wps_update_config(wpa_s);
2980 #endif /* CONFIG_WPS */
2982 #ifdef CONFIG_P2P
2983         wpas_p2p_update_config(wpa_s);
2984 #endif /* CONFIG_P2P */
2986         wpa_s->conf->changed_parameters = 0;
2990 static void add_freq(int *freqs, int *num_freqs, int freq)
2992         int i;
2994         for (i = 0; i < *num_freqs; i++) {
2995                 if (freqs[i] == freq)
2996                         return;
2997         }
2999         freqs[*num_freqs] = freq;
3000         (*num_freqs)++;
3004 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
3006         struct wpa_bss *bss, *cbss;
3007         const int max_freqs = 10;
3008         int *freqs;
3009         int num_freqs = 0;
3011         freqs = os_zalloc(sizeof(int) * (max_freqs + 1));
3012         if (freqs == NULL)
3013                 return NULL;
3015         cbss = wpa_s->current_bss;
3017         dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
3018                 if (bss == cbss)
3019                         continue;
3020                 if (bss->ssid_len == cbss->ssid_len &&
3021                     os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
3022                     wpa_blacklist_get(wpa_s, bss->bssid) == NULL) {
3023                         add_freq(freqs, &num_freqs, bss->freq);
3024                         if (num_freqs == max_freqs)
3025                                 break;
3026                 }
3027         }
3029         if (num_freqs == 0) {
3030                 os_free(freqs);
3031                 freqs = NULL;
3032         }
3034         return freqs;
3038 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid)
3040         int timeout;
3041         int count;
3042         int *freqs = NULL;
3044         /*
3045          * Remove possible authentication timeout since the connection failed.
3046          */
3047         eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
3049         /*
3050          * Add the failed BSSID into the blacklist and speed up next scan
3051          * attempt if there could be other APs that could accept association.
3052          * The current blacklist count indicates how many times we have tried
3053          * connecting to this AP and multiple attempts mean that other APs are
3054          * either not available or has already been tried, so that we can start
3055          * increasing the delay here to avoid constant scanning.
3056          */
3057         count = wpa_blacklist_add(wpa_s, bssid);
3058         if (count == 1 && wpa_s->current_bss) {
3059                 /*
3060                  * This BSS was not in the blacklist before. If there is
3061                  * another BSS available for the same ESS, we should try that
3062                  * next. Otherwise, we may as well try this one once more
3063                  * before allowing other, likely worse, ESSes to be considered.
3064                  */
3065                 freqs = get_bss_freqs_in_ess(wpa_s);
3066                 if (freqs) {
3067                         wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
3068                                 "has been seen; try it next");
3069                         wpa_blacklist_add(wpa_s, bssid);
3070                         /*
3071                          * On the next scan, go through only the known channels
3072                          * used in this ESS based on previous scans to speed up
3073                          * common load balancing use case.
3074                          */
3075                         os_free(wpa_s->next_scan_freqs);
3076                         wpa_s->next_scan_freqs = freqs;
3077                 }
3078         }
3080         switch (count) {
3081         case 1:
3082                 timeout = 100;
3083                 break;
3084         case 2:
3085                 timeout = 500;
3086                 break;
3087         case 3:
3088      &nbs