Lines Matching +full:4 +full:ghz +full:- +full:coexistence
2 * wpa_supplicant - SME
3 * Copyright (c) 2009-2024, Jouni Malinen <j@w1.fi>
60 int *groups = wpa_s->conf->sae_groups; in sme_set_sae_group()
67 if (!index_within_array(groups, wpa_s->sme.sae_group_index)) in sme_set_sae_group()
68 return -1; in sme_set_sae_group()
71 int group = groups[wpa_s->sme.sae_group_index]; in sme_set_sae_group()
74 if (!int_array_includes(wpa_s->sme.sae_rejected_groups, in sme_set_sae_group()
76 sae_set_group(&wpa_s->sme.sae, group) == 0) { in sme_set_sae_group()
78 wpa_s->sme.sae.group); in sme_set_sae_group()
79 wpa_s->sme.sae.akmp = external ? in sme_set_sae_group()
80 wpa_s->sme.ext_auth_key_mgmt : wpa_s->key_mgmt; in sme_set_sae_group()
83 wpa_s->sme.sae_group_index++; in sme_set_sae_group()
86 return -1; in sme_set_sae_group()
105 int key_mgmt = external ? wpa_s->sme.ext_auth_key_mgmt : in sme_auth_build_sae_commit()
106 wpa_s->key_mgmt; in sme_auth_build_sae_commit()
115 if (wpa_s->sae_commit_override) { in sme_auth_build_sae_commit()
116 wpa_printf(MSG_DEBUG, "SAE: TESTING - commit override"); in sme_auth_build_sae_commit()
117 buf = wpabuf_alloc(4 + wpabuf_len(wpa_s->sae_commit_override)); in sme_auth_build_sae_commit()
124 wpabuf_put_buf(buf, wpa_s->sae_commit_override); in sme_auth_build_sae_commit()
129 if (ssid->sae_password) { in sme_auth_build_sae_commit()
130 password = os_strdup(ssid->sae_password); in sme_auth_build_sae_commit()
137 if (!password && ssid->passphrase) { in sme_auth_build_sae_commit()
138 password = os_strdup(ssid->passphrase); in sme_auth_build_sae_commit()
145 if (!password && ssid->ext_psk) { in sme_auth_build_sae_commit()
146 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, in sme_auth_build_sae_commit()
147 ssid->ext_psk); in sme_auth_build_sae_commit()
170 if (reuse && wpa_s->sme.sae.tmp && in sme_auth_build_sae_commit()
171 ether_addr_equal(addr, wpa_s->sme.sae.tmp->bssid)) { in sme_auth_build_sae_commit()
174 use_pt = wpa_s->sme.sae.h2e; in sme_auth_build_sae_commit()
175 use_pk = wpa_s->sme.sae.pk; in sme_auth_build_sae_commit()
198 if (ssid->sae_password_id && in sme_auth_build_sae_commit()
199 wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK) in sme_auth_build_sae_commit()
202 wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK) in sme_auth_build_sae_commit()
204 if (bss && is_6ghz_freq(bss->freq) && in sme_auth_build_sae_commit()
205 wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK) in sme_auth_build_sae_commit()
209 ssid->sae_pk != SAE_PK_MODE_DISABLED && in sme_auth_build_sae_commit()
210 ((ssid->sae_password && in sme_auth_build_sae_commit()
211 sae_pk_valid_password(ssid->sae_password)) || in sme_auth_build_sae_commit()
212 (!ssid->sae_password && ssid->passphrase && in sme_auth_build_sae_commit()
213 sae_pk_valid_password(ssid->passphrase)))) { in sme_auth_build_sae_commit()
218 if (ssid->sae_pk == SAE_PK_MODE_ONLY && !use_pk) { in sme_auth_build_sae_commit()
225 if (use_pt || wpa_s->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT || in sme_auth_build_sae_commit()
226 wpa_s->conf->sae_pwe == SAE_PWE_BOTH) { in sme_auth_build_sae_commit()
229 if ((wpa_s->conf->sae_pwe == SAE_PWE_HASH_TO_ELEMENT || in sme_auth_build_sae_commit()
230 ssid->sae_password_id || in sme_auth_build_sae_commit()
232 wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK && in sme_auth_build_sae_commit()
240 if (use_pt && !ssid->pt) in sme_auth_build_sae_commit()
241 wpa_s_setup_sae_pt(wpa_s->conf, ssid, true); in sme_auth_build_sae_commit()
243 sae_prepare_commit_pt(&wpa_s->sme.sae, ssid->pt, in sme_auth_build_sae_commit()
244 wpa_s->own_addr, addr, in sme_auth_build_sae_commit()
245 wpa_s->sme.sae_rejected_groups, NULL) < 0) in sme_auth_build_sae_commit()
248 sae_prepare_commit(wpa_s->own_addr, addr, in sme_auth_build_sae_commit()
250 &wpa_s->sme.sae) < 0) { in sme_auth_build_sae_commit()
254 if (wpa_s->sme.sae.tmp) { in sme_auth_build_sae_commit()
255 os_memcpy(wpa_s->sme.sae.tmp->bssid, addr, ETH_ALEN); in sme_auth_build_sae_commit()
257 wpa_s->sme.sae.pk = 1; in sme_auth_build_sae_commit()
259 os_memcpy(wpa_s->sme.sae.tmp->own_addr, wpa_s->own_addr, in sme_auth_build_sae_commit()
261 os_memcpy(wpa_s->sme.sae.tmp->peer_addr, addr, ETH_ALEN); in sme_auth_build_sae_commit()
262 sae_pk_set_password(&wpa_s->sme.sae, password); in sme_auth_build_sae_commit()
267 len = wpa_s->sme.sae_token ? 3 + wpabuf_len(wpa_s->sme.sae_token) : 0; in sme_auth_build_sae_commit()
268 if (ssid->sae_password_id) in sme_auth_build_sae_commit()
269 len += 4 + os_strlen(ssid->sae_password_id); in sme_auth_build_sae_commit()
270 buf = wpabuf_alloc(4 + SAE_COMMIT_MAX_LEN + len); in sme_auth_build_sae_commit()
282 if (sae_write_commit(&wpa_s->sme.sae, buf, wpa_s->sme.sae_token, in sme_auth_build_sae_commit()
283 ssid->sae_password_id) < 0) { in sme_auth_build_sae_commit()
306 buf = wpabuf_alloc(4 + SAE_CONFIRM_MAX_LEN); in sme_auth_build_sae_confirm()
314 sae_write_confirm(&wpa_s->sme.sae, buf); in sme_auth_build_sae_confirm()
323 * sme_auth_handle_rrm - Handle RRM aspects of current authentication attempt
334 wpa_s->rrm.rrm_used = 0; in sme_auth_handle_rrm()
337 "RRM: Determining whether RRM can be used - device support: 0x%x", in sme_auth_handle_rrm()
338 wpa_s->drv_rrm_flags); in sme_auth_handle_rrm()
341 if (!rrm_ie || !(bss->caps & IEEE80211_CAP_RRM)) { in sme_auth_handle_rrm()
346 if (!((wpa_s->drv_rrm_flags & in sme_auth_handle_rrm()
348 (wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_QUIET)) && in sme_auth_handle_rrm()
349 !(wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_SUPPORT_RRM)) { in sme_auth_handle_rrm()
351 "RRM: Insufficient RRM support in driver - do not use RRM"); in sme_auth_handle_rrm()
355 if (sizeof(wpa_s->sme.assoc_req_ie) < in sme_auth_handle_rrm()
356 wpa_s->sme.assoc_req_ie_len + rrm_ie_len + 2) { in sme_auth_handle_rrm()
363 pos = wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len; in sme_auth_handle_rrm()
369 if (wpa_s->drv_rrm_flags & WPA_DRIVER_FLAGS_TX_POWER_INSERTION) in sme_auth_handle_rrm()
376 if (wpa_s->lci) in sme_auth_handle_rrm()
379 wpa_s->sme.assoc_req_ie_len += rrm_ie_len + 2; in sme_auth_handle_rrm()
380 wpa_s->rrm.rrm_used = 1; in sme_auth_handle_rrm()
389 wpa_s->valid_links &= ~removed_links; in wpas_ml_handle_removed_links()
402 wpa_s->valid_links, in wpas_ml_connect_pref()
403 wpa_s->conf->mld_connect_band_pref, in wpas_ml_connect_pref()
404 MAC2STR(wpa_s->conf->mld_connect_bssid_pref)); in wpas_ml_connect_pref()
407 if (!(wpa_s->valid_links & (wpa_s->valid_links - 1))) in wpas_ml_connect_pref()
410 if (!is_zero_ether_addr(wpa_s->conf->mld_connect_bssid_pref)) { in wpas_ml_connect_pref()
411 for_each_link(wpa_s->valid_links, i) { in wpas_ml_connect_pref()
412 if (wpa_s->mlo_assoc_link_id == i) in wpas_ml_connect_pref()
416 wpa_s->links[i].bssid, in wpas_ml_connect_pref()
417 wpa_s->conf->mld_connect_bssid_pref)) in wpas_ml_connect_pref()
422 if (wpa_s->conf->mld_connect_band_pref == MLD_CONNECT_BAND_PREF_AUTO) in wpas_ml_connect_pref()
425 switch (wpa_s->conf->mld_connect_band_pref) { in wpas_ml_connect_pref()
442 for_each_link(wpa_s->valid_links, i) { in wpas_ml_connect_pref()
443 if (wpa_s->mlo_assoc_link_id == i) in wpas_ml_connect_pref()
446 if (wpa_s->links[i].freq >= low && wpa_s->links[i].freq <= high) in wpas_ml_connect_pref()
457 "MLD: Change BSS for connect: " MACSTR " -> " MACSTR, in wpas_ml_connect_pref()
458 MAC2STR(wpa_s->links[wpa_s->mlo_assoc_link_id].bssid), in wpas_ml_connect_pref()
459 MAC2STR(wpa_s->links[i].bssid)); in wpas_ml_connect_pref()
462 if (ssid && ssid->ssid_len) in wpas_ml_connect_pref()
463 bss = wpa_bss_get(wpa_s, wpa_s->links[i].bssid, ssid->ssid, in wpas_ml_connect_pref()
464 ssid->ssid_len); in wpas_ml_connect_pref()
466 bss = wpa_bss_get_bssid(wpa_s, wpa_s->links[i].bssid); in wpas_ml_connect_pref()
467 wpa_s->mlo_assoc_link_id = i; in wpas_ml_connect_pref()
480 u16 status_code = data->auth.status_code; in wpas_sme_ml_auth()
482 if (!wpa_s->valid_links) in wpas_sme_ml_auth()
485 if (ieee802_11_parse_elems(data->auth.ies + ie_offset, in wpas_sme_ml_auth()
486 data->auth.ies_len - ie_offset, in wpas_sme_ml_auth()
489 return -1; in wpas_sme_ml_auth()
498 return -1; in wpas_sme_ml_auth()
499 /* Accept missing Multi-Link element in failed authentication in wpas_sme_ml_auth()
506 return -1; in wpas_sme_ml_auth()
510 if (!ether_addr_equal(wpa_s->ap_mld_addr, mld_addr)) { in wpas_sme_ml_auth()
512 MACSTR ")", MAC2STR(wpa_s->ap_mld_addr)); in wpas_sme_ml_auth()
513 return -1; in wpas_sme_ml_auth()
525 wpa_s->valid_links = 0; in wpas_sme_set_mlo_links()
526 wpa_s->mlo_assoc_link_id = bss->mld_link_id; in wpas_sme_set_mlo_links()
528 for_each_link(bss->valid_links, i) { in wpas_sme_set_mlo_links()
529 const u8 *bssid = bss->mld_links[i].bssid; in wpas_sme_set_mlo_links()
531 wpa_s->valid_links |= BIT(i); in wpas_sme_set_mlo_links()
532 os_memcpy(wpa_s->links[i].bssid, bssid, ETH_ALEN); in wpas_sme_set_mlo_links()
533 wpa_s->links[i].freq = bss->mld_links[i].freq; in wpas_sme_set_mlo_links()
534 wpa_s->links[i].disabled = bss->mld_links[i].disabled; in wpas_sme_set_mlo_links()
536 if (bss->mld_link_id == i) in wpas_sme_set_mlo_links()
537 wpa_s->links[i].bss = bss; in wpas_sme_set_mlo_links()
538 else if (ssid && ssid->ssid_len) in wpas_sme_set_mlo_links()
539 wpa_s->links[i].bss = wpa_bss_get(wpa_s, bssid, in wpas_sme_set_mlo_links()
540 ssid->ssid, in wpas_sme_set_mlo_links()
541 ssid->ssid_len); in wpas_sme_set_mlo_links()
543 wpa_s->links[i].bss = wpa_bss_get_bssid(wpa_s, bssid); in wpas_sme_set_mlo_links()
581 if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_MLO) && in sme_send_authentication()
582 !wpa_bss_parse_basic_ml_element(wpa_s, bss, wpa_s->ap_mld_addr, in sme_send_authentication()
584 bss->valid_links) { in sme_send_authentication()
591 if (wpa_s->conf->mld_force_single_link) { in sme_send_authentication()
593 wpa_s->valid_links = BIT(wpa_s->mlo_assoc_link_id); in sme_send_authentication()
597 params.mld_link_id = wpa_s->mlo_assoc_link_id; in sme_send_authentication()
598 params.ap_mld_addr = wpa_s->ap_mld_addr; in sme_send_authentication()
602 skip_auth = wpa_s->conf->reassoc_same_bss_optim && in sme_send_authentication()
603 wpa_s->reassoc_same_bss; in sme_send_authentication()
604 wpa_s->current_bss = bss; in sme_send_authentication()
606 wpa_s->reassociate = 0; in sme_send_authentication()
608 params.freq = bss->freq; in sme_send_authentication()
609 params.bssid = bss->bssid; in sme_send_authentication()
610 params.ssid = bss->ssid; in sme_send_authentication()
611 params.ssid_len = bss->ssid_len; in sme_send_authentication()
612 params.p2p = ssid->p2p_group; in sme_send_authentication()
614 if (wpa_s->sme.ssid_len != params.ssid_len || in sme_send_authentication()
615 os_memcmp(wpa_s->sme.ssid, params.ssid, params.ssid_len) != 0) in sme_send_authentication()
616 wpa_s->sme.prev_bssid_set = 0; in sme_send_authentication()
618 wpa_s->sme.freq = params.freq; in sme_send_authentication()
619 os_memcpy(wpa_s->sme.ssid, params.ssid, params.ssid_len); in sme_send_authentication()
620 wpa_s->sme.ssid_len = params.ssid_len; in sme_send_authentication()
624 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { in sme_send_authentication()
625 if (ssid->leap) { in sme_send_authentication()
626 if (ssid->non_leap == 0) in sme_send_authentication()
635 if (ssid->auth_alg) { in sme_send_authentication()
636 params.auth_alg = ssid->auth_alg; in sme_send_authentication()
641 wpa_s->sme.sae_pmksa_caching = 0; in sme_send_authentication()
642 if (wpa_key_mgmt_sae(ssid->key_mgmt)) { in sme_send_authentication()
652 (ssid->key_mgmt & WPA_KEY_MGMT_DPP) && in sme_send_authentication()
677 if (ssid->wep_key_len[i]) in sme_send_authentication()
678 params.wep_key[i] = ssid->wep_key[i]; in sme_send_authentication()
679 params.wep_key_len[i] = ssid->wep_key_len[i]; in sme_send_authentication()
681 params.wep_tx_keyidx = ssid->wep_tx_keyidx; in sme_send_authentication()
687 wpa_key_mgmt_wpa(ssid->key_mgmt)) { in sme_send_authentication()
691 try_opportunistic = (ssid->proactive_key_caching < 0 ? in sme_send_authentication()
692 wpa_s->conf->okc : in sme_send_authentication()
693 ssid->proactive_key_caching) && in sme_send_authentication()
694 (ssid->proto & WPA_PROTO_RSN); in sme_send_authentication()
696 if (wpa_key_mgmt_fils(ssid->key_mgmt)) in sme_send_authentication()
699 if (pmksa_cache_set_current(wpa_s->wpa, NULL, in sme_send_authentication()
701 bss->bssid, in sme_send_authentication()
702 wpa_s->current_ssid, in sme_send_authentication()
705 eapol_sm_notify_pmkid_attempt(wpa_s->eapol); in sme_send_authentication()
706 wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); in sme_send_authentication()
708 wpa_s->sme.assoc_req_ie, in sme_send_authentication()
709 &wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
718 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) { in sme_send_authentication()
720 wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); in sme_send_authentication()
722 wpa_s->sme.assoc_req_ie, in sme_send_authentication()
723 &wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
731 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && in sme_send_authentication()
732 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { in sme_send_authentication()
734 * Both WPA and non-WPA IEEE 802.1X enabled in configuration - in sme_send_authentication()
735 * use non-WPA since the scan results did not indicate that the in sme_send_authentication()
739 wpa_s->sme.assoc_req_ie_len = 0; in sme_send_authentication()
740 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { in sme_send_authentication()
741 wpa_s->sme.assoc_req_ie_len = sizeof(wpa_s->sme.assoc_req_ie); in sme_send_authentication()
743 wpa_s->sme.assoc_req_ie, in sme_send_authentication()
744 &wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
753 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { in sme_send_authentication()
757 sizeof(wpa_s->sme.assoc_req_ie)) { in sme_send_authentication()
758 wpa_s->sme.assoc_req_ie_len = wpabuf_len(wps_ie); in sme_send_authentication()
759 os_memcpy(wpa_s->sme.assoc_req_ie, wpabuf_head(wps_ie), in sme_send_authentication()
760 wpa_s->sme.assoc_req_ie_len); in sme_send_authentication()
762 wpa_s->sme.assoc_req_ie_len = 0; in sme_send_authentication()
768 wpa_s->sme.assoc_req_ie_len = 0; in sme_send_authentication()
772 * non-vendor IEs, as the lower layer expects the IEs to be ordered as in sme_send_authentication()
778 if (wpa_s->wpa_proto == WPA_PROTO_WPA) { in sme_send_authentication()
779 wpa_ie = os_memdup(wpa_s->sme.assoc_req_ie, in sme_send_authentication()
780 wpa_s->sme.assoc_req_ie_len); in sme_send_authentication()
784 wpa_ie_len = wpa_s->sme.assoc_req_ie_len; in sme_send_authentication()
785 wpa_s->sme.assoc_req_ie_len = 0; in sme_send_authentication()
797 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); in sme_send_authentication()
798 if (md && (!wpa_key_mgmt_ft(ssid->key_mgmt) || in sme_send_authentication()
799 !wpa_key_mgmt_ft(wpa_s->key_mgmt))) in sme_send_authentication()
803 wpa_ft_prepare_auth_request(wpa_s->wpa, ie); in sme_send_authentication()
811 if (wpa_s->sme.assoc_req_ie_len + 5 < in sme_send_authentication()
812 sizeof(wpa_s->sme.assoc_req_ie)) { in sme_send_authentication()
814 u8 *pos = wpa_s->sme.assoc_req_ie + in sme_send_authentication()
815 wpa_s->sme.assoc_req_ie_len; in sme_send_authentication()
819 os_memcpy(mdie->mobility_domain, md, in sme_send_authentication()
821 mdie->ft_capab = md[MOBILITY_DOMAIN_ID_LEN]; in sme_send_authentication()
822 wpa_s->sme.assoc_req_ie_len += 5; in sme_send_authentication()
825 if (wpa_s->sme.prev_bssid_set && wpa_s->sme.ft_used && in sme_send_authentication()
826 os_memcmp(md, wpa_s->sme.mobility_domain, 2) == 0 && in sme_send_authentication()
827 wpa_sm_has_ft_keys(wpa_s->wpa, md)) { in sme_send_authentication()
829 "over-the-air"); in sme_send_authentication()
831 params.ie = wpa_s->sme.ft_ies; in sme_send_authentication()
832 params.ie_len = wpa_s->sme.ft_ies_len; in sme_send_authentication()
837 wpa_s->sme.mfp = wpas_get_ssid_pmf(wpa_s, ssid); in sme_send_authentication()
838 if (wpa_s->sme.mfp != NO_MGMT_FRAME_PROTECTION) { in sme_send_authentication()
846 wpa_s->sme.mfp = MGMT_FRAME_PROTECTION_REQUIRED; in sme_send_authentication()
851 if (wpa_s->global->p2p) { in sme_send_authentication()
855 pos = wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len; in sme_send_authentication()
856 len = sizeof(wpa_s->sme.assoc_req_ie) - in sme_send_authentication()
857 wpa_s->sme.assoc_req_ie_len; in sme_send_authentication()
859 ssid->p2p_group); in sme_send_authentication()
861 wpa_s->sme.assoc_req_ie_len += res; in sme_send_authentication()
866 if (wpa_s->fst_ies) { in sme_send_authentication()
867 int fst_ies_len = wpabuf_len(wpa_s->fst_ies); in sme_send_authentication()
869 if (wpa_s->sme.assoc_req_ie_len + fst_ies_len <= in sme_send_authentication()
870 sizeof(wpa_s->sme.assoc_req_ie)) { in sme_send_authentication()
871 os_memcpy(wpa_s->sme.assoc_req_ie + in sme_send_authentication()
872 wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
873 wpabuf_head(wpa_s->fst_ies), in sme_send_authentication()
875 wpa_s->sme.assoc_req_ie_len += fst_ies_len; in sme_send_authentication()
883 wpa_s->sme.assoc_req_ie_len += wpas_supp_op_class_ie( in sme_send_authentication()
885 wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
886 sizeof(wpa_s->sme.assoc_req_ie) - wpa_s->sme.assoc_req_ie_len); in sme_send_authentication()
897 u8 *pos = wpa_s->sme.assoc_req_ie; in sme_send_authentication()
898 if (wpa_s->sme.assoc_req_ie_len > 0 && pos[0] == WLAN_EID_RSN) in sme_send_authentication()
901 wpa_s->sme.assoc_req_ie_len - in sme_send_authentication()
902 (pos - wpa_s->sme.assoc_req_ie)); in sme_send_authentication()
903 wpa_s->sme.assoc_req_ie_len += ext_capab_len; in sme_send_authentication()
907 if (ssid->max_idle && wpa_s->sme.assoc_req_ie_len + 5 <= in sme_send_authentication()
908 sizeof(wpa_s->sme.assoc_req_ie)) { in sme_send_authentication()
909 u8 *pos = wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len; in sme_send_authentication()
913 WPA_PUT_LE16(pos, ssid->max_idle); in sme_send_authentication()
916 wpa_s->sme.assoc_req_ie_len += 5; in sme_send_authentication()
920 if (wpa_s->rsnxe_override_assoc && in sme_send_authentication()
921 wpabuf_len(wpa_s->rsnxe_override_assoc) <= in sme_send_authentication()
922 sizeof(wpa_s->sme.assoc_req_ie) - wpa_s->sme.assoc_req_ie_len) { in sme_send_authentication()
924 os_memcpy(wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
925 wpabuf_head(wpa_s->rsnxe_override_assoc), in sme_send_authentication()
926 wpabuf_len(wpa_s->rsnxe_override_assoc)); in sme_send_authentication()
927 wpa_s->sme.assoc_req_ie_len += in sme_send_authentication()
928 wpabuf_len(wpa_s->rsnxe_override_assoc); in sme_send_authentication()
931 if (wpa_s->rsnxe_len > 0 && in sme_send_authentication()
932 wpa_s->rsnxe_len <= in sme_send_authentication()
933 sizeof(wpa_s->sme.assoc_req_ie) - wpa_s->sme.assoc_req_ie_len && in sme_send_authentication()
935 os_memcpy(wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
936 wpa_s->rsnxe, wpa_s->rsnxe_len); in sme_send_authentication()
937 wpa_s->sme.assoc_req_ie_len += wpa_s->rsnxe_len; in sme_send_authentication()
952 len = sizeof(wpa_s->sme.assoc_req_ie) - in sme_send_authentication()
953 wpa_s->sme.assoc_req_ie_len; in sme_send_authentication()
955 os_memcpy(wpa_s->sme.assoc_req_ie + in sme_send_authentication()
956 wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
958 wpa_s->sme.assoc_req_ie_len += wpabuf_len(hs20); in sme_send_authentication()
970 len = sizeof(wpa_s->sme.assoc_req_ie) - in sme_send_authentication()
971 wpa_s->sme.assoc_req_ie_len; in sme_send_authentication()
974 os_memcpy(wpa_s->sme.assoc_req_ie + in sme_send_authentication()
975 wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
977 wpa_s->sme.assoc_req_ie_len += wpa_ie_len; in sme_send_authentication()
985 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) { in sme_send_authentication()
986 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]; in sme_send_authentication()
989 len = sizeof(wpa_s->sme.assoc_req_ie) - in sme_send_authentication()
990 wpa_s->sme.assoc_req_ie_len; in sme_send_authentication()
992 os_memcpy(wpa_s->sme.assoc_req_ie + in sme_send_authentication()
993 wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
995 wpa_s->sme.assoc_req_ie_len += wpabuf_len(buf); in sme_send_authentication()
1001 if (!wpa_s->disable_mbo_oce && mbo_ie) { in sme_send_authentication()
1004 len = wpas_mbo_ie(wpa_s, wpa_s->sme.assoc_req_ie + in sme_send_authentication()
1005 wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
1006 sizeof(wpa_s->sme.assoc_req_ie) - in sme_send_authentication()
1007 wpa_s->sme.assoc_req_ie_len, in sme_send_authentication()
1011 wpa_s->sme.assoc_req_ie_len += len; in sme_send_authentication()
1017 pmksa_cache_set_current(wpa_s->wpa, NULL, in sme_send_authentication()
1019 bss->bssid, in sme_send_authentication()
1022 wpa_key_mgmt_sae(wpa_s->key_mgmt) ? in sme_send_authentication()
1023 wpa_s->key_mgmt : in sme_send_authentication()
1026 "PMKSA cache entry found - try to use PMKSA caching instead of new SAE authentication"); in sme_send_authentication()
1027 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); in sme_send_authentication()
1029 wpa_s->sme.sae_pmksa_caching = 1; in sme_send_authentication()
1035 bss->bssid, in sme_send_authentication()
1044 wpas_connection_failed(wpa_s, bss->bssid, NULL); in sme_send_authentication()
1049 wpa_s->sme.sae.state = start ? SAE_COMMITTED : SAE_CONFIRMED; in sme_send_authentication()
1053 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); in sme_send_authentication()
1054 os_memset(wpa_s->bssid, 0, ETH_ALEN); in sme_send_authentication()
1055 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); in sme_send_authentication()
1059 old_ssid = wpa_s->current_ssid; in sme_send_authentication()
1060 wpa_s->current_ssid = ssid; in sme_send_authentication()
1061 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); in sme_send_authentication()
1062 wpa_sm_set_ssid(wpa_s->wpa, bss->ssid, bss->ssid_len); in sme_send_authentication()
1070 wpa_key_mgmt_fils(ssid->key_mgmt)) { in sme_send_authentication()
1080 * configuration (ssid->fils_dh_group). Try to use FILS in sme_send_authentication()
1086 " does not include FILS Indication element - cannot use FILS authentication with it", in sme_send_authentication()
1087 MAC2STR(bss->bssid)); in sme_send_authentication()
1092 if (ssid->fils_dh_group == 0 && !(fils_info & BIT(9))) { in sme_send_authentication()
1094 " does not support FILS SK without PFS - cannot use FILS authentication with it", in sme_send_authentication()
1095 MAC2STR(bss->bssid)); in sme_send_authentication()
1098 if (ssid->fils_dh_group != 0 && !(fils_info & BIT(10))) { in sme_send_authentication()
1100 " does not support FILS SK with PFS - cannot use FILS authentication with it", in sme_send_authentication()
1101 MAC2STR(bss->bssid)); in sme_send_authentication()
1105 if (wpa_s->last_con_fail_realm && in sme_send_authentication()
1106 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, in sme_send_authentication()
1110 realm && realm_len == wpa_s->last_con_fail_realm_len && in sme_send_authentication()
1111 os_memcmp(realm, wpa_s->last_con_fail_realm, in sme_send_authentication()
1114 … "SME: FILS authentication for this realm failed last time - try to regenerate ERP key hierarchy"); in sme_send_authentication()
1118 if (pmksa_cache_set_current(wpa_s->wpa, NULL, in sme_send_authentication()
1120 bss->bssid, in sme_send_authentication()
1126 resp = fils_build_auth(wpa_s->wpa, ssid->fils_dh_group, md); in sme_send_authentication()
1130 if (ssid->fils_dh_group) in sme_send_authentication()
1133 ssid->fils_dh_group); in sme_send_authentication()
1137 auth_alg = ssid->fils_dh_group ? in sme_send_authentication()
1142 wpa_s->sme.auth_alg = auth_alg; in sme_send_authentication()
1155 eapol_sm_notify_portValid(wpa_s->eapol, false); in sme_send_authentication()
1156 wpa_clear_keys(wpa_s, bss->bssid); in sme_send_authentication()
1158 if (old_ssid != wpa_s->current_ssid) in sme_send_authentication()
1167 * If multi-channel concurrency is not supported, check for any in sme_send_authentication()
1171 if (wpa_s->num_multichan_concurrent < 2) { in sme_send_authentication()
1181 wpas_connection_failed(wpa_s, bss->bssid, NULL); in sme_send_authentication()
1193 "SME: Skip authentication step on reassoc-to-same-BSS"); in sme_send_authentication()
1195 sme_associate(wpa_s, ssid->mode, bss->bssid, WLAN_AUTH_OPEN); in sme_send_authentication()
1200 wpa_s->sme.auth_alg = params.auth_alg; in sme_send_authentication()
1204 wpas_connection_failed(wpa_s, bss->bssid, NULL); in sme_send_authentication()
1225 struct wpa_connect_work *cwork = work->ctx; in sme_auth_start_cb()
1226 struct wpa_supplicant *wpa_s = work->wpa_s; in sme_auth_start_cb()
1228 wpa_s->roam_in_progress = false; in sme_auth_start_cb()
1230 wpa_s->bss_trans_mgmt_in_progress = false; in sme_auth_start_cb()
1234 if (work->started) in sme_auth_start_cb()
1235 wpa_s->connect_work = NULL; in sme_auth_start_cb()
1241 wpa_s->connect_work = work; in sme_auth_start_cb()
1243 if (cwork->bss_removed || in sme_auth_start_cb()
1244 !wpas_valid_bss_ssid(wpa_s, cwork->bss, cwork->ssid) || in sme_auth_start_cb()
1245 wpas_network_disabled(wpa_s, cwork->ssid)) { in sme_auth_start_cb()
1246 …wpa_dbg(wpa_s, MSG_DEBUG, "SME: BSS/SSID entry for authentication not valid anymore - drop connect… in sme_auth_start_cb()
1253 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); in sme_auth_start_cb()
1254 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); in sme_auth_start_cb()
1255 wpa_s->rsnxe_len = 0; in sme_auth_start_cb()
1257 sme_send_authentication(wpa_s, cwork->bss, cwork->ssid, 1); in sme_auth_start_cb()
1269 if (wpa_s->connect_work) { in sme_authenticate()
1274 if (wpa_s->roam_in_progress) { in sme_authenticate()
1280 if (wpa_s->bss_trans_mgmt_in_progress) { in sme_authenticate()
1286 if (radio_work_pending(wpa_s, "sme-connect")) { in sme_authenticate()
1288 * The previous sme-connect work might no longer be valid due to in sme_authenticate()
1293 "SME: Remove previous pending sme-connect"); in sme_authenticate()
1294 radio_remove_works(wpa_s, "sme-connect", 0); in sme_authenticate()
1302 cwork->bss = bss; in sme_authenticate()
1303 cwork->ssid = ssid; in sme_authenticate()
1304 cwork->sme = 1; in sme_authenticate()
1307 wpa_s->sme.sae.state = SAE_NOTHING; in sme_authenticate()
1308 wpa_s->sme.sae.send_confirm = 0; in sme_authenticate()
1309 wpa_s->sme.sae_group_index = 0; in sme_authenticate()
1312 if (radio_add_work(wpa_s, bss->freq, "sme-connect", 1, in sme_authenticate()
1326 wpabuf_put_u8(buf, 4 + ETH_ALEN); in wpa_auth_ml_ie()
1329 /* Basic Multi-Link element Control field */ in wpa_auth_ml_ie()
1350 resp->frame_control = host_to_le16((WLAN_FC_TYPE_MGMT << 2) | in sme_external_auth_build_buf()
1351 (WLAN_FC_STYPE_AUTH << 4)); in sme_external_auth_build_buf()
1352 os_memcpy(resp->da, da, ETH_ALEN); in sme_external_auth_build_buf()
1353 os_memcpy(resp->sa, sa, ETH_ALEN); in sme_external_auth_build_buf()
1354 os_memcpy(resp->bssid, da, ETH_ALEN); in sme_external_auth_build_buf()
1355 resp->u.auth.auth_alg = host_to_le16(WLAN_AUTH_SAE); in sme_external_auth_build_buf()
1356 resp->seq_ctrl = host_to_le16(seq_num << 4); in sme_external_auth_build_buf()
1357 resp->u.auth.auth_transaction = host_to_le16(auth_transaction); in sme_external_auth_build_buf()
1358 resp->u.auth.status_code = host_to_le16(status_code); in sme_external_auth_build_buf()
1379 wpa_s->sme.ext_ml_auth ? in sme_external_auth_send_sae_commit()
1380 wpa_s->sme.ext_auth_ap_mld_addr : NULL, in sme_external_auth_send_sae_commit()
1384 return -1; in sme_external_auth_send_sae_commit()
1387 wpa_s->sme.sae.state = SAE_COMMITTED; in sme_external_auth_send_sae_commit()
1388 buf = wpabuf_alloc(4 + SAE_COMMIT_MAX_LEN + wpabuf_len(resp) + in sme_external_auth_send_sae_commit()
1389 (wpa_s->sme.ext_ml_auth ? WPA_AUTH_FRAME_ML_IE_LEN : in sme_external_auth_send_sae_commit()
1393 return -1; in sme_external_auth_send_sae_commit()
1396 wpa_s->sme.seq_num++; in sme_external_auth_send_sae_commit()
1403 sme_external_auth_build_buf(buf, resp, wpa_s->own_addr, in sme_external_auth_send_sae_commit()
1404 wpa_s->sme.ext_ml_auth ? in sme_external_auth_send_sae_commit()
1405 wpa_s->sme.ext_auth_ap_mld_addr : bssid, 1, in sme_external_auth_send_sae_commit()
1406 wpa_s->sme.seq_num, status, in sme_external_auth_send_sae_commit()
1407 wpa_s->sme.ext_ml_auth ? in sme_external_auth_send_sae_commit()
1408 wpa_s->own_addr : NULL); in sme_external_auth_send_sae_commit()
1422 wpa_s->sme.ext_auth_wpa_ssid = NULL; in sme_send_external_auth_status()
1425 params.ssid = wpa_s->sme.ext_auth_ssid; in sme_send_external_auth_status()
1426 params.ssid_len = wpa_s->sme.ext_auth_ssid_len; in sme_send_external_auth_status()
1427 params.bssid = wpa_s->sme.ext_auth_bssid; in sme_send_external_auth_status()
1428 if (wpa_s->conf->sae_pmkid_in_assoc && status == WLAN_STATUS_SUCCESS) in sme_send_external_auth_status()
1429 params.pmkid = wpa_s->sme.sae.pmkid; in sme_send_external_auth_status()
1438 size_t ssid_str_len = data->external_auth.ssid_len; in sme_handle_external_auth_start()
1439 const u8 *ssid_str = data->external_auth.ssid; in sme_handle_external_auth_start()
1441 wpa_s->sme.ext_auth_wpa_ssid = NULL; in sme_handle_external_auth_start()
1443 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { in sme_handle_external_auth_start()
1445 ssid_str_len == ssid->ssid_len && in sme_handle_external_auth_start()
1446 os_memcmp(ssid_str, ssid->ssid, ssid_str_len) == 0 && in sme_handle_external_auth_start()
1447 wpa_key_mgmt_sae(ssid->key_mgmt)) { in sme_handle_external_auth_start()
1449 wpa_s_setup_sae_pt(wpa_s->conf, ssid, false); in sme_handle_external_auth_start()
1450 wpa_s->sme.ext_auth_wpa_ssid = ssid; in sme_handle_external_auth_start()
1455 sme_external_auth_send_sae_commit(wpa_s, data->external_auth.bssid, in sme_handle_external_auth_start()
1457 return -1; in sme_handle_external_auth_start()
1474 wpa_s->sme.sae.state = SAE_CONFIRMED; in sme_external_auth_send_sae_confirm()
1475 buf = wpabuf_alloc(4 + SAE_CONFIRM_MAX_LEN + wpabuf_len(resp) + in sme_external_auth_send_sae_confirm()
1476 (wpa_s->sme.ext_ml_auth ? WPA_AUTH_FRAME_ML_IE_LEN : in sme_external_auth_send_sae_confirm()
1483 wpa_s->sme.seq_num++; in sme_external_auth_send_sae_confirm()
1484 sme_external_auth_build_buf(buf, resp, wpa_s->own_addr, in sme_external_auth_send_sae_confirm()
1485 da, 2, wpa_s->sme.seq_num, in sme_external_auth_send_sae_confirm()
1487 wpa_s->sme.ext_ml_auth ? in sme_external_auth_send_sae_confirm()
1488 wpa_s->own_addr : NULL); in sme_external_auth_send_sae_confirm()
1506 * for both SAE and FT-SAE connections. In that case, determine in is_sae_key_mgmt_suite()
1507 * the actual AKM from wpa_s->key_mgmt. */ in is_sae_key_mgmt_suite()
1508 wpa_s->sme.ext_auth_key_mgmt = wpa_s->key_mgmt; in is_sae_key_mgmt_suite()
1513 wpa_s->sme.ext_auth_key_mgmt = WPA_KEY_MGMT_SAE; in is_sae_key_mgmt_suite()
1515 wpa_s->sme.ext_auth_key_mgmt = WPA_KEY_MGMT_FT_SAE; in is_sae_key_mgmt_suite()
1517 wpa_s->sme.ext_auth_key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY; in is_sae_key_mgmt_suite()
1519 wpa_s->sme.ext_auth_key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY; in is_sae_key_mgmt_suite()
1530 if (!is_sae_key_mgmt_suite(wpa_s, data->external_auth.key_mgmt_suite)) in sme_external_auth_trigger()
1533 if (data->external_auth.action == EXT_AUTH_START) { in sme_external_auth_trigger()
1534 if (!data->external_auth.bssid || !data->external_auth.ssid) in sme_external_auth_trigger()
1536 os_memcpy(wpa_s->sme.ext_auth_bssid, data->external_auth.bssid, in sme_external_auth_trigger()
1538 os_memcpy(wpa_s->sme.ext_auth_ssid, data->external_auth.ssid, in sme_external_auth_trigger()
1539 data->external_auth.ssid_len); in sme_external_auth_trigger()
1540 wpa_s->sme.ext_auth_ssid_len = data->external_auth.ssid_len; in sme_external_auth_trigger()
1541 if (data->external_auth.mld_addr) { in sme_external_auth_trigger()
1542 wpa_s->sme.ext_ml_auth = true; in sme_external_auth_trigger()
1543 os_memcpy(wpa_s->sme.ext_auth_ap_mld_addr, in sme_external_auth_trigger()
1544 data->external_auth.mld_addr, ETH_ALEN); in sme_external_auth_trigger()
1546 wpa_s->sme.ext_ml_auth = false; in sme_external_auth_trigger()
1548 wpa_s->sme.seq_num = 0; in sme_external_auth_trigger()
1549 wpa_s->sme.sae.state = SAE_NOTHING; in sme_external_auth_trigger()
1550 wpa_s->sme.sae.send_confirm = 0; in sme_external_auth_trigger()
1551 wpa_s->sme.sae_group_index = 0; in sme_external_auth_trigger()
1555 } else if (data->external_auth.action == EXT_AUTH_ABORT) { in sme_external_auth_trigger()
1565 int *groups = wpa_s->conf->sae_groups; in sme_sae_is_group_enabled()
1623 if (ieee802_11_parse_elems(data + ie_offset, len - ie_offset, in sme_external_ml_auth()
1626 return -1; in sme_external_ml_auth()
1635 return -1; in sme_external_ml_auth()
1636 /* Accept missing Multi-Link element in failed authentication in sme_external_ml_auth()
1644 return -1; in sme_external_ml_auth()
1649 if (!ether_addr_equal(wpa_s->sme.ext_auth_ap_mld_addr, mld_addr)) { in sme_external_ml_auth()
1652 MAC2STR(wpa_s->sme.ext_auth_ap_mld_addr)); in sme_external_ml_auth()
1653 return -1; in sme_external_ml_auth()
1671 wpa_s->sme.sae.state == SAE_COMMITTED && in sme_sae_auth()
1672 ((external && wpa_s->sme.ext_auth_wpa_ssid) || in sme_sae_auth()
1673 (!external && wpa_s->current_bss && wpa_s->current_ssid))) { in sme_sae_auth()
1680 groups = wpa_s->conf->sae_groups; in sme_sae_auth()
1684 wpa_hexdump(MSG_DEBUG, "SME: SAE anti-clogging token request", in sme_sae_auth()
1688 "SME: Too short SAE anti-clogging token request"); in sme_sae_auth()
1689 return -1; in sme_sae_auth()
1693 "SME: SAE anti-clogging token requested (group %u)", in sme_sae_auth()
1695 if (sae_group_allowed(&wpa_s->sme.sae, groups, group) != in sme_sae_auth()
1698 "SME: SAE group %u of anti-clogging request is invalid", in sme_sae_auth()
1700 return -1; in sme_sae_auth()
1702 wpabuf_free(wpa_s->sme.sae_token); in sme_sae_auth()
1704 token_len = len - sizeof(le16); in sme_sae_auth()
1705 h2e = wpa_s->sme.sae.h2e; in sme_sae_auth()
1711 "SME: Too short SAE anti-clogging token container"); in sme_sae_auth()
1712 return -1; in sme_sae_auth()
1718 elen == 0 || elen > token_len - 2 || in sme_sae_auth()
1721 "SME: Invalid SAE anti-clogging token container header"); in sme_sae_auth()
1722 return -1; in sme_sae_auth()
1724 token_len = elen - 1; in sme_sae_auth()
1727 *ie_offset = token_pos + token_len - data; in sme_sae_auth()
1729 wpa_s->sme.sae_token = wpabuf_alloc_copy(token_pos, token_len); in sme_sae_auth()
1730 if (!wpa_s->sme.sae_token) { in sme_sae_auth()
1733 return -1; in sme_sae_auth()
1736 wpa_hexdump_buf(MSG_DEBUG, "SME: Requested anti-clogging token", in sme_sae_auth()
1737 wpa_s->sme.sae_token); in sme_sae_auth()
1739 sme_send_authentication(wpa_s, wpa_s->current_bss, in sme_sae_auth()
1740 wpa_s->current_ssid, 2); in sme_sae_auth()
1742 if (wpa_s->sme.ext_ml_auth && in sme_sae_auth()
1745 return -1; in sme_sae_auth()
1748 wpa_s, wpa_s->sme.ext_auth_bssid, in sme_sae_auth()
1749 wpa_s->sme.ext_auth_wpa_ssid); in sme_sae_auth()
1756 wpa_s->sme.sae.state == SAE_COMMITTED && in sme_sae_auth()
1757 ((external && wpa_s->sme.ext_auth_wpa_ssid) || in sme_sae_auth()
1758 (!external && wpa_s->current_bss && wpa_s->current_ssid))) { in sme_sae_auth()
1760 int_array_add_unique(&wpa_s->sme.sae_rejected_groups, in sme_sae_auth()
1761 wpa_s->sme.sae.group); in sme_sae_auth()
1762 wpa_s->sme.sae_group_index++; in sme_sae_auth()
1764 return -1; /* no other groups enabled */ in sme_sae_auth()
1767 sme_send_authentication(wpa_s, wpa_s->current_bss, in sme_sae_auth()
1768 wpa_s->current_ssid, 1); in sme_sae_auth()
1770 if (wpa_s->sme.ext_ml_auth && in sme_sae_auth()
1773 return -1; in sme_sae_auth()
1776 wpa_s, wpa_s->sme.ext_auth_bssid, in sme_sae_auth()
1777 wpa_s->sme.ext_auth_wpa_ssid); in sme_sae_auth()
1784 const u8 *bssid = sa ? sa : wpa_s->pending_bssid; in sme_sae_auth()
1789 return -1; in sme_sae_auth()
1795 const u8 *bssid = sa ? sa : wpa_s->pending_bssid; in sme_sae_auth()
1801 return -2; in sme_sae_auth()
1807 groups = wpa_s->conf->sae_groups; in sme_sae_auth()
1810 if ((external && !wpa_s->sme.ext_auth_wpa_ssid) || in sme_sae_auth()
1812 (!wpa_s->current_bss || !wpa_s->current_ssid))) in sme_sae_auth()
1813 return -1; in sme_sae_auth()
1814 if (wpa_s->sme.sae.state != SAE_COMMITTED) { in sme_sae_auth()
1819 if (wpa_s->sme.sae.h2e && status_code == WLAN_STATUS_SUCCESS) { in sme_sae_auth()
1822 return -1; in sme_sae_auth()
1824 if ((!wpa_s->sme.sae.h2e || wpa_s->sme.sae.pk) && in sme_sae_auth()
1828 return -1; in sme_sae_auth()
1830 if (!wpa_s->sme.sae.pk && in sme_sae_auth()
1834 return -1; in sme_sae_auth()
1839 res = sae_parse_commit(&wpa_s->sme.sae, data, len, NULL, NULL, in sme_sae_auth()
1850 return -1; in sme_sae_auth()
1852 if (wpa_s->sme.sae.tmp && in sme_sae_auth()
1855 wpa_s->sme.sae.tmp->peer_rejected_groups)) in sme_sae_auth()
1856 return -1; in sme_sae_auth()
1858 if (sae_process_commit(&wpa_s->sme.sae) < 0) { in sme_sae_auth()
1861 return -1; in sme_sae_auth()
1864 wpabuf_free(wpa_s->sme.sae_token); in sme_sae_auth()
1865 wpa_s->sme.sae_token = NULL; in sme_sae_auth()
1867 sme_send_authentication(wpa_s, wpa_s->current_bss, in sme_sae_auth()
1868 wpa_s->current_ssid, 0); in sme_sae_auth()
1870 if (wpa_s->sme.ext_ml_auth && in sme_sae_auth()
1873 return -1; in sme_sae_auth()
1880 return -1; in sme_sae_auth()
1882 if (wpa_s->sme.sae.state != SAE_CONFIRMED) in sme_sae_auth()
1883 return -1; in sme_sae_auth()
1884 if (sae_check_confirm(&wpa_s->sme.sae, data, len, in sme_sae_auth()
1886 return -1; in sme_sae_auth()
1887 if (external && wpa_s->sme.ext_ml_auth && in sme_sae_auth()
1890 return -1; in sme_sae_auth()
1892 wpa_s->sme.sae.state = SAE_ACCEPTED; in sme_sae_auth()
1893 sae_clear_temp_data(&wpa_s->sme.sae); in sme_sae_auth()
1905 return -1; in sme_sae_auth()
1912 "SME: SAE completed - setting PMK for 4-way handshake"); in sme_sae_set_pmk()
1913 wpa_sm_set_pmk(wpa_s->wpa, wpa_s->sme.sae.pmk, wpa_s->sme.sae.pmk_len, in sme_sae_set_pmk()
1914 wpa_s->sme.sae.pmkid, bssid); in sme_sae_set_pmk()
1915 if (wpa_s->conf->sae_pmkid_in_assoc) { in sme_sae_set_pmk()
1920 if (wpa_s->sme.assoc_req_ie_len + 2 + PMKID_LEN > in sme_sae_set_pmk()
1921 sizeof(wpa_s->sme.assoc_req_ie)) { in sme_sae_set_pmk()
1924 return -1; in sme_sae_set_pmk()
1926 if (wpa_insert_pmkid(wpa_s->sme.assoc_req_ie, in sme_sae_set_pmk()
1927 &wpa_s->sme.assoc_req_ie_len, in sme_sae_set_pmk()
1928 wpa_s->sme.sae.pmkid, true) < 0) in sme_sae_set_pmk()
1929 return -1; in sme_sae_set_pmk()
1932 wpa_s->sme.assoc_req_ie, in sme_sae_set_pmk()
1933 wpa_s->sme.assoc_req_ie_len); in sme_sae_set_pmk()
1947 auth_length = IEEE80211_HDRLEN + sizeof(header->u.auth); in sme_external_auth_mgmt_rx()
1956 if (le_to_host16(header->u.auth.auth_alg) == WLAN_AUTH_SAE) { in sme_external_auth_mgmt_rx()
1961 wpa_s, le_to_host16(header->u.auth.auth_transaction), in sme_external_auth_mgmt_rx()
1962 le_to_host16(header->u.auth.status_code), in sme_external_auth_mgmt_rx()
1963 header->u.auth.variable, in sme_external_auth_mgmt_rx()
1964 len - auth_length, 1, header->sa, &ie_offset); in sme_external_auth_mgmt_rx()
1969 res == -2 ? in sme_external_auth_mgmt_rx()
1970 le_to_host16(header->u.auth.status_code) : in sme_external_auth_mgmt_rx()
1978 wpa_s->sme.ext_ml_auth ? in sme_external_auth_mgmt_rx()
1979 wpa_s->sme.ext_auth_ap_mld_addr : in sme_external_auth_mgmt_rx()
1980 wpa_s->sme.ext_auth_bssid) < 0) in sme_external_auth_mgmt_rx()
1990 struct wpa_ssid *ssid = wpa_s->current_ssid; in sme_event_auth()
1999 if (wpa_s->wpa_state != WPA_AUTHENTICATING) { in sme_event_auth()
2005 if (!ether_addr_equal(wpa_s->pending_bssid, data->auth.peer) && in sme_event_auth()
2006 !(wpa_s->valid_links && in sme_event_auth()
2007 ether_addr_equal(wpa_s->ap_mld_addr, data->auth.peer))) { in sme_event_auth()
2010 MAC2STR(data->auth.peer)); in sme_event_auth()
2016 MAC2STR(data->auth.peer), data->auth.auth_type, in sme_event_auth()
2017 data->auth.auth_transaction, data->auth.status_code); in sme_event_auth()
2019 data->auth.ies, data->auth.ies_len); in sme_event_auth()
2024 if (data->auth.auth_type == WLAN_AUTH_SAE) { in sme_event_auth()
2025 const u8 *addr = wpa_s->pending_bssid; in sme_event_auth()
2028 res = sme_sae_auth(wpa_s, data->auth.auth_transaction, in sme_event_auth()
2029 data->auth.status_code, data->auth.ies, in sme_event_auth()
2030 data->auth.ies_len, 0, data->auth.peer, in sme_event_auth()
2033 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, in sme_event_auth()
2037 if (wpa_s->sme.sae_rejected_groups && in sme_event_auth()
2038 ssid->disabled_until.sec) { in sme_event_auth()
2047 if (wpa_s->valid_links) in sme_event_auth()
2048 addr = wpa_s->ap_mld_addr; in sme_event_auth()
2055 if (data->auth.status_code != WLAN_STATUS_SUCCESS) { in sme_event_auth()
2058 if (data->auth.ies && data->auth.ies_len) { in sme_event_auth()
2059 size_t buflen = 2 * data->auth.ies_len + 1; in sme_event_auth()
2062 wpa_snprintf_hex(ie_txt, buflen, data->auth.ies, in sme_event_auth()
2063 data->auth.ies_len); in sme_event_auth()
2068 MAC2STR(data->auth.peer), data->auth.auth_type, in sme_event_auth()
2069 data->auth.auth_transaction, data->auth.status_code, in sme_event_auth()
2075 if (wpa_s->sme.auth_alg == WPA_AUTH_ALG_FILS || in sme_event_auth()
2076 wpa_s->sme.auth_alg == WPA_AUTH_ALG_FILS_SK_PFS) in sme_event_auth()
2080 if (data->auth.status_code != in sme_event_auth()
2082 wpa_s->sme.auth_alg == data->auth.auth_type || in sme_event_auth()
2083 wpa_s->current_ssid->auth_alg == WPA_AUTH_ALG_LEAP) { in sme_event_auth()
2084 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, in sme_event_auth()
2092 switch (data->auth.auth_type) { in sme_event_auth()
2094 wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_SHARED; in sme_event_auth()
2097 wpa_supplicant_associate(wpa_s, wpa_s->current_bss, in sme_event_auth()
2098 wpa_s->current_ssid); in sme_event_auth()
2102 wpa_s->current_ssid->auth_alg = WPA_AUTH_ALG_LEAP; in sme_event_auth()
2105 wpa_supplicant_associate(wpa_s, wpa_s->current_bss, in sme_event_auth()
2106 wpa_s->current_ssid); in sme_event_auth()
2115 if (data->auth.auth_type == WLAN_AUTH_FT) { in sme_event_auth()
2119 if (wpa_s->ric_ies) { in sme_event_auth()
2120 ric_ies = wpabuf_head(wpa_s->ric_ies); in sme_event_auth()
2121 ric_ies_len = wpabuf_len(wpa_s->ric_ies); in sme_event_auth()
2123 if (wpa_ft_process_response(wpa_s->wpa, data->auth.ies, in sme_event_auth()
2124 data->auth.ies_len, 0, in sme_event_auth()
2125 data->auth.peer, in sme_event_auth()
2132 MAC2STR(wpa_s->pending_bssid), in sme_event_auth()
2134 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, in sme_event_auth()
2143 if (data->auth.auth_type == WLAN_AUTH_FILS_SK || in sme_event_auth()
2144 data->auth.auth_type == WLAN_AUTH_FILS_SK_PFS) { in sme_event_auth()
2147 expect_auth_type = wpa_s->sme.auth_alg == in sme_event_auth()
2150 if (data->auth.auth_type != expect_auth_type) { in sme_event_auth()
2153 data->auth.auth_type, expect_auth_type); in sme_event_auth()
2157 MAC2STR(wpa_s->pending_bssid), in sme_event_auth()
2159 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, in sme_event_auth()
2165 if (fils_process_auth(wpa_s->wpa, wpa_s->pending_bssid, in sme_event_auth()
2166 data->auth.ies, data->auth.ies_len) < 0) { in sme_event_auth()
2172 MAC2STR(wpa_s->pending_bssid), in sme_event_auth()
2174 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, in sme_event_auth()
2183 if ((data->auth.auth_type == WLAN_AUTH_OPEN || in sme_event_auth()
2184 data->auth.auth_type == WLAN_AUTH_SAE) && in sme_event_auth()
2190 MAC2STR(wpa_s->pending_bssid), in sme_event_auth()
2192 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, NULL); in sme_event_auth()
2196 "MLD: Authentication - clearing MLD state"); in sme_event_auth()
2201 sme_associate(wpa_s, ssid->mode, data->auth.peer, in sme_event_auth()
2202 data->auth.auth_type); in sme_event_auth()
2215 *len -= 2 + pos[1]; in remove_ie()
2216 os_memmove(pos, next, end - next); in remove_ie()
2227 struct wpa_ssid *ssid = wpa_s->current_ssid; in sme_associate()
2243 wpa_s->sme.assoc_auth_type = auth_type; in sme_associate()
2255 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, in sme_associate()
2258 wpabuf_len(req->pkt)); in sme_associate()
2261 wpabuf_put_data(hlp[num_hlp], req->dst, ETH_ALEN); in sme_associate()
2262 wpabuf_put_data(hlp[num_hlp], wpa_s->own_addr, in sme_associate()
2266 wpabuf_put_buf(hlp[num_hlp], req->pkt); in sme_associate()
2272 buf = fils_build_assoc_req(wpa_s->wpa, ¶ms.fils_kek, in sme_associate()
2282 wpa_s->sme.assoc_req_ie, in sme_associate()
2283 wpa_s->sme.assoc_req_ie_len); in sme_associate()
2285 if (wpa_key_mgmt_ft(wpa_s->key_mgmt)) { in sme_associate()
2289 remove_ie(wpa_s->sme.assoc_req_ie, in sme_associate()
2290 &wpa_s->sme.assoc_req_ie_len, in sme_associate()
2294 wpa_s->sme.assoc_req_ie, in sme_associate()
2295 wpa_s->sme.assoc_req_ie_len); in sme_associate()
2296 remove_ie(wpa_s->sme.assoc_req_ie, in sme_associate()
2297 &wpa_s->sme.assoc_req_ie_len, in sme_associate()
2301 wpa_s->sme.assoc_req_ie, in sme_associate()
2302 wpa_s->sme.assoc_req_ie_len); in sme_associate()
2305 /* TODO: Make wpa_s->sme.assoc_req_ie use dynamic allocation */ in sme_associate()
2306 if (wpa_s->sme.assoc_req_ie_len + wpabuf_len(buf) > in sme_associate()
2307 sizeof(wpa_s->sme.assoc_req_ie)) { in sme_associate()
2313 os_memcpy(wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, in sme_associate()
2315 wpa_s->sme.assoc_req_ie_len += wpabuf_len(buf); in sme_associate()
2318 wpa_s->sme.assoc_req_ie, in sme_associate()
2319 wpa_s->sme.assoc_req_ie_len); in sme_associate()
2330 if (get_ie_ext(wpa_s->sme.assoc_req_ie, wpa_s->sme.assoc_req_ie_len, in sme_associate()
2336 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) { in sme_associate()
2340 if (ssid && ssid->owe_group) { in sme_associate()
2341 group = ssid->owe_group; in sme_associate()
2342 } else if (wpa_s->assoc_status_code == in sme_associate()
2344 if (wpa_s->last_owe_group == 19) in sme_associate()
2346 else if (wpa_s->last_owe_group == 20) in sme_associate()
2354 wpa_s->last_owe_group = group; in sme_associate()
2356 owe_ie = owe_build_assoc_req(wpa_s->wpa, group); in sme_associate()
2362 if (wpa_s->sme.assoc_req_ie_len + wpabuf_len(owe_ie) > in sme_associate()
2363 sizeof(wpa_s->sme.assoc_req_ie)) { in sme_associate()
2369 os_memcpy(wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, in sme_associate()
2371 wpa_s->sme.assoc_req_ie_len += wpabuf_len(owe_ie); in sme_associate()
2377 if (DPP_VERSION > 1 && wpa_s->key_mgmt == WPA_KEY_MGMT_DPP && ssid && in sme_associate()
2378 ssid->dpp_netaccesskey && ssid->dpp_pfs != 2 && in sme_associate()
2379 !ssid->dpp_pfs_fallback) { in sme_associate()
2382 pmksa = pmksa_cache_get_current(wpa_s->wpa); in sme_associate()
2383 if (!pmksa || !pmksa->dpp_pfs) in sme_associate()
2386 dpp_pfs_free(wpa_s->dpp_pfs); in sme_associate()
2387 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey, in sme_associate()
2388 ssid->dpp_netaccesskey_len); in sme_associate()
2389 if (!wpa_s->dpp_pfs) { in sme_associate()
2394 if (wpa_s->sme.assoc_req_ie_len + in sme_associate()
2395 wpabuf_len(wpa_s->dpp_pfs->ie) > in sme_associate()
2396 sizeof(wpa_s->sme.assoc_req_ie)) { in sme_associate()
2399 dpp_pfs_free(wpa_s->dpp_pfs); in sme_associate()
2400 wpa_s->dpp_pfs = NULL; in sme_associate()
2403 os_memcpy(wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, in sme_associate()
2404 wpabuf_head(wpa_s->dpp_pfs->ie), in sme_associate()
2405 wpabuf_len(wpa_s->dpp_pfs->ie)); in sme_associate()
2406 wpa_s->sme.assoc_req_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie); in sme_associate()
2412 wpa_s->mscs_setup_done = false; in sme_associate()
2413 if (wpa_bss_ext_capab(wpa_s->current_bss, WLAN_EXT_CAPAB_MSCS) && in sme_associate()
2414 wpa_s->robust_av.valid_config) { in sme_associate()
2421 4 + /* Stream timeout */ in sme_associate()
2423 wpa_s->robust_av.frame_classifier_len; in sme_associate()
2431 wpa_ie_len = &wpa_s->sme.assoc_req_ie_len; in sme_associate()
2432 max_ie_len = sizeof(wpa_s->sme.assoc_req_ie); in sme_associate()
2433 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie); in sme_associate()
2437 os_memcpy(wpa_s->sme.assoc_req_ie + *wpa_ie_len, in sme_associate()
2447 if (ssid && ssid->multi_ap_backhaul_sta) { in sme_associate()
2452 multi_ap.profile = ssid->multi_ap_profile; in sme_associate()
2455 wpa_s->sme.assoc_req_ie + wpa_s->sme.assoc_req_ie_len, in sme_associate()
2456 sizeof(wpa_s->sme.assoc_req_ie) - in sme_associate()
2457 wpa_s->sme.assoc_req_ie_len, in sme_associate()
2461 "Multi-AP: Failed to build Multi-AP IE"); in sme_associate()
2464 wpa_s->sme.assoc_req_ie_len += multi_ap_ie_len; in sme_associate()
2468 params.ssid = wpa_s->sme.ssid; in sme_associate()
2469 params.ssid_len = wpa_s->sme.ssid_len; in sme_associate()
2470 params.freq.freq = wpa_s->sme.freq; in sme_associate()
2471 params.bg_scan_period = ssid ? ssid->bg_scan_period : -1; in sme_associate()
2472 params.wpa_ie = wpa_s->sme.assoc_req_ie_len ? in sme_associate()
2473 wpa_s->sme.assoc_req_ie : NULL; in sme_associate()
2474 params.wpa_ie_len = wpa_s->sme.assoc_req_ie_len; in sme_associate()
2477 params.pairwise_suite = wpa_s->pairwise_cipher; in sme_associate()
2478 params.group_suite = wpa_s->group_cipher; in sme_associate()
2479 params.mgmt_group_suite = wpa_s->mgmt_group_cipher; in sme_associate()
2480 params.key_mgmt_suite = wpa_s->key_mgmt; in sme_associate()
2481 params.wpa_proto = wpa_s->wpa_proto; in sme_associate()
2501 if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies && in sme_associate()
2502 get_ie(wpa_s->sme.ft_ies, wpa_s->sme.ft_ies_len, in sme_associate()
2507 * additional non-FT-specific IEs) to avoid kernel issues. This in sme_associate()
2511 "SME: Linux kernel workaround - do not try to include additional IEs with RIC"); in sme_associate()
2512 params.wpa_ie = wpa_s->sme.ft_ies; in sme_associate()
2513 params.wpa_ie_len = wpa_s->sme.ft_ies_len; in sme_associate()
2514 } else if (auth_type == WLAN_AUTH_FT && wpa_s->sme.ft_ies) { in sme_associate()
2521 remove_ie(wpa_s->sme.assoc_req_ie, in sme_associate()
2522 &wpa_s->sme.assoc_req_ie_len, in sme_associate()
2524 remove_ie(wpa_s->sme.assoc_req_ie, in sme_associate()
2525 &wpa_s->sme.assoc_req_ie_len, in sme_associate()
2527 remove_ie(wpa_s->sme.assoc_req_ie, in sme_associate()
2528 &wpa_s->sme.assoc_req_ie_len, in sme_associate()
2530 rm_en = get_ie(wpa_s->sme.assoc_req_ie, in sme_associate()
2531 wpa_s->sme.assoc_req_ie_len, in sme_associate()
2539 remove_ie(wpa_s->sme.assoc_req_ie, in sme_associate()
2540 &wpa_s->sme.assoc_req_ie_len, in sme_associate()
2545 wpa_s->sme.assoc_req_ie, in sme_associate()
2546 wpa_s->sme.assoc_req_ie_len); in sme_associate()
2547 if (wpa_s->sme.assoc_req_ie_len + wpa_s->sme.ft_ies_len + in sme_associate()
2548 rm_en_len > sizeof(wpa_s->sme.assoc_req_ie)) { in sme_associate()
2555 os_memmove(wpa_s->sme.assoc_req_ie + wpa_s->sme.ft_ies_len + in sme_associate()
2557 wpa_s->sme.assoc_req_ie, in sme_associate()
2558 wpa_s->sme.assoc_req_ie_len); in sme_associate()
2559 pos = wpa_s->sme.ft_ies; in sme_associate()
2560 end = pos + wpa_s->sme.ft_ies_len; in sme_associate()
2561 wpos = wpa_s->sme.assoc_req_ie; in sme_associate()
2572 os_memcpy(wpos, pos, end - pos); in sme_associate()
2573 wpa_s->sme.assoc_req_ie_len += wpa_s->sme.ft_ies_len + in sme_associate()
2575 params.wpa_ie = wpa_s->sme.assoc_req_ie; in sme_associate()
2576 params.wpa_ie_len = wpa_s->sme.assoc_req_ie_len; in sme_associate()
2583 params.mgmt_frame_protection = wpa_s->sme.mfp; in sme_associate()
2584 params.rrm_used = wpa_s->rrm.rrm_used; in sme_associate()
2585 if (wpa_s->sme.prev_bssid_set) in sme_associate()
2586 params.prev_bssid = wpa_s->sme.prev_bssid; in sme_associate()
2603 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.rsn_ie - 2, in sme_associate()
2607 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.wpa_ie - 2, in sme_associate()
2611 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, elems.osen - 2, in sme_associate()
2614 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); in sme_associate()
2616 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, elems.rsnxe - 2, in sme_associate()
2619 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); in sme_associate()
2620 if (ssid && ssid->p2p_group) in sme_associate()
2623 if (wpa_s->p2pdev->set_sta_uapsd) in sme_associate()
2624 params.uapsd = wpa_s->p2pdev->sta_uapsd; in sme_associate()
2626 params.uapsd = -1; in sme_associate()
2628 if (wpa_s->valid_links) { in sme_associate()
2633 wpa_s->mlo_assoc_link_id, wpa_s->valid_links); in sme_associate()
2635 params.mld_params.mld_addr = wpa_s->ap_mld_addr; in sme_associate()
2636 params.mld_params.valid_links = wpa_s->valid_links; in sme_associate()
2637 params.mld_params.assoc_link_id = wpa_s->mlo_assoc_link_id; in sme_associate()
2638 for_each_link(wpa_s->valid_links, i) { in sme_associate()
2640 wpa_s->links[i].bssid; in sme_associate()
2642 wpa_s->links[i].freq; in sme_associate()
2644 wpa_s->links[i].disabled; in sme_associate()
2648 i, wpa_s->links[i].freq, in sme_associate()
2649 wpa_s->links[i].disabled, in sme_associate()
2650 MAC2STR(wpa_s->links[i].bssid)); in sme_associate()
2663 if (!(wpa_s->valid_links & BIT(i)) || in sme_associate()
2664 wpa_s->mlo_assoc_link_id == i || in sme_associate()
2668 wpa_bssid_ignore_add(wpa_s, wpa_s->links[i].bssid); in sme_associate()
2674 wpa_drv_deauthenticate(wpa_s, wpa_s->ap_mld_addr, in sme_associate()
2680 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, in sme_associate()
2683 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); in sme_associate()
2692 wpabuf_free(wpa_s->last_assoc_req_wpa_ie); in sme_associate()
2693 wpa_s->last_assoc_req_wpa_ie = NULL; in sme_associate()
2695 wpa_s->last_assoc_req_wpa_ie = in sme_associate()
2706 os_free(wpa_s->sme.ft_ies); in sme_update_ft_ies()
2707 wpa_s->sme.ft_ies = NULL; in sme_update_ft_ies()
2708 wpa_s->sme.ft_ies_len = 0; in sme_update_ft_ies()
2709 wpa_s->sme.ft_used = 0; in sme_update_ft_ies()
2713 os_memcpy(wpa_s->sme.mobility_domain, md, MOBILITY_DOMAIN_ID_LEN); in sme_update_ft_ies()
2715 os_free(wpa_s->sme.ft_ies); in sme_update_ft_ies()
2716 wpa_s->sme.ft_ies = os_memdup(ies, ies_len); in sme_update_ft_ies()
2717 if (wpa_s->sme.ft_ies == NULL) in sme_update_ft_ies()
2718 return -1; in sme_update_ft_ies()
2719 wpa_s->sme.ft_ies_len = ies_len; in sme_update_ft_ies()
2729 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); in sme_deauth()
2731 if (wpa_s->valid_links) in sme_deauth()
2732 bssid = wpa_s->ap_mld_addr; in sme_deauth()
2734 bssid = wpa_s->pending_bssid; in sme_deauth()
2741 wpa_s->sme.prev_bssid_set = 0; in sme_deauth()
2743 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, link_bssids); in sme_deauth()
2745 os_memset(wpa_s->bssid, 0, ETH_ALEN); in sme_deauth()
2746 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); in sme_deauth()
2756 if (!wpa_s->current_bss || !wpa_s->current_ssid) { in sme_assoc_comeback_timer()
2765 MAC2STR(wpa_s->current_bss->bssid), in sme_assoc_comeback_timer()
2766 wpa_s->current_ssid->mode, in sme_assoc_comeback_timer()
2767 wpa_s->sme.assoc_auth_type); in sme_assoc_comeback_timer()
2771 sme_associate(wpa_s, wpa_s->current_ssid->mode, in sme_assoc_comeback_timer()
2772 wpa_s->current_bss->bssid, in sme_assoc_comeback_timer()
2773 wpa_s->sme.assoc_auth_type); in sme_assoc_comeback_timer()
2786 if (wpa_s->test_assoc_comeback_type != -1) in sme_try_assoc_comeback()
2787 type = wpa_s->test_assoc_comeback_type; in sme_try_assoc_comeback()
2790 if (ieee802_11_parse_elems(data->assoc_reject.resp_ies, in sme_try_assoc_comeback()
2791 data->assoc_reject.resp_ies_len, in sme_try_assoc_comeback()
2835 if (wpa_s->valid_links) in sme_event_assoc_reject()
2836 bssid = wpa_s->ap_mld_addr; in sme_event_assoc_reject()
2838 bssid = wpa_s->pending_bssid; in sme_event_assoc_reject()
2841 "status code %d", MAC2STR(wpa_s->pending_bssid), in sme_event_assoc_reject()
2842 data->assoc_reject.status_code); in sme_event_assoc_reject()
2851 if (data->assoc_reject.status_code == in sme_event_assoc_reject()
2863 if (wpa_s->sme.sae_pmksa_caching && wpa_s->current_ssid && in sme_event_assoc_reject()
2864 wpa_key_mgmt_sae(wpa_s->current_ssid->key_mgmt)) { in sme_event_assoc_reject()
2866 "PMKSA caching attempt rejected - drop PMKSA cache entry and fall back to SAE authentication"); in sme_event_assoc_reject()
2867 wpa_sm_aborted_cached(wpa_s->wpa); in sme_event_assoc_reject()
2868 wpa_sm_pmksa_cache_flush(wpa_s->wpa, wpa_s->current_ssid); in sme_event_assoc_reject()
2869 if (wpa_s->current_bss) { in sme_event_assoc_reject()
2870 struct wpa_bss *bss = wpa_s->current_bss; in sme_event_assoc_reject()
2871 struct wpa_ssid *ssid = wpa_s->current_ssid; in sme_event_assoc_reject()
2884 if (wpa_s->current_ssid && in sme_event_assoc_reject()
2885 wpa_s->current_ssid->key_mgmt == WPA_KEY_MGMT_DPP && in sme_event_assoc_reject()
2886 !data->assoc_reject.timed_out && in sme_event_assoc_reject()
2887 data->assoc_reject.status_code == WLAN_STATUS_INVALID_PMKID) { in sme_event_assoc_reject()
2890 pmksa = pmksa_cache_get_current(wpa_s->wpa); in sme_event_assoc_reject()
2894 wpa_sm_pmksa_cache_remove(wpa_s->wpa, pmksa); in sme_event_assoc_reject()
2896 wpa_sm_aborted_cached(wpa_s->wpa); in sme_event_assoc_reject()
2897 if (wpa_s->current_bss) { in sme_event_assoc_reject()
2898 struct wpa_bss *bss = wpa_s->current_bss; in sme_event_assoc_reject()
2899 struct wpa_ssid *ssid = wpa_s->current_ssid; in sme_event_assoc_reject()
2926 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, NULL); in sme_event_auth_timed_out()
2935 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, NULL); in sme_event_assoc_timed_out()
2944 if (wpa_s->sme.prev_bssid_set) { in sme_event_disassoc()
2953 wpa_drv_deauthenticate(wpa_s, wpa_s->sme.prev_bssid, in sme_event_disassoc()
2962 if (wpa_s->wpa_state == WPA_AUTHENTICATING) { in sme_auth_timer()
2972 if (wpa_s->wpa_state == WPA_ASSOCIATING) { in sme_assoc_timer()
2982 if (wpa_s->wpa_state != WPA_ASSOCIATING) { in sme_state_changed()
2986 if (wpa_s->wpa_state != WPA_AUTHENTICATING) in sme_state_changed()
2993 wpa_s->sme.prev_bssid_set = 0; in sme_clear_on_disassoc()
2995 wpabuf_free(wpa_s->sme.sae_token); in sme_clear_on_disassoc()
2996 wpa_s->sme.sae_token = NULL; in sme_clear_on_disassoc()
2997 sae_clear_data(&wpa_s->sme.sae); in sme_clear_on_disassoc()
3000 if (wpa_s->sme.ft_ies || wpa_s->sme.ft_used) in sme_clear_on_disassoc()
3011 os_free(wpa_s->sme.sae_rejected_groups); in sme_deinit()
3012 wpa_s->sme.sae_rejected_groups = NULL; in sme_deinit()
3030 wpa_printf(MSG_DEBUG, "SME: Send 20/40 BSS Coexistence to " MACSTR in sme_send_2040_bss_coex()
3032 MAC2STR(wpa_s->bssid), num_channels, num_intol); in sme_send_2040_bss_coex()
3047 bc_ie->element_id = WLAN_EID_20_40_BSS_COEXISTENCE; in sme_send_2040_bss_coex()
3048 bc_ie->length = 1; in sme_send_2040_bss_coex()
3050 bc_ie->coex_param |= WLAN_20_40_BSS_COEX_20MHZ_WIDTH_REQ; in sme_send_2040_bss_coex()
3054 ic_report->element_id = WLAN_EID_20_40_BSS_INTOLERANT; in sme_send_2040_bss_coex()
3055 ic_report->length = num_channels + 1; in sme_send_2040_bss_coex()
3056 ic_report->op_class = 0; in sme_send_2040_bss_coex()
3061 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, in sme_send_2040_bss_coex()
3062 wpa_s->own_addr, wpa_s->bssid, in sme_send_2040_bss_coex()
3065 "SME: Failed to send 20/40 BSS Coexistence frame"); in sme_send_2040_bss_coex()
3080 if (!wpa_s->sme.sched_obss_scan) in sme_proc_obss_scan()
3083 wpa_s->sme.sched_obss_scan = 0; in sme_proc_obss_scan()
3084 if (!wpa_s->current_bss || wpa_s->wpa_state != WPA_COMPLETED) in sme_proc_obss_scan()
3090 * width trigger event is "unknown" (IEEE Std 802.11-2012 10.15.12), in sme_proc_obss_scan()
3100 ie = wpa_bss_get_ie(wpa_s->current_bss, WLAN_EID_COUNTRY); in sme_proc_obss_scan()
3106 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { in sme_proc_obss_scan()
3109 mode = ieee80211_freq_to_chan(bss->freq, &channel); in sme_proc_obss_scan()
3118 MAC2STR(bss->bssid), bss->freq, channel, ht_cap); in sme_proc_obss_scan()
3149 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, in wpa_obss_scan_freqs_list()
3152 /* No channels supported in this band - use empty list */ in wpa_obss_scan_freqs_list()
3153 params->freqs = os_zalloc(sizeof(int)); in wpa_obss_scan_freqs_list()
3157 if (wpa_s->sme.ht_sec_chan == HT_SEC_CHAN_UNKNOWN && in wpa_obss_scan_freqs_list()
3158 wpa_s->current_bss) { in wpa_obss_scan_freqs_list()
3161 ie = wpa_bss_get_ie(wpa_s->current_bss, WLAN_EID_HT_OPERATION); in wpa_obss_scan_freqs_list()
3167 wpa_s->sme.ht_sec_chan = HT_SEC_CHAN_ABOVE; in wpa_obss_scan_freqs_list()
3169 wpa_s->sme.ht_sec_chan = HT_SEC_CHAN_BELOW; in wpa_obss_scan_freqs_list()
3173 start = wpa_s->assoc_freq - 10; in wpa_obss_scan_freqs_list()
3174 end = wpa_s->assoc_freq + 10; in wpa_obss_scan_freqs_list()
3175 switch (wpa_s->sme.ht_sec_chan) { in wpa_obss_scan_freqs_list()
3178 if (wpa_s->assoc_freq <= 2452) in wpa_obss_scan_freqs_list()
3179 start -= 20; in wpa_obss_scan_freqs_list()
3180 /* HT40- possible on channels 5-13 */ in wpa_obss_scan_freqs_list()
3181 if (wpa_s->assoc_freq >= 2432) in wpa_obss_scan_freqs_list()
3188 start -= 20; in wpa_obss_scan_freqs_list()
3192 "OBSS: assoc_freq %d possible affected range %d-%d", in wpa_obss_scan_freqs_list()
3193 wpa_s->assoc_freq, start, end); in wpa_obss_scan_freqs_list()
3195 params->freqs = os_calloc(mode->num_channels + 1, sizeof(int)); in wpa_obss_scan_freqs_list()
3196 if (params->freqs == NULL) in wpa_obss_scan_freqs_list()
3198 for (count = 0, i = 0; i < mode->num_channels; i++) { in wpa_obss_scan_freqs_list()
3201 if (mode->channels[i].flag & HOSTAPD_CHAN_DISABLED) in wpa_obss_scan_freqs_list()
3203 freq = mode->channels[i].freq; in wpa_obss_scan_freqs_list()
3204 if (freq - 10 >= end || freq + 10 <= start) in wpa_obss_scan_freqs_list()
3206 params->freqs[count++] = freq; in wpa_obss_scan_freqs_list()
3216 if (!wpa_s->current_bss) { in sme_obss_scan_timeout()
3229 wpa_s->sme.sched_obss_scan = 1; in sme_obss_scan_timeout()
3232 eloop_register_timeout(wpa_s->sme.obss_scan_int, 0, in sme_obss_scan_timeout()
3240 struct wpa_bss *bss = wpa_s->current_bss; in sme_sched_obss_scan()
3241 struct wpa_ssid *ssid = wpa_s->current_ssid; in sme_sched_obss_scan()
3246 wpa_s->sme.sched_obss_scan = 0; in sme_sched_obss_scan()
3247 wpa_s->sme.ht_sec_chan = HT_SEC_CHAN_UNKNOWN; in sme_sched_obss_scan()
3255 if (!((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) || in sme_sched_obss_scan()
3256 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OBSS_SCAN)) || in sme_sched_obss_scan()
3257 ssid == NULL || ssid->mode != WPAS_MODE_INFRA) in sme_sched_obss_scan()
3262 if (ssid->disable_ht40) in sme_sched_obss_scan()
3266 if (!wpa_s->hw.modes) in sme_sched_obss_scan()
3270 for (i = 0; i < wpa_s->hw.num_modes; i++) { in sme_sched_obss_scan()
3271 hw_mode = &wpa_s->hw.modes[i]; in sme_sched_obss_scan()
3272 if (hw_mode->mode == HOSTAPD_MODE_IEEE80211G) in sme_sched_obss_scan()
3277 if (i == wpa_s->hw.num_modes || !hw_mode || in sme_sched_obss_scan()
3278 !(hw_mode->ht_capab & HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)) in sme_sched_obss_scan()
3281 if (bss == NULL || bss->freq < 2400 || bss->freq > 2500) in sme_sched_obss_scan()
3282 return; /* Not associated on 2.4 GHz band */ in sme_sched_obss_scan()
3285 ie = wpa_bss_get_ie(wpa_s->current_bss, WLAN_EID_HT_CAP); in sme_sched_obss_scan()
3290 ie = wpa_bss_get_ie(wpa_s->current_bss, in sme_sched_obss_scan()
3295 wpa_s->sme.obss_scan_int = WPA_GET_LE16(ie + 6); in sme_sched_obss_scan()
3296 if (wpa_s->sme.obss_scan_int < 10) { in sme_sched_obss_scan()
3299 wpa_s->sme.obss_scan_int); in sme_sched_obss_scan()
3300 wpa_s->sme.obss_scan_int = 10; in sme_sched_obss_scan()
3303 wpa_s->sme.obss_scan_int); in sme_sched_obss_scan()
3304 eloop_register_timeout(wpa_s->sme.obss_scan_int, 0, in sme_sched_obss_scan()
3318 os_reltime_sub(&now, &wpa_s->sme.sa_query_start, &passed); in sme_check_sa_query_timeout()
3339 MACSTR, MAC2STR(wpa_s->bssid)); in sme_send_sa_query_req()
3347 if (wpa_sm_ocv_enabled(wpa_s->wpa)) { in sme_send_sa_query_req()
3357 if (wpa_s->oci_freq_override_saquery_req) { in sme_send_sa_query_req()
3359 "TEST: Override SA Query Request OCI frequency %d -> %d MHz", in sme_send_sa_query_req()
3361 wpa_s->oci_freq_override_saquery_req); in sme_send_sa_query_req()
3362 ci.frequency = wpa_s->oci_freq_override_saquery_req; in sme_send_sa_query_req()
3373 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, in sme_send_sa_query_req()
3374 wpa_s->own_addr, wpa_s->bssid, in sme_send_sa_query_req()
3387 if (wpa_s->sme.sa_query_count > 0 && in sme_sa_query_timer()
3391 nbuf = os_realloc_array(wpa_s->sme.sa_query_trans_id, in sme_sa_query_timer()
3392 wpa_s->sme.sa_query_count + 1, in sme_sa_query_timer()
3398 if (wpa_s->sme.sa_query_count == 0) { in sme_sa_query_timer()
3400 os_get_reltime(&wpa_s->sme.sa_query_start); in sme_sa_query_timer()
3402 trans_id = nbuf + wpa_s->sme.sa_query_count * WLAN_SA_QUERY_TR_ID_LEN; in sme_sa_query_timer()
3403 wpa_s->sme.sa_query_trans_id = nbuf; in sme_sa_query_timer()
3404 wpa_s->sme.sa_query_count++; in sme_sa_query_timer()
3418 wpa_s->sme.sa_query_count); in sme_sa_query_timer()
3432 if (wpa_s->sme.sa_query_trans_id) in sme_stop_sa_query()
3435 os_free(wpa_s->sme.sa_query_trans_id); in sme_stop_sa_query()
3436 wpa_s->sme.sa_query_trans_id = NULL; in sme_stop_sa_query()
3437 wpa_s->sme.sa_query_count = 0; in sme_stop_sa_query()
3447 if (wpa_s->wpa_state != WPA_COMPLETED) in sme_event_unprot_disconnect()
3449 ssid = wpa_s->current_ssid; in sme_event_unprot_disconnect()
3452 if (!ether_addr_equal(sa, wpa_s->bssid)) in sme_event_unprot_disconnect()
3457 if (wpa_s->sme.sa_query_count > 0) in sme_event_unprot_disconnect()
3460 if (wpa_s->disable_sa_query) in sme_event_unprot_disconnect()
3465 if (wpa_s->sme.last_unprot_disconnect.sec && in sme_event_unprot_disconnect()
3466 !os_reltime_expired(&now, &wpa_s->sme.last_unprot_disconnect, 10)) in sme_event_unprot_disconnect()
3468 wpa_s->sme.last_unprot_disconnect = now; in sme_event_unprot_disconnect()
3470 wpa_dbg(wpa_s, MSG_DEBUG, "SME: Unprotected disconnect dropped - " in sme_event_unprot_disconnect()
3471 "possible AP/STA state mismatch - trigger SA Query"); in sme_event_unprot_disconnect()
3481 if (wpa_s->wpa_state != WPA_COMPLETED || in sme_event_ch_switch()
3482 !wpa_sm_ocv_enabled(wpa_s->wpa)) in sme_event_ch_switch()
3486 "SME: Channel switch completed - trigger new SA Query to verify new operating channel"); in sme_event_ch_switch()
3504 MACSTR, MAC2STR(wpa_s->bssid)); in sme_process_sa_query_request()
3511 if (wpa_sm_ocv_enabled(wpa_s->wpa)) { in sme_process_sa_query_request()
3521 if (wpa_s->oci_freq_override_saquery_resp) { in sme_process_sa_query_request()
3523 "TEST: Override SA Query Response OCI frequency %d -> %d MHz", in sme_process_sa_query_request()
3525 wpa_s->oci_freq_override_saquery_resp); in sme_process_sa_query_request()
3526 ci.frequency = wpa_s->oci_freq_override_saquery_resp; in sme_process_sa_query_request()
3537 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, in sme_process_sa_query_request()
3538 wpa_s->own_addr, wpa_s->bssid, in sme_process_sa_query_request()
3551 if (!wpa_s->sme.sa_query_trans_id) in sme_process_sa_query_response()
3557 if (!ether_addr_equal(sa, wpa_s->bssid)) in sme_process_sa_query_response()
3560 for (i = 0; i < wpa_s->sme.sa_query_count; i++) { in sme_process_sa_query_response()
3561 if (os_memcmp(wpa_s->sme.sa_query_trans_id + in sme_process_sa_query_response()
3567 if (i >= wpa_s->sme.sa_query_count) { in sme_process_sa_query_response()
3586 "IEEE 802.11: Ignore group-addressed SA Query frame (A1=" MACSTR " A2=" MACSTR ")", in sme_sa_query_rx()
3595 if (wpa_sm_ocv_enabled(wpa_s->wpa)) { in sme_sa_query_rx()
3600 len - 1 - WLAN_SA_QUERY_TR_ID_LEN, in sme_sa_query_rx()