1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/crypto.h"
21 #include "crypto/random.h"
22 #include "crypto/sha1.h"
23 #include "eapol_supp/eapol_supp_sm.h"
24 #include "eap_peer/eap.h"
25 #include "eap_peer/eap_proxy.h"
26 #include "eap_server/eap_methods.h"
27 #include "rsn_supp/wpa.h"
28 #include "eloop.h"
29 #include "config.h"
30 #include "utils/ext_password.h"
31 #include "l2_packet/l2_packet.h"
32 #include "wpa_supplicant_i.h"
33 #include "driver_i.h"
34 #include "ctrl_iface.h"
35 #include "pcsc_funcs.h"
36 #include "common/version.h"
37 #include "rsn_supp/preauth.h"
38 #include "rsn_supp/pmksa_cache.h"
39 #include "common/wpa_ctrl.h"
40 #include "common/ieee802_11_common.h"
41 #include "common/ieee802_11_defs.h"
42 #include "common/hw_features_common.h"
43 #include "common/gas_server.h"
44 #include "common/dpp.h"
45 #include "common/ptksa_cache.h"
46 #include "p2p/p2p.h"
47 #include "fst/fst.h"
48 #include "bssid_ignore.h"
49 #include "wpas_glue.h"
50 #include "wps_supplicant.h"
51 #include "ibss_rsn.h"
52 #include "sme.h"
53 #include "gas_query.h"
54 #include "ap.h"
55 #include "p2p_supplicant.h"
56 #include "wifi_display.h"
57 #include "notify.h"
58 #include "bgscan.h"
59 #include "autoscan.h"
60 #include "bss.h"
61 #include "scan.h"
62 #include "offchannel.h"
63 #include "hs20_supplicant.h"
64 #include "wnm_sta.h"
65 #include "wpas_kay.h"
66 #include "mesh.h"
67 #include "dpp_supplicant.h"
68 #include "nan_usd.h"
69 #ifdef CONFIG_MESH
70 #include "ap/ap_config.h"
71 #include "ap/hostapd.h"
72 #endif /* CONFIG_MESH */
73
74 const char *const wpa_supplicant_version =
75 "wpa_supplicant v" VERSION_STR "\n"
76 "Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi> and contributors";
77
78 const char *const wpa_supplicant_license =
79 "This software may be distributed under the terms of the BSD license.\n"
80 "See README for more details.\n"
81 #ifdef EAP_TLS_OPENSSL
82 "\nThis product includes software developed by the OpenSSL Project\n"
83 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
84 #endif /* EAP_TLS_OPENSSL */
85 ;
86
87 #ifndef CONFIG_NO_STDOUT_DEBUG
88 /* Long text divided into parts in order to fit in C89 strings size limits. */
89 const char *const wpa_supplicant_full_license1 =
90 "";
91 const char *const wpa_supplicant_full_license2 =
92 "This software may be distributed under the terms of the BSD license.\n"
93 "\n"
94 "Redistribution and use in source and binary forms, with or without\n"
95 "modification, are permitted provided that the following conditions are\n"
96 "met:\n"
97 "\n";
98 const char *const wpa_supplicant_full_license3 =
99 "1. Redistributions of source code must retain the above copyright\n"
100 " notice, this list of conditions and the following disclaimer.\n"
101 "\n"
102 "2. Redistributions in binary form must reproduce the above copyright\n"
103 " notice, this list of conditions and the following disclaimer in the\n"
104 " documentation and/or other materials provided with the distribution.\n"
105 "\n";
106 const char *const wpa_supplicant_full_license4 =
107 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
108 " names of its contributors may be used to endorse or promote products\n"
109 " derived from this software without specific prior written permission.\n"
110 "\n"
111 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
112 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
113 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
114 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
115 const char *const wpa_supplicant_full_license5 =
116 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
117 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
118 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
119 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
120 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
121 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
122 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
123 "\n";
124 #endif /* CONFIG_NO_STDOUT_DEBUG */
125
126
127 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
128 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx);
129 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
130 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
131 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
132 #ifdef CONFIG_OWE
133 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
134 #endif /* CONFIG_OWE */
135
136
137 #ifdef CONFIG_WEP
138 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)139 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
140 {
141 int i, set = 0;
142
143 for (i = 0; i < NUM_WEP_KEYS; i++) {
144 if (ssid->wep_key_len[i] == 0)
145 continue;
146
147 set = 1;
148 wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL,
149 i, i == ssid->wep_tx_keyidx, NULL, 0,
150 ssid->wep_key[i], ssid->wep_key_len[i],
151 i == ssid->wep_tx_keyidx ?
152 KEY_FLAG_GROUP_RX_TX_DEFAULT :
153 KEY_FLAG_GROUP_RX_TX);
154 }
155
156 return set;
157 }
158 #endif /* CONFIG_WEP */
159
160
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)161 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
162 struct wpa_ssid *ssid)
163 {
164 u8 key[32];
165 size_t keylen;
166 enum wpa_alg alg;
167 u8 seq[6] = { 0 };
168 int ret;
169
170 /* IBSS/WPA-None uses only one key (Group) for both receiving and
171 * sending unicast and multicast packets. */
172
173 if (ssid->mode != WPAS_MODE_IBSS) {
174 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
175 "IBSS/ad-hoc) for WPA-None", ssid->mode);
176 return -1;
177 }
178
179 if (!ssid->psk_set) {
180 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
181 "WPA-None");
182 return -1;
183 }
184
185 switch (wpa_s->group_cipher) {
186 case WPA_CIPHER_CCMP:
187 os_memcpy(key, ssid->psk, 16);
188 keylen = 16;
189 alg = WPA_ALG_CCMP;
190 break;
191 case WPA_CIPHER_GCMP:
192 os_memcpy(key, ssid->psk, 16);
193 keylen = 16;
194 alg = WPA_ALG_GCMP;
195 break;
196 case WPA_CIPHER_TKIP:
197 /* WPA-None uses the same Michael MIC key for both TX and RX */
198 os_memcpy(key, ssid->psk, 16 + 8);
199 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
200 keylen = 32;
201 alg = WPA_ALG_TKIP;
202 break;
203 default:
204 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
205 "WPA-None", wpa_s->group_cipher);
206 return -1;
207 }
208
209 /* TODO: should actually remember the previously used seq#, both for TX
210 * and RX from each STA.. */
211
212 ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen,
213 KEY_FLAG_GROUP_RX_TX_DEFAULT);
214 os_memset(key, 0, sizeof(key));
215 return ret;
216 }
217
218
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)219 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
220 {
221 struct wpa_supplicant *wpa_s = eloop_ctx;
222 const u8 *bssid = wpa_s->bssid;
223 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
224 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
225 wpa_s->wpa_state == WPA_ASSOCIATING))
226 bssid = wpa_s->pending_bssid;
227 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
228 MAC2STR(bssid));
229 wpa_bssid_ignore_add(wpa_s, bssid);
230 wpa_sm_notify_disassoc(wpa_s->wpa);
231 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
232 wpa_s->reassociate = 1;
233
234 /*
235 * If we timed out, the AP or the local radio may be busy.
236 * So, wait a second until scanning again.
237 */
238 wpa_supplicant_req_scan(wpa_s, 1, 0);
239 }
240
241
242 /**
243 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
244 * @wpa_s: Pointer to wpa_supplicant data
245 * @sec: Number of seconds after which to time out authentication
246 * @usec: Number of microseconds after which to time out authentication
247 *
248 * This function is used to schedule a timeout for the current authentication
249 * attempt.
250 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)251 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
252 int sec, int usec)
253 {
254 if (wpa_s->conf->ap_scan == 0 &&
255 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
256 return;
257
258 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
259 "%d usec", sec, usec);
260 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
261 wpa_s->last_auth_timeout_sec = sec;
262 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
263 }
264
265
266 /*
267 * wpas_auth_timeout_restart - Restart and change timeout for authentication
268 * @wpa_s: Pointer to wpa_supplicant data
269 * @sec_diff: difference in seconds applied to original timeout value
270 */
wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)271 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
272 {
273 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
274
275 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
276 wpa_dbg(wpa_s, MSG_DEBUG,
277 "Authentication timeout restart: %d sec", new_sec);
278 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
279 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
280 wpa_s, NULL);
281 }
282 }
283
284
285 /**
286 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
287 * @wpa_s: Pointer to wpa_supplicant data
288 *
289 * This function is used to cancel authentication timeout scheduled with
290 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
291 * been completed.
292 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)293 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
294 {
295 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
296 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
297 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
298 os_free(wpa_s->last_con_fail_realm);
299 wpa_s->last_con_fail_realm = NULL;
300 wpa_s->last_con_fail_realm_len = 0;
301 }
302
303
304 /**
305 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
306 * @wpa_s: Pointer to wpa_supplicant data
307 *
308 * This function is used to configure EAPOL state machine based on the selected
309 * authentication mode.
310 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)311 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
312 {
313 #ifdef IEEE8021X_EAPOL
314 struct eapol_config eapol_conf;
315 struct wpa_ssid *ssid = wpa_s->current_ssid;
316
317 #ifdef CONFIG_IBSS_RSN
318 if (ssid->mode == WPAS_MODE_IBSS &&
319 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
320 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
321 /*
322 * RSN IBSS authentication is per-STA and we can disable the
323 * per-BSSID EAPOL authentication.
324 */
325 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
326 eapol_sm_notify_eap_success(wpa_s->eapol, true);
327 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
328 return;
329 }
330 #endif /* CONFIG_IBSS_RSN */
331
332 eapol_sm_notify_eap_success(wpa_s->eapol, false);
333 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
334
335 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
336 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
337 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
338 else
339 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
340
341 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
342 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
343 eapol_conf.accept_802_1x_keys = 1;
344 eapol_conf.required_keys = 0;
345 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
346 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
347 }
348 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
349 eapol_conf.required_keys |=
350 EAPOL_REQUIRE_KEY_BROADCAST;
351 }
352
353 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
354 eapol_conf.required_keys = 0;
355 }
356 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
357 eapol_conf.workaround = ssid->eap_workaround;
358 eapol_conf.eap_disabled =
359 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
360 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
361 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
362 eapol_conf.external_sim = wpa_s->conf->external_sim;
363
364 #ifdef CONFIG_WPS
365 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
366 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
367 if (wpa_s->current_bss) {
368 struct wpabuf *ie;
369 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
370 WPS_IE_VENDOR_TYPE);
371 if (ie) {
372 if (wps_is_20(ie))
373 eapol_conf.wps |=
374 EAPOL_PEER_IS_WPS20_AP;
375 wpabuf_free(ie);
376 }
377 }
378 }
379 #endif /* CONFIG_WPS */
380
381 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
382
383 #ifdef CONFIG_MACSEC
384 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
385 ieee802_1x_create_preshared_mka(wpa_s, ssid);
386 else
387 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
388 #endif /* CONFIG_MACSEC */
389 #endif /* IEEE8021X_EAPOL */
390 }
391
392
393 /**
394 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
395 * @wpa_s: Pointer to wpa_supplicant data
396 * @ssid: Configuration data for the network
397 *
398 * This function is used to configure WPA state machine and related parameters
399 * to a mode where WPA is not enabled. This is called as part of the
400 * authentication configuration when the selected network does not use WPA.
401 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)402 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
403 struct wpa_ssid *ssid)
404 {
405 #ifdef CONFIG_WEP
406 int i;
407 #endif /* CONFIG_WEP */
408 struct wpa_sm_mlo mlo;
409
410 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
411 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
412 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
413 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
414 else
415 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
416 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
417 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
418 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
419 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
420 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
421 wpa_s->rsnxe_len = 0;
422 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
423 wpa_s->group_cipher = WPA_CIPHER_NONE;
424 wpa_s->mgmt_group_cipher = 0;
425
426 #ifdef CONFIG_WEP
427 for (i = 0; i < NUM_WEP_KEYS; i++) {
428 if (ssid->wep_key_len[i] > 5) {
429 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
430 wpa_s->group_cipher = WPA_CIPHER_WEP104;
431 break;
432 } else if (ssid->wep_key_len[i] > 0) {
433 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
434 wpa_s->group_cipher = WPA_CIPHER_WEP40;
435 break;
436 }
437 }
438 #endif /* CONFIG_WEP */
439
440 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
441 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
442 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
443 wpa_s->pairwise_cipher);
444 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
445 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
446 wpa_s->mgmt_group_cipher);
447 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, 0);
448
449 pmksa_cache_clear_current(wpa_s->wpa);
450 os_memset(&mlo, 0, sizeof(mlo));
451 wpa_sm_set_mlo_params(wpa_s->wpa, &mlo);
452 }
453
454
free_hw_features(struct wpa_supplicant * wpa_s)455 void free_hw_features(struct wpa_supplicant *wpa_s)
456 {
457 int i;
458 if (wpa_s->hw.modes == NULL)
459 return;
460
461 for (i = 0; i < wpa_s->hw.num_modes; i++) {
462 os_free(wpa_s->hw.modes[i].channels);
463 os_free(wpa_s->hw.modes[i].rates);
464 }
465
466 os_free(wpa_s->hw.modes);
467 wpa_s->hw.modes = NULL;
468 }
469
470
remove_bss_tmp_disallowed_entry(struct wpa_supplicant * wpa_s,struct wpa_bss_tmp_disallowed * bss)471 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s,
472 struct wpa_bss_tmp_disallowed *bss)
473 {
474 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
475 dl_list_del(&bss->list);
476 os_free(bss);
477 }
478
479
free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)480 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
481 {
482 struct wpa_bss_tmp_disallowed *bss, *prev;
483
484 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
485 struct wpa_bss_tmp_disallowed, list)
486 remove_bss_tmp_disallowed_entry(wpa_s, bss);
487 }
488
489
wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)490 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
491 {
492 struct fils_hlp_req *req;
493
494 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
495 list)) != NULL) {
496 dl_list_del(&req->list);
497 wpabuf_free(req->pkt);
498 os_free(req);
499 }
500 }
501
502
wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)503 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
504 {
505 struct wpa_supplicant *wpa_s = eloop_ctx;
506
507 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
508 return;
509 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
510 wpa_bss_flush(wpa_s);
511 }
512
513
514 #ifdef CONFIG_TESTING_OPTIONS
wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)515 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
516 {
517 struct driver_signal_override *dso;
518
519 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
520 struct driver_signal_override, list))) {
521 dl_list_del(&dso->list);
522 os_free(dso);
523 }
524 }
525 #endif /* CONFIG_TESTING_OPTIONS */
526
527
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)528 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
529 {
530 int i;
531
532 bgscan_deinit(wpa_s);
533 autoscan_deinit(wpa_s);
534 scard_deinit(wpa_s->scard);
535 wpa_s->scard = NULL;
536 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
537 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
538 l2_packet_deinit(wpa_s->l2);
539 wpa_s->l2 = NULL;
540 if (wpa_s->l2_br) {
541 l2_packet_deinit(wpa_s->l2_br);
542 wpa_s->l2_br = NULL;
543 }
544 #ifdef CONFIG_TESTING_OPTIONS
545 l2_packet_deinit(wpa_s->l2_test);
546 wpa_s->l2_test = NULL;
547 os_free(wpa_s->get_pref_freq_list_override);
548 wpa_s->get_pref_freq_list_override = NULL;
549 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
550 wpa_s->last_assoc_req_wpa_ie = NULL;
551 os_free(wpa_s->extra_sae_rejected_groups);
552 wpa_s->extra_sae_rejected_groups = NULL;
553 wpabuf_free(wpa_s->rsne_override_eapol);
554 wpa_s->rsne_override_eapol = NULL;
555 wpabuf_free(wpa_s->rsnxe_override_assoc);
556 wpa_s->rsnxe_override_assoc = NULL;
557 wpabuf_free(wpa_s->rsnxe_override_eapol);
558 wpa_s->rsnxe_override_eapol = NULL;
559 wpas_clear_driver_signal_override(wpa_s);
560 #endif /* CONFIG_TESTING_OPTIONS */
561
562 if (wpa_s->conf != NULL) {
563 struct wpa_ssid *ssid;
564 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
565 wpas_notify_network_removed(wpa_s, ssid);
566 }
567
568 os_free(wpa_s->confname);
569 wpa_s->confname = NULL;
570
571 os_free(wpa_s->confanother);
572 wpa_s->confanother = NULL;
573
574 os_free(wpa_s->last_con_fail_realm);
575 wpa_s->last_con_fail_realm = NULL;
576 wpa_s->last_con_fail_realm_len = 0;
577
578 wpa_sm_set_eapol(wpa_s->wpa, NULL);
579 eapol_sm_deinit(wpa_s->eapol);
580 wpa_s->eapol = NULL;
581
582 rsn_preauth_deinit(wpa_s->wpa);
583
584 #ifdef CONFIG_TDLS
585 wpa_tdls_deinit(wpa_s->wpa);
586 #endif /* CONFIG_TDLS */
587
588 #ifndef CONFIG_NO_WMM_AC
589 wmm_ac_clear_saved_tspecs(wpa_s);
590 #endif /* CONFIG_NO_WMM_AC */
591 pmksa_candidate_free(wpa_s->wpa);
592 ptksa_cache_deinit(wpa_s->ptksa);
593 wpa_s->ptksa = NULL;
594 wpa_sm_deinit(wpa_s->wpa);
595 wpa_s->wpa = NULL;
596 wpa_bssid_ignore_clear(wpa_s);
597
598 #ifdef CONFIG_PASN
599 wpas_pasn_auth_stop(wpa_s);
600 #endif /* CONFIG_PASN */
601
602 wpa_bss_deinit(wpa_s);
603
604 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
605 wpa_supplicant_cancel_scan(wpa_s);
606 wpa_supplicant_cancel_auth_timeout(wpa_s);
607 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
608 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
609 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
610 wpa_s, NULL);
611 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
612
613 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
614 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
615 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL);
616
617 wpas_wps_deinit(wpa_s);
618
619 wpabuf_free(wpa_s->pending_eapol_rx);
620 wpa_s->pending_eapol_rx = NULL;
621
622 #ifdef CONFIG_IBSS_RSN
623 ibss_rsn_deinit(wpa_s->ibss_rsn);
624 wpa_s->ibss_rsn = NULL;
625 #endif /* CONFIG_IBSS_RSN */
626
627 sme_deinit(wpa_s);
628
629 #ifdef CONFIG_AP
630 wpa_supplicant_ap_deinit(wpa_s);
631 #endif /* CONFIG_AP */
632
633 wpas_p2p_deinit(wpa_s);
634
635 #ifdef CONFIG_OFFCHANNEL
636 offchannel_deinit(wpa_s);
637 #endif /* CONFIG_OFFCHANNEL */
638
639 wpa_supplicant_cancel_sched_scan(wpa_s);
640
641 os_free(wpa_s->next_scan_freqs);
642 wpa_s->next_scan_freqs = NULL;
643
644 os_free(wpa_s->manual_scan_freqs);
645 wpa_s->manual_scan_freqs = NULL;
646 os_free(wpa_s->select_network_scan_freqs);
647 wpa_s->select_network_scan_freqs = NULL;
648
649 os_free(wpa_s->manual_sched_scan_freqs);
650 wpa_s->manual_sched_scan_freqs = NULL;
651
652 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
653
654 /*
655 * Need to remove any pending gas-query radio work before the
656 * gas_query_deinit() call because gas_query::work has not yet been set
657 * for works that have not been started. gas_query_free() will be unable
658 * to cancel such pending radio works and once the pending gas-query
659 * radio work eventually gets removed, the deinit notification call to
660 * gas_query_start_cb() would result in dereferencing freed memory.
661 */
662 if (wpa_s->radio)
663 radio_remove_works(wpa_s, "gas-query", 0);
664 gas_query_deinit(wpa_s->gas);
665 wpa_s->gas = NULL;
666 gas_server_deinit(wpa_s->gas_server);
667 wpa_s->gas_server = NULL;
668
669 free_hw_features(wpa_s);
670
671 ieee802_1x_dealloc_kay_sm(wpa_s);
672
673 os_free(wpa_s->bssid_filter);
674 wpa_s->bssid_filter = NULL;
675
676 os_free(wpa_s->disallow_aps_bssid);
677 wpa_s->disallow_aps_bssid = NULL;
678 os_free(wpa_s->disallow_aps_ssid);
679 wpa_s->disallow_aps_ssid = NULL;
680
681 wnm_bss_keep_alive_deinit(wpa_s);
682 wnm_btm_reset(wpa_s);
683
684 ext_password_deinit(wpa_s->ext_pw);
685 wpa_s->ext_pw = NULL;
686
687 wpabuf_free(wpa_s->last_gas_resp);
688 wpa_s->last_gas_resp = NULL;
689 wpabuf_free(wpa_s->prev_gas_resp);
690 wpa_s->prev_gas_resp = NULL;
691
692 os_free(wpa_s->last_scan_res);
693 wpa_s->last_scan_res = NULL;
694
695 #ifdef CONFIG_HS20
696 if (wpa_s->drv_priv)
697 wpa_drv_configure_frame_filters(wpa_s, 0);
698 hs20_deinit(wpa_s);
699 #endif /* CONFIG_HS20 */
700
701 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
702 wpabuf_free(wpa_s->vendor_elem[i]);
703 wpa_s->vendor_elem[i] = NULL;
704 }
705
706 #ifndef CONFIG_NO_WMM_AC
707 wmm_ac_notify_disassoc(wpa_s);
708 #endif /* CONFIG_NO_WMM_AC */
709
710 wpa_s->sched_scan_plans_num = 0;
711 os_free(wpa_s->sched_scan_plans);
712 wpa_s->sched_scan_plans = NULL;
713
714 #ifdef CONFIG_MBO
715 wpa_s->non_pref_chan_num = 0;
716 os_free(wpa_s->non_pref_chan);
717 wpa_s->non_pref_chan = NULL;
718 #endif /* CONFIG_MBO */
719
720 free_bss_tmp_disallowed(wpa_s);
721
722 wpabuf_free(wpa_s->lci);
723 wpa_s->lci = NULL;
724 #ifndef CONFIG_NO_RRM
725 wpas_clear_beacon_rep_data(wpa_s);
726 #endif /* CONFIG_NO_RRM */
727
728 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
729 #ifdef CONFIG_MESH
730 {
731 struct external_pmksa_cache *entry;
732
733 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
734 struct external_pmksa_cache,
735 list)) != NULL) {
736 dl_list_del(&entry->list);
737 os_free(entry->pmksa_cache);
738 os_free(entry);
739 }
740 }
741 #endif /* CONFIG_MESH */
742 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
743
744 wpas_flush_fils_hlp_req(wpa_s);
745
746 wpabuf_free(wpa_s->ric_ies);
747 wpa_s->ric_ies = NULL;
748
749 #ifdef CONFIG_DPP
750 wpas_dpp_deinit(wpa_s);
751 dpp_global_deinit(wpa_s->dpp);
752 wpa_s->dpp = NULL;
753 #endif /* CONFIG_DPP */
754
755 #ifdef CONFIG_NAN_USD
756 wpas_nan_usd_deinit(wpa_s);
757 #endif /* CONFIG_NAN_USD */
758
759 #ifdef CONFIG_PASN
760 wpas_pasn_auth_stop(wpa_s);
761 #endif /* CONFIG_PASN */
762 #ifndef CONFIG_NO_ROBUST_AV
763 wpas_scs_deinit(wpa_s);
764 wpas_dscp_deinit(wpa_s);
765 #endif /* CONFIG_NO_ROBUST_AV */
766
767 #ifdef CONFIG_OWE
768 os_free(wpa_s->owe_trans_scan_freq);
769 wpa_s->owe_trans_scan_freq = NULL;
770 #endif /* CONFIG_OWE */
771 }
772
773
774 /**
775 * wpa_clear_keys - Clear keys configured for the driver
776 * @wpa_s: Pointer to wpa_supplicant data
777 * @addr: Previously used BSSID or %NULL if not available
778 *
779 * This function clears the encryption keys that has been previously configured
780 * for the driver.
781 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)782 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
783 {
784 int i, max = 6;
785
786 /* MLME-DELETEKEYS.request */
787 for (i = 0; i < max; i++) {
788 if (wpa_s->keys_cleared & BIT(i))
789 continue;
790 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
791 NULL, 0, KEY_FLAG_GROUP);
792 }
793 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
794 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
795 !is_zero_ether_addr(addr)) {
796 if (!(wpa_s->keys_cleared & BIT(0)))
797 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0,
798 NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE);
799 if (!(wpa_s->keys_cleared & BIT(15)))
800 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0,
801 NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE);
802 /* MLME-SETPROTECTION.request(None) */
803 wpa_drv_mlme_setprotection(
804 wpa_s, addr,
805 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
806 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
807 }
808 wpa_s->keys_cleared = (u32) -1;
809 }
810
811
812 /**
813 * wpa_supplicant_state_txt - Get the connection state name as a text string
814 * @state: State (wpa_state; WPA_*)
815 * Returns: The state name as a printable text string
816 */
wpa_supplicant_state_txt(enum wpa_states state)817 const char * wpa_supplicant_state_txt(enum wpa_states state)
818 {
819 switch (state) {
820 case WPA_DISCONNECTED:
821 return "DISCONNECTED";
822 case WPA_INACTIVE:
823 return "INACTIVE";
824 case WPA_INTERFACE_DISABLED:
825 return "INTERFACE_DISABLED";
826 case WPA_SCANNING:
827 return "SCANNING";
828 case WPA_AUTHENTICATING:
829 return "AUTHENTICATING";
830 case WPA_ASSOCIATING:
831 return "ASSOCIATING";
832 case WPA_ASSOCIATED:
833 return "ASSOCIATED";
834 case WPA_4WAY_HANDSHAKE:
835 return "4WAY_HANDSHAKE";
836 case WPA_GROUP_HANDSHAKE:
837 return "GROUP_HANDSHAKE";
838 case WPA_COMPLETED:
839 return "COMPLETED";
840 default:
841 return "UNKNOWN";
842 }
843 }
844
845
846 #ifdef CONFIG_BGSCAN
847
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)848 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
849 {
850 if (wpa_s->bgscan_ssid) {
851 bgscan_deinit(wpa_s);
852 wpa_s->bgscan_ssid = NULL;
853 }
854 }
855
856
857 /**
858 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
859 * @wpa_s: Pointer to the wpa_supplicant data
860 *
861 * Stop, start, or reconfigure the scan parameters depending on the method.
862 */
wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)863 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
864 {
865 const char *name;
866
867 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
868 name = wpa_s->current_ssid->bgscan;
869 else
870 name = wpa_s->conf->bgscan;
871 if (!name || name[0] == '\0') {
872 wpa_supplicant_stop_bgscan(wpa_s);
873 return;
874 }
875 if (wpas_driver_bss_selection(wpa_s))
876 return;
877 #ifdef CONFIG_P2P
878 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
879 return;
880 #endif /* CONFIG_P2P */
881
882 bgscan_deinit(wpa_s);
883 if (wpa_s->current_ssid) {
884 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
885 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
886 "bgscan");
887 /*
888 * Live without bgscan; it is only used as a roaming
889 * optimization, so the initial connection is not
890 * affected.
891 */
892 } else {
893 struct wpa_scan_results *scan_res;
894 wpa_s->bgscan_ssid = wpa_s->current_ssid;
895 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
896 0, NULL);
897 if (scan_res) {
898 bgscan_notify_scan(wpa_s, scan_res);
899 wpa_scan_results_free(scan_res);
900 }
901 }
902 } else
903 wpa_s->bgscan_ssid = NULL;
904 }
905
906 #endif /* CONFIG_BGSCAN */
907
908
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)909 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
910 {
911 if (autoscan_init(wpa_s, 0))
912 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
913 }
914
915
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)916 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
917 {
918 autoscan_deinit(wpa_s);
919 }
920
921
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)922 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
923 {
924 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
925 wpa_s->wpa_state == WPA_SCANNING) {
926 autoscan_deinit(wpa_s);
927 wpa_supplicant_start_autoscan(wpa_s);
928 }
929 }
930
931
wpas_verify_ssid_beacon(void * eloop_ctx,void * timeout_ctx)932 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx)
933 {
934 struct wpa_supplicant *wpa_s = eloop_ctx;
935 struct wpa_bss *bss;
936 const u8 *ssid;
937 size_t ssid_len;
938
939 if (!wpa_s->current_ssid || !wpa_s->current_bss)
940 return;
941
942 ssid = wpa_s->current_bss->ssid;
943 ssid_len = wpa_s->current_bss->ssid_len;
944
945 if (wpa_s->current_ssid->ssid_len &&
946 (wpa_s->current_ssid->ssid_len != ssid_len ||
947 os_memcmp(wpa_s->current_ssid->ssid, ssid, ssid_len) != 0))
948 return;
949
950 if (wpa_s->wpa_state < WPA_4WAY_HANDSHAKE ||
951 !wpa_s->bigtk_set || wpa_s->ssid_verified)
952 return;
953
954 wpa_printf(MSG_DEBUG,
955 "SSID not yet verified; check if the driver has received a verified Beacon frame");
956 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0)
957 return;
958
959 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid);
960 if (!bss)
961 return;
962 wpa_printf(MSG_DEBUG, "The current beacon time stamp: 0x%llx",
963 (long long unsigned int) bss->tsf);
964 if (bss->tsf > wpa_s->first_beacon_tsf) {
965 const u8 *ie;
966
967 wpa_printf(MSG_DEBUG,
968 "Verified Beacon frame has been received");
969 wpa_s->beacons_checked++;
970
971 ie = wpa_bss_get_ie_beacon(bss, WLAN_EID_SSID);
972 if (ie && ie[1] == ssid_len &&
973 os_memcmp(&ie[2], ssid, ssid_len) == 0) {
974 wpa_printf(MSG_DEBUG,
975 "SSID verified based on a Beacon frame and beacon protection");
976 wpa_s->ssid_verified = true;
977 return;
978 }
979
980 /* TODO: Multiple BSSID element */
981 }
982
983 if (wpa_s->beacons_checked < 16) {
984 eloop_register_timeout(wpa_s->next_beacon_check, 0,
985 wpas_verify_ssid_beacon, wpa_s, NULL);
986 wpa_s->next_beacon_check++;
987 }
988 }
989
990
wpas_verify_ssid_beacon_prot(struct wpa_supplicant * wpa_s)991 static void wpas_verify_ssid_beacon_prot(struct wpa_supplicant *wpa_s)
992 {
993 struct wpa_bss *bss;
994
995 wpa_printf(MSG_DEBUG,
996 "SSID not yet verified; try to verify using beacon protection");
997 /* Fetch the current scan result which is likely based on not yet
998 * verified payload since the current BIGTK was just received. Any
999 * newer update in the future with a larger timestamp value is an
1000 * indication that a verified Beacon frame has been received. */
1001 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0)
1002 return;
1003
1004 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid);
1005 if (!bss)
1006 return;
1007 wpa_printf(MSG_DEBUG, "The initial beacon time stamp: 0x%llx",
1008 (long long unsigned int) bss->tsf);
1009 wpa_s->first_beacon_tsf = bss->tsf;
1010 wpa_s->beacons_checked = 0;
1011 wpa_s->next_beacon_check = 1;
1012 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL);
1013 eloop_register_timeout(1, 0, wpas_verify_ssid_beacon, wpa_s, NULL);
1014 }
1015
1016
1017 /**
1018 * wpa_supplicant_set_state - Set current connection state
1019 * @wpa_s: Pointer to wpa_supplicant data
1020 * @state: The new connection state
1021 *
1022 * This function is called whenever the connection state changes, e.g.,
1023 * association is completed for WPA/WPA2 4-Way Handshake is started.
1024 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)1025 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
1026 enum wpa_states state)
1027 {
1028 enum wpa_states old_state = wpa_s->wpa_state;
1029 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1030 bool update_fils_connect_params = false;
1031 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1032
1033 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
1034 wpa_supplicant_state_txt(wpa_s->wpa_state),
1035 wpa_supplicant_state_txt(state));
1036
1037 if (state == WPA_COMPLETED &&
1038 os_reltime_initialized(&wpa_s->roam_start)) {
1039 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
1040 wpa_s->roam_start.sec = 0;
1041 wpa_s->roam_start.usec = 0;
1042 wpas_notify_auth_changed(wpa_s);
1043 wpas_notify_roam_time(wpa_s);
1044 wpas_notify_roam_complete(wpa_s);
1045 } else if (state == WPA_DISCONNECTED &&
1046 os_reltime_initialized(&wpa_s->roam_start)) {
1047 wpa_s->roam_start.sec = 0;
1048 wpa_s->roam_start.usec = 0;
1049 wpa_s->roam_time.sec = 0;
1050 wpa_s->roam_time.usec = 0;
1051 wpas_notify_roam_complete(wpa_s);
1052 }
1053
1054 if (state == WPA_INTERFACE_DISABLED) {
1055 /* Assure normal scan when interface is restored */
1056 wpa_s->normal_scans = 0;
1057 }
1058
1059 if (state == WPA_COMPLETED) {
1060 wpas_connect_work_done(wpa_s);
1061 /* Reinitialize normal_scan counter */
1062 wpa_s->normal_scans = 0;
1063 }
1064
1065 #ifdef CONFIG_P2P
1066 /*
1067 * P2PS client has to reply to Probe Request frames received on the
1068 * group operating channel. Enable Probe Request frame reporting for
1069 * P2P connected client in case p2p_cli_probe configuration property is
1070 * set to 1.
1071 */
1072 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
1073 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
1074 wpa_s->current_ssid->p2p_group) {
1075 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
1076 wpa_dbg(wpa_s, MSG_DEBUG,
1077 "P2P: Enable CLI Probe Request RX reporting");
1078 wpa_s->p2p_cli_probe =
1079 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
1080 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
1081 wpa_dbg(wpa_s, MSG_DEBUG,
1082 "P2P: Disable CLI Probe Request RX reporting");
1083 wpa_s->p2p_cli_probe = 0;
1084 wpa_drv_probe_req_report(wpa_s, 0);
1085 }
1086 }
1087 #endif /* CONFIG_P2P */
1088
1089 if (state != WPA_SCANNING)
1090 wpa_supplicant_notify_scanning(wpa_s, 0);
1091
1092 if (state == WPA_COMPLETED && wpa_s->new_connection) {
1093 struct wpa_ssid *ssid = wpa_s->current_ssid;
1094 int fils_hlp_sent = 0;
1095 char mld_addr[50];
1096
1097 mld_addr[0] = '\0';
1098 if (wpa_s->valid_links)
1099 os_snprintf(mld_addr, sizeof(mld_addr),
1100 " ap_mld_addr=" MACSTR,
1101 MAC2STR(wpa_s->ap_mld_addr));
1102
1103 #ifdef CONFIG_SME
1104 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1105 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
1106 fils_hlp_sent = 1;
1107 #endif /* CONFIG_SME */
1108 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1109 wpa_auth_alg_fils(wpa_s->auth_alg))
1110 fils_hlp_sent = 1;
1111
1112 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
1113 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1114 MACSTR " completed [id=%d id_str=%s%s]%s",
1115 MAC2STR(wpa_s->bssid),
1116 ssid ? ssid->id : -1,
1117 ssid && ssid->id_str ? ssid->id_str : "",
1118 fils_hlp_sent ? " FILS_HLP_SENT" : "", mld_addr);
1119 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1120 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1121 wpa_s->consecutive_conn_failures = 0;
1122 wpa_s->new_connection = 0;
1123 wpa_drv_set_operstate(wpa_s, 1);
1124 #ifndef IEEE8021X_EAPOL
1125 wpa_drv_set_supp_port(wpa_s, 1);
1126 #endif /* IEEE8021X_EAPOL */
1127 wpa_s->after_wps = 0;
1128 wpa_s->known_wps_freq = 0;
1129 wpas_p2p_completed(wpa_s);
1130
1131 sme_sched_obss_scan(wpa_s, 1);
1132
1133 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1134 if (!fils_hlp_sent && ssid && ssid->eap.erp)
1135 update_fils_connect_params = true;
1136 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1137 #ifdef CONFIG_OWE
1138 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1139 wpas_update_owe_connect_params(wpa_s);
1140 #endif /* CONFIG_OWE */
1141 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1142 state == WPA_ASSOCIATED) {
1143 wpa_s->new_connection = 1;
1144 wpa_drv_set_operstate(wpa_s, 0);
1145 #ifndef IEEE8021X_EAPOL
1146 wpa_drv_set_supp_port(wpa_s, 0);
1147 #endif /* IEEE8021X_EAPOL */
1148 sme_sched_obss_scan(wpa_s, 0);
1149 }
1150 wpa_s->wpa_state = state;
1151
1152 #ifdef CONFIG_BGSCAN
1153 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1154 wpa_supplicant_reset_bgscan(wpa_s);
1155 else if (state < WPA_ASSOCIATED)
1156 wpa_supplicant_stop_bgscan(wpa_s);
1157 #endif /* CONFIG_BGSCAN */
1158
1159 if (state > WPA_SCANNING)
1160 wpa_supplicant_stop_autoscan(wpa_s);
1161
1162 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1163 wpa_supplicant_start_autoscan(wpa_s);
1164
1165 if (state == WPA_COMPLETED || state == WPA_INTERFACE_DISABLED ||
1166 state == WPA_INACTIVE)
1167 wnm_btm_reset(wpa_s);
1168
1169 #ifndef CONFIG_NO_WMM_AC
1170 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1171 wmm_ac_notify_disassoc(wpa_s);
1172 #endif /* CONFIG_NO_WMM_AC */
1173
1174 if (wpa_s->wpa_state != old_state) {
1175 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1176
1177 /*
1178 * Notify the P2P Device interface about a state change in one
1179 * of the interfaces.
1180 */
1181 wpas_p2p_indicate_state_change(wpa_s);
1182
1183 if (wpa_s->wpa_state == WPA_COMPLETED ||
1184 old_state == WPA_COMPLETED)
1185 wpas_notify_auth_changed(wpa_s);
1186 #ifdef CONFIG_DPP2
1187 if (wpa_s->wpa_state == WPA_COMPLETED)
1188 wpas_dpp_connected(wpa_s);
1189 #endif /* CONFIG_DPP2 */
1190
1191 if (wpa_s->wpa_state == WPA_COMPLETED &&
1192 wpa_s->bigtk_set && !wpa_s->ssid_verified)
1193 wpas_verify_ssid_beacon_prot(wpa_s);
1194 }
1195 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1196 if (update_fils_connect_params)
1197 wpas_update_fils_connect_params(wpa_s);
1198 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1199 }
1200
1201
wpa_supplicant_terminate_proc(struct wpa_global * global)1202 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1203 {
1204 int pending = 0;
1205 #ifdef CONFIG_WPS
1206 struct wpa_supplicant *wpa_s = global->ifaces;
1207 while (wpa_s) {
1208 struct wpa_supplicant *next = wpa_s->next;
1209 if (wpas_wps_terminate_pending(wpa_s) == 1)
1210 pending = 1;
1211 #ifdef CONFIG_P2P
1212 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1213 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1214 wpas_p2p_disconnect(wpa_s);
1215 #endif /* CONFIG_P2P */
1216 wpa_s = next;
1217 }
1218 #endif /* CONFIG_WPS */
1219 if (pending)
1220 return;
1221 eloop_terminate();
1222 }
1223
1224
wpa_supplicant_terminate(int sig,void * signal_ctx)1225 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1226 {
1227 struct wpa_global *global = signal_ctx;
1228 wpa_supplicant_terminate_proc(global);
1229 }
1230
1231
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1232 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1233 {
1234 enum wpa_states old_state = wpa_s->wpa_state;
1235 enum wpa_states new_state;
1236
1237 if (old_state == WPA_SCANNING)
1238 new_state = WPA_SCANNING;
1239 else
1240 new_state = WPA_DISCONNECTED;
1241
1242 wpa_s->pairwise_cipher = 0;
1243 wpa_s->group_cipher = 0;
1244 wpa_s->mgmt_group_cipher = 0;
1245 wpa_s->key_mgmt = 0;
1246 wpa_s->allowed_key_mgmts = 0;
1247 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1248 wpa_supplicant_set_state(wpa_s, new_state);
1249
1250 if (wpa_s->wpa_state != old_state)
1251 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1252 }
1253
1254
1255 /**
1256 * wpa_supplicant_reload_configuration - Reload configuration data
1257 * @wpa_s: Pointer to wpa_supplicant data
1258 * Returns: 0 on success or -1 if configuration parsing failed
1259 *
1260 * This function can be used to request that the configuration data is reloaded
1261 * (e.g., after configuration file change). This function is reloading
1262 * configuration only for one interface, so this may need to be called multiple
1263 * times if %wpa_supplicant is controlling multiple interfaces and all
1264 * interfaces need reconfiguration.
1265 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1266 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1267 {
1268 struct wpa_config *conf;
1269 int reconf_ctrl;
1270 int old_ap_scan;
1271
1272 if (wpa_s->confname == NULL)
1273 return -1;
1274 conf = wpa_config_read(wpa_s->confname, NULL, false);
1275 if (conf == NULL) {
1276 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1277 "file '%s' - exiting", wpa_s->confname);
1278 return -1;
1279 }
1280 if (wpa_s->confanother &&
1281 !wpa_config_read(wpa_s->confanother, conf, true)) {
1282 wpa_msg(wpa_s, MSG_ERROR,
1283 "Failed to parse the configuration file '%s' - exiting",
1284 wpa_s->confanother);
1285 return -1;
1286 }
1287
1288 conf->changed_parameters = (unsigned int) -1;
1289
1290 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1291 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1292 os_strcmp(conf->ctrl_interface,
1293 wpa_s->conf->ctrl_interface) != 0);
1294
1295 if (reconf_ctrl) {
1296 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1297 wpa_s->ctrl_iface = NULL;
1298 }
1299
1300 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1301 if (wpa_s->current_ssid) {
1302 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1303 wpa_s->own_disconnect_req = 1;
1304 wpa_supplicant_deauthenticate(wpa_s,
1305 WLAN_REASON_DEAUTH_LEAVING);
1306 }
1307
1308 /*
1309 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1310 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1311 */
1312 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1313 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1314 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1315 /*
1316 * Clear forced success to clear EAP state for next
1317 * authentication.
1318 */
1319 eapol_sm_notify_eap_success(wpa_s->eapol, false);
1320 }
1321 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1322 wpa_sm_set_config(wpa_s->wpa, NULL);
1323 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1324 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1325 rsn_preauth_deinit(wpa_s->wpa);
1326
1327 old_ap_scan = wpa_s->conf->ap_scan;
1328 wpa_config_free(wpa_s->conf);
1329 wpa_s->conf = conf;
1330 if (old_ap_scan != wpa_s->conf->ap_scan)
1331 wpas_notify_ap_scan_changed(wpa_s);
1332
1333 if (reconf_ctrl)
1334 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1335
1336 wpa_supplicant_update_config(wpa_s);
1337
1338 wpa_supplicant_clear_status(wpa_s);
1339 if (wpa_supplicant_enabled_networks(wpa_s)) {
1340 wpa_s->reassociate = 1;
1341 wpa_supplicant_req_scan(wpa_s, 0, 0);
1342 }
1343 wpa_bssid_ignore_clear(wpa_s);
1344 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1345 return 0;
1346 }
1347
1348
wpa_supplicant_reconfig(int sig,void * signal_ctx)1349 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1350 {
1351 struct wpa_global *global = signal_ctx;
1352 struct wpa_supplicant *wpa_s;
1353 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1354 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1355 sig);
1356 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1357 wpa_supplicant_terminate_proc(global);
1358 }
1359 }
1360
1361 if (wpa_debug_reopen_file() < 0) {
1362 /* Ignore errors since we cannot really do much to fix this */
1363 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1364 }
1365 }
1366
1367
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1368 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1369 struct wpa_ssid *ssid,
1370 struct wpa_ie_data *ie)
1371 {
1372 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1373 if (ret) {
1374 if (ret == -2) {
1375 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1376 "from association info");
1377 }
1378 return -1;
1379 }
1380
1381 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1382 "cipher suites");
1383 if (!(ie->group_cipher & ssid->group_cipher)) {
1384 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1385 "cipher 0x%x (mask 0x%x) - reject",
1386 ie->group_cipher, ssid->group_cipher);
1387 return -1;
1388 }
1389 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1390 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1391 "cipher 0x%x (mask 0x%x) - reject",
1392 ie->pairwise_cipher, ssid->pairwise_cipher);
1393 return -1;
1394 }
1395 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1396 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1397 "management 0x%x (mask 0x%x) - reject",
1398 ie->key_mgmt, ssid->key_mgmt);
1399 return -1;
1400 }
1401
1402 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1403 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1404 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1405 "that does not support management frame protection - "
1406 "reject");
1407 return -1;
1408 }
1409
1410 return 0;
1411 }
1412
1413
matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1414 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1415 int freq)
1416 {
1417 if (!ie->has_group)
1418 ie->group_cipher = wpa_default_rsn_cipher(freq);
1419 if (!ie->has_pairwise)
1420 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1421 return (ie->group_cipher & ssid->group_cipher) &&
1422 (ie->pairwise_cipher & ssid->pairwise_cipher);
1423 }
1424
1425
wpas_set_mgmt_group_cipher(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1426 void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
1427 struct wpa_ssid *ssid, struct wpa_ie_data *ie)
1428 {
1429 int sel;
1430
1431 sel = ie->mgmt_group_cipher;
1432 if (ssid->group_mgmt_cipher)
1433 sel &= ssid->group_mgmt_cipher;
1434 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1435 !(ie->capabilities & WPA_CAPABILITY_MFPC))
1436 sel = 0;
1437 wpa_dbg(wpa_s, MSG_DEBUG,
1438 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1439 ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1440 if (sel & WPA_CIPHER_AES_128_CMAC) {
1441 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1442 wpa_dbg(wpa_s, MSG_DEBUG,
1443 "WPA: using MGMT group cipher AES-128-CMAC");
1444 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1445 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1446 wpa_dbg(wpa_s, MSG_DEBUG,
1447 "WPA: using MGMT group cipher BIP-GMAC-128");
1448 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1449 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1450 wpa_dbg(wpa_s, MSG_DEBUG,
1451 "WPA: using MGMT group cipher BIP-GMAC-256");
1452 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1453 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1454 wpa_dbg(wpa_s, MSG_DEBUG,
1455 "WPA: using MGMT group cipher BIP-CMAC-256");
1456 } else {
1457 wpa_s->mgmt_group_cipher = 0;
1458 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1459 }
1460 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1461 wpa_s->mgmt_group_cipher);
1462 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1463 wpas_get_ssid_pmf(wpa_s, ssid));
1464 }
1465
1466 /**
1467 * wpa_supplicant_get_psk - Get PSK from config or external database
1468 * @wpa_s: Pointer to wpa_supplicant data
1469 * @bss: Scan results for the selected BSS, or %NULL if not available
1470 * @ssid: Configuration data for the selected network
1471 * @psk: Buffer for the PSK
1472 * Returns: 0 on success or -1 if configuration parsing failed
1473 *
1474 * This function obtains the PSK for a network, either included inline in the
1475 * config or retrieved from an external database.
1476 */
wpa_supplicant_get_psk(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * psk)1477 static int wpa_supplicant_get_psk(struct wpa_supplicant *wpa_s,
1478 struct wpa_bss *bss, struct wpa_ssid *ssid,
1479 u8 *psk)
1480 {
1481 if (ssid->psk_set) {
1482 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1483 ssid->psk, PMK_LEN);
1484 os_memcpy(psk, ssid->psk, PMK_LEN);
1485 return 0;
1486 }
1487
1488 #ifndef CONFIG_NO_PBKDF2
1489 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && ssid->passphrase) {
1490 if (pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1491 4096, psk, PMK_LEN) != 0) {
1492 wpa_msg(wpa_s, MSG_WARNING, "Error in pbkdf2_sha1()");
1493 return -1;
1494 }
1495 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1496 psk, PMK_LEN);
1497 return 0;
1498 }
1499 #endif /* CONFIG_NO_PBKDF2 */
1500
1501 #ifdef CONFIG_EXT_PASSWORD
1502 if (ssid->ext_psk) {
1503 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1504 ssid->ext_psk);
1505 char pw_str[64 + 1];
1506
1507 if (!pw) {
1508 wpa_msg(wpa_s, MSG_INFO,
1509 "EXT PW: No PSK found from external storage");
1510 return -1;
1511 }
1512
1513 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1514 wpa_msg(wpa_s, MSG_INFO,
1515 "EXT PW: Unexpected PSK length %d in external storage",
1516 (int) wpabuf_len(pw));
1517 ext_password_free(pw);
1518 return -1;
1519 }
1520
1521 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1522 pw_str[wpabuf_len(pw)] = '\0';
1523
1524 #ifndef CONFIG_NO_PBKDF2
1525 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1526 {
1527 if (pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1528 4096, psk, PMK_LEN) != 0) {
1529 wpa_msg(wpa_s, MSG_WARNING,
1530 "Error in pbkdf2_sha1()");
1531 forced_memzero(pw_str, sizeof(pw_str));
1532 ext_password_free(pw);
1533 return -1;
1534 }
1535 wpa_hexdump_key(MSG_MSGDUMP,
1536 "PSK (from external passphrase)",
1537 psk, PMK_LEN);
1538 } else
1539 #endif /* CONFIG_NO_PBKDF2 */
1540 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1541 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1542 wpa_msg(wpa_s, MSG_INFO,
1543 "EXT PW: Invalid PSK hex string");
1544 forced_memzero(pw_str, sizeof(pw_str));
1545 ext_password_free(pw);
1546 return -1;
1547 }
1548 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from external PSK)",
1549 psk, PMK_LEN);
1550 } else {
1551 wpa_msg(wpa_s, MSG_INFO,
1552 "EXT PW: No suitable PSK available");
1553 forced_memzero(pw_str, sizeof(pw_str));
1554 ext_password_free(pw);
1555 return -1;
1556 }
1557
1558 forced_memzero(pw_str, sizeof(pw_str));
1559 ext_password_free(pw);
1560
1561 return 0;
1562 }
1563 #endif /* CONFIG_EXT_PASSWORD */
1564
1565 return -1;
1566 }
1567
1568
wpas_update_allowed_key_mgmt(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)1569 static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s,
1570 struct wpa_ssid *ssid)
1571 {
1572 int akm_count = wpa_s->max_num_akms;
1573 u8 capab = 0;
1574
1575 if (akm_count < 2)
1576 return;
1577
1578 akm_count--;
1579 wpa_s->allowed_key_mgmts = 0;
1580 switch (wpa_s->key_mgmt) {
1581 case WPA_KEY_MGMT_PSK:
1582 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1583 akm_count--;
1584 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1585 }
1586 if (!akm_count)
1587 break;
1588 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1589 akm_count--;
1590 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1591 }
1592 if (!akm_count)
1593 break;
1594 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1595 wpa_s->allowed_key_mgmts |=
1596 WPA_KEY_MGMT_PSK_SHA256;
1597 break;
1598 case WPA_KEY_MGMT_PSK_SHA256:
1599 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1600 akm_count--;
1601 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1602 }
1603 if (!akm_count)
1604 break;
1605 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1606 akm_count--;
1607 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1608 }
1609 if (!akm_count)
1610 break;
1611 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
1612 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1613 break;
1614 case WPA_KEY_MGMT_SAE:
1615 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1616 akm_count--;
1617 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1618 }
1619 if (!akm_count)
1620 break;
1621 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1622 akm_count--;
1623 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1624 }
1625 if (!akm_count)
1626 break;
1627 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1628 wpa_s->allowed_key_mgmts |=
1629 WPA_KEY_MGMT_PSK_SHA256;
1630 break;
1631 case WPA_KEY_MGMT_SAE_EXT_KEY:
1632 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1633 akm_count--;
1634 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1635 }
1636 if (!akm_count)
1637 break;
1638 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1639 akm_count--;
1640 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1641 }
1642 if (!akm_count)
1643 break;
1644 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1645 wpa_s->allowed_key_mgmts |=
1646 WPA_KEY_MGMT_PSK_SHA256;
1647 break;
1648 default:
1649 return;
1650 }
1651
1652 if (wpa_s->conf->sae_pwe != SAE_PWE_HUNT_AND_PECK &&
1653 wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
1654 capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
1655 #ifdef CONFIG_SAE_PK
1656 if (ssid->sae_pk)
1657 capab |= BIT(WLAN_RSNX_CAPAB_SAE_PK);
1658 #endif /* CONFIG_SAE_PK */
1659
1660 if (!((wpa_s->allowed_key_mgmts &
1661 (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY)) && capab))
1662 return;
1663
1664 if (!wpa_s->rsnxe_len) {
1665 wpa_s->rsnxe_len = 3;
1666 wpa_s->rsnxe[0] = WLAN_EID_RSNX;
1667 wpa_s->rsnxe[1] = 1;
1668 wpa_s->rsnxe[2] = 0;
1669 }
1670
1671 wpa_s->rsnxe[2] |= capab;
1672 }
1673
1674
1675 /**
1676 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1677 * @wpa_s: Pointer to wpa_supplicant data
1678 * @bss: Scan results for the selected BSS, or %NULL if not available
1679 * @ssid: Configuration data for the selected network
1680 * @wpa_ie: Buffer for the WPA/RSN IE
1681 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1682 * used buffer length in case the functions returns success.
1683 * @skip_default_rsne: Whether to skip setting of the default RSNE/RSNXE
1684 * Returns: 0 on success or -1 on failure
1685 *
1686 * This function is used to configure authentication and encryption parameters
1687 * based on the network configuration and scan result for the selected BSS (if
1688 * available).
1689 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len,bool skip_default_rsne)1690 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1691 struct wpa_bss *bss, struct wpa_ssid *ssid,
1692 u8 *wpa_ie, size_t *wpa_ie_len,
1693 bool skip_default_rsne)
1694 {
1695 struct wpa_ie_data ie;
1696 int sel, proto;
1697 enum sae_pwe sae_pwe;
1698 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1699 bool wmm;
1700
1701 if (bss) {
1702 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1703 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1704 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1705 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1706 } else {
1707 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1708 }
1709
1710 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1711 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1712 matching_ciphers(ssid, &ie, bss->freq) &&
1713 (ie.key_mgmt & ssid->key_mgmt)) {
1714 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1715 proto = WPA_PROTO_RSN;
1716 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1717 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1718 (ie.group_cipher & ssid->group_cipher) &&
1719 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1720 (ie.key_mgmt & ssid->key_mgmt)) {
1721 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1722 proto = WPA_PROTO_WPA;
1723 #ifdef CONFIG_HS20
1724 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1725 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1726 (ie.group_cipher & ssid->group_cipher) &&
1727 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1728 (ie.key_mgmt & ssid->key_mgmt)) {
1729 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1730 proto = WPA_PROTO_OSEN;
1731 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1732 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1733 (ie.group_cipher & ssid->group_cipher) &&
1734 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1735 (ie.key_mgmt & ssid->key_mgmt)) {
1736 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1737 proto = WPA_PROTO_RSN;
1738 #endif /* CONFIG_HS20 */
1739 } else if (bss) {
1740 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1741 wpa_dbg(wpa_s, MSG_DEBUG,
1742 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1743 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1744 ssid->key_mgmt);
1745 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1746 MAC2STR(bss->bssid),
1747 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1748 bss_wpa ? " WPA" : "",
1749 bss_rsn ? " RSN" : "",
1750 bss_osen ? " OSEN" : "");
1751 if (bss_rsn) {
1752 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1753 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1754 wpa_dbg(wpa_s, MSG_DEBUG,
1755 "Could not parse RSN element");
1756 } else {
1757 wpa_dbg(wpa_s, MSG_DEBUG,
1758 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1759 ie.pairwise_cipher, ie.group_cipher,
1760 ie.key_mgmt);
1761 }
1762 }
1763 if (bss_wpa) {
1764 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1765 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1766 wpa_dbg(wpa_s, MSG_DEBUG,
1767 "Could not parse WPA element");
1768 } else {
1769 wpa_dbg(wpa_s, MSG_DEBUG,
1770 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1771 ie.pairwise_cipher, ie.group_cipher,
1772 ie.key_mgmt);
1773 }
1774 }
1775 return -1;
1776 } else {
1777 if (ssid->proto & WPA_PROTO_OSEN)
1778 proto = WPA_PROTO_OSEN;
1779 else if (ssid->proto & WPA_PROTO_RSN)
1780 proto = WPA_PROTO_RSN;
1781 else
1782 proto = WPA_PROTO_WPA;
1783 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1784 os_memset(&ie, 0, sizeof(ie));
1785 ie.group_cipher = ssid->group_cipher;
1786 ie.pairwise_cipher = ssid->pairwise_cipher;
1787 ie.key_mgmt = ssid->key_mgmt;
1788 ie.mgmt_group_cipher = 0;
1789 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1790 if (ssid->group_mgmt_cipher &
1791 WPA_CIPHER_BIP_GMAC_256)
1792 ie.mgmt_group_cipher =
1793 WPA_CIPHER_BIP_GMAC_256;
1794 else if (ssid->group_mgmt_cipher &
1795 WPA_CIPHER_BIP_CMAC_256)
1796 ie.mgmt_group_cipher =
1797 WPA_CIPHER_BIP_CMAC_256;
1798 else if (ssid->group_mgmt_cipher &
1799 WPA_CIPHER_BIP_GMAC_128)
1800 ie.mgmt_group_cipher =
1801 WPA_CIPHER_BIP_GMAC_128;
1802 else
1803 ie.mgmt_group_cipher =
1804 WPA_CIPHER_AES_128_CMAC;
1805 }
1806 #ifdef CONFIG_OWE
1807 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1808 !ssid->owe_only &&
1809 !bss_wpa && !bss_rsn && !bss_osen) {
1810 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1811 wpa_s->wpa_proto = 0;
1812 *wpa_ie_len = 0;
1813 return 0;
1814 }
1815 #endif /* CONFIG_OWE */
1816 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1817 "based on configuration");
1818 } else
1819 proto = ie.proto;
1820 }
1821
1822 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1823 "pairwise %d key_mgmt %d proto %d",
1824 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1825 if (ssid->ieee80211w) {
1826 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1827 ie.mgmt_group_cipher);
1828 }
1829
1830 wpa_s->wpa_proto = proto;
1831 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1832 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1833 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1834
1835 if (bss || !wpa_s->ap_ies_from_associnfo) {
1836 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1837 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1838 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1839 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1840 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1841 bss_rsnx ? 2 + bss_rsnx[1] : 0))
1842 return -1;
1843 }
1844
1845 #ifdef CONFIG_NO_WPA
1846 wpa_s->group_cipher = WPA_CIPHER_NONE;
1847 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1848 #else /* CONFIG_NO_WPA */
1849 sel = ie.group_cipher & ssid->group_cipher;
1850 wpa_dbg(wpa_s, MSG_DEBUG,
1851 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1852 ie.group_cipher, ssid->group_cipher, sel);
1853 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1854 if (wpa_s->group_cipher < 0) {
1855 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1856 "cipher");
1857 return -1;
1858 }
1859 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1860 wpa_cipher_txt(wpa_s->group_cipher));
1861
1862 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1863 wpa_dbg(wpa_s, MSG_DEBUG,
1864 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1865 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1866 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1867 if (wpa_s->pairwise_cipher < 0) {
1868 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1869 "cipher");
1870 return -1;
1871 }
1872 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1873 wpa_cipher_txt(wpa_s->pairwise_cipher));
1874 #endif /* CONFIG_NO_WPA */
1875
1876 sel = ie.key_mgmt & ssid->key_mgmt;
1877 #ifdef CONFIG_SAE
1878 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) &&
1879 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA)) ||
1880 wpas_is_sae_avoided(wpa_s, ssid, &ie))
1881 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY |
1882 WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY);
1883 #endif /* CONFIG_SAE */
1884 #ifdef CONFIG_IEEE80211R
1885 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1886 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1887 sel &= ~WPA_KEY_MGMT_FT;
1888 #endif /* CONFIG_IEEE80211R */
1889 wpa_dbg(wpa_s, MSG_DEBUG,
1890 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1891 ie.key_mgmt, ssid->key_mgmt, sel);
1892 if (0) {
1893 #ifdef CONFIG_IEEE80211R
1894 #ifdef CONFIG_SHA384
1895 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1896 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1897 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1898 wpa_dbg(wpa_s, MSG_DEBUG,
1899 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1900 if (!ssid->ft_eap_pmksa_caching &&
1901 pmksa_cache_get_current(wpa_s->wpa)) {
1902 /* PMKSA caching with FT may have interoperability
1903 * issues, so disable that case by default for now. */
1904 wpa_dbg(wpa_s, MSG_DEBUG,
1905 "WPA: Disable PMKSA caching for FT/802.1X connection");
1906 pmksa_cache_clear_current(wpa_s->wpa);
1907 }
1908 #endif /* CONFIG_SHA384 */
1909 #endif /* CONFIG_IEEE80211R */
1910 #ifdef CONFIG_SUITEB192
1911 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1912 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1913 wpa_dbg(wpa_s, MSG_DEBUG,
1914 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1915 #endif /* CONFIG_SUITEB192 */
1916 #ifdef CONFIG_SUITEB
1917 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1918 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1919 wpa_dbg(wpa_s, MSG_DEBUG,
1920 "WPA: using KEY_MGMT 802.1X with Suite B");
1921 #endif /* CONFIG_SUITEB */
1922 #ifdef CONFIG_SHA384
1923 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA384) {
1924 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA384;
1925 wpa_dbg(wpa_s, MSG_DEBUG,
1926 "WPA: using KEY_MGMT 802.1X with SHA384");
1927 #endif /* CONFIG_SHA384 */
1928 #ifdef CONFIG_FILS
1929 #ifdef CONFIG_IEEE80211R
1930 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1931 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1932 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1933 #endif /* CONFIG_IEEE80211R */
1934 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1935 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1936 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1937 #ifdef CONFIG_IEEE80211R
1938 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1939 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1940 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1941 #endif /* CONFIG_IEEE80211R */
1942 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1943 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1944 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1945 #endif /* CONFIG_FILS */
1946 #ifdef CONFIG_IEEE80211R
1947 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1948 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1949 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1950 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1951 if (!ssid->ft_eap_pmksa_caching &&
1952 pmksa_cache_get_current(wpa_s->wpa)) {
1953 /* PMKSA caching with FT may have interoperability
1954 * issues, so disable that case by default for now. */
1955 wpa_dbg(wpa_s, MSG_DEBUG,
1956 "WPA: Disable PMKSA caching for FT/802.1X connection");
1957 pmksa_cache_clear_current(wpa_s->wpa);
1958 }
1959 #endif /* CONFIG_IEEE80211R */
1960 #ifdef CONFIG_DPP
1961 } else if (sel & WPA_KEY_MGMT_DPP) {
1962 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1963 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1964 #endif /* CONFIG_DPP */
1965 #ifdef CONFIG_SAE
1966 } else if (sel & WPA_KEY_MGMT_FT_SAE_EXT_KEY) {
1967 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY;
1968 wpa_dbg(wpa_s, MSG_DEBUG,
1969 "RSN: using KEY_MGMT FT/SAE (ext key)");
1970 } else if (sel & WPA_KEY_MGMT_SAE_EXT_KEY) {
1971 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
1972 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE (ext key)");
1973 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1974 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1975 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1976 } else if (sel & WPA_KEY_MGMT_SAE) {
1977 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1978 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1979 #endif /* CONFIG_SAE */
1980 #ifdef CONFIG_IEEE80211R
1981 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1982 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1983 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1984 #endif /* CONFIG_IEEE80211R */
1985 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1986 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1987 wpa_dbg(wpa_s, MSG_DEBUG,
1988 "WPA: using KEY_MGMT 802.1X with SHA256");
1989 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1990 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1991 wpa_dbg(wpa_s, MSG_DEBUG,
1992 "WPA: using KEY_MGMT PSK with SHA256");
1993 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1994 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1995 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1996 } else if (sel & WPA_KEY_MGMT_PSK) {
1997 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1998 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1999 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
2000 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
2001 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
2002 #ifdef CONFIG_HS20
2003 } else if (sel & WPA_KEY_MGMT_OSEN) {
2004 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
2005 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
2006 #endif /* CONFIG_HS20 */
2007 #ifdef CONFIG_OWE
2008 } else if (sel & WPA_KEY_MGMT_OWE) {
2009 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
2010 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
2011 #endif /* CONFIG_OWE */
2012 } else {
2013 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
2014 "authenticated key management type");
2015 return -1;
2016 }
2017
2018 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
2019 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
2020 wpa_s->pairwise_cipher);
2021 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
2022
2023 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
2024 (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED ||
2025 (bss && is_6ghz_freq(bss->freq)))) {
2026 wpa_msg(wpa_s, MSG_INFO,
2027 "RSN: Management frame protection required but the selected AP does not enable it");
2028 return -1;
2029 }
2030
2031 wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie);
2032 #ifdef CONFIG_OCV
2033 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
2034 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
2035 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
2036 #endif /* CONFIG_OCV */
2037 sae_pwe = wpa_s->conf->sae_pwe;
2038 if ((ssid->sae_password_id ||
2039 wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) &&
2040 sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
2041 sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
2042 if (bss && is_6ghz_freq(bss->freq) &&
2043 sae_pwe == SAE_PWE_HUNT_AND_PECK) {
2044 wpa_dbg(wpa_s, MSG_DEBUG,
2045 "RSN: Enable SAE hash-to-element mode for 6 GHz BSS");
2046 sae_pwe = SAE_PWE_BOTH;
2047 }
2048 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
2049 #ifdef CONFIG_SAE_PK
2050 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
2051 wpa_key_mgmt_sae(ssid->key_mgmt) &&
2052 ssid->sae_pk != SAE_PK_MODE_DISABLED &&
2053 ((ssid->sae_password &&
2054 sae_pk_valid_password(ssid->sae_password)) ||
2055 (!ssid->sae_password && ssid->passphrase &&
2056 sae_pk_valid_password(ssid->passphrase))));
2057 #endif /* CONFIG_SAE_PK */
2058 if (bss && is_6ghz_freq(bss->freq) &&
2059 wpas_get_ssid_pmf(wpa_s, ssid) != MGMT_FRAME_PROTECTION_REQUIRED) {
2060 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Force MFPR=1 on 6 GHz");
2061 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
2062 MGMT_FRAME_PROTECTION_REQUIRED);
2063 }
2064 #ifdef CONFIG_TESTING_OPTIONS
2065 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
2066 wpa_s->ft_rsnxe_used);
2067 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
2068 wpa_s->oci_freq_override_eapol);
2069 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
2070 wpa_s->oci_freq_override_eapol_g2);
2071 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
2072 wpa_s->oci_freq_override_ft_assoc);
2073 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
2074 wpa_s->oci_freq_override_fils_assoc);
2075 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DISABLE_EAPOL_G2_TX,
2076 wpa_s->disable_eapol_g2_tx);
2077 #endif /* CONFIG_TESTING_OPTIONS */
2078
2079 /* Extended Key ID is only supported in infrastructure BSS so far */
2080 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
2081 (ssid->proto & WPA_PROTO_RSN) &&
2082 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
2083 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
2084 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
2085 int use_ext_key_id = 0;
2086
2087 wpa_msg(wpa_s, MSG_DEBUG,
2088 "WPA: Enable Extended Key ID support");
2089 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
2090 wpa_s->conf->extended_key_id);
2091 if (bss_rsn &&
2092 wpa_s->conf->extended_key_id &&
2093 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
2094 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
2095 use_ext_key_id = 1;
2096 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
2097 use_ext_key_id);
2098 } else {
2099 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
2100 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
2101 }
2102
2103 /* Mark WMM enabled for any HT/VHT/HE/EHT association to get more
2104 * appropriate advertisement of the supported number of PTKSA receive
2105 * counters. In theory, this could be based on a driver capability, but
2106 * in practice all cases using WMM support at least eight replay
2107 * counters, so use a hardcoded value for now since there is no explicit
2108 * driver capability indication for this.
2109 *
2110 * In addition, claim WMM to be enabled if the AP supports it since it
2111 * is far more likely for any current device to support WMM. */
2112 wmm = wpa_s->connection_set &&
2113 (wpa_s->connection_ht || wpa_s->connection_vht ||
2114 wpa_s->connection_he || wpa_s->connection_eht);
2115 if (!wmm && bss)
2116 wmm = !!wpa_bss_get_vendor_ie(bss, WMM_IE_VENDOR_TYPE);
2117 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_WMM_ENABLED, wmm);
2118
2119 if (ssid->ssid_protection && proto == WPA_PROTO_RSN) {
2120 bool ssid_prot;
2121
2122 /* Enable SSID protection based on the AP advertising support
2123 * for it to avoid potential interoperability issues with
2124 * incorrect AP behavior if we were to send an "unexpected"
2125 * RSNXE with multiple octets of payload. */
2126 ssid_prot = ieee802_11_rsnx_capab(
2127 bss_rsnx, WLAN_RSNX_CAPAB_SSID_PROTECTION);
2128 if (!skip_default_rsne)
2129 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION,
2130 proto == WPA_PROTO_RSN && ssid_prot);
2131 } else {
2132 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, false);
2133 }
2134
2135 if (!skip_default_rsne) {
2136 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie,
2137 wpa_ie_len)) {
2138 wpa_msg(wpa_s, MSG_WARNING,
2139 "RSN: Failed to generate RSNE/WPA IE");
2140 return -1;
2141 }
2142
2143 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
2144 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
2145 &wpa_s->rsnxe_len)) {
2146 wpa_msg(wpa_s, MSG_WARNING,
2147 "RSN: Failed to generate RSNXE");
2148 return -1;
2149 }
2150 }
2151
2152 if (0) {
2153 #ifdef CONFIG_DPP
2154 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
2155 /* Use PMK from DPP network introduction (PMKSA entry) */
2156 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2157 #ifdef CONFIG_DPP2
2158 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
2159 #endif /* CONFIG_DPP2 */
2160 #endif /* CONFIG_DPP */
2161 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
2162 int psk_set = 0;
2163
2164 if (wpa_key_mgmt_wpa_psk_no_sae(ssid->key_mgmt)) {
2165 u8 psk[PMK_LEN];
2166
2167 if (wpa_supplicant_get_psk(wpa_s, bss, ssid,
2168 psk) == 0) {
2169 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
2170 NULL);
2171 psk_set = 1;
2172 }
2173 forced_memzero(psk, sizeof(psk));
2174 }
2175
2176 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
2177 (ssid->sae_password || ssid->passphrase || ssid->ext_psk))
2178 psk_set = 1;
2179
2180 if (!psk_set) {
2181 wpa_msg(wpa_s, MSG_INFO,
2182 "No PSK available for association");
2183 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE", NULL);
2184 return -1;
2185 }
2186 #ifdef CONFIG_OWE
2187 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
2188 /* OWE Diffie-Hellman exchange in (Re)Association
2189 * Request/Response frames set the PMK, so do not override it
2190 * here. */
2191 #endif /* CONFIG_OWE */
2192 } else
2193 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2194
2195 if (ssid->mode != WPAS_MODE_IBSS &&
2196 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
2197 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
2198 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
2199 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
2200 wpa_msg(wpa_s, MSG_INFO,
2201 "Disable PTK0 rekey support - replaced with reconnect");
2202 wpa_s->deny_ptk0_rekey = 1;
2203 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
2204 } else {
2205 wpa_s->deny_ptk0_rekey = 0;
2206 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
2207 }
2208
2209 if (wpa_key_mgmt_cross_akm(wpa_s->key_mgmt) &&
2210 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
2211 wpas_update_allowed_key_mgmt(wpa_s, ssid);
2212
2213 return 0;
2214 }
2215
2216
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx,struct wpa_bss * bss)2217 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx,
2218 struct wpa_bss *bss)
2219 {
2220 #ifndef CONFIG_NO_ROBUST_AV
2221 bool scs = true, mscs = true;
2222 #endif /* CONFIG_NO_ROBUST_AV */
2223
2224 *pos = 0x00;
2225
2226 switch (idx) {
2227 case 0: /* Bits 0-7 */
2228 break;
2229 case 1: /* Bits 8-15 */
2230 if (wpa_s->conf->coloc_intf_reporting) {
2231 /* Bit 13 - Collocated Interference Reporting */
2232 *pos |= 0x20;
2233 }
2234 break;
2235 case 2: /* Bits 16-23 */
2236 #ifdef CONFIG_WNM
2237 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2238 if ((wpas_driver_bss_selection(wpa_s) ||
2239 !wpa_s->disable_mbo_oce) &&
2240 !wpa_s->conf->disable_btm)
2241 *pos |= 0x08; /* Bit 19 - BSS Transition */
2242 #endif /* CONFIG_WNM */
2243 break;
2244 case 3: /* Bits 24-31 */
2245 #ifdef CONFIG_WNM
2246 *pos |= 0x02; /* Bit 25 - SSID List */
2247 #endif /* CONFIG_WNM */
2248 #ifdef CONFIG_INTERWORKING
2249 if (wpa_s->conf->interworking)
2250 *pos |= 0x80; /* Bit 31 - Interworking */
2251 #endif /* CONFIG_INTERWORKING */
2252 break;
2253 case 4: /* Bits 32-39 */
2254 #ifdef CONFIG_INTERWORKING
2255 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
2256 *pos |= 0x01; /* Bit 32 - QoS Map */
2257 #endif /* CONFIG_INTERWORKING */
2258 break;
2259 case 5: /* Bits 40-47 */
2260 #ifdef CONFIG_HS20
2261 if (wpa_s->conf->hs20)
2262 *pos |= 0x40; /* Bit 46 - WNM-Notification */
2263 #endif /* CONFIG_HS20 */
2264 #ifdef CONFIG_MBO
2265 *pos |= 0x40; /* Bit 46 - WNM-Notification */
2266 #endif /* CONFIG_MBO */
2267 break;
2268 case 6: /* Bits 48-55 */
2269 #ifndef CONFIG_NO_ROBUST_AV
2270 #ifdef CONFIG_TESTING_OPTIONS
2271 if (wpa_s->disable_scs_support)
2272 scs = false;
2273 #endif /* CONFIG_TESTING_OPTIONS */
2274 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_SCS)) {
2275 /* Drop own SCS capability indication since the AP does
2276 * not support it. This is needed to avoid
2277 * interoperability issues with APs that get confused
2278 * with Extended Capabilities element. */
2279 scs = false;
2280 }
2281 if (scs)
2282 *pos |= 0x40; /* Bit 54 - SCS */
2283 #endif /* CONFIG_NO_ROBUST_AV */
2284 break;
2285 case 7: /* Bits 56-63 */
2286 break;
2287 case 8: /* Bits 64-71 */
2288 if (wpa_s->conf->ftm_responder)
2289 *pos |= 0x40; /* Bit 70 - FTM responder */
2290 if (wpa_s->conf->ftm_initiator)
2291 *pos |= 0x80; /* Bit 71 - FTM initiator */
2292 break;
2293 case 9: /* Bits 72-79 */
2294 #ifdef CONFIG_FILS
2295 if (!wpa_s->disable_fils)
2296 *pos |= 0x01;
2297 #endif /* CONFIG_FILS */
2298 break;
2299 case 10: /* Bits 80-87 */
2300 #ifndef CONFIG_NO_ROBUST_AV
2301 #ifdef CONFIG_TESTING_OPTIONS
2302 if (wpa_s->disable_mscs_support)
2303 mscs = false;
2304 #endif /* CONFIG_TESTING_OPTIONS */
2305 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS)) {
2306 /* Drop own MSCS capability indication since the AP does
2307 * not support it. This is needed to avoid
2308 * interoperability issues with APs that get confused
2309 * with Extended Capabilities element. */
2310 mscs = false;
2311 }
2312 if (mscs)
2313 *pos |= 0x20; /* Bit 85 - Mirrored SCS */
2314 #endif /* CONFIG_NO_ROBUST_AV */
2315 break;
2316 }
2317 }
2318
2319
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen,struct wpa_bss * bss)2320 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf,
2321 size_t buflen, struct wpa_bss *bss)
2322 {
2323 u8 *pos = buf;
2324 u8 len = 11, i;
2325
2326 if (len < wpa_s->extended_capa_len)
2327 len = wpa_s->extended_capa_len;
2328 if (buflen < (size_t) len + 2) {
2329 wpa_printf(MSG_INFO,
2330 "Not enough room for building extended capabilities element");
2331 return -1;
2332 }
2333
2334 *pos++ = WLAN_EID_EXT_CAPAB;
2335 *pos++ = len;
2336 for (i = 0; i < len; i++, pos++) {
2337 wpas_ext_capab_byte(wpa_s, pos, i, bss);
2338
2339 if (i < wpa_s->extended_capa_len) {
2340 *pos &= ~wpa_s->extended_capa_mask[i];
2341 *pos |= wpa_s->extended_capa[i];
2342 }
2343 }
2344
2345 while (len > 0 && buf[1 + len] == 0) {
2346 len--;
2347 buf[1] = len;
2348 }
2349 if (len == 0)
2350 return 0;
2351
2352 return 2 + len;
2353 }
2354
2355
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)2356 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
2357 struct wpa_bss *test_bss)
2358 {
2359 struct wpa_bss *bss;
2360
2361 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2362 if (bss == test_bss)
2363 return 1;
2364 }
2365
2366 return 0;
2367 }
2368
2369
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)2370 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
2371 struct wpa_ssid *test_ssid)
2372 {
2373 struct wpa_ssid *ssid;
2374
2375 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2376 if (ssid == test_ssid)
2377 return 1;
2378 }
2379
2380 return 0;
2381 }
2382
2383
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2384 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2385 struct wpa_ssid *test_ssid)
2386 {
2387 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2388 return 0;
2389
2390 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2391 }
2392
2393
wpas_connect_work_free(struct wpa_connect_work * cwork)2394 void wpas_connect_work_free(struct wpa_connect_work *cwork)
2395 {
2396 if (cwork == NULL)
2397 return;
2398 os_free(cwork);
2399 }
2400
2401
wpas_connect_work_done(struct wpa_supplicant * wpa_s)2402 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2403 {
2404 struct wpa_connect_work *cwork;
2405 struct wpa_radio_work *work = wpa_s->connect_work;
2406
2407 if (!work)
2408 return;
2409
2410 wpa_s->connect_work = NULL;
2411 cwork = work->ctx;
2412 work->ctx = NULL;
2413 wpas_connect_work_free(cwork);
2414 radio_work_done(work);
2415 }
2416
2417
wpas_update_random_addr(struct wpa_supplicant * wpa_s,enum wpas_mac_addr_style style,struct wpa_ssid * ssid)2418 int wpas_update_random_addr(struct wpa_supplicant *wpa_s,
2419 enum wpas_mac_addr_style style,
2420 struct wpa_ssid *ssid)
2421 {
2422 struct os_reltime now;
2423 u8 addr[ETH_ALEN];
2424
2425 os_get_reltime(&now);
2426 /* Random addresses are valid within a given ESS so check
2427 * expiration/value only when continuing to use the same ESS. */
2428 if (wpa_s->last_mac_addr_style == style && wpa_s->reassoc_same_ess) {
2429 if (style == WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS) {
2430 /* Pregenerated addresses do not expire but their value
2431 * might have changed, so let's check that. */
2432 if (ether_addr_equal(wpa_s->own_addr, ssid->mac_value))
2433 return 0;
2434 } else if ((wpa_s->last_mac_addr_change.sec != 0 ||
2435 wpa_s->last_mac_addr_change.usec != 0) &&
2436 !os_reltime_expired(
2437 &now,
2438 &wpa_s->last_mac_addr_change,
2439 wpa_s->conf->rand_addr_lifetime)) {
2440 wpa_msg(wpa_s, MSG_DEBUG,
2441 "Previously selected random MAC address has not yet expired");
2442 return 0;
2443 }
2444 }
2445
2446 switch (style) {
2447 case WPAS_MAC_ADDR_STYLE_RANDOM:
2448 if (random_mac_addr(addr) < 0)
2449 return -1;
2450 break;
2451 case WPAS_MAC_ADDR_STYLE_RANDOM_SAME_OUI:
2452 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2453 if (random_mac_addr_keep_oui(addr) < 0)
2454 return -1;
2455 break;
2456 case WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS:
2457 if (!ssid) {
2458 wpa_msg(wpa_s, MSG_INFO,
2459 "Invalid 'ssid' for address policy 3");
2460 return -1;
2461 }
2462 os_memcpy(addr, ssid->mac_value, ETH_ALEN);
2463 break;
2464 default:
2465 return -1;
2466 }
2467
2468 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2469 wpa_msg(wpa_s, MSG_INFO,
2470 "Failed to set random MAC address");
2471 return -1;
2472 }
2473
2474 os_get_reltime(&wpa_s->last_mac_addr_change);
2475 wpa_s->mac_addr_changed = 1;
2476 wpa_s->last_mac_addr_style = style;
2477
2478 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2479 wpa_msg(wpa_s, MSG_INFO,
2480 "Could not update MAC address information");
2481 return -1;
2482 }
2483
2484 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2485 MAC2STR(addr));
2486
2487 return 1;
2488 }
2489
2490
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2491 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2492 {
2493 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2494 !wpa_s->conf->preassoc_mac_addr)
2495 return 0;
2496
2497 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr,
2498 NULL);
2499 }
2500
2501
wpa_s_setup_sae_pt(struct wpa_config * conf,struct wpa_ssid * ssid,bool force)2502 void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid,
2503 bool force)
2504 {
2505 #ifdef CONFIG_SAE
2506 int *groups = conf->sae_groups;
2507 int default_groups[] = { 19, 20, 21, 0 };
2508 const char *password;
2509
2510 if (!groups || groups[0] <= 0)
2511 groups = default_groups;
2512
2513 password = ssid->sae_password;
2514 if (!password)
2515 password = ssid->passphrase;
2516
2517 if (!password ||
2518 !wpa_key_mgmt_sae(ssid->key_mgmt) ||
2519 (conf->sae_pwe == SAE_PWE_HUNT_AND_PECK && !ssid->sae_password_id &&
2520 !wpa_key_mgmt_sae_ext_key(ssid->key_mgmt) &&
2521 !force &&
2522 !sae_pk_valid_password(password)) ||
2523 conf->sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK) {
2524 /* PT derivation not needed */
2525 sae_deinit_pt(ssid->pt);
2526 ssid->pt = NULL;
2527 return;
2528 }
2529
2530 if (ssid->pt)
2531 return; /* PT already derived */
2532 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2533 (const u8 *) password, os_strlen(password),
2534 ssid->sae_password_id);
2535 #endif /* CONFIG_SAE */
2536 }
2537
2538
wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2539 void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2540 {
2541 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2542 os_free(wpa_s->sme.sae_rejected_groups);
2543 wpa_s->sme.sae_rejected_groups = NULL;
2544 #ifdef CONFIG_TESTING_OPTIONS
2545 if (wpa_s->extra_sae_rejected_groups) {
2546 int i, *groups = wpa_s->extra_sae_rejected_groups;
2547
2548 for (i = 0; groups[i]; i++) {
2549 wpa_printf(MSG_DEBUG,
2550 "TESTING: Indicate rejection of an extra SAE group %d",
2551 groups[i]);
2552 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2553 groups[i]);
2554 }
2555 }
2556 #endif /* CONFIG_TESTING_OPTIONS */
2557 #endif /* CONFIG_SAE && CONFIG_SME */
2558 }
2559
2560
wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2561 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2562 {
2563 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2564 wpa_msg(wpa_s, MSG_INFO,
2565 "Could not restore permanent MAC address");
2566 return -1;
2567 }
2568 wpa_s->mac_addr_changed = 0;
2569 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2570 wpa_msg(wpa_s, MSG_INFO,
2571 "Could not update MAC address information");
2572 return -1;
2573 }
2574 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2575 return 0;
2576 }
2577
2578
2579 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2580
2581 /**
2582 * wpa_supplicant_associate - Request association
2583 * @wpa_s: Pointer to wpa_supplicant data
2584 * @bss: Scan results for the selected BSS, or %NULL if not available
2585 * @ssid: Configuration data for the selected network
2586 *
2587 * This function is used to request %wpa_supplicant to associate with a BSS.
2588 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2589 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2590 struct wpa_bss *bss, struct wpa_ssid *ssid)
2591 {
2592 bool clear_rejected = true;
2593 struct wpa_connect_work *cwork;
2594 enum wpas_mac_addr_style rand_style;
2595
2596 wpa_s->own_disconnect_req = 0;
2597 wpa_s->own_reconnect_req = 0;
2598
2599 /*
2600 * If we are starting a new connection, any previously pending EAPOL
2601 * RX cannot be valid anymore.
2602 */
2603 wpabuf_free(wpa_s->pending_eapol_rx);
2604 wpa_s->pending_eapol_rx = NULL;
2605
2606 if (ssid->mac_addr == WPAS_MAC_ADDR_STYLE_NOT_SET)
2607 rand_style = wpa_s->conf->mac_addr;
2608 else
2609 rand_style = ssid->mac_addr;
2610
2611 wpa_s->eapol_failed = 0;
2612 wpa_s->multi_ap_ie = 0;
2613 #ifndef CONFIG_NO_WMM_AC
2614 wmm_ac_clear_saved_tspecs(wpa_s);
2615 #endif /* CONFIG_NO_WMM_AC */
2616 #ifdef CONFIG_WNM
2617 wpa_s->wnm_mode = 0;
2618 wpa_s->wnm_target_bss = NULL;
2619 #endif /* CONFIG_WNM */
2620 wpa_s->reassoc_same_bss = 0;
2621 wpa_s->reassoc_same_ess = 0;
2622 #ifdef CONFIG_TESTING_OPTIONS
2623 wpa_s->testing_resend_assoc = 0;
2624 #endif /* CONFIG_TESTING_OPTIONS */
2625
2626 if (wpa_s->last_ssid == ssid) {
2627 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2628 wpa_s->reassoc_same_ess = 1;
2629 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2630 #ifndef CONFIG_NO_WMM_AC
2631 wmm_ac_save_tspecs(wpa_s);
2632 #endif /* CONFIG_NO_WMM_AC */
2633 wpa_s->reassoc_same_bss = 1;
2634 clear_rejected = false;
2635 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2636 os_get_reltime(&wpa_s->roam_start);
2637 }
2638 }
2639
2640 if (clear_rejected)
2641 wpa_s_clear_sae_rejected(wpa_s);
2642
2643 #ifdef CONFIG_SAE
2644 wpa_s_setup_sae_pt(wpa_s->conf, ssid, false);
2645 #endif /* CONFIG_SAE */
2646
2647 if (rand_style > WPAS_MAC_ADDR_STYLE_PERMANENT) {
2648 int status = wpas_update_random_addr(wpa_s, rand_style, ssid);
2649
2650 if (status < 0)
2651 return;
2652 if (rand_style != WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS &&
2653 status > 0) /* MAC changed */
2654 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2655 } else if (rand_style == WPAS_MAC_ADDR_STYLE_PERMANENT &&
2656 wpa_s->mac_addr_changed) {
2657 if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2658 return;
2659 }
2660 wpa_s->last_ssid = ssid;
2661
2662 #ifdef CONFIG_IBSS_RSN
2663 ibss_rsn_deinit(wpa_s->ibss_rsn);
2664 wpa_s->ibss_rsn = NULL;
2665 #else /* CONFIG_IBSS_RSN */
2666 if (ssid->mode == WPAS_MODE_IBSS &&
2667 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2668 wpa_msg(wpa_s, MSG_INFO,
2669 "IBSS RSN not supported in the build");
2670 return;
2671 }
2672 #endif /* CONFIG_IBSS_RSN */
2673
2674 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2675 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2676 #ifdef CONFIG_AP
2677 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2678 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2679 "mode");
2680 return;
2681 }
2682 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2683 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2684 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2685 wpas_p2p_ap_setup_failed(wpa_s);
2686 return;
2687 }
2688 wpa_s->current_bss = bss;
2689 #else /* CONFIG_AP */
2690 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2691 "the build");
2692 #endif /* CONFIG_AP */
2693 return;
2694 }
2695
2696 if (ssid->mode == WPAS_MODE_MESH) {
2697 #ifdef CONFIG_MESH
2698 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2699 wpa_msg(wpa_s, MSG_INFO,
2700 "Driver does not support mesh mode");
2701 return;
2702 }
2703 if (bss)
2704 ssid->frequency = bss->freq;
2705 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2706 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2707 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2708 return;
2709 }
2710 wpa_s->current_bss = bss;
2711 #else /* CONFIG_MESH */
2712 wpa_msg(wpa_s, MSG_ERROR,
2713 "mesh mode support not included in the build");
2714 #endif /* CONFIG_MESH */
2715 return;
2716 }
2717
2718 /*
2719 * Set WPA state machine configuration to match the selected network now
2720 * so that the information is available before wpas_start_assoc_cb()
2721 * gets called. This is needed at least for RSN pre-authentication where
2722 * candidate APs are added to a list based on scan result processing
2723 * before completion of the first association.
2724 */
2725 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2726
2727 #ifdef CONFIG_DPP
2728 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2729 return;
2730 #endif /* CONFIG_DPP */
2731
2732 #ifdef CONFIG_TDLS
2733 if (bss)
2734 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2735 #endif /* CONFIG_TDLS */
2736
2737 #ifdef CONFIG_MBO
2738 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2739 #endif /* CONFIG_MBO */
2740
2741 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2742 ssid->mode == WPAS_MODE_INFRA) {
2743 sme_authenticate(wpa_s, bss, ssid);
2744 return;
2745 }
2746
2747 if (wpa_s->connect_work) {
2748 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2749 return;
2750 }
2751
2752 if (radio_work_pending(wpa_s, "connect")) {
2753 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2754 return;
2755 }
2756
2757 #ifdef CONFIG_SME
2758 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2759 /* Clear possibly set auth_alg, if any, from last attempt. */
2760 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2761 }
2762 #endif /* CONFIG_SME */
2763
2764 wpas_abort_ongoing_scan(wpa_s);
2765
2766 cwork = os_zalloc(sizeof(*cwork));
2767 if (cwork == NULL)
2768 return;
2769
2770 cwork->bss = bss;
2771 cwork->ssid = ssid;
2772
2773 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2774 wpas_start_assoc_cb, cwork) < 0) {
2775 os_free(cwork);
2776 }
2777 }
2778
2779
bss_is_ibss(struct wpa_bss * bss)2780 static int bss_is_ibss(struct wpa_bss *bss)
2781 {
2782 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2783 IEEE80211_CAP_IBSS;
2784 }
2785
2786
drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2787 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2788 const struct wpa_ssid *ssid)
2789 {
2790 enum hostapd_hw_mode hw_mode;
2791 struct hostapd_hw_modes *mode = NULL;
2792 u8 channel;
2793 int i;
2794
2795 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2796 if (hw_mode == NUM_HOSTAPD_MODES)
2797 return 0;
2798 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2799 if (wpa_s->hw.modes[i].mode == hw_mode) {
2800 mode = &wpa_s->hw.modes[i];
2801 break;
2802 }
2803 }
2804
2805 if (!mode)
2806 return 0;
2807
2808 return mode->vht_capab != 0;
2809 }
2810
2811
ibss_mesh_is_80mhz_avail(int channel,struct hostapd_hw_modes * mode)2812 static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
2813 {
2814 int i;
2815
2816 for (i = channel; i < channel + 16; i += 4) {
2817 struct hostapd_channel_data *chan;
2818
2819 chan = hw_get_channel_chan(mode, i, NULL);
2820 if (!chan ||
2821 chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2822 return false;
2823 }
2824
2825 return true;
2826 }
2827
2828
ibss_find_existing_bss(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2829 static struct wpa_bss * ibss_find_existing_bss(struct wpa_supplicant *wpa_s,
2830 const struct wpa_ssid *ssid)
2831 {
2832 unsigned int j;
2833
2834 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2835 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2836
2837 if (!bss_is_ibss(bss))
2838 continue;
2839
2840 if (ssid->ssid_len == bss->ssid_len &&
2841 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0)
2842 return bss;
2843 }
2844 return NULL;
2845 }
2846
2847
ibss_mesh_can_use_ht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode)2848 static bool ibss_mesh_can_use_ht(struct wpa_supplicant *wpa_s,
2849 const struct wpa_ssid *ssid,
2850 struct hostapd_hw_modes *mode)
2851 {
2852 /* For IBSS check HT_IBSS flag */
2853 if (ssid->mode == WPAS_MODE_IBSS &&
2854 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2855 return false;
2856
2857 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2858 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2859 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2860 wpa_printf(MSG_DEBUG,
2861 "IBSS: WEP/TKIP detected, do not try to enable HT");
2862 return false;
2863 }
2864
2865 if (!ht_supported(mode))
2866 return false;
2867
2868 #ifdef CONFIG_HT_OVERRIDES
2869 if (ssid->disable_ht)
2870 return false;
2871 #endif /* CONFIG_HT_OVERRIDES */
2872
2873 return true;
2874 }
2875
2876
ibss_mesh_can_use_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode)2877 static bool ibss_mesh_can_use_vht(struct wpa_supplicant *wpa_s,
2878 const struct wpa_ssid *ssid,
2879 struct hostapd_hw_modes *mode)
2880 {
2881 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2882 return false;
2883
2884 if (!drv_supports_vht(wpa_s, ssid))
2885 return false;
2886
2887 /* For IBSS check VHT_IBSS flag */
2888 if (ssid->mode == WPAS_MODE_IBSS &&
2889 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2890 return false;
2891
2892 if (!vht_supported(mode))
2893 return false;
2894
2895 #ifdef CONFIG_VHT_OVERRIDES
2896 if (ssid->disable_vht)
2897 return false;
2898 #endif /* CONFIG_VHT_OVERRIDES */
2899
2900 return true;
2901 }
2902
2903
ibss_mesh_can_use_he(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,const struct hostapd_hw_modes * mode,int ieee80211_mode)2904 static bool ibss_mesh_can_use_he(struct wpa_supplicant *wpa_s,
2905 const struct wpa_ssid *ssid,
2906 const struct hostapd_hw_modes *mode,
2907 int ieee80211_mode)
2908 {
2909 #ifdef CONFIG_HE_OVERRIDES
2910 if (ssid->disable_he)
2911 return false;
2912 #endif /* CONFIG_HE_OVERRIDES */
2913
2914 switch (mode->mode) {
2915 case HOSTAPD_MODE_IEEE80211G:
2916 case HOSTAPD_MODE_IEEE80211B:
2917 case HOSTAPD_MODE_IEEE80211A:
2918 return mode->he_capab[ieee80211_mode].he_supported;
2919 default:
2920 return false;
2921 }
2922 }
2923
2924
ibss_mesh_can_use_eht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,const struct hostapd_hw_modes * mode,int ieee80211_mode)2925 static bool ibss_mesh_can_use_eht(struct wpa_supplicant *wpa_s,
2926 const struct wpa_ssid *ssid,
2927 const struct hostapd_hw_modes *mode,
2928 int ieee80211_mode)
2929 {
2930 if (ssid->disable_eht)
2931 return false;
2932
2933 switch(mode->mode) {
2934 case HOSTAPD_MODE_IEEE80211G:
2935 case HOSTAPD_MODE_IEEE80211B:
2936 case HOSTAPD_MODE_IEEE80211A:
2937 return mode->eht_capab[ieee80211_mode].eht_supported;
2938 default:
2939 return false;
2940 }
2941 }
2942
2943
ibss_mesh_select_40mhz(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode,struct hostapd_freq_params * freq,int obss_scan)2944 static void ibss_mesh_select_40mhz(struct wpa_supplicant *wpa_s,
2945 const struct wpa_ssid *ssid,
2946 struct hostapd_hw_modes *mode,
2947 struct hostapd_freq_params *freq,
2948 int obss_scan) {
2949 int chan_idx;
2950 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2951 int i, res;
2952 unsigned int j;
2953 static const int ht40plus[] = {
2954 36, 44, 52, 60, 100, 108, 116, 124, 132, 140,
2955 149, 157, 165, 173, 184, 192
2956 };
2957 int ht40 = -1;
2958
2959 if (!freq->ht_enabled)
2960 return;
2961
2962 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2963 pri_chan = &mode->channels[chan_idx];
2964 if (pri_chan->chan == freq->channel)
2965 break;
2966 pri_chan = NULL;
2967 }
2968 if (!pri_chan)
2969 return;
2970
2971 /* Check primary channel flags */
2972 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2973 return;
2974
2975 #ifdef CONFIG_HT_OVERRIDES
2976 if (ssid->disable_ht40)
2977 return;
2978 #endif
2979
2980 /* Check/setup HT40+/HT40- */
2981 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2982 if (ht40plus[j] == freq->channel) {
2983 ht40 = 1;
2984 break;
2985 }
2986 }
2987
2988 /* Find secondary channel */
2989 for (i = 0; i < mode->num_channels; i++) {
2990 sec_chan = &mode->channels[i];
2991 if (sec_chan->chan == freq->channel + ht40 * 4)
2992 break;
2993 sec_chan = NULL;
2994 }
2995 if (!sec_chan)
2996 return;
2997
2998 /* Check secondary channel flags */
2999 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
3000 return;
3001
3002 if (ht40 == -1) {
3003 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
3004 return;
3005 } else {
3006 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
3007 return;
3008 }
3009 freq->sec_channel_offset = ht40;
3010
3011 if (obss_scan) {
3012 struct wpa_scan_results *scan_res;
3013
3014 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0,
3015 NULL);
3016 if (scan_res == NULL) {
3017 /* Back to HT20 */
3018 freq->sec_channel_offset = 0;
3019 return;
3020 }
3021
3022 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
3023 switch (res) {
3024 case 0:
3025 /* Back to HT20 */
3026 freq->sec_channel_offset = 0;
3027 break;
3028 case 1:
3029 /* Configuration allowed */
3030 break;
3031 case 2:
3032 /* Switch pri/sec channels */
3033 freq->freq = hw_get_freq(mode, sec_chan->chan);
3034 freq->sec_channel_offset = -freq->sec_channel_offset;
3035 freq->channel = sec_chan->chan;
3036 break;
3037 default:
3038 freq->sec_channel_offset = 0;
3039 break;
3040 }
3041
3042 wpa_scan_results_free(scan_res);
3043 }
3044
3045 wpa_printf(MSG_DEBUG,
3046 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
3047 freq->channel, freq->sec_channel_offset);
3048 }
3049
3050
ibss_mesh_select_80_160mhz(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode,struct hostapd_freq_params * freq,int ieee80211_mode,bool is_6ghz)3051 static bool ibss_mesh_select_80_160mhz(struct wpa_supplicant *wpa_s,
3052 const struct wpa_ssid *ssid,
3053 struct hostapd_hw_modes *mode,
3054 struct hostapd_freq_params *freq,
3055 int ieee80211_mode, bool is_6ghz) {
3056 static const int bw80[] = {
3057 5180, 5260, 5500, 5580, 5660, 5745, 5825,
3058 5955, 6035, 6115, 6195, 6275, 6355, 6435,
3059 6515, 6595, 6675, 6755, 6835, 6915, 6995
3060 };
3061 static const int bw160[] = {
3062 5955, 6115, 6275, 6435, 6595, 6755, 6915
3063 };
3064 struct hostapd_freq_params vht_freq;
3065 int i;
3066 unsigned int j, k;
3067 int chwidth, seg0, seg1;
3068 u32 vht_caps = 0;
3069 u8 channel = freq->channel;
3070
3071 if (!freq->vht_enabled && !freq->he_enabled)
3072 return true;
3073
3074 vht_freq = *freq;
3075
3076 chwidth = CONF_OPER_CHWIDTH_USE_HT;
3077 seg0 = freq->channel + 2 * freq->sec_channel_offset;
3078 seg1 = 0;
3079 if (freq->sec_channel_offset == 0) {
3080 seg0 = 0;
3081 /* Don't try 80 MHz if 40 MHz failed, except in 6 GHz */
3082 if (freq->ht_enabled && !is_6ghz)
3083 goto skip_80mhz;
3084 }
3085 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_USE_HT)
3086 goto skip_80mhz;
3087
3088 /* setup center_freq1, bandwidth */
3089 for (j = 0; j < ARRAY_SIZE(bw80); j++) {
3090 if (freq->freq >= bw80[j] &&
3091 freq->freq < bw80[j] + 80)
3092 break;
3093 }
3094
3095 if (j == ARRAY_SIZE(bw80) ||
3096 ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES)
3097 goto skip_80mhz;
3098
3099 /* Use 40 MHz if channel not usable */
3100 if (!ibss_mesh_is_80mhz_avail(channel, mode))
3101 goto skip_80mhz;
3102
3103 chwidth = CONF_OPER_CHWIDTH_80MHZ;
3104 seg0 = channel + 6;
3105 seg1 = 0;
3106
3107 /* In 160 MHz, the initial four 20 MHz channels were validated
3108 * above. If 160 MHz is supported, check the remaining four 20 MHz
3109 * channels for the total of 160 MHz bandwidth for 6 GHz.
3110 */
3111 if ((mode->he_capab[ieee80211_mode].phy_cap[
3112 HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
3113 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
3114 ibss_mesh_is_80mhz_avail(channel + 16, mode)) {
3115 for (j = 0; j < ARRAY_SIZE(bw160); j++) {
3116 if (freq->freq == bw160[j]) {
3117 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3118 seg0 = channel + 14;
3119 break;
3120 }
3121 }
3122 }
3123
3124 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_80P80MHZ) {
3125 /* setup center_freq2, bandwidth */
3126 for (k = 0; k < ARRAY_SIZE(bw80); k++) {
3127 /* Only accept 80 MHz segments separated by a gap */
3128 if (j == k || abs(bw80[j] - bw80[k]) == 80)
3129 continue;
3130
3131 if (ieee80211_freq_to_chan(bw80[k], &channel) ==
3132 NUM_HOSTAPD_MODES)
3133 break;
3134
3135 for (i = channel; i < channel + 16; i += 4) {
3136 struct hostapd_channel_data *chan;
3137
3138 chan = hw_get_channel_chan(mode, i, NULL);
3139 if (!chan)
3140 continue;
3141
3142 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
3143 HOSTAPD_CHAN_NO_IR |
3144 HOSTAPD_CHAN_RADAR))
3145 continue;
3146
3147 /* Found a suitable second segment for 80+80 */
3148 chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
3149 if (!is_6ghz)
3150 vht_caps |=
3151 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
3152 seg1 = channel + 6;
3153 }
3154
3155 if (chwidth == CONF_OPER_CHWIDTH_80P80MHZ)
3156 break;
3157 }
3158 } else if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) {
3159 if (freq->freq == 5180) {
3160 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3161 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3162 seg0 = 50;
3163 } else if (freq->freq == 5520) {
3164 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3165 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3166 seg0 = 114;
3167 }
3168 }
3169
3170 skip_80mhz:
3171 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
3172 freq->channel, ssid->enable_edmg,
3173 ssid->edmg_channel, freq->ht_enabled,
3174 freq->vht_enabled, freq->he_enabled,
3175 freq->eht_enabled,
3176 freq->sec_channel_offset,
3177 chwidth, seg0, seg1, vht_caps,
3178 &mode->he_capab[ieee80211_mode],
3179 &mode->eht_capab[ieee80211_mode], 0) != 0)
3180 return false;
3181
3182 *freq = vht_freq;
3183
3184 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
3185 freq->center_freq1, freq->center_freq2, freq->bandwidth);
3186 return true;
3187 }
3188
3189
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)3190 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
3191 const struct wpa_ssid *ssid,
3192 struct hostapd_freq_params *freq)
3193 {
3194 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
3195 enum hostapd_hw_mode hw_mode;
3196 struct hostapd_hw_modes *mode = NULL;
3197 int obss_scan = 1;
3198 u8 channel;
3199 bool is_6ghz, is_24ghz;
3200
3201 freq->freq = ssid->frequency;
3202
3203 if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) {
3204 struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid);
3205
3206 if (bss) {
3207 wpa_printf(MSG_DEBUG,
3208 "IBSS already found in scan results, adjust control freq: %d",
3209 bss->freq);
3210 freq->freq = bss->freq;
3211 obss_scan = 0;
3212 }
3213 }
3214
3215 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
3216 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
3217 hw_mode, is_6ghz_freq(ssid->frequency));
3218
3219 if (!mode)
3220 return;
3221
3222 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
3223 hw_mode == HOSTAPD_MODE_IEEE80211B;
3224
3225 is_6ghz = is_6ghz_freq(freq->freq);
3226
3227 freq->ht_enabled = 0;
3228 freq->vht_enabled = 0;
3229 freq->he_enabled = 0;
3230 freq->eht_enabled = 0;
3231
3232 if (!is_6ghz)
3233 freq->ht_enabled = ibss_mesh_can_use_ht(wpa_s, ssid, mode);
3234 if (freq->ht_enabled)
3235 freq->vht_enabled = ibss_mesh_can_use_vht(wpa_s, ssid, mode);
3236 if (freq->vht_enabled || (freq->ht_enabled && is_24ghz) || is_6ghz)
3237 freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
3238 ieee80211_mode);
3239 freq->channel = channel;
3240 /* Setup higher BW only for 5 GHz */
3241 if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
3242 ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan);
3243 if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq,
3244 ieee80211_mode, is_6ghz))
3245 freq->he_enabled = freq->vht_enabled = false;
3246 }
3247
3248 if (freq->he_enabled)
3249 freq->eht_enabled = ibss_mesh_can_use_eht(wpa_s, ssid, mode,
3250 ieee80211_mode);
3251 }
3252
3253
3254 #ifdef CONFIG_FILS
wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)3255 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
3256 size_t ie_buf_len)
3257 {
3258 struct fils_hlp_req *req;
3259 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
3260 const u8 *pos;
3261 u8 *buf = ie_buf;
3262
3263 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3264 list) {
3265 rem_len = ie_buf_len - ie_len;
3266 pos = wpabuf_head(req->pkt);
3267 hdr_len = 1 + 2 * ETH_ALEN + 6;
3268 hlp_len = wpabuf_len(req->pkt);
3269
3270 if (rem_len < 2 + hdr_len + hlp_len) {
3271 wpa_printf(MSG_ERROR,
3272 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
3273 (unsigned long) rem_len,
3274 (unsigned long) (2 + hdr_len + hlp_len));
3275 break;
3276 }
3277
3278 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
3279 /* Element ID */
3280 *buf++ = WLAN_EID_EXTENSION;
3281 /* Length */
3282 *buf++ = len;
3283 /* Element ID Extension */
3284 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
3285 /* Destination MAC address */
3286 os_memcpy(buf, req->dst, ETH_ALEN);
3287 buf += ETH_ALEN;
3288 /* Source MAC address */
3289 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
3290 buf += ETH_ALEN;
3291 /* LLC/SNAP Header */
3292 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
3293 buf += 6;
3294 /* HLP Packet */
3295 os_memcpy(buf, pos, len - hdr_len);
3296 buf += len - hdr_len;
3297 pos += len - hdr_len;
3298
3299 hlp_len -= len - hdr_len;
3300 ie_len += 2 + len;
3301 rem_len -= 2 + len;
3302
3303 while (hlp_len) {
3304 len = (hlp_len > 255) ? 255 : hlp_len;
3305 if (rem_len < 2 + len)
3306 break;
3307 *buf++ = WLAN_EID_FRAGMENT;
3308 *buf++ = len;
3309 os_memcpy(buf, pos, len);
3310 buf += len;
3311 pos += len;
3312
3313 hlp_len -= len;
3314 ie_len += 2 + len;
3315 rem_len -= 2 + len;
3316 }
3317 }
3318
3319 return ie_len;
3320 }
3321
3322
wpa_is_fils_supported(struct wpa_supplicant * wpa_s)3323 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
3324 {
3325 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3326 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
3327 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3328 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
3329 }
3330
3331
wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)3332 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
3333 {
3334 #ifdef CONFIG_FILS_SK_PFS
3335 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3336 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
3337 #else /* CONFIG_FILS_SK_PFS */
3338 return 0;
3339 #endif /* CONFIG_FILS_SK_PFS */
3340 }
3341
3342 #endif /* CONFIG_FILS */
3343
3344
wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss * bss)3345 bool wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss *bss)
3346 {
3347 const u8 *wfa_capa;
3348
3349 if (!bss)
3350 return false;
3351
3352 /* Get WFA capability from Beacon or Probe Response frame elements */
3353 wfa_capa = wpa_bss_get_vendor_ie(bss, WFA_CAPA_IE_VENDOR_TYPE);
3354 if (!wfa_capa)
3355 wfa_capa = wpa_bss_get_vendor_ie_beacon(
3356 bss, WFA_CAPA_IE_VENDOR_TYPE);
3357
3358 if (!wfa_capa || wfa_capa[1] < 6 || wfa_capa[6] < 1 ||
3359 !(wfa_capa[7] & WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC)) {
3360 /* AP does not enable QM non EHT traffic description policy */
3361 return false;
3362 }
3363
3364 return true;
3365 }
3366
3367
wpas_populate_wfa_capa(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,u8 * wpa_ie,size_t wpa_ie_len,size_t max_wpa_ie_len)3368 static int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s,
3369 struct wpa_bss *bss,
3370 u8 *wpa_ie, size_t wpa_ie_len,
3371 size_t max_wpa_ie_len)
3372 {
3373 struct wpabuf *wfa_ie = NULL;
3374 u8 wfa_capa[1];
3375 size_t wfa_ie_len, buf_len;
3376
3377 os_memset(wfa_capa, 0, sizeof(wfa_capa));
3378 #ifndef CONFIG_NO_ROBUST_AV
3379 if (wpa_s->enable_dscp_policy_capa)
3380 wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY;
3381 #endif /* CONFIG_NO_ROBUST_AV */
3382
3383 if (wpa_is_non_eht_scs_traffic_desc_supported(bss))
3384 wfa_capa[0] |= WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC;
3385
3386 if (!wfa_capa[0])
3387 return wpa_ie_len;
3388
3389 /* Wi-Fi Alliance element */
3390 buf_len = 1 + /* Element ID */
3391 1 + /* Length */
3392 3 + /* OUI */
3393 1 + /* OUI Type */
3394 1 + /* Capabilities Length */
3395 sizeof(wfa_capa); /* Capabilities */
3396 wfa_ie = wpabuf_alloc(buf_len);
3397 if (!wfa_ie)
3398 return wpa_ie_len;
3399
3400 wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC);
3401 wpabuf_put_u8(wfa_ie, buf_len - 2);
3402 wpabuf_put_be24(wfa_ie, OUI_WFA);
3403 wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE);
3404 wpabuf_put_u8(wfa_ie, sizeof(wfa_capa));
3405 wpabuf_put_data(wfa_ie, wfa_capa, sizeof(wfa_capa));
3406
3407 wfa_ie_len = wpabuf_len(wfa_ie);
3408 if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) {
3409 wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element",
3410 wfa_ie);
3411 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie),
3412 wfa_ie_len);
3413 wpa_ie_len += wfa_ie_len;
3414 }
3415
3416 wpabuf_free(wfa_ie);
3417 return wpa_ie_len;
3418 }
3419
3420
wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)3421 static u8 * wpas_populate_assoc_ies(
3422 struct wpa_supplicant *wpa_s,
3423 struct wpa_bss *bss, struct wpa_ssid *ssid,
3424 struct wpa_driver_associate_params *params,
3425 enum wpa_drv_update_connect_params_mask *mask)
3426 {
3427 u8 *wpa_ie;
3428 size_t max_wpa_ie_len = 500;
3429 size_t wpa_ie_len;
3430 int algs = WPA_AUTH_ALG_OPEN;
3431 #ifdef CONFIG_MBO
3432 const u8 *mbo_ie;
3433 #endif
3434 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3435 int pmksa_cached = 0;
3436 #endif /* CONFIG_SAE || CONFIG_FILS */
3437 #ifdef CONFIG_FILS
3438 const u8 *realm, *username, *rrk;
3439 size_t realm_len, username_len, rrk_len;
3440 u16 next_seq_num;
3441 struct fils_hlp_req *req;
3442
3443 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3444 list) {
3445 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
3446 2 + 2 * wpabuf_len(req->pkt) / 255;
3447 }
3448 #endif /* CONFIG_FILS */
3449
3450 wpa_ie = os_malloc(max_wpa_ie_len);
3451 if (!wpa_ie) {
3452 wpa_printf(MSG_ERROR,
3453 "Failed to allocate connect IE buffer for %lu bytes",
3454 (unsigned long) max_wpa_ie_len);
3455 return NULL;
3456 }
3457
3458 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
3459 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
3460 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
3461 int try_opportunistic;
3462 const u8 *cache_id = NULL;
3463 const u8 *addr = bss->bssid;
3464
3465 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3466 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_MLO) &&
3467 !is_zero_ether_addr(bss->mld_addr))
3468 addr = bss->mld_addr;
3469
3470 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3471 wpa_s->valid_links)
3472 addr = wpa_s->ap_mld_addr;
3473
3474 try_opportunistic = (ssid->proactive_key_caching < 0 ?
3475 wpa_s->conf->okc :
3476 ssid->proactive_key_caching) &&
3477 (ssid->proto & WPA_PROTO_RSN);
3478 #ifdef CONFIG_FILS
3479 if (wpa_key_mgmt_fils(ssid->key_mgmt))
3480 cache_id = wpa_bss_get_fils_cache_id(bss);
3481 #endif /* CONFIG_FILS */
3482 if (pmksa_cache_set_current(wpa_s->wpa, NULL, addr,
3483 ssid, try_opportunistic,
3484 cache_id, 0, false) == 0) {
3485 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
3486 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3487 pmksa_cached = 1;
3488 #endif /* CONFIG_SAE || CONFIG_FILS */
3489 }
3490 wpa_ie_len = max_wpa_ie_len;
3491 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3492 wpa_ie, &wpa_ie_len, false)) {
3493 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3494 "key management and encryption suites");
3495 os_free(wpa_ie);
3496 return NULL;
3497 }
3498 #ifdef CONFIG_HS20
3499 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
3500 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
3501 /* No PMKSA caching, but otherwise similar to RSN/WPA */
3502 wpa_ie_len = max_wpa_ie_len;
3503 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3504 wpa_ie, &wpa_ie_len, false)) {
3505 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3506 "key management and encryption suites");
3507 os_free(wpa_ie);
3508 return NULL;
3509 }
3510 #endif /* CONFIG_HS20 */
3511 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
3512 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
3513 /*
3514 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
3515 * use non-WPA since the scan results did not indicate that the
3516 * AP is using WPA or WPA2.
3517 */
3518 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3519 wpa_ie_len = 0;
3520 wpa_s->wpa_proto = 0;
3521 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
3522 wpa_ie_len = max_wpa_ie_len;
3523 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
3524 wpa_ie, &wpa_ie_len, false)) {
3525 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3526 "key management and encryption suites (no "
3527 "scan results)");
3528 os_free(wpa_ie);
3529 return NULL;
3530 }
3531 #ifdef CONFIG_WPS
3532 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
3533 struct wpabuf *wps_ie;
3534 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
3535 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
3536 wpa_ie_len = wpabuf_len(wps_ie);
3537 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
3538 } else
3539 wpa_ie_len = 0;
3540 wpabuf_free(wps_ie);
3541 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3542 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
3543 params->wps = WPS_MODE_PRIVACY;
3544 else
3545 params->wps = WPS_MODE_OPEN;
3546 wpa_s->wpa_proto = 0;
3547 #endif /* CONFIG_WPS */
3548 } else {
3549 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3550 wpa_ie_len = 0;
3551 wpa_s->wpa_proto = 0;
3552 }
3553
3554 #ifdef IEEE8021X_EAPOL
3555 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3556 if (ssid->leap) {
3557 if (ssid->non_leap == 0)
3558 algs = WPA_AUTH_ALG_LEAP;
3559 else
3560 algs |= WPA_AUTH_ALG_LEAP;
3561 }
3562 }
3563
3564 #ifdef CONFIG_FILS
3565 /* Clear FILS association */
3566 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
3567
3568 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3569 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3570 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
3571 &username_len, &realm, &realm_len,
3572 &next_seq_num, &rrk, &rrk_len) == 0 &&
3573 (!wpa_s->last_con_fail_realm ||
3574 wpa_s->last_con_fail_realm_len != realm_len ||
3575 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
3576 algs = WPA_AUTH_ALG_FILS;
3577 params->fils_erp_username = username;
3578 params->fils_erp_username_len = username_len;
3579 params->fils_erp_realm = realm;
3580 params->fils_erp_realm_len = realm_len;
3581 params->fils_erp_next_seq_num = next_seq_num;
3582 params->fils_erp_rrk = rrk;
3583 params->fils_erp_rrk_len = rrk_len;
3584
3585 if (mask)
3586 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
3587 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3588 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3589 pmksa_cached) {
3590 algs = WPA_AUTH_ALG_FILS;
3591 }
3592 #endif /* CONFIG_FILS */
3593 #endif /* IEEE8021X_EAPOL */
3594 #ifdef CONFIG_SAE
3595 if (wpa_key_mgmt_sae(wpa_s->key_mgmt))
3596 algs = WPA_AUTH_ALG_SAE;
3597 #endif /* CONFIG_SAE */
3598
3599 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
3600 if (ssid->auth_alg) {
3601 algs = ssid->auth_alg;
3602 wpa_dbg(wpa_s, MSG_DEBUG,
3603 "Overriding auth_alg selection: 0x%x", algs);
3604 }
3605
3606 #ifdef CONFIG_SAE
3607 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
3608 wpa_dbg(wpa_s, MSG_DEBUG,
3609 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
3610 algs = WPA_AUTH_ALG_OPEN;
3611 }
3612 #endif /* CONFIG_SAE */
3613
3614 #ifdef CONFIG_P2P
3615 if (wpa_s->global->p2p) {
3616 u8 *pos;
3617 size_t len;
3618 int res;
3619 pos = wpa_ie + wpa_ie_len;
3620 len = max_wpa_ie_len - wpa_ie_len;
3621 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
3622 ssid->p2p_group);
3623 if (res >= 0)
3624 wpa_ie_len += res;
3625 }
3626
3627 wpa_s->cross_connect_disallowed = 0;
3628 if (bss) {
3629 struct wpabuf *p2p;
3630 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
3631 if (p2p) {
3632 wpa_s->cross_connect_disallowed =
3633 p2p_get_cross_connect_disallowed(p2p);
3634 wpabuf_free(p2p);
3635 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3636 "connection",
3637 wpa_s->cross_connect_disallowed ?
3638 "disallows" : "allows");
3639 }
3640 }
3641
3642 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3643 #endif /* CONFIG_P2P */
3644
3645 #ifndef CONFIG_NO_RRM
3646 if (bss) {
3647 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3648 wpa_ie + wpa_ie_len,
3649 max_wpa_ie_len -
3650 wpa_ie_len);
3651 }
3652 #endif /* CONFIG_NO_RRM */
3653
3654 /*
3655 * Workaround: Add Extended Capabilities element only if the AP
3656 * included this element in Beacon/Probe Response frames. Some older
3657 * APs seem to have interoperability issues if this element is
3658 * included, so while the standard may require us to include the
3659 * element in all cases, it is justifiable to skip it to avoid
3660 * interoperability issues.
3661 */
3662 if (ssid->p2p_group)
3663 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3664 else
3665 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3666
3667 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3668 u8 ext_capab[18];
3669 int ext_capab_len;
3670 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3671 sizeof(ext_capab), bss);
3672 if (ext_capab_len > 0 &&
3673 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3674 u8 *pos = wpa_ie;
3675 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3676 pos += 2 + pos[1];
3677 os_memmove(pos + ext_capab_len, pos,
3678 wpa_ie_len - (pos - wpa_ie));
3679 wpa_ie_len += ext_capab_len;
3680 os_memcpy(pos, ext_capab, ext_capab_len);
3681 }
3682 }
3683
3684 if (ssid->max_idle && wpa_ie_len + 5 <= max_wpa_ie_len) {
3685 u8 *pos = wpa_ie;
3686
3687 *pos++ = WLAN_EID_BSS_MAX_IDLE_PERIOD;
3688 *pos++ = 3;
3689 WPA_PUT_LE16(pos, ssid->max_idle);
3690 pos += 2;
3691 *pos = 0; /* Idle Options */
3692 wpa_ie_len += 5;
3693 }
3694
3695 #ifdef CONFIG_HS20
3696 if (is_hs20_network(wpa_s, ssid, bss)) {
3697 struct wpabuf *hs20;
3698
3699 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3700 if (hs20) {
3701 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3702 size_t len;
3703
3704 wpas_hs20_add_indication(hs20, pps_mo_id,
3705 get_hs20_version(bss));
3706 wpas_hs20_add_roam_cons_sel(hs20, ssid);
3707 len = max_wpa_ie_len - wpa_ie_len;
3708 if (wpabuf_len(hs20) <= len) {
3709 os_memcpy(wpa_ie + wpa_ie_len,
3710 wpabuf_head(hs20), wpabuf_len(hs20));
3711 wpa_ie_len += wpabuf_len(hs20);
3712 }
3713 wpabuf_free(hs20);
3714
3715 hs20_configure_frame_filters(wpa_s);
3716 }
3717 }
3718 #endif /* CONFIG_HS20 */
3719
3720 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3721 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3722 size_t len;
3723
3724 len = max_wpa_ie_len - wpa_ie_len;
3725 if (wpabuf_len(buf) <= len) {
3726 os_memcpy(wpa_ie + wpa_ie_len,
3727 wpabuf_head(buf), wpabuf_len(buf));
3728 wpa_ie_len += wpabuf_len(buf);
3729 }
3730 }
3731
3732 #ifdef CONFIG_FST
3733 if (wpa_s->fst_ies) {
3734 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3735
3736 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3737 os_memcpy(wpa_ie + wpa_ie_len,
3738 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3739 wpa_ie_len += fst_ies_len;
3740 }
3741 }
3742 #endif /* CONFIG_FST */
3743
3744 #ifdef CONFIG_MBO
3745 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3746 if (!wpa_s->disable_mbo_oce && mbo_ie) {
3747 int len;
3748
3749 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3750 max_wpa_ie_len - wpa_ie_len,
3751 !!mbo_attr_from_mbo_ie(mbo_ie,
3752 OCE_ATTR_ID_CAPA_IND));
3753 if (len >= 0)
3754 wpa_ie_len += len;
3755 }
3756 #endif /* CONFIG_MBO */
3757
3758 #ifdef CONFIG_FILS
3759 if (algs == WPA_AUTH_ALG_FILS) {
3760 size_t len;
3761
3762 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3763 max_wpa_ie_len - wpa_ie_len);
3764 wpa_ie_len += len;
3765 }
3766 #endif /* CONFIG_FILS */
3767
3768 #ifdef CONFIG_OWE
3769 #ifdef CONFIG_TESTING_OPTIONS
3770 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3771 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3772 } else
3773 #endif /* CONFIG_TESTING_OPTIONS */
3774 if (algs == WPA_AUTH_ALG_OPEN &&
3775 ssid->key_mgmt == WPA_KEY_MGMT_OWE &&
3776 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA)) {
3777 struct wpabuf *owe_ie;
3778 u16 group;
3779
3780 if (ssid->owe_group) {
3781 group = ssid->owe_group;
3782 } else if (wpa_s->assoc_status_code ==
3783 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3784 if (wpa_s->last_owe_group == 19)
3785 group = 20;
3786 else if (wpa_s->last_owe_group == 20)
3787 group = 21;
3788 else
3789 group = OWE_DH_GROUP;
3790 } else {
3791 group = OWE_DH_GROUP;
3792 }
3793
3794 wpa_s->last_owe_group = group;
3795 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3796 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3797 if (owe_ie &&
3798 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3799 os_memcpy(wpa_ie + wpa_ie_len,
3800 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3801 wpa_ie_len += wpabuf_len(owe_ie);
3802 }
3803 wpabuf_free(owe_ie);
3804 }
3805 #endif /* CONFIG_OWE */
3806
3807 #ifdef CONFIG_DPP2
3808 if (DPP_VERSION > 1 &&
3809 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3810 ssid->dpp_netaccesskey &&
3811 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
3812 struct rsn_pmksa_cache_entry *pmksa;
3813
3814 pmksa = pmksa_cache_get_current(wpa_s->wpa);
3815 if (!pmksa || !pmksa->dpp_pfs)
3816 goto pfs_fail;
3817
3818 dpp_pfs_free(wpa_s->dpp_pfs);
3819 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3820 ssid->dpp_netaccesskey_len);
3821 if (!wpa_s->dpp_pfs) {
3822 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3823 /* Try to continue without PFS */
3824 goto pfs_fail;
3825 }
3826 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3827 max_wpa_ie_len - wpa_ie_len) {
3828 os_memcpy(wpa_ie + wpa_ie_len,
3829 wpabuf_head(wpa_s->dpp_pfs->ie),
3830 wpabuf_len(wpa_s->dpp_pfs->ie));
3831 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3832 }
3833 }
3834 pfs_fail:
3835 #endif /* CONFIG_DPP2 */
3836
3837 #ifdef CONFIG_IEEE80211R
3838 /*
3839 * Add MDIE under these conditions: the network profile allows FT,
3840 * the AP supports FT, and the mobility domain ID matches.
3841 */
3842 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3843 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3844
3845 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3846 size_t len = 0;
3847 const u8 *md = mdie + 2;
3848 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3849
3850 if (os_memcmp(md, wpa_md,
3851 MOBILITY_DOMAIN_ID_LEN) == 0) {
3852 /* Add mobility domain IE */
3853 len = wpa_ft_add_mdie(
3854 wpa_s->wpa, wpa_ie + wpa_ie_len,
3855 max_wpa_ie_len - wpa_ie_len, mdie);
3856 wpa_ie_len += len;
3857 }
3858 #ifdef CONFIG_SME
3859 if (len > 0 && wpa_s->sme.ft_used &&
3860 wpa_sm_has_ft_keys(wpa_s->wpa, md)) {
3861 wpa_dbg(wpa_s, MSG_DEBUG,
3862 "SME: Trying to use FT over-the-air");
3863 algs |= WPA_AUTH_ALG_FT;
3864 }
3865 #endif /* CONFIG_SME */
3866 }
3867 }
3868 #endif /* CONFIG_IEEE80211R */
3869
3870 #ifdef CONFIG_TESTING_OPTIONS
3871 if (wpa_s->rsnxe_override_assoc &&
3872 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3873 max_wpa_ie_len - wpa_ie_len) {
3874 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3875 os_memcpy(wpa_ie + wpa_ie_len,
3876 wpabuf_head(wpa_s->rsnxe_override_assoc),
3877 wpabuf_len(wpa_s->rsnxe_override_assoc));
3878 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3879 } else
3880 #endif /* CONFIG_TESTING_OPTIONS */
3881 if (wpa_s->rsnxe_len > 0 &&
3882 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3883 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3884 wpa_ie_len += wpa_s->rsnxe_len;
3885 }
3886
3887 #ifndef CONFIG_NO_ROBUST_AV
3888 #ifdef CONFIG_TESTING_OPTIONS
3889 if (wpa_s->disable_mscs_support)
3890 goto mscs_end;
3891 #endif /* CONFIG_TESTING_OPTIONS */
3892 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
3893 wpa_s->robust_av.valid_config) {
3894 struct wpabuf *mscs_ie;
3895 size_t mscs_ie_len, buf_len;
3896
3897 buf_len = 3 + /* MSCS descriptor IE header */
3898 1 + /* Request type */
3899 2 + /* User priority control */
3900 4 + /* Stream timeout */
3901 3 + /* TCLAS Mask IE header */
3902 wpa_s->robust_av.frame_classifier_len;
3903 mscs_ie = wpabuf_alloc(buf_len);
3904 if (!mscs_ie) {
3905 wpa_printf(MSG_INFO,
3906 "MSCS: Failed to allocate MSCS IE");
3907 goto mscs_end;
3908 }
3909
3910 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
3911 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
3912 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
3913 mscs_ie_len = wpabuf_len(mscs_ie);
3914 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
3915 mscs_ie_len);
3916 wpa_ie_len += mscs_ie_len;
3917 }
3918
3919 wpabuf_free(mscs_ie);
3920 }
3921 mscs_end:
3922 #endif /* CONFIG_NO_ROBUST_AV */
3923
3924 wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len,
3925 max_wpa_ie_len);
3926
3927 if (ssid->multi_ap_backhaul_sta) {
3928 size_t multi_ap_ie_len;
3929 struct multi_ap_params multi_ap = { 0 };
3930
3931 multi_ap.capability = MULTI_AP_BACKHAUL_STA;
3932 multi_ap.profile = ssid->multi_ap_profile;
3933
3934 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3935 max_wpa_ie_len - wpa_ie_len,
3936 &multi_ap);
3937 if (multi_ap_ie_len == 0) {
3938 wpa_printf(MSG_ERROR,
3939 "Multi-AP: Failed to build Multi-AP IE");
3940 os_free(wpa_ie);
3941 return NULL;
3942 }
3943 wpa_ie_len += multi_ap_ie_len;
3944 }
3945
3946 params->wpa_ie = wpa_ie;
3947 params->wpa_ie_len = wpa_ie_len;
3948 params->auth_alg = algs;
3949 if (mask)
3950 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3951
3952 return wpa_ie;
3953 }
3954
3955
3956 #ifdef CONFIG_OWE
wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)3957 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3958 {
3959 struct wpa_driver_associate_params params;
3960 u8 *wpa_ie;
3961
3962 os_memset(¶ms, 0, sizeof(params));
3963 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3964 wpa_s->current_ssid, ¶ms, NULL);
3965 if (!wpa_ie)
3966 return;
3967
3968 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3969 os_free(wpa_ie);
3970 }
3971 #endif /* CONFIG_OWE */
3972
3973
3974 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)3975 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3976 {
3977 struct wpa_driver_associate_params params;
3978 enum wpa_drv_update_connect_params_mask mask = 0;
3979 u8 *wpa_ie;
3980
3981 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3982 return; /* nothing to do */
3983
3984 os_memset(¶ms, 0, sizeof(params));
3985 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3986 wpa_s->current_ssid, ¶ms, &mask);
3987 if (!wpa_ie)
3988 return;
3989
3990 if (params.auth_alg == WPA_AUTH_ALG_FILS) {
3991 wpa_s->auth_alg = params.auth_alg;
3992 wpa_drv_update_connect_params(wpa_s, ¶ms, mask);
3993 }
3994
3995 os_free(wpa_ie);
3996 }
3997 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3998
3999
wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)4000 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
4001 {
4002 if (!edmg_ie || edmg_ie[1] < 6)
4003 return 0;
4004 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
4005 }
4006
4007
wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)4008 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
4009 {
4010 if (!edmg_ie || edmg_ie[1] < 6)
4011 return 0;
4012 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
4013 }
4014
4015
4016 /* Returns the intersection of two EDMG configurations.
4017 * Note: The current implementation is limited to CB2 only (CB1 included),
4018 * i.e., the implementation supports up to 2 contiguous channels.
4019 * For supporting non-contiguous (aggregated) channels and for supporting
4020 * CB3 and above, this function will need to be extended.
4021 */
4022 static struct ieee80211_edmg_config
get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)4023 get_edmg_intersection(struct ieee80211_edmg_config a,
4024 struct ieee80211_edmg_config b,
4025 u8 primary_channel)
4026 {
4027 struct ieee80211_edmg_config result;
4028 int i, contiguous = 0;
4029 int max_contiguous = 0;
4030
4031 result.channels = b.channels & a.channels;
4032 if (!result.channels) {
4033 wpa_printf(MSG_DEBUG,
4034 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
4035 a.channels, b.channels);
4036 goto fail;
4037 }
4038
4039 if (!(result.channels & BIT(primary_channel - 1))) {
4040 wpa_printf(MSG_DEBUG,
4041 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
4042 primary_channel, result.channels);
4043 goto fail;
4044 }
4045
4046 /* Find max contiguous channels */
4047 for (i = 0; i < 6; i++) {
4048 if (result.channels & BIT(i))
4049 contiguous++;
4050 else
4051 contiguous = 0;
4052
4053 if (contiguous > max_contiguous)
4054 max_contiguous = contiguous;
4055 }
4056
4057 /* Assuming AP and STA supports ONLY contiguous channels,
4058 * bw configuration can have value between 4-7.
4059 */
4060 if ((b.bw_config < a.bw_config))
4061 result.bw_config = b.bw_config;
4062 else
4063 result.bw_config = a.bw_config;
4064
4065 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
4066 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
4067 wpa_printf(MSG_DEBUG,
4068 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
4069 max_contiguous);
4070 goto fail;
4071 }
4072
4073 return result;
4074
4075 fail:
4076 result.channels = 0;
4077 result.bw_config = 0;
4078 return result;
4079 }
4080
4081
4082 static struct ieee80211_edmg_config
get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)4083 get_supported_edmg(struct wpa_supplicant *wpa_s,
4084 struct hostapd_freq_params *freq,
4085 struct ieee80211_edmg_config request_edmg)
4086 {
4087 enum hostapd_hw_mode hw_mode;
4088 struct hostapd_hw_modes *mode = NULL;
4089 u8 primary_channel;
4090
4091 if (!wpa_s->hw.modes)
4092 goto fail;
4093
4094 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
4095 if (hw_mode == NUM_HOSTAPD_MODES)
4096 goto fail;
4097
4098 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
4099 if (!mode)
4100 goto fail;
4101
4102 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
4103
4104 fail:
4105 request_edmg.channels = 0;
4106 request_edmg.bw_config = 0;
4107 return request_edmg;
4108 }
4109
4110
4111 #ifdef CONFIG_MBO
wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)4112 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
4113 {
4114 struct wpa_driver_associate_params params;
4115 u8 *wpa_ie;
4116
4117 /*
4118 * Update MBO connect params only in case of change of MBO attributes
4119 * when connected, if the AP support MBO.
4120 */
4121
4122 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
4123 !wpa_s->current_bss ||
4124 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
4125 return;
4126
4127 os_memset(¶ms, 0, sizeof(params));
4128 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4129 wpa_s->current_ssid, ¶ms, NULL);
4130 if (!wpa_ie)
4131 return;
4132
4133 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
4134 os_free(wpa_ie);
4135 }
4136 #endif /* CONFIG_MBO */
4137
4138
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)4139 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
4140 {
4141 struct wpa_connect_work *cwork = work->ctx;
4142 struct wpa_bss *bss = cwork->bss;
4143 struct wpa_ssid *ssid = cwork->ssid;
4144 struct wpa_supplicant *wpa_s = work->wpa_s;
4145 u8 *wpa_ie;
4146 const u8 *edmg_ie_oper;
4147 int use_crypt, ret, bssid_changed;
4148 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
4149 struct wpa_driver_associate_params params;
4150 u8 psk[PMK_LEN];
4151 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
4152 int wep_keys_set = 0;
4153 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */
4154 int assoc_failed = 0;
4155 struct wpa_ssid *old_ssid;
4156 u8 prev_bssid[ETH_ALEN];
4157 #ifdef CONFIG_HT_OVERRIDES
4158 struct ieee80211_ht_capabilities htcaps;
4159 struct ieee80211_ht_capabilities htcaps_mask;
4160 #endif /* CONFIG_HT_OVERRIDES */
4161 #ifdef CONFIG_VHT_OVERRIDES
4162 struct ieee80211_vht_capabilities vhtcaps;
4163 struct ieee80211_vht_capabilities vhtcaps_mask;
4164 #endif /* CONFIG_VHT_OVERRIDES */
4165
4166 wpa_s->roam_in_progress = false;
4167 #ifdef CONFIG_WNM
4168 wpa_s->bss_trans_mgmt_in_progress = false;
4169 #endif /* CONFIG_WNM */
4170
4171 if (deinit) {
4172 if (work->started) {
4173 wpa_s->connect_work = NULL;
4174
4175 /* cancel possible auth. timeout */
4176 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
4177 NULL);
4178 }
4179 wpas_connect_work_free(cwork);
4180 return;
4181 }
4182
4183 wpa_s->connect_work = work;
4184
4185 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
4186 wpas_network_disabled(wpa_s, ssid)) {
4187 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
4188 wpas_connect_work_done(wpa_s);
4189 return;
4190 }
4191
4192 /*
4193 * Set the current AP's BSSID (for non-MLO connection) or MLD address
4194 * (for MLO connection) as the previous BSSID for reassociation requests
4195 * handled by SME-in-driver. If wpa_supplicant is in disconnected state,
4196 * prev_bssid will be zero as both wpa_s->valid_links and wpa_s->bssid
4197 * will be zero.
4198 */
4199 os_memcpy(prev_bssid,
4200 wpa_s->valid_links ? wpa_s->ap_mld_addr : wpa_s->bssid,
4201 ETH_ALEN);
4202 os_memset(¶ms, 0, sizeof(params));
4203 wpa_s->reassociate = 0;
4204 wpa_s->eap_expected_failure = 0;
4205
4206 /* Starting new association, so clear the possibly used WPA IE from the
4207 * previous association. */
4208 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
4209 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
4210 wpa_s->rsnxe_len = 0;
4211 #ifndef CONFIG_NO_ROBUST_AV
4212 wpa_s->mscs_setup_done = false;
4213 #endif /* CONFIG_NO_ROBUST_AV */
4214
4215 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL);
4216 if (!wpa_ie) {
4217 wpas_connect_work_done(wpa_s);
4218 return;
4219 }
4220
4221 if (bss &&
4222 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
4223 #ifdef CONFIG_IEEE80211R
4224 const u8 *ie, *md = NULL;
4225 #endif /* CONFIG_IEEE80211R */
4226 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
4227 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
4228 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
4229 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
4230 os_memset(wpa_s->bssid, 0, ETH_ALEN);
4231 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4232 if (bssid_changed)
4233 wpas_notify_bssid_changed(wpa_s);
4234 #ifdef CONFIG_IEEE80211R
4235 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
4236 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
4237 md = ie + 2;
4238 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
4239 if (md) {
4240 /* Prepare for the next transition */
4241 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
4242 }
4243 #endif /* CONFIG_IEEE80211R */
4244 #ifdef CONFIG_WPS
4245 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
4246 wpa_s->conf->ap_scan == 2 &&
4247 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
4248 /* Use ap_scan==1 style network selection to find the network
4249 */
4250 wpas_connect_work_done(wpa_s);
4251 wpa_s->scan_req = MANUAL_SCAN_REQ;
4252 wpa_s->reassociate = 1;
4253 wpa_supplicant_req_scan(wpa_s, 0, 0);
4254 os_free(wpa_ie);
4255 return;
4256 #endif /* CONFIG_WPS */
4257 } else {
4258 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
4259 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4260 if (bss)
4261 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4262 else
4263 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4264 }
4265 if (!wpa_s->pno)
4266 wpa_supplicant_cancel_sched_scan(wpa_s);
4267
4268 wpa_supplicant_cancel_scan(wpa_s);
4269
4270 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
4271 use_crypt = 1;
4272 cipher_pairwise = wpa_s->pairwise_cipher;
4273 cipher_group = wpa_s->group_cipher;
4274 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
4275 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
4276 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4277 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
4278 use_crypt = 0;
4279 #ifdef CONFIG_WEP
4280 if (wpa_set_wep_keys(wpa_s, ssid)) {
4281 use_crypt = 1;
4282 wep_keys_set = 1;
4283 }
4284 #endif /* CONFIG_WEP */
4285 }
4286 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
4287 use_crypt = 0;
4288
4289 #ifdef IEEE8021X_EAPOL
4290 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4291 if ((ssid->eapol_flags &
4292 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
4293 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
4294 !wep_keys_set) {
4295 use_crypt = 0;
4296 } else {
4297 /* Assume that dynamic WEP-104 keys will be used and
4298 * set cipher suites in order for drivers to expect
4299 * encryption. */
4300 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
4301 }
4302 }
4303 #endif /* IEEE8021X_EAPOL */
4304
4305 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4306 /* Set the key before (and later after) association */
4307 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4308 }
4309
4310 /* Set current_ssid before changing state to ASSOCIATING, so that the
4311 * selected SSID is available to wpas_notify_state_changed(). */
4312 old_ssid = wpa_s->current_ssid;
4313 wpa_s->current_ssid = ssid;
4314
4315 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
4316 if (bss) {
4317 params.ssid = bss->ssid;
4318 params.ssid_len = bss->ssid_len;
4319 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
4320 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4321 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
4322 MACSTR " freq=%u MHz based on scan results "
4323 "(bssid_set=%d wps=%d)",
4324 MAC2STR(bss->bssid), bss->freq,
4325 ssid->bssid_set,
4326 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
4327 params.bssid = bss->bssid;
4328 params.freq.freq = bss->freq;
4329 }
4330 params.bssid_hint = bss->bssid;
4331 params.freq_hint = bss->freq;
4332 params.pbss = bss_is_pbss(bss);
4333 } else {
4334 if (ssid->bssid_hint_set)
4335 params.bssid_hint = ssid->bssid_hint;
4336
4337 params.ssid = ssid->ssid;
4338 params.ssid_len = ssid->ssid_len;
4339 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
4340 }
4341
4342 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
4343 wpa_s->conf->ap_scan == 2) {
4344 params.bssid = ssid->bssid;
4345 params.fixed_bssid = 1;
4346 }
4347
4348 /* Initial frequency for IBSS/mesh */
4349 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
4350 ssid->frequency > 0 && params.freq.freq == 0)
4351 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
4352
4353 if (ssid->mode == WPAS_MODE_IBSS) {
4354 params.fixed_freq = ssid->fixed_freq;
4355 if (ssid->beacon_int)
4356 params.beacon_int = ssid->beacon_int;
4357 else
4358 params.beacon_int = wpa_s->conf->beacon_int;
4359 }
4360
4361 if (bss && ssid->enable_edmg)
4362 edmg_ie_oper = wpa_bss_get_ie_ext(bss,
4363 WLAN_EID_EXT_EDMG_OPERATION);
4364 else
4365 edmg_ie_oper = NULL;
4366
4367 if (edmg_ie_oper) {
4368 params.freq.edmg.channels =
4369 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
4370 params.freq.edmg.bw_config =
4371 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
4372 wpa_printf(MSG_DEBUG,
4373 "AP supports EDMG channels 0x%x, bw_config %d",
4374 params.freq.edmg.channels,
4375 params.freq.edmg.bw_config);
4376
4377 /* User may ask for specific EDMG channel for EDMG connection
4378 * (must be supported by AP)
4379 */
4380 if (ssid->edmg_channel) {
4381 struct ieee80211_edmg_config configured_edmg;
4382 enum hostapd_hw_mode hw_mode;
4383 u8 primary_channel;
4384
4385 hw_mode = ieee80211_freq_to_chan(bss->freq,
4386 &primary_channel);
4387 if (hw_mode == NUM_HOSTAPD_MODES)
4388 goto edmg_fail;
4389
4390 hostapd_encode_edmg_chan(ssid->enable_edmg,
4391 ssid->edmg_channel,
4392 primary_channel,
4393 &configured_edmg);
4394
4395 if (ieee802_edmg_is_allowed(params.freq.edmg,
4396 configured_edmg)) {
4397 params.freq.edmg = configured_edmg;
4398 wpa_printf(MSG_DEBUG,
4399 "Use EDMG channel %d for connection",
4400 ssid->edmg_channel);
4401 } else {
4402 edmg_fail:
4403 params.freq.edmg.channels = 0;
4404 params.freq.edmg.bw_config = 0;
4405 wpa_printf(MSG_WARNING,
4406 "EDMG channel %d not supported by AP, fallback to DMG",
4407 ssid->edmg_channel);
4408 }
4409 }
4410
4411 if (params.freq.edmg.channels) {
4412 wpa_printf(MSG_DEBUG,
4413 "EDMG before: channels 0x%x, bw_config %d",
4414 params.freq.edmg.channels,
4415 params.freq.edmg.bw_config);
4416 params.freq.edmg = get_supported_edmg(wpa_s,
4417 ¶ms.freq,
4418 params.freq.edmg);
4419 wpa_printf(MSG_DEBUG,
4420 "EDMG after: channels 0x%x, bw_config %d",
4421 params.freq.edmg.channels,
4422 params.freq.edmg.bw_config);
4423 }
4424 }
4425
4426 params.pairwise_suite = cipher_pairwise;
4427 params.group_suite = cipher_group;
4428 params.mgmt_group_suite = cipher_group_mgmt;
4429 params.key_mgmt_suite = wpa_s->key_mgmt;
4430 params.allowed_key_mgmts = wpa_s->allowed_key_mgmts;
4431 params.wpa_proto = wpa_s->wpa_proto;
4432 wpa_s->auth_alg = params.auth_alg;
4433 params.mode = ssid->mode;
4434 params.bg_scan_period = ssid->bg_scan_period;
4435 #ifdef CONFIG_WEP
4436 {
4437 int i;
4438
4439 for (i = 0; i < NUM_WEP_KEYS; i++) {
4440 if (ssid->wep_key_len[i])
4441 params.wep_key[i] = ssid->wep_key[i];
4442 params.wep_key_len[i] = ssid->wep_key_len[i];
4443 }
4444 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
4445 }
4446 #endif /* CONFIG_WEP */
4447
4448 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4449 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4450 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
4451 (params.allowed_key_mgmts &
4452 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK)))) {
4453 params.passphrase = ssid->passphrase;
4454 if (wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0)
4455 params.psk = psk;
4456 }
4457
4458 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
4459 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4460 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4461 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4462 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
4463 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384))
4464 params.req_handshake_offload = 1;
4465
4466 if (wpa_s->conf->key_mgmt_offload) {
4467 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4468 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4469 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4470 params.key_mgmt_suite ==
4471 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
4472 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384)
4473 params.req_key_mgmt_offload =
4474 ssid->proactive_key_caching < 0 ?
4475 wpa_s->conf->okc : ssid->proactive_key_caching;
4476 else
4477 params.req_key_mgmt_offload = 1;
4478
4479 if ((wpa_key_mgmt_wpa_psk_no_sae(params.key_mgmt_suite) ||
4480 wpa_key_mgmt_wpa_psk_no_sae(params.allowed_key_mgmts)) &&
4481 wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0)
4482 params.psk = psk;
4483 }
4484
4485 if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA) &&
4486 wpa_key_mgmt_sae(params.key_mgmt_suite)) {
4487 params.auth_alg = WPA_AUTH_ALG_SAE;
4488 if (ssid->sae_password) {
4489 params.sae_password = ssid->sae_password;
4490 params.sae_password_id = ssid->sae_password_id;
4491 } else if (ssid->passphrase) {
4492 params.passphrase = ssid->passphrase;
4493 }
4494 }
4495
4496 params.drop_unencrypted = use_crypt;
4497
4498 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
4499 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
4500 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
4501 struct wpa_ie_data ie;
4502 if (!wpas_driver_bss_selection(wpa_s) && rsn &&
4503 wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
4504 ie.capabilities &
4505 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
4506 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
4507 "MFP: require MFP");
4508 params.mgmt_frame_protection =
4509 MGMT_FRAME_PROTECTION_REQUIRED;
4510 #ifdef CONFIG_OWE
4511 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
4512 !ssid->owe_only) {
4513 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
4514 #endif /* CONFIG_OWE */
4515 }
4516 }
4517
4518 params.p2p = ssid->p2p_group;
4519
4520 if (wpa_s->p2pdev->set_sta_uapsd)
4521 params.uapsd = wpa_s->p2pdev->sta_uapsd;
4522 else
4523 params.uapsd = -1;
4524
4525 #ifdef CONFIG_HT_OVERRIDES
4526 os_memset(&htcaps, 0, sizeof(htcaps));
4527 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
4528 params.htcaps = (u8 *) &htcaps;
4529 params.htcaps_mask = (u8 *) &htcaps_mask;
4530 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
4531 #endif /* CONFIG_HT_OVERRIDES */
4532 #ifdef CONFIG_VHT_OVERRIDES
4533 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
4534 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
4535 params.vhtcaps = &vhtcaps;
4536 params.vhtcaps_mask = &vhtcaps_mask;
4537 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
4538 #endif /* CONFIG_VHT_OVERRIDES */
4539 #ifdef CONFIG_HE_OVERRIDES
4540 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms);
4541 #endif /* CONFIG_HE_OVERRIDES */
4542 wpa_supplicant_apply_eht_overrides(wpa_s, ssid, ¶ms);
4543
4544 #ifdef CONFIG_P2P
4545 /*
4546 * If multi-channel concurrency is not supported, check for any
4547 * frequency conflict. In case of any frequency conflict, remove the
4548 * least prioritized connection.
4549 */
4550 if (wpa_s->num_multichan_concurrent < 2) {
4551 int freq, num;
4552 num = get_shared_radio_freqs(wpa_s, &freq, 1, false);
4553 if (num > 0 && freq > 0 && freq != params.freq.freq) {
4554 wpa_printf(MSG_DEBUG,
4555 "Assoc conflicting freq found (%d != %d)",
4556 freq, params.freq.freq);
4557 if (wpas_p2p_handle_frequency_conflicts(
4558 wpa_s, params.freq.freq, ssid) < 0) {
4559 wpas_connect_work_done(wpa_s);
4560 os_free(wpa_ie);
4561 return;
4562 }
4563 }
4564 }
4565 #endif /* CONFIG_P2P */
4566
4567 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
4568 old_ssid)
4569 params.prev_bssid = prev_bssid;
4570
4571 #ifdef CONFIG_SAE
4572 params.sae_pwe = wpa_s->conf->sae_pwe;
4573 #endif /* CONFIG_SAE */
4574
4575 ret = wpa_drv_associate(wpa_s, ¶ms);
4576 forced_memzero(psk, sizeof(psk));
4577 os_free(wpa_ie);
4578 if (ret < 0) {
4579 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
4580 "failed");
4581 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) {
4582 /*
4583 * The driver is known to mean what is saying, so we
4584 * can stop right here; the association will not
4585 * succeed.
4586 */
4587 wpas_connection_failed(wpa_s, wpa_s->pending_bssid,
4588 NULL);
4589 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4590 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4591 return;
4592 }
4593 /* try to continue anyway; new association will be tried again
4594 * after timeout */
4595 assoc_failed = 1;
4596 }
4597
4598 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4599 /* Set the key after the association just in case association
4600 * cleared the previously configured key. */
4601 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4602 /* No need to timeout authentication since there is no key
4603 * management. */
4604 wpa_supplicant_cancel_auth_timeout(wpa_s);
4605 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
4606 #ifdef CONFIG_IBSS_RSN
4607 } else if (ssid->mode == WPAS_MODE_IBSS &&
4608 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
4609 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
4610 /*
4611 * RSN IBSS authentication is per-STA and we can disable the
4612 * per-BSSID authentication.
4613 */
4614 wpa_supplicant_cancel_auth_timeout(wpa_s);
4615 #endif /* CONFIG_IBSS_RSN */
4616 } else {
4617 /* Timeout for IEEE 802.11 authentication and association */
4618 int timeout = 60;
4619
4620 if (assoc_failed) {
4621 /* give IBSS a bit more time */
4622 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
4623 } else if (wpa_s->conf->ap_scan == 1) {
4624 /* give IBSS a bit more time */
4625 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
4626 }
4627 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4628 }
4629
4630 #ifdef CONFIG_WEP
4631 if (wep_keys_set &&
4632 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
4633 /* Set static WEP keys again */
4634 wpa_set_wep_keys(wpa_s, ssid);
4635 }
4636 #endif /* CONFIG_WEP */
4637
4638 if (old_ssid && old_ssid != ssid) {
4639 /*
4640 * Do not allow EAP session resumption between different
4641 * network configurations.
4642 */
4643 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4644 }
4645
4646 if (!wpas_driver_bss_selection(wpa_s) ||
4647 #ifdef CONFIG_P2P
4648 wpa_s->p2p_in_invitation ||
4649 #endif /* CONFIG_P2P */
4650 ssid->bssid_set) {
4651 wpa_s->current_bss = bss;
4652 #ifdef CONFIG_HS20
4653 hs20_configure_frame_filters(wpa_s);
4654 #endif /* CONFIG_HS20 */
4655 }
4656
4657 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
4658 if (bss)
4659 wpa_sm_set_ssid(wpa_s->wpa, bss->ssid, bss->ssid_len);
4660 wpa_supplicant_initiate_eapol(wpa_s);
4661 if (old_ssid != wpa_s->current_ssid)
4662 wpas_notify_network_changed(wpa_s);
4663 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
4664 wpas_notify_auth_changed(wpa_s);
4665 }
4666
4667
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)4668 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
4669 const u8 *addr)
4670 {
4671 struct wpa_ssid *old_ssid;
4672
4673 wpa_s->ml_connect_probe_ssid = NULL;
4674 wpa_s->ml_connect_probe_bss = NULL;
4675 wpas_connect_work_done(wpa_s);
4676 wpa_clear_keys(wpa_s, addr);
4677 old_ssid = wpa_s->current_ssid;
4678 wpa_supplicant_mark_disassoc(wpa_s);
4679 wpa_sm_set_config(wpa_s->wpa, NULL);
4680 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4681 if (old_ssid != wpa_s->current_ssid)
4682 wpas_notify_network_changed(wpa_s);
4683
4684 #ifndef CONFIG_NO_ROBUST_AV
4685 wpas_scs_deinit(wpa_s);
4686 wpas_dscp_deinit(wpa_s);
4687 #endif /* CONFIG_NO_ROBUST_AV */
4688 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4689 }
4690
4691
4692 /**
4693 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
4694 * @wpa_s: Pointer to wpa_supplicant data
4695 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
4696 *
4697 * This function is used to request %wpa_supplicant to deauthenticate from the
4698 * current AP.
4699 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,u16 reason_code)4700 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4701 u16 reason_code)
4702 {
4703 u8 *addr = NULL;
4704 union wpa_event_data event;
4705 int zero_addr = 0;
4706
4707 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
4708 " pending_bssid=" MACSTR
4709 " reason=%d (%s) state=%s valid_links=0x%x ap_mld_addr=" MACSTR,
4710 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
4711 reason_code, reason2str(reason_code),
4712 wpa_supplicant_state_txt(wpa_s->wpa_state), wpa_s->valid_links,
4713 MAC2STR(wpa_s->ap_mld_addr));
4714
4715 if (wpa_s->valid_links && !is_zero_ether_addr(wpa_s->ap_mld_addr))
4716 addr = wpa_s->ap_mld_addr;
4717 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
4718 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
4719 wpa_s->wpa_state == WPA_ASSOCIATING))
4720 addr = wpa_s->pending_bssid;
4721 else if (!is_zero_ether_addr(wpa_s->bssid))
4722 addr = wpa_s->bssid;
4723 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
4724 /*
4725 * When using driver-based BSS selection, we may not know the
4726 * BSSID with which we are currently trying to associate. We
4727 * need to notify the driver of this disconnection even in such
4728 * a case, so use the all zeros address here.
4729 */
4730 addr = wpa_s->bssid;
4731 zero_addr = 1;
4732 }
4733
4734 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
4735 wpa_s->enabled_4addr_mode = 0;
4736
4737 #ifdef CONFIG_TDLS
4738 wpa_tdls_teardown_peers(wpa_s->wpa);
4739 #endif /* CONFIG_TDLS */
4740
4741 #ifdef CONFIG_MESH
4742 if (wpa_s->ifmsh) {
4743 struct mesh_conf *mconf;
4744
4745 mconf = wpa_s->ifmsh->mconf;
4746 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
4747 wpa_s->ifname);
4748 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
4749 mconf->meshid_len, reason_code);
4750 wpa_supplicant_leave_mesh(wpa_s, true);
4751 }
4752 #endif /* CONFIG_MESH */
4753
4754 if (addr) {
4755 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
4756 os_memset(&event, 0, sizeof(event));
4757 event.deauth_info.reason_code = reason_code;
4758 event.deauth_info.locally_generated = 1;
4759 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
4760 if (zero_addr)
4761 addr = NULL;
4762 }
4763
4764 wpa_supplicant_clear_connection(wpa_s, addr);
4765 }
4766
4767
wpa_supplicant_reconnect(struct wpa_supplicant * wpa_s)4768 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
4769 {
4770 wpa_s->own_reconnect_req = 1;
4771 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
4772
4773 }
4774
4775
wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4776 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
4777 struct wpa_ssid *ssid)
4778 {
4779 if (!ssid || !ssid->disabled || ssid->disabled == 2)
4780 return;
4781
4782 ssid->disabled = 0;
4783 ssid->owe_transition_bss_select_count = 0;
4784 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4785 wpas_notify_network_enabled_changed(wpa_s, ssid);
4786
4787 /*
4788 * Try to reassociate since there is no current configuration and a new
4789 * network was made available.
4790 */
4791 if (!wpa_s->current_ssid && !wpa_s->disconnected)
4792 wpa_s->reassociate = 1;
4793 }
4794
4795
4796 /**
4797 * wpa_supplicant_add_network - Add a new network
4798 * @wpa_s: wpa_supplicant structure for a network interface
4799 * Returns: The new network configuration or %NULL if operation failed
4800 *
4801 * This function performs the following operations:
4802 * 1. Adds a new network.
4803 * 2. Send network addition notification.
4804 * 3. Marks the network disabled.
4805 * 4. Set network default parameters.
4806 */
wpa_supplicant_add_network(struct wpa_supplicant * wpa_s)4807 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
4808 {
4809 struct wpa_ssid *ssid;
4810
4811 ssid = wpa_config_add_network(wpa_s->conf);
4812 if (!ssid)
4813 return NULL;
4814 wpas_notify_network_added(wpa_s, ssid);
4815 ssid->disabled = 1;
4816 wpa_config_set_network_defaults(ssid);
4817
4818 return ssid;
4819 }
4820
4821
4822 /**
4823 * wpa_supplicant_remove_network - Remove a configured network based on id
4824 * @wpa_s: wpa_supplicant structure for a network interface
4825 * @id: Unique network id to search for
4826 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
4827 * could not be removed
4828 *
4829 * This function performs the following operations:
4830 * 1. Removes the network.
4831 * 2. Send network removal notification.
4832 * 3. Update internal state machines.
4833 * 4. Stop any running sched scans.
4834 */
wpa_supplicant_remove_network(struct wpa_supplicant * wpa_s,int id)4835 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
4836 {
4837 struct wpa_ssid *ssid, *prev = wpa_s->current_ssid;
4838 int was_disabled;
4839
4840 ssid = wpa_config_get_network(wpa_s->conf, id);
4841 if (!ssid)
4842 return -1;
4843 wpas_notify_network_removed(wpa_s, ssid);
4844
4845 if (ssid == prev || !prev) {
4846 #ifdef CONFIG_SME
4847 wpa_s->sme.prev_bssid_set = 0;
4848 #endif /* CONFIG_SME */
4849 /*
4850 * Invalidate the EAP session cache if the current or
4851 * previously used network is removed.
4852 */
4853 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4854 }
4855
4856 if (ssid == prev) {
4857 wpa_sm_set_config(wpa_s->wpa, NULL);
4858 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4859
4860 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4861 wpa_s->own_disconnect_req = 1;
4862 wpa_supplicant_deauthenticate(wpa_s,
4863 WLAN_REASON_DEAUTH_LEAVING);
4864 }
4865
4866 was_disabled = ssid->disabled;
4867
4868 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
4869 return -2;
4870
4871 if (!was_disabled && wpa_s->sched_scanning) {
4872 wpa_printf(MSG_DEBUG,
4873 "Stop ongoing sched_scan to remove network from filters");
4874 wpa_supplicant_cancel_sched_scan(wpa_s);
4875 wpa_supplicant_req_scan(wpa_s, 0, 0);
4876 }
4877
4878 return 0;
4879 }
4880
4881
4882 /**
4883 * wpa_supplicant_remove_all_networks - Remove all configured networks
4884 * @wpa_s: wpa_supplicant structure for a network interface
4885 * Returns: 0 on success (errors are currently ignored)
4886 *
4887 * This function performs the following operations:
4888 * 1. Remove all networks.
4889 * 2. Send network removal notifications.
4890 * 3. Update internal state machines.
4891 * 4. Stop any running sched scans.
4892 */
wpa_supplicant_remove_all_networks(struct wpa_supplicant * wpa_s)4893 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
4894 {
4895 struct wpa_ssid *ssid;
4896
4897 if (wpa_s->drv_flags2 &
4898 (WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA |
4899 WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA))
4900 wpa_drv_flush_pmkid(wpa_s);
4901
4902 if (wpa_s->sched_scanning)
4903 wpa_supplicant_cancel_sched_scan(wpa_s);
4904
4905 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4906 if (wpa_s->current_ssid) {
4907 #ifdef CONFIG_SME
4908 wpa_s->sme.prev_bssid_set = 0;
4909 #endif /* CONFIG_SME */
4910 wpa_sm_set_config(wpa_s->wpa, NULL);
4911 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4912 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4913 wpa_s->own_disconnect_req = 1;
4914 wpa_supplicant_deauthenticate(
4915 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4916 }
4917 ssid = wpa_s->conf->ssid;
4918 while (ssid) {
4919 struct wpa_ssid *remove_ssid = ssid;
4920 int id;
4921
4922 id = ssid->id;
4923 ssid = ssid->next;
4924 wpas_notify_network_removed(wpa_s, remove_ssid);
4925 wpa_config_remove_network(wpa_s->conf, id);
4926 }
4927 return 0;
4928 }
4929
4930
4931 /**
4932 * wpa_supplicant_enable_network - Mark a configured network as enabled
4933 * @wpa_s: wpa_supplicant structure for a network interface
4934 * @ssid: wpa_ssid structure for a configured network or %NULL
4935 *
4936 * Enables the specified network or all networks if no network specified.
4937 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4938 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
4939 struct wpa_ssid *ssid)
4940 {
4941 if (ssid == NULL) {
4942 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4943 wpa_supplicant_enable_one_network(wpa_s, ssid);
4944 } else
4945 wpa_supplicant_enable_one_network(wpa_s, ssid);
4946
4947 if (wpa_s->reassociate && !wpa_s->disconnected &&
4948 (!wpa_s->current_ssid ||
4949 wpa_s->wpa_state == WPA_DISCONNECTED ||
4950 wpa_s->wpa_state == WPA_SCANNING)) {
4951 if (wpa_s->sched_scanning) {
4952 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
4953 "new network to scan filters");
4954 wpa_supplicant_cancel_sched_scan(wpa_s);
4955 }
4956
4957 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
4958 wpa_s->scan_req = NORMAL_SCAN_REQ;
4959 wpa_supplicant_req_scan(wpa_s, 0, 0);
4960 }
4961 }
4962 }
4963
4964
4965 /**
4966 * wpa_supplicant_disable_network - Mark a configured network as disabled
4967 * @wpa_s: wpa_supplicant structure for a network interface
4968 * @ssid: wpa_ssid structure for a configured network or %NULL
4969 *
4970 * Disables the specified network or all networks if no network specified.
4971 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4972 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
4973 struct wpa_ssid *ssid)
4974 {
4975 struct wpa_ssid *other_ssid;
4976 int was_disabled;
4977
4978 if (ssid == NULL) {
4979 if (wpa_s->sched_scanning)
4980 wpa_supplicant_cancel_sched_scan(wpa_s);
4981
4982 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4983 other_ssid = other_ssid->next) {
4984 was_disabled = other_ssid->disabled;
4985 if (was_disabled == 2)
4986 continue; /* do not change persistent P2P group
4987 * data */
4988
4989 other_ssid->disabled = 1;
4990
4991 if (was_disabled != other_ssid->disabled)
4992 wpas_notify_network_enabled_changed(
4993 wpa_s, other_ssid);
4994 }
4995 if (wpa_s->current_ssid) {
4996 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4997 wpa_s->own_disconnect_req = 1;
4998 wpa_supplicant_deauthenticate(
4999 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5000 }
5001 } else if (ssid->disabled != 2) {
5002 if (ssid == wpa_s->current_ssid) {
5003 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5004 wpa_s->own_disconnect_req = 1;
5005 wpa_supplicant_deauthenticate(
5006 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5007 }
5008
5009 was_disabled = ssid->disabled;
5010
5011 ssid->disabled = 1;
5012
5013 if (was_disabled != ssid->disabled) {
5014 wpas_notify_network_enabled_changed(wpa_s, ssid);
5015 if (wpa_s->sched_scanning) {
5016 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
5017 "to remove network from filters");
5018 wpa_supplicant_cancel_sched_scan(wpa_s);
5019 wpa_supplicant_req_scan(wpa_s, 0, 0);
5020 }
5021 }
5022 }
5023 }
5024
5025
5026 /**
5027 * wpa_supplicant_select_network - Attempt association with a network
5028 * @wpa_s: wpa_supplicant structure for a network interface
5029 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
5030 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5031 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
5032 struct wpa_ssid *ssid)
5033 {
5034
5035 struct wpa_ssid *other_ssid;
5036 int disconnected = 0;
5037
5038 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
5039 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5040 wpa_s->own_disconnect_req = 1;
5041 wpa_supplicant_deauthenticate(
5042 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5043 disconnected = 1;
5044 }
5045
5046 if (ssid)
5047 wpas_clear_temp_disabled(wpa_s, ssid, 1);
5048
5049 /*
5050 * Mark all other networks disabled or mark all networks enabled if no
5051 * network specified.
5052 */
5053 for (other_ssid = wpa_s->conf->ssid; other_ssid;
5054 other_ssid = other_ssid->next) {
5055 int was_disabled = other_ssid->disabled;
5056 if (was_disabled == 2)
5057 continue; /* do not change persistent P2P group data */
5058
5059 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
5060 if (was_disabled && !other_ssid->disabled)
5061 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
5062
5063 if (was_disabled != other_ssid->disabled)
5064 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
5065 }
5066
5067 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
5068 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
5069 /* We are already associated with the selected network */
5070 wpa_printf(MSG_DEBUG, "Already associated with the "
5071 "selected network - do nothing");
5072 return;
5073 }
5074
5075 if (ssid) {
5076 wpa_s->current_ssid = ssid;
5077 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
5078 wpa_s->connect_without_scan =
5079 (ssid->mode == WPAS_MODE_MESH ||
5080 ssid->mode == WPAS_MODE_AP) ? ssid : NULL;
5081
5082 /*
5083 * Don't optimize next scan freqs since a new ESS has been
5084 * selected.
5085 */
5086 os_free(wpa_s->next_scan_freqs);
5087 wpa_s->next_scan_freqs = NULL;
5088 } else {
5089 wpa_s->connect_without_scan = NULL;
5090 }
5091
5092 wpa_s->disconnected = 0;
5093 wpa_s->reassociate = 1;
5094 wpa_s_clear_sae_rejected(wpa_s);
5095 wpa_s->last_owe_group = 0;
5096 if (ssid) {
5097 ssid->owe_transition_bss_select_count = 0;
5098 wpa_s_setup_sae_pt(wpa_s->conf, ssid, false);
5099 }
5100
5101 if (wpa_s->connect_without_scan ||
5102 wpa_supplicant_fast_associate(wpa_s) != 1) {
5103 wpa_s->scan_req = NORMAL_SCAN_REQ;
5104 wpas_scan_reset_sched_scan(wpa_s);
5105 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
5106 }
5107
5108 if (ssid)
5109 wpas_notify_network_selected(wpa_s, ssid);
5110 }
5111
5112
5113 /**
5114 * wpas_remove_cred - Remove the specified credential and all the network
5115 * entries created based on the removed credential
5116 * @wpa_s: wpa_supplicant structure for a network interface
5117 * @cred: The credential to remove
5118 * Returns: 0 on success, -1 on failure
5119 */
wpas_remove_cred(struct wpa_supplicant * wpa_s,struct wpa_cred * cred)5120 int wpas_remove_cred(struct wpa_supplicant *wpa_s, struct wpa_cred *cred)
5121 {
5122 struct wpa_ssid *ssid, *next;
5123 int id;
5124
5125 if (!cred) {
5126 wpa_printf(MSG_DEBUG, "Could not find cred");
5127 return -1;
5128 }
5129
5130 id = cred->id;
5131 if (wpa_config_remove_cred(wpa_s->conf, id) < 0) {
5132 wpa_printf(MSG_DEBUG, "Could not find cred %d", id);
5133 return -1;
5134 }
5135
5136 wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id);
5137
5138 /* Remove any network entry created based on the removed credential */
5139 ssid = wpa_s->conf->ssid;
5140 while (ssid) {
5141 next = ssid->next;
5142
5143 if (ssid->parent_cred == cred) {
5144 wpa_printf(MSG_DEBUG,
5145 "Remove network id %d since it used the removed credential",
5146 ssid->id);
5147 if (wpa_supplicant_remove_network(wpa_s, ssid->id) ==
5148 -1) {
5149 wpa_printf(MSG_DEBUG,
5150 "Could not find network id=%d",
5151 ssid->id);
5152 }
5153 }
5154
5155 ssid = next;
5156 }
5157
5158 return 0;
5159 }
5160
5161
5162 /**
5163 * wpas_remove_cred - Remove all the Interworking credentials
5164 * @wpa_s: wpa_supplicant structure for a network interface
5165 * Returns: 0 on success, -1 on failure
5166 */
wpas_remove_all_creds(struct wpa_supplicant * wpa_s)5167 int wpas_remove_all_creds(struct wpa_supplicant *wpa_s)
5168 {
5169 int res, ret = 0;
5170 struct wpa_cred *cred, *prev;
5171
5172 cred = wpa_s->conf->cred;
5173 while (cred) {
5174 prev = cred;
5175 cred = cred->next;
5176 res = wpas_remove_cred(wpa_s, prev);
5177 if (res < 0) {
5178 wpa_printf(MSG_DEBUG,
5179 "Removal of all credentials failed - failed to remove credential id=%d",
5180 prev->id);
5181 ret = -1;
5182 }
5183 }
5184
5185 return ret;
5186 }
5187
5188
5189 /**
5190 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
5191 * @wpa_s: wpa_supplicant structure for a network interface
5192 * @pkcs11_engine_path: PKCS #11 engine path or NULL
5193 * @pkcs11_module_path: PKCS #11 module path or NULL
5194 * Returns: 0 on success; -1 on failure
5195 *
5196 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
5197 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
5198 * module path fails the paths will be reset to the default value (NULL).
5199 */
wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)5200 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
5201 const char *pkcs11_engine_path,
5202 const char *pkcs11_module_path)
5203 {
5204 char *pkcs11_engine_path_copy = NULL;
5205 char *pkcs11_module_path_copy = NULL;
5206
5207 if (pkcs11_engine_path != NULL) {
5208 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
5209 if (pkcs11_engine_path_copy == NULL)
5210 return -1;
5211 }
5212 if (pkcs11_module_path != NULL) {
5213 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
5214 if (pkcs11_module_path_copy == NULL) {
5215 os_free(pkcs11_engine_path_copy);
5216 return -1;
5217 }
5218 }
5219
5220 #ifndef CONFIG_PKCS11_ENGINE_PATH
5221 os_free(wpa_s->conf->pkcs11_engine_path);
5222 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
5223 #endif /* CONFIG_PKCS11_ENGINE_PATH */
5224 #ifndef CONFIG_PKCS11_MODULE_PATH
5225 os_free(wpa_s->conf->pkcs11_module_path);
5226 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
5227 #endif /* CONFIG_PKCS11_MODULE_PATH */
5228
5229 wpa_sm_set_eapol(wpa_s->wpa, NULL);
5230 eapol_sm_deinit(wpa_s->eapol);
5231 wpa_s->eapol = NULL;
5232 if (wpa_supplicant_init_eapol(wpa_s)) {
5233 /* Error -> Reset paths to the default value (NULL) once. */
5234 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
5235 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
5236 NULL);
5237
5238 return -1;
5239 }
5240 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5241
5242 return 0;
5243 }
5244
5245
5246 /**
5247 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
5248 * @wpa_s: wpa_supplicant structure for a network interface
5249 * @ap_scan: AP scan mode
5250 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
5251 *
5252 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)5253 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
5254 {
5255
5256 int old_ap_scan;
5257
5258 if (ap_scan < 0 || ap_scan > 2)
5259 return -1;
5260
5261 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5262 wpa_printf(MSG_INFO,
5263 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5264 }
5265
5266 #ifdef ANDROID
5267 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
5268 wpa_s->wpa_state >= WPA_ASSOCIATING &&
5269 wpa_s->wpa_state < WPA_COMPLETED) {
5270 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
5271 "associating", wpa_s->conf->ap_scan, ap_scan);
5272 return 0;
5273 }
5274 #endif /* ANDROID */
5275
5276 old_ap_scan = wpa_s->conf->ap_scan;
5277 wpa_s->conf->ap_scan = ap_scan;
5278
5279 if (old_ap_scan != wpa_s->conf->ap_scan)
5280 wpas_notify_ap_scan_changed(wpa_s);
5281
5282 return 0;
5283 }
5284
5285
5286 /**
5287 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
5288 * @wpa_s: wpa_supplicant structure for a network interface
5289 * @expire_age: Expiration age in seconds
5290 * Returns: 0 if succeed or -1 if expire_age has an invalid value
5291 *
5292 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)5293 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
5294 unsigned int bss_expire_age)
5295 {
5296 if (bss_expire_age < 10) {
5297 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
5298 bss_expire_age);
5299 return -1;
5300 }
5301 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
5302 bss_expire_age);
5303 wpa_s->conf->bss_expiration_age = bss_expire_age;
5304
5305 return 0;
5306 }
5307
5308
5309 /**
5310 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
5311 * @wpa_s: wpa_supplicant structure for a network interface
5312 * @expire_count: number of scans after which an unseen BSS is reclaimed
5313 * Returns: 0 if succeed or -1 if expire_count has an invalid value
5314 *
5315 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)5316 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
5317 unsigned int bss_expire_count)
5318 {
5319 if (bss_expire_count < 1) {
5320 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
5321 bss_expire_count);
5322 return -1;
5323 }
5324 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
5325 bss_expire_count);
5326 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
5327
5328 return 0;
5329 }
5330
5331
5332 /**
5333 * wpa_supplicant_set_scan_interval - Set scan interval
5334 * @wpa_s: wpa_supplicant structure for a network interface
5335 * @scan_interval: scan interval in seconds
5336 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
5337 *
5338 */
wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)5339 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
5340 int scan_interval)
5341 {
5342 if (scan_interval < 0) {
5343 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
5344 scan_interval);
5345 return -1;
5346 }
5347 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
5348 scan_interval);
5349 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
5350
5351 return 0;
5352 }
5353
5354
5355 /**
5356 * wpa_supplicant_set_debug_params - Set global debug params
5357 * @global: wpa_global structure
5358 * @debug_level: debug level
5359 * @debug_timestamp: determines if show timestamp in debug data
5360 * @debug_show_keys: determines if show keys in debug data
5361 * Returns: 0 if succeed or -1 if debug_level has wrong value
5362 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)5363 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
5364 int debug_timestamp, int debug_show_keys)
5365 {
5366
5367 int old_level, old_timestamp, old_show_keys;
5368
5369 /* check for allowed debuglevels */
5370 if (debug_level != MSG_EXCESSIVE &&
5371 debug_level != MSG_MSGDUMP &&
5372 debug_level != MSG_DEBUG &&
5373 debug_level != MSG_INFO &&
5374 debug_level != MSG_WARNING &&
5375 debug_level != MSG_ERROR)
5376 return -1;
5377
5378 old_level = wpa_debug_level;
5379 old_timestamp = wpa_debug_timestamp;
5380 old_show_keys = wpa_debug_show_keys;
5381
5382 wpa_debug_level = debug_level;
5383 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
5384 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
5385
5386 if (wpa_debug_level != old_level)
5387 wpas_notify_debug_level_changed(global);
5388 if (wpa_debug_timestamp != old_timestamp)
5389 wpas_notify_debug_timestamp_changed(global);
5390 if (wpa_debug_show_keys != old_show_keys)
5391 wpas_notify_debug_show_keys_changed(global);
5392
5393 return 0;
5394 }
5395
5396
5397 #ifdef CONFIG_OWE
owe_trans_ssid_match(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * entry_ssid,size_t entry_ssid_len)5398 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
5399 const u8 *entry_ssid, size_t entry_ssid_len)
5400 {
5401 const u8 *owe, *pos, *end;
5402 u8 ssid_len;
5403 struct wpa_bss *bss;
5404
5405 /* Check network profile SSID aganst the SSID in the
5406 * OWE Transition Mode element. */
5407
5408 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
5409 if (!bss)
5410 return 0;
5411
5412 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
5413 if (!owe)
5414 return 0;
5415
5416 pos = owe + 6;
5417 end = owe + 2 + owe[1];
5418
5419 if (end - pos < ETH_ALEN + 1)
5420 return 0;
5421 pos += ETH_ALEN;
5422 ssid_len = *pos++;
5423 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
5424 return 0;
5425
5426 return entry_ssid_len == ssid_len &&
5427 os_memcmp(pos, entry_ssid, ssid_len) == 0;
5428 }
5429 #endif /* CONFIG_OWE */
5430
5431
5432 /**
5433 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
5434 * @wpa_s: Pointer to wpa_supplicant data
5435 * Returns: A pointer to the current network structure or %NULL on failure
5436 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)5437 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
5438 {
5439 struct wpa_ssid *entry;
5440 u8 ssid[SSID_MAX_LEN];
5441 int res;
5442 size_t ssid_len;
5443 u8 bssid[ETH_ALEN];
5444 int wired;
5445
5446 res = wpa_drv_get_ssid(wpa_s, ssid);
5447 if (res < 0) {
5448 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
5449 "driver");
5450 return NULL;
5451 }
5452 ssid_len = res;
5453
5454 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
5455 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
5456 "driver");
5457 return NULL;
5458 }
5459
5460 wired = wpa_s->conf->ap_scan == 0 &&
5461 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
5462
5463 entry = wpa_s->conf->ssid;
5464 while (entry) {
5465 if (!wpas_network_disabled(wpa_s, entry) &&
5466 ((ssid_len == entry->ssid_len &&
5467 (!entry->ssid ||
5468 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
5469 wired) &&
5470 (!entry->bssid_set ||
5471 ether_addr_equal(bssid, entry->bssid)))
5472 return entry;
5473 #ifdef CONFIG_WPS
5474 if (!wpas_network_disabled(wpa_s, entry) &&
5475 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
5476 (entry->ssid == NULL || entry->ssid_len == 0) &&
5477 (!entry->bssid_set ||
5478 ether_addr_equal(bssid, entry->bssid)))
5479 return entry;
5480 #endif /* CONFIG_WPS */
5481
5482 #ifdef CONFIG_OWE
5483 if (!wpas_network_disabled(wpa_s, entry) &&
5484 (entry->ssid &&
5485 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
5486 entry->ssid_len)) &&
5487 (!entry->bssid_set ||
5488 ether_addr_equal(bssid, entry->bssid)))
5489 return entry;
5490 #endif /* CONFIG_OWE */
5491
5492 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
5493 entry->ssid_len == 0 &&
5494 ether_addr_equal(bssid, entry->bssid))
5495 return entry;
5496
5497 entry = entry->next;
5498 }
5499
5500 return NULL;
5501 }
5502
5503
select_driver(struct wpa_supplicant * wpa_s,int i)5504 static int select_driver(struct wpa_supplicant *wpa_s, int i)
5505 {
5506 struct wpa_global *global = wpa_s->global;
5507
5508 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
5509 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
5510 if (global->drv_priv[i] == NULL) {
5511 wpa_printf(MSG_ERROR, "Failed to initialize driver "
5512 "'%s'", wpa_drivers[i]->name);
5513 return -1;
5514 }
5515 }
5516
5517 wpa_s->driver = wpa_drivers[i];
5518 wpa_s->global_drv_priv = global->drv_priv[i];
5519
5520 return 0;
5521 }
5522
5523
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)5524 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
5525 const char *name)
5526 {
5527 int i;
5528 size_t len;
5529 const char *pos, *driver = name;
5530
5531 if (wpa_s == NULL)
5532 return -1;
5533
5534 if (wpa_drivers[0] == NULL) {
5535 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
5536 "wpa_supplicant");
5537 return -1;
5538 }
5539
5540 if (name == NULL) {
5541 /* Default to first successful driver in the list */
5542 for (i = 0; wpa_drivers[i]; i++) {
5543 if (select_driver(wpa_s, i) == 0)
5544 return 0;
5545 }
5546 /* Drivers have each reported failure, so no wpa_msg() here. */
5547 return -1;
5548 }
5549
5550 do {
5551 pos = os_strchr(driver, ',');
5552 if (pos)
5553 len = pos - driver;
5554 else
5555 len = os_strlen(driver);
5556
5557 for (i = 0; wpa_drivers[i]; i++) {
5558 if (os_strlen(wpa_drivers[i]->name) == len &&
5559 os_strncmp(driver, wpa_drivers[i]->name, len) ==
5560 0) {
5561 /* First driver that succeeds wins */
5562 if (select_driver(wpa_s, i) == 0)
5563 return 0;
5564 }
5565 }
5566
5567 driver = pos + 1;
5568 } while (pos);
5569
5570 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
5571 return -1;
5572 }
5573
5574
5575 /**
5576 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
5577 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
5578 * with struct wpa_driver_ops::init()
5579 * @src_addr: Source address of the EAPOL frame
5580 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
5581 * @len: Length of the EAPOL data
5582 * @encrypted: Whether the frame was encrypted
5583 *
5584 * This function is called for each received EAPOL frame. Most driver
5585 * interfaces rely on more generic OS mechanism for receiving frames through
5586 * l2_packet, but if such a mechanism is not available, the driver wrapper may
5587 * take care of received EAPOL frames and deliver them to the core supplicant
5588 * code by calling this function.
5589 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len,enum frame_encryption encrypted)5590 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
5591 const u8 *buf, size_t len,
5592 enum frame_encryption encrypted)
5593 {
5594 struct wpa_supplicant *wpa_s = ctx;
5595 const u8 *connected_addr = wpa_s->valid_links ?
5596 wpa_s->ap_mld_addr : wpa_s->bssid;
5597
5598 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " (encrypted=%d)",
5599 MAC2STR(src_addr), encrypted);
5600 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
5601
5602 if (wpa_s->own_disconnect_req) {
5603 wpa_printf(MSG_DEBUG,
5604 "Drop received EAPOL frame as we are disconnecting");
5605 return;
5606 }
5607
5608 #ifdef CONFIG_TESTING_OPTIONS
5609 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu",
5610 MAC2STR(src_addr), len);
5611 if (wpa_s->ignore_auth_resp) {
5612 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
5613 return;
5614 }
5615 #endif /* CONFIG_TESTING_OPTIONS */
5616
5617 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
5618 (wpa_s->last_eapol_matches_bssid &&
5619 #ifdef CONFIG_AP
5620 !wpa_s->ap_iface &&
5621 #endif /* CONFIG_AP */
5622 !ether_addr_equal(src_addr, connected_addr))) {
5623 /*
5624 * There is possible race condition between receiving the
5625 * association event and the EAPOL frame since they are coming
5626 * through different paths from the driver. In order to avoid
5627 * issues in trying to process the EAPOL frame before receiving
5628 * association information, lets queue it for processing until
5629 * the association event is received. This may also be needed in
5630 * driver-based roaming case, so also use src_addr != BSSID as a
5631 * trigger if we have previously confirmed that the
5632 * Authenticator uses BSSID as the src_addr (which is not the
5633 * case with wired IEEE 802.1X).
5634 */
5635 wpa_dbg(wpa_s, MSG_DEBUG,
5636 "Not associated - Delay processing of received EAPOL frame (state=%s connected_addr="
5637 MACSTR ")",
5638 wpa_supplicant_state_txt(wpa_s->wpa_state),
5639 MAC2STR(connected_addr));
5640 wpabuf_free(wpa_s->pending_eapol_rx);
5641 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
5642 if (wpa_s->pending_eapol_rx) {
5643 os_get_reltime(&wpa_s->pending_eapol_rx_time);
5644 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
5645 ETH_ALEN);
5646 wpa_s->pending_eapol_encrypted = encrypted;
5647 }
5648 return;
5649 }
5650
5651 wpa_s->last_eapol_matches_bssid =
5652 ether_addr_equal(src_addr, connected_addr);
5653
5654 #ifdef CONFIG_AP
5655 if (wpa_s->ap_iface) {
5656 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len,
5657 encrypted);
5658 return;
5659 }
5660 #endif /* CONFIG_AP */
5661
5662 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
5663 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
5664 "no key management is configured");
5665 return;
5666 }
5667
5668 if (wpa_s->eapol_received == 0 &&
5669 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
5670 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
5671 wpa_s->wpa_state != WPA_COMPLETED) &&
5672 (wpa_s->current_ssid == NULL ||
5673 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
5674 /* Timeout for completing IEEE 802.1X and WPA authentication */
5675 int timeout = 10;
5676
5677 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
5678 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
5679 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
5680 /* Use longer timeout for IEEE 802.1X/EAP */
5681 timeout = 70;
5682 }
5683
5684 #ifdef CONFIG_WPS
5685 if (wpa_s->current_ssid && wpa_s->current_bss &&
5686 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
5687 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
5688 /*
5689 * Use shorter timeout if going through WPS AP iteration
5690 * for PIN config method with an AP that does not
5691 * advertise Selected Registrar.
5692 */
5693 struct wpabuf *wps_ie;
5694
5695 wps_ie = wpa_bss_get_vendor_ie_multi(
5696 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
5697 if (wps_ie &&
5698 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5699 timeout = 10;
5700 wpabuf_free(wps_ie);
5701 }
5702 #endif /* CONFIG_WPS */
5703
5704 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
5705 }
5706 wpa_s->eapol_received++;
5707
5708 if (wpa_s->countermeasures) {
5709 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
5710 "EAPOL packet");
5711 return;
5712 }
5713
5714 #ifdef CONFIG_IBSS_RSN
5715 if (wpa_s->current_ssid &&
5716 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
5717 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len,
5718 encrypted);
5719 return;
5720 }
5721 #endif /* CONFIG_IBSS_RSN */
5722
5723 /* Source address of the incoming EAPOL frame could be compared to the
5724 * current BSSID. However, it is possible that a centralized
5725 * Authenticator could be using another MAC address than the BSSID of
5726 * an AP, so just allow any address to be used for now. The replies are
5727 * still sent to the current BSSID (if available), though. */
5728
5729 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
5730 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
5731 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
5732 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
5733 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len,
5734 encrypted) > 0)
5735 return;
5736 wpa_drv_poll(wpa_s);
5737 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
5738 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len, encrypted);
5739 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
5740 /*
5741 * Set portValid = true here since we are going to skip 4-way
5742 * handshake processing which would normally set portValid. We
5743 * need this to allow the EAPOL state machines to be completed
5744 * without going through EAPOL-Key handshake.
5745 */
5746 eapol_sm_notify_portValid(wpa_s->eapol, true);
5747 }
5748 }
5749
5750
wpa_supplicant_rx_eapol_cb(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)5751 static void wpa_supplicant_rx_eapol_cb(void *ctx, const u8 *src_addr,
5752 const u8 *buf, size_t len)
5753 {
5754 wpa_supplicant_rx_eapol(ctx, src_addr, buf, len,
5755 FRAME_ENCRYPTION_UNKNOWN);
5756 }
5757
5758
wpas_eapol_needs_l2_packet(struct wpa_supplicant * wpa_s)5759 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s)
5760 {
5761 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) ||
5762 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX);
5763 }
5764
5765
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)5766 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
5767 {
5768 u8 prev_mac_addr[ETH_ALEN];
5769
5770 os_memcpy(prev_mac_addr, wpa_s->own_addr, ETH_ALEN);
5771
5772 if ((!wpa_s->p2p_mgmt ||
5773 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
5774 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
5775 l2_packet_deinit(wpa_s->l2);
5776 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
5777 wpa_drv_get_mac_addr(wpa_s),
5778 ETH_P_EAPOL,
5779 wpas_eapol_needs_l2_packet(wpa_s) ?
5780 wpa_supplicant_rx_eapol_cb : NULL,
5781 wpa_s, 0);
5782 if (wpa_s->l2 == NULL)
5783 return -1;
5784
5785 if (l2_packet_set_packet_filter(wpa_s->l2,
5786 L2_PACKET_FILTER_PKTTYPE))
5787 wpa_dbg(wpa_s, MSG_DEBUG,
5788 "Failed to attach pkt_type filter");
5789
5790 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
5791 wpa_msg(wpa_s, MSG_ERROR,
5792 "Failed to get own L2 address");
5793 return -1;
5794 }
5795 } else {
5796 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
5797 if (addr)
5798 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
5799 }
5800
5801 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5802 wpas_wps_update_mac_addr(wpa_s);
5803
5804 #ifdef CONFIG_FST
5805 if (wpa_s->fst)
5806 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
5807 #endif /* CONFIG_FST */
5808
5809 if (!ether_addr_equal(prev_mac_addr, wpa_s->own_addr))
5810 wpas_notify_mac_address_changed(wpa_s);
5811
5812 return 0;
5813 }
5814
5815
wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)5816 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
5817 const u8 *buf, size_t len)
5818 {
5819 struct wpa_supplicant *wpa_s = ctx;
5820 const struct l2_ethhdr *eth;
5821
5822 if (len < sizeof(*eth))
5823 return;
5824 eth = (const struct l2_ethhdr *) buf;
5825
5826 if (!ether_addr_equal(eth->h_dest, wpa_s->own_addr) &&
5827 !(eth->h_dest[0] & 0x01)) {
5828 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5829 " (bridge - not for this interface - ignore)",
5830 MAC2STR(src_addr), MAC2STR(eth->h_dest));
5831 return;
5832 }
5833
5834 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5835 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
5836 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
5837 len - sizeof(*eth), FRAME_ENCRYPTION_UNKNOWN);
5838 }
5839
5840
wpa_supplicant_update_bridge_ifname(struct wpa_supplicant * wpa_s,const char * bridge_ifname)5841 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
5842 const char *bridge_ifname)
5843 {
5844 if (wpa_s->wpa_state > WPA_SCANNING)
5845 return -EBUSY;
5846
5847 if (bridge_ifname &&
5848 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
5849 return -EINVAL;
5850
5851 if (!bridge_ifname)
5852 bridge_ifname = "";
5853
5854 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
5855 return 0;
5856
5857 if (wpa_s->l2_br) {
5858 l2_packet_deinit(wpa_s->l2_br);
5859 wpa_s->l2_br = NULL;
5860 }
5861
5862 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
5863 sizeof(wpa_s->bridge_ifname));
5864
5865 if (wpa_s->bridge_ifname[0]) {
5866 wpa_dbg(wpa_s, MSG_DEBUG,
5867 "Receiving packets from bridge interface '%s'",
5868 wpa_s->bridge_ifname);
5869 wpa_s->l2_br = l2_packet_init_bridge(
5870 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5871 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5872 if (!wpa_s->l2_br) {
5873 wpa_msg(wpa_s, MSG_ERROR,
5874 "Failed to open l2_packet connection for the bridge interface '%s'",
5875 wpa_s->bridge_ifname);
5876 goto fail;
5877 }
5878 }
5879
5880 #ifdef CONFIG_TDLS
5881 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
5882 goto fail;
5883 #endif /* CONFIG_TDLS */
5884
5885 return 0;
5886 fail:
5887 wpa_s->bridge_ifname[0] = 0;
5888 if (wpa_s->l2_br) {
5889 l2_packet_deinit(wpa_s->l2_br);
5890 wpa_s->l2_br = NULL;
5891 }
5892 #ifdef CONFIG_TDLS
5893 if (!wpa_s->p2p_mgmt)
5894 wpa_tdls_init(wpa_s->wpa);
5895 #endif /* CONFIG_TDLS */
5896 return -EIO;
5897 }
5898
5899
5900 /**
5901 * wpa_supplicant_driver_init - Initialize driver interface parameters
5902 * @wpa_s: Pointer to wpa_supplicant data
5903 * Returns: 0 on success, -1 on failure
5904 *
5905 * This function is called to initialize driver interface parameters.
5906 * wpa_drv_init() must have been called before this function to initialize the
5907 * driver interface.
5908 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)5909 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
5910 {
5911 static int interface_count = 0;
5912
5913 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
5914 return -1;
5915
5916 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
5917 MAC2STR(wpa_s->own_addr));
5918 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
5919 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5920
5921 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) {
5922 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
5923 "interface '%s'", wpa_s->bridge_ifname);
5924 wpa_s->l2_br = l2_packet_init_bridge(
5925 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5926 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5927 if (wpa_s->l2_br == NULL) {
5928 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
5929 "connection for the bridge interface '%s'",
5930 wpa_s->bridge_ifname);
5931 return -1;
5932 }
5933 }
5934
5935 if (wpa_s->conf->ap_scan == 2 &&
5936 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5937 wpa_printf(MSG_INFO,
5938 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5939 }
5940
5941 wpa_clear_keys(wpa_s, NULL);
5942
5943 /* Make sure that TKIP countermeasures are not left enabled (could
5944 * happen if wpa_supplicant is killed during countermeasures. */
5945 wpa_drv_set_countermeasures(wpa_s, 0);
5946
5947 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
5948 wpa_drv_flush_pmkid(wpa_s);
5949
5950 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
5951 wpa_s->prev_scan_wildcard = 0;
5952
5953 if (wpa_supplicant_enabled_networks(wpa_s)) {
5954 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
5955 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5956 interface_count = 0;
5957 }
5958 #ifndef ANDROID
5959 if (!wpa_s->p2p_mgmt &&
5960 wpa_supplicant_delayed_sched_scan(wpa_s,
5961 interface_count % 3,
5962 100000))
5963 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
5964 100000);
5965 #endif /* ANDROID */
5966 interface_count++;
5967 } else
5968 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
5969
5970 return 0;
5971 }
5972
5973
wpa_supplicant_daemon(const char * pid_file)5974 static int wpa_supplicant_daemon(const char *pid_file)
5975 {
5976 wpa_printf(MSG_DEBUG, "Daemonize..");
5977 return os_daemonize(pid_file);
5978 }
5979
5980
5981 static struct wpa_supplicant *
wpa_supplicant_alloc(struct wpa_supplicant * parent)5982 wpa_supplicant_alloc(struct wpa_supplicant *parent)
5983 {
5984 struct wpa_supplicant *wpa_s;
5985
5986 wpa_s = os_zalloc(sizeof(*wpa_s));
5987 if (wpa_s == NULL)
5988 return NULL;
5989 wpa_s->scan_req = INITIAL_SCAN_REQ;
5990 wpa_s->scan_interval = 5;
5991 wpa_s->new_connection = 1;
5992 wpa_s->parent = parent ? parent : wpa_s;
5993 wpa_s->p2pdev = wpa_s->parent;
5994 wpa_s->sched_scanning = 0;
5995 wpa_s->setband_mask = WPA_SETBAND_AUTO;
5996
5997 dl_list_init(&wpa_s->bss_tmp_disallowed);
5998 dl_list_init(&wpa_s->fils_hlp_req);
5999 #ifdef CONFIG_TESTING_OPTIONS
6000 dl_list_init(&wpa_s->drv_signal_override);
6001 wpa_s->test_assoc_comeback_type = -1;
6002 #endif /* CONFIG_TESTING_OPTIONS */
6003 #ifndef CONFIG_NO_ROBUST_AV
6004 dl_list_init(&wpa_s->active_scs_ids);
6005 #endif /* CONFIG_NO_ROBUST_AV */
6006 wpa_s->ml_probe_mld_id = -1;
6007
6008 return wpa_s;
6009 }
6010
6011
6012 #ifdef CONFIG_HT_OVERRIDES
6013
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)6014 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
6015 struct ieee80211_ht_capabilities *htcaps,
6016 struct ieee80211_ht_capabilities *htcaps_mask,
6017 const char *ht_mcs)
6018 {
6019 /* parse ht_mcs into hex array */
6020 int i;
6021 const char *tmp = ht_mcs;
6022 char *end = NULL;
6023
6024 /* If ht_mcs is null, do not set anything */
6025 if (!ht_mcs)
6026 return 0;
6027
6028 /* This is what we are setting in the kernel */
6029 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
6030
6031 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
6032
6033 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
6034 long v;
6035
6036 errno = 0;
6037 v = strtol(tmp, &end, 16);
6038
6039 if (errno == 0) {
6040 wpa_msg(wpa_s, MSG_DEBUG,
6041 "htcap value[%i]: %ld end: %p tmp: %p",
6042 i, v, end, tmp);
6043 if (end == tmp)
6044 break;
6045
6046 htcaps->supported_mcs_set[i] = v;
6047 tmp = end;
6048 } else {
6049 wpa_msg(wpa_s, MSG_ERROR,
6050 "Failed to parse ht-mcs: %s, error: %s\n",
6051 ht_mcs, strerror(errno));
6052 return -1;
6053 }
6054 }
6055
6056 /*
6057 * If we were able to parse any values, then set mask for the MCS set.
6058 */
6059 if (i) {
6060 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
6061 IEEE80211_HT_MCS_MASK_LEN - 1);
6062 /* skip the 3 reserved bits */
6063 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
6064 0x1f;
6065 }
6066
6067 return 0;
6068 }
6069
6070
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6071 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
6072 struct ieee80211_ht_capabilities *htcaps,
6073 struct ieee80211_ht_capabilities *htcaps_mask,
6074 int disabled)
6075 {
6076 le16 msk;
6077
6078 if (disabled == -1)
6079 return 0;
6080
6081 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
6082
6083 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
6084 htcaps_mask->ht_capabilities_info |= msk;
6085 if (disabled)
6086 htcaps->ht_capabilities_info &= msk;
6087 else
6088 htcaps->ht_capabilities_info |= msk;
6089
6090 return 0;
6091 }
6092
6093
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)6094 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
6095 struct ieee80211_ht_capabilities *htcaps,
6096 struct ieee80211_ht_capabilities *htcaps_mask,
6097 int factor)
6098 {
6099 if (factor == -1)
6100 return 0;
6101
6102 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
6103
6104 if (factor < 0 || factor > 3) {
6105 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
6106 "Must be 0-3 or -1", factor);
6107 return -EINVAL;
6108 }
6109
6110 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
6111 htcaps->a_mpdu_params &= ~0x3;
6112 htcaps->a_mpdu_params |= factor & 0x3;
6113
6114 return 0;
6115 }
6116
6117
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)6118 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
6119 struct ieee80211_ht_capabilities *htcaps,
6120 struct ieee80211_ht_capabilities *htcaps_mask,
6121 int density)
6122 {
6123 if (density == -1)
6124 return 0;
6125
6126 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
6127
6128 if (density < 0 || density > 7) {
6129 wpa_msg(wpa_s, MSG_ERROR,
6130 "ampdu_density: %d out of range. Must be 0-7 or -1.",
6131 density);
6132 return -EINVAL;
6133 }
6134
6135 htcaps_mask->a_mpdu_params |= 0x1C;
6136 htcaps->a_mpdu_params &= ~(0x1C);
6137 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
6138
6139 return 0;
6140 }
6141
6142
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6143 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
6144 struct ieee80211_ht_capabilities *htcaps,
6145 struct ieee80211_ht_capabilities *htcaps_mask,
6146 int disabled)
6147 {
6148 if (disabled)
6149 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
6150
6151 set_disable_ht40(htcaps, disabled);
6152 set_disable_ht40(htcaps_mask, 0);
6153
6154 return 0;
6155 }
6156
6157
wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6158 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
6159 struct ieee80211_ht_capabilities *htcaps,
6160 struct ieee80211_ht_capabilities *htcaps_mask,
6161 int disabled)
6162 {
6163 /* Masking these out disables SGI */
6164 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
6165 HT_CAP_INFO_SHORT_GI40MHZ);
6166
6167 if (disabled)
6168 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
6169
6170 if (disabled)
6171 htcaps->ht_capabilities_info &= ~msk;
6172 else
6173 htcaps->ht_capabilities_info |= msk;
6174
6175 htcaps_mask->ht_capabilities_info |= msk;
6176
6177 return 0;
6178 }
6179
6180
wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6181 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
6182 struct ieee80211_ht_capabilities *htcaps,
6183 struct ieee80211_ht_capabilities *htcaps_mask,
6184 int disabled)
6185 {
6186 /* Masking these out disables LDPC */
6187 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
6188
6189 if (disabled)
6190 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
6191
6192 if (disabled)
6193 htcaps->ht_capabilities_info &= ~msk;
6194 else
6195 htcaps->ht_capabilities_info |= msk;
6196
6197 htcaps_mask->ht_capabilities_info |= msk;
6198
6199 return 0;
6200 }
6201
6202
wpa_set_tx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int tx_stbc)6203 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
6204 struct ieee80211_ht_capabilities *htcaps,
6205 struct ieee80211_ht_capabilities *htcaps_mask,
6206 int tx_stbc)
6207 {
6208 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
6209
6210 if (tx_stbc == -1)
6211 return 0;
6212
6213 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
6214
6215 if (tx_stbc < 0 || tx_stbc > 1) {
6216 wpa_msg(wpa_s, MSG_ERROR,
6217 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
6218 return -EINVAL;
6219 }
6220
6221 htcaps_mask->ht_capabilities_info |= msk;
6222 htcaps->ht_capabilities_info &= ~msk;
6223 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
6224
6225 return 0;
6226 }
6227
6228
wpa_set_rx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int rx_stbc)6229 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
6230 struct ieee80211_ht_capabilities *htcaps,
6231 struct ieee80211_ht_capabilities *htcaps_mask,
6232 int rx_stbc)
6233 {
6234 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
6235
6236 if (rx_stbc == -1)
6237 return 0;
6238
6239 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
6240
6241 if (rx_stbc < 0 || rx_stbc > 3) {
6242 wpa_msg(wpa_s, MSG_ERROR,
6243 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
6244 return -EINVAL;
6245 }
6246
6247 htcaps_mask->ht_capabilities_info |= msk;
6248 htcaps->ht_capabilities_info &= ~msk;
6249 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
6250
6251 return 0;
6252 }
6253
6254
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6255 void wpa_supplicant_apply_ht_overrides(
6256 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6257 struct wpa_driver_associate_params *params)
6258 {
6259 struct ieee80211_ht_capabilities *htcaps;
6260 struct ieee80211_ht_capabilities *htcaps_mask;
6261
6262 if (!ssid)
6263 return;
6264
6265 params->disable_ht = ssid->disable_ht;
6266 if (!params->htcaps || !params->htcaps_mask)
6267 return;
6268
6269 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
6270 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
6271 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
6272 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
6273 ssid->disable_max_amsdu);
6274 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
6275 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
6276 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
6277 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
6278 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
6279 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
6280 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
6281
6282 if (ssid->ht40_intolerant) {
6283 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
6284 htcaps->ht_capabilities_info |= bit;
6285 htcaps_mask->ht_capabilities_info |= bit;
6286 }
6287 }
6288
6289 #endif /* CONFIG_HT_OVERRIDES */
6290
6291
6292 #ifdef CONFIG_VHT_OVERRIDES
wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6293 void wpa_supplicant_apply_vht_overrides(
6294 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6295 struct wpa_driver_associate_params *params)
6296 {
6297 struct ieee80211_vht_capabilities *vhtcaps;
6298 struct ieee80211_vht_capabilities *vhtcaps_mask;
6299
6300 if (!ssid)
6301 return;
6302
6303 params->disable_vht = ssid->disable_vht;
6304
6305 vhtcaps = (void *) params->vhtcaps;
6306 vhtcaps_mask = (void *) params->vhtcaps_mask;
6307
6308 if (!vhtcaps || !vhtcaps_mask)
6309 return;
6310
6311 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
6312 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
6313
6314 #ifdef CONFIG_HT_OVERRIDES
6315 if (ssid->disable_sgi) {
6316 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
6317 VHT_CAP_SHORT_GI_160);
6318 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
6319 VHT_CAP_SHORT_GI_160);
6320 wpa_msg(wpa_s, MSG_DEBUG,
6321 "disable-sgi override specified, vht-caps: 0x%x",
6322 vhtcaps->vht_capabilities_info);
6323 }
6324
6325 /* if max ampdu is <= 3, we have to make the HT cap the same */
6326 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
6327 int max_ampdu;
6328
6329 max_ampdu = (ssid->vht_capa &
6330 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
6331 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
6332
6333 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
6334 wpa_set_ampdu_factor(wpa_s,
6335 (void *) params->htcaps,
6336 (void *) params->htcaps_mask,
6337 max_ampdu);
6338 }
6339 #endif /* CONFIG_HT_OVERRIDES */
6340
6341 #define OVERRIDE_MCS(i) \
6342 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
6343 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
6344 host_to_le16(3 << 2 * (i - 1)); \
6345 vhtcaps->vht_supported_mcs_set.tx_map |= \
6346 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
6347 2 * (i - 1)); \
6348 } \
6349 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
6350 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
6351 host_to_le16(3 << 2 * (i - 1)); \
6352 vhtcaps->vht_supported_mcs_set.rx_map |= \
6353 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
6354 2 * (i - 1)); \
6355 }
6356
6357 OVERRIDE_MCS(1);
6358 OVERRIDE_MCS(2);
6359 OVERRIDE_MCS(3);
6360 OVERRIDE_MCS(4);
6361 OVERRIDE_MCS(5);
6362 OVERRIDE_MCS(6);
6363 OVERRIDE_MCS(7);
6364 OVERRIDE_MCS(8);
6365 }
6366 #endif /* CONFIG_VHT_OVERRIDES */
6367
6368
6369 #ifdef CONFIG_HE_OVERRIDES
wpa_supplicant_apply_he_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6370 void wpa_supplicant_apply_he_overrides(
6371 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6372 struct wpa_driver_associate_params *params)
6373 {
6374 if (!ssid)
6375 return;
6376
6377 params->disable_he = ssid->disable_he;
6378 }
6379 #endif /* CONFIG_HE_OVERRIDES */
6380
6381
wpa_supplicant_apply_eht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6382 void wpa_supplicant_apply_eht_overrides(
6383 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6384 struct wpa_driver_associate_params *params)
6385 {
6386 if (!ssid)
6387 return;
6388
6389 params->disable_eht = ssid->disable_eht;
6390 }
6391
6392
pcsc_reader_init(struct wpa_supplicant * wpa_s)6393 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
6394 {
6395 #ifdef PCSC_FUNCS
6396 size_t len;
6397
6398 if (!wpa_s->conf->pcsc_reader)
6399 return 0;
6400
6401 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
6402 if (!wpa_s->scard)
6403 return 1;
6404
6405 if (wpa_s->conf->pcsc_pin &&
6406 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
6407 scard_deinit(wpa_s->scard);
6408 wpa_s->scard = NULL;
6409 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
6410 return -1;
6411 }
6412
6413 len = sizeof(wpa_s->imsi) - 1;
6414 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
6415 scard_deinit(wpa_s->scard);
6416 wpa_s->scard = NULL;
6417 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
6418 return -1;
6419 }
6420 wpa_s->imsi[len] = '\0';
6421
6422 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
6423
6424 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
6425 wpa_s->imsi, wpa_s->mnc_len);
6426
6427 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
6428 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
6429 #endif /* PCSC_FUNCS */
6430
6431 return 0;
6432 }
6433
6434
wpas_init_ext_pw(struct wpa_supplicant * wpa_s)6435 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
6436 {
6437 char *val, *pos;
6438
6439 ext_password_deinit(wpa_s->ext_pw);
6440 wpa_s->ext_pw = NULL;
6441 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
6442
6443 if (!wpa_s->conf->ext_password_backend)
6444 return 0;
6445
6446 val = os_strdup(wpa_s->conf->ext_password_backend);
6447 if (val == NULL)
6448 return -1;
6449 pos = os_strchr(val, ':');
6450 if (pos)
6451 *pos++ = '\0';
6452
6453 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
6454
6455 wpa_s->ext_pw = ext_password_init(val, pos);
6456 os_free(val);
6457 if (wpa_s->ext_pw == NULL) {
6458 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
6459 return -1;
6460 }
6461 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
6462
6463 return 0;
6464 }
6465
6466
6467 #ifdef CONFIG_FST
6468
wpas_fst_get_bssid_cb(void * ctx)6469 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
6470 {
6471 struct wpa_supplicant *wpa_s = ctx;
6472
6473 return (is_zero_ether_addr(wpa_s->bssid) ||
6474 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
6475 }
6476
6477
wpas_fst_get_channel_info_cb(void * ctx,enum hostapd_hw_mode * hw_mode,u8 * channel)6478 static void wpas_fst_get_channel_info_cb(void *ctx,
6479 enum hostapd_hw_mode *hw_mode,
6480 u8 *channel)
6481 {
6482 struct wpa_supplicant *wpa_s = ctx;
6483
6484 if (wpa_s->current_bss) {
6485 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
6486 channel);
6487 } else if (wpa_s->hw.num_modes) {
6488 *hw_mode = wpa_s->hw.modes[0].mode;
6489 } else {
6490 WPA_ASSERT(0);
6491 *hw_mode = 0;
6492 }
6493 }
6494
6495
wpas_fst_get_hw_modes(void * ctx,struct hostapd_hw_modes ** modes)6496 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
6497 {
6498 struct wpa_supplicant *wpa_s = ctx;
6499
6500 *modes = wpa_s->hw.modes;
6501 return wpa_s->hw.num_modes;
6502 }
6503
6504
wpas_fst_set_ies_cb(void * ctx,const struct wpabuf * fst_ies)6505 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
6506 {
6507 struct wpa_supplicant *wpa_s = ctx;
6508
6509 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
6510 wpa_s->fst_ies = fst_ies;
6511 }
6512
6513
wpas_fst_send_action_cb(void * ctx,const u8 * da,struct wpabuf * data)6514 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
6515 {
6516 struct wpa_supplicant *wpa_s = ctx;
6517
6518 if (!ether_addr_equal(wpa_s->bssid, da)) {
6519 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
6520 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
6521 return -1;
6522 }
6523 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
6524 wpa_s->own_addr, wpa_s->bssid,
6525 wpabuf_head(data), wpabuf_len(data),
6526 0);
6527 }
6528
6529
wpas_fst_get_mb_ie_cb(void * ctx,const u8 * addr)6530 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
6531 {
6532 struct wpa_supplicant *wpa_s = ctx;
6533
6534 WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr));
6535 return wpa_s->received_mb_ies;
6536 }
6537
6538
wpas_fst_update_mb_ie_cb(void * ctx,const u8 * addr,const u8 * buf,size_t size)6539 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
6540 const u8 *buf, size_t size)
6541 {
6542 struct wpa_supplicant *wpa_s = ctx;
6543 struct mb_ies_info info;
6544
6545 WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr));
6546
6547 if (!mb_ies_info_by_ies(&info, buf, size)) {
6548 wpabuf_free(wpa_s->received_mb_ies);
6549 wpa_s->received_mb_ies = mb_ies_by_info(&info);
6550 }
6551 }
6552
6553
wpas_fst_get_peer_first(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)6554 static const u8 * wpas_fst_get_peer_first(void *ctx,
6555 struct fst_get_peer_ctx **get_ctx,
6556 bool mb_only)
6557 {
6558 struct wpa_supplicant *wpa_s = ctx;
6559
6560 *get_ctx = NULL;
6561 if (!is_zero_ether_addr(wpa_s->bssid))
6562 return (wpa_s->received_mb_ies || !mb_only) ?
6563 wpa_s->bssid : NULL;
6564 return NULL;
6565 }
6566
6567
wpas_fst_get_peer_next(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)6568 static const u8 * wpas_fst_get_peer_next(void *ctx,
6569 struct fst_get_peer_ctx **get_ctx,
6570 bool mb_only)
6571 {
6572 return NULL;
6573 }
6574
fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant * wpa_s,struct fst_wpa_obj * iface_obj)6575 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
6576 struct fst_wpa_obj *iface_obj)
6577 {
6578 os_memset(iface_obj, 0, sizeof(*iface_obj));
6579 iface_obj->ctx = wpa_s;
6580 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
6581 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
6582 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
6583 iface_obj->set_ies = wpas_fst_set_ies_cb;
6584 iface_obj->send_action = wpas_fst_send_action_cb;
6585 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
6586 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
6587 iface_obj->get_peer_first = wpas_fst_get_peer_first;
6588 iface_obj->get_peer_next = wpas_fst_get_peer_next;
6589 }
6590 #endif /* CONFIG_FST */
6591
wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)6592 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6593 const struct wpa_driver_capa *capa)
6594 {
6595 struct wowlan_triggers *triggers;
6596 int ret = 0;
6597
6598 if (!wpa_s->conf->wowlan_triggers)
6599 return 0;
6600
6601 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
6602 if (triggers) {
6603 ret = wpa_drv_wowlan(wpa_s, triggers);
6604 os_free(triggers);
6605 }
6606 return ret;
6607 }
6608
6609
wpas_freq_to_band(int freq)6610 enum wpa_radio_work_band wpas_freq_to_band(int freq)
6611 {
6612 if (freq < 3000)
6613 return BAND_2_4_GHZ;
6614 if (freq > 50000)
6615 return BAND_60_GHZ;
6616 return BAND_5_GHZ;
6617 }
6618
6619
wpas_get_bands(struct wpa_supplicant * wpa_s,const int * freqs)6620 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
6621 {
6622 int i;
6623 unsigned int band = 0;
6624
6625 if (freqs) {
6626 /* freqs are specified for the radio work */
6627 for (i = 0; freqs[i]; i++)
6628 band |= wpas_freq_to_band(freqs[i]);
6629 } else {
6630 /*
6631 * freqs are not specified, implies all
6632 * the supported freqs by HW
6633 */
6634 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6635 if (wpa_s->hw.modes[i].num_channels != 0) {
6636 if (wpa_s->hw.modes[i].mode ==
6637 HOSTAPD_MODE_IEEE80211B ||
6638 wpa_s->hw.modes[i].mode ==
6639 HOSTAPD_MODE_IEEE80211G)
6640 band |= BAND_2_4_GHZ;
6641 else if (wpa_s->hw.modes[i].mode ==
6642 HOSTAPD_MODE_IEEE80211A)
6643 band |= BAND_5_GHZ;
6644 else if (wpa_s->hw.modes[i].mode ==
6645 HOSTAPD_MODE_IEEE80211AD)
6646 band |= BAND_60_GHZ;
6647 else if (wpa_s->hw.modes[i].mode ==
6648 HOSTAPD_MODE_IEEE80211ANY)
6649 band = BAND_2_4_GHZ | BAND_5_GHZ |
6650 BAND_60_GHZ;
6651 }
6652 }
6653 }
6654
6655 return band;
6656 }
6657
6658
radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)6659 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
6660 const char *rn)
6661 {
6662 struct wpa_supplicant *iface = wpa_s->global->ifaces;
6663 struct wpa_radio *radio;
6664
6665 while (rn && iface) {
6666 radio = iface->radio;
6667 if (radio && os_strcmp(rn, radio->name) == 0) {
6668 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
6669 wpa_s->ifname, rn);
6670 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6671 return radio;
6672 }
6673
6674 iface = iface->next;
6675 }
6676
6677 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
6678 wpa_s->ifname, rn ? rn : "N/A");
6679 radio = os_zalloc(sizeof(*radio));
6680 if (radio == NULL)
6681 return NULL;
6682
6683 if (rn)
6684 os_strlcpy(radio->name, rn, sizeof(radio->name));
6685 dl_list_init(&radio->ifaces);
6686 dl_list_init(&radio->work);
6687 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6688
6689 return radio;
6690 }
6691
6692
radio_work_free(struct wpa_radio_work * work)6693 static void radio_work_free(struct wpa_radio_work *work)
6694 {
6695 if (work->wpa_s->scan_work == work) {
6696 /* This should not really happen. */
6697 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
6698 work->type, work, work->started);
6699 work->wpa_s->scan_work = NULL;
6700 }
6701
6702 #ifdef CONFIG_P2P
6703 if (work->wpa_s->p2p_scan_work == work) {
6704 /* This should not really happen. */
6705 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
6706 work->type, work, work->started);
6707 work->wpa_s->p2p_scan_work = NULL;
6708 }
6709 #endif /* CONFIG_P2P */
6710
6711 if (work->started) {
6712 work->wpa_s->radio->num_active_works--;
6713 wpa_dbg(work->wpa_s, MSG_DEBUG,
6714 "radio_work_free('%s'@%p): num_active_works --> %u",
6715 work->type, work,
6716 work->wpa_s->radio->num_active_works);
6717 }
6718
6719 dl_list_del(&work->list);
6720 os_free(work);
6721 }
6722
6723
radio_work_is_connect(struct wpa_radio_work * work)6724 static int radio_work_is_connect(struct wpa_radio_work *work)
6725 {
6726 return os_strcmp(work->type, "sme-connect") == 0 ||
6727 os_strcmp(work->type, "connect") == 0;
6728 }
6729
6730
radio_work_is_scan(struct wpa_radio_work * work)6731 static int radio_work_is_scan(struct wpa_radio_work *work)
6732 {
6733 return os_strcmp(work->type, "scan") == 0 ||
6734 os_strcmp(work->type, "p2p-scan") == 0;
6735 }
6736
6737
radio_work_get_next_work(struct wpa_radio * radio)6738 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
6739 {
6740 struct wpa_radio_work *active_work = NULL;
6741 struct wpa_radio_work *tmp;
6742
6743 /* Get the active work to know the type and band. */
6744 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6745 if (tmp->started) {
6746 active_work = tmp;
6747 break;
6748 }
6749 }
6750
6751 if (!active_work) {
6752 /* No active work, start one */
6753 radio->num_active_works = 0;
6754 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
6755 list) {
6756 if (os_strcmp(tmp->type, "scan") == 0 &&
6757 external_scan_running(radio) &&
6758 (((struct wpa_driver_scan_params *)
6759 tmp->ctx)->only_new_results ||
6760 tmp->wpa_s->clear_driver_scan_cache))
6761 continue;
6762 return tmp;
6763 }
6764 return NULL;
6765 }
6766
6767 if (radio_work_is_connect(active_work)) {
6768 /*
6769 * If the active work is either connect or sme-connect,
6770 * do not parallelize them with other radio works.
6771 */
6772 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6773 "Do not parallelize radio work with %s",
6774 active_work->type);
6775 return NULL;
6776 }
6777
6778 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6779 if (tmp->started)
6780 continue;
6781
6782 /*
6783 * If connect or sme-connect are enqueued, parallelize only
6784 * those operations ahead of them in the queue.
6785 */
6786 if (radio_work_is_connect(tmp))
6787 break;
6788
6789 /* Serialize parallel scan and p2p_scan operations on the same
6790 * interface since the driver_nl80211 mechanism for tracking
6791 * scan cookies does not yet have support for this. */
6792 if (active_work->wpa_s == tmp->wpa_s &&
6793 radio_work_is_scan(active_work) &&
6794 radio_work_is_scan(tmp)) {
6795 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6796 "Do not start work '%s' when another work '%s' is already scheduled",
6797 tmp->type, active_work->type);
6798 continue;
6799 }
6800 /*
6801 * Check that the radio works are distinct and
6802 * on different bands.
6803 */
6804 if (os_strcmp(active_work->type, tmp->type) != 0 &&
6805 (active_work->bands != tmp->bands)) {
6806 /*
6807 * If a scan has to be scheduled through nl80211 scan
6808 * interface and if an external scan is already running,
6809 * do not schedule the scan since it is likely to get
6810 * rejected by kernel.
6811 */
6812 if (os_strcmp(tmp->type, "scan") == 0 &&
6813 external_scan_running(radio) &&
6814 (((struct wpa_driver_scan_params *)
6815 tmp->ctx)->only_new_results ||
6816 tmp->wpa_s->clear_driver_scan_cache))
6817 continue;
6818
6819 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6820 "active_work:%s new_work:%s",
6821 active_work->type, tmp->type);
6822 return tmp;
6823 }
6824 }
6825
6826 /* Did not find a radio work to schedule in parallel. */
6827 return NULL;
6828 }
6829
6830
radio_start_next_work(void * eloop_ctx,void * timeout_ctx)6831 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
6832 {
6833 struct wpa_radio *radio = eloop_ctx;
6834 struct wpa_radio_work *work;
6835 struct os_reltime now, diff;
6836 struct wpa_supplicant *wpa_s;
6837
6838 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
6839 if (work == NULL) {
6840 radio->num_active_works = 0;
6841 return;
6842 }
6843
6844 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
6845 radio_list);
6846
6847 if (!(wpa_s &&
6848 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
6849 if (work->started)
6850 return; /* already started and still in progress */
6851
6852 if (wpa_s && external_scan_running(wpa_s->radio)) {
6853 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
6854 return;
6855 }
6856 } else {
6857 work = NULL;
6858 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
6859 /* get the work to schedule next */
6860 work = radio_work_get_next_work(radio);
6861 }
6862 if (!work)
6863 return;
6864 }
6865
6866 wpa_s = work->wpa_s;
6867 os_get_reltime(&now);
6868 os_reltime_sub(&now, &work->time, &diff);
6869 wpa_dbg(wpa_s, MSG_DEBUG,
6870 "Starting radio work '%s'@%p after %ld.%06ld second wait",
6871 work->type, work, diff.sec, diff.usec);
6872 work->started = 1;
6873 work->time = now;
6874 radio->num_active_works++;
6875
6876 work->cb(work, 0);
6877
6878 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
6879 radio->num_active_works < MAX_ACTIVE_WORKS)
6880 radio_work_check_next(wpa_s);
6881 }
6882
6883
6884 /*
6885 * This function removes both started and pending radio works running on
6886 * the provided interface's radio.
6887 * Prior to the removal of the radio work, its callback (cb) is called with
6888 * deinit set to be 1. Each work's callback is responsible for clearing its
6889 * internal data and restoring to a correct state.
6890 * @wpa_s: wpa_supplicant data
6891 * @type: type of works to be removed
6892 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
6893 * this interface's works.
6894 */
radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)6895 void radio_remove_works(struct wpa_supplicant *wpa_s,
6896 const char *type, int remove_all)
6897 {
6898 struct wpa_radio_work *work, *tmp;
6899 struct wpa_radio *radio = wpa_s->radio;
6900
6901 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
6902 list) {
6903 if (type && os_strcmp(type, work->type) != 0)
6904 continue;
6905
6906 /* skip other ifaces' works */
6907 if (!remove_all && work->wpa_s != wpa_s)
6908 continue;
6909
6910 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
6911 work->type, work, work->started ? " (started)" : "");
6912 work->cb(work, 1);
6913 radio_work_free(work);
6914 }
6915
6916 /* in case we removed the started work */
6917 radio_work_check_next(wpa_s);
6918 }
6919
6920
radio_remove_pending_work(struct wpa_supplicant * wpa_s,void * ctx)6921 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
6922 {
6923 struct wpa_radio_work *work;
6924 struct wpa_radio *radio = wpa_s->radio;
6925
6926 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6927 if (work->ctx != ctx)
6928 continue;
6929 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
6930 work->type, work, work->started ? " (started)" : "");
6931 radio_work_free(work);
6932 break;
6933 }
6934 }
6935
6936
radio_remove_interface(struct wpa_supplicant * wpa_s)6937 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
6938 {
6939 struct wpa_radio *radio = wpa_s->radio;
6940
6941 if (!radio)
6942 return;
6943
6944 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
6945 wpa_s->ifname, radio->name);
6946 dl_list_del(&wpa_s->radio_list);
6947 radio_remove_works(wpa_s, NULL, 0);
6948 /* If the interface that triggered the external scan was removed, the
6949 * external scan is no longer running. */
6950 if (wpa_s == radio->external_scan_req_interface)
6951 radio->external_scan_req_interface = NULL;
6952 wpa_s->radio = NULL;
6953 if (!dl_list_empty(&radio->ifaces))
6954 return; /* Interfaces remain for this radio */
6955
6956 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
6957 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6958 os_free(radio);
6959 }
6960
6961
radio_work_check_next(struct wpa_supplicant * wpa_s)6962 void radio_work_check_next(struct wpa_supplicant *wpa_s)
6963 {
6964 struct wpa_radio *radio = wpa_s->radio;
6965
6966 if (dl_list_empty(&radio->work))
6967 return;
6968 if (wpa_s->ext_work_in_progress) {
6969 wpa_printf(MSG_DEBUG,
6970 "External radio work in progress - delay start of pending item");
6971 return;
6972 }
6973 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6974 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
6975 }
6976
6977
6978 /**
6979 * radio_add_work - Add a radio work item
6980 * @wpa_s: Pointer to wpa_supplicant data
6981 * @freq: Frequency of the offchannel operation in MHz or 0
6982 * @type: Unique identifier for each type of work
6983 * @next: Force as the next work to be executed
6984 * @cb: Callback function for indicating when radio is available
6985 * @ctx: Context pointer for the work (work->ctx in cb())
6986 * Returns: 0 on success, -1 on failure
6987 *
6988 * This function is used to request time for an operation that requires
6989 * exclusive radio control. Once the radio is available, the registered callback
6990 * function will be called. radio_work_done() must be called once the exclusive
6991 * radio operation has been completed, so that the radio is freed for other
6992 * operations. The special case of deinit=1 is used to free the context data
6993 * during interface removal. That does not allow the callback function to start
6994 * the radio operation, i.e., it must free any resources allocated for the radio
6995 * work and return.
6996 *
6997 * The @freq parameter can be used to indicate a single channel on which the
6998 * offchannel operation will occur. This may allow multiple radio work
6999 * operations to be performed in parallel if they apply for the same channel.
7000 * Setting this to 0 indicates that the work item may use multiple channels or
7001 * requires exclusive control of the radio.
7002 */
radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)7003 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
7004 const char *type, int next,
7005 void (*cb)(struct wpa_radio_work *work, int deinit),
7006 void *ctx)
7007 {
7008 struct wpa_radio *radio = wpa_s->radio;
7009 struct wpa_radio_work *work;
7010 int was_empty;
7011
7012 work = os_zalloc(sizeof(*work));
7013 if (work == NULL)
7014 return -1;
7015 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
7016 os_get_reltime(&work->time);
7017 work->freq = freq;
7018 work->type = type;
7019 work->wpa_s = wpa_s;
7020 work->cb = cb;
7021 work->ctx = ctx;
7022
7023 if (freq)
7024 work->bands = wpas_freq_to_band(freq);
7025 else if (os_strcmp(type, "scan") == 0 ||
7026 os_strcmp(type, "p2p-scan") == 0)
7027 work->bands = wpas_get_bands(wpa_s,
7028 ((struct wpa_driver_scan_params *)
7029 ctx)->freqs);
7030 else
7031 work->bands = wpas_get_bands(wpa_s, NULL);
7032
7033 was_empty = dl_list_empty(&wpa_s->radio->work);
7034 if (next)
7035 dl_list_add(&wpa_s->radio->work, &work->list);
7036 else
7037 dl_list_add_tail(&wpa_s->radio->work, &work->list);
7038 if (was_empty) {
7039 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
7040 radio_work_check_next(wpa_s);
7041 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
7042 && radio->num_active_works < MAX_ACTIVE_WORKS) {
7043 wpa_dbg(wpa_s, MSG_DEBUG,
7044 "Try to schedule a radio work (num_active_works=%u)",
7045 radio->num_active_works);
7046 radio_work_check_next(wpa_s);
7047 }
7048
7049 return 0;
7050 }
7051
7052
7053 /**
7054 * radio_work_done - Indicate that a radio work item has been completed
7055 * @work: Completed work
7056 *
7057 * This function is called once the callback function registered with
7058 * radio_add_work() has completed its work.
7059 */
radio_work_done(struct wpa_radio_work * work)7060 void radio_work_done(struct wpa_radio_work *work)
7061 {
7062 struct wpa_supplicant *wpa_s = work->wpa_s;
7063 struct os_reltime now, diff;
7064 unsigned int started = work->started;
7065
7066 os_get_reltime(&now);
7067 os_reltime_sub(&now, &work->time, &diff);
7068 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
7069 work->type, work, started ? "done" : "canceled",
7070 diff.sec, diff.usec);
7071 radio_work_free(work);
7072 if (started)
7073 radio_work_check_next(wpa_s);
7074 }
7075
7076
7077 struct wpa_radio_work *
radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)7078 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
7079 {
7080 struct wpa_radio_work *work;
7081 struct wpa_radio *radio = wpa_s->radio;
7082
7083 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
7084 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
7085 return work;
7086 }
7087
7088 return NULL;
7089 }
7090
7091
wpas_init_driver(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)7092 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
7093 const struct wpa_interface *iface)
7094 {
7095 const char *ifname, *driver, *rn;
7096
7097 driver = iface->driver;
7098 next_driver:
7099 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
7100 return -1;
7101
7102 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
7103 if (wpa_s->drv_priv == NULL) {
7104 const char *pos;
7105 int level = MSG_ERROR;
7106
7107 pos = driver ? os_strchr(driver, ',') : NULL;
7108 if (pos) {
7109 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
7110 "driver interface - try next driver wrapper");
7111 driver = pos + 1;
7112 goto next_driver;
7113 }
7114
7115 #ifdef CONFIG_MATCH_IFACE
7116 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL)
7117 level = MSG_DEBUG;
7118 #endif /* CONFIG_MATCH_IFACE */
7119 wpa_msg(wpa_s, level, "Failed to initialize driver interface");
7120 return -1;
7121 }
7122 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
7123 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
7124 "driver_param '%s'", wpa_s->conf->driver_param);
7125 return -1;
7126 }
7127
7128 ifname = wpa_drv_get_ifname(wpa_s);
7129 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
7130 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
7131 "interface name with '%s'", ifname);
7132 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
7133 }
7134
7135 rn = wpa_driver_get_radio_name(wpa_s);
7136 if (rn && rn[0] == '\0')
7137 rn = NULL;
7138
7139 wpa_s->radio = radio_add_interface(wpa_s, rn);
7140 if (wpa_s->radio == NULL)
7141 return -1;
7142
7143 return 0;
7144 }
7145
7146
7147 #ifdef CONFIG_GAS_SERVER
7148
wpas_gas_server_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)7149 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
7150 unsigned int freq, const u8 *dst,
7151 const u8 *src, const u8 *bssid,
7152 const u8 *data, size_t data_len,
7153 enum offchannel_send_action_result result)
7154 {
7155 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
7156 " result=%s",
7157 freq, MAC2STR(dst),
7158 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
7159 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
7160 "FAILED"));
7161 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
7162 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
7163 }
7164
7165
wpas_gas_server_tx(void * ctx,int freq,const u8 * da,struct wpabuf * buf,unsigned int wait_time)7166 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
7167 struct wpabuf *buf, unsigned int wait_time)
7168 {
7169 struct wpa_supplicant *wpa_s = ctx;
7170 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
7171
7172 if (wait_time > wpa_s->max_remain_on_chan)
7173 wait_time = wpa_s->max_remain_on_chan;
7174
7175 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
7176 wpabuf_head(buf), wpabuf_len(buf),
7177 wait_time, wpas_gas_server_tx_status, 0);
7178 }
7179
7180 #endif /* CONFIG_GAS_SERVER */
7181
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)7182 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
7183 const struct wpa_interface *iface)
7184 {
7185 struct wpa_driver_capa capa;
7186 int capa_res;
7187 u8 dfs_domain;
7188
7189 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
7190 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
7191 iface->confname ? iface->confname : "N/A",
7192 iface->driver ? iface->driver : "default",
7193 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
7194 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
7195
7196 if (iface->confname) {
7197 #ifdef CONFIG_BACKEND_FILE
7198 wpa_s->confname = os_rel2abs_path(iface->confname);
7199 if (wpa_s->confname == NULL) {
7200 wpa_printf(MSG_ERROR, "Failed to get absolute path "
7201 "for configuration file '%s'.",
7202 iface->confname);
7203 return -1;
7204 }
7205 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
7206 iface->confname, wpa_s->confname);
7207 #else /* CONFIG_BACKEND_FILE */
7208 wpa_s->confname = os_strdup(iface->confname);
7209 #endif /* CONFIG_BACKEND_FILE */
7210 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL, false);
7211 if (wpa_s->conf == NULL) {
7212 wpa_printf(MSG_ERROR, "Failed to read or parse "
7213 "configuration '%s'.", wpa_s->confname);
7214 return -1;
7215 }
7216 wpa_s->confanother = os_rel2abs_path(iface->confanother);
7217 if (wpa_s->confanother &&
7218 !wpa_config_read(wpa_s->confanother, wpa_s->conf, true)) {
7219 wpa_printf(MSG_ERROR,
7220 "Failed to read or parse configuration '%s'.",
7221 wpa_s->confanother);
7222 return -1;
7223 }
7224
7225 /*
7226 * Override ctrl_interface and driver_param if set on command
7227 * line.
7228 */
7229 if (iface->ctrl_interface) {
7230 os_free(wpa_s->conf->ctrl_interface);
7231 wpa_s->conf->ctrl_interface =
7232 os_strdup(iface->ctrl_interface);
7233 if (!wpa_s->conf->ctrl_interface) {
7234 wpa_printf(MSG_ERROR,
7235 "Failed to duplicate control interface '%s'.",
7236 iface->ctrl_interface);
7237 return -1;
7238 }
7239 }
7240
7241 if (iface->driver_param) {
7242 os_free(wpa_s->conf->driver_param);
7243 wpa_s->conf->driver_param =
7244 os_strdup(iface->driver_param);
7245 if (!wpa_s->conf->driver_param) {
7246 wpa_printf(MSG_ERROR,
7247 "Failed to duplicate driver param '%s'.",
7248 iface->driver_param);
7249 return -1;
7250 }
7251 }
7252
7253 if (iface->p2p_mgmt && !iface->ctrl_interface) {
7254 os_free(wpa_s->conf->ctrl_interface);
7255 wpa_s->conf->ctrl_interface = NULL;
7256 }
7257 } else
7258 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
7259 iface->driver_param);
7260
7261 if (wpa_s->conf == NULL) {
7262 wpa_printf(MSG_ERROR, "\nNo configuration found.");
7263 return -1;
7264 }
7265
7266 if (iface->ifname == NULL) {
7267 wpa_printf(MSG_ERROR, "\nInterface name is required.");
7268 return -1;
7269 }
7270 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
7271 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
7272 iface->ifname);
7273 return -1;
7274 }
7275 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
7276 #ifdef CONFIG_MATCH_IFACE
7277 wpa_s->matched = iface->matched;
7278 #endif /* CONFIG_MATCH_IFACE */
7279
7280 if (iface->bridge_ifname) {
7281 if (os_strlen(iface->bridge_ifname) >=
7282 sizeof(wpa_s->bridge_ifname)) {
7283 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
7284 "name '%s'.", iface->bridge_ifname);
7285 return -1;
7286 }
7287 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
7288 sizeof(wpa_s->bridge_ifname));
7289 }
7290
7291 /* RSNA Supplicant Key Management - INITIALIZE */
7292 eapol_sm_notify_portEnabled(wpa_s->eapol, false);
7293 eapol_sm_notify_portValid(wpa_s->eapol, false);
7294
7295 /* Initialize driver interface and register driver event handler before
7296 * L2 receive handler so that association events are processed before
7297 * EAPOL-Key packets if both become available for the same select()
7298 * call. */
7299 if (wpas_init_driver(wpa_s, iface) < 0)
7300 return -1;
7301
7302 if (wpa_supplicant_init_wpa(wpa_s) < 0)
7303 return -1;
7304
7305 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
7306 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
7307 NULL);
7308 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
7309
7310 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
7311 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
7312 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
7313 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7314 "dot11RSNAConfigPMKLifetime");
7315 return -1;
7316 }
7317
7318 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
7319 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
7320 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
7321 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7322 "dot11RSNAConfigPMKReauthThreshold");
7323 return -1;
7324 }
7325
7326 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
7327 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
7328 wpa_s->conf->dot11RSNAConfigSATimeout)) {
7329 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7330 "dot11RSNAConfigSATimeout");
7331 return -1;
7332 }
7333
7334 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID,
7335 wpa_s->conf->ft_prepend_pmkid);
7336
7337 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
7338 &wpa_s->hw.num_modes,
7339 &wpa_s->hw.flags,
7340 &dfs_domain);
7341 if (wpa_s->hw.modes) {
7342 u16 i;
7343
7344 for (i = 0; i < wpa_s->hw.num_modes; i++) {
7345 if (wpa_s->hw.modes[i].vht_capab) {
7346 wpa_s->hw_capab = CAPAB_VHT;
7347 break;
7348 }
7349
7350 if (wpa_s->hw.modes[i].ht_capab &
7351 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
7352 wpa_s->hw_capab = CAPAB_HT40;
7353 else if (wpa_s->hw.modes[i].ht_capab &&
7354 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
7355 wpa_s->hw_capab = CAPAB_HT;
7356 }
7357 wpa_s->support_6ghz = wpas_is_6ghz_supported(wpa_s, false);
7358 }
7359
7360 capa_res = wpa_drv_get_capa(wpa_s, &capa);
7361 if (capa_res == 0) {
7362 wpa_s->drv_capa_known = 1;
7363 wpa_s->drv_flags = capa.flags;
7364 wpa_s->drv_flags2 = capa.flags2;
7365 wpa_s->drv_enc = capa.enc;
7366 wpa_s->drv_rrm_flags = capa.rrm_flags;
7367 wpa_s->drv_max_acl_mac_addrs = capa.max_acl_mac_addrs;
7368 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
7369 wpa_s->max_scan_ssids = capa.max_scan_ssids;
7370 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
7371 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
7372 wpa_s->max_sched_scan_plan_interval =
7373 capa.max_sched_scan_plan_interval;
7374 wpa_s->max_sched_scan_plan_iterations =
7375 capa.max_sched_scan_plan_iterations;
7376 wpa_s->sched_scan_supported = capa.sched_scan_supported;
7377 wpa_s->max_match_sets = capa.max_match_sets;
7378 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
7379 wpa_s->max_stations = capa.max_stations;
7380 wpa_s->extended_capa = capa.extended_capa;
7381 wpa_s->extended_capa_mask = capa.extended_capa_mask;
7382 wpa_s->extended_capa_len = capa.extended_capa_len;
7383 wpa_s->num_multichan_concurrent =
7384 capa.num_multichan_concurrent;
7385 #ifndef CONFIG_NO_WMM_AC
7386 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
7387 #endif /* CONFIG_NO_WMM_AC */
7388 wpa_s->max_num_akms = capa.max_num_akms;
7389
7390 if (capa.mac_addr_rand_scan_supported)
7391 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
7392 if (wpa_s->sched_scan_supported &&
7393 capa.mac_addr_rand_sched_scan_supported)
7394 wpa_s->mac_addr_rand_supported |=
7395 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
7396
7397 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
7398 if (wpa_s->extended_capa &&
7399 wpa_s->extended_capa_len >= 3 &&
7400 wpa_s->extended_capa[2] & 0x40)
7401 wpa_s->multi_bss_support = 1;
7402 }
7403 #ifdef CONFIG_PASN
7404 wpa_pasn_sm_set_caps(wpa_s->wpa, wpa_s->drv_flags2);
7405 #endif /* CONFIG_PASN */
7406 wpa_sm_set_driver_bss_selection(wpa_s->wpa,
7407 !!(wpa_s->drv_flags &
7408 WPA_DRIVER_FLAGS_BSS_SELECTION));
7409 if (wpa_s->max_remain_on_chan == 0)
7410 wpa_s->max_remain_on_chan = 1000;
7411
7412 /*
7413 * Only take p2p_mgmt parameters when P2P Device is supported.
7414 * Doing it here as it determines whether l2_packet_init() will be done
7415 * during wpa_supplicant_driver_init().
7416 */
7417 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
7418 wpa_s->p2p_mgmt = iface->p2p_mgmt;
7419
7420 if (wpa_s->num_multichan_concurrent == 0)
7421 wpa_s->num_multichan_concurrent = 1;
7422
7423 if (wpa_supplicant_driver_init(wpa_s) < 0)
7424 return -1;
7425
7426 #ifdef CONFIG_TDLS
7427 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
7428 return -1;
7429 #endif /* CONFIG_TDLS */
7430
7431 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
7432 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
7433 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
7434 return -1;
7435 }
7436
7437 #ifdef CONFIG_FST
7438 if (wpa_s->conf->fst_group_id) {
7439 struct fst_iface_cfg cfg;
7440 struct fst_wpa_obj iface_obj;
7441
7442 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
7443 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
7444 sizeof(cfg.group_id));
7445 cfg.priority = wpa_s->conf->fst_priority;
7446 cfg.llt = wpa_s->conf->fst_llt;
7447
7448 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
7449 &iface_obj, &cfg);
7450 if (!wpa_s->fst) {
7451 wpa_msg(wpa_s, MSG_ERROR,
7452 "FST: Cannot attach iface %s to group %s",
7453 wpa_s->ifname, cfg.group_id);
7454 return -1;
7455 }
7456 }
7457 #endif /* CONFIG_FST */
7458
7459 if (wpas_wps_init(wpa_s))
7460 return -1;
7461
7462 #ifdef CONFIG_GAS_SERVER
7463 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
7464 if (!wpa_s->gas_server) {
7465 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
7466 return -1;
7467 }
7468 #endif /* CONFIG_GAS_SERVER */
7469
7470 #ifdef CONFIG_DPP
7471 if (wpas_dpp_init(wpa_s) < 0)
7472 return -1;
7473 #endif /* CONFIG_DPP */
7474
7475 #ifdef CONFIG_NAN_USD
7476 if (wpas_nan_usd_init(wpa_s) < 0)
7477 return -1;
7478 #endif /* CONFIG_NAN_USD */
7479
7480 if (wpa_supplicant_init_eapol(wpa_s) < 0)
7481 return -1;
7482 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
7483
7484 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
7485 if (wpa_s->ctrl_iface == NULL) {
7486 wpa_printf(MSG_ERROR,
7487 "Failed to initialize control interface '%s'.\n"
7488 "You may have another wpa_supplicant process "
7489 "already running or the file was\n"
7490 "left by an unclean termination of wpa_supplicant "
7491 "in which case you will need\n"
7492 "to manually remove this file before starting "
7493 "wpa_supplicant again.\n",
7494 wpa_s->conf->ctrl_interface);
7495 return -1;
7496 }
7497
7498 wpa_s->gas = gas_query_init(wpa_s);
7499 if (wpa_s->gas == NULL) {
7500 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
7501 return -1;
7502 }
7503
7504 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
7505 wpa_s->p2p_mgmt) &&
7506 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
7507 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
7508 return -1;
7509 }
7510
7511 if (wpa_bss_init(wpa_s) < 0)
7512 return -1;
7513
7514 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
7515 #ifdef CONFIG_MESH
7516 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
7517 #endif /* CONFIG_MESH */
7518 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
7519
7520 /*
7521 * Set Wake-on-WLAN triggers, if configured.
7522 * Note: We don't restore/remove the triggers on shutdown (it doesn't
7523 * have effect anyway when the interface is down).
7524 */
7525 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7526 return -1;
7527
7528 #ifdef CONFIG_EAP_PROXY
7529 {
7530 size_t len;
7531 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
7532 wpa_s->imsi, &len);
7533 if (wpa_s->mnc_len > 0) {
7534 wpa_s->imsi[len] = '\0';
7535 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
7536 wpa_s->imsi, wpa_s->mnc_len);
7537 } else {
7538 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
7539 }
7540 }
7541 #endif /* CONFIG_EAP_PROXY */
7542
7543 if (pcsc_reader_init(wpa_s) < 0)
7544 return -1;
7545
7546 if (wpas_init_ext_pw(wpa_s) < 0)
7547 return -1;
7548
7549 #ifndef CONFIG_NO_RRM
7550 wpas_rrm_reset(wpa_s);
7551 #endif /* CONFIG_NO_RRM */
7552
7553 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7554
7555 #ifdef CONFIG_HS20
7556 hs20_init(wpa_s);
7557 #endif /* CONFIG_HS20 */
7558 #ifdef CONFIG_MBO
7559 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
7560 if ((wpa_s->conf->oce & OCE_STA) &&
7561 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
7562 wpa_s->enable_oce = OCE_STA;
7563 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
7564 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
7565 /* TODO: Need to add STA-CFON support */
7566 wpa_printf(MSG_ERROR,
7567 "OCE STA-CFON feature is not yet supported");
7568 }
7569 }
7570 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
7571 #endif /* CONFIG_MBO */
7572
7573 wpa_supplicant_set_default_scan_ies(wpa_s);
7574
7575 return 0;
7576 }
7577
7578
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)7579 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
7580 int notify, int terminate)
7581 {
7582 struct wpa_global *global = wpa_s->global;
7583 struct wpa_supplicant *iface, *prev;
7584
7585 if (wpa_s == wpa_s->parent)
7586 wpas_p2p_group_remove(wpa_s, "*");
7587
7588 iface = global->ifaces;
7589 while (iface) {
7590 if (iface->p2pdev == wpa_s)
7591 iface->p2pdev = iface->parent;
7592 if (iface == wpa_s || iface->parent != wpa_s) {
7593 iface = iface->next;
7594 continue;
7595 }
7596 wpa_printf(MSG_DEBUG,
7597 "Remove remaining child interface %s from parent %s",
7598 iface->ifname, wpa_s->ifname);
7599 prev = iface;
7600 iface = iface->next;
7601 wpa_supplicant_remove_iface(global, prev, terminate);
7602 }
7603
7604 wpa_s->disconnected = 1;
7605 if (wpa_s->drv_priv) {
7606 /*
7607 * Don't deauthenticate if WoWLAN is enable and not explicitly
7608 * been configured to disconnect.
7609 */
7610 if (!wpa_drv_get_wowlan(wpa_s) ||
7611 wpa_s->conf->wowlan_disconnect_on_deinit) {
7612 wpa_supplicant_deauthenticate(
7613 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7614
7615 wpa_drv_set_countermeasures(wpa_s, 0);
7616 wpa_clear_keys(wpa_s, NULL);
7617 } else {
7618 wpa_msg(wpa_s, MSG_INFO,
7619 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
7620 }
7621 }
7622
7623 wpa_supplicant_cleanup(wpa_s);
7624 wpas_p2p_deinit_iface(wpa_s);
7625
7626 wpas_ctrl_radio_work_flush(wpa_s);
7627 radio_remove_interface(wpa_s);
7628
7629 #ifdef CONFIG_FST
7630 if (wpa_s->fst) {
7631 fst_detach(wpa_s->fst);
7632 wpa_s->fst = NULL;
7633 }
7634 if (wpa_s->received_mb_ies) {
7635 wpabuf_free(wpa_s->received_mb_ies);
7636 wpa_s->received_mb_ies = NULL;
7637 }
7638 #endif /* CONFIG_FST */
7639
7640 if (wpa_s->drv_priv)
7641 wpa_drv_deinit(wpa_s);
7642
7643 if (notify)
7644 wpas_notify_iface_removed(wpa_s);
7645
7646 if (terminate)
7647 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
7648
7649 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
7650 wpa_s->ctrl_iface = NULL;
7651
7652 #ifdef CONFIG_MESH
7653 if (wpa_s->ifmsh) {
7654 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true);
7655 wpa_s->ifmsh = NULL;
7656 }
7657 #endif /* CONFIG_MESH */
7658
7659 if (wpa_s->conf != NULL) {
7660 wpa_config_free(wpa_s->conf);
7661 wpa_s->conf = NULL;
7662 }
7663
7664 os_free(wpa_s->ssids_from_scan_req);
7665 os_free(wpa_s->last_scan_freqs);
7666
7667 os_free(wpa_s);
7668 }
7669
7670
7671 #ifdef CONFIG_MATCH_IFACE
7672
7673 /**
7674 * wpa_supplicant_match_iface - Match an interface description to a name
7675 * @global: Pointer to global data from wpa_supplicant_init()
7676 * @ifname: Name of the interface to match
7677 * Returns: Pointer to the created interface description or %NULL on failure
7678 */
wpa_supplicant_match_iface(struct wpa_global * global,const char * ifname)7679 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
7680 const char *ifname)
7681 {
7682 int i;
7683 struct wpa_interface *iface, *miface;
7684
7685 for (i = 0; i < global->params.match_iface_count; i++) {
7686 miface = &global->params.match_ifaces[i];
7687 if (!miface->ifname ||
7688 fnmatch(miface->ifname, ifname, 0) == 0) {
7689 iface = os_zalloc(sizeof(*iface));
7690 if (!iface)
7691 return NULL;
7692 *iface = *miface;
7693 if (!miface->ifname)
7694 iface->matched = WPA_IFACE_MATCHED_NULL;
7695 else
7696 iface->matched = WPA_IFACE_MATCHED;
7697 iface->ifname = ifname;
7698 return iface;
7699 }
7700 }
7701
7702 return NULL;
7703 }
7704
7705
7706 /**
7707 * wpa_supplicant_match_existing - Match existing interfaces
7708 * @global: Pointer to global data from wpa_supplicant_init()
7709 * Returns: 0 on success, -1 on failure
7710 */
wpa_supplicant_match_existing(struct wpa_global * global)7711 static int wpa_supplicant_match_existing(struct wpa_global *global)
7712 {
7713 struct if_nameindex *ifi, *ifp;
7714 struct wpa_supplicant *wpa_s;
7715 struct wpa_interface *iface;
7716
7717 ifp = if_nameindex();
7718 if (!ifp) {
7719 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
7720 return -1;
7721 }
7722
7723 for (ifi = ifp; ifi->if_name; ifi++) {
7724 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
7725 if (wpa_s)
7726 continue;
7727 iface = wpa_supplicant_match_iface(global, ifi->if_name);
7728 if (iface) {
7729 wpa_supplicant_add_iface(global, iface, NULL);
7730 os_free(iface);
7731 }
7732 }
7733
7734 if_freenameindex(ifp);
7735 return 0;
7736 }
7737
7738 #endif /* CONFIG_MATCH_IFACE */
7739
7740
7741 /**
7742 * wpa_supplicant_add_iface - Add a new network interface
7743 * @global: Pointer to global data from wpa_supplicant_init()
7744 * @iface: Interface configuration options
7745 * @parent: Parent interface or %NULL to assign new interface as parent
7746 * Returns: Pointer to the created interface or %NULL on failure
7747 *
7748 * This function is used to add new network interfaces for %wpa_supplicant.
7749 * This can be called before wpa_supplicant_run() to add interfaces before the
7750 * main event loop has been started. In addition, new interfaces can be added
7751 * dynamically while %wpa_supplicant is already running. This could happen,
7752 * e.g., when a hotplug network adapter is inserted.
7753 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)7754 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
7755 struct wpa_interface *iface,
7756 struct wpa_supplicant *parent)
7757 {
7758 struct wpa_supplicant *wpa_s;
7759 struct wpa_interface t_iface;
7760 struct wpa_ssid *ssid;
7761
7762 if (global == NULL || iface == NULL)
7763 return NULL;
7764
7765 wpa_s = wpa_supplicant_alloc(parent);
7766 if (wpa_s == NULL)
7767 return NULL;
7768
7769 wpa_s->global = global;
7770
7771 t_iface = *iface;
7772 if (global->params.override_driver) {
7773 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
7774 "('%s' -> '%s')",
7775 iface->driver, global->params.override_driver);
7776 t_iface.driver = global->params.override_driver;
7777 }
7778 if (global->params.override_ctrl_interface) {
7779 wpa_printf(MSG_DEBUG, "Override interface parameter: "
7780 "ctrl_interface ('%s' -> '%s')",
7781 iface->ctrl_interface,
7782 global->params.override_ctrl_interface);
7783 t_iface.ctrl_interface =
7784 global->params.override_ctrl_interface;
7785 }
7786 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
7787 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
7788 iface->ifname);
7789 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
7790 return NULL;
7791 }
7792
7793 if (iface->p2p_mgmt == 0) {
7794 /* Notify the control interfaces about new iface */
7795 if (wpas_notify_iface_added(wpa_s)) {
7796 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
7797 return NULL;
7798 }
7799
7800 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
7801 wpas_notify_network_added(wpa_s, ssid);
7802 }
7803
7804 wpa_s->next = global->ifaces;
7805 global->ifaces = wpa_s;
7806
7807 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
7808 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
7809
7810 #ifdef CONFIG_P2P
7811 if (wpa_s->global->p2p == NULL &&
7812 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
7813 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
7814 wpas_p2p_add_p2pdev_interface(
7815 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
7816 wpa_printf(MSG_INFO,
7817 "P2P: Failed to enable P2P Device interface");
7818 /* Try to continue without. P2P will be disabled. */
7819 }
7820 #endif /* CONFIG_P2P */
7821
7822 return wpa_s;
7823 }
7824
7825
7826 /**
7827 * wpa_supplicant_remove_iface - Remove a network interface
7828 * @global: Pointer to global data from wpa_supplicant_init()
7829 * @wpa_s: Pointer to the network interface to be removed
7830 * Returns: 0 if interface was removed, -1 if interface was not found
7831 *
7832 * This function can be used to dynamically remove network interfaces from
7833 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
7834 * addition, this function is used to remove all remaining interfaces when
7835 * %wpa_supplicant is terminated.
7836 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)7837 int wpa_supplicant_remove_iface(struct wpa_global *global,
7838 struct wpa_supplicant *wpa_s,
7839 int terminate)
7840 {
7841 struct wpa_supplicant *prev;
7842 #ifdef CONFIG_MESH
7843 unsigned int mesh_if_created = wpa_s->mesh_if_created;
7844 char *ifname = NULL;
7845 struct wpa_supplicant *parent = wpa_s->parent;
7846 #endif /* CONFIG_MESH */
7847
7848 /* Remove interface from the global list of interfaces */
7849 prev = global->ifaces;
7850 if (prev == wpa_s) {
7851 global->ifaces = wpa_s->next;
7852 } else {
7853 while (prev && prev->next != wpa_s)
7854 prev = prev->next;
7855 if (prev == NULL)
7856 return -1;
7857 prev->next = wpa_s->next;
7858 }
7859
7860 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
7861
7862 #ifdef CONFIG_MESH
7863 if (mesh_if_created) {
7864 ifname = os_strdup(wpa_s->ifname);
7865 if (ifname == NULL) {
7866 wpa_dbg(wpa_s, MSG_ERROR,
7867 "mesh: Failed to malloc ifname");
7868 return -1;
7869 }
7870 }
7871 #endif /* CONFIG_MESH */
7872
7873 if (global->p2p_group_formation == wpa_s)
7874 global->p2p_group_formation = NULL;
7875 if (global->p2p_invite_group == wpa_s)
7876 global->p2p_invite_group = NULL;
7877 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
7878
7879 #ifdef CONFIG_MESH
7880 if (mesh_if_created) {
7881 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
7882 os_free(ifname);
7883 }
7884 #endif /* CONFIG_MESH */
7885
7886 return 0;
7887 }
7888
7889
7890 /**
7891 * wpa_supplicant_get_eap_mode - Get the current EAP mode
7892 * @wpa_s: Pointer to the network interface
7893 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
7894 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)7895 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
7896 {
7897 const char *eapol_method;
7898
7899 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
7900 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
7901 return "NO-EAP";
7902 }
7903
7904 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
7905 if (eapol_method == NULL)
7906 return "UNKNOWN-EAP";
7907
7908 return eapol_method;
7909 }
7910
7911
7912 /**
7913 * wpa_supplicant_get_iface - Get a new network interface
7914 * @global: Pointer to global data from wpa_supplicant_init()
7915 * @ifname: Interface name
7916 * Returns: Pointer to the interface or %NULL if not found
7917 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)7918 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
7919 const char *ifname)
7920 {
7921 struct wpa_supplicant *wpa_s;
7922
7923 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7924 if (os_strcmp(wpa_s->ifname, ifname) == 0)
7925 return wpa_s;
7926 }
7927 return NULL;
7928 }
7929
7930
7931 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)7932 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
7933 {
7934 struct wpa_supplicant *wpa_s = ctx;
7935 if (wpa_s == NULL)
7936 return NULL;
7937 return wpa_s->ifname;
7938 }
7939 #endif /* CONFIG_NO_WPA_MSG */
7940
7941
7942 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
7943 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
7944 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
7945
7946 /* Periodic cleanup tasks */
wpas_periodic(void * eloop_ctx,void * timeout_ctx)7947 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
7948 {
7949 struct wpa_global *global = eloop_ctx;
7950 struct wpa_supplicant *wpa_s;
7951
7952 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7953 wpas_periodic, global, NULL);
7954
7955 #ifdef CONFIG_P2P
7956 if (global->p2p)
7957 p2p_expire_peers(global->p2p);
7958 #endif /* CONFIG_P2P */
7959
7960 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7961 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
7962 #ifdef CONFIG_AP
7963 ap_periodic(wpa_s);
7964 #endif /* CONFIG_AP */
7965 }
7966 }
7967
7968
7969 /**
7970 * wpa_supplicant_init - Initialize %wpa_supplicant
7971 * @params: Parameters for %wpa_supplicant
7972 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
7973 *
7974 * This function is used to initialize %wpa_supplicant. After successful
7975 * initialization, the returned data pointer can be used to add and remove
7976 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
7977 */
wpa_supplicant_init(struct wpa_params * params)7978 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
7979 {
7980 struct wpa_global *global;
7981 int ret, i;
7982
7983 if (params == NULL)
7984 return NULL;
7985
7986 #ifndef CONFIG_NO_WPA_MSG
7987 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
7988 #endif /* CONFIG_NO_WPA_MSG */
7989
7990 if (params->wpa_debug_file_path)
7991 wpa_debug_open_file(params->wpa_debug_file_path);
7992 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
7993 wpa_debug_setup_stdout();
7994 if (params->wpa_debug_syslog)
7995 wpa_debug_open_syslog();
7996 if (params->wpa_debug_tracing) {
7997 ret = wpa_debug_open_linux_tracing();
7998 if (ret) {
7999 wpa_printf(MSG_ERROR,
8000 "Failed to enable trace logging");
8001 return NULL;
8002 }
8003 }
8004
8005 ret = eap_register_methods();
8006 if (ret) {
8007 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
8008 if (ret == -2)
8009 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
8010 "the same EAP type.");
8011 return NULL;
8012 }
8013
8014 global = os_zalloc(sizeof(*global));
8015 if (global == NULL)
8016 return NULL;
8017 dl_list_init(&global->p2p_srv_bonjour);
8018 dl_list_init(&global->p2p_srv_upnp);
8019 global->params.daemonize = params->daemonize;
8020 global->params.wait_for_monitor = params->wait_for_monitor;
8021 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
8022
8023 if (params->pid_file) {
8024 global->params.pid_file = os_strdup(params->pid_file);
8025 if (!global->params.pid_file) {
8026 wpa_supplicant_deinit(global);
8027 return NULL;
8028 }
8029 }
8030
8031 if (params->ctrl_interface) {
8032 global->params.ctrl_interface =
8033 os_strdup(params->ctrl_interface);
8034 if (!global->params.ctrl_interface) {
8035 wpa_supplicant_deinit(global);
8036 return NULL;
8037 }
8038 }
8039
8040 if (params->ctrl_interface_group) {
8041 global->params.ctrl_interface_group =
8042 os_strdup(params->ctrl_interface_group);
8043 if (!global->params.ctrl_interface_group) {
8044 wpa_supplicant_deinit(global);
8045 return NULL;
8046 }
8047 }
8048
8049 if (params->override_driver) {
8050 global->params.override_driver =
8051 os_strdup(params->override_driver);
8052 if (!global->params.override_driver) {
8053 wpa_supplicant_deinit(global);
8054 return NULL;
8055 }
8056 }
8057
8058 if (params->override_ctrl_interface) {
8059 global->params.override_ctrl_interface =
8060 os_strdup(params->override_ctrl_interface);
8061 if (!global->params.override_ctrl_interface) {
8062 wpa_supplicant_deinit(global);
8063 return NULL;
8064 }
8065 }
8066
8067 #ifdef CONFIG_MATCH_IFACE
8068 global->params.match_iface_count = params->match_iface_count;
8069 if (params->match_iface_count) {
8070 global->params.match_ifaces =
8071 os_calloc(params->match_iface_count,
8072 sizeof(struct wpa_interface));
8073 if (!global->params.match_ifaces) {
8074 wpa_printf(MSG_ERROR,
8075 "Failed to allocate match interfaces");
8076 wpa_supplicant_deinit(global);
8077 return NULL;
8078 }
8079 os_memcpy(global->params.match_ifaces,
8080 params->match_ifaces,
8081 params->match_iface_count *
8082 sizeof(struct wpa_interface));
8083 }
8084 #endif /* CONFIG_MATCH_IFACE */
8085 #ifdef CONFIG_P2P
8086 if (params->conf_p2p_dev) {
8087 global->params.conf_p2p_dev =
8088 os_strdup(params->conf_p2p_dev);
8089 if (!global->params.conf_p2p_dev) {
8090 wpa_printf(MSG_ERROR, "Failed to allocate conf p2p");
8091 wpa_supplicant_deinit(global);
8092 return NULL;
8093 }
8094 }
8095 #endif /* CONFIG_P2P */
8096 wpa_debug_level = global->params.wpa_debug_level =
8097 params->wpa_debug_level;
8098 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
8099 params->wpa_debug_show_keys;
8100 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
8101 params->wpa_debug_timestamp;
8102
8103 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
8104
8105 if (eloop_init()) {
8106 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
8107 wpa_supplicant_deinit(global);
8108 return NULL;
8109 }
8110
8111 random_init(params->entropy_file);
8112
8113 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
8114 if (global->ctrl_iface == NULL) {
8115 wpa_supplicant_deinit(global);
8116 return NULL;
8117 }
8118
8119 if (wpas_notify_supplicant_initialized(global)) {
8120 wpa_supplicant_deinit(global);
8121 return NULL;
8122 }
8123
8124 for (i = 0; wpa_drivers[i]; i++)
8125 global->drv_count++;
8126 if (global->drv_count == 0) {
8127 wpa_printf(MSG_ERROR, "No drivers enabled");
8128 wpa_supplicant_deinit(global);
8129 return NULL;
8130 }
8131 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
8132 if (global->drv_priv == NULL) {
8133 wpa_supplicant_deinit(global);
8134 return NULL;
8135 }
8136
8137 #ifdef CONFIG_WIFI_DISPLAY
8138 if (wifi_display_init(global) < 0) {
8139 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
8140 wpa_supplicant_deinit(global);
8141 return NULL;
8142 }
8143 #endif /* CONFIG_WIFI_DISPLAY */
8144
8145 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
8146 wpas_periodic, global, NULL);
8147
8148 return global;
8149 }
8150
8151
8152 /**
8153 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
8154 * @global: Pointer to global data from wpa_supplicant_init()
8155 * Returns: 0 after successful event loop run, -1 on failure
8156 *
8157 * This function starts the main event loop and continues running as long as
8158 * there are any remaining events. In most cases, this function is running as
8159 * long as the %wpa_supplicant process in still in use.
8160 */
wpa_supplicant_run(struct wpa_global * global)8161 int wpa_supplicant_run(struct wpa_global *global)
8162 {
8163 struct wpa_supplicant *wpa_s;
8164
8165 if (global->params.daemonize &&
8166 (wpa_supplicant_daemon(global->params.pid_file) ||
8167 eloop_sock_requeue()))
8168 return -1;
8169
8170 #ifdef CONFIG_MATCH_IFACE
8171 if (wpa_supplicant_match_existing(global))
8172 return -1;
8173 #endif
8174
8175 if (global->params.wait_for_monitor) {
8176 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
8177 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
8178 wpa_supplicant_ctrl_iface_wait(
8179 wpa_s->ctrl_iface);
8180 }
8181
8182 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
8183 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
8184
8185 eloop_run();
8186
8187 return 0;
8188 }
8189
8190
8191 /**
8192 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
8193 * @global: Pointer to global data from wpa_supplicant_init()
8194 *
8195 * This function is called to deinitialize %wpa_supplicant and to free all
8196 * allocated resources. Remaining network interfaces will also be removed.
8197 */
wpa_supplicant_deinit(struct wpa_global * global)8198 void wpa_supplicant_deinit(struct wpa_global *global)
8199 {
8200 int i;
8201
8202 if (global == NULL)
8203 return;
8204
8205 eloop_cancel_timeout(wpas_periodic, global, NULL);
8206
8207 #ifdef CONFIG_WIFI_DISPLAY
8208 wifi_display_deinit(global);
8209 #endif /* CONFIG_WIFI_DISPLAY */
8210
8211 while (global->ifaces)
8212 wpa_supplicant_remove_iface(global, global->ifaces, 1);
8213
8214 if (global->ctrl_iface)
8215 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
8216
8217 wpas_notify_supplicant_deinitialized(global);
8218
8219 eap_peer_unregister_methods();
8220 #ifdef CONFIG_AP
8221 eap_server_unregister_methods();
8222 #endif /* CONFIG_AP */
8223
8224 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
8225 if (!global->drv_priv[i])
8226 continue;
8227 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
8228 }
8229 os_free(global->drv_priv);
8230
8231 random_deinit();
8232
8233 eloop_destroy();
8234
8235 if (global->params.pid_file) {
8236 os_daemonize_terminate(global->params.pid_file);
8237 os_free(global->params.pid_file);
8238 }
8239 os_free(global->params.ctrl_interface);
8240 os_free(global->params.ctrl_interface_group);
8241 os_free(global->params.override_driver);
8242 os_free(global->params.override_ctrl_interface);
8243 #ifdef CONFIG_MATCH_IFACE
8244 os_free(global->params.match_ifaces);
8245 #endif /* CONFIG_MATCH_IFACE */
8246 #ifdef CONFIG_P2P
8247 os_free(global->params.conf_p2p_dev);
8248 #endif /* CONFIG_P2P */
8249
8250 os_free(global->p2p_disallow_freq.range);
8251 os_free(global->p2p_go_avoid_freq.range);
8252 os_free(global->add_psk);
8253
8254 os_free(global);
8255 wpa_debug_close_syslog();
8256 wpa_debug_close_file();
8257 wpa_debug_close_linux_tracing();
8258 }
8259
8260
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)8261 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
8262 {
8263 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
8264 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
8265 char country[3];
8266 country[0] = wpa_s->conf->country[0];
8267 country[1] = wpa_s->conf->country[1];
8268 country[2] = '\0';
8269 if (wpa_drv_set_country(wpa_s, country) < 0) {
8270 wpa_printf(MSG_ERROR, "Failed to set country code "
8271 "'%s'", country);
8272 }
8273 }
8274
8275 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
8276 wpas_init_ext_pw(wpa_s);
8277
8278 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
8279 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
8280
8281 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
8282 struct wpa_driver_capa capa;
8283 int res = wpa_drv_get_capa(wpa_s, &capa);
8284
8285 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
8286 wpa_printf(MSG_ERROR,
8287 "Failed to update wowlan_triggers to '%s'",
8288 wpa_s->conf->wowlan_triggers);
8289 }
8290
8291 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
8292 wpa_supplicant_set_default_scan_ies(wpa_s);
8293
8294 if (wpa_s->conf->changed_parameters & CFG_CHANGED_FT_PREPEND_PMKID)
8295 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID,
8296 wpa_s->conf->ft_prepend_pmkid);
8297
8298 #ifdef CONFIG_BGSCAN
8299 /*
8300 * We default to global bgscan parameters only when per-network bgscan
8301 * parameters aren't set. Only bother resetting bgscan parameters if
8302 * this is the case.
8303 */
8304 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) &&
8305 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan &&
8306 wpa_s->wpa_state == WPA_COMPLETED)
8307 wpa_supplicant_reset_bgscan(wpa_s);
8308 #endif /* CONFIG_BGSCAN */
8309
8310 #ifdef CONFIG_WPS
8311 wpas_wps_update_config(wpa_s);
8312 #endif /* CONFIG_WPS */
8313 wpas_p2p_update_config(wpa_s);
8314 wpa_s->conf->changed_parameters = 0;
8315 }
8316
8317
add_freq(int * freqs,int * num_freqs,int freq)8318 void add_freq(int *freqs, int *num_freqs, int freq)
8319 {
8320 int i;
8321
8322 for (i = 0; i < *num_freqs; i++) {
8323 if (freqs[i] == freq)
8324 return;
8325 }
8326
8327 freqs[*num_freqs] = freq;
8328 (*num_freqs)++;
8329 }
8330
8331
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)8332 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
8333 {
8334 struct wpa_bss *bss, *cbss;
8335 const int max_freqs = 10;
8336 int *freqs;
8337 int num_freqs = 0;
8338
8339 freqs = os_calloc(max_freqs + 1, sizeof(int));
8340 if (freqs == NULL)
8341 return NULL;
8342
8343 cbss = wpa_s->current_bss;
8344
8345 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
8346 if (bss == cbss)
8347 continue;
8348 if (bss->ssid_len == cbss->ssid_len &&
8349 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
8350 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) {
8351 add_freq(freqs, &num_freqs, bss->freq);
8352 if (num_freqs == max_freqs)
8353 break;
8354 }
8355 }
8356
8357 if (num_freqs == 0) {
8358 os_free(freqs);
8359 freqs = NULL;
8360 }
8361
8362 return freqs;
8363 }
8364
8365
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 ** link_bssids)8366 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid,
8367 const u8 **link_bssids)
8368 {
8369 int timeout;
8370 int count;
8371 int *freqs = NULL;
8372
8373 wpas_connect_work_done(wpa_s);
8374
8375 /*
8376 * Remove possible authentication timeout since the connection failed.
8377 */
8378 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
8379
8380 /*
8381 * There is no point in ignoring the AP temporarily if this event is
8382 * generated based on local request to disconnect.
8383 */
8384 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
8385 wpa_s->own_disconnect_req = 0;
8386 wpa_dbg(wpa_s, MSG_DEBUG,
8387 "Ignore connection failure due to local request to disconnect");
8388 return;
8389 }
8390 if (wpa_s->disconnected) {
8391 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
8392 "indication since interface has been put into "
8393 "disconnected state");
8394 return;
8395 }
8396
8397 /* Also mark links as failed */
8398 while (link_bssids && *link_bssids) {
8399 wpa_bssid_ignore_add(wpa_s, *link_bssids);
8400 link_bssids++;
8401 }
8402
8403 /*
8404 * Add the failed BSSID into the ignore list and speed up next scan
8405 * attempt if there could be other APs that could accept association.
8406 */
8407 count = wpa_bssid_ignore_add(wpa_s, bssid);
8408 if (count == 1 && wpa_s->current_bss) {
8409 /*
8410 * This BSS was not in the ignore list before. If there is
8411 * another BSS available for the same ESS, we should try that
8412 * next. Otherwise, we may as well try this one once more
8413 * before allowing other, likely worse, ESSes to be considered.
8414 */
8415 freqs = get_bss_freqs_in_ess(wpa_s);
8416 if (freqs) {
8417 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
8418 "has been seen; try it next");
8419 wpa_bssid_ignore_add(wpa_s, bssid);
8420 /*
8421 * On the next scan, go through only the known channels
8422 * used in this ESS based on previous scans to speed up
8423 * common load balancing use case.
8424 */
8425 os_free(wpa_s->next_scan_freqs);
8426 wpa_s->next_scan_freqs = freqs;
8427 }
8428 }
8429
8430 wpa_s->consecutive_conn_failures++;
8431
8432 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) {
8433 wpa_printf(MSG_DEBUG, "Continuous association failures - "
8434 "consider temporary network disabling");
8435 wpas_auth_failed(wpa_s, "CONN_FAILED", bssid);
8436 }
8437 /*
8438 * Multiple consecutive connection failures mean that other APs are
8439 * either not available or have already been tried, so we can start
8440 * increasing the delay here to avoid constant scanning.
8441 */
8442 switch (wpa_s->consecutive_conn_failures) {
8443 case 1:
8444 timeout = 100;
8445 break;
8446 case 2:
8447 timeout = 500;
8448 break;
8449 case 3:
8450 timeout = 1000;
8451 break;
8452 case 4:
8453 timeout = 5000;
8454 break;
8455 default:
8456 timeout = 10000;
8457 break;
8458 }
8459
8460 wpa_dbg(wpa_s, MSG_DEBUG,
8461 "Consecutive connection failures: %d --> request scan in %d ms",
8462 wpa_s->consecutive_conn_failures, timeout);
8463
8464 /*
8465 * TODO: if more than one possible AP is available in scan results,
8466 * could try the other ones before requesting a new scan.
8467 */
8468
8469 /* speed up the connection attempt with normal scan */
8470 wpa_s->normal_scans = 0;
8471 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
8472 1000 * (timeout % 1000));
8473 }
8474
8475
8476 #ifdef CONFIG_FILS
8477
fils_pmksa_cache_flush(struct wpa_supplicant * wpa_s)8478 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
8479 {
8480 struct wpa_ssid *ssid = wpa_s->current_ssid;
8481 const u8 *realm, *username, *rrk;
8482 size_t realm_len, username_len, rrk_len;
8483 u16 next_seq_num;
8484
8485 /* Clear the PMKSA cache entry if FILS authentication was rejected.
8486 * Check for ERP keys existing to limit when this can be done since
8487 * the rejection response is not protected and such triggers should
8488 * really not allow internal state to be modified unless required to
8489 * avoid significant issues in functionality. In addition, drop
8490 * externally configure PMKSA entries even without ERP keys since it
8491 * is possible for an external component to add PMKSA entries for FILS
8492 * authentication without restoring previously generated ERP keys.
8493 *
8494 * In this case, this is needed to allow recovery from cases where the
8495 * AP or authentication server has dropped PMKSAs and ERP keys. */
8496 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt))
8497 return;
8498
8499 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
8500 &username, &username_len,
8501 &realm, &realm_len, &next_seq_num,
8502 &rrk, &rrk_len) != 0 ||
8503 !realm) {
8504 wpa_dbg(wpa_s, MSG_DEBUG,
8505 "FILS: Drop external PMKSA cache entry");
8506 wpa_sm_aborted_external_cached(wpa_s->wpa);
8507 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid);
8508 return;
8509 }
8510
8511 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry");
8512 wpa_sm_aborted_cached(wpa_s->wpa);
8513 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
8514 }
8515
8516
fils_connection_failure(struct wpa_supplicant * wpa_s)8517 void fils_connection_failure(struct wpa_supplicant *wpa_s)
8518 {
8519 struct wpa_ssid *ssid = wpa_s->current_ssid;
8520 const u8 *realm, *username, *rrk;
8521 size_t realm_len, username_len, rrk_len;
8522 u16 next_seq_num;
8523
8524 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
8525 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
8526 &username, &username_len,
8527 &realm, &realm_len, &next_seq_num,
8528 &rrk, &rrk_len) != 0 ||
8529 !realm)
8530 return;
8531
8532 wpa_hexdump_ascii(MSG_DEBUG,
8533 "FILS: Store last connection failure realm",
8534 realm, realm_len);
8535 os_free(wpa_s->last_con_fail_realm);
8536 wpa_s->last_con_fail_realm = os_malloc(realm_len);
8537 if (wpa_s->last_con_fail_realm) {
8538 wpa_s->last_con_fail_realm_len = realm_len;
8539 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
8540 }
8541 }
8542 #endif /* CONFIG_FILS */
8543
8544
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)8545 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
8546 {
8547 return wpa_s->conf->ap_scan == 2 ||
8548 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
8549 }
8550
8551
8552 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)8553 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
8554 struct wpa_ssid *ssid,
8555 const char *field,
8556 const char *value)
8557 {
8558 #ifdef IEEE8021X_EAPOL
8559 struct eap_peer_config *eap = &ssid->eap;
8560
8561 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
8562 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
8563 (const u8 *) value, os_strlen(value));
8564
8565 switch (wpa_supplicant_ctrl_req_from_string(field)) {
8566 case WPA_CTRL_REQ_EAP_IDENTITY:
8567 os_free(eap->identity);
8568 eap->identity = (u8 *) os_strdup(value);
8569 if (!eap->identity)
8570 return -1;
8571 eap->identity_len = os_strlen(value);
8572 eap->pending_req_identity = 0;
8573 if (ssid == wpa_s->current_ssid)
8574 wpa_s->reassociate = 1;
8575 break;
8576 case WPA_CTRL_REQ_EAP_PASSWORD:
8577 bin_clear_free(eap->password, eap->password_len);
8578 eap->password = (u8 *) os_strdup(value);
8579 if (!eap->password)
8580 return -1;
8581 eap->password_len = os_strlen(value);
8582 eap->pending_req_password = 0;
8583 if (ssid == wpa_s->current_ssid)
8584 wpa_s->reassociate = 1;
8585 break;
8586 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
8587 bin_clear_free(eap->new_password, eap->new_password_len);
8588 eap->new_password = (u8 *) os_strdup(value);
8589 if (!eap->new_password)
8590 return -1;
8591 eap->new_password_len = os_strlen(value);
8592 eap->pending_req_new_password = 0;
8593 if (ssid == wpa_s->current_ssid)
8594 wpa_s->reassociate = 1;
8595 break;
8596 case WPA_CTRL_REQ_EAP_PIN:
8597 str_clear_free(eap->cert.pin);
8598 eap->cert.pin = os_strdup(value);
8599 if (!eap->cert.pin)
8600 return -1;
8601 eap->pending_req_pin = 0;
8602 if (ssid == wpa_s->current_ssid)
8603 wpa_s->reassociate = 1;
8604 break;
8605 case WPA_CTRL_REQ_EAP_OTP:
8606 bin_clear_free(eap->otp, eap->otp_len);
8607 eap->otp = (u8 *) os_strdup(value);
8608 if (!eap->otp)
8609 return -1;
8610 eap->otp_len = os_strlen(value);
8611 os_free(eap->pending_req_otp);
8612 eap->pending_req_otp = NULL;
8613 eap->pending_req_otp_len = 0;
8614 break;
8615 case WPA_CTRL_REQ_EAP_PASSPHRASE:
8616 str_clear_free(eap->cert.private_key_passwd);
8617 eap->cert.private_key_passwd = os_strdup(value);
8618 if (!eap->cert.private_key_passwd)
8619 return -1;
8620 eap->pending_req_passphrase = 0;
8621 if (ssid == wpa_s->current_ssid)
8622 wpa_s->reassociate = 1;
8623 break;
8624 case WPA_CTRL_REQ_SIM:
8625 str_clear_free(eap->external_sim_resp);
8626 eap->external_sim_resp = os_strdup(value);
8627 if (!eap->external_sim_resp)
8628 return -1;
8629 eap->pending_req_sim = 0;
8630 break;
8631 case WPA_CTRL_REQ_PSK_PASSPHRASE:
8632 if (wpa_config_set(ssid, "psk", value, 0) < 0)
8633 return -1;
8634 ssid->mem_only_psk = 1;
8635 if (ssid->passphrase)
8636 wpa_config_update_psk(ssid);
8637 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
8638 wpa_supplicant_req_scan(wpa_s, 0, 0);
8639 break;
8640 case WPA_CTRL_REQ_EXT_CERT_CHECK:
8641 if (eap->pending_ext_cert_check != PENDING_CHECK)
8642 return -1;
8643 if (os_strcmp(value, "good") == 0)
8644 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
8645 else if (os_strcmp(value, "bad") == 0)
8646 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
8647 else
8648 return -1;
8649 break;
8650 default:
8651 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
8652 return -1;
8653 }
8654
8655 return 0;
8656 #else /* IEEE8021X_EAPOL */
8657 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
8658 return -1;
8659 #endif /* IEEE8021X_EAPOL */
8660 }
8661 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
8662
8663
wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8664 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8665 {
8666 #ifdef CONFIG_WEP
8667 int i;
8668 unsigned int drv_enc;
8669 #endif /* CONFIG_WEP */
8670
8671 if (wpa_s->p2p_mgmt)
8672 return 1; /* no normal network profiles on p2p_mgmt interface */
8673
8674 if (ssid == NULL)
8675 return 1;
8676
8677 if (ssid->disabled)
8678 return 1;
8679
8680 #ifdef CONFIG_WEP
8681 if (wpa_s->drv_capa_known)
8682 drv_enc = wpa_s->drv_enc;
8683 else
8684 drv_enc = (unsigned int) -1;
8685
8686 for (i = 0; i < NUM_WEP_KEYS; i++) {
8687 size_t len = ssid->wep_key_len[i];
8688 if (len == 0)
8689 continue;
8690 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
8691 continue;
8692 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
8693 continue;
8694 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
8695 continue;
8696 return 1; /* invalid WEP key */
8697 }
8698 #endif /* CONFIG_WEP */
8699
8700 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
8701 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
8702 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
8703 !ssid->mem_only_psk)
8704 return 1;
8705
8706 #ifdef IEEE8021X_EAPOL
8707 #ifdef CRYPTO_RSA_OAEP_SHA256
8708 if (ssid->eap.imsi_privacy_cert) {
8709 struct crypto_rsa_key *key;
8710 bool failed = false;
8711
8712 key = crypto_rsa_key_read(ssid->eap.imsi_privacy_cert, false);
8713 if (!key)
8714 failed = true;
8715 crypto_rsa_key_free(key);
8716 if (failed) {
8717 wpa_printf(MSG_DEBUG,
8718 "Invalid imsi_privacy_cert (%s) - disable network",
8719 ssid->eap.imsi_privacy_cert);
8720 return 1;
8721 }
8722 }
8723 #endif /* CRYPTO_RSA_OAEP_SHA256 */
8724 #endif /* IEEE8021X_EAPOL */
8725
8726 return 0;
8727 }
8728
8729
wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8730 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8731 {
8732 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
8733 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
8734 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
8735 /*
8736 * Driver does not support BIP -- ignore pmf=1 default
8737 * since the connection with PMF would fail and the
8738 * configuration does not require PMF to be enabled.
8739 */
8740 return NO_MGMT_FRAME_PROTECTION;
8741 }
8742
8743 if (ssid &&
8744 (ssid->key_mgmt &
8745 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
8746 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
8747 /*
8748 * Do not use the default PMF value for non-RSN networks
8749 * since PMF is available only with RSN and pmf=2
8750 * configuration would otherwise prevent connections to
8751 * all open networks.
8752 */
8753 return NO_MGMT_FRAME_PROTECTION;
8754 }
8755
8756 #ifdef CONFIG_OCV
8757 /* Enable PMF if OCV is being enabled */
8758 if (wpa_s->conf->pmf == NO_MGMT_FRAME_PROTECTION &&
8759 ssid && ssid->ocv)
8760 return MGMT_FRAME_PROTECTION_OPTIONAL;
8761 #endif /* CONFIG_OCV */
8762
8763 return wpa_s->conf->pmf;
8764 }
8765
8766 return ssid->ieee80211w;
8767 }
8768
8769
8770 #ifdef CONFIG_SAE
wpas_is_sae_avoided(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const struct wpa_ie_data * ie)8771 bool wpas_is_sae_avoided(struct wpa_supplicant *wpa_s,
8772 struct wpa_ssid *ssid,
8773 const struct wpa_ie_data *ie)
8774 {
8775 return wpa_s->conf->sae_check_mfp &&
8776 (!(ie->capabilities &
8777 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) ||
8778 wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION);
8779 }
8780 #endif /* CONFIG_SAE */
8781
8782
pmf_in_use(struct wpa_supplicant * wpa_s,const u8 * addr)8783 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr)
8784 {
8785 if (wpa_s->current_ssid == NULL ||
8786 wpa_s->wpa_state < WPA_4WAY_HANDSHAKE)
8787 return 0;
8788 if (wpa_s->valid_links) {
8789 if (!ether_addr_equal(addr, wpa_s->ap_mld_addr) &&
8790 !wpas_ap_link_address(wpa_s, addr))
8791 return 0;
8792 } else {
8793 if (!ether_addr_equal(addr, wpa_s->bssid))
8794 return 0;
8795 }
8796 return wpa_sm_pmf_enabled(wpa_s->wpa);
8797 }
8798
8799
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)8800 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
8801 {
8802 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
8803 return 1;
8804 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
8805 return 0;
8806 return -1;
8807 }
8808
8809
wpas_auth_failed(struct wpa_supplicant * wpa_s,const char * reason,const u8 * bssid)8810 void wpas_auth_failed(struct wpa_supplicant *wpa_s, const char *reason,
8811 const u8 *bssid)
8812 {
8813 struct wpa_ssid *ssid = wpa_s->current_ssid;
8814 int dur;
8815 struct os_reltime now;
8816
8817 if (ssid == NULL) {
8818 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
8819 "SSID block");
8820 return;
8821 }
8822
8823 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
8824 return;
8825
8826 ssid->auth_failures++;
8827
8828 #ifdef CONFIG_P2P
8829 if (ssid->p2p_group &&
8830 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
8831 /*
8832 * Skip the wait time since there is a short timeout on the
8833 * connection to a P2P group.
8834 */
8835 return;
8836 }
8837 #endif /* CONFIG_P2P */
8838
8839 if (ssid->auth_failures > 50)
8840 dur = 300;
8841 else if (ssid->auth_failures > 10)
8842 dur = 120;
8843 else if (ssid->auth_failures > 5)
8844 dur = 90;
8845 else if (ssid->auth_failures > 3)
8846 dur = 60;
8847 else if (ssid->auth_failures > 2)
8848 dur = 30;
8849 else if (ssid->auth_failures > 1)
8850 dur = 20;
8851 else
8852 dur = 10;
8853
8854 if (ssid->auth_failures > 1 &&
8855 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
8856 dur += os_random() % (ssid->auth_failures * 10);
8857
8858 os_get_reltime(&now);
8859 if (now.sec + dur <= ssid->disabled_until.sec)
8860 return;
8861
8862 ssid->disabled_until.sec = now.sec + dur;
8863
8864 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
8865 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
8866 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
8867 ssid->auth_failures, dur, reason);
8868
8869 if (bssid)
8870 os_memcpy(ssid->disabled_due_to, bssid, ETH_ALEN);
8871 }
8872
8873
wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)8874 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
8875 struct wpa_ssid *ssid, int clear_failures)
8876 {
8877 if (ssid == NULL)
8878 return;
8879
8880 if (ssid->disabled_until.sec) {
8881 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
8882 "id=%d ssid=\"%s\"",
8883 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
8884 }
8885 ssid->disabled_until.sec = 0;
8886 ssid->disabled_until.usec = 0;
8887 if (clear_failures) {
8888 ssid->auth_failures = 0;
8889 } else if (!is_zero_ether_addr(ssid->disabled_due_to)) {
8890 wpa_printf(MSG_DEBUG, "Mark BSSID " MACSTR
8891 " ignored to allow a lower priority BSS, if any, to be tried next",
8892 MAC2STR(ssid->disabled_due_to));
8893 wpa_bssid_ignore_add(wpa_s, ssid->disabled_due_to);
8894 os_memset(ssid->disabled_due_to, 0, ETH_ALEN);
8895 }
8896 }
8897
8898
disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)8899 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
8900 {
8901 size_t i;
8902
8903 if (wpa_s->disallow_aps_bssid == NULL)
8904 return 0;
8905
8906 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
8907 if (ether_addr_equal(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
8908 bssid))
8909 return 1;
8910 }
8911
8912 return 0;
8913 }
8914
8915
disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)8916 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
8917 size_t ssid_len)
8918 {
8919 size_t i;
8920
8921 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
8922 return 0;
8923
8924 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
8925 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
8926 if (ssid_len == s->ssid_len &&
8927 os_memcmp(ssid, s->ssid, ssid_len) == 0)
8928 return 1;
8929 }
8930
8931 return 0;
8932 }
8933
8934
8935 /**
8936 * wpas_request_connection - Request a new connection
8937 * @wpa_s: Pointer to the network interface
8938 *
8939 * This function is used to request a new connection to be found. It will mark
8940 * the interface to allow reassociation and request a new scan to find a
8941 * suitable network to connect to.
8942 */
wpas_request_connection(struct wpa_supplicant * wpa_s)8943 void wpas_request_connection(struct wpa_supplicant *wpa_s)
8944 {
8945 wpa_s->normal_scans = 0;
8946 wpa_s->scan_req = NORMAL_SCAN_REQ;
8947 wpa_supplicant_reinit_autoscan(wpa_s);
8948 wpa_s->disconnected = 0;
8949 wpa_s->reassociate = 1;
8950 wpa_s->last_owe_group = 0;
8951
8952 if (wpa_supplicant_fast_associate(wpa_s) != 1)
8953 wpa_supplicant_req_scan(wpa_s, 0, 0);
8954 else
8955 wpa_s->reattach = 0;
8956 }
8957
8958
8959 /**
8960 * wpas_request_disconnection - Request disconnection
8961 * @wpa_s: Pointer to the network interface
8962 *
8963 * This function is used to request disconnection from the currently connected
8964 * network. This will stop any ongoing scans and initiate deauthentication.
8965 */
wpas_request_disconnection(struct wpa_supplicant * wpa_s)8966 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
8967 {
8968 #ifdef CONFIG_SME
8969 wpa_s->sme.prev_bssid_set = 0;
8970 #endif /* CONFIG_SME */
8971 wpa_s->reassociate = 0;
8972 wpa_s->disconnected = 1;
8973 wpa_supplicant_cancel_sched_scan(wpa_s);
8974 wpa_supplicant_cancel_scan(wpa_s);
8975 wpas_abort_ongoing_scan(wpa_s);
8976 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
8977 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
8978 radio_remove_works(wpa_s, "connect", 0);
8979 radio_remove_works(wpa_s, "sme-connect", 0);
8980 wpa_s->roam_in_progress = false;
8981 #ifdef CONFIG_WNM
8982 wpa_s->bss_trans_mgmt_in_progress = false;
8983 #endif /* CONFIG_WNM */
8984 }
8985
8986
dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)8987 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
8988 struct wpa_used_freq_data *freqs_data,
8989 unsigned int len)
8990 {
8991 unsigned int i;
8992
8993 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
8994 len, title);
8995 for (i = 0; i < len; i++) {
8996 struct wpa_used_freq_data *cur = &freqs_data[i];
8997 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
8998 i, cur->freq, cur->flags);
8999 }
9000 }
9001
9002
9003 /*
9004 * Find the operating frequencies of any of the virtual interfaces that
9005 * are using the same radio as the current interface, and in addition, get
9006 * information about the interface types that are using the frequency.
9007 */
get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len,bool exclude_current)9008 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
9009 struct wpa_used_freq_data *freqs_data,
9010 unsigned int len, bool exclude_current)
9011 {
9012 struct wpa_supplicant *ifs;
9013 u8 bssid[ETH_ALEN];
9014 int freq;
9015 unsigned int idx = 0, i;
9016
9017 wpa_dbg(wpa_s, MSG_DEBUG,
9018 "Determining shared radio frequencies (max len %u)", len);
9019 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
9020
9021 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
9022 radio_list) {
9023 if (idx == len)
9024 break;
9025
9026 if (exclude_current && ifs == wpa_s)
9027 continue;
9028
9029 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
9030 continue;
9031
9032 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
9033 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
9034 ifs->current_ssid->mode == WPAS_MODE_MESH)
9035 freq = ifs->current_ssid->frequency;
9036 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
9037 freq = ifs->assoc_freq;
9038 else
9039 continue;
9040
9041 /* Hold only distinct freqs */
9042 for (i = 0; i < idx; i++)
9043 if (freqs_data[i].freq == freq)
9044 break;
9045
9046 if (i == idx)
9047 freqs_data[idx++].freq = freq;
9048
9049 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
9050 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
9051 WPA_FREQ_USED_BY_P2P_CLIENT :
9052 WPA_FREQ_USED_BY_INFRA_STATION;
9053 }
9054 }
9055
9056 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
9057 return idx;
9058 }
9059
9060
9061 /*
9062 * Find the operating frequencies of any of the virtual interfaces that
9063 * are using the same radio as the current interface.
9064 */
get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len,bool exclude_current)9065 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
9066 int *freq_array, unsigned int len,
9067 bool exclude_current)
9068 {
9069 struct wpa_used_freq_data *freqs_data;
9070 int num, i;
9071
9072 os_memset(freq_array, 0, sizeof(int) * len);
9073
9074 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
9075 if (!freqs_data)
9076 return -1;
9077
9078 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len,
9079 exclude_current);
9080 for (i = 0; i < num; i++)
9081 freq_array[i] = freqs_data[i].freq;
9082
9083 os_free(freqs_data);
9084
9085 return num;
9086 }
9087
9088
9089 struct wpa_supplicant *
wpas_vendor_elem(struct wpa_supplicant * wpa_s,enum wpa_vendor_elem_frame frame)9090 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
9091 {
9092 switch (frame) {
9093 #ifdef CONFIG_P2P
9094 case VENDOR_ELEM_PROBE_REQ_P2P:
9095 case VENDOR_ELEM_PROBE_RESP_P2P:
9096 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
9097 case VENDOR_ELEM_BEACON_P2P_GO:
9098 case VENDOR_ELEM_P2P_PD_REQ:
9099 case VENDOR_ELEM_P2P_PD_RESP:
9100 case VENDOR_ELEM_P2P_GO_NEG_REQ:
9101 case VENDOR_ELEM_P2P_GO_NEG_RESP:
9102 case VENDOR_ELEM_P2P_GO_NEG_CONF:
9103 case VENDOR_ELEM_P2P_INV_REQ:
9104 case VENDOR_ELEM_P2P_INV_RESP:
9105 case VENDOR_ELEM_P2P_ASSOC_REQ:
9106 case VENDOR_ELEM_P2P_ASSOC_RESP:
9107 return wpa_s->p2pdev;
9108 #endif /* CONFIG_P2P */
9109 default:
9110 return wpa_s;
9111 }
9112 }
9113
9114
wpas_vendor_elem_update(struct wpa_supplicant * wpa_s)9115 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
9116 {
9117 unsigned int i;
9118 char buf[30];
9119
9120 wpa_printf(MSG_DEBUG, "Update vendor elements");
9121
9122 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
9123 if (wpa_s->vendor_elem[i]) {
9124 int res;
9125
9126 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
9127 if (!os_snprintf_error(sizeof(buf), res)) {
9128 wpa_hexdump_buf(MSG_DEBUG, buf,
9129 wpa_s->vendor_elem[i]);
9130 }
9131 }
9132 }
9133
9134 #ifdef CONFIG_P2P
9135 if (wpa_s->parent == wpa_s &&
9136 wpa_s->global->p2p &&
9137 !wpa_s->global->p2p_disabled)
9138 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
9139 #endif /* CONFIG_P2P */
9140 }
9141
9142
wpas_vendor_elem_remove(struct wpa_supplicant * wpa_s,int frame,const u8 * elem,size_t len)9143 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
9144 const u8 *elem, size_t len)
9145 {
9146 u8 *ie, *end;
9147
9148 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
9149 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
9150
9151 for (; ie + 1 < end; ie += 2 + ie[1]) {
9152 if (ie + len > end)
9153 break;
9154 if (os_memcmp(ie, elem, len) != 0)
9155 continue;
9156
9157 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
9158 wpabuf_free(wpa_s->vendor_elem[frame]);
9159 wpa_s->vendor_elem[frame] = NULL;
9160 } else {
9161 os_memmove(ie, ie + len, end - (ie + len));
9162 wpa_s->vendor_elem[frame]->used -= len;
9163 }
9164 wpas_vendor_elem_update(wpa_s);
9165 return 0;
9166 }
9167
9168 return -1;
9169 }
9170
9171
get_mode(struct hostapd_hw_modes * modes,u16 num_modes,enum hostapd_hw_mode mode,bool is_6ghz)9172 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
9173 u16 num_modes, enum hostapd_hw_mode mode,
9174 bool is_6ghz)
9175 {
9176 u16 i;
9177
9178 if (!modes)
9179 return NULL;
9180
9181 for (i = 0; i < num_modes; i++) {
9182 if (modes[i].mode != mode ||
9183 !modes[i].num_channels || !modes[i].channels)
9184 continue;
9185 if (is_6ghz == modes[i].is_6ghz)
9186 return &modes[i];
9187 }
9188
9189 return NULL;
9190 }
9191
9192
get_mode_with_freq(struct hostapd_hw_modes * modes,u16 num_modes,int freq)9193 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes,
9194 u16 num_modes, int freq)
9195 {
9196 int i, j;
9197
9198 for (i = 0; i < num_modes; i++) {
9199 for (j = 0; j < modes[i].num_channels; j++) {
9200 if (freq == modes[i].channels[j].freq)
9201 return &modes[i];
9202 }
9203 }
9204
9205 return NULL;
9206 }
9207
9208
9209 static struct
wpas_get_disallowed_bss(struct wpa_supplicant * wpa_s,const u8 * bssid)9210 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
9211 const u8 *bssid)
9212 {
9213 struct wpa_bss_tmp_disallowed *bss;
9214
9215 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
9216 struct wpa_bss_tmp_disallowed, list) {
9217 if (ether_addr_equal(bssid, bss->bssid))
9218 return bss;
9219 }
9220
9221 return NULL;
9222 }
9223
9224
wpa_set_driver_tmp_disallow_list(struct wpa_supplicant * wpa_s)9225 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
9226 {
9227 struct wpa_bss_tmp_disallowed *tmp;
9228 unsigned int num_bssid = 0;
9229 u8 *bssids;
9230 int ret;
9231
9232 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
9233 if (!bssids)
9234 return -1;
9235 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
9236 struct wpa_bss_tmp_disallowed, list) {
9237 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
9238 ETH_ALEN);
9239 num_bssid++;
9240 }
9241 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids);
9242 os_free(bssids);
9243 return ret;
9244 }
9245
9246
wpa_bss_tmp_disallow_timeout(void * eloop_ctx,void * timeout_ctx)9247 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
9248 {
9249 struct wpa_supplicant *wpa_s = eloop_ctx;
9250 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
9251
9252 /* Make sure the bss is not already freed */
9253 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
9254 struct wpa_bss_tmp_disallowed, list) {
9255 if (bss == tmp) {
9256 remove_bss_tmp_disallowed_entry(wpa_s, tmp);
9257 wpa_set_driver_tmp_disallow_list(wpa_s);
9258 break;
9259 }
9260 }
9261 }
9262
9263
wpa_bss_tmp_disallow(struct wpa_supplicant * wpa_s,const u8 * bssid,unsigned int sec,int rssi_threshold)9264 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
9265 unsigned int sec, int rssi_threshold)
9266 {
9267 struct wpa_bss_tmp_disallowed *bss;
9268
9269 bss = wpas_get_disallowed_bss(wpa_s, bssid);
9270 if (bss) {
9271 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
9272 goto finish;
9273 }
9274
9275 bss = os_malloc(sizeof(*bss));
9276 if (!bss) {
9277 wpa_printf(MSG_DEBUG,
9278 "Failed to allocate memory for temp disallow BSS");
9279 return;
9280 }
9281
9282 os_memcpy(bss->bssid, bssid, ETH_ALEN);
9283 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
9284 wpa_set_driver_tmp_disallow_list(wpa_s);
9285
9286 finish:
9287 bss->rssi_threshold = rssi_threshold;
9288 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
9289 wpa_s, bss);
9290 }
9291
9292
wpa_is_bss_tmp_disallowed(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9293 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
9294 struct wpa_bss *bss)
9295 {
9296 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
9297
9298 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
9299 struct wpa_bss_tmp_disallowed, list) {
9300 if (ether_addr_equal(bss->bssid, tmp->bssid)) {
9301 disallowed = tmp;
9302 break;
9303 }
9304 }
9305 if (!disallowed)
9306 return 0;
9307
9308 if (disallowed->rssi_threshold != 0 &&
9309 bss->level > disallowed->rssi_threshold) {
9310 remove_bss_tmp_disallowed_entry(wpa_s, disallowed);
9311 wpa_set_driver_tmp_disallow_list(wpa_s);
9312 return 0;
9313 }
9314
9315 return 1;
9316 }
9317
9318
wpas_enable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type,const u8 * addr,const u8 * mask)9319 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
9320 unsigned int type, const u8 *addr,
9321 const u8 *mask)
9322 {
9323 if ((addr && !mask) || (!addr && mask)) {
9324 wpa_printf(MSG_INFO,
9325 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
9326 return -1;
9327 }
9328
9329 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
9330 wpa_printf(MSG_INFO,
9331 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
9332 return -1;
9333 }
9334
9335 if (type & MAC_ADDR_RAND_SCAN) {
9336 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
9337 addr, mask))
9338 return -1;
9339 }
9340
9341 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
9342 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
9343 addr, mask))
9344 return -1;
9345
9346 if (wpa_s->sched_scanning && !wpa_s->pno)
9347 wpas_scan_restart_sched_scan(wpa_s);
9348 }
9349
9350 if (type & MAC_ADDR_RAND_PNO) {
9351 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
9352 addr, mask))
9353 return -1;
9354
9355 if (wpa_s->pno) {
9356 wpas_stop_pno(wpa_s);
9357 wpas_start_pno(wpa_s);
9358 }
9359 }
9360
9361 return 0;
9362 }
9363
9364
wpas_disable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type)9365 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
9366 unsigned int type)
9367 {
9368 wpas_mac_addr_rand_scan_clear(wpa_s, type);
9369 if (wpa_s->pno) {
9370 if (type & MAC_ADDR_RAND_PNO) {
9371 wpas_stop_pno(wpa_s);
9372 wpas_start_pno(wpa_s);
9373 }
9374 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
9375 wpas_scan_restart_sched_scan(wpa_s);
9376 }
9377
9378 return 0;
9379 }
9380
9381
wpa_drv_signal_poll(struct wpa_supplicant * wpa_s,struct wpa_signal_info * si)9382 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
9383 struct wpa_signal_info *si)
9384 {
9385 int res;
9386
9387 if (!wpa_s->driver->signal_poll)
9388 return -1;
9389
9390 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
9391
9392 #ifdef CONFIG_TESTING_OPTIONS
9393 if (res == 0) {
9394 struct driver_signal_override *dso;
9395
9396 dl_list_for_each(dso, &wpa_s->drv_signal_override,
9397 struct driver_signal_override, list) {
9398 if (!ether_addr_equal(wpa_s->bssid, dso->bssid))
9399 continue;
9400 wpa_printf(MSG_DEBUG,
9401 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
9402 si->data.signal,
9403 dso->si_current_signal,
9404 si->data.avg_signal,
9405 dso->si_avg_signal,
9406 si->data.avg_beacon_signal,
9407 dso->si_avg_beacon_signal,
9408 si->current_noise,
9409 dso->si_current_noise);
9410 si->data.signal = dso->si_current_signal;
9411 si->data.avg_signal = dso->si_avg_signal;
9412 si->data.avg_beacon_signal = dso->si_avg_beacon_signal;
9413 si->current_noise = dso->si_current_noise;
9414 break;
9415 }
9416 }
9417 #endif /* CONFIG_TESTING_OPTIONS */
9418
9419 return res;
9420 }
9421
9422
9423 struct wpa_scan_results *
wpa_drv_get_scan_results(struct wpa_supplicant * wpa_s,const u8 * bssid)9424 wpa_drv_get_scan_results(struct wpa_supplicant *wpa_s, const u8 *bssid)
9425 {
9426 struct wpa_scan_results *scan_res;
9427 #ifdef CONFIG_TESTING_OPTIONS
9428 size_t idx;
9429 #endif /* CONFIG_TESTING_OPTIONS */
9430
9431 if (wpa_s->driver->get_scan_results)
9432 scan_res = wpa_s->driver->get_scan_results(wpa_s->drv_priv,
9433 bssid);
9434 else if (wpa_s->driver->get_scan_results2)
9435 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
9436 else
9437 return NULL;
9438
9439
9440 #ifdef CONFIG_TESTING_OPTIONS
9441 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
9442 struct driver_signal_override *dso;
9443 struct wpa_scan_res *res = scan_res->res[idx];
9444
9445 dl_list_for_each(dso, &wpa_s->drv_signal_override,
9446 struct driver_signal_override, list) {
9447 if (!ether_addr_equal(res->bssid, dso->bssid))
9448 continue;
9449 wpa_printf(MSG_DEBUG,
9450 "Override driver scan signal level %d->%d for "
9451 MACSTR,
9452 res->level, dso->scan_level,
9453 MAC2STR(res->bssid));
9454 res->flags |= WPA_SCAN_QUAL_INVALID;
9455 if (dso->scan_level < 0)
9456 res->flags |= WPA_SCAN_LEVEL_DBM;
9457 else
9458 res->flags &= ~WPA_SCAN_LEVEL_DBM;
9459 res->level = dso->scan_level;
9460 break;
9461 }
9462 }
9463 #endif /* CONFIG_TESTING_OPTIONS */
9464
9465 return scan_res;
9466 }
9467
9468
wpas_ap_link_address(struct wpa_supplicant * wpa_s,const u8 * addr)9469 bool wpas_ap_link_address(struct wpa_supplicant *wpa_s, const u8 *addr)
9470 {
9471 int i;
9472
9473 if (!wpa_s->valid_links)
9474 return false;
9475
9476 for_each_link(wpa_s->valid_links, i) {
9477 if (ether_addr_equal(wpa_s->links[i].bssid, addr))
9478 return true;
9479 }
9480
9481 return false;
9482 }
9483
9484
wpa_drv_send_action(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int wait,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)9485 int wpa_drv_send_action(struct wpa_supplicant *wpa_s, unsigned int freq,
9486 unsigned int wait, const u8 *dst, const u8 *src,
9487 const u8 *bssid, const u8 *data, size_t data_len,
9488 int no_cck)
9489 {
9490 if (!wpa_s->driver->send_action)
9491 return -1;
9492
9493 if (data_len > 0 && data[0] != WLAN_ACTION_PUBLIC) {
9494 if (wpas_ap_link_address(wpa_s, dst))
9495 dst = wpa_s->ap_mld_addr;
9496
9497 if (wpas_ap_link_address(wpa_s, bssid))
9498 bssid = wpa_s->ap_mld_addr;
9499 }
9500
9501 return wpa_s->driver->send_action(wpa_s->drv_priv, freq, wait, dst, src,
9502 bssid, data, data_len, no_cck);
9503 }
9504
9505
wpas_is_6ghz_supported(struct wpa_supplicant * wpa_s,bool only_enabled)9506 bool wpas_is_6ghz_supported(struct wpa_supplicant *wpa_s, bool only_enabled)
9507 {
9508 struct hostapd_channel_data *chnl;
9509 int i, j;
9510
9511 for (i = 0; i < wpa_s->hw.num_modes; i++) {
9512 if (wpa_s->hw.modes[i].mode == HOSTAPD_MODE_IEEE80211A) {
9513 chnl = wpa_s->hw.modes[i].channels;
9514 for (j = 0; j < wpa_s->hw.modes[i].num_channels; j++) {
9515 if (only_enabled &&
9516 (chnl[j].flag & HOSTAPD_CHAN_DISABLED))
9517 continue;
9518 if (is_6ghz_freq(chnl[j].freq))
9519 return true;
9520 }
9521 }
9522 }
9523
9524 return false;
9525 }
9526