1 /* 2 * WPA Supplicant 3 * Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 * 8 * This file implements functions for registering and unregistering 9 * %wpa_supplicant interfaces. In addition, this file contains number of 10 * functions for managing network connections. 11 */ 12 13 #include "includes.h" 14 #ifdef CONFIG_MATCH_IFACE 15 #include <net/if.h> 16 #include <fnmatch.h> 17 #endif /* CONFIG_MATCH_IFACE */ 18 19 #include "common.h" 20 #include "crypto/random.h" 21 #include "crypto/sha1.h" 22 #include "eapol_supp/eapol_supp_sm.h" 23 #include "eap_peer/eap.h" 24 #include "eap_peer/eap_proxy.h" 25 #include "eap_server/eap_methods.h" 26 #include "rsn_supp/wpa.h" 27 #include "eloop.h" 28 #include "config.h" 29 #include "utils/ext_password.h" 30 #include "l2_packet/l2_packet.h" 31 #include "wpa_supplicant_i.h" 32 #include "driver_i.h" 33 #include "ctrl_iface.h" 34 #include "pcsc_funcs.h" 35 #include "common/version.h" 36 #include "rsn_supp/preauth.h" 37 #include "rsn_supp/pmksa_cache.h" 38 #include "common/wpa_ctrl.h" 39 #include "common/ieee802_11_common.h" 40 #include "common/ieee802_11_defs.h" 41 #include "common/hw_features_common.h" 42 #include "common/gas_server.h" 43 #include "common/dpp.h" 44 #include "common/ptksa_cache.h" 45 #include "p2p/p2p.h" 46 #include "fst/fst.h" 47 #include "bssid_ignore.h" 48 #include "wpas_glue.h" 49 #include "wps_supplicant.h" 50 #include "ibss_rsn.h" 51 #include "sme.h" 52 #include "gas_query.h" 53 #include "ap.h" 54 #include "p2p_supplicant.h" 55 #include "wifi_display.h" 56 #include "notify.h" 57 #include "bgscan.h" 58 #include "autoscan.h" 59 #include "bss.h" 60 #include "scan.h" 61 #include "offchannel.h" 62 #include "hs20_supplicant.h" 63 #include "wnm_sta.h" 64 #include "wpas_kay.h" 65 #include "mesh.h" 66 #include "dpp_supplicant.h" 67 #ifdef CONFIG_MESH 68 #include "ap/ap_config.h" 69 #include "ap/hostapd.h" 70 #endif /* CONFIG_MESH */ 71 72 const char *const wpa_supplicant_version = 73 "wpa_supplicant v" VERSION_STR "\n" 74 "Copyright (c) 2003-2019, Jouni Malinen <j@w1.fi> and contributors"; 75 76 const char *const wpa_supplicant_license = 77 "This software may be distributed under the terms of the BSD license.\n" 78 "See README for more details.\n" 79 #ifdef EAP_TLS_OPENSSL 80 "\nThis product includes software developed by the OpenSSL Project\n" 81 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" 82 #endif /* EAP_TLS_OPENSSL */ 83 ; 84 85 #ifndef CONFIG_NO_STDOUT_DEBUG 86 /* Long text divided into parts in order to fit in C89 strings size limits. */ 87 const char *const wpa_supplicant_full_license1 = 88 ""; 89 const char *const wpa_supplicant_full_license2 = 90 "This software may be distributed under the terms of the BSD license.\n" 91 "\n" 92 "Redistribution and use in source and binary forms, with or without\n" 93 "modification, are permitted provided that the following conditions are\n" 94 "met:\n" 95 "\n"; 96 const char *const wpa_supplicant_full_license3 = 97 "1. Redistributions of source code must retain the above copyright\n" 98 " notice, this list of conditions and the following disclaimer.\n" 99 "\n" 100 "2. Redistributions in binary form must reproduce the above copyright\n" 101 " notice, this list of conditions and the following disclaimer in the\n" 102 " documentation and/or other materials provided with the distribution.\n" 103 "\n"; 104 const char *const wpa_supplicant_full_license4 = 105 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" 106 " names of its contributors may be used to endorse or promote products\n" 107 " derived from this software without specific prior written permission.\n" 108 "\n" 109 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" 110 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" 111 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" 112 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; 113 const char *const wpa_supplicant_full_license5 = 114 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" 115 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" 116 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" 117 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" 118 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" 119 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" 120 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" 121 "\n"; 122 #endif /* CONFIG_NO_STDOUT_DEBUG */ 123 124 125 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx); 126 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 127 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s); 128 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 129 #ifdef CONFIG_OWE 130 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s); 131 #endif /* CONFIG_OWE */ 132 133 134 #ifdef CONFIG_WEP 135 /* Configure default/group WEP keys for static WEP */ 136 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 137 { 138 int i, set = 0; 139 140 for (i = 0; i < NUM_WEP_KEYS; i++) { 141 if (ssid->wep_key_len[i] == 0) 142 continue; 143 144 set = 1; 145 wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, 146 i, i == ssid->wep_tx_keyidx, NULL, 0, 147 ssid->wep_key[i], ssid->wep_key_len[i], 148 i == ssid->wep_tx_keyidx ? 149 KEY_FLAG_GROUP_RX_TX_DEFAULT : 150 KEY_FLAG_GROUP_RX_TX); 151 } 152 153 return set; 154 } 155 #endif /* CONFIG_WEP */ 156 157 158 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, 159 struct wpa_ssid *ssid) 160 { 161 u8 key[32]; 162 size_t keylen; 163 enum wpa_alg alg; 164 u8 seq[6] = { 0 }; 165 int ret; 166 167 /* IBSS/WPA-None uses only one key (Group) for both receiving and 168 * sending unicast and multicast packets. */ 169 170 if (ssid->mode != WPAS_MODE_IBSS) { 171 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " 172 "IBSS/ad-hoc) for WPA-None", ssid->mode); 173 return -1; 174 } 175 176 if (!ssid->psk_set) { 177 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " 178 "WPA-None"); 179 return -1; 180 } 181 182 switch (wpa_s->group_cipher) { 183 case WPA_CIPHER_CCMP: 184 os_memcpy(key, ssid->psk, 16); 185 keylen = 16; 186 alg = WPA_ALG_CCMP; 187 break; 188 case WPA_CIPHER_GCMP: 189 os_memcpy(key, ssid->psk, 16); 190 keylen = 16; 191 alg = WPA_ALG_GCMP; 192 break; 193 case WPA_CIPHER_TKIP: 194 /* WPA-None uses the same Michael MIC key for both TX and RX */ 195 os_memcpy(key, ssid->psk, 16 + 8); 196 os_memcpy(key + 16 + 8, ssid->psk + 16, 8); 197 keylen = 32; 198 alg = WPA_ALG_TKIP; 199 break; 200 default: 201 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " 202 "WPA-None", wpa_s->group_cipher); 203 return -1; 204 } 205 206 /* TODO: should actually remember the previously used seq#, both for TX 207 * and RX from each STA.. */ 208 209 ret = wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen, 210 KEY_FLAG_GROUP_RX_TX_DEFAULT); 211 os_memset(key, 0, sizeof(key)); 212 return ret; 213 } 214 215 216 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) 217 { 218 struct wpa_supplicant *wpa_s = eloop_ctx; 219 const u8 *bssid = wpa_s->bssid; 220 if (!is_zero_ether_addr(wpa_s->pending_bssid) && 221 (wpa_s->wpa_state == WPA_AUTHENTICATING || 222 wpa_s->wpa_state == WPA_ASSOCIATING)) 223 bssid = wpa_s->pending_bssid; 224 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", 225 MAC2STR(bssid)); 226 wpa_bssid_ignore_add(wpa_s, bssid); 227 wpa_sm_notify_disassoc(wpa_s->wpa); 228 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 229 wpa_s->reassociate = 1; 230 231 /* 232 * If we timed out, the AP or the local radio may be busy. 233 * So, wait a second until scanning again. 234 */ 235 wpa_supplicant_req_scan(wpa_s, 1, 0); 236 } 237 238 239 /** 240 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication 241 * @wpa_s: Pointer to wpa_supplicant data 242 * @sec: Number of seconds after which to time out authentication 243 * @usec: Number of microseconds after which to time out authentication 244 * 245 * This function is used to schedule a timeout for the current authentication 246 * attempt. 247 */ 248 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, 249 int sec, int usec) 250 { 251 if (wpa_s->conf->ap_scan == 0 && 252 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) 253 return; 254 255 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " 256 "%d usec", sec, usec); 257 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 258 wpa_s->last_auth_timeout_sec = sec; 259 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); 260 } 261 262 263 /* 264 * wpas_auth_timeout_restart - Restart and change timeout for authentication 265 * @wpa_s: Pointer to wpa_supplicant data 266 * @sec_diff: difference in seconds applied to original timeout value 267 */ 268 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff) 269 { 270 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff; 271 272 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) { 273 wpa_dbg(wpa_s, MSG_DEBUG, 274 "Authentication timeout restart: %d sec", new_sec); 275 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 276 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout, 277 wpa_s, NULL); 278 } 279 } 280 281 282 /** 283 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout 284 * @wpa_s: Pointer to wpa_supplicant data 285 * 286 * This function is used to cancel authentication timeout scheduled with 287 * wpa_supplicant_req_auth_timeout() and it is called when authentication has 288 * been completed. 289 */ 290 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) 291 { 292 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); 293 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 294 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid); 295 os_free(wpa_s->last_con_fail_realm); 296 wpa_s->last_con_fail_realm = NULL; 297 wpa_s->last_con_fail_realm_len = 0; 298 } 299 300 301 /** 302 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine 303 * @wpa_s: Pointer to wpa_supplicant data 304 * 305 * This function is used to configure EAPOL state machine based on the selected 306 * authentication mode. 307 */ 308 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) 309 { 310 #ifdef IEEE8021X_EAPOL 311 struct eapol_config eapol_conf; 312 struct wpa_ssid *ssid = wpa_s->current_ssid; 313 314 #ifdef CONFIG_IBSS_RSN 315 if (ssid->mode == WPAS_MODE_IBSS && 316 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 317 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 318 /* 319 * RSN IBSS authentication is per-STA and we can disable the 320 * per-BSSID EAPOL authentication. 321 */ 322 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 323 eapol_sm_notify_eap_success(wpa_s->eapol, true); 324 eapol_sm_notify_eap_fail(wpa_s->eapol, false); 325 return; 326 } 327 #endif /* CONFIG_IBSS_RSN */ 328 329 eapol_sm_notify_eap_success(wpa_s->eapol, false); 330 eapol_sm_notify_eap_fail(wpa_s->eapol, false); 331 332 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 333 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 334 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 335 else 336 eapol_sm_notify_portControl(wpa_s->eapol, Auto); 337 338 os_memset(&eapol_conf, 0, sizeof(eapol_conf)); 339 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 340 eapol_conf.accept_802_1x_keys = 1; 341 eapol_conf.required_keys = 0; 342 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { 343 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; 344 } 345 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { 346 eapol_conf.required_keys |= 347 EAPOL_REQUIRE_KEY_BROADCAST; 348 } 349 350 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) 351 eapol_conf.required_keys = 0; 352 } 353 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; 354 eapol_conf.workaround = ssid->eap_workaround; 355 eapol_conf.eap_disabled = 356 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && 357 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && 358 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; 359 eapol_conf.external_sim = wpa_s->conf->external_sim; 360 361 #ifdef CONFIG_WPS 362 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 363 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE; 364 if (wpa_s->current_bss) { 365 struct wpabuf *ie; 366 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss, 367 WPS_IE_VENDOR_TYPE); 368 if (ie) { 369 if (wps_is_20(ie)) 370 eapol_conf.wps |= 371 EAPOL_PEER_IS_WPS20_AP; 372 wpabuf_free(ie); 373 } 374 } 375 } 376 #endif /* CONFIG_WPS */ 377 378 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); 379 380 #ifdef CONFIG_MACSEC 381 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set) 382 ieee802_1x_create_preshared_mka(wpa_s, ssid); 383 else 384 ieee802_1x_alloc_kay_sm(wpa_s, ssid); 385 #endif /* CONFIG_MACSEC */ 386 #endif /* IEEE8021X_EAPOL */ 387 } 388 389 390 /** 391 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode 392 * @wpa_s: Pointer to wpa_supplicant data 393 * @ssid: Configuration data for the network 394 * 395 * This function is used to configure WPA state machine and related parameters 396 * to a mode where WPA is not enabled. This is called as part of the 397 * authentication configuration when the selected network does not use WPA. 398 */ 399 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, 400 struct wpa_ssid *ssid) 401 { 402 #ifdef CONFIG_WEP 403 int i; 404 #endif /* CONFIG_WEP */ 405 406 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 407 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; 408 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) 409 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; 410 else 411 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 412 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 413 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 414 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0); 415 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 416 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); 417 wpa_s->rsnxe_len = 0; 418 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 419 wpa_s->group_cipher = WPA_CIPHER_NONE; 420 wpa_s->mgmt_group_cipher = 0; 421 422 #ifdef CONFIG_WEP 423 for (i = 0; i < NUM_WEP_KEYS; i++) { 424 if (ssid->wep_key_len[i] > 5) { 425 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; 426 wpa_s->group_cipher = WPA_CIPHER_WEP104; 427 break; 428 } else if (ssid->wep_key_len[i] > 0) { 429 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; 430 wpa_s->group_cipher = WPA_CIPHER_WEP40; 431 break; 432 } 433 } 434 #endif /* CONFIG_WEP */ 435 436 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); 437 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 438 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 439 wpa_s->pairwise_cipher); 440 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 441 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 442 wpa_s->mgmt_group_cipher); 443 444 pmksa_cache_clear_current(wpa_s->wpa); 445 } 446 447 448 void free_hw_features(struct wpa_supplicant *wpa_s) 449 { 450 int i; 451 if (wpa_s->hw.modes == NULL) 452 return; 453 454 for (i = 0; i < wpa_s->hw.num_modes; i++) { 455 os_free(wpa_s->hw.modes[i].channels); 456 os_free(wpa_s->hw.modes[i].rates); 457 } 458 459 os_free(wpa_s->hw.modes); 460 wpa_s->hw.modes = NULL; 461 } 462 463 464 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s, 465 struct wpa_bss_tmp_disallowed *bss) 466 { 467 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); 468 dl_list_del(&bss->list); 469 os_free(bss); 470 } 471 472 473 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s) 474 { 475 struct wpa_bss_tmp_disallowed *bss, *prev; 476 477 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed, 478 struct wpa_bss_tmp_disallowed, list) 479 remove_bss_tmp_disallowed_entry(wpa_s, bss); 480 } 481 482 483 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s) 484 { 485 struct fils_hlp_req *req; 486 487 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req, 488 list)) != NULL) { 489 dl_list_del(&req->list); 490 wpabuf_free(req->pkt); 491 os_free(req); 492 } 493 } 494 495 496 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx) 497 { 498 struct wpa_supplicant *wpa_s = eloop_ctx; 499 500 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) 501 return; 502 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface"); 503 wpa_bss_flush(wpa_s); 504 } 505 506 507 #ifdef CONFIG_TESTING_OPTIONS 508 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s) 509 { 510 struct driver_signal_override *dso; 511 512 while ((dso = dl_list_first(&wpa_s->drv_signal_override, 513 struct driver_signal_override, list))) { 514 dl_list_del(&dso->list); 515 os_free(dso); 516 } 517 } 518 #endif /* CONFIG_TESTING_OPTIONS */ 519 520 521 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) 522 { 523 int i; 524 525 bgscan_deinit(wpa_s); 526 autoscan_deinit(wpa_s); 527 scard_deinit(wpa_s->scard); 528 wpa_s->scard = NULL; 529 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); 530 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); 531 l2_packet_deinit(wpa_s->l2); 532 wpa_s->l2 = NULL; 533 if (wpa_s->l2_br) { 534 l2_packet_deinit(wpa_s->l2_br); 535 wpa_s->l2_br = NULL; 536 } 537 #ifdef CONFIG_TESTING_OPTIONS 538 l2_packet_deinit(wpa_s->l2_test); 539 wpa_s->l2_test = NULL; 540 os_free(wpa_s->get_pref_freq_list_override); 541 wpa_s->get_pref_freq_list_override = NULL; 542 wpabuf_free(wpa_s->last_assoc_req_wpa_ie); 543 wpa_s->last_assoc_req_wpa_ie = NULL; 544 os_free(wpa_s->extra_sae_rejected_groups); 545 wpa_s->extra_sae_rejected_groups = NULL; 546 wpabuf_free(wpa_s->rsne_override_eapol); 547 wpa_s->rsne_override_eapol = NULL; 548 wpabuf_free(wpa_s->rsnxe_override_assoc); 549 wpa_s->rsnxe_override_assoc = NULL; 550 wpabuf_free(wpa_s->rsnxe_override_eapol); 551 wpa_s->rsnxe_override_eapol = NULL; 552 wpas_clear_driver_signal_override(wpa_s); 553 #endif /* CONFIG_TESTING_OPTIONS */ 554 555 if (wpa_s->conf != NULL) { 556 struct wpa_ssid *ssid; 557 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 558 wpas_notify_network_removed(wpa_s, ssid); 559 } 560 561 os_free(wpa_s->confname); 562 wpa_s->confname = NULL; 563 564 os_free(wpa_s->confanother); 565 wpa_s->confanother = NULL; 566 567 os_free(wpa_s->last_con_fail_realm); 568 wpa_s->last_con_fail_realm = NULL; 569 wpa_s->last_con_fail_realm_len = 0; 570 571 wpa_sm_set_eapol(wpa_s->wpa, NULL); 572 eapol_sm_deinit(wpa_s->eapol); 573 wpa_s->eapol = NULL; 574 575 rsn_preauth_deinit(wpa_s->wpa); 576 577 #ifdef CONFIG_TDLS 578 wpa_tdls_deinit(wpa_s->wpa); 579 #endif /* CONFIG_TDLS */ 580 581 wmm_ac_clear_saved_tspecs(wpa_s); 582 pmksa_candidate_free(wpa_s->wpa); 583 ptksa_cache_deinit(wpa_s->ptksa); 584 wpa_s->ptksa = NULL; 585 wpa_sm_deinit(wpa_s->wpa); 586 wpa_s->wpa = NULL; 587 wpa_bssid_ignore_clear(wpa_s); 588 589 #ifdef CONFIG_PASN 590 wpas_pasn_auth_stop(wpa_s); 591 #endif /* CONFIG_PASN */ 592 593 wpa_bss_deinit(wpa_s); 594 595 wpa_supplicant_cancel_delayed_sched_scan(wpa_s); 596 wpa_supplicant_cancel_scan(wpa_s); 597 wpa_supplicant_cancel_auth_timeout(wpa_s); 598 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); 599 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 600 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, 601 wpa_s, NULL); 602 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 603 604 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); 605 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL); 606 607 wpas_wps_deinit(wpa_s); 608 609 wpabuf_free(wpa_s->pending_eapol_rx); 610 wpa_s->pending_eapol_rx = NULL; 611 612 #ifdef CONFIG_IBSS_RSN 613 ibss_rsn_deinit(wpa_s->ibss_rsn); 614 wpa_s->ibss_rsn = NULL; 615 #endif /* CONFIG_IBSS_RSN */ 616 617 sme_deinit(wpa_s); 618 619 #ifdef CONFIG_AP 620 wpa_supplicant_ap_deinit(wpa_s); 621 #endif /* CONFIG_AP */ 622 623 wpas_p2p_deinit(wpa_s); 624 625 #ifdef CONFIG_OFFCHANNEL 626 offchannel_deinit(wpa_s); 627 #endif /* CONFIG_OFFCHANNEL */ 628 629 wpa_supplicant_cancel_sched_scan(wpa_s); 630 631 os_free(wpa_s->next_scan_freqs); 632 wpa_s->next_scan_freqs = NULL; 633 634 os_free(wpa_s->manual_scan_freqs); 635 wpa_s->manual_scan_freqs = NULL; 636 os_free(wpa_s->select_network_scan_freqs); 637 wpa_s->select_network_scan_freqs = NULL; 638 639 os_free(wpa_s->manual_sched_scan_freqs); 640 wpa_s->manual_sched_scan_freqs = NULL; 641 642 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL); 643 644 /* 645 * Need to remove any pending gas-query radio work before the 646 * gas_query_deinit() call because gas_query::work has not yet been set 647 * for works that have not been started. gas_query_free() will be unable 648 * to cancel such pending radio works and once the pending gas-query 649 * radio work eventually gets removed, the deinit notification call to 650 * gas_query_start_cb() would result in dereferencing freed memory. 651 */ 652 if (wpa_s->radio) 653 radio_remove_works(wpa_s, "gas-query", 0); 654 gas_query_deinit(wpa_s->gas); 655 wpa_s->gas = NULL; 656 gas_server_deinit(wpa_s->gas_server); 657 wpa_s->gas_server = NULL; 658 659 free_hw_features(wpa_s); 660 661 ieee802_1x_dealloc_kay_sm(wpa_s); 662 663 os_free(wpa_s->bssid_filter); 664 wpa_s->bssid_filter = NULL; 665 666 os_free(wpa_s->disallow_aps_bssid); 667 wpa_s->disallow_aps_bssid = NULL; 668 os_free(wpa_s->disallow_aps_ssid); 669 wpa_s->disallow_aps_ssid = NULL; 670 671 wnm_bss_keep_alive_deinit(wpa_s); 672 #ifdef CONFIG_WNM 673 wnm_deallocate_memory(wpa_s); 674 #endif /* CONFIG_WNM */ 675 676 ext_password_deinit(wpa_s->ext_pw); 677 wpa_s->ext_pw = NULL; 678 679 wpabuf_free(wpa_s->last_gas_resp); 680 wpa_s->last_gas_resp = NULL; 681 wpabuf_free(wpa_s->prev_gas_resp); 682 wpa_s->prev_gas_resp = NULL; 683 684 os_free(wpa_s->last_scan_res); 685 wpa_s->last_scan_res = NULL; 686 687 #ifdef CONFIG_HS20 688 if (wpa_s->drv_priv) 689 wpa_drv_configure_frame_filters(wpa_s, 0); 690 hs20_deinit(wpa_s); 691 #endif /* CONFIG_HS20 */ 692 693 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { 694 wpabuf_free(wpa_s->vendor_elem[i]); 695 wpa_s->vendor_elem[i] = NULL; 696 } 697 698 wmm_ac_notify_disassoc(wpa_s); 699 700 wpa_s->sched_scan_plans_num = 0; 701 os_free(wpa_s->sched_scan_plans); 702 wpa_s->sched_scan_plans = NULL; 703 704 #ifdef CONFIG_MBO 705 wpa_s->non_pref_chan_num = 0; 706 os_free(wpa_s->non_pref_chan); 707 wpa_s->non_pref_chan = NULL; 708 #endif /* CONFIG_MBO */ 709 710 free_bss_tmp_disallowed(wpa_s); 711 712 wpabuf_free(wpa_s->lci); 713 wpa_s->lci = NULL; 714 wpas_clear_beacon_rep_data(wpa_s); 715 716 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 717 #ifdef CONFIG_MESH 718 { 719 struct external_pmksa_cache *entry; 720 721 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache, 722 struct external_pmksa_cache, 723 list)) != NULL) { 724 dl_list_del(&entry->list); 725 os_free(entry->pmksa_cache); 726 os_free(entry); 727 } 728 } 729 #endif /* CONFIG_MESH */ 730 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 731 732 wpas_flush_fils_hlp_req(wpa_s); 733 734 wpabuf_free(wpa_s->ric_ies); 735 wpa_s->ric_ies = NULL; 736 737 #ifdef CONFIG_DPP 738 wpas_dpp_deinit(wpa_s); 739 dpp_global_deinit(wpa_s->dpp); 740 wpa_s->dpp = NULL; 741 #endif /* CONFIG_DPP */ 742 743 #ifdef CONFIG_PASN 744 wpas_pasn_auth_stop(wpa_s); 745 #endif /* CONFIG_PASN */ 746 } 747 748 749 /** 750 * wpa_clear_keys - Clear keys configured for the driver 751 * @wpa_s: Pointer to wpa_supplicant data 752 * @addr: Previously used BSSID or %NULL if not available 753 * 754 * This function clears the encryption keys that has been previously configured 755 * for the driver. 756 */ 757 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) 758 { 759 int i, max = 6; 760 761 /* MLME-DELETEKEYS.request */ 762 for (i = 0; i < max; i++) { 763 if (wpa_s->keys_cleared & BIT(i)) 764 continue; 765 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, i, 0, NULL, 0, 766 NULL, 0, KEY_FLAG_GROUP); 767 } 768 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */ 769 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr && 770 !is_zero_ether_addr(addr)) { 771 if (!(wpa_s->keys_cleared & BIT(0))) 772 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 773 0, NULL, 0, KEY_FLAG_PAIRWISE); 774 if (!(wpa_s->keys_cleared & BIT(15))) 775 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 1, 0, NULL, 776 0, NULL, 0, KEY_FLAG_PAIRWISE); 777 /* MLME-SETPROTECTION.request(None) */ 778 wpa_drv_mlme_setprotection( 779 wpa_s, addr, 780 MLME_SETPROTECTION_PROTECT_TYPE_NONE, 781 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); 782 } 783 wpa_s->keys_cleared = (u32) -1; 784 } 785 786 787 /** 788 * wpa_supplicant_state_txt - Get the connection state name as a text string 789 * @state: State (wpa_state; WPA_*) 790 * Returns: The state name as a printable text string 791 */ 792 const char * wpa_supplicant_state_txt(enum wpa_states state) 793 { 794 switch (state) { 795 case WPA_DISCONNECTED: 796 return "DISCONNECTED"; 797 case WPA_INACTIVE: 798 return "INACTIVE"; 799 case WPA_INTERFACE_DISABLED: 800 return "INTERFACE_DISABLED"; 801 case WPA_SCANNING: 802 return "SCANNING"; 803 case WPA_AUTHENTICATING: 804 return "AUTHENTICATING"; 805 case WPA_ASSOCIATING: 806 return "ASSOCIATING"; 807 case WPA_ASSOCIATED: 808 return "ASSOCIATED"; 809 case WPA_4WAY_HANDSHAKE: 810 return "4WAY_HANDSHAKE"; 811 case WPA_GROUP_HANDSHAKE: 812 return "GROUP_HANDSHAKE"; 813 case WPA_COMPLETED: 814 return "COMPLETED"; 815 default: 816 return "UNKNOWN"; 817 } 818 } 819 820 821 #ifdef CONFIG_BGSCAN 822 823 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) 824 { 825 if (wpa_s->bgscan_ssid) { 826 bgscan_deinit(wpa_s); 827 wpa_s->bgscan_ssid = NULL; 828 } 829 } 830 831 832 /** 833 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID. 834 * @wpa_s: Pointer to the wpa_supplicant data 835 * 836 * Stop, start, or reconfigure the scan parameters depending on the method. 837 */ 838 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s) 839 { 840 const char *name; 841 842 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) 843 name = wpa_s->current_ssid->bgscan; 844 else 845 name = wpa_s->conf->bgscan; 846 if (!name || name[0] == '\0') { 847 wpa_supplicant_stop_bgscan(wpa_s); 848 return; 849 } 850 if (wpas_driver_bss_selection(wpa_s)) 851 return; 852 #ifdef CONFIG_P2P 853 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE) 854 return; 855 #endif /* CONFIG_P2P */ 856 857 bgscan_deinit(wpa_s); 858 if (wpa_s->current_ssid) { 859 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) { 860 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 861 "bgscan"); 862 /* 863 * Live without bgscan; it is only used as a roaming 864 * optimization, so the initial connection is not 865 * affected. 866 */ 867 } else { 868 struct wpa_scan_results *scan_res; 869 wpa_s->bgscan_ssid = wpa_s->current_ssid; 870 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 871 0); 872 if (scan_res) { 873 bgscan_notify_scan(wpa_s, scan_res); 874 wpa_scan_results_free(scan_res); 875 } 876 } 877 } else 878 wpa_s->bgscan_ssid = NULL; 879 } 880 881 #endif /* CONFIG_BGSCAN */ 882 883 884 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s) 885 { 886 if (autoscan_init(wpa_s, 0)) 887 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan"); 888 } 889 890 891 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s) 892 { 893 autoscan_deinit(wpa_s); 894 } 895 896 897 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s) 898 { 899 if (wpa_s->wpa_state == WPA_DISCONNECTED || 900 wpa_s->wpa_state == WPA_SCANNING) { 901 autoscan_deinit(wpa_s); 902 wpa_supplicant_start_autoscan(wpa_s); 903 } 904 } 905 906 907 /** 908 * wpa_supplicant_set_state - Set current connection state 909 * @wpa_s: Pointer to wpa_supplicant data 910 * @state: The new connection state 911 * 912 * This function is called whenever the connection state changes, e.g., 913 * association is completed for WPA/WPA2 4-Way Handshake is started. 914 */ 915 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, 916 enum wpa_states state) 917 { 918 enum wpa_states old_state = wpa_s->wpa_state; 919 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 920 bool update_fils_connect_params = false; 921 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 922 923 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", 924 wpa_supplicant_state_txt(wpa_s->wpa_state), 925 wpa_supplicant_state_txt(state)); 926 927 if (state == WPA_COMPLETED && 928 os_reltime_initialized(&wpa_s->roam_start)) { 929 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time); 930 wpa_s->roam_start.sec = 0; 931 wpa_s->roam_start.usec = 0; 932 wpas_notify_auth_changed(wpa_s); 933 wpas_notify_roam_time(wpa_s); 934 wpas_notify_roam_complete(wpa_s); 935 } else if (state == WPA_DISCONNECTED && 936 os_reltime_initialized(&wpa_s->roam_start)) { 937 wpa_s->roam_start.sec = 0; 938 wpa_s->roam_start.usec = 0; 939 wpa_s->roam_time.sec = 0; 940 wpa_s->roam_time.usec = 0; 941 wpas_notify_roam_complete(wpa_s); 942 } 943 944 if (state == WPA_INTERFACE_DISABLED) { 945 /* Assure normal scan when interface is restored */ 946 wpa_s->normal_scans = 0; 947 } 948 949 if (state == WPA_COMPLETED) { 950 wpas_connect_work_done(wpa_s); 951 /* Reinitialize normal_scan counter */ 952 wpa_s->normal_scans = 0; 953 } 954 955 #ifdef CONFIG_P2P 956 /* 957 * P2PS client has to reply to Probe Request frames received on the 958 * group operating channel. Enable Probe Request frame reporting for 959 * P2P connected client in case p2p_cli_probe configuration property is 960 * set to 1. 961 */ 962 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid && 963 wpa_s->current_ssid->mode == WPAS_MODE_INFRA && 964 wpa_s->current_ssid->p2p_group) { 965 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) { 966 wpa_dbg(wpa_s, MSG_DEBUG, 967 "P2P: Enable CLI Probe Request RX reporting"); 968 wpa_s->p2p_cli_probe = 969 wpa_drv_probe_req_report(wpa_s, 1) >= 0; 970 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) { 971 wpa_dbg(wpa_s, MSG_DEBUG, 972 "P2P: Disable CLI Probe Request RX reporting"); 973 wpa_s->p2p_cli_probe = 0; 974 wpa_drv_probe_req_report(wpa_s, 0); 975 } 976 } 977 #endif /* CONFIG_P2P */ 978 979 if (state != WPA_SCANNING) 980 wpa_supplicant_notify_scanning(wpa_s, 0); 981 982 if (state == WPA_COMPLETED && wpa_s->new_connection) { 983 struct wpa_ssid *ssid = wpa_s->current_ssid; 984 int fils_hlp_sent = 0; 985 986 #ifdef CONFIG_SME 987 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 988 wpa_auth_alg_fils(wpa_s->sme.auth_alg)) 989 fils_hlp_sent = 1; 990 #endif /* CONFIG_SME */ 991 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 992 wpa_auth_alg_fils(wpa_s->auth_alg)) 993 fils_hlp_sent = 1; 994 995 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) 996 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " 997 MACSTR " completed [id=%d id_str=%s%s]", 998 MAC2STR(wpa_s->bssid), 999 ssid ? ssid->id : -1, 1000 ssid && ssid->id_str ? ssid->id_str : "", 1001 fils_hlp_sent ? " FILS_HLP_SENT" : ""); 1002 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ 1003 wpas_clear_temp_disabled(wpa_s, ssid, 1); 1004 wpa_s->consecutive_conn_failures = 0; 1005 wpa_s->new_connection = 0; 1006 wpa_drv_set_operstate(wpa_s, 1); 1007 #ifndef IEEE8021X_EAPOL 1008 wpa_drv_set_supp_port(wpa_s, 1); 1009 #endif /* IEEE8021X_EAPOL */ 1010 wpa_s->after_wps = 0; 1011 wpa_s->known_wps_freq = 0; 1012 wpas_p2p_completed(wpa_s); 1013 1014 sme_sched_obss_scan(wpa_s, 1); 1015 1016 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 1017 if (!fils_hlp_sent && ssid && ssid->eap.erp) 1018 update_fils_connect_params = true; 1019 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 1020 #ifdef CONFIG_OWE 1021 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE)) 1022 wpas_update_owe_connect_params(wpa_s); 1023 #endif /* CONFIG_OWE */ 1024 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || 1025 state == WPA_ASSOCIATED) { 1026 wpa_s->new_connection = 1; 1027 wpa_drv_set_operstate(wpa_s, 0); 1028 #ifndef IEEE8021X_EAPOL 1029 wpa_drv_set_supp_port(wpa_s, 0); 1030 #endif /* IEEE8021X_EAPOL */ 1031 sme_sched_obss_scan(wpa_s, 0); 1032 } 1033 wpa_s->wpa_state = state; 1034 1035 #ifdef CONFIG_BGSCAN 1036 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid) 1037 wpa_supplicant_reset_bgscan(wpa_s); 1038 else if (state < WPA_ASSOCIATED) 1039 wpa_supplicant_stop_bgscan(wpa_s); 1040 #endif /* CONFIG_BGSCAN */ 1041 1042 if (state > WPA_SCANNING) 1043 wpa_supplicant_stop_autoscan(wpa_s); 1044 1045 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE) 1046 wpa_supplicant_start_autoscan(wpa_s); 1047 1048 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED) 1049 wmm_ac_notify_disassoc(wpa_s); 1050 1051 if (wpa_s->wpa_state != old_state) { 1052 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 1053 1054 /* 1055 * Notify the P2P Device interface about a state change in one 1056 * of the interfaces. 1057 */ 1058 wpas_p2p_indicate_state_change(wpa_s); 1059 1060 if (wpa_s->wpa_state == WPA_COMPLETED || 1061 old_state == WPA_COMPLETED) 1062 wpas_notify_auth_changed(wpa_s); 1063 #ifdef CONFIG_DPP2 1064 if (wpa_s->wpa_state == WPA_COMPLETED) 1065 wpas_dpp_connected(wpa_s); 1066 #endif /* CONFIG_DPP2 */ 1067 } 1068 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 1069 if (update_fils_connect_params) 1070 wpas_update_fils_connect_params(wpa_s); 1071 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 1072 } 1073 1074 1075 void wpa_supplicant_terminate_proc(struct wpa_global *global) 1076 { 1077 int pending = 0; 1078 #ifdef CONFIG_WPS 1079 struct wpa_supplicant *wpa_s = global->ifaces; 1080 while (wpa_s) { 1081 struct wpa_supplicant *next = wpa_s->next; 1082 if (wpas_wps_terminate_pending(wpa_s) == 1) 1083 pending = 1; 1084 #ifdef CONFIG_P2P 1085 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE || 1086 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group)) 1087 wpas_p2p_disconnect(wpa_s); 1088 #endif /* CONFIG_P2P */ 1089 wpa_s = next; 1090 } 1091 #endif /* CONFIG_WPS */ 1092 if (pending) 1093 return; 1094 eloop_terminate(); 1095 } 1096 1097 1098 static void wpa_supplicant_terminate(int sig, void *signal_ctx) 1099 { 1100 struct wpa_global *global = signal_ctx; 1101 wpa_supplicant_terminate_proc(global); 1102 } 1103 1104 1105 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) 1106 { 1107 enum wpa_states old_state = wpa_s->wpa_state; 1108 enum wpa_states new_state; 1109 1110 if (old_state == WPA_SCANNING) 1111 new_state = WPA_SCANNING; 1112 else 1113 new_state = WPA_DISCONNECTED; 1114 1115 wpa_s->pairwise_cipher = 0; 1116 wpa_s->group_cipher = 0; 1117 wpa_s->mgmt_group_cipher = 0; 1118 wpa_s->key_mgmt = 0; 1119 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) 1120 wpa_supplicant_set_state(wpa_s, new_state); 1121 1122 if (wpa_s->wpa_state != old_state) 1123 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 1124 } 1125 1126 1127 /** 1128 * wpa_supplicant_reload_configuration - Reload configuration data 1129 * @wpa_s: Pointer to wpa_supplicant data 1130 * Returns: 0 on success or -1 if configuration parsing failed 1131 * 1132 * This function can be used to request that the configuration data is reloaded 1133 * (e.g., after configuration file change). This function is reloading 1134 * configuration only for one interface, so this may need to be called multiple 1135 * times if %wpa_supplicant is controlling multiple interfaces and all 1136 * interfaces need reconfiguration. 1137 */ 1138 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) 1139 { 1140 struct wpa_config *conf; 1141 int reconf_ctrl; 1142 int old_ap_scan; 1143 1144 if (wpa_s->confname == NULL) 1145 return -1; 1146 conf = wpa_config_read(wpa_s->confname, NULL); 1147 if (conf == NULL) { 1148 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " 1149 "file '%s' - exiting", wpa_s->confname); 1150 return -1; 1151 } 1152 if (wpa_s->confanother && 1153 !wpa_config_read(wpa_s->confanother, conf)) { 1154 wpa_msg(wpa_s, MSG_ERROR, 1155 "Failed to parse the configuration file '%s' - exiting", 1156 wpa_s->confanother); 1157 return -1; 1158 } 1159 1160 conf->changed_parameters = (unsigned int) -1; 1161 1162 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface 1163 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && 1164 os_strcmp(conf->ctrl_interface, 1165 wpa_s->conf->ctrl_interface) != 0); 1166 1167 if (reconf_ctrl) { 1168 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface); 1169 wpa_s->ctrl_iface = NULL; 1170 } 1171 1172 eapol_sm_invalidate_cached_session(wpa_s->eapol); 1173 if (wpa_s->current_ssid) { 1174 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 1175 wpa_s->own_disconnect_req = 1; 1176 wpa_supplicant_deauthenticate(wpa_s, 1177 WLAN_REASON_DEAUTH_LEAVING); 1178 } 1179 1180 /* 1181 * TODO: should notify EAPOL SM about changes in opensc_engine_path, 1182 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers. 1183 */ 1184 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 1185 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE || 1186 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { 1187 /* 1188 * Clear forced success to clear EAP state for next 1189 * authentication. 1190 */ 1191 eapol_sm_notify_eap_success(wpa_s->eapol, false); 1192 } 1193 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 1194 wpa_sm_set_config(wpa_s->wpa, NULL); 1195 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); 1196 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 1197 rsn_preauth_deinit(wpa_s->wpa); 1198 1199 old_ap_scan = wpa_s->conf->ap_scan; 1200 wpa_config_free(wpa_s->conf); 1201 wpa_s->conf = conf; 1202 if (old_ap_scan != wpa_s->conf->ap_scan) 1203 wpas_notify_ap_scan_changed(wpa_s); 1204 1205 if (reconf_ctrl) 1206 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 1207 1208 wpa_supplicant_update_config(wpa_s); 1209 1210 wpa_supplicant_clear_status(wpa_s); 1211 if (wpa_supplicant_enabled_networks(wpa_s)) { 1212 wpa_s->reassociate = 1; 1213 wpa_supplicant_req_scan(wpa_s, 0, 0); 1214 } 1215 wpa_bssid_ignore_clear(wpa_s); 1216 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); 1217 return 0; 1218 } 1219 1220 1221 static void wpa_supplicant_reconfig(int sig, void *signal_ctx) 1222 { 1223 struct wpa_global *global = signal_ctx; 1224 struct wpa_supplicant *wpa_s; 1225 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 1226 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", 1227 sig); 1228 if (wpa_supplicant_reload_configuration(wpa_s) < 0) { 1229 wpa_supplicant_terminate_proc(global); 1230 } 1231 } 1232 1233 if (wpa_debug_reopen_file() < 0) { 1234 /* Ignore errors since we cannot really do much to fix this */ 1235 wpa_printf(MSG_DEBUG, "Could not reopen debug log file"); 1236 } 1237 } 1238 1239 1240 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, 1241 struct wpa_ssid *ssid, 1242 struct wpa_ie_data *ie) 1243 { 1244 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); 1245 if (ret) { 1246 if (ret == -2) { 1247 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " 1248 "from association info"); 1249 } 1250 return -1; 1251 } 1252 1253 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " 1254 "cipher suites"); 1255 if (!(ie->group_cipher & ssid->group_cipher)) { 1256 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " 1257 "cipher 0x%x (mask 0x%x) - reject", 1258 ie->group_cipher, ssid->group_cipher); 1259 return -1; 1260 } 1261 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { 1262 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " 1263 "cipher 0x%x (mask 0x%x) - reject", 1264 ie->pairwise_cipher, ssid->pairwise_cipher); 1265 return -1; 1266 } 1267 if (!(ie->key_mgmt & ssid->key_mgmt)) { 1268 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " 1269 "management 0x%x (mask 0x%x) - reject", 1270 ie->key_mgmt, ssid->key_mgmt); 1271 return -1; 1272 } 1273 1274 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && 1275 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { 1276 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " 1277 "that does not support management frame protection - " 1278 "reject"); 1279 return -1; 1280 } 1281 1282 return 0; 1283 } 1284 1285 1286 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie, 1287 int freq) 1288 { 1289 if (!ie->has_group) 1290 ie->group_cipher = wpa_default_rsn_cipher(freq); 1291 if (!ie->has_pairwise) 1292 ie->pairwise_cipher = wpa_default_rsn_cipher(freq); 1293 return (ie->group_cipher & ssid->group_cipher) && 1294 (ie->pairwise_cipher & ssid->pairwise_cipher); 1295 } 1296 1297 1298 /** 1299 * wpa_supplicant_set_suites - Set authentication and encryption parameters 1300 * @wpa_s: Pointer to wpa_supplicant data 1301 * @bss: Scan results for the selected BSS, or %NULL if not available 1302 * @ssid: Configuration data for the selected network 1303 * @wpa_ie: Buffer for the WPA/RSN IE 1304 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the 1305 * used buffer length in case the functions returns success. 1306 * Returns: 0 on success or -1 on failure 1307 * 1308 * This function is used to configure authentication and encryption parameters 1309 * based on the network configuration and scan result for the selected BSS (if 1310 * available). 1311 */ 1312 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, 1313 struct wpa_bss *bss, struct wpa_ssid *ssid, 1314 u8 *wpa_ie, size_t *wpa_ie_len) 1315 { 1316 struct wpa_ie_data ie; 1317 int sel, proto, sae_pwe; 1318 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen; 1319 1320 if (bss) { 1321 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 1322 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 1323 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX); 1324 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE); 1325 } else { 1326 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL; 1327 } 1328 1329 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && 1330 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && 1331 matching_ciphers(ssid, &ie, bss->freq) && 1332 (ie.key_mgmt & ssid->key_mgmt)) { 1333 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); 1334 proto = WPA_PROTO_RSN; 1335 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && 1336 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 && 1337 (ie.group_cipher & ssid->group_cipher) && 1338 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1339 (ie.key_mgmt & ssid->key_mgmt)) { 1340 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); 1341 proto = WPA_PROTO_WPA; 1342 #ifdef CONFIG_HS20 1343 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) && 1344 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 && 1345 (ie.group_cipher & ssid->group_cipher) && 1346 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1347 (ie.key_mgmt & ssid->key_mgmt)) { 1348 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN"); 1349 proto = WPA_PROTO_OSEN; 1350 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) && 1351 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && 1352 (ie.group_cipher & ssid->group_cipher) && 1353 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1354 (ie.key_mgmt & ssid->key_mgmt)) { 1355 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)"); 1356 proto = WPA_PROTO_RSN; 1357 #endif /* CONFIG_HS20 */ 1358 } else if (bss) { 1359 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); 1360 wpa_dbg(wpa_s, MSG_DEBUG, 1361 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1362 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher, 1363 ssid->key_mgmt); 1364 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s", 1365 MAC2STR(bss->bssid), 1366 wpa_ssid_txt(bss->ssid, bss->ssid_len), 1367 bss_wpa ? " WPA" : "", 1368 bss_rsn ? " RSN" : "", 1369 bss_osen ? " OSEN" : ""); 1370 if (bss_rsn) { 1371 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]); 1372 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) { 1373 wpa_dbg(wpa_s, MSG_DEBUG, 1374 "Could not parse RSN element"); 1375 } else { 1376 wpa_dbg(wpa_s, MSG_DEBUG, 1377 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1378 ie.pairwise_cipher, ie.group_cipher, 1379 ie.key_mgmt); 1380 } 1381 } 1382 if (bss_wpa) { 1383 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]); 1384 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) { 1385 wpa_dbg(wpa_s, MSG_DEBUG, 1386 "Could not parse WPA element"); 1387 } else { 1388 wpa_dbg(wpa_s, MSG_DEBUG, 1389 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1390 ie.pairwise_cipher, ie.group_cipher, 1391 ie.key_mgmt); 1392 } 1393 } 1394 return -1; 1395 } else { 1396 if (ssid->proto & WPA_PROTO_OSEN) 1397 proto = WPA_PROTO_OSEN; 1398 else if (ssid->proto & WPA_PROTO_RSN) 1399 proto = WPA_PROTO_RSN; 1400 else 1401 proto = WPA_PROTO_WPA; 1402 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { 1403 os_memset(&ie, 0, sizeof(ie)); 1404 ie.group_cipher = ssid->group_cipher; 1405 ie.pairwise_cipher = ssid->pairwise_cipher; 1406 ie.key_mgmt = ssid->key_mgmt; 1407 ie.mgmt_group_cipher = 0; 1408 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) { 1409 if (ssid->group_mgmt_cipher & 1410 WPA_CIPHER_BIP_GMAC_256) 1411 ie.mgmt_group_cipher = 1412 WPA_CIPHER_BIP_GMAC_256; 1413 else if (ssid->group_mgmt_cipher & 1414 WPA_CIPHER_BIP_CMAC_256) 1415 ie.mgmt_group_cipher = 1416 WPA_CIPHER_BIP_CMAC_256; 1417 else if (ssid->group_mgmt_cipher & 1418 WPA_CIPHER_BIP_GMAC_128) 1419 ie.mgmt_group_cipher = 1420 WPA_CIPHER_BIP_GMAC_128; 1421 else 1422 ie.mgmt_group_cipher = 1423 WPA_CIPHER_AES_128_CMAC; 1424 } 1425 #ifdef CONFIG_OWE 1426 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && 1427 !ssid->owe_only && 1428 !bss_wpa && !bss_rsn && !bss_osen) { 1429 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 1430 wpa_s->wpa_proto = 0; 1431 *wpa_ie_len = 0; 1432 return 0; 1433 } 1434 #endif /* CONFIG_OWE */ 1435 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " 1436 "based on configuration"); 1437 } else 1438 proto = ie.proto; 1439 } 1440 1441 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " 1442 "pairwise %d key_mgmt %d proto %d", 1443 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); 1444 if (ssid->ieee80211w) { 1445 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", 1446 ie.mgmt_group_cipher); 1447 } 1448 1449 wpa_s->wpa_proto = proto; 1450 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); 1451 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 1452 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN))); 1453 1454 if (bss || !wpa_s->ap_ies_from_associnfo) { 1455 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, 1456 bss_wpa ? 2 + bss_wpa[1] : 0) || 1457 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, 1458 bss_rsn ? 2 + bss_rsn[1] : 0) || 1459 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx, 1460 bss_rsnx ? 2 + bss_rsnx[1] : 0)) 1461 return -1; 1462 } 1463 1464 #ifdef CONFIG_NO_WPA 1465 wpa_s->group_cipher = WPA_CIPHER_NONE; 1466 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 1467 #else /* CONFIG_NO_WPA */ 1468 sel = ie.group_cipher & ssid->group_cipher; 1469 wpa_dbg(wpa_s, MSG_DEBUG, 1470 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x", 1471 ie.group_cipher, ssid->group_cipher, sel); 1472 wpa_s->group_cipher = wpa_pick_group_cipher(sel); 1473 if (wpa_s->group_cipher < 0) { 1474 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " 1475 "cipher"); 1476 return -1; 1477 } 1478 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s", 1479 wpa_cipher_txt(wpa_s->group_cipher)); 1480 1481 sel = ie.pairwise_cipher & ssid->pairwise_cipher; 1482 wpa_dbg(wpa_s, MSG_DEBUG, 1483 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x", 1484 ie.pairwise_cipher, ssid->pairwise_cipher, sel); 1485 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1); 1486 if (wpa_s->pairwise_cipher < 0) { 1487 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " 1488 "cipher"); 1489 return -1; 1490 } 1491 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s", 1492 wpa_cipher_txt(wpa_s->pairwise_cipher)); 1493 #endif /* CONFIG_NO_WPA */ 1494 1495 sel = ie.key_mgmt & ssid->key_mgmt; 1496 #ifdef CONFIG_SAE 1497 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) 1498 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE); 1499 #endif /* CONFIG_SAE */ 1500 #ifdef CONFIG_IEEE80211R 1501 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME | 1502 WPA_DRIVER_FLAGS_UPDATE_FT_IES))) 1503 sel &= ~WPA_KEY_MGMT_FT; 1504 #endif /* CONFIG_IEEE80211R */ 1505 wpa_dbg(wpa_s, MSG_DEBUG, 1506 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x", 1507 ie.key_mgmt, ssid->key_mgmt, sel); 1508 if (0) { 1509 #ifdef CONFIG_IEEE80211R 1510 #ifdef CONFIG_SHA384 1511 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) && 1512 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) { 1513 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; 1514 wpa_dbg(wpa_s, MSG_DEBUG, 1515 "WPA: using KEY_MGMT FT/802.1X-SHA384"); 1516 if (!ssid->ft_eap_pmksa_caching && 1517 pmksa_cache_get_current(wpa_s->wpa)) { 1518 /* PMKSA caching with FT may have interoperability 1519 * issues, so disable that case by default for now. */ 1520 wpa_dbg(wpa_s, MSG_DEBUG, 1521 "WPA: Disable PMKSA caching for FT/802.1X connection"); 1522 pmksa_cache_clear_current(wpa_s->wpa); 1523 } 1524 #endif /* CONFIG_SHA384 */ 1525 #endif /* CONFIG_IEEE80211R */ 1526 #ifdef CONFIG_SUITEB192 1527 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { 1528 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; 1529 wpa_dbg(wpa_s, MSG_DEBUG, 1530 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)"); 1531 #endif /* CONFIG_SUITEB192 */ 1532 #ifdef CONFIG_SUITEB 1533 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { 1534 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B; 1535 wpa_dbg(wpa_s, MSG_DEBUG, 1536 "WPA: using KEY_MGMT 802.1X with Suite B"); 1537 #endif /* CONFIG_SUITEB */ 1538 #ifdef CONFIG_FILS 1539 #ifdef CONFIG_IEEE80211R 1540 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) { 1541 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384; 1542 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384"); 1543 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) { 1544 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256; 1545 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256"); 1546 #endif /* CONFIG_IEEE80211R */ 1547 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) { 1548 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384; 1549 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384"); 1550 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) { 1551 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256; 1552 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256"); 1553 #endif /* CONFIG_FILS */ 1554 #ifdef CONFIG_IEEE80211R 1555 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) && 1556 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) { 1557 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; 1558 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); 1559 if (!ssid->ft_eap_pmksa_caching && 1560 pmksa_cache_get_current(wpa_s->wpa)) { 1561 /* PMKSA caching with FT may have interoperability 1562 * issues, so disable that case by default for now. */ 1563 wpa_dbg(wpa_s, MSG_DEBUG, 1564 "WPA: Disable PMKSA caching for FT/802.1X connection"); 1565 pmksa_cache_clear_current(wpa_s->wpa); 1566 } 1567 #endif /* CONFIG_IEEE80211R */ 1568 #ifdef CONFIG_DPP 1569 } else if (sel & WPA_KEY_MGMT_DPP) { 1570 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP; 1571 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP"); 1572 #endif /* CONFIG_DPP */ 1573 #ifdef CONFIG_SAE 1574 } else if (sel & WPA_KEY_MGMT_FT_SAE) { 1575 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE; 1576 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE"); 1577 } else if (sel & WPA_KEY_MGMT_SAE) { 1578 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; 1579 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE"); 1580 #endif /* CONFIG_SAE */ 1581 #ifdef CONFIG_IEEE80211R 1582 } else if (sel & WPA_KEY_MGMT_FT_PSK) { 1583 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; 1584 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); 1585 #endif /* CONFIG_IEEE80211R */ 1586 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { 1587 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; 1588 wpa_dbg(wpa_s, MSG_DEBUG, 1589 "WPA: using KEY_MGMT 802.1X with SHA256"); 1590 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { 1591 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; 1592 wpa_dbg(wpa_s, MSG_DEBUG, 1593 "WPA: using KEY_MGMT PSK with SHA256"); 1594 } else if (sel & WPA_KEY_MGMT_IEEE8021X) { 1595 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; 1596 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); 1597 } else if (sel & WPA_KEY_MGMT_PSK) { 1598 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 1599 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); 1600 } else if (sel & WPA_KEY_MGMT_WPA_NONE) { 1601 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; 1602 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); 1603 #ifdef CONFIG_HS20 1604 } else if (sel & WPA_KEY_MGMT_OSEN) { 1605 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN; 1606 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN"); 1607 #endif /* CONFIG_HS20 */ 1608 #ifdef CONFIG_OWE 1609 } else if (sel & WPA_KEY_MGMT_OWE) { 1610 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE; 1611 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE"); 1612 #endif /* CONFIG_OWE */ 1613 } else { 1614 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " 1615 "authenticated key management type"); 1616 return -1; 1617 } 1618 1619 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 1620 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 1621 wpa_s->pairwise_cipher); 1622 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 1623 1624 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && 1625 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { 1626 wpa_msg(wpa_s, MSG_INFO, 1627 "RSN: Management frame protection required but the selected AP does not enable it"); 1628 return -1; 1629 } 1630 1631 sel = ie.mgmt_group_cipher; 1632 if (ssid->group_mgmt_cipher) 1633 sel &= ssid->group_mgmt_cipher; 1634 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION || 1635 !(ie.capabilities & WPA_CAPABILITY_MFPC)) 1636 sel = 0; 1637 wpa_dbg(wpa_s, MSG_DEBUG, 1638 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x", 1639 ie.mgmt_group_cipher, ssid->group_mgmt_cipher, sel); 1640 if (sel & WPA_CIPHER_AES_128_CMAC) { 1641 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; 1642 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1643 "AES-128-CMAC"); 1644 } else if (sel & WPA_CIPHER_BIP_GMAC_128) { 1645 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128; 1646 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1647 "BIP-GMAC-128"); 1648 } else if (sel & WPA_CIPHER_BIP_GMAC_256) { 1649 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256; 1650 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1651 "BIP-GMAC-256"); 1652 } else if (sel & WPA_CIPHER_BIP_CMAC_256) { 1653 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256; 1654 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " 1655 "BIP-CMAC-256"); 1656 } else { 1657 wpa_s->mgmt_group_cipher = 0; 1658 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); 1659 } 1660 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 1661 wpa_s->mgmt_group_cipher); 1662 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, 1663 wpas_get_ssid_pmf(wpa_s, ssid)); 1664 #ifdef CONFIG_OCV 1665 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) || 1666 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV)) 1667 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv); 1668 #endif /* CONFIG_OCV */ 1669 sae_pwe = wpa_s->conf->sae_pwe; 1670 if (ssid->sae_password_id && sae_pwe != 3) 1671 sae_pwe = 1; 1672 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe); 1673 #ifdef CONFIG_SAE_PK 1674 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK, 1675 wpa_key_mgmt_sae(ssid->key_mgmt) && 1676 ssid->sae_pk != SAE_PK_MODE_DISABLED && 1677 ((ssid->sae_password && 1678 sae_pk_valid_password(ssid->sae_password)) || 1679 (!ssid->sae_password && ssid->passphrase && 1680 sae_pk_valid_password(ssid->passphrase)))); 1681 #endif /* CONFIG_SAE_PK */ 1682 #ifdef CONFIG_TESTING_OPTIONS 1683 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED, 1684 wpa_s->ft_rsnxe_used); 1685 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL, 1686 wpa_s->oci_freq_override_eapol); 1687 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2, 1688 wpa_s->oci_freq_override_eapol_g2); 1689 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC, 1690 wpa_s->oci_freq_override_ft_assoc); 1691 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC, 1692 wpa_s->oci_freq_override_fils_assoc); 1693 #endif /* CONFIG_TESTING_OPTIONS */ 1694 1695 /* Extended Key ID is only supported in infrastructure BSS so far */ 1696 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id && 1697 (ssid->proto & WPA_PROTO_RSN) && 1698 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 | 1699 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) && 1700 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) { 1701 int use_ext_key_id = 0; 1702 1703 wpa_msg(wpa_s, MSG_DEBUG, 1704 "WPA: Enable Extended Key ID support"); 1705 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 1706 wpa_s->conf->extended_key_id); 1707 if (bss_rsn && 1708 wpa_s->conf->extended_key_id && 1709 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP && 1710 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST)) 1711 use_ext_key_id = 1; 1712 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 1713 use_ext_key_id); 1714 } else { 1715 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0); 1716 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0); 1717 } 1718 1719 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { 1720 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE"); 1721 return -1; 1722 } 1723 1724 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe); 1725 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe, 1726 &wpa_s->rsnxe_len)) { 1727 wpa_msg(wpa_s, MSG_WARNING, "RSN: Failed to generate RSNXE"); 1728 return -1; 1729 } 1730 1731 if (0) { 1732 #ifdef CONFIG_DPP 1733 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { 1734 /* Use PMK from DPP network introduction (PMKSA entry) */ 1735 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 1736 #ifdef CONFIG_DPP2 1737 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs); 1738 #endif /* CONFIG_DPP2 */ 1739 #endif /* CONFIG_DPP */ 1740 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { 1741 int psk_set = 0; 1742 int sae_only; 1743 1744 sae_only = (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | 1745 WPA_KEY_MGMT_FT_PSK | 1746 WPA_KEY_MGMT_PSK_SHA256)) == 0; 1747 1748 if (ssid->psk_set && !sae_only) { 1749 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)", 1750 ssid->psk, PMK_LEN); 1751 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN, NULL, 1752 NULL); 1753 psk_set = 1; 1754 } 1755 1756 if (wpa_key_mgmt_sae(ssid->key_mgmt) && 1757 (ssid->sae_password || ssid->passphrase)) 1758 psk_set = 1; 1759 1760 #ifndef CONFIG_NO_PBKDF2 1761 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && 1762 ssid->passphrase && !sae_only) { 1763 u8 psk[PMK_LEN]; 1764 pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, 1765 4096, psk, PMK_LEN); 1766 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", 1767 psk, PMK_LEN); 1768 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, NULL); 1769 psk_set = 1; 1770 os_memset(psk, 0, sizeof(psk)); 1771 } 1772 #endif /* CONFIG_NO_PBKDF2 */ 1773 #ifdef CONFIG_EXT_PASSWORD 1774 if (ssid->ext_psk && !sae_only) { 1775 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, 1776 ssid->ext_psk); 1777 char pw_str[64 + 1]; 1778 u8 psk[PMK_LEN]; 1779 1780 if (pw == NULL) { 1781 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK " 1782 "found from external storage"); 1783 return -1; 1784 } 1785 1786 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) { 1787 wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected " 1788 "PSK length %d in external storage", 1789 (int) wpabuf_len(pw)); 1790 ext_password_free(pw); 1791 return -1; 1792 } 1793 1794 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw)); 1795 pw_str[wpabuf_len(pw)] = '\0'; 1796 1797 #ifndef CONFIG_NO_PBKDF2 1798 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss) 1799 { 1800 pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len, 1801 4096, psk, PMK_LEN); 1802 os_memset(pw_str, 0, sizeof(pw_str)); 1803 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from " 1804 "external passphrase)", 1805 psk, PMK_LEN); 1806 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, 1807 NULL); 1808 psk_set = 1; 1809 os_memset(psk, 0, sizeof(psk)); 1810 } else 1811 #endif /* CONFIG_NO_PBKDF2 */ 1812 if (wpabuf_len(pw) == 2 * PMK_LEN) { 1813 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) { 1814 wpa_msg(wpa_s, MSG_INFO, "EXT PW: " 1815 "Invalid PSK hex string"); 1816 os_memset(pw_str, 0, sizeof(pw_str)); 1817 ext_password_free(pw); 1818 return -1; 1819 } 1820 wpa_hexdump_key(MSG_MSGDUMP, 1821 "PSK (from external PSK)", 1822 psk, PMK_LEN); 1823 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, 1824 NULL); 1825 psk_set = 1; 1826 os_memset(psk, 0, sizeof(psk)); 1827 } else { 1828 wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable " 1829 "PSK available"); 1830 os_memset(pw_str, 0, sizeof(pw_str)); 1831 ext_password_free(pw); 1832 return -1; 1833 } 1834 1835 os_memset(pw_str, 0, sizeof(pw_str)); 1836 ext_password_free(pw); 1837 } 1838 #endif /* CONFIG_EXT_PASSWORD */ 1839 1840 if (!psk_set) { 1841 wpa_msg(wpa_s, MSG_INFO, 1842 "No PSK available for association"); 1843 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE"); 1844 return -1; 1845 } 1846 #ifdef CONFIG_OWE 1847 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) { 1848 /* OWE Diffie-Hellman exchange in (Re)Association 1849 * Request/Response frames set the PMK, so do not override it 1850 * here. */ 1851 #endif /* CONFIG_OWE */ 1852 } else 1853 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 1854 1855 if (ssid->mode != WPAS_MODE_IBSS && 1856 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) && 1857 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER || 1858 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK && 1859 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) { 1860 wpa_msg(wpa_s, MSG_INFO, 1861 "Disable PTK0 rekey support - replaced with reconnect"); 1862 wpa_s->deny_ptk0_rekey = 1; 1863 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1); 1864 } else { 1865 wpa_s->deny_ptk0_rekey = 0; 1866 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0); 1867 } 1868 1869 return 0; 1870 } 1871 1872 1873 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx) 1874 { 1875 *pos = 0x00; 1876 1877 switch (idx) { 1878 case 0: /* Bits 0-7 */ 1879 break; 1880 case 1: /* Bits 8-15 */ 1881 if (wpa_s->conf->coloc_intf_reporting) { 1882 /* Bit 13 - Collocated Interference Reporting */ 1883 *pos |= 0x20; 1884 } 1885 break; 1886 case 2: /* Bits 16-23 */ 1887 #ifdef CONFIG_WNM 1888 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */ 1889 if (!wpa_s->disable_mbo_oce && !wpa_s->conf->disable_btm) 1890 *pos |= 0x08; /* Bit 19 - BSS Transition */ 1891 #endif /* CONFIG_WNM */ 1892 break; 1893 case 3: /* Bits 24-31 */ 1894 #ifdef CONFIG_WNM 1895 *pos |= 0x02; /* Bit 25 - SSID List */ 1896 #endif /* CONFIG_WNM */ 1897 #ifdef CONFIG_INTERWORKING 1898 if (wpa_s->conf->interworking) 1899 *pos |= 0x80; /* Bit 31 - Interworking */ 1900 #endif /* CONFIG_INTERWORKING */ 1901 break; 1902 case 4: /* Bits 32-39 */ 1903 #ifdef CONFIG_INTERWORKING 1904 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING) 1905 *pos |= 0x01; /* Bit 32 - QoS Map */ 1906 #endif /* CONFIG_INTERWORKING */ 1907 break; 1908 case 5: /* Bits 40-47 */ 1909 #ifdef CONFIG_HS20 1910 if (wpa_s->conf->hs20) 1911 *pos |= 0x40; /* Bit 46 - WNM-Notification */ 1912 #endif /* CONFIG_HS20 */ 1913 #ifdef CONFIG_MBO 1914 *pos |= 0x40; /* Bit 46 - WNM-Notification */ 1915 #endif /* CONFIG_MBO */ 1916 break; 1917 case 6: /* Bits 48-55 */ 1918 break; 1919 case 7: /* Bits 56-63 */ 1920 break; 1921 case 8: /* Bits 64-71 */ 1922 if (wpa_s->conf->ftm_responder) 1923 *pos |= 0x40; /* Bit 70 - FTM responder */ 1924 if (wpa_s->conf->ftm_initiator) 1925 *pos |= 0x80; /* Bit 71 - FTM initiator */ 1926 break; 1927 case 9: /* Bits 72-79 */ 1928 #ifdef CONFIG_FILS 1929 if (!wpa_s->disable_fils) 1930 *pos |= 0x01; 1931 #endif /* CONFIG_FILS */ 1932 break; 1933 case 10: /* Bits 80-87 */ 1934 *pos |= 0x20; /* Bit 85 - Mirrored SCS */ 1935 break; 1936 } 1937 } 1938 1939 1940 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, size_t buflen) 1941 { 1942 u8 *pos = buf; 1943 u8 len = 11, i; 1944 1945 if (len < wpa_s->extended_capa_len) 1946 len = wpa_s->extended_capa_len; 1947 if (buflen < (size_t) len + 2) { 1948 wpa_printf(MSG_INFO, 1949 "Not enough room for building extended capabilities element"); 1950 return -1; 1951 } 1952 1953 *pos++ = WLAN_EID_EXT_CAPAB; 1954 *pos++ = len; 1955 for (i = 0; i < len; i++, pos++) { 1956 wpas_ext_capab_byte(wpa_s, pos, i); 1957 1958 if (i < wpa_s->extended_capa_len) { 1959 *pos &= ~wpa_s->extended_capa_mask[i]; 1960 *pos |= wpa_s->extended_capa[i]; 1961 } 1962 } 1963 1964 while (len > 0 && buf[1 + len] == 0) { 1965 len--; 1966 buf[1] = len; 1967 } 1968 if (len == 0) 1969 return 0; 1970 1971 return 2 + len; 1972 } 1973 1974 1975 static int wpas_valid_bss(struct wpa_supplicant *wpa_s, 1976 struct wpa_bss *test_bss) 1977 { 1978 struct wpa_bss *bss; 1979 1980 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 1981 if (bss == test_bss) 1982 return 1; 1983 } 1984 1985 return 0; 1986 } 1987 1988 1989 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s, 1990 struct wpa_ssid *test_ssid) 1991 { 1992 struct wpa_ssid *ssid; 1993 1994 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { 1995 if (ssid == test_ssid) 1996 return 1; 1997 } 1998 1999 return 0; 2000 } 2001 2002 2003 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss, 2004 struct wpa_ssid *test_ssid) 2005 { 2006 if (test_bss && !wpas_valid_bss(wpa_s, test_bss)) 2007 return 0; 2008 2009 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid); 2010 } 2011 2012 2013 void wpas_connect_work_free(struct wpa_connect_work *cwork) 2014 { 2015 if (cwork == NULL) 2016 return; 2017 os_free(cwork); 2018 } 2019 2020 2021 void wpas_connect_work_done(struct wpa_supplicant *wpa_s) 2022 { 2023 struct wpa_connect_work *cwork; 2024 struct wpa_radio_work *work = wpa_s->connect_work; 2025 2026 if (!work) 2027 return; 2028 2029 wpa_s->connect_work = NULL; 2030 cwork = work->ctx; 2031 work->ctx = NULL; 2032 wpas_connect_work_free(cwork); 2033 radio_work_done(work); 2034 } 2035 2036 2037 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, int style) 2038 { 2039 struct os_reltime now; 2040 u8 addr[ETH_ALEN]; 2041 2042 os_get_reltime(&now); 2043 if (wpa_s->last_mac_addr_style == style && 2044 wpa_s->last_mac_addr_change.sec != 0 && 2045 !os_reltime_expired(&now, &wpa_s->last_mac_addr_change, 2046 wpa_s->conf->rand_addr_lifetime)) { 2047 wpa_msg(wpa_s, MSG_DEBUG, 2048 "Previously selected random MAC address has not yet expired"); 2049 return 0; 2050 } 2051 2052 switch (style) { 2053 case 1: 2054 if (random_mac_addr(addr) < 0) 2055 return -1; 2056 break; 2057 case 2: 2058 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN); 2059 if (random_mac_addr_keep_oui(addr) < 0) 2060 return -1; 2061 break; 2062 default: 2063 return -1; 2064 } 2065 2066 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) { 2067 wpa_msg(wpa_s, MSG_INFO, 2068 "Failed to set random MAC address"); 2069 return -1; 2070 } 2071 2072 os_get_reltime(&wpa_s->last_mac_addr_change); 2073 wpa_s->mac_addr_changed = 1; 2074 wpa_s->last_mac_addr_style = style; 2075 2076 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { 2077 wpa_msg(wpa_s, MSG_INFO, 2078 "Could not update MAC address information"); 2079 return -1; 2080 } 2081 2082 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR, 2083 MAC2STR(addr)); 2084 2085 return 0; 2086 } 2087 2088 2089 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s) 2090 { 2091 if (wpa_s->wpa_state >= WPA_AUTHENTICATING || 2092 !wpa_s->conf->preassoc_mac_addr) 2093 return 0; 2094 2095 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr); 2096 } 2097 2098 2099 static void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid) 2100 { 2101 #ifdef CONFIG_SAE 2102 int *groups = conf->sae_groups; 2103 int default_groups[] = { 19, 20, 21, 0 }; 2104 const char *password; 2105 2106 if (!groups || groups[0] <= 0) 2107 groups = default_groups; 2108 2109 password = ssid->sae_password; 2110 if (!password) 2111 password = ssid->passphrase; 2112 2113 if (!password || 2114 (conf->sae_pwe == 0 && !ssid->sae_password_id && 2115 !sae_pk_valid_password(password)) || 2116 conf->sae_pwe == 3) { 2117 /* PT derivation not needed */ 2118 sae_deinit_pt(ssid->pt); 2119 ssid->pt = NULL; 2120 return; 2121 } 2122 2123 if (ssid->pt) 2124 return; /* PT already derived */ 2125 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len, 2126 (const u8 *) password, os_strlen(password), 2127 ssid->sae_password_id); 2128 #endif /* CONFIG_SAE */ 2129 } 2130 2131 2132 static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s) 2133 { 2134 #if defined(CONFIG_SAE) && defined(CONFIG_SME) 2135 os_free(wpa_s->sme.sae_rejected_groups); 2136 wpa_s->sme.sae_rejected_groups = NULL; 2137 #ifdef CONFIG_TESTING_OPTIONS 2138 if (wpa_s->extra_sae_rejected_groups) { 2139 int i, *groups = wpa_s->extra_sae_rejected_groups; 2140 2141 for (i = 0; groups[i]; i++) { 2142 wpa_printf(MSG_DEBUG, 2143 "TESTING: Indicate rejection of an extra SAE group %d", 2144 groups[i]); 2145 int_array_add_unique(&wpa_s->sme.sae_rejected_groups, 2146 groups[i]); 2147 } 2148 } 2149 #endif /* CONFIG_TESTING_OPTIONS */ 2150 #endif /* CONFIG_SAE && CONFIG_SME */ 2151 } 2152 2153 2154 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s) 2155 { 2156 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) { 2157 wpa_msg(wpa_s, MSG_INFO, 2158 "Could not restore permanent MAC address"); 2159 return -1; 2160 } 2161 wpa_s->mac_addr_changed = 0; 2162 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { 2163 wpa_msg(wpa_s, MSG_INFO, 2164 "Could not update MAC address information"); 2165 return -1; 2166 } 2167 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address"); 2168 return 0; 2169 } 2170 2171 2172 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit); 2173 2174 /** 2175 * wpa_supplicant_associate - Request association 2176 * @wpa_s: Pointer to wpa_supplicant data 2177 * @bss: Scan results for the selected BSS, or %NULL if not available 2178 * @ssid: Configuration data for the selected network 2179 * 2180 * This function is used to request %wpa_supplicant to associate with a BSS. 2181 */ 2182 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, 2183 struct wpa_bss *bss, struct wpa_ssid *ssid) 2184 { 2185 struct wpa_connect_work *cwork; 2186 int rand_style; 2187 2188 wpa_s->own_disconnect_req = 0; 2189 wpa_s->own_reconnect_req = 0; 2190 2191 /* 2192 * If we are starting a new connection, any previously pending EAPOL 2193 * RX cannot be valid anymore. 2194 */ 2195 wpabuf_free(wpa_s->pending_eapol_rx); 2196 wpa_s->pending_eapol_rx = NULL; 2197 2198 if (ssid->mac_addr == -1) 2199 rand_style = wpa_s->conf->mac_addr; 2200 else 2201 rand_style = ssid->mac_addr; 2202 2203 wpa_s->multi_ap_ie = 0; 2204 wmm_ac_clear_saved_tspecs(wpa_s); 2205 wpa_s->reassoc_same_bss = 0; 2206 wpa_s->reassoc_same_ess = 0; 2207 #ifdef CONFIG_TESTING_OPTIONS 2208 wpa_s->testing_resend_assoc = 0; 2209 #endif /* CONFIG_TESTING_OPTIONS */ 2210 2211 if (wpa_s->last_ssid == ssid) { 2212 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS"); 2213 wpa_s->reassoc_same_ess = 1; 2214 if (wpa_s->current_bss && wpa_s->current_bss == bss) { 2215 wmm_ac_save_tspecs(wpa_s); 2216 wpa_s->reassoc_same_bss = 1; 2217 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) { 2218 os_get_reltime(&wpa_s->roam_start); 2219 } 2220 } else { 2221 #ifdef CONFIG_SAE 2222 wpa_s_clear_sae_rejected(wpa_s); 2223 wpa_s_setup_sae_pt(wpa_s->conf, ssid); 2224 #endif /* CONFIG_SAE */ 2225 } 2226 2227 if (rand_style > 0 && !wpa_s->reassoc_same_ess) { 2228 if (wpas_update_random_addr(wpa_s, rand_style) < 0) 2229 return; 2230 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); 2231 } else if (rand_style == 0 && wpa_s->mac_addr_changed) { 2232 if (wpas_restore_permanent_mac_addr(wpa_s) < 0) 2233 return; 2234 } 2235 wpa_s->last_ssid = ssid; 2236 2237 #ifdef CONFIG_IBSS_RSN 2238 ibss_rsn_deinit(wpa_s->ibss_rsn); 2239 wpa_s->ibss_rsn = NULL; 2240 #else /* CONFIG_IBSS_RSN */ 2241 if (ssid->mode == WPAS_MODE_IBSS && 2242 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) { 2243 wpa_msg(wpa_s, MSG_INFO, 2244 "IBSS RSN not supported in the build"); 2245 return; 2246 } 2247 #endif /* CONFIG_IBSS_RSN */ 2248 2249 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || 2250 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 2251 #ifdef CONFIG_AP 2252 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { 2253 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " 2254 "mode"); 2255 return; 2256 } 2257 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) { 2258 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 2259 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 2260 wpas_p2p_ap_setup_failed(wpa_s); 2261 return; 2262 } 2263 wpa_s->current_bss = bss; 2264 #else /* CONFIG_AP */ 2265 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " 2266 "the build"); 2267 #endif /* CONFIG_AP */ 2268 return; 2269 } 2270 2271 if (ssid->mode == WPAS_MODE_MESH) { 2272 #ifdef CONFIG_MESH 2273 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) { 2274 wpa_msg(wpa_s, MSG_INFO, 2275 "Driver does not support mesh mode"); 2276 return; 2277 } 2278 if (bss) 2279 ssid->frequency = bss->freq; 2280 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) { 2281 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh"); 2282 return; 2283 } 2284 wpa_s->current_bss = bss; 2285 #else /* CONFIG_MESH */ 2286 wpa_msg(wpa_s, MSG_ERROR, 2287 "mesh mode support not included in the build"); 2288 #endif /* CONFIG_MESH */ 2289 return; 2290 } 2291 2292 /* 2293 * Set WPA state machine configuration to match the selected network now 2294 * so that the information is available before wpas_start_assoc_cb() 2295 * gets called. This is needed at least for RSN pre-authentication where 2296 * candidate APs are added to a list based on scan result processing 2297 * before completion of the first association. 2298 */ 2299 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid); 2300 2301 #ifdef CONFIG_DPP 2302 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0) 2303 return; 2304 #endif /* CONFIG_DPP */ 2305 2306 #ifdef CONFIG_TDLS 2307 if (bss) 2308 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len); 2309 #endif /* CONFIG_TDLS */ 2310 2311 #ifdef CONFIG_MBO 2312 wpas_mbo_check_pmf(wpa_s, bss, ssid); 2313 #endif /* CONFIG_MBO */ 2314 2315 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2316 ssid->mode == WPAS_MODE_INFRA) { 2317 sme_authenticate(wpa_s, bss, ssid); 2318 return; 2319 } 2320 2321 if (wpa_s->connect_work) { 2322 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist"); 2323 return; 2324 } 2325 2326 if (radio_work_pending(wpa_s, "connect")) { 2327 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist"); 2328 return; 2329 } 2330 2331 #ifdef CONFIG_SME 2332 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) { 2333 /* Clear possibly set auth_alg, if any, from last attempt. */ 2334 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN; 2335 } 2336 #endif /* CONFIG_SME */ 2337 2338 wpas_abort_ongoing_scan(wpa_s); 2339 2340 cwork = os_zalloc(sizeof(*cwork)); 2341 if (cwork == NULL) 2342 return; 2343 2344 cwork->bss = bss; 2345 cwork->ssid = ssid; 2346 2347 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1, 2348 wpas_start_assoc_cb, cwork) < 0) { 2349 os_free(cwork); 2350 } 2351 } 2352 2353 2354 static int bss_is_ibss(struct wpa_bss *bss) 2355 { 2356 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) == 2357 IEEE80211_CAP_IBSS; 2358 } 2359 2360 2361 static int drv_supports_vht(struct wpa_supplicant *wpa_s, 2362 const struct wpa_ssid *ssid) 2363 { 2364 enum hostapd_hw_mode hw_mode; 2365 struct hostapd_hw_modes *mode = NULL; 2366 u8 channel; 2367 int i; 2368 2369 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel); 2370 if (hw_mode == NUM_HOSTAPD_MODES) 2371 return 0; 2372 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { 2373 if (wpa_s->hw.modes[i].mode == hw_mode) { 2374 mode = &wpa_s->hw.modes[i]; 2375 break; 2376 } 2377 } 2378 2379 if (!mode) 2380 return 0; 2381 2382 return mode->vht_capab != 0; 2383 } 2384 2385 2386 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s, 2387 const struct wpa_ssid *ssid, 2388 struct hostapd_freq_params *freq) 2389 { 2390 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode); 2391 enum hostapd_hw_mode hw_mode; 2392 struct hostapd_hw_modes *mode = NULL; 2393 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157, 2394 184, 192 }; 2395 int vht80[] = { 36, 52, 100, 116, 132, 149 }; 2396 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; 2397 u8 channel; 2398 int i, chan_idx, ht40 = -1, res, obss_scan = 1; 2399 unsigned int j, k; 2400 struct hostapd_freq_params vht_freq; 2401 int chwidth, seg0, seg1; 2402 u32 vht_caps = 0; 2403 int is_24ghz; 2404 2405 freq->freq = ssid->frequency; 2406 2407 for (j = 0; j < wpa_s->last_scan_res_used; j++) { 2408 struct wpa_bss *bss = wpa_s->last_scan_res[j]; 2409 2410 if (ssid->mode != WPAS_MODE_IBSS) 2411 break; 2412 2413 /* Don't adjust control freq in case of fixed_freq */ 2414 if (ssid->fixed_freq) 2415 break; 2416 2417 if (!bss_is_ibss(bss)) 2418 continue; 2419 2420 if (ssid->ssid_len == bss->ssid_len && 2421 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) { 2422 wpa_printf(MSG_DEBUG, 2423 "IBSS already found in scan results, adjust control freq: %d", 2424 bss->freq); 2425 freq->freq = bss->freq; 2426 obss_scan = 0; 2427 break; 2428 } 2429 } 2430 2431 /* For IBSS check HT_IBSS flag */ 2432 if (ssid->mode == WPAS_MODE_IBSS && 2433 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS)) 2434 return; 2435 2436 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 || 2437 wpa_s->group_cipher == WPA_CIPHER_WEP104 || 2438 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) { 2439 wpa_printf(MSG_DEBUG, 2440 "IBSS: WEP/TKIP detected, do not try to enable HT"); 2441 return; 2442 } 2443 2444 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); 2445 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { 2446 if (wpa_s->hw.modes[i].mode == hw_mode) { 2447 mode = &wpa_s->hw.modes[i]; 2448 break; 2449 } 2450 } 2451 2452 if (!mode) 2453 return; 2454 2455 freq->channel = channel; 2456 2457 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G || 2458 hw_mode == HOSTAPD_MODE_IEEE80211B; 2459 2460 #ifdef CONFIG_HT_OVERRIDES 2461 if (ssid->disable_ht) { 2462 freq->ht_enabled = 0; 2463 return; 2464 } 2465 #endif /* CONFIG_HT_OVERRIDES */ 2466 2467 freq->ht_enabled = ht_supported(mode); 2468 if (!freq->ht_enabled) 2469 return; 2470 2471 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */ 2472 if (is_24ghz) 2473 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported; 2474 #ifdef CONFIG_HE_OVERRIDES 2475 if (is_24ghz && ssid->disable_he) 2476 freq->he_enabled = 0; 2477 #endif /* CONFIG_HE_OVERRIDES */ 2478 2479 /* Setup higher BW only for 5 GHz */ 2480 if (mode->mode != HOSTAPD_MODE_IEEE80211A) 2481 return; 2482 2483 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) { 2484 pri_chan = &mode->channels[chan_idx]; 2485 if (pri_chan->chan == channel) 2486 break; 2487 pri_chan = NULL; 2488 } 2489 if (!pri_chan) 2490 return; 2491 2492 /* Check primary channel flags */ 2493 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 2494 return; 2495 2496 freq->channel = pri_chan->chan; 2497 2498 #ifdef CONFIG_HT_OVERRIDES 2499 if (ssid->disable_ht40) { 2500 #ifdef CONFIG_VHT_OVERRIDES 2501 if (ssid->disable_vht) 2502 return; 2503 #endif /* CONFIG_VHT_OVERRIDES */ 2504 goto skip_ht40; 2505 } 2506 #endif /* CONFIG_HT_OVERRIDES */ 2507 2508 /* Check/setup HT40+/HT40- */ 2509 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) { 2510 if (ht40plus[j] == channel) { 2511 ht40 = 1; 2512 break; 2513 } 2514 } 2515 2516 /* Find secondary channel */ 2517 for (i = 0; i < mode->num_channels; i++) { 2518 sec_chan = &mode->channels[i]; 2519 if (sec_chan->chan == channel + ht40 * 4) 2520 break; 2521 sec_chan = NULL; 2522 } 2523 if (!sec_chan) 2524 return; 2525 2526 /* Check secondary channel flags */ 2527 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 2528 return; 2529 2530 if (ht40 == -1) { 2531 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) 2532 return; 2533 } else { 2534 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS)) 2535 return; 2536 } 2537 freq->sec_channel_offset = ht40; 2538 2539 if (obss_scan) { 2540 struct wpa_scan_results *scan_res; 2541 2542 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0); 2543 if (scan_res == NULL) { 2544 /* Back to HT20 */ 2545 freq->sec_channel_offset = 0; 2546 return; 2547 } 2548 2549 res = check_40mhz_5g(scan_res, pri_chan, sec_chan); 2550 switch (res) { 2551 case 0: 2552 /* Back to HT20 */ 2553 freq->sec_channel_offset = 0; 2554 break; 2555 case 1: 2556 /* Configuration allowed */ 2557 break; 2558 case 2: 2559 /* Switch pri/sec channels */ 2560 freq->freq = hw_get_freq(mode, sec_chan->chan); 2561 freq->sec_channel_offset = -freq->sec_channel_offset; 2562 freq->channel = sec_chan->chan; 2563 break; 2564 default: 2565 freq->sec_channel_offset = 0; 2566 break; 2567 } 2568 2569 wpa_scan_results_free(scan_res); 2570 } 2571 2572 #ifdef CONFIG_HT_OVERRIDES 2573 skip_ht40: 2574 #endif /* CONFIG_HT_OVERRIDES */ 2575 wpa_printf(MSG_DEBUG, 2576 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d", 2577 freq->channel, freq->sec_channel_offset); 2578 2579 if (!drv_supports_vht(wpa_s, ssid)) 2580 return; 2581 2582 /* For IBSS check VHT_IBSS flag */ 2583 if (ssid->mode == WPAS_MODE_IBSS && 2584 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS)) 2585 return; 2586 2587 vht_freq = *freq; 2588 2589 #ifdef CONFIG_VHT_OVERRIDES 2590 if (ssid->disable_vht) { 2591 freq->vht_enabled = 0; 2592 return; 2593 } 2594 #endif /* CONFIG_VHT_OVERRIDES */ 2595 2596 vht_freq.vht_enabled = vht_supported(mode); 2597 if (!vht_freq.vht_enabled) 2598 return; 2599 2600 /* Enable HE with VHT for 5 GHz */ 2601 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported; 2602 2603 /* setup center_freq1, bandwidth */ 2604 for (j = 0; j < ARRAY_SIZE(vht80); j++) { 2605 if (freq->channel >= vht80[j] && 2606 freq->channel < vht80[j] + 16) 2607 break; 2608 } 2609 2610 if (j == ARRAY_SIZE(vht80)) 2611 return; 2612 2613 for (i = vht80[j]; i < vht80[j] + 16; i += 4) { 2614 struct hostapd_channel_data *chan; 2615 2616 chan = hw_get_channel_chan(mode, i, NULL); 2617 if (!chan) 2618 return; 2619 2620 /* Back to HT configuration if channel not usable */ 2621 if (chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 2622 return; 2623 } 2624 2625 chwidth = CHANWIDTH_80MHZ; 2626 seg0 = vht80[j] + 6; 2627 seg1 = 0; 2628 2629 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) { 2630 /* setup center_freq2, bandwidth */ 2631 for (k = 0; k < ARRAY_SIZE(vht80); k++) { 2632 /* Only accept 80 MHz segments separated by a gap */ 2633 if (j == k || abs(vht80[j] - vht80[k]) == 16) 2634 continue; 2635 for (i = vht80[k]; i < vht80[k] + 16; i += 4) { 2636 struct hostapd_channel_data *chan; 2637 2638 chan = hw_get_channel_chan(mode, i, NULL); 2639 if (!chan) 2640 continue; 2641 2642 if (chan->flag & (HOSTAPD_CHAN_DISABLED | 2643 HOSTAPD_CHAN_NO_IR | 2644 HOSTAPD_CHAN_RADAR)) 2645 continue; 2646 2647 /* Found a suitable second segment for 80+80 */ 2648 chwidth = CHANWIDTH_80P80MHZ; 2649 vht_caps |= 2650 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; 2651 seg1 = vht80[k] + 6; 2652 } 2653 2654 if (chwidth == CHANWIDTH_80P80MHZ) 2655 break; 2656 } 2657 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) { 2658 if (freq->freq == 5180) { 2659 chwidth = CHANWIDTH_160MHZ; 2660 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 2661 seg0 = 50; 2662 } else if (freq->freq == 5520) { 2663 chwidth = CHANWIDTH_160MHZ; 2664 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 2665 seg0 = 114; 2666 } 2667 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) { 2668 chwidth = CHANWIDTH_USE_HT; 2669 seg0 = vht80[j] + 2; 2670 #ifdef CONFIG_HT_OVERRIDES 2671 if (ssid->disable_ht40) 2672 seg0 = 0; 2673 #endif /* CONFIG_HT_OVERRIDES */ 2674 } 2675 2676 #ifdef CONFIG_HE_OVERRIDES 2677 if (ssid->disable_he) { 2678 vht_freq.he_enabled = 0; 2679 freq->he_enabled = 0; 2680 } 2681 #endif /* CONFIG_HE_OVERRIDES */ 2682 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq, 2683 freq->channel, ssid->enable_edmg, 2684 ssid->edmg_channel, freq->ht_enabled, 2685 vht_freq.vht_enabled, freq->he_enabled, 2686 freq->sec_channel_offset, 2687 chwidth, seg0, seg1, vht_caps, 2688 &mode->he_capab[ieee80211_mode]) != 0) 2689 return; 2690 2691 *freq = vht_freq; 2692 2693 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d", 2694 freq->center_freq1, freq->center_freq2, freq->bandwidth); 2695 } 2696 2697 2698 #ifdef CONFIG_FILS 2699 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf, 2700 size_t ie_buf_len) 2701 { 2702 struct fils_hlp_req *req; 2703 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0; 2704 const u8 *pos; 2705 u8 *buf = ie_buf; 2706 2707 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, 2708 list) { 2709 rem_len = ie_buf_len - ie_len; 2710 pos = wpabuf_head(req->pkt); 2711 hdr_len = 1 + 2 * ETH_ALEN + 6; 2712 hlp_len = wpabuf_len(req->pkt); 2713 2714 if (rem_len < 2 + hdr_len + hlp_len) { 2715 wpa_printf(MSG_ERROR, 2716 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu", 2717 (unsigned long) rem_len, 2718 (unsigned long) (2 + hdr_len + hlp_len)); 2719 break; 2720 } 2721 2722 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len; 2723 /* Element ID */ 2724 *buf++ = WLAN_EID_EXTENSION; 2725 /* Length */ 2726 *buf++ = len; 2727 /* Element ID Extension */ 2728 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER; 2729 /* Destination MAC address */ 2730 os_memcpy(buf, req->dst, ETH_ALEN); 2731 buf += ETH_ALEN; 2732 /* Source MAC address */ 2733 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN); 2734 buf += ETH_ALEN; 2735 /* LLC/SNAP Header */ 2736 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6); 2737 buf += 6; 2738 /* HLP Packet */ 2739 os_memcpy(buf, pos, len - hdr_len); 2740 buf += len - hdr_len; 2741 pos += len - hdr_len; 2742 2743 hlp_len -= len - hdr_len; 2744 ie_len += 2 + len; 2745 rem_len -= 2 + len; 2746 2747 while (hlp_len) { 2748 len = (hlp_len > 255) ? 255 : hlp_len; 2749 if (rem_len < 2 + len) 2750 break; 2751 *buf++ = WLAN_EID_FRAGMENT; 2752 *buf++ = len; 2753 os_memcpy(buf, pos, len); 2754 buf += len; 2755 pos += len; 2756 2757 hlp_len -= len; 2758 ie_len += 2 + len; 2759 rem_len -= 2 + len; 2760 } 2761 } 2762 2763 return ie_len; 2764 } 2765 2766 2767 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s) 2768 { 2769 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2770 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) || 2771 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2772 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD))); 2773 } 2774 2775 2776 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s) 2777 { 2778 #ifdef CONFIG_FILS_SK_PFS 2779 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2780 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS); 2781 #else /* CONFIG_FILS_SK_PFS */ 2782 return 0; 2783 #endif /* CONFIG_FILS_SK_PFS */ 2784 } 2785 2786 #endif /* CONFIG_FILS */ 2787 2788 2789 static u8 * wpas_populate_assoc_ies( 2790 struct wpa_supplicant *wpa_s, 2791 struct wpa_bss *bss, struct wpa_ssid *ssid, 2792 struct wpa_driver_associate_params *params, 2793 enum wpa_drv_update_connect_params_mask *mask) 2794 { 2795 u8 *wpa_ie; 2796 size_t max_wpa_ie_len = 500; 2797 size_t wpa_ie_len; 2798 int algs = WPA_AUTH_ALG_OPEN; 2799 #ifdef CONFIG_MBO 2800 const u8 *mbo_ie; 2801 #endif 2802 #if defined(CONFIG_SAE) || defined(CONFIG_FILS) 2803 int pmksa_cached = 0; 2804 #endif /* CONFIG_SAE || CONFIG_FILS */ 2805 #ifdef CONFIG_FILS 2806 const u8 *realm, *username, *rrk; 2807 size_t realm_len, username_len, rrk_len; 2808 u16 next_seq_num; 2809 struct fils_hlp_req *req; 2810 2811 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, 2812 list) { 2813 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) + 2814 2 + 2 * wpabuf_len(req->pkt) / 255; 2815 } 2816 #endif /* CONFIG_FILS */ 2817 2818 wpa_ie = os_malloc(max_wpa_ie_len); 2819 if (!wpa_ie) { 2820 wpa_printf(MSG_ERROR, 2821 "Failed to allocate connect IE buffer for %lu bytes", 2822 (unsigned long) max_wpa_ie_len); 2823 return NULL; 2824 } 2825 2826 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || 2827 wpa_bss_get_ie(bss, WLAN_EID_RSN)) && 2828 wpa_key_mgmt_wpa(ssid->key_mgmt)) { 2829 int try_opportunistic; 2830 const u8 *cache_id = NULL; 2831 2832 try_opportunistic = (ssid->proactive_key_caching < 0 ? 2833 wpa_s->conf->okc : 2834 ssid->proactive_key_caching) && 2835 (ssid->proto & WPA_PROTO_RSN); 2836 #ifdef CONFIG_FILS 2837 if (wpa_key_mgmt_fils(ssid->key_mgmt)) 2838 cache_id = wpa_bss_get_fils_cache_id(bss); 2839 #endif /* CONFIG_FILS */ 2840 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, 2841 ssid, try_opportunistic, 2842 cache_id, 0) == 0) { 2843 eapol_sm_notify_pmkid_attempt(wpa_s->eapol); 2844 #if defined(CONFIG_SAE) || defined(CONFIG_FILS) 2845 pmksa_cached = 1; 2846 #endif /* CONFIG_SAE || CONFIG_FILS */ 2847 } 2848 wpa_ie_len = max_wpa_ie_len; 2849 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 2850 wpa_ie, &wpa_ie_len)) { 2851 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 2852 "key management and encryption suites"); 2853 os_free(wpa_ie); 2854 return NULL; 2855 } 2856 #ifdef CONFIG_HS20 2857 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) && 2858 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) { 2859 /* No PMKSA caching, but otherwise similar to RSN/WPA */ 2860 wpa_ie_len = max_wpa_ie_len; 2861 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 2862 wpa_ie, &wpa_ie_len)) { 2863 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 2864 "key management and encryption suites"); 2865 os_free(wpa_ie); 2866 return NULL; 2867 } 2868 #endif /* CONFIG_HS20 */ 2869 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && 2870 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { 2871 /* 2872 * Both WPA and non-WPA IEEE 802.1X enabled in configuration - 2873 * use non-WPA since the scan results did not indicate that the 2874 * AP is using WPA or WPA2. 2875 */ 2876 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2877 wpa_ie_len = 0; 2878 wpa_s->wpa_proto = 0; 2879 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { 2880 wpa_ie_len = max_wpa_ie_len; 2881 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, 2882 wpa_ie, &wpa_ie_len)) { 2883 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 2884 "key management and encryption suites (no " 2885 "scan results)"); 2886 os_free(wpa_ie); 2887 return NULL; 2888 } 2889 #ifdef CONFIG_WPS 2890 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { 2891 struct wpabuf *wps_ie; 2892 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); 2893 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) { 2894 wpa_ie_len = wpabuf_len(wps_ie); 2895 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); 2896 } else 2897 wpa_ie_len = 0; 2898 wpabuf_free(wps_ie); 2899 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2900 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) 2901 params->wps = WPS_MODE_PRIVACY; 2902 else 2903 params->wps = WPS_MODE_OPEN; 2904 wpa_s->wpa_proto = 0; 2905 #endif /* CONFIG_WPS */ 2906 } else { 2907 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 2908 wpa_ie_len = 0; 2909 wpa_s->wpa_proto = 0; 2910 } 2911 2912 #ifdef IEEE8021X_EAPOL 2913 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 2914 if (ssid->leap) { 2915 if (ssid->non_leap == 0) 2916 algs = WPA_AUTH_ALG_LEAP; 2917 else 2918 algs |= WPA_AUTH_ALG_LEAP; 2919 } 2920 } 2921 2922 #ifdef CONFIG_FILS 2923 /* Clear FILS association */ 2924 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0); 2925 2926 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) && 2927 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) && 2928 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username, 2929 &username_len, &realm, &realm_len, 2930 &next_seq_num, &rrk, &rrk_len) == 0 && 2931 (!wpa_s->last_con_fail_realm || 2932 wpa_s->last_con_fail_realm_len != realm_len || 2933 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) { 2934 algs = WPA_AUTH_ALG_FILS; 2935 params->fils_erp_username = username; 2936 params->fils_erp_username_len = username_len; 2937 params->fils_erp_realm = realm; 2938 params->fils_erp_realm_len = realm_len; 2939 params->fils_erp_next_seq_num = next_seq_num; 2940 params->fils_erp_rrk = rrk; 2941 params->fils_erp_rrk_len = rrk_len; 2942 2943 if (mask) 2944 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO; 2945 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) && 2946 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) && 2947 pmksa_cached) { 2948 algs = WPA_AUTH_ALG_FILS; 2949 } 2950 #endif /* CONFIG_FILS */ 2951 #endif /* IEEE8021X_EAPOL */ 2952 #ifdef CONFIG_SAE 2953 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE)) 2954 algs = WPA_AUTH_ALG_SAE; 2955 #endif /* CONFIG_SAE */ 2956 2957 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); 2958 if (ssid->auth_alg) { 2959 algs = ssid->auth_alg; 2960 wpa_dbg(wpa_s, MSG_DEBUG, 2961 "Overriding auth_alg selection: 0x%x", algs); 2962 } 2963 2964 #ifdef CONFIG_SAE 2965 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) { 2966 wpa_dbg(wpa_s, MSG_DEBUG, 2967 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt"); 2968 algs = WPA_AUTH_ALG_OPEN; 2969 } 2970 #endif /* CONFIG_SAE */ 2971 2972 #ifdef CONFIG_P2P 2973 if (wpa_s->global->p2p) { 2974 u8 *pos; 2975 size_t len; 2976 int res; 2977 pos = wpa_ie + wpa_ie_len; 2978 len = max_wpa_ie_len - wpa_ie_len; 2979 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, 2980 ssid->p2p_group); 2981 if (res >= 0) 2982 wpa_ie_len += res; 2983 } 2984 2985 wpa_s->cross_connect_disallowed = 0; 2986 if (bss) { 2987 struct wpabuf *p2p; 2988 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); 2989 if (p2p) { 2990 wpa_s->cross_connect_disallowed = 2991 p2p_get_cross_connect_disallowed(p2p); 2992 wpabuf_free(p2p); 2993 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " 2994 "connection", 2995 wpa_s->cross_connect_disallowed ? 2996 "disallows" : "allows"); 2997 } 2998 } 2999 3000 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info)); 3001 #endif /* CONFIG_P2P */ 3002 3003 if (bss) { 3004 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss, 3005 wpa_ie + wpa_ie_len, 3006 max_wpa_ie_len - 3007 wpa_ie_len); 3008 } 3009 3010 /* 3011 * Workaround: Add Extended Capabilities element only if the AP 3012 * included this element in Beacon/Probe Response frames. Some older 3013 * APs seem to have interoperability issues if this element is 3014 * included, so while the standard may require us to include the 3015 * element in all cases, it is justifiable to skip it to avoid 3016 * interoperability issues. 3017 */ 3018 if (ssid->p2p_group) 3019 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT); 3020 else 3021 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); 3022 3023 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) { 3024 u8 ext_capab[18]; 3025 int ext_capab_len; 3026 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, 3027 sizeof(ext_capab)); 3028 if (ext_capab_len > 0 && 3029 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) { 3030 u8 *pos = wpa_ie; 3031 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) 3032 pos += 2 + pos[1]; 3033 os_memmove(pos + ext_capab_len, pos, 3034 wpa_ie_len - (pos - wpa_ie)); 3035 wpa_ie_len += ext_capab_len; 3036 os_memcpy(pos, ext_capab, ext_capab_len); 3037 } 3038 } 3039 3040 #ifdef CONFIG_HS20 3041 if (is_hs20_network(wpa_s, ssid, bss)) { 3042 struct wpabuf *hs20; 3043 3044 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN); 3045 if (hs20) { 3046 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid); 3047 size_t len; 3048 3049 wpas_hs20_add_indication(hs20, pps_mo_id, 3050 get_hs20_version(bss)); 3051 wpas_hs20_add_roam_cons_sel(hs20, ssid); 3052 len = max_wpa_ie_len - wpa_ie_len; 3053 if (wpabuf_len(hs20) <= len) { 3054 os_memcpy(wpa_ie + wpa_ie_len, 3055 wpabuf_head(hs20), wpabuf_len(hs20)); 3056 wpa_ie_len += wpabuf_len(hs20); 3057 } 3058 wpabuf_free(hs20); 3059 3060 hs20_configure_frame_filters(wpa_s); 3061 } 3062 } 3063 #endif /* CONFIG_HS20 */ 3064 3065 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) { 3066 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]; 3067 size_t len; 3068 3069 len = max_wpa_ie_len - wpa_ie_len; 3070 if (wpabuf_len(buf) <= len) { 3071 os_memcpy(wpa_ie + wpa_ie_len, 3072 wpabuf_head(buf), wpabuf_len(buf)); 3073 wpa_ie_len += wpabuf_len(buf); 3074 } 3075 } 3076 3077 #ifdef CONFIG_FST 3078 if (wpa_s->fst_ies) { 3079 int fst_ies_len = wpabuf_len(wpa_s->fst_ies); 3080 3081 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) { 3082 os_memcpy(wpa_ie + wpa_ie_len, 3083 wpabuf_head(wpa_s->fst_ies), fst_ies_len); 3084 wpa_ie_len += fst_ies_len; 3085 } 3086 } 3087 #endif /* CONFIG_FST */ 3088 3089 #ifdef CONFIG_MBO 3090 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL; 3091 if (!wpa_s->disable_mbo_oce && mbo_ie) { 3092 int len; 3093 3094 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len, 3095 max_wpa_ie_len - wpa_ie_len, 3096 !!mbo_attr_from_mbo_ie(mbo_ie, 3097 OCE_ATTR_ID_CAPA_IND)); 3098 if (len >= 0) 3099 wpa_ie_len += len; 3100 } 3101 #endif /* CONFIG_MBO */ 3102 3103 #ifdef CONFIG_FILS 3104 if (algs == WPA_AUTH_ALG_FILS) { 3105 size_t len; 3106 3107 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len, 3108 max_wpa_ie_len - wpa_ie_len); 3109 wpa_ie_len += len; 3110 } 3111 #endif /* CONFIG_FILS */ 3112 3113 #ifdef CONFIG_OWE 3114 #ifdef CONFIG_TESTING_OPTIONS 3115 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) { 3116 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element"); 3117 } else 3118 #endif /* CONFIG_TESTING_OPTIONS */ 3119 if (algs == WPA_AUTH_ALG_OPEN && 3120 ssid->key_mgmt == WPA_KEY_MGMT_OWE) { 3121 struct wpabuf *owe_ie; 3122 u16 group; 3123 3124 if (ssid->owe_group) { 3125 group = ssid->owe_group; 3126 } else if (wpa_s->assoc_status_code == 3127 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { 3128 if (wpa_s->last_owe_group == 19) 3129 group = 20; 3130 else if (wpa_s->last_owe_group == 20) 3131 group = 21; 3132 else 3133 group = OWE_DH_GROUP; 3134 } else { 3135 group = OWE_DH_GROUP; 3136 } 3137 3138 wpa_s->last_owe_group = group; 3139 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group); 3140 owe_ie = owe_build_assoc_req(wpa_s->wpa, group); 3141 if (owe_ie && 3142 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) { 3143 os_memcpy(wpa_ie + wpa_ie_len, 3144 wpabuf_head(owe_ie), wpabuf_len(owe_ie)); 3145 wpa_ie_len += wpabuf_len(owe_ie); 3146 } 3147 wpabuf_free(owe_ie); 3148 } 3149 #endif /* CONFIG_OWE */ 3150 3151 #ifdef CONFIG_DPP2 3152 if (DPP_VERSION > 1 && 3153 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP && 3154 ssid->dpp_netaccesskey && 3155 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) { 3156 struct rsn_pmksa_cache_entry *pmksa; 3157 3158 pmksa = pmksa_cache_get_current(wpa_s->wpa); 3159 if (!pmksa || !pmksa->dpp_pfs) 3160 goto pfs_fail; 3161 3162 dpp_pfs_free(wpa_s->dpp_pfs); 3163 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey, 3164 ssid->dpp_netaccesskey_len); 3165 if (!wpa_s->dpp_pfs) { 3166 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS"); 3167 /* Try to continue without PFS */ 3168 goto pfs_fail; 3169 } 3170 if (wpabuf_len(wpa_s->dpp_pfs->ie) <= 3171 max_wpa_ie_len - wpa_ie_len) { 3172 os_memcpy(wpa_ie + wpa_ie_len, 3173 wpabuf_head(wpa_s->dpp_pfs->ie), 3174 wpabuf_len(wpa_s->dpp_pfs->ie)); 3175 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie); 3176 } 3177 } 3178 pfs_fail: 3179 #endif /* CONFIG_DPP2 */ 3180 3181 #ifdef CONFIG_IEEE80211R 3182 /* 3183 * Add MDIE under these conditions: the network profile allows FT, 3184 * the AP supports FT, and the mobility domain ID matches. 3185 */ 3186 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) { 3187 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 3188 3189 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) { 3190 size_t len = 0; 3191 const u8 *md = mdie + 2; 3192 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa); 3193 3194 if (os_memcmp(md, wpa_md, 3195 MOBILITY_DOMAIN_ID_LEN) == 0) { 3196 /* Add mobility domain IE */ 3197 len = wpa_ft_add_mdie( 3198 wpa_s->wpa, wpa_ie + wpa_ie_len, 3199 max_wpa_ie_len - wpa_ie_len, mdie); 3200 wpa_ie_len += len; 3201 } 3202 #ifdef CONFIG_SME 3203 if (len > 0 && wpa_s->sme.ft_used && 3204 wpa_sm_has_ptk(wpa_s->wpa)) { 3205 wpa_dbg(wpa_s, MSG_DEBUG, 3206 "SME: Trying to use FT over-the-air"); 3207 algs |= WPA_AUTH_ALG_FT; 3208 } 3209 #endif /* CONFIG_SME */ 3210 } 3211 } 3212 #endif /* CONFIG_IEEE80211R */ 3213 3214 #ifdef CONFIG_TESTING_OPTIONS 3215 if (wpa_s->rsnxe_override_assoc && 3216 wpabuf_len(wpa_s->rsnxe_override_assoc) <= 3217 max_wpa_ie_len - wpa_ie_len) { 3218 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override"); 3219 os_memcpy(wpa_ie + wpa_ie_len, 3220 wpabuf_head(wpa_s->rsnxe_override_assoc), 3221 wpabuf_len(wpa_s->rsnxe_override_assoc)); 3222 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc); 3223 } else 3224 #endif /* CONFIG_TESTING_OPTIONS */ 3225 if (wpa_s->rsnxe_len > 0 && 3226 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) { 3227 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len); 3228 wpa_ie_len += wpa_s->rsnxe_len; 3229 } 3230 3231 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) && 3232 wpa_s->robust_av.valid_config) { 3233 struct wpabuf *mscs_ie; 3234 size_t mscs_ie_len, buf_len; 3235 3236 buf_len = 3 + /* MSCS descriptor IE header */ 3237 1 + /* Request type */ 3238 2 + /* User priority control */ 3239 4 + /* Stream timeout */ 3240 3 + /* TCLAS Mask IE header */ 3241 wpa_s->robust_av.frame_classifier_len; 3242 mscs_ie = wpabuf_alloc(buf_len); 3243 if (!mscs_ie) { 3244 wpa_printf(MSG_INFO, 3245 "MSCS: Failed to allocate MSCS IE"); 3246 goto mscs_fail; 3247 } 3248 3249 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie); 3250 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) { 3251 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie); 3252 mscs_ie_len = wpabuf_len(mscs_ie); 3253 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie), 3254 mscs_ie_len); 3255 wpa_ie_len += mscs_ie_len; 3256 } 3257 3258 wpabuf_free(mscs_ie); 3259 } 3260 mscs_fail: 3261 3262 if (ssid->multi_ap_backhaul_sta) { 3263 size_t multi_ap_ie_len; 3264 3265 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len, 3266 max_wpa_ie_len - wpa_ie_len, 3267 MULTI_AP_BACKHAUL_STA); 3268 if (multi_ap_ie_len == 0) { 3269 wpa_printf(MSG_ERROR, 3270 "Multi-AP: Failed to build Multi-AP IE"); 3271 os_free(wpa_ie); 3272 return NULL; 3273 } 3274 wpa_ie_len += multi_ap_ie_len; 3275 } 3276 3277 params->wpa_ie = wpa_ie; 3278 params->wpa_ie_len = wpa_ie_len; 3279 params->auth_alg = algs; 3280 if (mask) 3281 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE; 3282 3283 return wpa_ie; 3284 } 3285 3286 3287 #ifdef CONFIG_OWE 3288 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s) 3289 { 3290 struct wpa_driver_associate_params params; 3291 u8 *wpa_ie; 3292 3293 os_memset(¶ms, 0, sizeof(params)); 3294 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, 3295 wpa_s->current_ssid, ¶ms, NULL); 3296 if (!wpa_ie) 3297 return; 3298 3299 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES); 3300 os_free(wpa_ie); 3301 } 3302 #endif /* CONFIG_OWE */ 3303 3304 3305 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 3306 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s) 3307 { 3308 struct wpa_driver_associate_params params; 3309 enum wpa_drv_update_connect_params_mask mask = 0; 3310 u8 *wpa_ie; 3311 3312 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN) 3313 return; /* nothing to do */ 3314 3315 os_memset(¶ms, 0, sizeof(params)); 3316 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, 3317 wpa_s->current_ssid, ¶ms, &mask); 3318 if (!wpa_ie) 3319 return; 3320 3321 if (params.auth_alg == WPA_AUTH_ALG_FILS) { 3322 wpa_s->auth_alg = params.auth_alg; 3323 wpa_drv_update_connect_params(wpa_s, ¶ms, mask); 3324 } 3325 3326 os_free(wpa_ie); 3327 } 3328 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 3329 3330 3331 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie) 3332 { 3333 if (!edmg_ie || edmg_ie[1] < 6) 3334 return 0; 3335 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET]; 3336 } 3337 3338 3339 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie) 3340 { 3341 if (!edmg_ie || edmg_ie[1] < 6) 3342 return 0; 3343 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET]; 3344 } 3345 3346 3347 /* Returns the intersection of two EDMG configurations. 3348 * Note: The current implementation is limited to CB2 only (CB1 included), 3349 * i.e., the implementation supports up to 2 contiguous channels. 3350 * For supporting non-contiguous (aggregated) channels and for supporting 3351 * CB3 and above, this function will need to be extended. 3352 */ 3353 static struct ieee80211_edmg_config 3354 get_edmg_intersection(struct ieee80211_edmg_config a, 3355 struct ieee80211_edmg_config b, 3356 u8 primary_channel) 3357 { 3358 struct ieee80211_edmg_config result; 3359 int i, contiguous = 0; 3360 int max_contiguous = 0; 3361 3362 result.channels = b.channels & a.channels; 3363 if (!result.channels) { 3364 wpa_printf(MSG_DEBUG, 3365 "EDMG not possible: cannot intersect channels 0x%x and 0x%x", 3366 a.channels, b.channels); 3367 goto fail; 3368 } 3369 3370 if (!(result.channels & BIT(primary_channel - 1))) { 3371 wpa_printf(MSG_DEBUG, 3372 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x", 3373 primary_channel, result.channels); 3374 goto fail; 3375 } 3376 3377 /* Find max contiguous channels */ 3378 for (i = 0; i < 6; i++) { 3379 if (result.channels & BIT(i)) 3380 contiguous++; 3381 else 3382 contiguous = 0; 3383 3384 if (contiguous > max_contiguous) 3385 max_contiguous = contiguous; 3386 } 3387 3388 /* Assuming AP and STA supports ONLY contiguous channels, 3389 * bw configuration can have value between 4-7. 3390 */ 3391 if ((b.bw_config < a.bw_config)) 3392 result.bw_config = b.bw_config; 3393 else 3394 result.bw_config = a.bw_config; 3395 3396 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) || 3397 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) { 3398 wpa_printf(MSG_DEBUG, 3399 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2", 3400 max_contiguous); 3401 goto fail; 3402 } 3403 3404 return result; 3405 3406 fail: 3407 result.channels = 0; 3408 result.bw_config = 0; 3409 return result; 3410 } 3411 3412 3413 static struct ieee80211_edmg_config 3414 get_supported_edmg(struct wpa_supplicant *wpa_s, 3415 struct hostapd_freq_params *freq, 3416 struct ieee80211_edmg_config request_edmg) 3417 { 3418 enum hostapd_hw_mode hw_mode; 3419 struct hostapd_hw_modes *mode = NULL; 3420 u8 primary_channel; 3421 3422 if (!wpa_s->hw.modes) 3423 goto fail; 3424 3425 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel); 3426 if (hw_mode == NUM_HOSTAPD_MODES) 3427 goto fail; 3428 3429 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false); 3430 if (!mode) 3431 goto fail; 3432 3433 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel); 3434 3435 fail: 3436 request_edmg.channels = 0; 3437 request_edmg.bw_config = 0; 3438 return request_edmg; 3439 } 3440 3441 3442 #ifdef CONFIG_MBO 3443 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s) 3444 { 3445 struct wpa_driver_associate_params params; 3446 u8 *wpa_ie; 3447 3448 /* 3449 * Update MBO connect params only in case of change of MBO attributes 3450 * when connected, if the AP support MBO. 3451 */ 3452 3453 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid || 3454 !wpa_s->current_bss || 3455 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE)) 3456 return; 3457 3458 os_memset(¶ms, 0, sizeof(params)); 3459 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, 3460 wpa_s->current_ssid, ¶ms, NULL); 3461 if (!wpa_ie) 3462 return; 3463 3464 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES); 3465 os_free(wpa_ie); 3466 } 3467 #endif /* CONFIG_MBO */ 3468 3469 3470 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) 3471 { 3472 struct wpa_connect_work *cwork = work->ctx; 3473 struct wpa_bss *bss = cwork->bss; 3474 struct wpa_ssid *ssid = cwork->ssid; 3475 struct wpa_supplicant *wpa_s = work->wpa_s; 3476 u8 *wpa_ie; 3477 const u8 *edmg_ie_oper; 3478 int use_crypt, ret, bssid_changed; 3479 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt; 3480 struct wpa_driver_associate_params params; 3481 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL) 3482 int wep_keys_set = 0; 3483 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */ 3484 int assoc_failed = 0; 3485 struct wpa_ssid *old_ssid; 3486 u8 prev_bssid[ETH_ALEN]; 3487 #ifdef CONFIG_HT_OVERRIDES 3488 struct ieee80211_ht_capabilities htcaps; 3489 struct ieee80211_ht_capabilities htcaps_mask; 3490 #endif /* CONFIG_HT_OVERRIDES */ 3491 #ifdef CONFIG_VHT_OVERRIDES 3492 struct ieee80211_vht_capabilities vhtcaps; 3493 struct ieee80211_vht_capabilities vhtcaps_mask; 3494 #endif /* CONFIG_VHT_OVERRIDES */ 3495 3496 if (deinit) { 3497 if (work->started) { 3498 wpa_s->connect_work = NULL; 3499 3500 /* cancel possible auth. timeout */ 3501 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, 3502 NULL); 3503 } 3504 wpas_connect_work_free(cwork); 3505 return; 3506 } 3507 3508 wpa_s->connect_work = work; 3509 3510 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) || 3511 wpas_network_disabled(wpa_s, ssid)) { 3512 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt"); 3513 wpas_connect_work_done(wpa_s); 3514 return; 3515 } 3516 3517 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN); 3518 os_memset(¶ms, 0, sizeof(params)); 3519 wpa_s->reassociate = 0; 3520 wpa_s->eap_expected_failure = 0; 3521 3522 /* Starting new association, so clear the possibly used WPA IE from the 3523 * previous association. */ 3524 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 3525 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); 3526 wpa_s->rsnxe_len = 0; 3527 wpa_s->mscs_setup_done = false; 3528 3529 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL); 3530 if (!wpa_ie) { 3531 wpas_connect_work_done(wpa_s); 3532 return; 3533 } 3534 3535 if (bss && 3536 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) { 3537 #ifdef CONFIG_IEEE80211R 3538 const u8 *ie, *md = NULL; 3539 #endif /* CONFIG_IEEE80211R */ 3540 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR 3541 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), 3542 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); 3543 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 3544 os_memset(wpa_s->bssid, 0, ETH_ALEN); 3545 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 3546 if (bssid_changed) 3547 wpas_notify_bssid_changed(wpa_s); 3548 #ifdef CONFIG_IEEE80211R 3549 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 3550 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) 3551 md = ie + 2; 3552 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); 3553 if (md) { 3554 /* Prepare for the next transition */ 3555 wpa_ft_prepare_auth_request(wpa_s->wpa, ie); 3556 } 3557 #endif /* CONFIG_IEEE80211R */ 3558 #ifdef CONFIG_WPS 3559 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && 3560 wpa_s->conf->ap_scan == 2 && 3561 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 3562 /* Use ap_scan==1 style network selection to find the network 3563 */ 3564 wpas_connect_work_done(wpa_s); 3565 wpa_s->scan_req = MANUAL_SCAN_REQ; 3566 wpa_s->reassociate = 1; 3567 wpa_supplicant_req_scan(wpa_s, 0, 0); 3568 os_free(wpa_ie); 3569 return; 3570 #endif /* CONFIG_WPS */ 3571 } else { 3572 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", 3573 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 3574 if (bss) 3575 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 3576 else 3577 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 3578 } 3579 if (!wpa_s->pno) 3580 wpa_supplicant_cancel_sched_scan(wpa_s); 3581 3582 wpa_supplicant_cancel_scan(wpa_s); 3583 3584 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); 3585 use_crypt = 1; 3586 cipher_pairwise = wpa_s->pairwise_cipher; 3587 cipher_group = wpa_s->group_cipher; 3588 cipher_group_mgmt = wpa_s->mgmt_group_cipher; 3589 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 3590 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 3591 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) 3592 use_crypt = 0; 3593 #ifdef CONFIG_WEP 3594 if (wpa_set_wep_keys(wpa_s, ssid)) { 3595 use_crypt = 1; 3596 wep_keys_set = 1; 3597 } 3598 #endif /* CONFIG_WEP */ 3599 } 3600 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) 3601 use_crypt = 0; 3602 3603 #ifdef IEEE8021X_EAPOL 3604 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 3605 if ((ssid->eapol_flags & 3606 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 3607 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && 3608 !wep_keys_set) { 3609 use_crypt = 0; 3610 } else { 3611 /* Assume that dynamic WEP-104 keys will be used and 3612 * set cipher suites in order for drivers to expect 3613 * encryption. */ 3614 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104; 3615 } 3616 } 3617 #endif /* IEEE8021X_EAPOL */ 3618 3619 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 3620 /* Set the key before (and later after) association */ 3621 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 3622 } 3623 3624 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); 3625 if (bss) { 3626 params.ssid = bss->ssid; 3627 params.ssid_len = bss->ssid_len; 3628 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set || 3629 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 3630 wpa_printf(MSG_DEBUG, "Limit connection to BSSID " 3631 MACSTR " freq=%u MHz based on scan results " 3632 "(bssid_set=%d wps=%d)", 3633 MAC2STR(bss->bssid), bss->freq, 3634 ssid->bssid_set, 3635 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS); 3636 params.bssid = bss->bssid; 3637 params.freq.freq = bss->freq; 3638 } 3639 params.bssid_hint = bss->bssid; 3640 params.freq_hint = bss->freq; 3641 params.pbss = bss_is_pbss(bss); 3642 } else { 3643 if (ssid->bssid_hint_set) 3644 params.bssid_hint = ssid->bssid_hint; 3645 3646 params.ssid = ssid->ssid; 3647 params.ssid_len = ssid->ssid_len; 3648 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0; 3649 } 3650 3651 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && 3652 wpa_s->conf->ap_scan == 2) { 3653 params.bssid = ssid->bssid; 3654 params.fixed_bssid = 1; 3655 } 3656 3657 /* Initial frequency for IBSS/mesh */ 3658 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) && 3659 ssid->frequency > 0 && params.freq.freq == 0) 3660 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq); 3661 3662 if (ssid->mode == WPAS_MODE_IBSS) { 3663 params.fixed_freq = ssid->fixed_freq; 3664 if (ssid->beacon_int) 3665 params.beacon_int = ssid->beacon_int; 3666 else 3667 params.beacon_int = wpa_s->conf->beacon_int; 3668 } 3669 3670 if (bss && ssid->enable_edmg) 3671 edmg_ie_oper = wpa_bss_get_ie_ext(bss, 3672 WLAN_EID_EXT_EDMG_OPERATION); 3673 else 3674 edmg_ie_oper = NULL; 3675 3676 if (edmg_ie_oper) { 3677 params.freq.edmg.channels = 3678 wpa_ie_get_edmg_oper_chans(edmg_ie_oper); 3679 params.freq.edmg.bw_config = 3680 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper); 3681 wpa_printf(MSG_DEBUG, 3682 "AP supports EDMG channels 0x%x, bw_config %d", 3683 params.freq.edmg.channels, 3684 params.freq.edmg.bw_config); 3685 3686 /* User may ask for specific EDMG channel for EDMG connection 3687 * (must be supported by AP) 3688 */ 3689 if (ssid->edmg_channel) { 3690 struct ieee80211_edmg_config configured_edmg; 3691 enum hostapd_hw_mode hw_mode; 3692 u8 primary_channel; 3693 3694 hw_mode = ieee80211_freq_to_chan(bss->freq, 3695 &primary_channel); 3696 if (hw_mode == NUM_HOSTAPD_MODES) 3697 goto edmg_fail; 3698 3699 hostapd_encode_edmg_chan(ssid->enable_edmg, 3700 ssid->edmg_channel, 3701 primary_channel, 3702 &configured_edmg); 3703 3704 if (ieee802_edmg_is_allowed(params.freq.edmg, 3705 configured_edmg)) { 3706 params.freq.edmg = configured_edmg; 3707 wpa_printf(MSG_DEBUG, 3708 "Use EDMG channel %d for connection", 3709 ssid->edmg_channel); 3710 } else { 3711 edmg_fail: 3712 params.freq.edmg.channels = 0; 3713 params.freq.edmg.bw_config = 0; 3714 wpa_printf(MSG_WARNING, 3715 "EDMG channel %d not supported by AP, fallback to DMG", 3716 ssid->edmg_channel); 3717 } 3718 } 3719 3720 if (params.freq.edmg.channels) { 3721 wpa_printf(MSG_DEBUG, 3722 "EDMG before: channels 0x%x, bw_config %d", 3723 params.freq.edmg.channels, 3724 params.freq.edmg.bw_config); 3725 params.freq.edmg = get_supported_edmg(wpa_s, 3726 ¶ms.freq, 3727 params.freq.edmg); 3728 wpa_printf(MSG_DEBUG, 3729 "EDMG after: channels 0x%x, bw_config %d", 3730 params.freq.edmg.channels, 3731 params.freq.edmg.bw_config); 3732 } 3733 } 3734 3735 params.pairwise_suite = cipher_pairwise; 3736 params.group_suite = cipher_group; 3737 params.mgmt_group_suite = cipher_group_mgmt; 3738 params.key_mgmt_suite = wpa_s->key_mgmt; 3739 params.wpa_proto = wpa_s->wpa_proto; 3740 wpa_s->auth_alg = params.auth_alg; 3741 params.mode = ssid->mode; 3742 params.bg_scan_period = ssid->bg_scan_period; 3743 #ifdef CONFIG_WEP 3744 { 3745 int i; 3746 3747 for (i = 0; i < NUM_WEP_KEYS; i++) { 3748 if (ssid->wep_key_len[i]) 3749 params.wep_key[i] = ssid->wep_key[i]; 3750 params.wep_key_len[i] = ssid->wep_key_len[i]; 3751 } 3752 params.wep_tx_keyidx = ssid->wep_tx_keyidx; 3753 } 3754 #endif /* CONFIG_WEP */ 3755 3756 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && 3757 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK || 3758 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) { 3759 params.passphrase = ssid->passphrase; 3760 if (ssid->psk_set) 3761 params.psk = ssid->psk; 3762 } 3763 3764 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && 3765 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 3766 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 3767 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 3768 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)) 3769 params.req_handshake_offload = 1; 3770 3771 if (wpa_s->conf->key_mgmt_offload) { 3772 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 3773 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 3774 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 3775 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) 3776 params.req_key_mgmt_offload = 3777 ssid->proactive_key_caching < 0 ? 3778 wpa_s->conf->okc : ssid->proactive_key_caching; 3779 else 3780 params.req_key_mgmt_offload = 1; 3781 3782 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK || 3783 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 || 3784 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) && 3785 ssid->psk_set) 3786 params.psk = ssid->psk; 3787 } 3788 3789 params.drop_unencrypted = use_crypt; 3790 3791 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid); 3792 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { 3793 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 3794 struct wpa_ie_data ie; 3795 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && 3796 ie.capabilities & 3797 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { 3798 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " 3799 "MFP: require MFP"); 3800 params.mgmt_frame_protection = 3801 MGMT_FRAME_PROTECTION_REQUIRED; 3802 #ifdef CONFIG_OWE 3803 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) && 3804 !ssid->owe_only) { 3805 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION; 3806 #endif /* CONFIG_OWE */ 3807 } 3808 } 3809 3810 params.p2p = ssid->p2p_group; 3811 3812 if (wpa_s->p2pdev->set_sta_uapsd) 3813 params.uapsd = wpa_s->p2pdev->sta_uapsd; 3814 else 3815 params.uapsd = -1; 3816 3817 #ifdef CONFIG_HT_OVERRIDES 3818 os_memset(&htcaps, 0, sizeof(htcaps)); 3819 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); 3820 params.htcaps = (u8 *) &htcaps; 3821 params.htcaps_mask = (u8 *) &htcaps_mask; 3822 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); 3823 #endif /* CONFIG_HT_OVERRIDES */ 3824 #ifdef CONFIG_VHT_OVERRIDES 3825 os_memset(&vhtcaps, 0, sizeof(vhtcaps)); 3826 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask)); 3827 params.vhtcaps = &vhtcaps; 3828 params.vhtcaps_mask = &vhtcaps_mask; 3829 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms); 3830 #endif /* CONFIG_VHT_OVERRIDES */ 3831 #ifdef CONFIG_HE_OVERRIDES 3832 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms); 3833 #endif /* CONFIG_HE_OVERRIDES */ 3834 3835 #ifdef CONFIG_P2P 3836 /* 3837 * If multi-channel concurrency is not supported, check for any 3838 * frequency conflict. In case of any frequency conflict, remove the 3839 * least prioritized connection. 3840 */ 3841 if (wpa_s->num_multichan_concurrent < 2) { 3842 int freq, num; 3843 num = get_shared_radio_freqs(wpa_s, &freq, 1); 3844 if (num > 0 && freq > 0 && freq != params.freq.freq) { 3845 wpa_printf(MSG_DEBUG, 3846 "Assoc conflicting freq found (%d != %d)", 3847 freq, params.freq.freq); 3848 if (wpas_p2p_handle_frequency_conflicts( 3849 wpa_s, params.freq.freq, ssid) < 0) { 3850 wpas_connect_work_done(wpa_s); 3851 os_free(wpa_ie); 3852 return; 3853 } 3854 } 3855 } 3856 #endif /* CONFIG_P2P */ 3857 3858 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) && 3859 wpa_s->current_ssid) 3860 params.prev_bssid = prev_bssid; 3861 3862 #ifdef CONFIG_SAE 3863 params.sae_pwe = wpa_s->conf->sae_pwe; 3864 #endif /* CONFIG_SAE */ 3865 3866 ret = wpa_drv_associate(wpa_s, ¶ms); 3867 os_free(wpa_ie); 3868 if (ret < 0) { 3869 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " 3870 "failed"); 3871 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) { 3872 /* 3873 * The driver is known to mean what is saying, so we 3874 * can stop right here; the association will not 3875 * succeed. 3876 */ 3877 wpas_connection_failed(wpa_s, wpa_s->pending_bssid); 3878 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 3879 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 3880 return; 3881 } 3882 /* try to continue anyway; new association will be tried again 3883 * after timeout */ 3884 assoc_failed = 1; 3885 } 3886 3887 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 3888 /* Set the key after the association just in case association 3889 * cleared the previously configured key. */ 3890 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 3891 /* No need to timeout authentication since there is no key 3892 * management. */ 3893 wpa_supplicant_cancel_auth_timeout(wpa_s); 3894 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 3895 #ifdef CONFIG_IBSS_RSN 3896 } else if (ssid->mode == WPAS_MODE_IBSS && 3897 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 3898 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 3899 /* 3900 * RSN IBSS authentication is per-STA and we can disable the 3901 * per-BSSID authentication. 3902 */ 3903 wpa_supplicant_cancel_auth_timeout(wpa_s); 3904 #endif /* CONFIG_IBSS_RSN */ 3905 } else { 3906 /* Timeout for IEEE 802.11 authentication and association */ 3907 int timeout = 60; 3908 3909 if (assoc_failed) { 3910 /* give IBSS a bit more time */ 3911 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; 3912 } else if (wpa_s->conf->ap_scan == 1) { 3913 /* give IBSS a bit more time */ 3914 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; 3915 } 3916 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 3917 } 3918 3919 #ifdef CONFIG_WEP 3920 if (wep_keys_set && 3921 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) { 3922 /* Set static WEP keys again */ 3923 wpa_set_wep_keys(wpa_s, ssid); 3924 } 3925 #endif /* CONFIG_WEP */ 3926 3927 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { 3928 /* 3929 * Do not allow EAP session resumption between different 3930 * network configurations. 3931 */ 3932 eapol_sm_invalidate_cached_session(wpa_s->eapol); 3933 } 3934 old_ssid = wpa_s->current_ssid; 3935 wpa_s->current_ssid = ssid; 3936 3937 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { 3938 wpa_s->current_bss = bss; 3939 #ifdef CONFIG_HS20 3940 hs20_configure_frame_filters(wpa_s); 3941 #endif /* CONFIG_HS20 */ 3942 } 3943 3944 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 3945 wpa_supplicant_initiate_eapol(wpa_s); 3946 if (old_ssid != wpa_s->current_ssid) 3947 wpas_notify_network_changed(wpa_s); 3948 } 3949 3950 3951 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, 3952 const u8 *addr) 3953 { 3954 struct wpa_ssid *old_ssid; 3955 3956 wpas_connect_work_done(wpa_s); 3957 wpa_clear_keys(wpa_s, addr); 3958 old_ssid = wpa_s->current_ssid; 3959 wpa_supplicant_mark_disassoc(wpa_s); 3960 wpa_sm_set_config(wpa_s->wpa, NULL); 3961 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 3962 if (old_ssid != wpa_s->current_ssid) 3963 wpas_notify_network_changed(wpa_s); 3964 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 3965 } 3966 3967 3968 /** 3969 * wpa_supplicant_deauthenticate - Deauthenticate the current connection 3970 * @wpa_s: Pointer to wpa_supplicant data 3971 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame 3972 * 3973 * This function is used to request %wpa_supplicant to deauthenticate from the 3974 * current AP. 3975 */ 3976 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, 3977 u16 reason_code) 3978 { 3979 u8 *addr = NULL; 3980 union wpa_event_data event; 3981 int zero_addr = 0; 3982 3983 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR 3984 " pending_bssid=" MACSTR " reason=%d (%s) state=%s", 3985 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), 3986 reason_code, reason2str(reason_code), 3987 wpa_supplicant_state_txt(wpa_s->wpa_state)); 3988 3989 if (!is_zero_ether_addr(wpa_s->pending_bssid) && 3990 (wpa_s->wpa_state == WPA_AUTHENTICATING || 3991 wpa_s->wpa_state == WPA_ASSOCIATING)) 3992 addr = wpa_s->pending_bssid; 3993 else if (!is_zero_ether_addr(wpa_s->bssid)) 3994 addr = wpa_s->bssid; 3995 else if (wpa_s->wpa_state == WPA_ASSOCIATING) { 3996 /* 3997 * When using driver-based BSS selection, we may not know the 3998 * BSSID with which we are currently trying to associate. We 3999 * need to notify the driver of this disconnection even in such 4000 * a case, so use the all zeros address here. 4001 */ 4002 addr = wpa_s->bssid; 4003 zero_addr = 1; 4004 } 4005 4006 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0) 4007 wpa_s->enabled_4addr_mode = 0; 4008 4009 #ifdef CONFIG_TDLS 4010 wpa_tdls_teardown_peers(wpa_s->wpa); 4011 #endif /* CONFIG_TDLS */ 4012 4013 #ifdef CONFIG_MESH 4014 if (wpa_s->ifmsh) { 4015 struct mesh_conf *mconf; 4016 4017 mconf = wpa_s->ifmsh->mconf; 4018 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s", 4019 wpa_s->ifname); 4020 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid, 4021 mconf->meshid_len, reason_code); 4022 wpa_supplicant_leave_mesh(wpa_s, true); 4023 } 4024 #endif /* CONFIG_MESH */ 4025 4026 if (addr) { 4027 wpa_drv_deauthenticate(wpa_s, addr, reason_code); 4028 os_memset(&event, 0, sizeof(event)); 4029 event.deauth_info.reason_code = reason_code; 4030 event.deauth_info.locally_generated = 1; 4031 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event); 4032 if (zero_addr) 4033 addr = NULL; 4034 } 4035 4036 wpa_supplicant_clear_connection(wpa_s, addr); 4037 } 4038 4039 4040 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s) 4041 { 4042 wpa_s->own_reconnect_req = 1; 4043 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED); 4044 4045 } 4046 4047 4048 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s, 4049 struct wpa_ssid *ssid) 4050 { 4051 if (!ssid || !ssid->disabled || ssid->disabled == 2) 4052 return; 4053 4054 ssid->disabled = 0; 4055 ssid->owe_transition_bss_select_count = 0; 4056 wpas_clear_temp_disabled(wpa_s, ssid, 1); 4057 wpas_notify_network_enabled_changed(wpa_s, ssid); 4058 4059 /* 4060 * Try to reassociate since there is no current configuration and a new 4061 * network was made available. 4062 */ 4063 if (!wpa_s->current_ssid && !wpa_s->disconnected) 4064 wpa_s->reassociate = 1; 4065 } 4066 4067 4068 /** 4069 * wpa_supplicant_add_network - Add a new network 4070 * @wpa_s: wpa_supplicant structure for a network interface 4071 * Returns: The new network configuration or %NULL if operation failed 4072 * 4073 * This function performs the following operations: 4074 * 1. Adds a new network. 4075 * 2. Send network addition notification. 4076 * 3. Marks the network disabled. 4077 * 4. Set network default parameters. 4078 */ 4079 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s) 4080 { 4081 struct wpa_ssid *ssid; 4082 4083 ssid = wpa_config_add_network(wpa_s->conf); 4084 if (!ssid) 4085 return NULL; 4086 wpas_notify_network_added(wpa_s, ssid); 4087 ssid->disabled = 1; 4088 wpa_config_set_network_defaults(ssid); 4089 4090 return ssid; 4091 } 4092 4093 4094 /** 4095 * wpa_supplicant_remove_network - Remove a configured network based on id 4096 * @wpa_s: wpa_supplicant structure for a network interface 4097 * @id: Unique network id to search for 4098 * Returns: 0 on success, or -1 if the network was not found, -2 if the network 4099 * could not be removed 4100 * 4101 * This function performs the following operations: 4102 * 1. Removes the network. 4103 * 2. Send network removal notification. 4104 * 3. Update internal state machines. 4105 * 4. Stop any running sched scans. 4106 */ 4107 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id) 4108 { 4109 struct wpa_ssid *ssid; 4110 int was_disabled; 4111 4112 ssid = wpa_config_get_network(wpa_s->conf, id); 4113 if (!ssid) 4114 return -1; 4115 wpas_notify_network_removed(wpa_s, ssid); 4116 4117 if (wpa_s->last_ssid == ssid) 4118 wpa_s->last_ssid = NULL; 4119 4120 if (ssid == wpa_s->current_ssid || !wpa_s->current_ssid) { 4121 #ifdef CONFIG_SME 4122 wpa_s->sme.prev_bssid_set = 0; 4123 #endif /* CONFIG_SME */ 4124 /* 4125 * Invalidate the EAP session cache if the current or 4126 * previously used network is removed. 4127 */ 4128 eapol_sm_invalidate_cached_session(wpa_s->eapol); 4129 } 4130 4131 if (ssid == wpa_s->current_ssid) { 4132 wpa_sm_set_config(wpa_s->wpa, NULL); 4133 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 4134 4135 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 4136 wpa_s->own_disconnect_req = 1; 4137 wpa_supplicant_deauthenticate(wpa_s, 4138 WLAN_REASON_DEAUTH_LEAVING); 4139 } 4140 4141 was_disabled = ssid->disabled; 4142 4143 if (wpa_config_remove_network(wpa_s->conf, id) < 0) 4144 return -2; 4145 4146 if (!was_disabled && wpa_s->sched_scanning) { 4147 wpa_printf(MSG_DEBUG, 4148 "Stop ongoing sched_scan to remove network from filters"); 4149 wpa_supplicant_cancel_sched_scan(wpa_s); 4150 wpa_supplicant_req_scan(wpa_s, 0, 0); 4151 } 4152 4153 return 0; 4154 } 4155 4156 4157 /** 4158 * wpa_supplicant_remove_all_networks - Remove all configured networks 4159 * @wpa_s: wpa_supplicant structure for a network interface 4160 * Returns: 0 on success (errors are currently ignored) 4161 * 4162 * This function performs the following operations: 4163 * 1. Remove all networks. 4164 * 2. Send network removal notifications. 4165 * 3. Update internal state machines. 4166 * 4. Stop any running sched scans. 4167 */ 4168 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s) 4169 { 4170 struct wpa_ssid *ssid; 4171 4172 if (wpa_s->sched_scanning) 4173 wpa_supplicant_cancel_sched_scan(wpa_s); 4174 4175 eapol_sm_invalidate_cached_session(wpa_s->eapol); 4176 if (wpa_s->current_ssid) { 4177 #ifdef CONFIG_SME 4178 wpa_s->sme.prev_bssid_set = 0; 4179 #endif /* CONFIG_SME */ 4180 wpa_sm_set_config(wpa_s->wpa, NULL); 4181 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 4182 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 4183 wpa_s->own_disconnect_req = 1; 4184 wpa_supplicant_deauthenticate( 4185 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 4186 } 4187 ssid = wpa_s->conf->ssid; 4188 while (ssid) { 4189 struct wpa_ssid *remove_ssid = ssid; 4190 int id; 4191 4192 id = ssid->id; 4193 ssid = ssid->next; 4194 if (wpa_s->last_ssid == remove_ssid) 4195 wpa_s->last_ssid = NULL; 4196 wpas_notify_network_removed(wpa_s, remove_ssid); 4197 wpa_config_remove_network(wpa_s->conf, id); 4198 } 4199 return 0; 4200 } 4201 4202 4203 /** 4204 * wpa_supplicant_enable_network - Mark a configured network as enabled 4205 * @wpa_s: wpa_supplicant structure for a network interface 4206 * @ssid: wpa_ssid structure for a configured network or %NULL 4207 * 4208 * Enables the specified network or all networks if no network specified. 4209 */ 4210 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, 4211 struct wpa_ssid *ssid) 4212 { 4213 if (ssid == NULL) { 4214 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 4215 wpa_supplicant_enable_one_network(wpa_s, ssid); 4216 } else 4217 wpa_supplicant_enable_one_network(wpa_s, ssid); 4218 4219 if (wpa_s->reassociate && !wpa_s->disconnected && 4220 (!wpa_s->current_ssid || 4221 wpa_s->wpa_state == WPA_DISCONNECTED || 4222 wpa_s->wpa_state == WPA_SCANNING)) { 4223 if (wpa_s->sched_scanning) { 4224 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add " 4225 "new network to scan filters"); 4226 wpa_supplicant_cancel_sched_scan(wpa_s); 4227 } 4228 4229 if (wpa_supplicant_fast_associate(wpa_s) != 1) { 4230 wpa_s->scan_req = NORMAL_SCAN_REQ; 4231 wpa_supplicant_req_scan(wpa_s, 0, 0); 4232 } 4233 } 4234 } 4235 4236 4237 /** 4238 * wpa_supplicant_disable_network - Mark a configured network as disabled 4239 * @wpa_s: wpa_supplicant structure for a network interface 4240 * @ssid: wpa_ssid structure for a configured network or %NULL 4241 * 4242 * Disables the specified network or all networks if no network specified. 4243 */ 4244 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, 4245 struct wpa_ssid *ssid) 4246 { 4247 struct wpa_ssid *other_ssid; 4248 int was_disabled; 4249 4250 if (ssid == NULL) { 4251 if (wpa_s->sched_scanning) 4252 wpa_supplicant_cancel_sched_scan(wpa_s); 4253 4254 for (other_ssid = wpa_s->conf->ssid; other_ssid; 4255 other_ssid = other_ssid->next) { 4256 was_disabled = other_ssid->disabled; 4257 if (was_disabled == 2) 4258 continue; /* do not change persistent P2P group 4259 * data */ 4260 4261 other_ssid->disabled = 1; 4262 4263 if (was_disabled != other_ssid->disabled) 4264 wpas_notify_network_enabled_changed( 4265 wpa_s, other_ssid); 4266 } 4267 if (wpa_s->current_ssid) { 4268 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 4269 wpa_s->own_disconnect_req = 1; 4270 wpa_supplicant_deauthenticate( 4271 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 4272 } 4273 } else if (ssid->disabled != 2) { 4274 if (ssid == wpa_s->current_ssid) { 4275 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 4276 wpa_s->own_disconnect_req = 1; 4277 wpa_supplicant_deauthenticate( 4278 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 4279 } 4280 4281 was_disabled = ssid->disabled; 4282 4283 ssid->disabled = 1; 4284 4285 if (was_disabled != ssid->disabled) { 4286 wpas_notify_network_enabled_changed(wpa_s, ssid); 4287 if (wpa_s->sched_scanning) { 4288 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan " 4289 "to remove network from filters"); 4290 wpa_supplicant_cancel_sched_scan(wpa_s); 4291 wpa_supplicant_req_scan(wpa_s, 0, 0); 4292 } 4293 } 4294 } 4295 } 4296 4297 4298 /** 4299 * wpa_supplicant_select_network - Attempt association with a network 4300 * @wpa_s: wpa_supplicant structure for a network interface 4301 * @ssid: wpa_ssid structure for a configured network or %NULL for any network 4302 */ 4303 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, 4304 struct wpa_ssid *ssid) 4305 { 4306 4307 struct wpa_ssid *other_ssid; 4308 int disconnected = 0; 4309 4310 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { 4311 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 4312 wpa_s->own_disconnect_req = 1; 4313 wpa_supplicant_deauthenticate( 4314 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 4315 disconnected = 1; 4316 } 4317 4318 if (ssid) 4319 wpas_clear_temp_disabled(wpa_s, ssid, 1); 4320 4321 /* 4322 * Mark all other networks disabled or mark all networks enabled if no 4323 * network specified. 4324 */ 4325 for (other_ssid = wpa_s->conf->ssid; other_ssid; 4326 other_ssid = other_ssid->next) { 4327 int was_disabled = other_ssid->disabled; 4328 if (was_disabled == 2) 4329 continue; /* do not change persistent P2P group data */ 4330 4331 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; 4332 if (was_disabled && !other_ssid->disabled) 4333 wpas_clear_temp_disabled(wpa_s, other_ssid, 0); 4334 4335 if (was_disabled != other_ssid->disabled) 4336 wpas_notify_network_enabled_changed(wpa_s, other_ssid); 4337 } 4338 4339 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid && 4340 wpa_s->wpa_state >= WPA_AUTHENTICATING) { 4341 /* We are already associated with the selected network */ 4342 wpa_printf(MSG_DEBUG, "Already associated with the " 4343 "selected network - do nothing"); 4344 return; 4345 } 4346 4347 if (ssid) { 4348 wpa_s->current_ssid = ssid; 4349 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 4350 wpa_s->connect_without_scan = 4351 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL; 4352 4353 /* 4354 * Don't optimize next scan freqs since a new ESS has been 4355 * selected. 4356 */ 4357 os_free(wpa_s->next_scan_freqs); 4358 wpa_s->next_scan_freqs = NULL; 4359 } else { 4360 wpa_s->connect_without_scan = NULL; 4361 } 4362 4363 wpa_s->disconnected = 0; 4364 wpa_s->reassociate = 1; 4365 wpa_s_clear_sae_rejected(wpa_s); 4366 wpa_s->last_owe_group = 0; 4367 if (ssid) { 4368 ssid->owe_transition_bss_select_count = 0; 4369 wpa_s_setup_sae_pt(wpa_s->conf, ssid); 4370 } 4371 4372 if (wpa_s->connect_without_scan || 4373 wpa_supplicant_fast_associate(wpa_s) != 1) { 4374 wpa_s->scan_req = NORMAL_SCAN_REQ; 4375 wpas_scan_reset_sched_scan(wpa_s); 4376 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); 4377 } 4378 4379 if (ssid) 4380 wpas_notify_network_selected(wpa_s, ssid); 4381 } 4382 4383 4384 /** 4385 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path 4386 * @wpa_s: wpa_supplicant structure for a network interface 4387 * @pkcs11_engine_path: PKCS #11 engine path or NULL 4388 * @pkcs11_module_path: PKCS #11 module path or NULL 4389 * Returns: 0 on success; -1 on failure 4390 * 4391 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid 4392 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and 4393 * module path fails the paths will be reset to the default value (NULL). 4394 */ 4395 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s, 4396 const char *pkcs11_engine_path, 4397 const char *pkcs11_module_path) 4398 { 4399 char *pkcs11_engine_path_copy = NULL; 4400 char *pkcs11_module_path_copy = NULL; 4401 4402 if (pkcs11_engine_path != NULL) { 4403 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path); 4404 if (pkcs11_engine_path_copy == NULL) 4405 return -1; 4406 } 4407 if (pkcs11_module_path != NULL) { 4408 pkcs11_module_path_copy = os_strdup(pkcs11_module_path); 4409 if (pkcs11_module_path_copy == NULL) { 4410 os_free(pkcs11_engine_path_copy); 4411 return -1; 4412 } 4413 } 4414 4415 os_free(wpa_s->conf->pkcs11_engine_path); 4416 os_free(wpa_s->conf->pkcs11_module_path); 4417 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy; 4418 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy; 4419 4420 wpa_sm_set_eapol(wpa_s->wpa, NULL); 4421 eapol_sm_deinit(wpa_s->eapol); 4422 wpa_s->eapol = NULL; 4423 if (wpa_supplicant_init_eapol(wpa_s)) { 4424 /* Error -> Reset paths to the default value (NULL) once. */ 4425 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL) 4426 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL, 4427 NULL); 4428 4429 return -1; 4430 } 4431 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 4432 4433 return 0; 4434 } 4435 4436 4437 /** 4438 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface 4439 * @wpa_s: wpa_supplicant structure for a network interface 4440 * @ap_scan: AP scan mode 4441 * Returns: 0 if succeed or -1 if ap_scan has an invalid value 4442 * 4443 */ 4444 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) 4445 { 4446 4447 int old_ap_scan; 4448 4449 if (ap_scan < 0 || ap_scan > 2) 4450 return -1; 4451 4452 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) { 4453 wpa_printf(MSG_INFO, 4454 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); 4455 } 4456 4457 #ifdef ANDROID 4458 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && 4459 wpa_s->wpa_state >= WPA_ASSOCIATING && 4460 wpa_s->wpa_state < WPA_COMPLETED) { 4461 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " 4462 "associating", wpa_s->conf->ap_scan, ap_scan); 4463 return 0; 4464 } 4465 #endif /* ANDROID */ 4466 4467 old_ap_scan = wpa_s->conf->ap_scan; 4468 wpa_s->conf->ap_scan = ap_scan; 4469 4470 if (old_ap_scan != wpa_s->conf->ap_scan) 4471 wpas_notify_ap_scan_changed(wpa_s); 4472 4473 return 0; 4474 } 4475 4476 4477 /** 4478 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age 4479 * @wpa_s: wpa_supplicant structure for a network interface 4480 * @expire_age: Expiration age in seconds 4481 * Returns: 0 if succeed or -1 if expire_age has an invalid value 4482 * 4483 */ 4484 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, 4485 unsigned int bss_expire_age) 4486 { 4487 if (bss_expire_age < 10) { 4488 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", 4489 bss_expire_age); 4490 return -1; 4491 } 4492 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", 4493 bss_expire_age); 4494 wpa_s->conf->bss_expiration_age = bss_expire_age; 4495 4496 return 0; 4497 } 4498 4499 4500 /** 4501 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count 4502 * @wpa_s: wpa_supplicant structure for a network interface 4503 * @expire_count: number of scans after which an unseen BSS is reclaimed 4504 * Returns: 0 if succeed or -1 if expire_count has an invalid value 4505 * 4506 */ 4507 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, 4508 unsigned int bss_expire_count) 4509 { 4510 if (bss_expire_count < 1) { 4511 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", 4512 bss_expire_count); 4513 return -1; 4514 } 4515 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", 4516 bss_expire_count); 4517 wpa_s->conf->bss_expiration_scan_count = bss_expire_count; 4518 4519 return 0; 4520 } 4521 4522 4523 /** 4524 * wpa_supplicant_set_scan_interval - Set scan interval 4525 * @wpa_s: wpa_supplicant structure for a network interface 4526 * @scan_interval: scan interval in seconds 4527 * Returns: 0 if succeed or -1 if scan_interval has an invalid value 4528 * 4529 */ 4530 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s, 4531 int scan_interval) 4532 { 4533 if (scan_interval < 0) { 4534 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d", 4535 scan_interval); 4536 return -1; 4537 } 4538 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec", 4539 scan_interval); 4540 wpa_supplicant_update_scan_int(wpa_s, scan_interval); 4541 4542 return 0; 4543 } 4544 4545 4546 /** 4547 * wpa_supplicant_set_debug_params - Set global debug params 4548 * @global: wpa_global structure 4549 * @debug_level: debug level 4550 * @debug_timestamp: determines if show timestamp in debug data 4551 * @debug_show_keys: determines if show keys in debug data 4552 * Returns: 0 if succeed or -1 if debug_level has wrong value 4553 */ 4554 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, 4555 int debug_timestamp, int debug_show_keys) 4556 { 4557 4558 int old_level, old_timestamp, old_show_keys; 4559 4560 /* check for allowed debuglevels */ 4561 if (debug_level != MSG_EXCESSIVE && 4562 debug_level != MSG_MSGDUMP && 4563 debug_level != MSG_DEBUG && 4564 debug_level != MSG_INFO && 4565 debug_level != MSG_WARNING && 4566 debug_level != MSG_ERROR) 4567 return -1; 4568 4569 old_level = wpa_debug_level; 4570 old_timestamp = wpa_debug_timestamp; 4571 old_show_keys = wpa_debug_show_keys; 4572 4573 wpa_debug_level = debug_level; 4574 wpa_debug_timestamp = debug_timestamp ? 1 : 0; 4575 wpa_debug_show_keys = debug_show_keys ? 1 : 0; 4576 4577 if (wpa_debug_level != old_level) 4578 wpas_notify_debug_level_changed(global); 4579 if (wpa_debug_timestamp != old_timestamp) 4580 wpas_notify_debug_timestamp_changed(global); 4581 if (wpa_debug_show_keys != old_show_keys) 4582 wpas_notify_debug_show_keys_changed(global); 4583 4584 return 0; 4585 } 4586 4587 4588 #ifdef CONFIG_OWE 4589 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid, 4590 const u8 *entry_ssid, size_t entry_ssid_len) 4591 { 4592 const u8 *owe, *pos, *end; 4593 u8 ssid_len; 4594 struct wpa_bss *bss; 4595 4596 /* Check network profile SSID aganst the SSID in the 4597 * OWE Transition Mode element. */ 4598 4599 bss = wpa_bss_get_bssid_latest(wpa_s, bssid); 4600 if (!bss) 4601 return 0; 4602 4603 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); 4604 if (!owe) 4605 return 0; 4606 4607 pos = owe + 6; 4608 end = owe + 2 + owe[1]; 4609 4610 if (end - pos < ETH_ALEN + 1) 4611 return 0; 4612 pos += ETH_ALEN; 4613 ssid_len = *pos++; 4614 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN) 4615 return 0; 4616 4617 return entry_ssid_len == ssid_len && 4618 os_memcmp(pos, entry_ssid, ssid_len) == 0; 4619 } 4620 #endif /* CONFIG_OWE */ 4621 4622 4623 /** 4624 * wpa_supplicant_get_ssid - Get a pointer to the current network structure 4625 * @wpa_s: Pointer to wpa_supplicant data 4626 * Returns: A pointer to the current network structure or %NULL on failure 4627 */ 4628 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) 4629 { 4630 struct wpa_ssid *entry; 4631 u8 ssid[SSID_MAX_LEN]; 4632 int res; 4633 size_t ssid_len; 4634 u8 bssid[ETH_ALEN]; 4635 int wired; 4636 4637 res = wpa_drv_get_ssid(wpa_s, ssid); 4638 if (res < 0) { 4639 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " 4640 "driver"); 4641 return NULL; 4642 } 4643 ssid_len = res; 4644 4645 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { 4646 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " 4647 "driver"); 4648 return NULL; 4649 } 4650 4651 wired = wpa_s->conf->ap_scan == 0 && 4652 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); 4653 4654 entry = wpa_s->conf->ssid; 4655 while (entry) { 4656 if (!wpas_network_disabled(wpa_s, entry) && 4657 ((ssid_len == entry->ssid_len && 4658 (!entry->ssid || 4659 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) || 4660 wired) && 4661 (!entry->bssid_set || 4662 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 4663 return entry; 4664 #ifdef CONFIG_WPS 4665 if (!wpas_network_disabled(wpa_s, entry) && 4666 (entry->key_mgmt & WPA_KEY_MGMT_WPS) && 4667 (entry->ssid == NULL || entry->ssid_len == 0) && 4668 (!entry->bssid_set || 4669 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 4670 return entry; 4671 #endif /* CONFIG_WPS */ 4672 4673 #ifdef CONFIG_OWE 4674 if (!wpas_network_disabled(wpa_s, entry) && 4675 owe_trans_ssid_match(wpa_s, bssid, entry->ssid, 4676 entry->ssid_len) && 4677 (!entry->bssid_set || 4678 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) 4679 return entry; 4680 #endif /* CONFIG_OWE */ 4681 4682 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && 4683 entry->ssid_len == 0 && 4684 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0) 4685 return entry; 4686 4687 entry = entry->next; 4688 } 4689 4690 return NULL; 4691 } 4692 4693 4694 static int select_driver(struct wpa_supplicant *wpa_s, int i) 4695 { 4696 struct wpa_global *global = wpa_s->global; 4697 4698 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { 4699 global->drv_priv[i] = wpa_drivers[i]->global_init(global); 4700 if (global->drv_priv[i] == NULL) { 4701 wpa_printf(MSG_ERROR, "Failed to initialize driver " 4702 "'%s'", wpa_drivers[i]->name); 4703 return -1; 4704 } 4705 } 4706 4707 wpa_s->driver = wpa_drivers[i]; 4708 wpa_s->global_drv_priv = global->drv_priv[i]; 4709 4710 return 0; 4711 } 4712 4713 4714 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, 4715 const char *name) 4716 { 4717 int i; 4718 size_t len; 4719 const char *pos, *driver = name; 4720 4721 if (wpa_s == NULL) 4722 return -1; 4723 4724 if (wpa_drivers[0] == NULL) { 4725 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " 4726 "wpa_supplicant"); 4727 return -1; 4728 } 4729 4730 if (name == NULL) { 4731 /* default to first driver in the list */ 4732 return select_driver(wpa_s, 0); 4733 } 4734 4735 do { 4736 pos = os_strchr(driver, ','); 4737 if (pos) 4738 len = pos - driver; 4739 else 4740 len = os_strlen(driver); 4741 4742 for (i = 0; wpa_drivers[i]; i++) { 4743 if (os_strlen(wpa_drivers[i]->name) == len && 4744 os_strncmp(driver, wpa_drivers[i]->name, len) == 4745 0) { 4746 /* First driver that succeeds wins */ 4747 if (select_driver(wpa_s, i) == 0) 4748 return 0; 4749 } 4750 } 4751 4752 driver = pos + 1; 4753 } while (pos); 4754 4755 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); 4756 return -1; 4757 } 4758 4759 4760 /** 4761 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant 4762 * @ctx: Context pointer (wpa_s); this is the ctx variable registered 4763 * with struct wpa_driver_ops::init() 4764 * @src_addr: Source address of the EAPOL frame 4765 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) 4766 * @len: Length of the EAPOL data 4767 * 4768 * This function is called for each received EAPOL frame. Most driver 4769 * interfaces rely on more generic OS mechanism for receiving frames through 4770 * l2_packet, but if such a mechanism is not available, the driver wrapper may 4771 * take care of received EAPOL frames and deliver them to the core supplicant 4772 * code by calling this function. 4773 */ 4774 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, 4775 const u8 *buf, size_t len) 4776 { 4777 struct wpa_supplicant *wpa_s = ctx; 4778 4779 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); 4780 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); 4781 4782 if (wpa_s->own_disconnect_req) { 4783 wpa_printf(MSG_DEBUG, 4784 "Drop received EAPOL frame as we are disconnecting"); 4785 return; 4786 } 4787 4788 #ifdef CONFIG_TESTING_OPTIONS 4789 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu", 4790 MAC2STR(src_addr), len); 4791 if (wpa_s->ignore_auth_resp) { 4792 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!"); 4793 return; 4794 } 4795 #endif /* CONFIG_TESTING_OPTIONS */ 4796 4797 if (wpa_s->wpa_state < WPA_ASSOCIATED || 4798 (wpa_s->last_eapol_matches_bssid && 4799 #ifdef CONFIG_AP 4800 !wpa_s->ap_iface && 4801 #endif /* CONFIG_AP */ 4802 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) { 4803 /* 4804 * There is possible race condition between receiving the 4805 * association event and the EAPOL frame since they are coming 4806 * through different paths from the driver. In order to avoid 4807 * issues in trying to process the EAPOL frame before receiving 4808 * association information, lets queue it for processing until 4809 * the association event is received. This may also be needed in 4810 * driver-based roaming case, so also use src_addr != BSSID as a 4811 * trigger if we have previously confirmed that the 4812 * Authenticator uses BSSID as the src_addr (which is not the 4813 * case with wired IEEE 802.1X). 4814 */ 4815 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing " 4816 "of received EAPOL frame (state=%s bssid=" MACSTR ")", 4817 wpa_supplicant_state_txt(wpa_s->wpa_state), 4818 MAC2STR(wpa_s->bssid)); 4819 wpabuf_free(wpa_s->pending_eapol_rx); 4820 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); 4821 if (wpa_s->pending_eapol_rx) { 4822 os_get_reltime(&wpa_s->pending_eapol_rx_time); 4823 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, 4824 ETH_ALEN); 4825 } 4826 return; 4827 } 4828 4829 wpa_s->last_eapol_matches_bssid = 4830 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0; 4831 4832 #ifdef CONFIG_AP 4833 if (wpa_s->ap_iface) { 4834 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len); 4835 return; 4836 } 4837 #endif /* CONFIG_AP */ 4838 4839 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { 4840 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " 4841 "no key management is configured"); 4842 return; 4843 } 4844 4845 if (wpa_s->eapol_received == 0 && 4846 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) || 4847 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 4848 wpa_s->wpa_state != WPA_COMPLETED) && 4849 (wpa_s->current_ssid == NULL || 4850 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) { 4851 /* Timeout for completing IEEE 802.1X and WPA authentication */ 4852 int timeout = 10; 4853 4854 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || 4855 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || 4856 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 4857 /* Use longer timeout for IEEE 802.1X/EAP */ 4858 timeout = 70; 4859 } 4860 4861 #ifdef CONFIG_WPS 4862 if (wpa_s->current_ssid && wpa_s->current_bss && 4863 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) && 4864 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) { 4865 /* 4866 * Use shorter timeout if going through WPS AP iteration 4867 * for PIN config method with an AP that does not 4868 * advertise Selected Registrar. 4869 */ 4870 struct wpabuf *wps_ie; 4871 4872 wps_ie = wpa_bss_get_vendor_ie_multi( 4873 wpa_s->current_bss, WPS_IE_VENDOR_TYPE); 4874 if (wps_ie && 4875 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1)) 4876 timeout = 10; 4877 wpabuf_free(wps_ie); 4878 } 4879 #endif /* CONFIG_WPS */ 4880 4881 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 4882 } 4883 wpa_s->eapol_received++; 4884 4885 if (wpa_s->countermeasures) { 4886 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " 4887 "EAPOL packet"); 4888 return; 4889 } 4890 4891 #ifdef CONFIG_IBSS_RSN 4892 if (wpa_s->current_ssid && 4893 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { 4894 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len); 4895 return; 4896 } 4897 #endif /* CONFIG_IBSS_RSN */ 4898 4899 /* Source address of the incoming EAPOL frame could be compared to the 4900 * current BSSID. However, it is possible that a centralized 4901 * Authenticator could be using another MAC address than the BSSID of 4902 * an AP, so just allow any address to be used for now. The replies are 4903 * still sent to the current BSSID (if available), though. */ 4904 4905 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); 4906 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && 4907 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE && 4908 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP && 4909 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) 4910 return; 4911 wpa_drv_poll(wpa_s); 4912 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) 4913 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); 4914 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 4915 /* 4916 * Set portValid = true here since we are going to skip 4-way 4917 * handshake processing which would normally set portValid. We 4918 * need this to allow the EAPOL state machines to be completed 4919 * without going through EAPOL-Key handshake. 4920 */ 4921 eapol_sm_notify_portValid(wpa_s->eapol, true); 4922 } 4923 } 4924 4925 4926 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s) 4927 { 4928 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) || 4929 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX); 4930 } 4931 4932 4933 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) 4934 { 4935 if ((!wpa_s->p2p_mgmt || 4936 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) && 4937 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { 4938 l2_packet_deinit(wpa_s->l2); 4939 wpa_s->l2 = l2_packet_init(wpa_s->ifname, 4940 wpa_drv_get_mac_addr(wpa_s), 4941 ETH_P_EAPOL, 4942 wpas_eapol_needs_l2_packet(wpa_s) ? 4943 wpa_supplicant_rx_eapol : NULL, 4944 wpa_s, 0); 4945 if (wpa_s->l2 == NULL) 4946 return -1; 4947 4948 if (l2_packet_set_packet_filter(wpa_s->l2, 4949 L2_PACKET_FILTER_PKTTYPE)) 4950 wpa_dbg(wpa_s, MSG_DEBUG, 4951 "Failed to attach pkt_type filter"); 4952 4953 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { 4954 wpa_msg(wpa_s, MSG_ERROR, 4955 "Failed to get own L2 address"); 4956 return -1; 4957 } 4958 } else { 4959 const u8 *addr = wpa_drv_get_mac_addr(wpa_s); 4960 if (addr) 4961 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); 4962 } 4963 4964 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 4965 wpas_wps_update_mac_addr(wpa_s); 4966 4967 #ifdef CONFIG_FST 4968 if (wpa_s->fst) 4969 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr); 4970 #endif /* CONFIG_FST */ 4971 4972 return 0; 4973 } 4974 4975 4976 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr, 4977 const u8 *buf, size_t len) 4978 { 4979 struct wpa_supplicant *wpa_s = ctx; 4980 const struct l2_ethhdr *eth; 4981 4982 if (len < sizeof(*eth)) 4983 return; 4984 eth = (const struct l2_ethhdr *) buf; 4985 4986 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 && 4987 !(eth->h_dest[0] & 0x01)) { 4988 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR 4989 " (bridge - not for this interface - ignore)", 4990 MAC2STR(src_addr), MAC2STR(eth->h_dest)); 4991 return; 4992 } 4993 4994 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR 4995 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest)); 4996 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth), 4997 len - sizeof(*eth)); 4998 } 4999 5000 5001 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s, 5002 const char *bridge_ifname) 5003 { 5004 if (wpa_s->wpa_state > WPA_SCANNING) 5005 return -EBUSY; 5006 5007 if (bridge_ifname && 5008 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname)) 5009 return -EINVAL; 5010 5011 if (!bridge_ifname) 5012 bridge_ifname = ""; 5013 5014 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0) 5015 return 0; 5016 5017 if (wpa_s->l2_br) { 5018 l2_packet_deinit(wpa_s->l2_br); 5019 wpa_s->l2_br = NULL; 5020 } 5021 5022 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname, 5023 sizeof(wpa_s->bridge_ifname)); 5024 5025 if (wpa_s->bridge_ifname[0]) { 5026 wpa_dbg(wpa_s, MSG_DEBUG, 5027 "Receiving packets from bridge interface '%s'", 5028 wpa_s->bridge_ifname); 5029 wpa_s->l2_br = l2_packet_init_bridge( 5030 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr, 5031 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1); 5032 if (!wpa_s->l2_br) { 5033 wpa_msg(wpa_s, MSG_ERROR, 5034 "Failed to open l2_packet connection for the bridge interface '%s'", 5035 wpa_s->bridge_ifname); 5036 goto fail; 5037 } 5038 } 5039 5040 #ifdef CONFIG_TDLS 5041 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa)) 5042 goto fail; 5043 #endif /* CONFIG_TDLS */ 5044 5045 return 0; 5046 fail: 5047 wpa_s->bridge_ifname[0] = 0; 5048 if (wpa_s->l2_br) { 5049 l2_packet_deinit(wpa_s->l2_br); 5050 wpa_s->l2_br = NULL; 5051 } 5052 #ifdef CONFIG_TDLS 5053 if (!wpa_s->p2p_mgmt) 5054 wpa_tdls_init(wpa_s->wpa); 5055 #endif /* CONFIG_TDLS */ 5056 return -EIO; 5057 } 5058 5059 5060 /** 5061 * wpa_supplicant_driver_init - Initialize driver interface parameters 5062 * @wpa_s: Pointer to wpa_supplicant data 5063 * Returns: 0 on success, -1 on failure 5064 * 5065 * This function is called to initialize driver interface parameters. 5066 * wpa_drv_init() must have been called before this function to initialize the 5067 * driver interface. 5068 */ 5069 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) 5070 { 5071 static int interface_count = 0; 5072 5073 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) 5074 return -1; 5075 5076 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, 5077 MAC2STR(wpa_s->own_addr)); 5078 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN); 5079 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 5080 5081 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) { 5082 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " 5083 "interface '%s'", wpa_s->bridge_ifname); 5084 wpa_s->l2_br = l2_packet_init_bridge( 5085 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr, 5086 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1); 5087 if (wpa_s->l2_br == NULL) { 5088 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " 5089 "connection for the bridge interface '%s'", 5090 wpa_s->bridge_ifname); 5091 return -1; 5092 } 5093 } 5094 5095 if (wpa_s->conf->ap_scan == 2 && 5096 os_strcmp(wpa_s->driver->name, "nl80211") == 0) { 5097 wpa_printf(MSG_INFO, 5098 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); 5099 } 5100 5101 wpa_clear_keys(wpa_s, NULL); 5102 5103 /* Make sure that TKIP countermeasures are not left enabled (could 5104 * happen if wpa_supplicant is killed during countermeasures. */ 5105 wpa_drv_set_countermeasures(wpa_s, 0); 5106 5107 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); 5108 wpa_drv_flush_pmkid(wpa_s); 5109 5110 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; 5111 wpa_s->prev_scan_wildcard = 0; 5112 5113 if (wpa_supplicant_enabled_networks(wpa_s)) { 5114 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { 5115 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 5116 interface_count = 0; 5117 } 5118 #ifndef ANDROID 5119 if (!wpa_s->p2p_mgmt && 5120 wpa_supplicant_delayed_sched_scan(wpa_s, 5121 interface_count % 3, 5122 100000)) 5123 wpa_supplicant_req_scan(wpa_s, interface_count % 3, 5124 100000); 5125 #endif /* ANDROID */ 5126 interface_count++; 5127 } else 5128 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 5129 5130 return 0; 5131 } 5132 5133 5134 static int wpa_supplicant_daemon(const char *pid_file) 5135 { 5136 wpa_printf(MSG_DEBUG, "Daemonize.."); 5137 return os_daemonize(pid_file); 5138 } 5139 5140 5141 static struct wpa_supplicant * 5142 wpa_supplicant_alloc(struct wpa_supplicant *parent) 5143 { 5144 struct wpa_supplicant *wpa_s; 5145 5146 wpa_s = os_zalloc(sizeof(*wpa_s)); 5147 if (wpa_s == NULL) 5148 return NULL; 5149 wpa_s->scan_req = INITIAL_SCAN_REQ; 5150 wpa_s->scan_interval = 5; 5151 wpa_s->new_connection = 1; 5152 wpa_s->parent = parent ? parent : wpa_s; 5153 wpa_s->p2pdev = wpa_s->parent; 5154 wpa_s->sched_scanning = 0; 5155 wpa_s->setband_mask = WPA_SETBAND_AUTO; 5156 5157 dl_list_init(&wpa_s->bss_tmp_disallowed); 5158 dl_list_init(&wpa_s->fils_hlp_req); 5159 #ifdef CONFIG_TESTING_OPTIONS 5160 dl_list_init(&wpa_s->drv_signal_override); 5161 #endif /* CONFIG_TESTING_OPTIONS */ 5162 5163 return wpa_s; 5164 } 5165 5166 5167 #ifdef CONFIG_HT_OVERRIDES 5168 5169 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, 5170 struct ieee80211_ht_capabilities *htcaps, 5171 struct ieee80211_ht_capabilities *htcaps_mask, 5172 const char *ht_mcs) 5173 { 5174 /* parse ht_mcs into hex array */ 5175 int i; 5176 const char *tmp = ht_mcs; 5177 char *end = NULL; 5178 5179 /* If ht_mcs is null, do not set anything */ 5180 if (!ht_mcs) 5181 return 0; 5182 5183 /* This is what we are setting in the kernel */ 5184 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); 5185 5186 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); 5187 5188 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { 5189 long v; 5190 5191 errno = 0; 5192 v = strtol(tmp, &end, 16); 5193 5194 if (errno == 0) { 5195 wpa_msg(wpa_s, MSG_DEBUG, 5196 "htcap value[%i]: %ld end: %p tmp: %p", 5197 i, v, end, tmp); 5198 if (end == tmp) 5199 break; 5200 5201 htcaps->supported_mcs_set[i] = v; 5202 tmp = end; 5203 } else { 5204 wpa_msg(wpa_s, MSG_ERROR, 5205 "Failed to parse ht-mcs: %s, error: %s\n", 5206 ht_mcs, strerror(errno)); 5207 return -1; 5208 } 5209 } 5210 5211 /* 5212 * If we were able to parse any values, then set mask for the MCS set. 5213 */ 5214 if (i) { 5215 os_memset(&htcaps_mask->supported_mcs_set, 0xff, 5216 IEEE80211_HT_MCS_MASK_LEN - 1); 5217 /* skip the 3 reserved bits */ 5218 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = 5219 0x1f; 5220 } 5221 5222 return 0; 5223 } 5224 5225 5226 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, 5227 struct ieee80211_ht_capabilities *htcaps, 5228 struct ieee80211_ht_capabilities *htcaps_mask, 5229 int disabled) 5230 { 5231 le16 msk; 5232 5233 if (disabled == -1) 5234 return 0; 5235 5236 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); 5237 5238 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); 5239 htcaps_mask->ht_capabilities_info |= msk; 5240 if (disabled) 5241 htcaps->ht_capabilities_info &= msk; 5242 else 5243 htcaps->ht_capabilities_info |= msk; 5244 5245 return 0; 5246 } 5247 5248 5249 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, 5250 struct ieee80211_ht_capabilities *htcaps, 5251 struct ieee80211_ht_capabilities *htcaps_mask, 5252 int factor) 5253 { 5254 if (factor == -1) 5255 return 0; 5256 5257 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); 5258 5259 if (factor < 0 || factor > 3) { 5260 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " 5261 "Must be 0-3 or -1", factor); 5262 return -EINVAL; 5263 } 5264 5265 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ 5266 htcaps->a_mpdu_params &= ~0x3; 5267 htcaps->a_mpdu_params |= factor & 0x3; 5268 5269 return 0; 5270 } 5271 5272 5273 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, 5274 struct ieee80211_ht_capabilities *htcaps, 5275 struct ieee80211_ht_capabilities *htcaps_mask, 5276 int density) 5277 { 5278 if (density == -1) 5279 return 0; 5280 5281 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); 5282 5283 if (density < 0 || density > 7) { 5284 wpa_msg(wpa_s, MSG_ERROR, 5285 "ampdu_density: %d out of range. Must be 0-7 or -1.", 5286 density); 5287 return -EINVAL; 5288 } 5289 5290 htcaps_mask->a_mpdu_params |= 0x1C; 5291 htcaps->a_mpdu_params &= ~(0x1C); 5292 htcaps->a_mpdu_params |= (density << 2) & 0x1C; 5293 5294 return 0; 5295 } 5296 5297 5298 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, 5299 struct ieee80211_ht_capabilities *htcaps, 5300 struct ieee80211_ht_capabilities *htcaps_mask, 5301 int disabled) 5302 { 5303 if (disabled) 5304 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); 5305 5306 set_disable_ht40(htcaps, disabled); 5307 set_disable_ht40(htcaps_mask, 0); 5308 5309 return 0; 5310 } 5311 5312 5313 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s, 5314 struct ieee80211_ht_capabilities *htcaps, 5315 struct ieee80211_ht_capabilities *htcaps_mask, 5316 int disabled) 5317 { 5318 /* Masking these out disables SGI */ 5319 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ | 5320 HT_CAP_INFO_SHORT_GI40MHZ); 5321 5322 if (disabled) 5323 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled); 5324 5325 if (disabled) 5326 htcaps->ht_capabilities_info &= ~msk; 5327 else 5328 htcaps->ht_capabilities_info |= msk; 5329 5330 htcaps_mask->ht_capabilities_info |= msk; 5331 5332 return 0; 5333 } 5334 5335 5336 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s, 5337 struct ieee80211_ht_capabilities *htcaps, 5338 struct ieee80211_ht_capabilities *htcaps_mask, 5339 int disabled) 5340 { 5341 /* Masking these out disables LDPC */ 5342 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP); 5343 5344 if (disabled) 5345 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled); 5346 5347 if (disabled) 5348 htcaps->ht_capabilities_info &= ~msk; 5349 else 5350 htcaps->ht_capabilities_info |= msk; 5351 5352 htcaps_mask->ht_capabilities_info |= msk; 5353 5354 return 0; 5355 } 5356 5357 5358 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s, 5359 struct ieee80211_ht_capabilities *htcaps, 5360 struct ieee80211_ht_capabilities *htcaps_mask, 5361 int tx_stbc) 5362 { 5363 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC); 5364 5365 if (tx_stbc == -1) 5366 return 0; 5367 5368 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc); 5369 5370 if (tx_stbc < 0 || tx_stbc > 1) { 5371 wpa_msg(wpa_s, MSG_ERROR, 5372 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc); 5373 return -EINVAL; 5374 } 5375 5376 htcaps_mask->ht_capabilities_info |= msk; 5377 htcaps->ht_capabilities_info &= ~msk; 5378 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk; 5379 5380 return 0; 5381 } 5382 5383 5384 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s, 5385 struct ieee80211_ht_capabilities *htcaps, 5386 struct ieee80211_ht_capabilities *htcaps_mask, 5387 int rx_stbc) 5388 { 5389 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK); 5390 5391 if (rx_stbc == -1) 5392 return 0; 5393 5394 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc); 5395 5396 if (rx_stbc < 0 || rx_stbc > 3) { 5397 wpa_msg(wpa_s, MSG_ERROR, 5398 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc); 5399 return -EINVAL; 5400 } 5401 5402 htcaps_mask->ht_capabilities_info |= msk; 5403 htcaps->ht_capabilities_info &= ~msk; 5404 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk; 5405 5406 return 0; 5407 } 5408 5409 5410 void wpa_supplicant_apply_ht_overrides( 5411 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 5412 struct wpa_driver_associate_params *params) 5413 { 5414 struct ieee80211_ht_capabilities *htcaps; 5415 struct ieee80211_ht_capabilities *htcaps_mask; 5416 5417 if (!ssid) 5418 return; 5419 5420 params->disable_ht = ssid->disable_ht; 5421 if (!params->htcaps || !params->htcaps_mask) 5422 return; 5423 5424 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; 5425 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; 5426 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); 5427 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, 5428 ssid->disable_max_amsdu); 5429 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); 5430 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); 5431 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); 5432 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi); 5433 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc); 5434 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc); 5435 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc); 5436 5437 if (ssid->ht40_intolerant) { 5438 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT); 5439 htcaps->ht_capabilities_info |= bit; 5440 htcaps_mask->ht_capabilities_info |= bit; 5441 } 5442 } 5443 5444 #endif /* CONFIG_HT_OVERRIDES */ 5445 5446 5447 #ifdef CONFIG_VHT_OVERRIDES 5448 void wpa_supplicant_apply_vht_overrides( 5449 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 5450 struct wpa_driver_associate_params *params) 5451 { 5452 struct ieee80211_vht_capabilities *vhtcaps; 5453 struct ieee80211_vht_capabilities *vhtcaps_mask; 5454 5455 if (!ssid) 5456 return; 5457 5458 params->disable_vht = ssid->disable_vht; 5459 5460 vhtcaps = (void *) params->vhtcaps; 5461 vhtcaps_mask = (void *) params->vhtcaps_mask; 5462 5463 if (!vhtcaps || !vhtcaps_mask) 5464 return; 5465 5466 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa); 5467 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask); 5468 5469 #ifdef CONFIG_HT_OVERRIDES 5470 if (ssid->disable_sgi) { 5471 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 | 5472 VHT_CAP_SHORT_GI_160); 5473 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 | 5474 VHT_CAP_SHORT_GI_160); 5475 wpa_msg(wpa_s, MSG_DEBUG, 5476 "disable-sgi override specified, vht-caps: 0x%x", 5477 vhtcaps->vht_capabilities_info); 5478 } 5479 5480 /* if max ampdu is <= 3, we have to make the HT cap the same */ 5481 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) { 5482 int max_ampdu; 5483 5484 max_ampdu = (ssid->vht_capa & 5485 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >> 5486 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT; 5487 5488 max_ampdu = max_ampdu < 3 ? max_ampdu : 3; 5489 wpa_set_ampdu_factor(wpa_s, 5490 (void *) params->htcaps, 5491 (void *) params->htcaps_mask, 5492 max_ampdu); 5493 } 5494 #endif /* CONFIG_HT_OVERRIDES */ 5495 5496 #define OVERRIDE_MCS(i) \ 5497 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \ 5498 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \ 5499 host_to_le16(3 << 2 * (i - 1)); \ 5500 vhtcaps->vht_supported_mcs_set.tx_map |= \ 5501 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \ 5502 2 * (i - 1)); \ 5503 } \ 5504 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \ 5505 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \ 5506 host_to_le16(3 << 2 * (i - 1)); \ 5507 vhtcaps->vht_supported_mcs_set.rx_map |= \ 5508 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \ 5509 2 * (i - 1)); \ 5510 } 5511 5512 OVERRIDE_MCS(1); 5513 OVERRIDE_MCS(2); 5514 OVERRIDE_MCS(3); 5515 OVERRIDE_MCS(4); 5516 OVERRIDE_MCS(5); 5517 OVERRIDE_MCS(6); 5518 OVERRIDE_MCS(7); 5519 OVERRIDE_MCS(8); 5520 } 5521 #endif /* CONFIG_VHT_OVERRIDES */ 5522 5523 5524 #ifdef CONFIG_HE_OVERRIDES 5525 void wpa_supplicant_apply_he_overrides( 5526 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 5527 struct wpa_driver_associate_params *params) 5528 { 5529 if (!ssid) 5530 return; 5531 5532 params->disable_he = ssid->disable_he; 5533 } 5534 #endif /* CONFIG_HE_OVERRIDES */ 5535 5536 5537 static int pcsc_reader_init(struct wpa_supplicant *wpa_s) 5538 { 5539 #ifdef PCSC_FUNCS 5540 size_t len; 5541 5542 if (!wpa_s->conf->pcsc_reader) 5543 return 0; 5544 5545 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader); 5546 if (!wpa_s->scard) 5547 return 1; 5548 5549 if (wpa_s->conf->pcsc_pin && 5550 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) { 5551 scard_deinit(wpa_s->scard); 5552 wpa_s->scard = NULL; 5553 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed"); 5554 return -1; 5555 } 5556 5557 len = sizeof(wpa_s->imsi) - 1; 5558 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) { 5559 scard_deinit(wpa_s->scard); 5560 wpa_s->scard = NULL; 5561 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI"); 5562 return -1; 5563 } 5564 wpa_s->imsi[len] = '\0'; 5565 5566 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard); 5567 5568 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)", 5569 wpa_s->imsi, wpa_s->mnc_len); 5570 5571 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); 5572 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); 5573 #endif /* PCSC_FUNCS */ 5574 5575 return 0; 5576 } 5577 5578 5579 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s) 5580 { 5581 char *val, *pos; 5582 5583 ext_password_deinit(wpa_s->ext_pw); 5584 wpa_s->ext_pw = NULL; 5585 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL); 5586 5587 if (!wpa_s->conf->ext_password_backend) 5588 return 0; 5589 5590 val = os_strdup(wpa_s->conf->ext_password_backend); 5591 if (val == NULL) 5592 return -1; 5593 pos = os_strchr(val, ':'); 5594 if (pos) 5595 *pos++ = '\0'; 5596 5597 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val); 5598 5599 wpa_s->ext_pw = ext_password_init(val, pos); 5600 os_free(val); 5601 if (wpa_s->ext_pw == NULL) { 5602 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend"); 5603 return -1; 5604 } 5605 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw); 5606 5607 return 0; 5608 } 5609 5610 5611 #ifdef CONFIG_FST 5612 5613 static const u8 * wpas_fst_get_bssid_cb(void *ctx) 5614 { 5615 struct wpa_supplicant *wpa_s = ctx; 5616 5617 return (is_zero_ether_addr(wpa_s->bssid) || 5618 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid; 5619 } 5620 5621 5622 static void wpas_fst_get_channel_info_cb(void *ctx, 5623 enum hostapd_hw_mode *hw_mode, 5624 u8 *channel) 5625 { 5626 struct wpa_supplicant *wpa_s = ctx; 5627 5628 if (wpa_s->current_bss) { 5629 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq, 5630 channel); 5631 } else if (wpa_s->hw.num_modes) { 5632 *hw_mode = wpa_s->hw.modes[0].mode; 5633 } else { 5634 WPA_ASSERT(0); 5635 *hw_mode = 0; 5636 } 5637 } 5638 5639 5640 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes) 5641 { 5642 struct wpa_supplicant *wpa_s = ctx; 5643 5644 *modes = wpa_s->hw.modes; 5645 return wpa_s->hw.num_modes; 5646 } 5647 5648 5649 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies) 5650 { 5651 struct wpa_supplicant *wpa_s = ctx; 5652 5653 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies); 5654 wpa_s->fst_ies = fst_ies; 5655 } 5656 5657 5658 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data) 5659 { 5660 struct wpa_supplicant *wpa_s = ctx; 5661 5662 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) { 5663 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR, 5664 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da)); 5665 return -1; 5666 } 5667 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, 5668 wpa_s->own_addr, wpa_s->bssid, 5669 wpabuf_head(data), wpabuf_len(data), 5670 0); 5671 } 5672 5673 5674 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr) 5675 { 5676 struct wpa_supplicant *wpa_s = ctx; 5677 5678 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0); 5679 return wpa_s->received_mb_ies; 5680 } 5681 5682 5683 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr, 5684 const u8 *buf, size_t size) 5685 { 5686 struct wpa_supplicant *wpa_s = ctx; 5687 struct mb_ies_info info; 5688 5689 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0); 5690 5691 if (!mb_ies_info_by_ies(&info, buf, size)) { 5692 wpabuf_free(wpa_s->received_mb_ies); 5693 wpa_s->received_mb_ies = mb_ies_by_info(&info); 5694 } 5695 } 5696 5697 5698 static const u8 * wpas_fst_get_peer_first(void *ctx, 5699 struct fst_get_peer_ctx **get_ctx, 5700 bool mb_only) 5701 { 5702 struct wpa_supplicant *wpa_s = ctx; 5703 5704 *get_ctx = NULL; 5705 if (!is_zero_ether_addr(wpa_s->bssid)) 5706 return (wpa_s->received_mb_ies || !mb_only) ? 5707 wpa_s->bssid : NULL; 5708 return NULL; 5709 } 5710 5711 5712 static const u8 * wpas_fst_get_peer_next(void *ctx, 5713 struct fst_get_peer_ctx **get_ctx, 5714 bool mb_only) 5715 { 5716 return NULL; 5717 } 5718 5719 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s, 5720 struct fst_wpa_obj *iface_obj) 5721 { 5722 iface_obj->ctx = wpa_s; 5723 iface_obj->get_bssid = wpas_fst_get_bssid_cb; 5724 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb; 5725 iface_obj->get_hw_modes = wpas_fst_get_hw_modes; 5726 iface_obj->set_ies = wpas_fst_set_ies_cb; 5727 iface_obj->send_action = wpas_fst_send_action_cb; 5728 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb; 5729 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb; 5730 iface_obj->get_peer_first = wpas_fst_get_peer_first; 5731 iface_obj->get_peer_next = wpas_fst_get_peer_next; 5732 } 5733 #endif /* CONFIG_FST */ 5734 5735 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s, 5736 const struct wpa_driver_capa *capa) 5737 { 5738 struct wowlan_triggers *triggers; 5739 int ret = 0; 5740 5741 if (!wpa_s->conf->wowlan_triggers) 5742 return 0; 5743 5744 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa); 5745 if (triggers) { 5746 ret = wpa_drv_wowlan(wpa_s, triggers); 5747 os_free(triggers); 5748 } 5749 return ret; 5750 } 5751 5752 5753 enum wpa_radio_work_band wpas_freq_to_band(int freq) 5754 { 5755 if (freq < 3000) 5756 return BAND_2_4_GHZ; 5757 if (freq > 50000) 5758 return BAND_60_GHZ; 5759 return BAND_5_GHZ; 5760 } 5761 5762 5763 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs) 5764 { 5765 int i; 5766 unsigned int band = 0; 5767 5768 if (freqs) { 5769 /* freqs are specified for the radio work */ 5770 for (i = 0; freqs[i]; i++) 5771 band |= wpas_freq_to_band(freqs[i]); 5772 } else { 5773 /* 5774 * freqs are not specified, implies all 5775 * the supported freqs by HW 5776 */ 5777 for (i = 0; i < wpa_s->hw.num_modes; i++) { 5778 if (wpa_s->hw.modes[i].num_channels != 0) { 5779 if (wpa_s->hw.modes[i].mode == 5780 HOSTAPD_MODE_IEEE80211B || 5781 wpa_s->hw.modes[i].mode == 5782 HOSTAPD_MODE_IEEE80211G) 5783 band |= BAND_2_4_GHZ; 5784 else if (wpa_s->hw.modes[i].mode == 5785 HOSTAPD_MODE_IEEE80211A) 5786 band |= BAND_5_GHZ; 5787 else if (wpa_s->hw.modes[i].mode == 5788 HOSTAPD_MODE_IEEE80211AD) 5789 band |= BAND_60_GHZ; 5790 else if (wpa_s->hw.modes[i].mode == 5791 HOSTAPD_MODE_IEEE80211ANY) 5792 band = BAND_2_4_GHZ | BAND_5_GHZ | 5793 BAND_60_GHZ; 5794 } 5795 } 5796 } 5797 5798 return band; 5799 } 5800 5801 5802 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s, 5803 const char *rn) 5804 { 5805 struct wpa_supplicant *iface = wpa_s->global->ifaces; 5806 struct wpa_radio *radio; 5807 5808 while (rn && iface) { 5809 radio = iface->radio; 5810 if (radio && os_strcmp(rn, radio->name) == 0) { 5811 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s", 5812 wpa_s->ifname, rn); 5813 dl_list_add(&radio->ifaces, &wpa_s->radio_list); 5814 return radio; 5815 } 5816 5817 iface = iface->next; 5818 } 5819 5820 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s", 5821 wpa_s->ifname, rn ? rn : "N/A"); 5822 radio = os_zalloc(sizeof(*radio)); 5823 if (radio == NULL) 5824 return NULL; 5825 5826 if (rn) 5827 os_strlcpy(radio->name, rn, sizeof(radio->name)); 5828 dl_list_init(&radio->ifaces); 5829 dl_list_init(&radio->work); 5830 dl_list_add(&radio->ifaces, &wpa_s->radio_list); 5831 5832 return radio; 5833 } 5834 5835 5836 static void radio_work_free(struct wpa_radio_work *work) 5837 { 5838 if (work->wpa_s->scan_work == work) { 5839 /* This should not really happen. */ 5840 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work", 5841 work->type, work, work->started); 5842 work->wpa_s->scan_work = NULL; 5843 } 5844 5845 #ifdef CONFIG_P2P 5846 if (work->wpa_s->p2p_scan_work == work) { 5847 /* This should not really happen. */ 5848 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work", 5849 work->type, work, work->started); 5850 work->wpa_s->p2p_scan_work = NULL; 5851 } 5852 #endif /* CONFIG_P2P */ 5853 5854 if (work->started) { 5855 work->wpa_s->radio->num_active_works--; 5856 wpa_dbg(work->wpa_s, MSG_DEBUG, 5857 "radio_work_free('%s'@%p): num_active_works --> %u", 5858 work->type, work, 5859 work->wpa_s->radio->num_active_works); 5860 } 5861 5862 dl_list_del(&work->list); 5863 os_free(work); 5864 } 5865 5866 5867 static int radio_work_is_connect(struct wpa_radio_work *work) 5868 { 5869 return os_strcmp(work->type, "sme-connect") == 0 || 5870 os_strcmp(work->type, "connect") == 0; 5871 } 5872 5873 5874 static int radio_work_is_scan(struct wpa_radio_work *work) 5875 { 5876 return os_strcmp(work->type, "scan") == 0 || 5877 os_strcmp(work->type, "p2p-scan") == 0; 5878 } 5879 5880 5881 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio) 5882 { 5883 struct wpa_radio_work *active_work = NULL; 5884 struct wpa_radio_work *tmp; 5885 5886 /* Get the active work to know the type and band. */ 5887 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { 5888 if (tmp->started) { 5889 active_work = tmp; 5890 break; 5891 } 5892 } 5893 5894 if (!active_work) { 5895 /* No active work, start one */ 5896 radio->num_active_works = 0; 5897 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, 5898 list) { 5899 if (os_strcmp(tmp->type, "scan") == 0 && 5900 external_scan_running(radio) && 5901 (((struct wpa_driver_scan_params *) 5902 tmp->ctx)->only_new_results || 5903 tmp->wpa_s->clear_driver_scan_cache)) 5904 continue; 5905 return tmp; 5906 } 5907 return NULL; 5908 } 5909 5910 if (radio_work_is_connect(active_work)) { 5911 /* 5912 * If the active work is either connect or sme-connect, 5913 * do not parallelize them with other radio works. 5914 */ 5915 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 5916 "Do not parallelize radio work with %s", 5917 active_work->type); 5918 return NULL; 5919 } 5920 5921 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { 5922 if (tmp->started) 5923 continue; 5924 5925 /* 5926 * If connect or sme-connect are enqueued, parallelize only 5927 * those operations ahead of them in the queue. 5928 */ 5929 if (radio_work_is_connect(tmp)) 5930 break; 5931 5932 /* Serialize parallel scan and p2p_scan operations on the same 5933 * interface since the driver_nl80211 mechanism for tracking 5934 * scan cookies does not yet have support for this. */ 5935 if (active_work->wpa_s == tmp->wpa_s && 5936 radio_work_is_scan(active_work) && 5937 radio_work_is_scan(tmp)) { 5938 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 5939 "Do not start work '%s' when another work '%s' is already scheduled", 5940 tmp->type, active_work->type); 5941 continue; 5942 } 5943 /* 5944 * Check that the radio works are distinct and 5945 * on different bands. 5946 */ 5947 if (os_strcmp(active_work->type, tmp->type) != 0 && 5948 (active_work->bands != tmp->bands)) { 5949 /* 5950 * If a scan has to be scheduled through nl80211 scan 5951 * interface and if an external scan is already running, 5952 * do not schedule the scan since it is likely to get 5953 * rejected by kernel. 5954 */ 5955 if (os_strcmp(tmp->type, "scan") == 0 && 5956 external_scan_running(radio) && 5957 (((struct wpa_driver_scan_params *) 5958 tmp->ctx)->only_new_results || 5959 tmp->wpa_s->clear_driver_scan_cache)) 5960 continue; 5961 5962 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 5963 "active_work:%s new_work:%s", 5964 active_work->type, tmp->type); 5965 return tmp; 5966 } 5967 } 5968 5969 /* Did not find a radio work to schedule in parallel. */ 5970 return NULL; 5971 } 5972 5973 5974 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx) 5975 { 5976 struct wpa_radio *radio = eloop_ctx; 5977 struct wpa_radio_work *work; 5978 struct os_reltime now, diff; 5979 struct wpa_supplicant *wpa_s; 5980 5981 work = dl_list_first(&radio->work, struct wpa_radio_work, list); 5982 if (work == NULL) { 5983 radio->num_active_works = 0; 5984 return; 5985 } 5986 5987 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant, 5988 radio_list); 5989 5990 if (!(wpa_s && 5991 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) { 5992 if (work->started) 5993 return; /* already started and still in progress */ 5994 5995 if (wpa_s && external_scan_running(wpa_s->radio)) { 5996 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes"); 5997 return; 5998 } 5999 } else { 6000 work = NULL; 6001 if (radio->num_active_works < MAX_ACTIVE_WORKS) { 6002 /* get the work to schedule next */ 6003 work = radio_work_get_next_work(radio); 6004 } 6005 if (!work) 6006 return; 6007 } 6008 6009 wpa_s = work->wpa_s; 6010 os_get_reltime(&now); 6011 os_reltime_sub(&now, &work->time, &diff); 6012 wpa_dbg(wpa_s, MSG_DEBUG, 6013 "Starting radio work '%s'@%p after %ld.%06ld second wait", 6014 work->type, work, diff.sec, diff.usec); 6015 work->started = 1; 6016 work->time = now; 6017 radio->num_active_works++; 6018 6019 work->cb(work, 0); 6020 6021 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) && 6022 radio->num_active_works < MAX_ACTIVE_WORKS) 6023 radio_work_check_next(wpa_s); 6024 } 6025 6026 6027 /* 6028 * This function removes both started and pending radio works running on 6029 * the provided interface's radio. 6030 * Prior to the removal of the radio work, its callback (cb) is called with 6031 * deinit set to be 1. Each work's callback is responsible for clearing its 6032 * internal data and restoring to a correct state. 6033 * @wpa_s: wpa_supplicant data 6034 * @type: type of works to be removed 6035 * @remove_all: 1 to remove all the works on this radio, 0 to remove only 6036 * this interface's works. 6037 */ 6038 void radio_remove_works(struct wpa_supplicant *wpa_s, 6039 const char *type, int remove_all) 6040 { 6041 struct wpa_radio_work *work, *tmp; 6042 struct wpa_radio *radio = wpa_s->radio; 6043 6044 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work, 6045 list) { 6046 if (type && os_strcmp(type, work->type) != 0) 6047 continue; 6048 6049 /* skip other ifaces' works */ 6050 if (!remove_all && work->wpa_s != wpa_s) 6051 continue; 6052 6053 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s", 6054 work->type, work, work->started ? " (started)" : ""); 6055 work->cb(work, 1); 6056 radio_work_free(work); 6057 } 6058 6059 /* in case we removed the started work */ 6060 radio_work_check_next(wpa_s); 6061 } 6062 6063 6064 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx) 6065 { 6066 struct wpa_radio_work *work; 6067 struct wpa_radio *radio = wpa_s->radio; 6068 6069 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { 6070 if (work->ctx != ctx) 6071 continue; 6072 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s", 6073 work->type, work, work->started ? " (started)" : ""); 6074 radio_work_free(work); 6075 break; 6076 } 6077 } 6078 6079 6080 static void radio_remove_interface(struct wpa_supplicant *wpa_s) 6081 { 6082 struct wpa_radio *radio = wpa_s->radio; 6083 6084 if (!radio) 6085 return; 6086 6087 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s", 6088 wpa_s->ifname, radio->name); 6089 dl_list_del(&wpa_s->radio_list); 6090 radio_remove_works(wpa_s, NULL, 0); 6091 /* If the interface that triggered the external scan was removed, the 6092 * external scan is no longer running. */ 6093 if (wpa_s == radio->external_scan_req_interface) 6094 radio->external_scan_req_interface = NULL; 6095 wpa_s->radio = NULL; 6096 if (!dl_list_empty(&radio->ifaces)) 6097 return; /* Interfaces remain for this radio */ 6098 6099 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name); 6100 eloop_cancel_timeout(radio_start_next_work, radio, NULL); 6101 os_free(radio); 6102 } 6103 6104 6105 void radio_work_check_next(struct wpa_supplicant *wpa_s) 6106 { 6107 struct wpa_radio *radio = wpa_s->radio; 6108 6109 if (dl_list_empty(&radio->work)) 6110 return; 6111 if (wpa_s->ext_work_in_progress) { 6112 wpa_printf(MSG_DEBUG, 6113 "External radio work in progress - delay start of pending item"); 6114 return; 6115 } 6116 eloop_cancel_timeout(radio_start_next_work, radio, NULL); 6117 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL); 6118 } 6119 6120 6121 /** 6122 * radio_add_work - Add a radio work item 6123 * @wpa_s: Pointer to wpa_supplicant data 6124 * @freq: Frequency of the offchannel operation in MHz or 0 6125 * @type: Unique identifier for each type of work 6126 * @next: Force as the next work to be executed 6127 * @cb: Callback function for indicating when radio is available 6128 * @ctx: Context pointer for the work (work->ctx in cb()) 6129 * Returns: 0 on success, -1 on failure 6130 * 6131 * This function is used to request time for an operation that requires 6132 * exclusive radio control. Once the radio is available, the registered callback 6133 * function will be called. radio_work_done() must be called once the exclusive 6134 * radio operation has been completed, so that the radio is freed for other 6135 * operations. The special case of deinit=1 is used to free the context data 6136 * during interface removal. That does not allow the callback function to start 6137 * the radio operation, i.e., it must free any resources allocated for the radio 6138 * work and return. 6139 * 6140 * The @freq parameter can be used to indicate a single channel on which the 6141 * offchannel operation will occur. This may allow multiple radio work 6142 * operations to be performed in parallel if they apply for the same channel. 6143 * Setting this to 0 indicates that the work item may use multiple channels or 6144 * requires exclusive control of the radio. 6145 */ 6146 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq, 6147 const char *type, int next, 6148 void (*cb)(struct wpa_radio_work *work, int deinit), 6149 void *ctx) 6150 { 6151 struct wpa_radio *radio = wpa_s->radio; 6152 struct wpa_radio_work *work; 6153 int was_empty; 6154 6155 work = os_zalloc(sizeof(*work)); 6156 if (work == NULL) 6157 return -1; 6158 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work); 6159 os_get_reltime(&work->time); 6160 work->freq = freq; 6161 work->type = type; 6162 work->wpa_s = wpa_s; 6163 work->cb = cb; 6164 work->ctx = ctx; 6165 6166 if (freq) 6167 work->bands = wpas_freq_to_band(freq); 6168 else if (os_strcmp(type, "scan") == 0 || 6169 os_strcmp(type, "p2p-scan") == 0) 6170 work->bands = wpas_get_bands(wpa_s, 6171 ((struct wpa_driver_scan_params *) 6172 ctx)->freqs); 6173 else 6174 work->bands = wpas_get_bands(wpa_s, NULL); 6175 6176 was_empty = dl_list_empty(&wpa_s->radio->work); 6177 if (next) 6178 dl_list_add(&wpa_s->radio->work, &work->list); 6179 else 6180 dl_list_add_tail(&wpa_s->radio->work, &work->list); 6181 if (was_empty) { 6182 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately"); 6183 radio_work_check_next(wpa_s); 6184 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) 6185 && radio->num_active_works < MAX_ACTIVE_WORKS) { 6186 wpa_dbg(wpa_s, MSG_DEBUG, 6187 "Try to schedule a radio work (num_active_works=%u)", 6188 radio->num_active_works); 6189 radio_work_check_next(wpa_s); 6190 } 6191 6192 return 0; 6193 } 6194 6195 6196 /** 6197 * radio_work_done - Indicate that a radio work item has been completed 6198 * @work: Completed work 6199 * 6200 * This function is called once the callback function registered with 6201 * radio_add_work() has completed its work. 6202 */ 6203 void radio_work_done(struct wpa_radio_work *work) 6204 { 6205 struct wpa_supplicant *wpa_s = work->wpa_s; 6206 struct os_reltime now, diff; 6207 unsigned int started = work->started; 6208 6209 os_get_reltime(&now); 6210 os_reltime_sub(&now, &work->time, &diff); 6211 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds", 6212 work->type, work, started ? "done" : "canceled", 6213 diff.sec, diff.usec); 6214 radio_work_free(work); 6215 if (started) 6216 radio_work_check_next(wpa_s); 6217 } 6218 6219 6220 struct wpa_radio_work * 6221 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type) 6222 { 6223 struct wpa_radio_work *work; 6224 struct wpa_radio *radio = wpa_s->radio; 6225 6226 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { 6227 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0) 6228 return work; 6229 } 6230 6231 return NULL; 6232 } 6233 6234 6235 static int wpas_init_driver(struct wpa_supplicant *wpa_s, 6236 const struct wpa_interface *iface) 6237 { 6238 const char *ifname, *driver, *rn; 6239 6240 driver = iface->driver; 6241 next_driver: 6242 if (wpa_supplicant_set_driver(wpa_s, driver) < 0) 6243 return -1; 6244 6245 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); 6246 if (wpa_s->drv_priv == NULL) { 6247 const char *pos; 6248 int level = MSG_ERROR; 6249 6250 pos = driver ? os_strchr(driver, ',') : NULL; 6251 if (pos) { 6252 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 6253 "driver interface - try next driver wrapper"); 6254 driver = pos + 1; 6255 goto next_driver; 6256 } 6257 6258 #ifdef CONFIG_MATCH_IFACE 6259 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL) 6260 level = MSG_DEBUG; 6261 #endif /* CONFIG_MATCH_IFACE */ 6262 wpa_msg(wpa_s, level, "Failed to initialize driver interface"); 6263 return -1; 6264 } 6265 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { 6266 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " 6267 "driver_param '%s'", wpa_s->conf->driver_param); 6268 return -1; 6269 } 6270 6271 ifname = wpa_drv_get_ifname(wpa_s); 6272 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { 6273 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " 6274 "interface name with '%s'", ifname); 6275 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); 6276 } 6277 6278 rn = wpa_driver_get_radio_name(wpa_s); 6279 if (rn && rn[0] == '\0') 6280 rn = NULL; 6281 6282 wpa_s->radio = radio_add_interface(wpa_s, rn); 6283 if (wpa_s->radio == NULL) 6284 return -1; 6285 6286 return 0; 6287 } 6288 6289 6290 #ifdef CONFIG_GAS_SERVER 6291 6292 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s, 6293 unsigned int freq, const u8 *dst, 6294 const u8 *src, const u8 *bssid, 6295 const u8 *data, size_t data_len, 6296 enum offchannel_send_action_result result) 6297 { 6298 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR 6299 " result=%s", 6300 freq, MAC2STR(dst), 6301 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 6302 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 6303 "FAILED")); 6304 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len, 6305 result == OFFCHANNEL_SEND_ACTION_SUCCESS); 6306 } 6307 6308 6309 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da, 6310 struct wpabuf *buf, unsigned int wait_time) 6311 { 6312 struct wpa_supplicant *wpa_s = ctx; 6313 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 6314 6315 if (wait_time > wpa_s->max_remain_on_chan) 6316 wait_time = wpa_s->max_remain_on_chan; 6317 6318 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast, 6319 wpabuf_head(buf), wpabuf_len(buf), 6320 wait_time, wpas_gas_server_tx_status, 0); 6321 } 6322 6323 #endif /* CONFIG_GAS_SERVER */ 6324 6325 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, 6326 const struct wpa_interface *iface) 6327 { 6328 struct wpa_driver_capa capa; 6329 int capa_res; 6330 u8 dfs_domain; 6331 6332 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " 6333 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, 6334 iface->confname ? iface->confname : "N/A", 6335 iface->driver ? iface->driver : "default", 6336 iface->ctrl_interface ? iface->ctrl_interface : "N/A", 6337 iface->bridge_ifname ? iface->bridge_ifname : "N/A"); 6338 6339 if (iface->confname) { 6340 #ifdef CONFIG_BACKEND_FILE 6341 wpa_s->confname = os_rel2abs_path(iface->confname); 6342 if (wpa_s->confname == NULL) { 6343 wpa_printf(MSG_ERROR, "Failed to get absolute path " 6344 "for configuration file '%s'.", 6345 iface->confname); 6346 return -1; 6347 } 6348 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", 6349 iface->confname, wpa_s->confname); 6350 #else /* CONFIG_BACKEND_FILE */ 6351 wpa_s->confname = os_strdup(iface->confname); 6352 #endif /* CONFIG_BACKEND_FILE */ 6353 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL); 6354 if (wpa_s->conf == NULL) { 6355 wpa_printf(MSG_ERROR, "Failed to read or parse " 6356 "configuration '%s'.", wpa_s->confname); 6357 return -1; 6358 } 6359 wpa_s->confanother = os_rel2abs_path(iface->confanother); 6360 if (wpa_s->confanother && 6361 !wpa_config_read(wpa_s->confanother, wpa_s->conf)) { 6362 wpa_printf(MSG_ERROR, 6363 "Failed to read or parse configuration '%s'.", 6364 wpa_s->confanother); 6365 return -1; 6366 } 6367 6368 /* 6369 * Override ctrl_interface and driver_param if set on command 6370 * line. 6371 */ 6372 if (iface->ctrl_interface) { 6373 os_free(wpa_s->conf->ctrl_interface); 6374 wpa_s->conf->ctrl_interface = 6375 os_strdup(iface->ctrl_interface); 6376 } 6377 6378 if (iface->driver_param) { 6379 os_free(wpa_s->conf->driver_param); 6380 wpa_s->conf->driver_param = 6381 os_strdup(iface->driver_param); 6382 } 6383 6384 if (iface->p2p_mgmt && !iface->ctrl_interface) { 6385 os_free(wpa_s->conf->ctrl_interface); 6386 wpa_s->conf->ctrl_interface = NULL; 6387 } 6388 } else 6389 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, 6390 iface->driver_param); 6391 6392 if (wpa_s->conf == NULL) { 6393 wpa_printf(MSG_ERROR, "\nNo configuration found."); 6394 return -1; 6395 } 6396 6397 if (iface->ifname == NULL) { 6398 wpa_printf(MSG_ERROR, "\nInterface name is required."); 6399 return -1; 6400 } 6401 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { 6402 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", 6403 iface->ifname); 6404 return -1; 6405 } 6406 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); 6407 #ifdef CONFIG_MATCH_IFACE 6408 wpa_s->matched = iface->matched; 6409 #endif /* CONFIG_MATCH_IFACE */ 6410 6411 if (iface->bridge_ifname) { 6412 if (os_strlen(iface->bridge_ifname) >= 6413 sizeof(wpa_s->bridge_ifname)) { 6414 wpa_printf(MSG_ERROR, "\nToo long bridge interface " 6415 "name '%s'.", iface->bridge_ifname); 6416 return -1; 6417 } 6418 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, 6419 sizeof(wpa_s->bridge_ifname)); 6420 } 6421 6422 /* RSNA Supplicant Key Management - INITIALIZE */ 6423 eapol_sm_notify_portEnabled(wpa_s->eapol, false); 6424 eapol_sm_notify_portValid(wpa_s->eapol, false); 6425 6426 /* Initialize driver interface and register driver event handler before 6427 * L2 receive handler so that association events are processed before 6428 * EAPOL-Key packets if both become available for the same select() 6429 * call. */ 6430 if (wpas_init_driver(wpa_s, iface) < 0) 6431 return -1; 6432 6433 if (wpa_supplicant_init_wpa(wpa_s) < 0) 6434 return -1; 6435 6436 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, 6437 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : 6438 NULL); 6439 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 6440 6441 if (wpa_s->conf->dot11RSNAConfigPMKLifetime && 6442 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, 6443 wpa_s->conf->dot11RSNAConfigPMKLifetime)) { 6444 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 6445 "dot11RSNAConfigPMKLifetime"); 6446 return -1; 6447 } 6448 6449 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && 6450 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, 6451 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { 6452 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 6453 "dot11RSNAConfigPMKReauthThreshold"); 6454 return -1; 6455 } 6456 6457 if (wpa_s->conf->dot11RSNAConfigSATimeout && 6458 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, 6459 wpa_s->conf->dot11RSNAConfigSATimeout)) { 6460 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 6461 "dot11RSNAConfigSATimeout"); 6462 return -1; 6463 } 6464 6465 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, 6466 &wpa_s->hw.num_modes, 6467 &wpa_s->hw.flags, 6468 &dfs_domain); 6469 if (wpa_s->hw.modes) { 6470 u16 i; 6471 6472 for (i = 0; i < wpa_s->hw.num_modes; i++) { 6473 if (wpa_s->hw.modes[i].vht_capab) { 6474 wpa_s->hw_capab = CAPAB_VHT; 6475 break; 6476 } 6477 6478 if (wpa_s->hw.modes[i].ht_capab & 6479 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) 6480 wpa_s->hw_capab = CAPAB_HT40; 6481 else if (wpa_s->hw.modes[i].ht_capab && 6482 wpa_s->hw_capab == CAPAB_NO_HT_VHT) 6483 wpa_s->hw_capab = CAPAB_HT; 6484 } 6485 } 6486 6487 capa_res = wpa_drv_get_capa(wpa_s, &capa); 6488 if (capa_res == 0) { 6489 wpa_s->drv_capa_known = 1; 6490 wpa_s->drv_flags = capa.flags; 6491 wpa_s->drv_flags2 = capa.flags2; 6492 wpa_s->drv_enc = capa.enc; 6493 wpa_s->drv_rrm_flags = capa.rrm_flags; 6494 wpa_s->probe_resp_offloads = capa.probe_resp_offloads; 6495 wpa_s->max_scan_ssids = capa.max_scan_ssids; 6496 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; 6497 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans; 6498 wpa_s->max_sched_scan_plan_interval = 6499 capa.max_sched_scan_plan_interval; 6500 wpa_s->max_sched_scan_plan_iterations = 6501 capa.max_sched_scan_plan_iterations; 6502 wpa_s->sched_scan_supported = capa.sched_scan_supported; 6503 wpa_s->max_match_sets = capa.max_match_sets; 6504 wpa_s->max_remain_on_chan = capa.max_remain_on_chan; 6505 wpa_s->max_stations = capa.max_stations; 6506 wpa_s->extended_capa = capa.extended_capa; 6507 wpa_s->extended_capa_mask = capa.extended_capa_mask; 6508 wpa_s->extended_capa_len = capa.extended_capa_len; 6509 wpa_s->num_multichan_concurrent = 6510 capa.num_multichan_concurrent; 6511 wpa_s->wmm_ac_supported = capa.wmm_ac_supported; 6512 6513 if (capa.mac_addr_rand_scan_supported) 6514 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN; 6515 if (wpa_s->sched_scan_supported && 6516 capa.mac_addr_rand_sched_scan_supported) 6517 wpa_s->mac_addr_rand_supported |= 6518 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO); 6519 6520 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); 6521 if (wpa_s->extended_capa && 6522 wpa_s->extended_capa_len >= 3 && 6523 wpa_s->extended_capa[2] & 0x40) 6524 wpa_s->multi_bss_support = 1; 6525 } 6526 if (wpa_s->max_remain_on_chan == 0) 6527 wpa_s->max_remain_on_chan = 1000; 6528 6529 /* 6530 * Only take p2p_mgmt parameters when P2P Device is supported. 6531 * Doing it here as it determines whether l2_packet_init() will be done 6532 * during wpa_supplicant_driver_init(). 6533 */ 6534 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) 6535 wpa_s->p2p_mgmt = iface->p2p_mgmt; 6536 6537 if (wpa_s->num_multichan_concurrent == 0) 6538 wpa_s->num_multichan_concurrent = 1; 6539 6540 if (wpa_supplicant_driver_init(wpa_s) < 0) 6541 return -1; 6542 6543 #ifdef CONFIG_TDLS 6544 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa)) 6545 return -1; 6546 #endif /* CONFIG_TDLS */ 6547 6548 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && 6549 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { 6550 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); 6551 return -1; 6552 } 6553 6554 #ifdef CONFIG_FST 6555 if (wpa_s->conf->fst_group_id) { 6556 struct fst_iface_cfg cfg; 6557 struct fst_wpa_obj iface_obj; 6558 6559 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj); 6560 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id, 6561 sizeof(cfg.group_id)); 6562 cfg.priority = wpa_s->conf->fst_priority; 6563 cfg.llt = wpa_s->conf->fst_llt; 6564 6565 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr, 6566 &iface_obj, &cfg); 6567 if (!wpa_s->fst) { 6568 wpa_msg(wpa_s, MSG_ERROR, 6569 "FST: Cannot attach iface %s to group %s", 6570 wpa_s->ifname, cfg.group_id); 6571 return -1; 6572 } 6573 } 6574 #endif /* CONFIG_FST */ 6575 6576 if (wpas_wps_init(wpa_s)) 6577 return -1; 6578 6579 #ifdef CONFIG_GAS_SERVER 6580 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx); 6581 if (!wpa_s->gas_server) { 6582 wpa_printf(MSG_ERROR, "Failed to initialize GAS server"); 6583 return -1; 6584 } 6585 #endif /* CONFIG_GAS_SERVER */ 6586 6587 #ifdef CONFIG_DPP 6588 if (wpas_dpp_init(wpa_s) < 0) 6589 return -1; 6590 #endif /* CONFIG_DPP */ 6591 6592 if (wpa_supplicant_init_eapol(wpa_s) < 0) 6593 return -1; 6594 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 6595 6596 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 6597 if (wpa_s->ctrl_iface == NULL) { 6598 wpa_printf(MSG_ERROR, 6599 "Failed to initialize control interface '%s'.\n" 6600 "You may have another wpa_supplicant process " 6601 "already running or the file was\n" 6602 "left by an unclean termination of wpa_supplicant " 6603 "in which case you will need\n" 6604 "to manually remove this file before starting " 6605 "wpa_supplicant again.\n", 6606 wpa_s->conf->ctrl_interface); 6607 return -1; 6608 } 6609 6610 wpa_s->gas = gas_query_init(wpa_s); 6611 if (wpa_s->gas == NULL) { 6612 wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); 6613 return -1; 6614 } 6615 6616 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) || 6617 wpa_s->p2p_mgmt) && 6618 wpas_p2p_init(wpa_s->global, wpa_s) < 0) { 6619 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); 6620 return -1; 6621 } 6622 6623 if (wpa_bss_init(wpa_s) < 0) 6624 return -1; 6625 6626 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 6627 #ifdef CONFIG_MESH 6628 dl_list_init(&wpa_s->mesh_external_pmksa_cache); 6629 #endif /* CONFIG_MESH */ 6630 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 6631 6632 /* 6633 * Set Wake-on-WLAN triggers, if configured. 6634 * Note: We don't restore/remove the triggers on shutdown (it doesn't 6635 * have effect anyway when the interface is down). 6636 */ 6637 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) 6638 return -1; 6639 6640 #ifdef CONFIG_EAP_PROXY 6641 { 6642 size_t len; 6643 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1, 6644 wpa_s->imsi, &len); 6645 if (wpa_s->mnc_len > 0) { 6646 wpa_s->imsi[len] = '\0'; 6647 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)", 6648 wpa_s->imsi, wpa_s->mnc_len); 6649 } else { 6650 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available"); 6651 } 6652 } 6653 #endif /* CONFIG_EAP_PROXY */ 6654 6655 if (pcsc_reader_init(wpa_s) < 0) 6656 return -1; 6657 6658 if (wpas_init_ext_pw(wpa_s) < 0) 6659 return -1; 6660 6661 wpas_rrm_reset(wpa_s); 6662 6663 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); 6664 6665 #ifdef CONFIG_HS20 6666 hs20_init(wpa_s); 6667 #endif /* CONFIG_HS20 */ 6668 #ifdef CONFIG_MBO 6669 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) { 6670 if ((wpa_s->conf->oce & OCE_STA) && 6671 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA)) 6672 wpa_s->enable_oce = OCE_STA; 6673 if ((wpa_s->conf->oce & OCE_STA_CFON) && 6674 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) { 6675 /* TODO: Need to add STA-CFON support */ 6676 wpa_printf(MSG_ERROR, 6677 "OCE STA-CFON feature is not yet supported"); 6678 } 6679 } 6680 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan); 6681 #endif /* CONFIG_MBO */ 6682 6683 wpa_supplicant_set_default_scan_ies(wpa_s); 6684 6685 return 0; 6686 } 6687 6688 6689 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, 6690 int notify, int terminate) 6691 { 6692 struct wpa_global *global = wpa_s->global; 6693 struct wpa_supplicant *iface, *prev; 6694 6695 if (wpa_s == wpa_s->parent) 6696 wpas_p2p_group_remove(wpa_s, "*"); 6697 6698 iface = global->ifaces; 6699 while (iface) { 6700 if (iface->p2pdev == wpa_s) 6701 iface->p2pdev = iface->parent; 6702 if (iface == wpa_s || iface->parent != wpa_s) { 6703 iface = iface->next; 6704 continue; 6705 } 6706 wpa_printf(MSG_DEBUG, 6707 "Remove remaining child interface %s from parent %s", 6708 iface->ifname, wpa_s->ifname); 6709 prev = iface; 6710 iface = iface->next; 6711 wpa_supplicant_remove_iface(global, prev, terminate); 6712 } 6713 6714 wpa_s->disconnected = 1; 6715 if (wpa_s->drv_priv) { 6716 /* 6717 * Don't deauthenticate if WoWLAN is enable and not explicitly 6718 * been configured to disconnect. 6719 */ 6720 if (!wpa_drv_get_wowlan(wpa_s) || 6721 wpa_s->conf->wowlan_disconnect_on_deinit) { 6722 wpa_supplicant_deauthenticate( 6723 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 6724 6725 wpa_drv_set_countermeasures(wpa_s, 0); 6726 wpa_clear_keys(wpa_s, NULL); 6727 } else { 6728 wpa_msg(wpa_s, MSG_INFO, 6729 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled"); 6730 } 6731 } 6732 6733 wpa_supplicant_cleanup(wpa_s); 6734 wpas_p2p_deinit_iface(wpa_s); 6735 6736 wpas_ctrl_radio_work_flush(wpa_s); 6737 radio_remove_interface(wpa_s); 6738 6739 #ifdef CONFIG_FST 6740 if (wpa_s->fst) { 6741 fst_detach(wpa_s->fst); 6742 wpa_s->fst = NULL; 6743 } 6744 if (wpa_s->received_mb_ies) { 6745 wpabuf_free(wpa_s->received_mb_ies); 6746 wpa_s->received_mb_ies = NULL; 6747 } 6748 #endif /* CONFIG_FST */ 6749 6750 if (wpa_s->drv_priv) 6751 wpa_drv_deinit(wpa_s); 6752 6753 if (notify) 6754 wpas_notify_iface_removed(wpa_s); 6755 6756 if (terminate) 6757 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); 6758 6759 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface); 6760 wpa_s->ctrl_iface = NULL; 6761 6762 #ifdef CONFIG_MESH 6763 if (wpa_s->ifmsh) { 6764 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true); 6765 wpa_s->ifmsh = NULL; 6766 } 6767 #endif /* CONFIG_MESH */ 6768 6769 if (wpa_s->conf != NULL) { 6770 wpa_config_free(wpa_s->conf); 6771 wpa_s->conf = NULL; 6772 } 6773 6774 os_free(wpa_s->ssids_from_scan_req); 6775 os_free(wpa_s->last_scan_freqs); 6776 6777 os_free(wpa_s); 6778 } 6779 6780 6781 #ifdef CONFIG_MATCH_IFACE 6782 6783 /** 6784 * wpa_supplicant_match_iface - Match an interface description to a name 6785 * @global: Pointer to global data from wpa_supplicant_init() 6786 * @ifname: Name of the interface to match 6787 * Returns: Pointer to the created interface description or %NULL on failure 6788 */ 6789 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global, 6790 const char *ifname) 6791 { 6792 int i; 6793 struct wpa_interface *iface, *miface; 6794 6795 for (i = 0; i < global->params.match_iface_count; i++) { 6796 miface = &global->params.match_ifaces[i]; 6797 if (!miface->ifname || 6798 fnmatch(miface->ifname, ifname, 0) == 0) { 6799 iface = os_zalloc(sizeof(*iface)); 6800 if (!iface) 6801 return NULL; 6802 *iface = *miface; 6803 if (!miface->ifname) 6804 iface->matched = WPA_IFACE_MATCHED_NULL; 6805 else 6806 iface->matched = WPA_IFACE_MATCHED; 6807 iface->ifname = ifname; 6808 return iface; 6809 } 6810 } 6811 6812 return NULL; 6813 } 6814 6815 6816 /** 6817 * wpa_supplicant_match_existing - Match existing interfaces 6818 * @global: Pointer to global data from wpa_supplicant_init() 6819 * Returns: 0 on success, -1 on failure 6820 */ 6821 static int wpa_supplicant_match_existing(struct wpa_global *global) 6822 { 6823 struct if_nameindex *ifi, *ifp; 6824 struct wpa_supplicant *wpa_s; 6825 struct wpa_interface *iface; 6826 6827 ifp = if_nameindex(); 6828 if (!ifp) { 6829 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno)); 6830 return -1; 6831 } 6832 6833 for (ifi = ifp; ifi->if_name; ifi++) { 6834 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name); 6835 if (wpa_s) 6836 continue; 6837 iface = wpa_supplicant_match_iface(global, ifi->if_name); 6838 if (iface) { 6839 wpa_supplicant_add_iface(global, iface, NULL); 6840 os_free(iface); 6841 } 6842 } 6843 6844 if_freenameindex(ifp); 6845 return 0; 6846 } 6847 6848 #endif /* CONFIG_MATCH_IFACE */ 6849 6850 6851 /** 6852 * wpa_supplicant_add_iface - Add a new network interface 6853 * @global: Pointer to global data from wpa_supplicant_init() 6854 * @iface: Interface configuration options 6855 * @parent: Parent interface or %NULL to assign new interface as parent 6856 * Returns: Pointer to the created interface or %NULL on failure 6857 * 6858 * This function is used to add new network interfaces for %wpa_supplicant. 6859 * This can be called before wpa_supplicant_run() to add interfaces before the 6860 * main event loop has been started. In addition, new interfaces can be added 6861 * dynamically while %wpa_supplicant is already running. This could happen, 6862 * e.g., when a hotplug network adapter is inserted. 6863 */ 6864 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, 6865 struct wpa_interface *iface, 6866 struct wpa_supplicant *parent) 6867 { 6868 struct wpa_supplicant *wpa_s; 6869 struct wpa_interface t_iface; 6870 struct wpa_ssid *ssid; 6871 6872 if (global == NULL || iface == NULL) 6873 return NULL; 6874 6875 wpa_s = wpa_supplicant_alloc(parent); 6876 if (wpa_s == NULL) 6877 return NULL; 6878 6879 wpa_s->global = global; 6880 6881 t_iface = *iface; 6882 if (global->params.override_driver) { 6883 wpa_printf(MSG_DEBUG, "Override interface parameter: driver " 6884 "('%s' -> '%s')", 6885 iface->driver, global->params.override_driver); 6886 t_iface.driver = global->params.override_driver; 6887 } 6888 if (global->params.override_ctrl_interface) { 6889 wpa_printf(MSG_DEBUG, "Override interface parameter: " 6890 "ctrl_interface ('%s' -> '%s')", 6891 iface->ctrl_interface, 6892 global->params.override_ctrl_interface); 6893 t_iface.ctrl_interface = 6894 global->params.override_ctrl_interface; 6895 } 6896 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { 6897 wpa_printf(MSG_DEBUG, "Failed to add interface %s", 6898 iface->ifname); 6899 wpa_supplicant_deinit_iface(wpa_s, 0, 0); 6900 return NULL; 6901 } 6902 6903 if (iface->p2p_mgmt == 0) { 6904 /* Notify the control interfaces about new iface */ 6905 if (wpas_notify_iface_added(wpa_s)) { 6906 wpa_supplicant_deinit_iface(wpa_s, 1, 0); 6907 return NULL; 6908 } 6909 6910 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 6911 wpas_notify_network_added(wpa_s, ssid); 6912 } 6913 6914 wpa_s->next = global->ifaces; 6915 global->ifaces = wpa_s; 6916 6917 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); 6918 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 6919 6920 #ifdef CONFIG_P2P 6921 if (wpa_s->global->p2p == NULL && 6922 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled && 6923 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) && 6924 wpas_p2p_add_p2pdev_interface( 6925 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) { 6926 wpa_printf(MSG_INFO, 6927 "P2P: Failed to enable P2P Device interface"); 6928 /* Try to continue without. P2P will be disabled. */ 6929 } 6930 #endif /* CONFIG_P2P */ 6931 6932 return wpa_s; 6933 } 6934 6935 6936 /** 6937 * wpa_supplicant_remove_iface - Remove a network interface 6938 * @global: Pointer to global data from wpa_supplicant_init() 6939 * @wpa_s: Pointer to the network interface to be removed 6940 * Returns: 0 if interface was removed, -1 if interface was not found 6941 * 6942 * This function can be used to dynamically remove network interfaces from 6943 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In 6944 * addition, this function is used to remove all remaining interfaces when 6945 * %wpa_supplicant is terminated. 6946 */ 6947 int wpa_supplicant_remove_iface(struct wpa_global *global, 6948 struct wpa_supplicant *wpa_s, 6949 int terminate) 6950 { 6951 struct wpa_supplicant *prev; 6952 #ifdef CONFIG_MESH 6953 unsigned int mesh_if_created = wpa_s->mesh_if_created; 6954 char *ifname = NULL; 6955 struct wpa_supplicant *parent = wpa_s->parent; 6956 #endif /* CONFIG_MESH */ 6957 6958 /* Remove interface from the global list of interfaces */ 6959 prev = global->ifaces; 6960 if (prev == wpa_s) { 6961 global->ifaces = wpa_s->next; 6962 } else { 6963 while (prev && prev->next != wpa_s) 6964 prev = prev->next; 6965 if (prev == NULL) 6966 return -1; 6967 prev->next = wpa_s->next; 6968 } 6969 6970 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); 6971 6972 #ifdef CONFIG_MESH 6973 if (mesh_if_created) { 6974 ifname = os_strdup(wpa_s->ifname); 6975 if (ifname == NULL) { 6976 wpa_dbg(wpa_s, MSG_ERROR, 6977 "mesh: Failed to malloc ifname"); 6978 return -1; 6979 } 6980 } 6981 #endif /* CONFIG_MESH */ 6982 6983 if (global->p2p_group_formation == wpa_s) 6984 global->p2p_group_formation = NULL; 6985 if (global->p2p_invite_group == wpa_s) 6986 global->p2p_invite_group = NULL; 6987 wpa_supplicant_deinit_iface(wpa_s, 1, terminate); 6988 6989 #ifdef CONFIG_MESH 6990 if (mesh_if_created) { 6991 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname); 6992 os_free(ifname); 6993 } 6994 #endif /* CONFIG_MESH */ 6995 6996 return 0; 6997 } 6998 6999 7000 /** 7001 * wpa_supplicant_get_eap_mode - Get the current EAP mode 7002 * @wpa_s: Pointer to the network interface 7003 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found 7004 */ 7005 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) 7006 { 7007 const char *eapol_method; 7008 7009 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && 7010 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 7011 return "NO-EAP"; 7012 } 7013 7014 eapol_method = eapol_sm_get_method_name(wpa_s->eapol); 7015 if (eapol_method == NULL) 7016 return "UNKNOWN-EAP"; 7017 7018 return eapol_method; 7019 } 7020 7021 7022 /** 7023 * wpa_supplicant_get_iface - Get a new network interface 7024 * @global: Pointer to global data from wpa_supplicant_init() 7025 * @ifname: Interface name 7026 * Returns: Pointer to the interface or %NULL if not found 7027 */ 7028 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, 7029 const char *ifname) 7030 { 7031 struct wpa_supplicant *wpa_s; 7032 7033 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 7034 if (os_strcmp(wpa_s->ifname, ifname) == 0) 7035 return wpa_s; 7036 } 7037 return NULL; 7038 } 7039 7040 7041 #ifndef CONFIG_NO_WPA_MSG 7042 static const char * wpa_supplicant_msg_ifname_cb(void *ctx) 7043 { 7044 struct wpa_supplicant *wpa_s = ctx; 7045 if (wpa_s == NULL) 7046 return NULL; 7047 return wpa_s->ifname; 7048 } 7049 #endif /* CONFIG_NO_WPA_MSG */ 7050 7051 7052 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL 7053 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10 7054 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */ 7055 7056 /* Periodic cleanup tasks */ 7057 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx) 7058 { 7059 struct wpa_global *global = eloop_ctx; 7060 struct wpa_supplicant *wpa_s; 7061 7062 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, 7063 wpas_periodic, global, NULL); 7064 7065 #ifdef CONFIG_P2P 7066 if (global->p2p) 7067 p2p_expire_peers(global->p2p); 7068 #endif /* CONFIG_P2P */ 7069 7070 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 7071 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age); 7072 #ifdef CONFIG_AP 7073 ap_periodic(wpa_s); 7074 #endif /* CONFIG_AP */ 7075 } 7076 } 7077 7078 7079 /** 7080 * wpa_supplicant_init - Initialize %wpa_supplicant 7081 * @params: Parameters for %wpa_supplicant 7082 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure 7083 * 7084 * This function is used to initialize %wpa_supplicant. After successful 7085 * initialization, the returned data pointer can be used to add and remove 7086 * network interfaces, and eventually, to deinitialize %wpa_supplicant. 7087 */ 7088 struct wpa_global * wpa_supplicant_init(struct wpa_params *params) 7089 { 7090 struct wpa_global *global; 7091 int ret, i; 7092 7093 if (params == NULL) 7094 return NULL; 7095 7096 #ifndef CONFIG_NO_WPA_MSG 7097 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); 7098 #endif /* CONFIG_NO_WPA_MSG */ 7099 7100 if (params->wpa_debug_file_path) 7101 wpa_debug_open_file(params->wpa_debug_file_path); 7102 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog) 7103 wpa_debug_setup_stdout(); 7104 if (params->wpa_debug_syslog) 7105 wpa_debug_open_syslog(); 7106 if (params->wpa_debug_tracing) { 7107 ret = wpa_debug_open_linux_tracing(); 7108 if (ret) { 7109 wpa_printf(MSG_ERROR, 7110 "Failed to enable trace logging"); 7111 return NULL; 7112 } 7113 } 7114 7115 ret = eap_register_methods(); 7116 if (ret) { 7117 wpa_printf(MSG_ERROR, "Failed to register EAP methods"); 7118 if (ret == -2) 7119 wpa_printf(MSG_ERROR, "Two or more EAP methods used " 7120 "the same EAP type."); 7121 return NULL; 7122 } 7123 7124 global = os_zalloc(sizeof(*global)); 7125 if (global == NULL) 7126 return NULL; 7127 dl_list_init(&global->p2p_srv_bonjour); 7128 dl_list_init(&global->p2p_srv_upnp); 7129 global->params.daemonize = params->daemonize; 7130 global->params.wait_for_monitor = params->wait_for_monitor; 7131 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; 7132 if (params->pid_file) 7133 global->params.pid_file = os_strdup(params->pid_file); 7134 if (params->ctrl_interface) 7135 global->params.ctrl_interface = 7136 os_strdup(params->ctrl_interface); 7137 if (params->ctrl_interface_group) 7138 global->params.ctrl_interface_group = 7139 os_strdup(params->ctrl_interface_group); 7140 if (params->override_driver) 7141 global->params.override_driver = 7142 os_strdup(params->override_driver); 7143 if (params->override_ctrl_interface) 7144 global->params.override_ctrl_interface = 7145 os_strdup(params->override_ctrl_interface); 7146 #ifdef CONFIG_MATCH_IFACE 7147 global->params.match_iface_count = params->match_iface_count; 7148 if (params->match_iface_count) { 7149 global->params.match_ifaces = 7150 os_calloc(params->match_iface_count, 7151 sizeof(struct wpa_interface)); 7152 os_memcpy(global->params.match_ifaces, 7153 params->match_ifaces, 7154 params->match_iface_count * 7155 sizeof(struct wpa_interface)); 7156 } 7157 #endif /* CONFIG_MATCH_IFACE */ 7158 #ifdef CONFIG_P2P 7159 if (params->conf_p2p_dev) 7160 global->params.conf_p2p_dev = 7161 os_strdup(params->conf_p2p_dev); 7162 #endif /* CONFIG_P2P */ 7163 wpa_debug_level = global->params.wpa_debug_level = 7164 params->wpa_debug_level; 7165 wpa_debug_show_keys = global->params.wpa_debug_show_keys = 7166 params->wpa_debug_show_keys; 7167 wpa_debug_timestamp = global->params.wpa_debug_timestamp = 7168 params->wpa_debug_timestamp; 7169 7170 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR); 7171 7172 if (eloop_init()) { 7173 wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 7174 wpa_supplicant_deinit(global); 7175 return NULL; 7176 } 7177 7178 random_init(params->entropy_file); 7179 7180 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); 7181 if (global->ctrl_iface == NULL) { 7182 wpa_supplicant_deinit(global); 7183 return NULL; 7184 } 7185 7186 if (wpas_notify_supplicant_initialized(global)) { 7187 wpa_supplicant_deinit(global); 7188 return NULL; 7189 } 7190 7191 for (i = 0; wpa_drivers[i]; i++) 7192 global->drv_count++; 7193 if (global->drv_count == 0) { 7194 wpa_printf(MSG_ERROR, "No drivers enabled"); 7195 wpa_supplicant_deinit(global); 7196 return NULL; 7197 } 7198 global->drv_priv = os_calloc(global->drv_count, sizeof(void *)); 7199 if (global->drv_priv == NULL) { 7200 wpa_supplicant_deinit(global); 7201 return NULL; 7202 } 7203 7204 #ifdef CONFIG_WIFI_DISPLAY 7205 if (wifi_display_init(global) < 0) { 7206 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display"); 7207 wpa_supplicant_deinit(global); 7208 return NULL; 7209 } 7210 #endif /* CONFIG_WIFI_DISPLAY */ 7211 7212 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, 7213 wpas_periodic, global, NULL); 7214 7215 return global; 7216 } 7217 7218 7219 /** 7220 * wpa_supplicant_run - Run the %wpa_supplicant main event loop 7221 * @global: Pointer to global data from wpa_supplicant_init() 7222 * Returns: 0 after successful event loop run, -1 on failure 7223 * 7224 * This function starts the main event loop and continues running as long as 7225 * there are any remaining events. In most cases, this function is running as 7226 * long as the %wpa_supplicant process in still in use. 7227 */ 7228 int wpa_supplicant_run(struct wpa_global *global) 7229 { 7230 struct wpa_supplicant *wpa_s; 7231 7232 if (global->params.daemonize && 7233 (wpa_supplicant_daemon(global->params.pid_file) || 7234 eloop_sock_requeue())) 7235 return -1; 7236 7237 #ifdef CONFIG_MATCH_IFACE 7238 if (wpa_supplicant_match_existing(global)) 7239 return -1; 7240 #endif 7241 7242 if (global->params.wait_for_monitor) { 7243 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) 7244 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt) 7245 wpa_supplicant_ctrl_iface_wait( 7246 wpa_s->ctrl_iface); 7247 } 7248 7249 eloop_register_signal_terminate(wpa_supplicant_terminate, global); 7250 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); 7251 7252 eloop_run(); 7253 7254 return 0; 7255 } 7256 7257 7258 /** 7259 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant 7260 * @global: Pointer to global data from wpa_supplicant_init() 7261 * 7262 * This function is called to deinitialize %wpa_supplicant and to free all 7263 * allocated resources. Remaining network interfaces will also be removed. 7264 */ 7265 void wpa_supplicant_deinit(struct wpa_global *global) 7266 { 7267 int i; 7268 7269 if (global == NULL) 7270 return; 7271 7272 eloop_cancel_timeout(wpas_periodic, global, NULL); 7273 7274 #ifdef CONFIG_WIFI_DISPLAY 7275 wifi_display_deinit(global); 7276 #endif /* CONFIG_WIFI_DISPLAY */ 7277 7278 while (global->ifaces) 7279 wpa_supplicant_remove_iface(global, global->ifaces, 1); 7280 7281 if (global->ctrl_iface) 7282 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); 7283 7284 wpas_notify_supplicant_deinitialized(global); 7285 7286 eap_peer_unregister_methods(); 7287 #ifdef CONFIG_AP 7288 eap_server_unregister_methods(); 7289 #endif /* CONFIG_AP */ 7290 7291 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { 7292 if (!global->drv_priv[i]) 7293 continue; 7294 wpa_drivers[i]->global_deinit(global->drv_priv[i]); 7295 } 7296 os_free(global->drv_priv); 7297 7298 random_deinit(); 7299 7300 eloop_destroy(); 7301 7302 if (global->params.pid_file) { 7303 os_daemonize_terminate(global->params.pid_file); 7304 os_free(global->params.pid_file); 7305 } 7306 os_free(global->params.ctrl_interface); 7307 os_free(global->params.ctrl_interface_group); 7308 os_free(global->params.override_driver); 7309 os_free(global->params.override_ctrl_interface); 7310 #ifdef CONFIG_MATCH_IFACE 7311 os_free(global->params.match_ifaces); 7312 #endif /* CONFIG_MATCH_IFACE */ 7313 #ifdef CONFIG_P2P 7314 os_free(global->params.conf_p2p_dev); 7315 #endif /* CONFIG_P2P */ 7316 7317 os_free(global->p2p_disallow_freq.range); 7318 os_free(global->p2p_go_avoid_freq.range); 7319 os_free(global->add_psk); 7320 7321 os_free(global); 7322 wpa_debug_close_syslog(); 7323 wpa_debug_close_file(); 7324 wpa_debug_close_linux_tracing(); 7325 } 7326 7327 7328 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) 7329 { 7330 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && 7331 wpa_s->conf->country[0] && wpa_s->conf->country[1]) { 7332 char country[3]; 7333 country[0] = wpa_s->conf->country[0]; 7334 country[1] = wpa_s->conf->country[1]; 7335 country[2] = '\0'; 7336 if (wpa_drv_set_country(wpa_s, country) < 0) { 7337 wpa_printf(MSG_ERROR, "Failed to set country code " 7338 "'%s'", country); 7339 } 7340 } 7341 7342 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND) 7343 wpas_init_ext_pw(wpa_s); 7344 7345 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS) 7346 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); 7347 7348 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) { 7349 struct wpa_driver_capa capa; 7350 int res = wpa_drv_get_capa(wpa_s, &capa); 7351 7352 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) 7353 wpa_printf(MSG_ERROR, 7354 "Failed to update wowlan_triggers to '%s'", 7355 wpa_s->conf->wowlan_triggers); 7356 } 7357 7358 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM) 7359 wpa_supplicant_set_default_scan_ies(wpa_s); 7360 7361 #ifdef CONFIG_BGSCAN 7362 /* 7363 * We default to global bgscan parameters only when per-network bgscan 7364 * parameters aren't set. Only bother resetting bgscan parameters if 7365 * this is the case. 7366 */ 7367 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) && 7368 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan && 7369 wpa_s->wpa_state == WPA_COMPLETED) 7370 wpa_supplicant_reset_bgscan(wpa_s); 7371 #endif /* CONFIG_BGSCAN */ 7372 7373 #ifdef CONFIG_WPS 7374 wpas_wps_update_config(wpa_s); 7375 #endif /* CONFIG_WPS */ 7376 wpas_p2p_update_config(wpa_s); 7377 wpa_s->conf->changed_parameters = 0; 7378 } 7379 7380 7381 void add_freq(int *freqs, int *num_freqs, int freq) 7382 { 7383 int i; 7384 7385 for (i = 0; i < *num_freqs; i++) { 7386 if (freqs[i] == freq) 7387 return; 7388 } 7389 7390 freqs[*num_freqs] = freq; 7391 (*num_freqs)++; 7392 } 7393 7394 7395 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) 7396 { 7397 struct wpa_bss *bss, *cbss; 7398 const int max_freqs = 10; 7399 int *freqs; 7400 int num_freqs = 0; 7401 7402 freqs = os_calloc(max_freqs + 1, sizeof(int)); 7403 if (freqs == NULL) 7404 return NULL; 7405 7406 cbss = wpa_s->current_bss; 7407 7408 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 7409 if (bss == cbss) 7410 continue; 7411 if (bss->ssid_len == cbss->ssid_len && 7412 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && 7413 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) { 7414 add_freq(freqs, &num_freqs, bss->freq); 7415 if (num_freqs == max_freqs) 7416 break; 7417 } 7418 } 7419 7420 if (num_freqs == 0) { 7421 os_free(freqs); 7422 freqs = NULL; 7423 } 7424 7425 return freqs; 7426 } 7427 7428 7429 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid) 7430 { 7431 int timeout; 7432 int count; 7433 int *freqs = NULL; 7434 7435 wpas_connect_work_done(wpa_s); 7436 7437 /* 7438 * Remove possible authentication timeout since the connection failed. 7439 */ 7440 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 7441 7442 /* 7443 * There is no point in ignoring the AP temporarily if this event is 7444 * generated based on local request to disconnect. 7445 */ 7446 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) { 7447 wpa_s->own_disconnect_req = 0; 7448 wpa_dbg(wpa_s, MSG_DEBUG, 7449 "Ignore connection failure due to local request to disconnect"); 7450 return; 7451 } 7452 if (wpa_s->disconnected) { 7453 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure " 7454 "indication since interface has been put into " 7455 "disconnected state"); 7456 return; 7457 } 7458 7459 /* 7460 * Add the failed BSSID into the ignore list and speed up next scan 7461 * attempt if there could be other APs that could accept association. 7462 */ 7463 count = wpa_bssid_ignore_add(wpa_s, bssid); 7464 if (count == 1 && wpa_s->current_bss) { 7465 /* 7466 * This BSS was not in the ignore list before. If there is 7467 * another BSS available for the same ESS, we should try that 7468 * next. Otherwise, we may as well try this one once more 7469 * before allowing other, likely worse, ESSes to be considered. 7470 */ 7471 freqs = get_bss_freqs_in_ess(wpa_s); 7472 if (freqs) { 7473 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " 7474 "has been seen; try it next"); 7475 wpa_bssid_ignore_add(wpa_s, bssid); 7476 /* 7477 * On the next scan, go through only the known channels 7478 * used in this ESS based on previous scans to speed up 7479 * common load balancing use case. 7480 */ 7481 os_free(wpa_s->next_scan_freqs); 7482 wpa_s->next_scan_freqs = freqs; 7483 } 7484 } 7485 7486 wpa_s->consecutive_conn_failures++; 7487 7488 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) { 7489 wpa_printf(MSG_DEBUG, "Continuous association failures - " 7490 "consider temporary network disabling"); 7491 wpas_auth_failed(wpa_s, "CONN_FAILED"); 7492 } 7493 /* 7494 * Multiple consecutive connection failures mean that other APs are 7495 * either not available or have already been tried, so we can start 7496 * increasing the delay here to avoid constant scanning. 7497 */ 7498 switch (wpa_s->consecutive_conn_failures) { 7499 case 1: 7500 timeout = 100; 7501 break; 7502 case 2: 7503 timeout = 500; 7504 break; 7505 case 3: 7506 timeout = 1000; 7507 break; 7508 case 4: 7509 timeout = 5000; 7510 break; 7511 default: 7512 timeout = 10000; 7513 break; 7514 } 7515 7516 wpa_dbg(wpa_s, MSG_DEBUG, 7517 "Consecutive connection failures: %d --> request scan in %d ms", 7518 wpa_s->consecutive_conn_failures, timeout); 7519 7520 /* 7521 * TODO: if more than one possible AP is available in scan results, 7522 * could try the other ones before requesting a new scan. 7523 */ 7524 7525 /* speed up the connection attempt with normal scan */ 7526 wpa_s->normal_scans = 0; 7527 wpa_supplicant_req_scan(wpa_s, timeout / 1000, 7528 1000 * (timeout % 1000)); 7529 } 7530 7531 7532 #ifdef CONFIG_FILS 7533 7534 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s) 7535 { 7536 struct wpa_ssid *ssid = wpa_s->current_ssid; 7537 const u8 *realm, *username, *rrk; 7538 size_t realm_len, username_len, rrk_len; 7539 u16 next_seq_num; 7540 7541 /* Clear the PMKSA cache entry if FILS authentication was rejected. 7542 * Check for ERP keys existing to limit when this can be done since 7543 * the rejection response is not protected and such triggers should 7544 * really not allow internal state to be modified unless required to 7545 * avoid significant issues in functionality. In addition, drop 7546 * externally configure PMKSA entries even without ERP keys since it 7547 * is possible for an external component to add PMKSA entries for FILS 7548 * authentication without restoring previously generated ERP keys. 7549 * 7550 * In this case, this is needed to allow recovery from cases where the 7551 * AP or authentication server has dropped PMKSAs and ERP keys. */ 7552 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt)) 7553 return; 7554 7555 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, 7556 &username, &username_len, 7557 &realm, &realm_len, &next_seq_num, 7558 &rrk, &rrk_len) != 0 || 7559 !realm) { 7560 wpa_dbg(wpa_s, MSG_DEBUG, 7561 "FILS: Drop external PMKSA cache entry"); 7562 wpa_sm_aborted_external_cached(wpa_s->wpa); 7563 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid); 7564 return; 7565 } 7566 7567 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry"); 7568 wpa_sm_aborted_cached(wpa_s->wpa); 7569 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); 7570 } 7571 7572 7573 void fils_connection_failure(struct wpa_supplicant *wpa_s) 7574 { 7575 struct wpa_ssid *ssid = wpa_s->current_ssid; 7576 const u8 *realm, *username, *rrk; 7577 size_t realm_len, username_len, rrk_len; 7578 u16 next_seq_num; 7579 7580 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) || 7581 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, 7582 &username, &username_len, 7583 &realm, &realm_len, &next_seq_num, 7584 &rrk, &rrk_len) != 0 || 7585 !realm) 7586 return; 7587 7588 wpa_hexdump_ascii(MSG_DEBUG, 7589 "FILS: Store last connection failure realm", 7590 realm, realm_len); 7591 os_free(wpa_s->last_con_fail_realm); 7592 wpa_s->last_con_fail_realm = os_malloc(realm_len); 7593 if (wpa_s->last_con_fail_realm) { 7594 wpa_s->last_con_fail_realm_len = realm_len; 7595 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len); 7596 } 7597 } 7598 #endif /* CONFIG_FILS */ 7599 7600 7601 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) 7602 { 7603 return wpa_s->conf->ap_scan == 2 || 7604 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); 7605 } 7606 7607 7608 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) 7609 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, 7610 struct wpa_ssid *ssid, 7611 const char *field, 7612 const char *value) 7613 { 7614 #ifdef IEEE8021X_EAPOL 7615 struct eap_peer_config *eap = &ssid->eap; 7616 7617 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field); 7618 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value", 7619 (const u8 *) value, os_strlen(value)); 7620 7621 switch (wpa_supplicant_ctrl_req_from_string(field)) { 7622 case WPA_CTRL_REQ_EAP_IDENTITY: 7623 os_free(eap->identity); 7624 eap->identity = (u8 *) os_strdup(value); 7625 eap->identity_len = os_strlen(value); 7626 eap->pending_req_identity = 0; 7627 if (ssid == wpa_s->current_ssid) 7628 wpa_s->reassociate = 1; 7629 break; 7630 case WPA_CTRL_REQ_EAP_PASSWORD: 7631 bin_clear_free(eap->password, eap->password_len); 7632 eap->password = (u8 *) os_strdup(value); 7633 eap->password_len = os_strlen(value); 7634 eap->pending_req_password = 0; 7635 if (ssid == wpa_s->current_ssid) 7636 wpa_s->reassociate = 1; 7637 break; 7638 case WPA_CTRL_REQ_EAP_NEW_PASSWORD: 7639 bin_clear_free(eap->new_password, eap->new_password_len); 7640 eap->new_password = (u8 *) os_strdup(value); 7641 eap->new_password_len = os_strlen(value); 7642 eap->pending_req_new_password = 0; 7643 if (ssid == wpa_s->current_ssid) 7644 wpa_s->reassociate = 1; 7645 break; 7646 case WPA_CTRL_REQ_EAP_PIN: 7647 str_clear_free(eap->cert.pin); 7648 eap->cert.pin = os_strdup(value); 7649 eap->pending_req_pin = 0; 7650 if (ssid == wpa_s->current_ssid) 7651 wpa_s->reassociate = 1; 7652 break; 7653 case WPA_CTRL_REQ_EAP_OTP: 7654 bin_clear_free(eap->otp, eap->otp_len); 7655 eap->otp = (u8 *) os_strdup(value); 7656 eap->otp_len = os_strlen(value); 7657 os_free(eap->pending_req_otp); 7658 eap->pending_req_otp = NULL; 7659 eap->pending_req_otp_len = 0; 7660 break; 7661 case WPA_CTRL_REQ_EAP_PASSPHRASE: 7662 str_clear_free(eap->cert.private_key_passwd); 7663 eap->cert.private_key_passwd = os_strdup(value); 7664 eap->pending_req_passphrase = 0; 7665 if (ssid == wpa_s->current_ssid) 7666 wpa_s->reassociate = 1; 7667 break; 7668 case WPA_CTRL_REQ_SIM: 7669 str_clear_free(eap->external_sim_resp); 7670 eap->external_sim_resp = os_strdup(value); 7671 eap->pending_req_sim = 0; 7672 break; 7673 case WPA_CTRL_REQ_PSK_PASSPHRASE: 7674 if (wpa_config_set(ssid, "psk", value, 0) < 0) 7675 return -1; 7676 ssid->mem_only_psk = 1; 7677 if (ssid->passphrase) 7678 wpa_config_update_psk(ssid); 7679 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning) 7680 wpa_supplicant_req_scan(wpa_s, 0, 0); 7681 break; 7682 case WPA_CTRL_REQ_EXT_CERT_CHECK: 7683 if (eap->pending_ext_cert_check != PENDING_CHECK) 7684 return -1; 7685 if (os_strcmp(value, "good") == 0) 7686 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD; 7687 else if (os_strcmp(value, "bad") == 0) 7688 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD; 7689 else 7690 return -1; 7691 break; 7692 default: 7693 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field); 7694 return -1; 7695 } 7696 7697 return 0; 7698 #else /* IEEE8021X_EAPOL */ 7699 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included"); 7700 return -1; 7701 #endif /* IEEE8021X_EAPOL */ 7702 } 7703 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */ 7704 7705 7706 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 7707 { 7708 #ifdef CONFIG_WEP 7709 int i; 7710 unsigned int drv_enc; 7711 #endif /* CONFIG_WEP */ 7712 7713 if (wpa_s->p2p_mgmt) 7714 return 1; /* no normal network profiles on p2p_mgmt interface */ 7715 7716 if (ssid == NULL) 7717 return 1; 7718 7719 if (ssid->disabled) 7720 return 1; 7721 7722 #ifdef CONFIG_WEP 7723 if (wpa_s->drv_capa_known) 7724 drv_enc = wpa_s->drv_enc; 7725 else 7726 drv_enc = (unsigned int) -1; 7727 7728 for (i = 0; i < NUM_WEP_KEYS; i++) { 7729 size_t len = ssid->wep_key_len[i]; 7730 if (len == 0) 7731 continue; 7732 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40)) 7733 continue; 7734 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104)) 7735 continue; 7736 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128)) 7737 continue; 7738 return 1; /* invalid WEP key */ 7739 } 7740 #endif /* CONFIG_WEP */ 7741 7742 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && 7743 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk && 7744 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) && 7745 !ssid->mem_only_psk) 7746 return 1; 7747 7748 return 0; 7749 } 7750 7751 7752 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 7753 { 7754 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { 7755 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL && 7756 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) { 7757 /* 7758 * Driver does not support BIP -- ignore pmf=1 default 7759 * since the connection with PMF would fail and the 7760 * configuration does not require PMF to be enabled. 7761 */ 7762 return NO_MGMT_FRAME_PROTECTION; 7763 } 7764 7765 if (ssid && 7766 (ssid->key_mgmt & 7767 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS | 7768 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) { 7769 /* 7770 * Do not use the default PMF value for non-RSN networks 7771 * since PMF is available only with RSN and pmf=2 7772 * configuration would otherwise prevent connections to 7773 * all open networks. 7774 */ 7775 return NO_MGMT_FRAME_PROTECTION; 7776 } 7777 7778 return wpa_s->conf->pmf; 7779 } 7780 7781 return ssid->ieee80211w; 7782 } 7783 7784 7785 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) 7786 { 7787 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) 7788 return 1; 7789 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) 7790 return 0; 7791 return -1; 7792 } 7793 7794 7795 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason) 7796 { 7797 struct wpa_ssid *ssid = wpa_s->current_ssid; 7798 int dur; 7799 struct os_reltime now; 7800 7801 if (ssid == NULL) { 7802 wpa_printf(MSG_DEBUG, "Authentication failure but no known " 7803 "SSID block"); 7804 return; 7805 } 7806 7807 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS) 7808 return; 7809 7810 ssid->auth_failures++; 7811 7812 #ifdef CONFIG_P2P 7813 if (ssid->p2p_group && 7814 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) { 7815 /* 7816 * Skip the wait time since there is a short timeout on the 7817 * connection to a P2P group. 7818 */ 7819 return; 7820 } 7821 #endif /* CONFIG_P2P */ 7822 7823 if (ssid->auth_failures > 50) 7824 dur = 300; 7825 else if (ssid->auth_failures > 10) 7826 dur = 120; 7827 else if (ssid->auth_failures > 5) 7828 dur = 90; 7829 else if (ssid->auth_failures > 3) 7830 dur = 60; 7831 else if (ssid->auth_failures > 2) 7832 dur = 30; 7833 else if (ssid->auth_failures > 1) 7834 dur = 20; 7835 else 7836 dur = 10; 7837 7838 if (ssid->auth_failures > 1 && 7839 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) 7840 dur += os_random() % (ssid->auth_failures * 10); 7841 7842 os_get_reltime(&now); 7843 if (now.sec + dur <= ssid->disabled_until.sec) 7844 return; 7845 7846 ssid->disabled_until.sec = now.sec + dur; 7847 7848 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED 7849 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s", 7850 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len), 7851 ssid->auth_failures, dur, reason); 7852 } 7853 7854 7855 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s, 7856 struct wpa_ssid *ssid, int clear_failures) 7857 { 7858 if (ssid == NULL) 7859 return; 7860 7861 if (ssid->disabled_until.sec) { 7862 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED 7863 "id=%d ssid=\"%s\"", 7864 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 7865 } 7866 ssid->disabled_until.sec = 0; 7867 ssid->disabled_until.usec = 0; 7868 if (clear_failures) 7869 ssid->auth_failures = 0; 7870 } 7871 7872 7873 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid) 7874 { 7875 size_t i; 7876 7877 if (wpa_s->disallow_aps_bssid == NULL) 7878 return 0; 7879 7880 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) { 7881 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN, 7882 bssid, ETH_ALEN) == 0) 7883 return 1; 7884 } 7885 7886 return 0; 7887 } 7888 7889 7890 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, 7891 size_t ssid_len) 7892 { 7893 size_t i; 7894 7895 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL) 7896 return 0; 7897 7898 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) { 7899 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i]; 7900 if (ssid_len == s->ssid_len && 7901 os_memcmp(ssid, s->ssid, ssid_len) == 0) 7902 return 1; 7903 } 7904 7905 return 0; 7906 } 7907 7908 7909 /** 7910 * wpas_request_connection - Request a new connection 7911 * @wpa_s: Pointer to the network interface 7912 * 7913 * This function is used to request a new connection to be found. It will mark 7914 * the interface to allow reassociation and request a new scan to find a 7915 * suitable network to connect to. 7916 */ 7917 void wpas_request_connection(struct wpa_supplicant *wpa_s) 7918 { 7919 wpa_s->normal_scans = 0; 7920 wpa_s->scan_req = NORMAL_SCAN_REQ; 7921 wpa_supplicant_reinit_autoscan(wpa_s); 7922 wpa_s->disconnected = 0; 7923 wpa_s->reassociate = 1; 7924 wpa_s->last_owe_group = 0; 7925 7926 if (wpa_supplicant_fast_associate(wpa_s) != 1) 7927 wpa_supplicant_req_scan(wpa_s, 0, 0); 7928 else 7929 wpa_s->reattach = 0; 7930 } 7931 7932 7933 /** 7934 * wpas_request_disconnection - Request disconnection 7935 * @wpa_s: Pointer to the network interface 7936 * 7937 * This function is used to request disconnection from the currently connected 7938 * network. This will stop any ongoing scans and initiate deauthentication. 7939 */ 7940 void wpas_request_disconnection(struct wpa_supplicant *wpa_s) 7941 { 7942 #ifdef CONFIG_SME 7943 wpa_s->sme.prev_bssid_set = 0; 7944 #endif /* CONFIG_SME */ 7945 wpa_s->reassociate = 0; 7946 wpa_s->disconnected = 1; 7947 wpa_supplicant_cancel_sched_scan(wpa_s); 7948 wpa_supplicant_cancel_scan(wpa_s); 7949 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 7950 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); 7951 radio_remove_works(wpa_s, "connect", 0); 7952 radio_remove_works(wpa_s, "sme-connect", 0); 7953 } 7954 7955 7956 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title, 7957 struct wpa_used_freq_data *freqs_data, 7958 unsigned int len) 7959 { 7960 unsigned int i; 7961 7962 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s", 7963 len, title); 7964 for (i = 0; i < len; i++) { 7965 struct wpa_used_freq_data *cur = &freqs_data[i]; 7966 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X", 7967 i, cur->freq, cur->flags); 7968 } 7969 } 7970 7971 7972 /* 7973 * Find the operating frequencies of any of the virtual interfaces that 7974 * are using the same radio as the current interface, and in addition, get 7975 * information about the interface types that are using the frequency. 7976 */ 7977 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s, 7978 struct wpa_used_freq_data *freqs_data, 7979 unsigned int len) 7980 { 7981 struct wpa_supplicant *ifs; 7982 u8 bssid[ETH_ALEN]; 7983 int freq; 7984 unsigned int idx = 0, i; 7985 7986 wpa_dbg(wpa_s, MSG_DEBUG, 7987 "Determining shared radio frequencies (max len %u)", len); 7988 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len); 7989 7990 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant, 7991 radio_list) { 7992 if (idx == len) 7993 break; 7994 7995 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0) 7996 continue; 7997 7998 if (ifs->current_ssid->mode == WPAS_MODE_AP || 7999 ifs->current_ssid->mode == WPAS_MODE_P2P_GO || 8000 ifs->current_ssid->mode == WPAS_MODE_MESH) 8001 freq = ifs->current_ssid->frequency; 8002 else if (wpa_drv_get_bssid(ifs, bssid) == 0) 8003 freq = ifs->assoc_freq; 8004 else 8005 continue; 8006 8007 /* Hold only distinct freqs */ 8008 for (i = 0; i < idx; i++) 8009 if (freqs_data[i].freq == freq) 8010 break; 8011 8012 if (i == idx) 8013 freqs_data[idx++].freq = freq; 8014 8015 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) { 8016 freqs_data[i].flags |= ifs->current_ssid->p2p_group ? 8017 WPA_FREQ_USED_BY_P2P_CLIENT : 8018 WPA_FREQ_USED_BY_INFRA_STATION; 8019 } 8020 } 8021 8022 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx); 8023 return idx; 8024 } 8025 8026 8027 /* 8028 * Find the operating frequencies of any of the virtual interfaces that 8029 * are using the same radio as the current interface. 8030 */ 8031 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s, 8032 int *freq_array, unsigned int len) 8033 { 8034 struct wpa_used_freq_data *freqs_data; 8035 int num, i; 8036 8037 os_memset(freq_array, 0, sizeof(int) * len); 8038 8039 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data)); 8040 if (!freqs_data) 8041 return -1; 8042 8043 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len); 8044 for (i = 0; i < num; i++) 8045 freq_array[i] = freqs_data[i].freq; 8046 8047 os_free(freqs_data); 8048 8049 return num; 8050 } 8051 8052 8053 struct wpa_supplicant * 8054 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame) 8055 { 8056 switch (frame) { 8057 #ifdef CONFIG_P2P 8058 case VENDOR_ELEM_PROBE_REQ_P2P: 8059 case VENDOR_ELEM_PROBE_RESP_P2P: 8060 case VENDOR_ELEM_PROBE_RESP_P2P_GO: 8061 case VENDOR_ELEM_BEACON_P2P_GO: 8062 case VENDOR_ELEM_P2P_PD_REQ: 8063 case VENDOR_ELEM_P2P_PD_RESP: 8064 case VENDOR_ELEM_P2P_GO_NEG_REQ: 8065 case VENDOR_ELEM_P2P_GO_NEG_RESP: 8066 case VENDOR_ELEM_P2P_GO_NEG_CONF: 8067 case VENDOR_ELEM_P2P_INV_REQ: 8068 case VENDOR_ELEM_P2P_INV_RESP: 8069 case VENDOR_ELEM_P2P_ASSOC_REQ: 8070 case VENDOR_ELEM_P2P_ASSOC_RESP: 8071 return wpa_s->p2pdev; 8072 #endif /* CONFIG_P2P */ 8073 default: 8074 return wpa_s; 8075 } 8076 } 8077 8078 8079 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s) 8080 { 8081 unsigned int i; 8082 char buf[30]; 8083 8084 wpa_printf(MSG_DEBUG, "Update vendor elements"); 8085 8086 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { 8087 if (wpa_s->vendor_elem[i]) { 8088 int res; 8089 8090 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i); 8091 if (!os_snprintf_error(sizeof(buf), res)) { 8092 wpa_hexdump_buf(MSG_DEBUG, buf, 8093 wpa_s->vendor_elem[i]); 8094 } 8095 } 8096 } 8097 8098 #ifdef CONFIG_P2P 8099 if (wpa_s->parent == wpa_s && 8100 wpa_s->global->p2p && 8101 !wpa_s->global->p2p_disabled) 8102 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem); 8103 #endif /* CONFIG_P2P */ 8104 } 8105 8106 8107 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame, 8108 const u8 *elem, size_t len) 8109 { 8110 u8 *ie, *end; 8111 8112 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]); 8113 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]); 8114 8115 for (; ie + 1 < end; ie += 2 + ie[1]) { 8116 if (ie + len > end) 8117 break; 8118 if (os_memcmp(ie, elem, len) != 0) 8119 continue; 8120 8121 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) { 8122 wpabuf_free(wpa_s->vendor_elem[frame]); 8123 wpa_s->vendor_elem[frame] = NULL; 8124 } else { 8125 os_memmove(ie, ie + len, end - (ie + len)); 8126 wpa_s->vendor_elem[frame]->used -= len; 8127 } 8128 wpas_vendor_elem_update(wpa_s); 8129 return 0; 8130 } 8131 8132 return -1; 8133 } 8134 8135 8136 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes, 8137 u16 num_modes, enum hostapd_hw_mode mode, 8138 bool is_6ghz) 8139 { 8140 u16 i; 8141 8142 for (i = 0; i < num_modes; i++) { 8143 if (modes[i].mode != mode || 8144 !modes[i].num_channels || !modes[i].channels) 8145 continue; 8146 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) || 8147 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq))) 8148 return &modes[i]; 8149 } 8150 8151 return NULL; 8152 } 8153 8154 8155 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes, 8156 u16 num_modes, int freq) 8157 { 8158 int i, j; 8159 8160 for (i = 0; i < num_modes; i++) { 8161 for (j = 0; j < modes[i].num_channels; j++) { 8162 if (freq == modes[i].channels[j].freq) 8163 return &modes[i]; 8164 } 8165 } 8166 8167 return NULL; 8168 } 8169 8170 8171 static struct 8172 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s, 8173 const u8 *bssid) 8174 { 8175 struct wpa_bss_tmp_disallowed *bss; 8176 8177 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed, 8178 struct wpa_bss_tmp_disallowed, list) { 8179 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0) 8180 return bss; 8181 } 8182 8183 return NULL; 8184 } 8185 8186 8187 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s) 8188 { 8189 struct wpa_bss_tmp_disallowed *tmp; 8190 unsigned int num_bssid = 0; 8191 u8 *bssids; 8192 int ret; 8193 8194 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN); 8195 if (!bssids) 8196 return -1; 8197 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, 8198 struct wpa_bss_tmp_disallowed, list) { 8199 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid, 8200 ETH_ALEN); 8201 num_bssid++; 8202 } 8203 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids); 8204 os_free(bssids); 8205 return ret; 8206 } 8207 8208 8209 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx) 8210 { 8211 struct wpa_supplicant *wpa_s = eloop_ctx; 8212 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx; 8213 8214 /* Make sure the bss is not already freed */ 8215 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, 8216 struct wpa_bss_tmp_disallowed, list) { 8217 if (bss == tmp) { 8218 remove_bss_tmp_disallowed_entry(wpa_s, tmp); 8219 wpa_set_driver_tmp_disallow_list(wpa_s); 8220 break; 8221 } 8222 } 8223 } 8224 8225 8226 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid, 8227 unsigned int sec, int rssi_threshold) 8228 { 8229 struct wpa_bss_tmp_disallowed *bss; 8230 8231 bss = wpas_get_disallowed_bss(wpa_s, bssid); 8232 if (bss) { 8233 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); 8234 goto finish; 8235 } 8236 8237 bss = os_malloc(sizeof(*bss)); 8238 if (!bss) { 8239 wpa_printf(MSG_DEBUG, 8240 "Failed to allocate memory for temp disallow BSS"); 8241 return; 8242 } 8243 8244 os_memcpy(bss->bssid, bssid, ETH_ALEN); 8245 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list); 8246 wpa_set_driver_tmp_disallow_list(wpa_s); 8247 8248 finish: 8249 bss->rssi_threshold = rssi_threshold; 8250 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout, 8251 wpa_s, bss); 8252 } 8253 8254 8255 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, 8256 struct wpa_bss *bss) 8257 { 8258 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev; 8259 8260 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed, 8261 struct wpa_bss_tmp_disallowed, list) { 8262 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) { 8263 disallowed = tmp; 8264 break; 8265 } 8266 } 8267 if (!disallowed) 8268 return 0; 8269 8270 if (disallowed->rssi_threshold != 0 && 8271 bss->level > disallowed->rssi_threshold) { 8272 remove_bss_tmp_disallowed_entry(wpa_s, disallowed); 8273 wpa_set_driver_tmp_disallow_list(wpa_s); 8274 return 0; 8275 } 8276 8277 return 1; 8278 } 8279 8280 8281 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s, 8282 unsigned int type, const u8 *addr, 8283 const u8 *mask) 8284 { 8285 if ((addr && !mask) || (!addr && mask)) { 8286 wpa_printf(MSG_INFO, 8287 "MAC_ADDR_RAND_SCAN invalid addr/mask combination"); 8288 return -1; 8289 } 8290 8291 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) { 8292 wpa_printf(MSG_INFO, 8293 "MAC_ADDR_RAND_SCAN cannot allow multicast address"); 8294 return -1; 8295 } 8296 8297 if (type & MAC_ADDR_RAND_SCAN) { 8298 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN, 8299 addr, mask)) 8300 return -1; 8301 } 8302 8303 if (type & MAC_ADDR_RAND_SCHED_SCAN) { 8304 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN, 8305 addr, mask)) 8306 return -1; 8307 8308 if (wpa_s->sched_scanning && !wpa_s->pno) 8309 wpas_scan_restart_sched_scan(wpa_s); 8310 } 8311 8312 if (type & MAC_ADDR_RAND_PNO) { 8313 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO, 8314 addr, mask)) 8315 return -1; 8316 8317 if (wpa_s->pno) { 8318 wpas_stop_pno(wpa_s); 8319 wpas_start_pno(wpa_s); 8320 } 8321 } 8322 8323 return 0; 8324 } 8325 8326 8327 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s, 8328 unsigned int type) 8329 { 8330 wpas_mac_addr_rand_scan_clear(wpa_s, type); 8331 if (wpa_s->pno) { 8332 if (type & MAC_ADDR_RAND_PNO) { 8333 wpas_stop_pno(wpa_s); 8334 wpas_start_pno(wpa_s); 8335 } 8336 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) { 8337 wpas_scan_restart_sched_scan(wpa_s); 8338 } 8339 8340 return 0; 8341 } 8342 8343 8344 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s, 8345 struct wpa_signal_info *si) 8346 { 8347 int res; 8348 8349 if (!wpa_s->driver->signal_poll) 8350 return -1; 8351 8352 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si); 8353 8354 #ifdef CONFIG_TESTING_OPTIONS 8355 if (res == 0) { 8356 struct driver_signal_override *dso; 8357 8358 dl_list_for_each(dso, &wpa_s->drv_signal_override, 8359 struct driver_signal_override, list) { 8360 if (os_memcmp(wpa_s->bssid, dso->bssid, 8361 ETH_ALEN) != 0) 8362 continue; 8363 wpa_printf(MSG_DEBUG, 8364 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d", 8365 si->current_signal, 8366 dso->si_current_signal, 8367 si->avg_signal, 8368 dso->si_avg_signal, 8369 si->avg_beacon_signal, 8370 dso->si_avg_beacon_signal, 8371 si->current_noise, 8372 dso->si_current_noise); 8373 si->current_signal = dso->si_current_signal; 8374 si->avg_signal = dso->si_avg_signal; 8375 si->avg_beacon_signal = dso->si_avg_beacon_signal; 8376 si->current_noise = dso->si_current_noise; 8377 break; 8378 } 8379 } 8380 #endif /* CONFIG_TESTING_OPTIONS */ 8381 8382 return res; 8383 } 8384 8385 8386 struct wpa_scan_results * 8387 wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s) 8388 { 8389 struct wpa_scan_results *scan_res; 8390 #ifdef CONFIG_TESTING_OPTIONS 8391 size_t idx; 8392 #endif /* CONFIG_TESTING_OPTIONS */ 8393 8394 if (!wpa_s->driver->get_scan_results2) 8395 return NULL; 8396 8397 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv); 8398 8399 #ifdef CONFIG_TESTING_OPTIONS 8400 for (idx = 0; scan_res && idx < scan_res->num; idx++) { 8401 struct driver_signal_override *dso; 8402 struct wpa_scan_res *res = scan_res->res[idx]; 8403 8404 dl_list_for_each(dso, &wpa_s->drv_signal_override, 8405 struct driver_signal_override, list) { 8406 if (os_memcmp(res->bssid, dso->bssid, ETH_ALEN) != 0) 8407 continue; 8408 wpa_printf(MSG_DEBUG, 8409 "Override driver scan signal level %d->%d for " 8410 MACSTR, 8411 res->level, dso->scan_level, 8412 MAC2STR(res->bssid)); 8413 res->flags |= WPA_SCAN_QUAL_INVALID; 8414 if (dso->scan_level < 0) 8415 res->flags |= WPA_SCAN_LEVEL_DBM; 8416 else 8417 res->flags &= ~WPA_SCAN_LEVEL_DBM; 8418 res->level = dso->scan_level; 8419 break; 8420 } 8421 } 8422 #endif /* CONFIG_TESTING_OPTIONS */ 8423 8424 return scan_res; 8425 } 8426