search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
nl80211: Fix a typo
[hostap-gosc2009.git] / wpa_supplicant / events.c
blob0bb5a71d3b1d8506ecfeca9927172326639d0f29
1 /*
2 * WPA Supplicant - Driver event processing
3 * Copyright (c) 2003-2010, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 */
14
15 #include "includes.h"
16
17 #include "common.h"
18 #include "eapol_supp/eapol_supp_sm.h"
19 #include "rsn_supp/wpa.h"
20 #include "eloop.h"
21 #include "config.h"
22 #include "l2_packet/l2_packet.h"
23 #include "wpa_supplicant_i.h"
24 #include "driver_i.h"
25 #include "pcsc_funcs.h"
26 #include "rsn_supp/preauth.h"
27 #include "rsn_supp/pmksa_cache.h"
28 #include "common/wpa_ctrl.h"
29 #include "eap_peer/eap.h"
30 #include "ap/hostapd.h"
31 #include "notify.h"
32 #include "common/ieee802_11_defs.h"
33 #include "blacklist.h"
34 #include "wpas_glue.h"
35 #include "wps_supplicant.h"
36 #include "ibss_rsn.h"
37 #include "sme.h"
38 #include "bgscan.h"
39 #include "ap.h"
40 #include "bss.h"
41 #include "mlme.h"
42 #include "scan.h"
43
44
45 static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s)
46 {
47 struct wpa_ssid *ssid, *old_ssid;
48
49 if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid)
50 return 0;
51
52 wpa_printf(MSG_DEBUG, "Select network based on association "
53 "information");
54 ssid = wpa_supplicant_get_ssid(wpa_s);
55 if (ssid == NULL) {
56 wpa_printf(MSG_INFO, "No network configuration found for the "
57 "current AP");
58 return -1;
59 }
60
61 if (ssid->disabled) {
62 wpa_printf(MSG_DEBUG, "Selected network is disabled");
63 return -1;
64 }
65
66 wpa_printf(MSG_DEBUG, "Network configuration found for the current "
67 "AP");
68 if (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
69 WPA_KEY_MGMT_WPA_NONE |
70 WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_FT_IEEE8021X |
71 WPA_KEY_MGMT_PSK_SHA256 |
72 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
73 u8 wpa_ie[80];
74 size_t wpa_ie_len = sizeof(wpa_ie);
75 wpa_supplicant_set_suites(wpa_s, NULL, ssid,
76 wpa_ie, &wpa_ie_len);
77 } else {
78 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
79 }
80
81 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid)
82 eapol_sm_invalidate_cached_session(wpa_s->eapol);
83 old_ssid = wpa_s->current_ssid;
84 wpa_s->current_ssid = ssid;
85 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
86 wpa_supplicant_initiate_eapol(wpa_s);
87 if (old_ssid != wpa_s->current_ssid)
88 wpas_notify_network_changed(wpa_s);
89
90 return 0;
91 }
92
93
94 static void wpa_supplicant_stop_countermeasures(void *eloop_ctx,
95 void *sock_ctx)
96 {
97 struct wpa_supplicant *wpa_s = eloop_ctx;
98
99 if (wpa_s->countermeasures) {
100 wpa_s->countermeasures = 0;
101 wpa_drv_set_countermeasures(wpa_s, 0);
102 wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped");
103 wpa_supplicant_req_scan(wpa_s, 0, 0);
104 }
105 }
106
107
108 void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s)
109 {
110 int bssid_changed;
111
112 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
113 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
114 os_memset(wpa_s->bssid, 0, ETH_ALEN);
115 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
116 if (bssid_changed)
117 wpas_notify_bssid_changed(wpa_s);
118
119 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
120 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
121 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt))
122 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
123 wpa_s->ap_ies_from_associnfo = 0;
124 }
125
126
127 static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s)
128 {
129 struct wpa_ie_data ie;
130 int pmksa_set = -1;
131 size_t i;
132
133 if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 ||
134 ie.pmkid == NULL)
135 return;
136
137 for (i = 0; i < ie.num_pmkid; i++) {
138 pmksa_set = pmksa_cache_set_current(wpa_s->wpa,
139 ie.pmkid + i * PMKID_LEN,
140 NULL, NULL, 0);
141 if (pmksa_set == 0) {
142 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
143 break;
144 }
145 }
146
147 wpa_printf(MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from PMKSA "
148 "cache", pmksa_set == 0 ? "" : "not ");
149 }
150
151
152 static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s,
153 union wpa_event_data *data)
154 {
155 if (data == NULL) {
156 wpa_printf(MSG_DEBUG, "RSN: No data in PMKID candidate event");
157 return;
158 }
159 wpa_printf(MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR
160 " index=%d preauth=%d",
161 MAC2STR(data->pmkid_candidate.bssid),
162 data->pmkid_candidate.index,
163 data->pmkid_candidate.preauth);
164
165 pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid,
166 data->pmkid_candidate.index,
167 data->pmkid_candidate.preauth);
168 }
169
170
171 static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s)
172 {
173 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
174 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
175 return 0;
176
177 #ifdef IEEE8021X_EAPOL
178 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
179 wpa_s->current_ssid &&
180 !(wpa_s->current_ssid->eapol_flags &
181 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
182 EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) {
183 /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either
184 * plaintext or static WEP keys). */
185 return 0;
186 }
187 #endif /* IEEE8021X_EAPOL */
188
189 return 1;
190 }
191
192
193 /**
194 * wpa_supplicant_scard_init - Initialize SIM/USIM access with PC/SC
195 * @wpa_s: pointer to wpa_supplicant data
196 * @ssid: Configuration data for the network
197 * Returns: 0 on success, -1 on failure
198 *
199 * This function is called when starting authentication with a network that is
200 * configured to use PC/SC for SIM/USIM access (EAP-SIM or EAP-AKA).
201 */
202 int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s,
203 struct wpa_ssid *ssid)
204 {
205 #ifdef IEEE8021X_EAPOL
206 int aka = 0, sim = 0, type;
207
208 if (ssid->eap.pcsc == NULL || wpa_s->scard != NULL)
209 return 0;
210
211 if (ssid->eap.eap_methods == NULL) {
212 sim = 1;
213 aka = 1;
214 } else {
215 struct eap_method_type *eap = ssid->eap.eap_methods;
216 while (eap->vendor != EAP_VENDOR_IETF ||
217 eap->method != EAP_TYPE_NONE) {
218 if (eap->vendor == EAP_VENDOR_IETF) {
219 if (eap->method == EAP_TYPE_SIM)
220 sim = 1;
221 else if (eap->method == EAP_TYPE_AKA)
222 aka = 1;
223 }
224 eap++;
225 }
226 }
227
228 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_SIM) == NULL)
229 sim = 0;
230 if (eap_peer_get_eap_method(EAP_VENDOR_IETF, EAP_TYPE_AKA) == NULL)
231 aka = 0;
232
233 if (!sim && !aka) {
234 wpa_printf(MSG_DEBUG, "Selected network is configured to use "
235 "SIM, but neither EAP-SIM nor EAP-AKA are enabled");
236 return 0;
237 }
238
239 wpa_printf(MSG_DEBUG, "Selected network is configured to use SIM "
240 "(sim=%d aka=%d) - initialize PCSC", sim, aka);
241 if (sim && aka)
242 type = SCARD_TRY_BOTH;
243 else if (aka)
244 type = SCARD_USIM_ONLY;
245 else
246 type = SCARD_GSM_SIM_ONLY;
247
248 wpa_s->scard = scard_init(type);
249 if (wpa_s->scard == NULL) {
250 wpa_printf(MSG_WARNING, "Failed to initialize SIM "
251 "(pcsc-lite)");
252 return -1;
253 }
254 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
255 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
256 #endif /* IEEE8021X_EAPOL */
257
258 return 0;
259 }
260
261
262 #ifndef CONFIG_NO_SCAN_PROCESSING
263 static int wpa_supplicant_match_privacy(struct wpa_scan_res *bss,
264 struct wpa_ssid *ssid)
265 {
266 int i, privacy = 0;
267
268 if (ssid->mixed_cell)
269 return 1;
270
271 #ifdef CONFIG_WPS
272 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
273 return 1;
274 #endif /* CONFIG_WPS */
275
276 for (i = 0; i < NUM_WEP_KEYS; i++) {
277 if (ssid->wep_key_len[i]) {
278 privacy = 1;
279 break;
280 }
281 }
282 #ifdef IEEE8021X_EAPOL
283 if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
284 ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
285 EAPOL_FLAG_REQUIRE_KEY_BROADCAST))
286 privacy = 1;
287 #endif /* IEEE8021X_EAPOL */
288
289 if (bss->caps & IEEE80211_CAP_PRIVACY)
290 return privacy;
291 return !privacy;
292 }
293
294
295 static int wpa_supplicant_ssid_bss_match(struct wpa_supplicant *wpa_s,
296 struct wpa_ssid *ssid,
297 struct wpa_scan_res *bss)
298 {
299 struct wpa_ie_data ie;
300 int proto_match = 0;
301 const u8 *rsn_ie, *wpa_ie;
302 int ret;
303
304 ret = wpas_wps_ssid_bss_match(wpa_s, ssid, bss);
305 if (ret >= 0)
306 return ret;
307
308 rsn_ie = wpa_scan_get_ie(bss, WLAN_EID_RSN);
309 while ((ssid->proto & WPA_PROTO_RSN) && rsn_ie) {
310 proto_match++;
311
312 if (wpa_parse_wpa_ie(rsn_ie, 2 + rsn_ie[1], &ie)) {
313 wpa_printf(MSG_DEBUG, " skip RSN IE - parse failed");
314 break;
315 }
316 if (!(ie.proto & ssid->proto)) {
317 wpa_printf(MSG_DEBUG, " skip RSN IE - proto "
318 "mismatch");
319 break;
320 }
321
322 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) {
323 wpa_printf(MSG_DEBUG, " skip RSN IE - PTK cipher "
324 "mismatch");
325 break;
326 }
327
328 if (!(ie.group_cipher & ssid->group_cipher)) {
329 wpa_printf(MSG_DEBUG, " skip RSN IE - GTK cipher "
330 "mismatch");
331 break;
332 }
333
334 if (!(ie.key_mgmt & ssid->key_mgmt)) {
335 wpa_printf(MSG_DEBUG, " skip RSN IE - key mgmt "
336 "mismatch");
337 break;
338 }
339
340 #ifdef CONFIG_IEEE80211W
341 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
342 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
343 wpa_printf(MSG_DEBUG, " skip RSN IE - no mgmt frame "
344 "protection");
345 break;
346 }
347 #endif /* CONFIG_IEEE80211W */
348
349 wpa_printf(MSG_DEBUG, " selected based on RSN IE");
350 return 1;
351 }
352
353 wpa_ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
354 while ((ssid->proto & WPA_PROTO_WPA) && wpa_ie) {
355 proto_match++;
356
357 if (wpa_parse_wpa_ie(wpa_ie, 2 + wpa_ie[1], &ie)) {
358 wpa_printf(MSG_DEBUG, " skip WPA IE - parse failed");
359 break;
360 }
361 if (!(ie.proto & ssid->proto)) {
362 wpa_printf(MSG_DEBUG, " skip WPA IE - proto "
363 "mismatch");
364 break;
365 }
366
367 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) {
368 wpa_printf(MSG_DEBUG, " skip WPA IE - PTK cipher "
369 "mismatch");
370 break;
371 }
372
373 if (!(ie.group_cipher & ssid->group_cipher)) {
374 wpa_printf(MSG_DEBUG, " skip WPA IE - GTK cipher "
375 "mismatch");
376 break;
377 }
378
379 if (!(ie.key_mgmt & ssid->key_mgmt)) {
380 wpa_printf(MSG_DEBUG, " skip WPA IE - key mgmt "
381 "mismatch");
382 break;
383 }
384
385 wpa_printf(MSG_DEBUG, " selected based on WPA IE");
386 return 1;
387 }
388
389 if (proto_match == 0)
390 wpa_printf(MSG_DEBUG, " skip - no WPA/RSN proto match");
391
392 return 0;
393 }
394
395
396 static struct wpa_bss *
397 wpa_supplicant_select_bss_wpa(struct wpa_supplicant *wpa_s,
398 struct wpa_scan_results *scan_res,
399 struct wpa_ssid *group,
400 struct wpa_ssid **selected_ssid)
401 {
402 struct wpa_ssid *ssid;
403 struct wpa_scan_res *bss;
404 size_t i;
405 struct wpa_blacklist *e;
406 const u8 *ie;
407
408 wpa_printf(MSG_DEBUG, "Try to find WPA-enabled AP");
409 for (i = 0; i < scan_res->num; i++) {
410 const u8 *ssid_;
411 u8 wpa_ie_len, rsn_ie_len, ssid_len;
412 bss = scan_res->res[i];
413
414 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
415 ssid_ = ie ? ie + 2 : (u8 *) "";
416 ssid_len = ie ? ie[1] : 0;
417
418 ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
419 wpa_ie_len = ie ? ie[1] : 0;
420
421 ie = wpa_scan_get_ie(bss, WLAN_EID_RSN);
422 rsn_ie_len = ie ? ie[1] : 0;
423
424 wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
425 "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x",
426 (int) i, MAC2STR(bss->bssid),
427 wpa_ssid_txt(ssid_, ssid_len),
428 wpa_ie_len, rsn_ie_len, bss->caps);
429
430 e = wpa_blacklist_get(wpa_s, bss->bssid);
431 if (e && e->count > 1) {
432 wpa_printf(MSG_DEBUG, " skip - blacklisted");
433 continue;
434 }
435
436 if (ssid_len == 0) {
437 wpa_printf(MSG_DEBUG, " skip - SSID not known");
438 continue;
439 }
440
441 if (wpa_ie_len == 0 && rsn_ie_len == 0) {
442 wpa_printf(MSG_DEBUG, " skip - no WPA/RSN IE");
443 continue;
444 }
445
446 for (ssid = group; ssid; ssid = ssid->pnext) {
447 int check_ssid = 1;
448
449 if (ssid->disabled) {
450 wpa_printf(MSG_DEBUG, " skip - disabled");
451 continue;
452 }
453
454 #ifdef CONFIG_WPS
455 if (ssid->ssid_len == 0 &&
456 wpas_wps_ssid_wildcard_ok(wpa_s, ssid, bss))
457 check_ssid = 0;
458 #endif /* CONFIG_WPS */
459
460 if (check_ssid &&
461 (ssid_len != ssid->ssid_len ||
462 os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) {
463 wpa_printf(MSG_DEBUG, " skip - "
464 "SSID mismatch");
465 continue;
466 }
467
468 if (ssid->bssid_set &&
469 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0)
470 {
471 wpa_printf(MSG_DEBUG, " skip - "
472 "BSSID mismatch");
473 continue;
474 }
475
476 if (!wpa_supplicant_ssid_bss_match(wpa_s, ssid, bss))
477 continue;
478
479 wpa_printf(MSG_DEBUG, " selected WPA AP "
480 MACSTR " ssid='%s'",
481 MAC2STR(bss->bssid),
482 wpa_ssid_txt(ssid_, ssid_len));
483 *selected_ssid = ssid;
484 return wpa_bss_get(wpa_s, bss->bssid, ssid_, ssid_len);
485 }
486 }
487
488 return NULL;
489 }
490
491
492 static struct wpa_bss *
493 wpa_supplicant_select_bss_non_wpa(struct wpa_supplicant *wpa_s,
494 struct wpa_scan_results *scan_res,
495 struct wpa_ssid *group,
496 struct wpa_ssid **selected_ssid)
497 {
498 struct wpa_ssid *ssid;
499 struct wpa_scan_res *bss;
500 size_t i;
501 struct wpa_blacklist *e;
502 const u8 *ie;
503
504 wpa_printf(MSG_DEBUG, "Try to find non-WPA AP");
505 for (i = 0; i < scan_res->num; i++) {
506 const u8 *ssid_;
507 u8 wpa_ie_len, rsn_ie_len, ssid_len;
508 bss = scan_res->res[i];
509
510 ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
511 ssid_ = ie ? ie + 2 : (u8 *) "";
512 ssid_len = ie ? ie[1] : 0;
513
514 ie = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
515 wpa_ie_len = ie ? ie[1] : 0;
516
517 ie = wpa_scan_get_ie(bss, WLAN_EID_RSN);
518 rsn_ie_len = ie ? ie[1] : 0;
519
520 wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
521 "wpa_ie_len=%u rsn_ie_len=%u caps=0x%x",
522 (int) i, MAC2STR(bss->bssid),
523 wpa_ssid_txt(ssid_, ssid_len),
524 wpa_ie_len, rsn_ie_len, bss->caps);
525
526 e = wpa_blacklist_get(wpa_s, bss->bssid);
527 if (e && e->count > 1) {
528 wpa_printf(MSG_DEBUG, " skip - blacklisted");
529 continue;
530 }
531
532 if (ssid_len == 0) {
533 wpa_printf(MSG_DEBUG, " skip - SSID not known");
534 continue;
535 }
536
537 for (ssid = group; ssid; ssid = ssid->pnext) {
538 int check_ssid = ssid->ssid_len != 0;
539
540 if (ssid->disabled) {
541 wpa_printf(MSG_DEBUG, " skip - disabled");
542 continue;
543 }
544
545 #ifdef CONFIG_WPS
546 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
547 /* Only allow wildcard SSID match if an AP
548 * advertises active WPS operation that matches
549 * with our mode. */
550 check_ssid = 1;
551 if (ssid->ssid_len == 0 &&
552 wpas_wps_ssid_wildcard_ok(wpa_s, ssid,
553 bss))
554 check_ssid = 0;
555 }
556 #endif /* CONFIG_WPS */
557
558 if (check_ssid &&
559 (ssid_len != ssid->ssid_len ||
560 os_memcmp(ssid_, ssid->ssid, ssid_len) != 0)) {
561 wpa_printf(MSG_DEBUG, " skip - "
562 "SSID mismatch");
563 continue;
564 }
565
566 if (ssid->bssid_set &&
567 os_memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0)
568 {
569 wpa_printf(MSG_DEBUG, " skip - "
570 "BSSID mismatch");
571 continue;
572 }
573
574 if (!(ssid->key_mgmt & WPA_KEY_MGMT_NONE) &&
575 !(ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
576 !(ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA))
577 {
578 wpa_printf(MSG_DEBUG, " skip - "
579 "non-WPA network not allowed");
580 continue;
581 }
582
583 if ((ssid->key_mgmt &
584 (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
585 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_FT_PSK |
586 WPA_KEY_MGMT_IEEE8021X_SHA256 |
587 WPA_KEY_MGMT_PSK_SHA256)) &&
588 (wpa_ie_len != 0 || rsn_ie_len != 0)) {
589 wpa_printf(MSG_DEBUG, " skip - "
590 "WPA network");
591 continue;
592 }
593
594 if (!wpa_supplicant_match_privacy(bss, ssid)) {
595 wpa_printf(MSG_DEBUG, " skip - "
596 "privacy mismatch");
597 continue;
598 }
599
600 if (bss->caps & IEEE80211_CAP_IBSS) {
601 wpa_printf(MSG_DEBUG, " skip - "
602 "IBSS (adhoc) network");
603 continue;
604 }
605
606 wpa_printf(MSG_DEBUG, " selected non-WPA AP "
607 MACSTR " ssid='%s'",
608 MAC2STR(bss->bssid),
609 wpa_ssid_txt(ssid_, ssid_len));
610 *selected_ssid = ssid;
611 return wpa_bss_get(wpa_s, bss->bssid, ssid_, ssid_len);
612 }
613 }
614
615 return NULL;
616 }
617
618
619 static struct wpa_bss *
620 wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s,
621 struct wpa_scan_results *scan_res,
622 struct wpa_ssid *group,
623 struct wpa_ssid **selected_ssid)
624 {
625 struct wpa_bss *selected;
626
627 wpa_printf(MSG_DEBUG, "Selecting BSS from priority group %d",
628 group->priority);
629
630 /* First, try to find WPA-enabled AP */
631 selected = wpa_supplicant_select_bss_wpa(wpa_s, scan_res, group,
632 selected_ssid);
633 if (selected)
634 return selected;
635
636 /* If no WPA-enabled AP found, try to find non-WPA AP, if configuration
637 * allows this. */
638 return wpa_supplicant_select_bss_non_wpa(wpa_s, scan_res, group,
639 selected_ssid);
640 }
641
642
643 static struct wpa_bss *
644 wpa_supplicant_pick_network(struct wpa_supplicant *wpa_s,
645 struct wpa_scan_results *scan_res,
646 struct wpa_ssid **selected_ssid)
647 {
648 struct wpa_bss *selected = NULL;
649 int prio;
650
651 while (selected == NULL) {
652 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) {
653 selected = wpa_supplicant_select_bss(
654 wpa_s, scan_res, wpa_s->conf->pssid[prio],
655 selected_ssid);
656 if (selected)
657 break;
658 }
659
660 if (selected == NULL && wpa_s->blacklist) {
661 wpa_printf(MSG_DEBUG, "No APs found - clear blacklist "
662 "and try again");
663 wpa_blacklist_clear(wpa_s);
664 wpa_s->blacklist_cleared++;
665 } else if (selected == NULL)
666 break;
667 }
668
669 return selected;
670 }
671
672
673 static void wpa_supplicant_req_new_scan(struct wpa_supplicant *wpa_s,
674 int timeout)
675 {
676 if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1) {
677 /*
678 * Quick recovery if the initial scan results were not
679 * complete when fetched before the first scan request.
680 */
681 wpa_s->scan_res_tried++;
682 timeout = 0;
683 } else if (!wpa_supplicant_enabled_networks(wpa_s->conf)) {
684 /*
685 * No networks are enabled; short-circuit request so
686 * we don't wait timeout seconds before transitioning
687 * to INACTIVE state.
688 */
689 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
690 return;
691 }
692 wpa_supplicant_req_scan(wpa_s, timeout, 0);
693 }
694
695
696 static void wpa_supplicant_connect(struct wpa_supplicant *wpa_s,
697 struct wpa_bss *selected,
698 struct wpa_ssid *ssid)
699 {
700 if (wpas_wps_scan_pbc_overlap(wpa_s, selected, ssid)) {
701 wpa_msg(wpa_s, MSG_INFO, WPS_EVENT_OVERLAP
702 "PBC session overlap");
703 wpa_supplicant_req_new_scan(wpa_s, 10);
704 return;
705 }
706
707 /*
708 * Do not trigger new association unless the BSSID has changed or if
709 * reassociation is requested. If we are in process of associating with
710 * the selected BSSID, do not trigger new attempt.
711 */
712 if (wpa_s->reassociate ||
713 (os_memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0 &&
714 (wpa_s->wpa_state != WPA_ASSOCIATING ||
715 os_memcmp(selected->bssid, wpa_s->pending_bssid, ETH_ALEN) !=
716 0))) {
717 if (wpa_supplicant_scard_init(wpa_s, ssid)) {
718 wpa_supplicant_req_new_scan(wpa_s, 10);
719 return;
720 }
721 wpa_supplicant_associate(wpa_s, selected, ssid);
722 } else {
723 wpa_printf(MSG_DEBUG, "Already associated with the selected "
724 "AP");
725 }
726 }
727
728
729 static struct wpa_ssid *
730 wpa_supplicant_pick_new_network(struct wpa_supplicant *wpa_s)
731 {
732 int prio;
733 struct wpa_ssid *ssid;
734
735 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) {
736 for (ssid = wpa_s->conf->pssid[prio]; ssid; ssid = ssid->pnext)
737 {
738 if (ssid->disabled)
739 continue;
740 if (ssid->mode == IEEE80211_MODE_IBSS ||
741 ssid->mode == IEEE80211_MODE_AP)
742 return ssid;
743 }
744 }
745 return NULL;
746 }
747
748
749 /* TODO: move the rsn_preauth_scan_result*() to be called from notify.c based
750 * on BSS added and BSS changed events */
751 static void wpa_supplicant_rsn_preauth_scan_results(
752 struct wpa_supplicant *wpa_s, struct wpa_scan_results *scan_res)
753 {
754 int i;
755
756 if (rsn_preauth_scan_results(wpa_s->wpa) < 0)
757 return;
758
759 for (i = scan_res->num - 1; i >= 0; i--) {
760 const u8 *ssid, *rsn;
761 struct wpa_scan_res *r;
762
763 r = scan_res->res[i];
764
765 ssid = wpa_scan_get_ie(r, WLAN_EID_SSID);
766 if (ssid == NULL)
767 continue;
768
769 rsn = wpa_scan_get_ie(r, WLAN_EID_RSN);
770 if (rsn == NULL)
771 continue;
772
773 rsn_preauth_scan_result(wpa_s->wpa, r->bssid, ssid, rsn);
774 }
775
776 }
777
778
779 static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s,
780 union wpa_event_data *data)
781 {
782 struct wpa_bss *selected;
783 struct wpa_ssid *ssid = NULL;
784 struct wpa_scan_results *scan_res;
785
786 wpa_supplicant_notify_scanning(wpa_s, 0);
787
788 scan_res = wpa_supplicant_get_scan_results(wpa_s,
789 data ? &data->scan_info :
790 NULL, 1);
791 if (scan_res == NULL) {
792 if (wpa_s->conf->ap_scan == 2)
793 return;
794 wpa_printf(MSG_DEBUG, "Failed to get scan results - try "
795 "scanning again");
796 wpa_supplicant_req_new_scan(wpa_s, 1);
797 return;
798 }
799
800 /*
801 * Don't post the results if this was the initial cached
802 * and there were no results.
803 */
804 if (wpa_s->scan_res_tried == 1 && wpa_s->conf->ap_scan == 1 &&
805 scan_res->num == 0) {
806 wpa_msg(wpa_s, MSG_DEBUG, "Cached scan results are "
807 "empty - not posting");
808 } else {
809 wpa_printf(MSG_DEBUG, "New scan results available");
810 wpa_msg_ctrl(wpa_s, MSG_INFO, WPA_EVENT_SCAN_RESULTS);
811 wpas_notify_scan_results(wpa_s);
812 }
813
814 wpas_notify_scan_done(wpa_s, 1);
815
816 if ((wpa_s->conf->ap_scan == 2 && !wpas_wps_searching(wpa_s))) {
817 wpa_scan_results_free(scan_res);
818 return;
819 }
820
821 if (wpa_s->disconnected) {
822 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
823 wpa_scan_results_free(scan_res);
824 return;
825 }
826
827 if (bgscan_notify_scan(wpa_s) == 1) {
828 wpa_scan_results_free(scan_res);
829 return;
830 }
831
832 wpa_supplicant_rsn_preauth_scan_results(wpa_s, scan_res);
833
834 selected = wpa_supplicant_pick_network(wpa_s, scan_res, &ssid);
835 wpa_scan_results_free(scan_res);
836
837 if (selected) {
838 wpa_supplicant_connect(wpa_s, selected, ssid);
839 } else {
840 wpa_printf(MSG_DEBUG, "No suitable network found");
841 ssid = wpa_supplicant_pick_new_network(wpa_s);
842 if (ssid) {
843 wpa_printf(MSG_DEBUG, "Setup a new network");
844 wpa_supplicant_associate(wpa_s, NULL, ssid);
845 } else
846 wpa_supplicant_req_new_scan(wpa_s, 5);
847 }
848 }
849 #endif /* CONFIG_NO_SCAN_PROCESSING */
850
851
852 #ifdef CONFIG_IEEE80211R
853 static void wpa_assoc_set_ft_params(struct wpa_supplicant *wpa_s,
854 const u8 *ftie, const u8 *mdie)
855 {
856 const u8 *mobility_domain = NULL;
857 const u8 *r0kh_id = NULL;
858 size_t r0kh_id_len = 0;
859 const u8 *r1kh_id = NULL;
860 struct rsn_ftie *hdr;
861 const u8 *pos, *end;
862
863 if (mdie == NULL || ftie == NULL)
864 return;
865
866 if (mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
867 mobility_domain = mdie + 2;
868 #ifdef CONFIG_SME
869 wpa_s->sme.ft_used = 1;
870 os_memcpy(wpa_s->sme.mobility_domain, mobility_domain, 2);
871 #endif /* CONFIG_SME */
872 }
873 if (ftie[1] >= sizeof(struct rsn_ftie)) {
874 end = ftie + 2 + ftie[1];
875 hdr = (struct rsn_ftie *) (ftie + 2);
876 pos = (const u8 *) (hdr + 1);
877 while (pos + 1 < end) {
878 if (pos + 2 + pos[1] > end)
879 break;
880 if (pos[0] == FTIE_SUBELEM_R1KH_ID &&
881 pos[1] == FT_R1KH_ID_LEN)
882 r1kh_id = pos + 2;
883 else if (pos[0] == FTIE_SUBELEM_R0KH_ID &&
884 pos[1] >= 1 && pos[1] <= FT_R0KH_ID_MAX_LEN) {
885 r0kh_id = pos + 2;
886 r0kh_id_len = pos[1];
887 }
888 pos += 2 + pos[1];
889 }
890 }
891 wpa_sm_set_ft_params(wpa_s->wpa, mobility_domain, r0kh_id,
892 r0kh_id_len, r1kh_id);
893 }
894 #endif /* CONFIG_IEEE80211R */
895
896 static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
897 union wpa_event_data *data)
898 {
899 int l, len, found = 0, wpa_found, rsn_found;
900 const u8 *p;
901 #ifdef CONFIG_IEEE80211R
902 const u8 *mdie = NULL, *ftie = NULL;
903 #endif /* CONFIG_IEEE80211R */
904
905 wpa_printf(MSG_DEBUG, "Association info event");
906 if (data->assoc_info.req_ies)
907 wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies,
908 data->assoc_info.req_ies_len);
909 if (data->assoc_info.resp_ies)
910 wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies,
911 data->assoc_info.resp_ies_len);
912 if (data->assoc_info.beacon_ies)
913 wpa_hexdump(MSG_DEBUG, "beacon_ies",
914 data->assoc_info.beacon_ies,
915 data->assoc_info.beacon_ies_len);
916 if (data->assoc_info.freq)
917 wpa_printf(MSG_DEBUG, "freq=%u MHz", data->assoc_info.freq);
918
919 p = data->assoc_info.req_ies;
920 l = data->assoc_info.req_ies_len;
921
922 /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */
923 while (p && l >= 2) {
924 len = p[1] + 2;
925 if (len > l) {
926 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info",
927 p, l);
928 break;
929 }
930 if ((p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 &&
931 (os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) ||
932 (p[0] == WLAN_EID_RSN && p[1] >= 2)) {
933 if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len))
934 break;
935 found = 1;
936 wpa_find_assoc_pmkid(wpa_s);
937 break;
938 }
939 l -= len;
940 p += len;
941 }
942 if (!found && data->assoc_info.req_ies)
943 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
944
945 #ifdef CONFIG_IEEE80211R
946 p = data->assoc_info.resp_ies;
947 l = data->assoc_info.resp_ies_len;
948
949 /* Go through the IEs and make a copy of the FT/MD IE, if present. */
950 while (p && l >= 2) {
951 len = p[1] + 2;
952 if (len > l) {
953 wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info",
954 p, l);
955 break;
956 }
957 if (p[0] == WLAN_EID_FAST_BSS_TRANSITION)
958 ftie = p;
959 else if (p[0] == WLAN_EID_MOBILITY_DOMAIN)
960 mdie = p;
961 l -= len;
962 p += len;
963 }
964
965 wpa_assoc_set_ft_params(wpa_s, ftie, mdie);
966 #endif /* CONFIG_IEEE80211R */
967
968 /* WPA/RSN IE from Beacon/ProbeResp */
969 p = data->assoc_info.beacon_ies;
970 l = data->assoc_info.beacon_ies_len;
971
972 /* Go through the IEs and make a copy of the WPA/RSN IEs, if present.
973 */
974 wpa_found = rsn_found = 0;
975 while (p && l >= 2) {
976 len = p[1] + 2;
977 if (len > l) {
978 wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies",
979 p, l);
980 break;
981 }
982 if (!wpa_found &&
983 p[0] == WLAN_EID_VENDOR_SPECIFIC && p[1] >= 6 &&
984 os_memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) {
985 wpa_found = 1;
986 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len);
987 }
988
989 if (!rsn_found &&
990 p[0] == WLAN_EID_RSN && p[1] >= 2) {
991 rsn_found = 1;
992 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len);
993 }
994
995 l -= len;
996 p += len;
997 }
998
999 if (!wpa_found && data->assoc_info.beacon_ies)
1000 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
1001 if (!rsn_found && data->assoc_info.beacon_ies)
1002 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
1003 if (wpa_found || rsn_found)
1004 wpa_s->ap_ies_from_associnfo = 1;
1005
1006 wpa_s->assoc_freq = data->assoc_info.freq;
1007 }
1008
1009
1010 static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
1011 union wpa_event_data *data)
1012 {
1013 u8 bssid[ETH_ALEN];
1014 int ft_completed;
1015 int bssid_changed;
1016 struct wpa_driver_capa capa;
1017
1018 #ifdef CONFIG_AP
1019 if (wpa_s->ap_iface) {
1020 hostapd_notif_assoc(wpa_s->ap_iface->bss[0],
1021 data->assoc_info.addr,
1022 data->assoc_info.req_ies,
1023 data->assoc_info.req_ies_len);
1024 return;
1025 }
1026 #endif /* CONFIG_AP */
1027
1028 ft_completed = wpa_ft_is_completed(wpa_s->wpa);
1029 if (data)
1030 wpa_supplicant_event_associnfo(wpa_s, data);
1031
1032 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED);
1033 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1034 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1035 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) ||
1036 (wpa_drv_get_bssid(wpa_s, bssid) >= 0 &&
1037 os_memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0)) {
1038 wpa_msg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID="
1039 MACSTR, MAC2STR(bssid));
1040 bssid_changed = os_memcmp(wpa_s->bssid, bssid, ETH_ALEN);
1041 os_memcpy(wpa_s->bssid, bssid, ETH_ALEN);
1042 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1043 if (bssid_changed)
1044 wpas_notify_bssid_changed(wpa_s);
1045
1046 if (wpa_supplicant_dynamic_keys(wpa_s) && !ft_completed) {
1047 wpa_clear_keys(wpa_s, bssid);
1048 }
1049 if (wpa_supplicant_select_config(wpa_s) < 0) {
1050 wpa_supplicant_disassociate(
1051 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1052 return;
1053 }
1054 if (wpa_s->current_ssid) {
1055 struct wpa_bss *bss = NULL;
1056 struct wpa_ssid *ssid = wpa_s->current_ssid;
1057 if (ssid->ssid_len > 0)
1058 bss = wpa_bss_get(wpa_s, bssid,
1059 ssid->ssid, ssid->ssid_len);
1060 if (!bss)
1061 bss = wpa_bss_get_bssid(wpa_s, bssid);
1062 if (bss)
1063 wpa_s->current_bss = bss;
1064 }
1065 }
1066
1067 #ifdef CONFIG_SME
1068 os_memcpy(wpa_s->sme.prev_bssid, bssid, ETH_ALEN);
1069 wpa_s->sme.prev_bssid_set = 1;
1070 #endif /* CONFIG_SME */
1071
1072 wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid));
1073 if (wpa_s->current_ssid) {
1074 /* When using scanning (ap_scan=1), SIM PC/SC interface can be
1075 * initialized before association, but for other modes,
1076 * initialize PC/SC here, if the current configuration needs
1077 * smartcard or SIM/USIM. */
1078 wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid);
1079 }
1080 wpa_sm_notify_assoc(wpa_s->wpa, bssid);
1081 l2_packet_notify_auth_start(wpa_s->l2);
1082
1083 /*
1084 * Set portEnabled first to FALSE in order to get EAP state machine out
1085 * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE
1086 * state machine may transit to AUTHENTICATING state based on obsolete
1087 * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to
1088 * AUTHENTICATED without ever giving chance to EAP state machine to
1089 * reset the state.
1090 */
1091 if (!ft_completed) {
1092 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1093 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1094 }
1095 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || ft_completed)
1096 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
1097 /* 802.1X::portControl = Auto */
1098 eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE);
1099 wpa_s->eapol_received = 0;
1100 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1101 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE ||
1102 (wpa_s->current_ssid &&
1103 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS)) {
1104 wpa_supplicant_cancel_auth_timeout(wpa_s);
1105 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1106 } else if (!ft_completed) {
1107 /* Timeout for receiving the first EAPOL packet */
1108 wpa_supplicant_req_auth_timeout(wpa_s, 10, 0);
1109 }
1110 wpa_supplicant_cancel_scan(wpa_s);
1111
1112 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1113 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
1114 /*
1115 * We are done; the driver will take care of RSN 4-way
1116 * handshake.
1117 */
1118 wpa_supplicant_cancel_auth_timeout(wpa_s);
1119 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1120 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1121 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
1122 }
1123
1124 if (wpa_s->pending_eapol_rx) {
1125 struct os_time now, age;
1126 os_get_time(&now);
1127 os_time_sub(&now, &wpa_s->pending_eapol_rx_time, &age);
1128 if (age.sec == 0 && age.usec < 100000 &&
1129 os_memcmp(wpa_s->pending_eapol_rx_src, bssid, ETH_ALEN) ==
1130 0) {
1131 wpa_printf(MSG_DEBUG, "Process pending EAPOL frame "
1132 "that was received just before association "
1133 "notification");
1134 wpa_supplicant_rx_eapol(
1135 wpa_s, wpa_s->pending_eapol_rx_src,
1136 wpabuf_head(wpa_s->pending_eapol_rx),
1137 wpabuf_len(wpa_s->pending_eapol_rx));
1138 }
1139 wpabuf_free(wpa_s->pending_eapol_rx);
1140 wpa_s->pending_eapol_rx = NULL;
1141 }
1142
1143 #ifdef CONFIG_BGSCAN
1144 if (wpa_s->current_ssid != wpa_s->bgscan_ssid) {
1145 bgscan_deinit(wpa_s);
1146 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) {
1147 if (bgscan_init(wpa_s, wpa_s->current_ssid)) {
1148 wpa_printf(MSG_DEBUG, "Failed to initialize "
1149 "bgscan");
1150 /*
1151 * Live without bgscan; it is only used as a
1152 * roaming optimization, so the initial
1153 * connection is not affected.
1154 */
1155 } else
1156 wpa_s->bgscan_ssid = wpa_s->current_ssid;
1157 } else
1158 wpa_s->bgscan_ssid = NULL;
1159 }
1160 #endif /* CONFIG_BGSCAN */
1161
1162 if ((wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1163 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
1164 wpa_s->current_ssid && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1165 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE) {
1166 /* Set static WEP keys again */
1167 wpa_set_wep_keys(wpa_s, wpa_s->current_ssid);
1168 }
1169 }
1170
1171
1172 static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s)
1173 {
1174 const u8 *bssid;
1175 #ifdef CONFIG_SME
1176 int authenticating;
1177 u8 prev_pending_bssid[ETH_ALEN];
1178
1179 authenticating = wpa_s->wpa_state == WPA_AUTHENTICATING;
1180 os_memcpy(prev_pending_bssid, wpa_s->pending_bssid, ETH_ALEN);
1181 #endif /* CONFIG_SME */
1182
1183 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1184 /*
1185 * At least Host AP driver and a Prism3 card seemed to be
1186 * generating streams of disconnected events when configuring
1187 * IBSS for WPA-None. Ignore them for now.
1188 */
1189 wpa_printf(MSG_DEBUG, "Disconnect event - ignore in "
1190 "IBSS/WPA-None mode");
1191 return;
1192 }
1193
1194 if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE &&
1195 wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
1196 wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - "
1197 "pre-shared key may be incorrect");
1198 }
1199 if (wpa_s->wpa_state >= WPA_ASSOCIATED)
1200 wpa_supplicant_req_scan(wpa_s, 0, 100000);
1201 bssid = wpa_s->bssid;
1202 if (is_zero_ether_addr(bssid))
1203 bssid = wpa_s->pending_bssid;
1204 wpa_blacklist_add(wpa_s, bssid);
1205 wpa_sm_notify_disassoc(wpa_s->wpa);
1206 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "- Disconnect event - "
1207 "remove keys");
1208 if (wpa_supplicant_dynamic_keys(wpa_s)) {
1209 wpa_s->keys_cleared = 0;
1210 wpa_clear_keys(wpa_s, wpa_s->bssid);
1211 }
1212 wpa_supplicant_mark_disassoc(wpa_s);
1213 bgscan_deinit(wpa_s);
1214 #ifdef CONFIG_SME
1215 if (authenticating &&
1216 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) {
1217 /*
1218 * mac80211-workaround to force deauth on failed auth cmd,
1219 * requires us to remain in authenticating state to allow the
1220 * second authentication attempt to be continued properly.
1221 */
1222 wpa_printf(MSG_DEBUG, "SME: Allow pending authentication to "
1223 "proceed after disconnection event");
1224 wpa_supplicant_set_state(wpa_s, WPA_AUTHENTICATING);
1225 os_memcpy(wpa_s->pending_bssid, prev_pending_bssid, ETH_ALEN);
1226 }
1227 #endif /* CONFIG_SME */
1228 }
1229
1230
1231 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
1232 static void wpa_supplicant_delayed_mic_error_report(void *eloop_ctx,
1233 void *sock_ctx)
1234 {
1235 struct wpa_supplicant *wpa_s = eloop_ctx;
1236
1237 if (!wpa_s->pending_mic_error_report)
1238 return;
1239
1240 wpa_printf(MSG_DEBUG, "WPA: Sending pending MIC error report");
1241 wpa_sm_key_request(wpa_s->wpa, 1, wpa_s->pending_mic_error_pairwise);
1242 wpa_s->pending_mic_error_report = 0;
1243 }
1244 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
1245
1246
1247 static void
1248 wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s,
1249 union wpa_event_data *data)
1250 {
1251 int pairwise;
1252 struct os_time t;
1253
1254 wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected");
1255 pairwise = (data && data->michael_mic_failure.unicast);
1256 os_get_time(&t);
1257 if ((wpa_s->last_michael_mic_error &&
1258 t.sec - wpa_s->last_michael_mic_error <= 60) ||
1259 wpa_s->pending_mic_error_report) {
1260 if (wpa_s->pending_mic_error_report) {
1261 /*
1262 * Send the pending MIC error report immediately since
1263 * we are going to start countermeasures and AP better
1264 * do the same.
1265 */
1266 wpa_sm_key_request(wpa_s->wpa, 1,
1267 wpa_s->pending_mic_error_pairwise);
1268 }
1269
1270 /* Send the new MIC error report immediately since we are going
1271 * to start countermeasures and AP better do the same.
1272 */
1273 wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
1274
1275 /* initialize countermeasures */
1276 wpa_s->countermeasures = 1;
1277 wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started");
1278
1279 /*
1280 * Need to wait for completion of request frame. We do not get
1281 * any callback for the message completion, so just wait a
1282 * short while and hope for the best. */
1283 os_sleep(0, 10000);
1284
1285 wpa_drv_set_countermeasures(wpa_s, 1);
1286 wpa_supplicant_deauthenticate(wpa_s,
1287 WLAN_REASON_MICHAEL_MIC_FAILURE);
1288 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures,
1289 wpa_s, NULL);
1290 eloop_register_timeout(60, 0,
1291 wpa_supplicant_stop_countermeasures,
1292 wpa_s, NULL);
1293 /* TODO: mark the AP rejected for 60 second. STA is
1294 * allowed to associate with another AP.. */
1295 } else {
1296 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
1297 if (wpa_s->mic_errors_seen) {
1298 /*
1299 * Reduce the effectiveness of Michael MIC error
1300 * reports as a means for attacking against TKIP if
1301 * more than one MIC failure is noticed with the same
1302 * PTK. We delay the transmission of the reports by a
1303 * random time between 0 and 60 seconds in order to
1304 * force the attacker wait 60 seconds before getting
1305 * the information on whether a frame resulted in a MIC
1306 * failure.
1307 */
1308 u8 rval[4];
1309 int sec;
1310
1311 if (os_get_random(rval, sizeof(rval)) < 0)
1312 sec = os_random() % 60;
1313 else
1314 sec = WPA_GET_BE32(rval) % 60;
1315 wpa_printf(MSG_DEBUG, "WPA: Delay MIC error report %d "
1316 "seconds", sec);
1317 wpa_s->pending_mic_error_report = 1;
1318 wpa_s->pending_mic_error_pairwise = pairwise;
1319 eloop_cancel_timeout(
1320 wpa_supplicant_delayed_mic_error_report,
1321 wpa_s, NULL);
1322 eloop_register_timeout(
1323 sec, os_random() % 1000000,
1324 wpa_supplicant_delayed_mic_error_report,
1325 wpa_s, NULL);
1326 } else {
1327 wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
1328 }
1329 #else /* CONFIG_DELAYED_MIC_ERROR_REPORT */
1330 wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
1331 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
1332 }
1333 wpa_s->last_michael_mic_error = t.sec;
1334 wpa_s->mic_errors_seen++;
1335 }
1336
1337
1338 #ifdef CONFIG_TERMINATE_ONLASTIF
1339 static int any_interfaces(struct wpa_supplicant *head)
1340 {
1341 struct wpa_supplicant *wpa_s;
1342
1343 for (wpa_s = head; wpa_s != NULL; wpa_s = wpa_s->next)
1344 if (!wpa_s->interface_removed)
1345 return 1;
1346 return 0;
1347 }
1348 #endif /* CONFIG_TERMINATE_ONLASTIF */
1349
1350
1351 static void
1352 wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s,
1353 union wpa_event_data *data)
1354 {
1355 if (os_strcmp(wpa_s->ifname, data->interface_status.ifname) != 0)
1356 return;
1357
1358 switch (data->interface_status.ievent) {
1359 case EVENT_INTERFACE_ADDED:
1360 if (!wpa_s->interface_removed)
1361 break;
1362 wpa_s->interface_removed = 0;
1363 wpa_printf(MSG_DEBUG, "Configured interface was added.");
1364 if (wpa_supplicant_driver_init(wpa_s) < 0) {
1365 wpa_printf(MSG_INFO, "Failed to initialize the driver "
1366 "after interface was added.");
1367 }
1368 break;
1369 case EVENT_INTERFACE_REMOVED:
1370 wpa_printf(MSG_DEBUG, "Configured interface was removed.");
1371 wpa_s->interface_removed = 1;
1372 wpa_supplicant_mark_disassoc(wpa_s);
1373 l2_packet_deinit(wpa_s->l2);
1374 wpa_s->l2 = NULL;
1375 #ifdef CONFIG_TERMINATE_ONLASTIF
1376 /* check if last interface */
1377 if (!any_interfaces(wpa_s->global->ifaces))
1378 eloop_terminate();
1379 #endif /* CONFIG_TERMINATE_ONLASTIF */
1380 break;
1381 }
1382 }
1383
1384
1385 #ifdef CONFIG_PEERKEY
1386 static void
1387 wpa_supplicant_event_stkstart(struct wpa_supplicant *wpa_s,
1388 union wpa_event_data *data)
1389 {
1390 if (data == NULL)
1391 return;
1392 wpa_sm_stkstart(wpa_s->wpa, data->stkstart.peer);
1393 }
1394 #endif /* CONFIG_PEERKEY */
1395
1396
1397 #ifdef CONFIG_IEEE80211R
1398 static void
1399 wpa_supplicant_event_ft_response(struct wpa_supplicant *wpa_s,
1400 union wpa_event_data *data)
1401 {
1402 if (data == NULL)
1403 return;
1404
1405 if (wpa_ft_process_response(wpa_s->wpa, data->ft_ies.ies,
1406 data->ft_ies.ies_len,
1407 data->ft_ies.ft_action,
1408 data->ft_ies.target_ap,
1409 data->ft_ies.ric_ies,
1410 data->ft_ies.ric_ies_len) < 0) {
1411 /* TODO: prevent MLME/driver from trying to associate? */
1412 }
1413 }
1414 #endif /* CONFIG_IEEE80211R */
1415
1416
1417 #ifdef CONFIG_IBSS_RSN
1418 static void wpa_supplicant_event_ibss_rsn_start(struct wpa_supplicant *wpa_s,
1419 union wpa_event_data *data)
1420 {
1421 if (data == NULL)
1422 return;
1423 ibss_rsn_start(wpa_s->ibss_rsn, data->ibss_rsn_start.peer);
1424 }
1425 #endif /* CONFIG_IBSS_RSN */
1426
1427
1428 void wpa_supplicant_event(void *ctx, enum wpa_event_type event,
1429 union wpa_event_data *data)
1430 {
1431 struct wpa_supplicant *wpa_s = ctx;
1432
1433 switch (event) {
1434 case EVENT_AUTH:
1435 sme_event_auth(wpa_s, data);
1436 break;
1437 case EVENT_ASSOC:
1438 wpa_supplicant_event_assoc(wpa_s, data);
1439 break;
1440 case EVENT_DISASSOC:
1441 #ifdef CONFIG_AP
1442 if (wpa_s->ap_iface && data) {
1443 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0],
1444 data->disassoc_info.addr);
1445 break;
1446 }
1447 #endif /* CONFIG_AP */
1448 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)
1449 sme_event_disassoc(wpa_s, data);
1450 /* fall through */
1451 case EVENT_DEAUTH:
1452 #ifdef CONFIG_AP
1453 if (wpa_s->ap_iface && data) {
1454 hostapd_notif_disassoc(wpa_s->ap_iface->bss[0],
1455 data->deauth_info.addr);
1456 break;
1457 }
1458 #endif /* CONFIG_AP */
1459 wpa_supplicant_event_disassoc(wpa_s);
1460 break;
1461 case EVENT_MICHAEL_MIC_FAILURE:
1462 wpa_supplicant_event_michael_mic_failure(wpa_s, data);
1463 break;
1464 #ifndef CONFIG_NO_SCAN_PROCESSING
1465 case EVENT_SCAN_RESULTS:
1466 wpa_supplicant_event_scan_results(wpa_s, data);
1467 break;
1468 #endif /* CONFIG_NO_SCAN_PROCESSING */
1469 case EVENT_ASSOCINFO:
1470 wpa_supplicant_event_associnfo(wpa_s, data);
1471 break;
1472 case EVENT_INTERFACE_STATUS:
1473 wpa_supplicant_event_interface_status(wpa_s, data);
1474 break;
1475 case EVENT_PMKID_CANDIDATE:
1476 wpa_supplicant_event_pmkid_candidate(wpa_s, data);
1477 break;
1478 #ifdef CONFIG_PEERKEY
1479 case EVENT_STKSTART:
1480 wpa_supplicant_event_stkstart(wpa_s, data);
1481 break;
1482 #endif /* CONFIG_PEERKEY */
1483 #ifdef CONFIG_IEEE80211R
1484 case EVENT_FT_RESPONSE:
1485 wpa_supplicant_event_ft_response(wpa_s, data);
1486 break;
1487 #endif /* CONFIG_IEEE80211R */
1488 #ifdef CONFIG_IBSS_RSN
1489 case EVENT_IBSS_RSN_START:
1490 wpa_supplicant_event_ibss_rsn_start(wpa_s, data);
1491 break;
1492 #endif /* CONFIG_IBSS_RSN */
1493 case EVENT_ASSOC_REJECT:
1494 sme_event_assoc_reject(wpa_s, data);
1495 break;
1496 case EVENT_AUTH_TIMED_OUT:
1497 sme_event_auth_timed_out(wpa_s, data);
1498 break;
1499 case EVENT_ASSOC_TIMED_OUT:
1500 sme_event_assoc_timed_out(wpa_s, data);
1501 break;
1502 #ifdef CONFIG_AP
1503 case EVENT_TX_STATUS:
1504 if (wpa_s->ap_iface == NULL)
1505 break;
1506 switch (data->tx_status.type) {
1507 case WLAN_FC_TYPE_MGMT:
1508 ap_mgmt_tx_cb(wpa_s, data->tx_status.data,
1509 data->tx_status.data_len,
1510 data->tx_status.stype,
1511 data->tx_status.ack);
1512 break;
1513 case WLAN_FC_TYPE_DATA:
1514 ap_tx_status(wpa_s, data->tx_status.dst,
1515 data->tx_status.data,
1516 data->tx_status.data_len,
1517 data->tx_status.ack);
1518 break;
1519 }
1520 break;
1521 case EVENT_RX_FROM_UNKNOWN:
1522 if (wpa_s->ap_iface == NULL)
1523 break;
1524 ap_rx_from_unknown_sta(wpa_s, data->rx_from_unknown.frame,
1525 data->rx_from_unknown.len);
1526 break;
1527 case EVENT_RX_MGMT:
1528 if (wpa_s->ap_iface == NULL)
1529 break;
1530 ap_mgmt_rx(wpa_s, &data->rx_mgmt);
1531 break;
1532 #endif /* CONFIG_AP */
1533 #ifdef CONFIG_CLIENT_MLME
1534 case EVENT_MLME_RX: {
1535 struct ieee80211_rx_status rx_status;
1536 os_memset(&rx_status, 0, sizeof(rx_status));
1537 rx_status.freq = data->mlme_rx.freq;
1538 rx_status.channel = data->mlme_rx.channel;
1539 rx_status.ssi = data->mlme_rx.ssi;
1540 ieee80211_sta_rx(wpa_s, data->mlme_rx.buf, data->mlme_rx.len,
1541 &rx_status);
1542 break;
1543 }
1544 #endif /* CONFIG_CLIENT_MLME */
1545 case EVENT_EAPOL_RX:
1546 wpa_supplicant_rx_eapol(wpa_s, data->eapol_rx.src,
1547 data->eapol_rx.data,
1548 data->eapol_rx.data_len);
1549 break;
1550 default:
1551 wpa_printf(MSG_INFO, "Unknown event %d", event);
1552 break;
1553 }
1554 }