search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Standardize on a single definition of auth_alg bitfield values
[hostap-gosc2009.git] / wpa_supplicant / wpa_supplicant.c
blobdff8a10b012efce6d45790e1fdf7a563dea1b1fa
1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
8 *
9 * Alternatively, this software may be distributed under the terms of BSD
10 * license.
11 *
12 * See README and COPYING for more details.
13 *
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
17 */
18
19 #include "includes.h"
20
21 #include "common.h"
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
24 #include "eap_server/eap_methods.h"
25 #include "rsn_supp/wpa.h"
26 #include "eloop.h"
27 #include "config.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
30 #include "driver_i.h"
31 #include "ctrl_iface.h"
32 #include "pcsc_funcs.h"
33 #include "common/version.h"
34 #include "rsn_supp/preauth.h"
35 #include "rsn_supp/pmksa_cache.h"
36 #include "common/wpa_ctrl.h"
37 #include "mlme.h"
38 #include "common/ieee802_11_defs.h"
39 #include "blacklist.h"
40 #include "wpas_glue.h"
41 #include "wps_supplicant.h"
42 #include "ibss_rsn.h"
43 #include "sme.h"
44 #include "ap.h"
45 #include "notify.h"
46 #include "bgscan.h"
47 #include "bss.h"
48 #include "scan.h"
49
50 const char *wpa_supplicant_version =
51 "wpa_supplicant v" VERSION_STR "\n"
52 "Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors";
53
54 const char *wpa_supplicant_license =
55 "This program is free software. You can distribute it and/or modify it\n"
56 "under the terms of the GNU General Public License version 2.\n"
57 "\n"
58 "Alternatively, this software may be distributed under the terms of the\n"
59 "BSD license. See README and COPYING for more details.\n"
60 #ifdef EAP_TLS_OPENSSL
61 "\nThis product includes software developed by the OpenSSL Project\n"
62 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
63 #endif /* EAP_TLS_OPENSSL */
64 ;
65
66 #ifndef CONFIG_NO_STDOUT_DEBUG
67 /* Long text divided into parts in order to fit in C89 strings size limits. */
68 const char *wpa_supplicant_full_license1 =
69 "This program is free software; you can redistribute it and/or modify\n"
70 "it under the terms of the GNU General Public License version 2 as\n"
71 "published by the Free Software Foundation.\n"
72 "\n"
73 "This program is distributed in the hope that it will be useful,\n"
74 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
75 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
76 "GNU General Public License for more details.\n"
77 "\n";
78 const char *wpa_supplicant_full_license2 =
79 "You should have received a copy of the GNU General Public License\n"
80 "along with this program; if not, write to the Free Software\n"
81 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
82 "\n"
83 "Alternatively, this software may be distributed under the terms of the\n"
84 "BSD license.\n"
85 "\n"
86 "Redistribution and use in source and binary forms, with or without\n"
87 "modification, are permitted provided that the following conditions are\n"
88 "met:\n"
89 "\n";
90 const char *wpa_supplicant_full_license3 =
91 "1. Redistributions of source code must retain the above copyright\n"
92 " notice, this list of conditions and the following disclaimer.\n"
93 "\n"
94 "2. Redistributions in binary form must reproduce the above copyright\n"
95 " notice, this list of conditions and the following disclaimer in the\n"
96 " documentation and/or other materials provided with the distribution.\n"
97 "\n";
98 const char *wpa_supplicant_full_license4 =
99 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
100 " names of its contributors may be used to endorse or promote products\n"
101 " derived from this software without specific prior written permission.\n"
102 "\n"
103 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
104 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
105 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
106 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
107 const char *wpa_supplicant_full_license5 =
108 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
109 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
110 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
111 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
112 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
113 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
114 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
115 "\n";
116 #endif /* CONFIG_NO_STDOUT_DEBUG */
117
118 extern int wpa_debug_level;
119 extern int wpa_debug_show_keys;
120 extern int wpa_debug_timestamp;
121 extern struct wpa_driver_ops *wpa_drivers[];
122
123 /* Configure default/group WEP keys for static WEP */
124 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
125 {
126 int i, set = 0;
127
128 for (i = 0; i < NUM_WEP_KEYS; i++) {
129 if (ssid->wep_key_len[i] == 0)
130 continue;
131
132 set = 1;
133 wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
134 (u8 *) "\xff\xff\xff\xff\xff\xff",
135 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0,
136 ssid->wep_key[i], ssid->wep_key_len[i]);
137 }
138
139 return set;
140 }
141
142
143 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
144 struct wpa_ssid *ssid)
145 {
146 u8 key[32];
147 size_t keylen;
148 enum wpa_alg alg;
149 u8 seq[6] = { 0 };
150
151 /* IBSS/WPA-None uses only one key (Group) for both receiving and
152 * sending unicast and multicast packets. */
153
154 if (ssid->mode != WPAS_MODE_IBSS) {
155 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
156 "for WPA-None", ssid->mode);
157 return -1;
158 }
159
160 if (!ssid->psk_set) {
161 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
162 return -1;
163 }
164
165 switch (wpa_s->group_cipher) {
166 case WPA_CIPHER_CCMP:
167 os_memcpy(key, ssid->psk, 16);
168 keylen = 16;
169 alg = WPA_ALG_CCMP;
170 break;
171 case WPA_CIPHER_TKIP:
172 /* WPA-None uses the same Michael MIC key for both TX and RX */
173 os_memcpy(key, ssid->psk, 16 + 8);
174 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
175 keylen = 32;
176 alg = WPA_ALG_TKIP;
177 break;
178 default:
179 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
180 "WPA-None", wpa_s->group_cipher);
181 return -1;
182 }
183
184 /* TODO: should actually remember the previously used seq#, both for TX
185 * and RX from each STA.. */
186
187 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
188 0, 1, seq, 6, key, keylen);
189 }
190
191
192 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
193 {
194 struct wpa_supplicant *wpa_s = eloop_ctx;
195 const u8 *bssid = wpa_s->bssid;
196 if (is_zero_ether_addr(bssid))
197 bssid = wpa_s->pending_bssid;
198 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
199 MAC2STR(bssid));
200 wpa_blacklist_add(wpa_s, bssid);
201 wpa_sm_notify_disassoc(wpa_s->wpa);
202 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
203 wpa_s->reassociate = 1;
204 wpa_supplicant_req_scan(wpa_s, 0, 0);
205 }
206
207
208 /**
209 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
210 * @wpa_s: Pointer to wpa_supplicant data
211 * @sec: Number of seconds after which to time out authentication
212 * @usec: Number of microseconds after which to time out authentication
213 *
214 * This function is used to schedule a timeout for the current authentication
215 * attempt.
216 */
217 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
218 int sec, int usec)
219 {
220 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
221 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
222 return;
223
224 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
225 "%d usec", sec, usec);
226 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
227 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
228 }
229
230
231 /**
232 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
233 * @wpa_s: Pointer to wpa_supplicant data
234 *
235 * This function is used to cancel authentication timeout scheduled with
236 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
237 * been completed.
238 */
239 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
240 {
241 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
242 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
243 wpa_blacklist_del(wpa_s, wpa_s->bssid);
244 }
245
246
247 /**
248 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
249 * @wpa_s: Pointer to wpa_supplicant data
250 *
251 * This function is used to configure EAPOL state machine based on the selected
252 * authentication mode.
253 */
254 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
255 {
256 #ifdef IEEE8021X_EAPOL
257 struct eapol_config eapol_conf;
258 struct wpa_ssid *ssid = wpa_s->current_ssid;
259
260 #ifdef CONFIG_IBSS_RSN
261 if (ssid->mode == WPAS_MODE_IBSS &&
262 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
263 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
264 /*
265 * RSN IBSS authentication is per-STA and we can disable the
266 * per-BSSID EAPOL authentication.
267 */
268 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
269 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
270 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
271 return;
272 }
273 #endif /* CONFIG_IBSS_RSN */
274
275 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
276 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
277
278 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
279 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
280 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
281 else
282 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
283
284 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
285 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
286 eapol_conf.accept_802_1x_keys = 1;
287 eapol_conf.required_keys = 0;
288 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
289 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
290 }
291 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
292 eapol_conf.required_keys |=
293 EAPOL_REQUIRE_KEY_BROADCAST;
294 }
295
296 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
297 eapol_conf.required_keys = 0;
298 }
299 if (wpa_s->conf)
300 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
301 eapol_conf.workaround = ssid->eap_workaround;
302 eapol_conf.eap_disabled =
303 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
304 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
305 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
306 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
307 #endif /* IEEE8021X_EAPOL */
308 }
309
310
311 /**
312 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
313 * @wpa_s: Pointer to wpa_supplicant data
314 * @ssid: Configuration data for the network
315 *
316 * This function is used to configure WPA state machine and related parameters
317 * to a mode where WPA is not enabled. This is called as part of the
318 * authentication configuration when the selected network does not use WPA.
319 */
320 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
321 struct wpa_ssid *ssid)
322 {
323 int i;
324
325 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
326 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
327 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
328 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
329 else
330 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
331 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
332 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
333 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
334 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
335 wpa_s->group_cipher = WPA_CIPHER_NONE;
336 wpa_s->mgmt_group_cipher = 0;
337
338 for (i = 0; i < NUM_WEP_KEYS; i++) {
339 if (ssid->wep_key_len[i] > 5) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
341 wpa_s->group_cipher = WPA_CIPHER_WEP104;
342 break;
343 } else if (ssid->wep_key_len[i] > 0) {
344 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
345 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 break;
347 }
348 }
349
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
351 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
353 wpa_s->pairwise_cipher);
354 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
355 #ifdef CONFIG_IEEE80211W
356 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
357 wpa_s->mgmt_group_cipher);
358 #endif /* CONFIG_IEEE80211W */
359
360 pmksa_cache_clear_current(wpa_s->wpa);
361 }
362
363
364 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
365 {
366 bgscan_deinit(wpa_s);
367 scard_deinit(wpa_s->scard);
368 wpa_s->scard = NULL;
369 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
370 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
371 l2_packet_deinit(wpa_s->l2);
372 wpa_s->l2 = NULL;
373 if (wpa_s->l2_br) {
374 l2_packet_deinit(wpa_s->l2_br);
375 wpa_s->l2_br = NULL;
376 }
377
378 if (wpa_s->ctrl_iface) {
379 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
380 wpa_s->ctrl_iface = NULL;
381 }
382 if (wpa_s->conf != NULL) {
383 struct wpa_ssid *ssid;
384 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
385 wpas_notify_network_removed(wpa_s, ssid);
386 wpa_config_free(wpa_s->conf);
387 wpa_s->conf = NULL;
388 }
389
390 os_free(wpa_s->confname);
391 wpa_s->confname = NULL;
392
393 wpa_sm_set_eapol(wpa_s->wpa, NULL);
394 eapol_sm_deinit(wpa_s->eapol);
395 wpa_s->eapol = NULL;
396
397 rsn_preauth_deinit(wpa_s->wpa);
398
399 pmksa_candidate_free(wpa_s->wpa);
400 wpa_sm_deinit(wpa_s->wpa);
401 wpa_s->wpa = NULL;
402 wpa_blacklist_clear(wpa_s);
403
404 wpa_bss_deinit(wpa_s);
405
406 wpa_supplicant_cancel_scan(wpa_s);
407 wpa_supplicant_cancel_auth_timeout(wpa_s);
408
409 ieee80211_sta_deinit(wpa_s);
410
411 wpas_wps_deinit(wpa_s);
412
413 wpabuf_free(wpa_s->pending_eapol_rx);
414 wpa_s->pending_eapol_rx = NULL;
415
416 #ifdef CONFIG_IBSS_RSN
417 ibss_rsn_deinit(wpa_s->ibss_rsn);
418 wpa_s->ibss_rsn = NULL;
419 #endif /* CONFIG_IBSS_RSN */
420
421 #ifdef CONFIG_SME
422 os_free(wpa_s->sme.ft_ies);
423 wpa_s->sme.ft_ies = NULL;
424 wpa_s->sme.ft_ies_len = 0;
425 #endif /* CONFIG_SME */
426
427 #ifdef CONFIG_AP
428 wpa_supplicant_ap_deinit(wpa_s);
429 #endif /* CONFIG_AP */
430 }
431
432
433 /**
434 * wpa_clear_keys - Clear keys configured for the driver
435 * @wpa_s: Pointer to wpa_supplicant data
436 * @addr: Previously used BSSID or %NULL if not available
437 *
438 * This function clears the encryption keys that has been previously configured
439 * for the driver.
440 */
441 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
442 {
443 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
444
445 if (wpa_s->keys_cleared) {
446 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
447 * timing issues with keys being cleared just before new keys
448 * are set or just after association or something similar. This
449 * shows up in group key handshake failing often because of the
450 * client not receiving the first encrypted packets correctly.
451 * Skipping some of the extra key clearing steps seems to help
452 * in completing group key handshake more reliably. */
453 wpa_printf(MSG_DEBUG, "No keys have been configured - "
454 "skip key clearing");
455 return;
456 }
457
458 /* MLME-DELETEKEYS.request */
459 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
460 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
461 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
462 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
463 #ifdef CONFIG_IEEE80211W
464 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 4, 0, NULL, 0, NULL, 0);
465 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 5, 0, NULL, 0, NULL, 0);
466 #endif /* CONFIG_IEEE80211W */
467 if (addr) {
468 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
469 0);
470 /* MLME-SETPROTECTION.request(None) */
471 wpa_drv_mlme_setprotection(
472 wpa_s, addr,
473 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
474 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
475 }
476 wpa_s->keys_cleared = 1;
477 }
478
479
480 /**
481 * wpa_supplicant_state_txt - Get the connection state name as a text string
482 * @state: State (wpa_state; WPA_*)
483 * Returns: The state name as a printable text string
484 */
485 const char * wpa_supplicant_state_txt(enum wpa_states state)
486 {
487 switch (state) {
488 case WPA_DISCONNECTED:
489 return "DISCONNECTED";
490 case WPA_INACTIVE:
491 return "INACTIVE";
492 case WPA_SCANNING:
493 return "SCANNING";
494 case WPA_AUTHENTICATING:
495 return "AUTHENTICATING";
496 case WPA_ASSOCIATING:
497 return "ASSOCIATING";
498 case WPA_ASSOCIATED:
499 return "ASSOCIATED";
500 case WPA_4WAY_HANDSHAKE:
501 return "4WAY_HANDSHAKE";
502 case WPA_GROUP_HANDSHAKE:
503 return "GROUP_HANDSHAKE";
504 case WPA_COMPLETED:
505 return "COMPLETED";
506 default:
507 return "UNKNOWN";
508 }
509 }
510
511
512 /**
513 * wpa_supplicant_set_state - Set current connection state
514 * @wpa_s: Pointer to wpa_supplicant data
515 * @state: The new connection state
516 *
517 * This function is called whenever the connection state changes, e.g.,
518 * association is completed for WPA/WPA2 4-Way Handshake is started.
519 */
520 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
521 enum wpa_states state)
522 {
523 wpa_printf(MSG_DEBUG, "State: %s -> %s",
524 wpa_supplicant_state_txt(wpa_s->wpa_state),
525 wpa_supplicant_state_txt(state));
526
527 if (state != WPA_SCANNING)
528 wpa_supplicant_notify_scanning(wpa_s, 0);
529
530 wpas_notify_state_changed(wpa_s, state, wpa_s->wpa_state);
531
532 if (state == WPA_COMPLETED && wpa_s->new_connection) {
533 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
534 struct wpa_ssid *ssid = wpa_s->current_ssid;
535 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
536 MACSTR " completed %s [id=%d id_str=%s]",
537 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
538 "(reauth)" : "(auth)",
539 ssid ? ssid->id : -1,
540 ssid && ssid->id_str ? ssid->id_str : "");
541 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
542 wpa_s->new_connection = 0;
543 wpa_s->reassociated_connection = 1;
544 wpa_drv_set_operstate(wpa_s, 1);
545 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
546 state == WPA_ASSOCIATED) {
547 wpa_s->new_connection = 1;
548 wpa_drv_set_operstate(wpa_s, 0);
549 }
550 wpa_s->wpa_state = state;
551 }
552
553
554 void wpa_supplicant_terminate_proc(struct wpa_global *global)
555 {
556 int pending = 0;
557 #ifdef CONFIG_WPS
558 struct wpa_supplicant *wpa_s = global->ifaces;
559 while (wpa_s) {
560 if (wpas_wps_terminate_pending(wpa_s) == 1)
561 pending = 1;
562 wpa_s = wpa_s->next;
563 }
564 #endif /* CONFIG_WPS */
565 if (pending)
566 return;
567 eloop_terminate();
568 }
569
570
571 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
572 {
573 struct wpa_global *global = signal_ctx;
574 struct wpa_supplicant *wpa_s;
575 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
576 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
577 "received", sig);
578 }
579 wpa_supplicant_terminate_proc(global);
580 }
581
582
583 static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
584 {
585 enum wpa_states old_state = wpa_s->wpa_state;
586 wpa_s->pairwise_cipher = 0;
587 wpa_s->group_cipher = 0;
588 wpa_s->mgmt_group_cipher = 0;
589 wpa_s->key_mgmt = 0;
590 wpa_s->wpa_state = WPA_DISCONNECTED;
591 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
592 }
593
594
595 /**
596 * wpa_supplicant_reload_configuration - Reload configuration data
597 * @wpa_s: Pointer to wpa_supplicant data
598 * Returns: 0 on success or -1 if configuration parsing failed
599 *
600 * This function can be used to request that the configuration data is reloaded
601 * (e.g., after configuration file change). This function is reloading
602 * configuration only for one interface, so this may need to be called multiple
603 * times if %wpa_supplicant is controlling multiple interfaces and all
604 * interfaces need reconfiguration.
605 */
606 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
607 {
608 struct wpa_config *conf;
609 struct wpa_ssid *old_ssid;
610 int reconf_ctrl;
611 int old_ap_scan;
612
613 if (wpa_s->confname == NULL)
614 return -1;
615 conf = wpa_config_read(wpa_s->confname);
616 if (conf == NULL) {
617 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
618 "file '%s' - exiting", wpa_s->confname);
619 return -1;
620 }
621
622 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
623 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
624 os_strcmp(conf->ctrl_interface,
625 wpa_s->conf->ctrl_interface) != 0);
626
627 if (reconf_ctrl && wpa_s->ctrl_iface) {
628 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
629 wpa_s->ctrl_iface = NULL;
630 }
631
632 eapol_sm_invalidate_cached_session(wpa_s->eapol);
633 old_ssid = wpa_s->current_ssid;
634 wpa_s->current_ssid = NULL;
635 if (old_ssid != wpa_s->current_ssid)
636 wpas_notify_network_changed(wpa_s);
637
638 /*
639 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
640 * pkcs11_engine_path, pkcs11_module_path.
641 */
642 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
643 /*
644 * Clear forced success to clear EAP state for next
645 * authentication.
646 */
647 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
648 }
649 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
650 wpa_sm_set_config(wpa_s->wpa, NULL);
651 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
652 rsn_preauth_deinit(wpa_s->wpa);
653
654 old_ap_scan = wpa_s->conf->ap_scan;
655 wpa_config_free(wpa_s->conf);
656 wpa_s->conf = conf;
657 if (old_ap_scan != wpa_s->conf->ap_scan)
658 wpas_notify_ap_scan_changed(wpa_s);
659
660 if (reconf_ctrl)
661 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
662
663 wpa_supplicant_clear_status(wpa_s);
664 wpa_s->reassociate = 1;
665 wpa_supplicant_req_scan(wpa_s, 0, 0);
666 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
667 return 0;
668 }
669
670
671 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
672 {
673 struct wpa_global *global = signal_ctx;
674 struct wpa_supplicant *wpa_s;
675 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
676 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
677 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
678 wpa_supplicant_terminate_proc(global);
679 }
680 }
681 }
682
683
684 static enum wpa_cipher cipher_suite2driver(int cipher)
685 {
686 switch (cipher) {
687 case WPA_CIPHER_NONE:
688 return CIPHER_NONE;
689 case WPA_CIPHER_WEP40:
690 return CIPHER_WEP40;
691 case WPA_CIPHER_WEP104:
692 return CIPHER_WEP104;
693 case WPA_CIPHER_CCMP:
694 return CIPHER_CCMP;
695 case WPA_CIPHER_TKIP:
696 default:
697 return CIPHER_TKIP;
698 }
699 }
700
701
702 static enum wpa_key_mgmt key_mgmt2driver(int key_mgmt)
703 {
704 switch (key_mgmt) {
705 case WPA_KEY_MGMT_NONE:
706 return KEY_MGMT_NONE;
707 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
708 return KEY_MGMT_802_1X_NO_WPA;
709 case WPA_KEY_MGMT_IEEE8021X:
710 return KEY_MGMT_802_1X;
711 case WPA_KEY_MGMT_WPA_NONE:
712 return KEY_MGMT_WPA_NONE;
713 case WPA_KEY_MGMT_FT_IEEE8021X:
714 return KEY_MGMT_FT_802_1X;
715 case WPA_KEY_MGMT_FT_PSK:
716 return KEY_MGMT_FT_PSK;
717 case WPA_KEY_MGMT_IEEE8021X_SHA256:
718 return KEY_MGMT_802_1X_SHA256;
719 case WPA_KEY_MGMT_PSK_SHA256:
720 return KEY_MGMT_PSK_SHA256;
721 case WPA_KEY_MGMT_WPS:
722 return KEY_MGMT_WPS;
723 case WPA_KEY_MGMT_PSK:
724 default:
725 return KEY_MGMT_PSK;
726 }
727 }
728
729
730 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
731 struct wpa_ssid *ssid,
732 struct wpa_ie_data *ie)
733 {
734 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
735 if (ret) {
736 if (ret == -2) {
737 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
738 "from association info");
739 }
740 return -1;
741 }
742
743 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
744 "suites");
745 if (!(ie->group_cipher & ssid->group_cipher)) {
746 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
747 "cipher 0x%x (mask 0x%x) - reject",
748 ie->group_cipher, ssid->group_cipher);
749 return -1;
750 }
751 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
752 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
753 "cipher 0x%x (mask 0x%x) - reject",
754 ie->pairwise_cipher, ssid->pairwise_cipher);
755 return -1;
756 }
757 if (!(ie->key_mgmt & ssid->key_mgmt)) {
758 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
759 "management 0x%x (mask 0x%x) - reject",
760 ie->key_mgmt, ssid->key_mgmt);
761 return -1;
762 }
763
764 #ifdef CONFIG_IEEE80211W
765 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
766 ssid->ieee80211w == MGMT_FRAME_PROTECTION_REQUIRED) {
767 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
768 "that does not support management frame protection - "
769 "reject");
770 return -1;
771 }
772 #endif /* CONFIG_IEEE80211W */
773
774 return 0;
775 }
776
777
778 /**
779 * wpa_supplicant_set_suites - Set authentication and encryption parameters
780 * @wpa_s: Pointer to wpa_supplicant data
781 * @bss: Scan results for the selected BSS, or %NULL if not available
782 * @ssid: Configuration data for the selected network
783 * @wpa_ie: Buffer for the WPA/RSN IE
784 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
785 * used buffer length in case the functions returns success.
786 * Returns: 0 on success or -1 on failure
787 *
788 * This function is used to configure authentication and encryption parameters
789 * based on the network configuration and scan result for the selected BSS (if
790 * available).
791 */
792 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
793 struct wpa_bss *bss, struct wpa_ssid *ssid,
794 u8 *wpa_ie, size_t *wpa_ie_len)
795 {
796 struct wpa_ie_data ie;
797 int sel, proto;
798 const u8 *bss_wpa, *bss_rsn;
799
800 if (bss) {
801 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
802 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
803 } else
804 bss_wpa = bss_rsn = NULL;
805
806 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
807 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
808 (ie.group_cipher & ssid->group_cipher) &&
809 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
810 (ie.key_mgmt & ssid->key_mgmt)) {
811 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
812 proto = WPA_PROTO_RSN;
813 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
814 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
815 (ie.group_cipher & ssid->group_cipher) &&
816 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
817 (ie.key_mgmt & ssid->key_mgmt)) {
818 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
819 proto = WPA_PROTO_WPA;
820 } else if (bss) {
821 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
822 return -1;
823 } else {
824 if (ssid->proto & WPA_PROTO_RSN)
825 proto = WPA_PROTO_RSN;
826 else
827 proto = WPA_PROTO_WPA;
828 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
829 os_memset(&ie, 0, sizeof(ie));
830 ie.group_cipher = ssid->group_cipher;
831 ie.pairwise_cipher = ssid->pairwise_cipher;
832 ie.key_mgmt = ssid->key_mgmt;
833 #ifdef CONFIG_IEEE80211W
834 ie.mgmt_group_cipher =
835 ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ?
836 WPA_CIPHER_AES_128_CMAC : 0;
837 #endif /* CONFIG_IEEE80211W */
838 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
839 "on configuration");
840 } else
841 proto = ie.proto;
842 }
843
844 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
845 "pairwise %d key_mgmt %d proto %d",
846 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
847 #ifdef CONFIG_IEEE80211W
848 if (ssid->ieee80211w) {
849 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
850 ie.mgmt_group_cipher);
851 }
852 #endif /* CONFIG_IEEE80211W */
853
854 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
855 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
856 !!(ssid->proto & WPA_PROTO_RSN));
857
858 if (bss || !wpa_s->ap_ies_from_associnfo) {
859 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
860 bss_wpa ? 2 + bss_wpa[1] : 0) ||
861 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
862 bss_rsn ? 2 + bss_rsn[1] : 0))
863 return -1;
864 }
865
866 sel = ie.group_cipher & ssid->group_cipher;
867 if (sel & WPA_CIPHER_CCMP) {
868 wpa_s->group_cipher = WPA_CIPHER_CCMP;
869 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
870 } else if (sel & WPA_CIPHER_TKIP) {
871 wpa_s->group_cipher = WPA_CIPHER_TKIP;
872 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
873 } else if (sel & WPA_CIPHER_WEP104) {
874 wpa_s->group_cipher = WPA_CIPHER_WEP104;
875 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
876 } else if (sel & WPA_CIPHER_WEP40) {
877 wpa_s->group_cipher = WPA_CIPHER_WEP40;
878 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
879 } else {
880 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
881 return -1;
882 }
883
884 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
885 if (sel & WPA_CIPHER_CCMP) {
886 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
887 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
888 } else if (sel & WPA_CIPHER_TKIP) {
889 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
890 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
891 } else if (sel & WPA_CIPHER_NONE) {
892 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
893 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
894 } else {
895 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
896 "cipher.");
897 return -1;
898 }
899
900 sel = ie.key_mgmt & ssid->key_mgmt;
901 if (0) {
902 #ifdef CONFIG_IEEE80211R
903 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
904 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
905 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
906 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
907 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
908 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
909 #endif /* CONFIG_IEEE80211R */
910 #ifdef CONFIG_IEEE80211W
911 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
912 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
913 wpa_msg(wpa_s, MSG_DEBUG,
914 "WPA: using KEY_MGMT 802.1X with SHA256");
915 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
916 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
917 wpa_msg(wpa_s, MSG_DEBUG,
918 "WPA: using KEY_MGMT PSK with SHA256");
919 #endif /* CONFIG_IEEE80211W */
920 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
921 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
922 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
923 } else if (sel & WPA_KEY_MGMT_PSK) {
924 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
925 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
926 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
927 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
928 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
929 } else {
930 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
931 "key management type.");
932 return -1;
933 }
934
935 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
936 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
937 wpa_s->pairwise_cipher);
938 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
939
940 #ifdef CONFIG_IEEE80211W
941 sel = ie.mgmt_group_cipher;
942 if (ssid->ieee80211w == NO_MGMT_FRAME_PROTECTION ||
943 !(ie.capabilities & WPA_CAPABILITY_MFPC))
944 sel = 0;
945 if (sel & WPA_CIPHER_AES_128_CMAC) {
946 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
947 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
948 "AES-128-CMAC");
949 } else {
950 wpa_s->mgmt_group_cipher = 0;
951 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
952 }
953 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
954 wpa_s->mgmt_group_cipher);
955 #endif /* CONFIG_IEEE80211W */
956
957 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
958 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
959 return -1;
960 }
961
962 if (ssid->key_mgmt &
963 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
964 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
965 else
966 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
967
968 return 0;
969 }
970
971
972 /**
973 * wpa_supplicant_associate - Request association
974 * @wpa_s: Pointer to wpa_supplicant data
975 * @bss: Scan results for the selected BSS, or %NULL if not available
976 * @ssid: Configuration data for the selected network
977 *
978 * This function is used to request %wpa_supplicant to associate with a BSS.
979 */
980 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
981 struct wpa_bss *bss, struct wpa_ssid *ssid)
982 {
983 u8 wpa_ie[80];
984 size_t wpa_ie_len;
985 int use_crypt, ret, i, bssid_changed;
986 int algs = WPA_AUTH_ALG_OPEN;
987 enum wpa_cipher cipher_pairwise, cipher_group;
988 struct wpa_driver_associate_params params;
989 int wep_keys_set = 0;
990 struct wpa_driver_capa capa;
991 int assoc_failed = 0;
992 struct wpa_ssid *old_ssid;
993
994 if (ssid->mode == WPAS_MODE_AP) {
995 #ifdef CONFIG_AP
996 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
997 wpa_printf(MSG_INFO, "Driver does not support AP "
998 "mode");
999 return;
1000 }
1001 wpa_supplicant_create_ap(wpa_s, ssid);
1002 wpa_s->current_bss = bss;
1003 #else /* CONFIG_AP */
1004 wpa_printf(MSG_ERROR, "AP mode support not included in the "
1005 "build");
1006 #endif /* CONFIG_AP */
1007 return;
1008 }
1009
1010 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1011 ssid->mode == IEEE80211_MODE_INFRA) {
1012 sme_authenticate(wpa_s, bss, ssid);
1013 return;
1014 }
1015
1016 wpa_s->reassociate = 0;
1017 if (bss) {
1018 #ifdef CONFIG_IEEE80211R
1019 const u8 *ie, *md = NULL;
1020 #endif /* CONFIG_IEEE80211R */
1021 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
1022 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
1023 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
1024 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
1025 os_memset(wpa_s->bssid, 0, ETH_ALEN);
1026 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
1027 if (bssid_changed)
1028 wpas_notify_bssid_changed(wpa_s);
1029 #ifdef CONFIG_IEEE80211R
1030 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
1031 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
1032 md = ie + 2;
1033 wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL);
1034 if (md) {
1035 /* Prepare for the next transition */
1036 wpa_ft_prepare_auth_request(wpa_s->wpa);
1037 }
1038 #endif /* CONFIG_IEEE80211R */
1039 #ifdef CONFIG_WPS
1040 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
1041 wpa_s->conf->ap_scan == 2 &&
1042 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
1043 /* Use ap_scan==1 style network selection to find the network
1044 */
1045 wpa_s->scan_req = 2;
1046 wpa_s->reassociate = 1;
1047 wpa_supplicant_req_scan(wpa_s, 0, 0);
1048 return;
1049 #endif /* CONFIG_WPS */
1050 } else {
1051 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
1052 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
1053 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1054 }
1055 wpa_supplicant_cancel_scan(wpa_s);
1056
1057 /* Starting new association, so clear the possibly used WPA IE from the
1058 * previous association. */
1059 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1060
1061 #ifdef IEEE8021X_EAPOL
1062 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1063 if (ssid->leap) {
1064 if (ssid->non_leap == 0)
1065 algs = WPA_AUTH_ALG_LEAP;
1066 else
1067 algs |= WPA_AUTH_ALG_LEAP;
1068 }
1069 }
1070 #endif /* IEEE8021X_EAPOL */
1071 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1072 if (ssid->auth_alg) {
1073 algs = ssid->auth_alg;
1074 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
1075 algs);
1076 }
1077
1078 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1079 wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
1080 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1081 WPA_KEY_MGMT_FT_IEEE8021X |
1082 WPA_KEY_MGMT_FT_PSK |
1083 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1084 WPA_KEY_MGMT_PSK_SHA256))) {
1085 int try_opportunistic;
1086 try_opportunistic = ssid->proactive_key_caching &&
1087 (ssid->proto & WPA_PROTO_RSN);
1088 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1089 wpa_s->current_ssid,
1090 try_opportunistic) == 0)
1091 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1092 wpa_ie_len = sizeof(wpa_ie);
1093 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1094 wpa_ie, &wpa_ie_len)) {
1095 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1096 "management and encryption suites");
1097 return;
1098 }
1099 } else if (ssid->key_mgmt &
1100 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1101 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
1102 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1103 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
1104 wpa_ie_len = sizeof(wpa_ie);
1105 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1106 wpa_ie, &wpa_ie_len)) {
1107 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1108 "management and encryption suites (no scan "
1109 "results)");
1110 return;
1111 }
1112 #ifdef CONFIG_WPS
1113 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1114 struct wpabuf *wps_ie;
1115 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1116 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1117 wpa_ie_len = wpabuf_len(wps_ie);
1118 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1119 } else
1120 wpa_ie_len = 0;
1121 wpabuf_free(wps_ie);
1122 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1123 #endif /* CONFIG_WPS */
1124 } else {
1125 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1126 wpa_ie_len = 0;
1127 }
1128
1129 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1130 use_crypt = 1;
1131 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1132 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1133 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1134 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1135 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1136 use_crypt = 0;
1137 if (wpa_set_wep_keys(wpa_s, ssid)) {
1138 use_crypt = 1;
1139 wep_keys_set = 1;
1140 }
1141 }
1142 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1143 use_crypt = 0;
1144
1145 #ifdef IEEE8021X_EAPOL
1146 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1147 if ((ssid->eapol_flags &
1148 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1149 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1150 !wep_keys_set) {
1151 use_crypt = 0;
1152 } else {
1153 /* Assume that dynamic WEP-104 keys will be used and
1154 * set cipher suites in order for drivers to expect
1155 * encryption. */
1156 cipher_pairwise = cipher_group = CIPHER_WEP104;
1157 }
1158 }
1159 #endif /* IEEE8021X_EAPOL */
1160
1161 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1162 /* Set the key before (and later after) association */
1163 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1164 }
1165
1166 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1167 os_memset(&params, 0, sizeof(params));
1168 if (bss) {
1169 params.bssid = bss->bssid;
1170 params.ssid = bss->ssid;
1171 params.ssid_len = bss->ssid_len;
1172 params.freq = bss->freq;
1173 } else {
1174 params.ssid = ssid->ssid;
1175 params.ssid_len = ssid->ssid_len;
1176 }
1177 if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 &&
1178 params.freq == 0)
1179 params.freq = ssid->frequency; /* Initial channel for IBSS */
1180 params.wpa_ie = wpa_ie;
1181 params.wpa_ie_len = wpa_ie_len;
1182 params.pairwise_suite = cipher_pairwise;
1183 params.group_suite = cipher_group;
1184 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1185 params.auth_alg = algs;
1186 params.mode = ssid->mode;
1187 for (i = 0; i < NUM_WEP_KEYS; i++) {
1188 if (ssid->wep_key_len[i])
1189 params.wep_key[i] = ssid->wep_key[i];
1190 params.wep_key_len[i] = ssid->wep_key_len[i];
1191 }
1192 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1193
1194 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1195 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1196 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1197 params.passphrase = ssid->passphrase;
1198 if (ssid->psk_set)
1199 params.psk = ssid->psk;
1200 }
1201
1202 params.drop_unencrypted = use_crypt;
1203
1204 #ifdef CONFIG_IEEE80211W
1205 params.mgmt_frame_protection = ssid->ieee80211w;
1206 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION && bss) {
1207 const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1208 struct wpa_ie_data ie;
1209 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1210 ie.capabilities &
1211 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1212 wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: "
1213 "require MFP");
1214 params.mgmt_frame_protection =
1215 MGMT_FRAME_PROTECTION_REQUIRED;
1216 }
1217 }
1218 #endif /* CONFIG_IEEE80211W */
1219
1220 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1221 ret = ieee80211_sta_associate(wpa_s, &params);
1222 else
1223 ret = wpa_drv_associate(wpa_s, &params);
1224 if (ret < 0) {
1225 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1226 "failed");
1227 /* try to continue anyway; new association will be tried again
1228 * after timeout */
1229 assoc_failed = 1;
1230 }
1231
1232 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1233 /* Set the key after the association just in case association
1234 * cleared the previously configured key. */
1235 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1236 /* No need to timeout authentication since there is no key
1237 * management. */
1238 wpa_supplicant_cancel_auth_timeout(wpa_s);
1239 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1240 #ifdef CONFIG_IBSS_RSN
1241 } else if (ssid->mode == WPAS_MODE_IBSS &&
1242 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1243 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1244 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
1245 /*
1246 * RSN IBSS authentication is per-STA and we can disable the
1247 * per-BSSID authentication.
1248 */
1249 wpa_supplicant_cancel_auth_timeout(wpa_s);
1250 #endif /* CONFIG_IBSS_RSN */
1251 } else {
1252 /* Timeout for IEEE 802.11 authentication and association */
1253 int timeout = 60;
1254
1255 if (assoc_failed) {
1256 /* give IBSS a bit more time */
1257 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
1258 } else if (wpa_s->conf->ap_scan == 1) {
1259 /* give IBSS a bit more time */
1260 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
1261 }
1262 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1263 }
1264
1265 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1266 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1267 /* Set static WEP keys again */
1268 wpa_set_wep_keys(wpa_s, ssid);
1269 }
1270
1271 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1272 /*
1273 * Do not allow EAP session resumption between different
1274 * network configurations.
1275 */
1276 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1277 }
1278 old_ssid = wpa_s->current_ssid;
1279 wpa_s->current_ssid = ssid;
1280 wpa_s->current_bss = bss;
1281 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1282 wpa_supplicant_initiate_eapol(wpa_s);
1283 if (old_ssid != wpa_s->current_ssid)
1284 wpas_notify_network_changed(wpa_s);
1285 }
1286
1287
1288 /**
1289 * wpa_supplicant_disassociate - Disassociate the current connection
1290 * @wpa_s: Pointer to wpa_supplicant data
1291 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1292 *
1293 * This function is used to request %wpa_supplicant to disassociate with the
1294 * current AP.
1295 */
1296 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1297 int reason_code)
1298 {
1299 struct wpa_ssid *old_ssid;
1300 u8 *addr = NULL;
1301
1302 if (!is_zero_ether_addr(wpa_s->bssid)) {
1303 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1304 ieee80211_sta_disassociate(wpa_s, reason_code);
1305 else
1306 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1307 addr = wpa_s->bssid;
1308 }
1309 wpa_clear_keys(wpa_s, addr);
1310 wpa_supplicant_mark_disassoc(wpa_s);
1311 old_ssid = wpa_s->current_ssid;
1312 wpa_s->current_ssid = NULL;
1313 wpa_s->current_bss = NULL;
1314 wpa_sm_set_config(wpa_s->wpa, NULL);
1315 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1316 if (old_ssid != wpa_s->current_ssid)
1317 wpas_notify_network_changed(wpa_s);
1318 }
1319
1320
1321 /**
1322 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1323 * @wpa_s: Pointer to wpa_supplicant data
1324 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1325 *
1326 * This function is used to request %wpa_supplicant to deauthenticate from the
1327 * current AP.
1328 */
1329 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1330 int reason_code)
1331 {
1332 struct wpa_ssid *old_ssid;
1333 u8 *addr = NULL;
1334
1335 if (!is_zero_ether_addr(wpa_s->bssid)) {
1336 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1337 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1338 else
1339 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1340 reason_code);
1341 addr = wpa_s->bssid;
1342 }
1343 wpa_clear_keys(wpa_s, addr);
1344 wpa_supplicant_mark_disassoc(wpa_s);
1345 old_ssid = wpa_s->current_ssid;
1346 wpa_s->current_ssid = NULL;
1347 wpa_s->current_bss = NULL;
1348 wpa_sm_set_config(wpa_s->wpa, NULL);
1349 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1350 if (old_ssid != wpa_s->current_ssid)
1351 wpas_notify_network_changed(wpa_s);
1352 }
1353
1354
1355 /**
1356 * wpa_supplicant_enable_network - Mark a configured network as enabled
1357 * @wpa_s: wpa_supplicant structure for a network interface
1358 * @ssid: wpa_ssid structure for a configured network or %NULL
1359 *
1360 * Enables the specified network or all networks if no network specified.
1361 */
1362 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
1363 struct wpa_ssid *ssid)
1364 {
1365 struct wpa_ssid *other_ssid;
1366 int was_disabled;
1367
1368 if (ssid == NULL) {
1369 other_ssid = wpa_s->conf->ssid;
1370 while (other_ssid) {
1371 if (other_ssid == wpa_s->current_ssid &&
1372 other_ssid->disabled)
1373 wpa_s->reassociate = 1;
1374
1375 was_disabled = other_ssid->disabled;
1376
1377 other_ssid->disabled = 0;
1378
1379 if (was_disabled != other_ssid->disabled)
1380 wpas_notify_network_enabled_changed(
1381 wpa_s, other_ssid);
1382
1383 other_ssid = other_ssid->next;
1384 }
1385 if (wpa_s->reassociate)
1386 wpa_supplicant_req_scan(wpa_s, 0, 0);
1387 } else if (wpa_s->current_ssid == NULL && ssid->disabled) {
1388 /*
1389 * Try to reassociate since there is no current configuration
1390 * and a new network was made available.
1391 */
1392 wpa_s->reassociate = 1;
1393 wpa_supplicant_req_scan(wpa_s, 0, 0);
1394
1395 was_disabled = ssid->disabled;
1396
1397 ssid->disabled = 0;
1398
1399 if (was_disabled != ssid->disabled)
1400 wpas_notify_network_enabled_changed(wpa_s, ssid);
1401 }
1402 }
1403
1404
1405 /**
1406 * wpa_supplicant_disable_network - Mark a configured network as disabled
1407 * @wpa_s: wpa_supplicant structure for a network interface
1408 * @ssid: wpa_ssid structure for a configured network or %NULL
1409 *
1410 * Disables the specified network or all networks if no network specified.
1411 */
1412 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
1413 struct wpa_ssid *ssid)
1414 {
1415 struct wpa_ssid *other_ssid;
1416 int was_disabled;
1417
1418 if (ssid == NULL) {
1419 other_ssid = wpa_s->conf->ssid;
1420 while (other_ssid) {
1421 was_disabled = other_ssid->disabled;
1422
1423 other_ssid->disabled = 1;
1424
1425 if (was_disabled != other_ssid->disabled)
1426 wpas_notify_network_enabled_changed(
1427 wpa_s, other_ssid);
1428
1429 other_ssid = other_ssid->next;
1430 }
1431 if (wpa_s->current_ssid)
1432 wpa_supplicant_disassociate(
1433 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1434 } else {
1435 if (ssid == wpa_s->current_ssid)
1436 wpa_supplicant_disassociate(
1437 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1438
1439 was_disabled = ssid->disabled;
1440
1441 ssid->disabled = 1;
1442
1443 if (was_disabled != ssid->disabled)
1444 wpas_notify_network_enabled_changed(wpa_s, ssid);
1445 }
1446 }
1447
1448
1449 /**
1450 * wpa_supplicant_select_network - Attempt association with a network
1451 * @wpa_s: wpa_supplicant structure for a network interface
1452 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
1453 */
1454 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
1455 struct wpa_ssid *ssid)
1456 {
1457
1458 struct wpa_ssid *other_ssid;
1459
1460 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid)
1461 wpa_supplicant_disassociate(
1462 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
1463
1464 /*
1465 * Mark all other networks disabled or mark all networks enabled if no
1466 * network specified.
1467 */
1468 other_ssid = wpa_s->conf->ssid;
1469 while (other_ssid) {
1470 int was_disabled = other_ssid->disabled;
1471
1472 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
1473
1474 if (was_disabled != other_ssid->disabled)
1475 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
1476
1477 other_ssid = other_ssid->next;
1478 }
1479 wpa_s->disconnected = 0;
1480 wpa_s->reassociate = 1;
1481 wpa_supplicant_req_scan(wpa_s, 0, 0);
1482
1483 if (ssid)
1484 wpas_notify_network_selected(wpa_s, ssid);
1485 }
1486
1487
1488 /**
1489 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
1490 * @wpa_s: wpa_supplicant structure for a network interface
1491 * @ap_scan: AP scan mode
1492 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
1493 *
1494 */
1495 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
1496 {
1497
1498 int old_ap_scan;
1499
1500 if (ap_scan < 0 || ap_scan > 2)
1501 return -1;
1502
1503 old_ap_scan = wpa_s->conf->ap_scan;
1504 wpa_s->conf->ap_scan = ap_scan;
1505
1506 if (old_ap_scan != wpa_s->conf->ap_scan)
1507 wpas_notify_ap_scan_changed(wpa_s);
1508
1509 return 0;
1510 }
1511
1512
1513 /**
1514 * wpa_supplicant_set_debug_params - Set global debug params
1515 * @global: wpa_global structure
1516 * @debug_level: debug level
1517 * @debug_timestamp: determines if show timestamp in debug data
1518 * @debug_show_keys: determines if show keys in debug data
1519 * Returns: 0 if succeed or -1 if debug_level has wrong value
1520 */
1521 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
1522 int debug_timestamp, int debug_show_keys)
1523 {
1524
1525 int old_level, old_timestamp, old_show_keys;
1526
1527 /* check for allowed debuglevels */
1528 if (debug_level != MSG_MSGDUMP &&
1529 debug_level != MSG_DEBUG &&
1530 debug_level != MSG_INFO &&
1531 debug_level != MSG_WARNING &&
1532 debug_level != MSG_ERROR)
1533 return -1;
1534
1535 old_level = wpa_debug_level;
1536 old_timestamp = wpa_debug_timestamp;
1537 old_show_keys = wpa_debug_show_keys;
1538
1539 wpa_debug_level = debug_level;
1540 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
1541 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
1542
1543 if (wpa_debug_level != old_level)
1544 wpas_notify_debug_level_changed(global);
1545 if (wpa_debug_timestamp != old_timestamp)
1546 wpas_notify_debug_timestamp_changed(global);
1547 if (wpa_debug_show_keys != old_show_keys)
1548 wpas_notify_debug_show_keys_changed(global);
1549
1550 return 0;
1551 }
1552
1553
1554 /**
1555 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1556 * @wpa_s: Pointer to wpa_supplicant data
1557 * Returns: A pointer to the current network structure or %NULL on failure
1558 */
1559 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1560 {
1561 struct wpa_ssid *entry;
1562 u8 ssid[MAX_SSID_LEN];
1563 int res;
1564 size_t ssid_len;
1565 u8 bssid[ETH_ALEN];
1566 int wired;
1567
1568 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1569 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1570 wpa_printf(MSG_WARNING, "Could not read SSID from "
1571 "MLME.");
1572 return NULL;
1573 }
1574 } else {
1575 res = wpa_drv_get_ssid(wpa_s, ssid);
1576 if (res < 0) {
1577 wpa_printf(MSG_WARNING, "Could not read SSID from "
1578 "driver.");
1579 return NULL;
1580 }
1581 ssid_len = res;
1582 }
1583
1584 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1585 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1586 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1587 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1588 return NULL;
1589 }
1590
1591 wired = wpa_s->conf->ap_scan == 0 &&
1592 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
1593
1594 entry = wpa_s->conf->ssid;
1595 while (entry) {
1596 if (!entry->disabled &&
1597 ((ssid_len == entry->ssid_len &&
1598 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1599 (!entry->bssid_set ||
1600 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1601 return entry;
1602 #ifdef CONFIG_WPS
1603 if (!entry->disabled &&
1604 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1605 (entry->ssid == NULL || entry->ssid_len == 0) &&
1606 (!entry->bssid_set ||
1607 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1608 return entry;
1609 #endif /* CONFIG_WPS */
1610 entry = entry->next;
1611 }
1612
1613 return NULL;
1614 }
1615
1616
1617 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1618 const char *name)
1619 {
1620 int i;
1621 size_t len;
1622 const char *pos;
1623
1624 if (wpa_s == NULL)
1625 return -1;
1626
1627 if (wpa_drivers[0] == NULL) {
1628 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1629 "wpa_supplicant.");
1630 return -1;
1631 }
1632
1633 if (name == NULL) {
1634 /* default to first driver in the list */
1635 wpa_s->driver = wpa_drivers[0];
1636 wpa_s->global_drv_priv = wpa_s->global->drv_priv[0];
1637 return 0;
1638 }
1639
1640 pos = os_strchr(name, ',');
1641 if (pos)
1642 len = pos - name;
1643 else
1644 len = os_strlen(name);
1645 for (i = 0; wpa_drivers[i]; i++) {
1646 if (os_strlen(wpa_drivers[i]->name) == len &&
1647 os_strncmp(name, wpa_drivers[i]->name, len) ==
1648 0) {
1649 wpa_s->driver = wpa_drivers[i];
1650 wpa_s->global_drv_priv = wpa_s->global->drv_priv[i];
1651 return 0;
1652 }
1653 }
1654
1655 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.", name);
1656 return -1;
1657 }
1658
1659
1660 /**
1661 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
1662 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
1663 * with struct wpa_driver_ops::init()
1664 * @src_addr: Source address of the EAPOL frame
1665 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
1666 * @len: Length of the EAPOL data
1667 *
1668 * This function is called for each received EAPOL frame. Most driver
1669 * interfaces rely on more generic OS mechanism for receiving frames through
1670 * l2_packet, but if such a mechanism is not available, the driver wrapper may
1671 * take care of received EAPOL frames and deliver them to the core supplicant
1672 * code by calling this function.
1673 */
1674 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1675 const u8 *buf, size_t len)
1676 {
1677 struct wpa_supplicant *wpa_s = ctx;
1678
1679 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1680 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1681
1682 if (wpa_s->wpa_state < WPA_ASSOCIATED) {
1683 /*
1684 * There is possible race condition between receiving the
1685 * association event and the EAPOL frame since they are coming
1686 * through different paths from the driver. In order to avoid
1687 * issues in trying to process the EAPOL frame before receiving
1688 * association information, lets queue it for processing until
1689 * the association event is received.
1690 */
1691 wpa_printf(MSG_DEBUG, "Not associated - Delay processing of "
1692 "received EAPOL frame");
1693 wpabuf_free(wpa_s->pending_eapol_rx);
1694 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
1695 if (wpa_s->pending_eapol_rx) {
1696 os_get_time(&wpa_s->pending_eapol_rx_time);
1697 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
1698 ETH_ALEN);
1699 }
1700 return;
1701 }
1702
1703 #ifdef CONFIG_AP
1704 if (wpa_s->ap_iface) {
1705 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len);
1706 return;
1707 }
1708 #endif /* CONFIG_AP */
1709
1710 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1711 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1712 "no key management is configured");
1713 return;
1714 }
1715
1716 if (wpa_s->eapol_received == 0 &&
1717 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
1718 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1719 wpa_s->wpa_state != WPA_COMPLETED) &&
1720 (wpa_s->current_ssid == NULL ||
1721 wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) {
1722 /* Timeout for completing IEEE 802.1X and WPA authentication */
1723 wpa_supplicant_req_auth_timeout(
1724 wpa_s,
1725 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
1726 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1727 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
1728 70 : 10, 0);
1729 }
1730 wpa_s->eapol_received++;
1731
1732 if (wpa_s->countermeasures) {
1733 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1734 "packet");
1735 return;
1736 }
1737
1738 #ifdef CONFIG_IBSS_RSN
1739 if (wpa_s->current_ssid &&
1740 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
1741 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1742 return;
1743 }
1744 #endif /* CONFIG_IBSS_RSN */
1745
1746 /* Source address of the incoming EAPOL frame could be compared to the
1747 * current BSSID. However, it is possible that a centralized
1748 * Authenticator could be using another MAC address than the BSSID of
1749 * an AP, so just allow any address to be used for now. The replies are
1750 * still sent to the current BSSID (if available), though. */
1751
1752 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
1753 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
1754 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1755 return;
1756 wpa_drv_poll(wpa_s);
1757 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1758 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
1759 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
1760 /*
1761 * Set portValid = TRUE here since we are going to skip 4-way
1762 * handshake processing which would normally set portValid. We
1763 * need this to allow the EAPOL state machines to be completed
1764 * without going through EAPOL-Key handshake.
1765 */
1766 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1767 }
1768 }
1769
1770
1771 /**
1772 * wpa_supplicant_driver_init - Initialize driver interface parameters
1773 * @wpa_s: Pointer to wpa_supplicant data
1774 * Returns: 0 on success, -1 on failure
1775 *
1776 * This function is called to initialize driver interface parameters.
1777 * wpa_drv_init() must have been called before this function to initialize the
1778 * driver interface.
1779 */
1780 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1781 {
1782 static int interface_count = 0;
1783
1784 if (wpa_s->driver->send_eapol) {
1785 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1786 if (addr)
1787 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1788 } else {
1789 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1790 wpa_drv_get_mac_addr(wpa_s),
1791 ETH_P_EAPOL,
1792 wpa_supplicant_rx_eapol, wpa_s, 0);
1793 if (wpa_s->l2 == NULL)
1794 return -1;
1795 }
1796
1797 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1798 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
1799 return -1;
1800 }
1801
1802 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
1803 MAC2STR(wpa_s->own_addr));
1804
1805 if (wpa_s->bridge_ifname[0]) {
1806 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
1807 " '%s'", wpa_s->bridge_ifname);
1808 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1809 wpa_s->own_addr,
1810 ETH_P_EAPOL,
1811 wpa_supplicant_rx_eapol, wpa_s,
1812 0);
1813 if (wpa_s->l2_br == NULL) {
1814 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
1815 "connection for the bridge interface '%s'",
1816 wpa_s->bridge_ifname);
1817 return -1;
1818 }
1819 }
1820
1821 wpa_clear_keys(wpa_s, NULL);
1822
1823 /* Make sure that TKIP countermeasures are not left enabled (could
1824 * happen if wpa_supplicant is killed during countermeasures. */
1825 wpa_drv_set_countermeasures(wpa_s, 0);
1826
1827 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1828 wpa_drv_flush_pmkid(wpa_s);
1829
1830 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
1831 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1832 interface_count++;
1833
1834 return 0;
1835 }
1836
1837
1838 static int wpa_supplicant_daemon(const char *pid_file)
1839 {
1840 wpa_printf(MSG_DEBUG, "Daemonize..");
1841 return os_daemonize(pid_file);
1842 }
1843
1844
1845 static struct wpa_supplicant * wpa_supplicant_alloc(void)
1846 {
1847 struct wpa_supplicant *wpa_s;
1848
1849 wpa_s = os_zalloc(sizeof(*wpa_s));
1850 if (wpa_s == NULL)
1851 return NULL;
1852 wpa_s->scan_req = 1;
1853 wpa_s->new_connection = 1;
1854
1855 return wpa_s;
1856 }
1857
1858
1859 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1860 struct wpa_interface *iface)
1861 {
1862 const char *ifname, *driver;
1863 struct wpa_driver_capa capa;
1864
1865 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
1866 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
1867 iface->confname ? iface->confname : "N/A",
1868 iface->driver ? iface->driver : "default",
1869 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
1870 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
1871
1872 if (iface->confname) {
1873 #ifdef CONFIG_BACKEND_FILE
1874 wpa_s->confname = os_rel2abs_path(iface->confname);
1875 if (wpa_s->confname == NULL) {
1876 wpa_printf(MSG_ERROR, "Failed to get absolute path "
1877 "for configuration file '%s'.",
1878 iface->confname);
1879 return -1;
1880 }
1881 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
1882 iface->confname, wpa_s->confname);
1883 #else /* CONFIG_BACKEND_FILE */
1884 wpa_s->confname = os_strdup(iface->confname);
1885 #endif /* CONFIG_BACKEND_FILE */
1886 wpa_s->conf = wpa_config_read(wpa_s->confname);
1887 if (wpa_s->conf == NULL) {
1888 wpa_printf(MSG_ERROR, "Failed to read or parse "
1889 "configuration '%s'.", wpa_s->confname);
1890 return -1;
1891 }
1892
1893 /*
1894 * Override ctrl_interface and driver_param if set on command
1895 * line.
1896 */
1897 if (iface->ctrl_interface) {
1898 os_free(wpa_s->conf->ctrl_interface);
1899 wpa_s->conf->ctrl_interface =
1900 os_strdup(iface->ctrl_interface);
1901 }
1902
1903 if (iface->driver_param) {
1904 os_free(wpa_s->conf->driver_param);
1905 wpa_s->conf->driver_param =
1906 os_strdup(iface->driver_param);
1907 }
1908 } else
1909 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
1910 iface->driver_param);
1911
1912 if (wpa_s->conf == NULL) {
1913 wpa_printf(MSG_ERROR, "\nNo configuration found.");
1914 return -1;
1915 }
1916
1917 if (iface->ifname == NULL) {
1918 wpa_printf(MSG_ERROR, "\nInterface name is required.");
1919 return -1;
1920 }
1921 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
1922 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
1923 iface->ifname);
1924 return -1;
1925 }
1926 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
1927
1928 if (iface->bridge_ifname) {
1929 if (os_strlen(iface->bridge_ifname) >=
1930 sizeof(wpa_s->bridge_ifname)) {
1931 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
1932 "name '%s'.", iface->bridge_ifname);
1933 return -1;
1934 }
1935 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
1936 sizeof(wpa_s->bridge_ifname));
1937 }
1938
1939 /* RSNA Supplicant Key Management - INITIALIZE */
1940 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1941 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1942
1943 /* Initialize driver interface and register driver event handler before
1944 * L2 receive handler so that association events are processed before
1945 * EAPOL-Key packets if both become available for the same select()
1946 * call. */
1947 driver = iface->driver;
1948 next_driver:
1949 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
1950 return -1;
1951
1952 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
1953 if (wpa_s->drv_priv == NULL) {
1954 const char *pos;
1955 pos = driver ? os_strchr(driver, ',') : NULL;
1956 if (pos) {
1957 wpa_printf(MSG_DEBUG, "Failed to initialize driver "
1958 "interface - try next driver wrapper");
1959 driver = pos + 1;
1960 goto next_driver;
1961 }
1962 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
1963 return -1;
1964 }
1965 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
1966 wpa_printf(MSG_ERROR, "Driver interface rejected "
1967 "driver_param '%s'", wpa_s->conf->driver_param);
1968 return -1;
1969 }
1970
1971 ifname = wpa_drv_get_ifname(wpa_s);
1972 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
1973 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
1974 "name with '%s'", ifname);
1975 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
1976 }
1977
1978 if (wpa_supplicant_init_wpa(wpa_s) < 0)
1979 return -1;
1980
1981 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
1982 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
1983 NULL);
1984 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1985
1986 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
1987 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
1988 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
1989 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1990 "dot11RSNAConfigPMKLifetime");
1991 return -1;
1992 }
1993
1994 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
1995 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
1996 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
1997 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1998 "dot11RSNAConfigPMKReauthThreshold");
1999 return -1;
2000 }
2001
2002 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
2003 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
2004 wpa_s->conf->dot11RSNAConfigSATimeout)) {
2005 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
2006 "dot11RSNAConfigSATimeout");
2007 return -1;
2008 }
2009
2010 if (wpa_supplicant_driver_init(wpa_s) < 0)
2011 return -1;
2012
2013 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
2014 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
2015 wpa_printf(MSG_DEBUG, "Failed to set country");
2016 return -1;
2017 }
2018
2019 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
2020
2021 if (wpas_wps_init(wpa_s))
2022 return -1;
2023
2024 if (wpa_supplicant_init_eapol(wpa_s) < 0)
2025 return -1;
2026 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
2027
2028 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
2029 if (wpa_s->ctrl_iface == NULL) {
2030 wpa_printf(MSG_ERROR,
2031 "Failed to initialize control interface '%s'.\n"
2032 "You may have another wpa_supplicant process "
2033 "already running or the file was\n"
2034 "left by an unclean termination of wpa_supplicant "
2035 "in which case you will need\n"
2036 "to manually remove this file before starting "
2037 "wpa_supplicant again.\n",
2038 wpa_s->conf->ctrl_interface);
2039 return -1;
2040 }
2041
2042 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
2043 wpa_s->drv_flags = capa.flags;
2044 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
2045 if (ieee80211_sta_init(wpa_s))
2046 return -1;
2047 }
2048 wpa_s->max_scan_ssids = capa.max_scan_ssids;
2049 }
2050
2051 #ifdef CONFIG_IBSS_RSN
2052 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
2053 if (!wpa_s->ibss_rsn) {
2054 wpa_printf(MSG_DEBUG, "Failed to init IBSS RSN");
2055 return -1;
2056 }
2057 #endif /* CONFIG_IBSS_RSN */
2058
2059 if (wpa_bss_init(wpa_s) < 0)
2060 return -1;
2061
2062 return 0;
2063 }
2064
2065
2066 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
2067 int notify)
2068 {
2069 if (wpa_s->drv_priv) {
2070 wpa_supplicant_deauthenticate(wpa_s,
2071 WLAN_REASON_DEAUTH_LEAVING);
2072
2073 wpa_drv_set_countermeasures(wpa_s, 0);
2074 wpa_clear_keys(wpa_s, NULL);
2075 }
2076
2077 wpa_supplicant_cleanup(wpa_s);
2078
2079 if (notify)
2080 wpas_notify_iface_removed(wpa_s);
2081
2082 if (wpa_s->drv_priv)
2083 wpa_drv_deinit(wpa_s);
2084 }
2085
2086
2087 /**
2088 * wpa_supplicant_add_iface - Add a new network interface
2089 * @global: Pointer to global data from wpa_supplicant_init()
2090 * @iface: Interface configuration options
2091 * Returns: Pointer to the created interface or %NULL on failure
2092 *
2093 * This function is used to add new network interfaces for %wpa_supplicant.
2094 * This can be called before wpa_supplicant_run() to add interfaces before the
2095 * main event loop has been started. In addition, new interfaces can be added
2096 * dynamically while %wpa_supplicant is already running. This could happen,
2097 * e.g., when a hotplug network adapter is inserted.
2098 */
2099 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
2100 struct wpa_interface *iface)
2101 {
2102 struct wpa_supplicant *wpa_s;
2103 struct wpa_interface t_iface;
2104 struct wpa_ssid *ssid;
2105
2106 if (global == NULL || iface == NULL)
2107 return NULL;
2108
2109 wpa_s = wpa_supplicant_alloc();
2110 if (wpa_s == NULL)
2111 return NULL;
2112
2113 wpa_s->global = global;
2114
2115 t_iface = *iface;
2116 if (global->params.override_driver) {
2117 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
2118 "('%s' -> '%s')",
2119 iface->driver, global->params.override_driver);
2120 t_iface.driver = global->params.override_driver;
2121 }
2122 if (global->params.override_ctrl_interface) {
2123 wpa_printf(MSG_DEBUG, "Override interface parameter: "
2124 "ctrl_interface ('%s' -> '%s')",
2125 iface->ctrl_interface,
2126 global->params.override_ctrl_interface);
2127 t_iface.ctrl_interface =
2128 global->params.override_ctrl_interface;
2129 }
2130 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
2131 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2132 iface->ifname);
2133 wpa_supplicant_deinit_iface(wpa_s, 0);
2134 os_free(wpa_s);
2135 return NULL;
2136 }
2137
2138 /* Notify the control interfaces about new iface */
2139 if (wpas_notify_iface_added(wpa_s)) {
2140 wpa_supplicant_deinit_iface(wpa_s, 1);
2141 os_free(wpa_s);
2142 return NULL;
2143 }
2144
2145 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
2146 wpas_notify_network_added(wpa_s, ssid);
2147
2148 wpa_s->next = global->ifaces;
2149 global->ifaces = wpa_s;
2150
2151 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2152
2153 return wpa_s;
2154 }
2155
2156
2157 /**
2158 * wpa_supplicant_remove_iface - Remove a network interface
2159 * @global: Pointer to global data from wpa_supplicant_init()
2160 * @wpa_s: Pointer to the network interface to be removed
2161 * Returns: 0 if interface was removed, -1 if interface was not found
2162 *
2163 * This function can be used to dynamically remove network interfaces from
2164 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2165 * addition, this function is used to remove all remaining interfaces when
2166 * %wpa_supplicant is terminated.
2167 */
2168 int wpa_supplicant_remove_iface(struct wpa_global *global,
2169 struct wpa_supplicant *wpa_s)
2170 {
2171 struct wpa_supplicant *prev;
2172
2173 /* Remove interface from the global list of interfaces */
2174 prev = global->ifaces;
2175 if (prev == wpa_s) {
2176 global->ifaces = wpa_s->next;
2177 } else {
2178 while (prev && prev->next != wpa_s)
2179 prev = prev->next;
2180 if (prev == NULL)
2181 return -1;
2182 prev->next = wpa_s->next;
2183 }
2184
2185 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2186
2187 wpa_supplicant_deinit_iface(wpa_s, 1);
2188 os_free(wpa_s);
2189
2190 return 0;
2191 }
2192
2193
2194 /**
2195 * wpa_supplicant_get_iface - Get a new network interface
2196 * @global: Pointer to global data from wpa_supplicant_init()
2197 * @ifname: Interface name
2198 * Returns: Pointer to the interface or %NULL if not found
2199 */
2200 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2201 const char *ifname)
2202 {
2203 struct wpa_supplicant *wpa_s;
2204
2205 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2206 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2207 return wpa_s;
2208 }
2209 return NULL;
2210 }
2211
2212
2213 /**
2214 * wpa_supplicant_init - Initialize %wpa_supplicant
2215 * @params: Parameters for %wpa_supplicant
2216 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2217 *
2218 * This function is used to initialize %wpa_supplicant. After successful
2219 * initialization, the returned data pointer can be used to add and remove
2220 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2221 */
2222 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2223 {
2224 struct wpa_global *global;
2225 int ret, i;
2226
2227 if (params == NULL)
2228 return NULL;
2229
2230 wpa_debug_open_file(params->wpa_debug_file_path);
2231 if (params->wpa_debug_syslog)
2232 wpa_debug_open_syslog();
2233
2234 ret = eap_register_methods();
2235 if (ret) {
2236 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2237 if (ret == -2)
2238 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2239 "the same EAP type.");
2240 return NULL;
2241 }
2242
2243 global = os_zalloc(sizeof(*global));
2244 if (global == NULL)
2245 return NULL;
2246 global->params.daemonize = params->daemonize;
2247 global->params.wait_for_monitor = params->wait_for_monitor;
2248 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2249 if (params->pid_file)
2250 global->params.pid_file = os_strdup(params->pid_file);
2251 if (params->ctrl_interface)
2252 global->params.ctrl_interface =
2253 os_strdup(params->ctrl_interface);
2254 if (params->override_driver)
2255 global->params.override_driver =
2256 os_strdup(params->override_driver);
2257 if (params->override_ctrl_interface)
2258 global->params.override_ctrl_interface =
2259 os_strdup(params->override_ctrl_interface);
2260 wpa_debug_level = global->params.wpa_debug_level =
2261 params->wpa_debug_level;
2262 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2263 params->wpa_debug_show_keys;
2264 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2265 params->wpa_debug_timestamp;
2266
2267 if (eloop_init()) {
2268 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2269 wpa_supplicant_deinit(global);
2270 return NULL;
2271 }
2272
2273 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2274 if (global->ctrl_iface == NULL) {
2275 wpa_supplicant_deinit(global);
2276 return NULL;
2277 }
2278
2279 if (wpas_notify_supplicant_initialized(global)) {
2280 wpa_supplicant_deinit(global);
2281 return NULL;
2282 }
2283
2284 for (i = 0; wpa_drivers[i]; i++)
2285 global->drv_count++;
2286 if (global->drv_count == 0) {
2287 wpa_printf(MSG_ERROR, "No drivers enabled");
2288 wpa_supplicant_deinit(global);
2289 return NULL;
2290 }
2291 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2292 if (global->drv_priv == NULL) {
2293 wpa_supplicant_deinit(global);
2294 return NULL;
2295 }
2296 for (i = 0; wpa_drivers[i]; i++) {
2297 if (!wpa_drivers[i]->global_init)
2298 continue;
2299 global->drv_priv[i] = wpa_drivers[i]->global_init();
2300 if (global->drv_priv[i] == NULL) {
2301 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2302 "'%s'", wpa_drivers[i]->name);
2303 wpa_supplicant_deinit(global);
2304 return NULL;
2305 }
2306 }
2307
2308 return global;
2309 }
2310
2311
2312 /**
2313 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2314 * @global: Pointer to global data from wpa_supplicant_init()
2315 * Returns: 0 after successful event loop run, -1 on failure
2316 *
2317 * This function starts the main event loop and continues running as long as
2318 * there are any remaining events. In most cases, this function is running as
2319 * long as the %wpa_supplicant process in still in use.
2320 */
2321 int wpa_supplicant_run(struct wpa_global *global)
2322 {
2323 struct wpa_supplicant *wpa_s;
2324
2325 if (global->params.daemonize &&
2326 wpa_supplicant_daemon(global->params.pid_file))
2327 return -1;
2328
2329 if (global->params.wait_for_monitor) {
2330 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2331 if (wpa_s->ctrl_iface)
2332 wpa_supplicant_ctrl_iface_wait(
2333 wpa_s->ctrl_iface);
2334 }
2335
2336 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
2337 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
2338
2339 eloop_run();
2340
2341 return 0;
2342 }
2343
2344
2345 /**
2346 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2347 * @global: Pointer to global data from wpa_supplicant_init()
2348 *
2349 * This function is called to deinitialize %wpa_supplicant and to free all
2350 * allocated resources. Remaining network interfaces will also be removed.
2351 */
2352 void wpa_supplicant_deinit(struct wpa_global *global)
2353 {
2354 int i;
2355
2356 if (global == NULL)
2357 return;
2358
2359 while (global->ifaces)
2360 wpa_supplicant_remove_iface(global, global->ifaces);
2361
2362 if (global->ctrl_iface)
2363 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2364
2365 wpas_notify_supplicant_deinitialized(global);
2366
2367 eap_peer_unregister_methods();
2368 #ifdef CONFIG_AP
2369 eap_server_unregister_methods();
2370 #endif /* CONFIG_AP */
2371
2372 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
2373 if (!global->drv_priv[i])
2374 continue;
2375 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
2376 }
2377 os_free(global->drv_priv);
2378
2379 eloop_destroy();
2380
2381 if (global->params.pid_file) {
2382 os_daemonize_terminate(global->params.pid_file);
2383 os_free(global->params.pid_file);
2384 }
2385 os_free(global->params.ctrl_interface);
2386 os_free(global->params.override_driver);
2387 os_free(global->params.override_ctrl_interface);
2388
2389 os_free(global);
2390 wpa_debug_close_syslog();
2391 wpa_debug_close_file();
2392 }