1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2022, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12 #ifdef __ZEPHYR__
13 #include <supp_events.h>
14 #endif /* __ZEPHYR__ */
15
16 #include "includes.h"
17 #ifdef CONFIG_MATCH_IFACE
18 #include <net/if.h>
19 #include <fnmatch.h>
20 #endif /* CONFIG_MATCH_IFACE */
21
22 #include "common.h"
23 #include "crypto/random.h"
24 #include "crypto/sha1.h"
25 #include "eapol_supp/eapol_supp_sm.h"
26 #include "eap_peer/eap.h"
27 #include "eap_peer/eap_proxy.h"
28 #include "eap_server/eap_methods.h"
29 #include "rsn_supp/wpa.h"
30 #include "eloop.h"
31 #include "config.h"
32 #include "utils/ext_password.h"
33 #include "l2_packet/l2_packet.h"
34 #include "wpa_supplicant_i.h"
35 #include "driver_i.h"
36 #include "ctrl_iface.h"
37 #include "pcsc_funcs.h"
38 #include "common/version.h"
39 #include "rsn_supp/preauth.h"
40 #include "rsn_supp/pmksa_cache.h"
41 #include "common/wpa_ctrl.h"
42 #include "common/ieee802_11_common.h"
43 #include "common/ieee802_11_defs.h"
44 #include "common/hw_features_common.h"
45 #include "common/gas_server.h"
46 #include "common/dpp.h"
47 #include "common/ptksa_cache.h"
48 #include "p2p/p2p.h"
49 #include "fst/fst.h"
50 #include "bssid_ignore.h"
51 #include "wpas_glue.h"
52 #include "wps_supplicant.h"
53 #include "ibss_rsn.h"
54 #include "sme.h"
55 #include "gas_query.h"
56 #include "ap.h"
57 #include "p2p_supplicant.h"
58 #include "wifi_display.h"
59 #include "notify.h"
60 #include "bgscan.h"
61 #include "autoscan.h"
62 #include "bss.h"
63 #include "scan.h"
64 #include "offchannel.h"
65 #include "hs20_supplicant.h"
66 #include "wnm_sta.h"
67 #include "wpas_kay.h"
68 #include "mesh.h"
69 #include "dpp_supplicant.h"
70 #ifdef CONFIG_MESH
71 #include "ap/ap_config.h"
72 #include "ap/hostapd.h"
73 #endif /* CONFIG_MESH */
74
75 const char *const wpa_supplicant_version =
76 "wpa_supplicant v" VERSION_STR "\n"
77 "Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi> and contributors";
78
79 const char *const wpa_supplicant_license =
80 "This software may be distributed under the terms of the BSD license.\n"
81 "See README for more details.\n"
82 #ifdef EAP_TLS_OPENSSL
83 "\nThis product includes software developed by the OpenSSL Project\n"
84 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
85 #endif /* EAP_TLS_OPENSSL */
86 ;
87
88 #ifndef CONFIG_NO_STDOUT_DEBUG
89 /* Long text divided into parts in order to fit in C89 strings size limits. */
90 const char *const wpa_supplicant_full_license1 =
91 "";
92 const char *const wpa_supplicant_full_license2 =
93 "This software may be distributed under the terms of the BSD license.\n"
94 "\n"
95 "Redistribution and use in source and binary forms, with or without\n"
96 "modification, are permitted provided that the following conditions are\n"
97 "met:\n"
98 "\n";
99 const char *const wpa_supplicant_full_license3 =
100 "1. Redistributions of source code must retain the above copyright\n"
101 " notice, this list of conditions and the following disclaimer.\n"
102 "\n"
103 "2. Redistributions in binary form must reproduce the above copyright\n"
104 " notice, this list of conditions and the following disclaimer in the\n"
105 " documentation and/or other materials provided with the distribution.\n"
106 "\n";
107 const char *const wpa_supplicant_full_license4 =
108 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
109 " names of its contributors may be used to endorse or promote products\n"
110 " derived from this software without specific prior written permission.\n"
111 "\n"
112 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
113 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
114 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
115 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
116 const char *const wpa_supplicant_full_license5 =
117 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
118 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
119 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
120 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
121 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
122 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
123 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
124 "\n";
125 #endif /* CONFIG_NO_STDOUT_DEBUG */
126
127
128 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
129 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx);
130 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
131 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
132 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
133 #ifdef CONFIG_OWE
134 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
135 #endif /* CONFIG_OWE */
136
137
138 #ifdef CONFIG_WEP
139 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)140 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
141 {
142 int i, set = 0;
143
144 for (i = 0; i < NUM_WEP_KEYS; i++) {
145 if (ssid->wep_key_len[i] == 0)
146 continue;
147
148 set = 1;
149 wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL,
150 i, i == ssid->wep_tx_keyidx, NULL, 0,
151 ssid->wep_key[i], ssid->wep_key_len[i],
152 i == ssid->wep_tx_keyidx ?
153 KEY_FLAG_GROUP_RX_TX_DEFAULT :
154 KEY_FLAG_GROUP_RX_TX);
155 }
156
157 return set;
158 }
159 #endif /* CONFIG_WEP */
160
161
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)162 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
163 struct wpa_ssid *ssid)
164 {
165 u8 key[32];
166 size_t keylen;
167 enum wpa_alg alg;
168 u8 seq[6] = { 0 };
169 int ret;
170
171 /* IBSS/WPA-None uses only one key (Group) for both receiving and
172 * sending unicast and multicast packets. */
173
174 if (ssid->mode != WPAS_MODE_IBSS) {
175 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
176 "IBSS/ad-hoc) for WPA-None", ssid->mode);
177 return -1;
178 }
179
180 if (!ssid->psk_set) {
181 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
182 "WPA-None");
183 return -1;
184 }
185
186 switch (wpa_s->group_cipher) {
187 case WPA_CIPHER_CCMP:
188 os_memcpy(key, ssid->psk, 16);
189 keylen = 16;
190 alg = WPA_ALG_CCMP;
191 break;
192 case WPA_CIPHER_GCMP:
193 os_memcpy(key, ssid->psk, 16);
194 keylen = 16;
195 alg = WPA_ALG_GCMP;
196 break;
197 case WPA_CIPHER_TKIP:
198 /* WPA-None uses the same Michael MIC key for both TX and RX */
199 os_memcpy(key, ssid->psk, 16 + 8);
200 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
201 keylen = 32;
202 alg = WPA_ALG_TKIP;
203 break;
204 default:
205 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
206 "WPA-None", wpa_s->group_cipher);
207 return -1;
208 }
209
210 /* TODO: should actually remember the previously used seq#, both for TX
211 * and RX from each STA.. */
212
213 ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen,
214 KEY_FLAG_GROUP_RX_TX_DEFAULT);
215 os_memset(key, 0, sizeof(key));
216 return ret;
217 }
218
219
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)220 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
221 {
222 struct wpa_supplicant *wpa_s = eloop_ctx;
223 const u8 *bssid = wpa_s->bssid;
224 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
225 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
226 wpa_s->wpa_state == WPA_ASSOCIATING))
227 bssid = wpa_s->pending_bssid;
228 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
229 MAC2STR(bssid));
230 wpa_bssid_ignore_add(wpa_s, bssid);
231 wpa_sm_notify_disassoc(wpa_s->wpa);
232 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
233 wpa_s->reassociate = 1;
234
235 /*
236 * If we timed out, the AP or the local radio may be busy.
237 * So, wait a second until scanning again.
238 */
239 wpa_supplicant_req_scan(wpa_s, 1, 0);
240 }
241
242
243 /**
244 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
245 * @wpa_s: Pointer to wpa_supplicant data
246 * @sec: Number of seconds after which to time out authentication
247 * @usec: Number of microseconds after which to time out authentication
248 *
249 * This function is used to schedule a timeout for the current authentication
250 * attempt.
251 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)252 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
253 int sec, int usec)
254 {
255 if (wpa_s->conf->ap_scan == 0 &&
256 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
257 return;
258
259 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
260 "%d usec", sec, usec);
261 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
262 wpa_s->last_auth_timeout_sec = sec;
263 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
264 }
265
266
267 /*
268 * wpas_auth_timeout_restart - Restart and change timeout for authentication
269 * @wpa_s: Pointer to wpa_supplicant data
270 * @sec_diff: difference in seconds applied to original timeout value
271 */
wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)272 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
273 {
274 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
275
276 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
277 wpa_dbg(wpa_s, MSG_DEBUG,
278 "Authentication timeout restart: %d sec", new_sec);
279 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
280 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
281 wpa_s, NULL);
282 }
283 }
284
285
286 /**
287 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
288 * @wpa_s: Pointer to wpa_supplicant data
289 *
290 * This function is used to cancel authentication timeout scheduled with
291 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
292 * been completed.
293 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)294 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
295 {
296 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
297 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
298 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
299 os_free(wpa_s->last_con_fail_realm);
300 wpa_s->last_con_fail_realm = NULL;
301 wpa_s->last_con_fail_realm_len = 0;
302 }
303
304
305 /**
306 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
307 * @wpa_s: Pointer to wpa_supplicant data
308 *
309 * This function is used to configure EAPOL state machine based on the selected
310 * authentication mode.
311 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)312 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
313 {
314 #ifdef IEEE8021X_EAPOL
315 struct eapol_config eapol_conf;
316 struct wpa_ssid *ssid = wpa_s->current_ssid;
317
318 #ifdef CONFIG_IBSS_RSN
319 if (ssid->mode == WPAS_MODE_IBSS &&
320 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
321 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
322 /*
323 * RSN IBSS authentication is per-STA and we can disable the
324 * per-BSSID EAPOL authentication.
325 */
326 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
327 eapol_sm_notify_eap_success(wpa_s->eapol, true);
328 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
329 return;
330 }
331 #endif /* CONFIG_IBSS_RSN */
332
333 eapol_sm_notify_eap_success(wpa_s->eapol, false);
334 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
335
336 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
337 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
338 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
339 else
340 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
341
342 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
343 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
344 eapol_conf.accept_802_1x_keys = 1;
345 eapol_conf.required_keys = 0;
346 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
347 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
348 }
349 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
350 eapol_conf.required_keys |=
351 EAPOL_REQUIRE_KEY_BROADCAST;
352 }
353
354 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
355 eapol_conf.required_keys = 0;
356 }
357 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
358 eapol_conf.workaround = ssid->eap_workaround;
359 eapol_conf.eap_disabled =
360 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
361 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
362 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
363 eapol_conf.external_sim = wpa_s->conf->external_sim;
364
365 #ifdef CONFIG_WPS
366 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
367 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
368 if (wpa_s->current_bss) {
369 struct wpabuf *ie;
370 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
371 WPS_IE_VENDOR_TYPE);
372 if (ie) {
373 if (wps_is_20(ie))
374 eapol_conf.wps |=
375 EAPOL_PEER_IS_WPS20_AP;
376 wpabuf_free(ie);
377 }
378 }
379 }
380 #endif /* CONFIG_WPS */
381
382 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
383
384 #ifdef CONFIG_MACSEC
385 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
386 ieee802_1x_create_preshared_mka(wpa_s, ssid);
387 else
388 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
389 #endif /* CONFIG_MACSEC */
390 #endif /* IEEE8021X_EAPOL */
391 }
392
393
394 /**
395 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
396 * @wpa_s: Pointer to wpa_supplicant data
397 * @ssid: Configuration data for the network
398 *
399 * This function is used to configure WPA state machine and related parameters
400 * to a mode where WPA is not enabled. This is called as part of the
401 * authentication configuration when the selected network does not use WPA.
402 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)403 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
404 struct wpa_ssid *ssid)
405 {
406 #ifdef CONFIG_WEP
407 int i;
408 #endif /* CONFIG_WEP */
409
410 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
411 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
412 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
413 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
414 else
415 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
416 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
417 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
418 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
419 wpa_sm_set_ap_rsne_override(wpa_s->wpa, NULL, 0);
420 wpa_sm_set_ap_rsne_override_2(wpa_s->wpa, NULL, 0);
421 wpa_sm_set_ap_rsnxe_override(wpa_s->wpa, NULL, 0);
422 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
423 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
424 wpa_s->rsnxe_len = 0;
425 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
426 wpa_s->group_cipher = WPA_CIPHER_NONE;
427 wpa_s->mgmt_group_cipher = 0;
428
429 #ifdef CONFIG_WEP
430 for (i = 0; i < NUM_WEP_KEYS; i++) {
431 if (ssid->wep_key_len[i] > 5) {
432 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
433 wpa_s->group_cipher = WPA_CIPHER_WEP104;
434 break;
435 } else if (ssid->wep_key_len[i] > 0) {
436 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
437 wpa_s->group_cipher = WPA_CIPHER_WEP40;
438 break;
439 }
440 }
441 #endif /* CONFIG_WEP */
442
443 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
444 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
445 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
446 wpa_s->pairwise_cipher);
447 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
448 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
449 wpa_s->mgmt_group_cipher);
450 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, 0);
451
452 pmksa_cache_clear_current(wpa_s->wpa);
453 }
454
455
free_hw_features(struct wpa_supplicant * wpa_s)456 void free_hw_features(struct wpa_supplicant *wpa_s)
457 {
458 int i;
459 if (wpa_s->hw.modes == NULL)
460 return;
461
462 for (i = 0; i < wpa_s->hw.num_modes; i++) {
463 os_free(wpa_s->hw.modes[i].channels);
464 os_free(wpa_s->hw.modes[i].rates);
465 }
466
467 os_free(wpa_s->hw.modes);
468 wpa_s->hw.modes = NULL;
469 }
470
471
remove_bss_tmp_disallowed_entry(struct wpa_supplicant * wpa_s,struct wpa_bss_tmp_disallowed * bss)472 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s,
473 struct wpa_bss_tmp_disallowed *bss)
474 {
475 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
476 dl_list_del(&bss->list);
477 os_free(bss);
478 }
479
480
free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)481 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
482 {
483 struct wpa_bss_tmp_disallowed *bss, *prev;
484
485 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
486 struct wpa_bss_tmp_disallowed, list)
487 remove_bss_tmp_disallowed_entry(wpa_s, bss);
488 }
489
490
wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)491 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
492 {
493 struct fils_hlp_req *req;
494
495 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
496 list)) != NULL) {
497 dl_list_del(&req->list);
498 wpabuf_free(req->pkt);
499 os_free(req);
500 }
501 }
502
503
wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)504 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
505 {
506 struct wpa_supplicant *wpa_s = eloop_ctx;
507
508 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
509 return;
510 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
511 wpa_bss_flush(wpa_s);
512 }
513
514
515 #ifdef CONFIG_TESTING_OPTIONS
wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)516 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
517 {
518 struct driver_signal_override *dso;
519
520 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
521 struct driver_signal_override, list))) {
522 dl_list_del(&dso->list);
523 os_free(dso);
524 }
525 }
526 #endif /* CONFIG_TESTING_OPTIONS */
527
528
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)529 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
530 {
531 int i;
532
533 bgscan_deinit(wpa_s);
534 autoscan_deinit(wpa_s);
535 scard_deinit(wpa_s->scard);
536 wpa_s->scard = NULL;
537 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
538 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
539 l2_packet_deinit(wpa_s->l2);
540 wpa_s->l2 = NULL;
541 if (wpa_s->l2_br) {
542 l2_packet_deinit(wpa_s->l2_br);
543 wpa_s->l2_br = NULL;
544 }
545 #ifdef CONFIG_TESTING_OPTIONS
546 l2_packet_deinit(wpa_s->l2_test);
547 wpa_s->l2_test = NULL;
548 os_free(wpa_s->get_pref_freq_list_override);
549 wpa_s->get_pref_freq_list_override = NULL;
550 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
551 wpa_s->last_assoc_req_wpa_ie = NULL;
552 os_free(wpa_s->extra_sae_rejected_groups);
553 wpa_s->extra_sae_rejected_groups = NULL;
554 wpabuf_free(wpa_s->rsne_override_eapol);
555 wpa_s->rsne_override_eapol = NULL;
556 wpabuf_free(wpa_s->rsnxe_override_assoc);
557 wpa_s->rsnxe_override_assoc = NULL;
558 wpabuf_free(wpa_s->rsnxe_override_eapol);
559 wpa_s->rsnxe_override_eapol = NULL;
560 wpas_clear_driver_signal_override(wpa_s);
561 #endif /* CONFIG_TESTING_OPTIONS */
562
563 if (wpa_s->conf != NULL) {
564 struct wpa_ssid *ssid;
565 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
566 wpas_notify_network_removed(wpa_s, ssid);
567 }
568
569 os_free(wpa_s->confname);
570 wpa_s->confname = NULL;
571
572 os_free(wpa_s->confanother);
573 wpa_s->confanother = NULL;
574
575 os_free(wpa_s->last_con_fail_realm);
576 wpa_s->last_con_fail_realm = NULL;
577 wpa_s->last_con_fail_realm_len = 0;
578
579 wpa_sm_set_eapol(wpa_s->wpa, NULL);
580 eapol_sm_deinit(wpa_s->eapol);
581 wpa_s->eapol = NULL;
582
583 rsn_preauth_deinit(wpa_s->wpa);
584
585 #ifdef CONFIG_TDLS
586 wpa_tdls_deinit(wpa_s->wpa);
587 #endif /* CONFIG_TDLS */
588
589 #ifndef CONFIG_NO_WMM_AC
590 wmm_ac_clear_saved_tspecs(wpa_s);
591 #endif /* ! CONFIG_NO_WMM_AC */
592 pmksa_candidate_free(wpa_s->wpa);
593 ptksa_cache_deinit(wpa_s->ptksa);
594 wpa_s->ptksa = NULL;
595 wpa_sm_deinit(wpa_s->wpa);
596 wpa_s->wpa = NULL;
597 wpa_bssid_ignore_clear(wpa_s);
598
599 #ifdef CONFIG_PASN
600 wpas_pasn_auth_stop(wpa_s);
601 #endif /* CONFIG_PASN */
602
603 wpa_bss_deinit(wpa_s);
604
605 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
606 wpa_supplicant_cancel_scan(wpa_s);
607 wpa_supplicant_cancel_auth_timeout(wpa_s);
608 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
609 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
610 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
611 wpa_s, NULL);
612 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
613
614 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
615 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
616 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL);
617
618 wpas_wps_deinit(wpa_s);
619
620 wpabuf_free(wpa_s->pending_eapol_rx);
621 wpa_s->pending_eapol_rx = NULL;
622
623 #ifdef CONFIG_IBSS_RSN
624 ibss_rsn_deinit(wpa_s->ibss_rsn);
625 wpa_s->ibss_rsn = NULL;
626 #endif /* CONFIG_IBSS_RSN */
627
628 sme_deinit(wpa_s);
629
630 #ifdef CONFIG_AP
631 wpa_supplicant_ap_deinit(wpa_s);
632 #endif /* CONFIG_AP */
633
634 wpas_p2p_deinit(wpa_s);
635
636 #ifdef CONFIG_OFFCHANNEL
637 offchannel_deinit(wpa_s);
638 #endif /* CONFIG_OFFCHANNEL */
639
640 wpa_supplicant_cancel_sched_scan(wpa_s);
641
642 os_free(wpa_s->next_scan_freqs);
643 wpa_s->next_scan_freqs = NULL;
644
645 os_free(wpa_s->manual_scan_freqs);
646 wpa_s->manual_scan_freqs = NULL;
647 os_free(wpa_s->select_network_scan_freqs);
648 wpa_s->select_network_scan_freqs = NULL;
649
650 os_free(wpa_s->manual_sched_scan_freqs);
651 wpa_s->manual_sched_scan_freqs = NULL;
652
653 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
654
655 /*
656 * Need to remove any pending gas-query radio work before the
657 * gas_query_deinit() call because gas_query::work has not yet been set
658 * for works that have not been started. gas_query_free() will be unable
659 * to cancel such pending radio works and once the pending gas-query
660 * radio work eventually gets removed, the deinit notification call to
661 * gas_query_start_cb() would result in dereferencing freed memory.
662 */
663 if (wpa_s->radio)
664 radio_remove_works(wpa_s, "gas-query", 0);
665 gas_query_deinit(wpa_s->gas);
666 wpa_s->gas = NULL;
667 gas_server_deinit(wpa_s->gas_server);
668 wpa_s->gas_server = NULL;
669
670 free_hw_features(wpa_s);
671
672 ieee802_1x_dealloc_kay_sm(wpa_s);
673
674 os_free(wpa_s->bssid_filter);
675 wpa_s->bssid_filter = NULL;
676
677 os_free(wpa_s->disallow_aps_bssid);
678 wpa_s->disallow_aps_bssid = NULL;
679 os_free(wpa_s->disallow_aps_ssid);
680 wpa_s->disallow_aps_ssid = NULL;
681
682 wnm_bss_keep_alive_deinit(wpa_s);
683 wnm_btm_reset(wpa_s);
684
685 ext_password_deinit(wpa_s->ext_pw);
686 wpa_s->ext_pw = NULL;
687
688 wpabuf_free(wpa_s->last_gas_resp);
689 wpa_s->last_gas_resp = NULL;
690 wpabuf_free(wpa_s->prev_gas_resp);
691 wpa_s->prev_gas_resp = NULL;
692
693 os_free(wpa_s->last_scan_res);
694 wpa_s->last_scan_res = NULL;
695
696 #ifdef CONFIG_HS20
697 if (wpa_s->drv_priv)
698 wpa_drv_configure_frame_filters(wpa_s, 0);
699 hs20_deinit(wpa_s);
700 #endif /* CONFIG_HS20 */
701
702 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
703 wpabuf_free(wpa_s->vendor_elem[i]);
704 wpa_s->vendor_elem[i] = NULL;
705 }
706 #ifndef CONFIG_NO_WMM_AC
707 wmm_ac_notify_disassoc(wpa_s);
708 #endif /* ! CONFIG_NO_WMM_AC */
709 wpa_s->sched_scan_plans_num = 0;
710 os_free(wpa_s->sched_scan_plans);
711 wpa_s->sched_scan_plans = NULL;
712
713 #ifdef CONFIG_MBO
714 wpa_s->non_pref_chan_num = 0;
715 os_free(wpa_s->non_pref_chan);
716 wpa_s->non_pref_chan = NULL;
717 #endif /* CONFIG_MBO */
718
719 free_bss_tmp_disallowed(wpa_s);
720
721 wpabuf_free(wpa_s->lci);
722 wpa_s->lci = NULL;
723 #ifndef CONFIG_NO_RRM
724 wpas_clear_beacon_rep_data(wpa_s);
725 #endif /* ! CONFIG_NO_RRM */
726
727 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
728 #ifdef CONFIG_MESH
729 {
730 struct external_pmksa_cache *entry;
731
732 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
733 struct external_pmksa_cache,
734 list)) != NULL) {
735 dl_list_del(&entry->list);
736 os_free(entry->pmksa_cache);
737 os_free(entry);
738 }
739 }
740 #endif /* CONFIG_MESH */
741 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
742
743 wpas_flush_fils_hlp_req(wpa_s);
744
745 wpabuf_free(wpa_s->ric_ies);
746 wpa_s->ric_ies = NULL;
747
748 #ifdef CONFIG_DPP
749 wpas_dpp_deinit(wpa_s);
750 dpp_global_deinit(wpa_s->dpp);
751 wpa_s->dpp = NULL;
752 #endif /* CONFIG_DPP */
753
754 #ifdef CONFIG_PASN
755 wpas_pasn_auth_stop(wpa_s);
756 #endif /* CONFIG_PASN */
757 #ifdef CONFIG_ROBUST_AV
758 wpas_scs_deinit(wpa_s);
759 wpas_dscp_deinit(wpa_s);
760 #endif /* CONFIG_ROBUST_AV */
761 }
762
763
764 /**
765 * wpa_clear_keys - Clear keys configured for the driver
766 * @wpa_s: Pointer to wpa_supplicant data
767 * @addr: Previously used BSSID or %NULL if not available
768 *
769 * This function clears the encryption keys that has been previously configured
770 * for the driver.
771 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)772 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
773 {
774 int i, max = 6;
775
776 /* MLME-DELETEKEYS.request */
777 for (i = 0; i < max; i++) {
778 if (wpa_s->keys_cleared & BIT(i))
779 continue;
780 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
781 NULL, 0, KEY_FLAG_GROUP);
782 }
783 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
784 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
785 !is_zero_ether_addr(addr)) {
786 if (!(wpa_s->keys_cleared & BIT(0)))
787 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0, NULL,
788 0, NULL, 0, KEY_FLAG_PAIRWISE);
789 if (!(wpa_s->keys_cleared & BIT(15)))
790 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0, NULL,
791 0, NULL, 0, KEY_FLAG_PAIRWISE);
792 /* MLME-SETPROTECTION.request(None) */
793 wpa_drv_mlme_setprotection(
794 wpa_s, addr,
795 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
796 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
797 }
798 wpa_s->keys_cleared = (u32) -1;
799 }
800
801
802 /**
803 * wpa_supplicant_state_txt - Get the connection state name as a text string
804 * @state: State (wpa_state; WPA_*)
805 * Returns: The state name as a printable text string
806 */
wpa_supplicant_state_txt(enum wpa_states state)807 const char * wpa_supplicant_state_txt(enum wpa_states state)
808 {
809 switch (state) {
810 case WPA_DISCONNECTED:
811 return "DISCONNECTED";
812 case WPA_INACTIVE:
813 return "INACTIVE";
814 case WPA_INTERFACE_DISABLED:
815 return "INTERFACE_DISABLED";
816 case WPA_SCANNING:
817 return "SCANNING";
818 case WPA_AUTHENTICATING:
819 return "AUTHENTICATING";
820 case WPA_ASSOCIATING:
821 return "ASSOCIATING";
822 case WPA_ASSOCIATED:
823 return "ASSOCIATED";
824 case WPA_4WAY_HANDSHAKE:
825 return "4WAY_HANDSHAKE";
826 case WPA_GROUP_HANDSHAKE:
827 return "GROUP_HANDSHAKE";
828 case WPA_COMPLETED:
829 return "COMPLETED";
830 default:
831 return "UNKNOWN";
832 }
833 }
834
835
836 #ifdef CONFIG_BGSCAN
837
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)838 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
839 {
840 if (wpa_s->bgscan_ssid) {
841 bgscan_deinit(wpa_s);
842 wpa_s->bgscan_ssid = NULL;
843 }
844 }
845
846
847 /**
848 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
849 * @wpa_s: Pointer to the wpa_supplicant data
850 *
851 * Stop, start, or reconfigure the scan parameters depending on the method.
852 */
wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)853 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
854 {
855 const char *name;
856
857 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
858 name = wpa_s->current_ssid->bgscan;
859 else
860 name = wpa_s->conf->bgscan;
861 if (!name || name[0] == '\0') {
862 wpa_supplicant_stop_bgscan(wpa_s);
863 return;
864 }
865 if (wpas_driver_bss_selection(wpa_s))
866 return;
867 #ifdef CONFIG_P2P
868 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
869 return;
870 #endif /* CONFIG_P2P */
871
872 bgscan_deinit(wpa_s);
873 if (wpa_s->current_ssid) {
874 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
875 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
876 "bgscan");
877 /*
878 * Live without bgscan; it is only used as a roaming
879 * optimization, so the initial connection is not
880 * affected.
881 */
882 } else {
883 struct wpa_scan_results *scan_res;
884 wpa_s->bgscan_ssid = wpa_s->current_ssid;
885 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
886 0);
887 if (scan_res) {
888 bgscan_notify_scan(wpa_s, scan_res);
889 wpa_scan_results_free(scan_res);
890 }
891 }
892 } else
893 wpa_s->bgscan_ssid = NULL;
894 }
895
896 #endif /* CONFIG_BGSCAN */
897
898
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)899 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
900 {
901 if (autoscan_init(wpa_s, 0))
902 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
903 }
904
905
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)906 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
907 {
908 autoscan_deinit(wpa_s);
909 }
910
911
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)912 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
913 {
914 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
915 wpa_s->wpa_state == WPA_SCANNING) {
916 autoscan_deinit(wpa_s);
917 wpa_supplicant_start_autoscan(wpa_s);
918 }
919 }
920
wpas_verify_ssid_beacon(void * eloop_ctx,void * timeout_ctx)921 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx)
922 {
923 struct wpa_supplicant *wpa_s = eloop_ctx;
924 struct wpa_bss *bss;
925 const u8 *ssid;
926 size_t ssid_len;
927
928 if (!wpa_s->current_ssid || !wpa_s->current_bss)
929 return;
930
931 ssid = wpa_s->current_bss->ssid;
932 ssid_len = wpa_s->current_bss->ssid_len;
933
934 if (wpa_s->current_ssid->ssid_len &&
935 (wpa_s->current_ssid->ssid_len != ssid_len ||
936 os_memcmp(wpa_s->current_ssid->ssid, ssid, ssid_len) != 0))
937 return;
938
939 if (wpa_s->wpa_state < WPA_4WAY_HANDSHAKE ||
940 !wpa_s->bigtk_set || wpa_s->ssid_verified)
941 return;
942
943 wpa_printf(MSG_DEBUG,
944 "SSID not yet verified; check if the driver has received a verified Beacon frame");
945 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0)
946 return;
947
948 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid);
949 if (!bss)
950 return;
951 wpa_printf(MSG_DEBUG, "The current beacon time stamp: 0x%llx",
952 (long long unsigned int) bss->tsf);
953 if (bss->tsf > wpa_s->first_beacon_tsf) {
954 const u8 *ie;
955
956 wpa_printf(MSG_DEBUG,
957 "Verified Beacon frame has been received");
958 wpa_s->beacons_checked++;
959
960 ie = wpa_bss_get_ie_beacon(bss, WLAN_EID_SSID);
961 if (ie && ie[1] == ssid_len &&
962 os_memcmp(&ie[2], ssid, ssid_len) == 0) {
963 wpa_printf(MSG_DEBUG,
964 "SSID verified based on a Beacon frame and beacon protection");
965 wpa_s->ssid_verified = true;
966 return;
967 }
968
969 /* TODO: Multiple BSSID element */
970 }
971
972 if (wpa_s->beacons_checked < 16)
973 eloop_register_timeout(1, 0, wpas_verify_ssid_beacon,
974 wpa_s, NULL);
975 }
976
977
wpas_verify_ssid_beacon_prot(struct wpa_supplicant * wpa_s)978 static void wpas_verify_ssid_beacon_prot(struct wpa_supplicant *wpa_s)
979 {
980 struct wpa_bss *bss;
981
982 wpa_printf(MSG_DEBUG,
983 "SSID not yet verified; try to verify using beacon protection");
984 /* Fetch the current scan result which is likely based on not yet
985 * verified payload since the current BIGTK was just received. Any
986 * newer update in the future with a larger timestamp value is an
987 * indication that a verified Beacon frame has been received. */
988 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0)
989 return;
990
991 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid);
992 if (!bss)
993 return;
994 wpa_printf(MSG_DEBUG, "The initial beacon time stamp: 0x%llx",
995 (long long unsigned int) bss->tsf);
996 wpa_s->first_beacon_tsf = bss->tsf;
997 wpa_s->beacons_checked = 0;
998 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL);
999 eloop_register_timeout(1, 0, wpas_verify_ssid_beacon, wpa_s, NULL);
1000 }
1001
1002 /**
1003 * wpa_supplicant_set_state - Set current connection state
1004 * @wpa_s: Pointer to wpa_supplicant data
1005 * @state: The new connection state
1006 *
1007 * This function is called whenever the connection state changes, e.g.,
1008 * association is completed for WPA/WPA2 4-Way Handshake is started.
1009 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)1010 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
1011 enum wpa_states state)
1012 {
1013 enum wpa_states old_state = wpa_s->wpa_state;
1014 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1015 bool update_fils_connect_params = false;
1016 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1017
1018 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
1019 wpa_supplicant_state_txt(wpa_s->wpa_state),
1020 wpa_supplicant_state_txt(state));
1021
1022 if (state == WPA_COMPLETED &&
1023 os_reltime_initialized(&wpa_s->roam_start)) {
1024 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
1025 wpa_s->roam_start.sec = 0;
1026 wpa_s->roam_start.usec = 0;
1027 wpas_notify_auth_changed(wpa_s);
1028 wpas_notify_roam_time(wpa_s);
1029 wpas_notify_roam_complete(wpa_s);
1030 } else if (state == WPA_DISCONNECTED &&
1031 os_reltime_initialized(&wpa_s->roam_start)) {
1032 wpa_s->roam_start.sec = 0;
1033 wpa_s->roam_start.usec = 0;
1034 wpa_s->roam_time.sec = 0;
1035 wpa_s->roam_time.usec = 0;
1036 wpas_notify_roam_complete(wpa_s);
1037 }
1038
1039 if (state == WPA_INTERFACE_DISABLED) {
1040 /* Assure normal scan when interface is restored */
1041 wpa_s->normal_scans = 0;
1042 }
1043
1044 if (state == WPA_COMPLETED) {
1045 wpas_connect_work_done(wpa_s);
1046 /* Reinitialize normal_scan counter */
1047 wpa_s->normal_scans = 0;
1048 }
1049
1050 #ifdef CONFIG_P2P
1051 /*
1052 * P2PS client has to reply to Probe Request frames received on the
1053 * group operating channel. Enable Probe Request frame reporting for
1054 * P2P connected client in case p2p_cli_probe configuration property is
1055 * set to 1.
1056 */
1057 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
1058 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
1059 wpa_s->current_ssid->p2p_group) {
1060 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
1061 wpa_dbg(wpa_s, MSG_DEBUG,
1062 "P2P: Enable CLI Probe Request RX reporting");
1063 wpa_s->p2p_cli_probe =
1064 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
1065 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
1066 wpa_dbg(wpa_s, MSG_DEBUG,
1067 "P2P: Disable CLI Probe Request RX reporting");
1068 wpa_s->p2p_cli_probe = 0;
1069 wpa_drv_probe_req_report(wpa_s, 0);
1070 }
1071 }
1072 #endif /* CONFIG_P2P */
1073
1074 if (state != WPA_SCANNING)
1075 wpa_supplicant_notify_scanning(wpa_s, 0);
1076
1077 if (state == WPA_COMPLETED && wpa_s->new_connection) {
1078 struct wpa_ssid *ssid = wpa_s->current_ssid;
1079 int fils_hlp_sent = 0;
1080
1081 #ifdef CONFIG_SME
1082 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1083 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
1084 fils_hlp_sent = 1;
1085 #endif /* CONFIG_SME */
1086 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1087 wpa_auth_alg_fils(wpa_s->auth_alg))
1088 fils_hlp_sent = 1;
1089
1090 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
1091 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1092 MACSTR " completed [id=%d id_str=%s%s]",
1093 MAC2STR(wpa_s->bssid),
1094 ssid ? ssid->id : -1,
1095 ssid && ssid->id_str ? ssid->id_str : "",
1096 fils_hlp_sent ? " FILS_HLP_SENT" : "");
1097 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1098 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1099 wpa_s->consecutive_conn_failures = 0;
1100 wpa_s->new_connection = 0;
1101 wpa_drv_set_operstate(wpa_s, 1);
1102 #ifndef IEEE8021X_EAPOL
1103 wpa_drv_set_supp_port(wpa_s, 1);
1104 #endif /* IEEE8021X_EAPOL */
1105 wpa_s->after_wps = 0;
1106 wpa_s->known_wps_freq = 0;
1107 wpas_p2p_completed(wpa_s);
1108
1109 sme_sched_obss_scan(wpa_s, 1);
1110
1111 #ifdef __ZEPHYR__
1112 supplicant_send_wifi_mgmt_conn_event(wpa_s, 0);
1113 #endif /* __ZEPHYR__ */
1114 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1115 if (!fils_hlp_sent && ssid && ssid->eap.erp)
1116 update_fils_connect_params = true;
1117 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1118 #ifdef CONFIG_OWE
1119 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1120 wpas_update_owe_connect_params(wpa_s);
1121 #endif /* CONFIG_OWE */
1122 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1123 state == WPA_ASSOCIATED) {
1124 wpa_s->new_connection = 1;
1125 wpa_drv_set_operstate(wpa_s, 0);
1126 #ifndef IEEE8021X_EAPOL
1127 wpa_drv_set_supp_port(wpa_s, 0);
1128 #endif /* IEEE8021X_EAPOL */
1129 sme_sched_obss_scan(wpa_s, 0);
1130 }
1131 wpa_s->wpa_state = state;
1132
1133 #ifdef CONFIG_BGSCAN
1134 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1135 wpa_supplicant_reset_bgscan(wpa_s);
1136 else if (state < WPA_ASSOCIATED)
1137 wpa_supplicant_stop_bgscan(wpa_s);
1138 #endif /* CONFIG_BGSCAN */
1139
1140 if (state > WPA_SCANNING)
1141 wpa_supplicant_stop_autoscan(wpa_s);
1142
1143 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1144 wpa_supplicant_start_autoscan(wpa_s);
1145
1146 #ifndef CONFIG_NO_WMM_AC
1147 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1148 wmm_ac_notify_disassoc(wpa_s);
1149 #endif /* ! CONFIG_NO_WMM_AC */
1150 if (wpa_s->wpa_state != old_state) {
1151 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1152
1153 /*
1154 * Notify the P2P Device interface about a state change in one
1155 * of the interfaces.
1156 */
1157 wpas_p2p_indicate_state_change(wpa_s);
1158
1159 if (wpa_s->wpa_state == WPA_COMPLETED ||
1160 old_state == WPA_COMPLETED)
1161 wpas_notify_auth_changed(wpa_s);
1162 #ifdef CONFIG_DPP2
1163 if (wpa_s->wpa_state == WPA_COMPLETED)
1164 wpas_dpp_connected(wpa_s);
1165 #endif /* CONFIG_DPP2 */
1166
1167 if (wpa_s->wpa_state == WPA_COMPLETED &&
1168 wpa_s->bigtk_set && !wpa_s->ssid_verified)
1169 wpas_verify_ssid_beacon_prot(wpa_s);
1170 }
1171 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1172 if (update_fils_connect_params)
1173 wpas_update_fils_connect_params(wpa_s);
1174 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1175 }
1176
1177
wpa_supplicant_terminate_proc(struct wpa_global * global)1178 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1179 {
1180 int pending = 0;
1181 #ifdef CONFIG_WPS
1182 struct wpa_supplicant *wpa_s = global->ifaces;
1183 while (wpa_s) {
1184 struct wpa_supplicant *next = wpa_s->next;
1185 if (wpas_wps_terminate_pending(wpa_s) == 1)
1186 pending = 1;
1187 #ifdef CONFIG_P2P
1188 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1189 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1190 wpas_p2p_disconnect(wpa_s);
1191 #endif /* CONFIG_P2P */
1192 wpa_s = next;
1193 }
1194 #endif /* CONFIG_WPS */
1195 if (pending)
1196 return;
1197 eloop_terminate();
1198 }
1199
1200
wpa_supplicant_terminate(int sig,void * signal_ctx)1201 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1202 {
1203 struct wpa_global *global = signal_ctx;
1204 wpa_supplicant_terminate_proc(global);
1205 }
1206
1207
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1208 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1209 {
1210 enum wpa_states old_state = wpa_s->wpa_state;
1211 enum wpa_states new_state;
1212
1213 if (old_state == WPA_SCANNING)
1214 new_state = WPA_SCANNING;
1215 else
1216 new_state = WPA_DISCONNECTED;
1217
1218 wpa_s->pairwise_cipher = 0;
1219 wpa_s->group_cipher = 0;
1220 wpa_s->mgmt_group_cipher = 0;
1221 wpa_s->key_mgmt = 0;
1222 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1223 wpa_supplicant_set_state(wpa_s, new_state);
1224
1225 if (wpa_s->wpa_state != old_state)
1226 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1227 }
1228
1229
1230 /**
1231 * wpa_supplicant_reload_configuration - Reload configuration data
1232 * @wpa_s: Pointer to wpa_supplicant data
1233 * Returns: 0 on success or -1 if configuration parsing failed
1234 *
1235 * This function can be used to request that the configuration data is reloaded
1236 * (e.g., after configuration file change). This function is reloading
1237 * configuration only for one interface, so this may need to be called multiple
1238 * times if %wpa_supplicant is controlling multiple interfaces and all
1239 * interfaces need reconfiguration.
1240 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1241 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1242 {
1243 struct wpa_config *conf;
1244 int reconf_ctrl;
1245 int old_ap_scan;
1246
1247 if (wpa_s->confname == NULL)
1248 return -1;
1249 conf = wpa_config_read(wpa_s->confname, NULL, false);
1250 if (conf == NULL) {
1251 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1252 "file '%s' - exiting", wpa_s->confname);
1253 return -1;
1254 }
1255 if (wpa_s->confanother &&
1256 !wpa_config_read(wpa_s->confanother, conf, true)) {
1257 wpa_msg(wpa_s, MSG_ERROR,
1258 "Failed to parse the configuration file '%s' - exiting",
1259 wpa_s->confanother);
1260 os_free(conf);
1261 return -1;
1262 }
1263
1264 conf->changed_parameters = (unsigned int) -1;
1265
1266 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1267 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1268 os_strcmp(conf->ctrl_interface,
1269 wpa_s->conf->ctrl_interface) != 0);
1270
1271 if (reconf_ctrl) {
1272 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1273 wpa_s->ctrl_iface = NULL;
1274 }
1275
1276 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1277 if (wpa_s->current_ssid) {
1278 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1279 wpa_s->own_disconnect_req = 1;
1280 wpa_supplicant_deauthenticate(wpa_s,
1281 WLAN_REASON_DEAUTH_LEAVING);
1282 }
1283
1284 /*
1285 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1286 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1287 */
1288 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1289 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1290 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1291 /*
1292 * Clear forced success to clear EAP state for next
1293 * authentication.
1294 */
1295 eapol_sm_notify_eap_success(wpa_s->eapol, false);
1296 }
1297 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1298 wpa_sm_set_config(wpa_s->wpa, NULL);
1299 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1300 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1301 rsn_preauth_deinit(wpa_s->wpa);
1302
1303 old_ap_scan = wpa_s->conf->ap_scan;
1304 wpa_config_free(wpa_s->conf);
1305 wpa_s->conf = conf;
1306 if (old_ap_scan != wpa_s->conf->ap_scan)
1307 wpas_notify_ap_scan_changed(wpa_s);
1308
1309 if (reconf_ctrl)
1310 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1311
1312 wpa_supplicant_update_config(wpa_s);
1313
1314 wpa_supplicant_clear_status(wpa_s);
1315 if (wpa_supplicant_enabled_networks(wpa_s)) {
1316 wpa_s->reassociate = 1;
1317 wpa_supplicant_req_scan(wpa_s, 0, 0);
1318 }
1319 wpa_bssid_ignore_clear(wpa_s);
1320 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1321 return 0;
1322 }
1323
1324
wpa_supplicant_reconfig(int sig,void * signal_ctx)1325 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1326 {
1327 struct wpa_global *global = signal_ctx;
1328 struct wpa_supplicant *wpa_s;
1329 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1330 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1331 sig);
1332 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1333 wpa_supplicant_terminate_proc(global);
1334 }
1335 }
1336
1337 if (wpa_debug_reopen_file() < 0) {
1338 /* Ignore errors since we cannot really do much to fix this */
1339 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1340 }
1341 }
1342
1343
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1344 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1345 struct wpa_ssid *ssid,
1346 struct wpa_ie_data *ie)
1347 {
1348 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1349 if (ret) {
1350 if (ret == -2) {
1351 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1352 "from association info");
1353 }
1354 return -1;
1355 }
1356
1357 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1358 "cipher suites");
1359 if (!(ie->group_cipher & ssid->group_cipher)) {
1360 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1361 "cipher 0x%x (mask 0x%x) - reject",
1362 ie->group_cipher, ssid->group_cipher);
1363 return -1;
1364 }
1365 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1366 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1367 "cipher 0x%x (mask 0x%x) - reject",
1368 ie->pairwise_cipher, ssid->pairwise_cipher);
1369 return -1;
1370 }
1371 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1372 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1373 "management 0x%x (mask 0x%x) - reject",
1374 ie->key_mgmt, ssid->key_mgmt);
1375 return -1;
1376 }
1377
1378 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1379 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1380 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1381 "that does not support management frame protection - "
1382 "reject");
1383 return -1;
1384 }
1385
1386 return 0;
1387 }
1388
1389
matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1390 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1391 int freq)
1392 {
1393 if (!ie->has_group)
1394 ie->group_cipher = wpa_default_rsn_cipher(freq);
1395 if (!ie->has_pairwise)
1396 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1397 return (ie->group_cipher & ssid->group_cipher) &&
1398 (ie->pairwise_cipher & ssid->pairwise_cipher);
1399 }
1400
1401
wpas_set_mgmt_group_cipher(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1402 void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
1403 struct wpa_ssid *ssid, struct wpa_ie_data *ie)
1404 {
1405 int sel;
1406
1407 sel = ie->mgmt_group_cipher;
1408 if (ssid->group_mgmt_cipher)
1409 sel &= ssid->group_mgmt_cipher;
1410 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1411 !(ie->capabilities & WPA_CAPABILITY_MFPC))
1412 sel = 0;
1413 wpa_dbg(wpa_s, MSG_DEBUG,
1414 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1415 ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1416 if (sel & WPA_CIPHER_AES_128_CMAC) {
1417 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1418 wpa_dbg(wpa_s, MSG_DEBUG,
1419 "WPA: using MGMT group cipher AES-128-CMAC");
1420 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1421 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1422 wpa_dbg(wpa_s, MSG_DEBUG,
1423 "WPA: using MGMT group cipher BIP-GMAC-128");
1424 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1425 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1426 wpa_dbg(wpa_s, MSG_DEBUG,
1427 "WPA: using MGMT group cipher BIP-GMAC-256");
1428 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1429 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1430 wpa_dbg(wpa_s, MSG_DEBUG,
1431 "WPA: using MGMT group cipher BIP-CMAC-256");
1432 } else {
1433 wpa_s->mgmt_group_cipher = 0;
1434 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1435 }
1436 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1437 wpa_s->mgmt_group_cipher);
1438 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1439 wpas_get_ssid_pmf(wpa_s, ssid));
1440 }
1441
1442 /**
1443 * wpa_supplicant_get_psk - Get PSK from config or external database
1444 * @wpa_s: Pointer to wpa_supplicant data
1445 * @bss: Scan results for the selected BSS, or %NULL if not available
1446 * @ssid: Configuration data for the selected network
1447 * @psk: Buffer for the PSK
1448 * Returns: 0 on success or -1 if configuration parsing failed
1449 *
1450 * This function obtains the PSK for a network, either included inline in the
1451 * config or retrieved from an external database.
1452 */
wpa_supplicant_get_psk(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * psk)1453 static int wpa_supplicant_get_psk(struct wpa_supplicant *wpa_s,
1454 struct wpa_bss *bss, struct wpa_ssid *ssid,
1455 u8 *psk)
1456 {
1457 if (ssid->psk_set) {
1458 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1459 ssid->psk, PMK_LEN);
1460 os_memcpy(psk, ssid->psk, PMK_LEN);
1461 return 0;
1462 }
1463
1464 #ifndef CONFIG_NO_PBKDF2
1465 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && ssid->passphrase) {
1466 if (pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1467 4096, psk, PMK_LEN) != 0) {
1468 wpa_msg(wpa_s, MSG_WARNING, "Error in pbkdf2_sha1()");
1469 return -1;
1470 }
1471 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1472 psk, PMK_LEN);
1473 return 0;
1474 }
1475 #endif /* CONFIG_NO_PBKDF2 */
1476
1477 #ifdef CONFIG_EXT_PASSWORD
1478 if (ssid->ext_psk) {
1479 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1480 ssid->ext_psk);
1481 char pw_str[64 + 1];
1482
1483 if (!pw) {
1484 wpa_msg(wpa_s, MSG_INFO,
1485 "EXT PW: No PSK found from external storage");
1486 return -1;
1487 }
1488
1489 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1490 wpa_msg(wpa_s, MSG_INFO,
1491 "EXT PW: Unexpected PSK length %d in external storage",
1492 (int) wpabuf_len(pw));
1493 ext_password_free(pw);
1494 return -1;
1495 }
1496
1497 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1498 pw_str[wpabuf_len(pw)] = '\0';
1499
1500 #ifndef CONFIG_NO_PBKDF2
1501 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1502 {
1503 if (pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1504 4096, psk, PMK_LEN) != 0) {
1505 wpa_msg(wpa_s, MSG_WARNING,
1506 "Error in pbkdf2_sha1()");
1507 forced_memzero(pw_str, sizeof(pw_str));
1508 ext_password_free(pw);
1509 return -1;
1510 }
1511 wpa_hexdump_key(MSG_MSGDUMP,
1512 "PSK (from external passphrase)",
1513 psk, PMK_LEN);
1514 } else
1515 #endif /* CONFIG_NO_PBKDF2 */
1516 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1517 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1518 wpa_msg(wpa_s, MSG_INFO,
1519 "EXT PW: Invalid PSK hex string");
1520 forced_memzero(pw_str, sizeof(pw_str));
1521 ext_password_free(pw);
1522 return -1;
1523 }
1524 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from external PSK)",
1525 psk, PMK_LEN);
1526 } else {
1527 wpa_msg(wpa_s, MSG_INFO,
1528 "EXT PW: No suitable PSK available");
1529 forced_memzero(pw_str, sizeof(pw_str));
1530 ext_password_free(pw);
1531 return -1;
1532 }
1533
1534 forced_memzero(pw_str, sizeof(pw_str));
1535 ext_password_free(pw);
1536
1537 return 0;
1538 }
1539 #endif /* CONFIG_EXT_PASSWORD */
1540
1541 return -1;
1542 }
1543
1544
wpas_update_allowed_key_mgmt(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)1545 static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s,
1546 struct wpa_ssid *ssid)
1547 {
1548 int akm_count = wpa_s->max_num_akms;
1549 u8 capab = 0;
1550
1551 if (akm_count < 2)
1552 return;
1553
1554 akm_count--;
1555 wpa_s->allowed_key_mgmts = 0;
1556 switch (wpa_s->key_mgmt) {
1557 case WPA_KEY_MGMT_PSK:
1558 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1559 akm_count--;
1560 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1561 }
1562 if (!akm_count)
1563 break;
1564 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1565 akm_count--;
1566 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1567 }
1568 if (!akm_count)
1569 break;
1570 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1571 wpa_s->allowed_key_mgmts |=
1572 WPA_KEY_MGMT_PSK_SHA256;
1573 break;
1574 case WPA_KEY_MGMT_PSK_SHA256:
1575 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1576 akm_count--;
1577 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1578 }
1579 if (!akm_count)
1580 break;
1581 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1582 akm_count--;
1583 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1584 }
1585 if (!akm_count)
1586 break;
1587 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
1588 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1589 break;
1590 case WPA_KEY_MGMT_SAE:
1591 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1592 akm_count--;
1593 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1594 }
1595 if (!akm_count)
1596 break;
1597 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1598 akm_count--;
1599 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1600 }
1601 if (!akm_count)
1602 break;
1603 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1604 wpa_s->allowed_key_mgmts |=
1605 WPA_KEY_MGMT_PSK_SHA256;
1606 break;
1607 case WPA_KEY_MGMT_SAE_EXT_KEY:
1608 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1609 akm_count--;
1610 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1611 }
1612 if (!akm_count)
1613 break;
1614 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1615 akm_count--;
1616 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1617 }
1618 if (!akm_count)
1619 break;
1620 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1621 wpa_s->allowed_key_mgmts |=
1622 WPA_KEY_MGMT_PSK_SHA256;
1623 break;
1624 default:
1625 return;
1626 }
1627
1628 if (wpa_s->conf->sae_pwe != SAE_PWE_HUNT_AND_PECK &&
1629 wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
1630 capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
1631 #ifdef CONFIG_SAE_PK
1632 if (ssid->sae_pk)
1633 capab |= BIT(WLAN_RSNX_CAPAB_SAE_PK);
1634 #endif /* CONFIG_SAE_PK */
1635
1636 if (!((wpa_s->allowed_key_mgmts &
1637 (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY)) && capab))
1638 return;
1639
1640 if (!wpa_s->rsnxe_len) {
1641 wpa_s->rsnxe_len = 3;
1642 wpa_s->rsnxe[0] = WLAN_EID_RSNX;
1643 wpa_s->rsnxe[1] = 1;
1644 wpa_s->rsnxe[2] = 0;
1645 }
1646
1647 wpa_s->rsnxe[2] |= capab;
1648 }
1649
1650 /**
1651 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1652 * @wpa_s: Pointer to wpa_supplicant data
1653 * @bss: Scan results for the selected BSS, or %NULL if not available
1654 * @ssid: Configuration data for the selected network
1655 * @wpa_ie: Buffer for the WPA/RSN IE
1656 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1657 * used buffer length in case the functions returns success.
1658 * @skip_default_rsne: Whether to skip setting of the default RSNE/RSNXE
1659 * Returns: 0 on success or -1 on failure
1660 *
1661 * This function is used to configure authentication and encryption parameters
1662 * based on the network configuration and scan result for the selected BSS (if
1663 * available).
1664 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len,bool skip_default_rsne)1665 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1666 struct wpa_bss *bss, struct wpa_ssid *ssid,
1667 u8 *wpa_ie, size_t *wpa_ie_len,
1668 bool skip_default_rsne)
1669 {
1670 struct wpa_ie_data ie;
1671 int sel, proto;
1672 enum sae_pwe sae_pwe;
1673 const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1674 bool wmm;
1675
1676 if (bss) {
1677 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1678 bss_rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false);
1679 bss_rsnx = wpa_bss_get_rsnxe(wpa_s, bss, ssid, false);
1680 bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1681 } else {
1682 bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1683 }
1684
1685 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1686 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1687 matching_ciphers(ssid, &ie, bss->freq) &&
1688 (ie.key_mgmt & ssid->key_mgmt)) {
1689 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1690 proto = WPA_PROTO_RSN;
1691 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1692 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1693 (ie.group_cipher & ssid->group_cipher) &&
1694 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1695 (ie.key_mgmt & ssid->key_mgmt)) {
1696 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1697 proto = WPA_PROTO_WPA;
1698 #ifdef CONFIG_HS20
1699 } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1700 wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1701 (ie.group_cipher & ssid->group_cipher) &&
1702 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1703 (ie.key_mgmt & ssid->key_mgmt)) {
1704 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1705 proto = WPA_PROTO_OSEN;
1706 } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1707 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1708 (ie.group_cipher & ssid->group_cipher) &&
1709 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1710 (ie.key_mgmt & ssid->key_mgmt)) {
1711 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1712 proto = WPA_PROTO_RSN;
1713 #endif /* CONFIG_HS20 */
1714 } else if (bss) {
1715 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1716 wpa_dbg(wpa_s, MSG_DEBUG,
1717 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1718 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1719 ssid->key_mgmt);
1720 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1721 MAC2STR(bss->bssid),
1722 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1723 bss_wpa ? " WPA" : "",
1724 bss_rsn ? " RSN" : "",
1725 bss_osen ? " OSEN" : "");
1726 if (bss_rsn) {
1727 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1728 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1729 wpa_dbg(wpa_s, MSG_DEBUG,
1730 "Could not parse RSN element");
1731 } else {
1732 wpa_dbg(wpa_s, MSG_DEBUG,
1733 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1734 ie.pairwise_cipher, ie.group_cipher,
1735 ie.key_mgmt);
1736 }
1737 }
1738 if (bss_wpa) {
1739 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1740 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1741 wpa_dbg(wpa_s, MSG_DEBUG,
1742 "Could not parse WPA element");
1743 } else {
1744 wpa_dbg(wpa_s, MSG_DEBUG,
1745 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1746 ie.pairwise_cipher, ie.group_cipher,
1747 ie.key_mgmt);
1748 }
1749 }
1750 return -1;
1751 } else {
1752 if (ssid->proto & WPA_PROTO_OSEN)
1753 proto = WPA_PROTO_OSEN;
1754 else if (ssid->proto & WPA_PROTO_RSN)
1755 proto = WPA_PROTO_RSN;
1756 else
1757 proto = WPA_PROTO_WPA;
1758 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1759 os_memset(&ie, 0, sizeof(ie));
1760 ie.group_cipher = ssid->group_cipher;
1761 ie.pairwise_cipher = ssid->pairwise_cipher;
1762 ie.key_mgmt = ssid->key_mgmt;
1763 ie.mgmt_group_cipher = 0;
1764 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1765 if (ssid->group_mgmt_cipher &
1766 WPA_CIPHER_BIP_GMAC_256)
1767 ie.mgmt_group_cipher =
1768 WPA_CIPHER_BIP_GMAC_256;
1769 else if (ssid->group_mgmt_cipher &
1770 WPA_CIPHER_BIP_CMAC_256)
1771 ie.mgmt_group_cipher =
1772 WPA_CIPHER_BIP_CMAC_256;
1773 else if (ssid->group_mgmt_cipher &
1774 WPA_CIPHER_BIP_GMAC_128)
1775 ie.mgmt_group_cipher =
1776 WPA_CIPHER_BIP_GMAC_128;
1777 else
1778 ie.mgmt_group_cipher =
1779 WPA_CIPHER_AES_128_CMAC;
1780 }
1781 #ifdef CONFIG_OWE
1782 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1783 !ssid->owe_only &&
1784 !bss_wpa && !bss_rsn && !bss_osen) {
1785 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1786 wpa_s->wpa_proto = 0;
1787 *wpa_ie_len = 0;
1788 return 0;
1789 }
1790 #endif /* CONFIG_OWE */
1791 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1792 "based on configuration");
1793 } else
1794 proto = ie.proto;
1795 }
1796
1797 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1798 "pairwise %d key_mgmt %d proto %d",
1799 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1800 if (ssid->ieee80211w) {
1801 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1802 ie.mgmt_group_cipher);
1803 }
1804
1805 wpa_s->wpa_proto = proto;
1806 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1807 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1808 !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1809
1810 if (bss || !wpa_s->ap_ies_from_associnfo) {
1811 const u8 *rsnoe = NULL, *rsno2e = NULL, *rsnxoe = NULL;
1812
1813 if (bss) {
1814 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1815 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1816 rsnoe = wpa_bss_get_vendor_ie(
1817 bss, RSNE_OVERRIDE_IE_VENDOR_TYPE);
1818 rsno2e = wpa_bss_get_vendor_ie(
1819 bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE);
1820 rsnxoe = wpa_bss_get_vendor_ie(
1821 bss, RSNXE_OVERRIDE_IE_VENDOR_TYPE);
1822 }
1823
1824 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1825 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1826 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1827 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1828 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1829 bss_rsnx ? 2 + bss_rsnx[1] : 0) ||
1830 wpa_sm_set_ap_rsne_override(wpa_s->wpa, rsnoe,
1831 rsnoe ? 2 + rsnoe[1] : 0) ||
1832 wpa_sm_set_ap_rsne_override_2(wpa_s->wpa, rsno2e,
1833 rsno2e ? 2 + rsno2e[1] : 0) ||
1834 wpa_sm_set_ap_rsnxe_override(wpa_s->wpa, rsnxoe,
1835 rsnxoe ? 2 + rsnxoe[1] : 0))
1836 return -1;
1837 }
1838
1839 #ifdef CONFIG_NO_WPA
1840 wpa_s->group_cipher = WPA_CIPHER_NONE;
1841 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1842 #else /* CONFIG_NO_WPA */
1843 sel = ie.group_cipher & ssid->group_cipher;
1844 wpa_dbg(wpa_s, MSG_DEBUG,
1845 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1846 ie.group_cipher, ssid->group_cipher, sel);
1847 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1848 if (wpa_s->group_cipher < 0) {
1849 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1850 "cipher");
1851 return -1;
1852 }
1853 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1854 wpa_cipher_txt(wpa_s->group_cipher));
1855
1856 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1857 wpa_dbg(wpa_s, MSG_DEBUG,
1858 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1859 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1860 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1861 if (wpa_s->pairwise_cipher < 0) {
1862 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1863 "cipher");
1864 return -1;
1865 }
1866 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1867 wpa_cipher_txt(wpa_s->pairwise_cipher));
1868 #endif /* CONFIG_NO_WPA */
1869
1870 sel = ie.key_mgmt & ssid->key_mgmt;
1871 #ifdef CONFIG_SAE
1872 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) &&
1873 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA)) ||
1874 wpas_is_sae_avoided(wpa_s, ssid, &ie))
1875 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY |
1876 WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY);
1877 #endif /* CONFIG_SAE */
1878 #ifdef CONFIG_IEEE80211R
1879 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1880 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1881 sel &= ~WPA_KEY_MGMT_FT;
1882 #endif /* CONFIG_IEEE80211R */
1883 wpa_dbg(wpa_s, MSG_DEBUG,
1884 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1885 ie.key_mgmt, ssid->key_mgmt, sel);
1886 if (0) {
1887 #ifdef CONFIG_IEEE80211R
1888 #ifdef CONFIG_SHA384
1889 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1890 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1891 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1892 wpa_dbg(wpa_s, MSG_DEBUG,
1893 "WPA: using KEY_MGMT FT/802.1X-SHA384");
1894 if (!ssid->ft_eap_pmksa_caching &&
1895 pmksa_cache_get_current(wpa_s->wpa)) {
1896 /* PMKSA caching with FT may have interoperability
1897 * issues, so disable that case by default for now. */
1898 wpa_dbg(wpa_s, MSG_DEBUG,
1899 "WPA: Disable PMKSA caching for FT/802.1X connection");
1900 pmksa_cache_clear_current(wpa_s->wpa);
1901 }
1902 #endif /* CONFIG_SHA384 */
1903 #endif /* CONFIG_IEEE80211R */
1904 #ifdef CONFIG_SUITEB192
1905 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1906 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1907 wpa_dbg(wpa_s, MSG_DEBUG,
1908 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1909 #endif /* CONFIG_SUITEB192 */
1910 #ifdef CONFIG_SUITEB
1911 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1912 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1913 wpa_dbg(wpa_s, MSG_DEBUG,
1914 "WPA: using KEY_MGMT 802.1X with Suite B");
1915 #endif /* CONFIG_SUITEB */
1916 #ifdef CONFIG_SHA384
1917 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA384) {
1918 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA384;
1919 wpa_dbg(wpa_s, MSG_DEBUG,
1920 "WPA: using KEY_MGMT 802.1X with SHA384");
1921 #endif /* CONFIG_SHA384 */
1922 #ifdef CONFIG_FILS
1923 #ifdef CONFIG_IEEE80211R
1924 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1925 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1926 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1927 #endif /* CONFIG_IEEE80211R */
1928 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1929 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1930 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1931 #ifdef CONFIG_IEEE80211R
1932 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1933 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1934 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1935 #endif /* CONFIG_IEEE80211R */
1936 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1937 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1938 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1939 #endif /* CONFIG_FILS */
1940 #ifdef CONFIG_IEEE80211R
1941 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1942 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1943 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1944 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1945 if (!ssid->ft_eap_pmksa_caching &&
1946 pmksa_cache_get_current(wpa_s->wpa)) {
1947 /* PMKSA caching with FT may have interoperability
1948 * issues, so disable that case by default for now. */
1949 wpa_dbg(wpa_s, MSG_DEBUG,
1950 "WPA: Disable PMKSA caching for FT/802.1X connection");
1951 pmksa_cache_clear_current(wpa_s->wpa);
1952 }
1953 #endif /* CONFIG_IEEE80211R */
1954 #ifdef CONFIG_DPP
1955 } else if (sel & WPA_KEY_MGMT_DPP) {
1956 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1957 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1958 #endif /* CONFIG_DPP */
1959 #ifdef CONFIG_SAE
1960 } else if (sel & WPA_KEY_MGMT_FT_SAE_EXT_KEY) {
1961 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY;
1962 wpa_dbg(wpa_s, MSG_DEBUG,
1963 "RSN: using KEY_MGMT FT/SAE (ext key)");
1964 } else if (sel & WPA_KEY_MGMT_SAE_EXT_KEY) {
1965 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
1966 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE (ext key)");
1967 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1968 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1969 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1970 } else if (sel & WPA_KEY_MGMT_SAE) {
1971 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1972 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1973 #endif /* CONFIG_SAE */
1974 #ifdef CONFIG_IEEE80211R
1975 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1976 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1977 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1978 #endif /* CONFIG_IEEE80211R */
1979 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1980 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1981 wpa_dbg(wpa_s, MSG_DEBUG,
1982 "WPA: using KEY_MGMT 802.1X with SHA256");
1983 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1984 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1985 wpa_dbg(wpa_s, MSG_DEBUG,
1986 "WPA: using KEY_MGMT PSK with SHA256");
1987 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1988 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1989 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1990 } else if (sel & WPA_KEY_MGMT_PSK) {
1991 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1992 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1993 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1994 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1995 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1996 #ifdef CONFIG_HS20
1997 } else if (sel & WPA_KEY_MGMT_OSEN) {
1998 wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1999 wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
2000 #endif /* CONFIG_HS20 */
2001 #ifdef CONFIG_OWE
2002 } else if (sel & WPA_KEY_MGMT_OWE) {
2003 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
2004 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
2005 #endif /* CONFIG_OWE */
2006 } else {
2007 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
2008 "authenticated key management type");
2009 return -1;
2010 }
2011
2012 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
2013 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
2014 wpa_s->pairwise_cipher);
2015 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
2016
2017 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
2018 (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED ||
2019 (bss && is_6ghz_freq(bss->freq)))) {
2020 wpa_msg(wpa_s, MSG_INFO,
2021 "RSN: Management frame protection required but the selected AP does not enable it");
2022 return -1;
2023 }
2024
2025 wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie);
2026 #ifdef CONFIG_OCV
2027 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
2028 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
2029 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
2030 #endif /* CONFIG_OCV */
2031 sae_pwe = wpa_s->conf->sae_pwe;
2032 if ((ssid->sae_password_id ||
2033 wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) &&
2034 sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
2035 sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
2036 if (bss && is_6ghz_freq(bss->freq) &&
2037 sae_pwe == SAE_PWE_HUNT_AND_PECK) {
2038 wpa_dbg(wpa_s, MSG_DEBUG,
2039 "RSN: Enable SAE hash-to-element mode for 6 GHz BSS");
2040 sae_pwe = SAE_PWE_BOTH;
2041 }
2042 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
2043 #ifdef CONFIG_SAE_PK
2044 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
2045 wpa_key_mgmt_sae(ssid->key_mgmt) &&
2046 ssid->sae_pk != SAE_PK_MODE_DISABLED &&
2047 ((ssid->sae_password &&
2048 sae_pk_valid_password(ssid->sae_password)) ||
2049 (!ssid->sae_password && ssid->passphrase &&
2050 sae_pk_valid_password(ssid->passphrase))));
2051 #endif /* CONFIG_SAE_PK */
2052 if (bss && is_6ghz_freq(bss->freq) &&
2053 wpas_get_ssid_pmf(wpa_s, ssid) != MGMT_FRAME_PROTECTION_REQUIRED) {
2054 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Force MFPR=1 on 6 GHz");
2055 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
2056 MGMT_FRAME_PROTECTION_REQUIRED);
2057 }
2058 #ifdef CONFIG_TESTING_OPTIONS
2059 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
2060 wpa_s->ft_rsnxe_used);
2061 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
2062 wpa_s->oci_freq_override_eapol);
2063 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
2064 wpa_s->oci_freq_override_eapol_g2);
2065 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
2066 wpa_s->oci_freq_override_ft_assoc);
2067 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
2068 wpa_s->oci_freq_override_fils_assoc);
2069 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DISABLE_EAPOL_G2_TX,
2070 wpa_s->disable_eapol_g2_tx);
2071 #endif /* CONFIG_TESTING_OPTIONS */
2072
2073 /* Extended Key ID is only supported in infrastructure BSS so far */
2074 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
2075 (ssid->proto & WPA_PROTO_RSN) &&
2076 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
2077 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
2078 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
2079 int use_ext_key_id = 0;
2080
2081 wpa_msg(wpa_s, MSG_DEBUG,
2082 "WPA: Enable Extended Key ID support");
2083 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
2084 wpa_s->conf->extended_key_id);
2085 if (bss_rsn &&
2086 wpa_s->conf->extended_key_id &&
2087 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
2088 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
2089 use_ext_key_id = 1;
2090 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
2091 use_ext_key_id);
2092 } else {
2093 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
2094 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
2095 }
2096
2097 /* Mark WMM enabled for any HT/VHT/HE/EHT association to get more
2098 * appropriate advertisement of the supported number of PTKSA receive
2099 * counters. In theory, this could be based on a driver capability, but
2100 * in practice all cases using WMM support at least eight replay
2101 * counters, so use a hardcoded value for now since there is no explicit
2102 * driver capability indication for this.
2103 *
2104 * In addition, claim WMM to be enabled if the AP supports it since it
2105 * is far more likely for any current device to support WMM. */
2106 wmm = wpa_s->connection_set &&
2107 (wpa_s->connection_ht || wpa_s->connection_vht ||
2108 wpa_s->connection_he || wpa_s->connection_eht);
2109 if (!wmm && bss)
2110 wmm = !!wpa_bss_get_vendor_ie(bss, WMM_IE_VENDOR_TYPE);
2111 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_WMM_ENABLED, wmm);
2112
2113 if (ssid->ssid_protection && proto == WPA_PROTO_RSN) {
2114 bool ssid_prot;
2115
2116 /* Enable SSID protection based on the AP advertising support
2117 * for it to avoid potential interoperability issues with
2118 * incorrect AP behavior if we were to send an "unexpected"
2119 * RSNXE with multiple octets of payload. */
2120 ssid_prot = ieee802_11_rsnx_capab(
2121 bss_rsnx, WLAN_RSNX_CAPAB_SSID_PROTECTION);
2122 if (!skip_default_rsne)
2123 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION,
2124 proto == WPA_PROTO_RSN && ssid_prot);
2125 } else {
2126 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, false);
2127 }
2128
2129 if (!skip_default_rsne) {
2130 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie,
2131 wpa_ie_len)) {
2132 wpa_msg(wpa_s, MSG_WARNING,
2133 "RSN: Failed to generate RSNE/WPA IE");
2134 return -1;
2135 }
2136
2137 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
2138 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
2139 &wpa_s->rsnxe_len)) {
2140 wpa_msg(wpa_s, MSG_WARNING,
2141 "RSN: Failed to generate RSNXE");
2142 return -1;
2143 }
2144 }
2145
2146 if (0) {
2147 #ifdef CONFIG_DPP
2148 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
2149 /* Use PMK from DPP network introduction (PMKSA entry) */
2150 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2151 #ifdef CONFIG_DPP2
2152 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
2153 #endif /* CONFIG_DPP2 */
2154 #endif /* CONFIG_DPP */
2155 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
2156 int psk_set = 0;
2157
2158 if (wpa_key_mgmt_wpa_psk_no_sae(ssid->key_mgmt)) {
2159 u8 psk[PMK_LEN];
2160
2161 if (wpa_supplicant_get_psk(wpa_s, bss, ssid,
2162 psk) == 0) {
2163 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
2164 NULL);
2165 psk_set = 1;
2166 }
2167 forced_memzero(psk, sizeof(psk));
2168 }
2169
2170 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
2171 (ssid->sae_password || ssid->passphrase || ssid->ext_psk))
2172 psk_set = 1;
2173
2174 if (!psk_set) {
2175 wpa_msg(wpa_s, MSG_INFO,
2176 "No PSK available for association");
2177 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE", NULL);
2178 return -1;
2179 }
2180 #ifdef CONFIG_OWE
2181 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
2182 /* OWE Diffie-Hellman exchange in (Re)Association
2183 * Request/Response frames set the PMK, so do not override it
2184 * here. */
2185 #endif /* CONFIG_OWE */
2186 } else
2187 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2188
2189 if (ssid->mode != WPAS_MODE_IBSS &&
2190 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
2191 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
2192 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
2193 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
2194 wpa_msg(wpa_s, MSG_INFO,
2195 "Disable PTK0 rekey support - replaced with reconnect");
2196 wpa_s->deny_ptk0_rekey = 1;
2197 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
2198 } else {
2199 wpa_s->deny_ptk0_rekey = 0;
2200 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
2201 }
2202
2203 if (wpa_key_mgmt_cross_akm(wpa_s->key_mgmt) &&
2204 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
2205 wpas_update_allowed_key_mgmt(wpa_s, ssid);
2206
2207 return 0;
2208 }
2209
2210
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx,struct wpa_bss * bss)2211 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx,
2212 struct wpa_bss *bss)
2213 {
2214 #ifndef CONFIG_NO_ROBUST_AV
2215 bool scs = true, mscs = true;
2216 #endif /* CONFIG_NO_ROBUST_AV */
2217
2218 *pos = 0x00;
2219
2220 switch (idx) {
2221 case 0: /* Bits 0-7 */
2222 break;
2223 case 1: /* Bits 8-15 */
2224 if (wpa_s->conf->coloc_intf_reporting) {
2225 /* Bit 13 - Collocated Interference Reporting */
2226 *pos |= 0x20;
2227 }
2228 break;
2229 case 2: /* Bits 16-23 */
2230 #ifdef CONFIG_WNM
2231 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2232 if ((wpas_driver_bss_selection(wpa_s) ||
2233 !wpa_s->disable_mbo_oce) &&
2234 !wpa_s->conf->disable_btm)
2235 *pos |= 0x08; /* Bit 19 - BSS Transition */
2236 #endif /* CONFIG_WNM */
2237 break;
2238 case 3: /* Bits 24-31 */
2239 #ifdef CONFIG_WNM
2240 *pos |= 0x02; /* Bit 25 - SSID List */
2241 #endif /* CONFIG_WNM */
2242 #ifdef CONFIG_INTERWORKING
2243 if (wpa_s->conf->interworking)
2244 *pos |= 0x80; /* Bit 31 - Interworking */
2245 #endif /* CONFIG_INTERWORKING */
2246 break;
2247 case 4: /* Bits 32-39 */
2248 #ifdef CONFIG_INTERWORKING
2249 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
2250 *pos |= 0x01; /* Bit 32 - QoS Map */
2251 #endif /* CONFIG_INTERWORKING */
2252 break;
2253 case 5: /* Bits 40-47 */
2254 #ifdef CONFIG_HS20
2255 if (wpa_s->conf->hs20)
2256 *pos |= 0x40; /* Bit 46 - WNM-Notification */
2257 #endif /* CONFIG_HS20 */
2258 #ifdef CONFIG_MBO
2259 *pos |= 0x40; /* Bit 46 - WNM-Notification */
2260 #endif /* CONFIG_MBO */
2261 break;
2262 case 6: /* Bits 48-55 */
2263 #ifndef CONFIG_NO_ROBUST_AV
2264 #ifdef CONFIG_TESTING_OPTIONS
2265 if (wpa_s->disable_scs_support)
2266 scs = false;
2267 #endif /* CONFIG_TESTING_OPTIONS */
2268 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_SCS)) {
2269 /* Drop own SCS capability indication since the AP does
2270 * not support it. This is needed to avoid
2271 * interoperability issues with APs that get confused
2272 * with Extended Capabilities element. */
2273 scs = false;
2274 }
2275 if (scs)
2276 *pos |= 0x40; /* Bit 54 - SCS */
2277 #endif /* CONFIG_NO_ROBUST_AV */
2278 break;
2279 case 7: /* Bits 56-63 */
2280 break;
2281 case 8: /* Bits 64-71 */
2282 if (wpa_s->conf->ftm_responder)
2283 *pos |= 0x40; /* Bit 70 - FTM responder */
2284 if (wpa_s->conf->ftm_initiator)
2285 *pos |= 0x80; /* Bit 71 - FTM initiator */
2286 break;
2287 case 9: /* Bits 72-79 */
2288 #ifdef CONFIG_FILS
2289 if (!wpa_s->disable_fils)
2290 *pos |= 0x01;
2291 #endif /* CONFIG_FILS */
2292 break;
2293 case 10: /* Bits 80-87 */
2294 #ifndef CONFIG_NO_ROBUST_AV
2295 #ifdef CONFIG_TESTING_OPTIONS
2296 if (wpa_s->disable_mscs_support)
2297 mscs = false;
2298 #endif /* CONFIG_TESTING_OPTIONS */
2299 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS)) {
2300 /* Drop own MSCS capability indication since the AP does
2301 * not support it. This is needed to avoid
2302 * interoperability issues with APs that get confused
2303 * with Extended Capabilities element. */
2304 mscs = false;
2305 }
2306 if (mscs)
2307 *pos |= 0x20; /* Bit 85 - Mirrored SCS */
2308 #endif /* CONFIG_NO_ROBUST_AV */
2309 break;
2310 }
2311 }
2312
2313
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen,struct wpa_bss * bss)2314 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf,
2315 size_t buflen, struct wpa_bss *bss)
2316 {
2317 u8 *pos = buf;
2318 u8 len = 11, i;
2319
2320 if (len < wpa_s->extended_capa_len)
2321 len = wpa_s->extended_capa_len;
2322 if (buflen < (size_t) len + 2) {
2323 wpa_printf(MSG_INFO,
2324 "Not enough room for building extended capabilities element");
2325 return -1;
2326 }
2327
2328 *pos++ = WLAN_EID_EXT_CAPAB;
2329 *pos++ = len;
2330 for (i = 0; i < len; i++, pos++) {
2331 wpas_ext_capab_byte(wpa_s, pos, i, bss);
2332
2333 if (i < wpa_s->extended_capa_len) {
2334 *pos &= ~wpa_s->extended_capa_mask[i];
2335 *pos |= wpa_s->extended_capa[i];
2336 }
2337 }
2338
2339 while (len > 0 && buf[1 + len] == 0) {
2340 len--;
2341 buf[1] = len;
2342 }
2343 if (len == 0)
2344 return 0;
2345
2346 return 2 + len;
2347 }
2348
2349
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)2350 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
2351 struct wpa_bss *test_bss)
2352 {
2353 struct wpa_bss *bss;
2354
2355 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2356 if (bss == test_bss)
2357 return 1;
2358 }
2359
2360 return 0;
2361 }
2362
2363
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)2364 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
2365 struct wpa_ssid *test_ssid)
2366 {
2367 struct wpa_ssid *ssid;
2368
2369 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2370 if (ssid == test_ssid)
2371 return 1;
2372 }
2373
2374 return 0;
2375 }
2376
2377
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2378 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2379 struct wpa_ssid *test_ssid)
2380 {
2381 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2382 return 0;
2383
2384 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2385 }
2386
2387
wpas_connect_work_free(struct wpa_connect_work * cwork)2388 void wpas_connect_work_free(struct wpa_connect_work *cwork)
2389 {
2390 if (cwork == NULL)
2391 return;
2392 os_free(cwork);
2393 }
2394
2395
wpas_connect_work_done(struct wpa_supplicant * wpa_s)2396 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2397 {
2398 struct wpa_connect_work *cwork;
2399 struct wpa_radio_work *work = wpa_s->connect_work;
2400
2401 if (!work)
2402 return;
2403
2404 wpa_s->connect_work = NULL;
2405 cwork = work->ctx;
2406 work->ctx = NULL;
2407 wpas_connect_work_free(cwork);
2408 radio_work_done(work);
2409 }
2410
2411
wpas_update_random_addr(struct wpa_supplicant * wpa_s,enum wpas_mac_addr_style style,struct wpa_ssid * ssid)2412 int wpas_update_random_addr(struct wpa_supplicant *wpa_s,
2413 enum wpas_mac_addr_style style,
2414 struct wpa_ssid *ssid)
2415 {
2416 struct os_reltime now;
2417 u8 addr[ETH_ALEN];
2418
2419 os_get_reltime(&now);
2420 /* Random addresses are valid within a given ESS so check
2421 * expiration/value only when continuing to use the same ESS. */
2422 if (wpa_s->last_mac_addr_style == style && wpa_s->reassoc_same_ess) {
2423 if (style == WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS) {
2424 /* Pregenerated addresses do not expire but their value
2425 * might have changed, so let's check that. */
2426 if (ether_addr_equal(wpa_s->own_addr, ssid->mac_value))
2427 return 0;
2428 } else if ((wpa_s->last_mac_addr_change.sec != 0 ||
2429 wpa_s->last_mac_addr_change.usec != 0) &&
2430 !os_reltime_expired(
2431 &now,
2432 &wpa_s->last_mac_addr_change,
2433 wpa_s->conf->rand_addr_lifetime)) {
2434 wpa_msg(wpa_s, MSG_DEBUG,
2435 "Previously selected random MAC address has not yet expired");
2436 return 0;
2437 }
2438 }
2439
2440 switch (style) {
2441 case WPAS_MAC_ADDR_STYLE_RANDOM:
2442 if (random_mac_addr(addr) < 0)
2443 return -1;
2444 break;
2445 case WPAS_MAC_ADDR_STYLE_RANDOM_SAME_OUI:
2446 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2447 if (random_mac_addr_keep_oui(addr) < 0)
2448 return -1;
2449 break;
2450 case WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS:
2451 if (!ssid) {
2452 wpa_msg(wpa_s, MSG_INFO,
2453 "Invalid 'ssid' for address policy 3");
2454 return -1;
2455 }
2456 os_memcpy(addr, ssid->mac_value, ETH_ALEN);
2457 break;
2458 default:
2459 return -1;
2460 }
2461
2462 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2463 wpa_msg(wpa_s, MSG_INFO,
2464 "Failed to set random MAC address");
2465 return -1;
2466 }
2467
2468 os_get_reltime(&wpa_s->last_mac_addr_change);
2469 wpa_s->mac_addr_changed = 1;
2470 wpa_s->last_mac_addr_style = style;
2471
2472 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2473 wpa_msg(wpa_s, MSG_INFO,
2474 "Could not update MAC address information");
2475 return -1;
2476 }
2477
2478 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2479 MAC2STR(addr));
2480
2481 return 1;
2482 }
2483
2484
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2485 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2486 {
2487 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2488 !wpa_s->conf->preassoc_mac_addr)
2489 return 0;
2490
2491 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr,
2492 NULL);}
2493
2494
wpa_s_setup_sae_pt(struct wpa_config * conf,struct wpa_ssid * ssid,bool force)2495 void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid,
2496 bool force)
2497 {
2498 #ifdef CONFIG_SAE
2499 int *groups = conf->sae_groups;
2500 int default_groups[] = { 19, 20, 21, 0 };
2501 const char *password;
2502
2503 if (!groups || groups[0] <= 0)
2504 groups = default_groups;
2505
2506 password = ssid->sae_password;
2507 if (!password)
2508 password = ssid->passphrase;
2509
2510 if (!password ||
2511 (conf->sae_pwe == 0 && !ssid->sae_password_id &&
2512 !sae_pk_valid_password(password)) ||
2513 conf->sae_pwe == 3) {
2514 /* PT derivation not needed */
2515 sae_deinit_pt(ssid->pt);
2516 ssid->pt = NULL;
2517 return;
2518 }
2519
2520 if (ssid->pt)
2521 return; /* PT already derived */
2522 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2523 (const u8 *) password, os_strlen(password),
2524 ssid->sae_password_id);
2525 #endif /* CONFIG_SAE */
2526 }
2527
2528
wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2529 void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2530 {
2531 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2532 os_free(wpa_s->sme.sae_rejected_groups);
2533 wpa_s->sme.sae_rejected_groups = NULL;
2534 #ifdef CONFIG_TESTING_OPTIONS
2535 if (wpa_s->extra_sae_rejected_groups) {
2536 int i, *groups = wpa_s->extra_sae_rejected_groups;
2537
2538 for (i = 0; groups[i]; i++) {
2539 wpa_printf(MSG_DEBUG,
2540 "TESTING: Indicate rejection of an extra SAE group %d",
2541 groups[i]);
2542 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2543 groups[i]);
2544 }
2545 }
2546 #endif /* CONFIG_TESTING_OPTIONS */
2547 #endif /* CONFIG_SAE && CONFIG_SME */
2548 }
2549
2550
wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2551 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2552 {
2553 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2554 wpa_msg(wpa_s, MSG_INFO,
2555 "Could not restore permanent MAC address");
2556 return -1;
2557 }
2558 wpa_s->mac_addr_changed = 0;
2559 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2560 wpa_msg(wpa_s, MSG_INFO,
2561 "Could not update MAC address information");
2562 return -1;
2563 }
2564 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2565 return 0;
2566 }
2567
2568
2569 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2570
2571 /**
2572 * wpa_supplicant_associate - Request association
2573 * @wpa_s: Pointer to wpa_supplicant data
2574 * @bss: Scan results for the selected BSS, or %NULL if not available
2575 * @ssid: Configuration data for the selected network
2576 *
2577 * This function is used to request %wpa_supplicant to associate with a BSS.
2578 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2579 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2580 struct wpa_bss *bss, struct wpa_ssid *ssid)
2581 {
2582 struct wpa_connect_work *cwork;
2583 int rand_style;
2584
2585 wpa_s->own_disconnect_req = 0;
2586 wpa_s->own_reconnect_req = 0;
2587
2588 /*
2589 * If we are starting a new connection, any previously pending EAPOL
2590 * RX cannot be valid anymore.
2591 */
2592 wpabuf_free(wpa_s->pending_eapol_rx);
2593 wpa_s->pending_eapol_rx = NULL;
2594
2595 if (ssid->mac_addr == -1)
2596 rand_style = wpa_s->conf->mac_addr;
2597 else
2598 rand_style = ssid->mac_addr;
2599
2600 wpa_s->multi_ap_ie = 0;
2601 #ifndef CONFIG_NO_WMM_AC
2602 wmm_ac_clear_saved_tspecs(wpa_s);
2603 #endif /* ! CONFIG_NO_WMM_AC */
2604 wpa_s->reassoc_same_bss = 0;
2605 wpa_s->reassoc_same_ess = 0;
2606 #ifdef CONFIG_TESTING_OPTIONS
2607 wpa_s->testing_resend_assoc = 0;
2608 #endif /* CONFIG_TESTING_OPTIONS */
2609
2610 if (wpa_s->last_ssid == ssid) {
2611 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2612 wpa_s->reassoc_same_ess = 1;
2613 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2614 #ifndef CONFIG_NO_WMM_AC
2615 wmm_ac_save_tspecs(wpa_s);
2616 #endif /* ! CONFIG_NO_WMM_AC */
2617 wpa_s->reassoc_same_bss = 1;
2618 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2619 os_get_reltime(&wpa_s->roam_start);
2620 }
2621 } else {
2622 #ifdef CONFIG_SAE
2623 wpa_s_clear_sae_rejected(wpa_s);
2624 #endif /* CONFIG_SAE */
2625 }
2626 #ifdef CONFIG_SAE
2627 wpa_s_setup_sae_pt(wpa_s->conf, ssid, false);
2628 #endif /* CONFIG_SAE */
2629
2630 if (rand_style > WPAS_MAC_ADDR_STYLE_PERMANENT) {
2631 int status = wpas_update_random_addr(wpa_s, rand_style, ssid);
2632
2633 if (status < 0)
2634 return;
2635 if (rand_style != WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS &&
2636 status > 0) /* MAC changed */
2637 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2638 } else if (rand_style == WPAS_MAC_ADDR_STYLE_PERMANENT &&
2639 wpa_s->mac_addr_changed) {
2640 if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2641 return;
2642 }
2643 wpa_s->last_ssid = ssid;
2644
2645 #ifdef CONFIG_IBSS_RSN
2646 ibss_rsn_deinit(wpa_s->ibss_rsn);
2647 wpa_s->ibss_rsn = NULL;
2648 #else /* CONFIG_IBSS_RSN */
2649 if (ssid->mode == WPAS_MODE_IBSS &&
2650 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2651 wpa_msg(wpa_s, MSG_INFO,
2652 "IBSS RSN not supported in the build");
2653 return;
2654 }
2655 #endif /* CONFIG_IBSS_RSN */
2656
2657 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2658 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2659 #ifdef CONFIG_AP
2660 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2661 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2662 "mode");
2663 return;
2664 }
2665 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2666 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2667 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2668 wpas_p2p_ap_setup_failed(wpa_s);
2669 return;
2670 }
2671 wpa_s->current_bss = bss;
2672 #else /* CONFIG_AP */
2673 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2674 "the build");
2675 #endif /* CONFIG_AP */
2676 return;
2677 }
2678
2679 if (ssid->mode == WPAS_MODE_MESH) {
2680 #ifdef CONFIG_MESH
2681 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2682 wpa_msg(wpa_s, MSG_INFO,
2683 "Driver does not support mesh mode");
2684 return;
2685 }
2686 if (bss)
2687 ssid->frequency = bss->freq;
2688 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2689 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2690 return;
2691 }
2692 wpa_s->current_bss = bss;
2693 #else /* CONFIG_MESH */
2694 wpa_msg(wpa_s, MSG_ERROR,
2695 "mesh mode support not included in the build");
2696 #endif /* CONFIG_MESH */
2697 return;
2698 }
2699
2700 /*
2701 * Set WPA state machine configuration to match the selected network now
2702 * so that the information is available before wpas_start_assoc_cb()
2703 * gets called. This is needed at least for RSN pre-authentication where
2704 * candidate APs are added to a list based on scan result processing
2705 * before completion of the first association.
2706 */
2707 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2708
2709 #ifdef CONFIG_DPP
2710 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2711 return;
2712 #endif /* CONFIG_DPP */
2713
2714 #ifdef CONFIG_TDLS
2715 if (bss)
2716 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2717 #endif /* CONFIG_TDLS */
2718
2719 #ifdef CONFIG_MBO
2720 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2721 #endif /* CONFIG_MBO */
2722
2723 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2724 ssid->mode == WPAS_MODE_INFRA) {
2725 sme_authenticate(wpa_s, bss, ssid);
2726 return;
2727 }
2728
2729 if (wpa_s->connect_work) {
2730 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2731 return;
2732 }
2733
2734 if (radio_work_pending(wpa_s, "connect")) {
2735 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2736 return;
2737 }
2738
2739 #ifdef CONFIG_SME
2740 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2741 /* Clear possibly set auth_alg, if any, from last attempt. */
2742 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2743 }
2744 #endif /* CONFIG_SME */
2745
2746 wpas_abort_ongoing_scan(wpa_s);
2747
2748 cwork = os_zalloc(sizeof(*cwork));
2749 if (cwork == NULL)
2750 return;
2751
2752 cwork->bss = bss;
2753 cwork->ssid = ssid;
2754
2755 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2756 wpas_start_assoc_cb, cwork) < 0) {
2757 os_free(cwork);
2758 }
2759 }
2760
2761
bss_is_ibss(struct wpa_bss * bss)2762 static int bss_is_ibss(struct wpa_bss *bss)
2763 {
2764 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2765 IEEE80211_CAP_IBSS;
2766 }
2767
2768
drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2769 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2770 const struct wpa_ssid *ssid)
2771 {
2772 enum hostapd_hw_mode hw_mode;
2773 struct hostapd_hw_modes *mode = NULL;
2774 u8 channel;
2775 int i;
2776
2777 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2778 if (hw_mode == NUM_HOSTAPD_MODES)
2779 return 0;
2780 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2781 if (wpa_s->hw.modes[i].mode == hw_mode) {
2782 mode = &wpa_s->hw.modes[i];
2783 break;
2784 }
2785 }
2786
2787 if (!mode)
2788 return 0;
2789
2790 return mode->vht_capab != 0;
2791 }
2792
2793
ibss_mesh_is_80mhz_avail(int channel,struct hostapd_hw_modes * mode)2794 static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
2795 {
2796 int i;
2797
2798 for (i = channel; i < channel + 16; i += 4) {
2799 struct hostapd_channel_data *chan;
2800
2801 chan = hw_get_channel_chan(mode, i, NULL);
2802 if (!chan ||
2803 chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2804 return false;
2805 }
2806
2807 return true;
2808 }
2809
2810
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)2811 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
2812 const struct wpa_ssid *ssid,
2813 struct hostapd_freq_params *freq)
2814 {
2815 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
2816 enum hostapd_hw_mode hw_mode;
2817 struct hostapd_hw_modes *mode = NULL;
2818 int ht40plus[] = { 36, 44, 52, 60, 100, 108, 116, 124, 132, 149, 157,
2819 184, 192 };
2820 int bw80[] = { 5180, 5260, 5500, 5580, 5660, 5745, 5955,
2821 6035, 6115, 6195, 6275, 6355, 6435, 6515,
2822 6595, 6675, 6755, 6835, 6915, 6995 };
2823 int bw160[] = { 5955, 6115, 6275, 6435, 6595, 6755, 6915 };
2824 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2825 u8 channel;
2826 int i, chan_idx, ht40 = -1, res, obss_scan = 1;
2827 unsigned int j, k;
2828 struct hostapd_freq_params vht_freq;
2829 int chwidth, seg0, seg1;
2830 u32 vht_caps = 0;
2831 bool is_24ghz, is_6ghz;
2832
2833 freq->freq = ssid->frequency;
2834
2835 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2836 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2837
2838 if (ssid->mode != WPAS_MODE_IBSS)
2839 break;
2840
2841 /* Don't adjust control freq in case of fixed_freq */
2842 if (ssid->fixed_freq)
2843 break;
2844
2845 if (!bss_is_ibss(bss))
2846 continue;
2847
2848 if (ssid->ssid_len == bss->ssid_len &&
2849 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) {
2850 wpa_printf(MSG_DEBUG,
2851 "IBSS already found in scan results, adjust control freq: %d",
2852 bss->freq);
2853 freq->freq = bss->freq;
2854 obss_scan = 0;
2855 break;
2856 }
2857 }
2858
2859 /* For IBSS check HT_IBSS flag */
2860 if (ssid->mode == WPAS_MODE_IBSS &&
2861 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2862 return;
2863
2864 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2865 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2866 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2867 wpa_printf(MSG_DEBUG,
2868 "IBSS: WEP/TKIP detected, do not try to enable HT");
2869 return;
2870 }
2871
2872 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
2873 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2874 if (wpa_s->hw.modes[i].mode == hw_mode) {
2875 mode = &wpa_s->hw.modes[i];
2876 break;
2877 }
2878 }
2879
2880 if (!mode)
2881 return;
2882
2883 freq->channel = channel;
2884
2885 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
2886 hw_mode == HOSTAPD_MODE_IEEE80211B;
2887
2888 /* HT/VHT and corresponding overrides are not applicable to 6 GHz.
2889 * However, HE is mandatory for 6 GHz.
2890 */
2891 is_6ghz = is_6ghz_freq(freq->freq);
2892 if (is_6ghz)
2893 goto skip_to_6ghz;
2894
2895 #ifdef CONFIG_HT_OVERRIDES
2896 if (ssid->disable_ht) {
2897 freq->ht_enabled = 0;
2898 return;
2899 }
2900 #endif /* CONFIG_HT_OVERRIDES */
2901
2902 freq->ht_enabled = ht_supported(mode);
2903 if (!freq->ht_enabled)
2904 return;
2905
2906 /* Allow HE on 2.4 GHz without VHT: see nl80211_put_freq_params() */
2907 if (is_24ghz)
2908 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
2909 #ifdef CONFIG_HE_OVERRIDES
2910 if (is_24ghz && ssid->disable_he)
2911 freq->he_enabled = 0;
2912 #endif /* CONFIG_HE_OVERRIDES */
2913
2914 /* Setup higher BW only for 5 GHz */
2915 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2916 return;
2917
2918 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2919 pri_chan = &mode->channels[chan_idx];
2920 if (pri_chan->chan == channel)
2921 break;
2922 pri_chan = NULL;
2923 }
2924 if (!pri_chan)
2925 return;
2926
2927 /* Check primary channel flags */
2928 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2929 return;
2930
2931 freq->channel = pri_chan->chan;
2932
2933 #ifdef CONFIG_HT_OVERRIDES
2934 if (ssid->disable_ht40) {
2935 #ifdef CONFIG_VHT_OVERRIDES
2936 if (ssid->disable_vht)
2937 return;
2938 #endif /* CONFIG_VHT_OVERRIDES */
2939 goto skip_ht40;
2940 }
2941 #endif /* CONFIG_HT_OVERRIDES */
2942
2943 /* Check/setup HT40+/HT40- */
2944 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2945 if (ht40plus[j] == channel) {
2946 ht40 = 1;
2947 break;
2948 }
2949 }
2950
2951 /* Find secondary channel */
2952 for (i = 0; i < mode->num_channels; i++) {
2953 sec_chan = &mode->channels[i];
2954 if (sec_chan->chan == channel + ht40 * 4)
2955 break;
2956 sec_chan = NULL;
2957 }
2958 if (!sec_chan)
2959 return;
2960
2961 /* Check secondary channel flags */
2962 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2963 return;
2964
2965 if (ht40 == -1) {
2966 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2967 return;
2968 } else {
2969 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2970 return;
2971 }
2972 freq->sec_channel_offset = ht40;
2973
2974 if (obss_scan) {
2975 struct wpa_scan_results *scan_res;
2976
2977 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0,
2978 NULL);
2979 if (scan_res == NULL) {
2980 /* Back to HT20 */
2981 freq->sec_channel_offset = 0;
2982 return;
2983 }
2984
2985 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
2986 switch (res) {
2987 case 0:
2988 /* Back to HT20 */
2989 freq->sec_channel_offset = 0;
2990 break;
2991 case 1:
2992 /* Configuration allowed */
2993 break;
2994 case 2:
2995 /* Switch pri/sec channels */
2996 freq->freq = hw_get_freq(mode, sec_chan->chan);
2997 freq->sec_channel_offset = -freq->sec_channel_offset;
2998 freq->channel = sec_chan->chan;
2999 break;
3000 default:
3001 freq->sec_channel_offset = 0;
3002 break;
3003 }
3004
3005 wpa_scan_results_free(scan_res);
3006 }
3007
3008 #ifdef CONFIG_HT_OVERRIDES
3009 skip_ht40:
3010 #endif /* CONFIG_HT_OVERRIDES */
3011 wpa_printf(MSG_DEBUG,
3012 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
3013 freq->channel, freq->sec_channel_offset);
3014
3015 if (!drv_supports_vht(wpa_s, ssid))
3016 return;
3017
3018 /* For IBSS check VHT_IBSS flag */
3019 if (ssid->mode == WPAS_MODE_IBSS &&
3020 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
3021 return;
3022
3023 #ifdef CONFIG_VHT_OVERRIDES
3024 if (ssid->disable_vht) {
3025 freq->vht_enabled = 0;
3026 return;
3027 }
3028 #endif /* CONFIG_VHT_OVERRIDES */
3029
3030 skip_to_6ghz:
3031 vht_freq = *freq;
3032
3033 /* 6 GHz does not have VHT enabled, so allow that exception here. */
3034 vht_freq.vht_enabled = vht_supported(mode);
3035 if (!vht_freq.vht_enabled && !is_6ghz)
3036 return;
3037
3038 /* Enable HE with VHT for 5 GHz */
3039 freq->he_enabled = mode->he_capab[ieee80211_mode].he_supported;
3040
3041 /* setup center_freq1, bandwidth */
3042 for (j = 0; j < ARRAY_SIZE(bw80); j++) {
3043 if (freq->freq >= bw80[j] &&
3044 freq->freq < bw80[j] + 80)
3045 break;
3046 }
3047
3048 if (j == ARRAY_SIZE(bw80) ||
3049 ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES)
3050 return;
3051
3052 /* Back to HT configuration if channel not usable */
3053 if (!ibss_mesh_is_80mhz_avail(channel, mode))
3054 return;
3055
3056 chwidth = CHANWIDTH_80MHZ;
3057 seg0 = channel + 6;
3058 seg1 = 0;
3059
3060 if ((mode->he_capab[ieee80211_mode].phy_cap[
3061 HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
3062 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz) {
3063 /* In 160 MHz, the initial four 20 MHz channels were validated
3064 * above; check the remaining four 20 MHz channels for the total
3065 * of 160 MHz bandwidth.
3066 */
3067 if (!ibss_mesh_is_80mhz_avail(channel + 16, mode))
3068 return;
3069
3070 for (j = 0; j < ARRAY_SIZE(bw160); j++) {
3071 if (freq->freq == bw160[j]) {
3072 chwidth = CHANWIDTH_160MHZ;
3073 seg0 = channel + 14;
3074 break;
3075 }
3076 }
3077 }
3078
3079 if (ssid->max_oper_chwidth == CHANWIDTH_80P80MHZ) {
3080 /* setup center_freq2, bandwidth */
3081 for (k = 0; k < ARRAY_SIZE(bw80); k++) {
3082 /* Only accept 80 MHz segments separated by a gap */
3083 if (j == k || abs(bw80[j] - bw80[k]) == 80)
3084 continue;
3085
3086 if (ieee80211_freq_to_chan(bw80[k], &channel) ==
3087 NUM_HOSTAPD_MODES)
3088 return;
3089
3090 for (i = channel; i < channel + 16; i += 4) {
3091 struct hostapd_channel_data *chan;
3092
3093 chan = hw_get_channel_chan(mode, i, NULL);
3094 if (!chan)
3095 continue;
3096
3097 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
3098 HOSTAPD_CHAN_NO_IR |
3099 HOSTAPD_CHAN_RADAR))
3100 continue;
3101
3102 /* Found a suitable second segment for 80+80 */
3103 chwidth = CHANWIDTH_80P80MHZ;
3104 if (!is_6ghz)
3105 vht_caps |=
3106 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
3107 seg1 = channel + 6;
3108 }
3109
3110 if (chwidth == CHANWIDTH_80P80MHZ)
3111 break;
3112 }
3113 } else if (ssid->max_oper_chwidth == CHANWIDTH_160MHZ) {
3114 if (freq->freq == 5180) {
3115 chwidth = CHANWIDTH_160MHZ;
3116 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3117 seg0 = 50;
3118 } else if (freq->freq == 5520) {
3119 chwidth = CHANWIDTH_160MHZ;
3120 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3121 seg0 = 114;
3122 }
3123 } else if (ssid->max_oper_chwidth == CHANWIDTH_USE_HT) {
3124 chwidth = CHANWIDTH_USE_HT;
3125 seg0 = channel + 2;
3126 #ifdef CONFIG_HT_OVERRIDES
3127 if (ssid->disable_ht40)
3128 seg0 = 0;
3129 #endif /* CONFIG_HT_OVERRIDES */
3130 }
3131
3132 #ifdef CONFIG_HE_OVERRIDES
3133 if (ssid->disable_he) {
3134 vht_freq.he_enabled = 0;
3135 freq->he_enabled = 0;
3136 }
3137 #endif /* CONFIG_HE_OVERRIDES */
3138 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
3139 freq->channel, ssid->enable_edmg,
3140 ssid->edmg_channel, freq->ht_enabled,
3141 vht_freq.vht_enabled, freq->he_enabled,
3142 freq->eht_enabled,
3143 freq->sec_channel_offset,
3144 chwidth, seg0, seg1, vht_caps,
3145 &mode->he_capab[ieee80211_mode],
3146 &mode->eht_capab[ieee80211_mode], 0) != 0)
3147 return;
3148
3149 *freq = vht_freq;
3150
3151 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
3152 freq->center_freq1, freq->center_freq2, freq->bandwidth);
3153 }
3154
3155
3156 #ifdef CONFIG_FILS
wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)3157 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
3158 size_t ie_buf_len)
3159 {
3160 struct fils_hlp_req *req;
3161 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
3162 const u8 *pos;
3163 u8 *buf = ie_buf;
3164
3165 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3166 list) {
3167 rem_len = ie_buf_len - ie_len;
3168 pos = wpabuf_head(req->pkt);
3169 hdr_len = 1 + 2 * ETH_ALEN + 6;
3170 hlp_len = wpabuf_len(req->pkt);
3171
3172 if (rem_len < 2 + hdr_len + hlp_len) {
3173 wpa_printf(MSG_ERROR,
3174 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
3175 (unsigned long) rem_len,
3176 (unsigned long) (2 + hdr_len + hlp_len));
3177 break;
3178 }
3179
3180 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
3181 /* Element ID */
3182 *buf++ = WLAN_EID_EXTENSION;
3183 /* Length */
3184 *buf++ = len;
3185 /* Element ID Extension */
3186 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
3187 /* Destination MAC address */
3188 os_memcpy(buf, req->dst, ETH_ALEN);
3189 buf += ETH_ALEN;
3190 /* Source MAC address */
3191 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
3192 buf += ETH_ALEN;
3193 /* LLC/SNAP Header */
3194 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
3195 buf += 6;
3196 /* HLP Packet */
3197 os_memcpy(buf, pos, len - hdr_len);
3198 buf += len - hdr_len;
3199 pos += len - hdr_len;
3200
3201 hlp_len -= len - hdr_len;
3202 ie_len += 2 + len;
3203 rem_len -= 2 + len;
3204
3205 while (hlp_len) {
3206 len = (hlp_len > 255) ? 255 : hlp_len;
3207 if (rem_len < 2 + len)
3208 break;
3209 *buf++ = WLAN_EID_FRAGMENT;
3210 *buf++ = len;
3211 os_memcpy(buf, pos, len);
3212 buf += len;
3213 pos += len;
3214
3215 hlp_len -= len;
3216 ie_len += 2 + len;
3217 rem_len -= 2 + len;
3218 }
3219 }
3220
3221 return ie_len;
3222 }
3223
3224
wpa_is_fils_supported(struct wpa_supplicant * wpa_s)3225 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
3226 {
3227 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3228 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
3229 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3230 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
3231 }
3232
3233
wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)3234 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
3235 {
3236 #ifdef CONFIG_FILS_SK_PFS
3237 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3238 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
3239 #else /* CONFIG_FILS_SK_PFS */
3240 return 0;
3241 #endif /* CONFIG_FILS_SK_PFS */
3242 }
3243
3244 #endif /* CONFIG_FILS */
3245
wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss * bss)3246 bool wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss *bss)
3247 {
3248 const u8 *wfa_capa;
3249
3250 if (!bss)
3251 return false;
3252
3253 /* Get WFA capability from Beacon or Probe Response frame elements */
3254 wfa_capa = wpa_bss_get_vendor_ie(bss, WFA_CAPA_IE_VENDOR_TYPE);
3255 if (!wfa_capa)
3256 wfa_capa = wpa_bss_get_vendor_ie_beacon(
3257 bss, WFA_CAPA_IE_VENDOR_TYPE);
3258
3259 if (!wfa_capa || wfa_capa[1] < 6 || wfa_capa[6] < 1 ||
3260 !(wfa_capa[7] & WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC)) {
3261 /* AP does not enable QM non EHT traffic description policy */
3262 return false;
3263 }
3264
3265 return true;
3266 }
3267
wpas_populate_wfa_capa(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,u8 * wpa_ie,size_t wpa_ie_len,size_t max_wpa_ie_len)3268 static int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s,
3269 struct wpa_bss *bss,
3270 u8 *wpa_ie, size_t wpa_ie_len,
3271 size_t max_wpa_ie_len)
3272 {
3273 struct wpabuf *wfa_ie = NULL;
3274 u8 wfa_capa[1];
3275 size_t wfa_ie_len, buf_len;
3276
3277 os_memset(wfa_capa, 0, sizeof(wfa_capa));
3278 #ifdef CONFIG_ROBUST_AV
3279 if (wpa_s->enable_dscp_policy_capa)
3280 wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY;
3281 #endif /* CONFIG_ROBUST_AV */
3282
3283 if (wpa_is_non_eht_scs_traffic_desc_supported(bss))
3284 wfa_capa[0] |= WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC;
3285
3286 if (!wfa_capa[0])
3287 return wpa_ie_len;
3288
3289 /* Wi-Fi Alliance element */
3290 buf_len = 1 + /* Element ID */
3291 1 + /* Length */
3292 3 + /* OUI */
3293 1 + /* OUI Type */
3294 1 + /* Capabilities Length */
3295 sizeof(wfa_capa); /* Capabilities */
3296 wfa_ie = wpabuf_alloc(buf_len);
3297 if (!wfa_ie)
3298 return wpa_ie_len;
3299
3300 wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC);
3301 wpabuf_put_u8(wfa_ie, buf_len - 2);
3302 wpabuf_put_be24(wfa_ie, OUI_WFA);
3303 wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE);
3304 wpabuf_put_u8(wfa_ie, sizeof(wfa_capa));
3305 wpabuf_put_data(wfa_ie, wfa_capa, sizeof(wfa_capa));
3306
3307 wfa_ie_len = wpabuf_len(wfa_ie);
3308 if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) {
3309 wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element",
3310 wfa_ie);
3311 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie),
3312 wfa_ie_len);
3313 wpa_ie_len += wfa_ie_len;
3314 }
3315
3316 wpabuf_free(wfa_ie);
3317 return wpa_ie_len;
3318 }
3319
3320
wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)3321 static u8 * wpas_populate_assoc_ies(
3322 struct wpa_supplicant *wpa_s,
3323 struct wpa_bss *bss, struct wpa_ssid *ssid,
3324 struct wpa_driver_associate_params *params,
3325 enum wpa_drv_update_connect_params_mask *mask)
3326 {
3327 u8 *wpa_ie;
3328 size_t max_wpa_ie_len = 500;
3329 size_t wpa_ie_len;
3330 int algs = WPA_AUTH_ALG_OPEN;
3331 #ifdef CONFIG_MBO
3332 const u8 *mbo_ie;
3333 #endif
3334 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3335 int pmksa_cached = 0;
3336 #endif /* CONFIG_SAE || CONFIG_FILS */
3337 #ifdef CONFIG_FILS
3338 const u8 *realm, *username, *rrk;
3339 size_t realm_len, username_len, rrk_len;
3340 u16 next_seq_num;
3341 struct fils_hlp_req *req;
3342
3343 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3344 list) {
3345 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
3346 2 + 2 * wpabuf_len(req->pkt) / 255;
3347 }
3348 #endif /* CONFIG_FILS */
3349
3350 wpa_ie = os_malloc(max_wpa_ie_len);
3351 if (!wpa_ie) {
3352 wpa_printf(MSG_ERROR,
3353 "Failed to allocate connect IE buffer for %lu bytes",
3354 (unsigned long) max_wpa_ie_len);
3355 return NULL;
3356 }
3357
3358 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
3359 wpa_bss_get_rsne(wpa_s, bss, ssid, false)) &&
3360 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
3361 int try_opportunistic;
3362 const u8 *cache_id = NULL;
3363
3364 try_opportunistic = (ssid->proactive_key_caching < 0 ?
3365 wpa_s->conf->okc :
3366 ssid->proactive_key_caching) &&
3367 (ssid->proto & WPA_PROTO_RSN);
3368 #ifdef CONFIG_FILS
3369 if (wpa_key_mgmt_fils(ssid->key_mgmt))
3370 cache_id = wpa_bss_get_fils_cache_id(bss);
3371 #endif /* CONFIG_FILS */
3372 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
3373 ssid, try_opportunistic,
3374 cache_id, 0, false) == 0) {
3375 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
3376 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3377 pmksa_cached = 1;
3378 #endif /* CONFIG_SAE || CONFIG_FILS */
3379 }
3380 wpa_ie_len = max_wpa_ie_len;
3381 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3382 wpa_ie, &wpa_ie_len, false)) {
3383 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3384 "key management and encryption suites");
3385 os_free(wpa_ie);
3386 return NULL;
3387 }
3388 #ifdef CONFIG_HS20
3389 } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
3390 (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
3391 /* No PMKSA caching, but otherwise similar to RSN/WPA */
3392 wpa_ie_len = max_wpa_ie_len;
3393 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3394 wpa_ie, &wpa_ie_len, false)) {
3395 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3396 "key management and encryption suites");
3397 os_free(wpa_ie);
3398 return NULL;
3399 }
3400 #endif /* CONFIG_HS20 */
3401 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
3402 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
3403 /*
3404 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
3405 * use non-WPA since the scan results did not indicate that the
3406 * AP is using WPA or WPA2.
3407 */
3408 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3409 wpa_ie_len = 0;
3410 wpa_s->wpa_proto = 0;
3411 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
3412 wpa_ie_len = max_wpa_ie_len;
3413 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
3414 wpa_ie, &wpa_ie_len, false)) {
3415 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3416 "key management and encryption suites (no "
3417 "scan results)");
3418 os_free(wpa_ie);
3419 return NULL;
3420 }
3421 #ifdef CONFIG_WPS
3422 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
3423 struct wpabuf *wps_ie;
3424 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
3425 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
3426 wpa_ie_len = wpabuf_len(wps_ie);
3427 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
3428 } else
3429 wpa_ie_len = 0;
3430 wpabuf_free(wps_ie);
3431 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3432 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
3433 params->wps = WPS_MODE_PRIVACY;
3434 else
3435 params->wps = WPS_MODE_OPEN;
3436 wpa_s->wpa_proto = 0;
3437 #endif /* CONFIG_WPS */
3438 } else {
3439 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3440 wpa_ie_len = 0;
3441 wpa_s->wpa_proto = 0;
3442 }
3443
3444 #ifdef IEEE8021X_EAPOL
3445 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3446 if (ssid->leap) {
3447 if (ssid->non_leap == 0)
3448 algs = WPA_AUTH_ALG_LEAP;
3449 else
3450 algs |= WPA_AUTH_ALG_LEAP;
3451 }
3452 }
3453
3454 #ifdef CONFIG_FILS
3455 /* Clear FILS association */
3456 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
3457
3458 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3459 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3460 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
3461 &username_len, &realm, &realm_len,
3462 &next_seq_num, &rrk, &rrk_len) == 0 &&
3463 (!wpa_s->last_con_fail_realm ||
3464 wpa_s->last_con_fail_realm_len != realm_len ||
3465 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
3466 algs = WPA_AUTH_ALG_FILS;
3467 params->fils_erp_username = username;
3468 params->fils_erp_username_len = username_len;
3469 params->fils_erp_realm = realm;
3470 params->fils_erp_realm_len = realm_len;
3471 params->fils_erp_next_seq_num = next_seq_num;
3472 params->fils_erp_rrk = rrk;
3473 params->fils_erp_rrk_len = rrk_len;
3474
3475 if (mask)
3476 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
3477 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3478 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3479 pmksa_cached) {
3480 algs = WPA_AUTH_ALG_FILS;
3481 }
3482 #endif /* CONFIG_FILS */
3483 #endif /* IEEE8021X_EAPOL */
3484 #ifdef CONFIG_SAE
3485 if (wpa_s->key_mgmt & (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE))
3486 algs = WPA_AUTH_ALG_SAE;
3487 #endif /* CONFIG_SAE */
3488
3489 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
3490 if (ssid->auth_alg) {
3491 algs = ssid->auth_alg;
3492 wpa_dbg(wpa_s, MSG_DEBUG,
3493 "Overriding auth_alg selection: 0x%x", algs);
3494 }
3495
3496 #ifdef CONFIG_SAE
3497 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
3498 wpa_dbg(wpa_s, MSG_DEBUG,
3499 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
3500 algs = WPA_AUTH_ALG_OPEN;
3501 }
3502 #endif /* CONFIG_SAE */
3503
3504 #ifdef CONFIG_P2P
3505 if (wpa_s->global->p2p) {
3506 u8 *pos;
3507 size_t len;
3508 int res;
3509 pos = wpa_ie + wpa_ie_len;
3510 len = max_wpa_ie_len - wpa_ie_len;
3511 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
3512 ssid->p2p_group);
3513 if (res >= 0)
3514 wpa_ie_len += res;
3515 }
3516
3517 wpa_s->cross_connect_disallowed = 0;
3518 if (bss) {
3519 struct wpabuf *p2p;
3520 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
3521 if (p2p) {
3522 wpa_s->cross_connect_disallowed =
3523 p2p_get_cross_connect_disallowed(p2p);
3524 wpabuf_free(p2p);
3525 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3526 "connection",
3527 wpa_s->cross_connect_disallowed ?
3528 "disallows" : "allows");
3529 }
3530 }
3531
3532 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3533 #endif /* CONFIG_P2P */
3534
3535 #ifndef CONFIG_NO_RRM
3536 if (bss) {
3537 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3538 wpa_ie + wpa_ie_len,
3539 max_wpa_ie_len -
3540 wpa_ie_len);
3541 }
3542 #endif /* ! CONFIG_NO_RRM */
3543 /*
3544 * Workaround: Add Extended Capabilities element only if the AP
3545 * included this element in Beacon/Probe Response frames. Some older
3546 * APs seem to have interoperability issues if this element is
3547 * included, so while the standard may require us to include the
3548 * element in all cases, it is justifiable to skip it to avoid
3549 * interoperability issues.
3550 */
3551 if (ssid->p2p_group)
3552 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3553 else
3554 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3555
3556 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3557 u8 ext_capab[18];
3558 int ext_capab_len;
3559 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3560 sizeof(ext_capab), bss);
3561 if (ext_capab_len > 0 &&
3562 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3563 u8 *pos = wpa_ie;
3564 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3565 pos += 2 + pos[1];
3566 os_memmove(pos + ext_capab_len, pos,
3567 wpa_ie_len - (pos - wpa_ie));
3568 wpa_ie_len += ext_capab_len;
3569 os_memcpy(pos, ext_capab, ext_capab_len);
3570 }
3571 }
3572
3573 #ifdef CONFIG_HS20
3574 if (is_hs20_network(wpa_s, ssid, bss)) {
3575 struct wpabuf *hs20;
3576
3577 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3578 if (hs20) {
3579 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3580 size_t len;
3581
3582 wpas_hs20_add_indication(hs20, pps_mo_id,
3583 get_hs20_version(bss));
3584 wpas_hs20_add_roam_cons_sel(hs20, ssid);
3585 len = max_wpa_ie_len - wpa_ie_len;
3586 if (wpabuf_len(hs20) <= len) {
3587 os_memcpy(wpa_ie + wpa_ie_len,
3588 wpabuf_head(hs20), wpabuf_len(hs20));
3589 wpa_ie_len += wpabuf_len(hs20);
3590 }
3591 wpabuf_free(hs20);
3592
3593 hs20_configure_frame_filters(wpa_s);
3594 }
3595 }
3596 #endif /* CONFIG_HS20 */
3597
3598 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3599 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3600 size_t len;
3601
3602 len = max_wpa_ie_len - wpa_ie_len;
3603 if (wpabuf_len(buf) <= len) {
3604 os_memcpy(wpa_ie + wpa_ie_len,
3605 wpabuf_head(buf), wpabuf_len(buf));
3606 wpa_ie_len += wpabuf_len(buf);
3607 }
3608 }
3609
3610 #ifdef CONFIG_FST
3611 if (wpa_s->fst_ies) {
3612 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3613
3614 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3615 os_memcpy(wpa_ie + wpa_ie_len,
3616 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3617 wpa_ie_len += fst_ies_len;
3618 }
3619 }
3620 #endif /* CONFIG_FST */
3621
3622 #ifdef CONFIG_MBO
3623 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3624 if (!wpa_s->disable_mbo_oce && mbo_ie) {
3625 int len;
3626
3627 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3628 max_wpa_ie_len - wpa_ie_len,
3629 !!mbo_attr_from_mbo_ie(mbo_ie,
3630 OCE_ATTR_ID_CAPA_IND));
3631 if (len >= 0)
3632 wpa_ie_len += len;
3633 }
3634 #endif /* CONFIG_MBO */
3635
3636 #ifdef CONFIG_FILS
3637 if (algs == WPA_AUTH_ALG_FILS) {
3638 size_t len;
3639
3640 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3641 max_wpa_ie_len - wpa_ie_len);
3642 wpa_ie_len += len;
3643 }
3644 #endif /* CONFIG_FILS */
3645
3646 #ifdef CONFIG_OWE
3647 #ifdef CONFIG_TESTING_OPTIONS
3648 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3649 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3650 } else
3651 #endif /* CONFIG_TESTING_OPTIONS */
3652 if (algs == WPA_AUTH_ALG_OPEN &&
3653 ssid->key_mgmt == WPA_KEY_MGMT_OWE) {
3654 struct wpabuf *owe_ie;
3655 u16 group;
3656
3657 if (ssid->owe_group) {
3658 group = ssid->owe_group;
3659 } else if (wpa_s->assoc_status_code ==
3660 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3661 if (wpa_s->last_owe_group == 19)
3662 group = 20;
3663 else if (wpa_s->last_owe_group == 20)
3664 group = 21;
3665 else
3666 group = OWE_DH_GROUP;
3667 } else {
3668 group = OWE_DH_GROUP;
3669 }
3670
3671 wpa_s->last_owe_group = group;
3672 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3673 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3674 if (owe_ie &&
3675 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3676 os_memcpy(wpa_ie + wpa_ie_len,
3677 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3678 wpa_ie_len += wpabuf_len(owe_ie);
3679 }
3680 wpabuf_free(owe_ie);
3681 }
3682 #endif /* CONFIG_OWE */
3683
3684 #ifdef CONFIG_DPP2
3685 if (DPP_VERSION > 1 &&
3686 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3687 ssid->dpp_netaccesskey &&
3688 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
3689 struct rsn_pmksa_cache_entry *pmksa;
3690
3691 pmksa = pmksa_cache_get_current(wpa_s->wpa);
3692 if (!pmksa || !pmksa->dpp_pfs)
3693 goto pfs_fail;
3694
3695 dpp_pfs_free(wpa_s->dpp_pfs);
3696 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3697 ssid->dpp_netaccesskey_len);
3698 if (!wpa_s->dpp_pfs) {
3699 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3700 /* Try to continue without PFS */
3701 goto pfs_fail;
3702 }
3703 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3704 max_wpa_ie_len - wpa_ie_len) {
3705 os_memcpy(wpa_ie + wpa_ie_len,
3706 wpabuf_head(wpa_s->dpp_pfs->ie),
3707 wpabuf_len(wpa_s->dpp_pfs->ie));
3708 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3709 }
3710 }
3711 pfs_fail:
3712 #endif /* CONFIG_DPP2 */
3713
3714 #ifdef CONFIG_IEEE80211R
3715 /*
3716 * Add MDIE under these conditions: the network profile allows FT,
3717 * the AP supports FT, and the mobility domain ID matches.
3718 */
3719 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3720 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3721
3722 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3723 size_t len = 0;
3724 const u8 *md = mdie + 2;
3725 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3726
3727 if (os_memcmp(md, wpa_md,
3728 MOBILITY_DOMAIN_ID_LEN) == 0) {
3729 /* Add mobility domain IE */
3730 len = wpa_ft_add_mdie(
3731 wpa_s->wpa, wpa_ie + wpa_ie_len,
3732 max_wpa_ie_len - wpa_ie_len, mdie);
3733 wpa_ie_len += len;
3734 }
3735 #ifdef CONFIG_SME
3736 if (len > 0 && wpa_s->sme.ft_used &&
3737 wpa_sm_has_ft_keys(wpa_s->wpa, md)) {
3738 wpa_dbg(wpa_s, MSG_DEBUG,
3739 "SME: Trying to use FT over-the-air");
3740 algs |= WPA_AUTH_ALG_FT;
3741 }
3742 #endif /* CONFIG_SME */
3743 }
3744 }
3745 #endif /* CONFIG_IEEE80211R */
3746
3747 #ifdef CONFIG_TESTING_OPTIONS
3748 if (wpa_s->rsnxe_override_assoc &&
3749 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3750 max_wpa_ie_len - wpa_ie_len) {
3751 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3752 os_memcpy(wpa_ie + wpa_ie_len,
3753 wpabuf_head(wpa_s->rsnxe_override_assoc),
3754 wpabuf_len(wpa_s->rsnxe_override_assoc));
3755 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3756 } else
3757 #endif /* CONFIG_TESTING_OPTIONS */
3758 if (wpa_s->rsnxe_len > 0 &&
3759 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3760 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3761 wpa_ie_len += wpa_s->rsnxe_len;
3762 }
3763
3764 #ifdef CONFIG_TESTING_OPTIONS
3765 if (wpa_s->disable_mscs_support)
3766 goto mscs_end;
3767 #endif /* CONFIG_TESTING_OPTIONS */
3768 #ifndef CONFIG_NO_RRM
3769 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
3770 wpa_s->robust_av.valid_config) {
3771 struct wpabuf *mscs_ie;
3772 size_t mscs_ie_len, buf_len;
3773
3774 buf_len = 3 + /* MSCS descriptor IE header */
3775 1 + /* Request type */
3776 2 + /* User priority control */
3777 4 + /* Stream timeout */
3778 3 + /* TCLAS Mask IE header */
3779 wpa_s->robust_av.frame_classifier_len;
3780 mscs_ie = wpabuf_alloc(buf_len);
3781 if (!mscs_ie) {
3782 wpa_printf(MSG_INFO,
3783 "MSCS: Failed to allocate MSCS IE");
3784 goto mscs_end;
3785 }
3786
3787 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
3788 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
3789 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
3790 mscs_ie_len = wpabuf_len(mscs_ie);
3791 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
3792 mscs_ie_len);
3793 wpa_ie_len += mscs_ie_len;
3794 }
3795
3796 wpabuf_free(mscs_ie);
3797 }
3798 mscs_end:
3799 #endif /* ! CONFIG_NO_RRM */
3800 wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len,
3801 max_wpa_ie_len);
3802
3803 if (ssid->multi_ap_backhaul_sta) {
3804 size_t multi_ap_ie_len;
3805 struct multi_ap_params multi_ap = { 0 };
3806
3807 multi_ap.capability = MULTI_AP_BACKHAUL_STA;
3808 multi_ap.profile = ssid->multi_ap_profile;
3809
3810 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3811 max_wpa_ie_len - wpa_ie_len,
3812 &multi_ap);
3813 if (multi_ap_ie_len == 0) {
3814 wpa_printf(MSG_ERROR,
3815 "Multi-AP: Failed to build Multi-AP IE");
3816 os_free(wpa_ie);
3817 return NULL;
3818 }
3819 wpa_ie_len += multi_ap_ie_len;
3820 }
3821
3822 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE_SUPPORT,
3823 wpas_rsn_overriding(wpa_s, ssid));
3824 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
3825 RSN_OVERRIDE_NOT_USED);
3826 if (wpas_rsn_overriding(wpa_s, ssid) &&
3827 wpas_ap_supports_rsn_overriding(wpa_s, bss) &&
3828 wpa_ie_len + 2 + 4 + 1 <= max_wpa_ie_len) {
3829 u8 *pos = wpa_ie + wpa_ie_len, *start = pos;
3830 const u8 *ie;
3831 enum rsn_selection_variant variant = RSN_SELECTION_RSNE;
3832
3833 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
3834 RSN_OVERRIDE_RSNE);
3835 ie = wpa_bss_get_rsne(wpa_s, bss, ssid, wpa_s->valid_links);
3836 if (ie && ie[0] == WLAN_EID_VENDOR_SPECIFIC && ie[1] >= 4) {
3837 u32 type;
3838
3839 type = WPA_GET_BE32(&ie[2]);
3840 if (type == RSNE_OVERRIDE_IE_VENDOR_TYPE) {
3841 variant = RSN_SELECTION_RSNE_OVERRIDE;
3842 wpa_sm_set_param(wpa_s->wpa,
3843 WPA_PARAM_RSN_OVERRIDE,
3844 RSN_OVERRIDE_RSNE_OVERRIDE);
3845 } else if (type == RSNE_OVERRIDE_2_IE_VENDOR_TYPE) {
3846 variant = RSN_SELECTION_RSNE_OVERRIDE_2;
3847 wpa_sm_set_param(wpa_s->wpa,
3848 WPA_PARAM_RSN_OVERRIDE,
3849 RSN_OVERRIDE_RSNE_OVERRIDE_2);
3850 }
3851 }
3852
3853 /* Indicate which RSNE variant was used */
3854 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
3855 *pos++ = 4 + 1;
3856 WPA_PUT_BE32(pos, RSN_SELECTION_IE_VENDOR_TYPE);
3857 pos += 4;
3858 *pos++ = variant;
3859 wpa_hexdump(MSG_MSGDUMP, "RSN Selection", start, pos - start);
3860 wpa_ie_len += pos - start;
3861 }
3862
3863 params->rsn_overriding = wpas_rsn_overriding(wpa_s, ssid);
3864 params->wpa_ie = wpa_ie;
3865 params->wpa_ie_len = wpa_ie_len;
3866 params->auth_alg = algs;
3867 if (mask)
3868 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3869
3870 return wpa_ie;
3871 }
3872
3873
3874 #ifdef CONFIG_OWE
wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)3875 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3876 {
3877 struct wpa_driver_associate_params params;
3878 u8 *wpa_ie;
3879
3880 os_memset(¶ms, 0, sizeof(params));
3881 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3882 wpa_s->current_ssid, ¶ms, NULL);
3883 if (!wpa_ie)
3884 return;
3885
3886 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
3887 os_free(wpa_ie);
3888 }
3889 #endif /* CONFIG_OWE */
3890
3891
3892 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)3893 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3894 {
3895 struct wpa_driver_associate_params params;
3896 enum wpa_drv_update_connect_params_mask mask = 0;
3897 u8 *wpa_ie;
3898
3899 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3900 return; /* nothing to do */
3901
3902 os_memset(¶ms, 0, sizeof(params));
3903 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3904 wpa_s->current_ssid, ¶ms, &mask);
3905 if (!wpa_ie)
3906 return;
3907
3908 if (params.auth_alg == WPA_AUTH_ALG_FILS) {
3909 wpa_s->auth_alg = params.auth_alg;
3910 wpa_drv_update_connect_params(wpa_s, ¶ms, mask);
3911 }
3912
3913 os_free(wpa_ie);
3914 }
3915 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3916
3917
wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)3918 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3919 {
3920 if (!edmg_ie || edmg_ie[1] < 6)
3921 return 0;
3922 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3923 }
3924
3925
wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)3926 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3927 {
3928 if (!edmg_ie || edmg_ie[1] < 6)
3929 return 0;
3930 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3931 }
3932
3933
3934 /* Returns the intersection of two EDMG configurations.
3935 * Note: The current implementation is limited to CB2 only (CB1 included),
3936 * i.e., the implementation supports up to 2 contiguous channels.
3937 * For supporting non-contiguous (aggregated) channels and for supporting
3938 * CB3 and above, this function will need to be extended.
3939 */
3940 static struct ieee80211_edmg_config
get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)3941 get_edmg_intersection(struct ieee80211_edmg_config a,
3942 struct ieee80211_edmg_config b,
3943 u8 primary_channel)
3944 {
3945 struct ieee80211_edmg_config result;
3946 int i, contiguous = 0;
3947 int max_contiguous = 0;
3948
3949 result.channels = b.channels & a.channels;
3950 if (!result.channels) {
3951 wpa_printf(MSG_DEBUG,
3952 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3953 a.channels, b.channels);
3954 goto fail;
3955 }
3956
3957 if (!(result.channels & BIT(primary_channel - 1))) {
3958 wpa_printf(MSG_DEBUG,
3959 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3960 primary_channel, result.channels);
3961 goto fail;
3962 }
3963
3964 /* Find max contiguous channels */
3965 for (i = 0; i < 6; i++) {
3966 if (result.channels & BIT(i))
3967 contiguous++;
3968 else
3969 contiguous = 0;
3970
3971 if (contiguous > max_contiguous)
3972 max_contiguous = contiguous;
3973 }
3974
3975 /* Assuming AP and STA supports ONLY contiguous channels,
3976 * bw configuration can have value between 4-7.
3977 */
3978 if ((b.bw_config < a.bw_config))
3979 result.bw_config = b.bw_config;
3980 else
3981 result.bw_config = a.bw_config;
3982
3983 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3984 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3985 wpa_printf(MSG_DEBUG,
3986 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3987 max_contiguous);
3988 goto fail;
3989 }
3990
3991 return result;
3992
3993 fail:
3994 result.channels = 0;
3995 result.bw_config = 0;
3996 return result;
3997 }
3998
3999
4000 static struct ieee80211_edmg_config
get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)4001 get_supported_edmg(struct wpa_supplicant *wpa_s,
4002 struct hostapd_freq_params *freq,
4003 struct ieee80211_edmg_config request_edmg)
4004 {
4005 enum hostapd_hw_mode hw_mode;
4006 struct hostapd_hw_modes *mode = NULL;
4007 u8 primary_channel;
4008
4009 if (!wpa_s->hw.modes)
4010 goto fail;
4011
4012 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
4013 if (hw_mode == NUM_HOSTAPD_MODES)
4014 goto fail;
4015
4016 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
4017 if (!mode)
4018 goto fail;
4019
4020 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
4021
4022 fail:
4023 request_edmg.channels = 0;
4024 request_edmg.bw_config = 0;
4025 return request_edmg;
4026 }
4027
4028
4029 #ifdef CONFIG_MBO
wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)4030 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
4031 {
4032 struct wpa_driver_associate_params params;
4033 u8 *wpa_ie;
4034
4035 /*
4036 * Update MBO connect params only in case of change of MBO attributes
4037 * when connected, if the AP support MBO.
4038 */
4039
4040 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
4041 !wpa_s->current_bss ||
4042 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
4043 return;
4044
4045 os_memset(¶ms, 0, sizeof(params));
4046 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4047 wpa_s->current_ssid, ¶ms, NULL);
4048 if (!wpa_ie)
4049 return;
4050
4051 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
4052 os_free(wpa_ie);
4053 }
4054 #endif /* CONFIG_MBO */
4055
4056
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)4057 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
4058 {
4059 struct wpa_connect_work *cwork = work->ctx;
4060 struct wpa_bss *bss = cwork->bss;
4061 struct wpa_ssid *ssid = cwork->ssid;
4062 struct wpa_supplicant *wpa_s = work->wpa_s;
4063 u8 *wpa_ie;
4064 const u8 *edmg_ie_oper;
4065 int use_crypt, ret, bssid_changed;
4066 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
4067 struct wpa_driver_associate_params params;
4068 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
4069 int wep_keys_set = 0;
4070 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */
4071 int assoc_failed = 0;
4072 struct wpa_ssid *old_ssid;
4073 u8 prev_bssid[ETH_ALEN];
4074 #ifdef CONFIG_HT_OVERRIDES
4075 struct ieee80211_ht_capabilities htcaps;
4076 struct ieee80211_ht_capabilities htcaps_mask;
4077 #endif /* CONFIG_HT_OVERRIDES */
4078 #ifdef CONFIG_VHT_OVERRIDES
4079 struct ieee80211_vht_capabilities vhtcaps;
4080 struct ieee80211_vht_capabilities vhtcaps_mask;
4081 #endif /* CONFIG_VHT_OVERRIDES */
4082
4083 wpa_s->roam_in_progress = false;
4084 #ifdef CONFIG_WNM
4085 wpa_s->bss_trans_mgmt_in_progress = false;
4086 #endif /* CONFIG_WNM */
4087
4088 if (deinit) {
4089 if (work->started) {
4090 wpa_s->connect_work = NULL;
4091
4092 /* cancel possible auth. timeout */
4093 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
4094 NULL);
4095 }
4096 wpas_connect_work_free(cwork);
4097 return;
4098 }
4099
4100 wpa_s->connect_work = work;
4101
4102 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
4103 wpas_network_disabled(wpa_s, ssid)) {
4104 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
4105 wpas_connect_work_done(wpa_s);
4106 return;
4107 }
4108
4109 os_memcpy(prev_bssid, wpa_s->bssid, ETH_ALEN);
4110 os_memset(¶ms, 0, sizeof(params));
4111 wpa_s->reassociate = 0;
4112 wpa_s->eap_expected_failure = 0;
4113
4114 /* Starting new association, so clear the possibly used WPA IE from the
4115 * previous association. */
4116 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
4117 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
4118 wpa_s->rsnxe_len = 0;
4119 #ifdef CONFIG_ROBUST_AV
4120 wpa_s->mscs_setup_done = false;
4121 #endif /* CONFIG_ROBUST_AV */
4122
4123 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL);
4124 if (!wpa_ie) {
4125 wpas_connect_work_done(wpa_s);
4126 return;
4127 }
4128
4129 if (bss &&
4130 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
4131 #ifdef CONFIG_IEEE80211R
4132 const u8 *ie, *md = NULL;
4133 #endif /* CONFIG_IEEE80211R */
4134 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
4135 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
4136 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
4137 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
4138 os_memset(wpa_s->bssid, 0, ETH_ALEN);
4139 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4140 if (bssid_changed)
4141 wpas_notify_bssid_changed(wpa_s);
4142 #ifdef CONFIG_IEEE80211R
4143 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
4144 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
4145 md = ie + 2;
4146 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
4147 if (md) {
4148 /* Prepare for the next transition */
4149 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
4150 }
4151 #endif /* CONFIG_IEEE80211R */
4152 #ifdef CONFIG_WPS
4153 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
4154 wpa_s->conf->ap_scan == 2 &&
4155 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
4156 /* Use ap_scan==1 style network selection to find the network
4157 */
4158 wpas_connect_work_done(wpa_s);
4159 wpa_s->scan_req = MANUAL_SCAN_REQ;
4160 wpa_s->reassociate = 1;
4161 wpa_supplicant_req_scan(wpa_s, 0, 0);
4162 os_free(wpa_ie);
4163 return;
4164 #endif /* CONFIG_WPS */
4165 } else {
4166 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
4167 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4168 if (bss)
4169 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4170 else
4171 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4172 }
4173 if (!wpa_s->pno)
4174 wpa_supplicant_cancel_sched_scan(wpa_s);
4175
4176 wpa_supplicant_cancel_scan(wpa_s);
4177
4178 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
4179 use_crypt = 1;
4180 cipher_pairwise = wpa_s->pairwise_cipher;
4181 cipher_group = wpa_s->group_cipher;
4182 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
4183 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
4184 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4185 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
4186 use_crypt = 0;
4187 #ifdef CONFIG_WEP
4188 if (wpa_set_wep_keys(wpa_s, ssid)) {
4189 use_crypt = 1;
4190 wep_keys_set = 1;
4191 }
4192 #endif /* CONFIG_WEP */
4193 }
4194 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
4195 use_crypt = 0;
4196
4197 #ifdef IEEE8021X_EAPOL
4198 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4199 if ((ssid->eapol_flags &
4200 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
4201 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
4202 !wep_keys_set) {
4203 use_crypt = 0;
4204 } else {
4205 /* Assume that dynamic WEP-104 keys will be used and
4206 * set cipher suites in order for drivers to expect
4207 * encryption. */
4208 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
4209 }
4210 }
4211 #endif /* IEEE8021X_EAPOL */
4212
4213 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4214 /* Set the key before (and later after) association */
4215 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4216 }
4217
4218 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
4219 if (bss) {
4220 params.ssid = bss->ssid;
4221 params.ssid_len = bss->ssid_len;
4222 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
4223 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4224 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
4225 MACSTR " freq=%u MHz based on scan results "
4226 "(bssid_set=%d wps=%d)",
4227 MAC2STR(bss->bssid), bss->freq,
4228 ssid->bssid_set,
4229 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
4230 params.bssid = bss->bssid;
4231 params.freq.freq = bss->freq;
4232 }
4233 params.bssid_hint = bss->bssid;
4234 params.freq_hint = bss->freq;
4235 params.pbss = bss_is_pbss(bss);
4236 } else {
4237 if (ssid->bssid_hint_set)
4238 params.bssid_hint = ssid->bssid_hint;
4239
4240 params.ssid = ssid->ssid;
4241 params.ssid_len = ssid->ssid_len;
4242 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
4243 }
4244
4245 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
4246 wpa_s->conf->ap_scan == 2) {
4247 params.bssid = ssid->bssid;
4248 params.fixed_bssid = 1;
4249 }
4250
4251 /* Initial frequency for IBSS/mesh */
4252 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
4253 ssid->frequency > 0 && params.freq.freq == 0)
4254 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
4255
4256 if (ssid->mode == WPAS_MODE_IBSS) {
4257 params.fixed_freq = ssid->fixed_freq;
4258 if (ssid->beacon_int)
4259 params.beacon_int = ssid->beacon_int;
4260 else
4261 params.beacon_int = wpa_s->conf->beacon_int;
4262 }
4263
4264 if (bss && ssid->enable_edmg)
4265 edmg_ie_oper = wpa_bss_get_ie_ext(bss,
4266 WLAN_EID_EXT_EDMG_OPERATION);
4267 else
4268 edmg_ie_oper = NULL;
4269
4270 if (edmg_ie_oper) {
4271 params.freq.edmg.channels =
4272 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
4273 params.freq.edmg.bw_config =
4274 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
4275 wpa_printf(MSG_DEBUG,
4276 "AP supports EDMG channels 0x%x, bw_config %d",
4277 params.freq.edmg.channels,
4278 params.freq.edmg.bw_config);
4279
4280 /* User may ask for specific EDMG channel for EDMG connection
4281 * (must be supported by AP)
4282 */
4283 if (ssid->edmg_channel) {
4284 struct ieee80211_edmg_config configured_edmg;
4285 enum hostapd_hw_mode hw_mode;
4286 u8 primary_channel;
4287
4288 hw_mode = ieee80211_freq_to_chan(bss->freq,
4289 &primary_channel);
4290 if (hw_mode == NUM_HOSTAPD_MODES)
4291 goto edmg_fail;
4292
4293 hostapd_encode_edmg_chan(ssid->enable_edmg,
4294 ssid->edmg_channel,
4295 primary_channel,
4296 &configured_edmg);
4297
4298 if (ieee802_edmg_is_allowed(params.freq.edmg,
4299 configured_edmg)) {
4300 params.freq.edmg = configured_edmg;
4301 wpa_printf(MSG_DEBUG,
4302 "Use EDMG channel %d for connection",
4303 ssid->edmg_channel);
4304 } else {
4305 edmg_fail:
4306 params.freq.edmg.channels = 0;
4307 params.freq.edmg.bw_config = 0;
4308 wpa_printf(MSG_WARNING,
4309 "EDMG channel %d not supported by AP, fallback to DMG",
4310 ssid->edmg_channel);
4311 }
4312 }
4313
4314 if (params.freq.edmg.channels) {
4315 wpa_printf(MSG_DEBUG,
4316 "EDMG before: channels 0x%x, bw_config %d",
4317 params.freq.edmg.channels,
4318 params.freq.edmg.bw_config);
4319 params.freq.edmg = get_supported_edmg(wpa_s,
4320 ¶ms.freq,
4321 params.freq.edmg);
4322 wpa_printf(MSG_DEBUG,
4323 "EDMG after: channels 0x%x, bw_config %d",
4324 params.freq.edmg.channels,
4325 params.freq.edmg.bw_config);
4326 }
4327 }
4328
4329 params.pairwise_suite = cipher_pairwise;
4330 params.group_suite = cipher_group;
4331 params.mgmt_group_suite = cipher_group_mgmt;
4332 params.key_mgmt_suite = wpa_s->key_mgmt;
4333 params.wpa_proto = wpa_s->wpa_proto;
4334 wpa_s->auth_alg = params.auth_alg;
4335 params.mode = ssid->mode;
4336 params.bg_scan_period = ssid->bg_scan_period;
4337 #ifdef CONFIG_WEP
4338 {
4339 int i;
4340
4341 for (i = 0; i < NUM_WEP_KEYS; i++) {
4342 if (ssid->wep_key_len[i])
4343 params.wep_key[i] = ssid->wep_key[i];
4344 params.wep_key_len[i] = ssid->wep_key_len[i];
4345 }
4346 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
4347 }
4348 #endif /* CONFIG_WEP */
4349
4350 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4351 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4352 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK)) {
4353 params.passphrase = ssid->passphrase;
4354 if (ssid->psk_set)
4355 params.psk = ssid->psk;
4356 }
4357
4358 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
4359 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4360 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4361 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4362 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192))
4363 params.req_handshake_offload = 1;
4364
4365 if (wpa_s->conf->key_mgmt_offload) {
4366 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4367 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4368 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4369 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192)
4370 params.req_key_mgmt_offload =
4371 ssid->proactive_key_caching < 0 ?
4372 wpa_s->conf->okc : ssid->proactive_key_caching;
4373 else
4374 params.req_key_mgmt_offload = 1;
4375
4376 if ((params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4377 params.key_mgmt_suite == WPA_KEY_MGMT_PSK_SHA256 ||
4378 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK) &&
4379 ssid->psk_set)
4380 params.psk = ssid->psk;
4381 }
4382
4383 params.drop_unencrypted = use_crypt;
4384
4385 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
4386 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
4387 const u8 *rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false);
4388 struct wpa_ie_data ie;
4389 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
4390 ie.capabilities &
4391 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
4392 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
4393 "MFP: require MFP");
4394 params.mgmt_frame_protection =
4395 MGMT_FRAME_PROTECTION_REQUIRED;
4396 #ifdef CONFIG_OWE
4397 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
4398 !ssid->owe_only) {
4399 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
4400 #endif /* CONFIG_OWE */
4401 }
4402 }
4403
4404 params.p2p = ssid->p2p_group;
4405
4406 if (wpa_s->p2pdev->set_sta_uapsd)
4407 params.uapsd = wpa_s->p2pdev->sta_uapsd;
4408 else
4409 params.uapsd = -1;
4410
4411 #ifdef CONFIG_HT_OVERRIDES
4412 os_memset(&htcaps, 0, sizeof(htcaps));
4413 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
4414 params.htcaps = (u8 *) &htcaps;
4415 params.htcaps_mask = (u8 *) &htcaps_mask;
4416 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
4417 #endif /* CONFIG_HT_OVERRIDES */
4418 #ifdef CONFIG_VHT_OVERRIDES
4419 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
4420 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
4421 params.vhtcaps = &vhtcaps;
4422 params.vhtcaps_mask = &vhtcaps_mask;
4423 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
4424 #endif /* CONFIG_VHT_OVERRIDES */
4425 #ifdef CONFIG_HE_OVERRIDES
4426 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms);
4427 #endif /* CONFIG_HE_OVERRIDES */
4428
4429 #ifdef CONFIG_P2P
4430 /*
4431 * If multi-channel concurrency is not supported, check for any
4432 * frequency conflict. In case of any frequency conflict, remove the
4433 * least prioritized connection.
4434 */
4435 if (wpa_s->num_multichan_concurrent < 2) {
4436 int freq, num;
4437 num = get_shared_radio_freqs(wpa_s, &freq, 1, false);
4438 if (num > 0 && freq > 0 && freq != params.freq.freq) {
4439 wpa_printf(MSG_DEBUG,
4440 "Assoc conflicting freq found (%d != %d)",
4441 freq, params.freq.freq);
4442 if (wpas_p2p_handle_frequency_conflicts(
4443 wpa_s, params.freq.freq, ssid) < 0) {
4444 wpas_connect_work_done(wpa_s);
4445 os_free(wpa_ie);
4446 return;
4447 }
4448 }
4449 }
4450 #endif /* CONFIG_P2P */
4451
4452 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
4453 wpa_s->current_ssid)
4454 params.prev_bssid = prev_bssid;
4455
4456 #ifdef CONFIG_SAE
4457 params.sae_pwe = wpa_s->conf->sae_pwe;
4458 #endif /* CONFIG_SAE */
4459
4460 params.bss_max_idle_period = CONFIG_BSS_MAX_IDLE_TIME;
4461 ret = wpa_drv_associate(wpa_s, ¶ms);
4462 os_free(wpa_ie);
4463 if (ret < 0) {
4464 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
4465 "failed");
4466 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) {
4467 /*
4468 * The driver is known to mean what is saying, so we
4469 * can stop right here; the association will not
4470 * succeed.
4471 */
4472 wpas_connection_failed(wpa_s, wpa_s->pending_bssid,
4473 NULL);
4474 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4475 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4476 return;
4477 }
4478 /* try to continue anyway; new association will be tried again
4479 * after timeout */
4480 assoc_failed = 1;
4481 }
4482
4483 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4484 /* Set the key after the association just in case association
4485 * cleared the previously configured key. */
4486 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4487 /* No need to timeout authentication since there is no key
4488 * management. */
4489 wpa_supplicant_cancel_auth_timeout(wpa_s);
4490 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
4491 #ifdef CONFIG_IBSS_RSN
4492 } else if (ssid->mode == WPAS_MODE_IBSS &&
4493 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
4494 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
4495 /*
4496 * RSN IBSS authentication is per-STA and we can disable the
4497 * per-BSSID authentication.
4498 */
4499 wpa_supplicant_cancel_auth_timeout(wpa_s);
4500 #endif /* CONFIG_IBSS_RSN */
4501 } else {
4502 /* Timeout for IEEE 802.11 authentication and association */
4503 int timeout = 60;
4504
4505 if (assoc_failed) {
4506 /* give IBSS a bit more time */
4507 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
4508 } else if (wpa_s->conf->ap_scan == 1) {
4509 /* give IBSS a bit more time */
4510 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
4511 }
4512 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4513 }
4514
4515 #ifdef CONFIG_WEP
4516 if (wep_keys_set &&
4517 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
4518 /* Set static WEP keys again */
4519 wpa_set_wep_keys(wpa_s, ssid);
4520 }
4521 #endif /* CONFIG_WEP */
4522
4523 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
4524 /*
4525 * Do not allow EAP session resumption between different
4526 * network configurations.
4527 */
4528 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4529 }
4530 old_ssid = wpa_s->current_ssid;
4531 wpa_s->current_ssid = ssid;
4532
4533 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4534 wpa_s->current_bss = bss;
4535 #ifdef CONFIG_HS20
4536 hs20_configure_frame_filters(wpa_s);
4537 #endif /* CONFIG_HS20 */
4538 }
4539
4540 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
4541 if (bss)
4542 wpa_sm_set_ssid(wpa_s->wpa, bss->ssid, bss->ssid_len);
4543 wpa_supplicant_initiate_eapol(wpa_s);
4544 if (old_ssid != wpa_s->current_ssid)
4545 wpas_notify_network_changed(wpa_s);
4546 }
4547
4548
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)4549 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
4550 const u8 *addr)
4551 {
4552 struct wpa_ssid *old_ssid;
4553
4554 wpas_connect_work_done(wpa_s);
4555 wpa_clear_keys(wpa_s, addr);
4556 old_ssid = wpa_s->current_ssid;
4557 wpa_supplicant_mark_disassoc(wpa_s);
4558 wpa_sm_set_config(wpa_s->wpa, NULL);
4559 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4560 if (old_ssid != wpa_s->current_ssid)
4561 wpas_notify_network_changed(wpa_s);
4562
4563 #ifdef CONFIG_ROBUST_AV
4564 wpas_scs_deinit(wpa_s);
4565 wpas_dscp_deinit(wpa_s);
4566 #endif /* CONFIG_ROBUST_AV */
4567 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4568 }
4569
4570
4571 /**
4572 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
4573 * @wpa_s: Pointer to wpa_supplicant data
4574 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
4575 *
4576 * This function is used to request %wpa_supplicant to deauthenticate from the
4577 * current AP.
4578 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,u16 reason_code)4579 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4580 u16 reason_code)
4581 {
4582 u8 *addr = NULL;
4583 union wpa_event_data event;
4584 int zero_addr = 0;
4585
4586 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
4587 " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
4588 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
4589 reason_code, reason2str(reason_code),
4590 wpa_supplicant_state_txt(wpa_s->wpa_state));
4591
4592 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
4593 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
4594 wpa_s->wpa_state == WPA_ASSOCIATING))
4595 addr = wpa_s->pending_bssid;
4596 else if (!is_zero_ether_addr(wpa_s->bssid))
4597 addr = wpa_s->bssid;
4598 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
4599 /*
4600 * When using driver-based BSS selection, we may not know the
4601 * BSSID with which we are currently trying to associate. We
4602 * need to notify the driver of this disconnection even in such
4603 * a case, so use the all zeros address here.
4604 */
4605 addr = wpa_s->bssid;
4606 zero_addr = 1;
4607 }
4608
4609 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
4610 wpa_s->enabled_4addr_mode = 0;
4611
4612 #ifdef CONFIG_TDLS
4613 wpa_tdls_teardown_peers(wpa_s->wpa);
4614 #endif /* CONFIG_TDLS */
4615
4616 #ifdef CONFIG_MESH
4617 if (wpa_s->ifmsh) {
4618 struct mesh_conf *mconf;
4619
4620 mconf = wpa_s->ifmsh->mconf;
4621 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
4622 wpa_s->ifname);
4623 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
4624 mconf->meshid_len, reason_code);
4625 wpa_supplicant_leave_mesh(wpa_s, true);
4626 }
4627 #endif /* CONFIG_MESH */
4628
4629 if (addr) {
4630 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
4631 os_memset(&event, 0, sizeof(event));
4632 event.deauth_info.reason_code = reason_code;
4633 event.deauth_info.locally_generated = 1;
4634 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
4635 if (zero_addr)
4636 addr = NULL;
4637 }
4638
4639 wpa_supplicant_clear_connection(wpa_s, addr);
4640 }
4641
4642
wpa_supplicant_reconnect(struct wpa_supplicant * wpa_s)4643 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
4644 {
4645 wpa_s->own_reconnect_req = 1;
4646 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
4647
4648 }
4649
4650
wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4651 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
4652 struct wpa_ssid *ssid)
4653 {
4654 if (!ssid || !ssid->disabled || ssid->disabled == 2)
4655 return;
4656
4657 ssid->disabled = 0;
4658 ssid->owe_transition_bss_select_count = 0;
4659 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4660 wpas_notify_network_enabled_changed(wpa_s, ssid);
4661
4662 /*
4663 * Try to reassociate since there is no current configuration and a new
4664 * network was made available.
4665 */
4666 if (!wpa_s->current_ssid && !wpa_s->disconnected)
4667 wpa_s->reassociate = 1;
4668 }
4669
4670
4671 /**
4672 * wpa_supplicant_add_network - Add a new network
4673 * @wpa_s: wpa_supplicant structure for a network interface
4674 * Returns: The new network configuration or %NULL if operation failed
4675 *
4676 * This function performs the following operations:
4677 * 1. Adds a new network.
4678 * 2. Send network addition notification.
4679 * 3. Marks the network disabled.
4680 * 4. Set network default parameters.
4681 */
wpa_supplicant_add_network(struct wpa_supplicant * wpa_s)4682 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
4683 {
4684 struct wpa_ssid *ssid;
4685
4686 ssid = wpa_config_add_network(wpa_s->conf);
4687 if (!ssid)
4688 return NULL;
4689 wpas_notify_network_added(wpa_s, ssid);
4690 ssid->disabled = 1;
4691 wpa_config_set_network_defaults(ssid);
4692
4693 return ssid;
4694 }
4695
4696
4697 /**
4698 * wpa_supplicant_remove_network - Remove a configured network based on id
4699 * @wpa_s: wpa_supplicant structure for a network interface
4700 * @id: Unique network id to search for
4701 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
4702 * could not be removed
4703 *
4704 * This function performs the following operations:
4705 * 1. Removes the network.
4706 * 2. Send network removal notification.
4707 * 3. Update internal state machines.
4708 * 4. Stop any running sched scans.
4709 */
wpa_supplicant_remove_network(struct wpa_supplicant * wpa_s,int id)4710 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
4711 {
4712 struct wpa_ssid *ssid, *prev = wpa_s->current_ssid;
4713 int was_disabled;
4714
4715 ssid = wpa_config_get_network(wpa_s->conf, id);
4716 if (!ssid)
4717 return -1;
4718 wpas_notify_network_removed(wpa_s, ssid);
4719
4720 if (ssid == prev || !prev) {
4721 #ifdef CONFIG_SME
4722 wpa_s->sme.prev_bssid_set = 0;
4723 #endif /* CONFIG_SME */
4724 /*
4725 * Invalidate the EAP session cache if the current or
4726 * previously used network is removed.
4727 */
4728 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4729 }
4730
4731 if (ssid == prev) {
4732 wpa_sm_set_config(wpa_s->wpa, NULL);
4733 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4734
4735 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4736 wpa_s->own_disconnect_req = 1;
4737 wpa_supplicant_deauthenticate(wpa_s,
4738 WLAN_REASON_DEAUTH_LEAVING);
4739 }
4740
4741 was_disabled = ssid->disabled;
4742
4743 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
4744 return -2;
4745
4746 if (!was_disabled && wpa_s->sched_scanning) {
4747 wpa_printf(MSG_DEBUG,
4748 "Stop ongoing sched_scan to remove network from filters");
4749 wpa_supplicant_cancel_sched_scan(wpa_s);
4750 wpa_supplicant_req_scan(wpa_s, 0, 0);
4751 }
4752
4753 return 0;
4754 }
4755
4756
4757 /**
4758 * wpa_supplicant_remove_all_networks - Remove all configured networks
4759 * @wpa_s: wpa_supplicant structure for a network interface
4760 * Returns: 0 on success (errors are currently ignored)
4761 *
4762 * This function performs the following operations:
4763 * 1. Remove all networks.
4764 * 2. Send network removal notifications.
4765 * 3. Update internal state machines.
4766 * 4. Stop any running sched scans.
4767 */
wpa_supplicant_remove_all_networks(struct wpa_supplicant * wpa_s)4768 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
4769 {
4770 struct wpa_ssid *ssid;
4771
4772 if (wpa_s->sched_scanning)
4773 wpa_supplicant_cancel_sched_scan(wpa_s);
4774
4775 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4776 if (wpa_s->current_ssid) {
4777 #ifdef CONFIG_SME
4778 wpa_s->sme.prev_bssid_set = 0;
4779 #endif /* CONFIG_SME */
4780 wpa_sm_set_config(wpa_s->wpa, NULL);
4781 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4782 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4783 wpa_s->own_disconnect_req = 1;
4784 wpa_supplicant_deauthenticate(
4785 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4786 }
4787 ssid = wpa_s->conf->ssid;
4788 while (ssid) {
4789 struct wpa_ssid *remove_ssid = ssid;
4790 int id;
4791
4792 id = ssid->id;
4793 ssid = ssid->next;
4794 wpas_notify_network_removed(wpa_s, remove_ssid);
4795 wpa_config_remove_network(wpa_s->conf, id);
4796 }
4797 return 0;
4798 }
4799
4800
4801 /**
4802 * wpa_supplicant_enable_network - Mark a configured network as enabled
4803 * @wpa_s: wpa_supplicant structure for a network interface
4804 * @ssid: wpa_ssid structure for a configured network or %NULL
4805 *
4806 * Enables the specified network or all networks if no network specified.
4807 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4808 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
4809 struct wpa_ssid *ssid)
4810 {
4811 if (ssid == NULL) {
4812 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4813 wpa_supplicant_enable_one_network(wpa_s, ssid);
4814 } else
4815 wpa_supplicant_enable_one_network(wpa_s, ssid);
4816
4817 if (wpa_s->reassociate && !wpa_s->disconnected &&
4818 (!wpa_s->current_ssid ||
4819 wpa_s->wpa_state == WPA_DISCONNECTED ||
4820 wpa_s->wpa_state == WPA_SCANNING)) {
4821 if (wpa_s->sched_scanning) {
4822 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
4823 "new network to scan filters");
4824 wpa_supplicant_cancel_sched_scan(wpa_s);
4825 }
4826
4827 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
4828 wpa_s->scan_req = NORMAL_SCAN_REQ;
4829 wpa_supplicant_req_scan(wpa_s, 0, 0);
4830 }
4831 }
4832 }
4833
4834
4835 /**
4836 * wpa_supplicant_disable_network - Mark a configured network as disabled
4837 * @wpa_s: wpa_supplicant structure for a network interface
4838 * @ssid: wpa_ssid structure for a configured network or %NULL
4839 *
4840 * Disables the specified network or all networks if no network specified.
4841 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4842 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
4843 struct wpa_ssid *ssid)
4844 {
4845 struct wpa_ssid *other_ssid;
4846 int was_disabled;
4847
4848 if (ssid == NULL) {
4849 if (wpa_s->sched_scanning)
4850 wpa_supplicant_cancel_sched_scan(wpa_s);
4851
4852 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4853 other_ssid = other_ssid->next) {
4854 was_disabled = other_ssid->disabled;
4855 if (was_disabled == 2)
4856 continue; /* do not change persistent P2P group
4857 * data */
4858
4859 other_ssid->disabled = 1;
4860
4861 if (was_disabled != other_ssid->disabled)
4862 wpas_notify_network_enabled_changed(
4863 wpa_s, other_ssid);
4864 }
4865 if (wpa_s->current_ssid) {
4866 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4867 wpa_s->own_disconnect_req = 1;
4868 wpa_supplicant_deauthenticate(
4869 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4870 }
4871 } else if (ssid->disabled != 2) {
4872 if (ssid == wpa_s->current_ssid) {
4873 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4874 wpa_s->own_disconnect_req = 1;
4875 wpa_supplicant_deauthenticate(
4876 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4877 }
4878
4879 was_disabled = ssid->disabled;
4880
4881 ssid->disabled = 1;
4882
4883 if (was_disabled != ssid->disabled) {
4884 wpas_notify_network_enabled_changed(wpa_s, ssid);
4885 if (wpa_s->sched_scanning) {
4886 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
4887 "to remove network from filters");
4888 wpa_supplicant_cancel_sched_scan(wpa_s);
4889 wpa_supplicant_req_scan(wpa_s, 0, 0);
4890 }
4891 }
4892 }
4893 }
4894
4895
4896 /**
4897 * wpa_supplicant_select_network - Attempt association with a network
4898 * @wpa_s: wpa_supplicant structure for a network interface
4899 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
4900 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)4901 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
4902 struct wpa_ssid *ssid)
4903 {
4904
4905 struct wpa_ssid *other_ssid;
4906 int disconnected = 0;
4907
4908 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
4909 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4910 wpa_s->own_disconnect_req = 1;
4911 wpa_supplicant_deauthenticate(
4912 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4913 disconnected = 1;
4914 }
4915
4916 if (ssid)
4917 wpas_clear_temp_disabled(wpa_s, ssid, 1);
4918
4919 /*
4920 * Mark all other networks disabled or mark all networks enabled if no
4921 * network specified.
4922 */
4923 for (other_ssid = wpa_s->conf->ssid; other_ssid;
4924 other_ssid = other_ssid->next) {
4925 int was_disabled = other_ssid->disabled;
4926 if (was_disabled == 2)
4927 continue; /* do not change persistent P2P group data */
4928
4929 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
4930 if (was_disabled && !other_ssid->disabled)
4931 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
4932
4933 if (was_disabled != other_ssid->disabled)
4934 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
4935 }
4936
4937 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
4938 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
4939 /* We are already associated with the selected network */
4940 wpa_printf(MSG_DEBUG, "Already associated with the "
4941 "selected network - do nothing");
4942 return;
4943 }
4944
4945 if (ssid) {
4946 wpa_s->current_ssid = ssid;
4947 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4948 wpa_s->connect_without_scan =
4949 (ssid->mode == WPAS_MODE_MESH) ? ssid : NULL;
4950
4951 /*
4952 * Don't optimize next scan freqs since a new ESS has been
4953 * selected.
4954 */
4955 os_free(wpa_s->next_scan_freqs);
4956 wpa_s->next_scan_freqs = NULL;
4957 } else {
4958 wpa_s->connect_without_scan = NULL;
4959 }
4960
4961 wpa_s->disconnected = 0;
4962 wpa_s->reassociate = 1;
4963 wpa_s_clear_sae_rejected(wpa_s);
4964 wpa_s->last_owe_group = 0;
4965 if (ssid) {
4966 ssid->owe_transition_bss_select_count = 0;
4967 wpa_s_setup_sae_pt(wpa_s->conf, ssid, false);
4968 }
4969
4970 if (wpa_s->connect_without_scan ||
4971 wpa_supplicant_fast_associate(wpa_s) != 1) {
4972 wpa_s->scan_req = NORMAL_SCAN_REQ;
4973 wpas_scan_reset_sched_scan(wpa_s);
4974 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
4975 }
4976
4977 if (ssid)
4978 wpas_notify_network_selected(wpa_s, ssid);
4979 }
4980
4981
4982 /**
4983 * wpas_remove_cred - Remove the specified credential and all the network
4984 * entries created based on the removed credential
4985 * @wpa_s: wpa_supplicant structure for a network interface
4986 * @cred: The credential to remove
4987 * Returns: 0 on success, -1 on failure
4988 */
wpas_remove_cred(struct wpa_supplicant * wpa_s,struct wpa_cred * cred)4989 int wpas_remove_cred(struct wpa_supplicant *wpa_s, struct wpa_cred *cred)
4990 {
4991 struct wpa_ssid *ssid, *next;
4992 int id;
4993
4994 if (!cred) {
4995 wpa_printf(MSG_DEBUG, "Could not find cred");
4996 return -1;
4997 }
4998
4999 id = cred->id;
5000 if (wpa_config_remove_cred(wpa_s->conf, id) < 0) {
5001 wpa_printf(MSG_DEBUG, "Could not find cred %d", id);
5002 return -1;
5003 }
5004
5005 wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id);
5006
5007 /* Remove any network entry created based on the removed credential */
5008 ssid = wpa_s->conf->ssid;
5009 while (ssid) {
5010 next = ssid->next;
5011
5012 if (ssid->parent_cred == cred) {
5013 wpa_printf(MSG_DEBUG,
5014 "Remove network id %d since it used the removed credential",
5015 ssid->id);
5016 if (wpa_supplicant_remove_network(wpa_s, ssid->id) ==
5017 -1) {
5018 wpa_printf(MSG_DEBUG,
5019 "Could not find network id=%d",
5020 ssid->id);
5021 }
5022 }
5023
5024 ssid = next;
5025 }
5026
5027 return 0;
5028 }
5029
5030
5031 /**
5032 * wpas_remove_cred - Remove all the Interworking credentials
5033 * @wpa_s: wpa_supplicant structure for a network interface
5034 * Returns: 0 on success, -1 on failure
5035 */
wpas_remove_all_creds(struct wpa_supplicant * wpa_s)5036 int wpas_remove_all_creds(struct wpa_supplicant *wpa_s)
5037 {
5038 int res, ret = 0;
5039 struct wpa_cred *cred, *prev;
5040
5041 cred = wpa_s->conf->cred;
5042 while (cred) {
5043 prev = cred;
5044 cred = cred->next;
5045 res = wpas_remove_cred(wpa_s, prev);
5046 if (res < 0) {
5047 wpa_printf(MSG_DEBUG,
5048 "Removal of all credentials failed - failed to remove credential id=%d",
5049 prev->id);
5050 ret = -1;
5051 }
5052 }
5053
5054 return ret;
5055 }
5056
5057
5058 /**
5059 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
5060 * @wpa_s: wpa_supplicant structure for a network interface
5061 * @pkcs11_engine_path: PKCS #11 engine path or NULL
5062 * @pkcs11_module_path: PKCS #11 module path or NULL
5063 * Returns: 0 on success; -1 on failure
5064 *
5065 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
5066 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
5067 * module path fails the paths will be reset to the default value (NULL).
5068 */
wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)5069 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
5070 const char *pkcs11_engine_path,
5071 const char *pkcs11_module_path)
5072 {
5073 char *pkcs11_engine_path_copy = NULL;
5074 char *pkcs11_module_path_copy = NULL;
5075
5076 if (pkcs11_engine_path != NULL) {
5077 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
5078 if (pkcs11_engine_path_copy == NULL)
5079 return -1;
5080 }
5081 if (pkcs11_module_path != NULL) {
5082 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
5083 if (pkcs11_module_path_copy == NULL) {
5084 os_free(pkcs11_engine_path_copy);
5085 return -1;
5086 }
5087 }
5088
5089 os_free(wpa_s->conf->pkcs11_engine_path);
5090 os_free(wpa_s->conf->pkcs11_module_path);
5091 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
5092 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
5093
5094 wpa_sm_set_eapol(wpa_s->wpa, NULL);
5095 eapol_sm_deinit(wpa_s->eapol);
5096 wpa_s->eapol = NULL;
5097 if (wpa_supplicant_init_eapol(wpa_s)) {
5098 /* Error -> Reset paths to the default value (NULL) once. */
5099 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
5100 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
5101 NULL);
5102
5103 return -1;
5104 }
5105 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5106
5107 return 0;
5108 }
5109
5110
5111 /**
5112 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
5113 * @wpa_s: wpa_supplicant structure for a network interface
5114 * @ap_scan: AP scan mode
5115 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
5116 *
5117 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)5118 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
5119 {
5120
5121 int old_ap_scan;
5122
5123 if (ap_scan < 0 || ap_scan > 2)
5124 return -1;
5125
5126 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5127 wpa_printf(MSG_INFO,
5128 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5129 }
5130
5131 #ifdef ANDROID
5132 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
5133 wpa_s->wpa_state >= WPA_ASSOCIATING &&
5134 wpa_s->wpa_state < WPA_COMPLETED) {
5135 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
5136 "associating", wpa_s->conf->ap_scan, ap_scan);
5137 return 0;
5138 }
5139 #endif /* ANDROID */
5140
5141 old_ap_scan = wpa_s->conf->ap_scan;
5142 wpa_s->conf->ap_scan = ap_scan;
5143
5144 if (old_ap_scan != wpa_s->conf->ap_scan)
5145 wpas_notify_ap_scan_changed(wpa_s);
5146
5147 return 0;
5148 }
5149
5150
5151 /**
5152 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
5153 * @wpa_s: wpa_supplicant structure for a network interface
5154 * @expire_age: Expiration age in seconds
5155 * Returns: 0 if succeed or -1 if expire_age has an invalid value
5156 *
5157 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)5158 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
5159 unsigned int bss_expire_age)
5160 {
5161 if (bss_expire_age < 10) {
5162 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
5163 bss_expire_age);
5164 return -1;
5165 }
5166 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
5167 bss_expire_age);
5168 wpa_s->conf->bss_expiration_age = bss_expire_age;
5169
5170 return 0;
5171 }
5172
5173
5174 /**
5175 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
5176 * @wpa_s: wpa_supplicant structure for a network interface
5177 * @expire_count: number of scans after which an unseen BSS is reclaimed
5178 * Returns: 0 if succeed or -1 if expire_count has an invalid value
5179 *
5180 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)5181 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
5182 unsigned int bss_expire_count)
5183 {
5184 if (bss_expire_count < 1) {
5185 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
5186 bss_expire_count);
5187 return -1;
5188 }
5189 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
5190 bss_expire_count);
5191 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
5192
5193 return 0;
5194 }
5195
5196
5197 /**
5198 * wpa_supplicant_set_scan_interval - Set scan interval
5199 * @wpa_s: wpa_supplicant structure for a network interface
5200 * @scan_interval: scan interval in seconds
5201 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
5202 *
5203 */
wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)5204 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
5205 int scan_interval)
5206 {
5207 if (scan_interval < 0) {
5208 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
5209 scan_interval);
5210 return -1;
5211 }
5212 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
5213 scan_interval);
5214 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
5215
5216 return 0;
5217 }
5218
5219
5220 /**
5221 * wpa_supplicant_set_debug_params - Set global debug params
5222 * @global: wpa_global structure
5223 * @debug_level: debug level
5224 * @debug_timestamp: determines if show timestamp in debug data
5225 * @debug_show_keys: determines if show keys in debug data
5226 * Returns: 0 if succeed or -1 if debug_level has wrong value
5227 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)5228 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
5229 int debug_timestamp, int debug_show_keys)
5230 {
5231
5232 int old_level, old_timestamp, old_show_keys;
5233
5234 /* check for allowed debuglevels */
5235 if (debug_level != MSG_EXCESSIVE &&
5236 debug_level != MSG_MSGDUMP &&
5237 debug_level != MSG_DEBUG &&
5238 debug_level != MSG_INFO &&
5239 debug_level != MSG_WARNING &&
5240 debug_level != MSG_ERROR)
5241 return -1;
5242
5243 old_level = wpa_debug_level;
5244 old_timestamp = wpa_debug_timestamp;
5245 old_show_keys = wpa_debug_show_keys;
5246
5247 wpa_debug_level = debug_level;
5248 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
5249 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
5250
5251 if (wpa_debug_level != old_level)
5252 wpas_notify_debug_level_changed(global);
5253 if (wpa_debug_timestamp != old_timestamp)
5254 wpas_notify_debug_timestamp_changed(global);
5255 if (wpa_debug_show_keys != old_show_keys)
5256 wpas_notify_debug_show_keys_changed(global);
5257
5258 return 0;
5259 }
5260
5261
5262 #ifdef CONFIG_OWE
owe_trans_ssid_match(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * entry_ssid,size_t entry_ssid_len)5263 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
5264 const u8 *entry_ssid, size_t entry_ssid_len)
5265 {
5266 const u8 *owe, *pos, *end;
5267 u8 ssid_len;
5268 struct wpa_bss *bss;
5269
5270 /* Check network profile SSID aganst the SSID in the
5271 * OWE Transition Mode element. */
5272
5273 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
5274 if (!bss)
5275 return 0;
5276
5277 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
5278 if (!owe)
5279 return 0;
5280
5281 pos = owe + 6;
5282 end = owe + 2 + owe[1];
5283
5284 if (end - pos < ETH_ALEN + 1)
5285 return 0;
5286 pos += ETH_ALEN;
5287 ssid_len = *pos++;
5288 if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN)
5289 return 0;
5290
5291 return entry_ssid_len == ssid_len &&
5292 os_memcmp(pos, entry_ssid, ssid_len) == 0;
5293 }
5294 #endif /* CONFIG_OWE */
5295
5296
5297 /**
5298 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
5299 * @wpa_s: Pointer to wpa_supplicant data
5300 * Returns: A pointer to the current network structure or %NULL on failure
5301 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)5302 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
5303 {
5304 struct wpa_ssid *entry;
5305 u8 ssid[SSID_MAX_LEN];
5306 int res;
5307 size_t ssid_len;
5308 u8 bssid[ETH_ALEN];
5309 int wired;
5310
5311 res = wpa_drv_get_ssid(wpa_s, ssid);
5312 if (res < 0) {
5313 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
5314 "driver");
5315 return NULL;
5316 }
5317 ssid_len = res;
5318
5319 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
5320 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
5321 "driver");
5322 return NULL;
5323 }
5324
5325 wired = wpa_s->conf->ap_scan == 0 &&
5326 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
5327
5328 entry = wpa_s->conf->ssid;
5329 while (entry) {
5330 if (!wpas_network_disabled(wpa_s, entry) &&
5331 ((ssid_len == entry->ssid_len &&
5332 (!entry->ssid ||
5333 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
5334 wired) &&
5335 (!entry->bssid_set ||
5336 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
5337 return entry;
5338 #ifdef CONFIG_WPS
5339 if (!wpas_network_disabled(wpa_s, entry) &&
5340 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
5341 (entry->ssid == NULL || entry->ssid_len == 0) &&
5342 (!entry->bssid_set ||
5343 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
5344 return entry;
5345 #endif /* CONFIG_WPS */
5346
5347 #ifdef CONFIG_OWE
5348 if (!wpas_network_disabled(wpa_s, entry) &&
5349 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
5350 entry->ssid_len) &&
5351 (!entry->bssid_set ||
5352 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
5353 return entry;
5354 #endif /* CONFIG_OWE */
5355
5356 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
5357 entry->ssid_len == 0 &&
5358 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)
5359 return entry;
5360
5361 entry = entry->next;
5362 }
5363
5364 return NULL;
5365 }
5366
5367
select_driver(struct wpa_supplicant * wpa_s,int i)5368 static int select_driver(struct wpa_supplicant *wpa_s, int i)
5369 {
5370 struct wpa_global *global = wpa_s->global;
5371
5372 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
5373 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
5374 if (global->drv_priv[i] == NULL) {
5375 wpa_printf(MSG_ERROR, "Failed to initialize driver "
5376 "'%s'", wpa_drivers[i]->name);
5377 return -1;
5378 }
5379 }
5380
5381 wpa_s->driver = wpa_drivers[i];
5382 wpa_s->global_drv_priv = global->drv_priv[i];
5383
5384 return 0;
5385 }
5386
5387
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)5388 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
5389 const char *name)
5390 {
5391 int i;
5392 size_t len;
5393 const char *pos, *driver = name;
5394
5395 if (wpa_s == NULL)
5396 return -1;
5397
5398 if (wpa_drivers[0] == NULL) {
5399 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
5400 "wpa_supplicant");
5401 return -1;
5402 }
5403
5404 if (name == NULL) {
5405 /* Default to first successful driver in the list */
5406 for (i = 0; wpa_drivers[i]; i++) {
5407 if (select_driver(wpa_s, i) == 0)
5408 return 0;
5409 }
5410 /* Drivers have each reported failure, so no wpa_msg() here. */
5411 return -1;
5412 }
5413
5414 do {
5415 pos = os_strchr(driver, ',');
5416 if (pos)
5417 len = pos - driver;
5418 else
5419 len = os_strlen(driver);
5420
5421 for (i = 0; wpa_drivers[i]; i++) {
5422 if (os_strlen(wpa_drivers[i]->name) == len &&
5423 os_strncmp(driver, wpa_drivers[i]->name, len) ==
5424 0) {
5425 /* First driver that succeeds wins */
5426 if (select_driver(wpa_s, i) == 0)
5427 return 0;
5428 }
5429 }
5430
5431 driver = pos + 1;
5432 } while (pos);
5433
5434 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
5435 return -1;
5436 }
5437
5438
5439 /**
5440 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
5441 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
5442 * with struct wpa_driver_ops::init()
5443 * @src_addr: Source address of the EAPOL frame
5444 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
5445 * @len: Length of the EAPOL data
5446 * @encrypted: Whether the frame was encrypted
5447 *
5448 * This function is called for each received EAPOL frame. Most driver
5449 * interfaces rely on more generic OS mechanism for receiving frames through
5450 * l2_packet, but if such a mechanism is not available, the driver wrapper may
5451 * take care of received EAPOL frames and deliver them to the core supplicant
5452 * code by calling this function.
5453 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len,enum frame_encryption encrypted)5454 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
5455 const u8 *buf, size_t len,
5456 enum frame_encryption encrypted)
5457 {
5458 struct wpa_supplicant *wpa_s = ctx;
5459
5460 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
5461 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
5462
5463 if (wpa_s->own_disconnect_req) {
5464 wpa_printf(MSG_DEBUG,
5465 "Drop received EAPOL frame as we are disconnecting");
5466 return;
5467 }
5468
5469 #ifdef CONFIG_TESTING_OPTIONS
5470 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu",
5471 MAC2STR(src_addr), len);
5472 if (wpa_s->ignore_auth_resp) {
5473 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
5474 return;
5475 }
5476 #endif /* CONFIG_TESTING_OPTIONS */
5477
5478 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
5479 (wpa_s->last_eapol_matches_bssid &&
5480 #ifdef CONFIG_AP
5481 !wpa_s->ap_iface &&
5482 #endif /* CONFIG_AP */
5483 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) {
5484 /*
5485 * There is possible race condition between receiving the
5486 * association event and the EAPOL frame since they are coming
5487 * through different paths from the driver. In order to avoid
5488 * issues in trying to process the EAPOL frame before receiving
5489 * association information, lets queue it for processing until
5490 * the association event is received. This may also be needed in
5491 * driver-based roaming case, so also use src_addr != BSSID as a
5492 * trigger if we have previously confirmed that the
5493 * Authenticator uses BSSID as the src_addr (which is not the
5494 * case with wired IEEE 802.1X).
5495 */
5496 wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing "
5497 "of received EAPOL frame (state=%s bssid=" MACSTR ")",
5498 wpa_supplicant_state_txt(wpa_s->wpa_state),
5499 MAC2STR(wpa_s->bssid));
5500 wpabuf_free(wpa_s->pending_eapol_rx);
5501 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
5502 if (wpa_s->pending_eapol_rx) {
5503 os_get_reltime(&wpa_s->pending_eapol_rx_time);
5504 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
5505 ETH_ALEN);
5506 }
5507 return;
5508 }
5509
5510 wpa_s->last_eapol_matches_bssid =
5511 os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0;
5512
5513 #ifdef CONFIG_AP
5514 if (wpa_s->ap_iface) {
5515 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len,
5516 encrypted);
5517 return;
5518 }
5519 #endif /* CONFIG_AP */
5520
5521 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
5522 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
5523 "no key management is configured");
5524 return;
5525 }
5526
5527 if (wpa_s->eapol_received == 0 &&
5528 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
5529 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
5530 wpa_s->wpa_state != WPA_COMPLETED) &&
5531 (wpa_s->current_ssid == NULL ||
5532 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
5533 /* Timeout for completing IEEE 802.1X and WPA authentication */
5534 int timeout = 10;
5535
5536 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
5537 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
5538 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
5539 /* Use longer timeout for IEEE 802.1X/EAP */
5540 timeout = 70;
5541 }
5542
5543 #ifdef CONFIG_WPS
5544 if (wpa_s->current_ssid && wpa_s->current_bss &&
5545 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
5546 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
5547 /*
5548 * Use shorter timeout if going through WPS AP iteration
5549 * for PIN config method with an AP that does not
5550 * advertise Selected Registrar.
5551 */
5552 struct wpabuf *wps_ie;
5553
5554 wps_ie = wpa_bss_get_vendor_ie_multi(
5555 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
5556 if (wps_ie &&
5557 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5558 timeout = 10;
5559 wpabuf_free(wps_ie);
5560 }
5561 #endif /* CONFIG_WPS */
5562
5563 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
5564 }
5565 wpa_s->eapol_received++;
5566
5567 if (wpa_s->countermeasures) {
5568 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
5569 "EAPOL packet");
5570 return;
5571 }
5572
5573 #ifdef CONFIG_IBSS_RSN
5574 if (wpa_s->current_ssid &&
5575 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
5576 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
5577 return;
5578 }
5579 #endif /* CONFIG_IBSS_RSN */
5580
5581 /* Source address of the incoming EAPOL frame could be compared to the
5582 * current BSSID. However, it is possible that a centralized
5583 * Authenticator could be using another MAC address than the BSSID of
5584 * an AP, so just allow any address to be used for now. The replies are
5585 * still sent to the current BSSID (if available), though. */
5586
5587 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
5588 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
5589 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
5590 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
5591 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len,
5592 encrypted)> 0)
5593 return;
5594 wpa_drv_poll(wpa_s);
5595 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK))
5596 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len, encrypted);
5597 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
5598 /*
5599 * Set portValid = true here since we are going to skip 4-way
5600 * handshake processing which would normally set portValid. We
5601 * need this to allow the EAPOL state machines to be completed
5602 * without going through EAPOL-Key handshake.
5603 */
5604 eapol_sm_notify_portValid(wpa_s->eapol, true);
5605 }
5606 }
5607
wpa_supplicant_rx_eapol_cb(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)5608 static void wpa_supplicant_rx_eapol_cb(void *ctx, const u8 *src_addr,
5609 const u8 *buf, size_t len)
5610 {
5611 wpa_supplicant_rx_eapol(ctx, src_addr, buf, len,
5612 FRAME_ENCRYPTION_UNKNOWN);
5613 }
5614
wpas_eapol_needs_l2_packet(struct wpa_supplicant * wpa_s)5615 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s)
5616 {
5617 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) ||
5618 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX);
5619 }
5620
5621
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)5622 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
5623 {
5624 if ((!wpa_s->p2p_mgmt ||
5625 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
5626 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
5627 l2_packet_deinit(wpa_s->l2);
5628 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
5629 wpa_drv_get_mac_addr(wpa_s),
5630 ETH_P_EAPOL,
5631 wpas_eapol_needs_l2_packet(wpa_s) ?
5632 wpa_supplicant_rx_eapol_cb : NULL,
5633 wpa_s, 0);
5634 if (wpa_s->l2 == NULL)
5635 return -1;
5636
5637 if (l2_packet_set_packet_filter(wpa_s->l2,
5638 L2_PACKET_FILTER_PKTTYPE))
5639 wpa_dbg(wpa_s, MSG_DEBUG,
5640 "Failed to attach pkt_type filter");
5641
5642 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
5643 wpa_msg(wpa_s, MSG_ERROR,
5644 "Failed to get own L2 address");
5645 return -1;
5646 }
5647 } else {
5648 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
5649 if (addr)
5650 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
5651 }
5652
5653 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5654 wpas_wps_update_mac_addr(wpa_s);
5655
5656 #ifdef CONFIG_FST
5657 if (wpa_s->fst)
5658 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
5659 #endif /* CONFIG_FST */
5660
5661 return 0;
5662 }
5663
5664
wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)5665 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
5666 const u8 *buf, size_t len)
5667 {
5668 struct wpa_supplicant *wpa_s = ctx;
5669 const struct l2_ethhdr *eth;
5670
5671 if (len < sizeof(*eth))
5672 return;
5673 eth = (const struct l2_ethhdr *) buf;
5674
5675 if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 &&
5676 !(eth->h_dest[0] & 0x01)) {
5677 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5678 " (bridge - not for this interface - ignore)",
5679 MAC2STR(src_addr), MAC2STR(eth->h_dest));
5680 return;
5681 }
5682
5683 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
5684 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
5685 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
5686 len - sizeof(*eth), FRAME_ENCRYPTION_UNKNOWN);
5687 }
5688
5689
wpa_supplicant_update_bridge_ifname(struct wpa_supplicant * wpa_s,const char * bridge_ifname)5690 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
5691 const char *bridge_ifname)
5692 {
5693 if (wpa_s->wpa_state > WPA_SCANNING)
5694 return -EBUSY;
5695
5696 if (bridge_ifname &&
5697 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
5698 return -EINVAL;
5699
5700 if (!bridge_ifname)
5701 bridge_ifname = "";
5702
5703 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
5704 return 0;
5705
5706 if (wpa_s->l2_br) {
5707 l2_packet_deinit(wpa_s->l2_br);
5708 wpa_s->l2_br = NULL;
5709 }
5710
5711 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
5712 sizeof(wpa_s->bridge_ifname));
5713
5714 if (wpa_s->bridge_ifname[0]) {
5715 wpa_dbg(wpa_s, MSG_DEBUG,
5716 "Receiving packets from bridge interface '%s'",
5717 wpa_s->bridge_ifname);
5718 wpa_s->l2_br = l2_packet_init_bridge(
5719 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5720 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5721 if (!wpa_s->l2_br) {
5722 wpa_msg(wpa_s, MSG_ERROR,
5723 "Failed to open l2_packet connection for the bridge interface '%s'",
5724 wpa_s->bridge_ifname);
5725 goto fail;
5726 }
5727 }
5728
5729 #ifdef CONFIG_TDLS
5730 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
5731 goto fail;
5732 #endif /* CONFIG_TDLS */
5733
5734 return 0;
5735 fail:
5736 wpa_s->bridge_ifname[0] = 0;
5737 if (wpa_s->l2_br) {
5738 l2_packet_deinit(wpa_s->l2_br);
5739 wpa_s->l2_br = NULL;
5740 }
5741 #ifdef CONFIG_TDLS
5742 if (!wpa_s->p2p_mgmt)
5743 wpa_tdls_init(wpa_s->wpa);
5744 #endif /* CONFIG_TDLS */
5745 return -EIO;
5746 }
5747
5748
5749 /**
5750 * wpa_supplicant_driver_init - Initialize driver interface parameters
5751 * @wpa_s: Pointer to wpa_supplicant data
5752 * Returns: 0 on success, -1 on failure
5753 *
5754 * This function is called to initialize driver interface parameters.
5755 * wpa_drv_init() must have been called before this function to initialize the
5756 * driver interface.
5757 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)5758 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
5759 {
5760 static int interface_count = 0;
5761
5762 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
5763 return -1;
5764
5765 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
5766 MAC2STR(wpa_s->own_addr));
5767 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
5768 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
5769
5770 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) {
5771 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
5772 "interface '%s'", wpa_s->bridge_ifname);
5773 wpa_s->l2_br = l2_packet_init_bridge(
5774 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
5775 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
5776 if (wpa_s->l2_br == NULL) {
5777 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
5778 "connection for the bridge interface '%s'",
5779 wpa_s->bridge_ifname);
5780 return -1;
5781 }
5782 }
5783
5784 if (wpa_s->conf->ap_scan == 2 &&
5785 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5786 wpa_printf(MSG_INFO,
5787 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5788 }
5789
5790 wpa_clear_keys(wpa_s, NULL);
5791
5792 /* Make sure that TKIP countermeasures are not left enabled (could
5793 * happen if wpa_supplicant is killed during countermeasures. */
5794 wpa_drv_set_countermeasures(wpa_s, 0);
5795
5796 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
5797 wpa_drv_flush_pmkid(wpa_s);
5798
5799 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
5800 wpa_s->prev_scan_wildcard = 0;
5801
5802 if (wpa_supplicant_enabled_networks(wpa_s)) {
5803 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
5804 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
5805 interface_count = 0;
5806 }
5807 #ifndef ANDROID
5808 if (!wpa_s->p2p_mgmt &&
5809 wpa_supplicant_delayed_sched_scan(wpa_s,
5810 interface_count % 3,
5811 100000))
5812 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
5813 100000);
5814 #endif /* ANDROID */
5815 interface_count++;
5816 } else
5817 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
5818
5819 return 0;
5820 }
5821
5822
wpa_supplicant_daemon(const char * pid_file)5823 static int wpa_supplicant_daemon(const char *pid_file)
5824 {
5825 wpa_printf(MSG_DEBUG, "Daemonize..");
5826 return os_daemonize(pid_file);
5827 }
5828
5829
5830 static struct wpa_supplicant *
wpa_supplicant_alloc(struct wpa_supplicant * parent)5831 wpa_supplicant_alloc(struct wpa_supplicant *parent)
5832 {
5833 struct wpa_supplicant *wpa_s;
5834
5835 wpa_s = os_zalloc(sizeof(*wpa_s));
5836 if (wpa_s == NULL)
5837 return NULL;
5838 wpa_s->scan_req = INITIAL_SCAN_REQ;
5839 wpa_s->scan_interval = 5;
5840 wpa_s->new_connection = 1;
5841 wpa_s->parent = parent ? parent : wpa_s;
5842 wpa_s->p2pdev = wpa_s->parent;
5843 wpa_s->sched_scanning = 0;
5844 wpa_s->setband_mask = WPA_SETBAND_AUTO;
5845
5846 dl_list_init(&wpa_s->bss_tmp_disallowed);
5847 dl_list_init(&wpa_s->fils_hlp_req);
5848 #ifdef CONFIG_TESTING_OPTIONS
5849 dl_list_init(&wpa_s->drv_signal_override);
5850 #endif /* CONFIG_TESTING_OPTIONS */
5851 #ifdef CONFIG_ROBUST_AV
5852 dl_list_init(&wpa_s->active_scs_ids);
5853 #endif /* CONFIG_ROBUST_AV */
5854
5855 return wpa_s;
5856 }
5857
5858
5859 #ifdef CONFIG_HT_OVERRIDES
5860
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)5861 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
5862 struct ieee80211_ht_capabilities *htcaps,
5863 struct ieee80211_ht_capabilities *htcaps_mask,
5864 const char *ht_mcs)
5865 {
5866 /* parse ht_mcs into hex array */
5867 int i;
5868 const char *tmp = ht_mcs;
5869 char *end = NULL;
5870
5871 /* If ht_mcs is null, do not set anything */
5872 if (!ht_mcs)
5873 return 0;
5874
5875 /* This is what we are setting in the kernel */
5876 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
5877
5878 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
5879
5880 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
5881 long v;
5882
5883 errno = 0;
5884 v = strtol(tmp, &end, 16);
5885
5886 if (errno == 0) {
5887 wpa_msg(wpa_s, MSG_DEBUG,
5888 "htcap value[%i]: %ld end: %p tmp: %p",
5889 i, v, end, tmp);
5890 if (end == tmp)
5891 break;
5892
5893 htcaps->supported_mcs_set[i] = v;
5894 tmp = end;
5895 } else {
5896 wpa_msg(wpa_s, MSG_ERROR,
5897 "Failed to parse ht-mcs: %s, error: %s\n",
5898 ht_mcs, strerror(errno));
5899 return -1;
5900 }
5901 }
5902
5903 /*
5904 * If we were able to parse any values, then set mask for the MCS set.
5905 */
5906 if (i) {
5907 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
5908 IEEE80211_HT_MCS_MASK_LEN - 1);
5909 /* skip the 3 reserved bits */
5910 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
5911 0x1f;
5912 }
5913
5914 return 0;
5915 }
5916
5917
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5918 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
5919 struct ieee80211_ht_capabilities *htcaps,
5920 struct ieee80211_ht_capabilities *htcaps_mask,
5921 int disabled)
5922 {
5923 le16 msk;
5924
5925 if (disabled == -1)
5926 return 0;
5927
5928 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
5929
5930 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
5931 htcaps_mask->ht_capabilities_info |= msk;
5932 if (disabled)
5933 htcaps->ht_capabilities_info &= msk;
5934 else
5935 htcaps->ht_capabilities_info |= msk;
5936
5937 return 0;
5938 }
5939
5940
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)5941 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
5942 struct ieee80211_ht_capabilities *htcaps,
5943 struct ieee80211_ht_capabilities *htcaps_mask,
5944 int factor)
5945 {
5946 if (factor == -1)
5947 return 0;
5948
5949 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
5950
5951 if (factor < 0 || factor > 3) {
5952 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
5953 "Must be 0-3 or -1", factor);
5954 return -EINVAL;
5955 }
5956
5957 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
5958 htcaps->a_mpdu_params &= ~0x3;
5959 htcaps->a_mpdu_params |= factor & 0x3;
5960
5961 return 0;
5962 }
5963
5964
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)5965 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
5966 struct ieee80211_ht_capabilities *htcaps,
5967 struct ieee80211_ht_capabilities *htcaps_mask,
5968 int density)
5969 {
5970 if (density == -1)
5971 return 0;
5972
5973 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
5974
5975 if (density < 0 || density > 7) {
5976 wpa_msg(wpa_s, MSG_ERROR,
5977 "ampdu_density: %d out of range. Must be 0-7 or -1.",
5978 density);
5979 return -EINVAL;
5980 }
5981
5982 htcaps_mask->a_mpdu_params |= 0x1C;
5983 htcaps->a_mpdu_params &= ~(0x1C);
5984 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
5985
5986 return 0;
5987 }
5988
5989
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)5990 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
5991 struct ieee80211_ht_capabilities *htcaps,
5992 struct ieee80211_ht_capabilities *htcaps_mask,
5993 int disabled)
5994 {
5995 if (disabled)
5996 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
5997
5998 set_disable_ht40(htcaps, disabled);
5999 set_disable_ht40(htcaps_mask, 0);
6000
6001 return 0;
6002 }
6003
6004
wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6005 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
6006 struct ieee80211_ht_capabilities *htcaps,
6007 struct ieee80211_ht_capabilities *htcaps_mask,
6008 int disabled)
6009 {
6010 /* Masking these out disables SGI */
6011 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
6012 HT_CAP_INFO_SHORT_GI40MHZ);
6013
6014 if (disabled)
6015 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
6016
6017 if (disabled)
6018 htcaps->ht_capabilities_info &= ~msk;
6019 else
6020 htcaps->ht_capabilities_info |= msk;
6021
6022 htcaps_mask->ht_capabilities_info |= msk;
6023
6024 return 0;
6025 }
6026
6027
wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6028 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
6029 struct ieee80211_ht_capabilities *htcaps,
6030 struct ieee80211_ht_capabilities *htcaps_mask,
6031 int disabled)
6032 {
6033 /* Masking these out disables LDPC */
6034 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
6035
6036 if (disabled)
6037 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
6038
6039 if (disabled)
6040 htcaps->ht_capabilities_info &= ~msk;
6041 else
6042 htcaps->ht_capabilities_info |= msk;
6043
6044 htcaps_mask->ht_capabilities_info |= msk;
6045
6046 return 0;
6047 }
6048
6049
wpa_set_tx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int tx_stbc)6050 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
6051 struct ieee80211_ht_capabilities *htcaps,
6052 struct ieee80211_ht_capabilities *htcaps_mask,
6053 int tx_stbc)
6054 {
6055 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
6056
6057 if (tx_stbc == -1)
6058 return 0;
6059
6060 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
6061
6062 if (tx_stbc < 0 || tx_stbc > 1) {
6063 wpa_msg(wpa_s, MSG_ERROR,
6064 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
6065 return -EINVAL;
6066 }
6067
6068 htcaps_mask->ht_capabilities_info |= msk;
6069 htcaps->ht_capabilities_info &= ~msk;
6070 htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk;
6071
6072 return 0;
6073 }
6074
6075
wpa_set_rx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int rx_stbc)6076 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
6077 struct ieee80211_ht_capabilities *htcaps,
6078 struct ieee80211_ht_capabilities *htcaps_mask,
6079 int rx_stbc)
6080 {
6081 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
6082
6083 if (rx_stbc == -1)
6084 return 0;
6085
6086 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
6087
6088 if (rx_stbc < 0 || rx_stbc > 3) {
6089 wpa_msg(wpa_s, MSG_ERROR,
6090 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
6091 return -EINVAL;
6092 }
6093
6094 htcaps_mask->ht_capabilities_info |= msk;
6095 htcaps->ht_capabilities_info &= ~msk;
6096 htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk;
6097
6098 return 0;
6099 }
6100
6101
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6102 void wpa_supplicant_apply_ht_overrides(
6103 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6104 struct wpa_driver_associate_params *params)
6105 {
6106 struct ieee80211_ht_capabilities *htcaps;
6107 struct ieee80211_ht_capabilities *htcaps_mask;
6108
6109 if (!ssid)
6110 return;
6111
6112 params->disable_ht = ssid->disable_ht;
6113 if (!params->htcaps || !params->htcaps_mask)
6114 return;
6115
6116 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
6117 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
6118 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
6119 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
6120 ssid->disable_max_amsdu);
6121 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
6122 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
6123 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
6124 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
6125 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
6126 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
6127 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
6128
6129 if (ssid->ht40_intolerant) {
6130 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
6131 htcaps->ht_capabilities_info |= bit;
6132 htcaps_mask->ht_capabilities_info |= bit;
6133 }
6134 }
6135
6136 #endif /* CONFIG_HT_OVERRIDES */
6137
6138
6139 #ifdef CONFIG_VHT_OVERRIDES
wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6140 void wpa_supplicant_apply_vht_overrides(
6141 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6142 struct wpa_driver_associate_params *params)
6143 {
6144 struct ieee80211_vht_capabilities *vhtcaps;
6145 struct ieee80211_vht_capabilities *vhtcaps_mask;
6146
6147 if (!ssid)
6148 return;
6149
6150 params->disable_vht = ssid->disable_vht;
6151
6152 vhtcaps = (void *) params->vhtcaps;
6153 vhtcaps_mask = (void *) params->vhtcaps_mask;
6154
6155 if (!vhtcaps || !vhtcaps_mask)
6156 return;
6157
6158 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
6159 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
6160
6161 #ifdef CONFIG_HT_OVERRIDES
6162 if (ssid->disable_sgi) {
6163 vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 |
6164 VHT_CAP_SHORT_GI_160);
6165 vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 |
6166 VHT_CAP_SHORT_GI_160);
6167 wpa_msg(wpa_s, MSG_DEBUG,
6168 "disable-sgi override specified, vht-caps: 0x%x",
6169 vhtcaps->vht_capabilities_info);
6170 }
6171
6172 /* if max ampdu is <= 3, we have to make the HT cap the same */
6173 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
6174 int max_ampdu;
6175
6176 max_ampdu = (ssid->vht_capa &
6177 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
6178 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
6179
6180 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
6181 wpa_set_ampdu_factor(wpa_s,
6182 (void *) params->htcaps,
6183 (void *) params->htcaps_mask,
6184 max_ampdu);
6185 }
6186 #endif /* CONFIG_HT_OVERRIDES */
6187
6188 #define OVERRIDE_MCS(i) \
6189 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
6190 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
6191 host_to_le16(3 << 2 * (i - 1)); \
6192 vhtcaps->vht_supported_mcs_set.tx_map |= \
6193 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
6194 2 * (i - 1)); \
6195 } \
6196 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
6197 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
6198 host_to_le16(3 << 2 * (i - 1)); \
6199 vhtcaps->vht_supported_mcs_set.rx_map |= \
6200 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
6201 2 * (i - 1)); \
6202 }
6203
6204 OVERRIDE_MCS(1);
6205 OVERRIDE_MCS(2);
6206 OVERRIDE_MCS(3);
6207 OVERRIDE_MCS(4);
6208 OVERRIDE_MCS(5);
6209 OVERRIDE_MCS(6);
6210 OVERRIDE_MCS(7);
6211 OVERRIDE_MCS(8);
6212 }
6213 #endif /* CONFIG_VHT_OVERRIDES */
6214
6215
6216 #ifdef CONFIG_HE_OVERRIDES
wpa_supplicant_apply_he_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6217 void wpa_supplicant_apply_he_overrides(
6218 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6219 struct wpa_driver_associate_params *params)
6220 {
6221 if (!ssid)
6222 return;
6223
6224 params->disable_he = ssid->disable_he;
6225 }
6226 #endif /* CONFIG_HE_OVERRIDES */
6227
wpa_supplicant_apply_eht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6228 void wpa_supplicant_apply_eht_overrides(
6229 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6230 struct wpa_driver_associate_params *params)
6231 {
6232 if (!ssid)
6233 return;
6234
6235 params->disable_eht = ssid->disable_eht;
6236 }
6237
pcsc_reader_init(struct wpa_supplicant * wpa_s)6238 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
6239 {
6240 #ifdef PCSC_FUNCS
6241 size_t len;
6242
6243 if (!wpa_s->conf->pcsc_reader)
6244 return 0;
6245
6246 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
6247 if (!wpa_s->scard)
6248 return 1;
6249
6250 if (wpa_s->conf->pcsc_pin &&
6251 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
6252 scard_deinit(wpa_s->scard);
6253 wpa_s->scard = NULL;
6254 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
6255 return -1;
6256 }
6257
6258 len = sizeof(wpa_s->imsi) - 1;
6259 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
6260 scard_deinit(wpa_s->scard);
6261 wpa_s->scard = NULL;
6262 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
6263 return -1;
6264 }
6265 wpa_s->imsi[len] = '\0';
6266
6267 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
6268
6269 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
6270 wpa_s->imsi, wpa_s->mnc_len);
6271
6272 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
6273 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
6274 #endif /* PCSC_FUNCS */
6275
6276 return 0;
6277 }
6278
6279
wpas_init_ext_pw(struct wpa_supplicant * wpa_s)6280 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
6281 {
6282 char *val, *pos;
6283
6284 ext_password_deinit(wpa_s->ext_pw);
6285 wpa_s->ext_pw = NULL;
6286 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
6287
6288 if (!wpa_s->conf->ext_password_backend)
6289 return 0;
6290
6291 val = os_strdup(wpa_s->conf->ext_password_backend);
6292 if (val == NULL)
6293 return -1;
6294 pos = os_strchr(val, ':');
6295 if (pos)
6296 *pos++ = '\0';
6297
6298 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
6299
6300 wpa_s->ext_pw = ext_password_init(val, pos);
6301 os_free(val);
6302 if (wpa_s->ext_pw == NULL) {
6303 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
6304 return -1;
6305 }
6306 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
6307
6308 return 0;
6309 }
6310
6311
6312 #ifdef CONFIG_FST
6313
wpas_fst_get_bssid_cb(void * ctx)6314 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
6315 {
6316 struct wpa_supplicant *wpa_s = ctx;
6317
6318 return (is_zero_ether_addr(wpa_s->bssid) ||
6319 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
6320 }
6321
6322
wpas_fst_get_channel_info_cb(void * ctx,enum hostapd_hw_mode * hw_mode,u8 * channel)6323 static void wpas_fst_get_channel_info_cb(void *ctx,
6324 enum hostapd_hw_mode *hw_mode,
6325 u8 *channel)
6326 {
6327 struct wpa_supplicant *wpa_s = ctx;
6328
6329 if (wpa_s->current_bss) {
6330 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
6331 channel);
6332 } else if (wpa_s->hw.num_modes) {
6333 *hw_mode = wpa_s->hw.modes[0].mode;
6334 } else {
6335 WPA_ASSERT(0);
6336 *hw_mode = 0;
6337 }
6338 }
6339
6340
wpas_fst_get_hw_modes(void * ctx,struct hostapd_hw_modes ** modes)6341 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
6342 {
6343 struct wpa_supplicant *wpa_s = ctx;
6344
6345 *modes = wpa_s->hw.modes;
6346 return wpa_s->hw.num_modes;
6347 }
6348
6349
wpas_fst_set_ies_cb(void * ctx,const struct wpabuf * fst_ies)6350 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
6351 {
6352 struct wpa_supplicant *wpa_s = ctx;
6353
6354 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
6355 wpa_s->fst_ies = fst_ies;
6356 }
6357
6358
wpas_fst_send_action_cb(void * ctx,const u8 * da,struct wpabuf * data)6359 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
6360 {
6361 struct wpa_supplicant *wpa_s = ctx;
6362
6363 if (os_memcmp(wpa_s->bssid, da, ETH_ALEN) != 0) {
6364 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
6365 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
6366 return -1;
6367 }
6368 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
6369 wpa_s->own_addr, wpa_s->bssid,
6370 wpabuf_head(data), wpabuf_len(data),
6371 0);
6372 }
6373
6374
wpas_fst_get_mb_ie_cb(void * ctx,const u8 * addr)6375 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
6376 {
6377 struct wpa_supplicant *wpa_s = ctx;
6378
6379 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
6380 return wpa_s->received_mb_ies;
6381 }
6382
6383
wpas_fst_update_mb_ie_cb(void * ctx,const u8 * addr,const u8 * buf,size_t size)6384 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
6385 const u8 *buf, size_t size)
6386 {
6387 struct wpa_supplicant *wpa_s = ctx;
6388 struct mb_ies_info info;
6389
6390 WPA_ASSERT(os_memcmp(wpa_s->bssid, addr, ETH_ALEN) == 0);
6391
6392 if (!mb_ies_info_by_ies(&info, buf, size)) {
6393 wpabuf_free(wpa_s->received_mb_ies);
6394 wpa_s->received_mb_ies = mb_ies_by_info(&info);
6395 }
6396 }
6397
6398
wpas_fst_get_peer_first(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)6399 static const u8 * wpas_fst_get_peer_first(void *ctx,
6400 struct fst_get_peer_ctx **get_ctx,
6401 bool mb_only)
6402 {
6403 struct wpa_supplicant *wpa_s = ctx;
6404
6405 *get_ctx = NULL;
6406 if (!is_zero_ether_addr(wpa_s->bssid))
6407 return (wpa_s->received_mb_ies || !mb_only) ?
6408 wpa_s->bssid : NULL;
6409 return NULL;
6410 }
6411
6412
wpas_fst_get_peer_next(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)6413 static const u8 * wpas_fst_get_peer_next(void *ctx,
6414 struct fst_get_peer_ctx **get_ctx,
6415 bool mb_only)
6416 {
6417 return NULL;
6418 }
6419
fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant * wpa_s,struct fst_wpa_obj * iface_obj)6420 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
6421 struct fst_wpa_obj *iface_obj)
6422 {
6423 iface_obj->ctx = wpa_s;
6424 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
6425 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
6426 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
6427 iface_obj->set_ies = wpas_fst_set_ies_cb;
6428 iface_obj->send_action = wpas_fst_send_action_cb;
6429 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
6430 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
6431 iface_obj->get_peer_first = wpas_fst_get_peer_first;
6432 iface_obj->get_peer_next = wpas_fst_get_peer_next;
6433 }
6434 #endif /* CONFIG_FST */
6435
wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)6436 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6437 const struct wpa_driver_capa *capa)
6438 {
6439 struct wowlan_triggers *triggers;
6440 int ret = 0;
6441
6442 if (!wpa_s->conf->wowlan_triggers)
6443 return 0;
6444
6445 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
6446 if (triggers) {
6447 ret = wpa_drv_wowlan(wpa_s, triggers);
6448 os_free(triggers);
6449 }
6450 return ret;
6451 }
6452
6453
wpas_freq_to_band(int freq)6454 enum wpa_radio_work_band wpas_freq_to_band(int freq)
6455 {
6456 if (freq < 3000)
6457 return BAND_2_4_GHZ;
6458 if (freq > 50000)
6459 return BAND_60_GHZ;
6460 return BAND_5_GHZ;
6461 }
6462
6463
wpas_get_bands(struct wpa_supplicant * wpa_s,const int * freqs)6464 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
6465 {
6466 int i;
6467 unsigned int band = 0;
6468
6469 if (freqs) {
6470 /* freqs are specified for the radio work */
6471 for (i = 0; freqs[i]; i++)
6472 band |= wpas_freq_to_band(freqs[i]);
6473 } else {
6474 /*
6475 * freqs are not specified, implies all
6476 * the supported freqs by HW
6477 */
6478 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6479 if (wpa_s->hw.modes[i].num_channels != 0) {
6480 if (wpa_s->hw.modes[i].mode ==
6481 HOSTAPD_MODE_IEEE80211B ||
6482 wpa_s->hw.modes[i].mode ==
6483 HOSTAPD_MODE_IEEE80211G)
6484 band |= BAND_2_4_GHZ;
6485 else if (wpa_s->hw.modes[i].mode ==
6486 HOSTAPD_MODE_IEEE80211A)
6487 band |= BAND_5_GHZ;
6488 else if (wpa_s->hw.modes[i].mode ==
6489 HOSTAPD_MODE_IEEE80211AD)
6490 band |= BAND_60_GHZ;
6491 else if (wpa_s->hw.modes[i].mode ==
6492 HOSTAPD_MODE_IEEE80211ANY)
6493 band = BAND_2_4_GHZ | BAND_5_GHZ |
6494 BAND_60_GHZ;
6495 }
6496 }
6497 }
6498
6499 return band;
6500 }
6501
6502
radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)6503 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
6504 const char *rn)
6505 {
6506 struct wpa_supplicant *iface = wpa_s->global->ifaces;
6507 struct wpa_radio *radio;
6508
6509 while (rn && iface) {
6510 radio = iface->radio;
6511 if (radio && os_strcmp(rn, radio->name) == 0) {
6512 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
6513 wpa_s->ifname, rn);
6514 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6515 return radio;
6516 }
6517
6518 iface = iface->next;
6519 }
6520
6521 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
6522 wpa_s->ifname, rn ? rn : "N/A");
6523 radio = os_zalloc(sizeof(*radio));
6524 if (radio == NULL)
6525 return NULL;
6526
6527 if (rn)
6528 os_strlcpy(radio->name, rn, sizeof(radio->name));
6529 dl_list_init(&radio->ifaces);
6530 dl_list_init(&radio->work);
6531 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6532
6533 return radio;
6534 }
6535
6536
radio_work_free(struct wpa_radio_work * work)6537 static void radio_work_free(struct wpa_radio_work *work)
6538 {
6539 if (work->wpa_s->scan_work == work) {
6540 /* This should not really happen. */
6541 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
6542 work->type, work, work->started);
6543 work->wpa_s->scan_work = NULL;
6544 }
6545
6546 #ifdef CONFIG_P2P
6547 if (work->wpa_s->p2p_scan_work == work) {
6548 /* This should not really happen. */
6549 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
6550 work->type, work, work->started);
6551 work->wpa_s->p2p_scan_work = NULL;
6552 }
6553 #endif /* CONFIG_P2P */
6554
6555 if (work->started) {
6556 work->wpa_s->radio->num_active_works--;
6557 wpa_dbg(work->wpa_s, MSG_DEBUG,
6558 "radio_work_free('%s'@%p): num_active_works --> %u",
6559 work->type, work,
6560 work->wpa_s->radio->num_active_works);
6561 }
6562
6563 dl_list_del(&work->list);
6564 os_free(work);
6565 }
6566
6567
radio_work_is_connect(struct wpa_radio_work * work)6568 static int radio_work_is_connect(struct wpa_radio_work *work)
6569 {
6570 return os_strcmp(work->type, "sme-connect") == 0 ||
6571 os_strcmp(work->type, "connect") == 0;
6572 }
6573
6574
radio_work_is_scan(struct wpa_radio_work * work)6575 static int radio_work_is_scan(struct wpa_radio_work *work)
6576 {
6577 return os_strcmp(work->type, "scan") == 0 ||
6578 os_strcmp(work->type, "p2p-scan") == 0;
6579 }
6580
6581
radio_work_get_next_work(struct wpa_radio * radio)6582 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
6583 {
6584 struct wpa_radio_work *active_work = NULL;
6585 struct wpa_radio_work *tmp;
6586
6587 /* Get the active work to know the type and band. */
6588 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6589 if (tmp->started) {
6590 active_work = tmp;
6591 break;
6592 }
6593 }
6594
6595 if (!active_work) {
6596 /* No active work, start one */
6597 radio->num_active_works = 0;
6598 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
6599 list) {
6600 if (os_strcmp(tmp->type, "scan") == 0 &&
6601 external_scan_running(radio) &&
6602 (((struct wpa_driver_scan_params *)
6603 tmp->ctx)->only_new_results ||
6604 tmp->wpa_s->clear_driver_scan_cache))
6605 continue;
6606 return tmp;
6607 }
6608 return NULL;
6609 }
6610
6611 if (radio_work_is_connect(active_work)) {
6612 /*
6613 * If the active work is either connect or sme-connect,
6614 * do not parallelize them with other radio works.
6615 */
6616 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6617 "Do not parallelize radio work with %s",
6618 active_work->type);
6619 return NULL;
6620 }
6621
6622 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
6623 if (tmp->started)
6624 continue;
6625
6626 /*
6627 * If connect or sme-connect are enqueued, parallelize only
6628 * those operations ahead of them in the queue.
6629 */
6630 if (radio_work_is_connect(tmp))
6631 break;
6632
6633 /* Serialize parallel scan and p2p_scan operations on the same
6634 * interface since the driver_nl80211 mechanism for tracking
6635 * scan cookies does not yet have support for this. */
6636 if (active_work->wpa_s == tmp->wpa_s &&
6637 radio_work_is_scan(active_work) &&
6638 radio_work_is_scan(tmp)) {
6639 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6640 "Do not start work '%s' when another work '%s' is already scheduled",
6641 tmp->type, active_work->type);
6642 continue;
6643 }
6644 /*
6645 * Check that the radio works are distinct and
6646 * on different bands.
6647 */
6648 if (os_strcmp(active_work->type, tmp->type) != 0 &&
6649 (active_work->bands != tmp->bands)) {
6650 /*
6651 * If a scan has to be scheduled through nl80211 scan
6652 * interface and if an external scan is already running,
6653 * do not schedule the scan since it is likely to get
6654 * rejected by kernel.
6655 */
6656 if (os_strcmp(tmp->type, "scan") == 0 &&
6657 external_scan_running(radio) &&
6658 (((struct wpa_driver_scan_params *)
6659 tmp->ctx)->only_new_results ||
6660 tmp->wpa_s->clear_driver_scan_cache))
6661 continue;
6662
6663 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
6664 "active_work:%s new_work:%s",
6665 active_work->type, tmp->type);
6666 return tmp;
6667 }
6668 }
6669
6670 /* Did not find a radio work to schedule in parallel. */
6671 return NULL;
6672 }
6673
6674
radio_start_next_work(void * eloop_ctx,void * timeout_ctx)6675 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
6676 {
6677 struct wpa_radio *radio = eloop_ctx;
6678 struct wpa_radio_work *work;
6679 struct os_reltime now, diff;
6680 struct wpa_supplicant *wpa_s;
6681
6682 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
6683 if (work == NULL) {
6684 radio->num_active_works = 0;
6685 return;
6686 }
6687
6688 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
6689 radio_list);
6690
6691 if (!(wpa_s &&
6692 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
6693 if (work->started)
6694 return; /* already started and still in progress */
6695
6696 if (wpa_s && external_scan_running(wpa_s->radio)) {
6697 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
6698 return;
6699 }
6700 } else {
6701 work = NULL;
6702 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
6703 /* get the work to schedule next */
6704 work = radio_work_get_next_work(radio);
6705 }
6706 if (!work)
6707 return;
6708 }
6709
6710 wpa_s = work->wpa_s;
6711 os_get_reltime(&now);
6712 os_reltime_sub(&now, &work->time, &diff);
6713 wpa_dbg(wpa_s, MSG_DEBUG,
6714 "Starting radio work '%s'@%p after %ld.%06ld second wait",
6715 work->type, work, diff.sec, diff.usec);
6716 work->started = 1;
6717 work->time = now;
6718 radio->num_active_works++;
6719
6720 work->cb(work, 0);
6721
6722 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
6723 radio->num_active_works < MAX_ACTIVE_WORKS)
6724 radio_work_check_next(wpa_s);
6725 }
6726
6727
6728 /*
6729 * This function removes both started and pending radio works running on
6730 * the provided interface's radio.
6731 * Prior to the removal of the radio work, its callback (cb) is called with
6732 * deinit set to be 1. Each work's callback is responsible for clearing its
6733 * internal data and restoring to a correct state.
6734 * @wpa_s: wpa_supplicant data
6735 * @type: type of works to be removed
6736 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
6737 * this interface's works.
6738 */
radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)6739 void radio_remove_works(struct wpa_supplicant *wpa_s,
6740 const char *type, int remove_all)
6741 {
6742 struct wpa_radio_work *work, *tmp;
6743 struct wpa_radio *radio = wpa_s->radio;
6744
6745 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
6746 list) {
6747 if (type && os_strcmp(type, work->type) != 0)
6748 continue;
6749
6750 /* skip other ifaces' works */
6751 if (!remove_all && work->wpa_s != wpa_s)
6752 continue;
6753
6754 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
6755 work->type, work, work->started ? " (started)" : "");
6756 work->cb(work, 1);
6757 radio_work_free(work);
6758 }
6759
6760 /* in case we removed the started work */
6761 radio_work_check_next(wpa_s);
6762 }
6763
6764
radio_remove_pending_work(struct wpa_supplicant * wpa_s,void * ctx)6765 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
6766 {
6767 struct wpa_radio_work *work;
6768 struct wpa_radio *radio = wpa_s->radio;
6769
6770 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6771 if (work->ctx != ctx)
6772 continue;
6773 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
6774 work->type, work, work->started ? " (started)" : "");
6775 radio_work_free(work);
6776 break;
6777 }
6778 }
6779
6780
radio_remove_interface(struct wpa_supplicant * wpa_s)6781 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
6782 {
6783 struct wpa_radio *radio = wpa_s->radio;
6784
6785 if (!radio)
6786 return;
6787
6788 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
6789 wpa_s->ifname, radio->name);
6790 dl_list_del(&wpa_s->radio_list);
6791 radio_remove_works(wpa_s, NULL, 0);
6792 /* If the interface that triggered the external scan was removed, the
6793 * external scan is no longer running. */
6794 if (wpa_s == radio->external_scan_req_interface)
6795 radio->external_scan_req_interface = NULL;
6796 wpa_s->radio = NULL;
6797 if (!dl_list_empty(&radio->ifaces))
6798 return; /* Interfaces remain for this radio */
6799
6800 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
6801 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6802 os_free(radio);
6803 }
6804
6805
radio_work_check_next(struct wpa_supplicant * wpa_s)6806 void radio_work_check_next(struct wpa_supplicant *wpa_s)
6807 {
6808 struct wpa_radio *radio = wpa_s->radio;
6809
6810 if (dl_list_empty(&radio->work))
6811 return;
6812 if (wpa_s->ext_work_in_progress) {
6813 wpa_printf(MSG_DEBUG,
6814 "External radio work in progress - delay start of pending item");
6815 return;
6816 }
6817 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
6818 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
6819 }
6820
6821
6822 /**
6823 * radio_add_work - Add a radio work item
6824 * @wpa_s: Pointer to wpa_supplicant data
6825 * @freq: Frequency of the offchannel operation in MHz or 0
6826 * @type: Unique identifier for each type of work
6827 * @next: Force as the next work to be executed
6828 * @cb: Callback function for indicating when radio is available
6829 * @ctx: Context pointer for the work (work->ctx in cb())
6830 * Returns: 0 on success, -1 on failure
6831 *
6832 * This function is used to request time for an operation that requires
6833 * exclusive radio control. Once the radio is available, the registered callback
6834 * function will be called. radio_work_done() must be called once the exclusive
6835 * radio operation has been completed, so that the radio is freed for other
6836 * operations. The special case of deinit=1 is used to free the context data
6837 * during interface removal. That does not allow the callback function to start
6838 * the radio operation, i.e., it must free any resources allocated for the radio
6839 * work and return.
6840 *
6841 * The @freq parameter can be used to indicate a single channel on which the
6842 * offchannel operation will occur. This may allow multiple radio work
6843 * operations to be performed in parallel if they apply for the same channel.
6844 * Setting this to 0 indicates that the work item may use multiple channels or
6845 * requires exclusive control of the radio.
6846 */
radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)6847 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
6848 const char *type, int next,
6849 void (*cb)(struct wpa_radio_work *work, int deinit),
6850 void *ctx)
6851 {
6852 struct wpa_radio *radio = wpa_s->radio;
6853 struct wpa_radio_work *work;
6854 int was_empty;
6855
6856 work = os_zalloc(sizeof(*work));
6857 if (work == NULL)
6858 return -1;
6859 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
6860 os_get_reltime(&work->time);
6861 work->freq = freq;
6862 work->type = type;
6863 work->wpa_s = wpa_s;
6864 work->cb = cb;
6865 work->ctx = ctx;
6866
6867 if (freq)
6868 work->bands = wpas_freq_to_band(freq);
6869 else if (os_strcmp(type, "scan") == 0 ||
6870 os_strcmp(type, "p2p-scan") == 0)
6871 work->bands = wpas_get_bands(wpa_s,
6872 ((struct wpa_driver_scan_params *)
6873 ctx)->freqs);
6874 else
6875 work->bands = wpas_get_bands(wpa_s, NULL);
6876
6877 was_empty = dl_list_empty(&wpa_s->radio->work);
6878 if (next)
6879 dl_list_add(&wpa_s->radio->work, &work->list);
6880 else
6881 dl_list_add_tail(&wpa_s->radio->work, &work->list);
6882 if (was_empty) {
6883 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
6884 radio_work_check_next(wpa_s);
6885 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
6886 && radio->num_active_works < MAX_ACTIVE_WORKS) {
6887 wpa_dbg(wpa_s, MSG_DEBUG,
6888 "Try to schedule a radio work (num_active_works=%u)",
6889 radio->num_active_works);
6890 radio_work_check_next(wpa_s);
6891 }
6892
6893 return 0;
6894 }
6895
6896
6897 /**
6898 * radio_work_done - Indicate that a radio work item has been completed
6899 * @work: Completed work
6900 *
6901 * This function is called once the callback function registered with
6902 * radio_add_work() has completed its work.
6903 */
radio_work_done(struct wpa_radio_work * work)6904 void radio_work_done(struct wpa_radio_work *work)
6905 {
6906 struct wpa_supplicant *wpa_s = work->wpa_s;
6907 struct os_reltime now, diff;
6908 unsigned int started = work->started;
6909
6910 os_get_reltime(&now);
6911 os_reltime_sub(&now, &work->time, &diff);
6912 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
6913 work->type, work, started ? "done" : "canceled",
6914 diff.sec, diff.usec);
6915 radio_work_free(work);
6916 if (started)
6917 radio_work_check_next(wpa_s);
6918 }
6919
6920
6921 struct wpa_radio_work *
radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)6922 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
6923 {
6924 struct wpa_radio_work *work;
6925 struct wpa_radio *radio = wpa_s->radio;
6926
6927 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
6928 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
6929 return work;
6930 }
6931
6932 return NULL;
6933 }
6934
6935
wpas_init_driver(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)6936 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
6937 const struct wpa_interface *iface)
6938 {
6939 const char *ifname, *driver, *rn;
6940
6941 driver = iface->driver;
6942 next_driver:
6943 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
6944 return -1;
6945
6946 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
6947 if (wpa_s->drv_priv == NULL) {
6948 const char *pos;
6949 int level = MSG_ERROR;
6950
6951 pos = driver ? os_strchr(driver, ',') : NULL;
6952 if (pos) {
6953 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
6954 "driver interface - try next driver wrapper");
6955 driver = pos + 1;
6956 goto next_driver;
6957 }
6958
6959 #ifdef CONFIG_MATCH_IFACE
6960 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL)
6961 level = MSG_DEBUG;
6962 #endif /* CONFIG_MATCH_IFACE */
6963 wpa_msg(wpa_s, level, "Failed to initialize driver interface");
6964 return -1;
6965 }
6966 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
6967 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
6968 "driver_param '%s'", wpa_s->conf->driver_param);
6969 return -1;
6970 }
6971
6972 ifname = wpa_drv_get_ifname(wpa_s);
6973 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
6974 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
6975 "interface name with '%s'", ifname);
6976 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
6977 }
6978
6979 rn = wpa_driver_get_radio_name(wpa_s);
6980 if (rn && rn[0] == '\0')
6981 rn = NULL;
6982
6983 wpa_s->radio = radio_add_interface(wpa_s, rn);
6984 if (wpa_s->radio == NULL)
6985 return -1;
6986
6987 return 0;
6988 }
6989
6990
6991 #ifdef CONFIG_GAS_SERVER
6992
wpas_gas_server_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)6993 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
6994 unsigned int freq, const u8 *dst,
6995 const u8 *src, const u8 *bssid,
6996 const u8 *data, size_t data_len,
6997 enum offchannel_send_action_result result)
6998 {
6999 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
7000 " result=%s",
7001 freq, MAC2STR(dst),
7002 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
7003 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
7004 "FAILED"));
7005 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
7006 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
7007 }
7008
7009
wpas_gas_server_tx(void * ctx,int freq,const u8 * da,struct wpabuf * buf,unsigned int wait_time)7010 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
7011 struct wpabuf *buf, unsigned int wait_time)
7012 {
7013 struct wpa_supplicant *wpa_s = ctx;
7014 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
7015
7016 if (wait_time > wpa_s->max_remain_on_chan)
7017 wait_time = wpa_s->max_remain_on_chan;
7018
7019 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
7020 wpabuf_head(buf), wpabuf_len(buf),
7021 wait_time, wpas_gas_server_tx_status, 0);
7022 }
7023
7024 #endif /* CONFIG_GAS_SERVER */
7025
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)7026 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
7027 const struct wpa_interface *iface)
7028 {
7029 struct wpa_driver_capa capa;
7030 int capa_res;
7031 u8 dfs_domain;
7032
7033 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
7034 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
7035 iface->confname ? iface->confname : "N/A",
7036 iface->driver ? iface->driver : "default",
7037 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
7038 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
7039
7040 if (iface->confname) {
7041 #ifdef CONFIG_BACKEND_FILE
7042 wpa_s->confname = os_rel2abs_path(iface->confname);
7043 if (wpa_s->confname == NULL) {
7044 wpa_printf(MSG_ERROR, "Failed to get absolute path "
7045 "for configuration file '%s'.",
7046 iface->confname);
7047 return -1;
7048 }
7049 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
7050 iface->confname, wpa_s->confname);
7051 #else /* CONFIG_BACKEND_FILE */
7052 wpa_s->confname = os_strdup(iface->confname);
7053 #endif /* CONFIG_BACKEND_FILE */
7054 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL, false);
7055 if (wpa_s->conf == NULL) {
7056 wpa_printf(MSG_ERROR, "Failed to read or parse "
7057 "configuration '%s'.", wpa_s->confname);
7058 return -1;
7059 }
7060 wpa_s->confanother = os_rel2abs_path(iface->confanother);
7061 if (wpa_s->confanother &&
7062 !wpa_config_read(wpa_s->confanother, wpa_s->conf, true)) {
7063 wpa_printf(MSG_ERROR,
7064 "Failed to read or parse configuration '%s'.",
7065 wpa_s->confanother);
7066 return -1;
7067 }
7068
7069 /*
7070 * Override ctrl_interface and driver_param if set on command
7071 * line.
7072 */
7073 if (iface->ctrl_interface) {
7074 os_free(wpa_s->conf->ctrl_interface);
7075 wpa_s->conf->ctrl_interface =
7076 os_strdup(iface->ctrl_interface);
7077 }
7078
7079 if (iface->driver_param) {
7080 os_free(wpa_s->conf->driver_param);
7081 wpa_s->conf->driver_param =
7082 os_strdup(iface->driver_param);
7083 }
7084
7085 if (iface->p2p_mgmt && !iface->ctrl_interface) {
7086 os_free(wpa_s->conf->ctrl_interface);
7087 wpa_s->conf->ctrl_interface = NULL;
7088 }
7089 } else
7090 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
7091 iface->driver_param);
7092
7093 if (wpa_s->conf == NULL) {
7094 wpa_printf(MSG_ERROR, "\nNo configuration found.");
7095 return -1;
7096 }
7097
7098 if (iface->ifname == NULL) {
7099 wpa_printf(MSG_ERROR, "\nInterface name is required.");
7100 return -1;
7101 }
7102 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
7103 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
7104 iface->ifname);
7105 return -1;
7106 }
7107 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
7108 #ifdef CONFIG_MATCH_IFACE
7109 wpa_s->matched = iface->matched;
7110 #endif /* CONFIG_MATCH_IFACE */
7111
7112 if (iface->bridge_ifname) {
7113 if (os_strlen(iface->bridge_ifname) >=
7114 sizeof(wpa_s->bridge_ifname)) {
7115 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
7116 "name '%s'.", iface->bridge_ifname);
7117 return -1;
7118 }
7119 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
7120 sizeof(wpa_s->bridge_ifname));
7121 }
7122
7123 /* RSNA Supplicant Key Management - INITIALIZE */
7124 eapol_sm_notify_portEnabled(wpa_s->eapol, false);
7125 eapol_sm_notify_portValid(wpa_s->eapol, false);
7126
7127 /* Initialize driver interface and register driver event handler before
7128 * L2 receive handler so that association events are processed before
7129 * EAPOL-Key packets if both become available for the same select()
7130 * call. */
7131 if (wpas_init_driver(wpa_s, iface) < 0)
7132 return -1;
7133
7134 if (wpa_supplicant_init_wpa(wpa_s) < 0)
7135 return -1;
7136
7137 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
7138 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
7139 NULL);
7140 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
7141
7142 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
7143 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
7144 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
7145 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7146 "dot11RSNAConfigPMKLifetime");
7147 return -1;
7148 }
7149
7150 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
7151 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
7152 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
7153 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7154 "dot11RSNAConfigPMKReauthThreshold");
7155 return -1;
7156 }
7157
7158 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
7159 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
7160 wpa_s->conf->dot11RSNAConfigSATimeout)) {
7161 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7162 "dot11RSNAConfigSATimeout");
7163 return -1;
7164 }
7165
7166 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
7167 &wpa_s->hw.num_modes,
7168 &wpa_s->hw.flags,
7169 &dfs_domain);
7170 if (wpa_s->hw.modes) {
7171 u16 i;
7172
7173 for (i = 0; i < wpa_s->hw.num_modes; i++) {
7174 if (wpa_s->hw.modes[i].vht_capab) {
7175 wpa_s->hw_capab = CAPAB_VHT;
7176 break;
7177 }
7178
7179 if (wpa_s->hw.modes[i].ht_capab &
7180 HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET)
7181 wpa_s->hw_capab = CAPAB_HT40;
7182 else if (wpa_s->hw.modes[i].ht_capab &&
7183 wpa_s->hw_capab == CAPAB_NO_HT_VHT)
7184 wpa_s->hw_capab = CAPAB_HT;
7185 }
7186 }
7187
7188 capa_res = wpa_drv_get_capa(wpa_s, &capa);
7189 if (capa_res == 0) {
7190 wpa_s->drv_capa_known = 1;
7191 wpa_s->drv_flags = capa.flags;
7192 wpa_s->drv_flags2 = capa.flags2;
7193 wpa_s->drv_enc = capa.enc;
7194 wpa_s->drv_key_mgmt = capa.key_mgmt;
7195 wpa_s->drv_rrm_flags = capa.rrm_flags;
7196 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
7197 wpa_s->max_scan_ssids = capa.max_scan_ssids;
7198 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
7199 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
7200 wpa_s->max_sched_scan_plan_interval =
7201 capa.max_sched_scan_plan_interval;
7202 wpa_s->max_sched_scan_plan_iterations =
7203 capa.max_sched_scan_plan_iterations;
7204 wpa_s->sched_scan_supported = capa.sched_scan_supported;
7205 wpa_s->max_match_sets = capa.max_match_sets;
7206 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
7207 wpa_s->max_stations = capa.max_stations;
7208 wpa_s->extended_capa = capa.extended_capa;
7209 wpa_s->extended_capa_mask = capa.extended_capa_mask;
7210 wpa_s->extended_capa_len = capa.extended_capa_len;
7211 wpa_s->num_multichan_concurrent =
7212 capa.num_multichan_concurrent;
7213 #ifndef CONFIG_NO_WMM_AC
7214 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
7215 #endif /* ! CONFIG_NO_WMM_AC */
7216
7217 if (capa.mac_addr_rand_scan_supported)
7218 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
7219 if (wpa_s->sched_scan_supported &&
7220 capa.mac_addr_rand_sched_scan_supported)
7221 wpa_s->mac_addr_rand_supported |=
7222 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
7223
7224 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
7225 if (wpa_s->extended_capa &&
7226 wpa_s->extended_capa_len >= 3 &&
7227 wpa_s->extended_capa[2] & 0x40)
7228 wpa_s->multi_bss_support = 1;
7229 }
7230 if (wpa_s->max_remain_on_chan == 0)
7231 wpa_s->max_remain_on_chan = 1000;
7232
7233 /*
7234 * Only take p2p_mgmt parameters when P2P Device is supported.
7235 * Doing it here as it determines whether l2_packet_init() will be done
7236 * during wpa_supplicant_driver_init().
7237 */
7238 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
7239 wpa_s->p2p_mgmt = iface->p2p_mgmt;
7240
7241 if (wpa_s->num_multichan_concurrent == 0)
7242 wpa_s->num_multichan_concurrent = 1;
7243
7244 if (wpa_supplicant_driver_init(wpa_s) < 0)
7245 return -1;
7246
7247 #ifdef CONFIG_TDLS
7248 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
7249 return -1;
7250 #endif /* CONFIG_TDLS */
7251
7252 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
7253 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
7254 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
7255 return -1;
7256 }
7257
7258 #ifdef CONFIG_FST
7259 if (wpa_s->conf->fst_group_id) {
7260 struct fst_iface_cfg cfg;
7261 struct fst_wpa_obj iface_obj;
7262
7263 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
7264 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
7265 sizeof(cfg.group_id));
7266 cfg.priority = wpa_s->conf->fst_priority;
7267 cfg.llt = wpa_s->conf->fst_llt;
7268
7269 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
7270 &iface_obj, &cfg);
7271 if (!wpa_s->fst) {
7272 wpa_msg(wpa_s, MSG_ERROR,
7273 "FST: Cannot attach iface %s to group %s",
7274 wpa_s->ifname, cfg.group_id);
7275 return -1;
7276 }
7277 }
7278 #endif /* CONFIG_FST */
7279
7280 if (wpas_wps_init(wpa_s))
7281 return -1;
7282
7283 #ifdef CONFIG_GAS_SERVER
7284 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
7285 if (!wpa_s->gas_server) {
7286 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
7287 return -1;
7288 }
7289 #endif /* CONFIG_GAS_SERVER */
7290
7291 #ifdef CONFIG_DPP
7292 if (wpas_dpp_init(wpa_s) < 0)
7293 return -1;
7294 #endif /* CONFIG_DPP */
7295
7296 if (wpa_supplicant_init_eapol(wpa_s) < 0)
7297 return -1;
7298 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
7299
7300 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
7301 if (wpa_s->ctrl_iface == NULL) {
7302 wpa_printf(MSG_ERROR,
7303 "Failed to initialize control interface '%s'.\n"
7304 "You may have another wpa_supplicant process "
7305 "already running or the file was\n"
7306 "left by an unclean termination of wpa_supplicant "
7307 "in which case you will need\n"
7308 "to manually remove this file before starting "
7309 "wpa_supplicant again.\n",
7310 wpa_s->conf->ctrl_interface);
7311 return -1;
7312 }
7313
7314 wpa_s->gas = gas_query_init(wpa_s);
7315 if (wpa_s->gas == NULL) {
7316 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
7317 return -1;
7318 }
7319
7320 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
7321 wpa_s->p2p_mgmt) &&
7322 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
7323 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
7324 return -1;
7325 }
7326
7327 if (wpa_bss_init(wpa_s) < 0)
7328 return -1;
7329
7330 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
7331 #ifdef CONFIG_MESH
7332 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
7333 #endif /* CONFIG_MESH */
7334 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
7335
7336 /*
7337 * Set Wake-on-WLAN triggers, if configured.
7338 * Note: We don't restore/remove the triggers on shutdown (it doesn't
7339 * have effect anyway when the interface is down).
7340 */
7341 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7342 return -1;
7343
7344 #ifdef CONFIG_EAP_PROXY
7345 {
7346 size_t len;
7347 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
7348 wpa_s->imsi, &len);
7349 if (wpa_s->mnc_len > 0) {
7350 wpa_s->imsi[len] = '\0';
7351 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
7352 wpa_s->imsi, wpa_s->mnc_len);
7353 } else {
7354 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
7355 }
7356 }
7357 #endif /* CONFIG_EAP_PROXY */
7358
7359 if (pcsc_reader_init(wpa_s) < 0)
7360 return -1;
7361
7362 if (wpas_init_ext_pw(wpa_s) < 0)
7363 return -1;
7364
7365 #ifndef CONFIG_NO_RRM
7366 wpas_rrm_reset(wpa_s);
7367 #endif /* ! CONFIG_NO_RRM */
7368
7369 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7370
7371 #ifdef CONFIG_HS20
7372 hs20_init(wpa_s);
7373 #endif /* CONFIG_HS20 */
7374 #ifdef CONFIG_MBO
7375 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
7376 if ((wpa_s->conf->oce & OCE_STA) &&
7377 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
7378 wpa_s->enable_oce = OCE_STA;
7379 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
7380 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
7381 /* TODO: Need to add STA-CFON support */
7382 wpa_printf(MSG_ERROR,
7383 "OCE STA-CFON feature is not yet supported");
7384 }
7385 }
7386 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
7387 #endif /* CONFIG_MBO */
7388
7389 wpa_supplicant_set_default_scan_ies(wpa_s);
7390
7391 return 0;
7392 }
7393
7394
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)7395 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
7396 int notify, int terminate)
7397 {
7398 struct wpa_global *global = wpa_s->global;
7399 struct wpa_supplicant *iface, *prev;
7400
7401 if (wpa_s == wpa_s->parent)
7402 wpas_p2p_group_remove(wpa_s, "*");
7403
7404 iface = global->ifaces;
7405 while (iface) {
7406 if (iface->p2pdev == wpa_s)
7407 iface->p2pdev = iface->parent;
7408 if (iface == wpa_s || iface->parent != wpa_s) {
7409 iface = iface->next;
7410 continue;
7411 }
7412 wpa_printf(MSG_DEBUG,
7413 "Remove remaining child interface %s from parent %s",
7414 iface->ifname, wpa_s->ifname);
7415 prev = iface;
7416 iface = iface->next;
7417 wpa_supplicant_remove_iface(global, prev, terminate);
7418 }
7419
7420 wpa_s->disconnected = 1;
7421 if (wpa_s->drv_priv) {
7422 /*
7423 * Don't deauthenticate if WoWLAN is enable and not explicitly
7424 * been configured to disconnect.
7425 */
7426 if (!wpa_drv_get_wowlan(wpa_s) ||
7427 wpa_s->conf->wowlan_disconnect_on_deinit) {
7428 wpa_supplicant_deauthenticate(
7429 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7430
7431 wpa_drv_set_countermeasures(wpa_s, 0);
7432 wpa_clear_keys(wpa_s, NULL);
7433 } else {
7434 wpa_msg(wpa_s, MSG_INFO,
7435 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
7436 }
7437 }
7438
7439 wpa_supplicant_cleanup(wpa_s);
7440 wpas_p2p_deinit_iface(wpa_s);
7441
7442 wpas_ctrl_radio_work_flush(wpa_s);
7443 radio_remove_interface(wpa_s);
7444
7445 #ifdef CONFIG_FST
7446 if (wpa_s->fst) {
7447 fst_detach(wpa_s->fst);
7448 wpa_s->fst = NULL;
7449 }
7450 if (wpa_s->received_mb_ies) {
7451 wpabuf_free(wpa_s->received_mb_ies);
7452 wpa_s->received_mb_ies = NULL;
7453 }
7454 #endif /* CONFIG_FST */
7455
7456 if (wpa_s->drv_priv)
7457 wpa_drv_deinit(wpa_s);
7458
7459 if (notify)
7460 wpas_notify_iface_removed(wpa_s);
7461
7462 if (terminate)
7463 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
7464
7465 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
7466 wpa_s->ctrl_iface = NULL;
7467
7468 #ifdef CONFIG_MESH
7469 if (wpa_s->ifmsh) {
7470 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true);
7471 wpa_s->ifmsh = NULL;
7472 }
7473 #endif /* CONFIG_MESH */
7474
7475 if (wpa_s->conf != NULL) {
7476 wpa_config_free(wpa_s->conf);
7477 wpa_s->conf = NULL;
7478 }
7479
7480 os_free(wpa_s->ssids_from_scan_req);
7481 os_free(wpa_s->last_scan_freqs);
7482
7483 os_free(wpa_s);
7484 }
7485
7486
7487 #ifdef CONFIG_MATCH_IFACE
7488
7489 /**
7490 * wpa_supplicant_match_iface - Match an interface description to a name
7491 * @global: Pointer to global data from wpa_supplicant_init()
7492 * @ifname: Name of the interface to match
7493 * Returns: Pointer to the created interface description or %NULL on failure
7494 */
wpa_supplicant_match_iface(struct wpa_global * global,const char * ifname)7495 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
7496 const char *ifname)
7497 {
7498 int i;
7499 struct wpa_interface *iface, *miface;
7500
7501 for (i = 0; i < global->params.match_iface_count; i++) {
7502 miface = &global->params.match_ifaces[i];
7503 if (!miface->ifname ||
7504 fnmatch(miface->ifname, ifname, 0) == 0) {
7505 iface = os_zalloc(sizeof(*iface));
7506 if (!iface)
7507 return NULL;
7508 *iface = *miface;
7509 if (!miface->ifname)
7510 iface->matched = WPA_IFACE_MATCHED_NULL;
7511 else
7512 iface->matched = WPA_IFACE_MATCHED;
7513 iface->ifname = ifname;
7514 return iface;
7515 }
7516 }
7517
7518 return NULL;
7519 }
7520
7521
7522 /**
7523 * wpa_supplicant_match_existing - Match existing interfaces
7524 * @global: Pointer to global data from wpa_supplicant_init()
7525 * Returns: 0 on success, -1 on failure
7526 */
wpa_supplicant_match_existing(struct wpa_global * global)7527 static int wpa_supplicant_match_existing(struct wpa_global *global)
7528 {
7529 struct if_nameindex *ifi, *ifp;
7530 struct wpa_supplicant *wpa_s;
7531 struct wpa_interface *iface;
7532
7533 ifp = if_nameindex();
7534 if (!ifp) {
7535 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
7536 return -1;
7537 }
7538
7539 for (ifi = ifp; ifi->if_name; ifi++) {
7540 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
7541 if (wpa_s)
7542 continue;
7543 iface = wpa_supplicant_match_iface(global, ifi->if_name);
7544 if (iface) {
7545 wpa_supplicant_add_iface(global, iface, NULL);
7546 os_free(iface);
7547 }
7548 }
7549
7550 if_freenameindex(ifp);
7551 return 0;
7552 }
7553
7554 #endif /* CONFIG_MATCH_IFACE */
7555
7556
7557 /**
7558 * wpa_supplicant_add_iface - Add a new network interface
7559 * @global: Pointer to global data from wpa_supplicant_init()
7560 * @iface: Interface configuration options
7561 * @parent: Parent interface or %NULL to assign new interface as parent
7562 * Returns: Pointer to the created interface or %NULL on failure
7563 *
7564 * This function is used to add new network interfaces for %wpa_supplicant.
7565 * This can be called before wpa_supplicant_run() to add interfaces before the
7566 * main event loop has been started. In addition, new interfaces can be added
7567 * dynamically while %wpa_supplicant is already running. This could happen,
7568 * e.g., when a hotplug network adapter is inserted.
7569 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)7570 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
7571 struct wpa_interface *iface,
7572 struct wpa_supplicant *parent)
7573 {
7574 struct wpa_supplicant *wpa_s;
7575 struct wpa_interface t_iface;
7576 struct wpa_ssid *ssid;
7577
7578 if (global == NULL || iface == NULL)
7579 return NULL;
7580
7581 wpa_s = wpa_supplicant_alloc(parent);
7582 if (wpa_s == NULL)
7583 return NULL;
7584
7585 wpa_s->global = global;
7586
7587 t_iface = *iface;
7588 if (global->params.override_driver) {
7589 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
7590 "('%s' -> '%s')",
7591 iface->driver, global->params.override_driver);
7592 t_iface.driver = global->params.override_driver;
7593 }
7594 if (global->params.override_ctrl_interface) {
7595 wpa_printf(MSG_DEBUG, "Override interface parameter: "
7596 "ctrl_interface ('%s' -> '%s')",
7597 iface->ctrl_interface,
7598 global->params.override_ctrl_interface);
7599 t_iface.ctrl_interface =
7600 global->params.override_ctrl_interface;
7601 }
7602 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
7603 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
7604 iface->ifname);
7605 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
7606 return NULL;
7607 }
7608
7609 if (iface->p2p_mgmt == 0) {
7610 /* Notify the control interfaces about new iface */
7611 if (wpas_notify_iface_added(wpa_s)) {
7612 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
7613 return NULL;
7614 }
7615
7616 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
7617 wpas_notify_network_added(wpa_s, ssid);
7618 }
7619
7620 wpa_s->next = global->ifaces;
7621 global->ifaces = wpa_s;
7622
7623 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
7624 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
7625
7626 #ifdef CONFIG_P2P
7627 if (wpa_s->global->p2p == NULL &&
7628 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
7629 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
7630 wpas_p2p_add_p2pdev_interface(
7631 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
7632 wpa_printf(MSG_INFO,
7633 "P2P: Failed to enable P2P Device interface");
7634 /* Try to continue without. P2P will be disabled. */
7635 }
7636 #endif /* CONFIG_P2P */
7637
7638 return wpa_s;
7639 }
7640
7641
7642 /**
7643 * wpa_supplicant_remove_iface - Remove a network interface
7644 * @global: Pointer to global data from wpa_supplicant_init()
7645 * @wpa_s: Pointer to the network interface to be removed
7646 * Returns: 0 if interface was removed, -1 if interface was not found
7647 *
7648 * This function can be used to dynamically remove network interfaces from
7649 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
7650 * addition, this function is used to remove all remaining interfaces when
7651 * %wpa_supplicant is terminated.
7652 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)7653 int wpa_supplicant_remove_iface(struct wpa_global *global,
7654 struct wpa_supplicant *wpa_s,
7655 int terminate)
7656 {
7657 struct wpa_supplicant *prev;
7658 #ifdef CONFIG_MESH
7659 unsigned int mesh_if_created = wpa_s->mesh_if_created;
7660 char *ifname = NULL;
7661 struct wpa_supplicant *parent = wpa_s->parent;
7662 #endif /* CONFIG_MESH */
7663
7664 /* Remove interface from the global list of interfaces */
7665 prev = global->ifaces;
7666 if (prev == wpa_s) {
7667 global->ifaces = wpa_s->next;
7668 } else {
7669 while (prev && prev->next != wpa_s)
7670 prev = prev->next;
7671 if (prev == NULL)
7672 return -1;
7673 prev->next = wpa_s->next;
7674 }
7675
7676 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
7677
7678 #ifdef CONFIG_MESH
7679 if (mesh_if_created) {
7680 ifname = os_strdup(wpa_s->ifname);
7681 if (ifname == NULL) {
7682 wpa_dbg(wpa_s, MSG_ERROR,
7683 "mesh: Failed to malloc ifname");
7684 return -1;
7685 }
7686 }
7687 #endif /* CONFIG_MESH */
7688
7689 if (global->p2p_group_formation == wpa_s)
7690 global->p2p_group_formation = NULL;
7691 if (global->p2p_invite_group == wpa_s)
7692 global->p2p_invite_group = NULL;
7693 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
7694
7695 #ifdef CONFIG_MESH
7696 if (mesh_if_created) {
7697 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
7698 os_free(ifname);
7699 }
7700 #endif /* CONFIG_MESH */
7701
7702 return 0;
7703 }
7704
7705
7706 /**
7707 * wpa_supplicant_get_eap_mode - Get the current EAP mode
7708 * @wpa_s: Pointer to the network interface
7709 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
7710 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)7711 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
7712 {
7713 const char *eapol_method;
7714
7715 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
7716 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
7717 return "NO-EAP";
7718 }
7719
7720 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
7721 if (eapol_method == NULL)
7722 return "UNKNOWN-EAP";
7723
7724 return eapol_method;
7725 }
7726
7727
7728 /**
7729 * wpa_supplicant_get_iface - Get a new network interface
7730 * @global: Pointer to global data from wpa_supplicant_init()
7731 * @ifname: Interface name
7732 * Returns: Pointer to the interface or %NULL if not found
7733 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)7734 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
7735 const char *ifname)
7736 {
7737 struct wpa_supplicant *wpa_s;
7738
7739 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7740 if (os_strcmp(wpa_s->ifname, ifname) == 0)
7741 return wpa_s;
7742 }
7743 return NULL;
7744 }
7745
7746
7747 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)7748 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
7749 {
7750 struct wpa_supplicant *wpa_s = ctx;
7751 if (wpa_s == NULL)
7752 return NULL;
7753 return wpa_s->ifname;
7754 }
7755 #endif /* CONFIG_NO_WPA_MSG */
7756
7757
7758 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
7759 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
7760 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
7761
7762 /* Periodic cleanup tasks */
wpas_periodic(void * eloop_ctx,void * timeout_ctx)7763 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
7764 {
7765 struct wpa_global *global = eloop_ctx;
7766 struct wpa_supplicant *wpa_s;
7767
7768 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7769 wpas_periodic, global, NULL);
7770
7771 #ifdef CONFIG_P2P
7772 if (global->p2p)
7773 p2p_expire_peers(global->p2p);
7774 #endif /* CONFIG_P2P */
7775
7776 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
7777 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
7778 #ifdef CONFIG_AP
7779 ap_periodic(wpa_s);
7780 #endif /* CONFIG_AP */
7781 }
7782 }
7783
7784
7785 /**
7786 * wpa_supplicant_init - Initialize %wpa_supplicant
7787 * @params: Parameters for %wpa_supplicant
7788 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
7789 *
7790 * This function is used to initialize %wpa_supplicant. After successful
7791 * initialization, the returned data pointer can be used to add and remove
7792 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
7793 */
wpa_supplicant_init(struct wpa_params * params)7794 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
7795 {
7796 struct wpa_global *global;
7797 int ret, i;
7798
7799 if (params == NULL)
7800 return NULL;
7801
7802 #ifdef CONFIG_DRIVER_NDIS
7803 {
7804 void driver_ndis_init_ops(void);
7805 driver_ndis_init_ops();
7806 }
7807 #endif /* CONFIG_DRIVER_NDIS */
7808
7809 #ifndef CONFIG_NO_WPA_MSG
7810 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
7811 #endif /* CONFIG_NO_WPA_MSG */
7812
7813 if (params->wpa_debug_file_path)
7814 wpa_debug_open_file(params->wpa_debug_file_path);
7815 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
7816 wpa_debug_setup_stdout();
7817 if (params->wpa_debug_syslog)
7818 wpa_debug_open_syslog();
7819 if (params->wpa_debug_tracing) {
7820 ret = wpa_debug_open_linux_tracing();
7821 if (ret) {
7822 wpa_printf(MSG_ERROR,
7823 "Failed to enable trace logging");
7824 return NULL;
7825 }
7826 }
7827
7828 ret = eap_register_methods();
7829 if (ret) {
7830 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
7831 if (ret == -2)
7832 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
7833 "the same EAP type.");
7834 return NULL;
7835 }
7836
7837 global = os_zalloc(sizeof(*global));
7838 if (global == NULL)
7839 return NULL;
7840 dl_list_init(&global->p2p_srv_bonjour);
7841 dl_list_init(&global->p2p_srv_upnp);
7842 global->params.daemonize = params->daemonize;
7843 global->params.wait_for_monitor = params->wait_for_monitor;
7844 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
7845 if (params->pid_file)
7846 global->params.pid_file = os_strdup(params->pid_file);
7847 if (params->ctrl_interface)
7848 global->params.ctrl_interface =
7849 os_strdup(params->ctrl_interface);
7850 if (params->ctrl_interface_group)
7851 global->params.ctrl_interface_group =
7852 os_strdup(params->ctrl_interface_group);
7853 if (params->override_driver)
7854 global->params.override_driver =
7855 os_strdup(params->override_driver);
7856 if (params->override_ctrl_interface)
7857 global->params.override_ctrl_interface =
7858 os_strdup(params->override_ctrl_interface);
7859 #ifdef CONFIG_MATCH_IFACE
7860 global->params.match_iface_count = params->match_iface_count;
7861 if (params->match_iface_count) {
7862 global->params.match_ifaces =
7863 os_calloc(params->match_iface_count,
7864 sizeof(struct wpa_interface));
7865 os_memcpy(global->params.match_ifaces,
7866 params->match_ifaces,
7867 params->match_iface_count *
7868 sizeof(struct wpa_interface));
7869 }
7870 #endif /* CONFIG_MATCH_IFACE */
7871 #ifdef CONFIG_P2P
7872 if (params->conf_p2p_dev)
7873 global->params.conf_p2p_dev =
7874 os_strdup(params->conf_p2p_dev);
7875 #endif /* CONFIG_P2P */
7876 wpa_debug_level = global->params.wpa_debug_level =
7877 params->wpa_debug_level;
7878 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
7879 params->wpa_debug_show_keys;
7880 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
7881 params->wpa_debug_timestamp;
7882
7883 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
7884
7885 if (eloop_init()) {
7886 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
7887 wpa_supplicant_deinit(global);
7888 return NULL;
7889 }
7890
7891 random_init(params->entropy_file);
7892
7893 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
7894 if (global->ctrl_iface == NULL) {
7895 wpa_supplicant_deinit(global);
7896 return NULL;
7897 }
7898
7899 if (wpas_notify_supplicant_initialized(global)) {
7900 wpa_supplicant_deinit(global);
7901 return NULL;
7902 }
7903
7904 for (i = 0; wpa_drivers[i]; i++)
7905 global->drv_count++;
7906 if (global->drv_count == 0) {
7907 wpa_printf(MSG_ERROR, "No drivers enabled");
7908 wpa_supplicant_deinit(global);
7909 return NULL;
7910 }
7911 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
7912 if (global->drv_priv == NULL) {
7913 wpa_supplicant_deinit(global);
7914 return NULL;
7915 }
7916
7917 #ifdef CONFIG_WIFI_DISPLAY
7918 if (wifi_display_init(global) < 0) {
7919 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
7920 wpa_supplicant_deinit(global);
7921 return NULL;
7922 }
7923 #endif /* CONFIG_WIFI_DISPLAY */
7924
7925 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
7926 wpas_periodic, global, NULL);
7927
7928 return global;
7929 }
7930
7931
7932 /**
7933 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
7934 * @global: Pointer to global data from wpa_supplicant_init()
7935 * Returns: 0 after successful event loop run, -1 on failure
7936 *
7937 * This function starts the main event loop and continues running as long as
7938 * there are any remaining events. In most cases, this function is running as
7939 * long as the %wpa_supplicant process in still in use.
7940 */
wpa_supplicant_run(struct wpa_global * global)7941 int wpa_supplicant_run(struct wpa_global *global)
7942 {
7943 struct wpa_supplicant *wpa_s;
7944
7945 if (global->params.daemonize &&
7946 (wpa_supplicant_daemon(global->params.pid_file) ||
7947 eloop_sock_requeue()))
7948 return -1;
7949
7950 #ifdef CONFIG_MATCH_IFACE
7951 if (wpa_supplicant_match_existing(global))
7952 return -1;
7953 #endif
7954
7955 if (global->params.wait_for_monitor) {
7956 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
7957 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
7958 wpa_supplicant_ctrl_iface_wait(
7959 wpa_s->ctrl_iface);
7960 }
7961
7962 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
7963 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
7964
7965 eloop_run();
7966
7967 return 0;
7968 }
7969
7970
7971 /**
7972 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
7973 * @global: Pointer to global data from wpa_supplicant_init()
7974 *
7975 * This function is called to deinitialize %wpa_supplicant and to free all
7976 * allocated resources. Remaining network interfaces will also be removed.
7977 */
wpa_supplicant_deinit(struct wpa_global * global)7978 void wpa_supplicant_deinit(struct wpa_global *global)
7979 {
7980 int i;
7981
7982 if (global == NULL)
7983 return;
7984
7985 eloop_cancel_timeout(wpas_periodic, global, NULL);
7986
7987 #ifdef CONFIG_WIFI_DISPLAY
7988 wifi_display_deinit(global);
7989 #endif /* CONFIG_WIFI_DISPLAY */
7990
7991 while (global->ifaces)
7992 wpa_supplicant_remove_iface(global, global->ifaces, 1);
7993
7994 if (global->ctrl_iface)
7995 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
7996
7997 wpas_notify_supplicant_deinitialized(global);
7998
7999 eap_peer_unregister_methods();
8000 #ifdef CONFIG_AP
8001 eap_server_unregister_methods();
8002 #endif /* CONFIG_AP */
8003
8004 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
8005 if (!global->drv_priv[i])
8006 continue;
8007 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
8008 }
8009 os_free(global->drv_priv);
8010
8011 random_deinit();
8012
8013 eloop_destroy();
8014
8015 if (global->params.pid_file) {
8016 os_daemonize_terminate(global->params.pid_file);
8017 os_free(global->params.pid_file);
8018 }
8019 os_free(global->params.ctrl_interface);
8020 os_free(global->params.ctrl_interface_group);
8021 os_free(global->params.override_driver);
8022 os_free(global->params.override_ctrl_interface);
8023 #ifdef CONFIG_MATCH_IFACE
8024 os_free(global->params.match_ifaces);
8025 #endif /* CONFIG_MATCH_IFACE */
8026 #ifdef CONFIG_P2P
8027 os_free(global->params.conf_p2p_dev);
8028 #endif /* CONFIG_P2P */
8029
8030 os_free(global->p2p_disallow_freq.range);
8031 os_free(global->p2p_go_avoid_freq.range);
8032 os_free(global->add_psk);
8033
8034 os_free(global);
8035 wpa_debug_close_syslog();
8036 wpa_debug_close_file();
8037 wpa_debug_close_linux_tracing();
8038 }
8039
8040
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)8041 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
8042 {
8043 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
8044 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
8045 char country[3];
8046 country[0] = wpa_s->conf->country[0];
8047 country[1] = wpa_s->conf->country[1];
8048 country[2] = '\0';
8049 if (wpa_drv_set_country(wpa_s, country) < 0) {
8050 wpa_printf(MSG_ERROR, "Failed to set country code "
8051 "'%s'", country);
8052 }
8053 }
8054
8055 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
8056 wpas_init_ext_pw(wpa_s);
8057
8058 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
8059 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
8060
8061 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
8062 struct wpa_driver_capa capa;
8063 int res = wpa_drv_get_capa(wpa_s, &capa);
8064
8065 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
8066 wpa_printf(MSG_ERROR,
8067 "Failed to update wowlan_triggers to '%s'",
8068 wpa_s->conf->wowlan_triggers);
8069 }
8070
8071 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
8072 wpa_supplicant_set_default_scan_ies(wpa_s);
8073
8074 #ifdef CONFIG_BGSCAN
8075 /*
8076 * We default to global bgscan parameters only when per-network bgscan
8077 * parameters aren't set. Only bother resetting bgscan parameters if
8078 * this is the case.
8079 */
8080 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) &&
8081 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan &&
8082 wpa_s->wpa_state == WPA_COMPLETED)
8083 wpa_supplicant_reset_bgscan(wpa_s);
8084 #endif /* CONFIG_BGSCAN */
8085
8086 #ifdef CONFIG_WPS
8087 wpas_wps_update_config(wpa_s);
8088 #endif /* CONFIG_WPS */
8089 wpas_p2p_update_config(wpa_s);
8090 wpa_s->conf->changed_parameters = 0;
8091 }
8092
8093
add_freq(int * freqs,int * num_freqs,int freq)8094 void add_freq(int *freqs, int *num_freqs, int freq)
8095 {
8096 int i;
8097
8098 for (i = 0; i < *num_freqs; i++) {
8099 if (freqs[i] == freq)
8100 return;
8101 }
8102
8103 freqs[*num_freqs] = freq;
8104 (*num_freqs)++;
8105 }
8106
8107
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)8108 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
8109 {
8110 struct wpa_bss *bss, *cbss;
8111 const int max_freqs = 10;
8112 int *freqs;
8113 int num_freqs = 0;
8114
8115 freqs = os_calloc(max_freqs + 1, sizeof(int));
8116 if (freqs == NULL)
8117 return NULL;
8118
8119 cbss = wpa_s->current_bss;
8120
8121 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
8122 if (bss == cbss)
8123 continue;
8124 if (bss->ssid_len == cbss->ssid_len &&
8125 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
8126 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) {
8127 add_freq(freqs, &num_freqs, bss->freq);
8128 if (num_freqs == max_freqs)
8129 break;
8130 }
8131 }
8132
8133 if (num_freqs == 0) {
8134 os_free(freqs);
8135 freqs = NULL;
8136 }
8137
8138 return freqs;
8139 }
8140
8141
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 ** link_bssids)8142 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid,
8143 const u8 **link_bssids)
8144 {
8145 int timeout;
8146 int count;
8147 int *freqs = NULL;
8148
8149 wpas_connect_work_done(wpa_s);
8150
8151 /*
8152 * Remove possible authentication timeout since the connection failed.
8153 */
8154 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
8155
8156 /*
8157 * There is no point in ignoring the AP temporarily if this event is
8158 * generated based on local request to disconnect.
8159 */
8160 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
8161 wpa_s->own_disconnect_req = 0;
8162 wpa_dbg(wpa_s, MSG_DEBUG,
8163 "Ignore connection failure due to local request to disconnect");
8164 return;
8165 }
8166 if (wpa_s->disconnected) {
8167 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
8168 "indication since interface has been put into "
8169 "disconnected state");
8170 return;
8171 }
8172
8173 /*
8174 * Add the failed BSSID into the ignore list and speed up next scan
8175 * attempt if there could be other APs that could accept association.
8176 */
8177 count = wpa_bssid_ignore_add(wpa_s, bssid);
8178 if (count == 1 && wpa_s->current_bss) {
8179 /*
8180 * This BSS was not in the ignore list before. If there is
8181 * another BSS available for the same ESS, we should try that
8182 * next. Otherwise, we may as well try this one once more
8183 * before allowing other, likely worse, ESSes to be considered.
8184 */
8185 freqs = get_bss_freqs_in_ess(wpa_s);
8186 if (freqs) {
8187 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
8188 "has been seen; try it next");
8189 wpa_bssid_ignore_add(wpa_s, bssid);
8190 /*
8191 * On the next scan, go through only the known channels
8192 * used in this ESS based on previous scans to speed up
8193 * common load balancing use case.
8194 */
8195 os_free(wpa_s->next_scan_freqs);
8196 wpa_s->next_scan_freqs = freqs;
8197 }
8198 }
8199
8200 wpa_s->consecutive_conn_failures++;
8201
8202 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) {
8203 wpa_printf(MSG_DEBUG, "Continuous association failures - "
8204 "consider temporary network disabling");
8205 wpas_auth_failed(wpa_s, "CONN_FAILED", bssid);
8206 }
8207 /*
8208 * Multiple consecutive connection failures mean that other APs are
8209 * either not available or have already been tried, so we can start
8210 * increasing the delay here to avoid constant scanning.
8211 */
8212 switch (wpa_s->consecutive_conn_failures) {
8213 case 1:
8214 timeout = 100;
8215 break;
8216 case 2:
8217 timeout = 500;
8218 break;
8219 case 3:
8220 timeout = 1000;
8221 break;
8222 case 4:
8223 timeout = 5000;
8224 break;
8225 default:
8226 timeout = 10000;
8227 break;
8228 }
8229
8230 wpa_dbg(wpa_s, MSG_DEBUG,
8231 "Consecutive connection failures: %d --> request scan in %d ms",
8232 wpa_s->consecutive_conn_failures, timeout);
8233
8234 /*
8235 * TODO: if more than one possible AP is available in scan results,
8236 * could try the other ones before requesting a new scan.
8237 */
8238
8239 /* speed up the connection attempt with normal scan */
8240 wpa_s->normal_scans = 0;
8241 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
8242 1000 * (timeout % 1000));
8243 }
8244
8245
8246 #ifdef CONFIG_FILS
8247
fils_pmksa_cache_flush(struct wpa_supplicant * wpa_s)8248 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
8249 {
8250 struct wpa_ssid *ssid = wpa_s->current_ssid;
8251 const u8 *realm, *username, *rrk;
8252 size_t realm_len, username_len, rrk_len;
8253 u16 next_seq_num;
8254
8255 /* Clear the PMKSA cache entry if FILS authentication was rejected.
8256 * Check for ERP keys existing to limit when this can be done since
8257 * the rejection response is not protected and such triggers should
8258 * really not allow internal state to be modified unless required to
8259 * avoid significant issues in functionality. In addition, drop
8260 * externally configure PMKSA entries even without ERP keys since it
8261 * is possible for an external component to add PMKSA entries for FILS
8262 * authentication without restoring previously generated ERP keys.
8263 *
8264 * In this case, this is needed to allow recovery from cases where the
8265 * AP or authentication server has dropped PMKSAs and ERP keys. */
8266 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt))
8267 return;
8268
8269 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
8270 &username, &username_len,
8271 &realm, &realm_len, &next_seq_num,
8272 &rrk, &rrk_len) != 0 ||
8273 !realm) {
8274 wpa_dbg(wpa_s, MSG_DEBUG,
8275 "FILS: Drop external PMKSA cache entry");
8276 wpa_sm_aborted_external_cached(wpa_s->wpa);
8277 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid);
8278 return;
8279 }
8280
8281 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry");
8282 wpa_sm_aborted_cached(wpa_s->wpa);
8283 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
8284 }
8285
8286
fils_connection_failure(struct wpa_supplicant * wpa_s)8287 void fils_connection_failure(struct wpa_supplicant *wpa_s)
8288 {
8289 struct wpa_ssid *ssid = wpa_s->current_ssid;
8290 const u8 *realm, *username, *rrk;
8291 size_t realm_len, username_len, rrk_len;
8292 u16 next_seq_num;
8293
8294 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
8295 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
8296 &username, &username_len,
8297 &realm, &realm_len, &next_seq_num,
8298 &rrk, &rrk_len) != 0 ||
8299 !realm)
8300 return;
8301
8302 wpa_hexdump_ascii(MSG_DEBUG,
8303 "FILS: Store last connection failure realm",
8304 realm, realm_len);
8305 os_free(wpa_s->last_con_fail_realm);
8306 wpa_s->last_con_fail_realm = os_malloc(realm_len);
8307 if (wpa_s->last_con_fail_realm) {
8308 wpa_s->last_con_fail_realm_len = realm_len;
8309 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
8310 }
8311 }
8312 #endif /* CONFIG_FILS */
8313
8314
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)8315 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
8316 {
8317 return wpa_s->conf->ap_scan == 2 ||
8318 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
8319 }
8320
8321
wpas_driver_rsn_override(struct wpa_supplicant * wpa_s)8322 static bool wpas_driver_rsn_override(struct wpa_supplicant *wpa_s)
8323 {
8324 return !!(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_RSN_OVERRIDE_STA);
8325 }
8326
8327
wpas_rsn_overriding(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8328 bool wpas_rsn_overriding(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8329 {
8330 enum wpas_rsn_overriding rsno;
8331
8332 if (ssid && ssid->rsn_overriding != RSN_OVERRIDING_NOT_SET)
8333 rsno = ssid->rsn_overriding;
8334 else
8335 rsno = wpa_s->conf->rsn_overriding;
8336
8337 if (rsno == RSN_OVERRIDING_DISABLED)
8338 return false;
8339
8340 if (rsno == RSN_OVERRIDING_ENABLED)
8341 return true;
8342
8343 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
8344 wpas_driver_bss_selection(wpa_s))
8345 return wpas_driver_rsn_override(wpa_s);
8346
8347 return true;
8348 }
8349
8350
8351 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)8352 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
8353 struct wpa_ssid *ssid,
8354 const char *field,
8355 const char *value)
8356 {
8357 #ifdef IEEE8021X_EAPOL
8358 struct eap_peer_config *eap = &ssid->eap;
8359
8360 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
8361 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
8362 (const u8 *) value, os_strlen(value));
8363
8364 switch (wpa_supplicant_ctrl_req_from_string(field)) {
8365 case WPA_CTRL_REQ_EAP_IDENTITY:
8366 os_free(eap->identity);
8367 eap->identity = (u8 *) os_strdup(value);
8368 eap->identity_len = os_strlen(value);
8369 eap->pending_req_identity = 0;
8370 if (ssid == wpa_s->current_ssid)
8371 wpa_s->reassociate = 1;
8372 break;
8373 case WPA_CTRL_REQ_EAP_PASSWORD:
8374 bin_clear_free(eap->password, eap->password_len);
8375 eap->password = (u8 *) os_strdup(value);
8376 eap->password_len = os_strlen(value);
8377 eap->pending_req_password = 0;
8378 if (ssid == wpa_s->current_ssid)
8379 wpa_s->reassociate = 1;
8380 break;
8381 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
8382 bin_clear_free(eap->new_password, eap->new_password_len);
8383 eap->new_password = (u8 *) os_strdup(value);
8384 eap->new_password_len = os_strlen(value);
8385 eap->pending_req_new_password = 0;
8386 if (ssid == wpa_s->current_ssid)
8387 wpa_s->reassociate = 1;
8388 break;
8389 case WPA_CTRL_REQ_EAP_PIN:
8390 str_clear_free(eap->cert.pin);
8391 eap->cert.pin = os_strdup(value);
8392 eap->pending_req_pin = 0;
8393 if (ssid == wpa_s->current_ssid)
8394 wpa_s->reassociate = 1;
8395 break;
8396 case WPA_CTRL_REQ_EAP_OTP:
8397 bin_clear_free(eap->otp, eap->otp_len);
8398 eap->otp = (u8 *) os_strdup(value);
8399 eap->otp_len = os_strlen(value);
8400 os_free(eap->pending_req_otp);
8401 eap->pending_req_otp = NULL;
8402 eap->pending_req_otp_len = 0;
8403 break;
8404 case WPA_CTRL_REQ_EAP_PASSPHRASE:
8405 str_clear_free(eap->cert.private_key_passwd);
8406 eap->cert.private_key_passwd = os_strdup(value);
8407 eap->pending_req_passphrase = 0;
8408 if (ssid == wpa_s->current_ssid)
8409 wpa_s->reassociate = 1;
8410 break;
8411 case WPA_CTRL_REQ_SIM:
8412 str_clear_free(eap->external_sim_resp);
8413 eap->external_sim_resp = os_strdup(value);
8414 eap->pending_req_sim = 0;
8415 break;
8416 case WPA_CTRL_REQ_PSK_PASSPHRASE:
8417 if (wpa_config_set(ssid, "psk", value, 0) < 0)
8418 return -1;
8419 ssid->mem_only_psk = 1;
8420 if (ssid->passphrase)
8421 wpa_config_update_psk(ssid);
8422 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
8423 wpa_supplicant_req_scan(wpa_s, 0, 0);
8424 break;
8425 case WPA_CTRL_REQ_EXT_CERT_CHECK:
8426 if (eap->pending_ext_cert_check != PENDING_CHECK)
8427 return -1;
8428 if (os_strcmp(value, "good") == 0)
8429 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
8430 else if (os_strcmp(value, "bad") == 0)
8431 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
8432 else
8433 return -1;
8434 break;
8435 default:
8436 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
8437 return -1;
8438 }
8439
8440 return 0;
8441 #else /* IEEE8021X_EAPOL */
8442 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
8443 return -1;
8444 #endif /* IEEE8021X_EAPOL */
8445 }
8446 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
8447
8448
wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8449 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8450 {
8451 #ifdef CONFIG_WEP
8452 int i;
8453 unsigned int drv_enc;
8454 #endif /* CONFIG_WEP */
8455
8456 if (wpa_s->p2p_mgmt)
8457 return 1; /* no normal network profiles on p2p_mgmt interface */
8458
8459 if (ssid == NULL)
8460 return 1;
8461
8462 if (ssid->disabled)
8463 return 1;
8464
8465 #ifdef CONFIG_WEP
8466 if (wpa_s->drv_capa_known)
8467 drv_enc = wpa_s->drv_enc;
8468 else
8469 drv_enc = (unsigned int) -1;
8470
8471 for (i = 0; i < NUM_WEP_KEYS; i++) {
8472 size_t len = ssid->wep_key_len[i];
8473 if (len == 0)
8474 continue;
8475 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
8476 continue;
8477 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
8478 continue;
8479 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
8480 continue;
8481 return 1; /* invalid WEP key */
8482 }
8483 #endif /* CONFIG_WEP */
8484
8485 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
8486 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
8487 !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) &&
8488 !ssid->mem_only_psk)
8489 return 1;
8490
8491 return 0;
8492 }
8493
8494
wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8495 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8496 {
8497 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
8498 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
8499 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
8500 /*
8501 * Driver does not support BIP -- ignore pmf=1 default
8502 * since the connection with PMF would fail and the
8503 * configuration does not require PMF to be enabled.
8504 */
8505 return NO_MGMT_FRAME_PROTECTION;
8506 }
8507
8508 if (ssid &&
8509 (ssid->key_mgmt &
8510 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
8511 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
8512 /*
8513 * Do not use the default PMF value for non-RSN networks
8514 * since PMF is available only with RSN and pmf=2
8515 * configuration would otherwise prevent connections to
8516 * all open networks.
8517 */
8518 return NO_MGMT_FRAME_PROTECTION;
8519 }
8520
8521 return wpa_s->conf->pmf;
8522 }
8523
8524 return ssid->ieee80211w;
8525 }
8526
8527 #ifdef CONFIG_SAE
wpas_is_sae_avoided(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const struct wpa_ie_data * ie)8528 bool wpas_is_sae_avoided(struct wpa_supplicant *wpa_s,
8529 struct wpa_ssid *ssid,
8530 const struct wpa_ie_data *ie)
8531 {
8532 return wpa_s->conf->sae_check_mfp &&
8533 (!(ie->capabilities &
8534 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) ||
8535 wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION);
8536 }
8537 #endif /* CONFIG_SAE */
8538
pmf_in_use(struct wpa_supplicant * wpa_s,const u8 * addr)8539 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr)
8540 {
8541 if (wpa_s->current_ssid == NULL ||
8542 wpa_s->wpa_state < WPA_4WAY_HANDSHAKE ||
8543 os_memcmp(addr, wpa_s->bssid, ETH_ALEN) != 0)
8544 return 0;
8545 return wpa_sm_pmf_enabled(wpa_s->wpa);
8546 }
8547
8548
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)8549 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
8550 {
8551 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
8552 return 1;
8553 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
8554 return 0;
8555 return -1;
8556 }
8557
8558
wpas_auth_failed(struct wpa_supplicant * wpa_s,char * reason,const u8 * bssid)8559 void wpas_auth_failed(struct wpa_supplicant *wpa_s, char *reason,
8560 const u8 *bssid)
8561 {
8562 struct wpa_ssid *ssid = wpa_s->current_ssid;
8563 int dur;
8564 struct os_reltime now;
8565
8566 if (ssid == NULL) {
8567 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
8568 "SSID block");
8569 return;
8570 }
8571
8572 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
8573 return;
8574
8575 ssid->auth_failures++;
8576
8577 #ifdef CONFIG_P2P
8578 if (ssid->p2p_group &&
8579 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
8580 /*
8581 * Skip the wait time since there is a short timeout on the
8582 * connection to a P2P group.
8583 */
8584 return;
8585 }
8586 #endif /* CONFIG_P2P */
8587
8588 if (ssid->auth_failures > 50)
8589 dur = 300;
8590 else if (ssid->auth_failures > 10)
8591 dur = 120;
8592 else if (ssid->auth_failures > 5)
8593 dur = 90;
8594 else if (ssid->auth_failures > 3)
8595 dur = 60;
8596 else if (ssid->auth_failures > 2)
8597 dur = 30;
8598 else if (ssid->auth_failures > 1)
8599 dur = 20;
8600 else
8601 dur = 10;
8602
8603 if (ssid->auth_failures > 1 &&
8604 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
8605 dur += os_random() % (ssid->auth_failures * 10);
8606
8607 os_get_reltime(&now);
8608 if (now.sec + dur <= ssid->disabled_until.sec)
8609 return;
8610
8611 ssid->disabled_until.sec = now.sec + dur;
8612
8613 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
8614 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
8615 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
8616 ssid->auth_failures, dur, reason);
8617 }
8618
8619
wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)8620 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
8621 struct wpa_ssid *ssid, int clear_failures)
8622 {
8623 if (ssid == NULL)
8624 return;
8625
8626 if (ssid->disabled_until.sec) {
8627 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
8628 "id=%d ssid=\"%s\"",
8629 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
8630 }
8631 ssid->disabled_until.sec = 0;
8632 ssid->disabled_until.usec = 0;
8633 if (clear_failures)
8634 ssid->auth_failures = 0;
8635 }
8636
8637
disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)8638 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
8639 {
8640 size_t i;
8641
8642 if (wpa_s->disallow_aps_bssid == NULL)
8643 return 0;
8644
8645 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
8646 if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
8647 bssid, ETH_ALEN) == 0)
8648 return 1;
8649 }
8650
8651 return 0;
8652 }
8653
8654
disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)8655 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
8656 size_t ssid_len)
8657 {
8658 size_t i;
8659
8660 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
8661 return 0;
8662
8663 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
8664 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
8665 if (ssid_len == s->ssid_len &&
8666 os_memcmp(ssid, s->ssid, ssid_len) == 0)
8667 return 1;
8668 }
8669
8670 return 0;
8671 }
8672
8673
8674 /**
8675 * wpas_request_connection - Request a new connection
8676 * @wpa_s: Pointer to the network interface
8677 *
8678 * This function is used to request a new connection to be found. It will mark
8679 * the interface to allow reassociation and request a new scan to find a
8680 * suitable network to connect to.
8681 */
wpas_request_connection(struct wpa_supplicant * wpa_s)8682 void wpas_request_connection(struct wpa_supplicant *wpa_s)
8683 {
8684 wpa_s->normal_scans = 0;
8685 wpa_s->scan_req = NORMAL_SCAN_REQ;
8686 wpa_supplicant_reinit_autoscan(wpa_s);
8687 wpa_s->disconnected = 0;
8688 wpa_s->reassociate = 1;
8689 wpa_s->last_owe_group = 0;
8690
8691 if (wpa_supplicant_fast_associate(wpa_s) != 1)
8692 wpa_supplicant_req_scan(wpa_s, 0, 0);
8693 else
8694 wpa_s->reattach = 0;
8695 }
8696
8697
8698 /**
8699 * wpas_request_disconnection - Request disconnection
8700 * @wpa_s: Pointer to the network interface
8701 *
8702 * This function is used to request disconnection from the currently connected
8703 * network. This will stop any ongoing scans and initiate deauthentication.
8704 */
wpas_request_disconnection(struct wpa_supplicant * wpa_s)8705 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
8706 {
8707 #ifdef CONFIG_SME
8708 wpa_s->sme.prev_bssid_set = 0;
8709 #endif /* CONFIG_SME */
8710 wpa_s->reassociate = 0;
8711 wpa_s->disconnected = 1;
8712 wpa_supplicant_cancel_sched_scan(wpa_s);
8713 wpa_supplicant_cancel_scan(wpa_s);
8714 wpas_abort_ongoing_scan(wpa_s);
8715 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
8716 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
8717 radio_remove_works(wpa_s, "connect", 0);
8718 radio_remove_works(wpa_s, "sme-connect", 0);
8719 wpa_s->roam_in_progress = false;
8720 #ifdef CONFIG_WNM
8721 wpa_s->bss_trans_mgmt_in_progress = false;
8722 #endif /* CONFIG_WNM */
8723 }
8724
8725
dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)8726 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
8727 struct wpa_used_freq_data *freqs_data,
8728 unsigned int len)
8729 {
8730 unsigned int i;
8731
8732 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
8733 len, title);
8734 for (i = 0; i < len; i++) {
8735 #if CONFIG_WIFI_NM_WPA_SUPPLICANT_DEBUG_LEVEL <= MSG_DEBUG
8736 struct wpa_used_freq_data *cur = &freqs_data[i];
8737 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
8738 i, cur->freq, cur->flags);
8739 #endif /* CONFIG_WIFI_NM_WPA_SUPPLICANT_DEBUG_LEVEL <= MSG_DEBUG */
8740 }
8741 }
8742
8743
8744 /*
8745 * Find the operating frequencies of any of the virtual interfaces that
8746 * are using the same radio as the current interface, and in addition, get
8747 * information about the interface types that are using the frequency.
8748 */
get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len,bool exclude_current)8749 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
8750 struct wpa_used_freq_data *freqs_data,
8751 unsigned int len, bool exclude_current)
8752 {
8753 struct wpa_supplicant *ifs;
8754 u8 bssid[ETH_ALEN];
8755 int freq;
8756 unsigned int idx = 0, i;
8757
8758 wpa_dbg(wpa_s, MSG_DEBUG,
8759 "Determining shared radio frequencies (max len %u)", len);
8760 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
8761
8762 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
8763 radio_list) {
8764 if (idx == len)
8765 break;
8766
8767 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
8768 continue;
8769
8770 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
8771 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
8772 ifs->current_ssid->mode == WPAS_MODE_MESH)
8773 freq = ifs->current_ssid->frequency;
8774 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
8775 freq = ifs->assoc_freq;
8776 else
8777 continue;
8778
8779 /* Hold only distinct freqs */
8780 for (i = 0; i < idx; i++)
8781 if (freqs_data[i].freq == freq)
8782 break;
8783
8784 if (i == idx)
8785 freqs_data[idx++].freq = freq;
8786
8787 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
8788 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
8789 WPA_FREQ_USED_BY_P2P_CLIENT :
8790 WPA_FREQ_USED_BY_INFRA_STATION;
8791 }
8792 }
8793
8794 #ifndef __ZEPHYR__
8795 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
8796 #endif /* __ZEPHYR__ */
8797 return idx;
8798 }
8799
8800
8801 /*
8802 * Find the operating frequencies of any of the virtual interfaces that
8803 * are using the same radio as the current interface.
8804 */
get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len,bool exclude_current)8805 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
8806 int *freq_array, unsigned int len,
8807 bool exclude_current)
8808 {
8809 struct wpa_used_freq_data *freqs_data;
8810 int num, i;
8811
8812 os_memset(freq_array, 0, sizeof(int) * len);
8813
8814 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
8815 if (!freqs_data)
8816 return -1;
8817
8818 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len,
8819 exclude_current);
8820 for (i = 0; i < num; i++)
8821 freq_array[i] = freqs_data[i].freq;
8822
8823 os_free(freqs_data);
8824
8825 return num;
8826 }
8827
8828
8829 struct wpa_supplicant *
wpas_vendor_elem(struct wpa_supplicant * wpa_s,enum wpa_vendor_elem_frame frame)8830 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
8831 {
8832 switch (frame) {
8833 #ifdef CONFIG_P2P
8834 case VENDOR_ELEM_PROBE_REQ_P2P:
8835 case VENDOR_ELEM_PROBE_RESP_P2P:
8836 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
8837 case VENDOR_ELEM_BEACON_P2P_GO:
8838 case VENDOR_ELEM_P2P_PD_REQ:
8839 case VENDOR_ELEM_P2P_PD_RESP:
8840 case VENDOR_ELEM_P2P_GO_NEG_REQ:
8841 case VENDOR_ELEM_P2P_GO_NEG_RESP:
8842 case VENDOR_ELEM_P2P_GO_NEG_CONF:
8843 case VENDOR_ELEM_P2P_INV_REQ:
8844 case VENDOR_ELEM_P2P_INV_RESP:
8845 case VENDOR_ELEM_P2P_ASSOC_REQ:
8846 case VENDOR_ELEM_P2P_ASSOC_RESP:
8847 return wpa_s->p2pdev;
8848 #endif /* CONFIG_P2P */
8849 default:
8850 return wpa_s;
8851 }
8852 }
8853
8854
wpas_vendor_elem_update(struct wpa_supplicant * wpa_s)8855 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
8856 {
8857 unsigned int i;
8858 char buf[30];
8859
8860 wpa_printf(MSG_DEBUG, "Update vendor elements");
8861
8862 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
8863 if (wpa_s->vendor_elem[i]) {
8864 int res;
8865
8866 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
8867 if (!os_snprintf_error(sizeof(buf), res)) {
8868 wpa_hexdump_buf(MSG_DEBUG, buf,
8869 wpa_s->vendor_elem[i]);
8870 }
8871 }
8872 }
8873
8874 #ifdef CONFIG_P2P
8875 if (wpa_s->parent == wpa_s &&
8876 wpa_s->global->p2p &&
8877 !wpa_s->global->p2p_disabled)
8878 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
8879 #endif /* CONFIG_P2P */
8880 }
8881
8882
wpas_vendor_elem_remove(struct wpa_supplicant * wpa_s,int frame,const u8 * elem,size_t len)8883 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
8884 const u8 *elem, size_t len)
8885 {
8886 u8 *ie, *end;
8887
8888 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
8889 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
8890
8891 for (; ie + 1 < end; ie += 2 + ie[1]) {
8892 if (ie + len > end)
8893 break;
8894 if (os_memcmp(ie, elem, len) != 0)
8895 continue;
8896
8897 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
8898 wpabuf_free(wpa_s->vendor_elem[frame]);
8899 wpa_s->vendor_elem[frame] = NULL;
8900 } else {
8901 os_memmove(ie, ie + len, end - (ie + len));
8902 wpa_s->vendor_elem[frame]->used -= len;
8903 }
8904 wpas_vendor_elem_update(wpa_s);
8905 return 0;
8906 }
8907
8908 return -1;
8909 }
8910
8911
get_mode(struct hostapd_hw_modes * modes,u16 num_modes,enum hostapd_hw_mode mode,bool is_6ghz)8912 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
8913 u16 num_modes, enum hostapd_hw_mode mode,
8914 bool is_6ghz)
8915 {
8916 u16 i;
8917
8918 if (!modes)
8919 return NULL;
8920
8921 for (i = 0; i < num_modes; i++) {
8922 if (modes[i].mode != mode ||
8923 !modes[i].num_channels || !modes[i].channels)
8924 continue;
8925 if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) ||
8926 (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq)))
8927 return &modes[i];
8928 }
8929
8930 return NULL;
8931 }
8932
8933
get_mode_with_freq(struct hostapd_hw_modes * modes,u16 num_modes,int freq)8934 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes,
8935 u16 num_modes, int freq)
8936 {
8937 int i, j;
8938
8939 for (i = 0; i < num_modes; i++) {
8940 for (j = 0; j < modes[i].num_channels; j++) {
8941 if (freq == modes[i].channels[j].freq)
8942 return &modes[i];
8943 }
8944 }
8945
8946 return NULL;
8947 }
8948
8949
8950 static struct
wpas_get_disallowed_bss(struct wpa_supplicant * wpa_s,const u8 * bssid)8951 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
8952 const u8 *bssid)
8953 {
8954 struct wpa_bss_tmp_disallowed *bss;
8955
8956 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
8957 struct wpa_bss_tmp_disallowed, list) {
8958 if (os_memcmp(bssid, bss->bssid, ETH_ALEN) == 0)
8959 return bss;
8960 }
8961
8962 return NULL;
8963 }
8964
8965
wpa_set_driver_tmp_disallow_list(struct wpa_supplicant * wpa_s)8966 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
8967 {
8968 struct wpa_bss_tmp_disallowed *tmp;
8969 unsigned int num_bssid = 0;
8970 u8 *bssids;
8971 int ret;
8972
8973 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
8974 if (!bssids)
8975 return -1;
8976 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8977 struct wpa_bss_tmp_disallowed, list) {
8978 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
8979 ETH_ALEN);
8980 num_bssid++;
8981 }
8982 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids);
8983 os_free(bssids);
8984 return ret;
8985 }
8986
8987
wpa_bss_tmp_disallow_timeout(void * eloop_ctx,void * timeout_ctx)8988 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
8989 {
8990 struct wpa_supplicant *wpa_s = eloop_ctx;
8991 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
8992
8993 /* Make sure the bss is not already freed */
8994 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
8995 struct wpa_bss_tmp_disallowed, list) {
8996 if (bss == tmp) {
8997 remove_bss_tmp_disallowed_entry(wpa_s, tmp);
8998 wpa_set_driver_tmp_disallow_list(wpa_s);
8999 break;
9000 }
9001 }
9002 }
9003
9004
wpa_bss_tmp_disallow(struct wpa_supplicant * wpa_s,const u8 * bssid,unsigned int sec,int rssi_threshold)9005 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
9006 unsigned int sec, int rssi_threshold)
9007 {
9008 struct wpa_bss_tmp_disallowed *bss;
9009
9010 bss = wpas_get_disallowed_bss(wpa_s, bssid);
9011 if (bss) {
9012 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
9013 goto finish;
9014 }
9015
9016 bss = os_malloc(sizeof(*bss));
9017 if (!bss) {
9018 wpa_printf(MSG_DEBUG,
9019 "Failed to allocate memory for temp disallow BSS");
9020 return;
9021 }
9022
9023 os_memcpy(bss->bssid, bssid, ETH_ALEN);
9024 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
9025 wpa_set_driver_tmp_disallow_list(wpa_s);
9026
9027 finish:
9028 bss->rssi_threshold = rssi_threshold;
9029 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
9030 wpa_s, bss);
9031 }
9032
9033
wpa_is_bss_tmp_disallowed(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9034 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
9035 struct wpa_bss *bss)
9036 {
9037 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
9038
9039 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
9040 struct wpa_bss_tmp_disallowed, list) {
9041 if (os_memcmp(bss->bssid, tmp->bssid, ETH_ALEN) == 0) {
9042 disallowed = tmp;
9043 break;
9044 }
9045 }
9046 if (!disallowed)
9047 return 0;
9048
9049 if (disallowed->rssi_threshold != 0 &&
9050 bss->level > disallowed->rssi_threshold) {
9051 remove_bss_tmp_disallowed_entry(wpa_s, disallowed);
9052 wpa_set_driver_tmp_disallow_list(wpa_s);
9053 return 0;
9054 }
9055
9056 return 1;
9057 }
9058
9059
wpas_enable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type,const u8 * addr,const u8 * mask)9060 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
9061 unsigned int type, const u8 *addr,
9062 const u8 *mask)
9063 {
9064 if ((addr && !mask) || (!addr && mask)) {
9065 wpa_printf(MSG_INFO,
9066 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
9067 return -1;
9068 }
9069
9070 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
9071 wpa_printf(MSG_INFO,
9072 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
9073 return -1;
9074 }
9075
9076 if (type & MAC_ADDR_RAND_SCAN) {
9077 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
9078 addr, mask))
9079 return -1;
9080 }
9081
9082 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
9083 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
9084 addr, mask))
9085 return -1;
9086
9087 if (wpa_s->sched_scanning && !wpa_s->pno)
9088 wpas_scan_restart_sched_scan(wpa_s);
9089 }
9090
9091 if (type & MAC_ADDR_RAND_PNO) {
9092 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
9093 addr, mask))
9094 return -1;
9095
9096 if (wpa_s->pno) {
9097 wpas_stop_pno(wpa_s);
9098 wpas_start_pno(wpa_s);
9099 }
9100 }
9101
9102 return 0;
9103 }
9104
9105
wpas_disable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type)9106 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
9107 unsigned int type)
9108 {
9109 wpas_mac_addr_rand_scan_clear(wpa_s, type);
9110 if (wpa_s->pno) {
9111 if (type & MAC_ADDR_RAND_PNO) {
9112 wpas_stop_pno(wpa_s);
9113 wpas_start_pno(wpa_s);
9114 }
9115 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
9116 wpas_scan_restart_sched_scan(wpa_s);
9117 }
9118
9119 return 0;
9120 }
9121
wpa_drv_get_conn_info(struct wpa_supplicant * wpa_s,struct wpa_conn_info * ci)9122 int wpa_drv_get_conn_info(struct wpa_supplicant *wpa_s, struct wpa_conn_info *ci)
9123 {
9124 int res;
9125
9126 if (!wpa_s->driver->get_conn_info)
9127 return -1;
9128
9129 res = wpa_s->driver->get_conn_info(wpa_s->drv_priv, ci);
9130
9131 return res;
9132 }
9133
wpa_drv_signal_poll(struct wpa_supplicant * wpa_s,struct wpa_signal_info * si)9134 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
9135 struct wpa_signal_info *si)
9136 {
9137 int res;
9138
9139 if (!wpa_s->driver->signal_poll)
9140 return -1;
9141
9142 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
9143
9144 #ifdef CONFIG_TESTING_OPTIONS
9145 if (res == 0) {
9146 struct driver_signal_override *dso;
9147
9148 dl_list_for_each(dso, &wpa_s->drv_signal_override,
9149 struct driver_signal_override, list) {
9150 if (os_memcmp(wpa_s->bssid, dso->bssid,
9151 ETH_ALEN) != 0)
9152 continue;
9153 wpa_printf(MSG_DEBUG,
9154 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
9155 si->current_signal,
9156 dso->si_current_signal,
9157 si->avg_signal,
9158 dso->si_avg_signal,
9159 si->avg_beacon_signal,
9160 dso->si_avg_beacon_signal,
9161 si->current_noise,
9162 dso->si_current_noise);
9163 si->current_signal = dso->si_current_signal;
9164 si->avg_signal = dso->si_avg_signal;
9165 si->avg_beacon_signal = dso->si_avg_beacon_signal;
9166 si->current_noise = dso->si_current_noise;
9167 break;
9168 }
9169 }
9170 #endif /* CONFIG_TESTING_OPTIONS */
9171
9172 return res;
9173 }
9174
9175 struct wpa_scan_results *
wpa_drv_get_scan_results(struct wpa_supplicant * wpa_s,const u8 * bssid)9176 wpa_drv_get_scan_results(struct wpa_supplicant *wpa_s, const u8 *bssid)
9177 {
9178 struct wpa_scan_results *scan_res;
9179 #ifdef CONFIG_TESTING_OPTIONS
9180 size_t idx;
9181 #endif /* CONFIG_TESTING_OPTIONS */
9182
9183 if (wpa_s->driver->get_scan_results)
9184 scan_res = wpa_s->driver->get_scan_results(wpa_s->drv_priv,
9185 bssid);
9186 else if (wpa_s->driver->get_scan_results2)
9187 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
9188 else
9189 return NULL;
9190
9191
9192 #ifdef CONFIG_TESTING_OPTIONS
9193 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
9194 struct driver_signal_override *dso;
9195 struct wpa_scan_res *res = scan_res->res[idx];
9196
9197 dl_list_for_each(dso, &wpa_s->drv_signal_override,
9198 struct driver_signal_override, list) {
9199 if (!ether_addr_equal(res->bssid, dso->bssid))
9200 continue;
9201 wpa_printf(MSG_DEBUG,
9202 "Override driver scan signal level %d->%d for "
9203 MACSTR,
9204 res->level, dso->scan_level,
9205 MAC2STR(res->bssid));
9206 res->flags |= WPA_SCAN_QUAL_INVALID;
9207 if (dso->scan_level < 0)
9208 res->flags |= WPA_SCAN_LEVEL_DBM;
9209 else
9210 res->flags &= ~WPA_SCAN_LEVEL_DBM;
9211 res->level = dso->scan_level;
9212 break;
9213 }
9214 }
9215 #endif /* CONFIG_TESTING_OPTIONS */
9216
9217 return scan_res;
9218 }
9219
9220
wpas_ap_link_address(struct wpa_supplicant * wpa_s,const u8 * addr)9221 bool wpas_ap_link_address(struct wpa_supplicant *wpa_s, const u8 *addr)
9222 {
9223 int i;
9224
9225 if (!wpa_s->valid_links)
9226 return false;
9227
9228 for_each_link(wpa_s->valid_links, i) {
9229 if (ether_addr_equal(wpa_s->links[i].bssid, addr))
9230 return true;
9231 }
9232
9233 return false;
9234 }
9235
9236
wpa_drv_send_action(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int wait,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)9237 int wpa_drv_send_action(struct wpa_supplicant *wpa_s, unsigned int freq,
9238 unsigned int wait, const u8 *dst, const u8 *src,
9239 const u8 *bssid, const u8 *data, size_t data_len,
9240 int no_cck)
9241 {
9242 if (!wpa_s->driver->send_action)
9243 return -1;
9244
9245 if (data_len > 0 && data[0] != WLAN_ACTION_PUBLIC) {
9246 if (wpas_ap_link_address(wpa_s, dst))
9247 dst = wpa_s->ap_mld_addr;
9248
9249 if (wpas_ap_link_address(wpa_s, bssid))
9250 bssid = wpa_s->ap_mld_addr;
9251 }
9252
9253 return wpa_s->driver->send_action(wpa_s->drv_priv, freq, wait, dst, src,
9254 bssid, data, data_len, no_cck);
9255 }
9256
9257
wpas_is_6ghz_supported(struct wpa_supplicant * wpa_s,bool only_enabled)9258 bool wpas_is_6ghz_supported(struct wpa_supplicant *wpa_s, bool only_enabled)
9259 {
9260 struct hostapd_channel_data *chnl;
9261 int i, j;
9262
9263 for (i = 0; i < wpa_s->hw.num_modes; i++) {
9264 if (wpa_s->hw.modes[i].mode == HOSTAPD_MODE_IEEE80211A) {
9265 chnl = wpa_s->hw.modes[i].channels;
9266 for (j = 0; j < wpa_s->hw.modes[i].num_channels; j++) {
9267 if (only_enabled &&
9268 (chnl[j].flag & HOSTAPD_CHAN_DISABLED))
9269 continue;
9270 if (is_6ghz_freq(chnl[j].freq))
9271 return true;
9272 }
9273 }
9274 }
9275
9276 return false;
9277 }
9278
9279
wpas_ap_supports_rsn_overriding(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9280 bool wpas_ap_supports_rsn_overriding(struct wpa_supplicant *wpa_s,
9281 struct wpa_bss *bss)
9282 {
9283 int i;
9284
9285 if (!bss)
9286 return false;
9287 if (wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_IE_VENDOR_TYPE) ||
9288 wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
9289 return true;
9290
9291 if (!wpa_s->valid_links)
9292 return false;
9293
9294 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
9295 if (!(wpa_s->valid_links & BIT(i)))
9296 continue;
9297 if (wpa_s->links[i].bss &&
9298 (wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
9299 RSNE_OVERRIDE_IE_VENDOR_TYPE) ||
9300 wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
9301 RSNE_OVERRIDE_2_IE_VENDOR_TYPE)))
9302 return true;
9303 }
9304
9305 return false;
9306 }
9307
9308
wpas_ap_supports_rsn_overriding_2(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9309 bool wpas_ap_supports_rsn_overriding_2(struct wpa_supplicant *wpa_s,
9310 struct wpa_bss *bss)
9311 {
9312 int i;
9313
9314 if (!bss)
9315 return false;
9316 if (wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
9317 return true;
9318
9319 if (!wpa_s->valid_links)
9320 return false;
9321
9322 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
9323 if (!(wpa_s->valid_links & BIT(i)))
9324 continue;
9325 if (wpa_s->links[i].bss &&
9326 wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
9327 RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
9328 return true;
9329 }
9330
9331 return false;
9332 }
9333