Coverage Report

Created: 2024-02-25 06:04

/src/hostap/wpa_supplicant/wpa_supplicant.c
<
Line
Count
Source (jump to first uncovered line)
1
/*
2
 * WPA Supplicant
3
 * Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi>
4
 *
5
 * This software may be distributed under the terms of the BSD license.
6
 * See README for more details.
7
 *
8
 * This file implements functions for registering and unregistering
9
 * %wpa_supplicant interfaces. In addition, this file contains number of
10
 * functions for managing network connections.
11
 */
12
13
#include "includes.h"
14
#ifdef CONFIG_MATCH_IFACE
15
#include <net/if.h>
16
#include <fnmatch.h>
17
#endif /* CONFIG_MATCH_IFACE */
18
19
#include "common.h"
20
#include "crypto/crypto.h"
21
#include "crypto/random.h"
22
#include "crypto/sha1.h"
23
#include "eapol_supp/eapol_supp_sm.h"
24
#include "eap_peer/eap.h"
25
#include "eap_peer/eap_proxy.h"
26
#include "eap_server/eap_methods.h"
27
#include "rsn_supp/wpa.h"
28
#include "eloop.h"
29
#include "config.h"
30
#include "utils/ext_password.h"
31
#include "l2_packet/l2_packet.h"
32
#include "wpa_supplicant_i.h"
33
#include "driver_i.h"
34
#include "ctrl_iface.h"
35
#include "pcsc_funcs.h"
36
#include "common/version.h"
37
#include "rsn_supp/preauth.h"
38
#include "rsn_supp/pmksa_cache.h"
39
#include "common/wpa_ctrl.h"
40
#include "common/ieee802_11_common.h"
41
#include "common/ieee802_11_defs.h"
42
#include "common/hw_features_common.h"
43
#include "common/gas_server.h"
44
#include "common/dpp.h"
45
#include "common/ptksa_cache.h"
46
#include "p2p/p2p.h"
47
#include "fst/fst.h"
48
#include "bssid_ignore.h"
49
#include "wpas_glue.h"
50
#include "wps_supplicant.h"
51
#include "ibss_rsn.h"
52
#include "sme.h"
53
#include "gas_query.h"
54
#include "ap.h"
55
#include "p2p_supplicant.h"
56
#include "wifi_display.h"
57
#include "notify.h"
58
#include "bgscan.h"
59
#include "autoscan.h"
60
#include "bss.h"
61
#include "scan.h"
62
#include "offchannel.h"
63
#include "hs20_supplicant.h"
64
#include "wnm_sta.h"
65
#include "wpas_kay.h"
66
#include "mesh.h"
67
#include "dpp_supplicant.h"
68
#include "nan_usd.h"
69
#ifdef CONFIG_MESH
70
#include "ap/ap_config.h"
71
#include "ap/hostapd.h"
72
#endif /* CONFIG_MESH */
73
74
const char *const wpa_supplicant_version =
75
"wpa_supplicant v" VERSION_STR "\n"
76
"Copyright (c) 2003-2022, Jouni Malinen <j@w1.fi> and contributors";
77
78
const char *const wpa_supplicant_license =
79
"This software may be distributed under the terms of the BSD license.\n"
80
"See README for more details.\n"
81
#ifdef EAP_TLS_OPENSSL
82
"\nThis product includes software developed by the OpenSSL Project\n"
83
"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
84
#endif /* EAP_TLS_OPENSSL */
85
;
86
87
#ifndef CONFIG_NO_STDOUT_DEBUG
88
/* Long text divided into parts in order to fit in C89 strings size limits. */
89
const char *const wpa_supplicant_full_license1 =
90
"";
91
const char *const wpa_supplicant_full_license2 =
92
"This software may be distributed under the terms of the BSD license.\n"
93
"\n"
94
"Redistribution and use in source and binary forms, with or without\n"
95
"modification, are permitted provided that the following conditions are\n"
96
"met:\n"
97
"\n";
98
const char *const wpa_supplicant_full_license3 =
99
"1. Redistributions of source code must retain the above copyright\n"
100
"   notice, this list of conditions and the following disclaimer.\n"
101
"\n"
102
"2. Redistributions in binary form must reproduce the above copyright\n"
103
"   notice, this list of conditions and the following disclaimer in the\n"
104
"   documentation and/or other materials provided with the distribution.\n"
105
"\n";
106
const char *const wpa_supplicant_full_license4 =
107
"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
108
"   names of its contributors may be used to endorse or promote products\n"
109
"   derived from this software without specific prior written permission.\n"
110
"\n"
111
"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
112
"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
113
"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
114
"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
115
const char *const wpa_supplicant_full_license5 =
116
"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
117
"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
118
"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
119
"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
120
"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
121
"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
122
"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
123
"\n";
124
#endif /* CONFIG_NO_STDOUT_DEBUG */
125
126
127
static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
128
#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
129
static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
130
#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
131
#ifdef CONFIG_OWE
132
static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
133
#endif /* CONFIG_OWE */
134
135
136
#ifdef CONFIG_WEP
137
/* Configure default/group WEP keys for static WEP */
138
int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
139
{
140
  int i, set = 0;
141
142
  for (i = 0; i < NUM_WEP_KEYS; i++) {
143
    if (ssid->wep_key_len[i] == 0)
144
      continue;
145
146
    set = 1;
147
    wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL,
148
        i, i == ssid->wep_tx_keyidx, NULL, 0,
149
        ssid->wep_key[i], ssid->wep_key_len[i],
150
        i == ssid->wep_tx_keyidx ?
151
        KEY_FLAG_GROUP_RX_TX_DEFAULT :
152
        KEY_FLAG_GROUP_RX_TX);
153
  }
154
155
  return set;
156
}
157
#endif /* CONFIG_WEP */
158
159
160
int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
161
            struct wpa_ssid *ssid)
162
0
{
163
0
  u8 key[32];
164
0
  size_t keylen;
165
0
  enum wpa_alg alg;
166
0
  u8 seq[6] = { 0 };
167
0
  int ret;
168
169
  /* IBSS/WPA-None uses only one key (Group) for both receiving and
170
   * sending unicast and multicast packets. */
171
172
0
  if (ssid->mode != WPAS_MODE_IBSS) {
173
0
    wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
174
0
      "IBSS/ad-hoc) for WPA-None", ssid->mode);
175
0
    return -1;
176
0
  }
177
178
0
  if (!ssid->psk_set) {
179
0
    wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
180
0
      "WPA-None");
181
0
    return -1;
182
0
  }
183
184
0
  switch (wpa_s->group_cipher) {
185
0
  case WPA_CIPHER_CCMP:
186
0
    os_memcpy(key, ssid->psk, 16);
187
0
    keylen = 16;
188
0
    alg = WPA_ALG_CCMP;
189
0
    break;
190
0
  case WPA_CIPHER_GCMP:
191
0
    os_memcpy(key, ssid->psk, 16);
192
0
    keylen = 16;
193
0
    alg = WPA_ALG_GCMP;
194
0
    break;
195
0
  case WPA_CIPHER_TKIP:
196
    /* WPA-None uses the same Michael MIC key for both TX and RX */
197
0
    os_memcpy(key, ssid->psk, 16 + 8);
198
0
    os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
199
0
    keylen = 32;
200
0
    alg = WPA_ALG_TKIP;
201
0
    break;
202
0
  default:
203
0
    wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
204
0
      "WPA-None", wpa_s->group_cipher);
205
0
    return -1;
206
0
  }
207
208
  /* TODO: should actually remember the previously used seq#, both for TX
209
   * and RX from each STA.. */
210
211
0
  ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen,
212
0
            KEY_FLAG_GROUP_RX_TX_DEFAULT);
213
0
  os_memset(key, 0, sizeof(key));
214
0
  return ret;
215
0
}
216
217
218
static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
219
0
{
220
0
  struct wpa_supplicant *wpa_s = eloop_ctx;
221
0
  const u8 *bssid = wpa_s->bssid;
222
0
  if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
223
0
      (wpa_s->wpa_state == WPA_AUTHENTICATING ||
224
0
       wpa_s->wpa_state == WPA_ASSOCIATING))
225
0
    bssid = wpa_s->pending_bssid;
226
0
  wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
227
0
    MAC2STR(bssid));
228
0
  wpa_bssid_ignore_add(wpa_s, bssid);
229
0
  wpa_sm_notify_disassoc(wpa_s->wpa);
230
0
  wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
231
0
  wpa_s->reassociate = 1;
232
233
  /*
234
   * If we timed out, the AP or the local radio may be busy.
235
   * So, wait a second until scanning again.
236
   */
237
0
  wpa_supplicant_req_scan(wpa_s, 1, 0);
238
0
}
239
240
241
/**
242
 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
243
 * @wpa_s: Pointer to wpa_supplicant data
244
 * @sec: Number of seconds after which to time out authentication
245
 * @usec: Number of microseconds after which to time out authentication
246
 *
247
 * This function is used to schedule a timeout for the current authentication
248
 * attempt.
249
 */
250
void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
251
             int sec, int usec)
252
0
{
253
0
  if (wpa_s->conf->ap_scan == 0 &&
254
0
      (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
255
0
    return;
256
257
0
  wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
258
0
    "%d usec", sec, usec);
259
0
  eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
260
0
  wpa_s->last_auth_timeout_sec = sec;
261
0
  eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
262
0
}
263
264
265
/*
266
 * wpas_auth_timeout_restart - Restart and change timeout for authentication
267
 * @wpa_s: Pointer to wpa_supplicant data
268
 * @sec_diff: difference in seconds applied to original timeout value
269
 */
270
void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
271
0
{
272
0
  int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
273
274
0
  if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
275
0
    wpa_dbg(wpa_s, MSG_DEBUG,
276
0
      "Authentication timeout restart: %d sec", new_sec);
277
0
    eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
278
0
    eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
279
0
               wpa_s, NULL);
280
0
  }
281
0
}
282
283
284
/**
285
 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
286
 * @wpa_s: Pointer to wpa_supplicant data
287
 *
288
 * This function is used to cancel authentication timeout scheduled with
289
 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
290
 * been completed.
291
 */
292
void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
293
0
{
294
0
  wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
295
0
  eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
296
0
  wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
297
0
  os_free(wpa_s->last_con_fail_realm);
298
0
  wpa_s->last_con_fail_realm = NULL;
299
0
  wpa_s->last_con_fail_realm_len = 0;
300
0
}
301
302
303
/**
304
 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
305
 * @wpa_s: Pointer to wpa_supplicant data
306
 *
307
 * This function is used to configure EAPOL state machine based on the selected
308
 * authentication mode.
309
 */
310
void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
311
0
{
312
0
#ifdef IEEE8021X_EAPOL
313
0
  struct eapol_config eapol_conf;
314
0
  struct wpa_ssid *ssid = wpa_s->current_ssid;
315
316
#ifdef CONFIG_IBSS_RSN
317
  if (ssid->mode == WPAS_MODE_IBSS &&
318
      wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
319
      wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
320
    /*
321
     * RSN IBSS authentication is per-STA and we can disable the
322
     * per-BSSID EAPOL authentication.
323
     */
324
    eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
325
    eapol_sm_notify_eap_success(wpa_s->eapol, true);
326
    eapol_sm_notify_eap_fail(wpa_s->eapol, false);
327
    return;
328
  }
329
#endif /* CONFIG_IBSS_RSN */
330
331
0
  eapol_sm_notify_eap_success(wpa_s->eapol, false);
332
0
  eapol_sm_notify_eap_fail(wpa_s->eapol, false);
333
334
0
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
335
0
      wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
336
0
    eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
337
0
  else
338
0
    eapol_sm_notify_portControl(wpa_s->eapol, Auto);
339
340
0
  os_memset(&eapol_conf, 0, sizeof(eapol_conf));
341
0
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
342
0
    eapol_conf.accept_802_1x_keys = 1;
343
0
    eapol_conf.required_keys = 0;
344
0
    if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
345
0
      eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
346
0
    }
347
0
    if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
348
0
      eapol_conf.required_keys |=
349
0
        EAPOL_REQUIRE_KEY_BROADCAST;
350
0
    }
351
352
0
    if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
353
0
      eapol_conf.required_keys = 0;
354
0
  }
355
0
  eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
356
0
  eapol_conf.workaround = ssid->eap_workaround;
357
0
  eapol_conf.eap_disabled =
358
0
    !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
359
0
    wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
360
0
    wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
361
0
  eapol_conf.external_sim = wpa_s->conf->external_sim;
362
363
#ifdef CONFIG_WPS
364
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
365
    eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
366
    if (wpa_s->current_bss) {
367
      struct wpabuf *ie;
368
      ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
369
               WPS_IE_VENDOR_TYPE);
370
      if (ie) {
371
        if (wps_is_20(ie))
372
          eapol_conf.wps |=
373
            EAPOL_PEER_IS_WPS20_AP;
374
        wpabuf_free(ie);
375
      }
376
    }
377
  }
378
#endif /* CONFIG_WPS */
379
380
0
  eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
381
382
#ifdef CONFIG_MACSEC
383
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
384
    ieee802_1x_create_preshared_mka(wpa_s, ssid);
385
  else
386
    ieee802_1x_alloc_kay_sm(wpa_s, ssid);
387
#endif /* CONFIG_MACSEC */
388
0
#endif /* IEEE8021X_EAPOL */
389
0
}
390
391
392
/**
393
 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
394
 * @wpa_s: Pointer to wpa_supplicant data
395
 * @ssid: Configuration data for the network
396
 *
397
 * This function is used to configure WPA state machine and related parameters
398
 * to a mode where WPA is not enabled. This is called as part of the
399
 * authentication configuration when the selected network does not use WPA.
400
 */
401
void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
402
               struct wpa_ssid *ssid)
403
0
{
404
#ifdef CONFIG_WEP
405
  int i;
406
#endif /* CONFIG_WEP */
407
0
  struct wpa_sm_mlo mlo;
408
409
0
  if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
410
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
411
0
  else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
412
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
413
0
  else
414
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
415
0
  wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
416
0
  wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
417
0
  wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
418
0
  wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
419
0
  wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
420
0
  wpa_s->rsnxe_len = 0;
421
0
  wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
422
0
  wpa_s->group_cipher = WPA_CIPHER_NONE;
423
0
  wpa_s->mgmt_group_cipher = 0;
424
425
#ifdef CONFIG_WEP
426
  for (i = 0; i < NUM_WEP_KEYS; i++) {
427
    if (ssid->wep_key_len[i] > 5) {
428
      wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
429
      wpa_s->group_cipher = WPA_CIPHER_WEP104;
430
      break;
431
    } else if (ssid->wep_key_len[i] > 0) {
432
      wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
433
      wpa_s->group_cipher = WPA_CIPHER_WEP40;
434
      break;
435
    }
436
  }
437
#endif /* CONFIG_WEP */
438
439
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
440
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
441
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
442
0
       wpa_s->pairwise_cipher);
443
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
444
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
445
0
       wpa_s->mgmt_group_cipher);
446
447
0
  pmksa_cache_clear_current(wpa_s->wpa);
448
0
  os_memset(&mlo, 0, sizeof(mlo));
449
0
  wpa_sm_set_mlo_params(wpa_s->wpa, &mlo);
450
0
}
451
452
453
void free_hw_features(struct wpa_supplicant *wpa_s)
454
0
{
455
0
  int i;
456
0
  if (wpa_s->hw.modes == NULL)
457
0
    return;
458
459
0
  for (i = 0; i < wpa_s->hw.num_modes; i++) {
460
0
    os_free(wpa_s->hw.modes[i].channels);
461
0
    os_free(wpa_s->hw.modes[i].rates);
462
0
  }
463
464
0
  os_free(wpa_s->hw.modes);
465
0
  wpa_s->hw.modes = NULL;
466
0
}
467
468
469
static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s,
470
              struct wpa_bss_tmp_disallowed *bss)
471
0
{
472
0
  eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
473
0
  dl_list_del(&bss->list);
474
0
  os_free(bss);
475
0
}
476
477
478
void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
479
0
{
480
0
  struct wpa_bss_tmp_disallowed *bss, *prev;
481
482
0
  dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
483
0
            struct wpa_bss_tmp_disallowed, list)
484
0
    remove_bss_tmp_disallowed_entry(wpa_s, bss);
485
0
}
486
487
488
void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
489
0
{
490
0
  struct fils_hlp_req *req;
491
492
0
  while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
493
0
            list)) != NULL) {
494
0
    dl_list_del(&req->list);
495
0
    wpabuf_free(req->pkt);
496
0
    os_free(req);
497
0
  }
498
0
}
499
500
501
void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
502
0
{
503
0
  struct wpa_supplicant *wpa_s = eloop_ctx;
504
505
0
  if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
506
0
    return;
507
0
  wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
508
0
  wpa_bss_flush(wpa_s);
509
0
}
510
511
512
#ifdef CONFIG_TESTING_OPTIONS
513
void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
514
{
515
  struct driver_signal_override *dso;
516
517
  while ((dso = dl_list_first(&wpa_s->drv_signal_override,
518
            struct driver_signal_override, list))) {
519
    dl_list_del(&dso->list);
520
    os_free(dso);
521
  }
522
}
523
#endif /* CONFIG_TESTING_OPTIONS */
524
525
526
static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
527
0
{
528
0
  int i;
529
530
0
  bgscan_deinit(wpa_s);
531
0
  autoscan_deinit(wpa_s);
532
0
  scard_deinit(wpa_s->scard);
533
0
  wpa_s->scard = NULL;
534
0
  wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
535
0
  eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
536
0
  l2_packet_deinit(wpa_s->l2);
537
0
  wpa_s->l2 = NULL;
538
0
  if (wpa_s->l2_br) {
539
0
    l2_packet_deinit(wpa_s->l2_br);
540
0
    wpa_s->l2_br = NULL;
541
0
  }
542
#ifdef CONFIG_TESTING_OPTIONS
543
  l2_packet_deinit(wpa_s->l2_test);
544
  wpa_s->l2_test = NULL;
545
  os_free(wpa_s->get_pref_freq_list_override);
546
  wpa_s->get_pref_freq_list_override = NULL;
547
  wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
548
  wpa_s->last_assoc_req_wpa_ie = NULL;
549
  os_free(wpa_s->extra_sae_rejected_groups);
550
  wpa_s->extra_sae_rejected_groups = NULL;
551
  wpabuf_free(wpa_s->rsne_override_eapol);
552
  wpa_s->rsne_override_eapol = NULL;
553
  wpabuf_free(wpa_s->rsnxe_override_assoc);
554
  wpa_s->rsnxe_override_assoc = NULL;
555
  wpabuf_free(wpa_s->rsnxe_override_eapol);
556
  wpa_s->rsnxe_override_eapol = NULL;
557
  wpas_clear_driver_signal_override(wpa_s);
558
#endif /* CONFIG_TESTING_OPTIONS */
559
560
0
  if (wpa_s->conf != NULL) {
561
0
    struct wpa_ssid *ssid;
562
0
    for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
563
0
      wpas_notify_network_removed(wpa_s, ssid);
564
0
  }
565
566
0
  os_free(wpa_s->confname);
567
0
  wpa_s->confname = NULL;
568
569
0
  os_free(wpa_s->confanother);
570
0
  wpa_s->confanother = NULL;
571
572
0
  os_free(wpa_s->last_con_fail_realm);
573
0
  wpa_s->last_con_fail_realm = NULL;
574
0
  wpa_s->last_con_fail_realm_len = 0;
575
576
0
  wpa_sm_set_eapol(wpa_s->wpa, NULL);
577
0
  eapol_sm_deinit(wpa_s->eapol);
578
0
  wpa_s->eapol = NULL;
579
580
0
  rsn_preauth_deinit(wpa_s->wpa);
581
582
#ifdef CONFIG_TDLS
583
  wpa_tdls_deinit(wpa_s->wpa);
584
#endif /* CONFIG_TDLS */
585
586
0
#ifndef CONFIG_NO_WMM_AC
587
0
  wmm_ac_clear_saved_tspecs(wpa_s);
588
0
#endif /* CONFIG_NO_WMM_AC */
589
0
  pmksa_candidate_free(wpa_s->wpa);
590
0
  ptksa_cache_deinit(wpa_s->ptksa);
591
0
  wpa_s->ptksa = NULL;
592
0
  wpa_sm_deinit(wpa_s->wpa);
593
0
  wpa_s->wpa = NULL;
594
0
  wpa_bssid_ignore_clear(wpa_s);
595
596
#ifdef CONFIG_PASN
597
  wpas_pasn_auth_stop(wpa_s);
598
#endif /* CONFIG_PASN */
599
600
0
  wpa_bss_deinit(wpa_s);
601
602
0
  wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
603
0
  wpa_supplicant_cancel_scan(wpa_s);
604
0
  wpa_supplicant_cancel_auth_timeout(wpa_s);
605
0
  eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
606
#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
607
  eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
608
           wpa_s, NULL);
609
#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
610
611
0
  eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
612
0
  eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
613
614
0
  wpas_wps_deinit(wpa_s);
615
616
0
  wpabuf_free(wpa_s->pending_eapol_rx);
617
0
  wpa_s->pending_eapol_rx = NULL;
618
619
#ifdef CONFIG_IBSS_RSN
620
  ibss_rsn_deinit(wpa_s->ibss_rsn);
621
  wpa_s->ibss_rsn = NULL;
622
#endif /* CONFIG_IBSS_RSN */
623
624
0
  sme_deinit(wpa_s);
625
626
#ifdef CONFIG_AP
627
  wpa_supplicant_ap_deinit(wpa_s);
628
#endif /* CONFIG_AP */
629
630
0
  wpas_p2p_deinit(wpa_s);
631
632
#ifdef CONFIG_OFFCHANNEL
633
  offchannel_deinit(wpa_s);
634
#endif /* CONFIG_OFFCHANNEL */
635
636
0
  wpa_supplicant_cancel_sched_scan(wpa_s);
637
638
0
  os_free(wpa_s->next_scan_freqs);
639
0
  wpa_s->next_scan_freqs = NULL;
640
641
0
  os_free(wpa_s->manual_scan_freqs);
642
0
  wpa_s->manual_scan_freqs = NULL;
643
0
  os_free(wpa_s->select_network_scan_freqs);
644
0
  wpa_s->select_network_scan_freqs = NULL;
645
646
0
  os_free(wpa_s->manual_sched_scan_freqs);
647
0
  wpa_s->manual_sched_scan_freqs = NULL;
648
649
0
  wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
650
651
  /*
652
   * Need to remove any pending gas-query radio work before the
653
   * gas_query_deinit() call because gas_query::work has not yet been set
654
   * for works that have not been started. gas_query_free() will be unable
655
   * to cancel such pending radio works and once the pending gas-query
656
   * radio work eventually gets removed, the deinit notification call to
657
   * gas_query_start_cb() would result in dereferencing freed memory.
658
   */
659
0
  if (wpa_s->radio)
660
0
    radio_remove_works(wpa_s, "gas-query", 0);
661
0
  gas_query_deinit(wpa_s->gas);
662
0
  wpa_s->gas = NULL;
663
0
  gas_server_deinit(wpa_s->gas_server);
664
0
  wpa_s->gas_server = NULL;
665
666
0
  free_hw_features(wpa_s);
667
668
0
  ieee802_1x_dealloc_kay_sm(wpa_s);
669
670
0
  os_free(wpa_s->bssid_filter);
671
0
  wpa_s->bssid_filter = NULL;
672
673
0
  os_free(wpa_s->disallow_aps_bssid);
674
0
  wpa_s->disallow_aps_bssid = NULL;
675
0
  os_free(wpa_s->disallow_aps_ssid);
676
0
  wpa_s->disallow_aps_ssid = NULL;
677
678
0
  wnm_bss_keep_alive_deinit(wpa_s);
679
0
#ifdef CONFIG_WNM
680
0
  wnm_deallocate_memory(wpa_s);
681
0
#endif /* CONFIG_WNM */
682
683
0
  ext_password_deinit(wpa_s->ext_pw);
684
0
  wpa_s->ext_pw = NULL;
685
686
0
  wpabuf_free(wpa_s->last_gas_resp);
687
0
  wpa_s->last_gas_resp = NULL;
688
0
  wpabuf_free(wpa_s->prev_gas_resp);
689
0
  wpa_s->prev_gas_resp = NULL;
690
691
0
  os_free(wpa_s->last_scan_res);
692
0
  wpa_s->last_scan_res = NULL;
693
694
0
#ifdef CONFIG_HS20
695
0
  if (wpa_s->drv_priv)
696
0
    wpa_drv_configure_frame_filters(wpa_s, 0);
697
0
  hs20_deinit(wpa_s);
698
0
#endif /* CONFIG_HS20 */
699
700
0
  for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
701
0
    wpabuf_free(wpa_s->vendor_elem[i]);
702
0
    wpa_s->vendor_elem[i] = NULL;
703
0
  }
704
705
0
#ifndef CONFIG_NO_WMM_AC
706
0
  wmm_ac_notify_disassoc(wpa_s);
707
0
#endif /* CONFIG_NO_WMM_AC */
708
709
0
  wpa_s->sched_scan_plans_num = 0;
710
0
  os_free(wpa_s->sched_scan_plans);
711
0
  wpa_s->sched_scan_plans = NULL;
712
713
#ifdef CONFIG_MBO
714
  wpa_s->non_pref_chan_num = 0;
715
  os_free(wpa_s->non_pref_chan);
716
  wpa_s->non_pref_chan = NULL;
717
#endif /* CONFIG_MBO */
718
719
0
  free_bss_tmp_disallowed(wpa_s);
720
721
0
  wpabuf_free(wpa_s->lci);
722
0
  wpa_s->lci = NULL;
723
0
#ifndef CONFIG_NO_RRM
724
0
  wpas_clear_beacon_rep_data(wpa_s);
725
0
#endif /* CONFIG_NO_RRM */
726
727
#ifdef CONFIG_PMKSA_CACHE_EXTERNAL
728
#ifdef CONFIG_MESH
729
  {
730
    struct external_pmksa_cache *entry;
731
732
    while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
733
               struct external_pmksa_cache,
734
               list)) != NULL) {
735
      dl_list_del(&entry->list);
736
      os_free(entry->pmksa_cache);
737
      os_free(entry);
738
    }
739
  }
740
#endif /* CONFIG_MESH */
741
#endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
742
743
0
  wpas_flush_fils_hlp_req(wpa_s);
744
745
0
  wpabuf_free(wpa_s->ric_ies);
746
0
  wpa_s->ric_ies = NULL;
747
748
#ifdef CONFIG_DPP
749
  wpas_dpp_deinit(wpa_s);
750
  dpp_global_deinit(wpa_s->dpp);
751
  wpa_s->dpp = NULL;
752
#endif /* CONFIG_DPP */
753
754
#ifdef CONFIG_NAN_USD
755
  wpas_nan_usd_deinit(wpa_s);
756
#endif /* CONFIG_NAN_USD */
757
758
#ifdef CONFIG_PASN
759
  wpas_pasn_auth_stop(wpa_s);
760
#endif /* CONFIG_PASN */
761
0
#ifndef CONFIG_NO_ROBUST_AV
762
0
  wpas_scs_deinit(wpa_s);
763
0
  wpas_dscp_deinit(wpa_s);
764
0
#endif /* CONFIG_NO_ROBUST_AV */
765
766
#ifdef CONFIG_OWE
767
  os_free(wpa_s->owe_trans_scan_freq);
768
  wpa_s->owe_trans_scan_freq = NULL;
769
#endif /* CONFIG_OWE */
770
0
}
771
772
773
/**
774
 * wpa_clear_keys - Clear keys configured for the driver
775
 * @wpa_s: Pointer to wpa_supplicant data
776
 * @addr: Previously used BSSID or %NULL if not available
777
 *
778
 * This function clears the encryption keys that has been previously configured
779
 * for the driver.
780
 */
781
void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
782
0
{
783
0
  int i, max = 6;
784
785
  /* MLME-DELETEKEYS.request */
786
0
  for (i = 0; i < max; i++) {
787
0
    if (wpa_s->keys_cleared & BIT(i))
788
0
      continue;
789
0
    wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
790
0
        NULL, 0, KEY_FLAG_GROUP);
791
0
  }
792
  /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
793
0
  if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
794
0
      !is_zero_ether_addr(addr)) {
795
0
    if (!(wpa_s->keys_cleared & BIT(0)))
796
0
      wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0,
797
0
          NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE);
798
0
    if (!(wpa_s->keys_cleared & BIT(15)))
799
0
      wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0,
800
0
          NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE);
801
    /* MLME-SETPROTECTION.request(None) */
802
0
    wpa_drv_mlme_setprotection(
803
0
      wpa_s, addr,
804
0
      MLME_SETPROTECTION_PROTECT_TYPE_NONE,
805
0
      MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
806
0
  }
807
0
  wpa_s->keys_cleared = (u32) -1;
808
0
}
809
810
811
/**
812
 * wpa_supplicant_state_txt - Get the connection state name as a text string
813
 * @state: State (wpa_state; WPA_*)
814
 * Returns: The state name as a printable text string
815
 */
816
const char * wpa_supplicant_state_txt(enum wpa_states state)
817
0
{
818
0
  switch (state) {
819
0
  case WPA_DISCONNECTED:
820
0
    return "DISCONNECTED";
821
0
  case WPA_INACTIVE:
822
0
    return "INACTIVE";
823
0
  case WPA_INTERFACE_DISABLED:
824
0
    return "INTERFACE_DISABLED";
825
0
  case WPA_SCANNING:
826
0
    return "SCANNING";
827
0
  case WPA_AUTHENTICATING:
828
0
    return "AUTHENTICATING";
829
0
  case WPA_ASSOCIATING:
830
0
    return "ASSOCIATING";
831
0
  case WPA_ASSOCIATED:
832
0
    return "ASSOCIATED";
833
0
  case WPA_4WAY_HANDSHAKE:
834
0
    return "4WAY_HANDSHAKE";
835
0
  case WPA_GROUP_HANDSHAKE:
836
0
    return "GROUP_HANDSHAKE";
837
0
  case WPA_COMPLETED:
838
0
    return "COMPLETED";
839
0
  default:
840
0
    return "UNKNOWN";
841
0
  }
842
0
}
843
844
845
#ifdef CONFIG_BGSCAN
846
847
static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
848
{
849
  if (wpa_s->bgscan_ssid) {
850
    bgscan_deinit(wpa_s);
851
    wpa_s->bgscan_ssid = NULL;
852
  }
853
}
854
855
856
/**
857
 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
858
 * @wpa_s: Pointer to the wpa_supplicant data
859
 *
860
 * Stop, start, or reconfigure the scan parameters depending on the method.
861
 */
862
void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
863
{
864
  const char *name;
865
866
  if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
867
    name = wpa_s->current_ssid->bgscan;
868
  else
869
    name = wpa_s->conf->bgscan;
870
  if (!name || name[0] == '\0') {
871
    wpa_supplicant_stop_bgscan(wpa_s);
872
    return;
873
  }
874
  if (wpas_driver_bss_selection(wpa_s))
875
    return;
876
#ifdef CONFIG_P2P
877
  if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
878
    return;
879
#endif /* CONFIG_P2P */
880
881
  bgscan_deinit(wpa_s);
882
  if (wpa_s->current_ssid) {
883
    if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
884
      wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
885
        "bgscan");
886
      /*
887
       * Live without bgscan; it is only used as a roaming
888
       * optimization, so the initial connection is not
889
       * affected.
890
       */
891
    } else {
892
      struct wpa_scan_results *scan_res;
893
      wpa_s->bgscan_ssid = wpa_s->current_ssid;
894
      scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
895
                   0);
896
      if (scan_res) {
897
        bgscan_notify_scan(wpa_s, scan_res);
898
        wpa_scan_results_free(scan_res);
899
      }
900
    }
901
  } else
902
    wpa_s->bgscan_ssid = NULL;
903
}
904
905
#endif /* CONFIG_BGSCAN */
906
907
908
static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
909
0
{
910
0
  if (autoscan_init(wpa_s, 0))
911
0
    wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
912
0
}
913
914
915
static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
916
0
{
917
0
  autoscan_deinit(wpa_s);
918
0
}
919
920
921
void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
922
0
{
923
0
  if (wpa_s->wpa_state == WPA_DISCONNECTED ||
924
0
      wpa_s->wpa_state == WPA_SCANNING) {
925
0
    autoscan_deinit(wpa_s);
926
0
    wpa_supplicant_start_autoscan(wpa_s);
927
0
  }
928
0
}
929
930
931
/**
932
 * wpa_supplicant_set_state - Set current connection state
933
 * @wpa_s: Pointer to wpa_supplicant data
934
 * @state: The new connection state
935
 *
936
 * This function is called whenever the connection state changes, e.g.,
937
 * association is completed for WPA/WPA2 4-Way Handshake is started.
938
 */
939
void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
940
            enum wpa_states state)
941
0
{
942
0
  enum wpa_states old_state = wpa_s->wpa_state;
943
#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
944
  bool update_fils_connect_params = false;
945
#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
946
947
0
  wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
948
0
    wpa_supplicant_state_txt(wpa_s->wpa_state),
949
0
    wpa_supplicant_state_txt(state));
950
951
0
  if (state == WPA_COMPLETED &&
952
0
      os_reltime_initialized(&wpa_s->roam_start)) {
953
0
    os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
954
0
    wpa_s->roam_start.sec = 0;
955
0
    wpa_s->roam_start.usec = 0;
956
0
    wpas_notify_auth_changed(wpa_s);
957
0
    wpas_notify_roam_time(wpa_s);
958
0
    wpas_notify_roam_complete(wpa_s);
959
0
  } else if (state == WPA_DISCONNECTED &&
960
0
       os_reltime_initialized(&wpa_s->roam_start)) {
961
0
    wpa_s->roam_start.sec = 0;
962
0
    wpa_s->roam_start.usec = 0;
963
0
    wpa_s->roam_time.sec = 0;
964
0
    wpa_s->roam_time.usec = 0;
965
0
    wpas_notify_roam_complete(wpa_s);
966
0
  }
967
968
0
  if (state == WPA_INTERFACE_DISABLED) {
969
    /* Assure normal scan when interface is restored */
970
0
    wpa_s->normal_scans = 0;
971
0
  }
972
973
0
  if (state == WPA_COMPLETED) {
974
0
    wpas_connect_work_done(wpa_s);
975
    /* Reinitialize normal_scan counter */
976
0
    wpa_s->normal_scans = 0;
977
0
  }
978
979
#ifdef CONFIG_P2P
980
  /*
981
   * P2PS client has to reply to Probe Request frames received on the
982
   * group operating channel. Enable Probe Request frame reporting for
983
   * P2P connected client in case p2p_cli_probe configuration property is
984
   * set to 1.
985
   */
986
  if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
987
      wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
988
      wpa_s->current_ssid->p2p_group) {
989
    if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
990
      wpa_dbg(wpa_s, MSG_DEBUG,
991
        "P2P: Enable CLI Probe Request RX reporting");
992
      wpa_s->p2p_cli_probe =
993
        wpa_drv_probe_req_report(wpa_s, 1) >= 0;
994
    } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
995
      wpa_dbg(wpa_s, MSG_DEBUG,
996
        "P2P: Disable CLI Probe Request RX reporting");
997
      wpa_s->p2p_cli_probe = 0;
998
      wpa_drv_probe_req_report(wpa_s, 0);
999
    }
1000
  }
1001
#endif /* CONFIG_P2P */
1002
1003
0
  if (state != WPA_SCANNING)
1004
0
    wpa_supplicant_notify_scanning(wpa_s, 0);
1005
1006
0
  if (state == WPA_COMPLETED && wpa_s->new_connection) {
1007
0
    struct wpa_ssid *ssid = wpa_s->current_ssid;
1008
0
    int fils_hlp_sent = 0;
1009
0
    char mld_addr[50];
1010
1011
0
    mld_addr[0] = '\0';
1012
0
    if (wpa_s->valid_links)
1013
0
      os_snprintf(mld_addr, sizeof(mld_addr),
1014
0
            " ap_mld_addr=" MACSTR,
1015
0
            MAC2STR(wpa_s->ap_mld_addr));
1016
1017
#ifdef CONFIG_SME
1018
    if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1019
        wpa_auth_alg_fils(wpa_s->sme.auth_alg))
1020
      fils_hlp_sent = 1;
1021
#endif /* CONFIG_SME */
1022
0
    if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1023
0
        wpa_auth_alg_fils(wpa_s->auth_alg))
1024
0
      fils_hlp_sent = 1;
1025
1026
0
#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
1027
0
    wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1028
0
      MACSTR " completed [id=%d id_str=%s%s]%s",
1029
0
      MAC2STR(wpa_s->bssid),
1030
0
      ssid ? ssid->id : -1,
1031
0
      ssid && ssid->id_str ? ssid->id_str : "",
1032
0
      fils_hlp_sent ? " FILS_HLP_SENT" : "", mld_addr);
1033
0
#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1034
0
    wpas_clear_temp_disabled(wpa_s, ssid, 1);
1035
0
    wpa_s->consecutive_conn_failures = 0;
1036
0
    wpa_s->new_connection = 0;
1037
0
    wpa_drv_set_operstate(wpa_s, 1);
1038
#ifndef IEEE8021X_EAPOL
1039
    wpa_drv_set_supp_port(wpa_s, 1);
1040
#endif /* IEEE8021X_EAPOL */
1041
0
    wpa_s->after_wps = 0;
1042
0
    wpa_s->known_wps_freq = 0;
1043
0
    wpas_p2p_completed(wpa_s);
1044
1045
0
    sme_sched_obss_scan(wpa_s, 1);
1046
1047
#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1048
    if (!fils_hlp_sent && ssid && ssid->eap.erp)
1049
      update_fils_connect_params = true;
1050
#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1051
#ifdef CONFIG_OWE
1052
    if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1053
      wpas_update_owe_connect_params(wpa_s);
1054
#endif /* CONFIG_OWE */
1055
0
  } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1056
0
       state == WPA_ASSOCIATED) {
1057
0
    wpa_s->new_connection = 1;
1058
0
    wpa_drv_set_operstate(wpa_s, 0);
1059
#ifndef IEEE8021X_EAPOL
1060
    wpa_drv_set_supp_port(wpa_s, 0);
1061
#endif /* IEEE8021X_EAPOL */
1062
0
    sme_sched_obss_scan(wpa_s, 0);
1063
0
  }
1064
0
  wpa_s->wpa_state = state;
1065
1066
#ifdef CONFIG_BGSCAN
1067
  if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1068
    wpa_supplicant_reset_bgscan(wpa_s);
1069
  else if (state < WPA_ASSOCIATED)
1070
    wpa_supplicant_stop_bgscan(wpa_s);
1071
#endif /* CONFIG_BGSCAN */
1072
1073
0
  if (state > WPA_SCANNING)
1074
0
    wpa_supplicant_stop_autoscan(wpa_s);
1075
1076
0
  if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1077
0
    wpa_supplicant_start_autoscan(wpa_s);
1078
1079
0
#ifndef CONFIG_NO_WMM_AC
1080
0
  if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1081
0
    wmm_ac_notify_disassoc(wpa_s);
1082
0
#endif /* CONFIG_NO_WMM_AC */
1083
1084
0
  if (wpa_s->wpa_state != old_state) {
1085
0
    wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1086
1087
    /*
1088
     * Notify the P2P Device interface about a state change in one
1089
     * of the interfaces.
1090
     */
1091
0
    wpas_p2p_indicate_state_change(wpa_s);
1092
1093
0
    if (wpa_s->wpa_state == WPA_COMPLETED ||
1094
0
        old_state == WPA_COMPLETED)
1095
0
      wpas_notify_auth_changed(wpa_s);
1096
#ifdef CONFIG_DPP2
1097
    if (wpa_s->wpa_state == WPA_COMPLETED)
1098
      wpas_dpp_connected(wpa_s);
1099
#endif /* CONFIG_DPP2 */
1100
0
  }
1101
#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1102
  if (update_fils_connect_params)
1103
    wpas_update_fils_connect_params(wpa_s);
1104
#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1105
0
}
1106
1107
1108
void wpa_supplicant_terminate_proc(struct wpa_global *global)
1109
0
{
1110
0
  int pending = 0;
1111
#ifdef CONFIG_WPS
1112
  struct wpa_supplicant *wpa_s = global->ifaces;
1113
  while (wpa_s) {
1114
    struct wpa_supplicant *next = wpa_s->next;
1115
    if (wpas_wps_terminate_pending(wpa_s) == 1)
1116
      pending = 1;
1117
#ifdef CONFIG_P2P
1118
    if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1119
        (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1120
      wpas_p2p_disconnect(wpa_s);
1121
#endif /* CONFIG_P2P */
1122
    wpa_s = next;
1123
  }
1124
#endif /* CONFIG_WPS */
1125
0
  if (pending)
1126
0
    return;
1127
0
  eloop_terminate();
1128
0
}
1129
1130
1131
static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1132
0
{
1133
0
  struct wpa_global *global = signal_ctx;
1134
0
  wpa_supplicant_terminate_proc(global);
1135
0
}
1136
1137
1138
void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1139
0
{
1140
0
  enum wpa_states old_state = wpa_s->wpa_state;
1141
0
  enum wpa_states new_state;
1142
1143
0
  if (old_state == WPA_SCANNING)
1144
0
    new_state = WPA_SCANNING;
1145
0
  else
1146
0
    new_state = WPA_DISCONNECTED;
1147
1148
0
  wpa_s->pairwise_cipher = 0;
1149
0
  wpa_s->group_cipher = 0;
1150
0
  wpa_s->mgmt_group_cipher = 0;
1151
0
  wpa_s->key_mgmt = 0;
1152
0
  wpa_s->allowed_key_mgmts = 0;
1153
0
  if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1154
0
    wpa_supplicant_set_state(wpa_s, new_state);
1155
1156
0
  if (wpa_s->wpa_state != old_state)
1157
0
    wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1158
0
}
1159
1160
1161
/**
1162
 * wpa_supplicant_reload_configuration - Reload configuration data
1163
 * @wpa_s: Pointer to wpa_supplicant data
1164
 * Returns: 0 on success or -1 if configuration parsing failed
1165
 *
1166
 * This function can be used to request that the configuration data is reloaded
1167
 * (e.g., after configuration file change). This function is reloading
1168
 * configuration only for one interface, so this may need to be called multiple
1169
 * times if %wpa_supplicant is controlling multiple interfaces and all
1170
 * interfaces need reconfiguration.
1171
 */
1172
int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1173
0
{
1174
0
  struct wpa_config *conf;
1175
0
  int reconf_ctrl;
1176
0
  int old_ap_scan;
1177
1178
0
  if (wpa_s->confname == NULL)
1179
0
    return -1;
1180
0
  conf = wpa_config_read(wpa_s->confname, NULL, false);
1181
0
  if (conf == NULL) {
1182
0
    wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1183
0
      "file '%s' - exiting", wpa_s->confname);
1184
0
    return -1;
1185
0
  }
1186
0
  if (wpa_s->confanother &&
1187
0
      !wpa_config_read(wpa_s->confanother, conf, true)) {
1188
0
    wpa_msg(wpa_s, MSG_ERROR,
1189
0
      "Failed to parse the configuration file '%s' - exiting",
1190
0
      wpa_s->confanother);
1191
0
    return -1;
1192
0
  }
1193
1194
0
  conf->changed_parameters = (unsigned int) -1;
1195
1196
0
  reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1197
0
    || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1198
0
        os_strcmp(conf->ctrl_interface,
1199
0
            wpa_s->conf->ctrl_interface) != 0);
1200
1201
0
  if (reconf_ctrl) {
1202
0
    wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1203
0
    wpa_s->ctrl_iface = NULL;
1204
0
  }
1205
1206
0
  eapol_sm_invalidate_cached_session(wpa_s->eapol);
1207
0
  if (wpa_s->current_ssid) {
1208
0
    if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1209
0
      wpa_s->own_disconnect_req = 1;
1210
0
    wpa_supplicant_deauthenticate(wpa_s,
1211
0
                WLAN_REASON_DEAUTH_LEAVING);
1212
0
  }
1213
1214
  /*
1215
   * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1216
   * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1217
   */
1218
0
  if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1219
0
      wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1220
0
      wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1221
    /*
1222
     * Clear forced success to clear EAP state for next
1223
     * authentication.
1224
     */
1225
0
    eapol_sm_notify_eap_success(wpa_s->eapol, false);
1226
0
  }
1227
0
  eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1228
0
  wpa_sm_set_config(wpa_s->wpa, NULL);
1229
0
  wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1230
0
  wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1231
0
  rsn_preauth_deinit(wpa_s->wpa);
1232
1233
0
  old_ap_scan = wpa_s->conf->ap_scan;
1234
0
  wpa_config_free(wpa_s->conf);
1235
0
  wpa_s->conf = conf;
1236
0
  if (old_ap_scan != wpa_s->conf->ap_scan)
1237
0
    wpas_notify_ap_scan_changed(wpa_s);
1238
1239
0
  if (reconf_ctrl)
1240
0
    wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1241
1242
0
  wpa_supplicant_update_config(wpa_s);
1243
1244
0
  wpa_supplicant_clear_status(wpa_s);
1245
0
  if (wpa_supplicant_enabled_networks(wpa_s)) {
1246
0
    wpa_s->reassociate = 1;
1247
0
    wpa_supplicant_req_scan(wpa_s, 0, 0);
1248
0
  }
1249
0
  wpa_bssid_ignore_clear(wpa_s);
1250
0
  wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1251
0
  return 0;
1252
0
}
1253
1254
1255
static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1256
0
{
1257
0
  struct wpa_global *global = signal_ctx;
1258
0
  struct wpa_supplicant *wpa_s;
1259
0
  for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1260
0
    wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1261
0
      sig);
1262
0
    if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1263
0
      wpa_supplicant_terminate_proc(global);
1264
0
    }
1265
0
  }
1266
1267
0
  if (wpa_debug_reopen_file() < 0) {
1268
    /* Ignore errors since we cannot really do much to fix this */
1269
0
    wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1270
0
  }
1271
0
}
1272
1273
1274
static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1275
           struct wpa_ssid *ssid,
1276
           struct wpa_ie_data *ie)
1277
0
{
1278
0
  int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1279
0
  if (ret) {
1280
0
    if (ret == -2) {
1281
0
      wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1282
0
        "from association info");
1283
0
    }
1284
0
    return -1;
1285
0
  }
1286
1287
0
  wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1288
0
    "cipher suites");
1289
0
  if (!(ie->group_cipher & ssid->group_cipher)) {
1290
0
    wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1291
0
      "cipher 0x%x (mask 0x%x) - reject",
1292
0
      ie->group_cipher, ssid->group_cipher);
1293
0
    return -1;
1294
0
  }
1295
0
  if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1296
0
    wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1297
0
      "cipher 0x%x (mask 0x%x) - reject",
1298
0
      ie->pairwise_cipher, ssid->pairwise_cipher);
1299
0
    return -1;
1300
0
  }
1301
0
  if (!(ie->key_mgmt & ssid->key_mgmt)) {
1302
0
    wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1303
0
      "management 0x%x (mask 0x%x) - reject",
1304
0
      ie->key_mgmt, ssid->key_mgmt);
1305
0
    return -1;
1306
0
  }
1307
1308
0
  if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1309
0
      wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1310
0
    wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1311
0
      "that does not support management frame protection - "
1312
0
      "reject");
1313
0
    return -1;
1314
0
  }
1315
1316
0
  return 0;
1317
0
}
1318
1319
1320
static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1321
          int freq)
1322
0
{
1323
0
  if (!ie->has_group)
1324
0
    ie->group_cipher = wpa_default_rsn_cipher(freq);
1325
0
  if (!ie->has_pairwise)
1326
0
    ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1327
0
  return (ie->group_cipher & ssid->group_cipher) &&
1328
0
    (ie->pairwise_cipher & ssid->pairwise_cipher);
1329
0
}
1330
1331
1332
void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
1333
        struct wpa_ssid *ssid, struct wpa_ie_data *ie)
1334
0
{
1335
0
  int sel;
1336
1337
0
  sel = ie->mgmt_group_cipher;
1338
0
  if (ssid->group_mgmt_cipher)
1339
0
    sel &= ssid->group_mgmt_cipher;
1340
0
  if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1341
0
      !(ie->capabilities & WPA_CAPABILITY_MFPC))
1342
0
    sel = 0;
1343
0
  wpa_dbg(wpa_s, MSG_DEBUG,
1344
0
    "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1345
0
    ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1346
0
  if (sel & WPA_CIPHER_AES_128_CMAC) {
1347
0
    wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1348
0
    wpa_dbg(wpa_s, MSG_DEBUG,
1349
0
      "WPA: using MGMT group cipher AES-128-CMAC");
1350
0
  } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1351
0
    wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1352
0
    wpa_dbg(wpa_s, MSG_DEBUG,
1353
0
      "WPA: using MGMT group cipher BIP-GMAC-128");
1354
0
  } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1355
0
    wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1356
0
    wpa_dbg(wpa_s, MSG_DEBUG,
1357
0
      "WPA: using MGMT group cipher BIP-GMAC-256");
1358
0
  } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1359
0
    wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1360
0
    wpa_dbg(wpa_s, MSG_DEBUG,
1361
0
      "WPA: using MGMT group cipher BIP-CMAC-256");
1362
0
  } else {
1363
0
    wpa_s->mgmt_group_cipher = 0;
1364
0
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1365
0
  }
1366
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1367
0
       wpa_s->mgmt_group_cipher);
1368
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1369
0
       wpas_get_ssid_pmf(wpa_s, ssid));
1370
0
}
1371
1372
/**
1373
 * wpa_supplicant_get_psk - Get PSK from config or external database
1374
 * @wpa_s: Pointer to wpa_supplicant data
1375
 * @bss: Scan results for the selected BSS, or %NULL if not available
1376
 * @ssid: Configuration data for the selected network
1377
 * @psk: Buffer for the PSK
1378
 * Returns: 0 on success or -1 if configuration parsing failed
1379
 *
1380
 * This function obtains the PSK for a network, either included inline in the
1381
 * config or retrieved from an external database.
1382
 */
1383
static int wpa_supplicant_get_psk(struct wpa_supplicant *wpa_s,
1384
          struct wpa_bss *bss, struct wpa_ssid *ssid,
1385
          u8 *psk)
1386
0
{
1387
0
  if (ssid->psk_set) {
1388
0
    wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1389
0
        ssid->psk, PMK_LEN);
1390
0
    os_memcpy(psk, ssid->psk, PMK_LEN);
1391
0
    return 0;
1392
0
  }
1393
1394
0
#ifndef CONFIG_NO_PBKDF2
1395
0
  if (bss && ssid->bssid_set && ssid->ssid_len == 0 && ssid->passphrase) {
1396
0
    if (pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1397
0
        4096, psk, PMK_LEN) != 0) {
1398
0
      wpa_msg(wpa_s, MSG_WARNING, "Error in pbkdf2_sha1()");
1399
0
      return -1;
1400
0
    }
1401
0
    wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1402
0
        psk, PMK_LEN);
1403
0
    return 0;
1404
0
  }
1405
0
#endif /* CONFIG_NO_PBKDF2 */
1406
1407
#ifdef CONFIG_EXT_PASSWORD
1408
  if (ssid->ext_psk) {
1409
    struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1410
                 ssid->ext_psk);
1411
    char pw_str[64 + 1];
1412
1413
    if (!pw) {
1414
      wpa_msg(wpa_s, MSG_INFO,
1415
        "EXT PW: No PSK found from external storage");
1416
      return -1;
1417
    }
1418
1419
    if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1420
      wpa_msg(wpa_s, MSG_INFO,
1421
        "EXT PW: Unexpected PSK length %d in external storage",
1422
        (int) wpabuf_len(pw));
1423
      ext_password_free(pw);
1424
      return -1;
1425
    }
1426
1427
    os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1428
    pw_str[wpabuf_len(pw)] = '\0';
1429
1430
#ifndef CONFIG_NO_PBKDF2
1431
    if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1432
    {
1433
      if (pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1434
          4096, psk, PMK_LEN) != 0) {
1435
        wpa_msg(wpa_s, MSG_WARNING,
1436
          "Error in pbkdf2_sha1()");
1437
        forced_memzero(pw_str, sizeof(pw_str));
1438
        ext_password_free(pw);
1439
        return -1;
1440
      }
1441
      wpa_hexdump_key(MSG_MSGDUMP,
1442
          "PSK (from external passphrase)",
1443
          psk, PMK_LEN);
1444
    } else
1445
#endif /* CONFIG_NO_PBKDF2 */
1446
    if (wpabuf_len(pw) == 2 * PMK_LEN) {
1447
      if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1448
        wpa_msg(wpa_s, MSG_INFO,
1449
          "EXT PW: Invalid PSK hex string");
1450
        forced_memzero(pw_str, sizeof(pw_str));
1451
        ext_password_free(pw);
1452
        return -1;
1453
      }
1454
      wpa_hexdump_key(MSG_MSGDUMP, "PSK (from external PSK)",
1455
          psk, PMK_LEN);
1456
    } else {
1457
      wpa_msg(wpa_s, MSG_INFO,
1458
        "EXT PW: No suitable PSK available");
1459
      forced_memzero(pw_str, sizeof(pw_str));
1460
      ext_password_free(pw);
1461
      return -1;
1462
    }
1463
1464
    forced_memzero(pw_str, sizeof(pw_str));
1465
    ext_password_free(pw);
1466
1467
    return 0;
1468
  }
1469
#endif /* CONFIG_EXT_PASSWORD */
1470
1471
0
  return -1;
1472
0
}
1473
1474
1475
static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s,
1476
           struct wpa_ssid *ssid)
1477
0
{
1478
0
  int akm_count = wpa_s->max_num_akms;
1479
0
  u8 capab = 0;
1480
1481
0
  if (akm_count < 2)
1482
0
    return;
1483
1484
0
  akm_count--;
1485
0
  wpa_s->allowed_key_mgmts = 0;
1486
0
  switch (wpa_s->key_mgmt) {
1487
0
  case WPA_KEY_MGMT_PSK:
1488
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1489
0
      akm_count--;
1490
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1491
0
    }
1492
0
    if (!akm_count)
1493
0
      break;
1494
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1495
0
      akm_count--;
1496
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1497
0
    }
1498
0
    if (!akm_count)
1499
0
      break;
1500
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1501
0
      wpa_s->allowed_key_mgmts |=
1502
0
        WPA_KEY_MGMT_PSK_SHA256;
1503
0
    break;
1504
0
  case WPA_KEY_MGMT_PSK_SHA256:
1505
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1506
0
      akm_count--;
1507
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1508
0
    }
1509
0
    if (!akm_count)
1510
0
      break;
1511
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1512
0
      akm_count--;
1513
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1514
0
    }
1515
0
    if (!akm_count)
1516
0
      break;
1517
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
1518
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1519
0
    break;
1520
0
  case WPA_KEY_MGMT_SAE:
1521
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1522
0
      akm_count--;
1523
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1524
0
    }
1525
0
    if (!akm_count)
1526
0
      break;
1527
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1528
0
      akm_count--;
1529
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1530
0
    }
1531
0
    if (!akm_count)
1532
0
      break;
1533
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1534
0
      wpa_s->allowed_key_mgmts |=
1535
0
        WPA_KEY_MGMT_PSK_SHA256;
1536
0
    break;
1537
0
  case WPA_KEY_MGMT_SAE_EXT_KEY:
1538
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1539
0
      akm_count--;
1540
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1541
0
    }
1542
0
    if (!akm_count)
1543
0
      break;
1544
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1545
0
      akm_count--;
1546
0
      wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1547
0
    }
1548
0
    if (!akm_count)
1549
0
      break;
1550
0
    if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1551
0
      wpa_s->allowed_key_mgmts |=
1552
0
        WPA_KEY_MGMT_PSK_SHA256;
1553
0
    break;
1554
0
  default:
1555
0
    return;
1556
0
  }
1557
1558
0
  if (wpa_s->conf->sae_pwe != SAE_PWE_HUNT_AND_PECK &&
1559
0
      wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
1560
0
    capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
1561
#ifdef CONFIG_SAE_PK
1562
  if (ssid->sae_pk)
1563
    capab |= BIT(WLAN_RSNX_CAPAB_SAE_PK);
1564
#endif /* CONFIG_SAE_PK */
1565
1566
0
  if (!((wpa_s->allowed_key_mgmts &
1567
0
         (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY)) && capab))
1568
0
    return;
1569
1570
0
  if (!wpa_s->rsnxe_len) {
1571
0
    wpa_s->rsnxe_len = 3;
1572
0
    wpa_s->rsnxe[0] = WLAN_EID_RSNX;
1573
0
    wpa_s->rsnxe[1] = 1;
1574
0
    wpa_s->rsnxe[2] = 0;
1575
0
  }
1576
1577
0
  wpa_s->rsnxe[2] |= capab;
1578
0
}
1579
1580
1581
/**
1582
 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1583
 * @wpa_s: Pointer to wpa_supplicant data
1584
 * @bss: Scan results for the selected BSS, or %NULL if not available
1585
 * @ssid: Configuration data for the selected network
1586
 * @wpa_ie: Buffer for the WPA/RSN IE
1587
 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1588
 * used buffer length in case the functions returns success.
1589
 * @skip_default_rsne: Whether to skip setting of the default RSNE/RSNXE
1590
 * Returns: 0 on success or -1 on failure
1591
 *
1592
 * This function is used to configure authentication and encryption parameters
1593
 * based on the network configuration and scan result for the selected BSS (if
1594
 * available).
1595
 */
1596
int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1597
            struct wpa_bss *bss, struct wpa_ssid *ssid,
1598
            u8 *wpa_ie, size_t *wpa_ie_len,
1599
            bool skip_default_rsne)
1600
0
{
1601
0
  struct wpa_ie_data ie;
1602
0
  int sel, proto;
1603
0
  enum sae_pwe sae_pwe;
1604
0
  const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen;
1605
0
  bool wmm;
1606
1607
0
  if (bss) {
1608
0
    bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1609
0
    bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1610
0
    bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1611
0
    bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE);
1612
0
  } else {
1613
0
    bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL;
1614
0
  }
1615
1616
0
  if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1617
0
      wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1618
0
      matching_ciphers(ssid, &ie, bss->freq) &&
1619
0
      (ie.key_mgmt & ssid->key_mgmt)) {
1620
0
    wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1621
0
    proto = WPA_PROTO_RSN;
1622
0
  } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1623
0
       wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1624
0
       (ie.group_cipher & ssid->group_cipher) &&
1625
0
       (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1626
0
       (ie.key_mgmt & ssid->key_mgmt)) {
1627
0
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1628
0
    proto = WPA_PROTO_WPA;
1629
0
#ifdef CONFIG_HS20
1630
0
  } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) &&
1631
0
       wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 &&
1632
0
       (ie.group_cipher & ssid->group_cipher) &&
1633
0
       (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1634
0
       (ie.key_mgmt & ssid->key_mgmt)) {
1635
0
    wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN");
1636
0
    proto = WPA_PROTO_OSEN;
1637
0
  } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) &&
1638
0
      wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1639
0
      (ie.group_cipher & ssid->group_cipher) &&
1640
0
      (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1641
0
      (ie.key_mgmt & ssid->key_mgmt)) {
1642
0
    wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)");
1643
0
    proto = WPA_PROTO_RSN;
1644
0
#endif /* CONFIG_HS20 */
1645
0
  } else if (bss) {
1646
0
    wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1647
0
    wpa_dbg(wpa_s, MSG_DEBUG,
1648
0
      "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1649
0
      ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1650
0
      ssid->key_mgmt);
1651
0
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s",
1652
0
      MAC2STR(bss->bssid),
1653
0
      wpa_ssid_txt(bss->ssid, bss->ssid_len),
1654
0
      bss_wpa ? " WPA" : "",
1655
0
      bss_rsn ? " RSN" : "",
1656
0
      bss_osen ? " OSEN" : "");
1657
0
    if (bss_rsn) {
1658
0
      wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1659
0
      if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1660
0
        wpa_dbg(wpa_s, MSG_DEBUG,
1661
0
          "Could not parse RSN element");
1662
0
      } else {
1663
0
        wpa_dbg(wpa_s, MSG_DEBUG,
1664
0
          "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1665
0
          ie.pairwise_cipher, ie.group_cipher,
1666
0
          ie.key_mgmt);
1667
0
      }
1668
0
    }
1669
0
    if (bss_wpa) {
1670
0
      wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1671
0
      if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1672
0
        wpa_dbg(wpa_s, MSG_DEBUG,
1673
0
          "Could not parse WPA element");
1674
0
      } else {
1675
0
        wpa_dbg(wpa_s, MSG_DEBUG,
1676
0
          "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1677
0
          ie.pairwise_cipher, ie.group_cipher,
1678
0
          ie.key_mgmt);
1679
0
      }
1680
0
    }
1681
0
    return -1;
1682
0
  } else {
1683
0
    if (ssid->proto & WPA_PROTO_OSEN)
1684
0
      proto = WPA_PROTO_OSEN;
1685
0
    else if (ssid->proto & WPA_PROTO_RSN)
1686
0
      proto = WPA_PROTO_RSN;
1687
0
    else
1688
0
      proto = WPA_PROTO_WPA;
1689
0
    if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1690
0
      os_memset(&ie, 0, sizeof(ie));
1691
0
      ie.group_cipher = ssid->group_cipher;
1692
0
      ie.pairwise_cipher = ssid->pairwise_cipher;
1693
0
      ie.key_mgmt = ssid->key_mgmt;
1694
0
      ie.mgmt_group_cipher = 0;
1695
0
      if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1696
0
        if (ssid->group_mgmt_cipher &
1697
0
            WPA_CIPHER_BIP_GMAC_256)
1698
0
          ie.mgmt_group_cipher =
1699
0
            WPA_CIPHER_BIP_GMAC_256;
1700
0
        else if (ssid->group_mgmt_cipher &
1701
0
           WPA_CIPHER_BIP_CMAC_256)
1702
0
          ie.mgmt_group_cipher =
1703
0
            WPA_CIPHER_BIP_CMAC_256;
1704
0
        else if (ssid->group_mgmt_cipher &
1705
0
           WPA_CIPHER_BIP_GMAC_128)
1706
0
          ie.mgmt_group_cipher =
1707
0
            WPA_CIPHER_BIP_GMAC_128;
1708
0
        else
1709
0
          ie.mgmt_group_cipher =
1710
0
            WPA_CIPHER_AES_128_CMAC;
1711
0
      }
1712
#ifdef CONFIG_OWE
1713
      if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1714
          !ssid->owe_only &&
1715
          !bss_wpa && !bss_rsn && !bss_osen) {
1716
        wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1717
        wpa_s->wpa_proto = 0;
1718
        *wpa_ie_len = 0;
1719
        return 0;
1720
      }
1721
#endif /* CONFIG_OWE */
1722
0
      wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1723
0
        "based on configuration");
1724
0
    } else
1725
0
      proto = ie.proto;
1726
0
  }
1727
1728
0
  wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1729
0
    "pairwise %d key_mgmt %d proto %d",
1730
0
    ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1731
0
  if (ssid->ieee80211w) {
1732
0
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1733
0
      ie.mgmt_group_cipher);
1734
0
  }
1735
1736
0
  wpa_s->wpa_proto = proto;
1737
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1738
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1739
0
       !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN)));
1740
1741
0
  if (bss || !wpa_s->ap_ies_from_associnfo) {
1742
0
    if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1743
0
           bss_wpa ? 2 + bss_wpa[1] : 0) ||
1744
0
        wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1745
0
           bss_rsn ? 2 + bss_rsn[1] : 0) ||
1746
0
        wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1747
0
          bss_rsnx ? 2 + bss_rsnx[1] : 0))
1748
0
      return -1;
1749
0
  }
1750
1751
#ifdef CONFIG_NO_WPA
1752
  wpa_s->group_cipher = WPA_CIPHER_NONE;
1753
  wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1754
#else /* CONFIG_NO_WPA */
1755
0
  sel = ie.group_cipher & ssid->group_cipher;
1756
0
  wpa_dbg(wpa_s, MSG_DEBUG,
1757
0
    "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1758
0
    ie.group_cipher, ssid->group_cipher, sel);
1759
0
  wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1760
0
  if (wpa_s->group_cipher < 0) {
1761
0
    wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1762
0
      "cipher");
1763
0
    return -1;
1764
0
  }
1765
0
  wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1766
0
    wpa_cipher_txt(wpa_s->group_cipher));
1767
1768
0
  sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1769
0
  wpa_dbg(wpa_s, MSG_DEBUG,
1770
0
    "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1771
0
    ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1772
0
  wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1773
0
  if (wpa_s->pairwise_cipher < 0) {
1774
0
    wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1775
0
      "cipher");
1776
0
    return -1;
1777
0
  }
1778
0
  wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1779
0
    wpa_cipher_txt(wpa_s->pairwise_cipher));
1780
0
#endif /* CONFIG_NO_WPA */
1781
1782
0
  sel = ie.key_mgmt & ssid->key_mgmt;
1783
#ifdef CONFIG_SAE
1784
  if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) &&
1785
       !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA)) ||
1786
      wpas_is_sae_avoided(wpa_s, ssid, &ie))
1787
    sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY |
1788
       WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY);
1789
#endif /* CONFIG_SAE */
1790
#ifdef CONFIG_IEEE80211R
1791
  if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
1792
          WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
1793
    sel &= ~WPA_KEY_MGMT_FT;
1794
#endif /* CONFIG_IEEE80211R */
1795
0
  wpa_dbg(wpa_s, MSG_DEBUG,
1796
0
    "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
1797
0
    ie.key_mgmt, ssid->key_mgmt, sel);
1798
0
  if (0) {
1799
#ifdef CONFIG_IEEE80211R
1800
#ifdef CONFIG_SHA384
1801
  } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
1802
       os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1803
    wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
1804
    wpa_dbg(wpa_s, MSG_DEBUG,
1805
      "WPA: using KEY_MGMT FT/802.1X-SHA384");
1806
    if (!ssid->ft_eap_pmksa_caching &&
1807
        pmksa_cache_get_current(wpa_s->wpa)) {
1808
      /* PMKSA caching with FT may have interoperability
1809
       * issues, so disable that case by default for now. */
1810
      wpa_dbg(wpa_s, MSG_DEBUG,
1811
        "WPA: Disable PMKSA caching for FT/802.1X connection");
1812
      pmksa_cache_clear_current(wpa_s->wpa);
1813
    }
1814
#endif /* CONFIG_SHA384 */
1815
#endif /* CONFIG_IEEE80211R */
1816
#ifdef CONFIG_SUITEB192
1817
  } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
1818
    wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
1819
    wpa_dbg(wpa_s, MSG_DEBUG,
1820
      "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
1821
#endif /* CONFIG_SUITEB192 */
1822
#ifdef CONFIG_SUITEB
1823
  } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
1824
    wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
1825
    wpa_dbg(wpa_s, MSG_DEBUG,
1826
      "WPA: using KEY_MGMT 802.1X with Suite B");
1827
#endif /* CONFIG_SUITEB */
1828
#ifdef CONFIG_SHA384
1829
  } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA384) {
1830
    wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA384;
1831
    wpa_dbg(wpa_s, MSG_DEBUG,
1832
      "WPA: using KEY_MGMT 802.1X with SHA384");
1833
#endif /* CONFIG_SHA384 */
1834
#ifdef CONFIG_FILS
1835
#ifdef CONFIG_IEEE80211R
1836
  } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
1837
    wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
1838
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
1839
#endif /* CONFIG_IEEE80211R */
1840
  } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
1841
    wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
1842
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
1843
#ifdef CONFIG_IEEE80211R
1844
  } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
1845
    wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
1846
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
1847
#endif /* CONFIG_IEEE80211R */
1848
  } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
1849
    wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
1850
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
1851
#endif /* CONFIG_FILS */
1852
#ifdef CONFIG_IEEE80211R
1853
  } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
1854
       os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
1855
    wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
1856
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
1857
    if (!ssid->ft_eap_pmksa_caching &&
1858
        pmksa_cache_get_current(wpa_s->wpa)) {
1859
      /* PMKSA caching with FT may have interoperability
1860
       * issues, so disable that case by default for now. */
1861
      wpa_dbg(wpa_s, MSG_DEBUG,
1862
        "WPA: Disable PMKSA caching for FT/802.1X connection");
1863
      pmksa_cache_clear_current(wpa_s->wpa);
1864
    }
1865
#endif /* CONFIG_IEEE80211R */
1866
#ifdef CONFIG_DPP
1867
  } else if (sel & WPA_KEY_MGMT_DPP) {
1868
    wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
1869
    wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
1870
#endif /* CONFIG_DPP */
1871
#ifdef CONFIG_SAE
1872
  } else if (sel & WPA_KEY_MGMT_FT_SAE_EXT_KEY) {
1873
    wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY;
1874
    wpa_dbg(wpa_s, MSG_DEBUG,
1875
      "RSN: using KEY_MGMT FT/SAE (ext key)");
1876
  } else if (sel & WPA_KEY_MGMT_SAE_EXT_KEY) {
1877
    wpa_s->key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
1878
    wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE (ext key)");
1879
  } else if (sel & WPA_KEY_MGMT_FT_SAE) {
1880
    wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
1881
    wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
1882
  } else if (sel & WPA_KEY_MGMT_SAE) {
1883
    wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
1884
    wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
1885
#endif /* CONFIG_SAE */
1886
#ifdef CONFIG_IEEE80211R
1887
  } else if (sel & WPA_KEY_MGMT_FT_PSK) {
1888
    wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
1889
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
1890
#endif /* CONFIG_IEEE80211R */
1891
0
  } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
1892
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
1893
0
    wpa_dbg(wpa_s, MSG_DEBUG,
1894
0
      "WPA: using KEY_MGMT 802.1X with SHA256");
1895
0
  } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
1896
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
1897
0
    wpa_dbg(wpa_s, MSG_DEBUG,
1898
0
      "WPA: using KEY_MGMT PSK with SHA256");
1899
0
  } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
1900
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
1901
0
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
1902
0
  } else if (sel & WPA_KEY_MGMT_PSK) {
1903
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
1904
0
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
1905
0
  } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
1906
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
1907
0
    wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
1908
0
#ifdef CONFIG_HS20
1909
0
  } else if (sel & WPA_KEY_MGMT_OSEN) {
1910
0
    wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN;
1911
0
    wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN");
1912
0
#endif /* CONFIG_HS20 */
1913
#ifdef CONFIG_OWE
1914
  } else if (sel & WPA_KEY_MGMT_OWE) {
1915
    wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
1916
    wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
1917
#endif /* CONFIG_OWE */
1918
0
  } else {
1919
0
    wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
1920
0
      "authenticated key management type");
1921
0
    return -1;
1922
0
  }
1923
1924
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
1925
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
1926
0
       wpa_s->pairwise_cipher);
1927
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
1928
1929
0
  if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
1930
0
      (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED ||
1931
0
       (bss && is_6ghz_freq(bss->freq)))) {
1932
0
    wpa_msg(wpa_s, MSG_INFO,
1933
0
      "RSN: Management frame protection required but the selected AP does not enable it");
1934
0
    return -1;
1935
0
  }
1936
1937
0
  wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie);
1938
#ifdef CONFIG_OCV
1939
  if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
1940
      (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
1941
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
1942
#endif /* CONFIG_OCV */
1943
0
  sae_pwe = wpa_s->conf->sae_pwe;
1944
0
  if ((ssid->sae_password_id ||
1945
0
       wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) &&
1946
0
      sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
1947
0
    sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
1948
0
  if (bss && is_6ghz_freq(bss->freq) &&
1949
0
      sae_pwe == SAE_PWE_HUNT_AND_PECK) {
1950
0
    wpa_dbg(wpa_s, MSG_DEBUG,
1951
0
      "RSN: Enable SAE hash-to-element mode for 6 GHz BSS");
1952
0
    sae_pwe = SAE_PWE_BOTH;
1953
0
  }
1954
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
1955
#ifdef CONFIG_SAE_PK
1956
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
1957
       wpa_key_mgmt_sae(ssid->key_mgmt) &&
1958
       ssid->sae_pk != SAE_PK_MODE_DISABLED &&
1959
       ((ssid->sae_password &&
1960
         sae_pk_valid_password(ssid->sae_password)) ||
1961
        (!ssid->sae_password && ssid->passphrase &&
1962
         sae_pk_valid_password(ssid->passphrase))));
1963
#endif /* CONFIG_SAE_PK */
1964
0
  if (bss && is_6ghz_freq(bss->freq) &&
1965
0
      wpas_get_ssid_pmf(wpa_s, ssid) != MGMT_FRAME_PROTECTION_REQUIRED) {
1966
0
    wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Force MFPR=1 on 6 GHz");
1967
0
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1968
0
         MGMT_FRAME_PROTECTION_REQUIRED);
1969
0
  }
1970
#ifdef CONFIG_TESTING_OPTIONS
1971
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
1972
       wpa_s->ft_rsnxe_used);
1973
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
1974
       wpa_s->oci_freq_override_eapol);
1975
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
1976
       wpa_s->oci_freq_override_eapol_g2);
1977
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
1978
       wpa_s->oci_freq_override_ft_assoc);
1979
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
1980
       wpa_s->oci_freq_override_fils_assoc);
1981
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DISABLE_EAPOL_G2_TX,
1982
       wpa_s->disable_eapol_g2_tx);
1983
#endif /* CONFIG_TESTING_OPTIONS */
1984
1985
  /* Extended Key ID is only supported in infrastructure BSS so far */
1986
0
  if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
1987
0
      (ssid->proto & WPA_PROTO_RSN) &&
1988
0
      ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
1989
0
             WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
1990
0
      (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
1991
0
    int use_ext_key_id = 0;
1992
1993
0
    wpa_msg(wpa_s, MSG_DEBUG,
1994
0
      "WPA: Enable Extended Key ID support");
1995
0
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
1996
0
         wpa_s->conf->extended_key_id);
1997
0
    if (bss_rsn &&
1998
0
        wpa_s->conf->extended_key_id &&
1999
0
        wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
2000
0
        (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
2001
0
      use_ext_key_id = 1;
2002
0
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
2003
0
         use_ext_key_id);
2004
0
  } else {
2005
0
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
2006
0
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
2007
0
  }
2008
2009
  /* Mark WMM enabled for any HT/VHT/HE/EHT association to get more
2010
   * appropriate advertisement of the supported number of PTKSA receive
2011
   * counters. In theory, this could be based on a driver capability, but
2012
   * in practice all cases using WMM support at least eight replay
2013
   * counters, so use a hardcoded value for now since there is no explicit
2014
   * driver capability indication for this.
2015
   *
2016
   * In addition, claim WMM to be enabled if the AP supports it since it
2017
   * is far more likely for any current device to support WMM. */
2018
0
  wmm = wpa_s->connection_set &&
2019
0
    (wpa_s->connection_ht || wpa_s->connection_vht ||
2020
0
     wpa_s->connection_he || wpa_s->connection_eht);
2021
0
  if (!wmm && bss)
2022
0
    wmm = !!wpa_bss_get_vendor_ie(bss, WMM_IE_VENDOR_TYPE);
2023
0
  wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_WMM_ENABLED, wmm);
2024
2025
0
  if (!skip_default_rsne) {
2026
0
    if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie,
2027
0
                wpa_ie_len)) {
2028
0
      wpa_msg(wpa_s, MSG_WARNING,
2029
0
        "RSN: Failed to generate RSNE/WPA IE");
2030
0
      return -1;
2031
0
    }
2032
2033
0
    wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
2034
0
    if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
2035
0
               &wpa_s->rsnxe_len)) {
2036
0
      wpa_msg(wpa_s, MSG_WARNING,
2037
0
        "RSN: Failed to generate RSNXE");
2038
0
      return -1;
2039
0
    }
2040
0
  }
2041
2042
0
  if (0) {
2043
#ifdef CONFIG_DPP
2044
  } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
2045
    /* Use PMK from DPP network introduction (PMKSA entry) */
2046
    wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2047
#ifdef CONFIG_DPP2
2048
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
2049
#endif /* CONFIG_DPP2 */
2050
#endif /* CONFIG_DPP */
2051
0
  } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
2052
0
    int psk_set = 0;
2053
2054
0
    if (wpa_key_mgmt_wpa_psk_no_sae(ssid->key_mgmt)) {
2055
0
      u8 psk[PMK_LEN];
2056
2057
0
      if (wpa_supplicant_get_psk(wpa_s, bss, ssid,
2058
0
               psk) == 0) {
2059
0
        wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
2060
0
                 NULL);
2061
0
        psk_set = 1;
2062
0
      }
2063
0
      forced_memzero(psk, sizeof(psk));
2064
0
    }
2065
2066
0
    if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
2067
0
        (ssid->sae_password || ssid->passphrase || ssid->ext_psk))
2068
0
      psk_set = 1;
2069
2070
0
    if (!psk_set) {
2071
0
      wpa_msg(wpa_s, MSG_INFO,
2072
0
        "No PSK available for association");
2073
0
      wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE", NULL);
2074
0
      return -1;
2075
0
    }
2076
#ifdef CONFIG_OWE
2077
  } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
2078
    /* OWE Diffie-Hellman exchange in (Re)Association
2079
     * Request/Response frames set the PMK, so do not override it
2080
     * here. */
2081
#endif /* CONFIG_OWE */
2082
0
  } else
2083
0
    wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2084
2085
0
  if (ssid->mode != WPAS_MODE_IBSS &&
2086
0
      !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
2087
0
      (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
2088
0
       (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
2089
0
        !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
2090
0
    wpa_msg(wpa_s, MSG_INFO,
2091
0
      "Disable PTK0 rekey support - replaced with reconnect");
2092
0
    wpa_s->deny_ptk0_rekey = 1;
2093
0
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
2094
0
  } else {
2095
0
    wpa_s->deny_ptk0_rekey = 0;
2096
0
    wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
2097
0
  }
2098
2099
0
  if (wpa_key_mgmt_cross_akm(wpa_s->key_mgmt) &&
2100
0
      !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
2101
0
    wpas_update_allowed_key_mgmt(wpa_s, ssid);
2102
2103
0
  return 0;
2104
0
}
2105
2106
2107
static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx,
2108
        struct wpa_bss *bss)
2109
0
{
2110
0
#ifndef CONFIG_NO_ROBUST_AV
2111
0
  bool scs = true, mscs = true;
2112
0
#endif /* CONFIG_NO_ROBUST_AV */
2113
2114
0
  *pos = 0x00;
2115
2116
0
  switch (idx) {
2117
0
  case 0: /* Bits 0-7 */
2118
0
    break;
2119
0
  case 1: /* Bits 8-15 */
2120
0
    if (wpa_s->conf->coloc_intf_reporting) {
2121
      /* Bit 13 - Collocated Interference Reporting */
2122
0
      *pos |= 0x20;
2123
0
    }
2124
0
    break;
2125
0
  case 2: /* Bits 16-23 */
2126
0
#ifdef CONFIG_WNM
2127
0
    *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2128
0
    if ((wpas_driver_bss_selection(wpa_s) ||
2129
0
         !wpa_s->disable_mbo_oce) &&
2130
0
        !wpa_s->conf->disable_btm)
2131
0
      *pos |= 0x08; /* Bit 19 - BSS Transition */
2132
0
#endif /* CONFIG_WNM */
2133
0
    break;
2134
0
  case 3: /* Bits 24-31 */
2135
0
#ifdef CONFIG_WNM
2136
0
    *pos |= 0x02; /* Bit 25 - SSID List */
2137
0
#endif /* CONFIG_WNM */
2138
0
#ifdef CONFIG_INTERWORKING
2139
0
    if (wpa_s->conf->interworking)
2140
0
      *pos |= 0x80; /* Bit 31 - Interworking */
2141
0
#endif /* CONFIG_INTERWORKING */
2142
0
    break;
2143
0
  case 4: /* Bits 32-39 */
2144
0
#ifdef CONFIG_INTERWORKING
2145
0
    if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
2146
0
      *pos |= 0x01; /* Bit 32 - QoS Map */
2147
0
#endif /* CONFIG_INTERWORKING */
2148
0
    break;
2149
0
  case 5: /* Bits 40-47 */
2150
0
#ifdef CONFIG_HS20
2151
0
    if (wpa_s->conf->hs20)
2152
0
      *pos |= 0x40; /* Bit 46 - WNM-Notification */
2153
0
#endif /* CONFIG_HS20 */
2154
#ifdef CONFIG_MBO
2155
    *pos |= 0x40; /* Bit 46 - WNM-Notification */
2156
#endif /* CONFIG_MBO */
2157
0
    break;
2158
0
  case 6: /* Bits 48-55 */
2159
0
#ifndef CONFIG_NO_ROBUST_AV
2160
#ifdef CONFIG_TESTING_OPTIONS
2161
    if (wpa_s->disable_scs_support)
2162
      scs = false;
2163
#endif /* CONFIG_TESTING_OPTIONS */
2164
0
    if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_SCS)) {
2165
      /* Drop own SCS capability indication since the AP does
2166
       * not support it. This is needed to avoid
2167
       * interoperability issues with APs that get confused
2168
       * with Extended Capabilities element. */
2169
0
      scs = false;
2170
0
    }
2171
0
    if (scs)
2172
0
      *pos |= 0x40; /* Bit 54 - SCS */
2173
0
#endif /* CONFIG_NO_ROBUST_AV */
2174
0
    break;
2175
0
  case 7: /* Bits 56-63 */
2176
0
    break;
2177
0
  case 8: /* Bits 64-71 */
2178
0
    if (wpa_s->conf->ftm_responder)
2179
0
      *pos |= 0x40; /* Bit 70 - FTM responder */
2180
0
    if (wpa_s->conf->ftm_initiator)
2181
0
      *pos |= 0x80; /* Bit 71 - FTM initiator */
2182
0
    break;
2183
0
  case 9: /* Bits 72-79 */
2184
#ifdef CONFIG_FILS
2185
    if (!wpa_s->disable_fils)
2186
      *pos |= 0x01;
2187
#endif /* CONFIG_FILS */
2188
0
    break;
2189
0
  case 10: /* Bits 80-87 */
2190
0
#ifndef CONFIG_NO_ROBUST_AV
2191
#ifdef CONFIG_TESTING_OPTIONS
2192
    if (wpa_s->disable_mscs_support)
2193
      mscs = false;
2194
#endif /* CONFIG_TESTING_OPTIONS */
2195
0
    if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS)) {
2196
      /* Drop own MSCS capability indication since the AP does
2197
       * not support it. This is needed to avoid
2198
       * interoperability issues with APs that get confused
2199
       * with Extended Capabilities element. */
2200
0
      mscs = false;
2201
0
    }
2202
0
    if (mscs)
2203
0
      *pos |= 0x20; /* Bit 85 - Mirrored SCS */
2204
0
#endif /* CONFIG_NO_ROBUST_AV */
2205
0
    break;
2206
0
  }
2207
0
}
2208
2209
2210
int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf,
2211
        size_t buflen, struct wpa_bss *bss)
2212
0
{
2213
0
  u8 *pos = buf;
2214
0
  u8 len = 11, i;
2215
2216
0
  if (len < wpa_s->extended_capa_len)
2217
0
    len = wpa_s->extended_capa_len;
2218
0
  if (buflen < (size_t) len + 2) {
2219
0
    wpa_printf(MSG_INFO,
2220
0
         "Not enough room for building extended capabilities element");
2221
0
    return -1;
2222
0
  }
2223
2224
0
  *pos++ = WLAN_EID_EXT_CAPAB;
2225
0
  *pos++ = len;
2226
0
  for (i = 0; i < len; i++, pos++) {
2227
0
    wpas_ext_capab_byte(wpa_s, pos, i, bss);
2228
2229
0
    if (i < wpa_s->extended_capa_len) {
2230
0
      *pos &= ~wpa_s->extended_capa_mask[i];
2231
0
      *pos |= wpa_s->extended_capa[i];
2232
0
    }
2233
0
  }
2234
2235
0
  while (len > 0 && buf[1 + len] == 0) {
2236
0
    len--;
2237
0
    buf[1] = len;
2238
0
  }
2239
0
  if (len == 0)
2240
0
    return 0;
2241
2242
0
  return 2 + len;
2243
0
}
2244
2245
2246
static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
2247
        struct wpa_bss *test_bss)
2248
0
{
2249
0
  struct wpa_bss *bss;
2250
2251
0
  dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2252
0
    if (bss == test_bss)
2253
0
      return 1;
2254
0
  }
2255
2256
0
  return 0;
2257
0
}
2258
2259
2260
static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
2261
         struct wpa_ssid *test_ssid)
2262
0
{
2263
0
  struct wpa_ssid *ssid;
2264
2265
0
  for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2266
0
    if (ssid == test_ssid)
2267
0
      return 1;
2268
0
  }
2269
2270
0
  return 0;
2271
0
}
2272
2273
2274
int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2275
      struct wpa_ssid *test_ssid)
2276
0
{
2277
0
  if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2278
0
    return 0;
2279
2280
0
  return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2281
0
}
2282
2283
2284
void wpas_connect_work_free(struct wpa_connect_work *cwork)
2285
0
{
2286
0
  if (cwork == NULL)
2287
0
    return;
2288
0
  os_free(cwork);
2289
0
}
2290
2291
2292
void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2293
0
{
2294
0
  struct wpa_connect_work *cwork;
2295
0
  struct wpa_radio_work *work = wpa_s->connect_work;
2296
2297
0
  if (!work)
2298
0
    return;
2299
2300
0
  wpa_s->connect_work = NULL;
2301
0
  cwork = work->ctx;
2302
0
  work->ctx = NULL;
2303
0
  wpas_connect_work_free(cwork);
2304
0
  radio_work_done(work);
2305
0
}
2306
2307
2308
int wpas_update_random_addr(struct wpa_supplicant *wpa_s,
2309
          enum wpas_mac_addr_style style,
2310
          struct wpa_ssid *ssid)
2311
0
{
2312
0
  struct os_reltime now;
2313
0
  u8 addr[ETH_ALEN];
2314
2315
0
  os_get_reltime(&now);
2316
  /* Random addresses are valid within a given ESS so check
2317
   * expiration/value only when continuing to use the same ESS. */
2318
0
  if (wpa_s->last_mac_addr_style == style && wpa_s->reassoc_same_ess) {
2319
0
    if (style == WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS) {
2320
      /* Pregenerated addresses do not expire but their value
2321
       * might have changed, so let's check that. */
2322
0
      if (ether_addr_equal(wpa_s->own_addr, ssid->mac_value))
2323
0
        return 0;
2324
0
    } else if ((wpa_s->last_mac_addr_change.sec != 0 ||
2325
0
          wpa_s->last_mac_addr_change.usec != 0) &&
2326
0
         !os_reltime_expired(
2327
0
           &now,
2328
0
           &wpa_s->last_mac_addr_change,
2329
0
           wpa_s->conf->rand_addr_lifetime)) {
2330
0
      wpa_msg(wpa_s, MSG_DEBUG,
2331
0
        "Previously selected random MAC address has not yet expired");
2332
0
      return 0;
2333
0
    }
2334
0
  }
2335
2336
0
  switch (style) {
2337
0
  case WPAS_MAC_ADDR_STYLE_RANDOM:
2338
0
    if (random_mac_addr(addr) < 0)
2339
0
      return -1;
2340
0
    break;
2341
0
  case WPAS_MAC_ADDR_STYLE_RANDOM_SAME_OUI:
2342
0
    os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2343
0
    if (random_mac_addr_keep_oui(addr) < 0)
2344
0
      return -1;
2345
0
    break;
2346
0
  case WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS:
2347
0
    if (!ssid) {
2348
0
      wpa_msg(wpa_s, MSG_INFO,
2349
0
        "Invalid 'ssid' for address policy 3");
2350
0
      return -1;
2351
0
    }
2352
0
    os_memcpy(addr, ssid->mac_value, ETH_ALEN);
2353
0
    break;
2354
0
  default:
2355
0
    return -1;
2356
0
  }
2357
2358
0
  if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2359
0
    wpa_msg(wpa_s, MSG_INFO,
2360
0
      "Failed to set random MAC address");
2361
0
    return -1;
2362
0
  }
2363
2364
0
  os_get_reltime(&wpa_s->last_mac_addr_change);
2365
0
  wpa_s->mac_addr_changed = 1;
2366
0
  wpa_s->last_mac_addr_style = style;
2367
2368
0
  if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2369
0
    wpa_msg(wpa_s, MSG_INFO,
2370
0
      "Could not update MAC address information");
2371
0
    return -1;
2372
0
  }
2373
2374
0
  wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2375
0
    MAC2STR(addr));
2376
2377
0
  return 1;
2378
0
}
2379
2380
2381
int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2382
0
{
2383
0
  if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2384
0
      !wpa_s->conf->preassoc_mac_addr)
2385
0
    return 0;
2386
2387
0
  return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr,
2388
0
               NULL);
2389
0
}
2390
2391
2392
void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid,
2393
      bool force)
2394
0
{
2395
#ifdef CONFIG_SAE
2396
  int *groups = conf->sae_groups;
2397
  int default_groups[] = { 19, 20, 21, 0 };
2398
  const char *password;
2399
2400
  if (!groups || groups[0] <= 0)
2401
    groups = default_groups;
2402
2403
  password = ssid->sae_password;
2404
  if (!password)
2405
    password = ssid->passphrase;
2406
2407
  if (!password ||
2408
      (conf->sae_pwe == SAE_PWE_HUNT_AND_PECK && !ssid->sae_password_id &&
2409
       !wpa_key_mgmt_sae_ext_key(ssid->key_mgmt) &&
2410
       !force &&
2411
       !sae_pk_valid_password(password)) ||
2412
      conf->sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK) {
2413
    /* PT derivation not needed */
2414
    sae_deinit_pt(ssid->pt);
2415
    ssid->pt = NULL;
2416
    return;
2417
  }
2418
2419
  if (ssid->pt)
2420
    return; /* PT already derived */
2421
  ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2422
         (const u8 *) password, os_strlen(password),
2423
         ssid->sae_password_id);
2424
#endif /* CONFIG_SAE */
2425
0
}
2426
2427
2428
static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2429
0
{
2430
#if defined(CONFIG_SAE) && defined(CONFIG_SME)
2431
  os_free(wpa_s->sme.sae_rejected_groups);
2432
  wpa_s->sme.sae_rejected_groups = NULL;
2433
#ifdef CONFIG_TESTING_OPTIONS
2434
  if (wpa_s->extra_sae_rejected_groups) {
2435
    int i, *groups = wpa_s->extra_sae_rejected_groups;
2436
2437
    for (i = 0; groups[i]; i++) {
2438
      wpa_printf(MSG_DEBUG,
2439
           "TESTING: Indicate rejection of an extra SAE group %d",
2440
           groups[i]);
2441
      int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2442
               groups[i]);
2443
    }
2444
  }
2445
#endif /* CONFIG_TESTING_OPTIONS */
2446
#endif /* CONFIG_SAE && CONFIG_SME */
2447
0
}
2448
2449
2450
int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2451
0
{
2452
0
  if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2453
0
    wpa_msg(wpa_s, MSG_INFO,
2454
0
      "Could not restore permanent MAC address");
2455
0
    return -1;
2456
0
  }
2457
0
  wpa_s->mac_addr_changed = 0;
2458
0
  if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2459
0
    wpa_msg(wpa_s, MSG_INFO,
2460
0
      "Could not update MAC address information");
2461
0
    return -1;
2462
0
  }
2463
0
  wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2464
0
  return 0;
2465
0
}
2466
2467
2468
static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2469
2470
/**
2471
 * wpa_supplicant_associate - Request association
2472
 * @wpa_s: Pointer to wpa_supplicant data
2473
 * @bss: Scan results for the selected BSS, or %NULL if not available
2474
 * @ssid: Configuration data for the selected network
2475
 *
2476
 * This function is used to request %wpa_supplicant to associate with a BSS.
2477
 */
2478
void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2479
            struct wpa_bss *bss, struct wpa_ssid *ssid)
2480
0
{
2481
0
  struct wpa_connect_work *cwork;
2482
0
  enum wpas_mac_addr_style rand_style;
2483
2484
0
  wpa_s->own_disconnect_req = 0;
2485
0
  wpa_s->own_reconnect_req = 0;
2486
2487
  /*
2488
   * If we are starting a new connection, any previously pending EAPOL
2489
   * RX cannot be valid anymore.
2490
   */
2491
0
  wpabuf_free(wpa_s->pending_eapol_rx);
2492
0
  wpa_s->pending_eapol_rx = NULL;
2493
2494
0
  if (ssid->mac_addr == WPAS_MAC_ADDR_STYLE_NOT_SET)
2495
0
    rand_style = wpa_s->conf->mac_addr;
2496
0
  else
2497
0
    rand_style = ssid->mac_addr;
2498
2499
0
  wpa_s->eapol_failed = 0;
2500
0
  wpa_s->multi_ap_ie = 0;
2501
0
#ifndef CONFIG_NO_WMM_AC
2502
0
  wmm_ac_clear_saved_tspecs(wpa_s);
2503
0
#endif /* CONFIG_NO_WMM_AC */
2504
0
#ifdef CONFIG_WNM
2505
0
  wpa_s->wnm_mode = 0;
2506
0
#endif /* CONFIG_WNM */
2507
0
  wpa_s->reassoc_same_bss = 0;
2508
0
  wpa_s->reassoc_same_ess = 0;
2509
#ifdef CONFIG_TESTING_OPTIONS
2510
  wpa_s->testing_resend_assoc = 0;
2511
#endif /* CONFIG_TESTING_OPTIONS */
2512
2513
0
  if (wpa_s->last_ssid == ssid) {
2514
0
    wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2515
0
    wpa_s->reassoc_same_ess = 1;
2516
0
    if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2517
0
#ifndef CONFIG_NO_WMM_AC
2518
0
      wmm_ac_save_tspecs(wpa_s);
2519
0
#endif /* CONFIG_NO_WMM_AC */
2520
0
      wpa_s->reassoc_same_bss = 1;
2521
0
    } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2522
0
      os_get_reltime(&wpa_s->roam_start);
2523
0
    }
2524
0
  } else {
2525
#ifdef CONFIG_SAE
2526
    wpa_s_clear_sae_rejected(wpa_s);
2527
#endif /* CONFIG_SAE */
2528
0
  }
2529
#ifdef CONFIG_SAE
2530
  wpa_s_setup_sae_pt(wpa_s->conf, ssid, false);
2531
#endif /* CONFIG_SAE */
2532
2533
0
  if (rand_style > WPAS_MAC_ADDR_STYLE_PERMANENT) {
2534
0
    int status = wpas_update_random_addr(wpa_s, rand_style, ssid);
2535
2536
0
    if (status < 0)
2537
0
      return;
2538
0
    if (rand_style != WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS &&
2539
0
        status > 0) /* MAC changed */
2540
0
      wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2541
0
  } else if (rand_style == WPAS_MAC_ADDR_STYLE_PERMANENT &&
2542
0
       wpa_s->mac_addr_changed) {
2543
0
    if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2544
0
      return;
2545
0
  }
2546
0
  wpa_s->last_ssid = ssid;
2547
2548
#ifdef CONFIG_IBSS_RSN
2549
  ibss_rsn_deinit(wpa_s->ibss_rsn);
2550
  wpa_s->ibss_rsn = NULL;
2551
#else /* CONFIG_IBSS_RSN */
2552
0
  if (ssid->mode == WPAS_MODE_IBSS &&
2553
0
      !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2554
0
    wpa_msg(wpa_s, MSG_INFO,
2555
0
      "IBSS RSN not supported in the build");
2556
0
    return;
2557
0
  }
2558
0
#endif /* CONFIG_IBSS_RSN */
2559
2560
0
  if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2561
0
      ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2562
#ifdef CONFIG_AP
2563
    if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2564
      wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2565
        "mode");
2566
      return;
2567
    }
2568
    if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2569
      wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2570
      if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2571
        wpas_p2p_ap_setup_failed(wpa_s);
2572
      return;
2573
    }
2574
    wpa_s->current_bss = bss;
2575
#else /* CONFIG_AP */
2576
0
    wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2577
0
      "the build");
2578
0
#endif /* CONFIG_AP */
2579
0
    return;
2580
0
  }
2581
2582
0
  if (ssid->mode == WPAS_MODE_MESH) {
2583
#ifdef CONFIG_MESH
2584
    if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2585
      wpa_msg(wpa_s, MSG_INFO,
2586
        "Driver does not support mesh mode");
2587
      return;
2588
    }
2589
    if (bss)
2590
      ssid->frequency = bss->freq;
2591
    if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2592
      wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2593
      wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2594
      return;
2595
    }
2596
    wpa_s->current_bss = bss;
2597
#else /* CONFIG_MESH */
2598
0
    wpa_msg(wpa_s, MSG_ERROR,
2599
0
      "mesh mode support not included in the build");
2600
0
#endif /* CONFIG_MESH */
2601
0
    return;
2602
0
  }
2603
2604
  /*
2605
   * Set WPA state machine configuration to match the selected network now
2606
   * so that the information is available before wpas_start_assoc_cb()
2607
   * gets called. This is needed at least for RSN pre-authentication where
2608
   * candidate APs are added to a list based on scan result processing
2609
   * before completion of the first association.
2610
   */
2611
0
  wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2612
2613
#ifdef CONFIG_DPP
2614
  if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2615
    return;
2616
#endif /* CONFIG_DPP */
2617
2618
#ifdef CONFIG_TDLS
2619
  if (bss)
2620
    wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2621
#endif /* CONFIG_TDLS */
2622
2623
#ifdef CONFIG_MBO
2624
  wpas_mbo_check_pmf(wpa_s, bss, ssid);
2625
#endif /* CONFIG_MBO */
2626
2627
0
  if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2628
0
      ssid->mode == WPAS_MODE_INFRA) {
2629
0
    sme_authenticate(wpa_s, bss, ssid);
2630
0
    return;
2631
0
  }
2632
2633
0
  if (wpa_s->connect_work) {
2634
0
    wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2635
0
    return;
2636
0
  }
2637
2638
0
  if (radio_work_pending(wpa_s, "connect")) {
2639
0
    wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2640
0
    return;
2641
0
  }
2642
2643
#ifdef CONFIG_SME
2644
  if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2645
    /* Clear possibly set auth_alg, if any, from last attempt. */
2646
    wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2647
  }
2648
#endif /* CONFIG_SME */
2649
2650
0
  wpas_abort_ongoing_scan(wpa_s);
2651
2652
0
  cwork = os_zalloc(sizeof(*cwork));
2653
0
  if (cwork == NULL)
2654
0
    return;
2655
2656
0
  cwork->bss = bss;
2657
0
  cwork->ssid = ssid;
2658
2659
0
  if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2660
0
         wpas_start_assoc_cb, cwork) < 0) {
2661
0
    os_free(cwork);
2662
0
  }
2663
0
}
2664
2665
2666
static int bss_is_ibss(struct wpa_bss *bss)
2667
0
{
2668
0
  return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2669
0
    IEEE80211_CAP_IBSS;
2670
0
}
2671
2672
2673
static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2674
          const struct wpa_ssid *ssid)
2675
0
{
2676
0
  enum hostapd_hw_mode hw_mode;
2677
0
  struct hostapd_hw_modes *mode = NULL;
2678
0
  u8 channel;
2679
0
  int i;
2680
2681
0
  hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2682
0
  if (hw_mode == NUM_HOSTAPD_MODES)
2683
0
    return 0;
2684
0
  for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2685
0
    if (wpa_s->hw.modes[i].mode == hw_mode) {
2686
0
      mode = &wpa_s->hw.modes[i];
2687
0
      break;
2688
0
    }
2689
0
  }
2690
2691
0
  if (!mode)
2692
0
    return 0;
2693
2694
0
  return mode->vht_capab != 0;
2695
0
}
2696
2697
2698
static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
2699
0
{
2700
0
  int i;
2701
2702
0
  for (i = channel; i < channel + 16; i += 4) {
2703
0
    struct hostapd_channel_data *chan;
2704
2705
0
    chan = hw_get_channel_chan(mode, i, NULL);
2706
0
    if (!chan ||
2707
0
        chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2708
0
      return false;
2709
0
  }
2710
2711
0
  return true;
2712
0
}
2713
2714
2715
static struct wpa_bss * ibss_find_existing_bss(struct wpa_supplicant *wpa_s,
2716
                 const struct wpa_ssid *ssid)
2717
0
{
2718
0
  unsigned int j;
2719
2720
0
  for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2721
0
    struct wpa_bss *bss = wpa_s->last_scan_res[j];
2722
2723
0
    if (!bss_is_ibss(bss))
2724
0
      continue;
2725
2726
0
    if (ssid->ssid_len == bss->ssid_len &&
2727
0
        os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0)
2728
0
      return bss;
2729
0
  }
2730
0
  return NULL;
2731
0
}
2732
2733
2734
static bool ibss_mesh_can_use_ht(struct wpa_supplicant *wpa_s,
2735
         const struct wpa_ssid *ssid,
2736
         struct hostapd_hw_modes *mode)
2737
0
{
2738
  /* For IBSS check HT_IBSS flag */
2739
0
  if (ssid->mode == WPAS_MODE_IBSS &&
2740
0
      !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
2741
0
    return false;
2742
2743
0
  if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
2744
0
      wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
2745
0
      wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
2746
0
    wpa_printf(MSG_DEBUG,
2747
0
         "IBSS: WEP/TKIP detected, do not try to enable HT");
2748
0
    return false;
2749
0
  }
2750
2751
0
  if (!ht_supported(mode))
2752
0
    return false;
2753
2754
#ifdef CONFIG_HT_OVERRIDES
2755
  if (ssid->disable_ht)
2756
    return false;
2757
#endif /* CONFIG_HT_OVERRIDES */
2758
2759
0
  return true;
2760
0
}
2761
2762
2763
static bool ibss_mesh_can_use_vht(struct wpa_supplicant *wpa_s,
2764
          const struct wpa_ssid *ssid,
2765
          struct hostapd_hw_modes *mode)
2766
0
{
2767
0
  if (mode->mode != HOSTAPD_MODE_IEEE80211A)
2768
0
    return false;
2769
2770
0
  if (!drv_supports_vht(wpa_s, ssid))
2771
0
    return false;
2772
2773
  /* For IBSS check VHT_IBSS flag */
2774
0
  if (ssid->mode == WPAS_MODE_IBSS &&
2775
0
      !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
2776
0
    return false;
2777
2778
0
  if (!vht_supported(mode))
2779
0
    return false;
2780
2781
#ifdef CONFIG_VHT_OVERRIDES
2782
  if (ssid->disable_vht)
2783
    return false;
2784
#endif /* CONFIG_VHT_OVERRIDES */
2785
2786
0
  return true;
2787
0
}
2788
2789
2790
static bool ibss_mesh_can_use_he(struct wpa_supplicant *wpa_s,
2791
         const struct wpa_ssid *ssid,
2792
         const struct hostapd_hw_modes *mode,
2793
         int ieee80211_mode)
2794
0
{
2795
#ifdef CONFIG_HE_OVERRIDES
2796
  if (ssid->disable_he)
2797
    return false;
2798
#endif /* CONFIG_HE_OVERRIDES */
2799
2800
0
  switch (mode->mode) {
2801
0
  case HOSTAPD_MODE_IEEE80211G:
2802
0
  case HOSTAPD_MODE_IEEE80211B:
2803
0
  case HOSTAPD_MODE_IEEE80211A:
2804
0
    return mode->he_capab[ieee80211_mode].he_supported;
2805
0
  default:
2806
0
    return false;
2807
0
  }
2808
0
}
2809
2810
2811
static bool ibss_mesh_can_use_eht(struct wpa_supplicant *wpa_s,
2812
          const struct wpa_ssid *ssid,
2813
          const struct hostapd_hw_modes *mode,
2814
          int ieee80211_mode)
2815
0
{
2816
0
  if (ssid->disable_eht)
2817
0
    return false;
2818
2819
0
  switch(mode->mode) {
2820
0
  case HOSTAPD_MODE_IEEE80211G:
2821
0
  case HOSTAPD_MODE_IEEE80211B:
2822
0
  case HOSTAPD_MODE_IEEE80211A:
2823
0
    return mode->eht_capab[ieee80211_mode].eht_supported;
2824
0
  default:
2825
0
    return false;
2826
0
  }
2827
0
}
2828
2829
2830
static void ibss_mesh_select_40mhz(struct wpa_supplicant *wpa_s,
2831
           const struct wpa_ssid *ssid,
2832
           struct hostapd_hw_modes *mode,
2833
           struct hostapd_freq_params *freq,
2834
0
           int obss_scan) {
2835
0
  int chan_idx;
2836
0
  struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
2837
0
  int i, res;
2838
0
  unsigned int j;
2839
0
  static const int ht40plus[] = {
2840
0
    36, 44, 52, 60, 100, 108, 116, 124, 132, 140,
2841
0
    149, 157, 165, 173, 184, 192
2842
0
  };
2843
0
  int ht40 = -1;
2844
2845
0
  if (!freq->ht_enabled)
2846
0
    return;
2847
2848
0
  for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
2849
0
    pri_chan = &mode->channels[chan_idx];
2850
0
    if (pri_chan->chan == freq->channel)
2851
0
      break;
2852
0
    pri_chan = NULL;
2853
0
  }
2854
0
  if (!pri_chan)
2855
0
    return;
2856
2857
  /* Check primary channel flags */
2858
0
  if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2859
0
    return;
2860
2861
#ifdef CONFIG_HT_OVERRIDES
2862
  if (ssid->disable_ht40)
2863
    return;
2864
#endif
2865
2866
  /* Check/setup HT40+/HT40- */
2867
0
  for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
2868
0
    if (ht40plus[j] == freq->channel) {
2869
0
      ht40 = 1;
2870
0
      break;
2871
0
    }
2872
0
  }
2873
2874
  /* Find secondary channel */
2875
0
  for (i = 0; i < mode->num_channels; i++) {
2876
0
    sec_chan = &mode->channels[i];
2877
0
    if (sec_chan->chan == freq->channel + ht40 * 4)
2878
0
      break;
2879
0
    sec_chan = NULL;
2880
0
  }
2881
0
  if (!sec_chan)
2882
0
    return;
2883
2884
  /* Check secondary channel flags */
2885
0
  if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2886
0
    return;
2887
2888
0
  if (ht40 == -1) {
2889
0
    if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
2890
0
      return;
2891
0
  } else {
2892
0
    if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
2893
0
      return;
2894
0
  }
2895
0
  freq->sec_channel_offset = ht40;
2896
2897
0
  if (obss_scan) {
2898
0
    struct wpa_scan_results *scan_res;
2899
2900
0
    scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0);
2901
0
    if (scan_res == NULL) {
2902
      /* Back to HT20 */
2903
0
      freq->sec_channel_offset = 0;
2904
0
      return;
2905
0
    }
2906
2907
0
    res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
2908
0
    switch (res) {
2909
0
    case 0:
2910
      /* Back to HT20 */
2911
0
      freq->sec_channel_offset = 0;
2912
0
      break;
2913
0
    case 1:
2914
      /* Configuration allowed */
2915
0
      break;
2916
0
    case 2:
2917
      /* Switch pri/sec channels */
2918
0
      freq->freq = hw_get_freq(mode, sec_chan->chan);
2919
0
      freq->sec_channel_offset = -freq->sec_channel_offset;
2920
0
      freq->channel = sec_chan->chan;
2921
0
      break;
2922
0
    default:
2923
0
      freq->sec_channel_offset = 0;
2924
0
      break;
2925
0
    }
2926
2927
0
    wpa_scan_results_free(scan_res);
2928
0
  }
2929
2930
0
  wpa_printf(MSG_DEBUG,
2931
0
       "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
2932
0
       freq->channel, freq->sec_channel_offset);
2933
0
}
2934
2935
2936
static bool ibss_mesh_select_80_160mhz(struct wpa_supplicant *wpa_s,
2937
               const struct wpa_ssid *ssid,
2938
               struct hostapd_hw_modes *mode,
2939
               struct hostapd_freq_params *freq,
2940
0
               int ieee80211_mode, bool is_6ghz) {
2941
0
  static const int bw80[] = {
2942
0
    5180, 5260, 5500, 5580, 5660, 5745, 5825,
2943
0
    5955, 6035, 6115, 6195, 6275, 6355, 6435,
2944
0
    6515, 6595, 6675, 6755, 6835, 6915, 6995
2945
0
  };
2946
0
  static const int bw160[] = {
2947
0
    5955, 6115, 6275, 6435, 6595, 6755, 6915
2948
0
  };
2949
0
  struct hostapd_freq_params vht_freq;
2950
0
  int i;
2951
0
  unsigned int j, k;
2952
0
  int chwidth, seg0, seg1;
2953
0
  u32 vht_caps = 0;
2954
0
  u8 channel = freq->channel;
2955
2956
0
  if (!freq->vht_enabled && !freq->he_enabled)
2957
0
    return true;
2958
2959
0
  vht_freq = *freq;
2960
2961
0
  chwidth = CONF_OPER_CHWIDTH_USE_HT;
2962
0
  seg0 = freq->channel + 2 * freq->sec_channel_offset;
2963
0
  seg1 = 0;
2964
0
  if (freq->sec_channel_offset == 0) {
2965
0
    seg0 = 0;
2966
    /* Don't try 80 MHz if 40 MHz failed, except in 6 GHz */
2967
0
    if (freq->ht_enabled && !is_6ghz)
2968
0
      goto skip_80mhz;
2969
0
  }
2970
0
  if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_USE_HT)
2971
0
    goto skip_80mhz;
2972
2973
  /* setup center_freq1, bandwidth */
2974
0
  for (j = 0; j < ARRAY_SIZE(bw80); j++) {
2975
0
    if (freq->freq >= bw80[j] &&
2976
0
        freq->freq < bw80[j] + 80)
2977
0
      break;
2978
0
  }
2979
2980
0
  if (j == ARRAY_SIZE(bw80) ||
2981
0
      ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES)
2982
0
    goto skip_80mhz;
2983
2984
  /* Use 40 MHz if channel not usable */
2985
0
  if (!ibss_mesh_is_80mhz_avail(channel, mode))
2986
0
    goto skip_80mhz;
2987
2988
0
  chwidth = CONF_OPER_CHWIDTH_80MHZ;
2989
0
  seg0 = channel + 6;
2990
0
  seg1 = 0;
2991
2992
  /* In 160 MHz, the initial four 20 MHz channels were validated
2993
   * above. If 160 MHz is supported, check the remaining four 20 MHz
2994
   * channels for the total of 160 MHz bandwidth for 6 GHz.
2995
   */
2996
0
  if ((mode->he_capab[ieee80211_mode].phy_cap[
2997
0
         HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
2998
0
       HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
2999
0
      ibss_mesh_is_80mhz_avail(channel + 16, mode)) {
3000
0
    for (j = 0; j < ARRAY_SIZE(bw160); j++) {
3001
0
      if (freq->freq == bw160[j]) {
3002
0
        chwidth = CONF_OPER_CHWIDTH_160MHZ;
3003
0
        seg0 = channel + 14;
3004
0
        break;
3005
0
      }
3006
0
    }
3007
0
  }
3008
3009
0
  if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_80P80MHZ) {
3010
    /* setup center_freq2, bandwidth */
3011
0
    for (k = 0; k < ARRAY_SIZE(bw80); k++) {
3012
      /* Only accept 80 MHz segments separated by a gap */
3013
0
      if (j == k || abs(bw80[j] - bw80[k]) == 80)
3014
0
        continue;
3015
3016
0
      if (ieee80211_freq_to_chan(bw80[k], &channel) ==
3017
0
          NUM_HOSTAPD_MODES)
3018
0
        break;
3019
3020
0
      for (i = channel; i < channel + 16; i += 4) {
3021
0
        struct hostapd_channel_data *chan;
3022
3023
0
        chan = hw_get_channel_chan(mode, i, NULL);
3024
0
        if (!chan)
3025
0
          continue;
3026
3027
0
        if (chan->flag & (HOSTAPD_CHAN_DISABLED |
3028
0
              HOSTAPD_CHAN_NO_IR |
3029
0
              HOSTAPD_CHAN_RADAR))
3030
0
          continue;
3031
3032
        /* Found a suitable second segment for 80+80 */
3033
0
        chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
3034
0
        if (!is_6ghz)
3035
0
          vht_caps |=
3036
0
            VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
3037
0
        seg1 = channel + 6;
3038
0
      }
3039
3040
0
      if (chwidth == CONF_OPER_CHWIDTH_80P80MHZ)
3041
0
        break;
3042
0
    }
3043
0
  } else if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) {
3044
0
    if (freq->freq == 5180) {
3045
0
      chwidth = CONF_OPER_CHWIDTH_160MHZ;
3046
0
      vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3047
0
      seg0 = 50;
3048
0
    } else if (freq->freq == 5520) {
3049
0
      chwidth = CONF_OPER_CHWIDTH_160MHZ;
3050
0
      vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3051
0
      seg0 = 114;
3052
0
    }
3053
0
  }
3054
3055
0
skip_80mhz:
3056
0
  if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
3057
0
            freq->channel, ssid->enable_edmg,
3058
0
            ssid->edmg_channel, freq->ht_enabled,
3059
0
            freq->vht_enabled, freq->he_enabled,
3060
0
            freq->eht_enabled,
3061
0
            freq->sec_channel_offset,
3062
0
            chwidth, seg0, seg1, vht_caps,
3063
0
            &mode->he_capab[ieee80211_mode],
3064
0
            &mode->eht_capab[ieee80211_mode]) != 0)
3065
0
    return false;
3066
3067
0
  *freq = vht_freq;
3068
3069
0
  wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
3070
0
       freq->center_freq1, freq->center_freq2, freq->bandwidth);
3071
0
  return true;
3072
0
}
3073
3074
3075
void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
3076
        const struct wpa_ssid *ssid,
3077
        struct hostapd_freq_params *freq)
3078
0
{
3079
0
  int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
3080
0
  enum hostapd_hw_mode hw_mode;
3081
0
  struct hostapd_hw_modes *mode = NULL;
3082
0
  int i, obss_scan = 1;
3083
0
  u8 channel;
3084
0
  bool is_6ghz, is_24ghz;
3085
3086
0
  freq->freq = ssid->frequency;
3087
3088
0
  if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) {
3089
0
    struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid);
3090
3091
0
    if (bss) {
3092
0
      wpa_printf(MSG_DEBUG,
3093
0
           "IBSS already found in scan results, adjust control freq: %d",
3094
0
           bss->freq);
3095
0
      freq->freq = bss->freq;
3096
0
      obss_scan = 0;
3097
0
    }
3098
0
  }
3099
3100
0
  hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
3101
0
  for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
3102
0
    if (wpa_s->hw.modes[i].mode == hw_mode &&
3103
0
        hw_mode_get_channel(&wpa_s->hw.modes[i], freq->freq,
3104
0
          NULL) != NULL) {
3105
0
      mode = &wpa_s->hw.modes[i];
3106
0
      break;
3107
0
    }
3108
0
  }
3109
3110
0
  if (!mode)
3111
0
    return;
3112
3113
0
  is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
3114
0
    hw_mode == HOSTAPD_MODE_IEEE80211B;
3115
3116
0
  is_6ghz = is_6ghz_freq(freq->freq);
3117
3118
0
  freq->ht_enabled = 0;
3119
0
  freq->vht_enabled = 0;
3120
0
  freq->he_enabled = 0;
3121
0
  freq->eht_enabled = 0;
3122
3123
0
  if (!is_6ghz)
3124
0
    freq->ht_enabled = ibss_mesh_can_use_ht(wpa_s, ssid, mode);
3125
0
  if (freq->ht_enabled)
3126
0
    freq->vht_enabled = ibss_mesh_can_use_vht(wpa_s, ssid, mode);
3127
0
  if (freq->vht_enabled || (freq->ht_enabled && is_24ghz) || is_6ghz)
3128
0
    freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
3129
0
              ieee80211_mode);
3130
0
  freq->channel = channel;
3131
  /* Setup higher BW only for 5 GHz */
3132
0
  if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
3133
0
    ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan);
3134
0
    if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq,
3135
0
            ieee80211_mode, is_6ghz))
3136
0
      freq->he_enabled = freq->vht_enabled = false;
3137
0
  }
3138
3139
0
  if (freq->he_enabled)
3140
0
    freq->eht_enabled = ibss_mesh_can_use_eht(wpa_s, ssid, mode,
3141
0
                ieee80211_mode);
3142
0
}
3143
3144
3145
#ifdef CONFIG_FILS
3146
static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
3147
            size_t ie_buf_len)
3148
{
3149
  struct fils_hlp_req *req;
3150
  size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
3151
  const u8 *pos;
3152
  u8 *buf = ie_buf;
3153
3154
  dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3155
       list) {
3156
    rem_len = ie_buf_len - ie_len;
3157
    pos = wpabuf_head(req->pkt);
3158
    hdr_len = 1 + 2 * ETH_ALEN + 6;
3159
    hlp_len = wpabuf_len(req->pkt);
3160
3161
    if (rem_len < 2 + hdr_len + hlp_len) {
3162
      wpa_printf(MSG_ERROR,
3163
           "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
3164
           (unsigned long) rem_len,
3165
           (unsigned long) (2 + hdr_len + hlp_len));
3166
      break;
3167
    }
3168
3169
    len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
3170
    /* Element ID */
3171
    *buf++ = WLAN_EID_EXTENSION;
3172
    /* Length */
3173
    *buf++ = len;
3174
    /* Element ID Extension */
3175
    *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
3176
    /* Destination MAC address */
3177
    os_memcpy(buf, req->dst, ETH_ALEN);
3178
    buf += ETH_ALEN;
3179
    /* Source MAC address */
3180
    os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
3181
    buf += ETH_ALEN;
3182
    /* LLC/SNAP Header */
3183
    os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
3184
    buf += 6;
3185
    /* HLP Packet */
3186
    os_memcpy(buf, pos, len - hdr_len);
3187
    buf += len - hdr_len;
3188
    pos += len - hdr_len;
3189
3190
    hlp_len -= len - hdr_len;
3191
    ie_len += 2 + len;
3192
    rem_len -= 2 + len;
3193
3194
    while (hlp_len) {
3195
      len = (hlp_len > 255) ? 255 : hlp_len;
3196
      if (rem_len < 2 + len)
3197
        break;
3198
      *buf++ = WLAN_EID_FRAGMENT;
3199
      *buf++ = len;
3200
      os_memcpy(buf, pos, len);
3201
      buf += len;
3202
      pos += len;
3203
3204
      hlp_len -= len;
3205
      ie_len += 2 + len;
3206
      rem_len -= 2 + len;
3207
    }
3208
  }
3209
3210
  return ie_len;
3211
}
3212
3213
3214
int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
3215
{
3216
  return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3217
     (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
3218
    (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3219
     (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
3220
}
3221
3222
3223
int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
3224
{
3225
#ifdef CONFIG_FILS_SK_PFS
3226
  return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3227
    (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
3228
#else /* CONFIG_FILS_SK_PFS */
3229
  return 0;
3230
#endif /* CONFIG_FILS_SK_PFS */
3231
}
3232
3233
#endif /* CONFIG_FILS */
3234
3235
3236
bool wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss *bss)
3237
0
{
3238
0
  const u8 *wfa_capa;
3239
3240
0
  if (!bss)
3241
0
    return false;
3242
3243
  /* Get WFA capability from Beacon or Probe Response frame elements */
3244
0
  wfa_capa = wpa_bss_get_vendor_ie(bss, WFA_CAPA_IE_VENDOR_TYPE);
3245
0
  if (!wfa_capa)
3246
0
    wfa_capa = wpa_bss_get_vendor_ie_beacon(
3247
0
      bss, WFA_CAPA_IE_VENDOR_TYPE);
3248
3249
0
  if (!wfa_capa || wfa_capa[1] < 6 || wfa_capa[6] < 1 ||
3250
0
      !(wfa_capa[7] & WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC)) {
3251
    /* AP does not enable QM non EHT traffic description policy */
3252
0
    return false;
3253
0
  }
3254
3255
0
  return true;
3256
0
}
3257
3258
3259
static int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s,
3260
          struct wpa_bss *bss,
3261
          u8 *wpa_ie, size_t wpa_ie_len,
3262
          size_t max_wpa_ie_len)
3263
0
{
3264
0
  struct wpabuf *wfa_ie = NULL;
3265
0
  u8 wfa_capa[1];
3266
0
  size_t wfa_ie_len, buf_len;
3267
3268
0
  os_memset(wfa_capa, 0, sizeof(wfa_capa));
3269
0
#ifndef CONFIG_NO_ROBUST_AV
3270
0
  if (wpa_s->enable_dscp_policy_capa)
3271
0
    wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY;
3272
0
#endif /* CONFIG_NO_ROBUST_AV */
3273
3274
0
  if (wpa_is_non_eht_scs_traffic_desc_supported(bss))
3275
0
    wfa_capa[0] |= WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC;
3276
3277
0
  if (!wfa_capa[0])
3278
0
    return wpa_ie_len;
3279
3280
  /* Wi-Fi Alliance element */
3281
0
  buf_len = 1 + /* Element ID */
3282
0
      1 + /* Length */
3283
0
      3 + /* OUI */
3284
0
      1 + /* OUI Type */
3285
0
      1 + /* Capabilities Length */
3286
0
      sizeof(wfa_capa); /* Capabilities */
3287
0
  wfa_ie = wpabuf_alloc(buf_len);
3288
0
  if (!wfa_ie)
3289
0
    return wpa_ie_len;
3290
3291
0
  wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC);
3292
0
  wpabuf_put_u8(wfa_ie, buf_len - 2);
3293
0
  wpabuf_put_be24(wfa_ie, OUI_WFA);
3294
0
  wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE);
3295
0
  wpabuf_put_u8(wfa_ie, sizeof(wfa_capa));
3296
0
  wpabuf_put_data(wfa_ie, wfa_capa, sizeof(wfa_capa));
3297
3298
0
  wfa_ie_len = wpabuf_len(wfa_ie);
3299
0
  if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) {
3300
0
    wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element",
3301
0
        wfa_ie);
3302
0
    os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie),
3303
0
        wfa_ie_len);
3304
0
    wpa_ie_len += wfa_ie_len;
3305
0
  }
3306
3307
0
  wpabuf_free(wfa_ie);
3308
0
  return wpa_ie_len;
3309
0
}
3310
3311
3312
static u8 * wpas_populate_assoc_ies(
3313
  struct wpa_supplicant *wpa_s,
3314
  struct wpa_bss *bss, struct wpa_ssid *ssid,
3315
  struct wpa_driver_associate_params *params,
3316
  enum wpa_drv_update_connect_params_mask *mask)
3317
0
{
3318
0
  u8 *wpa_ie;
3319
0
  size_t max_wpa_ie_len = 500;
3320
0
  size_t wpa_ie_len;
3321
0
  int algs = WPA_AUTH_ALG_OPEN;
3322
#ifdef CONFIG_MBO
3323
  const u8 *mbo_ie;
3324
#endif
3325
#if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3326
  int pmksa_cached = 0;
3327
#endif /* CONFIG_SAE || CONFIG_FILS */
3328
#ifdef CONFIG_FILS
3329
  const u8 *realm, *username, *rrk;
3330
  size_t realm_len, username_len, rrk_len;
3331
  u16 next_seq_num;
3332
  struct fils_hlp_req *req;
3333
3334
  dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3335
       list) {
3336
    max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
3337
          2 + 2 * wpabuf_len(req->pkt) / 255;
3338
  }
3339
#endif /* CONFIG_FILS */
3340
3341
0
  wpa_ie = os_malloc(max_wpa_ie_len);
3342
0
  if (!wpa_ie) {
3343
0
    wpa_printf(MSG_ERROR,
3344
0
         "Failed to allocate connect IE buffer for %lu bytes",
3345
0
         (unsigned long) max_wpa_ie_len);
3346
0
    return NULL;
3347
0
  }
3348
3349
0
  if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
3350
0
        wpa_bss_get_ie(bss, WLAN_EID_RSN)) &&
3351
0
      wpa_key_mgmt_wpa(ssid->key_mgmt)) {
3352
0
    int try_opportunistic;
3353
0
    const u8 *cache_id = NULL;
3354
0
    const u8 *addr = bss->bssid;
3355
3356
0
    if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3357
0
        (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_MLO) &&
3358
0
        !is_zero_ether_addr(bss->mld_addr))
3359
0
      addr = bss->mld_addr;
3360
3361
0
    if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3362
0
        wpa_s->valid_links)
3363
0
      addr = wpa_s->ap_mld_addr;
3364
3365
0
    try_opportunistic = (ssid->proactive_key_caching < 0 ?
3366
0
             wpa_s->conf->okc :
3367
0
             ssid->proactive_key_caching) &&
3368
0
      (ssid->proto & WPA_PROTO_RSN);
3369
#ifdef CONFIG_FILS
3370
    if (wpa_key_mgmt_fils(ssid->key_mgmt))
3371
      cache_id = wpa_bss_get_fils_cache_id(bss);
3372
#endif /* CONFIG_FILS */
3373
0
    if (pmksa_cache_set_current(wpa_s->wpa, NULL, addr,
3374
0
              ssid, try_opportunistic,
3375
0
              cache_id, 0, false) == 0) {
3376
0
      eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
3377
#if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3378
      pmksa_cached = 1;
3379
#endif /* CONFIG_SAE || CONFIG_FILS */
3380
0
    }
3381
0
    wpa_ie_len = max_wpa_ie_len;
3382
0
    if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3383
0
                wpa_ie, &wpa_ie_len, false)) {
3384
0
      wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3385
0
        "key management and encryption suites");
3386
0
      os_free(wpa_ie);
3387
0
      return NULL;
3388
0
    }
3389
0
#ifdef CONFIG_HS20
3390
0
  } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) &&
3391
0
       (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) {
3392
    /* No PMKSA caching, but otherwise similar to RSN/WPA */
3393
0
    wpa_ie_len = max_wpa_ie_len;
3394
0
    if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3395
0
                wpa_ie, &wpa_ie_len, false)) {
3396
0
      wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3397
0
        "key management and encryption suites");
3398
0
      os_free(wpa_ie);
3399
0
      return NULL;
3400
0
    }
3401
0
#endif /* CONFIG_HS20 */
3402
0
  } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
3403
0
       wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
3404
    /*
3405
     * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
3406
     * use non-WPA since the scan results did not indicate that the
3407
     * AP is using WPA or WPA2.
3408
     */
3409
0
    wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3410
0
    wpa_ie_len = 0;
3411
0
    wpa_s->wpa_proto = 0;
3412
0
  } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
3413
0
    wpa_ie_len = max_wpa_ie_len;
3414
0
    if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
3415
0
                wpa_ie, &wpa_ie_len, false)) {
3416
0
      wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3417
0
        "key management and encryption suites (no "
3418
0
        "scan results)");
3419
0
      os_free(wpa_ie);
3420
0
      return NULL;
3421
0
    }
3422
#ifdef CONFIG_WPS
3423
  } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
3424
    struct wpabuf *wps_ie;
3425
    wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
3426
    if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
3427
      wpa_ie_len = wpabuf_len(wps_ie);
3428
      os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
3429
    } else
3430
      wpa_ie_len = 0;
3431
    wpabuf_free(wps_ie);
3432
    wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3433
    if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
3434
      params->wps = WPS_MODE_PRIVACY;
3435
    else
3436
      params->wps = WPS_MODE_OPEN;
3437
    wpa_s->wpa_proto = 0;
3438
#endif /* CONFIG_WPS */
3439
0
  } else {
3440
0
    wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3441
0
    wpa_ie_len = 0;
3442
0
    wpa_s->wpa_proto = 0;
3443
0
  }
3444
3445
0
#ifdef IEEE8021X_EAPOL
3446
0
  if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3447
0
    if (ssid->leap) {
3448
0
      if (ssid->non_leap == 0)
3449
0
        algs = WPA_AUTH_ALG_LEAP;
3450
0
      else
3451
0
        algs |= WPA_AUTH_ALG_LEAP;
3452
0
    }
3453
0
  }
3454
3455
#ifdef CONFIG_FILS
3456
  /* Clear FILS association */
3457
  wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
3458
3459
  if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3460
      ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3461
      eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
3462
          &username_len, &realm, &realm_len,
3463
          &next_seq_num, &rrk, &rrk_len) == 0 &&
3464
      (!wpa_s->last_con_fail_realm ||
3465
       wpa_s->last_con_fail_realm_len != realm_len ||
3466
       os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
3467
    algs = WPA_AUTH_ALG_FILS;
3468
    params->fils_erp_username = username;
3469
    params->fils_erp_username_len = username_len;
3470
    params->fils_erp_realm = realm;
3471
    params->fils_erp_realm_len = realm_len;
3472
    params->fils_erp_next_seq_num = next_seq_num;
3473
    params->fils_erp_rrk = rrk;
3474
    params->fils_erp_rrk_len = rrk_len;
3475
3476
    if (mask)
3477
      *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
3478
  } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3479
       ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3480
       pmksa_cached) {
3481
    algs = WPA_AUTH_ALG_FILS;
3482
  }
3483
#endif /* CONFIG_FILS */
3484
0
#endif /* IEEE8021X_EAPOL */
3485
#ifdef CONFIG_SAE
3486
  if (wpa_key_mgmt_sae(wpa_s->key_mgmt))
3487
    algs = WPA_AUTH_ALG_SAE;
3488
#endif /* CONFIG_SAE */
3489
3490
0
  wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
3491
0
  if (ssid->auth_alg) {
3492
0
    algs = ssid->auth_alg;
3493
0
    wpa_dbg(wpa_s, MSG_DEBUG,
3494
0
      "Overriding auth_alg selection: 0x%x", algs);
3495
0
  }
3496
3497
#ifdef CONFIG_SAE
3498
  if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
3499
    wpa_dbg(wpa_s, MSG_DEBUG,
3500
      "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
3501
    algs = WPA_AUTH_ALG_OPEN;
3502
  }
3503
#endif /* CONFIG_SAE */
3504
3505
#ifdef CONFIG_P2P
3506
  if (wpa_s->global->p2p) {
3507
    u8 *pos;
3508
    size_t len;
3509
    int res;
3510
    pos = wpa_ie + wpa_ie_len;
3511
    len = max_wpa_ie_len - wpa_ie_len;
3512
    res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
3513
              ssid->p2p_group);
3514
    if (res >= 0)
3515
      wpa_ie_len += res;
3516
  }
3517
3518
  wpa_s->cross_connect_disallowed = 0;
3519
  if (bss) {
3520
    struct wpabuf *p2p;
3521
    p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
3522
    if (p2p) {
3523
      wpa_s->cross_connect_disallowed =
3524
        p2p_get_cross_connect_disallowed(p2p);
3525
      wpabuf_free(p2p);
3526
      wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3527
        "connection",
3528
        wpa_s->cross_connect_disallowed ?
3529
        "disallows" : "allows");
3530
    }
3531
  }
3532
3533
  os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3534
#endif /* CONFIG_P2P */
3535
3536
0
#ifndef CONFIG_NO_RRM
3537
0
  if (bss) {
3538
0
    wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3539
0
                wpa_ie + wpa_ie_len,
3540
0
                max_wpa_ie_len -
3541
0
                wpa_ie_len);
3542
0
  }
3543
0
#endif /* CONFIG_NO_RRM */
3544
3545
  /*
3546
   * Workaround: Add Extended Capabilities element only if the AP
3547
   * included this element in Beacon/Probe Response frames. Some older
3548
   * APs seem to have interoperability issues if this element is
3549
   * included, so while the standard may require us to include the
3550
   * element in all cases, it is justifiable to skip it to avoid
3551
   * interoperability issues.
3552
   */
3553
0
  if (ssid->p2p_group)
3554
0
    wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3555
0
  else
3556
0
    wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3557
3558
0
  if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3559
0
    u8 ext_capab[18];
3560
0
    int ext_capab_len;
3561
0
    ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3562
0
                 sizeof(ext_capab), bss);
3563
0
    if (ext_capab_len > 0 &&
3564
0
        wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3565
0
      u8 *pos = wpa_ie;
3566
0
      if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3567
0
        pos += 2 + pos[1];
3568
0
      os_memmove(pos + ext_capab_len, pos,
3569
0
           wpa_ie_len - (pos - wpa_ie));
3570
0
      wpa_ie_len += ext_capab_len;
3571
0
      os_memcpy(pos, ext_capab, ext_capab_len);
3572
0
    }
3573
0
  }
3574
3575
0
#ifdef CONFIG_HS20
3576
0
  if (is_hs20_network(wpa_s, ssid, bss)) {
3577
0
    struct wpabuf *hs20;
3578
3579
0
    hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3580
0
    if (hs20) {
3581
0
      int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3582
0
      size_t len;
3583
3584
0
      wpas_hs20_add_indication(hs20, pps_mo_id,
3585
0
             get_hs20_version(bss));
3586
0
      wpas_hs20_add_roam_cons_sel(hs20, ssid);
3587
0
      len = max_wpa_ie_len - wpa_ie_len;
3588
0
      if (wpabuf_len(hs20) <= len) {
3589
0
        os_memcpy(wpa_ie + wpa_ie_len,
3590
0
            wpabuf_head(hs20), wpabuf_len(hs20));
3591
0
        wpa_ie_len += wpabuf_len(hs20);
3592
0
      }
3593
0
      wpabuf_free(hs20);
3594
3595
0
      hs20_configure_frame_filters(wpa_s);
3596
0
    }
3597
0
  }
3598
0
#endif /* CONFIG_HS20 */
3599
3600
0
  if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3601
0
    struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3602
0
    size_t len;
3603
3604
0
    len = max_wpa_ie_len - wpa_ie_len;
3605
0
    if (wpabuf_len(buf) <= len) {
3606
0
      os_memcpy(wpa_ie + wpa_ie_len,
3607
0
          wpabuf_head(buf), wpabuf_len(buf));
3608
0
      wpa_ie_len += wpabuf_len(buf);
3609
0
    }
3610
0
  }
3611
3612
#ifdef CONFIG_FST
3613
  if (wpa_s->fst_ies) {
3614
    int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3615
3616
    if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3617
      os_memcpy(wpa_ie + wpa_ie_len,
3618
          wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3619
      wpa_ie_len += fst_ies_len;
3620
    }
3621
  }
3622
#endif /* CONFIG_FST */
3623
3624
#ifdef CONFIG_MBO
3625
  mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3626
  if (!wpa_s->disable_mbo_oce && mbo_ie) {
3627
    int len;
3628
3629
    len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3630
          max_wpa_ie_len - wpa_ie_len,
3631
          !!mbo_attr_from_mbo_ie(mbo_ie,
3632
               OCE_ATTR_ID_CAPA_IND));
3633
    if (len >= 0)
3634
      wpa_ie_len += len;
3635
  }
3636
#endif /* CONFIG_MBO */
3637
3638
#ifdef CONFIG_FILS
3639
  if (algs == WPA_AUTH_ALG_FILS) {
3640
    size_t len;
3641
3642
    len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3643
              max_wpa_ie_len - wpa_ie_len);
3644
    wpa_ie_len += len;
3645
  }
3646
#endif /* CONFIG_FILS */
3647
3648
#ifdef CONFIG_OWE
3649
#ifdef CONFIG_TESTING_OPTIONS
3650
  if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3651
    wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3652
  } else
3653
#endif /* CONFIG_TESTING_OPTIONS */
3654
  if (algs == WPA_AUTH_ALG_OPEN &&
3655
      ssid->key_mgmt == WPA_KEY_MGMT_OWE &&
3656
      !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA)) {
3657
    struct wpabuf *owe_ie;
3658
    u16 group;
3659
3660
    if (ssid->owe_group) {
3661
      group = ssid->owe_group;
3662
    } else if (wpa_s->assoc_status_code ==
3663
         WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3664
      if (wpa_s->last_owe_group == 19)
3665
        group = 20;
3666
      else if (wpa_s->last_owe_group == 20)
3667
        group = 21;
3668
      else
3669
        group = OWE_DH_GROUP;
3670
    } else {
3671
      group = OWE_DH_GROUP;
3672
    }
3673
3674
    wpa_s->last_owe_group = group;
3675
    wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3676
    owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3677
    if (owe_ie &&
3678
        wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3679
      os_memcpy(wpa_ie + wpa_ie_len,
3680
          wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3681
      wpa_ie_len += wpabuf_len(owe_ie);
3682
    }
3683
    wpabuf_free(owe_ie);
3684
  }
3685
#endif /* CONFIG_OWE */
3686
3687
#ifdef CONFIG_DPP2
3688
  if (DPP_VERSION > 1 &&
3689
      wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3690
      ssid->dpp_netaccesskey &&
3691
      ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
3692
    struct rsn_pmksa_cache_entry *pmksa;
3693
3694
    pmksa = pmksa_cache_get_current(wpa_s->wpa);
3695
    if (!pmksa || !pmksa->dpp_pfs)
3696
      goto pfs_fail;
3697
3698
    dpp_pfs_free(wpa_s->dpp_pfs);
3699
    wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
3700
                ssid->dpp_netaccesskey_len);
3701
    if (!wpa_s->dpp_pfs) {
3702
      wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
3703
      /* Try to continue without PFS */
3704
      goto pfs_fail;
3705
    }
3706
    if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
3707
        max_wpa_ie_len - wpa_ie_len) {
3708
      os_memcpy(wpa_ie + wpa_ie_len,
3709
          wpabuf_head(wpa_s->dpp_pfs->ie),
3710
          wpabuf_len(wpa_s->dpp_pfs->ie));
3711
      wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
3712
    }
3713
  }
3714
pfs_fail:
3715
#endif /* CONFIG_DPP2 */
3716
3717
#ifdef CONFIG_IEEE80211R
3718
  /*
3719
   * Add MDIE under these conditions: the network profile allows FT,
3720
   * the AP supports FT, and the mobility domain ID matches.
3721
   */
3722
  if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
3723
    const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
3724
3725
    if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
3726
      size_t len = 0;
3727
      const u8 *md = mdie + 2;
3728
      const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
3729
3730
      if (os_memcmp(md, wpa_md,
3731
              MOBILITY_DOMAIN_ID_LEN) == 0) {
3732
        /* Add mobility domain IE */
3733
        len = wpa_ft_add_mdie(
3734
          wpa_s->wpa, wpa_ie + wpa_ie_len,
3735
          max_wpa_ie_len - wpa_ie_len, mdie);
3736
        wpa_ie_len += len;
3737
      }
3738
#ifdef CONFIG_SME
3739
      if (len > 0 && wpa_s->sme.ft_used &&
3740
          wpa_sm_has_ft_keys(wpa_s->wpa, md)) {
3741
        wpa_dbg(wpa_s, MSG_DEBUG,
3742
          "SME: Trying to use FT over-the-air");
3743
        algs |= WPA_AUTH_ALG_FT;
3744
      }
3745
#endif /* CONFIG_SME */
3746
    }
3747
  }
3748
#endif /* CONFIG_IEEE80211R */
3749
3750
#ifdef CONFIG_TESTING_OPTIONS
3751
  if (wpa_s->rsnxe_override_assoc &&
3752
      wpabuf_len(wpa_s->rsnxe_override_assoc) <=
3753
      max_wpa_ie_len - wpa_ie_len) {
3754
    wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
3755
    os_memcpy(wpa_ie + wpa_ie_len,
3756
        wpabuf_head(wpa_s->rsnxe_override_assoc),
3757
        wpabuf_len(wpa_s->rsnxe_override_assoc));
3758
    wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
3759
  } else
3760
#endif /* CONFIG_TESTING_OPTIONS */
3761
0
  if (wpa_s->rsnxe_len > 0 &&
3762
0
      wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
3763
0
    os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
3764
0
    wpa_ie_len += wpa_s->rsnxe_len;
3765
0
  }
3766
3767
0
#ifndef CONFIG_NO_ROBUST_AV
3768
#ifdef CONFIG_TESTING_OPTIONS
3769
  if (wpa_s->disable_mscs_support)
3770
    goto mscs_end;
3771
#endif /* CONFIG_TESTING_OPTIONS */
3772
0
  if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
3773
0
      wpa_s->robust_av.valid_config) {
3774
0
    struct wpabuf *mscs_ie;
3775
0
    size_t mscs_ie_len, buf_len;
3776
3777
0
    buf_len = 3 + /* MSCS descriptor IE header */
3778
0
        1 + /* Request type */
3779
0
        2 + /* User priority control */
3780
0
        4 + /* Stream timeout */
3781
0
        3 + /* TCLAS Mask IE header */
3782
0
        wpa_s->robust_av.frame_classifier_len;
3783
0
    mscs_ie = wpabuf_alloc(buf_len);
3784
0
    if (!mscs_ie) {
3785
0
      wpa_printf(MSG_INFO,
3786
0
           "MSCS: Failed to allocate MSCS IE");
3787
0
      goto mscs_end;
3788
0
    }
3789
3790
0
    wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
3791
0
    if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
3792
0
      wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
3793
0
      mscs_ie_len = wpabuf_len(mscs_ie);
3794
0
      os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
3795
0
          mscs_ie_len);
3796
0
      wpa_ie_len += mscs_ie_len;
3797
0
    }
3798
3799
0
    wpabuf_free(mscs_ie);
3800
0
  }
3801
0
mscs_end:
3802
0
#endif /* CONFIG_NO_ROBUST_AV */
3803
3804
0
  wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len,
3805
0
              max_wpa_ie_len);
3806
3807
0
  if (ssid->multi_ap_backhaul_sta) {
3808
0
    size_t multi_ap_ie_len;
3809
3810
0
    multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
3811
0
              max_wpa_ie_len - wpa_ie_len,
3812
0
              MULTI_AP_BACKHAUL_STA);
3813
0
    if (multi_ap_ie_len == 0) {
3814
0
      wpa_printf(MSG_ERROR,
3815
0
           "Multi-AP: Failed to build Multi-AP IE");
3816
0
      os_free(wpa_ie);
3817
0
      return NULL;
3818
0
    }
3819
0
    wpa_ie_len += multi_ap_ie_len;
3820
0
  }
3821
3822
0
  params->wpa_ie = wpa_ie;
3823
0
  params->wpa_ie_len = wpa_ie_len;
3824
0
  params->auth_alg = algs;
3825
0
  if (mask)
3826
0
    *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
3827
3828
0
  return wpa_ie;
3829
0
}
3830
3831
3832
#ifdef CONFIG_OWE
3833
static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
3834
{
3835
  struct wpa_driver_associate_params params;
3836
  u8 *wpa_ie;
3837
3838
  os_memset(&params, 0, sizeof(params));
3839
  wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3840
           wpa_s->current_ssid, &params, NULL);
3841
  if (!wpa_ie)
3842
    return;
3843
3844
  wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
3845
  os_free(wpa_ie);
3846
}
3847
#endif /* CONFIG_OWE */
3848
3849
3850
#if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
3851
static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
3852
{
3853
  struct wpa_driver_associate_params params;
3854
  enum wpa_drv_update_connect_params_mask mask = 0;
3855
  u8 *wpa_ie;
3856
3857
  if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
3858
    return; /* nothing to do */
3859
3860
  os_memset(&params, 0, sizeof(params));
3861
  wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
3862
           wpa_s->current_ssid, &params, &mask);
3863
  if (!wpa_ie)
3864
    return;
3865
3866
  if (params.auth_alg == WPA_AUTH_ALG_FILS) {
3867
    wpa_s->auth_alg = params.auth_alg;
3868
    wpa_drv_update_connect_params(wpa_s, &params, mask);
3869
  }
3870
3871
  os_free(wpa_ie);
3872
}
3873
#endif /* CONFIG_FILS && IEEE8021X_EAPOL */
3874
3875
3876
static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
3877
0
{
3878
0
  if (!edmg_ie || edmg_ie[1] < 6)
3879
0
    return 0;
3880
0
  return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
3881
0
}
3882
3883
3884
static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
3885
0
{
3886
0
  if (!edmg_ie || edmg_ie[1] < 6)
3887
0
    return 0;
3888
0
  return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
3889
0
}
3890
3891
3892
/* Returns the intersection of two EDMG configurations.
3893
 * Note: The current implementation is limited to CB2 only (CB1 included),
3894
 * i.e., the implementation supports up to 2 contiguous channels.
3895
 * For supporting non-contiguous (aggregated) channels and for supporting
3896
 * CB3 and above, this function will need to be extended.
3897
 */
3898
static struct ieee80211_edmg_config
3899
get_edmg_intersection(struct ieee80211_edmg_config a,
3900
          struct ieee80211_edmg_config b,
3901
          u8 primary_channel)
3902
0
{
3903
0
  struct ieee80211_edmg_config result;
3904
0
  int i, contiguous = 0;
3905
0
  int max_contiguous = 0;
3906
3907
0
  result.channels = b.channels & a.channels;
3908
0
  if (!result.channels) {
3909
0
    wpa_printf(MSG_DEBUG,
3910
0
         "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
3911
0
         a.channels, b.channels);
3912
0
    goto fail;
3913
0
  }
3914
3915
0
  if (!(result.channels & BIT(primary_channel - 1))) {
3916
0
    wpa_printf(MSG_DEBUG,
3917
0
         "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
3918
0
         primary_channel, result.channels);
3919
0
    goto fail;
3920
0
  }
3921
3922
  /* Find max contiguous channels */
3923
0
  for (i = 0; i < 6; i++) {
3924
0
    if (result.channels & BIT(i))
3925
0
      contiguous++;
3926
0
    else
3927
0
      contiguous = 0;
3928
3929
0
    if (contiguous > max_contiguous)
3930
0
      max_contiguous = contiguous;
3931
0
  }
3932
3933
  /* Assuming AP and STA supports ONLY contiguous channels,
3934
   * bw configuration can have value between 4-7.
3935
   */
3936
0
  if ((b.bw_config < a.bw_config))
3937
0
    result.bw_config = b.bw_config;
3938
0
  else
3939
0
    result.bw_config = a.bw_config;
3940
3941
0
  if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
3942
0
      (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
3943
0
    wpa_printf(MSG_DEBUG,
3944
0
         "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
3945
0
         max_contiguous);
3946
0
    goto fail;
3947
0
  }
3948
3949
0
  return result;
3950
3951
0
fail:
3952
0
  result.channels = 0;
3953
0
  result.bw_config = 0;
3954
0
  return result;
3955
0
}
3956
3957
3958
static struct ieee80211_edmg_config
3959
get_supported_edmg(struct wpa_supplicant *wpa_s,
3960
       struct hostapd_freq_params *freq,
3961
       struct ieee80211_edmg_config request_edmg)
3962
0
{
3963
0
  enum hostapd_hw_mode hw_mode;
3964
0
  struct hostapd_hw_modes *mode = NULL;
3965
0
  u8 primary_channel;
3966
3967
0
  if (!wpa_s->hw.modes)
3968
0
    goto fail;
3969
3970
0
  hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
3971
0
  if (hw_mode == NUM_HOSTAPD_MODES)
3972
0
    goto fail;
3973
3974
0
  mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
3975
0
  if (!mode)
3976
0
    goto fail;
3977
3978
0
  return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
3979
3980
0
fail:
3981
0
  request_edmg.channels = 0;
3982
0
  request_edmg.bw_config = 0;
3983
0
  return request_edmg;
3984
0
}
3985
3986
3987
#ifdef CONFIG_MBO
3988
void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
3989
{
3990
  struct wpa_driver_associate_params params;
3991
  u8 *wpa_ie;
3992
3993
  /*
3994
   * Update MBO connect params only in case of change of MBO attributes
3995
   * when connected, if the AP support MBO.
3996
   */
3997
3998
  if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
3999
      !wpa_s->current_bss ||
4000
      !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
4001
    return;
4002
4003
  os_memset(&params, 0, sizeof(params));
4004
  wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4005
           wpa_s->current_ssid, &params, NULL);
4006
  if (!wpa_ie)
4007
    return;
4008
4009
  wpa_drv_update_connect_params(wpa_s, &params, WPA_DRV_UPDATE_ASSOC_IES);
4010
  os_free(wpa_ie);
4011
}
4012
#endif /* CONFIG_MBO */
4013
4014
4015
static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
4016
0
{
4017
0
  struct wpa_connect_work *cwork = work->ctx;
4018
0
  struct wpa_bss *bss = cwork->bss;
4019
0
  struct wpa_ssid *ssid = cwork->ssid;
4020
0
  struct wpa_supplicant *wpa_s = work->wpa_s;
4021
0
  u8 *wpa_ie;
4022
0
  const u8 *edmg_ie_oper;
4023
0
  int use_crypt, ret, bssid_changed;
4024
0
  unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
4025
0
  struct wpa_driver_associate_params params;
4026
0
  u8 psk[PMK_LEN];
4027
0
#if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
4028
0
  int wep_keys_set = 0;
4029
0
#endif /* CONFIG_WEP || IEEE8021X_EAPOL */
4030
0
  int assoc_failed = 0;
4031
0
  struct wpa_ssid *old_ssid;
4032
0
  u8 prev_bssid[ETH_ALEN];
4033
#ifdef CONFIG_HT_OVERRIDES
4034
  struct ieee80211_ht_capabilities htcaps;
4035
  struct ieee80211_ht_capabilities htcaps_mask;
4036
#endif /* CONFIG_HT_OVERRIDES */
4037
#ifdef CONFIG_VHT_OVERRIDES
4038
       struct ieee80211_vht_capabilities vhtcaps;
4039
       struct ieee80211_vht_capabilities vhtcaps_mask;
4040
#endif /* CONFIG_VHT_OVERRIDES */
4041
4042
0
  wpa_s->roam_in_progress = false;
4043
0
#ifdef CONFIG_WNM
4044
0
  wpa_s->bss_trans_mgmt_in_progress = false;
4045
0
#endif /* CONFIG_WNM */
4046
4047
0
  if (deinit) {
4048
0
    if (work->started) {
4049
0
      wpa_s->connect_work = NULL;
4050
4051
      /* cancel possible auth. timeout */
4052
0
      eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
4053
0
               NULL);
4054
0
    }
4055
0
    wpas_connect_work_free(cwork);
4056
0
    return;
4057
0
  }
4058
4059
0
  wpa_s->connect_work = work;
4060
4061
0
  if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
4062
0
      wpas_network_disabled(wpa_s, ssid)) {
4063
0
    wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
4064
0
    wpas_connect_work_done(wpa_s);
4065
0
    return;
4066
0
  }
4067
4068
  /*
4069
   * Set the current AP's BSSID (for non-MLO connection) or MLD address
4070
   * (for MLO connection) as the previous BSSID for reassociation requests
4071
   * handled by SME-in-driver. If wpa_supplicant is in disconnected state,
4072
   * prev_bssid will be zero as both wpa_s->valid_links and wpa_s->bssid
4073
   * will be zero.
4074
   */
4075
0
  os_memcpy(prev_bssid,
4076
0
      wpa_s->valid_links ? wpa_s->ap_mld_addr : wpa_s->bssid,
4077
0
      ETH_ALEN);
4078
0
  os_memset(&params, 0, sizeof(params));
4079
0
  wpa_s->reassociate = 0;
4080
0
  wpa_s->eap_expected_failure = 0;
4081
4082
  /* Starting new association, so clear the possibly used WPA IE from the
4083
   * previous association. */
4084
0
  wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
4085
0
  wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
4086
0
  wpa_s->rsnxe_len = 0;
4087
0
#ifndef CONFIG_NO_ROBUST_AV
4088
0
  wpa_s->mscs_setup_done = false;
4089
0
#endif /* CONFIG_NO_ROBUST_AV */
4090
4091
0
  wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, &params, NULL);
4092
0
  if (!wpa_ie) {
4093
0
    wpas_connect_work_done(wpa_s);
4094
0
    return;
4095
0
  }
4096
4097
0
  if (bss &&
4098
0
      (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
4099
#ifdef CONFIG_IEEE80211R
4100
    const u8 *ie, *md = NULL;
4101
#endif /* CONFIG_IEEE80211R */
4102
0
    wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
4103
0
      " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
4104
0
      wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
4105
0
    bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
4106
0
    os_memset(wpa_s->bssid, 0, ETH_ALEN);
4107
0
    os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4108
0
    if (bssid_changed)
4109
0
      wpas_notify_bssid_changed(wpa_s);
4110
#ifdef CONFIG_IEEE80211R
4111
    ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
4112
    if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
4113
      md = ie + 2;
4114
    wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
4115
    if (md) {
4116
      /* Prepare for the next transition */
4117
      wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
4118
    }
4119
#endif /* CONFIG_IEEE80211R */
4120
#ifdef CONFIG_WPS
4121
  } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
4122
       wpa_s->conf->ap_scan == 2 &&
4123
       (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
4124
    /* Use ap_scan==1 style network selection to find the network
4125
     */
4126
    wpas_connect_work_done(wpa_s);
4127
    wpa_s->scan_req = MANUAL_SCAN_REQ;
4128
    wpa_s->reassociate = 1;
4129
    wpa_supplicant_req_scan(wpa_s, 0, 0);
4130
    os_free(wpa_ie);
4131
    return;
4132
#endif /* CONFIG_WPS */
4133
0
  } else {
4134
0
    wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
4135
0
      wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4136
0
    if (bss)
4137
0
      os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4138
0
    else
4139
0
      os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4140
0
  }
4141
0
  if (!wpa_s->pno)
4142
0
    wpa_supplicant_cancel_sched_scan(wpa_s);
4143
4144
0
  wpa_supplicant_cancel_scan(wpa_s);
4145
4146
0
  wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
4147
0
  use_crypt = 1;
4148
0
  cipher_pairwise = wpa_s->pairwise_cipher;
4149
0
  cipher_group = wpa_s->group_cipher;
4150
0
  cipher_group_mgmt = wpa_s->mgmt_group_cipher;
4151
0
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
4152
0
      wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4153
0
    if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
4154
0
      use_crypt = 0;
4155
#ifdef CONFIG_WEP
4156
    if (wpa_set_wep_keys(wpa_s, ssid)) {
4157
      use_crypt = 1;
4158
      wep_keys_set = 1;
4159
    }
4160
#endif /* CONFIG_WEP */
4161
0
  }
4162
0
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
4163
0
    use_crypt = 0;
4164
4165
0
#ifdef IEEE8021X_EAPOL
4166
0
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4167
0
    if ((ssid->eapol_flags &
4168
0
         (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
4169
0
          EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
4170
0
        !wep_keys_set) {
4171
0
      use_crypt = 0;
4172
0
    } else {
4173
      /* Assume that dynamic WEP-104 keys will be used and
4174
       * set cipher suites in order for drivers to expect
4175
       * encryption. */
4176
0
      cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
4177
0
    }
4178
0
  }
4179
0
#endif /* IEEE8021X_EAPOL */
4180
4181
0
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4182
    /* Set the key before (and later after) association */
4183
0
    wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4184
0
  }
4185
4186
  /* Set current_ssid before changing state to ASSOCIATING, so that the
4187
   * selected SSID is available to wpas_notify_state_changed(). */
4188
0
  old_ssid = wpa_s->current_ssid;
4189
0
  wpa_s->current_ssid = ssid;
4190
4191
0
  wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
4192
0
  if (bss) {
4193
0
    params.ssid = bss->ssid;
4194
0
    params.ssid_len = bss->ssid_len;
4195
0
    if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
4196
0
        wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4197
0
      wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
4198
0
           MACSTR " freq=%u MHz based on scan results "
4199
0
           "(bssid_set=%d wps=%d)",
4200
0
           MAC2STR(bss->bssid), bss->freq,
4201
0
           ssid->bssid_set,
4202
0
           wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
4203
0
      params.bssid = bss->bssid;
4204
0
      params.freq.freq = bss->freq;
4205
0
    }
4206
0
    params.bssid_hint = bss->bssid;
4207
0
    params.freq_hint = bss->freq;
4208
0
    params.pbss = bss_is_pbss(bss);
4209
0
  } else {
4210
0
    if (ssid->bssid_hint_set)
4211
0
      params.bssid_hint = ssid->bssid_hint;
4212
4213
0
    params.ssid = ssid->ssid;
4214
0
    params.ssid_len = ssid->ssid_len;
4215
0
    params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
4216
0
  }
4217
4218
0
  if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
4219
0
      wpa_s->conf->ap_scan == 2) {
4220
0
    params.bssid = ssid->bssid;
4221
0
    params.fixed_bssid = 1;
4222
0
  }
4223
4224
  /* Initial frequency for IBSS/mesh */
4225
0
  if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
4226
0
      ssid->frequency > 0 && params.freq.freq == 0)
4227
0
    ibss_mesh_setup_freq(wpa_s, ssid, &params.freq);
4228
4229
0
  if (ssid->mode == WPAS_MODE_IBSS) {
4230
0
    params.fixed_freq = ssid->fixed_freq;
4231
0
    if (ssid->beacon_int)
4232
0
      params.beacon_int = ssid->beacon_int;
4233
0
    else
4234
0
      params.beacon_int = wpa_s->conf->beacon_int;
4235
0
  }
4236
4237
0
  if (bss && ssid->enable_edmg)
4238
0
    edmg_ie_oper = wpa_bss_get_ie_ext(bss,
4239
0
              WLAN_EID_EXT_EDMG_OPERATION);
4240
0
  else
4241
0
    edmg_ie_oper = NULL;
4242
4243
0
  if (edmg_ie_oper) {
4244
0
    params.freq.edmg.channels =
4245
0
      wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
4246
0
    params.freq.edmg.bw_config =
4247
0
      wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
4248
0
    wpa_printf(MSG_DEBUG,
4249
0
         "AP supports EDMG channels 0x%x, bw_config %d",
4250
0
         params.freq.edmg.channels,
4251
0
         params.freq.edmg.bw_config);
4252
4253
    /* User may ask for specific EDMG channel for EDMG connection
4254
     * (must be supported by AP)
4255
     */
4256
0
    if (ssid->edmg_channel) {
4257
0
      struct ieee80211_edmg_config configured_edmg;
4258
0
      enum hostapd_hw_mode hw_mode;
4259
0
      u8 primary_channel;
4260
4261
0
      hw_mode = ieee80211_freq_to_chan(bss->freq,
4262
0
               &primary_channel);
4263
0
      if (hw_mode == NUM_HOSTAPD_MODES)
4264
0
        goto edmg_fail;
4265
4266
0
      hostapd_encode_edmg_chan(ssid->enable_edmg,
4267
0
             ssid->edmg_channel,
4268
0
             primary_channel,
4269
0
             &configured_edmg);
4270
4271
0
      if (ieee802_edmg_is_allowed(params.freq.edmg,
4272
0
                configured_edmg)) {
4273
0
        params.freq.edmg = configured_edmg;
4274
0
        wpa_printf(MSG_DEBUG,
4275
0
             "Use EDMG channel %d for connection",
4276
0
             ssid->edmg_channel);
4277
0
      } else {
4278
0
      edmg_fail:
4279
0
        params.freq.edmg.channels = 0;
4280
0
        params.freq.edmg.bw_config = 0;
4281
0
        wpa_printf(MSG_WARNING,
4282
0
             "EDMG channel %d not supported by AP, fallback to DMG",
4283
0
             ssid->edmg_channel);
4284
0
      }
4285
0
    }
4286
4287
0
    if (params.freq.edmg.channels) {
4288
0
      wpa_printf(MSG_DEBUG,
4289
0
           "EDMG before: channels 0x%x, bw_config %d",
4290
0
           params.freq.edmg.channels,
4291
0
           params.freq.edmg.bw_config);
4292
0
      params.freq.edmg = get_supported_edmg(wpa_s,
4293
0
                    &params.freq,
4294
0
                    params.freq.edmg);
4295
0
      wpa_printf(MSG_DEBUG,
4296
0
           "EDMG after: channels 0x%x, bw_config %d",
4297
0
           params.freq.edmg.channels,
4298
0
           params.freq.edmg.bw_config);
4299
0
    }
4300
0
  }
4301
4302
0
  params.pairwise_suite = cipher_pairwise;
4303
0
  params.group_suite = cipher_group;
4304
0
  params.mgmt_group_suite = cipher_group_mgmt;
4305
0
  params.key_mgmt_suite = wpa_s->key_mgmt;
4306
0
  params.allowed_key_mgmts = wpa_s->allowed_key_mgmts;
4307
0
  params.wpa_proto = wpa_s->wpa_proto;
4308
0
  wpa_s->auth_alg = params.auth_alg;
4309
0
  params.mode = ssid->mode;
4310
0
  params.bg_scan_period = ssid->bg_scan_period;
4311
#ifdef CONFIG_WEP
4312
  {
4313
    int i;
4314
4315
    for (i = 0; i < NUM_WEP_KEYS; i++) {
4316
      if (ssid->wep_key_len[i])
4317
        params.wep_key[i] = ssid->wep_key[i];
4318
      params.wep_key_len[i] = ssid->wep_key_len[i];
4319
    }
4320
    params.wep_tx_keyidx = ssid->wep_tx_keyidx;
4321
  }
4322
#endif /* CONFIG_WEP */
4323
4324
0
  if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4325
0
      (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4326
0
       params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
4327
0
       (params.allowed_key_mgmts &
4328
0
        (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK)))) {
4329
0
    params.passphrase = ssid->passphrase;
4330
0
    if (wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0)
4331
0
      params.psk = psk;
4332
0
  }
4333
4334
0
  if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
4335
0
      (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4336
0
       params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4337
0
       params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4338
0
       params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
4339
0
       params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384))
4340
0
    params.req_handshake_offload = 1;
4341
4342
0
  if (wpa_s->conf->key_mgmt_offload) {
4343
0
    if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4344
0
        params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4345
0
        params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4346
0
        params.key_mgmt_suite ==
4347
0
        WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
4348
0
        params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384)
4349
0
      params.req_key_mgmt_offload =
4350
0
        ssid->proactive_key_caching < 0 ?
4351
0
        wpa_s->conf->okc : ssid->proactive_key_caching;
4352
0
    else
4353
0
      params.req_key_mgmt_offload = 1;
4354
4355
0
    if ((wpa_key_mgmt_wpa_psk_no_sae(params.key_mgmt_suite) ||
4356
0
         wpa_key_mgmt_wpa_psk_no_sae(params.allowed_key_mgmts)) &&
4357
0
        wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0)
4358
0
      params.psk = psk;
4359
0
  }
4360
4361
0
  if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA) &&
4362
0
      wpa_key_mgmt_sae(params.key_mgmt_suite)) {
4363
0
    params.auth_alg = WPA_AUTH_ALG_SAE;
4364
0
    if (ssid->sae_password) {
4365
0
      params.sae_password = ssid->sae_password;
4366
0
      params.sae_password_id = ssid->sae_password_id;
4367
0
    } else if (ssid->passphrase) {
4368
0
      params.passphrase = ssid->passphrase;
4369
0
    }
4370
0
  }
4371
4372
0
  params.drop_unencrypted = use_crypt;
4373
4374
0
  params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
4375
0
  if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
4376
0
    const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
4377
0
    struct wpa_ie_data ie;
4378
0
    if (!wpas_driver_bss_selection(wpa_s) && rsn &&
4379
0
        wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
4380
0
        ie.capabilities &
4381
0
        (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
4382
0
      wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
4383
0
        "MFP: require MFP");
4384
0
      params.mgmt_frame_protection =
4385
0
        MGMT_FRAME_PROTECTION_REQUIRED;
4386
#ifdef CONFIG_OWE
4387
    } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
4388
         !ssid->owe_only) {
4389
      params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
4390
#endif /* CONFIG_OWE */
4391
0
    }
4392
0
  }
4393
4394
0
  params.p2p = ssid->p2p_group;
4395
4396
0
  if (wpa_s->p2pdev->set_sta_uapsd)
4397
0
    params.uapsd = wpa_s->p2pdev->sta_uapsd;
4398
0
  else
4399
0
    params.uapsd = -1;
4400
4401
#ifdef CONFIG_HT_OVERRIDES
4402
  os_memset(&htcaps, 0, sizeof(htcaps));
4403
  os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
4404
  params.htcaps = (u8 *) &htcaps;
4405
  params.htcaps_mask = (u8 *) &htcaps_mask;
4406
  wpa_supplicant_apply_ht_overrides(wpa_s, ssid, &params);
4407
#endif /* CONFIG_HT_OVERRIDES */
4408
#ifdef CONFIG_VHT_OVERRIDES
4409
  os_memset(&vhtcaps, 0, sizeof(vhtcaps));
4410
  os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
4411
  params.vhtcaps = &vhtcaps;
4412
  params.vhtcaps_mask = &vhtcaps_mask;
4413
  wpa_supplicant_apply_vht_overrides(wpa_s, ssid, &params);
4414
#endif /* CONFIG_VHT_OVERRIDES */
4415
#ifdef CONFIG_HE_OVERRIDES
4416
  wpa_supplicant_apply_he_overrides(wpa_s, ssid, &params);
4417
#endif /* CONFIG_HE_OVERRIDES */
4418
0
  wpa_supplicant_apply_eht_overrides(wpa_s, ssid, &params);
4419
4420
#ifdef CONFIG_P2P
4421
  /*
4422
   * If multi-channel concurrency is not supported, check for any
4423
   * frequency conflict. In case of any frequency conflict, remove the
4424
   * least prioritized connection.
4425
   */
4426
  if (wpa_s->num_multichan_concurrent < 2) {
4427
    int freq, num;
4428
    num = get_shared_radio_freqs(wpa_s, &freq, 1, false);
4429
    if (num > 0 && freq > 0 && freq != params.freq.freq) {
4430
      wpa_printf(MSG_DEBUG,
4431
           "Assoc conflicting freq found (%d != %d)",
4432
           freq, params.freq.freq);
4433
      if (wpas_p2p_handle_frequency_conflicts(
4434
            wpa_s, params.freq.freq, ssid) < 0) {
4435
        wpas_connect_work_done(wpa_s);
4436
        os_free(wpa_ie);
4437
        return;
4438
      }
4439
    }
4440
  }
4441
#endif /* CONFIG_P2P */
4442
4443
0
  if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
4444
0
      old_ssid)
4445
0
    params.prev_bssid = prev_bssid;
4446
4447
#ifdef CONFIG_SAE
4448
  params.sae_pwe = wpa_s->conf->sae_pwe;
4449
#endif /* CONFIG_SAE */
4450
4451
0
  ret = wpa_drv_associate(wpa_s, &params);
4452
0
  forced_memzero(psk, sizeof(psk));
4453
0
  os_free(wpa_ie);
4454
0
  if (ret < 0) {
4455
0
    wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
4456
0
      "failed");
4457
0
    if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) {
4458
      /*
4459
       * The driver is known to mean what is saying, so we
4460
       * can stop right here; the association will not
4461
       * succeed.
4462
       */
4463
0
      wpas_connection_failed(wpa_s, wpa_s->pending_bssid,
4464
0
                 NULL);
4465
0
      wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4466
0
      os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4467
0
      return;
4468
0
    }
4469
    /* try to continue anyway; new association will be tried again
4470
     * after timeout */
4471
0
    assoc_failed = 1;
4472
0
  }
4473
4474
0
  if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4475
    /* Set the key after the association just in case association
4476
     * cleared the previously configured key. */
4477
0
    wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4478
    /* No need to timeout authentication since there is no key
4479
     * management. */
4480
0
    wpa_supplicant_cancel_auth_timeout(wpa_s);
4481
0
    wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
4482
#ifdef CONFIG_IBSS_RSN
4483
  } else if (ssid->mode == WPAS_MODE_IBSS &&
4484
       wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
4485
       wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
4486
    /*
4487
     * RSN IBSS authentication is per-STA and we can disable the
4488
     * per-BSSID authentication.
4489
     */
4490
    wpa_supplicant_cancel_auth_timeout(wpa_s);
4491
#endif /* CONFIG_IBSS_RSN */
4492
0
  } else {
4493
    /* Timeout for IEEE 802.11 authentication and association */
4494
0
    int timeout = 60;
4495
4496
0
    if (assoc_failed) {
4497
      /* give IBSS a bit more time */
4498
0
      timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
4499
0
    } else if (wpa_s->conf->ap_scan == 1) {
4500
      /* give IBSS a bit more time */
4501
0
      timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
4502
0
    }
4503
0
    wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4504
0
  }
4505
4506
#ifdef CONFIG_WEP
4507
  if (wep_keys_set &&
4508
      (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
4509
    /* Set static WEP keys again */
4510
    wpa_set_wep_keys(wpa_s, ssid);
4511
  }
4512
#endif /* CONFIG_WEP */
4513
4514
0
  if (old_ssid && old_ssid != ssid) {
4515
    /*
4516
     * Do not allow EAP session resumption between different
4517
     * network configurations.
4518
     */
4519
0
    eapol_sm_invalidate_cached_session(wpa_s->eapol);
4520
0
  }
4521
4522
0
  if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) {
4523
0
    wpa_s->current_bss = bss;
4524
0
#ifdef CONFIG_HS20
4525
0
    hs20_configure_frame_filters(wpa_s);
4526
0
#endif /* CONFIG_HS20 */
4527
0
  }
4528
4529
0
  wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
4530
0
  wpa_supplicant_initiate_eapol(wpa_s);
4531
0
  if (old_ssid != wpa_s->current_ssid)
4532
0
    wpas_notify_network_changed(wpa_s);
4533
0
  if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
4534
0
    wpas_notify_auth_changed(wpa_s);
4535
0
}
4536
4537
4538
static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
4539
              const u8 *addr)
4540
0
{
4541
0
  struct wpa_ssid *old_ssid;
4542
4543
0
  wpa_s->ml_connect_probe_ssid = NULL;
4544
0
  wpa_s->ml_connect_probe_bss = NULL;
4545
0
  wpas_connect_work_done(wpa_s);
4546
0
  wpa_clear_keys(wpa_s, addr);
4547
0
  old_ssid = wpa_s->current_ssid;
4548
0
  wpa_supplicant_mark_disassoc(wpa_s);
4549
0
  wpa_sm_set_config(wpa_s->wpa, NULL);
4550
0
  eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4551
0
  if (old_ssid != wpa_s->current_ssid)
4552
0
    wpas_notify_network_changed(wpa_s);
4553
4554
0
#ifndef CONFIG_NO_ROBUST_AV
4555
0
  wpas_scs_deinit(wpa_s);
4556
0
  wpas_dscp_deinit(wpa_s);
4557
0
#endif /* CONFIG_NO_ROBUST_AV */
4558
0
  eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4559
0
}
4560
4561
4562
/**
4563
 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
4564
 * @wpa_s: Pointer to wpa_supplicant data
4565
 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
4566
 *
4567
 * This function is used to request %wpa_supplicant to deauthenticate from the
4568
 * current AP.
4569
 */
4570
void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4571
           u16 reason_code)
4572
0
{
4573
0
  u8 *addr = NULL;
4574
0
  union wpa_event_data event;
4575
0
  int zero_addr = 0;
4576
4577
0
  wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
4578
0
    " pending_bssid=" MACSTR " reason=%d (%s) state=%s",
4579
0
    MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
4580
0
    reason_code, reason2str(reason_code),
4581
0
    wpa_supplicant_state_txt(wpa_s->wpa_state));
4582
4583
0
  if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
4584
0
      (wpa_s->wpa_state == WPA_AUTHENTICATING ||
4585
0
       wpa_s->wpa_state == WPA_ASSOCIATING))
4586
0
    addr = wpa_s->pending_bssid;
4587
0
  else if (!is_zero_ether_addr(wpa_s->bssid))
4588
0
    addr = wpa_s->bssid;
4589
0
  else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
4590
    /*
4591
     * When using driver-based BSS selection, we may not know the
4592
     * BSSID with which we are currently trying to associate. We
4593
     * need to notify the driver of this disconnection even in such
4594
     * a case, so use the all zeros address here.
4595
     */
4596
0
    addr = wpa_s->bssid;
4597
0
    zero_addr = 1;
4598
0
  }
4599
4600
0
  if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
4601
0
    wpa_s->enabled_4addr_mode = 0;
4602
4603
#ifdef CONFIG_TDLS
4604
  wpa_tdls_teardown_peers(wpa_s->wpa);
4605
#endif /* CONFIG_TDLS */
4606
4607
#ifdef CONFIG_MESH
4608
  if (wpa_s->ifmsh) {
4609
    struct mesh_conf *mconf;
4610
4611
    mconf = wpa_s->ifmsh->mconf;
4612
    wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
4613
      wpa_s->ifname);
4614
    wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
4615
                 mconf->meshid_len, reason_code);
4616
    wpa_supplicant_leave_mesh(wpa_s, true);
4617
  }
4618
#endif /* CONFIG_MESH */
4619
4620
0
  if (addr) {
4621
0
    wpa_drv_deauthenticate(wpa_s, addr, reason_code);
4622
0
    os_memset(&event, 0, sizeof(event));
4623
0
    event.deauth_info.reason_code = reason_code;
4624
0
    event.deauth_info.locally_generated = 1;
4625
0
    wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
4626
0
    if (zero_addr)
4627
0
      addr = NULL;
4628
0
  }
4629
4630
0
  wpa_supplicant_clear_connection(wpa_s, addr);
4631
0
}
4632
4633
4634
void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
4635
0
{
4636
0
  wpa_s->own_reconnect_req = 1;
4637
0
  wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
4638
4639
0
}
4640
4641
4642
static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
4643
                struct wpa_ssid *ssid)
4644
0
{
4645
0
  if (!ssid || !ssid->disabled || ssid->disabled == 2)
4646
0
    return;
4647
4648
0
  ssid->disabled = 0;
4649
0
  ssid->owe_transition_bss_select_count = 0;
4650
0
  wpas_clear_temp_disabled(wpa_s, ssid, 1);
4651
0
  wpas_notify_network_enabled_changed(wpa_s, ssid);
4652
4653
  /*
4654
   * Try to reassociate since there is no current configuration and a new
4655
   * network was made available.
4656
   */
4657
0
  if (!wpa_s->current_ssid && !wpa_s->disconnected)
4658
0
    wpa_s->reassociate = 1;
4659
0
}
4660
4661
4662
/**
4663
 * wpa_supplicant_add_network - Add a new network
4664
 * @wpa_s: wpa_supplicant structure for a network interface
4665
 * Returns: The new network configuration or %NULL if operation failed
4666
 *
4667
 * This function performs the following operations:
4668
 * 1. Adds a new network.
4669
 * 2. Send network addition notification.
4670
 * 3. Marks the network disabled.
4671
 * 4. Set network default parameters.
4672
 */
4673
struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
4674
0
{
4675
0
  struct wpa_ssid *ssid;
4676
4677
0
  ssid = wpa_config_add_network(wpa_s->conf);
4678
0
  if (!ssid)
4679
0
    return NULL;
4680
0
  wpas_notify_network_added(wpa_s, ssid);
4681
0
  ssid->disabled = 1;
4682
0
  wpa_config_set_network_defaults(ssid);
4683
4684
0
  return ssid;
4685
0
}
4686
4687
4688
/**
4689
 * wpa_supplicant_remove_network - Remove a configured network based on id
4690
 * @wpa_s: wpa_supplicant structure for a network interface
4691
 * @id: Unique network id to search for
4692
 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
4693
 * could not be removed
4694
 *
4695
 * This function performs the following operations:
4696
 * 1. Removes the network.
4697
 * 2. Send network removal notification.
4698
 * 3. Update internal state machines.
4699
 * 4. Stop any running sched scans.
4700
 */
4701
int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
4702
0
{
4703
0
  struct wpa_ssid *ssid, *prev = wpa_s->current_ssid;
4704
0
  int was_disabled;
4705
4706
0
  ssid = wpa_config_get_network(wpa_s->conf, id);
4707
0
  if (!ssid)
4708
0
    return -1;
4709
0
  wpas_notify_network_removed(wpa_s, ssid);
4710
4711
0
  if (ssid == prev || !prev) {
4712
#ifdef CONFIG_SME
4713
    wpa_s->sme.prev_bssid_set = 0;
4714
#endif /* CONFIG_SME */
4715
    /*
4716
     * Invalidate the EAP session cache if the current or
4717
     * previously used network is removed.
4718
     */
4719
0
    eapol_sm_invalidate_cached_session(wpa_s->eapol);
4720
0
  }
4721
4722
0
  if (ssid == prev) {
4723
0
    wpa_sm_set_config(wpa_s->wpa, NULL);
4724
0
    eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4725
4726
0
    if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4727
0
      wpa_s->own_disconnect_req = 1;
4728
0
    wpa_supplicant_deauthenticate(wpa_s,
4729
0
                WLAN_REASON_DEAUTH_LEAVING);
4730
0
  }
4731
4732
0
  was_disabled = ssid->disabled;
4733
4734
0
  if (wpa_config_remove_network(wpa_s->conf, id) < 0)
4735
0
    return -2;
4736
4737
0
  if (!was_disabled && wpa_s->sched_scanning) {
4738
0
    wpa_printf(MSG_DEBUG,
4739
0
         "Stop ongoing sched_scan to remove network from filters");
4740
0
    wpa_supplicant_cancel_sched_scan(wpa_s);
4741
0
    wpa_supplicant_req_scan(wpa_s, 0, 0);
4742
0
  }
4743
4744
0
  return 0;
4745
0
}
4746
4747
4748
/**
4749
 * wpa_supplicant_remove_all_networks - Remove all configured networks
4750
 * @wpa_s: wpa_supplicant structure for a network interface
4751
 * Returns: 0 on success (errors are currently ignored)
4752
 *
4753
 * This function performs the following operations:
4754
 * 1. Remove all networks.
4755
 * 2. Send network removal notifications.
4756
 * 3. Update internal state machines.
4757
 * 4. Stop any running sched scans.
4758
 */
4759
int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
4760
0
{
4761
0
  struct wpa_ssid *ssid;
4762
4763
0
  if (wpa_s->drv_flags2 &
4764
0
      (WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA |
4765
0
       WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA))
4766
0
    wpa_drv_flush_pmkid(wpa_s);
4767
4768
0
  if (wpa_s->sched_scanning)
4769
0
    wpa_supplicant_cancel_sched_scan(wpa_s);
4770
4771
0
  eapol_sm_invalidate_cached_session(wpa_s->eapol);
4772
0
  if (wpa_s->current_ssid) {
4773
#ifdef CONFIG_SME
4774
    wpa_s->sme.prev_bssid_set = 0;
4775
#endif /* CONFIG_SME */
4776
0
    wpa_sm_set_config(wpa_s->wpa, NULL);
4777
0
    eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4778
0
    if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
4779
0
      wpa_s->own_disconnect_req = 1;
4780
0
    wpa_supplicant_deauthenticate(
4781
0
      wpa_s, WLAN_REASON_DEAUTH_LEAVING);
4782
0
  }
4783
0
  ssid = wpa_s->conf->ssid;
4784
0
  while (ssid) {
4785
0
    struct wpa_ssid *remove_ssid = ssid;
4786
0
    int id;
4787
4788
0
    id = ssid->id;
4789
0
    ssid = ssid->next;
4790
0
    wpas_notify_network_removed(wpa_s, remove_ssid);
4791
0
    wpa_config_remove_network(wpa_s->conf, id);
4792
0
  }
4793
0
  return 0;
4794
0
}
4795
4796
4797
/**
4798
 * wpa_supplicant_enable_network - Mark a configured network as enabled
4799
 * @wpa_s: wpa_supplicant structure for a network interface
4800
 * @ssid: wpa_ssid structure for a configured network or %NULL
4801
 *
4802
 * Enables the specified network or all networks if no network specified.
4803
 */
4804
void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
4805
           struct wpa_ssid *ssid)
4806
0
{
4807
0
  if (ssid == NULL) {
4808
0
    for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
4809
0
      wpa_supplicant_enable_one_network(wpa_s, ssid);
4810
0
  } else
4811
0
    wpa_supplicant_enable_one_network(wpa_s, ssid);
4812
4813
0
  if (wpa_s->reassociate && !wpa_s->disconnected &&
4814
0
      (!wpa_s->current_ssid ||
4815
0
       wpa_s->wpa_state == WPA_DISCONNECTED ||