/src/hostap/wpa_supplicant/wpa_supplicant.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * WPA Supplicant |
3 | | * Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi> |
4 | | * |
5 | | * This software may be distributed under the terms of the BSD license. |
6 | | * See README for more details. |
7 | | * |
8 | | * This file implements functions for registering and unregistering |
9 | | * %wpa_supplicant interfaces. In addition, this file contains number of |
10 | | * functions for managing network connections. |
11 | | */ |
12 | | |
13 | | #include "includes.h" |
14 | | #ifdef CONFIG_MATCH_IFACE |
15 | | #include <net/if.h> |
16 | | #include <fnmatch.h> |
17 | | #endif /* CONFIG_MATCH_IFACE */ |
18 | | |
19 | | #include "common.h" |
20 | | #include "crypto/crypto.h" |
21 | | #include "crypto/random.h" |
22 | | #include "crypto/sha1.h" |
23 | | #include "eapol_supp/eapol_supp_sm.h" |
24 | | #include "eap_peer/eap.h" |
25 | | #include "eap_peer/eap_proxy.h" |
26 | | #include "eap_server/eap_methods.h" |
27 | | #include "rsn_supp/wpa.h" |
28 | | #include "eloop.h" |
29 | | #include "config.h" |
30 | | #include "utils/ext_password.h" |
31 | | #include "l2_packet/l2_packet.h" |
32 | | #include "wpa_supplicant_i.h" |
33 | | #include "driver_i.h" |
34 | | #include "ctrl_iface.h" |
35 | | #include "pcsc_funcs.h" |
36 | | #include "common/version.h" |
37 | | #include "rsn_supp/preauth.h" |
38 | | #include "rsn_supp/pmksa_cache.h" |
39 | | #include "common/wpa_ctrl.h" |
40 | | #include "common/ieee802_11_common.h" |
41 | | #include "common/ieee802_11_defs.h" |
42 | | #include "common/hw_features_common.h" |
43 | | #include "common/gas_server.h" |
44 | | #include "common/dpp.h" |
45 | | #include "common/ptksa_cache.h" |
46 | | #include "p2p/p2p.h" |
47 | | #include "fst/fst.h" |
48 | | #include "bssid_ignore.h" |
49 | | #include "wpas_glue.h" |
50 | | #include "wps_supplicant.h" |
51 | | #include "ibss_rsn.h" |
52 | | #include "sme.h" |
53 | | #include "gas_query.h" |
54 | | #include "ap.h" |
55 | | #include "p2p_supplicant.h" |
56 | | #include "wifi_display.h" |
57 | | #include "notify.h" |
58 | | #include "bgscan.h" |
59 | | #include "autoscan.h" |
60 | | #include "bss.h" |
61 | | #include "scan.h" |
62 | | #include "offchannel.h" |
63 | | #include "hs20_supplicant.h" |
64 | | #include "wnm_sta.h" |
65 | | #include "wpas_kay.h" |
66 | | #include "mesh.h" |
67 | | #include "dpp_supplicant.h" |
68 | | #include "nan_usd.h" |
69 | | #ifdef CONFIG_MESH |
70 | | #include "ap/ap_config.h" |
71 | | #include "ap/hostapd.h" |
72 | | #endif /* CONFIG_MESH */ |
73 | | |
74 | | const char *const wpa_supplicant_version = |
75 | | "wpa_supplicant v" VERSION_STR "\n" |
76 | | "Copyright (c) 2003-2022, Jouni Malinen <j@w1.fi> and contributors"; |
77 | | |
78 | | const char *const wpa_supplicant_license = |
79 | | "This software may be distributed under the terms of the BSD license.\n" |
80 | | "See README for more details.\n" |
81 | | #ifdef EAP_TLS_OPENSSL |
82 | | "\nThis product includes software developed by the OpenSSL Project\n" |
83 | | "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" |
84 | | #endif /* EAP_TLS_OPENSSL */ |
85 | | ; |
86 | | |
87 | | #ifndef CONFIG_NO_STDOUT_DEBUG |
88 | | /* Long text divided into parts in order to fit in C89 strings size limits. */ |
89 | | const char *const wpa_supplicant_full_license1 = |
90 | | ""; |
91 | | const char *const wpa_supplicant_full_license2 = |
92 | | "This software may be distributed under the terms of the BSD license.\n" |
93 | | "\n" |
94 | | "Redistribution and use in source and binary forms, with or without\n" |
95 | | "modification, are permitted provided that the following conditions are\n" |
96 | | "met:\n" |
97 | | "\n"; |
98 | | const char *const wpa_supplicant_full_license3 = |
99 | | "1. Redistributions of source code must retain the above copyright\n" |
100 | | " notice, this list of conditions and the following disclaimer.\n" |
101 | | "\n" |
102 | | "2. Redistributions in binary form must reproduce the above copyright\n" |
103 | | " notice, this list of conditions and the following disclaimer in the\n" |
104 | | " documentation and/or other materials provided with the distribution.\n" |
105 | | "\n"; |
106 | | const char *const wpa_supplicant_full_license4 = |
107 | | "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" |
108 | | " names of its contributors may be used to endorse or promote products\n" |
109 | | " derived from this software without specific prior written permission.\n" |
110 | | "\n" |
111 | | "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" |
112 | | "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" |
113 | | "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" |
114 | | "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; |
115 | | const char *const wpa_supplicant_full_license5 = |
116 | | "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" |
117 | | "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" |
118 | | "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" |
119 | | "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" |
120 | | "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" |
121 | | "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" |
122 | | "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" |
123 | | "\n"; |
124 | | #endif /* CONFIG_NO_STDOUT_DEBUG */ |
125 | | |
126 | | |
127 | | static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx); |
128 | | #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) |
129 | | static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s); |
130 | | #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ |
131 | | #ifdef CONFIG_OWE |
132 | | static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s); |
133 | | #endif /* CONFIG_OWE */ |
134 | | |
135 | | |
136 | | #ifdef CONFIG_WEP |
137 | | /* Configure default/group WEP keys for static WEP */ |
138 | | int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) |
139 | | { |
140 | | int i, set = 0; |
141 | | |
142 | | for (i = 0; i < NUM_WEP_KEYS; i++) { |
143 | | if (ssid->wep_key_len[i] == 0) |
144 | | continue; |
145 | | |
146 | | set = 1; |
147 | | wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL, |
148 | | i, i == ssid->wep_tx_keyidx, NULL, 0, |
149 | | ssid->wep_key[i], ssid->wep_key_len[i], |
150 | | i == ssid->wep_tx_keyidx ? |
151 | | KEY_FLAG_GROUP_RX_TX_DEFAULT : |
152 | | KEY_FLAG_GROUP_RX_TX); |
153 | | } |
154 | | |
155 | | return set; |
156 | | } |
157 | | #endif /* CONFIG_WEP */ |
158 | | |
159 | | |
160 | | int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, |
161 | | struct wpa_ssid *ssid) |
162 | 0 | { |
163 | 0 | u8 key[32]; |
164 | 0 | size_t keylen; |
165 | 0 | enum wpa_alg alg; |
166 | 0 | u8 seq[6] = { 0 }; |
167 | 0 | int ret; |
168 | | |
169 | | /* IBSS/WPA-None uses only one key (Group) for both receiving and |
170 | | * sending unicast and multicast packets. */ |
171 | |
|
172 | 0 | if (ssid->mode != WPAS_MODE_IBSS) { |
173 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " |
174 | 0 | "IBSS/ad-hoc) for WPA-None", ssid->mode); |
175 | 0 | return -1; |
176 | 0 | } |
177 | | |
178 | 0 | if (!ssid->psk_set) { |
179 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " |
180 | 0 | "WPA-None"); |
181 | 0 | return -1; |
182 | 0 | } |
183 | | |
184 | 0 | switch (wpa_s->group_cipher) { |
185 | 0 | case WPA_CIPHER_CCMP: |
186 | 0 | os_memcpy(key, ssid->psk, 16); |
187 | 0 | keylen = 16; |
188 | 0 | alg = WPA_ALG_CCMP; |
189 | 0 | break; |
190 | 0 | case WPA_CIPHER_GCMP: |
191 | 0 | os_memcpy(key, ssid->psk, 16); |
192 | 0 | keylen = 16; |
193 | 0 | alg = WPA_ALG_GCMP; |
194 | 0 | break; |
195 | 0 | case WPA_CIPHER_TKIP: |
196 | | /* WPA-None uses the same Michael MIC key for both TX and RX */ |
197 | 0 | os_memcpy(key, ssid->psk, 16 + 8); |
198 | 0 | os_memcpy(key + 16 + 8, ssid->psk + 16, 8); |
199 | 0 | keylen = 32; |
200 | 0 | alg = WPA_ALG_TKIP; |
201 | 0 | break; |
202 | 0 | default: |
203 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " |
204 | 0 | "WPA-None", wpa_s->group_cipher); |
205 | 0 | return -1; |
206 | 0 | } |
207 | | |
208 | | /* TODO: should actually remember the previously used seq#, both for TX |
209 | | * and RX from each STA.. */ |
210 | | |
211 | 0 | ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen, |
212 | 0 | KEY_FLAG_GROUP_RX_TX_DEFAULT); |
213 | 0 | os_memset(key, 0, sizeof(key)); |
214 | 0 | return ret; |
215 | 0 | } |
216 | | |
217 | | |
218 | | static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) |
219 | 0 | { |
220 | 0 | struct wpa_supplicant *wpa_s = eloop_ctx; |
221 | 0 | const u8 *bssid = wpa_s->bssid; |
222 | 0 | if (!is_zero_ether_addr(wpa_s->pending_bssid) && |
223 | 0 | (wpa_s->wpa_state == WPA_AUTHENTICATING || |
224 | 0 | wpa_s->wpa_state == WPA_ASSOCIATING)) |
225 | 0 | bssid = wpa_s->pending_bssid; |
226 | 0 | wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", |
227 | 0 | MAC2STR(bssid)); |
228 | 0 | wpa_bssid_ignore_add(wpa_s, bssid); |
229 | 0 | wpa_sm_notify_disassoc(wpa_s->wpa); |
230 | 0 | wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); |
231 | 0 | wpa_s->reassociate = 1; |
232 | | |
233 | | /* |
234 | | * If we timed out, the AP or the local radio may be busy. |
235 | | * So, wait a second until scanning again. |
236 | | */ |
237 | 0 | wpa_supplicant_req_scan(wpa_s, 1, 0); |
238 | 0 | } |
239 | | |
240 | | |
241 | | /** |
242 | | * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication |
243 | | * @wpa_s: Pointer to wpa_supplicant data |
244 | | * @sec: Number of seconds after which to time out authentication |
245 | | * @usec: Number of microseconds after which to time out authentication |
246 | | * |
247 | | * This function is used to schedule a timeout for the current authentication |
248 | | * attempt. |
249 | | */ |
250 | | void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, |
251 | | int sec, int usec) |
252 | 0 | { |
253 | 0 | if (wpa_s->conf->ap_scan == 0 && |
254 | 0 | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) |
255 | 0 | return; |
256 | | |
257 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " |
258 | 0 | "%d usec", sec, usec); |
259 | 0 | eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); |
260 | 0 | wpa_s->last_auth_timeout_sec = sec; |
261 | 0 | eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); |
262 | 0 | } |
263 | | |
264 | | |
265 | | /* |
266 | | * wpas_auth_timeout_restart - Restart and change timeout for authentication |
267 | | * @wpa_s: Pointer to wpa_supplicant data |
268 | | * @sec_diff: difference in seconds applied to original timeout value |
269 | | */ |
270 | | void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff) |
271 | 0 | { |
272 | 0 | int new_sec = wpa_s->last_auth_timeout_sec + sec_diff; |
273 | |
|
274 | 0 | if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) { |
275 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
276 | 0 | "Authentication timeout restart: %d sec", new_sec); |
277 | 0 | eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); |
278 | 0 | eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout, |
279 | 0 | wpa_s, NULL); |
280 | 0 | } |
281 | 0 | } |
282 | | |
283 | | |
284 | | /** |
285 | | * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout |
286 | | * @wpa_s: Pointer to wpa_supplicant data |
287 | | * |
288 | | * This function is used to cancel authentication timeout scheduled with |
289 | | * wpa_supplicant_req_auth_timeout() and it is called when authentication has |
290 | | * been completed. |
291 | | */ |
292 | | void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) |
293 | 0 | { |
294 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); |
295 | 0 | eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); |
296 | 0 | wpa_bssid_ignore_del(wpa_s, wpa_s->bssid); |
297 | 0 | os_free(wpa_s->last_con_fail_realm); |
298 | 0 | wpa_s->last_con_fail_realm = NULL; |
299 | 0 | wpa_s->last_con_fail_realm_len = 0; |
300 | 0 | } |
301 | | |
302 | | |
303 | | /** |
304 | | * wpa_supplicant_initiate_eapol - Configure EAPOL state machine |
305 | | * @wpa_s: Pointer to wpa_supplicant data |
306 | | * |
307 | | * This function is used to configure EAPOL state machine based on the selected |
308 | | * authentication mode. |
309 | | */ |
310 | | void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) |
311 | 0 | { |
312 | 0 | #ifdef IEEE8021X_EAPOL |
313 | 0 | struct eapol_config eapol_conf; |
314 | 0 | struct wpa_ssid *ssid = wpa_s->current_ssid; |
315 | |
|
316 | | #ifdef CONFIG_IBSS_RSN |
317 | | if (ssid->mode == WPAS_MODE_IBSS && |
318 | | wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && |
319 | | wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { |
320 | | /* |
321 | | * RSN IBSS authentication is per-STA and we can disable the |
322 | | * per-BSSID EAPOL authentication. |
323 | | */ |
324 | | eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); |
325 | | eapol_sm_notify_eap_success(wpa_s->eapol, true); |
326 | | eapol_sm_notify_eap_fail(wpa_s->eapol, false); |
327 | | return; |
328 | | } |
329 | | #endif /* CONFIG_IBSS_RSN */ |
330 | |
|
331 | 0 | eapol_sm_notify_eap_success(wpa_s->eapol, false); |
332 | 0 | eapol_sm_notify_eap_fail(wpa_s->eapol, false); |
333 | |
|
334 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || |
335 | 0 | wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) |
336 | 0 | eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); |
337 | 0 | else |
338 | 0 | eapol_sm_notify_portControl(wpa_s->eapol, Auto); |
339 | |
|
340 | 0 | os_memset(&eapol_conf, 0, sizeof(eapol_conf)); |
341 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { |
342 | 0 | eapol_conf.accept_802_1x_keys = 1; |
343 | 0 | eapol_conf.required_keys = 0; |
344 | 0 | if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { |
345 | 0 | eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; |
346 | 0 | } |
347 | 0 | if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { |
348 | 0 | eapol_conf.required_keys |= |
349 | 0 | EAPOL_REQUIRE_KEY_BROADCAST; |
350 | 0 | } |
351 | |
|
352 | 0 | if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) |
353 | 0 | eapol_conf.required_keys = 0; |
354 | 0 | } |
355 | 0 | eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; |
356 | 0 | eapol_conf.workaround = ssid->eap_workaround; |
357 | 0 | eapol_conf.eap_disabled = |
358 | 0 | !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && |
359 | 0 | wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && |
360 | 0 | wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; |
361 | 0 | eapol_conf.external_sim = wpa_s->conf->external_sim; |
362 | |
|
363 | | #ifdef CONFIG_WPS |
364 | | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { |
365 | | eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE; |
366 | | if (wpa_s->current_bss) { |
367 | | struct wpabuf *ie; |
368 | | ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss, |
369 | | WPS_IE_VENDOR_TYPE); |
370 | | if (ie) { |
371 | | if (wps_is_20(ie)) |
372 | | eapol_conf.wps |= |
373 | | EAPOL_PEER_IS_WPS20_AP; |
374 | | wpabuf_free(ie); |
375 | | } |
376 | | } |
377 | | } |
378 | | #endif /* CONFIG_WPS */ |
379 | |
|
380 | 0 | eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); |
381 | |
|
382 | | #ifdef CONFIG_MACSEC |
383 | | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set) |
384 | | ieee802_1x_create_preshared_mka(wpa_s, ssid); |
385 | | else |
386 | | ieee802_1x_alloc_kay_sm(wpa_s, ssid); |
387 | | #endif /* CONFIG_MACSEC */ |
388 | 0 | #endif /* IEEE8021X_EAPOL */ |
389 | 0 | } |
390 | | |
391 | | |
392 | | /** |
393 | | * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode |
394 | | * @wpa_s: Pointer to wpa_supplicant data |
395 | | * @ssid: Configuration data for the network |
396 | | * |
397 | | * This function is used to configure WPA state machine and related parameters |
398 | | * to a mode where WPA is not enabled. This is called as part of the |
399 | | * authentication configuration when the selected network does not use WPA. |
400 | | */ |
401 | | void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, |
402 | | struct wpa_ssid *ssid) |
403 | 0 | { |
404 | | #ifdef CONFIG_WEP |
405 | | int i; |
406 | | #endif /* CONFIG_WEP */ |
407 | 0 | struct wpa_sm_mlo mlo; |
408 | |
|
409 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) |
410 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; |
411 | 0 | else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) |
412 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; |
413 | 0 | else |
414 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; |
415 | 0 | wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); |
416 | 0 | wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); |
417 | 0 | wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0); |
418 | 0 | wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); |
419 | 0 | wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); |
420 | 0 | wpa_s->rsnxe_len = 0; |
421 | 0 | wpa_s->pairwise_cipher = WPA_CIPHER_NONE; |
422 | 0 | wpa_s->group_cipher = WPA_CIPHER_NONE; |
423 | 0 | wpa_s->mgmt_group_cipher = 0; |
424 | |
|
425 | | #ifdef CONFIG_WEP |
426 | | for (i = 0; i < NUM_WEP_KEYS; i++) { |
427 | | if (ssid->wep_key_len[i] > 5) { |
428 | | wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; |
429 | | wpa_s->group_cipher = WPA_CIPHER_WEP104; |
430 | | break; |
431 | | } else if (ssid->wep_key_len[i] > 0) { |
432 | | wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; |
433 | | wpa_s->group_cipher = WPA_CIPHER_WEP40; |
434 | | break; |
435 | | } |
436 | | } |
437 | | #endif /* CONFIG_WEP */ |
438 | |
|
439 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); |
440 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); |
441 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, |
442 | 0 | wpa_s->pairwise_cipher); |
443 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); |
444 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, |
445 | 0 | wpa_s->mgmt_group_cipher); |
446 | |
|
447 | 0 | pmksa_cache_clear_current(wpa_s->wpa); |
448 | 0 | os_memset(&mlo, 0, sizeof(mlo)); |
449 | 0 | wpa_sm_set_mlo_params(wpa_s->wpa, &mlo); |
450 | 0 | } |
451 | | |
452 | | |
453 | | void free_hw_features(struct wpa_supplicant *wpa_s) |
454 | 0 | { |
455 | 0 | int i; |
456 | 0 | if (wpa_s->hw.modes == NULL) |
457 | 0 | return; |
458 | | |
459 | 0 | for (i = 0; i < wpa_s->hw.num_modes; i++) { |
460 | 0 | os_free(wpa_s->hw.modes[i].channels); |
461 | 0 | os_free(wpa_s->hw.modes[i].rates); |
462 | 0 | } |
463 | |
|
464 | 0 | os_free(wpa_s->hw.modes); |
465 | 0 | wpa_s->hw.modes = NULL; |
466 | 0 | } |
467 | | |
468 | | |
469 | | static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s, |
470 | | struct wpa_bss_tmp_disallowed *bss) |
471 | 0 | { |
472 | 0 | eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); |
473 | 0 | dl_list_del(&bss->list); |
474 | 0 | os_free(bss); |
475 | 0 | } |
476 | | |
477 | | |
478 | | void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s) |
479 | 0 | { |
480 | 0 | struct wpa_bss_tmp_disallowed *bss, *prev; |
481 | |
|
482 | 0 | dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed, |
483 | 0 | struct wpa_bss_tmp_disallowed, list) |
484 | 0 | remove_bss_tmp_disallowed_entry(wpa_s, bss); |
485 | 0 | } |
486 | | |
487 | | |
488 | | void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s) |
489 | 0 | { |
490 | 0 | struct fils_hlp_req *req; |
491 | |
|
492 | 0 | while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req, |
493 | 0 | list)) != NULL) { |
494 | 0 | dl_list_del(&req->list); |
495 | 0 | wpabuf_free(req->pkt); |
496 | 0 | os_free(req); |
497 | 0 | } |
498 | 0 | } |
499 | | |
500 | | |
501 | | void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx) |
502 | 0 | { |
503 | 0 | struct wpa_supplicant *wpa_s = eloop_ctx; |
504 | |
|
505 | 0 | if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) |
506 | 0 | return; |
507 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface"); |
508 | 0 | wpa_bss_flush(wpa_s); |
509 | 0 | } |
510 | | |
511 | | |
512 | | #ifdef CONFIG_TESTING_OPTIONS |
513 | | void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s) |
514 | | { |
515 | | struct driver_signal_override *dso; |
516 | | |
517 | | while ((dso = dl_list_first(&wpa_s->drv_signal_override, |
518 | | struct driver_signal_override, list))) { |
519 | | dl_list_del(&dso->list); |
520 | | os_free(dso); |
521 | | } |
522 | | } |
523 | | #endif /* CONFIG_TESTING_OPTIONS */ |
524 | | |
525 | | |
526 | | static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) |
527 | 0 | { |
528 | 0 | int i; |
529 | |
|
530 | 0 | bgscan_deinit(wpa_s); |
531 | 0 | autoscan_deinit(wpa_s); |
532 | 0 | scard_deinit(wpa_s->scard); |
533 | 0 | wpa_s->scard = NULL; |
534 | 0 | wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); |
535 | 0 | eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); |
536 | 0 | l2_packet_deinit(wpa_s->l2); |
537 | 0 | wpa_s->l2 = NULL; |
538 | 0 | if (wpa_s->l2_br) { |
539 | 0 | l2_packet_deinit(wpa_s->l2_br); |
540 | 0 | wpa_s->l2_br = NULL; |
541 | 0 | } |
542 | | #ifdef CONFIG_TESTING_OPTIONS |
543 | | l2_packet_deinit(wpa_s->l2_test); |
544 | | wpa_s->l2_test = NULL; |
545 | | os_free(wpa_s->get_pref_freq_list_override); |
546 | | wpa_s->get_pref_freq_list_override = NULL; |
547 | | wpabuf_free(wpa_s->last_assoc_req_wpa_ie); |
548 | | wpa_s->last_assoc_req_wpa_ie = NULL; |
549 | | os_free(wpa_s->extra_sae_rejected_groups); |
550 | | wpa_s->extra_sae_rejected_groups = NULL; |
551 | | wpabuf_free(wpa_s->rsne_override_eapol); |
552 | | wpa_s->rsne_override_eapol = NULL; |
553 | | wpabuf_free(wpa_s->rsnxe_override_assoc); |
554 | | wpa_s->rsnxe_override_assoc = NULL; |
555 | | wpabuf_free(wpa_s->rsnxe_override_eapol); |
556 | | wpa_s->rsnxe_override_eapol = NULL; |
557 | | wpas_clear_driver_signal_override(wpa_s); |
558 | | #endif /* CONFIG_TESTING_OPTIONS */ |
559 | |
|
560 | 0 | if (wpa_s->conf != NULL) { |
561 | 0 | struct wpa_ssid *ssid; |
562 | 0 | for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) |
563 | 0 | wpas_notify_network_removed(wpa_s, ssid); |
564 | 0 | } |
565 | |
|
566 | 0 | os_free(wpa_s->confname); |
567 | 0 | wpa_s->confname = NULL; |
568 | |
|
569 | 0 | os_free(wpa_s->confanother); |
570 | 0 | wpa_s->confanother = NULL; |
571 | |
|
572 | 0 | os_free(wpa_s->last_con_fail_realm); |
573 | 0 | wpa_s->last_con_fail_realm = NULL; |
574 | 0 | wpa_s->last_con_fail_realm_len = 0; |
575 | |
|
576 | 0 | wpa_sm_set_eapol(wpa_s->wpa, NULL); |
577 | 0 | eapol_sm_deinit(wpa_s->eapol); |
578 | 0 | wpa_s->eapol = NULL; |
579 | |
|
580 | 0 | rsn_preauth_deinit(wpa_s->wpa); |
581 | |
|
582 | | #ifdef CONFIG_TDLS |
583 | | wpa_tdls_deinit(wpa_s->wpa); |
584 | | #endif /* CONFIG_TDLS */ |
585 | |
|
586 | 0 | #ifndef CONFIG_NO_WMM_AC |
587 | 0 | wmm_ac_clear_saved_tspecs(wpa_s); |
588 | 0 | #endif /* CONFIG_NO_WMM_AC */ |
589 | 0 | pmksa_candidate_free(wpa_s->wpa); |
590 | 0 | ptksa_cache_deinit(wpa_s->ptksa); |
591 | 0 | wpa_s->ptksa = NULL; |
592 | 0 | wpa_sm_deinit(wpa_s->wpa); |
593 | 0 | wpa_s->wpa = NULL; |
594 | 0 | wpa_bssid_ignore_clear(wpa_s); |
595 | |
|
596 | | #ifdef CONFIG_PASN |
597 | | wpas_pasn_auth_stop(wpa_s); |
598 | | #endif /* CONFIG_PASN */ |
599 | |
|
600 | 0 | wpa_bss_deinit(wpa_s); |
601 | |
|
602 | 0 | wpa_supplicant_cancel_delayed_sched_scan(wpa_s); |
603 | 0 | wpa_supplicant_cancel_scan(wpa_s); |
604 | 0 | wpa_supplicant_cancel_auth_timeout(wpa_s); |
605 | 0 | eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); |
606 | | #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT |
607 | | eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, |
608 | | wpa_s, NULL); |
609 | | #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ |
610 | |
|
611 | 0 | eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); |
612 | 0 | eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL); |
613 | |
|
614 | 0 | wpas_wps_deinit(wpa_s); |
615 | |
|
616 | 0 | wpabuf_free(wpa_s->pending_eapol_rx); |
617 | 0 | wpa_s->pending_eapol_rx = NULL; |
618 | |
|
619 | | #ifdef CONFIG_IBSS_RSN |
620 | | ibss_rsn_deinit(wpa_s->ibss_rsn); |
621 | | wpa_s->ibss_rsn = NULL; |
622 | | #endif /* CONFIG_IBSS_RSN */ |
623 | |
|
624 | 0 | sme_deinit(wpa_s); |
625 | |
|
626 | | #ifdef CONFIG_AP |
627 | | wpa_supplicant_ap_deinit(wpa_s); |
628 | | #endif /* CONFIG_AP */ |
629 | |
|
630 | 0 | wpas_p2p_deinit(wpa_s); |
631 | |
|
632 | | #ifdef CONFIG_OFFCHANNEL |
633 | | offchannel_deinit(wpa_s); |
634 | | #endif /* CONFIG_OFFCHANNEL */ |
635 | |
|
636 | 0 | wpa_supplicant_cancel_sched_scan(wpa_s); |
637 | |
|
638 | 0 | os_free(wpa_s->next_scan_freqs); |
639 | 0 | wpa_s->next_scan_freqs = NULL; |
640 | |
|
641 | 0 | os_free(wpa_s->manual_scan_freqs); |
642 | 0 | wpa_s->manual_scan_freqs = NULL; |
643 | 0 | os_free(wpa_s->select_network_scan_freqs); |
644 | 0 | wpa_s->select_network_scan_freqs = NULL; |
645 | |
|
646 | 0 | os_free(wpa_s->manual_sched_scan_freqs); |
647 | 0 | wpa_s->manual_sched_scan_freqs = NULL; |
648 | |
|
649 | 0 | wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL); |
650 | | |
651 | | /* |
652 | | * Need to remove any pending gas-query radio work before the |
653 | | * gas_query_deinit() call because gas_query::work has not yet been set |
654 | | * for works that have not been started. gas_query_free() will be unable |
655 | | * to cancel such pending radio works and once the pending gas-query |
656 | | * radio work eventually gets removed, the deinit notification call to |
657 | | * gas_query_start_cb() would result in dereferencing freed memory. |
658 | | */ |
659 | 0 | if (wpa_s->radio) |
660 | 0 | radio_remove_works(wpa_s, "gas-query", 0); |
661 | 0 | gas_query_deinit(wpa_s->gas); |
662 | 0 | wpa_s->gas = NULL; |
663 | 0 | gas_server_deinit(wpa_s->gas_server); |
664 | 0 | wpa_s->gas_server = NULL; |
665 | |
|
666 | 0 | free_hw_features(wpa_s); |
667 | |
|
668 | 0 | ieee802_1x_dealloc_kay_sm(wpa_s); |
669 | |
|
670 | 0 | os_free(wpa_s->bssid_filter); |
671 | 0 | wpa_s->bssid_filter = NULL; |
672 | |
|
673 | 0 | os_free(wpa_s->disallow_aps_bssid); |
674 | 0 | wpa_s->disallow_aps_bssid = NULL; |
675 | 0 | os_free(wpa_s->disallow_aps_ssid); |
676 | 0 | wpa_s->disallow_aps_ssid = NULL; |
677 | |
|
678 | 0 | wnm_bss_keep_alive_deinit(wpa_s); |
679 | 0 | #ifdef CONFIG_WNM |
680 | 0 | wnm_deallocate_memory(wpa_s); |
681 | 0 | #endif /* CONFIG_WNM */ |
682 | |
|
683 | 0 | ext_password_deinit(wpa_s->ext_pw); |
684 | 0 | wpa_s->ext_pw = NULL; |
685 | |
|
686 | 0 | wpabuf_free(wpa_s->last_gas_resp); |
687 | 0 | wpa_s->last_gas_resp = NULL; |
688 | 0 | wpabuf_free(wpa_s->prev_gas_resp); |
689 | 0 | wpa_s->prev_gas_resp = NULL; |
690 | |
|
691 | 0 | os_free(wpa_s->last_scan_res); |
692 | 0 | wpa_s->last_scan_res = NULL; |
693 | |
|
694 | 0 | #ifdef CONFIG_HS20 |
695 | 0 | if (wpa_s->drv_priv) |
696 | 0 | wpa_drv_configure_frame_filters(wpa_s, 0); |
697 | 0 | hs20_deinit(wpa_s); |
698 | 0 | #endif /* CONFIG_HS20 */ |
699 | |
|
700 | 0 | for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { |
701 | 0 | wpabuf_free(wpa_s->vendor_elem[i]); |
702 | 0 | wpa_s->vendor_elem[i] = NULL; |
703 | 0 | } |
704 | |
|
705 | 0 | #ifndef CONFIG_NO_WMM_AC |
706 | 0 | wmm_ac_notify_disassoc(wpa_s); |
707 | 0 | #endif /* CONFIG_NO_WMM_AC */ |
708 | |
|
709 | 0 | wpa_s->sched_scan_plans_num = 0; |
710 | 0 | os_free(wpa_s->sched_scan_plans); |
711 | 0 | wpa_s->sched_scan_plans = NULL; |
712 | |
|
713 | | #ifdef CONFIG_MBO |
714 | | wpa_s->non_pref_chan_num = 0; |
715 | | os_free(wpa_s->non_pref_chan); |
716 | | wpa_s->non_pref_chan = NULL; |
717 | | #endif /* CONFIG_MBO */ |
718 | |
|
719 | 0 | free_bss_tmp_disallowed(wpa_s); |
720 | |
|
721 | 0 | wpabuf_free(wpa_s->lci); |
722 | 0 | wpa_s->lci = NULL; |
723 | 0 | #ifndef CONFIG_NO_RRM |
724 | 0 | wpas_clear_beacon_rep_data(wpa_s); |
725 | 0 | #endif /* CONFIG_NO_RRM */ |
726 | |
|
727 | | #ifdef CONFIG_PMKSA_CACHE_EXTERNAL |
728 | | #ifdef CONFIG_MESH |
729 | | { |
730 | | struct external_pmksa_cache *entry; |
731 | | |
732 | | while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache, |
733 | | struct external_pmksa_cache, |
734 | | list)) != NULL) { |
735 | | dl_list_del(&entry->list); |
736 | | os_free(entry->pmksa_cache); |
737 | | os_free(entry); |
738 | | } |
739 | | } |
740 | | #endif /* CONFIG_MESH */ |
741 | | #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ |
742 | |
|
743 | 0 | wpas_flush_fils_hlp_req(wpa_s); |
744 | |
|
745 | 0 | wpabuf_free(wpa_s->ric_ies); |
746 | 0 | wpa_s->ric_ies = NULL; |
747 | |
|
748 | | #ifdef CONFIG_DPP |
749 | | wpas_dpp_deinit(wpa_s); |
750 | | dpp_global_deinit(wpa_s->dpp); |
751 | | wpa_s->dpp = NULL; |
752 | | #endif /* CONFIG_DPP */ |
753 | |
|
754 | | #ifdef CONFIG_NAN_USD |
755 | | wpas_nan_usd_deinit(wpa_s); |
756 | | #endif /* CONFIG_NAN_USD */ |
757 | |
|
758 | | #ifdef CONFIG_PASN |
759 | | wpas_pasn_auth_stop(wpa_s); |
760 | | #endif /* CONFIG_PASN */ |
761 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
762 | 0 | wpas_scs_deinit(wpa_s); |
763 | 0 | wpas_dscp_deinit(wpa_s); |
764 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
765 | |
|
766 | | #ifdef CONFIG_OWE |
767 | | os_free(wpa_s->owe_trans_scan_freq); |
768 | | wpa_s->owe_trans_scan_freq = NULL; |
769 | | #endif /* CONFIG_OWE */ |
770 | 0 | } |
771 | | |
772 | | |
773 | | /** |
774 | | * wpa_clear_keys - Clear keys configured for the driver |
775 | | * @wpa_s: Pointer to wpa_supplicant data |
776 | | * @addr: Previously used BSSID or %NULL if not available |
777 | | * |
778 | | * This function clears the encryption keys that has been previously configured |
779 | | * for the driver. |
780 | | */ |
781 | | void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) |
782 | 0 | { |
783 | 0 | int i, max = 6; |
784 | | |
785 | | /* MLME-DELETEKEYS.request */ |
786 | 0 | for (i = 0; i < max; i++) { |
787 | 0 | if (wpa_s->keys_cleared & BIT(i)) |
788 | 0 | continue; |
789 | 0 | wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0, |
790 | 0 | NULL, 0, KEY_FLAG_GROUP); |
791 | 0 | } |
792 | | /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */ |
793 | 0 | if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr && |
794 | 0 | !is_zero_ether_addr(addr)) { |
795 | 0 | if (!(wpa_s->keys_cleared & BIT(0))) |
796 | 0 | wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0, |
797 | 0 | NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); |
798 | 0 | if (!(wpa_s->keys_cleared & BIT(15))) |
799 | 0 | wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0, |
800 | 0 | NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); |
801 | | /* MLME-SETPROTECTION.request(None) */ |
802 | 0 | wpa_drv_mlme_setprotection( |
803 | 0 | wpa_s, addr, |
804 | 0 | MLME_SETPROTECTION_PROTECT_TYPE_NONE, |
805 | 0 | MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); |
806 | 0 | } |
807 | 0 | wpa_s->keys_cleared = (u32) -1; |
808 | 0 | } |
809 | | |
810 | | |
811 | | /** |
812 | | * wpa_supplicant_state_txt - Get the connection state name as a text string |
813 | | * @state: State (wpa_state; WPA_*) |
814 | | * Returns: The state name as a printable text string |
815 | | */ |
816 | | const char * wpa_supplicant_state_txt(enum wpa_states state) |
817 | 0 | { |
818 | 0 | switch (state) { |
819 | 0 | case WPA_DISCONNECTED: |
820 | 0 | return "DISCONNECTED"; |
821 | 0 | case WPA_INACTIVE: |
822 | 0 | return "INACTIVE"; |
823 | 0 | case WPA_INTERFACE_DISABLED: |
824 | 0 | return "INTERFACE_DISABLED"; |
825 | 0 | case WPA_SCANNING: |
826 | 0 | return "SCANNING"; |
827 | 0 | case WPA_AUTHENTICATING: |
828 | 0 | return "AUTHENTICATING"; |
829 | 0 | case WPA_ASSOCIATING: |
830 | 0 | return "ASSOCIATING"; |
831 | 0 | case WPA_ASSOCIATED: |
832 | 0 | return "ASSOCIATED"; |
833 | 0 | case WPA_4WAY_HANDSHAKE: |
834 | 0 | return "4WAY_HANDSHAKE"; |
835 | 0 | case WPA_GROUP_HANDSHAKE: |
836 | 0 | return "GROUP_HANDSHAKE"; |
837 | 0 | case WPA_COMPLETED: |
838 | 0 | return "COMPLETED"; |
839 | 0 | default: |
840 | 0 | return "UNKNOWN"; |
841 | 0 | } |
842 | 0 | } |
843 | | |
844 | | |
845 | | #ifdef CONFIG_BGSCAN |
846 | | |
847 | | static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) |
848 | | { |
849 | | if (wpa_s->bgscan_ssid) { |
850 | | bgscan_deinit(wpa_s); |
851 | | wpa_s->bgscan_ssid = NULL; |
852 | | } |
853 | | } |
854 | | |
855 | | |
856 | | /** |
857 | | * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID. |
858 | | * @wpa_s: Pointer to the wpa_supplicant data |
859 | | * |
860 | | * Stop, start, or reconfigure the scan parameters depending on the method. |
861 | | */ |
862 | | void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s) |
863 | | { |
864 | | const char *name; |
865 | | |
866 | | if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) |
867 | | name = wpa_s->current_ssid->bgscan; |
868 | | else |
869 | | name = wpa_s->conf->bgscan; |
870 | | if (!name || name[0] == '\0') { |
871 | | wpa_supplicant_stop_bgscan(wpa_s); |
872 | | return; |
873 | | } |
874 | | if (wpas_driver_bss_selection(wpa_s)) |
875 | | return; |
876 | | #ifdef CONFIG_P2P |
877 | | if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE) |
878 | | return; |
879 | | #endif /* CONFIG_P2P */ |
880 | | |
881 | | bgscan_deinit(wpa_s); |
882 | | if (wpa_s->current_ssid) { |
883 | | if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) { |
884 | | wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " |
885 | | "bgscan"); |
886 | | /* |
887 | | * Live without bgscan; it is only used as a roaming |
888 | | * optimization, so the initial connection is not |
889 | | * affected. |
890 | | */ |
891 | | } else { |
892 | | struct wpa_scan_results *scan_res; |
893 | | wpa_s->bgscan_ssid = wpa_s->current_ssid; |
894 | | scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, |
895 | | 0); |
896 | | if (scan_res) { |
897 | | bgscan_notify_scan(wpa_s, scan_res); |
898 | | wpa_scan_results_free(scan_res); |
899 | | } |
900 | | } |
901 | | } else |
902 | | wpa_s->bgscan_ssid = NULL; |
903 | | } |
904 | | |
905 | | #endif /* CONFIG_BGSCAN */ |
906 | | |
907 | | |
908 | | static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s) |
909 | 0 | { |
910 | 0 | if (autoscan_init(wpa_s, 0)) |
911 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan"); |
912 | 0 | } |
913 | | |
914 | | |
915 | | static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s) |
916 | 0 | { |
917 | 0 | autoscan_deinit(wpa_s); |
918 | 0 | } |
919 | | |
920 | | |
921 | | void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s) |
922 | 0 | { |
923 | 0 | if (wpa_s->wpa_state == WPA_DISCONNECTED || |
924 | 0 | wpa_s->wpa_state == WPA_SCANNING) { |
925 | 0 | autoscan_deinit(wpa_s); |
926 | 0 | wpa_supplicant_start_autoscan(wpa_s); |
927 | 0 | } |
928 | 0 | } |
929 | | |
930 | | |
931 | | /** |
932 | | * wpa_supplicant_set_state - Set current connection state |
933 | | * @wpa_s: Pointer to wpa_supplicant data |
934 | | * @state: The new connection state |
935 | | * |
936 | | * This function is called whenever the connection state changes, e.g., |
937 | | * association is completed for WPA/WPA2 4-Way Handshake is started. |
938 | | */ |
939 | | void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, |
940 | | enum wpa_states state) |
941 | 0 | { |
942 | 0 | enum wpa_states old_state = wpa_s->wpa_state; |
943 | | #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) |
944 | | bool update_fils_connect_params = false; |
945 | | #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ |
946 | |
|
947 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", |
948 | 0 | wpa_supplicant_state_txt(wpa_s->wpa_state), |
949 | 0 | wpa_supplicant_state_txt(state)); |
950 | |
|
951 | 0 | if (state == WPA_COMPLETED && |
952 | 0 | os_reltime_initialized(&wpa_s->roam_start)) { |
953 | 0 | os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time); |
954 | 0 | wpa_s->roam_start.sec = 0; |
955 | 0 | wpa_s->roam_start.usec = 0; |
956 | 0 | wpas_notify_auth_changed(wpa_s); |
957 | 0 | wpas_notify_roam_time(wpa_s); |
958 | 0 | wpas_notify_roam_complete(wpa_s); |
959 | 0 | } else if (state == WPA_DISCONNECTED && |
960 | 0 | os_reltime_initialized(&wpa_s->roam_start)) { |
961 | 0 | wpa_s->roam_start.sec = 0; |
962 | 0 | wpa_s->roam_start.usec = 0; |
963 | 0 | wpa_s->roam_time.sec = 0; |
964 | 0 | wpa_s->roam_time.usec = 0; |
965 | 0 | wpas_notify_roam_complete(wpa_s); |
966 | 0 | } |
967 | |
|
968 | 0 | if (state == WPA_INTERFACE_DISABLED) { |
969 | | /* Assure normal scan when interface is restored */ |
970 | 0 | wpa_s->normal_scans = 0; |
971 | 0 | } |
972 | |
|
973 | 0 | if (state == WPA_COMPLETED) { |
974 | 0 | wpas_connect_work_done(wpa_s); |
975 | | /* Reinitialize normal_scan counter */ |
976 | 0 | wpa_s->normal_scans = 0; |
977 | 0 | } |
978 | |
|
979 | | #ifdef CONFIG_P2P |
980 | | /* |
981 | | * P2PS client has to reply to Probe Request frames received on the |
982 | | * group operating channel. Enable Probe Request frame reporting for |
983 | | * P2P connected client in case p2p_cli_probe configuration property is |
984 | | * set to 1. |
985 | | */ |
986 | | if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid && |
987 | | wpa_s->current_ssid->mode == WPAS_MODE_INFRA && |
988 | | wpa_s->current_ssid->p2p_group) { |
989 | | if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) { |
990 | | wpa_dbg(wpa_s, MSG_DEBUG, |
991 | | "P2P: Enable CLI Probe Request RX reporting"); |
992 | | wpa_s->p2p_cli_probe = |
993 | | wpa_drv_probe_req_report(wpa_s, 1) >= 0; |
994 | | } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) { |
995 | | wpa_dbg(wpa_s, MSG_DEBUG, |
996 | | "P2P: Disable CLI Probe Request RX reporting"); |
997 | | wpa_s->p2p_cli_probe = 0; |
998 | | wpa_drv_probe_req_report(wpa_s, 0); |
999 | | } |
1000 | | } |
1001 | | #endif /* CONFIG_P2P */ |
1002 | |
|
1003 | 0 | if (state != WPA_SCANNING) |
1004 | 0 | wpa_supplicant_notify_scanning(wpa_s, 0); |
1005 | |
|
1006 | 0 | if (state == WPA_COMPLETED && wpa_s->new_connection) { |
1007 | 0 | struct wpa_ssid *ssid = wpa_s->current_ssid; |
1008 | 0 | int fils_hlp_sent = 0; |
1009 | 0 | char mld_addr[50]; |
1010 | |
|
1011 | 0 | mld_addr[0] = '\0'; |
1012 | 0 | if (wpa_s->valid_links) |
1013 | 0 | os_snprintf(mld_addr, sizeof(mld_addr), |
1014 | 0 | " ap_mld_addr=" MACSTR, |
1015 | 0 | MAC2STR(wpa_s->ap_mld_addr)); |
1016 | |
|
1017 | | #ifdef CONFIG_SME |
1018 | | if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && |
1019 | | wpa_auth_alg_fils(wpa_s->sme.auth_alg)) |
1020 | | fils_hlp_sent = 1; |
1021 | | #endif /* CONFIG_SME */ |
1022 | 0 | if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && |
1023 | 0 | wpa_auth_alg_fils(wpa_s->auth_alg)) |
1024 | 0 | fils_hlp_sent = 1; |
1025 | |
|
1026 | 0 | #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) |
1027 | 0 | wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " |
1028 | 0 | MACSTR " completed [id=%d id_str=%s%s]%s", |
1029 | 0 | MAC2STR(wpa_s->bssid), |
1030 | 0 | ssid ? ssid->id : -1, |
1031 | 0 | ssid && ssid->id_str ? ssid->id_str : "", |
1032 | 0 | fils_hlp_sent ? " FILS_HLP_SENT" : "", mld_addr); |
1033 | 0 | #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ |
1034 | 0 | wpas_clear_temp_disabled(wpa_s, ssid, 1); |
1035 | 0 | wpa_s->consecutive_conn_failures = 0; |
1036 | 0 | wpa_s->new_connection = 0; |
1037 | 0 | wpa_drv_set_operstate(wpa_s, 1); |
1038 | | #ifndef IEEE8021X_EAPOL |
1039 | | wpa_drv_set_supp_port(wpa_s, 1); |
1040 | | #endif /* IEEE8021X_EAPOL */ |
1041 | 0 | wpa_s->after_wps = 0; |
1042 | 0 | wpa_s->known_wps_freq = 0; |
1043 | 0 | wpas_p2p_completed(wpa_s); |
1044 | |
|
1045 | 0 | sme_sched_obss_scan(wpa_s, 1); |
1046 | |
|
1047 | | #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) |
1048 | | if (!fils_hlp_sent && ssid && ssid->eap.erp) |
1049 | | update_fils_connect_params = true; |
1050 | | #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ |
1051 | | #ifdef CONFIG_OWE |
1052 | | if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE)) |
1053 | | wpas_update_owe_connect_params(wpa_s); |
1054 | | #endif /* CONFIG_OWE */ |
1055 | 0 | } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || |
1056 | 0 | state == WPA_ASSOCIATED) { |
1057 | 0 | wpa_s->new_connection = 1; |
1058 | 0 | wpa_drv_set_operstate(wpa_s, 0); |
1059 | | #ifndef IEEE8021X_EAPOL |
1060 | | wpa_drv_set_supp_port(wpa_s, 0); |
1061 | | #endif /* IEEE8021X_EAPOL */ |
1062 | 0 | sme_sched_obss_scan(wpa_s, 0); |
1063 | 0 | } |
1064 | 0 | wpa_s->wpa_state = state; |
1065 | |
|
1066 | | #ifdef CONFIG_BGSCAN |
1067 | | if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid) |
1068 | | wpa_supplicant_reset_bgscan(wpa_s); |
1069 | | else if (state < WPA_ASSOCIATED) |
1070 | | wpa_supplicant_stop_bgscan(wpa_s); |
1071 | | #endif /* CONFIG_BGSCAN */ |
1072 | |
|
1073 | 0 | if (state > WPA_SCANNING) |
1074 | 0 | wpa_supplicant_stop_autoscan(wpa_s); |
1075 | |
|
1076 | 0 | if (state == WPA_DISCONNECTED || state == WPA_INACTIVE) |
1077 | 0 | wpa_supplicant_start_autoscan(wpa_s); |
1078 | |
|
1079 | 0 | #ifndef CONFIG_NO_WMM_AC |
1080 | 0 | if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED) |
1081 | 0 | wmm_ac_notify_disassoc(wpa_s); |
1082 | 0 | #endif /* CONFIG_NO_WMM_AC */ |
1083 | |
|
1084 | 0 | if (wpa_s->wpa_state != old_state) { |
1085 | 0 | wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); |
1086 | | |
1087 | | /* |
1088 | | * Notify the P2P Device interface about a state change in one |
1089 | | * of the interfaces. |
1090 | | */ |
1091 | 0 | wpas_p2p_indicate_state_change(wpa_s); |
1092 | |
|
1093 | 0 | if (wpa_s->wpa_state == WPA_COMPLETED || |
1094 | 0 | old_state == WPA_COMPLETED) |
1095 | 0 | wpas_notify_auth_changed(wpa_s); |
1096 | | #ifdef CONFIG_DPP2 |
1097 | | if (wpa_s->wpa_state == WPA_COMPLETED) |
1098 | | wpas_dpp_connected(wpa_s); |
1099 | | #endif /* CONFIG_DPP2 */ |
1100 | 0 | } |
1101 | | #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) |
1102 | | if (update_fils_connect_params) |
1103 | | wpas_update_fils_connect_params(wpa_s); |
1104 | | #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ |
1105 | 0 | } |
1106 | | |
1107 | | |
1108 | | void wpa_supplicant_terminate_proc(struct wpa_global *global) |
1109 | 0 | { |
1110 | 0 | int pending = 0; |
1111 | | #ifdef CONFIG_WPS |
1112 | | struct wpa_supplicant *wpa_s = global->ifaces; |
1113 | | while (wpa_s) { |
1114 | | struct wpa_supplicant *next = wpa_s->next; |
1115 | | if (wpas_wps_terminate_pending(wpa_s) == 1) |
1116 | | pending = 1; |
1117 | | #ifdef CONFIG_P2P |
1118 | | if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE || |
1119 | | (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group)) |
1120 | | wpas_p2p_disconnect(wpa_s); |
1121 | | #endif /* CONFIG_P2P */ |
1122 | | wpa_s = next; |
1123 | | } |
1124 | | #endif /* CONFIG_WPS */ |
1125 | 0 | if (pending) |
1126 | 0 | return; |
1127 | 0 | eloop_terminate(); |
1128 | 0 | } |
1129 | | |
1130 | | |
1131 | | static void wpa_supplicant_terminate(int sig, void *signal_ctx) |
1132 | 0 | { |
1133 | 0 | struct wpa_global *global = signal_ctx; |
1134 | 0 | wpa_supplicant_terminate_proc(global); |
1135 | 0 | } |
1136 | | |
1137 | | |
1138 | | void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) |
1139 | 0 | { |
1140 | 0 | enum wpa_states old_state = wpa_s->wpa_state; |
1141 | 0 | enum wpa_states new_state; |
1142 | |
|
1143 | 0 | if (old_state == WPA_SCANNING) |
1144 | 0 | new_state = WPA_SCANNING; |
1145 | 0 | else |
1146 | 0 | new_state = WPA_DISCONNECTED; |
1147 | |
|
1148 | 0 | wpa_s->pairwise_cipher = 0; |
1149 | 0 | wpa_s->group_cipher = 0; |
1150 | 0 | wpa_s->mgmt_group_cipher = 0; |
1151 | 0 | wpa_s->key_mgmt = 0; |
1152 | 0 | wpa_s->allowed_key_mgmts = 0; |
1153 | 0 | if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) |
1154 | 0 | wpa_supplicant_set_state(wpa_s, new_state); |
1155 | |
|
1156 | 0 | if (wpa_s->wpa_state != old_state) |
1157 | 0 | wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); |
1158 | 0 | } |
1159 | | |
1160 | | |
1161 | | /** |
1162 | | * wpa_supplicant_reload_configuration - Reload configuration data |
1163 | | * @wpa_s: Pointer to wpa_supplicant data |
1164 | | * Returns: 0 on success or -1 if configuration parsing failed |
1165 | | * |
1166 | | * This function can be used to request that the configuration data is reloaded |
1167 | | * (e.g., after configuration file change). This function is reloading |
1168 | | * configuration only for one interface, so this may need to be called multiple |
1169 | | * times if %wpa_supplicant is controlling multiple interfaces and all |
1170 | | * interfaces need reconfiguration. |
1171 | | */ |
1172 | | int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) |
1173 | 0 | { |
1174 | 0 | struct wpa_config *conf; |
1175 | 0 | int reconf_ctrl; |
1176 | 0 | int old_ap_scan; |
1177 | |
|
1178 | 0 | if (wpa_s->confname == NULL) |
1179 | 0 | return -1; |
1180 | 0 | conf = wpa_config_read(wpa_s->confname, NULL, false); |
1181 | 0 | if (conf == NULL) { |
1182 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " |
1183 | 0 | "file '%s' - exiting", wpa_s->confname); |
1184 | 0 | return -1; |
1185 | 0 | } |
1186 | 0 | if (wpa_s->confanother && |
1187 | 0 | !wpa_config_read(wpa_s->confanother, conf, true)) { |
1188 | 0 | wpa_msg(wpa_s, MSG_ERROR, |
1189 | 0 | "Failed to parse the configuration file '%s' - exiting", |
1190 | 0 | wpa_s->confanother); |
1191 | 0 | return -1; |
1192 | 0 | } |
1193 | | |
1194 | 0 | conf->changed_parameters = (unsigned int) -1; |
1195 | |
|
1196 | 0 | reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface |
1197 | 0 | || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && |
1198 | 0 | os_strcmp(conf->ctrl_interface, |
1199 | 0 | wpa_s->conf->ctrl_interface) != 0); |
1200 | |
|
1201 | 0 | if (reconf_ctrl) { |
1202 | 0 | wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface); |
1203 | 0 | wpa_s->ctrl_iface = NULL; |
1204 | 0 | } |
1205 | |
|
1206 | 0 | eapol_sm_invalidate_cached_session(wpa_s->eapol); |
1207 | 0 | if (wpa_s->current_ssid) { |
1208 | 0 | if (wpa_s->wpa_state >= WPA_AUTHENTICATING) |
1209 | 0 | wpa_s->own_disconnect_req = 1; |
1210 | 0 | wpa_supplicant_deauthenticate(wpa_s, |
1211 | 0 | WLAN_REASON_DEAUTH_LEAVING); |
1212 | 0 | } |
1213 | | |
1214 | | /* |
1215 | | * TODO: should notify EAPOL SM about changes in opensc_engine_path, |
1216 | | * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers. |
1217 | | */ |
1218 | 0 | if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || |
1219 | 0 | wpa_s->key_mgmt == WPA_KEY_MGMT_OWE || |
1220 | 0 | wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { |
1221 | | /* |
1222 | | * Clear forced success to clear EAP state for next |
1223 | | * authentication. |
1224 | | */ |
1225 | 0 | eapol_sm_notify_eap_success(wpa_s->eapol, false); |
1226 | 0 | } |
1227 | 0 | eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); |
1228 | 0 | wpa_sm_set_config(wpa_s->wpa, NULL); |
1229 | 0 | wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); |
1230 | 0 | wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); |
1231 | 0 | rsn_preauth_deinit(wpa_s->wpa); |
1232 | |
|
1233 | 0 | old_ap_scan = wpa_s->conf->ap_scan; |
1234 | 0 | wpa_config_free(wpa_s->conf); |
1235 | 0 | wpa_s->conf = conf; |
1236 | 0 | if (old_ap_scan != wpa_s->conf->ap_scan) |
1237 | 0 | wpas_notify_ap_scan_changed(wpa_s); |
1238 | |
|
1239 | 0 | if (reconf_ctrl) |
1240 | 0 | wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); |
1241 | |
|
1242 | 0 | wpa_supplicant_update_config(wpa_s); |
1243 | |
|
1244 | 0 | wpa_supplicant_clear_status(wpa_s); |
1245 | 0 | if (wpa_supplicant_enabled_networks(wpa_s)) { |
1246 | 0 | wpa_s->reassociate = 1; |
1247 | 0 | wpa_supplicant_req_scan(wpa_s, 0, 0); |
1248 | 0 | } |
1249 | 0 | wpa_bssid_ignore_clear(wpa_s); |
1250 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); |
1251 | 0 | return 0; |
1252 | 0 | } |
1253 | | |
1254 | | |
1255 | | static void wpa_supplicant_reconfig(int sig, void *signal_ctx) |
1256 | 0 | { |
1257 | 0 | struct wpa_global *global = signal_ctx; |
1258 | 0 | struct wpa_supplicant *wpa_s; |
1259 | 0 | for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { |
1260 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", |
1261 | 0 | sig); |
1262 | 0 | if (wpa_supplicant_reload_configuration(wpa_s) < 0) { |
1263 | 0 | wpa_supplicant_terminate_proc(global); |
1264 | 0 | } |
1265 | 0 | } |
1266 | |
|
1267 | 0 | if (wpa_debug_reopen_file() < 0) { |
1268 | | /* Ignore errors since we cannot really do much to fix this */ |
1269 | 0 | wpa_printf(MSG_DEBUG, "Could not reopen debug log file"); |
1270 | 0 | } |
1271 | 0 | } |
1272 | | |
1273 | | |
1274 | | static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, |
1275 | | struct wpa_ssid *ssid, |
1276 | | struct wpa_ie_data *ie) |
1277 | 0 | { |
1278 | 0 | int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); |
1279 | 0 | if (ret) { |
1280 | 0 | if (ret == -2) { |
1281 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " |
1282 | 0 | "from association info"); |
1283 | 0 | } |
1284 | 0 | return -1; |
1285 | 0 | } |
1286 | | |
1287 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " |
1288 | 0 | "cipher suites"); |
1289 | 0 | if (!(ie->group_cipher & ssid->group_cipher)) { |
1290 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " |
1291 | 0 | "cipher 0x%x (mask 0x%x) - reject", |
1292 | 0 | ie->group_cipher, ssid->group_cipher); |
1293 | 0 | return -1; |
1294 | 0 | } |
1295 | 0 | if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { |
1296 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " |
1297 | 0 | "cipher 0x%x (mask 0x%x) - reject", |
1298 | 0 | ie->pairwise_cipher, ssid->pairwise_cipher); |
1299 | 0 | return -1; |
1300 | 0 | } |
1301 | 0 | if (!(ie->key_mgmt & ssid->key_mgmt)) { |
1302 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " |
1303 | 0 | "management 0x%x (mask 0x%x) - reject", |
1304 | 0 | ie->key_mgmt, ssid->key_mgmt); |
1305 | 0 | return -1; |
1306 | 0 | } |
1307 | | |
1308 | 0 | if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && |
1309 | 0 | wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { |
1310 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " |
1311 | 0 | "that does not support management frame protection - " |
1312 | 0 | "reject"); |
1313 | 0 | return -1; |
1314 | 0 | } |
1315 | | |
1316 | 0 | return 0; |
1317 | 0 | } |
1318 | | |
1319 | | |
1320 | | static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie, |
1321 | | int freq) |
1322 | 0 | { |
1323 | 0 | if (!ie->has_group) |
1324 | 0 | ie->group_cipher = wpa_default_rsn_cipher(freq); |
1325 | 0 | if (!ie->has_pairwise) |
1326 | 0 | ie->pairwise_cipher = wpa_default_rsn_cipher(freq); |
1327 | 0 | return (ie->group_cipher & ssid->group_cipher) && |
1328 | 0 | (ie->pairwise_cipher & ssid->pairwise_cipher); |
1329 | 0 | } |
1330 | | |
1331 | | |
1332 | | void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s, |
1333 | | struct wpa_ssid *ssid, struct wpa_ie_data *ie) |
1334 | 0 | { |
1335 | 0 | int sel; |
1336 | |
|
1337 | 0 | sel = ie->mgmt_group_cipher; |
1338 | 0 | if (ssid->group_mgmt_cipher) |
1339 | 0 | sel &= ssid->group_mgmt_cipher; |
1340 | 0 | if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION || |
1341 | 0 | !(ie->capabilities & WPA_CAPABILITY_MFPC)) |
1342 | 0 | sel = 0; |
1343 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1344 | 0 | "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x", |
1345 | 0 | ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel); |
1346 | 0 | if (sel & WPA_CIPHER_AES_128_CMAC) { |
1347 | 0 | wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; |
1348 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1349 | 0 | "WPA: using MGMT group cipher AES-128-CMAC"); |
1350 | 0 | } else if (sel & WPA_CIPHER_BIP_GMAC_128) { |
1351 | 0 | wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128; |
1352 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1353 | 0 | "WPA: using MGMT group cipher BIP-GMAC-128"); |
1354 | 0 | } else if (sel & WPA_CIPHER_BIP_GMAC_256) { |
1355 | 0 | wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256; |
1356 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1357 | 0 | "WPA: using MGMT group cipher BIP-GMAC-256"); |
1358 | 0 | } else if (sel & WPA_CIPHER_BIP_CMAC_256) { |
1359 | 0 | wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256; |
1360 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1361 | 0 | "WPA: using MGMT group cipher BIP-CMAC-256"); |
1362 | 0 | } else { |
1363 | 0 | wpa_s->mgmt_group_cipher = 0; |
1364 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); |
1365 | 0 | } |
1366 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, |
1367 | 0 | wpa_s->mgmt_group_cipher); |
1368 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, |
1369 | 0 | wpas_get_ssid_pmf(wpa_s, ssid)); |
1370 | 0 | } |
1371 | | |
1372 | | /** |
1373 | | * wpa_supplicant_get_psk - Get PSK from config or external database |
1374 | | * @wpa_s: Pointer to wpa_supplicant data |
1375 | | * @bss: Scan results for the selected BSS, or %NULL if not available |
1376 | | * @ssid: Configuration data for the selected network |
1377 | | * @psk: Buffer for the PSK |
1378 | | * Returns: 0 on success or -1 if configuration parsing failed |
1379 | | * |
1380 | | * This function obtains the PSK for a network, either included inline in the |
1381 | | * config or retrieved from an external database. |
1382 | | */ |
1383 | | static int wpa_supplicant_get_psk(struct wpa_supplicant *wpa_s, |
1384 | | struct wpa_bss *bss, struct wpa_ssid *ssid, |
1385 | | u8 *psk) |
1386 | 0 | { |
1387 | 0 | if (ssid->psk_set) { |
1388 | 0 | wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)", |
1389 | 0 | ssid->psk, PMK_LEN); |
1390 | 0 | os_memcpy(psk, ssid->psk, PMK_LEN); |
1391 | 0 | return 0; |
1392 | 0 | } |
1393 | | |
1394 | 0 | #ifndef CONFIG_NO_PBKDF2 |
1395 | 0 | if (bss && ssid->bssid_set && ssid->ssid_len == 0 && ssid->passphrase) { |
1396 | 0 | if (pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, |
1397 | 0 | 4096, psk, PMK_LEN) != 0) { |
1398 | 0 | wpa_msg(wpa_s, MSG_WARNING, "Error in pbkdf2_sha1()"); |
1399 | 0 | return -1; |
1400 | 0 | } |
1401 | 0 | wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", |
1402 | 0 | psk, PMK_LEN); |
1403 | 0 | return 0; |
1404 | 0 | } |
1405 | 0 | #endif /* CONFIG_NO_PBKDF2 */ |
1406 | | |
1407 | | #ifdef CONFIG_EXT_PASSWORD |
1408 | | if (ssid->ext_psk) { |
1409 | | struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, |
1410 | | ssid->ext_psk); |
1411 | | char pw_str[64 + 1]; |
1412 | | |
1413 | | if (!pw) { |
1414 | | wpa_msg(wpa_s, MSG_INFO, |
1415 | | "EXT PW: No PSK found from external storage"); |
1416 | | return -1; |
1417 | | } |
1418 | | |
1419 | | if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) { |
1420 | | wpa_msg(wpa_s, MSG_INFO, |
1421 | | "EXT PW: Unexpected PSK length %d in external storage", |
1422 | | (int) wpabuf_len(pw)); |
1423 | | ext_password_free(pw); |
1424 | | return -1; |
1425 | | } |
1426 | | |
1427 | | os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw)); |
1428 | | pw_str[wpabuf_len(pw)] = '\0'; |
1429 | | |
1430 | | #ifndef CONFIG_NO_PBKDF2 |
1431 | | if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss) |
1432 | | { |
1433 | | if (pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len, |
1434 | | 4096, psk, PMK_LEN) != 0) { |
1435 | | wpa_msg(wpa_s, MSG_WARNING, |
1436 | | "Error in pbkdf2_sha1()"); |
1437 | | forced_memzero(pw_str, sizeof(pw_str)); |
1438 | | ext_password_free(pw); |
1439 | | return -1; |
1440 | | } |
1441 | | wpa_hexdump_key(MSG_MSGDUMP, |
1442 | | "PSK (from external passphrase)", |
1443 | | psk, PMK_LEN); |
1444 | | } else |
1445 | | #endif /* CONFIG_NO_PBKDF2 */ |
1446 | | if (wpabuf_len(pw) == 2 * PMK_LEN) { |
1447 | | if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) { |
1448 | | wpa_msg(wpa_s, MSG_INFO, |
1449 | | "EXT PW: Invalid PSK hex string"); |
1450 | | forced_memzero(pw_str, sizeof(pw_str)); |
1451 | | ext_password_free(pw); |
1452 | | return -1; |
1453 | | } |
1454 | | wpa_hexdump_key(MSG_MSGDUMP, "PSK (from external PSK)", |
1455 | | psk, PMK_LEN); |
1456 | | } else { |
1457 | | wpa_msg(wpa_s, MSG_INFO, |
1458 | | "EXT PW: No suitable PSK available"); |
1459 | | forced_memzero(pw_str, sizeof(pw_str)); |
1460 | | ext_password_free(pw); |
1461 | | return -1; |
1462 | | } |
1463 | | |
1464 | | forced_memzero(pw_str, sizeof(pw_str)); |
1465 | | ext_password_free(pw); |
1466 | | |
1467 | | return 0; |
1468 | | } |
1469 | | #endif /* CONFIG_EXT_PASSWORD */ |
1470 | | |
1471 | 0 | return -1; |
1472 | 0 | } |
1473 | | |
1474 | | |
1475 | | static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s, |
1476 | | struct wpa_ssid *ssid) |
1477 | 0 | { |
1478 | 0 | int akm_count = wpa_s->max_num_akms; |
1479 | 0 | u8 capab = 0; |
1480 | |
|
1481 | 0 | if (akm_count < 2) |
1482 | 0 | return; |
1483 | | |
1484 | 0 | akm_count--; |
1485 | 0 | wpa_s->allowed_key_mgmts = 0; |
1486 | 0 | switch (wpa_s->key_mgmt) { |
1487 | 0 | case WPA_KEY_MGMT_PSK: |
1488 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) { |
1489 | 0 | akm_count--; |
1490 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE; |
1491 | 0 | } |
1492 | 0 | if (!akm_count) |
1493 | 0 | break; |
1494 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) { |
1495 | 0 | akm_count--; |
1496 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY; |
1497 | 0 | } |
1498 | 0 | if (!akm_count) |
1499 | 0 | break; |
1500 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) |
1501 | 0 | wpa_s->allowed_key_mgmts |= |
1502 | 0 | WPA_KEY_MGMT_PSK_SHA256; |
1503 | 0 | break; |
1504 | 0 | case WPA_KEY_MGMT_PSK_SHA256: |
1505 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) { |
1506 | 0 | akm_count--; |
1507 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE; |
1508 | 0 | } |
1509 | 0 | if (!akm_count) |
1510 | 0 | break; |
1511 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) { |
1512 | 0 | akm_count--; |
1513 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY; |
1514 | 0 | } |
1515 | 0 | if (!akm_count) |
1516 | 0 | break; |
1517 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) |
1518 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK; |
1519 | 0 | break; |
1520 | 0 | case WPA_KEY_MGMT_SAE: |
1521 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) { |
1522 | 0 | akm_count--; |
1523 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK; |
1524 | 0 | } |
1525 | 0 | if (!akm_count) |
1526 | 0 | break; |
1527 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) { |
1528 | 0 | akm_count--; |
1529 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY; |
1530 | 0 | } |
1531 | 0 | if (!akm_count) |
1532 | 0 | break; |
1533 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) |
1534 | 0 | wpa_s->allowed_key_mgmts |= |
1535 | 0 | WPA_KEY_MGMT_PSK_SHA256; |
1536 | 0 | break; |
1537 | 0 | case WPA_KEY_MGMT_SAE_EXT_KEY: |
1538 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) { |
1539 | 0 | akm_count--; |
1540 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE; |
1541 | 0 | } |
1542 | 0 | if (!akm_count) |
1543 | 0 | break; |
1544 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) { |
1545 | 0 | akm_count--; |
1546 | 0 | wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK; |
1547 | 0 | } |
1548 | 0 | if (!akm_count) |
1549 | 0 | break; |
1550 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) |
1551 | 0 | wpa_s->allowed_key_mgmts |= |
1552 | 0 | WPA_KEY_MGMT_PSK_SHA256; |
1553 | 0 | break; |
1554 | 0 | default: |
1555 | 0 | return; |
1556 | 0 | } |
1557 | | |
1558 | 0 | if (wpa_s->conf->sae_pwe != SAE_PWE_HUNT_AND_PECK && |
1559 | 0 | wpa_s->conf->sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK) |
1560 | 0 | capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E); |
1561 | | #ifdef CONFIG_SAE_PK |
1562 | | if (ssid->sae_pk) |
1563 | | capab |= BIT(WLAN_RSNX_CAPAB_SAE_PK); |
1564 | | #endif /* CONFIG_SAE_PK */ |
1565 | |
|
1566 | 0 | if (!((wpa_s->allowed_key_mgmts & |
1567 | 0 | (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY)) && capab)) |
1568 | 0 | return; |
1569 | | |
1570 | 0 | if (!wpa_s->rsnxe_len) { |
1571 | 0 | wpa_s->rsnxe_len = 3; |
1572 | 0 | wpa_s->rsnxe[0] = WLAN_EID_RSNX; |
1573 | 0 | wpa_s->rsnxe[1] = 1; |
1574 | 0 | wpa_s->rsnxe[2] = 0; |
1575 | 0 | } |
1576 | |
|
1577 | 0 | wpa_s->rsnxe[2] |= capab; |
1578 | 0 | } |
1579 | | |
1580 | | |
1581 | | /** |
1582 | | * wpa_supplicant_set_suites - Set authentication and encryption parameters |
1583 | | * @wpa_s: Pointer to wpa_supplicant data |
1584 | | * @bss: Scan results for the selected BSS, or %NULL if not available |
1585 | | * @ssid: Configuration data for the selected network |
1586 | | * @wpa_ie: Buffer for the WPA/RSN IE |
1587 | | * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the |
1588 | | * used buffer length in case the functions returns success. |
1589 | | * @skip_default_rsne: Whether to skip setting of the default RSNE/RSNXE |
1590 | | * Returns: 0 on success or -1 on failure |
1591 | | * |
1592 | | * This function is used to configure authentication and encryption parameters |
1593 | | * based on the network configuration and scan result for the selected BSS (if |
1594 | | * available). |
1595 | | */ |
1596 | | int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, |
1597 | | struct wpa_bss *bss, struct wpa_ssid *ssid, |
1598 | | u8 *wpa_ie, size_t *wpa_ie_len, |
1599 | | bool skip_default_rsne) |
1600 | 0 | { |
1601 | 0 | struct wpa_ie_data ie; |
1602 | 0 | int sel, proto; |
1603 | 0 | enum sae_pwe sae_pwe; |
1604 | 0 | const u8 *bss_wpa, *bss_rsn, *bss_rsnx, *bss_osen; |
1605 | 0 | bool wmm; |
1606 | |
|
1607 | 0 | if (bss) { |
1608 | 0 | bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); |
1609 | 0 | bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); |
1610 | 0 | bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX); |
1611 | 0 | bss_osen = wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE); |
1612 | 0 | } else { |
1613 | 0 | bss_wpa = bss_rsn = bss_rsnx = bss_osen = NULL; |
1614 | 0 | } |
1615 | |
|
1616 | 0 | if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && |
1617 | 0 | wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && |
1618 | 0 | matching_ciphers(ssid, &ie, bss->freq) && |
1619 | 0 | (ie.key_mgmt & ssid->key_mgmt)) { |
1620 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); |
1621 | 0 | proto = WPA_PROTO_RSN; |
1622 | 0 | } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && |
1623 | 0 | wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 && |
1624 | 0 | (ie.group_cipher & ssid->group_cipher) && |
1625 | 0 | (ie.pairwise_cipher & ssid->pairwise_cipher) && |
1626 | 0 | (ie.key_mgmt & ssid->key_mgmt)) { |
1627 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); |
1628 | 0 | proto = WPA_PROTO_WPA; |
1629 | 0 | #ifdef CONFIG_HS20 |
1630 | 0 | } else if (bss_osen && (ssid->proto & WPA_PROTO_OSEN) && |
1631 | 0 | wpa_parse_wpa_ie(bss_osen, 2 + bss_osen[1], &ie) == 0 && |
1632 | 0 | (ie.group_cipher & ssid->group_cipher) && |
1633 | 0 | (ie.pairwise_cipher & ssid->pairwise_cipher) && |
1634 | 0 | (ie.key_mgmt & ssid->key_mgmt)) { |
1635 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using OSEN"); |
1636 | 0 | proto = WPA_PROTO_OSEN; |
1637 | 0 | } else if (bss_rsn && (ssid->proto & WPA_PROTO_OSEN) && |
1638 | 0 | wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && |
1639 | 0 | (ie.group_cipher & ssid->group_cipher) && |
1640 | 0 | (ie.pairwise_cipher & ssid->pairwise_cipher) && |
1641 | 0 | (ie.key_mgmt & ssid->key_mgmt)) { |
1642 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using OSEN (within RSN)"); |
1643 | 0 | proto = WPA_PROTO_RSN; |
1644 | 0 | #endif /* CONFIG_HS20 */ |
1645 | 0 | } else if (bss) { |
1646 | 0 | wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); |
1647 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1648 | 0 | "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", |
1649 | 0 | ssid->proto, ssid->pairwise_cipher, ssid->group_cipher, |
1650 | 0 | ssid->key_mgmt); |
1651 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s%s", |
1652 | 0 | MAC2STR(bss->bssid), |
1653 | 0 | wpa_ssid_txt(bss->ssid, bss->ssid_len), |
1654 | 0 | bss_wpa ? " WPA" : "", |
1655 | 0 | bss_rsn ? " RSN" : "", |
1656 | 0 | bss_osen ? " OSEN" : ""); |
1657 | 0 | if (bss_rsn) { |
1658 | 0 | wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]); |
1659 | 0 | if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) { |
1660 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1661 | 0 | "Could not parse RSN element"); |
1662 | 0 | } else { |
1663 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1664 | 0 | "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", |
1665 | 0 | ie.pairwise_cipher, ie.group_cipher, |
1666 | 0 | ie.key_mgmt); |
1667 | 0 | } |
1668 | 0 | } |
1669 | 0 | if (bss_wpa) { |
1670 | 0 | wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]); |
1671 | 0 | if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) { |
1672 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1673 | 0 | "Could not parse WPA element"); |
1674 | 0 | } else { |
1675 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1676 | 0 | "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", |
1677 | 0 | ie.pairwise_cipher, ie.group_cipher, |
1678 | 0 | ie.key_mgmt); |
1679 | 0 | } |
1680 | 0 | } |
1681 | 0 | return -1; |
1682 | 0 | } else { |
1683 | 0 | if (ssid->proto & WPA_PROTO_OSEN) |
1684 | 0 | proto = WPA_PROTO_OSEN; |
1685 | 0 | else if (ssid->proto & WPA_PROTO_RSN) |
1686 | 0 | proto = WPA_PROTO_RSN; |
1687 | 0 | else |
1688 | 0 | proto = WPA_PROTO_WPA; |
1689 | 0 | if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { |
1690 | 0 | os_memset(&ie, 0, sizeof(ie)); |
1691 | 0 | ie.group_cipher = ssid->group_cipher; |
1692 | 0 | ie.pairwise_cipher = ssid->pairwise_cipher; |
1693 | 0 | ie.key_mgmt = ssid->key_mgmt; |
1694 | 0 | ie.mgmt_group_cipher = 0; |
1695 | 0 | if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) { |
1696 | 0 | if (ssid->group_mgmt_cipher & |
1697 | 0 | WPA_CIPHER_BIP_GMAC_256) |
1698 | 0 | ie.mgmt_group_cipher = |
1699 | 0 | WPA_CIPHER_BIP_GMAC_256; |
1700 | 0 | else if (ssid->group_mgmt_cipher & |
1701 | 0 | WPA_CIPHER_BIP_CMAC_256) |
1702 | 0 | ie.mgmt_group_cipher = |
1703 | 0 | WPA_CIPHER_BIP_CMAC_256; |
1704 | 0 | else if (ssid->group_mgmt_cipher & |
1705 | 0 | WPA_CIPHER_BIP_GMAC_128) |
1706 | 0 | ie.mgmt_group_cipher = |
1707 | 0 | WPA_CIPHER_BIP_GMAC_128; |
1708 | 0 | else |
1709 | 0 | ie.mgmt_group_cipher = |
1710 | 0 | WPA_CIPHER_AES_128_CMAC; |
1711 | 0 | } |
1712 | | #ifdef CONFIG_OWE |
1713 | | if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && |
1714 | | !ssid->owe_only && |
1715 | | !bss_wpa && !bss_rsn && !bss_osen) { |
1716 | | wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); |
1717 | | wpa_s->wpa_proto = 0; |
1718 | | *wpa_ie_len = 0; |
1719 | | return 0; |
1720 | | } |
1721 | | #endif /* CONFIG_OWE */ |
1722 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " |
1723 | 0 | "based on configuration"); |
1724 | 0 | } else |
1725 | 0 | proto = ie.proto; |
1726 | 0 | } |
1727 | | |
1728 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " |
1729 | 0 | "pairwise %d key_mgmt %d proto %d", |
1730 | 0 | ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); |
1731 | 0 | if (ssid->ieee80211w) { |
1732 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", |
1733 | 0 | ie.mgmt_group_cipher); |
1734 | 0 | } |
1735 | |
|
1736 | 0 | wpa_s->wpa_proto = proto; |
1737 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); |
1738 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, |
1739 | 0 | !!(ssid->proto & (WPA_PROTO_RSN | WPA_PROTO_OSEN))); |
1740 | |
|
1741 | 0 | if (bss || !wpa_s->ap_ies_from_associnfo) { |
1742 | 0 | if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, |
1743 | 0 | bss_wpa ? 2 + bss_wpa[1] : 0) || |
1744 | 0 | wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, |
1745 | 0 | bss_rsn ? 2 + bss_rsn[1] : 0) || |
1746 | 0 | wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx, |
1747 | 0 | bss_rsnx ? 2 + bss_rsnx[1] : 0)) |
1748 | 0 | return -1; |
1749 | 0 | } |
1750 | | |
1751 | | #ifdef CONFIG_NO_WPA |
1752 | | wpa_s->group_cipher = WPA_CIPHER_NONE; |
1753 | | wpa_s->pairwise_cipher = WPA_CIPHER_NONE; |
1754 | | #else /* CONFIG_NO_WPA */ |
1755 | 0 | sel = ie.group_cipher & ssid->group_cipher; |
1756 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1757 | 0 | "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x", |
1758 | 0 | ie.group_cipher, ssid->group_cipher, sel); |
1759 | 0 | wpa_s->group_cipher = wpa_pick_group_cipher(sel); |
1760 | 0 | if (wpa_s->group_cipher < 0) { |
1761 | 0 | wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " |
1762 | 0 | "cipher"); |
1763 | 0 | return -1; |
1764 | 0 | } |
1765 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s", |
1766 | 0 | wpa_cipher_txt(wpa_s->group_cipher)); |
1767 | |
|
1768 | 0 | sel = ie.pairwise_cipher & ssid->pairwise_cipher; |
1769 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1770 | 0 | "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x", |
1771 | 0 | ie.pairwise_cipher, ssid->pairwise_cipher, sel); |
1772 | 0 | wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1); |
1773 | 0 | if (wpa_s->pairwise_cipher < 0) { |
1774 | 0 | wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " |
1775 | 0 | "cipher"); |
1776 | 0 | return -1; |
1777 | 0 | } |
1778 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s", |
1779 | 0 | wpa_cipher_txt(wpa_s->pairwise_cipher)); |
1780 | 0 | #endif /* CONFIG_NO_WPA */ |
1781 | |
|
1782 | 0 | sel = ie.key_mgmt & ssid->key_mgmt; |
1783 | | #ifdef CONFIG_SAE |
1784 | | if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) && |
1785 | | !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA)) || |
1786 | | wpas_is_sae_avoided(wpa_s, ssid, &ie)) |
1787 | | sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY | |
1788 | | WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY); |
1789 | | #endif /* CONFIG_SAE */ |
1790 | | #ifdef CONFIG_IEEE80211R |
1791 | | if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME | |
1792 | | WPA_DRIVER_FLAGS_UPDATE_FT_IES))) |
1793 | | sel &= ~WPA_KEY_MGMT_FT; |
1794 | | #endif /* CONFIG_IEEE80211R */ |
1795 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1796 | 0 | "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x", |
1797 | 0 | ie.key_mgmt, ssid->key_mgmt, sel); |
1798 | 0 | if (0) { |
1799 | | #ifdef CONFIG_IEEE80211R |
1800 | | #ifdef CONFIG_SHA384 |
1801 | | } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) && |
1802 | | os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) { |
1803 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; |
1804 | | wpa_dbg(wpa_s, MSG_DEBUG, |
1805 | | "WPA: using KEY_MGMT FT/802.1X-SHA384"); |
1806 | | if (!ssid->ft_eap_pmksa_caching && |
1807 | | pmksa_cache_get_current(wpa_s->wpa)) { |
1808 | | /* PMKSA caching with FT may have interoperability |
1809 | | * issues, so disable that case by default for now. */ |
1810 | | wpa_dbg(wpa_s, MSG_DEBUG, |
1811 | | "WPA: Disable PMKSA caching for FT/802.1X connection"); |
1812 | | pmksa_cache_clear_current(wpa_s->wpa); |
1813 | | } |
1814 | | #endif /* CONFIG_SHA384 */ |
1815 | | #endif /* CONFIG_IEEE80211R */ |
1816 | | #ifdef CONFIG_SUITEB192 |
1817 | | } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { |
1818 | | wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; |
1819 | | wpa_dbg(wpa_s, MSG_DEBUG, |
1820 | | "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)"); |
1821 | | #endif /* CONFIG_SUITEB192 */ |
1822 | | #ifdef CONFIG_SUITEB |
1823 | | } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { |
1824 | | wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B; |
1825 | | wpa_dbg(wpa_s, MSG_DEBUG, |
1826 | | "WPA: using KEY_MGMT 802.1X with Suite B"); |
1827 | | #endif /* CONFIG_SUITEB */ |
1828 | | #ifdef CONFIG_SHA384 |
1829 | | } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA384) { |
1830 | | wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA384; |
1831 | | wpa_dbg(wpa_s, MSG_DEBUG, |
1832 | | "WPA: using KEY_MGMT 802.1X with SHA384"); |
1833 | | #endif /* CONFIG_SHA384 */ |
1834 | | #ifdef CONFIG_FILS |
1835 | | #ifdef CONFIG_IEEE80211R |
1836 | | } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) { |
1837 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384; |
1838 | | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384"); |
1839 | | #endif /* CONFIG_IEEE80211R */ |
1840 | | } else if (sel & WPA_KEY_MGMT_FILS_SHA384) { |
1841 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384; |
1842 | | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384"); |
1843 | | #ifdef CONFIG_IEEE80211R |
1844 | | } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) { |
1845 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256; |
1846 | | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256"); |
1847 | | #endif /* CONFIG_IEEE80211R */ |
1848 | | } else if (sel & WPA_KEY_MGMT_FILS_SHA256) { |
1849 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256; |
1850 | | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256"); |
1851 | | #endif /* CONFIG_FILS */ |
1852 | | #ifdef CONFIG_IEEE80211R |
1853 | | } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) && |
1854 | | os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) { |
1855 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; |
1856 | | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); |
1857 | | if (!ssid->ft_eap_pmksa_caching && |
1858 | | pmksa_cache_get_current(wpa_s->wpa)) { |
1859 | | /* PMKSA caching with FT may have interoperability |
1860 | | * issues, so disable that case by default for now. */ |
1861 | | wpa_dbg(wpa_s, MSG_DEBUG, |
1862 | | "WPA: Disable PMKSA caching for FT/802.1X connection"); |
1863 | | pmksa_cache_clear_current(wpa_s->wpa); |
1864 | | } |
1865 | | #endif /* CONFIG_IEEE80211R */ |
1866 | | #ifdef CONFIG_DPP |
1867 | | } else if (sel & WPA_KEY_MGMT_DPP) { |
1868 | | wpa_s->key_mgmt = WPA_KEY_MGMT_DPP; |
1869 | | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP"); |
1870 | | #endif /* CONFIG_DPP */ |
1871 | | #ifdef CONFIG_SAE |
1872 | | } else if (sel & WPA_KEY_MGMT_FT_SAE_EXT_KEY) { |
1873 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY; |
1874 | | wpa_dbg(wpa_s, MSG_DEBUG, |
1875 | | "RSN: using KEY_MGMT FT/SAE (ext key)"); |
1876 | | } else if (sel & WPA_KEY_MGMT_SAE_EXT_KEY) { |
1877 | | wpa_s->key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY; |
1878 | | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE (ext key)"); |
1879 | | } else if (sel & WPA_KEY_MGMT_FT_SAE) { |
1880 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE; |
1881 | | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE"); |
1882 | | } else if (sel & WPA_KEY_MGMT_SAE) { |
1883 | | wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; |
1884 | | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE"); |
1885 | | #endif /* CONFIG_SAE */ |
1886 | | #ifdef CONFIG_IEEE80211R |
1887 | | } else if (sel & WPA_KEY_MGMT_FT_PSK) { |
1888 | | wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; |
1889 | | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); |
1890 | | #endif /* CONFIG_IEEE80211R */ |
1891 | 0 | } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { |
1892 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; |
1893 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1894 | 0 | "WPA: using KEY_MGMT 802.1X with SHA256"); |
1895 | 0 | } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { |
1896 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; |
1897 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1898 | 0 | "WPA: using KEY_MGMT PSK with SHA256"); |
1899 | 0 | } else if (sel & WPA_KEY_MGMT_IEEE8021X) { |
1900 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; |
1901 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); |
1902 | 0 | } else if (sel & WPA_KEY_MGMT_PSK) { |
1903 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; |
1904 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); |
1905 | 0 | } else if (sel & WPA_KEY_MGMT_WPA_NONE) { |
1906 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; |
1907 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); |
1908 | 0 | #ifdef CONFIG_HS20 |
1909 | 0 | } else if (sel & WPA_KEY_MGMT_OSEN) { |
1910 | 0 | wpa_s->key_mgmt = WPA_KEY_MGMT_OSEN; |
1911 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "HS 2.0: using KEY_MGMT OSEN"); |
1912 | 0 | #endif /* CONFIG_HS20 */ |
1913 | | #ifdef CONFIG_OWE |
1914 | | } else if (sel & WPA_KEY_MGMT_OWE) { |
1915 | | wpa_s->key_mgmt = WPA_KEY_MGMT_OWE; |
1916 | | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE"); |
1917 | | #endif /* CONFIG_OWE */ |
1918 | 0 | } else { |
1919 | 0 | wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " |
1920 | 0 | "authenticated key management type"); |
1921 | 0 | return -1; |
1922 | 0 | } |
1923 | | |
1924 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); |
1925 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, |
1926 | 0 | wpa_s->pairwise_cipher); |
1927 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); |
1928 | |
|
1929 | 0 | if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && |
1930 | 0 | (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED || |
1931 | 0 | (bss && is_6ghz_freq(bss->freq)))) { |
1932 | 0 | wpa_msg(wpa_s, MSG_INFO, |
1933 | 0 | "RSN: Management frame protection required but the selected AP does not enable it"); |
1934 | 0 | return -1; |
1935 | 0 | } |
1936 | | |
1937 | 0 | wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie); |
1938 | | #ifdef CONFIG_OCV |
1939 | | if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) || |
1940 | | (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV)) |
1941 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv); |
1942 | | #endif /* CONFIG_OCV */ |
1943 | 0 | sae_pwe = wpa_s->conf->sae_pwe; |
1944 | 0 | if ((ssid->sae_password_id || |
1945 | 0 | wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) && |
1946 | 0 | sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK) |
1947 | 0 | sae_pwe = SAE_PWE_HASH_TO_ELEMENT; |
1948 | 0 | if (bss && is_6ghz_freq(bss->freq) && |
1949 | 0 | sae_pwe == SAE_PWE_HUNT_AND_PECK) { |
1950 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
1951 | 0 | "RSN: Enable SAE hash-to-element mode for 6 GHz BSS"); |
1952 | 0 | sae_pwe = SAE_PWE_BOTH; |
1953 | 0 | } |
1954 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe); |
1955 | | #ifdef CONFIG_SAE_PK |
1956 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK, |
1957 | | wpa_key_mgmt_sae(ssid->key_mgmt) && |
1958 | | ssid->sae_pk != SAE_PK_MODE_DISABLED && |
1959 | | ((ssid->sae_password && |
1960 | | sae_pk_valid_password(ssid->sae_password)) || |
1961 | | (!ssid->sae_password && ssid->passphrase && |
1962 | | sae_pk_valid_password(ssid->passphrase)))); |
1963 | | #endif /* CONFIG_SAE_PK */ |
1964 | 0 | if (bss && is_6ghz_freq(bss->freq) && |
1965 | 0 | wpas_get_ssid_pmf(wpa_s, ssid) != MGMT_FRAME_PROTECTION_REQUIRED) { |
1966 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Force MFPR=1 on 6 GHz"); |
1967 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, |
1968 | 0 | MGMT_FRAME_PROTECTION_REQUIRED); |
1969 | 0 | } |
1970 | | #ifdef CONFIG_TESTING_OPTIONS |
1971 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED, |
1972 | | wpa_s->ft_rsnxe_used); |
1973 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL, |
1974 | | wpa_s->oci_freq_override_eapol); |
1975 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2, |
1976 | | wpa_s->oci_freq_override_eapol_g2); |
1977 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC, |
1978 | | wpa_s->oci_freq_override_ft_assoc); |
1979 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC, |
1980 | | wpa_s->oci_freq_override_fils_assoc); |
1981 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DISABLE_EAPOL_G2_TX, |
1982 | | wpa_s->disable_eapol_g2_tx); |
1983 | | #endif /* CONFIG_TESTING_OPTIONS */ |
1984 | | |
1985 | | /* Extended Key ID is only supported in infrastructure BSS so far */ |
1986 | 0 | if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id && |
1987 | 0 | (ssid->proto & WPA_PROTO_RSN) && |
1988 | 0 | ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 | |
1989 | 0 | WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) && |
1990 | 0 | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) { |
1991 | 0 | int use_ext_key_id = 0; |
1992 | |
|
1993 | 0 | wpa_msg(wpa_s, MSG_DEBUG, |
1994 | 0 | "WPA: Enable Extended Key ID support"); |
1995 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, |
1996 | 0 | wpa_s->conf->extended_key_id); |
1997 | 0 | if (bss_rsn && |
1998 | 0 | wpa_s->conf->extended_key_id && |
1999 | 0 | wpa_s->pairwise_cipher != WPA_CIPHER_TKIP && |
2000 | 0 | (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST)) |
2001 | 0 | use_ext_key_id = 1; |
2002 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, |
2003 | 0 | use_ext_key_id); |
2004 | 0 | } else { |
2005 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0); |
2006 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0); |
2007 | 0 | } |
2008 | | |
2009 | | /* Mark WMM enabled for any HT/VHT/HE/EHT association to get more |
2010 | | * appropriate advertisement of the supported number of PTKSA receive |
2011 | | * counters. In theory, this could be based on a driver capability, but |
2012 | | * in practice all cases using WMM support at least eight replay |
2013 | | * counters, so use a hardcoded value for now since there is no explicit |
2014 | | * driver capability indication for this. |
2015 | | * |
2016 | | * In addition, claim WMM to be enabled if the AP supports it since it |
2017 | | * is far more likely for any current device to support WMM. */ |
2018 | 0 | wmm = wpa_s->connection_set && |
2019 | 0 | (wpa_s->connection_ht || wpa_s->connection_vht || |
2020 | 0 | wpa_s->connection_he || wpa_s->connection_eht); |
2021 | 0 | if (!wmm && bss) |
2022 | 0 | wmm = !!wpa_bss_get_vendor_ie(bss, WMM_IE_VENDOR_TYPE); |
2023 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_WMM_ENABLED, wmm); |
2024 | |
|
2025 | 0 | if (!skip_default_rsne) { |
2026 | 0 | if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, |
2027 | 0 | wpa_ie_len)) { |
2028 | 0 | wpa_msg(wpa_s, MSG_WARNING, |
2029 | 0 | "RSN: Failed to generate RSNE/WPA IE"); |
2030 | 0 | return -1; |
2031 | 0 | } |
2032 | | |
2033 | 0 | wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe); |
2034 | 0 | if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe, |
2035 | 0 | &wpa_s->rsnxe_len)) { |
2036 | 0 | wpa_msg(wpa_s, MSG_WARNING, |
2037 | 0 | "RSN: Failed to generate RSNXE"); |
2038 | 0 | return -1; |
2039 | 0 | } |
2040 | 0 | } |
2041 | | |
2042 | 0 | if (0) { |
2043 | | #ifdef CONFIG_DPP |
2044 | | } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { |
2045 | | /* Use PMK from DPP network introduction (PMKSA entry) */ |
2046 | | wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); |
2047 | | #ifdef CONFIG_DPP2 |
2048 | | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs); |
2049 | | #endif /* CONFIG_DPP2 */ |
2050 | | #endif /* CONFIG_DPP */ |
2051 | 0 | } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { |
2052 | 0 | int psk_set = 0; |
2053 | |
|
2054 | 0 | if (wpa_key_mgmt_wpa_psk_no_sae(ssid->key_mgmt)) { |
2055 | 0 | u8 psk[PMK_LEN]; |
2056 | |
|
2057 | 0 | if (wpa_supplicant_get_psk(wpa_s, bss, ssid, |
2058 | 0 | psk) == 0) { |
2059 | 0 | wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, |
2060 | 0 | NULL); |
2061 | 0 | psk_set = 1; |
2062 | 0 | } |
2063 | 0 | forced_memzero(psk, sizeof(psk)); |
2064 | 0 | } |
2065 | |
|
2066 | 0 | if (wpa_key_mgmt_sae(ssid->key_mgmt) && |
2067 | 0 | (ssid->sae_password || ssid->passphrase || ssid->ext_psk)) |
2068 | 0 | psk_set = 1; |
2069 | |
|
2070 | 0 | if (!psk_set) { |
2071 | 0 | wpa_msg(wpa_s, MSG_INFO, |
2072 | 0 | "No PSK available for association"); |
2073 | 0 | wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE", NULL); |
2074 | 0 | return -1; |
2075 | 0 | } |
2076 | | #ifdef CONFIG_OWE |
2077 | | } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) { |
2078 | | /* OWE Diffie-Hellman exchange in (Re)Association |
2079 | | * Request/Response frames set the PMK, so do not override it |
2080 | | * here. */ |
2081 | | #endif /* CONFIG_OWE */ |
2082 | 0 | } else |
2083 | 0 | wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); |
2084 | | |
2085 | 0 | if (ssid->mode != WPAS_MODE_IBSS && |
2086 | 0 | !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) && |
2087 | 0 | (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER || |
2088 | 0 | (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK && |
2089 | 0 | !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) { |
2090 | 0 | wpa_msg(wpa_s, MSG_INFO, |
2091 | 0 | "Disable PTK0 rekey support - replaced with reconnect"); |
2092 | 0 | wpa_s->deny_ptk0_rekey = 1; |
2093 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1); |
2094 | 0 | } else { |
2095 | 0 | wpa_s->deny_ptk0_rekey = 0; |
2096 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0); |
2097 | 0 | } |
2098 | |
|
2099 | 0 | if (wpa_key_mgmt_cross_akm(wpa_s->key_mgmt) && |
2100 | 0 | !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) |
2101 | 0 | wpas_update_allowed_key_mgmt(wpa_s, ssid); |
2102 | |
|
2103 | 0 | return 0; |
2104 | 0 | } |
2105 | | |
2106 | | |
2107 | | static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx, |
2108 | | struct wpa_bss *bss) |
2109 | 0 | { |
2110 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
2111 | 0 | bool scs = true, mscs = true; |
2112 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
2113 | |
|
2114 | 0 | *pos = 0x00; |
2115 | |
|
2116 | 0 | switch (idx) { |
2117 | 0 | case 0: /* Bits 0-7 */ |
2118 | 0 | break; |
2119 | 0 | case 1: /* Bits 8-15 */ |
2120 | 0 | if (wpa_s->conf->coloc_intf_reporting) { |
2121 | | /* Bit 13 - Collocated Interference Reporting */ |
2122 | 0 | *pos |= 0x20; |
2123 | 0 | } |
2124 | 0 | break; |
2125 | 0 | case 2: /* Bits 16-23 */ |
2126 | 0 | #ifdef CONFIG_WNM |
2127 | 0 | *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */ |
2128 | 0 | if ((wpas_driver_bss_selection(wpa_s) || |
2129 | 0 | !wpa_s->disable_mbo_oce) && |
2130 | 0 | !wpa_s->conf->disable_btm) |
2131 | 0 | *pos |= 0x08; /* Bit 19 - BSS Transition */ |
2132 | 0 | #endif /* CONFIG_WNM */ |
2133 | 0 | break; |
2134 | 0 | case 3: /* Bits 24-31 */ |
2135 | 0 | #ifdef CONFIG_WNM |
2136 | 0 | *pos |= 0x02; /* Bit 25 - SSID List */ |
2137 | 0 | #endif /* CONFIG_WNM */ |
2138 | 0 | #ifdef CONFIG_INTERWORKING |
2139 | 0 | if (wpa_s->conf->interworking) |
2140 | 0 | *pos |= 0x80; /* Bit 31 - Interworking */ |
2141 | 0 | #endif /* CONFIG_INTERWORKING */ |
2142 | 0 | break; |
2143 | 0 | case 4: /* Bits 32-39 */ |
2144 | 0 | #ifdef CONFIG_INTERWORKING |
2145 | 0 | if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING) |
2146 | 0 | *pos |= 0x01; /* Bit 32 - QoS Map */ |
2147 | 0 | #endif /* CONFIG_INTERWORKING */ |
2148 | 0 | break; |
2149 | 0 | case 5: /* Bits 40-47 */ |
2150 | 0 | #ifdef CONFIG_HS20 |
2151 | 0 | if (wpa_s->conf->hs20) |
2152 | 0 | *pos |= 0x40; /* Bit 46 - WNM-Notification */ |
2153 | 0 | #endif /* CONFIG_HS20 */ |
2154 | | #ifdef CONFIG_MBO |
2155 | | *pos |= 0x40; /* Bit 46 - WNM-Notification */ |
2156 | | #endif /* CONFIG_MBO */ |
2157 | 0 | break; |
2158 | 0 | case 6: /* Bits 48-55 */ |
2159 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
2160 | | #ifdef CONFIG_TESTING_OPTIONS |
2161 | | if (wpa_s->disable_scs_support) |
2162 | | scs = false; |
2163 | | #endif /* CONFIG_TESTING_OPTIONS */ |
2164 | 0 | if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_SCS)) { |
2165 | | /* Drop own SCS capability indication since the AP does |
2166 | | * not support it. This is needed to avoid |
2167 | | * interoperability issues with APs that get confused |
2168 | | * with Extended Capabilities element. */ |
2169 | 0 | scs = false; |
2170 | 0 | } |
2171 | 0 | if (scs) |
2172 | 0 | *pos |= 0x40; /* Bit 54 - SCS */ |
2173 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
2174 | 0 | break; |
2175 | 0 | case 7: /* Bits 56-63 */ |
2176 | 0 | break; |
2177 | 0 | case 8: /* Bits 64-71 */ |
2178 | 0 | if (wpa_s->conf->ftm_responder) |
2179 | 0 | *pos |= 0x40; /* Bit 70 - FTM responder */ |
2180 | 0 | if (wpa_s->conf->ftm_initiator) |
2181 | 0 | *pos |= 0x80; /* Bit 71 - FTM initiator */ |
2182 | 0 | break; |
2183 | 0 | case 9: /* Bits 72-79 */ |
2184 | | #ifdef CONFIG_FILS |
2185 | | if (!wpa_s->disable_fils) |
2186 | | *pos |= 0x01; |
2187 | | #endif /* CONFIG_FILS */ |
2188 | 0 | break; |
2189 | 0 | case 10: /* Bits 80-87 */ |
2190 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
2191 | | #ifdef CONFIG_TESTING_OPTIONS |
2192 | | if (wpa_s->disable_mscs_support) |
2193 | | mscs = false; |
2194 | | #endif /* CONFIG_TESTING_OPTIONS */ |
2195 | 0 | if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS)) { |
2196 | | /* Drop own MSCS capability indication since the AP does |
2197 | | * not support it. This is needed to avoid |
2198 | | * interoperability issues with APs that get confused |
2199 | | * with Extended Capabilities element. */ |
2200 | 0 | mscs = false; |
2201 | 0 | } |
2202 | 0 | if (mscs) |
2203 | 0 | *pos |= 0x20; /* Bit 85 - Mirrored SCS */ |
2204 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
2205 | 0 | break; |
2206 | 0 | } |
2207 | 0 | } |
2208 | | |
2209 | | |
2210 | | int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, |
2211 | | size_t buflen, struct wpa_bss *bss) |
2212 | 0 | { |
2213 | 0 | u8 *pos = buf; |
2214 | 0 | u8 len = 11, i; |
2215 | |
|
2216 | 0 | if (len < wpa_s->extended_capa_len) |
2217 | 0 | len = wpa_s->extended_capa_len; |
2218 | 0 | if (buflen < (size_t) len + 2) { |
2219 | 0 | wpa_printf(MSG_INFO, |
2220 | 0 | "Not enough room for building extended capabilities element"); |
2221 | 0 | return -1; |
2222 | 0 | } |
2223 | | |
2224 | 0 | *pos++ = WLAN_EID_EXT_CAPAB; |
2225 | 0 | *pos++ = len; |
2226 | 0 | for (i = 0; i < len; i++, pos++) { |
2227 | 0 | wpas_ext_capab_byte(wpa_s, pos, i, bss); |
2228 | |
|
2229 | 0 | if (i < wpa_s->extended_capa_len) { |
2230 | 0 | *pos &= ~wpa_s->extended_capa_mask[i]; |
2231 | 0 | *pos |= wpa_s->extended_capa[i]; |
2232 | 0 | } |
2233 | 0 | } |
2234 | |
|
2235 | 0 | while (len > 0 && buf[1 + len] == 0) { |
2236 | 0 | len--; |
2237 | 0 | buf[1] = len; |
2238 | 0 | } |
2239 | 0 | if (len == 0) |
2240 | 0 | return 0; |
2241 | | |
2242 | 0 | return 2 + len; |
2243 | 0 | } |
2244 | | |
2245 | | |
2246 | | static int wpas_valid_bss(struct wpa_supplicant *wpa_s, |
2247 | | struct wpa_bss *test_bss) |
2248 | 0 | { |
2249 | 0 | struct wpa_bss *bss; |
2250 | |
|
2251 | 0 | dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { |
2252 | 0 | if (bss == test_bss) |
2253 | 0 | return 1; |
2254 | 0 | } |
2255 | | |
2256 | 0 | return 0; |
2257 | 0 | } |
2258 | | |
2259 | | |
2260 | | static int wpas_valid_ssid(struct wpa_supplicant *wpa_s, |
2261 | | struct wpa_ssid *test_ssid) |
2262 | 0 | { |
2263 | 0 | struct wpa_ssid *ssid; |
2264 | |
|
2265 | 0 | for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { |
2266 | 0 | if (ssid == test_ssid) |
2267 | 0 | return 1; |
2268 | 0 | } |
2269 | | |
2270 | 0 | return 0; |
2271 | 0 | } |
2272 | | |
2273 | | |
2274 | | int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss, |
2275 | | struct wpa_ssid *test_ssid) |
2276 | 0 | { |
2277 | 0 | if (test_bss && !wpas_valid_bss(wpa_s, test_bss)) |
2278 | 0 | return 0; |
2279 | | |
2280 | 0 | return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid); |
2281 | 0 | } |
2282 | | |
2283 | | |
2284 | | void wpas_connect_work_free(struct wpa_connect_work *cwork) |
2285 | 0 | { |
2286 | 0 | if (cwork == NULL) |
2287 | 0 | return; |
2288 | 0 | os_free(cwork); |
2289 | 0 | } |
2290 | | |
2291 | | |
2292 | | void wpas_connect_work_done(struct wpa_supplicant *wpa_s) |
2293 | 0 | { |
2294 | 0 | struct wpa_connect_work *cwork; |
2295 | 0 | struct wpa_radio_work *work = wpa_s->connect_work; |
2296 | |
|
2297 | 0 | if (!work) |
2298 | 0 | return; |
2299 | | |
2300 | 0 | wpa_s->connect_work = NULL; |
2301 | 0 | cwork = work->ctx; |
2302 | 0 | work->ctx = NULL; |
2303 | 0 | wpas_connect_work_free(cwork); |
2304 | 0 | radio_work_done(work); |
2305 | 0 | } |
2306 | | |
2307 | | |
2308 | | int wpas_update_random_addr(struct wpa_supplicant *wpa_s, |
2309 | | enum wpas_mac_addr_style style, |
2310 | | struct wpa_ssid *ssid) |
2311 | 0 | { |
2312 | 0 | struct os_reltime now; |
2313 | 0 | u8 addr[ETH_ALEN]; |
2314 | |
|
2315 | 0 | os_get_reltime(&now); |
2316 | | /* Random addresses are valid within a given ESS so check |
2317 | | * expiration/value only when continuing to use the same ESS. */ |
2318 | 0 | if (wpa_s->last_mac_addr_style == style && wpa_s->reassoc_same_ess) { |
2319 | 0 | if (style == WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS) { |
2320 | | /* Pregenerated addresses do not expire but their value |
2321 | | * might have changed, so let's check that. */ |
2322 | 0 | if (ether_addr_equal(wpa_s->own_addr, ssid->mac_value)) |
2323 | 0 | return 0; |
2324 | 0 | } else if ((wpa_s->last_mac_addr_change.sec != 0 || |
2325 | 0 | wpa_s->last_mac_addr_change.usec != 0) && |
2326 | 0 | !os_reltime_expired( |
2327 | 0 | &now, |
2328 | 0 | &wpa_s->last_mac_addr_change, |
2329 | 0 | wpa_s->conf->rand_addr_lifetime)) { |
2330 | 0 | wpa_msg(wpa_s, MSG_DEBUG, |
2331 | 0 | "Previously selected random MAC address has not yet expired"); |
2332 | 0 | return 0; |
2333 | 0 | } |
2334 | 0 | } |
2335 | | |
2336 | 0 | switch (style) { |
2337 | 0 | case WPAS_MAC_ADDR_STYLE_RANDOM: |
2338 | 0 | if (random_mac_addr(addr) < 0) |
2339 | 0 | return -1; |
2340 | 0 | break; |
2341 | 0 | case WPAS_MAC_ADDR_STYLE_RANDOM_SAME_OUI: |
2342 | 0 | os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN); |
2343 | 0 | if (random_mac_addr_keep_oui(addr) < 0) |
2344 | 0 | return -1; |
2345 | 0 | break; |
2346 | 0 | case WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS: |
2347 | 0 | if (!ssid) { |
2348 | 0 | wpa_msg(wpa_s, MSG_INFO, |
2349 | 0 | "Invalid 'ssid' for address policy 3"); |
2350 | 0 | return -1; |
2351 | 0 | } |
2352 | 0 | os_memcpy(addr, ssid->mac_value, ETH_ALEN); |
2353 | 0 | break; |
2354 | 0 | default: |
2355 | 0 | return -1; |
2356 | 0 | } |
2357 | | |
2358 | 0 | if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) { |
2359 | 0 | wpa_msg(wpa_s, MSG_INFO, |
2360 | 0 | "Failed to set random MAC address"); |
2361 | 0 | return -1; |
2362 | 0 | } |
2363 | | |
2364 | 0 | os_get_reltime(&wpa_s->last_mac_addr_change); |
2365 | 0 | wpa_s->mac_addr_changed = 1; |
2366 | 0 | wpa_s->last_mac_addr_style = style; |
2367 | |
|
2368 | 0 | if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { |
2369 | 0 | wpa_msg(wpa_s, MSG_INFO, |
2370 | 0 | "Could not update MAC address information"); |
2371 | 0 | return -1; |
2372 | 0 | } |
2373 | | |
2374 | 0 | wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR, |
2375 | 0 | MAC2STR(addr)); |
2376 | |
|
2377 | 0 | return 1; |
2378 | 0 | } |
2379 | | |
2380 | | |
2381 | | int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s) |
2382 | 0 | { |
2383 | 0 | if (wpa_s->wpa_state >= WPA_AUTHENTICATING || |
2384 | 0 | !wpa_s->conf->preassoc_mac_addr) |
2385 | 0 | return 0; |
2386 | | |
2387 | 0 | return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr, |
2388 | 0 | NULL); |
2389 | 0 | } |
2390 | | |
2391 | | |
2392 | | void wpa_s_setup_sae_pt(struct wpa_config *conf, struct wpa_ssid *ssid, |
2393 | | bool force) |
2394 | 0 | { |
2395 | | #ifdef CONFIG_SAE |
2396 | | int *groups = conf->sae_groups; |
2397 | | int default_groups[] = { 19, 20, 21, 0 }; |
2398 | | const char *password; |
2399 | | |
2400 | | if (!groups || groups[0] <= 0) |
2401 | | groups = default_groups; |
2402 | | |
2403 | | password = ssid->sae_password; |
2404 | | if (!password) |
2405 | | password = ssid->passphrase; |
2406 | | |
2407 | | if (!password || |
2408 | | (conf->sae_pwe == SAE_PWE_HUNT_AND_PECK && !ssid->sae_password_id && |
2409 | | !wpa_key_mgmt_sae_ext_key(ssid->key_mgmt) && |
2410 | | !force && |
2411 | | !sae_pk_valid_password(password)) || |
2412 | | conf->sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK) { |
2413 | | /* PT derivation not needed */ |
2414 | | sae_deinit_pt(ssid->pt); |
2415 | | ssid->pt = NULL; |
2416 | | return; |
2417 | | } |
2418 | | |
2419 | | if (ssid->pt) |
2420 | | return; /* PT already derived */ |
2421 | | ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len, |
2422 | | (const u8 *) password, os_strlen(password), |
2423 | | ssid->sae_password_id); |
2424 | | #endif /* CONFIG_SAE */ |
2425 | 0 | } |
2426 | | |
2427 | | |
2428 | | static void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s) |
2429 | 0 | { |
2430 | | #if defined(CONFIG_SAE) && defined(CONFIG_SME) |
2431 | | os_free(wpa_s->sme.sae_rejected_groups); |
2432 | | wpa_s->sme.sae_rejected_groups = NULL; |
2433 | | #ifdef CONFIG_TESTING_OPTIONS |
2434 | | if (wpa_s->extra_sae_rejected_groups) { |
2435 | | int i, *groups = wpa_s->extra_sae_rejected_groups; |
2436 | | |
2437 | | for (i = 0; groups[i]; i++) { |
2438 | | wpa_printf(MSG_DEBUG, |
2439 | | "TESTING: Indicate rejection of an extra SAE group %d", |
2440 | | groups[i]); |
2441 | | int_array_add_unique(&wpa_s->sme.sae_rejected_groups, |
2442 | | groups[i]); |
2443 | | } |
2444 | | } |
2445 | | #endif /* CONFIG_TESTING_OPTIONS */ |
2446 | | #endif /* CONFIG_SAE && CONFIG_SME */ |
2447 | 0 | } |
2448 | | |
2449 | | |
2450 | | int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s) |
2451 | 0 | { |
2452 | 0 | if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) { |
2453 | 0 | wpa_msg(wpa_s, MSG_INFO, |
2454 | 0 | "Could not restore permanent MAC address"); |
2455 | 0 | return -1; |
2456 | 0 | } |
2457 | 0 | wpa_s->mac_addr_changed = 0; |
2458 | 0 | if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { |
2459 | 0 | wpa_msg(wpa_s, MSG_INFO, |
2460 | 0 | "Could not update MAC address information"); |
2461 | 0 | return -1; |
2462 | 0 | } |
2463 | 0 | wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address"); |
2464 | 0 | return 0; |
2465 | 0 | } |
2466 | | |
2467 | | |
2468 | | static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit); |
2469 | | |
2470 | | /** |
2471 | | * wpa_supplicant_associate - Request association |
2472 | | * @wpa_s: Pointer to wpa_supplicant data |
2473 | | * @bss: Scan results for the selected BSS, or %NULL if not available |
2474 | | * @ssid: Configuration data for the selected network |
2475 | | * |
2476 | | * This function is used to request %wpa_supplicant to associate with a BSS. |
2477 | | */ |
2478 | | void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, |
2479 | | struct wpa_bss *bss, struct wpa_ssid *ssid) |
2480 | 0 | { |
2481 | 0 | struct wpa_connect_work *cwork; |
2482 | 0 | enum wpas_mac_addr_style rand_style; |
2483 | |
|
2484 | 0 | wpa_s->own_disconnect_req = 0; |
2485 | 0 | wpa_s->own_reconnect_req = 0; |
2486 | | |
2487 | | /* |
2488 | | * If we are starting a new connection, any previously pending EAPOL |
2489 | | * RX cannot be valid anymore. |
2490 | | */ |
2491 | 0 | wpabuf_free(wpa_s->pending_eapol_rx); |
2492 | 0 | wpa_s->pending_eapol_rx = NULL; |
2493 | |
|
2494 | 0 | if (ssid->mac_addr == WPAS_MAC_ADDR_STYLE_NOT_SET) |
2495 | 0 | rand_style = wpa_s->conf->mac_addr; |
2496 | 0 | else |
2497 | 0 | rand_style = ssid->mac_addr; |
2498 | |
|
2499 | 0 | wpa_s->eapol_failed = 0; |
2500 | 0 | wpa_s->multi_ap_ie = 0; |
2501 | 0 | #ifndef CONFIG_NO_WMM_AC |
2502 | 0 | wmm_ac_clear_saved_tspecs(wpa_s); |
2503 | 0 | #endif /* CONFIG_NO_WMM_AC */ |
2504 | 0 | #ifdef CONFIG_WNM |
2505 | 0 | wpa_s->wnm_mode = 0; |
2506 | 0 | #endif /* CONFIG_WNM */ |
2507 | 0 | wpa_s->reassoc_same_bss = 0; |
2508 | 0 | wpa_s->reassoc_same_ess = 0; |
2509 | | #ifdef CONFIG_TESTING_OPTIONS |
2510 | | wpa_s->testing_resend_assoc = 0; |
2511 | | #endif /* CONFIG_TESTING_OPTIONS */ |
2512 | |
|
2513 | 0 | if (wpa_s->last_ssid == ssid) { |
2514 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS"); |
2515 | 0 | wpa_s->reassoc_same_ess = 1; |
2516 | 0 | if (wpa_s->current_bss && wpa_s->current_bss == bss) { |
2517 | 0 | #ifndef CONFIG_NO_WMM_AC |
2518 | 0 | wmm_ac_save_tspecs(wpa_s); |
2519 | 0 | #endif /* CONFIG_NO_WMM_AC */ |
2520 | 0 | wpa_s->reassoc_same_bss = 1; |
2521 | 0 | } else if (wpa_s->current_bss && wpa_s->current_bss != bss) { |
2522 | 0 | os_get_reltime(&wpa_s->roam_start); |
2523 | 0 | } |
2524 | 0 | } else { |
2525 | | #ifdef CONFIG_SAE |
2526 | | wpa_s_clear_sae_rejected(wpa_s); |
2527 | | #endif /* CONFIG_SAE */ |
2528 | 0 | } |
2529 | | #ifdef CONFIG_SAE |
2530 | | wpa_s_setup_sae_pt(wpa_s->conf, ssid, false); |
2531 | | #endif /* CONFIG_SAE */ |
2532 | |
|
2533 | 0 | if (rand_style > WPAS_MAC_ADDR_STYLE_PERMANENT) { |
2534 | 0 | int status = wpas_update_random_addr(wpa_s, rand_style, ssid); |
2535 | |
|
2536 | 0 | if (status < 0) |
2537 | 0 | return; |
2538 | 0 | if (rand_style != WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS && |
2539 | 0 | status > 0) /* MAC changed */ |
2540 | 0 | wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); |
2541 | 0 | } else if (rand_style == WPAS_MAC_ADDR_STYLE_PERMANENT && |
2542 | 0 | wpa_s->mac_addr_changed) { |
2543 | 0 | if (wpas_restore_permanent_mac_addr(wpa_s) < 0) |
2544 | 0 | return; |
2545 | 0 | } |
2546 | 0 | wpa_s->last_ssid = ssid; |
2547 | |
|
2548 | | #ifdef CONFIG_IBSS_RSN |
2549 | | ibss_rsn_deinit(wpa_s->ibss_rsn); |
2550 | | wpa_s->ibss_rsn = NULL; |
2551 | | #else /* CONFIG_IBSS_RSN */ |
2552 | 0 | if (ssid->mode == WPAS_MODE_IBSS && |
2553 | 0 | !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) { |
2554 | 0 | wpa_msg(wpa_s, MSG_INFO, |
2555 | 0 | "IBSS RSN not supported in the build"); |
2556 | 0 | return; |
2557 | 0 | } |
2558 | 0 | #endif /* CONFIG_IBSS_RSN */ |
2559 | | |
2560 | 0 | if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || |
2561 | 0 | ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { |
2562 | | #ifdef CONFIG_AP |
2563 | | if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { |
2564 | | wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " |
2565 | | "mode"); |
2566 | | return; |
2567 | | } |
2568 | | if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) { |
2569 | | wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); |
2570 | | if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) |
2571 | | wpas_p2p_ap_setup_failed(wpa_s); |
2572 | | return; |
2573 | | } |
2574 | | wpa_s->current_bss = bss; |
2575 | | #else /* CONFIG_AP */ |
2576 | 0 | wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " |
2577 | 0 | "the build"); |
2578 | 0 | #endif /* CONFIG_AP */ |
2579 | 0 | return; |
2580 | 0 | } |
2581 | | |
2582 | 0 | if (ssid->mode == WPAS_MODE_MESH) { |
2583 | | #ifdef CONFIG_MESH |
2584 | | if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) { |
2585 | | wpa_msg(wpa_s, MSG_INFO, |
2586 | | "Driver does not support mesh mode"); |
2587 | | return; |
2588 | | } |
2589 | | if (bss) |
2590 | | ssid->frequency = bss->freq; |
2591 | | if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) { |
2592 | | wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); |
2593 | | wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh"); |
2594 | | return; |
2595 | | } |
2596 | | wpa_s->current_bss = bss; |
2597 | | #else /* CONFIG_MESH */ |
2598 | 0 | wpa_msg(wpa_s, MSG_ERROR, |
2599 | 0 | "mesh mode support not included in the build"); |
2600 | 0 | #endif /* CONFIG_MESH */ |
2601 | 0 | return; |
2602 | 0 | } |
2603 | | |
2604 | | /* |
2605 | | * Set WPA state machine configuration to match the selected network now |
2606 | | * so that the information is available before wpas_start_assoc_cb() |
2607 | | * gets called. This is needed at least for RSN pre-authentication where |
2608 | | * candidate APs are added to a list based on scan result processing |
2609 | | * before completion of the first association. |
2610 | | */ |
2611 | 0 | wpa_supplicant_rsn_supp_set_config(wpa_s, ssid); |
2612 | |
|
2613 | | #ifdef CONFIG_DPP |
2614 | | if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0) |
2615 | | return; |
2616 | | #endif /* CONFIG_DPP */ |
2617 | |
|
2618 | | #ifdef CONFIG_TDLS |
2619 | | if (bss) |
2620 | | wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len); |
2621 | | #endif /* CONFIG_TDLS */ |
2622 | |
|
2623 | | #ifdef CONFIG_MBO |
2624 | | wpas_mbo_check_pmf(wpa_s, bss, ssid); |
2625 | | #endif /* CONFIG_MBO */ |
2626 | |
|
2627 | 0 | if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && |
2628 | 0 | ssid->mode == WPAS_MODE_INFRA) { |
2629 | 0 | sme_authenticate(wpa_s, bss, ssid); |
2630 | 0 | return; |
2631 | 0 | } |
2632 | | |
2633 | 0 | if (wpa_s->connect_work) { |
2634 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist"); |
2635 | 0 | return; |
2636 | 0 | } |
2637 | | |
2638 | 0 | if (radio_work_pending(wpa_s, "connect")) { |
2639 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist"); |
2640 | 0 | return; |
2641 | 0 | } |
2642 | | |
2643 | | #ifdef CONFIG_SME |
2644 | | if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) { |
2645 | | /* Clear possibly set auth_alg, if any, from last attempt. */ |
2646 | | wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN; |
2647 | | } |
2648 | | #endif /* CONFIG_SME */ |
2649 | | |
2650 | 0 | wpas_abort_ongoing_scan(wpa_s); |
2651 | |
|
2652 | 0 | cwork = os_zalloc(sizeof(*cwork)); |
2653 | 0 | if (cwork == NULL) |
2654 | 0 | return; |
2655 | | |
2656 | 0 | cwork->bss = bss; |
2657 | 0 | cwork->ssid = ssid; |
2658 | |
|
2659 | 0 | if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1, |
2660 | 0 | wpas_start_assoc_cb, cwork) < 0) { |
2661 | 0 | os_free(cwork); |
2662 | 0 | } |
2663 | 0 | } |
2664 | | |
2665 | | |
2666 | | static int bss_is_ibss(struct wpa_bss *bss) |
2667 | 0 | { |
2668 | 0 | return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) == |
2669 | 0 | IEEE80211_CAP_IBSS; |
2670 | 0 | } |
2671 | | |
2672 | | |
2673 | | static int drv_supports_vht(struct wpa_supplicant *wpa_s, |
2674 | | const struct wpa_ssid *ssid) |
2675 | 0 | { |
2676 | 0 | enum hostapd_hw_mode hw_mode; |
2677 | 0 | struct hostapd_hw_modes *mode = NULL; |
2678 | 0 | u8 channel; |
2679 | 0 | int i; |
2680 | |
|
2681 | 0 | hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel); |
2682 | 0 | if (hw_mode == NUM_HOSTAPD_MODES) |
2683 | 0 | return 0; |
2684 | 0 | for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { |
2685 | 0 | if (wpa_s->hw.modes[i].mode == hw_mode) { |
2686 | 0 | mode = &wpa_s->hw.modes[i]; |
2687 | 0 | break; |
2688 | 0 | } |
2689 | 0 | } |
2690 | |
|
2691 | 0 | if (!mode) |
2692 | 0 | return 0; |
2693 | | |
2694 | 0 | return mode->vht_capab != 0; |
2695 | 0 | } |
2696 | | |
2697 | | |
2698 | | static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode) |
2699 | 0 | { |
2700 | 0 | int i; |
2701 | |
|
2702 | 0 | for (i = channel; i < channel + 16; i += 4) { |
2703 | 0 | struct hostapd_channel_data *chan; |
2704 | |
|
2705 | 0 | chan = hw_get_channel_chan(mode, i, NULL); |
2706 | 0 | if (!chan || |
2707 | 0 | chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) |
2708 | 0 | return false; |
2709 | 0 | } |
2710 | | |
2711 | 0 | return true; |
2712 | 0 | } |
2713 | | |
2714 | | |
2715 | | static struct wpa_bss * ibss_find_existing_bss(struct wpa_supplicant *wpa_s, |
2716 | | const struct wpa_ssid *ssid) |
2717 | 0 | { |
2718 | 0 | unsigned int j; |
2719 | |
|
2720 | 0 | for (j = 0; j < wpa_s->last_scan_res_used; j++) { |
2721 | 0 | struct wpa_bss *bss = wpa_s->last_scan_res[j]; |
2722 | |
|
2723 | 0 | if (!bss_is_ibss(bss)) |
2724 | 0 | continue; |
2725 | | |
2726 | 0 | if (ssid->ssid_len == bss->ssid_len && |
2727 | 0 | os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) |
2728 | 0 | return bss; |
2729 | 0 | } |
2730 | 0 | return NULL; |
2731 | 0 | } |
2732 | | |
2733 | | |
2734 | | static bool ibss_mesh_can_use_ht(struct wpa_supplicant *wpa_s, |
2735 | | const struct wpa_ssid *ssid, |
2736 | | struct hostapd_hw_modes *mode) |
2737 | 0 | { |
2738 | | /* For IBSS check HT_IBSS flag */ |
2739 | 0 | if (ssid->mode == WPAS_MODE_IBSS && |
2740 | 0 | !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS)) |
2741 | 0 | return false; |
2742 | | |
2743 | 0 | if (wpa_s->group_cipher == WPA_CIPHER_WEP40 || |
2744 | 0 | wpa_s->group_cipher == WPA_CIPHER_WEP104 || |
2745 | 0 | wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) { |
2746 | 0 | wpa_printf(MSG_DEBUG, |
2747 | 0 | "IBSS: WEP/TKIP detected, do not try to enable HT"); |
2748 | 0 | return false; |
2749 | 0 | } |
2750 | | |
2751 | 0 | if (!ht_supported(mode)) |
2752 | 0 | return false; |
2753 | | |
2754 | | #ifdef CONFIG_HT_OVERRIDES |
2755 | | if (ssid->disable_ht) |
2756 | | return false; |
2757 | | #endif /* CONFIG_HT_OVERRIDES */ |
2758 | | |
2759 | 0 | return true; |
2760 | 0 | } |
2761 | | |
2762 | | |
2763 | | static bool ibss_mesh_can_use_vht(struct wpa_supplicant *wpa_s, |
2764 | | const struct wpa_ssid *ssid, |
2765 | | struct hostapd_hw_modes *mode) |
2766 | 0 | { |
2767 | 0 | if (mode->mode != HOSTAPD_MODE_IEEE80211A) |
2768 | 0 | return false; |
2769 | | |
2770 | 0 | if (!drv_supports_vht(wpa_s, ssid)) |
2771 | 0 | return false; |
2772 | | |
2773 | | /* For IBSS check VHT_IBSS flag */ |
2774 | 0 | if (ssid->mode == WPAS_MODE_IBSS && |
2775 | 0 | !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS)) |
2776 | 0 | return false; |
2777 | | |
2778 | 0 | if (!vht_supported(mode)) |
2779 | 0 | return false; |
2780 | | |
2781 | | #ifdef CONFIG_VHT_OVERRIDES |
2782 | | if (ssid->disable_vht) |
2783 | | return false; |
2784 | | #endif /* CONFIG_VHT_OVERRIDES */ |
2785 | | |
2786 | 0 | return true; |
2787 | 0 | } |
2788 | | |
2789 | | |
2790 | | static bool ibss_mesh_can_use_he(struct wpa_supplicant *wpa_s, |
2791 | | const struct wpa_ssid *ssid, |
2792 | | const struct hostapd_hw_modes *mode, |
2793 | | int ieee80211_mode) |
2794 | 0 | { |
2795 | | #ifdef CONFIG_HE_OVERRIDES |
2796 | | if (ssid->disable_he) |
2797 | | return false; |
2798 | | #endif /* CONFIG_HE_OVERRIDES */ |
2799 | |
|
2800 | 0 | switch (mode->mode) { |
2801 | 0 | case HOSTAPD_MODE_IEEE80211G: |
2802 | 0 | case HOSTAPD_MODE_IEEE80211B: |
2803 | 0 | case HOSTAPD_MODE_IEEE80211A: |
2804 | 0 | return mode->he_capab[ieee80211_mode].he_supported; |
2805 | 0 | default: |
2806 | 0 | return false; |
2807 | 0 | } |
2808 | 0 | } |
2809 | | |
2810 | | |
2811 | | static bool ibss_mesh_can_use_eht(struct wpa_supplicant *wpa_s, |
2812 | | const struct wpa_ssid *ssid, |
2813 | | const struct hostapd_hw_modes *mode, |
2814 | | int ieee80211_mode) |
2815 | 0 | { |
2816 | 0 | if (ssid->disable_eht) |
2817 | 0 | return false; |
2818 | | |
2819 | 0 | switch(mode->mode) { |
2820 | 0 | case HOSTAPD_MODE_IEEE80211G: |
2821 | 0 | case HOSTAPD_MODE_IEEE80211B: |
2822 | 0 | case HOSTAPD_MODE_IEEE80211A: |
2823 | 0 | return mode->eht_capab[ieee80211_mode].eht_supported; |
2824 | 0 | default: |
2825 | 0 | return false; |
2826 | 0 | } |
2827 | 0 | } |
2828 | | |
2829 | | |
2830 | | static void ibss_mesh_select_40mhz(struct wpa_supplicant *wpa_s, |
2831 | | const struct wpa_ssid *ssid, |
2832 | | struct hostapd_hw_modes *mode, |
2833 | | struct hostapd_freq_params *freq, |
2834 | 0 | int obss_scan) { |
2835 | 0 | int chan_idx; |
2836 | 0 | struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; |
2837 | 0 | int i, res; |
2838 | 0 | unsigned int j; |
2839 | 0 | static const int ht40plus[] = { |
2840 | 0 | 36, 44, 52, 60, 100, 108, 116, 124, 132, 140, |
2841 | 0 | 149, 157, 165, 173, 184, 192 |
2842 | 0 | }; |
2843 | 0 | int ht40 = -1; |
2844 | |
|
2845 | 0 | if (!freq->ht_enabled) |
2846 | 0 | return; |
2847 | | |
2848 | 0 | for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) { |
2849 | 0 | pri_chan = &mode->channels[chan_idx]; |
2850 | 0 | if (pri_chan->chan == freq->channel) |
2851 | 0 | break; |
2852 | 0 | pri_chan = NULL; |
2853 | 0 | } |
2854 | 0 | if (!pri_chan) |
2855 | 0 | return; |
2856 | | |
2857 | | /* Check primary channel flags */ |
2858 | 0 | if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) |
2859 | 0 | return; |
2860 | | |
2861 | | #ifdef CONFIG_HT_OVERRIDES |
2862 | | if (ssid->disable_ht40) |
2863 | | return; |
2864 | | #endif |
2865 | | |
2866 | | /* Check/setup HT40+/HT40- */ |
2867 | 0 | for (j = 0; j < ARRAY_SIZE(ht40plus); j++) { |
2868 | 0 | if (ht40plus[j] == freq->channel) { |
2869 | 0 | ht40 = 1; |
2870 | 0 | break; |
2871 | 0 | } |
2872 | 0 | } |
2873 | | |
2874 | | /* Find secondary channel */ |
2875 | 0 | for (i = 0; i < mode->num_channels; i++) { |
2876 | 0 | sec_chan = &mode->channels[i]; |
2877 | 0 | if (sec_chan->chan == freq->channel + ht40 * 4) |
2878 | 0 | break; |
2879 | 0 | sec_chan = NULL; |
2880 | 0 | } |
2881 | 0 | if (!sec_chan) |
2882 | 0 | return; |
2883 | | |
2884 | | /* Check secondary channel flags */ |
2885 | 0 | if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) |
2886 | 0 | return; |
2887 | | |
2888 | 0 | if (ht40 == -1) { |
2889 | 0 | if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) |
2890 | 0 | return; |
2891 | 0 | } else { |
2892 | 0 | if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS)) |
2893 | 0 | return; |
2894 | 0 | } |
2895 | 0 | freq->sec_channel_offset = ht40; |
2896 | |
|
2897 | 0 | if (obss_scan) { |
2898 | 0 | struct wpa_scan_results *scan_res; |
2899 | |
|
2900 | 0 | scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0); |
2901 | 0 | if (scan_res == NULL) { |
2902 | | /* Back to HT20 */ |
2903 | 0 | freq->sec_channel_offset = 0; |
2904 | 0 | return; |
2905 | 0 | } |
2906 | | |
2907 | 0 | res = check_40mhz_5g(scan_res, pri_chan, sec_chan); |
2908 | 0 | switch (res) { |
2909 | 0 | case 0: |
2910 | | /* Back to HT20 */ |
2911 | 0 | freq->sec_channel_offset = 0; |
2912 | 0 | break; |
2913 | 0 | case 1: |
2914 | | /* Configuration allowed */ |
2915 | 0 | break; |
2916 | 0 | case 2: |
2917 | | /* Switch pri/sec channels */ |
2918 | 0 | freq->freq = hw_get_freq(mode, sec_chan->chan); |
2919 | 0 | freq->sec_channel_offset = -freq->sec_channel_offset; |
2920 | 0 | freq->channel = sec_chan->chan; |
2921 | 0 | break; |
2922 | 0 | default: |
2923 | 0 | freq->sec_channel_offset = 0; |
2924 | 0 | break; |
2925 | 0 | } |
2926 | | |
2927 | 0 | wpa_scan_results_free(scan_res); |
2928 | 0 | } |
2929 | | |
2930 | 0 | wpa_printf(MSG_DEBUG, |
2931 | 0 | "IBSS/mesh: setup freq channel %d, sec_channel_offset %d", |
2932 | 0 | freq->channel, freq->sec_channel_offset); |
2933 | 0 | } |
2934 | | |
2935 | | |
2936 | | static bool ibss_mesh_select_80_160mhz(struct wpa_supplicant *wpa_s, |
2937 | | const struct wpa_ssid *ssid, |
2938 | | struct hostapd_hw_modes *mode, |
2939 | | struct hostapd_freq_params *freq, |
2940 | 0 | int ieee80211_mode, bool is_6ghz) { |
2941 | 0 | static const int bw80[] = { |
2942 | 0 | 5180, 5260, 5500, 5580, 5660, 5745, 5825, |
2943 | 0 | 5955, 6035, 6115, 6195, 6275, 6355, 6435, |
2944 | 0 | 6515, 6595, 6675, 6755, 6835, 6915, 6995 |
2945 | 0 | }; |
2946 | 0 | static const int bw160[] = { |
2947 | 0 | 5955, 6115, 6275, 6435, 6595, 6755, 6915 |
2948 | 0 | }; |
2949 | 0 | struct hostapd_freq_params vht_freq; |
2950 | 0 | int i; |
2951 | 0 | unsigned int j, k; |
2952 | 0 | int chwidth, seg0, seg1; |
2953 | 0 | u32 vht_caps = 0; |
2954 | 0 | u8 channel = freq->channel; |
2955 | |
|
2956 | 0 | if (!freq->vht_enabled && !freq->he_enabled) |
2957 | 0 | return true; |
2958 | | |
2959 | 0 | vht_freq = *freq; |
2960 | |
|
2961 | 0 | chwidth = CONF_OPER_CHWIDTH_USE_HT; |
2962 | 0 | seg0 = freq->channel + 2 * freq->sec_channel_offset; |
2963 | 0 | seg1 = 0; |
2964 | 0 | if (freq->sec_channel_offset == 0) { |
2965 | 0 | seg0 = 0; |
2966 | | /* Don't try 80 MHz if 40 MHz failed, except in 6 GHz */ |
2967 | 0 | if (freq->ht_enabled && !is_6ghz) |
2968 | 0 | goto skip_80mhz; |
2969 | 0 | } |
2970 | 0 | if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_USE_HT) |
2971 | 0 | goto skip_80mhz; |
2972 | | |
2973 | | /* setup center_freq1, bandwidth */ |
2974 | 0 | for (j = 0; j < ARRAY_SIZE(bw80); j++) { |
2975 | 0 | if (freq->freq >= bw80[j] && |
2976 | 0 | freq->freq < bw80[j] + 80) |
2977 | 0 | break; |
2978 | 0 | } |
2979 | |
|
2980 | 0 | if (j == ARRAY_SIZE(bw80) || |
2981 | 0 | ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES) |
2982 | 0 | goto skip_80mhz; |
2983 | | |
2984 | | /* Use 40 MHz if channel not usable */ |
2985 | 0 | if (!ibss_mesh_is_80mhz_avail(channel, mode)) |
2986 | 0 | goto skip_80mhz; |
2987 | | |
2988 | 0 | chwidth = CONF_OPER_CHWIDTH_80MHZ; |
2989 | 0 | seg0 = channel + 6; |
2990 | 0 | seg1 = 0; |
2991 | | |
2992 | | /* In 160 MHz, the initial four 20 MHz channels were validated |
2993 | | * above. If 160 MHz is supported, check the remaining four 20 MHz |
2994 | | * channels for the total of 160 MHz bandwidth for 6 GHz. |
2995 | | */ |
2996 | 0 | if ((mode->he_capab[ieee80211_mode].phy_cap[ |
2997 | 0 | HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] & |
2998 | 0 | HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz && |
2999 | 0 | ibss_mesh_is_80mhz_avail(channel + 16, mode)) { |
3000 | 0 | for (j = 0; j < ARRAY_SIZE(bw160); j++) { |
3001 | 0 | if (freq->freq == bw160[j]) { |
3002 | 0 | chwidth = CONF_OPER_CHWIDTH_160MHZ; |
3003 | 0 | seg0 = channel + 14; |
3004 | 0 | break; |
3005 | 0 | } |
3006 | 0 | } |
3007 | 0 | } |
3008 | |
|
3009 | 0 | if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_80P80MHZ) { |
3010 | | /* setup center_freq2, bandwidth */ |
3011 | 0 | for (k = 0; k < ARRAY_SIZE(bw80); k++) { |
3012 | | /* Only accept 80 MHz segments separated by a gap */ |
3013 | 0 | if (j == k || abs(bw80[j] - bw80[k]) == 80) |
3014 | 0 | continue; |
3015 | | |
3016 | 0 | if (ieee80211_freq_to_chan(bw80[k], &channel) == |
3017 | 0 | NUM_HOSTAPD_MODES) |
3018 | 0 | break; |
3019 | | |
3020 | 0 | for (i = channel; i < channel + 16; i += 4) { |
3021 | 0 | struct hostapd_channel_data *chan; |
3022 | |
|
3023 | 0 | chan = hw_get_channel_chan(mode, i, NULL); |
3024 | 0 | if (!chan) |
3025 | 0 | continue; |
3026 | | |
3027 | 0 | if (chan->flag & (HOSTAPD_CHAN_DISABLED | |
3028 | 0 | HOSTAPD_CHAN_NO_IR | |
3029 | 0 | HOSTAPD_CHAN_RADAR)) |
3030 | 0 | continue; |
3031 | | |
3032 | | /* Found a suitable second segment for 80+80 */ |
3033 | 0 | chwidth = CONF_OPER_CHWIDTH_80P80MHZ; |
3034 | 0 | if (!is_6ghz) |
3035 | 0 | vht_caps |= |
3036 | 0 | VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; |
3037 | 0 | seg1 = channel + 6; |
3038 | 0 | } |
3039 | |
|
3040 | 0 | if (chwidth == CONF_OPER_CHWIDTH_80P80MHZ) |
3041 | 0 | break; |
3042 | 0 | } |
3043 | 0 | } else if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) { |
3044 | 0 | if (freq->freq == 5180) { |
3045 | 0 | chwidth = CONF_OPER_CHWIDTH_160MHZ; |
3046 | 0 | vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; |
3047 | 0 | seg0 = 50; |
3048 | 0 | } else if (freq->freq == 5520) { |
3049 | 0 | chwidth = CONF_OPER_CHWIDTH_160MHZ; |
3050 | 0 | vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; |
3051 | 0 | seg0 = 114; |
3052 | 0 | } |
3053 | 0 | } |
3054 | |
|
3055 | 0 | skip_80mhz: |
3056 | 0 | if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq, |
3057 | 0 | freq->channel, ssid->enable_edmg, |
3058 | 0 | ssid->edmg_channel, freq->ht_enabled, |
3059 | 0 | freq->vht_enabled, freq->he_enabled, |
3060 | 0 | freq->eht_enabled, |
3061 | 0 | freq->sec_channel_offset, |
3062 | 0 | chwidth, seg0, seg1, vht_caps, |
3063 | 0 | &mode->he_capab[ieee80211_mode], |
3064 | 0 | &mode->eht_capab[ieee80211_mode]) != 0) |
3065 | 0 | return false; |
3066 | | |
3067 | 0 | *freq = vht_freq; |
3068 | |
|
3069 | 0 | wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d", |
3070 | 0 | freq->center_freq1, freq->center_freq2, freq->bandwidth); |
3071 | 0 | return true; |
3072 | 0 | } |
3073 | | |
3074 | | |
3075 | | void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s, |
3076 | | const struct wpa_ssid *ssid, |
3077 | | struct hostapd_freq_params *freq) |
3078 | 0 | { |
3079 | 0 | int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode); |
3080 | 0 | enum hostapd_hw_mode hw_mode; |
3081 | 0 | struct hostapd_hw_modes *mode = NULL; |
3082 | 0 | int i, obss_scan = 1; |
3083 | 0 | u8 channel; |
3084 | 0 | bool is_6ghz, is_24ghz; |
3085 | |
|
3086 | 0 | freq->freq = ssid->frequency; |
3087 | |
|
3088 | 0 | if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) { |
3089 | 0 | struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid); |
3090 | |
|
3091 | 0 | if (bss) { |
3092 | 0 | wpa_printf(MSG_DEBUG, |
3093 | 0 | "IBSS already found in scan results, adjust control freq: %d", |
3094 | 0 | bss->freq); |
3095 | 0 | freq->freq = bss->freq; |
3096 | 0 | obss_scan = 0; |
3097 | 0 | } |
3098 | 0 | } |
3099 | |
|
3100 | 0 | hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); |
3101 | 0 | for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { |
3102 | 0 | if (wpa_s->hw.modes[i].mode == hw_mode && |
3103 | 0 | hw_mode_get_channel(&wpa_s->hw.modes[i], freq->freq, |
3104 | 0 | NULL) != NULL) { |
3105 | 0 | mode = &wpa_s->hw.modes[i]; |
3106 | 0 | break; |
3107 | 0 | } |
3108 | 0 | } |
3109 | |
|
3110 | 0 | if (!mode) |
3111 | 0 | return; |
3112 | | |
3113 | 0 | is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G || |
3114 | 0 | hw_mode == HOSTAPD_MODE_IEEE80211B; |
3115 | |
|
3116 | 0 | is_6ghz = is_6ghz_freq(freq->freq); |
3117 | |
|
3118 | 0 | freq->ht_enabled = 0; |
3119 | 0 | freq->vht_enabled = 0; |
3120 | 0 | freq->he_enabled = 0; |
3121 | 0 | freq->eht_enabled = 0; |
3122 | |
|
3123 | 0 | if (!is_6ghz) |
3124 | 0 | freq->ht_enabled = ibss_mesh_can_use_ht(wpa_s, ssid, mode); |
3125 | 0 | if (freq->ht_enabled) |
3126 | 0 | freq->vht_enabled = ibss_mesh_can_use_vht(wpa_s, ssid, mode); |
3127 | 0 | if (freq->vht_enabled || (freq->ht_enabled && is_24ghz) || is_6ghz) |
3128 | 0 | freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode, |
3129 | 0 | ieee80211_mode); |
3130 | 0 | freq->channel = channel; |
3131 | | /* Setup higher BW only for 5 GHz */ |
3132 | 0 | if (mode->mode == HOSTAPD_MODE_IEEE80211A) { |
3133 | 0 | ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan); |
3134 | 0 | if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq, |
3135 | 0 | ieee80211_mode, is_6ghz)) |
3136 | 0 | freq->he_enabled = freq->vht_enabled = false; |
3137 | 0 | } |
3138 | |
|
3139 | 0 | if (freq->he_enabled) |
3140 | 0 | freq->eht_enabled = ibss_mesh_can_use_eht(wpa_s, ssid, mode, |
3141 | 0 | ieee80211_mode); |
3142 | 0 | } |
3143 | | |
3144 | | |
3145 | | #ifdef CONFIG_FILS |
3146 | | static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf, |
3147 | | size_t ie_buf_len) |
3148 | | { |
3149 | | struct fils_hlp_req *req; |
3150 | | size_t rem_len, hdr_len, hlp_len, len, ie_len = 0; |
3151 | | const u8 *pos; |
3152 | | u8 *buf = ie_buf; |
3153 | | |
3154 | | dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, |
3155 | | list) { |
3156 | | rem_len = ie_buf_len - ie_len; |
3157 | | pos = wpabuf_head(req->pkt); |
3158 | | hdr_len = 1 + 2 * ETH_ALEN + 6; |
3159 | | hlp_len = wpabuf_len(req->pkt); |
3160 | | |
3161 | | if (rem_len < 2 + hdr_len + hlp_len) { |
3162 | | wpa_printf(MSG_ERROR, |
3163 | | "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu", |
3164 | | (unsigned long) rem_len, |
3165 | | (unsigned long) (2 + hdr_len + hlp_len)); |
3166 | | break; |
3167 | | } |
3168 | | |
3169 | | len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len; |
3170 | | /* Element ID */ |
3171 | | *buf++ = WLAN_EID_EXTENSION; |
3172 | | /* Length */ |
3173 | | *buf++ = len; |
3174 | | /* Element ID Extension */ |
3175 | | *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER; |
3176 | | /* Destination MAC address */ |
3177 | | os_memcpy(buf, req->dst, ETH_ALEN); |
3178 | | buf += ETH_ALEN; |
3179 | | /* Source MAC address */ |
3180 | | os_memcpy(buf, wpa_s->own_addr, ETH_ALEN); |
3181 | | buf += ETH_ALEN; |
3182 | | /* LLC/SNAP Header */ |
3183 | | os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6); |
3184 | | buf += 6; |
3185 | | /* HLP Packet */ |
3186 | | os_memcpy(buf, pos, len - hdr_len); |
3187 | | buf += len - hdr_len; |
3188 | | pos += len - hdr_len; |
3189 | | |
3190 | | hlp_len -= len - hdr_len; |
3191 | | ie_len += 2 + len; |
3192 | | rem_len -= 2 + len; |
3193 | | |
3194 | | while (hlp_len) { |
3195 | | len = (hlp_len > 255) ? 255 : hlp_len; |
3196 | | if (rem_len < 2 + len) |
3197 | | break; |
3198 | | *buf++ = WLAN_EID_FRAGMENT; |
3199 | | *buf++ = len; |
3200 | | os_memcpy(buf, pos, len); |
3201 | | buf += len; |
3202 | | pos += len; |
3203 | | |
3204 | | hlp_len -= len; |
3205 | | ie_len += 2 + len; |
3206 | | rem_len -= 2 + len; |
3207 | | } |
3208 | | } |
3209 | | |
3210 | | return ie_len; |
3211 | | } |
3212 | | |
3213 | | |
3214 | | int wpa_is_fils_supported(struct wpa_supplicant *wpa_s) |
3215 | | { |
3216 | | return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && |
3217 | | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) || |
3218 | | (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && |
3219 | | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD))); |
3220 | | } |
3221 | | |
3222 | | |
3223 | | int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s) |
3224 | | { |
3225 | | #ifdef CONFIG_FILS_SK_PFS |
3226 | | return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && |
3227 | | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS); |
3228 | | #else /* CONFIG_FILS_SK_PFS */ |
3229 | | return 0; |
3230 | | #endif /* CONFIG_FILS_SK_PFS */ |
3231 | | } |
3232 | | |
3233 | | #endif /* CONFIG_FILS */ |
3234 | | |
3235 | | |
3236 | | bool wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss *bss) |
3237 | 0 | { |
3238 | 0 | const u8 *wfa_capa; |
3239 | |
|
3240 | 0 | if (!bss) |
3241 | 0 | return false; |
3242 | | |
3243 | | /* Get WFA capability from Beacon or Probe Response frame elements */ |
3244 | 0 | wfa_capa = wpa_bss_get_vendor_ie(bss, WFA_CAPA_IE_VENDOR_TYPE); |
3245 | 0 | if (!wfa_capa) |
3246 | 0 | wfa_capa = wpa_bss_get_vendor_ie_beacon( |
3247 | 0 | bss, WFA_CAPA_IE_VENDOR_TYPE); |
3248 | |
|
3249 | 0 | if (!wfa_capa || wfa_capa[1] < 6 || wfa_capa[6] < 1 || |
3250 | 0 | !(wfa_capa[7] & WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC)) { |
3251 | | /* AP does not enable QM non EHT traffic description policy */ |
3252 | 0 | return false; |
3253 | 0 | } |
3254 | | |
3255 | 0 | return true; |
3256 | 0 | } |
3257 | | |
3258 | | |
3259 | | static int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s, |
3260 | | struct wpa_bss *bss, |
3261 | | u8 *wpa_ie, size_t wpa_ie_len, |
3262 | | size_t max_wpa_ie_len) |
3263 | 0 | { |
3264 | 0 | struct wpabuf *wfa_ie = NULL; |
3265 | 0 | u8 wfa_capa[1]; |
3266 | 0 | size_t wfa_ie_len, buf_len; |
3267 | |
|
3268 | 0 | os_memset(wfa_capa, 0, sizeof(wfa_capa)); |
3269 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
3270 | 0 | if (wpa_s->enable_dscp_policy_capa) |
3271 | 0 | wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY; |
3272 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
3273 | |
|
3274 | 0 | if (wpa_is_non_eht_scs_traffic_desc_supported(bss)) |
3275 | 0 | wfa_capa[0] |= WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC; |
3276 | |
|
3277 | 0 | if (!wfa_capa[0]) |
3278 | 0 | return wpa_ie_len; |
3279 | | |
3280 | | /* Wi-Fi Alliance element */ |
3281 | 0 | buf_len = 1 + /* Element ID */ |
3282 | 0 | 1 + /* Length */ |
3283 | 0 | 3 + /* OUI */ |
3284 | 0 | 1 + /* OUI Type */ |
3285 | 0 | 1 + /* Capabilities Length */ |
3286 | 0 | sizeof(wfa_capa); /* Capabilities */ |
3287 | 0 | wfa_ie = wpabuf_alloc(buf_len); |
3288 | 0 | if (!wfa_ie) |
3289 | 0 | return wpa_ie_len; |
3290 | | |
3291 | 0 | wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC); |
3292 | 0 | wpabuf_put_u8(wfa_ie, buf_len - 2); |
3293 | 0 | wpabuf_put_be24(wfa_ie, OUI_WFA); |
3294 | 0 | wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE); |
3295 | 0 | wpabuf_put_u8(wfa_ie, sizeof(wfa_capa)); |
3296 | 0 | wpabuf_put_data(wfa_ie, wfa_capa, sizeof(wfa_capa)); |
3297 | |
|
3298 | 0 | wfa_ie_len = wpabuf_len(wfa_ie); |
3299 | 0 | if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) { |
3300 | 0 | wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element", |
3301 | 0 | wfa_ie); |
3302 | 0 | os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie), |
3303 | 0 | wfa_ie_len); |
3304 | 0 | wpa_ie_len += wfa_ie_len; |
3305 | 0 | } |
3306 | |
|
3307 | 0 | wpabuf_free(wfa_ie); |
3308 | 0 | return wpa_ie_len; |
3309 | 0 | } |
3310 | | |
3311 | | |
3312 | | static u8 * wpas_populate_assoc_ies( |
3313 | | struct wpa_supplicant *wpa_s, |
3314 | | struct wpa_bss *bss, struct wpa_ssid *ssid, |
3315 | | struct wpa_driver_associate_params *params, |
3316 | | enum wpa_drv_update_connect_params_mask *mask) |
3317 | 0 | { |
3318 | 0 | u8 *wpa_ie; |
3319 | 0 | size_t max_wpa_ie_len = 500; |
3320 | 0 | size_t wpa_ie_len; |
3321 | 0 | int algs = WPA_AUTH_ALG_OPEN; |
3322 | | #ifdef CONFIG_MBO |
3323 | | const u8 *mbo_ie; |
3324 | | #endif |
3325 | | #if defined(CONFIG_SAE) || defined(CONFIG_FILS) |
3326 | | int pmksa_cached = 0; |
3327 | | #endif /* CONFIG_SAE || CONFIG_FILS */ |
3328 | | #ifdef CONFIG_FILS |
3329 | | const u8 *realm, *username, *rrk; |
3330 | | size_t realm_len, username_len, rrk_len; |
3331 | | u16 next_seq_num; |
3332 | | struct fils_hlp_req *req; |
3333 | | |
3334 | | dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, |
3335 | | list) { |
3336 | | max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) + |
3337 | | 2 + 2 * wpabuf_len(req->pkt) / 255; |
3338 | | } |
3339 | | #endif /* CONFIG_FILS */ |
3340 | |
|
3341 | 0 | wpa_ie = os_malloc(max_wpa_ie_len); |
3342 | 0 | if (!wpa_ie) { |
3343 | 0 | wpa_printf(MSG_ERROR, |
3344 | 0 | "Failed to allocate connect IE buffer for %lu bytes", |
3345 | 0 | (unsigned long) max_wpa_ie_len); |
3346 | 0 | return NULL; |
3347 | 0 | } |
3348 | | |
3349 | 0 | if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || |
3350 | 0 | wpa_bss_get_ie(bss, WLAN_EID_RSN)) && |
3351 | 0 | wpa_key_mgmt_wpa(ssid->key_mgmt)) { |
3352 | 0 | int try_opportunistic; |
3353 | 0 | const u8 *cache_id = NULL; |
3354 | 0 | const u8 *addr = bss->bssid; |
3355 | |
|
3356 | 0 | if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && |
3357 | 0 | (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_MLO) && |
3358 | 0 | !is_zero_ether_addr(bss->mld_addr)) |
3359 | 0 | addr = bss->mld_addr; |
3360 | |
|
3361 | 0 | if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && |
3362 | 0 | wpa_s->valid_links) |
3363 | 0 | addr = wpa_s->ap_mld_addr; |
3364 | |
|
3365 | 0 | try_opportunistic = (ssid->proactive_key_caching < 0 ? |
3366 | 0 | wpa_s->conf->okc : |
3367 | 0 | ssid->proactive_key_caching) && |
3368 | 0 | (ssid->proto & WPA_PROTO_RSN); |
3369 | | #ifdef CONFIG_FILS |
3370 | | if (wpa_key_mgmt_fils(ssid->key_mgmt)) |
3371 | | cache_id = wpa_bss_get_fils_cache_id(bss); |
3372 | | #endif /* CONFIG_FILS */ |
3373 | 0 | if (pmksa_cache_set_current(wpa_s->wpa, NULL, addr, |
3374 | 0 | ssid, try_opportunistic, |
3375 | 0 | cache_id, 0, false) == 0) { |
3376 | 0 | eapol_sm_notify_pmkid_attempt(wpa_s->eapol); |
3377 | | #if defined(CONFIG_SAE) || defined(CONFIG_FILS) |
3378 | | pmksa_cached = 1; |
3379 | | #endif /* CONFIG_SAE || CONFIG_FILS */ |
3380 | 0 | } |
3381 | 0 | wpa_ie_len = max_wpa_ie_len; |
3382 | 0 | if (wpa_supplicant_set_suites(wpa_s, bss, ssid, |
3383 | 0 | wpa_ie, &wpa_ie_len, false)) { |
3384 | 0 | wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " |
3385 | 0 | "key management and encryption suites"); |
3386 | 0 | os_free(wpa_ie); |
3387 | 0 | return NULL; |
3388 | 0 | } |
3389 | 0 | #ifdef CONFIG_HS20 |
3390 | 0 | } else if (bss && wpa_bss_get_vendor_ie(bss, OSEN_IE_VENDOR_TYPE) && |
3391 | 0 | (ssid->key_mgmt & WPA_KEY_MGMT_OSEN)) { |
3392 | | /* No PMKSA caching, but otherwise similar to RSN/WPA */ |
3393 | 0 | wpa_ie_len = max_wpa_ie_len; |
3394 | 0 | if (wpa_supplicant_set_suites(wpa_s, bss, ssid, |
3395 | 0 | wpa_ie, &wpa_ie_len, false)) { |
3396 | 0 | wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " |
3397 | 0 | "key management and encryption suites"); |
3398 | 0 | os_free(wpa_ie); |
3399 | 0 | return NULL; |
3400 | 0 | } |
3401 | 0 | #endif /* CONFIG_HS20 */ |
3402 | 0 | } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && |
3403 | 0 | wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { |
3404 | | /* |
3405 | | * Both WPA and non-WPA IEEE 802.1X enabled in configuration - |
3406 | | * use non-WPA since the scan results did not indicate that the |
3407 | | * AP is using WPA or WPA2. |
3408 | | */ |
3409 | 0 | wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); |
3410 | 0 | wpa_ie_len = 0; |
3411 | 0 | wpa_s->wpa_proto = 0; |
3412 | 0 | } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { |
3413 | 0 | wpa_ie_len = max_wpa_ie_len; |
3414 | 0 | if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, |
3415 | 0 | wpa_ie, &wpa_ie_len, false)) { |
3416 | 0 | wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " |
3417 | 0 | "key management and encryption suites (no " |
3418 | 0 | "scan results)"); |
3419 | 0 | os_free(wpa_ie); |
3420 | 0 | return NULL; |
3421 | 0 | } |
3422 | | #ifdef CONFIG_WPS |
3423 | | } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { |
3424 | | struct wpabuf *wps_ie; |
3425 | | wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); |
3426 | | if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) { |
3427 | | wpa_ie_len = wpabuf_len(wps_ie); |
3428 | | os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); |
3429 | | } else |
3430 | | wpa_ie_len = 0; |
3431 | | wpabuf_free(wps_ie); |
3432 | | wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); |
3433 | | if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) |
3434 | | params->wps = WPS_MODE_PRIVACY; |
3435 | | else |
3436 | | params->wps = WPS_MODE_OPEN; |
3437 | | wpa_s->wpa_proto = 0; |
3438 | | #endif /* CONFIG_WPS */ |
3439 | 0 | } else { |
3440 | 0 | wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); |
3441 | 0 | wpa_ie_len = 0; |
3442 | 0 | wpa_s->wpa_proto = 0; |
3443 | 0 | } |
3444 | | |
3445 | 0 | #ifdef IEEE8021X_EAPOL |
3446 | 0 | if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { |
3447 | 0 | if (ssid->leap) { |
3448 | 0 | if (ssid->non_leap == 0) |
3449 | 0 | algs = WPA_AUTH_ALG_LEAP; |
3450 | 0 | else |
3451 | 0 | algs |= WPA_AUTH_ALG_LEAP; |
3452 | 0 | } |
3453 | 0 | } |
3454 | |
|
3455 | | #ifdef CONFIG_FILS |
3456 | | /* Clear FILS association */ |
3457 | | wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0); |
3458 | | |
3459 | | if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) && |
3460 | | ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) && |
3461 | | eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username, |
3462 | | &username_len, &realm, &realm_len, |
3463 | | &next_seq_num, &rrk, &rrk_len) == 0 && |
3464 | | (!wpa_s->last_con_fail_realm || |
3465 | | wpa_s->last_con_fail_realm_len != realm_len || |
3466 | | os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) { |
3467 | | algs = WPA_AUTH_ALG_FILS; |
3468 | | params->fils_erp_username = username; |
3469 | | params->fils_erp_username_len = username_len; |
3470 | | params->fils_erp_realm = realm; |
3471 | | params->fils_erp_realm_len = realm_len; |
3472 | | params->fils_erp_next_seq_num = next_seq_num; |
3473 | | params->fils_erp_rrk = rrk; |
3474 | | params->fils_erp_rrk_len = rrk_len; |
3475 | | |
3476 | | if (mask) |
3477 | | *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO; |
3478 | | } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) && |
3479 | | ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) && |
3480 | | pmksa_cached) { |
3481 | | algs = WPA_AUTH_ALG_FILS; |
3482 | | } |
3483 | | #endif /* CONFIG_FILS */ |
3484 | 0 | #endif /* IEEE8021X_EAPOL */ |
3485 | | #ifdef CONFIG_SAE |
3486 | | if (wpa_key_mgmt_sae(wpa_s->key_mgmt)) |
3487 | | algs = WPA_AUTH_ALG_SAE; |
3488 | | #endif /* CONFIG_SAE */ |
3489 | |
|
3490 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); |
3491 | 0 | if (ssid->auth_alg) { |
3492 | 0 | algs = ssid->auth_alg; |
3493 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
3494 | 0 | "Overriding auth_alg selection: 0x%x", algs); |
3495 | 0 | } |
3496 | |
|
3497 | | #ifdef CONFIG_SAE |
3498 | | if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) { |
3499 | | wpa_dbg(wpa_s, MSG_DEBUG, |
3500 | | "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt"); |
3501 | | algs = WPA_AUTH_ALG_OPEN; |
3502 | | } |
3503 | | #endif /* CONFIG_SAE */ |
3504 | |
|
3505 | | #ifdef CONFIG_P2P |
3506 | | if (wpa_s->global->p2p) { |
3507 | | u8 *pos; |
3508 | | size_t len; |
3509 | | int res; |
3510 | | pos = wpa_ie + wpa_ie_len; |
3511 | | len = max_wpa_ie_len - wpa_ie_len; |
3512 | | res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, |
3513 | | ssid->p2p_group); |
3514 | | if (res >= 0) |
3515 | | wpa_ie_len += res; |
3516 | | } |
3517 | | |
3518 | | wpa_s->cross_connect_disallowed = 0; |
3519 | | if (bss) { |
3520 | | struct wpabuf *p2p; |
3521 | | p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); |
3522 | | if (p2p) { |
3523 | | wpa_s->cross_connect_disallowed = |
3524 | | p2p_get_cross_connect_disallowed(p2p); |
3525 | | wpabuf_free(p2p); |
3526 | | wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " |
3527 | | "connection", |
3528 | | wpa_s->cross_connect_disallowed ? |
3529 | | "disallows" : "allows"); |
3530 | | } |
3531 | | } |
3532 | | |
3533 | | os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info)); |
3534 | | #endif /* CONFIG_P2P */ |
3535 | |
|
3536 | 0 | #ifndef CONFIG_NO_RRM |
3537 | 0 | if (bss) { |
3538 | 0 | wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss, |
3539 | 0 | wpa_ie + wpa_ie_len, |
3540 | 0 | max_wpa_ie_len - |
3541 | 0 | wpa_ie_len); |
3542 | 0 | } |
3543 | 0 | #endif /* CONFIG_NO_RRM */ |
3544 | | |
3545 | | /* |
3546 | | * Workaround: Add Extended Capabilities element only if the AP |
3547 | | * included this element in Beacon/Probe Response frames. Some older |
3548 | | * APs seem to have interoperability issues if this element is |
3549 | | * included, so while the standard may require us to include the |
3550 | | * element in all cases, it is justifiable to skip it to avoid |
3551 | | * interoperability issues. |
3552 | | */ |
3553 | 0 | if (ssid->p2p_group) |
3554 | 0 | wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT); |
3555 | 0 | else |
3556 | 0 | wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); |
3557 | |
|
3558 | 0 | if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) { |
3559 | 0 | u8 ext_capab[18]; |
3560 | 0 | int ext_capab_len; |
3561 | 0 | ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, |
3562 | 0 | sizeof(ext_capab), bss); |
3563 | 0 | if (ext_capab_len > 0 && |
3564 | 0 | wpa_ie_len + ext_capab_len <= max_wpa_ie_len) { |
3565 | 0 | u8 *pos = wpa_ie; |
3566 | 0 | if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) |
3567 | 0 | pos += 2 + pos[1]; |
3568 | 0 | os_memmove(pos + ext_capab_len, pos, |
3569 | 0 | wpa_ie_len - (pos - wpa_ie)); |
3570 | 0 | wpa_ie_len += ext_capab_len; |
3571 | 0 | os_memcpy(pos, ext_capab, ext_capab_len); |
3572 | 0 | } |
3573 | 0 | } |
3574 | |
|
3575 | 0 | #ifdef CONFIG_HS20 |
3576 | 0 | if (is_hs20_network(wpa_s, ssid, bss)) { |
3577 | 0 | struct wpabuf *hs20; |
3578 | |
|
3579 | 0 | hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN); |
3580 | 0 | if (hs20) { |
3581 | 0 | int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid); |
3582 | 0 | size_t len; |
3583 | |
|
3584 | 0 | wpas_hs20_add_indication(hs20, pps_mo_id, |
3585 | 0 | get_hs20_version(bss)); |
3586 | 0 | wpas_hs20_add_roam_cons_sel(hs20, ssid); |
3587 | 0 | len = max_wpa_ie_len - wpa_ie_len; |
3588 | 0 | if (wpabuf_len(hs20) <= len) { |
3589 | 0 | os_memcpy(wpa_ie + wpa_ie_len, |
3590 | 0 | wpabuf_head(hs20), wpabuf_len(hs20)); |
3591 | 0 | wpa_ie_len += wpabuf_len(hs20); |
3592 | 0 | } |
3593 | 0 | wpabuf_free(hs20); |
3594 | |
|
3595 | 0 | hs20_configure_frame_filters(wpa_s); |
3596 | 0 | } |
3597 | 0 | } |
3598 | 0 | #endif /* CONFIG_HS20 */ |
3599 | |
|
3600 | 0 | if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) { |
3601 | 0 | struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]; |
3602 | 0 | size_t len; |
3603 | |
|
3604 | 0 | len = max_wpa_ie_len - wpa_ie_len; |
3605 | 0 | if (wpabuf_len(buf) <= len) { |
3606 | 0 | os_memcpy(wpa_ie + wpa_ie_len, |
3607 | 0 | wpabuf_head(buf), wpabuf_len(buf)); |
3608 | 0 | wpa_ie_len += wpabuf_len(buf); |
3609 | 0 | } |
3610 | 0 | } |
3611 | |
|
3612 | | #ifdef CONFIG_FST |
3613 | | if (wpa_s->fst_ies) { |
3614 | | int fst_ies_len = wpabuf_len(wpa_s->fst_ies); |
3615 | | |
3616 | | if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) { |
3617 | | os_memcpy(wpa_ie + wpa_ie_len, |
3618 | | wpabuf_head(wpa_s->fst_ies), fst_ies_len); |
3619 | | wpa_ie_len += fst_ies_len; |
3620 | | } |
3621 | | } |
3622 | | #endif /* CONFIG_FST */ |
3623 | |
|
3624 | | #ifdef CONFIG_MBO |
3625 | | mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL; |
3626 | | if (!wpa_s->disable_mbo_oce && mbo_ie) { |
3627 | | int len; |
3628 | | |
3629 | | len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len, |
3630 | | max_wpa_ie_len - wpa_ie_len, |
3631 | | !!mbo_attr_from_mbo_ie(mbo_ie, |
3632 | | OCE_ATTR_ID_CAPA_IND)); |
3633 | | if (len >= 0) |
3634 | | wpa_ie_len += len; |
3635 | | } |
3636 | | #endif /* CONFIG_MBO */ |
3637 | |
|
3638 | | #ifdef CONFIG_FILS |
3639 | | if (algs == WPA_AUTH_ALG_FILS) { |
3640 | | size_t len; |
3641 | | |
3642 | | len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len, |
3643 | | max_wpa_ie_len - wpa_ie_len); |
3644 | | wpa_ie_len += len; |
3645 | | } |
3646 | | #endif /* CONFIG_FILS */ |
3647 | |
|
3648 | | #ifdef CONFIG_OWE |
3649 | | #ifdef CONFIG_TESTING_OPTIONS |
3650 | | if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) { |
3651 | | wpa_printf(MSG_INFO, "TESTING: Override OWE DH element"); |
3652 | | } else |
3653 | | #endif /* CONFIG_TESTING_OPTIONS */ |
3654 | | if (algs == WPA_AUTH_ALG_OPEN && |
3655 | | ssid->key_mgmt == WPA_KEY_MGMT_OWE && |
3656 | | !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA)) { |
3657 | | struct wpabuf *owe_ie; |
3658 | | u16 group; |
3659 | | |
3660 | | if (ssid->owe_group) { |
3661 | | group = ssid->owe_group; |
3662 | | } else if (wpa_s->assoc_status_code == |
3663 | | WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { |
3664 | | if (wpa_s->last_owe_group == 19) |
3665 | | group = 20; |
3666 | | else if (wpa_s->last_owe_group == 20) |
3667 | | group = 21; |
3668 | | else |
3669 | | group = OWE_DH_GROUP; |
3670 | | } else { |
3671 | | group = OWE_DH_GROUP; |
3672 | | } |
3673 | | |
3674 | | wpa_s->last_owe_group = group; |
3675 | | wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group); |
3676 | | owe_ie = owe_build_assoc_req(wpa_s->wpa, group); |
3677 | | if (owe_ie && |
3678 | | wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) { |
3679 | | os_memcpy(wpa_ie + wpa_ie_len, |
3680 | | wpabuf_head(owe_ie), wpabuf_len(owe_ie)); |
3681 | | wpa_ie_len += wpabuf_len(owe_ie); |
3682 | | } |
3683 | | wpabuf_free(owe_ie); |
3684 | | } |
3685 | | #endif /* CONFIG_OWE */ |
3686 | |
|
3687 | | #ifdef CONFIG_DPP2 |
3688 | | if (DPP_VERSION > 1 && |
3689 | | wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP && |
3690 | | ssid->dpp_netaccesskey && |
3691 | | ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) { |
3692 | | struct rsn_pmksa_cache_entry *pmksa; |
3693 | | |
3694 | | pmksa = pmksa_cache_get_current(wpa_s->wpa); |
3695 | | if (!pmksa || !pmksa->dpp_pfs) |
3696 | | goto pfs_fail; |
3697 | | |
3698 | | dpp_pfs_free(wpa_s->dpp_pfs); |
3699 | | wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey, |
3700 | | ssid->dpp_netaccesskey_len); |
3701 | | if (!wpa_s->dpp_pfs) { |
3702 | | wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS"); |
3703 | | /* Try to continue without PFS */ |
3704 | | goto pfs_fail; |
3705 | | } |
3706 | | if (wpabuf_len(wpa_s->dpp_pfs->ie) <= |
3707 | | max_wpa_ie_len - wpa_ie_len) { |
3708 | | os_memcpy(wpa_ie + wpa_ie_len, |
3709 | | wpabuf_head(wpa_s->dpp_pfs->ie), |
3710 | | wpabuf_len(wpa_s->dpp_pfs->ie)); |
3711 | | wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie); |
3712 | | } |
3713 | | } |
3714 | | pfs_fail: |
3715 | | #endif /* CONFIG_DPP2 */ |
3716 | |
|
3717 | | #ifdef CONFIG_IEEE80211R |
3718 | | /* |
3719 | | * Add MDIE under these conditions: the network profile allows FT, |
3720 | | * the AP supports FT, and the mobility domain ID matches. |
3721 | | */ |
3722 | | if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) { |
3723 | | const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); |
3724 | | |
3725 | | if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) { |
3726 | | size_t len = 0; |
3727 | | const u8 *md = mdie + 2; |
3728 | | const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa); |
3729 | | |
3730 | | if (os_memcmp(md, wpa_md, |
3731 | | MOBILITY_DOMAIN_ID_LEN) == 0) { |
3732 | | /* Add mobility domain IE */ |
3733 | | len = wpa_ft_add_mdie( |
3734 | | wpa_s->wpa, wpa_ie + wpa_ie_len, |
3735 | | max_wpa_ie_len - wpa_ie_len, mdie); |
3736 | | wpa_ie_len += len; |
3737 | | } |
3738 | | #ifdef CONFIG_SME |
3739 | | if (len > 0 && wpa_s->sme.ft_used && |
3740 | | wpa_sm_has_ft_keys(wpa_s->wpa, md)) { |
3741 | | wpa_dbg(wpa_s, MSG_DEBUG, |
3742 | | "SME: Trying to use FT over-the-air"); |
3743 | | algs |= WPA_AUTH_ALG_FT; |
3744 | | } |
3745 | | #endif /* CONFIG_SME */ |
3746 | | } |
3747 | | } |
3748 | | #endif /* CONFIG_IEEE80211R */ |
3749 | |
|
3750 | | #ifdef CONFIG_TESTING_OPTIONS |
3751 | | if (wpa_s->rsnxe_override_assoc && |
3752 | | wpabuf_len(wpa_s->rsnxe_override_assoc) <= |
3753 | | max_wpa_ie_len - wpa_ie_len) { |
3754 | | wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override"); |
3755 | | os_memcpy(wpa_ie + wpa_ie_len, |
3756 | | wpabuf_head(wpa_s->rsnxe_override_assoc), |
3757 | | wpabuf_len(wpa_s->rsnxe_override_assoc)); |
3758 | | wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc); |
3759 | | } else |
3760 | | #endif /* CONFIG_TESTING_OPTIONS */ |
3761 | 0 | if (wpa_s->rsnxe_len > 0 && |
3762 | 0 | wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) { |
3763 | 0 | os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len); |
3764 | 0 | wpa_ie_len += wpa_s->rsnxe_len; |
3765 | 0 | } |
3766 | |
|
3767 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
3768 | | #ifdef CONFIG_TESTING_OPTIONS |
3769 | | if (wpa_s->disable_mscs_support) |
3770 | | goto mscs_end; |
3771 | | #endif /* CONFIG_TESTING_OPTIONS */ |
3772 | 0 | if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) && |
3773 | 0 | wpa_s->robust_av.valid_config) { |
3774 | 0 | struct wpabuf *mscs_ie; |
3775 | 0 | size_t mscs_ie_len, buf_len; |
3776 | |
|
3777 | 0 | buf_len = 3 + /* MSCS descriptor IE header */ |
3778 | 0 | 1 + /* Request type */ |
3779 | 0 | 2 + /* User priority control */ |
3780 | 0 | 4 + /* Stream timeout */ |
3781 | 0 | 3 + /* TCLAS Mask IE header */ |
3782 | 0 | wpa_s->robust_av.frame_classifier_len; |
3783 | 0 | mscs_ie = wpabuf_alloc(buf_len); |
3784 | 0 | if (!mscs_ie) { |
3785 | 0 | wpa_printf(MSG_INFO, |
3786 | 0 | "MSCS: Failed to allocate MSCS IE"); |
3787 | 0 | goto mscs_end; |
3788 | 0 | } |
3789 | | |
3790 | 0 | wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie); |
3791 | 0 | if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) { |
3792 | 0 | wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie); |
3793 | 0 | mscs_ie_len = wpabuf_len(mscs_ie); |
3794 | 0 | os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie), |
3795 | 0 | mscs_ie_len); |
3796 | 0 | wpa_ie_len += mscs_ie_len; |
3797 | 0 | } |
3798 | |
|
3799 | 0 | wpabuf_free(mscs_ie); |
3800 | 0 | } |
3801 | 0 | mscs_end: |
3802 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
3803 | |
|
3804 | 0 | wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len, |
3805 | 0 | max_wpa_ie_len); |
3806 | |
|
3807 | 0 | if (ssid->multi_ap_backhaul_sta) { |
3808 | 0 | size_t multi_ap_ie_len; |
3809 | |
|
3810 | 0 | multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len, |
3811 | 0 | max_wpa_ie_len - wpa_ie_len, |
3812 | 0 | MULTI_AP_BACKHAUL_STA); |
3813 | 0 | if (multi_ap_ie_len == 0) { |
3814 | 0 | wpa_printf(MSG_ERROR, |
3815 | 0 | "Multi-AP: Failed to build Multi-AP IE"); |
3816 | 0 | os_free(wpa_ie); |
3817 | 0 | return NULL; |
3818 | 0 | } |
3819 | 0 | wpa_ie_len += multi_ap_ie_len; |
3820 | 0 | } |
3821 | | |
3822 | 0 | params->wpa_ie = wpa_ie; |
3823 | 0 | params->wpa_ie_len = wpa_ie_len; |
3824 | 0 | params->auth_alg = algs; |
3825 | 0 | if (mask) |
3826 | 0 | *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE; |
3827 | |
|
3828 | 0 | return wpa_ie; |
3829 | 0 | } |
3830 | | |
3831 | | |
3832 | | #ifdef CONFIG_OWE |
3833 | | static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s) |
3834 | | { |
3835 | | struct wpa_driver_associate_params params; |
3836 | | u8 *wpa_ie; |
3837 | | |
3838 | | os_memset(¶ms, 0, sizeof(params)); |
3839 | | wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, |
3840 | | wpa_s->current_ssid, ¶ms, NULL); |
3841 | | if (!wpa_ie) |
3842 | | return; |
3843 | | |
3844 | | wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES); |
3845 | | os_free(wpa_ie); |
3846 | | } |
3847 | | #endif /* CONFIG_OWE */ |
3848 | | |
3849 | | |
3850 | | #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) |
3851 | | static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s) |
3852 | | { |
3853 | | struct wpa_driver_associate_params params; |
3854 | | enum wpa_drv_update_connect_params_mask mask = 0; |
3855 | | u8 *wpa_ie; |
3856 | | |
3857 | | if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN) |
3858 | | return; /* nothing to do */ |
3859 | | |
3860 | | os_memset(¶ms, 0, sizeof(params)); |
3861 | | wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, |
3862 | | wpa_s->current_ssid, ¶ms, &mask); |
3863 | | if (!wpa_ie) |
3864 | | return; |
3865 | | |
3866 | | if (params.auth_alg == WPA_AUTH_ALG_FILS) { |
3867 | | wpa_s->auth_alg = params.auth_alg; |
3868 | | wpa_drv_update_connect_params(wpa_s, ¶ms, mask); |
3869 | | } |
3870 | | |
3871 | | os_free(wpa_ie); |
3872 | | } |
3873 | | #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ |
3874 | | |
3875 | | |
3876 | | static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie) |
3877 | 0 | { |
3878 | 0 | if (!edmg_ie || edmg_ie[1] < 6) |
3879 | 0 | return 0; |
3880 | 0 | return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET]; |
3881 | 0 | } |
3882 | | |
3883 | | |
3884 | | static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie) |
3885 | 0 | { |
3886 | 0 | if (!edmg_ie || edmg_ie[1] < 6) |
3887 | 0 | return 0; |
3888 | 0 | return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET]; |
3889 | 0 | } |
3890 | | |
3891 | | |
3892 | | /* Returns the intersection of two EDMG configurations. |
3893 | | * Note: The current implementation is limited to CB2 only (CB1 included), |
3894 | | * i.e., the implementation supports up to 2 contiguous channels. |
3895 | | * For supporting non-contiguous (aggregated) channels and for supporting |
3896 | | * CB3 and above, this function will need to be extended. |
3897 | | */ |
3898 | | static struct ieee80211_edmg_config |
3899 | | get_edmg_intersection(struct ieee80211_edmg_config a, |
3900 | | struct ieee80211_edmg_config b, |
3901 | | u8 primary_channel) |
3902 | 0 | { |
3903 | 0 | struct ieee80211_edmg_config result; |
3904 | 0 | int i, contiguous = 0; |
3905 | 0 | int max_contiguous = 0; |
3906 | |
|
3907 | 0 | result.channels = b.channels & a.channels; |
3908 | 0 | if (!result.channels) { |
3909 | 0 | wpa_printf(MSG_DEBUG, |
3910 | 0 | "EDMG not possible: cannot intersect channels 0x%x and 0x%x", |
3911 | 0 | a.channels, b.channels); |
3912 | 0 | goto fail; |
3913 | 0 | } |
3914 | | |
3915 | 0 | if (!(result.channels & BIT(primary_channel - 1))) { |
3916 | 0 | wpa_printf(MSG_DEBUG, |
3917 | 0 | "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x", |
3918 | 0 | primary_channel, result.channels); |
3919 | 0 | goto fail; |
3920 | 0 | } |
3921 | | |
3922 | | /* Find max contiguous channels */ |
3923 | 0 | for (i = 0; i < 6; i++) { |
3924 | 0 | if (result.channels & BIT(i)) |
3925 | 0 | contiguous++; |
3926 | 0 | else |
3927 | 0 | contiguous = 0; |
3928 | |
|
3929 | 0 | if (contiguous > max_contiguous) |
3930 | 0 | max_contiguous = contiguous; |
3931 | 0 | } |
3932 | | |
3933 | | /* Assuming AP and STA supports ONLY contiguous channels, |
3934 | | * bw configuration can have value between 4-7. |
3935 | | */ |
3936 | 0 | if ((b.bw_config < a.bw_config)) |
3937 | 0 | result.bw_config = b.bw_config; |
3938 | 0 | else |
3939 | 0 | result.bw_config = a.bw_config; |
3940 | |
|
3941 | 0 | if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) || |
3942 | 0 | (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) { |
3943 | 0 | wpa_printf(MSG_DEBUG, |
3944 | 0 | "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2", |
3945 | 0 | max_contiguous); |
3946 | 0 | goto fail; |
3947 | 0 | } |
3948 | | |
3949 | 0 | return result; |
3950 | | |
3951 | 0 | fail: |
3952 | 0 | result.channels = 0; |
3953 | 0 | result.bw_config = 0; |
3954 | 0 | return result; |
3955 | 0 | } |
3956 | | |
3957 | | |
3958 | | static struct ieee80211_edmg_config |
3959 | | get_supported_edmg(struct wpa_supplicant *wpa_s, |
3960 | | struct hostapd_freq_params *freq, |
3961 | | struct ieee80211_edmg_config request_edmg) |
3962 | 0 | { |
3963 | 0 | enum hostapd_hw_mode hw_mode; |
3964 | 0 | struct hostapd_hw_modes *mode = NULL; |
3965 | 0 | u8 primary_channel; |
3966 | |
|
3967 | 0 | if (!wpa_s->hw.modes) |
3968 | 0 | goto fail; |
3969 | | |
3970 | 0 | hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel); |
3971 | 0 | if (hw_mode == NUM_HOSTAPD_MODES) |
3972 | 0 | goto fail; |
3973 | | |
3974 | 0 | mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false); |
3975 | 0 | if (!mode) |
3976 | 0 | goto fail; |
3977 | | |
3978 | 0 | return get_edmg_intersection(mode->edmg, request_edmg, primary_channel); |
3979 | | |
3980 | 0 | fail: |
3981 | 0 | request_edmg.channels = 0; |
3982 | 0 | request_edmg.bw_config = 0; |
3983 | 0 | return request_edmg; |
3984 | 0 | } |
3985 | | |
3986 | | |
3987 | | #ifdef CONFIG_MBO |
3988 | | void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s) |
3989 | | { |
3990 | | struct wpa_driver_associate_params params; |
3991 | | u8 *wpa_ie; |
3992 | | |
3993 | | /* |
3994 | | * Update MBO connect params only in case of change of MBO attributes |
3995 | | * when connected, if the AP support MBO. |
3996 | | */ |
3997 | | |
3998 | | if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid || |
3999 | | !wpa_s->current_bss || |
4000 | | !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE)) |
4001 | | return; |
4002 | | |
4003 | | os_memset(¶ms, 0, sizeof(params)); |
4004 | | wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, |
4005 | | wpa_s->current_ssid, ¶ms, NULL); |
4006 | | if (!wpa_ie) |
4007 | | return; |
4008 | | |
4009 | | wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES); |
4010 | | os_free(wpa_ie); |
4011 | | } |
4012 | | #endif /* CONFIG_MBO */ |
4013 | | |
4014 | | |
4015 | | static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) |
4016 | 0 | { |
4017 | 0 | struct wpa_connect_work *cwork = work->ctx; |
4018 | 0 | struct wpa_bss *bss = cwork->bss; |
4019 | 0 | struct wpa_ssid *ssid = cwork->ssid; |
4020 | 0 | struct wpa_supplicant *wpa_s = work->wpa_s; |
4021 | 0 | u8 *wpa_ie; |
4022 | 0 | const u8 *edmg_ie_oper; |
4023 | 0 | int use_crypt, ret, bssid_changed; |
4024 | 0 | unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt; |
4025 | 0 | struct wpa_driver_associate_params params; |
4026 | 0 | u8 psk[PMK_LEN]; |
4027 | 0 | #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL) |
4028 | 0 | int wep_keys_set = 0; |
4029 | 0 | #endif /* CONFIG_WEP || IEEE8021X_EAPOL */ |
4030 | 0 | int assoc_failed = 0; |
4031 | 0 | struct wpa_ssid *old_ssid; |
4032 | 0 | u8 prev_bssid[ETH_ALEN]; |
4033 | | #ifdef CONFIG_HT_OVERRIDES |
4034 | | struct ieee80211_ht_capabilities htcaps; |
4035 | | struct ieee80211_ht_capabilities htcaps_mask; |
4036 | | #endif /* CONFIG_HT_OVERRIDES */ |
4037 | | #ifdef CONFIG_VHT_OVERRIDES |
4038 | | struct ieee80211_vht_capabilities vhtcaps; |
4039 | | struct ieee80211_vht_capabilities vhtcaps_mask; |
4040 | | #endif /* CONFIG_VHT_OVERRIDES */ |
4041 | |
|
4042 | 0 | wpa_s->roam_in_progress = false; |
4043 | 0 | #ifdef CONFIG_WNM |
4044 | 0 | wpa_s->bss_trans_mgmt_in_progress = false; |
4045 | 0 | #endif /* CONFIG_WNM */ |
4046 | |
|
4047 | 0 | if (deinit) { |
4048 | 0 | if (work->started) { |
4049 | 0 | wpa_s->connect_work = NULL; |
4050 | | |
4051 | | /* cancel possible auth. timeout */ |
4052 | 0 | eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, |
4053 | 0 | NULL); |
4054 | 0 | } |
4055 | 0 | wpas_connect_work_free(cwork); |
4056 | 0 | return; |
4057 | 0 | } |
4058 | | |
4059 | 0 | wpa_s->connect_work = work; |
4060 | |
|
4061 | 0 | if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) || |
4062 | 0 | wpas_network_disabled(wpa_s, ssid)) { |
4063 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt"); |
4064 | 0 | wpas_connect_work_done(wpa_s); |
4065 | 0 | return; |
4066 | 0 | } |
4067 | | |
4068 | | /* |
4069 | | * Set the current AP's BSSID (for non-MLO connection) or MLD address |
4070 | | * (for MLO connection) as the previous BSSID for reassociation requests |
4071 | | * handled by SME-in-driver. If wpa_supplicant is in disconnected state, |
4072 | | * prev_bssid will be zero as both wpa_s->valid_links and wpa_s->bssid |
4073 | | * will be zero. |
4074 | | */ |
4075 | 0 | os_memcpy(prev_bssid, |
4076 | 0 | wpa_s->valid_links ? wpa_s->ap_mld_addr : wpa_s->bssid, |
4077 | 0 | ETH_ALEN); |
4078 | 0 | os_memset(¶ms, 0, sizeof(params)); |
4079 | 0 | wpa_s->reassociate = 0; |
4080 | 0 | wpa_s->eap_expected_failure = 0; |
4081 | | |
4082 | | /* Starting new association, so clear the possibly used WPA IE from the |
4083 | | * previous association. */ |
4084 | 0 | wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); |
4085 | 0 | wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); |
4086 | 0 | wpa_s->rsnxe_len = 0; |
4087 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
4088 | 0 | wpa_s->mscs_setup_done = false; |
4089 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
4090 | |
|
4091 | 0 | wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL); |
4092 | 0 | if (!wpa_ie) { |
4093 | 0 | wpas_connect_work_done(wpa_s); |
4094 | 0 | return; |
4095 | 0 | } |
4096 | | |
4097 | 0 | if (bss && |
4098 | 0 | (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) { |
4099 | | #ifdef CONFIG_IEEE80211R |
4100 | | const u8 *ie, *md = NULL; |
4101 | | #endif /* CONFIG_IEEE80211R */ |
4102 | 0 | wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR |
4103 | 0 | " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), |
4104 | 0 | wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); |
4105 | 0 | bssid_changed = !is_zero_ether_addr(wpa_s->bssid); |
4106 | 0 | os_memset(wpa_s->bssid, 0, ETH_ALEN); |
4107 | 0 | os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); |
4108 | 0 | if (bssid_changed) |
4109 | 0 | wpas_notify_bssid_changed(wpa_s); |
4110 | | #ifdef CONFIG_IEEE80211R |
4111 | | ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); |
4112 | | if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) |
4113 | | md = ie + 2; |
4114 | | wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); |
4115 | | if (md) { |
4116 | | /* Prepare for the next transition */ |
4117 | | wpa_ft_prepare_auth_request(wpa_s->wpa, ie); |
4118 | | } |
4119 | | #endif /* CONFIG_IEEE80211R */ |
4120 | | #ifdef CONFIG_WPS |
4121 | | } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && |
4122 | | wpa_s->conf->ap_scan == 2 && |
4123 | | (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { |
4124 | | /* Use ap_scan==1 style network selection to find the network |
4125 | | */ |
4126 | | wpas_connect_work_done(wpa_s); |
4127 | | wpa_s->scan_req = MANUAL_SCAN_REQ; |
4128 | | wpa_s->reassociate = 1; |
4129 | | wpa_supplicant_req_scan(wpa_s, 0, 0); |
4130 | | os_free(wpa_ie); |
4131 | | return; |
4132 | | #endif /* CONFIG_WPS */ |
4133 | 0 | } else { |
4134 | 0 | wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", |
4135 | 0 | wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); |
4136 | 0 | if (bss) |
4137 | 0 | os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); |
4138 | 0 | else |
4139 | 0 | os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); |
4140 | 0 | } |
4141 | 0 | if (!wpa_s->pno) |
4142 | 0 | wpa_supplicant_cancel_sched_scan(wpa_s); |
4143 | |
|
4144 | 0 | wpa_supplicant_cancel_scan(wpa_s); |
4145 | |
|
4146 | 0 | wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); |
4147 | 0 | use_crypt = 1; |
4148 | 0 | cipher_pairwise = wpa_s->pairwise_cipher; |
4149 | 0 | cipher_group = wpa_s->group_cipher; |
4150 | 0 | cipher_group_mgmt = wpa_s->mgmt_group_cipher; |
4151 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || |
4152 | 0 | wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { |
4153 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) |
4154 | 0 | use_crypt = 0; |
4155 | | #ifdef CONFIG_WEP |
4156 | | if (wpa_set_wep_keys(wpa_s, ssid)) { |
4157 | | use_crypt = 1; |
4158 | | wep_keys_set = 1; |
4159 | | } |
4160 | | #endif /* CONFIG_WEP */ |
4161 | 0 | } |
4162 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) |
4163 | 0 | use_crypt = 0; |
4164 | |
|
4165 | 0 | #ifdef IEEE8021X_EAPOL |
4166 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { |
4167 | 0 | if ((ssid->eapol_flags & |
4168 | 0 | (EAPOL_FLAG_REQUIRE_KEY_UNICAST | |
4169 | 0 | EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && |
4170 | 0 | !wep_keys_set) { |
4171 | 0 | use_crypt = 0; |
4172 | 0 | } else { |
4173 | | /* Assume that dynamic WEP-104 keys will be used and |
4174 | | * set cipher suites in order for drivers to expect |
4175 | | * encryption. */ |
4176 | 0 | cipher_pairwise = cipher_group = WPA_CIPHER_WEP104; |
4177 | 0 | } |
4178 | 0 | } |
4179 | 0 | #endif /* IEEE8021X_EAPOL */ |
4180 | |
|
4181 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { |
4182 | | /* Set the key before (and later after) association */ |
4183 | 0 | wpa_supplicant_set_wpa_none_key(wpa_s, ssid); |
4184 | 0 | } |
4185 | | |
4186 | | /* Set current_ssid before changing state to ASSOCIATING, so that the |
4187 | | * selected SSID is available to wpas_notify_state_changed(). */ |
4188 | 0 | old_ssid = wpa_s->current_ssid; |
4189 | 0 | wpa_s->current_ssid = ssid; |
4190 | |
|
4191 | 0 | wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); |
4192 | 0 | if (bss) { |
4193 | 0 | params.ssid = bss->ssid; |
4194 | 0 | params.ssid_len = bss->ssid_len; |
4195 | 0 | if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set || |
4196 | 0 | wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { |
4197 | 0 | wpa_printf(MSG_DEBUG, "Limit connection to BSSID " |
4198 | 0 | MACSTR " freq=%u MHz based on scan results " |
4199 | 0 | "(bssid_set=%d wps=%d)", |
4200 | 0 | MAC2STR(bss->bssid), bss->freq, |
4201 | 0 | ssid->bssid_set, |
4202 | 0 | wpa_s->key_mgmt == WPA_KEY_MGMT_WPS); |
4203 | 0 | params.bssid = bss->bssid; |
4204 | 0 | params.freq.freq = bss->freq; |
4205 | 0 | } |
4206 | 0 | params.bssid_hint = bss->bssid; |
4207 | 0 | params.freq_hint = bss->freq; |
4208 | 0 | params.pbss = bss_is_pbss(bss); |
4209 | 0 | } else { |
4210 | 0 | if (ssid->bssid_hint_set) |
4211 | 0 | params.bssid_hint = ssid->bssid_hint; |
4212 | |
|
4213 | 0 | params.ssid = ssid->ssid; |
4214 | 0 | params.ssid_len = ssid->ssid_len; |
4215 | 0 | params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0; |
4216 | 0 | } |
4217 | |
|
4218 | 0 | if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && |
4219 | 0 | wpa_s->conf->ap_scan == 2) { |
4220 | 0 | params.bssid = ssid->bssid; |
4221 | 0 | params.fixed_bssid = 1; |
4222 | 0 | } |
4223 | | |
4224 | | /* Initial frequency for IBSS/mesh */ |
4225 | 0 | if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) && |
4226 | 0 | ssid->frequency > 0 && params.freq.freq == 0) |
4227 | 0 | ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq); |
4228 | |
|
4229 | 0 | if (ssid->mode == WPAS_MODE_IBSS) { |
4230 | 0 | params.fixed_freq = ssid->fixed_freq; |
4231 | 0 | if (ssid->beacon_int) |
4232 | 0 | params.beacon_int = ssid->beacon_int; |
4233 | 0 | else |
4234 | 0 | params.beacon_int = wpa_s->conf->beacon_int; |
4235 | 0 | } |
4236 | |
|
4237 | 0 | if (bss && ssid->enable_edmg) |
4238 | 0 | edmg_ie_oper = wpa_bss_get_ie_ext(bss, |
4239 | 0 | WLAN_EID_EXT_EDMG_OPERATION); |
4240 | 0 | else |
4241 | 0 | edmg_ie_oper = NULL; |
4242 | |
|
4243 | 0 | if (edmg_ie_oper) { |
4244 | 0 | params.freq.edmg.channels = |
4245 | 0 | wpa_ie_get_edmg_oper_chans(edmg_ie_oper); |
4246 | 0 | params.freq.edmg.bw_config = |
4247 | 0 | wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper); |
4248 | 0 | wpa_printf(MSG_DEBUG, |
4249 | 0 | "AP supports EDMG channels 0x%x, bw_config %d", |
4250 | 0 | params.freq.edmg.channels, |
4251 | 0 | params.freq.edmg.bw_config); |
4252 | | |
4253 | | /* User may ask for specific EDMG channel for EDMG connection |
4254 | | * (must be supported by AP) |
4255 | | */ |
4256 | 0 | if (ssid->edmg_channel) { |
4257 | 0 | struct ieee80211_edmg_config configured_edmg; |
4258 | 0 | enum hostapd_hw_mode hw_mode; |
4259 | 0 | u8 primary_channel; |
4260 | |
|
4261 | 0 | hw_mode = ieee80211_freq_to_chan(bss->freq, |
4262 | 0 | &primary_channel); |
4263 | 0 | if (hw_mode == NUM_HOSTAPD_MODES) |
4264 | 0 | goto edmg_fail; |
4265 | | |
4266 | 0 | hostapd_encode_edmg_chan(ssid->enable_edmg, |
4267 | 0 | ssid->edmg_channel, |
4268 | 0 | primary_channel, |
4269 | 0 | &configured_edmg); |
4270 | |
|
4271 | 0 | if (ieee802_edmg_is_allowed(params.freq.edmg, |
4272 | 0 | configured_edmg)) { |
4273 | 0 | params.freq.edmg = configured_edmg; |
4274 | 0 | wpa_printf(MSG_DEBUG, |
4275 | 0 | "Use EDMG channel %d for connection", |
4276 | 0 | ssid->edmg_channel); |
4277 | 0 | } else { |
4278 | 0 | edmg_fail: |
4279 | 0 | params.freq.edmg.channels = 0; |
4280 | 0 | params.freq.edmg.bw_config = 0; |
4281 | 0 | wpa_printf(MSG_WARNING, |
4282 | 0 | "EDMG channel %d not supported by AP, fallback to DMG", |
4283 | 0 | ssid->edmg_channel); |
4284 | 0 | } |
4285 | 0 | } |
4286 | | |
4287 | 0 | if (params.freq.edmg.channels) { |
4288 | 0 | wpa_printf(MSG_DEBUG, |
4289 | 0 | "EDMG before: channels 0x%x, bw_config %d", |
4290 | 0 | params.freq.edmg.channels, |
4291 | 0 | params.freq.edmg.bw_config); |
4292 | 0 | params.freq.edmg = get_supported_edmg(wpa_s, |
4293 | 0 | ¶ms.freq, |
4294 | 0 | params.freq.edmg); |
4295 | 0 | wpa_printf(MSG_DEBUG, |
4296 | 0 | "EDMG after: channels 0x%x, bw_config %d", |
4297 | 0 | params.freq.edmg.channels, |
4298 | 0 | params.freq.edmg.bw_config); |
4299 | 0 | } |
4300 | 0 | } |
4301 | | |
4302 | 0 | params.pairwise_suite = cipher_pairwise; |
4303 | 0 | params.group_suite = cipher_group; |
4304 | 0 | params.mgmt_group_suite = cipher_group_mgmt; |
4305 | 0 | params.key_mgmt_suite = wpa_s->key_mgmt; |
4306 | 0 | params.allowed_key_mgmts = wpa_s->allowed_key_mgmts; |
4307 | 0 | params.wpa_proto = wpa_s->wpa_proto; |
4308 | 0 | wpa_s->auth_alg = params.auth_alg; |
4309 | 0 | params.mode = ssid->mode; |
4310 | 0 | params.bg_scan_period = ssid->bg_scan_period; |
4311 | | #ifdef CONFIG_WEP |
4312 | | { |
4313 | | int i; |
4314 | | |
4315 | | for (i = 0; i < NUM_WEP_KEYS; i++) { |
4316 | | if (ssid->wep_key_len[i]) |
4317 | | params.wep_key[i] = ssid->wep_key[i]; |
4318 | | params.wep_key_len[i] = ssid->wep_key_len[i]; |
4319 | | } |
4320 | | params.wep_tx_keyidx = ssid->wep_tx_keyidx; |
4321 | | } |
4322 | | #endif /* CONFIG_WEP */ |
4323 | |
|
4324 | 0 | if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && |
4325 | 0 | (params.key_mgmt_suite == WPA_KEY_MGMT_PSK || |
4326 | 0 | params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK || |
4327 | 0 | (params.allowed_key_mgmts & |
4328 | 0 | (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK)))) { |
4329 | 0 | params.passphrase = ssid->passphrase; |
4330 | 0 | if (wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0) |
4331 | 0 | params.psk = psk; |
4332 | 0 | } |
4333 | |
|
4334 | 0 | if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && |
4335 | 0 | (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || |
4336 | 0 | params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || |
4337 | 0 | params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || |
4338 | 0 | params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 || |
4339 | 0 | params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384)) |
4340 | 0 | params.req_handshake_offload = 1; |
4341 | |
|
4342 | 0 | if (wpa_s->conf->key_mgmt_offload) { |
4343 | 0 | if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || |
4344 | 0 | params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || |
4345 | 0 | params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || |
4346 | 0 | params.key_mgmt_suite == |
4347 | 0 | WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 || |
4348 | 0 | params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384) |
4349 | 0 | params.req_key_mgmt_offload = |
4350 | 0 | ssid->proactive_key_caching < 0 ? |
4351 | 0 | wpa_s->conf->okc : ssid->proactive_key_caching; |
4352 | 0 | else |
4353 | 0 | params.req_key_mgmt_offload = 1; |
4354 | |
|
4355 | 0 | if ((wpa_key_mgmt_wpa_psk_no_sae(params.key_mgmt_suite) || |
4356 | 0 | wpa_key_mgmt_wpa_psk_no_sae(params.allowed_key_mgmts)) && |
4357 | 0 | wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0) |
4358 | 0 | params.psk = psk; |
4359 | 0 | } |
4360 | |
|
4361 | 0 | if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA) && |
4362 | 0 | wpa_key_mgmt_sae(params.key_mgmt_suite)) { |
4363 | 0 | params.auth_alg = WPA_AUTH_ALG_SAE; |
4364 | 0 | if (ssid->sae_password) { |
4365 | 0 | params.sae_password = ssid->sae_password; |
4366 | 0 | params.sae_password_id = ssid->sae_password_id; |
4367 | 0 | } else if (ssid->passphrase) { |
4368 | 0 | params.passphrase = ssid->passphrase; |
4369 | 0 | } |
4370 | 0 | } |
4371 | |
|
4372 | 0 | params.drop_unencrypted = use_crypt; |
4373 | |
|
4374 | 0 | params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid); |
4375 | 0 | if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { |
4376 | 0 | const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); |
4377 | 0 | struct wpa_ie_data ie; |
4378 | 0 | if (!wpas_driver_bss_selection(wpa_s) && rsn && |
4379 | 0 | wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && |
4380 | 0 | ie.capabilities & |
4381 | 0 | (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { |
4382 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " |
4383 | 0 | "MFP: require MFP"); |
4384 | 0 | params.mgmt_frame_protection = |
4385 | 0 | MGMT_FRAME_PROTECTION_REQUIRED; |
4386 | | #ifdef CONFIG_OWE |
4387 | | } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) && |
4388 | | !ssid->owe_only) { |
4389 | | params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION; |
4390 | | #endif /* CONFIG_OWE */ |
4391 | 0 | } |
4392 | 0 | } |
4393 | |
|
4394 | 0 | params.p2p = ssid->p2p_group; |
4395 | |
|
4396 | 0 | if (wpa_s->p2pdev->set_sta_uapsd) |
4397 | 0 | params.uapsd = wpa_s->p2pdev->sta_uapsd; |
4398 | 0 | else |
4399 | 0 | params.uapsd = -1; |
4400 | |
|
4401 | | #ifdef CONFIG_HT_OVERRIDES |
4402 | | os_memset(&htcaps, 0, sizeof(htcaps)); |
4403 | | os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); |
4404 | | params.htcaps = (u8 *) &htcaps; |
4405 | | params.htcaps_mask = (u8 *) &htcaps_mask; |
4406 | | wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); |
4407 | | #endif /* CONFIG_HT_OVERRIDES */ |
4408 | | #ifdef CONFIG_VHT_OVERRIDES |
4409 | | os_memset(&vhtcaps, 0, sizeof(vhtcaps)); |
4410 | | os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask)); |
4411 | | params.vhtcaps = &vhtcaps; |
4412 | | params.vhtcaps_mask = &vhtcaps_mask; |
4413 | | wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms); |
4414 | | #endif /* CONFIG_VHT_OVERRIDES */ |
4415 | | #ifdef CONFIG_HE_OVERRIDES |
4416 | | wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms); |
4417 | | #endif /* CONFIG_HE_OVERRIDES */ |
4418 | 0 | wpa_supplicant_apply_eht_overrides(wpa_s, ssid, ¶ms); |
4419 | |
|
4420 | | #ifdef CONFIG_P2P |
4421 | | /* |
4422 | | * If multi-channel concurrency is not supported, check for any |
4423 | | * frequency conflict. In case of any frequency conflict, remove the |
4424 | | * least prioritized connection. |
4425 | | */ |
4426 | | if (wpa_s->num_multichan_concurrent < 2) { |
4427 | | int freq, num; |
4428 | | num = get_shared_radio_freqs(wpa_s, &freq, 1, false); |
4429 | | if (num > 0 && freq > 0 && freq != params.freq.freq) { |
4430 | | wpa_printf(MSG_DEBUG, |
4431 | | "Assoc conflicting freq found (%d != %d)", |
4432 | | freq, params.freq.freq); |
4433 | | if (wpas_p2p_handle_frequency_conflicts( |
4434 | | wpa_s, params.freq.freq, ssid) < 0) { |
4435 | | wpas_connect_work_done(wpa_s); |
4436 | | os_free(wpa_ie); |
4437 | | return; |
4438 | | } |
4439 | | } |
4440 | | } |
4441 | | #endif /* CONFIG_P2P */ |
4442 | |
|
4443 | 0 | if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) && |
4444 | 0 | old_ssid) |
4445 | 0 | params.prev_bssid = prev_bssid; |
4446 | |
|
4447 | | #ifdef CONFIG_SAE |
4448 | | params.sae_pwe = wpa_s->conf->sae_pwe; |
4449 | | #endif /* CONFIG_SAE */ |
4450 | |
|
4451 | 0 | ret = wpa_drv_associate(wpa_s, ¶ms); |
4452 | 0 | forced_memzero(psk, sizeof(psk)); |
4453 | 0 | os_free(wpa_ie); |
4454 | 0 | if (ret < 0) { |
4455 | 0 | wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " |
4456 | 0 | "failed"); |
4457 | 0 | if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) { |
4458 | | /* |
4459 | | * The driver is known to mean what is saying, so we |
4460 | | * can stop right here; the association will not |
4461 | | * succeed. |
4462 | | */ |
4463 | 0 | wpas_connection_failed(wpa_s, wpa_s->pending_bssid, |
4464 | 0 | NULL); |
4465 | 0 | wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); |
4466 | 0 | os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); |
4467 | 0 | return; |
4468 | 0 | } |
4469 | | /* try to continue anyway; new association will be tried again |
4470 | | * after timeout */ |
4471 | 0 | assoc_failed = 1; |
4472 | 0 | } |
4473 | | |
4474 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { |
4475 | | /* Set the key after the association just in case association |
4476 | | * cleared the previously configured key. */ |
4477 | 0 | wpa_supplicant_set_wpa_none_key(wpa_s, ssid); |
4478 | | /* No need to timeout authentication since there is no key |
4479 | | * management. */ |
4480 | 0 | wpa_supplicant_cancel_auth_timeout(wpa_s); |
4481 | 0 | wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); |
4482 | | #ifdef CONFIG_IBSS_RSN |
4483 | | } else if (ssid->mode == WPAS_MODE_IBSS && |
4484 | | wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && |
4485 | | wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { |
4486 | | /* |
4487 | | * RSN IBSS authentication is per-STA and we can disable the |
4488 | | * per-BSSID authentication. |
4489 | | */ |
4490 | | wpa_supplicant_cancel_auth_timeout(wpa_s); |
4491 | | #endif /* CONFIG_IBSS_RSN */ |
4492 | 0 | } else { |
4493 | | /* Timeout for IEEE 802.11 authentication and association */ |
4494 | 0 | int timeout = 60; |
4495 | |
|
4496 | 0 | if (assoc_failed) { |
4497 | | /* give IBSS a bit more time */ |
4498 | 0 | timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; |
4499 | 0 | } else if (wpa_s->conf->ap_scan == 1) { |
4500 | | /* give IBSS a bit more time */ |
4501 | 0 | timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; |
4502 | 0 | } |
4503 | 0 | wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); |
4504 | 0 | } |
4505 | |
|
4506 | | #ifdef CONFIG_WEP |
4507 | | if (wep_keys_set && |
4508 | | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) { |
4509 | | /* Set static WEP keys again */ |
4510 | | wpa_set_wep_keys(wpa_s, ssid); |
4511 | | } |
4512 | | #endif /* CONFIG_WEP */ |
4513 | |
|
4514 | 0 | if (old_ssid && old_ssid != ssid) { |
4515 | | /* |
4516 | | * Do not allow EAP session resumption between different |
4517 | | * network configurations. |
4518 | | */ |
4519 | 0 | eapol_sm_invalidate_cached_session(wpa_s->eapol); |
4520 | 0 | } |
4521 | |
|
4522 | 0 | if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { |
4523 | 0 | wpa_s->current_bss = bss; |
4524 | 0 | #ifdef CONFIG_HS20 |
4525 | 0 | hs20_configure_frame_filters(wpa_s); |
4526 | 0 | #endif /* CONFIG_HS20 */ |
4527 | 0 | } |
4528 | |
|
4529 | 0 | wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); |
4530 | 0 | wpa_supplicant_initiate_eapol(wpa_s); |
4531 | 0 | if (old_ssid != wpa_s->current_ssid) |
4532 | 0 | wpas_notify_network_changed(wpa_s); |
4533 | 0 | if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) |
4534 | 0 | wpas_notify_auth_changed(wpa_s); |
4535 | 0 | } |
4536 | | |
4537 | | |
4538 | | static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, |
4539 | | const u8 *addr) |
4540 | 0 | { |
4541 | 0 | struct wpa_ssid *old_ssid; |
4542 | |
|
4543 | 0 | wpa_s->ml_connect_probe_ssid = NULL; |
4544 | 0 | wpa_s->ml_connect_probe_bss = NULL; |
4545 | 0 | wpas_connect_work_done(wpa_s); |
4546 | 0 | wpa_clear_keys(wpa_s, addr); |
4547 | 0 | old_ssid = wpa_s->current_ssid; |
4548 | 0 | wpa_supplicant_mark_disassoc(wpa_s); |
4549 | 0 | wpa_sm_set_config(wpa_s->wpa, NULL); |
4550 | 0 | eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); |
4551 | 0 | if (old_ssid != wpa_s->current_ssid) |
4552 | 0 | wpas_notify_network_changed(wpa_s); |
4553 | |
|
4554 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
4555 | 0 | wpas_scs_deinit(wpa_s); |
4556 | 0 | wpas_dscp_deinit(wpa_s); |
4557 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
4558 | 0 | eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); |
4559 | 0 | } |
4560 | | |
4561 | | |
4562 | | /** |
4563 | | * wpa_supplicant_deauthenticate - Deauthenticate the current connection |
4564 | | * @wpa_s: Pointer to wpa_supplicant data |
4565 | | * @reason_code: IEEE 802.11 reason code for the deauthenticate frame |
4566 | | * |
4567 | | * This function is used to request %wpa_supplicant to deauthenticate from the |
4568 | | * current AP. |
4569 | | */ |
4570 | | void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, |
4571 | | u16 reason_code) |
4572 | 0 | { |
4573 | 0 | u8 *addr = NULL; |
4574 | 0 | union wpa_event_data event; |
4575 | 0 | int zero_addr = 0; |
4576 | |
|
4577 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR |
4578 | 0 | " pending_bssid=" MACSTR " reason=%d (%s) state=%s", |
4579 | 0 | MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), |
4580 | 0 | reason_code, reason2str(reason_code), |
4581 | 0 | wpa_supplicant_state_txt(wpa_s->wpa_state)); |
4582 | |
|
4583 | 0 | if (!is_zero_ether_addr(wpa_s->pending_bssid) && |
4584 | 0 | (wpa_s->wpa_state == WPA_AUTHENTICATING || |
4585 | 0 | wpa_s->wpa_state == WPA_ASSOCIATING)) |
4586 | 0 | addr = wpa_s->pending_bssid; |
4587 | 0 | else if (!is_zero_ether_addr(wpa_s->bssid)) |
4588 | 0 | addr = wpa_s->bssid; |
4589 | 0 | else if (wpa_s->wpa_state == WPA_ASSOCIATING) { |
4590 | | /* |
4591 | | * When using driver-based BSS selection, we may not know the |
4592 | | * BSSID with which we are currently trying to associate. We |
4593 | | * need to notify the driver of this disconnection even in such |
4594 | | * a case, so use the all zeros address here. |
4595 | | */ |
4596 | 0 | addr = wpa_s->bssid; |
4597 | 0 | zero_addr = 1; |
4598 | 0 | } |
4599 | |
|
4600 | 0 | if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0) |
4601 | 0 | wpa_s->enabled_4addr_mode = 0; |
4602 | |
|
4603 | | #ifdef CONFIG_TDLS |
4604 | | wpa_tdls_teardown_peers(wpa_s->wpa); |
4605 | | #endif /* CONFIG_TDLS */ |
4606 | |
|
4607 | | #ifdef CONFIG_MESH |
4608 | | if (wpa_s->ifmsh) { |
4609 | | struct mesh_conf *mconf; |
4610 | | |
4611 | | mconf = wpa_s->ifmsh->mconf; |
4612 | | wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s", |
4613 | | wpa_s->ifname); |
4614 | | wpas_notify_mesh_group_removed(wpa_s, mconf->meshid, |
4615 | | mconf->meshid_len, reason_code); |
4616 | | wpa_supplicant_leave_mesh(wpa_s, true); |
4617 | | } |
4618 | | #endif /* CONFIG_MESH */ |
4619 | |
|
4620 | 0 | if (addr) { |
4621 | 0 | wpa_drv_deauthenticate(wpa_s, addr, reason_code); |
4622 | 0 | os_memset(&event, 0, sizeof(event)); |
4623 | 0 | event.deauth_info.reason_code = reason_code; |
4624 | 0 | event.deauth_info.locally_generated = 1; |
4625 | 0 | wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event); |
4626 | 0 | if (zero_addr) |
4627 | 0 | addr = NULL; |
4628 | 0 | } |
4629 | |
|
4630 | 0 | wpa_supplicant_clear_connection(wpa_s, addr); |
4631 | 0 | } |
4632 | | |
4633 | | |
4634 | | void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s) |
4635 | 0 | { |
4636 | 0 | wpa_s->own_reconnect_req = 1; |
4637 | 0 | wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED); |
4638 | |
|
4639 | 0 | } |
4640 | | |
4641 | | |
4642 | | static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s, |
4643 | | struct wpa_ssid *ssid) |
4644 | 0 | { |
4645 | 0 | if (!ssid || !ssid->disabled || ssid->disabled == 2) |
4646 | 0 | return; |
4647 | | |
4648 | 0 | ssid->disabled = 0; |
4649 | 0 | ssid->owe_transition_bss_select_count = 0; |
4650 | 0 | wpas_clear_temp_disabled(wpa_s, ssid, 1); |
4651 | 0 | wpas_notify_network_enabled_changed(wpa_s, ssid); |
4652 | | |
4653 | | /* |
4654 | | * Try to reassociate since there is no current configuration and a new |
4655 | | * network was made available. |
4656 | | */ |
4657 | 0 | if (!wpa_s->current_ssid && !wpa_s->disconnected) |
4658 | 0 | wpa_s->reassociate = 1; |
4659 | 0 | } |
4660 | | |
4661 | | |
4662 | | /** |
4663 | | * wpa_supplicant_add_network - Add a new network |
4664 | | * @wpa_s: wpa_supplicant structure for a network interface |
4665 | | * Returns: The new network configuration or %NULL if operation failed |
4666 | | * |
4667 | | * This function performs the following operations: |
4668 | | * 1. Adds a new network. |
4669 | | * 2. Send network addition notification. |
4670 | | * 3. Marks the network disabled. |
4671 | | * 4. Set network default parameters. |
4672 | | */ |
4673 | | struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s) |
4674 | 0 | { |
4675 | 0 | struct wpa_ssid *ssid; |
4676 | |
|
4677 | 0 | ssid = wpa_config_add_network(wpa_s->conf); |
4678 | 0 | if (!ssid) |
4679 | 0 | return NULL; |
4680 | 0 | wpas_notify_network_added(wpa_s, ssid); |
4681 | 0 | ssid->disabled = 1; |
4682 | 0 | wpa_config_set_network_defaults(ssid); |
4683 | |
|
4684 | 0 | return ssid; |
4685 | 0 | } |
4686 | | |
4687 | | |
4688 | | /** |
4689 | | * wpa_supplicant_remove_network - Remove a configured network based on id |
4690 | | * @wpa_s: wpa_supplicant structure for a network interface |
4691 | | * @id: Unique network id to search for |
4692 | | * Returns: 0 on success, or -1 if the network was not found, -2 if the network |
4693 | | * could not be removed |
4694 | | * |
4695 | | * This function performs the following operations: |
4696 | | * 1. Removes the network. |
4697 | | * 2. Send network removal notification. |
4698 | | * 3. Update internal state machines. |
4699 | | * 4. Stop any running sched scans. |
4700 | | */ |
4701 | | int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id) |
4702 | 0 | { |
4703 | 0 | struct wpa_ssid *ssid, *prev = wpa_s->current_ssid; |
4704 | 0 | int was_disabled; |
4705 | |
|
4706 | 0 | ssid = wpa_config_get_network(wpa_s->conf, id); |
4707 | 0 | if (!ssid) |
4708 | 0 | return -1; |
4709 | 0 | wpas_notify_network_removed(wpa_s, ssid); |
4710 | |
|
4711 | 0 | if (ssid == prev || !prev) { |
4712 | | #ifdef CONFIG_SME |
4713 | | wpa_s->sme.prev_bssid_set = 0; |
4714 | | #endif /* CONFIG_SME */ |
4715 | | /* |
4716 | | * Invalidate the EAP session cache if the current or |
4717 | | * previously used network is removed. |
4718 | | */ |
4719 | 0 | eapol_sm_invalidate_cached_session(wpa_s->eapol); |
4720 | 0 | } |
4721 | |
|
4722 | 0 | if (ssid == prev) { |
4723 | 0 | wpa_sm_set_config(wpa_s->wpa, NULL); |
4724 | 0 | eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); |
4725 | |
|
4726 | 0 | if (wpa_s->wpa_state >= WPA_AUTHENTICATING) |
4727 | 0 | wpa_s->own_disconnect_req = 1; |
4728 | 0 | wpa_supplicant_deauthenticate(wpa_s, |
4729 | 0 | WLAN_REASON_DEAUTH_LEAVING); |
4730 | 0 | } |
4731 | |
|
4732 | 0 | was_disabled = ssid->disabled; |
4733 | |
|
4734 | 0 | if (wpa_config_remove_network(wpa_s->conf, id) < 0) |
4735 | 0 | return -2; |
4736 | | |
4737 | 0 | if (!was_disabled && wpa_s->sched_scanning) { |
4738 | 0 | wpa_printf(MSG_DEBUG, |
4739 | 0 | "Stop ongoing sched_scan to remove network from filters"); |
4740 | 0 | wpa_supplicant_cancel_sched_scan(wpa_s); |
4741 | 0 | wpa_supplicant_req_scan(wpa_s, 0, 0); |
4742 | 0 | } |
4743 | |
|
4744 | 0 | return 0; |
4745 | 0 | } |
4746 | | |
4747 | | |
4748 | | /** |
4749 | | * wpa_supplicant_remove_all_networks - Remove all configured networks |
4750 | | * @wpa_s: wpa_supplicant structure for a network interface |
4751 | | * Returns: 0 on success (errors are currently ignored) |
4752 | | * |
4753 | | * This function performs the following operations: |
4754 | | * 1. Remove all networks. |
4755 | | * 2. Send network removal notifications. |
4756 | | * 3. Update internal state machines. |
4757 | | * 4. Stop any running sched scans. |
4758 | | */ |
4759 | | int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s) |
4760 | 0 | { |
4761 | 0 | struct wpa_ssid *ssid; |
4762 | |
|
4763 | 0 | if (wpa_s->drv_flags2 & |
4764 | 0 | (WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA | |
4765 | 0 | WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA)) |
4766 | 0 | wpa_drv_flush_pmkid(wpa_s); |
4767 | |
|
4768 | 0 | if (wpa_s->sched_scanning) |
4769 | 0 | wpa_supplicant_cancel_sched_scan(wpa_s); |
4770 | |
|
4771 | 0 | eapol_sm_invalidate_cached_session(wpa_s->eapol); |
4772 | 0 | if (wpa_s->current_ssid) { |
4773 | | #ifdef CONFIG_SME |
4774 | | wpa_s->sme.prev_bssid_set = 0; |
4775 | | #endif /* CONFIG_SME */ |
4776 | 0 | wpa_sm_set_config(wpa_s->wpa, NULL); |
4777 | 0 | eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); |
4778 | 0 | if (wpa_s->wpa_state >= WPA_AUTHENTICATING) |
4779 | 0 | wpa_s->own_disconnect_req = 1; |
4780 | 0 | wpa_supplicant_deauthenticate( |
4781 | 0 | wpa_s, WLAN_REASON_DEAUTH_LEAVING); |
4782 | 0 | } |
4783 | 0 | ssid = wpa_s->conf->ssid; |
4784 | 0 | while (ssid) { |
4785 | 0 | struct wpa_ssid *remove_ssid = ssid; |
4786 | 0 | int id; |
4787 | |
|
4788 | 0 | id = ssid->id; |
4789 | 0 | ssid = ssid->next; |
4790 | 0 | wpas_notify_network_removed(wpa_s, remove_ssid); |
4791 | 0 | wpa_config_remove_network(wpa_s->conf, id); |
4792 | 0 | } |
4793 | 0 | return 0; |
4794 | 0 | } |
4795 | | |
4796 | | |
4797 | | /** |
4798 | | * wpa_supplicant_enable_network - Mark a configured network as enabled |
4799 | | * @wpa_s: wpa_supplicant structure for a network interface |
4800 | | * @ssid: wpa_ssid structure for a configured network or %NULL |
4801 | | * |
4802 | | * Enables the specified network or all networks if no network specified. |
4803 | | */ |
4804 | | void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, |
4805 | | struct wpa_ssid *ssid) |
4806 | 0 | { |
4807 | 0 | if (ssid == NULL) { |
4808 | 0 | for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) |
4809 | 0 | wpa_supplicant_enable_one_network(wpa_s, ssid); |
4810 | 0 | } else |
4811 | 0 | wpa_supplicant_enable_one_network(wpa_s, ssid); |
4812 | |
|
4813 | 0 | if (wpa_s->reassociate && !wpa_s->disconnected && |
4814 | 0 | (!wpa_s->current_ssid || |
4815 | 0 | wpa_s->wpa_state == WPA_DISCONNECTED || |
4816 | 0 | wpa_s->wpa_state == WPA_SCANNING)) { |
4817 | 0 | if (wpa_s->sched_scanning) { |
4818 | 0 | wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add " |
4819 | 0 | "new network to scan filters"); |
4820 | 0 | wpa_supplicant_cancel_sched_scan(wpa_s); |
4821 | 0 | } |
4822 | |
|
4823 | 0 | if (wpa_supplicant_fast_associate(wpa_s) != 1) { |
4824 | 0 | wpa_s->scan_req = NORMAL_SCAN_REQ; |
4825 | 0 | wpa_supplicant_req_scan(wpa_s, 0, 0); |
4826 | 0 | } |
4827 | 0 | } |
4828 | 0 | } |
4829 | | |
4830 | | |
4831 | | /** |
4832 | | * wpa_supplicant_disable_network - Mark a configured network as disabled |
4833 | | * @wpa_s: wpa_supplicant structure for a network interface |
4834 | | * @ssid: wpa_ssid structure for a configured network or %NULL |
4835 | | * |
4836 | | * Disables the specified network or all networks if no network specified. |
4837 | | */ |
4838 | | void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, |
4839 | | struct wpa_ssid *ssid) |
4840 | 0 | { |
4841 | 0 | struct wpa_ssid *other_ssid; |
4842 | 0 | int was_disabled; |
4843 | |
|
4844 | 0 | if (ssid == NULL) { |
4845 | 0 | if (wpa_s->sched_scanning) |
4846 | 0 | wpa_supplicant_cancel_sched_scan(wpa_s); |
4847 | |
|
4848 | 0 | for (other_ssid = wpa_s->conf->ssid; other_ssid; |
4849 | 0 | other_ssid = other_ssid->next) { |
4850 | 0 | was_disabled = other_ssid->disabled; |
4851 | 0 | if (was_disabled == 2) |
4852 | 0 | continue; /* do not change persistent P2P group |
4853 | | * data */ |
4854 | | |
4855 | 0 | other_ssid->disabled = 1; |
4856 | |
|
4857 | 0 | if (was_disabled != other_ssid->disabled) |
4858 | 0 | wpas_notify_network_enabled_changed( |
4859 | 0 | wpa_s, other_ssid); |
4860 | 0 | } |
4861 | 0 | if (wpa_s->current_ssid) { |
4862 | 0 | if (wpa_s->wpa_state >= WPA_AUTHENTICATING) |
4863 | 0 | wpa_s->own_disconnect_req = 1; |
4864 | 0 | wpa_supplicant_deauthenticate( |
4865 | 0 | wpa_s, WLAN_REASON_DEAUTH_LEAVING); |
4866 | 0 | } |
4867 | 0 | } else if (ssid->disabled != 2) { |
4868 | 0 | if (ssid == wpa_s->current_ssid) { |
4869 | 0 | if (wpa_s->wpa_state >= WPA_AUTHENTICATING) |
4870 | 0 | wpa_s->own_disconnect_req = 1; |
4871 | 0 | wpa_supplicant_deauthenticate( |
4872 | 0 | wpa_s, WLAN_REASON_DEAUTH_LEAVING); |
4873 | 0 | } |
4874 | |
|
4875 | 0 | was_disabled = ssid->disabled; |
4876 | |
|
4877 | 0 | ssid->disabled = 1; |
4878 | |
|
4879 | 0 | if (was_disabled != ssid->disabled) { |
4880 | 0 | wpas_notify_network_enabled_changed(wpa_s, ssid); |
4881 | 0 | if (wpa_s->sched_scanning) { |
4882 | 0 | wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan " |
4883 | 0 | "to remove network from filters"); |
4884 | 0 | wpa_supplicant_cancel_sched_scan(wpa_s); |
4885 | 0 | wpa_supplicant_req_scan(wpa_s, 0, 0); |
4886 | 0 | } |
4887 | 0 | } |
4888 | 0 | } |
4889 | 0 | } |
4890 | | |
4891 | | |
4892 | | /** |
4893 | | * wpa_supplicant_select_network - Attempt association with a network |
4894 | | * @wpa_s: wpa_supplicant structure for a network interface |
4895 | | * @ssid: wpa_ssid structure for a configured network or %NULL for any network |
4896 | | */ |
4897 | | void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, |
4898 | | struct wpa_ssid *ssid) |
4899 | 0 | { |
4900 | |
|
4901 | 0 | struct wpa_ssid *other_ssid; |
4902 | 0 | int disconnected = 0; |
4903 | |
|
4904 | 0 | if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { |
4905 | 0 | if (wpa_s->wpa_state >= WPA_AUTHENTICATING) |
4906 | 0 | wpa_s->own_disconnect_req = 1; |
4907 | 0 | wpa_supplicant_deauthenticate( |
4908 | 0 | wpa_s, WLAN_REASON_DEAUTH_LEAVING); |
4909 | 0 | disconnected = 1; |
4910 | 0 | } |
4911 | |
|
4912 | 0 | if (ssid) |
4913 | 0 | wpas_clear_temp_disabled(wpa_s, ssid, 1); |
4914 | | |
4915 | | /* |
4916 | | * Mark all other networks disabled or mark all networks enabled if no |
4917 | | * network specified. |
4918 | | */ |
4919 | 0 | for (other_ssid = wpa_s->conf->ssid; other_ssid; |
4920 | 0 | other_ssid = other_ssid->next) { |
4921 | 0 | int was_disabled = other_ssid->disabled; |
4922 | 0 | if (was_disabled == 2) |
4923 | 0 | continue; /* do not change persistent P2P group data */ |
4924 | | |
4925 | 0 | other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; |
4926 | 0 | if (was_disabled && !other_ssid->disabled) |
4927 | 0 | wpas_clear_temp_disabled(wpa_s, other_ssid, 0); |
4928 | |
|
4929 | 0 | if (was_disabled != other_ssid->disabled) |
4930 | 0 | wpas_notify_network_enabled_changed(wpa_s, other_ssid); |
4931 | 0 | } |
4932 | |
|
4933 | 0 | if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid && |
4934 | 0 | wpa_s->wpa_state >= WPA_AUTHENTICATING) { |
4935 | | /* We are already associated with the selected network */ |
4936 | 0 | wpa_printf(MSG_DEBUG, "Already associated with the " |
4937 | 0 | "selected network - do nothing"); |
4938 | 0 | return; |
4939 | 0 | } |
4940 | | |
4941 | 0 | if (ssid) { |
4942 | 0 | wpa_s->current_ssid = ssid; |
4943 | 0 | eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); |
4944 | 0 | wpa_s->connect_without_scan = |
4945 | 0 | (ssid->mode == WPAS_MODE_MESH || |
4946 | 0 | ssid->mode == WPAS_MODE_AP) ? ssid : NULL; |
4947 | | |
4948 | | /* |
4949 | | * Don't optimize next scan freqs since a new ESS has been |
4950 | | * selected. |
4951 | | */ |
4952 | 0 | os_free(wpa_s->next_scan_freqs); |
4953 | 0 | wpa_s->next_scan_freqs = NULL; |
4954 | 0 | } else { |
4955 | 0 | wpa_s->connect_without_scan = NULL; |
4956 | 0 | } |
4957 | |
|
4958 | 0 | wpa_s->disconnected = 0; |
4959 | 0 | wpa_s->reassociate = 1; |
4960 | 0 | wpa_s_clear_sae_rejected(wpa_s); |
4961 | 0 | wpa_s->last_owe_group = 0; |
4962 | 0 | if (ssid) { |
4963 | 0 | ssid->owe_transition_bss_select_count = 0; |
4964 | 0 | wpa_s_setup_sae_pt(wpa_s->conf, ssid, false); |
4965 | 0 | } |
4966 | |
|
4967 | 0 | if (wpa_s->connect_without_scan || |
4968 | 0 | wpa_supplicant_fast_associate(wpa_s) != 1) { |
4969 | 0 | wpa_s->scan_req = NORMAL_SCAN_REQ; |
4970 | 0 | wpas_scan_reset_sched_scan(wpa_s); |
4971 | 0 | wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); |
4972 | 0 | } |
4973 | |
|
4974 | 0 | if (ssid) |
4975 | 0 | wpas_notify_network_selected(wpa_s, ssid); |
4976 | 0 | } |
4977 | | |
4978 | | |
4979 | | /** |
4980 | | * wpas_remove_cred - Remove the specified credential and all the network |
4981 | | * entries created based on the removed credential |
4982 | | * @wpa_s: wpa_supplicant structure for a network interface |
4983 | | * @cred: The credential to remove |
4984 | | * Returns: 0 on success, -1 on failure |
4985 | | */ |
4986 | | int wpas_remove_cred(struct wpa_supplicant *wpa_s, struct wpa_cred *cred) |
4987 | 0 | { |
4988 | 0 | struct wpa_ssid *ssid, *next; |
4989 | 0 | int id; |
4990 | |
|
4991 | 0 | if (!cred) { |
4992 | 0 | wpa_printf(MSG_DEBUG, "Could not find cred"); |
4993 | 0 | return -1; |
4994 | 0 | } |
4995 | | |
4996 | 0 | id = cred->id; |
4997 | 0 | if (wpa_config_remove_cred(wpa_s->conf, id) < 0) { |
4998 | 0 | wpa_printf(MSG_DEBUG, "Could not find cred %d", id); |
4999 | 0 | return -1; |
5000 | 0 | } |
5001 | | |
5002 | 0 | wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id); |
5003 | | |
5004 | | /* Remove any network entry created based on the removed credential */ |
5005 | 0 | ssid = wpa_s->conf->ssid; |
5006 | 0 | while (ssid) { |
5007 | 0 | next = ssid->next; |
5008 | |
|
5009 | 0 | if (ssid->parent_cred == cred) { |
5010 | 0 | wpa_printf(MSG_DEBUG, |
5011 | 0 | "Remove network id %d since it used the removed credential", |
5012 | 0 | ssid->id); |
5013 | 0 | if (wpa_supplicant_remove_network(wpa_s, ssid->id) == |
5014 | 0 | -1) { |
5015 | 0 | wpa_printf(MSG_DEBUG, |
5016 | 0 | "Could not find network id=%d", |
5017 | 0 | ssid->id); |
5018 | 0 | } |
5019 | 0 | } |
5020 | |
|
5021 | 0 | ssid = next; |
5022 | 0 | } |
5023 | |
|
5024 | 0 | return 0; |
5025 | 0 | } |
5026 | | |
5027 | | |
5028 | | /** |
5029 | | * wpas_remove_cred - Remove all the Interworking credentials |
5030 | | * @wpa_s: wpa_supplicant structure for a network interface |
5031 | | * Returns: 0 on success, -1 on failure |
5032 | | */ |
5033 | | int wpas_remove_all_creds(struct wpa_supplicant *wpa_s) |
5034 | 0 | { |
5035 | 0 | int res, ret = 0; |
5036 | 0 | struct wpa_cred *cred, *prev; |
5037 | |
|
5038 | 0 | cred = wpa_s->conf->cred; |
5039 | 0 | while (cred) { |
5040 | 0 | prev = cred; |
5041 | 0 | cred = cred->next; |
5042 | 0 | res = wpas_remove_cred(wpa_s, prev); |
5043 | 0 | if (res < 0) { |
5044 | 0 | wpa_printf(MSG_DEBUG, |
5045 | 0 | "Removal of all credentials failed - failed to remove credential id=%d", |
5046 | 0 | prev->id); |
5047 | 0 | ret = -1; |
5048 | 0 | } |
5049 | 0 | } |
5050 | |
|
5051 | 0 | return ret; |
5052 | 0 | } |
5053 | | |
5054 | | |
5055 | | /** |
5056 | | * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path |
5057 | | * @wpa_s: wpa_supplicant structure for a network interface |
5058 | | * @pkcs11_engine_path: PKCS #11 engine path or NULL |
5059 | | * @pkcs11_module_path: PKCS #11 module path or NULL |
5060 | | * Returns: 0 on success; -1 on failure |
5061 | | * |
5062 | | * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid |
5063 | | * path. If resetting the EAPOL state machine with the new PKCS #11 engine and |
5064 | | * module path fails the paths will be reset to the default value (NULL). |
5065 | | */ |
5066 | | int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s, |
5067 | | const char *pkcs11_engine_path, |
5068 | | const char *pkcs11_module_path) |
5069 | 0 | { |
5070 | 0 | char *pkcs11_engine_path_copy = NULL; |
5071 | 0 | char *pkcs11_module_path_copy = NULL; |
5072 | |
|
5073 | 0 | if (pkcs11_engine_path != NULL) { |
5074 | 0 | pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path); |
5075 | 0 | if (pkcs11_engine_path_copy == NULL) |
5076 | 0 | return -1; |
5077 | 0 | } |
5078 | 0 | if (pkcs11_module_path != NULL) { |
5079 | 0 | pkcs11_module_path_copy = os_strdup(pkcs11_module_path); |
5080 | 0 | if (pkcs11_module_path_copy == NULL) { |
5081 | 0 | os_free(pkcs11_engine_path_copy); |
5082 | 0 | return -1; |
5083 | 0 | } |
5084 | 0 | } |
5085 | | |
5086 | 0 | #ifndef CONFIG_PKCS11_ENGINE_PATH |
5087 | 0 | os_free(wpa_s->conf->pkcs11_engine_path); |
5088 | 0 | wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy; |
5089 | 0 | #endif /* CONFIG_PKCS11_ENGINE_PATH */ |
5090 | 0 | #ifndef CONFIG_PKCS11_MODULE_PATH |
5091 | 0 | os_free(wpa_s->conf->pkcs11_module_path); |
5092 | 0 | wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy; |
5093 | 0 | #endif /* CONFIG_PKCS11_MODULE_PATH */ |
5094 | |
|
5095 | 0 | wpa_sm_set_eapol(wpa_s->wpa, NULL); |
5096 | 0 | eapol_sm_deinit(wpa_s->eapol); |
5097 | 0 | wpa_s->eapol = NULL; |
5098 | 0 | if (wpa_supplicant_init_eapol(wpa_s)) { |
5099 | | /* Error -> Reset paths to the default value (NULL) once. */ |
5100 | 0 | if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL) |
5101 | 0 | wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL, |
5102 | 0 | NULL); |
5103 | |
|
5104 | 0 | return -1; |
5105 | 0 | } |
5106 | 0 | wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); |
5107 | |
|
5108 | 0 | return 0; |
5109 | 0 | } |
5110 | | |
5111 | | |
5112 | | /** |
5113 | | * wpa_supplicant_set_ap_scan - Set AP scan mode for interface |
5114 | | * @wpa_s: wpa_supplicant structure for a network interface |
5115 | | * @ap_scan: AP scan mode |
5116 | | * Returns: 0 if succeed or -1 if ap_scan has an invalid value |
5117 | | * |
5118 | | */ |
5119 | | int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) |
5120 | 0 | { |
5121 | |
|
5122 | 0 | int old_ap_scan; |
5123 | |
|
5124 | 0 | if (ap_scan < 0 || ap_scan > 2) |
5125 | 0 | return -1; |
5126 | | |
5127 | 0 | if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) { |
5128 | 0 | wpa_printf(MSG_INFO, |
5129 | 0 | "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); |
5130 | 0 | } |
5131 | |
|
5132 | | #ifdef ANDROID |
5133 | | if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && |
5134 | | wpa_s->wpa_state >= WPA_ASSOCIATING && |
5135 | | wpa_s->wpa_state < WPA_COMPLETED) { |
5136 | | wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " |
5137 | | "associating", wpa_s->conf->ap_scan, ap_scan); |
5138 | | return 0; |
5139 | | } |
5140 | | #endif /* ANDROID */ |
5141 | |
|
5142 | 0 | old_ap_scan = wpa_s->conf->ap_scan; |
5143 | 0 | wpa_s->conf->ap_scan = ap_scan; |
5144 | |
|
5145 | 0 | if (old_ap_scan != wpa_s->conf->ap_scan) |
5146 | 0 | wpas_notify_ap_scan_changed(wpa_s); |
5147 | |
|
5148 | 0 | return 0; |
5149 | 0 | } |
5150 | | |
5151 | | |
5152 | | /** |
5153 | | * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age |
5154 | | * @wpa_s: wpa_supplicant structure for a network interface |
5155 | | * @expire_age: Expiration age in seconds |
5156 | | * Returns: 0 if succeed or -1 if expire_age has an invalid value |
5157 | | * |
5158 | | */ |
5159 | | int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, |
5160 | | unsigned int bss_expire_age) |
5161 | 0 | { |
5162 | 0 | if (bss_expire_age < 10) { |
5163 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", |
5164 | 0 | bss_expire_age); |
5165 | 0 | return -1; |
5166 | 0 | } |
5167 | 0 | wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", |
5168 | 0 | bss_expire_age); |
5169 | 0 | wpa_s->conf->bss_expiration_age = bss_expire_age; |
5170 | |
|
5171 | 0 | return 0; |
5172 | 0 | } |
5173 | | |
5174 | | |
5175 | | /** |
5176 | | * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count |
5177 | | * @wpa_s: wpa_supplicant structure for a network interface |
5178 | | * @expire_count: number of scans after which an unseen BSS is reclaimed |
5179 | | * Returns: 0 if succeed or -1 if expire_count has an invalid value |
5180 | | * |
5181 | | */ |
5182 | | int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, |
5183 | | unsigned int bss_expire_count) |
5184 | 0 | { |
5185 | 0 | if (bss_expire_count < 1) { |
5186 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", |
5187 | 0 | bss_expire_count); |
5188 | 0 | return -1; |
5189 | 0 | } |
5190 | 0 | wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", |
5191 | 0 | bss_expire_count); |
5192 | 0 | wpa_s->conf->bss_expiration_scan_count = bss_expire_count; |
5193 | |
|
5194 | 0 | return 0; |
5195 | 0 | } |
5196 | | |
5197 | | |
5198 | | /** |
5199 | | * wpa_supplicant_set_scan_interval - Set scan interval |
5200 | | * @wpa_s: wpa_supplicant structure for a network interface |
5201 | | * @scan_interval: scan interval in seconds |
5202 | | * Returns: 0 if succeed or -1 if scan_interval has an invalid value |
5203 | | * |
5204 | | */ |
5205 | | int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s, |
5206 | | int scan_interval) |
5207 | 0 | { |
5208 | 0 | if (scan_interval < 0) { |
5209 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d", |
5210 | 0 | scan_interval); |
5211 | 0 | return -1; |
5212 | 0 | } |
5213 | 0 | wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec", |
5214 | 0 | scan_interval); |
5215 | 0 | wpa_supplicant_update_scan_int(wpa_s, scan_interval); |
5216 | |
|
5217 | 0 | return 0; |
5218 | 0 | } |
5219 | | |
5220 | | |
5221 | | /** |
5222 | | * wpa_supplicant_set_debug_params - Set global debug params |
5223 | | * @global: wpa_global structure |
5224 | | * @debug_level: debug level |
5225 | | * @debug_timestamp: determines if show timestamp in debug data |
5226 | | * @debug_show_keys: determines if show keys in debug data |
5227 | | * Returns: 0 if succeed or -1 if debug_level has wrong value |
5228 | | */ |
5229 | | int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, |
5230 | | int debug_timestamp, int debug_show_keys) |
5231 | 0 | { |
5232 | |
|
5233 | 0 | int old_level, old_timestamp, old_show_keys; |
5234 | | |
5235 | | /* check for allowed debuglevels */ |
5236 | 0 | if (debug_level != MSG_EXCESSIVE && |
5237 | 0 | debug_level != MSG_MSGDUMP && |
5238 | 0 | debug_level != MSG_DEBUG && |
5239 | 0 | debug_level != MSG_INFO && |
5240 | 0 | debug_level != MSG_WARNING && |
5241 | 0 | debug_level != MSG_ERROR) |
5242 | 0 | return -1; |
5243 | | |
5244 | 0 | old_level = wpa_debug_level; |
5245 | 0 | old_timestamp = wpa_debug_timestamp; |
5246 | 0 | old_show_keys = wpa_debug_show_keys; |
5247 | |
|
5248 | 0 | wpa_debug_level = debug_level; |
5249 | 0 | wpa_debug_timestamp = debug_timestamp ? 1 : 0; |
5250 | 0 | wpa_debug_show_keys = debug_show_keys ? 1 : 0; |
5251 | |
|
5252 | 0 | if (wpa_debug_level != old_level) |
5253 | 0 | wpas_notify_debug_level_changed(global); |
5254 | 0 | if (wpa_debug_timestamp != old_timestamp) |
5255 | 0 | wpas_notify_debug_timestamp_changed(global); |
5256 | 0 | if (wpa_debug_show_keys != old_show_keys) |
5257 | 0 | wpas_notify_debug_show_keys_changed(global); |
5258 | |
|
5259 | 0 | return 0; |
5260 | 0 | } |
5261 | | |
5262 | | |
5263 | | #ifdef CONFIG_OWE |
5264 | | static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid, |
5265 | | const u8 *entry_ssid, size_t entry_ssid_len) |
5266 | | { |
5267 | | const u8 *owe, *pos, *end; |
5268 | | u8 ssid_len; |
5269 | | struct wpa_bss *bss; |
5270 | | |
5271 | | /* Check network profile SSID aganst the SSID in the |
5272 | | * OWE Transition Mode element. */ |
5273 | | |
5274 | | bss = wpa_bss_get_bssid_latest(wpa_s, bssid); |
5275 | | if (!bss) |
5276 | | return 0; |
5277 | | |
5278 | | owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); |
5279 | | if (!owe) |
5280 | | return 0; |
5281 | | |
5282 | | pos = owe + 6; |
5283 | | end = owe + 2 + owe[1]; |
5284 | | |
5285 | | if (end - pos < ETH_ALEN + 1) |
5286 | | return 0; |
5287 | | pos += ETH_ALEN; |
5288 | | ssid_len = *pos++; |
5289 | | if (end - pos < ssid_len || ssid_len > SSID_MAX_LEN) |
5290 | | return 0; |
5291 | | |
5292 | | return entry_ssid_len == ssid_len && |
5293 | | os_memcmp(pos, entry_ssid, ssid_len) == 0; |
5294 | | } |
5295 | | #endif /* CONFIG_OWE */ |
5296 | | |
5297 | | |
5298 | | /** |
5299 | | * wpa_supplicant_get_ssid - Get a pointer to the current network structure |
5300 | | * @wpa_s: Pointer to wpa_supplicant data |
5301 | | * Returns: A pointer to the current network structure or %NULL on failure |
5302 | | */ |
5303 | | struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) |
5304 | 0 | { |
5305 | 0 | struct wpa_ssid *entry; |
5306 | 0 | u8 ssid[SSID_MAX_LEN]; |
5307 | 0 | int res; |
5308 | 0 | size_t ssid_len; |
5309 | 0 | u8 bssid[ETH_ALEN]; |
5310 | 0 | int wired; |
5311 | |
|
5312 | 0 | res = wpa_drv_get_ssid(wpa_s, ssid); |
5313 | 0 | if (res < 0) { |
5314 | 0 | wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " |
5315 | 0 | "driver"); |
5316 | 0 | return NULL; |
5317 | 0 | } |
5318 | 0 | ssid_len = res; |
5319 | |
|
5320 | 0 | if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { |
5321 | 0 | wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " |
5322 | 0 | "driver"); |
5323 | 0 | return NULL; |
5324 | 0 | } |
5325 | | |
5326 | 0 | wired = wpa_s->conf->ap_scan == 0 && |
5327 | 0 | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); |
5328 | |
|
5329 | 0 | entry = wpa_s->conf->ssid; |
5330 | 0 | while (entry) { |
5331 | 0 | if (!wpas_network_disabled(wpa_s, entry) && |
5332 | 0 | ((ssid_len == entry->ssid_len && |
5333 | 0 | (!entry->ssid || |
5334 | 0 | os_memcmp(ssid, entry->ssid, ssid_len) == 0)) || |
5335 | 0 | wired) && |
5336 | 0 | (!entry->bssid_set || |
5337 | 0 | ether_addr_equal(bssid, entry->bssid))) |
5338 | 0 | return entry; |
5339 | | #ifdef CONFIG_WPS |
5340 | | if (!wpas_network_disabled(wpa_s, entry) && |
5341 | | (entry->key_mgmt & WPA_KEY_MGMT_WPS) && |
5342 | | (entry->ssid == NULL || entry->ssid_len == 0) && |
5343 | | (!entry->bssid_set || |
5344 | | ether_addr_equal(bssid, entry->bssid))) |
5345 | | return entry; |
5346 | | #endif /* CONFIG_WPS */ |
5347 | | |
5348 | | #ifdef CONFIG_OWE |
5349 | | if (!wpas_network_disabled(wpa_s, entry) && |
5350 | | (entry->ssid && |
5351 | | owe_trans_ssid_match(wpa_s, bssid, entry->ssid, |
5352 | | entry->ssid_len)) && |
5353 | | (!entry->bssid_set || |
5354 | | ether_addr_equal(bssid, entry->bssid))) |
5355 | | return entry; |
5356 | | #endif /* CONFIG_OWE */ |
5357 | | |
5358 | 0 | if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && |
5359 | 0 | entry->ssid_len == 0 && |
5360 | 0 | ether_addr_equal(bssid, entry->bssid)) |
5361 | 0 | return entry; |
5362 | | |
5363 | 0 | entry = entry->next; |
5364 | 0 | } |
5365 | | |
5366 | 0 | return NULL; |
5367 | 0 | } |
5368 | | |
5369 | | |
5370 | | static int select_driver(struct wpa_supplicant *wpa_s, int i) |
5371 | 0 | { |
5372 | 0 | struct wpa_global *global = wpa_s->global; |
5373 | |
|
5374 | 0 | if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { |
5375 | 0 | global->drv_priv[i] = wpa_drivers[i]->global_init(global); |
5376 | 0 | if (global->drv_priv[i] == NULL) { |
5377 | 0 | wpa_printf(MSG_ERROR, "Failed to initialize driver " |
5378 | 0 | "'%s'", wpa_drivers[i]->name); |
5379 | 0 | return -1; |
5380 | 0 | } |
5381 | 0 | } |
5382 | | |
5383 | 0 | wpa_s->driver = wpa_drivers[i]; |
5384 | 0 | wpa_s->global_drv_priv = global->drv_priv[i]; |
5385 | |
|
5386 | 0 | return 0; |
5387 | 0 | } |
5388 | | |
5389 | | |
5390 | | static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, |
5391 | | const char *name) |
5392 | 0 | { |
5393 | 0 | int i; |
5394 | 0 | size_t len; |
5395 | 0 | const char *pos, *driver = name; |
5396 | |
|
5397 | 0 | if (wpa_s == NULL) |
5398 | 0 | return -1; |
5399 | | |
5400 | 0 | if (wpa_drivers[0] == NULL) { |
5401 | 0 | wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " |
5402 | 0 | "wpa_supplicant"); |
5403 | 0 | return -1; |
5404 | 0 | } |
5405 | | |
5406 | 0 | if (name == NULL) { |
5407 | | /* Default to first successful driver in the list */ |
5408 | 0 | for (i = 0; wpa_drivers[i]; i++) { |
5409 | 0 | if (select_driver(wpa_s, i) == 0) |
5410 | 0 | return 0; |
5411 | 0 | } |
5412 | | /* Drivers have each reported failure, so no wpa_msg() here. */ |
5413 | 0 | return -1; |
5414 | 0 | } |
5415 | | |
5416 | 0 | do { |
5417 | 0 | pos = os_strchr(driver, ','); |
5418 | 0 | if (pos) |
5419 | 0 | len = pos - driver; |
5420 | 0 | else |
5421 | 0 | len = os_strlen(driver); |
5422 | |
|
5423 | 0 | for (i = 0; wpa_drivers[i]; i++) { |
5424 | 0 | if (os_strlen(wpa_drivers[i]->name) == len && |
5425 | 0 | os_strncmp(driver, wpa_drivers[i]->name, len) == |
5426 | 0 | 0) { |
5427 | | /* First driver that succeeds wins */ |
5428 | 0 | if (select_driver(wpa_s, i) == 0) |
5429 | 0 | return 0; |
5430 | 0 | } |
5431 | 0 | } |
5432 | | |
5433 | 0 | driver = pos + 1; |
5434 | 0 | } while (pos); |
5435 | | |
5436 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); |
5437 | 0 | return -1; |
5438 | 0 | } |
5439 | | |
5440 | | |
5441 | | /** |
5442 | | * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant |
5443 | | * @ctx: Context pointer (wpa_s); this is the ctx variable registered |
5444 | | * with struct wpa_driver_ops::init() |
5445 | | * @src_addr: Source address of the EAPOL frame |
5446 | | * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) |
5447 | | * @len: Length of the EAPOL data |
5448 | | * @encrypted: Whether the frame was encrypted |
5449 | | * |
5450 | | * This function is called for each received EAPOL frame. Most driver |
5451 | | * interfaces rely on more generic OS mechanism for receiving frames through |
5452 | | * l2_packet, but if such a mechanism is not available, the driver wrapper may |
5453 | | * take care of received EAPOL frames and deliver them to the core supplicant |
5454 | | * code by calling this function. |
5455 | | */ |
5456 | | void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, |
5457 | | const u8 *buf, size_t len, |
5458 | | enum frame_encryption encrypted) |
5459 | 0 | { |
5460 | 0 | struct wpa_supplicant *wpa_s = ctx; |
5461 | 0 | const u8 *connected_addr = wpa_s->valid_links ? |
5462 | 0 | wpa_s->ap_mld_addr : wpa_s->bssid; |
5463 | |
|
5464 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " (encrypted=%d)", |
5465 | 0 | MAC2STR(src_addr), encrypted); |
5466 | 0 | wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); |
5467 | |
|
5468 | 0 | if (wpa_s->own_disconnect_req) { |
5469 | 0 | wpa_printf(MSG_DEBUG, |
5470 | 0 | "Drop received EAPOL frame as we are disconnecting"); |
5471 | 0 | return; |
5472 | 0 | } |
5473 | | |
5474 | | #ifdef CONFIG_TESTING_OPTIONS |
5475 | | wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu", |
5476 | | MAC2STR(src_addr), len); |
5477 | | if (wpa_s->ignore_auth_resp) { |
5478 | | wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!"); |
5479 | | return; |
5480 | | } |
5481 | | #endif /* CONFIG_TESTING_OPTIONS */ |
5482 | | |
5483 | 0 | if (wpa_s->wpa_state < WPA_ASSOCIATED || |
5484 | 0 | (wpa_s->last_eapol_matches_bssid && |
5485 | | #ifdef CONFIG_AP |
5486 | | !wpa_s->ap_iface && |
5487 | | #endif /* CONFIG_AP */ |
5488 | 0 | !ether_addr_equal(src_addr, connected_addr))) { |
5489 | | /* |
5490 | | * There is possible race condition between receiving the |
5491 | | * association event and the EAPOL frame since they are coming |
5492 | | * through different paths from the driver. In order to avoid |
5493 | | * issues in trying to process the EAPOL frame before receiving |
5494 | | * association information, lets queue it for processing until |
5495 | | * the association event is received. This may also be needed in |
5496 | | * driver-based roaming case, so also use src_addr != BSSID as a |
5497 | | * trigger if we have previously confirmed that the |
5498 | | * Authenticator uses BSSID as the src_addr (which is not the |
5499 | | * case with wired IEEE 802.1X). |
5500 | | */ |
5501 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
5502 | 0 | "Not associated - Delay processing of received EAPOL frame (state=%s connected_addr=" |
5503 | 0 | MACSTR ")", |
5504 | 0 | wpa_supplicant_state_txt(wpa_s->wpa_state), |
5505 | 0 | MAC2STR(connected_addr)); |
5506 | 0 | wpabuf_free(wpa_s->pending_eapol_rx); |
5507 | 0 | wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); |
5508 | 0 | if (wpa_s->pending_eapol_rx) { |
5509 | 0 | os_get_reltime(&wpa_s->pending_eapol_rx_time); |
5510 | 0 | os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, |
5511 | 0 | ETH_ALEN); |
5512 | 0 | wpa_s->pending_eapol_encrypted = encrypted; |
5513 | 0 | } |
5514 | 0 | return; |
5515 | 0 | } |
5516 | | |
5517 | 0 | wpa_s->last_eapol_matches_bssid = |
5518 | 0 | ether_addr_equal(src_addr, connected_addr); |
5519 | |
|
5520 | | #ifdef CONFIG_AP |
5521 | | if (wpa_s->ap_iface) { |
5522 | | wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len, |
5523 | | encrypted); |
5524 | | return; |
5525 | | } |
5526 | | #endif /* CONFIG_AP */ |
5527 | |
|
5528 | 0 | if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { |
5529 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " |
5530 | 0 | "no key management is configured"); |
5531 | 0 | return; |
5532 | 0 | } |
5533 | | |
5534 | 0 | if (wpa_s->eapol_received == 0 && |
5535 | 0 | (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) || |
5536 | 0 | !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || |
5537 | 0 | wpa_s->wpa_state != WPA_COMPLETED) && |
5538 | 0 | (wpa_s->current_ssid == NULL || |
5539 | 0 | wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) { |
5540 | | /* Timeout for completing IEEE 802.1X and WPA authentication */ |
5541 | 0 | int timeout = 10; |
5542 | |
|
5543 | 0 | if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || |
5544 | 0 | wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || |
5545 | 0 | wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { |
5546 | | /* Use longer timeout for IEEE 802.1X/EAP */ |
5547 | 0 | timeout = 70; |
5548 | 0 | } |
5549 | |
|
5550 | | #ifdef CONFIG_WPS |
5551 | | if (wpa_s->current_ssid && wpa_s->current_bss && |
5552 | | (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) && |
5553 | | eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) { |
5554 | | /* |
5555 | | * Use shorter timeout if going through WPS AP iteration |
5556 | | * for PIN config method with an AP that does not |
5557 | | * advertise Selected Registrar. |
5558 | | */ |
5559 | | struct wpabuf *wps_ie; |
5560 | | |
5561 | | wps_ie = wpa_bss_get_vendor_ie_multi( |
5562 | | wpa_s->current_bss, WPS_IE_VENDOR_TYPE); |
5563 | | if (wps_ie && |
5564 | | !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1)) |
5565 | | timeout = 10; |
5566 | | wpabuf_free(wps_ie); |
5567 | | } |
5568 | | #endif /* CONFIG_WPS */ |
5569 | |
|
5570 | 0 | wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); |
5571 | 0 | } |
5572 | 0 | wpa_s->eapol_received++; |
5573 | |
|
5574 | 0 | if (wpa_s->countermeasures) { |
5575 | 0 | wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " |
5576 | 0 | "EAPOL packet"); |
5577 | 0 | return; |
5578 | 0 | } |
5579 | | |
5580 | | #ifdef CONFIG_IBSS_RSN |
5581 | | if (wpa_s->current_ssid && |
5582 | | wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { |
5583 | | ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len, |
5584 | | encrypted); |
5585 | | return; |
5586 | | } |
5587 | | #endif /* CONFIG_IBSS_RSN */ |
5588 | | |
5589 | | /* Source address of the incoming EAPOL frame could be compared to the |
5590 | | * current BSSID. However, it is possible that a centralized |
5591 | | * Authenticator could be using another MAC address than the BSSID of |
5592 | | * an AP, so just allow any address to be used for now. The replies are |
5593 | | * still sent to the current BSSID (if available), though. */ |
5594 | | |
5595 | 0 | os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); |
5596 | 0 | if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && |
5597 | 0 | wpa_s->key_mgmt != WPA_KEY_MGMT_OWE && |
5598 | 0 | wpa_s->key_mgmt != WPA_KEY_MGMT_DPP && |
5599 | 0 | eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len, |
5600 | 0 | encrypted) > 0) |
5601 | 0 | return; |
5602 | 0 | wpa_drv_poll(wpa_s); |
5603 | 0 | if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) |
5604 | 0 | wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len, encrypted); |
5605 | 0 | else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { |
5606 | | /* |
5607 | | * Set portValid = true here since we are going to skip 4-way |
5608 | | * handshake processing which would normally set portValid. We |
5609 | | * need this to allow the EAPOL state machines to be completed |
5610 | | * without going through EAPOL-Key handshake. |
5611 | | */ |
5612 | 0 | eapol_sm_notify_portValid(wpa_s->eapol, true); |
5613 | 0 | } |
5614 | 0 | } |
5615 | | |
5616 | | |
5617 | | static void wpa_supplicant_rx_eapol_cb(void *ctx, const u8 *src_addr, |
5618 | | const u8 *buf, size_t len) |
5619 | 0 | { |
5620 | 0 | wpa_supplicant_rx_eapol(ctx, src_addr, buf, len, |
5621 | 0 | FRAME_ENCRYPTION_UNKNOWN); |
5622 | 0 | } |
5623 | | |
5624 | | |
5625 | | static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s) |
5626 | 0 | { |
5627 | 0 | return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) || |
5628 | 0 | !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX); |
5629 | 0 | } |
5630 | | |
5631 | | |
5632 | | int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) |
5633 | 0 | { |
5634 | 0 | u8 prev_mac_addr[ETH_ALEN]; |
5635 | |
|
5636 | 0 | os_memcpy(prev_mac_addr, wpa_s->own_addr, ETH_ALEN); |
5637 | |
|
5638 | 0 | if ((!wpa_s->p2p_mgmt || |
5639 | 0 | !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) && |
5640 | 0 | !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { |
5641 | 0 | l2_packet_deinit(wpa_s->l2); |
5642 | 0 | wpa_s->l2 = l2_packet_init(wpa_s->ifname, |
5643 | 0 | wpa_drv_get_mac_addr(wpa_s), |
5644 | 0 | ETH_P_EAPOL, |
5645 | 0 | wpas_eapol_needs_l2_packet(wpa_s) ? |
5646 | 0 | wpa_supplicant_rx_eapol_cb : NULL, |
5647 | 0 | wpa_s, 0); |
5648 | 0 | if (wpa_s->l2 == NULL) |
5649 | 0 | return -1; |
5650 | | |
5651 | 0 | if (l2_packet_set_packet_filter(wpa_s->l2, |
5652 | 0 | L2_PACKET_FILTER_PKTTYPE)) |
5653 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
5654 | 0 | "Failed to attach pkt_type filter"); |
5655 | |
|
5656 | 0 | if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { |
5657 | 0 | wpa_msg(wpa_s, MSG_ERROR, |
5658 | 0 | "Failed to get own L2 address"); |
5659 | 0 | return -1; |
5660 | 0 | } |
5661 | 0 | } else { |
5662 | 0 | const u8 *addr = wpa_drv_get_mac_addr(wpa_s); |
5663 | 0 | if (addr) |
5664 | 0 | os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); |
5665 | 0 | } |
5666 | | |
5667 | 0 | wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); |
5668 | 0 | wpas_wps_update_mac_addr(wpa_s); |
5669 | |
|
5670 | | #ifdef CONFIG_FST |
5671 | | if (wpa_s->fst) |
5672 | | fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr); |
5673 | | #endif /* CONFIG_FST */ |
5674 | |
|
5675 | 0 | if (!ether_addr_equal(prev_mac_addr, wpa_s->own_addr)) |
5676 | 0 | wpas_notify_mac_address_changed(wpa_s); |
5677 | |
|
5678 | 0 | return 0; |
5679 | 0 | } |
5680 | | |
5681 | | |
5682 | | static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr, |
5683 | | const u8 *buf, size_t len) |
5684 | 0 | { |
5685 | 0 | struct wpa_supplicant *wpa_s = ctx; |
5686 | 0 | const struct l2_ethhdr *eth; |
5687 | |
|
5688 | 0 | if (len < sizeof(*eth)) |
5689 | 0 | return; |
5690 | 0 | eth = (const struct l2_ethhdr *) buf; |
5691 | |
|
5692 | 0 | if (!ether_addr_equal(eth->h_dest, wpa_s->own_addr) && |
5693 | 0 | !(eth->h_dest[0] & 0x01)) { |
5694 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR |
5695 | 0 | " (bridge - not for this interface - ignore)", |
5696 | 0 | MAC2STR(src_addr), MAC2STR(eth->h_dest)); |
5697 | 0 | return; |
5698 | 0 | } |
5699 | | |
5700 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR |
5701 | 0 | " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest)); |
5702 | 0 | wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth), |
5703 | 0 | len - sizeof(*eth), FRAME_ENCRYPTION_UNKNOWN); |
5704 | 0 | } |
5705 | | |
5706 | | |
5707 | | int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s, |
5708 | | const char *bridge_ifname) |
5709 | 0 | { |
5710 | 0 | if (wpa_s->wpa_state > WPA_SCANNING) |
5711 | 0 | return -EBUSY; |
5712 | | |
5713 | 0 | if (bridge_ifname && |
5714 | 0 | os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname)) |
5715 | 0 | return -EINVAL; |
5716 | | |
5717 | 0 | if (!bridge_ifname) |
5718 | 0 | bridge_ifname = ""; |
5719 | |
|
5720 | 0 | if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0) |
5721 | 0 | return 0; |
5722 | | |
5723 | 0 | if (wpa_s->l2_br) { |
5724 | 0 | l2_packet_deinit(wpa_s->l2_br); |
5725 | 0 | wpa_s->l2_br = NULL; |
5726 | 0 | } |
5727 | |
|
5728 | 0 | os_strlcpy(wpa_s->bridge_ifname, bridge_ifname, |
5729 | 0 | sizeof(wpa_s->bridge_ifname)); |
5730 | |
|
5731 | 0 | if (wpa_s->bridge_ifname[0]) { |
5732 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
5733 | 0 | "Receiving packets from bridge interface '%s'", |
5734 | 0 | wpa_s->bridge_ifname); |
5735 | 0 | wpa_s->l2_br = l2_packet_init_bridge( |
5736 | 0 | wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr, |
5737 | 0 | ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1); |
5738 | 0 | if (!wpa_s->l2_br) { |
5739 | 0 | wpa_msg(wpa_s, MSG_ERROR, |
5740 | 0 | "Failed to open l2_packet connection for the bridge interface '%s'", |
5741 | 0 | wpa_s->bridge_ifname); |
5742 | 0 | goto fail; |
5743 | 0 | } |
5744 | 0 | } |
5745 | | |
5746 | | #ifdef CONFIG_TDLS |
5747 | | if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa)) |
5748 | | goto fail; |
5749 | | #endif /* CONFIG_TDLS */ |
5750 | | |
5751 | 0 | return 0; |
5752 | 0 | fail: |
5753 | 0 | wpa_s->bridge_ifname[0] = 0; |
5754 | 0 | if (wpa_s->l2_br) { |
5755 | 0 | l2_packet_deinit(wpa_s->l2_br); |
5756 | 0 | wpa_s->l2_br = NULL; |
5757 | 0 | } |
5758 | | #ifdef CONFIG_TDLS |
5759 | | if (!wpa_s->p2p_mgmt) |
5760 | | wpa_tdls_init(wpa_s->wpa); |
5761 | | #endif /* CONFIG_TDLS */ |
5762 | 0 | return -EIO; |
5763 | 0 | } |
5764 | | |
5765 | | |
5766 | | /** |
5767 | | * wpa_supplicant_driver_init - Initialize driver interface parameters |
5768 | | * @wpa_s: Pointer to wpa_supplicant data |
5769 | | * Returns: 0 on success, -1 on failure |
5770 | | * |
5771 | | * This function is called to initialize driver interface parameters. |
5772 | | * wpa_drv_init() must have been called before this function to initialize the |
5773 | | * driver interface. |
5774 | | */ |
5775 | | int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) |
5776 | 0 | { |
5777 | 0 | static int interface_count = 0; |
5778 | |
|
5779 | 0 | if (wpa_supplicant_update_mac_addr(wpa_s) < 0) |
5780 | 0 | return -1; |
5781 | | |
5782 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, |
5783 | 0 | MAC2STR(wpa_s->own_addr)); |
5784 | 0 | os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN); |
5785 | 0 | wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); |
5786 | |
|
5787 | 0 | if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) { |
5788 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " |
5789 | 0 | "interface '%s'", wpa_s->bridge_ifname); |
5790 | 0 | wpa_s->l2_br = l2_packet_init_bridge( |
5791 | 0 | wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr, |
5792 | 0 | ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1); |
5793 | 0 | if (wpa_s->l2_br == NULL) { |
5794 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " |
5795 | 0 | "connection for the bridge interface '%s'", |
5796 | 0 | wpa_s->bridge_ifname); |
5797 | 0 | return -1; |
5798 | 0 | } |
5799 | 0 | } |
5800 | | |
5801 | 0 | if (wpa_s->conf->ap_scan == 2 && |
5802 | 0 | os_strcmp(wpa_s->driver->name, "nl80211") == 0) { |
5803 | 0 | wpa_printf(MSG_INFO, |
5804 | 0 | "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); |
5805 | 0 | } |
5806 | |
|
5807 | 0 | wpa_clear_keys(wpa_s, NULL); |
5808 | | |
5809 | | /* Make sure that TKIP countermeasures are not left enabled (could |
5810 | | * happen if wpa_supplicant is killed during countermeasures. */ |
5811 | 0 | wpa_drv_set_countermeasures(wpa_s, 0); |
5812 | |
|
5813 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); |
5814 | 0 | wpa_drv_flush_pmkid(wpa_s); |
5815 | |
|
5816 | 0 | wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; |
5817 | 0 | wpa_s->prev_scan_wildcard = 0; |
5818 | |
|
5819 | 0 | if (wpa_supplicant_enabled_networks(wpa_s)) { |
5820 | 0 | if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { |
5821 | 0 | wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); |
5822 | 0 | interface_count = 0; |
5823 | 0 | } |
5824 | 0 | #ifndef ANDROID |
5825 | 0 | if (!wpa_s->p2p_mgmt && |
5826 | 0 | wpa_supplicant_delayed_sched_scan(wpa_s, |
5827 | 0 | interface_count % 3, |
5828 | 0 | 100000)) |
5829 | 0 | wpa_supplicant_req_scan(wpa_s, interface_count % 3, |
5830 | 0 | 100000); |
5831 | 0 | #endif /* ANDROID */ |
5832 | 0 | interface_count++; |
5833 | 0 | } else |
5834 | 0 | wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); |
5835 | |
|
5836 | 0 | return 0; |
5837 | 0 | } |
5838 | | |
5839 | | |
5840 | | static int wpa_supplicant_daemon(const char *pid_file) |
5841 | 0 | { |
5842 | 0 | wpa_printf(MSG_DEBUG, "Daemonize.."); |
5843 | 0 | return os_daemonize(pid_file); |
5844 | 0 | } |
5845 | | |
5846 | | |
5847 | | static struct wpa_supplicant * |
5848 | | wpa_supplicant_alloc(struct wpa_supplicant *parent) |
5849 | 0 | { |
5850 | 0 | struct wpa_supplicant *wpa_s; |
5851 | |
|
5852 | 0 | wpa_s = os_zalloc(sizeof(*wpa_s)); |
5853 | 0 | if (wpa_s == NULL) |
5854 | 0 | return NULL; |
5855 | 0 | wpa_s->scan_req = INITIAL_SCAN_REQ; |
5856 | 0 | wpa_s->scan_interval = 5; |
5857 | 0 | wpa_s->new_connection = 1; |
5858 | 0 | wpa_s->parent = parent ? parent : wpa_s; |
5859 | 0 | wpa_s->p2pdev = wpa_s->parent; |
5860 | 0 | wpa_s->sched_scanning = 0; |
5861 | 0 | wpa_s->setband_mask = WPA_SETBAND_AUTO; |
5862 | |
|
5863 | 0 | dl_list_init(&wpa_s->bss_tmp_disallowed); |
5864 | 0 | dl_list_init(&wpa_s->fils_hlp_req); |
5865 | | #ifdef CONFIG_TESTING_OPTIONS |
5866 | | dl_list_init(&wpa_s->drv_signal_override); |
5867 | | wpa_s->test_assoc_comeback_type = -1; |
5868 | | #endif /* CONFIG_TESTING_OPTIONS */ |
5869 | 0 | #ifndef CONFIG_NO_ROBUST_AV |
5870 | 0 | dl_list_init(&wpa_s->active_scs_ids); |
5871 | 0 | #endif /* CONFIG_NO_ROBUST_AV */ |
5872 | 0 | wpa_s->ml_probe_mld_id = -1; |
5873 | |
|
5874 | 0 | return wpa_s; |
5875 | 0 | } |
5876 | | |
5877 | | |
5878 | | #ifdef CONFIG_HT_OVERRIDES |
5879 | | |
5880 | | static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, |
5881 | | struct ieee80211_ht_capabilities *htcaps, |
5882 | | struct ieee80211_ht_capabilities *htcaps_mask, |
5883 | | const char *ht_mcs) |
5884 | | { |
5885 | | /* parse ht_mcs into hex array */ |
5886 | | int i; |
5887 | | const char *tmp = ht_mcs; |
5888 | | char *end = NULL; |
5889 | | |
5890 | | /* If ht_mcs is null, do not set anything */ |
5891 | | if (!ht_mcs) |
5892 | | return 0; |
5893 | | |
5894 | | /* This is what we are setting in the kernel */ |
5895 | | os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); |
5896 | | |
5897 | | wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); |
5898 | | |
5899 | | for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { |
5900 | | long v; |
5901 | | |
5902 | | errno = 0; |
5903 | | v = strtol(tmp, &end, 16); |
5904 | | |
5905 | | if (errno == 0) { |
5906 | | wpa_msg(wpa_s, MSG_DEBUG, |
5907 | | "htcap value[%i]: %ld end: %p tmp: %p", |
5908 | | i, v, end, tmp); |
5909 | | if (end == tmp) |
5910 | | break; |
5911 | | |
5912 | | htcaps->supported_mcs_set[i] = v; |
5913 | | tmp = end; |
5914 | | } else { |
5915 | | wpa_msg(wpa_s, MSG_ERROR, |
5916 | | "Failed to parse ht-mcs: %s, error: %s\n", |
5917 | | ht_mcs, strerror(errno)); |
5918 | | return -1; |
5919 | | } |
5920 | | } |
5921 | | |
5922 | | /* |
5923 | | * If we were able to parse any values, then set mask for the MCS set. |
5924 | | */ |
5925 | | if (i) { |
5926 | | os_memset(&htcaps_mask->supported_mcs_set, 0xff, |
5927 | | IEEE80211_HT_MCS_MASK_LEN - 1); |
5928 | | /* skip the 3 reserved bits */ |
5929 | | htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = |
5930 | | 0x1f; |
5931 | | } |
5932 | | |
5933 | | return 0; |
5934 | | } |
5935 | | |
5936 | | |
5937 | | static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, |
5938 | | struct ieee80211_ht_capabilities *htcaps, |
5939 | | struct ieee80211_ht_capabilities *htcaps_mask, |
5940 | | int disabled) |
5941 | | { |
5942 | | le16 msk; |
5943 | | |
5944 | | if (disabled == -1) |
5945 | | return 0; |
5946 | | |
5947 | | wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); |
5948 | | |
5949 | | msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); |
5950 | | htcaps_mask->ht_capabilities_info |= msk; |
5951 | | if (disabled) |
5952 | | htcaps->ht_capabilities_info &= msk; |
5953 | | else |
5954 | | htcaps->ht_capabilities_info |= msk; |
5955 | | |
5956 | | return 0; |
5957 | | } |
5958 | | |
5959 | | |
5960 | | static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, |
5961 | | struct ieee80211_ht_capabilities *htcaps, |
5962 | | struct ieee80211_ht_capabilities *htcaps_mask, |
5963 | | int factor) |
5964 | | { |
5965 | | if (factor == -1) |
5966 | | return 0; |
5967 | | |
5968 | | wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); |
5969 | | |
5970 | | if (factor < 0 || factor > 3) { |
5971 | | wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " |
5972 | | "Must be 0-3 or -1", factor); |
5973 | | return -EINVAL; |
5974 | | } |
5975 | | |
5976 | | htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ |
5977 | | htcaps->a_mpdu_params &= ~0x3; |
5978 | | htcaps->a_mpdu_params |= factor & 0x3; |
5979 | | |
5980 | | return 0; |
5981 | | } |
5982 | | |
5983 | | |
5984 | | static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, |
5985 | | struct ieee80211_ht_capabilities *htcaps, |
5986 | | struct ieee80211_ht_capabilities *htcaps_mask, |
5987 | | int density) |
5988 | | { |
5989 | | if (density == -1) |
5990 | | return 0; |
5991 | | |
5992 | | wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); |
5993 | | |
5994 | | if (density < 0 || density > 7) { |
5995 | | wpa_msg(wpa_s, MSG_ERROR, |
5996 | | "ampdu_density: %d out of range. Must be 0-7 or -1.", |
5997 | | density); |
5998 | | return -EINVAL; |
5999 | | } |
6000 | | |
6001 | | htcaps_mask->a_mpdu_params |= 0x1C; |
6002 | | htcaps->a_mpdu_params &= ~(0x1C); |
6003 | | htcaps->a_mpdu_params |= (density << 2) & 0x1C; |
6004 | | |
6005 | | return 0; |
6006 | | } |
6007 | | |
6008 | | |
6009 | | static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, |
6010 | | struct ieee80211_ht_capabilities *htcaps, |
6011 | | struct ieee80211_ht_capabilities *htcaps_mask, |
6012 | | int disabled) |
6013 | | { |
6014 | | if (disabled) |
6015 | | wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); |
6016 | | |
6017 | | set_disable_ht40(htcaps, disabled); |
6018 | | set_disable_ht40(htcaps_mask, 0); |
6019 | | |
6020 | | return 0; |
6021 | | } |
6022 | | |
6023 | | |
6024 | | static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s, |
6025 | | struct ieee80211_ht_capabilities *htcaps, |
6026 | | struct ieee80211_ht_capabilities *htcaps_mask, |
6027 | | int disabled) |
6028 | | { |
6029 | | /* Masking these out disables SGI */ |
6030 | | le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ | |
6031 | | HT_CAP_INFO_SHORT_GI40MHZ); |
6032 | | |
6033 | | if (disabled) |
6034 | | wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled); |
6035 | | |
6036 | | if (disabled) |
6037 | | htcaps->ht_capabilities_info &= ~msk; |
6038 | | else |
6039 | | htcaps->ht_capabilities_info |= msk; |
6040 | | |
6041 | | htcaps_mask->ht_capabilities_info |= msk; |
6042 | | |
6043 | | return 0; |
6044 | | } |
6045 | | |
6046 | | |
6047 | | static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s, |
6048 | | struct ieee80211_ht_capabilities *htcaps, |
6049 | | struct ieee80211_ht_capabilities *htcaps_mask, |
6050 | | int disabled) |
6051 | | { |
6052 | | /* Masking these out disables LDPC */ |
6053 | | le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP); |
6054 | | |
6055 | | if (disabled) |
6056 | | wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled); |
6057 | | |
6058 | | if (disabled) |
6059 | | htcaps->ht_capabilities_info &= ~msk; |
6060 | | else |
6061 | | htcaps->ht_capabilities_info |= msk; |
6062 | | |
6063 | | htcaps_mask->ht_capabilities_info |= msk; |
6064 | | |
6065 | | return 0; |
6066 | | } |
6067 | | |
6068 | | |
6069 | | static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s, |
6070 | | struct ieee80211_ht_capabilities *htcaps, |
6071 | | struct ieee80211_ht_capabilities *htcaps_mask, |
6072 | | int tx_stbc) |
6073 | | { |
6074 | | le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC); |
6075 | | |
6076 | | if (tx_stbc == -1) |
6077 | | return 0; |
6078 | | |
6079 | | wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc); |
6080 | | |
6081 | | if (tx_stbc < 0 || tx_stbc > 1) { |
6082 | | wpa_msg(wpa_s, MSG_ERROR, |
6083 | | "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc); |
6084 | | return -EINVAL; |
6085 | | } |
6086 | | |
6087 | | htcaps_mask->ht_capabilities_info |= msk; |
6088 | | htcaps->ht_capabilities_info &= ~msk; |
6089 | | htcaps->ht_capabilities_info |= (tx_stbc << 7) & msk; |
6090 | | |
6091 | | return 0; |
6092 | | } |
6093 | | |
6094 | | |
6095 | | static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s, |
6096 | | struct ieee80211_ht_capabilities *htcaps, |
6097 | | struct ieee80211_ht_capabilities *htcaps_mask, |
6098 | | int rx_stbc) |
6099 | | { |
6100 | | le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK); |
6101 | | |
6102 | | if (rx_stbc == -1) |
6103 | | return 0; |
6104 | | |
6105 | | wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc); |
6106 | | |
6107 | | if (rx_stbc < 0 || rx_stbc > 3) { |
6108 | | wpa_msg(wpa_s, MSG_ERROR, |
6109 | | "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc); |
6110 | | return -EINVAL; |
6111 | | } |
6112 | | |
6113 | | htcaps_mask->ht_capabilities_info |= msk; |
6114 | | htcaps->ht_capabilities_info &= ~msk; |
6115 | | htcaps->ht_capabilities_info |= (rx_stbc << 8) & msk; |
6116 | | |
6117 | | return 0; |
6118 | | } |
6119 | | |
6120 | | |
6121 | | void wpa_supplicant_apply_ht_overrides( |
6122 | | struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, |
6123 | | struct wpa_driver_associate_params *params) |
6124 | | { |
6125 | | struct ieee80211_ht_capabilities *htcaps; |
6126 | | struct ieee80211_ht_capabilities *htcaps_mask; |
6127 | | |
6128 | | if (!ssid) |
6129 | | return; |
6130 | | |
6131 | | params->disable_ht = ssid->disable_ht; |
6132 | | if (!params->htcaps || !params->htcaps_mask) |
6133 | | return; |
6134 | | |
6135 | | htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; |
6136 | | htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; |
6137 | | wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); |
6138 | | wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, |
6139 | | ssid->disable_max_amsdu); |
6140 | | wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); |
6141 | | wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); |
6142 | | wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); |
6143 | | wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi); |
6144 | | wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc); |
6145 | | wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc); |
6146 | | wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc); |
6147 | | |
6148 | | if (ssid->ht40_intolerant) { |
6149 | | le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT); |
6150 | | htcaps->ht_capabilities_info |= bit; |
6151 | | htcaps_mask->ht_capabilities_info |= bit; |
6152 | | } |
6153 | | } |
6154 | | |
6155 | | #endif /* CONFIG_HT_OVERRIDES */ |
6156 | | |
6157 | | |
6158 | | #ifdef CONFIG_VHT_OVERRIDES |
6159 | | void wpa_supplicant_apply_vht_overrides( |
6160 | | struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, |
6161 | | struct wpa_driver_associate_params *params) |
6162 | | { |
6163 | | struct ieee80211_vht_capabilities *vhtcaps; |
6164 | | struct ieee80211_vht_capabilities *vhtcaps_mask; |
6165 | | |
6166 | | if (!ssid) |
6167 | | return; |
6168 | | |
6169 | | params->disable_vht = ssid->disable_vht; |
6170 | | |
6171 | | vhtcaps = (void *) params->vhtcaps; |
6172 | | vhtcaps_mask = (void *) params->vhtcaps_mask; |
6173 | | |
6174 | | if (!vhtcaps || !vhtcaps_mask) |
6175 | | return; |
6176 | | |
6177 | | vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa); |
6178 | | vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask); |
6179 | | |
6180 | | #ifdef CONFIG_HT_OVERRIDES |
6181 | | if (ssid->disable_sgi) { |
6182 | | vhtcaps_mask->vht_capabilities_info |= (VHT_CAP_SHORT_GI_80 | |
6183 | | VHT_CAP_SHORT_GI_160); |
6184 | | vhtcaps->vht_capabilities_info &= ~(VHT_CAP_SHORT_GI_80 | |
6185 | | VHT_CAP_SHORT_GI_160); |
6186 | | wpa_msg(wpa_s, MSG_DEBUG, |
6187 | | "disable-sgi override specified, vht-caps: 0x%x", |
6188 | | vhtcaps->vht_capabilities_info); |
6189 | | } |
6190 | | |
6191 | | /* if max ampdu is <= 3, we have to make the HT cap the same */ |
6192 | | if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) { |
6193 | | int max_ampdu; |
6194 | | |
6195 | | max_ampdu = (ssid->vht_capa & |
6196 | | VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >> |
6197 | | VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT; |
6198 | | |
6199 | | max_ampdu = max_ampdu < 3 ? max_ampdu : 3; |
6200 | | wpa_set_ampdu_factor(wpa_s, |
6201 | | (void *) params->htcaps, |
6202 | | (void *) params->htcaps_mask, |
6203 | | max_ampdu); |
6204 | | } |
6205 | | #endif /* CONFIG_HT_OVERRIDES */ |
6206 | | |
6207 | | #define OVERRIDE_MCS(i) \ |
6208 | | if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \ |
6209 | | vhtcaps_mask->vht_supported_mcs_set.tx_map |= \ |
6210 | | host_to_le16(3 << 2 * (i - 1)); \ |
6211 | | vhtcaps->vht_supported_mcs_set.tx_map |= \ |
6212 | | host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \ |
6213 | | 2 * (i - 1)); \ |
6214 | | } \ |
6215 | | if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \ |
6216 | | vhtcaps_mask->vht_supported_mcs_set.rx_map |= \ |
6217 | | host_to_le16(3 << 2 * (i - 1)); \ |
6218 | | vhtcaps->vht_supported_mcs_set.rx_map |= \ |
6219 | | host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \ |
6220 | | 2 * (i - 1)); \ |
6221 | | } |
6222 | | |
6223 | | OVERRIDE_MCS(1); |
6224 | | OVERRIDE_MCS(2); |
6225 | | OVERRIDE_MCS(3); |
6226 | | OVERRIDE_MCS(4); |
6227 | | OVERRIDE_MCS(5); |
6228 | | OVERRIDE_MCS(6); |
6229 | | OVERRIDE_MCS(7); |
6230 | | OVERRIDE_MCS(8); |
6231 | | } |
6232 | | #endif /* CONFIG_VHT_OVERRIDES */ |
6233 | | |
6234 | | |
6235 | | #ifdef CONFIG_HE_OVERRIDES |
6236 | | void wpa_supplicant_apply_he_overrides( |
6237 | | struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, |
6238 | | struct wpa_driver_associate_params *params) |
6239 | | { |
6240 | | if (!ssid) |
6241 | | return; |
6242 | | |
6243 | | params->disable_he = ssid->disable_he; |
6244 | | } |
6245 | | #endif /* CONFIG_HE_OVERRIDES */ |
6246 | | |
6247 | | |
6248 | | void wpa_supplicant_apply_eht_overrides( |
6249 | | struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, |
6250 | | struct wpa_driver_associate_params *params) |
6251 | 0 | { |
6252 | 0 | if (!ssid) |
6253 | 0 | return; |
6254 | | |
6255 | 0 | params->disable_eht = ssid->disable_eht; |
6256 | 0 | } |
6257 | | |
6258 | | |
6259 | | static int pcsc_reader_init(struct wpa_supplicant *wpa_s) |
6260 | 0 | { |
6261 | | #ifdef PCSC_FUNCS |
6262 | | size_t len; |
6263 | | |
6264 | | if (!wpa_s->conf->pcsc_reader) |
6265 | | return 0; |
6266 | | |
6267 | | wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader); |
6268 | | if (!wpa_s->scard) |
6269 | | return 1; |
6270 | | |
6271 | | if (wpa_s->conf->pcsc_pin && |
6272 | | scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) { |
6273 | | scard_deinit(wpa_s->scard); |
6274 | | wpa_s->scard = NULL; |
6275 | | wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed"); |
6276 | | return -1; |
6277 | | } |
6278 | | |
6279 | | len = sizeof(wpa_s->imsi) - 1; |
6280 | | if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) { |
6281 | | scard_deinit(wpa_s->scard); |
6282 | | wpa_s->scard = NULL; |
6283 | | wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI"); |
6284 | | return -1; |
6285 | | } |
6286 | | wpa_s->imsi[len] = '\0'; |
6287 | | |
6288 | | wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard); |
6289 | | |
6290 | | wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)", |
6291 | | wpa_s->imsi, wpa_s->mnc_len); |
6292 | | |
6293 | | wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); |
6294 | | eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); |
6295 | | #endif /* PCSC_FUNCS */ |
6296 | |
|
6297 | 0 | return 0; |
6298 | 0 | } |
6299 | | |
6300 | | |
6301 | | int wpas_init_ext_pw(struct wpa_supplicant *wpa_s) |
6302 | 0 | { |
6303 | 0 | char *val, *pos; |
6304 | |
|
6305 | 0 | ext_password_deinit(wpa_s->ext_pw); |
6306 | 0 | wpa_s->ext_pw = NULL; |
6307 | 0 | eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL); |
6308 | |
|
6309 | 0 | if (!wpa_s->conf->ext_password_backend) |
6310 | 0 | return 0; |
6311 | | |
6312 | 0 | val = os_strdup(wpa_s->conf->ext_password_backend); |
6313 | 0 | if (val == NULL) |
6314 | 0 | return -1; |
6315 | 0 | pos = os_strchr(val, ':'); |
6316 | 0 | if (pos) |
6317 | 0 | *pos++ = '\0'; |
6318 | |
|
6319 | 0 | wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val); |
6320 | |
|
6321 | 0 | wpa_s->ext_pw = ext_password_init(val, pos); |
6322 | 0 | os_free(val); |
6323 | 0 | if (wpa_s->ext_pw == NULL) { |
6324 | 0 | wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend"); |
6325 | 0 | return -1; |
6326 | 0 | } |
6327 | 0 | eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw); |
6328 | |
|
6329 | 0 | return 0; |
6330 | 0 | } |
6331 | | |
6332 | | |
6333 | | #ifdef CONFIG_FST |
6334 | | |
6335 | | static const u8 * wpas_fst_get_bssid_cb(void *ctx) |
6336 | | { |
6337 | | struct wpa_supplicant *wpa_s = ctx; |
6338 | | |
6339 | | return (is_zero_ether_addr(wpa_s->bssid) || |
6340 | | wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid; |
6341 | | } |
6342 | | |
6343 | | |
6344 | | static void wpas_fst_get_channel_info_cb(void *ctx, |
6345 | | enum hostapd_hw_mode *hw_mode, |
6346 | | u8 *channel) |
6347 | | { |
6348 | | struct wpa_supplicant *wpa_s = ctx; |
6349 | | |
6350 | | if (wpa_s->current_bss) { |
6351 | | *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq, |
6352 | | channel); |
6353 | | } else if (wpa_s->hw.num_modes) { |
6354 | | *hw_mode = wpa_s->hw.modes[0].mode; |
6355 | | } else { |
6356 | | WPA_ASSERT(0); |
6357 | | *hw_mode = 0; |
6358 | | } |
6359 | | } |
6360 | | |
6361 | | |
6362 | | static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes) |
6363 | | { |
6364 | | struct wpa_supplicant *wpa_s = ctx; |
6365 | | |
6366 | | *modes = wpa_s->hw.modes; |
6367 | | return wpa_s->hw.num_modes; |
6368 | | } |
6369 | | |
6370 | | |
6371 | | static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies) |
6372 | | { |
6373 | | struct wpa_supplicant *wpa_s = ctx; |
6374 | | |
6375 | | wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies); |
6376 | | wpa_s->fst_ies = fst_ies; |
6377 | | } |
6378 | | |
6379 | | |
6380 | | static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data) |
6381 | | { |
6382 | | struct wpa_supplicant *wpa_s = ctx; |
6383 | | |
6384 | | if (!ether_addr_equal(wpa_s->bssid, da)) { |
6385 | | wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR, |
6386 | | __func__, MAC2STR(wpa_s->bssid), MAC2STR(da)); |
6387 | | return -1; |
6388 | | } |
6389 | | return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, |
6390 | | wpa_s->own_addr, wpa_s->bssid, |
6391 | | wpabuf_head(data), wpabuf_len(data), |
6392 | | 0); |
6393 | | } |
6394 | | |
6395 | | |
6396 | | static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr) |
6397 | | { |
6398 | | struct wpa_supplicant *wpa_s = ctx; |
6399 | | |
6400 | | WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr)); |
6401 | | return wpa_s->received_mb_ies; |
6402 | | } |
6403 | | |
6404 | | |
6405 | | static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr, |
6406 | | const u8 *buf, size_t size) |
6407 | | { |
6408 | | struct wpa_supplicant *wpa_s = ctx; |
6409 | | struct mb_ies_info info; |
6410 | | |
6411 | | WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr)); |
6412 | | |
6413 | | if (!mb_ies_info_by_ies(&info, buf, size)) { |
6414 | | wpabuf_free(wpa_s->received_mb_ies); |
6415 | | wpa_s->received_mb_ies = mb_ies_by_info(&info); |
6416 | | } |
6417 | | } |
6418 | | |
6419 | | |
6420 | | static const u8 * wpas_fst_get_peer_first(void *ctx, |
6421 | | struct fst_get_peer_ctx **get_ctx, |
6422 | | bool mb_only) |
6423 | | { |
6424 | | struct wpa_supplicant *wpa_s = ctx; |
6425 | | |
6426 | | *get_ctx = NULL; |
6427 | | if (!is_zero_ether_addr(wpa_s->bssid)) |
6428 | | return (wpa_s->received_mb_ies || !mb_only) ? |
6429 | | wpa_s->bssid : NULL; |
6430 | | return NULL; |
6431 | | } |
6432 | | |
6433 | | |
6434 | | static const u8 * wpas_fst_get_peer_next(void *ctx, |
6435 | | struct fst_get_peer_ctx **get_ctx, |
6436 | | bool mb_only) |
6437 | | { |
6438 | | return NULL; |
6439 | | } |
6440 | | |
6441 | | void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s, |
6442 | | struct fst_wpa_obj *iface_obj) |
6443 | | { |
6444 | | os_memset(iface_obj, 0, sizeof(*iface_obj)); |
6445 | | iface_obj->ctx = wpa_s; |
6446 | | iface_obj->get_bssid = wpas_fst_get_bssid_cb; |
6447 | | iface_obj->get_channel_info = wpas_fst_get_channel_info_cb; |
6448 | | iface_obj->get_hw_modes = wpas_fst_get_hw_modes; |
6449 | | iface_obj->set_ies = wpas_fst_set_ies_cb; |
6450 | | iface_obj->send_action = wpas_fst_send_action_cb; |
6451 | | iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb; |
6452 | | iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb; |
6453 | | iface_obj->get_peer_first = wpas_fst_get_peer_first; |
6454 | | iface_obj->get_peer_next = wpas_fst_get_peer_next; |
6455 | | } |
6456 | | #endif /* CONFIG_FST */ |
6457 | | |
6458 | | static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s, |
6459 | | const struct wpa_driver_capa *capa) |
6460 | 0 | { |
6461 | 0 | struct wowlan_triggers *triggers; |
6462 | 0 | int ret = 0; |
6463 | |
|
6464 | 0 | if (!wpa_s->conf->wowlan_triggers) |
6465 | 0 | return 0; |
6466 | | |
6467 | 0 | triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa); |
6468 | 0 | if (triggers) { |
6469 | 0 | ret = wpa_drv_wowlan(wpa_s, triggers); |
6470 | 0 | os_free(triggers); |
6471 | 0 | } |
6472 | 0 | return ret; |
6473 | 0 | } |
6474 | | |
6475 | | |
6476 | | enum wpa_radio_work_band wpas_freq_to_band(int freq) |
6477 | 0 | { |
6478 | 0 | if (freq < 3000) |
6479 | 0 | return BAND_2_4_GHZ; |
6480 | 0 | if (freq > 50000) |
6481 | 0 | return BAND_60_GHZ; |
6482 | 0 | return BAND_5_GHZ; |
6483 | 0 | } |
6484 | | |
6485 | | |
6486 | | unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs) |
6487 | 0 | { |
6488 | 0 | int i; |
6489 | 0 | unsigned int band = 0; |
6490 | |
|
6491 | 0 | if (freqs) { |
6492 | | /* freqs are specified for the radio work */ |
6493 | 0 | for (i = 0; freqs[i]; i++) |
6494 | 0 | band |= wpas_freq_to_band(freqs[i]); |
6495 | 0 | } else { |
6496 | | /* |
6497 | | * freqs are not specified, implies all |
6498 | | * the supported freqs by HW |
6499 | | */ |
6500 | 0 | for (i = 0; i < wpa_s->hw.num_modes; i++) { |
6501 | 0 | if (wpa_s->hw.modes[i].num_channels != 0) { |
6502 | 0 | if (wpa_s->hw.modes[i].mode == |
6503 | 0 | HOSTAPD_MODE_IEEE80211B || |
6504 | 0 | wpa_s->hw.modes[i].mode == |
6505 | 0 | HOSTAPD_MODE_IEEE80211G) |
6506 | 0 | band |= BAND_2_4_GHZ; |
6507 | 0 | else if (wpa_s->hw.modes[i].mode == |
6508 | 0 | HOSTAPD_MODE_IEEE80211A) |
6509 | 0 | band |= BAND_5_GHZ; |
6510 | 0 | else if (wpa_s->hw.modes[i].mode == |
6511 | 0 | HOSTAPD_MODE_IEEE80211AD) |
6512 | 0 | band |= BAND_60_GHZ; |
6513 | 0 | else if (wpa_s->hw.modes[i].mode == |
6514 | 0 | HOSTAPD_MODE_IEEE80211ANY) |
6515 | 0 | band = BAND_2_4_GHZ | BAND_5_GHZ | |
6516 | 0 | BAND_60_GHZ; |
6517 | 0 | } |
6518 | 0 | } |
6519 | 0 | } |
6520 | |
|
6521 | 0 | return band; |
6522 | 0 | } |
6523 | | |
6524 | | |
6525 | | static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s, |
6526 | | const char *rn) |
6527 | 0 | { |
6528 | 0 | struct wpa_supplicant *iface = wpa_s->global->ifaces; |
6529 | 0 | struct wpa_radio *radio; |
6530 | |
|
6531 | 0 | while (rn && iface) { |
6532 | 0 | radio = iface->radio; |
6533 | 0 | if (radio && os_strcmp(rn, radio->name) == 0) { |
6534 | 0 | wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s", |
6535 | 0 | wpa_s->ifname, rn); |
6536 | 0 | dl_list_add(&radio->ifaces, &wpa_s->radio_list); |
6537 | 0 | return radio; |
6538 | 0 | } |
6539 | | |
6540 | 0 | iface = iface->next; |
6541 | 0 | } |
6542 | | |
6543 | 0 | wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s", |
6544 | 0 | wpa_s->ifname, rn ? rn : "N/A"); |
6545 | 0 | radio = os_zalloc(sizeof(*radio)); |
6546 | 0 | if (radio == NULL) |
6547 | 0 | return NULL; |
6548 | | |
6549 | 0 | if (rn) |
6550 | 0 | os_strlcpy(radio->name, rn, sizeof(radio->name)); |
6551 | 0 | dl_list_init(&radio->ifaces); |
6552 | 0 | dl_list_init(&radio->work); |
6553 | 0 | dl_list_add(&radio->ifaces, &wpa_s->radio_list); |
6554 | |
|
6555 | 0 | return radio; |
6556 | 0 | } |
6557 | | |
6558 | | |
6559 | | static void radio_work_free(struct wpa_radio_work *work) |
6560 | 0 | { |
6561 | 0 | if (work->wpa_s->scan_work == work) { |
6562 | | /* This should not really happen. */ |
6563 | 0 | wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work", |
6564 | 0 | work->type, work, work->started); |
6565 | 0 | work->wpa_s->scan_work = NULL; |
6566 | 0 | } |
6567 | |
|
6568 | | #ifdef CONFIG_P2P |
6569 | | if (work->wpa_s->p2p_scan_work == work) { |
6570 | | /* This should not really happen. */ |
6571 | | wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work", |
6572 | | work->type, work, work->started); |
6573 | | work->wpa_s->p2p_scan_work = NULL; |
6574 | | } |
6575 | | #endif /* CONFIG_P2P */ |
6576 | |
|
6577 | 0 | if (work->started) { |
6578 | 0 | work->wpa_s->radio->num_active_works--; |
6579 | 0 | wpa_dbg(work->wpa_s, MSG_DEBUG, |
6580 | 0 | "radio_work_free('%s'@%p): num_active_works --> %u", |
6581 | 0 | work->type, work, |
6582 | 0 | work->wpa_s->radio->num_active_works); |
6583 | 0 | } |
6584 | |
|
6585 | 0 | dl_list_del(&work->list); |
6586 | 0 | os_free(work); |
6587 | 0 | } |
6588 | | |
6589 | | |
6590 | | static int radio_work_is_connect(struct wpa_radio_work *work) |
6591 | 0 | { |
6592 | 0 | return os_strcmp(work->type, "sme-connect") == 0 || |
6593 | 0 | os_strcmp(work->type, "connect") == 0; |
6594 | 0 | } |
6595 | | |
6596 | | |
6597 | | static int radio_work_is_scan(struct wpa_radio_work *work) |
6598 | 0 | { |
6599 | 0 | return os_strcmp(work->type, "scan") == 0 || |
6600 | 0 | os_strcmp(work->type, "p2p-scan") == 0; |
6601 | 0 | } |
6602 | | |
6603 | | |
6604 | | static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio) |
6605 | 0 | { |
6606 | 0 | struct wpa_radio_work *active_work = NULL; |
6607 | 0 | struct wpa_radio_work *tmp; |
6608 | | |
6609 | | /* Get the active work to know the type and band. */ |
6610 | 0 | dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { |
6611 | 0 | if (tmp->started) { |
6612 | 0 | active_work = tmp; |
6613 | 0 | break; |
6614 | 0 | } |
6615 | 0 | } |
6616 | |
|
6617 | 0 | if (!active_work) { |
6618 | | /* No active work, start one */ |
6619 | 0 | radio->num_active_works = 0; |
6620 | 0 | dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, |
6621 | 0 | list) { |
6622 | 0 | if (os_strcmp(tmp->type, "scan") == 0 && |
6623 | 0 | external_scan_running(radio) && |
6624 | 0 | (((struct wpa_driver_scan_params *) |
6625 | 0 | tmp->ctx)->only_new_results || |
6626 | 0 | tmp->wpa_s->clear_driver_scan_cache)) |
6627 | 0 | continue; |
6628 | 0 | return tmp; |
6629 | 0 | } |
6630 | 0 | return NULL; |
6631 | 0 | } |
6632 | | |
6633 | 0 | if (radio_work_is_connect(active_work)) { |
6634 | | /* |
6635 | | * If the active work is either connect or sme-connect, |
6636 | | * do not parallelize them with other radio works. |
6637 | | */ |
6638 | 0 | wpa_dbg(active_work->wpa_s, MSG_DEBUG, |
6639 | 0 | "Do not parallelize radio work with %s", |
6640 | 0 | active_work->type); |
6641 | 0 | return NULL; |
6642 | 0 | } |
6643 | | |
6644 | 0 | dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { |
6645 | 0 | if (tmp->started) |
6646 | 0 | continue; |
6647 | | |
6648 | | /* |
6649 | | * If connect or sme-connect are enqueued, parallelize only |
6650 | | * those operations ahead of them in the queue. |
6651 | | */ |
6652 | 0 | if (radio_work_is_connect(tmp)) |
6653 | 0 | break; |
6654 | | |
6655 | | /* Serialize parallel scan and p2p_scan operations on the same |
6656 | | * interface since the driver_nl80211 mechanism for tracking |
6657 | | * scan cookies does not yet have support for this. */ |
6658 | 0 | if (active_work->wpa_s == tmp->wpa_s && |
6659 | 0 | radio_work_is_scan(active_work) && |
6660 | 0 | radio_work_is_scan(tmp)) { |
6661 | 0 | wpa_dbg(active_work->wpa_s, MSG_DEBUG, |
6662 | 0 | "Do not start work '%s' when another work '%s' is already scheduled", |
6663 | 0 | tmp->type, active_work->type); |
6664 | 0 | continue; |
6665 | 0 | } |
6666 | | /* |
6667 | | * Check that the radio works are distinct and |
6668 | | * on different bands. |
6669 | | */ |
6670 | 0 | if (os_strcmp(active_work->type, tmp->type) != 0 && |
6671 | 0 | (active_work->bands != tmp->bands)) { |
6672 | | /* |
6673 | | * If a scan has to be scheduled through nl80211 scan |
6674 | | * interface and if an external scan is already running, |
6675 | | * do not schedule the scan since it is likely to get |
6676 | | * rejected by kernel. |
6677 | | */ |
6678 | 0 | if (os_strcmp(tmp->type, "scan") == 0 && |
6679 | 0 | external_scan_running(radio) && |
6680 | 0 | (((struct wpa_driver_scan_params *) |
6681 | 0 | tmp->ctx)->only_new_results || |
6682 | 0 | tmp->wpa_s->clear_driver_scan_cache)) |
6683 | 0 | continue; |
6684 | | |
6685 | 0 | wpa_dbg(active_work->wpa_s, MSG_DEBUG, |
6686 | 0 | "active_work:%s new_work:%s", |
6687 | 0 | active_work->type, tmp->type); |
6688 | 0 | return tmp; |
6689 | 0 | } |
6690 | 0 | } |
6691 | | |
6692 | | /* Did not find a radio work to schedule in parallel. */ |
6693 | 0 | return NULL; |
6694 | 0 | } |
6695 | | |
6696 | | |
6697 | | static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx) |
6698 | 0 | { |
6699 | 0 | struct wpa_radio *radio = eloop_ctx; |
6700 | 0 | struct wpa_radio_work *work; |
6701 | 0 | struct os_reltime now, diff; |
6702 | 0 | struct wpa_supplicant *wpa_s; |
6703 | |
|
6704 | 0 | work = dl_list_first(&radio->work, struct wpa_radio_work, list); |
6705 | 0 | if (work == NULL) { |
6706 | 0 | radio->num_active_works = 0; |
6707 | 0 | return; |
6708 | 0 | } |
6709 | | |
6710 | 0 | wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant, |
6711 | 0 | radio_list); |
6712 | |
|
6713 | 0 | if (!(wpa_s && |
6714 | 0 | wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) { |
6715 | 0 | if (work->started) |
6716 | 0 | return; /* already started and still in progress */ |
6717 | | |
6718 | 0 | if (wpa_s && external_scan_running(wpa_s->radio)) { |
6719 | 0 | wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes"); |
6720 | 0 | return; |
6721 | 0 | } |
6722 | 0 | } else { |
6723 | 0 | work = NULL; |
6724 | 0 | if (radio->num_active_works < MAX_ACTIVE_WORKS) { |
6725 | | /* get the work to schedule next */ |
6726 | 0 | work = radio_work_get_next_work(radio); |
6727 | 0 | } |
6728 | 0 | if (!work) |
6729 | 0 | return; |
6730 | 0 | } |
6731 | | |
6732 | 0 | wpa_s = work->wpa_s; |
6733 | 0 | os_get_reltime(&now); |
6734 | 0 | os_reltime_sub(&now, &work->time, &diff); |
6735 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
6736 | 0 | "Starting radio work '%s'@%p after %ld.%06ld second wait", |
6737 | 0 | work->type, work, diff.sec, diff.usec); |
6738 | 0 | work->started = 1; |
6739 | 0 | work->time = now; |
6740 | 0 | radio->num_active_works++; |
6741 | |
|
6742 | 0 | work->cb(work, 0); |
6743 | |
|
6744 | 0 | if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) && |
6745 | 0 | radio->num_active_works < MAX_ACTIVE_WORKS) |
6746 | 0 | radio_work_check_next(wpa_s); |
6747 | 0 | } |
6748 | | |
6749 | | |
6750 | | /* |
6751 | | * This function removes both started and pending radio works running on |
6752 | | * the provided interface's radio. |
6753 | | * Prior to the removal of the radio work, its callback (cb) is called with |
6754 | | * deinit set to be 1. Each work's callback is responsible for clearing its |
6755 | | * internal data and restoring to a correct state. |
6756 | | * @wpa_s: wpa_supplicant data |
6757 | | * @type: type of works to be removed |
6758 | | * @remove_all: 1 to remove all the works on this radio, 0 to remove only |
6759 | | * this interface's works. |
6760 | | */ |
6761 | | void radio_remove_works(struct wpa_supplicant *wpa_s, |
6762 | | const char *type, int remove_all) |
6763 | 0 | { |
6764 | 0 | struct wpa_radio_work *work, *tmp; |
6765 | 0 | struct wpa_radio *radio = wpa_s->radio; |
6766 | |
|
6767 | 0 | dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work, |
6768 | 0 | list) { |
6769 | 0 | if (type && os_strcmp(type, work->type) != 0) |
6770 | 0 | continue; |
6771 | | |
6772 | | /* skip other ifaces' works */ |
6773 | 0 | if (!remove_all && work->wpa_s != wpa_s) |
6774 | 0 | continue; |
6775 | | |
6776 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s", |
6777 | 0 | work->type, work, work->started ? " (started)" : ""); |
6778 | 0 | work->cb(work, 1); |
6779 | 0 | radio_work_free(work); |
6780 | 0 | } |
6781 | | |
6782 | | /* in case we removed the started work */ |
6783 | 0 | radio_work_check_next(wpa_s); |
6784 | 0 | } |
6785 | | |
6786 | | |
6787 | | void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx) |
6788 | 0 | { |
6789 | 0 | struct wpa_radio_work *work; |
6790 | 0 | struct wpa_radio *radio = wpa_s->radio; |
6791 | |
|
6792 | 0 | dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { |
6793 | 0 | if (work->ctx != ctx) |
6794 | 0 | continue; |
6795 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s", |
6796 | 0 | work->type, work, work->started ? " (started)" : ""); |
6797 | 0 | radio_work_free(work); |
6798 | 0 | break; |
6799 | 0 | } |
6800 | 0 | } |
6801 | | |
6802 | | |
6803 | | static void radio_remove_interface(struct wpa_supplicant *wpa_s) |
6804 | 0 | { |
6805 | 0 | struct wpa_radio *radio = wpa_s->radio; |
6806 | |
|
6807 | 0 | if (!radio) |
6808 | 0 | return; |
6809 | | |
6810 | 0 | wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s", |
6811 | 0 | wpa_s->ifname, radio->name); |
6812 | 0 | dl_list_del(&wpa_s->radio_list); |
6813 | 0 | radio_remove_works(wpa_s, NULL, 0); |
6814 | | /* If the interface that triggered the external scan was removed, the |
6815 | | * external scan is no longer running. */ |
6816 | 0 | if (wpa_s == radio->external_scan_req_interface) |
6817 | 0 | radio->external_scan_req_interface = NULL; |
6818 | 0 | wpa_s->radio = NULL; |
6819 | 0 | if (!dl_list_empty(&radio->ifaces)) |
6820 | 0 | return; /* Interfaces remain for this radio */ |
6821 | | |
6822 | 0 | wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name); |
6823 | 0 | eloop_cancel_timeout(radio_start_next_work, radio, NULL); |
6824 | 0 | os_free(radio); |
6825 | 0 | } |
6826 | | |
6827 | | |
6828 | | void radio_work_check_next(struct wpa_supplicant *wpa_s) |
6829 | 0 | { |
6830 | 0 | struct wpa_radio *radio = wpa_s->radio; |
6831 | |
|
6832 | 0 | if (dl_list_empty(&radio->work)) |
6833 | 0 | return; |
6834 | 0 | if (wpa_s->ext_work_in_progress) { |
6835 | 0 | wpa_printf(MSG_DEBUG, |
6836 | 0 | "External radio work in progress - delay start of pending item"); |
6837 | 0 | return; |
6838 | 0 | } |
6839 | 0 | eloop_cancel_timeout(radio_start_next_work, radio, NULL); |
6840 | 0 | eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL); |
6841 | 0 | } |
6842 | | |
6843 | | |
6844 | | /** |
6845 | | * radio_add_work - Add a radio work item |
6846 | | * @wpa_s: Pointer to wpa_supplicant data |
6847 | | * @freq: Frequency of the offchannel operation in MHz or 0 |
6848 | | * @type: Unique identifier for each type of work |
6849 | | * @next: Force as the next work to be executed |
6850 | | * @cb: Callback function for indicating when radio is available |
6851 | | * @ctx: Context pointer for the work (work->ctx in cb()) |
6852 | | * Returns: 0 on success, -1 on failure |
6853 | | * |
6854 | | * This function is used to request time for an operation that requires |
6855 | | * exclusive radio control. Once the radio is available, the registered callback |
6856 | | * function will be called. radio_work_done() must be called once the exclusive |
6857 | | * radio operation has been completed, so that the radio is freed for other |
6858 | | * operations. The special case of deinit=1 is used to free the context data |
6859 | | * during interface removal. That does not allow the callback function to start |
6860 | | * the radio operation, i.e., it must free any resources allocated for the radio |
6861 | | * work and return. |
6862 | | * |
6863 | | * The @freq parameter can be used to indicate a single channel on which the |
6864 | | * offchannel operation will occur. This may allow multiple radio work |
6865 | | * operations to be performed in parallel if they apply for the same channel. |
6866 | | * Setting this to 0 indicates that the work item may use multiple channels or |
6867 | | * requires exclusive control of the radio. |
6868 | | */ |
6869 | | int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq, |
6870 | | const char *type, int next, |
6871 | | void (*cb)(struct wpa_radio_work *work, int deinit), |
6872 | | void *ctx) |
6873 | 0 | { |
6874 | 0 | struct wpa_radio *radio = wpa_s->radio; |
6875 | 0 | struct wpa_radio_work *work; |
6876 | 0 | int was_empty; |
6877 | |
|
6878 | 0 | work = os_zalloc(sizeof(*work)); |
6879 | 0 | if (work == NULL) |
6880 | 0 | return -1; |
6881 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work); |
6882 | 0 | os_get_reltime(&work->time); |
6883 | 0 | work->freq = freq; |
6884 | 0 | work->type = type; |
6885 | 0 | work->wpa_s = wpa_s; |
6886 | 0 | work->cb = cb; |
6887 | 0 | work->ctx = ctx; |
6888 | |
|
6889 | 0 | if (freq) |
6890 | 0 | work->bands = wpas_freq_to_band(freq); |
6891 | 0 | else if (os_strcmp(type, "scan") == 0 || |
6892 | 0 | os_strcmp(type, "p2p-scan") == 0) |
6893 | 0 | work->bands = wpas_get_bands(wpa_s, |
6894 | 0 | ((struct wpa_driver_scan_params *) |
6895 | 0 | ctx)->freqs); |
6896 | 0 | else |
6897 | 0 | work->bands = wpas_get_bands(wpa_s, NULL); |
6898 | |
|
6899 | 0 | was_empty = dl_list_empty(&wpa_s->radio->work); |
6900 | 0 | if (next) |
6901 | 0 | dl_list_add(&wpa_s->radio->work, &work->list); |
6902 | 0 | else |
6903 | 0 | dl_list_add_tail(&wpa_s->radio->work, &work->list); |
6904 | 0 | if (was_empty) { |
6905 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately"); |
6906 | 0 | radio_work_check_next(wpa_s); |
6907 | 0 | } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) |
6908 | 0 | && radio->num_active_works < MAX_ACTIVE_WORKS) { |
6909 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
6910 | 0 | "Try to schedule a radio work (num_active_works=%u)", |
6911 | 0 | radio->num_active_works); |
6912 | 0 | radio_work_check_next(wpa_s); |
6913 | 0 | } |
6914 | |
|
6915 | 0 | return 0; |
6916 | 0 | } |
6917 | | |
6918 | | |
6919 | | /** |
6920 | | * radio_work_done - Indicate that a radio work item has been completed |
6921 | | * @work: Completed work |
6922 | | * |
6923 | | * This function is called once the callback function registered with |
6924 | | * radio_add_work() has completed its work. |
6925 | | */ |
6926 | | void radio_work_done(struct wpa_radio_work *work) |
6927 | 0 | { |
6928 | 0 | struct wpa_supplicant *wpa_s = work->wpa_s; |
6929 | 0 | struct os_reltime now, diff; |
6930 | 0 | unsigned int started = work->started; |
6931 | |
|
6932 | 0 | os_get_reltime(&now); |
6933 | 0 | os_reltime_sub(&now, &work->time, &diff); |
6934 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds", |
6935 | 0 | work->type, work, started ? "done" : "canceled", |
6936 | 0 | diff.sec, diff.usec); |
6937 | 0 | radio_work_free(work); |
6938 | 0 | if (started) |
6939 | 0 | radio_work_check_next(wpa_s); |
6940 | 0 | } |
6941 | | |
6942 | | |
6943 | | struct wpa_radio_work * |
6944 | | radio_work_pending(struct wpa_supplicant *wpa_s, const char *type) |
6945 | 0 | { |
6946 | 0 | struct wpa_radio_work *work; |
6947 | 0 | struct wpa_radio *radio = wpa_s->radio; |
6948 | |
|
6949 | 0 | dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { |
6950 | 0 | if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0) |
6951 | 0 | return work; |
6952 | 0 | } |
6953 | | |
6954 | 0 | return NULL; |
6955 | 0 | } |
6956 | | |
6957 | | |
6958 | | static int wpas_init_driver(struct wpa_supplicant *wpa_s, |
6959 | | const struct wpa_interface *iface) |
6960 | 0 | { |
6961 | 0 | const char *ifname, *driver, *rn; |
6962 | |
|
6963 | 0 | driver = iface->driver; |
6964 | 0 | next_driver: |
6965 | 0 | if (wpa_supplicant_set_driver(wpa_s, driver) < 0) |
6966 | 0 | return -1; |
6967 | | |
6968 | 0 | wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); |
6969 | 0 | if (wpa_s->drv_priv == NULL) { |
6970 | 0 | const char *pos; |
6971 | 0 | int level = MSG_ERROR; |
6972 | |
|
6973 | 0 | pos = driver ? os_strchr(driver, ',') : NULL; |
6974 | 0 | if (pos) { |
6975 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " |
6976 | 0 | "driver interface - try next driver wrapper"); |
6977 | 0 | driver = pos + 1; |
6978 | 0 | goto next_driver; |
6979 | 0 | } |
6980 | | |
6981 | | #ifdef CONFIG_MATCH_IFACE |
6982 | | if (wpa_s->matched == WPA_IFACE_MATCHED_NULL) |
6983 | | level = MSG_DEBUG; |
6984 | | #endif /* CONFIG_MATCH_IFACE */ |
6985 | 0 | wpa_msg(wpa_s, level, "Failed to initialize driver interface"); |
6986 | 0 | return -1; |
6987 | 0 | } |
6988 | 0 | if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { |
6989 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " |
6990 | 0 | "driver_param '%s'", wpa_s->conf->driver_param); |
6991 | 0 | return -1; |
6992 | 0 | } |
6993 | | |
6994 | 0 | ifname = wpa_drv_get_ifname(wpa_s); |
6995 | 0 | if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { |
6996 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " |
6997 | 0 | "interface name with '%s'", ifname); |
6998 | 0 | os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); |
6999 | 0 | } |
7000 | |
|
7001 | 0 | rn = wpa_driver_get_radio_name(wpa_s); |
7002 | 0 | if (rn && rn[0] == '\0') |
7003 | 0 | rn = NULL; |
7004 | |
|
7005 | 0 | wpa_s->radio = radio_add_interface(wpa_s, rn); |
7006 | 0 | if (wpa_s->radio == NULL) |
7007 | 0 | return -1; |
7008 | | |
7009 | 0 | return 0; |
7010 | 0 | } |
7011 | | |
7012 | | |
7013 | | #ifdef CONFIG_GAS_SERVER |
7014 | | |
7015 | | static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s, |
7016 | | unsigned int freq, const u8 *dst, |
7017 | | const u8 *src, const u8 *bssid, |
7018 | | const u8 *data, size_t data_len, |
7019 | | enum offchannel_send_action_result result) |
7020 | | { |
7021 | | wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR |
7022 | | " result=%s", |
7023 | | freq, MAC2STR(dst), |
7024 | | result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : |
7025 | | (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : |
7026 | | "FAILED")); |
7027 | | gas_server_tx_status(wpa_s->gas_server, dst, data, data_len, |
7028 | | result == OFFCHANNEL_SEND_ACTION_SUCCESS); |
7029 | | } |
7030 | | |
7031 | | |
7032 | | static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da, |
7033 | | struct wpabuf *buf, unsigned int wait_time) |
7034 | | { |
7035 | | struct wpa_supplicant *wpa_s = ctx; |
7036 | | const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; |
7037 | | |
7038 | | if (wait_time > wpa_s->max_remain_on_chan) |
7039 | | wait_time = wpa_s->max_remain_on_chan; |
7040 | | |
7041 | | offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast, |
7042 | | wpabuf_head(buf), wpabuf_len(buf), |
7043 | | wait_time, wpas_gas_server_tx_status, 0); |
7044 | | } |
7045 | | |
7046 | | #endif /* CONFIG_GAS_SERVER */ |
7047 | | |
7048 | | static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, |
7049 | | const struct wpa_interface *iface) |
7050 | 0 | { |
7051 | 0 | struct wpa_driver_capa capa; |
7052 | 0 | int capa_res; |
7053 | 0 | u8 dfs_domain; |
7054 | |
|
7055 | 0 | wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " |
7056 | 0 | "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, |
7057 | 0 | iface->confname ? iface->confname : "N/A", |
7058 | 0 | iface->driver ? iface->driver : "default", |
7059 | 0 | iface->ctrl_interface ? iface->ctrl_interface : "N/A", |
7060 | 0 | iface->bridge_ifname ? iface->bridge_ifname : "N/A"); |
7061 | |
|
7062 | 0 | if (iface->confname) { |
7063 | | #ifdef CONFIG_BACKEND_FILE |
7064 | | wpa_s->confname = os_rel2abs_path(iface->confname); |
7065 | | if (wpa_s->confname == NULL) { |
7066 | | wpa_printf(MSG_ERROR, "Failed to get absolute path " |
7067 | | "for configuration file '%s'.", |
7068 | | iface->confname); |
7069 | | return -1; |
7070 | | } |
7071 | | wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", |
7072 | | iface->confname, wpa_s->confname); |
7073 | | #else /* CONFIG_BACKEND_FILE */ |
7074 | 0 | wpa_s->confname = os_strdup(iface->confname); |
7075 | 0 | #endif /* CONFIG_BACKEND_FILE */ |
7076 | 0 | wpa_s->conf = wpa_config_read(wpa_s->confname, NULL, false); |
7077 | 0 | if (wpa_s->conf == NULL) { |
7078 | 0 | wpa_printf(MSG_ERROR, "Failed to read or parse " |
7079 | 0 | "configuration '%s'.", wpa_s->confname); |
7080 | 0 | return -1; |
7081 | 0 | } |
7082 | 0 | wpa_s->confanother = os_rel2abs_path(iface->confanother); |
7083 | 0 | if (wpa_s->confanother && |
7084 | 0 | !wpa_config_read(wpa_s->confanother, wpa_s->conf, true)) { |
7085 | 0 | wpa_printf(MSG_ERROR, |
7086 | 0 | "Failed to read or parse configuration '%s'.", |
7087 | 0 | wpa_s->confanother); |
7088 | 0 | return -1; |
7089 | 0 | } |
7090 | | |
7091 | | /* |
7092 | | * Override ctrl_interface and driver_param if set on command |
7093 | | * line. |
7094 | | */ |
7095 | 0 | if (iface->ctrl_interface) { |
7096 | 0 | os_free(wpa_s->conf->ctrl_interface); |
7097 | 0 | wpa_s->conf->ctrl_interface = |
7098 | 0 | os_strdup(iface->ctrl_interface); |
7099 | 0 | if (!wpa_s->conf->ctrl_interface) { |
7100 | 0 | wpa_printf(MSG_ERROR, |
7101 | 0 | "Failed to duplicate control interface '%s'.", |
7102 | 0 | iface->ctrl_interface); |
7103 | 0 | return -1; |
7104 | 0 | } |
7105 | 0 | } |
7106 | | |
7107 | 0 | if (iface->driver_param) { |
7108 | 0 | os_free(wpa_s->conf->driver_param); |
7109 | 0 | wpa_s->conf->driver_param = |
7110 | 0 | os_strdup(iface->driver_param); |
7111 | 0 | if (!wpa_s->conf->driver_param) { |
7112 | 0 | wpa_printf(MSG_ERROR, |
7113 | 0 | "Failed to duplicate driver param '%s'.", |
7114 | 0 | iface->driver_param); |
7115 | 0 | return -1; |
7116 | 0 | } |
7117 | 0 | } |
7118 | | |
7119 | 0 | if (iface->p2p_mgmt && !iface->ctrl_interface) { |
7120 | 0 | os_free(wpa_s->conf->ctrl_interface); |
7121 | 0 | wpa_s->conf->ctrl_interface = NULL; |
7122 | 0 | } |
7123 | 0 | } else |
7124 | 0 | wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, |
7125 | 0 | iface->driver_param); |
7126 | | |
7127 | 0 | if (wpa_s->conf == NULL) { |
7128 | 0 | wpa_printf(MSG_ERROR, "\nNo configuration found."); |
7129 | 0 | return -1; |
7130 | 0 | } |
7131 | | |
7132 | 0 | if (iface->ifname == NULL) { |
7133 | 0 | wpa_printf(MSG_ERROR, "\nInterface name is required."); |
7134 | 0 | return -1; |
7135 | 0 | } |
7136 | 0 | if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { |
7137 | 0 | wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", |
7138 | 0 | iface->ifname); |
7139 | 0 | return -1; |
7140 | 0 | } |
7141 | 0 | os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); |
7142 | | #ifdef CONFIG_MATCH_IFACE |
7143 | | wpa_s->matched = iface->matched; |
7144 | | #endif /* CONFIG_MATCH_IFACE */ |
7145 | |
|
7146 | 0 | if (iface->bridge_ifname) { |
7147 | 0 | if (os_strlen(iface->bridge_ifname) >= |
7148 | 0 | sizeof(wpa_s->bridge_ifname)) { |
7149 | 0 | wpa_printf(MSG_ERROR, "\nToo long bridge interface " |
7150 | 0 | "name '%s'.", iface->bridge_ifname); |
7151 | 0 | return -1; |
7152 | 0 | } |
7153 | 0 | os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, |
7154 | 0 | sizeof(wpa_s->bridge_ifname)); |
7155 | 0 | } |
7156 | | |
7157 | | /* RSNA Supplicant Key Management - INITIALIZE */ |
7158 | 0 | eapol_sm_notify_portEnabled(wpa_s->eapol, false); |
7159 | 0 | eapol_sm_notify_portValid(wpa_s->eapol, false); |
7160 | | |
7161 | | /* Initialize driver interface and register driver event handler before |
7162 | | * L2 receive handler so that association events are processed before |
7163 | | * EAPOL-Key packets if both become available for the same select() |
7164 | | * call. */ |
7165 | 0 | if (wpas_init_driver(wpa_s, iface) < 0) |
7166 | 0 | return -1; |
7167 | | |
7168 | 0 | if (wpa_supplicant_init_wpa(wpa_s) < 0) |
7169 | 0 | return -1; |
7170 | | |
7171 | 0 | wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, |
7172 | 0 | wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : |
7173 | 0 | NULL); |
7174 | 0 | wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); |
7175 | |
|
7176 | 0 | if (wpa_s->conf->dot11RSNAConfigPMKLifetime && |
7177 | 0 | wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, |
7178 | 0 | wpa_s->conf->dot11RSNAConfigPMKLifetime)) { |
7179 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " |
7180 | 0 | "dot11RSNAConfigPMKLifetime"); |
7181 | 0 | return -1; |
7182 | 0 | } |
7183 | | |
7184 | 0 | if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && |
7185 | 0 | wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, |
7186 | 0 | wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { |
7187 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " |
7188 | 0 | "dot11RSNAConfigPMKReauthThreshold"); |
7189 | 0 | return -1; |
7190 | 0 | } |
7191 | | |
7192 | 0 | if (wpa_s->conf->dot11RSNAConfigSATimeout && |
7193 | 0 | wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, |
7194 | 0 | wpa_s->conf->dot11RSNAConfigSATimeout)) { |
7195 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " |
7196 | 0 | "dot11RSNAConfigSATimeout"); |
7197 | 0 | return -1; |
7198 | 0 | } |
7199 | | |
7200 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID, |
7201 | 0 | wpa_s->conf->ft_prepend_pmkid); |
7202 | |
|
7203 | 0 | wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, |
7204 | 0 | &wpa_s->hw.num_modes, |
7205 | 0 | &wpa_s->hw.flags, |
7206 | 0 | &dfs_domain); |
7207 | 0 | if (wpa_s->hw.modes) { |
7208 | 0 | u16 i; |
7209 | |
|
7210 | 0 | for (i = 0; i < wpa_s->hw.num_modes; i++) { |
7211 | 0 | if (wpa_s->hw.modes[i].vht_capab) { |
7212 | 0 | wpa_s->hw_capab = CAPAB_VHT; |
7213 | 0 | break; |
7214 | 0 | } |
7215 | | |
7216 | 0 | if (wpa_s->hw.modes[i].ht_capab & |
7217 | 0 | HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET) |
7218 | 0 | wpa_s->hw_capab = CAPAB_HT40; |
7219 | 0 | else if (wpa_s->hw.modes[i].ht_capab && |
7220 | 0 | wpa_s->hw_capab == CAPAB_NO_HT_VHT) |
7221 | 0 | wpa_s->hw_capab = CAPAB_HT; |
7222 | 0 | } |
7223 | 0 | wpa_s->support_6ghz = wpas_is_6ghz_supported(wpa_s, false); |
7224 | 0 | } |
7225 | |
|
7226 | 0 | capa_res = wpa_drv_get_capa(wpa_s, &capa); |
7227 | 0 | if (capa_res == 0) { |
7228 | 0 | wpa_s->drv_capa_known = 1; |
7229 | 0 | wpa_s->drv_flags = capa.flags; |
7230 | 0 | wpa_s->drv_flags2 = capa.flags2; |
7231 | 0 | wpa_s->drv_enc = capa.enc; |
7232 | 0 | wpa_s->drv_rrm_flags = capa.rrm_flags; |
7233 | 0 | wpa_s->drv_max_acl_mac_addrs = capa.max_acl_mac_addrs; |
7234 | 0 | wpa_s->probe_resp_offloads = capa.probe_resp_offloads; |
7235 | 0 | wpa_s->max_scan_ssids = capa.max_scan_ssids; |
7236 | 0 | wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; |
7237 | 0 | wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans; |
7238 | 0 | wpa_s->max_sched_scan_plan_interval = |
7239 | 0 | capa.max_sched_scan_plan_interval; |
7240 | 0 | wpa_s->max_sched_scan_plan_iterations = |
7241 | 0 | capa.max_sched_scan_plan_iterations; |
7242 | 0 | wpa_s->sched_scan_supported = capa.sched_scan_supported; |
7243 | 0 | wpa_s->max_match_sets = capa.max_match_sets; |
7244 | 0 | wpa_s->max_remain_on_chan = capa.max_remain_on_chan; |
7245 | 0 | wpa_s->max_stations = capa.max_stations; |
7246 | 0 | wpa_s->extended_capa = capa.extended_capa; |
7247 | 0 | wpa_s->extended_capa_mask = capa.extended_capa_mask; |
7248 | 0 | wpa_s->extended_capa_len = capa.extended_capa_len; |
7249 | 0 | wpa_s->num_multichan_concurrent = |
7250 | 0 | capa.num_multichan_concurrent; |
7251 | 0 | #ifndef CONFIG_NO_WMM_AC |
7252 | 0 | wpa_s->wmm_ac_supported = capa.wmm_ac_supported; |
7253 | 0 | #endif /* CONFIG_NO_WMM_AC */ |
7254 | 0 | wpa_s->max_num_akms = capa.max_num_akms; |
7255 | |
|
7256 | 0 | if (capa.mac_addr_rand_scan_supported) |
7257 | 0 | wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN; |
7258 | 0 | if (wpa_s->sched_scan_supported && |
7259 | 0 | capa.mac_addr_rand_sched_scan_supported) |
7260 | 0 | wpa_s->mac_addr_rand_supported |= |
7261 | 0 | (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO); |
7262 | |
|
7263 | 0 | wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); |
7264 | 0 | if (wpa_s->extended_capa && |
7265 | 0 | wpa_s->extended_capa_len >= 3 && |
7266 | 0 | wpa_s->extended_capa[2] & 0x40) |
7267 | 0 | wpa_s->multi_bss_support = 1; |
7268 | 0 | } |
7269 | | #ifdef CONFIG_PASN |
7270 | | wpa_pasn_sm_set_caps(wpa_s->wpa, wpa_s->drv_flags2); |
7271 | | #endif /* CONFIG_PASN */ |
7272 | 0 | wpa_sm_set_driver_bss_selection(wpa_s->wpa, |
7273 | 0 | !!(wpa_s->drv_flags & |
7274 | 0 | WPA_DRIVER_FLAGS_BSS_SELECTION)); |
7275 | 0 | if (wpa_s->max_remain_on_chan == 0) |
7276 | 0 | wpa_s->max_remain_on_chan = 1000; |
7277 | | |
7278 | | /* |
7279 | | * Only take p2p_mgmt parameters when P2P Device is supported. |
7280 | | * Doing it here as it determines whether l2_packet_init() will be done |
7281 | | * during wpa_supplicant_driver_init(). |
7282 | | */ |
7283 | 0 | if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) |
7284 | 0 | wpa_s->p2p_mgmt = iface->p2p_mgmt; |
7285 | |
|
7286 | 0 | if (wpa_s->num_multichan_concurrent == 0) |
7287 | 0 | wpa_s->num_multichan_concurrent = 1; |
7288 | |
|
7289 | 0 | if (wpa_supplicant_driver_init(wpa_s) < 0) |
7290 | 0 | return -1; |
7291 | | |
7292 | | #ifdef CONFIG_TDLS |
7293 | | if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa)) |
7294 | | return -1; |
7295 | | #endif /* CONFIG_TDLS */ |
7296 | | |
7297 | 0 | if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && |
7298 | 0 | wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { |
7299 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); |
7300 | 0 | return -1; |
7301 | 0 | } |
7302 | | |
7303 | | #ifdef CONFIG_FST |
7304 | | if (wpa_s->conf->fst_group_id) { |
7305 | | struct fst_iface_cfg cfg; |
7306 | | struct fst_wpa_obj iface_obj; |
7307 | | |
7308 | | fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj); |
7309 | | os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id, |
7310 | | sizeof(cfg.group_id)); |
7311 | | cfg.priority = wpa_s->conf->fst_priority; |
7312 | | cfg.llt = wpa_s->conf->fst_llt; |
7313 | | |
7314 | | wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr, |
7315 | | &iface_obj, &cfg); |
7316 | | if (!wpa_s->fst) { |
7317 | | wpa_msg(wpa_s, MSG_ERROR, |
7318 | | "FST: Cannot attach iface %s to group %s", |
7319 | | wpa_s->ifname, cfg.group_id); |
7320 | | return -1; |
7321 | | } |
7322 | | } |
7323 | | #endif /* CONFIG_FST */ |
7324 | | |
7325 | 0 | if (wpas_wps_init(wpa_s)) |
7326 | 0 | return -1; |
7327 | | |
7328 | | #ifdef CONFIG_GAS_SERVER |
7329 | | wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx); |
7330 | | if (!wpa_s->gas_server) { |
7331 | | wpa_printf(MSG_ERROR, "Failed to initialize GAS server"); |
7332 | | return -1; |
7333 | | } |
7334 | | #endif /* CONFIG_GAS_SERVER */ |
7335 | | |
7336 | | #ifdef CONFIG_DPP |
7337 | | if (wpas_dpp_init(wpa_s) < 0) |
7338 | | return -1; |
7339 | | #endif /* CONFIG_DPP */ |
7340 | | |
7341 | | #ifdef CONFIG_NAN_USD |
7342 | | if (wpas_nan_usd_init(wpa_s) < 0) |
7343 | | return -1; |
7344 | | #endif /* CONFIG_NAN_USD */ |
7345 | | |
7346 | 0 | if (wpa_supplicant_init_eapol(wpa_s) < 0) |
7347 | 0 | return -1; |
7348 | 0 | wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); |
7349 | |
|
7350 | 0 | wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); |
7351 | 0 | if (wpa_s->ctrl_iface == NULL) { |
7352 | 0 | wpa_printf(MSG_ERROR, |
7353 | 0 | "Failed to initialize control interface '%s'.\n" |
7354 | 0 | "You may have another wpa_supplicant process " |
7355 | 0 | "already running or the file was\n" |
7356 | 0 | "left by an unclean termination of wpa_supplicant " |
7357 | 0 | "in which case you will need\n" |
7358 | 0 | "to manually remove this file before starting " |
7359 | 0 | "wpa_supplicant again.\n", |
7360 | 0 | wpa_s->conf->ctrl_interface); |
7361 | 0 | return -1; |
7362 | 0 | } |
7363 | | |
7364 | 0 | wpa_s->gas = gas_query_init(wpa_s); |
7365 | 0 | if (wpa_s->gas == NULL) { |
7366 | 0 | wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); |
7367 | 0 | return -1; |
7368 | 0 | } |
7369 | | |
7370 | 0 | if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) || |
7371 | 0 | wpa_s->p2p_mgmt) && |
7372 | 0 | wpas_p2p_init(wpa_s->global, wpa_s) < 0) { |
7373 | 0 | wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); |
7374 | 0 | return -1; |
7375 | 0 | } |
7376 | | |
7377 | 0 | if (wpa_bss_init(wpa_s) < 0) |
7378 | 0 | return -1; |
7379 | | |
7380 | | #ifdef CONFIG_PMKSA_CACHE_EXTERNAL |
7381 | | #ifdef CONFIG_MESH |
7382 | | dl_list_init(&wpa_s->mesh_external_pmksa_cache); |
7383 | | #endif /* CONFIG_MESH */ |
7384 | | #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ |
7385 | | |
7386 | | /* |
7387 | | * Set Wake-on-WLAN triggers, if configured. |
7388 | | * Note: We don't restore/remove the triggers on shutdown (it doesn't |
7389 | | * have effect anyway when the interface is down). |
7390 | | */ |
7391 | 0 | if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) |
7392 | 0 | return -1; |
7393 | | |
7394 | | #ifdef CONFIG_EAP_PROXY |
7395 | | { |
7396 | | size_t len; |
7397 | | wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1, |
7398 | | wpa_s->imsi, &len); |
7399 | | if (wpa_s->mnc_len > 0) { |
7400 | | wpa_s->imsi[len] = '\0'; |
7401 | | wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)", |
7402 | | wpa_s->imsi, wpa_s->mnc_len); |
7403 | | } else { |
7404 | | wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available"); |
7405 | | } |
7406 | | } |
7407 | | #endif /* CONFIG_EAP_PROXY */ |
7408 | | |
7409 | 0 | if (pcsc_reader_init(wpa_s) < 0) |
7410 | 0 | return -1; |
7411 | | |
7412 | 0 | if (wpas_init_ext_pw(wpa_s) < 0) |
7413 | 0 | return -1; |
7414 | | |
7415 | 0 | #ifndef CONFIG_NO_RRM |
7416 | 0 | wpas_rrm_reset(wpa_s); |
7417 | 0 | #endif /* CONFIG_NO_RRM */ |
7418 | |
|
7419 | 0 | wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); |
7420 | |
|
7421 | 0 | #ifdef CONFIG_HS20 |
7422 | 0 | hs20_init(wpa_s); |
7423 | 0 | #endif /* CONFIG_HS20 */ |
7424 | | #ifdef CONFIG_MBO |
7425 | | if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) { |
7426 | | if ((wpa_s->conf->oce & OCE_STA) && |
7427 | | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA)) |
7428 | | wpa_s->enable_oce = OCE_STA; |
7429 | | if ((wpa_s->conf->oce & OCE_STA_CFON) && |
7430 | | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) { |
7431 | | /* TODO: Need to add STA-CFON support */ |
7432 | | wpa_printf(MSG_ERROR, |
7433 | | "OCE STA-CFON feature is not yet supported"); |
7434 | | } |
7435 | | } |
7436 | | wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan); |
7437 | | #endif /* CONFIG_MBO */ |
7438 | |
|
7439 | 0 | wpa_supplicant_set_default_scan_ies(wpa_s); |
7440 | |
|
7441 | 0 | return 0; |
7442 | 0 | } |
7443 | | |
7444 | | |
7445 | | static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, |
7446 | | int notify, int terminate) |
7447 | 0 | { |
7448 | 0 | struct wpa_global *global = wpa_s->global; |
7449 | 0 | struct wpa_supplicant *iface, *prev; |
7450 | |
|
7451 | 0 | if (wpa_s == wpa_s->parent) |
7452 | 0 | wpas_p2p_group_remove(wpa_s, "*"); |
7453 | |
|
7454 | 0 | iface = global->ifaces; |
7455 | 0 | while (iface) { |
7456 | 0 | if (iface->p2pdev == wpa_s) |
7457 | 0 | iface->p2pdev = iface->parent; |
7458 | 0 | if (iface == wpa_s || iface->parent != wpa_s) { |
7459 | 0 | iface = iface->next; |
7460 | 0 | continue; |
7461 | 0 | } |
7462 | 0 | wpa_printf(MSG_DEBUG, |
7463 | 0 | "Remove remaining child interface %s from parent %s", |
7464 | 0 | iface->ifname, wpa_s->ifname); |
7465 | 0 | prev = iface; |
7466 | 0 | iface = iface->next; |
7467 | 0 | wpa_supplicant_remove_iface(global, prev, terminate); |
7468 | 0 | } |
7469 | |
|
7470 | 0 | wpa_s->disconnected = 1; |
7471 | 0 | if (wpa_s->drv_priv) { |
7472 | | /* |
7473 | | * Don't deauthenticate if WoWLAN is enable and not explicitly |
7474 | | * been configured to disconnect. |
7475 | | */ |
7476 | 0 | if (!wpa_drv_get_wowlan(wpa_s) || |
7477 | 0 | wpa_s->conf->wowlan_disconnect_on_deinit) { |
7478 | 0 | wpa_supplicant_deauthenticate( |
7479 | 0 | wpa_s, WLAN_REASON_DEAUTH_LEAVING); |
7480 | |
|
7481 | 0 | wpa_drv_set_countermeasures(wpa_s, 0); |
7482 | 0 | wpa_clear_keys(wpa_s, NULL); |
7483 | 0 | } else { |
7484 | 0 | wpa_msg(wpa_s, MSG_INFO, |
7485 | 0 | "Do not deauthenticate as part of interface deinit since WoWLAN is enabled"); |
7486 | 0 | } |
7487 | 0 | } |
7488 | |
|
7489 | 0 | wpa_supplicant_cleanup(wpa_s); |
7490 | 0 | wpas_p2p_deinit_iface(wpa_s); |
7491 | |
|
7492 | 0 | wpas_ctrl_radio_work_flush(wpa_s); |
7493 | 0 | radio_remove_interface(wpa_s); |
7494 | |
|
7495 | | #ifdef CONFIG_FST |
7496 | | if (wpa_s->fst) { |
7497 | | fst_detach(wpa_s->fst); |
7498 | | wpa_s->fst = NULL; |
7499 | | } |
7500 | | if (wpa_s->received_mb_ies) { |
7501 | | wpabuf_free(wpa_s->received_mb_ies); |
7502 | | wpa_s->received_mb_ies = NULL; |
7503 | | } |
7504 | | #endif /* CONFIG_FST */ |
7505 | |
|
7506 | 0 | if (wpa_s->drv_priv) |
7507 | 0 | wpa_drv_deinit(wpa_s); |
7508 | |
|
7509 | 0 | if (notify) |
7510 | 0 | wpas_notify_iface_removed(wpa_s); |
7511 | |
|
7512 | 0 | if (terminate) |
7513 | 0 | wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); |
7514 | |
|
7515 | 0 | wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface); |
7516 | 0 | wpa_s->ctrl_iface = NULL; |
7517 | |
|
7518 | | #ifdef CONFIG_MESH |
7519 | | if (wpa_s->ifmsh) { |
7520 | | wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true); |
7521 | | wpa_s->ifmsh = NULL; |
7522 | | } |
7523 | | #endif /* CONFIG_MESH */ |
7524 | |
|
7525 | 0 | if (wpa_s->conf != NULL) { |
7526 | 0 | wpa_config_free(wpa_s->conf); |
7527 | 0 | wpa_s->conf = NULL; |
7528 | 0 | } |
7529 | |
|
7530 | 0 | os_free(wpa_s->ssids_from_scan_req); |
7531 | 0 | os_free(wpa_s->last_scan_freqs); |
7532 | |
|
7533 | 0 | os_free(wpa_s); |
7534 | 0 | } |
7535 | | |
7536 | | |
7537 | | #ifdef CONFIG_MATCH_IFACE |
7538 | | |
7539 | | /** |
7540 | | * wpa_supplicant_match_iface - Match an interface description to a name |
7541 | | * @global: Pointer to global data from wpa_supplicant_init() |
7542 | | * @ifname: Name of the interface to match |
7543 | | * Returns: Pointer to the created interface description or %NULL on failure |
7544 | | */ |
7545 | | struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global, |
7546 | | const char *ifname) |
7547 | | { |
7548 | | int i; |
7549 | | struct wpa_interface *iface, *miface; |
7550 | | |
7551 | | for (i = 0; i < global->params.match_iface_count; i++) { |
7552 | | miface = &global->params.match_ifaces[i]; |
7553 | | if (!miface->ifname || |
7554 | | fnmatch(miface->ifname, ifname, 0) == 0) { |
7555 | | iface = os_zalloc(sizeof(*iface)); |
7556 | | if (!iface) |
7557 | | return NULL; |
7558 | | *iface = *miface; |
7559 | | if (!miface->ifname) |
7560 | | iface->matched = WPA_IFACE_MATCHED_NULL; |
7561 | | else |
7562 | | iface->matched = WPA_IFACE_MATCHED; |
7563 | | iface->ifname = ifname; |
7564 | | return iface; |
7565 | | } |
7566 | | } |
7567 | | |
7568 | | return NULL; |
7569 | | } |
7570 | | |
7571 | | |
7572 | | /** |
7573 | | * wpa_supplicant_match_existing - Match existing interfaces |
7574 | | * @global: Pointer to global data from wpa_supplicant_init() |
7575 | | * Returns: 0 on success, -1 on failure |
7576 | | */ |
7577 | | static int wpa_supplicant_match_existing(struct wpa_global *global) |
7578 | | { |
7579 | | struct if_nameindex *ifi, *ifp; |
7580 | | struct wpa_supplicant *wpa_s; |
7581 | | struct wpa_interface *iface; |
7582 | | |
7583 | | ifp = if_nameindex(); |
7584 | | if (!ifp) { |
7585 | | wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno)); |
7586 | | return -1; |
7587 | | } |
7588 | | |
7589 | | for (ifi = ifp; ifi->if_name; ifi++) { |
7590 | | wpa_s = wpa_supplicant_get_iface(global, ifi->if_name); |
7591 | | if (wpa_s) |
7592 | | continue; |
7593 | | iface = wpa_supplicant_match_iface(global, ifi->if_name); |
7594 | | if (iface) { |
7595 | | wpa_supplicant_add_iface(global, iface, NULL); |
7596 | | os_free(iface); |
7597 | | } |
7598 | | } |
7599 | | |
7600 | | if_freenameindex(ifp); |
7601 | | return 0; |
7602 | | } |
7603 | | |
7604 | | #endif /* CONFIG_MATCH_IFACE */ |
7605 | | |
7606 | | |
7607 | | /** |
7608 | | * wpa_supplicant_add_iface - Add a new network interface |
7609 | | * @global: Pointer to global data from wpa_supplicant_init() |
7610 | | * @iface: Interface configuration options |
7611 | | * @parent: Parent interface or %NULL to assign new interface as parent |
7612 | | * Returns: Pointer to the created interface or %NULL on failure |
7613 | | * |
7614 | | * This function is used to add new network interfaces for %wpa_supplicant. |
7615 | | * This can be called before wpa_supplicant_run() to add interfaces before the |
7616 | | * main event loop has been started. In addition, new interfaces can be added |
7617 | | * dynamically while %wpa_supplicant is already running. This could happen, |
7618 | | * e.g., when a hotplug network adapter is inserted. |
7619 | | */ |
7620 | | struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, |
7621 | | struct wpa_interface *iface, |
7622 | | struct wpa_supplicant *parent) |
7623 | 0 | { |
7624 | 0 | struct wpa_supplicant *wpa_s; |
7625 | 0 | struct wpa_interface t_iface; |
7626 | 0 | struct wpa_ssid *ssid; |
7627 | |
|
7628 | 0 | if (global == NULL || iface == NULL) |
7629 | 0 | return NULL; |
7630 | | |
7631 | 0 | wpa_s = wpa_supplicant_alloc(parent); |
7632 | 0 | if (wpa_s == NULL) |
7633 | 0 | return NULL; |
7634 | | |
7635 | 0 | wpa_s->global = global; |
7636 | |
|
7637 | 0 | t_iface = *iface; |
7638 | 0 | if (global->params.override_driver) { |
7639 | 0 | wpa_printf(MSG_DEBUG, "Override interface parameter: driver " |
7640 | 0 | "('%s' -> '%s')", |
7641 | 0 | iface->driver, global->params.override_driver); |
7642 | 0 | t_iface.driver = global->params.override_driver; |
7643 | 0 | } |
7644 | 0 | if (global->params.override_ctrl_interface) { |
7645 | 0 | wpa_printf(MSG_DEBUG, "Override interface parameter: " |
7646 | 0 | "ctrl_interface ('%s' -> '%s')", |
7647 | 0 | iface->ctrl_interface, |
7648 | 0 | global->params.override_ctrl_interface); |
7649 | 0 | t_iface.ctrl_interface = |
7650 | 0 | global->params.override_ctrl_interface; |
7651 | 0 | } |
7652 | 0 | if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { |
7653 | 0 | wpa_printf(MSG_DEBUG, "Failed to add interface %s", |
7654 | 0 | iface->ifname); |
7655 | 0 | wpa_supplicant_deinit_iface(wpa_s, 0, 0); |
7656 | 0 | return NULL; |
7657 | 0 | } |
7658 | | |
7659 | 0 | if (iface->p2p_mgmt == 0) { |
7660 | | /* Notify the control interfaces about new iface */ |
7661 | 0 | if (wpas_notify_iface_added(wpa_s)) { |
7662 | 0 | wpa_supplicant_deinit_iface(wpa_s, 1, 0); |
7663 | 0 | return NULL; |
7664 | 0 | } |
7665 | | |
7666 | 0 | for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) |
7667 | 0 | wpas_notify_network_added(wpa_s, ssid); |
7668 | 0 | } |
7669 | | |
7670 | 0 | wpa_s->next = global->ifaces; |
7671 | 0 | global->ifaces = wpa_s; |
7672 | |
|
7673 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); |
7674 | 0 | wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); |
7675 | |
|
7676 | | #ifdef CONFIG_P2P |
7677 | | if (wpa_s->global->p2p == NULL && |
7678 | | !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled && |
7679 | | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) && |
7680 | | wpas_p2p_add_p2pdev_interface( |
7681 | | wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) { |
7682 | | wpa_printf(MSG_INFO, |
7683 | | "P2P: Failed to enable P2P Device interface"); |
7684 | | /* Try to continue without. P2P will be disabled. */ |
7685 | | } |
7686 | | #endif /* CONFIG_P2P */ |
7687 | |
|
7688 | 0 | return wpa_s; |
7689 | 0 | } |
7690 | | |
7691 | | |
7692 | | /** |
7693 | | * wpa_supplicant_remove_iface - Remove a network interface |
7694 | | * @global: Pointer to global data from wpa_supplicant_init() |
7695 | | * @wpa_s: Pointer to the network interface to be removed |
7696 | | * Returns: 0 if interface was removed, -1 if interface was not found |
7697 | | * |
7698 | | * This function can be used to dynamically remove network interfaces from |
7699 | | * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In |
7700 | | * addition, this function is used to remove all remaining interfaces when |
7701 | | * %wpa_supplicant is terminated. |
7702 | | */ |
7703 | | int wpa_supplicant_remove_iface(struct wpa_global *global, |
7704 | | struct wpa_supplicant *wpa_s, |
7705 | | int terminate) |
7706 | 0 | { |
7707 | 0 | struct wpa_supplicant *prev; |
7708 | | #ifdef CONFIG_MESH |
7709 | | unsigned int mesh_if_created = wpa_s->mesh_if_created; |
7710 | | char *ifname = NULL; |
7711 | | struct wpa_supplicant *parent = wpa_s->parent; |
7712 | | #endif /* CONFIG_MESH */ |
7713 | | |
7714 | | /* Remove interface from the global list of interfaces */ |
7715 | 0 | prev = global->ifaces; |
7716 | 0 | if (prev == wpa_s) { |
7717 | 0 | global->ifaces = wpa_s->next; |
7718 | 0 | } else { |
7719 | 0 | while (prev && prev->next != wpa_s) |
7720 | 0 | prev = prev->next; |
7721 | 0 | if (prev == NULL) |
7722 | 0 | return -1; |
7723 | 0 | prev->next = wpa_s->next; |
7724 | 0 | } |
7725 | | |
7726 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); |
7727 | |
|
7728 | | #ifdef CONFIG_MESH |
7729 | | if (mesh_if_created) { |
7730 | | ifname = os_strdup(wpa_s->ifname); |
7731 | | if (ifname == NULL) { |
7732 | | wpa_dbg(wpa_s, MSG_ERROR, |
7733 | | "mesh: Failed to malloc ifname"); |
7734 | | return -1; |
7735 | | } |
7736 | | } |
7737 | | #endif /* CONFIG_MESH */ |
7738 | |
|
7739 | 0 | if (global->p2p_group_formation == wpa_s) |
7740 | 0 | global->p2p_group_formation = NULL; |
7741 | 0 | if (global->p2p_invite_group == wpa_s) |
7742 | 0 | global->p2p_invite_group = NULL; |
7743 | 0 | wpa_supplicant_deinit_iface(wpa_s, 1, terminate); |
7744 | |
|
7745 | | #ifdef CONFIG_MESH |
7746 | | if (mesh_if_created) { |
7747 | | wpa_drv_if_remove(parent, WPA_IF_MESH, ifname); |
7748 | | os_free(ifname); |
7749 | | } |
7750 | | #endif /* CONFIG_MESH */ |
7751 | |
|
7752 | 0 | return 0; |
7753 | 0 | } |
7754 | | |
7755 | | |
7756 | | /** |
7757 | | * wpa_supplicant_get_eap_mode - Get the current EAP mode |
7758 | | * @wpa_s: Pointer to the network interface |
7759 | | * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found |
7760 | | */ |
7761 | | const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) |
7762 | 0 | { |
7763 | 0 | const char *eapol_method; |
7764 | |
|
7765 | 0 | if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && |
7766 | 0 | wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { |
7767 | 0 | return "NO-EAP"; |
7768 | 0 | } |
7769 | | |
7770 | 0 | eapol_method = eapol_sm_get_method_name(wpa_s->eapol); |
7771 | 0 | if (eapol_method == NULL) |
7772 | 0 | return "UNKNOWN-EAP"; |
7773 | | |
7774 | 0 | return eapol_method; |
7775 | 0 | } |
7776 | | |
7777 | | |
7778 | | /** |
7779 | | * wpa_supplicant_get_iface - Get a new network interface |
7780 | | * @global: Pointer to global data from wpa_supplicant_init() |
7781 | | * @ifname: Interface name |
7782 | | * Returns: Pointer to the interface or %NULL if not found |
7783 | | */ |
7784 | | struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, |
7785 | | const char *ifname) |
7786 | 0 | { |
7787 | 0 | struct wpa_supplicant *wpa_s; |
7788 | |
|
7789 | 0 | for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { |
7790 | 0 | if (os_strcmp(wpa_s->ifname, ifname) == 0) |
7791 | 0 | return wpa_s; |
7792 | 0 | } |
7793 | 0 | return NULL; |
7794 | 0 | } |
7795 | | |
7796 | | |
7797 | | #ifndef CONFIG_NO_WPA_MSG |
7798 | | static const char * wpa_supplicant_msg_ifname_cb(void *ctx) |
7799 | 0 | { |
7800 | 0 | struct wpa_supplicant *wpa_s = ctx; |
7801 | 0 | if (wpa_s == NULL) |
7802 | 0 | return NULL; |
7803 | 0 | return wpa_s->ifname; |
7804 | 0 | } |
7805 | | #endif /* CONFIG_NO_WPA_MSG */ |
7806 | | |
7807 | | |
7808 | | #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL |
7809 | 0 | #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10 |
7810 | | #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */ |
7811 | | |
7812 | | /* Periodic cleanup tasks */ |
7813 | | static void wpas_periodic(void *eloop_ctx, void *timeout_ctx) |
7814 | 0 | { |
7815 | 0 | struct wpa_global *global = eloop_ctx; |
7816 | 0 | struct wpa_supplicant *wpa_s; |
7817 | |
|
7818 | 0 | eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, |
7819 | 0 | wpas_periodic, global, NULL); |
7820 | |
|
7821 | | #ifdef CONFIG_P2P |
7822 | | if (global->p2p) |
7823 | | p2p_expire_peers(global->p2p); |
7824 | | #endif /* CONFIG_P2P */ |
7825 | |
|
7826 | 0 | for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { |
7827 | 0 | wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age); |
7828 | | #ifdef CONFIG_AP |
7829 | | ap_periodic(wpa_s); |
7830 | | #endif /* CONFIG_AP */ |
7831 | 0 | } |
7832 | 0 | } |
7833 | | |
7834 | | |
7835 | | /** |
7836 | | * wpa_supplicant_init - Initialize %wpa_supplicant |
7837 | | * @params: Parameters for %wpa_supplicant |
7838 | | * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure |
7839 | | * |
7840 | | * This function is used to initialize %wpa_supplicant. After successful |
7841 | | * initialization, the returned data pointer can be used to add and remove |
7842 | | * network interfaces, and eventually, to deinitialize %wpa_supplicant. |
7843 | | */ |
7844 | | struct wpa_global * wpa_supplicant_init(struct wpa_params *params) |
7845 | 0 | { |
7846 | 0 | struct wpa_global *global; |
7847 | 0 | int ret, i; |
7848 | |
|
7849 | 0 | if (params == NULL) |
7850 | 0 | return NULL; |
7851 | | |
7852 | | #ifdef CONFIG_DRIVER_NDIS |
7853 | | { |
7854 | | void driver_ndis_init_ops(void); |
7855 | | driver_ndis_init_ops(); |
7856 | | } |
7857 | | #endif /* CONFIG_DRIVER_NDIS */ |
7858 | | |
7859 | 0 | #ifndef CONFIG_NO_WPA_MSG |
7860 | 0 | wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); |
7861 | 0 | #endif /* CONFIG_NO_WPA_MSG */ |
7862 | |
|
7863 | 0 | if (params->wpa_debug_file_path) |
7864 | 0 | wpa_debug_open_file(params->wpa_debug_file_path); |
7865 | 0 | if (!params->wpa_debug_file_path && !params->wpa_debug_syslog) |
7866 | 0 | wpa_debug_setup_stdout(); |
7867 | 0 | if (params->wpa_debug_syslog) |
7868 | 0 | wpa_debug_open_syslog(); |
7869 | 0 | if (params->wpa_debug_tracing) { |
7870 | 0 | ret = wpa_debug_open_linux_tracing(); |
7871 | 0 | if (ret) { |
7872 | 0 | wpa_printf(MSG_ERROR, |
7873 | 0 | "Failed to enable trace logging"); |
7874 | 0 | return NULL; |
7875 | 0 | } |
7876 | 0 | } |
7877 | | |
7878 | 0 | ret = eap_register_methods(); |
7879 | 0 | if (ret) { |
7880 | 0 | wpa_printf(MSG_ERROR, "Failed to register EAP methods"); |
7881 | 0 | if (ret == -2) |
7882 | 0 | wpa_printf(MSG_ERROR, "Two or more EAP methods used " |
7883 | 0 | "the same EAP type."); |
7884 | 0 | return NULL; |
7885 | 0 | } |
7886 | | |
7887 | 0 | global = os_zalloc(sizeof(*global)); |
7888 | 0 | if (global == NULL) |
7889 | 0 | return NULL; |
7890 | 0 | dl_list_init(&global->p2p_srv_bonjour); |
7891 | 0 | dl_list_init(&global->p2p_srv_upnp); |
7892 | 0 | global->params.daemonize = params->daemonize; |
7893 | 0 | global->params.wait_for_monitor = params->wait_for_monitor; |
7894 | 0 | global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; |
7895 | |
|
7896 | 0 | if (params->pid_file) { |
7897 | 0 | global->params.pid_file = os_strdup(params->pid_file); |
7898 | 0 | if (!global->params.pid_file) { |
7899 | 0 | wpa_supplicant_deinit(global); |
7900 | 0 | return NULL; |
7901 | 0 | } |
7902 | 0 | } |
7903 | | |
7904 | 0 | if (params->ctrl_interface) { |
7905 | 0 | global->params.ctrl_interface = |
7906 | 0 | os_strdup(params->ctrl_interface); |
7907 | 0 | if (!global->params.ctrl_interface) { |
7908 | 0 | wpa_supplicant_deinit(global); |
7909 | 0 | return NULL; |
7910 | 0 | } |
7911 | 0 | } |
7912 | | |
7913 | 0 | if (params->ctrl_interface_group) { |
7914 | 0 | global->params.ctrl_interface_group = |
7915 | 0 | os_strdup(params->ctrl_interface_group); |
7916 | 0 | if (!global->params.ctrl_interface_group) { |
7917 | 0 | wpa_supplicant_deinit(global); |
7918 | 0 | return NULL; |
7919 | 0 | } |
7920 | 0 | } |
7921 | | |
7922 | 0 | if (params->override_driver) { |
7923 | 0 | global->params.override_driver = |
7924 | 0 | os_strdup(params->override_driver); |
7925 | 0 | if (!global->params.override_driver) { |
7926 | 0 | wpa_supplicant_deinit(global); |
7927 | 0 | return NULL; |
7928 | 0 | } |
7929 | 0 | } |
7930 | | |
7931 | 0 | if (params->override_ctrl_interface) { |
7932 | 0 | global->params.override_ctrl_interface = |
7933 | 0 | os_strdup(params->override_ctrl_interface); |
7934 | 0 | if (!global->params.override_ctrl_interface) { |
7935 | 0 | wpa_supplicant_deinit(global); |
7936 | 0 | return NULL; |
7937 | 0 | } |
7938 | 0 | } |
7939 | | |
7940 | | #ifdef CONFIG_MATCH_IFACE |
7941 | | global->params.match_iface_count = params->match_iface_count; |
7942 | | if (params->match_iface_count) { |
7943 | | global->params.match_ifaces = |
7944 | | os_calloc(params->match_iface_count, |
7945 | | sizeof(struct wpa_interface)); |
7946 | | if (!global->params.match_ifaces) { |
7947 | | wpa_printf(MSG_ERROR, |
7948 | | "Failed to allocate match interfaces"); |
7949 | | wpa_supplicant_deinit(global); |
7950 | | return NULL; |
7951 | | } |
7952 | | os_memcpy(global->params.match_ifaces, |
7953 | | params->match_ifaces, |
7954 | | params->match_iface_count * |
7955 | | sizeof(struct wpa_interface)); |
7956 | | } |
7957 | | #endif /* CONFIG_MATCH_IFACE */ |
7958 | | #ifdef CONFIG_P2P |
7959 | | if (params->conf_p2p_dev) { |
7960 | | global->params.conf_p2p_dev = |
7961 | | os_strdup(params->conf_p2p_dev); |
7962 | | if (!global->params.conf_p2p_dev) { |
7963 | | wpa_printf(MSG_ERROR, "Failed to allocate conf p2p"); |
7964 | | wpa_supplicant_deinit(global); |
7965 | | return NULL; |
7966 | | } |
7967 | | } |
7968 | | #endif /* CONFIG_P2P */ |
7969 | 0 | wpa_debug_level = global->params.wpa_debug_level = |
7970 | 0 | params->wpa_debug_level; |
7971 | 0 | wpa_debug_show_keys = global->params.wpa_debug_show_keys = |
7972 | 0 | params->wpa_debug_show_keys; |
7973 | 0 | wpa_debug_timestamp = global->params.wpa_debug_timestamp = |
7974 | 0 | params->wpa_debug_timestamp; |
7975 | |
|
7976 | 0 | wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR); |
7977 | |
|
7978 | 0 | if (eloop_init()) { |
7979 | 0 | wpa_printf(MSG_ERROR, "Failed to initialize event loop"); |
7980 | 0 | wpa_supplicant_deinit(global); |
7981 | 0 | return NULL; |
7982 | 0 | } |
7983 | | |
7984 | 0 | random_init(params->entropy_file); |
7985 | |
|
7986 | 0 | global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); |
7987 | 0 | if (global->ctrl_iface == NULL) { |
7988 | 0 | wpa_supplicant_deinit(global); |
7989 | 0 | return NULL; |
7990 | 0 | } |
7991 | | |
7992 | 0 | if (wpas_notify_supplicant_initialized(global)) { |
7993 | 0 | wpa_supplicant_deinit(global); |
7994 | 0 | return NULL; |
7995 | 0 | } |
7996 | | |
7997 | 0 | for (i = 0; wpa_drivers[i]; i++) |
7998 | 0 | global->drv_count++; |
7999 | 0 | if (global->drv_count == 0) { |
8000 | 0 | wpa_printf(MSG_ERROR, "No drivers enabled"); |
8001 | 0 | wpa_supplicant_deinit(global); |
8002 | 0 | return NULL; |
8003 | 0 | } |
8004 | 0 | global->drv_priv = os_calloc(global->drv_count, sizeof(void *)); |
8005 | 0 | if (global->drv_priv == NULL) { |
8006 | 0 | wpa_supplicant_deinit(global); |
8007 | 0 | return NULL; |
8008 | 0 | } |
8009 | | |
8010 | | #ifdef CONFIG_WIFI_DISPLAY |
8011 | | if (wifi_display_init(global) < 0) { |
8012 | | wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display"); |
8013 | | wpa_supplicant_deinit(global); |
8014 | | return NULL; |
8015 | | } |
8016 | | #endif /* CONFIG_WIFI_DISPLAY */ |
8017 | | |
8018 | 0 | eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, |
8019 | 0 | wpas_periodic, global, NULL); |
8020 | |
|
8021 | 0 | return global; |
8022 | 0 | } |
8023 | | |
8024 | | |
8025 | | /** |
8026 | | * wpa_supplicant_run - Run the %wpa_supplicant main event loop |
8027 | | * @global: Pointer to global data from wpa_supplicant_init() |
8028 | | * Returns: 0 after successful event loop run, -1 on failure |
8029 | | * |
8030 | | * This function starts the main event loop and continues running as long as |
8031 | | * there are any remaining events. In most cases, this function is running as |
8032 | | * long as the %wpa_supplicant process in still in use. |
8033 | | */ |
8034 | | int wpa_supplicant_run(struct wpa_global *global) |
8035 | 0 | { |
8036 | 0 | struct wpa_supplicant *wpa_s; |
8037 | |
|
8038 | 0 | if (global->params.daemonize && |
8039 | 0 | (wpa_supplicant_daemon(global->params.pid_file) || |
8040 | 0 | eloop_sock_requeue())) |
8041 | 0 | return -1; |
8042 | | |
8043 | | #ifdef CONFIG_MATCH_IFACE |
8044 | | if (wpa_supplicant_match_existing(global)) |
8045 | | return -1; |
8046 | | #endif |
8047 | | |
8048 | 0 | if (global->params.wait_for_monitor) { |
8049 | 0 | for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) |
8050 | 0 | if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt) |
8051 | 0 | wpa_supplicant_ctrl_iface_wait( |
8052 | 0 | wpa_s->ctrl_iface); |
8053 | 0 | } |
8054 | |
|
8055 | 0 | eloop_register_signal_terminate(wpa_supplicant_terminate, global); |
8056 | 0 | eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); |
8057 | |
|
8058 | 0 | eloop_run(); |
8059 | |
|
8060 | 0 | return 0; |
8061 | 0 | } |
8062 | | |
8063 | | |
8064 | | /** |
8065 | | * wpa_supplicant_deinit - Deinitialize %wpa_supplicant |
8066 | | * @global: Pointer to global data from wpa_supplicant_init() |
8067 | | * |
8068 | | * This function is called to deinitialize %wpa_supplicant and to free all |
8069 | | * allocated resources. Remaining network interfaces will also be removed. |
8070 | | */ |
8071 | | void wpa_supplicant_deinit(struct wpa_global *global) |
8072 | 0 | { |
8073 | 0 | int i; |
8074 | |
|
8075 | 0 | if (global == NULL) |
8076 | 0 | return; |
8077 | | |
8078 | 0 | eloop_cancel_timeout(wpas_periodic, global, NULL); |
8079 | |
|
8080 | | #ifdef CONFIG_WIFI_DISPLAY |
8081 | | wifi_display_deinit(global); |
8082 | | #endif /* CONFIG_WIFI_DISPLAY */ |
8083 | |
|
8084 | 0 | while (global->ifaces) |
8085 | 0 | wpa_supplicant_remove_iface(global, global->ifaces, 1); |
8086 | |
|
8087 | 0 | if (global->ctrl_iface) |
8088 | 0 | wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); |
8089 | |
|
8090 | 0 | wpas_notify_supplicant_deinitialized(global); |
8091 | |
|
8092 | 0 | eap_peer_unregister_methods(); |
8093 | | #ifdef CONFIG_AP |
8094 | | eap_server_unregister_methods(); |
8095 | | #endif /* CONFIG_AP */ |
8096 | |
|
8097 | 0 | for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { |
8098 | 0 | if (!global->drv_priv[i]) |
8099 | 0 | continue; |
8100 | 0 | wpa_drivers[i]->global_deinit(global->drv_priv[i]); |
8101 | 0 | } |
8102 | 0 | os_free(global->drv_priv); |
8103 | |
|
8104 | 0 | random_deinit(); |
8105 | |
|
8106 | 0 | eloop_destroy(); |
8107 | |
|
8108 | 0 | if (global->params.pid_file) { |
8109 | 0 | os_daemonize_terminate(global->params.pid_file); |
8110 | 0 | os_free(global->params.pid_file); |
8111 | 0 | } |
8112 | 0 | os_free(global->params.ctrl_interface); |
8113 | 0 | os_free(global->params.ctrl_interface_group); |
8114 | 0 | os_free(global->params.override_driver); |
8115 | 0 | os_free(global->params.override_ctrl_interface); |
8116 | | #ifdef CONFIG_MATCH_IFACE |
8117 | | os_free(global->params.match_ifaces); |
8118 | | #endif /* CONFIG_MATCH_IFACE */ |
8119 | | #ifdef CONFIG_P2P |
8120 | | os_free(global->params.conf_p2p_dev); |
8121 | | #endif /* CONFIG_P2P */ |
8122 | |
|
8123 | 0 | os_free(global->p2p_disallow_freq.range); |
8124 | 0 | os_free(global->p2p_go_avoid_freq.range); |
8125 | 0 | os_free(global->add_psk); |
8126 | |
|
8127 | 0 | os_free(global); |
8128 | 0 | wpa_debug_close_syslog(); |
8129 | 0 | wpa_debug_close_file(); |
8130 | 0 | wpa_debug_close_linux_tracing(); |
8131 | 0 | } |
8132 | | |
8133 | | |
8134 | | void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) |
8135 | 0 | { |
8136 | 0 | if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && |
8137 | 0 | wpa_s->conf->country[0] && wpa_s->conf->country[1]) { |
8138 | 0 | char country[3]; |
8139 | 0 | country[0] = wpa_s->conf->country[0]; |
8140 | 0 | country[1] = wpa_s->conf->country[1]; |
8141 | 0 | country[2] = '\0'; |
8142 | 0 | if (wpa_drv_set_country(wpa_s, country) < 0) { |
8143 | 0 | wpa_printf(MSG_ERROR, "Failed to set country code " |
8144 | 0 | "'%s'", country); |
8145 | 0 | } |
8146 | 0 | } |
8147 | |
|
8148 | 0 | if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND) |
8149 | 0 | wpas_init_ext_pw(wpa_s); |
8150 | |
|
8151 | 0 | if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS) |
8152 | 0 | wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); |
8153 | |
|
8154 | 0 | if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) { |
8155 | 0 | struct wpa_driver_capa capa; |
8156 | 0 | int res = wpa_drv_get_capa(wpa_s, &capa); |
8157 | |
|
8158 | 0 | if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) |
8159 | 0 | wpa_printf(MSG_ERROR, |
8160 | 0 | "Failed to update wowlan_triggers to '%s'", |
8161 | 0 | wpa_s->conf->wowlan_triggers); |
8162 | 0 | } |
8163 | |
|
8164 | 0 | if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM) |
8165 | 0 | wpa_supplicant_set_default_scan_ies(wpa_s); |
8166 | |
|
8167 | 0 | if (wpa_s->conf->changed_parameters & CFG_CHANGED_FT_PREPEND_PMKID) |
8168 | 0 | wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID, |
8169 | 0 | wpa_s->conf->ft_prepend_pmkid); |
8170 | |
|
8171 | | #ifdef CONFIG_BGSCAN |
8172 | | /* |
8173 | | * We default to global bgscan parameters only when per-network bgscan |
8174 | | * parameters aren't set. Only bother resetting bgscan parameters if |
8175 | | * this is the case. |
8176 | | */ |
8177 | | if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) && |
8178 | | wpa_s->current_ssid && !wpa_s->current_ssid->bgscan && |
8179 | | wpa_s->wpa_state == WPA_COMPLETED) |
8180 | | wpa_supplicant_reset_bgscan(wpa_s); |
8181 | | #endif /* CONFIG_BGSCAN */ |
8182 | |
|
8183 | | #ifdef CONFIG_WPS |
8184 | | wpas_wps_update_config(wpa_s); |
8185 | | #endif /* CONFIG_WPS */ |
8186 | 0 | wpas_p2p_update_config(wpa_s); |
8187 | 0 | wpa_s->conf->changed_parameters = 0; |
8188 | 0 | } |
8189 | | |
8190 | | |
8191 | | void add_freq(int *freqs, int *num_freqs, int freq) |
8192 | 0 | { |
8193 | 0 | int i; |
8194 | |
|
8195 | 0 | for (i = 0; i < *num_freqs; i++) { |
8196 | 0 | if (freqs[i] == freq) |
8197 | 0 | return; |
8198 | 0 | } |
8199 | | |
8200 | 0 | freqs[*num_freqs] = freq; |
8201 | 0 | (*num_freqs)++; |
8202 | 0 | } |
8203 | | |
8204 | | |
8205 | | static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) |
8206 | 0 | { |
8207 | 0 | struct wpa_bss *bss, *cbss; |
8208 | 0 | const int max_freqs = 10; |
8209 | 0 | int *freqs; |
8210 | 0 | int num_freqs = 0; |
8211 | |
|
8212 | 0 | freqs = os_calloc(max_freqs + 1, sizeof(int)); |
8213 | 0 | if (freqs == NULL) |
8214 | 0 | return NULL; |
8215 | | |
8216 | 0 | cbss = wpa_s->current_bss; |
8217 | |
|
8218 | 0 | dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { |
8219 | 0 | if (bss == cbss) |
8220 | 0 | continue; |
8221 | 0 | if (bss->ssid_len == cbss->ssid_len && |
8222 | 0 | os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && |
8223 | 0 | !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) { |
8224 | 0 | add_freq(freqs, &num_freqs, bss->freq); |
8225 | 0 | if (num_freqs == max_freqs) |
8226 | 0 | break; |
8227 | 0 | } |
8228 | 0 | } |
8229 | |
|
8230 | 0 | if (num_freqs == 0) { |
8231 | 0 | os_free(freqs); |
8232 | 0 | freqs = NULL; |
8233 | 0 | } |
8234 | |
|
8235 | 0 | return freqs; |
8236 | 0 | } |
8237 | | |
8238 | | |
8239 | | void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid, |
8240 | | const u8 **link_bssids) |
8241 | 0 | { |
8242 | 0 | int timeout; |
8243 | 0 | int count; |
8244 | 0 | int *freqs = NULL; |
8245 | |
|
8246 | 0 | wpas_connect_work_done(wpa_s); |
8247 | | |
8248 | | /* |
8249 | | * Remove possible authentication timeout since the connection failed. |
8250 | | */ |
8251 | 0 | eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); |
8252 | | |
8253 | | /* |
8254 | | * There is no point in ignoring the AP temporarily if this event is |
8255 | | * generated based on local request to disconnect. |
8256 | | */ |
8257 | 0 | if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) { |
8258 | 0 | wpa_s->own_disconnect_req = 0; |
8259 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
8260 | 0 | "Ignore connection failure due to local request to disconnect"); |
8261 | 0 | return; |
8262 | 0 | } |
8263 | 0 | if (wpa_s->disconnected) { |
8264 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure " |
8265 | 0 | "indication since interface has been put into " |
8266 | 0 | "disconnected state"); |
8267 | 0 | return; |
8268 | 0 | } |
8269 | | |
8270 | | /* Also mark links as failed */ |
8271 | 0 | while (link_bssids && *link_bssids) { |
8272 | 0 | wpa_bssid_ignore_add(wpa_s, *link_bssids); |
8273 | 0 | link_bssids++; |
8274 | 0 | } |
8275 | | |
8276 | | /* |
8277 | | * Add the failed BSSID into the ignore list and speed up next scan |
8278 | | * attempt if there could be other APs that could accept association. |
8279 | | */ |
8280 | 0 | count = wpa_bssid_ignore_add(wpa_s, bssid); |
8281 | 0 | if (count == 1 && wpa_s->current_bss) { |
8282 | | /* |
8283 | | * This BSS was not in the ignore list before. If there is |
8284 | | * another BSS available for the same ESS, we should try that |
8285 | | * next. Otherwise, we may as well try this one once more |
8286 | | * before allowing other, likely worse, ESSes to be considered. |
8287 | | */ |
8288 | 0 | freqs = get_bss_freqs_in_ess(wpa_s); |
8289 | 0 | if (freqs) { |
8290 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " |
8291 | 0 | "has been seen; try it next"); |
8292 | 0 | wpa_bssid_ignore_add(wpa_s, bssid); |
8293 | | /* |
8294 | | * On the next scan, go through only the known channels |
8295 | | * used in this ESS based on previous scans to speed up |
8296 | | * common load balancing use case. |
8297 | | */ |
8298 | 0 | os_free(wpa_s->next_scan_freqs); |
8299 | 0 | wpa_s->next_scan_freqs = freqs; |
8300 | 0 | } |
8301 | 0 | } |
8302 | |
|
8303 | 0 | wpa_s->consecutive_conn_failures++; |
8304 | |
|
8305 | 0 | if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) { |
8306 | 0 | wpa_printf(MSG_DEBUG, "Continuous association failures - " |
8307 | 0 | "consider temporary network disabling"); |
8308 | 0 | wpas_auth_failed(wpa_s, "CONN_FAILED", bssid); |
8309 | 0 | } |
8310 | | /* |
8311 | | * Multiple consecutive connection failures mean that other APs are |
8312 | | * either not available or have already been tried, so we can start |
8313 | | * increasing the delay here to avoid constant scanning. |
8314 | | */ |
8315 | 0 | switch (wpa_s->consecutive_conn_failures) { |
8316 | 0 | case 1: |
8317 | 0 | timeout = 100; |
8318 | 0 | break; |
8319 | 0 | case 2: |
8320 | 0 | timeout = 500; |
8321 | 0 | break; |
8322 | 0 | case 3: |
8323 | 0 | timeout = 1000; |
8324 | 0 | break; |
8325 | 0 | case 4: |
8326 | 0 | timeout = 5000; |
8327 | 0 | break; |
8328 | 0 | default: |
8329 | 0 | timeout = 10000; |
8330 | 0 | break; |
8331 | 0 | } |
8332 | | |
8333 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
8334 | 0 | "Consecutive connection failures: %d --> request scan in %d ms", |
8335 | 0 | wpa_s->consecutive_conn_failures, timeout); |
8336 | | |
8337 | | /* |
8338 | | * TODO: if more than one possible AP is available in scan results, |
8339 | | * could try the other ones before requesting a new scan. |
8340 | | */ |
8341 | | |
8342 | | /* speed up the connection attempt with normal scan */ |
8343 | 0 | wpa_s->normal_scans = 0; |
8344 | 0 | wpa_supplicant_req_scan(wpa_s, timeout / 1000, |
8345 | 0 | 1000 * (timeout % 1000)); |
8346 | 0 | } |
8347 | | |
8348 | | |
8349 | | #ifdef CONFIG_FILS |
8350 | | |
8351 | | void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s) |
8352 | | { |
8353 | | struct wpa_ssid *ssid = wpa_s->current_ssid; |
8354 | | const u8 *realm, *username, *rrk; |
8355 | | size_t realm_len, username_len, rrk_len; |
8356 | | u16 next_seq_num; |
8357 | | |
8358 | | /* Clear the PMKSA cache entry if FILS authentication was rejected. |
8359 | | * Check for ERP keys existing to limit when this can be done since |
8360 | | * the rejection response is not protected and such triggers should |
8361 | | * really not allow internal state to be modified unless required to |
8362 | | * avoid significant issues in functionality. In addition, drop |
8363 | | * externally configure PMKSA entries even without ERP keys since it |
8364 | | * is possible for an external component to add PMKSA entries for FILS |
8365 | | * authentication without restoring previously generated ERP keys. |
8366 | | * |
8367 | | * In this case, this is needed to allow recovery from cases where the |
8368 | | * AP or authentication server has dropped PMKSAs and ERP keys. */ |
8369 | | if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt)) |
8370 | | return; |
8371 | | |
8372 | | if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, |
8373 | | &username, &username_len, |
8374 | | &realm, &realm_len, &next_seq_num, |
8375 | | &rrk, &rrk_len) != 0 || |
8376 | | !realm) { |
8377 | | wpa_dbg(wpa_s, MSG_DEBUG, |
8378 | | "FILS: Drop external PMKSA cache entry"); |
8379 | | wpa_sm_aborted_external_cached(wpa_s->wpa); |
8380 | | wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid); |
8381 | | return; |
8382 | | } |
8383 | | |
8384 | | wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry"); |
8385 | | wpa_sm_aborted_cached(wpa_s->wpa); |
8386 | | wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); |
8387 | | } |
8388 | | |
8389 | | |
8390 | | void fils_connection_failure(struct wpa_supplicant *wpa_s) |
8391 | | { |
8392 | | struct wpa_ssid *ssid = wpa_s->current_ssid; |
8393 | | const u8 *realm, *username, *rrk; |
8394 | | size_t realm_len, username_len, rrk_len; |
8395 | | u16 next_seq_num; |
8396 | | |
8397 | | if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) || |
8398 | | eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, |
8399 | | &username, &username_len, |
8400 | | &realm, &realm_len, &next_seq_num, |
8401 | | &rrk, &rrk_len) != 0 || |
8402 | | !realm) |
8403 | | return; |
8404 | | |
8405 | | wpa_hexdump_ascii(MSG_DEBUG, |
8406 | | "FILS: Store last connection failure realm", |
8407 | | realm, realm_len); |
8408 | | os_free(wpa_s->last_con_fail_realm); |
8409 | | wpa_s->last_con_fail_realm = os_malloc(realm_len); |
8410 | | if (wpa_s->last_con_fail_realm) { |
8411 | | wpa_s->last_con_fail_realm_len = realm_len; |
8412 | | os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len); |
8413 | | } |
8414 | | } |
8415 | | #endif /* CONFIG_FILS */ |
8416 | | |
8417 | | |
8418 | | int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) |
8419 | 0 | { |
8420 | 0 | return wpa_s->conf->ap_scan == 2 || |
8421 | 0 | (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); |
8422 | 0 | } |
8423 | | |
8424 | | |
8425 | | #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) |
8426 | | int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, |
8427 | | struct wpa_ssid *ssid, |
8428 | | const char *field, |
8429 | | const char *value) |
8430 | | { |
8431 | | #ifdef IEEE8021X_EAPOL |
8432 | | struct eap_peer_config *eap = &ssid->eap; |
8433 | | |
8434 | | wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field); |
8435 | | wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value", |
8436 | | (const u8 *) value, os_strlen(value)); |
8437 | | |
8438 | | switch (wpa_supplicant_ctrl_req_from_string(field)) { |
8439 | | case WPA_CTRL_REQ_EAP_IDENTITY: |
8440 | | os_free(eap->identity); |
8441 | | eap->identity = (u8 *) os_strdup(value); |
8442 | | if (!eap->identity) |
8443 | | return -1; |
8444 | | eap->identity_len = os_strlen(value); |
8445 | | eap->pending_req_identity = 0; |
8446 | | if (ssid == wpa_s->current_ssid) |
8447 | | wpa_s->reassociate = 1; |
8448 | | break; |
8449 | | case WPA_CTRL_REQ_EAP_PASSWORD: |
8450 | | bin_clear_free(eap->password, eap->password_len); |
8451 | | eap->password = (u8 *) os_strdup(value); |
8452 | | if (!eap->password) |
8453 | | return -1; |
8454 | | eap->password_len = os_strlen(value); |
8455 | | eap->pending_req_password = 0; |
8456 | | if (ssid == wpa_s->current_ssid) |
8457 | | wpa_s->reassociate = 1; |
8458 | | break; |
8459 | | case WPA_CTRL_REQ_EAP_NEW_PASSWORD: |
8460 | | bin_clear_free(eap->new_password, eap->new_password_len); |
8461 | | eap->new_password = (u8 *) os_strdup(value); |
8462 | | if (!eap->new_password) |
8463 | | return -1; |
8464 | | eap->new_password_len = os_strlen(value); |
8465 | | eap->pending_req_new_password = 0; |
8466 | | if (ssid == wpa_s->current_ssid) |
8467 | | wpa_s->reassociate = 1; |
8468 | | break; |
8469 | | case WPA_CTRL_REQ_EAP_PIN: |
8470 | | str_clear_free(eap->cert.pin); |
8471 | | eap->cert.pin = os_strdup(value); |
8472 | | if (!eap->cert.pin) |
8473 | | return -1; |
8474 | | eap->pending_req_pin = 0; |
8475 | | if (ssid == wpa_s->current_ssid) |
8476 | | wpa_s->reassociate = 1; |
8477 | | break; |
8478 | | case WPA_CTRL_REQ_EAP_OTP: |
8479 | | bin_clear_free(eap->otp, eap->otp_len); |
8480 | | eap->otp = (u8 *) os_strdup(value); |
8481 | | if (!eap->otp) |
8482 | | return -1; |
8483 | | eap->otp_len = os_strlen(value); |
8484 | | os_free(eap->pending_req_otp); |
8485 | | eap->pending_req_otp = NULL; |
8486 | | eap->pending_req_otp_len = 0; |
8487 | | break; |
8488 | | case WPA_CTRL_REQ_EAP_PASSPHRASE: |
8489 | | str_clear_free(eap->cert.private_key_passwd); |
8490 | | eap->cert.private_key_passwd = os_strdup(value); |
8491 | | if (!eap->cert.private_key_passwd) |
8492 | | return -1; |
8493 | | eap->pending_req_passphrase = 0; |
8494 | | if (ssid == wpa_s->current_ssid) |
8495 | | wpa_s->reassociate = 1; |
8496 | | break; |
8497 | | case WPA_CTRL_REQ_SIM: |
8498 | | str_clear_free(eap->external_sim_resp); |
8499 | | eap->external_sim_resp = os_strdup(value); |
8500 | | if (!eap->external_sim_resp) |
8501 | | return -1; |
8502 | | eap->pending_req_sim = 0; |
8503 | | break; |
8504 | | case WPA_CTRL_REQ_PSK_PASSPHRASE: |
8505 | | if (wpa_config_set(ssid, "psk", value, 0) < 0) |
8506 | | return -1; |
8507 | | ssid->mem_only_psk = 1; |
8508 | | if (ssid->passphrase) |
8509 | | wpa_config_update_psk(ssid); |
8510 | | if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning) |
8511 | | wpa_supplicant_req_scan(wpa_s, 0, 0); |
8512 | | break; |
8513 | | case WPA_CTRL_REQ_EXT_CERT_CHECK: |
8514 | | if (eap->pending_ext_cert_check != PENDING_CHECK) |
8515 | | return -1; |
8516 | | if (os_strcmp(value, "good") == 0) |
8517 | | eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD; |
8518 | | else if (os_strcmp(value, "bad") == 0) |
8519 | | eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD; |
8520 | | else |
8521 | | return -1; |
8522 | | break; |
8523 | | default: |
8524 | | wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field); |
8525 | | return -1; |
8526 | | } |
8527 | | |
8528 | | return 0; |
8529 | | #else /* IEEE8021X_EAPOL */ |
8530 | | wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included"); |
8531 | | return -1; |
8532 | | #endif /* IEEE8021X_EAPOL */ |
8533 | | } |
8534 | | #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */ |
8535 | | |
8536 | | |
8537 | | int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) |
8538 | 0 | { |
8539 | | #ifdef CONFIG_WEP |
8540 | | int i; |
8541 | | unsigned int drv_enc; |
8542 | | #endif /* CONFIG_WEP */ |
8543 | |
|
8544 | 0 | if (wpa_s->p2p_mgmt) |
8545 | 0 | return 1; /* no normal network profiles on p2p_mgmt interface */ |
8546 | | |
8547 | 0 | if (ssid == NULL) |
8548 | 0 | return 1; |
8549 | | |
8550 | 0 | if (ssid->disabled) |
8551 | 0 | return 1; |
8552 | | |
8553 | | #ifdef CONFIG_WEP |
8554 | | if (wpa_s->drv_capa_known) |
8555 | | drv_enc = wpa_s->drv_enc; |
8556 | | else |
8557 | | drv_enc = (unsigned int) -1; |
8558 | | |
8559 | | for (i = 0; i < NUM_WEP_KEYS; i++) { |
8560 | | size_t len = ssid->wep_key_len[i]; |
8561 | | if (len == 0) |
8562 | | continue; |
8563 | | if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40)) |
8564 | | continue; |
8565 | | if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104)) |
8566 | | continue; |
8567 | | if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128)) |
8568 | | continue; |
8569 | | return 1; /* invalid WEP key */ |
8570 | | } |
8571 | | #endif /* CONFIG_WEP */ |
8572 | | |
8573 | 0 | if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && |
8574 | 0 | (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk && |
8575 | 0 | !(wpa_key_mgmt_sae(ssid->key_mgmt) && ssid->sae_password) && |
8576 | 0 | !ssid->mem_only_psk) |
8577 | 0 | return 1; |
8578 | | |
8579 | 0 | #ifdef IEEE8021X_EAPOL |
8580 | | #ifdef CRYPTO_RSA_OAEP_SHA256 |
8581 | | if (ssid->eap.imsi_privacy_cert) { |
8582 | | struct crypto_rsa_key *key; |
8583 | | bool failed = false; |
8584 | | |
8585 | | key = crypto_rsa_key_read(ssid->eap.imsi_privacy_cert, false); |
8586 | | if (!key) |
8587 | | failed = true; |
8588 | | crypto_rsa_key_free(key); |
8589 | | if (failed) { |
8590 | | wpa_printf(MSG_DEBUG, |
8591 | | "Invalid imsi_privacy_cert (%s) - disable network", |
8592 | | ssid->eap.imsi_privacy_cert); |
8593 | | return 1; |
8594 | | } |
8595 | | } |
8596 | | #endif /* CRYPTO_RSA_OAEP_SHA256 */ |
8597 | 0 | #endif /* IEEE8021X_EAPOL */ |
8598 | | |
8599 | 0 | return 0; |
8600 | 0 | } |
8601 | | |
8602 | | |
8603 | | int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) |
8604 | 0 | { |
8605 | 0 | if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { |
8606 | 0 | if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL && |
8607 | 0 | !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) { |
8608 | | /* |
8609 | | * Driver does not support BIP -- ignore pmf=1 default |
8610 | | * since the connection with PMF would fail and the |
8611 | | * configuration does not require PMF to be enabled. |
8612 | | */ |
8613 | 0 | return NO_MGMT_FRAME_PROTECTION; |
8614 | 0 | } |
8615 | | |
8616 | 0 | if (ssid && |
8617 | 0 | (ssid->key_mgmt & |
8618 | 0 | ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS | |
8619 | 0 | WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) { |
8620 | | /* |
8621 | | * Do not use the default PMF value for non-RSN networks |
8622 | | * since PMF is available only with RSN and pmf=2 |
8623 | | * configuration would otherwise prevent connections to |
8624 | | * all open networks. |
8625 | | */ |
8626 | 0 | return NO_MGMT_FRAME_PROTECTION; |
8627 | 0 | } |
8628 | | |
8629 | | #ifdef CONFIG_OCV |
8630 | | /* Enable PMF if OCV is being enabled */ |
8631 | | if (wpa_s->conf->pmf == NO_MGMT_FRAME_PROTECTION && |
8632 | | ssid && ssid->ocv) |
8633 | | return MGMT_FRAME_PROTECTION_OPTIONAL; |
8634 | | #endif /* CONFIG_OCV */ |
8635 | | |
8636 | 0 | return wpa_s->conf->pmf; |
8637 | 0 | } |
8638 | | |
8639 | 0 | return ssid->ieee80211w; |
8640 | 0 | } |
8641 | | |
8642 | | |
8643 | | #ifdef CONFIG_SAE |
8644 | | bool wpas_is_sae_avoided(struct wpa_supplicant *wpa_s, |
8645 | | struct wpa_ssid *ssid, |
8646 | | const struct wpa_ie_data *ie) |
8647 | | { |
8648 | | return wpa_s->conf->sae_check_mfp && |
8649 | | (!(ie->capabilities & |
8650 | | (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) || |
8651 | | wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION); |
8652 | | } |
8653 | | #endif /* CONFIG_SAE */ |
8654 | | |
8655 | | |
8656 | | int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr) |
8657 | 0 | { |
8658 | 0 | if (wpa_s->current_ssid == NULL || |
8659 | 0 | wpa_s->wpa_state < WPA_4WAY_HANDSHAKE) |
8660 | 0 | return 0; |
8661 | 0 | if (wpa_s->valid_links) { |
8662 | 0 | if (!ether_addr_equal(addr, wpa_s->ap_mld_addr) && |
8663 | 0 | !wpas_ap_link_address(wpa_s, addr)) |
8664 | 0 | return 0; |
8665 | 0 | } else { |
8666 | 0 | if (!ether_addr_equal(addr, wpa_s->bssid)) |
8667 | 0 | return 0; |
8668 | 0 | } |
8669 | 0 | return wpa_sm_pmf_enabled(wpa_s->wpa); |
8670 | 0 | } |
8671 | | |
8672 | | |
8673 | | int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) |
8674 | 0 | { |
8675 | 0 | if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) |
8676 | 0 | return 1; |
8677 | 0 | if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) |
8678 | 0 | return 0; |
8679 | 0 | return -1; |
8680 | 0 | } |
8681 | | |
8682 | | |
8683 | | void wpas_auth_failed(struct wpa_supplicant *wpa_s, const char *reason, |
8684 | | const u8 *bssid) |
8685 | 0 | { |
8686 | 0 | struct wpa_ssid *ssid = wpa_s->current_ssid; |
8687 | 0 | int dur; |
8688 | 0 | struct os_reltime now; |
8689 | |
|
8690 | 0 | if (ssid == NULL) { |
8691 | 0 | wpa_printf(MSG_DEBUG, "Authentication failure but no known " |
8692 | 0 | "SSID block"); |
8693 | 0 | return; |
8694 | 0 | } |
8695 | | |
8696 | 0 | if (ssid->key_mgmt == WPA_KEY_MGMT_WPS) |
8697 | 0 | return; |
8698 | | |
8699 | 0 | ssid->auth_failures++; |
8700 | |
|
8701 | | #ifdef CONFIG_P2P |
8702 | | if (ssid->p2p_group && |
8703 | | (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) { |
8704 | | /* |
8705 | | * Skip the wait time since there is a short timeout on the |
8706 | | * connection to a P2P group. |
8707 | | */ |
8708 | | return; |
8709 | | } |
8710 | | #endif /* CONFIG_P2P */ |
8711 | |
|
8712 | 0 | if (ssid->auth_failures > 50) |
8713 | 0 | dur = 300; |
8714 | 0 | else if (ssid->auth_failures > 10) |
8715 | 0 | dur = 120; |
8716 | 0 | else if (ssid->auth_failures > 5) |
8717 | 0 | dur = 90; |
8718 | 0 | else if (ssid->auth_failures > 3) |
8719 | 0 | dur = 60; |
8720 | 0 | else if (ssid->auth_failures > 2) |
8721 | 0 | dur = 30; |
8722 | 0 | else if (ssid->auth_failures > 1) |
8723 | 0 | dur = 20; |
8724 | 0 | else |
8725 | 0 | dur = 10; |
8726 | |
|
8727 | 0 | if (ssid->auth_failures > 1 && |
8728 | 0 | wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) |
8729 | 0 | dur += os_random() % (ssid->auth_failures * 10); |
8730 | |
|
8731 | 0 | os_get_reltime(&now); |
8732 | 0 | if (now.sec + dur <= ssid->disabled_until.sec) |
8733 | 0 | return; |
8734 | | |
8735 | 0 | ssid->disabled_until.sec = now.sec + dur; |
8736 | |
|
8737 | 0 | wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED |
8738 | 0 | "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s", |
8739 | 0 | ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len), |
8740 | 0 | ssid->auth_failures, dur, reason); |
8741 | |
|
8742 | 0 | if (bssid) |
8743 | 0 | os_memcpy(ssid->disabled_due_to, bssid, ETH_ALEN); |
8744 | 0 | } |
8745 | | |
8746 | | |
8747 | | void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s, |
8748 | | struct wpa_ssid *ssid, int clear_failures) |
8749 | 0 | { |
8750 | 0 | if (ssid == NULL) |
8751 | 0 | return; |
8752 | | |
8753 | 0 | if (ssid->disabled_until.sec) { |
8754 | 0 | wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED |
8755 | 0 | "id=%d ssid=\"%s\"", |
8756 | 0 | ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); |
8757 | 0 | } |
8758 | 0 | ssid->disabled_until.sec = 0; |
8759 | 0 | ssid->disabled_until.usec = 0; |
8760 | 0 | if (clear_failures) { |
8761 | 0 | ssid->auth_failures = 0; |
8762 | 0 | } else if (!is_zero_ether_addr(ssid->disabled_due_to)) { |
8763 | 0 | wpa_printf(MSG_DEBUG, "Mark BSSID " MACSTR |
8764 | 0 | " ignored to allow a lower priority BSS, if any, to be tried next", |
8765 | 0 | MAC2STR(ssid->disabled_due_to)); |
8766 | 0 | wpa_bssid_ignore_add(wpa_s, ssid->disabled_due_to); |
8767 | 0 | os_memset(ssid->disabled_due_to, 0, ETH_ALEN); |
8768 | 0 | } |
8769 | 0 | } |
8770 | | |
8771 | | |
8772 | | int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid) |
8773 | 0 | { |
8774 | 0 | size_t i; |
8775 | |
|
8776 | 0 | if (wpa_s->disallow_aps_bssid == NULL) |
8777 | 0 | return 0; |
8778 | | |
8779 | 0 | for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) { |
8780 | 0 | if (ether_addr_equal(wpa_s->disallow_aps_bssid + i * ETH_ALEN, |
8781 | 0 | bssid)) |
8782 | 0 | return 1; |
8783 | 0 | } |
8784 | | |
8785 | 0 | return 0; |
8786 | 0 | } |
8787 | | |
8788 | | |
8789 | | int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, |
8790 | | size_t ssid_len) |
8791 | 0 | { |
8792 | 0 | size_t i; |
8793 | |
|
8794 | 0 | if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL) |
8795 | 0 | return 0; |
8796 | | |
8797 | 0 | for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) { |
8798 | 0 | struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i]; |
8799 | 0 | if (ssid_len == s->ssid_len && |
8800 | 0 | os_memcmp(ssid, s->ssid, ssid_len) == 0) |
8801 | 0 | return 1; |
8802 | 0 | } |
8803 | | |
8804 | 0 | return 0; |
8805 | 0 | } |
8806 | | |
8807 | | |
8808 | | /** |
8809 | | * wpas_request_connection - Request a new connection |
8810 | | * @wpa_s: Pointer to the network interface |
8811 | | * |
8812 | | * This function is used to request a new connection to be found. It will mark |
8813 | | * the interface to allow reassociation and request a new scan to find a |
8814 | | * suitable network to connect to. |
8815 | | */ |
8816 | | void wpas_request_connection(struct wpa_supplicant *wpa_s) |
8817 | 0 | { |
8818 | 0 | wpa_s->normal_scans = 0; |
8819 | 0 | wpa_s->scan_req = NORMAL_SCAN_REQ; |
8820 | 0 | wpa_supplicant_reinit_autoscan(wpa_s); |
8821 | 0 | wpa_s->disconnected = 0; |
8822 | 0 | wpa_s->reassociate = 1; |
8823 | 0 | wpa_s->last_owe_group = 0; |
8824 | |
|
8825 | 0 | if (wpa_supplicant_fast_associate(wpa_s) != 1) |
8826 | 0 | wpa_supplicant_req_scan(wpa_s, 0, 0); |
8827 | 0 | else |
8828 | 0 | wpa_s->reattach = 0; |
8829 | 0 | } |
8830 | | |
8831 | | |
8832 | | /** |
8833 | | * wpas_request_disconnection - Request disconnection |
8834 | | * @wpa_s: Pointer to the network interface |
8835 | | * |
8836 | | * This function is used to request disconnection from the currently connected |
8837 | | * network. This will stop any ongoing scans and initiate deauthentication. |
8838 | | */ |
8839 | | void wpas_request_disconnection(struct wpa_supplicant *wpa_s) |
8840 | 0 | { |
8841 | | #ifdef CONFIG_SME |
8842 | | wpa_s->sme.prev_bssid_set = 0; |
8843 | | #endif /* CONFIG_SME */ |
8844 | 0 | wpa_s->reassociate = 0; |
8845 | 0 | wpa_s->disconnected = 1; |
8846 | 0 | wpa_supplicant_cancel_sched_scan(wpa_s); |
8847 | 0 | wpa_supplicant_cancel_scan(wpa_s); |
8848 | 0 | wpas_abort_ongoing_scan(wpa_s); |
8849 | 0 | wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); |
8850 | 0 | eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); |
8851 | 0 | radio_remove_works(wpa_s, "connect", 0); |
8852 | 0 | radio_remove_works(wpa_s, "sme-connect", 0); |
8853 | 0 | wpa_s->roam_in_progress = false; |
8854 | 0 | #ifdef CONFIG_WNM |
8855 | 0 | wpa_s->bss_trans_mgmt_in_progress = false; |
8856 | 0 | #endif /* CONFIG_WNM */ |
8857 | 0 | } |
8858 | | |
8859 | | |
8860 | | void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title, |
8861 | | struct wpa_used_freq_data *freqs_data, |
8862 | | unsigned int len) |
8863 | 0 | { |
8864 | 0 | unsigned int i; |
8865 | |
|
8866 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s", |
8867 | 0 | len, title); |
8868 | 0 | for (i = 0; i < len; i++) { |
8869 | 0 | struct wpa_used_freq_data *cur = &freqs_data[i]; |
8870 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X", |
8871 | 0 | i, cur->freq, cur->flags); |
8872 | 0 | } |
8873 | 0 | } |
8874 | | |
8875 | | |
8876 | | /* |
8877 | | * Find the operating frequencies of any of the virtual interfaces that |
8878 | | * are using the same radio as the current interface, and in addition, get |
8879 | | * information about the interface types that are using the frequency. |
8880 | | */ |
8881 | | int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s, |
8882 | | struct wpa_used_freq_data *freqs_data, |
8883 | | unsigned int len, bool exclude_current) |
8884 | 0 | { |
8885 | 0 | struct wpa_supplicant *ifs; |
8886 | 0 | u8 bssid[ETH_ALEN]; |
8887 | 0 | int freq; |
8888 | 0 | unsigned int idx = 0, i; |
8889 | |
|
8890 | 0 | wpa_dbg(wpa_s, MSG_DEBUG, |
8891 | 0 | "Determining shared radio frequencies (max len %u)", len); |
8892 | 0 | os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len); |
8893 | |
|
8894 | 0 | dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant, |
8895 | 0 | radio_list) { |
8896 | 0 | if (idx == len) |
8897 | 0 | break; |
8898 | | |
8899 | 0 | if (exclude_current && ifs == wpa_s) |
8900 | 0 | continue; |
8901 | | |
8902 | 0 | if (ifs->current_ssid == NULL || ifs->assoc_freq == 0) |
8903 | 0 | continue; |
8904 | | |
8905 | 0 | if (ifs->current_ssid->mode == WPAS_MODE_AP || |
8906 | 0 | ifs->current_ssid->mode == WPAS_MODE_P2P_GO || |
8907 | 0 | ifs->current_ssid->mode == WPAS_MODE_MESH) |
8908 | 0 | freq = ifs->current_ssid->frequency; |
8909 | 0 | else if (wpa_drv_get_bssid(ifs, bssid) == 0) |
8910 | 0 | freq = ifs->assoc_freq; |
8911 | 0 | else |
8912 | 0 | continue; |
8913 | | |
8914 | | /* Hold only distinct freqs */ |
8915 | 0 | for (i = 0; i < idx; i++) |
8916 | 0 | if (freqs_data[i].freq == freq) |
8917 | 0 | break; |
8918 | |
|
8919 | 0 | if (i == idx) |
8920 | 0 | freqs_data[idx++].freq = freq; |
8921 | |
|
8922 | 0 | if (ifs->current_ssid->mode == WPAS_MODE_INFRA) { |
8923 | 0 | freqs_data[i].flags |= ifs->current_ssid->p2p_group ? |
8924 | 0 | WPA_FREQ_USED_BY_P2P_CLIENT : |
8925 | 0 | WPA_FREQ_USED_BY_INFRA_STATION; |
8926 | 0 | } |
8927 | 0 | } |
8928 | |
|
8929 | 0 | dump_freq_data(wpa_s, "completed iteration", freqs_data, idx); |
8930 | 0 | return idx; |
8931 | 0 | } |
8932 | | |
8933 | | |
8934 | | /* |
8935 | | * Find the operating frequencies of any of the virtual interfaces that |
8936 | | * are using the same radio as the current interface. |
8937 | | */ |
8938 | | int get_shared_radio_freqs(struct wpa_supplicant *wpa_s, |
8939 | | int *freq_array, unsigned int len, |
8940 | | bool exclude_current) |
8941 | 0 | { |
8942 | 0 | struct wpa_used_freq_data *freqs_data; |
8943 | 0 | int num, i; |
8944 | |
|
8945 | 0 | os_memset(freq_array, 0, sizeof(int) * len); |
8946 | |
|
8947 | 0 | freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data)); |
8948 | 0 | if (!freqs_data) |
8949 | 0 | return -1; |
8950 | | |
8951 | 0 | num = get_shared_radio_freqs_data(wpa_s, freqs_data, len, |
8952 | 0 | exclude_current); |
8953 | 0 | for (i = 0; i < num; i++) |
8954 | 0 | freq_array[i] = freqs_data[i].freq; |
8955 | |
|
8956 | 0 | os_free(freqs_data); |
8957 | |
|
8958 | 0 | return num; |
8959 | 0 | } |
8960 | | |
8961 | | |
8962 | | struct wpa_supplicant * |
8963 | | wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame) |
8964 | 0 | { |
8965 | 0 | switch (frame) { |
8966 | | #ifdef CONFIG_P2P |
8967 | | case VENDOR_ELEM_PROBE_REQ_P2P: |
8968 | | case VENDOR_ELEM_PROBE_RESP_P2P: |
8969 | | case VENDOR_ELEM_PROBE_RESP_P2P_GO: |
8970 | | case VENDOR_ELEM_BEACON_P2P_GO: |
8971 | | case VENDOR_ELEM_P2P_PD_REQ: |
8972 | | case VENDOR_ELEM_P2P_PD_RESP: |
8973 | | case VENDOR_ELEM_P2P_GO_NEG_REQ: |
8974 | | case VENDOR_ELEM_P2P_GO_NEG_RESP: |
8975 | | case VENDOR_ELEM_P2P_GO_NEG_CONF: |
8976 | | case VENDOR_ELEM_P2P_INV_REQ: |
8977 | | case VENDOR_ELEM_P2P_INV_RESP: |
8978 | | case VENDOR_ELEM_P2P_ASSOC_REQ: |
8979 | | case VENDOR_ELEM_P2P_ASSOC_RESP: |
8980 | | return wpa_s->p2pdev; |
8981 | | #endif /* CONFIG_P2P */ |
8982 | 0 | default: |
8983 | 0 | return wpa_s; |
8984 | 0 | } |
8985 | 0 | } |
8986 | | |
8987 | | |
8988 | | void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s) |
8989 | 0 | { |
8990 | 0 | unsigned int i; |
8991 | 0 | char buf[30]; |
8992 | |
|
8993 | 0 | wpa_printf(MSG_DEBUG, "Update vendor elements"); |
8994 | |
|
8995 | 0 | for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { |
8996 | 0 | if (wpa_s->vendor_elem[i]) { |
8997 | 0 | int res; |
8998 | |
|
8999 | 0 | res = os_snprintf(buf, sizeof(buf), "frame[%u]", i); |
9000 | 0 | if (!os_snprintf_error(sizeof(buf), res)) { |
9001 | 0 | wpa_hexdump_buf(MSG_DEBUG, buf, |
9002 | 0 | wpa_s->vendor_elem[i]); |
9003 | 0 | } |
9004 | 0 | } |
9005 | 0 | } |
9006 | |
|
9007 | | #ifdef CONFIG_P2P |
9008 | | if (wpa_s->parent == wpa_s && |
9009 | | wpa_s->global->p2p && |
9010 | | !wpa_s->global->p2p_disabled) |
9011 | | p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem); |
9012 | | #endif /* CONFIG_P2P */ |
9013 | 0 | } |
9014 | | |
9015 | | |
9016 | | int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame, |
9017 | | const u8 *elem, size_t len) |
9018 | 0 | { |
9019 | 0 | u8 *ie, *end; |
9020 | |
|
9021 | 0 | ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]); |
9022 | 0 | end = ie + wpabuf_len(wpa_s->vendor_elem[frame]); |
9023 | |
|
9024 | 0 | for (; ie + 1 < end; ie += 2 + ie[1]) { |
9025 | 0 | if (ie + len > end) |
9026 | 0 | break; |
9027 | 0 | if (os_memcmp(ie, elem, len) != 0) |
9028 | 0 | continue; |
9029 | | |
9030 | 0 | if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) { |
9031 | 0 | wpabuf_free(wpa_s->vendor_elem[frame]); |
9032 | 0 | wpa_s->vendor_elem[frame] = NULL; |
9033 | 0 | } else { |
9034 | 0 | os_memmove(ie, ie + len, end - (ie + len)); |
9035 | 0 | wpa_s->vendor_elem[frame]->used -= len; |
9036 | 0 | } |
9037 | 0 | wpas_vendor_elem_update(wpa_s); |
9038 | 0 | return 0; |
9039 | 0 | } |
9040 | | |
9041 | 0 | return -1; |
9042 | 0 | } |
9043 | | |
9044 | | |
9045 | | struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes, |
9046 | | u16 num_modes, enum hostapd_hw_mode mode, |
9047 | | bool is_6ghz) |
9048 | 0 | { |
9049 | 0 | u16 i; |
9050 | |
|
9051 | 0 | if (!modes) |
9052 | 0 | return NULL; |
9053 | | |
9054 | 0 | for (i = 0; i < num_modes; i++) { |
9055 | 0 | if (modes[i].mode != mode || |
9056 | 0 | !modes[i].num_channels || !modes[i].channels) |
9057 | 0 | continue; |
9058 | 0 | if ((!is_6ghz && !is_6ghz_freq(modes[i].channels[0].freq)) || |
9059 | 0 | (is_6ghz && is_6ghz_freq(modes[i].channels[0].freq))) |
9060 | 0 | return &modes[i]; |
9061 | 0 | } |
9062 | | |
9063 | 0 | return NULL; |
9064 | 0 | } |
9065 | | |
9066 | | |
9067 | | struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes, |
9068 | | u16 num_modes, int freq) |
9069 | 0 | { |
9070 | 0 | int i, j; |
9071 | |
|
9072 | 0 | for (i = 0; i < num_modes; i++) { |
9073 | 0 | for (j = 0; j < modes[i].num_channels; j++) { |
9074 | 0 | if (freq == modes[i].channels[j].freq) |
9075 | 0 | return &modes[i]; |
9076 | 0 | } |
9077 | 0 | } |
9078 | | |
9079 | 0 | return NULL; |
9080 | 0 | } |
9081 | | |
9082 | | |
9083 | | static struct |
9084 | | wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s, |
9085 | | const u8 *bssid) |
9086 | 0 | { |
9087 | 0 | struct wpa_bss_tmp_disallowed *bss; |
9088 | |
|
9089 | 0 | dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed, |
9090 | 0 | struct wpa_bss_tmp_disallowed, list) { |
9091 | 0 | if (ether_addr_equal(bssid, bss->bssid)) |
9092 | 0 | return bss; |
9093 | 0 | } |
9094 | | |
9095 | 0 | return NULL; |
9096 | 0 | } |
9097 | | |
9098 | | |
9099 | | static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s) |
9100 | 0 | { |
9101 | 0 | struct wpa_bss_tmp_disallowed *tmp; |
9102 | 0 | unsigned int num_bssid = 0; |
9103 | 0 | u8 *bssids; |
9104 | 0 | int ret; |
9105 | |
|
9106 | 0 | bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN); |
9107 | 0 | if (!bssids) |
9108 | 0 | return -1; |
9109 | 0 | dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, |
9110 | 0 | struct wpa_bss_tmp_disallowed, list) { |
9111 | 0 | os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid, |
9112 | 0 | ETH_ALEN); |
9113 | 0 | num_bssid++; |
9114 | 0 | } |
9115 | 0 | ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids); |
9116 | 0 | os_free(bssids); |
9117 | 0 | return ret; |
9118 | 0 | } |
9119 | | |
9120 | | |
9121 | | static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx) |
9122 | 0 | { |
9123 | 0 | struct wpa_supplicant *wpa_s = eloop_ctx; |
9124 | 0 | struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx; |
9125 | | |
9126 | | /* Make sure the bss is not already freed */ |
9127 | 0 | dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, |
9128 | 0 | struct wpa_bss_tmp_disallowed, list) { |
9129 | 0 | if (bss == tmp) { |
9130 | 0 | remove_bss_tmp_disallowed_entry(wpa_s, tmp); |
9131 | 0 | wpa_set_driver_tmp_disallow_list(wpa_s); |
9132 | 0 | break; |
9133 | 0 | } |
9134 | 0 | } |
9135 | 0 | } |
9136 | | |
9137 | | |
9138 | | void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid, |
9139 | | unsigned int sec, int rssi_threshold) |
9140 | 0 | { |
9141 | 0 | struct wpa_bss_tmp_disallowed *bss; |
9142 | |
|
9143 | 0 | bss = wpas_get_disallowed_bss(wpa_s, bssid); |
9144 | 0 | if (bss) { |
9145 | 0 | eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); |
9146 | 0 | goto finish; |
9147 | 0 | } |
9148 | | |
9149 | 0 | bss = os_malloc(sizeof(*bss)); |
9150 | 0 | if (!bss) { |
9151 | 0 | wpa_printf(MSG_DEBUG, |
9152 | 0 | "Failed to allocate memory for temp disallow BSS"); |
9153 | 0 | return; |
9154 | 0 | } |
9155 | | |
9156 | 0 | os_memcpy(bss->bssid, bssid, ETH_ALEN); |
9157 | 0 | dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list); |
9158 | 0 | wpa_set_driver_tmp_disallow_list(wpa_s); |
9159 | |
|
9160 | 0 | finish: |
9161 | 0 | bss->rssi_threshold = rssi_threshold; |
9162 | 0 | eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout, |
9163 | 0 | wpa_s, bss); |
9164 | 0 | } |
9165 | | |
9166 | | |
9167 | | int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, |
9168 | | struct wpa_bss *bss) |
9169 | 0 | { |
9170 | 0 | struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev; |
9171 | |
|
9172 | 0 | dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed, |
9173 | 0 | struct wpa_bss_tmp_disallowed, list) { |
9174 | 0 | if (ether_addr_equal(bss->bssid, tmp->bssid)) { |
9175 | 0 | disallowed = tmp; |
9176 | 0 | break; |
9177 | 0 | } |
9178 | 0 | } |
9179 | 0 | if (!disallowed) |
9180 | 0 | return 0; |
9181 | | |
9182 | 0 | if (disallowed->rssi_threshold != 0 && |
9183 | 0 | bss->level > disallowed->rssi_threshold) { |
9184 | 0 | remove_bss_tmp_disallowed_entry(wpa_s, disallowed); |
9185 | 0 | wpa_set_driver_tmp_disallow_list(wpa_s); |
9186 | 0 | return 0; |
9187 | 0 | } |
9188 | | |
9189 | 0 | return 1; |
9190 | 0 | } |
9191 | | |
9192 | | |
9193 | | int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s, |
9194 | | unsigned int type, const u8 *addr, |
9195 | | const u8 *mask) |
9196 | 0 | { |
9197 | 0 | if ((addr && !mask) || (!addr && mask)) { |
9198 | 0 | wpa_printf(MSG_INFO, |
9199 | 0 | "MAC_ADDR_RAND_SCAN invalid addr/mask combination"); |
9200 | 0 | return -1; |
9201 | 0 | } |
9202 | | |
9203 | 0 | if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) { |
9204 | 0 | wpa_printf(MSG_INFO, |
9205 | 0 | "MAC_ADDR_RAND_SCAN cannot allow multicast address"); |
9206 | 0 | return -1; |
9207 | 0 | } |
9208 | | |
9209 | 0 | if (type & MAC_ADDR_RAND_SCAN) { |
9210 | 0 | if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN, |
9211 | 0 | addr, mask)) |
9212 | 0 | return -1; |
9213 | 0 | } |
9214 | | |
9215 | 0 | if (type & MAC_ADDR_RAND_SCHED_SCAN) { |
9216 | 0 | if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN, |
9217 | 0 | addr, mask)) |
9218 | 0 | return -1; |
9219 | | |
9220 | 0 | if (wpa_s->sched_scanning && !wpa_s->pno) |
9221 | 0 | wpas_scan_restart_sched_scan(wpa_s); |
9222 | 0 | } |
9223 | | |
9224 | 0 | if (type & MAC_ADDR_RAND_PNO) { |
9225 | 0 | if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO, |
9226 | 0 | addr, mask)) |
9227 | 0 | return -1; |
9228 | | |
9229 | 0 | if (wpa_s->pno) { |
9230 | 0 | wpas_stop_pno(wpa_s); |
9231 | 0 | wpas_start_pno(wpa_s); |
9232 | 0 | } |
9233 | 0 | } |
9234 | | |
9235 | 0 | return 0; |
9236 | 0 | } |
9237 | | |
9238 | | |
9239 | | int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s, |
9240 | | unsigned int type) |
9241 | 0 | { |
9242 | 0 | wpas_mac_addr_rand_scan_clear(wpa_s, type); |
9243 | 0 | if (wpa_s->pno) { |
9244 | 0 | if (type & MAC_ADDR_RAND_PNO) { |
9245 | 0 | wpas_stop_pno(wpa_s); |
9246 | 0 | wpas_start_pno(wpa_s); |
9247 | 0 | } |
9248 | 0 | } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) { |
9249 | 0 | wpas_scan_restart_sched_scan(wpa_s); |
9250 | 0 | } |
9251 | |
|
9252 | 0 | return 0; |
9253 | 0 | } |
9254 | | |
9255 | | |
9256 | | int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s, |
9257 | | struct wpa_signal_info *si) |
9258 | 0 | { |
9259 | 0 | int res; |
9260 | |
|
9261 | 0 | if (!wpa_s->driver->signal_poll) |
9262 | 0 | return -1; |
9263 | | |
9264 | 0 | res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si); |
9265 | |
|
9266 | | #ifdef CONFIG_TESTING_OPTIONS |
9267 | | if (res == 0) { |
9268 | | struct driver_signal_override *dso; |
9269 | | |
9270 | | dl_list_for_each(dso, &wpa_s->drv_signal_override, |
9271 | | struct driver_signal_override, list) { |
9272 | | if (!ether_addr_equal(wpa_s->bssid, dso->bssid)) |
9273 | | continue; |
9274 | | wpa_printf(MSG_DEBUG, |
9275 | | "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d", |
9276 | | si->data.signal, |
9277 | | dso->si_current_signal, |
9278 | | si->data.avg_signal, |
9279 | | dso->si_avg_signal, |
9280 | | si->data.avg_beacon_signal, |
9281 | | dso->si_avg_beacon_signal, |
9282 | | si->current_noise, |
9283 | | dso->si_current_noise); |
9284 | | si->data.signal = dso->si_current_signal; |
9285 | | si->data.avg_signal = dso->si_avg_signal; |
9286 | | si->data.avg_beacon_signal = dso->si_avg_beacon_signal; |
9287 | | si->current_noise = dso->si_current_noise; |
9288 | | break; |
9289 | | } |
9290 | | } |
9291 | | #endif /* CONFIG_TESTING_OPTIONS */ |
9292 | |
|
9293 | 0 | return res; |
9294 | 0 | } |
9295 | | |
9296 | | |
9297 | | struct wpa_scan_results * |
9298 | | wpa_drv_get_scan_results2(struct wpa_supplicant *wpa_s) |
9299 | 898 | { |
9300 | 898 | struct wpa_scan_results *scan_res; |
9301 | | #ifdef CONFIG_TESTING_OPTIONS |
9302 | | size_t idx; |
9303 | | #endif /* CONFIG_TESTING_OPTIONS */ |
9304 | | |
9305 | 898 | if (!wpa_s->driver->get_scan_results2) |
9306 | 898 | return NULL; |
9307 | | |
9308 | 0 | scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv); |
9309 | |
|
9310 | | #ifdef CONFIG_TESTING_OPTIONS |
9311 | | for (idx = 0; scan_res && idx < scan_res->num; idx++) { |
9312 | | struct driver_signal_override *dso; |
9313 | | struct wpa_scan_res *res = scan_res->res[idx]; |
9314 | | |
9315 | | dl_list_for_each(dso, &wpa_s->drv_signal_override, |
9316 | | struct driver_signal_override, list) { |
9317 | | if (!ether_addr_equal(res->bssid, dso->bssid)) |
9318 | | continue; |
9319 | | wpa_printf(MSG_DEBUG, |
9320 | | "Override driver scan signal level %d->%d for " |
9321 | | MACSTR, |
9322 | | res->level, dso->scan_level, |
9323 | | MAC2STR(res->bssid)); |
9324 | | res->flags |= WPA_SCAN_QUAL_INVALID; |
9325 | | if (dso->scan_level < 0) |
9326 | | res->flags |= WPA_SCAN_LEVEL_DBM; |
9327 | | else |
9328 | | res->flags &= ~WPA_SCAN_LEVEL_DBM; |
9329 | | res->level = dso->scan_level; |
9330 | | break; |
9331 | | } |
9332 | | } |
9333 | | #endif /* CONFIG_TESTING_OPTIONS */ |
9334 | |
|
9335 | 0 | return scan_res; |
9336 | 898 | } |
9337 | | |
9338 | | |
9339 | | bool wpas_ap_link_address(struct wpa_supplicant *wpa_s, const u8 *addr) |
9340 | 0 | { |
9341 | 0 | int i; |
9342 | |
|
9343 | 0 | if (!wpa_s->valid_links) |
9344 | 0 | return false; |
9345 | | |
9346 | 0 | for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { |
9347 | 0 | if (!(wpa_s->valid_links & BIT(i))) |
9348 | 0 | continue; |
9349 | | |
9350 | 0 | if (ether_addr_equal(wpa_s->links[i].bssid, addr)) |
9351 | 0 | return true; |
9352 | 0 | } |
9353 | | |
9354 | 0 | return false; |
9355 | 0 | } |
9356 | | |
9357 | | |
9358 | | int wpa_drv_send_action(struct wpa_supplicant *wpa_s, unsigned int freq, |
9359 | | unsigned int wait, const u8 *dst, const u8 *src, |
9360 | | const u8 *bssid, const u8 *data, size_t data_len, |
9361 | | int no_cck) |
9362 | 46 | { |
9363 | 46 | if (!wpa_s->driver->send_action) |
9364 | 46 | return -1; |
9365 | | |
9366 | 0 | if (data_len > 0 && data[0] != WLAN_ACTION_PUBLIC) { |
9367 | 0 | if (wpas_ap_link_address(wpa_s, dst)) |
9368 | 0 | dst = wpa_s->ap_mld_addr; |
9369 | |
|
9370 | 0 | if (wpas_ap_link_address(wpa_s, bssid)) |
9371 | 0 | bssid = wpa_s->ap_mld_addr; |
9372 | 0 | } |
9373 | |
|
9374 | 0 | return wpa_s->driver->send_action(wpa_s->drv_priv, freq, wait, dst, src, |
9375 | 0 | bssid, data, data_len, no_cck); |
9376 | 46 | } |
9377 | | |
9378 | | |
9379 | | bool wpas_is_6ghz_supported(struct wpa_supplicant *wpa_s, bool only_enabled) |
9380 | 0 | { |
9381 | 0 | struct hostapd_channel_data *chnl; |
9382 | 0 | int i, j; |
9383 | |
|
9384 | 0 | for (i = 0; i < wpa_s->hw.num_modes; i++) { |
9385 | 0 | if (wpa_s->hw.modes[i].mode == HOSTAPD_MODE_IEEE80211A) { |
9386 | 0 | chnl = wpa_s->hw.modes[i].channels; |
9387 | 0 | for (j = 0; j < wpa_s->hw.modes[i].num_channels; j++) { |
9388 | 0 | if (only_enabled && |
9389 | 0 | (chnl[j].flag & HOSTAPD_CHAN_DISABLED)) |
9390 | 0 | continue; |
9391 | 0 | if (is_6ghz_freq(chnl[j].freq)) |
9392 | 0 | return true; |
9393 | 0 | } |
9394 | 0 | } |
9395 | 0 | } |
9396 | | |
9397 | 0 | return false; |
9398 | 0 | } |