3 * Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License version 2 as
7 * published by the Free Software Foundation.
9 * Alternatively, this software may be distributed under the terms of BSD
12 * See README and COPYING for more details.
14 * This file implements functions for registering and unregistering
15 * %wpa_supplicant interfaces. In addition, this file contains number of
16 * functions for managing network connections.
22 #include "eapol_supp/eapol_supp_sm.h"
23 #include "eap_peer/eap.h"
26 #include "drivers/driver.h"
28 #include "l2_packet/l2_packet.h"
29 #include "wpa_supplicant_i.h"
30 #include "ctrl_iface.h"
31 #include "ctrl_iface_dbus.h"
32 #include "pcsc_funcs.h"
35 #include "pmksa_cache.h"
38 #include "ieee802_11_defs.h"
39 #include "blacklist.h"
40 #include "wpas_glue.h"
41 #include "wps_supplicant.h"
46 const char *wpa_supplicant_version =
47 "wpa_supplicant v" VERSION_STR "\n"
48 "Copyright (c) 2003-2009, Jouni Malinen <j@w1.fi> and contributors";
50 const char *wpa_supplicant_license =
51 "This program is free software. You can distribute it and/or modify it\n"
52 "under the terms of the GNU General Public License version 2.\n"
54 "Alternatively, this software may be distributed under the terms of the\n"
55 "BSD license. See README and COPYING for more details.\n"
56 #ifdef EAP_TLS_OPENSSL
57 "\nThis product includes software developed by the OpenSSL Project\n"
58 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
59 #endif /* EAP_TLS_OPENSSL */
62 #ifndef CONFIG_NO_STDOUT_DEBUG
63 /* Long text divided into parts in order to fit in C89 strings size limits. */
64 const char *wpa_supplicant_full_license1 =
65 "This program is free software; you can redistribute it and/or modify\n"
66 "it under the terms of the GNU General Public License version 2 as\n"
67 "published by the Free Software Foundation.\n"
69 "This program is distributed in the hope that it will be useful,\n"
70 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
71 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
72 "GNU General Public License for more details.\n"
74 const char *wpa_supplicant_full_license2 =
75 "You should have received a copy of the GNU General Public License\n"
76 "along with this program; if not, write to the Free Software\n"
77 "Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n"
79 "Alternatively, this software may be distributed under the terms of the\n"
82 "Redistribution and use in source and binary forms, with or without\n"
83 "modification, are permitted provided that the following conditions are\n"
86 const char *wpa_supplicant_full_license3 =
87 "1. Redistributions of source code must retain the above copyright\n"
88 " notice, this list of conditions and the following disclaimer.\n"
90 "2. Redistributions in binary form must reproduce the above copyright\n"
91 " notice, this list of conditions and the following disclaimer in the\n"
92 " documentation and/or other materials provided with the distribution.\n"
94 const char *wpa_supplicant_full_license4 =
95 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
96 " names of its contributors may be used to endorse or promote products\n"
97 " derived from this software without specific prior written permission.\n"
99 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
100 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
101 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
102 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
103 const char *wpa_supplicant_full_license5 =
104 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
105 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
106 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
107 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
108 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
109 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
110 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
112 #endif /* CONFIG_NO_STDOUT_DEBUG */
114 extern int wpa_debug_level;
115 extern int wpa_debug_show_keys;
116 extern int wpa_debug_timestamp;
118 /* Configure default/group WEP keys for static WEP */
119 static int wpa_set_wep_keys(struct wpa_supplicant *wpa_s,
120 struct wpa_ssid *ssid)
124 for (i = 0; i < NUM_WEP_KEYS; i++) {
125 if (ssid->wep_key_len[i] == 0)
129 wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
130 (u8 *) "\xff\xff\xff\xff\xff\xff",
131 i, i == ssid->wep_tx_keyidx, (u8 *) "", 0,
132 ssid->wep_key[i], ssid->wep_key_len[i]);
139 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
140 struct wpa_ssid *ssid)
147 /* IBSS/WPA-None uses only one key (Group) for both receiving and
148 * sending unicast and multicast packets. */
150 if (ssid->mode != IEEE80211_MODE_IBSS) {
151 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
152 "for WPA-None", ssid->mode);
156 if (!ssid->psk_set) {
157 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
161 switch (wpa_s->group_cipher) {
162 case WPA_CIPHER_CCMP:
163 os_memcpy(key, ssid->psk, 16);
167 case WPA_CIPHER_TKIP:
168 /* WPA-None uses the same Michael MIC key for both TX and RX */
169 os_memcpy(key, ssid->psk, 16 + 8);
170 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
175 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
176 "WPA-None", wpa_s->group_cipher);
180 /* TODO: should actually remember the previously used seq#, both for TX
181 * and RX from each STA.. */
183 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
184 0, 1, seq, 6, key, keylen);
188 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
190 struct wpa_supplicant *wpa_s = eloop_ctx;
191 const u8 *bssid = wpa_s->bssid;
192 if (is_zero_ether_addr(bssid))
193 bssid = wpa_s->pending_bssid;
194 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
196 wpa_blacklist_add(wpa_s, bssid);
197 wpa_sm_notify_disassoc(wpa_s->wpa);
198 wpa_supplicant_disassociate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
199 wpa_s->reassociate = 1;
200 wpa_supplicant_req_scan(wpa_s, 0, 0);
205 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
206 * @wpa_s: Pointer to wpa_supplicant data
207 * @sec: Number of seconds after which to time out authentication
208 * @usec: Number of microseconds after which to time out authentication
210 * This function is used to schedule a timeout for the current authentication
213 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
216 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
217 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
220 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
221 "%d usec", sec, usec);
222 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
223 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
228 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
229 * @wpa_s: Pointer to wpa_supplicant data
231 * This function is used to cancel authentication timeout scheduled with
232 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
235 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
237 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
238 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
239 wpa_blacklist_del(wpa_s, wpa_s->bssid);
244 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
245 * @wpa_s: Pointer to wpa_supplicant data
247 * This function is used to configure EAPOL state machine based on the selected
248 * authentication mode.
250 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
252 #ifdef IEEE8021X_EAPOL
253 struct eapol_config eapol_conf;
254 struct wpa_ssid *ssid = wpa_s->current_ssid;
256 #ifdef CONFIG_IBSS_RSN
257 if (ssid->mode == IEEE80211_MODE_IBSS &&
258 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
259 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
261 * RSN IBSS authentication is per-STA and we can disable the
262 * per-BSSID EAPOL authentication.
264 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
265 eapol_sm_notify_eap_success(wpa_s->eapol, TRUE);
266 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
269 #endif /* CONFIG_IBSS_RSN */
271 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
272 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
274 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
275 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
276 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
278 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
280 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
281 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
282 eapol_conf.accept_802_1x_keys = 1;
283 eapol_conf.required_keys = 0;
284 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
285 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
287 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
288 eapol_conf.required_keys |=
289 EAPOL_REQUIRE_KEY_BROADCAST;
292 if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
293 eapol_conf.required_keys = 0;
296 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
297 eapol_conf.workaround = ssid->eap_workaround;
298 eapol_conf.eap_disabled =
299 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
300 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
301 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
302 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
303 #endif /* IEEE8021X_EAPOL */
308 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
309 * @wpa_s: Pointer to wpa_supplicant data
310 * @ssid: Configuration data for the network
312 * This function is used to configure WPA state machine and related parameters
313 * to a mode where WPA is not enabled. This is called as part of the
314 * authentication configuration when the selected network does not use WPA.
316 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
317 struct wpa_ssid *ssid)
321 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
322 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
323 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
324 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
326 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
327 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
328 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
329 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
330 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
331 wpa_s->group_cipher = WPA_CIPHER_NONE;
332 wpa_s->mgmt_group_cipher = 0;
334 for (i = 0; i < NUM_WEP_KEYS; i++) {
335 if (ssid->wep_key_len[i] > 5) {
336 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
337 wpa_s->group_cipher = WPA_CIPHER_WEP104;
339 } else if (ssid->wep_key_len[i] > 0) {
340 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
341 wpa_s->group_cipher = WPA_CIPHER_WEP40;
346 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
347 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
348 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
349 wpa_s->pairwise_cipher);
350 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
351 #ifdef CONFIG_IEEE80211W
352 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
353 wpa_s->mgmt_group_cipher);
354 #endif /* CONFIG_IEEE80211W */
356 pmksa_cache_clear_current(wpa_s->wpa);
360 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
362 scard_deinit(wpa_s->scard);
364 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
365 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
366 l2_packet_deinit(wpa_s->l2);
369 l2_packet_deinit(wpa_s->l2_br);
373 if (wpa_s->ctrl_iface) {
374 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
375 wpa_s->ctrl_iface = NULL;
377 if (wpa_s->conf != NULL) {
378 wpa_config_free(wpa_s->conf);
382 os_free(wpa_s->confname);
383 wpa_s->confname = NULL;
385 wpa_sm_set_eapol(wpa_s->wpa, NULL);
386 eapol_sm_deinit(wpa_s->eapol);
389 rsn_preauth_deinit(wpa_s->wpa);
391 pmksa_candidate_free(wpa_s->wpa);
392 wpa_sm_deinit(wpa_s->wpa);
394 wpa_blacklist_clear(wpa_s);
396 wpa_scan_results_free(wpa_s->scan_res);
397 wpa_s->scan_res = NULL;
399 wpa_supplicant_cancel_scan(wpa_s);
400 wpa_supplicant_cancel_auth_timeout(wpa_s);
402 ieee80211_sta_deinit(wpa_s);
404 wpas_wps_deinit(wpa_s);
406 #ifdef CONFIG_IBSS_RSN
407 ibss_rsn_deinit(wpa_s->ibss_rsn);
408 wpa_s->ibss_rsn = NULL;
409 #endif /* CONFIG_IBSS_RSN */
412 os_free(wpa_s->sme.ft_ies);
413 wpa_s->sme.ft_ies = NULL;
414 wpa_s->sme.ft_ies_len = 0;
415 #endif /* CONFIG_SME */
420 * wpa_clear_keys - Clear keys configured for the driver
421 * @wpa_s: Pointer to wpa_supplicant data
422 * @addr: Previously used BSSID or %NULL if not available
424 * This function clears the encryption keys that has been previously configured
427 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
429 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
431 if (wpa_s->keys_cleared) {
432 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
433 * timing issues with keys being cleared just before new keys
434 * are set or just after association or something similar. This
435 * shows up in group key handshake failing often because of the
436 * client not receiving the first encrypted packets correctly.
437 * Skipping some of the extra key clearing steps seems to help
438 * in completing group key handshake more reliably. */
439 wpa_printf(MSG_DEBUG, "No keys have been configured - "
440 "skip key clearing");
444 /* MLME-DELETEKEYS.request */
445 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
446 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
447 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
448 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
450 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
452 /* MLME-SETPROTECTION.request(None) */
453 wpa_drv_mlme_setprotection(
455 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
456 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
458 wpa_s->keys_cleared = 1;
463 * wpa_supplicant_state_txt - Get the connection state name as a text string
464 * @state: State (wpa_state; WPA_*)
465 * Returns: The state name as a printable text string
467 const char * wpa_supplicant_state_txt(int state)
470 case WPA_DISCONNECTED:
471 return "DISCONNECTED";
476 case WPA_AUTHENTICATING:
477 return "AUTHENTICATING";
478 case WPA_ASSOCIATING:
479 return "ASSOCIATING";
482 case WPA_4WAY_HANDSHAKE:
483 return "4WAY_HANDSHAKE";
484 case WPA_GROUP_HANDSHAKE:
485 return "GROUP_HANDSHAKE";
495 * wpa_supplicant_set_state - Set current connection state
496 * @wpa_s: Pointer to wpa_supplicant data
497 * @state: The new connection state
499 * This function is called whenever the connection state changes, e.g.,
500 * association is completed for WPA/WPA2 4-Way Handshake is started.
502 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
504 wpa_printf(MSG_DEBUG, "State: %s -> %s",
505 wpa_supplicant_state_txt(wpa_s->wpa_state),
506 wpa_supplicant_state_txt(state));
508 wpa_supplicant_dbus_notify_state_change(wpa_s, state,
511 if (state == WPA_COMPLETED && wpa_s->new_connection) {
512 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
513 struct wpa_ssid *ssid = wpa_s->current_ssid;
514 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
515 MACSTR " completed %s [id=%d id_str=%s]",
516 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
517 "(reauth)" : "(auth)",
518 ssid ? ssid->id : -1,
519 ssid && ssid->id_str ? ssid->id_str : "");
520 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
521 wpa_s->new_connection = 0;
522 wpa_s->reassociated_connection = 1;
523 wpa_drv_set_operstate(wpa_s, 1);
524 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
525 state == WPA_ASSOCIATED) {
526 wpa_s->new_connection = 1;
527 wpa_drv_set_operstate(wpa_s, 0);
529 wpa_s->wpa_state = state;
533 static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
536 struct wpa_global *global = eloop_ctx;
537 struct wpa_supplicant *wpa_s;
538 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
539 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
546 static void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
548 wpa_s->pairwise_cipher = 0;
549 wpa_s->group_cipher = 0;
550 wpa_s->mgmt_group_cipher = 0;
552 wpa_s->wpa_state = WPA_DISCONNECTED;
557 * wpa_supplicant_reload_configuration - Reload configuration data
558 * @wpa_s: Pointer to wpa_supplicant data
559 * Returns: 0 on success or -1 if configuration parsing failed
561 * This function can be used to request that the configuration data is reloaded
562 * (e.g., after configuration file change). This function is reloading
563 * configuration only for one interface, so this may need to be called multiple
564 * times if %wpa_supplicant is controlling multiple interfaces and all
565 * interfaces need reconfiguration.
567 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
569 struct wpa_config *conf;
571 if (wpa_s->confname == NULL)
573 conf = wpa_config_read(wpa_s->confname);
575 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
576 "file '%s' - exiting", wpa_s->confname);
580 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
581 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
582 os_strcmp(conf->ctrl_interface,
583 wpa_s->conf->ctrl_interface) != 0);
585 if (reconf_ctrl && wpa_s->ctrl_iface) {
586 wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface);
587 wpa_s->ctrl_iface = NULL;
590 eapol_sm_invalidate_cached_session(wpa_s->eapol);
591 wpa_s->current_ssid = NULL;
593 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
594 * pkcs11_engine_path, pkcs11_module_path.
596 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) {
598 * Clear forced success to clear EAP state for next
601 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
603 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
604 wpa_sm_set_config(wpa_s->wpa, NULL);
605 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
606 rsn_preauth_deinit(wpa_s->wpa);
607 wpa_config_free(wpa_s->conf);
610 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
612 wpa_supplicant_clear_status(wpa_s);
613 wpa_s->reassociate = 1;
614 wpa_supplicant_req_scan(wpa_s, 0, 0);
615 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
620 static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
623 struct wpa_global *global = eloop_ctx;
624 struct wpa_supplicant *wpa_s;
625 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
626 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
627 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
634 static wpa_cipher cipher_suite2driver(int cipher)
637 case WPA_CIPHER_NONE:
639 case WPA_CIPHER_WEP40:
641 case WPA_CIPHER_WEP104:
642 return CIPHER_WEP104;
643 case WPA_CIPHER_CCMP:
645 case WPA_CIPHER_TKIP:
652 static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
655 case WPA_KEY_MGMT_NONE:
656 return KEY_MGMT_NONE;
657 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
658 return KEY_MGMT_802_1X_NO_WPA;
659 case WPA_KEY_MGMT_IEEE8021X:
660 return KEY_MGMT_802_1X;
661 case WPA_KEY_MGMT_WPA_NONE:
662 return KEY_MGMT_WPA_NONE;
663 case WPA_KEY_MGMT_FT_IEEE8021X:
664 return KEY_MGMT_FT_802_1X;
665 case WPA_KEY_MGMT_FT_PSK:
666 return KEY_MGMT_FT_PSK;
667 case WPA_KEY_MGMT_IEEE8021X_SHA256:
668 return KEY_MGMT_802_1X_SHA256;
669 case WPA_KEY_MGMT_PSK_SHA256:
670 return KEY_MGMT_PSK_SHA256;
671 case WPA_KEY_MGMT_WPS:
673 case WPA_KEY_MGMT_PSK:
680 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
681 struct wpa_ssid *ssid,
682 struct wpa_ie_data *ie)
684 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
687 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
688 "from association info");
693 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
695 if (!(ie->group_cipher & ssid->group_cipher)) {
696 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
697 "cipher 0x%x (mask 0x%x) - reject",
698 ie->group_cipher, ssid->group_cipher);
701 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
702 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
703 "cipher 0x%x (mask 0x%x) - reject",
704 ie->pairwise_cipher, ssid->pairwise_cipher);
707 if (!(ie->key_mgmt & ssid->key_mgmt)) {
708 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
709 "management 0x%x (mask 0x%x) - reject",
710 ie->key_mgmt, ssid->key_mgmt);
714 #ifdef CONFIG_IEEE80211W
715 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
716 ssid->ieee80211w == IEEE80211W_REQUIRED) {
717 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
718 "that does not support management frame protection - "
722 #endif /* CONFIG_IEEE80211W */
729 * wpa_supplicant_set_suites - Set authentication and encryption parameters
730 * @wpa_s: Pointer to wpa_supplicant data
731 * @bss: Scan results for the selected BSS, or %NULL if not available
732 * @ssid: Configuration data for the selected network
733 * @wpa_ie: Buffer for the WPA/RSN IE
734 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
735 * used buffer length in case the functions returns success.
736 * Returns: 0 on success or -1 on failure
738 * This function is used to configure authentication and encryption parameters
739 * based on the network configuration and scan result for the selected BSS (if
742 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
743 struct wpa_scan_res *bss,
744 struct wpa_ssid *ssid,
745 u8 *wpa_ie, size_t *wpa_ie_len)
747 struct wpa_ie_data ie;
749 const u8 *bss_wpa, *bss_rsn;
752 bss_wpa = wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
753 bss_rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
755 bss_wpa = bss_rsn = NULL;
757 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
758 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
759 (ie.group_cipher & ssid->group_cipher) &&
760 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
761 (ie.key_mgmt & ssid->key_mgmt)) {
762 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
763 proto = WPA_PROTO_RSN;
764 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
765 wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 &&
766 (ie.group_cipher & ssid->group_cipher) &&
767 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
768 (ie.key_mgmt & ssid->key_mgmt)) {
769 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
770 proto = WPA_PROTO_WPA;
772 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
775 if (ssid->proto & WPA_PROTO_RSN)
776 proto = WPA_PROTO_RSN;
778 proto = WPA_PROTO_WPA;
779 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
780 os_memset(&ie, 0, sizeof(ie));
781 ie.group_cipher = ssid->group_cipher;
782 ie.pairwise_cipher = ssid->pairwise_cipher;
783 ie.key_mgmt = ssid->key_mgmt;
784 #ifdef CONFIG_IEEE80211W
785 ie.mgmt_group_cipher =
786 ssid->ieee80211w != NO_IEEE80211W ?
787 WPA_CIPHER_AES_128_CMAC : 0;
788 #endif /* CONFIG_IEEE80211W */
789 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
795 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
796 "pairwise %d key_mgmt %d proto %d",
797 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
798 #ifdef CONFIG_IEEE80211W
799 if (ssid->ieee80211w) {
800 wpa_printf(MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
801 ie.mgmt_group_cipher);
803 #endif /* CONFIG_IEEE80211W */
805 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
806 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
807 !!(ssid->proto & WPA_PROTO_RSN));
809 if (bss || !wpa_s->ap_ies_from_associnfo) {
810 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
811 bss_wpa ? 2 + bss_wpa[1] : 0) ||
812 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
813 bss_rsn ? 2 + bss_rsn[1] : 0))
817 sel = ie.group_cipher & ssid->group_cipher;
818 if (sel & WPA_CIPHER_CCMP) {
819 wpa_s->group_cipher = WPA_CIPHER_CCMP;
820 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
821 } else if (sel & WPA_CIPHER_TKIP) {
822 wpa_s->group_cipher = WPA_CIPHER_TKIP;
823 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
824 } else if (sel & WPA_CIPHER_WEP104) {
825 wpa_s->group_cipher = WPA_CIPHER_WEP104;
826 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
827 } else if (sel & WPA_CIPHER_WEP40) {
828 wpa_s->group_cipher = WPA_CIPHER_WEP40;
829 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
831 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
835 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
836 if (sel & WPA_CIPHER_CCMP) {
837 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
838 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
839 } else if (sel & WPA_CIPHER_TKIP) {
840 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
841 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
842 } else if (sel & WPA_CIPHER_NONE) {
843 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
844 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
846 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
851 sel = ie.key_mgmt & ssid->key_mgmt;
853 #ifdef CONFIG_IEEE80211R
854 } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) {
855 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
856 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
857 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
858 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
859 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
860 #endif /* CONFIG_IEEE80211R */
861 #ifdef CONFIG_IEEE80211W
862 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
863 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
864 wpa_msg(wpa_s, MSG_DEBUG,
865 "WPA: using KEY_MGMT 802.1X with SHA256");
866 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
867 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
868 wpa_msg(wpa_s, MSG_DEBUG,
869 "WPA: using KEY_MGMT PSK with SHA256");
870 #endif /* CONFIG_IEEE80211W */
871 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
872 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
873 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
874 } else if (sel & WPA_KEY_MGMT_PSK) {
875 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
876 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
877 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
878 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
879 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
881 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
882 "key management type.");
886 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
887 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
888 wpa_s->pairwise_cipher);
889 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
891 #ifdef CONFIG_IEEE80211W
892 sel = ie.mgmt_group_cipher;
893 if (ssid->ieee80211w == NO_IEEE80211W ||
894 !(ie.capabilities & WPA_CAPABILITY_MFPC))
896 if (sel & WPA_CIPHER_AES_128_CMAC) {
897 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
898 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher "
901 wpa_s->mgmt_group_cipher = 0;
902 wpa_msg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
904 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
905 wpa_s->mgmt_group_cipher);
906 #endif /* CONFIG_IEEE80211W */
908 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
909 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
914 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK | WPA_KEY_MGMT_PSK_SHA256))
915 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
917 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
924 * wpa_supplicant_associate - Request association
925 * @wpa_s: Pointer to wpa_supplicant data
926 * @bss: Scan results for the selected BSS, or %NULL if not available
927 * @ssid: Configuration data for the selected network
929 * This function is used to request %wpa_supplicant to associate with a BSS.
931 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
932 struct wpa_scan_res *bss, struct wpa_ssid *ssid)
936 int use_crypt, ret, i;
937 int algs = AUTH_ALG_OPEN_SYSTEM;
938 wpa_cipher cipher_pairwise, cipher_group;
939 struct wpa_driver_associate_params params;
940 int wep_keys_set = 0;
941 struct wpa_driver_capa capa;
942 int assoc_failed = 0;
944 if (ssid->mode == 2) {
946 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
947 wpa_printf(MSG_INFO, "Driver does not support AP "
951 wpa_supplicant_create_ap(wpa_s, ssid);
952 #else /* CONFIG_AP */
953 wpa_printf(MSG_ERROR, "AP mode support not included in the "
955 #endif /* CONFIG_AP */
959 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) {
960 sme_authenticate(wpa_s, bss, ssid);
964 wpa_s->reassociate = 0;
966 #ifdef CONFIG_IEEE80211R
968 #endif /* CONFIG_IEEE80211R */
969 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
970 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
971 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
972 ie ? wpa_ssid_txt(ie + 2, ie[1]) : "", bss->freq);
973 os_memset(wpa_s->bssid, 0, ETH_ALEN);
974 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
975 #ifdef CONFIG_IEEE80211R
976 ie = wpa_scan_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
977 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
979 wpa_sm_set_ft_params(wpa_s->wpa, md, NULL, 0, NULL);
981 /* Prepare for the next transition */
982 wpa_ft_prepare_auth_request(wpa_s->wpa);
984 #endif /* CONFIG_IEEE80211R */
986 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
987 wpa_s->conf->ap_scan == 2 &&
988 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
989 /* Use ap_scan==1 style network selection to find the network
992 wpa_s->reassociate = 1;
993 wpa_supplicant_req_scan(wpa_s, 0, 0);
995 #endif /* CONFIG_WPS */
997 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
998 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
999 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
1001 wpa_supplicant_cancel_scan(wpa_s);
1003 /* Starting new association, so clear the possibly used WPA IE from the
1004 * previous association. */
1005 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
1007 if (wpa_drv_set_mode(wpa_s, ssid->mode)) {
1008 wpa_printf(MSG_WARNING, "Failed to set operating mode");
1012 #ifdef IEEE8021X_EAPOL
1013 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1015 if (ssid->non_leap == 0)
1016 algs = AUTH_ALG_LEAP;
1018 algs |= AUTH_ALG_LEAP;
1021 #endif /* IEEE8021X_EAPOL */
1022 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
1023 if (ssid->auth_alg) {
1025 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
1026 algs |= AUTH_ALG_OPEN_SYSTEM;
1027 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
1028 algs |= AUTH_ALG_SHARED_KEY;
1029 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
1030 algs |= AUTH_ALG_LEAP;
1031 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
1034 wpa_drv_set_auth_alg(wpa_s, algs);
1036 if (bss && (wpa_scan_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
1037 wpa_scan_get_ie(bss, WLAN_EID_RSN)) &&
1038 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK |
1039 WPA_KEY_MGMT_FT_IEEE8021X |
1040 WPA_KEY_MGMT_FT_PSK |
1041 WPA_KEY_MGMT_IEEE8021X_SHA256 |
1042 WPA_KEY_MGMT_PSK_SHA256))) {
1043 int try_opportunistic;
1044 try_opportunistic = ssid->proactive_key_caching &&
1045 (ssid->proto & WPA_PROTO_RSN);
1046 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
1047 wpa_s->current_ssid,
1048 try_opportunistic) == 0)
1049 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
1050 wpa_ie_len = sizeof(wpa_ie);
1051 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
1052 wpa_ie, &wpa_ie_len)) {
1053 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1054 "management and encryption suites");
1057 } else if (ssid->key_mgmt &
1058 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
1059 WPA_KEY_MGMT_WPA_NONE | WPA_KEY_MGMT_FT_PSK |
1060 WPA_KEY_MGMT_FT_IEEE8021X | WPA_KEY_MGMT_PSK_SHA256 |
1061 WPA_KEY_MGMT_IEEE8021X_SHA256)) {
1062 wpa_ie_len = sizeof(wpa_ie);
1063 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
1064 wpa_ie, &wpa_ie_len)) {
1065 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
1066 "management and encryption suites (no scan "
1071 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
1072 struct wpabuf *wps_ie;
1073 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
1074 if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) {
1075 wpa_ie_len = wpabuf_len(wps_ie);
1076 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
1079 wpabuf_free(wps_ie);
1080 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1081 #endif /* CONFIG_WPS */
1083 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1087 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
1089 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
1090 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
1091 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
1092 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1093 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
1095 if (wpa_set_wep_keys(wpa_s, ssid)) {
1100 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
1103 #ifdef IEEE8021X_EAPOL
1104 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
1105 if ((ssid->eapol_flags &
1106 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
1107 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
1111 /* Assume that dynamic WEP-104 keys will be used and
1112 * set cipher suites in order for drivers to expect
1114 cipher_pairwise = cipher_group = CIPHER_WEP104;
1117 #endif /* IEEE8021X_EAPOL */
1119 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1120 /* Set the key before (and later after) association */
1121 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1124 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
1125 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
1126 os_memset(¶ms, 0, sizeof(params));
1128 const u8 *ie = wpa_scan_get_ie(bss, WLAN_EID_SSID);
1129 params.bssid = bss->bssid;
1130 params.ssid = ie ? ie + 2 : (u8 *) "";
1131 params.ssid_len = ie ? ie[1] : 0;
1132 params.freq = bss->freq;
1134 params.ssid = ssid->ssid;
1135 params.ssid_len = ssid->ssid_len;
1137 if (ssid->mode == 1 && ssid->frequency > 0 && params.freq == 0)
1138 params.freq = ssid->frequency; /* Initial channel for IBSS */
1139 params.wpa_ie = wpa_ie;
1140 params.wpa_ie_len = wpa_ie_len;
1141 params.pairwise_suite = cipher_pairwise;
1142 params.group_suite = cipher_group;
1143 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
1144 params.auth_alg = algs;
1145 params.mode = ssid->mode;
1146 for (i = 0; i < NUM_WEP_KEYS; i++) {
1147 if (ssid->wep_key_len[i])
1148 params.wep_key[i] = ssid->wep_key[i];
1149 params.wep_key_len[i] = ssid->wep_key_len[i];
1151 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
1153 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) &&
1154 (params.key_mgmt_suite == KEY_MGMT_PSK ||
1155 params.key_mgmt_suite == KEY_MGMT_FT_PSK)) {
1156 params.passphrase = ssid->passphrase;
1158 params.psk = ssid->psk;
1161 params.drop_unencrypted = use_crypt;
1163 #ifdef CONFIG_IEEE80211W
1164 switch (ssid->ieee80211w) {
1166 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
1168 case IEEE80211W_OPTIONAL:
1169 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_OPTIONAL;
1171 case IEEE80211W_REQUIRED:
1172 params.mgmt_frame_protection = MGMT_FRAME_PROTECTION_REQUIRED;
1175 if (ssid->ieee80211w != NO_IEEE80211W && bss) {
1176 const u8 *rsn = wpa_scan_get_ie(bss, WLAN_EID_RSN);
1177 struct wpa_ie_data ie;
1178 if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
1180 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
1181 wpa_printf(MSG_DEBUG, "WPA: Selected AP supports MFP: "
1183 params.mgmt_frame_protection =
1184 MGMT_FRAME_PROTECTION_REQUIRED;
1187 #endif /* CONFIG_IEEE80211W */
1189 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1190 ret = ieee80211_sta_associate(wpa_s, ¶ms);
1192 ret = wpa_drv_associate(wpa_s, ¶ms);
1194 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
1196 /* try to continue anyway; new association will be tried again
1201 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
1202 /* Set the key after the association just in case association
1203 * cleared the previously configured key. */
1204 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
1205 /* No need to timeout authentication since there is no key
1207 wpa_supplicant_cancel_auth_timeout(wpa_s);
1208 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1209 #ifdef CONFIG_IBSS_RSN
1210 } else if (ssid->mode == IEEE80211_MODE_IBSS &&
1211 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
1212 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
1213 ibss_rsn_set_psk(wpa_s->ibss_rsn, ssid->psk);
1215 * RSN IBSS authentication is per-STA and we can disable the
1216 * per-BSSID authentication.
1218 wpa_supplicant_cancel_auth_timeout(wpa_s);
1219 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
1220 #endif /* CONFIG_IBSS_RSN */
1222 /* Timeout for IEEE 802.11 authentication and association */
1226 /* give IBSS a bit more time */
1227 timeout = ssid->mode ? 10 : 5;
1228 } else if (wpa_s->conf->ap_scan == 1) {
1229 /* give IBSS a bit more time */
1230 timeout = ssid->mode ? 20 : 10;
1232 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
1235 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
1236 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
1237 /* Set static WEP keys again */
1238 wpa_set_wep_keys(wpa_s, ssid);
1241 if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) {
1243 * Do not allow EAP session resumption between different
1244 * network configurations.
1246 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1248 wpa_s->current_ssid = ssid;
1249 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
1250 wpa_supplicant_initiate_eapol(wpa_s);
1255 * wpa_supplicant_disassociate - Disassociate the current connection
1256 * @wpa_s: Pointer to wpa_supplicant data
1257 * @reason_code: IEEE 802.11 reason code for the disassociate frame
1259 * This function is used to request %wpa_supplicant to disassociate with the
1262 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
1266 if (!is_zero_ether_addr(wpa_s->bssid)) {
1267 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1268 ieee80211_sta_disassociate(wpa_s, reason_code);
1270 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
1271 addr = wpa_s->bssid;
1273 wpa_clear_keys(wpa_s, addr);
1274 wpa_supplicant_mark_disassoc(wpa_s);
1275 wpa_s->current_ssid = NULL;
1276 wpa_sm_set_config(wpa_s->wpa, NULL);
1277 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1282 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
1283 * @wpa_s: Pointer to wpa_supplicant data
1284 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
1286 * This function is used to request %wpa_supplicant to deauthenticate from the
1289 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
1293 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
1294 if (!is_zero_ether_addr(wpa_s->bssid)) {
1295 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1296 ieee80211_sta_deauthenticate(wpa_s, reason_code);
1298 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid,
1300 addr = wpa_s->bssid;
1302 wpa_clear_keys(wpa_s, addr);
1303 wpa_s->current_ssid = NULL;
1304 wpa_sm_set_config(wpa_s->wpa, NULL);
1305 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1306 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1307 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1311 static int wpa_supplicant_get_scan_results_old(struct wpa_supplicant *wpa_s)
1313 #define SCAN_AP_LIMIT 128
1314 struct wpa_scan_result *results;
1316 struct wpa_scan_results *res;
1318 results = os_malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
1319 if (results == NULL) {
1320 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
1325 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
1326 wpa_printf(MSG_DEBUG, "Scan results: %d", num);
1328 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1332 if (num > SCAN_AP_LIMIT) {
1333 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
1334 num, SCAN_AP_LIMIT);
1335 num = SCAN_AP_LIMIT;
1338 wpa_scan_results_free(wpa_s->scan_res);
1339 wpa_s->scan_res = NULL;
1341 /* Convert old scan result data structure to the new one */
1342 res = os_zalloc(sizeof(*res));
1347 res->res = os_zalloc(num * sizeof(struct wpa_scan_res *));
1348 if (res->res == NULL) {
1354 for (i = 0; i < num; i++) {
1355 struct wpa_scan_result *bss = &results[i];
1356 struct wpa_scan_res *r;
1360 ie_len = 2 + bss->ssid_len + bss->rsn_ie_len + bss->wpa_ie_len;
1363 if (bss->mdie_present)
1366 r = os_zalloc(sizeof(*r) + ie_len);
1370 os_memcpy(r->bssid, bss->bssid, ETH_ALEN);
1371 r->freq = bss->freq;
1372 r->caps = bss->caps;
1373 r->qual = bss->qual;
1374 r->noise = bss->noise;
1375 r->level = bss->level;
1379 pos = (u8 *) (r + 1);
1382 *pos++ = WLAN_EID_SSID;
1383 *pos++ = bss->ssid_len;
1384 os_memcpy(pos, bss->ssid, bss->ssid_len);
1385 pos += bss->ssid_len;
1388 /* Fake Supported Rate IE to include max rate */
1389 *pos++ = WLAN_EID_SUPP_RATES;
1391 *pos++ = bss->maxrate;
1394 if (bss->rsn_ie_len) {
1395 os_memcpy(pos, bss->rsn_ie, bss->rsn_ie_len);
1396 pos += bss->rsn_ie_len;
1399 if (bss->mdie_present) {
1400 os_memcpy(pos, bss->mdie, 5);
1404 if (bss->wpa_ie_len) {
1405 os_memcpy(pos, bss->wpa_ie, bss->wpa_ie_len);
1406 pos += bss->wpa_ie_len;
1409 res->res[res->num++] = r;
1413 wpa_s->scan_res = res;
1420 * wpa_supplicant_get_scan_results - Get scan results
1421 * @wpa_s: Pointer to wpa_supplicant data
1422 * Returns: 0 on success, -1 on failure
1424 * This function is request the current scan results from the driver and stores
1425 * a local copy of the results in wpa_s->scan_res.
1427 int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
1431 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1432 wpa_scan_results_free(wpa_s->scan_res);
1433 wpa_s->scan_res = ieee80211_sta_get_scan_results(wpa_s);
1434 if (wpa_s->scan_res == NULL) {
1435 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1439 } else if (wpa_s->driver->get_scan_results2 == NULL)
1440 ret = wpa_supplicant_get_scan_results_old(wpa_s);
1442 wpa_scan_results_free(wpa_s->scan_res);
1443 wpa_s->scan_res = wpa_drv_get_scan_results2(wpa_s);
1444 if (wpa_s->scan_res == NULL) {
1445 wpa_printf(MSG_DEBUG, "Failed to get scan results");
1451 if (wpa_s->scan_res)
1452 wpa_scan_sort_results(wpa_s->scan_res);
1459 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
1460 * @wpa_s: Pointer to wpa_supplicant data
1461 * Returns: A pointer to the current network structure or %NULL on failure
1463 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
1465 struct wpa_ssid *entry;
1466 u8 ssid[MAX_SSID_LEN];
1472 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1473 if (ieee80211_sta_get_ssid(wpa_s, ssid, &ssid_len)) {
1474 wpa_printf(MSG_WARNING, "Could not read SSID from "
1479 res = wpa_drv_get_ssid(wpa_s, ssid);
1481 wpa_printf(MSG_WARNING, "Could not read SSID from "
1488 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME)
1489 os_memcpy(bssid, wpa_s->bssid, ETH_ALEN);
1490 else if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
1491 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
1495 wired = wpa_s->conf->ap_scan == 0 &&
1496 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
1498 entry = wpa_s->conf->ssid;
1500 if (!entry->disabled &&
1501 ((ssid_len == entry->ssid_len &&
1502 os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) &&
1503 (!entry->bssid_set ||
1504 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1507 if (!entry->disabled &&
1508 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
1509 (entry->ssid == NULL || entry->ssid_len == 0) &&
1510 (!entry->bssid_set ||
1511 os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
1513 #endif /* CONFIG_WPS */
1514 entry = entry->next;
1521 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
1531 if (wpa_supplicant_drivers[0] == NULL) {
1532 wpa_printf(MSG_ERROR, "No driver interfaces build into "
1538 /* default to first driver in the list */
1539 wpa_s->driver = wpa_supplicant_drivers[0];
1543 pos = os_strchr(name, ',');
1547 len = os_strlen(name);
1548 for (i = 0; wpa_supplicant_drivers[i]; i++) {
1549 if (os_strlen(wpa_supplicant_drivers[i]->name) == len &&
1550 os_strncmp(name, wpa_supplicant_drivers[i]->name, len) ==
1552 wpa_s->driver = wpa_supplicant_drivers[i];
1557 wpa_printf(MSG_ERROR, "Unsupported driver '%s'.", name);
1562 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
1563 const u8 *buf, size_t len)
1565 struct wpa_supplicant *wpa_s = ctx;
1567 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
1568 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
1570 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
1571 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
1572 "no key management is configured");
1576 if (wpa_s->eapol_received == 0 &&
1577 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) ||
1578 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1579 wpa_s->wpa_state != WPA_COMPLETED)) {
1580 /* Timeout for completing IEEE 802.1X and WPA authentication */
1581 wpa_supplicant_req_auth_timeout(
1583 (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
1584 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
1585 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ?
1588 wpa_s->eapol_received++;
1590 if (wpa_s->countermeasures) {
1591 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
1596 #ifdef CONFIG_IBSS_RSN
1597 if (wpa_s->current_ssid &&
1598 wpa_s->current_ssid->mode == IEEE80211_MODE_IBSS) {
1599 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len);
1602 #endif /* CONFIG_IBSS_RSN */
1604 /* Source address of the incoming EAPOL frame could be compared to the
1605 * current BSSID. However, it is possible that a centralized
1606 * Authenticator could be using another MAC address than the BSSID of
1607 * an AP, so just allow any address to be used for now. The replies are
1608 * still sent to the current BSSID (if available), though. */
1610 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
1611 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
1612 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
1614 wpa_drv_poll(wpa_s);
1615 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE))
1616 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
1617 else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
1619 * Set portValid = TRUE here since we are going to skip 4-way
1620 * handshake processing which would normally set portValid. We
1621 * need this to allow the EAPOL state machines to be completed
1622 * without going through EAPOL-Key handshake.
1624 eapol_sm_notify_portValid(wpa_s->eapol, TRUE);
1629 void wpa_supplicant_sta_free_hw_features(struct wpa_hw_modes *hw_features,
1630 size_t num_hw_features)
1632 ieee80211_sta_free_hw_features(hw_features, num_hw_features);
1636 void wpa_supplicant_sta_rx(void *ctx, const u8 *buf, size_t len,
1637 struct ieee80211_rx_status *rx_status)
1639 struct wpa_supplicant *wpa_s = ctx;
1640 ieee80211_sta_rx(wpa_s, buf, len, rx_status);
1645 * wpa_supplicant_driver_init - Initialize driver interface parameters
1646 * @wpa_s: Pointer to wpa_supplicant data
1647 * Returns: 0 on success, -1 on failure
1649 * This function is called to initialize driver interface parameters.
1650 * wpa_drv_init() must have been called before this function to initialize the
1653 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
1655 static int interface_count = 0;
1657 if (wpa_s->driver->send_eapol) {
1658 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
1660 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
1662 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
1663 wpa_drv_get_mac_addr(wpa_s),
1665 wpa_supplicant_rx_eapol, wpa_s, 0);
1666 if (wpa_s->l2 == NULL)
1670 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
1671 wpa_printf(MSG_ERROR, "Failed to get own L2 address");
1675 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
1676 MAC2STR(wpa_s->own_addr));
1678 if (wpa_s->bridge_ifname[0]) {
1679 wpa_printf(MSG_DEBUG, "Receiving packets from bridge interface"
1680 " '%s'", wpa_s->bridge_ifname);
1681 wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname,
1684 wpa_supplicant_rx_eapol, wpa_s,
1686 if (wpa_s->l2_br == NULL) {
1687 wpa_printf(MSG_ERROR, "Failed to open l2_packet "
1688 "connection for the bridge interface '%s'",
1689 wpa_s->bridge_ifname);
1694 /* Backwards compatibility call to set_wpa() handler. This is called
1695 * only just after init and just before deinit, so these handler can be
1696 * used to implement same functionality. */
1697 if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
1698 struct wpa_driver_capa capa;
1699 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
1700 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
1701 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
1702 wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
1703 /* Continue to allow non-WPA modes to be used. */
1705 wpa_printf(MSG_ERROR, "Failed to enable WPA in the "
1711 wpa_clear_keys(wpa_s, NULL);
1713 /* Make sure that TKIP countermeasures are not left enabled (could
1714 * happen if wpa_supplicant is killed during countermeasures. */
1715 wpa_drv_set_countermeasures(wpa_s, 0);
1717 wpa_drv_set_drop_unencrypted(wpa_s, 1);
1719 wpa_printf(MSG_DEBUG, "RSN: flushing PMKID list in the driver");
1720 wpa_drv_flush_pmkid(wpa_s);
1722 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
1723 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
1730 static int wpa_supplicant_daemon(const char *pid_file)
1732 wpa_printf(MSG_DEBUG, "Daemonize..");
1733 return os_daemonize(pid_file);
1737 static struct wpa_supplicant * wpa_supplicant_alloc(void)
1739 struct wpa_supplicant *wpa_s;
1741 wpa_s = os_zalloc(sizeof(*wpa_s));
1744 wpa_s->scan_req = 1;
1750 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
1751 struct wpa_interface *iface)
1753 const char *ifname, *driver;
1754 struct wpa_driver_capa capa;
1756 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
1757 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
1758 iface->confname ? iface->confname : "N/A",
1759 iface->driver ? iface->driver : "default",
1760 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
1761 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
1763 if (iface->confname) {
1764 #ifdef CONFIG_BACKEND_FILE
1765 wpa_s->confname = os_rel2abs_path(iface->confname);
1766 if (wpa_s->confname == NULL) {
1767 wpa_printf(MSG_ERROR, "Failed to get absolute path "
1768 "for configuration file '%s'.",
1772 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
1773 iface->confname, wpa_s->confname);
1774 #else /* CONFIG_BACKEND_FILE */
1775 wpa_s->confname = os_strdup(iface->confname);
1776 #endif /* CONFIG_BACKEND_FILE */
1777 wpa_s->conf = wpa_config_read(wpa_s->confname);
1778 if (wpa_s->conf == NULL) {
1779 wpa_printf(MSG_ERROR, "Failed to read or parse "
1780 "configuration '%s'.", wpa_s->confname);
1785 * Override ctrl_interface and driver_param if set on command
1788 if (iface->ctrl_interface) {
1789 os_free(wpa_s->conf->ctrl_interface);
1790 wpa_s->conf->ctrl_interface =
1791 os_strdup(iface->ctrl_interface);
1794 if (iface->driver_param) {
1795 os_free(wpa_s->conf->driver_param);
1796 wpa_s->conf->driver_param =
1797 os_strdup(iface->driver_param);
1800 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
1801 iface->driver_param);
1803 if (wpa_s->conf == NULL) {
1804 wpa_printf(MSG_ERROR, "\nNo configuration found.");
1808 if (iface->ifname == NULL) {
1809 wpa_printf(MSG_ERROR, "\nInterface name is required.");
1812 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
1813 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
1817 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
1819 if (iface->bridge_ifname) {
1820 if (os_strlen(iface->bridge_ifname) >=
1821 sizeof(wpa_s->bridge_ifname)) {
1822 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
1823 "name '%s'.", iface->bridge_ifname);
1826 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
1827 sizeof(wpa_s->bridge_ifname));
1830 /* RSNA Supplicant Key Management - INITIALIZE */
1831 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
1832 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
1834 /* Initialize driver interface and register driver event handler before
1835 * L2 receive handler so that association events are processed before
1836 * EAPOL-Key packets if both become available for the same select()
1838 driver = iface->driver;
1840 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
1843 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
1844 if (wpa_s->drv_priv == NULL) {
1846 pos = os_strchr(driver, ',');
1848 wpa_printf(MSG_DEBUG, "Failed to initialize driver "
1849 "interface - try next driver wrapper");
1853 wpa_printf(MSG_ERROR, "Failed to initialize driver interface");
1856 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
1857 wpa_printf(MSG_ERROR, "Driver interface rejected "
1858 "driver_param '%s'", wpa_s->conf->driver_param);
1862 ifname = wpa_drv_get_ifname(wpa_s);
1863 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
1864 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
1865 "name with '%s'", ifname);
1866 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
1869 if (wpa_supplicant_init_wpa(wpa_s) < 0)
1872 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
1873 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
1875 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1877 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
1878 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
1879 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
1880 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1881 "dot11RSNAConfigPMKLifetime");
1885 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
1886 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
1887 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
1888 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1889 "dot11RSNAConfigPMKReauthThreshold");
1893 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
1894 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
1895 wpa_s->conf->dot11RSNAConfigSATimeout)) {
1896 wpa_printf(MSG_ERROR, "Invalid WPA parameter value for "
1897 "dot11RSNAConfigSATimeout");
1901 if (wpa_supplicant_driver_init(wpa_s) < 0)
1904 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
1905 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
1906 wpa_printf(MSG_DEBUG, "Failed to set country");
1910 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
1912 if (wpas_wps_init(wpa_s))
1915 if (wpa_supplicant_init_eapol(wpa_s) < 0)
1917 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
1919 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1920 if (wpa_s->ctrl_iface == NULL) {
1921 wpa_printf(MSG_ERROR,
1922 "Failed to initialize control interface '%s'.\n"
1923 "You may have another wpa_supplicant process "
1924 "already running or the file was\n"
1925 "left by an unclean termination of wpa_supplicant "
1926 "in which case you will need\n"
1927 "to manually remove this file before starting "
1928 "wpa_supplicant again.\n",
1929 wpa_s->conf->ctrl_interface);
1933 if (wpa_drv_get_capa(wpa_s, &capa) == 0) {
1934 wpa_s->drv_flags = capa.flags;
1935 if (capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) {
1936 if (ieee80211_sta_init(wpa_s))
1939 wpa_s->max_scan_ssids = capa.max_scan_ssids;
1942 #ifdef CONFIG_IBSS_RSN
1943 wpa_s->ibss_rsn = ibss_rsn_init(wpa_s);
1944 if (!wpa_s->ibss_rsn) {
1945 wpa_printf(MSG_DEBUG, "Failed to init IBSS RSN");
1948 #endif /* CONFIG_IBSS_RSN */
1954 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
1956 if (wpa_s->drv_priv) {
1957 wpa_supplicant_deauthenticate(wpa_s,
1958 WLAN_REASON_DEAUTH_LEAVING);
1960 /* Backwards compatibility call to set_wpa() handler. This is
1961 * called only just after init and just before deinit, so these
1962 * handler can be used to implement same functionality. */
1963 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
1964 wpa_printf(MSG_ERROR, "Failed to disable WPA in the "
1968 wpa_drv_set_drop_unencrypted(wpa_s, 0);
1969 wpa_drv_set_countermeasures(wpa_s, 0);
1970 wpa_clear_keys(wpa_s, NULL);
1973 wpas_dbus_unregister_iface(wpa_s);
1975 wpa_supplicant_cleanup(wpa_s);
1977 if (wpa_s->drv_priv)
1978 wpa_drv_deinit(wpa_s);
1983 * wpa_supplicant_add_iface - Add a new network interface
1984 * @global: Pointer to global data from wpa_supplicant_init()
1985 * @iface: Interface configuration options
1986 * Returns: Pointer to the created interface or %NULL on failure
1988 * This function is used to add new network interfaces for %wpa_supplicant.
1989 * This can be called before wpa_supplicant_run() to add interfaces before the
1990 * main event loop has been started. In addition, new interfaces can be added
1991 * dynamically while %wpa_supplicant is already running. This could happen,
1992 * e.g., when a hotplug network adapter is inserted.
1994 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
1995 struct wpa_interface *iface)
1997 struct wpa_supplicant *wpa_s;
1999 if (global == NULL || iface == NULL)
2002 wpa_s = wpa_supplicant_alloc();
2006 if (wpa_supplicant_init_iface(wpa_s, iface)) {
2007 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
2009 wpa_supplicant_deinit_iface(wpa_s);
2014 wpa_s->global = global;
2016 /* Register the interface with the dbus control interface */
2017 if (wpas_dbus_register_iface(wpa_s)) {
2018 wpa_supplicant_deinit_iface(wpa_s);
2023 wpa_s->next = global->ifaces;
2024 global->ifaces = wpa_s;
2026 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
2033 * wpa_supplicant_remove_iface - Remove a network interface
2034 * @global: Pointer to global data from wpa_supplicant_init()
2035 * @wpa_s: Pointer to the network interface to be removed
2036 * Returns: 0 if interface was removed, -1 if interface was not found
2038 * This function can be used to dynamically remove network interfaces from
2039 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
2040 * addition, this function is used to remove all remaining interfaces when
2041 * %wpa_supplicant is terminated.
2043 int wpa_supplicant_remove_iface(struct wpa_global *global,
2044 struct wpa_supplicant *wpa_s)
2046 struct wpa_supplicant *prev;
2048 /* Remove interface from the global list of interfaces */
2049 prev = global->ifaces;
2050 if (prev == wpa_s) {
2051 global->ifaces = wpa_s->next;
2053 while (prev && prev->next != wpa_s)
2057 prev->next = wpa_s->next;
2060 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
2062 wpa_supplicant_deinit_iface(wpa_s);
2070 * wpa_supplicant_get_iface - Get a new network interface
2071 * @global: Pointer to global data from wpa_supplicant_init()
2072 * @ifname: Interface name
2073 * Returns: Pointer to the interface or %NULL if not found
2075 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
2078 struct wpa_supplicant *wpa_s;
2080 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
2081 if (os_strcmp(wpa_s->ifname, ifname) == 0)
2089 * wpa_supplicant_init - Initialize %wpa_supplicant
2090 * @params: Parameters for %wpa_supplicant
2091 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
2093 * This function is used to initialize %wpa_supplicant. After successful
2094 * initialization, the returned data pointer can be used to add and remove
2095 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
2097 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
2099 struct wpa_global *global;
2105 wpa_debug_open_file(params->wpa_debug_file_path);
2106 if (params->wpa_debug_syslog)
2107 wpa_debug_open_syslog();
2109 ret = eap_peer_register_methods();
2111 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
2113 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
2114 "the same EAP type.");
2118 global = os_zalloc(sizeof(*global));
2121 global->params.daemonize = params->daemonize;
2122 global->params.wait_for_monitor = params->wait_for_monitor;
2123 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
2124 if (params->pid_file)
2125 global->params.pid_file = os_strdup(params->pid_file);
2126 if (params->ctrl_interface)
2127 global->params.ctrl_interface =
2128 os_strdup(params->ctrl_interface);
2129 wpa_debug_level = global->params.wpa_debug_level =
2130 params->wpa_debug_level;
2131 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
2132 params->wpa_debug_show_keys;
2133 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
2134 params->wpa_debug_timestamp;
2136 if (eloop_init(global)) {
2137 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
2138 wpa_supplicant_deinit(global);
2142 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
2143 if (global->ctrl_iface == NULL) {
2144 wpa_supplicant_deinit(global);
2148 if (global->params.dbus_ctrl_interface) {
2149 global->dbus_ctrl_iface =
2150 wpa_supplicant_dbus_ctrl_iface_init(global);
2151 if (global->dbus_ctrl_iface == NULL) {
2152 wpa_supplicant_deinit(global);
2157 for (i = 0; wpa_supplicant_drivers[i]; i++)
2158 global->drv_count++;
2159 if (global->drv_count == 0) {
2160 wpa_printf(MSG_ERROR, "No drivers enabled");
2161 wpa_supplicant_deinit(global);
2164 global->drv_priv = os_zalloc(global->drv_count * sizeof(void *));
2165 if (global->drv_priv == NULL) {
2166 wpa_supplicant_deinit(global);
2169 for (i = 0; wpa_supplicant_drivers[i]; i++) {
2170 if (!wpa_supplicant_drivers[i]->global_init)
2172 global->drv_priv[i] = wpa_supplicant_drivers[i]->global_init();
2173 if (global->drv_priv[i] == NULL) {
2174 wpa_printf(MSG_ERROR, "Failed to initialize driver "
2175 "'%s'", wpa_supplicant_drivers[i]->name);
2176 wpa_supplicant_deinit(global);
2186 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
2187 * @global: Pointer to global data from wpa_supplicant_init()
2188 * Returns: 0 after successful event loop run, -1 on failure
2190 * This function starts the main event loop and continues running as long as
2191 * there are any remaining events. In most cases, this function is running as
2192 * long as the %wpa_supplicant process in still in use.
2194 int wpa_supplicant_run(struct wpa_global *global)
2196 struct wpa_supplicant *wpa_s;
2198 if (global->params.daemonize &&
2199 wpa_supplicant_daemon(global->params.pid_file))
2202 if (global->params.wait_for_monitor) {
2203 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
2204 if (wpa_s->ctrl_iface)
2205 wpa_supplicant_ctrl_iface_wait(
2209 eloop_register_signal_terminate(wpa_supplicant_terminate, NULL);
2210 eloop_register_signal_reconfig(wpa_supplicant_reconfig, NULL);
2219 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
2220 * @global: Pointer to global data from wpa_supplicant_init()
2222 * This function is called to deinitialize %wpa_supplicant and to free all
2223 * allocated resources. Remaining network interfaces will also be removed.
2225 void wpa_supplicant_deinit(struct wpa_global *global)
2232 while (global->ifaces)
2233 wpa_supplicant_remove_iface(global, global->ifaces);
2235 if (global->ctrl_iface)
2236 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
2237 if (global->dbus_ctrl_iface)
2238 wpa_supplicant_dbus_ctrl_iface_deinit(global->dbus_ctrl_iface);
2240 eap_peer_unregister_methods();
2242 for (i = 0; wpa_supplicant_drivers[i] && global->drv_priv; i++) {
2243 if (!global->drv_priv[i])
2245 wpa_supplicant_drivers[i]->global_deinit(global->drv_priv[i]);
2247 os_free(global->drv_priv);
2251 if (global->params.pid_file) {
2252 os_daemonize_terminate(global->params.pid_file);
2253 os_free(global->params.pid_file);
2255 os_free(global->params.ctrl_interface);
2258 wpa_debug_close_syslog();
2259 wpa_debug_close_file();