1 /* 2 * WPA Supplicant 3 * Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi> 4 * 5 * This software may be distributed under the terms of the BSD license. 6 * See README for more details. 7 * 8 * This file implements functions for registering and unregistering 9 * %wpa_supplicant interfaces. In addition, this file contains number of 10 * functions for managing network connections. 11 */ 12 13 #include "includes.h" 14 #ifdef CONFIG_MATCH_IFACE 15 #include <net/if.h> 16 #include <fnmatch.h> 17 #endif /* CONFIG_MATCH_IFACE */ 18 19 #include "common.h" 20 #include "crypto/crypto.h" 21 #include "crypto/random.h" 22 #include "crypto/sha1.h" 23 #include "eapol_supp/eapol_supp_sm.h" 24 #include "eap_peer/eap.h" 25 #include "eap_peer/eap_proxy.h" 26 #include "eap_server/eap_methods.h" 27 #include "rsn_supp/wpa.h" 28 #include "eloop.h" 29 #include "config.h" 30 #include "utils/ext_password.h" 31 #include "l2_packet/l2_packet.h" 32 #include "wpa_supplicant_i.h" 33 #include "driver_i.h" 34 #include "ctrl_iface.h" 35 #include "pcsc_funcs.h" 36 #include "common/version.h" 37 #include "rsn_supp/preauth.h" 38 #include "rsn_supp/pmksa_cache.h" 39 #include "common/wpa_ctrl.h" 40 #include "common/ieee802_11_common.h" 41 #include "common/ieee802_11_defs.h" 42 #include "common/hw_features_common.h" 43 #include "common/gas_server.h" 44 #include "common/dpp.h" 45 #include "common/ptksa_cache.h" 46 #include "p2p/p2p.h" 47 #include "fst/fst.h" 48 #include "bssid_ignore.h" 49 #include "wpas_glue.h" 50 #include "wps_supplicant.h" 51 #include "ibss_rsn.h" 52 #include "sme.h" 53 #include "gas_query.h" 54 #include "ap.h" 55 #include "p2p_supplicant.h" 56 #include "wifi_display.h" 57 #include "notify.h" 58 #include "bgscan.h" 59 #include "autoscan.h" 60 #include "bss.h" 61 #include "scan.h" 62 #include "offchannel.h" 63 #include "hs20_supplicant.h" 64 #include "wnm_sta.h" 65 #include "wpas_kay.h" 66 #include "mesh.h" 67 #include "dpp_supplicant.h" 68 #include "nan_usd.h" 69 #ifdef CONFIG_MESH 70 #include "ap/ap_config.h" 71 #include "ap/hostapd.h" 72 #endif /* CONFIG_MESH */ 73 74 const char *const wpa_supplicant_version = 75 "wpa_supplicant v" VERSION_STR "\n" 76 "Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi> and contributors"; 77 78 const char *const wpa_supplicant_license = 79 "This software may be distributed under the terms of the BSD license.\n" 80 "See README for more details.\n" 81 #ifdef EAP_TLS_OPENSSL 82 "\nThis product includes software developed by the OpenSSL Project\n" 83 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" 84 #endif /* EAP_TLS_OPENSSL */ 85 ; 86 87 #ifndef CONFIG_NO_STDOUT_DEBUG 88 /* Long text divided into parts in order to fit in C89 strings size limits. */ 89 const char *const wpa_supplicant_full_license1 = 90 ""; 91 const char *const wpa_supplicant_full_license2 = 92 "This software may be distributed under the terms of the BSD license.\n" 93 "\n" 94 "Redistribution and use in source and binary forms, with or without\n" 95 "modification, are permitted provided that the following conditions are\n" 96 "met:\n" 97 "\n"; 98 const char *const wpa_supplicant_full_license3 = 99 "1. Redistributions of source code must retain the above copyright\n" 100 " notice, this list of conditions and the following disclaimer.\n" 101 "\n" 102 "2. Redistributions in binary form must reproduce the above copyright\n" 103 " notice, this list of conditions and the following disclaimer in the\n" 104 " documentation and/or other materials provided with the distribution.\n" 105 "\n"; 106 const char *const wpa_supplicant_full_license4 = 107 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" 108 " names of its contributors may be used to endorse or promote products\n" 109 " derived from this software without specific prior written permission.\n" 110 "\n" 111 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" 112 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" 113 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" 114 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; 115 const char *const wpa_supplicant_full_license5 = 116 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" 117 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" 118 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" 119 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" 120 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" 121 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" 122 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" 123 "\n"; 124 #endif /* CONFIG_NO_STDOUT_DEBUG */ 125 126 127 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx); 128 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx); 129 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 130 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s); 131 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 132 #ifdef CONFIG_OWE 133 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s); 134 #endif /* CONFIG_OWE */ 135 136 137 #ifdef CONFIG_WEP 138 /* Configure default/group WEP keys for static WEP */ wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)139 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 140 { 141 int i, set = 0; 142 143 for (i = 0; i < NUM_WEP_KEYS; i++) { 144 if (ssid->wep_key_len[i] == 0) 145 continue; 146 147 set = 1; 148 wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL, 149 i, i == ssid->wep_tx_keyidx, NULL, 0, 150 ssid->wep_key[i], ssid->wep_key_len[i], 151 i == ssid->wep_tx_keyidx ? 152 KEY_FLAG_GROUP_RX_TX_DEFAULT : 153 KEY_FLAG_GROUP_RX_TX); 154 } 155 156 return set; 157 } 158 #endif /* CONFIG_WEP */ 159 160 wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)161 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, 162 struct wpa_ssid *ssid) 163 { 164 u8 key[32]; 165 size_t keylen; 166 enum wpa_alg alg; 167 u8 seq[6] = { 0 }; 168 int ret; 169 170 /* IBSS/WPA-None uses only one key (Group) for both receiving and 171 * sending unicast and multicast packets. */ 172 173 if (ssid->mode != WPAS_MODE_IBSS) { 174 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " 175 "IBSS/ad-hoc) for WPA-None", ssid->mode); 176 return -1; 177 } 178 179 if (!ssid->psk_set) { 180 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " 181 "WPA-None"); 182 return -1; 183 } 184 185 switch (wpa_s->group_cipher) { 186 case WPA_CIPHER_CCMP: 187 os_memcpy(key, ssid->psk, 16); 188 keylen = 16; 189 alg = WPA_ALG_CCMP; 190 break; 191 case WPA_CIPHER_GCMP: 192 os_memcpy(key, ssid->psk, 16); 193 keylen = 16; 194 alg = WPA_ALG_GCMP; 195 break; 196 case WPA_CIPHER_TKIP: 197 /* WPA-None uses the same Michael MIC key for both TX and RX */ 198 os_memcpy(key, ssid->psk, 16 + 8); 199 os_memcpy(key + 16 + 8, ssid->psk + 16, 8); 200 keylen = 32; 201 alg = WPA_ALG_TKIP; 202 break; 203 default: 204 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " 205 "WPA-None", wpa_s->group_cipher); 206 return -1; 207 } 208 209 /* TODO: should actually remember the previously used seq#, both for TX 210 * and RX from each STA.. */ 211 212 ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen, 213 KEY_FLAG_GROUP_RX_TX_DEFAULT); 214 os_memset(key, 0, sizeof(key)); 215 return ret; 216 } 217 218 wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)219 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) 220 { 221 struct wpa_supplicant *wpa_s = eloop_ctx; 222 const u8 *bssid = wpa_s->bssid; 223 if (!is_zero_ether_addr(wpa_s->pending_bssid) && 224 (wpa_s->wpa_state == WPA_AUTHENTICATING || 225 wpa_s->wpa_state == WPA_ASSOCIATING)) 226 bssid = wpa_s->pending_bssid; 227 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", 228 MAC2STR(bssid)); 229 wpa_bssid_ignore_add(wpa_s, bssid); 230 wpa_sm_notify_disassoc(wpa_s->wpa); 231 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 232 wpa_s->reassociate = 1; 233 234 /* 235 * If we timed out, the AP or the local radio may be busy. 236 * So, wait a second until scanning again. 237 */ 238 wpa_supplicant_req_scan(wpa_s, 1, 0); 239 } 240 241 242 /** 243 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication 244 * @wpa_s: Pointer to wpa_supplicant data 245 * @sec: Number of seconds after which to time out authentication 246 * @usec: Number of microseconds after which to time out authentication 247 * 248 * This function is used to schedule a timeout for the current authentication 249 * attempt. 250 */ wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)251 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, 252 int sec, int usec) 253 { 254 if (wpa_s->conf->ap_scan == 0 && 255 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) 256 return; 257 258 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " 259 "%d usec", sec, usec); 260 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 261 wpa_s->last_auth_timeout_sec = sec; 262 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); 263 } 264 265 266 /* 267 * wpas_auth_timeout_restart - Restart and change timeout for authentication 268 * @wpa_s: Pointer to wpa_supplicant data 269 * @sec_diff: difference in seconds applied to original timeout value 270 */ wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)271 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff) 272 { 273 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff; 274 275 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) { 276 wpa_dbg(wpa_s, MSG_DEBUG, 277 "Authentication timeout restart: %d sec", new_sec); 278 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 279 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout, 280 wpa_s, NULL); 281 } 282 } 283 284 285 /** 286 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout 287 * @wpa_s: Pointer to wpa_supplicant data 288 * 289 * This function is used to cancel authentication timeout scheduled with 290 * wpa_supplicant_req_auth_timeout() and it is called when authentication has 291 * been completed. 292 */ wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)293 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) 294 { 295 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); 296 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 297 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid); 298 os_free(wpa_s->last_con_fail_realm); 299 wpa_s->last_con_fail_realm = NULL; 300 wpa_s->last_con_fail_realm_len = 0; 301 } 302 303 304 /** 305 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine 306 * @wpa_s: Pointer to wpa_supplicant data 307 * 308 * This function is used to configure EAPOL state machine based on the selected 309 * authentication mode. 310 */ wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)311 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) 312 { 313 #ifdef IEEE8021X_EAPOL 314 struct eapol_config eapol_conf; 315 struct wpa_ssid *ssid = wpa_s->current_ssid; 316 317 #ifdef CONFIG_IBSS_RSN 318 if (ssid->mode == WPAS_MODE_IBSS && 319 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 320 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 321 /* 322 * RSN IBSS authentication is per-STA and we can disable the 323 * per-BSSID EAPOL authentication. 324 */ 325 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 326 eapol_sm_notify_eap_success(wpa_s->eapol, true); 327 eapol_sm_notify_eap_fail(wpa_s->eapol, false); 328 return; 329 } 330 #endif /* CONFIG_IBSS_RSN */ 331 332 eapol_sm_notify_eap_success(wpa_s->eapol, false); 333 eapol_sm_notify_eap_fail(wpa_s->eapol, false); 334 335 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 336 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) 337 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); 338 else 339 eapol_sm_notify_portControl(wpa_s->eapol, Auto); 340 341 os_memset(&eapol_conf, 0, sizeof(eapol_conf)); 342 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 343 eapol_conf.accept_802_1x_keys = 1; 344 eapol_conf.required_keys = 0; 345 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { 346 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; 347 } 348 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { 349 eapol_conf.required_keys |= 350 EAPOL_REQUIRE_KEY_BROADCAST; 351 } 352 353 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) 354 eapol_conf.required_keys = 0; 355 } 356 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; 357 eapol_conf.workaround = ssid->eap_workaround; 358 eapol_conf.eap_disabled = 359 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && 360 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && 361 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; 362 eapol_conf.external_sim = wpa_s->conf->external_sim; 363 364 #ifdef CONFIG_WPS 365 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 366 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE; 367 if (wpa_s->current_bss) { 368 struct wpabuf *ie; 369 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss, 370 WPS_IE_VENDOR_TYPE); 371 if (ie) { 372 if (wps_is_20(ie)) 373 eapol_conf.wps |= 374 EAPOL_PEER_IS_WPS20_AP; 375 wpabuf_free(ie); 376 } 377 } 378 } 379 #endif /* CONFIG_WPS */ 380 381 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); 382 383 #ifdef CONFIG_MACSEC 384 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set) 385 ieee802_1x_create_preshared_mka(wpa_s, ssid); 386 else 387 ieee802_1x_alloc_kay_sm(wpa_s, ssid); 388 #endif /* CONFIG_MACSEC */ 389 #endif /* IEEE8021X_EAPOL */ 390 } 391 392 393 /** 394 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode 395 * @wpa_s: Pointer to wpa_supplicant data 396 * @ssid: Configuration data for the network 397 * 398 * This function is used to configure WPA state machine and related parameters 399 * to a mode where WPA is not enabled. This is called as part of the 400 * authentication configuration when the selected network does not use WPA. 401 */ wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)402 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, 403 struct wpa_ssid *ssid) 404 { 405 #ifdef CONFIG_WEP 406 int i; 407 #endif /* CONFIG_WEP */ 408 struct wpa_sm_mlo mlo; 409 410 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) 411 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; 412 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) 413 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; 414 else 415 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; 416 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); 417 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); 418 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0); 419 wpa_sm_set_ap_rsne_override(wpa_s->wpa, NULL, 0); 420 wpa_sm_set_ap_rsne_override_2(wpa_s->wpa, NULL, 0); 421 wpa_sm_set_ap_rsnxe_override(wpa_s->wpa, NULL, 0); 422 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 423 #ifndef CONFIG_NO_WPA 424 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); 425 #endif /* CONFIG_NO_WPA */ 426 wpa_s->rsnxe_len = 0; 427 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 428 wpa_s->group_cipher = WPA_CIPHER_NONE; 429 wpa_s->mgmt_group_cipher = 0; 430 431 #ifdef CONFIG_WEP 432 for (i = 0; i < NUM_WEP_KEYS; i++) { 433 if (ssid->wep_key_len[i] > 5) { 434 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; 435 wpa_s->group_cipher = WPA_CIPHER_WEP104; 436 break; 437 } else if (ssid->wep_key_len[i] > 0) { 438 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; 439 wpa_s->group_cipher = WPA_CIPHER_WEP40; 440 break; 441 } 442 } 443 #endif /* CONFIG_WEP */ 444 445 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); 446 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 447 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 448 wpa_s->pairwise_cipher); 449 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 450 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 451 wpa_s->mgmt_group_cipher); 452 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, 0); 453 454 pmksa_cache_clear_current(wpa_s->wpa); 455 os_memset(&mlo, 0, sizeof(mlo)); 456 wpa_sm_set_mlo_params(wpa_s->wpa, &mlo); 457 } 458 459 free_hw_features(struct wpa_supplicant * wpa_s)460 void free_hw_features(struct wpa_supplicant *wpa_s) 461 { 462 int i; 463 if (wpa_s->hw.modes == NULL) 464 return; 465 466 for (i = 0; i < wpa_s->hw.num_modes; i++) { 467 os_free(wpa_s->hw.modes[i].channels); 468 os_free(wpa_s->hw.modes[i].rates); 469 } 470 471 os_free(wpa_s->hw.modes); 472 wpa_s->hw.modes = NULL; 473 } 474 475 remove_bss_tmp_disallowed_entry(struct wpa_supplicant * wpa_s,struct wpa_bss_tmp_disallowed * bss)476 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s, 477 struct wpa_bss_tmp_disallowed *bss) 478 { 479 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); 480 dl_list_del(&bss->list); 481 os_free(bss); 482 } 483 484 free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)485 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s) 486 { 487 struct wpa_bss_tmp_disallowed *bss, *prev; 488 489 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed, 490 struct wpa_bss_tmp_disallowed, list) 491 remove_bss_tmp_disallowed_entry(wpa_s, bss); 492 } 493 494 wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)495 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s) 496 { 497 struct fils_hlp_req *req; 498 499 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req, 500 list)) != NULL) { 501 dl_list_del(&req->list); 502 wpabuf_free(req->pkt); 503 os_free(req); 504 } 505 } 506 507 wpas_wfa_gen_capab_attr(struct wpa_supplicant * wpa_s)508 static struct wpabuf * wpas_wfa_gen_capab_attr(struct wpa_supplicant *wpa_s) 509 { 510 struct wpabuf *attr; 511 size_t gen_len, supp_len; 512 const u8 *supp; 513 u8 supp_buf[1]; 514 bool add_cert; 515 516 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_DISABLED) 517 return NULL; 518 519 if (!wpa_s->conf->wfa_gen_capa_supp || 520 wpabuf_len(wpa_s->conf->wfa_gen_capa_supp) == 0) { 521 supp_len = 1; 522 supp_buf[0] = 0; 523 if (wpa_s->hw_capab & BIT(CAPAB_HT)) 524 supp_buf[0] |= BIT(0); /* Wi-Fi 4 */ 525 if (wpa_s->hw_capab & BIT(CAPAB_VHT)) 526 supp_buf[0] |= BIT(1); /* Wi-Fi 5 */ 527 if (wpa_s->hw_capab & BIT(CAPAB_HE)) 528 supp_buf[0] |= BIT(2); /* Wi-Fi 6 */ 529 if (wpa_s->hw_capab & BIT(CAPAB_EHT)) 530 supp_buf[0] |= BIT(3); /* Wi-Fi 7 */ 531 supp = supp_buf; 532 } else { 533 supp_len = wpabuf_len(wpa_s->conf->wfa_gen_capa_supp); 534 supp = wpabuf_head(wpa_s->conf->wfa_gen_capa_supp); 535 } 536 537 add_cert = wpa_s->conf->wfa_gen_capa_cert && 538 wpabuf_len(wpa_s->conf->wfa_gen_capa_cert) == supp_len; 539 540 gen_len = 1 + supp_len; 541 if (add_cert) { 542 gen_len++; 543 gen_len += wpabuf_len(wpa_s->conf->wfa_gen_capa_cert); 544 } 545 546 attr = wpabuf_alloc(2 + gen_len); 547 if (!attr) 548 return NULL; 549 550 wpabuf_put_u8(attr, WFA_CAPA_ATTR_GENERATIONAL_CAPAB); 551 wpabuf_put_u8(attr, gen_len); 552 wpabuf_put_u8(attr, supp_len); 553 wpabuf_put_data(attr, supp, supp_len); 554 if (add_cert) { 555 wpabuf_put_u8(attr, 556 wpabuf_len(wpa_s->conf->wfa_gen_capa_cert)); 557 wpabuf_put_buf(attr, wpa_s->conf->wfa_gen_capa_cert); 558 } 559 560 return attr; 561 } 562 563 564 wpas_wfa_capab_tx(void * eloop_ctx,void * timeout_ctx)565 static void wpas_wfa_capab_tx(void *eloop_ctx, void *timeout_ctx) 566 { 567 struct wpa_supplicant *wpa_s = eloop_ctx; 568 struct wpabuf *attr, *buf; 569 size_t buf_len; 570 571 if (wpa_s->conf->wfa_gen_capa != WFA_GEN_CAPA_PROTECTED || 572 wpa_s->wpa_state != WPA_COMPLETED || 573 !pmf_in_use(wpa_s, wpa_s->bssid)) 574 return; 575 576 attr = wpas_wfa_gen_capab_attr(wpa_s); 577 if (!attr) 578 return; 579 580 buf_len = 1 + 3 + 1 + 1 + wpabuf_len(attr); 581 buf = wpabuf_alloc(buf_len); 582 if (!buf) { 583 wpabuf_free(attr); 584 return; 585 } 586 587 wpabuf_put_u8(buf, WLAN_ACTION_VENDOR_SPECIFIC_PROTECTED); 588 wpabuf_put_be32(buf, WFA_CAPAB_VENDOR_TYPE); 589 wpabuf_put_u8(buf, 0); /* Capabilities Length */ 590 wpabuf_put_buf(buf, attr); 591 wpabuf_free(attr); 592 593 wpa_printf(MSG_DEBUG, "WFA: Send WFA Capabilities frame"); 594 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, 595 wpa_s->own_addr, wpa_s->bssid, 596 wpabuf_head(buf), wpabuf_len(buf), 0) < 0) 597 wpa_printf(MSG_DEBUG, 598 "WFA: Failed to send WFA Capabilities frame"); 599 600 wpabuf_free(buf); 601 } 602 603 wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)604 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx) 605 { 606 struct wpa_supplicant *wpa_s = eloop_ctx; 607 608 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) 609 return; 610 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface"); 611 wpa_bss_flush(wpa_s); 612 } 613 614 615 #ifdef CONFIG_TESTING_OPTIONS wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)616 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s) 617 { 618 struct driver_signal_override *dso; 619 620 while ((dso = dl_list_first(&wpa_s->drv_signal_override, 621 struct driver_signal_override, list))) { 622 dl_list_del(&dso->list); 623 os_free(dso); 624 } 625 } 626 #endif /* CONFIG_TESTING_OPTIONS */ 627 628 wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)629 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) 630 { 631 int i; 632 633 bgscan_deinit(wpa_s); 634 autoscan_deinit(wpa_s); 635 scard_deinit(wpa_s->scard); 636 wpa_s->scard = NULL; 637 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); 638 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); 639 l2_packet_deinit(wpa_s->l2); 640 wpa_s->l2 = NULL; 641 if (wpa_s->l2_br) { 642 l2_packet_deinit(wpa_s->l2_br); 643 wpa_s->l2_br = NULL; 644 } 645 #ifdef CONFIG_TESTING_OPTIONS 646 l2_packet_deinit(wpa_s->l2_test); 647 wpa_s->l2_test = NULL; 648 os_free(wpa_s->get_pref_freq_list_override); 649 wpa_s->get_pref_freq_list_override = NULL; 650 wpabuf_free(wpa_s->last_assoc_req_wpa_ie); 651 wpa_s->last_assoc_req_wpa_ie = NULL; 652 os_free(wpa_s->extra_sae_rejected_groups); 653 wpa_s->extra_sae_rejected_groups = NULL; 654 wpabuf_free(wpa_s->rsne_override_eapol); 655 wpa_s->rsne_override_eapol = NULL; 656 wpabuf_free(wpa_s->rsnxe_override_assoc); 657 wpa_s->rsnxe_override_assoc = NULL; 658 wpabuf_free(wpa_s->rsnxe_override_eapol); 659 wpa_s->rsnxe_override_eapol = NULL; 660 wpas_clear_driver_signal_override(wpa_s); 661 #endif /* CONFIG_TESTING_OPTIONS */ 662 663 if (wpa_s->conf != NULL) { 664 struct wpa_ssid *ssid; 665 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 666 wpas_notify_network_removed(wpa_s, ssid); 667 } 668 669 os_free(wpa_s->confname); 670 wpa_s->confname = NULL; 671 672 os_free(wpa_s->confanother); 673 wpa_s->confanother = NULL; 674 675 os_free(wpa_s->last_con_fail_realm); 676 wpa_s->last_con_fail_realm = NULL; 677 wpa_s->last_con_fail_realm_len = 0; 678 679 wpa_sm_set_eapol(wpa_s->wpa, NULL); 680 eapol_sm_deinit(wpa_s->eapol); 681 wpa_s->eapol = NULL; 682 683 rsn_preauth_deinit(wpa_s->wpa); 684 685 #ifdef CONFIG_TDLS 686 wpa_tdls_deinit(wpa_s->wpa); 687 #endif /* CONFIG_TDLS */ 688 689 #ifndef CONFIG_NO_WMM_AC 690 wmm_ac_clear_saved_tspecs(wpa_s); 691 #endif /* CONFIG_NO_WMM_AC */ 692 pmksa_candidate_free(wpa_s->wpa); 693 ptksa_cache_deinit(wpa_s->ptksa); 694 wpa_s->ptksa = NULL; 695 wpa_sm_deinit(wpa_s->wpa); 696 wpa_s->wpa = NULL; 697 wpa_bssid_ignore_clear(wpa_s); 698 699 #ifdef CONFIG_PASN 700 wpas_pasn_auth_stop(wpa_s); 701 #endif /* CONFIG_PASN */ 702 703 wpa_bss_deinit(wpa_s); 704 705 wpa_supplicant_cancel_delayed_sched_scan(wpa_s); 706 wpa_supplicant_cancel_scan(wpa_s); 707 wpa_supplicant_cancel_auth_timeout(wpa_s); 708 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); 709 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT 710 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, 711 wpa_s, NULL); 712 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ 713 714 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); 715 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL); 716 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL); 717 eloop_cancel_timeout(wpas_wfa_capab_tx, wpa_s, NULL); 718 719 wpas_wps_deinit(wpa_s); 720 721 wpabuf_free(wpa_s->pending_eapol_rx); 722 wpa_s->pending_eapol_rx = NULL; 723 724 #ifdef CONFIG_IBSS_RSN 725 ibss_rsn_deinit(wpa_s->ibss_rsn); 726 wpa_s->ibss_rsn = NULL; 727 #endif /* CONFIG_IBSS_RSN */ 728 729 sme_deinit(wpa_s); 730 731 #ifdef CONFIG_AP 732 wpa_supplicant_ap_deinit(wpa_s); 733 #endif /* CONFIG_AP */ 734 735 wpas_p2p_deinit(wpa_s); 736 737 #ifdef CONFIG_OFFCHANNEL 738 offchannel_deinit(wpa_s); 739 #endif /* CONFIG_OFFCHANNEL */ 740 741 wpa_supplicant_cancel_sched_scan(wpa_s); 742 743 os_free(wpa_s->next_scan_freqs); 744 wpa_s->next_scan_freqs = NULL; 745 746 os_free(wpa_s->manual_scan_freqs); 747 wpa_s->manual_scan_freqs = NULL; 748 os_free(wpa_s->select_network_scan_freqs); 749 wpa_s->select_network_scan_freqs = NULL; 750 751 os_free(wpa_s->manual_sched_scan_freqs); 752 wpa_s->manual_sched_scan_freqs = NULL; 753 754 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL); 755 756 /* 757 * Need to remove any pending gas-query radio work before the 758 * gas_query_deinit() call because gas_query::work has not yet been set 759 * for works that have not been started. gas_query_free() will be unable 760 * to cancel such pending radio works and once the pending gas-query 761 * radio work eventually gets removed, the deinit notification call to 762 * gas_query_start_cb() would result in dereferencing freed memory. 763 */ 764 if (wpa_s->radio) 765 radio_remove_works(wpa_s, "gas-query", 0); 766 gas_query_deinit(wpa_s->gas); 767 wpa_s->gas = NULL; 768 gas_server_deinit(wpa_s->gas_server); 769 wpa_s->gas_server = NULL; 770 771 free_hw_features(wpa_s); 772 773 ieee802_1x_dealloc_kay_sm(wpa_s); 774 775 os_free(wpa_s->bssid_filter); 776 wpa_s->bssid_filter = NULL; 777 778 os_free(wpa_s->disallow_aps_bssid); 779 wpa_s->disallow_aps_bssid = NULL; 780 os_free(wpa_s->disallow_aps_ssid); 781 wpa_s->disallow_aps_ssid = NULL; 782 783 wnm_bss_keep_alive_deinit(wpa_s); 784 wnm_btm_reset(wpa_s); 785 786 ext_password_deinit(wpa_s->ext_pw); 787 wpa_s->ext_pw = NULL; 788 789 wpabuf_free(wpa_s->last_gas_resp); 790 wpa_s->last_gas_resp = NULL; 791 wpabuf_free(wpa_s->prev_gas_resp); 792 wpa_s->prev_gas_resp = NULL; 793 794 os_free(wpa_s->last_scan_res); 795 wpa_s->last_scan_res = NULL; 796 797 #ifdef CONFIG_HS20 798 if (wpa_s->drv_priv) 799 wpa_drv_configure_frame_filters(wpa_s, 0); 800 #endif /* CONFIG_HS20 */ 801 802 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { 803 wpabuf_free(wpa_s->vendor_elem[i]); 804 wpa_s->vendor_elem[i] = NULL; 805 } 806 807 #ifndef CONFIG_NO_WMM_AC 808 wmm_ac_notify_disassoc(wpa_s); 809 #endif /* CONFIG_NO_WMM_AC */ 810 811 wpa_s->sched_scan_plans_num = 0; 812 os_free(wpa_s->sched_scan_plans); 813 wpa_s->sched_scan_plans = NULL; 814 815 #ifdef CONFIG_MBO 816 wpa_s->non_pref_chan_num = 0; 817 os_free(wpa_s->non_pref_chan); 818 wpa_s->non_pref_chan = NULL; 819 #endif /* CONFIG_MBO */ 820 821 free_bss_tmp_disallowed(wpa_s); 822 823 wpabuf_free(wpa_s->lci); 824 wpa_s->lci = NULL; 825 #ifndef CONFIG_NO_RRM 826 wpas_clear_beacon_rep_data(wpa_s); 827 #endif /* CONFIG_NO_RRM */ 828 829 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 830 #ifdef CONFIG_MESH 831 { 832 struct external_pmksa_cache *entry; 833 834 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache, 835 struct external_pmksa_cache, 836 list)) != NULL) { 837 dl_list_del(&entry->list); 838 os_free(entry->pmksa_cache); 839 os_free(entry); 840 } 841 } 842 #endif /* CONFIG_MESH */ 843 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 844 845 wpas_flush_fils_hlp_req(wpa_s); 846 847 wpabuf_free(wpa_s->ric_ies); 848 wpa_s->ric_ies = NULL; 849 850 #ifdef CONFIG_DPP 851 wpas_dpp_deinit(wpa_s); 852 dpp_global_deinit(wpa_s->dpp); 853 wpa_s->dpp = NULL; 854 #endif /* CONFIG_DPP */ 855 856 #ifdef CONFIG_NAN_USD 857 wpas_nan_usd_deinit(wpa_s); 858 #endif /* CONFIG_NAN_USD */ 859 860 #ifdef CONFIG_PASN 861 wpas_pasn_auth_stop(wpa_s); 862 #endif /* CONFIG_PASN */ 863 #ifndef CONFIG_NO_ROBUST_AV 864 wpas_scs_deinit(wpa_s); 865 wpas_dscp_deinit(wpa_s); 866 #endif /* CONFIG_NO_ROBUST_AV */ 867 868 #ifdef CONFIG_OWE 869 os_free(wpa_s->owe_trans_scan_freq); 870 wpa_s->owe_trans_scan_freq = NULL; 871 #endif /* CONFIG_OWE */ 872 } 873 874 875 /** 876 * wpa_clear_keys - Clear keys configured for the driver 877 * @wpa_s: Pointer to wpa_supplicant data 878 * @addr: Previously used BSSID or %NULL if not available 879 * 880 * This function clears the encryption keys that has been previously configured 881 * for the driver. 882 */ wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)883 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) 884 { 885 int i, max = 6; 886 887 /* MLME-DELETEKEYS.request */ 888 for (i = 0; i < max; i++) { 889 if (wpa_s->keys_cleared & BIT(i)) 890 continue; 891 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0, 892 NULL, 0, KEY_FLAG_GROUP); 893 } 894 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */ 895 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr && 896 !is_zero_ether_addr(addr)) { 897 if (!(wpa_s->keys_cleared & BIT(0))) 898 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0, 899 NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); 900 if (!(wpa_s->keys_cleared & BIT(15))) 901 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0, 902 NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE); 903 /* MLME-SETPROTECTION.request(None) */ 904 wpa_drv_mlme_setprotection( 905 wpa_s, addr, 906 MLME_SETPROTECTION_PROTECT_TYPE_NONE, 907 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); 908 } 909 wpa_s->keys_cleared = (u32) -1; 910 } 911 912 913 /** 914 * wpa_supplicant_state_txt - Get the connection state name as a text string 915 * @state: State (wpa_state; WPA_*) 916 * Returns: The state name as a printable text string 917 */ wpa_supplicant_state_txt(enum wpa_states state)918 const char * wpa_supplicant_state_txt(enum wpa_states state) 919 { 920 switch (state) { 921 case WPA_DISCONNECTED: 922 return "DISCONNECTED"; 923 case WPA_INACTIVE: 924 return "INACTIVE"; 925 case WPA_INTERFACE_DISABLED: 926 return "INTERFACE_DISABLED"; 927 case WPA_SCANNING: 928 return "SCANNING"; 929 case WPA_AUTHENTICATING: 930 return "AUTHENTICATING"; 931 case WPA_ASSOCIATING: 932 return "ASSOCIATING"; 933 case WPA_ASSOCIATED: 934 return "ASSOCIATED"; 935 case WPA_4WAY_HANDSHAKE: 936 return "4WAY_HANDSHAKE"; 937 case WPA_GROUP_HANDSHAKE: 938 return "GROUP_HANDSHAKE"; 939 case WPA_COMPLETED: 940 return "COMPLETED"; 941 default: 942 return "UNKNOWN"; 943 } 944 } 945 946 947 #ifdef CONFIG_BGSCAN 948 wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)949 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) 950 { 951 if (wpa_s->bgscan_ssid) { 952 bgscan_deinit(wpa_s); 953 wpa_s->bgscan_ssid = NULL; 954 } 955 } 956 957 958 /** 959 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID. 960 * @wpa_s: Pointer to the wpa_supplicant data 961 * 962 * Stop, start, or reconfigure the scan parameters depending on the method. 963 */ wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)964 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s) 965 { 966 const char *name; 967 968 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) 969 name = wpa_s->current_ssid->bgscan; 970 else 971 name = wpa_s->conf->bgscan; 972 if (!name || name[0] == '\0') { 973 wpa_supplicant_stop_bgscan(wpa_s); 974 return; 975 } 976 if (wpas_driver_bss_selection(wpa_s)) 977 return; 978 #ifdef CONFIG_P2P 979 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE) 980 return; 981 #endif /* CONFIG_P2P */ 982 983 bgscan_deinit(wpa_s); 984 if (wpa_s->current_ssid) { 985 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) { 986 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 987 "bgscan"); 988 /* 989 * Live without bgscan; it is only used as a roaming 990 * optimization, so the initial connection is not 991 * affected. 992 */ 993 } else { 994 struct wpa_scan_results *scan_res; 995 wpa_s->bgscan_ssid = wpa_s->current_ssid; 996 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 997 0, NULL); 998 if (scan_res) { 999 bgscan_notify_scan(wpa_s, scan_res); 1000 wpa_scan_results_free(scan_res); 1001 } 1002 } 1003 } else 1004 wpa_s->bgscan_ssid = NULL; 1005 } 1006 1007 #endif /* CONFIG_BGSCAN */ 1008 1009 wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)1010 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s) 1011 { 1012 if (autoscan_init(wpa_s, 0)) 1013 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan"); 1014 } 1015 1016 wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)1017 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s) 1018 { 1019 autoscan_deinit(wpa_s); 1020 } 1021 1022 wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)1023 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s) 1024 { 1025 if (wpa_s->wpa_state == WPA_DISCONNECTED || 1026 wpa_s->wpa_state == WPA_SCANNING) { 1027 autoscan_deinit(wpa_s); 1028 wpa_supplicant_start_autoscan(wpa_s); 1029 } 1030 } 1031 1032 wpas_verify_ssid_beacon(void * eloop_ctx,void * timeout_ctx)1033 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx) 1034 { 1035 struct wpa_supplicant *wpa_s = eloop_ctx; 1036 struct wpa_bss *bss; 1037 const u8 *ssid; 1038 size_t ssid_len; 1039 1040 if (!wpa_s->current_ssid || !wpa_s->current_bss) 1041 return; 1042 1043 ssid = wpa_s->current_bss->ssid; 1044 ssid_len = wpa_s->current_bss->ssid_len; 1045 1046 if (wpa_s->current_ssid->ssid_len && 1047 (wpa_s->current_ssid->ssid_len != ssid_len || 1048 os_memcmp(wpa_s->current_ssid->ssid, ssid, ssid_len) != 0)) 1049 return; 1050 1051 if (wpa_s->wpa_state < WPA_4WAY_HANDSHAKE || 1052 !wpa_s->bigtk_set || wpa_s->ssid_verified) 1053 return; 1054 1055 wpa_printf(MSG_DEBUG, 1056 "SSID not yet verified; check if the driver has received a verified Beacon frame"); 1057 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0) 1058 return; 1059 1060 /* wpa->current_bss might have changed due to memory reallocation, so 1061 * need to update ssid/ssid_len */ 1062 if (!wpa_s->current_bss) 1063 return; 1064 ssid = wpa_s->current_bss->ssid; 1065 ssid_len = wpa_s->current_bss->ssid_len; 1066 1067 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid); 1068 if (!bss) 1069 return; 1070 wpa_printf(MSG_DEBUG, "The current beacon time stamp: 0x%llx", 1071 (long long unsigned int) bss->tsf); 1072 if (bss->tsf > wpa_s->first_beacon_tsf) { 1073 const u8 *ie; 1074 1075 wpa_printf(MSG_DEBUG, 1076 "Verified Beacon frame has been received"); 1077 wpa_s->beacons_checked++; 1078 1079 ie = wpa_bss_get_ie_beacon(bss, WLAN_EID_SSID); 1080 if (ie && ie[1] == ssid_len && 1081 os_memcmp(&ie[2], ssid, ssid_len) == 0) { 1082 wpa_printf(MSG_DEBUG, 1083 "SSID verified based on a Beacon frame and beacon protection"); 1084 wpa_s->ssid_verified = true; 1085 return; 1086 } 1087 1088 /* TODO: Multiple BSSID element */ 1089 } 1090 1091 if (wpa_s->beacons_checked < 16) { 1092 eloop_register_timeout(wpa_s->next_beacon_check, 0, 1093 wpas_verify_ssid_beacon, wpa_s, NULL); 1094 wpa_s->next_beacon_check++; 1095 } 1096 } 1097 1098 wpas_verify_ssid_beacon_prot(struct wpa_supplicant * wpa_s)1099 static void wpas_verify_ssid_beacon_prot(struct wpa_supplicant *wpa_s) 1100 { 1101 struct wpa_bss *bss; 1102 1103 wpa_printf(MSG_DEBUG, 1104 "SSID not yet verified; try to verify using beacon protection"); 1105 /* Fetch the current scan result which is likely based on not yet 1106 * verified payload since the current BIGTK was just received. Any 1107 * newer update in the future with a larger timestamp value is an 1108 * indication that a verified Beacon frame has been received. */ 1109 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0) 1110 return; 1111 1112 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid); 1113 if (!bss) 1114 return; 1115 wpa_printf(MSG_DEBUG, "The initial beacon time stamp: 0x%llx", 1116 (long long unsigned int) bss->tsf); 1117 wpa_s->first_beacon_tsf = bss->tsf; 1118 wpa_s->beacons_checked = 0; 1119 wpa_s->next_beacon_check = 1; 1120 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL); 1121 eloop_register_timeout(1, 0, wpas_verify_ssid_beacon, wpa_s, NULL); 1122 } 1123 1124 1125 /** 1126 * wpa_supplicant_set_state - Set current connection state 1127 * @wpa_s: Pointer to wpa_supplicant data 1128 * @state: The new connection state 1129 * 1130 * This function is called whenever the connection state changes, e.g., 1131 * association is completed for WPA/WPA2 4-Way Handshake is started. 1132 */ wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)1133 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, 1134 enum wpa_states state) 1135 { 1136 enum wpa_states old_state = wpa_s->wpa_state; 1137 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 1138 bool update_fils_connect_params = false; 1139 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 1140 1141 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", 1142 wpa_supplicant_state_txt(wpa_s->wpa_state), 1143 wpa_supplicant_state_txt(state)); 1144 1145 if (state == WPA_COMPLETED && 1146 os_reltime_initialized(&wpa_s->roam_start)) { 1147 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time); 1148 wpa_s->roam_start.sec = 0; 1149 wpa_s->roam_start.usec = 0; 1150 wpas_notify_auth_changed(wpa_s); 1151 wpas_notify_roam_time(wpa_s); 1152 wpas_notify_roam_complete(wpa_s); 1153 } else if (state == WPA_DISCONNECTED && 1154 os_reltime_initialized(&wpa_s->roam_start)) { 1155 wpa_s->roam_start.sec = 0; 1156 wpa_s->roam_start.usec = 0; 1157 wpa_s->roam_time.sec = 0; 1158 wpa_s->roam_time.usec = 0; 1159 wpas_notify_roam_complete(wpa_s); 1160 } 1161 1162 if (state == WPA_INTERFACE_DISABLED) { 1163 /* Assure normal scan when interface is restored */ 1164 wpa_s->normal_scans = 0; 1165 } 1166 1167 if (state == WPA_COMPLETED) { 1168 wpas_connect_work_done(wpa_s); 1169 /* Reinitialize normal_scan counter */ 1170 wpa_s->normal_scans = 0; 1171 } 1172 1173 #ifdef CONFIG_P2P 1174 /* 1175 * P2PS client has to reply to Probe Request frames received on the 1176 * group operating channel. Enable Probe Request frame reporting for 1177 * P2P connected client in case p2p_cli_probe configuration property is 1178 * set to 1. 1179 */ 1180 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid && 1181 wpa_s->current_ssid->mode == WPAS_MODE_INFRA && 1182 wpa_s->current_ssid->p2p_group) { 1183 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) { 1184 wpa_dbg(wpa_s, MSG_DEBUG, 1185 "P2P: Enable CLI Probe Request RX reporting"); 1186 wpa_s->p2p_cli_probe = 1187 wpa_drv_probe_req_report(wpa_s, 1) >= 0; 1188 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) { 1189 wpa_dbg(wpa_s, MSG_DEBUG, 1190 "P2P: Disable CLI Probe Request RX reporting"); 1191 wpa_s->p2p_cli_probe = 0; 1192 wpa_drv_probe_req_report(wpa_s, 0); 1193 } 1194 } 1195 #endif /* CONFIG_P2P */ 1196 1197 if (state != WPA_SCANNING) 1198 wpa_supplicant_notify_scanning(wpa_s, 0); 1199 1200 if (state == WPA_COMPLETED && wpa_s->new_connection) { 1201 struct wpa_ssid *ssid = wpa_s->current_ssid; 1202 int fils_hlp_sent = 0; 1203 char mld_addr[50]; 1204 1205 mld_addr[0] = '\0'; 1206 if (wpa_s->valid_links) 1207 os_snprintf(mld_addr, sizeof(mld_addr), 1208 " ap_mld_addr=" MACSTR, 1209 MAC2STR(wpa_s->ap_mld_addr)); 1210 1211 #ifdef CONFIG_SME 1212 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 1213 wpa_auth_alg_fils(wpa_s->sme.auth_alg)) 1214 fils_hlp_sent = 1; 1215 #endif /* CONFIG_SME */ 1216 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 1217 wpa_auth_alg_fils(wpa_s->auth_alg)) 1218 fils_hlp_sent = 1; 1219 1220 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) 1221 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " 1222 MACSTR " completed [id=%d id_str=%s%s]%s", 1223 MAC2STR(wpa_s->bssid), 1224 ssid ? ssid->id : -1, 1225 ssid && ssid->id_str ? ssid->id_str : "", 1226 fils_hlp_sent ? " FILS_HLP_SENT" : "", mld_addr); 1227 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ 1228 wpas_clear_temp_disabled(wpa_s, ssid, 1); 1229 wpa_s->consecutive_conn_failures = 0; 1230 wpa_s->new_connection = 0; 1231 wpa_drv_set_operstate(wpa_s, 1); 1232 #ifndef IEEE8021X_EAPOL 1233 wpa_drv_set_supp_port(wpa_s, 1); 1234 #endif /* IEEE8021X_EAPOL */ 1235 wpa_s->after_wps = 0; 1236 wpa_s->known_wps_freq = 0; 1237 wpas_p2p_completed(wpa_s); 1238 1239 sme_sched_obss_scan(wpa_s, 1); 1240 1241 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 1242 if (!fils_hlp_sent && ssid && ssid->eap.erp) 1243 update_fils_connect_params = true; 1244 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 1245 #ifdef CONFIG_OWE 1246 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE)) 1247 wpas_update_owe_connect_params(wpa_s); 1248 #endif /* CONFIG_OWE */ 1249 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_PROTECTED && 1250 pmf_in_use(wpa_s, wpa_s->bssid)) { 1251 eloop_cancel_timeout(wpas_wfa_capab_tx, wpa_s, NULL); 1252 eloop_register_timeout(0, 100000, wpas_wfa_capab_tx, 1253 wpa_s, NULL); 1254 } 1255 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || 1256 state == WPA_ASSOCIATED) { 1257 wpa_s->new_connection = 1; 1258 wpa_drv_set_operstate(wpa_s, 0); 1259 #ifndef IEEE8021X_EAPOL 1260 wpa_drv_set_supp_port(wpa_s, 0); 1261 #endif /* IEEE8021X_EAPOL */ 1262 sme_sched_obss_scan(wpa_s, 0); 1263 } 1264 wpa_s->wpa_state = state; 1265 1266 #ifdef CONFIG_BGSCAN 1267 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid) 1268 wpa_supplicant_reset_bgscan(wpa_s); 1269 else if (state < WPA_ASSOCIATED) 1270 wpa_supplicant_stop_bgscan(wpa_s); 1271 #endif /* CONFIG_BGSCAN */ 1272 1273 if (state > WPA_SCANNING) 1274 wpa_supplicant_stop_autoscan(wpa_s); 1275 1276 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE) 1277 wpa_supplicant_start_autoscan(wpa_s); 1278 1279 if (state == WPA_COMPLETED || state == WPA_INTERFACE_DISABLED || 1280 state == WPA_INACTIVE) 1281 wnm_btm_reset(wpa_s); 1282 1283 #ifndef CONFIG_NO_WMM_AC 1284 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED) 1285 wmm_ac_notify_disassoc(wpa_s); 1286 #endif /* CONFIG_NO_WMM_AC */ 1287 1288 if (wpa_s->wpa_state != old_state) { 1289 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 1290 1291 /* 1292 * Notify the P2P Device interface about a state change in one 1293 * of the interfaces. 1294 */ 1295 wpas_p2p_indicate_state_change(wpa_s); 1296 1297 if (wpa_s->wpa_state == WPA_COMPLETED || 1298 old_state == WPA_COMPLETED) 1299 wpas_notify_auth_changed(wpa_s); 1300 #ifdef CONFIG_DPP2 1301 if (wpa_s->wpa_state == WPA_COMPLETED) 1302 wpas_dpp_connected(wpa_s); 1303 #endif /* CONFIG_DPP2 */ 1304 1305 if (wpa_s->wpa_state == WPA_COMPLETED && 1306 wpa_s->bigtk_set && !wpa_s->ssid_verified) 1307 wpas_verify_ssid_beacon_prot(wpa_s); 1308 } 1309 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) 1310 if (update_fils_connect_params) 1311 wpas_update_fils_connect_params(wpa_s); 1312 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 1313 } 1314 1315 wpa_supplicant_terminate_proc(struct wpa_global * global)1316 void wpa_supplicant_terminate_proc(struct wpa_global *global) 1317 { 1318 int pending = 0; 1319 #ifdef CONFIG_WPS 1320 struct wpa_supplicant *wpa_s = global->ifaces; 1321 while (wpa_s) { 1322 struct wpa_supplicant *next = wpa_s->next; 1323 if (wpas_wps_terminate_pending(wpa_s) == 1) 1324 pending = 1; 1325 #ifdef CONFIG_P2P 1326 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE || 1327 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group)) 1328 wpas_p2p_disconnect(wpa_s); 1329 #endif /* CONFIG_P2P */ 1330 wpa_s = next; 1331 } 1332 #endif /* CONFIG_WPS */ 1333 if (pending) 1334 return; 1335 eloop_terminate(); 1336 } 1337 1338 wpa_supplicant_terminate(int sig,void * signal_ctx)1339 static void wpa_supplicant_terminate(int sig, void *signal_ctx) 1340 { 1341 struct wpa_global *global = signal_ctx; 1342 wpa_supplicant_terminate_proc(global); 1343 } 1344 1345 wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1346 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) 1347 { 1348 enum wpa_states old_state = wpa_s->wpa_state; 1349 enum wpa_states new_state; 1350 1351 if (old_state == WPA_SCANNING) 1352 new_state = WPA_SCANNING; 1353 else 1354 new_state = WPA_DISCONNECTED; 1355 1356 wpa_s->pairwise_cipher = 0; 1357 wpa_s->group_cipher = 0; 1358 wpa_s->mgmt_group_cipher = 0; 1359 wpa_s->key_mgmt = 0; 1360 wpa_s->allowed_key_mgmts = 0; 1361 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) 1362 wpa_supplicant_set_state(wpa_s, new_state); 1363 1364 if (wpa_s->wpa_state != old_state) 1365 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); 1366 } 1367 1368 1369 /** 1370 * wpa_supplicant_reload_configuration - Reload configuration data 1371 * @wpa_s: Pointer to wpa_supplicant data 1372 * Returns: 0 on success or -1 if configuration parsing failed 1373 * 1374 * This function can be used to request that the configuration data is reloaded 1375 * (e.g., after configuration file change). This function is reloading 1376 * configuration only for one interface, so this may need to be called multiple 1377 * times if %wpa_supplicant is controlling multiple interfaces and all 1378 * interfaces need reconfiguration. 1379 */ wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1380 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) 1381 { 1382 struct wpa_config *conf; 1383 int reconf_ctrl; 1384 int old_ap_scan; 1385 1386 if (wpa_s->confname == NULL) 1387 return -1; 1388 conf = wpa_config_read(wpa_s->confname, NULL, false); 1389 if (conf == NULL) { 1390 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " 1391 "file '%s' - exiting", wpa_s->confname); 1392 return -1; 1393 } 1394 if (wpa_s->confanother && 1395 !wpa_config_read(wpa_s->confanother, conf, true)) { 1396 wpa_msg(wpa_s, MSG_ERROR, 1397 "Failed to parse the configuration file '%s' - exiting", 1398 wpa_s->confanother); 1399 return -1; 1400 } 1401 1402 conf->changed_parameters = (unsigned int) -1; 1403 1404 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface 1405 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && 1406 os_strcmp(conf->ctrl_interface, 1407 wpa_s->conf->ctrl_interface) != 0); 1408 1409 if (reconf_ctrl) { 1410 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface); 1411 wpa_s->ctrl_iface = NULL; 1412 } 1413 1414 eapol_sm_invalidate_cached_session(wpa_s->eapol); 1415 if (wpa_s->current_ssid) { 1416 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 1417 wpa_s->own_disconnect_req = 1; 1418 wpa_supplicant_deauthenticate(wpa_s, 1419 WLAN_REASON_DEAUTH_LEAVING); 1420 } 1421 1422 /* 1423 * TODO: should notify EAPOL SM about changes in opensc_engine_path, 1424 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers. 1425 */ 1426 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 1427 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE || 1428 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { 1429 /* 1430 * Clear forced success to clear EAP state for next 1431 * authentication. 1432 */ 1433 eapol_sm_notify_eap_success(wpa_s->eapol, false); 1434 } 1435 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 1436 wpa_sm_set_config(wpa_s->wpa, NULL); 1437 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); 1438 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 1439 rsn_preauth_deinit(wpa_s->wpa); 1440 1441 old_ap_scan = wpa_s->conf->ap_scan; 1442 wpa_config_free(wpa_s->conf); 1443 wpa_s->conf = conf; 1444 if (old_ap_scan != wpa_s->conf->ap_scan) 1445 wpas_notify_ap_scan_changed(wpa_s); 1446 1447 if (reconf_ctrl) 1448 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 1449 1450 wpa_supplicant_update_config(wpa_s); 1451 1452 wpa_supplicant_clear_status(wpa_s); 1453 if (wpa_supplicant_enabled_networks(wpa_s)) { 1454 wpa_s->reassociate = 1; 1455 wpa_supplicant_req_scan(wpa_s, 0, 0); 1456 } 1457 wpa_bssid_ignore_clear(wpa_s); 1458 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); 1459 return 0; 1460 } 1461 1462 wpa_supplicant_reconfig(int sig,void * signal_ctx)1463 static void wpa_supplicant_reconfig(int sig, void *signal_ctx) 1464 { 1465 struct wpa_global *global = signal_ctx; 1466 struct wpa_supplicant *wpa_s; 1467 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 1468 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", 1469 sig); 1470 if (wpa_supplicant_reload_configuration(wpa_s) < 0) { 1471 wpa_supplicant_terminate_proc(global); 1472 } 1473 } 1474 1475 if (wpa_debug_reopen_file() < 0) { 1476 /* Ignore errors since we cannot really do much to fix this */ 1477 wpa_printf(MSG_DEBUG, "Could not reopen debug log file"); 1478 } 1479 } 1480 1481 wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1482 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, 1483 struct wpa_ssid *ssid, 1484 struct wpa_ie_data *ie) 1485 { 1486 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); 1487 if (ret) { 1488 if (ret == -2) { 1489 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " 1490 "from association info"); 1491 } 1492 return -1; 1493 } 1494 1495 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " 1496 "cipher suites"); 1497 if (!(ie->group_cipher & ssid->group_cipher)) { 1498 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " 1499 "cipher 0x%x (mask 0x%x) - reject", 1500 ie->group_cipher, ssid->group_cipher); 1501 return -1; 1502 } 1503 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { 1504 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " 1505 "cipher 0x%x (mask 0x%x) - reject", 1506 ie->pairwise_cipher, ssid->pairwise_cipher); 1507 return -1; 1508 } 1509 if (!(ie->key_mgmt & ssid->key_mgmt)) { 1510 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " 1511 "management 0x%x (mask 0x%x) - reject", 1512 ie->key_mgmt, ssid->key_mgmt); 1513 return -1; 1514 } 1515 1516 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && 1517 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) { 1518 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " 1519 "that does not support management frame protection - " 1520 "reject"); 1521 return -1; 1522 } 1523 1524 return 0; 1525 } 1526 1527 matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1528 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie, 1529 int freq) 1530 { 1531 if (!ie->has_group) 1532 ie->group_cipher = wpa_default_rsn_cipher(freq); 1533 if (!ie->has_pairwise) 1534 ie->pairwise_cipher = wpa_default_rsn_cipher(freq); 1535 return (ie->group_cipher & ssid->group_cipher) && 1536 (ie->pairwise_cipher & ssid->pairwise_cipher); 1537 } 1538 1539 wpas_set_mgmt_group_cipher(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1540 void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s, 1541 struct wpa_ssid *ssid, struct wpa_ie_data *ie) 1542 { 1543 int sel; 1544 1545 sel = ie->mgmt_group_cipher; 1546 if (ssid->group_mgmt_cipher) 1547 sel &= ssid->group_mgmt_cipher; 1548 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION || 1549 !(ie->capabilities & WPA_CAPABILITY_MFPC)) 1550 sel = 0; 1551 wpa_dbg(wpa_s, MSG_DEBUG, 1552 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x", 1553 ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel); 1554 if (sel & WPA_CIPHER_AES_128_CMAC) { 1555 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; 1556 wpa_dbg(wpa_s, MSG_DEBUG, 1557 "WPA: using MGMT group cipher AES-128-CMAC"); 1558 } else if (sel & WPA_CIPHER_BIP_GMAC_128) { 1559 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128; 1560 wpa_dbg(wpa_s, MSG_DEBUG, 1561 "WPA: using MGMT group cipher BIP-GMAC-128"); 1562 } else if (sel & WPA_CIPHER_BIP_GMAC_256) { 1563 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256; 1564 wpa_dbg(wpa_s, MSG_DEBUG, 1565 "WPA: using MGMT group cipher BIP-GMAC-256"); 1566 } else if (sel & WPA_CIPHER_BIP_CMAC_256) { 1567 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256; 1568 wpa_dbg(wpa_s, MSG_DEBUG, 1569 "WPA: using MGMT group cipher BIP-CMAC-256"); 1570 } else { 1571 wpa_s->mgmt_group_cipher = 0; 1572 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); 1573 } 1574 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, 1575 wpa_s->mgmt_group_cipher); 1576 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, 1577 wpas_get_ssid_pmf(wpa_s, ssid)); 1578 } 1579 1580 /** 1581 * wpa_supplicant_get_psk - Get PSK from config or external database 1582 * @wpa_s: Pointer to wpa_supplicant data 1583 * @bss: Scan results for the selected BSS, or %NULL if not available 1584 * @ssid: Configuration data for the selected network 1585 * @psk: Buffer for the PSK 1586 * Returns: 0 on success or -1 if configuration parsing failed 1587 * 1588 * This function obtains the PSK for a network, either included inline in the 1589 * config or retrieved from an external database. 1590 */ wpa_supplicant_get_psk(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * psk)1591 static int wpa_supplicant_get_psk(struct wpa_supplicant *wpa_s, 1592 struct wpa_bss *bss, struct wpa_ssid *ssid, 1593 u8 *psk) 1594 { 1595 if (ssid->psk_set) { 1596 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)", 1597 ssid->psk, PMK_LEN); 1598 os_memcpy(psk, ssid->psk, PMK_LEN); 1599 return 0; 1600 } 1601 1602 #ifndef CONFIG_NO_PBKDF2 1603 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && ssid->passphrase) { 1604 if (pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, 1605 4096, psk, PMK_LEN) != 0) { 1606 wpa_msg(wpa_s, MSG_WARNING, "Error in pbkdf2_sha1()"); 1607 return -1; 1608 } 1609 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", 1610 psk, PMK_LEN); 1611 return 0; 1612 } 1613 #endif /* CONFIG_NO_PBKDF2 */ 1614 1615 #ifdef CONFIG_EXT_PASSWORD 1616 if (ssid->ext_psk) { 1617 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, 1618 ssid->ext_psk); 1619 char pw_str[64 + 1]; 1620 1621 if (!pw) { 1622 wpa_msg(wpa_s, MSG_INFO, 1623 "EXT PW: No PSK found from external storage"); 1624 return -1; 1625 } 1626 1627 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) { 1628 wpa_msg(wpa_s, MSG_INFO, 1629 "EXT PW: Unexpected PSK length %d in external storage", 1630 (int) wpabuf_len(pw)); 1631 ext_password_free(pw); 1632 return -1; 1633 } 1634 1635 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw)); 1636 pw_str[wpabuf_len(pw)] = '\0'; 1637 1638 #ifndef CONFIG_NO_PBKDF2 1639 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss) 1640 { 1641 if (pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len, 1642 4096, psk, PMK_LEN) != 0) { 1643 wpa_msg(wpa_s, MSG_WARNING, 1644 "Error in pbkdf2_sha1()"); 1645 forced_memzero(pw_str, sizeof(pw_str)); 1646 ext_password_free(pw); 1647 return -1; 1648 } 1649 wpa_hexdump_key(MSG_MSGDUMP, 1650 "PSK (from external passphrase)", 1651 psk, PMK_LEN); 1652 } else 1653 #endif /* CONFIG_NO_PBKDF2 */ 1654 if (wpabuf_len(pw) == 2 * PMK_LEN) { 1655 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) { 1656 wpa_msg(wpa_s, MSG_INFO, 1657 "EXT PW: Invalid PSK hex string"); 1658 forced_memzero(pw_str, sizeof(pw_str)); 1659 ext_password_free(pw); 1660 return -1; 1661 } 1662 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from external PSK)", 1663 psk, PMK_LEN); 1664 } else { 1665 wpa_msg(wpa_s, MSG_INFO, 1666 "EXT PW: No suitable PSK available"); 1667 forced_memzero(pw_str, sizeof(pw_str)); 1668 ext_password_free(pw); 1669 return -1; 1670 } 1671 1672 forced_memzero(pw_str, sizeof(pw_str)); 1673 ext_password_free(pw); 1674 1675 return 0; 1676 } 1677 #endif /* CONFIG_EXT_PASSWORD */ 1678 1679 return -1; 1680 } 1681 1682 wpas_update_allowed_key_mgmt(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)1683 static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s, 1684 struct wpa_ssid *ssid) 1685 { 1686 int akm_count = wpa_s->max_num_akms; 1687 u8 capab = 0; 1688 #ifdef CONFIG_SAE 1689 enum sae_pwe sae_pwe; 1690 #endif /* CONFIG_SAE */ 1691 1692 if (akm_count < 2) 1693 return; 1694 1695 akm_count--; 1696 wpa_s->allowed_key_mgmts = 0; 1697 switch (wpa_s->key_mgmt) { 1698 case WPA_KEY_MGMT_PSK: 1699 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) { 1700 akm_count--; 1701 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE; 1702 } 1703 if (!akm_count) 1704 break; 1705 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) { 1706 akm_count--; 1707 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY; 1708 } 1709 if (!akm_count) 1710 break; 1711 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) 1712 wpa_s->allowed_key_mgmts |= 1713 WPA_KEY_MGMT_PSK_SHA256; 1714 break; 1715 case WPA_KEY_MGMT_PSK_SHA256: 1716 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) { 1717 akm_count--; 1718 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE; 1719 } 1720 if (!akm_count) 1721 break; 1722 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) { 1723 akm_count--; 1724 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY; 1725 } 1726 if (!akm_count) 1727 break; 1728 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) 1729 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK; 1730 break; 1731 case WPA_KEY_MGMT_SAE: 1732 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) { 1733 akm_count--; 1734 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK; 1735 } 1736 if (!akm_count) 1737 break; 1738 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) { 1739 akm_count--; 1740 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY; 1741 } 1742 if (!akm_count) 1743 break; 1744 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) 1745 wpa_s->allowed_key_mgmts |= 1746 WPA_KEY_MGMT_PSK_SHA256; 1747 break; 1748 case WPA_KEY_MGMT_SAE_EXT_KEY: 1749 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) { 1750 akm_count--; 1751 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE; 1752 } 1753 if (!akm_count) 1754 break; 1755 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) { 1756 akm_count--; 1757 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK; 1758 } 1759 if (!akm_count) 1760 break; 1761 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256) 1762 wpa_s->allowed_key_mgmts |= 1763 WPA_KEY_MGMT_PSK_SHA256; 1764 break; 1765 default: 1766 return; 1767 } 1768 1769 #ifdef CONFIG_SAE 1770 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid); 1771 if (sae_pwe != SAE_PWE_HUNT_AND_PECK && 1772 sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK) 1773 capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E); 1774 #ifdef CONFIG_SAE_PK 1775 if (ssid->sae_pk) 1776 capab |= BIT(WLAN_RSNX_CAPAB_SAE_PK); 1777 #endif /* CONFIG_SAE_PK */ 1778 #endif /* CONFIG_SAE */ 1779 1780 if (!((wpa_s->allowed_key_mgmts & 1781 (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY)) && capab)) 1782 return; 1783 1784 if (!wpa_s->rsnxe_len) { 1785 wpa_s->rsnxe_len = 3; 1786 wpa_s->rsnxe[0] = WLAN_EID_RSNX; 1787 wpa_s->rsnxe[1] = 1; 1788 wpa_s->rsnxe[2] = 0; 1789 } 1790 1791 wpa_s->rsnxe[2] |= capab; 1792 } 1793 1794 1795 /** 1796 * wpa_supplicant_set_suites - Set authentication and encryption parameters 1797 * @wpa_s: Pointer to wpa_supplicant data 1798 * @bss: Scan results for the selected BSS, or %NULL if not available 1799 * @ssid: Configuration data for the selected network 1800 * @wpa_ie: Buffer for the WPA/RSN IE 1801 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the 1802 * used buffer length in case the functions returns success. 1803 * @skip_default_rsne: Whether to skip setting of the default RSNE/RSNXE 1804 * Returns: 0 on success or -1 on failure 1805 * 1806 * This function is used to configure authentication and encryption parameters 1807 * based on the network configuration and scan result for the selected BSS (if 1808 * available). 1809 */ wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len,bool skip_default_rsne)1810 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, 1811 struct wpa_bss *bss, struct wpa_ssid *ssid, 1812 u8 *wpa_ie, size_t *wpa_ie_len, 1813 bool skip_default_rsne) 1814 { 1815 struct wpa_ie_data ie; 1816 int sel, proto; 1817 #ifdef CONFIG_SAE 1818 enum sae_pwe sae_pwe; 1819 #endif /* CONFIG_SAE */ 1820 const u8 *bss_wpa, *bss_rsn, *bss_rsnx; 1821 bool wmm; 1822 1823 if (bss) { 1824 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); 1825 bss_rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false); 1826 bss_rsnx = wpa_bss_get_rsnxe(wpa_s, bss, ssid, false); 1827 } else { 1828 bss_wpa = bss_rsn = bss_rsnx = NULL; 1829 } 1830 1831 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && 1832 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && 1833 matching_ciphers(ssid, &ie, bss->freq) && 1834 (ie.key_mgmt & ssid->key_mgmt)) { 1835 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); 1836 proto = WPA_PROTO_RSN; 1837 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && 1838 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 && 1839 (ie.group_cipher & ssid->group_cipher) && 1840 (ie.pairwise_cipher & ssid->pairwise_cipher) && 1841 (ie.key_mgmt & ssid->key_mgmt)) { 1842 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); 1843 proto = WPA_PROTO_WPA; 1844 } else if (bss) { 1845 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); 1846 wpa_dbg(wpa_s, MSG_DEBUG, 1847 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1848 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher, 1849 ssid->key_mgmt); 1850 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s", 1851 MAC2STR(bss->bssid), 1852 wpa_ssid_txt(bss->ssid, bss->ssid_len), 1853 bss_wpa ? " WPA" : "", 1854 bss_rsn ? " RSN" : ""); 1855 if (bss_rsn) { 1856 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]); 1857 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) { 1858 wpa_dbg(wpa_s, MSG_DEBUG, 1859 "Could not parse RSN element"); 1860 } else { 1861 wpa_dbg(wpa_s, MSG_DEBUG, 1862 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1863 ie.pairwise_cipher, ie.group_cipher, 1864 ie.key_mgmt); 1865 } 1866 } 1867 if (bss_wpa) { 1868 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]); 1869 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) { 1870 wpa_dbg(wpa_s, MSG_DEBUG, 1871 "Could not parse WPA element"); 1872 } else { 1873 wpa_dbg(wpa_s, MSG_DEBUG, 1874 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x", 1875 ie.pairwise_cipher, ie.group_cipher, 1876 ie.key_mgmt); 1877 } 1878 } 1879 return -1; 1880 } else { 1881 if (ssid->proto & WPA_PROTO_RSN) 1882 proto = WPA_PROTO_RSN; 1883 else 1884 proto = WPA_PROTO_WPA; 1885 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { 1886 os_memset(&ie, 0, sizeof(ie)); 1887 ie.group_cipher = ssid->group_cipher; 1888 ie.pairwise_cipher = ssid->pairwise_cipher; 1889 ie.key_mgmt = ssid->key_mgmt; 1890 ie.mgmt_group_cipher = 0; 1891 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) { 1892 if (ssid->group_mgmt_cipher & 1893 WPA_CIPHER_BIP_GMAC_256) 1894 ie.mgmt_group_cipher = 1895 WPA_CIPHER_BIP_GMAC_256; 1896 else if (ssid->group_mgmt_cipher & 1897 WPA_CIPHER_BIP_CMAC_256) 1898 ie.mgmt_group_cipher = 1899 WPA_CIPHER_BIP_CMAC_256; 1900 else if (ssid->group_mgmt_cipher & 1901 WPA_CIPHER_BIP_GMAC_128) 1902 ie.mgmt_group_cipher = 1903 WPA_CIPHER_BIP_GMAC_128; 1904 else 1905 ie.mgmt_group_cipher = 1906 WPA_CIPHER_AES_128_CMAC; 1907 } 1908 #ifdef CONFIG_OWE 1909 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) && 1910 !ssid->owe_only && 1911 !bss_wpa && !bss_rsn) { 1912 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 1913 wpa_s->wpa_proto = 0; 1914 *wpa_ie_len = 0; 1915 return 0; 1916 } 1917 #endif /* CONFIG_OWE */ 1918 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " 1919 "based on configuration"); 1920 } else 1921 proto = ie.proto; 1922 } 1923 1924 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " 1925 "pairwise %d key_mgmt %d proto %d", 1926 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); 1927 if (ssid->ieee80211w) { 1928 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", 1929 ie.mgmt_group_cipher); 1930 } 1931 1932 wpa_s->wpa_proto = proto; 1933 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); 1934 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 1935 !!(ssid->proto & WPA_PROTO_RSN)); 1936 1937 if (bss || !wpa_s->ap_ies_from_associnfo) { 1938 const u8 *rsnoe = NULL, *rsno2e = NULL, *rsnxoe = NULL; 1939 1940 if (bss) { 1941 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); 1942 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX); 1943 rsnoe = wpa_bss_get_vendor_ie( 1944 bss, RSNE_OVERRIDE_IE_VENDOR_TYPE); 1945 rsno2e = wpa_bss_get_vendor_ie( 1946 bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE); 1947 rsnxoe = wpa_bss_get_vendor_ie( 1948 bss, RSNXE_OVERRIDE_IE_VENDOR_TYPE); 1949 } 1950 1951 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, 1952 bss_wpa ? 2 + bss_wpa[1] : 0) || 1953 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, 1954 bss_rsn ? 2 + bss_rsn[1] : 0) || 1955 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx, 1956 bss_rsnx ? 2 + bss_rsnx[1] : 0) || 1957 wpa_sm_set_ap_rsne_override(wpa_s->wpa, rsnoe, 1958 rsnoe ? 2 + rsnoe[1] : 0) || 1959 wpa_sm_set_ap_rsne_override_2(wpa_s->wpa, rsno2e, 1960 rsno2e ? 2 + rsno2e[1] : 0) || 1961 wpa_sm_set_ap_rsnxe_override(wpa_s->wpa, rsnxoe, 1962 rsnxoe ? 2 + rsnxoe[1] : 0)) 1963 return -1; 1964 } 1965 1966 #ifdef CONFIG_NO_WPA 1967 wpa_s->group_cipher = WPA_CIPHER_NONE; 1968 wpa_s->pairwise_cipher = WPA_CIPHER_NONE; 1969 #else /* CONFIG_NO_WPA */ 1970 sel = ie.group_cipher & ssid->group_cipher; 1971 wpa_dbg(wpa_s, MSG_DEBUG, 1972 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x", 1973 ie.group_cipher, ssid->group_cipher, sel); 1974 wpa_s->group_cipher = wpa_pick_group_cipher(sel); 1975 if (wpa_s->group_cipher < 0) { 1976 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " 1977 "cipher"); 1978 return -1; 1979 } 1980 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s", 1981 wpa_cipher_txt(wpa_s->group_cipher)); 1982 1983 sel = ie.pairwise_cipher & ssid->pairwise_cipher; 1984 wpa_dbg(wpa_s, MSG_DEBUG, 1985 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x", 1986 ie.pairwise_cipher, ssid->pairwise_cipher, sel); 1987 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1); 1988 if (wpa_s->pairwise_cipher < 0) { 1989 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " 1990 "cipher"); 1991 return -1; 1992 } 1993 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s", 1994 wpa_cipher_txt(wpa_s->pairwise_cipher)); 1995 #endif /* CONFIG_NO_WPA */ 1996 1997 sel = ie.key_mgmt & ssid->key_mgmt; 1998 #ifdef CONFIG_SAE 1999 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) && 2000 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA)) || 2001 wpas_is_sae_avoided(wpa_s, ssid, &ie)) 2002 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY | 2003 WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY); 2004 #endif /* CONFIG_SAE */ 2005 #ifdef CONFIG_IEEE80211R 2006 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME | 2007 WPA_DRIVER_FLAGS_UPDATE_FT_IES))) 2008 sel &= ~WPA_KEY_MGMT_FT; 2009 #endif /* CONFIG_IEEE80211R */ 2010 wpa_dbg(wpa_s, MSG_DEBUG, 2011 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x", 2012 ie.key_mgmt, ssid->key_mgmt, sel); 2013 if (0) { 2014 #ifdef CONFIG_IEEE80211R 2015 #ifdef CONFIG_SHA384 2016 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) && 2017 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) { 2018 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384; 2019 wpa_dbg(wpa_s, MSG_DEBUG, 2020 "WPA: using KEY_MGMT FT/802.1X-SHA384"); 2021 if (!ssid->ft_eap_pmksa_caching && 2022 pmksa_cache_get_current(wpa_s->wpa)) { 2023 /* PMKSA caching with FT may have interoperability 2024 * issues, so disable that case by default for now. */ 2025 wpa_dbg(wpa_s, MSG_DEBUG, 2026 "WPA: Disable PMKSA caching for FT/802.1X connection"); 2027 pmksa_cache_clear_current(wpa_s->wpa); 2028 } 2029 #endif /* CONFIG_SHA384 */ 2030 #endif /* CONFIG_IEEE80211R */ 2031 #ifdef CONFIG_SUITEB192 2032 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) { 2033 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192; 2034 wpa_dbg(wpa_s, MSG_DEBUG, 2035 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)"); 2036 #endif /* CONFIG_SUITEB192 */ 2037 #ifdef CONFIG_SUITEB 2038 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) { 2039 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B; 2040 wpa_dbg(wpa_s, MSG_DEBUG, 2041 "WPA: using KEY_MGMT 802.1X with Suite B"); 2042 #endif /* CONFIG_SUITEB */ 2043 #ifdef CONFIG_SHA384 2044 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA384) { 2045 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA384; 2046 wpa_dbg(wpa_s, MSG_DEBUG, 2047 "WPA: using KEY_MGMT 802.1X with SHA384"); 2048 #endif /* CONFIG_SHA384 */ 2049 #ifdef CONFIG_FILS 2050 #ifdef CONFIG_IEEE80211R 2051 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) { 2052 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384; 2053 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384"); 2054 #endif /* CONFIG_IEEE80211R */ 2055 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) { 2056 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384; 2057 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384"); 2058 #ifdef CONFIG_IEEE80211R 2059 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) { 2060 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256; 2061 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256"); 2062 #endif /* CONFIG_IEEE80211R */ 2063 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) { 2064 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256; 2065 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256"); 2066 #endif /* CONFIG_FILS */ 2067 #ifdef CONFIG_IEEE80211R 2068 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) && 2069 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) { 2070 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; 2071 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); 2072 if (!ssid->ft_eap_pmksa_caching && 2073 pmksa_cache_get_current(wpa_s->wpa)) { 2074 /* PMKSA caching with FT may have interoperability 2075 * issues, so disable that case by default for now. */ 2076 wpa_dbg(wpa_s, MSG_DEBUG, 2077 "WPA: Disable PMKSA caching for FT/802.1X connection"); 2078 pmksa_cache_clear_current(wpa_s->wpa); 2079 } 2080 #endif /* CONFIG_IEEE80211R */ 2081 #ifdef CONFIG_DPP 2082 } else if (sel & WPA_KEY_MGMT_DPP) { 2083 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP; 2084 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP"); 2085 #endif /* CONFIG_DPP */ 2086 #ifdef CONFIG_SAE 2087 } else if (sel & WPA_KEY_MGMT_FT_SAE_EXT_KEY) { 2088 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY; 2089 wpa_dbg(wpa_s, MSG_DEBUG, 2090 "RSN: using KEY_MGMT FT/SAE (ext key)"); 2091 } else if (sel & WPA_KEY_MGMT_SAE_EXT_KEY) { 2092 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY; 2093 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE (ext key)"); 2094 } else if (sel & WPA_KEY_MGMT_FT_SAE) { 2095 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE; 2096 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE"); 2097 } else if (sel & WPA_KEY_MGMT_SAE) { 2098 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; 2099 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE"); 2100 #endif /* CONFIG_SAE */ 2101 #ifdef CONFIG_IEEE80211R 2102 } else if (sel & WPA_KEY_MGMT_FT_PSK) { 2103 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; 2104 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); 2105 #endif /* CONFIG_IEEE80211R */ 2106 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { 2107 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; 2108 wpa_dbg(wpa_s, MSG_DEBUG, 2109 "WPA: using KEY_MGMT 802.1X with SHA256"); 2110 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { 2111 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; 2112 wpa_dbg(wpa_s, MSG_DEBUG, 2113 "WPA: using KEY_MGMT PSK with SHA256"); 2114 } else if (sel & WPA_KEY_MGMT_IEEE8021X) { 2115 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; 2116 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); 2117 } else if (sel & WPA_KEY_MGMT_PSK) { 2118 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; 2119 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); 2120 } else if (sel & WPA_KEY_MGMT_WPA_NONE) { 2121 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; 2122 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); 2123 #ifdef CONFIG_OWE 2124 } else if (sel & WPA_KEY_MGMT_OWE) { 2125 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE; 2126 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE"); 2127 #endif /* CONFIG_OWE */ 2128 } else { 2129 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " 2130 "authenticated key management type"); 2131 return -1; 2132 } 2133 2134 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); 2135 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, 2136 wpa_s->pairwise_cipher); 2137 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); 2138 2139 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) && 2140 (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED || 2141 (bss && is_6ghz_freq(bss->freq)))) { 2142 wpa_msg(wpa_s, MSG_INFO, 2143 "RSN: Management frame protection required but the selected AP does not enable it"); 2144 return -1; 2145 } 2146 2147 wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie); 2148 #ifdef CONFIG_OCV 2149 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) || 2150 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV)) 2151 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv); 2152 #endif /* CONFIG_OCV */ 2153 #ifdef CONFIG_SAE 2154 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid); 2155 if ((ssid->sae_password_id || 2156 wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) && 2157 sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK) 2158 sae_pwe = SAE_PWE_HASH_TO_ELEMENT; 2159 if (bss && is_6ghz_freq(bss->freq) && 2160 sae_pwe == SAE_PWE_HUNT_AND_PECK) { 2161 wpa_dbg(wpa_s, MSG_DEBUG, 2162 "RSN: Enable SAE hash-to-element mode for 6 GHz BSS"); 2163 sae_pwe = SAE_PWE_BOTH; 2164 } 2165 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe); 2166 #ifdef CONFIG_SAE_PK 2167 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK, 2168 wpa_key_mgmt_sae(ssid->key_mgmt) && 2169 ssid->sae_pk != SAE_PK_MODE_DISABLED && 2170 ((ssid->sae_password && 2171 sae_pk_valid_password(ssid->sae_password)) || 2172 (!ssid->sae_password && ssid->passphrase && 2173 sae_pk_valid_password(ssid->passphrase)))); 2174 #endif /* CONFIG_SAE_PK */ 2175 #endif /* CONFIG_SAE */ 2176 if (bss && is_6ghz_freq(bss->freq) && 2177 wpas_get_ssid_pmf(wpa_s, ssid) != MGMT_FRAME_PROTECTION_REQUIRED) { 2178 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Force MFPR=1 on 6 GHz"); 2179 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, 2180 MGMT_FRAME_PROTECTION_REQUIRED); 2181 } 2182 #ifdef CONFIG_TESTING_OPTIONS 2183 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED, 2184 wpa_s->ft_rsnxe_used); 2185 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL, 2186 wpa_s->oci_freq_override_eapol); 2187 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2, 2188 wpa_s->oci_freq_override_eapol_g2); 2189 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC, 2190 wpa_s->oci_freq_override_ft_assoc); 2191 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC, 2192 wpa_s->oci_freq_override_fils_assoc); 2193 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DISABLE_EAPOL_G2_TX, 2194 wpa_s->disable_eapol_g2_tx); 2195 wpa_sm_set_param(wpa_s->wpa, 2196 WPA_PARAM_EAPOL_2_KEY_INFO_SET_MASK, 2197 wpa_s->eapol_2_key_info_set_mask); 2198 #endif /* CONFIG_TESTING_OPTIONS */ 2199 2200 /* Extended Key ID is only supported in infrastructure BSS so far */ 2201 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id && 2202 (ssid->proto & WPA_PROTO_RSN) && 2203 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 | 2204 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) && 2205 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) { 2206 int use_ext_key_id = 0; 2207 2208 wpa_msg(wpa_s, MSG_DEBUG, 2209 "WPA: Enable Extended Key ID support"); 2210 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 2211 wpa_s->conf->extended_key_id); 2212 if (bss_rsn && 2213 wpa_s->conf->extended_key_id && 2214 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP && 2215 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST)) 2216 use_ext_key_id = 1; 2217 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 2218 use_ext_key_id); 2219 } else { 2220 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0); 2221 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0); 2222 } 2223 2224 /* Mark WMM enabled for any HT/VHT/HE/EHT association to get more 2225 * appropriate advertisement of the supported number of PTKSA receive 2226 * counters. In theory, this could be based on a driver capability, but 2227 * in practice all cases using WMM support at least eight replay 2228 * counters, so use a hardcoded value for now since there is no explicit 2229 * driver capability indication for this. 2230 * 2231 * In addition, claim WMM to be enabled if the AP supports it since it 2232 * is far more likely for any current device to support WMM. */ 2233 wmm = wpa_s->connection_set && 2234 (wpa_s->connection_ht || wpa_s->connection_vht || 2235 wpa_s->connection_he || wpa_s->connection_eht); 2236 if (!wmm && bss) 2237 wmm = !!wpa_bss_get_vendor_ie(bss, WMM_IE_VENDOR_TYPE); 2238 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_WMM_ENABLED, wmm); 2239 2240 if (ssid->ssid_protection && proto == WPA_PROTO_RSN) { 2241 bool ssid_prot; 2242 2243 /* Enable SSID protection based on the AP advertising support 2244 * for it to avoid potential interoperability issues with 2245 * incorrect AP behavior if we were to send an "unexpected" 2246 * RSNXE with multiple octets of payload. */ 2247 ssid_prot = ieee802_11_rsnx_capab( 2248 bss_rsnx, WLAN_RSNX_CAPAB_SSID_PROTECTION); 2249 if (!skip_default_rsne) 2250 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, 2251 proto == WPA_PROTO_RSN && ssid_prot); 2252 } else { 2253 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, false); 2254 } 2255 2256 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SPP_AMSDU, 2257 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SPP_AMSDU) && 2258 ieee802_11_rsnx_capab(bss_rsnx, 2259 WLAN_RSNX_CAPAB_SPP_A_MSDU) && 2260 wpa_s->pairwise_cipher & (WPA_CIPHER_CCMP_256 | 2261 WPA_CIPHER_GCMP_256 | 2262 WPA_CIPHER_CCMP | 2263 WPA_CIPHER_GCMP) && 2264 (wpa_s->wpa_proto & WPA_PROTO_RSN)); 2265 2266 if (!skip_default_rsne) { 2267 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, 2268 wpa_ie_len)) { 2269 wpa_msg(wpa_s, MSG_WARNING, 2270 "RSN: Failed to generate RSNE/WPA IE"); 2271 return -1; 2272 } 2273 2274 #ifndef CONFIG_NO_WPA 2275 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe); 2276 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe, 2277 &wpa_s->rsnxe_len)) { 2278 wpa_msg(wpa_s, MSG_WARNING, 2279 "RSN: Failed to generate RSNXE"); 2280 return -1; 2281 } 2282 #endif /* CONFIG_NO_WPA */ 2283 } 2284 2285 if (0) { 2286 #ifdef CONFIG_DPP 2287 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) { 2288 /* Use PMK from DPP network introduction (PMKSA entry) */ 2289 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 2290 #ifdef CONFIG_DPP2 2291 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs); 2292 #endif /* CONFIG_DPP2 */ 2293 #endif /* CONFIG_DPP */ 2294 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { 2295 int psk_set = 0; 2296 2297 if (wpa_key_mgmt_wpa_psk_no_sae(ssid->key_mgmt)) { 2298 u8 psk[PMK_LEN]; 2299 2300 if (wpa_supplicant_get_psk(wpa_s, bss, ssid, 2301 psk) == 0) { 2302 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL, 2303 NULL); 2304 psk_set = 1; 2305 } 2306 forced_memzero(psk, sizeof(psk)); 2307 } 2308 2309 if (wpa_key_mgmt_sae(ssid->key_mgmt) && 2310 (ssid->sae_password || ssid->passphrase || ssid->ext_psk)) 2311 psk_set = 1; 2312 2313 if (!psk_set && !ssid->pmk_valid) { 2314 wpa_msg(wpa_s, MSG_INFO, 2315 "No PSK/PMK available for association"); 2316 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE", NULL); 2317 return -1; 2318 } 2319 #ifdef CONFIG_OWE 2320 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) { 2321 /* OWE Diffie-Hellman exchange in (Re)Association 2322 * Request/Response frames set the PMK, so do not override it 2323 * here. */ 2324 #endif /* CONFIG_OWE */ 2325 } else 2326 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); 2327 2328 if (ssid->mode != WPAS_MODE_IBSS && 2329 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) && 2330 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER || 2331 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK && 2332 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) { 2333 wpa_msg(wpa_s, MSG_INFO, 2334 "Disable PTK0 rekey support - replaced with reconnect"); 2335 wpa_s->deny_ptk0_rekey = 1; 2336 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1); 2337 } else { 2338 wpa_s->deny_ptk0_rekey = 0; 2339 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0); 2340 } 2341 2342 if (wpa_key_mgmt_cross_akm(wpa_s->key_mgmt) && 2343 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 2344 wpas_update_allowed_key_mgmt(wpa_s, ssid); 2345 2346 return 0; 2347 } 2348 2349 wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx,struct wpa_bss * bss)2350 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx, 2351 struct wpa_bss *bss) 2352 { 2353 #ifndef CONFIG_NO_ROBUST_AV 2354 bool scs = true, mscs = true; 2355 #endif /* CONFIG_NO_ROBUST_AV */ 2356 2357 *pos = 0x00; 2358 2359 switch (idx) { 2360 case 0: /* Bits 0-7 */ 2361 break; 2362 case 1: /* Bits 8-15 */ 2363 if (wpa_s->conf->coloc_intf_reporting) { 2364 /* Bit 13 - Collocated Interference Reporting */ 2365 *pos |= 0x20; 2366 } 2367 break; 2368 case 2: /* Bits 16-23 */ 2369 #ifdef CONFIG_WNM 2370 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */ 2371 if ((wpas_driver_bss_selection(wpa_s) || 2372 !wpa_s->disable_mbo_oce) && 2373 !wpa_s->conf->disable_btm) 2374 *pos |= 0x08; /* Bit 19 - BSS Transition */ 2375 #endif /* CONFIG_WNM */ 2376 break; 2377 case 3: /* Bits 24-31 */ 2378 #ifdef CONFIG_WNM 2379 *pos |= 0x02; /* Bit 25 - SSID List */ 2380 #endif /* CONFIG_WNM */ 2381 #ifdef CONFIG_INTERWORKING 2382 if (wpa_s->conf->interworking) 2383 *pos |= 0x80; /* Bit 31 - Interworking */ 2384 #endif /* CONFIG_INTERWORKING */ 2385 break; 2386 case 4: /* Bits 32-39 */ 2387 #ifdef CONFIG_INTERWORKING 2388 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING) 2389 *pos |= 0x01; /* Bit 32 - QoS Map */ 2390 #endif /* CONFIG_INTERWORKING */ 2391 break; 2392 case 5: /* Bits 40-47 */ 2393 #ifdef CONFIG_HS20 2394 if (wpa_s->conf->hs20) 2395 *pos |= 0x40; /* Bit 46 - WNM-Notification */ 2396 #endif /* CONFIG_HS20 */ 2397 #ifdef CONFIG_MBO 2398 *pos |= 0x40; /* Bit 46 - WNM-Notification */ 2399 #endif /* CONFIG_MBO */ 2400 break; 2401 case 6: /* Bits 48-55 */ 2402 #ifndef CONFIG_NO_ROBUST_AV 2403 #ifdef CONFIG_TESTING_OPTIONS 2404 if (wpa_s->disable_scs_support) 2405 scs = false; 2406 #endif /* CONFIG_TESTING_OPTIONS */ 2407 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_SCS)) { 2408 /* Drop own SCS capability indication since the AP does 2409 * not support it. This is needed to avoid 2410 * interoperability issues with APs that get confused 2411 * with Extended Capabilities element. */ 2412 scs = false; 2413 } 2414 if (scs) 2415 *pos |= 0x40; /* Bit 54 - SCS */ 2416 #endif /* CONFIG_NO_ROBUST_AV */ 2417 break; 2418 case 7: /* Bits 56-63 */ 2419 break; 2420 case 8: /* Bits 64-71 */ 2421 if (wpa_s->conf->ftm_responder) 2422 *pos |= 0x40; /* Bit 70 - FTM responder */ 2423 if (wpa_s->conf->ftm_initiator) 2424 *pos |= 0x80; /* Bit 71 - FTM initiator */ 2425 break; 2426 case 9: /* Bits 72-79 */ 2427 #ifdef CONFIG_FILS 2428 if (!wpa_s->disable_fils) 2429 *pos |= 0x01; 2430 #endif /* CONFIG_FILS */ 2431 if (wpa_s->conf->twt_requester) 2432 *pos |= 0x20; /* Bit 77 - TWT Requester Support */ 2433 break; 2434 case 10: /* Bits 80-87 */ 2435 #ifndef CONFIG_NO_ROBUST_AV 2436 #ifdef CONFIG_TESTING_OPTIONS 2437 if (wpa_s->disable_mscs_support) 2438 mscs = false; 2439 #endif /* CONFIG_TESTING_OPTIONS */ 2440 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS)) { 2441 /* Drop own MSCS capability indication since the AP does 2442 * not support it. This is needed to avoid 2443 * interoperability issues with APs that get confused 2444 * with Extended Capabilities element. */ 2445 mscs = false; 2446 } 2447 if (mscs) 2448 *pos |= 0x20; /* Bit 85 - Mirrored SCS */ 2449 #endif /* CONFIG_NO_ROBUST_AV */ 2450 break; 2451 } 2452 } 2453 2454 wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen,struct wpa_bss * bss)2455 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf, 2456 size_t buflen, struct wpa_bss *bss) 2457 { 2458 u8 *pos = buf; 2459 u8 len = 11, i; 2460 2461 if (len < wpa_s->extended_capa_len) 2462 len = wpa_s->extended_capa_len; 2463 if (buflen < (size_t) len + 2) { 2464 wpa_printf(MSG_INFO, 2465 "Not enough room for building extended capabilities element"); 2466 return -1; 2467 } 2468 2469 *pos++ = WLAN_EID_EXT_CAPAB; 2470 *pos++ = len; 2471 for (i = 0; i < len; i++, pos++) { 2472 wpas_ext_capab_byte(wpa_s, pos, i, bss); 2473 2474 if (i < wpa_s->extended_capa_len) { 2475 *pos &= ~wpa_s->extended_capa_mask[i]; 2476 *pos |= wpa_s->extended_capa[i]; 2477 } 2478 } 2479 2480 while (len > 0 && buf[1 + len] == 0) { 2481 len--; 2482 buf[1] = len; 2483 } 2484 if (len == 0) 2485 return 0; 2486 2487 return 2 + len; 2488 } 2489 2490 wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)2491 static int wpas_valid_bss(struct wpa_supplicant *wpa_s, 2492 struct wpa_bss *test_bss) 2493 { 2494 struct wpa_bss *bss; 2495 2496 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 2497 if (bss == test_bss) 2498 return 1; 2499 } 2500 2501 return 0; 2502 } 2503 2504 wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)2505 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s, 2506 struct wpa_ssid *test_ssid) 2507 { 2508 struct wpa_ssid *ssid; 2509 2510 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) { 2511 if (ssid == test_ssid) 2512 return 1; 2513 } 2514 2515 return 0; 2516 } 2517 2518 wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2519 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss, 2520 struct wpa_ssid *test_ssid) 2521 { 2522 if (test_bss && !wpas_valid_bss(wpa_s, test_bss)) 2523 return 0; 2524 2525 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid); 2526 } 2527 2528 wpas_connect_work_free(struct wpa_connect_work * cwork)2529 void wpas_connect_work_free(struct wpa_connect_work *cwork) 2530 { 2531 if (cwork == NULL) 2532 return; 2533 os_free(cwork); 2534 } 2535 2536 wpas_connect_work_done(struct wpa_supplicant * wpa_s)2537 void wpas_connect_work_done(struct wpa_supplicant *wpa_s) 2538 { 2539 struct wpa_connect_work *cwork; 2540 struct wpa_radio_work *work = wpa_s->connect_work; 2541 2542 if (!work) 2543 return; 2544 2545 wpa_s->connect_work = NULL; 2546 cwork = work->ctx; 2547 work->ctx = NULL; 2548 wpas_connect_work_free(cwork); 2549 radio_work_done(work); 2550 } 2551 2552 wpas_update_random_addr(struct wpa_supplicant * wpa_s,enum wpas_mac_addr_style style,struct wpa_ssid * ssid)2553 int wpas_update_random_addr(struct wpa_supplicant *wpa_s, 2554 enum wpas_mac_addr_style style, 2555 struct wpa_ssid *ssid) 2556 { 2557 struct os_reltime now; 2558 u8 addr[ETH_ALEN]; 2559 2560 os_get_reltime(&now); 2561 /* Random addresses are valid within a given ESS so check 2562 * expiration/value only when continuing to use the same ESS. */ 2563 if (wpa_s->last_mac_addr_style == style && wpa_s->reassoc_same_ess) { 2564 if (style == WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS) { 2565 /* Pregenerated addresses do not expire but their value 2566 * might have changed, so let's check that. */ 2567 if (ssid && 2568 ether_addr_equal(wpa_s->own_addr, ssid->mac_value)) 2569 return 0; 2570 } else if ((wpa_s->last_mac_addr_change.sec != 0 || 2571 wpa_s->last_mac_addr_change.usec != 0) && 2572 !os_reltime_expired( 2573 &now, 2574 &wpa_s->last_mac_addr_change, 2575 wpa_s->conf->rand_addr_lifetime)) { 2576 wpa_msg(wpa_s, MSG_DEBUG, 2577 "Previously selected random MAC address has not yet expired"); 2578 return 0; 2579 } 2580 } 2581 2582 switch (style) { 2583 case WPAS_MAC_ADDR_STYLE_RANDOM: 2584 if (random_mac_addr(addr) < 0) 2585 return -1; 2586 break; 2587 case WPAS_MAC_ADDR_STYLE_RANDOM_SAME_OUI: 2588 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN); 2589 if (random_mac_addr_keep_oui(addr) < 0) 2590 return -1; 2591 break; 2592 case WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS: 2593 if (!ssid) { 2594 wpa_msg(wpa_s, MSG_INFO, 2595 "Invalid 'ssid' for address policy 3"); 2596 return -1; 2597 } 2598 os_memcpy(addr, ssid->mac_value, ETH_ALEN); 2599 break; 2600 default: 2601 return -1; 2602 } 2603 2604 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) { 2605 wpa_msg(wpa_s, MSG_INFO, 2606 "Failed to set random MAC address"); 2607 return -1; 2608 } 2609 2610 os_get_reltime(&wpa_s->last_mac_addr_change); 2611 wpa_s->mac_addr_changed = 1; 2612 wpa_s->last_mac_addr_style = style; 2613 2614 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { 2615 wpa_msg(wpa_s, MSG_INFO, 2616 "Could not update MAC address information"); 2617 return -1; 2618 } 2619 2620 wpas_p2p_update_dev_addr(wpa_s); 2621 2622 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR, 2623 MAC2STR(addr)); 2624 2625 return 1; 2626 } 2627 2628 wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2629 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s) 2630 { 2631 if (wpa_s->wpa_state >= WPA_AUTHENTICATING || 2632 !wpa_s->conf->preassoc_mac_addr) 2633 return 0; 2634 2635 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr, 2636 NULL); 2637 } 2638 2639 wpa_s_setup_sae_pt(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,bool force)2640 void wpa_s_setup_sae_pt(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 2641 bool force) 2642 { 2643 #ifdef CONFIG_SAE 2644 struct wpa_config *conf = wpa_s->conf; 2645 int *groups = conf->sae_groups; 2646 int default_groups[] = { 19, 20, 21, 0 }; 2647 const char *password; 2648 enum sae_pwe sae_pwe; 2649 2650 if (!groups || groups[0] <= 0) 2651 groups = default_groups; 2652 2653 password = ssid->sae_password; 2654 if (!password) 2655 password = ssid->passphrase; 2656 2657 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid); 2658 2659 if (!password || 2660 !wpa_key_mgmt_sae(ssid->key_mgmt) || 2661 (sae_pwe == SAE_PWE_HUNT_AND_PECK && !ssid->sae_password_id && 2662 !wpa_key_mgmt_sae_ext_key(ssid->key_mgmt) && 2663 !force && 2664 !sae_pk_valid_password(password)) || 2665 sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK) { 2666 /* PT derivation not needed */ 2667 sae_deinit_pt(ssid->pt); 2668 ssid->pt = NULL; 2669 return; 2670 } 2671 2672 if (ssid->pt) 2673 return; /* PT already derived */ 2674 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len, 2675 (const u8 *) password, os_strlen(password), 2676 ssid->sae_password_id); 2677 #endif /* CONFIG_SAE */ 2678 } 2679 2680 wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2681 void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s) 2682 { 2683 #if defined(CONFIG_SAE) && defined(CONFIG_SME) 2684 os_free(wpa_s->sme.sae_rejected_groups); 2685 wpa_s->sme.sae_rejected_groups = NULL; 2686 #ifdef CONFIG_TESTING_OPTIONS 2687 if (wpa_s->extra_sae_rejected_groups) { 2688 int i, *groups = wpa_s->extra_sae_rejected_groups; 2689 2690 for (i = 0; groups[i]; i++) { 2691 wpa_printf(MSG_DEBUG, 2692 "TESTING: Indicate rejection of an extra SAE group %d", 2693 groups[i]); 2694 int_array_add_unique(&wpa_s->sme.sae_rejected_groups, 2695 groups[i]); 2696 } 2697 } 2698 #endif /* CONFIG_TESTING_OPTIONS */ 2699 #endif /* CONFIG_SAE && CONFIG_SME */ 2700 } 2701 2702 wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2703 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s) 2704 { 2705 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) { 2706 wpa_msg(wpa_s, MSG_INFO, 2707 "Could not restore permanent MAC address"); 2708 return -1; 2709 } 2710 wpa_s->mac_addr_changed = 0; 2711 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) { 2712 wpa_msg(wpa_s, MSG_INFO, 2713 "Could not update MAC address information"); 2714 return -1; 2715 } 2716 2717 wpas_p2p_update_dev_addr(wpa_s); 2718 2719 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address"); 2720 return 0; 2721 } 2722 2723 2724 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit); 2725 2726 /** 2727 * wpa_supplicant_associate - Request association 2728 * @wpa_s: Pointer to wpa_supplicant data 2729 * @bss: Scan results for the selected BSS, or %NULL if not available 2730 * @ssid: Configuration data for the selected network 2731 * 2732 * This function is used to request %wpa_supplicant to associate with a BSS. 2733 */ wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2734 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, 2735 struct wpa_bss *bss, struct wpa_ssid *ssid) 2736 { 2737 bool clear_rejected = true; 2738 struct wpa_connect_work *cwork; 2739 enum wpas_mac_addr_style rand_style; 2740 2741 wpa_s->own_disconnect_req = 0; 2742 wpa_s->own_reconnect_req = 0; 2743 2744 /* 2745 * If we are starting a new connection, any previously pending EAPOL 2746 * RX cannot be valid anymore. 2747 */ 2748 wpabuf_free(wpa_s->pending_eapol_rx); 2749 wpa_s->pending_eapol_rx = NULL; 2750 2751 if (ssid->mac_addr == WPAS_MAC_ADDR_STYLE_NOT_SET) 2752 rand_style = wpa_s->conf->mac_addr; 2753 else 2754 rand_style = ssid->mac_addr; 2755 2756 wpa_s->eapol_failed = 0; 2757 wpa_s->multi_ap_ie = 0; 2758 #ifndef CONFIG_NO_WMM_AC 2759 wmm_ac_clear_saved_tspecs(wpa_s); 2760 #endif /* CONFIG_NO_WMM_AC */ 2761 #ifdef CONFIG_WNM 2762 wpa_s->wnm_mode = 0; 2763 wpa_s->wnm_target_bss = NULL; 2764 #endif /* CONFIG_WNM */ 2765 wpa_s->reassoc_same_bss = 0; 2766 wpa_s->reassoc_same_ess = 0; 2767 #ifdef CONFIG_TESTING_OPTIONS 2768 wpa_s->testing_resend_assoc = 0; 2769 #endif /* CONFIG_TESTING_OPTIONS */ 2770 2771 if (wpa_s->last_ssid == ssid) { 2772 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS"); 2773 wpa_s->reassoc_same_ess = 1; 2774 if (wpa_s->current_bss && wpa_s->current_bss == bss) { 2775 #ifndef CONFIG_NO_WMM_AC 2776 wmm_ac_save_tspecs(wpa_s); 2777 #endif /* CONFIG_NO_WMM_AC */ 2778 wpa_s->reassoc_same_bss = 1; 2779 clear_rejected = false; 2780 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) { 2781 os_get_reltime(&wpa_s->roam_start); 2782 } 2783 } 2784 2785 if (clear_rejected) 2786 wpa_s_clear_sae_rejected(wpa_s); 2787 2788 #ifdef CONFIG_SAE 2789 wpa_s_setup_sae_pt(wpa_s, ssid, false); 2790 #endif /* CONFIG_SAE */ 2791 2792 if (rand_style > WPAS_MAC_ADDR_STYLE_PERMANENT) { 2793 int status = wpas_update_random_addr(wpa_s, rand_style, ssid); 2794 2795 if (status < 0) 2796 return; 2797 if (rand_style != WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS && 2798 status > 0) /* MAC changed */ 2799 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); 2800 } else if (rand_style == WPAS_MAC_ADDR_STYLE_PERMANENT && 2801 wpa_s->mac_addr_changed) { 2802 if (wpas_restore_permanent_mac_addr(wpa_s) < 0) 2803 return; 2804 } 2805 wpa_s->last_ssid = ssid; 2806 2807 #ifdef CONFIG_IBSS_RSN 2808 ibss_rsn_deinit(wpa_s->ibss_rsn); 2809 wpa_s->ibss_rsn = NULL; 2810 #else /* CONFIG_IBSS_RSN */ 2811 if (ssid->mode == WPAS_MODE_IBSS && 2812 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) { 2813 wpa_msg(wpa_s, MSG_INFO, 2814 "IBSS RSN not supported in the build"); 2815 return; 2816 } 2817 #endif /* CONFIG_IBSS_RSN */ 2818 2819 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || 2820 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { 2821 #ifdef CONFIG_AP 2822 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { 2823 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " 2824 "mode"); 2825 return; 2826 } 2827 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) { 2828 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 2829 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) 2830 wpas_p2p_ap_setup_failed(wpa_s); 2831 return; 2832 } 2833 wpa_s->current_bss = bss; 2834 #else /* CONFIG_AP */ 2835 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " 2836 "the build"); 2837 #endif /* CONFIG_AP */ 2838 return; 2839 } 2840 2841 if (ssid->mode == WPAS_MODE_MESH) { 2842 #ifdef CONFIG_MESH 2843 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) { 2844 wpa_msg(wpa_s, MSG_INFO, 2845 "Driver does not support mesh mode"); 2846 return; 2847 } 2848 if (bss) 2849 ssid->frequency = bss->freq; 2850 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) { 2851 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 2852 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh"); 2853 return; 2854 } 2855 wpa_s->current_bss = bss; 2856 #else /* CONFIG_MESH */ 2857 wpa_msg(wpa_s, MSG_ERROR, 2858 "mesh mode support not included in the build"); 2859 #endif /* CONFIG_MESH */ 2860 return; 2861 } 2862 2863 /* 2864 * Set WPA state machine configuration to match the selected network now 2865 * so that the information is available before wpas_start_assoc_cb() 2866 * gets called. This is needed at least for RSN pre-authentication where 2867 * candidate APs are added to a list based on scan result processing 2868 * before completion of the first association. 2869 */ 2870 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid); 2871 2872 #ifdef CONFIG_DPP 2873 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0) 2874 return; 2875 #endif /* CONFIG_DPP */ 2876 2877 #ifdef CONFIG_TDLS 2878 if (bss) 2879 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len); 2880 #endif /* CONFIG_TDLS */ 2881 2882 #ifdef CONFIG_MBO 2883 wpas_mbo_check_pmf(wpa_s, bss, ssid); 2884 #endif /* CONFIG_MBO */ 2885 2886 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 2887 ssid->mode == WPAS_MODE_INFRA) { 2888 sme_authenticate(wpa_s, bss, ssid); 2889 return; 2890 } 2891 2892 if (wpa_s->connect_work) { 2893 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist"); 2894 return; 2895 } 2896 2897 if (radio_work_pending(wpa_s, "connect")) { 2898 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist"); 2899 return; 2900 } 2901 2902 #ifdef CONFIG_SME 2903 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) { 2904 /* Clear possibly set auth_alg, if any, from last attempt. */ 2905 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN; 2906 } 2907 #endif /* CONFIG_SME */ 2908 2909 wpas_abort_ongoing_scan(wpa_s); 2910 2911 cwork = os_zalloc(sizeof(*cwork)); 2912 if (cwork == NULL) 2913 return; 2914 2915 cwork->bss = bss; 2916 cwork->ssid = ssid; 2917 2918 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1, 2919 wpas_start_assoc_cb, cwork) < 0) { 2920 os_free(cwork); 2921 } 2922 } 2923 2924 bss_is_ibss(struct wpa_bss * bss)2925 static int bss_is_ibss(struct wpa_bss *bss) 2926 { 2927 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) == 2928 IEEE80211_CAP_IBSS; 2929 } 2930 2931 drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2932 static int drv_supports_vht(struct wpa_supplicant *wpa_s, 2933 const struct wpa_ssid *ssid) 2934 { 2935 enum hostapd_hw_mode hw_mode; 2936 struct hostapd_hw_modes *mode = NULL; 2937 u8 channel; 2938 int i; 2939 2940 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel); 2941 if (hw_mode == NUM_HOSTAPD_MODES) 2942 return 0; 2943 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) { 2944 if (wpa_s->hw.modes[i].mode == hw_mode) { 2945 mode = &wpa_s->hw.modes[i]; 2946 break; 2947 } 2948 } 2949 2950 if (!mode) 2951 return 0; 2952 2953 return mode->vht_capab != 0; 2954 } 2955 2956 ibss_mesh_is_80mhz_avail(int channel,struct hostapd_hw_modes * mode)2957 static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode) 2958 { 2959 int i; 2960 2961 for (i = channel; i < channel + 16; i += 4) { 2962 struct hostapd_channel_data *chan; 2963 2964 chan = hw_get_channel_chan(mode, i, NULL); 2965 if (!chan || 2966 chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 2967 return false; 2968 } 2969 2970 return true; 2971 } 2972 2973 ibss_find_existing_bss(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2974 static struct wpa_bss * ibss_find_existing_bss(struct wpa_supplicant *wpa_s, 2975 const struct wpa_ssid *ssid) 2976 { 2977 unsigned int j; 2978 2979 for (j = 0; j < wpa_s->last_scan_res_used; j++) { 2980 struct wpa_bss *bss = wpa_s->last_scan_res[j]; 2981 2982 if (!bss_is_ibss(bss)) 2983 continue; 2984 2985 if (ssid->ssid_len == bss->ssid_len && 2986 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0) 2987 return bss; 2988 } 2989 return NULL; 2990 } 2991 2992 ibss_mesh_can_use_ht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode)2993 static bool ibss_mesh_can_use_ht(struct wpa_supplicant *wpa_s, 2994 const struct wpa_ssid *ssid, 2995 struct hostapd_hw_modes *mode) 2996 { 2997 /* For IBSS check HT_IBSS flag */ 2998 if (ssid->mode == WPAS_MODE_IBSS && 2999 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS)) 3000 return false; 3001 3002 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 || 3003 wpa_s->group_cipher == WPA_CIPHER_WEP104 || 3004 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) { 3005 wpa_printf(MSG_DEBUG, 3006 "IBSS: WEP/TKIP detected, do not try to enable HT"); 3007 return false; 3008 } 3009 3010 if (!ht_supported(mode)) 3011 return false; 3012 3013 #ifdef CONFIG_HT_OVERRIDES 3014 if (ssid->disable_ht) 3015 return false; 3016 #endif /* CONFIG_HT_OVERRIDES */ 3017 3018 return true; 3019 } 3020 3021 ibss_mesh_can_use_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode)3022 static bool ibss_mesh_can_use_vht(struct wpa_supplicant *wpa_s, 3023 const struct wpa_ssid *ssid, 3024 struct hostapd_hw_modes *mode) 3025 { 3026 if (mode->mode != HOSTAPD_MODE_IEEE80211A) 3027 return false; 3028 3029 if (!drv_supports_vht(wpa_s, ssid)) 3030 return false; 3031 3032 /* For IBSS check VHT_IBSS flag */ 3033 if (ssid->mode == WPAS_MODE_IBSS && 3034 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS)) 3035 return false; 3036 3037 if (!vht_supported(mode)) 3038 return false; 3039 3040 #ifdef CONFIG_VHT_OVERRIDES 3041 if (ssid->disable_vht) 3042 return false; 3043 #endif /* CONFIG_VHT_OVERRIDES */ 3044 3045 return true; 3046 } 3047 3048 ibss_mesh_can_use_he(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,const struct hostapd_hw_modes * mode,int ieee80211_mode)3049 static bool ibss_mesh_can_use_he(struct wpa_supplicant *wpa_s, 3050 const struct wpa_ssid *ssid, 3051 const struct hostapd_hw_modes *mode, 3052 int ieee80211_mode) 3053 { 3054 #ifdef CONFIG_HE_OVERRIDES 3055 if (ssid->disable_he) 3056 return false; 3057 #endif /* CONFIG_HE_OVERRIDES */ 3058 3059 switch (mode->mode) { 3060 case HOSTAPD_MODE_IEEE80211G: 3061 case HOSTAPD_MODE_IEEE80211B: 3062 case HOSTAPD_MODE_IEEE80211A: 3063 return mode->he_capab[ieee80211_mode].he_supported; 3064 default: 3065 return false; 3066 } 3067 } 3068 3069 ibss_mesh_can_use_eht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,const struct hostapd_hw_modes * mode,int ieee80211_mode)3070 static bool ibss_mesh_can_use_eht(struct wpa_supplicant *wpa_s, 3071 const struct wpa_ssid *ssid, 3072 const struct hostapd_hw_modes *mode, 3073 int ieee80211_mode) 3074 { 3075 if (ssid->disable_eht) 3076 return false; 3077 3078 switch(mode->mode) { 3079 case HOSTAPD_MODE_IEEE80211G: 3080 case HOSTAPD_MODE_IEEE80211B: 3081 case HOSTAPD_MODE_IEEE80211A: 3082 return mode->eht_capab[ieee80211_mode].eht_supported; 3083 default: 3084 return false; 3085 } 3086 } 3087 3088 ibss_mesh_select_40mhz(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode,struct hostapd_freq_params * freq,int obss_scan)3089 static void ibss_mesh_select_40mhz(struct wpa_supplicant *wpa_s, 3090 const struct wpa_ssid *ssid, 3091 struct hostapd_hw_modes *mode, 3092 struct hostapd_freq_params *freq, 3093 int obss_scan) { 3094 int chan_idx; 3095 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL; 3096 int i, res; 3097 unsigned int j; 3098 static const int ht40plus[] = { 3099 36, 44, 52, 60, 100, 108, 116, 124, 132, 140, 3100 149, 157, 165, 173, 184, 192 3101 }; 3102 int ht40 = -1; 3103 3104 if (!freq->ht_enabled) 3105 return; 3106 3107 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) { 3108 pri_chan = &mode->channels[chan_idx]; 3109 if (pri_chan->chan == freq->channel) 3110 break; 3111 pri_chan = NULL; 3112 } 3113 if (!pri_chan) 3114 return; 3115 3116 /* Check primary channel flags */ 3117 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 3118 return; 3119 3120 #ifdef CONFIG_HT_OVERRIDES 3121 if (ssid->disable_ht40) 3122 return; 3123 #endif 3124 3125 /* Check/setup HT40+/HT40- */ 3126 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) { 3127 if (ht40plus[j] == freq->channel) { 3128 ht40 = 1; 3129 break; 3130 } 3131 } 3132 3133 /* Find secondary channel */ 3134 for (i = 0; i < mode->num_channels; i++) { 3135 sec_chan = &mode->channels[i]; 3136 if (sec_chan->chan == freq->channel + ht40 * 4) 3137 break; 3138 sec_chan = NULL; 3139 } 3140 if (!sec_chan) 3141 return; 3142 3143 /* Check secondary channel flags */ 3144 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR)) 3145 return; 3146 3147 if (ht40 == -1) { 3148 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS)) 3149 return; 3150 } else { 3151 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS)) 3152 return; 3153 } 3154 freq->sec_channel_offset = ht40; 3155 3156 if (obss_scan) { 3157 struct wpa_scan_results *scan_res; 3158 3159 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0, 3160 NULL); 3161 if (scan_res == NULL) { 3162 /* Back to HT20 */ 3163 freq->sec_channel_offset = 0; 3164 return; 3165 } 3166 3167 res = check_40mhz_5g(scan_res, pri_chan, sec_chan); 3168 switch (res) { 3169 case 0: 3170 /* Back to HT20 */ 3171 freq->sec_channel_offset = 0; 3172 break; 3173 case 1: 3174 /* Configuration allowed */ 3175 break; 3176 case 2: 3177 /* Switch pri/sec channels */ 3178 freq->freq = hw_get_freq(mode, sec_chan->chan); 3179 freq->sec_channel_offset = -freq->sec_channel_offset; 3180 freq->channel = sec_chan->chan; 3181 break; 3182 default: 3183 freq->sec_channel_offset = 0; 3184 break; 3185 } 3186 3187 wpa_scan_results_free(scan_res); 3188 } 3189 3190 wpa_printf(MSG_DEBUG, 3191 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d", 3192 freq->channel, freq->sec_channel_offset); 3193 } 3194 3195 ibss_get_center_320mhz(int channel)3196 static int ibss_get_center_320mhz(int channel) 3197 { 3198 int seg0; 3199 3200 if (channel >= 1 && channel <= 45) 3201 seg0 = 31; 3202 else if (channel >= 49 && channel <= 77) 3203 seg0 = 63; 3204 else if (channel >= 81 && channel <= 109) 3205 seg0 = 95; 3206 else if (channel >= 113 && channel <= 141) 3207 seg0 = 127; 3208 else if (channel >= 145 && channel <= 173) 3209 seg0 = 159; 3210 else 3211 seg0 = 191; 3212 3213 return seg0; 3214 } 3215 3216 ibss_mesh_select_80_160mhz(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode,struct hostapd_freq_params * freq,int ieee80211_mode,bool is_6ghz)3217 static bool ibss_mesh_select_80_160mhz(struct wpa_supplicant *wpa_s, 3218 const struct wpa_ssid *ssid, 3219 struct hostapd_hw_modes *mode, 3220 struct hostapd_freq_params *freq, 3221 int ieee80211_mode, bool is_6ghz) { 3222 static const int bw80[] = { 3223 5180, 5260, 5500, 5580, 5660, 5745, 5825, 3224 5955, 6035, 6115, 6195, 6275, 6355, 6435, 3225 6515, 6595, 6675, 6755, 6835, 6915, 6995 3226 }; 3227 static const int bw160[] = { 3228 5955, 6115, 6275, 6435, 6595, 6755, 6915 3229 }; 3230 static const int bw320[]= { 3231 5955, 6255, 6115, 6415, 6275, 6575, 6435, 3232 6735, 6595, 6895, 6755, 7055 3233 }; 3234 3235 struct hostapd_freq_params vht_freq; 3236 int i; 3237 unsigned int j, k; 3238 int chwidth, seg0, seg1; 3239 u32 vht_caps = 0; 3240 u8 channel = freq->channel; 3241 3242 if (!freq->vht_enabled && !freq->he_enabled) 3243 return true; 3244 3245 vht_freq = *freq; 3246 3247 chwidth = CONF_OPER_CHWIDTH_USE_HT; 3248 seg0 = freq->channel + 2 * freq->sec_channel_offset; 3249 seg1 = 0; 3250 if (freq->sec_channel_offset == 0) { 3251 seg0 = 0; 3252 /* Don't try 80 MHz if 40 MHz failed, except in 6 GHz */ 3253 if (freq->ht_enabled && !is_6ghz) 3254 goto skip_80mhz; 3255 } 3256 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_USE_HT) 3257 goto skip_80mhz; 3258 3259 /* setup center_freq1, bandwidth */ 3260 for (j = 0; j < ARRAY_SIZE(bw80); j++) { 3261 if (freq->freq >= bw80[j] && 3262 freq->freq < bw80[j] + 80) 3263 break; 3264 } 3265 3266 if (j == ARRAY_SIZE(bw80) || 3267 ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES) 3268 goto skip_80mhz; 3269 3270 /* Use 40 MHz if channel not usable */ 3271 if (!ibss_mesh_is_80mhz_avail(channel, mode)) 3272 goto skip_80mhz; 3273 3274 chwidth = CONF_OPER_CHWIDTH_80MHZ; 3275 seg0 = channel + 6; 3276 seg1 = 0; 3277 3278 /* In 160 MHz, the initial four 20 MHz channels were validated 3279 * above. If 160 MHz is supported, check the remaining four 20 MHz 3280 * channels for the total of 160 MHz bandwidth for 6 GHz. 3281 */ 3282 if ((mode->he_capab[ieee80211_mode].phy_cap[ 3283 HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] & 3284 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz && 3285 ibss_mesh_is_80mhz_avail(channel + 16, mode)) { 3286 for (j = 0; j < ARRAY_SIZE(bw160); j++) { 3287 if (freq->freq == bw160[j]) { 3288 chwidth = CONF_OPER_CHWIDTH_160MHZ; 3289 seg0 = channel + 14; 3290 break; 3291 } 3292 } 3293 } 3294 3295 /* In 320 MHz, the initial four 20 MHz channels were validated 3296 * above. If 320 MHz is supported, check the remaining 12 20 MHz 3297 * channels for the total of 320 MHz bandwidth for 6 GHz. 3298 */ 3299 if ((mode->eht_capab[ieee80211_mode].phy_cap[ 3300 EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_IDX] & 3301 EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK) && is_6ghz && 3302 ibss_mesh_is_80mhz_avail(channel + 16, mode) && 3303 ibss_mesh_is_80mhz_avail(channel + 32, mode) && 3304 ibss_mesh_is_80mhz_avail(channel + 48, mode)) { 3305 for (j = 0; j < ARRAY_SIZE(bw320); j += 2) { 3306 if (freq->freq >= bw320[j] && 3307 freq->freq <= bw320[j + 1]) { 3308 chwidth = CONF_OPER_CHWIDTH_320MHZ; 3309 seg0 = ibss_get_center_320mhz(freq->channel); 3310 break; 3311 } 3312 } 3313 } 3314 3315 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_80P80MHZ) { 3316 /* setup center_freq2, bandwidth */ 3317 for (k = 0; k < ARRAY_SIZE(bw80); k++) { 3318 /* Only accept 80 MHz segments separated by a gap */ 3319 if (j == k || abs(bw80[j] - bw80[k]) == 80) 3320 continue; 3321 3322 if (ieee80211_freq_to_chan(bw80[k], &channel) == 3323 NUM_HOSTAPD_MODES) 3324 break; 3325 3326 for (i = channel; i < channel + 16; i += 4) { 3327 struct hostapd_channel_data *chan; 3328 3329 chan = hw_get_channel_chan(mode, i, NULL); 3330 if (!chan) 3331 continue; 3332 3333 if (chan->flag & (HOSTAPD_CHAN_DISABLED | 3334 HOSTAPD_CHAN_NO_IR | 3335 HOSTAPD_CHAN_RADAR)) 3336 continue; 3337 3338 /* Found a suitable second segment for 80+80 */ 3339 chwidth = CONF_OPER_CHWIDTH_80P80MHZ; 3340 if (!is_6ghz) 3341 vht_caps |= 3342 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ; 3343 seg1 = channel + 6; 3344 } 3345 3346 if (chwidth == CONF_OPER_CHWIDTH_80P80MHZ) 3347 break; 3348 } 3349 } else if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) { 3350 if (freq->freq == 5180) { 3351 chwidth = CONF_OPER_CHWIDTH_160MHZ; 3352 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 3353 seg0 = 50; 3354 } else if (freq->freq == 5520) { 3355 chwidth = CONF_OPER_CHWIDTH_160MHZ; 3356 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ; 3357 seg0 = 114; 3358 } 3359 } 3360 3361 skip_80mhz: 3362 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq, 3363 freq->channel, ssid->enable_edmg, 3364 ssid->edmg_channel, freq->ht_enabled, 3365 freq->vht_enabled, freq->he_enabled, 3366 freq->eht_enabled, 3367 freq->sec_channel_offset, 3368 chwidth, seg0, seg1, vht_caps, 3369 &mode->he_capab[ieee80211_mode], 3370 &mode->eht_capab[ieee80211_mode], 0) != 0) 3371 return false; 3372 3373 *freq = vht_freq; 3374 3375 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d", 3376 freq->center_freq1, freq->center_freq2, freq->bandwidth); 3377 return true; 3378 } 3379 3380 ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)3381 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s, 3382 const struct wpa_ssid *ssid, 3383 struct hostapd_freq_params *freq) 3384 { 3385 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode); 3386 enum hostapd_hw_mode hw_mode; 3387 struct hostapd_hw_modes *mode = NULL; 3388 int obss_scan = 1; 3389 u8 channel; 3390 bool is_6ghz, is_24ghz; 3391 3392 freq->freq = ssid->frequency; 3393 3394 if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) { 3395 struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid); 3396 3397 if (bss) { 3398 wpa_printf(MSG_DEBUG, 3399 "IBSS already found in scan results, adjust control freq: %d", 3400 bss->freq); 3401 freq->freq = bss->freq; 3402 obss_scan = 0; 3403 } 3404 } 3405 3406 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel); 3407 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, 3408 hw_mode, is_6ghz_freq(ssid->frequency)); 3409 3410 if (!mode) 3411 return; 3412 3413 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G || 3414 hw_mode == HOSTAPD_MODE_IEEE80211B; 3415 3416 is_6ghz = is_6ghz_freq(freq->freq); 3417 3418 freq->ht_enabled = 0; 3419 freq->vht_enabled = 0; 3420 freq->he_enabled = 0; 3421 freq->eht_enabled = 0; 3422 3423 if (!is_6ghz) 3424 freq->ht_enabled = ibss_mesh_can_use_ht(wpa_s, ssid, mode); 3425 if (freq->ht_enabled) 3426 freq->vht_enabled = ibss_mesh_can_use_vht(wpa_s, ssid, mode); 3427 if (freq->vht_enabled || (freq->ht_enabled && is_24ghz) || is_6ghz) 3428 freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode, 3429 ieee80211_mode); 3430 freq->channel = channel; 3431 /* Setup higher BW only for 5 GHz */ 3432 if (mode->mode == HOSTAPD_MODE_IEEE80211A) { 3433 ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan); 3434 if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq, 3435 ieee80211_mode, is_6ghz)) 3436 freq->he_enabled = freq->vht_enabled = false; 3437 } 3438 3439 if (freq->he_enabled) 3440 freq->eht_enabled = ibss_mesh_can_use_eht(wpa_s, ssid, mode, 3441 ieee80211_mode); 3442 } 3443 3444 3445 #ifdef CONFIG_FILS wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)3446 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf, 3447 size_t ie_buf_len) 3448 { 3449 struct fils_hlp_req *req; 3450 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0; 3451 const u8 *pos; 3452 u8 *buf = ie_buf; 3453 3454 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, 3455 list) { 3456 rem_len = ie_buf_len - ie_len; 3457 pos = wpabuf_head(req->pkt); 3458 hdr_len = 1 + 2 * ETH_ALEN + 6; 3459 hlp_len = wpabuf_len(req->pkt); 3460 3461 if (rem_len < 2 + hdr_len + hlp_len) { 3462 wpa_printf(MSG_ERROR, 3463 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu", 3464 (unsigned long) rem_len, 3465 (unsigned long) (2 + hdr_len + hlp_len)); 3466 break; 3467 } 3468 3469 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len; 3470 /* Element ID */ 3471 *buf++ = WLAN_EID_EXTENSION; 3472 /* Length */ 3473 *buf++ = len; 3474 /* Element ID Extension */ 3475 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER; 3476 /* Destination MAC address */ 3477 os_memcpy(buf, req->dst, ETH_ALEN); 3478 buf += ETH_ALEN; 3479 /* Source MAC address */ 3480 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN); 3481 buf += ETH_ALEN; 3482 /* LLC/SNAP Header */ 3483 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6); 3484 buf += 6; 3485 /* HLP Packet */ 3486 os_memcpy(buf, pos, len - hdr_len); 3487 buf += len - hdr_len; 3488 pos += len - hdr_len; 3489 3490 hlp_len -= len - hdr_len; 3491 ie_len += 2 + len; 3492 rem_len -= 2 + len; 3493 3494 while (hlp_len) { 3495 len = (hlp_len > 255) ? 255 : hlp_len; 3496 if (rem_len < 2 + len) 3497 break; 3498 *buf++ = WLAN_EID_FRAGMENT; 3499 *buf++ = len; 3500 os_memcpy(buf, pos, len); 3501 buf += len; 3502 pos += len; 3503 3504 hlp_len -= len; 3505 ie_len += 2 + len; 3506 rem_len -= 2 + len; 3507 } 3508 } 3509 3510 return ie_len; 3511 } 3512 3513 wpa_is_fils_supported(struct wpa_supplicant * wpa_s)3514 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s) 3515 { 3516 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 3517 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) || 3518 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 3519 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD))); 3520 } 3521 3522 wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)3523 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s) 3524 { 3525 #ifdef CONFIG_FILS_SK_PFS 3526 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 3527 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS); 3528 #else /* CONFIG_FILS_SK_PFS */ 3529 return 0; 3530 #endif /* CONFIG_FILS_SK_PFS */ 3531 } 3532 3533 #endif /* CONFIG_FILS */ 3534 3535 wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss * bss)3536 bool wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss *bss) 3537 { 3538 const u8 *wfa_capa; 3539 3540 if (!bss) 3541 return false; 3542 3543 /* Get WFA capability from Beacon or Probe Response frame elements */ 3544 wfa_capa = wpa_bss_get_vendor_ie(bss, WFA_CAPA_IE_VENDOR_TYPE); 3545 if (!wfa_capa) 3546 wfa_capa = wpa_bss_get_vendor_ie_beacon( 3547 bss, WFA_CAPA_IE_VENDOR_TYPE); 3548 3549 if (!wfa_capa || wfa_capa[1] < 6 || wfa_capa[6] < 1 || 3550 !(wfa_capa[7] & WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC)) { 3551 /* AP does not enable QM non EHT traffic description policy */ 3552 return false; 3553 } 3554 3555 return true; 3556 } 3557 3558 wpas_populate_wfa_capa(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,u8 * wpa_ie,size_t wpa_ie_len,size_t max_wpa_ie_len)3559 int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s, struct wpa_bss *bss, 3560 u8 *wpa_ie, size_t wpa_ie_len, size_t max_wpa_ie_len) 3561 { 3562 struct wpabuf *wfa_ie = NULL, *attr = NULL; 3563 u8 wfa_capa[1]; 3564 u8 capab_len = 0; 3565 size_t wfa_ie_len, buf_len; 3566 3567 os_memset(wfa_capa, 0, sizeof(wfa_capa)); 3568 #ifndef CONFIG_NO_ROBUST_AV 3569 if (wpa_s->enable_dscp_policy_capa) 3570 wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY; 3571 #endif /* CONFIG_NO_ROBUST_AV */ 3572 3573 if (wpa_is_non_eht_scs_traffic_desc_supported(bss)) 3574 wfa_capa[0] |= WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC; 3575 3576 if (wfa_capa[0]) 3577 capab_len = 1; 3578 3579 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_UNPROTECTED) 3580 attr = wpas_wfa_gen_capab_attr(wpa_s); 3581 3582 if (capab_len == 0 && !attr) 3583 return wpa_ie_len; 3584 3585 /* Wi-Fi Alliance element */ 3586 buf_len = 1 + /* Element ID */ 3587 1 + /* Length */ 3588 3 + /* OUI */ 3589 1 + /* OUI Type */ 3590 1 + /* Capabilities Length */ 3591 capab_len + /* Capabilities */ 3592 (attr ? wpabuf_len(attr) : 0) /* Attributes */; 3593 wfa_ie = wpabuf_alloc(buf_len); 3594 if (!wfa_ie) { 3595 wpabuf_free(attr); 3596 return wpa_ie_len; 3597 } 3598 3599 wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC); 3600 wpabuf_put_u8(wfa_ie, buf_len - 2); 3601 wpabuf_put_be24(wfa_ie, OUI_WFA); 3602 wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE); 3603 wpabuf_put_u8(wfa_ie, capab_len); 3604 wpabuf_put_data(wfa_ie, wfa_capa, capab_len); 3605 if (attr) 3606 wpabuf_put_buf(wfa_ie, attr); 3607 wpabuf_free(attr); 3608 3609 wfa_ie_len = wpabuf_len(wfa_ie); 3610 if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) { 3611 wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element", 3612 wfa_ie); 3613 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie), 3614 wfa_ie_len); 3615 wpa_ie_len += wfa_ie_len; 3616 } 3617 3618 wpabuf_free(wfa_ie); 3619 return wpa_ie_len; 3620 } 3621 3622 wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)3623 static u8 * wpas_populate_assoc_ies( 3624 struct wpa_supplicant *wpa_s, 3625 struct wpa_bss *bss, struct wpa_ssid *ssid, 3626 struct wpa_driver_associate_params *params, 3627 enum wpa_drv_update_connect_params_mask *mask) 3628 { 3629 u8 *wpa_ie; 3630 size_t max_wpa_ie_len = 500; 3631 size_t wpa_ie_len; 3632 int algs = WPA_AUTH_ALG_OPEN; 3633 #ifdef CONFIG_MBO 3634 const u8 *mbo_ie; 3635 #endif 3636 #if defined(CONFIG_SAE) || defined(CONFIG_FILS) 3637 int pmksa_cached = 0; 3638 #endif /* CONFIG_SAE || CONFIG_FILS */ 3639 #ifdef CONFIG_FILS 3640 const u8 *realm, *username, *rrk; 3641 size_t realm_len, username_len, rrk_len; 3642 u16 next_seq_num; 3643 struct fils_hlp_req *req; 3644 3645 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req, 3646 list) { 3647 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) + 3648 2 + 2 * wpabuf_len(req->pkt) / 255; 3649 } 3650 #endif /* CONFIG_FILS */ 3651 3652 wpa_ie = os_malloc(max_wpa_ie_len); 3653 if (!wpa_ie) { 3654 wpa_printf(MSG_ERROR, 3655 "Failed to allocate connect IE buffer for %lu bytes", 3656 (unsigned long) max_wpa_ie_len); 3657 return NULL; 3658 } 3659 3660 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || 3661 wpa_bss_get_rsne(wpa_s, bss, ssid, false)) && 3662 wpa_key_mgmt_wpa(ssid->key_mgmt)) { 3663 int try_opportunistic; 3664 const u8 *cache_id = NULL; 3665 const u8 *addr = bss->bssid; 3666 3667 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 3668 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_MLO) && 3669 !is_zero_ether_addr(bss->mld_addr)) 3670 addr = bss->mld_addr; 3671 3672 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && 3673 wpa_s->valid_links) 3674 addr = wpa_s->ap_mld_addr; 3675 3676 try_opportunistic = (ssid->proactive_key_caching < 0 ? 3677 wpa_s->conf->okc : 3678 ssid->proactive_key_caching) && 3679 (ssid->proto & WPA_PROTO_RSN); 3680 #ifdef CONFIG_FILS 3681 if (wpa_key_mgmt_fils(ssid->key_mgmt)) 3682 cache_id = wpa_bss_get_fils_cache_id(bss); 3683 #endif /* CONFIG_FILS */ 3684 if (pmksa_cache_set_current(wpa_s->wpa, NULL, addr, 3685 ssid, try_opportunistic, 3686 cache_id, 0, false) == 0) { 3687 eapol_sm_notify_pmkid_attempt(wpa_s->eapol); 3688 #if defined(CONFIG_SAE) || defined(CONFIG_FILS) 3689 pmksa_cached = 1; 3690 #endif /* CONFIG_SAE || CONFIG_FILS */ 3691 } 3692 wpa_ie_len = max_wpa_ie_len; 3693 if (wpa_supplicant_set_suites(wpa_s, bss, ssid, 3694 wpa_ie, &wpa_ie_len, false)) { 3695 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 3696 "key management and encryption suites"); 3697 os_free(wpa_ie); 3698 return NULL; 3699 } 3700 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && 3701 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { 3702 /* 3703 * Both WPA and non-WPA IEEE 802.1X enabled in configuration - 3704 * use non-WPA since the scan results did not indicate that the 3705 * AP is using WPA or WPA2. 3706 */ 3707 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 3708 wpa_ie_len = 0; 3709 wpa_s->wpa_proto = 0; 3710 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { 3711 wpa_ie_len = max_wpa_ie_len; 3712 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, 3713 wpa_ie, &wpa_ie_len, false)) { 3714 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " 3715 "key management and encryption suites (no " 3716 "scan results)"); 3717 os_free(wpa_ie); 3718 return NULL; 3719 } 3720 #ifdef CONFIG_WPS 3721 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { 3722 struct wpabuf *wps_ie; 3723 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); 3724 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) { 3725 wpa_ie_len = wpabuf_len(wps_ie); 3726 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); 3727 } else 3728 wpa_ie_len = 0; 3729 wpabuf_free(wps_ie); 3730 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 3731 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) 3732 params->wps = WPS_MODE_PRIVACY; 3733 else 3734 params->wps = WPS_MODE_OPEN; 3735 wpa_s->wpa_proto = 0; 3736 #endif /* CONFIG_WPS */ 3737 } else { 3738 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); 3739 wpa_ie_len = 0; 3740 wpa_s->wpa_proto = 0; 3741 } 3742 3743 #ifdef IEEE8021X_EAPOL 3744 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 3745 if (ssid->leap) { 3746 if (ssid->non_leap == 0) 3747 algs = WPA_AUTH_ALG_LEAP; 3748 else 3749 algs |= WPA_AUTH_ALG_LEAP; 3750 } 3751 } 3752 3753 #ifdef CONFIG_FILS 3754 /* Clear FILS association */ 3755 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0); 3756 3757 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) && 3758 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) && 3759 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username, 3760 &username_len, &realm, &realm_len, 3761 &next_seq_num, &rrk, &rrk_len) == 0 && 3762 (!wpa_s->last_con_fail_realm || 3763 wpa_s->last_con_fail_realm_len != realm_len || 3764 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) { 3765 algs = WPA_AUTH_ALG_FILS; 3766 params->fils_erp_username = username; 3767 params->fils_erp_username_len = username_len; 3768 params->fils_erp_realm = realm; 3769 params->fils_erp_realm_len = realm_len; 3770 params->fils_erp_next_seq_num = next_seq_num; 3771 params->fils_erp_rrk = rrk; 3772 params->fils_erp_rrk_len = rrk_len; 3773 3774 if (mask) 3775 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO; 3776 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) && 3777 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) && 3778 pmksa_cached) { 3779 algs = WPA_AUTH_ALG_FILS; 3780 } 3781 #endif /* CONFIG_FILS */ 3782 #endif /* IEEE8021X_EAPOL */ 3783 #ifdef CONFIG_SAE 3784 if (wpa_key_mgmt_sae(wpa_s->key_mgmt)) 3785 algs = WPA_AUTH_ALG_SAE; 3786 #endif /* CONFIG_SAE */ 3787 3788 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); 3789 if (ssid->auth_alg) { 3790 algs = ssid->auth_alg; 3791 wpa_dbg(wpa_s, MSG_DEBUG, 3792 "Overriding auth_alg selection: 0x%x", algs); 3793 } 3794 3795 #ifdef CONFIG_SAE 3796 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) { 3797 wpa_dbg(wpa_s, MSG_DEBUG, 3798 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt"); 3799 algs = WPA_AUTH_ALG_OPEN; 3800 } 3801 #endif /* CONFIG_SAE */ 3802 3803 #ifdef CONFIG_P2P 3804 if (wpa_s->global->p2p) { 3805 u8 *pos; 3806 size_t len; 3807 int res; 3808 pos = wpa_ie + wpa_ie_len; 3809 len = max_wpa_ie_len - wpa_ie_len; 3810 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, 3811 ssid->p2p_group); 3812 if (res >= 0) 3813 wpa_ie_len += res; 3814 } 3815 3816 wpa_s->cross_connect_disallowed = 0; 3817 if (bss) { 3818 struct wpabuf *p2p; 3819 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); 3820 if (p2p) { 3821 wpa_s->cross_connect_disallowed = 3822 p2p_get_cross_connect_disallowed(p2p); 3823 wpabuf_free(p2p); 3824 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " 3825 "connection", 3826 wpa_s->cross_connect_disallowed ? 3827 "disallows" : "allows"); 3828 } 3829 } 3830 3831 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info)); 3832 #endif /* CONFIG_P2P */ 3833 3834 #ifndef CONFIG_NO_RRM 3835 if (bss) { 3836 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss, 3837 wpa_ie + wpa_ie_len, 3838 max_wpa_ie_len - 3839 wpa_ie_len); 3840 } 3841 #endif /* CONFIG_NO_RRM */ 3842 3843 /* 3844 * Workaround: Add Extended Capabilities element only if the AP 3845 * included this element in Beacon/Probe Response frames. Some older 3846 * APs seem to have interoperability issues if this element is 3847 * included, so while the standard may require us to include the 3848 * element in all cases, it is justifiable to skip it to avoid 3849 * interoperability issues. 3850 */ 3851 if (ssid->p2p_group) 3852 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT); 3853 else 3854 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); 3855 3856 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) { 3857 u8 ext_capab[18]; 3858 int ext_capab_len; 3859 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab, 3860 sizeof(ext_capab), bss); 3861 if (ext_capab_len > 0 && 3862 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) { 3863 u8 *pos = wpa_ie; 3864 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) 3865 pos += 2 + pos[1]; 3866 os_memmove(pos + ext_capab_len, pos, 3867 wpa_ie_len - (pos - wpa_ie)); 3868 wpa_ie_len += ext_capab_len; 3869 os_memcpy(pos, ext_capab, ext_capab_len); 3870 } 3871 } 3872 3873 if (ssid->max_idle && wpa_ie_len + 5 <= max_wpa_ie_len) { 3874 u8 *pos = wpa_ie; 3875 3876 *pos++ = WLAN_EID_BSS_MAX_IDLE_PERIOD; 3877 *pos++ = 3; 3878 WPA_PUT_LE16(pos, ssid->max_idle); 3879 pos += 2; 3880 *pos = 0; /* Idle Options */ 3881 wpa_ie_len += 5; 3882 } 3883 3884 #ifdef CONFIG_HS20 3885 if (is_hs20_network(wpa_s, ssid, bss)) { 3886 struct wpabuf *hs20; 3887 3888 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN); 3889 if (hs20) { 3890 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid); 3891 size_t len; 3892 3893 wpas_hs20_add_indication(hs20, pps_mo_id, 3894 get_hs20_version(bss)); 3895 wpas_hs20_add_roam_cons_sel(hs20, ssid); 3896 len = max_wpa_ie_len - wpa_ie_len; 3897 if (wpabuf_len(hs20) <= len) { 3898 os_memcpy(wpa_ie + wpa_ie_len, 3899 wpabuf_head(hs20), wpabuf_len(hs20)); 3900 wpa_ie_len += wpabuf_len(hs20); 3901 } 3902 wpabuf_free(hs20); 3903 3904 hs20_configure_frame_filters(wpa_s); 3905 } 3906 } 3907 #endif /* CONFIG_HS20 */ 3908 3909 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) { 3910 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]; 3911 size_t len; 3912 3913 len = max_wpa_ie_len - wpa_ie_len; 3914 if (wpabuf_len(buf) <= len) { 3915 os_memcpy(wpa_ie + wpa_ie_len, 3916 wpabuf_head(buf), wpabuf_len(buf)); 3917 wpa_ie_len += wpabuf_len(buf); 3918 } 3919 } 3920 3921 #ifdef CONFIG_FST 3922 if (wpa_s->fst_ies) { 3923 int fst_ies_len = wpabuf_len(wpa_s->fst_ies); 3924 3925 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) { 3926 os_memcpy(wpa_ie + wpa_ie_len, 3927 wpabuf_head(wpa_s->fst_ies), fst_ies_len); 3928 wpa_ie_len += fst_ies_len; 3929 } 3930 } 3931 #endif /* CONFIG_FST */ 3932 3933 #ifdef CONFIG_MBO 3934 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL; 3935 if (!wpa_s->disable_mbo_oce && mbo_ie) { 3936 int len; 3937 3938 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len, 3939 max_wpa_ie_len - wpa_ie_len, 3940 !!mbo_attr_from_mbo_ie(mbo_ie, 3941 OCE_ATTR_ID_CAPA_IND)); 3942 if (len >= 0) 3943 wpa_ie_len += len; 3944 } 3945 #endif /* CONFIG_MBO */ 3946 3947 #ifdef CONFIG_FILS 3948 if (algs == WPA_AUTH_ALG_FILS) { 3949 size_t len; 3950 3951 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len, 3952 max_wpa_ie_len - wpa_ie_len); 3953 wpa_ie_len += len; 3954 } 3955 #endif /* CONFIG_FILS */ 3956 3957 #ifdef CONFIG_OWE 3958 #ifdef CONFIG_TESTING_OPTIONS 3959 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) { 3960 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element"); 3961 } else 3962 #endif /* CONFIG_TESTING_OPTIONS */ 3963 if (algs == WPA_AUTH_ALG_OPEN && 3964 ssid->key_mgmt == WPA_KEY_MGMT_OWE && 3965 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA)) { 3966 struct wpabuf *owe_ie; 3967 u16 group; 3968 3969 if (ssid->owe_group) { 3970 group = ssid->owe_group; 3971 } else if (wpa_s->assoc_status_code == 3972 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) { 3973 if (wpa_s->last_owe_group == 19) 3974 group = 20; 3975 else if (wpa_s->last_owe_group == 20) 3976 group = 21; 3977 else 3978 group = OWE_DH_GROUP; 3979 } else { 3980 group = OWE_DH_GROUP; 3981 } 3982 3983 wpa_s->last_owe_group = group; 3984 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group); 3985 owe_ie = owe_build_assoc_req(wpa_s->wpa, group); 3986 if (owe_ie && 3987 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) { 3988 os_memcpy(wpa_ie + wpa_ie_len, 3989 wpabuf_head(owe_ie), wpabuf_len(owe_ie)); 3990 wpa_ie_len += wpabuf_len(owe_ie); 3991 } 3992 wpabuf_free(owe_ie); 3993 } 3994 #endif /* CONFIG_OWE */ 3995 3996 #ifdef CONFIG_DPP2 3997 if (DPP_VERSION > 1 && 3998 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP && 3999 ssid->dpp_netaccesskey && 4000 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) { 4001 struct rsn_pmksa_cache_entry *pmksa; 4002 4003 pmksa = pmksa_cache_get_current(wpa_s->wpa); 4004 if (!pmksa || !pmksa->dpp_pfs) 4005 goto pfs_fail; 4006 4007 dpp_pfs_free(wpa_s->dpp_pfs); 4008 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey, 4009 ssid->dpp_netaccesskey_len); 4010 if (!wpa_s->dpp_pfs) { 4011 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS"); 4012 /* Try to continue without PFS */ 4013 goto pfs_fail; 4014 } 4015 if (wpabuf_len(wpa_s->dpp_pfs->ie) <= 4016 max_wpa_ie_len - wpa_ie_len) { 4017 os_memcpy(wpa_ie + wpa_ie_len, 4018 wpabuf_head(wpa_s->dpp_pfs->ie), 4019 wpabuf_len(wpa_s->dpp_pfs->ie)); 4020 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie); 4021 } 4022 } 4023 pfs_fail: 4024 #endif /* CONFIG_DPP2 */ 4025 4026 #ifdef CONFIG_IEEE80211R 4027 /* 4028 * Add MDIE under these conditions: the network profile allows FT, 4029 * the AP supports FT, and the mobility domain ID matches. 4030 */ 4031 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) { 4032 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 4033 4034 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) { 4035 size_t len = 0; 4036 const u8 *md = mdie + 2; 4037 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa); 4038 4039 if (os_memcmp(md, wpa_md, 4040 MOBILITY_DOMAIN_ID_LEN) == 0) { 4041 /* Add mobility domain IE */ 4042 len = wpa_ft_add_mdie( 4043 wpa_s->wpa, wpa_ie + wpa_ie_len, 4044 max_wpa_ie_len - wpa_ie_len, mdie); 4045 wpa_ie_len += len; 4046 } 4047 #ifdef CONFIG_SME 4048 if (len > 0 && wpa_s->sme.ft_used && 4049 wpa_sm_has_ft_keys(wpa_s->wpa, md)) { 4050 wpa_dbg(wpa_s, MSG_DEBUG, 4051 "SME: Trying to use FT over-the-air"); 4052 algs |= WPA_AUTH_ALG_FT; 4053 } 4054 #endif /* CONFIG_SME */ 4055 } 4056 } 4057 #endif /* CONFIG_IEEE80211R */ 4058 4059 #ifdef CONFIG_TESTING_OPTIONS 4060 if (wpa_s->rsnxe_override_assoc && 4061 wpabuf_len(wpa_s->rsnxe_override_assoc) <= 4062 max_wpa_ie_len - wpa_ie_len) { 4063 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override"); 4064 os_memcpy(wpa_ie + wpa_ie_len, 4065 wpabuf_head(wpa_s->rsnxe_override_assoc), 4066 wpabuf_len(wpa_s->rsnxe_override_assoc)); 4067 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc); 4068 } else 4069 #endif /* CONFIG_TESTING_OPTIONS */ 4070 if (wpa_s->rsnxe_len > 0 && 4071 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) { 4072 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len); 4073 wpa_ie_len += wpa_s->rsnxe_len; 4074 } 4075 4076 #ifndef CONFIG_NO_ROBUST_AV 4077 #ifdef CONFIG_TESTING_OPTIONS 4078 if (wpa_s->disable_mscs_support) 4079 goto mscs_end; 4080 #endif /* CONFIG_TESTING_OPTIONS */ 4081 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) && 4082 wpa_s->robust_av.valid_config) { 4083 struct wpabuf *mscs_ie; 4084 size_t mscs_ie_len, buf_len; 4085 4086 buf_len = 3 + /* MSCS descriptor IE header */ 4087 1 + /* Request type */ 4088 2 + /* User priority control */ 4089 4 + /* Stream timeout */ 4090 3 + /* TCLAS Mask IE header */ 4091 wpa_s->robust_av.frame_classifier_len; 4092 mscs_ie = wpabuf_alloc(buf_len); 4093 if (!mscs_ie) { 4094 wpa_printf(MSG_INFO, 4095 "MSCS: Failed to allocate MSCS IE"); 4096 goto mscs_end; 4097 } 4098 4099 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie); 4100 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) { 4101 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie); 4102 mscs_ie_len = wpabuf_len(mscs_ie); 4103 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie), 4104 mscs_ie_len); 4105 wpa_ie_len += mscs_ie_len; 4106 } 4107 4108 wpabuf_free(mscs_ie); 4109 } 4110 mscs_end: 4111 #endif /* CONFIG_NO_ROBUST_AV */ 4112 4113 wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len, 4114 max_wpa_ie_len); 4115 4116 if (ssid->multi_ap_backhaul_sta) { 4117 size_t multi_ap_ie_len; 4118 struct multi_ap_params multi_ap = { 0 }; 4119 4120 multi_ap.capability = MULTI_AP_BACKHAUL_STA; 4121 multi_ap.profile = ssid->multi_ap_profile; 4122 4123 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len, 4124 max_wpa_ie_len - wpa_ie_len, 4125 &multi_ap); 4126 if (multi_ap_ie_len == 0) { 4127 wpa_printf(MSG_ERROR, 4128 "Multi-AP: Failed to build Multi-AP IE"); 4129 os_free(wpa_ie); 4130 return NULL; 4131 } 4132 wpa_ie_len += multi_ap_ie_len; 4133 } 4134 4135 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE_SUPPORT, 4136 wpas_rsn_overriding(wpa_s, ssid)); 4137 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE, 4138 RSN_OVERRIDE_NOT_USED); 4139 if (wpas_rsn_overriding(wpa_s, ssid) && 4140 wpas_ap_supports_rsn_overriding(wpa_s, bss) && 4141 wpa_ie_len + 2 + 4 + 1 <= max_wpa_ie_len) { 4142 u8 *pos = wpa_ie + wpa_ie_len, *start = pos; 4143 const u8 *ie; 4144 enum rsn_selection_variant variant = RSN_SELECTION_RSNE; 4145 4146 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE, 4147 RSN_OVERRIDE_RSNE); 4148 ie = wpa_bss_get_rsne(wpa_s, bss, ssid, wpa_s->valid_links); 4149 if (ie && ie[0] == WLAN_EID_VENDOR_SPECIFIC && ie[1] >= 4) { 4150 u32 type; 4151 4152 type = WPA_GET_BE32(&ie[2]); 4153 if (type == RSNE_OVERRIDE_IE_VENDOR_TYPE) { 4154 variant = RSN_SELECTION_RSNE_OVERRIDE; 4155 wpa_sm_set_param(wpa_s->wpa, 4156 WPA_PARAM_RSN_OVERRIDE, 4157 RSN_OVERRIDE_RSNE_OVERRIDE); 4158 } else if (type == RSNE_OVERRIDE_2_IE_VENDOR_TYPE) { 4159 variant = RSN_SELECTION_RSNE_OVERRIDE_2; 4160 wpa_sm_set_param(wpa_s->wpa, 4161 WPA_PARAM_RSN_OVERRIDE, 4162 RSN_OVERRIDE_RSNE_OVERRIDE_2); 4163 } 4164 } 4165 4166 /* Indicate which RSNE variant was used */ 4167 *pos++ = WLAN_EID_VENDOR_SPECIFIC; 4168 *pos++ = 4 + 1; 4169 WPA_PUT_BE32(pos, RSN_SELECTION_IE_VENDOR_TYPE); 4170 pos += 4; 4171 *pos++ = variant; 4172 wpa_hexdump(MSG_MSGDUMP, "RSN Selection", start, pos - start); 4173 wpa_ie_len += pos - start; 4174 } 4175 4176 params->rsn_overriding = wpas_rsn_overriding(wpa_s, ssid); 4177 params->wpa_ie = wpa_ie; 4178 params->wpa_ie_len = wpa_ie_len; 4179 params->auth_alg = algs; 4180 if (mask) 4181 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE; 4182 4183 return wpa_ie; 4184 } 4185 4186 4187 #ifdef CONFIG_OWE wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)4188 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s) 4189 { 4190 struct wpa_driver_associate_params params; 4191 u8 *wpa_ie; 4192 4193 os_memset(¶ms, 0, sizeof(params)); 4194 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, 4195 wpa_s->current_ssid, ¶ms, NULL); 4196 if (!wpa_ie) 4197 return; 4198 4199 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES); 4200 os_free(wpa_ie); 4201 } 4202 #endif /* CONFIG_OWE */ 4203 4204 4205 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL) wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)4206 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s) 4207 { 4208 struct wpa_driver_associate_params params; 4209 enum wpa_drv_update_connect_params_mask mask = 0; 4210 u8 *wpa_ie; 4211 4212 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN) 4213 return; /* nothing to do */ 4214 4215 os_memset(¶ms, 0, sizeof(params)); 4216 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, 4217 wpa_s->current_ssid, ¶ms, &mask); 4218 if (!wpa_ie) 4219 return; 4220 4221 if (params.auth_alg == WPA_AUTH_ALG_FILS) { 4222 wpa_s->auth_alg = params.auth_alg; 4223 wpa_drv_update_connect_params(wpa_s, ¶ms, mask); 4224 } 4225 4226 os_free(wpa_ie); 4227 } 4228 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */ 4229 4230 wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)4231 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie) 4232 { 4233 if (!edmg_ie || edmg_ie[1] < 6) 4234 return 0; 4235 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET]; 4236 } 4237 4238 wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)4239 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie) 4240 { 4241 if (!edmg_ie || edmg_ie[1] < 6) 4242 return 0; 4243 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET]; 4244 } 4245 4246 4247 /* Returns the intersection of two EDMG configurations. 4248 * Note: The current implementation is limited to CB2 only (CB1 included), 4249 * i.e., the implementation supports up to 2 contiguous channels. 4250 * For supporting non-contiguous (aggregated) channels and for supporting 4251 * CB3 and above, this function will need to be extended. 4252 */ 4253 static struct ieee80211_edmg_config get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)4254 get_edmg_intersection(struct ieee80211_edmg_config a, 4255 struct ieee80211_edmg_config b, 4256 u8 primary_channel) 4257 { 4258 struct ieee80211_edmg_config result; 4259 int i, contiguous = 0; 4260 int max_contiguous = 0; 4261 4262 result.channels = b.channels & a.channels; 4263 if (!result.channels) { 4264 wpa_printf(MSG_DEBUG, 4265 "EDMG not possible: cannot intersect channels 0x%x and 0x%x", 4266 a.channels, b.channels); 4267 goto fail; 4268 } 4269 4270 if (!(result.channels & BIT(primary_channel - 1))) { 4271 wpa_printf(MSG_DEBUG, 4272 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x", 4273 primary_channel, result.channels); 4274 goto fail; 4275 } 4276 4277 /* Find max contiguous channels */ 4278 for (i = 0; i < 6; i++) { 4279 if (result.channels & BIT(i)) 4280 contiguous++; 4281 else 4282 contiguous = 0; 4283 4284 if (contiguous > max_contiguous) 4285 max_contiguous = contiguous; 4286 } 4287 4288 /* Assuming AP and STA supports ONLY contiguous channels, 4289 * bw configuration can have value between 4-7. 4290 */ 4291 if ((b.bw_config < a.bw_config)) 4292 result.bw_config = b.bw_config; 4293 else 4294 result.bw_config = a.bw_config; 4295 4296 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) || 4297 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) { 4298 wpa_printf(MSG_DEBUG, 4299 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2", 4300 max_contiguous); 4301 goto fail; 4302 } 4303 4304 return result; 4305 4306 fail: 4307 result.channels = 0; 4308 result.bw_config = 0; 4309 return result; 4310 } 4311 4312 4313 static struct ieee80211_edmg_config get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)4314 get_supported_edmg(struct wpa_supplicant *wpa_s, 4315 struct hostapd_freq_params *freq, 4316 struct ieee80211_edmg_config request_edmg) 4317 { 4318 enum hostapd_hw_mode hw_mode; 4319 struct hostapd_hw_modes *mode = NULL; 4320 u8 primary_channel; 4321 4322 if (!wpa_s->hw.modes) 4323 goto fail; 4324 4325 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel); 4326 if (hw_mode == NUM_HOSTAPD_MODES) 4327 goto fail; 4328 4329 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false); 4330 if (!mode) 4331 goto fail; 4332 4333 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel); 4334 4335 fail: 4336 request_edmg.channels = 0; 4337 request_edmg.bw_config = 0; 4338 return request_edmg; 4339 } 4340 4341 4342 #ifdef CONFIG_MBO wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)4343 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s) 4344 { 4345 struct wpa_driver_associate_params params; 4346 u8 *wpa_ie; 4347 4348 /* 4349 * Update MBO connect params only in case of change of MBO attributes 4350 * when connected, if the AP support MBO. 4351 */ 4352 4353 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid || 4354 !wpa_s->current_bss || 4355 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE)) 4356 return; 4357 4358 os_memset(¶ms, 0, sizeof(params)); 4359 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss, 4360 wpa_s->current_ssid, ¶ms, NULL); 4361 if (!wpa_ie) 4362 return; 4363 4364 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES); 4365 os_free(wpa_ie); 4366 } 4367 #endif /* CONFIG_MBO */ 4368 4369 wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)4370 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit) 4371 { 4372 struct wpa_connect_work *cwork = work->ctx; 4373 struct wpa_bss *bss = cwork->bss; 4374 struct wpa_ssid *ssid = cwork->ssid; 4375 struct wpa_supplicant *wpa_s = work->wpa_s; 4376 u8 *wpa_ie; 4377 const u8 *edmg_ie_oper; 4378 int use_crypt, ret, bssid_changed; 4379 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt; 4380 struct wpa_driver_associate_params params; 4381 u8 psk[PMK_LEN]; 4382 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL) 4383 int wep_keys_set = 0; 4384 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */ 4385 int assoc_failed = 0; 4386 struct wpa_ssid *old_ssid; 4387 u8 prev_bssid[ETH_ALEN]; 4388 #ifdef CONFIG_HT_OVERRIDES 4389 struct ieee80211_ht_capabilities htcaps; 4390 struct ieee80211_ht_capabilities htcaps_mask; 4391 #endif /* CONFIG_HT_OVERRIDES */ 4392 #ifdef CONFIG_VHT_OVERRIDES 4393 struct ieee80211_vht_capabilities vhtcaps; 4394 struct ieee80211_vht_capabilities vhtcaps_mask; 4395 #endif /* CONFIG_VHT_OVERRIDES */ 4396 4397 wpa_s->roam_in_progress = false; 4398 #ifdef CONFIG_WNM 4399 wpa_s->bss_trans_mgmt_in_progress = false; 4400 #endif /* CONFIG_WNM */ 4401 wpa_s->no_suitable_network = 0; 4402 4403 if (deinit) { 4404 if (work->started) { 4405 wpa_s->connect_work = NULL; 4406 4407 /* cancel possible auth. timeout */ 4408 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, 4409 NULL); 4410 } 4411 wpas_connect_work_free(cwork); 4412 return; 4413 } 4414 4415 wpa_s->connect_work = work; 4416 4417 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) || 4418 wpas_network_disabled(wpa_s, ssid)) { 4419 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt"); 4420 wpas_connect_work_done(wpa_s); 4421 return; 4422 } 4423 4424 /* 4425 * Set the current AP's BSSID (for non-MLO connection) or MLD address 4426 * (for MLO connection) as the previous BSSID for reassociation requests 4427 * handled by SME-in-driver. If wpa_supplicant is in disconnected state, 4428 * prev_bssid will be zero as both wpa_s->valid_links and wpa_s->bssid 4429 * will be zero. 4430 */ 4431 os_memcpy(prev_bssid, 4432 wpa_s->valid_links ? wpa_s->ap_mld_addr : wpa_s->bssid, 4433 ETH_ALEN); 4434 os_memset(¶ms, 0, sizeof(params)); 4435 wpa_s->reassociate = 0; 4436 wpa_s->eap_expected_failure = 0; 4437 4438 /* Starting new association, so clear the possibly used WPA IE from the 4439 * previous association. */ 4440 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); 4441 #ifndef CONFIG_NO_WPA 4442 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0); 4443 #endif /* CONFIG_NO_WPA */ 4444 wpa_s->rsnxe_len = 0; 4445 #ifndef CONFIG_NO_ROBUST_AV 4446 wpa_s->mscs_setup_done = false; 4447 #endif /* CONFIG_NO_ROBUST_AV */ 4448 4449 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL); 4450 if (!wpa_ie) { 4451 wpas_connect_work_done(wpa_s); 4452 return; 4453 } 4454 4455 if (bss && 4456 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) { 4457 #ifdef CONFIG_IEEE80211R 4458 const u8 *ie, *md = NULL; 4459 #endif /* CONFIG_IEEE80211R */ 4460 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR 4461 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), 4462 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); 4463 bssid_changed = !is_zero_ether_addr(wpa_s->bssid); 4464 os_memset(wpa_s->bssid, 0, ETH_ALEN); 4465 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 4466 if (bssid_changed) 4467 wpas_notify_bssid_changed(wpa_s); 4468 #ifdef CONFIG_IEEE80211R 4469 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); 4470 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) 4471 md = ie + 2; 4472 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); 4473 if (md) { 4474 /* Prepare for the next transition */ 4475 wpa_ft_prepare_auth_request(wpa_s->wpa, ie); 4476 } 4477 #endif /* CONFIG_IEEE80211R */ 4478 #ifdef CONFIG_WPS 4479 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && 4480 wpa_s->conf->ap_scan == 2 && 4481 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { 4482 /* Use ap_scan==1 style network selection to find the network 4483 */ 4484 wpas_connect_work_done(wpa_s); 4485 wpa_s->scan_req = MANUAL_SCAN_REQ; 4486 wpa_s->reassociate = 1; 4487 wpa_supplicant_req_scan(wpa_s, 0, 0); 4488 os_free(wpa_ie); 4489 return; 4490 #endif /* CONFIG_WPS */ 4491 } else { 4492 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", 4493 wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 4494 if (bss) 4495 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); 4496 else 4497 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 4498 } 4499 if (!wpa_s->pno) 4500 wpa_supplicant_cancel_sched_scan(wpa_s); 4501 4502 wpa_supplicant_cancel_scan(wpa_s); 4503 4504 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); 4505 use_crypt = 1; 4506 cipher_pairwise = wpa_s->pairwise_cipher; 4507 cipher_group = wpa_s->group_cipher; 4508 cipher_group_mgmt = wpa_s->mgmt_group_cipher; 4509 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || 4510 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 4511 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) 4512 use_crypt = 0; 4513 #ifdef CONFIG_WEP 4514 if (wpa_set_wep_keys(wpa_s, ssid)) { 4515 use_crypt = 1; 4516 wep_keys_set = 1; 4517 } 4518 #endif /* CONFIG_WEP */ 4519 } 4520 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) 4521 use_crypt = 0; 4522 4523 #ifdef IEEE8021X_EAPOL 4524 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 4525 if ((ssid->eapol_flags & 4526 (EAPOL_FLAG_REQUIRE_KEY_UNICAST | 4527 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && 4528 !wep_keys_set) { 4529 use_crypt = 0; 4530 } else { 4531 /* Assume that dynamic WEP-104 keys will be used and 4532 * set cipher suites in order for drivers to expect 4533 * encryption. */ 4534 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104; 4535 } 4536 } 4537 #endif /* IEEE8021X_EAPOL */ 4538 4539 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 4540 /* Set the key before (and later after) association */ 4541 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 4542 } 4543 4544 /* Set current_ssid before changing state to ASSOCIATING, so that the 4545 * selected SSID is available to wpas_notify_state_changed(). */ 4546 old_ssid = wpa_s->current_ssid; 4547 wpa_s->current_ssid = ssid; 4548 4549 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); 4550 if (bss) { 4551 params.ssid = bss->ssid; 4552 params.ssid_len = bss->ssid_len; 4553 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set || 4554 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 4555 wpa_printf(MSG_DEBUG, "Limit connection to BSSID " 4556 MACSTR " freq=%u MHz based on scan results " 4557 "(bssid_set=%d wps=%d)", 4558 MAC2STR(bss->bssid), bss->freq, 4559 ssid->bssid_set, 4560 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS); 4561 params.bssid = bss->bssid; 4562 params.freq.freq = bss->freq; 4563 } 4564 params.bssid_hint = bss->bssid; 4565 params.freq_hint = bss->freq; 4566 params.pbss = bss_is_pbss(bss); 4567 } else { 4568 if (ssid->bssid_hint_set) 4569 params.bssid_hint = ssid->bssid_hint; 4570 4571 params.ssid = ssid->ssid; 4572 params.ssid_len = ssid->ssid_len; 4573 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0; 4574 } 4575 4576 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && 4577 wpa_s->conf->ap_scan == 2) { 4578 params.bssid = ssid->bssid; 4579 params.fixed_bssid = 1; 4580 } 4581 4582 /* Initial frequency for IBSS/mesh */ 4583 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) && 4584 ssid->frequency > 0 && params.freq.freq == 0) 4585 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq); 4586 4587 if (ssid->mode == WPAS_MODE_IBSS) { 4588 params.fixed_freq = ssid->fixed_freq; 4589 if (ssid->beacon_int) 4590 params.beacon_int = ssid->beacon_int; 4591 else 4592 params.beacon_int = wpa_s->conf->beacon_int; 4593 } 4594 4595 if (bss && ssid->enable_edmg) 4596 edmg_ie_oper = wpa_bss_get_ie_ext(bss, 4597 WLAN_EID_EXT_EDMG_OPERATION); 4598 else 4599 edmg_ie_oper = NULL; 4600 4601 if (edmg_ie_oper) { 4602 params.freq.edmg.channels = 4603 wpa_ie_get_edmg_oper_chans(edmg_ie_oper); 4604 params.freq.edmg.bw_config = 4605 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper); 4606 wpa_printf(MSG_DEBUG, 4607 "AP supports EDMG channels 0x%x, bw_config %d", 4608 params.freq.edmg.channels, 4609 params.freq.edmg.bw_config); 4610 4611 /* User may ask for specific EDMG channel for EDMG connection 4612 * (must be supported by AP) 4613 */ 4614 if (ssid->edmg_channel) { 4615 struct ieee80211_edmg_config configured_edmg; 4616 enum hostapd_hw_mode hw_mode; 4617 u8 primary_channel; 4618 4619 hw_mode = ieee80211_freq_to_chan(bss->freq, 4620 &primary_channel); 4621 if (hw_mode == NUM_HOSTAPD_MODES) 4622 goto edmg_fail; 4623 4624 hostapd_encode_edmg_chan(ssid->enable_edmg, 4625 ssid->edmg_channel, 4626 primary_channel, 4627 &configured_edmg); 4628 4629 if (ieee802_edmg_is_allowed(params.freq.edmg, 4630 configured_edmg)) { 4631 params.freq.edmg = configured_edmg; 4632 wpa_printf(MSG_DEBUG, 4633 "Use EDMG channel %d for connection", 4634 ssid->edmg_channel); 4635 } else { 4636 edmg_fail: 4637 params.freq.edmg.channels = 0; 4638 params.freq.edmg.bw_config = 0; 4639 wpa_printf(MSG_WARNING, 4640 "EDMG channel %d not supported by AP, fallback to DMG", 4641 ssid->edmg_channel); 4642 } 4643 } 4644 4645 if (params.freq.edmg.channels) { 4646 wpa_printf(MSG_DEBUG, 4647 "EDMG before: channels 0x%x, bw_config %d", 4648 params.freq.edmg.channels, 4649 params.freq.edmg.bw_config); 4650 params.freq.edmg = get_supported_edmg(wpa_s, 4651 ¶ms.freq, 4652 params.freq.edmg); 4653 wpa_printf(MSG_DEBUG, 4654 "EDMG after: channels 0x%x, bw_config %d", 4655 params.freq.edmg.channels, 4656 params.freq.edmg.bw_config); 4657 } 4658 } 4659 4660 params.pairwise_suite = cipher_pairwise; 4661 params.group_suite = cipher_group; 4662 params.mgmt_group_suite = cipher_group_mgmt; 4663 params.key_mgmt_suite = wpa_s->key_mgmt; 4664 params.allowed_key_mgmts = wpa_s->allowed_key_mgmts; 4665 params.wpa_proto = wpa_s->wpa_proto; 4666 wpa_s->auth_alg = params.auth_alg; 4667 params.mode = ssid->mode; 4668 params.bg_scan_period = ssid->bg_scan_period; 4669 #ifdef CONFIG_WEP 4670 { 4671 int i; 4672 4673 for (i = 0; i < NUM_WEP_KEYS; i++) { 4674 if (ssid->wep_key_len[i]) 4675 params.wep_key[i] = ssid->wep_key[i]; 4676 params.wep_key_len[i] = ssid->wep_key_len[i]; 4677 } 4678 params.wep_tx_keyidx = ssid->wep_tx_keyidx; 4679 } 4680 #endif /* CONFIG_WEP */ 4681 4682 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) && 4683 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK || 4684 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK || 4685 (params.allowed_key_mgmts & 4686 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK)))) { 4687 params.passphrase = ssid->passphrase; 4688 if (wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0) 4689 params.psk = psk; 4690 } 4691 4692 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) && 4693 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 4694 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 4695 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 4696 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 || 4697 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384)) 4698 params.req_handshake_offload = 1; 4699 4700 if (wpa_s->conf->key_mgmt_offload) { 4701 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X || 4702 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 || 4703 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B || 4704 params.key_mgmt_suite == 4705 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 || 4706 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384) 4707 params.req_key_mgmt_offload = 4708 ssid->proactive_key_caching < 0 ? 4709 wpa_s->conf->okc : ssid->proactive_key_caching; 4710 else 4711 params.req_key_mgmt_offload = 1; 4712 4713 if ((wpa_key_mgmt_wpa_psk_no_sae(params.key_mgmt_suite) || 4714 wpa_key_mgmt_wpa_psk_no_sae(params.allowed_key_mgmts)) && 4715 wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0) 4716 params.psk = psk; 4717 } 4718 4719 if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA) && 4720 wpa_key_mgmt_sae(params.key_mgmt_suite)) { 4721 params.auth_alg = WPA_AUTH_ALG_SAE; 4722 if (ssid->sae_password) { 4723 params.sae_password = ssid->sae_password; 4724 params.sae_password_id = ssid->sae_password_id; 4725 } else if (ssid->passphrase) { 4726 params.passphrase = ssid->passphrase; 4727 } 4728 } 4729 4730 params.drop_unencrypted = use_crypt; 4731 4732 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid); 4733 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { 4734 const u8 *rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false); 4735 struct wpa_ie_data ie; 4736 if (!wpas_driver_bss_selection(wpa_s) && rsn && 4737 wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && 4738 ie.capabilities & 4739 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { 4740 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " 4741 "MFP: require MFP"); 4742 params.mgmt_frame_protection = 4743 MGMT_FRAME_PROTECTION_REQUIRED; 4744 #ifdef CONFIG_OWE 4745 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) && 4746 !ssid->owe_only) { 4747 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION; 4748 #endif /* CONFIG_OWE */ 4749 } 4750 } 4751 4752 params.p2p = ssid->p2p_group; 4753 4754 if (wpa_s->p2pdev->set_sta_uapsd) 4755 params.uapsd = wpa_s->p2pdev->sta_uapsd; 4756 else 4757 params.uapsd = -1; 4758 4759 #ifdef CONFIG_HT_OVERRIDES 4760 os_memset(&htcaps, 0, sizeof(htcaps)); 4761 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); 4762 params.htcaps = (u8 *) &htcaps; 4763 params.htcaps_mask = (u8 *) &htcaps_mask; 4764 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); 4765 #endif /* CONFIG_HT_OVERRIDES */ 4766 #ifdef CONFIG_VHT_OVERRIDES 4767 os_memset(&vhtcaps, 0, sizeof(vhtcaps)); 4768 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask)); 4769 params.vhtcaps = &vhtcaps; 4770 params.vhtcaps_mask = &vhtcaps_mask; 4771 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms); 4772 #endif /* CONFIG_VHT_OVERRIDES */ 4773 #ifdef CONFIG_HE_OVERRIDES 4774 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms); 4775 #endif /* CONFIG_HE_OVERRIDES */ 4776 wpa_supplicant_apply_eht_overrides(wpa_s, ssid, ¶ms); 4777 4778 #ifdef CONFIG_P2P 4779 /* 4780 * If multi-channel concurrency is not supported, check for any 4781 * frequency conflict. In case of any frequency conflict, remove the 4782 * least prioritized connection. 4783 */ 4784 if (wpa_s->num_multichan_concurrent < 2) { 4785 int freq, num; 4786 num = get_shared_radio_freqs(wpa_s, &freq, 1, false); 4787 if (num > 0 && freq > 0 && freq != params.freq.freq) { 4788 wpa_printf(MSG_DEBUG, 4789 "Assoc conflicting freq found (%d != %d)", 4790 freq, params.freq.freq); 4791 if (wpas_p2p_handle_frequency_conflicts( 4792 wpa_s, params.freq.freq, ssid) < 0) { 4793 wpas_connect_work_done(wpa_s); 4794 os_free(wpa_ie); 4795 return; 4796 } 4797 } 4798 } 4799 #endif /* CONFIG_P2P */ 4800 4801 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) && 4802 old_ssid) 4803 params.prev_bssid = prev_bssid; 4804 4805 #ifdef CONFIG_SAE 4806 params.sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid); 4807 #endif /* CONFIG_SAE */ 4808 4809 ret = wpa_drv_associate(wpa_s, ¶ms); 4810 forced_memzero(psk, sizeof(psk)); 4811 os_free(wpa_ie); 4812 if (ret < 0) { 4813 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " 4814 "failed"); 4815 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) { 4816 /* 4817 * The driver is known to mean what is saying, so we 4818 * can stop right here; the association will not 4819 * succeed. 4820 */ 4821 wpas_connection_failed(wpa_s, wpa_s->pending_bssid, 4822 NULL); 4823 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 4824 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); 4825 return; 4826 } 4827 /* try to continue anyway; new association will be tried again 4828 * after timeout */ 4829 assoc_failed = 1; 4830 } 4831 4832 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { 4833 /* Set the key after the association just in case association 4834 * cleared the previously configured key. */ 4835 wpa_supplicant_set_wpa_none_key(wpa_s, ssid); 4836 /* No need to timeout authentication since there is no key 4837 * management. */ 4838 wpa_supplicant_cancel_auth_timeout(wpa_s); 4839 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); 4840 #ifdef CONFIG_IBSS_RSN 4841 } else if (ssid->mode == WPAS_MODE_IBSS && 4842 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && 4843 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { 4844 /* 4845 * RSN IBSS authentication is per-STA and we can disable the 4846 * per-BSSID authentication. 4847 */ 4848 wpa_supplicant_cancel_auth_timeout(wpa_s); 4849 #endif /* CONFIG_IBSS_RSN */ 4850 } else { 4851 /* Timeout for IEEE 802.11 authentication and association */ 4852 int timeout = 60; 4853 4854 if (assoc_failed) { 4855 /* give IBSS a bit more time */ 4856 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; 4857 } else if (wpa_s->conf->ap_scan == 1) { 4858 /* give IBSS a bit more time */ 4859 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; 4860 } 4861 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 4862 } 4863 4864 #ifdef CONFIG_WEP 4865 if (wep_keys_set && 4866 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) { 4867 /* Set static WEP keys again */ 4868 wpa_set_wep_keys(wpa_s, ssid); 4869 } 4870 #endif /* CONFIG_WEP */ 4871 4872 if (old_ssid && old_ssid != ssid) { 4873 /* 4874 * Do not allow EAP session resumption between different 4875 * network configurations. 4876 */ 4877 eapol_sm_invalidate_cached_session(wpa_s->eapol); 4878 } 4879 4880 if (!wpas_driver_bss_selection(wpa_s) || 4881 #ifdef CONFIG_P2P 4882 wpa_s->p2p_in_invitation || 4883 #endif /* CONFIG_P2P */ 4884 ssid->bssid_set) { 4885 wpa_s->current_bss = bss; 4886 #ifdef CONFIG_HS20 4887 hs20_configure_frame_filters(wpa_s); 4888 #endif /* CONFIG_HS20 */ 4889 } 4890 4891 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); 4892 if (bss) 4893 wpa_sm_set_ssid(wpa_s->wpa, bss->ssid, bss->ssid_len); 4894 wpa_supplicant_initiate_eapol(wpa_s); 4895 if (old_ssid != wpa_s->current_ssid) 4896 wpas_notify_network_changed(wpa_s); 4897 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME)) 4898 wpas_notify_auth_changed(wpa_s); 4899 } 4900 4901 wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)4902 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, 4903 const u8 *addr) 4904 { 4905 struct wpa_ssid *old_ssid; 4906 4907 wpa_s->ml_connect_probe_ssid = NULL; 4908 wpa_s->ml_connect_probe_bss = NULL; 4909 wpas_connect_work_done(wpa_s); 4910 wpa_clear_keys(wpa_s, addr); 4911 old_ssid = wpa_s->current_ssid; 4912 wpa_supplicant_mark_disassoc(wpa_s); 4913 wpa_sm_set_config(wpa_s->wpa, NULL); 4914 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 4915 if (old_ssid != wpa_s->current_ssid) 4916 wpas_notify_network_changed(wpa_s); 4917 4918 #ifndef CONFIG_NO_ROBUST_AV 4919 wpas_scs_deinit(wpa_s); 4920 wpas_dscp_deinit(wpa_s); 4921 #endif /* CONFIG_NO_ROBUST_AV */ 4922 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 4923 } 4924 4925 4926 /** 4927 * wpa_supplicant_deauthenticate - Deauthenticate the current connection 4928 * @wpa_s: Pointer to wpa_supplicant data 4929 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame 4930 * 4931 * This function is used to request %wpa_supplicant to deauthenticate from the 4932 * current AP. 4933 */ wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,u16 reason_code)4934 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, 4935 u16 reason_code) 4936 { 4937 u8 *addr = NULL; 4938 union wpa_event_data event; 4939 int zero_addr = 0; 4940 4941 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR 4942 " pending_bssid=" MACSTR 4943 " reason=%d (%s) state=%s valid_links=0x%x ap_mld_addr=" MACSTR, 4944 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), 4945 reason_code, reason2str(reason_code), 4946 wpa_supplicant_state_txt(wpa_s->wpa_state), wpa_s->valid_links, 4947 MAC2STR(wpa_s->ap_mld_addr)); 4948 4949 if (wpa_s->valid_links && !is_zero_ether_addr(wpa_s->ap_mld_addr)) 4950 addr = wpa_s->ap_mld_addr; 4951 else if (!is_zero_ether_addr(wpa_s->pending_bssid) && 4952 (wpa_s->wpa_state == WPA_AUTHENTICATING || 4953 wpa_s->wpa_state == WPA_ASSOCIATING)) 4954 addr = wpa_s->pending_bssid; 4955 else if (!is_zero_ether_addr(wpa_s->bssid)) 4956 addr = wpa_s->bssid; 4957 else if (wpa_s->wpa_state == WPA_ASSOCIATING) { 4958 /* 4959 * When using driver-based BSS selection, we may not know the 4960 * BSSID with which we are currently trying to associate. We 4961 * need to notify the driver of this disconnection even in such 4962 * a case, so use the all zeros address here. 4963 */ 4964 addr = wpa_s->bssid; 4965 zero_addr = 1; 4966 } 4967 4968 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0) 4969 wpa_s->enabled_4addr_mode = 0; 4970 4971 #ifdef CONFIG_TDLS 4972 wpa_tdls_teardown_peers(wpa_s->wpa); 4973 #endif /* CONFIG_TDLS */ 4974 4975 #ifdef CONFIG_MESH 4976 if (wpa_s->ifmsh) { 4977 struct mesh_conf *mconf; 4978 4979 mconf = wpa_s->ifmsh->mconf; 4980 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s", 4981 wpa_s->ifname); 4982 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid, 4983 mconf->meshid_len, reason_code); 4984 wpa_supplicant_leave_mesh(wpa_s, true); 4985 } 4986 #endif /* CONFIG_MESH */ 4987 4988 if (addr) { 4989 wpa_drv_deauthenticate(wpa_s, addr, reason_code); 4990 os_memset(&event, 0, sizeof(event)); 4991 event.deauth_info.reason_code = reason_code; 4992 event.deauth_info.locally_generated = 1; 4993 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event); 4994 if (zero_addr) 4995 addr = NULL; 4996 } 4997 4998 wpa_supplicant_clear_connection(wpa_s, addr); 4999 } 5000 5001 wpa_supplicant_reconnect(struct wpa_supplicant * wpa_s)5002 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s) 5003 { 5004 wpa_s->own_reconnect_req = 1; 5005 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED); 5006 5007 } 5008 5009 wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5010 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s, 5011 struct wpa_ssid *ssid) 5012 { 5013 if (!ssid || !ssid->disabled || ssid->disabled == 2) 5014 return; 5015 5016 ssid->disabled = 0; 5017 ssid->owe_transition_bss_select_count = 0; 5018 wpas_clear_temp_disabled(wpa_s, ssid, 1); 5019 wpas_notify_network_enabled_changed(wpa_s, ssid); 5020 5021 /* 5022 * Try to reassociate since there is no current configuration and a new 5023 * network was made available. 5024 */ 5025 if (!wpa_s->current_ssid && !wpa_s->disconnected) 5026 wpa_s->reassociate = 1; 5027 } 5028 5029 5030 /** 5031 * wpa_supplicant_add_network - Add a new network 5032 * @wpa_s: wpa_supplicant structure for a network interface 5033 * Returns: The new network configuration or %NULL if operation failed 5034 * 5035 * This function performs the following operations: 5036 * 1. Adds a new network. 5037 * 2. Send network addition notification. 5038 * 3. Marks the network disabled. 5039 * 4. Set network default parameters. 5040 */ wpa_supplicant_add_network(struct wpa_supplicant * wpa_s)5041 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s) 5042 { 5043 struct wpa_ssid *ssid; 5044 5045 ssid = wpa_config_add_network(wpa_s->conf); 5046 if (!ssid) 5047 return NULL; 5048 wpas_notify_network_added(wpa_s, ssid); 5049 ssid->disabled = 1; 5050 wpa_config_set_network_defaults(ssid); 5051 5052 return ssid; 5053 } 5054 5055 5056 /** 5057 * wpa_supplicant_remove_network - Remove a configured network based on id 5058 * @wpa_s: wpa_supplicant structure for a network interface 5059 * @id: Unique network id to search for 5060 * Returns: 0 on success, or -1 if the network was not found, -2 if the network 5061 * could not be removed 5062 * 5063 * This function performs the following operations: 5064 * 1. Removes the network. 5065 * 2. Send network removal notification. 5066 * 3. Update internal state machines. 5067 * 4. Stop any running sched scans. 5068 */ wpa_supplicant_remove_network(struct wpa_supplicant * wpa_s,int id)5069 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id) 5070 { 5071 struct wpa_ssid *ssid, *prev = wpa_s->current_ssid; 5072 int was_disabled; 5073 5074 ssid = wpa_config_get_network(wpa_s->conf, id); 5075 if (!ssid) 5076 return -1; 5077 wpas_notify_network_removed(wpa_s, ssid); 5078 5079 if (ssid == prev || !prev) { 5080 #ifdef CONFIG_SME 5081 wpa_s->sme.prev_bssid_set = 0; 5082 #endif /* CONFIG_SME */ 5083 /* 5084 * Invalidate the EAP session cache if the current or 5085 * previously used network is removed. 5086 */ 5087 eapol_sm_invalidate_cached_session(wpa_s->eapol); 5088 } 5089 5090 if (ssid == prev) { 5091 wpa_sm_set_config(wpa_s->wpa, NULL); 5092 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 5093 5094 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 5095 wpa_s->own_disconnect_req = 1; 5096 wpa_supplicant_deauthenticate(wpa_s, 5097 WLAN_REASON_DEAUTH_LEAVING); 5098 } 5099 5100 was_disabled = ssid->disabled; 5101 5102 if (wpa_config_remove_network(wpa_s->conf, id) < 0) 5103 return -2; 5104 5105 if (!was_disabled && wpa_s->sched_scanning) { 5106 wpa_printf(MSG_DEBUG, 5107 "Stop ongoing sched_scan to remove network from filters"); 5108 wpa_supplicant_cancel_sched_scan(wpa_s); 5109 wpa_supplicant_req_scan(wpa_s, 0, 0); 5110 } 5111 5112 return 0; 5113 } 5114 5115 5116 /** 5117 * wpa_supplicant_remove_all_networks - Remove all configured networks 5118 * @wpa_s: wpa_supplicant structure for a network interface 5119 * Returns: 0 on success (errors are currently ignored) 5120 * 5121 * This function performs the following operations: 5122 * 1. Remove all networks. 5123 * 2. Send network removal notifications. 5124 * 3. Update internal state machines. 5125 * 4. Stop any running sched scans. 5126 */ wpa_supplicant_remove_all_networks(struct wpa_supplicant * wpa_s)5127 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s) 5128 { 5129 struct wpa_ssid *ssid; 5130 5131 if (wpa_s->drv_flags2 & 5132 (WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA | 5133 WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA)) 5134 wpa_drv_flush_pmkid(wpa_s); 5135 5136 if (wpa_s->sched_scanning) 5137 wpa_supplicant_cancel_sched_scan(wpa_s); 5138 5139 eapol_sm_invalidate_cached_session(wpa_s->eapol); 5140 if (wpa_s->current_ssid) { 5141 #ifdef CONFIG_SME 5142 wpa_s->sme.prev_bssid_set = 0; 5143 #endif /* CONFIG_SME */ 5144 wpa_sm_set_config(wpa_s->wpa, NULL); 5145 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 5146 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 5147 wpa_s->own_disconnect_req = 1; 5148 wpa_supplicant_deauthenticate( 5149 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 5150 } 5151 ssid = wpa_s->conf->ssid; 5152 while (ssid) { 5153 struct wpa_ssid *remove_ssid = ssid; 5154 int id; 5155 5156 id = ssid->id; 5157 ssid = ssid->next; 5158 wpas_notify_network_removed(wpa_s, remove_ssid); 5159 wpa_config_remove_network(wpa_s->conf, id); 5160 } 5161 return 0; 5162 } 5163 5164 5165 /** 5166 * wpa_supplicant_enable_network - Mark a configured network as enabled 5167 * @wpa_s: wpa_supplicant structure for a network interface 5168 * @ssid: wpa_ssid structure for a configured network or %NULL 5169 * 5170 * Enables the specified network or all networks if no network specified. 5171 */ wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5172 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, 5173 struct wpa_ssid *ssid) 5174 { 5175 if (ssid == NULL) { 5176 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 5177 wpa_supplicant_enable_one_network(wpa_s, ssid); 5178 } else 5179 wpa_supplicant_enable_one_network(wpa_s, ssid); 5180 5181 if (wpa_s->reassociate && !wpa_s->disconnected && 5182 (!wpa_s->current_ssid || 5183 wpa_s->wpa_state == WPA_DISCONNECTED || 5184 wpa_s->wpa_state == WPA_SCANNING)) { 5185 if (wpa_s->sched_scanning) { 5186 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add " 5187 "new network to scan filters"); 5188 wpa_supplicant_cancel_sched_scan(wpa_s); 5189 } 5190 5191 if (wpa_supplicant_fast_associate(wpa_s) != 1) { 5192 wpa_s->scan_req = NORMAL_SCAN_REQ; 5193 wpa_supplicant_req_scan(wpa_s, 0, 0); 5194 } 5195 } 5196 } 5197 5198 5199 /** 5200 * wpa_supplicant_disable_network - Mark a configured network as disabled 5201 * @wpa_s: wpa_supplicant structure for a network interface 5202 * @ssid: wpa_ssid structure for a configured network or %NULL 5203 * 5204 * Disables the specified network or all networks if no network specified. 5205 */ wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5206 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, 5207 struct wpa_ssid *ssid) 5208 { 5209 struct wpa_ssid *other_ssid; 5210 int was_disabled; 5211 5212 if (ssid == NULL) { 5213 if (wpa_s->sched_scanning) 5214 wpa_supplicant_cancel_sched_scan(wpa_s); 5215 5216 for (other_ssid = wpa_s->conf->ssid; other_ssid; 5217 other_ssid = other_ssid->next) { 5218 was_disabled = other_ssid->disabled; 5219 if (was_disabled == 2) 5220 continue; /* do not change persistent P2P group 5221 * data */ 5222 5223 other_ssid->disabled = 1; 5224 5225 if (was_disabled != other_ssid->disabled) 5226 wpas_notify_network_enabled_changed( 5227 wpa_s, other_ssid); 5228 } 5229 if (wpa_s->current_ssid) { 5230 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 5231 wpa_s->own_disconnect_req = 1; 5232 wpa_supplicant_deauthenticate( 5233 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 5234 } 5235 } else if (ssid->disabled != 2) { 5236 if (ssid == wpa_s->current_ssid) { 5237 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 5238 wpa_s->own_disconnect_req = 1; 5239 wpa_supplicant_deauthenticate( 5240 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 5241 } 5242 5243 was_disabled = ssid->disabled; 5244 5245 ssid->disabled = 1; 5246 5247 if (was_disabled != ssid->disabled) { 5248 wpas_notify_network_enabled_changed(wpa_s, ssid); 5249 if (wpa_s->sched_scanning) { 5250 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan " 5251 "to remove network from filters"); 5252 wpa_supplicant_cancel_sched_scan(wpa_s); 5253 wpa_supplicant_req_scan(wpa_s, 0, 0); 5254 } 5255 } 5256 } 5257 } 5258 5259 ssid_in_last_scan(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5260 static bool ssid_in_last_scan(struct wpa_supplicant *wpa_s, 5261 struct wpa_ssid *ssid) 5262 { 5263 size_t i; 5264 5265 /* Check if the previous scan included the selected network */ 5266 if (wpa_s->last_scan_num_ssids <= 1 || 5267 !ssid->ssid || ssid->ssid_len == 0) 5268 return false; 5269 5270 /* Iterate through the previous scan SSIDs */ 5271 for (i = 0; i < wpa_s->last_scan_num_ssids; i++) { 5272 if (os_memcmp(wpa_s->last_scan_ssids[i].ssid, ssid->ssid, 5273 ssid->ssid_len) == 0) 5274 return true; 5275 } 5276 5277 return false; 5278 } 5279 5280 5281 /** 5282 * Checks whether an SSID was discovered in the last scan. 5283 * @wpa_s: wpa_supplicant structure for a network interface. 5284 * @ssid: wpa_ssid structure for a configured network. 5285 * Returns: true if ssid found, false otherwise. 5286 */ ssid_in_last_scan_res(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5287 static bool ssid_in_last_scan_res(struct wpa_supplicant *wpa_s, 5288 struct wpa_ssid *ssid) 5289 { 5290 size_t i; 5291 5292 if (!wpa_s->last_scan_res || !ssid->ssid || ssid->ssid_len == 0) 5293 return false; 5294 5295 for (i = 0; i < wpa_s->last_scan_res_used; i++) { 5296 if (os_memcmp(wpa_s->last_scan_res[i]->ssid, 5297 ssid->ssid, ssid->ssid_len) == 0) 5298 return true; 5299 } 5300 5301 return false; 5302 } 5303 5304 5305 /** 5306 * wpa_supplicant_select_network - Attempt association with a network 5307 * @wpa_s: wpa_supplicant structure for a network interface 5308 * @ssid: wpa_ssid structure for a configured network or %NULL for any network 5309 */ wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5310 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, 5311 struct wpa_ssid *ssid) 5312 { 5313 5314 struct wpa_ssid *other_ssid; 5315 int disconnected = 0; 5316 bool request_new_scan = false; 5317 5318 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { 5319 if (wpa_s->wpa_state >= WPA_AUTHENTICATING) 5320 wpa_s->own_disconnect_req = 1; 5321 wpa_supplicant_deauthenticate( 5322 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 5323 disconnected = 1; 5324 } 5325 5326 if (ssid) 5327 wpas_clear_temp_disabled(wpa_s, ssid, 1); 5328 5329 /* 5330 * Mark all other networks disabled or mark all networks enabled if no 5331 * network specified. 5332 */ 5333 for (other_ssid = wpa_s->conf->ssid; other_ssid; 5334 other_ssid = other_ssid->next) { 5335 int was_disabled = other_ssid->disabled; 5336 if (was_disabled == 2) 5337 continue; /* do not change persistent P2P group data */ 5338 5339 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; 5340 if (was_disabled && !other_ssid->disabled) 5341 wpas_clear_temp_disabled(wpa_s, other_ssid, 0); 5342 5343 if (was_disabled != other_ssid->disabled) 5344 wpas_notify_network_enabled_changed(wpa_s, other_ssid); 5345 } 5346 5347 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid && 5348 wpa_s->wpa_state >= WPA_AUTHENTICATING) { 5349 /* We are already associated with the selected network */ 5350 wpa_printf(MSG_DEBUG, "Already associated with the " 5351 "selected network - do nothing"); 5352 return; 5353 } 5354 5355 if (ssid) { 5356 wpa_s->current_ssid = ssid; 5357 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); 5358 wpa_s->connect_without_scan = 5359 (ssid->mode == WPAS_MODE_MESH || 5360 ssid->mode == WPAS_MODE_AP) ? ssid : NULL; 5361 5362 if (ssid->scan_ssid) { 5363 if (ssid_in_last_scan(wpa_s, ssid)) { 5364 wpa_printf(MSG_DEBUG, 5365 "Hidden network was scanned for in last scan"); 5366 } else if (ssid_in_last_scan_res(wpa_s, ssid)) { 5367 wpa_printf(MSG_DEBUG, 5368 "Hidden network was found in last scan results"); 5369 } else { 5370 request_new_scan = true; 5371 wpa_printf(MSG_DEBUG, 5372 "Request a new scan for hidden network"); 5373 } 5374 } 5375 5376 if (!request_new_scan && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) && 5377 !ssid->owe_only) { 5378 wpa_printf(MSG_DEBUG, 5379 "Request a new scan for OWE transition SSID"); 5380 request_new_scan = true; 5381 } 5382 5383 /* 5384 * Don't optimize next scan freqs since a new ESS has been 5385 * selected. 5386 */ 5387 os_free(wpa_s->next_scan_freqs); 5388 wpa_s->next_scan_freqs = NULL; 5389 } else { 5390 wpa_s->connect_without_scan = NULL; 5391 } 5392 5393 wpa_s->disconnected = 0; 5394 wpa_s->reassociate = 1; 5395 wpa_s_clear_sae_rejected(wpa_s); 5396 wpa_s->last_owe_group = 0; 5397 if (ssid) { 5398 ssid->owe_transition_bss_select_count = 0; 5399 wpa_s_setup_sae_pt(wpa_s, ssid, false); 5400 } 5401 5402 if (wpa_s->connect_without_scan || request_new_scan || 5403 wpa_supplicant_fast_associate(wpa_s) != 1) { 5404 wpa_s->scan_req = NORMAL_SCAN_REQ; 5405 wpas_scan_reset_sched_scan(wpa_s); 5406 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); 5407 } 5408 5409 if (ssid) 5410 wpas_notify_network_selected(wpa_s, ssid); 5411 } 5412 5413 5414 /** 5415 * wpas_remove_cred - Remove the specified credential and all the network 5416 * entries created based on the removed credential 5417 * @wpa_s: wpa_supplicant structure for a network interface 5418 * @cred: The credential to remove 5419 * Returns: 0 on success, -1 on failure 5420 */ wpas_remove_cred(struct wpa_supplicant * wpa_s,struct wpa_cred * cred)5421 int wpas_remove_cred(struct wpa_supplicant *wpa_s, struct wpa_cred *cred) 5422 { 5423 struct wpa_ssid *ssid, *next; 5424 int id; 5425 5426 if (!cred) { 5427 wpa_printf(MSG_DEBUG, "Could not find cred"); 5428 return -1; 5429 } 5430 5431 id = cred->id; 5432 if (wpa_config_remove_cred(wpa_s->conf, id) < 0) { 5433 wpa_printf(MSG_DEBUG, "Could not find cred %d", id); 5434 return -1; 5435 } 5436 5437 wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id); 5438 5439 /* Remove any network entry created based on the removed credential */ 5440 ssid = wpa_s->conf->ssid; 5441 while (ssid) { 5442 next = ssid->next; 5443 5444 if (ssid->parent_cred == cred) { 5445 wpa_printf(MSG_DEBUG, 5446 "Remove network id %d since it used the removed credential", 5447 ssid->id); 5448 if (wpa_supplicant_remove_network(wpa_s, ssid->id) == 5449 -1) { 5450 wpa_printf(MSG_DEBUG, 5451 "Could not find network id=%d", 5452 ssid->id); 5453 } 5454 } 5455 5456 ssid = next; 5457 } 5458 5459 return 0; 5460 } 5461 5462 5463 /** 5464 * wpas_remove_cred - Remove all the Interworking credentials 5465 * @wpa_s: wpa_supplicant structure for a network interface 5466 * Returns: 0 on success, -1 on failure 5467 */ wpas_remove_all_creds(struct wpa_supplicant * wpa_s)5468 int wpas_remove_all_creds(struct wpa_supplicant *wpa_s) 5469 { 5470 int res, ret = 0; 5471 struct wpa_cred *cred, *prev; 5472 5473 cred = wpa_s->conf->cred; 5474 while (cred) { 5475 prev = cred; 5476 cred = cred->next; 5477 res = wpas_remove_cred(wpa_s, prev); 5478 if (res < 0) { 5479 wpa_printf(MSG_DEBUG, 5480 "Removal of all credentials failed - failed to remove credential id=%d", 5481 prev->id); 5482 ret = -1; 5483 } 5484 } 5485 5486 return ret; 5487 } 5488 5489 5490 /** 5491 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path 5492 * @wpa_s: wpa_supplicant structure for a network interface 5493 * @pkcs11_engine_path: PKCS #11 engine path or NULL 5494 * @pkcs11_module_path: PKCS #11 module path or NULL 5495 * Returns: 0 on success; -1 on failure 5496 * 5497 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid 5498 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and 5499 * module path fails the paths will be reset to the default value (NULL). 5500 */ wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)5501 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s, 5502 const char *pkcs11_engine_path, 5503 const char *pkcs11_module_path) 5504 { 5505 char *pkcs11_engine_path_copy = NULL; 5506 char *pkcs11_module_path_copy = NULL; 5507 5508 if (pkcs11_engine_path != NULL) { 5509 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path); 5510 if (pkcs11_engine_path_copy == NULL) 5511 return -1; 5512 } 5513 if (pkcs11_module_path != NULL) { 5514 pkcs11_module_path_copy = os_strdup(pkcs11_module_path); 5515 if (pkcs11_module_path_copy == NULL) { 5516 os_free(pkcs11_engine_path_copy); 5517 return -1; 5518 } 5519 } 5520 5521 #ifndef CONFIG_PKCS11_ENGINE_PATH 5522 os_free(wpa_s->conf->pkcs11_engine_path); 5523 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy; 5524 #endif /* CONFIG_PKCS11_ENGINE_PATH */ 5525 #ifndef CONFIG_PKCS11_MODULE_PATH 5526 os_free(wpa_s->conf->pkcs11_module_path); 5527 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy; 5528 #endif /* CONFIG_PKCS11_MODULE_PATH */ 5529 5530 wpa_sm_set_eapol(wpa_s->wpa, NULL); 5531 eapol_sm_deinit(wpa_s->eapol); 5532 wpa_s->eapol = NULL; 5533 if (wpa_supplicant_init_eapol(wpa_s)) { 5534 /* Error -> Reset paths to the default value (NULL) once. */ 5535 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL) 5536 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL, 5537 NULL); 5538 5539 return -1; 5540 } 5541 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 5542 5543 return 0; 5544 } 5545 5546 5547 /** 5548 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface 5549 * @wpa_s: wpa_supplicant structure for a network interface 5550 * @ap_scan: AP scan mode 5551 * Returns: 0 if succeed or -1 if ap_scan has an invalid value 5552 * 5553 */ wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)5554 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) 5555 { 5556 5557 int old_ap_scan; 5558 5559 if (ap_scan < 0 || ap_scan > 2) 5560 return -1; 5561 5562 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) { 5563 wpa_printf(MSG_INFO, 5564 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); 5565 } 5566 5567 #ifdef ANDROID 5568 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && 5569 wpa_s->wpa_state >= WPA_ASSOCIATING && 5570 wpa_s->wpa_state < WPA_COMPLETED) { 5571 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " 5572 "associating", wpa_s->conf->ap_scan, ap_scan); 5573 return 0; 5574 } 5575 #endif /* ANDROID */ 5576 5577 old_ap_scan = wpa_s->conf->ap_scan; 5578 wpa_s->conf->ap_scan = ap_scan; 5579 5580 if (old_ap_scan != wpa_s->conf->ap_scan) 5581 wpas_notify_ap_scan_changed(wpa_s); 5582 5583 return 0; 5584 } 5585 5586 5587 /** 5588 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age 5589 * @wpa_s: wpa_supplicant structure for a network interface 5590 * @expire_age: Expiration age in seconds 5591 * Returns: 0 if succeed or -1 if expire_age has an invalid value 5592 * 5593 */ wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)5594 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, 5595 unsigned int bss_expire_age) 5596 { 5597 if (bss_expire_age < 10) { 5598 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", 5599 bss_expire_age); 5600 return -1; 5601 } 5602 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", 5603 bss_expire_age); 5604 wpa_s->conf->bss_expiration_age = bss_expire_age; 5605 5606 return 0; 5607 } 5608 5609 5610 /** 5611 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count 5612 * @wpa_s: wpa_supplicant structure for a network interface 5613 * @expire_count: number of scans after which an unseen BSS is reclaimed 5614 * Returns: 0 if succeed or -1 if expire_count has an invalid value 5615 * 5616 */ wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)5617 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, 5618 unsigned int bss_expire_count) 5619 { 5620 if (bss_expire_count < 1) { 5621 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", 5622 bss_expire_count); 5623 return -1; 5624 } 5625 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", 5626 bss_expire_count); 5627 wpa_s->conf->bss_expiration_scan_count = bss_expire_count; 5628 5629 return 0; 5630 } 5631 5632 5633 /** 5634 * wpa_supplicant_set_scan_interval - Set scan interval 5635 * @wpa_s: wpa_supplicant structure for a network interface 5636 * @scan_interval: scan interval in seconds 5637 * Returns: 0 if succeed or -1 if scan_interval has an invalid value 5638 * 5639 */ wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)5640 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s, 5641 int scan_interval) 5642 { 5643 if (scan_interval < 0) { 5644 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d", 5645 scan_interval); 5646 return -1; 5647 } 5648 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec", 5649 scan_interval); 5650 wpa_supplicant_update_scan_int(wpa_s, scan_interval); 5651 5652 return 0; 5653 } 5654 5655 5656 /** 5657 * wpa_supplicant_set_debug_params - Set global debug params 5658 * @global: wpa_global structure 5659 * @debug_level: debug level 5660 * @debug_timestamp: determines if show timestamp in debug data 5661 * @debug_show_keys: determines if show keys in debug data 5662 * Returns: 0 if succeed or -1 if debug_level has wrong value 5663 */ wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)5664 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, 5665 int debug_timestamp, int debug_show_keys) 5666 { 5667 5668 int old_level, old_timestamp, old_show_keys; 5669 5670 /* check for allowed debuglevels */ 5671 if (debug_level != MSG_EXCESSIVE && 5672 debug_level != MSG_MSGDUMP && 5673 debug_level != MSG_DEBUG && 5674 debug_level != MSG_INFO && 5675 debug_level != MSG_WARNING && 5676 debug_level != MSG_ERROR) 5677 return -1; 5678 5679 old_level = wpa_debug_level; 5680 old_timestamp = wpa_debug_timestamp; 5681 old_show_keys = wpa_debug_show_keys; 5682 5683 wpa_debug_level = debug_level; 5684 wpa_debug_timestamp = debug_timestamp ? 1 : 0; 5685 wpa_debug_show_keys = debug_show_keys ? 1 : 0; 5686 5687 if (wpa_debug_level != old_level) 5688 wpas_notify_debug_level_changed(global); 5689 if (wpa_debug_timestamp != old_timestamp) 5690 wpas_notify_debug_timestamp_changed(global); 5691 if (wpa_debug_show_keys != old_show_keys) 5692 wpas_notify_debug_show_keys_changed(global); 5693 5694 return 0; 5695 } 5696 5697 5698 #ifdef CONFIG_OWE owe_trans_ssid_match(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * entry_ssid,size_t entry_ssid_len)5699 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid, 5700 const u8 *entry_ssid, size_t entry_ssid_len) 5701 { 5702 const u8 *owe, *owe_bssid, *owe_ssid; 5703 size_t owe_ssid_len; 5704 struct wpa_bss *bss; 5705 5706 /* Check network profile SSID aganst the SSID in the 5707 * OWE Transition Mode element. */ 5708 5709 bss = wpa_bss_get_bssid_latest(wpa_s, bssid); 5710 if (!bss) 5711 return 0; 5712 5713 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE); 5714 if (!owe) 5715 return 0; 5716 5717 if (wpas_get_owe_trans_network(owe, &owe_bssid, &owe_ssid, 5718 &owe_ssid_len)) 5719 return 0; 5720 5721 return entry_ssid_len == owe_ssid_len && 5722 os_memcmp(owe_ssid, entry_ssid, owe_ssid_len) == 0; 5723 } 5724 #endif /* CONFIG_OWE */ 5725 5726 5727 /** 5728 * wpa_supplicant_get_ssid - Get a pointer to the current network structure 5729 * @wpa_s: Pointer to wpa_supplicant data 5730 * Returns: A pointer to the current network structure or %NULL on failure 5731 */ wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)5732 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) 5733 { 5734 struct wpa_ssid *entry; 5735 u8 ssid[SSID_MAX_LEN]; 5736 int res; 5737 size_t ssid_len; 5738 u8 bssid[ETH_ALEN]; 5739 int wired; 5740 5741 res = wpa_drv_get_ssid(wpa_s, ssid); 5742 if (res < 0) { 5743 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " 5744 "driver"); 5745 return NULL; 5746 } 5747 ssid_len = res; 5748 5749 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { 5750 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " 5751 "driver"); 5752 return NULL; 5753 } 5754 5755 wired = wpa_s->conf->ap_scan == 0 && 5756 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); 5757 5758 entry = wpa_s->conf->ssid; 5759 while (entry) { 5760 if (!wpas_network_disabled(wpa_s, entry) && 5761 ((ssid_len == entry->ssid_len && 5762 (!entry->ssid || 5763 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) || 5764 wired) && 5765 (!entry->bssid_set || 5766 ether_addr_equal(bssid, entry->bssid))) 5767 return entry; 5768 #ifdef CONFIG_WPS 5769 if (!wpas_network_disabled(wpa_s, entry) && 5770 (entry->key_mgmt & WPA_KEY_MGMT_WPS) && 5771 (entry->ssid == NULL || entry->ssid_len == 0) && 5772 (!entry->bssid_set || 5773 ether_addr_equal(bssid, entry->bssid))) 5774 return entry; 5775 #endif /* CONFIG_WPS */ 5776 5777 #ifdef CONFIG_OWE 5778 if (!wpas_network_disabled(wpa_s, entry) && 5779 (entry->ssid && 5780 owe_trans_ssid_match(wpa_s, bssid, entry->ssid, 5781 entry->ssid_len)) && 5782 (!entry->bssid_set || 5783 ether_addr_equal(bssid, entry->bssid))) 5784 return entry; 5785 #endif /* CONFIG_OWE */ 5786 5787 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && 5788 entry->ssid_len == 0 && 5789 ether_addr_equal(bssid, entry->bssid)) 5790 return entry; 5791 5792 entry = entry->next; 5793 } 5794 5795 return NULL; 5796 } 5797 5798 select_driver(struct wpa_supplicant * wpa_s,int i)5799 static int select_driver(struct wpa_supplicant *wpa_s, int i) 5800 { 5801 struct wpa_global *global = wpa_s->global; 5802 5803 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { 5804 global->drv_priv[i] = wpa_drivers[i]->global_init(global); 5805 if (global->drv_priv[i] == NULL) { 5806 wpa_printf(MSG_ERROR, "Failed to initialize driver " 5807 "'%s'", wpa_drivers[i]->name); 5808 return -1; 5809 } 5810 } 5811 5812 wpa_s->driver = wpa_drivers[i]; 5813 wpa_s->global_drv_priv = global->drv_priv[i]; 5814 5815 return 0; 5816 } 5817 5818 wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)5819 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, 5820 const char *name) 5821 { 5822 int i; 5823 size_t len; 5824 const char *pos, *driver = name; 5825 5826 if (wpa_s == NULL) 5827 return -1; 5828 5829 if (wpa_drivers[0] == NULL) { 5830 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " 5831 "wpa_supplicant"); 5832 return -1; 5833 } 5834 5835 if (name == NULL) { 5836 /* Default to first successful driver in the list */ 5837 for (i = 0; wpa_drivers[i]; i++) { 5838 if (select_driver(wpa_s, i) == 0) 5839 return 0; 5840 } 5841 /* Drivers have each reported failure, so no wpa_msg() here. */ 5842 return -1; 5843 } 5844 5845 do { 5846 pos = os_strchr(driver, ','); 5847 if (pos) 5848 len = pos - driver; 5849 else 5850 len = os_strlen(driver); 5851 5852 for (i = 0; wpa_drivers[i]; i++) { 5853 if (os_strlen(wpa_drivers[i]->name) == len && 5854 os_strncmp(driver, wpa_drivers[i]->name, len) == 5855 0) { 5856 /* First driver that succeeds wins */ 5857 if (select_driver(wpa_s, i) == 0) 5858 return 0; 5859 } 5860 } 5861 5862 driver = pos + 1; 5863 } while (pos); 5864 5865 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); 5866 return -1; 5867 } 5868 5869 5870 /** 5871 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant 5872 * @ctx: Context pointer (wpa_s); this is the ctx variable registered 5873 * with struct wpa_driver_ops::init() 5874 * @src_addr: Source address of the EAPOL frame 5875 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) 5876 * @len: Length of the EAPOL data 5877 * @encrypted: Whether the frame was encrypted 5878 * 5879 * This function is called for each received EAPOL frame. Most driver 5880 * interfaces rely on more generic OS mechanism for receiving frames through 5881 * l2_packet, but if such a mechanism is not available, the driver wrapper may 5882 * take care of received EAPOL frames and deliver them to the core supplicant 5883 * code by calling this function. 5884 */ wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len,enum frame_encryption encrypted)5885 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, 5886 const u8 *buf, size_t len, 5887 enum frame_encryption encrypted) 5888 { 5889 struct wpa_supplicant *wpa_s = ctx; 5890 const u8 *connected_addr = wpa_s->valid_links ? 5891 wpa_s->ap_mld_addr : wpa_s->bssid; 5892 5893 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " (encrypted=%d)", 5894 MAC2STR(src_addr), encrypted); 5895 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); 5896 5897 if (wpa_s->own_disconnect_req) { 5898 wpa_printf(MSG_DEBUG, 5899 "Drop received EAPOL frame as we are disconnecting"); 5900 return; 5901 } 5902 5903 #ifdef CONFIG_TESTING_OPTIONS 5904 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu", 5905 MAC2STR(src_addr), len); 5906 if (wpa_s->ignore_auth_resp) { 5907 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!"); 5908 return; 5909 } 5910 #endif /* CONFIG_TESTING_OPTIONS */ 5911 5912 if (wpa_s->wpa_state < WPA_ASSOCIATED || 5913 (wpa_s->last_eapol_matches_bssid && 5914 #ifdef CONFIG_AP 5915 !wpa_s->ap_iface && 5916 #endif /* CONFIG_AP */ 5917 !ether_addr_equal(src_addr, connected_addr))) { 5918 /* 5919 * There is possible race condition between receiving the 5920 * association event and the EAPOL frame since they are coming 5921 * through different paths from the driver. In order to avoid 5922 * issues in trying to process the EAPOL frame before receiving 5923 * association information, lets queue it for processing until 5924 * the association event is received. This may also be needed in 5925 * driver-based roaming case, so also use src_addr != BSSID as a 5926 * trigger if we have previously confirmed that the 5927 * Authenticator uses BSSID as the src_addr (which is not the 5928 * case with wired IEEE 802.1X). 5929 */ 5930 wpa_dbg(wpa_s, MSG_DEBUG, 5931 "Not associated - Delay processing of received EAPOL frame (state=%s connected_addr=" 5932 MACSTR ")", 5933 wpa_supplicant_state_txt(wpa_s->wpa_state), 5934 MAC2STR(connected_addr)); 5935 delay_processing: 5936 wpabuf_free(wpa_s->pending_eapol_rx); 5937 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); 5938 if (wpa_s->pending_eapol_rx) { 5939 os_get_reltime(&wpa_s->pending_eapol_rx_time); 5940 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, 5941 ETH_ALEN); 5942 wpa_s->pending_eapol_encrypted = encrypted; 5943 } 5944 return; 5945 } 5946 5947 wpa_s->last_eapol_matches_bssid = 5948 ether_addr_equal(src_addr, connected_addr); 5949 5950 #ifdef CONFIG_AP 5951 if (wpa_s->ap_iface) { 5952 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len, 5953 encrypted); 5954 return; 5955 } 5956 #endif /* CONFIG_AP */ 5957 5958 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { 5959 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " 5960 "no key management is configured"); 5961 return; 5962 } 5963 5964 if (wpa_s->eapol_received == 0 && 5965 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) || 5966 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || 5967 wpa_s->wpa_state != WPA_COMPLETED) && 5968 (wpa_s->current_ssid == NULL || 5969 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) { 5970 /* Timeout for completing IEEE 802.1X and WPA authentication */ 5971 int timeout = 10; 5972 5973 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || 5974 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || 5975 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) { 5976 /* Use longer timeout for IEEE 802.1X/EAP */ 5977 timeout = 70; 5978 } 5979 5980 #ifdef CONFIG_WPS 5981 if (wpa_s->current_ssid && wpa_s->current_bss && 5982 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) && 5983 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) { 5984 /* 5985 * Use shorter timeout if going through WPS AP iteration 5986 * for PIN config method with an AP that does not 5987 * advertise Selected Registrar. 5988 */ 5989 struct wpabuf *wps_ie; 5990 5991 wps_ie = wpa_bss_get_vendor_ie_multi( 5992 wpa_s->current_bss, WPS_IE_VENDOR_TYPE); 5993 if (wps_ie && 5994 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1)) 5995 timeout = 10; 5996 wpabuf_free(wps_ie); 5997 } 5998 #endif /* CONFIG_WPS */ 5999 6000 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); 6001 } 6002 wpa_s->eapol_received++; 6003 6004 if (wpa_s->countermeasures) { 6005 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " 6006 "EAPOL packet"); 6007 return; 6008 } 6009 6010 #ifdef CONFIG_IBSS_RSN 6011 if (wpa_s->current_ssid && 6012 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { 6013 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len, 6014 encrypted); 6015 return; 6016 } 6017 #endif /* CONFIG_IBSS_RSN */ 6018 6019 /* Source address of the incoming EAPOL frame could be compared to the 6020 * current BSSID. However, it is possible that a centralized 6021 * Authenticator could be using another MAC address than the BSSID of 6022 * an AP, so just allow any address to be used for now. The replies are 6023 * still sent to the current BSSID (if available), though. */ 6024 6025 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); 6026 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && 6027 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE && 6028 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP && 6029 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len, 6030 encrypted) > 0) 6031 return; 6032 wpa_drv_poll(wpa_s); 6033 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) { 6034 if (wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len, 6035 encrypted) == -2 && 6036 #ifdef CONFIG_AP 6037 !wpa_s->ap_iface && 6038 #endif /* CONFIG_AP */ 6039 wpa_s->last_eapol_matches_bssid) { 6040 /* Handle the case where reassociation occurs to the 6041 * current connected AP */ 6042 wpa_dbg(wpa_s, MSG_DEBUG, 6043 "Delay processing of received EAPOL frame for reassociation to the current connected AP (state=%s connected_addr=" 6044 MACSTR ")", 6045 wpa_supplicant_state_txt(wpa_s->wpa_state), 6046 MAC2STR(connected_addr)); 6047 goto delay_processing; 6048 } 6049 } else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { 6050 /* 6051 * Set portValid = true here since we are going to skip 4-way 6052 * handshake processing which would normally set portValid. We 6053 * need this to allow the EAPOL state machines to be completed 6054 * without going through EAPOL-Key handshake. 6055 */ 6056 eapol_sm_notify_portValid(wpa_s->eapol, true); 6057 } 6058 } 6059 6060 wpa_supplicant_rx_eapol_cb(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)6061 static void wpa_supplicant_rx_eapol_cb(void *ctx, const u8 *src_addr, 6062 const u8 *buf, size_t len) 6063 { 6064 wpa_supplicant_rx_eapol(ctx, src_addr, buf, len, 6065 FRAME_ENCRYPTION_UNKNOWN); 6066 } 6067 6068 wpas_eapol_needs_l2_packet(struct wpa_supplicant * wpa_s)6069 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s) 6070 { 6071 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) || 6072 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX); 6073 } 6074 6075 wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)6076 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) 6077 { 6078 u8 prev_mac_addr[ETH_ALEN]; 6079 6080 os_memcpy(prev_mac_addr, wpa_s->own_addr, ETH_ALEN); 6081 6082 if ((!wpa_s->p2p_mgmt || 6083 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) && 6084 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { 6085 l2_packet_deinit(wpa_s->l2); 6086 wpa_s->l2 = l2_packet_init(wpa_s->ifname, 6087 wpa_drv_get_mac_addr(wpa_s), 6088 ETH_P_EAPOL, 6089 wpas_eapol_needs_l2_packet(wpa_s) ? 6090 wpa_supplicant_rx_eapol_cb : NULL, 6091 wpa_s, 0); 6092 if (wpa_s->l2 == NULL) 6093 return -1; 6094 6095 if (l2_packet_set_packet_filter(wpa_s->l2, 6096 L2_PACKET_FILTER_PKTTYPE)) 6097 wpa_dbg(wpa_s, MSG_DEBUG, 6098 "Failed to attach pkt_type filter"); 6099 6100 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { 6101 wpa_msg(wpa_s, MSG_ERROR, 6102 "Failed to get own L2 address"); 6103 return -1; 6104 } 6105 } else { 6106 const u8 *addr = wpa_drv_get_mac_addr(wpa_s); 6107 if (addr) 6108 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); 6109 } 6110 6111 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 6112 wpas_wps_update_mac_addr(wpa_s); 6113 6114 #ifdef CONFIG_FST 6115 if (wpa_s->fst) 6116 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr); 6117 #endif /* CONFIG_FST */ 6118 6119 if (!ether_addr_equal(prev_mac_addr, wpa_s->own_addr)) 6120 wpas_notify_mac_address_changed(wpa_s); 6121 6122 return 0; 6123 } 6124 6125 wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)6126 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr, 6127 const u8 *buf, size_t len) 6128 { 6129 struct wpa_supplicant *wpa_s = ctx; 6130 const struct l2_ethhdr *eth; 6131 6132 if (len < sizeof(*eth)) 6133 return; 6134 eth = (const struct l2_ethhdr *) buf; 6135 6136 if (!ether_addr_equal(eth->h_dest, wpa_s->own_addr) && 6137 !(eth->h_dest[0] & 0x01)) { 6138 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR 6139 " (bridge - not for this interface - ignore)", 6140 MAC2STR(src_addr), MAC2STR(eth->h_dest)); 6141 return; 6142 } 6143 6144 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR 6145 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest)); 6146 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth), 6147 len - sizeof(*eth), FRAME_ENCRYPTION_UNKNOWN); 6148 } 6149 6150 wpa_supplicant_update_bridge_ifname(struct wpa_supplicant * wpa_s,const char * bridge_ifname)6151 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s, 6152 const char *bridge_ifname) 6153 { 6154 if (wpa_s->wpa_state > WPA_SCANNING) 6155 return -EBUSY; 6156 6157 if (bridge_ifname && 6158 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname)) 6159 return -EINVAL; 6160 6161 if (!bridge_ifname) 6162 bridge_ifname = ""; 6163 6164 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0) 6165 return 0; 6166 6167 if (wpa_s->l2_br) { 6168 l2_packet_deinit(wpa_s->l2_br); 6169 wpa_s->l2_br = NULL; 6170 } 6171 6172 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname, 6173 sizeof(wpa_s->bridge_ifname)); 6174 6175 if (wpa_s->bridge_ifname[0]) { 6176 wpa_dbg(wpa_s, MSG_DEBUG, 6177 "Receiving packets from bridge interface '%s'", 6178 wpa_s->bridge_ifname); 6179 wpa_s->l2_br = l2_packet_init_bridge( 6180 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr, 6181 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1); 6182 if (!wpa_s->l2_br) { 6183 wpa_msg(wpa_s, MSG_ERROR, 6184 "Failed to open l2_packet connection for the bridge interface '%s'", 6185 wpa_s->bridge_ifname); 6186 goto fail; 6187 } 6188 } 6189 6190 #ifdef CONFIG_TDLS 6191 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa)) 6192 goto fail; 6193 #endif /* CONFIG_TDLS */ 6194 6195 return 0; 6196 fail: 6197 wpa_s->bridge_ifname[0] = 0; 6198 if (wpa_s->l2_br) { 6199 l2_packet_deinit(wpa_s->l2_br); 6200 wpa_s->l2_br = NULL; 6201 } 6202 #ifdef CONFIG_TDLS 6203 if (!wpa_s->p2p_mgmt) 6204 wpa_tdls_init(wpa_s->wpa); 6205 #endif /* CONFIG_TDLS */ 6206 return -EIO; 6207 } 6208 6209 6210 /** 6211 * wpa_supplicant_driver_init - Initialize driver interface parameters 6212 * @wpa_s: Pointer to wpa_supplicant data 6213 * Returns: 0 on success, -1 on failure 6214 * 6215 * This function is called to initialize driver interface parameters. 6216 * wpa_drv_init() must have been called before this function to initialize the 6217 * driver interface. 6218 */ wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)6219 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) 6220 { 6221 static int interface_count = 0; 6222 6223 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) 6224 return -1; 6225 6226 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, 6227 MAC2STR(wpa_s->own_addr)); 6228 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN); 6229 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); 6230 6231 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) { 6232 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " 6233 "interface '%s'", wpa_s->bridge_ifname); 6234 wpa_s->l2_br = l2_packet_init_bridge( 6235 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr, 6236 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1); 6237 if (wpa_s->l2_br == NULL) { 6238 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " 6239 "connection for the bridge interface '%s'", 6240 wpa_s->bridge_ifname); 6241 return -1; 6242 } 6243 } 6244 6245 if (wpa_s->conf->ap_scan == 2 && 6246 os_strcmp(wpa_s->driver->name, "nl80211") == 0) { 6247 wpa_printf(MSG_INFO, 6248 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures"); 6249 } 6250 6251 wpa_clear_keys(wpa_s, NULL); 6252 6253 /* Make sure that TKIP countermeasures are not left enabled (could 6254 * happen if wpa_supplicant is killed during countermeasures. */ 6255 wpa_drv_set_countermeasures(wpa_s, 0); 6256 6257 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); 6258 wpa_drv_flush_pmkid(wpa_s); 6259 6260 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; 6261 wpa_s->prev_scan_wildcard = 0; 6262 6263 if (wpa_supplicant_enabled_networks(wpa_s)) { 6264 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) { 6265 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 6266 interface_count = 0; 6267 } 6268 #ifndef ANDROID 6269 if (!wpa_s->p2p_mgmt && 6270 wpa_supplicant_delayed_sched_scan(wpa_s, 6271 interface_count % 3, 6272 100000)) 6273 wpa_supplicant_req_scan(wpa_s, interface_count % 3, 6274 100000); 6275 #endif /* ANDROID */ 6276 interface_count++; 6277 } else 6278 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); 6279 6280 return 0; 6281 } 6282 6283 wpa_supplicant_daemon(const char * pid_file)6284 static int wpa_supplicant_daemon(const char *pid_file) 6285 { 6286 wpa_printf(MSG_DEBUG, "Daemonize.."); 6287 return os_daemonize(pid_file); 6288 } 6289 6290 6291 static struct wpa_supplicant * wpa_supplicant_alloc(struct wpa_supplicant * parent)6292 wpa_supplicant_alloc(struct wpa_supplicant *parent) 6293 { 6294 struct wpa_supplicant *wpa_s; 6295 6296 wpa_s = os_zalloc(sizeof(*wpa_s)); 6297 if (wpa_s == NULL) 6298 return NULL; 6299 wpa_s->scan_req = INITIAL_SCAN_REQ; 6300 wpa_s->scan_interval = 5; 6301 wpa_s->new_connection = 1; 6302 wpa_s->parent = parent ? parent : wpa_s; 6303 wpa_s->p2pdev = wpa_s->parent; 6304 #ifdef CONFIG_P2P 6305 if (parent) 6306 wpa_s->p2p_mode = parent->p2p_mode; 6307 #endif /* CONFIG_P2P */ 6308 wpa_s->sched_scanning = 0; 6309 wpa_s->setband_mask = WPA_SETBAND_AUTO; 6310 6311 dl_list_init(&wpa_s->bss_tmp_disallowed); 6312 dl_list_init(&wpa_s->fils_hlp_req); 6313 #ifdef CONFIG_TESTING_OPTIONS 6314 dl_list_init(&wpa_s->drv_signal_override); 6315 wpa_s->test_assoc_comeback_type = -1; 6316 #endif /* CONFIG_TESTING_OPTIONS */ 6317 #ifndef CONFIG_NO_ROBUST_AV 6318 dl_list_init(&wpa_s->active_scs_ids); 6319 #endif /* CONFIG_NO_ROBUST_AV */ 6320 wpa_s->ml_probe_mld_id = -1; 6321 6322 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL 6323 #ifdef CONFIG_MESH 6324 dl_list_init(&wpa_s->mesh_external_pmksa_cache); 6325 #endif /* CONFIG_MESH */ 6326 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */ 6327 6328 return wpa_s; 6329 } 6330 6331 6332 #ifdef CONFIG_HT_OVERRIDES 6333 wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)6334 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, 6335 struct ieee80211_ht_capabilities *htcaps, 6336 struct ieee80211_ht_capabilities *htcaps_mask, 6337 const char *ht_mcs) 6338 { 6339 /* parse ht_mcs into hex array */ 6340 int i; 6341 const char *tmp = ht_mcs; 6342 char *end = NULL; 6343 6344 /* If ht_mcs is null, do not set anything */ 6345 if (!ht_mcs) 6346 return 0; 6347 6348 /* This is what we are setting in the kernel */ 6349 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); 6350 6351 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); 6352 6353 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { 6354 long v; 6355 6356 errno = 0; 6357 v = strtol(tmp, &end, 16); 6358 6359 if (errno == 0) { 6360 wpa_msg(wpa_s, MSG_DEBUG, 6361 "htcap value[%i]: %ld end: %p tmp: %p", 6362 i, v, end, tmp); 6363 if (end == tmp) 6364 break; 6365 6366 htcaps->supported_mcs_set[i] = v; 6367 tmp = end; 6368 } else { 6369 wpa_msg(wpa_s, MSG_ERROR, 6370 "Failed to parse ht-mcs: %s, error: %s\n", 6371 ht_mcs, strerror(errno)); 6372 return -1; 6373 } 6374 } 6375 6376 /* 6377 * If we were able to parse any values, then set mask for the MCS set. 6378 */ 6379 if (i) { 6380 os_memset(&htcaps_mask->supported_mcs_set, 0xff, 6381 IEEE80211_HT_MCS_MASK_LEN - 1); 6382 /* skip the 3 reserved bits */ 6383 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = 6384 0x1f; 6385 } 6386 6387 return 0; 6388 } 6389 6390 wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6391 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, 6392 struct ieee80211_ht_capabilities *htcaps, 6393 struct ieee80211_ht_capabilities *htcaps_mask, 6394 int disabled) 6395 { 6396 le16 msk; 6397 6398 if (disabled == -1) 6399 return 0; 6400 6401 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); 6402 6403 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); 6404 htcaps_mask->ht_capabilities_info |= msk; 6405 if (disabled) 6406 htcaps->ht_capabilities_info &= msk; 6407 else 6408 htcaps->ht_capabilities_info |= msk; 6409 6410 return 0; 6411 } 6412 6413 wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)6414 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, 6415 struct ieee80211_ht_capabilities *htcaps, 6416 struct ieee80211_ht_capabilities *htcaps_mask, 6417 int factor) 6418 { 6419 if (factor == -1) 6420 return 0; 6421 6422 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); 6423 6424 if (factor < 0 || factor > 3) { 6425 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " 6426 "Must be 0-3 or -1", factor); 6427 return -EINVAL; 6428 } 6429 6430 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ 6431 htcaps->a_mpdu_params &= ~0x3; 6432 htcaps->a_mpdu_params |= factor & 0x3; 6433 6434 return 0; 6435 } 6436 6437 wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)6438 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, 6439 struct ieee80211_ht_capabilities *htcaps, 6440 struct ieee80211_ht_capabilities *htcaps_mask, 6441 int density) 6442 { 6443 if (density == -1) 6444 return 0; 6445 6446 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); 6447 6448 if (density < 0 || density > 7) { 6449 wpa_msg(wpa_s, MSG_ERROR, 6450 "ampdu_density: %d out of range. Must be 0-7 or -1.", 6451 density); 6452 return -EINVAL; 6453 } 6454 6455 htcaps_mask->a_mpdu_params |= 0x1C; 6456 htcaps->a_mpdu_params &= ~(0x1C); 6457 htcaps->a_mpdu_params |= (density << 2) & 0x1C; 6458 6459 return 0; 6460 } 6461 6462 wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6463 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, 6464 struct ieee80211_ht_capabilities *htcaps, 6465 struct ieee80211_ht_capabilities *htcaps_mask, 6466 int disabled) 6467 { 6468 if (disabled) 6469 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); 6470 6471 set_disable_ht40(htcaps, disabled); 6472 set_disable_ht40(htcaps_mask, 0); 6473 6474 return 0; 6475 } 6476 6477 wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6478 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s, 6479 struct ieee80211_ht_capabilities *htcaps, 6480 struct ieee80211_ht_capabilities *htcaps_mask, 6481 int disabled) 6482 { 6483 /* Masking these out disables SGI */ 6484 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ | 6485 HT_CAP_INFO_SHORT_GI40MHZ); 6486 6487 if (disabled) 6488 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled); 6489 6490 if (disabled) 6491 htcaps->ht_capabilities_info &= ~msk; 6492 else 6493 htcaps->ht_capabilities_info |= msk; 6494 6495 htcaps_mask->ht_capabilities_info |= msk; 6496 6497 return 0; 6498 } 6499 6500 wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6501 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s, 6502 struct ieee80211_ht_capabilities *htcaps, 6503 struct ieee80211_ht_capabilities *htcaps_mask, 6504 int disabled) 6505 { 6506 /* Masking these out disables LDPC */ 6507 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP); 6508 6509 if (disabled) 6510 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled); 6511 6512 if (disabled) 6513 htcaps->ht_capabilities_info &= ~msk; 6514 else 6515 htcaps->ht_capabilities_info |= msk; 6516 6517 htcaps_mask->ht_capabilities_info |= msk; 6518 6519 return 0; 6520 } 6521 6522 wpa_set_tx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int tx_stbc)6523 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s, 6524 struct ieee80211_ht_capabilities *htcaps, 6525 struct ieee80211_ht_capabilities *htcaps_mask, 6526 int tx_stbc) 6527 { 6528 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC); 6529 6530 if (tx_stbc == -1) 6531 return 0; 6532 6533 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc); 6534 6535 if (tx_stbc < 0 || tx_stbc > 1) { 6536 wpa_msg(wpa_s, MSG_ERROR, 6537 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc); 6538 return -EINVAL; 6539 } 6540 6541 htcaps_mask->ht_capabilities_info |= msk; 6542 htcaps->ht_capabilities_info &= ~msk; 6543 htcaps->ht_capabilities_info |= host_to_le16(tx_stbc << 7) & msk; 6544 6545 return 0; 6546 } 6547 6548 wpa_set_rx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int rx_stbc)6549 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s, 6550 struct ieee80211_ht_capabilities *htcaps, 6551 struct ieee80211_ht_capabilities *htcaps_mask, 6552 int rx_stbc) 6553 { 6554 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK); 6555 6556 if (rx_stbc == -1) 6557 return 0; 6558 6559 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc); 6560 6561 if (rx_stbc < 0 || rx_stbc > 3) { 6562 wpa_msg(wpa_s, MSG_ERROR, 6563 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc); 6564 return -EINVAL; 6565 } 6566 6567 htcaps_mask->ht_capabilities_info |= msk; 6568 htcaps->ht_capabilities_info &= ~msk; 6569 htcaps->ht_capabilities_info |= host_to_le16(rx_stbc << 8) & msk; 6570 6571 return 0; 6572 } 6573 6574 wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6575 void wpa_supplicant_apply_ht_overrides( 6576 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 6577 struct wpa_driver_associate_params *params) 6578 { 6579 struct ieee80211_ht_capabilities *htcaps; 6580 struct ieee80211_ht_capabilities *htcaps_mask; 6581 6582 if (!ssid) 6583 return; 6584 6585 params->disable_ht = ssid->disable_ht; 6586 if (!params->htcaps || !params->htcaps_mask) 6587 return; 6588 6589 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; 6590 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; 6591 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); 6592 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, 6593 ssid->disable_max_amsdu); 6594 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); 6595 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); 6596 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); 6597 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi); 6598 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc); 6599 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc); 6600 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc); 6601 6602 if (ssid->ht40_intolerant) { 6603 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT); 6604 htcaps->ht_capabilities_info |= bit; 6605 htcaps_mask->ht_capabilities_info |= bit; 6606 } 6607 } 6608 6609 #endif /* CONFIG_HT_OVERRIDES */ 6610 6611 6612 #ifdef CONFIG_VHT_OVERRIDES wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6613 void wpa_supplicant_apply_vht_overrides( 6614 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 6615 struct wpa_driver_associate_params *params) 6616 { 6617 struct ieee80211_vht_capabilities *vhtcaps; 6618 struct ieee80211_vht_capabilities *vhtcaps_mask; 6619 6620 if (!ssid) 6621 return; 6622 6623 params->disable_vht = ssid->disable_vht; 6624 6625 vhtcaps = (void *) params->vhtcaps; 6626 vhtcaps_mask = (void *) params->vhtcaps_mask; 6627 6628 if (!vhtcaps || !vhtcaps_mask) 6629 return; 6630 6631 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa); 6632 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask); 6633 6634 #ifdef CONFIG_HT_OVERRIDES 6635 if (ssid->disable_sgi) { 6636 vhtcaps_mask->vht_capabilities_info |= 6637 host_to_le32(VHT_CAP_SHORT_GI_80 | 6638 VHT_CAP_SHORT_GI_160); 6639 vhtcaps->vht_capabilities_info &= 6640 host_to_le32(~(VHT_CAP_SHORT_GI_80 | 6641 VHT_CAP_SHORT_GI_160)); 6642 wpa_msg(wpa_s, MSG_DEBUG, 6643 "disable-sgi override specified, vht-caps: 0x%x", 6644 le_to_host32(vhtcaps->vht_capabilities_info)); 6645 } 6646 6647 /* if max ampdu is <= 3, we have to make the HT cap the same */ 6648 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) { 6649 int max_ampdu; 6650 6651 max_ampdu = (ssid->vht_capa & 6652 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >> 6653 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT; 6654 6655 max_ampdu = max_ampdu < 3 ? max_ampdu : 3; 6656 wpa_set_ampdu_factor(wpa_s, 6657 (void *) params->htcaps, 6658 (void *) params->htcaps_mask, 6659 max_ampdu); 6660 } 6661 #endif /* CONFIG_HT_OVERRIDES */ 6662 6663 #define OVERRIDE_MCS(i) \ 6664 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \ 6665 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \ 6666 host_to_le16(3 << 2 * (i - 1)); \ 6667 vhtcaps->vht_supported_mcs_set.tx_map |= \ 6668 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \ 6669 2 * (i - 1)); \ 6670 } \ 6671 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \ 6672 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \ 6673 host_to_le16(3 << 2 * (i - 1)); \ 6674 vhtcaps->vht_supported_mcs_set.rx_map |= \ 6675 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \ 6676 2 * (i - 1)); \ 6677 } 6678 6679 OVERRIDE_MCS(1); 6680 OVERRIDE_MCS(2); 6681 OVERRIDE_MCS(3); 6682 OVERRIDE_MCS(4); 6683 OVERRIDE_MCS(5); 6684 OVERRIDE_MCS(6); 6685 OVERRIDE_MCS(7); 6686 OVERRIDE_MCS(8); 6687 } 6688 #endif /* CONFIG_VHT_OVERRIDES */ 6689 6690 6691 #ifdef CONFIG_HE_OVERRIDES wpa_supplicant_apply_he_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6692 void wpa_supplicant_apply_he_overrides( 6693 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 6694 struct wpa_driver_associate_params *params) 6695 { 6696 if (!ssid) 6697 return; 6698 6699 params->disable_he = ssid->disable_he; 6700 } 6701 #endif /* CONFIG_HE_OVERRIDES */ 6702 6703 wpa_supplicant_apply_eht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6704 void wpa_supplicant_apply_eht_overrides( 6705 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, 6706 struct wpa_driver_associate_params *params) 6707 { 6708 if (!ssid) 6709 return; 6710 6711 params->disable_eht = ssid->disable_eht; 6712 } 6713 6714 pcsc_reader_init(struct wpa_supplicant * wpa_s)6715 static int pcsc_reader_init(struct wpa_supplicant *wpa_s) 6716 { 6717 #ifdef PCSC_FUNCS 6718 size_t len; 6719 6720 if (!wpa_s->conf->pcsc_reader) 6721 return 0; 6722 6723 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader); 6724 if (!wpa_s->scard) 6725 return 1; 6726 6727 if (wpa_s->conf->pcsc_pin && 6728 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) { 6729 scard_deinit(wpa_s->scard); 6730 wpa_s->scard = NULL; 6731 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed"); 6732 return -1; 6733 } 6734 6735 len = sizeof(wpa_s->imsi) - 1; 6736 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) { 6737 scard_deinit(wpa_s->scard); 6738 wpa_s->scard = NULL; 6739 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI"); 6740 return -1; 6741 } 6742 wpa_s->imsi[len] = '\0'; 6743 6744 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard); 6745 6746 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)", 6747 wpa_s->imsi, wpa_s->mnc_len); 6748 6749 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); 6750 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); 6751 #endif /* PCSC_FUNCS */ 6752 6753 return 0; 6754 } 6755 6756 wpas_init_ext_pw(struct wpa_supplicant * wpa_s)6757 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s) 6758 { 6759 char *val, *pos; 6760 6761 ext_password_deinit(wpa_s->ext_pw); 6762 wpa_s->ext_pw = NULL; 6763 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL); 6764 6765 if (!wpa_s->conf->ext_password_backend) 6766 return 0; 6767 6768 val = os_strdup(wpa_s->conf->ext_password_backend); 6769 if (val == NULL) 6770 return -1; 6771 pos = os_strchr(val, ':'); 6772 if (pos) 6773 *pos++ = '\0'; 6774 6775 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val); 6776 6777 wpa_s->ext_pw = ext_password_init(val, pos); 6778 os_free(val); 6779 if (wpa_s->ext_pw == NULL) { 6780 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend"); 6781 return -1; 6782 } 6783 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw); 6784 6785 return 0; 6786 } 6787 6788 6789 #ifdef CONFIG_FST 6790 wpas_fst_get_bssid_cb(void * ctx)6791 static const u8 * wpas_fst_get_bssid_cb(void *ctx) 6792 { 6793 struct wpa_supplicant *wpa_s = ctx; 6794 6795 return (is_zero_ether_addr(wpa_s->bssid) || 6796 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid; 6797 } 6798 6799 wpas_fst_get_channel_info_cb(void * ctx,enum hostapd_hw_mode * hw_mode,u8 * channel)6800 static void wpas_fst_get_channel_info_cb(void *ctx, 6801 enum hostapd_hw_mode *hw_mode, 6802 u8 *channel) 6803 { 6804 struct wpa_supplicant *wpa_s = ctx; 6805 6806 if (wpa_s->current_bss) { 6807 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq, 6808 channel); 6809 } else if (wpa_s->hw.num_modes) { 6810 *hw_mode = wpa_s->hw.modes[0].mode; 6811 } else { 6812 WPA_ASSERT(0); 6813 *hw_mode = 0; 6814 } 6815 } 6816 6817 wpas_fst_get_hw_modes(void * ctx,struct hostapd_hw_modes ** modes)6818 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes) 6819 { 6820 struct wpa_supplicant *wpa_s = ctx; 6821 6822 *modes = wpa_s->hw.modes; 6823 return wpa_s->hw.num_modes; 6824 } 6825 6826 wpas_fst_set_ies_cb(void * ctx,const struct wpabuf * fst_ies)6827 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies) 6828 { 6829 struct wpa_supplicant *wpa_s = ctx; 6830 6831 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies); 6832 wpa_s->fst_ies = fst_ies; 6833 } 6834 6835 wpas_fst_send_action_cb(void * ctx,const u8 * da,struct wpabuf * data)6836 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data) 6837 { 6838 struct wpa_supplicant *wpa_s = ctx; 6839 6840 if (!ether_addr_equal(wpa_s->bssid, da)) { 6841 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR, 6842 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da)); 6843 return -1; 6844 } 6845 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid, 6846 wpa_s->own_addr, wpa_s->bssid, 6847 wpabuf_head(data), wpabuf_len(data), 6848 0); 6849 } 6850 6851 wpas_fst_get_mb_ie_cb(void * ctx,const u8 * addr)6852 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr) 6853 { 6854 struct wpa_supplicant *wpa_s = ctx; 6855 6856 WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr)); 6857 return wpa_s->received_mb_ies; 6858 } 6859 6860 wpas_fst_update_mb_ie_cb(void * ctx,const u8 * addr,const u8 * buf,size_t size)6861 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr, 6862 const u8 *buf, size_t size) 6863 { 6864 struct wpa_supplicant *wpa_s = ctx; 6865 struct mb_ies_info info; 6866 6867 WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr)); 6868 6869 if (!mb_ies_info_by_ies(&info, buf, size)) { 6870 wpabuf_free(wpa_s->received_mb_ies); 6871 wpa_s->received_mb_ies = mb_ies_by_info(&info); 6872 } 6873 } 6874 6875 wpas_fst_get_peer_first(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)6876 static const u8 * wpas_fst_get_peer_first(void *ctx, 6877 struct fst_get_peer_ctx **get_ctx, 6878 bool mb_only) 6879 { 6880 struct wpa_supplicant *wpa_s = ctx; 6881 6882 *get_ctx = NULL; 6883 if (!is_zero_ether_addr(wpa_s->bssid)) 6884 return (wpa_s->received_mb_ies || !mb_only) ? 6885 wpa_s->bssid : NULL; 6886 return NULL; 6887 } 6888 6889 wpas_fst_get_peer_next(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)6890 static const u8 * wpas_fst_get_peer_next(void *ctx, 6891 struct fst_get_peer_ctx **get_ctx, 6892 bool mb_only) 6893 { 6894 return NULL; 6895 } 6896 fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant * wpa_s,struct fst_wpa_obj * iface_obj)6897 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s, 6898 struct fst_wpa_obj *iface_obj) 6899 { 6900 os_memset(iface_obj, 0, sizeof(*iface_obj)); 6901 iface_obj->ctx = wpa_s; 6902 iface_obj->get_bssid = wpas_fst_get_bssid_cb; 6903 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb; 6904 iface_obj->get_hw_modes = wpas_fst_get_hw_modes; 6905 iface_obj->set_ies = wpas_fst_set_ies_cb; 6906 iface_obj->send_action = wpas_fst_send_action_cb; 6907 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb; 6908 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb; 6909 iface_obj->get_peer_first = wpas_fst_get_peer_first; 6910 iface_obj->get_peer_next = wpas_fst_get_peer_next; 6911 } 6912 #endif /* CONFIG_FST */ 6913 wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)6914 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s, 6915 const struct wpa_driver_capa *capa) 6916 { 6917 struct wowlan_triggers *triggers; 6918 int ret = 0; 6919 6920 if (!wpa_s->conf->wowlan_triggers) 6921 return 0; 6922 6923 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa); 6924 if (triggers) { 6925 ret = wpa_drv_wowlan(wpa_s, triggers); 6926 os_free(triggers); 6927 } 6928 return ret; 6929 } 6930 6931 wpas_freq_to_band(int freq)6932 enum wpa_radio_work_band wpas_freq_to_band(int freq) 6933 { 6934 if (freq < 3000) 6935 return BAND_2_4_GHZ; 6936 if (freq > 50000) 6937 return BAND_60_GHZ; 6938 return BAND_5_GHZ; 6939 } 6940 6941 wpas_get_bands(struct wpa_supplicant * wpa_s,const int * freqs)6942 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs) 6943 { 6944 int i; 6945 unsigned int band = 0; 6946 6947 if (freqs) { 6948 /* freqs are specified for the radio work */ 6949 for (i = 0; freqs[i]; i++) 6950 band |= wpas_freq_to_band(freqs[i]); 6951 } else { 6952 /* 6953 * freqs are not specified, implies all 6954 * the supported freqs by HW 6955 */ 6956 for (i = 0; i < wpa_s->hw.num_modes; i++) { 6957 if (wpa_s->hw.modes[i].num_channels != 0) { 6958 if (wpa_s->hw.modes[i].mode == 6959 HOSTAPD_MODE_IEEE80211B || 6960 wpa_s->hw.modes[i].mode == 6961 HOSTAPD_MODE_IEEE80211G) 6962 band |= BAND_2_4_GHZ; 6963 else if (wpa_s->hw.modes[i].mode == 6964 HOSTAPD_MODE_IEEE80211A) 6965 band |= BAND_5_GHZ; 6966 else if (wpa_s->hw.modes[i].mode == 6967 HOSTAPD_MODE_IEEE80211AD) 6968 band |= BAND_60_GHZ; 6969 else if (wpa_s->hw.modes[i].mode == 6970 HOSTAPD_MODE_IEEE80211ANY) 6971 band = BAND_2_4_GHZ | BAND_5_GHZ | 6972 BAND_60_GHZ; 6973 } 6974 } 6975 } 6976 6977 return band; 6978 } 6979 6980 radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)6981 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s, 6982 const char *rn) 6983 { 6984 struct wpa_supplicant *iface = wpa_s->global->ifaces; 6985 struct wpa_radio *radio; 6986 6987 while (rn && iface) { 6988 radio = iface->radio; 6989 if (radio && os_strcmp(rn, radio->name) == 0) { 6990 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s", 6991 wpa_s->ifname, rn); 6992 dl_list_add(&radio->ifaces, &wpa_s->radio_list); 6993 return radio; 6994 } 6995 6996 iface = iface->next; 6997 } 6998 6999 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s", 7000 wpa_s->ifname, rn ? rn : "N/A"); 7001 radio = os_zalloc(sizeof(*radio)); 7002 if (radio == NULL) 7003 return NULL; 7004 7005 if (rn) 7006 os_strlcpy(radio->name, rn, sizeof(radio->name)); 7007 dl_list_init(&radio->ifaces); 7008 dl_list_init(&radio->work); 7009 dl_list_add(&radio->ifaces, &wpa_s->radio_list); 7010 7011 return radio; 7012 } 7013 7014 radio_work_free(struct wpa_radio_work * work)7015 static void radio_work_free(struct wpa_radio_work *work) 7016 { 7017 if (work->wpa_s->scan_work == work) { 7018 /* This should not really happen. */ 7019 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work", 7020 work->type, work, work->started); 7021 work->wpa_s->scan_work = NULL; 7022 } 7023 7024 #ifdef CONFIG_P2P 7025 if (work->wpa_s->p2p_scan_work == work) { 7026 /* This should not really happen. */ 7027 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work", 7028 work->type, work, work->started); 7029 work->wpa_s->p2p_scan_work = NULL; 7030 } 7031 #endif /* CONFIG_P2P */ 7032 7033 if (work->started) { 7034 work->wpa_s->radio->num_active_works--; 7035 wpa_dbg(work->wpa_s, MSG_DEBUG, 7036 "radio_work_free('%s'@%p): num_active_works --> %u", 7037 work->type, work, 7038 work->wpa_s->radio->num_active_works); 7039 } 7040 7041 dl_list_del(&work->list); 7042 os_free(work); 7043 } 7044 7045 radio_work_is_connect(struct wpa_radio_work * work)7046 static int radio_work_is_connect(struct wpa_radio_work *work) 7047 { 7048 return os_strcmp(work->type, "sme-connect") == 0 || 7049 os_strcmp(work->type, "connect") == 0; 7050 } 7051 7052 radio_work_is_scan(struct wpa_radio_work * work)7053 static int radio_work_is_scan(struct wpa_radio_work *work) 7054 { 7055 return os_strcmp(work->type, "scan") == 0 || 7056 os_strcmp(work->type, "p2p-scan") == 0; 7057 } 7058 7059 radio_work_get_next_work(struct wpa_radio * radio)7060 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio) 7061 { 7062 struct wpa_radio_work *active_work = NULL; 7063 struct wpa_radio_work *tmp; 7064 7065 /* Get the active work to know the type and band. */ 7066 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { 7067 if (tmp->started) { 7068 active_work = tmp; 7069 break; 7070 } 7071 } 7072 7073 if (!active_work) { 7074 /* No active work, start one */ 7075 radio->num_active_works = 0; 7076 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, 7077 list) { 7078 if (os_strcmp(tmp->type, "scan") == 0 && 7079 external_scan_running(radio) && 7080 (((struct wpa_driver_scan_params *) 7081 tmp->ctx)->only_new_results || 7082 tmp->wpa_s->clear_driver_scan_cache)) 7083 continue; 7084 return tmp; 7085 } 7086 return NULL; 7087 } 7088 7089 if (radio_work_is_connect(active_work)) { 7090 /* 7091 * If the active work is either connect or sme-connect, 7092 * do not parallelize them with other radio works. 7093 */ 7094 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 7095 "Do not parallelize radio work with %s", 7096 active_work->type); 7097 return NULL; 7098 } 7099 7100 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) { 7101 if (tmp->started) 7102 continue; 7103 7104 /* 7105 * If connect or sme-connect are enqueued, parallelize only 7106 * those operations ahead of them in the queue. 7107 */ 7108 if (radio_work_is_connect(tmp)) 7109 break; 7110 7111 /* Serialize parallel scan and p2p_scan operations on the same 7112 * interface since the driver_nl80211 mechanism for tracking 7113 * scan cookies does not yet have support for this. */ 7114 if (active_work->wpa_s == tmp->wpa_s && 7115 radio_work_is_scan(active_work) && 7116 radio_work_is_scan(tmp)) { 7117 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 7118 "Do not start work '%s' when another work '%s' is already scheduled", 7119 tmp->type, active_work->type); 7120 continue; 7121 } 7122 /* 7123 * Check that the radio works are distinct and 7124 * on different bands. 7125 */ 7126 if (os_strcmp(active_work->type, tmp->type) != 0 && 7127 (active_work->bands != tmp->bands)) { 7128 /* 7129 * If a scan has to be scheduled through nl80211 scan 7130 * interface and if an external scan is already running, 7131 * do not schedule the scan since it is likely to get 7132 * rejected by kernel. 7133 */ 7134 if (os_strcmp(tmp->type, "scan") == 0 && 7135 external_scan_running(radio) && 7136 (((struct wpa_driver_scan_params *) 7137 tmp->ctx)->only_new_results || 7138 tmp->wpa_s->clear_driver_scan_cache)) 7139 continue; 7140 7141 wpa_dbg(active_work->wpa_s, MSG_DEBUG, 7142 "active_work:%s new_work:%s", 7143 active_work->type, tmp->type); 7144 return tmp; 7145 } 7146 } 7147 7148 /* Did not find a radio work to schedule in parallel. */ 7149 return NULL; 7150 } 7151 7152 radio_start_next_work(void * eloop_ctx,void * timeout_ctx)7153 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx) 7154 { 7155 struct wpa_radio *radio = eloop_ctx; 7156 struct wpa_radio_work *work; 7157 struct os_reltime now, diff; 7158 struct wpa_supplicant *wpa_s; 7159 7160 work = dl_list_first(&radio->work, struct wpa_radio_work, list); 7161 if (work == NULL) { 7162 radio->num_active_works = 0; 7163 return; 7164 } 7165 7166 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant, 7167 radio_list); 7168 7169 if (!(wpa_s && 7170 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) { 7171 if (work->started) 7172 return; /* already started and still in progress */ 7173 7174 if (wpa_s && external_scan_running(wpa_s->radio)) { 7175 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes"); 7176 return; 7177 } 7178 } else { 7179 work = NULL; 7180 if (radio->num_active_works < MAX_ACTIVE_WORKS) { 7181 /* get the work to schedule next */ 7182 work = radio_work_get_next_work(radio); 7183 } 7184 if (!work) 7185 return; 7186 } 7187 7188 wpa_s = work->wpa_s; 7189 os_get_reltime(&now); 7190 os_reltime_sub(&now, &work->time, &diff); 7191 wpa_dbg(wpa_s, MSG_DEBUG, 7192 "Starting radio work '%s'@%p after %ld.%06ld second wait", 7193 work->type, work, diff.sec, diff.usec); 7194 work->started = 1; 7195 work->time = now; 7196 radio->num_active_works++; 7197 7198 work->cb(work, 0); 7199 7200 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) && 7201 radio->num_active_works < MAX_ACTIVE_WORKS) 7202 radio_work_check_next(wpa_s); 7203 } 7204 7205 7206 /* 7207 * This function removes both started and pending radio works running on 7208 * the provided interface's radio. 7209 * Prior to the removal of the radio work, its callback (cb) is called with 7210 * deinit set to be 1. Each work's callback is responsible for clearing its 7211 * internal data and restoring to a correct state. 7212 * @wpa_s: wpa_supplicant data 7213 * @type: type of works to be removed 7214 * @remove_all: 1 to remove all the works on this radio, 0 to remove only 7215 * this interface's works. 7216 */ radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)7217 void radio_remove_works(struct wpa_supplicant *wpa_s, 7218 const char *type, int remove_all) 7219 { 7220 struct wpa_radio_work *work, *tmp; 7221 struct wpa_radio *radio = wpa_s->radio; 7222 7223 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work, 7224 list) { 7225 if (type && os_strcmp(type, work->type) != 0) 7226 continue; 7227 7228 /* skip other ifaces' works */ 7229 if (!remove_all && work->wpa_s != wpa_s) 7230 continue; 7231 7232 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s", 7233 work->type, work, work->started ? " (started)" : ""); 7234 work->cb(work, 1); 7235 radio_work_free(work); 7236 } 7237 7238 /* in case we removed the started work */ 7239 radio_work_check_next(wpa_s); 7240 } 7241 7242 radio_remove_pending_work(struct wpa_supplicant * wpa_s,void * ctx)7243 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx) 7244 { 7245 struct wpa_radio_work *work; 7246 struct wpa_radio *radio = wpa_s->radio; 7247 7248 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { 7249 if (work->ctx != ctx) 7250 continue; 7251 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s", 7252 work->type, work, work->started ? " (started)" : ""); 7253 radio_work_free(work); 7254 break; 7255 } 7256 } 7257 7258 radio_remove_interface(struct wpa_supplicant * wpa_s)7259 static void radio_remove_interface(struct wpa_supplicant *wpa_s) 7260 { 7261 struct wpa_radio *radio = wpa_s->radio; 7262 7263 if (!radio) 7264 return; 7265 7266 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s", 7267 wpa_s->ifname, radio->name); 7268 dl_list_del(&wpa_s->radio_list); 7269 radio_remove_works(wpa_s, NULL, 0); 7270 /* If the interface that triggered the external scan was removed, the 7271 * external scan is no longer running. */ 7272 if (wpa_s == radio->external_scan_req_interface) 7273 radio->external_scan_req_interface = NULL; 7274 wpa_s->radio = NULL; 7275 if (!dl_list_empty(&radio->ifaces)) 7276 return; /* Interfaces remain for this radio */ 7277 7278 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name); 7279 eloop_cancel_timeout(radio_start_next_work, radio, NULL); 7280 os_free(radio); 7281 } 7282 7283 radio_work_check_next(struct wpa_supplicant * wpa_s)7284 void radio_work_check_next(struct wpa_supplicant *wpa_s) 7285 { 7286 struct wpa_radio *radio = wpa_s->radio; 7287 7288 if (dl_list_empty(&radio->work)) 7289 return; 7290 if (wpa_s->ext_work_in_progress) { 7291 wpa_printf(MSG_DEBUG, 7292 "External radio work in progress - delay start of pending item"); 7293 return; 7294 } 7295 eloop_cancel_timeout(radio_start_next_work, radio, NULL); 7296 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL); 7297 } 7298 7299 7300 /** 7301 * radio_add_work - Add a radio work item 7302 * @wpa_s: Pointer to wpa_supplicant data 7303 * @freq: Frequency of the offchannel operation in MHz or 0 7304 * @type: Unique identifier for each type of work 7305 * @next: Force as the next work to be executed 7306 * @cb: Callback function for indicating when radio is available 7307 * @ctx: Context pointer for the work (work->ctx in cb()) 7308 * Returns: 0 on success, -1 on failure 7309 * 7310 * This function is used to request time for an operation that requires 7311 * exclusive radio control. Once the radio is available, the registered callback 7312 * function will be called. radio_work_done() must be called once the exclusive 7313 * radio operation has been completed, so that the radio is freed for other 7314 * operations. The special case of deinit=1 is used to free the context data 7315 * during interface removal. That does not allow the callback function to start 7316 * the radio operation, i.e., it must free any resources allocated for the radio 7317 * work and return. 7318 * 7319 * The @freq parameter can be used to indicate a single channel on which the 7320 * offchannel operation will occur. This may allow multiple radio work 7321 * operations to be performed in parallel if they apply for the same channel. 7322 * Setting this to 0 indicates that the work item may use multiple channels or 7323 * requires exclusive control of the radio. 7324 */ radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)7325 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq, 7326 const char *type, int next, 7327 void (*cb)(struct wpa_radio_work *work, int deinit), 7328 void *ctx) 7329 { 7330 struct wpa_radio *radio = wpa_s->radio; 7331 struct wpa_radio_work *work; 7332 int was_empty; 7333 7334 work = os_zalloc(sizeof(*work)); 7335 if (work == NULL) 7336 return -1; 7337 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work); 7338 os_get_reltime(&work->time); 7339 work->freq = freq; 7340 work->type = type; 7341 work->wpa_s = wpa_s; 7342 work->cb = cb; 7343 work->ctx = ctx; 7344 7345 if (freq) 7346 work->bands = wpas_freq_to_band(freq); 7347 else if (os_strcmp(type, "scan") == 0 || 7348 os_strcmp(type, "p2p-scan") == 0) 7349 work->bands = wpas_get_bands(wpa_s, 7350 ((struct wpa_driver_scan_params *) 7351 ctx)->freqs); 7352 else 7353 work->bands = wpas_get_bands(wpa_s, NULL); 7354 7355 was_empty = dl_list_empty(&wpa_s->radio->work); 7356 if (next) 7357 dl_list_add(&wpa_s->radio->work, &work->list); 7358 else 7359 dl_list_add_tail(&wpa_s->radio->work, &work->list); 7360 if (was_empty) { 7361 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately"); 7362 radio_work_check_next(wpa_s); 7363 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) 7364 && radio->num_active_works < MAX_ACTIVE_WORKS) { 7365 wpa_dbg(wpa_s, MSG_DEBUG, 7366 "Try to schedule a radio work (num_active_works=%u)", 7367 radio->num_active_works); 7368 radio_work_check_next(wpa_s); 7369 } 7370 7371 return 0; 7372 } 7373 7374 7375 /** 7376 * radio_work_done - Indicate that a radio work item has been completed 7377 * @work: Completed work 7378 * 7379 * This function is called once the callback function registered with 7380 * radio_add_work() has completed its work. 7381 */ radio_work_done(struct wpa_radio_work * work)7382 void radio_work_done(struct wpa_radio_work *work) 7383 { 7384 struct wpa_supplicant *wpa_s = work->wpa_s; 7385 struct os_reltime now, diff; 7386 unsigned int started = work->started; 7387 7388 os_get_reltime(&now); 7389 os_reltime_sub(&now, &work->time, &diff); 7390 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds", 7391 work->type, work, started ? "done" : "canceled", 7392 diff.sec, diff.usec); 7393 radio_work_free(work); 7394 if (started) 7395 radio_work_check_next(wpa_s); 7396 } 7397 7398 7399 struct wpa_radio_work * radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)7400 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type) 7401 { 7402 struct wpa_radio_work *work; 7403 struct wpa_radio *radio = wpa_s->radio; 7404 7405 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) { 7406 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0) 7407 return work; 7408 } 7409 7410 return NULL; 7411 } 7412 7413 wpas_init_driver(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)7414 static int wpas_init_driver(struct wpa_supplicant *wpa_s, 7415 const struct wpa_interface *iface) 7416 { 7417 const char *ifname, *driver, *rn; 7418 7419 driver = iface->driver; 7420 next_driver: 7421 if (wpa_supplicant_set_driver(wpa_s, driver) < 0) 7422 return -1; 7423 7424 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); 7425 if (wpa_s->drv_priv == NULL) { 7426 const char *pos; 7427 int level = MSG_ERROR; 7428 7429 pos = driver ? os_strchr(driver, ',') : NULL; 7430 if (pos) { 7431 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " 7432 "driver interface - try next driver wrapper"); 7433 driver = pos + 1; 7434 goto next_driver; 7435 } 7436 7437 #ifdef CONFIG_MATCH_IFACE 7438 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL) 7439 level = MSG_DEBUG; 7440 #endif /* CONFIG_MATCH_IFACE */ 7441 wpa_msg(wpa_s, level, "Failed to initialize driver interface"); 7442 return -1; 7443 } 7444 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { 7445 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " 7446 "driver_param '%s'", wpa_s->conf->driver_param); 7447 return -1; 7448 } 7449 7450 ifname = wpa_drv_get_ifname(wpa_s); 7451 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { 7452 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " 7453 "interface name with '%s'", ifname); 7454 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); 7455 } 7456 7457 rn = wpa_driver_get_radio_name(wpa_s); 7458 if (rn && rn[0] == '\0') 7459 rn = NULL; 7460 7461 wpa_s->radio = radio_add_interface(wpa_s, rn); 7462 if (wpa_s->radio == NULL) 7463 return -1; 7464 7465 return 0; 7466 } 7467 7468 7469 #ifdef CONFIG_GAS_SERVER 7470 wpas_gas_server_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)7471 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s, 7472 unsigned int freq, const u8 *dst, 7473 const u8 *src, const u8 *bssid, 7474 const u8 *data, size_t data_len, 7475 enum offchannel_send_action_result result) 7476 { 7477 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR 7478 " result=%s", 7479 freq, MAC2STR(dst), 7480 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" : 7481 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" : 7482 "FAILED")); 7483 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len, 7484 result == OFFCHANNEL_SEND_ACTION_SUCCESS); 7485 } 7486 7487 wpas_gas_server_tx(void * ctx,int freq,const u8 * da,struct wpabuf * buf,unsigned int wait_time)7488 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da, 7489 struct wpabuf *buf, unsigned int wait_time) 7490 { 7491 struct wpa_supplicant *wpa_s = ctx; 7492 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; 7493 7494 if (wait_time > wpa_s->max_remain_on_chan) 7495 wait_time = wpa_s->max_remain_on_chan; 7496 7497 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast, 7498 wpabuf_head(buf), wpabuf_len(buf), 7499 wait_time, wpas_gas_server_tx_status, 0); 7500 } 7501 7502 #endif /* CONFIG_GAS_SERVER */ 7503 wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)7504 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, 7505 const struct wpa_interface *iface) 7506 { 7507 struct wpa_driver_capa capa; 7508 int capa_res; 7509 u8 dfs_domain; 7510 7511 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " 7512 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, 7513 iface->confname ? iface->confname : "N/A", 7514 iface->driver ? iface->driver : "default", 7515 iface->ctrl_interface ? iface->ctrl_interface : "N/A", 7516 iface->bridge_ifname ? iface->bridge_ifname : "N/A"); 7517 7518 if (iface->confname) { 7519 #ifdef CONFIG_BACKEND_FILE 7520 wpa_s->confname = os_rel2abs_path(iface->confname); 7521 if (wpa_s->confname == NULL) { 7522 wpa_printf(MSG_ERROR, "Failed to get absolute path " 7523 "for configuration file '%s'.", 7524 iface->confname); 7525 return -1; 7526 } 7527 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", 7528 iface->confname, wpa_s->confname); 7529 #else /* CONFIG_BACKEND_FILE */ 7530 wpa_s->confname = os_strdup(iface->confname); 7531 #endif /* CONFIG_BACKEND_FILE */ 7532 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL, false); 7533 if (wpa_s->conf == NULL) { 7534 wpa_printf(MSG_ERROR, "Failed to read or parse " 7535 "configuration '%s'.", wpa_s->confname); 7536 return -1; 7537 } 7538 wpa_s->confanother = os_rel2abs_path(iface->confanother); 7539 if (wpa_s->confanother && 7540 !wpa_config_read(wpa_s->confanother, wpa_s->conf, true)) { 7541 wpa_printf(MSG_ERROR, 7542 "Failed to read or parse configuration '%s'.", 7543 wpa_s->confanother); 7544 return -1; 7545 } 7546 7547 /* 7548 * Override ctrl_interface and driver_param if set on command 7549 * line. 7550 */ 7551 if (iface->ctrl_interface) { 7552 os_free(wpa_s->conf->ctrl_interface); 7553 wpa_s->conf->ctrl_interface = 7554 os_strdup(iface->ctrl_interface); 7555 if (!wpa_s->conf->ctrl_interface) { 7556 wpa_printf(MSG_ERROR, 7557 "Failed to duplicate control interface '%s'.", 7558 iface->ctrl_interface); 7559 return -1; 7560 } 7561 } 7562 7563 if (iface->driver_param) { 7564 os_free(wpa_s->conf->driver_param); 7565 wpa_s->conf->driver_param = 7566 os_strdup(iface->driver_param); 7567 if (!wpa_s->conf->driver_param) { 7568 wpa_printf(MSG_ERROR, 7569 "Failed to duplicate driver param '%s'.", 7570 iface->driver_param); 7571 return -1; 7572 } 7573 } 7574 7575 if (iface->p2p_mgmt && !iface->ctrl_interface) { 7576 os_free(wpa_s->conf->ctrl_interface); 7577 wpa_s->conf->ctrl_interface = NULL; 7578 } 7579 } else 7580 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, 7581 iface->driver_param); 7582 7583 if (wpa_s->conf == NULL) { 7584 wpa_printf(MSG_ERROR, "\nNo configuration found."); 7585 return -1; 7586 } 7587 7588 if (iface->ifname == NULL) { 7589 wpa_printf(MSG_ERROR, "\nInterface name is required."); 7590 return -1; 7591 } 7592 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { 7593 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", 7594 iface->ifname); 7595 return -1; 7596 } 7597 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); 7598 #ifdef CONFIG_MATCH_IFACE 7599 wpa_s->matched = iface->matched; 7600 #endif /* CONFIG_MATCH_IFACE */ 7601 7602 if (iface->bridge_ifname) { 7603 if (os_strlen(iface->bridge_ifname) >= 7604 sizeof(wpa_s->bridge_ifname)) { 7605 wpa_printf(MSG_ERROR, "\nToo long bridge interface " 7606 "name '%s'.", iface->bridge_ifname); 7607 return -1; 7608 } 7609 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, 7610 sizeof(wpa_s->bridge_ifname)); 7611 } 7612 7613 /* RSNA Supplicant Key Management - INITIALIZE */ 7614 eapol_sm_notify_portEnabled(wpa_s->eapol, false); 7615 eapol_sm_notify_portValid(wpa_s->eapol, false); 7616 7617 /* Initialize driver interface and register driver event handler before 7618 * L2 receive handler so that association events are processed before 7619 * EAPOL-Key packets if both become available for the same select() 7620 * call. */ 7621 if (wpas_init_driver(wpa_s, iface) < 0) 7622 return -1; 7623 7624 if (wpa_supplicant_init_wpa(wpa_s) < 0) 7625 return -1; 7626 7627 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, 7628 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : 7629 NULL); 7630 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); 7631 7632 if (wpa_s->conf->dot11RSNAConfigPMKLifetime && 7633 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, 7634 wpa_s->conf->dot11RSNAConfigPMKLifetime)) { 7635 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 7636 "dot11RSNAConfigPMKLifetime"); 7637 return -1; 7638 } 7639 7640 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && 7641 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, 7642 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { 7643 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 7644 "dot11RSNAConfigPMKReauthThreshold"); 7645 return -1; 7646 } 7647 7648 if (wpa_s->conf->dot11RSNAConfigSATimeout && 7649 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, 7650 wpa_s->conf->dot11RSNAConfigSATimeout)) { 7651 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " 7652 "dot11RSNAConfigSATimeout"); 7653 return -1; 7654 } 7655 7656 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID, 7657 wpa_s->conf->ft_prepend_pmkid); 7658 7659 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, 7660 &wpa_s->hw.num_modes, 7661 &wpa_s->hw.flags, 7662 &dfs_domain); 7663 if (wpa_s->hw.modes) { 7664 u16 i; 7665 7666 for (i = 0; i < wpa_s->hw.num_modes; i++) { 7667 if (wpa_s->hw.modes[i].eht_capab[IEEE80211_MODE_INFRA]. 7668 eht_supported) 7669 wpa_s->hw_capab |= BIT(CAPAB_EHT); 7670 if (wpa_s->hw.modes[i].he_capab[IEEE80211_MODE_INFRA]. 7671 he_supported) 7672 wpa_s->hw_capab |= BIT(CAPAB_HE); 7673 if (wpa_s->hw.modes[i].vht_capab) 7674 wpa_s->hw_capab |= BIT(CAPAB_VHT); 7675 if (wpa_s->hw.modes[i].ht_capab) 7676 wpa_s->hw_capab |= BIT(CAPAB_HT); 7677 } 7678 wpa_s->support_6ghz = wpas_is_6ghz_supported(wpa_s, false); 7679 } 7680 7681 capa_res = wpa_drv_get_capa(wpa_s, &capa); 7682 if (capa_res == 0) { 7683 wpa_s->drv_capa_known = 1; 7684 wpa_s->drv_flags = capa.flags; 7685 wpa_s->drv_flags2 = capa.flags2; 7686 wpa_s->drv_enc = capa.enc; 7687 wpa_s->drv_key_mgmt = capa.key_mgmt; 7688 wpa_s->drv_rrm_flags = capa.rrm_flags; 7689 wpa_s->drv_max_acl_mac_addrs = capa.max_acl_mac_addrs; 7690 wpa_s->probe_resp_offloads = capa.probe_resp_offloads; 7691 wpa_s->max_scan_ssids = capa.max_scan_ssids; 7692 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; 7693 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans; 7694 wpa_s->max_sched_scan_plan_interval = 7695 capa.max_sched_scan_plan_interval; 7696 wpa_s->max_sched_scan_plan_iterations = 7697 capa.max_sched_scan_plan_iterations; 7698 wpa_s->sched_scan_supported = capa.sched_scan_supported; 7699 wpa_s->max_match_sets = capa.max_match_sets; 7700 wpa_s->max_remain_on_chan = capa.max_remain_on_chan; 7701 wpa_s->max_stations = capa.max_stations; 7702 wpa_s->extended_capa = capa.extended_capa; 7703 wpa_s->extended_capa_mask = capa.extended_capa_mask; 7704 wpa_s->extended_capa_len = capa.extended_capa_len; 7705 wpa_s->num_multichan_concurrent = 7706 capa.num_multichan_concurrent; 7707 #ifndef CONFIG_NO_WMM_AC 7708 wpa_s->wmm_ac_supported = capa.wmm_ac_supported; 7709 #endif /* CONFIG_NO_WMM_AC */ 7710 wpa_s->max_num_akms = capa.max_num_akms; 7711 7712 if (capa.mac_addr_rand_scan_supported) 7713 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN; 7714 if (wpa_s->sched_scan_supported && 7715 capa.mac_addr_rand_sched_scan_supported) 7716 wpa_s->mac_addr_rand_supported |= 7717 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO); 7718 wpa_s->drv_max_probe_req_ie_len = capa.max_probe_req_ie_len; 7719 7720 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION); 7721 if (wpa_s->extended_capa && 7722 wpa_s->extended_capa_len >= 3 && 7723 wpa_s->extended_capa[2] & 0x40) 7724 wpa_s->multi_bss_support = 1; 7725 } else { 7726 wpa_s->drv_max_probe_req_ie_len = 1500; 7727 } 7728 #ifdef CONFIG_PASN 7729 wpa_pasn_sm_set_caps(wpa_s->wpa, wpa_s->drv_flags2); 7730 #endif /* CONFIG_PASN */ 7731 wpa_sm_set_driver_bss_selection(wpa_s->wpa, 7732 !!(wpa_s->drv_flags & 7733 WPA_DRIVER_FLAGS_BSS_SELECTION)); 7734 if (wpa_s->max_remain_on_chan == 0) 7735 wpa_s->max_remain_on_chan = 1000; 7736 7737 /* 7738 * Only take p2p_mgmt parameters when P2P Device is supported. 7739 * Doing it here as it determines whether l2_packet_init() will be done 7740 * during wpa_supplicant_driver_init(). 7741 */ 7742 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) 7743 wpa_s->p2p_mgmt = iface->p2p_mgmt; 7744 7745 if (wpa_s->num_multichan_concurrent == 0) 7746 wpa_s->num_multichan_concurrent = 1; 7747 7748 if (wpa_supplicant_driver_init(wpa_s) < 0) 7749 return -1; 7750 7751 #ifdef CONFIG_TDLS 7752 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa)) 7753 return -1; 7754 #endif /* CONFIG_TDLS */ 7755 7756 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && 7757 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { 7758 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); 7759 return -1; 7760 } 7761 7762 #ifdef CONFIG_FST 7763 if (wpa_s->conf->fst_group_id) { 7764 struct fst_iface_cfg cfg; 7765 struct fst_wpa_obj iface_obj; 7766 7767 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj); 7768 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id, 7769 sizeof(cfg.group_id)); 7770 cfg.priority = wpa_s->conf->fst_priority; 7771 cfg.llt = wpa_s->conf->fst_llt; 7772 7773 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr, 7774 &iface_obj, &cfg); 7775 if (!wpa_s->fst) { 7776 wpa_msg(wpa_s, MSG_ERROR, 7777 "FST: Cannot attach iface %s to group %s", 7778 wpa_s->ifname, cfg.group_id); 7779 return -1; 7780 } 7781 } 7782 #endif /* CONFIG_FST */ 7783 7784 if (wpas_wps_init(wpa_s)) 7785 return -1; 7786 7787 #ifdef CONFIG_GAS_SERVER 7788 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx); 7789 if (!wpa_s->gas_server) { 7790 wpa_printf(MSG_ERROR, "Failed to initialize GAS server"); 7791 return -1; 7792 } 7793 #endif /* CONFIG_GAS_SERVER */ 7794 7795 #ifdef CONFIG_DPP 7796 if (wpas_dpp_init(wpa_s) < 0) 7797 return -1; 7798 #endif /* CONFIG_DPP */ 7799 7800 #ifdef CONFIG_NAN_USD 7801 if (wpas_nan_usd_init(wpa_s) < 0) 7802 return -1; 7803 #endif /* CONFIG_NAN_USD */ 7804 7805 if (wpa_supplicant_init_eapol(wpa_s) < 0) 7806 return -1; 7807 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); 7808 7809 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); 7810 if (wpa_s->ctrl_iface == NULL) { 7811 wpa_printf(MSG_ERROR, 7812 "Failed to initialize control interface '%s'.\n" 7813 "You may have another wpa_supplicant process " 7814 "already running or the file was\n" 7815 "left by an unclean termination of wpa_supplicant " 7816 "in which case you will need\n" 7817 "to manually remove this file before starting " 7818 "wpa_supplicant again.\n", 7819 wpa_s->conf->ctrl_interface); 7820 return -1; 7821 } 7822 7823 wpa_s->gas = gas_query_init(wpa_s); 7824 if (wpa_s->gas == NULL) { 7825 wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); 7826 return -1; 7827 } 7828 7829 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) || 7830 wpa_s->p2p_mgmt) && 7831 wpas_p2p_init(wpa_s->global, wpa_s) < 0) { 7832 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); 7833 return -1; 7834 } 7835 7836 if (wpa_bss_init(wpa_s) < 0) 7837 return -1; 7838 7839 /* 7840 * Set Wake-on-WLAN triggers, if configured. 7841 * Note: We don't restore/remove the triggers on shutdown (it doesn't 7842 * have effect anyway when the interface is down). 7843 */ 7844 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) 7845 return -1; 7846 7847 #ifdef CONFIG_EAP_PROXY 7848 { 7849 size_t len; 7850 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1, 7851 wpa_s->imsi, &len); 7852 if (wpa_s->mnc_len > 0) { 7853 wpa_s->imsi[len] = '\0'; 7854 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)", 7855 wpa_s->imsi, wpa_s->mnc_len); 7856 } else { 7857 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available"); 7858 } 7859 } 7860 #endif /* CONFIG_EAP_PROXY */ 7861 7862 if (pcsc_reader_init(wpa_s) < 0) 7863 return -1; 7864 7865 if (wpas_init_ext_pw(wpa_s) < 0) 7866 return -1; 7867 7868 #ifndef CONFIG_NO_RRM 7869 wpas_rrm_reset(wpa_s); 7870 #endif /* CONFIG_NO_RRM */ 7871 7872 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); 7873 7874 #ifdef CONFIG_MBO 7875 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) { 7876 if ((wpa_s->conf->oce & OCE_STA) && 7877 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA)) 7878 wpa_s->enable_oce = OCE_STA; 7879 if ((wpa_s->conf->oce & OCE_STA_CFON) && 7880 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) { 7881 /* TODO: Need to add STA-CFON support */ 7882 wpa_printf(MSG_ERROR, 7883 "OCE STA-CFON feature is not yet supported"); 7884 } 7885 } 7886 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan); 7887 #endif /* CONFIG_MBO */ 7888 7889 wpa_supplicant_set_default_scan_ies(wpa_s); 7890 7891 return 0; 7892 } 7893 7894 wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)7895 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, 7896 int notify, int terminate) 7897 { 7898 struct wpa_global *global = wpa_s->global; 7899 struct wpa_supplicant *iface, *prev; 7900 7901 if (wpa_s == wpa_s->parent) 7902 wpas_p2p_group_remove(wpa_s, "*"); 7903 7904 iface = global->ifaces; 7905 while (iface) { 7906 if (iface->p2pdev == wpa_s) 7907 iface->p2pdev = iface->parent; 7908 if (iface == wpa_s || iface->parent != wpa_s) { 7909 iface = iface->next; 7910 continue; 7911 } 7912 wpa_printf(MSG_DEBUG, 7913 "Remove remaining child interface %s from parent %s", 7914 iface->ifname, wpa_s->ifname); 7915 prev = iface; 7916 iface = iface->next; 7917 wpa_supplicant_remove_iface(global, prev, terminate); 7918 } 7919 7920 wpa_s->disconnected = 1; 7921 if (wpa_s->drv_priv) { 7922 /* 7923 * Don't deauthenticate if WoWLAN is enable and not explicitly 7924 * been configured to disconnect. 7925 */ 7926 if (!wpa_drv_get_wowlan(wpa_s) || 7927 wpa_s->conf->wowlan_disconnect_on_deinit) { 7928 wpa_supplicant_deauthenticate( 7929 wpa_s, WLAN_REASON_DEAUTH_LEAVING); 7930 7931 wpa_drv_set_countermeasures(wpa_s, 0); 7932 wpa_clear_keys(wpa_s, NULL); 7933 } else { 7934 wpa_msg(wpa_s, MSG_INFO, 7935 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled"); 7936 } 7937 } 7938 7939 wpa_supplicant_cleanup(wpa_s); 7940 wpas_p2p_deinit_iface(wpa_s); 7941 7942 wpas_ctrl_radio_work_flush(wpa_s); 7943 radio_remove_interface(wpa_s); 7944 7945 #ifdef CONFIG_FST 7946 if (wpa_s->fst) { 7947 fst_detach(wpa_s->fst); 7948 wpa_s->fst = NULL; 7949 } 7950 if (wpa_s->received_mb_ies) { 7951 wpabuf_free(wpa_s->received_mb_ies); 7952 wpa_s->received_mb_ies = NULL; 7953 } 7954 #endif /* CONFIG_FST */ 7955 7956 if (wpa_s->drv_priv) 7957 wpa_drv_deinit(wpa_s); 7958 7959 if (notify) 7960 wpas_notify_iface_removed(wpa_s); 7961 7962 if (terminate) 7963 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); 7964 7965 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface); 7966 wpa_s->ctrl_iface = NULL; 7967 7968 #ifdef CONFIG_MESH 7969 if (wpa_s->ifmsh) { 7970 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true); 7971 wpa_s->ifmsh = NULL; 7972 } 7973 #endif /* CONFIG_MESH */ 7974 7975 if (wpa_s->conf != NULL) { 7976 wpa_config_free(wpa_s->conf); 7977 wpa_s->conf = NULL; 7978 } 7979 7980 os_free(wpa_s->ssids_from_scan_req); 7981 os_free(wpa_s->last_scan_freqs); 7982 7983 os_free(wpa_s); 7984 } 7985 7986 7987 #ifdef CONFIG_MATCH_IFACE 7988 7989 /** 7990 * wpa_supplicant_match_iface - Match an interface description to a name 7991 * @global: Pointer to global data from wpa_supplicant_init() 7992 * @ifname: Name of the interface to match 7993 * Returns: Pointer to the created interface description or %NULL on failure 7994 */ wpa_supplicant_match_iface(struct wpa_global * global,const char * ifname)7995 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global, 7996 const char *ifname) 7997 { 7998 int i; 7999 struct wpa_interface *iface, *miface; 8000 8001 for (i = 0; i < global->params.match_iface_count; i++) { 8002 miface = &global->params.match_ifaces[i]; 8003 if (!miface->ifname || 8004 fnmatch(miface->ifname, ifname, 0) == 0) { 8005 iface = os_zalloc(sizeof(*iface)); 8006 if (!iface) 8007 return NULL; 8008 *iface = *miface; 8009 if (!miface->ifname) 8010 iface->matched = WPA_IFACE_MATCHED_NULL; 8011 else 8012 iface->matched = WPA_IFACE_MATCHED; 8013 iface->ifname = ifname; 8014 return iface; 8015 } 8016 } 8017 8018 return NULL; 8019 } 8020 8021 8022 /** 8023 * wpa_supplicant_match_existing - Match existing interfaces 8024 * @global: Pointer to global data from wpa_supplicant_init() 8025 * Returns: 0 on success, -1 on failure 8026 */ wpa_supplicant_match_existing(struct wpa_global * global)8027 static int wpa_supplicant_match_existing(struct wpa_global *global) 8028 { 8029 struct if_nameindex *ifi, *ifp; 8030 struct wpa_supplicant *wpa_s; 8031 struct wpa_interface *iface; 8032 8033 ifp = if_nameindex(); 8034 if (!ifp) { 8035 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno)); 8036 return -1; 8037 } 8038 8039 for (ifi = ifp; ifi->if_name; ifi++) { 8040 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name); 8041 if (wpa_s) 8042 continue; 8043 iface = wpa_supplicant_match_iface(global, ifi->if_name); 8044 if (iface) { 8045 wpa_supplicant_add_iface(global, iface, NULL); 8046 os_free(iface); 8047 } 8048 } 8049 8050 if_freenameindex(ifp); 8051 return 0; 8052 } 8053 8054 #endif /* CONFIG_MATCH_IFACE */ 8055 8056 8057 /** 8058 * wpa_supplicant_add_iface - Add a new network interface 8059 * @global: Pointer to global data from wpa_supplicant_init() 8060 * @iface: Interface configuration options 8061 * @parent: Parent interface or %NULL to assign new interface as parent 8062 * Returns: Pointer to the created interface or %NULL on failure 8063 * 8064 * This function is used to add new network interfaces for %wpa_supplicant. 8065 * This can be called before wpa_supplicant_run() to add interfaces before the 8066 * main event loop has been started. In addition, new interfaces can be added 8067 * dynamically while %wpa_supplicant is already running. This could happen, 8068 * e.g., when a hotplug network adapter is inserted. 8069 */ wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)8070 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, 8071 struct wpa_interface *iface, 8072 struct wpa_supplicant *parent) 8073 { 8074 struct wpa_supplicant *wpa_s; 8075 struct wpa_interface t_iface; 8076 struct wpa_ssid *ssid; 8077 8078 if (global == NULL || iface == NULL) 8079 return NULL; 8080 8081 wpa_s = wpa_supplicant_alloc(parent); 8082 if (wpa_s == NULL) 8083 return NULL; 8084 8085 wpa_s->global = global; 8086 8087 t_iface = *iface; 8088 if (global->params.override_driver) { 8089 wpa_printf(MSG_DEBUG, "Override interface parameter: driver " 8090 "('%s' -> '%s')", 8091 iface->driver, global->params.override_driver); 8092 t_iface.driver = global->params.override_driver; 8093 } 8094 if (global->params.override_ctrl_interface) { 8095 wpa_printf(MSG_DEBUG, "Override interface parameter: " 8096 "ctrl_interface ('%s' -> '%s')", 8097 iface->ctrl_interface, 8098 global->params.override_ctrl_interface); 8099 t_iface.ctrl_interface = 8100 global->params.override_ctrl_interface; 8101 } 8102 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { 8103 wpa_printf(MSG_DEBUG, "Failed to add interface %s", 8104 iface->ifname); 8105 wpa_supplicant_deinit_iface(wpa_s, 0, 0); 8106 return NULL; 8107 } 8108 8109 if (iface->p2p_mgmt == 0) { 8110 /* Notify the control interfaces about new iface */ 8111 if (wpas_notify_iface_added(wpa_s)) { 8112 wpa_supplicant_deinit_iface(wpa_s, 1, 0); 8113 return NULL; 8114 } 8115 8116 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) 8117 wpas_notify_network_added(wpa_s, ssid); 8118 } 8119 8120 wpa_s->next = global->ifaces; 8121 global->ifaces = wpa_s; 8122 8123 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); 8124 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); 8125 8126 #ifdef CONFIG_P2P 8127 if (wpa_s->global->p2p == NULL && 8128 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled && 8129 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) && 8130 wpas_p2p_add_p2pdev_interface( 8131 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) { 8132 wpa_printf(MSG_INFO, 8133 "P2P: Failed to enable P2P Device interface"); 8134 /* Try to continue without. P2P will be disabled. */ 8135 } 8136 #endif /* CONFIG_P2P */ 8137 8138 return wpa_s; 8139 } 8140 8141 8142 /** 8143 * wpa_supplicant_remove_iface - Remove a network interface 8144 * @global: Pointer to global data from wpa_supplicant_init() 8145 * @wpa_s: Pointer to the network interface to be removed 8146 * Returns: 0 if interface was removed, -1 if interface was not found 8147 * 8148 * This function can be used to dynamically remove network interfaces from 8149 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In 8150 * addition, this function is used to remove all remaining interfaces when 8151 * %wpa_supplicant is terminated. 8152 */ wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)8153 int wpa_supplicant_remove_iface(struct wpa_global *global, 8154 struct wpa_supplicant *wpa_s, 8155 int terminate) 8156 { 8157 struct wpa_supplicant *prev; 8158 #ifdef CONFIG_MESH 8159 unsigned int mesh_if_created = wpa_s->mesh_if_created; 8160 char *ifname = NULL; 8161 struct wpa_supplicant *parent = wpa_s->parent; 8162 #endif /* CONFIG_MESH */ 8163 8164 /* Remove interface from the global list of interfaces */ 8165 prev = global->ifaces; 8166 if (prev == wpa_s) { 8167 global->ifaces = wpa_s->next; 8168 } else { 8169 while (prev && prev->next != wpa_s) 8170 prev = prev->next; 8171 if (prev == NULL) 8172 return -1; 8173 prev->next = wpa_s->next; 8174 } 8175 8176 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); 8177 8178 #ifdef CONFIG_MESH 8179 if (mesh_if_created) { 8180 ifname = os_strdup(wpa_s->ifname); 8181 if (ifname == NULL) { 8182 wpa_dbg(wpa_s, MSG_ERROR, 8183 "mesh: Failed to malloc ifname"); 8184 return -1; 8185 } 8186 } 8187 #endif /* CONFIG_MESH */ 8188 8189 if (global->p2p_group_formation == wpa_s) 8190 global->p2p_group_formation = NULL; 8191 if (global->p2p_invite_group == wpa_s) 8192 global->p2p_invite_group = NULL; 8193 wpa_supplicant_deinit_iface(wpa_s, 1, terminate); 8194 8195 #ifdef CONFIG_MESH 8196 if (mesh_if_created) { 8197 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname); 8198 os_free(ifname); 8199 } 8200 #endif /* CONFIG_MESH */ 8201 8202 return 0; 8203 } 8204 8205 8206 /** 8207 * wpa_supplicant_get_eap_mode - Get the current EAP mode 8208 * @wpa_s: Pointer to the network interface 8209 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found 8210 */ wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)8211 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) 8212 { 8213 const char *eapol_method; 8214 8215 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && 8216 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { 8217 return "NO-EAP"; 8218 } 8219 8220 eapol_method = eapol_sm_get_method_name(wpa_s->eapol); 8221 if (eapol_method == NULL) 8222 return "UNKNOWN-EAP"; 8223 8224 return eapol_method; 8225 } 8226 8227 8228 /** 8229 * wpa_supplicant_get_iface - Get a new network interface 8230 * @global: Pointer to global data from wpa_supplicant_init() 8231 * @ifname: Interface name 8232 * Returns: Pointer to the interface or %NULL if not found 8233 */ wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)8234 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, 8235 const char *ifname) 8236 { 8237 struct wpa_supplicant *wpa_s; 8238 8239 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 8240 if (os_strcmp(wpa_s->ifname, ifname) == 0) 8241 return wpa_s; 8242 } 8243 return NULL; 8244 } 8245 8246 8247 #ifndef CONFIG_NO_WPA_MSG wpa_supplicant_msg_ifname_cb(void * ctx)8248 static const char * wpa_supplicant_msg_ifname_cb(void *ctx) 8249 { 8250 struct wpa_supplicant *wpa_s = ctx; 8251 if (wpa_s == NULL) 8252 return NULL; 8253 return wpa_s->ifname; 8254 } 8255 #endif /* CONFIG_NO_WPA_MSG */ 8256 8257 8258 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL 8259 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10 8260 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */ 8261 8262 /* Periodic cleanup tasks */ wpas_periodic(void * eloop_ctx,void * timeout_ctx)8263 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx) 8264 { 8265 struct wpa_global *global = eloop_ctx; 8266 struct wpa_supplicant *wpa_s; 8267 8268 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, 8269 wpas_periodic, global, NULL); 8270 8271 #ifdef CONFIG_P2P 8272 if (global->p2p) 8273 p2p_expire_peers(global->p2p); 8274 #endif /* CONFIG_P2P */ 8275 8276 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { 8277 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age); 8278 #ifdef CONFIG_AP 8279 ap_periodic(wpa_s); 8280 #endif /* CONFIG_AP */ 8281 } 8282 } 8283 8284 8285 /** 8286 * wpa_supplicant_init - Initialize %wpa_supplicant 8287 * @params: Parameters for %wpa_supplicant 8288 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure 8289 * 8290 * This function is used to initialize %wpa_supplicant. After successful 8291 * initialization, the returned data pointer can be used to add and remove 8292 * network interfaces, and eventually, to deinitialize %wpa_supplicant. 8293 */ wpa_supplicant_init(struct wpa_params * params)8294 struct wpa_global * wpa_supplicant_init(struct wpa_params *params) 8295 { 8296 struct wpa_global *global; 8297 int ret, i; 8298 8299 if (params == NULL) 8300 return NULL; 8301 8302 #ifdef CONFIG_DRIVER_NDIS 8303 { 8304 void driver_ndis_init_ops(void); 8305 driver_ndis_init_ops(); 8306 } 8307 #endif /* CONFIG_DRIVER_NDIS */ 8308 8309 #ifndef CONFIG_NO_WPA_MSG 8310 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); 8311 #endif /* CONFIG_NO_WPA_MSG */ 8312 8313 if (params->wpa_debug_file_path) 8314 wpa_debug_open_file(params->wpa_debug_file_path); 8315 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog) 8316 wpa_debug_setup_stdout(); 8317 if (params->wpa_debug_syslog) 8318 wpa_debug_open_syslog(); 8319 if (params->wpa_debug_tracing) { 8320 ret = wpa_debug_open_linux_tracing(); 8321 if (ret) { 8322 wpa_printf(MSG_ERROR, 8323 "Failed to enable trace logging"); 8324 return NULL; 8325 } 8326 } 8327 8328 ret = eap_register_methods(); 8329 if (ret) { 8330 wpa_printf(MSG_ERROR, "Failed to register EAP methods"); 8331 if (ret == -2) 8332 wpa_printf(MSG_ERROR, "Two or more EAP methods used " 8333 "the same EAP type."); 8334 return NULL; 8335 } 8336 8337 global = os_zalloc(sizeof(*global)); 8338 if (global == NULL) 8339 return NULL; 8340 dl_list_init(&global->p2p_srv_bonjour); 8341 dl_list_init(&global->p2p_srv_upnp); 8342 global->params.daemonize = params->daemonize; 8343 global->params.wait_for_monitor = params->wait_for_monitor; 8344 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; 8345 8346 if (params->pid_file) { 8347 global->params.pid_file = os_strdup(params->pid_file); 8348 if (!global->params.pid_file) { 8349 wpa_supplicant_deinit(global); 8350 return NULL; 8351 } 8352 } 8353 8354 if (params->ctrl_interface) { 8355 global->params.ctrl_interface = 8356 os_strdup(params->ctrl_interface); 8357 if (!global->params.ctrl_interface) { 8358 wpa_supplicant_deinit(global); 8359 return NULL; 8360 } 8361 } 8362 8363 if (params->ctrl_interface_group) { 8364 global->params.ctrl_interface_group = 8365 os_strdup(params->ctrl_interface_group); 8366 if (!global->params.ctrl_interface_group) { 8367 wpa_supplicant_deinit(global); 8368 return NULL; 8369 } 8370 } 8371 8372 if (params->override_driver) { 8373 global->params.override_driver = 8374 os_strdup(params->override_driver); 8375 if (!global->params.override_driver) { 8376 wpa_supplicant_deinit(global); 8377 return NULL; 8378 } 8379 } 8380 8381 if (params->override_ctrl_interface) { 8382 global->params.override_ctrl_interface = 8383 os_strdup(params->override_ctrl_interface); 8384 if (!global->params.override_ctrl_interface) { 8385 wpa_supplicant_deinit(global); 8386 return NULL; 8387 } 8388 } 8389 8390 #ifdef CONFIG_MATCH_IFACE 8391 global->params.match_iface_count = params->match_iface_count; 8392 if (params->match_iface_count) { 8393 global->params.match_ifaces = 8394 os_calloc(params->match_iface_count, 8395 sizeof(struct wpa_interface)); 8396 if (!global->params.match_ifaces) { 8397 wpa_printf(MSG_ERROR, 8398 "Failed to allocate match interfaces"); 8399 wpa_supplicant_deinit(global); 8400 return NULL; 8401 } 8402 os_memcpy(global->params.match_ifaces, 8403 params->match_ifaces, 8404 params->match_iface_count * 8405 sizeof(struct wpa_interface)); 8406 } 8407 #endif /* CONFIG_MATCH_IFACE */ 8408 #ifdef CONFIG_P2P 8409 if (params->conf_p2p_dev) { 8410 global->params.conf_p2p_dev = 8411 os_strdup(params->conf_p2p_dev); 8412 if (!global->params.conf_p2p_dev) { 8413 wpa_printf(MSG_ERROR, "Failed to allocate conf p2p"); 8414 wpa_supplicant_deinit(global); 8415 return NULL; 8416 } 8417 } 8418 #endif /* CONFIG_P2P */ 8419 wpa_debug_level = global->params.wpa_debug_level = 8420 params->wpa_debug_level; 8421 wpa_debug_show_keys = global->params.wpa_debug_show_keys = 8422 params->wpa_debug_show_keys; 8423 wpa_debug_timestamp = global->params.wpa_debug_timestamp = 8424 params->wpa_debug_timestamp; 8425 8426 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR); 8427 8428 if (eloop_init()) { 8429 wpa_printf(MSG_ERROR, "Failed to initialize event loop"); 8430 wpa_supplicant_deinit(global); 8431 return NULL; 8432 } 8433 8434 random_init(params->entropy_file); 8435 8436 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); 8437 if (global->ctrl_iface == NULL) { 8438 wpa_supplicant_deinit(global); 8439 return NULL; 8440 } 8441 8442 if (wpas_notify_supplicant_initialized(global)) { 8443 wpa_supplicant_deinit(global); 8444 return NULL; 8445 } 8446 8447 for (i = 0; wpa_drivers[i]; i++) 8448 global->drv_count++; 8449 if (global->drv_count == 0) { 8450 wpa_printf(MSG_ERROR, "No drivers enabled"); 8451 wpa_supplicant_deinit(global); 8452 return NULL; 8453 } 8454 global->drv_priv = os_calloc(global->drv_count, sizeof(void *)); 8455 if (global->drv_priv == NULL) { 8456 wpa_supplicant_deinit(global); 8457 return NULL; 8458 } 8459 8460 #ifdef CONFIG_WIFI_DISPLAY 8461 if (wifi_display_init(global) < 0) { 8462 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display"); 8463 wpa_supplicant_deinit(global); 8464 return NULL; 8465 } 8466 #endif /* CONFIG_WIFI_DISPLAY */ 8467 8468 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0, 8469 wpas_periodic, global, NULL); 8470 8471 return global; 8472 } 8473 8474 8475 /** 8476 * wpa_supplicant_run - Run the %wpa_supplicant main event loop 8477 * @global: Pointer to global data from wpa_supplicant_init() 8478 * Returns: 0 after successful event loop run, -1 on failure 8479 * 8480 * This function starts the main event loop and continues running as long as 8481 * there are any remaining events. In most cases, this function is running as 8482 * long as the %wpa_supplicant process in still in use. 8483 */ wpa_supplicant_run(struct wpa_global * global)8484 int wpa_supplicant_run(struct wpa_global *global) 8485 { 8486 struct wpa_supplicant *wpa_s; 8487 8488 if (global->params.daemonize && 8489 (wpa_supplicant_daemon(global->params.pid_file) || 8490 eloop_sock_requeue())) 8491 return -1; 8492 8493 #ifdef CONFIG_MATCH_IFACE 8494 if (wpa_supplicant_match_existing(global)) 8495 return -1; 8496 #endif 8497 8498 if (global->params.wait_for_monitor) { 8499 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) 8500 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt) 8501 wpa_supplicant_ctrl_iface_wait( 8502 wpa_s->ctrl_iface); 8503 } 8504 8505 eloop_register_signal_terminate(wpa_supplicant_terminate, global); 8506 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); 8507 8508 eloop_run(); 8509 8510 return 0; 8511 } 8512 8513 8514 /** 8515 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant 8516 * @global: Pointer to global data from wpa_supplicant_init() 8517 * 8518 * This function is called to deinitialize %wpa_supplicant and to free all 8519 * allocated resources. Remaining network interfaces will also be removed. 8520 */ wpa_supplicant_deinit(struct wpa_global * global)8521 void wpa_supplicant_deinit(struct wpa_global *global) 8522 { 8523 int i; 8524 8525 if (global == NULL) 8526 return; 8527 8528 eloop_cancel_timeout(wpas_periodic, global, NULL); 8529 8530 #ifdef CONFIG_WIFI_DISPLAY 8531 wifi_display_deinit(global); 8532 #endif /* CONFIG_WIFI_DISPLAY */ 8533 8534 while (global->ifaces) 8535 wpa_supplicant_remove_iface(global, global->ifaces, 1); 8536 8537 if (global->ctrl_iface) 8538 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); 8539 8540 wpas_notify_supplicant_deinitialized(global); 8541 8542 eap_peer_unregister_methods(); 8543 #ifdef CONFIG_AP 8544 eap_server_unregister_methods(); 8545 #endif /* CONFIG_AP */ 8546 8547 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { 8548 if (!global->drv_priv[i]) 8549 continue; 8550 wpa_drivers[i]->global_deinit(global->drv_priv[i]); 8551 } 8552 os_free(global->drv_priv); 8553 8554 random_deinit(); 8555 8556 eloop_destroy(); 8557 8558 if (global->params.pid_file) { 8559 os_daemonize_terminate(global->params.pid_file); 8560 os_free(global->params.pid_file); 8561 } 8562 os_free(global->params.ctrl_interface); 8563 os_free(global->params.ctrl_interface_group); 8564 os_free(global->params.override_driver); 8565 os_free(global->params.override_ctrl_interface); 8566 #ifdef CONFIG_MATCH_IFACE 8567 os_free(global->params.match_ifaces); 8568 #endif /* CONFIG_MATCH_IFACE */ 8569 #ifdef CONFIG_P2P 8570 os_free(global->params.conf_p2p_dev); 8571 #endif /* CONFIG_P2P */ 8572 8573 os_free(global->p2p_disallow_freq.range); 8574 os_free(global->p2p_go_avoid_freq.range); 8575 os_free(global->add_psk); 8576 8577 os_free(global); 8578 wpa_debug_close_syslog(); 8579 wpa_debug_close_file(); 8580 wpa_debug_close_linux_tracing(); 8581 } 8582 8583 wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)8584 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) 8585 { 8586 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && 8587 wpa_s->conf->country[0] && wpa_s->conf->country[1]) { 8588 char country[3]; 8589 country[0] = wpa_s->conf->country[0]; 8590 country[1] = wpa_s->conf->country[1]; 8591 country[2] = '\0'; 8592 if (wpa_drv_set_country(wpa_s, country) < 0) { 8593 wpa_printf(MSG_ERROR, "Failed to set country code " 8594 "'%s'", country); 8595 } 8596 } 8597 8598 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND) 8599 wpas_init_ext_pw(wpa_s); 8600 8601 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS) 8602 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans); 8603 8604 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) { 8605 struct wpa_driver_capa capa; 8606 int res = wpa_drv_get_capa(wpa_s, &capa); 8607 8608 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0) 8609 wpa_printf(MSG_ERROR, 8610 "Failed to update wowlan_triggers to '%s'", 8611 wpa_s->conf->wowlan_triggers); 8612 } 8613 8614 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM) 8615 wpa_supplicant_set_default_scan_ies(wpa_s); 8616 8617 if (wpa_s->conf->changed_parameters & CFG_CHANGED_FT_PREPEND_PMKID) 8618 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID, 8619 wpa_s->conf->ft_prepend_pmkid); 8620 8621 #ifdef CONFIG_BGSCAN 8622 /* 8623 * We default to global bgscan parameters only when per-network bgscan 8624 * parameters aren't set. Only bother resetting bgscan parameters if 8625 * this is the case. 8626 */ 8627 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) && 8628 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan && 8629 wpa_s->wpa_state == WPA_COMPLETED) 8630 wpa_supplicant_reset_bgscan(wpa_s); 8631 #endif /* CONFIG_BGSCAN */ 8632 8633 #ifdef CONFIG_WPS 8634 wpas_wps_update_config(wpa_s); 8635 #endif /* CONFIG_WPS */ 8636 wpas_p2p_update_config(wpa_s); 8637 wpa_s->conf->changed_parameters = 0; 8638 } 8639 8640 add_freq(int * freqs,int * num_freqs,int freq)8641 void add_freq(int *freqs, int *num_freqs, int freq) 8642 { 8643 int i; 8644 8645 for (i = 0; i < *num_freqs; i++) { 8646 if (freqs[i] == freq) 8647 return; 8648 } 8649 8650 freqs[*num_freqs] = freq; 8651 (*num_freqs)++; 8652 } 8653 8654 get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)8655 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) 8656 { 8657 struct wpa_bss *bss, *cbss; 8658 const int max_freqs = 10; 8659 int *freqs; 8660 int num_freqs = 0; 8661 8662 freqs = os_calloc(max_freqs + 1, sizeof(int)); 8663 if (freqs == NULL) 8664 return NULL; 8665 8666 cbss = wpa_s->current_bss; 8667 8668 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { 8669 if (bss == cbss) 8670 continue; 8671 if (bss->ssid_len == cbss->ssid_len && 8672 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && 8673 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) { 8674 add_freq(freqs, &num_freqs, bss->freq); 8675 if (num_freqs == max_freqs) 8676 break; 8677 } 8678 } 8679 8680 if (num_freqs == 0) { 8681 os_free(freqs); 8682 freqs = NULL; 8683 } 8684 8685 return freqs; 8686 } 8687 8688 wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 ** link_bssids)8689 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid, 8690 const u8 **link_bssids) 8691 { 8692 int timeout; 8693 int count; 8694 int *freqs = NULL; 8695 8696 wpas_connect_work_done(wpa_s); 8697 8698 /* 8699 * Remove possible authentication timeout since the connection failed. 8700 */ 8701 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); 8702 8703 /* 8704 * There is no point in ignoring the AP temporarily if this event is 8705 * generated based on local request to disconnect. 8706 */ 8707 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) { 8708 wpa_s->own_disconnect_req = 0; 8709 wpa_dbg(wpa_s, MSG_DEBUG, 8710 "Ignore connection failure due to local request to disconnect"); 8711 return; 8712 } 8713 if (wpa_s->disconnected) { 8714 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure " 8715 "indication since interface has been put into " 8716 "disconnected state"); 8717 return; 8718 } 8719 8720 /* Also mark links as failed */ 8721 while (link_bssids && *link_bssids) { 8722 wpa_bssid_ignore_add(wpa_s, *link_bssids); 8723 link_bssids++; 8724 } 8725 8726 /* 8727 * Add the failed BSSID into the ignore list and speed up next scan 8728 * attempt if there could be other APs that could accept association. 8729 */ 8730 count = wpa_bssid_ignore_add(wpa_s, bssid); 8731 if (count == 1 && wpa_s->current_bss) { 8732 /* 8733 * This BSS was not in the ignore list before. If there is 8734 * another BSS available for the same ESS, we should try that 8735 * next. Otherwise, we may as well try this one once more 8736 * before allowing other, likely worse, ESSes to be considered. 8737 */ 8738 freqs = get_bss_freqs_in_ess(wpa_s); 8739 if (freqs) { 8740 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " 8741 "has been seen; try it next"); 8742 wpa_bssid_ignore_add(wpa_s, bssid); 8743 /* 8744 * On the next scan, go through only the known channels 8745 * used in this ESS based on previous scans to speed up 8746 * common load balancing use case. 8747 */ 8748 os_free(wpa_s->next_scan_freqs); 8749 wpa_s->next_scan_freqs = freqs; 8750 } 8751 } 8752 8753 wpa_s->consecutive_conn_failures++; 8754 8755 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) { 8756 wpa_printf(MSG_DEBUG, "Continuous association failures - " 8757 "consider temporary network disabling"); 8758 wpas_auth_failed(wpa_s, "CONN_FAILED", bssid); 8759 } 8760 /* 8761 * Multiple consecutive connection failures mean that other APs are 8762 * either not available or have already been tried, so we can start 8763 * increasing the delay here to avoid constant scanning. 8764 */ 8765 switch (wpa_s->consecutive_conn_failures) { 8766 case 1: 8767 timeout = 100; 8768 break; 8769 case 2: 8770 timeout = 500; 8771 break; 8772 case 3: 8773 timeout = 1000; 8774 break; 8775 case 4: 8776 timeout = 5000; 8777 break; 8778 default: 8779 timeout = 10000; 8780 break; 8781 } 8782 8783 wpa_dbg(wpa_s, MSG_DEBUG, 8784 "Consecutive connection failures: %d --> request scan in %d ms", 8785 wpa_s->consecutive_conn_failures, timeout); 8786 8787 /* 8788 * TODO: if more than one possible AP is available in scan results, 8789 * could try the other ones before requesting a new scan. 8790 */ 8791 8792 /* speed up the connection attempt with normal scan */ 8793 wpa_s->normal_scans = 0; 8794 wpa_supplicant_req_scan(wpa_s, timeout / 1000, 8795 1000 * (timeout % 1000)); 8796 } 8797 8798 8799 #ifdef CONFIG_FILS 8800 fils_pmksa_cache_flush(struct wpa_supplicant * wpa_s)8801 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s) 8802 { 8803 struct wpa_ssid *ssid = wpa_s->current_ssid; 8804 const u8 *realm, *username, *rrk; 8805 size_t realm_len, username_len, rrk_len; 8806 u16 next_seq_num; 8807 8808 /* Clear the PMKSA cache entry if FILS authentication was rejected. 8809 * Check for ERP keys existing to limit when this can be done since 8810 * the rejection response is not protected and such triggers should 8811 * really not allow internal state to be modified unless required to 8812 * avoid significant issues in functionality. In addition, drop 8813 * externally configure PMKSA entries even without ERP keys since it 8814 * is possible for an external component to add PMKSA entries for FILS 8815 * authentication without restoring previously generated ERP keys. 8816 * 8817 * In this case, this is needed to allow recovery from cases where the 8818 * AP or authentication server has dropped PMKSAs and ERP keys. */ 8819 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt)) 8820 return; 8821 8822 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, 8823 &username, &username_len, 8824 &realm, &realm_len, &next_seq_num, 8825 &rrk, &rrk_len) != 0 || 8826 !realm) { 8827 wpa_dbg(wpa_s, MSG_DEBUG, 8828 "FILS: Drop external PMKSA cache entry"); 8829 wpa_sm_aborted_external_cached(wpa_s->wpa); 8830 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid); 8831 return; 8832 } 8833 8834 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry"); 8835 wpa_sm_aborted_cached(wpa_s->wpa); 8836 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid); 8837 } 8838 8839 fils_connection_failure(struct wpa_supplicant * wpa_s)8840 void fils_connection_failure(struct wpa_supplicant *wpa_s) 8841 { 8842 struct wpa_ssid *ssid = wpa_s->current_ssid; 8843 const u8 *realm, *username, *rrk; 8844 size_t realm_len, username_len, rrk_len; 8845 u16 next_seq_num; 8846 8847 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) || 8848 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, 8849 &username, &username_len, 8850 &realm, &realm_len, &next_seq_num, 8851 &rrk, &rrk_len) != 0 || 8852 !realm) 8853 return; 8854 8855 wpa_hexdump_ascii(MSG_DEBUG, 8856 "FILS: Store last connection failure realm", 8857 realm, realm_len); 8858 os_free(wpa_s->last_con_fail_realm); 8859 wpa_s->last_con_fail_realm = os_malloc(realm_len); 8860 if (wpa_s->last_con_fail_realm) { 8861 wpa_s->last_con_fail_realm_len = realm_len; 8862 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len); 8863 } 8864 } 8865 #endif /* CONFIG_FILS */ 8866 8867 wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)8868 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) 8869 { 8870 return wpa_s->conf->ap_scan == 2 || 8871 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); 8872 } 8873 8874 wpas_driver_rsn_override(struct wpa_supplicant * wpa_s)8875 static bool wpas_driver_rsn_override(struct wpa_supplicant *wpa_s) 8876 { 8877 return !!(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_RSN_OVERRIDE_STA); 8878 } 8879 8880 wpas_rsn_overriding(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8881 bool wpas_rsn_overriding(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 8882 { 8883 enum wpas_rsn_overriding rsno; 8884 8885 if (ssid && ssid->rsn_overriding != RSN_OVERRIDING_NOT_SET) 8886 rsno = ssid->rsn_overriding; 8887 else 8888 rsno = wpa_s->conf->rsn_overriding; 8889 8890 if (rsno == RSN_OVERRIDING_DISABLED) 8891 return false; 8892 8893 if (rsno == RSN_OVERRIDING_ENABLED) 8894 return true; 8895 8896 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) || 8897 wpas_driver_bss_selection(wpa_s)) 8898 return wpas_driver_rsn_override(wpa_s); 8899 8900 return true; 8901 } 8902 8903 8904 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)8905 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, 8906 struct wpa_ssid *ssid, 8907 const char *field, 8908 const char *value) 8909 { 8910 #ifdef IEEE8021X_EAPOL 8911 struct eap_peer_config *eap = &ssid->eap; 8912 8913 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field); 8914 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value", 8915 (const u8 *) value, os_strlen(value)); 8916 8917 switch (wpa_supplicant_ctrl_req_from_string(field)) { 8918 case WPA_CTRL_REQ_EAP_IDENTITY: 8919 os_free(eap->identity); 8920 eap->identity = (u8 *) os_strdup(value); 8921 if (!eap->identity) 8922 return -1; 8923 eap->identity_len = os_strlen(value); 8924 eap->pending_req_identity = 0; 8925 if (ssid == wpa_s->current_ssid) 8926 wpa_s->reassociate = 1; 8927 break; 8928 case WPA_CTRL_REQ_EAP_PASSWORD: 8929 bin_clear_free(eap->password, eap->password_len); 8930 eap->password = (u8 *) os_strdup(value); 8931 if (!eap->password) 8932 return -1; 8933 eap->password_len = os_strlen(value); 8934 eap->pending_req_password = 0; 8935 if (ssid == wpa_s->current_ssid) 8936 wpa_s->reassociate = 1; 8937 break; 8938 case WPA_CTRL_REQ_EAP_NEW_PASSWORD: 8939 bin_clear_free(eap->new_password, eap->new_password_len); 8940 eap->new_password = (u8 *) os_strdup(value); 8941 if (!eap->new_password) 8942 return -1; 8943 eap->new_password_len = os_strlen(value); 8944 eap->pending_req_new_password = 0; 8945 if (ssid == wpa_s->current_ssid) 8946 wpa_s->reassociate = 1; 8947 break; 8948 case WPA_CTRL_REQ_EAP_PIN: 8949 str_clear_free(eap->cert.pin); 8950 eap->cert.pin = os_strdup(value); 8951 if (!eap->cert.pin) 8952 return -1; 8953 eap->pending_req_pin = 0; 8954 if (ssid == wpa_s->current_ssid) 8955 wpa_s->reassociate = 1; 8956 break; 8957 case WPA_CTRL_REQ_EAP_OTP: 8958 bin_clear_free(eap->otp, eap->otp_len); 8959 eap->otp = (u8 *) os_strdup(value); 8960 if (!eap->otp) 8961 return -1; 8962 eap->otp_len = os_strlen(value); 8963 os_free(eap->pending_req_otp); 8964 eap->pending_req_otp = NULL; 8965 eap->pending_req_otp_len = 0; 8966 break; 8967 case WPA_CTRL_REQ_EAP_PASSPHRASE: 8968 str_clear_free(eap->cert.private_key_passwd); 8969 eap->cert.private_key_passwd = os_strdup(value); 8970 if (!eap->cert.private_key_passwd) 8971 return -1; 8972 eap->pending_req_passphrase = 0; 8973 if (ssid == wpa_s->current_ssid) 8974 wpa_s->reassociate = 1; 8975 break; 8976 case WPA_CTRL_REQ_SIM: 8977 str_clear_free(eap->external_sim_resp); 8978 eap->external_sim_resp = os_strdup(value); 8979 if (!eap->external_sim_resp) 8980 return -1; 8981 eap->pending_req_sim = 0; 8982 break; 8983 case WPA_CTRL_REQ_PSK_PASSPHRASE: 8984 if (wpa_config_set(ssid, "psk", value, 0) < 0) 8985 return -1; 8986 ssid->mem_only_psk = 1; 8987 if (ssid->passphrase) 8988 wpa_config_update_psk(ssid); 8989 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning) 8990 wpa_supplicant_req_scan(wpa_s, 0, 0); 8991 break; 8992 case WPA_CTRL_REQ_EXT_CERT_CHECK: 8993 if (eap->pending_ext_cert_check != PENDING_CHECK) 8994 return -1; 8995 if (os_strcmp(value, "good") == 0) 8996 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD; 8997 else if (os_strcmp(value, "bad") == 0) 8998 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD; 8999 else 9000 return -1; 9001 break; 9002 default: 9003 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field); 9004 return -1; 9005 } 9006 9007 return 0; 9008 #else /* IEEE8021X_EAPOL */ 9009 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included"); 9010 return -1; 9011 #endif /* IEEE8021X_EAPOL */ 9012 } 9013 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */ 9014 9015 wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)9016 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 9017 { 9018 #ifdef CONFIG_WEP 9019 int i; 9020 unsigned int drv_enc; 9021 #endif /* CONFIG_WEP */ 9022 9023 if (wpa_s->p2p_mgmt) 9024 return 1; /* no normal network profiles on p2p_mgmt interface */ 9025 9026 if (ssid == NULL) 9027 return 1; 9028 9029 if (ssid->disabled) 9030 return 1; 9031 9032 #ifdef CONFIG_WEP 9033 if (wpa_s->drv_capa_known) 9034 drv_enc = wpa_s->drv_enc; 9035 else 9036 drv_enc = (unsigned int) -1; 9037 9038 for (i = 0; i < NUM_WEP_KEYS; i++) { 9039 size_t len = ssid->wep_key_len[i]; 9040 if (len == 0) 9041 continue; 9042 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40)) 9043 continue; 9044 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104)) 9045 continue; 9046 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128)) 9047 continue; 9048 return 1; /* invalid WEP key */ 9049 } 9050 #endif /* CONFIG_WEP */ 9051 9052 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && 9053 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk && 9054 !(wpa_key_mgmt_sae(ssid->key_mgmt) && 9055 (ssid->passphrase || ssid->sae_password || ssid->pmk_valid)) && 9056 !ssid->mem_only_psk) 9057 return 1; 9058 9059 #ifdef IEEE8021X_EAPOL 9060 #ifdef CRYPTO_RSA_OAEP_SHA256 9061 if (ssid->eap.imsi_privacy_cert) { 9062 struct crypto_rsa_key *key; 9063 bool failed = false; 9064 9065 key = crypto_rsa_key_read(ssid->eap.imsi_privacy_cert, false); 9066 if (!key) 9067 failed = true; 9068 crypto_rsa_key_free(key); 9069 if (failed) { 9070 wpa_printf(MSG_DEBUG, 9071 "Invalid imsi_privacy_cert (%s) - disable network", 9072 ssid->eap.imsi_privacy_cert); 9073 return 1; 9074 } 9075 } 9076 #endif /* CRYPTO_RSA_OAEP_SHA256 */ 9077 #endif /* IEEE8021X_EAPOL */ 9078 9079 return 0; 9080 } 9081 9082 wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)9083 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) 9084 { 9085 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) { 9086 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL && 9087 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) { 9088 /* 9089 * Driver does not support BIP -- ignore pmf=1 default 9090 * since the connection with PMF would fail and the 9091 * configuration does not require PMF to be enabled. 9092 */ 9093 return NO_MGMT_FRAME_PROTECTION; 9094 } 9095 9096 if (ssid && 9097 (ssid->key_mgmt & 9098 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS | 9099 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) { 9100 /* 9101 * Do not use the default PMF value for non-RSN networks 9102 * since PMF is available only with RSN and pmf=2 9103 * configuration would otherwise prevent connections to 9104 * all open networks. 9105 */ 9106 return NO_MGMT_FRAME_PROTECTION; 9107 } 9108 9109 #ifdef CONFIG_OCV 9110 /* Enable PMF if OCV is being enabled */ 9111 if (wpa_s->conf->pmf == NO_MGMT_FRAME_PROTECTION && 9112 ssid && ssid->ocv) 9113 return MGMT_FRAME_PROTECTION_OPTIONAL; 9114 #endif /* CONFIG_OCV */ 9115 9116 return wpa_s->conf->pmf; 9117 } 9118 9119 return ssid->ieee80211w; 9120 } 9121 9122 9123 #ifdef CONFIG_SAE 9124 wpas_get_ssid_sae_pwe(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)9125 enum sae_pwe wpas_get_ssid_sae_pwe(struct wpa_supplicant *wpa_s, 9126 struct wpa_ssid *ssid) 9127 { 9128 if (!ssid || ssid->sae_pwe == DEFAULT_SAE_PWE) 9129 return wpa_s->conf->sae_pwe; 9130 return ssid->sae_pwe; 9131 } 9132 9133 wpas_is_sae_avoided(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const struct wpa_ie_data * ie)9134 bool wpas_is_sae_avoided(struct wpa_supplicant *wpa_s, 9135 struct wpa_ssid *ssid, 9136 const struct wpa_ie_data *ie) 9137 { 9138 return wpa_s->conf->sae_check_mfp && 9139 (!(ie->capabilities & 9140 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) || 9141 wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION); 9142 } 9143 9144 #endif /* CONFIG_SAE */ 9145 9146 pmf_in_use(struct wpa_supplicant * wpa_s,const u8 * addr)9147 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr) 9148 { 9149 if (wpa_s->current_ssid == NULL || 9150 wpa_s->wpa_state < WPA_4WAY_HANDSHAKE) 9151 return 0; 9152 if (wpa_s->valid_links) { 9153 if (!ether_addr_equal(addr, wpa_s->ap_mld_addr) && 9154 !wpas_ap_link_address(wpa_s, addr)) 9155 return 0; 9156 } else { 9157 if (!ether_addr_equal(addr, wpa_s->bssid)) 9158 return 0; 9159 } 9160 return wpa_sm_pmf_enabled(wpa_s->wpa); 9161 } 9162 9163 wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)9164 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) 9165 { 9166 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) 9167 return 1; 9168 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) 9169 return 0; 9170 return -1; 9171 } 9172 9173 wpas_auth_failed(struct wpa_supplicant * wpa_s,const char * reason,const u8 * bssid)9174 void wpas_auth_failed(struct wpa_supplicant *wpa_s, const char *reason, 9175 const u8 *bssid) 9176 { 9177 struct wpa_ssid *ssid = wpa_s->current_ssid; 9178 int dur; 9179 struct os_reltime now; 9180 9181 if (ssid == NULL) { 9182 wpa_printf(MSG_DEBUG, "Authentication failure but no known " 9183 "SSID block"); 9184 return; 9185 } 9186 9187 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS) 9188 return; 9189 9190 ssid->auth_failures++; 9191 9192 #ifdef CONFIG_P2P 9193 if (ssid->p2p_group && 9194 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) { 9195 /* 9196 * Skip the wait time since there is a short timeout on the 9197 * connection to a P2P group. 9198 */ 9199 return; 9200 } 9201 #endif /* CONFIG_P2P */ 9202 9203 if (ssid->auth_failures > 50) 9204 dur = 300; 9205 else if (ssid->auth_failures > 10) 9206 dur = 120; 9207 else if (ssid->auth_failures > 5) 9208 dur = 90; 9209 else if (ssid->auth_failures > 3) 9210 dur = 60; 9211 else if (ssid->auth_failures > 2) 9212 dur = 30; 9213 else if (ssid->auth_failures > 1) 9214 dur = 20; 9215 else 9216 dur = 10; 9217 9218 if (ssid->auth_failures > 1 && 9219 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) 9220 dur += os_random() % (ssid->auth_failures * 10); 9221 9222 os_get_reltime(&now); 9223 if (now.sec + dur <= ssid->disabled_until.sec) 9224 return; 9225 9226 ssid->disabled_until.sec = now.sec + dur; 9227 9228 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED 9229 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s", 9230 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len), 9231 ssid->auth_failures, dur, reason); 9232 9233 if (bssid) 9234 os_memcpy(ssid->disabled_due_to, bssid, ETH_ALEN); 9235 } 9236 9237 wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)9238 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s, 9239 struct wpa_ssid *ssid, int clear_failures) 9240 { 9241 if (ssid == NULL) 9242 return; 9243 9244 if (ssid->disabled_until.sec) { 9245 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED 9246 "id=%d ssid=\"%s\"", 9247 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); 9248 } 9249 ssid->disabled_until.sec = 0; 9250 ssid->disabled_until.usec = 0; 9251 if (clear_failures) { 9252 ssid->auth_failures = 0; 9253 } else if (!is_zero_ether_addr(ssid->disabled_due_to)) { 9254 wpa_printf(MSG_DEBUG, "Mark BSSID " MACSTR 9255 " ignored to allow a lower priority BSS, if any, to be tried next", 9256 MAC2STR(ssid->disabled_due_to)); 9257 wpa_bssid_ignore_add(wpa_s, ssid->disabled_due_to); 9258 os_memset(ssid->disabled_due_to, 0, ETH_ALEN); 9259 } 9260 } 9261 9262 disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)9263 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid) 9264 { 9265 size_t i; 9266 9267 if (wpa_s->disallow_aps_bssid == NULL) 9268 return 0; 9269 9270 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) { 9271 if (ether_addr_equal(wpa_s->disallow_aps_bssid + i * ETH_ALEN, 9272 bssid)) 9273 return 1; 9274 } 9275 9276 return 0; 9277 } 9278 9279 disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)9280 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, 9281 size_t ssid_len) 9282 { 9283 size_t i; 9284 9285 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL) 9286 return 0; 9287 9288 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) { 9289 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i]; 9290 if (ssid_len == s->ssid_len && 9291 os_memcmp(ssid, s->ssid, ssid_len) == 0) 9292 return 1; 9293 } 9294 9295 return 0; 9296 } 9297 9298 9299 /** 9300 * wpas_request_connection - Request a new connection 9301 * @wpa_s: Pointer to the network interface 9302 * 9303 * This function is used to request a new connection to be found. It will mark 9304 * the interface to allow reassociation and request a new scan to find a 9305 * suitable network to connect to. 9306 */ wpas_request_connection(struct wpa_supplicant * wpa_s)9307 void wpas_request_connection(struct wpa_supplicant *wpa_s) 9308 { 9309 wpa_s->normal_scans = 0; 9310 wpa_s->scan_req = NORMAL_SCAN_REQ; 9311 wpa_supplicant_reinit_autoscan(wpa_s); 9312 wpa_s->disconnected = 0; 9313 wpa_s->reassociate = 1; 9314 wpa_s->last_owe_group = 0; 9315 9316 if (wpa_supplicant_fast_associate(wpa_s) != 1) 9317 wpa_supplicant_req_scan(wpa_s, 0, 0); 9318 else 9319 wpa_s->reattach = 0; 9320 } 9321 9322 9323 /** 9324 * wpas_request_disconnection - Request disconnection 9325 * @wpa_s: Pointer to the network interface 9326 * 9327 * This function is used to request disconnection from the currently connected 9328 * network. This will stop any ongoing scans and initiate deauthentication. 9329 */ wpas_request_disconnection(struct wpa_supplicant * wpa_s)9330 void wpas_request_disconnection(struct wpa_supplicant *wpa_s) 9331 { 9332 #ifdef CONFIG_SME 9333 wpa_s->sme.prev_bssid_set = 0; 9334 #endif /* CONFIG_SME */ 9335 wpa_s->reassociate = 0; 9336 wpa_s->disconnected = 1; 9337 wpa_supplicant_cancel_sched_scan(wpa_s); 9338 wpa_supplicant_cancel_scan(wpa_s); 9339 wpas_abort_ongoing_scan(wpa_s); 9340 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); 9341 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL); 9342 radio_remove_works(wpa_s, "connect", 0); 9343 radio_remove_works(wpa_s, "sme-connect", 0); 9344 wpa_s->roam_in_progress = false; 9345 #ifdef CONFIG_WNM 9346 wpa_s->bss_trans_mgmt_in_progress = false; 9347 #endif /* CONFIG_WNM */ 9348 } 9349 9350 dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)9351 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title, 9352 struct wpa_used_freq_data *freqs_data, 9353 unsigned int len) 9354 { 9355 unsigned int i; 9356 9357 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s", 9358 len, title); 9359 for (i = 0; i < len; i++) { 9360 struct wpa_used_freq_data *cur = &freqs_data[i]; 9361 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X", 9362 i, cur->freq, cur->flags); 9363 } 9364 } 9365 9366 9367 /* 9368 * Find the operating frequencies of any of the virtual interfaces that 9369 * are using the same radio as the current interface, and in addition, get 9370 * information about the interface types that are using the frequency. 9371 */ get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len,bool exclude_current)9372 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s, 9373 struct wpa_used_freq_data *freqs_data, 9374 unsigned int len, bool exclude_current) 9375 { 9376 struct wpa_supplicant *ifs; 9377 u8 bssid[ETH_ALEN]; 9378 int freq; 9379 unsigned int idx = 0, i; 9380 9381 wpa_dbg(wpa_s, MSG_DEBUG, 9382 "Determining shared radio frequencies (max len %u)", len); 9383 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len); 9384 9385 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant, 9386 radio_list) { 9387 if (idx == len) 9388 break; 9389 9390 if (exclude_current && ifs == wpa_s) 9391 continue; 9392 9393 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0) 9394 continue; 9395 9396 if (ifs->current_ssid->mode == WPAS_MODE_AP || 9397 ifs->current_ssid->mode == WPAS_MODE_P2P_GO || 9398 ifs->current_ssid->mode == WPAS_MODE_MESH) 9399 freq = ifs->current_ssid->frequency; 9400 else if (wpa_drv_get_bssid(ifs, bssid) == 0) 9401 freq = ifs->assoc_freq; 9402 else 9403 continue; 9404 9405 /* Hold only distinct freqs */ 9406 for (i = 0; i < idx; i++) 9407 if (freqs_data[i].freq == freq) 9408 break; 9409 9410 if (i == idx) 9411 freqs_data[idx++].freq = freq; 9412 9413 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) { 9414 freqs_data[i].flags |= ifs->current_ssid->p2p_group ? 9415 WPA_FREQ_USED_BY_P2P_CLIENT : 9416 WPA_FREQ_USED_BY_INFRA_STATION; 9417 } 9418 } 9419 9420 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx); 9421 return idx; 9422 } 9423 9424 9425 /* 9426 * Find the operating frequencies of any of the virtual interfaces that 9427 * are using the same radio as the current interface. 9428 */ get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len,bool exclude_current)9429 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s, 9430 int *freq_array, unsigned int len, 9431 bool exclude_current) 9432 { 9433 struct wpa_used_freq_data *freqs_data; 9434 int num, i; 9435 9436 os_memset(freq_array, 0, sizeof(int) * len); 9437 9438 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data)); 9439 if (!freqs_data) 9440 return -1; 9441 9442 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len, 9443 exclude_current); 9444 for (i = 0; i < num; i++) 9445 freq_array[i] = freqs_data[i].freq; 9446 9447 os_free(freqs_data); 9448 9449 return num; 9450 } 9451 9452 9453 struct wpa_supplicant * wpas_vendor_elem(struct wpa_supplicant * wpa_s,enum wpa_vendor_elem_frame frame)9454 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame) 9455 { 9456 switch (frame) { 9457 #ifdef CONFIG_P2P 9458 case VENDOR_ELEM_PROBE_REQ_P2P: 9459 case VENDOR_ELEM_PROBE_RESP_P2P: 9460 case VENDOR_ELEM_PROBE_RESP_P2P_GO: 9461 case VENDOR_ELEM_BEACON_P2P_GO: 9462 case VENDOR_ELEM_P2P_PD_REQ: 9463 case VENDOR_ELEM_P2P_PD_RESP: 9464 case VENDOR_ELEM_P2P_GO_NEG_REQ: 9465 case VENDOR_ELEM_P2P_GO_NEG_RESP: 9466 case VENDOR_ELEM_P2P_GO_NEG_CONF: 9467 case VENDOR_ELEM_P2P_INV_REQ: 9468 case VENDOR_ELEM_P2P_INV_RESP: 9469 case VENDOR_ELEM_P2P_ASSOC_REQ: 9470 case VENDOR_ELEM_P2P_ASSOC_RESP: 9471 return wpa_s->p2pdev; 9472 #endif /* CONFIG_P2P */ 9473 default: 9474 return wpa_s; 9475 } 9476 } 9477 9478 wpas_vendor_elem_update(struct wpa_supplicant * wpa_s)9479 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s) 9480 { 9481 unsigned int i; 9482 char buf[30]; 9483 9484 wpa_printf(MSG_DEBUG, "Update vendor elements"); 9485 9486 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) { 9487 if (wpa_s->vendor_elem[i]) { 9488 int res; 9489 9490 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i); 9491 if (!os_snprintf_error(sizeof(buf), res)) { 9492 wpa_hexdump_buf(MSG_DEBUG, buf, 9493 wpa_s->vendor_elem[i]); 9494 } 9495 } 9496 } 9497 9498 #ifdef CONFIG_P2P 9499 if (wpa_s->parent == wpa_s && 9500 wpa_s->global->p2p && 9501 !wpa_s->global->p2p_disabled) 9502 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem); 9503 #endif /* CONFIG_P2P */ 9504 } 9505 9506 wpas_vendor_elem_remove(struct wpa_supplicant * wpa_s,int frame,const u8 * elem,size_t len)9507 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame, 9508 const u8 *elem, size_t len) 9509 { 9510 u8 *ie, *end; 9511 9512 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]); 9513 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]); 9514 9515 for (; ie + 1 < end; ie += 2 + ie[1]) { 9516 if (ie + len > end) 9517 break; 9518 if (os_memcmp(ie, elem, len) != 0) 9519 continue; 9520 9521 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) { 9522 wpabuf_free(wpa_s->vendor_elem[frame]); 9523 wpa_s->vendor_elem[frame] = NULL; 9524 } else { 9525 os_memmove(ie, ie + len, end - (ie + len)); 9526 wpa_s->vendor_elem[frame]->used -= len; 9527 } 9528 wpas_vendor_elem_update(wpa_s); 9529 return 0; 9530 } 9531 9532 return -1; 9533 } 9534 9535 get_mode(struct hostapd_hw_modes * modes,u16 num_modes,enum hostapd_hw_mode mode,bool is_6ghz)9536 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes, 9537 u16 num_modes, enum hostapd_hw_mode mode, 9538 bool is_6ghz) 9539 { 9540 u16 i; 9541 9542 if (!modes) 9543 return NULL; 9544 9545 for (i = 0; i < num_modes; i++) { 9546 if (modes[i].mode != mode || 9547 !modes[i].num_channels || !modes[i].channels) 9548 continue; 9549 if (is_6ghz == modes[i].is_6ghz) 9550 return &modes[i]; 9551 } 9552 9553 return NULL; 9554 } 9555 9556 get_mode_with_freq(struct hostapd_hw_modes * modes,u16 num_modes,int freq)9557 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes, 9558 u16 num_modes, int freq) 9559 { 9560 int i, j; 9561 9562 for (i = 0; i < num_modes; i++) { 9563 for (j = 0; j < modes[i].num_channels; j++) { 9564 if (freq == modes[i].channels[j].freq) 9565 return &modes[i]; 9566 } 9567 } 9568 9569 return NULL; 9570 } 9571 9572 9573 static struct wpas_get_disallowed_bss(struct wpa_supplicant * wpa_s,const u8 * bssid)9574 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s, 9575 const u8 *bssid) 9576 { 9577 struct wpa_bss_tmp_disallowed *bss; 9578 9579 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed, 9580 struct wpa_bss_tmp_disallowed, list) { 9581 if (ether_addr_equal(bssid, bss->bssid)) 9582 return bss; 9583 } 9584 9585 return NULL; 9586 } 9587 9588 wpa_set_driver_tmp_disallow_list(struct wpa_supplicant * wpa_s)9589 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s) 9590 { 9591 struct wpa_bss_tmp_disallowed *tmp; 9592 unsigned int num_bssid = 0; 9593 u8 *bssids; 9594 int ret; 9595 9596 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN); 9597 if (!bssids) 9598 return -1; 9599 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, 9600 struct wpa_bss_tmp_disallowed, list) { 9601 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid, 9602 ETH_ALEN); 9603 num_bssid++; 9604 } 9605 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids); 9606 os_free(bssids); 9607 return ret; 9608 } 9609 9610 wpa_bss_tmp_disallow_timeout(void * eloop_ctx,void * timeout_ctx)9611 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx) 9612 { 9613 struct wpa_supplicant *wpa_s = eloop_ctx; 9614 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx; 9615 9616 /* Make sure the bss is not already freed */ 9617 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed, 9618 struct wpa_bss_tmp_disallowed, list) { 9619 if (bss == tmp) { 9620 remove_bss_tmp_disallowed_entry(wpa_s, tmp); 9621 wpa_set_driver_tmp_disallow_list(wpa_s); 9622 break; 9623 } 9624 } 9625 } 9626 9627 wpa_bss_tmp_disallow(struct wpa_supplicant * wpa_s,const u8 * bssid,unsigned int sec,int rssi_threshold)9628 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid, 9629 unsigned int sec, int rssi_threshold) 9630 { 9631 struct wpa_bss_tmp_disallowed *bss; 9632 9633 bss = wpas_get_disallowed_bss(wpa_s, bssid); 9634 if (bss) { 9635 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss); 9636 goto finish; 9637 } 9638 9639 bss = os_malloc(sizeof(*bss)); 9640 if (!bss) { 9641 wpa_printf(MSG_DEBUG, 9642 "Failed to allocate memory for temp disallow BSS"); 9643 return; 9644 } 9645 9646 os_memcpy(bss->bssid, bssid, ETH_ALEN); 9647 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list); 9648 wpa_set_driver_tmp_disallow_list(wpa_s); 9649 9650 finish: 9651 bss->rssi_threshold = rssi_threshold; 9652 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout, 9653 wpa_s, bss); 9654 } 9655 9656 wpa_is_bss_tmp_disallowed(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9657 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s, 9658 struct wpa_bss *bss) 9659 { 9660 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev; 9661 9662 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed, 9663 struct wpa_bss_tmp_disallowed, list) { 9664 if (ether_addr_equal(bss->bssid, tmp->bssid)) { 9665 disallowed = tmp; 9666 break; 9667 } 9668 } 9669 if (!disallowed) 9670 return 0; 9671 9672 if (disallowed->rssi_threshold != 0 && 9673 bss->level > disallowed->rssi_threshold) { 9674 remove_bss_tmp_disallowed_entry(wpa_s, disallowed); 9675 wpa_set_driver_tmp_disallow_list(wpa_s); 9676 return 0; 9677 } 9678 9679 return 1; 9680 } 9681 9682 wpas_enable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type,const u8 * addr,const u8 * mask)9683 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s, 9684 unsigned int type, const u8 *addr, 9685 const u8 *mask) 9686 { 9687 if ((addr && !mask) || (!addr && mask)) { 9688 wpa_printf(MSG_INFO, 9689 "MAC_ADDR_RAND_SCAN invalid addr/mask combination"); 9690 return -1; 9691 } 9692 9693 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) { 9694 wpa_printf(MSG_INFO, 9695 "MAC_ADDR_RAND_SCAN cannot allow multicast address"); 9696 return -1; 9697 } 9698 9699 if (type & MAC_ADDR_RAND_SCAN) { 9700 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN, 9701 addr, mask)) 9702 return -1; 9703 } 9704 9705 if (type & MAC_ADDR_RAND_SCHED_SCAN) { 9706 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN, 9707 addr, mask)) 9708 return -1; 9709 9710 if (wpa_s->sched_scanning && !wpa_s->pno) 9711 wpas_scan_restart_sched_scan(wpa_s); 9712 } 9713 9714 if (type & MAC_ADDR_RAND_PNO) { 9715 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO, 9716 addr, mask)) 9717 return -1; 9718 9719 if (wpa_s->pno) { 9720 wpas_stop_pno(wpa_s); 9721 wpas_start_pno(wpa_s); 9722 } 9723 } 9724 9725 return 0; 9726 } 9727 9728 wpas_disable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type)9729 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s, 9730 unsigned int type) 9731 { 9732 wpas_mac_addr_rand_scan_clear(wpa_s, type); 9733 if (wpa_s->pno) { 9734 if (type & MAC_ADDR_RAND_PNO) { 9735 wpas_stop_pno(wpa_s); 9736 wpas_start_pno(wpa_s); 9737 } 9738 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) { 9739 wpas_scan_restart_sched_scan(wpa_s); 9740 } 9741 9742 return 0; 9743 } 9744 9745 wpa_drv_signal_poll(struct wpa_supplicant * wpa_s,struct wpa_signal_info * si)9746 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s, 9747 struct wpa_signal_info *si) 9748 { 9749 int res; 9750 9751 if (!wpa_s->driver->signal_poll) 9752 return -1; 9753 9754 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si); 9755 9756 #ifdef CONFIG_TESTING_OPTIONS 9757 if (res == 0) { 9758 struct driver_signal_override *dso; 9759 9760 dl_list_for_each(dso, &wpa_s->drv_signal_override, 9761 struct driver_signal_override, list) { 9762 if (!ether_addr_equal(wpa_s->bssid, dso->bssid)) 9763 continue; 9764 wpa_printf(MSG_DEBUG, 9765 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d", 9766 si->data.signal, 9767 dso->si_current_signal, 9768 si->data.avg_signal, 9769 dso->si_avg_signal, 9770 si->data.avg_beacon_signal, 9771 dso->si_avg_beacon_signal, 9772 si->current_noise, 9773 dso->si_current_noise); 9774 si->data.signal = dso->si_current_signal; 9775 si->data.avg_signal = dso->si_avg_signal; 9776 si->data.avg_beacon_signal = dso->si_avg_beacon_signal; 9777 si->current_noise = dso->si_current_noise; 9778 break; 9779 } 9780 } 9781 #endif /* CONFIG_TESTING_OPTIONS */ 9782 9783 return res; 9784 } 9785 9786 9787 struct wpa_scan_results * wpa_drv_get_scan_results(struct wpa_supplicant * wpa_s,const u8 * bssid)9788 wpa_drv_get_scan_results(struct wpa_supplicant *wpa_s, const u8 *bssid) 9789 { 9790 struct wpa_scan_results *scan_res; 9791 #ifdef CONFIG_TESTING_OPTIONS 9792 size_t idx; 9793 #endif /* CONFIG_TESTING_OPTIONS */ 9794 9795 if (wpa_s->driver->get_scan_results) 9796 scan_res = wpa_s->driver->get_scan_results(wpa_s->drv_priv, 9797 bssid); 9798 else if (wpa_s->driver->get_scan_results2) 9799 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv); 9800 else 9801 return NULL; 9802 9803 9804 #ifdef CONFIG_TESTING_OPTIONS 9805 for (idx = 0; scan_res && idx < scan_res->num; idx++) { 9806 struct driver_signal_override *dso; 9807 struct wpa_scan_res *res = scan_res->res[idx]; 9808 9809 dl_list_for_each(dso, &wpa_s->drv_signal_override, 9810 struct driver_signal_override, list) { 9811 if (!ether_addr_equal(res->bssid, dso->bssid)) 9812 continue; 9813 wpa_printf(MSG_DEBUG, 9814 "Override driver scan signal level %d->%d for " 9815 MACSTR, 9816 res->level, dso->scan_level, 9817 MAC2STR(res->bssid)); 9818 res->flags |= WPA_SCAN_QUAL_INVALID; 9819 if (dso->scan_level < 0) 9820 res->flags |= WPA_SCAN_LEVEL_DBM; 9821 else 9822 res->flags &= ~WPA_SCAN_LEVEL_DBM; 9823 res->level = dso->scan_level; 9824 break; 9825 } 9826 } 9827 #endif /* CONFIG_TESTING_OPTIONS */ 9828 9829 return scan_res; 9830 } 9831 9832 wpas_ap_link_address(struct wpa_supplicant * wpa_s,const u8 * addr)9833 bool wpas_ap_link_address(struct wpa_supplicant *wpa_s, const u8 *addr) 9834 { 9835 int i; 9836 9837 if (!wpa_s->valid_links) 9838 return false; 9839 9840 for_each_link(wpa_s->valid_links, i) { 9841 if (ether_addr_equal(wpa_s->links[i].bssid, addr)) 9842 return true; 9843 } 9844 9845 return false; 9846 } 9847 9848 wpa_drv_send_action(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int wait,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)9849 int wpa_drv_send_action(struct wpa_supplicant *wpa_s, unsigned int freq, 9850 unsigned int wait, const u8 *dst, const u8 *src, 9851 const u8 *bssid, const u8 *data, size_t data_len, 9852 int no_cck) 9853 { 9854 if (!wpa_s->driver->send_action) 9855 return -1; 9856 9857 if (data_len > 0 && data[0] != WLAN_ACTION_PUBLIC) { 9858 if (wpas_ap_link_address(wpa_s, dst)) 9859 dst = wpa_s->ap_mld_addr; 9860 9861 if (wpas_ap_link_address(wpa_s, bssid)) 9862 bssid = wpa_s->ap_mld_addr; 9863 } 9864 9865 return wpa_s->driver->send_action(wpa_s->drv_priv, freq, wait, dst, src, 9866 bssid, data, data_len, no_cck, -1); 9867 } 9868 9869 wpas_is_6ghz_supported(struct wpa_supplicant * wpa_s,bool only_enabled)9870 bool wpas_is_6ghz_supported(struct wpa_supplicant *wpa_s, bool only_enabled) 9871 { 9872 struct hostapd_channel_data *chnl; 9873 int i, j; 9874 9875 for (i = 0; i < wpa_s->hw.num_modes; i++) { 9876 if (wpa_s->hw.modes[i].mode == HOSTAPD_MODE_IEEE80211A) { 9877 chnl = wpa_s->hw.modes[i].channels; 9878 for (j = 0; j < wpa_s->hw.modes[i].num_channels; j++) { 9879 if (only_enabled && 9880 (chnl[j].flag & HOSTAPD_CHAN_DISABLED)) 9881 continue; 9882 if (is_6ghz_freq(chnl[j].freq)) 9883 return true; 9884 } 9885 } 9886 } 9887 9888 return false; 9889 } 9890 9891 wpas_ap_supports_rsn_overriding(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9892 bool wpas_ap_supports_rsn_overriding(struct wpa_supplicant *wpa_s, 9893 struct wpa_bss *bss) 9894 { 9895 int i; 9896 9897 if (!bss) 9898 return false; 9899 if (wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_IE_VENDOR_TYPE) || 9900 wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE)) 9901 return true; 9902 9903 if (!wpa_s->valid_links) 9904 return false; 9905 9906 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { 9907 if (!(wpa_s->valid_links & BIT(i))) 9908 continue; 9909 if (wpa_s->links[i].bss && 9910 (wpa_bss_get_vendor_ie(wpa_s->links[i].bss, 9911 RSNE_OVERRIDE_IE_VENDOR_TYPE) || 9912 wpa_bss_get_vendor_ie(wpa_s->links[i].bss, 9913 RSNE_OVERRIDE_2_IE_VENDOR_TYPE))) 9914 return true; 9915 } 9916 9917 return false; 9918 } 9919 9920 wpas_ap_supports_rsn_overriding_2(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9921 bool wpas_ap_supports_rsn_overriding_2(struct wpa_supplicant *wpa_s, 9922 struct wpa_bss *bss) 9923 { 9924 int i; 9925 9926 if (!bss) 9927 return false; 9928 if (wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE)) 9929 return true; 9930 9931 if (!wpa_s->valid_links) 9932 return false; 9933 9934 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) { 9935 if (!(wpa_s->valid_links & BIT(i))) 9936 continue; 9937 if (wpa_s->links[i].bss && 9938 wpa_bss_get_vendor_ie(wpa_s->links[i].bss, 9939 RSNE_OVERRIDE_2_IE_VENDOR_TYPE)) 9940 return true; 9941 } 9942 9943 return false; 9944 } 9945 9946 wpas_get_owe_trans_network(const u8 * owe_ie,const u8 ** bssid,const u8 ** ssid,size_t * ssid_len)9947 int wpas_get_owe_trans_network(const u8 *owe_ie, const u8 **bssid, 9948 const u8 **ssid, size_t *ssid_len) 9949 { 9950 #ifdef CONFIG_OWE 9951 const u8 *pos, *end; 9952 u8 ssid_len_tmp; 9953 9954 if (!owe_ie) 9955 return -1; 9956 9957 pos = owe_ie + 6; 9958 end = owe_ie + 2 + owe_ie[1]; 9959 9960 if (end - pos < ETH_ALEN + 1) 9961 return -1; 9962 *bssid = pos; 9963 pos += ETH_ALEN; 9964 ssid_len_tmp = *pos++; 9965 if (end - pos < ssid_len_tmp || ssid_len_tmp > SSID_MAX_LEN) 9966 return -1; 9967 9968 *ssid = pos; 9969 *ssid_len = ssid_len_tmp; 9970 9971 return 0; 9972 #else /* CONFIG_OWE */ 9973 return -1; 9974 #endif /* CONFIG_OWE */ 9975 } 9976