1 /*
2 * WPA Supplicant
3 * Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi>
4 *
5 * This software may be distributed under the terms of the BSD license.
6 * See README for more details.
7 *
8 * This file implements functions for registering and unregistering
9 * %wpa_supplicant interfaces. In addition, this file contains number of
10 * functions for managing network connections.
11 */
12
13 #include "includes.h"
14 #ifdef CONFIG_MATCH_IFACE
15 #include <net/if.h>
16 #include <fnmatch.h>
17 #endif /* CONFIG_MATCH_IFACE */
18
19 #include "common.h"
20 #include "crypto/crypto.h"
21 #include "crypto/random.h"
22 #include "crypto/sha1.h"
23 #include "eapol_supp/eapol_supp_sm.h"
24 #include "eap_peer/eap.h"
25 #include "eap_peer/eap_proxy.h"
26 #include "eap_server/eap_methods.h"
27 #include "rsn_supp/wpa.h"
28 #include "eloop.h"
29 #include "config.h"
30 #include "utils/ext_password.h"
31 #include "l2_packet/l2_packet.h"
32 #include "wpa_supplicant_i.h"
33 #include "driver_i.h"
34 #include "ctrl_iface.h"
35 #include "pcsc_funcs.h"
36 #include "common/version.h"
37 #include "rsn_supp/preauth.h"
38 #include "rsn_supp/pmksa_cache.h"
39 #include "common/wpa_ctrl.h"
40 #include "common/ieee802_11_common.h"
41 #include "common/ieee802_11_defs.h"
42 #include "common/hw_features_common.h"
43 #include "common/gas_server.h"
44 #include "common/dpp.h"
45 #include "common/ptksa_cache.h"
46 #include "p2p/p2p.h"
47 #include "fst/fst.h"
48 #include "bssid_ignore.h"
49 #include "wpas_glue.h"
50 #include "wps_supplicant.h"
51 #include "ibss_rsn.h"
52 #include "sme.h"
53 #include "gas_query.h"
54 #include "ap.h"
55 #include "p2p_supplicant.h"
56 #include "wifi_display.h"
57 #include "notify.h"
58 #include "bgscan.h"
59 #include "autoscan.h"
60 #include "bss.h"
61 #include "scan.h"
62 #include "offchannel.h"
63 #include "hs20_supplicant.h"
64 #include "wnm_sta.h"
65 #include "wpas_kay.h"
66 #include "mesh.h"
67 #include "dpp_supplicant.h"
68 #include "nan_usd.h"
69 #ifdef CONFIG_MESH
70 #include "ap/ap_config.h"
71 #include "ap/hostapd.h"
72 #endif /* CONFIG_MESH */
73
74 const char *const wpa_supplicant_version =
75 "wpa_supplicant v" VERSION_STR "\n"
76 "Copyright (c) 2003-2024, Jouni Malinen <j@w1.fi> and contributors";
77
78 const char *const wpa_supplicant_license =
79 "This software may be distributed under the terms of the BSD license.\n"
80 "See README for more details.\n"
81 #ifdef EAP_TLS_OPENSSL
82 "\nThis product includes software developed by the OpenSSL Project\n"
83 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
84 #endif /* EAP_TLS_OPENSSL */
85 ;
86
87 #ifndef CONFIG_NO_STDOUT_DEBUG
88 /* Long text divided into parts in order to fit in C89 strings size limits. */
89 const char *const wpa_supplicant_full_license1 =
90 "";
91 const char *const wpa_supplicant_full_license2 =
92 "This software may be distributed under the terms of the BSD license.\n"
93 "\n"
94 "Redistribution and use in source and binary forms, with or without\n"
95 "modification, are permitted provided that the following conditions are\n"
96 "met:\n"
97 "\n";
98 const char *const wpa_supplicant_full_license3 =
99 "1. Redistributions of source code must retain the above copyright\n"
100 " notice, this list of conditions and the following disclaimer.\n"
101 "\n"
102 "2. Redistributions in binary form must reproduce the above copyright\n"
103 " notice, this list of conditions and the following disclaimer in the\n"
104 " documentation and/or other materials provided with the distribution.\n"
105 "\n";
106 const char *const wpa_supplicant_full_license4 =
107 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
108 " names of its contributors may be used to endorse or promote products\n"
109 " derived from this software without specific prior written permission.\n"
110 "\n"
111 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
112 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
113 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
114 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n";
115 const char *const wpa_supplicant_full_license5 =
116 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
117 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
118 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
119 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
120 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
121 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
122 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
123 "\n";
124 #endif /* CONFIG_NO_STDOUT_DEBUG */
125
126
127 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx);
128 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx);
129 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
130 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s);
131 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
132 #ifdef CONFIG_OWE
133 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s);
134 #endif /* CONFIG_OWE */
135
136
137 #ifdef CONFIG_WEP
138 /* Configure default/group WEP keys for static WEP */
wpa_set_wep_keys(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)139 int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
140 {
141 int i, set = 0;
142
143 for (i = 0; i < NUM_WEP_KEYS; i++) {
144 if (ssid->wep_key_len[i] == 0)
145 continue;
146
147 set = 1;
148 wpa_drv_set_key(wpa_s, -1, WPA_ALG_WEP, NULL,
149 i, i == ssid->wep_tx_keyidx, NULL, 0,
150 ssid->wep_key[i], ssid->wep_key_len[i],
151 i == ssid->wep_tx_keyidx ?
152 KEY_FLAG_GROUP_RX_TX_DEFAULT :
153 KEY_FLAG_GROUP_RX_TX);
154 }
155
156 return set;
157 }
158 #endif /* CONFIG_WEP */
159
160
wpa_supplicant_set_wpa_none_key(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)161 int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
162 struct wpa_ssid *ssid)
163 {
164 u8 key[32];
165 size_t keylen;
166 enum wpa_alg alg;
167 u8 seq[6] = { 0 };
168 int ret;
169
170 /* IBSS/WPA-None uses only one key (Group) for both receiving and
171 * sending unicast and multicast packets. */
172
173 if (ssid->mode != WPAS_MODE_IBSS) {
174 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not "
175 "IBSS/ad-hoc) for WPA-None", ssid->mode);
176 return -1;
177 }
178
179 if (!ssid->psk_set) {
180 wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for "
181 "WPA-None");
182 return -1;
183 }
184
185 switch (wpa_s->group_cipher) {
186 case WPA_CIPHER_CCMP:
187 os_memcpy(key, ssid->psk, 16);
188 keylen = 16;
189 alg = WPA_ALG_CCMP;
190 break;
191 case WPA_CIPHER_GCMP:
192 os_memcpy(key, ssid->psk, 16);
193 keylen = 16;
194 alg = WPA_ALG_GCMP;
195 break;
196 case WPA_CIPHER_TKIP:
197 /* WPA-None uses the same Michael MIC key for both TX and RX */
198 os_memcpy(key, ssid->psk, 16 + 8);
199 os_memcpy(key + 16 + 8, ssid->psk + 16, 8);
200 keylen = 32;
201 alg = WPA_ALG_TKIP;
202 break;
203 default:
204 wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for "
205 "WPA-None", wpa_s->group_cipher);
206 return -1;
207 }
208
209 /* TODO: should actually remember the previously used seq#, both for TX
210 * and RX from each STA.. */
211
212 ret = wpa_drv_set_key(wpa_s, -1, alg, NULL, 0, 1, seq, 6, key, keylen,
213 KEY_FLAG_GROUP_RX_TX_DEFAULT);
214 os_memset(key, 0, sizeof(key));
215 return ret;
216 }
217
218
wpa_supplicant_timeout(void * eloop_ctx,void * timeout_ctx)219 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
220 {
221 struct wpa_supplicant *wpa_s = eloop_ctx;
222 const u8 *bssid = wpa_s->bssid;
223 if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
224 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
225 wpa_s->wpa_state == WPA_ASSOCIATING))
226 bssid = wpa_s->pending_bssid;
227 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
228 MAC2STR(bssid));
229 wpa_bssid_ignore_add(wpa_s, bssid);
230 wpa_sm_notify_disassoc(wpa_s->wpa);
231 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
232 wpa_s->reassociate = 1;
233
234 /*
235 * If we timed out, the AP or the local radio may be busy.
236 * So, wait a second until scanning again.
237 */
238 wpa_supplicant_req_scan(wpa_s, 1, 0);
239 }
240
241
242 /**
243 * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication
244 * @wpa_s: Pointer to wpa_supplicant data
245 * @sec: Number of seconds after which to time out authentication
246 * @usec: Number of microseconds after which to time out authentication
247 *
248 * This function is used to schedule a timeout for the current authentication
249 * attempt.
250 */
wpa_supplicant_req_auth_timeout(struct wpa_supplicant * wpa_s,int sec,int usec)251 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
252 int sec, int usec)
253 {
254 if (wpa_s->conf->ap_scan == 0 &&
255 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED))
256 return;
257
258 wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
259 "%d usec", sec, usec);
260 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
261 wpa_s->last_auth_timeout_sec = sec;
262 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
263 }
264
265
266 /*
267 * wpas_auth_timeout_restart - Restart and change timeout for authentication
268 * @wpa_s: Pointer to wpa_supplicant data
269 * @sec_diff: difference in seconds applied to original timeout value
270 */
wpas_auth_timeout_restart(struct wpa_supplicant * wpa_s,int sec_diff)271 void wpas_auth_timeout_restart(struct wpa_supplicant *wpa_s, int sec_diff)
272 {
273 int new_sec = wpa_s->last_auth_timeout_sec + sec_diff;
274
275 if (eloop_is_timeout_registered(wpa_supplicant_timeout, wpa_s, NULL)) {
276 wpa_dbg(wpa_s, MSG_DEBUG,
277 "Authentication timeout restart: %d sec", new_sec);
278 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
279 eloop_register_timeout(new_sec, 0, wpa_supplicant_timeout,
280 wpa_s, NULL);
281 }
282 }
283
284
285 /**
286 * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout
287 * @wpa_s: Pointer to wpa_supplicant data
288 *
289 * This function is used to cancel authentication timeout scheduled with
290 * wpa_supplicant_req_auth_timeout() and it is called when authentication has
291 * been completed.
292 */
wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant * wpa_s)293 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
294 {
295 wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
296 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
297 wpa_bssid_ignore_del(wpa_s, wpa_s->bssid);
298 os_free(wpa_s->last_con_fail_realm);
299 wpa_s->last_con_fail_realm = NULL;
300 wpa_s->last_con_fail_realm_len = 0;
301 }
302
303
304 /**
305 * wpa_supplicant_initiate_eapol - Configure EAPOL state machine
306 * @wpa_s: Pointer to wpa_supplicant data
307 *
308 * This function is used to configure EAPOL state machine based on the selected
309 * authentication mode.
310 */
wpa_supplicant_initiate_eapol(struct wpa_supplicant * wpa_s)311 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
312 {
313 #ifdef IEEE8021X_EAPOL
314 struct eapol_config eapol_conf;
315 struct wpa_ssid *ssid = wpa_s->current_ssid;
316
317 #ifdef CONFIG_IBSS_RSN
318 if (ssid->mode == WPAS_MODE_IBSS &&
319 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
320 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
321 /*
322 * RSN IBSS authentication is per-STA and we can disable the
323 * per-BSSID EAPOL authentication.
324 */
325 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
326 eapol_sm_notify_eap_success(wpa_s->eapol, true);
327 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
328 return;
329 }
330 #endif /* CONFIG_IBSS_RSN */
331
332 eapol_sm_notify_eap_success(wpa_s->eapol, false);
333 eapol_sm_notify_eap_fail(wpa_s->eapol, false);
334
335 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
336 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
337 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
338 else
339 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
340
341 os_memset(&eapol_conf, 0, sizeof(eapol_conf));
342 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
343 eapol_conf.accept_802_1x_keys = 1;
344 eapol_conf.required_keys = 0;
345 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
346 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
347 }
348 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
349 eapol_conf.required_keys |=
350 EAPOL_REQUIRE_KEY_BROADCAST;
351 }
352
353 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)
354 eapol_conf.required_keys = 0;
355 }
356 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
357 eapol_conf.workaround = ssid->eap_workaround;
358 eapol_conf.eap_disabled =
359 !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) &&
360 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
361 wpa_s->key_mgmt != WPA_KEY_MGMT_WPS;
362 eapol_conf.external_sim = wpa_s->conf->external_sim;
363
364 #ifdef CONFIG_WPS
365 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
366 eapol_conf.wps |= EAPOL_LOCAL_WPS_IN_USE;
367 if (wpa_s->current_bss) {
368 struct wpabuf *ie;
369 ie = wpa_bss_get_vendor_ie_multi(wpa_s->current_bss,
370 WPS_IE_VENDOR_TYPE);
371 if (ie) {
372 if (wps_is_20(ie))
373 eapol_conf.wps |=
374 EAPOL_PEER_IS_WPS20_AP;
375 wpabuf_free(ie);
376 }
377 }
378 }
379 #endif /* CONFIG_WPS */
380
381 eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf);
382
383 #ifdef CONFIG_MACSEC
384 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE && ssid->mka_psk_set)
385 ieee802_1x_create_preshared_mka(wpa_s, ssid);
386 else
387 ieee802_1x_alloc_kay_sm(wpa_s, ssid);
388 #endif /* CONFIG_MACSEC */
389 #endif /* IEEE8021X_EAPOL */
390 }
391
392
393 /**
394 * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode
395 * @wpa_s: Pointer to wpa_supplicant data
396 * @ssid: Configuration data for the network
397 *
398 * This function is used to configure WPA state machine and related parameters
399 * to a mode where WPA is not enabled. This is called as part of the
400 * authentication configuration when the selected network does not use WPA.
401 */
wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)402 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
403 struct wpa_ssid *ssid)
404 {
405 #ifdef CONFIG_WEP
406 int i;
407 #endif /* CONFIG_WEP */
408 struct wpa_sm_mlo mlo;
409
410 if (ssid->key_mgmt & WPA_KEY_MGMT_WPS)
411 wpa_s->key_mgmt = WPA_KEY_MGMT_WPS;
412 else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
413 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
414 else
415 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
416 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
417 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
418 wpa_sm_set_ap_rsnxe(wpa_s->wpa, NULL, 0);
419 wpa_sm_set_ap_rsne_override(wpa_s->wpa, NULL, 0);
420 wpa_sm_set_ap_rsne_override_2(wpa_s->wpa, NULL, 0);
421 wpa_sm_set_ap_rsnxe_override(wpa_s->wpa, NULL, 0);
422 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
423 #ifndef CONFIG_NO_WPA
424 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
425 #endif /* CONFIG_NO_WPA */
426 wpa_s->rsnxe_len = 0;
427 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
428 wpa_s->group_cipher = WPA_CIPHER_NONE;
429 wpa_s->mgmt_group_cipher = 0;
430
431 #ifdef CONFIG_WEP
432 for (i = 0; i < NUM_WEP_KEYS; i++) {
433 if (ssid->wep_key_len[i] > 5) {
434 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
435 wpa_s->group_cipher = WPA_CIPHER_WEP104;
436 break;
437 } else if (ssid->wep_key_len[i] > 0) {
438 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
439 wpa_s->group_cipher = WPA_CIPHER_WEP40;
440 break;
441 }
442 }
443 #endif /* CONFIG_WEP */
444
445 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0);
446 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
447 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
448 wpa_s->pairwise_cipher);
449 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
450 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
451 wpa_s->mgmt_group_cipher);
452 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, 0);
453
454 pmksa_cache_clear_current(wpa_s->wpa);
455 os_memset(&mlo, 0, sizeof(mlo));
456 wpa_sm_set_mlo_params(wpa_s->wpa, &mlo);
457 }
458
459
free_hw_features(struct wpa_supplicant * wpa_s)460 void free_hw_features(struct wpa_supplicant *wpa_s)
461 {
462 int i;
463 if (wpa_s->hw.modes == NULL)
464 return;
465
466 for (i = 0; i < wpa_s->hw.num_modes; i++) {
467 os_free(wpa_s->hw.modes[i].channels);
468 os_free(wpa_s->hw.modes[i].rates);
469 }
470
471 os_free(wpa_s->hw.modes);
472 wpa_s->hw.modes = NULL;
473 }
474
475
remove_bss_tmp_disallowed_entry(struct wpa_supplicant * wpa_s,struct wpa_bss_tmp_disallowed * bss)476 static void remove_bss_tmp_disallowed_entry(struct wpa_supplicant *wpa_s,
477 struct wpa_bss_tmp_disallowed *bss)
478 {
479 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
480 dl_list_del(&bss->list);
481 os_free(bss);
482 }
483
484
free_bss_tmp_disallowed(struct wpa_supplicant * wpa_s)485 void free_bss_tmp_disallowed(struct wpa_supplicant *wpa_s)
486 {
487 struct wpa_bss_tmp_disallowed *bss, *prev;
488
489 dl_list_for_each_safe(bss, prev, &wpa_s->bss_tmp_disallowed,
490 struct wpa_bss_tmp_disallowed, list)
491 remove_bss_tmp_disallowed_entry(wpa_s, bss);
492 }
493
494
wpas_flush_fils_hlp_req(struct wpa_supplicant * wpa_s)495 void wpas_flush_fils_hlp_req(struct wpa_supplicant *wpa_s)
496 {
497 struct fils_hlp_req *req;
498
499 while ((req = dl_list_first(&wpa_s->fils_hlp_req, struct fils_hlp_req,
500 list)) != NULL) {
501 dl_list_del(&req->list);
502 wpabuf_free(req->pkt);
503 os_free(req);
504 }
505 }
506
507
wpas_wfa_gen_capab_attr(struct wpa_supplicant * wpa_s)508 static struct wpabuf * wpas_wfa_gen_capab_attr(struct wpa_supplicant *wpa_s)
509 {
510 struct wpabuf *attr;
511 size_t gen_len, supp_len;
512 const u8 *supp;
513 u8 supp_buf[1];
514 bool add_cert;
515
516 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_DISABLED)
517 return NULL;
518
519 if (!wpa_s->conf->wfa_gen_capa_supp ||
520 wpabuf_len(wpa_s->conf->wfa_gen_capa_supp) == 0) {
521 supp_len = 1;
522 supp_buf[0] = 0;
523 if (wpa_s->hw_capab & BIT(CAPAB_HT))
524 supp_buf[0] |= BIT(0); /* Wi-Fi 4 */
525 if (wpa_s->hw_capab & BIT(CAPAB_VHT))
526 supp_buf[0] |= BIT(1); /* Wi-Fi 5 */
527 if (wpa_s->hw_capab & BIT(CAPAB_HE))
528 supp_buf[0] |= BIT(2); /* Wi-Fi 6 */
529 if (wpa_s->hw_capab & BIT(CAPAB_EHT))
530 supp_buf[0] |= BIT(3); /* Wi-Fi 7 */
531 supp = supp_buf;
532 } else {
533 supp_len = wpabuf_len(wpa_s->conf->wfa_gen_capa_supp);
534 supp = wpabuf_head(wpa_s->conf->wfa_gen_capa_supp);
535 }
536
537 add_cert = wpa_s->conf->wfa_gen_capa_cert &&
538 wpabuf_len(wpa_s->conf->wfa_gen_capa_cert) == supp_len;
539
540 gen_len = 1 + supp_len;
541 if (add_cert) {
542 gen_len++;
543 gen_len += wpabuf_len(wpa_s->conf->wfa_gen_capa_cert);
544 }
545
546 attr = wpabuf_alloc(2 + gen_len);
547 if (!attr)
548 return NULL;
549
550 wpabuf_put_u8(attr, WFA_CAPA_ATTR_GENERATIONAL_CAPAB);
551 wpabuf_put_u8(attr, gen_len);
552 wpabuf_put_u8(attr, supp_len);
553 wpabuf_put_data(attr, supp, supp_len);
554 if (add_cert) {
555 wpabuf_put_u8(attr,
556 wpabuf_len(wpa_s->conf->wfa_gen_capa_cert));
557 wpabuf_put_buf(attr, wpa_s->conf->wfa_gen_capa_cert);
558 }
559
560 return attr;
561 }
562
563
564
wpas_wfa_capab_tx(void * eloop_ctx,void * timeout_ctx)565 static void wpas_wfa_capab_tx(void *eloop_ctx, void *timeout_ctx)
566 {
567 struct wpa_supplicant *wpa_s = eloop_ctx;
568 struct wpabuf *attr, *buf;
569 size_t buf_len;
570
571 if (wpa_s->conf->wfa_gen_capa != WFA_GEN_CAPA_PROTECTED ||
572 wpa_s->wpa_state != WPA_COMPLETED ||
573 !pmf_in_use(wpa_s, wpa_s->bssid))
574 return;
575
576 attr = wpas_wfa_gen_capab_attr(wpa_s);
577 if (!attr)
578 return;
579
580 buf_len = 1 + 3 + 1 + 1 + wpabuf_len(attr);
581 buf = wpabuf_alloc(buf_len);
582 if (!buf) {
583 wpabuf_free(attr);
584 return;
585 }
586
587 wpabuf_put_u8(buf, WLAN_ACTION_VENDOR_SPECIFIC_PROTECTED);
588 wpabuf_put_be32(buf, WFA_CAPAB_VENDOR_TYPE);
589 wpabuf_put_u8(buf, 0); /* Capabilities Length */
590 wpabuf_put_buf(buf, attr);
591 wpabuf_free(attr);
592
593 wpa_printf(MSG_DEBUG, "WFA: Send WFA Capabilities frame");
594 if (wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
595 wpa_s->own_addr, wpa_s->bssid,
596 wpabuf_head(buf), wpabuf_len(buf), 0) < 0)
597 wpa_printf(MSG_DEBUG,
598 "WFA: Failed to send WFA Capabilities frame");
599
600 wpabuf_free(buf);
601 }
602
603
wpas_clear_disabled_interface(void * eloop_ctx,void * timeout_ctx)604 void wpas_clear_disabled_interface(void *eloop_ctx, void *timeout_ctx)
605 {
606 struct wpa_supplicant *wpa_s = eloop_ctx;
607
608 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
609 return;
610 wpa_dbg(wpa_s, MSG_DEBUG, "Clear cached state on disabled interface");
611 wpa_bss_flush(wpa_s);
612 }
613
614
615 #ifdef CONFIG_TESTING_OPTIONS
wpas_clear_driver_signal_override(struct wpa_supplicant * wpa_s)616 void wpas_clear_driver_signal_override(struct wpa_supplicant *wpa_s)
617 {
618 struct driver_signal_override *dso;
619
620 while ((dso = dl_list_first(&wpa_s->drv_signal_override,
621 struct driver_signal_override, list))) {
622 dl_list_del(&dso->list);
623 os_free(dso);
624 }
625 }
626 #endif /* CONFIG_TESTING_OPTIONS */
627
628
wpa_supplicant_cleanup(struct wpa_supplicant * wpa_s)629 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
630 {
631 int i;
632
633 bgscan_deinit(wpa_s);
634 autoscan_deinit(wpa_s);
635 scard_deinit(wpa_s->scard);
636 wpa_s->scard = NULL;
637 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
638 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
639 l2_packet_deinit(wpa_s->l2);
640 wpa_s->l2 = NULL;
641 if (wpa_s->l2_br) {
642 l2_packet_deinit(wpa_s->l2_br);
643 wpa_s->l2_br = NULL;
644 }
645 #ifdef CONFIG_TESTING_OPTIONS
646 l2_packet_deinit(wpa_s->l2_test);
647 wpa_s->l2_test = NULL;
648 os_free(wpa_s->get_pref_freq_list_override);
649 wpa_s->get_pref_freq_list_override = NULL;
650 wpabuf_free(wpa_s->last_assoc_req_wpa_ie);
651 wpa_s->last_assoc_req_wpa_ie = NULL;
652 os_free(wpa_s->extra_sae_rejected_groups);
653 wpa_s->extra_sae_rejected_groups = NULL;
654 wpabuf_free(wpa_s->rsne_override_eapol);
655 wpa_s->rsne_override_eapol = NULL;
656 wpabuf_free(wpa_s->rsnxe_override_assoc);
657 wpa_s->rsnxe_override_assoc = NULL;
658 wpabuf_free(wpa_s->rsnxe_override_eapol);
659 wpa_s->rsnxe_override_eapol = NULL;
660 wpas_clear_driver_signal_override(wpa_s);
661 #endif /* CONFIG_TESTING_OPTIONS */
662
663 if (wpa_s->conf != NULL) {
664 struct wpa_ssid *ssid;
665 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
666 wpas_notify_network_removed(wpa_s, ssid);
667 }
668
669 os_free(wpa_s->confname);
670 wpa_s->confname = NULL;
671
672 os_free(wpa_s->confanother);
673 wpa_s->confanother = NULL;
674
675 os_free(wpa_s->last_con_fail_realm);
676 wpa_s->last_con_fail_realm = NULL;
677 wpa_s->last_con_fail_realm_len = 0;
678
679 wpa_sm_set_eapol(wpa_s->wpa, NULL);
680 eapol_sm_deinit(wpa_s->eapol);
681 wpa_s->eapol = NULL;
682
683 rsn_preauth_deinit(wpa_s->wpa);
684
685 #ifdef CONFIG_TDLS
686 wpa_tdls_deinit(wpa_s->wpa);
687 #endif /* CONFIG_TDLS */
688
689 #ifndef CONFIG_NO_WMM_AC
690 wmm_ac_clear_saved_tspecs(wpa_s);
691 #endif /* CONFIG_NO_WMM_AC */
692 pmksa_candidate_free(wpa_s->wpa);
693 ptksa_cache_deinit(wpa_s->ptksa);
694 wpa_s->ptksa = NULL;
695 wpa_sm_deinit(wpa_s->wpa);
696 wpa_s->wpa = NULL;
697 wpa_bssid_ignore_clear(wpa_s);
698
699 #ifdef CONFIG_PASN
700 wpas_pasn_auth_stop(wpa_s);
701 #endif /* CONFIG_PASN */
702
703 wpa_bss_deinit(wpa_s);
704
705 wpa_supplicant_cancel_delayed_sched_scan(wpa_s);
706 wpa_supplicant_cancel_scan(wpa_s);
707 wpa_supplicant_cancel_auth_timeout(wpa_s);
708 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL);
709 #ifdef CONFIG_DELAYED_MIC_ERROR_REPORT
710 eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report,
711 wpa_s, NULL);
712 #endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */
713
714 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
715 eloop_cancel_timeout(wpas_clear_disabled_interface, wpa_s, NULL);
716 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL);
717 eloop_cancel_timeout(wpas_wfa_capab_tx, wpa_s, NULL);
718
719 wpas_wps_deinit(wpa_s);
720
721 wpabuf_free(wpa_s->pending_eapol_rx);
722 wpa_s->pending_eapol_rx = NULL;
723
724 #ifdef CONFIG_IBSS_RSN
725 ibss_rsn_deinit(wpa_s->ibss_rsn);
726 wpa_s->ibss_rsn = NULL;
727 #endif /* CONFIG_IBSS_RSN */
728
729 sme_deinit(wpa_s);
730
731 #ifdef CONFIG_AP
732 wpa_supplicant_ap_deinit(wpa_s);
733 #endif /* CONFIG_AP */
734
735 wpas_p2p_deinit(wpa_s);
736
737 #ifdef CONFIG_OFFCHANNEL
738 offchannel_deinit(wpa_s);
739 #endif /* CONFIG_OFFCHANNEL */
740
741 wpa_supplicant_cancel_sched_scan(wpa_s);
742
743 os_free(wpa_s->next_scan_freqs);
744 wpa_s->next_scan_freqs = NULL;
745
746 os_free(wpa_s->manual_scan_freqs);
747 wpa_s->manual_scan_freqs = NULL;
748 os_free(wpa_s->select_network_scan_freqs);
749 wpa_s->select_network_scan_freqs = NULL;
750
751 os_free(wpa_s->manual_sched_scan_freqs);
752 wpa_s->manual_sched_scan_freqs = NULL;
753
754 wpas_mac_addr_rand_scan_clear(wpa_s, MAC_ADDR_RAND_ALL);
755
756 /*
757 * Need to remove any pending gas-query radio work before the
758 * gas_query_deinit() call because gas_query::work has not yet been set
759 * for works that have not been started. gas_query_free() will be unable
760 * to cancel such pending radio works and once the pending gas-query
761 * radio work eventually gets removed, the deinit notification call to
762 * gas_query_start_cb() would result in dereferencing freed memory.
763 */
764 if (wpa_s->radio)
765 radio_remove_works(wpa_s, "gas-query", 0);
766 gas_query_deinit(wpa_s->gas);
767 wpa_s->gas = NULL;
768 gas_server_deinit(wpa_s->gas_server);
769 wpa_s->gas_server = NULL;
770
771 free_hw_features(wpa_s);
772
773 ieee802_1x_dealloc_kay_sm(wpa_s);
774
775 os_free(wpa_s->bssid_filter);
776 wpa_s->bssid_filter = NULL;
777
778 os_free(wpa_s->disallow_aps_bssid);
779 wpa_s->disallow_aps_bssid = NULL;
780 os_free(wpa_s->disallow_aps_ssid);
781 wpa_s->disallow_aps_ssid = NULL;
782
783 wnm_bss_keep_alive_deinit(wpa_s);
784 wnm_btm_reset(wpa_s);
785
786 ext_password_deinit(wpa_s->ext_pw);
787 wpa_s->ext_pw = NULL;
788
789 wpabuf_free(wpa_s->last_gas_resp);
790 wpa_s->last_gas_resp = NULL;
791 wpabuf_free(wpa_s->prev_gas_resp);
792 wpa_s->prev_gas_resp = NULL;
793
794 os_free(wpa_s->last_scan_res);
795 wpa_s->last_scan_res = NULL;
796
797 #ifdef CONFIG_HS20
798 if (wpa_s->drv_priv)
799 wpa_drv_configure_frame_filters(wpa_s, 0);
800 #endif /* CONFIG_HS20 */
801
802 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
803 wpabuf_free(wpa_s->vendor_elem[i]);
804 wpa_s->vendor_elem[i] = NULL;
805 }
806
807 #ifndef CONFIG_NO_WMM_AC
808 wmm_ac_notify_disassoc(wpa_s);
809 #endif /* CONFIG_NO_WMM_AC */
810
811 wpa_s->sched_scan_plans_num = 0;
812 os_free(wpa_s->sched_scan_plans);
813 wpa_s->sched_scan_plans = NULL;
814
815 #ifdef CONFIG_MBO
816 wpa_s->non_pref_chan_num = 0;
817 os_free(wpa_s->non_pref_chan);
818 wpa_s->non_pref_chan = NULL;
819 #endif /* CONFIG_MBO */
820
821 free_bss_tmp_disallowed(wpa_s);
822
823 wpabuf_free(wpa_s->lci);
824 wpa_s->lci = NULL;
825 #ifndef CONFIG_NO_RRM
826 wpas_clear_beacon_rep_data(wpa_s);
827 #endif /* CONFIG_NO_RRM */
828
829 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
830 #ifdef CONFIG_MESH
831 {
832 struct external_pmksa_cache *entry;
833
834 while ((entry = dl_list_last(&wpa_s->mesh_external_pmksa_cache,
835 struct external_pmksa_cache,
836 list)) != NULL) {
837 dl_list_del(&entry->list);
838 os_free(entry->pmksa_cache);
839 os_free(entry);
840 }
841 }
842 #endif /* CONFIG_MESH */
843 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
844
845 wpas_flush_fils_hlp_req(wpa_s);
846
847 wpabuf_free(wpa_s->ric_ies);
848 wpa_s->ric_ies = NULL;
849
850 #ifdef CONFIG_DPP
851 wpas_dpp_deinit(wpa_s);
852 dpp_global_deinit(wpa_s->dpp);
853 wpa_s->dpp = NULL;
854 #endif /* CONFIG_DPP */
855
856 #ifdef CONFIG_NAN_USD
857 wpas_nan_usd_deinit(wpa_s);
858 #endif /* CONFIG_NAN_USD */
859
860 #ifdef CONFIG_PASN
861 wpas_pasn_auth_stop(wpa_s);
862 #endif /* CONFIG_PASN */
863 #ifndef CONFIG_NO_ROBUST_AV
864 wpas_scs_deinit(wpa_s);
865 wpas_dscp_deinit(wpa_s);
866 #endif /* CONFIG_NO_ROBUST_AV */
867
868 #ifdef CONFIG_OWE
869 os_free(wpa_s->owe_trans_scan_freq);
870 wpa_s->owe_trans_scan_freq = NULL;
871 #endif /* CONFIG_OWE */
872 }
873
874
875 /**
876 * wpa_clear_keys - Clear keys configured for the driver
877 * @wpa_s: Pointer to wpa_supplicant data
878 * @addr: Previously used BSSID or %NULL if not available
879 *
880 * This function clears the encryption keys that has been previously configured
881 * for the driver.
882 */
wpa_clear_keys(struct wpa_supplicant * wpa_s,const u8 * addr)883 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
884 {
885 int i, max = 6;
886
887 /* MLME-DELETEKEYS.request */
888 for (i = 0; i < max; i++) {
889 if (wpa_s->keys_cleared & BIT(i))
890 continue;
891 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, NULL, i, 0, NULL, 0,
892 NULL, 0, KEY_FLAG_GROUP);
893 }
894 /* Pairwise Key ID 1 for Extended Key ID is tracked in bit 15 */
895 if (~wpa_s->keys_cleared & (BIT(0) | BIT(15)) && addr &&
896 !is_zero_ether_addr(addr)) {
897 if (!(wpa_s->keys_cleared & BIT(0)))
898 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 0, 0,
899 NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE);
900 if (!(wpa_s->keys_cleared & BIT(15)))
901 wpa_drv_set_key(wpa_s, -1, WPA_ALG_NONE, addr, 1, 0,
902 NULL, 0, NULL, 0, KEY_FLAG_PAIRWISE);
903 /* MLME-SETPROTECTION.request(None) */
904 wpa_drv_mlme_setprotection(
905 wpa_s, addr,
906 MLME_SETPROTECTION_PROTECT_TYPE_NONE,
907 MLME_SETPROTECTION_KEY_TYPE_PAIRWISE);
908 }
909 wpa_s->keys_cleared = (u32) -1;
910 }
911
912
913 /**
914 * wpa_supplicant_state_txt - Get the connection state name as a text string
915 * @state: State (wpa_state; WPA_*)
916 * Returns: The state name as a printable text string
917 */
wpa_supplicant_state_txt(enum wpa_states state)918 const char * wpa_supplicant_state_txt(enum wpa_states state)
919 {
920 switch (state) {
921 case WPA_DISCONNECTED:
922 return "DISCONNECTED";
923 case WPA_INACTIVE:
924 return "INACTIVE";
925 case WPA_INTERFACE_DISABLED:
926 return "INTERFACE_DISABLED";
927 case WPA_SCANNING:
928 return "SCANNING";
929 case WPA_AUTHENTICATING:
930 return "AUTHENTICATING";
931 case WPA_ASSOCIATING:
932 return "ASSOCIATING";
933 case WPA_ASSOCIATED:
934 return "ASSOCIATED";
935 case WPA_4WAY_HANDSHAKE:
936 return "4WAY_HANDSHAKE";
937 case WPA_GROUP_HANDSHAKE:
938 return "GROUP_HANDSHAKE";
939 case WPA_COMPLETED:
940 return "COMPLETED";
941 default:
942 return "UNKNOWN";
943 }
944 }
945
946
947 #ifdef CONFIG_BGSCAN
948
wpa_supplicant_stop_bgscan(struct wpa_supplicant * wpa_s)949 static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s)
950 {
951 if (wpa_s->bgscan_ssid) {
952 bgscan_deinit(wpa_s);
953 wpa_s->bgscan_ssid = NULL;
954 }
955 }
956
957
958 /**
959 * wpa_supplicant_reset_bgscan - Reset the bgscan for the current SSID.
960 * @wpa_s: Pointer to the wpa_supplicant data
961 *
962 * Stop, start, or reconfigure the scan parameters depending on the method.
963 */
wpa_supplicant_reset_bgscan(struct wpa_supplicant * wpa_s)964 void wpa_supplicant_reset_bgscan(struct wpa_supplicant *wpa_s)
965 {
966 const char *name;
967
968 if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan)
969 name = wpa_s->current_ssid->bgscan;
970 else
971 name = wpa_s->conf->bgscan;
972 if (!name || name[0] == '\0') {
973 wpa_supplicant_stop_bgscan(wpa_s);
974 return;
975 }
976 if (wpas_driver_bss_selection(wpa_s))
977 return;
978 #ifdef CONFIG_P2P
979 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE)
980 return;
981 #endif /* CONFIG_P2P */
982
983 bgscan_deinit(wpa_s);
984 if (wpa_s->current_ssid) {
985 if (bgscan_init(wpa_s, wpa_s->current_ssid, name)) {
986 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
987 "bgscan");
988 /*
989 * Live without bgscan; it is only used as a roaming
990 * optimization, so the initial connection is not
991 * affected.
992 */
993 } else {
994 struct wpa_scan_results *scan_res;
995 wpa_s->bgscan_ssid = wpa_s->current_ssid;
996 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL,
997 0, NULL);
998 if (scan_res) {
999 bgscan_notify_scan(wpa_s, scan_res);
1000 wpa_scan_results_free(scan_res);
1001 }
1002 }
1003 } else
1004 wpa_s->bgscan_ssid = NULL;
1005 }
1006
1007 #endif /* CONFIG_BGSCAN */
1008
1009
wpa_supplicant_start_autoscan(struct wpa_supplicant * wpa_s)1010 static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s)
1011 {
1012 if (autoscan_init(wpa_s, 0))
1013 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan");
1014 }
1015
1016
wpa_supplicant_stop_autoscan(struct wpa_supplicant * wpa_s)1017 static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s)
1018 {
1019 autoscan_deinit(wpa_s);
1020 }
1021
1022
wpa_supplicant_reinit_autoscan(struct wpa_supplicant * wpa_s)1023 void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s)
1024 {
1025 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
1026 wpa_s->wpa_state == WPA_SCANNING) {
1027 autoscan_deinit(wpa_s);
1028 wpa_supplicant_start_autoscan(wpa_s);
1029 }
1030 }
1031
1032
wpas_verify_ssid_beacon(void * eloop_ctx,void * timeout_ctx)1033 static void wpas_verify_ssid_beacon(void *eloop_ctx, void *timeout_ctx)
1034 {
1035 struct wpa_supplicant *wpa_s = eloop_ctx;
1036 struct wpa_bss *bss;
1037 const u8 *ssid;
1038 size_t ssid_len;
1039
1040 if (!wpa_s->current_ssid || !wpa_s->current_bss)
1041 return;
1042
1043 ssid = wpa_s->current_bss->ssid;
1044 ssid_len = wpa_s->current_bss->ssid_len;
1045
1046 if (wpa_s->current_ssid->ssid_len &&
1047 (wpa_s->current_ssid->ssid_len != ssid_len ||
1048 os_memcmp(wpa_s->current_ssid->ssid, ssid, ssid_len) != 0))
1049 return;
1050
1051 if (wpa_s->wpa_state < WPA_4WAY_HANDSHAKE ||
1052 !wpa_s->bigtk_set || wpa_s->ssid_verified)
1053 return;
1054
1055 wpa_printf(MSG_DEBUG,
1056 "SSID not yet verified; check if the driver has received a verified Beacon frame");
1057 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0)
1058 return;
1059
1060 /* wpa->current_bss might have changed due to memory reallocation, so
1061 * need to update ssid/ssid_len */
1062 if (!wpa_s->current_bss)
1063 return;
1064 ssid = wpa_s->current_bss->ssid;
1065 ssid_len = wpa_s->current_bss->ssid_len;
1066
1067 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid);
1068 if (!bss)
1069 return;
1070 wpa_printf(MSG_DEBUG, "The current beacon time stamp: 0x%llx",
1071 (long long unsigned int) bss->tsf);
1072 if (bss->tsf > wpa_s->first_beacon_tsf) {
1073 const u8 *ie;
1074
1075 wpa_printf(MSG_DEBUG,
1076 "Verified Beacon frame has been received");
1077 wpa_s->beacons_checked++;
1078
1079 ie = wpa_bss_get_ie_beacon(bss, WLAN_EID_SSID);
1080 if (ie && ie[1] == ssid_len &&
1081 os_memcmp(&ie[2], ssid, ssid_len) == 0) {
1082 wpa_printf(MSG_DEBUG,
1083 "SSID verified based on a Beacon frame and beacon protection");
1084 wpa_s->ssid_verified = true;
1085 return;
1086 }
1087
1088 /* TODO: Multiple BSSID element */
1089 }
1090
1091 if (wpa_s->beacons_checked < 16) {
1092 eloop_register_timeout(wpa_s->next_beacon_check, 0,
1093 wpas_verify_ssid_beacon, wpa_s, NULL);
1094 wpa_s->next_beacon_check++;
1095 }
1096 }
1097
1098
wpas_verify_ssid_beacon_prot(struct wpa_supplicant * wpa_s)1099 static void wpas_verify_ssid_beacon_prot(struct wpa_supplicant *wpa_s)
1100 {
1101 struct wpa_bss *bss;
1102
1103 wpa_printf(MSG_DEBUG,
1104 "SSID not yet verified; try to verify using beacon protection");
1105 /* Fetch the current scan result which is likely based on not yet
1106 * verified payload since the current BIGTK was just received. Any
1107 * newer update in the future with a larger timestamp value is an
1108 * indication that a verified Beacon frame has been received. */
1109 if (wpa_supplicant_update_scan_results(wpa_s, wpa_s->bssid) < 0)
1110 return;
1111
1112 bss = wpa_bss_get_bssid_latest(wpa_s, wpa_s->bssid);
1113 if (!bss)
1114 return;
1115 wpa_printf(MSG_DEBUG, "The initial beacon time stamp: 0x%llx",
1116 (long long unsigned int) bss->tsf);
1117 wpa_s->first_beacon_tsf = bss->tsf;
1118 wpa_s->beacons_checked = 0;
1119 wpa_s->next_beacon_check = 1;
1120 eloop_cancel_timeout(wpas_verify_ssid_beacon, wpa_s, NULL);
1121 eloop_register_timeout(1, 0, wpas_verify_ssid_beacon, wpa_s, NULL);
1122 }
1123
1124
1125 /**
1126 * wpa_supplicant_set_state - Set current connection state
1127 * @wpa_s: Pointer to wpa_supplicant data
1128 * @state: The new connection state
1129 *
1130 * This function is called whenever the connection state changes, e.g.,
1131 * association is completed for WPA/WPA2 4-Way Handshake is started.
1132 */
wpa_supplicant_set_state(struct wpa_supplicant * wpa_s,enum wpa_states state)1133 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s,
1134 enum wpa_states state)
1135 {
1136 enum wpa_states old_state = wpa_s->wpa_state;
1137 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1138 bool update_fils_connect_params = false;
1139 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1140
1141 wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s",
1142 wpa_supplicant_state_txt(wpa_s->wpa_state),
1143 wpa_supplicant_state_txt(state));
1144
1145 if (state == WPA_COMPLETED &&
1146 os_reltime_initialized(&wpa_s->roam_start)) {
1147 os_reltime_age(&wpa_s->roam_start, &wpa_s->roam_time);
1148 wpa_s->roam_start.sec = 0;
1149 wpa_s->roam_start.usec = 0;
1150 wpas_notify_auth_changed(wpa_s);
1151 wpas_notify_roam_time(wpa_s);
1152 wpas_notify_roam_complete(wpa_s);
1153 } else if (state == WPA_DISCONNECTED &&
1154 os_reltime_initialized(&wpa_s->roam_start)) {
1155 wpa_s->roam_start.sec = 0;
1156 wpa_s->roam_start.usec = 0;
1157 wpa_s->roam_time.sec = 0;
1158 wpa_s->roam_time.usec = 0;
1159 wpas_notify_roam_complete(wpa_s);
1160 }
1161
1162 if (state == WPA_INTERFACE_DISABLED) {
1163 /* Assure normal scan when interface is restored */
1164 wpa_s->normal_scans = 0;
1165 }
1166
1167 if (state == WPA_COMPLETED) {
1168 wpas_connect_work_done(wpa_s);
1169 /* Reinitialize normal_scan counter */
1170 wpa_s->normal_scans = 0;
1171 }
1172
1173 #ifdef CONFIG_P2P
1174 /*
1175 * P2PS client has to reply to Probe Request frames received on the
1176 * group operating channel. Enable Probe Request frame reporting for
1177 * P2P connected client in case p2p_cli_probe configuration property is
1178 * set to 1.
1179 */
1180 if (wpa_s->conf->p2p_cli_probe && wpa_s->current_ssid &&
1181 wpa_s->current_ssid->mode == WPAS_MODE_INFRA &&
1182 wpa_s->current_ssid->p2p_group) {
1183 if (state == WPA_COMPLETED && !wpa_s->p2p_cli_probe) {
1184 wpa_dbg(wpa_s, MSG_DEBUG,
1185 "P2P: Enable CLI Probe Request RX reporting");
1186 wpa_s->p2p_cli_probe =
1187 wpa_drv_probe_req_report(wpa_s, 1) >= 0;
1188 } else if (state != WPA_COMPLETED && wpa_s->p2p_cli_probe) {
1189 wpa_dbg(wpa_s, MSG_DEBUG,
1190 "P2P: Disable CLI Probe Request RX reporting");
1191 wpa_s->p2p_cli_probe = 0;
1192 wpa_drv_probe_req_report(wpa_s, 0);
1193 }
1194 }
1195 #endif /* CONFIG_P2P */
1196
1197 if (state != WPA_SCANNING)
1198 wpa_supplicant_notify_scanning(wpa_s, 0);
1199
1200 if (state == WPA_COMPLETED && wpa_s->new_connection) {
1201 struct wpa_ssid *ssid = wpa_s->current_ssid;
1202 int fils_hlp_sent = 0;
1203 char mld_addr[50];
1204
1205 mld_addr[0] = '\0';
1206 if (wpa_s->valid_links)
1207 os_snprintf(mld_addr, sizeof(mld_addr),
1208 " ap_mld_addr=" MACSTR,
1209 MAC2STR(wpa_s->ap_mld_addr));
1210
1211 #ifdef CONFIG_SME
1212 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1213 wpa_auth_alg_fils(wpa_s->sme.auth_alg))
1214 fils_hlp_sent = 1;
1215 #endif /* CONFIG_SME */
1216 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
1217 wpa_auth_alg_fils(wpa_s->auth_alg))
1218 fils_hlp_sent = 1;
1219
1220 #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG)
1221 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
1222 MACSTR " completed [id=%d id_str=%s%s]%s",
1223 MAC2STR(wpa_s->bssid),
1224 ssid ? ssid->id : -1,
1225 ssid && ssid->id_str ? ssid->id_str : "",
1226 fils_hlp_sent ? " FILS_HLP_SENT" : "", mld_addr);
1227 #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */
1228 wpas_clear_temp_disabled(wpa_s, ssid, 1);
1229 wpa_s->consecutive_conn_failures = 0;
1230 wpa_s->new_connection = 0;
1231 wpa_drv_set_operstate(wpa_s, 1);
1232 #ifndef IEEE8021X_EAPOL
1233 wpa_drv_set_supp_port(wpa_s, 1);
1234 #endif /* IEEE8021X_EAPOL */
1235 wpa_s->after_wps = 0;
1236 wpa_s->known_wps_freq = 0;
1237 wpas_p2p_completed(wpa_s);
1238
1239 sme_sched_obss_scan(wpa_s, 1);
1240
1241 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1242 if (!fils_hlp_sent && ssid && ssid->eap.erp)
1243 update_fils_connect_params = true;
1244 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1245 #ifdef CONFIG_OWE
1246 if (ssid && (ssid->key_mgmt & WPA_KEY_MGMT_OWE))
1247 wpas_update_owe_connect_params(wpa_s);
1248 #endif /* CONFIG_OWE */
1249 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_PROTECTED &&
1250 pmf_in_use(wpa_s, wpa_s->bssid)) {
1251 eloop_cancel_timeout(wpas_wfa_capab_tx, wpa_s, NULL);
1252 eloop_register_timeout(0, 100000, wpas_wfa_capab_tx,
1253 wpa_s, NULL);
1254 }
1255 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
1256 state == WPA_ASSOCIATED) {
1257 wpa_s->new_connection = 1;
1258 wpa_drv_set_operstate(wpa_s, 0);
1259 #ifndef IEEE8021X_EAPOL
1260 wpa_drv_set_supp_port(wpa_s, 0);
1261 #endif /* IEEE8021X_EAPOL */
1262 sme_sched_obss_scan(wpa_s, 0);
1263 }
1264 wpa_s->wpa_state = state;
1265
1266 #ifdef CONFIG_BGSCAN
1267 if (state == WPA_COMPLETED && wpa_s->current_ssid != wpa_s->bgscan_ssid)
1268 wpa_supplicant_reset_bgscan(wpa_s);
1269 else if (state < WPA_ASSOCIATED)
1270 wpa_supplicant_stop_bgscan(wpa_s);
1271 #endif /* CONFIG_BGSCAN */
1272
1273 if (state > WPA_SCANNING)
1274 wpa_supplicant_stop_autoscan(wpa_s);
1275
1276 if (state == WPA_DISCONNECTED || state == WPA_INACTIVE)
1277 wpa_supplicant_start_autoscan(wpa_s);
1278
1279 if (state == WPA_COMPLETED || state == WPA_INTERFACE_DISABLED ||
1280 state == WPA_INACTIVE)
1281 wnm_btm_reset(wpa_s);
1282
1283 #ifndef CONFIG_NO_WMM_AC
1284 if (old_state >= WPA_ASSOCIATED && wpa_s->wpa_state < WPA_ASSOCIATED)
1285 wmm_ac_notify_disassoc(wpa_s);
1286 #endif /* CONFIG_NO_WMM_AC */
1287
1288 if (wpa_s->wpa_state != old_state) {
1289 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1290
1291 /*
1292 * Notify the P2P Device interface about a state change in one
1293 * of the interfaces.
1294 */
1295 wpas_p2p_indicate_state_change(wpa_s);
1296
1297 if (wpa_s->wpa_state == WPA_COMPLETED ||
1298 old_state == WPA_COMPLETED)
1299 wpas_notify_auth_changed(wpa_s);
1300 #ifdef CONFIG_DPP2
1301 if (wpa_s->wpa_state == WPA_COMPLETED)
1302 wpas_dpp_connected(wpa_s);
1303 #endif /* CONFIG_DPP2 */
1304
1305 if (wpa_s->wpa_state == WPA_COMPLETED &&
1306 wpa_s->bigtk_set && !wpa_s->ssid_verified)
1307 wpas_verify_ssid_beacon_prot(wpa_s);
1308 }
1309 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
1310 if (update_fils_connect_params)
1311 wpas_update_fils_connect_params(wpa_s);
1312 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
1313 }
1314
1315
wpa_supplicant_terminate_proc(struct wpa_global * global)1316 void wpa_supplicant_terminate_proc(struct wpa_global *global)
1317 {
1318 int pending = 0;
1319 #ifdef CONFIG_WPS
1320 struct wpa_supplicant *wpa_s = global->ifaces;
1321 while (wpa_s) {
1322 struct wpa_supplicant *next = wpa_s->next;
1323 if (wpas_wps_terminate_pending(wpa_s) == 1)
1324 pending = 1;
1325 #ifdef CONFIG_P2P
1326 if (wpa_s->p2p_group_interface != NOT_P2P_GROUP_INTERFACE ||
1327 (wpa_s->current_ssid && wpa_s->current_ssid->p2p_group))
1328 wpas_p2p_disconnect(wpa_s);
1329 #endif /* CONFIG_P2P */
1330 wpa_s = next;
1331 }
1332 #endif /* CONFIG_WPS */
1333 if (pending)
1334 return;
1335 eloop_terminate();
1336 }
1337
1338
wpa_supplicant_terminate(int sig,void * signal_ctx)1339 static void wpa_supplicant_terminate(int sig, void *signal_ctx)
1340 {
1341 struct wpa_global *global = signal_ctx;
1342 wpa_supplicant_terminate_proc(global);
1343 }
1344
1345
wpa_supplicant_clear_status(struct wpa_supplicant * wpa_s)1346 void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s)
1347 {
1348 enum wpa_states old_state = wpa_s->wpa_state;
1349 enum wpa_states new_state;
1350
1351 if (old_state == WPA_SCANNING)
1352 new_state = WPA_SCANNING;
1353 else
1354 new_state = WPA_DISCONNECTED;
1355
1356 wpa_s->pairwise_cipher = 0;
1357 wpa_s->group_cipher = 0;
1358 wpa_s->mgmt_group_cipher = 0;
1359 wpa_s->key_mgmt = 0;
1360 wpa_s->allowed_key_mgmts = 0;
1361 if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED)
1362 wpa_supplicant_set_state(wpa_s, new_state);
1363
1364 if (wpa_s->wpa_state != old_state)
1365 wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state);
1366 }
1367
1368
1369 /**
1370 * wpa_supplicant_reload_configuration - Reload configuration data
1371 * @wpa_s: Pointer to wpa_supplicant data
1372 * Returns: 0 on success or -1 if configuration parsing failed
1373 *
1374 * This function can be used to request that the configuration data is reloaded
1375 * (e.g., after configuration file change). This function is reloading
1376 * configuration only for one interface, so this may need to be called multiple
1377 * times if %wpa_supplicant is controlling multiple interfaces and all
1378 * interfaces need reconfiguration.
1379 */
wpa_supplicant_reload_configuration(struct wpa_supplicant * wpa_s)1380 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
1381 {
1382 struct wpa_config *conf;
1383 int reconf_ctrl;
1384 int old_ap_scan;
1385
1386 if (wpa_s->confname == NULL)
1387 return -1;
1388 conf = wpa_config_read(wpa_s->confname, NULL, false);
1389 if (conf == NULL) {
1390 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
1391 "file '%s' - exiting", wpa_s->confname);
1392 return -1;
1393 }
1394 if (wpa_s->confanother &&
1395 !wpa_config_read(wpa_s->confanother, conf, true)) {
1396 wpa_msg(wpa_s, MSG_ERROR,
1397 "Failed to parse the configuration file '%s' - exiting",
1398 wpa_s->confanother);
1399 return -1;
1400 }
1401
1402 conf->changed_parameters = (unsigned int) -1;
1403
1404 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
1405 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
1406 os_strcmp(conf->ctrl_interface,
1407 wpa_s->conf->ctrl_interface) != 0);
1408
1409 if (reconf_ctrl) {
1410 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
1411 wpa_s->ctrl_iface = NULL;
1412 }
1413
1414 eapol_sm_invalidate_cached_session(wpa_s->eapol);
1415 if (wpa_s->current_ssid) {
1416 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
1417 wpa_s->own_disconnect_req = 1;
1418 wpa_supplicant_deauthenticate(wpa_s,
1419 WLAN_REASON_DEAUTH_LEAVING);
1420 }
1421
1422 /*
1423 * TODO: should notify EAPOL SM about changes in opensc_engine_path,
1424 * pkcs11_engine_path, pkcs11_module_path, openssl_ciphers.
1425 */
1426 if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
1427 wpa_s->key_mgmt == WPA_KEY_MGMT_OWE ||
1428 wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
1429 /*
1430 * Clear forced success to clear EAP state for next
1431 * authentication.
1432 */
1433 eapol_sm_notify_eap_success(wpa_s->eapol, false);
1434 }
1435 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
1436 wpa_sm_set_config(wpa_s->wpa, NULL);
1437 wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL);
1438 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
1439 rsn_preauth_deinit(wpa_s->wpa);
1440
1441 old_ap_scan = wpa_s->conf->ap_scan;
1442 wpa_config_free(wpa_s->conf);
1443 wpa_s->conf = conf;
1444 if (old_ap_scan != wpa_s->conf->ap_scan)
1445 wpas_notify_ap_scan_changed(wpa_s);
1446
1447 if (reconf_ctrl)
1448 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
1449
1450 wpa_supplicant_update_config(wpa_s);
1451
1452 wpa_supplicant_clear_status(wpa_s);
1453 if (wpa_supplicant_enabled_networks(wpa_s)) {
1454 wpa_s->reassociate = 1;
1455 wpa_supplicant_req_scan(wpa_s, 0, 0);
1456 }
1457 wpa_bssid_ignore_clear(wpa_s);
1458 wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
1459 return 0;
1460 }
1461
1462
wpa_supplicant_reconfig(int sig,void * signal_ctx)1463 static void wpa_supplicant_reconfig(int sig, void *signal_ctx)
1464 {
1465 struct wpa_global *global = signal_ctx;
1466 struct wpa_supplicant *wpa_s;
1467 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
1468 wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring",
1469 sig);
1470 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
1471 wpa_supplicant_terminate_proc(global);
1472 }
1473 }
1474
1475 if (wpa_debug_reopen_file() < 0) {
1476 /* Ignore errors since we cannot really do much to fix this */
1477 wpa_printf(MSG_DEBUG, "Could not reopen debug log file");
1478 }
1479 }
1480
1481
wpa_supplicant_suites_from_ai(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1482 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
1483 struct wpa_ssid *ssid,
1484 struct wpa_ie_data *ie)
1485 {
1486 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
1487 if (ret) {
1488 if (ret == -2) {
1489 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
1490 "from association info");
1491 }
1492 return -1;
1493 }
1494
1495 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set "
1496 "cipher suites");
1497 if (!(ie->group_cipher & ssid->group_cipher)) {
1498 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
1499 "cipher 0x%x (mask 0x%x) - reject",
1500 ie->group_cipher, ssid->group_cipher);
1501 return -1;
1502 }
1503 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
1504 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
1505 "cipher 0x%x (mask 0x%x) - reject",
1506 ie->pairwise_cipher, ssid->pairwise_cipher);
1507 return -1;
1508 }
1509 if (!(ie->key_mgmt & ssid->key_mgmt)) {
1510 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
1511 "management 0x%x (mask 0x%x) - reject",
1512 ie->key_mgmt, ssid->key_mgmt);
1513 return -1;
1514 }
1515
1516 if (!(ie->capabilities & WPA_CAPABILITY_MFPC) &&
1517 wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED) {
1518 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP "
1519 "that does not support management frame protection - "
1520 "reject");
1521 return -1;
1522 }
1523
1524 return 0;
1525 }
1526
1527
matching_ciphers(struct wpa_ssid * ssid,struct wpa_ie_data * ie,int freq)1528 static int matching_ciphers(struct wpa_ssid *ssid, struct wpa_ie_data *ie,
1529 int freq)
1530 {
1531 if (!ie->has_group)
1532 ie->group_cipher = wpa_default_rsn_cipher(freq);
1533 if (!ie->has_pairwise)
1534 ie->pairwise_cipher = wpa_default_rsn_cipher(freq);
1535 return (ie->group_cipher & ssid->group_cipher) &&
1536 (ie->pairwise_cipher & ssid->pairwise_cipher);
1537 }
1538
1539
wpas_set_mgmt_group_cipher(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_ie_data * ie)1540 void wpas_set_mgmt_group_cipher(struct wpa_supplicant *wpa_s,
1541 struct wpa_ssid *ssid, struct wpa_ie_data *ie)
1542 {
1543 int sel;
1544
1545 sel = ie->mgmt_group_cipher;
1546 if (ssid->group_mgmt_cipher)
1547 sel &= ssid->group_mgmt_cipher;
1548 if (wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION ||
1549 !(ie->capabilities & WPA_CAPABILITY_MFPC))
1550 sel = 0;
1551 wpa_dbg(wpa_s, MSG_DEBUG,
1552 "WPA: AP mgmt_group_cipher 0x%x network profile mgmt_group_cipher 0x%x; available mgmt_group_cipher 0x%x",
1553 ie->mgmt_group_cipher, ssid->group_mgmt_cipher, sel);
1554 if (sel & WPA_CIPHER_AES_128_CMAC) {
1555 wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC;
1556 wpa_dbg(wpa_s, MSG_DEBUG,
1557 "WPA: using MGMT group cipher AES-128-CMAC");
1558 } else if (sel & WPA_CIPHER_BIP_GMAC_128) {
1559 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_128;
1560 wpa_dbg(wpa_s, MSG_DEBUG,
1561 "WPA: using MGMT group cipher BIP-GMAC-128");
1562 } else if (sel & WPA_CIPHER_BIP_GMAC_256) {
1563 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_GMAC_256;
1564 wpa_dbg(wpa_s, MSG_DEBUG,
1565 "WPA: using MGMT group cipher BIP-GMAC-256");
1566 } else if (sel & WPA_CIPHER_BIP_CMAC_256) {
1567 wpa_s->mgmt_group_cipher = WPA_CIPHER_BIP_CMAC_256;
1568 wpa_dbg(wpa_s, MSG_DEBUG,
1569 "WPA: using MGMT group cipher BIP-CMAC-256");
1570 } else {
1571 wpa_s->mgmt_group_cipher = 0;
1572 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher");
1573 }
1574 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP,
1575 wpa_s->mgmt_group_cipher);
1576 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
1577 wpas_get_ssid_pmf(wpa_s, ssid));
1578 }
1579
1580 /**
1581 * wpa_supplicant_get_psk - Get PSK from config or external database
1582 * @wpa_s: Pointer to wpa_supplicant data
1583 * @bss: Scan results for the selected BSS, or %NULL if not available
1584 * @ssid: Configuration data for the selected network
1585 * @psk: Buffer for the PSK
1586 * Returns: 0 on success or -1 if configuration parsing failed
1587 *
1588 * This function obtains the PSK for a network, either included inline in the
1589 * config or retrieved from an external database.
1590 */
wpa_supplicant_get_psk(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * psk)1591 static int wpa_supplicant_get_psk(struct wpa_supplicant *wpa_s,
1592 struct wpa_bss *bss, struct wpa_ssid *ssid,
1593 u8 *psk)
1594 {
1595 if (ssid->psk_set) {
1596 wpa_hexdump_key(MSG_MSGDUMP, "PSK (set in config)",
1597 ssid->psk, PMK_LEN);
1598 os_memcpy(psk, ssid->psk, PMK_LEN);
1599 return 0;
1600 }
1601
1602 #ifndef CONFIG_NO_PBKDF2
1603 if (bss && ssid->bssid_set && ssid->ssid_len == 0 && ssid->passphrase) {
1604 if (pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len,
1605 4096, psk, PMK_LEN) != 0) {
1606 wpa_msg(wpa_s, MSG_WARNING, "Error in pbkdf2_sha1()");
1607 return -1;
1608 }
1609 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)",
1610 psk, PMK_LEN);
1611 return 0;
1612 }
1613 #endif /* CONFIG_NO_PBKDF2 */
1614
1615 #ifdef CONFIG_EXT_PASSWORD
1616 if (ssid->ext_psk) {
1617 struct wpabuf *pw = ext_password_get(wpa_s->ext_pw,
1618 ssid->ext_psk);
1619 char pw_str[64 + 1];
1620
1621 if (!pw) {
1622 wpa_msg(wpa_s, MSG_INFO,
1623 "EXT PW: No PSK found from external storage");
1624 return -1;
1625 }
1626
1627 if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) {
1628 wpa_msg(wpa_s, MSG_INFO,
1629 "EXT PW: Unexpected PSK length %d in external storage",
1630 (int) wpabuf_len(pw));
1631 ext_password_free(pw);
1632 return -1;
1633 }
1634
1635 os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw));
1636 pw_str[wpabuf_len(pw)] = '\0';
1637
1638 #ifndef CONFIG_NO_PBKDF2
1639 if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss)
1640 {
1641 if (pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len,
1642 4096, psk, PMK_LEN) != 0) {
1643 wpa_msg(wpa_s, MSG_WARNING,
1644 "Error in pbkdf2_sha1()");
1645 forced_memzero(pw_str, sizeof(pw_str));
1646 ext_password_free(pw);
1647 return -1;
1648 }
1649 wpa_hexdump_key(MSG_MSGDUMP,
1650 "PSK (from external passphrase)",
1651 psk, PMK_LEN);
1652 } else
1653 #endif /* CONFIG_NO_PBKDF2 */
1654 if (wpabuf_len(pw) == 2 * PMK_LEN) {
1655 if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) {
1656 wpa_msg(wpa_s, MSG_INFO,
1657 "EXT PW: Invalid PSK hex string");
1658 forced_memzero(pw_str, sizeof(pw_str));
1659 ext_password_free(pw);
1660 return -1;
1661 }
1662 wpa_hexdump_key(MSG_MSGDUMP, "PSK (from external PSK)",
1663 psk, PMK_LEN);
1664 } else {
1665 wpa_msg(wpa_s, MSG_INFO,
1666 "EXT PW: No suitable PSK available");
1667 forced_memzero(pw_str, sizeof(pw_str));
1668 ext_password_free(pw);
1669 return -1;
1670 }
1671
1672 forced_memzero(pw_str, sizeof(pw_str));
1673 ext_password_free(pw);
1674
1675 return 0;
1676 }
1677 #endif /* CONFIG_EXT_PASSWORD */
1678
1679 return -1;
1680 }
1681
1682
wpas_update_allowed_key_mgmt(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)1683 static void wpas_update_allowed_key_mgmt(struct wpa_supplicant *wpa_s,
1684 struct wpa_ssid *ssid)
1685 {
1686 int akm_count = wpa_s->max_num_akms;
1687 u8 capab = 0;
1688 #ifdef CONFIG_SAE
1689 enum sae_pwe sae_pwe;
1690 #endif /* CONFIG_SAE */
1691
1692 if (akm_count < 2)
1693 return;
1694
1695 akm_count--;
1696 wpa_s->allowed_key_mgmts = 0;
1697 switch (wpa_s->key_mgmt) {
1698 case WPA_KEY_MGMT_PSK:
1699 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1700 akm_count--;
1701 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1702 }
1703 if (!akm_count)
1704 break;
1705 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1706 akm_count--;
1707 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1708 }
1709 if (!akm_count)
1710 break;
1711 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1712 wpa_s->allowed_key_mgmts |=
1713 WPA_KEY_MGMT_PSK_SHA256;
1714 break;
1715 case WPA_KEY_MGMT_PSK_SHA256:
1716 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1717 akm_count--;
1718 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1719 }
1720 if (!akm_count)
1721 break;
1722 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1723 akm_count--;
1724 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1725 }
1726 if (!akm_count)
1727 break;
1728 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
1729 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1730 break;
1731 case WPA_KEY_MGMT_SAE:
1732 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1733 akm_count--;
1734 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1735 }
1736 if (!akm_count)
1737 break;
1738 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE_EXT_KEY) {
1739 akm_count--;
1740 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE_EXT_KEY;
1741 }
1742 if (!akm_count)
1743 break;
1744 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1745 wpa_s->allowed_key_mgmts |=
1746 WPA_KEY_MGMT_PSK_SHA256;
1747 break;
1748 case WPA_KEY_MGMT_SAE_EXT_KEY:
1749 if (ssid->key_mgmt & WPA_KEY_MGMT_SAE) {
1750 akm_count--;
1751 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_SAE;
1752 }
1753 if (!akm_count)
1754 break;
1755 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK) {
1756 akm_count--;
1757 wpa_s->allowed_key_mgmts |= WPA_KEY_MGMT_PSK;
1758 }
1759 if (!akm_count)
1760 break;
1761 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK_SHA256)
1762 wpa_s->allowed_key_mgmts |=
1763 WPA_KEY_MGMT_PSK_SHA256;
1764 break;
1765 default:
1766 return;
1767 }
1768
1769 #ifdef CONFIG_SAE
1770 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid);
1771 if (sae_pwe != SAE_PWE_HUNT_AND_PECK &&
1772 sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
1773 capab |= BIT(WLAN_RSNX_CAPAB_SAE_H2E);
1774 #ifdef CONFIG_SAE_PK
1775 if (ssid->sae_pk)
1776 capab |= BIT(WLAN_RSNX_CAPAB_SAE_PK);
1777 #endif /* CONFIG_SAE_PK */
1778 #endif /* CONFIG_SAE */
1779
1780 if (!((wpa_s->allowed_key_mgmts &
1781 (WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY)) && capab))
1782 return;
1783
1784 if (!wpa_s->rsnxe_len) {
1785 wpa_s->rsnxe_len = 3;
1786 wpa_s->rsnxe[0] = WLAN_EID_RSNX;
1787 wpa_s->rsnxe[1] = 1;
1788 wpa_s->rsnxe[2] = 0;
1789 }
1790
1791 wpa_s->rsnxe[2] |= capab;
1792 }
1793
1794
1795 /**
1796 * wpa_supplicant_set_suites - Set authentication and encryption parameters
1797 * @wpa_s: Pointer to wpa_supplicant data
1798 * @bss: Scan results for the selected BSS, or %NULL if not available
1799 * @ssid: Configuration data for the selected network
1800 * @wpa_ie: Buffer for the WPA/RSN IE
1801 * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the
1802 * used buffer length in case the functions returns success.
1803 * @skip_default_rsne: Whether to skip setting of the default RSNE/RSNXE
1804 * Returns: 0 on success or -1 on failure
1805 *
1806 * This function is used to configure authentication and encryption parameters
1807 * based on the network configuration and scan result for the selected BSS (if
1808 * available).
1809 */
wpa_supplicant_set_suites(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,u8 * wpa_ie,size_t * wpa_ie_len,bool skip_default_rsne)1810 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
1811 struct wpa_bss *bss, struct wpa_ssid *ssid,
1812 u8 *wpa_ie, size_t *wpa_ie_len,
1813 bool skip_default_rsne)
1814 {
1815 struct wpa_ie_data ie;
1816 int sel, proto;
1817 #ifdef CONFIG_SAE
1818 enum sae_pwe sae_pwe;
1819 #endif /* CONFIG_SAE */
1820 const u8 *bss_wpa, *bss_rsn, *bss_rsnx;
1821 bool wmm;
1822
1823 if (bss) {
1824 bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE);
1825 bss_rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false);
1826 bss_rsnx = wpa_bss_get_rsnxe(wpa_s, bss, ssid, false);
1827 } else {
1828 bss_wpa = bss_rsn = bss_rsnx = NULL;
1829 }
1830
1831 if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) &&
1832 wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 &&
1833 matching_ciphers(ssid, &ie, bss->freq) &&
1834 (ie.key_mgmt & ssid->key_mgmt)) {
1835 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
1836 proto = WPA_PROTO_RSN;
1837 } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) &&
1838 wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie) == 0 &&
1839 (ie.group_cipher & ssid->group_cipher) &&
1840 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
1841 (ie.key_mgmt & ssid->key_mgmt)) {
1842 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
1843 proto = WPA_PROTO_WPA;
1844 } else if (bss) {
1845 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
1846 wpa_dbg(wpa_s, MSG_DEBUG,
1847 "WPA: ssid proto=0x%x pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1848 ssid->proto, ssid->pairwise_cipher, ssid->group_cipher,
1849 ssid->key_mgmt);
1850 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: BSS " MACSTR " ssid='%s'%s%s",
1851 MAC2STR(bss->bssid),
1852 wpa_ssid_txt(bss->ssid, bss->ssid_len),
1853 bss_wpa ? " WPA" : "",
1854 bss_rsn ? " RSN" : "");
1855 if (bss_rsn) {
1856 wpa_hexdump(MSG_DEBUG, "RSN", bss_rsn, 2 + bss_rsn[1]);
1857 if (wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie)) {
1858 wpa_dbg(wpa_s, MSG_DEBUG,
1859 "Could not parse RSN element");
1860 } else {
1861 wpa_dbg(wpa_s, MSG_DEBUG,
1862 "RSN: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1863 ie.pairwise_cipher, ie.group_cipher,
1864 ie.key_mgmt);
1865 }
1866 }
1867 if (bss_wpa) {
1868 wpa_hexdump(MSG_DEBUG, "WPA", bss_wpa, 2 + bss_wpa[1]);
1869 if (wpa_parse_wpa_ie(bss_wpa, 2 + bss_wpa[1], &ie)) {
1870 wpa_dbg(wpa_s, MSG_DEBUG,
1871 "Could not parse WPA element");
1872 } else {
1873 wpa_dbg(wpa_s, MSG_DEBUG,
1874 "WPA: pairwise_cipher=0x%x group_cipher=0x%x key_mgmt=0x%x",
1875 ie.pairwise_cipher, ie.group_cipher,
1876 ie.key_mgmt);
1877 }
1878 }
1879 return -1;
1880 } else {
1881 if (ssid->proto & WPA_PROTO_RSN)
1882 proto = WPA_PROTO_RSN;
1883 else
1884 proto = WPA_PROTO_WPA;
1885 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
1886 os_memset(&ie, 0, sizeof(ie));
1887 ie.group_cipher = ssid->group_cipher;
1888 ie.pairwise_cipher = ssid->pairwise_cipher;
1889 ie.key_mgmt = ssid->key_mgmt;
1890 ie.mgmt_group_cipher = 0;
1891 if (ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION) {
1892 if (ssid->group_mgmt_cipher &
1893 WPA_CIPHER_BIP_GMAC_256)
1894 ie.mgmt_group_cipher =
1895 WPA_CIPHER_BIP_GMAC_256;
1896 else if (ssid->group_mgmt_cipher &
1897 WPA_CIPHER_BIP_CMAC_256)
1898 ie.mgmt_group_cipher =
1899 WPA_CIPHER_BIP_CMAC_256;
1900 else if (ssid->group_mgmt_cipher &
1901 WPA_CIPHER_BIP_GMAC_128)
1902 ie.mgmt_group_cipher =
1903 WPA_CIPHER_BIP_GMAC_128;
1904 else
1905 ie.mgmt_group_cipher =
1906 WPA_CIPHER_AES_128_CMAC;
1907 }
1908 #ifdef CONFIG_OWE
1909 if ((ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
1910 !ssid->owe_only &&
1911 !bss_wpa && !bss_rsn) {
1912 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
1913 wpa_s->wpa_proto = 0;
1914 *wpa_ie_len = 0;
1915 return 0;
1916 }
1917 #endif /* CONFIG_OWE */
1918 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites "
1919 "based on configuration");
1920 } else
1921 proto = ie.proto;
1922 }
1923
1924 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d "
1925 "pairwise %d key_mgmt %d proto %d",
1926 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto);
1927 if (ssid->ieee80211w) {
1928 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d",
1929 ie.mgmt_group_cipher);
1930 }
1931
1932 wpa_s->wpa_proto = proto;
1933 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
1934 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED,
1935 !!(ssid->proto & WPA_PROTO_RSN));
1936
1937 if (bss || !wpa_s->ap_ies_from_associnfo) {
1938 const u8 *rsnoe = NULL, *rsno2e = NULL, *rsnxoe = NULL;
1939
1940 if (bss) {
1941 bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN);
1942 bss_rsnx = wpa_bss_get_ie(bss, WLAN_EID_RSNX);
1943 rsnoe = wpa_bss_get_vendor_ie(
1944 bss, RSNE_OVERRIDE_IE_VENDOR_TYPE);
1945 rsno2e = wpa_bss_get_vendor_ie(
1946 bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE);
1947 rsnxoe = wpa_bss_get_vendor_ie(
1948 bss, RSNXE_OVERRIDE_IE_VENDOR_TYPE);
1949 }
1950
1951 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa,
1952 bss_wpa ? 2 + bss_wpa[1] : 0) ||
1953 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn,
1954 bss_rsn ? 2 + bss_rsn[1] : 0) ||
1955 wpa_sm_set_ap_rsnxe(wpa_s->wpa, bss_rsnx,
1956 bss_rsnx ? 2 + bss_rsnx[1] : 0) ||
1957 wpa_sm_set_ap_rsne_override(wpa_s->wpa, rsnoe,
1958 rsnoe ? 2 + rsnoe[1] : 0) ||
1959 wpa_sm_set_ap_rsne_override_2(wpa_s->wpa, rsno2e,
1960 rsno2e ? 2 + rsno2e[1] : 0) ||
1961 wpa_sm_set_ap_rsnxe_override(wpa_s->wpa, rsnxoe,
1962 rsnxoe ? 2 + rsnxoe[1] : 0))
1963 return -1;
1964 }
1965
1966 #ifdef CONFIG_NO_WPA
1967 wpa_s->group_cipher = WPA_CIPHER_NONE;
1968 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
1969 #else /* CONFIG_NO_WPA */
1970 sel = ie.group_cipher & ssid->group_cipher;
1971 wpa_dbg(wpa_s, MSG_DEBUG,
1972 "WPA: AP group 0x%x network profile group 0x%x; available group 0x%x",
1973 ie.group_cipher, ssid->group_cipher, sel);
1974 wpa_s->group_cipher = wpa_pick_group_cipher(sel);
1975 if (wpa_s->group_cipher < 0) {
1976 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group "
1977 "cipher");
1978 return -1;
1979 }
1980 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK %s",
1981 wpa_cipher_txt(wpa_s->group_cipher));
1982
1983 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
1984 wpa_dbg(wpa_s, MSG_DEBUG,
1985 "WPA: AP pairwise 0x%x network profile pairwise 0x%x; available pairwise 0x%x",
1986 ie.pairwise_cipher, ssid->pairwise_cipher, sel);
1987 wpa_s->pairwise_cipher = wpa_pick_pairwise_cipher(sel, 1);
1988 if (wpa_s->pairwise_cipher < 0) {
1989 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise "
1990 "cipher");
1991 return -1;
1992 }
1993 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK %s",
1994 wpa_cipher_txt(wpa_s->pairwise_cipher));
1995 #endif /* CONFIG_NO_WPA */
1996
1997 sel = ie.key_mgmt & ssid->key_mgmt;
1998 #ifdef CONFIG_SAE
1999 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE) &&
2000 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA)) ||
2001 wpas_is_sae_avoided(wpa_s, ssid, &ie))
2002 sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_SAE_EXT_KEY |
2003 WPA_KEY_MGMT_FT_SAE | WPA_KEY_MGMT_FT_SAE_EXT_KEY);
2004 #endif /* CONFIG_SAE */
2005 #ifdef CONFIG_IEEE80211R
2006 if (!(wpa_s->drv_flags & (WPA_DRIVER_FLAGS_SME |
2007 WPA_DRIVER_FLAGS_UPDATE_FT_IES)))
2008 sel &= ~WPA_KEY_MGMT_FT;
2009 #endif /* CONFIG_IEEE80211R */
2010 wpa_dbg(wpa_s, MSG_DEBUG,
2011 "WPA: AP key_mgmt 0x%x network profile key_mgmt 0x%x; available key_mgmt 0x%x",
2012 ie.key_mgmt, ssid->key_mgmt, sel);
2013 if (0) {
2014 #ifdef CONFIG_IEEE80211R
2015 #ifdef CONFIG_SHA384
2016 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X_SHA384) &&
2017 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
2018 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X_SHA384;
2019 wpa_dbg(wpa_s, MSG_DEBUG,
2020 "WPA: using KEY_MGMT FT/802.1X-SHA384");
2021 if (!ssid->ft_eap_pmksa_caching &&
2022 pmksa_cache_get_current(wpa_s->wpa)) {
2023 /* PMKSA caching with FT may have interoperability
2024 * issues, so disable that case by default for now. */
2025 wpa_dbg(wpa_s, MSG_DEBUG,
2026 "WPA: Disable PMKSA caching for FT/802.1X connection");
2027 pmksa_cache_clear_current(wpa_s->wpa);
2028 }
2029 #endif /* CONFIG_SHA384 */
2030 #endif /* CONFIG_IEEE80211R */
2031 #ifdef CONFIG_SUITEB192
2032 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B_192) {
2033 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B_192;
2034 wpa_dbg(wpa_s, MSG_DEBUG,
2035 "WPA: using KEY_MGMT 802.1X with Suite B (192-bit)");
2036 #endif /* CONFIG_SUITEB192 */
2037 #ifdef CONFIG_SUITEB
2038 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SUITE_B) {
2039 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SUITE_B;
2040 wpa_dbg(wpa_s, MSG_DEBUG,
2041 "WPA: using KEY_MGMT 802.1X with Suite B");
2042 #endif /* CONFIG_SUITEB */
2043 #ifdef CONFIG_SHA384
2044 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA384) {
2045 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA384;
2046 wpa_dbg(wpa_s, MSG_DEBUG,
2047 "WPA: using KEY_MGMT 802.1X with SHA384");
2048 #endif /* CONFIG_SHA384 */
2049 #ifdef CONFIG_FILS
2050 #ifdef CONFIG_IEEE80211R
2051 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA384) {
2052 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA384;
2053 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA384");
2054 #endif /* CONFIG_IEEE80211R */
2055 } else if (sel & WPA_KEY_MGMT_FILS_SHA384) {
2056 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA384;
2057 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA384");
2058 #ifdef CONFIG_IEEE80211R
2059 } else if (sel & WPA_KEY_MGMT_FT_FILS_SHA256) {
2060 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_FILS_SHA256;
2061 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT-FILS-SHA256");
2062 #endif /* CONFIG_IEEE80211R */
2063 } else if (sel & WPA_KEY_MGMT_FILS_SHA256) {
2064 wpa_s->key_mgmt = WPA_KEY_MGMT_FILS_SHA256;
2065 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FILS-SHA256");
2066 #endif /* CONFIG_FILS */
2067 #ifdef CONFIG_IEEE80211R
2068 } else if ((sel & WPA_KEY_MGMT_FT_IEEE8021X) &&
2069 os_strcmp(wpa_supplicant_get_eap_mode(wpa_s), "LEAP") != 0) {
2070 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X;
2071 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X");
2072 if (!ssid->ft_eap_pmksa_caching &&
2073 pmksa_cache_get_current(wpa_s->wpa)) {
2074 /* PMKSA caching with FT may have interoperability
2075 * issues, so disable that case by default for now. */
2076 wpa_dbg(wpa_s, MSG_DEBUG,
2077 "WPA: Disable PMKSA caching for FT/802.1X connection");
2078 pmksa_cache_clear_current(wpa_s->wpa);
2079 }
2080 #endif /* CONFIG_IEEE80211R */
2081 #ifdef CONFIG_DPP
2082 } else if (sel & WPA_KEY_MGMT_DPP) {
2083 wpa_s->key_mgmt = WPA_KEY_MGMT_DPP;
2084 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT DPP");
2085 #endif /* CONFIG_DPP */
2086 #ifdef CONFIG_SAE
2087 } else if (sel & WPA_KEY_MGMT_FT_SAE_EXT_KEY) {
2088 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE_EXT_KEY;
2089 wpa_dbg(wpa_s, MSG_DEBUG,
2090 "RSN: using KEY_MGMT FT/SAE (ext key)");
2091 } else if (sel & WPA_KEY_MGMT_SAE_EXT_KEY) {
2092 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE_EXT_KEY;
2093 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE (ext key)");
2094 } else if (sel & WPA_KEY_MGMT_FT_SAE) {
2095 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE;
2096 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE");
2097 } else if (sel & WPA_KEY_MGMT_SAE) {
2098 wpa_s->key_mgmt = WPA_KEY_MGMT_SAE;
2099 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE");
2100 #endif /* CONFIG_SAE */
2101 #ifdef CONFIG_IEEE80211R
2102 } else if (sel & WPA_KEY_MGMT_FT_PSK) {
2103 wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK;
2104 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK");
2105 #endif /* CONFIG_IEEE80211R */
2106 } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) {
2107 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256;
2108 wpa_dbg(wpa_s, MSG_DEBUG,
2109 "WPA: using KEY_MGMT 802.1X with SHA256");
2110 } else if (sel & WPA_KEY_MGMT_PSK_SHA256) {
2111 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256;
2112 wpa_dbg(wpa_s, MSG_DEBUG,
2113 "WPA: using KEY_MGMT PSK with SHA256");
2114 } else if (sel & WPA_KEY_MGMT_IEEE8021X) {
2115 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
2116 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
2117 } else if (sel & WPA_KEY_MGMT_PSK) {
2118 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
2119 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
2120 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
2121 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
2122 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
2123 #ifdef CONFIG_OWE
2124 } else if (sel & WPA_KEY_MGMT_OWE) {
2125 wpa_s->key_mgmt = WPA_KEY_MGMT_OWE;
2126 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT OWE");
2127 #endif /* CONFIG_OWE */
2128 } else {
2129 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select "
2130 "authenticated key management type");
2131 return -1;
2132 }
2133
2134 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
2135 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
2136 wpa_s->pairwise_cipher);
2137 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
2138
2139 if (!(ie.capabilities & WPA_CAPABILITY_MFPC) &&
2140 (wpas_get_ssid_pmf(wpa_s, ssid) == MGMT_FRAME_PROTECTION_REQUIRED ||
2141 (bss && is_6ghz_freq(bss->freq)))) {
2142 wpa_msg(wpa_s, MSG_INFO,
2143 "RSN: Management frame protection required but the selected AP does not enable it");
2144 return -1;
2145 }
2146
2147 wpas_set_mgmt_group_cipher(wpa_s, ssid, &ie);
2148 #ifdef CONFIG_OCV
2149 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
2150 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OCV))
2151 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCV, ssid->ocv);
2152 #endif /* CONFIG_OCV */
2153 #ifdef CONFIG_SAE
2154 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid);
2155 if ((ssid->sae_password_id ||
2156 wpa_key_mgmt_sae_ext_key(wpa_s->key_mgmt)) &&
2157 sae_pwe != SAE_PWE_FORCE_HUNT_AND_PECK)
2158 sae_pwe = SAE_PWE_HASH_TO_ELEMENT;
2159 if (bss && is_6ghz_freq(bss->freq) &&
2160 sae_pwe == SAE_PWE_HUNT_AND_PECK) {
2161 wpa_dbg(wpa_s, MSG_DEBUG,
2162 "RSN: Enable SAE hash-to-element mode for 6 GHz BSS");
2163 sae_pwe = SAE_PWE_BOTH;
2164 }
2165 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PWE, sae_pwe);
2166 #ifdef CONFIG_SAE_PK
2167 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SAE_PK,
2168 wpa_key_mgmt_sae(ssid->key_mgmt) &&
2169 ssid->sae_pk != SAE_PK_MODE_DISABLED &&
2170 ((ssid->sae_password &&
2171 sae_pk_valid_password(ssid->sae_password)) ||
2172 (!ssid->sae_password && ssid->passphrase &&
2173 sae_pk_valid_password(ssid->passphrase))));
2174 #endif /* CONFIG_SAE_PK */
2175 #endif /* CONFIG_SAE */
2176 if (bss && is_6ghz_freq(bss->freq) &&
2177 wpas_get_ssid_pmf(wpa_s, ssid) != MGMT_FRAME_PROTECTION_REQUIRED) {
2178 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: Force MFPR=1 on 6 GHz");
2179 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP,
2180 MGMT_FRAME_PROTECTION_REQUIRED);
2181 }
2182 #ifdef CONFIG_TESTING_OPTIONS
2183 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_RSNXE_USED,
2184 wpa_s->ft_rsnxe_used);
2185 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL,
2186 wpa_s->oci_freq_override_eapol);
2187 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_EAPOL_G2,
2188 wpa_s->oci_freq_override_eapol_g2);
2189 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FT_ASSOC,
2190 wpa_s->oci_freq_override_ft_assoc);
2191 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_OCI_FREQ_FILS_ASSOC,
2192 wpa_s->oci_freq_override_fils_assoc);
2193 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DISABLE_EAPOL_G2_TX,
2194 wpa_s->disable_eapol_g2_tx);
2195 wpa_sm_set_param(wpa_s->wpa,
2196 WPA_PARAM_EAPOL_2_KEY_INFO_SET_MASK,
2197 wpa_s->eapol_2_key_info_set_mask);
2198 #endif /* CONFIG_TESTING_OPTIONS */
2199
2200 /* Extended Key ID is only supported in infrastructure BSS so far */
2201 if (ssid->mode == WPAS_MODE_INFRA && wpa_s->conf->extended_key_id &&
2202 (ssid->proto & WPA_PROTO_RSN) &&
2203 ssid->pairwise_cipher & (WPA_CIPHER_CCMP | WPA_CIPHER_CCMP_256 |
2204 WPA_CIPHER_GCMP | WPA_CIPHER_GCMP_256) &&
2205 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_EXTENDED_KEY_ID)) {
2206 int use_ext_key_id = 0;
2207
2208 wpa_msg(wpa_s, MSG_DEBUG,
2209 "WPA: Enable Extended Key ID support");
2210 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID,
2211 wpa_s->conf->extended_key_id);
2212 if (bss_rsn &&
2213 wpa_s->conf->extended_key_id &&
2214 wpa_s->pairwise_cipher != WPA_CIPHER_TKIP &&
2215 (ie.capabilities & WPA_CAPABILITY_EXT_KEY_ID_FOR_UNICAST))
2216 use_ext_key_id = 1;
2217 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID,
2218 use_ext_key_id);
2219 } else {
2220 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_EXT_KEY_ID, 0);
2221 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_USE_EXT_KEY_ID, 0);
2222 }
2223
2224 /* Mark WMM enabled for any HT/VHT/HE/EHT association to get more
2225 * appropriate advertisement of the supported number of PTKSA receive
2226 * counters. In theory, this could be based on a driver capability, but
2227 * in practice all cases using WMM support at least eight replay
2228 * counters, so use a hardcoded value for now since there is no explicit
2229 * driver capability indication for this.
2230 *
2231 * In addition, claim WMM to be enabled if the AP supports it since it
2232 * is far more likely for any current device to support WMM. */
2233 wmm = wpa_s->connection_set &&
2234 (wpa_s->connection_ht || wpa_s->connection_vht ||
2235 wpa_s->connection_he || wpa_s->connection_eht);
2236 if (!wmm && bss)
2237 wmm = !!wpa_bss_get_vendor_ie(bss, WMM_IE_VENDOR_TYPE);
2238 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_WMM_ENABLED, wmm);
2239
2240 if (ssid->ssid_protection && proto == WPA_PROTO_RSN) {
2241 bool ssid_prot;
2242
2243 /* Enable SSID protection based on the AP advertising support
2244 * for it to avoid potential interoperability issues with
2245 * incorrect AP behavior if we were to send an "unexpected"
2246 * RSNXE with multiple octets of payload. */
2247 ssid_prot = ieee802_11_rsnx_capab(
2248 bss_rsnx, WLAN_RSNX_CAPAB_SSID_PROTECTION);
2249 if (!skip_default_rsne)
2250 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION,
2251 proto == WPA_PROTO_RSN && ssid_prot);
2252 } else {
2253 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SSID_PROTECTION, false);
2254 }
2255
2256 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_SPP_AMSDU,
2257 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SPP_AMSDU) &&
2258 ieee802_11_rsnx_capab(bss_rsnx,
2259 WLAN_RSNX_CAPAB_SPP_A_MSDU) &&
2260 wpa_s->pairwise_cipher & (WPA_CIPHER_CCMP_256 |
2261 WPA_CIPHER_GCMP_256 |
2262 WPA_CIPHER_CCMP |
2263 WPA_CIPHER_GCMP) &&
2264 (wpa_s->wpa_proto & WPA_PROTO_RSN));
2265
2266 if (!skip_default_rsne) {
2267 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie,
2268 wpa_ie_len)) {
2269 wpa_msg(wpa_s, MSG_WARNING,
2270 "RSN: Failed to generate RSNE/WPA IE");
2271 return -1;
2272 }
2273
2274 #ifndef CONFIG_NO_WPA
2275 wpa_s->rsnxe_len = sizeof(wpa_s->rsnxe);
2276 if (wpa_sm_set_assoc_rsnxe_default(wpa_s->wpa, wpa_s->rsnxe,
2277 &wpa_s->rsnxe_len)) {
2278 wpa_msg(wpa_s, MSG_WARNING,
2279 "RSN: Failed to generate RSNXE");
2280 return -1;
2281 }
2282 #endif /* CONFIG_NO_WPA */
2283 }
2284
2285 if (0) {
2286 #ifdef CONFIG_DPP
2287 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_DPP) {
2288 /* Use PMK from DPP network introduction (PMKSA entry) */
2289 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2290 #ifdef CONFIG_DPP2
2291 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DPP_PFS, ssid->dpp_pfs);
2292 #endif /* CONFIG_DPP2 */
2293 #endif /* CONFIG_DPP */
2294 } else if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) {
2295 int psk_set = 0;
2296
2297 if (wpa_key_mgmt_wpa_psk_no_sae(ssid->key_mgmt)) {
2298 u8 psk[PMK_LEN];
2299
2300 if (wpa_supplicant_get_psk(wpa_s, bss, ssid,
2301 psk) == 0) {
2302 wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN, NULL,
2303 NULL);
2304 psk_set = 1;
2305 }
2306 forced_memzero(psk, sizeof(psk));
2307 }
2308
2309 if (wpa_key_mgmt_sae(ssid->key_mgmt) &&
2310 (ssid->sae_password || ssid->passphrase || ssid->ext_psk))
2311 psk_set = 1;
2312
2313 if (!psk_set && !ssid->pmk_valid) {
2314 wpa_msg(wpa_s, MSG_INFO,
2315 "No PSK/PMK available for association");
2316 wpas_auth_failed(wpa_s, "NO_PSK_AVAILABLE", NULL);
2317 return -1;
2318 }
2319 #ifdef CONFIG_OWE
2320 } else if (wpa_s->key_mgmt == WPA_KEY_MGMT_OWE) {
2321 /* OWE Diffie-Hellman exchange in (Re)Association
2322 * Request/Response frames set the PMK, so do not override it
2323 * here. */
2324 #endif /* CONFIG_OWE */
2325 } else
2326 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
2327
2328 if (ssid->mode != WPAS_MODE_IBSS &&
2329 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED) &&
2330 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_NEVER ||
2331 (ssid->wpa_deny_ptk0_rekey == PTK0_REKEY_ALLOW_LOCAL_OK &&
2332 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAFE_PTK0_REKEYS)))) {
2333 wpa_msg(wpa_s, MSG_INFO,
2334 "Disable PTK0 rekey support - replaced with reconnect");
2335 wpa_s->deny_ptk0_rekey = 1;
2336 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 1);
2337 } else {
2338 wpa_s->deny_ptk0_rekey = 0;
2339 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_DENY_PTK0_REKEY, 0);
2340 }
2341
2342 if (wpa_key_mgmt_cross_akm(wpa_s->key_mgmt) &&
2343 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
2344 wpas_update_allowed_key_mgmt(wpa_s, ssid);
2345
2346 return 0;
2347 }
2348
2349
wpas_ext_capab_byte(struct wpa_supplicant * wpa_s,u8 * pos,int idx,struct wpa_bss * bss)2350 static void wpas_ext_capab_byte(struct wpa_supplicant *wpa_s, u8 *pos, int idx,
2351 struct wpa_bss *bss)
2352 {
2353 #ifndef CONFIG_NO_ROBUST_AV
2354 bool scs = true, mscs = true;
2355 #endif /* CONFIG_NO_ROBUST_AV */
2356
2357 *pos = 0x00;
2358
2359 switch (idx) {
2360 case 0: /* Bits 0-7 */
2361 break;
2362 case 1: /* Bits 8-15 */
2363 if (wpa_s->conf->coloc_intf_reporting) {
2364 /* Bit 13 - Collocated Interference Reporting */
2365 *pos |= 0x20;
2366 }
2367 break;
2368 case 2: /* Bits 16-23 */
2369 #ifdef CONFIG_WNM
2370 *pos |= 0x02; /* Bit 17 - WNM-Sleep Mode */
2371 if ((wpas_driver_bss_selection(wpa_s) ||
2372 !wpa_s->disable_mbo_oce) &&
2373 !wpa_s->conf->disable_btm)
2374 *pos |= 0x08; /* Bit 19 - BSS Transition */
2375 #endif /* CONFIG_WNM */
2376 break;
2377 case 3: /* Bits 24-31 */
2378 #ifdef CONFIG_WNM
2379 *pos |= 0x02; /* Bit 25 - SSID List */
2380 #endif /* CONFIG_WNM */
2381 #ifdef CONFIG_INTERWORKING
2382 if (wpa_s->conf->interworking)
2383 *pos |= 0x80; /* Bit 31 - Interworking */
2384 #endif /* CONFIG_INTERWORKING */
2385 break;
2386 case 4: /* Bits 32-39 */
2387 #ifdef CONFIG_INTERWORKING
2388 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_QOS_MAPPING)
2389 *pos |= 0x01; /* Bit 32 - QoS Map */
2390 #endif /* CONFIG_INTERWORKING */
2391 break;
2392 case 5: /* Bits 40-47 */
2393 #ifdef CONFIG_HS20
2394 if (wpa_s->conf->hs20)
2395 *pos |= 0x40; /* Bit 46 - WNM-Notification */
2396 #endif /* CONFIG_HS20 */
2397 #ifdef CONFIG_MBO
2398 *pos |= 0x40; /* Bit 46 - WNM-Notification */
2399 #endif /* CONFIG_MBO */
2400 break;
2401 case 6: /* Bits 48-55 */
2402 #ifndef CONFIG_NO_ROBUST_AV
2403 #ifdef CONFIG_TESTING_OPTIONS
2404 if (wpa_s->disable_scs_support)
2405 scs = false;
2406 #endif /* CONFIG_TESTING_OPTIONS */
2407 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_SCS)) {
2408 /* Drop own SCS capability indication since the AP does
2409 * not support it. This is needed to avoid
2410 * interoperability issues with APs that get confused
2411 * with Extended Capabilities element. */
2412 scs = false;
2413 }
2414 if (scs)
2415 *pos |= 0x40; /* Bit 54 - SCS */
2416 #endif /* CONFIG_NO_ROBUST_AV */
2417 break;
2418 case 7: /* Bits 56-63 */
2419 break;
2420 case 8: /* Bits 64-71 */
2421 if (wpa_s->conf->ftm_responder)
2422 *pos |= 0x40; /* Bit 70 - FTM responder */
2423 if (wpa_s->conf->ftm_initiator)
2424 *pos |= 0x80; /* Bit 71 - FTM initiator */
2425 break;
2426 case 9: /* Bits 72-79 */
2427 #ifdef CONFIG_FILS
2428 if (!wpa_s->disable_fils)
2429 *pos |= 0x01;
2430 #endif /* CONFIG_FILS */
2431 if (wpa_s->conf->twt_requester)
2432 *pos |= 0x20; /* Bit 77 - TWT Requester Support */
2433 break;
2434 case 10: /* Bits 80-87 */
2435 #ifndef CONFIG_NO_ROBUST_AV
2436 #ifdef CONFIG_TESTING_OPTIONS
2437 if (wpa_s->disable_mscs_support)
2438 mscs = false;
2439 #endif /* CONFIG_TESTING_OPTIONS */
2440 if (bss && !wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS)) {
2441 /* Drop own MSCS capability indication since the AP does
2442 * not support it. This is needed to avoid
2443 * interoperability issues with APs that get confused
2444 * with Extended Capabilities element. */
2445 mscs = false;
2446 }
2447 if (mscs)
2448 *pos |= 0x20; /* Bit 85 - Mirrored SCS */
2449 #endif /* CONFIG_NO_ROBUST_AV */
2450 break;
2451 }
2452 }
2453
2454
wpas_build_ext_capab(struct wpa_supplicant * wpa_s,u8 * buf,size_t buflen,struct wpa_bss * bss)2455 int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf,
2456 size_t buflen, struct wpa_bss *bss)
2457 {
2458 u8 *pos = buf;
2459 u8 len = 11, i;
2460
2461 if (len < wpa_s->extended_capa_len)
2462 len = wpa_s->extended_capa_len;
2463 if (buflen < (size_t) len + 2) {
2464 wpa_printf(MSG_INFO,
2465 "Not enough room for building extended capabilities element");
2466 return -1;
2467 }
2468
2469 *pos++ = WLAN_EID_EXT_CAPAB;
2470 *pos++ = len;
2471 for (i = 0; i < len; i++, pos++) {
2472 wpas_ext_capab_byte(wpa_s, pos, i, bss);
2473
2474 if (i < wpa_s->extended_capa_len) {
2475 *pos &= ~wpa_s->extended_capa_mask[i];
2476 *pos |= wpa_s->extended_capa[i];
2477 }
2478 }
2479
2480 while (len > 0 && buf[1 + len] == 0) {
2481 len--;
2482 buf[1] = len;
2483 }
2484 if (len == 0)
2485 return 0;
2486
2487 return 2 + len;
2488 }
2489
2490
wpas_valid_bss(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss)2491 static int wpas_valid_bss(struct wpa_supplicant *wpa_s,
2492 struct wpa_bss *test_bss)
2493 {
2494 struct wpa_bss *bss;
2495
2496 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
2497 if (bss == test_bss)
2498 return 1;
2499 }
2500
2501 return 0;
2502 }
2503
2504
wpas_valid_ssid(struct wpa_supplicant * wpa_s,struct wpa_ssid * test_ssid)2505 static int wpas_valid_ssid(struct wpa_supplicant *wpa_s,
2506 struct wpa_ssid *test_ssid)
2507 {
2508 struct wpa_ssid *ssid;
2509
2510 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) {
2511 if (ssid == test_ssid)
2512 return 1;
2513 }
2514
2515 return 0;
2516 }
2517
2518
wpas_valid_bss_ssid(struct wpa_supplicant * wpa_s,struct wpa_bss * test_bss,struct wpa_ssid * test_ssid)2519 int wpas_valid_bss_ssid(struct wpa_supplicant *wpa_s, struct wpa_bss *test_bss,
2520 struct wpa_ssid *test_ssid)
2521 {
2522 if (test_bss && !wpas_valid_bss(wpa_s, test_bss))
2523 return 0;
2524
2525 return test_ssid == NULL || wpas_valid_ssid(wpa_s, test_ssid);
2526 }
2527
2528
wpas_connect_work_free(struct wpa_connect_work * cwork)2529 void wpas_connect_work_free(struct wpa_connect_work *cwork)
2530 {
2531 if (cwork == NULL)
2532 return;
2533 os_free(cwork);
2534 }
2535
2536
wpas_connect_work_done(struct wpa_supplicant * wpa_s)2537 void wpas_connect_work_done(struct wpa_supplicant *wpa_s)
2538 {
2539 struct wpa_connect_work *cwork;
2540 struct wpa_radio_work *work = wpa_s->connect_work;
2541
2542 if (!work)
2543 return;
2544
2545 wpa_s->connect_work = NULL;
2546 cwork = work->ctx;
2547 work->ctx = NULL;
2548 wpas_connect_work_free(cwork);
2549 radio_work_done(work);
2550 }
2551
2552
wpas_update_random_addr(struct wpa_supplicant * wpa_s,enum wpas_mac_addr_style style,struct wpa_ssid * ssid)2553 int wpas_update_random_addr(struct wpa_supplicant *wpa_s,
2554 enum wpas_mac_addr_style style,
2555 struct wpa_ssid *ssid)
2556 {
2557 struct os_reltime now;
2558 u8 addr[ETH_ALEN];
2559
2560 os_get_reltime(&now);
2561 /* Random addresses are valid within a given ESS so check
2562 * expiration/value only when continuing to use the same ESS. */
2563 if (wpa_s->last_mac_addr_style == style && wpa_s->reassoc_same_ess) {
2564 if (style == WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS) {
2565 /* Pregenerated addresses do not expire but their value
2566 * might have changed, so let's check that. */
2567 if (ssid &&
2568 ether_addr_equal(wpa_s->own_addr, ssid->mac_value))
2569 return 0;
2570 } else if ((wpa_s->last_mac_addr_change.sec != 0 ||
2571 wpa_s->last_mac_addr_change.usec != 0) &&
2572 !os_reltime_expired(
2573 &now,
2574 &wpa_s->last_mac_addr_change,
2575 wpa_s->conf->rand_addr_lifetime)) {
2576 wpa_msg(wpa_s, MSG_DEBUG,
2577 "Previously selected random MAC address has not yet expired");
2578 return 0;
2579 }
2580 }
2581
2582 switch (style) {
2583 case WPAS_MAC_ADDR_STYLE_RANDOM:
2584 if (random_mac_addr(addr) < 0)
2585 return -1;
2586 break;
2587 case WPAS_MAC_ADDR_STYLE_RANDOM_SAME_OUI:
2588 os_memcpy(addr, wpa_s->perm_addr, ETH_ALEN);
2589 if (random_mac_addr_keep_oui(addr) < 0)
2590 return -1;
2591 break;
2592 case WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS:
2593 if (!ssid) {
2594 wpa_msg(wpa_s, MSG_INFO,
2595 "Invalid 'ssid' for address policy 3");
2596 return -1;
2597 }
2598 os_memcpy(addr, ssid->mac_value, ETH_ALEN);
2599 break;
2600 default:
2601 return -1;
2602 }
2603
2604 if (wpa_drv_set_mac_addr(wpa_s, addr) < 0) {
2605 wpa_msg(wpa_s, MSG_INFO,
2606 "Failed to set random MAC address");
2607 return -1;
2608 }
2609
2610 os_get_reltime(&wpa_s->last_mac_addr_change);
2611 wpa_s->mac_addr_changed = 1;
2612 wpa_s->last_mac_addr_style = style;
2613
2614 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2615 wpa_msg(wpa_s, MSG_INFO,
2616 "Could not update MAC address information");
2617 return -1;
2618 }
2619
2620 wpas_p2p_update_dev_addr(wpa_s);
2621
2622 wpa_msg(wpa_s, MSG_DEBUG, "Using random MAC address " MACSTR,
2623 MAC2STR(addr));
2624
2625 return 1;
2626 }
2627
2628
wpas_update_random_addr_disassoc(struct wpa_supplicant * wpa_s)2629 int wpas_update_random_addr_disassoc(struct wpa_supplicant *wpa_s)
2630 {
2631 if (wpa_s->wpa_state >= WPA_AUTHENTICATING ||
2632 !wpa_s->conf->preassoc_mac_addr)
2633 return 0;
2634
2635 return wpas_update_random_addr(wpa_s, wpa_s->conf->preassoc_mac_addr,
2636 NULL);
2637 }
2638
2639
wpa_s_setup_sae_pt(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,bool force)2640 void wpa_s_setup_sae_pt(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
2641 bool force)
2642 {
2643 #ifdef CONFIG_SAE
2644 struct wpa_config *conf = wpa_s->conf;
2645 int *groups = conf->sae_groups;
2646 int default_groups[] = { 19, 20, 21, 0 };
2647 const char *password;
2648 enum sae_pwe sae_pwe;
2649
2650 if (!groups || groups[0] <= 0)
2651 groups = default_groups;
2652
2653 password = ssid->sae_password;
2654 if (!password)
2655 password = ssid->passphrase;
2656
2657 sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid);
2658
2659 if (!password ||
2660 !wpa_key_mgmt_sae(ssid->key_mgmt) ||
2661 (sae_pwe == SAE_PWE_HUNT_AND_PECK && !ssid->sae_password_id &&
2662 !wpa_key_mgmt_sae_ext_key(ssid->key_mgmt) &&
2663 !force &&
2664 !sae_pk_valid_password(password)) ||
2665 sae_pwe == SAE_PWE_FORCE_HUNT_AND_PECK) {
2666 /* PT derivation not needed */
2667 sae_deinit_pt(ssid->pt);
2668 ssid->pt = NULL;
2669 return;
2670 }
2671
2672 if (ssid->pt)
2673 return; /* PT already derived */
2674 ssid->pt = sae_derive_pt(groups, ssid->ssid, ssid->ssid_len,
2675 (const u8 *) password, os_strlen(password),
2676 ssid->sae_password_id);
2677 #endif /* CONFIG_SAE */
2678 }
2679
2680
wpa_s_clear_sae_rejected(struct wpa_supplicant * wpa_s)2681 void wpa_s_clear_sae_rejected(struct wpa_supplicant *wpa_s)
2682 {
2683 #if defined(CONFIG_SAE) && defined(CONFIG_SME)
2684 os_free(wpa_s->sme.sae_rejected_groups);
2685 wpa_s->sme.sae_rejected_groups = NULL;
2686 #ifdef CONFIG_TESTING_OPTIONS
2687 if (wpa_s->extra_sae_rejected_groups) {
2688 int i, *groups = wpa_s->extra_sae_rejected_groups;
2689
2690 for (i = 0; groups[i]; i++) {
2691 wpa_printf(MSG_DEBUG,
2692 "TESTING: Indicate rejection of an extra SAE group %d",
2693 groups[i]);
2694 int_array_add_unique(&wpa_s->sme.sae_rejected_groups,
2695 groups[i]);
2696 }
2697 }
2698 #endif /* CONFIG_TESTING_OPTIONS */
2699 #endif /* CONFIG_SAE && CONFIG_SME */
2700 }
2701
2702
wpas_restore_permanent_mac_addr(struct wpa_supplicant * wpa_s)2703 int wpas_restore_permanent_mac_addr(struct wpa_supplicant *wpa_s)
2704 {
2705 if (wpa_drv_set_mac_addr(wpa_s, NULL) < 0) {
2706 wpa_msg(wpa_s, MSG_INFO,
2707 "Could not restore permanent MAC address");
2708 return -1;
2709 }
2710 wpa_s->mac_addr_changed = 0;
2711 if (wpa_supplicant_update_mac_addr(wpa_s) < 0) {
2712 wpa_msg(wpa_s, MSG_INFO,
2713 "Could not update MAC address information");
2714 return -1;
2715 }
2716
2717 wpas_p2p_update_dev_addr(wpa_s);
2718
2719 wpa_msg(wpa_s, MSG_DEBUG, "Using permanent MAC address");
2720 return 0;
2721 }
2722
2723
2724 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit);
2725
2726 /**
2727 * wpa_supplicant_associate - Request association
2728 * @wpa_s: Pointer to wpa_supplicant data
2729 * @bss: Scan results for the selected BSS, or %NULL if not available
2730 * @ssid: Configuration data for the selected network
2731 *
2732 * This function is used to request %wpa_supplicant to associate with a BSS.
2733 */
wpa_supplicant_associate(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid)2734 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
2735 struct wpa_bss *bss, struct wpa_ssid *ssid)
2736 {
2737 bool clear_rejected = true;
2738 struct wpa_connect_work *cwork;
2739 enum wpas_mac_addr_style rand_style;
2740
2741 wpa_s->own_disconnect_req = 0;
2742 wpa_s->own_reconnect_req = 0;
2743
2744 /*
2745 * If we are starting a new connection, any previously pending EAPOL
2746 * RX cannot be valid anymore.
2747 */
2748 wpabuf_free(wpa_s->pending_eapol_rx);
2749 wpa_s->pending_eapol_rx = NULL;
2750
2751 if (ssid->mac_addr == WPAS_MAC_ADDR_STYLE_NOT_SET)
2752 rand_style = wpa_s->conf->mac_addr;
2753 else
2754 rand_style = ssid->mac_addr;
2755
2756 wpa_s->eapol_failed = 0;
2757 wpa_s->multi_ap_ie = 0;
2758 #ifndef CONFIG_NO_WMM_AC
2759 wmm_ac_clear_saved_tspecs(wpa_s);
2760 #endif /* CONFIG_NO_WMM_AC */
2761 #ifdef CONFIG_WNM
2762 wpa_s->wnm_mode = 0;
2763 wpa_s->wnm_target_bss = NULL;
2764 #endif /* CONFIG_WNM */
2765 wpa_s->reassoc_same_bss = 0;
2766 wpa_s->reassoc_same_ess = 0;
2767 #ifdef CONFIG_TESTING_OPTIONS
2768 wpa_s->testing_resend_assoc = 0;
2769 #endif /* CONFIG_TESTING_OPTIONS */
2770
2771 if (wpa_s->last_ssid == ssid) {
2772 wpa_dbg(wpa_s, MSG_DEBUG, "Re-association to the same ESS");
2773 wpa_s->reassoc_same_ess = 1;
2774 if (wpa_s->current_bss && wpa_s->current_bss == bss) {
2775 #ifndef CONFIG_NO_WMM_AC
2776 wmm_ac_save_tspecs(wpa_s);
2777 #endif /* CONFIG_NO_WMM_AC */
2778 wpa_s->reassoc_same_bss = 1;
2779 clear_rejected = false;
2780 } else if (wpa_s->current_bss && wpa_s->current_bss != bss) {
2781 os_get_reltime(&wpa_s->roam_start);
2782 }
2783 }
2784
2785 if (clear_rejected)
2786 wpa_s_clear_sae_rejected(wpa_s);
2787
2788 #ifdef CONFIG_SAE
2789 wpa_s_setup_sae_pt(wpa_s, ssid, false);
2790 #endif /* CONFIG_SAE */
2791
2792 if (rand_style > WPAS_MAC_ADDR_STYLE_PERMANENT) {
2793 int status = wpas_update_random_addr(wpa_s, rand_style, ssid);
2794
2795 if (status < 0)
2796 return;
2797 if (rand_style != WPAS_MAC_ADDR_STYLE_DEDICATED_PER_ESS &&
2798 status > 0) /* MAC changed */
2799 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
2800 } else if (rand_style == WPAS_MAC_ADDR_STYLE_PERMANENT &&
2801 wpa_s->mac_addr_changed) {
2802 if (wpas_restore_permanent_mac_addr(wpa_s) < 0)
2803 return;
2804 }
2805 wpa_s->last_ssid = ssid;
2806
2807 #ifdef CONFIG_IBSS_RSN
2808 ibss_rsn_deinit(wpa_s->ibss_rsn);
2809 wpa_s->ibss_rsn = NULL;
2810 #else /* CONFIG_IBSS_RSN */
2811 if (ssid->mode == WPAS_MODE_IBSS &&
2812 !(ssid->key_mgmt & (WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPA_NONE))) {
2813 wpa_msg(wpa_s, MSG_INFO,
2814 "IBSS RSN not supported in the build");
2815 return;
2816 }
2817 #endif /* CONFIG_IBSS_RSN */
2818
2819 if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO ||
2820 ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) {
2821 #ifdef CONFIG_AP
2822 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) {
2823 wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP "
2824 "mode");
2825 return;
2826 }
2827 if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) {
2828 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
2829 if (ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION)
2830 wpas_p2p_ap_setup_failed(wpa_s);
2831 return;
2832 }
2833 wpa_s->current_bss = bss;
2834 #else /* CONFIG_AP */
2835 wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in "
2836 "the build");
2837 #endif /* CONFIG_AP */
2838 return;
2839 }
2840
2841 if (ssid->mode == WPAS_MODE_MESH) {
2842 #ifdef CONFIG_MESH
2843 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_MESH)) {
2844 wpa_msg(wpa_s, MSG_INFO,
2845 "Driver does not support mesh mode");
2846 return;
2847 }
2848 if (bss)
2849 ssid->frequency = bss->freq;
2850 if (wpa_supplicant_join_mesh(wpa_s, ssid) < 0) {
2851 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
2852 wpa_msg(wpa_s, MSG_ERROR, "Could not join mesh");
2853 return;
2854 }
2855 wpa_s->current_bss = bss;
2856 #else /* CONFIG_MESH */
2857 wpa_msg(wpa_s, MSG_ERROR,
2858 "mesh mode support not included in the build");
2859 #endif /* CONFIG_MESH */
2860 return;
2861 }
2862
2863 /*
2864 * Set WPA state machine configuration to match the selected network now
2865 * so that the information is available before wpas_start_assoc_cb()
2866 * gets called. This is needed at least for RSN pre-authentication where
2867 * candidate APs are added to a list based on scan result processing
2868 * before completion of the first association.
2869 */
2870 wpa_supplicant_rsn_supp_set_config(wpa_s, ssid);
2871
2872 #ifdef CONFIG_DPP
2873 if (wpas_dpp_check_connect(wpa_s, ssid, bss) != 0)
2874 return;
2875 #endif /* CONFIG_DPP */
2876
2877 #ifdef CONFIG_TDLS
2878 if (bss)
2879 wpa_tdls_ap_ies(wpa_s->wpa, wpa_bss_ie_ptr(bss), bss->ie_len);
2880 #endif /* CONFIG_TDLS */
2881
2882 #ifdef CONFIG_MBO
2883 wpas_mbo_check_pmf(wpa_s, bss, ssid);
2884 #endif /* CONFIG_MBO */
2885
2886 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
2887 ssid->mode == WPAS_MODE_INFRA) {
2888 sme_authenticate(wpa_s, bss, ssid);
2889 return;
2890 }
2891
2892 if (wpa_s->connect_work) {
2893 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since connect_work exist");
2894 return;
2895 }
2896
2897 if (radio_work_pending(wpa_s, "connect")) {
2898 wpa_dbg(wpa_s, MSG_DEBUG, "Reject wpa_supplicant_associate() call since pending work exist");
2899 return;
2900 }
2901
2902 #ifdef CONFIG_SME
2903 if (ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) {
2904 /* Clear possibly set auth_alg, if any, from last attempt. */
2905 wpa_s->sme.auth_alg = WPA_AUTH_ALG_OPEN;
2906 }
2907 #endif /* CONFIG_SME */
2908
2909 wpas_abort_ongoing_scan(wpa_s);
2910
2911 cwork = os_zalloc(sizeof(*cwork));
2912 if (cwork == NULL)
2913 return;
2914
2915 cwork->bss = bss;
2916 cwork->ssid = ssid;
2917
2918 if (radio_add_work(wpa_s, bss ? bss->freq : 0, "connect", 1,
2919 wpas_start_assoc_cb, cwork) < 0) {
2920 os_free(cwork);
2921 }
2922 }
2923
2924
bss_is_ibss(struct wpa_bss * bss)2925 static int bss_is_ibss(struct wpa_bss *bss)
2926 {
2927 return (bss->caps & (IEEE80211_CAP_ESS | IEEE80211_CAP_IBSS)) ==
2928 IEEE80211_CAP_IBSS;
2929 }
2930
2931
drv_supports_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2932 static int drv_supports_vht(struct wpa_supplicant *wpa_s,
2933 const struct wpa_ssid *ssid)
2934 {
2935 enum hostapd_hw_mode hw_mode;
2936 struct hostapd_hw_modes *mode = NULL;
2937 u8 channel;
2938 int i;
2939
2940 hw_mode = ieee80211_freq_to_chan(ssid->frequency, &channel);
2941 if (hw_mode == NUM_HOSTAPD_MODES)
2942 return 0;
2943 for (i = 0; wpa_s->hw.modes && i < wpa_s->hw.num_modes; i++) {
2944 if (wpa_s->hw.modes[i].mode == hw_mode) {
2945 mode = &wpa_s->hw.modes[i];
2946 break;
2947 }
2948 }
2949
2950 if (!mode)
2951 return 0;
2952
2953 return mode->vht_capab != 0;
2954 }
2955
2956
ibss_mesh_is_80mhz_avail(int channel,struct hostapd_hw_modes * mode)2957 static bool ibss_mesh_is_80mhz_avail(int channel, struct hostapd_hw_modes *mode)
2958 {
2959 int i;
2960
2961 for (i = channel; i < channel + 16; i += 4) {
2962 struct hostapd_channel_data *chan;
2963
2964 chan = hw_get_channel_chan(mode, i, NULL);
2965 if (!chan ||
2966 chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
2967 return false;
2968 }
2969
2970 return true;
2971 }
2972
2973
ibss_find_existing_bss(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid)2974 static struct wpa_bss * ibss_find_existing_bss(struct wpa_supplicant *wpa_s,
2975 const struct wpa_ssid *ssid)
2976 {
2977 unsigned int j;
2978
2979 for (j = 0; j < wpa_s->last_scan_res_used; j++) {
2980 struct wpa_bss *bss = wpa_s->last_scan_res[j];
2981
2982 if (!bss_is_ibss(bss))
2983 continue;
2984
2985 if (ssid->ssid_len == bss->ssid_len &&
2986 os_memcmp(ssid->ssid, bss->ssid, bss->ssid_len) == 0)
2987 return bss;
2988 }
2989 return NULL;
2990 }
2991
2992
ibss_mesh_can_use_ht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode)2993 static bool ibss_mesh_can_use_ht(struct wpa_supplicant *wpa_s,
2994 const struct wpa_ssid *ssid,
2995 struct hostapd_hw_modes *mode)
2996 {
2997 /* For IBSS check HT_IBSS flag */
2998 if (ssid->mode == WPAS_MODE_IBSS &&
2999 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_HT_IBSS))
3000 return false;
3001
3002 if (wpa_s->group_cipher == WPA_CIPHER_WEP40 ||
3003 wpa_s->group_cipher == WPA_CIPHER_WEP104 ||
3004 wpa_s->pairwise_cipher == WPA_CIPHER_TKIP) {
3005 wpa_printf(MSG_DEBUG,
3006 "IBSS: WEP/TKIP detected, do not try to enable HT");
3007 return false;
3008 }
3009
3010 if (!ht_supported(mode))
3011 return false;
3012
3013 #ifdef CONFIG_HT_OVERRIDES
3014 if (ssid->disable_ht)
3015 return false;
3016 #endif /* CONFIG_HT_OVERRIDES */
3017
3018 return true;
3019 }
3020
3021
ibss_mesh_can_use_vht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode)3022 static bool ibss_mesh_can_use_vht(struct wpa_supplicant *wpa_s,
3023 const struct wpa_ssid *ssid,
3024 struct hostapd_hw_modes *mode)
3025 {
3026 if (mode->mode != HOSTAPD_MODE_IEEE80211A)
3027 return false;
3028
3029 if (!drv_supports_vht(wpa_s, ssid))
3030 return false;
3031
3032 /* For IBSS check VHT_IBSS flag */
3033 if (ssid->mode == WPAS_MODE_IBSS &&
3034 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_VHT_IBSS))
3035 return false;
3036
3037 if (!vht_supported(mode))
3038 return false;
3039
3040 #ifdef CONFIG_VHT_OVERRIDES
3041 if (ssid->disable_vht)
3042 return false;
3043 #endif /* CONFIG_VHT_OVERRIDES */
3044
3045 return true;
3046 }
3047
3048
ibss_mesh_can_use_he(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,const struct hostapd_hw_modes * mode,int ieee80211_mode)3049 static bool ibss_mesh_can_use_he(struct wpa_supplicant *wpa_s,
3050 const struct wpa_ssid *ssid,
3051 const struct hostapd_hw_modes *mode,
3052 int ieee80211_mode)
3053 {
3054 #ifdef CONFIG_HE_OVERRIDES
3055 if (ssid->disable_he)
3056 return false;
3057 #endif /* CONFIG_HE_OVERRIDES */
3058
3059 switch (mode->mode) {
3060 case HOSTAPD_MODE_IEEE80211G:
3061 case HOSTAPD_MODE_IEEE80211B:
3062 case HOSTAPD_MODE_IEEE80211A:
3063 return mode->he_capab[ieee80211_mode].he_supported;
3064 default:
3065 return false;
3066 }
3067 }
3068
3069
ibss_mesh_can_use_eht(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,const struct hostapd_hw_modes * mode,int ieee80211_mode)3070 static bool ibss_mesh_can_use_eht(struct wpa_supplicant *wpa_s,
3071 const struct wpa_ssid *ssid,
3072 const struct hostapd_hw_modes *mode,
3073 int ieee80211_mode)
3074 {
3075 if (ssid->disable_eht)
3076 return false;
3077
3078 switch(mode->mode) {
3079 case HOSTAPD_MODE_IEEE80211G:
3080 case HOSTAPD_MODE_IEEE80211B:
3081 case HOSTAPD_MODE_IEEE80211A:
3082 return mode->eht_capab[ieee80211_mode].eht_supported;
3083 default:
3084 return false;
3085 }
3086 }
3087
3088
ibss_mesh_select_40mhz(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode,struct hostapd_freq_params * freq,int obss_scan)3089 static void ibss_mesh_select_40mhz(struct wpa_supplicant *wpa_s,
3090 const struct wpa_ssid *ssid,
3091 struct hostapd_hw_modes *mode,
3092 struct hostapd_freq_params *freq,
3093 int obss_scan) {
3094 int chan_idx;
3095 struct hostapd_channel_data *pri_chan = NULL, *sec_chan = NULL;
3096 int i, res;
3097 unsigned int j;
3098 static const int ht40plus[] = {
3099 36, 44, 52, 60, 100, 108, 116, 124, 132, 140,
3100 149, 157, 165, 173, 184, 192
3101 };
3102 int ht40 = -1;
3103
3104 if (!freq->ht_enabled)
3105 return;
3106
3107 for (chan_idx = 0; chan_idx < mode->num_channels; chan_idx++) {
3108 pri_chan = &mode->channels[chan_idx];
3109 if (pri_chan->chan == freq->channel)
3110 break;
3111 pri_chan = NULL;
3112 }
3113 if (!pri_chan)
3114 return;
3115
3116 /* Check primary channel flags */
3117 if (pri_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
3118 return;
3119
3120 #ifdef CONFIG_HT_OVERRIDES
3121 if (ssid->disable_ht40)
3122 return;
3123 #endif
3124
3125 /* Check/setup HT40+/HT40- */
3126 for (j = 0; j < ARRAY_SIZE(ht40plus); j++) {
3127 if (ht40plus[j] == freq->channel) {
3128 ht40 = 1;
3129 break;
3130 }
3131 }
3132
3133 /* Find secondary channel */
3134 for (i = 0; i < mode->num_channels; i++) {
3135 sec_chan = &mode->channels[i];
3136 if (sec_chan->chan == freq->channel + ht40 * 4)
3137 break;
3138 sec_chan = NULL;
3139 }
3140 if (!sec_chan)
3141 return;
3142
3143 /* Check secondary channel flags */
3144 if (sec_chan->flag & (HOSTAPD_CHAN_DISABLED | HOSTAPD_CHAN_NO_IR))
3145 return;
3146
3147 if (ht40 == -1) {
3148 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40MINUS))
3149 return;
3150 } else {
3151 if (!(pri_chan->flag & HOSTAPD_CHAN_HT40PLUS))
3152 return;
3153 }
3154 freq->sec_channel_offset = ht40;
3155
3156 if (obss_scan) {
3157 struct wpa_scan_results *scan_res;
3158
3159 scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, 0,
3160 NULL);
3161 if (scan_res == NULL) {
3162 /* Back to HT20 */
3163 freq->sec_channel_offset = 0;
3164 return;
3165 }
3166
3167 res = check_40mhz_5g(scan_res, pri_chan, sec_chan);
3168 switch (res) {
3169 case 0:
3170 /* Back to HT20 */
3171 freq->sec_channel_offset = 0;
3172 break;
3173 case 1:
3174 /* Configuration allowed */
3175 break;
3176 case 2:
3177 /* Switch pri/sec channels */
3178 freq->freq = hw_get_freq(mode, sec_chan->chan);
3179 freq->sec_channel_offset = -freq->sec_channel_offset;
3180 freq->channel = sec_chan->chan;
3181 break;
3182 default:
3183 freq->sec_channel_offset = 0;
3184 break;
3185 }
3186
3187 wpa_scan_results_free(scan_res);
3188 }
3189
3190 wpa_printf(MSG_DEBUG,
3191 "IBSS/mesh: setup freq channel %d, sec_channel_offset %d",
3192 freq->channel, freq->sec_channel_offset);
3193 }
3194
3195
ibss_get_center_320mhz(int channel)3196 static int ibss_get_center_320mhz(int channel)
3197 {
3198 int seg0;
3199
3200 if (channel >= 1 && channel <= 45)
3201 seg0 = 31;
3202 else if (channel >= 49 && channel <= 77)
3203 seg0 = 63;
3204 else if (channel >= 81 && channel <= 109)
3205 seg0 = 95;
3206 else if (channel >= 113 && channel <= 141)
3207 seg0 = 127;
3208 else if (channel >= 145 && channel <= 173)
3209 seg0 = 159;
3210 else
3211 seg0 = 191;
3212
3213 return seg0;
3214 }
3215
3216
ibss_mesh_select_80_160mhz(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_hw_modes * mode,struct hostapd_freq_params * freq,int ieee80211_mode,bool is_6ghz)3217 static bool ibss_mesh_select_80_160mhz(struct wpa_supplicant *wpa_s,
3218 const struct wpa_ssid *ssid,
3219 struct hostapd_hw_modes *mode,
3220 struct hostapd_freq_params *freq,
3221 int ieee80211_mode, bool is_6ghz) {
3222 static const int bw80[] = {
3223 5180, 5260, 5500, 5580, 5660, 5745, 5825,
3224 5955, 6035, 6115, 6195, 6275, 6355, 6435,
3225 6515, 6595, 6675, 6755, 6835, 6915, 6995
3226 };
3227 static const int bw160[] = {
3228 5955, 6115, 6275, 6435, 6595, 6755, 6915
3229 };
3230 static const int bw320[]= {
3231 5955, 6255, 6115, 6415, 6275, 6575, 6435,
3232 6735, 6595, 6895, 6755, 7055
3233 };
3234
3235 struct hostapd_freq_params vht_freq;
3236 int i;
3237 unsigned int j, k;
3238 int chwidth, seg0, seg1;
3239 u32 vht_caps = 0;
3240 u8 channel = freq->channel;
3241
3242 if (!freq->vht_enabled && !freq->he_enabled)
3243 return true;
3244
3245 vht_freq = *freq;
3246
3247 chwidth = CONF_OPER_CHWIDTH_USE_HT;
3248 seg0 = freq->channel + 2 * freq->sec_channel_offset;
3249 seg1 = 0;
3250 if (freq->sec_channel_offset == 0) {
3251 seg0 = 0;
3252 /* Don't try 80 MHz if 40 MHz failed, except in 6 GHz */
3253 if (freq->ht_enabled && !is_6ghz)
3254 goto skip_80mhz;
3255 }
3256 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_USE_HT)
3257 goto skip_80mhz;
3258
3259 /* setup center_freq1, bandwidth */
3260 for (j = 0; j < ARRAY_SIZE(bw80); j++) {
3261 if (freq->freq >= bw80[j] &&
3262 freq->freq < bw80[j] + 80)
3263 break;
3264 }
3265
3266 if (j == ARRAY_SIZE(bw80) ||
3267 ieee80211_freq_to_chan(bw80[j], &channel) == NUM_HOSTAPD_MODES)
3268 goto skip_80mhz;
3269
3270 /* Use 40 MHz if channel not usable */
3271 if (!ibss_mesh_is_80mhz_avail(channel, mode))
3272 goto skip_80mhz;
3273
3274 chwidth = CONF_OPER_CHWIDTH_80MHZ;
3275 seg0 = channel + 6;
3276 seg1 = 0;
3277
3278 /* In 160 MHz, the initial four 20 MHz channels were validated
3279 * above. If 160 MHz is supported, check the remaining four 20 MHz
3280 * channels for the total of 160 MHz bandwidth for 6 GHz.
3281 */
3282 if ((mode->he_capab[ieee80211_mode].phy_cap[
3283 HE_PHYCAP_CHANNEL_WIDTH_SET_IDX] &
3284 HE_PHYCAP_CHANNEL_WIDTH_SET_160MHZ_IN_5G) && is_6ghz &&
3285 ibss_mesh_is_80mhz_avail(channel + 16, mode)) {
3286 for (j = 0; j < ARRAY_SIZE(bw160); j++) {
3287 if (freq->freq == bw160[j]) {
3288 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3289 seg0 = channel + 14;
3290 break;
3291 }
3292 }
3293 }
3294
3295 /* In 320 MHz, the initial four 20 MHz channels were validated
3296 * above. If 320 MHz is supported, check the remaining 12 20 MHz
3297 * channels for the total of 320 MHz bandwidth for 6 GHz.
3298 */
3299 if ((mode->eht_capab[ieee80211_mode].phy_cap[
3300 EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_IDX] &
3301 EHT_PHYCAP_320MHZ_IN_6GHZ_SUPPORT_MASK) && is_6ghz &&
3302 ibss_mesh_is_80mhz_avail(channel + 16, mode) &&
3303 ibss_mesh_is_80mhz_avail(channel + 32, mode) &&
3304 ibss_mesh_is_80mhz_avail(channel + 48, mode)) {
3305 for (j = 0; j < ARRAY_SIZE(bw320); j += 2) {
3306 if (freq->freq >= bw320[j] &&
3307 freq->freq <= bw320[j + 1]) {
3308 chwidth = CONF_OPER_CHWIDTH_320MHZ;
3309 seg0 = ibss_get_center_320mhz(freq->channel);
3310 break;
3311 }
3312 }
3313 }
3314
3315 if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_80P80MHZ) {
3316 /* setup center_freq2, bandwidth */
3317 for (k = 0; k < ARRAY_SIZE(bw80); k++) {
3318 /* Only accept 80 MHz segments separated by a gap */
3319 if (j == k || abs(bw80[j] - bw80[k]) == 80)
3320 continue;
3321
3322 if (ieee80211_freq_to_chan(bw80[k], &channel) ==
3323 NUM_HOSTAPD_MODES)
3324 break;
3325
3326 for (i = channel; i < channel + 16; i += 4) {
3327 struct hostapd_channel_data *chan;
3328
3329 chan = hw_get_channel_chan(mode, i, NULL);
3330 if (!chan)
3331 continue;
3332
3333 if (chan->flag & (HOSTAPD_CHAN_DISABLED |
3334 HOSTAPD_CHAN_NO_IR |
3335 HOSTAPD_CHAN_RADAR))
3336 continue;
3337
3338 /* Found a suitable second segment for 80+80 */
3339 chwidth = CONF_OPER_CHWIDTH_80P80MHZ;
3340 if (!is_6ghz)
3341 vht_caps |=
3342 VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ;
3343 seg1 = channel + 6;
3344 }
3345
3346 if (chwidth == CONF_OPER_CHWIDTH_80P80MHZ)
3347 break;
3348 }
3349 } else if (ssid->max_oper_chwidth == CONF_OPER_CHWIDTH_160MHZ) {
3350 if (freq->freq == 5180) {
3351 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3352 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3353 seg0 = 50;
3354 } else if (freq->freq == 5520) {
3355 chwidth = CONF_OPER_CHWIDTH_160MHZ;
3356 vht_caps |= VHT_CAP_SUPP_CHAN_WIDTH_160MHZ;
3357 seg0 = 114;
3358 }
3359 }
3360
3361 skip_80mhz:
3362 if (hostapd_set_freq_params(&vht_freq, mode->mode, freq->freq,
3363 freq->channel, ssid->enable_edmg,
3364 ssid->edmg_channel, freq->ht_enabled,
3365 freq->vht_enabled, freq->he_enabled,
3366 freq->eht_enabled,
3367 freq->sec_channel_offset,
3368 chwidth, seg0, seg1, vht_caps,
3369 &mode->he_capab[ieee80211_mode],
3370 &mode->eht_capab[ieee80211_mode], 0) != 0)
3371 return false;
3372
3373 *freq = vht_freq;
3374
3375 wpa_printf(MSG_DEBUG, "IBSS: VHT setup freq cf1 %d, cf2 %d, bw %d",
3376 freq->center_freq1, freq->center_freq2, freq->bandwidth);
3377 return true;
3378 }
3379
3380
ibss_mesh_setup_freq(struct wpa_supplicant * wpa_s,const struct wpa_ssid * ssid,struct hostapd_freq_params * freq)3381 void ibss_mesh_setup_freq(struct wpa_supplicant *wpa_s,
3382 const struct wpa_ssid *ssid,
3383 struct hostapd_freq_params *freq)
3384 {
3385 int ieee80211_mode = wpas_mode_to_ieee80211_mode(ssid->mode);
3386 enum hostapd_hw_mode hw_mode;
3387 struct hostapd_hw_modes *mode = NULL;
3388 int obss_scan = 1;
3389 u8 channel;
3390 bool is_6ghz, is_24ghz;
3391
3392 freq->freq = ssid->frequency;
3393
3394 if (ssid->mode == WPAS_MODE_IBSS && !ssid->fixed_freq) {
3395 struct wpa_bss *bss = ibss_find_existing_bss(wpa_s, ssid);
3396
3397 if (bss) {
3398 wpa_printf(MSG_DEBUG,
3399 "IBSS already found in scan results, adjust control freq: %d",
3400 bss->freq);
3401 freq->freq = bss->freq;
3402 obss_scan = 0;
3403 }
3404 }
3405
3406 hw_mode = ieee80211_freq_to_chan(freq->freq, &channel);
3407 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes,
3408 hw_mode, is_6ghz_freq(ssid->frequency));
3409
3410 if (!mode)
3411 return;
3412
3413 is_24ghz = hw_mode == HOSTAPD_MODE_IEEE80211G ||
3414 hw_mode == HOSTAPD_MODE_IEEE80211B;
3415
3416 is_6ghz = is_6ghz_freq(freq->freq);
3417
3418 freq->ht_enabled = 0;
3419 freq->vht_enabled = 0;
3420 freq->he_enabled = 0;
3421 freq->eht_enabled = 0;
3422
3423 if (!is_6ghz)
3424 freq->ht_enabled = ibss_mesh_can_use_ht(wpa_s, ssid, mode);
3425 if (freq->ht_enabled)
3426 freq->vht_enabled = ibss_mesh_can_use_vht(wpa_s, ssid, mode);
3427 if (freq->vht_enabled || (freq->ht_enabled && is_24ghz) || is_6ghz)
3428 freq->he_enabled = ibss_mesh_can_use_he(wpa_s, ssid, mode,
3429 ieee80211_mode);
3430 freq->channel = channel;
3431 /* Setup higher BW only for 5 GHz */
3432 if (mode->mode == HOSTAPD_MODE_IEEE80211A) {
3433 ibss_mesh_select_40mhz(wpa_s, ssid, mode, freq, obss_scan);
3434 if (!ibss_mesh_select_80_160mhz(wpa_s, ssid, mode, freq,
3435 ieee80211_mode, is_6ghz))
3436 freq->he_enabled = freq->vht_enabled = false;
3437 }
3438
3439 if (freq->he_enabled)
3440 freq->eht_enabled = ibss_mesh_can_use_eht(wpa_s, ssid, mode,
3441 ieee80211_mode);
3442 }
3443
3444
3445 #ifdef CONFIG_FILS
wpas_add_fils_hlp_req(struct wpa_supplicant * wpa_s,u8 * ie_buf,size_t ie_buf_len)3446 static size_t wpas_add_fils_hlp_req(struct wpa_supplicant *wpa_s, u8 *ie_buf,
3447 size_t ie_buf_len)
3448 {
3449 struct fils_hlp_req *req;
3450 size_t rem_len, hdr_len, hlp_len, len, ie_len = 0;
3451 const u8 *pos;
3452 u8 *buf = ie_buf;
3453
3454 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3455 list) {
3456 rem_len = ie_buf_len - ie_len;
3457 pos = wpabuf_head(req->pkt);
3458 hdr_len = 1 + 2 * ETH_ALEN + 6;
3459 hlp_len = wpabuf_len(req->pkt);
3460
3461 if (rem_len < 2 + hdr_len + hlp_len) {
3462 wpa_printf(MSG_ERROR,
3463 "FILS: Cannot fit HLP - rem_len=%lu to_fill=%lu",
3464 (unsigned long) rem_len,
3465 (unsigned long) (2 + hdr_len + hlp_len));
3466 break;
3467 }
3468
3469 len = (hdr_len + hlp_len) > 255 ? 255 : hdr_len + hlp_len;
3470 /* Element ID */
3471 *buf++ = WLAN_EID_EXTENSION;
3472 /* Length */
3473 *buf++ = len;
3474 /* Element ID Extension */
3475 *buf++ = WLAN_EID_EXT_FILS_HLP_CONTAINER;
3476 /* Destination MAC address */
3477 os_memcpy(buf, req->dst, ETH_ALEN);
3478 buf += ETH_ALEN;
3479 /* Source MAC address */
3480 os_memcpy(buf, wpa_s->own_addr, ETH_ALEN);
3481 buf += ETH_ALEN;
3482 /* LLC/SNAP Header */
3483 os_memcpy(buf, "\xaa\xaa\x03\x00\x00\x00", 6);
3484 buf += 6;
3485 /* HLP Packet */
3486 os_memcpy(buf, pos, len - hdr_len);
3487 buf += len - hdr_len;
3488 pos += len - hdr_len;
3489
3490 hlp_len -= len - hdr_len;
3491 ie_len += 2 + len;
3492 rem_len -= 2 + len;
3493
3494 while (hlp_len) {
3495 len = (hlp_len > 255) ? 255 : hlp_len;
3496 if (rem_len < 2 + len)
3497 break;
3498 *buf++ = WLAN_EID_FRAGMENT;
3499 *buf++ = len;
3500 os_memcpy(buf, pos, len);
3501 buf += len;
3502 pos += len;
3503
3504 hlp_len -= len;
3505 ie_len += 2 + len;
3506 rem_len -= 2 + len;
3507 }
3508 }
3509
3510 return ie_len;
3511 }
3512
3513
wpa_is_fils_supported(struct wpa_supplicant * wpa_s)3514 int wpa_is_fils_supported(struct wpa_supplicant *wpa_s)
3515 {
3516 return (((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3517 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS)) ||
3518 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3519 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD)));
3520 }
3521
3522
wpa_is_fils_sk_pfs_supported(struct wpa_supplicant * wpa_s)3523 int wpa_is_fils_sk_pfs_supported(struct wpa_supplicant *wpa_s)
3524 {
3525 #ifdef CONFIG_FILS_SK_PFS
3526 return (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3527 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SUPPORT_FILS);
3528 #else /* CONFIG_FILS_SK_PFS */
3529 return 0;
3530 #endif /* CONFIG_FILS_SK_PFS */
3531 }
3532
3533 #endif /* CONFIG_FILS */
3534
3535
wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss * bss)3536 bool wpa_is_non_eht_scs_traffic_desc_supported(struct wpa_bss *bss)
3537 {
3538 const u8 *wfa_capa;
3539
3540 if (!bss)
3541 return false;
3542
3543 /* Get WFA capability from Beacon or Probe Response frame elements */
3544 wfa_capa = wpa_bss_get_vendor_ie(bss, WFA_CAPA_IE_VENDOR_TYPE);
3545 if (!wfa_capa)
3546 wfa_capa = wpa_bss_get_vendor_ie_beacon(
3547 bss, WFA_CAPA_IE_VENDOR_TYPE);
3548
3549 if (!wfa_capa || wfa_capa[1] < 6 || wfa_capa[6] < 1 ||
3550 !(wfa_capa[7] & WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC)) {
3551 /* AP does not enable QM non EHT traffic description policy */
3552 return false;
3553 }
3554
3555 return true;
3556 }
3557
3558
wpas_populate_wfa_capa(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,u8 * wpa_ie,size_t wpa_ie_len,size_t max_wpa_ie_len)3559 int wpas_populate_wfa_capa(struct wpa_supplicant *wpa_s, struct wpa_bss *bss,
3560 u8 *wpa_ie, size_t wpa_ie_len, size_t max_wpa_ie_len)
3561 {
3562 struct wpabuf *wfa_ie = NULL, *attr = NULL;
3563 u8 wfa_capa[1];
3564 u8 capab_len = 0;
3565 size_t wfa_ie_len, buf_len;
3566
3567 os_memset(wfa_capa, 0, sizeof(wfa_capa));
3568 #ifndef CONFIG_NO_ROBUST_AV
3569 if (wpa_s->enable_dscp_policy_capa)
3570 wfa_capa[0] |= WFA_CAPA_QM_DSCP_POLICY;
3571 #endif /* CONFIG_NO_ROBUST_AV */
3572
3573 if (wpa_is_non_eht_scs_traffic_desc_supported(bss))
3574 wfa_capa[0] |= WFA_CAPA_QM_NON_EHT_SCS_TRAFFIC_DESC;
3575
3576 if (wfa_capa[0])
3577 capab_len = 1;
3578
3579 if (wpa_s->conf->wfa_gen_capa == WFA_GEN_CAPA_UNPROTECTED)
3580 attr = wpas_wfa_gen_capab_attr(wpa_s);
3581
3582 if (capab_len == 0 && !attr)
3583 return wpa_ie_len;
3584
3585 /* Wi-Fi Alliance element */
3586 buf_len = 1 + /* Element ID */
3587 1 + /* Length */
3588 3 + /* OUI */
3589 1 + /* OUI Type */
3590 1 + /* Capabilities Length */
3591 capab_len + /* Capabilities */
3592 (attr ? wpabuf_len(attr) : 0) /* Attributes */;
3593 wfa_ie = wpabuf_alloc(buf_len);
3594 if (!wfa_ie) {
3595 wpabuf_free(attr);
3596 return wpa_ie_len;
3597 }
3598
3599 wpabuf_put_u8(wfa_ie, WLAN_EID_VENDOR_SPECIFIC);
3600 wpabuf_put_u8(wfa_ie, buf_len - 2);
3601 wpabuf_put_be24(wfa_ie, OUI_WFA);
3602 wpabuf_put_u8(wfa_ie, WFA_CAPA_OUI_TYPE);
3603 wpabuf_put_u8(wfa_ie, capab_len);
3604 wpabuf_put_data(wfa_ie, wfa_capa, capab_len);
3605 if (attr)
3606 wpabuf_put_buf(wfa_ie, attr);
3607 wpabuf_free(attr);
3608
3609 wfa_ie_len = wpabuf_len(wfa_ie);
3610 if (wpa_ie_len + wfa_ie_len <= max_wpa_ie_len) {
3611 wpa_hexdump_buf(MSG_MSGDUMP, "WFA Capabilities element",
3612 wfa_ie);
3613 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(wfa_ie),
3614 wfa_ie_len);
3615 wpa_ie_len += wfa_ie_len;
3616 }
3617
3618 wpabuf_free(wfa_ie);
3619 return wpa_ie_len;
3620 }
3621
3622
wpas_populate_assoc_ies(struct wpa_supplicant * wpa_s,struct wpa_bss * bss,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params,enum wpa_drv_update_connect_params_mask * mask)3623 static u8 * wpas_populate_assoc_ies(
3624 struct wpa_supplicant *wpa_s,
3625 struct wpa_bss *bss, struct wpa_ssid *ssid,
3626 struct wpa_driver_associate_params *params,
3627 enum wpa_drv_update_connect_params_mask *mask)
3628 {
3629 u8 *wpa_ie;
3630 size_t max_wpa_ie_len = 500;
3631 size_t wpa_ie_len;
3632 int algs = WPA_AUTH_ALG_OPEN;
3633 #ifdef CONFIG_MBO
3634 const u8 *mbo_ie;
3635 #endif
3636 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3637 int pmksa_cached = 0;
3638 #endif /* CONFIG_SAE || CONFIG_FILS */
3639 #ifdef CONFIG_FILS
3640 const u8 *realm, *username, *rrk;
3641 size_t realm_len, username_len, rrk_len;
3642 u16 next_seq_num;
3643 struct fils_hlp_req *req;
3644
3645 dl_list_for_each(req, &wpa_s->fils_hlp_req, struct fils_hlp_req,
3646 list) {
3647 max_wpa_ie_len += 3 + 2 * ETH_ALEN + 6 + wpabuf_len(req->pkt) +
3648 2 + 2 * wpabuf_len(req->pkt) / 255;
3649 }
3650 #endif /* CONFIG_FILS */
3651
3652 wpa_ie = os_malloc(max_wpa_ie_len);
3653 if (!wpa_ie) {
3654 wpa_printf(MSG_ERROR,
3655 "Failed to allocate connect IE buffer for %lu bytes",
3656 (unsigned long) max_wpa_ie_len);
3657 return NULL;
3658 }
3659
3660 if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) ||
3661 wpa_bss_get_rsne(wpa_s, bss, ssid, false)) &&
3662 wpa_key_mgmt_wpa(ssid->key_mgmt)) {
3663 int try_opportunistic;
3664 const u8 *cache_id = NULL;
3665 const u8 *addr = bss->bssid;
3666
3667 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3668 (wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_MLO) &&
3669 !is_zero_ether_addr(bss->mld_addr))
3670 addr = bss->mld_addr;
3671
3672 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) &&
3673 wpa_s->valid_links)
3674 addr = wpa_s->ap_mld_addr;
3675
3676 try_opportunistic = (ssid->proactive_key_caching < 0 ?
3677 wpa_s->conf->okc :
3678 ssid->proactive_key_caching) &&
3679 (ssid->proto & WPA_PROTO_RSN);
3680 #ifdef CONFIG_FILS
3681 if (wpa_key_mgmt_fils(ssid->key_mgmt))
3682 cache_id = wpa_bss_get_fils_cache_id(bss);
3683 #endif /* CONFIG_FILS */
3684 if (pmksa_cache_set_current(wpa_s->wpa, NULL, addr,
3685 ssid, try_opportunistic,
3686 cache_id, 0, false) == 0) {
3687 eapol_sm_notify_pmkid_attempt(wpa_s->eapol);
3688 #if defined(CONFIG_SAE) || defined(CONFIG_FILS)
3689 pmksa_cached = 1;
3690 #endif /* CONFIG_SAE || CONFIG_FILS */
3691 }
3692 wpa_ie_len = max_wpa_ie_len;
3693 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
3694 wpa_ie, &wpa_ie_len, false)) {
3695 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3696 "key management and encryption suites");
3697 os_free(wpa_ie);
3698 return NULL;
3699 }
3700 } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss &&
3701 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) {
3702 /*
3703 * Both WPA and non-WPA IEEE 802.1X enabled in configuration -
3704 * use non-WPA since the scan results did not indicate that the
3705 * AP is using WPA or WPA2.
3706 */
3707 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3708 wpa_ie_len = 0;
3709 wpa_s->wpa_proto = 0;
3710 } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) {
3711 wpa_ie_len = max_wpa_ie_len;
3712 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
3713 wpa_ie, &wpa_ie_len, false)) {
3714 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA "
3715 "key management and encryption suites (no "
3716 "scan results)");
3717 os_free(wpa_ie);
3718 return NULL;
3719 }
3720 #ifdef CONFIG_WPS
3721 } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) {
3722 struct wpabuf *wps_ie;
3723 wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid));
3724 if (wps_ie && wpabuf_len(wps_ie) <= max_wpa_ie_len) {
3725 wpa_ie_len = wpabuf_len(wps_ie);
3726 os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len);
3727 } else
3728 wpa_ie_len = 0;
3729 wpabuf_free(wps_ie);
3730 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3731 if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY))
3732 params->wps = WPS_MODE_PRIVACY;
3733 else
3734 params->wps = WPS_MODE_OPEN;
3735 wpa_s->wpa_proto = 0;
3736 #endif /* CONFIG_WPS */
3737 } else {
3738 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
3739 wpa_ie_len = 0;
3740 wpa_s->wpa_proto = 0;
3741 }
3742
3743 #ifdef IEEE8021X_EAPOL
3744 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
3745 if (ssid->leap) {
3746 if (ssid->non_leap == 0)
3747 algs = WPA_AUTH_ALG_LEAP;
3748 else
3749 algs |= WPA_AUTH_ALG_LEAP;
3750 }
3751 }
3752
3753 #ifdef CONFIG_FILS
3754 /* Clear FILS association */
3755 wpa_sm_set_reset_fils_completed(wpa_s->wpa, 0);
3756
3757 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3758 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3759 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap, &username,
3760 &username_len, &realm, &realm_len,
3761 &next_seq_num, &rrk, &rrk_len) == 0 &&
3762 (!wpa_s->last_con_fail_realm ||
3763 wpa_s->last_con_fail_realm_len != realm_len ||
3764 os_memcmp(wpa_s->last_con_fail_realm, realm, realm_len) != 0)) {
3765 algs = WPA_AUTH_ALG_FILS;
3766 params->fils_erp_username = username;
3767 params->fils_erp_username_len = username_len;
3768 params->fils_erp_realm = realm;
3769 params->fils_erp_realm_len = realm_len;
3770 params->fils_erp_next_seq_num = next_seq_num;
3771 params->fils_erp_rrk = rrk;
3772 params->fils_erp_rrk_len = rrk_len;
3773
3774 if (mask)
3775 *mask |= WPA_DRV_UPDATE_FILS_ERP_INFO;
3776 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_FILS_SK_OFFLOAD) &&
3777 ssid->eap.erp && wpa_key_mgmt_fils(wpa_s->key_mgmt) &&
3778 pmksa_cached) {
3779 algs = WPA_AUTH_ALG_FILS;
3780 }
3781 #endif /* CONFIG_FILS */
3782 #endif /* IEEE8021X_EAPOL */
3783 #ifdef CONFIG_SAE
3784 if (wpa_key_mgmt_sae(wpa_s->key_mgmt))
3785 algs = WPA_AUTH_ALG_SAE;
3786 #endif /* CONFIG_SAE */
3787
3788 wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
3789 if (ssid->auth_alg) {
3790 algs = ssid->auth_alg;
3791 wpa_dbg(wpa_s, MSG_DEBUG,
3792 "Overriding auth_alg selection: 0x%x", algs);
3793 }
3794
3795 #ifdef CONFIG_SAE
3796 if (pmksa_cached && algs == WPA_AUTH_ALG_SAE) {
3797 wpa_dbg(wpa_s, MSG_DEBUG,
3798 "SAE: Use WPA_AUTH_ALG_OPEN for PMKSA caching attempt");
3799 algs = WPA_AUTH_ALG_OPEN;
3800 }
3801 #endif /* CONFIG_SAE */
3802
3803 #ifdef CONFIG_P2P
3804 if (wpa_s->global->p2p) {
3805 u8 *pos;
3806 size_t len;
3807 int res;
3808 pos = wpa_ie + wpa_ie_len;
3809 len = max_wpa_ie_len - wpa_ie_len;
3810 res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len,
3811 ssid->p2p_group);
3812 if (res >= 0)
3813 wpa_ie_len += res;
3814 }
3815
3816 wpa_s->cross_connect_disallowed = 0;
3817 if (bss) {
3818 struct wpabuf *p2p;
3819 p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE);
3820 if (p2p) {
3821 wpa_s->cross_connect_disallowed =
3822 p2p_get_cross_connect_disallowed(p2p);
3823 wpabuf_free(p2p);
3824 wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross "
3825 "connection",
3826 wpa_s->cross_connect_disallowed ?
3827 "disallows" : "allows");
3828 }
3829 }
3830
3831 os_memset(wpa_s->p2p_ip_addr_info, 0, sizeof(wpa_s->p2p_ip_addr_info));
3832 #endif /* CONFIG_P2P */
3833
3834 #ifndef CONFIG_NO_RRM
3835 if (bss) {
3836 wpa_ie_len += wpas_supp_op_class_ie(wpa_s, ssid, bss,
3837 wpa_ie + wpa_ie_len,
3838 max_wpa_ie_len -
3839 wpa_ie_len);
3840 }
3841 #endif /* CONFIG_NO_RRM */
3842
3843 /*
3844 * Workaround: Add Extended Capabilities element only if the AP
3845 * included this element in Beacon/Probe Response frames. Some older
3846 * APs seem to have interoperability issues if this element is
3847 * included, so while the standard may require us to include the
3848 * element in all cases, it is justifiable to skip it to avoid
3849 * interoperability issues.
3850 */
3851 if (ssid->p2p_group)
3852 wpa_drv_get_ext_capa(wpa_s, WPA_IF_P2P_CLIENT);
3853 else
3854 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
3855
3856 if (!bss || wpa_bss_get_ie(bss, WLAN_EID_EXT_CAPAB)) {
3857 u8 ext_capab[18];
3858 int ext_capab_len;
3859 ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab,
3860 sizeof(ext_capab), bss);
3861 if (ext_capab_len > 0 &&
3862 wpa_ie_len + ext_capab_len <= max_wpa_ie_len) {
3863 u8 *pos = wpa_ie;
3864 if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN)
3865 pos += 2 + pos[1];
3866 os_memmove(pos + ext_capab_len, pos,
3867 wpa_ie_len - (pos - wpa_ie));
3868 wpa_ie_len += ext_capab_len;
3869 os_memcpy(pos, ext_capab, ext_capab_len);
3870 }
3871 }
3872
3873 if (ssid->max_idle && wpa_ie_len + 5 <= max_wpa_ie_len) {
3874 u8 *pos = wpa_ie;
3875
3876 *pos++ = WLAN_EID_BSS_MAX_IDLE_PERIOD;
3877 *pos++ = 3;
3878 WPA_PUT_LE16(pos, ssid->max_idle);
3879 pos += 2;
3880 *pos = 0; /* Idle Options */
3881 wpa_ie_len += 5;
3882 }
3883
3884 #ifdef CONFIG_HS20
3885 if (is_hs20_network(wpa_s, ssid, bss)) {
3886 struct wpabuf *hs20;
3887
3888 hs20 = wpabuf_alloc(20 + MAX_ROAMING_CONS_OI_LEN);
3889 if (hs20) {
3890 int pps_mo_id = hs20_get_pps_mo_id(wpa_s, ssid);
3891 size_t len;
3892
3893 wpas_hs20_add_indication(hs20, pps_mo_id,
3894 get_hs20_version(bss));
3895 wpas_hs20_add_roam_cons_sel(hs20, ssid);
3896 len = max_wpa_ie_len - wpa_ie_len;
3897 if (wpabuf_len(hs20) <= len) {
3898 os_memcpy(wpa_ie + wpa_ie_len,
3899 wpabuf_head(hs20), wpabuf_len(hs20));
3900 wpa_ie_len += wpabuf_len(hs20);
3901 }
3902 wpabuf_free(hs20);
3903
3904 hs20_configure_frame_filters(wpa_s);
3905 }
3906 }
3907 #endif /* CONFIG_HS20 */
3908
3909 if (wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ]) {
3910 struct wpabuf *buf = wpa_s->vendor_elem[VENDOR_ELEM_ASSOC_REQ];
3911 size_t len;
3912
3913 len = max_wpa_ie_len - wpa_ie_len;
3914 if (wpabuf_len(buf) <= len) {
3915 os_memcpy(wpa_ie + wpa_ie_len,
3916 wpabuf_head(buf), wpabuf_len(buf));
3917 wpa_ie_len += wpabuf_len(buf);
3918 }
3919 }
3920
3921 #ifdef CONFIG_FST
3922 if (wpa_s->fst_ies) {
3923 int fst_ies_len = wpabuf_len(wpa_s->fst_ies);
3924
3925 if (wpa_ie_len + fst_ies_len <= max_wpa_ie_len) {
3926 os_memcpy(wpa_ie + wpa_ie_len,
3927 wpabuf_head(wpa_s->fst_ies), fst_ies_len);
3928 wpa_ie_len += fst_ies_len;
3929 }
3930 }
3931 #endif /* CONFIG_FST */
3932
3933 #ifdef CONFIG_MBO
3934 mbo_ie = bss ? wpa_bss_get_vendor_ie(bss, MBO_IE_VENDOR_TYPE) : NULL;
3935 if (!wpa_s->disable_mbo_oce && mbo_ie) {
3936 int len;
3937
3938 len = wpas_mbo_ie(wpa_s, wpa_ie + wpa_ie_len,
3939 max_wpa_ie_len - wpa_ie_len,
3940 !!mbo_attr_from_mbo_ie(mbo_ie,
3941 OCE_ATTR_ID_CAPA_IND));
3942 if (len >= 0)
3943 wpa_ie_len += len;
3944 }
3945 #endif /* CONFIG_MBO */
3946
3947 #ifdef CONFIG_FILS
3948 if (algs == WPA_AUTH_ALG_FILS) {
3949 size_t len;
3950
3951 len = wpas_add_fils_hlp_req(wpa_s, wpa_ie + wpa_ie_len,
3952 max_wpa_ie_len - wpa_ie_len);
3953 wpa_ie_len += len;
3954 }
3955 #endif /* CONFIG_FILS */
3956
3957 #ifdef CONFIG_OWE
3958 #ifdef CONFIG_TESTING_OPTIONS
3959 if (get_ie_ext(wpa_ie, wpa_ie_len, WLAN_EID_EXT_OWE_DH_PARAM)) {
3960 wpa_printf(MSG_INFO, "TESTING: Override OWE DH element");
3961 } else
3962 #endif /* CONFIG_TESTING_OPTIONS */
3963 if (algs == WPA_AUTH_ALG_OPEN &&
3964 ssid->key_mgmt == WPA_KEY_MGMT_OWE &&
3965 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA)) {
3966 struct wpabuf *owe_ie;
3967 u16 group;
3968
3969 if (ssid->owe_group) {
3970 group = ssid->owe_group;
3971 } else if (wpa_s->assoc_status_code ==
3972 WLAN_STATUS_FINITE_CYCLIC_GROUP_NOT_SUPPORTED) {
3973 if (wpa_s->last_owe_group == 19)
3974 group = 20;
3975 else if (wpa_s->last_owe_group == 20)
3976 group = 21;
3977 else
3978 group = OWE_DH_GROUP;
3979 } else {
3980 group = OWE_DH_GROUP;
3981 }
3982
3983 wpa_s->last_owe_group = group;
3984 wpa_printf(MSG_DEBUG, "OWE: Try to use group %u", group);
3985 owe_ie = owe_build_assoc_req(wpa_s->wpa, group);
3986 if (owe_ie &&
3987 wpabuf_len(owe_ie) <= max_wpa_ie_len - wpa_ie_len) {
3988 os_memcpy(wpa_ie + wpa_ie_len,
3989 wpabuf_head(owe_ie), wpabuf_len(owe_ie));
3990 wpa_ie_len += wpabuf_len(owe_ie);
3991 }
3992 wpabuf_free(owe_ie);
3993 }
3994 #endif /* CONFIG_OWE */
3995
3996 #ifdef CONFIG_DPP2
3997 if (DPP_VERSION > 1 &&
3998 wpa_sm_get_key_mgmt(wpa_s->wpa) == WPA_KEY_MGMT_DPP &&
3999 ssid->dpp_netaccesskey &&
4000 ssid->dpp_pfs != 2 && !ssid->dpp_pfs_fallback) {
4001 struct rsn_pmksa_cache_entry *pmksa;
4002
4003 pmksa = pmksa_cache_get_current(wpa_s->wpa);
4004 if (!pmksa || !pmksa->dpp_pfs)
4005 goto pfs_fail;
4006
4007 dpp_pfs_free(wpa_s->dpp_pfs);
4008 wpa_s->dpp_pfs = dpp_pfs_init(ssid->dpp_netaccesskey,
4009 ssid->dpp_netaccesskey_len);
4010 if (!wpa_s->dpp_pfs) {
4011 wpa_printf(MSG_DEBUG, "DPP: Could not initialize PFS");
4012 /* Try to continue without PFS */
4013 goto pfs_fail;
4014 }
4015 if (wpabuf_len(wpa_s->dpp_pfs->ie) <=
4016 max_wpa_ie_len - wpa_ie_len) {
4017 os_memcpy(wpa_ie + wpa_ie_len,
4018 wpabuf_head(wpa_s->dpp_pfs->ie),
4019 wpabuf_len(wpa_s->dpp_pfs->ie));
4020 wpa_ie_len += wpabuf_len(wpa_s->dpp_pfs->ie);
4021 }
4022 }
4023 pfs_fail:
4024 #endif /* CONFIG_DPP2 */
4025
4026 #ifdef CONFIG_IEEE80211R
4027 /*
4028 * Add MDIE under these conditions: the network profile allows FT,
4029 * the AP supports FT, and the mobility domain ID matches.
4030 */
4031 if (bss && wpa_key_mgmt_ft(wpa_sm_get_key_mgmt(wpa_s->wpa))) {
4032 const u8 *mdie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
4033
4034 if (mdie && mdie[1] >= MOBILITY_DOMAIN_ID_LEN) {
4035 size_t len = 0;
4036 const u8 *md = mdie + 2;
4037 const u8 *wpa_md = wpa_sm_get_ft_md(wpa_s->wpa);
4038
4039 if (os_memcmp(md, wpa_md,
4040 MOBILITY_DOMAIN_ID_LEN) == 0) {
4041 /* Add mobility domain IE */
4042 len = wpa_ft_add_mdie(
4043 wpa_s->wpa, wpa_ie + wpa_ie_len,
4044 max_wpa_ie_len - wpa_ie_len, mdie);
4045 wpa_ie_len += len;
4046 }
4047 #ifdef CONFIG_SME
4048 if (len > 0 && wpa_s->sme.ft_used &&
4049 wpa_sm_has_ft_keys(wpa_s->wpa, md)) {
4050 wpa_dbg(wpa_s, MSG_DEBUG,
4051 "SME: Trying to use FT over-the-air");
4052 algs |= WPA_AUTH_ALG_FT;
4053 }
4054 #endif /* CONFIG_SME */
4055 }
4056 }
4057 #endif /* CONFIG_IEEE80211R */
4058
4059 #ifdef CONFIG_TESTING_OPTIONS
4060 if (wpa_s->rsnxe_override_assoc &&
4061 wpabuf_len(wpa_s->rsnxe_override_assoc) <=
4062 max_wpa_ie_len - wpa_ie_len) {
4063 wpa_printf(MSG_DEBUG, "TESTING: RSNXE AssocReq override");
4064 os_memcpy(wpa_ie + wpa_ie_len,
4065 wpabuf_head(wpa_s->rsnxe_override_assoc),
4066 wpabuf_len(wpa_s->rsnxe_override_assoc));
4067 wpa_ie_len += wpabuf_len(wpa_s->rsnxe_override_assoc);
4068 } else
4069 #endif /* CONFIG_TESTING_OPTIONS */
4070 if (wpa_s->rsnxe_len > 0 &&
4071 wpa_s->rsnxe_len <= max_wpa_ie_len - wpa_ie_len) {
4072 os_memcpy(wpa_ie + wpa_ie_len, wpa_s->rsnxe, wpa_s->rsnxe_len);
4073 wpa_ie_len += wpa_s->rsnxe_len;
4074 }
4075
4076 #ifndef CONFIG_NO_ROBUST_AV
4077 #ifdef CONFIG_TESTING_OPTIONS
4078 if (wpa_s->disable_mscs_support)
4079 goto mscs_end;
4080 #endif /* CONFIG_TESTING_OPTIONS */
4081 if (wpa_bss_ext_capab(bss, WLAN_EXT_CAPAB_MSCS) &&
4082 wpa_s->robust_av.valid_config) {
4083 struct wpabuf *mscs_ie;
4084 size_t mscs_ie_len, buf_len;
4085
4086 buf_len = 3 + /* MSCS descriptor IE header */
4087 1 + /* Request type */
4088 2 + /* User priority control */
4089 4 + /* Stream timeout */
4090 3 + /* TCLAS Mask IE header */
4091 wpa_s->robust_av.frame_classifier_len;
4092 mscs_ie = wpabuf_alloc(buf_len);
4093 if (!mscs_ie) {
4094 wpa_printf(MSG_INFO,
4095 "MSCS: Failed to allocate MSCS IE");
4096 goto mscs_end;
4097 }
4098
4099 wpas_populate_mscs_descriptor_ie(&wpa_s->robust_av, mscs_ie);
4100 if ((wpa_ie_len + wpabuf_len(mscs_ie)) <= max_wpa_ie_len) {
4101 wpa_hexdump_buf(MSG_MSGDUMP, "MSCS IE", mscs_ie);
4102 mscs_ie_len = wpabuf_len(mscs_ie);
4103 os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(mscs_ie),
4104 mscs_ie_len);
4105 wpa_ie_len += mscs_ie_len;
4106 }
4107
4108 wpabuf_free(mscs_ie);
4109 }
4110 mscs_end:
4111 #endif /* CONFIG_NO_ROBUST_AV */
4112
4113 wpa_ie_len = wpas_populate_wfa_capa(wpa_s, bss, wpa_ie, wpa_ie_len,
4114 max_wpa_ie_len);
4115
4116 if (ssid->multi_ap_backhaul_sta) {
4117 size_t multi_ap_ie_len;
4118 struct multi_ap_params multi_ap = { 0 };
4119
4120 multi_ap.capability = MULTI_AP_BACKHAUL_STA;
4121 multi_ap.profile = ssid->multi_ap_profile;
4122
4123 multi_ap_ie_len = add_multi_ap_ie(wpa_ie + wpa_ie_len,
4124 max_wpa_ie_len - wpa_ie_len,
4125 &multi_ap);
4126 if (multi_ap_ie_len == 0) {
4127 wpa_printf(MSG_ERROR,
4128 "Multi-AP: Failed to build Multi-AP IE");
4129 os_free(wpa_ie);
4130 return NULL;
4131 }
4132 wpa_ie_len += multi_ap_ie_len;
4133 }
4134
4135 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE_SUPPORT,
4136 wpas_rsn_overriding(wpa_s, ssid));
4137 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
4138 RSN_OVERRIDE_NOT_USED);
4139 if (wpas_rsn_overriding(wpa_s, ssid) &&
4140 wpas_ap_supports_rsn_overriding(wpa_s, bss) &&
4141 wpa_ie_len + 2 + 4 + 1 <= max_wpa_ie_len) {
4142 u8 *pos = wpa_ie + wpa_ie_len, *start = pos;
4143 const u8 *ie;
4144 enum rsn_selection_variant variant = RSN_SELECTION_RSNE;
4145
4146 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_OVERRIDE,
4147 RSN_OVERRIDE_RSNE);
4148 ie = wpa_bss_get_rsne(wpa_s, bss, ssid, wpa_s->valid_links);
4149 if (ie && ie[0] == WLAN_EID_VENDOR_SPECIFIC && ie[1] >= 4) {
4150 u32 type;
4151
4152 type = WPA_GET_BE32(&ie[2]);
4153 if (type == RSNE_OVERRIDE_IE_VENDOR_TYPE) {
4154 variant = RSN_SELECTION_RSNE_OVERRIDE;
4155 wpa_sm_set_param(wpa_s->wpa,
4156 WPA_PARAM_RSN_OVERRIDE,
4157 RSN_OVERRIDE_RSNE_OVERRIDE);
4158 } else if (type == RSNE_OVERRIDE_2_IE_VENDOR_TYPE) {
4159 variant = RSN_SELECTION_RSNE_OVERRIDE_2;
4160 wpa_sm_set_param(wpa_s->wpa,
4161 WPA_PARAM_RSN_OVERRIDE,
4162 RSN_OVERRIDE_RSNE_OVERRIDE_2);
4163 }
4164 }
4165
4166 /* Indicate which RSNE variant was used */
4167 *pos++ = WLAN_EID_VENDOR_SPECIFIC;
4168 *pos++ = 4 + 1;
4169 WPA_PUT_BE32(pos, RSN_SELECTION_IE_VENDOR_TYPE);
4170 pos += 4;
4171 *pos++ = variant;
4172 wpa_hexdump(MSG_MSGDUMP, "RSN Selection", start, pos - start);
4173 wpa_ie_len += pos - start;
4174 }
4175
4176 params->rsn_overriding = wpas_rsn_overriding(wpa_s, ssid);
4177 params->wpa_ie = wpa_ie;
4178 params->wpa_ie_len = wpa_ie_len;
4179 params->auth_alg = algs;
4180 if (mask)
4181 *mask |= WPA_DRV_UPDATE_ASSOC_IES | WPA_DRV_UPDATE_AUTH_TYPE;
4182
4183 return wpa_ie;
4184 }
4185
4186
4187 #ifdef CONFIG_OWE
wpas_update_owe_connect_params(struct wpa_supplicant * wpa_s)4188 static void wpas_update_owe_connect_params(struct wpa_supplicant *wpa_s)
4189 {
4190 struct wpa_driver_associate_params params;
4191 u8 *wpa_ie;
4192
4193 os_memset(¶ms, 0, sizeof(params));
4194 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4195 wpa_s->current_ssid, ¶ms, NULL);
4196 if (!wpa_ie)
4197 return;
4198
4199 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
4200 os_free(wpa_ie);
4201 }
4202 #endif /* CONFIG_OWE */
4203
4204
4205 #if defined(CONFIG_FILS) && defined(IEEE8021X_EAPOL)
wpas_update_fils_connect_params(struct wpa_supplicant * wpa_s)4206 static void wpas_update_fils_connect_params(struct wpa_supplicant *wpa_s)
4207 {
4208 struct wpa_driver_associate_params params;
4209 enum wpa_drv_update_connect_params_mask mask = 0;
4210 u8 *wpa_ie;
4211
4212 if (wpa_s->auth_alg != WPA_AUTH_ALG_OPEN)
4213 return; /* nothing to do */
4214
4215 os_memset(¶ms, 0, sizeof(params));
4216 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4217 wpa_s->current_ssid, ¶ms, &mask);
4218 if (!wpa_ie)
4219 return;
4220
4221 if (params.auth_alg == WPA_AUTH_ALG_FILS) {
4222 wpa_s->auth_alg = params.auth_alg;
4223 wpa_drv_update_connect_params(wpa_s, ¶ms, mask);
4224 }
4225
4226 os_free(wpa_ie);
4227 }
4228 #endif /* CONFIG_FILS && IEEE8021X_EAPOL */
4229
4230
wpa_ie_get_edmg_oper_chans(const u8 * edmg_ie)4231 static u8 wpa_ie_get_edmg_oper_chans(const u8 *edmg_ie)
4232 {
4233 if (!edmg_ie || edmg_ie[1] < 6)
4234 return 0;
4235 return edmg_ie[EDMG_BSS_OPERATING_CHANNELS_OFFSET];
4236 }
4237
4238
wpa_ie_get_edmg_oper_chan_width(const u8 * edmg_ie)4239 static u8 wpa_ie_get_edmg_oper_chan_width(const u8 *edmg_ie)
4240 {
4241 if (!edmg_ie || edmg_ie[1] < 6)
4242 return 0;
4243 return edmg_ie[EDMG_OPERATING_CHANNEL_WIDTH_OFFSET];
4244 }
4245
4246
4247 /* Returns the intersection of two EDMG configurations.
4248 * Note: The current implementation is limited to CB2 only (CB1 included),
4249 * i.e., the implementation supports up to 2 contiguous channels.
4250 * For supporting non-contiguous (aggregated) channels and for supporting
4251 * CB3 and above, this function will need to be extended.
4252 */
4253 static struct ieee80211_edmg_config
get_edmg_intersection(struct ieee80211_edmg_config a,struct ieee80211_edmg_config b,u8 primary_channel)4254 get_edmg_intersection(struct ieee80211_edmg_config a,
4255 struct ieee80211_edmg_config b,
4256 u8 primary_channel)
4257 {
4258 struct ieee80211_edmg_config result;
4259 int i, contiguous = 0;
4260 int max_contiguous = 0;
4261
4262 result.channels = b.channels & a.channels;
4263 if (!result.channels) {
4264 wpa_printf(MSG_DEBUG,
4265 "EDMG not possible: cannot intersect channels 0x%x and 0x%x",
4266 a.channels, b.channels);
4267 goto fail;
4268 }
4269
4270 if (!(result.channels & BIT(primary_channel - 1))) {
4271 wpa_printf(MSG_DEBUG,
4272 "EDMG not possible: the primary channel %d is not one of the intersected channels 0x%x",
4273 primary_channel, result.channels);
4274 goto fail;
4275 }
4276
4277 /* Find max contiguous channels */
4278 for (i = 0; i < 6; i++) {
4279 if (result.channels & BIT(i))
4280 contiguous++;
4281 else
4282 contiguous = 0;
4283
4284 if (contiguous > max_contiguous)
4285 max_contiguous = contiguous;
4286 }
4287
4288 /* Assuming AP and STA supports ONLY contiguous channels,
4289 * bw configuration can have value between 4-7.
4290 */
4291 if ((b.bw_config < a.bw_config))
4292 result.bw_config = b.bw_config;
4293 else
4294 result.bw_config = a.bw_config;
4295
4296 if ((max_contiguous >= 2 && result.bw_config < EDMG_BW_CONFIG_5) ||
4297 (max_contiguous >= 1 && result.bw_config < EDMG_BW_CONFIG_4)) {
4298 wpa_printf(MSG_DEBUG,
4299 "EDMG not possible: not enough contiguous channels %d for supporting CB1 or CB2",
4300 max_contiguous);
4301 goto fail;
4302 }
4303
4304 return result;
4305
4306 fail:
4307 result.channels = 0;
4308 result.bw_config = 0;
4309 return result;
4310 }
4311
4312
4313 static struct ieee80211_edmg_config
get_supported_edmg(struct wpa_supplicant * wpa_s,struct hostapd_freq_params * freq,struct ieee80211_edmg_config request_edmg)4314 get_supported_edmg(struct wpa_supplicant *wpa_s,
4315 struct hostapd_freq_params *freq,
4316 struct ieee80211_edmg_config request_edmg)
4317 {
4318 enum hostapd_hw_mode hw_mode;
4319 struct hostapd_hw_modes *mode = NULL;
4320 u8 primary_channel;
4321
4322 if (!wpa_s->hw.modes)
4323 goto fail;
4324
4325 hw_mode = ieee80211_freq_to_chan(freq->freq, &primary_channel);
4326 if (hw_mode == NUM_HOSTAPD_MODES)
4327 goto fail;
4328
4329 mode = get_mode(wpa_s->hw.modes, wpa_s->hw.num_modes, hw_mode, false);
4330 if (!mode)
4331 goto fail;
4332
4333 return get_edmg_intersection(mode->edmg, request_edmg, primary_channel);
4334
4335 fail:
4336 request_edmg.channels = 0;
4337 request_edmg.bw_config = 0;
4338 return request_edmg;
4339 }
4340
4341
4342 #ifdef CONFIG_MBO
wpas_update_mbo_connect_params(struct wpa_supplicant * wpa_s)4343 void wpas_update_mbo_connect_params(struct wpa_supplicant *wpa_s)
4344 {
4345 struct wpa_driver_associate_params params;
4346 u8 *wpa_ie;
4347
4348 /*
4349 * Update MBO connect params only in case of change of MBO attributes
4350 * when connected, if the AP support MBO.
4351 */
4352
4353 if (wpa_s->wpa_state != WPA_COMPLETED || !wpa_s->current_ssid ||
4354 !wpa_s->current_bss ||
4355 !wpa_bss_get_vendor_ie(wpa_s->current_bss, MBO_IE_VENDOR_TYPE))
4356 return;
4357
4358 os_memset(¶ms, 0, sizeof(params));
4359 wpa_ie = wpas_populate_assoc_ies(wpa_s, wpa_s->current_bss,
4360 wpa_s->current_ssid, ¶ms, NULL);
4361 if (!wpa_ie)
4362 return;
4363
4364 wpa_drv_update_connect_params(wpa_s, ¶ms, WPA_DRV_UPDATE_ASSOC_IES);
4365 os_free(wpa_ie);
4366 }
4367 #endif /* CONFIG_MBO */
4368
4369
wpas_start_assoc_cb(struct wpa_radio_work * work,int deinit)4370 static void wpas_start_assoc_cb(struct wpa_radio_work *work, int deinit)
4371 {
4372 struct wpa_connect_work *cwork = work->ctx;
4373 struct wpa_bss *bss = cwork->bss;
4374 struct wpa_ssid *ssid = cwork->ssid;
4375 struct wpa_supplicant *wpa_s = work->wpa_s;
4376 u8 *wpa_ie;
4377 const u8 *edmg_ie_oper;
4378 int use_crypt, ret, bssid_changed;
4379 unsigned int cipher_pairwise, cipher_group, cipher_group_mgmt;
4380 struct wpa_driver_associate_params params;
4381 u8 psk[PMK_LEN];
4382 #if defined(CONFIG_WEP) || defined(IEEE8021X_EAPOL)
4383 int wep_keys_set = 0;
4384 #endif /* CONFIG_WEP || IEEE8021X_EAPOL */
4385 int assoc_failed = 0;
4386 struct wpa_ssid *old_ssid;
4387 u8 prev_bssid[ETH_ALEN];
4388 #ifdef CONFIG_HT_OVERRIDES
4389 struct ieee80211_ht_capabilities htcaps;
4390 struct ieee80211_ht_capabilities htcaps_mask;
4391 #endif /* CONFIG_HT_OVERRIDES */
4392 #ifdef CONFIG_VHT_OVERRIDES
4393 struct ieee80211_vht_capabilities vhtcaps;
4394 struct ieee80211_vht_capabilities vhtcaps_mask;
4395 #endif /* CONFIG_VHT_OVERRIDES */
4396
4397 wpa_s->roam_in_progress = false;
4398 #ifdef CONFIG_WNM
4399 wpa_s->bss_trans_mgmt_in_progress = false;
4400 #endif /* CONFIG_WNM */
4401 wpa_s->no_suitable_network = 0;
4402
4403 if (deinit) {
4404 if (work->started) {
4405 wpa_s->connect_work = NULL;
4406
4407 /* cancel possible auth. timeout */
4408 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s,
4409 NULL);
4410 }
4411 wpas_connect_work_free(cwork);
4412 return;
4413 }
4414
4415 wpa_s->connect_work = work;
4416
4417 if (cwork->bss_removed || !wpas_valid_bss_ssid(wpa_s, bss, ssid) ||
4418 wpas_network_disabled(wpa_s, ssid)) {
4419 wpa_dbg(wpa_s, MSG_DEBUG, "BSS/SSID entry for association not valid anymore - drop connection attempt");
4420 wpas_connect_work_done(wpa_s);
4421 return;
4422 }
4423
4424 /*
4425 * Set the current AP's BSSID (for non-MLO connection) or MLD address
4426 * (for MLO connection) as the previous BSSID for reassociation requests
4427 * handled by SME-in-driver. If wpa_supplicant is in disconnected state,
4428 * prev_bssid will be zero as both wpa_s->valid_links and wpa_s->bssid
4429 * will be zero.
4430 */
4431 os_memcpy(prev_bssid,
4432 wpa_s->valid_links ? wpa_s->ap_mld_addr : wpa_s->bssid,
4433 ETH_ALEN);
4434 os_memset(¶ms, 0, sizeof(params));
4435 wpa_s->reassociate = 0;
4436 wpa_s->eap_expected_failure = 0;
4437
4438 /* Starting new association, so clear the possibly used WPA IE from the
4439 * previous association. */
4440 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
4441 #ifndef CONFIG_NO_WPA
4442 wpa_sm_set_assoc_rsnxe(wpa_s->wpa, NULL, 0);
4443 #endif /* CONFIG_NO_WPA */
4444 wpa_s->rsnxe_len = 0;
4445 #ifndef CONFIG_NO_ROBUST_AV
4446 wpa_s->mscs_setup_done = false;
4447 #endif /* CONFIG_NO_ROBUST_AV */
4448
4449 wpa_ie = wpas_populate_assoc_ies(wpa_s, bss, ssid, ¶ms, NULL);
4450 if (!wpa_ie) {
4451 wpas_connect_work_done(wpa_s);
4452 return;
4453 }
4454
4455 if (bss &&
4456 (!wpas_driver_bss_selection(wpa_s) || wpas_wps_searching(wpa_s))) {
4457 #ifdef CONFIG_IEEE80211R
4458 const u8 *ie, *md = NULL;
4459 #endif /* CONFIG_IEEE80211R */
4460 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
4461 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
4462 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
4463 bssid_changed = !is_zero_ether_addr(wpa_s->bssid);
4464 os_memset(wpa_s->bssid, 0, ETH_ALEN);
4465 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4466 if (bssid_changed)
4467 wpas_notify_bssid_changed(wpa_s);
4468 #ifdef CONFIG_IEEE80211R
4469 ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN);
4470 if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN)
4471 md = ie + 2;
4472 wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0);
4473 if (md) {
4474 /* Prepare for the next transition */
4475 wpa_ft_prepare_auth_request(wpa_s->wpa, ie);
4476 }
4477 #endif /* CONFIG_IEEE80211R */
4478 #ifdef CONFIG_WPS
4479 } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) &&
4480 wpa_s->conf->ap_scan == 2 &&
4481 (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) {
4482 /* Use ap_scan==1 style network selection to find the network
4483 */
4484 wpas_connect_work_done(wpa_s);
4485 wpa_s->scan_req = MANUAL_SCAN_REQ;
4486 wpa_s->reassociate = 1;
4487 wpa_supplicant_req_scan(wpa_s, 0, 0);
4488 os_free(wpa_ie);
4489 return;
4490 #endif /* CONFIG_WPS */
4491 } else {
4492 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
4493 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
4494 if (bss)
4495 os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN);
4496 else
4497 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4498 }
4499 if (!wpa_s->pno)
4500 wpa_supplicant_cancel_sched_scan(wpa_s);
4501
4502 wpa_supplicant_cancel_scan(wpa_s);
4503
4504 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
4505 use_crypt = 1;
4506 cipher_pairwise = wpa_s->pairwise_cipher;
4507 cipher_group = wpa_s->group_cipher;
4508 cipher_group_mgmt = wpa_s->mgmt_group_cipher;
4509 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
4510 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4511 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
4512 use_crypt = 0;
4513 #ifdef CONFIG_WEP
4514 if (wpa_set_wep_keys(wpa_s, ssid)) {
4515 use_crypt = 1;
4516 wep_keys_set = 1;
4517 }
4518 #endif /* CONFIG_WEP */
4519 }
4520 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS)
4521 use_crypt = 0;
4522
4523 #ifdef IEEE8021X_EAPOL
4524 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
4525 if ((ssid->eapol_flags &
4526 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
4527 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
4528 !wep_keys_set) {
4529 use_crypt = 0;
4530 } else {
4531 /* Assume that dynamic WEP-104 keys will be used and
4532 * set cipher suites in order for drivers to expect
4533 * encryption. */
4534 cipher_pairwise = cipher_group = WPA_CIPHER_WEP104;
4535 }
4536 }
4537 #endif /* IEEE8021X_EAPOL */
4538
4539 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4540 /* Set the key before (and later after) association */
4541 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4542 }
4543
4544 /* Set current_ssid before changing state to ASSOCIATING, so that the
4545 * selected SSID is available to wpas_notify_state_changed(). */
4546 old_ssid = wpa_s->current_ssid;
4547 wpa_s->current_ssid = ssid;
4548
4549 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
4550 if (bss) {
4551 params.ssid = bss->ssid;
4552 params.ssid_len = bss->ssid_len;
4553 if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set ||
4554 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
4555 wpa_printf(MSG_DEBUG, "Limit connection to BSSID "
4556 MACSTR " freq=%u MHz based on scan results "
4557 "(bssid_set=%d wps=%d)",
4558 MAC2STR(bss->bssid), bss->freq,
4559 ssid->bssid_set,
4560 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS);
4561 params.bssid = bss->bssid;
4562 params.freq.freq = bss->freq;
4563 }
4564 params.bssid_hint = bss->bssid;
4565 params.freq_hint = bss->freq;
4566 params.pbss = bss_is_pbss(bss);
4567 } else {
4568 if (ssid->bssid_hint_set)
4569 params.bssid_hint = ssid->bssid_hint;
4570
4571 params.ssid = ssid->ssid;
4572 params.ssid_len = ssid->ssid_len;
4573 params.pbss = (ssid->pbss != 2) ? ssid->pbss : 0;
4574 }
4575
4576 if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set &&
4577 wpa_s->conf->ap_scan == 2) {
4578 params.bssid = ssid->bssid;
4579 params.fixed_bssid = 1;
4580 }
4581
4582 /* Initial frequency for IBSS/mesh */
4583 if ((ssid->mode == WPAS_MODE_IBSS || ssid->mode == WPAS_MODE_MESH) &&
4584 ssid->frequency > 0 && params.freq.freq == 0)
4585 ibss_mesh_setup_freq(wpa_s, ssid, ¶ms.freq);
4586
4587 if (ssid->mode == WPAS_MODE_IBSS) {
4588 params.fixed_freq = ssid->fixed_freq;
4589 if (ssid->beacon_int)
4590 params.beacon_int = ssid->beacon_int;
4591 else
4592 params.beacon_int = wpa_s->conf->beacon_int;
4593 }
4594
4595 if (bss && ssid->enable_edmg)
4596 edmg_ie_oper = wpa_bss_get_ie_ext(bss,
4597 WLAN_EID_EXT_EDMG_OPERATION);
4598 else
4599 edmg_ie_oper = NULL;
4600
4601 if (edmg_ie_oper) {
4602 params.freq.edmg.channels =
4603 wpa_ie_get_edmg_oper_chans(edmg_ie_oper);
4604 params.freq.edmg.bw_config =
4605 wpa_ie_get_edmg_oper_chan_width(edmg_ie_oper);
4606 wpa_printf(MSG_DEBUG,
4607 "AP supports EDMG channels 0x%x, bw_config %d",
4608 params.freq.edmg.channels,
4609 params.freq.edmg.bw_config);
4610
4611 /* User may ask for specific EDMG channel for EDMG connection
4612 * (must be supported by AP)
4613 */
4614 if (ssid->edmg_channel) {
4615 struct ieee80211_edmg_config configured_edmg;
4616 enum hostapd_hw_mode hw_mode;
4617 u8 primary_channel;
4618
4619 hw_mode = ieee80211_freq_to_chan(bss->freq,
4620 &primary_channel);
4621 if (hw_mode == NUM_HOSTAPD_MODES)
4622 goto edmg_fail;
4623
4624 hostapd_encode_edmg_chan(ssid->enable_edmg,
4625 ssid->edmg_channel,
4626 primary_channel,
4627 &configured_edmg);
4628
4629 if (ieee802_edmg_is_allowed(params.freq.edmg,
4630 configured_edmg)) {
4631 params.freq.edmg = configured_edmg;
4632 wpa_printf(MSG_DEBUG,
4633 "Use EDMG channel %d for connection",
4634 ssid->edmg_channel);
4635 } else {
4636 edmg_fail:
4637 params.freq.edmg.channels = 0;
4638 params.freq.edmg.bw_config = 0;
4639 wpa_printf(MSG_WARNING,
4640 "EDMG channel %d not supported by AP, fallback to DMG",
4641 ssid->edmg_channel);
4642 }
4643 }
4644
4645 if (params.freq.edmg.channels) {
4646 wpa_printf(MSG_DEBUG,
4647 "EDMG before: channels 0x%x, bw_config %d",
4648 params.freq.edmg.channels,
4649 params.freq.edmg.bw_config);
4650 params.freq.edmg = get_supported_edmg(wpa_s,
4651 ¶ms.freq,
4652 params.freq.edmg);
4653 wpa_printf(MSG_DEBUG,
4654 "EDMG after: channels 0x%x, bw_config %d",
4655 params.freq.edmg.channels,
4656 params.freq.edmg.bw_config);
4657 }
4658 }
4659
4660 params.pairwise_suite = cipher_pairwise;
4661 params.group_suite = cipher_group;
4662 params.mgmt_group_suite = cipher_group_mgmt;
4663 params.key_mgmt_suite = wpa_s->key_mgmt;
4664 params.allowed_key_mgmts = wpa_s->allowed_key_mgmts;
4665 params.wpa_proto = wpa_s->wpa_proto;
4666 wpa_s->auth_alg = params.auth_alg;
4667 params.mode = ssid->mode;
4668 params.bg_scan_period = ssid->bg_scan_period;
4669 #ifdef CONFIG_WEP
4670 {
4671 int i;
4672
4673 for (i = 0; i < NUM_WEP_KEYS; i++) {
4674 if (ssid->wep_key_len[i])
4675 params.wep_key[i] = ssid->wep_key[i];
4676 params.wep_key_len[i] = ssid->wep_key_len[i];
4677 }
4678 params.wep_tx_keyidx = ssid->wep_tx_keyidx;
4679 }
4680 #endif /* CONFIG_WEP */
4681
4682 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) &&
4683 (params.key_mgmt_suite == WPA_KEY_MGMT_PSK ||
4684 params.key_mgmt_suite == WPA_KEY_MGMT_FT_PSK ||
4685 (params.allowed_key_mgmts &
4686 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_FT_PSK)))) {
4687 params.passphrase = ssid->passphrase;
4688 if (wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0)
4689 params.psk = psk;
4690 }
4691
4692 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_8021X) &&
4693 (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4694 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4695 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4696 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
4697 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384))
4698 params.req_handshake_offload = 1;
4699
4700 if (wpa_s->conf->key_mgmt_offload) {
4701 if (params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X ||
4702 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA256 ||
4703 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SUITE_B ||
4704 params.key_mgmt_suite ==
4705 WPA_KEY_MGMT_IEEE8021X_SUITE_B_192 ||
4706 params.key_mgmt_suite == WPA_KEY_MGMT_IEEE8021X_SHA384)
4707 params.req_key_mgmt_offload =
4708 ssid->proactive_key_caching < 0 ?
4709 wpa_s->conf->okc : ssid->proactive_key_caching;
4710 else
4711 params.req_key_mgmt_offload = 1;
4712
4713 if ((wpa_key_mgmt_wpa_psk_no_sae(params.key_mgmt_suite) ||
4714 wpa_key_mgmt_wpa_psk_no_sae(params.allowed_key_mgmts)) &&
4715 wpa_supplicant_get_psk(wpa_s, bss, ssid, psk) == 0)
4716 params.psk = psk;
4717 }
4718
4719 if ((wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA) &&
4720 wpa_key_mgmt_sae(params.key_mgmt_suite)) {
4721 params.auth_alg = WPA_AUTH_ALG_SAE;
4722 if (ssid->sae_password) {
4723 params.sae_password = ssid->sae_password;
4724 params.sae_password_id = ssid->sae_password_id;
4725 } else if (ssid->passphrase) {
4726 params.passphrase = ssid->passphrase;
4727 }
4728 }
4729
4730 params.drop_unencrypted = use_crypt;
4731
4732 params.mgmt_frame_protection = wpas_get_ssid_pmf(wpa_s, ssid);
4733 if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) {
4734 const u8 *rsn = wpa_bss_get_rsne(wpa_s, bss, ssid, false);
4735 struct wpa_ie_data ie;
4736 if (!wpas_driver_bss_selection(wpa_s) && rsn &&
4737 wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 &&
4738 ie.capabilities &
4739 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) {
4740 wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports "
4741 "MFP: require MFP");
4742 params.mgmt_frame_protection =
4743 MGMT_FRAME_PROTECTION_REQUIRED;
4744 #ifdef CONFIG_OWE
4745 } else if (!rsn && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
4746 !ssid->owe_only) {
4747 params.mgmt_frame_protection = NO_MGMT_FRAME_PROTECTION;
4748 #endif /* CONFIG_OWE */
4749 }
4750 }
4751
4752 params.p2p = ssid->p2p_group;
4753
4754 if (wpa_s->p2pdev->set_sta_uapsd)
4755 params.uapsd = wpa_s->p2pdev->sta_uapsd;
4756 else
4757 params.uapsd = -1;
4758
4759 #ifdef CONFIG_HT_OVERRIDES
4760 os_memset(&htcaps, 0, sizeof(htcaps));
4761 os_memset(&htcaps_mask, 0, sizeof(htcaps_mask));
4762 params.htcaps = (u8 *) &htcaps;
4763 params.htcaps_mask = (u8 *) &htcaps_mask;
4764 wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms);
4765 #endif /* CONFIG_HT_OVERRIDES */
4766 #ifdef CONFIG_VHT_OVERRIDES
4767 os_memset(&vhtcaps, 0, sizeof(vhtcaps));
4768 os_memset(&vhtcaps_mask, 0, sizeof(vhtcaps_mask));
4769 params.vhtcaps = &vhtcaps;
4770 params.vhtcaps_mask = &vhtcaps_mask;
4771 wpa_supplicant_apply_vht_overrides(wpa_s, ssid, ¶ms);
4772 #endif /* CONFIG_VHT_OVERRIDES */
4773 #ifdef CONFIG_HE_OVERRIDES
4774 wpa_supplicant_apply_he_overrides(wpa_s, ssid, ¶ms);
4775 #endif /* CONFIG_HE_OVERRIDES */
4776 wpa_supplicant_apply_eht_overrides(wpa_s, ssid, ¶ms);
4777
4778 #ifdef CONFIG_P2P
4779 /*
4780 * If multi-channel concurrency is not supported, check for any
4781 * frequency conflict. In case of any frequency conflict, remove the
4782 * least prioritized connection.
4783 */
4784 if (wpa_s->num_multichan_concurrent < 2) {
4785 int freq, num;
4786 num = get_shared_radio_freqs(wpa_s, &freq, 1, false);
4787 if (num > 0 && freq > 0 && freq != params.freq.freq) {
4788 wpa_printf(MSG_DEBUG,
4789 "Assoc conflicting freq found (%d != %d)",
4790 freq, params.freq.freq);
4791 if (wpas_p2p_handle_frequency_conflicts(
4792 wpa_s, params.freq.freq, ssid) < 0) {
4793 wpas_connect_work_done(wpa_s);
4794 os_free(wpa_ie);
4795 return;
4796 }
4797 }
4798 }
4799 #endif /* CONFIG_P2P */
4800
4801 if (wpa_s->reassoc_same_ess && !is_zero_ether_addr(prev_bssid) &&
4802 old_ssid)
4803 params.prev_bssid = prev_bssid;
4804
4805 #ifdef CONFIG_SAE
4806 params.sae_pwe = wpas_get_ssid_sae_pwe(wpa_s, ssid);
4807 #endif /* CONFIG_SAE */
4808
4809 ret = wpa_drv_associate(wpa_s, ¶ms);
4810 forced_memzero(psk, sizeof(psk));
4811 os_free(wpa_ie);
4812 if (ret < 0) {
4813 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
4814 "failed");
4815 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_VALID_ERROR_CODES) {
4816 /*
4817 * The driver is known to mean what is saying, so we
4818 * can stop right here; the association will not
4819 * succeed.
4820 */
4821 wpas_connection_failed(wpa_s, wpa_s->pending_bssid,
4822 NULL);
4823 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
4824 os_memset(wpa_s->pending_bssid, 0, ETH_ALEN);
4825 return;
4826 }
4827 /* try to continue anyway; new association will be tried again
4828 * after timeout */
4829 assoc_failed = 1;
4830 }
4831
4832 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
4833 /* Set the key after the association just in case association
4834 * cleared the previously configured key. */
4835 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
4836 /* No need to timeout authentication since there is no key
4837 * management. */
4838 wpa_supplicant_cancel_auth_timeout(wpa_s);
4839 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
4840 #ifdef CONFIG_IBSS_RSN
4841 } else if (ssid->mode == WPAS_MODE_IBSS &&
4842 wpa_s->key_mgmt != WPA_KEY_MGMT_NONE &&
4843 wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) {
4844 /*
4845 * RSN IBSS authentication is per-STA and we can disable the
4846 * per-BSSID authentication.
4847 */
4848 wpa_supplicant_cancel_auth_timeout(wpa_s);
4849 #endif /* CONFIG_IBSS_RSN */
4850 } else {
4851 /* Timeout for IEEE 802.11 authentication and association */
4852 int timeout = 60;
4853
4854 if (assoc_failed) {
4855 /* give IBSS a bit more time */
4856 timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5;
4857 } else if (wpa_s->conf->ap_scan == 1) {
4858 /* give IBSS a bit more time */
4859 timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10;
4860 }
4861 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
4862 }
4863
4864 #ifdef CONFIG_WEP
4865 if (wep_keys_set &&
4866 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC)) {
4867 /* Set static WEP keys again */
4868 wpa_set_wep_keys(wpa_s, ssid);
4869 }
4870 #endif /* CONFIG_WEP */
4871
4872 if (old_ssid && old_ssid != ssid) {
4873 /*
4874 * Do not allow EAP session resumption between different
4875 * network configurations.
4876 */
4877 eapol_sm_invalidate_cached_session(wpa_s->eapol);
4878 }
4879
4880 if (!wpas_driver_bss_selection(wpa_s) ||
4881 #ifdef CONFIG_P2P
4882 wpa_s->p2p_in_invitation ||
4883 #endif /* CONFIG_P2P */
4884 ssid->bssid_set) {
4885 wpa_s->current_bss = bss;
4886 #ifdef CONFIG_HS20
4887 hs20_configure_frame_filters(wpa_s);
4888 #endif /* CONFIG_HS20 */
4889 }
4890
4891 wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid);
4892 if (bss)
4893 wpa_sm_set_ssid(wpa_s->wpa, bss->ssid, bss->ssid_len);
4894 wpa_supplicant_initiate_eapol(wpa_s);
4895 if (old_ssid != wpa_s->current_ssid)
4896 wpas_notify_network_changed(wpa_s);
4897 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME))
4898 wpas_notify_auth_changed(wpa_s);
4899 }
4900
4901
wpa_supplicant_clear_connection(struct wpa_supplicant * wpa_s,const u8 * addr)4902 static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s,
4903 const u8 *addr)
4904 {
4905 struct wpa_ssid *old_ssid;
4906
4907 wpa_s->ml_connect_probe_ssid = NULL;
4908 wpa_s->ml_connect_probe_bss = NULL;
4909 wpas_connect_work_done(wpa_s);
4910 wpa_clear_keys(wpa_s, addr);
4911 old_ssid = wpa_s->current_ssid;
4912 wpa_supplicant_mark_disassoc(wpa_s);
4913 wpa_sm_set_config(wpa_s->wpa, NULL);
4914 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
4915 if (old_ssid != wpa_s->current_ssid)
4916 wpas_notify_network_changed(wpa_s);
4917
4918 #ifndef CONFIG_NO_ROBUST_AV
4919 wpas_scs_deinit(wpa_s);
4920 wpas_dscp_deinit(wpa_s);
4921 #endif /* CONFIG_NO_ROBUST_AV */
4922 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
4923 }
4924
4925
4926 /**
4927 * wpa_supplicant_deauthenticate - Deauthenticate the current connection
4928 * @wpa_s: Pointer to wpa_supplicant data
4929 * @reason_code: IEEE 802.11 reason code for the deauthenticate frame
4930 *
4931 * This function is used to request %wpa_supplicant to deauthenticate from the
4932 * current AP.
4933 */
wpa_supplicant_deauthenticate(struct wpa_supplicant * wpa_s,u16 reason_code)4934 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
4935 u16 reason_code)
4936 {
4937 u8 *addr = NULL;
4938 union wpa_event_data event;
4939 int zero_addr = 0;
4940
4941 wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR
4942 " pending_bssid=" MACSTR
4943 " reason=%d (%s) state=%s valid_links=0x%x ap_mld_addr=" MACSTR,
4944 MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid),
4945 reason_code, reason2str(reason_code),
4946 wpa_supplicant_state_txt(wpa_s->wpa_state), wpa_s->valid_links,
4947 MAC2STR(wpa_s->ap_mld_addr));
4948
4949 if (wpa_s->valid_links && !is_zero_ether_addr(wpa_s->ap_mld_addr))
4950 addr = wpa_s->ap_mld_addr;
4951 else if (!is_zero_ether_addr(wpa_s->pending_bssid) &&
4952 (wpa_s->wpa_state == WPA_AUTHENTICATING ||
4953 wpa_s->wpa_state == WPA_ASSOCIATING))
4954 addr = wpa_s->pending_bssid;
4955 else if (!is_zero_ether_addr(wpa_s->bssid))
4956 addr = wpa_s->bssid;
4957 else if (wpa_s->wpa_state == WPA_ASSOCIATING) {
4958 /*
4959 * When using driver-based BSS selection, we may not know the
4960 * BSSID with which we are currently trying to associate. We
4961 * need to notify the driver of this disconnection even in such
4962 * a case, so use the all zeros address here.
4963 */
4964 addr = wpa_s->bssid;
4965 zero_addr = 1;
4966 }
4967
4968 if (wpa_s->enabled_4addr_mode && wpa_drv_set_4addr_mode(wpa_s, 0) == 0)
4969 wpa_s->enabled_4addr_mode = 0;
4970
4971 #ifdef CONFIG_TDLS
4972 wpa_tdls_teardown_peers(wpa_s->wpa);
4973 #endif /* CONFIG_TDLS */
4974
4975 #ifdef CONFIG_MESH
4976 if (wpa_s->ifmsh) {
4977 struct mesh_conf *mconf;
4978
4979 mconf = wpa_s->ifmsh->mconf;
4980 wpa_msg(wpa_s, MSG_INFO, MESH_GROUP_REMOVED "%s",
4981 wpa_s->ifname);
4982 wpas_notify_mesh_group_removed(wpa_s, mconf->meshid,
4983 mconf->meshid_len, reason_code);
4984 wpa_supplicant_leave_mesh(wpa_s, true);
4985 }
4986 #endif /* CONFIG_MESH */
4987
4988 if (addr) {
4989 wpa_drv_deauthenticate(wpa_s, addr, reason_code);
4990 os_memset(&event, 0, sizeof(event));
4991 event.deauth_info.reason_code = reason_code;
4992 event.deauth_info.locally_generated = 1;
4993 wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event);
4994 if (zero_addr)
4995 addr = NULL;
4996 }
4997
4998 wpa_supplicant_clear_connection(wpa_s, addr);
4999 }
5000
5001
wpa_supplicant_reconnect(struct wpa_supplicant * wpa_s)5002 void wpa_supplicant_reconnect(struct wpa_supplicant *wpa_s)
5003 {
5004 wpa_s->own_reconnect_req = 1;
5005 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_UNSPECIFIED);
5006
5007 }
5008
5009
wpa_supplicant_enable_one_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5010 static void wpa_supplicant_enable_one_network(struct wpa_supplicant *wpa_s,
5011 struct wpa_ssid *ssid)
5012 {
5013 if (!ssid || !ssid->disabled || ssid->disabled == 2)
5014 return;
5015
5016 ssid->disabled = 0;
5017 ssid->owe_transition_bss_select_count = 0;
5018 wpas_clear_temp_disabled(wpa_s, ssid, 1);
5019 wpas_notify_network_enabled_changed(wpa_s, ssid);
5020
5021 /*
5022 * Try to reassociate since there is no current configuration and a new
5023 * network was made available.
5024 */
5025 if (!wpa_s->current_ssid && !wpa_s->disconnected)
5026 wpa_s->reassociate = 1;
5027 }
5028
5029
5030 /**
5031 * wpa_supplicant_add_network - Add a new network
5032 * @wpa_s: wpa_supplicant structure for a network interface
5033 * Returns: The new network configuration or %NULL if operation failed
5034 *
5035 * This function performs the following operations:
5036 * 1. Adds a new network.
5037 * 2. Send network addition notification.
5038 * 3. Marks the network disabled.
5039 * 4. Set network default parameters.
5040 */
wpa_supplicant_add_network(struct wpa_supplicant * wpa_s)5041 struct wpa_ssid * wpa_supplicant_add_network(struct wpa_supplicant *wpa_s)
5042 {
5043 struct wpa_ssid *ssid;
5044
5045 ssid = wpa_config_add_network(wpa_s->conf);
5046 if (!ssid)
5047 return NULL;
5048 wpas_notify_network_added(wpa_s, ssid);
5049 ssid->disabled = 1;
5050 wpa_config_set_network_defaults(ssid);
5051
5052 return ssid;
5053 }
5054
5055
5056 /**
5057 * wpa_supplicant_remove_network - Remove a configured network based on id
5058 * @wpa_s: wpa_supplicant structure for a network interface
5059 * @id: Unique network id to search for
5060 * Returns: 0 on success, or -1 if the network was not found, -2 if the network
5061 * could not be removed
5062 *
5063 * This function performs the following operations:
5064 * 1. Removes the network.
5065 * 2. Send network removal notification.
5066 * 3. Update internal state machines.
5067 * 4. Stop any running sched scans.
5068 */
wpa_supplicant_remove_network(struct wpa_supplicant * wpa_s,int id)5069 int wpa_supplicant_remove_network(struct wpa_supplicant *wpa_s, int id)
5070 {
5071 struct wpa_ssid *ssid, *prev = wpa_s->current_ssid;
5072 int was_disabled;
5073
5074 ssid = wpa_config_get_network(wpa_s->conf, id);
5075 if (!ssid)
5076 return -1;
5077 wpas_notify_network_removed(wpa_s, ssid);
5078
5079 if (ssid == prev || !prev) {
5080 #ifdef CONFIG_SME
5081 wpa_s->sme.prev_bssid_set = 0;
5082 #endif /* CONFIG_SME */
5083 /*
5084 * Invalidate the EAP session cache if the current or
5085 * previously used network is removed.
5086 */
5087 eapol_sm_invalidate_cached_session(wpa_s->eapol);
5088 }
5089
5090 if (ssid == prev) {
5091 wpa_sm_set_config(wpa_s->wpa, NULL);
5092 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
5093
5094 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5095 wpa_s->own_disconnect_req = 1;
5096 wpa_supplicant_deauthenticate(wpa_s,
5097 WLAN_REASON_DEAUTH_LEAVING);
5098 }
5099
5100 was_disabled = ssid->disabled;
5101
5102 if (wpa_config_remove_network(wpa_s->conf, id) < 0)
5103 return -2;
5104
5105 if (!was_disabled && wpa_s->sched_scanning) {
5106 wpa_printf(MSG_DEBUG,
5107 "Stop ongoing sched_scan to remove network from filters");
5108 wpa_supplicant_cancel_sched_scan(wpa_s);
5109 wpa_supplicant_req_scan(wpa_s, 0, 0);
5110 }
5111
5112 return 0;
5113 }
5114
5115
5116 /**
5117 * wpa_supplicant_remove_all_networks - Remove all configured networks
5118 * @wpa_s: wpa_supplicant structure for a network interface
5119 * Returns: 0 on success (errors are currently ignored)
5120 *
5121 * This function performs the following operations:
5122 * 1. Remove all networks.
5123 * 2. Send network removal notifications.
5124 * 3. Update internal state machines.
5125 * 4. Stop any running sched scans.
5126 */
wpa_supplicant_remove_all_networks(struct wpa_supplicant * wpa_s)5127 int wpa_supplicant_remove_all_networks(struct wpa_supplicant *wpa_s)
5128 {
5129 struct wpa_ssid *ssid;
5130
5131 if (wpa_s->drv_flags2 &
5132 (WPA_DRIVER_FLAGS2_SAE_OFFLOAD_STA |
5133 WPA_DRIVER_FLAGS2_OWE_OFFLOAD_STA))
5134 wpa_drv_flush_pmkid(wpa_s);
5135
5136 if (wpa_s->sched_scanning)
5137 wpa_supplicant_cancel_sched_scan(wpa_s);
5138
5139 eapol_sm_invalidate_cached_session(wpa_s->eapol);
5140 if (wpa_s->current_ssid) {
5141 #ifdef CONFIG_SME
5142 wpa_s->sme.prev_bssid_set = 0;
5143 #endif /* CONFIG_SME */
5144 wpa_sm_set_config(wpa_s->wpa, NULL);
5145 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
5146 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5147 wpa_s->own_disconnect_req = 1;
5148 wpa_supplicant_deauthenticate(
5149 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5150 }
5151 ssid = wpa_s->conf->ssid;
5152 while (ssid) {
5153 struct wpa_ssid *remove_ssid = ssid;
5154 int id;
5155
5156 id = ssid->id;
5157 ssid = ssid->next;
5158 wpas_notify_network_removed(wpa_s, remove_ssid);
5159 wpa_config_remove_network(wpa_s->conf, id);
5160 }
5161 return 0;
5162 }
5163
5164
5165 /**
5166 * wpa_supplicant_enable_network - Mark a configured network as enabled
5167 * @wpa_s: wpa_supplicant structure for a network interface
5168 * @ssid: wpa_ssid structure for a configured network or %NULL
5169 *
5170 * Enables the specified network or all networks if no network specified.
5171 */
wpa_supplicant_enable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5172 void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s,
5173 struct wpa_ssid *ssid)
5174 {
5175 if (ssid == NULL) {
5176 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
5177 wpa_supplicant_enable_one_network(wpa_s, ssid);
5178 } else
5179 wpa_supplicant_enable_one_network(wpa_s, ssid);
5180
5181 if (wpa_s->reassociate && !wpa_s->disconnected &&
5182 (!wpa_s->current_ssid ||
5183 wpa_s->wpa_state == WPA_DISCONNECTED ||
5184 wpa_s->wpa_state == WPA_SCANNING)) {
5185 if (wpa_s->sched_scanning) {
5186 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan to add "
5187 "new network to scan filters");
5188 wpa_supplicant_cancel_sched_scan(wpa_s);
5189 }
5190
5191 if (wpa_supplicant_fast_associate(wpa_s) != 1) {
5192 wpa_s->scan_req = NORMAL_SCAN_REQ;
5193 wpa_supplicant_req_scan(wpa_s, 0, 0);
5194 }
5195 }
5196 }
5197
5198
5199 /**
5200 * wpa_supplicant_disable_network - Mark a configured network as disabled
5201 * @wpa_s: wpa_supplicant structure for a network interface
5202 * @ssid: wpa_ssid structure for a configured network or %NULL
5203 *
5204 * Disables the specified network or all networks if no network specified.
5205 */
wpa_supplicant_disable_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5206 void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s,
5207 struct wpa_ssid *ssid)
5208 {
5209 struct wpa_ssid *other_ssid;
5210 int was_disabled;
5211
5212 if (ssid == NULL) {
5213 if (wpa_s->sched_scanning)
5214 wpa_supplicant_cancel_sched_scan(wpa_s);
5215
5216 for (other_ssid = wpa_s->conf->ssid; other_ssid;
5217 other_ssid = other_ssid->next) {
5218 was_disabled = other_ssid->disabled;
5219 if (was_disabled == 2)
5220 continue; /* do not change persistent P2P group
5221 * data */
5222
5223 other_ssid->disabled = 1;
5224
5225 if (was_disabled != other_ssid->disabled)
5226 wpas_notify_network_enabled_changed(
5227 wpa_s, other_ssid);
5228 }
5229 if (wpa_s->current_ssid) {
5230 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5231 wpa_s->own_disconnect_req = 1;
5232 wpa_supplicant_deauthenticate(
5233 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5234 }
5235 } else if (ssid->disabled != 2) {
5236 if (ssid == wpa_s->current_ssid) {
5237 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5238 wpa_s->own_disconnect_req = 1;
5239 wpa_supplicant_deauthenticate(
5240 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5241 }
5242
5243 was_disabled = ssid->disabled;
5244
5245 ssid->disabled = 1;
5246
5247 if (was_disabled != ssid->disabled) {
5248 wpas_notify_network_enabled_changed(wpa_s, ssid);
5249 if (wpa_s->sched_scanning) {
5250 wpa_printf(MSG_DEBUG, "Stop ongoing sched_scan "
5251 "to remove network from filters");
5252 wpa_supplicant_cancel_sched_scan(wpa_s);
5253 wpa_supplicant_req_scan(wpa_s, 0, 0);
5254 }
5255 }
5256 }
5257 }
5258
5259
ssid_in_last_scan(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5260 static bool ssid_in_last_scan(struct wpa_supplicant *wpa_s,
5261 struct wpa_ssid *ssid)
5262 {
5263 size_t i;
5264
5265 /* Check if the previous scan included the selected network */
5266 if (wpa_s->last_scan_num_ssids <= 1 ||
5267 !ssid->ssid || ssid->ssid_len == 0)
5268 return false;
5269
5270 /* Iterate through the previous scan SSIDs */
5271 for (i = 0; i < wpa_s->last_scan_num_ssids; i++) {
5272 if (os_memcmp(wpa_s->last_scan_ssids[i].ssid, ssid->ssid,
5273 ssid->ssid_len) == 0)
5274 return true;
5275 }
5276
5277 return false;
5278 }
5279
5280
5281 /**
5282 * Checks whether an SSID was discovered in the last scan.
5283 * @wpa_s: wpa_supplicant structure for a network interface.
5284 * @ssid: wpa_ssid structure for a configured network.
5285 * Returns: true if ssid found, false otherwise.
5286 */
ssid_in_last_scan_res(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5287 static bool ssid_in_last_scan_res(struct wpa_supplicant *wpa_s,
5288 struct wpa_ssid *ssid)
5289 {
5290 size_t i;
5291
5292 if (!wpa_s->last_scan_res || !ssid->ssid || ssid->ssid_len == 0)
5293 return false;
5294
5295 for (i = 0; i < wpa_s->last_scan_res_used; i++) {
5296 if (os_memcmp(wpa_s->last_scan_res[i]->ssid,
5297 ssid->ssid, ssid->ssid_len) == 0)
5298 return true;
5299 }
5300
5301 return false;
5302 }
5303
5304
5305 /**
5306 * wpa_supplicant_select_network - Attempt association with a network
5307 * @wpa_s: wpa_supplicant structure for a network interface
5308 * @ssid: wpa_ssid structure for a configured network or %NULL for any network
5309 */
wpa_supplicant_select_network(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)5310 void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s,
5311 struct wpa_ssid *ssid)
5312 {
5313
5314 struct wpa_ssid *other_ssid;
5315 int disconnected = 0;
5316 bool request_new_scan = false;
5317
5318 if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) {
5319 if (wpa_s->wpa_state >= WPA_AUTHENTICATING)
5320 wpa_s->own_disconnect_req = 1;
5321 wpa_supplicant_deauthenticate(
5322 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
5323 disconnected = 1;
5324 }
5325
5326 if (ssid)
5327 wpas_clear_temp_disabled(wpa_s, ssid, 1);
5328
5329 /*
5330 * Mark all other networks disabled or mark all networks enabled if no
5331 * network specified.
5332 */
5333 for (other_ssid = wpa_s->conf->ssid; other_ssid;
5334 other_ssid = other_ssid->next) {
5335 int was_disabled = other_ssid->disabled;
5336 if (was_disabled == 2)
5337 continue; /* do not change persistent P2P group data */
5338
5339 other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0;
5340 if (was_disabled && !other_ssid->disabled)
5341 wpas_clear_temp_disabled(wpa_s, other_ssid, 0);
5342
5343 if (was_disabled != other_ssid->disabled)
5344 wpas_notify_network_enabled_changed(wpa_s, other_ssid);
5345 }
5346
5347 if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid &&
5348 wpa_s->wpa_state >= WPA_AUTHENTICATING) {
5349 /* We are already associated with the selected network */
5350 wpa_printf(MSG_DEBUG, "Already associated with the "
5351 "selected network - do nothing");
5352 return;
5353 }
5354
5355 if (ssid) {
5356 wpa_s->current_ssid = ssid;
5357 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
5358 wpa_s->connect_without_scan =
5359 (ssid->mode == WPAS_MODE_MESH ||
5360 ssid->mode == WPAS_MODE_AP) ? ssid : NULL;
5361
5362 if (ssid->scan_ssid) {
5363 if (ssid_in_last_scan(wpa_s, ssid)) {
5364 wpa_printf(MSG_DEBUG,
5365 "Hidden network was scanned for in last scan");
5366 } else if (ssid_in_last_scan_res(wpa_s, ssid)) {
5367 wpa_printf(MSG_DEBUG,
5368 "Hidden network was found in last scan results");
5369 } else {
5370 request_new_scan = true;
5371 wpa_printf(MSG_DEBUG,
5372 "Request a new scan for hidden network");
5373 }
5374 }
5375
5376 if (!request_new_scan && (ssid->key_mgmt & WPA_KEY_MGMT_OWE) &&
5377 !ssid->owe_only) {
5378 wpa_printf(MSG_DEBUG,
5379 "Request a new scan for OWE transition SSID");
5380 request_new_scan = true;
5381 }
5382
5383 /*
5384 * Don't optimize next scan freqs since a new ESS has been
5385 * selected.
5386 */
5387 os_free(wpa_s->next_scan_freqs);
5388 wpa_s->next_scan_freqs = NULL;
5389 } else {
5390 wpa_s->connect_without_scan = NULL;
5391 }
5392
5393 wpa_s->disconnected = 0;
5394 wpa_s->reassociate = 1;
5395 wpa_s_clear_sae_rejected(wpa_s);
5396 wpa_s->last_owe_group = 0;
5397 if (ssid) {
5398 ssid->owe_transition_bss_select_count = 0;
5399 wpa_s_setup_sae_pt(wpa_s, ssid, false);
5400 }
5401
5402 if (wpa_s->connect_without_scan || request_new_scan ||
5403 wpa_supplicant_fast_associate(wpa_s) != 1) {
5404 wpa_s->scan_req = NORMAL_SCAN_REQ;
5405 wpas_scan_reset_sched_scan(wpa_s);
5406 wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0);
5407 }
5408
5409 if (ssid)
5410 wpas_notify_network_selected(wpa_s, ssid);
5411 }
5412
5413
5414 /**
5415 * wpas_remove_cred - Remove the specified credential and all the network
5416 * entries created based on the removed credential
5417 * @wpa_s: wpa_supplicant structure for a network interface
5418 * @cred: The credential to remove
5419 * Returns: 0 on success, -1 on failure
5420 */
wpas_remove_cred(struct wpa_supplicant * wpa_s,struct wpa_cred * cred)5421 int wpas_remove_cred(struct wpa_supplicant *wpa_s, struct wpa_cred *cred)
5422 {
5423 struct wpa_ssid *ssid, *next;
5424 int id;
5425
5426 if (!cred) {
5427 wpa_printf(MSG_DEBUG, "Could not find cred");
5428 return -1;
5429 }
5430
5431 id = cred->id;
5432 if (wpa_config_remove_cred(wpa_s->conf, id) < 0) {
5433 wpa_printf(MSG_DEBUG, "Could not find cred %d", id);
5434 return -1;
5435 }
5436
5437 wpa_msg(wpa_s, MSG_INFO, CRED_REMOVED "%d", id);
5438
5439 /* Remove any network entry created based on the removed credential */
5440 ssid = wpa_s->conf->ssid;
5441 while (ssid) {
5442 next = ssid->next;
5443
5444 if (ssid->parent_cred == cred) {
5445 wpa_printf(MSG_DEBUG,
5446 "Remove network id %d since it used the removed credential",
5447 ssid->id);
5448 if (wpa_supplicant_remove_network(wpa_s, ssid->id) ==
5449 -1) {
5450 wpa_printf(MSG_DEBUG,
5451 "Could not find network id=%d",
5452 ssid->id);
5453 }
5454 }
5455
5456 ssid = next;
5457 }
5458
5459 return 0;
5460 }
5461
5462
5463 /**
5464 * wpas_remove_cred - Remove all the Interworking credentials
5465 * @wpa_s: wpa_supplicant structure for a network interface
5466 * Returns: 0 on success, -1 on failure
5467 */
wpas_remove_all_creds(struct wpa_supplicant * wpa_s)5468 int wpas_remove_all_creds(struct wpa_supplicant *wpa_s)
5469 {
5470 int res, ret = 0;
5471 struct wpa_cred *cred, *prev;
5472
5473 cred = wpa_s->conf->cred;
5474 while (cred) {
5475 prev = cred;
5476 cred = cred->next;
5477 res = wpas_remove_cred(wpa_s, prev);
5478 if (res < 0) {
5479 wpa_printf(MSG_DEBUG,
5480 "Removal of all credentials failed - failed to remove credential id=%d",
5481 prev->id);
5482 ret = -1;
5483 }
5484 }
5485
5486 return ret;
5487 }
5488
5489
5490 /**
5491 * wpas_set_pkcs11_engine_and_module_path - Set PKCS #11 engine and module path
5492 * @wpa_s: wpa_supplicant structure for a network interface
5493 * @pkcs11_engine_path: PKCS #11 engine path or NULL
5494 * @pkcs11_module_path: PKCS #11 module path or NULL
5495 * Returns: 0 on success; -1 on failure
5496 *
5497 * Sets the PKCS #11 engine and module path. Both have to be NULL or a valid
5498 * path. If resetting the EAPOL state machine with the new PKCS #11 engine and
5499 * module path fails the paths will be reset to the default value (NULL).
5500 */
wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant * wpa_s,const char * pkcs11_engine_path,const char * pkcs11_module_path)5501 int wpas_set_pkcs11_engine_and_module_path(struct wpa_supplicant *wpa_s,
5502 const char *pkcs11_engine_path,
5503 const char *pkcs11_module_path)
5504 {
5505 char *pkcs11_engine_path_copy = NULL;
5506 char *pkcs11_module_path_copy = NULL;
5507
5508 if (pkcs11_engine_path != NULL) {
5509 pkcs11_engine_path_copy = os_strdup(pkcs11_engine_path);
5510 if (pkcs11_engine_path_copy == NULL)
5511 return -1;
5512 }
5513 if (pkcs11_module_path != NULL) {
5514 pkcs11_module_path_copy = os_strdup(pkcs11_module_path);
5515 if (pkcs11_module_path_copy == NULL) {
5516 os_free(pkcs11_engine_path_copy);
5517 return -1;
5518 }
5519 }
5520
5521 #ifndef CONFIG_PKCS11_ENGINE_PATH
5522 os_free(wpa_s->conf->pkcs11_engine_path);
5523 wpa_s->conf->pkcs11_engine_path = pkcs11_engine_path_copy;
5524 #endif /* CONFIG_PKCS11_ENGINE_PATH */
5525 #ifndef CONFIG_PKCS11_MODULE_PATH
5526 os_free(wpa_s->conf->pkcs11_module_path);
5527 wpa_s->conf->pkcs11_module_path = pkcs11_module_path_copy;
5528 #endif /* CONFIG_PKCS11_MODULE_PATH */
5529
5530 wpa_sm_set_eapol(wpa_s->wpa, NULL);
5531 eapol_sm_deinit(wpa_s->eapol);
5532 wpa_s->eapol = NULL;
5533 if (wpa_supplicant_init_eapol(wpa_s)) {
5534 /* Error -> Reset paths to the default value (NULL) once. */
5535 if (pkcs11_engine_path != NULL && pkcs11_module_path != NULL)
5536 wpas_set_pkcs11_engine_and_module_path(wpa_s, NULL,
5537 NULL);
5538
5539 return -1;
5540 }
5541 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
5542
5543 return 0;
5544 }
5545
5546
5547 /**
5548 * wpa_supplicant_set_ap_scan - Set AP scan mode for interface
5549 * @wpa_s: wpa_supplicant structure for a network interface
5550 * @ap_scan: AP scan mode
5551 * Returns: 0 if succeed or -1 if ap_scan has an invalid value
5552 *
5553 */
wpa_supplicant_set_ap_scan(struct wpa_supplicant * wpa_s,int ap_scan)5554 int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan)
5555 {
5556
5557 int old_ap_scan;
5558
5559 if (ap_scan < 0 || ap_scan > 2)
5560 return -1;
5561
5562 if (ap_scan == 2 && os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
5563 wpa_printf(MSG_INFO,
5564 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
5565 }
5566
5567 #ifdef ANDROID
5568 if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan &&
5569 wpa_s->wpa_state >= WPA_ASSOCIATING &&
5570 wpa_s->wpa_state < WPA_COMPLETED) {
5571 wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while "
5572 "associating", wpa_s->conf->ap_scan, ap_scan);
5573 return 0;
5574 }
5575 #endif /* ANDROID */
5576
5577 old_ap_scan = wpa_s->conf->ap_scan;
5578 wpa_s->conf->ap_scan = ap_scan;
5579
5580 if (old_ap_scan != wpa_s->conf->ap_scan)
5581 wpas_notify_ap_scan_changed(wpa_s);
5582
5583 return 0;
5584 }
5585
5586
5587 /**
5588 * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age
5589 * @wpa_s: wpa_supplicant structure for a network interface
5590 * @expire_age: Expiration age in seconds
5591 * Returns: 0 if succeed or -1 if expire_age has an invalid value
5592 *
5593 */
wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant * wpa_s,unsigned int bss_expire_age)5594 int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s,
5595 unsigned int bss_expire_age)
5596 {
5597 if (bss_expire_age < 10) {
5598 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u",
5599 bss_expire_age);
5600 return -1;
5601 }
5602 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec",
5603 bss_expire_age);
5604 wpa_s->conf->bss_expiration_age = bss_expire_age;
5605
5606 return 0;
5607 }
5608
5609
5610 /**
5611 * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count
5612 * @wpa_s: wpa_supplicant structure for a network interface
5613 * @expire_count: number of scans after which an unseen BSS is reclaimed
5614 * Returns: 0 if succeed or -1 if expire_count has an invalid value
5615 *
5616 */
wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant * wpa_s,unsigned int bss_expire_count)5617 int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s,
5618 unsigned int bss_expire_count)
5619 {
5620 if (bss_expire_count < 1) {
5621 wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u",
5622 bss_expire_count);
5623 return -1;
5624 }
5625 wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u",
5626 bss_expire_count);
5627 wpa_s->conf->bss_expiration_scan_count = bss_expire_count;
5628
5629 return 0;
5630 }
5631
5632
5633 /**
5634 * wpa_supplicant_set_scan_interval - Set scan interval
5635 * @wpa_s: wpa_supplicant structure for a network interface
5636 * @scan_interval: scan interval in seconds
5637 * Returns: 0 if succeed or -1 if scan_interval has an invalid value
5638 *
5639 */
wpa_supplicant_set_scan_interval(struct wpa_supplicant * wpa_s,int scan_interval)5640 int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s,
5641 int scan_interval)
5642 {
5643 if (scan_interval < 0) {
5644 wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d",
5645 scan_interval);
5646 return -1;
5647 }
5648 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec",
5649 scan_interval);
5650 wpa_supplicant_update_scan_int(wpa_s, scan_interval);
5651
5652 return 0;
5653 }
5654
5655
5656 /**
5657 * wpa_supplicant_set_debug_params - Set global debug params
5658 * @global: wpa_global structure
5659 * @debug_level: debug level
5660 * @debug_timestamp: determines if show timestamp in debug data
5661 * @debug_show_keys: determines if show keys in debug data
5662 * Returns: 0 if succeed or -1 if debug_level has wrong value
5663 */
wpa_supplicant_set_debug_params(struct wpa_global * global,int debug_level,int debug_timestamp,int debug_show_keys)5664 int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level,
5665 int debug_timestamp, int debug_show_keys)
5666 {
5667
5668 int old_level, old_timestamp, old_show_keys;
5669
5670 /* check for allowed debuglevels */
5671 if (debug_level != MSG_EXCESSIVE &&
5672 debug_level != MSG_MSGDUMP &&
5673 debug_level != MSG_DEBUG &&
5674 debug_level != MSG_INFO &&
5675 debug_level != MSG_WARNING &&
5676 debug_level != MSG_ERROR)
5677 return -1;
5678
5679 old_level = wpa_debug_level;
5680 old_timestamp = wpa_debug_timestamp;
5681 old_show_keys = wpa_debug_show_keys;
5682
5683 wpa_debug_level = debug_level;
5684 wpa_debug_timestamp = debug_timestamp ? 1 : 0;
5685 wpa_debug_show_keys = debug_show_keys ? 1 : 0;
5686
5687 if (wpa_debug_level != old_level)
5688 wpas_notify_debug_level_changed(global);
5689 if (wpa_debug_timestamp != old_timestamp)
5690 wpas_notify_debug_timestamp_changed(global);
5691 if (wpa_debug_show_keys != old_show_keys)
5692 wpas_notify_debug_show_keys_changed(global);
5693
5694 return 0;
5695 }
5696
5697
5698 #ifdef CONFIG_OWE
owe_trans_ssid_match(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 * entry_ssid,size_t entry_ssid_len)5699 static int owe_trans_ssid_match(struct wpa_supplicant *wpa_s, const u8 *bssid,
5700 const u8 *entry_ssid, size_t entry_ssid_len)
5701 {
5702 const u8 *owe, *owe_bssid, *owe_ssid;
5703 size_t owe_ssid_len;
5704 struct wpa_bss *bss;
5705
5706 /* Check network profile SSID aganst the SSID in the
5707 * OWE Transition Mode element. */
5708
5709 bss = wpa_bss_get_bssid_latest(wpa_s, bssid);
5710 if (!bss)
5711 return 0;
5712
5713 owe = wpa_bss_get_vendor_ie(bss, OWE_IE_VENDOR_TYPE);
5714 if (!owe)
5715 return 0;
5716
5717 if (wpas_get_owe_trans_network(owe, &owe_bssid, &owe_ssid,
5718 &owe_ssid_len))
5719 return 0;
5720
5721 return entry_ssid_len == owe_ssid_len &&
5722 os_memcmp(owe_ssid, entry_ssid, owe_ssid_len) == 0;
5723 }
5724 #endif /* CONFIG_OWE */
5725
5726
5727 /**
5728 * wpa_supplicant_get_ssid - Get a pointer to the current network structure
5729 * @wpa_s: Pointer to wpa_supplicant data
5730 * Returns: A pointer to the current network structure or %NULL on failure
5731 */
wpa_supplicant_get_ssid(struct wpa_supplicant * wpa_s)5732 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
5733 {
5734 struct wpa_ssid *entry;
5735 u8 ssid[SSID_MAX_LEN];
5736 int res;
5737 size_t ssid_len;
5738 u8 bssid[ETH_ALEN];
5739 int wired;
5740
5741 res = wpa_drv_get_ssid(wpa_s, ssid);
5742 if (res < 0) {
5743 wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from "
5744 "driver");
5745 return NULL;
5746 }
5747 ssid_len = res;
5748
5749 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
5750 wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from "
5751 "driver");
5752 return NULL;
5753 }
5754
5755 wired = wpa_s->conf->ap_scan == 0 &&
5756 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED);
5757
5758 entry = wpa_s->conf->ssid;
5759 while (entry) {
5760 if (!wpas_network_disabled(wpa_s, entry) &&
5761 ((ssid_len == entry->ssid_len &&
5762 (!entry->ssid ||
5763 os_memcmp(ssid, entry->ssid, ssid_len) == 0)) ||
5764 wired) &&
5765 (!entry->bssid_set ||
5766 ether_addr_equal(bssid, entry->bssid)))
5767 return entry;
5768 #ifdef CONFIG_WPS
5769 if (!wpas_network_disabled(wpa_s, entry) &&
5770 (entry->key_mgmt & WPA_KEY_MGMT_WPS) &&
5771 (entry->ssid == NULL || entry->ssid_len == 0) &&
5772 (!entry->bssid_set ||
5773 ether_addr_equal(bssid, entry->bssid)))
5774 return entry;
5775 #endif /* CONFIG_WPS */
5776
5777 #ifdef CONFIG_OWE
5778 if (!wpas_network_disabled(wpa_s, entry) &&
5779 (entry->ssid &&
5780 owe_trans_ssid_match(wpa_s, bssid, entry->ssid,
5781 entry->ssid_len)) &&
5782 (!entry->bssid_set ||
5783 ether_addr_equal(bssid, entry->bssid)))
5784 return entry;
5785 #endif /* CONFIG_OWE */
5786
5787 if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set &&
5788 entry->ssid_len == 0 &&
5789 ether_addr_equal(bssid, entry->bssid))
5790 return entry;
5791
5792 entry = entry->next;
5793 }
5794
5795 return NULL;
5796 }
5797
5798
select_driver(struct wpa_supplicant * wpa_s,int i)5799 static int select_driver(struct wpa_supplicant *wpa_s, int i)
5800 {
5801 struct wpa_global *global = wpa_s->global;
5802
5803 if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) {
5804 global->drv_priv[i] = wpa_drivers[i]->global_init(global);
5805 if (global->drv_priv[i] == NULL) {
5806 wpa_printf(MSG_ERROR, "Failed to initialize driver "
5807 "'%s'", wpa_drivers[i]->name);
5808 return -1;
5809 }
5810 }
5811
5812 wpa_s->driver = wpa_drivers[i];
5813 wpa_s->global_drv_priv = global->drv_priv[i];
5814
5815 return 0;
5816 }
5817
5818
wpa_supplicant_set_driver(struct wpa_supplicant * wpa_s,const char * name)5819 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
5820 const char *name)
5821 {
5822 int i;
5823 size_t len;
5824 const char *pos, *driver = name;
5825
5826 if (wpa_s == NULL)
5827 return -1;
5828
5829 if (wpa_drivers[0] == NULL) {
5830 wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into "
5831 "wpa_supplicant");
5832 return -1;
5833 }
5834
5835 if (name == NULL) {
5836 /* Default to first successful driver in the list */
5837 for (i = 0; wpa_drivers[i]; i++) {
5838 if (select_driver(wpa_s, i) == 0)
5839 return 0;
5840 }
5841 /* Drivers have each reported failure, so no wpa_msg() here. */
5842 return -1;
5843 }
5844
5845 do {
5846 pos = os_strchr(driver, ',');
5847 if (pos)
5848 len = pos - driver;
5849 else
5850 len = os_strlen(driver);
5851
5852 for (i = 0; wpa_drivers[i]; i++) {
5853 if (os_strlen(wpa_drivers[i]->name) == len &&
5854 os_strncmp(driver, wpa_drivers[i]->name, len) ==
5855 0) {
5856 /* First driver that succeeds wins */
5857 if (select_driver(wpa_s, i) == 0)
5858 return 0;
5859 }
5860 }
5861
5862 driver = pos + 1;
5863 } while (pos);
5864
5865 wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name);
5866 return -1;
5867 }
5868
5869
5870 /**
5871 * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant
5872 * @ctx: Context pointer (wpa_s); this is the ctx variable registered
5873 * with struct wpa_driver_ops::init()
5874 * @src_addr: Source address of the EAPOL frame
5875 * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header)
5876 * @len: Length of the EAPOL data
5877 * @encrypted: Whether the frame was encrypted
5878 *
5879 * This function is called for each received EAPOL frame. Most driver
5880 * interfaces rely on more generic OS mechanism for receiving frames through
5881 * l2_packet, but if such a mechanism is not available, the driver wrapper may
5882 * take care of received EAPOL frames and deliver them to the core supplicant
5883 * code by calling this function.
5884 */
wpa_supplicant_rx_eapol(void * ctx,const u8 * src_addr,const u8 * buf,size_t len,enum frame_encryption encrypted)5885 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
5886 const u8 *buf, size_t len,
5887 enum frame_encryption encrypted)
5888 {
5889 struct wpa_supplicant *wpa_s = ctx;
5890 const u8 *connected_addr = wpa_s->valid_links ?
5891 wpa_s->ap_mld_addr : wpa_s->bssid;
5892
5893 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " (encrypted=%d)",
5894 MAC2STR(src_addr), encrypted);
5895 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
5896
5897 if (wpa_s->own_disconnect_req) {
5898 wpa_printf(MSG_DEBUG,
5899 "Drop received EAPOL frame as we are disconnecting");
5900 return;
5901 }
5902
5903 #ifdef CONFIG_TESTING_OPTIONS
5904 wpa_msg_ctrl(wpa_s, MSG_INFO, "EAPOL-RX " MACSTR " %zu",
5905 MAC2STR(src_addr), len);
5906 if (wpa_s->ignore_auth_resp) {
5907 wpa_printf(MSG_INFO, "RX EAPOL - ignore_auth_resp active!");
5908 return;
5909 }
5910 #endif /* CONFIG_TESTING_OPTIONS */
5911
5912 if (wpa_s->wpa_state < WPA_ASSOCIATED ||
5913 (wpa_s->last_eapol_matches_bssid &&
5914 #ifdef CONFIG_AP
5915 !wpa_s->ap_iface &&
5916 #endif /* CONFIG_AP */
5917 !ether_addr_equal(src_addr, connected_addr))) {
5918 /*
5919 * There is possible race condition between receiving the
5920 * association event and the EAPOL frame since they are coming
5921 * through different paths from the driver. In order to avoid
5922 * issues in trying to process the EAPOL frame before receiving
5923 * association information, lets queue it for processing until
5924 * the association event is received. This may also be needed in
5925 * driver-based roaming case, so also use src_addr != BSSID as a
5926 * trigger if we have previously confirmed that the
5927 * Authenticator uses BSSID as the src_addr (which is not the
5928 * case with wired IEEE 802.1X).
5929 */
5930 wpa_dbg(wpa_s, MSG_DEBUG,
5931 "Not associated - Delay processing of received EAPOL frame (state=%s connected_addr="
5932 MACSTR ")",
5933 wpa_supplicant_state_txt(wpa_s->wpa_state),
5934 MAC2STR(connected_addr));
5935 delay_processing:
5936 wpabuf_free(wpa_s->pending_eapol_rx);
5937 wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len);
5938 if (wpa_s->pending_eapol_rx) {
5939 os_get_reltime(&wpa_s->pending_eapol_rx_time);
5940 os_memcpy(wpa_s->pending_eapol_rx_src, src_addr,
5941 ETH_ALEN);
5942 wpa_s->pending_eapol_encrypted = encrypted;
5943 }
5944 return;
5945 }
5946
5947 wpa_s->last_eapol_matches_bssid =
5948 ether_addr_equal(src_addr, connected_addr);
5949
5950 #ifdef CONFIG_AP
5951 if (wpa_s->ap_iface) {
5952 wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len,
5953 encrypted);
5954 return;
5955 }
5956 #endif /* CONFIG_AP */
5957
5958 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
5959 wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since "
5960 "no key management is configured");
5961 return;
5962 }
5963
5964 if (wpa_s->eapol_received == 0 &&
5965 (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK) ||
5966 !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) ||
5967 wpa_s->wpa_state != WPA_COMPLETED) &&
5968 (wpa_s->current_ssid == NULL ||
5969 wpa_s->current_ssid->mode != WPAS_MODE_IBSS)) {
5970 /* Timeout for completing IEEE 802.1X and WPA authentication */
5971 int timeout = 10;
5972
5973 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) ||
5974 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA ||
5975 wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) {
5976 /* Use longer timeout for IEEE 802.1X/EAP */
5977 timeout = 70;
5978 }
5979
5980 #ifdef CONFIG_WPS
5981 if (wpa_s->current_ssid && wpa_s->current_bss &&
5982 (wpa_s->current_ssid->key_mgmt & WPA_KEY_MGMT_WPS) &&
5983 eap_is_wps_pin_enrollee(&wpa_s->current_ssid->eap)) {
5984 /*
5985 * Use shorter timeout if going through WPS AP iteration
5986 * for PIN config method with an AP that does not
5987 * advertise Selected Registrar.
5988 */
5989 struct wpabuf *wps_ie;
5990
5991 wps_ie = wpa_bss_get_vendor_ie_multi(
5992 wpa_s->current_bss, WPS_IE_VENDOR_TYPE);
5993 if (wps_ie &&
5994 !wps_is_addr_authorized(wps_ie, wpa_s->own_addr, 1))
5995 timeout = 10;
5996 wpabuf_free(wps_ie);
5997 }
5998 #endif /* CONFIG_WPS */
5999
6000 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
6001 }
6002 wpa_s->eapol_received++;
6003
6004 if (wpa_s->countermeasures) {
6005 wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped "
6006 "EAPOL packet");
6007 return;
6008 }
6009
6010 #ifdef CONFIG_IBSS_RSN
6011 if (wpa_s->current_ssid &&
6012 wpa_s->current_ssid->mode == WPAS_MODE_IBSS) {
6013 ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len,
6014 encrypted);
6015 return;
6016 }
6017 #endif /* CONFIG_IBSS_RSN */
6018
6019 /* Source address of the incoming EAPOL frame could be compared to the
6020 * current BSSID. However, it is possible that a centralized
6021 * Authenticator could be using another MAC address than the BSSID of
6022 * an AP, so just allow any address to be used for now. The replies are
6023 * still sent to the current BSSID (if available), though. */
6024
6025 os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
6026 if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) &&
6027 wpa_s->key_mgmt != WPA_KEY_MGMT_OWE &&
6028 wpa_s->key_mgmt != WPA_KEY_MGMT_DPP &&
6029 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len,
6030 encrypted) > 0)
6031 return;
6032 wpa_drv_poll(wpa_s);
6033 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE_PSK)) {
6034 if (wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len,
6035 encrypted) == -2 &&
6036 #ifdef CONFIG_AP
6037 !wpa_s->ap_iface &&
6038 #endif /* CONFIG_AP */
6039 wpa_s->last_eapol_matches_bssid) {
6040 /* Handle the case where reassociation occurs to the
6041 * current connected AP */
6042 wpa_dbg(wpa_s, MSG_DEBUG,
6043 "Delay processing of received EAPOL frame for reassociation to the current connected AP (state=%s connected_addr="
6044 MACSTR ")",
6045 wpa_supplicant_state_txt(wpa_s->wpa_state),
6046 MAC2STR(connected_addr));
6047 goto delay_processing;
6048 }
6049 } else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) {
6050 /*
6051 * Set portValid = true here since we are going to skip 4-way
6052 * handshake processing which would normally set portValid. We
6053 * need this to allow the EAPOL state machines to be completed
6054 * without going through EAPOL-Key handshake.
6055 */
6056 eapol_sm_notify_portValid(wpa_s->eapol, true);
6057 }
6058 }
6059
6060
wpa_supplicant_rx_eapol_cb(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)6061 static void wpa_supplicant_rx_eapol_cb(void *ctx, const u8 *src_addr,
6062 const u8 *buf, size_t len)
6063 {
6064 wpa_supplicant_rx_eapol(ctx, src_addr, buf, len,
6065 FRAME_ENCRYPTION_UNKNOWN);
6066 }
6067
6068
wpas_eapol_needs_l2_packet(struct wpa_supplicant * wpa_s)6069 static int wpas_eapol_needs_l2_packet(struct wpa_supplicant *wpa_s)
6070 {
6071 return !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_CONTROL_PORT) ||
6072 !(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_CONTROL_PORT_RX);
6073 }
6074
6075
wpa_supplicant_update_mac_addr(struct wpa_supplicant * wpa_s)6076 int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s)
6077 {
6078 u8 prev_mac_addr[ETH_ALEN];
6079
6080 os_memcpy(prev_mac_addr, wpa_s->own_addr, ETH_ALEN);
6081
6082 if ((!wpa_s->p2p_mgmt ||
6083 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)) &&
6084 !(wpa_s->drv_flags & WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) {
6085 l2_packet_deinit(wpa_s->l2);
6086 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
6087 wpa_drv_get_mac_addr(wpa_s),
6088 ETH_P_EAPOL,
6089 wpas_eapol_needs_l2_packet(wpa_s) ?
6090 wpa_supplicant_rx_eapol_cb : NULL,
6091 wpa_s, 0);
6092 if (wpa_s->l2 == NULL)
6093 return -1;
6094
6095 if (l2_packet_set_packet_filter(wpa_s->l2,
6096 L2_PACKET_FILTER_PKTTYPE))
6097 wpa_dbg(wpa_s, MSG_DEBUG,
6098 "Failed to attach pkt_type filter");
6099
6100 if (l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
6101 wpa_msg(wpa_s, MSG_ERROR,
6102 "Failed to get own L2 address");
6103 return -1;
6104 }
6105 } else {
6106 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
6107 if (addr)
6108 os_memcpy(wpa_s->own_addr, addr, ETH_ALEN);
6109 }
6110
6111 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
6112 wpas_wps_update_mac_addr(wpa_s);
6113
6114 #ifdef CONFIG_FST
6115 if (wpa_s->fst)
6116 fst_update_mac_addr(wpa_s->fst, wpa_s->own_addr);
6117 #endif /* CONFIG_FST */
6118
6119 if (!ether_addr_equal(prev_mac_addr, wpa_s->own_addr))
6120 wpas_notify_mac_address_changed(wpa_s);
6121
6122 return 0;
6123 }
6124
6125
wpa_supplicant_rx_eapol_bridge(void * ctx,const u8 * src_addr,const u8 * buf,size_t len)6126 static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr,
6127 const u8 *buf, size_t len)
6128 {
6129 struct wpa_supplicant *wpa_s = ctx;
6130 const struct l2_ethhdr *eth;
6131
6132 if (len < sizeof(*eth))
6133 return;
6134 eth = (const struct l2_ethhdr *) buf;
6135
6136 if (!ether_addr_equal(eth->h_dest, wpa_s->own_addr) &&
6137 !(eth->h_dest[0] & 0x01)) {
6138 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
6139 " (bridge - not for this interface - ignore)",
6140 MAC2STR(src_addr), MAC2STR(eth->h_dest));
6141 return;
6142 }
6143
6144 wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR
6145 " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest));
6146 wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth),
6147 len - sizeof(*eth), FRAME_ENCRYPTION_UNKNOWN);
6148 }
6149
6150
wpa_supplicant_update_bridge_ifname(struct wpa_supplicant * wpa_s,const char * bridge_ifname)6151 int wpa_supplicant_update_bridge_ifname(struct wpa_supplicant *wpa_s,
6152 const char *bridge_ifname)
6153 {
6154 if (wpa_s->wpa_state > WPA_SCANNING)
6155 return -EBUSY;
6156
6157 if (bridge_ifname &&
6158 os_strlen(bridge_ifname) >= sizeof(wpa_s->bridge_ifname))
6159 return -EINVAL;
6160
6161 if (!bridge_ifname)
6162 bridge_ifname = "";
6163
6164 if (os_strcmp(wpa_s->bridge_ifname, bridge_ifname) == 0)
6165 return 0;
6166
6167 if (wpa_s->l2_br) {
6168 l2_packet_deinit(wpa_s->l2_br);
6169 wpa_s->l2_br = NULL;
6170 }
6171
6172 os_strlcpy(wpa_s->bridge_ifname, bridge_ifname,
6173 sizeof(wpa_s->bridge_ifname));
6174
6175 if (wpa_s->bridge_ifname[0]) {
6176 wpa_dbg(wpa_s, MSG_DEBUG,
6177 "Receiving packets from bridge interface '%s'",
6178 wpa_s->bridge_ifname);
6179 wpa_s->l2_br = l2_packet_init_bridge(
6180 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
6181 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6182 if (!wpa_s->l2_br) {
6183 wpa_msg(wpa_s, MSG_ERROR,
6184 "Failed to open l2_packet connection for the bridge interface '%s'",
6185 wpa_s->bridge_ifname);
6186 goto fail;
6187 }
6188 }
6189
6190 #ifdef CONFIG_TDLS
6191 if (!wpa_s->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
6192 goto fail;
6193 #endif /* CONFIG_TDLS */
6194
6195 return 0;
6196 fail:
6197 wpa_s->bridge_ifname[0] = 0;
6198 if (wpa_s->l2_br) {
6199 l2_packet_deinit(wpa_s->l2_br);
6200 wpa_s->l2_br = NULL;
6201 }
6202 #ifdef CONFIG_TDLS
6203 if (!wpa_s->p2p_mgmt)
6204 wpa_tdls_init(wpa_s->wpa);
6205 #endif /* CONFIG_TDLS */
6206 return -EIO;
6207 }
6208
6209
6210 /**
6211 * wpa_supplicant_driver_init - Initialize driver interface parameters
6212 * @wpa_s: Pointer to wpa_supplicant data
6213 * Returns: 0 on success, -1 on failure
6214 *
6215 * This function is called to initialize driver interface parameters.
6216 * wpa_drv_init() must have been called before this function to initialize the
6217 * driver interface.
6218 */
wpa_supplicant_driver_init(struct wpa_supplicant * wpa_s)6219 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s)
6220 {
6221 static int interface_count = 0;
6222
6223 if (wpa_supplicant_update_mac_addr(wpa_s) < 0)
6224 return -1;
6225
6226 wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR,
6227 MAC2STR(wpa_s->own_addr));
6228 os_memcpy(wpa_s->perm_addr, wpa_s->own_addr, ETH_ALEN);
6229 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
6230
6231 if (wpa_s->bridge_ifname[0] && wpas_eapol_needs_l2_packet(wpa_s)) {
6232 wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge "
6233 "interface '%s'", wpa_s->bridge_ifname);
6234 wpa_s->l2_br = l2_packet_init_bridge(
6235 wpa_s->bridge_ifname, wpa_s->ifname, wpa_s->own_addr,
6236 ETH_P_EAPOL, wpa_supplicant_rx_eapol_bridge, wpa_s, 1);
6237 if (wpa_s->l2_br == NULL) {
6238 wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet "
6239 "connection for the bridge interface '%s'",
6240 wpa_s->bridge_ifname);
6241 return -1;
6242 }
6243 }
6244
6245 if (wpa_s->conf->ap_scan == 2 &&
6246 os_strcmp(wpa_s->driver->name, "nl80211") == 0) {
6247 wpa_printf(MSG_INFO,
6248 "Note: nl80211 driver interface is not designed to be used with ap_scan=2; this can result in connection failures");
6249 }
6250
6251 wpa_clear_keys(wpa_s, NULL);
6252
6253 /* Make sure that TKIP countermeasures are not left enabled (could
6254 * happen if wpa_supplicant is killed during countermeasures. */
6255 wpa_drv_set_countermeasures(wpa_s, 0);
6256
6257 wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver");
6258 wpa_drv_flush_pmkid(wpa_s);
6259
6260 wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN;
6261 wpa_s->prev_scan_wildcard = 0;
6262
6263 if (wpa_supplicant_enabled_networks(wpa_s)) {
6264 if (wpa_s->wpa_state == WPA_INTERFACE_DISABLED) {
6265 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
6266 interface_count = 0;
6267 }
6268 #ifndef ANDROID
6269 if (!wpa_s->p2p_mgmt &&
6270 wpa_supplicant_delayed_sched_scan(wpa_s,
6271 interface_count % 3,
6272 100000))
6273 wpa_supplicant_req_scan(wpa_s, interface_count % 3,
6274 100000);
6275 #endif /* ANDROID */
6276 interface_count++;
6277 } else
6278 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
6279
6280 return 0;
6281 }
6282
6283
wpa_supplicant_daemon(const char * pid_file)6284 static int wpa_supplicant_daemon(const char *pid_file)
6285 {
6286 wpa_printf(MSG_DEBUG, "Daemonize..");
6287 return os_daemonize(pid_file);
6288 }
6289
6290
6291 static struct wpa_supplicant *
wpa_supplicant_alloc(struct wpa_supplicant * parent)6292 wpa_supplicant_alloc(struct wpa_supplicant *parent)
6293 {
6294 struct wpa_supplicant *wpa_s;
6295
6296 wpa_s = os_zalloc(sizeof(*wpa_s));
6297 if (wpa_s == NULL)
6298 return NULL;
6299 wpa_s->scan_req = INITIAL_SCAN_REQ;
6300 wpa_s->scan_interval = 5;
6301 wpa_s->new_connection = 1;
6302 wpa_s->parent = parent ? parent : wpa_s;
6303 wpa_s->p2pdev = wpa_s->parent;
6304 #ifdef CONFIG_P2P
6305 if (parent)
6306 wpa_s->p2p_mode = parent->p2p_mode;
6307 #endif /* CONFIG_P2P */
6308 wpa_s->sched_scanning = 0;
6309 wpa_s->setband_mask = WPA_SETBAND_AUTO;
6310
6311 dl_list_init(&wpa_s->bss_tmp_disallowed);
6312 dl_list_init(&wpa_s->fils_hlp_req);
6313 #ifdef CONFIG_TESTING_OPTIONS
6314 dl_list_init(&wpa_s->drv_signal_override);
6315 wpa_s->test_assoc_comeback_type = -1;
6316 #endif /* CONFIG_TESTING_OPTIONS */
6317 #ifndef CONFIG_NO_ROBUST_AV
6318 dl_list_init(&wpa_s->active_scs_ids);
6319 #endif /* CONFIG_NO_ROBUST_AV */
6320 wpa_s->ml_probe_mld_id = -1;
6321
6322 #ifdef CONFIG_PMKSA_CACHE_EXTERNAL
6323 #ifdef CONFIG_MESH
6324 dl_list_init(&wpa_s->mesh_external_pmksa_cache);
6325 #endif /* CONFIG_MESH */
6326 #endif /* CONFIG_PMKSA_CACHE_EXTERNAL */
6327
6328 return wpa_s;
6329 }
6330
6331
6332 #ifdef CONFIG_HT_OVERRIDES
6333
wpa_set_htcap_mcs(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,const char * ht_mcs)6334 static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s,
6335 struct ieee80211_ht_capabilities *htcaps,
6336 struct ieee80211_ht_capabilities *htcaps_mask,
6337 const char *ht_mcs)
6338 {
6339 /* parse ht_mcs into hex array */
6340 int i;
6341 const char *tmp = ht_mcs;
6342 char *end = NULL;
6343
6344 /* If ht_mcs is null, do not set anything */
6345 if (!ht_mcs)
6346 return 0;
6347
6348 /* This is what we are setting in the kernel */
6349 os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN);
6350
6351 wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs);
6352
6353 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
6354 long v;
6355
6356 errno = 0;
6357 v = strtol(tmp, &end, 16);
6358
6359 if (errno == 0) {
6360 wpa_msg(wpa_s, MSG_DEBUG,
6361 "htcap value[%i]: %ld end: %p tmp: %p",
6362 i, v, end, tmp);
6363 if (end == tmp)
6364 break;
6365
6366 htcaps->supported_mcs_set[i] = v;
6367 tmp = end;
6368 } else {
6369 wpa_msg(wpa_s, MSG_ERROR,
6370 "Failed to parse ht-mcs: %s, error: %s\n",
6371 ht_mcs, strerror(errno));
6372 return -1;
6373 }
6374 }
6375
6376 /*
6377 * If we were able to parse any values, then set mask for the MCS set.
6378 */
6379 if (i) {
6380 os_memset(&htcaps_mask->supported_mcs_set, 0xff,
6381 IEEE80211_HT_MCS_MASK_LEN - 1);
6382 /* skip the 3 reserved bits */
6383 htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] =
6384 0x1f;
6385 }
6386
6387 return 0;
6388 }
6389
6390
wpa_disable_max_amsdu(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6391 static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s,
6392 struct ieee80211_ht_capabilities *htcaps,
6393 struct ieee80211_ht_capabilities *htcaps_mask,
6394 int disabled)
6395 {
6396 le16 msk;
6397
6398 if (disabled == -1)
6399 return 0;
6400
6401 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled);
6402
6403 msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE);
6404 htcaps_mask->ht_capabilities_info |= msk;
6405 if (disabled)
6406 htcaps->ht_capabilities_info &= msk;
6407 else
6408 htcaps->ht_capabilities_info |= msk;
6409
6410 return 0;
6411 }
6412
6413
wpa_set_ampdu_factor(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int factor)6414 static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s,
6415 struct ieee80211_ht_capabilities *htcaps,
6416 struct ieee80211_ht_capabilities *htcaps_mask,
6417 int factor)
6418 {
6419 if (factor == -1)
6420 return 0;
6421
6422 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor);
6423
6424 if (factor < 0 || factor > 3) {
6425 wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. "
6426 "Must be 0-3 or -1", factor);
6427 return -EINVAL;
6428 }
6429
6430 htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */
6431 htcaps->a_mpdu_params &= ~0x3;
6432 htcaps->a_mpdu_params |= factor & 0x3;
6433
6434 return 0;
6435 }
6436
6437
wpa_set_ampdu_density(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int density)6438 static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s,
6439 struct ieee80211_ht_capabilities *htcaps,
6440 struct ieee80211_ht_capabilities *htcaps_mask,
6441 int density)
6442 {
6443 if (density == -1)
6444 return 0;
6445
6446 wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density);
6447
6448 if (density < 0 || density > 7) {
6449 wpa_msg(wpa_s, MSG_ERROR,
6450 "ampdu_density: %d out of range. Must be 0-7 or -1.",
6451 density);
6452 return -EINVAL;
6453 }
6454
6455 htcaps_mask->a_mpdu_params |= 0x1C;
6456 htcaps->a_mpdu_params &= ~(0x1C);
6457 htcaps->a_mpdu_params |= (density << 2) & 0x1C;
6458
6459 return 0;
6460 }
6461
6462
wpa_set_disable_ht40(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6463 static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s,
6464 struct ieee80211_ht_capabilities *htcaps,
6465 struct ieee80211_ht_capabilities *htcaps_mask,
6466 int disabled)
6467 {
6468 if (disabled)
6469 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled);
6470
6471 set_disable_ht40(htcaps, disabled);
6472 set_disable_ht40(htcaps_mask, 0);
6473
6474 return 0;
6475 }
6476
6477
wpa_set_disable_sgi(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6478 static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s,
6479 struct ieee80211_ht_capabilities *htcaps,
6480 struct ieee80211_ht_capabilities *htcaps_mask,
6481 int disabled)
6482 {
6483 /* Masking these out disables SGI */
6484 le16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ |
6485 HT_CAP_INFO_SHORT_GI40MHZ);
6486
6487 if (disabled)
6488 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled);
6489
6490 if (disabled)
6491 htcaps->ht_capabilities_info &= ~msk;
6492 else
6493 htcaps->ht_capabilities_info |= msk;
6494
6495 htcaps_mask->ht_capabilities_info |= msk;
6496
6497 return 0;
6498 }
6499
6500
wpa_set_disable_ldpc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int disabled)6501 static int wpa_set_disable_ldpc(struct wpa_supplicant *wpa_s,
6502 struct ieee80211_ht_capabilities *htcaps,
6503 struct ieee80211_ht_capabilities *htcaps_mask,
6504 int disabled)
6505 {
6506 /* Masking these out disables LDPC */
6507 le16 msk = host_to_le16(HT_CAP_INFO_LDPC_CODING_CAP);
6508
6509 if (disabled)
6510 wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ldpc: %d", disabled);
6511
6512 if (disabled)
6513 htcaps->ht_capabilities_info &= ~msk;
6514 else
6515 htcaps->ht_capabilities_info |= msk;
6516
6517 htcaps_mask->ht_capabilities_info |= msk;
6518
6519 return 0;
6520 }
6521
6522
wpa_set_tx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int tx_stbc)6523 static int wpa_set_tx_stbc(struct wpa_supplicant *wpa_s,
6524 struct ieee80211_ht_capabilities *htcaps,
6525 struct ieee80211_ht_capabilities *htcaps_mask,
6526 int tx_stbc)
6527 {
6528 le16 msk = host_to_le16(HT_CAP_INFO_TX_STBC);
6529
6530 if (tx_stbc == -1)
6531 return 0;
6532
6533 wpa_msg(wpa_s, MSG_DEBUG, "set_tx_stbc: %d", tx_stbc);
6534
6535 if (tx_stbc < 0 || tx_stbc > 1) {
6536 wpa_msg(wpa_s, MSG_ERROR,
6537 "tx_stbc: %d out of range. Must be 0-1 or -1", tx_stbc);
6538 return -EINVAL;
6539 }
6540
6541 htcaps_mask->ht_capabilities_info |= msk;
6542 htcaps->ht_capabilities_info &= ~msk;
6543 htcaps->ht_capabilities_info |= host_to_le16(tx_stbc << 7) & msk;
6544
6545 return 0;
6546 }
6547
6548
wpa_set_rx_stbc(struct wpa_supplicant * wpa_s,struct ieee80211_ht_capabilities * htcaps,struct ieee80211_ht_capabilities * htcaps_mask,int rx_stbc)6549 static int wpa_set_rx_stbc(struct wpa_supplicant *wpa_s,
6550 struct ieee80211_ht_capabilities *htcaps,
6551 struct ieee80211_ht_capabilities *htcaps_mask,
6552 int rx_stbc)
6553 {
6554 le16 msk = host_to_le16(HT_CAP_INFO_RX_STBC_MASK);
6555
6556 if (rx_stbc == -1)
6557 return 0;
6558
6559 wpa_msg(wpa_s, MSG_DEBUG, "set_rx_stbc: %d", rx_stbc);
6560
6561 if (rx_stbc < 0 || rx_stbc > 3) {
6562 wpa_msg(wpa_s, MSG_ERROR,
6563 "rx_stbc: %d out of range. Must be 0-3 or -1", rx_stbc);
6564 return -EINVAL;
6565 }
6566
6567 htcaps_mask->ht_capabilities_info |= msk;
6568 htcaps->ht_capabilities_info &= ~msk;
6569 htcaps->ht_capabilities_info |= host_to_le16(rx_stbc << 8) & msk;
6570
6571 return 0;
6572 }
6573
6574
wpa_supplicant_apply_ht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6575 void wpa_supplicant_apply_ht_overrides(
6576 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6577 struct wpa_driver_associate_params *params)
6578 {
6579 struct ieee80211_ht_capabilities *htcaps;
6580 struct ieee80211_ht_capabilities *htcaps_mask;
6581
6582 if (!ssid)
6583 return;
6584
6585 params->disable_ht = ssid->disable_ht;
6586 if (!params->htcaps || !params->htcaps_mask)
6587 return;
6588
6589 htcaps = (struct ieee80211_ht_capabilities *) params->htcaps;
6590 htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask;
6591 wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs);
6592 wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask,
6593 ssid->disable_max_amsdu);
6594 wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor);
6595 wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density);
6596 wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40);
6597 wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi);
6598 wpa_set_disable_ldpc(wpa_s, htcaps, htcaps_mask, ssid->disable_ldpc);
6599 wpa_set_rx_stbc(wpa_s, htcaps, htcaps_mask, ssid->rx_stbc);
6600 wpa_set_tx_stbc(wpa_s, htcaps, htcaps_mask, ssid->tx_stbc);
6601
6602 if (ssid->ht40_intolerant) {
6603 le16 bit = host_to_le16(HT_CAP_INFO_40MHZ_INTOLERANT);
6604 htcaps->ht_capabilities_info |= bit;
6605 htcaps_mask->ht_capabilities_info |= bit;
6606 }
6607 }
6608
6609 #endif /* CONFIG_HT_OVERRIDES */
6610
6611
6612 #ifdef CONFIG_VHT_OVERRIDES
wpa_supplicant_apply_vht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6613 void wpa_supplicant_apply_vht_overrides(
6614 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6615 struct wpa_driver_associate_params *params)
6616 {
6617 struct ieee80211_vht_capabilities *vhtcaps;
6618 struct ieee80211_vht_capabilities *vhtcaps_mask;
6619
6620 if (!ssid)
6621 return;
6622
6623 params->disable_vht = ssid->disable_vht;
6624
6625 vhtcaps = (void *) params->vhtcaps;
6626 vhtcaps_mask = (void *) params->vhtcaps_mask;
6627
6628 if (!vhtcaps || !vhtcaps_mask)
6629 return;
6630
6631 vhtcaps->vht_capabilities_info = host_to_le32(ssid->vht_capa);
6632 vhtcaps_mask->vht_capabilities_info = host_to_le32(ssid->vht_capa_mask);
6633
6634 #ifdef CONFIG_HT_OVERRIDES
6635 if (ssid->disable_sgi) {
6636 vhtcaps_mask->vht_capabilities_info |=
6637 host_to_le32(VHT_CAP_SHORT_GI_80 |
6638 VHT_CAP_SHORT_GI_160);
6639 vhtcaps->vht_capabilities_info &=
6640 host_to_le32(~(VHT_CAP_SHORT_GI_80 |
6641 VHT_CAP_SHORT_GI_160));
6642 wpa_msg(wpa_s, MSG_DEBUG,
6643 "disable-sgi override specified, vht-caps: 0x%x",
6644 le_to_host32(vhtcaps->vht_capabilities_info));
6645 }
6646
6647 /* if max ampdu is <= 3, we have to make the HT cap the same */
6648 if (ssid->vht_capa_mask & VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) {
6649 int max_ampdu;
6650
6651 max_ampdu = (ssid->vht_capa &
6652 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX) >>
6653 VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MAX_SHIFT;
6654
6655 max_ampdu = max_ampdu < 3 ? max_ampdu : 3;
6656 wpa_set_ampdu_factor(wpa_s,
6657 (void *) params->htcaps,
6658 (void *) params->htcaps_mask,
6659 max_ampdu);
6660 }
6661 #endif /* CONFIG_HT_OVERRIDES */
6662
6663 #define OVERRIDE_MCS(i) \
6664 if (ssid->vht_tx_mcs_nss_ ##i >= 0) { \
6665 vhtcaps_mask->vht_supported_mcs_set.tx_map |= \
6666 host_to_le16(3 << 2 * (i - 1)); \
6667 vhtcaps->vht_supported_mcs_set.tx_map |= \
6668 host_to_le16(ssid->vht_tx_mcs_nss_ ##i << \
6669 2 * (i - 1)); \
6670 } \
6671 if (ssid->vht_rx_mcs_nss_ ##i >= 0) { \
6672 vhtcaps_mask->vht_supported_mcs_set.rx_map |= \
6673 host_to_le16(3 << 2 * (i - 1)); \
6674 vhtcaps->vht_supported_mcs_set.rx_map |= \
6675 host_to_le16(ssid->vht_rx_mcs_nss_ ##i << \
6676 2 * (i - 1)); \
6677 }
6678
6679 OVERRIDE_MCS(1);
6680 OVERRIDE_MCS(2);
6681 OVERRIDE_MCS(3);
6682 OVERRIDE_MCS(4);
6683 OVERRIDE_MCS(5);
6684 OVERRIDE_MCS(6);
6685 OVERRIDE_MCS(7);
6686 OVERRIDE_MCS(8);
6687 }
6688 #endif /* CONFIG_VHT_OVERRIDES */
6689
6690
6691 #ifdef CONFIG_HE_OVERRIDES
wpa_supplicant_apply_he_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6692 void wpa_supplicant_apply_he_overrides(
6693 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6694 struct wpa_driver_associate_params *params)
6695 {
6696 if (!ssid)
6697 return;
6698
6699 params->disable_he = ssid->disable_he;
6700 }
6701 #endif /* CONFIG_HE_OVERRIDES */
6702
6703
wpa_supplicant_apply_eht_overrides(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,struct wpa_driver_associate_params * params)6704 void wpa_supplicant_apply_eht_overrides(
6705 struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid,
6706 struct wpa_driver_associate_params *params)
6707 {
6708 if (!ssid)
6709 return;
6710
6711 params->disable_eht = ssid->disable_eht;
6712 }
6713
6714
pcsc_reader_init(struct wpa_supplicant * wpa_s)6715 static int pcsc_reader_init(struct wpa_supplicant *wpa_s)
6716 {
6717 #ifdef PCSC_FUNCS
6718 size_t len;
6719
6720 if (!wpa_s->conf->pcsc_reader)
6721 return 0;
6722
6723 wpa_s->scard = scard_init(wpa_s->conf->pcsc_reader);
6724 if (!wpa_s->scard)
6725 return 1;
6726
6727 if (wpa_s->conf->pcsc_pin &&
6728 scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) {
6729 scard_deinit(wpa_s->scard);
6730 wpa_s->scard = NULL;
6731 wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed");
6732 return -1;
6733 }
6734
6735 len = sizeof(wpa_s->imsi) - 1;
6736 if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) {
6737 scard_deinit(wpa_s->scard);
6738 wpa_s->scard = NULL;
6739 wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI");
6740 return -1;
6741 }
6742 wpa_s->imsi[len] = '\0';
6743
6744 wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard);
6745
6746 wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)",
6747 wpa_s->imsi, wpa_s->mnc_len);
6748
6749 wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
6750 eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
6751 #endif /* PCSC_FUNCS */
6752
6753 return 0;
6754 }
6755
6756
wpas_init_ext_pw(struct wpa_supplicant * wpa_s)6757 int wpas_init_ext_pw(struct wpa_supplicant *wpa_s)
6758 {
6759 char *val, *pos;
6760
6761 ext_password_deinit(wpa_s->ext_pw);
6762 wpa_s->ext_pw = NULL;
6763 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL);
6764
6765 if (!wpa_s->conf->ext_password_backend)
6766 return 0;
6767
6768 val = os_strdup(wpa_s->conf->ext_password_backend);
6769 if (val == NULL)
6770 return -1;
6771 pos = os_strchr(val, ':');
6772 if (pos)
6773 *pos++ = '\0';
6774
6775 wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val);
6776
6777 wpa_s->ext_pw = ext_password_init(val, pos);
6778 os_free(val);
6779 if (wpa_s->ext_pw == NULL) {
6780 wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend");
6781 return -1;
6782 }
6783 eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw);
6784
6785 return 0;
6786 }
6787
6788
6789 #ifdef CONFIG_FST
6790
wpas_fst_get_bssid_cb(void * ctx)6791 static const u8 * wpas_fst_get_bssid_cb(void *ctx)
6792 {
6793 struct wpa_supplicant *wpa_s = ctx;
6794
6795 return (is_zero_ether_addr(wpa_s->bssid) ||
6796 wpa_s->wpa_state != WPA_COMPLETED) ? NULL : wpa_s->bssid;
6797 }
6798
6799
wpas_fst_get_channel_info_cb(void * ctx,enum hostapd_hw_mode * hw_mode,u8 * channel)6800 static void wpas_fst_get_channel_info_cb(void *ctx,
6801 enum hostapd_hw_mode *hw_mode,
6802 u8 *channel)
6803 {
6804 struct wpa_supplicant *wpa_s = ctx;
6805
6806 if (wpa_s->current_bss) {
6807 *hw_mode = ieee80211_freq_to_chan(wpa_s->current_bss->freq,
6808 channel);
6809 } else if (wpa_s->hw.num_modes) {
6810 *hw_mode = wpa_s->hw.modes[0].mode;
6811 } else {
6812 WPA_ASSERT(0);
6813 *hw_mode = 0;
6814 }
6815 }
6816
6817
wpas_fst_get_hw_modes(void * ctx,struct hostapd_hw_modes ** modes)6818 static int wpas_fst_get_hw_modes(void *ctx, struct hostapd_hw_modes **modes)
6819 {
6820 struct wpa_supplicant *wpa_s = ctx;
6821
6822 *modes = wpa_s->hw.modes;
6823 return wpa_s->hw.num_modes;
6824 }
6825
6826
wpas_fst_set_ies_cb(void * ctx,const struct wpabuf * fst_ies)6827 static void wpas_fst_set_ies_cb(void *ctx, const struct wpabuf *fst_ies)
6828 {
6829 struct wpa_supplicant *wpa_s = ctx;
6830
6831 wpa_hexdump_buf(MSG_DEBUG, "FST: Set IEs", fst_ies);
6832 wpa_s->fst_ies = fst_ies;
6833 }
6834
6835
wpas_fst_send_action_cb(void * ctx,const u8 * da,struct wpabuf * data)6836 static int wpas_fst_send_action_cb(void *ctx, const u8 *da, struct wpabuf *data)
6837 {
6838 struct wpa_supplicant *wpa_s = ctx;
6839
6840 if (!ether_addr_equal(wpa_s->bssid, da)) {
6841 wpa_printf(MSG_INFO, "FST:%s:bssid=" MACSTR " != da=" MACSTR,
6842 __func__, MAC2STR(wpa_s->bssid), MAC2STR(da));
6843 return -1;
6844 }
6845 return wpa_drv_send_action(wpa_s, wpa_s->assoc_freq, 0, wpa_s->bssid,
6846 wpa_s->own_addr, wpa_s->bssid,
6847 wpabuf_head(data), wpabuf_len(data),
6848 0);
6849 }
6850
6851
wpas_fst_get_mb_ie_cb(void * ctx,const u8 * addr)6852 static const struct wpabuf * wpas_fst_get_mb_ie_cb(void *ctx, const u8 *addr)
6853 {
6854 struct wpa_supplicant *wpa_s = ctx;
6855
6856 WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr));
6857 return wpa_s->received_mb_ies;
6858 }
6859
6860
wpas_fst_update_mb_ie_cb(void * ctx,const u8 * addr,const u8 * buf,size_t size)6861 static void wpas_fst_update_mb_ie_cb(void *ctx, const u8 *addr,
6862 const u8 *buf, size_t size)
6863 {
6864 struct wpa_supplicant *wpa_s = ctx;
6865 struct mb_ies_info info;
6866
6867 WPA_ASSERT(ether_addr_equal(wpa_s->bssid, addr));
6868
6869 if (!mb_ies_info_by_ies(&info, buf, size)) {
6870 wpabuf_free(wpa_s->received_mb_ies);
6871 wpa_s->received_mb_ies = mb_ies_by_info(&info);
6872 }
6873 }
6874
6875
wpas_fst_get_peer_first(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)6876 static const u8 * wpas_fst_get_peer_first(void *ctx,
6877 struct fst_get_peer_ctx **get_ctx,
6878 bool mb_only)
6879 {
6880 struct wpa_supplicant *wpa_s = ctx;
6881
6882 *get_ctx = NULL;
6883 if (!is_zero_ether_addr(wpa_s->bssid))
6884 return (wpa_s->received_mb_ies || !mb_only) ?
6885 wpa_s->bssid : NULL;
6886 return NULL;
6887 }
6888
6889
wpas_fst_get_peer_next(void * ctx,struct fst_get_peer_ctx ** get_ctx,bool mb_only)6890 static const u8 * wpas_fst_get_peer_next(void *ctx,
6891 struct fst_get_peer_ctx **get_ctx,
6892 bool mb_only)
6893 {
6894 return NULL;
6895 }
6896
fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant * wpa_s,struct fst_wpa_obj * iface_obj)6897 void fst_wpa_supplicant_fill_iface_obj(struct wpa_supplicant *wpa_s,
6898 struct fst_wpa_obj *iface_obj)
6899 {
6900 os_memset(iface_obj, 0, sizeof(*iface_obj));
6901 iface_obj->ctx = wpa_s;
6902 iface_obj->get_bssid = wpas_fst_get_bssid_cb;
6903 iface_obj->get_channel_info = wpas_fst_get_channel_info_cb;
6904 iface_obj->get_hw_modes = wpas_fst_get_hw_modes;
6905 iface_obj->set_ies = wpas_fst_set_ies_cb;
6906 iface_obj->send_action = wpas_fst_send_action_cb;
6907 iface_obj->get_mb_ie = wpas_fst_get_mb_ie_cb;
6908 iface_obj->update_mb_ie = wpas_fst_update_mb_ie_cb;
6909 iface_obj->get_peer_first = wpas_fst_get_peer_first;
6910 iface_obj->get_peer_next = wpas_fst_get_peer_next;
6911 }
6912 #endif /* CONFIG_FST */
6913
wpas_set_wowlan_triggers(struct wpa_supplicant * wpa_s,const struct wpa_driver_capa * capa)6914 static int wpas_set_wowlan_triggers(struct wpa_supplicant *wpa_s,
6915 const struct wpa_driver_capa *capa)
6916 {
6917 struct wowlan_triggers *triggers;
6918 int ret = 0;
6919
6920 if (!wpa_s->conf->wowlan_triggers)
6921 return 0;
6922
6923 triggers = wpa_get_wowlan_triggers(wpa_s->conf->wowlan_triggers, capa);
6924 if (triggers) {
6925 ret = wpa_drv_wowlan(wpa_s, triggers);
6926 os_free(triggers);
6927 }
6928 return ret;
6929 }
6930
6931
wpas_freq_to_band(int freq)6932 enum wpa_radio_work_band wpas_freq_to_band(int freq)
6933 {
6934 if (freq < 3000)
6935 return BAND_2_4_GHZ;
6936 if (freq > 50000)
6937 return BAND_60_GHZ;
6938 return BAND_5_GHZ;
6939 }
6940
6941
wpas_get_bands(struct wpa_supplicant * wpa_s,const int * freqs)6942 unsigned int wpas_get_bands(struct wpa_supplicant *wpa_s, const int *freqs)
6943 {
6944 int i;
6945 unsigned int band = 0;
6946
6947 if (freqs) {
6948 /* freqs are specified for the radio work */
6949 for (i = 0; freqs[i]; i++)
6950 band |= wpas_freq_to_band(freqs[i]);
6951 } else {
6952 /*
6953 * freqs are not specified, implies all
6954 * the supported freqs by HW
6955 */
6956 for (i = 0; i < wpa_s->hw.num_modes; i++) {
6957 if (wpa_s->hw.modes[i].num_channels != 0) {
6958 if (wpa_s->hw.modes[i].mode ==
6959 HOSTAPD_MODE_IEEE80211B ||
6960 wpa_s->hw.modes[i].mode ==
6961 HOSTAPD_MODE_IEEE80211G)
6962 band |= BAND_2_4_GHZ;
6963 else if (wpa_s->hw.modes[i].mode ==
6964 HOSTAPD_MODE_IEEE80211A)
6965 band |= BAND_5_GHZ;
6966 else if (wpa_s->hw.modes[i].mode ==
6967 HOSTAPD_MODE_IEEE80211AD)
6968 band |= BAND_60_GHZ;
6969 else if (wpa_s->hw.modes[i].mode ==
6970 HOSTAPD_MODE_IEEE80211ANY)
6971 band = BAND_2_4_GHZ | BAND_5_GHZ |
6972 BAND_60_GHZ;
6973 }
6974 }
6975 }
6976
6977 return band;
6978 }
6979
6980
radio_add_interface(struct wpa_supplicant * wpa_s,const char * rn)6981 static struct wpa_radio * radio_add_interface(struct wpa_supplicant *wpa_s,
6982 const char *rn)
6983 {
6984 struct wpa_supplicant *iface = wpa_s->global->ifaces;
6985 struct wpa_radio *radio;
6986
6987 while (rn && iface) {
6988 radio = iface->radio;
6989 if (radio && os_strcmp(rn, radio->name) == 0) {
6990 wpa_printf(MSG_DEBUG, "Add interface %s to existing radio %s",
6991 wpa_s->ifname, rn);
6992 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
6993 return radio;
6994 }
6995
6996 iface = iface->next;
6997 }
6998
6999 wpa_printf(MSG_DEBUG, "Add interface %s to a new radio %s",
7000 wpa_s->ifname, rn ? rn : "N/A");
7001 radio = os_zalloc(sizeof(*radio));
7002 if (radio == NULL)
7003 return NULL;
7004
7005 if (rn)
7006 os_strlcpy(radio->name, rn, sizeof(radio->name));
7007 dl_list_init(&radio->ifaces);
7008 dl_list_init(&radio->work);
7009 dl_list_add(&radio->ifaces, &wpa_s->radio_list);
7010
7011 return radio;
7012 }
7013
7014
radio_work_free(struct wpa_radio_work * work)7015 static void radio_work_free(struct wpa_radio_work *work)
7016 {
7017 if (work->wpa_s->scan_work == work) {
7018 /* This should not really happen. */
7019 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as scan_work",
7020 work->type, work, work->started);
7021 work->wpa_s->scan_work = NULL;
7022 }
7023
7024 #ifdef CONFIG_P2P
7025 if (work->wpa_s->p2p_scan_work == work) {
7026 /* This should not really happen. */
7027 wpa_dbg(work->wpa_s, MSG_INFO, "Freeing radio work '%s'@%p (started=%d) that is marked as p2p_scan_work",
7028 work->type, work, work->started);
7029 work->wpa_s->p2p_scan_work = NULL;
7030 }
7031 #endif /* CONFIG_P2P */
7032
7033 if (work->started) {
7034 work->wpa_s->radio->num_active_works--;
7035 wpa_dbg(work->wpa_s, MSG_DEBUG,
7036 "radio_work_free('%s'@%p): num_active_works --> %u",
7037 work->type, work,
7038 work->wpa_s->radio->num_active_works);
7039 }
7040
7041 dl_list_del(&work->list);
7042 os_free(work);
7043 }
7044
7045
radio_work_is_connect(struct wpa_radio_work * work)7046 static int radio_work_is_connect(struct wpa_radio_work *work)
7047 {
7048 return os_strcmp(work->type, "sme-connect") == 0 ||
7049 os_strcmp(work->type, "connect") == 0;
7050 }
7051
7052
radio_work_is_scan(struct wpa_radio_work * work)7053 static int radio_work_is_scan(struct wpa_radio_work *work)
7054 {
7055 return os_strcmp(work->type, "scan") == 0 ||
7056 os_strcmp(work->type, "p2p-scan") == 0;
7057 }
7058
7059
radio_work_get_next_work(struct wpa_radio * radio)7060 static struct wpa_radio_work * radio_work_get_next_work(struct wpa_radio *radio)
7061 {
7062 struct wpa_radio_work *active_work = NULL;
7063 struct wpa_radio_work *tmp;
7064
7065 /* Get the active work to know the type and band. */
7066 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
7067 if (tmp->started) {
7068 active_work = tmp;
7069 break;
7070 }
7071 }
7072
7073 if (!active_work) {
7074 /* No active work, start one */
7075 radio->num_active_works = 0;
7076 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work,
7077 list) {
7078 if (os_strcmp(tmp->type, "scan") == 0 &&
7079 external_scan_running(radio) &&
7080 (((struct wpa_driver_scan_params *)
7081 tmp->ctx)->only_new_results ||
7082 tmp->wpa_s->clear_driver_scan_cache))
7083 continue;
7084 return tmp;
7085 }
7086 return NULL;
7087 }
7088
7089 if (radio_work_is_connect(active_work)) {
7090 /*
7091 * If the active work is either connect or sme-connect,
7092 * do not parallelize them with other radio works.
7093 */
7094 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
7095 "Do not parallelize radio work with %s",
7096 active_work->type);
7097 return NULL;
7098 }
7099
7100 dl_list_for_each(tmp, &radio->work, struct wpa_radio_work, list) {
7101 if (tmp->started)
7102 continue;
7103
7104 /*
7105 * If connect or sme-connect are enqueued, parallelize only
7106 * those operations ahead of them in the queue.
7107 */
7108 if (radio_work_is_connect(tmp))
7109 break;
7110
7111 /* Serialize parallel scan and p2p_scan operations on the same
7112 * interface since the driver_nl80211 mechanism for tracking
7113 * scan cookies does not yet have support for this. */
7114 if (active_work->wpa_s == tmp->wpa_s &&
7115 radio_work_is_scan(active_work) &&
7116 radio_work_is_scan(tmp)) {
7117 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
7118 "Do not start work '%s' when another work '%s' is already scheduled",
7119 tmp->type, active_work->type);
7120 continue;
7121 }
7122 /*
7123 * Check that the radio works are distinct and
7124 * on different bands.
7125 */
7126 if (os_strcmp(active_work->type, tmp->type) != 0 &&
7127 (active_work->bands != tmp->bands)) {
7128 /*
7129 * If a scan has to be scheduled through nl80211 scan
7130 * interface and if an external scan is already running,
7131 * do not schedule the scan since it is likely to get
7132 * rejected by kernel.
7133 */
7134 if (os_strcmp(tmp->type, "scan") == 0 &&
7135 external_scan_running(radio) &&
7136 (((struct wpa_driver_scan_params *)
7137 tmp->ctx)->only_new_results ||
7138 tmp->wpa_s->clear_driver_scan_cache))
7139 continue;
7140
7141 wpa_dbg(active_work->wpa_s, MSG_DEBUG,
7142 "active_work:%s new_work:%s",
7143 active_work->type, tmp->type);
7144 return tmp;
7145 }
7146 }
7147
7148 /* Did not find a radio work to schedule in parallel. */
7149 return NULL;
7150 }
7151
7152
radio_start_next_work(void * eloop_ctx,void * timeout_ctx)7153 static void radio_start_next_work(void *eloop_ctx, void *timeout_ctx)
7154 {
7155 struct wpa_radio *radio = eloop_ctx;
7156 struct wpa_radio_work *work;
7157 struct os_reltime now, diff;
7158 struct wpa_supplicant *wpa_s;
7159
7160 work = dl_list_first(&radio->work, struct wpa_radio_work, list);
7161 if (work == NULL) {
7162 radio->num_active_works = 0;
7163 return;
7164 }
7165
7166 wpa_s = dl_list_first(&radio->ifaces, struct wpa_supplicant,
7167 radio_list);
7168
7169 if (!(wpa_s &&
7170 wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)) {
7171 if (work->started)
7172 return; /* already started and still in progress */
7173
7174 if (wpa_s && external_scan_running(wpa_s->radio)) {
7175 wpa_printf(MSG_DEBUG, "Delay radio work start until externally triggered scan completes");
7176 return;
7177 }
7178 } else {
7179 work = NULL;
7180 if (radio->num_active_works < MAX_ACTIVE_WORKS) {
7181 /* get the work to schedule next */
7182 work = radio_work_get_next_work(radio);
7183 }
7184 if (!work)
7185 return;
7186 }
7187
7188 wpa_s = work->wpa_s;
7189 os_get_reltime(&now);
7190 os_reltime_sub(&now, &work->time, &diff);
7191 wpa_dbg(wpa_s, MSG_DEBUG,
7192 "Starting radio work '%s'@%p after %ld.%06ld second wait",
7193 work->type, work, diff.sec, diff.usec);
7194 work->started = 1;
7195 work->time = now;
7196 radio->num_active_works++;
7197
7198 work->cb(work, 0);
7199
7200 if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS) &&
7201 radio->num_active_works < MAX_ACTIVE_WORKS)
7202 radio_work_check_next(wpa_s);
7203 }
7204
7205
7206 /*
7207 * This function removes both started and pending radio works running on
7208 * the provided interface's radio.
7209 * Prior to the removal of the radio work, its callback (cb) is called with
7210 * deinit set to be 1. Each work's callback is responsible for clearing its
7211 * internal data and restoring to a correct state.
7212 * @wpa_s: wpa_supplicant data
7213 * @type: type of works to be removed
7214 * @remove_all: 1 to remove all the works on this radio, 0 to remove only
7215 * this interface's works.
7216 */
radio_remove_works(struct wpa_supplicant * wpa_s,const char * type,int remove_all)7217 void radio_remove_works(struct wpa_supplicant *wpa_s,
7218 const char *type, int remove_all)
7219 {
7220 struct wpa_radio_work *work, *tmp;
7221 struct wpa_radio *radio = wpa_s->radio;
7222
7223 dl_list_for_each_safe(work, tmp, &radio->work, struct wpa_radio_work,
7224 list) {
7225 if (type && os_strcmp(type, work->type) != 0)
7226 continue;
7227
7228 /* skip other ifaces' works */
7229 if (!remove_all && work->wpa_s != wpa_s)
7230 continue;
7231
7232 wpa_dbg(wpa_s, MSG_DEBUG, "Remove radio work '%s'@%p%s",
7233 work->type, work, work->started ? " (started)" : "");
7234 work->cb(work, 1);
7235 radio_work_free(work);
7236 }
7237
7238 /* in case we removed the started work */
7239 radio_work_check_next(wpa_s);
7240 }
7241
7242
radio_remove_pending_work(struct wpa_supplicant * wpa_s,void * ctx)7243 void radio_remove_pending_work(struct wpa_supplicant *wpa_s, void *ctx)
7244 {
7245 struct wpa_radio_work *work;
7246 struct wpa_radio *radio = wpa_s->radio;
7247
7248 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
7249 if (work->ctx != ctx)
7250 continue;
7251 wpa_dbg(wpa_s, MSG_DEBUG, "Free pending radio work '%s'@%p%s",
7252 work->type, work, work->started ? " (started)" : "");
7253 radio_work_free(work);
7254 break;
7255 }
7256 }
7257
7258
radio_remove_interface(struct wpa_supplicant * wpa_s)7259 static void radio_remove_interface(struct wpa_supplicant *wpa_s)
7260 {
7261 struct wpa_radio *radio = wpa_s->radio;
7262
7263 if (!radio)
7264 return;
7265
7266 wpa_printf(MSG_DEBUG, "Remove interface %s from radio %s",
7267 wpa_s->ifname, radio->name);
7268 dl_list_del(&wpa_s->radio_list);
7269 radio_remove_works(wpa_s, NULL, 0);
7270 /* If the interface that triggered the external scan was removed, the
7271 * external scan is no longer running. */
7272 if (wpa_s == radio->external_scan_req_interface)
7273 radio->external_scan_req_interface = NULL;
7274 wpa_s->radio = NULL;
7275 if (!dl_list_empty(&radio->ifaces))
7276 return; /* Interfaces remain for this radio */
7277
7278 wpa_printf(MSG_DEBUG, "Remove radio %s", radio->name);
7279 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
7280 os_free(radio);
7281 }
7282
7283
radio_work_check_next(struct wpa_supplicant * wpa_s)7284 void radio_work_check_next(struct wpa_supplicant *wpa_s)
7285 {
7286 struct wpa_radio *radio = wpa_s->radio;
7287
7288 if (dl_list_empty(&radio->work))
7289 return;
7290 if (wpa_s->ext_work_in_progress) {
7291 wpa_printf(MSG_DEBUG,
7292 "External radio work in progress - delay start of pending item");
7293 return;
7294 }
7295 eloop_cancel_timeout(radio_start_next_work, radio, NULL);
7296 eloop_register_timeout(0, 0, radio_start_next_work, radio, NULL);
7297 }
7298
7299
7300 /**
7301 * radio_add_work - Add a radio work item
7302 * @wpa_s: Pointer to wpa_supplicant data
7303 * @freq: Frequency of the offchannel operation in MHz or 0
7304 * @type: Unique identifier for each type of work
7305 * @next: Force as the next work to be executed
7306 * @cb: Callback function for indicating when radio is available
7307 * @ctx: Context pointer for the work (work->ctx in cb())
7308 * Returns: 0 on success, -1 on failure
7309 *
7310 * This function is used to request time for an operation that requires
7311 * exclusive radio control. Once the radio is available, the registered callback
7312 * function will be called. radio_work_done() must be called once the exclusive
7313 * radio operation has been completed, so that the radio is freed for other
7314 * operations. The special case of deinit=1 is used to free the context data
7315 * during interface removal. That does not allow the callback function to start
7316 * the radio operation, i.e., it must free any resources allocated for the radio
7317 * work and return.
7318 *
7319 * The @freq parameter can be used to indicate a single channel on which the
7320 * offchannel operation will occur. This may allow multiple radio work
7321 * operations to be performed in parallel if they apply for the same channel.
7322 * Setting this to 0 indicates that the work item may use multiple channels or
7323 * requires exclusive control of the radio.
7324 */
radio_add_work(struct wpa_supplicant * wpa_s,unsigned int freq,const char * type,int next,void (* cb)(struct wpa_radio_work * work,int deinit),void * ctx)7325 int radio_add_work(struct wpa_supplicant *wpa_s, unsigned int freq,
7326 const char *type, int next,
7327 void (*cb)(struct wpa_radio_work *work, int deinit),
7328 void *ctx)
7329 {
7330 struct wpa_radio *radio = wpa_s->radio;
7331 struct wpa_radio_work *work;
7332 int was_empty;
7333
7334 work = os_zalloc(sizeof(*work));
7335 if (work == NULL)
7336 return -1;
7337 wpa_dbg(wpa_s, MSG_DEBUG, "Add radio work '%s'@%p", type, work);
7338 os_get_reltime(&work->time);
7339 work->freq = freq;
7340 work->type = type;
7341 work->wpa_s = wpa_s;
7342 work->cb = cb;
7343 work->ctx = ctx;
7344
7345 if (freq)
7346 work->bands = wpas_freq_to_band(freq);
7347 else if (os_strcmp(type, "scan") == 0 ||
7348 os_strcmp(type, "p2p-scan") == 0)
7349 work->bands = wpas_get_bands(wpa_s,
7350 ((struct wpa_driver_scan_params *)
7351 ctx)->freqs);
7352 else
7353 work->bands = wpas_get_bands(wpa_s, NULL);
7354
7355 was_empty = dl_list_empty(&wpa_s->radio->work);
7356 if (next)
7357 dl_list_add(&wpa_s->radio->work, &work->list);
7358 else
7359 dl_list_add_tail(&wpa_s->radio->work, &work->list);
7360 if (was_empty) {
7361 wpa_dbg(wpa_s, MSG_DEBUG, "First radio work item in the queue - schedule start immediately");
7362 radio_work_check_next(wpa_s);
7363 } else if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_OFFCHANNEL_SIMULTANEOUS)
7364 && radio->num_active_works < MAX_ACTIVE_WORKS) {
7365 wpa_dbg(wpa_s, MSG_DEBUG,
7366 "Try to schedule a radio work (num_active_works=%u)",
7367 radio->num_active_works);
7368 radio_work_check_next(wpa_s);
7369 }
7370
7371 return 0;
7372 }
7373
7374
7375 /**
7376 * radio_work_done - Indicate that a radio work item has been completed
7377 * @work: Completed work
7378 *
7379 * This function is called once the callback function registered with
7380 * radio_add_work() has completed its work.
7381 */
radio_work_done(struct wpa_radio_work * work)7382 void radio_work_done(struct wpa_radio_work *work)
7383 {
7384 struct wpa_supplicant *wpa_s = work->wpa_s;
7385 struct os_reltime now, diff;
7386 unsigned int started = work->started;
7387
7388 os_get_reltime(&now);
7389 os_reltime_sub(&now, &work->time, &diff);
7390 wpa_dbg(wpa_s, MSG_DEBUG, "Radio work '%s'@%p %s in %ld.%06ld seconds",
7391 work->type, work, started ? "done" : "canceled",
7392 diff.sec, diff.usec);
7393 radio_work_free(work);
7394 if (started)
7395 radio_work_check_next(wpa_s);
7396 }
7397
7398
7399 struct wpa_radio_work *
radio_work_pending(struct wpa_supplicant * wpa_s,const char * type)7400 radio_work_pending(struct wpa_supplicant *wpa_s, const char *type)
7401 {
7402 struct wpa_radio_work *work;
7403 struct wpa_radio *radio = wpa_s->radio;
7404
7405 dl_list_for_each(work, &radio->work, struct wpa_radio_work, list) {
7406 if (work->wpa_s == wpa_s && os_strcmp(work->type, type) == 0)
7407 return work;
7408 }
7409
7410 return NULL;
7411 }
7412
7413
wpas_init_driver(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)7414 static int wpas_init_driver(struct wpa_supplicant *wpa_s,
7415 const struct wpa_interface *iface)
7416 {
7417 const char *ifname, *driver, *rn;
7418
7419 driver = iface->driver;
7420 next_driver:
7421 if (wpa_supplicant_set_driver(wpa_s, driver) < 0)
7422 return -1;
7423
7424 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
7425 if (wpa_s->drv_priv == NULL) {
7426 const char *pos;
7427 int level = MSG_ERROR;
7428
7429 pos = driver ? os_strchr(driver, ',') : NULL;
7430 if (pos) {
7431 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize "
7432 "driver interface - try next driver wrapper");
7433 driver = pos + 1;
7434 goto next_driver;
7435 }
7436
7437 #ifdef CONFIG_MATCH_IFACE
7438 if (wpa_s->matched == WPA_IFACE_MATCHED_NULL)
7439 level = MSG_DEBUG;
7440 #endif /* CONFIG_MATCH_IFACE */
7441 wpa_msg(wpa_s, level, "Failed to initialize driver interface");
7442 return -1;
7443 }
7444 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
7445 wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected "
7446 "driver_param '%s'", wpa_s->conf->driver_param);
7447 return -1;
7448 }
7449
7450 ifname = wpa_drv_get_ifname(wpa_s);
7451 if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) {
7452 wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced "
7453 "interface name with '%s'", ifname);
7454 os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
7455 }
7456
7457 rn = wpa_driver_get_radio_name(wpa_s);
7458 if (rn && rn[0] == '\0')
7459 rn = NULL;
7460
7461 wpa_s->radio = radio_add_interface(wpa_s, rn);
7462 if (wpa_s->radio == NULL)
7463 return -1;
7464
7465 return 0;
7466 }
7467
7468
7469 #ifdef CONFIG_GAS_SERVER
7470
wpas_gas_server_tx_status(struct wpa_supplicant * wpa_s,unsigned int freq,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,enum offchannel_send_action_result result)7471 static void wpas_gas_server_tx_status(struct wpa_supplicant *wpa_s,
7472 unsigned int freq, const u8 *dst,
7473 const u8 *src, const u8 *bssid,
7474 const u8 *data, size_t data_len,
7475 enum offchannel_send_action_result result)
7476 {
7477 wpa_printf(MSG_DEBUG, "GAS: TX status: freq=%u dst=" MACSTR
7478 " result=%s",
7479 freq, MAC2STR(dst),
7480 result == OFFCHANNEL_SEND_ACTION_SUCCESS ? "SUCCESS" :
7481 (result == OFFCHANNEL_SEND_ACTION_NO_ACK ? "no-ACK" :
7482 "FAILED"));
7483 gas_server_tx_status(wpa_s->gas_server, dst, data, data_len,
7484 result == OFFCHANNEL_SEND_ACTION_SUCCESS);
7485 }
7486
7487
wpas_gas_server_tx(void * ctx,int freq,const u8 * da,struct wpabuf * buf,unsigned int wait_time)7488 static void wpas_gas_server_tx(void *ctx, int freq, const u8 *da,
7489 struct wpabuf *buf, unsigned int wait_time)
7490 {
7491 struct wpa_supplicant *wpa_s = ctx;
7492 const u8 broadcast[ETH_ALEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
7493
7494 if (wait_time > wpa_s->max_remain_on_chan)
7495 wait_time = wpa_s->max_remain_on_chan;
7496
7497 offchannel_send_action(wpa_s, freq, da, wpa_s->own_addr, broadcast,
7498 wpabuf_head(buf), wpabuf_len(buf),
7499 wait_time, wpas_gas_server_tx_status, 0);
7500 }
7501
7502 #endif /* CONFIG_GAS_SERVER */
7503
wpa_supplicant_init_iface(struct wpa_supplicant * wpa_s,const struct wpa_interface * iface)7504 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
7505 const struct wpa_interface *iface)
7506 {
7507 struct wpa_driver_capa capa;
7508 int capa_res;
7509 u8 dfs_domain;
7510
7511 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
7512 "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname,
7513 iface->confname ? iface->confname : "N/A",
7514 iface->driver ? iface->driver : "default",
7515 iface->ctrl_interface ? iface->ctrl_interface : "N/A",
7516 iface->bridge_ifname ? iface->bridge_ifname : "N/A");
7517
7518 if (iface->confname) {
7519 #ifdef CONFIG_BACKEND_FILE
7520 wpa_s->confname = os_rel2abs_path(iface->confname);
7521 if (wpa_s->confname == NULL) {
7522 wpa_printf(MSG_ERROR, "Failed to get absolute path "
7523 "for configuration file '%s'.",
7524 iface->confname);
7525 return -1;
7526 }
7527 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
7528 iface->confname, wpa_s->confname);
7529 #else /* CONFIG_BACKEND_FILE */
7530 wpa_s->confname = os_strdup(iface->confname);
7531 #endif /* CONFIG_BACKEND_FILE */
7532 wpa_s->conf = wpa_config_read(wpa_s->confname, NULL, false);
7533 if (wpa_s->conf == NULL) {
7534 wpa_printf(MSG_ERROR, "Failed to read or parse "
7535 "configuration '%s'.", wpa_s->confname);
7536 return -1;
7537 }
7538 wpa_s->confanother = os_rel2abs_path(iface->confanother);
7539 if (wpa_s->confanother &&
7540 !wpa_config_read(wpa_s->confanother, wpa_s->conf, true)) {
7541 wpa_printf(MSG_ERROR,
7542 "Failed to read or parse configuration '%s'.",
7543 wpa_s->confanother);
7544 return -1;
7545 }
7546
7547 /*
7548 * Override ctrl_interface and driver_param if set on command
7549 * line.
7550 */
7551 if (iface->ctrl_interface) {
7552 os_free(wpa_s->conf->ctrl_interface);
7553 wpa_s->conf->ctrl_interface =
7554 os_strdup(iface->ctrl_interface);
7555 if (!wpa_s->conf->ctrl_interface) {
7556 wpa_printf(MSG_ERROR,
7557 "Failed to duplicate control interface '%s'.",
7558 iface->ctrl_interface);
7559 return -1;
7560 }
7561 }
7562
7563 if (iface->driver_param) {
7564 os_free(wpa_s->conf->driver_param);
7565 wpa_s->conf->driver_param =
7566 os_strdup(iface->driver_param);
7567 if (!wpa_s->conf->driver_param) {
7568 wpa_printf(MSG_ERROR,
7569 "Failed to duplicate driver param '%s'.",
7570 iface->driver_param);
7571 return -1;
7572 }
7573 }
7574
7575 if (iface->p2p_mgmt && !iface->ctrl_interface) {
7576 os_free(wpa_s->conf->ctrl_interface);
7577 wpa_s->conf->ctrl_interface = NULL;
7578 }
7579 } else
7580 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
7581 iface->driver_param);
7582
7583 if (wpa_s->conf == NULL) {
7584 wpa_printf(MSG_ERROR, "\nNo configuration found.");
7585 return -1;
7586 }
7587
7588 if (iface->ifname == NULL) {
7589 wpa_printf(MSG_ERROR, "\nInterface name is required.");
7590 return -1;
7591 }
7592 if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
7593 wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.",
7594 iface->ifname);
7595 return -1;
7596 }
7597 os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
7598 #ifdef CONFIG_MATCH_IFACE
7599 wpa_s->matched = iface->matched;
7600 #endif /* CONFIG_MATCH_IFACE */
7601
7602 if (iface->bridge_ifname) {
7603 if (os_strlen(iface->bridge_ifname) >=
7604 sizeof(wpa_s->bridge_ifname)) {
7605 wpa_printf(MSG_ERROR, "\nToo long bridge interface "
7606 "name '%s'.", iface->bridge_ifname);
7607 return -1;
7608 }
7609 os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname,
7610 sizeof(wpa_s->bridge_ifname));
7611 }
7612
7613 /* RSNA Supplicant Key Management - INITIALIZE */
7614 eapol_sm_notify_portEnabled(wpa_s->eapol, false);
7615 eapol_sm_notify_portValid(wpa_s->eapol, false);
7616
7617 /* Initialize driver interface and register driver event handler before
7618 * L2 receive handler so that association events are processed before
7619 * EAPOL-Key packets if both become available for the same select()
7620 * call. */
7621 if (wpas_init_driver(wpa_s, iface) < 0)
7622 return -1;
7623
7624 if (wpa_supplicant_init_wpa(wpa_s) < 0)
7625 return -1;
7626
7627 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname,
7628 wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname :
7629 NULL);
7630 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
7631
7632 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
7633 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
7634 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
7635 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7636 "dot11RSNAConfigPMKLifetime");
7637 return -1;
7638 }
7639
7640 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
7641 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
7642 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
7643 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7644 "dot11RSNAConfigPMKReauthThreshold");
7645 return -1;
7646 }
7647
7648 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
7649 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
7650 wpa_s->conf->dot11RSNAConfigSATimeout)) {
7651 wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for "
7652 "dot11RSNAConfigSATimeout");
7653 return -1;
7654 }
7655
7656 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID,
7657 wpa_s->conf->ft_prepend_pmkid);
7658
7659 wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s,
7660 &wpa_s->hw.num_modes,
7661 &wpa_s->hw.flags,
7662 &dfs_domain);
7663 if (wpa_s->hw.modes) {
7664 u16 i;
7665
7666 for (i = 0; i < wpa_s->hw.num_modes; i++) {
7667 if (wpa_s->hw.modes[i].eht_capab[IEEE80211_MODE_INFRA].
7668 eht_supported)
7669 wpa_s->hw_capab |= BIT(CAPAB_EHT);
7670 if (wpa_s->hw.modes[i].he_capab[IEEE80211_MODE_INFRA].
7671 he_supported)
7672 wpa_s->hw_capab |= BIT(CAPAB_HE);
7673 if (wpa_s->hw.modes[i].vht_capab)
7674 wpa_s->hw_capab |= BIT(CAPAB_VHT);
7675 if (wpa_s->hw.modes[i].ht_capab)
7676 wpa_s->hw_capab |= BIT(CAPAB_HT);
7677 }
7678 wpa_s->support_6ghz = wpas_is_6ghz_supported(wpa_s, false);
7679 }
7680
7681 capa_res = wpa_drv_get_capa(wpa_s, &capa);
7682 if (capa_res == 0) {
7683 wpa_s->drv_capa_known = 1;
7684 wpa_s->drv_flags = capa.flags;
7685 wpa_s->drv_flags2 = capa.flags2;
7686 wpa_s->drv_enc = capa.enc;
7687 wpa_s->drv_key_mgmt = capa.key_mgmt;
7688 wpa_s->drv_rrm_flags = capa.rrm_flags;
7689 wpa_s->drv_max_acl_mac_addrs = capa.max_acl_mac_addrs;
7690 wpa_s->probe_resp_offloads = capa.probe_resp_offloads;
7691 wpa_s->max_scan_ssids = capa.max_scan_ssids;
7692 wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids;
7693 wpa_s->max_sched_scan_plans = capa.max_sched_scan_plans;
7694 wpa_s->max_sched_scan_plan_interval =
7695 capa.max_sched_scan_plan_interval;
7696 wpa_s->max_sched_scan_plan_iterations =
7697 capa.max_sched_scan_plan_iterations;
7698 wpa_s->sched_scan_supported = capa.sched_scan_supported;
7699 wpa_s->max_match_sets = capa.max_match_sets;
7700 wpa_s->max_remain_on_chan = capa.max_remain_on_chan;
7701 wpa_s->max_stations = capa.max_stations;
7702 wpa_s->extended_capa = capa.extended_capa;
7703 wpa_s->extended_capa_mask = capa.extended_capa_mask;
7704 wpa_s->extended_capa_len = capa.extended_capa_len;
7705 wpa_s->num_multichan_concurrent =
7706 capa.num_multichan_concurrent;
7707 #ifndef CONFIG_NO_WMM_AC
7708 wpa_s->wmm_ac_supported = capa.wmm_ac_supported;
7709 #endif /* CONFIG_NO_WMM_AC */
7710 wpa_s->max_num_akms = capa.max_num_akms;
7711
7712 if (capa.mac_addr_rand_scan_supported)
7713 wpa_s->mac_addr_rand_supported |= MAC_ADDR_RAND_SCAN;
7714 if (wpa_s->sched_scan_supported &&
7715 capa.mac_addr_rand_sched_scan_supported)
7716 wpa_s->mac_addr_rand_supported |=
7717 (MAC_ADDR_RAND_SCHED_SCAN | MAC_ADDR_RAND_PNO);
7718 wpa_s->drv_max_probe_req_ie_len = capa.max_probe_req_ie_len;
7719
7720 wpa_drv_get_ext_capa(wpa_s, WPA_IF_STATION);
7721 if (wpa_s->extended_capa &&
7722 wpa_s->extended_capa_len >= 3 &&
7723 wpa_s->extended_capa[2] & 0x40)
7724 wpa_s->multi_bss_support = 1;
7725 } else {
7726 wpa_s->drv_max_probe_req_ie_len = 1500;
7727 }
7728 #ifdef CONFIG_PASN
7729 wpa_pasn_sm_set_caps(wpa_s->wpa, wpa_s->drv_flags2);
7730 #endif /* CONFIG_PASN */
7731 wpa_sm_set_driver_bss_selection(wpa_s->wpa,
7732 !!(wpa_s->drv_flags &
7733 WPA_DRIVER_FLAGS_BSS_SELECTION));
7734 if (wpa_s->max_remain_on_chan == 0)
7735 wpa_s->max_remain_on_chan = 1000;
7736
7737 /*
7738 * Only take p2p_mgmt parameters when P2P Device is supported.
7739 * Doing it here as it determines whether l2_packet_init() will be done
7740 * during wpa_supplicant_driver_init().
7741 */
7742 if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE)
7743 wpa_s->p2p_mgmt = iface->p2p_mgmt;
7744
7745 if (wpa_s->num_multichan_concurrent == 0)
7746 wpa_s->num_multichan_concurrent = 1;
7747
7748 if (wpa_supplicant_driver_init(wpa_s) < 0)
7749 return -1;
7750
7751 #ifdef CONFIG_TDLS
7752 if (!iface->p2p_mgmt && wpa_tdls_init(wpa_s->wpa))
7753 return -1;
7754 #endif /* CONFIG_TDLS */
7755
7756 if (wpa_s->conf->country[0] && wpa_s->conf->country[1] &&
7757 wpa_drv_set_country(wpa_s, wpa_s->conf->country)) {
7758 wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country");
7759 return -1;
7760 }
7761
7762 #ifdef CONFIG_FST
7763 if (wpa_s->conf->fst_group_id) {
7764 struct fst_iface_cfg cfg;
7765 struct fst_wpa_obj iface_obj;
7766
7767 fst_wpa_supplicant_fill_iface_obj(wpa_s, &iface_obj);
7768 os_strlcpy(cfg.group_id, wpa_s->conf->fst_group_id,
7769 sizeof(cfg.group_id));
7770 cfg.priority = wpa_s->conf->fst_priority;
7771 cfg.llt = wpa_s->conf->fst_llt;
7772
7773 wpa_s->fst = fst_attach(wpa_s->ifname, wpa_s->own_addr,
7774 &iface_obj, &cfg);
7775 if (!wpa_s->fst) {
7776 wpa_msg(wpa_s, MSG_ERROR,
7777 "FST: Cannot attach iface %s to group %s",
7778 wpa_s->ifname, cfg.group_id);
7779 return -1;
7780 }
7781 }
7782 #endif /* CONFIG_FST */
7783
7784 if (wpas_wps_init(wpa_s))
7785 return -1;
7786
7787 #ifdef CONFIG_GAS_SERVER
7788 wpa_s->gas_server = gas_server_init(wpa_s, wpas_gas_server_tx);
7789 if (!wpa_s->gas_server) {
7790 wpa_printf(MSG_ERROR, "Failed to initialize GAS server");
7791 return -1;
7792 }
7793 #endif /* CONFIG_GAS_SERVER */
7794
7795 #ifdef CONFIG_DPP
7796 if (wpas_dpp_init(wpa_s) < 0)
7797 return -1;
7798 #endif /* CONFIG_DPP */
7799
7800 #ifdef CONFIG_NAN_USD
7801 if (wpas_nan_usd_init(wpa_s) < 0)
7802 return -1;
7803 #endif /* CONFIG_NAN_USD */
7804
7805 if (wpa_supplicant_init_eapol(wpa_s) < 0)
7806 return -1;
7807 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
7808
7809 wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s);
7810 if (wpa_s->ctrl_iface == NULL) {
7811 wpa_printf(MSG_ERROR,
7812 "Failed to initialize control interface '%s'.\n"
7813 "You may have another wpa_supplicant process "
7814 "already running or the file was\n"
7815 "left by an unclean termination of wpa_supplicant "
7816 "in which case you will need\n"
7817 "to manually remove this file before starting "
7818 "wpa_supplicant again.\n",
7819 wpa_s->conf->ctrl_interface);
7820 return -1;
7821 }
7822
7823 wpa_s->gas = gas_query_init(wpa_s);
7824 if (wpa_s->gas == NULL) {
7825 wpa_printf(MSG_ERROR, "Failed to initialize GAS query");
7826 return -1;
7827 }
7828
7829 if ((!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) ||
7830 wpa_s->p2p_mgmt) &&
7831 wpas_p2p_init(wpa_s->global, wpa_s) < 0) {
7832 wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P");
7833 return -1;
7834 }
7835
7836 if (wpa_bss_init(wpa_s) < 0)
7837 return -1;
7838
7839 /*
7840 * Set Wake-on-WLAN triggers, if configured.
7841 * Note: We don't restore/remove the triggers on shutdown (it doesn't
7842 * have effect anyway when the interface is down).
7843 */
7844 if (capa_res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
7845 return -1;
7846
7847 #ifdef CONFIG_EAP_PROXY
7848 {
7849 size_t len;
7850 wpa_s->mnc_len = eapol_sm_get_eap_proxy_imsi(wpa_s->eapol, -1,
7851 wpa_s->imsi, &len);
7852 if (wpa_s->mnc_len > 0) {
7853 wpa_s->imsi[len] = '\0';
7854 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI %s (MNC length %d)",
7855 wpa_s->imsi, wpa_s->mnc_len);
7856 } else {
7857 wpa_printf(MSG_DEBUG, "eap_proxy: IMSI not available");
7858 }
7859 }
7860 #endif /* CONFIG_EAP_PROXY */
7861
7862 if (pcsc_reader_init(wpa_s) < 0)
7863 return -1;
7864
7865 if (wpas_init_ext_pw(wpa_s) < 0)
7866 return -1;
7867
7868 #ifndef CONFIG_NO_RRM
7869 wpas_rrm_reset(wpa_s);
7870 #endif /* CONFIG_NO_RRM */
7871
7872 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
7873
7874 #ifdef CONFIG_MBO
7875 if (!wpa_s->disable_mbo_oce && wpa_s->conf->oce) {
7876 if ((wpa_s->conf->oce & OCE_STA) &&
7877 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA))
7878 wpa_s->enable_oce = OCE_STA;
7879 if ((wpa_s->conf->oce & OCE_STA_CFON) &&
7880 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_OCE_STA_CFON)) {
7881 /* TODO: Need to add STA-CFON support */
7882 wpa_printf(MSG_ERROR,
7883 "OCE STA-CFON feature is not yet supported");
7884 }
7885 }
7886 wpas_mbo_update_non_pref_chan(wpa_s, wpa_s->conf->non_pref_chan);
7887 #endif /* CONFIG_MBO */
7888
7889 wpa_supplicant_set_default_scan_ies(wpa_s);
7890
7891 return 0;
7892 }
7893
7894
wpa_supplicant_deinit_iface(struct wpa_supplicant * wpa_s,int notify,int terminate)7895 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s,
7896 int notify, int terminate)
7897 {
7898 struct wpa_global *global = wpa_s->global;
7899 struct wpa_supplicant *iface, *prev;
7900
7901 if (wpa_s == wpa_s->parent)
7902 wpas_p2p_group_remove(wpa_s, "*");
7903
7904 iface = global->ifaces;
7905 while (iface) {
7906 if (iface->p2pdev == wpa_s)
7907 iface->p2pdev = iface->parent;
7908 if (iface == wpa_s || iface->parent != wpa_s) {
7909 iface = iface->next;
7910 continue;
7911 }
7912 wpa_printf(MSG_DEBUG,
7913 "Remove remaining child interface %s from parent %s",
7914 iface->ifname, wpa_s->ifname);
7915 prev = iface;
7916 iface = iface->next;
7917 wpa_supplicant_remove_iface(global, prev, terminate);
7918 }
7919
7920 wpa_s->disconnected = 1;
7921 if (wpa_s->drv_priv) {
7922 /*
7923 * Don't deauthenticate if WoWLAN is enable and not explicitly
7924 * been configured to disconnect.
7925 */
7926 if (!wpa_drv_get_wowlan(wpa_s) ||
7927 wpa_s->conf->wowlan_disconnect_on_deinit) {
7928 wpa_supplicant_deauthenticate(
7929 wpa_s, WLAN_REASON_DEAUTH_LEAVING);
7930
7931 wpa_drv_set_countermeasures(wpa_s, 0);
7932 wpa_clear_keys(wpa_s, NULL);
7933 } else {
7934 wpa_msg(wpa_s, MSG_INFO,
7935 "Do not deauthenticate as part of interface deinit since WoWLAN is enabled");
7936 }
7937 }
7938
7939 wpa_supplicant_cleanup(wpa_s);
7940 wpas_p2p_deinit_iface(wpa_s);
7941
7942 wpas_ctrl_radio_work_flush(wpa_s);
7943 radio_remove_interface(wpa_s);
7944
7945 #ifdef CONFIG_FST
7946 if (wpa_s->fst) {
7947 fst_detach(wpa_s->fst);
7948 wpa_s->fst = NULL;
7949 }
7950 if (wpa_s->received_mb_ies) {
7951 wpabuf_free(wpa_s->received_mb_ies);
7952 wpa_s->received_mb_ies = NULL;
7953 }
7954 #endif /* CONFIG_FST */
7955
7956 if (wpa_s->drv_priv)
7957 wpa_drv_deinit(wpa_s);
7958
7959 if (notify)
7960 wpas_notify_iface_removed(wpa_s);
7961
7962 if (terminate)
7963 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING);
7964
7965 wpa_supplicant_ctrl_iface_deinit(wpa_s, wpa_s->ctrl_iface);
7966 wpa_s->ctrl_iface = NULL;
7967
7968 #ifdef CONFIG_MESH
7969 if (wpa_s->ifmsh) {
7970 wpa_supplicant_mesh_iface_deinit(wpa_s, wpa_s->ifmsh, true);
7971 wpa_s->ifmsh = NULL;
7972 }
7973 #endif /* CONFIG_MESH */
7974
7975 if (wpa_s->conf != NULL) {
7976 wpa_config_free(wpa_s->conf);
7977 wpa_s->conf = NULL;
7978 }
7979
7980 os_free(wpa_s->ssids_from_scan_req);
7981 os_free(wpa_s->last_scan_freqs);
7982
7983 os_free(wpa_s);
7984 }
7985
7986
7987 #ifdef CONFIG_MATCH_IFACE
7988
7989 /**
7990 * wpa_supplicant_match_iface - Match an interface description to a name
7991 * @global: Pointer to global data from wpa_supplicant_init()
7992 * @ifname: Name of the interface to match
7993 * Returns: Pointer to the created interface description or %NULL on failure
7994 */
wpa_supplicant_match_iface(struct wpa_global * global,const char * ifname)7995 struct wpa_interface * wpa_supplicant_match_iface(struct wpa_global *global,
7996 const char *ifname)
7997 {
7998 int i;
7999 struct wpa_interface *iface, *miface;
8000
8001 for (i = 0; i < global->params.match_iface_count; i++) {
8002 miface = &global->params.match_ifaces[i];
8003 if (!miface->ifname ||
8004 fnmatch(miface->ifname, ifname, 0) == 0) {
8005 iface = os_zalloc(sizeof(*iface));
8006 if (!iface)
8007 return NULL;
8008 *iface = *miface;
8009 if (!miface->ifname)
8010 iface->matched = WPA_IFACE_MATCHED_NULL;
8011 else
8012 iface->matched = WPA_IFACE_MATCHED;
8013 iface->ifname = ifname;
8014 return iface;
8015 }
8016 }
8017
8018 return NULL;
8019 }
8020
8021
8022 /**
8023 * wpa_supplicant_match_existing - Match existing interfaces
8024 * @global: Pointer to global data from wpa_supplicant_init()
8025 * Returns: 0 on success, -1 on failure
8026 */
wpa_supplicant_match_existing(struct wpa_global * global)8027 static int wpa_supplicant_match_existing(struct wpa_global *global)
8028 {
8029 struct if_nameindex *ifi, *ifp;
8030 struct wpa_supplicant *wpa_s;
8031 struct wpa_interface *iface;
8032
8033 ifp = if_nameindex();
8034 if (!ifp) {
8035 wpa_printf(MSG_ERROR, "if_nameindex: %s", strerror(errno));
8036 return -1;
8037 }
8038
8039 for (ifi = ifp; ifi->if_name; ifi++) {
8040 wpa_s = wpa_supplicant_get_iface(global, ifi->if_name);
8041 if (wpa_s)
8042 continue;
8043 iface = wpa_supplicant_match_iface(global, ifi->if_name);
8044 if (iface) {
8045 wpa_supplicant_add_iface(global, iface, NULL);
8046 os_free(iface);
8047 }
8048 }
8049
8050 if_freenameindex(ifp);
8051 return 0;
8052 }
8053
8054 #endif /* CONFIG_MATCH_IFACE */
8055
8056
8057 /**
8058 * wpa_supplicant_add_iface - Add a new network interface
8059 * @global: Pointer to global data from wpa_supplicant_init()
8060 * @iface: Interface configuration options
8061 * @parent: Parent interface or %NULL to assign new interface as parent
8062 * Returns: Pointer to the created interface or %NULL on failure
8063 *
8064 * This function is used to add new network interfaces for %wpa_supplicant.
8065 * This can be called before wpa_supplicant_run() to add interfaces before the
8066 * main event loop has been started. In addition, new interfaces can be added
8067 * dynamically while %wpa_supplicant is already running. This could happen,
8068 * e.g., when a hotplug network adapter is inserted.
8069 */
wpa_supplicant_add_iface(struct wpa_global * global,struct wpa_interface * iface,struct wpa_supplicant * parent)8070 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
8071 struct wpa_interface *iface,
8072 struct wpa_supplicant *parent)
8073 {
8074 struct wpa_supplicant *wpa_s;
8075 struct wpa_interface t_iface;
8076 struct wpa_ssid *ssid;
8077
8078 if (global == NULL || iface == NULL)
8079 return NULL;
8080
8081 wpa_s = wpa_supplicant_alloc(parent);
8082 if (wpa_s == NULL)
8083 return NULL;
8084
8085 wpa_s->global = global;
8086
8087 t_iface = *iface;
8088 if (global->params.override_driver) {
8089 wpa_printf(MSG_DEBUG, "Override interface parameter: driver "
8090 "('%s' -> '%s')",
8091 iface->driver, global->params.override_driver);
8092 t_iface.driver = global->params.override_driver;
8093 }
8094 if (global->params.override_ctrl_interface) {
8095 wpa_printf(MSG_DEBUG, "Override interface parameter: "
8096 "ctrl_interface ('%s' -> '%s')",
8097 iface->ctrl_interface,
8098 global->params.override_ctrl_interface);
8099 t_iface.ctrl_interface =
8100 global->params.override_ctrl_interface;
8101 }
8102 if (wpa_supplicant_init_iface(wpa_s, &t_iface)) {
8103 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
8104 iface->ifname);
8105 wpa_supplicant_deinit_iface(wpa_s, 0, 0);
8106 return NULL;
8107 }
8108
8109 if (iface->p2p_mgmt == 0) {
8110 /* Notify the control interfaces about new iface */
8111 if (wpas_notify_iface_added(wpa_s)) {
8112 wpa_supplicant_deinit_iface(wpa_s, 1, 0);
8113 return NULL;
8114 }
8115
8116 for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next)
8117 wpas_notify_network_added(wpa_s, ssid);
8118 }
8119
8120 wpa_s->next = global->ifaces;
8121 global->ifaces = wpa_s;
8122
8123 wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname);
8124 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
8125
8126 #ifdef CONFIG_P2P
8127 if (wpa_s->global->p2p == NULL &&
8128 !wpa_s->global->p2p_disabled && !wpa_s->conf->p2p_disabled &&
8129 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_DEDICATED_P2P_DEVICE) &&
8130 wpas_p2p_add_p2pdev_interface(
8131 wpa_s, wpa_s->global->params.conf_p2p_dev) < 0) {
8132 wpa_printf(MSG_INFO,
8133 "P2P: Failed to enable P2P Device interface");
8134 /* Try to continue without. P2P will be disabled. */
8135 }
8136 #endif /* CONFIG_P2P */
8137
8138 return wpa_s;
8139 }
8140
8141
8142 /**
8143 * wpa_supplicant_remove_iface - Remove a network interface
8144 * @global: Pointer to global data from wpa_supplicant_init()
8145 * @wpa_s: Pointer to the network interface to be removed
8146 * Returns: 0 if interface was removed, -1 if interface was not found
8147 *
8148 * This function can be used to dynamically remove network interfaces from
8149 * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In
8150 * addition, this function is used to remove all remaining interfaces when
8151 * %wpa_supplicant is terminated.
8152 */
wpa_supplicant_remove_iface(struct wpa_global * global,struct wpa_supplicant * wpa_s,int terminate)8153 int wpa_supplicant_remove_iface(struct wpa_global *global,
8154 struct wpa_supplicant *wpa_s,
8155 int terminate)
8156 {
8157 struct wpa_supplicant *prev;
8158 #ifdef CONFIG_MESH
8159 unsigned int mesh_if_created = wpa_s->mesh_if_created;
8160 char *ifname = NULL;
8161 struct wpa_supplicant *parent = wpa_s->parent;
8162 #endif /* CONFIG_MESH */
8163
8164 /* Remove interface from the global list of interfaces */
8165 prev = global->ifaces;
8166 if (prev == wpa_s) {
8167 global->ifaces = wpa_s->next;
8168 } else {
8169 while (prev && prev->next != wpa_s)
8170 prev = prev->next;
8171 if (prev == NULL)
8172 return -1;
8173 prev->next = wpa_s->next;
8174 }
8175
8176 wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
8177
8178 #ifdef CONFIG_MESH
8179 if (mesh_if_created) {
8180 ifname = os_strdup(wpa_s->ifname);
8181 if (ifname == NULL) {
8182 wpa_dbg(wpa_s, MSG_ERROR,
8183 "mesh: Failed to malloc ifname");
8184 return -1;
8185 }
8186 }
8187 #endif /* CONFIG_MESH */
8188
8189 if (global->p2p_group_formation == wpa_s)
8190 global->p2p_group_formation = NULL;
8191 if (global->p2p_invite_group == wpa_s)
8192 global->p2p_invite_group = NULL;
8193 wpa_supplicant_deinit_iface(wpa_s, 1, terminate);
8194
8195 #ifdef CONFIG_MESH
8196 if (mesh_if_created) {
8197 wpa_drv_if_remove(parent, WPA_IF_MESH, ifname);
8198 os_free(ifname);
8199 }
8200 #endif /* CONFIG_MESH */
8201
8202 return 0;
8203 }
8204
8205
8206 /**
8207 * wpa_supplicant_get_eap_mode - Get the current EAP mode
8208 * @wpa_s: Pointer to the network interface
8209 * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found
8210 */
wpa_supplicant_get_eap_mode(struct wpa_supplicant * wpa_s)8211 const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s)
8212 {
8213 const char *eapol_method;
8214
8215 if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 &&
8216 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
8217 return "NO-EAP";
8218 }
8219
8220 eapol_method = eapol_sm_get_method_name(wpa_s->eapol);
8221 if (eapol_method == NULL)
8222 return "UNKNOWN-EAP";
8223
8224 return eapol_method;
8225 }
8226
8227
8228 /**
8229 * wpa_supplicant_get_iface - Get a new network interface
8230 * @global: Pointer to global data from wpa_supplicant_init()
8231 * @ifname: Interface name
8232 * Returns: Pointer to the interface or %NULL if not found
8233 */
wpa_supplicant_get_iface(struct wpa_global * global,const char * ifname)8234 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
8235 const char *ifname)
8236 {
8237 struct wpa_supplicant *wpa_s;
8238
8239 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8240 if (os_strcmp(wpa_s->ifname, ifname) == 0)
8241 return wpa_s;
8242 }
8243 return NULL;
8244 }
8245
8246
8247 #ifndef CONFIG_NO_WPA_MSG
wpa_supplicant_msg_ifname_cb(void * ctx)8248 static const char * wpa_supplicant_msg_ifname_cb(void *ctx)
8249 {
8250 struct wpa_supplicant *wpa_s = ctx;
8251 if (wpa_s == NULL)
8252 return NULL;
8253 return wpa_s->ifname;
8254 }
8255 #endif /* CONFIG_NO_WPA_MSG */
8256
8257
8258 #ifndef WPA_SUPPLICANT_CLEANUP_INTERVAL
8259 #define WPA_SUPPLICANT_CLEANUP_INTERVAL 10
8260 #endif /* WPA_SUPPLICANT_CLEANUP_INTERVAL */
8261
8262 /* Periodic cleanup tasks */
wpas_periodic(void * eloop_ctx,void * timeout_ctx)8263 static void wpas_periodic(void *eloop_ctx, void *timeout_ctx)
8264 {
8265 struct wpa_global *global = eloop_ctx;
8266 struct wpa_supplicant *wpa_s;
8267
8268 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
8269 wpas_periodic, global, NULL);
8270
8271 #ifdef CONFIG_P2P
8272 if (global->p2p)
8273 p2p_expire_peers(global->p2p);
8274 #endif /* CONFIG_P2P */
8275
8276 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
8277 wpa_bss_flush_by_age(wpa_s, wpa_s->conf->bss_expiration_age);
8278 #ifdef CONFIG_AP
8279 ap_periodic(wpa_s);
8280 #endif /* CONFIG_AP */
8281 }
8282 }
8283
8284
8285 /**
8286 * wpa_supplicant_init - Initialize %wpa_supplicant
8287 * @params: Parameters for %wpa_supplicant
8288 * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure
8289 *
8290 * This function is used to initialize %wpa_supplicant. After successful
8291 * initialization, the returned data pointer can be used to add and remove
8292 * network interfaces, and eventually, to deinitialize %wpa_supplicant.
8293 */
wpa_supplicant_init(struct wpa_params * params)8294 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
8295 {
8296 struct wpa_global *global;
8297 int ret, i;
8298
8299 if (params == NULL)
8300 return NULL;
8301
8302 #ifdef CONFIG_DRIVER_NDIS
8303 {
8304 void driver_ndis_init_ops(void);
8305 driver_ndis_init_ops();
8306 }
8307 #endif /* CONFIG_DRIVER_NDIS */
8308
8309 #ifndef CONFIG_NO_WPA_MSG
8310 wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb);
8311 #endif /* CONFIG_NO_WPA_MSG */
8312
8313 if (params->wpa_debug_file_path)
8314 wpa_debug_open_file(params->wpa_debug_file_path);
8315 if (!params->wpa_debug_file_path && !params->wpa_debug_syslog)
8316 wpa_debug_setup_stdout();
8317 if (params->wpa_debug_syslog)
8318 wpa_debug_open_syslog();
8319 if (params->wpa_debug_tracing) {
8320 ret = wpa_debug_open_linux_tracing();
8321 if (ret) {
8322 wpa_printf(MSG_ERROR,
8323 "Failed to enable trace logging");
8324 return NULL;
8325 }
8326 }
8327
8328 ret = eap_register_methods();
8329 if (ret) {
8330 wpa_printf(MSG_ERROR, "Failed to register EAP methods");
8331 if (ret == -2)
8332 wpa_printf(MSG_ERROR, "Two or more EAP methods used "
8333 "the same EAP type.");
8334 return NULL;
8335 }
8336
8337 global = os_zalloc(sizeof(*global));
8338 if (global == NULL)
8339 return NULL;
8340 dl_list_init(&global->p2p_srv_bonjour);
8341 dl_list_init(&global->p2p_srv_upnp);
8342 global->params.daemonize = params->daemonize;
8343 global->params.wait_for_monitor = params->wait_for_monitor;
8344 global->params.dbus_ctrl_interface = params->dbus_ctrl_interface;
8345
8346 if (params->pid_file) {
8347 global->params.pid_file = os_strdup(params->pid_file);
8348 if (!global->params.pid_file) {
8349 wpa_supplicant_deinit(global);
8350 return NULL;
8351 }
8352 }
8353
8354 if (params->ctrl_interface) {
8355 global->params.ctrl_interface =
8356 os_strdup(params->ctrl_interface);
8357 if (!global->params.ctrl_interface) {
8358 wpa_supplicant_deinit(global);
8359 return NULL;
8360 }
8361 }
8362
8363 if (params->ctrl_interface_group) {
8364 global->params.ctrl_interface_group =
8365 os_strdup(params->ctrl_interface_group);
8366 if (!global->params.ctrl_interface_group) {
8367 wpa_supplicant_deinit(global);
8368 return NULL;
8369 }
8370 }
8371
8372 if (params->override_driver) {
8373 global->params.override_driver =
8374 os_strdup(params->override_driver);
8375 if (!global->params.override_driver) {
8376 wpa_supplicant_deinit(global);
8377 return NULL;
8378 }
8379 }
8380
8381 if (params->override_ctrl_interface) {
8382 global->params.override_ctrl_interface =
8383 os_strdup(params->override_ctrl_interface);
8384 if (!global->params.override_ctrl_interface) {
8385 wpa_supplicant_deinit(global);
8386 return NULL;
8387 }
8388 }
8389
8390 #ifdef CONFIG_MATCH_IFACE
8391 global->params.match_iface_count = params->match_iface_count;
8392 if (params->match_iface_count) {
8393 global->params.match_ifaces =
8394 os_calloc(params->match_iface_count,
8395 sizeof(struct wpa_interface));
8396 if (!global->params.match_ifaces) {
8397 wpa_printf(MSG_ERROR,
8398 "Failed to allocate match interfaces");
8399 wpa_supplicant_deinit(global);
8400 return NULL;
8401 }
8402 os_memcpy(global->params.match_ifaces,
8403 params->match_ifaces,
8404 params->match_iface_count *
8405 sizeof(struct wpa_interface));
8406 }
8407 #endif /* CONFIG_MATCH_IFACE */
8408 #ifdef CONFIG_P2P
8409 if (params->conf_p2p_dev) {
8410 global->params.conf_p2p_dev =
8411 os_strdup(params->conf_p2p_dev);
8412 if (!global->params.conf_p2p_dev) {
8413 wpa_printf(MSG_ERROR, "Failed to allocate conf p2p");
8414 wpa_supplicant_deinit(global);
8415 return NULL;
8416 }
8417 }
8418 #endif /* CONFIG_P2P */
8419 wpa_debug_level = global->params.wpa_debug_level =
8420 params->wpa_debug_level;
8421 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
8422 params->wpa_debug_show_keys;
8423 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
8424 params->wpa_debug_timestamp;
8425
8426 wpa_printf(MSG_DEBUG, "wpa_supplicant v%s", VERSION_STR);
8427
8428 if (eloop_init()) {
8429 wpa_printf(MSG_ERROR, "Failed to initialize event loop");
8430 wpa_supplicant_deinit(global);
8431 return NULL;
8432 }
8433
8434 random_init(params->entropy_file);
8435
8436 global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global);
8437 if (global->ctrl_iface == NULL) {
8438 wpa_supplicant_deinit(global);
8439 return NULL;
8440 }
8441
8442 if (wpas_notify_supplicant_initialized(global)) {
8443 wpa_supplicant_deinit(global);
8444 return NULL;
8445 }
8446
8447 for (i = 0; wpa_drivers[i]; i++)
8448 global->drv_count++;
8449 if (global->drv_count == 0) {
8450 wpa_printf(MSG_ERROR, "No drivers enabled");
8451 wpa_supplicant_deinit(global);
8452 return NULL;
8453 }
8454 global->drv_priv = os_calloc(global->drv_count, sizeof(void *));
8455 if (global->drv_priv == NULL) {
8456 wpa_supplicant_deinit(global);
8457 return NULL;
8458 }
8459
8460 #ifdef CONFIG_WIFI_DISPLAY
8461 if (wifi_display_init(global) < 0) {
8462 wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display");
8463 wpa_supplicant_deinit(global);
8464 return NULL;
8465 }
8466 #endif /* CONFIG_WIFI_DISPLAY */
8467
8468 eloop_register_timeout(WPA_SUPPLICANT_CLEANUP_INTERVAL, 0,
8469 wpas_periodic, global, NULL);
8470
8471 return global;
8472 }
8473
8474
8475 /**
8476 * wpa_supplicant_run - Run the %wpa_supplicant main event loop
8477 * @global: Pointer to global data from wpa_supplicant_init()
8478 * Returns: 0 after successful event loop run, -1 on failure
8479 *
8480 * This function starts the main event loop and continues running as long as
8481 * there are any remaining events. In most cases, this function is running as
8482 * long as the %wpa_supplicant process in still in use.
8483 */
wpa_supplicant_run(struct wpa_global * global)8484 int wpa_supplicant_run(struct wpa_global *global)
8485 {
8486 struct wpa_supplicant *wpa_s;
8487
8488 if (global->params.daemonize &&
8489 (wpa_supplicant_daemon(global->params.pid_file) ||
8490 eloop_sock_requeue()))
8491 return -1;
8492
8493 #ifdef CONFIG_MATCH_IFACE
8494 if (wpa_supplicant_match_existing(global))
8495 return -1;
8496 #endif
8497
8498 if (global->params.wait_for_monitor) {
8499 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
8500 if (wpa_s->ctrl_iface && !wpa_s->p2p_mgmt)
8501 wpa_supplicant_ctrl_iface_wait(
8502 wpa_s->ctrl_iface);
8503 }
8504
8505 eloop_register_signal_terminate(wpa_supplicant_terminate, global);
8506 eloop_register_signal_reconfig(wpa_supplicant_reconfig, global);
8507
8508 eloop_run();
8509
8510 return 0;
8511 }
8512
8513
8514 /**
8515 * wpa_supplicant_deinit - Deinitialize %wpa_supplicant
8516 * @global: Pointer to global data from wpa_supplicant_init()
8517 *
8518 * This function is called to deinitialize %wpa_supplicant and to free all
8519 * allocated resources. Remaining network interfaces will also be removed.
8520 */
wpa_supplicant_deinit(struct wpa_global * global)8521 void wpa_supplicant_deinit(struct wpa_global *global)
8522 {
8523 int i;
8524
8525 if (global == NULL)
8526 return;
8527
8528 eloop_cancel_timeout(wpas_periodic, global, NULL);
8529
8530 #ifdef CONFIG_WIFI_DISPLAY
8531 wifi_display_deinit(global);
8532 #endif /* CONFIG_WIFI_DISPLAY */
8533
8534 while (global->ifaces)
8535 wpa_supplicant_remove_iface(global, global->ifaces, 1);
8536
8537 if (global->ctrl_iface)
8538 wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface);
8539
8540 wpas_notify_supplicant_deinitialized(global);
8541
8542 eap_peer_unregister_methods();
8543 #ifdef CONFIG_AP
8544 eap_server_unregister_methods();
8545 #endif /* CONFIG_AP */
8546
8547 for (i = 0; wpa_drivers[i] && global->drv_priv; i++) {
8548 if (!global->drv_priv[i])
8549 continue;
8550 wpa_drivers[i]->global_deinit(global->drv_priv[i]);
8551 }
8552 os_free(global->drv_priv);
8553
8554 random_deinit();
8555
8556 eloop_destroy();
8557
8558 if (global->params.pid_file) {
8559 os_daemonize_terminate(global->params.pid_file);
8560 os_free(global->params.pid_file);
8561 }
8562 os_free(global->params.ctrl_interface);
8563 os_free(global->params.ctrl_interface_group);
8564 os_free(global->params.override_driver);
8565 os_free(global->params.override_ctrl_interface);
8566 #ifdef CONFIG_MATCH_IFACE
8567 os_free(global->params.match_ifaces);
8568 #endif /* CONFIG_MATCH_IFACE */
8569 #ifdef CONFIG_P2P
8570 os_free(global->params.conf_p2p_dev);
8571 #endif /* CONFIG_P2P */
8572
8573 os_free(global->p2p_disallow_freq.range);
8574 os_free(global->p2p_go_avoid_freq.range);
8575 os_free(global->add_psk);
8576
8577 os_free(global);
8578 wpa_debug_close_syslog();
8579 wpa_debug_close_file();
8580 wpa_debug_close_linux_tracing();
8581 }
8582
8583
wpa_supplicant_update_config(struct wpa_supplicant * wpa_s)8584 void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s)
8585 {
8586 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) &&
8587 wpa_s->conf->country[0] && wpa_s->conf->country[1]) {
8588 char country[3];
8589 country[0] = wpa_s->conf->country[0];
8590 country[1] = wpa_s->conf->country[1];
8591 country[2] = '\0';
8592 if (wpa_drv_set_country(wpa_s, country) < 0) {
8593 wpa_printf(MSG_ERROR, "Failed to set country code "
8594 "'%s'", country);
8595 }
8596 }
8597
8598 if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND)
8599 wpas_init_ext_pw(wpa_s);
8600
8601 if (wpa_s->conf->changed_parameters & CFG_CHANGED_SCHED_SCAN_PLANS)
8602 wpas_sched_scan_plans_set(wpa_s, wpa_s->conf->sched_scan_plans);
8603
8604 if (wpa_s->conf->changed_parameters & CFG_CHANGED_WOWLAN_TRIGGERS) {
8605 struct wpa_driver_capa capa;
8606 int res = wpa_drv_get_capa(wpa_s, &capa);
8607
8608 if (res == 0 && wpas_set_wowlan_triggers(wpa_s, &capa) < 0)
8609 wpa_printf(MSG_ERROR,
8610 "Failed to update wowlan_triggers to '%s'",
8611 wpa_s->conf->wowlan_triggers);
8612 }
8613
8614 if (wpa_s->conf->changed_parameters & CFG_CHANGED_DISABLE_BTM)
8615 wpa_supplicant_set_default_scan_ies(wpa_s);
8616
8617 if (wpa_s->conf->changed_parameters & CFG_CHANGED_FT_PREPEND_PMKID)
8618 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_FT_PREPEND_PMKID,
8619 wpa_s->conf->ft_prepend_pmkid);
8620
8621 #ifdef CONFIG_BGSCAN
8622 /*
8623 * We default to global bgscan parameters only when per-network bgscan
8624 * parameters aren't set. Only bother resetting bgscan parameters if
8625 * this is the case.
8626 */
8627 if ((wpa_s->conf->changed_parameters & CFG_CHANGED_BGSCAN) &&
8628 wpa_s->current_ssid && !wpa_s->current_ssid->bgscan &&
8629 wpa_s->wpa_state == WPA_COMPLETED)
8630 wpa_supplicant_reset_bgscan(wpa_s);
8631 #endif /* CONFIG_BGSCAN */
8632
8633 #ifdef CONFIG_WPS
8634 wpas_wps_update_config(wpa_s);
8635 #endif /* CONFIG_WPS */
8636 wpas_p2p_update_config(wpa_s);
8637 wpa_s->conf->changed_parameters = 0;
8638 }
8639
8640
add_freq(int * freqs,int * num_freqs,int freq)8641 void add_freq(int *freqs, int *num_freqs, int freq)
8642 {
8643 int i;
8644
8645 for (i = 0; i < *num_freqs; i++) {
8646 if (freqs[i] == freq)
8647 return;
8648 }
8649
8650 freqs[*num_freqs] = freq;
8651 (*num_freqs)++;
8652 }
8653
8654
get_bss_freqs_in_ess(struct wpa_supplicant * wpa_s)8655 static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s)
8656 {
8657 struct wpa_bss *bss, *cbss;
8658 const int max_freqs = 10;
8659 int *freqs;
8660 int num_freqs = 0;
8661
8662 freqs = os_calloc(max_freqs + 1, sizeof(int));
8663 if (freqs == NULL)
8664 return NULL;
8665
8666 cbss = wpa_s->current_bss;
8667
8668 dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) {
8669 if (bss == cbss)
8670 continue;
8671 if (bss->ssid_len == cbss->ssid_len &&
8672 os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 &&
8673 !wpa_bssid_ignore_is_listed(wpa_s, bss->bssid)) {
8674 add_freq(freqs, &num_freqs, bss->freq);
8675 if (num_freqs == max_freqs)
8676 break;
8677 }
8678 }
8679
8680 if (num_freqs == 0) {
8681 os_free(freqs);
8682 freqs = NULL;
8683 }
8684
8685 return freqs;
8686 }
8687
8688
wpas_connection_failed(struct wpa_supplicant * wpa_s,const u8 * bssid,const u8 ** link_bssids)8689 void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid,
8690 const u8 **link_bssids)
8691 {
8692 int timeout;
8693 int count;
8694 int *freqs = NULL;
8695
8696 wpas_connect_work_done(wpa_s);
8697
8698 /*
8699 * Remove possible authentication timeout since the connection failed.
8700 */
8701 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
8702
8703 /*
8704 * There is no point in ignoring the AP temporarily if this event is
8705 * generated based on local request to disconnect.
8706 */
8707 if (wpa_s->own_disconnect_req || wpa_s->own_reconnect_req) {
8708 wpa_s->own_disconnect_req = 0;
8709 wpa_dbg(wpa_s, MSG_DEBUG,
8710 "Ignore connection failure due to local request to disconnect");
8711 return;
8712 }
8713 if (wpa_s->disconnected) {
8714 wpa_dbg(wpa_s, MSG_DEBUG, "Ignore connection failure "
8715 "indication since interface has been put into "
8716 "disconnected state");
8717 return;
8718 }
8719
8720 /* Also mark links as failed */
8721 while (link_bssids && *link_bssids) {
8722 wpa_bssid_ignore_add(wpa_s, *link_bssids);
8723 link_bssids++;
8724 }
8725
8726 /*
8727 * Add the failed BSSID into the ignore list and speed up next scan
8728 * attempt if there could be other APs that could accept association.
8729 */
8730 count = wpa_bssid_ignore_add(wpa_s, bssid);
8731 if (count == 1 && wpa_s->current_bss) {
8732 /*
8733 * This BSS was not in the ignore list before. If there is
8734 * another BSS available for the same ESS, we should try that
8735 * next. Otherwise, we may as well try this one once more
8736 * before allowing other, likely worse, ESSes to be considered.
8737 */
8738 freqs = get_bss_freqs_in_ess(wpa_s);
8739 if (freqs) {
8740 wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS "
8741 "has been seen; try it next");
8742 wpa_bssid_ignore_add(wpa_s, bssid);
8743 /*
8744 * On the next scan, go through only the known channels
8745 * used in this ESS based on previous scans to speed up
8746 * common load balancing use case.
8747 */
8748 os_free(wpa_s->next_scan_freqs);
8749 wpa_s->next_scan_freqs = freqs;
8750 }
8751 }
8752
8753 wpa_s->consecutive_conn_failures++;
8754
8755 if (wpa_s->consecutive_conn_failures > 3 && wpa_s->current_ssid) {
8756 wpa_printf(MSG_DEBUG, "Continuous association failures - "
8757 "consider temporary network disabling");
8758 wpas_auth_failed(wpa_s, "CONN_FAILED", bssid);
8759 }
8760 /*
8761 * Multiple consecutive connection failures mean that other APs are
8762 * either not available or have already been tried, so we can start
8763 * increasing the delay here to avoid constant scanning.
8764 */
8765 switch (wpa_s->consecutive_conn_failures) {
8766 case 1:
8767 timeout = 100;
8768 break;
8769 case 2:
8770 timeout = 500;
8771 break;
8772 case 3:
8773 timeout = 1000;
8774 break;
8775 case 4:
8776 timeout = 5000;
8777 break;
8778 default:
8779 timeout = 10000;
8780 break;
8781 }
8782
8783 wpa_dbg(wpa_s, MSG_DEBUG,
8784 "Consecutive connection failures: %d --> request scan in %d ms",
8785 wpa_s->consecutive_conn_failures, timeout);
8786
8787 /*
8788 * TODO: if more than one possible AP is available in scan results,
8789 * could try the other ones before requesting a new scan.
8790 */
8791
8792 /* speed up the connection attempt with normal scan */
8793 wpa_s->normal_scans = 0;
8794 wpa_supplicant_req_scan(wpa_s, timeout / 1000,
8795 1000 * (timeout % 1000));
8796 }
8797
8798
8799 #ifdef CONFIG_FILS
8800
fils_pmksa_cache_flush(struct wpa_supplicant * wpa_s)8801 void fils_pmksa_cache_flush(struct wpa_supplicant *wpa_s)
8802 {
8803 struct wpa_ssid *ssid = wpa_s->current_ssid;
8804 const u8 *realm, *username, *rrk;
8805 size_t realm_len, username_len, rrk_len;
8806 u16 next_seq_num;
8807
8808 /* Clear the PMKSA cache entry if FILS authentication was rejected.
8809 * Check for ERP keys existing to limit when this can be done since
8810 * the rejection response is not protected and such triggers should
8811 * really not allow internal state to be modified unless required to
8812 * avoid significant issues in functionality. In addition, drop
8813 * externally configure PMKSA entries even without ERP keys since it
8814 * is possible for an external component to add PMKSA entries for FILS
8815 * authentication without restoring previously generated ERP keys.
8816 *
8817 * In this case, this is needed to allow recovery from cases where the
8818 * AP or authentication server has dropped PMKSAs and ERP keys. */
8819 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt))
8820 return;
8821
8822 if (eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
8823 &username, &username_len,
8824 &realm, &realm_len, &next_seq_num,
8825 &rrk, &rrk_len) != 0 ||
8826 !realm) {
8827 wpa_dbg(wpa_s, MSG_DEBUG,
8828 "FILS: Drop external PMKSA cache entry");
8829 wpa_sm_aborted_external_cached(wpa_s->wpa);
8830 wpa_sm_external_pmksa_cache_flush(wpa_s->wpa, ssid);
8831 return;
8832 }
8833
8834 wpa_dbg(wpa_s, MSG_DEBUG, "FILS: Drop PMKSA cache entry");
8835 wpa_sm_aborted_cached(wpa_s->wpa);
8836 wpa_sm_pmksa_cache_flush(wpa_s->wpa, ssid);
8837 }
8838
8839
fils_connection_failure(struct wpa_supplicant * wpa_s)8840 void fils_connection_failure(struct wpa_supplicant *wpa_s)
8841 {
8842 struct wpa_ssid *ssid = wpa_s->current_ssid;
8843 const u8 *realm, *username, *rrk;
8844 size_t realm_len, username_len, rrk_len;
8845 u16 next_seq_num;
8846
8847 if (!ssid || !ssid->eap.erp || !wpa_key_mgmt_fils(ssid->key_mgmt) ||
8848 eapol_sm_get_erp_info(wpa_s->eapol, &ssid->eap,
8849 &username, &username_len,
8850 &realm, &realm_len, &next_seq_num,
8851 &rrk, &rrk_len) != 0 ||
8852 !realm)
8853 return;
8854
8855 wpa_hexdump_ascii(MSG_DEBUG,
8856 "FILS: Store last connection failure realm",
8857 realm, realm_len);
8858 os_free(wpa_s->last_con_fail_realm);
8859 wpa_s->last_con_fail_realm = os_malloc(realm_len);
8860 if (wpa_s->last_con_fail_realm) {
8861 wpa_s->last_con_fail_realm_len = realm_len;
8862 os_memcpy(wpa_s->last_con_fail_realm, realm, realm_len);
8863 }
8864 }
8865 #endif /* CONFIG_FILS */
8866
8867
wpas_driver_bss_selection(struct wpa_supplicant * wpa_s)8868 int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s)
8869 {
8870 return wpa_s->conf->ap_scan == 2 ||
8871 (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION);
8872 }
8873
8874
wpas_driver_rsn_override(struct wpa_supplicant * wpa_s)8875 static bool wpas_driver_rsn_override(struct wpa_supplicant *wpa_s)
8876 {
8877 return !!(wpa_s->drv_flags2 & WPA_DRIVER_FLAGS2_RSN_OVERRIDE_STA);
8878 }
8879
8880
wpas_rsn_overriding(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)8881 bool wpas_rsn_overriding(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
8882 {
8883 enum wpas_rsn_overriding rsno;
8884
8885 if (ssid && ssid->rsn_overriding != RSN_OVERRIDING_NOT_SET)
8886 rsno = ssid->rsn_overriding;
8887 else
8888 rsno = wpa_s->conf->rsn_overriding;
8889
8890 if (rsno == RSN_OVERRIDING_DISABLED)
8891 return false;
8892
8893 if (rsno == RSN_OVERRIDING_ENABLED)
8894 return true;
8895
8896 if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) ||
8897 wpas_driver_bss_selection(wpa_s))
8898 return wpas_driver_rsn_override(wpa_s);
8899
8900 return true;
8901 }
8902
8903
8904 #if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW)
wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const char * field,const char * value)8905 int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s,
8906 struct wpa_ssid *ssid,
8907 const char *field,
8908 const char *value)
8909 {
8910 #ifdef IEEE8021X_EAPOL
8911 struct eap_peer_config *eap = &ssid->eap;
8912
8913 wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field);
8914 wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value",
8915 (const u8 *) value, os_strlen(value));
8916
8917 switch (wpa_supplicant_ctrl_req_from_string(field)) {
8918 case WPA_CTRL_REQ_EAP_IDENTITY:
8919 os_free(eap->identity);
8920 eap->identity = (u8 *) os_strdup(value);
8921 if (!eap->identity)
8922 return -1;
8923 eap->identity_len = os_strlen(value);
8924 eap->pending_req_identity = 0;
8925 if (ssid == wpa_s->current_ssid)
8926 wpa_s->reassociate = 1;
8927 break;
8928 case WPA_CTRL_REQ_EAP_PASSWORD:
8929 bin_clear_free(eap->password, eap->password_len);
8930 eap->password = (u8 *) os_strdup(value);
8931 if (!eap->password)
8932 return -1;
8933 eap->password_len = os_strlen(value);
8934 eap->pending_req_password = 0;
8935 if (ssid == wpa_s->current_ssid)
8936 wpa_s->reassociate = 1;
8937 break;
8938 case WPA_CTRL_REQ_EAP_NEW_PASSWORD:
8939 bin_clear_free(eap->new_password, eap->new_password_len);
8940 eap->new_password = (u8 *) os_strdup(value);
8941 if (!eap->new_password)
8942 return -1;
8943 eap->new_password_len = os_strlen(value);
8944 eap->pending_req_new_password = 0;
8945 if (ssid == wpa_s->current_ssid)
8946 wpa_s->reassociate = 1;
8947 break;
8948 case WPA_CTRL_REQ_EAP_PIN:
8949 str_clear_free(eap->cert.pin);
8950 eap->cert.pin = os_strdup(value);
8951 if (!eap->cert.pin)
8952 return -1;
8953 eap->pending_req_pin = 0;
8954 if (ssid == wpa_s->current_ssid)
8955 wpa_s->reassociate = 1;
8956 break;
8957 case WPA_CTRL_REQ_EAP_OTP:
8958 bin_clear_free(eap->otp, eap->otp_len);
8959 eap->otp = (u8 *) os_strdup(value);
8960 if (!eap->otp)
8961 return -1;
8962 eap->otp_len = os_strlen(value);
8963 os_free(eap->pending_req_otp);
8964 eap->pending_req_otp = NULL;
8965 eap->pending_req_otp_len = 0;
8966 break;
8967 case WPA_CTRL_REQ_EAP_PASSPHRASE:
8968 str_clear_free(eap->cert.private_key_passwd);
8969 eap->cert.private_key_passwd = os_strdup(value);
8970 if (!eap->cert.private_key_passwd)
8971 return -1;
8972 eap->pending_req_passphrase = 0;
8973 if (ssid == wpa_s->current_ssid)
8974 wpa_s->reassociate = 1;
8975 break;
8976 case WPA_CTRL_REQ_SIM:
8977 str_clear_free(eap->external_sim_resp);
8978 eap->external_sim_resp = os_strdup(value);
8979 if (!eap->external_sim_resp)
8980 return -1;
8981 eap->pending_req_sim = 0;
8982 break;
8983 case WPA_CTRL_REQ_PSK_PASSPHRASE:
8984 if (wpa_config_set(ssid, "psk", value, 0) < 0)
8985 return -1;
8986 ssid->mem_only_psk = 1;
8987 if (ssid->passphrase)
8988 wpa_config_update_psk(ssid);
8989 if (wpa_s->wpa_state == WPA_SCANNING && !wpa_s->scanning)
8990 wpa_supplicant_req_scan(wpa_s, 0, 0);
8991 break;
8992 case WPA_CTRL_REQ_EXT_CERT_CHECK:
8993 if (eap->pending_ext_cert_check != PENDING_CHECK)
8994 return -1;
8995 if (os_strcmp(value, "good") == 0)
8996 eap->pending_ext_cert_check = EXT_CERT_CHECK_GOOD;
8997 else if (os_strcmp(value, "bad") == 0)
8998 eap->pending_ext_cert_check = EXT_CERT_CHECK_BAD;
8999 else
9000 return -1;
9001 break;
9002 default:
9003 wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field);
9004 return -1;
9005 }
9006
9007 return 0;
9008 #else /* IEEE8021X_EAPOL */
9009 wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included");
9010 return -1;
9011 #endif /* IEEE8021X_EAPOL */
9012 }
9013 #endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */
9014
9015
wpas_network_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)9016 int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
9017 {
9018 #ifdef CONFIG_WEP
9019 int i;
9020 unsigned int drv_enc;
9021 #endif /* CONFIG_WEP */
9022
9023 if (wpa_s->p2p_mgmt)
9024 return 1; /* no normal network profiles on p2p_mgmt interface */
9025
9026 if (ssid == NULL)
9027 return 1;
9028
9029 if (ssid->disabled)
9030 return 1;
9031
9032 #ifdef CONFIG_WEP
9033 if (wpa_s->drv_capa_known)
9034 drv_enc = wpa_s->drv_enc;
9035 else
9036 drv_enc = (unsigned int) -1;
9037
9038 for (i = 0; i < NUM_WEP_KEYS; i++) {
9039 size_t len = ssid->wep_key_len[i];
9040 if (len == 0)
9041 continue;
9042 if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40))
9043 continue;
9044 if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104))
9045 continue;
9046 if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128))
9047 continue;
9048 return 1; /* invalid WEP key */
9049 }
9050 #endif /* CONFIG_WEP */
9051
9052 if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set &&
9053 (!ssid->passphrase || ssid->ssid_len != 0) && !ssid->ext_psk &&
9054 !(wpa_key_mgmt_sae(ssid->key_mgmt) &&
9055 (ssid->passphrase || ssid->sae_password || ssid->pmk_valid)) &&
9056 !ssid->mem_only_psk)
9057 return 1;
9058
9059 #ifdef IEEE8021X_EAPOL
9060 #ifdef CRYPTO_RSA_OAEP_SHA256
9061 if (ssid->eap.imsi_privacy_cert) {
9062 struct crypto_rsa_key *key;
9063 bool failed = false;
9064
9065 key = crypto_rsa_key_read(ssid->eap.imsi_privacy_cert, false);
9066 if (!key)
9067 failed = true;
9068 crypto_rsa_key_free(key);
9069 if (failed) {
9070 wpa_printf(MSG_DEBUG,
9071 "Invalid imsi_privacy_cert (%s) - disable network",
9072 ssid->eap.imsi_privacy_cert);
9073 return 1;
9074 }
9075 }
9076 #endif /* CRYPTO_RSA_OAEP_SHA256 */
9077 #endif /* IEEE8021X_EAPOL */
9078
9079 return 0;
9080 }
9081
9082
wpas_get_ssid_pmf(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)9083 int wpas_get_ssid_pmf(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid)
9084 {
9085 if (ssid == NULL || ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT) {
9086 if (wpa_s->conf->pmf == MGMT_FRAME_PROTECTION_OPTIONAL &&
9087 !(wpa_s->drv_enc & WPA_DRIVER_CAPA_ENC_BIP)) {
9088 /*
9089 * Driver does not support BIP -- ignore pmf=1 default
9090 * since the connection with PMF would fail and the
9091 * configuration does not require PMF to be enabled.
9092 */
9093 return NO_MGMT_FRAME_PROTECTION;
9094 }
9095
9096 if (ssid &&
9097 (ssid->key_mgmt &
9098 ~(WPA_KEY_MGMT_NONE | WPA_KEY_MGMT_WPS |
9099 WPA_KEY_MGMT_IEEE8021X_NO_WPA)) == 0) {
9100 /*
9101 * Do not use the default PMF value for non-RSN networks
9102 * since PMF is available only with RSN and pmf=2
9103 * configuration would otherwise prevent connections to
9104 * all open networks.
9105 */
9106 return NO_MGMT_FRAME_PROTECTION;
9107 }
9108
9109 #ifdef CONFIG_OCV
9110 /* Enable PMF if OCV is being enabled */
9111 if (wpa_s->conf->pmf == NO_MGMT_FRAME_PROTECTION &&
9112 ssid && ssid->ocv)
9113 return MGMT_FRAME_PROTECTION_OPTIONAL;
9114 #endif /* CONFIG_OCV */
9115
9116 return wpa_s->conf->pmf;
9117 }
9118
9119 return ssid->ieee80211w;
9120 }
9121
9122
9123 #ifdef CONFIG_SAE
9124
wpas_get_ssid_sae_pwe(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid)9125 enum sae_pwe wpas_get_ssid_sae_pwe(struct wpa_supplicant *wpa_s,
9126 struct wpa_ssid *ssid)
9127 {
9128 if (!ssid || ssid->sae_pwe == DEFAULT_SAE_PWE)
9129 return wpa_s->conf->sae_pwe;
9130 return ssid->sae_pwe;
9131 }
9132
9133
wpas_is_sae_avoided(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,const struct wpa_ie_data * ie)9134 bool wpas_is_sae_avoided(struct wpa_supplicant *wpa_s,
9135 struct wpa_ssid *ssid,
9136 const struct wpa_ie_data *ie)
9137 {
9138 return wpa_s->conf->sae_check_mfp &&
9139 (!(ie->capabilities &
9140 (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) ||
9141 wpas_get_ssid_pmf(wpa_s, ssid) == NO_MGMT_FRAME_PROTECTION);
9142 }
9143
9144 #endif /* CONFIG_SAE */
9145
9146
pmf_in_use(struct wpa_supplicant * wpa_s,const u8 * addr)9147 int pmf_in_use(struct wpa_supplicant *wpa_s, const u8 *addr)
9148 {
9149 if (wpa_s->current_ssid == NULL ||
9150 wpa_s->wpa_state < WPA_4WAY_HANDSHAKE)
9151 return 0;
9152 if (wpa_s->valid_links) {
9153 if (!ether_addr_equal(addr, wpa_s->ap_mld_addr) &&
9154 !wpas_ap_link_address(wpa_s, addr))
9155 return 0;
9156 } else {
9157 if (!ether_addr_equal(addr, wpa_s->bssid))
9158 return 0;
9159 }
9160 return wpa_sm_pmf_enabled(wpa_s->wpa);
9161 }
9162
9163
wpas_is_p2p_prioritized(struct wpa_supplicant * wpa_s)9164 int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s)
9165 {
9166 if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P)
9167 return 1;
9168 if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA)
9169 return 0;
9170 return -1;
9171 }
9172
9173
wpas_auth_failed(struct wpa_supplicant * wpa_s,const char * reason,const u8 * bssid)9174 void wpas_auth_failed(struct wpa_supplicant *wpa_s, const char *reason,
9175 const u8 *bssid)
9176 {
9177 struct wpa_ssid *ssid = wpa_s->current_ssid;
9178 int dur;
9179 struct os_reltime now;
9180
9181 if (ssid == NULL) {
9182 wpa_printf(MSG_DEBUG, "Authentication failure but no known "
9183 "SSID block");
9184 return;
9185 }
9186
9187 if (ssid->key_mgmt == WPA_KEY_MGMT_WPS)
9188 return;
9189
9190 ssid->auth_failures++;
9191
9192 #ifdef CONFIG_P2P
9193 if (ssid->p2p_group &&
9194 (wpa_s->p2p_in_provisioning || wpa_s->show_group_started)) {
9195 /*
9196 * Skip the wait time since there is a short timeout on the
9197 * connection to a P2P group.
9198 */
9199 return;
9200 }
9201 #endif /* CONFIG_P2P */
9202
9203 if (ssid->auth_failures > 50)
9204 dur = 300;
9205 else if (ssid->auth_failures > 10)
9206 dur = 120;
9207 else if (ssid->auth_failures > 5)
9208 dur = 90;
9209 else if (ssid->auth_failures > 3)
9210 dur = 60;
9211 else if (ssid->auth_failures > 2)
9212 dur = 30;
9213 else if (ssid->auth_failures > 1)
9214 dur = 20;
9215 else
9216 dur = 10;
9217
9218 if (ssid->auth_failures > 1 &&
9219 wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt))
9220 dur += os_random() % (ssid->auth_failures * 10);
9221
9222 os_get_reltime(&now);
9223 if (now.sec + dur <= ssid->disabled_until.sec)
9224 return;
9225
9226 ssid->disabled_until.sec = now.sec + dur;
9227
9228 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED
9229 "id=%d ssid=\"%s\" auth_failures=%u duration=%d reason=%s",
9230 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len),
9231 ssid->auth_failures, dur, reason);
9232
9233 if (bssid)
9234 os_memcpy(ssid->disabled_due_to, bssid, ETH_ALEN);
9235 }
9236
9237
wpas_clear_temp_disabled(struct wpa_supplicant * wpa_s,struct wpa_ssid * ssid,int clear_failures)9238 void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s,
9239 struct wpa_ssid *ssid, int clear_failures)
9240 {
9241 if (ssid == NULL)
9242 return;
9243
9244 if (ssid->disabled_until.sec) {
9245 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED
9246 "id=%d ssid=\"%s\"",
9247 ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
9248 }
9249 ssid->disabled_until.sec = 0;
9250 ssid->disabled_until.usec = 0;
9251 if (clear_failures) {
9252 ssid->auth_failures = 0;
9253 } else if (!is_zero_ether_addr(ssid->disabled_due_to)) {
9254 wpa_printf(MSG_DEBUG, "Mark BSSID " MACSTR
9255 " ignored to allow a lower priority BSS, if any, to be tried next",
9256 MAC2STR(ssid->disabled_due_to));
9257 wpa_bssid_ignore_add(wpa_s, ssid->disabled_due_to);
9258 os_memset(ssid->disabled_due_to, 0, ETH_ALEN);
9259 }
9260 }
9261
9262
disallowed_bssid(struct wpa_supplicant * wpa_s,const u8 * bssid)9263 int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid)
9264 {
9265 size_t i;
9266
9267 if (wpa_s->disallow_aps_bssid == NULL)
9268 return 0;
9269
9270 for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) {
9271 if (ether_addr_equal(wpa_s->disallow_aps_bssid + i * ETH_ALEN,
9272 bssid))
9273 return 1;
9274 }
9275
9276 return 0;
9277 }
9278
9279
disallowed_ssid(struct wpa_supplicant * wpa_s,const u8 * ssid,size_t ssid_len)9280 int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid,
9281 size_t ssid_len)
9282 {
9283 size_t i;
9284
9285 if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL)
9286 return 0;
9287
9288 for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) {
9289 struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i];
9290 if (ssid_len == s->ssid_len &&
9291 os_memcmp(ssid, s->ssid, ssid_len) == 0)
9292 return 1;
9293 }
9294
9295 return 0;
9296 }
9297
9298
9299 /**
9300 * wpas_request_connection - Request a new connection
9301 * @wpa_s: Pointer to the network interface
9302 *
9303 * This function is used to request a new connection to be found. It will mark
9304 * the interface to allow reassociation and request a new scan to find a
9305 * suitable network to connect to.
9306 */
wpas_request_connection(struct wpa_supplicant * wpa_s)9307 void wpas_request_connection(struct wpa_supplicant *wpa_s)
9308 {
9309 wpa_s->normal_scans = 0;
9310 wpa_s->scan_req = NORMAL_SCAN_REQ;
9311 wpa_supplicant_reinit_autoscan(wpa_s);
9312 wpa_s->disconnected = 0;
9313 wpa_s->reassociate = 1;
9314 wpa_s->last_owe_group = 0;
9315
9316 if (wpa_supplicant_fast_associate(wpa_s) != 1)
9317 wpa_supplicant_req_scan(wpa_s, 0, 0);
9318 else
9319 wpa_s->reattach = 0;
9320 }
9321
9322
9323 /**
9324 * wpas_request_disconnection - Request disconnection
9325 * @wpa_s: Pointer to the network interface
9326 *
9327 * This function is used to request disconnection from the currently connected
9328 * network. This will stop any ongoing scans and initiate deauthentication.
9329 */
wpas_request_disconnection(struct wpa_supplicant * wpa_s)9330 void wpas_request_disconnection(struct wpa_supplicant *wpa_s)
9331 {
9332 #ifdef CONFIG_SME
9333 wpa_s->sme.prev_bssid_set = 0;
9334 #endif /* CONFIG_SME */
9335 wpa_s->reassociate = 0;
9336 wpa_s->disconnected = 1;
9337 wpa_supplicant_cancel_sched_scan(wpa_s);
9338 wpa_supplicant_cancel_scan(wpa_s);
9339 wpas_abort_ongoing_scan(wpa_s);
9340 wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING);
9341 eloop_cancel_timeout(wpas_network_reenabled, wpa_s, NULL);
9342 radio_remove_works(wpa_s, "connect", 0);
9343 radio_remove_works(wpa_s, "sme-connect", 0);
9344 wpa_s->roam_in_progress = false;
9345 #ifdef CONFIG_WNM
9346 wpa_s->bss_trans_mgmt_in_progress = false;
9347 #endif /* CONFIG_WNM */
9348 }
9349
9350
dump_freq_data(struct wpa_supplicant * wpa_s,const char * title,struct wpa_used_freq_data * freqs_data,unsigned int len)9351 void dump_freq_data(struct wpa_supplicant *wpa_s, const char *title,
9352 struct wpa_used_freq_data *freqs_data,
9353 unsigned int len)
9354 {
9355 unsigned int i;
9356
9357 wpa_dbg(wpa_s, MSG_DEBUG, "Shared frequencies (len=%u): %s",
9358 len, title);
9359 for (i = 0; i < len; i++) {
9360 struct wpa_used_freq_data *cur = &freqs_data[i];
9361 wpa_dbg(wpa_s, MSG_DEBUG, "freq[%u]: %d, flags=0x%X",
9362 i, cur->freq, cur->flags);
9363 }
9364 }
9365
9366
9367 /*
9368 * Find the operating frequencies of any of the virtual interfaces that
9369 * are using the same radio as the current interface, and in addition, get
9370 * information about the interface types that are using the frequency.
9371 */
get_shared_radio_freqs_data(struct wpa_supplicant * wpa_s,struct wpa_used_freq_data * freqs_data,unsigned int len,bool exclude_current)9372 int get_shared_radio_freqs_data(struct wpa_supplicant *wpa_s,
9373 struct wpa_used_freq_data *freqs_data,
9374 unsigned int len, bool exclude_current)
9375 {
9376 struct wpa_supplicant *ifs;
9377 u8 bssid[ETH_ALEN];
9378 int freq;
9379 unsigned int idx = 0, i;
9380
9381 wpa_dbg(wpa_s, MSG_DEBUG,
9382 "Determining shared radio frequencies (max len %u)", len);
9383 os_memset(freqs_data, 0, sizeof(struct wpa_used_freq_data) * len);
9384
9385 dl_list_for_each(ifs, &wpa_s->radio->ifaces, struct wpa_supplicant,
9386 radio_list) {
9387 if (idx == len)
9388 break;
9389
9390 if (exclude_current && ifs == wpa_s)
9391 continue;
9392
9393 if (ifs->current_ssid == NULL || ifs->assoc_freq == 0)
9394 continue;
9395
9396 if (ifs->current_ssid->mode == WPAS_MODE_AP ||
9397 ifs->current_ssid->mode == WPAS_MODE_P2P_GO ||
9398 ifs->current_ssid->mode == WPAS_MODE_MESH)
9399 freq = ifs->current_ssid->frequency;
9400 else if (wpa_drv_get_bssid(ifs, bssid) == 0)
9401 freq = ifs->assoc_freq;
9402 else
9403 continue;
9404
9405 /* Hold only distinct freqs */
9406 for (i = 0; i < idx; i++)
9407 if (freqs_data[i].freq == freq)
9408 break;
9409
9410 if (i == idx)
9411 freqs_data[idx++].freq = freq;
9412
9413 if (ifs->current_ssid->mode == WPAS_MODE_INFRA) {
9414 freqs_data[i].flags |= ifs->current_ssid->p2p_group ?
9415 WPA_FREQ_USED_BY_P2P_CLIENT :
9416 WPA_FREQ_USED_BY_INFRA_STATION;
9417 }
9418 }
9419
9420 dump_freq_data(wpa_s, "completed iteration", freqs_data, idx);
9421 return idx;
9422 }
9423
9424
9425 /*
9426 * Find the operating frequencies of any of the virtual interfaces that
9427 * are using the same radio as the current interface.
9428 */
get_shared_radio_freqs(struct wpa_supplicant * wpa_s,int * freq_array,unsigned int len,bool exclude_current)9429 int get_shared_radio_freqs(struct wpa_supplicant *wpa_s,
9430 int *freq_array, unsigned int len,
9431 bool exclude_current)
9432 {
9433 struct wpa_used_freq_data *freqs_data;
9434 int num, i;
9435
9436 os_memset(freq_array, 0, sizeof(int) * len);
9437
9438 freqs_data = os_calloc(len, sizeof(struct wpa_used_freq_data));
9439 if (!freqs_data)
9440 return -1;
9441
9442 num = get_shared_radio_freqs_data(wpa_s, freqs_data, len,
9443 exclude_current);
9444 for (i = 0; i < num; i++)
9445 freq_array[i] = freqs_data[i].freq;
9446
9447 os_free(freqs_data);
9448
9449 return num;
9450 }
9451
9452
9453 struct wpa_supplicant *
wpas_vendor_elem(struct wpa_supplicant * wpa_s,enum wpa_vendor_elem_frame frame)9454 wpas_vendor_elem(struct wpa_supplicant *wpa_s, enum wpa_vendor_elem_frame frame)
9455 {
9456 switch (frame) {
9457 #ifdef CONFIG_P2P
9458 case VENDOR_ELEM_PROBE_REQ_P2P:
9459 case VENDOR_ELEM_PROBE_RESP_P2P:
9460 case VENDOR_ELEM_PROBE_RESP_P2P_GO:
9461 case VENDOR_ELEM_BEACON_P2P_GO:
9462 case VENDOR_ELEM_P2P_PD_REQ:
9463 case VENDOR_ELEM_P2P_PD_RESP:
9464 case VENDOR_ELEM_P2P_GO_NEG_REQ:
9465 case VENDOR_ELEM_P2P_GO_NEG_RESP:
9466 case VENDOR_ELEM_P2P_GO_NEG_CONF:
9467 case VENDOR_ELEM_P2P_INV_REQ:
9468 case VENDOR_ELEM_P2P_INV_RESP:
9469 case VENDOR_ELEM_P2P_ASSOC_REQ:
9470 case VENDOR_ELEM_P2P_ASSOC_RESP:
9471 return wpa_s->p2pdev;
9472 #endif /* CONFIG_P2P */
9473 default:
9474 return wpa_s;
9475 }
9476 }
9477
9478
wpas_vendor_elem_update(struct wpa_supplicant * wpa_s)9479 void wpas_vendor_elem_update(struct wpa_supplicant *wpa_s)
9480 {
9481 unsigned int i;
9482 char buf[30];
9483
9484 wpa_printf(MSG_DEBUG, "Update vendor elements");
9485
9486 for (i = 0; i < NUM_VENDOR_ELEM_FRAMES; i++) {
9487 if (wpa_s->vendor_elem[i]) {
9488 int res;
9489
9490 res = os_snprintf(buf, sizeof(buf), "frame[%u]", i);
9491 if (!os_snprintf_error(sizeof(buf), res)) {
9492 wpa_hexdump_buf(MSG_DEBUG, buf,
9493 wpa_s->vendor_elem[i]);
9494 }
9495 }
9496 }
9497
9498 #ifdef CONFIG_P2P
9499 if (wpa_s->parent == wpa_s &&
9500 wpa_s->global->p2p &&
9501 !wpa_s->global->p2p_disabled)
9502 p2p_set_vendor_elems(wpa_s->global->p2p, wpa_s->vendor_elem);
9503 #endif /* CONFIG_P2P */
9504 }
9505
9506
wpas_vendor_elem_remove(struct wpa_supplicant * wpa_s,int frame,const u8 * elem,size_t len)9507 int wpas_vendor_elem_remove(struct wpa_supplicant *wpa_s, int frame,
9508 const u8 *elem, size_t len)
9509 {
9510 u8 *ie, *end;
9511
9512 ie = wpabuf_mhead_u8(wpa_s->vendor_elem[frame]);
9513 end = ie + wpabuf_len(wpa_s->vendor_elem[frame]);
9514
9515 for (; ie + 1 < end; ie += 2 + ie[1]) {
9516 if (ie + len > end)
9517 break;
9518 if (os_memcmp(ie, elem, len) != 0)
9519 continue;
9520
9521 if (wpabuf_len(wpa_s->vendor_elem[frame]) == len) {
9522 wpabuf_free(wpa_s->vendor_elem[frame]);
9523 wpa_s->vendor_elem[frame] = NULL;
9524 } else {
9525 os_memmove(ie, ie + len, end - (ie + len));
9526 wpa_s->vendor_elem[frame]->used -= len;
9527 }
9528 wpas_vendor_elem_update(wpa_s);
9529 return 0;
9530 }
9531
9532 return -1;
9533 }
9534
9535
get_mode(struct hostapd_hw_modes * modes,u16 num_modes,enum hostapd_hw_mode mode,bool is_6ghz)9536 struct hostapd_hw_modes * get_mode(struct hostapd_hw_modes *modes,
9537 u16 num_modes, enum hostapd_hw_mode mode,
9538 bool is_6ghz)
9539 {
9540 u16 i;
9541
9542 if (!modes)
9543 return NULL;
9544
9545 for (i = 0; i < num_modes; i++) {
9546 if (modes[i].mode != mode ||
9547 !modes[i].num_channels || !modes[i].channels)
9548 continue;
9549 if (is_6ghz == modes[i].is_6ghz)
9550 return &modes[i];
9551 }
9552
9553 return NULL;
9554 }
9555
9556
get_mode_with_freq(struct hostapd_hw_modes * modes,u16 num_modes,int freq)9557 struct hostapd_hw_modes * get_mode_with_freq(struct hostapd_hw_modes *modes,
9558 u16 num_modes, int freq)
9559 {
9560 int i, j;
9561
9562 for (i = 0; i < num_modes; i++) {
9563 for (j = 0; j < modes[i].num_channels; j++) {
9564 if (freq == modes[i].channels[j].freq)
9565 return &modes[i];
9566 }
9567 }
9568
9569 return NULL;
9570 }
9571
9572
9573 static struct
wpas_get_disallowed_bss(struct wpa_supplicant * wpa_s,const u8 * bssid)9574 wpa_bss_tmp_disallowed * wpas_get_disallowed_bss(struct wpa_supplicant *wpa_s,
9575 const u8 *bssid)
9576 {
9577 struct wpa_bss_tmp_disallowed *bss;
9578
9579 dl_list_for_each(bss, &wpa_s->bss_tmp_disallowed,
9580 struct wpa_bss_tmp_disallowed, list) {
9581 if (ether_addr_equal(bssid, bss->bssid))
9582 return bss;
9583 }
9584
9585 return NULL;
9586 }
9587
9588
wpa_set_driver_tmp_disallow_list(struct wpa_supplicant * wpa_s)9589 static int wpa_set_driver_tmp_disallow_list(struct wpa_supplicant *wpa_s)
9590 {
9591 struct wpa_bss_tmp_disallowed *tmp;
9592 unsigned int num_bssid = 0;
9593 u8 *bssids;
9594 int ret;
9595
9596 bssids = os_malloc(dl_list_len(&wpa_s->bss_tmp_disallowed) * ETH_ALEN);
9597 if (!bssids)
9598 return -1;
9599 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
9600 struct wpa_bss_tmp_disallowed, list) {
9601 os_memcpy(&bssids[num_bssid * ETH_ALEN], tmp->bssid,
9602 ETH_ALEN);
9603 num_bssid++;
9604 }
9605 ret = wpa_drv_set_bssid_tmp_disallow(wpa_s, num_bssid, bssids);
9606 os_free(bssids);
9607 return ret;
9608 }
9609
9610
wpa_bss_tmp_disallow_timeout(void * eloop_ctx,void * timeout_ctx)9611 static void wpa_bss_tmp_disallow_timeout(void *eloop_ctx, void *timeout_ctx)
9612 {
9613 struct wpa_supplicant *wpa_s = eloop_ctx;
9614 struct wpa_bss_tmp_disallowed *tmp, *bss = timeout_ctx;
9615
9616 /* Make sure the bss is not already freed */
9617 dl_list_for_each(tmp, &wpa_s->bss_tmp_disallowed,
9618 struct wpa_bss_tmp_disallowed, list) {
9619 if (bss == tmp) {
9620 remove_bss_tmp_disallowed_entry(wpa_s, tmp);
9621 wpa_set_driver_tmp_disallow_list(wpa_s);
9622 break;
9623 }
9624 }
9625 }
9626
9627
wpa_bss_tmp_disallow(struct wpa_supplicant * wpa_s,const u8 * bssid,unsigned int sec,int rssi_threshold)9628 void wpa_bss_tmp_disallow(struct wpa_supplicant *wpa_s, const u8 *bssid,
9629 unsigned int sec, int rssi_threshold)
9630 {
9631 struct wpa_bss_tmp_disallowed *bss;
9632
9633 bss = wpas_get_disallowed_bss(wpa_s, bssid);
9634 if (bss) {
9635 eloop_cancel_timeout(wpa_bss_tmp_disallow_timeout, wpa_s, bss);
9636 goto finish;
9637 }
9638
9639 bss = os_malloc(sizeof(*bss));
9640 if (!bss) {
9641 wpa_printf(MSG_DEBUG,
9642 "Failed to allocate memory for temp disallow BSS");
9643 return;
9644 }
9645
9646 os_memcpy(bss->bssid, bssid, ETH_ALEN);
9647 dl_list_add(&wpa_s->bss_tmp_disallowed, &bss->list);
9648 wpa_set_driver_tmp_disallow_list(wpa_s);
9649
9650 finish:
9651 bss->rssi_threshold = rssi_threshold;
9652 eloop_register_timeout(sec, 0, wpa_bss_tmp_disallow_timeout,
9653 wpa_s, bss);
9654 }
9655
9656
wpa_is_bss_tmp_disallowed(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9657 int wpa_is_bss_tmp_disallowed(struct wpa_supplicant *wpa_s,
9658 struct wpa_bss *bss)
9659 {
9660 struct wpa_bss_tmp_disallowed *disallowed = NULL, *tmp, *prev;
9661
9662 dl_list_for_each_safe(tmp, prev, &wpa_s->bss_tmp_disallowed,
9663 struct wpa_bss_tmp_disallowed, list) {
9664 if (ether_addr_equal(bss->bssid, tmp->bssid)) {
9665 disallowed = tmp;
9666 break;
9667 }
9668 }
9669 if (!disallowed)
9670 return 0;
9671
9672 if (disallowed->rssi_threshold != 0 &&
9673 bss->level > disallowed->rssi_threshold) {
9674 remove_bss_tmp_disallowed_entry(wpa_s, disallowed);
9675 wpa_set_driver_tmp_disallow_list(wpa_s);
9676 return 0;
9677 }
9678
9679 return 1;
9680 }
9681
9682
wpas_enable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type,const u8 * addr,const u8 * mask)9683 int wpas_enable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
9684 unsigned int type, const u8 *addr,
9685 const u8 *mask)
9686 {
9687 if ((addr && !mask) || (!addr && mask)) {
9688 wpa_printf(MSG_INFO,
9689 "MAC_ADDR_RAND_SCAN invalid addr/mask combination");
9690 return -1;
9691 }
9692
9693 if (addr && mask && (!(mask[0] & 0x01) || (addr[0] & 0x01))) {
9694 wpa_printf(MSG_INFO,
9695 "MAC_ADDR_RAND_SCAN cannot allow multicast address");
9696 return -1;
9697 }
9698
9699 if (type & MAC_ADDR_RAND_SCAN) {
9700 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCAN,
9701 addr, mask))
9702 return -1;
9703 }
9704
9705 if (type & MAC_ADDR_RAND_SCHED_SCAN) {
9706 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_SCHED_SCAN,
9707 addr, mask))
9708 return -1;
9709
9710 if (wpa_s->sched_scanning && !wpa_s->pno)
9711 wpas_scan_restart_sched_scan(wpa_s);
9712 }
9713
9714 if (type & MAC_ADDR_RAND_PNO) {
9715 if (wpas_mac_addr_rand_scan_set(wpa_s, MAC_ADDR_RAND_PNO,
9716 addr, mask))
9717 return -1;
9718
9719 if (wpa_s->pno) {
9720 wpas_stop_pno(wpa_s);
9721 wpas_start_pno(wpa_s);
9722 }
9723 }
9724
9725 return 0;
9726 }
9727
9728
wpas_disable_mac_addr_randomization(struct wpa_supplicant * wpa_s,unsigned int type)9729 int wpas_disable_mac_addr_randomization(struct wpa_supplicant *wpa_s,
9730 unsigned int type)
9731 {
9732 wpas_mac_addr_rand_scan_clear(wpa_s, type);
9733 if (wpa_s->pno) {
9734 if (type & MAC_ADDR_RAND_PNO) {
9735 wpas_stop_pno(wpa_s);
9736 wpas_start_pno(wpa_s);
9737 }
9738 } else if (wpa_s->sched_scanning && (type & MAC_ADDR_RAND_SCHED_SCAN)) {
9739 wpas_scan_restart_sched_scan(wpa_s);
9740 }
9741
9742 return 0;
9743 }
9744
9745
wpa_drv_signal_poll(struct wpa_supplicant * wpa_s,struct wpa_signal_info * si)9746 int wpa_drv_signal_poll(struct wpa_supplicant *wpa_s,
9747 struct wpa_signal_info *si)
9748 {
9749 int res;
9750
9751 if (!wpa_s->driver->signal_poll)
9752 return -1;
9753
9754 res = wpa_s->driver->signal_poll(wpa_s->drv_priv, si);
9755
9756 #ifdef CONFIG_TESTING_OPTIONS
9757 if (res == 0) {
9758 struct driver_signal_override *dso;
9759
9760 dl_list_for_each(dso, &wpa_s->drv_signal_override,
9761 struct driver_signal_override, list) {
9762 if (!ether_addr_equal(wpa_s->bssid, dso->bssid))
9763 continue;
9764 wpa_printf(MSG_DEBUG,
9765 "Override driver signal_poll information: current_signal: %d->%d avg_signal: %d->%d avg_beacon_signal: %d->%d current_noise: %d->%d",
9766 si->data.signal,
9767 dso->si_current_signal,
9768 si->data.avg_signal,
9769 dso->si_avg_signal,
9770 si->data.avg_beacon_signal,
9771 dso->si_avg_beacon_signal,
9772 si->current_noise,
9773 dso->si_current_noise);
9774 si->data.signal = dso->si_current_signal;
9775 si->data.avg_signal = dso->si_avg_signal;
9776 si->data.avg_beacon_signal = dso->si_avg_beacon_signal;
9777 si->current_noise = dso->si_current_noise;
9778 break;
9779 }
9780 }
9781 #endif /* CONFIG_TESTING_OPTIONS */
9782
9783 return res;
9784 }
9785
9786
9787 struct wpa_scan_results *
wpa_drv_get_scan_results(struct wpa_supplicant * wpa_s,const u8 * bssid)9788 wpa_drv_get_scan_results(struct wpa_supplicant *wpa_s, const u8 *bssid)
9789 {
9790 struct wpa_scan_results *scan_res;
9791 #ifdef CONFIG_TESTING_OPTIONS
9792 size_t idx;
9793 #endif /* CONFIG_TESTING_OPTIONS */
9794
9795 if (wpa_s->driver->get_scan_results)
9796 scan_res = wpa_s->driver->get_scan_results(wpa_s->drv_priv,
9797 bssid);
9798 else if (wpa_s->driver->get_scan_results2)
9799 scan_res = wpa_s->driver->get_scan_results2(wpa_s->drv_priv);
9800 else
9801 return NULL;
9802
9803
9804 #ifdef CONFIG_TESTING_OPTIONS
9805 for (idx = 0; scan_res && idx < scan_res->num; idx++) {
9806 struct driver_signal_override *dso;
9807 struct wpa_scan_res *res = scan_res->res[idx];
9808
9809 dl_list_for_each(dso, &wpa_s->drv_signal_override,
9810 struct driver_signal_override, list) {
9811 if (!ether_addr_equal(res->bssid, dso->bssid))
9812 continue;
9813 wpa_printf(MSG_DEBUG,
9814 "Override driver scan signal level %d->%d for "
9815 MACSTR,
9816 res->level, dso->scan_level,
9817 MAC2STR(res->bssid));
9818 res->flags |= WPA_SCAN_QUAL_INVALID;
9819 if (dso->scan_level < 0)
9820 res->flags |= WPA_SCAN_LEVEL_DBM;
9821 else
9822 res->flags &= ~WPA_SCAN_LEVEL_DBM;
9823 res->level = dso->scan_level;
9824 break;
9825 }
9826 }
9827 #endif /* CONFIG_TESTING_OPTIONS */
9828
9829 return scan_res;
9830 }
9831
9832
wpas_ap_link_address(struct wpa_supplicant * wpa_s,const u8 * addr)9833 bool wpas_ap_link_address(struct wpa_supplicant *wpa_s, const u8 *addr)
9834 {
9835 int i;
9836
9837 if (!wpa_s->valid_links)
9838 return false;
9839
9840 for_each_link(wpa_s->valid_links, i) {
9841 if (ether_addr_equal(wpa_s->links[i].bssid, addr))
9842 return true;
9843 }
9844
9845 return false;
9846 }
9847
9848
wpa_drv_send_action(struct wpa_supplicant * wpa_s,unsigned int freq,unsigned int wait,const u8 * dst,const u8 * src,const u8 * bssid,const u8 * data,size_t data_len,int no_cck)9849 int wpa_drv_send_action(struct wpa_supplicant *wpa_s, unsigned int freq,
9850 unsigned int wait, const u8 *dst, const u8 *src,
9851 const u8 *bssid, const u8 *data, size_t data_len,
9852 int no_cck)
9853 {
9854 if (!wpa_s->driver->send_action)
9855 return -1;
9856
9857 if (data_len > 0 && data[0] != WLAN_ACTION_PUBLIC) {
9858 if (wpas_ap_link_address(wpa_s, dst))
9859 dst = wpa_s->ap_mld_addr;
9860
9861 if (wpas_ap_link_address(wpa_s, bssid))
9862 bssid = wpa_s->ap_mld_addr;
9863 }
9864
9865 return wpa_s->driver->send_action(wpa_s->drv_priv, freq, wait, dst, src,
9866 bssid, data, data_len, no_cck, -1);
9867 }
9868
9869
wpas_is_6ghz_supported(struct wpa_supplicant * wpa_s,bool only_enabled)9870 bool wpas_is_6ghz_supported(struct wpa_supplicant *wpa_s, bool only_enabled)
9871 {
9872 struct hostapd_channel_data *chnl;
9873 int i, j;
9874
9875 for (i = 0; i < wpa_s->hw.num_modes; i++) {
9876 if (wpa_s->hw.modes[i].mode == HOSTAPD_MODE_IEEE80211A) {
9877 chnl = wpa_s->hw.modes[i].channels;
9878 for (j = 0; j < wpa_s->hw.modes[i].num_channels; j++) {
9879 if (only_enabled &&
9880 (chnl[j].flag & HOSTAPD_CHAN_DISABLED))
9881 continue;
9882 if (is_6ghz_freq(chnl[j].freq))
9883 return true;
9884 }
9885 }
9886 }
9887
9888 return false;
9889 }
9890
9891
wpas_ap_supports_rsn_overriding(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9892 bool wpas_ap_supports_rsn_overriding(struct wpa_supplicant *wpa_s,
9893 struct wpa_bss *bss)
9894 {
9895 int i;
9896
9897 if (!bss)
9898 return false;
9899 if (wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_IE_VENDOR_TYPE) ||
9900 wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
9901 return true;
9902
9903 if (!wpa_s->valid_links)
9904 return false;
9905
9906 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
9907 if (!(wpa_s->valid_links & BIT(i)))
9908 continue;
9909 if (wpa_s->links[i].bss &&
9910 (wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
9911 RSNE_OVERRIDE_IE_VENDOR_TYPE) ||
9912 wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
9913 RSNE_OVERRIDE_2_IE_VENDOR_TYPE)))
9914 return true;
9915 }
9916
9917 return false;
9918 }
9919
9920
wpas_ap_supports_rsn_overriding_2(struct wpa_supplicant * wpa_s,struct wpa_bss * bss)9921 bool wpas_ap_supports_rsn_overriding_2(struct wpa_supplicant *wpa_s,
9922 struct wpa_bss *bss)
9923 {
9924 int i;
9925
9926 if (!bss)
9927 return false;
9928 if (wpa_bss_get_vendor_ie(bss, RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
9929 return true;
9930
9931 if (!wpa_s->valid_links)
9932 return false;
9933
9934 for (i = 0; i < MAX_NUM_MLD_LINKS; i++) {
9935 if (!(wpa_s->valid_links & BIT(i)))
9936 continue;
9937 if (wpa_s->links[i].bss &&
9938 wpa_bss_get_vendor_ie(wpa_s->links[i].bss,
9939 RSNE_OVERRIDE_2_IE_VENDOR_TYPE))
9940 return true;
9941 }
9942
9943 return false;
9944 }
9945
9946
wpas_get_owe_trans_network(const u8 * owe_ie,const u8 ** bssid,const u8 ** ssid,size_t * ssid_len)9947 int wpas_get_owe_trans_network(const u8 *owe_ie, const u8 **bssid,
9948 const u8 **ssid, size_t *ssid_len)
9949 {
9950 #ifdef CONFIG_OWE
9951 const u8 *pos, *end;
9952 u8 ssid_len_tmp;
9953
9954 if (!owe_ie)
9955 return -1;
9956
9957 pos = owe_ie + 6;
9958 end = owe_ie + 2 + owe_ie[1];
9959
9960 if (end - pos < ETH_ALEN + 1)
9961 return -1;
9962 *bssid = pos;
9963 pos += ETH_ALEN;
9964 ssid_len_tmp = *pos++;
9965 if (end - pos < ssid_len_tmp || ssid_len_tmp > SSID_MAX_LEN)
9966 return -1;
9967
9968 *ssid = pos;
9969 *ssid_len = ssid_len_tmp;
9970
9971 return 0;
9972 #else /* CONFIG_OWE */
9973 return -1;
9974 #endif /* CONFIG_OWE */
9975 }
9976