diff options
Diffstat (limited to 'source/n/wpa_supplicant/patches/assoc-timeout.diff')
| -rw-r--r-- | source/n/wpa_supplicant/patches/assoc-timeout.diff | 3800 |
1 files changed, 0 insertions, 3800 deletions
diff --git a/source/n/wpa_supplicant/patches/assoc-timeout.diff b/source/n/wpa_supplicant/patches/assoc-timeout.diff index 5739705cb..8be4d2cdf 100644 --- a/source/n/wpa_supplicant/patches/assoc-timeout.diff +++ b/source/n/wpa_supplicant/patches/assoc-timeout.diff @@ -14,3803 +14,3 @@ diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c wpa_supplicant } wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); } -diff -Nur wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c.orig wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c.orig ---- wpa_supplicant-2.0.orig/wpa_supplicant/wpa_supplicant.c.orig 1969-12-31 18:00:00.000000000 -0600 -+++ wpa_supplicant-2.0/wpa_supplicant/wpa_supplicant.c.orig 2013-01-12 09:42:53.000000000 -0600 -@@ -0,0 +1,3796 @@ -+/* -+ * WPA Supplicant -+ * Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> -+ * -+ * This software may be distributed under the terms of the BSD license. -+ * See README for more details. -+ * -+ * This file implements functions for registering and unregistering -+ * %wpa_supplicant interfaces. In addition, this file contains number of -+ * functions for managing network connections. -+ */ -+ -+#include "includes.h" -+ -+#include "common.h" -+#include "crypto/random.h" -+#include "crypto/sha1.h" -+#include "eapol_supp/eapol_supp_sm.h" -+#include "eap_peer/eap.h" -+#include "eap_server/eap_methods.h" -+#include "rsn_supp/wpa.h" -+#include "eloop.h" -+#include "config.h" -+#include "utils/ext_password.h" -+#include "l2_packet/l2_packet.h" -+#include "wpa_supplicant_i.h" -+#include "driver_i.h" -+#include "ctrl_iface.h" -+#include "pcsc_funcs.h" -+#include "common/version.h" -+#include "rsn_supp/preauth.h" -+#include "rsn_supp/pmksa_cache.h" -+#include "common/wpa_ctrl.h" -+#include "common/ieee802_11_defs.h" -+#include "p2p/p2p.h" -+#include "blacklist.h" -+#include "wpas_glue.h" -+#include "wps_supplicant.h" -+#include "ibss_rsn.h" -+#include "sme.h" -+#include "gas_query.h" -+#include "ap.h" -+#include "p2p_supplicant.h" -+#include "wifi_display.h" -+#include "notify.h" -+#include "bgscan.h" -+#include "autoscan.h" -+#include "bss.h" -+#include "scan.h" -+#include "offchannel.h" -+#include "hs20_supplicant.h" -+ -+const char *wpa_supplicant_version = -+"wpa_supplicant v" VERSION_STR "\n" -+"Copyright (c) 2003-2012, Jouni Malinen <j@w1.fi> and contributors"; -+ -+const char *wpa_supplicant_license = -+"This software may be distributed under the terms of the BSD license.\n" -+"See README for more details.\n" -+#ifdef EAP_TLS_OPENSSL -+"\nThis product includes software developed by the OpenSSL Project\n" -+"for use in the OpenSSL Toolkit (http://www.openssl.org/)\n" -+#endif /* EAP_TLS_OPENSSL */ -+; -+ -+#ifndef CONFIG_NO_STDOUT_DEBUG -+/* Long text divided into parts in order to fit in C89 strings size limits. */ -+const char *wpa_supplicant_full_license1 = -+""; -+const char *wpa_supplicant_full_license2 = -+"This software may be distributed under the terms of the BSD license.\n" -+"\n" -+"Redistribution and use in source and binary forms, with or without\n" -+"modification, are permitted provided that the following conditions are\n" -+"met:\n" -+"\n"; -+const char *wpa_supplicant_full_license3 = -+"1. Redistributions of source code must retain the above copyright\n" -+" notice, this list of conditions and the following disclaimer.\n" -+"\n" -+"2. Redistributions in binary form must reproduce the above copyright\n" -+" notice, this list of conditions and the following disclaimer in the\n" -+" documentation and/or other materials provided with the distribution.\n" -+"\n"; -+const char *wpa_supplicant_full_license4 = -+"3. Neither the name(s) of the above-listed copyright holder(s) nor the\n" -+" names of its contributors may be used to endorse or promote products\n" -+" derived from this software without specific prior written permission.\n" -+"\n" -+"THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n" -+"\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n" -+"LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n" -+"A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"; -+const char *wpa_supplicant_full_license5 = -+"OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n" -+"SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n" -+"LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n" -+"DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n" -+"THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n" -+"(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n" -+"OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n" -+"\n"; -+#endif /* CONFIG_NO_STDOUT_DEBUG */ -+ -+extern int wpa_debug_level; -+extern int wpa_debug_show_keys; -+extern int wpa_debug_timestamp; -+extern struct wpa_driver_ops *wpa_drivers[]; -+ -+/* Configure default/group WEP keys for static WEP */ -+int wpa_set_wep_keys(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) -+{ -+ int i, set = 0; -+ -+ for (i = 0; i < NUM_WEP_KEYS; i++) { -+ if (ssid->wep_key_len[i] == 0) -+ continue; -+ -+ set = 1; -+ wpa_drv_set_key(wpa_s, WPA_ALG_WEP, NULL, -+ i, i == ssid->wep_tx_keyidx, NULL, 0, -+ ssid->wep_key[i], ssid->wep_key_len[i]); -+ } -+ -+ return set; -+} -+ -+ -+static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ u8 key[32]; -+ size_t keylen; -+ enum wpa_alg alg; -+ u8 seq[6] = { 0 }; -+ -+ /* IBSS/WPA-None uses only one key (Group) for both receiving and -+ * sending unicast and multicast packets. */ -+ -+ if (ssid->mode != WPAS_MODE_IBSS) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid mode %d (not " -+ "IBSS/ad-hoc) for WPA-None", ssid->mode); -+ return -1; -+ } -+ -+ if (!ssid->psk_set) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: No PSK configured for " -+ "WPA-None"); -+ return -1; -+ } -+ -+ switch (wpa_s->group_cipher) { -+ case WPA_CIPHER_CCMP: -+ os_memcpy(key, ssid->psk, 16); -+ keylen = 16; -+ alg = WPA_ALG_CCMP; -+ break; -+ case WPA_CIPHER_GCMP: -+ os_memcpy(key, ssid->psk, 16); -+ keylen = 16; -+ alg = WPA_ALG_GCMP; -+ break; -+ case WPA_CIPHER_TKIP: -+ /* WPA-None uses the same Michael MIC key for both TX and RX */ -+ os_memcpy(key, ssid->psk, 16 + 8); -+ os_memcpy(key + 16 + 8, ssid->psk + 16, 8); -+ keylen = 32; -+ alg = WPA_ALG_TKIP; -+ break; -+ default: -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Invalid group cipher %d for " -+ "WPA-None", wpa_s->group_cipher); -+ return -1; -+ } -+ -+ /* TODO: should actually remember the previously used seq#, both for TX -+ * and RX from each STA.. */ -+ -+ return wpa_drv_set_key(wpa_s, alg, NULL, 0, 1, seq, 6, key, keylen); -+} -+ -+ -+static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx) -+{ -+ struct wpa_supplicant *wpa_s = eloop_ctx; -+ const u8 *bssid = wpa_s->bssid; -+ if (is_zero_ether_addr(bssid)) -+ bssid = wpa_s->pending_bssid; -+ wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.", -+ MAC2STR(bssid)); -+ wpa_blacklist_add(wpa_s, bssid); -+ wpa_sm_notify_disassoc(wpa_s->wpa); -+ wpa_supplicant_deauthenticate(wpa_s, WLAN_REASON_DEAUTH_LEAVING); -+ wpa_s->reassociate = 1; -+ -+ /* -+ * If we timed out, the AP or the local radio may be busy. -+ * So, wait a second until scanning again. -+ */ -+ wpa_supplicant_req_scan(wpa_s, 1, 0); -+ -+#ifdef CONFIG_P2P -+ if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled && -+ wpa_s->global->p2p != NULL) { -+ wpa_s->global->p2p_cb_on_scan_complete = 0; -+ if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation " -+ "continued after timed out authentication"); -+ } -+ } -+#endif /* CONFIG_P2P */ -+} -+ -+ -+/** -+ * wpa_supplicant_req_auth_timeout - Schedule a timeout for authentication -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @sec: Number of seconds after which to time out authentication -+ * @usec: Number of microseconds after which to time out authentication -+ * -+ * This function is used to schedule a timeout for the current authentication -+ * attempt. -+ */ -+void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s, -+ int sec, int usec) -+{ -+ if (wpa_s->conf && wpa_s->conf->ap_scan == 0 && -+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) -+ return; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec " -+ "%d usec", sec, usec); -+ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); -+ eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL); -+} -+ -+ -+/** -+ * wpa_supplicant_cancel_auth_timeout - Cancel authentication timeout -+ * @wpa_s: Pointer to wpa_supplicant data -+ * -+ * This function is used to cancel authentication timeout scheduled with -+ * wpa_supplicant_req_auth_timeout() and it is called when authentication has -+ * been completed. -+ */ -+void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s) -+{ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout"); -+ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); -+ wpa_blacklist_del(wpa_s, wpa_s->bssid); -+} -+ -+ -+/** -+ * wpa_supplicant_initiate_eapol - Configure EAPOL state machine -+ * @wpa_s: Pointer to wpa_supplicant data -+ * -+ * This function is used to configure EAPOL state machine based on the selected -+ * authentication mode. -+ */ -+void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s) -+{ -+#ifdef IEEE8021X_EAPOL -+ struct eapol_config eapol_conf; -+ struct wpa_ssid *ssid = wpa_s->current_ssid; -+ -+#ifdef CONFIG_IBSS_RSN -+ if (ssid->mode == WPAS_MODE_IBSS && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { -+ /* -+ * RSN IBSS authentication is per-STA and we can disable the -+ * per-BSSID EAPOL authentication. -+ */ -+ eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); -+ eapol_sm_notify_eap_success(wpa_s->eapol, TRUE); -+ eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); -+ return; -+ } -+#endif /* CONFIG_IBSS_RSN */ -+ -+ eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); -+ eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE); -+ -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || -+ wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) -+ eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized); -+ else -+ eapol_sm_notify_portControl(wpa_s->eapol, Auto); -+ -+ os_memset(&eapol_conf, 0, sizeof(eapol_conf)); -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ eapol_conf.accept_802_1x_keys = 1; -+ eapol_conf.required_keys = 0; -+ if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) { -+ eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST; -+ } -+ if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) { -+ eapol_conf.required_keys |= -+ EAPOL_REQUIRE_KEY_BROADCAST; -+ } -+ -+ if (wpa_s->conf && (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED)) -+ eapol_conf.required_keys = 0; -+ } -+ if (wpa_s->conf) -+ eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; -+ eapol_conf.workaround = ssid->eap_workaround; -+ eapol_conf.eap_disabled = -+ !wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_WPS; -+ eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); -+#endif /* IEEE8021X_EAPOL */ -+} -+ -+ -+/** -+ * wpa_supplicant_set_non_wpa_policy - Set WPA parameters to non-WPA mode -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @ssid: Configuration data for the network -+ * -+ * This function is used to configure WPA state machine and related parameters -+ * to a mode where WPA is not enabled. This is called as part of the -+ * authentication configuration when the selected network does not use WPA. -+ */ -+void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ int i; -+ -+ if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) -+ wpa_s->key_mgmt = WPA_KEY_MGMT_WPS; -+ else if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) -+ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA; -+ else -+ wpa_s->key_mgmt = WPA_KEY_MGMT_NONE; -+ wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0); -+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0); -+ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); -+ wpa_s->pairwise_cipher = WPA_CIPHER_NONE; -+ wpa_s->group_cipher = WPA_CIPHER_NONE; -+ wpa_s->mgmt_group_cipher = 0; -+ -+ for (i = 0; i < NUM_WEP_KEYS; i++) { -+ if (ssid->wep_key_len[i] > 5) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_WEP104; -+ wpa_s->group_cipher = WPA_CIPHER_WEP104; -+ break; -+ } else if (ssid->wep_key_len[i] > 0) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_WEP40; -+ wpa_s->group_cipher = WPA_CIPHER_WEP40; -+ break; -+ } -+ } -+ -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, 0); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, -+ wpa_s->pairwise_cipher); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); -+#ifdef CONFIG_IEEE80211W -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, -+ wpa_s->mgmt_group_cipher); -+#endif /* CONFIG_IEEE80211W */ -+ -+ pmksa_cache_clear_current(wpa_s->wpa); -+} -+ -+ -+void free_hw_features(struct wpa_supplicant *wpa_s) -+{ -+ int i; -+ if (wpa_s->hw.modes == NULL) -+ return; -+ -+ for (i = 0; i < wpa_s->hw.num_modes; i++) { -+ os_free(wpa_s->hw.modes[i].channels); -+ os_free(wpa_s->hw.modes[i].rates); -+ } -+ -+ os_free(wpa_s->hw.modes); -+ wpa_s->hw.modes = NULL; -+} -+ -+ -+static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s) -+{ -+ bgscan_deinit(wpa_s); -+ autoscan_deinit(wpa_s); -+ scard_deinit(wpa_s->scard); -+ wpa_s->scard = NULL; -+ wpa_sm_set_scard_ctx(wpa_s->wpa, NULL); -+ eapol_sm_register_scard_ctx(wpa_s->eapol, NULL); -+ l2_packet_deinit(wpa_s->l2); -+ wpa_s->l2 = NULL; -+ if (wpa_s->l2_br) { -+ l2_packet_deinit(wpa_s->l2_br); -+ wpa_s->l2_br = NULL; -+ } -+ -+ if (wpa_s->conf != NULL) { -+ struct wpa_ssid *ssid; -+ for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) -+ wpas_notify_network_removed(wpa_s, ssid); -+ } -+ -+ os_free(wpa_s->confname); -+ wpa_s->confname = NULL; -+ -+ wpa_sm_set_eapol(wpa_s->wpa, NULL); -+ eapol_sm_deinit(wpa_s->eapol); -+ wpa_s->eapol = NULL; -+ -+ rsn_preauth_deinit(wpa_s->wpa); -+ -+#ifdef CONFIG_TDLS -+ wpa_tdls_deinit(wpa_s->wpa); -+#endif /* CONFIG_TDLS */ -+ -+ pmksa_candidate_free(wpa_s->wpa); -+ wpa_sm_deinit(wpa_s->wpa); -+ wpa_s->wpa = NULL; -+ wpa_blacklist_clear(wpa_s); -+ -+ wpa_bss_deinit(wpa_s); -+ -+ wpa_supplicant_cancel_scan(wpa_s); -+ wpa_supplicant_cancel_auth_timeout(wpa_s); -+ eloop_cancel_timeout(wpa_supplicant_stop_countermeasures, wpa_s, NULL); -+#ifdef CONFIG_DELAYED_MIC_ERROR_REPORT -+ eloop_cancel_timeout(wpa_supplicant_delayed_mic_error_report, -+ wpa_s, NULL); -+#endif /* CONFIG_DELAYED_MIC_ERROR_REPORT */ -+ -+ wpas_wps_deinit(wpa_s); -+ -+ wpabuf_free(wpa_s->pending_eapol_rx); -+ wpa_s->pending_eapol_rx = NULL; -+ -+#ifdef CONFIG_IBSS_RSN -+ ibss_rsn_deinit(wpa_s->ibss_rsn); -+ wpa_s->ibss_rsn = NULL; -+#endif /* CONFIG_IBSS_RSN */ -+ -+ sme_deinit(wpa_s); -+ -+#ifdef CONFIG_AP -+ wpa_supplicant_ap_deinit(wpa_s); -+#endif /* CONFIG_AP */ -+ -+#ifdef CONFIG_P2P -+ wpas_p2p_deinit(wpa_s); -+#endif /* CONFIG_P2P */ -+ -+#ifdef CONFIG_OFFCHANNEL -+ offchannel_deinit(wpa_s); -+#endif /* CONFIG_OFFCHANNEL */ -+ -+ wpa_supplicant_cancel_sched_scan(wpa_s); -+ -+ os_free(wpa_s->next_scan_freqs); -+ wpa_s->next_scan_freqs = NULL; -+ -+ gas_query_deinit(wpa_s->gas); -+ wpa_s->gas = NULL; -+ -+ free_hw_features(wpa_s); -+ -+ os_free(wpa_s->bssid_filter); -+ wpa_s->bssid_filter = NULL; -+ -+ os_free(wpa_s->disallow_aps_bssid); -+ wpa_s->disallow_aps_bssid = NULL; -+ os_free(wpa_s->disallow_aps_ssid); -+ wpa_s->disallow_aps_ssid = NULL; -+ -+ wnm_bss_keep_alive_deinit(wpa_s); -+ -+ ext_password_deinit(wpa_s->ext_pw); -+ wpa_s->ext_pw = NULL; -+ -+ wpabuf_free(wpa_s->last_gas_resp); -+ -+ os_free(wpa_s->last_scan_res); -+ wpa_s->last_scan_res = NULL; -+} -+ -+ -+/** -+ * wpa_clear_keys - Clear keys configured for the driver -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @addr: Previously used BSSID or %NULL if not available -+ * -+ * This function clears the encryption keys that has been previously configured -+ * for the driver. -+ */ -+void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr) -+{ -+ if (wpa_s->keys_cleared) { -+ /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have -+ * timing issues with keys being cleared just before new keys -+ * are set or just after association or something similar. This -+ * shows up in group key handshake failing often because of the -+ * client not receiving the first encrypted packets correctly. -+ * Skipping some of the extra key clearing steps seems to help -+ * in completing group key handshake more reliably. */ -+ wpa_dbg(wpa_s, MSG_DEBUG, "No keys have been configured - " -+ "skip key clearing"); -+ return; -+ } -+ -+ /* MLME-DELETEKEYS.request */ -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 0, 0, NULL, 0, NULL, 0); -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 1, 0, NULL, 0, NULL, 0); -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 2, 0, NULL, 0, NULL, 0); -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 3, 0, NULL, 0, NULL, 0); -+#ifdef CONFIG_IEEE80211W -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 4, 0, NULL, 0, NULL, 0); -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, NULL, 5, 0, NULL, 0, NULL, 0); -+#endif /* CONFIG_IEEE80211W */ -+ if (addr) { -+ wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL, -+ 0); -+ /* MLME-SETPROTECTION.request(None) */ -+ wpa_drv_mlme_setprotection( -+ wpa_s, addr, -+ MLME_SETPROTECTION_PROTECT_TYPE_NONE, -+ MLME_SETPROTECTION_KEY_TYPE_PAIRWISE); -+ } -+ wpa_s->keys_cleared = 1; -+} -+ -+ -+/** -+ * wpa_supplicant_state_txt - Get the connection state name as a text string -+ * @state: State (wpa_state; WPA_*) -+ * Returns: The state name as a printable text string -+ */ -+const char * wpa_supplicant_state_txt(enum wpa_states state) -+{ -+ switch (state) { -+ case WPA_DISCONNECTED: -+ return "DISCONNECTED"; -+ case WPA_INACTIVE: -+ return "INACTIVE"; -+ case WPA_INTERFACE_DISABLED: -+ return "INTERFACE_DISABLED"; -+ case WPA_SCANNING: -+ return "SCANNING"; -+ case WPA_AUTHENTICATING: -+ return "AUTHENTICATING"; -+ case WPA_ASSOCIATING: -+ return "ASSOCIATING"; -+ case WPA_ASSOCIATED: -+ return "ASSOCIATED"; -+ case WPA_4WAY_HANDSHAKE: -+ return "4WAY_HANDSHAKE"; -+ case WPA_GROUP_HANDSHAKE: -+ return "GROUP_HANDSHAKE"; -+ case WPA_COMPLETED: -+ return "COMPLETED"; -+ default: -+ return "UNKNOWN"; -+ } -+} -+ -+ -+#ifdef CONFIG_BGSCAN -+ -+static void wpa_supplicant_start_bgscan(struct wpa_supplicant *wpa_s) -+{ -+ if (wpas_driver_bss_selection(wpa_s)) -+ return; -+ if (wpa_s->current_ssid == wpa_s->bgscan_ssid) -+ return; -+ -+ bgscan_deinit(wpa_s); -+ if (wpa_s->current_ssid && wpa_s->current_ssid->bgscan) { -+ if (bgscan_init(wpa_s, wpa_s->current_ssid)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " -+ "bgscan"); -+ /* -+ * Live without bgscan; it is only used as a roaming -+ * optimization, so the initial connection is not -+ * affected. -+ */ -+ } else { -+ struct wpa_scan_results *scan_res; -+ wpa_s->bgscan_ssid = wpa_s->current_ssid; -+ scan_res = wpa_supplicant_get_scan_results(wpa_s, NULL, -+ 0); -+ if (scan_res) { -+ bgscan_notify_scan(wpa_s, scan_res); -+ wpa_scan_results_free(scan_res); -+ } -+ } -+ } else -+ wpa_s->bgscan_ssid = NULL; -+} -+ -+ -+static void wpa_supplicant_stop_bgscan(struct wpa_supplicant *wpa_s) -+{ -+ if (wpa_s->bgscan_ssid != NULL) { -+ bgscan_deinit(wpa_s); -+ wpa_s->bgscan_ssid = NULL; -+ } -+} -+ -+#endif /* CONFIG_BGSCAN */ -+ -+ -+static void wpa_supplicant_start_autoscan(struct wpa_supplicant *wpa_s) -+{ -+ if (autoscan_init(wpa_s, 0)) -+ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize autoscan"); -+} -+ -+ -+static void wpa_supplicant_stop_autoscan(struct wpa_supplicant *wpa_s) -+{ -+ autoscan_deinit(wpa_s); -+} -+ -+ -+void wpa_supplicant_reinit_autoscan(struct wpa_supplicant *wpa_s) -+{ -+ if (wpa_s->wpa_state == WPA_DISCONNECTED || -+ wpa_s->wpa_state == WPA_SCANNING) { -+ autoscan_deinit(wpa_s); -+ wpa_supplicant_start_autoscan(wpa_s); -+ } -+} -+ -+ -+/** -+ * wpa_supplicant_set_state - Set current connection state -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @state: The new connection state -+ * -+ * This function is called whenever the connection state changes, e.g., -+ * association is completed for WPA/WPA2 4-Way Handshake is started. -+ */ -+void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, -+ enum wpa_states state) -+{ -+ enum wpa_states old_state = wpa_s->wpa_state; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "State: %s -> %s", -+ wpa_supplicant_state_txt(wpa_s->wpa_state), -+ wpa_supplicant_state_txt(state)); -+ -+ if (state != WPA_SCANNING) -+ wpa_supplicant_notify_scanning(wpa_s, 0); -+ -+ if (state == WPA_COMPLETED && wpa_s->new_connection) { -+#if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) -+ struct wpa_ssid *ssid = wpa_s->current_ssid; -+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to " -+ MACSTR " completed [id=%d id_str=%s]", -+ MAC2STR(wpa_s->bssid), -+ ssid ? ssid->id : -1, -+ ssid && ssid->id_str ? ssid->id_str : ""); -+#endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ -+ wpas_clear_temp_disabled(wpa_s, ssid, 1); -+ wpa_s->extra_blacklist_count = 0; -+ wpa_s->new_connection = 0; -+ wpa_drv_set_operstate(wpa_s, 1); -+#ifndef IEEE8021X_EAPOL -+ wpa_drv_set_supp_port(wpa_s, 1); -+#endif /* IEEE8021X_EAPOL */ -+ wpa_s->after_wps = 0; -+#ifdef CONFIG_P2P -+ wpas_p2p_completed(wpa_s); -+#endif /* CONFIG_P2P */ -+ -+ sme_sched_obss_scan(wpa_s, 1); -+ } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING || -+ state == WPA_ASSOCIATED) { -+ wpa_s->new_connection = 1; -+ wpa_drv_set_operstate(wpa_s, 0); -+#ifndef IEEE8021X_EAPOL -+ wpa_drv_set_supp_port(wpa_s, 0); -+#endif /* IEEE8021X_EAPOL */ -+ sme_sched_obss_scan(wpa_s, 0); -+ } -+ wpa_s->wpa_state = state; -+ -+#ifdef CONFIG_BGSCAN -+ if (state == WPA_COMPLETED) -+ wpa_supplicant_start_bgscan(wpa_s); -+ else -+ wpa_supplicant_stop_bgscan(wpa_s); -+#endif /* CONFIG_BGSCAN */ -+ -+ if (state == WPA_AUTHENTICATING) -+ wpa_supplicant_stop_autoscan(wpa_s); -+ -+ if (state == WPA_DISCONNECTED || state == WPA_INACTIVE) -+ wpa_supplicant_start_autoscan(wpa_s); -+ -+ if (wpa_s->wpa_state != old_state) { -+ wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); -+ -+ if (wpa_s->wpa_state == WPA_COMPLETED || -+ old_state == WPA_COMPLETED) -+ wpas_notify_auth_changed(wpa_s); -+ } -+} -+ -+ -+void wpa_supplicant_terminate_proc(struct wpa_global *global) -+{ -+ int pending = 0; -+#ifdef CONFIG_WPS -+ struct wpa_supplicant *wpa_s = global->ifaces; -+ while (wpa_s) { -+ if (wpas_wps_terminate_pending(wpa_s) == 1) -+ pending = 1; -+ wpa_s = wpa_s->next; -+ } -+#endif /* CONFIG_WPS */ -+ if (pending) -+ return; -+ eloop_terminate(); -+} -+ -+ -+static void wpa_supplicant_terminate(int sig, void *signal_ctx) -+{ -+ struct wpa_global *global = signal_ctx; -+ wpa_supplicant_terminate_proc(global); -+} -+ -+ -+void wpa_supplicant_clear_status(struct wpa_supplicant *wpa_s) -+{ -+ enum wpa_states old_state = wpa_s->wpa_state; -+ -+ wpa_s->pairwise_cipher = 0; -+ wpa_s->group_cipher = 0; -+ wpa_s->mgmt_group_cipher = 0; -+ wpa_s->key_mgmt = 0; -+ if (wpa_s->wpa_state != WPA_INTERFACE_DISABLED) -+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); -+ -+ if (wpa_s->wpa_state != old_state) -+ wpas_notify_state_changed(wpa_s, wpa_s->wpa_state, old_state); -+} -+ -+ -+/** -+ * wpa_supplicant_reload_configuration - Reload configuration data -+ * @wpa_s: Pointer to wpa_supplicant data -+ * Returns: 0 on success or -1 if configuration parsing failed -+ * -+ * This function can be used to request that the configuration data is reloaded -+ * (e.g., after configuration file change). This function is reloading -+ * configuration only for one interface, so this may need to be called multiple -+ * times if %wpa_supplicant is controlling multiple interfaces and all -+ * interfaces need reconfiguration. -+ */ -+int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s) -+{ -+ struct wpa_config *conf; -+ int reconf_ctrl; -+ int old_ap_scan; -+ -+ if (wpa_s->confname == NULL) -+ return -1; -+ conf = wpa_config_read(wpa_s->confname); -+ if (conf == NULL) { -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration " -+ "file '%s' - exiting", wpa_s->confname); -+ return -1; -+ } -+ conf->changed_parameters = (unsigned int) -1; -+ -+ reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface -+ || (conf->ctrl_interface && wpa_s->conf->ctrl_interface && -+ os_strcmp(conf->ctrl_interface, -+ wpa_s->conf->ctrl_interface) != 0); -+ -+ if (reconf_ctrl && wpa_s->ctrl_iface) { -+ wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); -+ wpa_s->ctrl_iface = NULL; -+ } -+ -+ eapol_sm_invalidate_cached_session(wpa_s->eapol); -+ if (wpa_s->current_ssid) { -+ wpa_supplicant_deauthenticate(wpa_s, -+ WLAN_REASON_DEAUTH_LEAVING); -+ } -+ -+ /* -+ * TODO: should notify EAPOL SM about changes in opensc_engine_path, -+ * pkcs11_engine_path, pkcs11_module_path. -+ */ -+ if (wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt)) { -+ /* -+ * Clear forced success to clear EAP state for next -+ * authentication. -+ */ -+ eapol_sm_notify_eap_success(wpa_s->eapol, FALSE); -+ } -+ eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); -+ wpa_sm_set_config(wpa_s->wpa, NULL); -+ wpa_sm_pmksa_cache_flush(wpa_s->wpa, NULL); -+ wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); -+ rsn_preauth_deinit(wpa_s->wpa); -+ -+ old_ap_scan = wpa_s->conf->ap_scan; -+ wpa_config_free(wpa_s->conf); -+ wpa_s->conf = conf; -+ if (old_ap_scan != wpa_s->conf->ap_scan) -+ wpas_notify_ap_scan_changed(wpa_s); -+ -+ if (reconf_ctrl) -+ wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); -+ -+ wpa_supplicant_update_config(wpa_s); -+ -+ wpa_supplicant_clear_status(wpa_s); -+ if (wpa_supplicant_enabled_networks(wpa_s)) { -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ } -+ wpa_dbg(wpa_s, MSG_DEBUG, "Reconfiguration completed"); -+ return 0; -+} -+ -+ -+static void wpa_supplicant_reconfig(int sig, void *signal_ctx) -+{ -+ struct wpa_global *global = signal_ctx; -+ struct wpa_supplicant *wpa_s; -+ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Signal %d received - reconfiguring", -+ sig); -+ if (wpa_supplicant_reload_configuration(wpa_s) < 0) { -+ wpa_supplicant_terminate_proc(global); -+ } -+ } -+} -+ -+ -+enum wpa_cipher cipher_suite2driver(int cipher) -+{ -+ switch (cipher) { -+ case WPA_CIPHER_NONE: -+ return CIPHER_NONE; -+ case WPA_CIPHER_WEP40: -+ return CIPHER_WEP40; -+ case WPA_CIPHER_WEP104: -+ return CIPHER_WEP104; -+ case WPA_CIPHER_CCMP: -+ return CIPHER_CCMP; -+ case WPA_CIPHER_GCMP: -+ return CIPHER_GCMP; -+ case WPA_CIPHER_TKIP: -+ default: -+ return CIPHER_TKIP; -+ } -+} -+ -+ -+enum wpa_key_mgmt key_mgmt2driver(int key_mgmt) -+{ -+ switch (key_mgmt) { -+ case WPA_KEY_MGMT_NONE: -+ return KEY_MGMT_NONE; -+ case WPA_KEY_MGMT_IEEE8021X_NO_WPA: -+ return KEY_MGMT_802_1X_NO_WPA; -+ case WPA_KEY_MGMT_IEEE8021X: -+ return KEY_MGMT_802_1X; -+ case WPA_KEY_MGMT_WPA_NONE: -+ return KEY_MGMT_WPA_NONE; -+ case WPA_KEY_MGMT_FT_IEEE8021X: -+ return KEY_MGMT_FT_802_1X; -+ case WPA_KEY_MGMT_FT_PSK: -+ return KEY_MGMT_FT_PSK; -+ case WPA_KEY_MGMT_IEEE8021X_SHA256: -+ return KEY_MGMT_802_1X_SHA256; -+ case WPA_KEY_MGMT_PSK_SHA256: -+ return KEY_MGMT_PSK_SHA256; -+ case WPA_KEY_MGMT_WPS: -+ return KEY_MGMT_WPS; -+ case WPA_KEY_MGMT_PSK: -+ default: -+ return KEY_MGMT_PSK; -+ } -+} -+ -+ -+static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid, -+ struct wpa_ie_data *ie) -+{ -+ int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie); -+ if (ret) { -+ if (ret == -2) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE " -+ "from association info"); -+ } -+ return -1; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set " -+ "cipher suites"); -+ if (!(ie->group_cipher & ssid->group_cipher)) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group " -+ "cipher 0x%x (mask 0x%x) - reject", -+ ie->group_cipher, ssid->group_cipher); -+ return -1; -+ } -+ if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise " -+ "cipher 0x%x (mask 0x%x) - reject", -+ ie->pairwise_cipher, ssid->pairwise_cipher); -+ return -1; -+ } -+ if (!(ie->key_mgmt & ssid->key_mgmt)) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key " -+ "management 0x%x (mask 0x%x) - reject", -+ ie->key_mgmt, ssid->key_mgmt); -+ return -1; -+ } -+ -+#ifdef CONFIG_IEEE80211W -+ if (!(ie->capabilities & WPA_CAPABILITY_MFPC) && -+ (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? -+ wpa_s->conf->pmf : ssid->ieee80211w) == -+ MGMT_FRAME_PROTECTION_REQUIRED) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Driver associated with an AP " -+ "that does not support management frame protection - " -+ "reject"); -+ return -1; -+ } -+#endif /* CONFIG_IEEE80211W */ -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_suites - Set authentication and encryption parameters -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @bss: Scan results for the selected BSS, or %NULL if not available -+ * @ssid: Configuration data for the selected network -+ * @wpa_ie: Buffer for the WPA/RSN IE -+ * @wpa_ie_len: Maximum wpa_ie buffer size on input. This is changed to be the -+ * used buffer length in case the functions returns success. -+ * Returns: 0 on success or -1 on failure -+ * -+ * This function is used to configure authentication and encryption parameters -+ * based on the network configuration and scan result for the selected BSS (if -+ * available). -+ */ -+int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s, -+ struct wpa_bss *bss, struct wpa_ssid *ssid, -+ u8 *wpa_ie, size_t *wpa_ie_len) -+{ -+ struct wpa_ie_data ie; -+ int sel, proto; -+ const u8 *bss_wpa, *bss_rsn; -+ -+ if (bss) { -+ bss_wpa = wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE); -+ bss_rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); -+ } else -+ bss_wpa = bss_rsn = NULL; -+ -+ if (bss_rsn && (ssid->proto & WPA_PROTO_RSN) && -+ wpa_parse_wpa_ie(bss_rsn, 2 + bss_rsn[1], &ie) == 0 && -+ (ie.group_cipher & ssid->group_cipher) && -+ (ie.pairwise_cipher & ssid->pairwise_cipher) && -+ (ie.key_mgmt & ssid->key_mgmt)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0"); -+ proto = WPA_PROTO_RSN; -+ } else if (bss_wpa && (ssid->proto & WPA_PROTO_WPA) && -+ wpa_parse_wpa_ie(bss_wpa, 2 +bss_wpa[1], &ie) == 0 && -+ (ie.group_cipher & ssid->group_cipher) && -+ (ie.pairwise_cipher & ssid->pairwise_cipher) && -+ (ie.key_mgmt & ssid->key_mgmt)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0"); -+ proto = WPA_PROTO_WPA; -+ } else if (bss) { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN"); -+ return -1; -+ } else { -+ if (ssid->proto & WPA_PROTO_RSN) -+ proto = WPA_PROTO_RSN; -+ else -+ proto = WPA_PROTO_WPA; -+ if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) { -+ os_memset(&ie, 0, sizeof(ie)); -+ ie.group_cipher = ssid->group_cipher; -+ ie.pairwise_cipher = ssid->pairwise_cipher; -+ ie.key_mgmt = ssid->key_mgmt; -+#ifdef CONFIG_IEEE80211W -+ ie.mgmt_group_cipher = -+ ssid->ieee80211w != NO_MGMT_FRAME_PROTECTION ? -+ WPA_CIPHER_AES_128_CMAC : 0; -+#endif /* CONFIG_IEEE80211W */ -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Set cipher suites " -+ "based on configuration"); -+ } else -+ proto = ie.proto; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected cipher suites: group %d " -+ "pairwise %d key_mgmt %d proto %d", -+ ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt, proto); -+#ifdef CONFIG_IEEE80211W -+ if (ssid->ieee80211w) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected mgmt group cipher %d", -+ ie.mgmt_group_cipher); -+ } -+#endif /* CONFIG_IEEE80211W */ -+ -+ wpa_s->wpa_proto = proto; -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_RSN_ENABLED, -+ !!(ssid->proto & WPA_PROTO_RSN)); -+ -+ if (bss || !wpa_s->ap_ies_from_associnfo) { -+ if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss_wpa, -+ bss_wpa ? 2 + bss_wpa[1] : 0) || -+ wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss_rsn, -+ bss_rsn ? 2 + bss_rsn[1] : 0)) -+ return -1; -+ } -+ -+ sel = ie.group_cipher & ssid->group_cipher; -+ if (sel & WPA_CIPHER_CCMP) { -+ wpa_s->group_cipher = WPA_CIPHER_CCMP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP"); -+ } else if (sel & WPA_CIPHER_GCMP) { -+ wpa_s->group_cipher = WPA_CIPHER_GCMP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK GCMP"); -+ } else if (sel & WPA_CIPHER_TKIP) { -+ wpa_s->group_cipher = WPA_CIPHER_TKIP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP"); -+ } else if (sel & WPA_CIPHER_WEP104) { -+ wpa_s->group_cipher = WPA_CIPHER_WEP104; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104"); -+ } else if (sel & WPA_CIPHER_WEP40) { -+ wpa_s->group_cipher = WPA_CIPHER_WEP40; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40"); -+ } else { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select group " -+ "cipher"); -+ return -1; -+ } -+ -+ sel = ie.pairwise_cipher & ssid->pairwise_cipher; -+ if (sel & WPA_CIPHER_CCMP) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_CCMP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP"); -+ } else if (sel & WPA_CIPHER_GCMP) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_GCMP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK GCMP"); -+ } else if (sel & WPA_CIPHER_TKIP) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_TKIP; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP"); -+ } else if (sel & WPA_CIPHER_NONE) { -+ wpa_s->pairwise_cipher = WPA_CIPHER_NONE; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE"); -+ } else { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select pairwise " -+ "cipher"); -+ return -1; -+ } -+ -+ sel = ie.key_mgmt & ssid->key_mgmt; -+#ifdef CONFIG_SAE -+ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_SAE)) -+ sel &= ~(WPA_KEY_MGMT_SAE | WPA_KEY_MGMT_FT_SAE); -+#endif /* CONFIG_SAE */ -+ if (0) { -+#ifdef CONFIG_IEEE80211R -+ } else if (sel & WPA_KEY_MGMT_FT_IEEE8021X) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_IEEE8021X; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/802.1X"); -+ } else if (sel & WPA_KEY_MGMT_FT_PSK) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_PSK; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT FT/PSK"); -+#endif /* CONFIG_IEEE80211R */ -+#ifdef CONFIG_SAE -+ } else if (sel & WPA_KEY_MGMT_SAE) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_SAE; -+ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT SAE"); -+ } else if (sel & WPA_KEY_MGMT_FT_SAE) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_FT_SAE; -+ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: using KEY_MGMT FT/SAE"); -+#endif /* CONFIG_SAE */ -+#ifdef CONFIG_IEEE80211W -+ } else if (sel & WPA_KEY_MGMT_IEEE8021X_SHA256) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_SHA256; -+ wpa_dbg(wpa_s, MSG_DEBUG, -+ "WPA: using KEY_MGMT 802.1X with SHA256"); -+ } else if (sel & WPA_KEY_MGMT_PSK_SHA256) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_PSK_SHA256; -+ wpa_dbg(wpa_s, MSG_DEBUG, -+ "WPA: using KEY_MGMT PSK with SHA256"); -+#endif /* CONFIG_IEEE80211W */ -+ } else if (sel & WPA_KEY_MGMT_IEEE8021X) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X"); -+ } else if (sel & WPA_KEY_MGMT_PSK) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_PSK; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK"); -+ } else if (sel & WPA_KEY_MGMT_WPA_NONE) { -+ wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE"); -+ } else { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select " -+ "authenticated key management type"); -+ return -1; -+ } -+ -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE, -+ wpa_s->pairwise_cipher); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher); -+ -+#ifdef CONFIG_IEEE80211W -+ sel = ie.mgmt_group_cipher; -+ if ((ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? -+ wpa_s->conf->pmf : ssid->ieee80211w) == NO_MGMT_FRAME_PROTECTION || -+ !(ie.capabilities & WPA_CAPABILITY_MFPC)) -+ sel = 0; -+ if (sel & WPA_CIPHER_AES_128_CMAC) { -+ wpa_s->mgmt_group_cipher = WPA_CIPHER_AES_128_CMAC; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: using MGMT group cipher " -+ "AES-128-CMAC"); -+ } else { -+ wpa_s->mgmt_group_cipher = 0; -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: not using MGMT group cipher"); -+ } -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MGMT_GROUP, -+ wpa_s->mgmt_group_cipher); -+ wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_MFP, -+ (ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? -+ wpa_s->conf->pmf : ssid->ieee80211w)); -+#endif /* CONFIG_IEEE80211W */ -+ -+ if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to generate WPA IE"); -+ return -1; -+ } -+ -+ if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt)) { -+ wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN); -+#ifndef CONFIG_NO_PBKDF2 -+ if (bss && ssid->bssid_set && ssid->ssid_len == 0 && -+ ssid->passphrase) { -+ u8 psk[PMK_LEN]; -+ pbkdf2_sha1(ssid->passphrase, bss->ssid, bss->ssid_len, -+ 4096, psk, PMK_LEN); -+ wpa_hexdump_key(MSG_MSGDUMP, "PSK (from passphrase)", -+ psk, PMK_LEN); -+ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); -+ } -+#endif /* CONFIG_NO_PBKDF2 */ -+#ifdef CONFIG_EXT_PASSWORD -+ if (ssid->ext_psk) { -+ struct wpabuf *pw = ext_password_get(wpa_s->ext_pw, -+ ssid->ext_psk); -+ char pw_str[64 + 1]; -+ u8 psk[PMK_LEN]; -+ -+ if (pw == NULL) { -+ wpa_msg(wpa_s, MSG_INFO, "EXT PW: No PSK " -+ "found from external storage"); -+ return -1; -+ } -+ -+ if (wpabuf_len(pw) < 8 || wpabuf_len(pw) > 64) { -+ wpa_msg(wpa_s, MSG_INFO, "EXT PW: Unexpected " -+ "PSK length %d in external storage", -+ (int) wpabuf_len(pw)); -+ ext_password_free(pw); -+ return -1; -+ } -+ -+ os_memcpy(pw_str, wpabuf_head(pw), wpabuf_len(pw)); -+ pw_str[wpabuf_len(pw)] = '\0'; -+ -+#ifndef CONFIG_NO_PBKDF2 -+ if (wpabuf_len(pw) >= 8 && wpabuf_len(pw) < 64 && bss) -+ { -+ pbkdf2_sha1(pw_str, bss->ssid, bss->ssid_len, -+ 4096, psk, PMK_LEN); -+ os_memset(pw_str, 0, sizeof(pw_str)); -+ wpa_hexdump_key(MSG_MSGDUMP, "PSK (from " -+ "external passphrase)", -+ psk, PMK_LEN); -+ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); -+ } else -+#endif /* CONFIG_NO_PBKDF2 */ -+ if (wpabuf_len(pw) == 2 * PMK_LEN) { -+ if (hexstr2bin(pw_str, psk, PMK_LEN) < 0) { -+ wpa_msg(wpa_s, MSG_INFO, "EXT PW: " -+ "Invalid PSK hex string"); -+ os_memset(pw_str, 0, sizeof(pw_str)); -+ ext_password_free(pw); -+ return -1; -+ } -+ wpa_sm_set_pmk(wpa_s->wpa, psk, PMK_LEN); -+ } else { -+ wpa_msg(wpa_s, MSG_INFO, "EXT PW: No suitable " -+ "PSK available"); -+ os_memset(pw_str, 0, sizeof(pw_str)); -+ ext_password_free(pw); -+ return -1; -+ } -+ -+ os_memset(pw_str, 0, sizeof(pw_str)); -+ ext_password_free(pw); -+ } -+#endif /* CONFIG_EXT_PASSWORD */ -+ } else -+ wpa_sm_set_pmk_from_pmksa(wpa_s->wpa); -+ -+ return 0; -+} -+ -+ -+int wpas_build_ext_capab(struct wpa_supplicant *wpa_s, u8 *buf) -+{ -+ u32 ext_capab = 0; -+ u8 *pos = buf; -+ -+#ifdef CONFIG_INTERWORKING -+ if (wpa_s->conf->interworking) -+ ext_capab |= BIT(31); /* Interworking */ -+#endif /* CONFIG_INTERWORKING */ -+ -+#ifdef CONFIG_WNM -+ ext_capab |= BIT(17); /* WNM-Sleep Mode */ -+ ext_capab |= BIT(19); /* BSS Transition */ -+#endif /* CONFIG_WNM */ -+ -+ if (!ext_capab) -+ return 0; -+ -+ *pos++ = WLAN_EID_EXT_CAPAB; -+ *pos++ = 4; -+ WPA_PUT_LE32(pos, ext_capab); -+ pos += 4; -+ -+ return pos - buf; -+} -+ -+ -+/** -+ * wpa_supplicant_associate - Request association -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @bss: Scan results for the selected BSS, or %NULL if not available -+ * @ssid: Configuration data for the selected network -+ * -+ * This function is used to request %wpa_supplicant to associate with a BSS. -+ */ -+void wpa_supplicant_associate(struct wpa_supplicant *wpa_s, -+ struct wpa_bss *bss, struct wpa_ssid *ssid) -+{ -+ u8 wpa_ie[200]; -+ size_t wpa_ie_len; -+ int use_crypt, ret, i, bssid_changed; -+ int algs = WPA_AUTH_ALG_OPEN; -+ enum wpa_cipher cipher_pairwise, cipher_group; -+ struct wpa_driver_associate_params params; -+ int wep_keys_set = 0; -+ struct wpa_driver_capa capa; -+ int assoc_failed = 0; -+ struct wpa_ssid *old_ssid; -+ u8 ext_capab[10]; -+ int ext_capab_len; -+#ifdef CONFIG_HT_OVERRIDES -+ struct ieee80211_ht_capabilities htcaps; -+ struct ieee80211_ht_capabilities htcaps_mask; -+#endif /* CONFIG_HT_OVERRIDES */ -+ -+#ifdef CONFIG_IBSS_RSN -+ ibss_rsn_deinit(wpa_s->ibss_rsn); -+ wpa_s->ibss_rsn = NULL; -+#endif /* CONFIG_IBSS_RSN */ -+ -+ if (ssid->mode == WPAS_MODE_AP || ssid->mode == WPAS_MODE_P2P_GO || -+ ssid->mode == WPAS_MODE_P2P_GROUP_FORMATION) { -+#ifdef CONFIG_AP -+ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_AP)) { -+ wpa_msg(wpa_s, MSG_INFO, "Driver does not support AP " -+ "mode"); -+ return; -+ } -+ if (wpa_supplicant_create_ap(wpa_s, ssid) < 0) { -+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); -+ return; -+ } -+ wpa_s->current_bss = bss; -+#else /* CONFIG_AP */ -+ wpa_msg(wpa_s, MSG_ERROR, "AP mode support not included in " -+ "the build"); -+#endif /* CONFIG_AP */ -+ return; -+ } -+ -+#ifdef CONFIG_TDLS -+ if (bss) -+ wpa_tdls_ap_ies(wpa_s->wpa, (const u8 *) (bss + 1), -+ bss->ie_len); -+#endif /* CONFIG_TDLS */ -+ -+ if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_SME) && -+ ssid->mode == IEEE80211_MODE_INFRA) { -+ sme_authenticate(wpa_s, bss, ssid); -+ return; -+ } -+ -+ os_memset(¶ms, 0, sizeof(params)); -+ wpa_s->reassociate = 0; -+ if (bss && !wpas_driver_bss_selection(wpa_s)) { -+#ifdef CONFIG_IEEE80211R -+ const u8 *ie, *md = NULL; -+#endif /* CONFIG_IEEE80211R */ -+ wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR -+ " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid), -+ wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq); -+ bssid_changed = !is_zero_ether_addr(wpa_s->bssid); -+ os_memset(wpa_s->bssid, 0, ETH_ALEN); -+ os_memcpy(wpa_s->pending_bssid, bss->bssid, ETH_ALEN); -+ if (bssid_changed) -+ wpas_notify_bssid_changed(wpa_s); -+#ifdef CONFIG_IEEE80211R -+ ie = wpa_bss_get_ie(bss, WLAN_EID_MOBILITY_DOMAIN); -+ if (ie && ie[1] >= MOBILITY_DOMAIN_ID_LEN) -+ md = ie + 2; -+ wpa_sm_set_ft_params(wpa_s->wpa, ie, ie ? 2 + ie[1] : 0); -+ if (md) { -+ /* Prepare for the next transition */ -+ wpa_ft_prepare_auth_request(wpa_s->wpa, ie); -+ } -+#endif /* CONFIG_IEEE80211R */ -+#ifdef CONFIG_WPS -+ } else if ((ssid->ssid == NULL || ssid->ssid_len == 0) && -+ wpa_s->conf->ap_scan == 2 && -+ (ssid->key_mgmt & WPA_KEY_MGMT_WPS)) { -+ /* Use ap_scan==1 style network selection to find the network -+ */ -+ wpa_s->scan_req = MANUAL_SCAN_REQ; -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ return; -+#endif /* CONFIG_WPS */ -+ } else { -+ wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'", -+ wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); -+ os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); -+ } -+ wpa_supplicant_cancel_sched_scan(wpa_s); -+ wpa_supplicant_cancel_scan(wpa_s); -+ -+ /* Starting new association, so clear the possibly used WPA IE from the -+ * previous association. */ -+ wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0); -+ -+#ifdef IEEE8021X_EAPOL -+ if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ if (ssid->leap) { -+ if (ssid->non_leap == 0) -+ algs = WPA_AUTH_ALG_LEAP; -+ else -+ algs |= WPA_AUTH_ALG_LEAP; -+ } -+ } -+#endif /* IEEE8021X_EAPOL */ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs); -+ if (ssid->auth_alg) { -+ algs = ssid->auth_alg; -+ wpa_dbg(wpa_s, MSG_DEBUG, "Overriding auth_alg selection: " -+ "0x%x", algs); -+ } -+ -+ if (bss && (wpa_bss_get_vendor_ie(bss, WPA_IE_VENDOR_TYPE) || -+ wpa_bss_get_ie(bss, WLAN_EID_RSN)) && -+ wpa_key_mgmt_wpa(ssid->key_mgmt)) { -+ int try_opportunistic; -+ try_opportunistic = (ssid->proactive_key_caching < 0 ? -+ wpa_s->conf->okc : -+ ssid->proactive_key_caching) && -+ (ssid->proto & WPA_PROTO_RSN); -+ if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid, -+ wpa_s->current_ssid, -+ try_opportunistic) == 0) -+ eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1); -+ wpa_ie_len = sizeof(wpa_ie); -+ if (wpa_supplicant_set_suites(wpa_s, bss, ssid, -+ wpa_ie, &wpa_ie_len)) { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " -+ "key management and encryption suites"); -+ return; -+ } -+ } else if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) && bss && -+ wpa_key_mgmt_wpa_ieee8021x(ssid->key_mgmt)) { -+ /* -+ * Both WPA and non-WPA IEEE 802.1X enabled in configuration - -+ * use non-WPA since the scan results did not indicate that the -+ * AP is using WPA or WPA2. -+ */ -+ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); -+ wpa_ie_len = 0; -+ wpa_s->wpa_proto = 0; -+ } else if (wpa_key_mgmt_wpa_any(ssid->key_mgmt)) { -+ wpa_ie_len = sizeof(wpa_ie); -+ if (wpa_supplicant_set_suites(wpa_s, NULL, ssid, -+ wpa_ie, &wpa_ie_len)) { -+ wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to set WPA " -+ "key management and encryption suites (no " -+ "scan results)"); -+ return; -+ } -+#ifdef CONFIG_WPS -+ } else if (ssid->key_mgmt & WPA_KEY_MGMT_WPS) { -+ struct wpabuf *wps_ie; -+ wps_ie = wps_build_assoc_req_ie(wpas_wps_get_req_type(ssid)); -+ if (wps_ie && wpabuf_len(wps_ie) <= sizeof(wpa_ie)) { -+ wpa_ie_len = wpabuf_len(wps_ie); -+ os_memcpy(wpa_ie, wpabuf_head(wps_ie), wpa_ie_len); -+ } else -+ wpa_ie_len = 0; -+ wpabuf_free(wps_ie); -+ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); -+ if (!bss || (bss->caps & IEEE80211_CAP_PRIVACY)) -+ params.wps = WPS_MODE_PRIVACY; -+ else -+ params.wps = WPS_MODE_OPEN; -+ wpa_s->wpa_proto = 0; -+#endif /* CONFIG_WPS */ -+ } else { -+ wpa_supplicant_set_non_wpa_policy(wpa_s, ssid); -+ wpa_ie_len = 0; -+ wpa_s->wpa_proto = 0; -+ } -+ -+#ifdef CONFIG_P2P -+ if (wpa_s->global->p2p) { -+ u8 *pos; -+ size_t len; -+ int res; -+ pos = wpa_ie + wpa_ie_len; -+ len = sizeof(wpa_ie) - wpa_ie_len; -+ res = wpas_p2p_assoc_req_ie(wpa_s, bss, pos, len, -+ ssid->p2p_group); -+ if (res >= 0) -+ wpa_ie_len += res; -+ } -+ -+ wpa_s->cross_connect_disallowed = 0; -+ if (bss) { -+ struct wpabuf *p2p; -+ p2p = wpa_bss_get_vendor_ie_multi(bss, P2P_IE_VENDOR_TYPE); -+ if (p2p) { -+ wpa_s->cross_connect_disallowed = -+ p2p_get_cross_connect_disallowed(p2p); -+ wpabuf_free(p2p); -+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: WLAN AP %s cross " -+ "connection", -+ wpa_s->cross_connect_disallowed ? -+ "disallows" : "allows"); -+ } -+ } -+#endif /* CONFIG_P2P */ -+ -+#ifdef CONFIG_HS20 -+ if (wpa_s->conf->hs20) { -+ struct wpabuf *hs20; -+ hs20 = wpabuf_alloc(20); -+ if (hs20) { -+ wpas_hs20_add_indication(hs20); -+ os_memcpy(wpa_ie + wpa_ie_len, wpabuf_head(hs20), -+ wpabuf_len(hs20)); -+ wpa_ie_len += wpabuf_len(hs20); -+ wpabuf_free(hs20); -+ } -+ } -+#endif /* CONFIG_HS20 */ -+ -+ ext_capab_len = wpas_build_ext_capab(wpa_s, ext_capab); -+ if (ext_capab_len > 0) { -+ u8 *pos = wpa_ie; -+ if (wpa_ie_len > 0 && pos[0] == WLAN_EID_RSN) -+ pos += 2 + pos[1]; -+ os_memmove(pos + ext_capab_len, pos, -+ wpa_ie_len - (pos - wpa_ie)); -+ wpa_ie_len += ext_capab_len; -+ os_memcpy(pos, ext_capab, ext_capab_len); -+ } -+ -+ wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL); -+ use_crypt = 1; -+ cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher); -+ cipher_group = cipher_suite2driver(wpa_s->group_cipher); -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE || -+ wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) -+ use_crypt = 0; -+ if (wpa_set_wep_keys(wpa_s, ssid)) { -+ use_crypt = 1; -+ wep_keys_set = 1; -+ } -+ } -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) -+ use_crypt = 0; -+ -+#ifdef IEEE8021X_EAPOL -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ if ((ssid->eapol_flags & -+ (EAPOL_FLAG_REQUIRE_KEY_UNICAST | -+ EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 && -+ !wep_keys_set) { -+ use_crypt = 0; -+ } else { -+ /* Assume that dynamic WEP-104 keys will be used and -+ * set cipher suites in order for drivers to expect -+ * encryption. */ -+ cipher_pairwise = cipher_group = CIPHER_WEP104; -+ } -+ } -+#endif /* IEEE8021X_EAPOL */ -+ -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { -+ /* Set the key before (and later after) association */ -+ wpa_supplicant_set_wpa_none_key(wpa_s, ssid); -+ } -+ -+ wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING); -+ if (bss) { -+ params.ssid = bss->ssid; -+ params.ssid_len = bss->ssid_len; -+ if (!wpas_driver_bss_selection(wpa_s) || ssid->bssid_set) { -+ wpa_printf(MSG_DEBUG, "Limit connection to BSSID " -+ MACSTR " freq=%u MHz based on scan results " -+ "(bssid_set=%d)", -+ MAC2STR(bss->bssid), bss->freq, -+ ssid->bssid_set); -+ params.bssid = bss->bssid; -+ params.freq = bss->freq; -+ } -+ } else { -+ params.ssid = ssid->ssid; -+ params.ssid_len = ssid->ssid_len; -+ } -+ -+ if (ssid->mode == WPAS_MODE_IBSS && ssid->bssid_set && -+ wpa_s->conf->ap_scan == 2) { -+ params.bssid = ssid->bssid; -+ params.fixed_bssid = 1; -+ } -+ -+ if (ssid->mode == WPAS_MODE_IBSS && ssid->frequency > 0 && -+ params.freq == 0) -+ params.freq = ssid->frequency; /* Initial channel for IBSS */ -+ params.wpa_ie = wpa_ie; -+ params.wpa_ie_len = wpa_ie_len; -+ params.pairwise_suite = cipher_pairwise; -+ params.group_suite = cipher_group; -+ params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt); -+ params.wpa_proto = wpa_s->wpa_proto; -+ params.auth_alg = algs; -+ params.mode = ssid->mode; -+ params.bg_scan_period = ssid->bg_scan_period; -+ for (i = 0; i < NUM_WEP_KEYS; i++) { -+ if (ssid->wep_key_len[i]) -+ params.wep_key[i] = ssid->wep_key[i]; -+ params.wep_key_len[i] = ssid->wep_key_len[i]; -+ } -+ params.wep_tx_keyidx = ssid->wep_tx_keyidx; -+ -+ if ((wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) && -+ (params.key_mgmt_suite == KEY_MGMT_PSK || -+ params.key_mgmt_suite == KEY_MGMT_FT_PSK)) { -+ params.passphrase = ssid->passphrase; -+ if (ssid->psk_set) -+ params.psk = ssid->psk; -+ } -+ -+ params.drop_unencrypted = use_crypt; -+ -+#ifdef CONFIG_IEEE80211W -+ params.mgmt_frame_protection = -+ ssid->ieee80211w == MGMT_FRAME_PROTECTION_DEFAULT ? -+ wpa_s->conf->pmf : ssid->ieee80211w; -+ if (params.mgmt_frame_protection != NO_MGMT_FRAME_PROTECTION && bss) { -+ const u8 *rsn = wpa_bss_get_ie(bss, WLAN_EID_RSN); -+ struct wpa_ie_data ie; -+ if (rsn && wpa_parse_wpa_ie(rsn, 2 + rsn[1], &ie) == 0 && -+ ie.capabilities & -+ (WPA_CAPABILITY_MFPC | WPA_CAPABILITY_MFPR)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "WPA: Selected AP supports " -+ "MFP: require MFP"); -+ params.mgmt_frame_protection = -+ MGMT_FRAME_PROTECTION_REQUIRED; -+ } -+ } -+#endif /* CONFIG_IEEE80211W */ -+ -+ params.p2p = ssid->p2p_group; -+ -+ if (wpa_s->parent->set_sta_uapsd) -+ params.uapsd = wpa_s->parent->sta_uapsd; -+ else -+ params.uapsd = -1; -+ -+#ifdef CONFIG_HT_OVERRIDES -+ os_memset(&htcaps, 0, sizeof(htcaps)); -+ os_memset(&htcaps_mask, 0, sizeof(htcaps_mask)); -+ params.htcaps = (u8 *) &htcaps; -+ params.htcaps_mask = (u8 *) &htcaps_mask; -+ wpa_supplicant_apply_ht_overrides(wpa_s, ssid, ¶ms); -+#endif /* CONFIG_HT_OVERRIDES */ -+ -+ ret = wpa_drv_associate(wpa_s, ¶ms); -+ if (ret < 0) { -+ wpa_msg(wpa_s, MSG_INFO, "Association request to the driver " -+ "failed"); -+ if (wpa_s->drv_flags & WPA_DRIVER_FLAGS_SANE_ERROR_CODES) { -+ /* -+ * The driver is known to mean what is saying, so we -+ * can stop right here; the association will not -+ * succeed. -+ */ -+ wpas_connection_failed(wpa_s, wpa_s->pending_bssid); -+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); -+ os_memset(wpa_s->pending_bssid, 0, ETH_ALEN); -+ return; -+ } -+ /* try to continue anyway; new association will be tried again -+ * after timeout */ -+ assoc_failed = 1; -+ } -+ -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) { -+ /* Set the key after the association just in case association -+ * cleared the previously configured key. */ -+ wpa_supplicant_set_wpa_none_key(wpa_s, ssid); -+ /* No need to timeout authentication since there is no key -+ * management. */ -+ wpa_supplicant_cancel_auth_timeout(wpa_s); -+ wpa_supplicant_set_state(wpa_s, WPA_COMPLETED); -+#ifdef CONFIG_IBSS_RSN -+ } else if (ssid->mode == WPAS_MODE_IBSS && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_NONE && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_WPA_NONE) { -+ /* -+ * RSN IBSS authentication is per-STA and we can disable the -+ * per-BSSID authentication. -+ */ -+ wpa_supplicant_cancel_auth_timeout(wpa_s); -+#endif /* CONFIG_IBSS_RSN */ -+ } else { -+ /* Timeout for IEEE 802.11 authentication and association */ -+ int timeout = 60; -+ -+ if (assoc_failed) { -+ /* give IBSS a bit more time */ -+ timeout = ssid->mode == WPAS_MODE_IBSS ? 10 : 5; -+ } else if (wpa_s->conf->ap_scan == 1) { -+ /* give IBSS a bit more time */ -+ timeout = ssid->mode == WPAS_MODE_IBSS ? 20 : 10; -+ } -+ wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0); -+ } -+ -+ if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 && -+ capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) { -+ /* Set static WEP keys again */ -+ wpa_set_wep_keys(wpa_s, ssid); -+ } -+ -+ if (wpa_s->current_ssid && wpa_s->current_ssid != ssid) { -+ /* -+ * Do not allow EAP session resumption between different -+ * network configurations. -+ */ -+ eapol_sm_invalidate_cached_session(wpa_s->eapol); -+ } -+ old_ssid = wpa_s->current_ssid; -+ wpa_s->current_ssid = ssid; -+ wpa_s->current_bss = bss; -+ wpa_supplicant_rsn_supp_set_config(wpa_s, wpa_s->current_ssid); -+ wpa_supplicant_initiate_eapol(wpa_s); -+ if (old_ssid != wpa_s->current_ssid) -+ wpas_notify_network_changed(wpa_s); -+} -+ -+ -+static void wpa_supplicant_clear_connection(struct wpa_supplicant *wpa_s, -+ const u8 *addr) -+{ -+ struct wpa_ssid *old_ssid; -+ -+ wpa_clear_keys(wpa_s, addr); -+ old_ssid = wpa_s->current_ssid; -+ wpa_supplicant_mark_disassoc(wpa_s); -+ wpa_sm_set_config(wpa_s->wpa, NULL); -+ eapol_sm_notify_config(wpa_s->eapol, NULL, NULL); -+ if (old_ssid != wpa_s->current_ssid) -+ wpas_notify_network_changed(wpa_s); -+ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); -+} -+ -+ -+/** -+ * wpa_supplicant_deauthenticate - Deauthenticate the current connection -+ * @wpa_s: Pointer to wpa_supplicant data -+ * @reason_code: IEEE 802.11 reason code for the deauthenticate frame -+ * -+ * This function is used to request %wpa_supplicant to deauthenticate from the -+ * current AP. -+ */ -+void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s, -+ int reason_code) -+{ -+ u8 *addr = NULL; -+ union wpa_event_data event; -+ int zero_addr = 0; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Request to deauthenticate - bssid=" MACSTR -+ " pending_bssid=" MACSTR " reason=%d state=%s", -+ MAC2STR(wpa_s->bssid), MAC2STR(wpa_s->pending_bssid), -+ reason_code, wpa_supplicant_state_txt(wpa_s->wpa_state)); -+ -+ if (!is_zero_ether_addr(wpa_s->bssid)) -+ addr = wpa_s->bssid; -+ else if (!is_zero_ether_addr(wpa_s->pending_bssid) && -+ (wpa_s->wpa_state == WPA_AUTHENTICATING || -+ wpa_s->wpa_state == WPA_ASSOCIATING)) -+ addr = wpa_s->pending_bssid; -+ else if (wpa_s->wpa_state == WPA_ASSOCIATING) { -+ /* -+ * When using driver-based BSS selection, we may not know the -+ * BSSID with which we are currently trying to associate. We -+ * need to notify the driver of this disconnection even in such -+ * a case, so use the all zeros address here. -+ */ -+ addr = wpa_s->bssid; -+ zero_addr = 1; -+ } -+ -+ if (addr) { -+ wpa_drv_deauthenticate(wpa_s, addr, reason_code); -+ os_memset(&event, 0, sizeof(event)); -+ event.deauth_info.reason_code = (u16) reason_code; -+ event.deauth_info.locally_generated = 1; -+ wpa_supplicant_event(wpa_s, EVENT_DEAUTH, &event); -+ if (zero_addr) -+ addr = NULL; -+ } -+ -+ wpa_supplicant_clear_connection(wpa_s, addr); -+} -+ -+ -+/** -+ * wpa_supplicant_enable_network - Mark a configured network as enabled -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @ssid: wpa_ssid structure for a configured network or %NULL -+ * -+ * Enables the specified network or all networks if no network specified. -+ */ -+void wpa_supplicant_enable_network(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ struct wpa_ssid *other_ssid; -+ int was_disabled; -+ -+ if (ssid == NULL) { -+ for (other_ssid = wpa_s->conf->ssid; other_ssid; -+ other_ssid = other_ssid->next) { -+ if (other_ssid->disabled == 2) -+ continue; /* do not change persistent P2P group -+ * data */ -+ if (other_ssid == wpa_s->current_ssid && -+ other_ssid->disabled) -+ wpa_s->reassociate = 1; -+ -+ was_disabled = other_ssid->disabled; -+ -+ other_ssid->disabled = 0; -+ if (was_disabled) -+ wpas_clear_temp_disabled(wpa_s, other_ssid, 0); -+ -+ if (was_disabled != other_ssid->disabled) -+ wpas_notify_network_enabled_changed( -+ wpa_s, other_ssid); -+ } -+ if (wpa_s->reassociate) -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ } else if (ssid->disabled && ssid->disabled != 2) { -+ if (wpa_s->current_ssid == NULL) { -+ /* -+ * Try to reassociate since there is no current -+ * configuration and a new network was made available. -+ */ -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+ } -+ -+ was_disabled = ssid->disabled; -+ -+ ssid->disabled = 0; -+ wpas_clear_temp_disabled(wpa_s, ssid, 1); -+ -+ if (was_disabled != ssid->disabled) -+ wpas_notify_network_enabled_changed(wpa_s, ssid); -+ } -+} -+ -+ -+/** -+ * wpa_supplicant_disable_network - Mark a configured network as disabled -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @ssid: wpa_ssid structure for a configured network or %NULL -+ * -+ * Disables the specified network or all networks if no network specified. -+ */ -+void wpa_supplicant_disable_network(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ struct wpa_ssid *other_ssid; -+ int was_disabled; -+ -+ if (ssid == NULL) { -+ for (other_ssid = wpa_s->conf->ssid; other_ssid; -+ other_ssid = other_ssid->next) { -+ was_disabled = other_ssid->disabled; -+ if (was_disabled == 2) -+ continue; /* do not change persistent P2P group -+ * data */ -+ -+ other_ssid->disabled = 1; -+ -+ if (was_disabled != other_ssid->disabled) -+ wpas_notify_network_enabled_changed( -+ wpa_s, other_ssid); -+ } -+ if (wpa_s->current_ssid) -+ wpa_supplicant_deauthenticate( -+ wpa_s, WLAN_REASON_DEAUTH_LEAVING); -+ } else if (ssid->disabled != 2) { -+ if (ssid == wpa_s->current_ssid) -+ wpa_supplicant_deauthenticate( -+ wpa_s, WLAN_REASON_DEAUTH_LEAVING); -+ -+ was_disabled = ssid->disabled; -+ -+ ssid->disabled = 1; -+ -+ if (was_disabled != ssid->disabled) -+ wpas_notify_network_enabled_changed(wpa_s, ssid); -+ } -+} -+ -+ -+/** -+ * wpa_supplicant_select_network - Attempt association with a network -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @ssid: wpa_ssid structure for a configured network or %NULL for any network -+ */ -+void wpa_supplicant_select_network(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid) -+{ -+ -+ struct wpa_ssid *other_ssid; -+ int disconnected = 0; -+ -+ if (ssid && ssid != wpa_s->current_ssid && wpa_s->current_ssid) { -+ wpa_supplicant_deauthenticate( -+ wpa_s, WLAN_REASON_DEAUTH_LEAVING); -+ disconnected = 1; -+ } -+ -+ if (ssid) -+ wpas_clear_temp_disabled(wpa_s, ssid, 1); -+ -+ /* -+ * Mark all other networks disabled or mark all networks enabled if no -+ * network specified. -+ */ -+ for (other_ssid = wpa_s->conf->ssid; other_ssid; -+ other_ssid = other_ssid->next) { -+ int was_disabled = other_ssid->disabled; -+ if (was_disabled == 2) -+ continue; /* do not change persistent P2P group data */ -+ -+ other_ssid->disabled = ssid ? (ssid->id != other_ssid->id) : 0; -+ if (was_disabled && !other_ssid->disabled) -+ wpas_clear_temp_disabled(wpa_s, other_ssid, 0); -+ -+ if (was_disabled != other_ssid->disabled) -+ wpas_notify_network_enabled_changed(wpa_s, other_ssid); -+ } -+ -+ if (ssid && ssid == wpa_s->current_ssid && wpa_s->current_ssid) { -+ /* We are already associated with the selected network */ -+ wpa_printf(MSG_DEBUG, "Already associated with the " -+ "selected network - do nothing"); -+ return; -+ } -+ -+ if (ssid) -+ wpa_s->current_ssid = ssid; -+ wpa_s->connect_without_scan = NULL; -+ wpa_s->disconnected = 0; -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, disconnected ? 100000 : 0); -+ -+ if (ssid) -+ wpas_notify_network_selected(wpa_s, ssid); -+} -+ -+ -+/** -+ * wpa_supplicant_set_ap_scan - Set AP scan mode for interface -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @ap_scan: AP scan mode -+ * Returns: 0 if succeed or -1 if ap_scan has an invalid value -+ * -+ */ -+int wpa_supplicant_set_ap_scan(struct wpa_supplicant *wpa_s, int ap_scan) -+{ -+ -+ int old_ap_scan; -+ -+ if (ap_scan < 0 || ap_scan > 2) -+ return -1; -+ -+#ifdef ANDROID -+ if (ap_scan == 2 && ap_scan != wpa_s->conf->ap_scan && -+ wpa_s->wpa_state >= WPA_ASSOCIATING && -+ wpa_s->wpa_state < WPA_COMPLETED) { -+ wpa_printf(MSG_ERROR, "ap_scan = %d (%d) rejected while " -+ "associating", wpa_s->conf->ap_scan, ap_scan); -+ return 0; -+ } -+#endif /* ANDROID */ -+ -+ old_ap_scan = wpa_s->conf->ap_scan; -+ wpa_s->conf->ap_scan = ap_scan; -+ -+ if (old_ap_scan != wpa_s->conf->ap_scan) -+ wpas_notify_ap_scan_changed(wpa_s); -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_bss_expiration_age - Set BSS entry expiration age -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @expire_age: Expiration age in seconds -+ * Returns: 0 if succeed or -1 if expire_age has an invalid value -+ * -+ */ -+int wpa_supplicant_set_bss_expiration_age(struct wpa_supplicant *wpa_s, -+ unsigned int bss_expire_age) -+{ -+ if (bss_expire_age < 10) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration age %u", -+ bss_expire_age); -+ return -1; -+ } -+ wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration age: %d sec", -+ bss_expire_age); -+ wpa_s->conf->bss_expiration_age = bss_expire_age; -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_bss_expiration_count - Set BSS entry expiration scan count -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @expire_count: number of scans after which an unseen BSS is reclaimed -+ * Returns: 0 if succeed or -1 if expire_count has an invalid value -+ * -+ */ -+int wpa_supplicant_set_bss_expiration_count(struct wpa_supplicant *wpa_s, -+ unsigned int bss_expire_count) -+{ -+ if (bss_expire_count < 1) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid bss expiration count %u", -+ bss_expire_count); -+ return -1; -+ } -+ wpa_msg(wpa_s, MSG_DEBUG, "Setting bss expiration scan count: %u", -+ bss_expire_count); -+ wpa_s->conf->bss_expiration_scan_count = bss_expire_count; -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_scan_interval - Set scan interval -+ * @wpa_s: wpa_supplicant structure for a network interface -+ * @scan_interval: scan interval in seconds -+ * Returns: 0 if succeed or -1 if scan_interval has an invalid value -+ * -+ */ -+int wpa_supplicant_set_scan_interval(struct wpa_supplicant *wpa_s, -+ int scan_interval) -+{ -+ if (scan_interval < 0) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid scan interval %d", -+ scan_interval); -+ return -1; -+ } -+ wpa_msg(wpa_s, MSG_DEBUG, "Setting scan interval: %d sec", -+ scan_interval); -+ wpa_s->scan_interval = scan_interval; -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_set_debug_params - Set global debug params -+ * @global: wpa_global structure -+ * @debug_level: debug level -+ * @debug_timestamp: determines if show timestamp in debug data -+ * @debug_show_keys: determines if show keys in debug data -+ * Returns: 0 if succeed or -1 if debug_level has wrong value -+ */ -+int wpa_supplicant_set_debug_params(struct wpa_global *global, int debug_level, -+ int debug_timestamp, int debug_show_keys) -+{ -+ -+ int old_level, old_timestamp, old_show_keys; -+ -+ /* check for allowed debuglevels */ -+ if (debug_level != MSG_EXCESSIVE && -+ debug_level != MSG_MSGDUMP && -+ debug_level != MSG_DEBUG && -+ debug_level != MSG_INFO && -+ debug_level != MSG_WARNING && -+ debug_level != MSG_ERROR) -+ return -1; -+ -+ old_level = wpa_debug_level; -+ old_timestamp = wpa_debug_timestamp; -+ old_show_keys = wpa_debug_show_keys; -+ -+ wpa_debug_level = debug_level; -+ wpa_debug_timestamp = debug_timestamp ? 1 : 0; -+ wpa_debug_show_keys = debug_show_keys ? 1 : 0; -+ -+ if (wpa_debug_level != old_level) -+ wpas_notify_debug_level_changed(global); -+ if (wpa_debug_timestamp != old_timestamp) -+ wpas_notify_debug_timestamp_changed(global); -+ if (wpa_debug_show_keys != old_show_keys) -+ wpas_notify_debug_show_keys_changed(global); -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_get_ssid - Get a pointer to the current network structure -+ * @wpa_s: Pointer to wpa_supplicant data -+ * Returns: A pointer to the current network structure or %NULL on failure -+ */ -+struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s) -+{ -+ struct wpa_ssid *entry; -+ u8 ssid[MAX_SSID_LEN]; -+ int res; -+ size_t ssid_len; -+ u8 bssid[ETH_ALEN]; -+ int wired; -+ -+ res = wpa_drv_get_ssid(wpa_s, ssid); -+ if (res < 0) { -+ wpa_msg(wpa_s, MSG_WARNING, "Could not read SSID from " -+ "driver"); -+ return NULL; -+ } -+ ssid_len = res; -+ -+ if (wpa_drv_get_bssid(wpa_s, bssid) < 0) { -+ wpa_msg(wpa_s, MSG_WARNING, "Could not read BSSID from " -+ "driver"); -+ return NULL; -+ } -+ -+ wired = wpa_s->conf->ap_scan == 0 && -+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_WIRED); -+ -+ entry = wpa_s->conf->ssid; -+ while (entry) { -+ if (!wpas_network_disabled(wpa_s, entry) && -+ ((ssid_len == entry->ssid_len && -+ os_memcmp(ssid, entry->ssid, ssid_len) == 0) || wired) && -+ (!entry->bssid_set || -+ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) -+ return entry; -+#ifdef CONFIG_WPS -+ if (!wpas_network_disabled(wpa_s, entry) && -+ (entry->key_mgmt & WPA_KEY_MGMT_WPS) && -+ (entry->ssid == NULL || entry->ssid_len == 0) && -+ (!entry->bssid_set || -+ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0)) -+ return entry; -+#endif /* CONFIG_WPS */ -+ -+ if (!wpas_network_disabled(wpa_s, entry) && entry->bssid_set && -+ entry->ssid_len == 0 && -+ os_memcmp(bssid, entry->bssid, ETH_ALEN) == 0) -+ return entry; -+ -+ entry = entry->next; -+ } -+ -+ return NULL; -+} -+ -+ -+static int select_driver(struct wpa_supplicant *wpa_s, int i) -+{ -+ struct wpa_global *global = wpa_s->global; -+ -+ if (wpa_drivers[i]->global_init && global->drv_priv[i] == NULL) { -+ global->drv_priv[i] = wpa_drivers[i]->global_init(); -+ if (global->drv_priv[i] == NULL) { -+ wpa_printf(MSG_ERROR, "Failed to initialize driver " -+ "'%s'", wpa_drivers[i]->name); -+ return -1; -+ } -+ } -+ -+ wpa_s->driver = wpa_drivers[i]; -+ wpa_s->global_drv_priv = global->drv_priv[i]; -+ -+ return 0; -+} -+ -+ -+static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s, -+ const char *name) -+{ -+ int i; -+ size_t len; -+ const char *pos, *driver = name; -+ -+ if (wpa_s == NULL) -+ return -1; -+ -+ if (wpa_drivers[0] == NULL) { -+ wpa_msg(wpa_s, MSG_ERROR, "No driver interfaces build into " -+ "wpa_supplicant"); -+ return -1; -+ } -+ -+ if (name == NULL) { -+ /* default to first driver in the list */ -+ return select_driver(wpa_s, 0); -+ } -+ -+ do { -+ pos = os_strchr(driver, ','); -+ if (pos) -+ len = pos - driver; -+ else -+ len = os_strlen(driver); -+ -+ for (i = 0; wpa_drivers[i]; i++) { -+ if (os_strlen(wpa_drivers[i]->name) == len && -+ os_strncmp(driver, wpa_drivers[i]->name, len) == -+ 0) { -+ /* First driver that succeeds wins */ -+ if (select_driver(wpa_s, i) == 0) -+ return 0; -+ } -+ } -+ -+ driver = pos + 1; -+ } while (pos); -+ -+ wpa_msg(wpa_s, MSG_ERROR, "Unsupported driver '%s'", name); -+ return -1; -+} -+ -+ -+/** -+ * wpa_supplicant_rx_eapol - Deliver a received EAPOL frame to wpa_supplicant -+ * @ctx: Context pointer (wpa_s); this is the ctx variable registered -+ * with struct wpa_driver_ops::init() -+ * @src_addr: Source address of the EAPOL frame -+ * @buf: EAPOL data starting from the EAPOL header (i.e., no Ethernet header) -+ * @len: Length of the EAPOL data -+ * -+ * This function is called for each received EAPOL frame. Most driver -+ * interfaces rely on more generic OS mechanism for receiving frames through -+ * l2_packet, but if such a mechanism is not available, the driver wrapper may -+ * take care of received EAPOL frames and deliver them to the core supplicant -+ * code by calling this function. -+ */ -+void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr, -+ const u8 *buf, size_t len) -+{ -+ struct wpa_supplicant *wpa_s = ctx; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr)); -+ wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len); -+ -+ if (wpa_s->wpa_state < WPA_ASSOCIATED || -+ (wpa_s->last_eapol_matches_bssid && -+#ifdef CONFIG_AP -+ !wpa_s->ap_iface && -+#endif /* CONFIG_AP */ -+ os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) != 0)) { -+ /* -+ * There is possible race condition between receiving the -+ * association event and the EAPOL frame since they are coming -+ * through different paths from the driver. In order to avoid -+ * issues in trying to process the EAPOL frame before receiving -+ * association information, lets queue it for processing until -+ * the association event is received. This may also be needed in -+ * driver-based roaming case, so also use src_addr != BSSID as a -+ * trigger if we have previously confirmed that the -+ * Authenticator uses BSSID as the src_addr (which is not the -+ * case with wired IEEE 802.1X). -+ */ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Not associated - Delay processing " -+ "of received EAPOL frame (state=%s bssid=" MACSTR ")", -+ wpa_supplicant_state_txt(wpa_s->wpa_state), -+ MAC2STR(wpa_s->bssid)); -+ wpabuf_free(wpa_s->pending_eapol_rx); -+ wpa_s->pending_eapol_rx = wpabuf_alloc_copy(buf, len); -+ if (wpa_s->pending_eapol_rx) { -+ os_get_time(&wpa_s->pending_eapol_rx_time); -+ os_memcpy(wpa_s->pending_eapol_rx_src, src_addr, -+ ETH_ALEN); -+ } -+ return; -+ } -+ -+ wpa_s->last_eapol_matches_bssid = -+ os_memcmp(src_addr, wpa_s->bssid, ETH_ALEN) == 0; -+ -+#ifdef CONFIG_AP -+ if (wpa_s->ap_iface) { -+ wpa_supplicant_ap_rx_eapol(wpa_s, src_addr, buf, len); -+ return; -+ } -+#endif /* CONFIG_AP */ -+ -+ if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Ignored received EAPOL frame since " -+ "no key management is configured"); -+ return; -+ } -+ -+ if (wpa_s->eapol_received == 0 && -+ (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE) || -+ !wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) || -+ wpa_s->wpa_state != WPA_COMPLETED) && -+ (wpa_s->current_ssid == NULL || -+ wpa_s->current_ssid->mode != IEEE80211_MODE_IBSS)) { -+ /* Timeout for completing IEEE 802.1X and WPA authentication */ -+ wpa_supplicant_req_auth_timeout( -+ wpa_s, -+ (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) || -+ wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA || -+ wpa_s->key_mgmt == WPA_KEY_MGMT_WPS) ? -+ 70 : 10, 0); -+ } -+ wpa_s->eapol_received++; -+ -+ if (wpa_s->countermeasures) { -+ wpa_msg(wpa_s, MSG_INFO, "WPA: Countermeasures - dropped " -+ "EAPOL packet"); -+ return; -+ } -+ -+#ifdef CONFIG_IBSS_RSN -+ if (wpa_s->current_ssid && -+ wpa_s->current_ssid->mode == WPAS_MODE_IBSS) { -+ ibss_rsn_rx_eapol(wpa_s->ibss_rsn, src_addr, buf, len); -+ return; -+ } -+#endif /* CONFIG_IBSS_RSN */ -+ -+ /* Source address of the incoming EAPOL frame could be compared to the -+ * current BSSID. However, it is possible that a centralized -+ * Authenticator could be using another MAC address than the BSSID of -+ * an AP, so just allow any address to be used for now. The replies are -+ * still sent to the current BSSID (if available), though. */ -+ -+ os_memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN); -+ if (!wpa_key_mgmt_wpa_psk(wpa_s->key_mgmt) && -+ eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0) -+ return; -+ wpa_drv_poll(wpa_s); -+ if (!(wpa_s->drv_flags & WPA_DRIVER_FLAGS_4WAY_HANDSHAKE)) -+ wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len); -+ else if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt)) { -+ /* -+ * Set portValid = TRUE here since we are going to skip 4-way -+ * handshake processing which would normally set portValid. We -+ * need this to allow the EAPOL state machines to be completed -+ * without going through EAPOL-Key handshake. -+ */ -+ eapol_sm_notify_portValid(wpa_s->eapol, TRUE); -+ } -+} -+ -+ -+int wpa_supplicant_update_mac_addr(struct wpa_supplicant *wpa_s) -+{ -+ if (wpa_s->driver->send_eapol) { -+ const u8 *addr = wpa_drv_get_mac_addr(wpa_s); -+ if (addr) -+ os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); -+ } else if (!(wpa_s->drv_flags & -+ WPA_DRIVER_FLAGS_P2P_DEDICATED_INTERFACE)) { -+ l2_packet_deinit(wpa_s->l2); -+ wpa_s->l2 = l2_packet_init(wpa_s->ifname, -+ wpa_drv_get_mac_addr(wpa_s), -+ ETH_P_EAPOL, -+ wpa_supplicant_rx_eapol, wpa_s, 0); -+ if (wpa_s->l2 == NULL) -+ return -1; -+ } else { -+ const u8 *addr = wpa_drv_get_mac_addr(wpa_s); -+ if (addr) -+ os_memcpy(wpa_s->own_addr, addr, ETH_ALEN); -+ } -+ -+ if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) { -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to get own L2 address"); -+ return -1; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Own MAC address: " MACSTR, -+ MAC2STR(wpa_s->own_addr)); -+ wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr); -+ -+ return 0; -+} -+ -+ -+static void wpa_supplicant_rx_eapol_bridge(void *ctx, const u8 *src_addr, -+ const u8 *buf, size_t len) -+{ -+ struct wpa_supplicant *wpa_s = ctx; -+ const struct l2_ethhdr *eth; -+ -+ if (len < sizeof(*eth)) -+ return; -+ eth = (const struct l2_ethhdr *) buf; -+ -+ if (os_memcmp(eth->h_dest, wpa_s->own_addr, ETH_ALEN) != 0 && -+ !(eth->h_dest[0] & 0x01)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR -+ " (bridge - not for this interface - ignore)", -+ MAC2STR(src_addr), MAC2STR(eth->h_dest)); -+ return; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "RX EAPOL from " MACSTR " to " MACSTR -+ " (bridge)", MAC2STR(src_addr), MAC2STR(eth->h_dest)); -+ wpa_supplicant_rx_eapol(wpa_s, src_addr, buf + sizeof(*eth), -+ len - sizeof(*eth)); -+} -+ -+ -+/** -+ * wpa_supplicant_driver_init - Initialize driver interface parameters -+ * @wpa_s: Pointer to wpa_supplicant data -+ * Returns: 0 on success, -1 on failure -+ * -+ * This function is called to initialize driver interface parameters. -+ * wpa_drv_init() must have been called before this function to initialize the -+ * driver interface. -+ */ -+int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s) -+{ -+ static int interface_count = 0; -+ -+ if (wpa_supplicant_update_mac_addr(wpa_s) < 0) -+ return -1; -+ -+ if (wpa_s->bridge_ifname[0]) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Receiving packets from bridge " -+ "interface '%s'", wpa_s->bridge_ifname); -+ wpa_s->l2_br = l2_packet_init(wpa_s->bridge_ifname, -+ wpa_s->own_addr, -+ ETH_P_EAPOL, -+ wpa_supplicant_rx_eapol_bridge, -+ wpa_s, 1); -+ if (wpa_s->l2_br == NULL) { -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to open l2_packet " -+ "connection for the bridge interface '%s'", -+ wpa_s->bridge_ifname); -+ return -1; -+ } -+ } -+ -+ wpa_clear_keys(wpa_s, NULL); -+ -+ /* Make sure that TKIP countermeasures are not left enabled (could -+ * happen if wpa_supplicant is killed during countermeasures. */ -+ wpa_drv_set_countermeasures(wpa_s, 0); -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "RSN: flushing PMKID list in the driver"); -+ wpa_drv_flush_pmkid(wpa_s); -+ -+ wpa_s->prev_scan_ssid = WILDCARD_SSID_SCAN; -+ wpa_s->prev_scan_wildcard = 0; -+ -+ if (wpa_supplicant_enabled_networks(wpa_s)) { -+ if (wpa_supplicant_delayed_sched_scan(wpa_s, interface_count, -+ 100000)) -+ wpa_supplicant_req_scan(wpa_s, interface_count, -+ 100000); -+ interface_count++; -+ } else -+ wpa_supplicant_set_state(wpa_s, WPA_INACTIVE); -+ -+ return 0; -+} -+ -+ -+static int wpa_supplicant_daemon(const char *pid_file) -+{ -+ wpa_printf(MSG_DEBUG, "Daemonize.."); -+ return os_daemonize(pid_file); -+} -+ -+ -+static struct wpa_supplicant * wpa_supplicant_alloc(void) -+{ -+ struct wpa_supplicant *wpa_s; -+ -+ wpa_s = os_zalloc(sizeof(*wpa_s)); -+ if (wpa_s == NULL) -+ return NULL; -+ wpa_s->scan_req = INITIAL_SCAN_REQ; -+ wpa_s->scan_interval = 5; -+ wpa_s->new_connection = 1; -+ wpa_s->parent = wpa_s; -+ wpa_s->sched_scanning = 0; -+ -+ return wpa_s; -+} -+ -+ -+#ifdef CONFIG_HT_OVERRIDES -+ -+static int wpa_set_htcap_mcs(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ const char *ht_mcs) -+{ -+ /* parse ht_mcs into hex array */ -+ int i; -+ const char *tmp = ht_mcs; -+ char *end = NULL; -+ -+ /* If ht_mcs is null, do not set anything */ -+ if (!ht_mcs) -+ return 0; -+ -+ /* This is what we are setting in the kernel */ -+ os_memset(&htcaps->supported_mcs_set, 0, IEEE80211_HT_MCS_MASK_LEN); -+ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_htcap, ht_mcs -:%s:-", ht_mcs); -+ -+ for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { -+ errno = 0; -+ long v = strtol(tmp, &end, 16); -+ if (errno == 0) { -+ wpa_msg(wpa_s, MSG_DEBUG, -+ "htcap value[%i]: %ld end: %p tmp: %p", -+ i, v, end, tmp); -+ if (end == tmp) -+ break; -+ -+ htcaps->supported_mcs_set[i] = v; -+ tmp = end; -+ } else { -+ wpa_msg(wpa_s, MSG_ERROR, -+ "Failed to parse ht-mcs: %s, error: %s\n", -+ ht_mcs, strerror(errno)); -+ return -1; -+ } -+ } -+ -+ /* -+ * If we were able to parse any values, then set mask for the MCS set. -+ */ -+ if (i) { -+ os_memset(&htcaps_mask->supported_mcs_set, 0xff, -+ IEEE80211_HT_MCS_MASK_LEN - 1); -+ /* skip the 3 reserved bits */ -+ htcaps_mask->supported_mcs_set[IEEE80211_HT_MCS_MASK_LEN - 1] = -+ 0x1f; -+ } -+ -+ return 0; -+} -+ -+ -+static int wpa_disable_max_amsdu(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int disabled) -+{ -+ u16 msk; -+ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_max_amsdu: %d", disabled); -+ -+ if (disabled == -1) -+ return 0; -+ -+ msk = host_to_le16(HT_CAP_INFO_MAX_AMSDU_SIZE); -+ htcaps_mask->ht_capabilities_info |= msk; -+ if (disabled) -+ htcaps->ht_capabilities_info &= msk; -+ else -+ htcaps->ht_capabilities_info |= msk; -+ -+ return 0; -+} -+ -+ -+static int wpa_set_ampdu_factor(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int factor) -+{ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_factor: %d", factor); -+ -+ if (factor == -1) -+ return 0; -+ -+ if (factor < 0 || factor > 3) { -+ wpa_msg(wpa_s, MSG_ERROR, "ampdu_factor: %d out of range. " -+ "Must be 0-3 or -1", factor); -+ return -EINVAL; -+ } -+ -+ htcaps_mask->a_mpdu_params |= 0x3; /* 2 bits for factor */ -+ htcaps->a_mpdu_params &= ~0x3; -+ htcaps->a_mpdu_params |= factor & 0x3; -+ -+ return 0; -+} -+ -+ -+static int wpa_set_ampdu_density(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int density) -+{ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_ampdu_density: %d", density); -+ -+ if (density == -1) -+ return 0; -+ -+ if (density < 0 || density > 7) { -+ wpa_msg(wpa_s, MSG_ERROR, -+ "ampdu_density: %d out of range. Must be 0-7 or -1.", -+ density); -+ return -EINVAL; -+ } -+ -+ htcaps_mask->a_mpdu_params |= 0x1C; -+ htcaps->a_mpdu_params &= ~(0x1C); -+ htcaps->a_mpdu_params |= (density << 2) & 0x1C; -+ -+ return 0; -+} -+ -+ -+static int wpa_set_disable_ht40(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int disabled) -+{ -+ /* Masking these out disables HT40 */ -+ u16 msk = host_to_le16(HT_CAP_INFO_SUPP_CHANNEL_WIDTH_SET | -+ HT_CAP_INFO_SHORT_GI40MHZ); -+ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_ht40: %d", disabled); -+ -+ if (disabled) -+ htcaps->ht_capabilities_info &= ~msk; -+ else -+ htcaps->ht_capabilities_info |= msk; -+ -+ htcaps_mask->ht_capabilities_info |= msk; -+ -+ return 0; -+} -+ -+ -+static int wpa_set_disable_sgi(struct wpa_supplicant *wpa_s, -+ struct ieee80211_ht_capabilities *htcaps, -+ struct ieee80211_ht_capabilities *htcaps_mask, -+ int disabled) -+{ -+ /* Masking these out disables SGI */ -+ u16 msk = host_to_le16(HT_CAP_INFO_SHORT_GI20MHZ | -+ HT_CAP_INFO_SHORT_GI40MHZ); -+ -+ wpa_msg(wpa_s, MSG_DEBUG, "set_disable_sgi: %d", disabled); -+ -+ if (disabled) -+ htcaps->ht_capabilities_info &= ~msk; -+ else -+ htcaps->ht_capabilities_info |= msk; -+ -+ htcaps_mask->ht_capabilities_info |= msk; -+ -+ return 0; -+} -+ -+ -+void wpa_supplicant_apply_ht_overrides( -+ struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid, -+ struct wpa_driver_associate_params *params) -+{ -+ struct ieee80211_ht_capabilities *htcaps; -+ struct ieee80211_ht_capabilities *htcaps_mask; -+ -+ if (!ssid) -+ return; -+ -+ params->disable_ht = ssid->disable_ht; -+ if (!params->htcaps || !params->htcaps_mask) -+ return; -+ -+ htcaps = (struct ieee80211_ht_capabilities *) params->htcaps; -+ htcaps_mask = (struct ieee80211_ht_capabilities *) params->htcaps_mask; -+ wpa_set_htcap_mcs(wpa_s, htcaps, htcaps_mask, ssid->ht_mcs); -+ wpa_disable_max_amsdu(wpa_s, htcaps, htcaps_mask, -+ ssid->disable_max_amsdu); -+ wpa_set_ampdu_factor(wpa_s, htcaps, htcaps_mask, ssid->ampdu_factor); -+ wpa_set_ampdu_density(wpa_s, htcaps, htcaps_mask, ssid->ampdu_density); -+ wpa_set_disable_ht40(wpa_s, htcaps, htcaps_mask, ssid->disable_ht40); -+ wpa_set_disable_sgi(wpa_s, htcaps, htcaps_mask, ssid->disable_sgi); -+} -+ -+#endif /* CONFIG_HT_OVERRIDES */ -+ -+ -+static int pcsc_reader_init(struct wpa_supplicant *wpa_s) -+{ -+#ifdef PCSC_FUNCS -+ size_t len; -+ -+ if (!wpa_s->conf->pcsc_reader) -+ return 0; -+ -+ wpa_s->scard = scard_init(SCARD_TRY_BOTH, wpa_s->conf->pcsc_reader); -+ if (!wpa_s->scard) -+ return 1; -+ -+ if (wpa_s->conf->pcsc_pin && -+ scard_set_pin(wpa_s->scard, wpa_s->conf->pcsc_pin) < 0) { -+ scard_deinit(wpa_s->scard); -+ wpa_s->scard = NULL; -+ wpa_msg(wpa_s, MSG_ERROR, "PC/SC PIN validation failed"); -+ return -1; -+ } -+ -+ len = sizeof(wpa_s->imsi) - 1; -+ if (scard_get_imsi(wpa_s->scard, wpa_s->imsi, &len)) { -+ scard_deinit(wpa_s->scard); -+ wpa_s->scard = NULL; -+ wpa_msg(wpa_s, MSG_ERROR, "Could not read IMSI"); -+ return -1; -+ } -+ wpa_s->imsi[len] = '\0'; -+ -+ wpa_s->mnc_len = scard_get_mnc_len(wpa_s->scard); -+ -+ wpa_printf(MSG_DEBUG, "SCARD: IMSI %s (MNC length %d)", -+ wpa_s->imsi, wpa_s->mnc_len); -+ -+ wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard); -+ eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); -+#endif /* PCSC_FUNCS */ -+ -+ return 0; -+} -+ -+ -+int wpas_init_ext_pw(struct wpa_supplicant *wpa_s) -+{ -+ char *val, *pos; -+ -+ ext_password_deinit(wpa_s->ext_pw); -+ wpa_s->ext_pw = NULL; -+ eapol_sm_set_ext_pw_ctx(wpa_s->eapol, NULL); -+ -+ if (!wpa_s->conf->ext_password_backend) -+ return 0; -+ -+ val = os_strdup(wpa_s->conf->ext_password_backend); -+ if (val == NULL) -+ return -1; -+ pos = os_strchr(val, ':'); -+ if (pos) -+ *pos++ = '\0'; -+ -+ wpa_printf(MSG_DEBUG, "EXT PW: Initialize backend '%s'", val); -+ -+ wpa_s->ext_pw = ext_password_init(val, pos); -+ os_free(val); -+ if (wpa_s->ext_pw == NULL) { -+ wpa_printf(MSG_DEBUG, "EXT PW: Failed to initialize backend"); -+ return -1; -+ } -+ eapol_sm_set_ext_pw_ctx(wpa_s->eapol, wpa_s->ext_pw); -+ -+ return 0; -+} -+ -+ -+static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s, -+ struct wpa_interface *iface) -+{ -+ const char *ifname, *driver; -+ struct wpa_driver_capa capa; -+ -+ wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver " -+ "'%s' ctrl_interface '%s' bridge '%s'", iface->ifname, -+ iface->confname ? iface->confname : "N/A", -+ iface->driver ? iface->driver : "default", -+ iface->ctrl_interface ? iface->ctrl_interface : "N/A", -+ iface->bridge_ifname ? iface->bridge_ifname : "N/A"); -+ -+ if (iface->confname) { -+#ifdef CONFIG_BACKEND_FILE -+ wpa_s->confname = os_rel2abs_path(iface->confname); -+ if (wpa_s->confname == NULL) { -+ wpa_printf(MSG_ERROR, "Failed to get absolute path " -+ "for configuration file '%s'.", -+ iface->confname); -+ return -1; -+ } -+ wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'", -+ iface->confname, wpa_s->confname); -+#else /* CONFIG_BACKEND_FILE */ -+ wpa_s->confname = os_strdup(iface->confname); -+#endif /* CONFIG_BACKEND_FILE */ -+ wpa_s->conf = wpa_config_read(wpa_s->confname); -+ if (wpa_s->conf == NULL) { -+ wpa_printf(MSG_ERROR, "Failed to read or parse " -+ "configuration '%s'.", wpa_s->confname); -+ return -1; -+ } -+ -+ /* -+ * Override ctrl_interface and driver_param if set on command -+ * line. -+ */ -+ if (iface->ctrl_interface) { -+ os_free(wpa_s->conf->ctrl_interface); -+ wpa_s->conf->ctrl_interface = -+ os_strdup(iface->ctrl_interface); -+ } -+ -+ if (iface->driver_param) { -+ os_free(wpa_s->conf->driver_param); -+ wpa_s->conf->driver_param = -+ os_strdup(iface->driver_param); -+ } -+ } else -+ wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface, -+ iface->driver_param); -+ -+ if (wpa_s->conf == NULL) { -+ wpa_printf(MSG_ERROR, "\nNo configuration found."); -+ return -1; -+ } -+ -+ if (iface->ifname == NULL) { -+ wpa_printf(MSG_ERROR, "\nInterface name is required."); -+ return -1; -+ } -+ if (os_strlen(iface->ifname) >= sizeof(wpa_s->ifname)) { -+ wpa_printf(MSG_ERROR, "\nToo long interface name '%s'.", -+ iface->ifname); -+ return -1; -+ } -+ os_strlcpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname)); -+ -+ if (iface->bridge_ifname) { -+ if (os_strlen(iface->bridge_ifname) >= -+ sizeof(wpa_s->bridge_ifname)) { -+ wpa_printf(MSG_ERROR, "\nToo long bridge interface " -+ "name '%s'.", iface->bridge_ifname); -+ return -1; -+ } -+ os_strlcpy(wpa_s->bridge_ifname, iface->bridge_ifname, -+ sizeof(wpa_s->bridge_ifname)); -+ } -+ -+ /* RSNA Supplicant Key Management - INITIALIZE */ -+ eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE); -+ eapol_sm_notify_portValid(wpa_s->eapol, FALSE); -+ -+ /* Initialize driver interface and register driver event handler before -+ * L2 receive handler so that association events are processed before -+ * EAPOL-Key packets if both become available for the same select() -+ * call. */ -+ driver = iface->driver; -+next_driver: -+ if (wpa_supplicant_set_driver(wpa_s, driver) < 0) -+ return -1; -+ -+ wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname); -+ if (wpa_s->drv_priv == NULL) { -+ const char *pos; -+ pos = driver ? os_strchr(driver, ',') : NULL; -+ if (pos) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to initialize " -+ "driver interface - try next driver wrapper"); -+ driver = pos + 1; -+ goto next_driver; -+ } -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to initialize driver " -+ "interface"); -+ return -1; -+ } -+ if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) { -+ wpa_msg(wpa_s, MSG_ERROR, "Driver interface rejected " -+ "driver_param '%s'", wpa_s->conf->driver_param); -+ return -1; -+ } -+ -+ ifname = wpa_drv_get_ifname(wpa_s); -+ if (ifname && os_strcmp(ifname, wpa_s->ifname) != 0) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Driver interface replaced " -+ "interface name with '%s'", ifname); -+ os_strlcpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname)); -+ } -+ -+ if (wpa_supplicant_init_wpa(wpa_s) < 0) -+ return -1; -+ -+ wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname, -+ wpa_s->bridge_ifname[0] ? wpa_s->bridge_ifname : -+ NULL); -+ wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth); -+ -+ if (wpa_s->conf->dot11RSNAConfigPMKLifetime && -+ wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME, -+ wpa_s->conf->dot11RSNAConfigPMKLifetime)) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " -+ "dot11RSNAConfigPMKLifetime"); -+ return -1; -+ } -+ -+ if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold && -+ wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD, -+ wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " -+ "dot11RSNAConfigPMKReauthThreshold"); -+ return -1; -+ } -+ -+ if (wpa_s->conf->dot11RSNAConfigSATimeout && -+ wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT, -+ wpa_s->conf->dot11RSNAConfigSATimeout)) { -+ wpa_msg(wpa_s, MSG_ERROR, "Invalid WPA parameter value for " -+ "dot11RSNAConfigSATimeout"); -+ return -1; -+ } -+ -+ wpa_s->hw.modes = wpa_drv_get_hw_feature_data(wpa_s, -+ &wpa_s->hw.num_modes, -+ &wpa_s->hw.flags); -+ -+ if (wpa_drv_get_capa(wpa_s, &capa) == 0) { -+ wpa_s->drv_capa_known = 1; -+ wpa_s->drv_flags = capa.flags; -+ wpa_s->drv_enc = capa.enc; -+ wpa_s->probe_resp_offloads = capa.probe_resp_offloads; -+ wpa_s->max_scan_ssids = capa.max_scan_ssids; -+ wpa_s->max_sched_scan_ssids = capa.max_sched_scan_ssids; -+ wpa_s->sched_scan_supported = capa.sched_scan_supported; -+ wpa_s->max_match_sets = capa.max_match_sets; -+ wpa_s->max_remain_on_chan = capa.max_remain_on_chan; -+ wpa_s->max_stations = capa.max_stations; -+ } -+ if (wpa_s->max_remain_on_chan == 0) -+ wpa_s->max_remain_on_chan = 1000; -+ -+ if (wpa_supplicant_driver_init(wpa_s) < 0) -+ return -1; -+ -+#ifdef CONFIG_TDLS -+ if (wpa_tdls_init(wpa_s->wpa)) -+ return -1; -+#endif /* CONFIG_TDLS */ -+ -+ if (wpa_s->conf->country[0] && wpa_s->conf->country[1] && -+ wpa_drv_set_country(wpa_s, wpa_s->conf->country)) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Failed to set country"); -+ return -1; -+ } -+ -+ if (wpas_wps_init(wpa_s)) -+ return -1; -+ -+ if (wpa_supplicant_init_eapol(wpa_s) < 0) -+ return -1; -+ wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol); -+ -+ wpa_s->ctrl_iface = wpa_supplicant_ctrl_iface_init(wpa_s); -+ if (wpa_s->ctrl_iface == NULL) { -+ wpa_printf(MSG_ERROR, -+ "Failed to initialize control interface '%s'.\n" -+ "You may have another wpa_supplicant process " -+ "already running or the file was\n" -+ "left by an unclean termination of wpa_supplicant " -+ "in which case you will need\n" -+ "to manually remove this file before starting " -+ "wpa_supplicant again.\n", -+ wpa_s->conf->ctrl_interface); -+ return -1; -+ } -+ -+ wpa_s->gas = gas_query_init(wpa_s); -+ if (wpa_s->gas == NULL) { -+ wpa_printf(MSG_ERROR, "Failed to initialize GAS query"); -+ return -1; -+ } -+ -+#ifdef CONFIG_P2P -+ if (wpas_p2p_init(wpa_s->global, wpa_s) < 0) { -+ wpa_msg(wpa_s, MSG_ERROR, "Failed to init P2P"); -+ return -1; -+ } -+#endif /* CONFIG_P2P */ -+ -+ if (wpa_bss_init(wpa_s) < 0) -+ return -1; -+ -+ if (pcsc_reader_init(wpa_s) < 0) -+ return -1; -+ -+ if (wpas_init_ext_pw(wpa_s) < 0) -+ return -1; -+ -+ return 0; -+} -+ -+ -+static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s, -+ int notify, int terminate) -+{ -+ if (wpa_s->drv_priv) { -+ wpa_supplicant_deauthenticate(wpa_s, -+ WLAN_REASON_DEAUTH_LEAVING); -+ -+ wpa_drv_set_countermeasures(wpa_s, 0); -+ wpa_clear_keys(wpa_s, NULL); -+ } -+ -+ wpa_supplicant_cleanup(wpa_s); -+ -+#ifdef CONFIG_P2P -+ if (wpa_s == wpa_s->global->p2p_init_wpa_s && wpa_s->global->p2p) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Disable P2P since removing " -+ "the management interface is being removed"); -+ wpas_p2p_deinit_global(wpa_s->global); -+ } -+#endif /* CONFIG_P2P */ -+ -+ if (wpa_s->drv_priv) -+ wpa_drv_deinit(wpa_s); -+ -+ if (notify) -+ wpas_notify_iface_removed(wpa_s); -+ -+ if (terminate) -+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING); -+ -+ if (wpa_s->ctrl_iface) { -+ wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); -+ wpa_s->ctrl_iface = NULL; -+ } -+ -+ if (wpa_s->conf != NULL) { -+ wpa_config_free(wpa_s->conf); -+ wpa_s->conf = NULL; -+ } -+} -+ -+ -+/** -+ * wpa_supplicant_add_iface - Add a new network interface -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * @iface: Interface configuration options -+ * Returns: Pointer to the created interface or %NULL on failure -+ * -+ * This function is used to add new network interfaces for %wpa_supplicant. -+ * This can be called before wpa_supplicant_run() to add interfaces before the -+ * main event loop has been started. In addition, new interfaces can be added -+ * dynamically while %wpa_supplicant is already running. This could happen, -+ * e.g., when a hotplug network adapter is inserted. -+ */ -+struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global, -+ struct wpa_interface *iface) -+{ -+ struct wpa_supplicant *wpa_s; -+ struct wpa_interface t_iface; -+ struct wpa_ssid *ssid; -+ -+ if (global == NULL || iface == NULL) -+ return NULL; -+ -+ wpa_s = wpa_supplicant_alloc(); -+ if (wpa_s == NULL) -+ return NULL; -+ -+ wpa_s->global = global; -+ -+ t_iface = *iface; -+ if (global->params.override_driver) { -+ wpa_printf(MSG_DEBUG, "Override interface parameter: driver " -+ "('%s' -> '%s')", -+ iface->driver, global->params.override_driver); -+ t_iface.driver = global->params.override_driver; -+ } -+ if (global->params.override_ctrl_interface) { -+ wpa_printf(MSG_DEBUG, "Override interface parameter: " -+ "ctrl_interface ('%s' -> '%s')", -+ iface->ctrl_interface, -+ global->params.override_ctrl_interface); -+ t_iface.ctrl_interface = -+ global->params.override_ctrl_interface; -+ } -+ if (wpa_supplicant_init_iface(wpa_s, &t_iface)) { -+ wpa_printf(MSG_DEBUG, "Failed to add interface %s", -+ iface->ifname); -+ wpa_supplicant_deinit_iface(wpa_s, 0, 0); -+ os_free(wpa_s); -+ return NULL; -+ } -+ -+ /* Notify the control interfaces about new iface */ -+ if (wpas_notify_iface_added(wpa_s)) { -+ wpa_supplicant_deinit_iface(wpa_s, 1, 0); -+ os_free(wpa_s); -+ return NULL; -+ } -+ -+ for (ssid = wpa_s->conf->ssid; ssid; ssid = ssid->next) -+ wpas_notify_network_added(wpa_s, ssid); -+ -+ wpa_s->next = global->ifaces; -+ global->ifaces = wpa_s; -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Added interface %s", wpa_s->ifname); -+ wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED); -+ -+ return wpa_s; -+} -+ -+ -+/** -+ * wpa_supplicant_remove_iface - Remove a network interface -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * @wpa_s: Pointer to the network interface to be removed -+ * Returns: 0 if interface was removed, -1 if interface was not found -+ * -+ * This function can be used to dynamically remove network interfaces from -+ * %wpa_supplicant, e.g., when a hotplug network adapter is ejected. In -+ * addition, this function is used to remove all remaining interfaces when -+ * %wpa_supplicant is terminated. -+ */ -+int wpa_supplicant_remove_iface(struct wpa_global *global, -+ struct wpa_supplicant *wpa_s, -+ int terminate) -+{ -+ struct wpa_supplicant *prev; -+ -+ /* Remove interface from the global list of interfaces */ -+ prev = global->ifaces; -+ if (prev == wpa_s) { -+ global->ifaces = wpa_s->next; -+ } else { -+ while (prev && prev->next != wpa_s) -+ prev = prev->next; -+ if (prev == NULL) -+ return -1; -+ prev->next = wpa_s->next; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Removing interface %s", wpa_s->ifname); -+ -+ if (global->p2p_group_formation == wpa_s) -+ global->p2p_group_formation = NULL; -+ wpa_supplicant_deinit_iface(wpa_s, 1, terminate); -+ os_free(wpa_s); -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_get_eap_mode - Get the current EAP mode -+ * @wpa_s: Pointer to the network interface -+ * Returns: Pointer to the eap mode or the string "UNKNOWN" if not found -+ */ -+const char * wpa_supplicant_get_eap_mode(struct wpa_supplicant *wpa_s) -+{ -+ const char *eapol_method; -+ -+ if (wpa_key_mgmt_wpa_ieee8021x(wpa_s->key_mgmt) == 0 && -+ wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA) { -+ return "NO-EAP"; -+ } -+ -+ eapol_method = eapol_sm_get_method_name(wpa_s->eapol); -+ if (eapol_method == NULL) -+ return "UNKNOWN-EAP"; -+ -+ return eapol_method; -+} -+ -+ -+/** -+ * wpa_supplicant_get_iface - Get a new network interface -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * @ifname: Interface name -+ * Returns: Pointer to the interface or %NULL if not found -+ */ -+struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global, -+ const char *ifname) -+{ -+ struct wpa_supplicant *wpa_s; -+ -+ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) { -+ if (os_strcmp(wpa_s->ifname, ifname) == 0) -+ return wpa_s; -+ } -+ return NULL; -+} -+ -+ -+#ifndef CONFIG_NO_WPA_MSG -+static const char * wpa_supplicant_msg_ifname_cb(void *ctx) -+{ -+ struct wpa_supplicant *wpa_s = ctx; -+ if (wpa_s == NULL) -+ return NULL; -+ return wpa_s->ifname; -+} -+#endif /* CONFIG_NO_WPA_MSG */ -+ -+ -+/** -+ * wpa_supplicant_init - Initialize %wpa_supplicant -+ * @params: Parameters for %wpa_supplicant -+ * Returns: Pointer to global %wpa_supplicant data, or %NULL on failure -+ * -+ * This function is used to initialize %wpa_supplicant. After successful -+ * initialization, the returned data pointer can be used to add and remove -+ * network interfaces, and eventually, to deinitialize %wpa_supplicant. -+ */ -+struct wpa_global * wpa_supplicant_init(struct wpa_params *params) -+{ -+ struct wpa_global *global; -+ int ret, i; -+ -+ if (params == NULL) -+ return NULL; -+ -+#ifdef CONFIG_DRIVER_NDIS -+ { -+ void driver_ndis_init_ops(void); -+ driver_ndis_init_ops(); -+ } -+#endif /* CONFIG_DRIVER_NDIS */ -+ -+#ifndef CONFIG_NO_WPA_MSG -+ wpa_msg_register_ifname_cb(wpa_supplicant_msg_ifname_cb); -+#endif /* CONFIG_NO_WPA_MSG */ -+ -+ wpa_debug_open_file(params->wpa_debug_file_path); -+ if (params->wpa_debug_syslog) -+ wpa_debug_open_syslog(); -+ if (params->wpa_debug_tracing) { -+ ret = wpa_debug_open_linux_tracing(); -+ if (ret) { -+ wpa_printf(MSG_ERROR, -+ "Failed to enable trace logging"); -+ return NULL; -+ } -+ } -+ -+ ret = eap_register_methods(); -+ if (ret) { -+ wpa_printf(MSG_ERROR, "Failed to register EAP methods"); -+ if (ret == -2) -+ wpa_printf(MSG_ERROR, "Two or more EAP methods used " -+ "the same EAP type."); -+ return NULL; -+ } -+ -+ global = os_zalloc(sizeof(*global)); -+ if (global == NULL) -+ return NULL; -+ dl_list_init(&global->p2p_srv_bonjour); -+ dl_list_init(&global->p2p_srv_upnp); -+ global->params.daemonize = params->daemonize; -+ global->params.wait_for_monitor = params->wait_for_monitor; -+ global->params.dbus_ctrl_interface = params->dbus_ctrl_interface; -+ if (params->pid_file) -+ global->params.pid_file = os_strdup(params->pid_file); -+ if (params->ctrl_interface) -+ global->params.ctrl_interface = -+ os_strdup(params->ctrl_interface); -+ if (params->override_driver) -+ global->params.override_driver = -+ os_strdup(params->override_driver); -+ if (params->override_ctrl_interface) -+ global->params.override_ctrl_interface = -+ os_strdup(params->override_ctrl_interface); -+ wpa_debug_level = global->params.wpa_debug_level = -+ params->wpa_debug_level; -+ wpa_debug_show_keys = global->params.wpa_debug_show_keys = -+ params->wpa_debug_show_keys; -+ wpa_debug_timestamp = global->params.wpa_debug_timestamp = -+ params->wpa_debug_timestamp; -+ -+ wpa_printf(MSG_DEBUG, "wpa_supplicant v" VERSION_STR); -+ -+ if (eloop_init()) { -+ wpa_printf(MSG_ERROR, "Failed to initialize event loop"); -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ -+ random_init(params->entropy_file); -+ -+ global->ctrl_iface = wpa_supplicant_global_ctrl_iface_init(global); -+ if (global->ctrl_iface == NULL) { -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ -+ if (wpas_notify_supplicant_initialized(global)) { -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ -+ for (i = 0; wpa_drivers[i]; i++) -+ global->drv_count++; -+ if (global->drv_count == 0) { -+ wpa_printf(MSG_ERROR, "No drivers enabled"); -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ global->drv_priv = os_zalloc(global->drv_count * sizeof(void *)); -+ if (global->drv_priv == NULL) { -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+ -+#ifdef CONFIG_WIFI_DISPLAY -+ if (wifi_display_init(global) < 0) { -+ wpa_printf(MSG_ERROR, "Failed to initialize Wi-Fi Display"); -+ wpa_supplicant_deinit(global); -+ return NULL; -+ } -+#endif /* CONFIG_WIFI_DISPLAY */ -+ -+ return global; -+} -+ -+ -+/** -+ * wpa_supplicant_run - Run the %wpa_supplicant main event loop -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * Returns: 0 after successful event loop run, -1 on failure -+ * -+ * This function starts the main event loop and continues running as long as -+ * there are any remaining events. In most cases, this function is running as -+ * long as the %wpa_supplicant process in still in use. -+ */ -+int wpa_supplicant_run(struct wpa_global *global) -+{ -+ struct wpa_supplicant *wpa_s; -+ -+ if (global->params.daemonize && -+ wpa_supplicant_daemon(global->params.pid_file)) -+ return -1; -+ -+ if (global->params.wait_for_monitor) { -+ for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) -+ if (wpa_s->ctrl_iface) -+ wpa_supplicant_ctrl_iface_wait( -+ wpa_s->ctrl_iface); -+ } -+ -+ eloop_register_signal_terminate(wpa_supplicant_terminate, global); -+ eloop_register_signal_reconfig(wpa_supplicant_reconfig, global); -+ -+ eloop_run(); -+ -+ return 0; -+} -+ -+ -+/** -+ * wpa_supplicant_deinit - Deinitialize %wpa_supplicant -+ * @global: Pointer to global data from wpa_supplicant_init() -+ * -+ * This function is called to deinitialize %wpa_supplicant and to free all -+ * allocated resources. Remaining network interfaces will also be removed. -+ */ -+void wpa_supplicant_deinit(struct wpa_global *global) -+{ -+ int i; -+ -+ if (global == NULL) -+ return; -+ -+#ifdef CONFIG_WIFI_DISPLAY -+ wifi_display_deinit(global); -+#endif /* CONFIG_WIFI_DISPLAY */ -+#ifdef CONFIG_P2P -+ wpas_p2p_deinit_global(global); -+#endif /* CONFIG_P2P */ -+ -+ while (global->ifaces) -+ wpa_supplicant_remove_iface(global, global->ifaces, 1); -+ -+ if (global->ctrl_iface) -+ wpa_supplicant_global_ctrl_iface_deinit(global->ctrl_iface); -+ -+ wpas_notify_supplicant_deinitialized(global); -+ -+ eap_peer_unregister_methods(); -+#ifdef CONFIG_AP -+ eap_server_unregister_methods(); -+#endif /* CONFIG_AP */ -+ -+ for (i = 0; wpa_drivers[i] && global->drv_priv; i++) { -+ if (!global->drv_priv[i]) -+ continue; -+ wpa_drivers[i]->global_deinit(global->drv_priv[i]); -+ } -+ os_free(global->drv_priv); -+ -+ random_deinit(); -+ -+ eloop_destroy(); -+ -+ if (global->params.pid_file) { -+ os_daemonize_terminate(global->params.pid_file); -+ os_free(global->params.pid_file); -+ } -+ os_free(global->params.ctrl_interface); -+ os_free(global->params.override_driver); -+ os_free(global->params.override_ctrl_interface); -+ -+ os_free(global->p2p_disallow_freq); -+ -+ os_free(global); -+ wpa_debug_close_syslog(); -+ wpa_debug_close_file(); -+ wpa_debug_close_linux_tracing(); -+} -+ -+ -+void wpa_supplicant_update_config(struct wpa_supplicant *wpa_s) -+{ -+ if ((wpa_s->conf->changed_parameters & CFG_CHANGED_COUNTRY) && -+ wpa_s->conf->country[0] && wpa_s->conf->country[1]) { -+ char country[3]; -+ country[0] = wpa_s->conf->country[0]; -+ country[1] = wpa_s->conf->country[1]; -+ country[2] = '\0'; -+ if (wpa_drv_set_country(wpa_s, country) < 0) { -+ wpa_printf(MSG_ERROR, "Failed to set country code " -+ "'%s'", country); -+ } -+ } -+ -+ if (wpa_s->conf->changed_parameters & CFG_CHANGED_EXT_PW_BACKEND) -+ wpas_init_ext_pw(wpa_s); -+ -+#ifdef CONFIG_WPS -+ wpas_wps_update_config(wpa_s); -+#endif /* CONFIG_WPS */ -+ -+#ifdef CONFIG_P2P -+ wpas_p2p_update_config(wpa_s); -+#endif /* CONFIG_P2P */ -+ -+ wpa_s->conf->changed_parameters = 0; -+} -+ -+ -+static void add_freq(int *freqs, int *num_freqs, int freq) -+{ -+ int i; -+ -+ for (i = 0; i < *num_freqs; i++) { -+ if (freqs[i] == freq) -+ return; -+ } -+ -+ freqs[*num_freqs] = freq; -+ (*num_freqs)++; -+} -+ -+ -+static int * get_bss_freqs_in_ess(struct wpa_supplicant *wpa_s) -+{ -+ struct wpa_bss *bss, *cbss; -+ const int max_freqs = 10; -+ int *freqs; -+ int num_freqs = 0; -+ -+ freqs = os_zalloc(sizeof(int) * (max_freqs + 1)); -+ if (freqs == NULL) -+ return NULL; -+ -+ cbss = wpa_s->current_bss; -+ -+ dl_list_for_each(bss, &wpa_s->bss, struct wpa_bss, list) { -+ if (bss == cbss) -+ continue; -+ if (bss->ssid_len == cbss->ssid_len && -+ os_memcmp(bss->ssid, cbss->ssid, bss->ssid_len) == 0 && -+ wpa_blacklist_get(wpa_s, bss->bssid) == NULL) { -+ add_freq(freqs, &num_freqs, bss->freq); -+ if (num_freqs == max_freqs) -+ break; -+ } -+ } -+ -+ if (num_freqs == 0) { -+ os_free(freqs); -+ freqs = NULL; -+ } -+ -+ return freqs; -+} -+ -+ -+void wpas_connection_failed(struct wpa_supplicant *wpa_s, const u8 *bssid) -+{ -+ int timeout; -+ int count; -+ int *freqs = NULL; -+ -+ /* -+ * Remove possible authentication timeout since the connection failed. -+ */ -+ eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL); -+ -+ /* -+ * Add the failed BSSID into the blacklist and speed up next scan -+ * attempt if there could be other APs that could accept association. -+ * The current blacklist count indicates how many times we have tried -+ * connecting to this AP and multiple attempts mean that other APs are -+ * either not available or has already been tried, so that we can start -+ * increasing the delay here to avoid constant scanning. -+ */ -+ count = wpa_blacklist_add(wpa_s, bssid); -+ if (count == 1 && wpa_s->current_bss) { -+ /* -+ * This BSS was not in the blacklist before. If there is -+ * another BSS available for the same ESS, we should try that -+ * next. Otherwise, we may as well try this one once more -+ * before allowing other, likely worse, ESSes to be considered. -+ */ -+ freqs = get_bss_freqs_in_ess(wpa_s); -+ if (freqs) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "Another BSS in this ESS " -+ "has been seen; try it next"); -+ wpa_blacklist_add(wpa_s, bssid); -+ /* -+ * On the next scan, go through only the known channels -+ * used in this ESS based on previous scans to speed up -+ * common load balancing use case. -+ */ -+ os_free(wpa_s->next_scan_freqs); -+ wpa_s->next_scan_freqs = freqs; -+ } -+ } -+ -+ /* -+ * Add previous failure count in case the temporary blacklist was -+ * cleared due to no other BSSes being available. -+ */ -+ count += wpa_s->extra_blacklist_count; -+ -+ switch (count) { -+ case 1: -+ timeout = 100; -+ break; -+ case 2: -+ timeout = 500; -+ break; -+ case 3: -+ timeout = 1000; -+ break; -+ case 4: -+ timeout = 5000; -+ break; -+ default: -+ timeout = 10000; -+ break; -+ } -+ -+ wpa_dbg(wpa_s, MSG_DEBUG, "Blacklist count %d --> request scan in %d " -+ "ms", count, timeout); -+ -+ /* -+ * TODO: if more than one possible AP is available in scan results, -+ * could try the other ones before requesting a new scan. -+ */ -+ wpa_supplicant_req_scan(wpa_s, timeout / 1000, -+ 1000 * (timeout % 1000)); -+ -+#ifdef CONFIG_P2P -+ if (wpa_s->global->p2p_cb_on_scan_complete && !wpa_s->global->p2p_disabled && -+ wpa_s->global->p2p != NULL) { -+ wpa_s->global->p2p_cb_on_scan_complete = 0; -+ if (p2p_other_scan_completed(wpa_s->global->p2p) == 1) { -+ wpa_dbg(wpa_s, MSG_DEBUG, "P2P: Pending P2P operation " -+ "continued after failed association"); -+ } -+ } -+#endif /* CONFIG_P2P */ -+} -+ -+ -+int wpas_driver_bss_selection(struct wpa_supplicant *wpa_s) -+{ -+ return wpa_s->conf->ap_scan == 2 || -+ (wpa_s->drv_flags & WPA_DRIVER_FLAGS_BSS_SELECTION); -+} -+ -+ -+#if defined(CONFIG_CTRL_IFACE) || defined(CONFIG_CTRL_IFACE_DBUS_NEW) -+int wpa_supplicant_ctrl_iface_ctrl_rsp_handle(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid, -+ const char *field, -+ const char *value) -+{ -+#ifdef IEEE8021X_EAPOL -+ struct eap_peer_config *eap = &ssid->eap; -+ -+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: response handle field=%s", field); -+ wpa_hexdump_ascii_key(MSG_DEBUG, "CTRL_IFACE: response value", -+ (const u8 *) value, os_strlen(value)); -+ -+ switch (wpa_supplicant_ctrl_req_from_string(field)) { -+ case WPA_CTRL_REQ_EAP_IDENTITY: -+ os_free(eap->identity); -+ eap->identity = (u8 *) os_strdup(value); -+ eap->identity_len = os_strlen(value); -+ eap->pending_req_identity = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ case WPA_CTRL_REQ_EAP_PASSWORD: -+ os_free(eap->password); -+ eap->password = (u8 *) os_strdup(value); -+ eap->password_len = os_strlen(value); -+ eap->pending_req_password = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ case WPA_CTRL_REQ_EAP_NEW_PASSWORD: -+ os_free(eap->new_password); -+ eap->new_password = (u8 *) os_strdup(value); -+ eap->new_password_len = os_strlen(value); -+ eap->pending_req_new_password = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ case WPA_CTRL_REQ_EAP_PIN: -+ os_free(eap->pin); -+ eap->pin = os_strdup(value); -+ eap->pending_req_pin = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ case WPA_CTRL_REQ_EAP_OTP: -+ os_free(eap->otp); -+ eap->otp = (u8 *) os_strdup(value); -+ eap->otp_len = os_strlen(value); -+ os_free(eap->pending_req_otp); -+ eap->pending_req_otp = NULL; -+ eap->pending_req_otp_len = 0; -+ break; -+ case WPA_CTRL_REQ_EAP_PASSPHRASE: -+ os_free(eap->private_key_passwd); -+ eap->private_key_passwd = (u8 *) os_strdup(value); -+ eap->pending_req_passphrase = 0; -+ if (ssid == wpa_s->current_ssid) -+ wpa_s->reassociate = 1; -+ break; -+ default: -+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: Unknown field '%s'", field); -+ return -1; -+ } -+ -+ return 0; -+#else /* IEEE8021X_EAPOL */ -+ wpa_printf(MSG_DEBUG, "CTRL_IFACE: IEEE 802.1X not included"); -+ return -1; -+#endif /* IEEE8021X_EAPOL */ -+} -+#endif /* CONFIG_CTRL_IFACE || CONFIG_CTRL_IFACE_DBUS_NEW */ -+ -+ -+int wpas_network_disabled(struct wpa_supplicant *wpa_s, struct wpa_ssid *ssid) -+{ -+ int i; -+ unsigned int drv_enc; -+ -+ if (ssid == NULL) -+ return 1; -+ -+ if (ssid->disabled) -+ return 1; -+ -+ if (wpa_s && wpa_s->drv_capa_known) -+ drv_enc = wpa_s->drv_enc; -+ else -+ drv_enc = (unsigned int) -1; -+ -+ for (i = 0; i < NUM_WEP_KEYS; i++) { -+ size_t len = ssid->wep_key_len[i]; -+ if (len == 0) -+ continue; -+ if (len == 5 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP40)) -+ continue; -+ if (len == 13 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP104)) -+ continue; -+ if (len == 16 && (drv_enc & WPA_DRIVER_CAPA_ENC_WEP128)) -+ continue; -+ return 1; /* invalid WEP key */ -+ } -+ -+ if (wpa_key_mgmt_wpa_psk(ssid->key_mgmt) && !ssid->psk_set && -+ !ssid->ext_psk) -+ return 1; -+ -+ return 0; -+} -+ -+ -+int wpas_is_p2p_prioritized(struct wpa_supplicant *wpa_s) -+{ -+ if (wpa_s->global->conc_pref == WPA_CONC_PREF_P2P) -+ return 1; -+ if (wpa_s->global->conc_pref == WPA_CONC_PREF_STA) -+ return 0; -+ return -1; -+} -+ -+ -+void wpas_auth_failed(struct wpa_supplicant *wpa_s) -+{ -+ struct wpa_ssid *ssid = wpa_s->current_ssid; -+ int dur; -+ struct os_time now; -+ -+ if (ssid == NULL) { -+ wpa_printf(MSG_DEBUG, "Authentication failure but no known " -+ "SSID block"); -+ return; -+ } -+ -+ if (ssid->key_mgmt == WPA_KEY_MGMT_WPS) -+ return; -+ -+ ssid->auth_failures++; -+ if (ssid->auth_failures > 50) -+ dur = 300; -+ else if (ssid->auth_failures > 20) -+ dur = 120; -+ else if (ssid->auth_failures > 10) -+ dur = 60; -+ else if (ssid->auth_failures > 5) -+ dur = 30; -+ else if (ssid->auth_failures > 1) -+ dur = 20; -+ else -+ dur = 10; -+ -+ os_get_time(&now); -+ if (now.sec + dur <= ssid->disabled_until.sec) -+ return; -+ -+ ssid->disabled_until.sec = now.sec + dur; -+ -+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TEMP_DISABLED -+ "id=%d ssid=\"%s\" auth_failures=%u duration=%d", -+ ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len), -+ ssid->auth_failures, dur); -+} -+ -+ -+void wpas_clear_temp_disabled(struct wpa_supplicant *wpa_s, -+ struct wpa_ssid *ssid, int clear_failures) -+{ -+ if (ssid == NULL) -+ return; -+ -+ if (ssid->disabled_until.sec) { -+ wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_REENABLED -+ "id=%d ssid=\"%s\"", -+ ssid->id, wpa_ssid_txt(ssid->ssid, ssid->ssid_len)); -+ } -+ ssid->disabled_until.sec = 0; -+ ssid->disabled_until.usec = 0; -+ if (clear_failures) -+ ssid->auth_failures = 0; -+} -+ -+ -+int disallowed_bssid(struct wpa_supplicant *wpa_s, const u8 *bssid) -+{ -+ size_t i; -+ -+ if (wpa_s->disallow_aps_bssid == NULL) -+ return 0; -+ -+ for (i = 0; i < wpa_s->disallow_aps_bssid_count; i++) { -+ if (os_memcmp(wpa_s->disallow_aps_bssid + i * ETH_ALEN, -+ bssid, ETH_ALEN) == 0) -+ return 1; -+ } -+ -+ return 0; -+} -+ -+ -+int disallowed_ssid(struct wpa_supplicant *wpa_s, const u8 *ssid, -+ size_t ssid_len) -+{ -+ size_t i; -+ -+ if (wpa_s->disallow_aps_ssid == NULL || ssid == NULL) -+ return 0; -+ -+ for (i = 0; i < wpa_s->disallow_aps_ssid_count; i++) { -+ struct wpa_ssid_value *s = &wpa_s->disallow_aps_ssid[i]; -+ if (ssid_len == s->ssid_len && -+ os_memcmp(ssid, s->ssid, ssid_len) == 0) -+ return 1; -+ } -+ -+ return 0; -+} -+ -+ -+/** -+ * wpas_request_connection - Request a new connection -+ * @wpa_s: Pointer to the network interface -+ * -+ * This function is used to request a new connection to be found. It will mark -+ * the interface to allow reassociation and request a new scan to find a -+ * suitable network to connect to. -+ */ -+void wpas_request_connection(struct wpa_supplicant *wpa_s) -+{ -+ wpa_s->normal_scans = 0; -+ wpa_supplicant_reinit_autoscan(wpa_s); -+ wpa_s->extra_blacklist_count = 0; -+ wpa_s->disconnected = 0; -+ wpa_s->reassociate = 1; -+ wpa_supplicant_req_scan(wpa_s, 0, 0); -+} |