Main Page | Alphabetical List | Data Structures | File List | Data Fields | Globals | Related Pages | Search for 

events.c

Go to the documentation of this file.
00001 
00016 #include <stdlib.h>
00017 #include <stdio.h>
00018 #include <string.h>
00019 #include <unistd.h>
00020 #include <time.h>
00021 
00022 #include "common.h"
00023 #include "eapol_sm.h"
00024 #include "wpa.h"
00025 #include "eloop.h"
00026 #include "wpa_supplicant.h"
00027 #include "config.h"
00028 #include "l2_packet.h"
00029 #include "wpa_supplicant_i.h"
00030 #include "pcsc_funcs.h"
00031 #include "preauth.h"
00032 #include "wpa_ctrl.h"
00033 #include "eap.h"
00034 
00035 
00036 static int wpa_supplicant_select_config(struct wpa_supplicant *wpa_s)
00037 {
00038         struct wpa_ssid *ssid;
00039 
00040         if (wpa_s->conf->ap_scan == 1 && wpa_s->current_ssid)
00041                 return 0;
00042 
00043         ssid = wpa_supplicant_get_ssid(wpa_s);
00044         if (ssid == NULL) {
00045                 wpa_printf(MSG_INFO, "No network configuration found for the "
00046                            "current AP");
00047                 return -1;
00048         }
00049 
00050         if (ssid->disabled) {
00051                 wpa_printf(MSG_DEBUG, "Selected network is disabled");
00052                 return -1;
00053         }
00054 
00055         wpa_printf(MSG_DEBUG, "Network configuration found for the current "
00056                    "AP");
00057         if (ssid->key_mgmt & (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
00058                               WPA_KEY_MGMT_WPA_NONE)) {
00059                 u8 wpa_ie[80];
00060                 size_t wpa_ie_len = sizeof(wpa_ie);
00061                 wpa_supplicant_set_suites(wpa_s, NULL, ssid,
00062                                           wpa_ie, &wpa_ie_len);
00063         } else {
00064                 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
00065         }
00066 
00067         wpa_s->current_ssid = ssid;
00068         wpa_sm_set_config(wpa_s->wpa, wpa_s->current_ssid);
00069         wpa_supplicant_initiate_eapol(wpa_s);
00070 
00071         return 0;
00072 }
00073 
00074 
00075 static void wpa_supplicant_stop_countermeasures(void *eloop_ctx,
00076                                                 void *sock_ctx)
00077 {
00078         struct wpa_supplicant *wpa_s = eloop_ctx;
00079 
00080         if (wpa_s->countermeasures) {
00081                 wpa_s->countermeasures = 0;
00082                 wpa_drv_set_countermeasures(wpa_s, 0);
00083                 wpa_msg(wpa_s, MSG_INFO, "WPA: TKIP countermeasures stopped");
00084                 wpa_supplicant_req_scan(wpa_s, 0, 0);
00085         }
00086 }
00087 
00088 
00089 static void wpa_supplicant_mark_disassoc(struct wpa_supplicant *wpa_s)
00090 {
00091         wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
00092         memset(wpa_s->bssid, 0, ETH_ALEN);
00093         eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
00094         eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
00095         if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK)
00096                 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
00097 }
00098 
00099 
00100 static void wpa_find_assoc_pmkid(struct wpa_supplicant *wpa_s)
00101 {
00102         struct wpa_ie_data ie;
00103         int i, pmksa_set = -1;
00104 
00105         if (wpa_sm_parse_own_wpa_ie(wpa_s->wpa, &ie) < 0 ||
00106             ie.pmkid == NULL)
00107                 return;
00108 
00109         for (i = 0; i < ie.num_pmkid; i++) {
00110                 pmksa_set = pmksa_cache_set_current(wpa_s->wpa,
00111                                                     ie.pmkid + i * PMKID_LEN,
00112                                                     NULL, NULL, 0);
00113                 if (pmksa_set == 0) {
00114                         eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
00115                         break;
00116                 }
00117         }
00118 
00119         wpa_printf(MSG_DEBUG, "RSN: PMKID from assoc IE %sfound from PMKSA "
00120                    "cache", pmksa_set == 0 ? "" : "not ");
00121 }
00122 
00123 
00124 static void wpa_supplicant_event_pmkid_candidate(struct wpa_supplicant *wpa_s,
00125                                                  union wpa_event_data *data)
00126 {
00127         if (data == NULL) {
00128                 wpa_printf(MSG_DEBUG, "RSN: No data in PMKID candidate event");
00129                 return;
00130         }
00131         wpa_printf(MSG_DEBUG, "RSN: PMKID candidate event - bssid=" MACSTR
00132                    " index=%d preauth=%d",
00133                    MAC2STR(data->pmkid_candidate.bssid),
00134                    data->pmkid_candidate.index,
00135                    data->pmkid_candidate.preauth);
00136 
00137         pmksa_candidate_add(wpa_s->wpa, data->pmkid_candidate.bssid,
00138                             data->pmkid_candidate.index,
00139                             data->pmkid_candidate.preauth);
00140 }
00141 
00142 
00143 static int wpa_supplicant_dynamic_keys(struct wpa_supplicant *wpa_s)
00144 {
00145         if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
00146             wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
00147                 return 0;
00148 
00149         if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA &&
00150             wpa_s->current_ssid &&
00151             !(wpa_s->current_ssid->eapol_flags &
00152               (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
00153                EAPOL_FLAG_REQUIRE_KEY_BROADCAST))) {
00154                 /* IEEE 802.1X, but not using dynamic WEP keys (i.e., either
00155                  * plaintext or static WEP keys). */
00156                 return 0;
00157         }
00158 
00159         return 1;
00160 }
00161 
00162 
00173 int wpa_supplicant_scard_init(struct wpa_supplicant *wpa_s,
00174                               struct wpa_ssid *ssid)
00175 {
00176         int aka = 0, sim = 0, type;
00177 
00178         if (ssid->pcsc == NULL || wpa_s->scard != NULL)
00179                 return 0;
00180 
00181         if (ssid->eap_methods == NULL) {
00182                 sim = 1;
00183                 aka = 1;
00184         } else {
00185                 u8 *eap = ssid->eap_methods;
00186                 while (*eap != EAP_TYPE_NONE) {
00187                         if (*eap == EAP_TYPE_SIM)
00188                                 sim = 1;
00189                         else if (*eap == EAP_TYPE_AKA)
00190                                 aka = 1;
00191                         eap++;
00192                 }
00193         }
00194 
00195 #ifndef EAP_SIM
00196         sim = 0;
00197 #endif /* EAP_SIM */
00198 #ifndef EAP_AKA
00199         aka = 0;
00200 #endif /* EAP_AKA */
00201 
00202         if (!sim && !aka) {
00203                 wpa_printf(MSG_DEBUG, "Selected network is configured to use "
00204                            "SIM, but neither EAP-SIM nor EAP-AKA are enabled");
00205                 return 0;
00206         }
00207 
00208         wpa_printf(MSG_DEBUG, "Selected network is configured to use SIM "
00209                    "(sim=%d aka=%d) - initialize PCSC", sim, aka);
00210         if (sim && aka)
00211                 type = SCARD_TRY_BOTH;
00212         else if (aka)
00213                 type = SCARD_USIM_ONLY;
00214         else
00215                 type = SCARD_GSM_SIM_ONLY;
00216 
00217         wpa_s->scard = scard_init(type);
00218         if (wpa_s->scard == NULL) {
00219                 wpa_printf(MSG_WARNING, "Failed to initialize SIM "
00220                            "(pcsc-lite)");
00221                 return -1;
00222         }
00223         wpa_sm_set_scard_ctx(wpa_s->wpa, wpa_s->scard);
00224         eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard);
00225 
00226         return 0;
00227 }
00228 
00229 
00230 static int wpa_supplicant_match_privacy(struct wpa_scan_result *bss,
00231                                         struct wpa_ssid *ssid)
00232 {
00233         int i, privacy = 0;
00234 
00235         for (i = 0; i < NUM_WEP_KEYS; i++) {
00236                 if (ssid->wep_key_len[i]) {
00237                         privacy = 1;
00238                         break;
00239                 }
00240         }
00241         if ((ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) &&
00242             ssid->eapol_flags & (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
00243                                  EAPOL_FLAG_REQUIRE_KEY_BROADCAST))
00244                 privacy = 1;
00245 
00246         if (bss->caps & IEEE80211_CAP_PRIVACY)
00247                 return privacy;
00248         return !privacy;
00249 }
00250 
00251 
00252 static int wpa_supplicant_ssid_bss_match(struct wpa_ssid *ssid,
00253                                          struct wpa_scan_result *bss)
00254 {
00255         struct wpa_ie_data ie;
00256         int proto_match = 0;
00257 
00258         while ((ssid->proto & WPA_PROTO_RSN) && bss->rsn_ie_len > 0) {
00259                 proto_match++;
00260 
00261                 if (wpa_parse_wpa_ie(bss->rsn_ie, bss->rsn_ie_len, &ie)) {
00262                         wpa_printf(MSG_DEBUG, "   skip RSN IE - parse failed");
00263                         break;
00264                 }
00265                 if (!(ie.proto & ssid->proto)) {
00266                         wpa_printf(MSG_DEBUG, "   skip RSN IE - proto "
00267                                    "mismatch");
00268                         break;
00269                 }
00270 
00271                 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) {
00272                         wpa_printf(MSG_DEBUG, "   skip RSN IE - PTK cipher "
00273                                    "mismatch");
00274                         break;
00275                 }
00276 
00277                 if (!(ie.group_cipher & ssid->group_cipher)) {
00278                         wpa_printf(MSG_DEBUG, "   skip RSN IE - GTK cipher "
00279                                    "mismatch");
00280                         break;
00281                 }
00282 
00283                 if (!(ie.key_mgmt & ssid->key_mgmt)) {
00284                         wpa_printf(MSG_DEBUG, "   skip RSN IE - key mgmt "
00285                                    "mismatch");
00286                         break;
00287                 }
00288 
00289                 wpa_printf(MSG_DEBUG, "   selected based on RSN IE");
00290                 return 1;
00291         }
00292 
00293         while ((ssid->proto & WPA_PROTO_WPA) && bss->wpa_ie_len > 0) {
00294                 proto_match++;
00295 
00296                 if (wpa_parse_wpa_ie(bss->wpa_ie, bss->wpa_ie_len, &ie)) {
00297                         wpa_printf(MSG_DEBUG, "   skip WPA IE - parse failed");
00298                         break;
00299                 }
00300                 if (!(ie.proto & ssid->proto)) {
00301                         wpa_printf(MSG_DEBUG, "   skip WPA IE - proto "
00302                                    "mismatch");
00303                         break;
00304                 }
00305 
00306                 if (!(ie.pairwise_cipher & ssid->pairwise_cipher)) {
00307                         wpa_printf(MSG_DEBUG, "   skip WPA IE - PTK cipher "
00308                                    "mismatch");
00309                         break;
00310                 }
00311 
00312                 if (!(ie.group_cipher & ssid->group_cipher)) {
00313                         wpa_printf(MSG_DEBUG, "   skip WPA IE - GTK cipher "
00314                                    "mismatch");
00315                         break;
00316                 }
00317 
00318                 if (!(ie.key_mgmt & ssid->key_mgmt)) {
00319                         wpa_printf(MSG_DEBUG, "   skip WPA IE - key mgmt "
00320                                    "mismatch");
00321                         break;
00322                 }
00323 
00324                 wpa_printf(MSG_DEBUG, "   selected based on WPA IE");
00325                 return 1;
00326         }
00327 
00328         if (proto_match == 0)
00329                 wpa_printf(MSG_DEBUG, "   skip - no WPA/RSN proto match");
00330 
00331         return 0;
00332 }
00333 
00334 
00335 static struct wpa_scan_result *
00336 wpa_supplicant_select_bss(struct wpa_supplicant *wpa_s, struct wpa_ssid *group,
00337                           struct wpa_scan_result *results, int num,
00338                           struct wpa_ssid **selected_ssid)
00339 {
00340         struct wpa_ssid *ssid;
00341         struct wpa_scan_result *bss, *selected = NULL;
00342         int i;
00343         struct wpa_blacklist *e;
00344 
00345         wpa_printf(MSG_DEBUG, "Selecting BSS from priority group %d",
00346                    group->priority);
00347 
00348         bss = NULL;
00349         ssid = NULL;
00350         /* First, try to find WPA-enabled AP */
00351         for (i = 0; i < num && !selected; i++) {
00352                 bss = &results[i];
00353                 wpa_printf(MSG_DEBUG, "%d: " MACSTR " ssid='%s' "
00354                            "wpa_ie_len=%lu rsn_ie_len=%lu caps=0x%x",
00355                            i, MAC2STR(bss->bssid),
00356                            wpa_ssid_txt(bss->ssid, bss->ssid_len),
00357                            (unsigned long) bss->wpa_ie_len,
00358                            (unsigned long) bss->rsn_ie_len, bss->caps);
00359                 if ((e = wpa_blacklist_get(wpa_s, bss->bssid)) &&
00360                     e->count > 1) {
00361                         wpa_printf(MSG_DEBUG, "   skip - blacklisted");
00362                         continue;
00363                 }
00364 
00365                 if (bss->wpa_ie_len == 0 && bss->rsn_ie_len == 0) {
00366                         wpa_printf(MSG_DEBUG, "   skip - no WPA/RSN IE");
00367                         continue;
00368                 }
00369 
00370                 for (ssid = group; ssid; ssid = ssid->pnext) {
00371                         if (ssid->disabled)
00372                                 continue;
00373                         if (bss->ssid_len != ssid->ssid_len ||
00374                             memcmp(bss->ssid, ssid->ssid,
00375                                    bss->ssid_len) != 0) {
00376                                 wpa_printf(MSG_DEBUG, "   skip - "
00377                                            "SSID mismatch");
00378                                 continue;
00379                         }
00380                         if (ssid->bssid_set &&
00381                             memcmp(bss->bssid, ssid->bssid, ETH_ALEN) != 0) {
00382                                 wpa_printf(MSG_DEBUG, "   skip - "
00383                                            "BSSID mismatch");
00384                                 continue;
00385                         }
00386                         if (wpa_supplicant_ssid_bss_match(ssid, bss)) {
00387                                 selected = bss;
00388                                 *selected_ssid = ssid;
00389                                 break;
00390                         }
00391                 }
00392         }
00393 
00394         /* If no WPA-enabled AP found, try to find non-WPA AP, if configuration
00395          * allows this. */
00396         for (i = 0; i < num && !selected; i++) {
00397                 bss = &results[i];
00398                 if ((e = wpa_blacklist_get(wpa_s, bss->bssid)) &&
00399                     e->count > 1) {
00400                         continue;
00401                 }
00402                 for (ssid = group; ssid; ssid = ssid->pnext) {
00403                         if (!ssid->disabled &&
00404                             (ssid->ssid_len == 0 ||
00405                              (bss->ssid_len == ssid->ssid_len &&
00406                               memcmp(bss->ssid, ssid->ssid, bss->ssid_len) ==
00407                               0)) &&
00408                             (!ssid->bssid_set ||
00409                              memcmp(bss->bssid, ssid->bssid, ETH_ALEN) == 0) &&
00410                             ((ssid->key_mgmt & WPA_KEY_MGMT_NONE) ||
00411                              (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA))
00412                             && bss->wpa_ie_len == 0 && bss->rsn_ie_len == 0 &&
00413                             wpa_supplicant_match_privacy(bss, ssid) &&
00414                             !(bss->caps & IEEE80211_CAP_IBSS))
00415                         {
00416                                 selected = bss;
00417                                 *selected_ssid = ssid;
00418                                 wpa_printf(MSG_DEBUG, "   selected non-WPA AP "
00419                                            MACSTR " ssid='%s'",
00420                                            MAC2STR(bss->bssid),
00421                                            wpa_ssid_txt(bss->ssid,
00422                                                         bss->ssid_len));
00423                                 break;
00424                         }
00425                 }
00426         }
00427 
00428         return selected;
00429 }
00430 
00431 
00432 static void wpa_supplicant_event_scan_results(struct wpa_supplicant *wpa_s)
00433 {
00434         int num, prio;
00435         struct wpa_scan_result *selected = NULL;
00436         struct wpa_ssid *ssid = NULL;
00437         struct wpa_scan_result *results;
00438 
00439         if (wpa_supplicant_get_scan_results(wpa_s) < 0) {
00440                 if (wpa_s->conf->ap_scan == 2)
00441                         return;
00442                 wpa_printf(MSG_DEBUG, "Failed to get scan results - try "
00443                            "scanning again");
00444                 wpa_supplicant_req_scan(wpa_s, 1, 0);
00445                 return;
00446         }
00447         if (wpa_s->conf->ap_scan == 2)
00448                 return;
00449         results = wpa_s->scan_results;
00450         num = wpa_s->num_scan_results;
00451 
00452         while (selected == NULL) {
00453                 for (prio = 0; prio < wpa_s->conf->num_prio; prio++) {
00454                         selected = wpa_supplicant_select_bss(
00455                                 wpa_s, wpa_s->conf->pssid[prio], results, num,
00456                                 &ssid);
00457                         if (selected)
00458                                 break;
00459                 }
00460 
00461                 if (selected == NULL && wpa_s->blacklist) {
00462                         wpa_printf(MSG_DEBUG, "No APs found - clear blacklist "
00463                                    "and try again");
00464                         wpa_blacklist_clear(wpa_s);
00465                 } else if (selected == NULL) {
00466                         break;
00467                 }
00468         }
00469 
00470         if (selected) {
00471                 if (wpa_s->reassociate ||
00472                     memcmp(selected->bssid, wpa_s->bssid, ETH_ALEN) != 0) {
00473                         if (wpa_supplicant_scard_init(wpa_s, ssid)) {
00474                                 wpa_supplicant_req_scan(wpa_s, 10, 0);
00475                                 return;
00476                         }
00477                         wpa_supplicant_associate(wpa_s, selected, ssid);
00478                 } else {
00479                         wpa_printf(MSG_DEBUG, "Already associated with the "
00480                                    "selected AP.");
00481                 }
00482                 rsn_preauth_scan_results(wpa_s->wpa, results, num);
00483         } else {
00484                 wpa_printf(MSG_DEBUG, "No suitable AP found.");
00485                 wpa_supplicant_req_scan(wpa_s, 5, 0);
00486         }
00487 }
00488 
00489 
00490 static void wpa_supplicant_event_associnfo(struct wpa_supplicant *wpa_s,
00491                                            union wpa_event_data *data)
00492 {
00493         int l, len, found = 0, wpa_found, rsn_found;
00494         u8 *p;
00495 
00496         wpa_printf(MSG_DEBUG, "Association info event");
00497         if (data->assoc_info.req_ies)
00498                 wpa_hexdump(MSG_DEBUG, "req_ies", data->assoc_info.req_ies,
00499                             data->assoc_info.req_ies_len);
00500         if (data->assoc_info.resp_ies)
00501                 wpa_hexdump(MSG_DEBUG, "resp_ies", data->assoc_info.resp_ies,
00502                             data->assoc_info.resp_ies_len);
00503         if (data->assoc_info.beacon_ies)
00504                 wpa_hexdump(MSG_DEBUG, "beacon_ies",
00505                             data->assoc_info.beacon_ies,
00506                             data->assoc_info.beacon_ies_len);
00507 
00508         p = data->assoc_info.req_ies;
00509         l = data->assoc_info.req_ies_len;
00510 
00511         /* Go through the IEs and make a copy of the WPA/RSN IE, if present. */
00512         while (p && l >= 2) {
00513                 len = p[1] + 2;
00514                 if (len > l) {
00515                         wpa_hexdump(MSG_DEBUG, "Truncated IE in assoc_info",
00516                                     p, l);
00517                         break;
00518                 }
00519                 if ((p[0] == GENERIC_INFO_ELEM && p[1] >= 6 &&
00520                      (memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0)) ||
00521                     (p[0] == RSN_INFO_ELEM && p[1] >= 2)) {
00522                         if (wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, p, len))
00523                                 break;
00524                         found = 1;
00525                         wpa_find_assoc_pmkid(wpa_s);
00526                         break;
00527                 }
00528                 l -= len;
00529                 p += len;
00530         }
00531         if (!found && data->assoc_info.req_ies)
00532                 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
00533 
00534         /* WPA/RSN IE from Beacon/ProbeResp */
00535         p = data->assoc_info.beacon_ies;
00536         l = data->assoc_info.beacon_ies_len;
00537 
00538         /* Go through the IEs and make a copy of the WPA/RSN IEs, if present.
00539          */
00540         wpa_found = rsn_found = 0;
00541         while (p && l >= 2) {
00542                 len = p[1] + 2;
00543                 if (len > l) {
00544                         wpa_hexdump(MSG_DEBUG, "Truncated IE in beacon_ies",
00545                                     p, l);
00546                         break;
00547                 }
00548                 if (!wpa_found &&
00549                     p[0] == GENERIC_INFO_ELEM && p[1] >= 6 &&
00550                     memcmp(&p[2], "\x00\x50\xF2\x01\x01\x00", 6) == 0) {
00551                         wpa_found = 1;
00552                         wpa_sm_set_ap_wpa_ie(wpa_s->wpa, p, len);
00553                 }
00554 
00555                 if (!rsn_found &&
00556                     p[0] == RSN_INFO_ELEM && p[1] >= 2) {
00557                         rsn_found = 1;
00558                         wpa_sm_set_ap_rsn_ie(wpa_s->wpa, p, len);
00559                 }
00560 
00561                 l -= len;
00562                 p += len;
00563         }
00564 
00565         if (!wpa_found && data->assoc_info.beacon_ies)
00566                 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
00567         if (!rsn_found && data->assoc_info.beacon_ies)
00568                 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
00569 }
00570 
00571 
00572 static void wpa_supplicant_event_assoc(struct wpa_supplicant *wpa_s,
00573                                        union wpa_event_data *data)
00574 {
00575         u8 bssid[ETH_ALEN];
00576 
00577         if (data)
00578                 wpa_supplicant_event_associnfo(wpa_s, data);
00579 
00580         wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATED);
00581         if (wpa_drv_get_bssid(wpa_s, bssid) >= 0 &&
00582             memcmp(bssid, wpa_s->bssid, ETH_ALEN) != 0) {
00583                 wpa_msg(wpa_s, MSG_DEBUG, "Associated to a new BSS: BSSID="
00584                         MACSTR, MAC2STR(bssid));
00585                 memcpy(wpa_s->bssid, bssid, ETH_ALEN);
00586                 if (wpa_supplicant_dynamic_keys(wpa_s)) {
00587                         wpa_clear_keys(wpa_s, bssid);
00588                 }
00589                 if (wpa_supplicant_select_config(wpa_s) < 0) {
00590                         wpa_supplicant_disassociate(wpa_s,
00591                                                     REASON_DEAUTH_LEAVING);
00592                         return;
00593                 }
00594         }
00595 
00596         wpa_msg(wpa_s, MSG_INFO, "Associated with " MACSTR, MAC2STR(bssid));
00597         if (wpa_s->current_ssid) {
00598                 /* When using scanning (ap_scan=1), SIM PC/SC interface can be
00599                  * initialized before association, but for other modes,
00600                  * initialize PC/SC here, if the current configuration needs
00601                  * smartcard or SIM/USIM. */
00602                 wpa_supplicant_scard_init(wpa_s, wpa_s->current_ssid);
00603         }
00604         wpa_sm_notify_assoc(wpa_s->wpa, bssid);
00605         l2_packet_notify_auth_start(wpa_s->l2);
00606 
00607         /*
00608          * Set portEnabled first to FALSE in order to get EAP state machine out
00609          * of the SUCCESS state and eapSuccess cleared. Without this, EAPOL PAE
00610          * state machine may transit to AUTHENTICATING state based on obsolete
00611          * eapSuccess and then trigger BE_AUTH to SUCCESS and PAE to
00612          * AUTHENTICATED without ever giving chance to EAP state machine to
00613          * reset the state.
00614          */
00615         eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
00616         eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
00617         if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK)
00618                 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
00619         /* 802.1X::portControl = Auto */
00620         eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE);
00621         wpa_s->eapol_received = 0;
00622         if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
00623             wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
00624                 wpa_supplicant_cancel_auth_timeout(wpa_s);
00625                 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
00626         } else {
00627                 /* Timeout for receiving the first EAPOL packet */
00628                 wpa_supplicant_req_auth_timeout(wpa_s, 10, 0);
00629         }
00630 }
00631 
00632 
00633 static void wpa_supplicant_event_disassoc(struct wpa_supplicant *wpa_s)
00634 {
00635         if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
00636                 /*
00637                  * At least Host AP driver and a Prism3 card seemed to be
00638                  * generating streams of disconnected events when configuring
00639                  * IBSS for WPA-None. Ignore them for now.
00640                  */
00641                 wpa_printf(MSG_DEBUG, "Disconnect event - ignore in "
00642                            "IBSS/WPA-None mode");
00643                 return;
00644         }
00645 
00646         if (wpa_s->wpa_state == WPA_4WAY_HANDSHAKE &&
00647             wpa_s->key_mgmt == WPA_KEY_MGMT_PSK) {
00648                 wpa_msg(wpa_s, MSG_INFO, "WPA: 4-Way Handshake failed - "
00649                         "pre-shared key may be incorrect");
00650         }
00651         if (wpa_s->wpa_state >= WPA_ASSOCIATED)
00652                 wpa_supplicant_req_scan(wpa_s, 0, 100000);
00653         wpa_blacklist_add(wpa_s, wpa_s->bssid);
00654         wpa_sm_notify_disassoc(wpa_s->wpa);
00655         wpa_supplicant_mark_disassoc(wpa_s);
00656         wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_DISCONNECTED "- Disconnect event - "
00657                 "remove keys");
00658         if (wpa_supplicant_dynamic_keys(wpa_s)) {
00659                 wpa_s->keys_cleared = 0;
00660                 wpa_clear_keys(wpa_s, wpa_s->bssid);
00661         }
00662 }
00663 
00664 
00665 static void
00666 wpa_supplicant_event_michael_mic_failure(struct wpa_supplicant *wpa_s,
00667                                          union wpa_event_data *data)
00668 {
00669         int pairwise;
00670         time_t now;
00671 
00672         wpa_msg(wpa_s, MSG_WARNING, "Michael MIC failure detected");
00673         pairwise = (data && data->michael_mic_failure.unicast);
00674         wpa_sm_key_request(wpa_s->wpa, 1, pairwise);
00675         time(&now);
00676         if (wpa_s->last_michael_mic_error &&
00677             now - wpa_s->last_michael_mic_error <= 60) {
00678                 /* initialize countermeasures */
00679                 wpa_s->countermeasures = 1;
00680                 wpa_msg(wpa_s, MSG_WARNING, "TKIP countermeasures started");
00681 
00682                 /*
00683                  * Need to wait for completion of request frame. We do not get
00684                  * any callback for the message completion, so just wait a
00685                  * short while and hope for the best. */
00686                 usleep(10000);
00687 
00688                 wpa_drv_set_countermeasures(wpa_s, 1);
00689                 wpa_supplicant_deauthenticate(wpa_s,
00690                                               REASON_MICHAEL_MIC_FAILURE);
00691                 eloop_cancel_timeout(wpa_supplicant_stop_countermeasures,
00692                                      wpa_s, NULL);
00693                 eloop_register_timeout(60, 0,
00694                                        wpa_supplicant_stop_countermeasures,
00695                                        wpa_s, NULL);
00696                 /* TODO: mark the AP rejected for 60 second. STA is
00697                  * allowed to associate with another AP.. */
00698         }
00699         wpa_s->last_michael_mic_error = now;
00700 }
00701 
00702 
00703 static void
00704 wpa_supplicant_event_interface_status(struct wpa_supplicant *wpa_s,
00705                                       union wpa_event_data *data)
00706 {
00707         if (strcmp(wpa_s->ifname, data->interface_status.ifname) != 0)
00708                 return;
00709 
00710         switch (data->interface_status.ievent) {
00711         case EVENT_INTERFACE_ADDED:
00712                 if (!wpa_s->interface_removed)
00713                         break;
00714                 wpa_s->interface_removed = 0;
00715                 wpa_printf(MSG_DEBUG, "Configured interface was added.");
00716                 if (wpa_supplicant_driver_init(wpa_s, 1) < 0) {
00717                         wpa_printf(MSG_INFO, "Failed to initialize the driver "
00718                                    "after interface was added.");
00719                 }
00720                 break;
00721         case EVENT_INTERFACE_REMOVED:
00722                 wpa_printf(MSG_DEBUG, "Configured interface was removed.");
00723                 wpa_s->interface_removed = 1;
00724                 wpa_supplicant_mark_disassoc(wpa_s);
00725                 l2_packet_deinit(wpa_s->l2);
00726                 wpa_s->l2 = NULL;
00727                 break;
00728         }
00729 }
00730 
00731 
00732 void wpa_supplicant_event(struct wpa_supplicant *wpa_s, wpa_event_type event,
00733                           union wpa_event_data *data)
00734 {
00735         switch (event) {
00736         case EVENT_ASSOC:
00737                 wpa_supplicant_event_assoc(wpa_s, data);
00738                 break;
00739         case EVENT_DISASSOC:
00740                 wpa_supplicant_event_disassoc(wpa_s);
00741                 break;
00742         case EVENT_MICHAEL_MIC_FAILURE:
00743                 wpa_supplicant_event_michael_mic_failure(wpa_s, data);
00744                 break;
00745         case EVENT_SCAN_RESULTS:
00746                 wpa_supplicant_event_scan_results(wpa_s);
00747                 break;
00748         case EVENT_ASSOCINFO:
00749                 wpa_supplicant_event_associnfo(wpa_s, data);
00750                 break;
00751         case EVENT_INTERFACE_STATUS:
00752                 wpa_supplicant_event_interface_status(wpa_s, data);
00753                 break;
00754         case EVENT_PMKID_CANDIDATE:
00755                 wpa_supplicant_event_pmkid_candidate(wpa_s, data);
00756                 break;
00757         default:
00758                 wpa_printf(MSG_INFO, "Unknown event %d", event);
00759                 break;
00760         }
00761 }
00762
Generated on Sat May 6 21:13:37 2006 for wpa_supplicant by  doxygen 1.4.2