00001
00020 #include <stdlib.h>
00021 #include <stdio.h>
00022 #include <stdarg.h>
00023 #include <unistd.h>
00024 #include <string.h>
00025 #include <time.h>
00026 #include <signal.h>
00027 #ifndef CONFIG_NATIVE_WINDOWS
00028 #include <netinet/in.h>
00029 #endif
00030
00031 #include "common.h"
00032 #include "eapol_sm.h"
00033 #include "eap.h"
00034 #include "wpa.h"
00035 #include "eloop.h"
00036 #include "wpa_supplicant.h"
00037 #include "config.h"
00038 #include "l2_packet.h"
00039 #include "wpa_supplicant_i.h"
00040 #include "ctrl_iface.h"
00041 #include "pcsc_funcs.h"
00042 #include "version.h"
00043 #include "preauth.h"
00044 #include "wpa_ctrl.h"
00045
00046 const char *wpa_supplicant_version =
00047 "wpa_supplicant v" VERSION_STR "\n"
00048 "Copyright (c) 2003-2006, Jouni Malinen <[email protected]> and contributors";
00049
00050 const char *wpa_supplicant_license =
00051 "This program is free software. You can distribute it and/or modify it\n"
00052 "under the terms of the GNU General Public License version 2.\n"
00053 "\n"
00054 "Alternatively, this software may be distributed under the terms of the\n"
00055 "BSD license. See README and COPYING for more details.\n"
00056 #ifdef EAP_TLS_FUNCS
00057 "\nThis product includes software developed by the OpenSSL Project\n"
00058 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
00059 #endif
00060 ;
00061
00062 #ifndef CONFIG_NO_STDOUT_DEBUG
00063 const char *wpa_supplicant_full_license =
00064 "This program is free software; you can redistribute it and/or modify\n"
00065 "it under the terms of the GNU General Public License version 2 as\n"
00066 "published by the Free Software Foundation.\n"
00067 "\n"
00068 "This program is distributed in the hope that it will be useful,\n"
00069 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
00070 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n"
00071 "GNU General Public License for more details.\n"
00072 "\n"
00073 "You should have received a copy of the GNU General Public License\n"
00074 "along with this program; if not, write to the Free Software\n"
00075 "Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA\n"
00076 "\n"
00077 "Alternatively, this software may be distributed under the terms of the\n"
00078 "BSD license.\n"
00079 "\n"
00080 "Redistribution and use in source and binary forms, with or without\n"
00081 "modification, are permitted provided that the following conditions are\n"
00082 "met:\n"
00083 "\n"
00084 "1. Redistributions of source code must retain the above copyright\n"
00085 " notice, this list of conditions and the following disclaimer.\n"
00086 "\n"
00087 "2. Redistributions in binary form must reproduce the above copyright\n"
00088 " notice, this list of conditions and the following disclaimer in the\n"
00089 " documentation and/or other materials provided with the distribution.\n"
00090 "\n"
00091 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
00092 " names of its contributors may be used to endorse or promote products\n"
00093 " derived from this software without specific prior written permission.\n"
00094 "\n"
00095 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
00096 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
00097 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
00098 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"
00099 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
00100 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
00101 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
00102 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
00103 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
00104 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
00105 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
00106 "\n";
00107 #endif
00108
00109 extern struct wpa_driver_ops *wpa_supplicant_drivers[];
00110
00111 extern int wpa_debug_level;
00112 extern int wpa_debug_show_keys;
00113 extern int wpa_debug_timestamp;
00114
00115 static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx);
00116
00117 void wpa_msg(struct wpa_supplicant *wpa_s, int level, char *fmt, ...)
00118 {
00119 va_list ap;
00120 char *buf;
00121 const int buflen = 2048;
00122 int len;
00123
00124 buf = malloc(buflen);
00125 if (buf == NULL) {
00126 printf("Failed to allocate message buffer for:\n");
00127 va_start(ap, fmt);
00128 vprintf(fmt, ap);
00129 printf("\n");
00130 va_end(ap);
00131 return;
00132 }
00133 va_start(ap, fmt);
00134 len = vsnprintf(buf, buflen, fmt, ap);
00135 va_end(ap);
00136 wpa_printf(level, "%s", buf);
00137 wpa_supplicant_ctrl_iface_send(wpa_s, level, buf, len);
00138 free(buf);
00139 }
00140
00141
00142 #if defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA)
00143 static u8 * wpa_alloc_eapol(const struct wpa_supplicant *wpa_s, u8 type,
00144 const void *data, u16 data_len,
00145 size_t *msg_len, void **data_pos)
00146 {
00147 struct ieee802_1x_hdr *hdr;
00148
00149 *msg_len = sizeof(*hdr) + data_len;
00150 hdr = malloc(*msg_len);
00151 if (hdr == NULL)
00152 return NULL;
00153
00154 hdr->version = wpa_s->conf->eapol_version;
00155 hdr->type = type;
00156 hdr->length = htons(data_len);
00157
00158 if (data)
00159 memcpy(hdr + 1, data, data_len);
00160 else
00161 memset(hdr + 1, 0, data_len);
00162
00163 if (data_pos)
00164 *data_pos = hdr + 1;
00165
00166 return (u8 *) hdr;
00167 }
00168
00169
00180 static int wpa_ether_send(struct wpa_supplicant *wpa_s, const u8 *dest,
00181 u16 proto, const u8 *buf, size_t len)
00182 {
00183 if (wpa_s->l2) {
00184 return l2_packet_send(wpa_s->l2, dest, proto, buf, len);
00185 }
00186
00187 return wpa_drv_send_eapol(wpa_s, dest, proto, buf, len);
00188 }
00189 #endif
00190
00191
00192 #ifdef IEEE8021X_EAPOL
00193
00205 static int wpa_supplicant_eapol_send(void *ctx, int type, const u8 *buf,
00206 size_t len)
00207 {
00208 struct wpa_supplicant *wpa_s = ctx;
00209 u8 *msg, *dst, bssid[ETH_ALEN];
00210 size_t msglen;
00211 int res;
00212
00213
00214
00215
00216 if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK ||
00217 wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
00218
00219
00220
00221 wpa_printf(MSG_DEBUG, "WPA: drop TX EAPOL in non-IEEE 802.1X "
00222 "mode (type=%d len=%lu)", type,
00223 (unsigned long) len);
00224 return -1;
00225 }
00226
00227 if (pmksa_cache_get_current(wpa_s->wpa) &&
00228 type == IEEE802_1X_TYPE_EAPOL_START) {
00229
00230
00231 wpa_printf(MSG_DEBUG, "RSN: PMKSA caching - do not send "
00232 "EAPOL-Start");
00233 return -1;
00234 }
00235
00236 if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0) {
00237 wpa_printf(MSG_DEBUG, "BSSID not set when trying to send an "
00238 "EAPOL frame");
00239 if (wpa_drv_get_bssid(wpa_s, bssid) == 0 &&
00240 memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
00241 dst = bssid;
00242 wpa_printf(MSG_DEBUG, "Using current BSSID " MACSTR
00243 " from the driver as the EAPOL destination",
00244 MAC2STR(dst));
00245 } else {
00246 dst = wpa_s->last_eapol_src;
00247 wpa_printf(MSG_DEBUG, "Using the source address of the"
00248 " last received EAPOL frame " MACSTR " as "
00249 "the EAPOL destination",
00250 MAC2STR(dst));
00251 }
00252 } else {
00253
00254
00255 dst = wpa_s->bssid;
00256 }
00257
00258 msg = wpa_alloc_eapol(wpa_s, type, buf, len, &msglen, NULL);
00259 if (msg == NULL)
00260 return -1;
00261
00262 wpa_hexdump(MSG_MSGDUMP, "TX EAPOL", msg, msglen);
00263 res = wpa_ether_send(wpa_s, dst, ETH_P_EAPOL, msg, msglen);
00264 free(msg);
00265 return res;
00266 }
00267
00268
00279 static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
00280 const u8 *key, size_t keylen)
00281 {
00282 struct wpa_supplicant *wpa_s = ctx;
00283 return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
00284 unicast ? wpa_s->bssid :
00285 (u8 *) "\xff\xff\xff\xff\xff\xff",
00286 keyidx, unicast, (u8 *) "", 0, key, keylen);
00287 }
00288
00289
00290 static void wpa_supplicant_aborted_cached(void *ctx)
00291 {
00292 struct wpa_supplicant *wpa_s = ctx;
00293 wpa_sm_aborted_cached(wpa_s->wpa);
00294 }
00295
00296 #endif
00297
00298
00299 #if defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA)
00300 static void wpa_supplicant_set_config_blob(void *ctx,
00301 struct wpa_config_blob *blob)
00302 {
00303 struct wpa_supplicant *wpa_s = ctx;
00304 wpa_config_set_blob(wpa_s->conf, blob);
00305 }
00306
00307
00308 static const struct wpa_config_blob *
00309 wpa_supplicant_get_config_blob(void *ctx, const char *name)
00310 {
00311 struct wpa_supplicant *wpa_s = ctx;
00312 return wpa_config_get_blob(wpa_s->conf, name);
00313 }
00314 #endif
00315
00316
00317
00318 static int wpa_set_wep_key(void *ctx, int set_tx, int keyidx, const u8 *key,
00319 size_t keylen)
00320 {
00321 struct wpa_supplicant *wpa_s = ctx;
00322 return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
00323 (u8 *) "\xff\xff\xff\xff\xff\xff",
00324 keyidx, set_tx, (u8 *) "", 0, key, keylen);
00325 }
00326
00327
00328 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
00329 struct wpa_ssid *ssid)
00330 {
00331 u8 key[32];
00332 size_t keylen;
00333 wpa_alg alg;
00334 u8 seq[6] = { 0 };
00335
00336
00337
00338
00339 if (ssid->mode != IEEE80211_MODE_IBSS) {
00340 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
00341 "for WPA-None", ssid->mode);
00342 return -1;
00343 }
00344
00345 if (!ssid->psk_set) {
00346 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
00347 return -1;
00348 }
00349
00350 switch (wpa_s->group_cipher) {
00351 case WPA_CIPHER_CCMP:
00352 memcpy(key, ssid->psk, 16);
00353 keylen = 16;
00354 alg = WPA_ALG_CCMP;
00355 break;
00356 case WPA_CIPHER_TKIP:
00357
00358 memcpy(key, ssid->psk, 16 + 8);
00359 memcpy(key + 16 + 8, ssid->psk + 16, 8);
00360 keylen = 32;
00361 alg = WPA_ALG_TKIP;
00362 break;
00363 default:
00364 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
00365 "WPA-None", wpa_s->group_cipher);
00366 return -1;
00367 }
00368
00369
00370
00371
00372 return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
00373 0, 1, seq, 6, key, keylen);
00374 }
00375
00376
00377 #ifdef IEEE8021X_EAPOL
00378 static void wpa_supplicant_notify_eapol_done(void *ctx)
00379 {
00380 struct wpa_supplicant *wpa_s = ctx;
00381 wpa_msg(wpa_s, MSG_DEBUG, "WPA: EAPOL processing complete");
00382 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X) {
00383 wpa_supplicant_set_state(wpa_s, WPA_4WAY_HANDSHAKE);
00384 } else {
00385 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00386 wpa_supplicant_cancel_auth_timeout(wpa_s);
00387 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
00388 }
00389 }
00390 #endif
00391
00392
00400 struct wpa_blacklist * wpa_blacklist_get(struct wpa_supplicant *wpa_s,
00401 const u8 *bssid)
00402 {
00403 struct wpa_blacklist *e;
00404
00405 e = wpa_s->blacklist;
00406 while (e) {
00407 if (memcmp(e->bssid, bssid, ETH_ALEN) == 0)
00408 return e;
00409 e = e->next;
00410 }
00411
00412 return NULL;
00413 }
00414
00415
00433 int wpa_blacklist_add(struct wpa_supplicant *wpa_s, const u8 *bssid)
00434 {
00435 struct wpa_blacklist *e;
00436
00437 e = wpa_blacklist_get(wpa_s, bssid);
00438 if (e) {
00439 e->count++;
00440 wpa_printf(MSG_DEBUG, "BSSID " MACSTR " blacklist count "
00441 "incremented to %d",
00442 MAC2STR(bssid), e->count);
00443 return 0;
00444 }
00445
00446 e = malloc(sizeof(*e));
00447 if (e == NULL)
00448 return -1;
00449 memset(e, 0, sizeof(*e));
00450 memcpy(e->bssid, bssid, ETH_ALEN);
00451 e->count = 1;
00452 e->next = wpa_s->blacklist;
00453 wpa_s->blacklist = e;
00454 wpa_printf(MSG_DEBUG, "Added BSSID " MACSTR " into blacklist",
00455 MAC2STR(bssid));
00456
00457 return 0;
00458 }
00459
00460
00461 static int wpa_blacklist_del(struct wpa_supplicant *wpa_s, const u8 *bssid)
00462 {
00463 struct wpa_blacklist *e, *prev = NULL;
00464
00465 e = wpa_s->blacklist;
00466 while (e) {
00467 if (memcmp(e->bssid, bssid, ETH_ALEN) == 0) {
00468 if (prev == NULL) {
00469 wpa_s->blacklist = e->next;
00470 } else {
00471 prev->next = e->next;
00472 }
00473 wpa_printf(MSG_DEBUG, "Removed BSSID " MACSTR " from "
00474 "blacklist", MAC2STR(bssid));
00475 free(e);
00476 return 0;
00477 }
00478 prev = e;
00479 e = e->next;
00480 }
00481 return -1;
00482 }
00483
00484
00490 void wpa_blacklist_clear(struct wpa_supplicant *wpa_s)
00491 {
00492 struct wpa_blacklist *e, *prev;
00493
00494 e = wpa_s->blacklist;
00495 wpa_s->blacklist = NULL;
00496 while (e) {
00497 prev = e;
00498 e = e->next;
00499 wpa_printf(MSG_DEBUG, "Removed BSSID " MACSTR " from "
00500 "blacklist (clear)", MAC2STR(prev->bssid));
00501 free(prev);
00502 }
00503 }
00504
00505
00521 const char * wpa_ssid_txt(u8 *ssid, size_t ssid_len)
00522 {
00523 static char ssid_txt[MAX_SSID_LEN + 1];
00524 char *pos;
00525
00526 if (ssid_len > MAX_SSID_LEN)
00527 ssid_len = MAX_SSID_LEN;
00528 memcpy(ssid_txt, ssid, ssid_len);
00529 ssid_txt[ssid_len] = '\0';
00530 for (pos = ssid_txt; *pos != '\0'; pos++) {
00531 if ((u8) *pos < 32 || (u8) *pos >= 127)
00532 *pos = '_';
00533 }
00534 return ssid_txt;
00535 }
00536
00537
00548 void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
00549 {
00550 wpa_msg(wpa_s, MSG_DEBUG, "Setting scan request: %d sec %d usec",
00551 sec, usec);
00552 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00553 eloop_register_timeout(sec, usec, wpa_supplicant_scan, wpa_s, NULL);
00554 }
00555
00556
00565 void wpa_supplicant_cancel_scan(struct wpa_supplicant *wpa_s)
00566 {
00567 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling scan request");
00568 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00569 }
00570
00571
00572 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
00573 {
00574 struct wpa_supplicant *wpa_s = eloop_ctx;
00575 wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
00576 MAC2STR(wpa_s->bssid));
00577 wpa_blacklist_add(wpa_s, wpa_s->bssid);
00578 wpa_sm_notify_disassoc(wpa_s->wpa);
00579 wpa_supplicant_disassociate(wpa_s, REASON_DEAUTH_LEAVING);
00580 wpa_s->reassociate = 1;
00581 wpa_supplicant_req_scan(wpa_s, 0, 0);
00582 }
00583
00584
00595 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
00596 int sec, int usec)
00597 {
00598 if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
00599 wpa_s->driver && strcmp(wpa_s->driver->name, "wired") == 0)
00600 return;
00601
00602 wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
00603 "%d usec", sec, usec);
00604 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
00605 eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
00606 }
00607
00608
00618 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
00619 {
00620 wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
00621 eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
00622 wpa_blacklist_del(wpa_s, wpa_s->bssid);
00623 }
00624
00625
00634 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
00635 {
00636 struct eapol_config eapol_conf;
00637 struct wpa_ssid *ssid = wpa_s->current_ssid;
00638
00639 if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK) {
00640 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
00641 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
00642 }
00643 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
00644 wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
00645 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
00646 else
00647 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
00648
00649 memset(&eapol_conf, 0, sizeof(eapol_conf));
00650 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
00651 eapol_conf.accept_802_1x_keys = 1;
00652 eapol_conf.required_keys = 0;
00653 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
00654 eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
00655 }
00656 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
00657 eapol_conf.required_keys |=
00658 EAPOL_REQUIRE_KEY_BROADCAST;
00659 }
00660
00661 if (wpa_s->conf && wpa_s->driver &&
00662 strcmp(wpa_s->driver->name, "wired") == 0) {
00663 eapol_conf.required_keys = 0;
00664 }
00665 }
00666 eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
00667 eapol_conf.workaround = ssid->eap_workaround;
00668 eapol_conf.eap_disabled = wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X &&
00669 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA;
00670 eapol_sm_notify_config(wpa_s->eapol, ssid, &eapol_conf);
00671 }
00672
00673
00684 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
00685 struct wpa_ssid *ssid)
00686 {
00687 int i;
00688
00689 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
00690 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
00691 else
00692 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
00693 wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
00694 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
00695 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
00696 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
00697 wpa_s->group_cipher = WPA_CIPHER_NONE;
00698
00699 for (i = 0; i < NUM_WEP_KEYS; i++) {
00700 if (ssid->wep_key_len[i] > 5) {
00701 wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
00702 wpa_s->group_cipher = WPA_CIPHER_WEP104;
00703 break;
00704 } else if (ssid->wep_key_len[i] > 0) {
00705 wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
00706 wpa_s->group_cipher = WPA_CIPHER_WEP40;
00707 break;
00708 }
00709 }
00710
00711 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
00712 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
00713 wpa_s->pairwise_cipher);
00714 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
00715
00716 pmksa_cache_clear_current(wpa_s->wpa);
00717 }
00718
00719
00720 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
00721 {
00722 scard_deinit(wpa_s->scard);
00723 wpa_s->scard = NULL;
00724 wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
00725 eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
00726 l2_packet_deinit(wpa_s->l2);
00727 wpa_s->l2 = NULL;
00728
00729 wpa_supplicant_ctrl_iface_deinit(wpa_s);
00730 if (wpa_s->conf != NULL) {
00731 wpa_config_free(wpa_s->conf);
00732 wpa_s->conf = NULL;
00733 }
00734
00735 free(wpa_s->confname);
00736 wpa_s->confname = NULL;
00737
00738 wpa_sm_set_eapol(wpa_s->wpa, NULL);
00739 eapol_sm_deinit(wpa_s->eapol);
00740 wpa_s->eapol = NULL;
00741
00742 rsn_preauth_deinit(wpa_s->wpa);
00743
00744 pmksa_candidate_free(wpa_s->wpa);
00745 pmksa_cache_free(wpa_s->wpa);
00746 wpa_sm_deinit(wpa_s->wpa);
00747 wpa_s->wpa = NULL;
00748 wpa_blacklist_clear(wpa_s);
00749
00750 free(wpa_s->scan_results);
00751 wpa_s->scan_results = NULL;
00752 wpa_s->num_scan_results = 0;
00753
00754 wpa_supplicant_cancel_scan(wpa_s);
00755 }
00756
00757
00767 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
00768 {
00769 u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
00770
00771 if (wpa_s->keys_cleared) {
00772
00773
00774
00775
00776
00777
00778
00779 wpa_printf(MSG_DEBUG, "No keys have been configured - "
00780 "skip key clearing");
00781 return;
00782 }
00783
00784 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
00785 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
00786 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
00787 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
00788 if (addr) {
00789 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
00790 0);
00791 }
00792 wpa_s->keys_cleared = 1;
00793 }
00794
00795
00802 const char * wpa_supplicant_state_txt(int state)
00803 {
00804 switch (state) {
00805 case WPA_DISCONNECTED:
00806 return "DISCONNECTED";
00807 case WPA_INACTIVE:
00808 return "INACTIVE";
00809 case WPA_SCANNING:
00810 return "SCANNING";
00811 case WPA_ASSOCIATING:
00812 return "ASSOCIATING";
00813 case WPA_ASSOCIATED:
00814 return "ASSOCIATED";
00815 case WPA_4WAY_HANDSHAKE:
00816 return "4WAY_HANDSHAKE";
00817 case WPA_GROUP_HANDSHAKE:
00818 return "GROUP_HANDSHAKE";
00819 case WPA_COMPLETED:
00820 return "COMPLETED";
00821 default:
00822 return "UNKNOWN";
00823 }
00824 }
00825
00826
00836 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
00837 {
00838 wpa_printf(MSG_DEBUG, "State: %s -> %s",
00839 wpa_supplicant_state_txt(wpa_s->wpa_state),
00840 wpa_supplicant_state_txt(state));
00841 if (state == WPA_COMPLETED && wpa_s->new_connection) {
00842 wpa_s->new_connection = 0;
00843 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
00844 MACSTR " completed %s",
00845 MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
00846 "(reauth)" : "(auth)");
00847 wpa_s->reassociated_connection = 1;
00848 } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
00849 state == WPA_ASSOCIATED) {
00850 wpa_s->new_connection = 1;
00851 }
00852 wpa_s->wpa_state = state;
00853 }
00854
00855
00862 wpa_states wpa_supplicant_get_state(struct wpa_supplicant *wpa_s)
00863 {
00864 return wpa_s->wpa_state;
00865 }
00866
00867
00868 static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
00869 void *signal_ctx)
00870 {
00871 struct wpa_global *global = eloop_ctx;
00872 struct wpa_supplicant *wpa_s;
00873 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
00874 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
00875 "received", sig);
00876 }
00877 eloop_terminate();
00878 }
00879
00880
00893 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
00894 {
00895 struct wpa_config *conf;
00896 int reconf_ctrl;
00897 if (wpa_s->confname == NULL)
00898 return -1;
00899 conf = wpa_config_read(wpa_s->confname);
00900 if (conf == NULL) {
00901 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
00902 "file '%s' - exiting", wpa_s->confname);
00903 return -1;
00904 }
00905
00906 reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
00907 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
00908 strcmp(conf->ctrl_interface, wpa_s->conf->ctrl_interface)
00909 != 0);
00910
00911 if (reconf_ctrl)
00912 wpa_supplicant_ctrl_iface_deinit(wpa_s);
00913
00914 wpa_s->current_ssid = NULL;
00915
00916
00917
00918
00919 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
00920 wpa_sm_set_config(wpa_s->wpa, NULL);
00921 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
00922 pmksa_cache_notify_reconfig(wpa_s->wpa);
00923 rsn_preauth_deinit(wpa_s->wpa);
00924 wpa_config_free(wpa_s->conf);
00925 wpa_s->conf = conf;
00926 if (reconf_ctrl)
00927 wpa_supplicant_ctrl_iface_init(wpa_s);
00928 wpa_s->reassociate = 1;
00929 wpa_supplicant_req_scan(wpa_s, 0, 0);
00930 wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
00931 return 0;
00932 }
00933
00934
00935 #ifndef CONFIG_NATIVE_WINDOWS
00936 static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
00937 void *signal_ctx)
00938 {
00939 struct wpa_global *global = eloop_ctx;
00940 struct wpa_supplicant *wpa_s;
00941 wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
00942 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
00943 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
00944 eloop_terminate();
00945 }
00946 }
00947 }
00948 #endif
00949
00950
00951 static void wpa_supplicant_gen_assoc_event(struct wpa_supplicant *wpa_s)
00952 {
00953 struct wpa_ssid *ssid;
00954 union wpa_event_data data;
00955
00956 ssid = wpa_supplicant_get_ssid(wpa_s);
00957 if (ssid == NULL)
00958 return;
00959
00960 if (wpa_s->current_ssid == NULL)
00961 wpa_s->current_ssid = ssid;
00962 wpa_supplicant_initiate_eapol(wpa_s);
00963 wpa_printf(MSG_DEBUG, "Already associated with a configured network - "
00964 "generating associated event");
00965 memset(&data, 0, sizeof(data));
00966 wpa_supplicant_event(wpa_s, EVENT_ASSOC, &data);
00967 }
00968
00969
00970 static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
00971 {
00972 struct wpa_supplicant *wpa_s = eloop_ctx;
00973 struct wpa_ssid *ssid;
00974 int enabled, scan_req = 0;
00975
00976 if (wpa_s->disconnected)
00977 return;
00978
00979 enabled = 0;
00980 ssid = wpa_s->conf->ssid;
00981 while (ssid) {
00982 if (!ssid->disabled) {
00983 enabled++;
00984 break;
00985 }
00986 ssid = ssid->next;
00987 }
00988 if (!enabled && !wpa_s->scan_req) {
00989 wpa_printf(MSG_DEBUG, "No enabled networks - do not scan");
00990 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
00991 return;
00992 }
00993 scan_req = wpa_s->scan_req;
00994 wpa_s->scan_req = 0;
00995
00996 if (wpa_s->conf->ap_scan == 0) {
00997 wpa_supplicant_gen_assoc_event(wpa_s);
00998 return;
00999 }
01000
01001 if (wpa_s->wpa_state == WPA_DISCONNECTED ||
01002 wpa_s->wpa_state == WPA_INACTIVE)
01003 wpa_supplicant_set_state(wpa_s, WPA_SCANNING);
01004
01005 ssid = wpa_s->conf->ssid;
01006 if (wpa_s->prev_scan_ssid != BROADCAST_SSID_SCAN) {
01007 while (ssid) {
01008 if (ssid == wpa_s->prev_scan_ssid) {
01009 ssid = ssid->next;
01010 break;
01011 }
01012 ssid = ssid->next;
01013 }
01014 }
01015 while (ssid) {
01016 if (!ssid->disabled &&
01017 (ssid->scan_ssid || wpa_s->conf->ap_scan == 2))
01018 break;
01019 ssid = ssid->next;
01020 }
01021
01022 if (scan_req != 2 && wpa_s->conf->ap_scan == 2) {
01023
01024
01025
01026
01027 if (ssid == NULL)
01028 return;
01029 if (ssid->next) {
01030
01031 wpa_s->prev_scan_ssid = ssid;
01032 } else {
01033
01034 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
01035 }
01036 wpa_supplicant_associate(wpa_s, NULL, ssid);
01037 return;
01038 }
01039
01040 wpa_printf(MSG_DEBUG, "Starting AP scan (%s SSID)",
01041 ssid ? "specific": "broadcast");
01042 if (ssid) {
01043 wpa_hexdump_ascii(MSG_DEBUG, "Scan SSID",
01044 ssid->ssid, ssid->ssid_len);
01045 wpa_s->prev_scan_ssid = ssid;
01046 } else
01047 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
01048
01049 if (wpa_drv_scan(wpa_s, ssid ? ssid->ssid : NULL,
01050 ssid ? ssid->ssid_len : 0)) {
01051 wpa_printf(MSG_WARNING, "Failed to initiate AP scan.");
01052 wpa_supplicant_req_scan(wpa_s, 10, 0);
01053 }
01054 }
01055
01056
01057 static wpa_cipher cipher_suite2driver(int cipher)
01058 {
01059 switch (cipher) {
01060 case WPA_CIPHER_NONE:
01061 return CIPHER_NONE;
01062 case WPA_CIPHER_WEP40:
01063 return CIPHER_WEP40;
01064 case WPA_CIPHER_WEP104:
01065 return CIPHER_WEP104;
01066 case WPA_CIPHER_CCMP:
01067 return CIPHER_CCMP;
01068 case WPA_CIPHER_TKIP:
01069 default:
01070 return CIPHER_TKIP;
01071 }
01072 }
01073
01074
01075 static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
01076 {
01077 switch (key_mgmt) {
01078 case WPA_KEY_MGMT_NONE:
01079 return KEY_MGMT_NONE;
01080 case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
01081 return KEY_MGMT_802_1X_NO_WPA;
01082 case WPA_KEY_MGMT_IEEE8021X:
01083 return KEY_MGMT_802_1X;
01084 case WPA_KEY_MGMT_WPA_NONE:
01085 return KEY_MGMT_WPA_NONE;
01086 case WPA_KEY_MGMT_PSK:
01087 default:
01088 return KEY_MGMT_PSK;
01089 }
01090 }
01091
01092
01093 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
01094 struct wpa_ssid *ssid,
01095 struct wpa_ie_data *ie)
01096 {
01097 int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
01098 if (ret) {
01099 if (ret == -2) {
01100 wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
01101 "from association info");
01102 }
01103 return -1;
01104 }
01105
01106 wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
01107 "suites");
01108 if (!(ie->group_cipher & ssid->group_cipher)) {
01109 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
01110 "cipher 0x%x (mask 0x%x) - reject",
01111 ie->group_cipher, ssid->group_cipher);
01112 return -1;
01113 }
01114 if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
01115 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
01116 "cipher 0x%x (mask 0x%x) - reject",
01117 ie->pairwise_cipher, ssid->pairwise_cipher);
01118 return -1;
01119 }
01120 if (!(ie->key_mgmt & ssid->key_mgmt)) {
01121 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
01122 "management 0x%x (mask 0x%x) - reject",
01123 ie->key_mgmt, ssid->key_mgmt);
01124 return -1;
01125 }
01126
01127 return 0;
01128 }
01129
01130
01146 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
01147 struct wpa_scan_result *bss,
01148 struct wpa_ssid *ssid,
01149 u8 *wpa_ie, size_t *wpa_ie_len)
01150 {
01151 struct wpa_ie_data ie;
01152 int sel, proto;
01153
01154 if (bss && bss->rsn_ie_len && (ssid->proto & WPA_PROTO_RSN) &&
01155 wpa_parse_wpa_ie(bss->rsn_ie, bss->rsn_ie_len, &ie) == 0 &&
01156 (ie.group_cipher & ssid->group_cipher) &&
01157 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
01158 (ie.key_mgmt & ssid->key_mgmt)) {
01159 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
01160 proto = WPA_PROTO_RSN;
01161 } else if (bss && bss->wpa_ie_len && (ssid->proto & WPA_PROTO_WPA) &&
01162 wpa_parse_wpa_ie(bss->wpa_ie, bss->wpa_ie_len, &ie) == 0 &&
01163 (ie.group_cipher & ssid->group_cipher) &&
01164 (ie.pairwise_cipher & ssid->pairwise_cipher) &&
01165 (ie.key_mgmt & ssid->key_mgmt)) {
01166 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
01167 proto = WPA_PROTO_WPA;
01168 } else if (bss) {
01169 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
01170 return -1;
01171 } else {
01172 if (ssid->proto & WPA_PROTO_RSN)
01173 proto = WPA_PROTO_RSN;
01174 else
01175 proto = WPA_PROTO_WPA;
01176 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
01177 memset(&ie, 0, sizeof(ie));
01178 ie.group_cipher = ssid->group_cipher;
01179 ie.pairwise_cipher = ssid->pairwise_cipher;
01180 ie.key_mgmt = ssid->key_mgmt;
01181 wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
01182 "on configuration");
01183 }
01184 }
01185
01186 wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
01187 "pairwise %d key_mgmt %d",
01188 ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt);
01189
01190 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
01191
01192 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss ? bss->wpa_ie : NULL,
01193 bss ? bss->wpa_ie_len : 0) ||
01194 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss ? bss->rsn_ie : NULL,
01195 bss ? bss->rsn_ie_len : 0))
01196 return -1;
01197
01198 sel = ie.group_cipher & ssid->group_cipher;
01199 if (sel & WPA_CIPHER_CCMP) {
01200 wpa_s->group_cipher = WPA_CIPHER_CCMP;
01201 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
01202 } else if (sel & WPA_CIPHER_TKIP) {
01203 wpa_s->group_cipher = WPA_CIPHER_TKIP;
01204 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
01205 } else if (sel & WPA_CIPHER_WEP104) {
01206 wpa_s->group_cipher = WPA_CIPHER_WEP104;
01207 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
01208 } else if (sel & WPA_CIPHER_WEP40) {
01209 wpa_s->group_cipher = WPA_CIPHER_WEP40;
01210 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
01211 } else {
01212 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
01213 return -1;
01214 }
01215
01216 sel = ie.pairwise_cipher & ssid->pairwise_cipher;
01217 if (sel & WPA_CIPHER_CCMP) {
01218 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
01219 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
01220 } else if (sel & WPA_CIPHER_TKIP) {
01221 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
01222 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
01223 } else if (sel & WPA_CIPHER_NONE) {
01224 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
01225 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
01226 } else {
01227 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
01228 "cipher.");
01229 return -1;
01230 }
01231
01232 sel = ie.key_mgmt & ssid->key_mgmt;
01233 if (sel & WPA_KEY_MGMT_IEEE8021X) {
01234 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
01235 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
01236 } else if (sel & WPA_KEY_MGMT_PSK) {
01237 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
01238 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
01239 } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
01240 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
01241 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
01242 } else {
01243 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
01244 "key management type.");
01245 return -1;
01246 }
01247
01248 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
01249 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
01250 wpa_s->pairwise_cipher);
01251 wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
01252
01253 if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
01254 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
01255 return -1;
01256 }
01257
01258 if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
01259 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
01260 else
01261 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
01262
01263 return 0;
01264 }
01265
01266
01276 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
01277 struct wpa_scan_result *bss,
01278 struct wpa_ssid *ssid)
01279 {
01280 u8 wpa_ie[80];
01281 size_t wpa_ie_len;
01282 int use_crypt;
01283 int algs = AUTH_ALG_OPEN_SYSTEM;
01284 int cipher_pairwise, cipher_group;
01285 struct wpa_driver_associate_params params;
01286 int wep_keys_set = 0;
01287 struct wpa_driver_capa capa;
01288 int assoc_failed = 0;
01289
01290 wpa_s->reassociate = 0;
01291 if (bss) {
01292 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
01293 " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
01294 wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
01295 memset(wpa_s->bssid, 0, ETH_ALEN);
01296 } else {
01297 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
01298 wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
01299 }
01300 wpa_supplicant_cancel_scan(wpa_s);
01301
01302
01303
01304 wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
01305
01306 if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01307 if (ssid->leap) {
01308 if (ssid->non_leap == 0)
01309 algs = AUTH_ALG_LEAP;
01310 else
01311 algs |= AUTH_ALG_LEAP;
01312 }
01313 }
01314 wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
01315 if (ssid->auth_alg) {
01316 algs = 0;
01317 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
01318 algs |= AUTH_ALG_OPEN_SYSTEM;
01319 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
01320 algs |= AUTH_ALG_SHARED_KEY;
01321 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
01322 algs |= AUTH_ALG_LEAP;
01323 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
01324 algs);
01325 }
01326 wpa_drv_set_auth_alg(wpa_s, algs);
01327
01328 if (bss && (bss->wpa_ie_len || bss->rsn_ie_len) &&
01329 (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK))) {
01330 int try_opportunistic;
01331 try_opportunistic = ssid->proactive_key_caching &&
01332 (ssid->proto & WPA_PROTO_RSN);
01333 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
01334 wpa_s->current_ssid,
01335 try_opportunistic) == 0)
01336 eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
01337 wpa_ie_len = sizeof(wpa_ie);
01338 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
01339 wpa_ie, &wpa_ie_len)) {
01340 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
01341 "management and encryption suites");
01342 return;
01343 }
01344 } else if (ssid->key_mgmt &
01345 (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
01346 WPA_KEY_MGMT_WPA_NONE)) {
01347 wpa_ie_len = sizeof(wpa_ie);
01348 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
01349 wpa_ie, &wpa_ie_len)) {
01350 wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
01351 "management and encryption suites (no scan "
01352 "results)");
01353 return;
01354 }
01355 } else {
01356 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
01357 wpa_ie_len = 0;
01358 }
01359
01360 wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
01361 use_crypt = 1;
01362 cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
01363 cipher_group = cipher_suite2driver(wpa_s->group_cipher);
01364 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
01365 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01366 int i;
01367 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
01368 use_crypt = 0;
01369 for (i = 0; i < NUM_WEP_KEYS; i++) {
01370 if (ssid->wep_key_len[i]) {
01371 use_crypt = 1;
01372 wep_keys_set = 1;
01373 wpa_set_wep_key(wpa_s,
01374 i == ssid->wep_tx_keyidx,
01375 i, ssid->wep_key[i],
01376 ssid->wep_key_len[i]);
01377 }
01378 }
01379 }
01380
01381 if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01382 if ((ssid->eapol_flags &
01383 (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
01384 EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
01385 !wep_keys_set) {
01386 use_crypt = 0;
01387 } else {
01388
01389
01390
01391 cipher_pairwise = cipher_group = CIPHER_WEP104;
01392 }
01393 }
01394
01395 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
01396
01397 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
01398 }
01399
01400 wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
01401 wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
01402 memset(¶ms, 0, sizeof(params));
01403 if (bss) {
01404 params.bssid = bss->bssid;
01405 params.ssid = bss->ssid;
01406 params.ssid_len = bss->ssid_len;
01407 params.freq = bss->freq;
01408 } else {
01409 params.ssid = ssid->ssid;
01410 params.ssid_len = ssid->ssid_len;
01411 }
01412 params.wpa_ie = wpa_ie;
01413 params.wpa_ie_len = wpa_ie_len;
01414 params.pairwise_suite = cipher_pairwise;
01415 params.group_suite = cipher_group;
01416 params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
01417 params.auth_alg = algs;
01418 params.mode = ssid->mode;
01419 if (wpa_drv_associate(wpa_s, ¶ms) < 0) {
01420 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
01421 "failed");
01422
01423
01424 assoc_failed = 1;
01425 }
01426
01427 if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
01428
01429
01430 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
01431
01432
01433 wpa_supplicant_cancel_auth_timeout(wpa_s);
01434 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
01435 } else {
01436
01437 int timeout;
01438 if (assoc_failed)
01439 timeout = 5;
01440 else if (wpa_s->conf->ap_scan == 1)
01441 timeout = 10;
01442 else
01443 timeout = 60;
01444 wpa_supplicant_req_auth_timeout(wpa_s, timeout, 0);
01445 }
01446
01447 if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
01448 capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
01449
01450 int i;
01451 for (i = 0; i < NUM_WEP_KEYS; i++) {
01452 if (ssid->wep_key_len[i]) {
01453 wpa_set_wep_key(wpa_s,
01454 i == ssid->wep_tx_keyidx,
01455 i, ssid->wep_key[i],
01456 ssid->wep_key_len[i]);
01457 }
01458 }
01459 }
01460
01461 wpa_s->current_ssid = ssid;
01462 wpa_sm_set_config(wpa_s->wpa, wpa_s->current_ssid);
01463 wpa_supplicant_initiate_eapol(wpa_s);
01464 }
01465
01466
01476 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
01477 int reason_code)
01478 {
01479 u8 *addr = NULL;
01480 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
01481 if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
01482 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
01483 addr = wpa_s->bssid;
01484 }
01485 wpa_clear_keys(wpa_s, addr);
01486 wpa_s->current_ssid = NULL;
01487 wpa_sm_set_config(wpa_s->wpa, NULL);
01488 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
01489 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
01490 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
01491 }
01492
01493
01503 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
01504 int reason_code)
01505 {
01506 u8 *addr = NULL;
01507 wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
01508 if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
01509 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
01510 addr = wpa_s->bssid;
01511 }
01512 wpa_clear_keys(wpa_s, addr);
01513 wpa_s->current_ssid = NULL;
01514 wpa_sm_set_config(wpa_s->wpa, NULL);
01515 eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
01516 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
01517 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
01518 }
01519
01520
01530 int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
01531 {
01532 #define SCAN_AP_LIMIT 128
01533 struct wpa_scan_result *results, *tmp;
01534 int num;
01535
01536 results = malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
01537 if (results == NULL) {
01538 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
01539 "results");
01540 return -1;
01541 }
01542
01543 num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
01544 wpa_printf(MSG_DEBUG, "Scan results: %d", num);
01545 if (num < 0) {
01546 wpa_printf(MSG_DEBUG, "Failed to get scan results");
01547 free(results);
01548 return -1;
01549 }
01550 if (num > SCAN_AP_LIMIT) {
01551 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
01552 num, SCAN_AP_LIMIT);
01553 num = SCAN_AP_LIMIT;
01554 }
01555
01556
01557 tmp = realloc(results, num * sizeof(struct wpa_scan_result));
01558 if (tmp || num == 0) {
01559 results = tmp;
01560 }
01561
01562 free(wpa_s->scan_results);
01563 wpa_s->scan_results = results;
01564 wpa_s->num_scan_results = num;
01565
01566 return 0;
01567 }
01568
01569
01570 #ifndef CONFIG_NO_WPA
01571 static int wpa_get_beacon_ie(struct wpa_supplicant *wpa_s)
01572 {
01573 int i, ret = 0;
01574 struct wpa_scan_result *results, *curr = NULL;
01575
01576 results = wpa_s->scan_results;
01577 if (results == NULL) {
01578 return -1;
01579 }
01580
01581 for (i = 0; i < wpa_s->num_scan_results; i++) {
01582 if (memcmp(results[i].bssid, wpa_s->bssid, ETH_ALEN) == 0) {
01583 curr = &results[i];
01584 break;
01585 }
01586 }
01587
01588 if (curr) {
01589 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, curr->wpa_ie,
01590 curr->wpa_ie_len) ||
01591 wpa_sm_set_ap_rsn_ie(wpa_s->wpa, curr->rsn_ie,
01592 curr->rsn_ie_len))
01593 ret = -1;
01594 } else {
01595 ret = -1;
01596 }
01597
01598 return ret;
01599 }
01600
01601
01602 static int wpa_supplicant_get_beacon_ie(void *ctx)
01603 {
01604 struct wpa_supplicant *wpa_s = ctx;
01605 if (wpa_get_beacon_ie(wpa_s) == 0) {
01606 return 0;
01607 }
01608
01609
01610
01611 if (wpa_supplicant_get_scan_results(wpa_s) < 0) {
01612 return -1;
01613 }
01614
01615 return wpa_get_beacon_ie(wpa_s);
01616 }
01617 #endif
01618
01619
01626 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
01627 {
01628 struct wpa_ssid *entry;
01629 u8 ssid[MAX_SSID_LEN];
01630 int ssid_len;
01631 u8 bssid[ETH_ALEN];
01632
01633 ssid_len = wpa_drv_get_ssid(wpa_s, ssid);
01634 if (ssid_len < 0) {
01635 wpa_printf(MSG_WARNING, "Could not read SSID from driver.");
01636 return NULL;
01637 }
01638
01639 if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
01640 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
01641 return NULL;
01642 }
01643
01644 entry = wpa_s->conf->ssid;
01645 while (entry) {
01646 if (!entry->disabled &&
01647 ssid_len == entry->ssid_len &&
01648 memcmp(ssid, entry->ssid, ssid_len) == 0 &&
01649 (!entry->bssid_set ||
01650 memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
01651 return entry;
01652 entry = entry->next;
01653 }
01654
01655 return NULL;
01656 }
01657
01658
01659 #ifndef CONFIG_NO_WPA
01660 static u8 * _wpa_alloc_eapol(void *wpa_s, u8 type,
01661 const void *data, u16 data_len,
01662 size_t *msg_len, void **data_pos)
01663 {
01664 return wpa_alloc_eapol(wpa_s, type, data, data_len, msg_len, data_pos);
01665 }
01666
01667
01668 static int _wpa_ether_send(void *wpa_s, const u8 *dest, u16 proto,
01669 const u8 *buf, size_t len)
01670 {
01671 return wpa_ether_send(wpa_s, dest, proto, buf, len);
01672 }
01673
01674
01675 static void _wpa_supplicant_req_scan(void *wpa_s, int sec, int usec)
01676 {
01677 wpa_supplicant_req_scan(wpa_s, sec, usec);
01678 }
01679
01680
01681 static void _wpa_supplicant_cancel_auth_timeout(void *wpa_s)
01682 {
01683 wpa_supplicant_cancel_auth_timeout(wpa_s);
01684 }
01685
01686
01687 static void _wpa_supplicant_set_state(void *wpa_s, wpa_states state)
01688 {
01689 wpa_supplicant_set_state(wpa_s, state);
01690 }
01691
01692
01693 static wpa_states _wpa_supplicant_get_state(void *wpa_s)
01694 {
01695 return wpa_supplicant_get_state(wpa_s);
01696 }
01697
01698
01699 static void _wpa_supplicant_disassociate(void *wpa_s, int reason_code)
01700 {
01701 wpa_supplicant_disassociate(wpa_s, reason_code);
01702 }
01703
01704
01705 static void _wpa_supplicant_deauthenticate(void *wpa_s, int reason_code)
01706 {
01707 wpa_supplicant_deauthenticate(wpa_s, reason_code);
01708 }
01709
01710
01711 static struct wpa_ssid * _wpa_supplicant_get_ssid(void *wpa_s)
01712 {
01713 return wpa_supplicant_get_ssid(wpa_s);
01714 }
01715
01716
01717 static int wpa_supplicant_get_bssid(void *wpa_s, u8 *bssid)
01718 {
01719 return wpa_drv_get_bssid(wpa_s, bssid);
01720 }
01721
01722
01723 static int wpa_supplicant_set_key(void *wpa_s, wpa_alg alg,
01724 const u8 *addr, int key_idx, int set_tx,
01725 const u8 *seq, size_t seq_len,
01726 const u8 *key, size_t key_len)
01727 {
01728 return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len,
01729 key, key_len);
01730 }
01731
01732
01733 static int wpa_supplicant_add_pmkid(void *wpa_s,
01734 const u8 *bssid, const u8 *pmkid)
01735 {
01736 return wpa_drv_add_pmkid(wpa_s, bssid, pmkid);
01737 }
01738
01739
01740 static int wpa_supplicant_remove_pmkid(void *wpa_s,
01741 const u8 *bssid, const u8 *pmkid)
01742 {
01743 return wpa_drv_remove_pmkid(wpa_s, bssid, pmkid);
01744 }
01745 #endif
01746
01747
01748 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
01749 const char *name)
01750 {
01751 int i;
01752
01753 if (wpa_s == NULL)
01754 return -1;
01755
01756 if (wpa_supplicant_drivers[0] == NULL) {
01757 wpa_printf(MSG_ERROR, "No driver interfaces build into "
01758 "wpa_supplicant.");
01759 return -1;
01760 }
01761
01762 if (name == NULL) {
01763
01764 wpa_s->driver = wpa_supplicant_drivers[0];
01765 return 0;
01766 }
01767
01768 for (i = 0; wpa_supplicant_drivers[i]; i++) {
01769 if (strcmp(name, wpa_supplicant_drivers[i]->name) == 0) {
01770 wpa_s->driver = wpa_supplicant_drivers[i];
01771 return 0;
01772 }
01773 }
01774
01775 printf("Unsupported driver '%s'.\n", name);
01776 return -1;
01777 }
01778
01779
01780 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
01781 const u8 *buf, size_t len)
01782 {
01783 struct wpa_supplicant *wpa_s = ctx;
01784
01785 wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
01786 wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
01787
01788 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
01789 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
01790 "no key management is configured");
01791 return;
01792 }
01793
01794 if (wpa_s->eapol_received == 0) {
01795
01796 wpa_supplicant_req_auth_timeout(
01797 wpa_s,
01798 (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X ||
01799 wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) ?
01800 70 : 10, 0);
01801 }
01802 wpa_s->eapol_received++;
01803
01804 if (wpa_s->countermeasures) {
01805 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
01806 "packet");
01807 return;
01808 }
01809
01810
01811
01812
01813
01814
01815
01816 memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
01817 if (wpa_s->key_mgmt != WPA_KEY_MGMT_PSK &&
01818 eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
01819 return;
01820 wpa_drv_poll(wpa_s);
01821 wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
01822 }
01823
01824
01837 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s,
01838 int wait_for_interface)
01839 {
01840 static int interface_count = 0;
01841
01842 for (;;) {
01843 if (wpa_s->driver->send_eapol) {
01844 const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
01845 if (addr)
01846 memcpy(wpa_s->own_addr, addr, ETH_ALEN);
01847 break;
01848 }
01849 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
01850 wpa_drv_get_mac_addr(wpa_s),
01851 ETH_P_EAPOL,
01852 wpa_supplicant_rx_eapol, wpa_s, 0);
01853 if (wpa_s->l2)
01854 break;
01855 else if (!wait_for_interface)
01856 return -1;
01857 printf("Waiting for interface..\n");
01858 sleep(5);
01859 }
01860
01861 if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
01862 fprintf(stderr, "Failed to get own L2 address\n");
01863 return -1;
01864 }
01865
01866 wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
01867 MAC2STR(wpa_s->own_addr));
01868
01869
01870
01871
01872 if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
01873 struct wpa_driver_capa capa;
01874 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
01875 !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
01876 WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
01877 wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
01878
01879 } else {
01880 fprintf(stderr, "Failed to enable WPA in the "
01881 "driver.\n");
01882 return -1;
01883 }
01884 }
01885
01886 wpa_clear_keys(wpa_s, NULL);
01887
01888
01889
01890 wpa_drv_set_countermeasures(wpa_s, 0);
01891
01892 wpa_drv_set_drop_unencrypted(wpa_s, 1);
01893
01894 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
01895 wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
01896 interface_count++;
01897
01898 return 0;
01899 }
01900
01901
01902 static int wpa_supplicant_daemon(const char *pid_file)
01903 {
01904 wpa_printf(MSG_DEBUG, "Daemonize..");
01905 if (daemon(0, 0)) {
01906 perror("daemon");
01907 return -1;
01908 }
01909
01910 if (pid_file) {
01911 FILE *f = fopen(pid_file, "w");
01912 if (f) {
01913 fprintf(f, "%u\n", getpid());
01914 fclose(f);
01915 }
01916 }
01917
01918 return 0;
01919 }
01920
01921
01922 static struct wpa_supplicant * wpa_supplicant_alloc(void)
01923 {
01924 struct wpa_supplicant *wpa_s;
01925
01926 wpa_s = malloc(sizeof(*wpa_s));
01927 if (wpa_s == NULL)
01928 return NULL;
01929 memset(wpa_s, 0, sizeof(*wpa_s));
01930 wpa_s->ctrl_sock = -1;
01931 wpa_s->scan_req = 1;
01932
01933 return wpa_s;
01934 }
01935
01936
01937 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
01938 struct wpa_interface *iface)
01939 {
01940 wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
01941 "'%s' ctrl_interface '%s'", iface->ifname,
01942 iface->confname ? iface->confname : "N/A",
01943 iface->driver ? iface->driver : "default",
01944 iface->ctrl_interface ? iface->ctrl_interface : "N/A");
01945
01946 if (wpa_supplicant_set_driver(wpa_s, iface->driver) < 0) {
01947 return -1;
01948 }
01949
01950 if (iface->confname) {
01951 #ifdef CONFIG_BACKEND_FILE
01952 wpa_s->confname = rel2abs_path(iface->confname);
01953 if (wpa_s->confname == NULL) {
01954 wpa_printf(MSG_ERROR, "Failed to get absolute path "
01955 "for configuration file '%s'.",
01956 iface->confname);
01957 return -1;
01958 }
01959 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
01960 iface->confname, wpa_s->confname);
01961 #else
01962 wpa_s->confname = strdup(iface->confname);
01963 #endif
01964 wpa_s->conf = wpa_config_read(wpa_s->confname);
01965 if (wpa_s->conf == NULL) {
01966 printf("Failed to read read or parse configuration "
01967 "'%s'.\n", wpa_s->confname);
01968 return -1;
01969 }
01970
01971
01972
01973
01974
01975 if (iface->ctrl_interface) {
01976 free(wpa_s->conf->ctrl_interface);
01977 wpa_s->conf->ctrl_interface =
01978 strdup(iface->ctrl_interface);
01979 }
01980
01981 if (iface->driver_param) {
01982 free(wpa_s->conf->driver_param);
01983 wpa_s->conf->driver_param =
01984 strdup(iface->driver_param);
01985 }
01986 } else
01987 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
01988 iface->driver_param);
01989
01990 if (wpa_s->conf == NULL) {
01991 printf("\nNo configuration found.\n");
01992 return -1;
01993 }
01994
01995 if (iface->ifname == NULL) {
01996 printf("\nInterface name is required.\n");
01997 return -1;
01998 }
01999 if (strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
02000 printf("Too long interface name '%s'.\n", iface->ifname);
02001 return -1;
02002 }
02003 strncpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
02004
02005 return 0;
02006 }
02007
02008
02009 static int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s)
02010 {
02011 #ifdef IEEE8021X_EAPOL
02012 struct eapol_ctx *ctx;
02013 ctx = malloc(sizeof(*ctx));
02014 if (ctx == NULL) {
02015 printf("Failed to allocate EAPOL context.\n");
02016 return -1;
02017 }
02018
02019 memset(ctx, 0, sizeof(*ctx));
02020 ctx->ctx = wpa_s;
02021 ctx->msg_ctx = wpa_s;
02022 ctx->eapol_send_ctx = wpa_s;
02023 ctx->preauth = 0;
02024 ctx->eapol_done_cb = wpa_supplicant_notify_eapol_done;
02025 ctx->eapol_send = wpa_supplicant_eapol_send;
02026 ctx->set_wep_key = wpa_eapol_set_wep_key;
02027 ctx->set_config_blob = wpa_supplicant_set_config_blob;
02028 ctx->get_config_blob = wpa_supplicant_get_config_blob;
02029 ctx->aborted_cached = wpa_supplicant_aborted_cached;
02030 ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
02031 ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
02032 ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
02033 wpa_s->eapol = eapol_sm_init(ctx);
02034 if (wpa_s->eapol == NULL) {
02035 free(ctx);
02036 printf("Failed to initialize EAPOL state machines.\n");
02037 return -1;
02038 }
02039 #endif
02040
02041 return 0;
02042 }
02043
02044
02045 static int wpa_supplicant_init_wpa(struct wpa_supplicant *wpa_s)
02046 {
02047 #ifndef CONFIG_NO_WPA
02048 struct wpa_sm_ctx *ctx;
02049 ctx = malloc(sizeof(*ctx));
02050 if (ctx == NULL) {
02051 printf("Failed to allocate WPA context.\n");
02052 return -1;
02053 }
02054
02055 memset(ctx, 0, sizeof(*ctx));
02056 ctx->ctx = wpa_s;
02057 ctx->set_state = _wpa_supplicant_set_state;
02058 ctx->get_state = _wpa_supplicant_get_state;
02059 ctx->req_scan = _wpa_supplicant_req_scan;
02060 ctx->deauthenticate = _wpa_supplicant_deauthenticate;
02061 ctx->disassociate = _wpa_supplicant_disassociate;
02062 ctx->set_key = wpa_supplicant_set_key;
02063 ctx->scan = wpa_supplicant_scan;
02064 ctx->get_ssid = _wpa_supplicant_get_ssid;
02065 ctx->get_bssid = wpa_supplicant_get_bssid;
02066 ctx->ether_send = _wpa_ether_send;
02067 ctx->get_beacon_ie = wpa_supplicant_get_beacon_ie;
02068 ctx->alloc_eapol = _wpa_alloc_eapol;
02069 ctx->cancel_auth_timeout = _wpa_supplicant_cancel_auth_timeout;
02070 ctx->add_pmkid = wpa_supplicant_add_pmkid;
02071 ctx->remove_pmkid = wpa_supplicant_remove_pmkid;
02072 ctx->set_config_blob = wpa_supplicant_set_config_blob;
02073 ctx->get_config_blob = wpa_supplicant_get_config_blob;
02074
02075 wpa_s->wpa = wpa_sm_init(ctx);
02076 if (wpa_s->wpa == NULL) {
02077 fprintf(stderr, "Failed to initialize WPA state machine\n");
02078 return -1;
02079 }
02080 #endif
02081
02082 return 0;
02083 }
02084
02085
02086 static int wpa_supplicant_init_iface2(struct wpa_supplicant *wpa_s,
02087 int wait_for_interface)
02088 {
02089 const char *ifname;
02090
02091 wpa_printf(MSG_DEBUG, "Initializing interface (2) '%s'",
02092 wpa_s->ifname);
02093
02094 if (wpa_supplicant_init_eapol(wpa_s) < 0)
02095 return -1;
02096
02097
02098 eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
02099 eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
02100
02101
02102
02103
02104
02105 wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
02106 if (wpa_s->drv_priv == NULL) {
02107 fprintf(stderr, "Failed to initialize driver interface\n");
02108 return -1;
02109 }
02110 if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
02111 fprintf(stderr, "Driver interface rejected driver_param "
02112 "'%s'\n", wpa_s->conf->driver_param);
02113 return -1;
02114 }
02115
02116 ifname = wpa_drv_get_ifname(wpa_s);
02117 if (ifname && strcmp(ifname, wpa_s->ifname) != 0) {
02118 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
02119 "name with '%s'", ifname);
02120 strncpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
02121 }
02122
02123 if (wpa_supplicant_init_wpa(wpa_s) < 0)
02124 return -1;
02125
02126 wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname);
02127 wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
02128 wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
02129
02130 if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
02131 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
02132 wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
02133 fprintf(stderr, "Invalid WPA parameter value for "
02134 "dot11RSNAConfigPMKLifetime\n");
02135 return -1;
02136 }
02137
02138 if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
02139 wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
02140 wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
02141 fprintf(stderr, "Invalid WPA parameter value for "
02142 "dot11RSNAConfigPMKReauthThreshold\n");
02143 return -1;
02144 }
02145
02146 if (wpa_s->conf->dot11RSNAConfigSATimeout &&
02147 wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
02148 wpa_s->conf->dot11RSNAConfigSATimeout)) {
02149 fprintf(stderr, "Invalid WPA parameter value for "
02150 "dot11RSNAConfigSATimeout\n");
02151 return -1;
02152 }
02153
02154 if (wpa_supplicant_driver_init(wpa_s, wait_for_interface) < 0) {
02155 return -1;
02156 }
02157 wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
02158
02159 if (wpa_supplicant_ctrl_iface_init(wpa_s)) {
02160 printf("Failed to initialize control interface '%s'.\n"
02161 "You may have another wpa_supplicant process already "
02162 "running or the file was\n"
02163 "left by an unclean termination of wpa_supplicant in "
02164 "which case you will need\n"
02165 "to manually remove this file before starting "
02166 "wpa_supplicant again.\n",
02167 wpa_s->conf->ctrl_interface);
02168 return -1;
02169 }
02170
02171 return 0;
02172 }
02173
02174
02175 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
02176 {
02177 if (wpa_s->drv_priv) {
02178 wpa_supplicant_deauthenticate(wpa_s, REASON_DEAUTH_LEAVING);
02179
02180
02181
02182
02183 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
02184 fprintf(stderr, "Failed to disable WPA in the "
02185 "driver.\n");
02186 }
02187
02188 wpa_drv_set_drop_unencrypted(wpa_s, 0);
02189 wpa_drv_set_countermeasures(wpa_s, 0);
02190 wpa_clear_keys(wpa_s, NULL);
02191
02192 wpa_drv_deinit(wpa_s);
02193 }
02194 wpa_supplicant_cleanup(wpa_s);
02195 }
02196
02197
02211 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
02212 struct wpa_interface *iface)
02213 {
02214 struct wpa_supplicant *wpa_s;
02215
02216 if (global == NULL || iface == NULL)
02217 return NULL;
02218
02219 wpa_s = wpa_supplicant_alloc();
02220 if (wpa_s == NULL)
02221 return NULL;
02222
02223 if (wpa_supplicant_init_iface(wpa_s, iface) ||
02224 wpa_supplicant_init_iface2(wpa_s,
02225 global->params.wait_for_interface)) {
02226 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
02227 iface->ifname);
02228 wpa_supplicant_deinit_iface(wpa_s);
02229 free(wpa_s);
02230 return NULL;
02231 }
02232
02233 wpa_s->global = global;
02234 wpa_s->next = global->ifaces;
02235 global->ifaces = wpa_s;
02236
02237 wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
02238
02239 return wpa_s;
02240 }
02241
02242
02255 int wpa_supplicant_remove_iface(struct wpa_global *global,
02256 struct wpa_supplicant *wpa_s)
02257 {
02258 struct wpa_supplicant *prev;
02259
02260
02261 prev = global->ifaces;
02262 if (prev == wpa_s) {
02263 global->ifaces = wpa_s->next;
02264 } else {
02265 while (prev && prev->next != wpa_s)
02266 prev = prev->next;
02267 if (prev == NULL)
02268 return -1;
02269 prev->next = wpa_s->next;
02270 }
02271
02272 wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
02273
02274 wpa_supplicant_deinit_iface(wpa_s);
02275 free(wpa_s);
02276
02277 return 0;
02278 }
02279
02280
02288 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
02289 const char *ifname)
02290 {
02291 struct wpa_supplicant *wpa_s;
02292
02293 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
02294 if (strcmp(wpa_s->ifname, ifname) == 0)
02295 return wpa_s;
02296 }
02297 return NULL;
02298 }
02299
02300
02311 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
02312 {
02313 struct wpa_global *global;
02314
02315 if (params == NULL)
02316 return NULL;
02317 global = malloc(sizeof(*global));
02318 if (global == NULL)
02319 return NULL;
02320 memset(global, 0, sizeof(*global));
02321 global->params.daemonize = params->daemonize;
02322 global->params.wait_for_interface = params->wait_for_interface;
02323 global->params.wait_for_monitor = params->wait_for_monitor;
02324 if (params->pid_file)
02325 global->params.pid_file = strdup(params->pid_file);
02326 if (params->ctrl_interface)
02327 global->params.ctrl_interface = strdup(params->ctrl_interface);
02328 wpa_debug_level = global->params.wpa_debug_level =
02329 params->wpa_debug_level;
02330 wpa_debug_show_keys = global->params.wpa_debug_show_keys =
02331 params->wpa_debug_show_keys;
02332 wpa_debug_timestamp = global->params.wpa_debug_timestamp =
02333 params->wpa_debug_timestamp;
02334
02335 eloop_init(global);
02336
02337 if (wpa_supplicant_global_ctrl_iface_init(global)) {
02338 wpa_supplicant_deinit(global);
02339 return NULL;
02340 }
02341
02342 if (global->params.wait_for_interface && global->params.daemonize &&
02343 wpa_supplicant_daemon(global->params.pid_file)) {
02344 wpa_supplicant_deinit(global);
02345 return NULL;
02346 }
02347
02348 return global;
02349 }
02350
02351
02362 int wpa_supplicant_run(struct wpa_global *global)
02363 {
02364 struct wpa_supplicant *wpa_s;
02365
02366 if (!global->params.wait_for_interface && global->params.daemonize &&
02367 wpa_supplicant_daemon(global->params.pid_file))
02368 return -1;
02369
02370 if (global->params.wait_for_monitor) {
02371 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
02372 wpa_supplicant_ctrl_iface_wait(wpa_s);
02373 }
02374
02375 eloop_register_signal(SIGINT, wpa_supplicant_terminate, NULL);
02376 eloop_register_signal(SIGTERM, wpa_supplicant_terminate, NULL);
02377 #ifndef CONFIG_NATIVE_WINDOWS
02378 eloop_register_signal(SIGHUP, wpa_supplicant_reconfig, NULL);
02379 #endif
02380
02381 eloop_run();
02382
02383 return 0;
02384 }
02385
02386
02395 void wpa_supplicant_deinit(struct wpa_global *global)
02396 {
02397 if (global == NULL)
02398 return;
02399
02400 while (global->ifaces)
02401 wpa_supplicant_remove_iface(global, global->ifaces);
02402
02403 wpa_supplicant_global_ctrl_iface_deinit(global);
02404
02405 eloop_destroy();
02406
02407 if (global->params.pid_file) {
02408 unlink(global->params.pid_file);
02409 free(global->params.pid_file);
02410 }
02411 free(global->params.ctrl_interface);
02412
02413 free(global);
02414 }
02415
