wpa_supplicant.c

Go to the documentation of this file.
00001 
00016 #include <stdlib.h>
00017 #include <stdio.h>
00018 #include <stdarg.h>
00019 #include <unistd.h>
00020 #include <string.h>
00021 #include <time.h>
00022 #include <signal.h>
00023 #ifndef CONFIG_NATIVE_WINDOWS
00024 #include <netinet/in.h>
00025 #endif /* CONFIG_NATIVE_WINDOWS */
00026 
00027 #include "common.h"
00028 #include "eapol_sm.h"
00029 #include "eap.h"
00030 #include "wpa.h"
00031 #include "eloop.h"
00032 #include "wpa_supplicant.h"
00033 #include "config.h"
00034 #include "l2_packet.h"
00035 #include "wpa_supplicant_i.h"
00036 #include "ctrl_iface.h"
00037 #include "pcsc_funcs.h"
00038 #include "version.h"
00039 #include "preauth.h"
00040 #include "wpa_ctrl.h"
00041 
00042 const char *wpa_supplicant_version =
00043 "wpa_supplicant v" VERSION_STR "\n"
00044 "Copyright (c) 2003-2005, Jouni Malinen <[email protected]> and contributors";
00045 
00046 const char *wpa_supplicant_license =
00047 "This program is free software. You can distribute it and/or modify it\n"
00048 "under the terms of the GNU General Public License version 2.\n"
00049 "\n"
00050 "Alternatively, this software may be distributed under the terms of the\n"
00051 "BSD license. See README and COPYING for more details.\n"
00052 #ifdef EAP_TLS_FUNCS
00053 "\nThis product includes software developed by the OpenSSL Project\n"
00054 "for use in the OpenSSL Toolkit (http://www.openssl.org/)\n"
00055 #endif /* EAP_TLS_FUNCS */
00056 ;
00057 
00058 #ifndef CONFIG_NO_STDOUT_DEBUG
00059 const char *wpa_supplicant_full_license =
00060 "This program is free software; you can redistribute it and/or modify\n"
00061 "it under the terms of the GNU General Public License version 2 as\n"
00062 "published by the Free Software Foundation.\n"
00063 "\n"
00064 "This program is distributed in the hope that it will be useful,\n"
00065 "but WITHOUT ANY WARRANTY; without even the implied warranty of\n"
00066 "MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the\n"
00067 "GNU General Public License for more details.\n"
00068 "\n"
00069 "You should have received a copy of the GNU General Public License\n"
00070 "along with this program; if not, write to the Free Software\n"
00071 "Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA\n"
00072 "\n"
00073 "Alternatively, this software may be distributed under the terms of the\n"
00074 "BSD license.\n"
00075 "\n"
00076 "Redistribution and use in source and binary forms, with or without\n"
00077 "modification, are permitted provided that the following conditions are\n"
00078 "met:\n"
00079 "\n"
00080 "1. Redistributions of source code must retain the above copyright\n"
00081 "   notice, this list of conditions and the following disclaimer.\n"
00082 "\n"
00083 "2. Redistributions in binary form must reproduce the above copyright\n"
00084 "   notice, this list of conditions and the following disclaimer in the\n"
00085 "   documentation and/or other materials provided with the distribution.\n"
00086 "\n"
00087 "3. Neither the name(s) of the above-listed copyright holder(s) nor the\n"
00088 "   names of its contributors may be used to endorse or promote products\n"
00089 "   derived from this software without specific prior written permission.\n"
00090 "\n"
00091 "THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS\n"
00092 "\"AS IS\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT\n"
00093 "LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR\n"
00094 "A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT\n"
00095 "OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,\n"
00096 "SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT\n"
00097 "LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,\n"
00098 "DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY\n"
00099 "THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT\n"
00100 "(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE\n"
00101 "OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n"
00102 "\n";
00103 #endif /* CONFIG_NO_STDOUT_DEBUG */
00104 
00105 extern struct wpa_driver_ops *wpa_supplicant_drivers[];
00106 
00107 extern int wpa_debug_level;
00108 extern int wpa_debug_show_keys;
00109 extern int wpa_debug_timestamp;
00110 
00111 static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx);
00112 
00113 void wpa_msg(struct wpa_supplicant *wpa_s, int level, char *fmt, ...)
00114 {
00115         va_list ap;
00116         char *buf;
00117         const int buflen = 2048;
00118         int len;
00119 
00120         buf = malloc(buflen);
00121         if (buf == NULL) {
00122                 printf("Failed to allocate message buffer for:\n");
00123                 va_start(ap, fmt);
00124                 vprintf(fmt, ap);
00125                 printf("\n");
00126                 va_end(ap);
00127                 return;
00128         }
00129         va_start(ap, fmt);
00130         len = vsnprintf(buf, buflen, fmt, ap);
00131         va_end(ap);
00132         wpa_printf(level, "%s", buf);
00133         wpa_supplicant_ctrl_iface_send(wpa_s, level, buf, len);
00134         free(buf);
00135 }
00136 
00137 
00138 static u8 * wpa_alloc_eapol(const struct wpa_supplicant *wpa_s, u8 type,
00139                             const void *data, u16 data_len,
00140                             size_t *msg_len, void **data_pos)
00141 {
00142         struct ieee802_1x_hdr *hdr;
00143 
00144         *msg_len = sizeof(*hdr) + data_len;
00145         hdr = malloc(*msg_len);
00146         if (hdr == NULL)
00147                 return NULL;
00148 
00149         hdr->version = wpa_s->conf->eapol_version;
00150         hdr->type = type;
00151         hdr->length = htons(data_len);
00152 
00153         if (data)
00154                 memcpy(hdr + 1, data, data_len);
00155         else
00156                 memset(hdr + 1, 0, data_len);
00157 
00158         if (data_pos)
00159                 *data_pos = hdr + 1;
00160 
00161         return (u8 *) hdr;
00162 }
00163 
00164 
00174 int wpa_ether_send(struct wpa_supplicant *wpa_s, const u8 *dest, u16 proto,
00175                    const u8 *buf, size_t len)
00176 {
00177         if (wpa_s->l2) {
00178                 return l2_packet_send(wpa_s->l2, dest, proto, buf, len);
00179         }
00180 
00181         return wpa_drv_send_eapol(wpa_s, dest, proto, buf, len);
00182 }
00183 
00184 
00185 #ifdef IEEE8021X_EAPOL
00186 
00197 static int wpa_supplicant_eapol_send(void *ctx, int type, const u8 *buf,
00198                                      size_t len)
00199 {
00200         struct wpa_supplicant *wpa_s = ctx;
00201         u8 *msg, *dst, bssid[ETH_ALEN];
00202         size_t msglen;
00203         int res;
00204 
00205         /* TODO: could add l2_packet_sendmsg that allows fragments to avoid
00206          * extra copy here */
00207 
00208         if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK ||
00209             wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
00210                 /* Current SSID is not using IEEE 802.1X/EAP, so drop possible
00211                  * EAPOL frames (mainly, EAPOL-Start) from EAPOL state
00212                  * machines. */
00213                 wpa_printf(MSG_DEBUG, "WPA: drop TX EAPOL in non-IEEE 802.1X "
00214                            "mode (type=%d len=%lu)", type,
00215                            (unsigned long) len);
00216                 return -1;
00217         }
00218 
00219         if (pmksa_cache_get_current(wpa_s->wpa) &&
00220             type == IEEE802_1X_TYPE_EAPOL_START) {
00221                 /* Trying to use PMKSA caching - do not send EAPOL-Start frames
00222                  * since they will trigger full EAPOL authentication. */
00223                 wpa_printf(MSG_DEBUG, "RSN: PMKSA caching - do not send "
00224                            "EAPOL-Start");
00225                 return -1;
00226         }
00227 
00228         if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) == 0) {
00229                 wpa_printf(MSG_DEBUG, "BSSID not set when trying to send an "
00230                            "EAPOL frame");
00231                 if (wpa_drv_get_bssid(wpa_s, bssid) == 0 &&
00232                     memcmp(bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
00233                         dst = bssid;
00234                         wpa_printf(MSG_DEBUG, "Using current BSSID " MACSTR
00235                                    " from the driver as the EAPOL destination",
00236                                    MAC2STR(dst));
00237                 } else {
00238                         dst = wpa_s->last_eapol_src;
00239                         wpa_printf(MSG_DEBUG, "Using the source address of the"
00240                                    " last received EAPOL frame " MACSTR " as "
00241                                    "the EAPOL destination",
00242                                    MAC2STR(dst));
00243                 }
00244         } else {
00245                 /* BSSID was already set (from (Re)Assoc event, so use it as
00246                  * the EAPOL destination. */
00247                 dst = wpa_s->bssid;
00248         }
00249 
00250         msg = wpa_alloc_eapol(wpa_s, type, buf, len, &msglen, NULL);
00251         if (msg == NULL)
00252                 return -1;
00253 
00254         wpa_hexdump(MSG_MSGDUMP, "TX EAPOL", msg, msglen);
00255         res = wpa_ether_send(wpa_s, dst, ETH_P_EAPOL, msg, msglen);
00256         free(msg);
00257         return res;
00258 }
00259 
00260 
00272 static int wpa_eapol_set_wep_key(void *ctx, int unicast, int keyidx,
00273                                  const u8 *key, size_t keylen)
00274 {
00275         struct wpa_supplicant *wpa_s = ctx;
00276         return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
00277                                unicast ? wpa_s->bssid :
00278                                (u8 *) "\xff\xff\xff\xff\xff\xff",
00279                                keyidx, unicast, (u8 *) "", 0, key, keylen);
00280 }
00281 #endif /* IEEE8021X_EAPOL */
00282 
00283 
00284 #if defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA)
00285 static void wpa_supplicant_set_config_blob(void *ctx,
00286                                            struct wpa_config_blob *blob)
00287 {
00288         struct wpa_supplicant *wpa_s = ctx;
00289         wpa_config_set_blob(wpa_s->conf, blob);
00290 }
00291 
00292 
00293 static const struct wpa_config_blob *
00294 wpa_supplicant_get_config_blob(void *ctx, const char *name)
00295 {
00296         struct wpa_supplicant *wpa_s = ctx;
00297         return wpa_config_get_blob(wpa_s->conf, name);
00298 }
00299 #endif /* defined(IEEE8021X_EAPOL) || !defined(CONFIG_NO_WPA) */
00300 
00301 
00302 /* Configure default/group WEP key for static WEP */
00303 static int wpa_set_wep_key(void *ctx, int set_tx, int keyidx, const u8 *key,
00304                            size_t keylen)
00305 {
00306         struct wpa_supplicant *wpa_s = ctx;
00307         return wpa_drv_set_key(wpa_s, WPA_ALG_WEP,
00308                                (u8 *) "\xff\xff\xff\xff\xff\xff",
00309                                keyidx, set_tx, (u8 *) "", 0, key, keylen);
00310 }
00311 
00312 
00313 static int wpa_supplicant_set_wpa_none_key(struct wpa_supplicant *wpa_s,
00314                                            struct wpa_ssid *ssid)
00315 {
00316         u8 key[32];
00317         size_t keylen;
00318         wpa_alg alg;
00319         u8 seq[6] = { 0 };
00320 
00321         /* IBSS/WPA-None uses only one key (Group) for both receiving and
00322          * sending unicast and multicast packets. */
00323 
00324         if (ssid->mode != IEEE80211_MODE_IBSS) {
00325                 wpa_printf(MSG_INFO, "WPA: Invalid mode %d (not IBSS/ad-hoc) "
00326                            "for WPA-None", ssid->mode);
00327                 return -1;
00328         }
00329 
00330         if (!ssid->psk_set) {
00331                 wpa_printf(MSG_INFO, "WPA: No PSK configured for WPA-None");
00332                 return -1;
00333         }
00334 
00335         switch (wpa_s->group_cipher) {
00336         case WPA_CIPHER_CCMP:
00337                 memcpy(key, ssid->psk, 16);
00338                 keylen = 16;
00339                 alg = WPA_ALG_CCMP;
00340                 break;
00341         case WPA_CIPHER_TKIP:
00342                 /* WPA-None uses the same Michael MIC key for both TX and RX */
00343                 memcpy(key, ssid->psk, 16 + 8);
00344                 memcpy(key + 16 + 8, ssid->psk + 16, 8);
00345                 keylen = 32;
00346                 alg = WPA_ALG_TKIP;
00347                 break;
00348         default:
00349                 wpa_printf(MSG_INFO, "WPA: Invalid group cipher %d for "
00350                            "WPA-None", wpa_s->group_cipher);
00351                 return -1;
00352         }
00353 
00354         /* TODO: should actually remember the previously used seq#, both for TX
00355          * and RX from each STA.. */
00356 
00357         return wpa_drv_set_key(wpa_s, alg, (u8 *) "\xff\xff\xff\xff\xff\xff",
00358                                0, 1, seq, 6, key, keylen);
00359 }
00360 
00361 
00362 #ifdef IEEE8021X_EAPOL
00363 static void wpa_supplicant_notify_eapol_done(void *ctx)
00364 {
00365         struct wpa_supplicant *wpa_s = ctx;
00366         wpa_msg(wpa_s, MSG_DEBUG, "WPA: EAPOL processing complete");
00367         if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X) {
00368                 wpa_supplicant_set_state(wpa_s, WPA_4WAY_HANDSHAKE);
00369         } else {
00370                 eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00371                 wpa_supplicant_cancel_auth_timeout(wpa_s);
00372                 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
00373         }
00374 }
00375 #endif /* IEEE8021X_EAPOL */
00376 
00377 
00378 struct wpa_blacklist * wpa_blacklist_get(struct wpa_supplicant *wpa_s,
00379                                          const u8 *bssid)
00380 {
00381         struct wpa_blacklist *e;
00382 
00383         e = wpa_s->blacklist;
00384         while (e) {
00385                 if (memcmp(e->bssid, bssid, ETH_ALEN) == 0)
00386                         return e;
00387                 e = e->next;
00388         }
00389 
00390         return NULL;
00391 }
00392 
00393 
00394 int wpa_blacklist_add(struct wpa_supplicant *wpa_s, const u8 *bssid)
00395 {
00396         struct wpa_blacklist *e;
00397 
00398         e = wpa_blacklist_get(wpa_s, bssid);
00399         if (e) {
00400                 e->count++;
00401                 wpa_printf(MSG_DEBUG, "BSSID " MACSTR " blacklist count "
00402                            "incremented to %d",
00403                            MAC2STR(bssid), e->count);
00404                 return 0;
00405         }
00406 
00407         e = malloc(sizeof(*e));
00408         if (e == NULL)
00409                 return -1;
00410         memset(e, 0, sizeof(*e));
00411         memcpy(e->bssid, bssid, ETH_ALEN);
00412         e->count = 1;
00413         e->next = wpa_s->blacklist;
00414         wpa_s->blacklist = e;
00415         wpa_printf(MSG_DEBUG, "Added BSSID " MACSTR " into blacklist",
00416                    MAC2STR(bssid));
00417 
00418         return 0;
00419 }
00420 
00421 
00422 int wpa_blacklist_del(struct wpa_supplicant *wpa_s, const u8 *bssid)
00423 {
00424         struct wpa_blacklist *e, *prev = NULL;
00425 
00426         e = wpa_s->blacklist;
00427         while (e) {
00428                 if (memcmp(e->bssid, bssid, ETH_ALEN) == 0) {
00429                         if (prev == NULL) {
00430                                 wpa_s->blacklist = e->next;
00431                         } else {
00432                                 prev->next = e->next;
00433                         }
00434                         wpa_printf(MSG_DEBUG, "Removed BSSID " MACSTR " from "
00435                                    "blacklist", MAC2STR(bssid));
00436                         free(e);
00437                         return 0;
00438                 }
00439                 prev = e;
00440                 e = e->next;
00441         }
00442         return -1;
00443 }
00444 
00445 
00446 void wpa_blacklist_clear(struct wpa_supplicant *wpa_s)
00447 {
00448         struct wpa_blacklist *e, *prev;
00449 
00450         e = wpa_s->blacklist;
00451         wpa_s->blacklist = NULL;
00452         while (e) {
00453                 prev = e;
00454                 e = e->next;
00455                 wpa_printf(MSG_DEBUG, "Removed BSSID " MACSTR " from "
00456                            "blacklist (clear)", MAC2STR(prev->bssid));
00457                 free(prev);
00458         }
00459 }
00460 
00461 
00462 const char * wpa_ssid_txt(u8 *ssid, size_t ssid_len)
00463 {
00464         static char ssid_txt[MAX_SSID_LEN + 1];
00465         char *pos;
00466 
00467         if (ssid_len > MAX_SSID_LEN)
00468                 ssid_len = MAX_SSID_LEN;
00469         memcpy(ssid_txt, ssid, ssid_len);
00470         ssid_txt[ssid_len] = '\0';
00471         for (pos = ssid_txt; *pos != '\0'; pos++) {
00472                 if ((u8) *pos < 32 || (u8) *pos >= 127)
00473                         *pos = '_';
00474         }
00475         return ssid_txt;
00476 }
00477 
00478 
00479 void wpa_supplicant_req_scan(struct wpa_supplicant *wpa_s, int sec, int usec)
00480 {
00481         wpa_msg(wpa_s, MSG_DEBUG, "Setting scan request: %d sec %d usec",
00482                 sec, usec);
00483         eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00484         eloop_register_timeout(sec, usec, wpa_supplicant_scan, wpa_s, NULL);
00485 }
00486 
00487 
00488 void wpa_supplicant_cancel_scan(struct wpa_supplicant *wpa_s)
00489 {
00490         wpa_msg(wpa_s, MSG_DEBUG, "Cancelling scan request");
00491         eloop_cancel_timeout(wpa_supplicant_scan, wpa_s, NULL);
00492 }
00493 
00494 
00495 static void wpa_supplicant_timeout(void *eloop_ctx, void *timeout_ctx)
00496 {
00497         struct wpa_supplicant *wpa_s = eloop_ctx;
00498         wpa_msg(wpa_s, MSG_INFO, "Authentication with " MACSTR " timed out.",
00499                 MAC2STR(wpa_s->bssid));
00500         wpa_blacklist_add(wpa_s, wpa_s->bssid);
00501         wpa_sm_notify_disassoc(wpa_s->wpa);
00502         wpa_supplicant_disassociate(wpa_s, REASON_DEAUTH_LEAVING);
00503         wpa_s->reassociate = 1;
00504         wpa_supplicant_req_scan(wpa_s, 0, 0);
00505 }
00506 
00507 
00508 void wpa_supplicant_req_auth_timeout(struct wpa_supplicant *wpa_s,
00509                                      int sec, int usec)
00510 {
00511         if (wpa_s->conf && wpa_s->conf->ap_scan == 0 &&
00512             wpa_s->driver && strcmp(wpa_s->driver->name, "wired") == 0)
00513                 return;
00514 
00515         wpa_msg(wpa_s, MSG_DEBUG, "Setting authentication timeout: %d sec "
00516                 "%d usec", sec, usec);
00517         eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
00518         eloop_register_timeout(sec, usec, wpa_supplicant_timeout, wpa_s, NULL);
00519 }
00520 
00521 
00522 void wpa_supplicant_cancel_auth_timeout(struct wpa_supplicant *wpa_s)
00523 {
00524         wpa_msg(wpa_s, MSG_DEBUG, "Cancelling authentication timeout");
00525         eloop_cancel_timeout(wpa_supplicant_timeout, wpa_s, NULL);
00526         wpa_blacklist_del(wpa_s, wpa_s->bssid);
00527 }
00528 
00529 
00530 void wpa_supplicant_initiate_eapol(struct wpa_supplicant *wpa_s)
00531 {
00532         struct eapol_config eapol_conf;
00533         struct wpa_ssid *ssid = wpa_s->current_ssid;
00534 
00535         if (wpa_s->key_mgmt == WPA_KEY_MGMT_PSK) {
00536                 eapol_sm_notify_eap_success(wpa_s->eapol, FALSE);
00537                 eapol_sm_notify_eap_fail(wpa_s->eapol, FALSE);
00538         }
00539         if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
00540             wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE)
00541                 eapol_sm_notify_portControl(wpa_s->eapol, ForceAuthorized);
00542         else
00543                 eapol_sm_notify_portControl(wpa_s->eapol, Auto);
00544 
00545         memset(&eapol_conf, 0, sizeof(eapol_conf));
00546         if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
00547                 eapol_conf.accept_802_1x_keys = 1;
00548                 eapol_conf.required_keys = 0;
00549                 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_UNICAST) {
00550                         eapol_conf.required_keys |= EAPOL_REQUIRE_KEY_UNICAST;
00551                 }
00552                 if (ssid->eapol_flags & EAPOL_FLAG_REQUIRE_KEY_BROADCAST) {
00553                         eapol_conf.required_keys |=
00554                                 EAPOL_REQUIRE_KEY_BROADCAST;
00555                 }
00556 
00557                 if (wpa_s->conf && wpa_s->driver &&
00558                     strcmp(wpa_s->driver->name, "wired") == 0) {
00559                         eapol_conf.required_keys = 0;
00560                 }
00561         }
00562         eapol_conf.fast_reauth = wpa_s->conf->fast_reauth;
00563         eapol_conf.workaround = ssid->eap_workaround;
00564         eapol_conf.eap_disabled = wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X &&
00565                 wpa_s->key_mgmt != WPA_KEY_MGMT_IEEE8021X_NO_WPA;
00566         eapol_sm_notify_config(wpa_s->eapol, ssid, &eapol_conf);
00567 }
00568 
00569 
00570 void wpa_supplicant_set_non_wpa_policy(struct wpa_supplicant *wpa_s,
00571                                        struct wpa_ssid *ssid)
00572 {
00573         int i;
00574 
00575         if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA)
00576                 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X_NO_WPA;
00577         else
00578                 wpa_s->key_mgmt = WPA_KEY_MGMT_NONE;
00579         wpa_sm_set_ap_wpa_ie(wpa_s->wpa, NULL, 0);
00580         wpa_sm_set_ap_rsn_ie(wpa_s->wpa, NULL, 0);
00581         wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
00582         wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
00583         wpa_s->group_cipher = WPA_CIPHER_NONE;
00584 
00585         for (i = 0; i < NUM_WEP_KEYS; i++) {
00586                 if (ssid->wep_key_len[i] > 5) {
00587                         wpa_s->pairwise_cipher = WPA_CIPHER_WEP104;
00588                         wpa_s->group_cipher = WPA_CIPHER_WEP104;
00589                         break;
00590                 } else if (ssid->wep_key_len[i] > 0) {
00591                         wpa_s->pairwise_cipher = WPA_CIPHER_WEP40;
00592                         wpa_s->group_cipher = WPA_CIPHER_WEP40;
00593                         break;
00594                 }
00595         }
00596 
00597         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
00598         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
00599                          wpa_s->pairwise_cipher);
00600         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
00601 
00602         pmksa_cache_clear_current(wpa_s->wpa);
00603 }
00604 
00605 
00606 static void wpa_supplicant_cleanup(struct wpa_supplicant *wpa_s)
00607 {
00608         scard_deinit(wpa_s->scard);
00609         wpa_s->scard = NULL;
00610         wpa_sm_set_scard_ctx(wpa_s->wpa, NULL);
00611         eapol_sm_register_scard_ctx(wpa_s->eapol, NULL);
00612         l2_packet_deinit(wpa_s->l2);
00613         wpa_s->l2 = NULL;
00614 
00615         wpa_supplicant_ctrl_iface_deinit(wpa_s);
00616         if (wpa_s->conf != NULL) {
00617                 wpa_config_free(wpa_s->conf);
00618                 wpa_s->conf = NULL;
00619         }
00620 
00621         free(wpa_s->confname);
00622         wpa_s->confname = NULL;
00623 
00624         wpa_sm_set_eapol(wpa_s->wpa, NULL);
00625         eapol_sm_deinit(wpa_s->eapol);
00626         wpa_s->eapol = NULL;
00627 
00628         rsn_preauth_deinit(wpa_s->wpa);
00629 
00630         pmksa_candidate_free(wpa_s->wpa);
00631         pmksa_cache_free(wpa_s->wpa);
00632         wpa_sm_deinit(wpa_s->wpa);
00633         wpa_s->wpa = NULL;
00634         wpa_blacklist_clear(wpa_s);
00635 
00636         free(wpa_s->scan_results);
00637         wpa_s->scan_results = NULL;
00638         wpa_s->num_scan_results = 0;
00639 
00640         wpa_supplicant_cancel_scan(wpa_s);
00641 }
00642 
00643 
00644 void wpa_clear_keys(struct wpa_supplicant *wpa_s, const u8 *addr)
00645 {
00646         u8 *bcast = (u8 *) "\xff\xff\xff\xff\xff\xff";
00647 
00648         if (wpa_s->keys_cleared) {
00649                 /* Some drivers (e.g., ndiswrapper & NDIS drivers) seem to have
00650                  * timing issues with keys being cleared just before new keys
00651                  * are set or just after association or something similar. This
00652                  * shows up in group key handshake failing often because of the
00653                  * client not receiving the first encrypted packets correctly.
00654                  * Skipping some of the extra key clearing steps seems to help
00655                  * in completing group key handshake more reliably. */
00656                 wpa_printf(MSG_DEBUG, "No keys have been configured - "
00657                            "skip key clearing");
00658                 return;
00659         }
00660 
00661         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 0, 0, NULL, 0, NULL, 0);
00662         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 1, 0, NULL, 0, NULL, 0);
00663         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 2, 0, NULL, 0, NULL, 0);
00664         wpa_drv_set_key(wpa_s, WPA_ALG_NONE, bcast, 3, 0, NULL, 0, NULL, 0);
00665         if (addr) {
00666                 wpa_drv_set_key(wpa_s, WPA_ALG_NONE, addr, 0, 0, NULL, 0, NULL,
00667                                 0);
00668         }
00669         wpa_s->keys_cleared = 1;
00670 }
00671 
00672 
00673 const char * wpa_supplicant_state_txt(int state)
00674 {
00675         switch (state) {
00676         case WPA_DISCONNECTED:
00677                 return "DISCONNECTED";
00678         case WPA_INACTIVE:
00679                 return "INACTIVE";
00680         case WPA_SCANNING:
00681                 return "SCANNING";
00682         case WPA_ASSOCIATING:
00683                 return "ASSOCIATING";
00684         case WPA_ASSOCIATED:
00685                 return "ASSOCIATED";
00686         case WPA_4WAY_HANDSHAKE:
00687                 return "4WAY_HANDSHAKE";
00688         case WPA_GROUP_HANDSHAKE:
00689                 return "GROUP_HANDSHAKE";
00690         case WPA_COMPLETED:
00691                 return "COMPLETED";
00692         default:
00693                 return "UNKNOWN";
00694         }
00695 }
00696 
00697 
00698 void wpa_supplicant_set_state(struct wpa_supplicant *wpa_s, wpa_states state)
00699 {
00700         wpa_printf(MSG_DEBUG, "State: %s -> %s",
00701                    wpa_supplicant_state_txt(wpa_s->wpa_state),
00702                    wpa_supplicant_state_txt(state));
00703         if (state == WPA_COMPLETED && wpa_s->new_connection) {
00704                 wpa_s->new_connection = 0;
00705                 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_CONNECTED "- Connection to "
00706                         MACSTR " completed %s",
00707                         MAC2STR(wpa_s->bssid), wpa_s->reassociated_connection ?
00708                         "(reauth)" : "(auth)");
00709                 wpa_s->reassociated_connection = 1;
00710         } else if (state == WPA_DISCONNECTED || state == WPA_ASSOCIATING ||
00711                    state == WPA_ASSOCIATED) {
00712                 wpa_s->new_connection = 1;
00713         }
00714         wpa_s->wpa_state = state;
00715 }
00716 
00717 
00718 wpa_states wpa_supplicant_get_state(struct wpa_supplicant *wpa_s)
00719 {
00720         return wpa_s->wpa_state;
00721 }
00722 
00723 
00724 static void wpa_supplicant_terminate(int sig, void *eloop_ctx,
00725                                      void *signal_ctx)
00726 {
00727         struct wpa_global *global = eloop_ctx;
00728         struct wpa_supplicant *wpa_s;
00729         for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
00730                 wpa_msg(wpa_s, MSG_INFO, WPA_EVENT_TERMINATING "- signal %d "
00731                         "received", sig);
00732         }
00733         eloop_terminate();
00734 }
00735 
00736 
00737 int wpa_supplicant_reload_configuration(struct wpa_supplicant *wpa_s)
00738 {
00739         struct wpa_config *conf;
00740         int reconf_ctrl;
00741         if (wpa_s->confname == NULL)
00742                 return -1;
00743         conf = wpa_config_read(wpa_s->confname);
00744         if (conf == NULL) {
00745                 wpa_msg(wpa_s, MSG_ERROR, "Failed to parse the configuration "
00746                         "file '%s' - exiting", wpa_s->confname);
00747                 return -1;
00748         }
00749 
00750         reconf_ctrl = !!conf->ctrl_interface != !!wpa_s->conf->ctrl_interface
00751                 || (conf->ctrl_interface && wpa_s->conf->ctrl_interface &&
00752                     strcmp(conf->ctrl_interface, wpa_s->conf->ctrl_interface)
00753                     != 0);
00754 
00755         if (reconf_ctrl)
00756                 wpa_supplicant_ctrl_iface_deinit(wpa_s);
00757 
00758         wpa_s->current_ssid = NULL;
00759         /*
00760          * TODO: should notify EAPOL SM about changes in opensc_engine_path,
00761          * pkcs11_engine_path, pkcs11_module_path.
00762          */ 
00763         eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
00764         wpa_sm_set_config(wpa_s->wpa, NULL);
00765         wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
00766         pmksa_cache_notify_reconfig(wpa_s->wpa);
00767         rsn_preauth_deinit(wpa_s->wpa);
00768         wpa_config_free(wpa_s->conf);
00769         wpa_s->conf = conf;
00770         if (reconf_ctrl)
00771                 wpa_supplicant_ctrl_iface_init(wpa_s);
00772         wpa_s->reassociate = 1;
00773         wpa_supplicant_req_scan(wpa_s, 0, 0);
00774         wpa_msg(wpa_s, MSG_DEBUG, "Reconfiguration completed");
00775         return 0;
00776 }
00777 
00778 
00779 #ifndef CONFIG_NATIVE_WINDOWS
00780 static void wpa_supplicant_reconfig(int sig, void *eloop_ctx,
00781                                     void *signal_ctx)
00782 {
00783         struct wpa_global *global = eloop_ctx;
00784         struct wpa_supplicant *wpa_s;
00785         wpa_printf(MSG_DEBUG, "Signal %d received - reconfiguring", sig);
00786         for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
00787                 if (wpa_supplicant_reload_configuration(wpa_s) < 0) {
00788                         eloop_terminate();
00789                 }
00790         }
00791 }
00792 #endif /* CONFIG_NATIVE_WINDOWS */
00793 
00794 
00795 static void wpa_supplicant_gen_assoc_event(struct wpa_supplicant *wpa_s)
00796 {
00797         struct wpa_ssid *ssid;
00798         union wpa_event_data data;
00799 
00800         ssid = wpa_supplicant_get_ssid(wpa_s);
00801         if (ssid == NULL)
00802                 return;
00803 
00804         if (wpa_s->current_ssid == NULL)
00805                 wpa_s->current_ssid = ssid;
00806         wpa_supplicant_initiate_eapol(wpa_s);
00807         wpa_printf(MSG_DEBUG, "Already associated with a configured network - "
00808                    "generating associated event");
00809         memset(&data, 0, sizeof(data));
00810         wpa_supplicant_event(wpa_s, EVENT_ASSOC, &data);
00811 }
00812 
00813 
00814 static void wpa_supplicant_scan(void *eloop_ctx, void *timeout_ctx)
00815 {
00816         struct wpa_supplicant *wpa_s = eloop_ctx;
00817         struct wpa_ssid *ssid;
00818         int enabled, scan_req = 0;
00819 
00820         if (wpa_s->disconnected)
00821                 return;
00822 
00823         enabled = 0;
00824         ssid = wpa_s->conf->ssid;
00825         while (ssid) {
00826                 if (!ssid->disabled) {
00827                         enabled++;
00828                         break;
00829                 }
00830                 ssid = ssid->next;
00831         }
00832         if (!enabled && !wpa_s->scan_req) {
00833                 wpa_printf(MSG_DEBUG, "No enabled networks - do not scan");
00834                 wpa_supplicant_set_state(wpa_s, WPA_INACTIVE);
00835                 return;
00836         }
00837         scan_req = wpa_s->scan_req;
00838         wpa_s->scan_req = 0;
00839 
00840         if (wpa_s->conf->ap_scan == 0) {
00841                 wpa_supplicant_gen_assoc_event(wpa_s);
00842                 return;
00843         }
00844 
00845         if (wpa_s->wpa_state == WPA_DISCONNECTED ||
00846             wpa_s->wpa_state == WPA_INACTIVE)
00847                 wpa_supplicant_set_state(wpa_s, WPA_SCANNING);
00848 
00849         ssid = wpa_s->conf->ssid;
00850         if (wpa_s->prev_scan_ssid != BROADCAST_SSID_SCAN) {
00851                 while (ssid) {
00852                         if (ssid == wpa_s->prev_scan_ssid) {
00853                                 ssid = ssid->next;
00854                                 break;
00855                         }
00856                         ssid = ssid->next;
00857                 }
00858         }
00859         while (ssid) {
00860                 if (!ssid->disabled &&
00861                     (ssid->scan_ssid || wpa_s->conf->ap_scan == 2))
00862                         break;
00863                 ssid = ssid->next;
00864         }
00865 
00866         if (scan_req != 2 && wpa_s->conf->ap_scan == 2) {
00867                 /*
00868                  * ap_scan=2 mode - try to associate with each SSID instead of
00869                  * scanning for each scan_ssid=1 network.
00870                  */
00871                 if (ssid == NULL)
00872                         return;
00873                 if (ssid->next) {
00874                         /* Continue from the next SSID on the next attempt. */
00875                         wpa_s->prev_scan_ssid = ssid;
00876                 } else {
00877                         /* Start from the beginning of the SSID list. */
00878                         wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
00879                 }
00880                 wpa_supplicant_associate(wpa_s, NULL, ssid);
00881                 return;
00882         }
00883 
00884         wpa_printf(MSG_DEBUG, "Starting AP scan (%s SSID)",
00885                    ssid ? "specific": "broadcast");
00886         if (ssid) {
00887                 wpa_hexdump_ascii(MSG_DEBUG, "Scan SSID",
00888                                   ssid->ssid, ssid->ssid_len);
00889                 wpa_s->prev_scan_ssid = ssid;
00890         } else
00891                 wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
00892 
00893         if (wpa_drv_scan(wpa_s, ssid ? ssid->ssid : NULL,
00894                          ssid ? ssid->ssid_len : 0)) {
00895                 wpa_printf(MSG_WARNING, "Failed to initiate AP scan.");
00896                 wpa_supplicant_req_scan(wpa_s, 10, 0);
00897         }
00898 }
00899 
00900 
00901 static wpa_cipher cipher_suite2driver(int cipher)
00902 {
00903         switch (cipher) {
00904         case WPA_CIPHER_NONE:
00905                 return CIPHER_NONE;
00906         case WPA_CIPHER_WEP40:
00907                 return CIPHER_WEP40;
00908         case WPA_CIPHER_WEP104:
00909                 return CIPHER_WEP104;
00910         case WPA_CIPHER_CCMP:
00911                 return CIPHER_CCMP;
00912         case WPA_CIPHER_TKIP:
00913         default:
00914                 return CIPHER_TKIP;
00915         }
00916 }
00917 
00918 
00919 static wpa_key_mgmt key_mgmt2driver(int key_mgmt)
00920 {
00921         switch (key_mgmt) {
00922         case WPA_KEY_MGMT_NONE:
00923                 return KEY_MGMT_NONE;
00924         case WPA_KEY_MGMT_IEEE8021X_NO_WPA:
00925                 return KEY_MGMT_802_1X_NO_WPA;
00926         case WPA_KEY_MGMT_IEEE8021X:
00927                 return KEY_MGMT_802_1X;
00928         case WPA_KEY_MGMT_WPA_NONE:
00929                 return KEY_MGMT_WPA_NONE;
00930         case WPA_KEY_MGMT_PSK:
00931         default:
00932                 return KEY_MGMT_PSK;
00933         }
00934 }
00935 
00936 
00937 static int wpa_supplicant_suites_from_ai(struct wpa_supplicant *wpa_s,
00938                                          struct wpa_ssid *ssid,
00939                                          struct wpa_ie_data *ie)
00940 {
00941         int ret = wpa_sm_parse_own_wpa_ie(wpa_s->wpa, ie);
00942         if (ret) {
00943                 if (ret == -2) {
00944                         wpa_msg(wpa_s, MSG_INFO, "WPA: Failed to parse WPA IE "
00945                                 "from association info");
00946                 }
00947                 return -1;
00948         }
00949 
00950         wpa_printf(MSG_DEBUG, "WPA: Using WPA IE from AssocReq to set cipher "
00951                    "suites");
00952         if (!(ie->group_cipher & ssid->group_cipher)) {
00953                 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled group "
00954                         "cipher 0x%x (mask 0x%x) - reject",
00955                         ie->group_cipher, ssid->group_cipher);
00956                 return -1;
00957         }
00958         if (!(ie->pairwise_cipher & ssid->pairwise_cipher)) {
00959                 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled pairwise "
00960                         "cipher 0x%x (mask 0x%x) - reject",
00961                         ie->pairwise_cipher, ssid->pairwise_cipher);
00962                 return -1;
00963         }
00964         if (!(ie->key_mgmt & ssid->key_mgmt)) {
00965                 wpa_msg(wpa_s, MSG_INFO, "WPA: Driver used disabled key "
00966                         "management 0x%x (mask 0x%x) - reject",
00967                         ie->key_mgmt, ssid->key_mgmt);
00968                 return -1;
00969         }
00970 
00971         return 0;
00972 }
00973 
00974 
00975 int wpa_supplicant_set_suites(struct wpa_supplicant *wpa_s,
00976                               struct wpa_scan_result *bss,
00977                               struct wpa_ssid *ssid,
00978                               u8 *wpa_ie, size_t *wpa_ie_len)
00979 {
00980         struct wpa_ie_data ie;
00981         int sel, proto;
00982 
00983         if (bss && bss->rsn_ie_len && (ssid->proto & WPA_PROTO_RSN) &&
00984             wpa_parse_wpa_ie(bss->rsn_ie, bss->rsn_ie_len, &ie) == 0 &&
00985             (ie.group_cipher & ssid->group_cipher) &&
00986             (ie.pairwise_cipher & ssid->pairwise_cipher) &&
00987             (ie.key_mgmt & ssid->key_mgmt)) {
00988                 wpa_msg(wpa_s, MSG_DEBUG, "RSN: using IEEE 802.11i/D9.0");
00989                 proto = WPA_PROTO_RSN;
00990         } else if (bss && bss->wpa_ie_len && (ssid->proto & WPA_PROTO_WPA) &&
00991                    wpa_parse_wpa_ie(bss->wpa_ie, bss->wpa_ie_len, &ie) == 0 &&
00992                    (ie.group_cipher & ssid->group_cipher) &&
00993                    (ie.pairwise_cipher & ssid->pairwise_cipher) &&
00994                    (ie.key_mgmt & ssid->key_mgmt)) {
00995                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using IEEE 802.11i/D3.0");
00996                 proto = WPA_PROTO_WPA;
00997         } else if (bss) {
00998                 wpa_msg(wpa_s, MSG_WARNING, "WPA: Failed to select WPA/RSN");
00999                 return -1;
01000         } else {
01001                 if (ssid->proto & WPA_PROTO_RSN)
01002                         proto = WPA_PROTO_RSN;
01003                 else
01004                         proto = WPA_PROTO_WPA;
01005                 if (wpa_supplicant_suites_from_ai(wpa_s, ssid, &ie) < 0) {
01006                         memset(&ie, 0, sizeof(ie));
01007                         ie.group_cipher = ssid->group_cipher;
01008                         ie.pairwise_cipher = ssid->pairwise_cipher;
01009                         ie.key_mgmt = ssid->key_mgmt;
01010                         wpa_printf(MSG_DEBUG, "WPA: Set cipher suites based "
01011                                    "on configuration");
01012                 }
01013         }
01014 
01015         wpa_printf(MSG_DEBUG, "WPA: Selected cipher suites: group %d "
01016                    "pairwise %d key_mgmt %d",
01017                    ie.group_cipher, ie.pairwise_cipher, ie.key_mgmt);
01018 
01019         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PROTO, proto);
01020 
01021         if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, bss ? bss->wpa_ie : NULL,
01022                                  bss ? bss->wpa_ie_len : 0) ||
01023             wpa_sm_set_ap_rsn_ie(wpa_s->wpa, bss ? bss->rsn_ie : NULL,
01024                                  bss ? bss->rsn_ie_len : 0))
01025                 return -1;
01026 
01027         sel = ie.group_cipher & ssid->group_cipher;
01028         if (sel & WPA_CIPHER_CCMP) {
01029                 wpa_s->group_cipher = WPA_CIPHER_CCMP;
01030                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK CCMP");
01031         } else if (sel & WPA_CIPHER_TKIP) {
01032                 wpa_s->group_cipher = WPA_CIPHER_TKIP;
01033                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK TKIP");
01034         } else if (sel & WPA_CIPHER_WEP104) {
01035                 wpa_s->group_cipher = WPA_CIPHER_WEP104;
01036                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP104");
01037         } else if (sel & WPA_CIPHER_WEP40) {
01038                 wpa_s->group_cipher = WPA_CIPHER_WEP40;
01039                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using GTK WEP40");
01040         } else {
01041                 wpa_printf(MSG_WARNING, "WPA: Failed to select group cipher.");
01042                 return -1;
01043         }
01044 
01045         sel = ie.pairwise_cipher & ssid->pairwise_cipher;
01046         if (sel & WPA_CIPHER_CCMP) {
01047                 wpa_s->pairwise_cipher = WPA_CIPHER_CCMP;
01048                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK CCMP");
01049         } else if (sel & WPA_CIPHER_TKIP) {
01050                 wpa_s->pairwise_cipher = WPA_CIPHER_TKIP;
01051                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK TKIP");
01052         } else if (sel & WPA_CIPHER_NONE) {
01053                 wpa_s->pairwise_cipher = WPA_CIPHER_NONE;
01054                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using PTK NONE");
01055         } else {
01056                 wpa_printf(MSG_WARNING, "WPA: Failed to select pairwise "
01057                            "cipher.");
01058                 return -1;
01059         }
01060 
01061         sel = ie.key_mgmt & ssid->key_mgmt;
01062         if (sel & WPA_KEY_MGMT_IEEE8021X) {
01063                 wpa_s->key_mgmt = WPA_KEY_MGMT_IEEE8021X;
01064                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT 802.1X");
01065         } else if (sel & WPA_KEY_MGMT_PSK) {
01066                 wpa_s->key_mgmt = WPA_KEY_MGMT_PSK;
01067                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-PSK");
01068         } else if (sel & WPA_KEY_MGMT_WPA_NONE) {
01069                 wpa_s->key_mgmt = WPA_KEY_MGMT_WPA_NONE;
01070                 wpa_msg(wpa_s, MSG_DEBUG, "WPA: using KEY_MGMT WPA-NONE");
01071         } else {
01072                 wpa_printf(MSG_WARNING, "WPA: Failed to select authenticated "
01073                            "key management type.");
01074                 return -1;
01075         }
01076 
01077         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_KEY_MGMT, wpa_s->key_mgmt);
01078         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_PAIRWISE,
01079                          wpa_s->pairwise_cipher);
01080         wpa_sm_set_param(wpa_s->wpa, WPA_PARAM_GROUP, wpa_s->group_cipher);
01081 
01082         if (wpa_sm_set_assoc_wpa_ie_default(wpa_s->wpa, wpa_ie, wpa_ie_len)) {
01083                 wpa_printf(MSG_WARNING, "WPA: Failed to generate WPA IE.");
01084                 return -1;
01085         }
01086 
01087         if (ssid->key_mgmt & WPA_KEY_MGMT_PSK)
01088                 wpa_sm_set_pmk(wpa_s->wpa, ssid->psk, PMK_LEN);
01089         else
01090                 wpa_sm_set_pmk_from_pmksa(wpa_s->wpa);
01091 
01092         return 0;
01093 }
01094 
01095 
01096 void wpa_supplicant_associate(struct wpa_supplicant *wpa_s,
01097                               struct wpa_scan_result *bss,
01098                               struct wpa_ssid *ssid)
01099 {
01100         u8 wpa_ie[80];
01101         size_t wpa_ie_len;
01102         int use_crypt;
01103         int algs = AUTH_ALG_OPEN_SYSTEM;
01104         int cipher_pairwise, cipher_group;
01105         struct wpa_driver_associate_params params;
01106         int wep_keys_set = 0;
01107         struct wpa_driver_capa capa;
01108 
01109         wpa_s->reassociate = 0;
01110         if (bss) {
01111                 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with " MACSTR
01112                         " (SSID='%s' freq=%d MHz)", MAC2STR(bss->bssid),
01113                         wpa_ssid_txt(bss->ssid, bss->ssid_len), bss->freq);
01114                 memset(wpa_s->bssid, 0, ETH_ALEN);
01115         } else {
01116                 wpa_msg(wpa_s, MSG_INFO, "Trying to associate with SSID '%s'",
01117                         wpa_ssid_txt(ssid->ssid, ssid->ssid_len));
01118         }
01119         wpa_supplicant_cancel_scan(wpa_s);
01120 
01121         /* Starting new association, so clear the possibly used WPA IE from the
01122          * previous association. */
01123         wpa_sm_set_assoc_wpa_ie(wpa_s->wpa, NULL, 0);
01124 
01125         if (ssid->key_mgmt & WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01126                 if (ssid->leap) {
01127                         if (ssid->non_leap == 0)
01128                                 algs = AUTH_ALG_LEAP;
01129                         else
01130                                 algs |= AUTH_ALG_LEAP;
01131                 }
01132         }
01133         wpa_printf(MSG_DEBUG, "Automatic auth_alg selection: 0x%x", algs);
01134         if (ssid->auth_alg) {
01135                 algs = 0;
01136                 if (ssid->auth_alg & WPA_AUTH_ALG_OPEN)
01137                         algs |= AUTH_ALG_OPEN_SYSTEM;
01138                 if (ssid->auth_alg & WPA_AUTH_ALG_SHARED)
01139                         algs |= AUTH_ALG_SHARED_KEY;
01140                 if (ssid->auth_alg & WPA_AUTH_ALG_LEAP)
01141                         algs |= AUTH_ALG_LEAP;
01142                 wpa_printf(MSG_DEBUG, "Overriding auth_alg selection: 0x%x",
01143                            algs);
01144         }
01145         wpa_drv_set_auth_alg(wpa_s, algs);
01146 
01147         if (bss && (bss->wpa_ie_len || bss->rsn_ie_len) &&
01148             (ssid->key_mgmt & (WPA_KEY_MGMT_IEEE8021X | WPA_KEY_MGMT_PSK))) {
01149                 int try_opportunistic;
01150                 try_opportunistic = ssid->proactive_key_caching &&
01151                         (ssid->proto & WPA_PROTO_RSN);
01152                 if (pmksa_cache_set_current(wpa_s->wpa, NULL, bss->bssid,
01153                                             wpa_s->current_ssid,
01154                                             try_opportunistic) == 0)
01155                         eapol_sm_notify_pmkid_attempt(wpa_s->eapol, 1);
01156                 wpa_ie_len = sizeof(wpa_ie);
01157                 if (wpa_supplicant_set_suites(wpa_s, bss, ssid,
01158                                               wpa_ie, &wpa_ie_len)) {
01159                         wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
01160                                    "management and encryption suites");
01161                         return;
01162                 }
01163         } else if (ssid->key_mgmt &
01164                    (WPA_KEY_MGMT_PSK | WPA_KEY_MGMT_IEEE8021X |
01165                     WPA_KEY_MGMT_WPA_NONE)) {
01166                 wpa_ie_len = sizeof(wpa_ie);
01167                 if (wpa_supplicant_set_suites(wpa_s, NULL, ssid,
01168                                               wpa_ie, &wpa_ie_len)) {
01169                         wpa_printf(MSG_WARNING, "WPA: Failed to set WPA key "
01170                                    "management and encryption suites (no scan "
01171                                    "results)");
01172                         return;
01173                 }
01174         } else {
01175                 wpa_supplicant_set_non_wpa_policy(wpa_s, ssid);
01176                 wpa_ie_len = 0;
01177         }
01178 
01179         wpa_clear_keys(wpa_s, bss ? bss->bssid : NULL);
01180         use_crypt = 1;
01181         cipher_pairwise = cipher_suite2driver(wpa_s->pairwise_cipher);
01182         cipher_group = cipher_suite2driver(wpa_s->group_cipher);
01183         if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE ||
01184             wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01185                 int i;
01186                 if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE)
01187                         use_crypt = 0;
01188                 for (i = 0; i < NUM_WEP_KEYS; i++) {
01189                         if (ssid->wep_key_len[i]) {
01190                                 use_crypt = 1;
01191                                 wep_keys_set = 1;
01192                                 wpa_set_wep_key(wpa_s,
01193                                                 i == ssid->wep_tx_keyidx,
01194                                                 i, ssid->wep_key[i],
01195                                                 ssid->wep_key_len[i]);
01196                         }
01197                 }
01198         }
01199 
01200         if (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) {
01201                 if ((ssid->eapol_flags &
01202                      (EAPOL_FLAG_REQUIRE_KEY_UNICAST |
01203                       EAPOL_FLAG_REQUIRE_KEY_BROADCAST)) == 0 &&
01204                     !wep_keys_set) {
01205                         use_crypt = 0;
01206                 } else {
01207                         /* Assume that dynamic WEP-104 keys will be used and
01208                          * set cipher suites in order for drivers to expect
01209                          * encryption. */
01210                         cipher_pairwise = cipher_group = CIPHER_WEP104;
01211                 }
01212         }
01213 
01214         if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
01215                 /* Set the key before (and later after) association */
01216                 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
01217         }
01218 
01219         wpa_drv_set_drop_unencrypted(wpa_s, use_crypt);
01220         wpa_supplicant_set_state(wpa_s, WPA_ASSOCIATING);
01221         memset(&params, 0, sizeof(params));
01222         if (bss) {
01223                 params.bssid = bss->bssid;
01224                 params.ssid = bss->ssid;
01225                 params.ssid_len = bss->ssid_len;
01226                 params.freq = bss->freq;
01227         } else {
01228                 params.ssid = ssid->ssid;
01229                 params.ssid_len = ssid->ssid_len;
01230         }
01231         params.wpa_ie = wpa_ie;
01232         params.wpa_ie_len = wpa_ie_len;
01233         params.pairwise_suite = cipher_pairwise;
01234         params.group_suite = cipher_group;
01235         params.key_mgmt_suite = key_mgmt2driver(wpa_s->key_mgmt);
01236         params.auth_alg = algs;
01237         params.mode = ssid->mode;
01238         if (wpa_drv_associate(wpa_s, &params) < 0) {
01239                 wpa_msg(wpa_s, MSG_INFO, "Association request to the driver "
01240                         "failed");
01241                 /* try to continue anyway; new association will be tried again
01242                  * after timeout */
01243         }
01244 
01245         if (wpa_s->key_mgmt == WPA_KEY_MGMT_WPA_NONE) {
01246                 /* Set the key after the association just in case association
01247                  * cleared the previously configured key. */
01248                 wpa_supplicant_set_wpa_none_key(wpa_s, ssid);
01249                 /* No need to timeout authentication since there is no key
01250                  * management. */
01251                 wpa_supplicant_cancel_auth_timeout(wpa_s);
01252                 wpa_supplicant_set_state(wpa_s, WPA_COMPLETED);
01253         } else {
01254                 /* Timeout for IEEE 802.11 authentication and association */
01255                 wpa_supplicant_req_auth_timeout(wpa_s, wpa_s->conf->ap_scan ==
01256                                                 1 ? 10 : 60, 0);
01257         }
01258 
01259         if (wep_keys_set && wpa_drv_get_capa(wpa_s, &capa) == 0 &&
01260             capa.flags & WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC) {
01261                 /* Set static WEP keys again */
01262                 int i;
01263                 for (i = 0; i < NUM_WEP_KEYS; i++) {
01264                         if (ssid->wep_key_len[i]) {
01265                                 wpa_set_wep_key(wpa_s,
01266                                                 i == ssid->wep_tx_keyidx,
01267                                                 i, ssid->wep_key[i],
01268                                                 ssid->wep_key_len[i]);
01269                         }
01270                 }
01271         }
01272 
01273         wpa_s->current_ssid = ssid;
01274         wpa_sm_set_config(wpa_s->wpa, wpa_s->current_ssid);
01275         wpa_supplicant_initiate_eapol(wpa_s);
01276 }
01277 
01278 
01279 void wpa_supplicant_disassociate(struct wpa_supplicant *wpa_s,
01280                                  int reason_code)
01281 {
01282         u8 *addr = NULL;
01283         wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
01284         if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
01285                 wpa_drv_disassociate(wpa_s, wpa_s->bssid, reason_code);
01286                 addr = wpa_s->bssid;
01287         }
01288         wpa_clear_keys(wpa_s, addr);
01289         wpa_s->current_ssid = NULL;
01290         wpa_sm_set_config(wpa_s->wpa, NULL);
01291         eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
01292         eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
01293         eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
01294 }
01295 
01296 
01297 void wpa_supplicant_deauthenticate(struct wpa_supplicant *wpa_s,
01298                                    int reason_code)
01299 {
01300         u8 *addr = NULL;
01301         wpa_supplicant_set_state(wpa_s, WPA_DISCONNECTED);
01302         if (memcmp(wpa_s->bssid, "\x00\x00\x00\x00\x00\x00", ETH_ALEN) != 0) {
01303                 wpa_drv_deauthenticate(wpa_s, wpa_s->bssid, reason_code);
01304                 addr = wpa_s->bssid;
01305         }
01306         wpa_clear_keys(wpa_s, addr);
01307         wpa_s->current_ssid = NULL;
01308         wpa_sm_set_config(wpa_s->wpa, NULL);
01309         eapol_sm_notify_config(wpa_s->eapol, NULL, NULL);
01310         eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
01311         eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
01312 }
01313 
01314 
01315 int wpa_supplicant_get_scan_results(struct wpa_supplicant *wpa_s)
01316 {
01317 #define SCAN_AP_LIMIT 128
01318         struct wpa_scan_result *results, *tmp;
01319         int num;
01320 
01321         results = malloc(SCAN_AP_LIMIT * sizeof(struct wpa_scan_result));
01322         if (results == NULL) {
01323                 wpa_printf(MSG_WARNING, "Failed to allocate memory for scan "
01324                            "results");
01325                 return -1;
01326         }
01327 
01328         num = wpa_drv_get_scan_results(wpa_s, results, SCAN_AP_LIMIT);
01329         wpa_printf(MSG_DEBUG, "Scan results: %d", num);
01330         if (num < 0) {
01331                 wpa_printf(MSG_DEBUG, "Failed to get scan results");
01332                 free(results);
01333                 return -1;
01334         }
01335         if (num > SCAN_AP_LIMIT) {
01336                 wpa_printf(MSG_INFO, "Not enough room for all APs (%d < %d)",
01337                            num, SCAN_AP_LIMIT);
01338                 num = SCAN_AP_LIMIT;
01339         }
01340 
01341         /* Free unneeded memory for unused scan result entries */
01342         tmp = realloc(results, num * sizeof(struct wpa_scan_result));
01343         if (tmp || num == 0) {
01344                 results = tmp;
01345         }
01346 
01347         free(wpa_s->scan_results);
01348         wpa_s->scan_results = results;
01349         wpa_s->num_scan_results = num;
01350 
01351         return 0;
01352 }
01353 
01354 
01355 #ifndef CONFIG_NO_WPA
01356 static int wpa_get_beacon_ie(struct wpa_supplicant *wpa_s)
01357 {
01358         int i, ret = 0;
01359         struct wpa_scan_result *results, *curr = NULL;
01360 
01361         results = wpa_s->scan_results;
01362         if (results == NULL) {
01363                 return -1;
01364         }
01365 
01366         for (i = 0; i < wpa_s->num_scan_results; i++) {
01367                 if (memcmp(results[i].bssid, wpa_s->bssid, ETH_ALEN) == 0) {
01368                         curr = &results[i];
01369                         break;
01370                 }
01371         }
01372 
01373         if (curr) {
01374                 if (wpa_sm_set_ap_wpa_ie(wpa_s->wpa, curr->wpa_ie,
01375                                          curr->wpa_ie_len) ||
01376                     wpa_sm_set_ap_rsn_ie(wpa_s->wpa, curr->rsn_ie,
01377                                          curr->rsn_ie_len))
01378                         ret = -1;
01379         } else {
01380                 ret = -1;
01381         }
01382 
01383         return ret;
01384 }
01385 
01386 
01387 static int wpa_supplicant_get_beacon_ie(void *ctx)
01388 {
01389         struct wpa_supplicant *wpa_s = ctx;
01390         if (wpa_get_beacon_ie(wpa_s) == 0) {
01391                 return 0;
01392         }
01393 
01394         /* No WPA/RSN IE found in the cached scan results. Try to get updated
01395          * scan results from the driver. */
01396         if (wpa_supplicant_get_scan_results(wpa_s) < 0) {
01397                 return -1;
01398         }
01399 
01400         return wpa_get_beacon_ie(wpa_s);
01401 }
01402 #endif /* CONFIG_NO_WPA */
01403 
01404 
01412 struct wpa_ssid * wpa_supplicant_get_ssid(struct wpa_supplicant *wpa_s)
01413 {
01414         struct wpa_ssid *entry;
01415         u8 ssid[MAX_SSID_LEN];
01416         int ssid_len;
01417         u8 bssid[ETH_ALEN];
01418 
01419         ssid_len = wpa_drv_get_ssid(wpa_s, ssid);
01420         if (ssid_len < 0) {
01421                 wpa_printf(MSG_WARNING, "Could not read SSID from driver.");
01422                 return NULL;
01423         }
01424 
01425         if (wpa_drv_get_bssid(wpa_s, bssid) < 0) {
01426                 wpa_printf(MSG_WARNING, "Could not read BSSID from driver.");
01427                 return NULL;
01428         }
01429 
01430         entry = wpa_s->conf->ssid;
01431         while (entry) {
01432                 if (!entry->disabled &&
01433                     ssid_len == entry->ssid_len &&
01434                     memcmp(ssid, entry->ssid, ssid_len) == 0 &&
01435                     (!entry->bssid_set ||
01436                      memcmp(bssid, entry->bssid, ETH_ALEN) == 0))
01437                         return entry;
01438                 entry = entry->next;
01439         }
01440 
01441         return NULL;
01442 }
01443 
01444 
01445 #ifndef CONFIG_NO_WPA
01446 static u8 * _wpa_alloc_eapol(void *wpa_s, u8 type,
01447                              const void *data, u16 data_len,
01448                              size_t *msg_len, void **data_pos)
01449 {
01450         return wpa_alloc_eapol(wpa_s, type, data, data_len, msg_len, data_pos);
01451 }
01452 
01453 
01454 static int _wpa_ether_send(void *wpa_s, const u8 *dest, u16 proto,
01455                            const u8 *buf, size_t len)
01456 {
01457         return wpa_ether_send(wpa_s, dest, proto, buf, len);
01458 }
01459 
01460 
01461 static void _wpa_supplicant_req_scan(void *wpa_s, int sec, int usec)
01462 {
01463         wpa_supplicant_req_scan(wpa_s, sec, usec);
01464 }
01465 
01466 
01467 static void _wpa_supplicant_cancel_auth_timeout(void *wpa_s)
01468 {
01469         wpa_supplicant_cancel_auth_timeout(wpa_s);
01470 }
01471 
01472 
01473 static void _wpa_supplicant_set_state(void *wpa_s, wpa_states state)
01474 {
01475         wpa_supplicant_set_state(wpa_s, state);
01476 }
01477 
01478 
01479 static wpa_states _wpa_supplicant_get_state(void *wpa_s)
01480 {
01481         return wpa_supplicant_get_state(wpa_s);
01482 }
01483 
01484 
01485 static void _wpa_supplicant_disassociate(void *wpa_s, int reason_code)
01486 {
01487         wpa_supplicant_disassociate(wpa_s, reason_code);
01488 }
01489 
01490 
01491 static void _wpa_supplicant_deauthenticate(void *wpa_s, int reason_code)
01492 {
01493         wpa_supplicant_deauthenticate(wpa_s, reason_code);
01494 }
01495 
01496 
01497 static struct wpa_ssid * _wpa_supplicant_get_ssid(void *wpa_s)
01498 {
01499         return wpa_supplicant_get_ssid(wpa_s);
01500 }
01501 
01502 
01503 static int wpa_supplicant_get_bssid(void *wpa_s, u8 *bssid)
01504 {
01505         return wpa_drv_get_bssid(wpa_s, bssid);
01506 }
01507 
01508 
01509 static int wpa_supplicant_set_key(void *wpa_s, wpa_alg alg,
01510                                   const u8 *addr, int key_idx, int set_tx,
01511                                   const u8 *seq, size_t seq_len,
01512                                   const u8 *key, size_t key_len)
01513 {
01514         return wpa_drv_set_key(wpa_s, alg, addr, key_idx, set_tx, seq, seq_len,
01515                                key, key_len);
01516 }
01517 
01518 
01519 static int wpa_supplicant_add_pmkid(void *wpa_s,
01520                                     const u8 *bssid, const u8 *pmkid)
01521 {
01522         return wpa_drv_add_pmkid(wpa_s, bssid, pmkid);
01523 }
01524 
01525 
01526 static int wpa_supplicant_remove_pmkid(void *wpa_s,
01527                                        const u8 *bssid, const u8 *pmkid)
01528 {
01529         return wpa_drv_remove_pmkid(wpa_s, bssid, pmkid);
01530 }
01531 #endif /* CONFIG_NO_WPA */
01532 
01533 
01534 static int wpa_supplicant_set_driver(struct wpa_supplicant *wpa_s,
01535                                      const char *name)
01536 {
01537         int i;
01538 
01539         if (wpa_s == NULL)
01540                 return -1;
01541 
01542         if (wpa_supplicant_drivers[0] == NULL) {
01543                 wpa_printf(MSG_ERROR, "No driver interfaces build into "
01544                            "wpa_supplicant.");
01545                 return -1;
01546         }
01547 
01548         if (name == NULL) {
01549                 /* default to first driver in the list */
01550                 wpa_s->driver = wpa_supplicant_drivers[0];
01551                 return 0;
01552         }
01553 
01554         for (i = 0; wpa_supplicant_drivers[i]; i++) {
01555                 if (strcmp(name, wpa_supplicant_drivers[i]->name) == 0) {
01556                         wpa_s->driver = wpa_supplicant_drivers[i];
01557                         return 0;
01558                 }
01559         }
01560 
01561         printf("Unsupported driver '%s'.\n", name);
01562         return -1;
01563 }
01564 
01565 
01566 void wpa_supplicant_rx_eapol(void *ctx, const u8 *src_addr,
01567                              const u8 *buf, size_t len)
01568 {
01569         struct wpa_supplicant *wpa_s = ctx;
01570 
01571         wpa_printf(MSG_DEBUG, "RX EAPOL from " MACSTR, MAC2STR(src_addr));
01572         wpa_hexdump(MSG_MSGDUMP, "RX EAPOL", buf, len);
01573 
01574         if (wpa_s->key_mgmt == WPA_KEY_MGMT_NONE) {
01575                 wpa_printf(MSG_DEBUG, "Ignored received EAPOL frame since "
01576                            "no key management is configured");
01577                 return;
01578         }
01579 
01580         if (wpa_s->eapol_received == 0) {
01581                 /* Timeout for completing IEEE 802.1X and WPA authentication */
01582                 wpa_supplicant_req_auth_timeout(
01583                         wpa_s,
01584                         (wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X ||
01585                          wpa_s->key_mgmt == WPA_KEY_MGMT_IEEE8021X_NO_WPA) ?
01586                         70 : 10, 0);
01587         }
01588         wpa_s->eapol_received++;
01589 
01590         if (wpa_s->countermeasures) {
01591                 wpa_printf(MSG_INFO, "WPA: Countermeasures - dropped EAPOL "
01592                            "packet");
01593                 return;
01594         }
01595 
01596         /* Source address of the incoming EAPOL frame could be compared to the
01597          * current BSSID. However, it is possible that a centralized
01598          * Authenticator could be using another MAC address than the BSSID of
01599          * an AP, so just allow any address to be used for now. The replies are
01600          * still sent to the current BSSID (if available), though. */
01601 
01602         memcpy(wpa_s->last_eapol_src, src_addr, ETH_ALEN);
01603         if (wpa_s->key_mgmt != WPA_KEY_MGMT_PSK &&
01604             eapol_sm_rx_eapol(wpa_s->eapol, src_addr, buf, len) > 0)
01605                 return;
01606         wpa_drv_poll(wpa_s);
01607         wpa_sm_rx_eapol(wpa_s->wpa, src_addr, buf, len);
01608 }
01609 
01610 
01611 int wpa_supplicant_driver_init(struct wpa_supplicant *wpa_s,
01612                                int wait_for_interface)
01613 {
01614         static int interface_count = 0;
01615 
01616         for (;;) {
01617                 if (wpa_s->driver->send_eapol) {
01618                         const u8 *addr = wpa_drv_get_mac_addr(wpa_s);
01619                         if (addr)
01620                                 memcpy(wpa_s->own_addr, addr, ETH_ALEN);
01621                         break;
01622                 }
01623                 wpa_s->l2 = l2_packet_init(wpa_s->ifname,
01624                                            wpa_drv_get_mac_addr(wpa_s),
01625                                            ETH_P_EAPOL,
01626                                            wpa_supplicant_rx_eapol, wpa_s, 0);
01627                 if (wpa_s->l2)
01628                         break;
01629                 else if (!wait_for_interface)
01630                         return -1;
01631                 printf("Waiting for interface..\n");
01632                 sleep(5);
01633         }
01634 
01635         if (wpa_s->l2 && l2_packet_get_own_addr(wpa_s->l2, wpa_s->own_addr)) {
01636                 fprintf(stderr, "Failed to get own L2 address\n");
01637                 return -1;
01638         }
01639 
01640         wpa_printf(MSG_DEBUG, "Own MAC address: " MACSTR,
01641                    MAC2STR(wpa_s->own_addr));
01642 
01643         /* Backwards compatibility call to set_wpa() handler. This is called
01644          * only just after init and just before deinit, so these handler can be
01645          * used to implement same functionality. */
01646         if (wpa_drv_set_wpa(wpa_s, 1) < 0) {
01647                 struct wpa_driver_capa capa;
01648                 if (wpa_drv_get_capa(wpa_s, &capa) < 0 ||
01649                     !(capa.flags & (WPA_DRIVER_CAPA_KEY_MGMT_WPA |
01650                                     WPA_DRIVER_CAPA_KEY_MGMT_WPA2))) {
01651                         wpa_printf(MSG_DEBUG, "Driver does not support WPA.");
01652                         /* Continue to allow non-WPA modes to be used. */
01653                 } else {
01654                         fprintf(stderr, "Failed to enable WPA in the "
01655                                 "driver.\n");
01656                         return -1;
01657                 }
01658         }
01659 
01660         wpa_clear_keys(wpa_s, NULL);
01661 
01662         /* Make sure that TKIP countermeasures are not left enabled (could
01663          * happen if wpa_supplicant is killed during countermeasures. */
01664         wpa_drv_set_countermeasures(wpa_s, 0);
01665 
01666         wpa_drv_set_drop_unencrypted(wpa_s, 1);
01667 
01668         wpa_s->prev_scan_ssid = BROADCAST_SSID_SCAN;
01669         wpa_supplicant_req_scan(wpa_s, interface_count, 100000);
01670         interface_count++;
01671 
01672         return 0;
01673 }
01674 
01675 
01676 static int wpa_supplicant_daemon(const char *pid_file)
01677 {
01678         wpa_printf(MSG_DEBUG, "Daemonize..");
01679         if (daemon(0, 0)) {
01680                 perror("daemon");
01681                 return -1;
01682         }
01683 
01684         if (pid_file) {
01685                 FILE *f = fopen(pid_file, "w");
01686                 if (f) {
01687                         fprintf(f, "%u\n", getpid());
01688                         fclose(f);
01689                 }
01690         }
01691 
01692         return 0;
01693 }
01694 
01695 
01696 static struct wpa_supplicant * wpa_supplicant_alloc(void)
01697 {
01698         struct wpa_supplicant *wpa_s;
01699 
01700         wpa_s = malloc(sizeof(*wpa_s));
01701         if (wpa_s == NULL)
01702                 return NULL;
01703         memset(wpa_s, 0, sizeof(*wpa_s));
01704         wpa_s->ctrl_sock = -1;
01705         wpa_s->scan_req = 1;
01706 
01707         return wpa_s;
01708 }
01709 
01710 
01711 static int wpa_supplicant_init_iface(struct wpa_supplicant *wpa_s,
01712                                      struct wpa_interface *iface)
01713 {
01714         wpa_printf(MSG_DEBUG, "Initializing interface '%s' conf '%s' driver "
01715                    "'%s' ctrl_interface '%s'", iface->ifname,
01716                    iface->confname ? iface->confname : "N/A",
01717                    iface->driver ? iface->driver : "default",
01718                    iface->ctrl_interface ? iface->ctrl_interface : "N/A");
01719 
01720         if (wpa_supplicant_set_driver(wpa_s, iface->driver) < 0) {
01721                 return -1;
01722         }
01723 
01724         if (iface->confname) {
01725                 wpa_s->confname = rel2abs_path(iface->confname);
01726                 if (wpa_s->confname == NULL) {
01727                         wpa_printf(MSG_ERROR, "Failed to get absolute path "
01728                                    "for configuration file '%s'.",
01729                                    iface->confname);
01730                         return -1;
01731                 }
01732                 wpa_printf(MSG_DEBUG, "Configuration file '%s' -> '%s'",
01733                            iface->confname, wpa_s->confname);
01734                 wpa_s->conf = wpa_config_read(wpa_s->confname);
01735                 if (wpa_s->conf == NULL) {
01736                         printf("Failed to read configuration file '%s'.\n",
01737                                wpa_s->confname);
01738                         return -1;
01739                 }
01740 
01741                 /*
01742                  * Override ctrl_interface and driver_param if set on command
01743                  * line.
01744                  */
01745                 if (iface->ctrl_interface) {
01746                         free(wpa_s->conf->ctrl_interface);
01747                         wpa_s->conf->ctrl_interface =
01748                                 strdup(iface->ctrl_interface);
01749                 }
01750 
01751                 if (iface->driver_param) {
01752                         free(wpa_s->conf->driver_param);
01753                         wpa_s->conf->driver_param =
01754                                 strdup(iface->driver_param);
01755                 }
01756         } else
01757                 wpa_s->conf = wpa_config_alloc_empty(iface->ctrl_interface,
01758                                                      iface->driver_param);
01759 
01760         if (wpa_s->conf == NULL) {
01761                 printf("\nNo configuration found.\n");
01762                 return -1;
01763         }
01764 
01765         if (iface->ifname == NULL) {
01766                 printf("\nInterface name is required.\n");
01767                 return -1;
01768         }
01769         if (strlen(iface->ifname) >= sizeof(wpa_s->ifname)) {
01770                 printf("Too long interface name '%s'.\n", iface->ifname);
01771                 return -1;
01772         }
01773         strncpy(wpa_s->ifname, iface->ifname, sizeof(wpa_s->ifname));
01774 
01775         return 0;
01776 }
01777 
01778 
01779 static int wpa_supplicant_init_eapol(struct wpa_supplicant *wpa_s)
01780 {
01781 #ifdef IEEE8021X_EAPOL
01782         struct eapol_ctx *ctx;
01783         ctx = malloc(sizeof(*ctx));
01784         if (ctx == NULL) {
01785                 printf("Failed to allocate EAPOL context.\n");
01786                 return -1;
01787         }
01788 
01789         memset(ctx, 0, sizeof(*ctx));
01790         ctx->ctx = wpa_s;
01791         ctx->msg_ctx = wpa_s;
01792         ctx->eapol_send_ctx = wpa_s;
01793         ctx->preauth = 0;
01794         ctx->eapol_done_cb = wpa_supplicant_notify_eapol_done;
01795         ctx->eapol_send = wpa_supplicant_eapol_send;
01796         ctx->set_wep_key = wpa_eapol_set_wep_key;
01797         ctx->set_config_blob = wpa_supplicant_set_config_blob;
01798         ctx->get_config_blob = wpa_supplicant_get_config_blob;
01799         ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path;
01800         ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path;
01801         ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path;
01802         wpa_s->eapol = eapol_sm_init(ctx);
01803         if (wpa_s->eapol == NULL) {
01804                 free(ctx);
01805                 printf("Failed to initialize EAPOL state machines.\n");
01806                 return -1;
01807         }
01808 #endif /* IEEE8021X_EAPOL */
01809 
01810         return 0;
01811 }
01812 
01813 
01814 static int wpa_supplicant_init_wpa(struct wpa_supplicant *wpa_s)
01815 {
01816 #ifndef CONFIG_NO_WPA
01817         struct wpa_sm_ctx *ctx;
01818         ctx = malloc(sizeof(*ctx));
01819         if (ctx == NULL) {
01820                 printf("Failed to allocate WPA context.\n");
01821                 return -1;
01822         }
01823 
01824         memset(ctx, 0, sizeof(*ctx));
01825         ctx->ctx = wpa_s;
01826         ctx->set_state = _wpa_supplicant_set_state;
01827         ctx->get_state = _wpa_supplicant_get_state;
01828         ctx->req_scan = _wpa_supplicant_req_scan;
01829         ctx->deauthenticate = _wpa_supplicant_deauthenticate;
01830         ctx->disassociate = _wpa_supplicant_disassociate;
01831         ctx->set_key = wpa_supplicant_set_key;
01832         ctx->scan = wpa_supplicant_scan;
01833         ctx->get_ssid = _wpa_supplicant_get_ssid;
01834         ctx->get_bssid = wpa_supplicant_get_bssid;
01835         ctx->ether_send = _wpa_ether_send;
01836         ctx->get_beacon_ie = wpa_supplicant_get_beacon_ie;
01837         ctx->alloc_eapol = _wpa_alloc_eapol;
01838         ctx->cancel_auth_timeout = _wpa_supplicant_cancel_auth_timeout;
01839         ctx->add_pmkid = wpa_supplicant_add_pmkid;
01840         ctx->remove_pmkid = wpa_supplicant_remove_pmkid;
01841         ctx->set_config_blob = wpa_supplicant_set_config_blob;
01842         ctx->get_config_blob = wpa_supplicant_get_config_blob;
01843 
01844         wpa_s->wpa = wpa_sm_init(ctx);
01845         if (wpa_s->wpa == NULL) {
01846                 fprintf(stderr, "Failed to initialize WPA state machine\n");
01847                 return -1;
01848         }
01849 #endif /* CONFIG_NO_WPA */
01850 
01851         return 0;
01852 }
01853 
01854 
01855 static int wpa_supplicant_init_iface2(struct wpa_supplicant *wpa_s,
01856                                       int wait_for_interface)
01857 {
01858         const char *ifname;
01859 
01860         wpa_printf(MSG_DEBUG, "Initializing interface (2) '%s'",
01861                    wpa_s->ifname);
01862 
01863         if (wpa_supplicant_init_eapol(wpa_s) < 0)
01864                 return -1;
01865 
01866         /* RSNA Supplicant Key Management - INITIALIZE */
01867         eapol_sm_notify_portEnabled(wpa_s->eapol, FALSE);
01868         eapol_sm_notify_portValid(wpa_s->eapol, FALSE);
01869 
01870         /* Initialize driver interface and register driver event handler before
01871          * L2 receive handler so that association events are processed before
01872          * EAPOL-Key packets if both become available for the same select()
01873          * call. */
01874         wpa_s->drv_priv = wpa_drv_init(wpa_s, wpa_s->ifname);
01875         if (wpa_s->drv_priv == NULL) {
01876                 fprintf(stderr, "Failed to initialize driver interface\n");
01877                 return -1;
01878         }
01879         if (wpa_drv_set_param(wpa_s, wpa_s->conf->driver_param) < 0) {
01880                 fprintf(stderr, "Driver interface rejected driver_param "
01881                         "'%s'\n", wpa_s->conf->driver_param);
01882                 return -1;
01883         }
01884 
01885         ifname = wpa_drv_get_ifname(wpa_s);
01886         if (ifname && strcmp(ifname, wpa_s->ifname) != 0) {
01887                 wpa_printf(MSG_DEBUG, "Driver interface replaced interface "
01888                            "name with '%s'", ifname);
01889                 strncpy(wpa_s->ifname, ifname, sizeof(wpa_s->ifname));
01890         }
01891 
01892         if (wpa_supplicant_init_wpa(wpa_s) < 0)
01893                 return -1;
01894 
01895         wpa_sm_set_ifname(wpa_s->wpa, wpa_s->ifname);
01896         wpa_sm_set_fast_reauth(wpa_s->wpa, wpa_s->conf->fast_reauth);
01897         wpa_sm_set_eapol(wpa_s->wpa, wpa_s->eapol);
01898 
01899         if (wpa_s->conf->dot11RSNAConfigPMKLifetime &&
01900             wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_LIFETIME,
01901                              wpa_s->conf->dot11RSNAConfigPMKLifetime)) {
01902                 fprintf(stderr, "Invalid WPA parameter value for "
01903                         "dot11RSNAConfigPMKLifetime\n");
01904                 return -1;
01905         }
01906 
01907         if (wpa_s->conf->dot11RSNAConfigPMKReauthThreshold &&
01908             wpa_sm_set_param(wpa_s->wpa, RSNA_PMK_REAUTH_THRESHOLD,
01909                              wpa_s->conf->dot11RSNAConfigPMKReauthThreshold)) {
01910                 fprintf(stderr, "Invalid WPA parameter value for "
01911                         "dot11RSNAConfigPMKReauthThreshold\n");
01912                 return -1;
01913         }
01914 
01915         if (wpa_s->conf->dot11RSNAConfigSATimeout &&
01916             wpa_sm_set_param(wpa_s->wpa, RSNA_SA_TIMEOUT,
01917                              wpa_s->conf->dot11RSNAConfigSATimeout)) {
01918                 fprintf(stderr, "Invalid WPA parameter value for "
01919                         "dot11RSNAConfigSATimeout\n");
01920                 return -1;
01921         }
01922 
01923         if (wpa_supplicant_driver_init(wpa_s, wait_for_interface) < 0) {
01924                 return -1;
01925         }
01926         wpa_sm_set_own_addr(wpa_s->wpa, wpa_s->own_addr);
01927 
01928         if (wpa_supplicant_ctrl_iface_init(wpa_s)) {
01929                 printf("Failed to initialize control interface '%s'.\n"
01930                        "You may have another wpa_supplicant process already "
01931                        "running or the file was\n"
01932                        "left by an unclean termination of wpa_supplicant in "
01933                        "which case you will need\n"
01934                        "to manually remove this file before starting "
01935                        "wpa_supplicant again.\n",
01936                        wpa_s->conf->ctrl_interface);
01937                 return -1;
01938         }
01939 
01940         return 0;
01941 }
01942 
01943 
01944 static void wpa_supplicant_deinit_iface(struct wpa_supplicant *wpa_s)
01945 {
01946         if (wpa_s->drv_priv) {
01947                 wpa_supplicant_deauthenticate(wpa_s, REASON_DEAUTH_LEAVING);
01948 
01949                 /* Backwards compatibility call to set_wpa() handler. This is
01950                  * called only just after init and just before deinit, so these
01951                  * handler can be used to implement same functionality. */
01952                 if (wpa_drv_set_wpa(wpa_s, 0) < 0) {
01953                         fprintf(stderr, "Failed to disable WPA in the "
01954                                 "driver.\n");
01955                 }
01956 
01957                 wpa_drv_set_drop_unencrypted(wpa_s, 0);
01958                 wpa_drv_set_countermeasures(wpa_s, 0);
01959                 wpa_clear_keys(wpa_s, NULL);
01960 
01961                 wpa_drv_deinit(wpa_s);
01962         }
01963         wpa_supplicant_cleanup(wpa_s);
01964 }
01965 
01966 
01980 struct wpa_supplicant * wpa_supplicant_add_iface(struct wpa_global *global,
01981                                                  struct wpa_interface *iface)
01982 {
01983         struct wpa_supplicant *wpa_s;
01984 
01985         if (global == NULL || iface == NULL)
01986                 return NULL;
01987 
01988         wpa_s = wpa_supplicant_alloc();
01989         if (wpa_s == NULL)
01990                 return NULL;
01991 
01992         if (wpa_supplicant_init_iface(wpa_s, iface) ||
01993             wpa_supplicant_init_iface2(wpa_s,
01994                                        global->params.wait_for_interface)) {
01995                 wpa_printf(MSG_DEBUG, "Failed to add interface %s",
01996                            iface->ifname);
01997                 wpa_supplicant_deinit_iface(wpa_s);
01998                 free(wpa_s);
01999                 return NULL;
02000         }
02001 
02002         wpa_s->global = global;
02003         wpa_s->next = global->ifaces;
02004         global->ifaces = wpa_s;
02005 
02006         wpa_printf(MSG_DEBUG, "Added interface %s", wpa_s->ifname);
02007 
02008         return wpa_s;
02009 }
02010 
02011 
02024 int wpa_supplicant_remove_iface(struct wpa_global *global,
02025                                 struct wpa_supplicant *wpa_s)
02026 {
02027         struct wpa_supplicant *prev;
02028 
02029         /* Remove interface from the global list of interfaces */
02030         prev = global->ifaces;
02031         if (prev == wpa_s) {
02032                 global->ifaces = wpa_s->next;
02033         } else {
02034                 while (prev && prev->next != wpa_s)
02035                         prev = prev->next;
02036                 if (prev == NULL)
02037                         return -1;
02038                 prev->next = wpa_s->next;
02039         }
02040 
02041         wpa_printf(MSG_DEBUG, "Removing interface %s", wpa_s->ifname);
02042 
02043         wpa_supplicant_deinit_iface(wpa_s);
02044         free(wpa_s);
02045 
02046         return 0;
02047 }
02048 
02049 
02057 struct wpa_supplicant * wpa_supplicant_get_iface(struct wpa_global *global,
02058                                                  const char *ifname)
02059 {
02060         struct wpa_supplicant *wpa_s;
02061 
02062         for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next) {
02063                 if (strcmp(wpa_s->ifname, ifname) == 0)
02064                         return wpa_s;
02065         }
02066         return NULL;
02067 }
02068 
02069 
02080 struct wpa_global * wpa_supplicant_init(struct wpa_params *params)
02081 {
02082         struct wpa_global *global;
02083 
02084         if (params == NULL)
02085                 return NULL;
02086         global = malloc(sizeof(*global));
02087         if (global == NULL)
02088                 return NULL;
02089         memset(global, 0, sizeof(*global));
02090         global->params.daemonize = params->daemonize;
02091         global->params.wait_for_interface = params->wait_for_interface;
02092         global->params.wait_for_monitor = params->wait_for_monitor;
02093         if (params->pid_file)
02094                 global->params.pid_file = strdup(params->pid_file);
02095         if (params->ctrl_interface)
02096                 global->params.ctrl_interface = strdup(params->ctrl_interface);
02097         wpa_debug_level = global->params.wpa_debug_level =
02098                 params->wpa_debug_level;
02099         wpa_debug_show_keys = global->params.wpa_debug_show_keys =
02100                 params->wpa_debug_show_keys;
02101         wpa_debug_timestamp = global->params.wpa_debug_timestamp =
02102                 params->wpa_debug_timestamp;
02103 
02104         eloop_init(global);
02105 
02106         if (wpa_supplicant_global_ctrl_iface_init(global)) {
02107                 eloop_destroy();
02108                 return NULL;
02109         }
02110 
02111         if (global->params.wait_for_interface && global->params.daemonize &&
02112             wpa_supplicant_daemon(global->params.pid_file)) {
02113                 eloop_destroy();
02114                 return NULL;
02115         }
02116 
02117         return global;
02118 }
02119 
02120 
02131 int wpa_supplicant_run(struct wpa_global *global)
02132 {
02133         struct wpa_supplicant *wpa_s;
02134 
02135         if (!global->params.wait_for_interface && global->params.daemonize &&
02136             wpa_supplicant_daemon(global->params.pid_file))
02137                 return -1;
02138 
02139         if (global->params.wait_for_monitor) {
02140                 for (wpa_s = global->ifaces; wpa_s; wpa_s = wpa_s->next)
02141                         wpa_supplicant_ctrl_iface_wait(wpa_s);
02142         }
02143 
02144         eloop_register_signal(SIGINT, wpa_supplicant_terminate, NULL);
02145         eloop_register_signal(SIGTERM, wpa_supplicant_terminate, NULL);
02146 #ifndef CONFIG_NATIVE_WINDOWS
02147         eloop_register_signal(SIGHUP, wpa_supplicant_reconfig, NULL);
02148 #endif /* CONFIG_NATIVE_WINDOWS */
02149 
02150         eloop_run();
02151 
02152         return 0;
02153 }
02154 
02155 
02164 void wpa_supplicant_deinit(struct wpa_global *global)
02165 {
02166         if (global == NULL)
02167                 return;
02168 
02169         while (global->ifaces)
02170                 wpa_supplicant_remove_iface(global, global->ifaces);
02171 
02172         wpa_supplicant_global_ctrl_iface_deinit(global);
02173 
02174         eloop_destroy();
02175 
02176         if (global->params.pid_file) {
02177                 unlink(global->params.pid_file);
02178                 free(global->params.pid_file);
02179         }
02180         free(global->params.ctrl_interface);
02181 
02182         free(global);
02183 }
02184 

Generated on Mon Nov 21 20:50:44 2005 for wpa_supplicant by  doxygen 1.4.2